Re: [openssl-users] Cannot find SSL_CTX_get0_param in libssl library
On 28/05/2017 23:31, Salz, Rich via openssl-users wrote: The openssl program will use the wrong libssl.so and libcrypto.so. Yes, got it. But that's small potatoes compared to everyone else finding the wrong shared library, and just saying "use rpath" doesn't help all those others. Change the /usr/lib/libssl.so symlink to point to libssl.so.1.1, not libssl.so.1.0 while compiling with OpenSSL 1.1.x headers. Ditto for libcrypto.so. Alternatively, place such symlinks in the lib directory that is next to the include directory with OpenSSL 1.1.x headers. This should cause the resulting programs to refer to the right so-name (libssl.so.1.1 etc.) and thus either load the right library generation (1.1.x) or report that it isn't installed on the local library path (typically, /lib/, /usr/lib/ and /usr/local/lib/ in some system dependent order). After all, this is the whole point of the versioned .so file names. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Cannot find SSL_CTX_get0_param in libssl library
> The openssl program will use the wrong libssl.so and libcrypto.so. Yes, got it. But that's small potatoes compared to everyone else finding the wrong shared library, and just saying "use rpath" doesn't help all those others. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Cannot find SSL_CTX_get0_param in libssl library
On Sun, May 28, 2017 at 5:25 PM, Salz, Richwrote: >> We still don't know what use case is being represented by omitting the >> RPATH in the OpenSSL build. > > Because only one program, apps/openssl, presumably needs rpath. But that > doesn't solve the problem for *external applications* that need to find > OpenSSL in a different place, does it? > Without RPATH's (or some other mechanism, like making openssl a script that sets LD_LIBRARY_PATH), libssl.so will use the wrong libcrypto.so. The openssl program will use the wrong libssl.so and libcrypto.so. Jeff -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Cannot find SSL_CTX_get0_param in libssl library
> We still don't know what use case is being represented by omitting the > RPATH in the OpenSSL build. Because only one program, apps/openssl, presumably needs rpath. But that doesn't solve the problem for *external applications* that need to find OpenSSL in a different place, does it? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Cannot find SSL_CTX_get0_param in libssl library
On Sun, May 28, 2017 at 2:59 AM, Mohit Batrawrote: > Hello All, > > I am trying to compile / install a utility from Source on CentOS that > utilizes OpenSSL 1.1.0 (latest version) . However, I get the following > error: > > configure: WARNING: Cannot find SSL_CTX_get0_param in libssl library. TLS > hostname verification will not be available. > > Kindly help me out on this error. When you build OpenSSL and your program, use an RPATH. Also see https://wiki.openssl.org/index.php/Compilation_and_Installation#Using_RPATHs . We still don't know what use case is being represented by omitting the RPATH in the OpenSSL build. Building OpenSSL with new library, but runtime link to old library after installation makes no sense to most users. You can probably do it using LD_LIBRARY_PATH, but RPATHs are easier. Jeff -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Cannot find SSL_CTX_get0_param in libssl library
I concur with Rich. CentOS is known for having outdated packages. Regards, Uri Sent from my iPhone On May 28, 2017, at 16:43, Salz, Rich via openssl-userswrote: >> I am trying to compile / install a utility from Source on CentOS that >> utilizes OpenSSL 1.1.0 (latest version) . However, I get the following >> error: >> configure: WARNING: Cannot find SSL_CTX_get0_param in libssl library. TLS >> hostname verification will not be available. > > Most likely, the utility you are trying to build is looking at the > system-installed OpenSSL libraries. > > You have to install OpenSSL 1.1.0 and use those pathnames when you > build/configure the utility. > > -- > Senior Architect, Akamai Technologies > Member, OpenSSL Dev Team > IM: richs...@jabber.at Twitter: RichSalz > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users smime.p7s Description: S/MIME cryptographic signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Cannot find SSL_CTX_get0_param in libssl library
> I am trying to compile / install a utility from Source on CentOS that > utilizes OpenSSL 1.1.0 (latest version) . However, I get the following error: > configure: WARNING: Cannot find SSL_CTX_get0_param in libssl library. TLS > hostname verification will not be available. Most likely, the utility you are trying to build is looking at the system-installed OpenSSL libraries. You have to install OpenSSL 1.1.0 and use those pathnames when you build/configure the utility. -- Senior Architect, Akamai Technologies Member, OpenSSL Dev Team IM: richs...@jabber.at Twitter: RichSalz -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Cannot find SSL_CTX_get0_param in libssl library
Hello All, I am trying to compile / install a utility from Source on CentOS that utilizes OpenSSL 1.1.0 (latest version) . However, I get the following error: *configure: WARNING: Cannot find SSL_CTX_get0_param in libssl library. TLS hostname verification will not be available.* Kindly help me out on this error. Thanks & Regards, Mohit Batra -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users