Upgrade to apache 2.4.9 opensssl error SSL_get_srp_userinfo

apache-2.4openssl

I am running Centos 6.5 2.6.32-431.11.2.el6.x86_64.

I have Apache PHP and openssl which I compiled from source

apache2.4.7
php 5.5.10
openssl 1.0.1f

I have updated apache to 2.4.7 on another instance sucessfully, but on this server I get the following error.

httpd: Syntax error on line 129 of /usr/local/apache2/conf/httpd.conf: Cannot load   modules/mod_ssl.so into server: /usr/local/apache2/modules/mod_ssl.so: undefined symbol: SSL_get_srp_userinfo

my config for the openssl is

./config --prefix=/usr/local --openssldir=/usr/local/openssl -fPIC

my config for apache, which is the config.nice for the previous 2.4.7 install is

"./configure" \
"--enable-so" \
"--with-included-apr" \
"--enable-ssl" \
"--with-ssl=/usr/local/openssl" \

I can see from the config.status that it is looking in the right place for the ssl

S["MOD_SSL_LDADD"]="-export-symbols-regex ssl_module"
S["ab_LDFLAGS"]="-L/usr/local/openssl/lib -lssl -lcrypto -lrt -lcrypt -lpthread"
S["ab_CFLAGS"]="-I/usr/local/openssl/include"

however when doing an ldd on the actual mod_ssl.so shows something totally different then what I see on all the other apache installation that I have working with mod_ssl.

normally on all the working installation I see something like

# ldd /usr/local/apache2/modules/mod_ssl.so
    linux-vdso.so.1 =>  (0x00007fff489ff000)
    librt.so.1 => /lib64/librt.so.1 (0x00007f839028d000)
    libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f8390056000)
    libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f838fe38000)
    libc.so.6 => /lib64/libc.so.6 (0x00007f838faa5000)
    /lib64/ld-linux-x86-64.so.2 (0x00007f83908bd000)
    libfreebl3.so => /lib64/libfreebl3.so (0x00007f838f843000)
    libdl.so.2 => /lib64/libdl.so.2 (0x00007f838f63e000)[/CODE]

however, on this particular installation, i see

# ldd /usr/local/apache2/modules/mod_ssl.so
    linux-vdso.so.1 =>  (0x00007ffff1bff000)
    libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f93f743b000)
    librt.so.1 => /lib64/librt.so.1 (0x00007f93f7232000)
    libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f93f6ffb000)
    libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f93f6dde000)
    libc.so.6 => /lib64/libc.so.6 (0x00007f93f6a49000)
    libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007f93f6805000)
    libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007f93f651f000)
    libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007f93f631a000)
    libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007f93f60ee000)
    libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f93f5d0e000)
    libdl.so.2 => /lib64/libdl.so.2 (0x00007f93f5b09000)
    libz.so.1 => /lib64/libz.so.1 (0x00007f93f58f3000)
    /lib64/ld-linux-x86-64.so.2 (0x00007f93f7a7b000)
    libfreebl3.so => /lib64/libfreebl3.so (0x00007f93f567c000)
    libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007f93f5470000)
    libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007f93f526d000)
    libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f93f5053000)
    libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f93f4e33000)[/CODE]

this is a lot more extensive. I Do not think this could be because apache is not reading from the correct location for openssl.

Any suggestions are welcome.

thanks,

Best Answer

Ok,

The solution was to put the actual LDFLAGS configuration in the actual configuration. so it should look like this

LDFLAGS="-L/usr/local/lib64"; export LDFLAGS
"./configure" \
"--enable-so" \
"--with-included-apr" \
"--enable-ssl" \
"--with-ssl=/usr/local/openssl" \
"LDFLAGS=-L/usr/local/lib64" \
"$@"
Related Topic