> However, I have no clue how to approach finding binaries/libraries > that have statically compiled openssl code in them. > > Does anyone have a recipe for doing this? I would appreciate an idea of > what tools to use (nm?) and symbols to look for. The environment I am > attempting to do this in is linux on packages compiled for i686.
Every application I've ever seen statically linked against openssl contains the openssl version string, e.g. OpenSSL 0.9.6e 30 Jul 2002 etc. You can simply use strings to extract this info, e.g. #! /bin/sh # scan for openssl version string in a bunch of files for i in $@ ;do SSL=`strings - $i | egrep -v 'part of '| egrep 'OpenSSL 0\.9\.'` [ "$SSL" != "" ] && echo "$i: $SSL" done which is good enough for me though I suppose you may care about much older version of openssl than 0.9.x. -- Jon ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
