I tried that one, but I was linking everything with -static. I guess there are some shared object libs that will provide the Kerberos support because I removed my -static and used the OPENSSL_NO_KRB5 and it compiled OK.
We'll see if it runs :) I did bring over the RTFM example C code just for kicks and it compiled w/o any complaints and w/o defining the NO_KRB5!? Perhaps I'll recompile openssl on the target RedHat Enterprise 2.4. Thanks again for the help. Regards, Fred Crable > -----Original Message----- > From: Jeff Fulmer [mailto:[EMAIL PROTECTED] > Sent: Thursday, January 08, 2004 1:26 PM > To: [EMAIL PROTECTED] > Subject: Re: Kerberos support? > > > You should be able to compile the program with -DOPENSSL_NO_KRB5 > > > On Thu, Jan 08, 2004 at 12:51:44PM -0600, Fred Crable wrote: > > So your saying I need to recompile the SSL lib with the -D > flag or define the include directory /usr/include/kerberos to > work? Or can I just compile my SSL program w/-DOPENSSL_NO_KRB5 ? > > > > Thanks Again Jeff, > > Fred > > > > > -----Original Message----- > > > From: Jeff Fulmer [mailto:[EMAIL PROTECTED] > > > Sent: Thursday, January 08, 2004 12:36 PM > > > To: [EMAIL PROTECTED] > > > Subject: Re: Kerberos support? > > > > > > > > > The problem is that RH9 put kerboros headers outside the > include path > > > but they compiled openssl with kerboros support. As a > result, programs > > > that use openssl don't compile unless /usr/kerberos/include > > > is added to > > > -I. I got around this by compiling without kerkeros support: > > > > > > -DOPENSSL_NO_KRB5 > > > > > > Cheers, > > > Jeff > > > > > > On Thu, Jan 08, 2004 at 12:19:45PM -0600, Fred Crable wrote: > > > > I may be a little off-topic, but I'm porting my code to > > > Red-Hat Enterprise 2.4 and I was wondering what libs I needed > > > to stop the following link errors? They look like Kerberos > > > lib functions, but I'm not finding them defined with "nm" in > > > any of the /usr/kerberos/lib files. BTW -- This compiled > > > great on 7.3, it looks like I may be missing an RPM or > > > something? I didn't have to include -lkrb5 before, but I was > > > trying it to resolve some of the symbols. It did resolve > > > some, but not all. > > > > > > > > >From my System: > > > > [EMAIL PROTECTED] root]# uname -r > > > > 2.4.21-4.0.1.EL > > > > [EMAIL PROTECTED] lib]# rpm -q --redhatprovides > > > /usr/kerberos/include/krb5.h > > > > krb5-devel-1.2.7-19 > > > > [EMAIL PROTECTED] lib]# rpm -q openssl > > > > openssl-0.9.7a-22.1 > > > > > > > > Thanks! > > > > > > > > > > > /usr/lib/gcc-lib/i386-redhat-linux/3.2.3/../../../libssl.a(kss > > > l.o)(.text+0x1f3): In function `populate_cksumlens': > > > > : undefined reference to `krb5_checksum_size' > > > > /usr/kerberos/lib/libkrb5.a(auth_con.o)(.text+0x6a5): In > > > function `krb5_auth_con_initivector': > > > > : undefined reference to `krb5_c_block_size' > > > > /usr/kerberos/lib/libkrb5.a(decrypt_tk.o)(.text+0x24): In > > > function `krb5_decrypt_tkt_part': > > > > : undefined reference to `valid_enctype' > > > > /usr/kerberos/lib/libkrb5.a(decrypt_tk.o)(.text+0x89): In > > > function `krb5_decrypt_tkt_part': > > > > : undefined reference to `krb5_c_decrypt' > > > > /usr/kerberos/lib/libkrb5.a(init_ctx.o)(.text+0x139): In > > > function `init_common': > > > > : undefined reference to `krb5_c_random_seed' > > > > /usr/kerberos/lib/libkrb5.a(init_ctx.o)(.text+0x3d4): In > > > function `krb5_set_default_in_tkt_ktypes': > > > > : undefined reference to `valid_enctype' > > > > > > > > Thank You, > > > > Fred Crable > > > > > > > > > -----Original Message----- > > > > > From: Jeff Fulmer [mailto:[EMAIL PROTECTED] > > > > > Sent: Thursday, January 08, 2004 9:42 AM > > > > > To: [EMAIL PROTECTED] > > > > > Subject: Re: Kerberos support? > > > > > > > > > > > > > > > On Wed, Jan 07, 2004 at 11:59:13AM -0000, > > > > > [EMAIL PROTECTED] wrote: > > > > > > > > > > > > > > Hi, > > > > > > > > > > > > > > I'm the author of siege, an open source http > > > regression tester. I > > > > > > > recently started to recieve complaints from users on > > > Red Hat 9.0 > > > > > > > systems. Apparently openssl is built with kerberos > > > > > support on red > > > > > > > hat 9.0 and it requires krb5.h which is in > > > /usr/kerberos/include > > > > > > > How can I detect if openssl was built with > kerberos support? > > > > > > > > > > > > > > Second Red Hat 9.0 users are experiencing crashes > > > when siege is > > > > > > > using https protocol, ie, openssl libs. Several > people have > > > > > > > experienced > > > > > > > this problem but were unable to replicate it on another > > > > > > > system. Is there > > > > > > > a known issue with openssl on Red Hat 9.0? I have not yet > > > > > recieved a > > > > > > > meaningful stacktrace. > > > > > > > > > > > > > > Cheers, > > > > > > > Jeff > > > > > > > > > > > > > > > > > > > Have you checked with Red Hat's bugzilla > > > > > > (https://bugzilla.redhat.com/bugzilla)? "rpm -q openssl" > > > > > should give you > > > > > > "openssl-0.9.7a-20" if you've got the latest version > > > > > installed, which was > > > > > > released last year. > > > > > > > > > > > > The rpmdb-redhat rpm package can show you which package has > > > > > which file: > > > > > > > > > > > > rpm -q --redhatprovides /usr/kerberos/include/krb5.h > > > > > > krb5-devel-1.2.7-10 > > > > > > > > > > Unfortunately I don't have access to a Red Hat system. I use > > > > > SuSE. I've > > > > > been forced to rely on siege users to assist with this issue. > > > > > I checked > > > > > out bugzilla, thanks for the link. Somebody posted a > > > > > complaint that the > > > > > kerboros headers were in /usr/kerboros/include but since > > > > > openssl relies > > > > > on them, people are experiencing compile time errors. Of > > > course, we > > > > > already knew that ;-) > > > > > > > > > > > A bit odd that you'll need a devel package for a running > > > > > system, but it > > > > > > could be a quick solution for you. Otherwise you might wish > > > > > to recompile > > > > > > openssl for your system (which might be a sledgehammer to > > > > > crack a nut). Be > > > > > > careful not to overwrite the existing openssl files though. > > > > > > > > > > I've decided to "fix" the problem like this: > > > > > SSL_CFLAGS="-DOPENSSL_NO_KRB5" > > > > > > > > > > > > > > > > Not important, but I can't get your .sig to compile... > > > > > > > > > > Hardy: $ cat .signature > haha.c && gcc -o haha haha.c && haha > > > > > Just another C hacker > > > > > > > > > > > > > > > -- > > > > > #include <stdio.h> > > > > > int main(){int > > > > > a[]={74,117,115,116,32,97,110,111,116,104,101,114,32,67,\ > > > > > 32,104,97,99,107,101,114,10};int > > > *b=a;for(;*b>0;printf("%c",*(b++)));} > > > > > > > > > ______________________________________________________________________ > > > > > OpenSSL Project > > > http://www.openssl.org > > > > > User Support Mailing List > > > [EMAIL PROTECTED] > > > > > Automated List Manager > > > [EMAIL PROTECTED] > > > > > > > > > > > > > ______________________________________________________________________ > > > > OpenSSL Project > > > http://www.openssl.org > > > > User Support Mailing List > > > [EMAIL PROTECTED] > > > > Automated List Manager > > > [EMAIL PROTECTED] > > > > > > > > > > -- > > > #include <stdio.h> > > > int main(){int > a[]={74,117,115,116,32,97,110,111,116,104,101,114,32, \ > > > 67,32,104,97,99,107,101,114,10,0}; int > *b=a;while(*b>0)putchar(*b++);} > > > > ______________________________________________________________________ > > > OpenSSL Project http://www.openssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager [EMAIL PROTECTED] > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > -- #include <stdio.h> int main(){int a[]={74,117,115,116,32,97,110,111,116,104,101,114,32, \ 67,32,104,97,99,107,101,114,10,0}; int *b=a;while(*b>0)putchar(*b++);} ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
