Building OpenSSL with Symbol Versioning

March 14, 2010 • Tagged: linux

Update: This article is likely outdated and remains online for historical reference only.

I compiled OpenSSL on my Dreamhost account to support my local installation of Git, PHP, Rails, and Redmine, among other things.

However, whenever I ran git (or a few other programs which depended on OpenSSL), I got several messages like the following:

git: /home/chris/local/lib/libcrypto.so.0.9.8: no version information available (required by git)
git: /home/chris/local/lib/libssl.so.0.9.8: no version information available (required by git)

The software worked properly, but the these messages were quite annoying, and it was clear that something wasn’t quite right. I won’t go into the details of symbol versioning here.

Some research revealed that some people have had similar issues, but many solutions simply involved copying “working” versions of these libraries over the nonworking ones, which isn’t possible in this situation (and is a hackish solution at best). The closest to a solution I found was this December 2006 post on the Debian mailing list in which one of Debian’s OpenSSL maintainers mentions that you should add a line to Configure and that you need the file openssl.ld.

I’ve now figured out how to build OpenSSL 0.9.8l on Debian (specifically, in my home directory at Dreamhost) with symbol versioning.

The patch file mentioned below is very simple and changes a few lines in the Makefile and the Configure script; click here to download the file and look at it yourself to see exactly what changes. This patch file is not specific to Dreamhost’s environment; it should work wherever you want to build OpenSSL.

This procedure will install OpenSSL in your ~/local/lib. You should create the directory tree ~/local/src if it doesn’t exist already.

cd ~/local/src
wget http://www.openssl.org/source/openssl-0.9.8l.tar.gz
tar xzvf openssl-0.9.81.tar.gz
wget https://dist.cdzombak.net/files/openssl/openssl-0.9.8l-symbolVersioning.diff
patch -p0 < openssl-0.9.8l-symbolVersioning.diff
cd openssl-0.9.81
./config shared zlib --prefix=$HOME/local
make
make test
make install

This solution seems to be working for me, and I’ve documented it here in the hopes that it’ll save someone the time it took me to figure it out. The patch file should be pretty easily adapted to future versions of OpenSSL as well.

Additional Links

OpenSSL bug #1222 (adding versioned symbols)
Debian OpenSSL package (Looking at the patch from here is how I eventually got this working.)