Build OpenVPN with custom openssl binaries (no sources)

Question

I've seen posts on compiling OpenVPN with custom OpenSSL version. I tried them and they perfectly worked with the latest version of OpenVPN-2.3.11 and OpenSSL 1.0.2h. However in all those cases the source code of the OpenSSL was available.

My question is what if I don't have any sources of OpenSSL and only precompiled binaries of some customized OpenSSL. How can I compile OpenVPN with such binaries. Sorry if this question has been answered many times - I just couldn't find any answers to my question.

score 1 · Accepted Answer · answered Aug 19 '16 at 03:10

My question is what if I don't have any sources of OpenSSL and only precompiled binaries of some customized OpenSSL. How can I compile OpenVPN with such binaries.

You can't build OpenVPN against the [private] OpenSSL because you need the OpenSSL header files.

You may be able to determine the version of the [private] OpenSSL library using strings, and then fetch the headers from an OpenSSL package on the OpenSSL download page (be sure to visit /source/old, if needed). Below is an example from OpenSSL 1.0.2 built from sources and installed locally.

If you attmpt to duplicate the missing header files, then be sure to run ./config to generate openssl/opensslconf.h and openssl/bn.h.

Trying to duplicate the missing headers is kind of a risky, and you really want the openssl/opensslconf.h and openssl/bn.h from the [private] OpenSSL library.

$ strings /usr/local/ssl/lib/libcrypto.so | grep OpenSSL
OpenSSLDie
ECDSA_OpenSSL
ECDH_OpenSSL
OpenSSL_add_all_ciphers
OpenSSL_add_all_digests
UI_OpenSSL
%s(%d): OpenSSL internal error, assertion failed: %s
OpenSSL 1.0.2h  3 May 2016
MD4 part of OpenSSL 1.0.2h  3 May 2016
MD5 part of OpenSSL 1.0.2h  3 May 2016
SHA part of OpenSSL 1.0.2h  3 May 2016
SHA1 part of OpenSSL 1.0.2h  3 May 2016
SHA-256 part of OpenSSL 1.0.2h  3 May 2016
SHA-512 part of OpenSSL 1.0.2h  3 May 2016
OpenSSL HMAC method
RIPE-MD160 part of OpenSSL 1.0.2h  3 May 2016
DES part of OpenSSL 1.0.2h  3 May 2016
libdes part of OpenSSL 1.0.2h  3 May 2016
AES part of OpenSSL 1.0.2h  3 May 2016
RC2 part of OpenSSL 1.0.2h  3 May 2016
IDEA part of OpenSSL 1.0.2h  3 May 2016
Blowfish part of OpenSSL 1.0.2h  3 May 2016
CAST part of OpenSSL 1.0.2h  3 May 2016
CAMELLIA part of OpenSSL 1.0.2h  3 May 2016
Big Number part of OpenSSL 1.0.2h  3 May 2016
EC part of OpenSSL 1.0.2h  3 May 2016
OpenSSL EC algorithm
RSA part of OpenSSL 1.0.2h  3 May 2016
OpenSSL RSA method
DSA part of OpenSSL 1.0.2h  3 May 2016
OpenSSL DSA method
ECDSA part of OpenSSL 1.0.2h  3 May 2016
OpenSSL ECDSA method
OpenSSL DH Method
Diffie-Hellman part of OpenSSL 1.0.2h  3 May 2016
OpenSSL X9.42 DH method
OpenSSL PKCS#3 DH method
ECDH part of OpenSSL 1.0.2h  3 May 2016
OpenSSL ECDH method
OpenSSL 'dlfcn' shared library method
Stack part of OpenSSL 1.0.2h  3 May 2016
lhash part of OpenSSL 1.0.2h  3 May 2016
You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html
RAND part of OpenSSL 1.0.2h  3 May 2016
EVP part of OpenSSL 1.0.2h  3 May 2016
ASN.1 part of OpenSSL 1.0.2h  3 May 2016
PEM part of OpenSSL 1.0.2h  3 May 2016
X.509 part of OpenSSL 1.0.2h  3 May 2016
CONF part of OpenSSL 1.0.2h  3 May 2016
OpenSSL default
CONF_def part of OpenSSL 1.0.2h  3 May 2016
TXT_DB part of OpenSSL 1.0.2h  3 May 2016
OpenSSL default user interface
OpenSSL CMAC method
ECDH_OpenSSL
ECDSA_OpenSSL
DSA_OpenSSL
OpenSSLDie
DH_OpenSSL
OpenSSL_add_all_digests
UI_OpenSSL
OpenSSL_add_all_ciphers

Build OpenVPN with custom openssl binaries (no sources)

1 Answers1