Watch, Follow, &
Connect with Us

For forums, blogs and more please visit our
Developer Tools Community.


Welcome, Guest
Guest Settings
Help

Thread: OpenSSL versions... Which one to use?


This question is not answered. Helpful answers available: 2. Correct answers available: 1.


Permlink Replies: 4 - Last Post: Apr 14, 2016 11:15 AM Last Post By: Remy Lebeau (Te...
Frank Staal

Posts: 115
Registered: 12/9/99
OpenSSL versions... Which one to use?  
Click to report abuse...   Click to reply to this thread Reply
  Posted: Apr 13, 2016 6:27 AM
Several parts of DataSnap use OpenSSL libraries to communicate to it's obvious you deploy them. On their website I read that the versions 1.0.0 to 1.0.2 are binary compatible so I should be able to simply replace the set of dlls with the latest greatest download from Fulgan's site.

Yesterday we replaced one of our applications and all of a sudden libeay32 complains about not being able to find a function in it. So I download the latest version 1.0.2.g and put the files in place, restart the program and everything seems okay. Few hours later I get confronted with "Ordinal xxxx not found in libeay32.dll". Googling that simply tells me to update to the latest version... Eh?.... I just did that?

Basically my question boils down to which version is Delphi linking to, what do I have to pay attention to when updating these dlls? Apparently the OpenSSL explanation is not completely right... Or I have ghosts in my machine!
Matthew Jones

Posts: 337
Registered: 1/25/98
Re: OpenSSL versions... Which one to use?  
Click to report abuse...   Click to reply to this thread Reply
  Posted: Apr 13, 2016 7:40 AM   in response to: Frank Staal in response to: Frank Staal
Frank Staal wrote:

Yesterday we replaced one of our applications and all of a sudden
libeay32 complains about not being able to find a function in it.

I asked this in the public.delphi.internet.winsock newsgroup recently
(title "1.0.2g not compatible?"). Basically, they took out some
insecure functions. There are DLL versions with these, or you can
comment out their use in Indy, or you can update Indy.
Remy Lebeau (Te...


Posts: 9,447
Registered: 12/23/01
Re: OpenSSL versions... Which one to use?  
Click to report abuse...   Click to reply to this thread Reply
  Posted: Apr 13, 2016 11:02 AM   in response to: Frank Staal in response to: Frank Staal
Frank wrote:

Several parts of DataSnap use OpenSSL libraries to communicate to
it's obvious you deploy them. On their website I read that the versions
1.0.0 to 1.0.2 are binary compatible so I should be able to simply
replace the set of dlls with the latest greatest download from
Fulgan's site.

That is true up to 1.0.2h. 1.0.2g is not binary compatible anymore, it made
API changes that cause breakage in older versions of Indy (which DataSnap
uses internally). This has already been addressed in Indy, but I don't know
if DataSnap has been updated. I think in the latest Delphi version Embarcadero
is starting to move away from Indy in favor of their own in-house technologies.

Yesterday we replaced one of our applications and all of a sudden
libeay32 complains about not being able to find a function in it.

Probably the SSLv2 functions, which have been removed from OpenSSL (well,
more accurately, have been disabled by default, and can be re-enabled by
recompiling OpenSSL with special flags defined).

So I download the latest version 1.0.2.g and put the files in place,
restart the program and everything seems okay.

I would have expected that to fail, actually.

Few hours later I get confronted with "Ordinal xxxx not found in libeay32.dll".

Indy does not import DLL functions by ordinal. Maybe ssleay32.dll links
to libeay32.dll by ordinal, I don't know. May sure you are not mixing different
versions of ssleay32.dll and libeay32.dll together.

--
Remy Lebeau (TeamB)
Frank Staal

Posts: 115
Registered: 12/9/99
Re: OpenSSL versions... Which one to use?  
Click to report abuse...   Click to reply to this thread Reply
  Posted: Apr 14, 2016 1:17 AM   in response to: Remy Lebeau (Te... in response to: Remy Lebeau (Te...
Remy Lebeau (TeamB) wrote:

That is true up to 1.0.2h. 1.0.2g is not binary compatible anymore, it made
API changes that cause breakage in older versions of Indy (which DataSnap
uses internally). This has already been addressed in Indy, but I don't know
if DataSnap has been updated. I think in the latest Delphi version Embarcadero
is starting to move away from Indy in favor of their own in-house technologies.

So... 1.0.2f should be compatible.

Probably the SSLv2 functions, which have been removed from OpenSSL (well,
more accurately, have been disabled by default, and can be re-enabled by
recompiling OpenSSL with special flags defined).

ASN1_const_infinite_check_end was the one the dialog said.

I would have expected that to fail, actually.

Probably the calls to OpenSSL weren't in the startuproutine.

Indy does not import DLL functions by ordinal. Maybe ssleay32.dll links
to libeay32.dll by ordinal, I don't know. May sure you are not mixing different
versions of ssleay32.dll and libeay32.dll together.

I put both of them in the application binary directory. As far as I know that means the OpenSLL libs loaded will be these. So ssleay32 will talk to libeay32 in the same directory.

Well, I'm off to debug to see which routine is the one throwing the monkeywrench.
Remy Lebeau (Te...


Posts: 9,447
Registered: 12/23/01
Re: OpenSSL versions... Which one to use?  
Click to report abuse...   Click to reply to this thread Reply
  Posted: Apr 14, 2016 11:15 AM   in response to: Frank Staal in response to: Frank Staal
Frank wrote:

So... 1.0.2f should be compatible.

Yes, I meant 'f', 'h' was a typo.

ASN1_const_infinite_check_end was the one the dialog said.

Indy does not use that function. Maybe DataSnap does, who knows.

--
Remy Lebeau (TeamB)
Legend
Helpful Answer (5 pts)
Correct Answer (10 pts)

Server Response from: ETNAJIVE02