Question about OpenSSL 3.0 and static linking
Matt Caswell
matt at openssl.org
Tue Feb 22 11:16:28 UTC 2022
On 22/02/2022 07:54, pauli at openssl.org wrote:
> There is a define to allow this: STATIC_LEGACY but I don't remember how
> to specify it on the configuration command line.
> We should probably turn this on in a no-shared build.
Configure with "no-module".
Matt
>
>
> Pauli
>
> On 22/2/22 5:37 pm, Shunichi Shinohara wrote:
>> Hi List,
>>
>> I have a question about OpenSSL 3.0 and static linking.
>>
>> Short version: Is it possible to include the legacy provider in
>> libcrypt.a?
>>
>> Somewhat long version below.
>> As a background of the question I'm using OpenSSL with Erlang/OTP [1]
>> on Linux
>> and want to static link OpenSSL library. With OpenSSL 1.1.1, it works
>> nice,
>> but I couldn't make it work well with OpenSSL 3.0.1.
>>
>> Build steps:
>>
>> curl -LO https://www.openssl.org/source/openssl-3.0.1.tar.gz
>> tar xvfz openssl-3.0.1.tar.gz
>> cd openssl-3.0.1
>> ./config --prefix=$HOME/local/openssl-3.0.1 no-shared
>> make -j && make install_sw
>>
>> After Building Erlang/OTP with it and moving
>> $HOME/local/openssl-3.0.1/lib64 to
>> $HOME/tmp, my (Erlang) code fails at OSSL_PROVIDER_load(NULL, "legacy"):
>> https://github.com/erlang/otp/blob/OTP-25.0-rc1/lib/crypto/c_src/crypto.c#L224
>>
>>
>> What I found are:
>> - there are two library files under $HOME/local/openssl-3.0.1/lib64,
>> libcrypt.a
>> and ossl-modules/legacy.so, and
>> - if I pass the environment variable OPENSSL_MODULES=$HOME/tmp in
>> launching Erlang,
>> all work well.
>>
>> https://github.com/openssl/openssl/blob/b19fcc66d382357617744690dc3363947de2cb6f/doc/man3/OSSL_PROVIDER.pod
>>
>>
>> So, copying legacy.so and adding an environment variable can be an
>> option.
>> Before going with the option, I want to confirm whether including
>> legacy in
>> libcrypt.a in possible or not.
>>
>> [1] https://www.erlang.org/
>>
>> Thanks in advance!
>> Shino
>>
>
More information about the openssl-users
mailing list