Date: Fri, 14 Mar 2003 12:12:35 -0600 From: D J Hawkey Jr <hawkeyd@visi.com> To: security at FreeBSD <freebsd-security@freebsd.org> Subject: Re: SA-03:02.openssl for RELENG_4_6_2 vs. RELENG_4_5 Message-ID: <20030314121235.A8200@sheol.localdomain> In-Reply-To: <20030313115400.A25510@sheol.localdomain>; from hawkeyd@visi.com on Thu, Mar 13, 2003 at 11:54:00AM -0600 References: <20030313080852.A30434@sheol.localdomain> <20030313171647.GA19381@intruder.bmah.org> <20030313115400.A25510@sheol.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mar 13, at 11:54 AM, D J Hawkey Jr wrote: > > Oh! I also need to know how one ascertains what binaries are statically > linked to libcrypto and/or libssl? Got it. Try this: find $DIR -type f \ |xargs readelf -a 2>/dev/null \ |awk '/^File:/ { name = $2; printed = 0; } \ /SSL|TLS/ { if (!printed) { print name; printed = 1; } }' \ |xargs ldd 2>/dev/null This might be too liberal, but better safe than sorry. If it returns just filenames, they're statically-linked. On my workstation, only Mozilla has components (12 libraries) that are statically-linked to SSL/TLS code, but I don't know if they use the system SSL/TLS libraries, or if they're completely self-contained. > Anyone know how to run the tests in /usr/src/crypto/openssl/apps and/or > /usr/src/crypto/openssl/test, and what to look for? :-) This I still need help with. Thanks, Dave -- ______________________ ______________________ \__________________ \ D. J. HAWKEY JR. / __________________/ \________________/\ hawkeyd@visi.com /\________________/ http://www.visi.com/~hawkeyd/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030314121235.A8200>