krzf83@gmail.com
2017-Oct-26 21:53 UTC
How to check which version of openssl is getting compiled in into dovecot?
I got multiple versions of openssl in my system. I compile dovecot with PKG_CONFIG_PATH=/usr/openssl-1.0.2l-fpic/lib/pkgconfig ./configure How do I check which version of openssl got compiled in? configure script does not show version. There seem to be no way to check it in compiled binary (?) My dovecot is still seen vulnerable by tls testing tools so I'm guessing wrong version of openssl got compiled it but there seem to be no way to check it.
Aki Tuomi
2017-Oct-27 06:33 UTC
How to check which version of openssl is getting compiled in into dovecot?
On 27.10.2017 00:53, krzf83 at gmail.com wrote:> I got multiple versions of openssl in my system. I compile dovecot with > PKG_CONFIG_PATH=/usr/openssl-1.0.2l-fpic/lib/pkgconfig ./configure > > How do I check which version of openssl got compiled in? configure > script does not show version. There seem to be no way to check it in > compiled binary (?) > > My dovecot is still seen vulnerable by tls testing tools so I'm > guessing wrong version of openssl got compiled it but there seem to be > no way to check it.You can check with ldd /usr/lib/dovecot/imap-login (or libexec) Just check which SSL library has been linked to it. Aki
@lbutlr
2017-Oct-27 07:07 UTC
How to check which version of openssl is getting compiled in into dovecot?
> On Oct 27, 2017, at 12:33 AM, Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > > > > On 27.10.2017 00:53, krzf83 at gmail.com wrote: >> I got multiple versions of openssl in my system. I compile dovecot with >> PKG_CONFIG_PATH=/usr/openssl-1.0.2l-fpic/lib/pkgconfig ./configure >> >> How do I check which version of openssl got compiled in? configure >> script does not show version. There seem to be no way to check it in >> compiled binary (?) >> >> My dovecot is still seen vulnerable by tls testing tools so I'm >> guessing wrong version of openssl got compiled it but there seem to be >> no way to check it. > You can check with ldd /usr/lib/dovecot/imap-login (or libexec) > > Just check which SSL library has been linked to it.That is not immediately helpful, though. libssl.so.9 => /usr/local/lib/libssl.so.9 (0x28313000 No version info there? -- Apple broke AppleScripting signatures in Mail.app, so no random signatures.
krzf83@gmail.com
2017-Oct-27 12:35 UTC
How to check which version of openssl is getting compiled in into dovecot?
>> You can check with ldd /usr/lib/dovecot/imap-login (or libexec)No, I cant because I'm compiling dovecot with openssl compiled as FPIC which means that its not getting dynamicly linked. When I try to compile against non-fpic openssl I just got /usr/openssl-1.0.2l/lib/libssl.a(s23_srvr.o): relocation R_X86_64_32 against `.rodata' can not be used when making a shared object; recompile with -fPIC 2017-10-27 8:33 GMT+02:00 Aki Tuomi <aki.tuomi at dovecot.fi>:> > > On 27.10.2017 00:53, krzf83 at gmail.com wrote: >> I got multiple versions of openssl in my system. I compile dovecot with >> PKG_CONFIG_PATH=/usr/openssl-1.0.2l-fpic/lib/pkgconfig ./configure >> >> How do I check which version of openssl got compiled in? configure >> script does not show version. There seem to be no way to check it in >> compiled binary (?) >> >> My dovecot is still seen vulnerable by tls testing tools so I'm >> guessing wrong version of openssl got compiled it but there seem to be >> no way to check it. > You can check with ldd /usr/lib/dovecot/imap-login (or libexec) > > Just check which SSL library has been linked to it. > > Aki
Possibly Parallel Threads
- How to check which version of openssl is getting compiled in into dovecot?
- How to check which version of openssl is getting compiled in into dovecot?
- How to check which version of openssl is getting compiled in into dovecot?
- How to check which version of openssl is getting compiled in into dovecot?
- How to check which version of openssl is getting compiled in into dovecot?