I'm trying to install the latest version of Lighttpd v1.4.29 web server under RHEL 6.1 AMD64 and getting the following error:
network.c: In function ‘network_init’:
network.c:483: error: ‘EC_KEY’ undeclared (first use in this function)
network.c:483: error: (Each undeclared identifier is reported only once
network.c:483: error: for each function it appears in.)
network.c:483: error: ‘ecdh’ undeclared (first use in this function)
network.c:484: warning: unused variable ‘nid’
make[3]: *** [network.o] Error 1
make[3]: Leaving directory `/opt/new/lighttpd-1.4.29/src'
make[2]: *** [all] Error 2
make[2]: Leaving directory `/opt/new/lighttpd-1.4.29/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/opt/new/lighttpd-1.4.29'
make: *** [all] Error 2
How do I fix this problem under CentOS 5.x, or RHEL, or Red Hat Enterprise Linux 6.x, or Fedora Linux?
Elliptic Curve Cryptography (ECC) is a new public-key cryptosystem for mobile/wireless environments. Lighttpd supports ECC but RHEL 6.x or CenOS 5.x comes with the older version of OpenSSL. To solve this problem:
- Use newer version of OpenSSL, which support Elliptic Curve Cryptography. (it means you need to recompile OpenSSL on RHEL)
- Compile lighttpd without OpenSSL (this will only work if you run all sites without https support)
- Compile lighttpd with OPENSSL_NO_ECDH patch. It adda a missing check for OPENSSL_NO_ECDH in network.c which gets removed from openssl in Fedora/RHEL/CentOS Linux due to patent issue. This patch will be included in lighttpd v1.4.30.
The commands to apply patch are as follows. Download the patch in /tmp:
$ cd /tmp
$ wget http://redmine.lighttpd.net/attachments/1294/lighttpd_1.4.29_ssl_no_ecdh.patch
cd to the lighttpd v1.4.29 source code directory:
$ cd /opt/lighttpd-1.4.29
Apply the patch, enter:
$ patch -p1 < /tmp/lighttpd_1.4.29_ssl_no_ecdh.patch
Now, you can compile lighttpd as follows:
$ ./configure --with-openssl --option1 --option2
$ make
$ sudo make install
Replace --option1, --option2 with required options. Here is an working example:
$ ./configure --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --with-openssl --with-fam
$ make
$ sudo make install
You should follow me on twitter here or grab rss feed to keep track of new changes.
Featured Articles:
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop
{ 1 comment… read it below or add one }
HI Sir/Madam,
I am using linux redhat I have problem with telent if you help me please. when I telnet from backup server to main server the result is trying 127.20.1.1…..after some minutes the result is telnet connection to addres 127.20.1.1 connection time out.and also I cannot ping and I can telent and ping from main to backup I dont know what is the problem can you help me as soon as possible.
with best regards