On Thu, Mar 07, 2024 at 09:58:38AM +1100, Darren Tucker wrote: > On Thu, Mar 07, 2024 at 09:39:31AM +1100, Darren Tucker wrote: > > On Thu, 7 Mar 2024 at 02:19, Damien Miller <djm@xxxxxxxxxxx> wrote: > > > On Tue, 5 Mar 2024, The Doctor wrote: > > > > Showstopper problem! > > > > > > > > I want configure to work with /usr/local/bin/openssl and not /usr/bin/openssl > [...] > > I changed it to better support OpenSSL directories in non-default paths: > > https://github.com/openssh/openssh-portable/commit/26cab41c05 > > > > Just reversing the search path order will cause other problems, > > though, since there is no guarantee the bin/openssl in a non-default > > location is functional (eg if its libraries are not in the system > > default runtime linker path and it's built without -rpath, which it's > > usually not). > > Please try this patch. Note that you will need to run "autoreconf" to > rebuild configure before rerunning it. I think it covers all of the > cases correctly: > > $ which openssl > /usr/bin/openssl > > $ ./configure | grep bin/openssl && grep OPENSSL_BIN Makefile > checking for openssl... /usr/bin/openssl > OPENSSL_BIN='/usr/bin/openssl' \ > > $ ./configure --with-ssl-dir=/usr/local | grep > bin/openssl && grep OPENSSL_BIN Makefile > checking for openssl... /usr/local/bin/openssl > OPENSSL_BIN='/usr/local/bin/openssl' \ > > $ ./configure --with-ssl-dir=/opt/openssl/3.3.0-dev --with-rpath=-Wl,-rpath, | grep bin/openssl && grep OPENSSL_BIN Makefile > checking for openssl... /usr/bin/openssl > OPENSSL_BIN='/usr/bin/openssl' \ > > $ /opt/openssl/3.3.0-dev/bin/openssl version > /opt/openssl/3.3.0-dev/bin/openssl: /lib64/libssl.so.3: version > `OPENSSL_3.2.0' not found (required by /opt/openssl/3.3.0-dev/bin/openssl) > > $ make ssh >/dev/null && ./ssh -V > OpenSSH_9.6p1, OpenSSL 3.3.0-dev > > diff --git a/configure.ac b/configure.ac > index fda092830..1aba65c00 100644 > --- a/configure.ac > +++ b/configure.ac > @@ -2735,7 +2735,15 @@ AC_ARG_WITH([ssl-dir], > else > CPPFLAGS="-I${withval} ${CPPFLAGS}" > fi > - openssl_bin_PATH="${PATH}${PATH_SEPARATOR}${withval}/bin${PATH_SEPARATOR}${withval}/apps" > + dnl Ensure specified openssl binary works, eg it can > + dnl find its runtime libraries, before trying to use. > + if test -x "${withval}/bin/openssl" && \ > + "${withval}/bin/openssl" version >/dev/null 2>&1; then > + openssl_bin_PATH="${withval}/bin${PATH_SEPARATOR}${PATH}" > + elif test -x "${withval}/apps/openssl" && \ > + "${withval}/apps/openssl" version >/dev/null 2>&1; then > + openssl_bin_PATH="${withval}/apps${PATH_SEPARATOR}${PATH}" > + fi > fi > ] > ) > In which test release can this be made available? > -- > Darren Tucker (dtucker at dtucker.net) > GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. -- Member - Liberal International This is doctor@xxxxx Ici doctor@xxxxx Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen What worth the power of law that won't stop lawlessness? -unknown _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
