Linux openssl get version

Open SSL

OPENSSL_VERSION_MAJOR, OPENSSL_VERSION_MINOR, OPENSSL_VERSION_PATCH, OPENSSL_VERSION_PRE_RELEASE, OPENSSL_VERSION_BUILD_METADATA, OPENSSL_VERSION_TEXT, OPENSSL_VERSION_PREREQ, OPENSSL_version_major, OPENSSL_version_minor, OPENSSL_version_patch, OPENSSL_version_pre_release, OPENSSL_version_build_metadata, OpenSSL_version, OPENSSL_VERSION_NUMBER, OpenSSL_version_num, OPENSSL_info — get OpenSSL version number and other information

SYNOPSIS

#include #define OPENSSL_VERSION_MAJOR x #define OPENSSL_VERSION_MINOR y #define OPENSSL_VERSION_PATCH z /* The definitions here are typical release values */ #define OPENSSL_VERSION_PRE_RELEASE "" #define OPENSSL_VERSION_BUILD_METADATA "" #define OPENSSL_VERSION_TEXT "OpenSSL x.y.z xx XXX xxxx" #define OPENSSL_VERSION_PREREQ(maj,min) #include unsigned int OPENSSL_version_major(void); unsigned int OPENSSL_version_minor(void); unsigned int OPENSSL_version_patch(void); const char *OPENSSL_version_pre_release(void); const char *OPENSSL_version_build_metadata(void); const char *OpenSSL_version(int t); const char *OPENSSL_info(int t); /* from openssl/opensslv.h */ #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnL /* from openssl/crypto.h */ unsigned long OpenSSL_version_num();

DESCRIPTION

Macros

The three macros OPENSSL_VERSION_MAJOR, OPENSSL_VERSION_MINOR and OPENSSL_VERSION_PATCH represent the three parts of a version identifier, MAJOR.MINOR.PATCH.

The macro OPENSSL_VERSION_PRE_RELEASE is an added bit of text that indicates that this is a pre-release version, such as «-dev» for an ongoing development snapshot or «-alpha3» for an alpha release. The value must be a string.

The macro OPENSSL_VERSION_BUILD_METADATA is extra information, reserved for other parties, such as «+fips» , or «+vendor.1» ). The OpenSSL project will not touch this macro (will leave it an empty string). The value must be a string.

OPENSSL_VERSION_STR is a convenience macro to get the short version identifier string, «MAJOR.MINOR.PATCH» .

OPENSSL_FULL_VERSION_STR is a convenience macro to get the longer version identifier string, which combines OPENSSL_VERSION_STR, OPENSSL_VERSION_PRE_RELEASE and OPENSSL_VERSION_BUILD_METADATA.

OPENSSL_VERSION_TEXT is a convenience macro to get a full descriptive version text, which includes OPENSSL_FULL_VERSION_STR and the release date.

OPENSSL_VERSION_PREREQ is a useful macro for checking whether the OpenSSL version for the headers in use is at least at the given pre-requisite major (maj) and minor (min) number or not. It will evaluate to true if the header version number (OPENSSL_VERSION_MAJOR.OPENSSL_VERSION_MINOR) is greater than or equal to maj.min.

OPENSSL_VERSION_NUMBER is a combination of the major, minor and patch version into a single integer 0xMNN00PP0L, where:

is the number from OPENSSL_VERSION_MAJOR, in hexadecimal notation

is the number from OPENSSL_VERSION_MINOR, in hexadecimal notation

is the number from OPENSSL_VERSION_PATCH, in hexadecimal notation

Functions

OPENSSL_version_major(), OPENSSL_version_minor(), OPENSSL_version_patch(), OPENSSL_version_pre_release(), and OPENSSL_version_build_metadata() return the values of the macros above for the build of the library, respectively.

OpenSSL_version() returns different strings depending on t:

The value of OPENSSL_VERSION_TEXT

The value of OPENSSL_VERSION_STR

The value of OPENSSL_FULL_VERSION_STR

The compiler flags set for the compilation process in the form compiler: . if available, or compiler: information not available otherwise.

Читайте также:  Linux bash copy all files

The date of the build process in the form built on: . if available or built on: date not available otherwise. The date would not be available in a reproducible build, for example.

The «Configure» target of the library build in the form platform: . if available, or platform: information not available otherwise.

The OPENSSLDIR setting of the library build in the form OPENSSLDIR: «. » if available, or OPENSSLDIR: N/A otherwise.

The ENGINESDIR setting of the library build in the form ENGINESDIR: «. » if available, or ENGINESDIR: N/A otherwise. This option is deprecated in OpenSSL 3.0.

The MODULESDIR setting of the library build in the form MODULESDIR: «. » if available, or MODULESDIR: N/A otherwise.

The current OpenSSL cpu settings. This is the current setting of the cpu capability flags. It is usually automatically configured but may be set via an environment variable. The value has the same syntax as the environment variable. For x86 the string looks like CPUINFO: OPENSSL_ia32cap=0x123:0x456 or CPUINFO: N/A if not available.

For an unknown t, the text not available is returned.

OPENSSL_info() also returns different strings depending on t:

The configured OPENSSLDIR , which is the default location for OpenSSL configuration files.

The configured ENGINESDIR , which is the default location for OpenSSL engines.

The configured MODULESDIR , which is the default location for dynamically loadable OpenSSL modules other than engines.

The configured dynamically loadable module extension.

The separator between a directory specification and a filename. Note that on some operating systems, this is not the same as the separator between directory elements.

The OpenSSL list separator. This is typically used in strings that are lists of items, such as the value of the environment variable $PATH on Unix (where the separator is : ) or %PATH% on Windows (where the separator is ; ).

The current OpenSSL cpu settings. This is the current setting of the cpu capability flags. It is usually automatically configured but may be set via an environment variable. The value has the same syntax as the environment variable. For x86 the string looks like OPENSSL_ia32cap=0x123:0x456 .

For an unknown t, NULL is returned.

OpenSSL_version_num() returns the value of OPENSSL_VERSION_NUMBER.

RETURN VALUES

OPENSSL_version_major(), OPENSSL_version_minor() and OPENSSL_version_patch() return the version number parts as integers.

OPENSSL_version_pre_release() and OPENSSL_version_build_metadata() return the values of OPENSSL_VERSION_PRE_RELEASE and OPENSSL_VERSION_BUILD_METADATA respectively as constant strings. For any of them that is undefined, the empty string is returned.

OpenSSL_version() returns constant strings.

SEE ALSO

HISTORY

The macros and functions described here were added in OpenSSL 3.0, except for OPENSSL_VERSION_NUMBER and OpenSSL_version_num().

Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the «License»). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.

Читайте также:  Дистрибутив файловый сервер linux

master manpages

This manpage

Please report problems with this website to webmaster at openssl.org.

Copyright © 1999-2023 The OpenSSL Project Authors. All Rights Reserved.

Источник

How to Check the OpenSSL Version Number in Linux

OpenSSL is a cross-platform utility that can be used to convert digital certificates to different formats, build own certificate authorities and find the private keys from certificates. OpenSSL is a cryptographic and SSL toolkit for those users who work on digital certificates, development of applications, software testing, and security testing. This utility contains the implementation of SSL and TLS protocols.

It is pre-installed in the popular Linux distributions. The OpenSSL version you implement can be found on the command line in Linux.

How to Check the OpenSSL Version Number in Linux

There are different commands for checking the OpenSSL version number in the Linux:

1: How to Check the OpenSSL Version Using openssl version Command in Linux

The following command allows you to check the version of the OpenSSL your device is using:

The output is easy to understand as it contains the version designation and date of its release. The output 3.0.2 have different meanings:

Major Version: The first number in the version information is major version like in my case it is 3

Minor Version: The second number is 0 minor version

Letter release: The last number is for bug fixing tracking the minor release

2: How to Check the OpenSSL Version Using apt show openssl Command in Linux

If the OpenSSL is installed in Linux through the APT package, you can check the version by using the package manager:

3: How to Check the OpenSSL Version Using openssl version -a Command in Linux

The following command will provide all the information related to the OpenSSL, you can use it while troubleshooting and finding the bugs:

By executing the above commands, you will get the following results:

  • Version of OpenSSL
  • Date when OpenSSL was built
  • Platform for building the OpenSSL
  • Cryptography options of the OpenSSL
  • Installation directory of the OpenSSL
  • Engine directory

Bottom Line

You can check the version number of OpenSSL on your Linux through the execution of the simple commands. You must know the interpretation of the output and how to use OpenSSL to improve the security of your server. The commands mentioned above can be used to check the version of the OpenSSL in Debian based Linux. If you are a Linux user the easiest way to find the version of OpenSSL is through the openssl version.

About the author

Zainab Rehman

I’m an author by profession. My interest in the internet world motivates me to write for Linux Hint and I’m here to share my knowledge with others.

Источник

How to Check the OpenSSL Version Number

OpenSSL is an open-source cryptographic library and SSL toolkit. The applications contained in the library help create a secure communication environment for computer networks.

Читайте также:  Драйвера для под линукс

OpenSSL contains an implementation of SSL and TLS protocols, meaning that most servers and HTTPS websites use its resources.

In this tutorial, learn how to find the OpenSSL version with a single command.

OpenSSL Version Command

The openssl version command allows you to determine the version your system is currently using. This information is useful if you want to find out if a particular feature is available, verify whether a security threat affects your system, or perhaps report a bug. Type in:

The resulting data will consist of the OpenSSL version designation and the date of its initial release.

The output is clear and easy to understand. We can break down the version format to get valuable insight. Additionally, using flags can help structure the data.

OpenSSL Releases

The format of the version provides a lot of information. The position of the numbers represent the release type:

  • Major Releases – You can recognize a major release if one or both of the first two digits change. This type of release can break compatibility with previous versions. For example: 1.1.0g vs. 1.2.0
  • Minor Releases – A minor release changes the last number of the version designation, e.g., 1.1.0 vs. 1.1.1. These releases are likely to contain new features; however, they should not break binary compatibility. You do not need to recompile applications to benefit from them.
  • Letter Releases – The release designation in our example 1.1.0g contains bug and security fixes exclusively. No new features were added.

Note: The next planned version of OpenSSL is 3.0.0. Once the new version is released, the versioning scheme is going to change to a more contemporary format: MAJOR.MINOR.PATCH

OpenSSL Flags

By using a general flag –help we can see an overview of all valid options for openssl version.

There are eight (8) valid options that allow you to narrow your search. The option that provides the most comprehensive set of information is:

This command compiles all the information contained under the individual flags into a single output.

This option is convenient, especially when troubleshooting or composing a bug report.

The OPENSSLDIR line is especially interesting, as it will tell you where OpenSSL will look for its configurations and certificates. You can print out that specific line by using the following command:

In this example, the configuration files and certificates are located at /usr/lib/ssl

Now you have learned how to check the OpenSSL version.

You should now understand how to interpret that data. And how it can be used to improve server security, troubleshoot or submit a bug request.

The flags presented in the article provided you with the necessary tools to help you make an informed decision and administer your system effectively.

Источник

Оцените статью
Adblock
detector