On 27.10.2017 10:07, @lbutlr wrote: > >> On Oct 27, 2017, at 12:33 AM, Aki Tuomi <aki.tu...@dovecot.fi> wrote: >> >> >> >> On 27.10.2017 00:53, krz...@gmail.com wrote: >>> I got multiple versions of openssl in my system. I compile dovecot with >>> PKG_CONFIG_PATH=/usr/openssl-1.0.2l-fpic/lib/pkgconfig ./configure >>> >>> How do I check which version of openssl got compiled in? configure >>> script does not show version. There seem to be no way to check it in >>> compiled binary (?) >>> >>> My dovecot is still seen vulnerable by tls testing tools so I'm >>> guessing wrong version of openssl got compiled it but there seem to be >>> no way to check it. >> You can check with ldd /usr/lib/dovecot/imap-login (or libexec) >> >> Just check which SSL library has been linked to it. > That is not immediately helpful, though. > > libssl.so.9 => /usr/local/lib/libssl.so.9 (0x28313000 > > No version info there… > I was kinda assuming you'd know which library it should link into. But..
$ strings /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 | grep OpenSSL OpenSSLDie SSLv3 part of OpenSSL 1.0.1t 3 May 2016 TLSv1 part of OpenSSL 1.0.1t 3 May 2016 DTLSv1 part of OpenSSL 1.0.1t 3 May 2016 OpenSSL 1.0.1t 3 May 2016 works at least for me. maybe this helps you? Aki