#1  
Old 25th February 2008, 19:26
testnbbuser testnbbuser is offline
Junior Member
 
Join Date: Feb 2008
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default vsftpd and ssl

Hi,

I am trying to compile the vsftpd binary with support for ssl.
I changed the builddefs.h to include #define VSF_BUILD_SSL
but I get an error when make tries to to compile the file ssl.c:

A part of the error after the make:

....
gcc -c access.c -O2 -Wall -W -Wshadow -idirafter dummyinc
gcc -c features.c -O2 -Wall -W -Wshadow -idirafter dummyinc
gcc -c readwrite.c -O2 -Wall -W -Wshadow -idirafter dummyinc
gcc -c ssl.c -O2 -Wall -W -Wshadow -idirafter dummyinc
ssl.c:27:25: error: openssl/err.h: No such file or directory
ssl.c:28:26: error: openssl/rand.h: No such file or directory
ssl.c:29:25: error: openssl/bio.h: No such file or directory
ssl.c:32: error: syntax error before '*' token
ssl.c:32: warning: type defaults to 'int' in declaration of 'get_ssl'
....

The ssl files that are needed are located at /usr/local/ssl/include/openssl

I added /usr/local/ssl/include/openssl to the path and the errors did not change. I also included /usr/local/ssl/include/openssl in the INCLUDE environment variable.

I also tried to change the make. Vsftpd make currently has:

CFLAGS = -O2 -Wall -W -Wshadow
and I changed it for
CFLAGS = -O2 -Wall -W -Wshadow -I/usr/local/ssl/include/ -I/usr/local/ssl/include/openssl


A chunk of the output after the make:

From the ssl.c file. ( I added the line numbers at line 24.)
/*
* ssl.c
* Routines to handle a SSL/TLS-based implementation of RFC 2228, i.e.
* encryption.
*/

#include "ssl.h"
#include "session.h"
#include "ftpcodes.h"
#include "ftpcmdio.h"
#include "defs.h"
#include "str.h"
#include "sysutil.h"
#include "tunables.h"
#include "utility.h"
#include "builddefs.h"

#ifdef VSF_BUILD_SSL

#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/bio.h>

static char* get_ssl_error();
static SSL* get_ssl(struct vsf_session* p_sess, int fd);
static int ssl_session_init(struct vsf_session* p_sess);


Any one has any idea?

Thanks!
Reply With Quote
Sponsored Links
  #2  
Old 26th February 2008, 20:14
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

Quote:
Originally Posted by testnbbuser
ssl.c:27:25: error: openssl/err.h: No such file or directory
I guess you need to install the openssl-devel package for your distribution.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 26th February 2008, 21:40
testnbbuser testnbbuser is offline
Junior Member
 
Join Date: Feb 2008
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I need to install it from a source tarball. Where can i get the tarball?
I don't find in the downloads openssl page:
http://openssl.org/source/

thanks!
Reply With Quote
  #4  
Old 27th February 2008, 01:34
anewby anewby is offline
Junior Member
 
Join Date: Feb 2008
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Here's a hack but it works

You need to fool vsftpd by faking locations of include files and libraries for openssl

My openssl installation is at /usr/local/openssl. Under here you will find include/openssl and lib.

To get vsftpd to compile and link, you need three symlinks:

1. Go to /usr/include and execute:
ln -s [Path to your openssl install]/include/openssl openssl

This sets up a symlink (/usr/include/openssl) that points to your actual openssl include file directory. This will get you through compile but not link.

2. Go to /usr/lib and execute:
ln -s [Path to your openssl install]/lib/libcrypto.a libcrypto.a
ln -s [Path to your openssl install]/lib/libssl.a libssl.a

This sets up symlinks in /usr/lib that point to your actual openssl libraries. Once these symlinks are in place, the link should also work.


One note: My system is AIX, where shared libraries have a .a extension. Obviously, you will need to modify step 2. if your OS has a diferent convention. Look in [Path to your openssl install]/lib to find out.

Also, this doesn't address warnings compiling sysutil.c but those seem benign anyway.
Reply With Quote
  #5  
Old 27th February 2008, 01:35
anewby anewby is offline
Junior Member
 
Join Date: Feb 2008
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default ... one more thing

If you're compiling open ssl from the source tarball, you can ignore previous poster's comment about openssl-devel. That's included
Reply With Quote
  #6  
Old 27th February 2008, 14:00
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

Quote:
Originally Posted by testnbbuser
I need to install it from a source tarball. Where can i get the tarball?
I don't find in the downloads openssl page:
http://openssl.org/source/

thanks!
http://www.openssl.org/source/openssl-0.9.8g.tar.gz

What distribution are you using?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 27th February 2008, 22:00
testnbbuser testnbbuser is offline
Junior Member
 
Join Date: Feb 2008
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Falko,

I am using a Linux from scratch system, compiled with very few services and that fits under a 64MB CF card....

The file http://www.openssl.org/source/openssl-0.9.8g.tar.gz is the one I used to compile support for SSL in my system. It compiles all well, and SSL works perfectly with other services. For example I have SSH installed and it depends of Zlib and SSL.

anewby,
you were right. I follow your steps (almost the same,I did setup the 2 links for libcrypto.a and libssl.a in my /usr/lib/ ,and I did the softlinks in the /usr/include and then add to the Makefile this -I/usr/include). Now the compiling process passes the ssl.c properly but now I get another error:

gcc -c ssl.c -O2 -Wall -W -Wshadow -I/usr/include -I/usr/lib -idirafter dummyinc
gcc -c sysutil.c -O2 -Wall -W -Wshadow -I/usr/include -I/usr/lib -idirafter dummyinc
<--- These 2 compile OK now
gcc -c sysdeputil.c -O2 -Wall -W -Wshadow -I/usr/include -I/usr/lib -idirafter dummyinc <--- This one throws warning
sysdeputil.c: In function `do_sendfile':
sysdeputil.c:663: warning: null argument where non-null required (arg 3)
gcc -o vsftpd main.o utility.o prelogin.o ftpcmdio.o postlogin.o privsock.o tunables.o ftpdataio.o secbuf.o ls.o postprivparent.o logging.o str.o netstr.o sysstr.o strlist.o banner.o filestr.o parseconf.o secutil.o ascii.o oneprocess.o twoprocess.o privops.o standalone.o hash.o tcpwrap.o ipaddrparse.o access.o features.o readwrite.o ssl.o sysutil.o sysdeputil.o -Wl,-s `./vsf_findlibs.sh`
/storage/tools/bin/../lib/gcc/i686-pc-linux-gnu/3.4.3/../../../../i686-pc-linux-gnu/bin/ld: cannot find -lssl <---- The linker throws error
collect2: ld returned 1 exit status
make: *** [vsftpd] Error 1

Looks like is the linker the one that is complaining right now.The -lssl seems to look for the ssl library but doesn't find it. I found a file in the vsftpd-2.0.6.tar.gz tarball that is called vsf_findlibs.sh
As I could see in the file, it does search for the available libraries and then report which libraries were found. If I run it manually, this is the output before the make:

./vsf_findlibs.sh
egrep: tcpwrap.o: No such file or directory
egrep: sysdeputil.o: No such file or directory
-lcrypt
-lcrypt
-ldl
-lnsl
-lresolv
-lutil
egrep: ssl.o: No such file or directory

This is the output after the make:

./vsf_findlibs.sh
-lcrypt
-lcrypt
-ldl
-lnsl
-lresolv
-lutil
-lssl -lcrypto

...so it finds all the libraries. I don't really know why the linker throws the error. After compiling the ssl.o is in the same folder as the Makefile, so it should have to link it properly.

Any ideas?

Last edited by testnbbuser; 27th February 2008 at 22:36.
Reply With Quote
  #8  
Old 13th March 2008, 00:32
testnbbuser testnbbuser is offline
Junior Member
 
Join Date: Feb 2008
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

anybody? I am really stuck
Reply With Quote
  #9  
Old 13th March 2008, 19:16
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

I have no idea...
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #10  
Old 26th October 2008, 20:22
Killer Whale Killer Whale is offline
Junior Member
 
Join Date: Oct 2008
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

try to install the package "libcurl4-openssl-dev"

It's work fot me !
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd permissions malinens Installation/Configuration 17 25th February 2008 23:57
Problems with vsftpd A|fie Installation/Configuration 19 7th August 2007 01:43
How to get ssl file names in config.lib.php JGZimmerle Developers' Forum 4 13th June 2007 13:24
vsftpd virtual server mod with FTPS for non-anonymous sessions JGZimmerle Tips/Tricks/Mods 0 13th June 2007 08:28
Virtual Hosting With vsftpd And PostgreSQL (MYSQL ?) vlade HOWTO-Related Questions 2 12th May 2007 12:29


All times are GMT +2. The time now is 07:37.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.