httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Felt <mamf...@gmail.com>
Subject Re: FYI - version checking against libressl - FYI (not yet a bug)
Date Sun, 12 Apr 2015 21:14:24 GMT
I have rebuilt my build systems - basically stripping them of accumulated
libraries, and now no "OpenSSL" installed, but "LibreSSL".

A basic characteristic of LibreSSL is to remove exposed parts of the
API/ABI in order to make the package more secure.

Now maybe httpd needs this aspect it is now falling over, in which case -
someone much more into httpd code than I explain the need. If it is not
really "needed" this may be a bug.

In any case when trying to build httpd-2.4.12 from:

 ./configure --enable-layout=AIX --with-apr=/opt/bin/apr-1-config
--with-apr-util=/opt/bin/apu-1-config --enable-mpms-shared=all
--enable-mods-shared=all --disable-lua --enable-ssl --with-ssl=/opt

It fails during make with:

        /opt/build-1/libtool --silent --mode=compile xlc -I/opt/include
-qHALT=E      -U__STR__ -D_THREAD_SAFE -D_USE_IRS
-D_LARGEF/httpd-2.4.12/os/unix
-I/data/prj/apache/httpd/httpd-2.4.12/include -I/opt/include/apr-1
-I/opt/include -I/data/prj/apache/httpd/htpd/httpd-2.4.12/modules/cache
-I/data/prj/apache/httpd/httpd-2.4.12/modules/core
-I/data/prj/apache/httpd/httpd-2.4.12/modules/datadules/filters
-I/data/prj/apache/httpd/httpd-2.4.12/modules/ldap
-I/data/prj/apache/httpd/httpd-2.4.12/server
-I/data/prj/apache/htapache/httpd/httpd-2.4.12/modules/lua
-I/data/prj/apache/httpd/httpd-2.4.12/modules/proxy
-I/data/prj/apache/httpd/httpd-2.4.12/mod.4.12/modules/ssl
-I/data/prj/apache/httpd/httpd-2.4.12/modules/test
-I/data/prj/apache/httpd/httpd-2.4.12/server
-I/data/prj/apacha/prj/apache/httpd/httpd-2.4.12/modules/dav/main
-I/data/prj/apache/httpd/httpd-2.4.12/modules/generators
-I/data/prj/apache/httpd/sl_engine_init.c && touch ssl_engine_init.slo
"ssl_engine_init.c", line 357.28: 1506-045 (S) Undeclared identifier
ENGINE_CTRL_CHIL_SET_FORKCHECK.
make: 1254-004 The error code from the last command is 1.

Note: if I leave out the --enable-ssl --with-ssl=/opt the package builds as
expected.

On Fri, Apr 10, 2015 at 2:26 PM, Michael Felt <mamfelt@gmail.com> wrote:

> I am experimenting with libressl - and just thought I would mention an
> error message I am getting with regard to openssl compatibility
>
> And if this has already been reported - please ignore - and accept my
> apologies. I have not scanned the maillist for a previous report.
>
> ±±±±±±±±±±±±±±±
>
> configure: WARNING: Your APR does not include SSL/EVP support. To enable
> it: configure --with-crypto
> configure: WARNING: OpenSSL libraries are unusable
>
> Now there are differences between OpenSSL and LibreSSL - so you may need
> to be thinking about different tests for testing OpenSSL API suitability.
>
> ±±±±±±±±±±±±±±±±±±
> From config.log - some additional feedback.
>
> configure:25683: checking for OpenSSL version >= 0.9.8a
> configure:25702: xlc -c -I/opt/include -I/opt/buildaix/include -O2
> -I/opt/include -L/opt/lib -qHALT=E -I/op
> t/include -U__STR__ -D_THREAD_SAFE -D_USE_IRS -D_LARGEFILE64_SOURCE
> conftest.c >&5
> configure:25702: $? = 0
> configure:25703: result: OK
> ...
>
> configure:25772: checking for openssl/engine.h
> configure:25772: result: yes
> configure:25785: checking for SSLeay_version
> configure:25785: xlc -o conftest -I/opt/include -I/opt/buildaix/include
> -O2 -I/opt/include -L/opt/lib -qHAL
> T=E -I/opt/include -U__STR__ -D_THREAD_SAFE -D_USE_IRS
> -D_LARGEFILE64_SOURCE  -Wl,-brtl conftest.c -lssl -l
> crypto  -lpthread >&5
> ld: 0711-317 ERROR: Undefined symbol: .SSLeay_version
> ....
> | }
> configure:25785: result: no
> configure:25785: checking for SSL_CTX_new
> configure:25785: xlc -o conftest -I/opt/include -I/opt/buildaix/include
> -O2 -I/opt/include -L/opt/lib -qHAL
> T=E -I/opt/include -U__STR__ -D_THREAD_SAFE -D_USE_IRS
> -D_LARGEFILE64_SOURCE  -Wl,-brtl conftest.c -lssl -l
> crypto  -lpthread >&5
> ld: 0711-317 ERROR: Undefined symbol: .SSL_CTX_new
> ...
> | }
> configure:25785: result: no
> configure:25799: checking for ENGINE_init
> configure:25799: xlc -o conftest -I/opt/include -I/opt/buildaix/include
> -O2 -I/opt/include -L/opt/lib -qHAL
> T=E -I/opt/include -U__STR__ -D_THREAD_SAFE -D_USE_IRS
> -D_LARGEFILE64_SOURCE  -Wl,-brtl conftest.c -lssl -l
> crypto  -lpthread >&5
> ld: 0711-317 ERROR: Undefined symbol: .ENGINE_init
> ...
> | }
> configure:25799: result: no
> configure:25799: checking for ENGINE_load_builtin_engines
> configure:25799: xlc -o conftest -I/opt/include -I/opt/buildaix/include
> -O2 -I/opt/include -L/opt/lib -qHAL
> T=E -I/opt/include -U__STR__ -D_THREAD_SAFE -D_USE_IRS
> -D_LARGEFILE64_SOURCE  -Wl,-brtl conftest.c -lssl -l
> crypto  -lpthread >&5
> ld: 0711-317 ERROR: Undefined symbol: .ENGINE_load_builtin_engines
>
> ...
>
> | }
> configure:25799: result: no
> configure:25809: WARNING: OpenSSL libraries are unusable
> configure:25822: result: yes
>
>
>

Mime
View raw message