logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Building & Member Downloads View previous topic :: View next topic
Reply to topic   Topic: Building httpd with ldap and ssl and using mod_authnz_ldap
Author
Shaggy1



Joined: 30 Jul 2020
Posts: 11

PostPosted: Thu 30 Jul '20 19:41    Post subject: Building httpd with ldap and ssl and using mod_authnz_ldap Reply with quote

Hi

System info:
cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.4 (Santiago)

uname -a
Linux lb-cam-bca-13 2.6.32-642.15.1.el6.x86_64 #1 SMP Fri Feb 24 14:31:22 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

httpd -version
Server version: Apache/2.4.25 (Unix)
Server built: Jun 27 2017 16:23:25

gcc --version
gcc (GCC) 4.4.7 20120313 (Red Hat 4.4.7-17)

---------------------------------------------

I have installed a local version of apache 2.4 on my rhel 6 machine and is currently up and running fine.


However I now wish to enable ldap support on it and so initially tried to configure using the following:
./configure --prefix=/lb-cam-bca-13/usr/local/apache --with-included-apr --enable-ldap --enable-authnz-ldap --enable-ssl --enable-so --with-ldap


which seems to configure ok, but when I try to build I get the following errors:
gcc -std=gnu99 -g -O2 -pthread -DLINUX -D_REENTRANT -D_GNU_SOURCE -I. -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/os/unix -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/include -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/srclib/apr/include -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/srclib/apr-util/include -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/aaa -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/cache -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/core -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/database -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/filters -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/ldap -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/loggers -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/lua -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/proxy -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/session -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/ssl -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/test -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/server -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/arch/unix -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/dav/main -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/generators -I/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/modules/mappers -c /lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/server/buildmark.c
/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/srclib/apr/libtool --silent --mode=link gcc -std=gnu99 -g -O2 -pthread -o httpd modules.lo buildmark.o -export-dynamic server/libmain.la modules/core/libmod_so.la modules/http/libmod_http.la server/mpm/event/libevent.la os/unix/libos.la -lpcre /lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/srclib/apr-util/libaprutil-1.la -lexpat /lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25/srclib/apr/libapr-1.la -lrt -lcrypt -lpthread
server/.libs/libmain.a(exports.o)Sad.data+0x2758): undefined reference to `apr_ldap_ssl_init'
server/.libs/libmain.a(exports.o)Sad.data+0x2760): undefined reference to `apr_ldap_ssl_deinit'
server/.libs/libmain.a(exports.o)Sad.data+0x2768): undefined reference to `apr_ldap_init'
server/.libs/libmain.a(exports.o)Sad.data+0x2770): undefined reference to `apr_ldap_info'
server/.libs/libmain.a(exports.o)Sad.data+0x2778): undefined reference to `apr_ldap_get_option'
server/.libs/libmain.a(exports.o)Sad.data+0x2780): undefined reference to `apr_ldap_set_option'
server/.libs/libmain.a(exports.o)Sad.data+0x2788): undefined reference to `apr_ldap_rebind_init'
server/.libs/libmain.a(exports.o)Sad.data+0x2790): undefined reference to `apr_ldap_rebind_add'
server/.libs/libmain.a(exports.o)Sad.data+0x2798): undefined reference to `apr_ldap_rebind_remove'
server/.libs/libmain.a(exports.o)Sad.data+0x27a0): undefined reference to `apr_ldap_is_ldap_url'
server/.libs/libmain.a(exports.o)Sad.data+0x27a8): undefined reference to `apr_ldap_is_ldaps_url'
server/.libs/libmain.a(exports.o)Sad.data+0x27b0): undefined reference to `apr_ldap_is_ldapi_url'
server/.libs/libmain.a(exports.o)Sad.data+0x27b8): undefined reference to `apr_ldap_url_parse_ext'
server/.libs/libmain.a(exports.o)Sad.data+0x27c0): undefined reference to `apr_ldap_url_parse'
collect2: ld returned 1 exit status
make[1]: *** [httpd] Error 1
make[1]: Leaving directory `/lb-cam-bca-13/usr/local/src/apache/httpd-2.4.25'
make: *** [all-recursive] Error 1

Anyone know whether I should be able to build httpd with ldap and ssl using the included apr ? And if so what runes I need to dos ?


Thinking that may be the included apr either does not support ldap or is in someway not comptible with my version of gcc thought I'd try building apr and apr-util from scratch and use --with directives to include then in the httpd build. This seemed to build ok, but when trying to run apache I get a link error.

I did the following:
download and unpack apr-1.7.0
download and unpack apr-util-1.6.1

# confgire apr-1.7.0 and build it
Code:
$ cd apr/apr-1.7.0
./configure --prefix=/lb-cam-bca-13/usr/local/apache
make
make install


# configure apr-util-1.6.1 and build it
Code:
$ ./configure --with-crypto --with-ldap=ldap --with-openssl --with-mysql --with-apr=../../apr/apr-1.7.0 --enable-so
make
make install


# configure and build httpd
Code:
$ ./configure --prefix=/lb-cam-bca-13/usr/local/apache --with-apr=../apr/apr-1.7.0 --with-apr-util=../aprutil/apr-util-1.6.1  --with-ldap --enable-authnz-ldap --enable-so --enable-ssl --enable-md --enable-log-forensic
make install


# enable load module in httpd.conf
LoadModule mod_authnz_ldap modules/mod_authnz_ldap.so

# ready to start apache
Code:
$ apachectl stop
# syntax error
httpd: Syntax error on line 74 of /lb-cam-bca-13/usr/local/apache/conf/httpd.conf: Can't locate API module structure `mod_authnz_ldap' in file /lb-cam-bca-13/usr/local/apache/modules/mod_authnz_ldap.so: /lb-cam-bca-13/usr/local/apache/modules/mod_authnz_ldap.so: undefined symbol: mod_authnz_ldap


Anyone any idea why this link error is occuring? Does anyone know even where the symbol should be got from - I cannot seem to find it in the binaries or (as a function) in the source files ?
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7374
Location: Germany, Next to Hamburg

PostPosted: Fri 31 Jul '20 11:15    Post subject: Reply with quote

I didn't compiled apache with ldap support so far before, but you need to set the path in the configure

e.g.
Code:

--with-ldap-include=/opt/lib/openldap-2.4.45/include --with-ldap-lib=/opt/lib/openldap-2.4.45/lib --with-crypto --with-ldap --enable-authnz-ldap


and you script doesn't find openssl lib. You can set that using export for the compiler flags.

Code:

./buildconf
export LD_LIBRARY_PATH=~/apache24/httpd-2.4.43/srclib/apr:${LD_LIBRARY_PATH}
export LDFLAGS="-Wl,-rpath,/opt/openssl/lib"
./configure --prefix=/opt/apache2 --enable-pie ......
Back to top
Shaggy1



Joined: 30 Jul 2020
Posts: 11

PostPosted: Wed 05 Aug '20 10:09    Post subject: Reply with quote

Thank you for the reply.

I tried building a local version of ldap and openssl then explicitly specifying locations for ldap lib and include. Again all built fine, but I am still seeing the error. For completeness below is whta I did:

# openssl
Code:
$ cd openssl-1.0.2o
./configure --prefix=/lb-cam-bca-13/usr/local/apache
make
make install



#ldap
Code:
$ cd ldap/openldap-2.4.50
./configure --prefix=/lb-cam-bca-13/usr/local/ldap --with-tls=openssl
make depend
make
make install


# apr
Code:
$ cd apache/apr/apr-1.7.0
./configure --prefix=/lb-cam-bca-13/usr/local/apache
make
make install


#apr-util
Code:
$ cd apache/aprutil/apr-util-1.6.1
./configure --with-crypto --with-ldap=ldap --with-openssl=/lb-cam-bca-13/usr/local/src/openssl-1.0.2o --with-mysql --with-apr=../../apr/apr-1.7.0 --with-ldap-include=/lb-cam-bca-13/usr/local/src/ldap/openldap-2.4.50/include --with-ldap-lib=/lb-cam-bca-13/usr/local/ldap/lib
make
make install


# httpd
Code:
$ ./configure --prefix=/lb-cam-bca-13/usr/local/apache --with-openssl=/lb-cam-bca-13/usr/local/src/openssl-1.0.2o --with-apr=../apr/apr-1.7.0 --with-apr-util=../aprutil/apr-util-1.6.1 --with-ldap-include=/lb-cam-bca-13/usr/local/src/ldap/openldap-2.4.50/include --with-ldap-lib=/lb-cam-bca-13/usr/local/ldap/lib --enable-authnz-ldap --enable-so --enable-ssl --enable-md --enable-log-forensic
make
make install


I have noticed during my searches that the error I am seeing is the same as one that is seen when the .so modules do not exist, which may mean that apache is not looking for the modules where I think it should be.

Does anyone know how I can get apache to output exactly where it is looking for the modules ?

Does anyone know where I can explicitly tell it where to look for the modules ? (As I understood it this was defined by the ServerRoot directive, but I guess that may not be the case, or maybe I have somehow inadvertently overridden it in my config file).
Back to top
Shaggy1



Joined: 30 Jul 2020
Posts: 11

PostPosted: Wed 05 Aug '20 11:12    Post subject: Reply with quote

OK - it seems I was using the wrong name in the LoadModule directive.

The LoadModule line that I put in:
Code:
LoadModule mod_authnz_ldap modules/mod_authnz_ldap.so


should be:
Code:
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so


Then it works. Clearly it was looking for mod_authnz_ldap in some table somewhere and not finding it.

Using the correct name it seems to be loading (though I have not tried actually using it)
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA

PostPosted: Wed 05 Aug '20 20:50    Post subject: Reply with quote

Just a side note, when in doubt you can find these inside the module source itself, just look for

AP_DECLARE_MODULE(authnz_ldap)

and add _module at the end.
Back to top


Reply to topic   Topic: Building httpd with ldap and ssl and using mod_authnz_ldap View previous topic :: View next topic
Post new topic   Forum Index -> Building & Member Downloads