OpenSSH configure problems (zlib, openssl)
 

I'm compiling OpenSSH from source. It told me I should upgrade zlib to 1.2.3 for security reasons, so I did (compiled from source). When compiling zlib, I used ./configure --prefix=/usr It configured, built and installed just fine. But when I go back to compiling OpenSSH, it still doesn't see the new version. After looking in the config.log file, I found out that it sees 1.2.1. I did a grep on /usr/include/* for 1.2.1 and found nothing relivant. I did the same thing on /usr/local/include/* and found zlib.h (the 1.2.1 version). I just gor rid of /usr/local/include/zlib.h and it passed the zlib test without any problems.

So I solved that problem on my own (while writing this); but I was wondering if there's a sane way to make the default path /usr/include before it looks in /use/local/include

The other problem is that my openssl headers don't match the openssl library (header is correct at 0.9.8a, library is detected as OpenSSL 0.9.7b). I'll look into this one then post back my solution. Everyone who uses SSH *should* have the lastest version (being that there's known security holes in all previous versions), which means others should also run into these problems. So hopefully this thread will help a bunch of people.

Maybe try ldconfig to update the to recognize the new version.

I ran ldconfig after installing zlib. I guess it couldn't hurt now that I re-compiled / installed openssl again. I locked myself out yesterday, so I didn't get very far yet.

Usually you can use ./configure options to tell it where to look for different stuff. You can see detailed options with: ./configure --help

Here's the configure statement and a clip of the output:

I removed /usr/ssl/ (which looked like another openssl installation (probably the original which I'm trying to upgrade), and ran the same ./configure statement... same error. I greped for OPENSSL_VERSION_NUMBER in /usr/local/include and /usr/include based on what I saw in config.log but came up pretty much empty handed. There's wasn't any code defining a value there. The search continues...

grep just found this:
/usr/include/openssl/opensslv.h:#define OPENSSL_VERSION_NUMBER 0x0090801fL

so I decided to run this to search recursivly for OPENSSL_VERSION_NUMBER in /usr/
but that didn't really help much either :-/

same (lack of) results in /lib I'm just going to abuse my hard drive and search the whole drive...

Problem solved :)

Maybe someday I'll learn to read the message that tells me how to troubleshoot it. :rolleyes:

from my very own post:
"Also see contrib/findssl.sh for help identifying header/library mismatches."

sh ./contrib/findssl.sh tells you what libs and headers are installed. Mine were in /usr/lib (as I would expect). Just look to see what's there and where the symlinks point...
ls -l /usr/lib/libcrypto.so*

And finally, I believe that openssl as to be configured with the "shared" or you won't have the library. I could be wrong, but I can say this... here's my config statments for both openssl and openssh (and it compiled/installed on my Slackware 10.2 box).

openssl
./config threads shared zlib --prefix=/usr --openssldir=/usr/openssl

openssh
./configure --prefix=/usr --sysconfdir=/etc --with-openssl-dir=/usr/openssl