Hi, (response to Andy) 1) How does mod_ssl.so fail to load exactly?
I got error message (below) after tried to start "httpd" (some blanks added): httpd: Syntax error on line 92 of /temp/packages/AIX/apache22/conf/httpd.conf: Cannot load /temp/packages/AIX/apache22/modules/mod_ssl.so into server: rtld: 0712-001 Symbol main was referenced from module /temp/packages/AIX/openssl/lib/libssl.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol main was referenced from module /temp/packages/AIX/openssl/lib/libcrypto.so(), but a runtime definition of the symbol was not found. rtld: 0712-002 fatal error: exiting. 2) "entry point" Sure there could be callable shared objects (in linux for example run "/lib64/libc.so.6"). And you could use -binitfini to specify routines, as IBM satys: "Optional shared object initialization and termination routines can be specified when creating the shared object." Here I just mean, that there were main() routine, because -bnoentry" was not specified. 3) shared_ldflags The "-bnoentry" is needed when building shared objects in AIX. It would be sensible to separate these AIX gcc versus cc shared ldflags. Now the aix section in "Makefile.shared" is messy - there is also many AIX cc specific options (not valid for gcc). It seems good if these options would be in "Configure": "-G,-bexpall,-bnoentry,-bM:SRE,-bnolibpath" for AIX cc and "-shared" for gcc. -Tippa --- --- --- From: Andy Polyakov <appro () fy ! chalmers ! se> Date: 2008-09-09 21:23:56 Message-ID: 48C6E96C.5060901 () fy ! chalmers ! se > When just building Apache 2.2.9 with openssl support, I found that > "mod_ssl.so" could not be loaded. How does mod_ssl.so fail to load exactly? > When I investigated the problem I > found that the reason was "broken" openssl shared libraries. These > libraries (libcrypto.so and libssl.so) were build using "./Configure > aix64-cc shared". Both shared libraries have entry points!!! I don't quite understand why is "entry point" considered wrong? It's not inappropriate for shared library to have an initialization code and how would it be handled without entry point? Or does AIX run-time linker handle it in some magical way? If so, how? > So I > checked the build process and found that in "Makefile.shared" the "-G" > option is used incorrectly. When using "-G" option with cc it should > not be used with/inside "-Wl" option. The real reason for passing -G through -Wl is that rule in question is expected to work even with gcc, not only cc. So if -bnoentry is actually required, then it's more appropriate to complement -Wl with -bnoentry, not take -G out. Or it might be more appropriate to move -G to ./Configure, to $shared_ldflags [and -shared to corresponding gcc target]... > aix53> > aix53> uname -srvp > AIX 3 5 powerpc > aix53> cc -qversion > IBM XL C/C++ Enterprise Edition V8.0 for AIX > Version: 08.00.0000.0000 > aix53> > aix53> # 1) We have -G inside -Wl (incorrect result: we have entry point) > aix53> cc -v -DOPENSSL_THREADS -qthreaded -DDSO_DLFCN -DHAVE_DLFCN_H -q64 -O > -DB_ENDIAN -qmaxmem=16384 -qro -qroconst -q64 > -Wl,-G,-bexpall,-bnolibpath,-bM:SRE -o libssl.so.0.9.8 libssl.o -L. -lcrypto > exec: export(export,XL_CONFIG=/etc/vac.cfg:cc,NULL) > exec: > /bin/ld(/bin/ld,-b64,/lib/crt0_64.o,-bpT:0x100000000,-bpD:0x110000000,-G,-bexpall,-bnolibpath,-bM:SRE,-o,libssl.so.0.9.8,libssl.o,-L.,-lcrypto,-L/usr/vac/lib,-lxlopt,-lc,NULL) > ld: 0711-224 WARNING: Duplicate symbol: p_xargc > ld: 0711-224 WARNING: Duplicate symbol: p_xargv > ld: 0711-224 WARNING: Duplicate symbol: p_xrcfg > ld: 0711-224 WARNING: Duplicate symbol: p_xrc > ld: 0711-224 WARNING: Duplicate symbol: end > ld: 0711-224 WARNING: Duplicate symbol: .bcopy > ld: 0711-224 WARNING: Duplicate symbol: .memcpy > ld: 0711-224 WARNING: Duplicate symbol: .memmove > ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more information. AIX doesn't stop to amaze/puzzple... I don't have regular access to AIX, but I can't recall such messages... A. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]