I'm playing around with apps/s_client.c in the openssl source code. I want to make a few changes and run it, but my changes are not getting reflected after I save the file and do a make all, or a make.
For example, I changed the sc_usage function to this:
BIO_printf(bio_err,"This is how you use s_client\n");
BIO_printf(bio_err,"usage: s_client args\n");
BIO_printf(bio_err,"\n");
BIO_printf(bio_err," -host host - use -connect instead\n");
BIO_printf(bio_err," -port port - use -connect instead\n");
I then save and do a make all in the apps folder, but when I run the program by doing this: openssl s_client abc, I don't see the line I introduced, this is how you use s_client, in the output.
Where am I going wrong?
Are you sure you run the correct app? Try ./openssl.
In Linux, current directory is not searched for executable files by default, so you are probably running system's openssl.
I want to make a few changes and run it, but my changes are not getting reflected after I save the file and do a make all, or a make.
Its even easier than that once you know the tricks.
- Configure the OpenSSL library as normal (
configure)
- Build the OpenSSL library as normal (
make depend && make)
- Install the OpenSSL library as normal (
sudo make install)
- Make your changes to
s_client.c
- Compile
s_client.c in place (the apps/ directory):
Here's the grease. You have to build some additional object files, like apps.o and apps_rand.o, to support s_client.o.
export OPENSSLDIR=/usr/local/ssl/darwin
gcc -DOPENSSL_NO_PSK -DMONOLITH -I$OPENSSLDIR/include -I../ -c apps.c
gcc -DOPENSSL_NO_PSK -DMONOLITH -I$OPENSSLDIR/include -I../ -c app_rand.c
gcc -DOPENSSL_NO_PSK -DMONOLITH -I$OPENSSLDIR/include -I../ -c s_cb.c
gcc -DOPENSSL_NO_PSK -DMONOLITH -I$OPENSSLDIR/include -I../ -c s_socket.c
gcc -DOPENSSL_NO_PSK -I$OPENSSLDIR/include -I../ \
app_rand.o apps.o s_cb.o s_socket.o \
$OPENSSLDIR/lib/libssl.a $OPENSSLDIR/lib/libcrypto.a \
s_client.c -o my_s_client.exe
The OPENSSL_NO_PSK is needed because a declaration (psk_key) was commented out. The -I../ is needed because e_os.h is not installed after a make install. It sure would be nice if OpenSSL actually tested their stuff before releasing it...
Then:
$ ./my_s_client.exe -connect www.google.com:443
CONNECTED(00000003)
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
i:/C=US/O=Google Inc/CN=Google Internet Authority G2
...
No need to rebuild the whole library or all the apps. No need for openssl s_client ....
