1 #!/bin/sh 2 # 3 # $Id: findssl.sh,v 1.4 2007/02/19 11:44:25 dtucker Exp $ 4 # 5 # findssl.sh 6 # Search for all instances of OpenSSL headers and libraries 7 # and print their versions. 8 # Intended to help diagnose OpenSSH's "OpenSSL headers do not 9 # match your library" errors. 10 # 11 # Written by Darren Tucker (dtucker at zip dot com dot au) 12 # This file is placed in the public domain. 13 # 14 # Release history: 15 # 2002-07-27: Initial release. 16 # 2002-08-04: Added public domain notice. 17 # 2003-06-24: Incorporated readme, set library paths. First cvs version. 18 # 2004-12-13: Add traps to cleanup temp files, from Amarendra Godbole. 19 # 20 # "OpenSSL headers do not match your library" are usually caused by 21 # OpenSSH's configure picking up an older version of OpenSSL headers 22 # or libraries. You can use the following # procedure to help identify 23 # the cause. 24 # 25 # The output of configure will tell you the versions of the OpenSSL 26 # headers and libraries that were picked up, for example: 27 # 28 # checking OpenSSL header version... 90604f (OpenSSL 0.9.6d 9 May 2002) 29 # checking OpenSSL library version... 90602f (OpenSSL 0.9.6b [engine] 9 Jul 2001) 30 # checking whether OpenSSL's headers match the library... no 31 # configure: error: Your OpenSSL headers do not match your library 32 # 33 # Now run findssl.sh. This should identify the headers and libraries 34 # present and their versions. You should be able to identify the 35 # libraries and headers used and adjust your CFLAGS or remove incorrect 36 # versions. The output will show OpenSSL's internal version identifier 37 # and should look something like: 38 39 # $ ./findssl.sh 40 # Searching for OpenSSL header files. 41 # 0x0090604fL /usr/include/openssl/opensslv.h 42 # 0x0090604fL /usr/local/ssl/include/openssl/opensslv.h 43 # 44 # Searching for OpenSSL shared library files. 45 # 0x0090602fL /lib/libcrypto.so.0.9.6b 46 # 0x0090602fL /lib/libcrypto.so.2 47 # 0x0090581fL /usr/lib/libcrypto.so.0 48 # 0x0090602fL /usr/lib/libcrypto.so 49 # 0x0090581fL /usr/lib/libcrypto.so.0.9.5a 50 # 0x0090600fL /usr/lib/libcrypto.so.0.9.6 51 # 0x0090600fL /usr/lib/libcrypto.so.1 52 # 53 # Searching for OpenSSL static library files. 54 # 0x0090602fL /usr/lib/libcrypto.a 55 # 0x0090604fL /usr/local/ssl/lib/libcrypto.a 56 # 57 # In this example, I gave configure no extra flags, so it's picking up 58 # the OpenSSL header from /usr/include/openssl (90604f) and the library 59 # from /usr/lib/ (90602f). 60 61 # 62 # Adjust these to suit your compiler. 63 # You may also need to set the *LIB*PATH environment variables if 64 # DEFAULT_LIBPATH is not correct for your system. 65 # 66 CC=gcc 67 STATIC=-static 68 69 # 70 # Cleanup on interrupt 71 # 72 trap 'rm -f conftest.c' INT HUP TERM 73 74 # 75 # Set up conftest C source 76 # 77 rm -f findssl.log 78 cat >conftest.c <<EOD 79 #include <stdio.h> 80 int main(){printf("0x%08xL\n", SSLeay());} 81 EOD 82 83 # 84 # Set default library paths if not already set 85 # 86 DEFAULT_LIBPATH=/usr/lib:/usr/local/lib 87 LIBPATH=${LIBPATH:=$DEFAULT_LIBPATH} 88 LD_LIBRARY_PATH=${LD_LIBRARY_PATH:=$DEFAULT_LIBPATH} 89 LIBRARY_PATH=${LIBRARY_PATH:=$DEFAULT_LIBPATH} 90 export LIBPATH LD_LIBRARY_PATH LIBRARY_PATH 91 92 # not all platforms have a 'which' command 93 if which ls >/dev/null 2>/dev/null; then 94 : which is defined 95 else 96 which () { 97 saveIFS="$IFS" 98 IFS=: 99 for p in $PATH; do 100 if test -x "$p/$1" -a -f "$p/$1"; then 101 IFS="$saveIFS" 102 echo "$p/$1" 103 return 0 104 fi 105 done 106 IFS="$saveIFS" 107 return 1 108 } 109 fi 110 111 # 112 # Search for OpenSSL headers and print versions 113 # 114 echo Searching for OpenSSL header files. 115 if [ -x "`which locate`" ] 116 then 117 headers=`locate opensslv.h` 118 else 119 headers=`find / -name opensslv.h -print 2>/dev/null` 120 fi 121 122 for header in $headers 123 do 124 ver=`awk '/OPENSSL_VERSION_NUMBER/{printf \$3}' $header` 125 echo "$ver $header" 126 done 127 echo 128 129 # 130 # Search for shared libraries. 131 # Relies on shared libraries looking like "libcrypto.s*" 132 # 133 echo Searching for OpenSSL shared library files. 134 if [ -x "`which locate`" ] 135 then 136 libraries=`locate libcrypto.s` 137 else 138 libraries=`find / -name 'libcrypto.s*' -print 2>/dev/null` 139 fi 140 141 for lib in $libraries 142 do 143 (echo "Trying libcrypto $lib" >>findssl.log 144 dir=`dirname $lib` 145 LIBPATH="$dir:$LIBPATH" 146 LD_LIBRARY_PATH="$dir:$LIBPATH" 147 LIBRARY_PATH="$dir:$LIBPATH" 148 export LIBPATH LD_LIBRARY_PATH LIBRARY_PATH 149 ${CC} -o conftest conftest.c $lib 2>>findssl.log 150 if [ -x ./conftest ] 151 then 152 ver=`./conftest 2>/dev/null` 153 rm -f ./conftest 154 echo "$ver $lib" 155 fi) 156 done 157 echo 158 159 # 160 # Search for static OpenSSL libraries and print versions 161 # 162 echo Searching for OpenSSL static library files. 163 if [ -x "`which locate`" ] 164 then 165 libraries=`locate libcrypto.a` 166 else 167 libraries=`find / -name libcrypto.a -print 2>/dev/null` 168 fi 169 170 for lib in $libraries 171 do 172 libdir=`dirname $lib` 173 echo "Trying libcrypto $lib" >>findssl.log 174 ${CC} ${STATIC} -o conftest conftest.c -L${libdir} -lcrypto 2>>findssl.log 175 if [ -x ./conftest ] 176 then 177 ver=`./conftest 2>/dev/null` 178 rm -f ./conftest 179 echo "$ver $lib" 180 fi 181 done 182 183 # 184 # Clean up 185 # 186 rm -f conftest.c 187
