Project

General

Profile

Actions

Bug #3104

closed

mod_auth.so: undefined symbol: nettle_sha512_256_init

Added by mckaygerhard over 3 years ago. Updated about 3 years ago.

Status:
Invalid
Priority:
Normal
Category:
mod_auth
Target version:
ASK QUESTIONS IN Forums:
No

Description

i compiled my lighttpd and upgraded some libs on a copy of production server, after success got an dlopen error:


/usr/sbin/lighttpd -tt -f /etc/lighttpd/lighttpd.conf
2021-09-20 14:13:37: plugin.c.195) dlopen() failed for: /usr/lib/lighttpd/mod_auth.so /usr/lib/lighttpd/mod_auth.so: undefined symbol: nettle_sha512_256_init
2021-09-20 14:13:37: server.c.1238) loading plugins finally failed

Please what can be the problem i just have a default file tiht this extra:

$HTTP["url"] =~ "^/devel/setup" {
    auth.backend = "htpasswd" 
    auth.backend.htpasswd.userfile = "/etc/phpmyadmin/htpasswd.setup" 
    auth.require = (
        "/" => (
            "method" => "basic",
            "realm" => "provide user",
            "require" => "valid-user" 
        )
    )
}
Actions #1

Updated by gstrauss over 3 years ago

  • Status changed from New to Invalid

Please what can be the problem

Please ask questions in the Forums. See link in menu bar at top.

Marking this issue as invalid. You have not provided such basic information as the OS version(s) you are using and library versions of Nettle you are using. You also have not provided basic information on whether or not this was working with previous versions of lighttpd on your production systems, and what version of lighttpd you were running.

The Nettle library probably has SHA 512-256 support on the machine which you built lighttpd, but the Nettle library on your production server does not?

For a workaround, see src/sys-crypto-md.h. Put an #if 0 ... #endif around the block which starts #define USE_LIB_CRYPTO_SHA512_256 near line 106, and include the SHA512_256_* funcs. Then recompile lighttpd.

Actions #2

Updated by gstrauss over 3 years ago

nettle_sha512_256_init() is part of tag nettle_3.0_release_20140607 in the Nettle git repo.

Actions #3

Updated by mckaygerhard about 3 years ago

fater " nettle_sha512_256_init() is part of tag nettle_3.0_release_20140607 in the Nettle git repo. " responses i check and this version is not more suitable for production servers.. make me to backport nettle lib..

lighttpd must raised the configure chekcs for nettle libs, is valid point cos i just build with minimal depends to do not make more work upgrading large amouont of software @gstrauss

again .. you act as "i have right" .. fine!

Actions #4

Updated by gstrauss about 3 years ago

fater " nettle_sha512_256_init() is part of tag nettle_3.0_release_20140607 in the Nettle git repo. " responses i check and this version is not more suitable for production servers.. make me to backport nettle lib..

Nettle is not a requirement for lighttpd. Nettle is an option. You chose to configure --with-nettle. You do not have to do that.

Nettle release tag nettle_3.0_release_20140607 was released in 2014. Are you complaining about "backporting" a crypto library from 2014 to a system running even older software?

The latest Nettle release is tag nettle_3.7.3_release_20210606.

Best practices dictate that your keep reasonably up-to-date with libraries on which your system or application security depends.

Actions

Also available in: Atom