I have a file called mod_dav_svn.so. I would like to find out if this is a custom version of the file or a standard one.
I have tried searching Google for the md5sum of the file, but nothing has turned up, suggesting it is a custom compilation.
Is there a way to extract any metadata from this file, such as compilation time/options/etc?
Use your distro's package manager and verify the package to see if the file is original. For example in my rpm based distro I can do the following:
# Find the full path to the file
$ locate mod_dav_svn.so
/usr/lib/apache/mod_dav_svn.so
# Find out what package it belongs to
$ rpm -qf /usr/lib/apache/mod_dav_svn.so
apache-mod_dav_svn-1.6.16-1.i686
# Verify that package to make sure the file hasn't been tampered with
$ rpm -vV apache-mod_dav_svn
........ /usr/lib/apache/mod_dav_svn.so
The dots indicate that all tests show normal for that file. If it had been changed it might have indicated a checksum mismatch, a date change, a size change, etc.
The first step is file mod_dav_svn.so to see what architecture it's for, and ldd mod_dav_svn.so to see what libraries (and versions) it's linked against.
You can search for printable strings with strings (strings mod_dav_svn.so).
You can display a lot of information in readable text form with objdump. Try inspecting the file with objdump -s mod_dav_svn.so | less, the compiler might have left a clue somewhere.
