RE: Help Please

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Vincen,
 
Thanks for the response to my email.
 
When I copied old libs to /usr/local/lib,Which were  belongs to openssl 1.0.1c,everything is working fine.
 
However,My apache 2.2.25 was not working very good with following libs,Which were there in the /usr/local/ssl/lib,Which were generated for openssl-1.0.1e fips.
 
-rw-r--r-- 1 root root 3507800 Dec 4 18:31 libcrypto.a
-rw-r--r-- 1 root root 544216 Dec 4 18:31 libssl.a
 
Please let me know,If You have any questions or concerns.
 
Thanks,
Srinivas




Srinivasa Rao Katta(System Administrator),
skatta33@xxxxxxxxxxx,
 


 

From: v.damore@xxxxxxxxx
Date: Tue, 10 Dec 2013 10:01:27 +0100
CC: users@xxxxxxxxxxxxxxxx
To: users@xxxxxxxxxxxxxxxx
Subject: Re: [users@httpd] Help Please

Hi,

may be I can help you, but I'm not sure what's you problem. 
Since you successfully compiled after  you copied into /usr/local/lib OpenSSL libraries. 
Are you afraid to use this version of OpenSSL libraries? 

Ciao,
Vincenzo

--
mobile: 3498513251
skype: free.dev

On 10/dic/2013, at 02:45, Srinivasa Rao Katta <skatta33@xxxxxxxxxxx> wrote:

Hi Apache Folks,

I need your help for to fix my config.nice problem.

Here is my system information;

SunOS 5.10 Generic_150400-03 sun4v sparc sun4v

Apache version 2.2.25

Openssl
-----------
#> /usr/local/ssl/bin/openssl
OpenSSL> version
OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL>

# cd /usr/local/ssl/lib
#> ls -la
total 8218
drwx------ 4 root root 6 Dec 4 18:31 .
drwx------ 10 root root 11 Dec 4 18:31 ..
drwx------ 2 root root 2 Dec 4 18:31 engines
-rw-r--r-- 1 root root 3507800 Dec 4 18:31 libcrypto.a
-rw-r--r-- 1 root root 544216 Dec 4 18:31 libssl.a
drwx------ 2 root root 5 Dec 4 18:31 pkgconfig
#

gcc
----
# gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/local/gcc4/libexec/gcc/sparc-sun-solaris2.10/4.7.2/lto-wrapper
Target: sparc-sun-solaris2.10
Configured with: ../configure --without-gnu-as --with-as=/usr/ccs/bin/as --without-gnu-ld --with-ld=/usr/ccs/bin/ld --enable-shared --enable-languages=c,c++,fortran,objc --prefix=/usr/local/gcc4
Thread model: posix
gcc version 4.7.2 (GCC)
#>

Here is /usr/local/apache/build/config.nice information;

#! /bin/sh
#
# Created by configure
"./configure" \
"--prefix=/usr/local/apache" \
"--enable-mime-magic" \
"--enable-info" \
"--enable-imagemap" \
"--enable-speling" \
"--enable-rewrite" \
"--enable-authz-host" \
"--enable-authn-anon" \
"--enable-authn-dbm" \
"--enable-auth-digest" \
"--enable-cern-meta" \
"--enable-expires" \
"--enable-headers" \
"--enable-unique_id" \
"--enable-so" \
"--enable-ssl" \
"--with-ssl=/usr/local/ssl" \
"$@"
#>

I was getting following error,When I run config.nice;

#/usr/local/apache/build/config.nice
--------------------------------------------------------------------------------------

checking whether to enable mod_ssl... checking dependencies
checking for SSL/TLS toolkit base... /usr/local/ssl
adding "-I/usr/local/ssl/include" to CPPFLAGS
adding "-I/usr/local/ssl/include" to INCLUDES
adding "-L/usr/local/ssl/lib" to LDFLAGS
adding "-R/usr/local/ssl/lib" to LDFLAGS
checking for OpenSSL version... checking openssl/opensslv.h usability... yes
checking openssl/opensslv.h presence... yes
checking for openssl/opensslv.h... yes
checking openssl/ssl.h usability... yes
checking openssl/ssl.h presence... yes
checking for openssl/ssl.h... yes
OK
forcing SSL_LIBS to "-lssl -lcrypto "
adding "-lssl" to LIBS
adding "-lcrypto" to LIBS
checking openssl/engine.h usability... yes
checking openssl/engine.h presence... yes
checking for openssl/engine.h... yes
checking for SSLeay_version... no
checking for SSL_CTX_new... no
checking for ENGINE_init... no
checking for ENGINE_load_builtin_engines... no
checking for SSL_set_cert_store... no
configure: error: ... Error, SSL/TLS libraries were missing or unusable
#>
----------------------------------------------------------------------------------------------------
Note:I was getting following error,When I run the /usr/local/apache/build/config.nice;

configure: error: ... Error, SSL/TLS libraries were missing or unusable

Note:When I copy following openssl 1.0.1c libs to /usr/local/lib,config.nice was running fine and make and make install was running fine;
 
Here is /usr/local/lib folder information;
 
#> ls -la
total 13872
drwx------ 2 root root 8 Dec 4 17:40 .
drwxr-xr-x 10 bin bin 109 Dec 5 15:18 ..
-rwx------ 1 root root 1882678 Dec 4 17:07 libcrypto.so
-rwx------ 1 root root 1632892 Dec 4 17:11 libcrypto.so.0.9.8
-rwx------ 1 root root 1882678 Dec 4 17:11 libcrypto.so.1.0.0
-rwx------ 1 root root 409381 Dec 4 17:08 libssl.so
-rwx------ 1 root root 302436 Dec 4 17:11 libssl.so.0.9.8
-rwx------ 1 root root 409381 Dec 4 17:11 libssl.so.1.0.0
#>

I was getting following output,After done make install,if I used above libs under /usr/local/lib;

[notice] Apache/2.2.25(Unix) mod_ssl/2.2.25 OpenSSL/1.0.1c configured -- resuming normal operations

I want to compile the apache 2.2.25 for FIPS compatability.So,As per Google,I was used following varaiables on the server before run the config.nice;

export CC=/usr/local/ssl/fips-2.0/bin/fipsld
export FIPSLD_CC=gcc
export LTFLAGS=--tag=CC

Please advice me How I can fix following config.nice running problem;
--------------------------------------------------------------------------------------------
configure: error: ... Error, SSL/TLS libraries were missing or unusable
-------------------------------------------------------------------------------------------

Please find attached config.log file for broken one.

I was done config.nice and make and make install on other Solaris zone without any problem;

Please find attached config.log for working Solaris 10 zone as a name working-server-config.log.

 Here is the information regarding How I build the openssl 1.0.1e for fips compatible;

1.

openssl-fips-ecp-2.0.3.tar.gz
  
  # cd /var/tmp/openssl-fips-2.0.3
#./config
#make
#make install

Note:make install created a folder called fips-2.0 under /usr/local/ssl

2.
Now,I compiled openssl-1.0.1e with fips option as like as follows;

.Copied openssl source compressed tar file(openssl-1.0.1e.tar.gz) on to /var/tmp,
.Uncompressed and Untar the above file under /var/tmp,
.Changed directory to /var/tmp/openssl-1.0.1e,
.I run the following cmds as a user root;

#cd /var/tmp/openssl-1.0.1e
#./config fips --with-fipslibdir=/usr/local/ssl/fips-2.0/lib/ no-ec2m
#make
#make install

Note: Make install copied the all the openssl files to under /usr/local/ssl,
I checked the openssl version like as follows;

#cd /usr/local/ssl
#cd bin
#./openssl

OpenSSL>version
OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL>exit
#
---------------------------------------------------------------------------------------------
Note:

I compiled above fips and openssl using gcc-4.7.2 compiler.

Please let me know,If You have any questions or concerns.

Thanks,
Srinivas




Srinivasa Rao Katta(System Administrator),
skatta33@xxxxxxxxxxx,
 

<config.log>
<working-server-config.log>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux