DeveloperSide.NET Forums
July 24, 2019, 12:32:04 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News:
 
   Home   Help Search Login Register  
Pages: [1]
  Print  
Author Topic: undefined symbol: X509_free  (Read 27605 times)
0 Members and 1 Guest are viewing this topic.
dgs4
Member
*
Posts: 6


View Profile
« on: September 11, 2004, 03:37:25 AM »

I followed the instructions on the web site, and get the following error when i run apachectl startssl:

Cannot load /usr/local/apache2/modules/mod_ssl.so into server: /usr/local/apache2/modules/mod_ssl.so: undefined symbol: X509_free

I am including the parts of my shell scripts to build zlib, openssl, apache.  I have a some questions:

1)  In the zlib configuration, it was said to copy zutil.c to the include directory, and then there were three z*.h files in the include directoy.  I copied all three.

2)  In the apache build instructions, I was asked to run   "rm .rnd" and this file did not exist.


Code:
  ./configure
   make
   make test
   make install

   ./configure --shared
   make
   make test
   make install

   cp zutil.h /usr/local/include
   cp zlib.h  /usr/local/include
   cp zconf.h /usr/local/include

   echo
   echo
   echo "/etc/ld.so.cache will need to be updated with the new zlib shared lib: libz.so.1.2.1"
   echo
   echo "    * For standard zlib installation..."
   echo "          o Add /usr/local/lib to /etc/ld.so.conf, if specified path is not present"
   echo "          o /etc]# ldconfig"


Code:

   ./config --prefix=/usr/local/ssl shared zlib-dynamic
   ./config -t
   make
   make test
   make install
   echo
   echo
   echo Edit /etc/ld.so.conf /usr/local/ssl/lib to the bottom.
   echo ldconfig
   echo
   echo
   echo Edit /root/.bash_profile
   echo    Add /usr/local/ssl/bin to the PATH variable.
   echo    Re-login


Code:

   ./configure --prefix=/usr/local/apache2    \
               --enable-mods-shared=most      \
               --enable-deflate               \
               --enable-ssl                   \
               --with-ssl=/usr/local/ssl      \
               --enable-rewrite=shared        \
               --enable-rewrite
   make
   make install
   # To be able to accept https:// requests, we need to create a private/public
   # key-pair for Apache2 and store the keys in the proper location.
   mkdir /usr/local/apache2/conf/ssl.crt
   mkdir /usr/local/apache2/conf/ssl.key

   # Create a certificate signing request (server.csr) and private key (privkey.pem).
   openssl req -new -out server.csr

   # Remove pass-phrase from private key (privkey.pem), creating server.key
   openssl rsa -in privkey.pem -out server.key

   # Create a self-signed certificate, server.crt (public key).
   openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650
   #rm .rnd

   # rnd contains entropy information, could be used to re-create keys]
   rm privkey.pem
   rm server.csr

   #keep server.csr if you plan on self-signing any more keys and you want the authority to match
 up exactly]
   mv server.crt /usr/local/apache2/conf/ssl.crt
   mv server.key /usr/local/apache2/conf/ssl.key
   # Open /usr/local/apache2/conf/httpd.conf
   #
   #   * Add the following...
   #
   #       LoadModule deflate_module modules/mod_deflate.so
   #       LoadModule headers_module modules/mod_headers.so
   #       <IfDefine SSL>
   #         LoadModule ssl_module modules/mod_ssl.so
   #       </IfDefine>
   #
   #       <Location />
   #         <IfModule mod_deflate.c>
   #           #compress content with type html, text, and css
   #           AddOutputFilterByType DEFLATE text/html text/plain text/css
   #           <IfModule mod_headers.c>
   #             #properly handle requests coming from behind proxies
   #             Header append Vary User-Agent
   #           </IfModule>
   #         </IfModule>
   #       </Location>
   #
   #       #properly handle old browsers that do not support compression
   #       <IfModule mod_deflate.c>
   #         BrowserMatch ^Mozilla/4 gzip-only-text/html
   #         BrowserMatch ^Mozilla/4\.0[678] no-gzip
   #         BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
   #       </IfModule>

Logged
admin
Administrator
Master of All Subjects
*****
Posts: 3272


View Profile WWW Email
« Reply #1 on: September 11, 2004, 04:37:15 AM »

Search for term "X509_free" on these forums.

Also on "ldconfig", separately.

And try all the 'which openssl', './openssl version', etc... stuff that are in those threads.

Also, why did you leave out "make clean" on the zlib part?

1) Was the 3rd .h file aready under /usr/local/include ?
Logged

DeveloperSide.NET
Advanced PHP and MySQL Solutions for your Web Design and Development needs with Web.Developer Server Suite.
dgs4
Member
*
Posts: 6


View Profile
« Reply #2 on: September 12, 2004, 03:06:49 AM »

I forgot to include the make clean, but I added it to my script.
Prior to copying the files, there was no z*.h files in that directory.

I think you are right that it is linking to a previous version of openssl.  I tried changing the order of /usr/local/ssl/lib in the /etc/ld.so.conf file without much success. I now have it as below:
Code:

/usr/X11R6/lib/Xaw95
/usr/X11R6/lib/Xaw3d
/usr/X11R6/lib
/usr/i486-linux/lib
/usr/i486-linux-libc5/lib=libc5
/usr/i486-linux-libc6/lib=libc6
/usr/i486-linuxaout/lib
/usr/i386-suse-linux/lib
/usr/openwin/lib
/opt/kde/lib
/opt/kde2/lib
/opt/kde3/lib
/opt/gnome/lib
/opt/gnome2/lib
/usr/local/lib
/usr/local/ssl/lib


It always fails when it tries to load the module for ssl.  I am includeing my httpd.conf.  I removed all comments to make it shorter.  My isp blocks standard ports, hence the no-standard ones.
Code:

ServerRoot "/usr/local/apache2"

<IfModule !mpm_winnt.c>
<IfModule !mpm_netware.c>
</IfModule>
</IfModule>

<IfModule !mpm_netware.c>
<IfModule !perchild.c>
</IfModule>
</IfModule>

<IfModule !mpm_netware.c>
PidFile logs/httpd.pid
</IfModule>

Timeout 300

KeepAlive On

MaxKeepAliveRequests 100

KeepAliveTimeout 15

<IfModule prefork.c>
StartServers         5
MinSpareServers      5
MaxSpareServers     10
MaxClients         150
MaxRequestsPerChild  0
</IfModule>

<IfModule worker.c>
StartServers         2
MaxClients         150
MinSpareThreads     25
MaxSpareThreads     75
ThreadsPerChild     25
MaxRequestsPerChild  0
</IfModule>

<IfModule perchild.c>
NumServers           5
StartThreads         5
MinSpareThreads      5
MaxSpareThreads     10
MaxThreadsPerChild  20
MaxRequestsPerChild  0
</IfModule>

<IfModule mpm_winnt.c>
ThreadsPerChild 250
MaxRequestsPerChild  0
</IfModule>

<IfModule beos.c>
StartThreads               10
MaxClients                 50
MaxRequestsPerThread       10000
</IfModule>

<IfModule mpm_netware.c>
ThreadStackSize      65536
StartThreads           250
MinSpareThreads         25
MaxSpareThreads        250
MaxThreads            1000
MaxRequestsPerChild      0
MaxMemFree             100
</IfModule>

<IfModule mpmt_os2.c>
StartServers           2
MinSpareThreads        5
MaxSpareThreads       10
MaxRequestsPerChild    0
</IfModule>

Listen 81

LoadModule access_module modules/mod_access.so
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
LoadModule auth_dbm_module modules/mod_auth_dbm.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule expires_module modules/mod_expires.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imap_module modules/mod_imap.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module   modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule php4_module    modules/libphp4.so

LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
<IfDefine SSL>
    LoadModule ssl_module modules/mod_ssl.so
</IfDefine>

<Location />
  <IfModule mod_deflate.c>
    #compress content with type html, text, and css
    AddOutputFilterByType DEFLATE text/html text/plain text/css
    <IfModule mod_headers.c>
      #properly handle requests coming from behind proxies
      Header append Vary User-Agent
    </IfModule>
  </IfModule>
</Location>

<IfModule mod_deflate.c>
  BrowserMatch ^Mozilla/4 gzip-only-text/html
  BrowserMatch ^Mozilla/4\.0[678] no-gzip
  BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
</IfModule>

<IfModule !mpm_winnt.c>
<IfModule !mpm_netware.c>
User www
Group user
</IfModule>
</IfModule>

ServerAdmin webmaster@riskiii.com

ServerName www.riskiii.com:81

UseCanonicalName Off

DocumentRoot "/usr/local/apache2/htdocs"

<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>

<Directory "/usr/local/apache2/htdocs">

    Options Indexes FollowSymLinks

    #AllowOverride None
    AllowOverride All

    Order allow,deny
    Allow from all

</Directory>

UserDir public_html

DirectoryIndex index.html index.html.var index.php

AccessFileName .htaccess

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

TypesConfig conf/mime.types

DefaultType text/plain

<IfModule mod_mime_magic.c>
    MIMEMagicFile conf/magic
</IfModule>

HostnameLookups Off

ErrorLog logs/error_log

LogLevel warn

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

CustomLog logs/access_log common

ServerTokens Full

ServerSignature On

Alias /icons/ "/usr/local/apache2/icons/"

<Directory "/usr/local/apache2/icons">
    Options Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|ru))?(/.*)?$ "/usr/local/apache2/manual$1"

<Directory "/usr/local/apache2/manual">
    Options Indexes
    AllowOverride None
    Order allow,deny
    Allow from all

    <Files *.html>
        SetHandler type-map
    </Files>

    SetEnvIf Request_URI ^/manual/de/ prefer-language=de
    SetEnvIf Request_URI ^/manual/en/ prefer-language=en
    SetEnvIf Request_URI ^/manual/es/ prefer-language=es
    SetEnvIf Request_URI ^/manual/fr/ prefer-language=fr
    SetEnvIf Request_URI ^/manual/ja/ prefer-language=ja
    SetEnvIf Request_URI ^/manual/ko/ prefer-language=ko
    SetEnvIf Request_URI ^/manual/ru/ prefer-language=ru
    RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|ru)){2,}(/.*)?$ /manual/$1$2
</Directory>

ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/"

<IfModule mod_cgid.c>
</IfModule>

<Directory "/usr/local/apache2/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

IndexOptions FancyIndexing VersionSort

AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*

AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core

AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^

DefaultIcon /icons/unknown.gif


ReadmeName README.html
HeaderName HEADER.html

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw

LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv
zh-CN zh-TW

ForceLanguagePriority Prefer Fallback

AddDefaultCharset ISO-8859-1

AddCharset ISO-8859-1  .iso8859-1  .latin1
AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
AddCharset ISO-8859-3  .iso8859-3  .latin3
AddCharset ISO-8859-4  .iso8859-4  .latin4
AddCharset ISO-8859-5  .iso8859-5  .latin5 .cyr .iso-ru
AddCharset ISO-8859-6  .iso8859-6  .latin6 .arb
AddCharset ISO-8859-7  .iso8859-7  .latin7 .grk
AddCharset ISO-8859-8  .iso8859-8  .latin8 .heb
AddCharset ISO-8859-9  .iso8859-9  .latin9 .trk
AddCharset ISO-2022-JP .iso2022-jp .jis
AddCharset ISO-2022-KR .iso2022-kr .kis
AddCharset ISO-2022-CN .iso2022-cn .cis
AddCharset Big5        .Big5       .big5
AddCharset WINDOWS-1251 .cp-1251   .win-1251
AddCharset CP866       .cp866
AddCharset KOI8-r      .koi8-r .koi8-ru
AddCharset KOI8-ru     .koi8-uk .ua
AddCharset ISO-10646-UCS-2 .ucs2
AddCharset ISO-10646-UCS-4 .ucs4
AddCharset UTF-8       .utf8

AddCharset GB2312      .gb2312 .gb
AddCharset utf-7       .utf7
AddCharset utf-8       .utf8
AddCharset big5        .big5 .b5
AddCharset EUC-TW      .euc-tw
AddCharset EUC-JP      .euc-jp
AddCharset EUC-KR      .euc-kr
AddCharset shift_jis   .sjis

AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-httpd-php .php

AddType application/x-httpd-php .php

AddHandler type-map var

BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
BrowserMatch "^gnome-vfs" redirect-carefully

<IfModule mod_ssl.c>
    Include conf/ssl.conf
</IfModule>


I am also including my ssl.conf
Code:

SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

<IfDefine SSL>

Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLPassPhraseDialog  builtin

SSLSessionCache         dbm:/usr/local/apache2/logs/ssl_scache
SSLSessionCacheTimeout  300

SSLMutex  file:/usr/local/apache2/logs/ssl_mutex

<VirtualHost _default_:443>

DocumentRoot "/usr/local/apache2/htdocs"
ServerName www.riskiii.com:443
ServerAdmin webmaster@riskiii.com
ErrorLog /usr/local/apache2/logs/error_log
TransferLog /usr/local/apache2/logs/access_log

SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt

SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key

DocumentRoot "/usr/local/apache2/htdocs"
ServerName www.riskiii.com:443
ServerAdmin webmaster@riskiii.com
ErrorLog /usr/local/apache2/logs/error_log
TransferLog /usr/local/apache2/logs/access_log

SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt

SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache2/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog /usr/local/apache2/logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

</IfDefine>


All help is appreciated.

thanks,
Danny
Logged
admin
Administrator
Master of All Subjects
*****
Posts: 3272


View Profile WWW Email
« Reply #3 on: September 12, 2004, 03:34:01 AM »

If you do the search I was talking about, you would find out that this might have nothing to do with your config files.

This is a problem with httpd trying to load static openssl libs and not the dynamic ones -- and after you get that solved, it will probably try to load the older openssl libs.  But for now, you need to solve problem number 1.

Do search for "X509_free".

Try copying libcrypto.so.0.9.7 and libssl.so.0.9.7 to /lib
Logged

DeveloperSide.NET
Advanced PHP and MySQL Solutions for your Web Design and Development needs with Web.Developer Server Suite.
dgs4
Member
*
Posts: 6


View Profile
« Reply #4 on: September 12, 2004, 07:09:53 PM »

I assume you are talking about:

Code:

That happens when you build OpenSSL as a static lib, and have apache load is as a dynamic module.

When you built openssl, did you do this:

.../openssl-0.9.7b]# ./config shared ...

Did you put in the "shared", as the instructions say?

If you did, than you most likely have an older OpenSSL that came with your distro, and you did not "Update the Run-time Linker".


I am running SuSE 9.0 which has openssl library compiled and used with a large number of different apps.  I did make a backup of both files and copied them to /usr/lib.  Didn't work.  I recompiled, still no go.

thanks for your help,
Danny
Logged
admin
Administrator
Master of All Subjects
*****
Posts: 3272


View Profile WWW Email
« Reply #5 on: September 12, 2004, 07:31:21 PM »

Not /usr/lib, but /lib.
Logged

DeveloperSide.NET
Advanced PHP and MySQL Solutions for your Web Design and Development needs with Web.Developer Server Suite.
dgs4
Member
*
Posts: 6


View Profile
« Reply #6 on: September 12, 2004, 10:47:43 PM »

I copied the two files as you suggested, not go.  I ran
Code:

strace -o httpd.out ./httpd.out
grep  so httpd.out|grep crypt|less

 and saw that it was trying to load /lib/libcrypt.so.1, but never tried to load libcrypto.so.0.9.7 or libssl.0.9.7.  I tried renameing the two and as you would expect, they are different files.

I am beginning to think that SuSE 9.0 Pro is not the best distro to use if you want to roll your own.  What do you use debian, or gentoo?

thanks,
Danny
Logged
admin
Administrator
Master of All Subjects
*****
Posts: 3272


View Profile WWW Email
« Reply #7 on: September 12, 2004, 11:25:31 PM »

Did you run "ldconfig" after copying the two files into /lib ?

Try running 'ldd httpd' under the ...\Apache2\bin dir to display what it is linking against.

If that does not work, I would just use what you have, or get a new clean distro like gentoo.  RedHat is not a bad choice either.

Gentoo has all the latest versions of these packages, and the config part is done for you automatically.  You also do not have to compile everything if you do not want to, they have binary packages.
Logged

DeveloperSide.NET
Advanced PHP and MySQL Solutions for your Web Design and Development needs with Web.Developer Server Suite.
dgs4
Member
*
Posts: 6


View Profile
« Reply #8 on: September 13, 2004, 04:05:17 AM »

I had not run ldconfig.  I ran it, and then ran ldd on the binary.  Neither library was compiled in.  However running ldconfig -v revealed that it was there, in fact two copies, one where it shoud be, and one in /usr/lib.  I renamed that one, and ran ldconfig and rebuilt ssl and apache.  The librarys were still not in the binary, i.e. ldd /usr/local/apache2/bin/httpd.

I ran  export LD_LIBRARY_PATH=/usr/local/ssl/lib; and then ran ldconfig, and recompiled.  It did not work.

thanks,
Danny
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.9 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!