That was just the quick and naive way I went for because I didn't want to download new tools, but there's many other options.

The easiest way if you have a capable debugger is probably to look for SSL strings/error codes in rodata and see where they're referenced.

Or IDA can even output C code that is very close to the original.

Based on how the OP described finding the offsets, it sounds like this is exactly what they did, perhaps there are some obvious sentinels that make it easy. I’m not a C expert, but I think a function call w/ args has a pretty standard way of being executed and if you know the types of the arguments it’s possibly even easier?

ABI compatability baby. Those signatures gotta match up for sure. Once you have that, the underlying guts of the code wont matter so much.

If this was 32 vs 64bit or some such you'd be pretty hosed at where everything was I imagine.

Boom. ABI that’s the word I was thinking of. Thanks!

It's pretty reliable in reality, C compilers are actually quite predictible. The only meaningful changes compilation flags do is add/remove basic blocks.

That's also mainly how malware reverse manages to "hunt" APT families, by finding meaningful little patterns in the instructions and look for code reuse in other binaries :D