Re: Question about OpenSSL 3.0 and static linking

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



There is a define to allow this: STATIC_LEGACY but I don't remember how to specify it on the configuration command line.
We should probably turn this on in a no-shared build.


Pauli

On 22/2/22 5:37 pm, Shunichi Shinohara wrote:
Hi List,

I have a question about OpenSSL 3.0 and static linking.

Short version: Is it possible to include the legacy provider in libcrypt.a?

Somewhat long version below.
As a background of the question I'm using OpenSSL with Erlang/OTP [1] on Linux
and want to static link OpenSSL library.  With OpenSSL 1.1.1, it works nice,
but I couldn't make it work well with OpenSSL 3.0.1.

Build steps:

  curl -LO https://www.openssl.org/source/openssl-3.0.1.tar.gz
  tar xvfz openssl-3.0.1.tar.gz
  cd openssl-3.0.1
  ./config --prefix=$HOME/local/openssl-3.0.1 no-shared
  make -j && make install_sw

After Building Erlang/OTP with it and moving $HOME/local/openssl-3.0.1/lib64 to
$HOME/tmp, my (Erlang) code fails at OSSL_PROVIDER_load(NULL, "legacy"):
https://github.com/erlang/otp/blob/OTP-25.0-rc1/lib/crypto/c_src/crypto.c#L224

What I found are:
- there are two library files under $HOME/local/openssl-3.0.1/lib64, libcrypt.a
   and ossl-modules/legacy.so, and
- if I pass the environment variable OPENSSL_MODULES=$HOME/tmp in
launching Erlang,
   all work well.
   https://github.com/openssl/openssl/blob/b19fcc66d382357617744690dc3363947de2cb6f/doc/man3/OSSL_PROVIDER.pod

So, copying legacy.so and adding an environment variable can be an option.
Before going with the option, I want to confirm whether including legacy in
libcrypt.a in possible or not.

[1] https://www.erlang.org/

Thanks in advance!
Shino





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux