Article delegate-en/5073 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A5072@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Error running : ERROR: can't link the SSL/Crypto library.
02 Jun 2014 04:17:42 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi Albert,

Thank you for your note which reminded me that I made workaround
myself about dynamic linking of OpenSSL on Ubuntu without solving
the root cause.  My workaround was putting OpenSSL0.9.8 dynamic
libraries into my $HOME/lib.  

Now I found the cause. It was because OpenSSL1.0.0 seems to stop
supporting SSLv2 thus there were no functions for it.  I fixed it
by letting those functions optional in SSLway.  The modification
was like the enclosed patch and it will be applied to DeleGate/9.9.9
and DeleGate/10.0.0.

In message <_A5072@delegate-en.ML_> on 06/02/14(09:54:37)
you Albert Kam <p2ajqbdyi-m6tfebnayx6r.ml@ml.delegate.org> wrote:
 |I tried moving src/delegated binary to /usr/lib/x86_64-linux-gnu, but still
 |it displayed the same error messages when executed.
 |
 |root@localhost /usr/lib/x86_64-linux-gnu # ./delegated -P3129 SERVER=http
 |SOCKS=localhost:9050  DYLIB='libcrypto.so.1.0.0,libssl.so.1.0.0' -vl
...
 |>From the output above, it seems that the libssl.so and libcrypto.so are
 |both actually found. But why the error ? I tried -r to restart, but still
 |the same problem.
 |
 |Would you please help me, thanks so much !

You can add "-vd" option to see which function are undefined.
Also, DYLIB="lib*.so.1.0.0" will be a simpler specifiction of library
name pattetn.  With -vd option, you will see the messsage as follows.

    --- [ssl] 16BC7D0 libssl.so.1.0.0
    ## unknown [libssl.so.1.0.0] SSLv2_server_method
    ## unknown [libssl.so.1.0.0] SSLv2_client_method

Anyway, you don't need to specify the DYLIB parameter after the
patch is applied.  The string "/*OPT(0)*/" after the declaration
of undefined functions are the trick to make them optional in
dynamic linking in DeleGate.

 |Albert,
 |Jakarta, Indonesia

Cheers from Japan,
Yutaka
--
  9 9   Yutaka Sato (CSDP,ITIL-F,OCUP-A,Security+,ISTQB-F)
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

diff -cr orig/filters/sslway.c ./filters/sslway.c
*** orig/filters/sslway.c	Thu Nov 10 17:18:17 2011
--- ./filters/sslway.c	Mon Jun  2 12:06:16 2014
***************
*** 308,315 ****
  int  SSL_CTX_use_certificate_file(SSL_CTX *ctx,PCStr(file), int type);
  int  SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx,PCStr(file));/*OPT(0)*/
  
! SSL_METHOD *SSLv2_server_method();
! SSL_METHOD *SSLv2_client_method();
  SSL_METHOD *SSLv3_server_method();
  SSL_METHOD *SSLv3_client_method();
  SSL_METHOD *SSLv23_server_method();
--- 308,315 ----
  int  SSL_CTX_use_certificate_file(SSL_CTX *ctx,PCStr(file), int type);
  int  SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx,PCStr(file));/*OPT(0)*/
  
! SSL_METHOD *SSLv2_server_method(); /*OPT(0)*/
! SSL_METHOD *SSLv2_client_method(); /*OPT(0)*/
  SSL_METHOD *SSLv3_server_method();
  SSL_METHOD *SSLv3_client_method();
  SSL_METHOD *SSLv23_server_method();
diff -cr orig/filters/dl.c ./filters/dl.c
*** orig/filters/dl.c	Sat Jan 30 15:45:16 2010
--- ./filters/dl.c	Mon Jun  2 12:53:43 2014
***************
*** 72,77 ****
--- 72,78 ----
  	"dglib%s.so",
  	"lib%s.so.0.9.8",    /* 9.2.5 for a while */
  	"lib%s.so",
+ 	"lib%s.so.1.0.0",    /* 9.9.9 mod-140602e OpenSSL nowadays in 2014 */
  	"lib%s.so.6", /* 9.9.5 for CentOS/5.3_64 */
  	"lib%s.so.4", /* 9.9.2 for Vine4 */
  	"lib%s.so.1",

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V