Gokulakrishnan Gopalakrishnan writes: > ... > for making HTTPS Call using boost. While starting the server, I'm getting > error loading user_chk lib (*undefined Symbol: SSL_library_unit*).
=> the cryptolink library uses either the Botan or the OpenSSL crypto backend (it was initially Botan only but I added OpenSSL to provide an alternative, e.g. for people requiring a certified crypto). So if you build Kea with the OpenSSL backend you get the -lcrypto dependeny, i.e. the low level OpenSSL library. Note that we chose to not include direct HTTPS/TLS support inside Kea even both Botan and OpenSSL support TLS, of course with very different API. To conclude in your case you need the second SSL/TLS OpenSSL library -lssl > to build the library with "-lcrypto - lssl". I'm bit confused on how to > change the Makefile to build the library using these two libs. => you have two choices: - you modify the Makefile.am and rerun autoconf, configure, etc - you patch config.status to add -lssl in a variable definition for instance the one with -lcrypto (i.e. you substitute "-lcrypto" by "-lcrypto -lssl" everywhere) and you rerun it by: sh ./config.status I use often the second solution because it is quick but it is dirty too so if it fixes your problem you have to try the first/clean way after. // Extra notes for corner cases, mainly the hook library case Note the order can matter (in theory it should not but in practice it could). And if you are working with a DSO (aka hook library) things can become really complex as hooks are loaded using dlopen() so anything the hook can need must be available in the Kea binary. There are already a few hacks to enforce some symbols to be visible, you have an example at the end of src/lib/eval/lexer.ll you can adapt to enforce a reference to a symbol in -lssl (without this the dynamic library libssl.so will be skipped by ld when the Kea binary is built). So if you have the -lssl not adding the library you should: - check if the libssl.so is linked by something like libtool --mode=execute ldd kea-dhcp4 (with libtool kea-dhcp4 is a shell script, the real binary is in the src/bin/dhcp4/.libs directory and ldd applied directly on it just returns errors saying it can't find libraries) ldd on Linux and BSDs returns the list of dynamic libraries used by the binary - if libssl.so is not listed by ldd then add a hack at the end of src/lib/cryptolink/openssl_link.cc with a reference to a libssl.so symbol. Choose one (e.g., SSL_library_init), add its include (<openssl/ssl.h>) and a call to it as in lexer.ll. Note the function will be never really called but it will be referenced. Rebuild and recheck. Regards Francis Dupont <[email protected]> PS: I assume you use dynamic linking on Linux or BSD. If you use static linking (./configure --enable-static-link) and/or Apple OS X / macOS some details change. _______________________________________________ Kea-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/kea-users
