Blog
Portable OpenSSL for Linux
21/12/2015
A year ago I worked out how to make a portable build of OpenSSL for Mac. And now with the imminent release of the Linux build of Scribe I need to do the same with the Linux build of OpenSSL.

After downloading and unpacking OpenSSL I configured it with:
./config shared -DPURIFY
The reason for adding the -DPURIFY #define is to suppress valgrind errors related to uninitialized memory usage.

Once that is built I had a look at the shared object paths with ldd:
matthew@ubuntu:~/Downloads/openssl$ ldd ./libssl.so.1.0.0 
	linux-vdso.so.1 =>  (0x00007ffc0e197000)
	libcrypto.so.1.0.0 => /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (0x00007f5c5ab6c000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f5c5a7a7000)
	libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f5c5a5a3000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f5c5b1c1000)
So it's not portable yet. I initially tried using the chrpath command but it can only modify existing RPATH records. My binary doesn't have any RPATH yet. So that didn't work. The next thing I tried was the patchelf command from here:
http://nixos.org/releases/patchelf/patchelf-0.8/
After building and installing I issued this command in the OpenSSL folder:
patchelf --set-rpath '$ORIGIN' ./libssl.so.1.0.0
Now to check if libssl pulls in the local libcrypto:
matthew@ubuntu:~/Downloads/openssl$ ldd ./libssl.so.1.0.0 
	linux-vdso.so.1 =>  (0x00007ffcdce86000)
	libcrypto.so.1.0.0 => /home/matthew/Code/Scribe/trunk/./libcrypto.so.1.0.0 (0x00007f39b99d8000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f39b9613000)
	libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f39b940f000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f39ba0a5000)
Yes! Now this build can be installed in the same folder as the Scribe binary and Scribe will use it without interfering with the system OpenSSL which is often out of date, or not built with -DPURIFY or missing.

Tags: shared-object linux openssl scribe | (0) Comments | Add Comment