Nmap Development mailing list archives
RE: [RFC] OpenSSL and Windows
From: "Thomas Buchanan" <TBuchanan () thecompassgrp net>
Date: Wed, 6 Feb 2008 23:35:11 -0600
-----Original Message----- From: Thomas Buchanan Sent: Tuesday, February 05, 2008 11:33 PM To: Fyodor Cc: nmap-dev () insecure org; DePriest, Jason R. Subject: RE: [RFC] OpenSSL and Windows A better option might be to extract only the .dll files that are required, and not ship the installer. This would probably help us save a little space, as the Light installer does include more than just the .dll files.
The more I thought about this, the less I liked shipping the installer for OpenSSL just to get the two .dll files that we need. So, I spent some time this evening working on compiling OpenSSL from source, and with a little tweaking, I got it to work. So, my latest recommendation for how to include SSL on Windows is to compile OpenSSL ourselves, rather than relying on the OpenSSL installers. As far as I can tell, there is only one additional requirement for compiling OpenSSL that Nmap doesn't already have: ActiveState Perl (I used the 5.8.8 version) Here's the instructions for compiling OpenSSL on Windows, using Visual Studio 2005 Express, Windows Platform SDK, and ActivePerl 5.8: 1. Download and extract OpenSSL source (openssl-0.9.8g.tar.gz) 2. Create OpenSSL installation directory (C:\OpenSSL) 3. Start Visual Studio 2005 Command Prompt 4. Set Include & Lib variables to include Platform SDK:
Set MSSdk=C:\Program Files\Microsoft Platform SDK Set Lib=%MSSdk%\Lib;%Lib% Set Include=%MSSdk%\Include;%Include%
5. cd to OpenSSL source directory 6. Configure OpenSSL
perl Configure VC-WIN32 --prefix=C:/OpenSSL ms\do_ms
7. Compile OpenSSL
nmake -f ms\ntdll.mak
8. Install OpenSSL
nmake -f ms\ntdll.mak install
This will give you the .lib files necessary to build and link Nmap with SSL on Windows in C:\OpenSSL\lib, and the .dll files required to run Nmap with SSL in C:\OpenSSL\bin I've attached an updated patch that uses the output of these instructions to build Nmap with SSL on Windows. It saves about 800 KB over shipping the OpenSSL installer, and only adds about 600 KB to the -setup.exe file from the non-SSL version: EXE header size: 51200 / 35328 bytes Install code: 18716 / 65825 bytes Install data: 13240356 / 40316969 bytes Uninstall code+data: 12067 / 16426 bytes CRC (0xE3AA9DED): 4 / 4 bytes Total size: 13322343 / 40434552 bytes (32.9%) mv nmap-4.53/NmapInstaller.exe nmap-4.53-setup.exe This method has the added advantage of making the .zip file completely self-reliant again as well. I noticed that in the previous build method, the executable from the .zip file would not run on a system unless it had OpenSSL installed, which could make it difficult to run from a thumb-drive, for example. Hope this has been helpful. Let me know if there are any questions, concerns, or comments. Thomas
Attachment:
windows-openssl-build-take2.patch
Description: windows-openssl-build-take2.patch
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- RE: [RFC] OpenSSL and Windows, (continued)
- RE: [RFC] OpenSSL and Windows Rob Nicholls (Jan 07)
- RE: [RFC] OpenSSL and Windows Thomas Buchanan (Jan 07)
- Re: [RFC] OpenSSL and Windows DePriest, Jason R. (Feb 04)
- RE: [RFC] OpenSSL and Windows Thomas Buchanan (Feb 05)
- Re: [RFC] OpenSSL and Windows Fyodor (Feb 05)
- Re: [RFC] OpenSSL and Windows DePriest, Jason R. (Feb 05)
- Re: [RFC] OpenSSL and Windows DePriest, Jason R. (Feb 05)
- Re: [RFC] OpenSSL and Windows Fyodor (Feb 05)
- RE: [RFC] OpenSSL and Windows Thomas Buchanan (Feb 05)
- RE: [RFC] OpenSSL and Windows Thomas Buchanan (Feb 05)
- RE: [RFC] OpenSSL and Windows Thomas Buchanan (Feb 05)
- RE: [RFC] OpenSSL and Windows Thomas Buchanan (Feb 06)
- Re: [RFC] OpenSSL and Windows jah (Feb 07)
- RE: [RFC] OpenSSL and Windows Rob Nicholls (Jan 07)