[Buildroot] [git commit] netsnmp: fix static build failure due to missing -lssl and -lz
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Fri Oct 12 20:08:45 UTC 2018
Hello,
On Thu, 11 Oct 2018 22:26:42 +0200, Peter Korsgaard wrote:
> diff --git a/package/netsnmp/0003-configure-Invert-AC_CHECK_LIB-EVP_md5-.-without-lz-w.patch b/package/netsnmp/0003-configure-Invert-AC_CHECK_LIB-EVP_md5-.-without-lz-w.patch
> new file mode 100644
> index 0000000000..5cbc35600f
> --- /dev/null
> +++ b/package/netsnmp/0003-configure-Invert-AC_CHECK_LIB-EVP_md5-.-without-lz-w.patch
> @@ -0,0 +1,41 @@
> +From 77062d4a76f5dbd8aee03a25e9eb514b7d924bcc Mon Sep 17 00:00:00 2001
> +From: Giulio Benetti <giulio.benetti at micronovasrl.com>
> +Date: Mon, 17 Sep 2018 21:44:20 +0200
> +Subject: [PATCH 3/3] configure: Invert AC_CHECK_LIB(EVP_md5,..) without -lz
> + with -lz
> +
> +First AC_CHECK_LIB(EVP_md5,...) is going to succeed due to
> +[other-libraries] fields, but in that case it won't add -lz to LIBCRYPTO
> +resulting in failing AC_CHECH_FUNCS() with LIBS=LIBCRYPTO.
> +
> +Try AC_CHECK_LIB(EVP_md5,..) where LIBS can miss -lz
> +and in action-if-not-found try AC_CHECK_LIB(EVP_md5,...) without -lz.
> +In the first case append -lz to LIBCRYPTO, in the second don't.
> +This is done to check if -lz is present and used in -lcrypto.
> +
> +Signed-off-by: Giulio Benetti <giulio.benetti at micronovasrl.com>
> +---
> + configure.d/config_os_libs2 | 5 ++---
> + 1 file changed, 2 insertions(+), 3 deletions(-)
> +
> +diff --git a/configure.d/config_os_libs2 b/configure.d/config_os_libs2
> +index 81788a209..bfd14c191 100644
> +--- a/configure.d/config_os_libs2
> ++++ b/configure.d/config_os_libs2
> +@@ -307,11 +307,10 @@ if test "x$tryopenssl" != "xno" -a "x$tryopenssl" != "xinternal"; then
> +
> + if test x$CRYPTO = x; then
> + AC_CHECK_LIB([crypto], [EVP_md5],
> +- [CRYPTO="crypto"; LIBCRYPTO="-lcrypto"], [
> ++ [CRYPTO="crypto"; LIBCRYPTO="-lcrypto -lz"], [
> + unset ac_cv_lib_crypto_EVP_md5
> + AC_CHECK_LIB([crypto], [EVP_md5],
> +- [CRYPTO="crypto"; LIBCRYPTO="-lcrypto -lz"], [],
> +- [-lz])
> ++ [CRYPTO="crypto"; LIBCRYPTO="-lcrypto"], [])
> + ])
This patch is really not great, because it means that in a
dynamically-linked scenario, we will be linked against both libcrypto
and libz, while linking against libcrypto is sufficient.
Once again, when you have the situation of an application A that uses
OpenSSL, you have two cases:
- When dynamic linking, application A only needs to link against
libssl/libcrypto. The fact that OpenSSL indirectly uses libz is
totally transparent, and the application A does not need to link
against libz, and in fact ideally should *not* link against libz.
- When static linking, application A needs to link against both
libssl/libcrypto *and* libz, because static linking doesn't take
care of transitive dependencies.
With your fix, the application A will always be linked against openssl
*and* libz, regardless of whether dynamic linking and static linking is
used.
I don't understand why you had to invert the test. It should have
worked the way it was: first try with -lcrypto (should work in dynamic
linking case), and if it doesn't try with -lcrypto -lz (should work in
static linking case). Inverting the two cases not good, and in fact
makes no sense: if -lcrypto -lz fails, there is no reason for -lcrypto
to work, so the second test becomes entirely useless.
Best regards,
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list