Hello everyone: This is my first time posting here, but I've been building Apache for years now since early 1.3.x and I've benefited from the archives previously. I've scanned the FAQ, recent bugs, and mailing list archives. I've also Google'd for solutions to my issue, but I'm not having success. I've successfully built Apache 2.0.59 with many modules, but I'm having trouble adding mod_auth_ldap to connect to an older Netscape Directory Server via SSL. Because of the LDAP over SSL requirement, I believe I'm restricted to use the Netscape(>iPlanet>Sun>RedHat)>Mozilla LDAP C SDK rather and OpenLDAP's libraries. I've built the Mozilla LDAP version 6.0 C SDK successfully (version 5 does not seem to work on the ia64 architecture) and I can use ldapsearch command line tool from the SDK to connect to the ldaps:// LDAP server with SSL. I am building httpd-2.0.59 on a SGI Altix 350 (ia64 architecture) with Novell SuSE 9.3. It's possible there is confusion with installed OpenLDAP libraries, I think I see it fall back to them, below. Questions: 1) Is this the best place to ask about building mod_auth_ldap? 2) Is it possible to use OpenLDAP libraries instead of Mozilla LDAP C SDK to do a ldaps:// connection? 3) ./modules/experimental/README.ldap implies that this module is still experimental -- is that true? 4) Is mod_auth_ldap planned to support the Mozilla LDAP C SDK, version 6? From what I've seen (details below), it does not support version 6. 5) Should I file a bug to build against Mozilla LDAP C SDK, version 6? Here is the only reference I found for how to build version 6: http://directory.fedora.redhat.com/wiki/Building I made two edits to get configure working, based upon my searching the web: http://www.mozilla.org/directory/csdk-docs/getstart.htm#compile_ldap_cli ent corroborates: http://mail-archives.apache.org/mod_mbox/httpd-bugs/200310.mbox/%3C20031 010091309.20406.qmail@xxxxxxxxxxxxxxxxxxxxxx%3E ______________________________________________________________ The first edit was to modify the SDK's ldap_ssl.h header to include ldap.h, and this is successful in avoiding this configure issue: checking ldap_ssl.h usability... no checking ldap_ssl.h presence... yes configure: WARNING: ldap_ssl.h: present but cannot be compiled configure: WARNING: ldap_ssl.h: check for missing prerequisite headers? configure: WARNING: ldap_ssl.h: see the Autoconf documentation configure: WARNING: ldap_ssl.h: section "Present But Cannot Be Compiled" configure: WARNING: ldap_ssl.h: proceeding with the preprocessor's result configure: WARNING: ldap_ssl.h: in the future, the compiler will take precedence configure: WARNING: ## ------------------------------------------ ## configure: WARNING: ## Report this to the AC_PACKAGE_NAME lists. ## configure: WARNING: ## ------------------------------------------ ## checking for ldap_ssl.h... yes ______________________________________________________________ The second edit was to: vi :3611 srclib/apr-util/configure and change two lines to use the 60 (versus 50) libraries. Otherwise, I would see this during configure: checking for ldap_init in -lldap50... yes setting APRUTIL_EXPORT_LIBS to "-lldap50 -lnspr4 -lplc4 -lplds4 -liutil50 - llber50 -lldif50 -lnss3 -lprldap50 -lssl3 -lssldap50" setting APRUTIL_LIBS to "-lldap50 -lnspr4 -lplc4 -lplds4 -liutil50 -llber50 -lldif50 -lnss3 -lprldap50 -lssl3 -lssldap50" checking for ldapssl_install_routines in -lldap50... yes checking for ldap_start_tls_s in -lldap50... yes ______________________________________________________________ Here is what I currently see with the 60 modification, I think it falls back to the OpenLDAP libraries on my system after trying libldap60: checking for ldap support... setting APRUTIL_INCLUDES to "-I/engr/pkgs/mozilla/dist/public/ldap" setting APRUTIL_LDFLAGS to "-L/engr/lib:/engr/pkgs/mozilla/dist/lib:/engr/pkgs/mozilla/dist/Linux2. 6_ia64_glibc_PTH_64_DBG.OBJ/lib" checking for ldap_init in -lldap60... no checking for ldap_init in -lldapssl41... no checking for ldap_init in -lldapssl40... no checking for ldap_init in -lldapssl30... no checking for ldap_init in -lldapssl20... no checking for ldap_init in -lldap... yes setting APRUTIL_EXPORT_LIBS to "-lldap -llber" setting APRUTIL_LIBS to "-lldap -llber" checking for ldapssl_install_routines in -lldap... no checking for ldap_start_tls_s in -lldap... yes checking for ber_init in -llber... yes checking lber.h usability... yes checking lber.h presence... yes checking for lber.h... yes checking for ldap.h... yes checking ldap_ssl.h usability... yes checking ldap_ssl.h presence... yes checking for ldap_ssl.h... yes ______________________________________________________________ The make fails... make[3]: Entering directory `/engr/pkgs/httpd-2.0.59/modules/experimental' /engr/pkgs/httpd-2.0.59/srclib/apr/libtool --silent --mode=compile gcc -g -O2 -pthread -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -DAP_HAVE_DESIGNATED_INITIALIZER -I/engr/pkgs/httpd-2.0.59/srclib/apr/include -I/engr/pkgs/httpd-2.0.59/srclib/apr-util/include -I/engr/pkgs/mozilla/dist/public/ldap -I. -I/engr/pkgs/httpd-2.0.59/os/unix -I/engr/pkgs/httpd-2.0.59/server/mpm/prefork -I/engr/pkgs/httpd-2.0.59/modules/http -I/engr/pkgs/httpd-2.0.59/modules/filters -I/engr/pkgs/httpd-2.0.59/modules/proxy -I/engr/pkgs/httpd-2.0.59/include -I/engr/pkgs/httpd-2.0.59/modules/generators -I/usr/include/openssl -I/engr/pkgs/httpd-2.0.59/modules/dav/main -prefer-non-pic -static -c util_ldap.c && touch util_ldap.lo util_ldap.c: In function `util_ldap_connection_open': util_ldap.c:290: error: `LDAP_OPT_X_TLS_HARD' undeclared (first use in this function) util_ldap.c:290: error: (Each undeclared identifier is reported only once util_ldap.c:290: error: for each function it appears in.) util_ldap.c:291: error: `LDAP_OPT_X_TLS' undeclared (first use in this function) util_ldap.c: In function `util_ldap_post_config': util_ldap.c:1605: error: `LDAP_OPT_X_TLS_CACERTFILE' undeclared (first use in this function) make[3]: *** [util_ldap.lo] Error 1 make[3]: Leaving directory `/engr/pkgs/httpd-2.0.59/modules/experimental' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/engr/pkgs/httpd-2.0.59/modules/experimental' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/engr/pkgs/httpd-2.0.59/modules' make: *** [all-recursive] Error 1 Here is the head of config.log: ______________________________________________________________ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by configure, which was generated by GNU Autoconf 2.59. Invocation command line was $ ./configure --prefix=/engr/apache-2.0.59 --with-mpm=prefork --enable-info --enable-ssl --disable-userdir --enable-proxy --enable-proxy-http --disable-proxy-ftp --enable-rewrite --with-z=/engr/lib --with-ldap=yes --enable-ldap=static --enable-auth-ldap=static --with-ldap-include=/engr/pkgs/mozilla/dist/public/ldap --with-ldap-lib=/engr/lib:/engr/pkgs/mozilla/dist/lib:/engr/pkgs/mozilla /dist/Lin ux2.6_ia64_glibc_PTH_64_DBG.OBJ/lib --enable-dav --enable-dav_fs ## --------- ## ## Platform. ## ## --------- ## hostname = sloop uname -m = ia64 uname -r = 2.6.5-7.252-default uname -s = Linux uname -v = #1 SMP Tue Feb 14 11:11:04 UTC 2006 ______________________________________________________________ Thanks for any help and answers to my questions! --Mark __ Mark Lavi, Enterprise Web Management Team @ SGI mailto:mlavi@xxxxxxx || phone:+1-650-933-7707 --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|