Date: Fri, 14 Mar 2003 12:12:35 -0600 From: D J Hawkey Jr <hawkeyd@visi.com> To: security at FreeBSD <freebsd-security@freebsd.org> Subject: Re: SA-03:02.openssl for RELENG_4_6_2 vs. RELENG_4_5 Message-ID: <20030314121235.A8200@sheol.localdomain> In-Reply-To: <20030313115400.A25510@sheol.localdomain>; from hawkeyd@visi.com on Thu, Mar 13, 2003 at 11:54:00AM -0600 References: <20030313080852.A30434@sheol.localdomain> <20030313171647.GA19381@intruder.bmah.org> <20030313115400.A25510@sheol.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mar 13, at 11:54 AM, D J Hawkey Jr wrote:
>
> Oh! I also need to know how one ascertains what binaries are statically
> linked to libcrypto and/or libssl?
Got it. Try this:
find $DIR -type f \
|xargs readelf -a 2>/dev/null \
|awk '/^File:/ { name = $2; printed = 0; } \
/SSL|TLS/ { if (!printed) { print name; printed = 1; } }' \
|xargs ldd 2>/dev/null
This might be too liberal, but better safe than sorry. If it returns
just filenames, they're statically-linked.
On my workstation, only Mozilla has components (12 libraries) that
are statically-linked to SSL/TLS code, but I don't know if they use
the system SSL/TLS libraries, or if they're completely self-contained.
> Anyone know how to run the tests in /usr/src/crypto/openssl/apps and/or
> /usr/src/crypto/openssl/test, and what to look for? :-)
This I still need help with.
Thanks,
Dave
--
______________________ ______________________
\__________________ \ D. J. HAWKEY JR. / __________________/
\________________/\ hawkeyd@visi.com /\________________/
http://www.visi.com/~hawkeyd/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030314121235.A8200>