OpenSSL所有版本的变化,从1.1开始架构有所变化,生成的lib名称也有所不同了,以及对Qt的影响

Posted 朝闻道

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了OpenSSL所有版本的变化,从1.1开始架构有所变化,生成的lib名称也有所不同了,以及对Qt的影响相关的知识,希望对你有一定的参考价值。

The complete explanation is that 1.0.x and 1.1.x do not have the same naming conventions for the generated libraries. OpenSSL 1.1.x has moved into what they call the “unified build system” and changed themselves the names of the libraries. This was done on purpose, mainly because these libraries are not binary compatible and should not be intermixed into projects or dlls deployed to replace 1.0.x with 1.1.x, and vice versa. So while previously in 1.0.x there were libeay32 and ssleay32, they are in 1.1.x named libssl and libcrypto. That’s what happened upstream in OpenSSL. Read here also: https://marc.info/?l=openssl-dev&m=147223063610803&w=2 and there are tons of other discussions online you can tap to.

Beyond that, I also manipulate the suffixes in my builds. Namely, I append the MD[d] and MT[d] suffixes, so that it can be clearer when someone uses a library. This may not be very important when using DLLs, but with static builds chaos ensues if you mix them. So I made my own patches to produce these suffixes to the libraries.

I think that’s a complete answer now. I have also a suggestion for you:

You can download my build scripts if you still like to change the names of the library files in a different way and look at the patch, and modify it accordingly.
You can also skip the application of the patch and then you will get exactly the filenaming conventions of OpenSSL upstream in different builds.

I hope this helps.

 

http://www.npcglib.org/~stathis/blog/precompiled-openssl/

其实从1.0.2k就已经开始了

http://www.linuxfromscratch.org/blfs/view/svn/postlfs/openssl.html

对QT的影响:

Things that Broke in Qt

Here‘s what‘s broken in the dev branch of Qt when building openssl master as of 6 Feb 2015.

  • DH - we were directly accessing p and q to set the DH params to primes embedded in Qt. We can probably replace this with SSL_CTX_set_dh_auto(ctx, 1). Another option suggested by Steve Henson is to save the DHparams we‘re using at the moment then use d2i_DHparams to load them in. This is compatible with openssl versions that don‘t have the dh_auto option.
  • ctx->cert_store - we were directly accessing the cert_store field of SSL_CTX. We can probably replace this with X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx) [Fixed in dev]
  • session->tlsext_tick_lifetime_hint - we were directly accessing the lifetime hint of the session. [A new API to access this field has been added]
  • cipher->valid - we were directly accessing the valid field of SSL_CIPHER. No replacement found. [This turned out not to be needed and so will be removed].

https://wiki.openssl.org/index.php/1.1_API_Changes

 

所有openssl版本的变化列表:

https://abi-laboratory.pro/tracker/changelog/openssl/1.0.2j/log.html

https://abi-laboratory.pro/tracker/timeline/openssl/

https://www.openssl.org/news/openssl-1.0.2-notes.html
https://www.openssl.org/news/changelog.html

以上是关于OpenSSL所有版本的变化,从1.1开始架构有所变化,生成的lib名称也有所不同了,以及对Qt的影响的主要内容,如果未能解决你的问题,请参考以下文章

openssl version 查看openssl 版本出现openssl: error while loading shared libraries: libssl.so.1.1: cannot o

无法使用 OpenSSL 1.1.1 构建 activemq CMS 3.9.5

windows从源码编译openssl1.1.1(vs2019vs2017)

OpenSSL 编译版本与安装版本不匹配?

OpenSSL 验证:不同 OpenSSL 版本之间的“0 深度查找时的错误 20:无法获取本地颁发者证书”

Windows下 OpenSSL的安装与简单使用