makefileopenssllinkerstatic-linkinglibssl

Error linking SSL and crypto libraries installed in custom location


I am trying to create a shared library that is to be linked against OpenSSL-1.0.2p which depends on libssl1.0. The installed version of OpenSSL on my ubuntu bionic machine is however OpenSSL-1.1.1 which internally uses libssl1.1.

Since I do not wish to install OpenSSL-1.0 system-wide, I downloaded and compiled it separately installing it into a folder inside my home directory.

I wish to use this location against which I would want my shared library to link. Here is the Makefile for the shared library that I am trying to create:

APPBASE=/home/AB/Documents/APP/APP_2.17.0
OPENSSL1.0.2p_INSTALL_LOC=/home/AB/Documents/APP/OpenSSL-1.0.2p-installation
CC=gcc
#CFLAGS= -Wall -g -O -fPIC
CFLAGS= -Wall -g -O -static
RM= rm -f
.PHONY: all clean

src=$(wildcard *Generic/*.c *Linux/*.c)
$(info source=$(src))

#we use the custom compiled openssl version
#and NOT the one available on the system
#INC=-I/usr/include/openssl
INC+=-I$(OPENSSL1.0.2p_INSTALL_LOC)/include/openssl
INC+=$(foreach d,$(incdir),-I$d)
$(info includes=$(INC))

LIB=-L$(OPENSSL1.0.2p_INSTALL_LOC)/lib
LIB+=-l:libssl.a -l:libcrypto.a

# looks like we need this for proper static linking of libc
LIB+= -static-libgcc

$(info links=$(LIB))

obj=$(src:.c=.o)

#all: libAPP.so
all: libAPP.a

clean:
    $(RM) *.o *.so
    $(shell find $(APPBASE) -type f -iname "*.o" -exec rm -rf {} \;)

.c.o:
    ${CC} ${CFLAGS} $(INC) -c $< -o $@
    #${CC} ${CFLAGS} $(INC) -c $< -o $@

libAPP.a: $(obj)
    @ar rcs $@ $^ 
    #$(LINK.c) -shared $^ -o $@

However, make reports that the header files being included are from the system's openssl installation and hence the compile is failing (since it is expecting OpenSSL-1.0.2p). Here's a sample:

In file included from /usr/include/openssl/e_os2.h:13:0,
                 from /usr/include/openssl/bio.h:13,
                 from /usr/include/openssl/x509v3.h:13,
                 .... (source file 1)

gcc -static -Wall -g -O -fPIC -I/home/AB/Documents/APP/OpenSSL-1.0.2p-installation/include/openssl -I*/path/to/app/include1* -I*/path/to/app/include2* -c */path/to/src1* -L/home/AB/Documents/APP/OpenSSL-1.0.2p-installation/lib -lssl -lcrypto
sr1.c: In function ‘Get_CACertificates’: warning: implicit declaration of function ‘CRYPTO_w_lock’; did you mean ‘CRYPTO_zalloc’? [-Wimplicit-function-declaration]
             CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
             ^~~~~~~~~~~~~
             CRYPTO_zalloc

CRYPTO_w_lock is a macro which is no longer present in the latest version of crypto.h (OpenSSL-1.1) which makes it clear that my application is still looking at the system version of OpenSSL.

Within my source files, I am including the SSL header files like so:

#include <openssl/bio.h>
#include <openssl/ssl.h>
#include <openssl/err.h>

Although angular braces are supposed to tell the compiler to look into the system's header files, doesn't the -L on the command line as well as the -I flags force it to look for them in the said directories before looking at the system files?

I do have a crypto.h file in the custom install location for OpenSSL but the compiler seems to be ignore it for some reason

ab@ab1-pc:/home/AB/Documents/APP/OpenSSL-1.0.2p-installation$ find . -iname "crypto.h"
./include/openssl/crypto.h

What am I missing here?

UPDATE 1: As suggested by Darren, removed the trailing openssl so now my include path is INC+=-I$(OPENSSL1.0.2p_INSTALL_LOC)/include and voila I can see the shared library getting created. However when I try to find references to ssl within this newly minted shared library, I see that I have 87 entries (which includes ALL symbols having ssl as part of their name)

ab@ab1-pc:~/Documents/AB/APP_2.17.0$ nm libAPP.so | grep -i "ssl" | wc -l 87

whereas listing only the global symbols from libssl.a tells me it has 1113 globally defined symbols.

ab@ab1-pc:~/Documents/AB/APP_2.17.0$ nm -g ../OpenSSL-1.0.2p-installation/lib/libssl.a | grep -i "ssl" | wc -l 1113

Shouldn't the former count be MORE than the latter?? Has it got something to do with the fact that my 'app' is a shared library? Even then shouldn't it pull in ALL the symbols (at least the global ones) from any static libraries it links against??

UPDATE 2: Now apparently since I was facing issues with SSL symbols, I switched to creating a static library so made changes to the makefile accordingly.


Solution

  • In this line:

    INC+=-I$(OPENSSL1.0.2p_INSTALL_LOC)/include/openssl
    

    ... try changing it to:

    INC+=-I$(OPENSSL1.0.2p_INSTALL_LOC)/include
    

    ... i.e., without the 'openssl' part.

    Your includes, e.g.,

    #include <openssl/bio.h>
    #include <openssl/ssl.h>
    #include <openssl/err.h>
    

    ... expect directory search paths to terminate on the 'include/', not on the 'openssl'.