[tor-bugs] #33561 [Applications/Tor Browser]: Upgrade openssl to use Android NDK 20

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri May 15 19:22:58 UTC 2020 

#33561: Upgrade openssl to use Android NDK 20
-------------------------------------------------+-------------------------
 Reporter:  sisbell                              |          Owner:  gk
     Type:  defect                               |         Status:
                                                 |  needs_review
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-mobile, tbb-rbm,                 |  Actual Points:
  TorBrowserTeam202005R, GeorgKoppen202005       |
Parent ID:  #33184                               |         Points:
 Reviewer:  sysrqb                               |        Sponsor:
                                                 |  Sponsor58-must
-------------------------------------------------+-------------------------
Changes (by gk):

 * keywords:  tbb-mobile, tbb-rbm, TorBrowserTeam202005, GeorgKoppen202005
     => tbb-mobile, tbb-rbm, TorBrowserTeam202005R, GeorgKoppen202005
 * status:  needs_revision => needs_review


Comment:

 Replying to [comment:11 gk]:
 > Similar to comment:12:ticket:33760 specifying `clang` as our compiler is
 not correct anymore with NDK 20. The fix for that is included on
 `bug_33561_v3` (https://gitweb.torproject.org/user/gk/tor-browser-
 build.git/commit/?h=bug_33561_v3&id=696b8717e0d9d33b8a5503f3c770513b8c045cc4).

 To be clear just sticking to `clang` would not break things as the OpenSSL
 build system is... well smart enough to cope with that and folks are even
 [https://proandroiddev.com/tutorial-compile-openssl-to-1-1-1-for-android-
 application-87137968fee proposing this setup]. But we should do the right
 thing, though, to use the wrapper, as we do in our other projects, that is
 invoking the final `clang` with additional arguments.

 > There might still be more as `tor` is choking now but I am not sure yet
 this is an `openssl` project related bug. From `tor`'s `config.log`:
 > {{{
 > configure:9857: armv7a-linux-androideabi16-clang -o conftest -g -O2
 -I/var/tmp/dist/openssl/openssl/include
 -L/var/tmp/dist/openssl/openssl/lib  conftest.c -llog  -lssl -lcrypto
 >&5
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(armcap.o):armcap.c:function
 OPENSSL_cpuid_setup: error: undefined reference to 'sigfillset'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(armcap.o):armcap.c:function
 OPENSSL_cpuid_setup: error: undefined reference to 'sigdelset'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(armcap.o):armcap.c:function
 OPENSSL_cpuid_setup: error: undefined reference to 'sigdelset'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(armcap.o):armcap.c:function
 OPENSSL_cpuid_setup: error: undefined reference to 'sigdelset'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(armcap.o):armcap.c:function
 OPENSSL_cpuid_setup: error: undefined reference to 'sigdelset'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(cryptlib.o):cryptlib.c:function
 OPENSSL_showfatal: error: undefined reference to 'stderr'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(eng_openssl.o):eng_openssl.c:function
 openssl_load_privkey: error: undefined reference to 'stderr'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(eng_openssl.o):eng_openssl.c:function
 test_rc4_init_key: error: undefined reference to 'stderr'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(ui_openssl.o):ui_openssl.c:function
 open_console: error: undefined reference to 'tcgetattr'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(ui_openssl.o):ui_openssl.c:function
 open_console: error: undefined reference to 'stdin'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(ui_openssl.o):ui_openssl.c:function
 open_console: error: undefined reference to 'stderr'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(ui_openssl.o):ui_openssl.c:function
 close_console: error: undefined reference to 'stdin'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(ui_openssl.o):ui_openssl.c:function
 read_string_inner: error: undefined reference to 'signal'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(ui_openssl.o):ui_openssl.c:function
 read_string_inner: error: undefined reference to 'tcsetattr'
 >
 /var/tmp/dist/openssl/openssl/lib/libcrypto.a(ui_openssl.o):ui_openssl.c:function
 read_string_inner: error: undefined reference to 'tcsetattr'
 > clang: error: linker command failed with exit code 1 (use -v to see
 invocation)
 > }}}

 The problem here is that we compiled OpenSSL with a different
 `ANDROID_API` than tor. Previously with NDK 17 the clang wrapper passed
 down the right `ANDROID_API` but that is not done explicitly anymore. Now,
 this is handled by wrappers like `aarch64-linux-android21-clang` which
 pass the `ANDROID_API` in the target argument but OpenSSL is not really
 picking that up. Rather, we need to specify `-D__ANDROID_API__` ourselves
 for the configure script.

 `bug_33561_v4` (https://gitweb.torproject.org/user/gk/tor-browser-
 build.git/commit/?h=bug_33561_v4&id=5fdbfc5a4a8082843877028135a649c783d2ef40)
 has a working patch taking that into account.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33561#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list