Question about OpenSSL 3.0 and static linking
pauli at openssl.org
pauli at openssl.org
Tue Feb 22 07:54:36 UTC 2022
There is a define to allow this: STATIC_LEGACY but I don't remember how
to specify it on the configuration command line.
We should probably turn this on in a no-shared build.
Pauli
On 22/2/22 5:37 pm, Shunichi Shinohara wrote:
> Hi List,
>
> I have a question about OpenSSL 3.0 and static linking.
>
> Short version: Is it possible to include the legacy provider in libcrypt.a?
>
> Somewhat long version below.
> As a background of the question I'm using OpenSSL with Erlang/OTP [1] on Linux
> and want to static link OpenSSL library. With OpenSSL 1.1.1, it works nice,
> but I couldn't make it work well with OpenSSL 3.0.1.
>
> Build steps:
>
> curl -LO https://www.openssl.org/source/openssl-3.0.1.tar.gz
> tar xvfz openssl-3.0.1.tar.gz
> cd openssl-3.0.1
> ./config --prefix=$HOME/local/openssl-3.0.1 no-shared
> make -j && make install_sw
>
> After Building Erlang/OTP with it and moving $HOME/local/openssl-3.0.1/lib64 to
> $HOME/tmp, my (Erlang) code fails at OSSL_PROVIDER_load(NULL, "legacy"):
> https://github.com/erlang/otp/blob/OTP-25.0-rc1/lib/crypto/c_src/crypto.c#L224
>
> What I found are:
> - there are two library files under $HOME/local/openssl-3.0.1/lib64, libcrypt.a
> and ossl-modules/legacy.so, and
> - if I pass the environment variable OPENSSL_MODULES=$HOME/tmp in
> launching Erlang,
> all work well.
> https://github.com/openssl/openssl/blob/b19fcc66d382357617744690dc3363947de2cb6f/doc/man3/OSSL_PROVIDER.pod
>
> So, copying legacy.so and adding an environment variable can be an option.
> Before going with the option, I want to confirm whether including legacy in
> libcrypt.a in possible or not.
>
> [1] https://www.erlang.org/
>
> Thanks in advance!
> Shino
>
More information about the openssl-users
mailing list