Re: liblegacy.a does not work unless compiled with -static
On Fri, 01 May 2020 19:22:13 +0200, Salz, Rich via openssl-users wrote: > > Hm, so DSO support is a requirement for legacy crypto now? That > probably needs to be made explicit, and see if the project gets > pushback. No. When DSO support is turned off, the legacy provider code becomes part of libcrypto, in an inaccessible state (in other words, you still have to "load" it). Cheers, Richard -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/
Re: liblegacy.a does not work unless compiled with -static
I’ve been wondering if an option to build the legacy provider into libcrypto (like the null and default providers) is worthwhile. Given this conservation, it seems it might be. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 2 May 2020, at 5:30 pm, Richard Levitte wrote: > > On Fri, 01 May 2020 19:22:13 +0200, > Salz, Rich via openssl-users wrote: >> >> Hm, so DSO support is a requirement for legacy crypto now? That >> probably needs to be made explicit, and see if the project gets >> pushback. > > No. When DSO support is turned off, the legacy provider code becomes > part of libcrypto, in an inaccessible state (in other words, you still > have to "load" it). > > Cheers, > Richard > > -- > Richard Levitte levi...@openssl.org > OpenSSL Project http://www.openssl.org/~levitte/
Re: liblegacy.a does not work unless compiled with -static
On Sat, May 2, 2020 at 12:31 AM Richard Levitte wrote: > No. When DSO support is turned off, the legacy provider code becomes > part of libcrypto, in an inaccessible state (in other words, you still > have to "load" it). Using OSSL_PROVIDER_load(NULL, "legacy")? My first try after a static only build (and delete of all .so files) got an error from that, but if its the correct way, I'll investigate more. Sam
Re: liblegacy.a does not work unless compiled with -static
On 02/05/2020 16:39, Sam Roberts wrote: > On Sat, May 2, 2020 at 12:31 AM Richard Levitte wrote: >> No. When DSO support is turned off, the legacy provider code becomes >> part of libcrypto, in an inaccessible state (in other words, you still >> have to "load" it). > > Using OSSL_PROVIDER_load(NULL, "legacy")? > > My first try after a static only build (and delete of all .so files) > got an error from that, but if its the correct way, I'll investigate > more. Yes, that is the correct method. Matt