[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-dev
Subject: Re: [openssl.org #550] bug report - library and header version mismatch
From: "root () dgrunt ! sneakernet ! com via RT" <rt () openssl ! org>
Date: 2003-03-27 21:04:42
[Download RAW message or body]
Hi Richard
Thanks for the pointers.
I have just re-built openssl-0.9.7a from virgin source using the following:
./config --openssldir=/usr/local/OpenSSL threads shared
Here is the test report:
OpenSSL self-test report:
OpenSSL version: 0.9.7a
Last change: In ssl3_get_record (ssl/s3_pkt.c), minimize information...
Options: --openssldir=/usr/local/OpenSSL threads shared no-krb5
OS (uname): Linux dgrunt 2.4.20 #1 Wed Mar 19 13:10:00 EST 2003 i586 unknown
OS (config): i586-whatever-linux2
Target (default): linux-k6
Target: linux-k6
Compiler: gcc version 2.95.3 20010315 (release)
Test passed.
Using the script at the end of this message, I get the following:
Searching for and checking OpenSSL header files.
0x0090701fL ./crypto/opensslv.h
0x0090701fL ./include/openssl/opensslv.h
Searching for and checking OpenSSL shared libraries (libcrypto.s*, libssl.s*).
0x0090700fL ./libcrypto.so.0.9.7
0x0090700fL ./libcrypto.so.0
0x0090700fL ./libcrypto.so
0x0090700fL ./libssl.so.0.9.7
0x0090700fL ./libssl.so.0
0x0090700fL ./libssl.so
Searching for and checking OpenSSL static library files.
0x0090701fL ./libcrypto.a
note that the internal version of opensslv.h (0x0090701fL) does not
match the internal version of libcrypto.so.0.9.7 (0x0090700fL)
After installing OpenSSL into /usr/local/OpenSSL, the script gives the same results
when run against /usr/local/OpenSSH.
The above mis-match is what OpenSSH is complaining aboutin the following configure \
error.
checking OpenSSL header version... 90701f (OpenSSL 0.9.7a Feb 19 2003)
checking OpenSSL library version... 90700f (OpenSSL 0.9.7 31 Dec 2002)
checking whether OpenSSL's headers match the library... configure: error: Your \
OpenSSL headers do not match your library
The OpenSSH config.log contains the following, indicating that config is picking up \
the OOpenSSL stuff correctly from /usr/local/OpenSSL/...
configure:8543: checking OpenSSL header version
configure:8574: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized \
-I/usr/local/OpenSSL/include -L/usr/local/OpenSSL/lib conftest.c -lutil -l z -lnsl \
-lcrypto >&5
configure:8460: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized \
-I/usr/local/OpenSSL/include -L/usr/local/OpenSSL/lib conftest.c -lutil -l z -lnsl \
-lcrypto >&5 configure:8463: $? = 0
configure:8466: test -s conftest
configure:8469: $? = 0
configure:8543: checking OpenSSL header version
configure:8574: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized \
-I/usr/local/OpenSSL/include -L/usr/local/OpenSSL/lib conftest.c -lutil -l z -lnsl \
-lcrypto >&5 In file included from /usr/include/string.h:360,
from configure:8553:
/usr/include/bits/string2.h: In function `__strcpy_small':
/usr/include/bits/string2.h:428: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:436: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:441: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:446: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:448: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:453: warning: pointer of type `void *' used in arithmetic
configure: In function `main':
configure:8564: warning: unsigned int format, long unsigned int arg (arg 3)
configure:8577: $? = 0
configure:8579: ./conftest
configure:8582: $? = 0
configure:8586: result: 90701f (OpenSSL 0.9.7a Feb 19 2003)
configure:8607: checking OpenSSL library version
configure:8639: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized \
-I/usr/local/OpenSSL/include -L/usr/local/OpenSSL/lib conftest.c -lutil -l z -lnsl \
-lcrypto >&5 In file included from /usr/include/string.h:360,
from configure:8617:
/usr/include/bits/string2.h: In function `__strcpy_small':
/usr/include/bits/string2.h:428: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:436: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:441: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:446: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:448: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:453: warning: pointer of type `void *' used in arithmetic
configure: In function `main':
configure:8629: warning: unsigned int format, long unsigned int arg (arg 3)
configure:8642: $? = 0
configure:8644: ./conftest
configure:8647: $? = 0
configure:8651: result: 90700f (OpenSSL 0.9.7 31 Dec 2002)
configure:8672: checking whether OpenSSL's headers match the library
configure:8689: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wno-uninitialized \
-I/usr/local/OpenSSL/include -L/usr/local/OpenSSL/lib conftest.c -lutil -l z -lnsl \
-lcrypto >&5 In file included from /usr/include/string.h:360,
from configure:8681:
/usr/include/bits/string2.h: In function `__strcpy_small':
/usr/include/bits/string2.h:428: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:436: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:441: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:446: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:448: warning: pointer of type `void *' used in arithmetic
/usr/include/bits/string2.h:453: warning: pointer of type `void *' used in arithmetic
configure: In function `main':
configure:8683: warning: implicit declaration of function `SSLeay'
configure:8692: $? = 0
configure:8694: ./conftest
configure:8697: $? = 1
configure: program exited with status 1
configure: failed program was:
#line 8679 "configure"
#include "confdefs.h"
#include <string.h>
#include <openssl/opensslv.h>
int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
configure:8709: result: no
configure:8711: error: Your OpenSSL headers do not match your library
It looks to me like the internal version numbers for libcrypto and libssl (as well as \
the static lib) have not been updated correctly in the source.
BTW: openssl-0.9.7-stable-SNAP-20030326 has the same problem.
SO - now what should I do?
Thanks
-- Ken --
********** Script follows **********
#!/bin/sh
#
# getlibver.sh
# Based on findssl.sh by Darren Tucker (dtucker at zip dot com dot au)
# This file is placed in the public domain.
#
# findssl.sh
# Search for all instances of OpenSSL headers and libraries
# and print their versions.
# Intended to help diagnose OpenSSH's "OpenSSL headers do not
# match your library" errors.
#
# Written by Darren Tucker (dtucker at zip dot com dot au)
# This file is placed in the public domain.
#
# 2002-07-27: Initial release.
# 2002-08-04: Added public domain notice.
# 27 March 2003: Make it search in $1/* for opensslv.h, libcrypto.s*, libssl.s*
#
#
# Adjust these to suit your compiler
#
CC=gcc
STATIC=-static
#
# Set up conftest C source
#
rm -f findssl.log
cat >conftest.c <<EOD
#include <stdio.h>
int main(){printf("0x%08xL\n", SSLeay());}
EOD
#
# Search for OpenSSL headers and print versions
#
echo "Searching for and checking OpenSSL header files."
headers=`find $1 -follow -name opensslv.h -print 2>/dev/null`
for header in $headers
do
ver=`awk '/OPENSSL_VERSION_NUMBER/{printf \$3}' $header`
echo "$ver $header"
done
echo
#
# Search for shared libraries (libcrypto and libssl).
# Relies on shared libraries looking like "libcrypto.s*"
#
echo "Searching for and checking OpenSSL shared libraries (libcrypto.s*, libssl.s*)."
libraries=`find $1 -follow -name 'libcrypto.s*' -print 2>/dev/null`
for lib in $libraries
do
echo "Trying libcrypto $lib" >>findssl.log
${CC} -o conftest conftest.c $lib 2>>findssl.log
if [ -x ./conftest ]
then
ver=`./conftest 2>/dev/null`
rm -f ./conftest
echo "$ver $lib"
fi
done
echo
#
libraries=`find $1 -follow -name 'libssl.s*' -print 2>/dev/null`
for lib in $libraries
do
echo "Trying libssl $lib" >>findssl.log
${CC} -o conftest conftest.c $lib 2>>findssl.log
if [ -x ./conftest ]
then
ver=`./conftest 2>/dev/null`
rm -f ./conftest
echo "$ver $lib"
fi
done
echo
#
# Search for static OpenSSL libraries and print versions
#
echo "Searching for and checking OpenSSL static library files."
libraries=`find $1 -follow -name libcrypto.a -print 2>/dev/null`
for lib in $libraries
do
libdir=`dirname $lib`
echo "Trying libcrypto $lib" >>findssl.log
${CC} ${STATIC} -o conftest conftest.c -L${libdir} -lcrypto 2>>findssl.log
if [ -x ./conftest ]
then
ver=`./conftest 2>/dev/null`
rm -f ./conftest
echo "$ver $lib"
fi
done
#
# Clean up
#
rm -f conftest.c
On Thu, 27 Mar 2003, Richard Levitte - VMS Whacker via RT wrote:
>
> In message <rt-550-4050.7.00054184696938@openssl.org> on Thu, 27 Mar 2003 15:09:47 \
> +0100 (MET), "root@dgrunt.sneakernet.com via RT" <rt@openssl.org> said:
> rt> I have noticed that the internal version number of of opensslv.h
> rt> (0x0090701fL) and the internal version number of
> rt> libcrypto.so.0.9.7 and libssl.so.0.9.7 (0x0090700fL)
> rt> do not match for openssl-0.9.7a.
>
> You're confused. 0x0090701fL does match 0.9.7a. However, you're
> right about the libraries.
>
> rt> They also do not match in openssl-0.9.7-stable-SNAP-20030326.
>
> That one has 0x00907020L, which matches 0.9.7b, which is what is being
> developped in that branch.
>
> rt> This version mismatch is causing configuration of openssh-3.5p1 to
> rt> fail with the following error message:
> rt>
> rt> checking OpenSSL header version... 90701f (OpenSSL 0.9.7a Feb 19 2003)
> rt> checking OpenSSL library version... 90700f (OpenSSL 0.9.7 31 Dec 2002)
> rt> checking whether OpenSSL's headers match the library... configure: error:
> rt> Your OpenSSL headers do not match your library
> rt>
> rt> Here is the self-test report:
> rt>
> rt>
> rt> OpenSSL self-test report:
> rt>
> rt> OpenSSL version: 0.9.7a
> rt> Last change: In ssl3_get_record (ssl/s3_pkt.c), minimize
> rt> information...
> rt> Options: --openssldir=/usr/local/OpenSSL threads shared no-krb5
> rt> OS (uname): Linux dgrunt 2.4.20 #1 Wed Mar 19 13:10:00 EST 2003 i586
> rt> unknown
> rt> OS (config): i586-whatever-linux2
> rt> Target (default): linux-k6
> rt> Target: linux-k6
> rt> Compiler: gcc version 2.95.3 20010315 (release)
> rt>
> rt> Test passed.
> rt>
> rt> Test report in file testlog
> rt>
> rt> What can I do to fix this?
>
> Check config.log from OpenSSH. It may be that it takes opensslv.h and
> libcrypto fom different places, and therefore get an incompatible
> (according to OpenSSH definitions) combination.
>
> --
> Richard Levitte \ Spannvdgen 38, II \ LeViMS@stacken.kth.se
> Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
> \ SWEDEN \ or +46-708-26 53 44
> Procurator Odiosus Ex Infernis -- poei@bofh.se
> Member of the OpenSSL development team: http://www.openssl.org/
>
> Unsolicited commercial email is subject to an archival fee of $400.
> See <http://www.stacken.kth.se/~levitte/mail/> for more info.
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic