Bug 1756

Summary:

5.4p1 fails to build on SuSE 10 64bit with openssl/1.0.0 due to missing -L flag

Product:

Portable OpenSSH

Reporter:

sebastian.wenzler

Component:

Build system

Assignee:

Assigned to nobody <unassigned-bugs>

Status:

CLOSED FIXED

Severity:

major

CC:

djm, dtucker

Priority:

Version:

5.4p1

Hardware:

amd64

OS:

Linux

Bug Depends on:

Bug Blocks:

1708

Attachments:

Description	Flags
openssh-ssl-lib64.patch	none

Description sebastian.wenzler 2010-04-14 16:31:34 AEST

Hi there

openssl/1.0.0 installs its libs to <rootdir>/lib64

This is not recognized by openssh.

Though LD_LIBRARY_PATH and LD_RUN_PATH are set to include these,
configure script fails to find the libs unless
--with-cflags="-L/app/openssl/1.0.0/LMWP2/lib64"  is used

But this parameter is not passed to all gcc calls and
compilation then fails with

make[1]: Leaving directory `/local/scratch/openssh-5.4p1/openbsd-compat'
gcc -o ssh-add ssh-add.o -L. -Lopenbsd-compat/ -L/app/openssl/1.0.0/LMWP2  -fstack-protector-all -lssh -lopenbsd-compat -lcrypto -ldl -lutil -lz -lnsl  -lcrypt -lresolv
./libssh.a(cipher.o): In function `cipher_set_keyiv':
/local/scratch/openssh-5.4p1/cipher.c:377: undefined reference to `EVP_CIPHER_CTX_iv_length'
./libssh.a(cipher.o): In function `cipher_get_keyiv':
/local/scratch/openssh-5.4p1/cipher.c:343: undefined reference to `EVP_CIPHER_CTX_iv_length'
./libssh.a(cipher.o): In function `cipher_crypt':
/local/scratch/openssh-5.4p1/cipher.c:281: undefined reference to `EVP_Cipher'
./libssh.a(cipher.o): In function `cipher_init':
/local/scratch/openssh-5.4p1/cipher.c:252: undefined reference to `EVP_CIPHER_CTX_key_length'
/local/scratch/openssh-5.4p1/cipher.c:267: undefined reference to `EVP_Cipher'
./libssh.a(cipher.o): In function `cipher_get_keyiv_len':
/local/scratch/openssh-5.4p1/cipher.c:329: undefined reference to `EVP_CIPHER_CTX_iv_length'
./libssh.a(cipher-ctr.o): In function `ssh_aes_ctr':
/local/scratch/openssh-5.4p1/cipher-ctr.c:70: undefined reference to `EVP_CIPHER_CTX_get_app_data'
./libssh.a(cipher-ctr.o): In function `ssh_aes_ctr_cleanup':
/local/scratch/openssh-5.4p1/cipher-ctr.c:107: undefined reference to `EVP_CIPHER_CTX_get_app_data'
/local/scratch/openssh-5.4p1/cipher-ctr.c:110: undefined reference to `EVP_CIPHER_CTX_set_app_data'
./libssh.a(cipher-ctr.o): In function `ssh_aes_ctr_init':
/local/scratch/openssh-5.4p1/cipher-ctr.c:90: undefined reference to `EVP_CIPHER_CTX_get_app_data'
/local/scratch/openssh-5.4p1/cipher-ctr.c:95: undefined reference to `EVP_CIPHER_CTX_key_length'
/local/scratch/openssh-5.4p1/cipher-ctr.c:92: undefined reference to `EVP_CIPHER_CTX_set_app_data'
./libssh.a(cipher-ctr.o): In function `ssh_aes_ctr_iv':
/local/scratch/openssh-5.4p1/cipher-ctr.c:120: undefined reference to `EVP_CIPHER_CTX_get_app_data'
./libssh.a(cipher-3des1.o): In function `ssh1_3des_cbc':
/local/scratch/openssh-5.4p1/cipher-3des1.c:110: undefined reference to `EVP_CIPHER_CTX_get_app_data'
/local/scratch/openssh-5.4p1/cipher-3des1.c:119: undefined reference to `EVP_Cipher'
/local/scratch/openssh-5.4p1/cipher-3des1.c:120: undefined reference to `EVP_Cipher'
/local/scratch/openssh-5.4p1/cipher-3des1.c:121: undefined reference to `EVP_Cipher'
./libssh.a(cipher-3des1.o): In function `ssh1_3des_cleanup':
/local/scratch/openssh-5.4p1/cipher-3des1.c:132: undefined reference to `EVP_CIPHER_CTX_get_app_data'
/local/scratch/openssh-5.4p1/cipher-3des1.c:138: undefined reference to `EVP_CIPHER_CTX_set_app_data'
./libssh.a(cipher-3des1.o): In function `ssh1_3des_init':
/local/scratch/openssh-5.4p1/cipher-3des1.c:69: undefined reference to `EVP_CIPHER_CTX_get_app_data'
/local/scratch/openssh-5.4p1/cipher-3des1.c:79: undefined reference to `EVP_CIPHER_CTX_key_length'
/local/scratch/openssh-5.4p1/cipher-3des1.c:98: undefined reference to `EVP_CIPHER_CTX_set_app_data'
/local/scratch/openssh-5.4p1/cipher-3des1.c:71: undefined reference to `EVP_CIPHER_CTX_set_app_data'
./libssh.a(cipher-3des1.o): In function `ssh1_3des_iv':
/local/scratch/openssh-5.4p1/cipher-3des1.c:150: undefined reference to `EVP_CIPHER_CTX_get_app_data'
collect2: ld returned 1 exit status


As you can see gcc was passed -L/app/openssl/1.0.0/LMWP2 automatically by the configure script. cflags are not passed and the libraries located in lib64 are not honored nor recognized.

Environment
SLED10.1 64
gcc 4.4.3

./configure --prefix=/app/openssh/5.4p1/LMWP2 --without-rsh --with-ssl-dir=/app/openssl/1.0.0/LMWP2 --sysconfdir=/app/openssh/5.4p1/LMWP2/etc --with-privsep-path=/app/openssh/5.4p1/LMWP2/empty --without-zlib-version-check --with-cflags="-L/app/openssl/1.0.0/LMWP2/lib64" 

openssl was configured with
./Configure --prefix=/app/openssl/1.0.0 shared linux-x86_64


BR
Sebastian

Comment 1 Damien Miller 2010-04-14 16:48:54 AEST

cflags are compilation flags. I think you want:

LDFLAGS="-L/app/openssl/1.0.0/LMWP2/lib64" ./configure ...

or

./configure --ldflags="-L/app/openssl/1.0.0/LMWP2/lib64" ...

Comment 2 sebastian.wenzler 2010-04-14 17:14:40 AEST

(In reply to comment #1)
> cflags are compilation flags. I think you want:
> LDFLAGS="-L/app/openssl/1.0.0/LMWP2/lib64" ./configure ...
> or
> ./configure --ldflags="-L/app/openssl/1.0.0/LMWP2/lib64" ...

Hi,

configure --help|grep ldflags
shows --with-ldflags not --ldflags

--with-ldflags="-L/app/openssl/1.0.0/LMWP2/lib64" resolves the issue
BUT openssh should look for the libraries in opensslrootdir/lib64 too,
if this is the default library installation path of openssl 1.0.0 for an amd64 system.
Why isnt LD_LIBRARY_PATH(LD_RUN_PATH) honored either?

BR
Sebastian

Comment 3 sebastian.wenzler 2010-04-14 17:16:52 AEST

(In reply to comment #1)
> cflags are compilation flags. I think you want:
> LDFLAGS="-L/app/openssl/1.0.0/LMWP2/lib64" ./configure ...
> or
> ./configure --ldflags="-L/app/openssl/1.0.0/LMWP2/lib64" ...

Hi,

configure --help|grep ldflags
shows --with-ldflags not --ldflags

--with-ldflags="-L/app/openssl/1.0.0/LMWP2/lib64" resolves the issue
BUT openssh should look for the libraries in opensslrootdir/lib64 too,
if this is the default library installation path of openssl 1.0.0 for an amd64 system.
Why isnt LD_LIBRARY_PATH(LD_RUN_PATH) honored either?

BR
Sebastian

-----------
./configure --with-ssl-dir=/app/openssl/1.0.0/LMWP2
...
checking OpenSSL header version... 1000000f (OpenSSL 1.0.0 29 Mar 2010) checking OpenSSL library version... 90801f (OpenSSL 0.9.8a 11 Oct 2005) checking whether OpenSSL's headers match the library... no
configure: error: Your OpenSSL headers do not match your library. Check config.log for details.
If you are sure your installation is consistent, you can disable the check by running "./configure --without-openssl-header-check".
Also see contrib/findssl.sh for help identifying header/library mismatches.

Comment 4 Darren Tucker 2010-04-23 11:07:03 AEST

if that's what openssl does by default (and it looks like it does) then configure should be able to handle that case.

Comment 5 Darren Tucker 2010-04-23 11:09:47 AEST

Created attachment 1841 [details]
openssh-ssl-lib64.patch

Check for the existence of a lib64 directory in the openssl install dir.

Comment 6 Darren Tucker 2010-04-23 11:12:35 AEST

Patch has been committed and will be in the 5.6p1 release. Thanks for the report.

Comment 7 Damien Miller 2011-01-24 12:33:57 AEDT

Move resolved bugs to CLOSED after 5.7 release