Hi Dan,
Thank's for the infos.
But my goal here is to get unbound and drill to compile with the stock
openssl from Solaris just like in previous version.
And because there is still a configure option to compile without sha2,
it should work...
So there is an issue with some ifdefs...
Simon.
On 12/15/12 01:49 PM, Luther, Dan wrote:
Simon,
Compiling with default SSL under Solaris can be tricky, and rather than let
Oracle keep up with patches, I downloaded and used my own OpenSSL. I *almost*
got a 64-bit compile to work with OpenSSL and GCC, but failed and had to settle
with 32 bit (BTW, if anyone has had success compiling OpenSSL with GCC on a
Solaris10/Sparc architecture *and* make it work, I'd like to talk with you!)
To get around the default SSL and make sure I didn't break anything in
production, I downloaded and installed OpenSSL to a separate directory:
$ ./Configure --openssldir=/usr/local/openssl shared threads
solaris-sparcv9-gcc
(Note -- if you're not using Sparc/sun4u/sun4v architecture, you'll need to fix
that last bit to match your architecture)
I downloaded "libevent-2.0.20-stable" and configured with:
$ ./configure --with-openssl=/usr/local/openssl
And of course, "ldns":
$ ./configure --with-ssl=/usr/local/openssl
Finally unbound-1.4.18:
$ ./configure --prefix=/usr/local/dns --with-ssl=/usr/local/openssl
--with-solaris-threads \
--with-username=dns --disable-rpath --with-libevent
--with-chroot-dir= \
--enable-shared --enable-largefile
The only bad part of this is you must specify the "LD_LIBRARY_PATH" so unbound
knows where the new OpenSSL libraries are:
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/openssl/lib
Hope this helps.
Dan Luther
Operations Engineer
Systems Operation Engineering
Level 3 Communications
One Technology Center, Tulsa OK 74103
p: 918-547-4370
e: [email protected]
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Simon-Bernard Drolet
Sent: Friday, December 14, 2012 3:52 PM
To: [email protected]
Subject: [Unbound-users] Compile ldns 1.6.16/unbound 1.4.19 on Solaris 10.
Hello,
I'm trying to update my libevent, ldns and unbound package.
I'm configuring the compile like this: (because of default ssl in Solaris 10).
# ./configure --disable-sha2 --disable-gost --disable-ecdsa
While trying to compile ldns, I get this:
# gmake
./libtool --tag=CC --quiet --mode=compile gcc -I. -I. -DHAVE_CONFIG_H
-Wwrite-strings -W -Wall -O2 -g -std=c99 -D__EXTENSIONS__ -D_BSD_SOURCE
-D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_ALL_SOURCE -I/usr/sfw/include
-c ./dane.c -o dane.lo
./dane.c: In function `ldns_dane_cert2rdf':
./dane.c:122: error: `SHA256_DIGEST_LENGTH' undeclared (first use in this
function)
./dane.c:122: error: (Each undeclared identifier is reported only once
./dane.c:122: error: for each function it appears in.)
./dane.c:137: error: `SHA512_DIGEST_LENGTH' undeclared (first use in this
function)
./dane.c: In function `ldns_dane_get_nth_cert_from_validation_chain':
./dane.c:293: warning: implicit declaration of function `X509_check_ca'
gmake: *** [dane.lo] Error 1
Any pointers ?
It was ok in 1.6.13... But I get the same error with 1.6.14, 1.6.15 and
1.6.16... With the dane.c file...
--
Simon-Bernard Drolet, SPecialiste X Inc., 514.247.6741
Simon.Bernard.Drolet<at>gmail(dot)com, Senior Solaris Contractor, Canada
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
