(switched to dev from users)
> Hi, I've stumbled over two problems with building the OpenSSL engine
> 0.9.6a for Windows-NT:
>
> 1) It automatically adds the advapi32-library to the libs.
>
> While this is probably fine when building a DLL, you'll get problems
> (dupliate symbols) when using a statically linked OpenSSL.
>
> Fix: remove it from the perl script in util/pl/VC_32.pl:
> 115c115
> < $ex =' ';
> ---
> > $ex =' advapi32.lib';
Currently, I don't think that advapi32.lib can be removed due to the
fact that it's used in rand_win.c for a registry query
(RegQueryValueEx()). Any calling application that hits this point will
fail - within the source tree that would be, at least, some tests such
as the hmac or rsa tests and openssl.exe itself. I don't think it is
safe to assume that an engine implementation on WIN32 won't use the
rand_poll functionality within rand_win - even though most hardware
cards provide rand functionality - i wouldn't assume that all engine
implementations would.
One could however, attempt to use the fact that within rand_win
LoadLibrary() has been called previously in order to dynamically load
advapi32, and use GetProcAddress() against RegQueryValueEx(). It
appears that advapi32 is still loaded when the RegQueryValueEx() call is
made.
I think that this is the mainline fix (for now at least) that should be
aproached. The RegQueryValueEx() call is made within this "if"
statement:
if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT &&
osverinfo.dwMajorVersion < 5)
We can also be pretty certain that the loadlibrary against advapi32
succeeded
for NT 4 or 3.51. (If it didn't, that box would have more problems than
just openssl.) Then we can dynamically locate RegQueryValueEx and
change the rand_poll mechanism to read its bits through this.
If this were to be done advapi32 could be deleted from Winnt
builds' external library linkage. This is the sole place in the entire
source tree that advapi32 is needed for external linkage.
I can put the patch together if necessary, but I'd rather hear from
Richard L or Jeffrey Altman as I believe these were the two individuals
that did the most mucking about in this place
Andrew
Wolfgang Bachmann wrote:
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
