Compiling mod_ssl as a DSO

Compiling mod_ssl as a DSO

am 10.02.2003 13:08:40 von Simon Donally

Hi List Users

I am trying to configure Apache to run with ModSSL as a DSO. I am using =
relatively old versions of software as this particular version of Apache =
functions on the system. The software versions are as follows

Apache 1.3.12
Openssl_0.9.6b
Modssl_2.6.6

I have read numerous articles both from the list forum and from articles =
found from internet searches. I have tried many options to configure =
Apache to run with SSL as a DSO over a period of a week and to date have =
not been successful.

I have listed the errors I obtain and the steps I follow to compile =
Apache. I would be most grateful for any advice which may lead to the =
resolution of this problem.

1) Compile OpenSSL 0.9.6b as a shared object as follows
a. make clean
b. make test
c. make build-shared

2) ./configure \
--enable-module=3Dso
--with-apache=3D/home/sxxx/apache_1.3.12 \
--with-ssl=3D/home/simon/Openssl-0.9.6b/openssl-0.9.6b \
--prefix=3D/home/simon/Apache12SO \
--enable-module=3Dssl

3) cd /home/sxxx/apache_1.3.12

make
make certificate
make install

4) The entry in the httpd.conf file is as follows=20

LoadModule ssl_module libexec/libssl.so


* This is the first error I obtain

hometop1% apachectl startssl
Syntax error on line 208 of /home/simon/Apache12SO/conf/httpd.conf:
Cannot load /home/simon/Apache12SO/libexec/libssl.so into server: =
ld.so.1: /home/simon/Apache12SO/bin/httpd: fatal: libssl.so.0.9.6: open =
failed: No such file or directory
..//apachectl startssl: httpd could not be started

This is resolved by setting the LD_LIBRARY_PATH variable to =
/usr/local/ssl/lib
bash-2.02$ export =
LD_LIBRARY_PATH:/usr/local/ssl/lib:$LD_LIBRARY_PATH


* This is the next error I obtain after having set the LD_LIBRARY_PATH =
variable to=20
bash-2.02$ apachectl startssl

Syntax error on line 208 of /home/simon/Apache12SO/conf/httpd.conf:
Cannot load /home/simon/Apache12SO/libexec/libssl.so into server: =
ld.so.1
: /home/simon/Apache12SO/bin/httpd: fatal: relocation error: file =
/home/simon/Apache12SO/libexec/libssl.so: symbol ap_user_id: referenced =
symbol not found
..//apachectl startssl: httpd could not be started


The next step I tried was=20
* To directly copy libssl.so from Openssl to libexec using libssl.so =
from Openssl
* To set the library path to point to /home/simon/Apache12SO/libexec =
only

bash-2.02$ pwd
/reserv/home/simon/Apache12SO/libexec
bash-2.02$ ls -lisa
total 2472
118879 2 drwxr-xr-x 2 simon htgroup 512 Feb 10 09:03 .
420694 2 drwxrwxr-x 12 simon htgroup 512 Feb 6 16:43 ..
118881 16 -rw-r--r-- 1 simon htgroup 8153 Feb 7 10:57 =
httpd.exp
118893 2 lrwxrwxrwx 1 simon htgroup 11 Feb 10 09:03 =
libssl.so -> libssl.so.0
118888 2 lrwxrwxrwx 1 simon htgroup 15 Feb 10 09:03 =
libssl.so.0 -> libssl.so.0.9.6
118886 1920 -rwxrwxr-x 1 simon htgroup 970983 Feb 7 12:45 =
libssl.so.0.9.6
118890 528 -rwxr-xr-x 1 simon htgroup 256259 Feb 7 10:57 =
libssl.so.old

This didn't work either and generated the following error, I notice that =
the file libssl.so.old generated when Apache was compiled is =
considerably smaller than the file libssl.so.0.9.6 copied from OpenSSL

Syntax error on line 208 of /home/simon/Apache12SO/conf/httpd.conf:
Can't locate API module structure `ssl_module' in file =
/home/simon/Apache12SO/libexec/libssl.so: ld.so.1: =
/home/simon/Apache12SO/bin/httpd: fatal: ssl_module: can't find symbol
..//apachectl startssl: httpd could not be started

regards

Simon Donally
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: Compiling mod_ssl as a DSO

am 10.02.2003 16:46:22 von Boyle Owen

Just to get things clear, openSSL is a library of functions which is
used by (among other things) mod_ssl. So mod_ssl needs to know about
openSSL but openSSL doesn't care which application is using it. Your
installation paths are a bit idiosyncratic, which is OK as long as you
have a clear idea about how everything is inter-related. I was a bit
confused reading your posting so I'm suspecting apache is too.

Generally, you should proceed as follows (if any of this strikes you as
odd, then that might be the problem):

- Install openSSL in /path/to/ssl
- set SSL_BASE = /path/to/ssl
- set LD_RUN_PATH = /usr/lib:/usr/local/lib:/path/to/ssl/lib (this
avoids using LD_LIBRARY_PATH)
- Unpack apache tar file in (e.g.) /tmp/apache
- Unpack mod_ssl tar file in (e.g. /tmp/mod_ssl
- in /tmp/mod_ssl, run "./configure --with-apache=/tmp/apache" (this
patches apache sources)
- in /tmp/apache, run "./configure "--prefix=/path/to/apache \
--enable-module=so \
--enable-shared=ssl \
--enable-module=ssl
- make, make install

This should leave libssl.so in /path/to/apache/libexec and
/path/to/apache/bin/httpd should start without $LD_LIBRARY_PATH being
set.

Rgds,

Owen Boyle

PS - your versions are ancient... Are you sure the latest versions won't
work? On the other hand, your versions are so old that



>-----Original Message-----
>From: Simon Donally [mailto:simon.donally@vcontractor.co.za]
>Sent: Montag, 10. Februar 2003 13:09
>To: modssl-users@modssl.org
>Subject: Compiling mod_ssl as a DSO
>
>
>Hi List Users
>
>I am trying to configure Apache to run with ModSSL as a DSO. I
>am using relatively old versions of software as this
>particular version of Apache functions on the system. The
>software versions are as follows
>
> Apache 1.3.12
> Openssl_0.9.6b
> Modssl_2.6.6
>
>I have read numerous articles both from the list forum and
>from articles found from internet searches. I have tried many
>options to configure Apache to run with SSL as a DSO over a
>period of a week and to date have not been successful.
>
>I have listed the errors I obtain and the steps I follow to
>compile Apache. I would be most grateful for any advice which
>may lead to the resolution of this problem.
>
>1) Compile OpenSSL 0.9.6b as a shared object as follows
>a. make clean
>b. make test
>c. make build-shared
>
>2) ./configure \
> --enable-module=so
> --with-apache=/home/sxxx/apache_1.3.12 \
>
>--with-ssl=/home/simon/Openssl-0.9.6b/openssl-0.9.6b \
> --prefix=/home/simon/Apache12SO \
> --enable-module=ssl
>
>3) cd /home/sxxx/apache_1.3.12
>
> make
> make certificate
> make install
>
>4) The entry in the httpd.conf file is as follows
>
> LoadModule ssl_module libexec/libssl.so
>
>
>* This is the first error I obtain
>
>hometop1% apachectl startssl
>Syntax error on line 208 of /home/simon/Apache12SO/conf/httpd.conf:
>Cannot load /home/simon/Apache12SO/libexec/libssl.so into
>server: ld.so.1: /home/simon/Apache12SO/bin/httpd: fatal:
>libssl.so.0.9.6: open failed: No such file or directory
>.//apachectl startssl: httpd could not be started
>
>This is resolved by setting the LD_LIBRARY_PATH variable to
>/usr/local/ssl/lib
> bash-2.02$ export
>LD_LIBRARY_PATH:/usr/local/ssl/lib:$LD_LIBRARY_PATH
>
>
>* This is the next error I obtain after having set the
>LD_LIBRARY_PATH variable to
> bash-2.02$ apachectl startssl
>
>Syntax error on line 208 of /home/simon/Apache12SO/conf/httpd.conf:
>Cannot load /home/simon/Apache12SO/libexec/libssl.so into
>server: ld.so.1
>: /home/simon/Apache12SO/bin/httpd: fatal: relocation error:
>file /home/simon/Apache12SO/libexec/libssl.so: symbol
>ap_user_id: referenced symbol not found
>.//apachectl startssl: httpd could not be started
>
>
>The next step I tried was
>* To directly copy libssl.so from Openssl to libexec
>using libssl.so from Openssl
>* To set the library path to point to
>/home/simon/Apache12SO/libexec only
>
>bash-2.02$ pwd
>/reserv/home/simon/Apache12SO/libexec
>bash-2.02$ ls -lisa
>total 2472
> 118879 2 drwxr-xr-x 2 simon htgroup 512 Feb 10 09:03 .
> 420694 2 drwxrwxr-x 12 simon htgroup 512 Feb
>6 16:43 ..
> 118881 16 -rw-r--r-- 1 simon htgroup 8153 Feb
>7 10:57 httpd.exp
> 118893 2 lrwxrwxrwx 1 simon htgroup 11 Feb
>10 09:03 libssl.so -> libssl.so.0
> 118888 2 lrwxrwxrwx 1 simon htgroup 15 Feb
>10 09:03 libssl.so.0 -> libssl.so.0.9.6
> 118886 1920 -rwxrwxr-x 1 simon htgroup 970983 Feb
>7 12:45 libssl.so.0.9.6
> 118890 528 -rwxr-xr-x 1 simon htgroup 256259 Feb
>7 10:57 libssl.so.old
>
>This didn't work either and generated the following error, I
>notice that the file libssl.so.old generated when Apache was
>compiled is considerably smaller than the file libssl.so.0.9.6
>copied from OpenSSL
>
>Syntax error on line 208 of /home/simon/Apache12SO/conf/httpd.conf:
>Can't locate API module structure `ssl_module' in file
>/home/simon/Apache12SO/libexec/libssl.so: ld.so.1:
>/home/simon/Apache12SO/bin/httpd: fatal: ssl_module: can't find symbol
>.//apachectl startssl: httpd could not be started
>
>regards
>
>Simon Donally
>___________________________________________________________ ___________
>Apache Interface to OpenSSL (mod_ssl) www.modssl.org
>User Support Mailing List modssl-users@modssl.org
>Automated List Manager majordomo@modssl.org
>

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company.


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org