OpenSSH-7.1p1 fails configure check with LibreSSL-2.2.4
austinenglish at gmail.com
Tue Nov 10 15:23:12 AEDT 2015
On Mon, Nov 9, 2015 at 5:35 PM, Darren Tucker <dtucker at zip.com.au> wrote:
> On Tue, Nov 10, 2015 at 9:22 AM, Austin English <austinenglish at gmail.com> wrote:
>> I'm attempting to compile openssh-7.1p1 using libressl-2.2.4 for the
>> ssl implementation. Unfortunately, this fails to work (tested on
>> Debian Unstable and Gentoo):
>> conftest.c:225:4: warning: implicit declaration of function 'exit'
> These things are noise. I'll fix them, but they're not the cause of
> your problem.
Sure, just wanted to be complete.
>> ./conftest: error while loading shared libraries: libcrypto.so.35:
>> cannot open shared object file: No such file or directory
> This is the problem: configure is telling the linker to link against
> libcrypto in the libressl directory but you have not told the runtime
> linker to look there for shared libraries, so your binaries (in this
> case, the configure test) fail at runtime.
> To fix this you probably want to either:
> - add /opt/libressl-2.2.4/lib to /etc/ld.conf or /etc/ld.conf.d/ and
> run ldconfig
> - remove the .so files from /opt/libressl-2.2.4/lib so that the
> linker will pick up the static libcrypto.
I tried removing the .so's, but openssh then falls back to the system
openssl instead of the specified ssl. The .a's are present (I also
tried explicitly building libressl with --enable-shared, but that made
>> export LD_LIBRARY_PATH=/opt/libressl-2.2.4
>> Works around this issue, and allows OpenSSH to compile (though some
>> tests fail that don't with openssl-1.0.2d.
> That'll help anything that inherits the environment, but anything that
> sanitizes its environment (eg sudo) will fail, and the resulting
> binaries won't work without the environment variable.
> Darren Tucker (dtucker at zip.com.au)
> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
> Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
More information about the openssh-unix-dev