You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Martin Kraemer <ma...@apache.org> on 2006/01/23 16:55:41 UTC
OpenSSL with zlib support breaks SSL detection in apache-2.3-dev
Hi everyone,
While debugging a recent openssl library which was built with zlib
support (that is, openssl combines compression and encryption),
I noticed that such a lib breaks the current OpenSSL detection code
in apache-2.3 (at least, probably others too).
The configure program prints...
checking whether to enable mod_ssl... checking dependencies
checking for SSL/TLS toolkit base... /home/dev-apache/apache-deejai/openssl
checking for OpenSSL version... checking openssl/opensslv.h usability... yes
checking openssl/opensslv.h presence... yes
checking for openssl/opensslv.h... yes
checking openssl/ssl.h usability... yes
checking openssl/ssl.h presence... yes
checking for openssl/ssl.h... yes
OK
checking openssl/engine.h usability... yes
checking openssl/engine.h presence... yes
checking for openssl/engine.h... yes
checking for SSLeay_version in -lcrypto... yes
checking for SSL_CTX_new in -lssl... no
checking for ENGINE_init... yes
checking for ENGINE_load_builtin_engines... yes
checking for SSL_set_cert_store... no
configure: error: ... Error, SSL/TLS libraries were missing or unusable
and then stops. Looking at the config.lig file, I see the following
snippets:
--snip--
configure:10229: checking for zlib library
configure:10250: gcc -o conftest -g -Wall -D_THREAD_SAFE -D_REENTRANT -L/home/dev-apache/apache-deejai/openssl -L/usr/local/lib conftest.c -lm -lz >&5
configure: In function `main':
configure:10242: warning: unused variable `i'
configure:10253: $? = 0
configure:10256: test -s conftest
configure:10259: $? = 0
configure:10261: result: found
...
configure:13213: checking for SSLeay_version in -lcrypto
configure:13246: gcc -o conftest -g -Wall -D_THREAD_SAFE -D_REENTRANT -L/home/dev-apache/apache-deejai/openssl -L/usr/local/lib -L/home/dev-apache/apache-deejai/openssl/lib conftest.c -lcrypto -lm -lcrypt >&5
configure:13249: $? = 0
configure:13252: test -s conftest
configure:13255: $? = 0
configure:13266: result: yes
configure:13280: checking for SSL_CTX_new in -lssl
configure:13313: gcc -o conftest -g -Wall -D_THREAD_SAFE -D_REENTRANT -L/home/dev-apache/apache-deejai/openssl -L/usr/local/lib -L/home/dev-apache/apache-deejai/openssl/lib conftest.c -lssl -lcrypto -lm -lcrypt >&5
/home/dev-apache/apache-deejai/openssl/libcrypto.a(c_zlib.o): In function `zlib_stateful_init':
c_zlib.o(.text+0x67): undefined reference to `inflateInit_'
c_zlib.o(.text+0xb5): undefined reference to `deflateInit_'
/home/dev-apache/apache-deejai/openssl/libcrypto.a(c_zlib.o): In function `zlib_stateful_compress_block':
c_zlib.o(.text+0x1ee): undefined reference to `deflate'
/home/dev-apache/apache-deejai/openssl/libcrypto.a(c_zlib.o): In function `zlib_stateful_expand_block':
c_zlib.o(.text+0x266): undefined reference to `inflate'
/home/dev-apache/apache-deejai/openssl/libcrypto.a(c_zlib.o): In function `zlib_stateful_free_ex_data':
c_zlib.o(.text+0x299): undefined reference to `inflateEnd'
c_zlib.o(.text+0x2a5): undefined reference to `deflateEnd'
configure:13316: $? = 1
...
configure:13333: result: no
--snip--
So, while zlib was detected first, it was not available in the $LIBS
variable when the openssl checks were performed.
So my question is: should another zlib-test be added (the zlib test
above is meant for testing mod_deflate compilability only) or should
libs like libz be made generally available for all other config checks,
by permanently adding them to the global $LIBS?
My personal workaround for now is to manually add -lz to LIBS by
patching the generated configure. I tried setting
$ LIBS=-lz ./configure ...
but it did not help (why?).
Martin
--
<Ma...@Fujitsu-Siemens.com> | Fujitsu Siemens
Fon: +49-89-636-46021, FAX: +49-89-636-48332 | 81730 Munich, Germany
Re: OpenSSL with zlib support breaks SSL detection in apache-2.3-dev
Posted by Justin Erenkrantz <ju...@erenkrantz.com>.
On Mon, Jan 23, 2006 at 04:55:41PM +0100, Martin Kraemer wrote:
> Hi everyone,
>
> While debugging a recent openssl library which was built with zlib
> support (that is, openssl combines compression and encryption),
> I noticed that such a lib breaks the current OpenSSL detection code
> in apache-2.3 (at least, probably others too).
Sounds like OpenSSL's pkgconfig code isn't reporting zlib. -- justin