https://bugs.openldap.org/show_bug.cgi?id=9242
Bug ID: 9242 Summary: build failure with OpenSSL 0.9.7: EVP_sha256() undefined Product: OpenLDAP Version: 2.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: build Assignee: bugs@openldap.org Reporter: ryan@openldap.org Target Milestone: ---
git master fails to build with OpenSSL 0.9.7d:
$ openssl version OpenSSL 0.9.7d 17 Mar 2004 (+ security fixes for: CVE-2005-2969 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-7250 CVE-2007-5135 CVE-2007-3108 CVE-2008-5077 CVE-2008-7270 CVE-2009-0590 CVE-2009-2409 CVE-2009-3555 CVE-2010-4180 CVE-2011-4576 CVE-2011-4619 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2131 CVE-2012-2333)
$ ./configure --with-tls=openssl --disable-slapd && make [...] libtool: link: gcc -g -O2 -o apitest apitest.o -L/usr/sfw/lib ./.libs/libldap.a /export/home/ryan/openldap/libraries/liblber/.libs/liblber.a ../../libraries/liblber/.libs/liblber.a ../../libraries/liblutil/liblutil.a -lsasl -lssl -lcrypto -lresolv -lgen -lnsl -lsocket -R/usr/sfw/lib Undefined first referenced symbol in file EVP_sha256 ./.libs/libldap.a(tls_o.o) ld: fatal: symbol referencing errors. No output written to apitest collect2: ld returned 1 exit status *** Error code 1
The SHA-2 algorithms were first added in OpenSSL 0.9.8.
If the use of EVP_sha256() is to be unconditional, please make configure fail if an older version is detected, and update the documentation as well (i.e. admin guide for 2.5).
(This could also be an opportunity to make the CRL feature unconditional; currently it is enabled only with OpenSSL 0.9.7d or later.)