When upgrading OpenSSL to 0.9.8 (from 0.9.7g) I run into problems compiling OpenSSH. Other things like Stunnel compile OK. When I originally ran into this problem, I though maybe OpenSSH wasn't dealing with some OpenSSL changes so I set the issue aside for a while. Now that OpenSSH 4.2p1 is out, I'm back working on this. But so far I cannot figure why this is happening.
I'm doing this compile under several Slackware environments, 9.0 through 10.1, with the gcc/ld/make versions found in those environments. But in all these cases, zlib is upgraded to 1.2.3 already. I tried compiling every combination of OpenSSL versions 0.9.7f, 0.9.7g, and 0.9.8 with OpenSSH versions 3.9p1, 4.0p1, 4.1p1, and 4.2p1. The errors are only occurring when OpenSSL 0.9.8 is used, but the error happens during the build of OpenSSH (this I cannot rule out this being an OpenSSH problem). The final message I get in each failing case is: ============================================================================= gcc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o sshconnect1.o sshconnect2.o -static -L. -Lopenbsd-compat -lssh -lopenbsd-compat -lresolv -lcrypto -lutil -lz -lnsl -lcrypt /usr/lib/gcc-lib/i386-slackware-linux/3.2.2/../../../libcrypto.a(dso_dlfcn.o)(.text+0x5c): In function `dlfcn_load': : undefined reference to `dlopen' /usr/lib/gcc-lib/i386-slackware-linux/3.2.2/../../../libcrypto.a(dso_dlfcn.o)(.text+0xc2): In function `dlfcn_load': : undefined reference to `dlclose' /usr/lib/gcc-lib/i386-slackware-linux/3.2.2/../../../libcrypto.a(dso_dlfcn.o)(.text+0xee): In function `dlfcn_load': : undefined reference to `dlerror' /usr/lib/gcc-lib/i386-slackware-linux/3.2.2/../../../libcrypto.a(dso_dlfcn.o)(.text+0x185): In function `dlfcn_bind_var': : undefined reference to `dlsym' /usr/lib/gcc-lib/i386-slackware-linux/3.2.2/../../../libcrypto.a(dso_dlfcn.o)(.text+0x1b2): In function `dlfcn_bind_var': : undefined reference to `dlerror' /usr/lib/gcc-lib/i386-slackware-linux/3.2.2/../../../libcrypto.a(dso_dlfcn.o)(.text+0x27d): In function `dlfcn_bind_func': : undefined reference to `dlsym' /usr/lib/gcc-lib/i386-slackware-linux/3.2.2/../../../libcrypto.a(dso_dlfcn.o)(.text+0x2aa): In function `dlfcn_bind_func': : undefined reference to `dlerror' /usr/lib/gcc-lib/i386-slackware-linux/3.2.2/../../../libcrypto.a(dso_dlfcn.o)(.text+0x5ad): In function `dlfcn_unload': : undefined reference to `dlclose' collect2: ld returned 1 exit status make: *** [ssh] Error 1 ============================================================================= The functions dlfcn_load(), dlfcn_bind_var(), dlfcn_bind_func(), and dlfcn_unload() are all in OpenSSL. But clearly they need libdl when being linked during the OpenSSH build. OpenSSH does not explicitly have -ldl in this linking step. Since this step works fine with older OpenSSL versions, I presume that the libdl functions needed go included in libcrypto.a somehow. But they are apparently missing when OpenSSL version 0.9.8 is built. I could hack up a fix to make this work. But I think it is better to figure out what is going wrong to cause this just in 0.9.8, and why it works OK in 0.9.7g and before. But I cannot follow the logic of how OpenSSL's Makefile is working to see how libdl might be affected. The only difference I see between Makefiles for 0.9.8 and 0.9.7g is in the HPUX platform. But my platform is Slackware (9.0 through 10.1) on x86. Here are log files of the full building process as run by a script that ensures each build is always started from a fresh unpacking of each tarball. Other combinations (openssh, openssl, and slackware) are also present in the same directory with the same name pattern. This shows the success with 0.9.7g: http://phil.ipal.org/ssl-ssh/openssl-0.9.7g-in-slackware-10.1.txt.gz http://phil.ipal.org/ssl-ssh/openssh-4.2p1-with-openssl-0.9.7g-in-slackware-10.1.txt.gz This shows the failure with 0.9.8: http://phil.ipal.org/ssl-ssh/openssl-0.9.8-in-slackware-10.1.txt.gz http://phil.ipal.org/ssl-ssh/openssh-4.2p1-with-openssl-0.9.8-in-slackware-10.1.txt.gz My script does build SSL as a 4 level version library instead of 3 level with a letter, since that's the only way I can get multiple versions to co-exist on the same system. I hope that's not the issue. All levels are symlinked. I hope someone has some insight into what is going on and what the PROPER way to fix this is (as opposed to hacks I could do that might not work in future versions of either OpenSSL or OpenSSH). Hopefully it is as simple as some configure parameter or just something wrong with the way I have been building OpenSSL. FYI, all these builds are being done in a chroot environment initialized with the respective Slackware system trees, on a single machine, under Linux kernel 2.6.11.8. -- ----------------------------------------------------------------------------- | Phil Howard KA9WGN | http://linuxhomepage.com/ http://ham.org/ | | (first name) at ipal.net | http://phil.ipal.org/ http://ka9wgn.ham.org/ | ----------------------------------------------------------------------------- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
