[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#8687) openldap fails to link w/ openssl 1.1 built w/ no-egd
Full_Name: Daniel Jonathan Kurtz
Version: 2.4.45
OS: linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (2401:fa00:1:b:dcfc:ce39:b80:8f26)
openldap 2.4.45 fails to link when built against openssl 1.1 built w/ the
default "no-egd" option:
libtool: link: x86_64-cros-linux-gnu-clang -O2 -pipe -O2 -pipe -march=corei7 -g
-fno-exceptions -fno-unwind-tables -fno-asynchronous-unwind-tables -clang-syntax
-Wl,-O1 -Wl,-O2 -Wl,--as-needed -o .libs/ltest test.o ./.libs/libldap.so
libraries/liblber/.libs/liblber.so ../../libraries/liblber/.libs/liblber.so
../../libraries/liblutil/liblutil.a -lssl -lcrypto -lresolv
./.libs/libldap.so: error: undefined reference to 'RAND_egd'
RAND_egd does not exist because OpenSSL was built with the default settings
which, as of 1.1, has "EGD" disabled by default [0].
[0] 0423f812dc Add a no-egd option to disable EGD-related code
*) EGD is no longer supported by default; use enable-egd when
configuring.
[Ben Kaduv and Rich Salz]
The RAND_egd reference is in libraries/libldap/tls_o.c:
static int
tlso_seed_PRNG( const char *randfile )
{
#ifndef URANDOM_DEVICE
/* no /dev/urandom (or equiv) */
long total=0;
char buffer[MAXPATHLEN];
if (randfile == NULL) {
/* The seed file is $RANDFILE if defined, otherwise $HOME/.rnd.
* If $HOME is not set or buffer too small to hold the pathname,
* an error occurs. - From RAND_file_name() man page.
* The fact is that when $HOME is NULL, .rnd is used.
*/
randfile = RAND_file_name( buffer, sizeof( buffer ) );
} else if (RAND_egd(randfile) > 0) {
/* EGD socket */
return 0;
}
if (randfile == NULL) {
Debug( LDAP_DEBUG_ANY,
"TLS: Use configuration file or $RANDFILE to define seed PRNG\n",
0, 0, 0);
return -1;
}
...
It seems like we should be able to make the "else if (RAND_egd(randfile) > 0)"
block conditional on "#if !defined(OPENSSL_NO_EGD)" to work around this issue