OpenSSL

I want to know if I have an OppenSSL  shared object on my linux system

What is the precise name (and hopefully file size) of the .so I need to detect is on my system?
Anthony LuciaAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Rich RumbleConnect With a Mentor Security SamuraiCommented:
Which linux distro?
For redhat, fedora, centos:
rpm -qa |grep -i openssl

OpenSSL is by default installed on most distro's, but the non-affected version of heart-bleed is 1.0.1g and above. http://en.wikipedia.org/wiki/Heartbleed_bug#Affected_OpenSSL_installations

I love points, but a lot of the questions you have can be answered by a few google searches, I'm glad you trust experts, but I bet quite a few of the questions can be solved with a few more searches perhaps.
-rich
0
 
Anthony LuciaAuthor Commented:
I did the following:

rpm -qa |grep -i openssl
pyOpenSSL-0.10-2.el6.x86_64
openssl-1.0.1e-16.el6_5.x86_64

So this looks like I am sfe, and I have a non-affected version

But after doing searches, I still do not know what the actual .so name of the shared object is.

Does any one know what the share object of OpenSSL is named ?
0
 
Seth SimmonsConnect With a Mentor Sr. Systems AdministratorCommented:
you actually want to use ql with rpm instead of qa
qa will just show the package name while ql will show the associated files

rpm -ql | grep -i openssl

Open in new window

0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
Seth SimmonsSr. Systems AdministratorCommented:
So this looks like I am sfe, and I have a non-affected version

the version you have is e which is affected
0
 
Anthony LuciaAuthor Commented:
Does any one know what the name of the share object of OpenSSL, or since it was installed with RPM, does this meant that there will not be a shared object
0
 
Seth SimmonsConnect With a Mentor Sr. Systems AdministratorCommented:
look at the command options with rpm i posted before
it will list the files associated with the package(s)
on a RHEL 6.2 system i have here i see .so files in /usr/lib64/openssl/engines
0
 
Rich RumbleSecurity SamuraiCommented:
You need to upgrade, "e" is lower than G so it was/is affected. upgrading to G (yum update openssl) should take care of it. But if not, you can find many RPM's for your distro, which I still don't know (redhat? CentOS? Fedora? other?)
The EL rpm's I think are RedHat/CentOS, so try updating using YUM

or manually compile:
cd /usr/src
wget https://www.openssl.org/source/openssl-1.0.1g.tar.gz -O openssl-1.0.1g.tar.gz

tar -zxf openssl-1.0.1g.tar.gz
cd openssl-1.0.1g
./config
make
make test
make install

openssl version

If it shows old version do the steps below.

mv /usr/bin/openssl /root/
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

Open in new window

Some other tips here from redhat too
https://access.redhat.com/site/solutions/781793
-rich
0
All Courses

From novice to tech pro — start learning today.