I built cyrus-sasl-1.5.24 under Solaris 2.6 with this configure script:
#!/bin/sh
env CPPFLAGS="-I/usr/local/src/db/db-3.1.17/build_unix" \
LDFLAGS="-L/usr/local/src/db/db-3.1.17/build_unix" CC=cc \
./configure --localstatedir=/var/run --with-dblib=berkeley \
--with-pwcheck=/var/run/pwcheck --enable-login --disable-krb4 \
--disable-gssapi --with-des=/usr/local/src/OpenSSL/openssl-0.9.5a \
--with-rc4=/usr/local/src/OpenSSL/openssl-0.9.5a
#!/end
It seemed to work with cyrus-imapd-2.0.7 and sendmail-8.11.1, except
for this error message:
Oct 4 20:08:59 setup16 lmtpd[23673]: [ID 504614 auth.error] unable to dlopen
/usr/lib/sasl/libdigestmd5.so: ld.so.1: lmtpd: fatal: relocation error: file
/usr/lib/sasl/libdigestmd5.so: symbol RC4_set_key: referenced symbol not found
The problem was that /lib/sasl/libdigestmd5.so contained unresolved
symbols, but did not provide a way to resolve them. I'm using
openssl-0.9.5a, which I assume is the latest version. It provides
only static libraries, but libtool in Cyrus SASL seems to require
dynamicly-loaded libraries. It issues this notice:
*** Warning: This library needs some functionality provided by -lcrypto.
*** I have the capability to make that library automatically link in when
*** you link to this library. But I can only do this if you have a
*** shared version of the library, which you do not appear to have.
*** The inter-library dependencies that have been dropped here will be
*** automatically added whenever a program is linked with this library
*** or is declared to -dlopen it.
Unfortunately, this is not true. To make it work requires that all
executables that load libdigestmd5.so must also be statically linked
with libcrypto.a, and that's not the way you would expect SASL to work.
My workaround was to generate and install shared libraries for OpenSSL.
I use this config script:
#!/bin/sh
./Configure solaris-sparcv8-cc --prefix=/usr/local/openssl -KPIC
#!/end
and this make script:
#!/bin/sh
# :make: compile and create shared libraries
make
for N in libcrypto libRSAglue libssl
do
ld -G -z allextract -o $N.so.0 -h $N.so.0 -R/usr/local/lib $N.a
rm -f $N.so && ln -s $N.so.0 $N.so
done
#!/end
I then install them in /usr/local/lib.
Even then, it doesn't quite work. When SASL builds the plugin libraries,
it drops the run path that I so carefully supplied in my new config
script:
#!/bin/sh
env CPPFLAGS="-I/usr/local/src/db/db-3.1.17/build_unix" \
LDFLAGS="-L/usr/local/src/db/db-3.1.17/build_unix -R/usr/local/lib" \
CC=cc \
./configure --localstatedir=/var/run --with-dblib=berkeley \
--with-pwcheck=/var/run/pwcheck --enable-login --disable-krb4 \
--disable-gssapi --with-des=yes \
--with-rc4=/usr/local/src/OpenSSL/openssl-0.9.5a
#!/end
I had to rebuild the library by hand like this:
$ /usr/ccs/bin/ld -G -h libdigestmd5.so.0 -o .libs/libdigestmd5.so.0.0.17
digestmd5.lo -L/usr/local/lib -L/usr/local/src/db/db-3.1.17/build_unix
-L/usr/local/src/OpenSSL/openssl-0.9.5a/lib -lcrypto -lsocket -lnsl -lc
-R/usr/local/lib
Finally, the Cyrus lmtpd runs with no error messages. Most of the problem
seems to be with the way that the libtool script operates under Solaris.
Can it be fixed? I'm copying this report to the OpenSSL bug list in case
the people there wish to modify OpenSSL to generate shared libraries.
--
-Gary Mills- -Unix Support- -U of M Academic Computing and Networking-
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
