iEFdev

Code, Computers & Random Junk

New Version of OpenSSL: 1.0.2

There’s a new version of OpenSSL out. 1.0.2 (Jan 22, 2015). Here are some installation notes, and a workaround for makedepend in OS X.

Install

Download (and verify) the source(s) at openssl.org

update: 1.0.2a is the latest version (March 2015). One could also use: openssl-1.0.2-latest.tar.gz

Configure

Look at the install page to find out what options you want/need and then configure.

Example:

./config shared no-ssl2 no-ssl3 --prefix=/usr/local --openssldir=/usr/local/openssl

On OS X you might use something like:

export KERNEL_BITS=64
./Configure darwin64-x86_64-cc shared no-ssl2 no-ssl3 --prefix=/usr/local --openssldir=/usr/local/openssl

If you added any options you need to run maked epend, and then install as normal.

maked epend

make -j5
sudo make install

OS X and “makedepend”

There is no makedepend in OS X, so a workaround for that - I found a solution here.

Configure as normal and then before running makedepend, open the file: Makefile and scroll down to ≈ line 75 and use $(CC) -M instead.

#MAKEDEPPROG=makedepend
MAKEDEPPROG=$(CC) -M

Test for no-ssl*

As the example at the install page, one could make a test… Here’s a small script doing that.

test_sslv23.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
//
// File: test_sslv23.c
//
// Desrciption: To see if openssl is configured with "no-ssl2" &/or "no-ssl3"
//

#include <iostream>
#include <openssl/opensslconf.h>
#include <openssl/opensslv.h>

using namespace std;

int main() {

std::cout << OPENSSL_VERSION_TEXT << std::endl;

#if defined(OPENSSL_NO_SSL2)
    std::cout << "SSLv2 is disabled" << std::endl;
#else
    std::cout << "SSLv2 is available" << std::endl;
#endif

#if defined(OPENSSL_NO_SSL3)
    std::cout << "SSLv3 is disabled" << std::endl;
#else
    std::cout << "SSLv3 is available" << std::endl;
#endif

    return 0;

}

/*

# Compile
$ g++ test_sslv23.c -o testSSLv23

# Run
$ ./testSSLv23

*/

To compile and run:

# Compile
g++ test_sslv23.c -o testSSLv23

# Run
./testSSLv23

# Example output:
$ ./testSSLv23 
OpenSSL <version> <date>
SSLv2 is disabled
SSLv3 is disabled

Links about SSLv2/3

Comments