[stunnel-users] [BUG] SSL directory scan breaks cross-compilation
Michal Trojnara
Michal.Trojnara at mirt.net
Mon Nov 3 17:29:11 CET 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
John Spencer wrote:
> Michal Trojnara wrote:
>> John Spencer wrote:
>>
>>> the concept of searching for a library directory is completely
>>> broken. if just adding -lssl -lcrypto to LDFLAGS doesnt find
>>> the openssl libraries at link time, the user's compiler
>>> toolchain is wrongly set up, and its not the job of a package
>>> to work around that by searching through a number of
>>> directories. it's the user's job to fix his toolchain by
>>> supplying the right -L paths in case he's got his library
>>> installed in a non-standard location.
>>
>> So is the concept of installing headers by default in
>> /usr/local/ssl/include rather than /usr/local/include...
>
> who does that ?
OpenSSL does. This is the default directory. 8-)
> either way, if a user installed a custom ssl version into
> $prefix/local instead of the default prefix, he will definitely not
> expect that the configure script will detect his non-standard local
> version and use it automatically.
In fact stunnel only searches *standard* directories used by various
port systems. It may happen that a users chose those same directory,
but this is not why I wrote this detection loop.
> but in general, openssl needs no special include dirs, no special
> CFLAGS, and works by just adding "-lssl -lcrypto -lz" to the
> linker command line (the -lz covers static linking as openssl
> depends on zlib). from C code it's supposed to be used like:
> #include <openssl/ssl.h> i.e. referencing the openssl dir in the
> standard include dir. no need to add any fancy -I references for
> the preprocessing.
This is an interesting observation. Now do you usually build OpenSSL
on platforms that do not have it pre-packaged?
- From the OpenSSL "INSTALL" file:
# Quick Start
# -----------
#
# If you want to just get on with it, do:
#
# $ ./config
# $ make
# $ make test
# $ make install
#
# [If any of these steps fails, see section Installation in Detail
below.]
#
# This will build and install OpenSSL in the default location, which
is (for
# historical reasons) /usr/local/ssl. If you want to install it
anywhere else,
# run config like this:
#
# $ ./config --prefix=/usr/local --openssldir=/usr/local/openssl
> interesting. i'm seeing this "-I=" usage the first time. do you
> have a reference explaining it ?
man gcc
Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlRXrVcACgkQ/NU+nXTHMtEvWACffe0VgvUqzxqKn2RiRDPIhJS+
lPUAn1E/4el6GUyKMjM76Jx2SAjXjDlR
=491t
-----END PGP SIGNATURE-----
More information about the stunnel-users
mailing list