RE: Problem in configuring SSL with openldap - openldap-software

12 Oct 2006


      Please keep your replies on the mailing list.
Two examples of Solaris OpenSSL builds that linked with OpenLDAP can be 
found at:
Quanah's OpenSSL build page at 
http://www.stanford.edu/services/directory/openldap/configuration/openssl-bu...
Rutgers OpenSSL spec file at 
http://cvs.rutgers.edu/cgi-bin/viewcvs.cgi/*checkout*/SPECS/openssl.spec
I note that they both have the word "shared" in various places, which you 
do not mention.
OpenSSL is not provided by the OpenLDAP Project; please direct further 
discussion to a relevant OpenSSL list until you're sure that it built 
correctly. You should come back to openldap-software if OpenLDAP autoconf 
fails to recognize the (properly built and installed) libraries.
On Thu, 12 Oct 2006, Monica_Rana wrote:
...
Hi Aaron,
I had followed the below mentioned steps for installing openssl:

$ ./config
$ make
$ make test
$ make install.

All the options ran without any errors.
Do I need to do anything extra?
In my /usr/local/ssl/lib/, libcrypto.so does not exist. The following
file exists at the mentioned path
# pwd
/usr/local/ssl/lib
# ls
engines      libcrypto.a  libssl.a     pkgconfig
Regards,
Monica Rana
-----Original Message-----
From: Aaron Richton [mailto:richton@nbcs.rutgers.edu]
Sent: Thursday, October 12, 2006 4:59 PM
To: Monica_Rana
Cc: Phillip; openldap-software@openldap.org
Subject: RE: Problem in configuring SSL with openldap
I see that RSA stuff, but I'm not sure if that's as fatal as your
failure to link in libdl on the previous attempt (:19590). Your build
seems to be picking up a libcrypto.a; on my Solaris systems, ldd
/usr/local/ssl/lib/libcrypto.so shows a dependency on libdl.so.1.
Towards this end I'd:
(a) make sure that openssl was compiled into shared objects, e.g.
/usr/local/ssl/lib/libcrypto.so exists
(b) make sure that it was compiled reasonably; at a minimum, that ldd
/usr/local/ssl/lib/libcrypto.so comes out clean without any "file not
found"
(c) include RPATH in your LDFLAGS, e.g. "-L/usr/local/ssl/lib
-R/usr/local/ssl/lib -L/usr/local/db4/lib -R/usr/local/db4/lib" instead.
See if any or all of that helps...
On Thu, 12 Oct 2006, Monica_Rana wrote:
...
Phillip,
I have checked the include and lib path. But seeing at the config
logs, it seems that the problem is with RSAglue/rsaref. I am new to
openLDAP and openSSL. So am not able to actually decode the logs.
Regards,
Monica Rana
-----Original Message-----
From: Phillip [mailto:phuang@plasmon.cn]
Sent: Thursday, October 12, 2006 1:07 PM
To: Monica_Rana
Cc: openldap-software@openldap.org
Subject: Re: Problem in configuring SSL with openldap
Monica,
Maybe you've take a mistake in setting "env", just try:
env CPPFLAGS="-I/usr/local/include -I/usr/local/ssl/include -
I/usr/local/db4/include"  LDFLAGS="-L/usr/local/ssl/lib -
L/usr/local/db4/lib" ./configure --with-tls --with-cyrus-sasl
--enable- wrappers --enable-crypt --enable-bdb
You'd better verify the "include" and "lib" path for SSL and DB.
Regards,
Phillip
On Thu, 2006-10-12 at 12:18 +0530, Monica_Rana wrote:
...
Hi All,
I have the following installed on solaris 8.
openLDAP 2.3.27
openSSL 0.9.8b.
when i try to configure using the command env
CPPFLAGS="-I/usr/local/include -I/usr/local/include/ssl -
I/usr/local/include/db4"
    LDFLAGS="-L/usr/local/ssl/lib -L/usr/local/lib/db4"
    ./configure --with-tls --with-cyrus-sasl --enable-wrappers --
enable-crypt --enable-bdb it throws the error checking for
openssl/ssl.h... yes checking for SSL_library_init in -lssl... no
checking for ssl3_accept in -lssl... no checking OpenSSL library
version (CRL checking capability)... yes
configure: error: Could not locate TLS/SSL package.
Please let me know what could be the possible reson behind. PFA the
config.log file.
Regards,
Monica Rana
**************** CAUTION - Disclaimer ***************** This e-mail
contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for
the use of the addressee(s). If you are not the intended recipient,
please notify the sender by e-mail and delete the original message.
Further, you are not to copy, disclose, or distribute this e- mail or
...
...
its contents to any other person and any such actions are unlawful.
This e-mail may contain viruses. Infosys has taken every reasonable
precaution to minimize this risk, but is not liable for any damage
you
...
may sustain as a result of any virus in this e-mail. You should carry
...
...
out your own virus checks before opening the e-mail or attachment.
Infosys reserves the right to monitor and review the content of all
messages sent to or from this e-mail address. Messages sent to or
from
...
this e-mail address may be stored on the Infosys e- mail system.
***INFOSYS******** End of Disclaimer ********INFOSYS***