libssl.so.10 libcrypto.so.10

Moderators: Site Moderators, FAHC Science Team

Post Reply
Psnarf
Posts: 10
Joined: Sun Sep 01, 2019 4:37 pm

libssl.so.10 libcrypto.so.10

Post by Psnarf »

Why not compile FAHClient against the OpenSSL 1.1.1 series? According to openssl dot org, all other versions "are now out of support and should not be used. Users of these older versions are encourage to upgrade to 1.1.1 as soon as possible." Which ssl version is 10? Is that 1.0.0, 1.0.1, or 1.0.2?
ldd FAHClient | grep not\ found
libssl.so.10 => not found
libcrypto.so.10 => not found
I tried a couple of those years-old versions from 2014 - 2018, but none would satisfy FAHClient.
./FAHClient: error while loading shared libraries: libssl.so.10: cannot open shared object file: No such file or directory
I'm running openssl-1.1.1d. If there is an export problem, why not distribute the source code with the Stanford-secret bits included in a binary-encrypted blob? At least provide a link to your secret lib*.so.10 libraries. No wonder there is no Slackware-current package.
JimboPalmer
Posts: 2522
Joined: Mon Feb 16, 2009 4:12 am
Location: Greenwood MS USA

Re: libssl.so.10 libcrypto.so.10

Post by JimboPalmer »

Psnarf wrote:Why not compile FAHClient against the OpenSSL 1.1.1 series?
I am going to give two reasons, both are true to some extent.

1) Thousands of folders using older linux installs will have to upgrade or quit. You can install an old version of most linux packages, but dependencies make installing newer versions a form of whack a mole. In the end reinstalling Linux is easier than tracking down all the packages needed. So Cauldron Development tries not to change the required packages and to compile on the oldest version of linux they can, so the fewest folders are cut off from folding. If you were the only folder, or you could force everyone to upgrade, your plan WOULD be best.

2) So far as I know Cauldron Development is one programmer, so re compiling the Linux client to the latest standards comes at the cost of new development. Everyone wants the new features. Since he has to synchronize the Windows/Mac/Linux clients with the various servers (Assignment, Statistics,etc.) He needs to stay focused across multiple platforms, before starting again with a new version.

Folding at home still supports CPUs back to the P4 Willamette, and GPUs back to 2012 (Kepler, GCN); cutting off linux support will not broaden its user base.
Tsar of all the Rushers
I tried to remain childlike, all I achieved was childish.
A friend to those who want no friends
Psnarf
Posts: 10
Joined: Sun Sep 01, 2019 4:37 pm

Re: libssl.so.10 libcrypto.so.10

Post by Psnarf »

Nevermind. Fahclient works with
openssl 1.0.2o
I'm not suggesting you follow the instructions of the ssl library authors https://www.openssl.org/source/. Thousands of folders can purchase support contracts for $15,000 to $50,000 annually so they can continue to use ssl libraries that will no longer receive free security fixes. All you have to do is compile the bits that your software needs into your product as a static build, no need to depend on folders having to install obsolete libraries. They won't need any ssl libraries if you compile the library routines you require into your final product. Me, I'm not infecting the systems I administer with a known security risk. Rosetta@home supports the same research; boinc requires no other libraries. Happy Folding!
Psnarf
Posts: 10
Joined: Sun Sep 01, 2019 4:37 pm

Re: libssl.so.10 libcrypto.so.10

Post by Psnarf »

I apologize for letting my irritation slip through what should have been a polite dialog.

Folding was working fine until the Dec 20 upgrade of openssl 1.0.2s to 1.0.2u. I had soft links to that version's libssl and libcrypto as so.10. It was after the next kernel-upgrade-reboot when Folding planted its hind feet, much like Balaam's Ass, and refused to budge. I created a package for an old laptop in my render/distcc farm using the current FAHClient release. I changed usr/lib to usr/lib64 so the manager's python2.7 would work, then created a lib64 folder containing only libssl.so.1.0.0 and libcrypto.so.1.0.0 from openssl 1.0.2s with soft links in lib64 as so.10. That worked! You do not need a full OpenSSL installation, only those two shared libraries. You can put those two libraries anywhere, just put a soft link to them in /usr/lib64 called libssl.so.10 and libcrypto.so.10.

BTW, in ClientConfig.py:
File "/usr/lib64/python2.7/site-packages/fah/ClientConfig.py", line 435, in update_status_slots app.slot_status_tree.get_selection().select_iter(selected_row)
TypeError: iter should be a GtkTreeIter
JimboPalmer
Posts: 2522
Joined: Mon Feb 16, 2009 4:12 am
Location: Greenwood MS USA

Re: libssl.so.10 libcrypto.so.10

Post by JimboPalmer »

Versioning is a pain for everyone involved in computing.

F@H has the 'problem' of 100,000s of folders they cannot force to upgrade.

(I only had to keep versions straight on 3 servers, still a pain)
Tsar of all the Rushers
I tried to remain childlike, all I achieved was childish.
A friend to those who want no friends
Post Reply