Re: RSA/openssl compile problem
> OK, I cvsup'ed from ftp.internat.freebsd.org cvs-crypto > Just for the record, FWIW: > > # make -i Use make world. Doing it this way does not ensure that the bits are built in the right order. - Jordan To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: RSA/openssl compile problem
> > installing the rsaref package if you're in the US or the rsaintl > > package if you're outside the US. Of course, the rsaintl package ^^^ ^^^ > > doesn't quite *exist* yet, but that's another story. :-) > > librsaintl existed right from the start of the rsa (not rsaref) dlopen() > functionality, see src/secure/lib/librsaintl. Package, peter. Package package package.. :) - Jordan To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: RSA/openssl compile problem
Christoph Kukulies wrote: > On Mon, Feb 28, 2000 at 11:47:22PM +0800, Peter Wemm wrote: > > "Jordan K. Hubbard" wrote: > > > > OK, I browsed through the source tree to locate something looking > > > > like an RSA package and found /usr/src/crypto/openssl > > > > > > /usr/src/crypto is just like /usr/src/contrib - you *never* attempt > > > to build things out of it. That will fail. > > OK, I cvsup'ed from ftp.internat.freebsd.org cvs-crypto > Just for the record, FWIW: > > # make -i > ===> lib > ===> lib/libcipher > ===> lib/libtelnet > ===> lib/libcrypto > ===> lib/librsaglue > ===> lib/libssl > ===> lib/librsausa > Warning: Object directory not changed from original /usr/src/secure/lib/librs ausa > ===> lib/librsaintl > Warning: Object directory not changed from original /usr/src/secure/lib/librs aintl > ===> lib/libssh > ===> libexec > ===> libexec/telnetd > ===> usr.bin > ===> usr.bin/bdes > ===> usr.bin/telnet > ===> usr.bin/openssl > cc -O -pipe -DMONOLITH -DNO_IDEA -I/usr/src/secure/usr.bin/openssl-o open ssl apps.o asn1pars.o ca.o ciphers.o crl.o crl2p7.o dgst.o dh.o dsa.o dsapa ram.o enc.o errstr.o gendh.o gendsa.o genrsa.o nseq.o openssl.o pkcs12.o pk cs7.o pkcs8.o req.o rsa.o s_cb.o s_client.o s_server.o s_socket.o s_time.o sess_id.o speed.o verify.o version.o x509.o -lssl -lcrypto > speed.o: In function `speed_main': > speed.o(.text+0x5f7): undefined reference to `RSA_PKCS1' > *** Error code 1 (ignored) > ===> usr.bin/scp > ===> usr.bin/ssh > ===> usr.bin/ssh-add > ===> usr.bin/ssh-agent > ===> usr.bin/ssh-keygen > ===> usr.sbin > ===> usr.sbin/sshd That's because you are trying to link openssl against the *old* /usr/lib/libcrypto. In all cases, you need to build/install libraries and includes before trying to compile and link against them. The dependency rules of what depends on what can be quite complex. 'buildworld' does this. Cheers, -Peter To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: RSA/openssl compile problem
On Mon, Feb 28, 2000 at 11:47:22PM +0800, Peter Wemm wrote: > "Jordan K. Hubbard" wrote: > > > OK, I browsed through the source tree to locate something looking > > > like an RSA package and found /usr/src/crypto/openssl > > > > /usr/src/crypto is just like /usr/src/contrib - you *never* attempt > > to build things out of it. That will fail. OK, I cvsup'ed from ftp.internat.freebsd.org cvs-crypto Just for the record, FWIW: # make -i ===> lib ===> lib/libcipher ===> lib/libtelnet ===> lib/libcrypto ===> lib/librsaglue ===> lib/libssl ===> lib/librsausa Warning: Object directory not changed from original /usr/src/secure/lib/librsausa ===> lib/librsaintl Warning: Object directory not changed from original /usr/src/secure/lib/librsaintl ===> lib/libssh ===> libexec ===> libexec/telnetd ===> usr.bin ===> usr.bin/bdes ===> usr.bin/telnet ===> usr.bin/openssl cc -O -pipe -DMONOLITH -DNO_IDEA -I/usr/src/secure/usr.bin/openssl-o openssl apps.o asn1pars.o ca.o ciphers.o crl.o crl2p7.o dgst.o dh.o dsa.o dsaparam.o enc.o errstr.o gendh.o gendsa.o genrsa.o nseq.o openssl.o pkcs12.o pkcs7.o pkcs8.o req.o rsa.o s_cb.o s_client.o s_server.o s_socket.o s_time.o sess_id.o speed.o verify.o version.o x509.o -lssl -lcrypto speed.o: In function `speed_main': speed.o(.text+0x5f7): undefined reference to `RSA_PKCS1' *** Error code 1 (ignored) ===> usr.bin/scp ===> usr.bin/ssh ===> usr.bin/ssh-add ===> usr.bin/ssh-agent ===> usr.bin/ssh-keygen ===> usr.sbin ===> usr.sbin/sshd Anyway, make -i install got around this and /usr/bin/ssh now works: # ldd /usr/bin/ssh /usr/bin/ssh: libcrypto.so.1 => /usr/lib/libcrypto.so.1 (0x2807c000) libutil.so.3 => /usr/lib/libutil.so.3 (0x28118000) libz.so.2 => /usr/lib/libz.so.2 (0x28122000) libc.so.4 => /usr/lib/libc.so.4 (0x2812f000) > > > > What you need is simply the rsaref package. I think somebody was > > supposed to improve the wording that the stubs emit, the version I > > originally committed (but Peter now has sole responsibility for :) > > having only place-holder text. The real text should talk about > > installing the rsaref package if you're in the US or the rsaintl > > package if you're outside the US. Of course, the rsaintl package > > doesn't quite *exist* yet, but that's another story. :-) > > librsaintl existed right from the start of the rsa (not rsaref) dlopen() > functionality, see src/secure/lib/librsaintl. > > Cheers, > -Peter -- Chris Christoph P. U. Kukulies [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: RSA/openssl compile problem
"Jordan K. Hubbard" wrote: > > OK, I browsed through the source tree to locate something looking > > like an RSA package and found /usr/src/crypto/openssl > > /usr/src/crypto is just like /usr/src/contrib - you *never* attempt > to build things out of it. That will fail. > > What you need is simply the rsaref package. I think somebody was > supposed to improve the wording that the stubs emit, the version I > originally committed (but Peter now has sole responsibility for :) > having only place-holder text. The real text should talk about > installing the rsaref package if you're in the US or the rsaintl > package if you're outside the US. Of course, the rsaintl package > doesn't quite *exist* yet, but that's another story. :-) librsaintl existed right from the start of the rsa (not rsaref) dlopen() functionality, see src/secure/lib/librsaintl. Cheers, -Peter To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: RSA/openssl compile problem
> It exists in source form - you just need to build secure/lib/librsaintl > and install it. Perhaps, but according to the conversation I had with Peter, at least, it also wants to be in the ports collection and build a package version of itself. :) Not everyone has source on their box. - Jordan To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: RSA/openssl compile problem
On Mon, 28 Feb 2000, Jordan K. Hubbard wrote: > What you need is simply the rsaref package. I think somebody was > supposed to improve the wording that the stubs emit, the version I > originally committed (but Peter now has sole responsibility for :) Yes, this was on my mental list of things to do tonight, but I forgot. I just added a note on my paper list :-) > having only place-holder text. The real text should talk about > installing the rsaref package if you're in the US or the rsaintl > package if you're outside the US. Of course, the rsaintl package > doesn't quite *exist* yet, but that's another story. :-) It exists in source form - you just need to build secure/lib/librsaintl and install it. > In the meantime, I think you simply want the rsaref package even > though you're not technically forced to use it there in Germany. This shouldn't be necessary. Kris "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: RSA/openssl compile problem
> OK, I browsed through the source tree to locate something looking > like an RSA package and found /usr/src/crypto/openssl /usr/src/crypto is just like /usr/src/contrib - you *never* attempt to build things out of it. That will fail. What you need is simply the rsaref package. I think somebody was supposed to improve the wording that the stubs emit, the version I originally committed (but Peter now has sole responsibility for :) having only place-holder text. The real text should talk about installing the rsaref package if you're in the US or the rsaintl package if you're outside the US. Of course, the rsaintl package doesn't quite *exist* yet, but that's another story. :-) In the meantime, I think you simply want the rsaref package even though you're not technically forced to use it there in Germany. - Jordan To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
RSA/openssl compile problem
After my nightly build of -current ran through on Feb 26th and had installed everything I find myself with things broken WRT ssh. My first invocation of ssh resulted in a warning that it was creating a new host entry in known_hosts, then I got : ** R_RandomInit: Unable to find an rsaref shared library (librsaref.so). ** Install an RSA package on your system and run this program again OK, I browsed through the source tree to locate something looking like an RSA package and found /usr/src/crypto/openssl But trying to compile/install fails. I did a Configure FreeBSD-elf and everything looked fine in the first place but then: making links in crypto/rc5... Makefile => Makefile.ssl rc5.h => ../../include/openssl/rc5.h rc5test.c => ../../test/rc5test.c cd: can't cd to idea *** Error code 2 and also .. Making all in crypto... make: don't know how to make ../include/openssl/bio.h. Stop *** Error code 1 Stop in /usr/src/crypto/openssl. then: -- Chris Christoph P. U. Kukulies [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
