It's not unmanageably bad. I build OpenSSL's libcrypto. for ~20 platforms with the symbols "namespaced" - basically a prefix added, so that IBM's software can co-exist with other instances of OpenSSL in the same process. I do that by building on Linux, stripping the public symbols and doing a small number of manually defined fixups. That's all scripted for 0.9.7c, and it wasn't a great deal of pain to update for the 0.98 codebase.
I'd also prefer not to have to do those fixups manually - but at least for the crypto. shared lib it wasn't unbearable - and the OpenSSL applications + SSL library do still link against the namespaced crypto. lib on all platforms if I build with the appropriate macro's in the headers, and they still run afterwards.
Note that some of those symbols come from differences in assembler and platform support..
RAND_event / RAND_screen RNG seeding on windows.
The bn_ / sha1_ /md4_ / md5_ symbols are from platform specific asm modules. No reason they should be public.
*_it are from ASN.1 macros - I'd expect those to be consistant across platforms.
*_version unsure, again possibly ASN.1 macros.
The ec_ symbols I didn't see with 0.9.7c, but again I only care if they aren't on Linux and are on some other platform.
If you do want to clean it up though, I can probably build for you on any platforms we have that you don't.
Peter
Peter Waltenberg
Architect
IBM Crypto for C Team
IBM/Tivoli Gold Coast Office
Phone: +61-7-55524016
"Steven Reddie"
<[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 24/10/2004 12:39 AM
|
|
There are a large number of differences in the exported symbols between Windows and Linux builds. Some of them seem surprising.
I built 0.9.7d on Windows with the following commands:
perl Configure VC-WIN32
ms\do_ms.bat
nmake -f ms\ntdll.mak
And on Linux, after adding EXPORT_VAR_AS_FN to the linux-pentium target in Configure in an attempt to reduce differences between the two platforms, I built and extracted exported symbols with the following commands:
./config shared
make
nm -D libcrypto.so.0.9.7 | grep ' [DRT] ' > symbols
On Windows, there were some minor differences between the exports listed in ms\libeay32.def and what was actually exported from the DLL ("dumpbin /exports libeay32.dll"). The DLL contained the following additional symbols:
CAST_S_table0
CAST_S_table1
CAST_S_table2
CAST_S_table3
CAST_S_table4
CAST_S_table5
CAST_S_table6
CAST_S_table7
DES_SPtrans
OSSL_DES_version
OSSL_libdes_version
Differences between Windows and Linux are as follows.
Windows contained these expected extra symbols:
RAND_event
RAND_screen
Linux contained these extra text symbols (data symbols further below):
_CONF_add_string
_CONF_free_data
_CONF_get_section
_CONF_get_section_values
_CONF_get_string
_CONF_new_data
_CONF_new_section
_des_crypt
asn1_primitive_clear
BIO_ACCEPT_free
BIO_ACCEPT_new
BIO_CONNECT_free
BIO_CONNECT_new
BIO_s_log
bn_cmp_part_words
bn_cmp_words
bn_mul_comba4
bn_mul_comba8
bn_mul_high
bn_mul_low_normal
bn_mul_low_recursive
bn_mul_normal
bn_mul_part_recursive
bn_mul_recursive
bn_sqr_comba4
bn_sqr_comba8
bn_sqr_normal
bn_sqr_recursive
d2i_NETSCAPE_ENCRYPTED_PKEY
d2i_NETSCAPE_PKEY
DHparams_it
dsa_pub_internal_it
DSA_SIG_it
DSAparams_it
DSAPrivateKey_it
DSAPublicKey_it
ec_GFp_mont_field_decode
ec_GFp_mont_field_encode
ec_GFp_mont_field_mul
ec_GFp_mont_field_set_to_one
ec_GFp_mont_field_sqr
ec_GFp_mont_group_clear_finish
ec_GFp_mont_group_copy
ec_GFp_mont_group_finish
ec_GFp_mont_group_init
ec_GFp_mont_group_set_curve_GFp
ec_GFp_nist_group_init
ec_GFp_recp_group_init
ec_GFp_simple_add
ec_GFp_simple_cmp
ec_GFp_simple_dbl
ec_GFp_simple_field_mul
ec_GFp_simple_field_sqr
ec_GFp_simple_get_Jprojective_coordinates_GFp
ec_GFp_simple_group_clear_finish
ec_GFp_simple_group_copy
ec_GFp_simple_group_finish
ec_GFp_simple_group_get_cofactor
ec_GFp_simple_group_get_curve_GFp
ec_GFp_simple_group_get_order
ec_GFp_simple_group_get0_generator
ec_GFp_simple_group_init
ec_GFp_simple_group_set_curve_GFp
ec_GFp_simple_group_set_generator
ec_GFp_simple_invert
ec_GFp_simple_is_at_infinity
ec_GFp_simple_is_on_curve
ec_GFp_simple_make_affine
ec_GFp_simple_oct2point
ec_GFp_simple_point_clear_finish
ec_GFp_simple_point_copy
ec_GFp_simple_point_finish
ec_GFp_simple_point_get_affine_coordinates_GFp
ec_GFp_simple_point_init
ec_GFp_simple_point_set_affine_coordinates_GFp
ec_GFp_simple_point_set_to_infinity
ec_GFp_simple_point2oct
ec_GFp_simple_points_make_affine
ec_GFp_simple_set_compressed_coordinates_GFp
ec_GFp_simple_set_Jprojective_coordinates_GFp
EC_GROUP_clear_free_extra_data
EC_GROUP_free_extra_data
EC_GROUP_get_extra_data
EC_GROUP_set_extra_data
engine_cleanup_add_first
engine_cleanup_add_last
engine_free_util
engine_set_all_null
engine_table_cleanup
engine_table_register
engine_table_select
engine_table_unregister
engine_unlocked_finish
engine_unlocked_init
fcrypt_body
i2d_NETSCAPE_ENCRYPTED_PKEY
i2d_NETSCAPE_PKEY
md4_block_host_order
md5_block_asm_host_order
MGF1
NETSCAPE_ENCRYPTED_PKEY_free
NETSCAPE_ENCRYPTED_PKEY_it
NETSCAPE_ENCRYPTED_PKEY_new
NETSCAPE_PKEY_free
NETSCAPE_PKEY_it
NETSCAPE_PKEY_new
OPENSSL_gmtime
ripemd160_block_asm_host_order
sha_block_data_order
sha_block_host_order
sha1_block_asm_data_order
sha1_block_asm_host_order
X509_ATTRIBUTE_SET_it
X509_NAME_ENTRIES_it
X509_NAME_INTERNAL_it
These are the extra data symbols exported on Linux:
AES_version
ASN1_version
BF_version
BN_version
CAST_version
cleanse_ctr
CONF_def_version
CONF_version
DH_version
DSA_version
EVP_version
IDEA_version
lh_version
MD2_version
MD4_version
D5_version
p_CSwift_AcquireAccContext
p_CSwift_AttachKeyParam
p_CSwift_ReleaseAccContext
p_CSwift_SimpleRequest
PEM_version
rand_ssleay_meth
RAND_version
RC2_version
RC4_version
RC5_version
RMD160_version
RSA_version
SHA_version
SHA1_version
STACK_version
TXT_DB_version
v3_akey_id
v3_alt
v3_bcons
v3_cpols
v3_crl_hold
v3_crl_invdate
v3_crl_num
v3_crl_reason
v3_crld
v3_ext_ku
v3_info
v3_key_usage
v3_ns_ia5_list
v3_nscert
v3_ocsp_accresp
v3_ocsp_acutoff
v3_ocsp_crlid
v3_ocsp_nocheck
v3_ocsp_nonce
v3_ocsp_serviceloc
v3_pkey_usage_period
v3_sinfo
v3_skey_id
v3_sxnet
x509_dir_lookup
x509_file_lookup
x509_name_ff
X509_version
Does anyone know if much of this is expected. It looks like at least a few of them are incorrect, eg. I expect that there should be no differences between platforms in relation to NETSCAPE_ENCRYPTED_PKEY and NETSCAPE_PKEY. Perhaps all of the symbols similar to ec_GFp_mont_field_decode are really meant to be internal only but are being exported due to the -Wl,--whole-archive option being used when the shared library is built.
Regards,
Steven