[users@httpd] Apache 2.0.59 with openssl 0.9.8b compilation questions ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

When I compile apache 2.2.2 with openssl 0.9.8b (gcc 3.4.x, linux and
solaris) I can start Apache with ssl successfully.

Openssl:
	./config --prefix=/usr/opt/openssl0.9.8b -static-libgcc
Apache:
	./configure --prefix=/usr/opt/apache2.2.2 \
	--enable-so --enable-mods-shared=all \
	--enable-ssl --with-ssl=/usr/opt/openssl0.9.8b
      ...

With apache 2.0.59 similarly configured when I start with SSL I get the
error:
"Cannot load /test/apache2.0.59/modules/mod_ssl.so into server:
/test/apache2.0.59/modules/mod_ssl.so: undefined symbol: X509_free

Looking at many user postings, They suggest to compile openssl with shared.
So I set the following:
Openssl:
	./config shared --prefix=/usr/opt/openssl0.9.8b -static-libgcc

And set the following flag before configuring/making apache.
	export LDFLAGS="-R/usr/opt/openssl0.9.8b/lib"

It works - I can start Apache successfully !!

I am a bit puzzled and have the following questions:

1) Would anyone know if there is an apache
source/changelog/readme/documentation that confirms that openSSL *must* be
compiled with "shared" ?
Is there an alternative option/FLAG that could make the ssl.so statically
compiled into the httpd core instead of the that dependency ?
Apparently this is an old problem fixed in 2.2.x. Seems odd that this was
not fixed for the 2.0 branch earlier:
http://www.mail-archive.com/modssl-users@xxxxxxxxxx/msg14344.html

2) Even though it works I have a couple warnings any ideas in what situation
this could hurt my system?:
ssl_scache_shmht.c: In function `ssl_scache_shmht_retrieve':
ssl_scache_shmht.c:237: warning: passing arg 2 of `d2i_SSL_SESSION' from
incompatible pointer type

3) An ldd httpd shows some dependencies on Linux that I do not have on
Solaris
        libgssapi_krb5.so.2 => /usr/kerberos/lib/libgssapi_krb5.so.2
        libkrb5.so.3 => /usr/kerberos/lib/libkrb5.so.3
        libcom_err.so.3 => /usr/kerberos/lib/libcom_err.so.3
        libk5crypto.so.3 => /usr/kerberos/lib/libk5crypto.so.3
        libresolv.so.2 => /lib/libresolv.so.2 (0xb73ba000)
the Linux default /usr/lib/libssl.so has these dependencies not my openssl
build.  How can I turn off the kerberos for the apache compilation ? Which
file(s) should I considering editing to get rid of these?

Thanks - Fred
-- 
View this message in context: http://www.nabble.com/Apache-2.0.59-with-openssl-0.9.8b-compilation-questions---tf2082579.html#a5737926
Sent from the Apache HTTP Server - Users forum at Nabble.com.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux