PxPlus User Forum

Twitter Twitter Twitter

Author Topic: Using libssl with PXP_SSL_LIB  (Read 1140 times)

Allen Miglore

  • Silver Member
  • ***
  • Posts: 39
    • View Profile
    • UnForm
Using libssl with PXP_SSL_LIB
« on: November 04, 2022, 06:04:50 PM »
I saw that in pxplus 17 two environment variables were added to specify libssl and libcrypto shared object files.  I've added those and confirmed these libraries are on the system:

env|grep PXP
PXP_CRYPTO_LIB=/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
PXP_SSL_LIB=/usr/lib/x86_64-linux-gnu/libssl.so.1.1

I start up pxplus 18.20, and try to open a secure connection to pvxplus.com:

open(1)"[tcp]pvxplus.com;443;secure"
Error #99: Feature not supported
Last IO to [tcp]pvxplus.com;443;secure, channel 1
Could not locate entry point 'SSLv23_client_method' in libssl library.
Likely an incompatible SSL Interface. (err/ret=0/0)

What am I missing?

Mike King

  • Diamond Member
  • *****
  • Posts: 3826
  • Mike King
    • View Profile
    • BBSysco Consulting
Re: Using libssl with PXP_SSL_LIB
« Reply #1 on: November 05, 2022, 11:17:48 AM »
While the environment variables allow you to point to a different library, it must still be the same core version as PxPlus was compiled for. OpenSSL comes out with new minor/patch versions fairly regularly so we provided a means you could run PxPlus on a different version than the OS used.

The error you are seeing likely is due to the fact the PxPlus was compiled for a different major version of OpenSSL.
Mike King
President - BBSysco Consulting
eMail: mike.king@bbsysco.com

Allen Miglore

  • Silver Member
  • ***
  • Posts: 39
    • View Profile
    • UnForm
Re: Using libssl with PXP_SSL_LIB
« Reply #2 on: November 05, 2022, 01:05:32 PM »
Sounds like the days of having a universal Linux build are over.

Mike King

  • Diamond Member
  • *****
  • Posts: 3826
  • Mike King
    • View Profile
    • BBSysco Consulting
Re: Using libssl with PXP_SSL_LIB
« Reply #3 on: November 06, 2022, 10:44:21 PM »
Unfortunately OpenSSL for a number of its functions that it wanted to deprecate or change instead of creating dummy interface routines redefines the function in the source forcing you to compile for different versions. 

We do try, where possible, to create code that can run against different libraries, but that's not always possible.  For example the likely cause of problem you are having is that the default protocol is Version 2/3 as per the OpenSSL version the EXE you are using.  You may be able to avoid the missing routine error by forcing TLS1, TLS1.1, or TLS1.2 in the open.
Mike King
President - BBSysco Consulting
eMail: mike.king@bbsysco.com