Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 84331 - OpenSSL forces including Kerberos (include) support to programs not having any Kerberos in them originally.
Summary: OpenSSL forces including Kerberos (include) support to programs not having an...
Keywords:
Status: CLOSED DUPLICATE of bug 82369
Alias: None
Product: Red Hat Raw Hide
Classification: Retired
Component: openssl
Version: 1.0
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2003-02-14 16:30 UTC by matti aarnio
Modified: 2007-04-18 16:51 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-02-21 18:51:48 UTC


Attachments (Terms of Use)

Description matti aarnio 2003-02-14 16:30:02 UTC
Description of problem:
  Current Rawhide  OpenSSL-dev-0.9.7-*  seems to mandate to be compiled
  with Kerberos-5 development included in the system, AND APPLICATION,
  which uses OpenSSL at all.

  For software suites not knowing how to do Kerberos, that is "somewhat"
  excessive requirement.  Thus "Severity: high".

Version-Release number of selected component (if applicable):
  Current: 0.9.7

How reproducible:
  Compiling ZMailer suite -- probably any OpenSSL using non-kerberos using will do..

Steps to Reproduce:
1.
2.
3.
    
Actual results:
$ make
gcc -Wall -g -O  -DHAVE_CONFIG_H -I../../smtpserver/../include -I../include -I..
  -c ../../smtpserver/smtpserver.c
In file included from /usr/include/openssl/ssl.h:179,
                 from ../../smtpserver/smtpserver.h:175,
                 from ../../smtpserver/smtpserver.c:14:
/usr/include/openssl/kssl.h:72:18: krb5.h: No such file or directory
In file included from /usr/include/openssl/ssl.h:179,
                 from ../../smtpserver/smtpserver.h:175,
                 from ../../smtpserver/smtpserver.c:14:
/usr/include/openssl/kssl.h:132: parse error before "krb5_enctype"
/usr/include/openssl/kssl.h:134: parse error before "FAR"
....

The mssing  <krb5.h>  file is   /usr/kerberos/include/krb5.h  which
is packed in:  krb5-devel-1.2.7-7
Adding   -I/usr/kerberos/include   into  CFLAGS _does_ let this compilation
complete, nor does it need any Kerberos libraries to be linked,  however
as the system is otherwise non-aware of Kerberos[5], that should be unnecessary.


Expected results:
  Successfull compile without Kerberos need.

Additional info:
 i686 SMP machine, gcc-3.2.1-2

Comment 1 matti aarnio 2003-02-14 18:08:46 UTC
ZMailer source tarball:
  ftp://zmailer.org/zmailer/zmailer-2.99.56-pre4.tar.gz

Unpack, (will open into its own directory), enter that directory,
then:
  $ sh -x ./conf/conf.mea-linux-20030214
and after the configuration is complete, do:
  $ cd i386
  $ make

Have Red Hat Raw Hide system with OpenSSL-devel installed.


Comment 2 Joe Orton 2003-02-20 13:52:47 UTC
To compile against OpenSSL 0.9.7 you need to use the pkg-config support where
available; e.g. add `pkg-config --cflags openssl` to CFLAGS and `pkg-config
--libs openssl` to LIBS.

*** This bug has been marked as a duplicate of 82369 ***

Comment 3 matti aarnio 2003-02-20 14:31:10 UTC
As noted in comments of bugid 82369, in multiplatform application the use of
"pkg-config" isn't very practical.   Adding autocofiguration to detect, and
to use  pkg-config  (where available) is an option, of course.


Comment 4 Joe Orton 2003-02-20 15:02:48 UTC
Indeed - it's hard to use OpenSSL portably, full stop - this problem is not
limited to how we build OpenSSL for Red Hat Linux, hence the NOTABUG.  (For
example, -lssl -lcrypto is not good enough on some platforms, especially with
0.9.7, where sometimes -ldl is required, etc.)


Comment 5 Red Hat Bugzilla 2006-02-21 18:51:48 UTC
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.


Note You need to log in before you can comment on or make changes to this bug.