On 08/02/16 13:41, Catalin Vasile wrote: > I'm trying to compile a custom OpenSSL library to work with nginx. > nginx requires that the SSL library have version data included in the .so > files, so I'm using this patch[1] for this. > The problem is that if I set the library versiont to 1.0.1 into that script, > when I start nginx or trigger ldd on nginx I get: > /usr/lib/libssl.so.1.0.0: version `OPENSSL_1.0.0' not found > If I set that version to 1.0.0 I get: > /usr/lib/libssl.so.1.0.0: version `OPENSSL_1.0.1' not found > Can someone help me out to understand what is going on?
Each symbol will have a different version depending on what version of OpenSSL it was first introduced in. If a symbol is in both 1.0.0 and 1.0.1 it will have a version of OPENSSL_1.0.0. If a symbol is only in 1.0.1 it will have a version of OPENSSL_1.0.1. You can see the symbol versions for the system supplied version of libcrypto/libssl like so: readelf -Ws /path/to/libcrypto.so.1.0.0 | grep OPENSSL_1.0 Compiling up your own version of OpenSSL and manually adding your own symbols is possible but fraught with problems. It's best to avoid it if at all possible. In spite of what you say above nginx does not require symbol versions to be present...*only* the system supplied version does. If you obtain a version of nginx from somewhere else then it won't have this issue. Also, IIRC, the warnings you get if you don't have symbol versions are just that - warnings. You should be able to ignore them and continue anyway. Matt -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
