Renaud Allard schrieb:
>
> Tom Kistner wrote:
>> Renaud Allard schrieb:
>>
>>> /usr/local/lib/libdkim.a(dkimsign.o)(.text+0x103): In function
>>> `CDKIMSign::CDKIMSign[not-in-charge]()':
>>> : undefined reference to `EVP_sha256'
>> OK, then that OpenSSL was actually built without sha256 support. I'm
>> afraid you need to upgrade it.
>>
>
> I think you are right. However, it is funny as OpenBSD uses sha256 as
> the default auth in ipsec and the header is present:
>
> # grep EVP_sha256 /usr/include/openssl/*
> /usr/include/openssl/evp.h:const EVP_MD *EVP_sha256(void);
>
> # strings /usr/lib/libssl.so.11.0 | grep 256
> EVP_aes_256_cbc
> DH-DSS-AES256-SHA
> DH-RSA-AES256-SHA
> DHE-DSS-AES256-SHA
> DHE-RSA-AES256-SHA
> ADH-AES256-SHA
> AES-256-CBC
> AES(256)
Those strings are just SSL ciphersuites, using a 256 bit AES key
together with an ordinary 160 bit SHA-1. Obviously, EVP_sha256() was not
compiled in.
But since you have EVP_sha256() in the cited header, you can check the
header along with openssl's makefile on how to pull it in.
Patrick