[openssl-dev] OpenSSL version 1.1.0 pre release 2 published

Corinna Vinschen vinschen at redhat.com
Sun Jan 17 17:17:38 UTC 2016


On Jan 17 17:30, Richard Levitte wrote:
> In message <20160117153235.GB9897 at calimero.vinschen.de> on Sun, 17 Jan 2016 16:32:35 +0100, Corinna Vinschen <vinschen at redhat.com> said:
> [...]
> vinschen> This is pretty non-standard.  By not allowing to extend CFLAGS from the
> vinschen> environment, you require all distros to patch the OpenSSL package to fit
> vinschen> their needs in terms of the build flags.
> 
> Actually, I forgot another possibility, to just pass them on the
> Configure / config command line, like so:
> 
>     ./config -ggdb -O2 -pipe -Wimplicit-function-declaration \
>       -fdebug-prefix-map=${BUILDDIR}=/usr/src/debug/openssl-1.1.0-pre2-1 \
>       -fdebug-prefix-map=${SOURCEDIR}=/usr/src/debug/openssl-1.1.0-pre2-1
> 
> Basically, anything start with a dash or plus that Configure doesn't
> recognise as its own, it will pass down:
> 
>   * if it starts with -l. -L or -Wl, into EX_LIBS, which is
>     essentially flags to the linker.
>   * otherwise, into CFLAG / CFLAGS.
> 
> Can't believe I forgot to mention that, considering I use it all the
> time...

This works.  I can't believe this worked so simple all the time.  Is
that documented somewhere?  If not, it certainly should.

> vinschen>      CFLAGS+=$(OPENSSL_CFLAGS)
> 
> += is a GNU make extension, and therefore a no can do.  We need to
> stay with generic make.

I expected that but had to point it out ;)

> vinschen>   OPENSSL_CFLAGS= -D_WINDLL -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS[...etc...]
> vinschen>   CFLAGS="${BUILD_CFLAGS) $(OPENSSL_CFLAGS)"
> vinschen> 
> vinschen> and the package build system has to set $BUILD_CFLAGS.  That would
> vinschen> be sufficient as well.
> 
> If my info about the Configure command line above wasn't good enough,
> I do have a fairly simple idea on how to allow for using environment
> variables to expand the diverse flag items, more or less directly into
> the target structure.

I guess it's your choice then.  The above seems to work nicely for us,
so there's no pressure.  It would be good to know if that helps for
Debian as well, of course.


Thanks,
Corinna

-- 
Corinna Vinschen
Cygwin Maintainer
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160117/fbcd64dd/attachment.sig>


More information about the openssl-dev mailing list