On 19/07/18 07:08, pratyush parimal wrote: > Hi all, > > Are people familiar with how to get symbols versioned with versions > like "OPENSSL_1.0.x" in the libcrypto.so after compiling it > yourselves? OpenSSL as sourced from the OpenSSL project does not support this in 1.0.x. > Problem is, on execution my application complains that: "OPENSSL_1.0.2 > not found". Performing "objdump -T" on the OpenSSL 1.0.2k libcrypto.so > on the CentOS machine, I see some symbols versioned with the version > number "OPENSSL_1.0.2" within the library. But these seem to be > missing in the libcrypto.so which I built using the instructions > above. Any idea how to get those symbols in ? Or how to get around > this issue? Vendors often patch OpenSSL with their own system specific changes. I know Debian did this to add symbol versioning for 1.0.x. It seems CentOS does too. > Digging deeper I noticed that OpenSSL 1.1.0h (for example) does not > have this problem. In fact, as part of the build process, it seems to > generate two map files: ssl.map and crypto.map, which get passed as > --version-script=ssl.map and --version-script=crypto.map sometime to > the compiler. I also noticed that in that version of OpenSSL, there's > a script called util/mkdef.pl which generates those map files. Yes, this was a new feature we added to 1.1.0. > > OpenSSL 1.0.2k for example, does not seem to generate those map files > as part of the build process. Any idea how to generate them? I saw an > example of how CentOS seems to be putting versioned symbols in using a > patch (https://git.centos.org/blob/rpms!openssl.git/5fee79a733e7bcfa468ae8f400bad40a1002c8c5/SOURCES!openssl-1.0.1e-version.patch), > but if someone could explain how to do that for any OpenSSL version, > it would be very helpful. You could try applying the CentOS patch to your own sources - but there is no official way to do this. Alternatively you could try building from the CentOS provided sources. Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
