文章目錄
- openssl3.2 - 編譯 - 編譯時的動態庫zlib.dll不要使用絕對路徑
- 概述
- 測試zlib特性在安裝好的目錄中是否正常
- 筆記
- 70-test_tls13certcomp.t
- 80-test_cms.t
- 對測試環境的猜測
- 從頭再編譯測試安裝一次
- 測試一下隨便改變位置的openssl用到zlib時是否好使
- 測試一下隨便改變位置的openssl未找到zlib.dll時是否報錯
- 總結
- END
openssl3.2 - 編譯 - 編譯時的動態庫zlib.dll不要使用絕對路徑
概述
前面編譯了openssl3.2(openssl3.2 - 編譯), 編譯命令行中使用加ZLIB特性時, 使用了絕對路徑, 如下:
打開vs2019x64本地命令行, 選擇管理員身份運行
set path=c:\nasm;%path%
cd /d D:\3rd_prj\crypt\openssl-3.2.0
perl Configure VC-WIN64A --debug zlib-dynamic --with-zlib-include=c:\zlib_1d3 --with-zlib-lib=c:\zlib_1d3\my_zlib_1d3.dll --prefix=c:\openssl_3d2 --openssldir=c:\openssl_3d2\common
nmake
nmake test
nmake install如果在本機做實驗沒問題.
前幾天, 為了歸檔方便, 將openssl安裝好的路徑移動到歸檔目錄中.
再運行openssl和zlib相關的功能, 就有報錯提示, 說找不到 c:\zlib_1d3\my_zlib_1d3.dll
這樣就沒法在其他計算機上用啊.
嘗試將在openssl編譯時用的zlib.dll指定為相對路徑 e.g. .\my_zlib_1d3.dll
將my_zlib_1d3.dll拷貝到openssl源碼目錄.\下
再編譯(config , nmake), 然后在nmake test時, 報錯如下:
07-test_bio_comp.t (Wstat: 256 Tests: 1 Failed: 1)Failed test: 1Non-zero exit status: 1
70-test_tls13certcomp.t (Wstat: 5632 Tests: 1 Failed: 0)Non-zero exit status: 22Parse errors: Bad plan. You planned 8 tests but ran 1.
75-test_quicapi.t (Wstat: 256 Tests: 1 Failed: 1)Failed test: 1Non-zero exit status: 1
80-test_cms.t (Wstat: 256 Tests: 22 Failed: 1)Failed test: 5Non-zero exit status: 1
80-test_ssl_new.t (Wstat: 1280 Tests: 31 Failed: 5)Failed tests: 4, 20, 22, 26, 31Non-zero exit status: 5
80-test_ssl_old.t (Wstat: 512 Tests: 7 Failed: 2)Failed tests: 2-3Non-zero exit status: 2
90-test_cert_comp.t (Wstat: 256 Tests: 1 Failed: 1)Failed test: 1Non-zero exit status: 1
90-test_rpk.t (Wstat: 256 Tests: 1 Failed: 1)Failed test: 1Non-zero exit status: 1
90-test_shlibload.t (Wstat: 1024 Tests: 10 Failed: 4)Failed tests: 1-4Non-zero exit status: 4
90-test_sslapi.t (Wstat: 256 Tests: 4 Failed: 1)Failed test: 1Non-zero exit status: 1
Files=294, Tests=3411, 1091 wallclock secs ( 5.14 usr + 1.11 sys = 6.25 CPU)
Result: FAIL
NMAKE : fatal error U1077: “cmd”: 返回代碼“0x1”
Stop.
NMAKE : fatal error U1077: “"C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\bin\HostX64\x64\nmake.exe"”: 返回代碼“0x2”
Stop.
看了bio_comp_test.c, 有和zlib相關的函數調用.
再將my_zlib_1d3.dll拷貝到bio_comp_test.exe所在的.\test目錄下, 再運行nmake test, 還是有報錯, 如下:
70-test_tls13certcomp.t (Wstat: 5632 Tests: 1 Failed: 0)Non-zero exit status: 22Parse errors: Bad plan. You planned 8 tests but ran 1.
80-test_cms.t (Wstat: 256 Tests: 22 Failed: 1)Failed test: 5Non-zero exit status: 1
Files=294, Tests=3411, 1069 wallclock secs ( 5.56 usr + 1.08 sys = 6.64 CPU)
Result: FAIL
NMAKE : fatal error U1077: “cmd”: 返回代碼“0x1”
Stop.
NMAKE : fatal error U1077: “"C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\bin\HostX64\x64\nmake.exe"”: 返回代碼“0x2”
Stop.
這2個.t看不太懂. 估計也是和zlib庫位置相關.
準備安裝后(nmake install)后, 再手工測試一下, zlib特性是否正常.
安裝后的目錄c:\openssl_3d2拷貝到 D:\my_dev\lib\openssl_3d2, 看到.bin目錄中沒有my_zlib_1d3.dll, 自己補了一個.
怪不得網上資料, 大部分openssl編譯都是用的zlib靜態庫, 原來openssl用動態庫這么麻煩.
測試zlib特性在安裝好的目錄中是否正常
在安裝后, 拷貝的目錄(D:\my_dev\lib\openssl_3d2)中來測試.
先在源碼編譯目錄(D:\3rd_prj\crypt\openssl-3.2.0)記錄一下測試的日志
nmake test > my_log_nmake_test.txt 2>&1
然后根據日志, 在安裝拷貝完的目錄(D:\my_dev\lib\openssl_3d2)中模擬報錯的測試日志做測試.
筆記
只能在openssl源碼目錄中測試.
從日志中看到了測試的命令行, 整理了一個腳本
rem my_nmake_test.bat
cmd /C "set "SRCTOP=." & set "BLDTOP=." & set "PERL=C:\Perl\bin\perl.exe" & set "FIPSKEY=f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813" & "C:\Perl\bin\perl.exe" ".\test\run_tests.pl" "這個腳本依賴環境和配置, 在安裝后的目錄, 測試失敗. 必須在源碼編譯目錄運行.
將test目錄壓縮備份, 然后將test目錄中, 只有70-test_tls13certcomp.t/80-test_cms.t, 來單獨測試
因為安裝前的openssl.exe在 D:\3rd_prj\crypt\openssl-3.2.0\apps
將my_zlib_1d3.dll拷貝到D:\3rd_prj\crypt\openssl-3.2.0\apps
將test目錄壓縮備份.
將 D:\3rd_prj\crypt\openssl-3.2.0\test\recipes 目錄改名為 D:\3rd_prj\crypt\openssl-3.2.0\test\recipes_
然后新建一個目錄 D:\3rd_prj\crypt\openssl-3.2.0\test\recipes作為測試目錄
70-test_tls13certcomp.t
將recipes_中的70-test_tls13certcomp.t拷貝到 D:\3rd_prj\crypt\openssl-3.2.0\test\recipes
現在 D:\3rd_prj\crypt\openssl-3.2.0\test\recipes目錄中只有70-test_tls13certcomp.t
將 my_nmake_test.bat 拷貝到D:\3rd_prj\crypt\openssl-3.2.0, 運行 my_nmake_test.bat
D:\3rd_prj\crypt\openssl-3.2.0>my_nmake_test.batD:\3rd_prj\crypt\openssl-3.2.0>rem my_nmake_test.batD:\3rd_prj\crypt\openssl-3.2.0>cmd /C "set "SRCTOP=." & set "BLDTOP=." & set "PERL=C:\Perl\bin\perl.exe" & set "FIPSKEY=f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813" & "C:\Perl\bin\perl.exe" ".\test\run_tests.pl" "
Files=0, Tests=0, 0 wallclock secs ( 0.00 usr + 0.00 sys = 0.00 CPU)
Result: NOTESTS
70-test_tls13certcomp.t .. ok
All tests successful.
Files=1, Tests=8, 19 wallclock secs ( 0.09 usr + 0.00 sys = 0.09 CPU)
Result: PASSD:\3rd_prj\crypt\openssl-3.2.0>
可以看到, 在安裝完后, 單獨測試70-test_tls13certcomp.t是通過的.
80-test_cms.t
將 D:\3rd_prj\crypt\openssl-3.2.0\test\recipes中的70-test_tls13certcomp.t刪掉.
將備份目錄D:\3rd_prj\crypt\openssl-3.2.0\test\recipes_中關于80-test_cms.t相關的東西拷貝過來, 如下
然后在源碼編譯的根目錄運行 my_nmake_test.bat
D:\3rd_prj\crypt\openssl-3.2.0>my_nmake_test.batD:\3rd_prj\crypt\openssl-3.2.0>rem my_nmake_test.batD:\3rd_prj\crypt\openssl-3.2.0>cmd /C "set "SRCTOP=." & set "BLDTOP=." & set "PERL=C:\Perl\bin\perl.exe" & set "FIPSKEY=f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813" & "C:\Perl\bin\perl.exe" ".\test\run_tests.pl" "
Files=0, Tests=0, 0 wallclock secs ( 0.02 usr + 0.00 sys = 0.02 CPU)
Result: NOTESTS
80-test_cms.t .. ok
All tests successful.
Files=1, Tests=22, 19 wallclock secs ( 0.02 usr + 0.00 sys = 0.02 CPU)
Result: PASSD:\3rd_prj\crypt\openssl-3.2.0>
可以看到, 單獨測試也是成功的.
對測試環境的猜測
單獨測試成功
在編譯環境中nmake test失敗.
比對一下, 可以發現, 區別是我現在手工拷貝了my_zlib_1d3.dll拷貝到D:\3rd_prj\crypt\openssl-3.2.0\apps
因為未安裝前的openssl相關的exe和dll都在my_zlib_1d3.dll拷貝到D:\3rd_prj\crypt\openssl-3.2.0\apps
apps目錄中的openssl相關的exe, dll因為依賴my_zlib_1d3.dll, 所以必須要手工拷貝過去, 才能讓openssl相關接口運行正常.
那現在直接在源碼編譯目錄運行nmake test, 試試, 應該也是能全部測試通過的.
試試
將備份的D:\3rd_prj\crypt\openssl-3.2.0\test\recipes復原, 里面包含原始的所有測試用例.
D:\3rd_prj\crypt\openssl-3.2.0>nmake test
// ...
99-test_fuzz_server.t ................... ok
99-test_fuzz_smime.t .................... ok
99-test_fuzz_v3name.t ................... ok
99-test_fuzz_x509.t ..................... ok
All tests successful.
Files=294, Tests=3418, 1009 wallclock secs ( 5.88 usr + 1.17 sys = 7.05 CPU)
Result: PASSD:\3rd_prj\crypt\openssl-3.2.0>
全部測試通過.
果真和自己想的一樣, 就是\app目錄中, 沒有my_zlib_1d3.dll引起的測試失敗.
從頭再編譯測試安裝一次
解開官方源碼包打開vs2019x64本地命令行, 選擇管理員身份運行cd /d D:\3rd_prj\crypt\openssl-3.2.0set path=c:\nasm;%path%perl Configure VC-WIN64A --debug zlib-dynamic --with-zlib-include=D:\my_dev\lib\zlib_1d3 --with-zlib-lib=.\my_zlib_1d3.dll --prefix=c:\openssl_3d2 --openssldir=c:\openssl_3d2\commonnmake此時, nmake已經完成.
查一下*.dll的位置, 主要是看libcrypto-3-x64.dll在哪些目錄中
可以看出, 主要是4個目錄
.\
.\apps
.\fuzz
.\test
將自己的zlib.dll拷貝到這4個目錄
對于我自己的環境, 拷貝情況如下:
D:\my_dev\lib\zlib_1d3\my_zlib_1d3.dll => D:\3rd_prj\crypt\openssl-3.2.0\my_zlib_1d3.dll
D:\my_dev\lib\zlib_1d3\my_zlib_1d3.dll => D:\3rd_prj\crypt\openssl-3.2.0\apps\my_zlib_1d3.dll
D:\my_dev\lib\zlib_1d3\my_zlib_1d3.dll => D:\3rd_prj\crypt\openssl-3.2.0\fuzz\my_zlib_1d3.dll
D:\my_dev\lib\zlib_1d3\my_zlib_1d3.dll => D:\3rd_prj\crypt\openssl-3.2.0\test\my_zlib_1d3.dll
然后繼續openssl的測試和安裝
nmake test
// ...
99-test_fuzz_x509.t ..................... ok
All tests successful.
Files=294, Tests=3418, 990 wallclock secs ( 6.36 usr + 0.97 sys = 7.33 CPU)
Result: PASS
openssl測試全部通過, 猜測是正確的.
在使用openssl之前, 必須將依賴的dll(e.g. zlib.dll)擺對位置.
開始安裝
nmake install
安裝完成后, 搜索*.dll, 可以看到依賴的dll(e.g. zlib.dll)沒有被拷貝過來.
手工拷貝zlib.dll到安裝后的bin目錄.
D:\my_dev\lib\zlib_1d3\my_zlib_1d3.dll => C:\openssl_3d2\bin\my_zlib_1d3.dll
現在可以將安裝好的openssl發布目錄C:\openssl_3d2剪切到自己的庫目錄了 => D:\my_dev\lib\openssl_3d2
測試一下隨便改變位置的openssl用到zlib時是否好使
就用普通的cmd窗口.
cd /d D:\my_dev\lib\openssl_3d2\bin
openssl zlib -list
// 下面是輸出
Supported ciphers:
-aes-128-cbc -aes-128-cfb -aes-128-cfb1
-aes-128-cfb8 -aes-128-ctr -aes-128-ecb
-aes-128-ofb -aes-192-cbc -aes-192-cfb
-aes-192-cfb1 -aes-192-cfb8 -aes-192-ctr
-aes-192-ecb -aes-192-ofb -aes-256-cbc
-aes-256-cfb -aes-256-cfb1 -aes-256-cfb8
-aes-256-ctr -aes-256-ecb -aes-256-ofb
-aes128 -aes128-wrap -aes128-wrap-pad
-aes192 -aes192-wrap -aes192-wrap-pad
-aes256 -aes256-wrap -aes256-wrap-pad
-aria-128-cbc -aria-128-cfb -aria-128-cfb1
-aria-128-cfb8 -aria-128-ctr -aria-128-ecb
-aria-128-ofb -aria-192-cbc -aria-192-cfb
-aria-192-cfb1 -aria-192-cfb8 -aria-192-ctr
-aria-192-ecb -aria-192-ofb -aria-256-cbc
-aria-256-cfb -aria-256-cfb1 -aria-256-cfb8
-aria-256-ctr -aria-256-ecb -aria-256-ofb
-aria128 -aria192 -aria256
-bf -bf-cbc -bf-cfb
-bf-ecb -bf-ofb -blowfish
-camellia-128-cbc -camellia-128-cfb -camellia-128-cfb1
-camellia-128-cfb8 -camellia-128-ctr -camellia-128-ecb
-camellia-128-ofb -camellia-192-cbc -camellia-192-cfb
-camellia-192-cfb1 -camellia-192-cfb8 -camellia-192-ctr
-camellia-192-ecb -camellia-192-ofb -camellia-256-cbc
-camellia-256-cfb -camellia-256-cfb1 -camellia-256-cfb8
-camellia-256-ctr -camellia-256-ecb -camellia-256-ofb
-camellia128 -camellia192 -camellia256
-cast -cast-cbc -cast5-cbc
-cast5-cfb -cast5-ecb -cast5-ofb
-chacha20 -des -des-cbc
-des-cfb -des-cfb1 -des-cfb8
-des-ecb -des-ede -des-ede-cbc
-des-ede-cfb -des-ede-ecb -des-ede-ofb
-des-ede3 -des-ede3-cbc -des-ede3-cfb
-des-ede3-cfb1 -des-ede3-cfb8 -des-ede3-ecb
-des-ede3-ofb -des-ofb -des3
-des3-wrap -desx -desx-cbc
-id-aes128-wrap -id-aes128-wrap-pad -id-aes192-wrap
-id-aes192-wrap-pad -id-aes256-wrap -id-aes256-wrap-pad
-id-smime-alg-CMS3DESwrap -idea -idea-cbc
-idea-cfb -idea-ecb -idea-ofb
-rc2 -rc2-128 -rc2-40
-rc2-40-cbc -rc2-64 -rc2-64-cbc
-rc2-cbc -rc2-cfb -rc2-ecb
-rc2-ofb -rc4 -rc4-40
-seed -seed-cbc -seed-cfb
-seed-ecb -seed-ofb -sm4
-sm4-cbc -sm4-cfb -sm4-ctr
-sm4-ecb -sm4-ofb可以看到沒有報錯, 說明openssl依賴的zlib.dll是正常的.
測試一下隨便改變位置的openssl未找到zlib.dll時是否報錯
將my_zlib_1d3.dll改個名字, 將后綴加個’_’
用 openssl zlib -list 命令行再測試一下.
D:\my_dev\lib\openssl_3d2\bin>openssl zlib -list
Supported ciphers:
-aes-128-cbc -aes-128-cfb -aes-128-cfb1
-aes-128-cfb8 -aes-128-ctr -aes-128-ecb
-aes-128-ofb -aes-192-cbc -aes-192-cfb
-aes-192-cfb1 -aes-192-cfb8 -aes-192-ctr
-aes-192-ecb -aes-192-ofb -aes-256-cbc
-aes-256-cfb -aes-256-cfb1 -aes-256-cfb8
-aes-256-ctr -aes-256-ecb -aes-256-ofb
-aes128 -aes128-wrap -aes128-wrap-pad
-aes192 -aes192-wrap -aes192-wrap-pad
-aes256 -aes256-wrap -aes256-wrap-pad
-aria-128-cbc -aria-128-cfb -aria-128-cfb1
-aria-128-cfb8 -aria-128-ctr -aria-128-ecb
-aria-128-ofb -aria-192-cbc -aria-192-cfb
-aria-192-cfb1 -aria-192-cfb8 -aria-192-ctr
-aria-192-ecb -aria-192-ofb -aria-256-cbc
-aria-256-cfb -aria-256-cfb1 -aria-256-cfb8
-aria-256-ctr -aria-256-ecb -aria-256-ofb
-aria128 -aria192 -aria256
-bf -bf-cbc -bf-cfb
-bf-ecb -bf-ofb -blowfish
-camellia-128-cbc -camellia-128-cfb -camellia-128-cfb1
-camellia-128-cfb8 -camellia-128-ctr -camellia-128-ecb
-camellia-128-ofb -camellia-192-cbc -camellia-192-cfb
-camellia-192-cfb1 -camellia-192-cfb8 -camellia-192-ctr
-camellia-192-ecb -camellia-192-ofb -camellia-256-cbc
-camellia-256-cfb -camellia-256-cfb1 -camellia-256-cfb8
-camellia-256-ctr -camellia-256-ecb -camellia-256-ofb
-camellia128 -camellia192 -camellia256
-cast -cast-cbc -cast5-cbc
-cast5-cfb -cast5-ecb -cast5-ofb
-chacha20 -des -des-cbc
-des-cfb -des-cfb1 -des-cfb8
-des-ecb -des-ede -des-ede-cbc
-des-ede-cfb -des-ede-ecb -des-ede-ofb
-des-ede3 -des-ede3-cbc -des-ede3-cfb
-des-ede3-cfb1 -des-ede3-cfb8 -des-ede3-ecb
-des-ede3-ofb -des-ofb -des3
-des3-wrap -desx -desx-cbc
-id-aes128-wrap -id-aes128-wrap-pad -id-aes192-wrap
-id-aes192-wrap-pad -id-aes256-wrap -id-aes256-wrap-pad
-id-smime-alg-CMS3DESwrap -idea -idea-cbc
-idea-cfb -idea-ecb -idea-ofb
-rc2 -rc2-128 -rc2-40
-rc2-40-cbc -rc2-64 -rc2-64-cbc
-rc2-cbc -rc2-cfb -rc2-ecb
-rc2-ofb -rc4 -rc4-40
-seed -seed-cbc -seed-cfb
-seed-ecb -seed-ofb -sm4
-sm4-cbc -sm4-cfb -sm4-ctr
-sm4-ecb -sm4-ofb
D4B80400:error:12800067:DSO support routines:win32_load:could not load the shared library:crypto\dso\dso_win32.c:108:filename(.\\my_zlib_1d3.dll)
D4B80400:error:12800067:DSO support routines:DSO_load:could not load the shared library:crypto\dso\dso_lib.c:147:D:\my_dev\lib\openssl_3d2\bin>
可以看到有報錯, 說沒有找到’.\my_zlib_1d3.dll’
總結
這說明讓openssl編譯選項中的動態依賴的dll為.\x.dll, 是比較好的方法.
只要openssl的組件和依賴的dll同目錄時, 就可以讓編譯完的openssl輸出的組件隨意變動位置, 都可以正常運行.
 - 附(Python案例,其它語言同理))
)
)
![[前端]開啟VUE之路-NODE.js版本管理](http://pic.xiahunao.cn/[前端]開啟VUE之路-NODE.js版本管理)
