On Solaris 2.7 sparc, with OpenSSL installed in /usr/local/ssl, "configure --with-ssl-dir=/usr/local/ssl" fails with error "Could not find working OpenSSL library, please install or check config.log" config.log contains: ------------------------------------------------------------------ configure:4605: gcc -o conftest -g -O2 -Wall -I/usr/local/include -I/opt -L/usr/local/lib -R/usr/local/lib -L/opt -R/opt conftest.c -lz -lsocket -lnsl -lgen -lcrypto 1>&5 configure:4594: openssl/rand.h: No such file or directory configure: failed program was: #line 4591 "configure" #include "confdefs.h" #include <string.h> #include <openssl/rand.h> ------------------------------------------------------------------ The problem seems to result from this loop: ------------------------------------------------------------------ for ssldir in $tryssldir "" /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do <snip> # Try to use $ssldir/include if it exists, otherwise # $ssldir if test -d "$ssldir/include" ; then CPPFLAGS="$saved_CPPFLAGS -I$ssldir/include" ------------------------------------------------------------------ Since "saved_CPPFLAGS" (which is set to /usr/local/include) is never updated, this loop merely appends the last existing directory (which is /opt on my system) to CPPFLAGS. Seems it should either append *all* existing include directories from the "for" list", or only use the directory passed with the "--with-ssl-dir" option. An easy workaround is to remove all but "/usr/local/ssl" from the "for" list.
The openssh version is 2.5.2p2, but the relevant code in 3.1p1 "configure" looks the same.
I don't understand the problem here: CPPFLAGS gets updated for each directory on the list with either -Idirectory or -Idirectory/include (if it exists).
Can't replicate
As I said, from the code (and the output) you can see each existing dir or dir/include is not *appended* to CPPFLAGS, but *replaces* the previous. So I claim "configure --with-ssl-dir=/usr/local/ssl" works only in the following cases: 1. OpenSSL headers are installed in /usr/local/include (or any one of the directories CPPFLAGS is initially set to)and no directory in "for" list exists. 2. OpenSSL headers are installed in the last existing directory in "for" list If my claim is incorrect, please explain and I apologize in advance.
You claim is incorrect: we break from the search loop if/when a test program correctly executes. In this case, you are left with the correct directory in $ssldir If the test program doesn't compile or execute then you get the error message.
*** Bug 229 has been marked as a duplicate of this bug. ***
Created attachment 89 [details] configure.ac patch (ssl search cleanup)
Please test the patch in attachment (id=89) We wre about to put this in a while back but it was right before a release so we didn't. (Then we forgot about it) :-(
this patch was applied to 3.5. If this issue still exists in 3.5 and above. Please reopen with new information.
Mass change of RESOLVED bugs to CLOSED