MD2 Dependency in FreeBSD 8.0 - OpenSSL 1.0.0 Needs MD2 enabled
in [Ports]
|
Prev: Testers wanted: ISC DHCP 4
Next: Latest squid update
From: John Marshall on 3 May 2010 00:51 This is obviously a workaround but... After updating ports (including security/openssl) on a FreeBSD 8-STABLE (Feb 25) system, I couldn't build net/samba33. This is what I saw... Linking bin/smbd /usr/lib/libhx509.so: undefined reference to `MD2_Init' /usr/lib/libhx509.so: undefined reference to `MD2_Final' /usr/lib/libhx509.so: undefined reference to `MD2_Update' gmake: *** [bin/smbd] Error 1 *** Error code 1 OpenSSL 1.0.0 does not include MD2 by default but does include a knob: MD2 "Build with MD2 hash (obsolete)" off If I re-build OpenSSL 1.0.0 with the "obsolete" MD2, then samba builds happily. Is there a better workaround until such time as the base system Heimdal is updated? -- John Marshall
From: Stacy Millions on 3 May 2010 09:38 John Marshall wrote: > This is obviously a workaround but... > > After updating ports (including security/openssl) on a FreeBSD 8-STABLE > (Feb 25) system, I couldn't build net/samba33. This is what I saw... > > Linking bin/smbd > /usr/lib/libhx509.so: undefined reference to `MD2_Init' > /usr/lib/libhx509.so: undefined reference to `MD2_Final' > /usr/lib/libhx509.so: undefined reference to `MD2_Update' > gmake: *** [bin/smbd] Error 1 > *** Error code 1 > > OpenSSL 1.0.0 does not include MD2 by default but does include a knob: > > MD2 "Build with MD2 hash (obsolete)" off > > If I re-build OpenSSL 1.0.0 with the "obsolete" MD2, then samba builds > happily. > > Is there a better workaround until such time as the base system Heimdal > is updated? > I have been playing with porting heimdal 1.3.2 for a couple days now; as far as I can tell, MD2 is not optional for heimdal. I see three options - build openssl 1.0.0 with MD2 - build heimdal with hcrypto (it won't use openssl then) - patch heimdal to remove MD2 support The first is the easiest and the way I have been testing the port, but I might take a look at adding a knob to enable hcrypto. Removing MD2 would require more effort than I am willing to spend at the moment. -stacy _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
From: Peter Jeremy on 3 May 2010 17:07 On 2010-May-03 07:38:41 -0600, Stacy Millions <stacy(a)Millions.Ca> wrote: >I have been playing with porting heimdal 1.3.2 for a couple days now; as >far as I can tell, MD2 is not optional for heimdal. I see three options >- build openssl 1.0.0 with MD2 >- build heimdal with hcrypto (it won't use openssl then) >- patch heimdal to remove MD2 support 4) patch heimdal to dynamically detect the presence of MD2 Use dlsym(3) to check for the presence of MD2_Init() (and friends). If they exist, support the MD2-based algorithms, otherwise return HX509_ALG_NOT_SUPP if they are invoked. -- Peter Jeremy
|
Pages: 1 Prev: Testers wanted: ISC DHCP 4 Next: Latest squid update |