From fe42a8011b25797afa48cf0359c7e2753b2ece5f Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Thu, 20 Aug 2020 09:30:21 -0500 Subject: Configure libtls and nc(1) to statically link to libcrypto/ssl An issue that Reyk Floeter noted while building a Debian package for LibreSSL is that installing libtls along with OpenSSL causes linker issues since it will often pick up the wrong libcrypto/libssl. This change makes libtls statically link the object files it needs rather than relying on the shared libraries, effectively making libtls self-contained and able to be packaged independently. This should make it possible for other projects that also use libtls to be able to package support without requiring the target OS to ship libcrypto / libssl from LibreSSL. https://salsa.debian.org/reyk-guest/libressl/-/commit/678278df55ce866f2f363998ca690442fa786c66 --- apps/nc/Makefile.am | 6 +++--- configure.ac | 3 +-- libtls.pc.in | 3 +-- tls/Makefile.am | 6 +++--- 4 files changed, 8 insertions(+), 10 deletions(-) diff --git a/apps/nc/Makefile.am b/apps/nc/Makefile.am index 4b5b561..135ff4b 100644 --- a/apps/nc/Makefile.am +++ b/apps/nc/Makefile.am @@ -12,9 +12,9 @@ endif EXTRA_DIST = nc.1 EXTRA_DIST += CMakeLists.txt -nc_LDADD = $(abs_top_builddir)/crypto/libcrypto.la -nc_LDADD += $(abs_top_builddir)/ssl/libssl.la -nc_LDADD += $(abs_top_builddir)/tls/libtls.la +nc_LDFLAGS = $(abs_top_builddir)/crypto/.libs/libcompat.a + +nc_LDADD = $(abs_top_builddir)/tls/libtls.la nc_LDADD += $(PLATFORM_LDADD) $(PROG_LDADD) AM_CPPFLAGS += -I$(top_srcdir)/apps/nc/compat diff --git a/configure.ac b/configure.ac index 75b88fe..3aca617 100644 --- a/configure.ac +++ b/configure.ac @@ -29,8 +29,7 @@ USER_CFLAGS="$CFLAGS" AC_PROG_CC([cc gcc]) AC_PROG_CC_STDC AM_PROG_CC_C_O -AC_PROG_LIBTOOL -LT_INIT +LT_INIT([pic-only]) CHECK_OS_OPTIONS diff --git a/libtls.pc.in b/libtls.pc.in index 82a6a71..0d4e625 100644 --- a/libtls.pc.in +++ b/libtls.pc.in @@ -9,8 +9,7 @@ Name: LibreSSL-libtls Description: Secure communications using the TLS socket protocol. Version: @VERSION@ Requires: -Requires.private: libcrypto libssl Conflicts: Libs: -L${libdir} -ltls -Libs.private: @LIBS@ -lcrypto -lssl @PLATFORM_LDADD@ +Libs.private: @LIBS@ @PLATFORM_LDADD@ Cflags: -I${includedir} diff --git a/tls/Makefile.am b/tls/Makefile.am index 942abf9..c4790a4 100644 --- a/tls/Makefile.am +++ b/tls/Makefile.am @@ -7,9 +7,9 @@ EXTRA_DIST += CMakeLists.txt EXTRA_DIST += tls.sym libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@ -no-undefined -export-symbols $(top_srcdir)/tls/tls.sym -libtls_la_LIBADD = $(abs_top_builddir)/ssl/libssl.la -libtls_la_LIBADD += $(abs_top_builddir)/crypto/libcrypto.la -libtls_la_LIBADD += $(PLATFORM_LDADD) +libtls_la_LDFLAGS += $(abs_top_builddir)/ssl/.libs/libssl.a +libtls_la_LDFLAGS += $(abs_top_builddir)/crypto/.libs/libcrypto.a +libtls_la_LIBADD = $(PLATFORM_LDADD) libtls_la_CPPFLAGS = $(AM_CPPFLAGS) if OPENSSLDIR_DEFINED -- cgit v1.2.3-55-g6feb From 5a29b0472d5d0d1aa9936e430a87299fdb0f17ba Mon Sep 17 00:00:00 2001 From: kinichiro Date: Sun, 20 Sep 2020 13:37:52 +0900 Subject: Link crypto and ssl object files directly instead of static library - Output object files list variable for libcrypto and libssl to .mk file. - Include object files list variable .mk from tls/Makefile - Link .lo files directly instead of static library for libtls. --- apps/nc/Makefile.am | 2 +- crypto/Makefile.am | 13 +++++++++++++ ssl/Makefile.am | 9 +++++++++ tls/Makefile.am | 11 ++++++++--- 4 files changed, 31 insertions(+), 4 deletions(-) diff --git a/apps/nc/Makefile.am b/apps/nc/Makefile.am index 135ff4b..d678f1e 100644 --- a/apps/nc/Makefile.am +++ b/apps/nc/Makefile.am @@ -12,7 +12,7 @@ endif EXTRA_DIST = nc.1 EXTRA_DIST += CMakeLists.txt -nc_LDFLAGS = $(abs_top_builddir)/crypto/.libs/libcompat.a +nc_LDFLAGS = $(abs_top_builddir)/crypto/.libs/libcrypto.a nc_LDADD = $(abs_top_builddir)/tls/libtls.la nc_LDADD += $(PLATFORM_LDADD) $(PROG_LDADD) diff --git a/crypto/Makefile.am b/crypto/Makefile.am index 7fcfc02..97a84e1 100644 --- a/crypto/Makefile.am +++ b/crypto/Makefile.am @@ -20,6 +20,7 @@ EXTRA_DIST += compat/strcasecmp.c BUILT_SOURCES = crypto_portable.sym CLEANFILES = crypto_portable.sym +CLEANFILES += libcrypto_la_objects.mk crypto_portable.sym: crypto.sym Makefile -echo "generating crypto_portable.sym ..." @@ -93,8 +94,20 @@ if HOST_WIN -mv crypto_portable.sym.tmp crypto_portable.sym endif +libcrypto_la_objects.mk: Makefile + @echo "libcrypto_la_objects= $(libcrypto_la_OBJECTS)" \ + | sed 's/ */ $$\(abs_top_builddir\)\/crypto\//g' \ + > libcrypto_la_objects.mk + @echo "libcompat_la_objects= $(libcompat_la_OBJECTS)" \ + | sed 's/ */ $$\(abs_top_builddir\)\/crypto\//g' \ + >> libcrypto_la_objects.mk + @echo "libcompatnoopt_la_objects= $(libcompatnoopt_la_OBJECTS)" \ + | sed 's/ */ $$\(abs_top_builddir\)\/crypto\//g' \ + >> libcrypto_la_objects.mk + libcrypto_la_LDFLAGS = -version-info @LIBCRYPTO_VERSION@ -no-undefined -export-symbols crypto_portable.sym EXTRA_libcrypto_la_DEPENDENCIES = crypto_portable.sym +EXTRA_libcrypto_la_DEPENDENCIES += libcrypto_la_objects.mk libcrypto_la_LIBADD = libcompat.la if !HAVE_EXPLICIT_BZERO libcrypto_la_LIBADD += libcompatnoopt.la diff --git a/ssl/Makefile.am b/ssl/Makefile.am index dded59f..4c4e594 100644 --- a/ssl/Makefile.am +++ b/ssl/Makefile.am @@ -6,6 +6,15 @@ EXTRA_DIST = VERSION EXTRA_DIST += CMakeLists.txt EXTRA_DIST += ssl.sym +CLEANFILES = libssl_la_objects.mk + +EXTRA_libssl_la_DEPENDENCIES = libssl_la_objects.mk + +libssl_la_objects.mk: Makefile + @echo "libssl_la_objects= $(libssl_la_OBJECTS)" \ + | sed 's/ */ $$\(abs_top_builddir\)\/ssl\//g' \ + > libssl_la_objects.mk + libssl_la_LDFLAGS = -version-info @LIBSSL_VERSION@ -no-undefined -export-symbols $(top_srcdir)/ssl/ssl.sym libssl_la_LIBADD = $(abs_top_builddir)/crypto/libcrypto.la $(PLATFORM_LDADD) diff --git a/tls/Makefile.am b/tls/Makefile.am index c4790a4..4cea3a2 100644 --- a/tls/Makefile.am +++ b/tls/Makefile.am @@ -1,5 +1,8 @@ include $(top_srcdir)/Makefile.am.common +-include $(abs_top_builddir)/crypto/libcrypto_la_objects.mk +-include $(abs_top_builddir)/ssl/libssl_la_objects.mk + lib_LTLIBRARIES = libtls.la EXTRA_DIST = VERSION @@ -7,9 +10,11 @@ EXTRA_DIST += CMakeLists.txt EXTRA_DIST += tls.sym libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@ -no-undefined -export-symbols $(top_srcdir)/tls/tls.sym -libtls_la_LDFLAGS += $(abs_top_builddir)/ssl/.libs/libssl.a -libtls_la_LDFLAGS += $(abs_top_builddir)/crypto/.libs/libcrypto.a -libtls_la_LIBADD = $(PLATFORM_LDADD) +libtls_la_LIBADD = $(libcrypto_la_objects) +libtls_la_LIBADD += $(libcompat_la_objects) +libtls_la_LIBADD += $(libcompatnoopt_la_objects) +libtls_la_LIBADD += $(libssl_la_objects) +libtls_la_LIBADD += $(PLATFORM_LDADD) libtls_la_CPPFLAGS = $(AM_CPPFLAGS) if OPENSSLDIR_DEFINED -- cgit v1.2.3-55-g6feb