> From: owner-openssl-us...@openssl.org On Behalf Of Leonardo Laface de Almeida > Sent: Tuesday, 16 October, 2012 17:06
> >Does your library dynamically-link the openssl libs, > >or statically embed them (while being dynamic itself)? > > library dynamically-link the openssl libs. > My lib already uses SSL_CTX_* and SSL_* for connections. The > certificates > and the private keys are created directly from Openssl prompt > (DOS or linux > terminal). > > > >> Because the App can't load the library with the following > >> lines on dll code: > >> > >> 1. EVP_PKEY_CTX *ctx; > >> 2. EVP_PKEY *pkey = NULL; > >> 3. ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL); > >> > >> If the third line is commented, then the library is loaded > >> and everything > >> works. > >> > > > >If you are dynamic-linking openssl libs (as well as your lib), > >are you sure when your app runs it is finding the correct ones? > > Unfortunately, yes. My lib finds the openssl libs, even though, it > establishes SSL connections. > That doesn't prove it's finding the *correct* openssl. Most (and usual) kinds of SSL connections work on older versions. Do you get TLSv1.1 or TLSv1.2 connections, or at least request them properly even if your server doesn't agree? That would prove version 1.0.1. > >Could there be an older version of openssl in your search path? > >The EVP_PKEY_CTX_* routines were new in 1.0.0. If you are > >finding a version older than that, they will be missing. > > There were, and I've actualized. > From prompt: > OpenSSL> version > OpenSSL 1.0.1c 10 May 2012 > > From path: > C:\Openssl\bin > That doesn't prove it either. The DLL search for openssl.exe could find different DLL files than for yourapp.exe, unless (probably) *everything* is all in one directory, and from what you say below it doesn't sound like everything is. Does your app run briefly and exit, or does/can it wait or do something that takes a reasonably long time? If the latter, get ProcessExplorer from technet.microsoft.com/en-us/sysinternals and use it to examine your running application process to check the full paths of the DLLs used. (Or there are other tools that can do this, but ProcessExplorer is the one I am familar with.) > From C:\My_LIB_proj\lib\Openssl\include\openssl\opensslv.h > > #define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1c 10 May 2012" > > > >For Windows note that the DLL search rules have changed > >several times over the last year or so as Microsoft puts out > >more and more security patches for "DLL planting" attacks. > > Well, I'm developing the lib for Windows first. What I use from OS are > separated in different source files. Almost everything is in "c pure", > except some things it isn't possible, as threads, for example. > > I suppose this part it will be easier on linux. :) > Different in some details but not necessarily easier. :-( > >> It seems to be an error with some pointer from EVP_* > >> functions. Any EVP_* > >> function called causes this error. > >> > >Sounds like reference *to*, not pointer *from*. If the app/lib > >doesn't load, these function calls never get executed. > > >All EVP_* or only all EVP_PKEY_CTX_* ? Most other parts of EVP_ > >are quite a bit older, although there have been minor changes. > > Yes, pointer "to", sorry. > > Not allones, EVP_aes_256_cbc() and EVP_PKEY_get1_RSA(pkey) > are working. > EVP_PKEY_asn1_find_str() , EVP_PKEY_asn1_get0_info() and > EVP_PKEY_CTX_new_id() are not working. > I've not tried other ones. > EVP_aes_ and SSL_various working but EVP_PKEY_CTX_ and EVP_PKEY_asn1_ not working does sound like a version problem. EVP_PKEY_CTX_ (as asked before) and also EVP_KEY_asn1_ are new in 1.0.0, and most other stuff is a good bit older. > >> Anyway, as you said the EVC functions where recent > development effort > >> foccus, I think this may be some error in openssl lib. I also > >> think it might > >> be openssl version problem or some cross-compiling error. > >> > > >It sounds like it well could be a version problem. > >How is cross-compiling involved? > > I've downloaded the openssl*.tar file and extracted to > C:/Openssl. Then, > I've used Visual Studio 2010 for cross-compiling. > I followed the instructions in INSTALL.W32 file (pretty good, > by the way). > > Then, I've copied the following directories from "C:\Openssl\" to > "C:\My_LIB_proj\lib\Openssl\": > > include > lib > > Then, I've imported the libeay32.lib and ssleay32.lib as usual in c > programming. I've also included > "C:\My_LIB_proj\lib\Openssl\include" to > included paths. > > Is something missing? > That should be good for compiling and linking your app. Unless VS has changed recently, just adding an import .lib to a project is used for linking but does *not* make it run with the matching .dll, although other settings may do that. (I'm back on 2003, and MS changes this kind of stuff a lot.) Are you running your app in VS, or from CMD or similar? That may also affect the search rules. Note: this is not cross-compiling, just normal compiling. > > >> In any case, if it's possible I'm not importing or compiling > >> the openssl > >> libs properly, please let me know. Maibe some directive > >> before compiling > >> openssl, e.g. > >> I'm using Openssl version 1.0.1c > >> > >You're compiling openssl yourself? Are you installing it > >in the system directory(s), or using in your own dir(s)? > > No, my lib doesn't compile openssl. I've compiled externally and I've > imported the libs created. > But you did compile openssl (as opposed to getting a compiled version from someone else) and per above put it into your "myproj" directories but not system directories. > >If the latter, is there any openssl in the system dir(s)? > > Not at all. I'd removed any other installed version before > installing this > one. > > >The specific system directory(s) depend on your OS, > >and possibly build options. You imply you are doing at least > >Windows plus some Unix, which are different; if you do more > >than one Unix, those may also be different. > <snip earlier> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
