Maintained by: NLnet Labs

[Unbound-users] Compile ldns 1.6.16/unbound 1.4.19 on Solaris 10.

Simon-Bernard Drolet
Sat Dec 15 22:10:20 CET 2012


Hi Dan,

Thank's for the infos.

But my goal here is to get unbound and drill to compile with the stock 
openssl from Solaris just like in previous version.

And because there is still a configure option to compile without sha2, 
it should work...

So there is an issue with some ifdefs...

Simon.

On 12/15/12 01:49 PM, Luther, Dan wrote:
> Simon,
>
> Compiling with default SSL under Solaris can be tricky, and rather than let Oracle keep up with patches, I downloaded and used my own OpenSSL. I *almost* got a 64-bit compile to work with OpenSSL and GCC, but failed and had to settle with 32 bit (BTW, if anyone has had success compiling OpenSSL with GCC on a Solaris10/Sparc architecture *and* make it work, I'd like to talk with you!)
>
> To get around the default SSL and make sure I didn't break anything in production, I downloaded and installed OpenSSL to a separate directory:
>
>     $ ./Configure --openssldir=/usr/local/openssl shared threads solaris-sparcv9-gcc
>
> (Note -- if you're not using Sparc/sun4u/sun4v architecture, you'll need to fix that last bit to match your architecture)
>
> I downloaded "libevent-2.0.20-stable" and configured with:
>
>     $ ./configure --with-openssl=/usr/local/openssl
>
> And of course, "ldns":
>
>    $ ./configure --with-ssl=/usr/local/openssl
>
> Finally unbound-1.4.18:
>
>     $ ./configure --prefix=/usr/local/dns --with-ssl=/usr/local/openssl --with-solaris-threads \
>                   --with-username=dns --disable-rpath --with-libevent --with-chroot-dir= \
>                   --enable-shared --enable-largefile
>
> The only bad part of this is you must specify the "LD_LIBRARY_PATH" so unbound knows where the new OpenSSL libraries are:
>
> export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/openssl/lib
>
>
> Hope this helps.
>
>
> Dan Luther
> Operations Engineer
> Systems Operation Engineering
> Level 3 Communications
> One Technology Center, Tulsa OK 74103
> p: 918-547-4370
> e: dan.luther at level3.com
>
>
> -----Original Message-----
> From: unbound-users-bounces at unbound.net [mailto:unbound-users-bounces at unbound.net] On Behalf Of Simon-Bernard Drolet
> Sent: Friday, December 14, 2012 3:52 PM
> To: unbound-users at unbound.net
> Subject: [Unbound-users] Compile ldns 1.6.16/unbound 1.4.19 on Solaris 10.
>
> Hello,
>
> I'm trying to update my libevent, ldns and unbound package.
>
> I'm configuring the compile like this: (because of default ssl in Solaris 10).
>
> # ./configure --disable-sha2 --disable-gost --disable-ecdsa
>
> While trying to compile ldns, I get this:
>
> # gmake
> ./libtool --tag=CC --quiet --mode=compile gcc -I. -I. -DHAVE_CONFIG_H -Wwrite-strings -W -Wall -O2 -g -std=c99 -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_ALL_SOURCE -I/usr/sfw/include -c ./dane.c -o dane.lo
> ./dane.c: In function `ldns_dane_cert2rdf':
> ./dane.c:122: error: `SHA256_DIGEST_LENGTH' undeclared (first use in this function)
> ./dane.c:122: error: (Each undeclared identifier is reported only once
> ./dane.c:122: error: for each function it appears in.)
> ./dane.c:137: error: `SHA512_DIGEST_LENGTH' undeclared (first use in this function)
> ./dane.c: In function `ldns_dane_get_nth_cert_from_validation_chain':
> ./dane.c:293: warning: implicit declaration of function `X509_check_ca'
> gmake: *** [dane.lo] Error 1
>
>
> Any pointers ?
>
> It was ok in 1.6.13... But I get the same error with 1.6.14, 1.6.15 and 1.6.16... With the dane.c file...
>


-- 
Simon-Bernard Drolet, SPecialiste X Inc., 514.247.6741
Simon.Bernard.Drolet<at>gmail(dot)com, Senior Solaris Contractor, Canada