Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Mon 16 Jun 2014 06:39:40 Viktor Dukhovni wrote: > On Mon, Jun 16, 2014 at 02:10:14AM -0400, Mike Frysinger wrote: > > On Mon 28 Apr 2014 09:32:40 Salz, Rich wrote: > > > > While rpaths are not needed in some contexts, they are important in > > > > others, please do not remove rpath support. > > > > > > Yes, such as cross-compiling or embedded systems. I think it's > > > reasonable > > > to make it a config option tho. > > > > eh ? rpaths are not needed when cross-compiling or for embedded. they're > > needed only when people are installing into non-standard paths and can't > > be > > bothered to update their ld.so.conf mechanisms to include those paths. > > "can't be bothered" is a rather loaded term. Sometimes it is a bad > idea to force every application on a system to look for libraries > in a location needed by just one. We should acknowledge that rpaths > are sometimes useful. s/sometimes/rarely/ even then, it's trivial to keep this behavior -- set LDFLAGS yourself to your non-standard paths. i don't think using rpath is a sane default. -mike signature.asc Description: This is a digitally signed message part.
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Mon, Jun 16, 2014 at 02:10:14AM -0400, Mike Frysinger wrote: > On Mon 28 Apr 2014 09:32:40 Salz, Rich wrote: > > > While rpaths are not needed in some contexts, they are important in > > > others, please do not remove rpath support. > > Yes, such as cross-compiling or embedded systems. I think it's reasonable > > to make it a config option tho. > > eh ? rpaths are not needed when cross-compiling or for embedded. they're > needed only when people are installing into non-standard paths and can't be > bothered to update their ld.so.conf mechanisms to include those paths. "can't be bothered" is a rather loaded term. Sometimes it is a bad idea to force every application on a system to look for libraries in a location needed by just one. We should acknowledge that rpaths are sometimes useful. -- Viktor. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Mon 28 Apr 2014 09:32:40 Salz, Rich wrote: > > While rpaths are not needed in some contexts, they are important in > > others, please do not remove rpath support. > Yes, such as cross-compiling or embedded systems. I think it's reasonable > to make it a config option tho. eh ? rpaths are not needed when cross-compiling or for embedded. they're needed only when people are installing into non-standard paths and can't be bothered to update their ld.so.conf mechanisms to include those paths. -mike signature.asc Description: This is a digitally signed message part.
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Fri 06 Jun 2014 09:15:09 Kurt Roeckx via RT wrote: > On Fri, Jun 06, 2014 at 01:27:02AM -0400, Mike Frysinger wrote: > > On Thu 05 Jun 2014 22:53:32 Matt Caswell via RT wrote: > > > On Sun Apr 27 13:04:20 2014, vap...@gentoo.org wrote: > > > > It's a standard setting that other build systems use. > > > > > > Can you explain why you need this? > > > > because people want to set custom linker flags. `man ld` shows quite a > > large number that can easily be applied such as extra hardening or > > optimization. > > I ended up using the cflags in Configure for that. that would workaround the problem, but my goal is to fix things :) -mike signature.asc Description: PGP signature
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Fri 06 Jun 2014 09:15:09 Kurt Roeckx via RT wrote: > On Fri, Jun 06, 2014 at 01:27:02AM -0400, Mike Frysinger wrote: > > On Thu 05 Jun 2014 22:53:32 Matt Caswell via RT wrote: > > > On Sun Apr 27 13:04:20 2014, vap...@gentoo.org wrote: > > > > It's a standard setting that other build systems use. > > > > > > Can you explain why you need this? > > > > because people want to set custom linker flags. `man ld` shows quite a > > large number that can easily be applied such as extra hardening or > > optimization. > > I ended up using the cflags in Configure for that. that would workaround the problem, but my goal is to fix things :) -mike signature.asc Description: This is a digitally signed message part.
RE: [openssl.org #3331] [PATCH] respect LDFLAGS during build
> I think this misses the point, one can already just pass a table entry on the > command-line as a colon-separated target name. Yes, you're right, I was mis-using the thread. But putting a config spec on the command line is, shall we say, awkward. And adding the flag would help with code cleanup; does everyone need to see the various debug-levitte settings? Or when we finally get rid of support for MSDOS, we can take that out, too. Configure then becomes the practical definition for what is supported and not a dumping ground for anything that someone on the core team needs, or that someone was able to "convince" them to add. /r$ -- Principal Security Engineer Akamai Technologies, Cambridge, MA IM: rs...@jabber.me; Twitter: RichSalz __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Fri, Jun 06, 2014 at 10:42:06AM -0400, Salz, Rich wrote: > Perhaps Configure should have a "-f nnn" flag, that lets folks > add their own local table without having to patch the script I think this misses the point, one can already just pass a table entry on the command-line as a colon-separated target name. The goal generally is not to create an entry from scratch but to add some flags to entry maintained by the OpenSSL team which gets updated from time to time by them to add various platform-specific options. It is for this that I wrote a script to synthesize an ad-hoc target spec from the OpenSSL maintained table... It would be convenient to specify additional ad-hoc prepend/append strings for the various table fields on the Configure command-line without writing a "Configure TABLE" parser, but at least that approach works... -- Viktor. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
RE: [openssl.org #3331] [PATCH] respect LDFLAGS during build
Perhaps Configure should have a "-f nnn" flag, that lets folks add their own local table without having to patch the script -- Principal Security Engineer Akamai Technologies, Cambridge, MA IM: rs...@jabber.me; Twitter: RichSalz -Original Message- From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On Behalf Of Viktor Dukhovni Sent: Friday, June 06, 2014 10:31 AM To: openssl-dev@openssl.org Subject: Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build On Fri, Jun 06, 2014 at 09:15:02AM +0200, Kurt Roeckx wrote: > I ended up using the cflags in Configure for that. I wrote a script that takes the output of "Configure TABLE" to extract the settings for my desired target, makes appropriate additions to the desired field, and then runs "Configure" with an explicit colon-separated target spec rather than a named target. This could perhaps be easier, but it is possible. -- Viktor. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Fri, Jun 06, 2014 at 09:15:02AM +0200, Kurt Roeckx wrote: > I ended up using the cflags in Configure for that. I wrote a script that takes the output of "Configure TABLE" to extract the settings for my desired target, makes appropriate additions to the desired field, and then runs "Configure" with an explicit colon-separated target spec rather than a named target. This could perhaps be easier, but it is possible. -- Viktor. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Fri, Jun 06, 2014 at 01:27:02AM -0400, Mike Frysinger wrote: > On Thu 05 Jun 2014 22:53:32 Matt Caswell via RT wrote: > > On Sun Apr 27 13:04:20 2014, vap...@gentoo.org wrote: > > > It's a standard setting that other build systems use. > > > > Can you explain why you need this? > > because people want to set custom linker flags. `man ld` shows quite a large > number that can easily be applied such as extra hardening or optimization. I ended up using the cflags in Configure for that. Kurt __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Fri, Jun 06, 2014 at 01:27:02AM -0400, Mike Frysinger wrote: > On Thu 05 Jun 2014 22:53:32 Matt Caswell via RT wrote: > > On Sun Apr 27 13:04:20 2014, vap...@gentoo.org wrote: > > > It's a standard setting that other build systems use. > > > > Can you explain why you need this? > > because people want to set custom linker flags. `man ld` shows quite a large > number that can easily be applied such as extra hardening or optimization. I ended up using the cflags in Configure for that. Kurt __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Thu 05 Jun 2014 22:53:32 Matt Caswell via RT wrote:
> On Sun Apr 27 13:04:20 2014, vap...@gentoo.org wrote:
> > It's a standard setting that other build systems use.
>
> Can you explain why you need this?
because people want to set custom linker flags. `man ld` shows quite a large
number that can easily be applied such as extra hardening or optimization.
> > @@ -217,6 +217,7 @@ BUILDENV= PLATFORM='$(PLATFORM)'
> > PROCESSOR='$(PROCESSOR)' \
> > MAKEDEPEND='{TOP}/util/domd {TOP} -MD $(MAKEDEPPROG)' \
> > DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
> > MAKEDEPPROG='$(MAKEDEPPROG)' \
> > + LDFLAGS='${LDFLAGS}' \
>
> I'm wondering whether it would be better to remove LDFLAGS from CLEARENV (a
> few lines before the above), rather than add it to BUILDENV? Thoughts? Or
> am I missing something?
maybe. i find it really hard to understand what the Makefiles are going for
in general, so i don't try to start at them too hard.
-mike
signature.asc
Description: PGP signature
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Thu 05 Jun 2014 22:53:32 Matt Caswell via RT wrote:
> On Sun Apr 27 13:04:20 2014, vap...@gentoo.org wrote:
> > It's a standard setting that other build systems use.
>
> Can you explain why you need this?
because people want to set custom linker flags. `man ld` shows quite a large
number that can easily be applied such as extra hardening or optimization.
> > @@ -217,6 +217,7 @@ BUILDENV= PLATFORM='$(PLATFORM)'
> > PROCESSOR='$(PROCESSOR)' \
> > MAKEDEPEND='{TOP}/util/domd {TOP} -MD $(MAKEDEPPROG)' \
> > DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
> > MAKEDEPPROG='$(MAKEDEPPROG)' \
> > + LDFLAGS='${LDFLAGS}' \
>
> I'm wondering whether it would be better to remove LDFLAGS from CLEARENV (a
> few lines before the above), rather than add it to BUILDENV? Thoughts? Or
> am I missing something?
maybe. i find it really hard to understand what the Makefiles are going for
in general, so i don't try to start at them too hard.
-mike
signature.asc
Description: This is a digitally signed message part.
RE: [openssl.org #3331] [PATCH] respect LDFLAGS during build
> While rpaths are not needed in some contexts, they are important in others, > please do not remove rpath support. Yes, such as cross-compiling or embedded systems. I think it's reasonable to make it a config option tho. /r$ -- Principal Security Engineer Akamai Technologies, Cambridge, MA IM: rs...@jabber.me; Twitter: RichSalz __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Sun, Apr 27, 2014 at 02:08:12PM +0200, Kurt Roeckx via RT wrote: > But then I think think that we shouldn't have rpaths in the first > place, so I wouldn't have a problem with removing the rpath. While rpaths are not needed in some contexts, they are important in others, please do not remove rpath support. -- Viktor. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Sun 27 Apr 2014 14:08:12 Kurt Roeckx via RT wrote: > > -DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" > > +DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS)" > > Shouldn't that be this? > +DO_GNU_APP=LDFLAGS="$(LDFLAGS) -Wl,-rpath,$(LIBRPATH)" i didn't mean to include dropping of the rpath in this change. it should be: DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS) -Wl,-rpath,$(LIBRPATH)" > But then I think think that we shouldn't have rpaths in the first > place, so I wouldn't have a problem with removing the rpath. yeah, in most systems it's pointless. guess it should be made into a configure flag if people want to continue supporting it. -mike __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
On Sun 27 Apr 2014 14:08:12 Kurt Roeckx via RT wrote: > > -DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" > > +DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS)" > > Shouldn't that be this? > +DO_GNU_APP=LDFLAGS="$(LDFLAGS) -Wl,-rpath,$(LIBRPATH)" i didn't mean to include dropping of the rpath in this change. it should be: DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS) -Wl,-rpath,$(LIBRPATH)" > But then I think think that we shouldn't have rpaths in the first > place, so I wouldn't have a problem with removing the rpath. yeah, in most systems it's pointless. guess it should be made into a configure flag if people want to continue supporting it. -mike __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3331] [PATCH] respect LDFLAGS during build
> -DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" > +DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS)" Shouldn't that be this? +DO_GNU_APP=LDFLAGS="$(LDFLAGS) -Wl,-rpath,$(LIBRPATH)" But then I think think that we shouldn't have rpaths in the first place, so I wouldn't have a problem with removing the rpath. Kurt __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
