[Buildroot] [PATCH 1/1] package/lxc: switch from gnutls to openssl
Fabrice Fontaine
fontaine.fabrice at gmail.com
Sun Jul 28 21:20:08 UTC 2019
Dear all,
Le dim. 28 juil. 2019 à 11:32, Yann E. MORIN <yann.morin.1998 at free.fr> a écrit :
>
> Thomas, Fabrice, Jérôme, All,
>
> On 2019-07-27 22:42 +0200, Thomas Petazzoni spake thusly:
> > On Fri, 5 Jul 2019 18:50:40 +0200
> > Fabrice Fontaine <fontaine.fabrice at gmail.com> wrote:
> >
> > > Fixes:
> > > - http://autobuild.buildroot.org/results/c0a9565ae65336d55cdedc67adff221a7fa1a2c8
> > >
> > > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
> >
> > Thanks, but this is not entirely convincing, for two reasons:
> >
> > - The actual build failure is due to libgnutls.so using __atomic
> > built-ins, without being linked to libatomic.so. This is a problem
> > that can affect any other package that uses libgnutls.so (and a
> > question is why we're not seeing more failures like this, from other
> > packages that use libgnutls).
> >
> > - Switching to openssl is certainly OK, but the lxc configure.ac logic
> > does just OPENSSL_LIBS='-lssl -lcrypto', which is pretty much
> > guaranteed to fail in static linking scenarios, as it doesn't
> > account for second-order dependencies of openssl (the classic -lz
> > missing).
> >
> > Could you have a look at the libgnutls.so/libatomic.so issue, and
gnutls issue was fixed by https://patchwork.ozlabs.org/patch/1132098
which was sent a few days after the lxc's patch so this patch is not
really needed anymore. I'll set it as non applicable.
> > double check if lxc/openssl builds fine in a static linking
> > configuration ? For the latter, it is possible that lxc already depends
> > on libz for another reason, in which case the problem will not be
> > visible.
For the record, lxc already depends on dynamic library since 2015 and
https://git.buildroot.net/buildroot/commit/package/lxc?id=29a6df448dd6b4e70594254803412350111be091
>
> Although I agree with Thomas' review, we'll nonetheless have to
> understand and/or fix the -lz issue when we next bump lxz, as that new
> version *will* have switched to using openssl instead of gnutls anyway.
lxc released 3.2.1, I'll send a new patch for this bump.
>
> So I would say that, barring a good explanations about the atomic issue,
> this backport from upstream is good-enough (with -lz fixed/explained).
>
> Regards,
> Yann E. MORIN.
>
> --
> .-----------------.--------------------.------------------.--------------------.
> | Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
> | +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
> | +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
> | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
> '------------------------------^-------^------------------^--------------------'
Best Regards,
Fabrice
More information about the buildroot
mailing list