View Issue Details

IDProjectCategoryView StatusLast Update
0005980unrealdocumentationpublic2023-04-10 19:14
ReporterLe_Coyote Assigned Tosyzop  
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version5.2.2 
Fixed in Version6.1.0-rc2 
Summary0005980: SSLDIR is not enough to build UnreaIRCd against non-default SSL lib
DescriptionWhile the correct path to libreSSL was set properly, the Makefile created with ./Config is missing an XLDFLAGS.
Current output:
XLDFLAGS=-Wl,-rpath,/path/to/IRCd/lib -Wl,-z,relro -Wl,-z,now -Wl,-rpath,/path/to/IRCd/lib -L/otherpath/to/libressl-LIB/lib
Expected output:
XLDFLAGS=-Wl,-rpath,/path/to/IRCd/lib -Wl,-z,relro -Wl,-z,now -Wl,-rpath,/path/to/IRCd/lib -L/otherpath/to/libressl-LIB/lib -Wl,-rpath,/otherpath/to/libressl-LIB/lib

Without this (manual) modification, the resulting unrealircd binary is unable to load libssl.so.xx from the specified path.
TagsNo tags attached.
3rd party modules

Activities

Le_Coyote

2021-10-07 20:13

reporter   ~0022139

Um, the "documentation" category is a misclick, it should be "installation" obviously

syzop

2023-04-03 16:50

administrator   ~0022823

The problem with this is, say you have openssl in /usr/local/lib, and we would add like -Wl,-rpath,/usr/local/lib automatically, then you don't only override libssl/libcrypto/etc but you override all the other libs that exist in /usr/local as well, which may not be what you want. And we link to quite a few libs, directly and indirectly (subdependencies):
syzop@dev:~/unrealircd$ ldd bin/unrealircd|wc -l
41
This is why I have not done it at this point, because I think it is easy to screw things up that way. And this can get quite bad when the runtime library differs from the compile time headers that were used, including weird crashes without any explanation.

That being said, using a path that only contains openssl or libressl and not any other libraries is safe. Then it would do exactly what you would expect and want, basically.

Le_Coyote

2023-04-04 09:46

reporter   ~0022824

As you said, I was careful to point to a folder that only contained libreSSL.

But even though I admit that people who wish to use a different SSL lib from the default system one might expect more tinkering than the average user, the SSLDIR question in ./Config is "misleading" as such. In other words, the user might be led to believe that answering this question allows them to build against a specific version/flavour of SSL, when in fact it does not.

So to me it's either "make sure ./Config does the necessary rpath magic", with a BIG warning to the unsuspecting user that it should ONLY contain SSL in order to avoid problems, or "remove the SSLDIR question altogether and document the process elsewhere", making it a little more "exclusive" to advanced users. That's your call ;)

syzop

2023-04-10 19:14

administrator   ~0022831

Thanks, handled now. I went for the middle-ground:
if [ "$SSLDIR" != "" -a "$SSLDIR" != "/usr" ]; then
       echo ""
       echo "You answered previous question manually. Just note that if the library is not"
       echo "in your default library path then UnrealIRCd may fail to start with an error"
       echo "that it cannot find certain .so files (libraries). In that case you would have"
       echo "to either set the LD_LIBARY_PATH environment variable, or you could update the"
       echo "Makefile to link with -Wl,-rpath,$SSLDIR or similar."
       echo ""
       if [ "$SSLDIR" = "/usr/local" ]; then
               echo "**** CAUTION ****"
               echo "You have chosen to use OpenSSL from /usr/local. Just be aware that if you"
               echo "use the LD_LIBRARY_PATH or -Wl,-rpath,$SSLDIR from above,"
               echo "that you are diverting OTHER libraries to that path as well."
               echo "It's not only loading OpenSSL from /usr/local but also potentially other"
               echo "libraries like PCRE2, Jansson, or any of the other libraries that"
               echo "UnrealIRCd uses (including dependencies about 40 libs in total!)"
               echo "All that can result in weird issues and crashes!"
               echo ""
       fi
       echo "Press enter to continue with the rest of the questions, or CTRL+C to abort."
       read cc
fi

Issue History

Date Modified Username Field Change
2021-10-07 17:43 Le_Coyote New Issue
2021-10-07 20:13 Le_Coyote Note Added: 0022139
2023-04-03 16:50 syzop Note Added: 0022823
2023-04-04 09:46 Le_Coyote Note Added: 0022824
2023-04-10 19:14 syzop Assigned To => syzop
2023-04-10 19:14 syzop Status new => resolved
2023-04-10 19:14 syzop Resolution open => fixed
2023-04-10 19:14 syzop Fixed in Version => 6.1.0-rc2
2023-04-10 19:14 syzop Note Added: 0022831