Ubuntu 22.04 libssl 3 migration

I recently upgraded to Ubuntu 22.04. Apparently, with 22.04, libssl has been moved to version 3.0. From that link:

As some of you might have surmised, we’re planning to move to OpenSSL 3.0 for 22.04. This new major release brings of course some new things, but also breaks API and ABI.

I noticed this migration by doing the following in Racket:

$ racket
> (require net/http-easy)
> (define rsp (get "https://www.google.com"))
SSL_get_peer_certificate: implementation not found [,bt for context]

To fix this, I pointed libssl.so and libcrypto.so (installed in /usr/lib/x86_64-linux-gnu/) to version 1.1.

Is there a plan to migrate the openssl Racket library to libssl3?

1 Like

I think the answer is mostly to add "3" as a recognized version number in "libcrypto.rkt".

With that change plus a fallback for SSL_get_peer_certificate to use SSL_get1_peer_certificate, most of the tests in tests/openssl pass for me. The three that fail are "peer-verif2.rkt", "test-alpn.rkt", and "test-channel-binding.rkt". It's not immediately obvious whether those failures are due to OpenSSL 3 vs. 1.1 or due to trying to run tests in a Docker container.

I'll push the addition of "3" and the fallback to use SSL_get1_peer_certificate.

1 Like

I applied the changes in the commit to my local installation. Looks good so far. Thank you.

1 Like

I ran into an identical issue in Fedora 36 today. Thanks for the fix!