[openssl-dev] OpenSSL version 1.1.0 pre release 2 published
Corinna Vinschen
vinschen at redhat.com
Sat Jan 16 18:37:24 UTC 2016
On Jan 14 15:44, Richard Levitte wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> OpenSSL version 1.1.0 pre release 2 (alpha)
> ===========================================
I tried to build this for Cygwin and got some problems.
First, with 1,0.2, we built the Cygwin package with the options
enable-tlsext and no-krb5. The 1.1.0 notes mention that Kerberos
ciphersuite support has been removed, so am I right that "no-krb5" just
isn't required anymore? And what about "enable-tlsext"? Is that
unchangable default now?
Second, it doesn't build. I configured as usual for the Cygwin distro
with the following set of options:
shared zlib enable-camellia enable-seed enable-rfc3779 enable-cms \
enable-md2 no-idea no-rc5 [omitting enable-tlsext and no-krb5]
The build bailed out with the following error:
gcc [...] -c -o ct_lib.o ct_lib.c
In file included from /usr/include/w32api/windows.h:95:0,
from ../../include/openssl/async.h:60,
from ../../ssl/ssl_locl.h:166,
from ct_lib.c:63:
../../ssl/ssl_locl.h:1110:5: error: expected specifier-qualifier-list before '(' token
X509_EXTENSIONS *tlsext_ocsp_exts;
^
<builtin>: recipe for target 'ct_lib.o' failed
Who had this funny idea to use the Windows definitions when building for
Cygwin?
<pleading>
Please, please, please, Cygwin is a *POSIX* layer. Please don't use
Windows functions on Cygwin, use POSIX functions and POSIX methods,
*unless* it's really necessary.
And please, if you really think that Cygwin is lacking and you have to
fall back to using Windows stuff, please *ask* first. It's really not
helpful to use too much native Windows stuff because you're
circumventing Cygwin's POSIX lauer and you might (i.e will)
inadvertently break something in POSIX applications built for Cygwin.
</pleading>
In this case, since Cygwin supports pthreads, why don't you use
async_posix.h, which is the right thing to do on a POSIX system.
While I was looking into this, I also found the snippet in apps/speed.c
which completely breaks Cygwin POSIX-like signal handling by using
native Win32 functions rather than POSIX signal functions. Please,
please, don't.
Additionally it turned out that the configury used two different
macros to control a Cygwin build for no good reason, OPENSSL_SYS_CYGWIN
and OPENSSL_SYS_WIN32_CYGWIN.
Last but not least, we have a small build problem when building for the
distro: To build the packages with additional debuginfo packages, the
packages must not be built with the -s option, plus we have to induce a
few options for the sake of creating the debuginfo information. Up to
1.0.2 we do this by tweaking openssl's build system. We add an expression
$(OPT_CFLAGS) to the CFLAGS definition for that. If there's a better,
easier way to do this, I'd be grateful for a hint.
The attached patchset fixes all of the above. With this,
openssl-1.1.0-pre2 builds fine for Cygwin.
Thanks,
Corinna
--
Corinna Vinschen
Cygwin Maintainer
Red Hat
-------------- next part --------------
From ab1dba32d73a6c3df6bfebe68c9bd4440260b0d6 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <vinschen at redhat.com>
Date: Sat, 16 Jan 2016 19:30:48 +0100
Subject: [PATCH 1/2] Use POSIX functions on Cygwin, not Win32 function
Signed-off-by: Corinna Vinschen <vinschen at redhat.com>
---
apps/speed.c | 10 +---------
crypto/async/arch/async_posix.h | 2 +-
crypto/async/arch/async_win.h | 2 +-
include/openssl/async.h | 2 +-
test/asynctest.c | 4 ++--
5 files changed, 6 insertions(+), 14 deletions(-)
diff --git a/apps/speed.c b/apps/speed.c
index d45a6f9..5bf1685 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -94,16 +94,8 @@
# include <signal.h>
#endif
-#if defined(_WIN32) || defined(__CYGWIN__)
+#if defined(_WIN32)
# include <windows.h>
-# if defined(__CYGWIN__) && !defined(_WIN32)
- /*
- * <windows.h> should define _WIN32, which normally is mutually exclusive
- * with __CYGWIN__, but if it didn't...
- */
-# define _WIN32
- /* this is done because Cygwin alarm() fails sometimes. */
-# endif
#endif
#include <openssl/bn.h>
diff --git a/crypto/async/arch/async_posix.h b/crypto/async/arch/async_posix.h
index c247888..475b56f 100644
--- a/crypto/async/arch/async_posix.h
+++ b/crypto/async/arch/async_posix.h
@@ -54,7 +54,7 @@
#define OPENSSL_ASYNC_ARCH_ASYNC_POSIX_H
#include <openssl/e_os2.h>
-#if defined(OPENSSL_SYS_UNIX) && defined(OPENSSL_THREADS)
+#if (defined(OPENSSL_SYS_UNIX) || defined(OPENSSL_SYS_CYGWIN)) && defined(OPENSSL_THREADS)
# include <unistd.h>
diff --git a/crypto/async/arch/async_win.h b/crypto/async/arch/async_win.h
index b247f59..31f2482 100644
--- a/crypto/async/arch/async_win.h
+++ b/crypto/async/arch/async_win.h
@@ -55,7 +55,7 @@
* This is the same detection used in cryptlib to set up the thread local
* storage that we depend on, so just copy that
*/
-#if defined(_WIN32) || defined(__CYGWIN__)
+#if defined(_WIN32)
#include <openssl/async.h>
# define ASYNC_WIN
# define ASYNC_ARCH
diff --git a/include/openssl/async.h b/include/openssl/async.h
index de5ef89..d130a36 100644
--- a/include/openssl/async.h
+++ b/include/openssl/async.h
@@ -56,7 +56,7 @@
#include <stdlib.h>
-#if defined(_WIN32) || defined(__CYGWIN__)
+#if defined(_WIN32)
#include <windows.h>
#define OSSL_ASYNC_FD HANDLE
#else
diff --git a/test/asynctest.c b/test/asynctest.c
index 3e68b1d..ace52b9 100644
--- a/test/asynctest.c
+++ b/test/asynctest.c
@@ -62,12 +62,12 @@
#include <openssl/crypto.h>
#include <../apps/apps.h>
-#if defined(OPENSSL_SYS_UNIX) && defined(OPENSSL_THREADS)
+#if (defined(OPENSSL_SYS_UNIX) || defined(OPENSSL_SYS_CYGWIN)) && defined(OPENSSL_THREADS)
# include <unistd.h>
# if _POSIX_VERSION >= 200112L
# define ASYNC_POSIX
# endif
-#elif defined(_WIN32) || defined(__CYGWIN__)
+#elif defined(_WIN32)
# define ASYNC_WIN
#endif
--
2.5.0
-------------- next part --------------
From 47e82daf9317a7d04650de2a6ea06eccbed3169c Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <vinschen at redhat.com>
Date: Sat, 16 Jan 2016 19:36:15 +0100
Subject: [PATCH 2/2] Don't strip object files on Cygwin
Building for the Cygwin distro requires to be able to build debuginfo
files. This in turn requires to build object files without stripping.
The stripping is performed by the next step after building which creates
the debuginfo files. This also requires to induce a few gcc options
into the build process which this patch allows by adding a $(OPT_FLAGS)
to cflags.
Signed-off-by: Corinna Vinschen <vinschen at redhat.com>
---
Configurations/10-main.conf | 4 ++--
Makefile.shared | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
index 2f5313e..d732a82 100644
--- a/Configurations/10-main.conf
+++ b/Configurations/10-main.conf
@@ -1224,7 +1224,7 @@
"Cygwin" => {
inherit_from => [ asm("x86_asm") ],
cc => "gcc",
- cflags => "-DTERMIOS -DL_ENDIAN -march=i486 -Wall",
+ cflags => "\$(OPT_CFLAGS) -DTERMIOS -DL_ENDIAN -march=i486 -Wall",
debug_cflags => "-g -O0",
release_cflags => "-O3 -fomit-frame-pointer",
sys_id => "CYGWIN",
@@ -1239,7 +1239,7 @@
"Cygwin-x86_64" => {
inherit_from => [ asm("x86_64_asm") ],
cc => "gcc",
- cflags => "-DTERMIOS -DL_ENDIAN -Wall",
+ cflags => "\$(OPT_CFLAGS) -DTERMIOS -DL_ENDIAN -Wall",
debug_cflags => "-g -O0",
release_cflags => "-O3",
sys_id => "CYGWIN",
diff --git a/Makefile.shared b/Makefile.shared
index 208382e..0ff1a76 100644
--- a/Makefile.shared
+++ b/Makefile.shared
@@ -272,7 +272,7 @@ link_o.cygwin:
SHLIB_SOVER=${LIBVERSION:+"-$(LIBVERSION)"}; \
ALLSYMSFLAGS='-Wl,--whole-archive'; \
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base $$deffile -Wl,-s,-Bsymbolic"; \
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base $$deffile -Wl,-Bsymbolic"; \
$(LINK_SO_O)
#for mingw target if def-file is in use dll-name should match library-name
link_a.cygwin:
@@ -297,7 +297,7 @@ link_a.cygwin:
extras="$$extras rc.o"; \
ALLSYMSFLAGS='-Wl,--whole-archive'; \
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-s,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a $$extras"; \
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a $$extras"; \
[ -f apps/$$dll_name ] && rm apps/$$dll_name; \
[ -f test/$$dll_name ] && rm test/$$dll_name; \
$(LINK_SO_A) || exit 1; \
--
2.5.0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160116/d78ab0ab/attachment.sig>
More information about the openssl-dev
mailing list