From owner-freebsd-isp Fri Feb 21 09:56:35 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id JAA09289 for isp-outgoing; Fri, 21 Feb 1997 09:56:35 -0800 (PST) Received: from absinthe.i3inc.com (Absinthe.stonos.washington.dc.us [206.27.237.33]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id JAA09267; Fri, 21 Feb 1997 09:56:06 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by absinthe.i3inc.com (8.7.2/8.7.2) with SMTP id MAA21993; Fri, 21 Feb 1997 12:54:18 -0500 (EST) Message-Id: <199702211754.MAA21993@absinthe.i3inc.com> X-Authentication-Warning: absinthe.i3inc.com: Host localhost [127.0.0.1] didn't use HELO protocol To: questions@freebsd.org Cc: isp@freebsd.org Subject: 2.1.7 running SSL+apache? X-Mailer: Mew version 1.03 on Emacs 19.34.1 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Fri, 21 Feb 1997 12:54:17 -0500 From: Chris Shenton Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I'm trying to build Apache with SSL on a 2.1.7 system; running into two major problems. I figured others, especially ISPs, must be running like this, so here's the deal. 1. Building ports/apache, requesting SSL extensions: cd /usr/ports/www/apache/ make -k -DSECURE_SERVER ===> apache_SSL-1.1.1 is marked as broken: SSLeay has changed, and the patches for apache need more work. I could take a whack at patching it up, but I have to admit to not having played with SSL before now. The next problem seems to be more of an impediment to me. 2. Building port/SSLeay: pkg/DESCR says: As this is a FreeBSD port, it has been tailored to FreeBSD. It uses the DES, MD2 and MD5 from FreeBSD 2.2+. Earlier versions of freebsd have a DES library that is missing bits, and SSLeay will not compile properly. The answer is to get the latest secure/ dist. and as expected, it fails at link time [lines split for readability]: cc -o out/ssleay -O tmp/verify.o tmp/asn1pars.o tmp/req.o tmp/dgst.o tmp/dh.o tmp/enc.o tmp/gendh.o tmp/errstr.o tmp/ca.o tmp/pkcs7.o tmp/crl2p7.o tmp/crl.o tmp/rsa.o tmp/x509.o tmp/genrsa.o tmp/s_server.o tmp/s_client.o tmp/speed.o tmp/s_time.o tmp/apps.o tmp/s_cb.o tmp/s_socket.o tmp/version.o tmp/sess_id.o tmp/ciphers.o tmp/ssleay.o out/libssl.a out/libcrypto.a -ldes -lmd e_xcbc_d.o: Undefined symbol `_des_xcbc_encrypt' referenced from text segment *** Error code 1 (continuing) `all' not remade because of errors. The DESCR seems to imply that I might be able to build the "secure" distribution from the latest 2.2; is this true? will it merge in with my 2.1.7 system? pointers on how to go about it? Any other words of wisdom? Thanks.