≡ Menu

Lighttpd: network.c:483: error: ‘EC_KEY’ undeclared (first use in this function) Error and Solution

I'm trying to install the latest version of Lighttpd v1.4.29 web server under RHEL 6.1 AMD64 and getting the following error:

network.c: In function ‘network_init’:
network.c:483: error: ‘EC_KEY’ undeclared (first use in this function)
network.c:483: error: (Each undeclared identifier is reported only once
network.c:483: error: for each function it appears in.)
network.c:483: error: ‘ecdh’ undeclared (first use in this function)
network.c:484: warning: unused variable ‘nid’
make[3]: *** [network.o] Error 1
make[3]: Leaving directory `/opt/new/lighttpd-1.4.29/src'
make[2]: *** [all] Error 2
make[2]: Leaving directory `/opt/new/lighttpd-1.4.29/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/opt/new/lighttpd-1.4.29'
make: *** [all] Error 2

How do I fix this problem under CentOS 5.x, or RHEL, or Red Hat Enterprise Linux 6.x, or Fedora Linux?

Elliptic Curve Cryptography (ECC) is a new public-key cryptosystem for mobile/wireless environments. Lighttpd supports ECC but RHEL 6.x or CenOS 5.x comes with the older version of OpenSSL. To solve this problem:

  1. Use newer version of OpenSSL, which support Elliptic Curve Cryptography. (it means you need to recompile OpenSSL on RHEL)
  2. Compile lighttpd without OpenSSL (this will only work if you run all sites without https support)
  3. Compile lighttpd with OPENSSL_NO_ECDH patch. It adda a missing check for OPENSSL_NO_ECDH in network.c which gets removed from openssl in Fedora/RHEL/CentOS Linux due to patent issue. This patch will be included in lighttpd v1.4.30.

The commands to apply patch are as follows. Download the patch in /tmp:
$ cd /tmp
$ wget http://redmine.lighttpd.net/attachments/1294/lighttpd_1.4.29_ssl_no_ecdh.patch

cd to the lighttpd v1.4.29 source code directory:
$ cd /opt/lighttpd-1.4.29
Apply the patch, enter:
$ patch -p1 < /tmp/lighttpd_1.4.29_ssl_no_ecdh.patch
Now, you can compile lighttpd as follows:
$ ./configure --with-openssl --option1 --option2
$ make
$ sudo make install

Replace --option1, --option2 with required options. Here is an working example:
$ ./configure --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --with-openssl --with-fam
$ make
$ sudo make install

Tweet itFacebook itGoogle+ itPDF itFound an error/typo on this page?

{ 1 comment… add one }

  • Ghulam Sakhi October 20, 2011, 11:20 am

    HI Sir/Madam,
    I am using linux redhat I have problem with telent if you help me please. when I telnet from backup server to main server the result is trying…..after some minutes the result is telnet connection to addres connection time out.and also I cannot ping and I can telent and ping from main to backup I dont know what is the problem can you help me as soon as possible.
    with best regards

Leave a Comment