[openssl-users] library result doesn't look right

Jakob Bohm jb-openssl at wisemo.com
Tue Jun 21 10:06:26 UTC 2016 

On 20/06/2016 22:25, Yoom Nguyen wrote:
> Greetings Everyone,
>
>
> I recent download and compiled a new version openssl-1.0.2h.tar   than what came with RedHat distribution.
>
> successfully compile and test.  Using the following options
> export CFLAGS="-fPIC"
> ./config shared enable-ec_nistp_64_gcc_128  no-ssl2 no-ssl3 --openssldir=/usr/local/openssl -DOPENSSL_USE_IPV6=0
>
>
> I am concern whether I have used and compiled correct information or Not.  I am not seeing any library that would indicate version .2h
> They all show libcrypto.so.1.0.0 and libssl.so.1.0.0
>
>
> Are they the correct results?
>
>
>
>  From this directory /usr/local/openssl/lib
> I do not see any libcrypto.... libarary that would refer to version 1.0.2?????
> all of them is 1.0.0....
>
> Are these correct results.
>
> [root at web1 lib]# ls -l
> total 8544
> drwxr-xr-x. 2 root root    4096 Jun 20 15:16 engines
> -rw-r--r--. 1 root root 4658450 Jun 20 15:16 libcrypto.a
> lrwxrwxrwx. 1 root root      18 Jun 20 15:16 libcrypto.so -> libcrypto.so.1.0.0
> -r-xr-xr-x. 1 root root 2817780 Jun 20 15:16 libcrypto.so.1.0.0
> -rw-r--r--. 1 root root  753560 Jun 20 15:16 libssl.a
> lrwxrwxrwx. 1 root root      15 Jun 20 15:16 libssl.so -> libssl.so.1.0.0
> -r-xr-xr-x. 1 root root  509261 Jun 20 15:16 libssl.so.1.0.0
> drwxr-xr-x. 2 root root      58 Apr 12  2015 pkgconfig
>
>
>
> My server is running redhat 7 and I see these different version.
> [root at web1 lib]# ls -alt /lib64/libcrypto*
> lrwxrwxrwx. 1 root root      19 Apr  9  2015 /lib64/libcrypto.so.6 -> libcrypto.so.0.9.8e
> lrwxrwxrwx. 1 root root      19 Apr  9  2015 /lib64/libcrypto.so.10 -> libcrypto.so.1.0.1e
> -rwxr-xr-x. 1 root root 2013048 Jan 15  2015 /lib64/libcrypto.so.1.0.1e
> -rwxr-xr-x. 1 root root 1440048 Jun  3  2014 /lib64/libcrypto.so.0.9.8e
>
>
> Is there a document for compiling and integrating a new OPENSSL release for and existing Redhat 7 EN OS some where?
>
>
> Thanks,
> Y

Yes, the OpenSSL team pretends that all the 1.0.Xx versions are binary
compatible and should be installed as libcrypto.so.1.0.0 .

In reality, this is not entirely true, since at least one flag bits
passed as a top level parameter have changed between the various
1.0.x patch versions.

You can override their policy by changing one or two settings in the top
level Makefile.

Enjoy

Jakob
-- 
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list