openssh 6.5p1 configure and ssl location/shared
Karl Berry
karl at freefriends.org
Mon Feb 10 09:12:28 EST 2014
Greetings,
In openssh 6.5p1, configure --with-ssl-dir=/usr/local/openssl failed for
me because it could not find opensslv.h. This is because that section
of the configure hardwires the /usr/local/ssl directory instead of using
the --with-ssl-dir value. From configure.ac:
..
LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${sa\
ved_LDFLAGS}"
else
LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
fi
CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
..
I made a symlink /usr/local/ssl to work around that.
Then it failed again, this time because the link with libcrypto failed.
This is because I only install a static openssl, where configure was
assuming a shared library. The error looked like this, from config.log:
/usr/bin/ld: /usr/local/ssl/lib/libcrypto.a(eng_init.o): relocation
R_X86_64_32 against `.rodata.str1.1' can not be used when making a
shared object; recompile with -fPIC
/usr/local/ssl/lib/libcrypto.a: could not read symbols: Bad value
This happened because the -Wl,-z,relro option is now being included by
default. This is on CentOS 6.5, x86_64, though I suppose any
GNU ld that supports the option would induce the same error given the
lack of shared libraries.
I ran configure --without-hardening to work around that problem. Then
it all went through.
Thanks for the amazing software,
Karl
More information about the openssh-unix-dev
mailing list