So your saying I need to recompile the SSL lib with the -D flag or define the include directory /usr/include/kerberos to work? Or can I just compile my SSL program w/-DOPENSSL_NO_KRB5 ?
Thanks Again Jeff, Fred > -----Original Message----- > From: Jeff Fulmer [mailto:[EMAIL PROTECTED] > Sent: Thursday, January 08, 2004 12:36 PM > To: [EMAIL PROTECTED] > Subject: Re: Kerberos support? > > > The problem is that RH9 put kerboros headers outside the include path > but they compiled openssl with kerboros support. As a result, programs > that use openssl don't compile unless /usr/kerberos/include > is added to > -I. I got around this by compiling without kerkeros support: > > -DOPENSSL_NO_KRB5 > > Cheers, > Jeff > > On Thu, Jan 08, 2004 at 12:19:45PM -0600, Fred Crable wrote: > > I may be a little off-topic, but I'm porting my code to > Red-Hat Enterprise 2.4 and I was wondering what libs I needed > to stop the following link errors? They look like Kerberos > lib functions, but I'm not finding them defined with "nm" in > any of the /usr/kerberos/lib files. BTW -- This compiled > great on 7.3, it looks like I may be missing an RPM or > something? I didn't have to include -lkrb5 before, but I was > trying it to resolve some of the symbols. It did resolve > some, but not all. > > > > >From my System: > > [EMAIL PROTECTED] root]# uname -r > > 2.4.21-4.0.1.EL > > [EMAIL PROTECTED] lib]# rpm -q --redhatprovides > /usr/kerberos/include/krb5.h > > krb5-devel-1.2.7-19 > > [EMAIL PROTECTED] lib]# rpm -q openssl > > openssl-0.9.7a-22.1 > > > > Thanks! > > > > > /usr/lib/gcc-lib/i386-redhat-linux/3.2.3/../../../libssl.a(kss > l.o)(.text+0x1f3): In function `populate_cksumlens': > > : undefined reference to `krb5_checksum_size' > > /usr/kerberos/lib/libkrb5.a(auth_con.o)(.text+0x6a5): In > function `krb5_auth_con_initivector': > > : undefined reference to `krb5_c_block_size' > > /usr/kerberos/lib/libkrb5.a(decrypt_tk.o)(.text+0x24): In > function `krb5_decrypt_tkt_part': > > : undefined reference to `valid_enctype' > > /usr/kerberos/lib/libkrb5.a(decrypt_tk.o)(.text+0x89): In > function `krb5_decrypt_tkt_part': > > : undefined reference to `krb5_c_decrypt' > > /usr/kerberos/lib/libkrb5.a(init_ctx.o)(.text+0x139): In > function `init_common': > > : undefined reference to `krb5_c_random_seed' > > /usr/kerberos/lib/libkrb5.a(init_ctx.o)(.text+0x3d4): In > function `krb5_set_default_in_tkt_ktypes': > > : undefined reference to `valid_enctype' > > > > Thank You, > > Fred Crable > > > > > -----Original Message----- > > > From: Jeff Fulmer [mailto:[EMAIL PROTECTED] > > > Sent: Thursday, January 08, 2004 9:42 AM > > > To: [EMAIL PROTECTED] > > > Subject: Re: Kerberos support? > > > > > > > > > On Wed, Jan 07, 2004 at 11:59:13AM -0000, > > > [EMAIL PROTECTED] wrote: > > > > > > > > > > Hi, > > > > > > > > > > I'm the author of siege, an open source http > regression tester. I > > > > > recently started to recieve complaints from users on > Red Hat 9.0 > > > > > systems. Apparently openssl is built with kerberos > > > support on red > > > > > hat 9.0 and it requires krb5.h which is in > /usr/kerberos/include > > > > > How can I detect if openssl was built with kerberos support? > > > > > > > > > > Second Red Hat 9.0 users are experiencing crashes > when siege is > > > > > using https protocol, ie, openssl libs. Several people have > > > > > experienced > > > > > this problem but were unable to replicate it on another > > > > > system. Is there > > > > > a known issue with openssl on Red Hat 9.0? I have not yet > > > recieved a > > > > > meaningful stacktrace. > > > > > > > > > > Cheers, > > > > > Jeff > > > > > > > > > > > > > Have you checked with Red Hat's bugzilla > > > > (https://bugzilla.redhat.com/bugzilla)? "rpm -q openssl" > > > should give you > > > > "openssl-0.9.7a-20" if you've got the latest version > > > installed, which was > > > > released last year. > > > > > > > > The rpmdb-redhat rpm package can show you which package has > > > which file: > > > > > > > > rpm -q --redhatprovides /usr/kerberos/include/krb5.h > > > > krb5-devel-1.2.7-10 > > > > > > Unfortunately I don't have access to a Red Hat system. I use > > > SuSE. I've > > > been forced to rely on siege users to assist with this issue. > > > I checked > > > out bugzilla, thanks for the link. Somebody posted a > > > complaint that the > > > kerboros headers were in /usr/kerboros/include but since > > > openssl relies > > > on them, people are experiencing compile time errors. Of > course, we > > > already knew that ;-) > > > > > > > A bit odd that you'll need a devel package for a running > > > system, but it > > > > could be a quick solution for you. Otherwise you might wish > > > to recompile > > > > openssl for your system (which might be a sledgehammer to > > > crack a nut). Be > > > > careful not to overwrite the existing openssl files though. > > > > > > I've decided to "fix" the problem like this: > > > SSL_CFLAGS="-DOPENSSL_NO_KRB5" > > > > > > > > > > Not important, but I can't get your .sig to compile... > > > > > > Hardy: $ cat .signature > haha.c && gcc -o haha haha.c && haha > > > Just another C hacker > > > > > > > > > -- > > > #include <stdio.h> > > > int main(){int > > > a[]={74,117,115,116,32,97,110,111,116,104,101,114,32,67,\ > > > 32,104,97,99,107,101,114,10};int > *b=a;for(;*b>0;printf("%c",*(b++)));} > > > > ______________________________________________________________________ > > > OpenSSL Project > http://www.openssl.org > > > User Support Mailing List > [EMAIL PROTECTED] > > > Automated List Manager > [EMAIL PROTECTED] > > > > > > ______________________________________________________________________ > > OpenSSL Project > http://www.openssl.org > > User Support Mailing List > [EMAIL PROTECTED] > > Automated List Manager > [EMAIL PROTECTED] > > > > -- > #include <stdio.h> > int main(){int a[]={74,117,115,116,32,97,110,111,116,104,101,114,32, \ > 67,32,104,97,99,107,101,114,10,0}; int *b=a;while(*b>0)putchar(*b++);} > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
