httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: FYI - version checking against libressl - FYI (not yet a bug)
Date Tue, 14 Apr 2015 16:52:23 GMT
Now fixed in trunk
On Apr 12, 2015 4:17 PM, "Michael Felt" <mamfelt@gmail.com> wrote:

> I have rebuilt my build systems - basically stripping them of accumulated
> libraries, and now no "OpenSSL" installed, but "LibreSSL".
>
> A basic characteristic of LibreSSL is to remove exposed parts of the
> API/ABI in order to make the package more secure.
>
> Now maybe httpd needs this aspect it is now falling over, in which case -
> someone much more into httpd code than I explain the need. If it is not
> really "needed" this may be a bug.
>
> In any case when trying to build httpd-2.4.12 from:
>
>  ./configure --enable-layout=AIX --with-apr=/opt/bin/apr-1-config
> --with-apr-util=/opt/bin/apu-1-config --enable-mpms-shared=all
> --enable-mods-shared=all --disable-lua --enable-ssl --with-ssl=/opt
>
> It fails during make with:
>
>         /opt/build-1/libtool --silent --mode=compile xlc -I/opt/include
> -qHALT=E      -U__STR__ -D_THREAD_SAFE -D_USE_IRS
> -D_LARGEF/httpd-2.4.12/os/unix
> -I/data/prj/apache/httpd/httpd-2.4.12/include -I/opt/include/apr-1
> -I/opt/include -I/data/prj/apache/httpd/htpd/httpd-2.4.12/modules/cache
> -I/data/prj/apache/httpd/httpd-2.4.12/modules/core
> -I/data/prj/apache/httpd/httpd-2.4.12/modules/datadules/filters
> -I/data/prj/apache/httpd/httpd-2.4.12/modules/ldap
> -I/data/prj/apache/httpd/httpd-2.4.12/server
> -I/data/prj/apache/htapache/httpd/httpd-2.4.12/modules/lua
> -I/data/prj/apache/httpd/httpd-2.4.12/modules/proxy
> -I/data/prj/apache/httpd/httpd-2.4.12/mod.4.12/modules/ssl
> -I/data/prj/apache/httpd/httpd-2.4.12/modules/test
> -I/data/prj/apache/httpd/httpd-2.4.12/server
> -I/data/prj/apacha/prj/apache/httpd/httpd-2.4.12/modules/dav/main
> -I/data/prj/apache/httpd/httpd-2.4.12/modules/generators
> -I/data/prj/apache/httpd/sl_engine_init.c && touch ssl_engine_init.slo
> "ssl_engine_init.c", line 357.28: 1506-045 (S) Undeclared identifier
> ENGINE_CTRL_CHIL_SET_FORKCHECK.
> make: 1254-004 The error code from the last command is 1.
>
> Note: if I leave out the --enable-ssl --with-ssl=/opt the package builds
> as expected.
>
> On Fri, Apr 10, 2015 at 2:26 PM, Michael Felt <mamfelt@gmail.com> wrote:
>
>> I am experimenting with libressl - and just thought I would mention an
>> error message I am getting with regard to openssl compatibility
>>
>> And if this has already been reported - please ignore - and accept my
>> apologies. I have not scanned the maillist for a previous report.
>>
>> ±±±±±±±±±±±±±±±
>>
>> configure: WARNING: Your APR does not include SSL/EVP support. To enable
>> it: configure --with-crypto
>> configure: WARNING: OpenSSL libraries are unusable
>>
>> Now there are differences between OpenSSL and LibreSSL - so you may need
>> to be thinking about different tests for testing OpenSSL API suitability.
>>
>> ±±±±±±±±±±±±±±±±±±
>> From config.log - some additional feedback.
>>
>> configure:25683: checking for OpenSSL version >= 0.9.8a
>> configure:25702: xlc -c -I/opt/include -I/opt/buildaix/include -O2
>> -I/opt/include -L/opt/lib -qHALT=E -I/op
>> t/include -U__STR__ -D_THREAD_SAFE -D_USE_IRS -D_LARGEFILE64_SOURCE
>> conftest.c >&5
>> configure:25702: $? = 0
>> configure:25703: result: OK
>> ...
>>
>> configure:25772: checking for openssl/engine.h
>> configure:25772: result: yes
>> configure:25785: checking for SSLeay_version
>> configure:25785: xlc -o conftest -I/opt/include -I/opt/buildaix/include
>> -O2 -I/opt/include -L/opt/lib -qHAL
>> T=E -I/opt/include -U__STR__ -D_THREAD_SAFE -D_USE_IRS
>> -D_LARGEFILE64_SOURCE  -Wl,-brtl conftest.c -lssl -l
>> crypto  -lpthread >&5
>> ld: 0711-317 ERROR: Undefined symbol: .SSLeay_version
>> ....
>> | }
>> configure:25785: result: no
>> configure:25785: checking for SSL_CTX_new
>> configure:25785: xlc -o conftest -I/opt/include -I/opt/buildaix/include
>> -O2 -I/opt/include -L/opt/lib -qHAL
>> T=E -I/opt/include -U__STR__ -D_THREAD_SAFE -D_USE_IRS
>> -D_LARGEFILE64_SOURCE  -Wl,-brtl conftest.c -lssl -l
>> crypto  -lpthread >&5
>> ld: 0711-317 ERROR: Undefined symbol: .SSL_CTX_new
>> ...
>> | }
>> configure:25785: result: no
>> configure:25799: checking for ENGINE_init
>> configure:25799: xlc -o conftest -I/opt/include -I/opt/buildaix/include
>> -O2 -I/opt/include -L/opt/lib -qHAL
>> T=E -I/opt/include -U__STR__ -D_THREAD_SAFE -D_USE_IRS
>> -D_LARGEFILE64_SOURCE  -Wl,-brtl conftest.c -lssl -l
>> crypto  -lpthread >&5
>> ld: 0711-317 ERROR: Undefined symbol: .ENGINE_init
>> ...
>> | }
>> configure:25799: result: no
>> configure:25799: checking for ENGINE_load_builtin_engines
>> configure:25799: xlc -o conftest -I/opt/include -I/opt/buildaix/include
>> -O2 -I/opt/include -L/opt/lib -qHAL
>> T=E -I/opt/include -U__STR__ -D_THREAD_SAFE -D_USE_IRS
>> -D_LARGEFILE64_SOURCE  -Wl,-brtl conftest.c -lssl -l
>> crypto  -lpthread >&5
>> ld: 0711-317 ERROR: Undefined symbol: .ENGINE_load_builtin_engines
>>
>> ...
>>
>> | }
>> configure:25799: result: no
>> configure:25809: WARNING: OpenSSL libraries are unusable
>> configure:25822: result: yes
>>
>>
>>
>

Mime
View raw message