[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#5763) libRSAglue bug in OpenLDAP configure script
epj@newpointtech.com wrote:
> Full_Name: Eric Johanson
> Version: 2.4.12
> OS: Debian Linux 4.0
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (64.80.228.78)
>
>
> The "configure" script has a bug when TLS is enabled, which causes it to fail
> when using recent versions of OpenSSL. The bug is found on line 18759 of the
> "configure" script in OpenLDAP 2.4.12. The line currently reads:
>
> LIBS="-lssl -lcrypto -lRSAglue -lrsaref $LIBS"
>
> But the -lRSAglue and -lrsaref are old OpenSSL libraries that are not in use any
> more. I modified the above line to read:
>
> LIBS="-lssl -lcrypto $LIBS"
>
> This solves the problem. However, perhaps someone wants to add logic to detect
> which version of OpenSSL is being used and then vary the LIBS variable
> accordingly when the configure script tests for the linkability of the
> ssl3_accept() function.
>
> Note that many Linux systems, even those that have a recent OpenSSL, may still
> have the -lRSAglue and -lrsaref libraries (just for compatibility reasons). To
> reproduce this bug, you will have to search your system and remove all files
> with the names libRSAglue.a and librsaref.a.
The configure script only checks for -lRSAglue after it has already failed to
link without it. As such, there's something wrong on your machine for it to
even be reaching that test. There is no OpenLDAP bug here.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/