Describe how to build libcrypto as PIC.

While there, move the OpenSSL 1.1.0g caveat closer to the other version information.
2024-12-22 10:00:14 +00:00 · 2019-12-09 20:25:26 +11:00 · 2019-12-09 20:25:26 +11:00 · 9a967c5bbf
commit 9a967c5bbf
parent b66fa5da25
1 changed files with 7 additions and 4 deletions
--- a/11
+++ b/11
@ -25,11 +25,14 @@ is supported but severely restricts the avilable ciphers and algorithms.
 - OpenSSL (https://www.openssl.org) with any of the following versions:
   - 1.0.x >= 1.0.1 or 1.1.0 >= 1.1.0g or any 1.1.1

+Note that due to a bug in EVP_CipherInit OpenSSL 1.1 versions prior to
+1.1.0g can't be used.
+
 LibreSSL/OpenSSL should be compiled as a position-independent library
-(i.e. with -fPIC) otherwise OpenSSH will not be able to link with it.
-If you must use a non-position-independent libcrypto, then you may need
-to configure OpenSSH --without-pie.  Note that due to a bug in EVP_CipherInit
-OpenSSL 1.1 versions prior to 1.1.0g can't be used.
+(i.e. -fPIC, eg by configuring OpenSSL as "./config [options] -fPIC"
+or LibreSSL as "CFLAGS=-fPIC ./configure") otherwise OpenSSH will not
+be able to link with it.  If you must use a non-position-independent
+libcrypto, then you may need to configure OpenSSH --without-pie.

 If you build either from source, running the OpenSSL self-test ("make
 tests") or the LibreSSL equivalent ("make check") and ensuring that all