libcrypt has nothing to do with libcrypto/libssl of openssl. They can be loaded in parallel. Because crypt was implemented in triple DES 156 bit, proven to convey only 112 bits of encryption strength, that cipher is no longer a part of openssl. But the system library for crypt'ed passwords remains.
On Sep 18, 2018 14:51, "Matthew Goebel" <mgoe...@emich.edu> wrote: HHmm... okay. The issue I'm having is that crypt() no longer seems to exist in openssl 1.1.0, which is what apr_util is testing for, and when it cannot find it in 1.1.0 it decides to use the 1.0.0 version of the system libs....so apr-util and httpd are built with 1.0.0 and mod_ssl with 1.1.0 Guess I will try to contact some of the sites providing httpd 2.4.x binaries with 1.1.0 support and ask about how they are handling apr-util. Thanks, Matt On Tue, Sep 18, 2018 at 2:04 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > On Tue, Sep 18, 2018 at 10:24 AM Matthew Goebel <mgoe...@emich.edu> wrote: > >> Ah, and I've been looking at httpd instead of mod_ssl.so, this does in >> fact appear to be working... ugh... never mind me. >> > > No worries, but please note that apr-util can be built linking to openssl, > and if that optional apr_crypto_openssl module is triggered before httpd > loads mod_ssl, it may resolve the wrong library, so you may want to get > the appropriate -R path into the apr-util build. > > Also, apr-util can load one of many different keyed or relational DB > or ldap providers, most of which have linkages to a crypto provider. > Those may be hard-wired to load and require an older openssl, and > you will need to rebuild the whole db/sql/ldap provider lib against > the more modern openssl. > > -- Matthew Goebel : goe...@emunix.emich.edu : Unix Jockey @ EMU : Hail Eris Neo-Student, Net Lurker, Donut consumer, and procrastinating medher... "Always with the negative waves, Moriarty" - Oddball "Comfort the troubled, and trouble the comfortable." - Dietrich Bonhoeffer
