curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Regarding curl library usage with ssl support

From: alankar bajpai via curl-library <curl-library_at_cool.haxx.se>
Date: Wed, 8 Jul 2020 17:34:25 +0530

Hi,

I'm facing one issue in curl library usage in my project.

Below are the details:
*Description:*
I have a project which uses ssl & crypto dynamic libs for openssl. I can't
make any changes to this existing project.

Now in the same project I want to introduce a new .so
("libcommunication.so" dynamic library). This dynamic lib makes use of
libcurl library ("static linking" built from source) and libcurl library
has been built with-ssl support by providing a path to the openssl libs
(built from source).

Now whenever I'm running my application on an OS where the installed
openssl version is different then what I've used in my dynamic lib my
program is crashing.

*Below are the build & tool version details:*

My Dynamic library "libcommunication.so" details:

*Openssl version: 1.0.2kopenssl build details: [Took openssl source version
1.0.2k]*
# ./config -shared --prefix=${OUTPUT}/${OPENSSL_DIR} zlib
-I${INCLUDE_ZLIB_DIR} -L${LIB_ZLIB_DIR} -fPIC
# make
# make install

*It produces below output:*
[root_at_localhost openssl/lib]# ls -lrt
total 8280
drwxr-xr-x. 2 root root 236 Jul 8 11:26 engines
-rw-r--r--. 1 root root 4498384 Jul 8 11:26 libcrypto.a
-rw-r--r--. 1 root root 766664 Jul 8 11:26 libssl.a
-r-xr-xr-x. 1 root root 2684856 Jul 8 11:26 libcrypto.so.1.0.0
-r-xr-xr-x. 1 root root 517160 Jul 8 11:26 libssl.so.1.0.0
lrwxrwxrwx. 1 root root 18 Jul 8 11:26 libcrypto.so ->
libcrypto.so.1.0.0
lrwxrwxrwx. 1 root root 15 Jul 8 11:26 libssl.so -> libssl.so.1.0.0
drwxr-xr-x. 2 root root 61 Jul 8 13:43 pkgconfig

*Curl version: 7.52.1Curl build detail: [Took curl source version
7.52.1]using below shell script to build curl:*
build_curl()
{
pushd ${ROOT}/${CURL_DIR}

export CFLAGS=-fPIC
export
PKG_CONFIG_LIBDIR=${OUTPUT}/${ZLIB_DIR}:${OUTPUT}/${OPENSSL_DIR}:${OUTPUT}/${CARES_DIR}
export PKG_CONFIG_TOP_BUILD_DIR=${ROOT}

./configure --prefix=${OUTPUT}/${CURL_DIR}
--with-zlib=${OUTPUT}/${ZLIB_DIR} --with-ssl=${OUTPUT}/${OPENSSL_DIR}
--enable-ares=${OUTPUT}/${CARES_DIR} --disable-shared --disable-debug
--disable-dict --disable-file --disable-ftp --disable-gopher --disable-imap
--disable-pop3 --disable-rtsp --disable-smtp --disable-telnet --disable-tftp

unset CFLAGS
unset PKG_CONFIG_LIBDIR
unset PKG_CONFIG_TOP_BUILD_DIR

make
makeinstall

popd
}

*It produces below output:*[root_at_localhost curl]# ls -lrt lib/
total 684
-rwxr-xr-x. 1 root root 1386 Jul 8 11:27 libcurl.la
-rw-r--r--. 1 root root 692686 Jul 8 11:27 libcurl.a
drwxr-xr-x. 2 root root 24 Jul 8 11:27 pkgconfig

In my libcommunication.so makefile, I'm statically linking to libcurl and
other libs using "-ssl -crypto -lcurl" and creating dynamic library

and finally this dynamic library libcommunication.so is linked in main
binary makefile as below:
LD_LIBS = -lstdc++ -lssl -lcrypto -lpthread *-lcommunication*
PROG = mainbinary

(*bold *is the new change I'm introducing in existing project's makefile)

Now whenever I try to run this binary on a platform where installed openssl
version (OpenSSL 1.0.1e-fips 11 Feb 2013) is different from what we have
linked against in libcurl (openssl 1.0.2k), it crashes and creates a core
dump, however when both these versions (system's installed and libcurl's
openssl linked versions) are same then the program runs perfectly.

Please find below the stack trace: core dump: (release binary)
#4 0x00007fdf9103d057 in CRYPTO_add_lock () from /lib64/libcrypto.so.10
No symbol table info available.
#5 0x00007fdf91404df8 in ssl_cert_dup () from /lib64/libssl.so.10
No symbol table info available.
#6 0x00007fdf91403e10 in SSL_new () from /lib64/libssl.so.10
No symbol table info available.
#7 0x00007fdf8ff13c9d in ?? () from /opt/lib/libcommunication.so.1
No symbol table info available.

This call stack is generated from the source where I'am using libcurl APIs
to perform send/receive with the Server.

I don't know why this dynamic lib is loading system's installed openssl
rather than what I've linked during building the libcurl. here my
assumption is that openssl is linked with libcurl statically that is why
I've not copied the openssl .so files on my lib folder for which
LD_LIBRARY_PATH is set.

Also when I modify the main makefile and change the order of linking of my
communication (shared) library like below, I don't observe any crash,
everything works perfectly:
  LD_LIBS = -lstdc++ *-lcommunication *-lssl -lcrypto -lpthread

I don't know what is happening over here.

Can we force libcurl to use the static openssl libs that we have during
compile time rather than going for whatever is there on the system at
runtime? Will it solve the problem?

Please share if anything is wrong in the overall library usage.

Thanks & Regards,
Alankar

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-07-08