How to determine version of openssl library?

StackOverflow https://stackoverflow.com/questions/23320480

  •  10-07-2023
  •  | 
  •  

سؤال

I have a pre-built OpenSSL library (libssl.a and libcrypto.a) which are being used for my C++ application. I don't know the version of the OpenSSL library.

Is there any way to get the version number from these pre-built libraries?

هل كانت مفيدة؟

المحلول 2

You can do this programatically by reading the following:

and

Basically, you will need to use the following functions:

  • SSLeay()
  • SSLeay_version()

نصائح أخرى

There is a string inside the library containing the version details called SSLEAY_VERSION - it looks like:

  • OpenSSL 0.9.5a 1 Apr 2000
  • OpenSSL 1.0.1e-fips 11 Feb 2013

You can find this from the binary library using strings and grep:

strings libcrypto.so | grep "^OpenSSL \S\+ [0-9]\+ \S\+ [0-9]\+"

Well the filtering may may not always work. You could do 

strings libssl.so | grep "^OpenSSL"
OpenSSLDie
OpenSSL 1.0.2n  7 Dec 2017

strings libcrypto.so | grep "^OpenSSL"
OpenSSLDie
OpenSSL_add_all_ciphers
OpenSSL_add_all_digests
OpenSSL 1.0.2n  7 Dec 2017
OpenSSL HMAC method
OpenSSL EC algorithm
OpenSSL RSA method
OpenSSL DSA method
OpenSSL ECDSA method
OpenSSL DH Method
OpenSSL X9.42 DH method
OpenSSL PKCS#3 DH method
OpenSSL ECDH method
OpenSSL 'dlfcn' shared library method
OpenSSL default
OpenSSL default user interface
OpenSSL CMAC method

You could also use :

openssl version -a

See reference at : https://linux.die.net/man/1/version

I needed a variant of https://stackoverflow.com/a/26635393/597742 that would work on systems without strings installed. It's sufficiently different that it seemed worthwhile to post as its own answer:

grep --text -o 'OpenSSL [[:digit:]][^ ]*' /file/to/check

--text allows the binary to be checked directly, -o accounts for the lack of line separators by only printing the matching text.

A point worth noting for both this answer and the strings based answer: in addition to being useful to check the OpenSSL version of libssl or libcrypto, they also work to check OpenSSL versions in statically linked binaries.

On a Debian you might ask the package manager:

# apt list -a openssl 
Listing... Done
openssl/stable-security,now 1.1.1n-0+deb11u4 amd64 [installed,automatic]
openssl/stable 1.1.1n-0+deb11u3 amd64

On a RedHat linux ask its package manager:

$ dnf list --all openssl
Last metadata expiration check: 0:01:53 ago on Mon 13 Mar 2023 01:14:50 PM UTC.
Installed Packages
openssl.x86_64                                       1:1.1.1k-6.el8_5                                        @Common
مرخصة بموجب: CC-BY-SA مع الإسناد
لا تنتمي إلى StackOverflow
scroll top