Bug #3104
closedmod_auth.so: undefined symbol: nettle_sha512_256_init
Description
i compiled my lighttpd and upgraded some libs on a copy of production server, after success got an dlopen error:
/usr/sbin/lighttpd -tt -f /etc/lighttpd/lighttpd.conf
2021-09-20 14:13:37: plugin.c.195) dlopen() failed for: /usr/lib/lighttpd/mod_auth.so /usr/lib/lighttpd/mod_auth.so: undefined symbol: nettle_sha512_256_init
2021-09-20 14:13:37: server.c.1238) loading plugins finally failed
Please what can be the problem i just have a default file tiht this extra:
$HTTP["url"] =~ "^/devel/setup" {
auth.backend = "htpasswd"
auth.backend.htpasswd.userfile = "/etc/phpmyadmin/htpasswd.setup"
auth.require = (
"/" => (
"method" => "basic",
"realm" => "provide user",
"require" => "valid-user"
)
)
}
Updated by gstrauss about 3 years ago
- Status changed from New to Invalid
Please what can be the problem
Please ask questions in the Forums. See link in menu bar at top.
Marking this issue as invalid. You have not provided such basic information as the OS version(s) you are using and library versions of Nettle you are using. You also have not provided basic information on whether or not this was working with previous versions of lighttpd on your production systems, and what version of lighttpd you were running.
The Nettle library probably has SHA 512-256 support on the machine which you built lighttpd, but the Nettle library on your production server does not?
For a workaround, see src/sys-crypto-md.h. Put an #if 0 ... #endif around the block which starts #define USE_LIB_CRYPTO_SHA512_256 near line 106, and include the SHA512_256_* funcs. Then recompile lighttpd.
Updated by gstrauss about 3 years ago
nettle_sha512_256_init() is part of tag nettle_3.0_release_20140607 in the Nettle git repo.
Updated by mckaygerhard about 3 years ago
fater " nettle_sha512_256_init() is part of tag nettle_3.0_release_20140607 in the Nettle git repo. " responses i check and this version is not more suitable for production servers.. make me to backport nettle lib..
lighttpd must raised the configure chekcs for nettle libs, is valid point cos i just build with minimal depends to do not make more work upgrading large amouont of software @gstrauss
again .. you act as "i have right" .. fine!
Updated by gstrauss about 3 years ago
fater " nettle_sha512_256_init() is part of tag nettle_3.0_release_20140607 in the Nettle git repo. " responses i check and this version is not more suitable for production servers.. make me to backport nettle lib..
Nettle is not a requirement for lighttpd. Nettle is an option. You chose to configure --with-nettle. You do not have to do that.
Nettle release tag nettle_3.0_release_20140607 was released in 2014. Are you complaining about "backporting" a crypto library from 2014 to a system running even older software?
The latest Nettle release is tag nettle_3.7.3_release_20210606.
Best practices dictate that your keep reasonably up-to-date with libraries on which your system or application security depends.
Also available in: Atom