编译openldap时出错

[andylee521]

如题：

openldap-2.6.7/libraries/libldap/tls_o.c:1075:(.text+0x5a1): undefined reference to `EVP_md2'
bin/ld: openldap-2.6.7/libraries/libldap/tls_o.c:1078:(.text+0x5af): undefined reference to `EVP_md4'
bin/ld: ./.libs/libldap.a(tls_o.o): in function `tlso_session_endpoint':
openldap-2.6.7/libraries/libldap/tls_o.c:1075:(.text+0x5a1): undefined reference to `EVP_md2'
bin/ld: openldap-2.6.7/libraries/libldap/tls_o.c:1078:(.text+0x5af): undefined reference to `EVP_md4'
./.libs/libldap.a(tls_o.o): in function `tlso_session_endpoint':
openldap-2.6.7/libraries/libldap/tls_o.c:1075:(.text+0x5a1): undefined reference to `EVP_md2'
ld: /openldap-2.6.7/libraries/libldap/tls_o.c:1078:(.text+0x5af): undefined reference to `EVP_md4'
collect2: error: ld returned 1 exit status
collect2: error: ld returned 1 exit status
collect2: error: ld returned 1 exit status
make[4]: *** [Makefile:336: urltest] Error 1
make[4]: *** Waiting for unfinished jobs....
make[4]: *** [Makefile:324: apitest] Error 1
make[4]: *** [Makefile:328: ftest] Error 1

但是openssl没有问题，应该是没有定义OPENSSL_NO_MD2，OPENSSL_NO_MD4的问题，如果想兼容openssl，最好继承原有的编译宏。

openldap出问题的代码片段

#if OPENSSL_VERSION_NUMBER >= 0x10100000
        md = EVP_get_digestbynid( X509_get_signature_nid( cert ));
#else
        md = EVP_get_digestbynid(OBJ_obj2nid( cert->sig_alg->algorithm ));
#endif

        /* See RFC 5929 */
        if ( md == NULL ||
             md == EVP_md_null() ||
#ifndef OPENSSL_NO_MD2
             md == EVP_md2() ||
#endif
#ifndef OPENSSL_NO_MD4
             md == EVP_md4() ||
#endif
#ifndef OPENSSL_NO_MD5
             md == EVP_md5() ||
#endif
             md == EVP_sha1() )
                md = EVP_sha256();

[dongbeiouba]

因为Tongsuo删除了一些不安全的算法，包括MD2等。

短期内想使用Tongsuo编译openldap的办法可以在编译openldap时编译选项加上-DOPENSSL_NO_MD2来解决，其他算法类似。

Tongsuo后续考虑增加已删除算法的宏定义，例如OPENSSL_NO_MD2等，来解决此类编译问题，保持兼容性。