Re: [openssl-users] Compile OpenSSL for Android
On Wed, Dec 21, 2016 at 6:16 PM, Salz, Richwrote: >> checking for library containing SSL_library_init... no >> configure: error: libfko needs ssl > > The application is not prepared to build against 1.1.0 That function was > removed, and a #define for backward compatibility is used instead. > Also see https://wiki.openssl.org/index.php/Compilation_and_Installation#Autoconf . Its another way to address the "SSL_library_init symbol or OPENSSL_init_ssl symbol" issue. The missing 1.1.0 code paths will need to be added. The compiler will tell you where most of the problems are. Jeff -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Compile OpenSSL for Android
> checking for library containing SSL_library_init... no > configure: error: libfko needs ssl The application is not prepared to build against 1.1.0 That function was removed, and a #define for backward compatibility is used instead. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Compile OpenSSL for Android
Hey all, I finally compiled the OpenSSL for Android, the problem was with the Setenv-android.sh scritp. After fixed it I can compile using the following command line: ./config shared no-ssl2 no-ssl3 no-comp no-hw no-engine --openssldir=/home/ec2-user/android-openssl/android-12 --prefix=/home/ec2-user/android-openssl/android-12 With OpenSSL 1.1.0c, if I use only --openssldir the make install mess with my system libs. I have to use --prefix together to install in a different path. But, now I'm trying to compile another program, using the OpenSSL compiled lib, and I'm getting the following message: checking openssl/ssl.h usability... yes checking openssl/ssl.h presence... yes checking for openssl/ssl.h... yes checking for library containing SSL_library_init... no configure: error: libfko needs ssl Is it a problem with the compiled OpenSSL lib? Thanks On Tue, Dec 20, 2016 at 4:09 PM, Leo Goldimwrote: > Hi all, > > I'm trying to compile OpenSSL for Android, after looking at Google I found > this page: > > https://wiki.openssl.org/index.php/Android > > I followed step by step but when I verified my lib (readelf -h > ./libcrypto.a | grep -i 'class\|machine' | head -2) I realized that the lib > was created for my machine (x86_64) not Android (arm). > > So, I changed the configure command to: > > ./Configure android --openssldir=/home/ec2-user/android-openssl/android-12 > > And I got the following error: > > make[2]: Entering directory `/home/ec2-user/android- > openssl/openssl-1.1.0c' > LD_LIBRARY_PATH=: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG > -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC > -DOPENSSLDIR="/home/ec2-user/android-openssl/android-12" > -DENGINESDIR="/usr/local/lib/engines-1.1" -Wall -O3 -pthread -mandroid > -fPIC --sysroot= -Wa,--noexecstack -fPIC -DOPENSSL_USE_NODELETE > -Wl,-znodelete -shared -Wl,-Bsymbolic -Wl,-soname=libcrypto.so.1.1 -o > ./libcrypto.so.1.1 -Wl,--whole-archive,--version-script=crypto.map > ./libcrypto.a -Wl,--no-whole-archive -ldl > /usr/bin/ld: cannot find crtbegin_so.o: No such file or directory > collect2: error: ld returned 1 exit status > make[2]: *** [link_shlib.linux-shared] Error 1 > make[2]: Leaving directory `/home/ec2-user/android-openssl/openssl-1.1.0c' > make[1]: *** [libcrypto.so] Error 2 > make[1]: Leaving directory `/home/ec2-user/android-openssl/openssl-1.1.0c' > make: *** [all] Error 2 > > Someone already compiled the OpenSSL version 1.1.0c for Android and can > help me? > > Thanks > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] big endian vs little endian
Yes. Thanks you it works. My stupid. -Original Message- From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of Salz, Rich Sent: Tuesday, December 20, 2016 12:16 PM To: openssl-users@openssl.org Subject: Re: [openssl-users] big endian vs little endian > I am obviosly a newbie and missing something. How then do I encrypt > the file on one machine (little endian), transmit it to another > machine (big endian) and decrypt it there? Did you try it? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] stronger Kex
Hello, I have two servers for testing purpose : - debian 6, apache 2.2, openssl 1.0.1t (mutu) - centos 7, apache 2.4.6, openssl 1.0.1e-fips (dedicated) Now, these 2 serveurs offers only those ciphers : TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) I have two goals. First, I would like to use at least secp384r1 and second (no problem), use an ECC certificate. Is it possible to do it with CHACHA20-POLY1305 ? Is it possible to use this cipher on those servers ? openssl ciphers -V CHACHA20 return an error on each server. I understand it's because there is no chacha20 cipher (?). Why can I connect a server by SSH with chacha20-poly1...@openssh.com and not using it with Apache ? All advices are welcome :-). Best regards, -- benoist -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users