Bug 134752 - vsftpd-2.0.1 source compile with SSL/TLS support fails
vsftpd-2.0.1 source compile with SSL/TLS support fails
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: vsftpd (Show other bugs)
3.0
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Maros Barabas
: Reopened
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-10-05 23:32 EDT by James Turnbull
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-10-19 15:17:07 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description James Turnbull 2004-10-05 23:32:59 EDT
Description of problem:

You (being Red Hat) moved the Kerberos libraries and includes around 
from the default location to /usr/kerberos. This means you need to 
include this directory when compiling vsftpd.

CFLAGS = -I/usr/kerberos/include -L/usr/kerberos/lib -O2 -Wall -W -
Wshadow #-pedantic -Werror -Wconversion

But I still get an error when compiling vsftpd:

gcc -c sysdeputil.c -I/usr/kerberos/include -L/usr/kerberos/lib -O2 -
Wall -W -Wshadow -idirafter dummyinc
gcc -o vsftpd main.o utility.o prelogin.o ftpcmdio.o postlogin.o 
privsock.o tunables.o ftpdataio.o secbuf.o ls.o postprivparent.o 
logging.o str.o netstr.o sysstr.o strlist.o banner.o filestr.o 
parseconf.o secutil.o ascii.o oneprocess.o twoprocess.o privops.o 
standalone.o hash.o tcpwrap.o ipv6parse.o access.o features.o 
readwrite.o ssl.o sysutil.o sysdeputil.o -Wl,-s `./vsf_findlibs.sh`
/usr/lib/gcc-lib/i386-redhat-linux/3.3.2/../../../libssl.so: 
undefined reference to `krb5_cc_get_principal'
/usr/lib/gcc-lib/i386-redhat-linux/3.3.2/../../../libssl.so: 
undefined reference to `krb5_kt_close'
/usr/lib/gcc-lib/i386-redhat-linux/3.3.2/../../../libssl.so: 
undefined reference to `krb5_rc_get_lifespan'
/usr/lib/gcc-lib/i386-redhat-linux/3.3.2/../../../libssl.so: 
undefined reference to `krb5_rc_destroy'
/usr/lib/gcc-lib/i386-redhat-linux/3.3.2/../../../libssl.so: 
undefined reference to `krb5_kt_get_entry'
/usr/lib/gcc-lib/i386-redhat-linux/3.3.2/../../../libssl.so: 
undefined reference to `krb5_rc_initialize'
collect2: ld returned 1 exit status
make: *** [vsftpd] Error 1

I have tried adding -lkrb5 and the /usr/kerberos/lib to the LIBS.  
Still fails.  

Compiles fine with SSL/TLS support disabled.

Any ideas?

Version-Release number of selected component (if applicable): 2.0.1


How reproducible:

Everytime. 

Steps to Reproduce:
1.  Attempt to make vsftpd-2.0.1 with SSL/TLS support
2.
3.
  
Actual results:

gcc -c sysdeputil.c -I/usr/kerberos/include -L/usr/kerberos/lib -O2 -
Wall -W -Wshadow -idirafter dummyinc
gcc -o vsftpd main.o utility.o prelogin.o ftpcmdio.o postlogin.o 
privsock.o tunables.o ftpdataio.o secbuf.o ls.o postprivparent.o 
logging.o str.o netstr.o sysstr.o strlist.o banner.o filestr.o 
parseconf.o secutil.o ascii.o oneprocess.o twoprocess.o privops.o 
standalone.o hash.o tcpwrap.o ipv6parse.o access.o features.o 
readwrite.o ssl.o sysutil.o sysdeputil.o -Wl,-s `./vsf_findlibs.sh`
/usr/lib/gcc-lib/i386-redhat-linux/3.3.2/../../../libssl.so: 
undefined reference to `krb5_cc_get_principal'
/usr/lib/gcc-lib/i386-redhat-linux/3.3.2/../../../libssl.so: 
undefined reference to `krb5_kt_close'
/usr/lib/gcc-lib/i386-redhat-linux/3.3.2/../../../libssl.so: 
undefined reference to `krb5_rc_get_lifespan'
/usr/lib/gcc-lib/i386-redhat-linux/3.3.2/../../../libssl.so: 
undefined reference to `krb5_rc_destroy'
/usr/lib/gcc-lib/i386-redhat-linux/3.3.2/../../../libssl.so: 
undefined reference to `krb5_kt_get_entry'
/usr/lib/gcc-lib/i386-redhat-linux/3.3.2/../../../libssl.so: 
undefined reference to `krb5_rc_initialize'
collect2: ld returned 1 exit status
make: *** [vsftpd] Error 1

Expected results:

Should compile normally.

Additional info:
Comment 1 Radek Vokal 2004-10-06 06:51:28 EDT
There's a difference between Fedora Core, which has the kerberos
libraries still in /usr/lib directory and RHEL3 which uses the above
dir. For RHEL the latest update version is vsftpd-1.2.1-3E.1 which is
the only supported version here. 

My advice is if you want to use FC3 vsftpd create a simlinks for
kerberos libraries in /usr/lib. 
Comment 2 James Turnbull 2004-10-06 07:07:23 EDT
I am compiling a version from source?  Is this not supported?  We
require the SSL/TLS functionality of vsftpd 2.0.x.  Also I have tried
adding symlinks to the Kerberos libraries to the /usr/lib.  No joy.  
Comment 3 System V. Unix 2005-10-29 23:27:36 EDT
Hello. There is an easy fix for this. I have a need to take the RHAS4 or 
Fedora SRPM and compile it verbatim on RHAS3 for production purposes. Since 
the Keberos library were integrated into the core /usr/{lib,include} in RHAS4 
(in RHAS3 there were in /usr/keberos/{lib,include}) all we need is a simple 1-
line fix to the SRPMS spec file. If this is done, the SRPMS will build on both 
RHAS4 and support automatic backports to RHAS3 for those users who need to 
upgrade the FTP for SSL support on platforms running RHAS3. 

Enclosed is the tiny fix.

------CUT-HERE--------
--- vsftpd.spec.orig	2005-03-25 19:17:24.000000000 -0800
+++ vsftpd.spec	2005-03-25 19:22:03.000000000 -0800
@@ -58,9 +58,9 @@
 
 %build
 %ifarch s390x
-make CFLAGS="$RPM_OPT_FLAGS -fPIE -pipe" \
+make CFLAGS="$RPM_OPT_FLAGS -I/usr/kerberos/include -fPIE -pipe" \
 %else
-make CFLAGS="$RPM_OPT_FLAGS -fpie -pipe" \
+make CFLAGS="$RPM_OPT_FLAGS -I/usr/kerberos/include -fpie -pipe" \
 %endif
 	LINK="-pie -lssl" \
 	%{?_smp_mflags}
------CUT-HERE--------

Comment 4 Red Hat Bugzilla 2007-02-05 14:13:04 EST
REOPENED status has been deprecated. ASSIGNED with keyword of Reopened is preferred.
Comment 5 RHEL Product and Program Management 2007-10-19 15:17:07 EDT
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
 
For more information of the RHEL errata support policy, please visit:
http://www.redhat.com/security/updates/errata/
 
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.

Note You need to log in before you can comment on or make changes to this bug.