Question about OpenSSL 3.0 and static linking

Shunichi Shinohara shino.shun at gmail.com
Thu Feb 24 00:59:25 UTC 2022 

Thank you very much for your quick and great replies, Pauli, Richard and Matt!!

>     ./config --prefix=$HOME/local/openssl-3.0.1 no-shared no-module

With this options, it works perfectly!

Thanks again,
Shino

2022年2月22日(火) 17:46 Richard Levitte <levitte at openssl.org>:
>
> 'no-module' will do what you want.  I noticed, though, that the
> documentation in INSTALL.md isn't entirely clear on what that does.
>
>     ./config --prefix=$HOME/local/openssl-3.0.1 no-shared no-module
>
> Cheers,
> Richard
>
> On Tue, 22 Feb 2022 07:37:03 +0100,
> Shunichi Shinohara wrote:
> >
> > Hi List,
> >
> > I have a question about OpenSSL 3.0 and static linking.
> >
> > Short version: Is it possible to include the legacy provider in libcrypt.a?
> >
> > Somewhat long version below.
> > As a background of the question I'm using OpenSSL with Erlang/OTP [1] on Linux
> > and want to static link OpenSSL library.  With OpenSSL 1.1.1, it works nice,
> > but I couldn't make it work well with OpenSSL 3.0.1.
> >
> > Build steps:
> >
> >  curl -LO https://www.openssl.org/source/openssl-3.0.1.tar.gz
> >  tar xvfz openssl-3.0.1.tar.gz
> >  cd openssl-3.0.1
> >  ./config --prefix=$HOME/local/openssl-3.0.1 no-shared
> >  make -j && make install_sw
> >
> > After Building Erlang/OTP with it and moving $HOME/local/openssl-3.0.1/lib64 to
> > $HOME/tmp, my (Erlang) code fails at OSSL_PROVIDER_load(NULL, "legacy"):
> > https://github.com/erlang/otp/blob/OTP-25.0-rc1/lib/crypto/c_src/crypto.c#L224
> >
> > What I found are:
> > - there are two library files under $HOME/local/openssl-3.0.1/lib64, libcrypt.a
> >   and ossl-modules/legacy.so, and
> > - if I pass the environment variable OPENSSL_MODULES=$HOME/tmp in
> > launching Erlang,
> >   all work well.
> >   https://github.com/openssl/openssl/blob/b19fcc66d382357617744690dc3363947de2cb6f/doc/man3/OSSL_PROVIDER.pod
> >
> > So, copying legacy.so and adding an environment variable can be an option.
> > Before going with the option, I want to confirm whether including legacy in
> > libcrypt.a in possible or not.
> >
> > [1] https://www.erlang.org/
> >
> > Thanks in advance!
> > Shino
> >
> --
> Richard Levitte         levitte at openssl.org
> OpenSSL Project         http://www.openssl.org/~levitte/

More information about the openssl-users mailing list