BIND 9.5.1-P3 compilation problems.
bsfinkel at anl.gov
bsfinkel at anl.gov
Tue Aug 11 18:12:05 UTC 2009
Emery <emery.rudolph at gmail.com> wrote:
>I've conducted two maintenance windows to upgrade our BIND primary
>server to the new code to address the recent security vulnerability, but
>cannot get past the error below. I have Openssl 9.8.0k installed. I have
>no problems running tests from the openssl prompt. I have tried
>exporting the LD_LIBRARY_PATH to include the /usr/local/ssl directory
>and have run the compilation with the --with-openssl=/usr/local/ssl
>switch to no avail.
>
>I am running Solaris 10 Sparc -
>
>I know that there is a precompiled version of this BIND release on
>Sunfreeware, but I am trying to upgrade our primary nameserver and would
>rather to this than a clean uninstall/install.
>
>Is there any insight into what wall I'm running into?
>
>
>checking for strings.h... yes
>checking for inttypes.h... yes
>checking for stdint.h... yes
>checking for unistd.h... (cached) yes
>checking for size_t... yes
>checking for ssize_t... yes
>checking for uintptr_t... yes
>checking for socklen_t... yes
>checking whether time.h and sys/time.h may both be included... yes
>checking for long long... yes
>checking for struct lifconf... no
>checking for kqueue... no
>checking epoll support... no
>checking sys/devpoll.h usability... yes
>checking sys/devpoll.h presence... yes
>checking for sys/devpoll.h... yes
>checking if unistd.h or sys/types.h defines fd_set... yes
>checking whether byte ordering is bigendian... yes
>checking for OpenSSL library... using OpenSSL from /usr/local/ssl/lib
>and /usr/local/ssl/include
>checking whether linking with OpenSSL works... no
>configure: error: Could not run test program using OpenSSL from
>/usr/local/ssl/lib and /usr/local/ssl/include.
>Please check the argument to --with-openssl and your
>shared library configuration (e.g., LD_LIBRARY_PATH).
When I built BIND 9.6.1-P1 on Solaris 10 I used the following commands:
unsetenv LD_LIBRARY_PATH
set path=(/usr/sfw/bin/ /usr/sbin /usr/bin /usr/etc /usr/ccs/bin \
/usr/afsws/local/bin)
./configure --prefix=/export/home/named/bind \
--sysconfdir=/export/home/named --enable-threads --localstatedir=/var \
--with-gssapi=/usr --with-libxml2=/usr
I am not sure what we have in
/usr/afsws/local/bin
(if anything) that I need.
After the build I ran
strings /usr/sfw/lib/libcrypto.so.0.9.7 | grep SSL
and I get, in part,
OpenSSL 0.9.7d 17 Mar 2004 (+ security fixes for: CVE-2005-2969
CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339
CVE-2006-4343 CVE-2007-5135 CVE-2008-5077 CVE-2009-0590)
I did this because I got a warning message about a back-level OpenSSL
Crypto library. The file name has "0.9.7", but that file does contain
fixes for vulnerabilities. This is on a
SunOS ... 5.10 Generic_141414-02 sun4u sparc SUNW,Sun-Fire-V240
system. Note that I used different commands when building this BIND
on a Solaris 9 system.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-4601
Building 222, Room D209 Internet: BSFinkel at anl.gov
Argonne, IL 60439-4828 IBMMAIL: I1004994
More information about the bind-users
mailing list