[tor-bugs] #27802 [Core Tor/Tor]: OpenSSL 1.1.0 issue during static link

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Sep 20 23:32:21 UTC 2018


#27802: OpenSSL 1.1.0 issue during static link
--------------------+------------------------------
 Reporter:  cretz   |          Owner:  (none)
     Type:  defect  |         Status:  new
 Priority:  Medium  |      Component:  Core Tor/Tor
  Version:          |       Severity:  Normal
 Keywords:          |  Actual Points:
Parent ID:          |         Points:
 Reviewer:          |        Sponsor:
--------------------+------------------------------
 Here's my configure call (using Tor 0.3.5.1-alpha in my case):

 {{{
 sh ./configure --prefix=/home/cretz/work/bine/gopath/src/github.com/cretz
 /tor-static/tor/dist --disable-gcc-hardening --disable-system-torrc
 --disable-asciidoc --enable-static-libevent --with-libevent-
 dir=/home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../libevent/dist --enable-static-openssl --with-openssl-
 dir=/home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist --enable-static-zlib --with-zlib-
 dir=/home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist --enable-static-tor
 }}}

 Note, this all works fine with OpenSSL 1.0.x. Running gets:

 {{{
 configure: Now, we'll look for OpenSSL >= 1.0.1
 checking for openssl directory... configure: WARNING: Could not find a
 linkable openssl.  If you have it installed somewhere unusual, you can
 specify an explicit path using --with-openssl-dir
 configure: WARNING: On Debian, you can install openssl using "apt-get
 install libssl-dev"
 configure: error: Missing libraries; unable to proceed.
 }}}

 Looking in config.log where it's checking OpenSSL:

 {{{
 configure:9656: Now, we'll look for OpenSSL >= 1.0.1
 configure:9677: checking for openssl directory
 configure:9732: gcc -o conftest -g -O2 -static
 -I/home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/include
 -L/home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib  conftest.c -lpthread -ldl  -lssl -lcrypto
 >&5
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(b_addr.o): In function
 `BIO_lookup':
 b_addr.c:(.text+0xc9c): warning: Using 'getaddrinfo' in statically linked
 applications requires at runtime the shared libraries from the glibc
 version used for linking
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(b_sock.o): In function
 `BIO_gethostbyname':
 b_sock.c:(.text+0x71): warning: Using 'gethostbyname' in statically linked
 applications requires at runtime the shared libraries from the glibc
 version used for linking
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(threads_pthread.o): In function
 `CRYPTO_THREAD_lock_new':
 threads_pthread.c:(.text+0x25): undefined reference to
 `pthread_rwlock_init'
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(threads_pthread.o): In function
 `CRYPTO_THREAD_read_lock':
 threads_pthread.c:(.text+0x65): undefined reference to
 `pthread_rwlock_rdlock'
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(threads_pthread.o): In function
 `CRYPTO_THREAD_write_lock':
 threads_pthread.c:(.text+0x85): undefined reference to
 `pthread_rwlock_wrlock'
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(threads_pthread.o): In function
 `CRYPTO_THREAD_unlock':
 threads_pthread.c:(.text+0xa5): undefined reference to
 `pthread_rwlock_unlock'
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(threads_pthread.o): In function
 `CRYPTO_THREAD_lock_free':
 threads_pthread.c:(.text+0xca): undefined reference to
 `pthread_rwlock_destroy'
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(threads_pthread.o): In function
 `CRYPTO_THREAD_run_once':
 threads_pthread.c:(.text+0xf5): undefined reference to `pthread_once'
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(threads_pthread.o): In function
 `CRYPTO_THREAD_init_local':
 threads_pthread.c:(.text+0x115): undefined reference to
 `pthread_key_create'
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(threads_pthread.o): In function
 `CRYPTO_THREAD_set_local':
 threads_pthread.c:(.text+0x147): undefined reference to
 `pthread_setspecific'
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(threads_pthread.o): In function
 `CRYPTO_THREAD_cleanup_local':
 threads_pthread.c:(.text+0x167): undefined reference to
 `pthread_key_delete'
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(threads_pthread.o): In function
 `CRYPTO_THREAD_get_local':
 threads_pthread.c:(.text+0x133): undefined reference to
 `pthread_getspecific'
 /home/cretz/work/bine/gopath/src/github.com/cretz/tor-
 static/tor/../openssl/dist/lib/libcrypto.a(threads_pthread.o): In function
 `CRYPTO_THREAD_get_current_id':
 threads_pthread.c:(.text+0x181): undefined reference to `pthread_self'
 /usr/lib/gcc/x86_64-linux-gnu/5/libgcc_eh.a(unwind-dw2.o): In function
 `uw_init_context_1':
 (.text+0x1e0d): undefined reference to `pthread_once'
 collect2: error: ld returned 1 exit status
 }}}

 And also:

 {{{
 configure:9732: gcc -o conftest -g -O2 -static   conftest.c -lpthread -ldl
 -lssl -lcrypto   >&5
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_globallookup':
 (.text+0x11): undefined reference to `dlopen'
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_globallookup':
 (.text+0x24): undefined reference to `dlsym'
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_globallookup':
 (.text+0x2f): undefined reference to `dlclose'
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_bind_func':
 (.text+0x334): undefined reference to `dlsym'
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_bind_func':
 (.text+0x3db): undefined reference to `dlerror'
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_bind_var':
 (.text+0x454): undefined reference to `dlsym'
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_bind_var':
 (.text+0x4fb): undefined reference to `dlerror'
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_load':
 (.text+0x569): undefined reference to `dlopen'
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_load':
 (.text+0x5cb): undefined reference to `dlclose'
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_load':
 (.text+0x603): undefined reference to `dlerror'
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_pathbyaddr':
 (.text+0x69f): undefined reference to `dladdr'
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_pathbyaddr':
 (.text+0x709): undefined reference to `dlerror'
 /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-
 gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_unload':
 (.text+0x762): undefined reference to `dlclose'
 collect2: error: ld returned 1 exit status
 }}}

 This is happening because the gcc call is putting -lssl and -lcrypto after
 -lpthread and -ldl instead of before it. This apparently has been
 happening a long time (see #12720) and I can't find any recent blame to
 cause this. I have also confirmed this is happening in Windows using MinGW
 on static builds too.

 Please adjust TOR_SEARCH_LIBRARY or whatever is needed to make sure the
 -lssl and -lcrypto appear first on these checks. In the meantime, devs can
 solve this by setting the LIBS env var to "-lssl -lcrypto -lcrypt32
 -lgdi32 -lws2_32" at least on Windows and presumably "-lssl -lcrypto
 -lpthread -ldl" on Linux (running into #6623 on Linux, so unsure).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27802>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list