Update... Started with a fresh untar of the source, updated the Makeall with the openssl path and now we get a clean compile AND looks like we have ssl support now!! YEAH!!
Huge Thank you to Dan! Patrick Swartz -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of dan (ddp) Sent: Wednesday, January 18, 2012 8:40 AM To: [email protected] Subject: Re: [ossec-list] Solaris compile with SSL support help On Wed, Jan 18, 2012 at 9:14 AM, Swartz, Patrick H <[email protected]> wrote: > Ugh... please ignore my question about the patch... dead brain cell > somewhere... > > However, after successfully patching the Makeall file, the compile looks to > be working for a bit.. then.... > > gcc -g -Wall -I../ -I../headers -I/usr/sfw/include/openssl > -DDEFAULTDIR=\"/opt/ossecPS4\" -DCLIENT -DUSE_OPENSSL -DSOLARIS -DHIGHFIRST > -DARGV0=\"ossec-syscheckd\" -DXML_VAR=\"var\" -lsocket -lnsl -lresolv > syscheck.c config.c seechanges.c run_realtime.c create_db.c run_check.c > ../config/lib_config.a ../rootcheck/rootcheck_lib.a ../shared/lib_shared.a > ../os_xml/os_xml.a ../os_regex/os_regex.a ../os_net/os_net.a > ../os_crypto/os_crypto.a -o ossec-syscheckd > Undefined first referenced > symbol in file > rootcheck_init /var/tmp//ccHkHQm9.o This is pretty much beyond me. It looks like the rootcheck files are broken since it can't find rootcheck_init? Was there any errors or anything when building rootcheck? `cd ossec-hids-2.6/src/rootcheck && make` > ld: fatal: Symbol referencing errors. No output written to ossec-syscheckd > collect2: ld returned 1 exit status > *** Error code 1 > make: Fatal error: Command failed for target `syscheck' > Current working directory /export/home/phswartz/ossec-hids-2.6/src/syscheckd > > Error Making syscheckd > *** Error code 1 > The following command caused the error: > /bin/sh ./Makeall all > make: Fatal error: Command failed for target `all' > > Error 0x5. > Building error. Unable to finish the installation. > > > Patrick Swartz > UNIX Planning & Engineering (DSUSSE) > First Data > 402-777-7337 desk > 402-201-1192 Company cell > 402-871-8981 Personal cell > > > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of dan (ddp) > Sent: Wednesday, January 18, 2012 7:53 AM > To: [email protected] > Subject: Re: [ossec-list] Solaris compile with SSL support help > > On Wed, Jan 18, 2012 at 8:44 AM, Swartz, Patrick H > <[email protected]> wrote: >> Hi Dan, >> I tried adding that line to the (both at the beginning and end, in >> different attempts) and this is the error that shows up during the >> compile -- >> gcc: -lssl: linker input file unused because linking not done >> gcc: -lcrypto: linker input file unused because linking not done >> >> I apologize for the trouble, but if ya have any other suggestions I would be >> very grateful. >> >> Thanks so much, >> >> Patrick Swartz >> > > Give me ssh access, and I can get it done. ;) > > Seriously though, OSSEC expects these items to be in sane locations. > Nothing about Solaris is sane. Remove what I told you to add in the last > email and apply the attached diff. It basically tells the Makeall script to > look in the insane location Solaris has installed openssl to. > > >> >> >> -----Original Message----- >> From: [email protected] [mailto:[email protected]] >> On Behalf Of dan (ddp) >> Sent: Tuesday, January 17, 2012 6:05 PM >> To: [email protected] >> Subject: Re: [ossec-list] Solaris compile with SSL support help >> >> On Tue, Jan 17, 2012 at 11:45 AM, Swartz, Patrick H >> <[email protected]> wrote: >>> Hi Dan, >>> Well.. that helped it compile .. however, even though I didn't see >>> any errors when I run the agent-auth command I get the error -- >>> /opt/ossecPS/bin/agent-auth -h >>> ERROR: Not compiled. Missing OpenSSL support. >>> >>> >>> Here is a snip of the compiling .. >>> >>> *** Making os_auth *** >>> >>> gcc -g -Wall -I../ -I../headers -I/usr/sfw/include/openssl >>> -DDEFAULTDIR=\"/opt/ossecPS\" -DCLIENT -DSOLARIS -DHIGHFIRST >>> -DARGV0=\"ossec-authd\" -DXML_VAR=\"var\" -DOSSECHIDS -lsocket -lnsl >>> -lresolv main-server.c ssl.c ../addagent/validate.c >>> ../config/lib_config.a ../shared/lib_shared.a ../os_net/os_net.a >>> ../os_regex/os_regex.a ../os_crypto/os_crypto.a ../os_zlib/os_zlib.c >>> ../external/libz.a -o ossec-authd >>> >>> >>> Patrick Swartz >>> >> >> Try adding "-lssl -lcrypto -DUSE_OPENSSL" to the line. >> >>> >>> -----Original Message----- >>> From: [email protected] >>> [mailto:[email protected]] On Behalf Of dan (ddp) >>> Sent: Monday, January 16, 2012 6:07 PM >>> To: [email protected] >>> Subject: Re: [ossec-list] Solaris compile with SSL support help >>> >>> I'm guessing it didn't work? >>> >>> Try adding -I/usr/sfw/include/openssl to the CFLAGS line of >>> src/Config.Make (add it before ${CPATH} ) >>> >>> On Mon, Jan 16, 2012 at 4:19 PM, Swartz, Patrick H >>> <[email protected]> wrote: >>>> >>>> Hi All, >>>> We are trying to compile Ossec 2.6 on Solaris (starting with >>>> Solaris >>>> 10) with SSL support. >>>> >>>> Here is what we have -- System: SunOS 5.10 >>>> >>>> It appears that the headers are at -- /usr/sfw/include/openssl aes.h >>>> conf.h err.h obj_mac.h rc2.h stack.h >>>> asn1_mac.h crypto.h evp.h objects.h rc4.h >>>> symhacks.h asn1.h des_old.h hmac.h ocsp.h >>>> rc5.h tls1.h asn1t.h des.h idea.h >>>> opensslconf.h ripemd.h tmdiff.h bio.h dh.h >>>> krb5_asn.h opensslv.h rsa.h txt_db.h blowfish.h dsa.h >>>> kssl.h ossl_typ.h safestack.h ui_compat.h bn.h >>>> dso.h lhash.h pem.h sha.h ui.h buffer.h >>>> e_os2.h md2.h pem2.h ssl.h x509_vfy.h cast.h >>>> ebcdic.h md4.h pkcs12.h ssl2.h x509.h comp.h >>>> ec.h md5.h pkcs7.h ssl23.h x509v3.h >>>> conf_api.h engine.h mdc2.h rand.h ssl3.h >>>> >>>> Additional info if it helps -- >>>> root# ls /usr/sfw/lib/*ssl* >>>> /usr/sfw/lib/libssl_extra.so.0.9.7 /usr/sfw/lib/llib-lssl >>>> /usr/sfw/lib/libssl.so /usr/sfw/lib/llib-lssl.ln >>>> /usr/sfw/lib/libssl.so.0.9.7 >>>> >>>> system SUNWopenssl-commands OpenSSL Commands (Usr) >>>> system SUNWopenssl-include OpenSSL Header Files >>>> system SUNWopenssl-libraries OpenSSL Libraries (Usr) >>>> system SUNWopenssl-man OpenSSL Manual Pages >>>> system SUNWopensslr OpenSSL (Root) >>>> >>>> >>>> root# openssl version >>>> OpenSSL 0.9.7d 17 Mar 2004 (+ security fixes for: CVE-2005-2969 >>>> CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 >>>> CVE-2006-4343 >>>> CVE-2007-5135 CVE-2007-3108 CVE-2008-5077 CVE-2008-7270 >>>> CVE-2009-0590 >>>> CVE-2009-3555 CVE-2010-4180) >>>> >>>> Are there other packages I need to install or modify the make file >>>> somehow? >>>> >>>> Thanks for your help!! >>>> >>>> Patrick Swartz >>>> >>>> >>>> >>>> >>>> ----------------------------------------- >>>> The information in this message may be proprietary and/or >>>> confidential, and protected from disclosure. If the reader of this >>>> message is not the intended recipient, or an employee or agent >>>> responsible for delivering this message to the intended recipient, >>>> you are hereby notified that any dissemination, distribution or >>>> copying of this communication is strictly prohibited. If you have >>>> received this communication in error, please notify First Data >>>> immediately by replying to this message and deleting it from your >>>> computer.
