Describe how to build libcrypto as PIC.

While there, move the OpenSSL 1.1.0g caveat closer to the other version
information.
This commit is contained in:
Darren Tucker 2019-12-09 20:25:26 +11:00
parent b66fa5da25
commit 9a967c5bbf
1 changed files with 7 additions and 4 deletions

11
INSTALL
View File

@ -25,11 +25,14 @@ is supported but severely restricts the avilable ciphers and algorithms.
- OpenSSL (https://www.openssl.org) with any of the following versions:
- 1.0.x >= 1.0.1 or 1.1.0 >= 1.1.0g or any 1.1.1
Note that due to a bug in EVP_CipherInit OpenSSL 1.1 versions prior to
1.1.0g can't be used.
LibreSSL/OpenSSL should be compiled as a position-independent library
(i.e. with -fPIC) otherwise OpenSSH will not be able to link with it.
If you must use a non-position-independent libcrypto, then you may need
to configure OpenSSH --without-pie. Note that due to a bug in EVP_CipherInit
OpenSSL 1.1 versions prior to 1.1.0g can't be used.
(i.e. -fPIC, eg by configuring OpenSSL as "./config [options] -fPIC"
or LibreSSL as "CFLAGS=-fPIC ./configure") otherwise OpenSSH will not
be able to link with it. If you must use a non-position-independent
libcrypto, then you may need to configure OpenSSH --without-pie.
If you build either from source, running the OpenSSL self-test ("make
tests") or the LibreSSL equivalent ("make check") and ensuring that all