Maintained by: NLnet Labs

[Unbound-users] Unbound 1.4.9 & Solaris 11 x64.

W.C.A. Wijngaards
Thu Mar 24 19:29:51 CET 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Simon-Bernard,

On 03/24/2011 04:17 PM, Simon-Bernard Drolet wrote:
> Two subjects,
> 
> first the download page for unbound-1.4.9.tar.gz gives : 404 Not Found.

Our mirror, kindly provided by Nominet, was not up to date, it updates
regularly.

> The latest link works.

It is probably up to date now (couple hours, cron), or you happened to
use the other mirror.

> second, Im trying to compile unbound-1.4.9 on Solaris 11 express x64
> with Solaris Studio 12.2
> 
> A simple ./configure gives:
> 
> # ./configure
> checking build system type... i386-pc-solaris2.11
> checking host system type... i386-pc-solaris2.11
> checking target system type... i386-pc-solaris2.11
> checking if nonblocking sockets work... no

This looks troubling, also memcmp is not comparing unsigned.  Solaris 11
should have working nonblocking sockets?  Solaris 9 and 10 have (with gcc).
(don't worry, unbound can still work fine, albeit with a workaround).

> checking whether mkdir has one arg... no
> checking whether pthreads work with -pthreads... no
> checking for the pthreads library -lpthread... no
> checking whether pthreads work with -mt... no
> checking whether pthreads work with -pthread... no
> checking for the pthreads library -lpthreads... no
> checking whether pthreads work without any flags... no
> checking whether pthreads work with -Kthread... no
> checking whether pthreads work with -kthread... no
> checking for the pthreads library -llthread... no
> checking whether pthreads work with -pthread... no
> checking whether pthreads work with -pthreads... no
> checking whether pthreads work with -mthreads... no
> checking for the pthreads library -lpthread... no
> checking whether pthreads work with --thread-safe... no
> checking whether pthreads work with -mt... no
> checking for pthread-config... no

You have no pthreads?  Likely the result will use solaris-threads
(libthr, which may be what you want) or be non-threaded (forked).

> checking for SSL... found in /usr
> checking for HMAC_CTX_init in -lcrypto... no
> checking if -lcrypto needs -lgdi32... no
> checking if -lcrypto needs -ldl... no
> configure: error: OpenSSL found in /usr, but version 0.9.7 or higher is
> required

It tries to find openssl, and then checks the version.

> But, if I run :
> 
> # openssl version
> OpenSSL 0.9.8o 01 Jun 2010

find which openssl that is, I mean, from where in your $PATH, probably
not the one from /usr then?  Pass that directory with
- --with-ssl=/opt/ssl to the configure script (or with the value of the
directory where that recent openssl is installed).

Or install a new openssl (1.0.0d) in a new directory.

> 
> Final note, ldns 1.6.9 is reporting the same thing on configure, but not
> nsd 3.2.8...

Because NSD can work with openssl 0.9.7 (SHA1) because as an authority
server it does not need to understand the RRSIGs that it sends to the
clients.  LDNS wants 0.9.8 or more to have SHA256 support.  SHA256
support is useful, e.g. to verify signatures from the root and many
toplevel domains that use RSASHA256 DNSSEC.

Note that after this stage it is going to complain that 0.9.8 does not
support GOST and that it wants 1.0.0d.

Best regards,
   Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iEYEARECAAYFAk2LjZ8ACgkQkDLqNwOhpPgnOwCfbEY1vW5ued8O1Rb+OBX8IvdM
1RAAoImqZ/uFS1ANQxBnUp6GotmvJ+O1
=KDmG
-----END PGP SIGNATURE-----