Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

configure fails to detect OpenSSL with gcc5 #719

Closed
ghost opened this issue Mar 17, 2016 · 21 comments
Closed

configure fails to detect OpenSSL with gcc5 #719

ghost opened this issue Mar 17, 2016 · 21 comments
Labels

Comments

@ghost
Copy link

ghost commented Mar 17, 2016

Building curl 7_47_1 on linux64, linking to Openssl 1.0.2g libs, 'configure' reports "fail" @ "checking for OpenSSL headers and library versions matching"

It appears to be non-fatal ...

which openssl
    /usr/local/ssl/bin/openssl
openssl version
    OpenSSL 1.0.2g  1 Mar 2016
pkg-config --cflags openssl
    -I/usr/local/ssl/include 
pkg-config --libs openssl
    -L/usr/local/ssl/lib64 -lssl -lcrypto 

git clone git://github.com/bagder/curl.git
cd curl
git checkout -b curl-7_47_1 curl-7_47_1

echo $LDFLAGS
    -L/usr/local/ssl/lib64 -Wl,-rpath,/usr/local/ssl/lib64 -L/usr/local/lib64 -L/usr/local/lib64 -Wl,-rpath,/usr/local/lib64
echo $LIBS
    -lssl -lcrypto -lssh2

./buildconf
./configure --with-ssl
    ...
    checking for openssl options with pkg-config... found
    configure: pkg-config: SSL_LIBS: "-lssl -lcrypto "
    configure: pkg-config: SSL_LDFLAGS: "-L/usr/local/ssl/lib64 "
    configure: pkg-config: SSL_CPPFLAGS: "-I/usr/local/ssl/include "
    checking for HMAC_Update in -lcrypto... yes
    checking OpenSSL linking without -ldl... yes
    checking for SSL_connect in -lssl... yes
    checking openssl/x509.h usability... yes
    checking openssl/x509.h presence... yes
    checking for openssl/x509.h... yes
    checking openssl/rsa.h usability... yes
    checking openssl/rsa.h presence... yes
    checking for openssl/rsa.h... yes
    checking openssl/crypto.h usability... yes
    checking openssl/crypto.h presence... yes
    checking for openssl/crypto.h... yes
    checking openssl/pem.h usability... yes
    checking openssl/pem.h presence... yes
    checking for openssl/pem.h... yes
    checking openssl/ssl.h usability... yes
    checking openssl/ssl.h presence... yes
    checking for openssl/ssl.h... yes
    checking openssl/err.h usability... yes
    checking openssl/err.h presence... yes
    checking for openssl/err.h... yes
    checking openssl/pkcs12.h usability... yes
    checking openssl/pkcs12.h presence... yes
    checking for openssl/pkcs12.h... yes
    checking for ENGINE_init... yes
    checking openssl/engine.h usability... yes
    checking openssl/engine.h presence... yes
    checking for openssl/engine.h... yes
    checking for ENGINE_load_builtin_engines... yes
    checking for RAND_status... yes
    checking for RAND_screen... no
    checking for RAND_egd... yes
    checking for ENGINE_cleanup... yes
    checking for CRYPTO_cleanup_all_ex_data... yes
    checking for SSL_get_shutdown... yes
    checking for SSLv2_client_method... no
    checking for DES_set_odd_parity... yes
    checking for BoringSSL... no
    checking for libressl... no
    configure: Added /usr/local/ssl/lib64 to LD_LIBRARY_PATH
    checking for OpenSSL headers version... unknown
    checking for OpenSSL library version... 1.0.2
>>> checking for OpenSSL headers and library versions matching... fail
    ...
@jay
Copy link
Member

jay commented Mar 17, 2016

That's from m4/curl-openssl.m4. Based on that output you don't have a curl_cv_have_def_OPENSSL_VERSION_NUMBER. Check your config.log for #define USE_OPENSSL 1 and #define HAVE_OPENSSL_CRYPTO_H 1 , based on the output you should have both. Are sed and grep working? Check config.log for "checking for OpenSSL headers version" see if there's anything telling there esp -I , also check opensslv.h which is where OPENSSL_VERSION_NUMBER should be defined like # define OPENSSL_VERSION_NUMBER 0x1000207fL

@ghost
Copy link
Author

ghost commented Mar 17, 2016

hi,

That's from curl/curl-openssl.m4. Based on that output you don't have a curl_cv_have_def_OPENSSL_VERSION_NUMBER.

Check your config.log for #define USE_OPENSSL 1 and #define HAVE_OPENSSL_CRYPTO_H 1 , based on the output you should have both.

grep "^[ ].*#define USE_OPENSSL" config.log
    #define USE_OPENSSL 1
    #define USE_OPENSSL 1
    #define USE_OPENSSL 1
    #define USE_OPENSSL 1
    #define USE_OPENSSL 1
    #define USE_OPENSSL 1

grep "^[ ]*#define HAVE_OPENSSL_CRYPTO_H 1" config.log
    #define HAVE_OPENSSL_CRYPTO_H 1

Are sed and grep working?

yep

grep --version | head -n 1
    grep (GNU grep) 2.16
sed --version | head -n 1
    sed (GNU sed) 4.2.2

Check config.log for "checking for OpenSSL headers version" see if there's anything telling there esp -I ,

    -------------------
    ...
    configure:22515: result: no
    configure:22527: Added /usr/local/ssl/lib64 to LD_LIBRARY_PATH
>>>    configure:22537: checking for OpenSSL headers version
    configure:22564: /usr/bin/gcc-5 -E -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include  conftest.c
    configure:22564: $? = 0
    configure:22624: result: unknown
    configure:22633: checking for OpenSSL library version
    configure:22701: /usr/bin/gcc-5 -o conftest -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -Wno-system-headers -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include   -L/usr/local/ssl/lib64  -Wl,-rpath,/usr/local/ssl/lib64  -L/usr/local/lib64 -L/usr/local/lib64 -Wl,-rpath,/usr/local/lib64 -L/usr/local/ssl/lib64  conftest.c -lssl -lcrypto -lssl -lcrypto  -lz  -lssl -lcrypto  -lssh2 >&5
    /tmp/ccle8B8g.o: In function `main':
    conftest.c:(.text.startup+0x7): undefined reference to `SSL_CTX_set_not_resumable_session_callback'
    collect2: error: ld returned 1 exit status
    configure:22701: $? = 1
    configure: failed program was:
    | /* confdefs.h */
    | #define PACKAGE_NAME "curl"
    | #define PACKAGE_TARNAME "curl"
    | #define PACKAGE_VERSION "-"
    | #define PACKAGE_STRING "curl -"
    | #define PACKAGE_BUGREPORT "a suitable curl mailing list: https://curl.haxx.se/mail/"
    | #define PACKAGE_URL ""
    | #define PACKAGE "curl"
    | #define VERSION "-"
    | #define OS "x86_64-suse-linux-gnu"
    | #define HAVE_SYS_TYPES_H 1
    | #define HAVE_STDINT_H 1
    | #define HAVE_INTTYPES_H 1
    | #define STDC_HEADERS 1
    | #define HAVE_SYS_TYPES_H 1
    | #define HAVE_SYS_STAT_H 1
    | #define HAVE_STDLIB_H 1
    | #define HAVE_STRING_H 1
    | #define HAVE_MEMORY_H 1
    | #define HAVE_STRINGS_H 1
    | #define HAVE_INTTYPES_H 1
    | #define HAVE_STDINT_H 1
    | #define HAVE_UNISTD_H 1
    | #define SIZEOF_LONG 8
    | #define SIZEOF_VOIDP 8
    | #define CURL_TYPEOF_CURL_OFF_T long
    | #define CURL_FORMAT_CURL_OFF_T "ld"
    | #define CURL_FORMAT_CURL_OFF_TU "lu"
    | #define CURL_FORMAT_OFF_T "%ld"
    | #define CURL_SIZEOF_CURL_OFF_T 8
    | #define CURL_SUFFIX_CURL_OFF_T L
    | #define CURL_SUFFIX_CURL_OFF_TU UL
    | #define HAVE_DLFCN_H 1
    | #define LT_OBJDIR ".libs/"
    | #define CURL_DISABLE_LDAP 1
    | #define CURL_DISABLE_LDAPS 1
    | #define TIME_WITH_SYS_TIME 1
    | #define HAVE_SYS_TYPES_H 1
    | #define HAVE_SYS_TIME_H 1
    | #define HAVE_TIME_H 1
    | #define HAVE_CLOCK_GETTIME_MONOTONIC 1
    | #define HAVE_ZLIB_H 1
    | #define HAVE_LIBZ 1
    | #define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1
    | #define HAVE_WRITABLE_ARGV 1
    | #define HAVE_LIBSSL 1
    | #define HAVE_OPENSSL_X509_H 1
    | #define USE_OPENSSL 1
    | #define HAVE_OPENSSL_RSA_H 1
    | #define USE_OPENSSL 1
    | #define HAVE_OPENSSL_CRYPTO_H 1
    | #define USE_OPENSSL 1
    | #define HAVE_OPENSSL_PEM_H 1
    | #define USE_OPENSSL 1
    | #define HAVE_OPENSSL_SSL_H 1
    | #define USE_OPENSSL 1
    | #define HAVE_OPENSSL_ERR_H 1
    | #define USE_OPENSSL 1
    | #define HAVE_OPENSSL_PKCS12_H 1
    | #define HAVE_OPENSSL_ENGINE_H 1
    | #define HAVE_ENGINE_LOAD_BUILTIN_ENGINES 1
    | #define HAVE_RAND_STATUS 1
    | #define HAVE_RAND_EGD 1
    | #define HAVE_ENGINE_CLEANUP 1
    | #define HAVE_CRYPTO_CLEANUP_ALL_EX_DATA 1
    | #define HAVE_SSL_GET_SHUTDOWN 1
    | #define HAVE_DES_SET_ODD_PARITY 1
    | /* end confdefs.h.  */
    | 
    | 
    | #define SSL_CTX_set_not_resumable_session_callback innocuous_SSL_CTX_set_not_resumable_session_callback
    | #ifdef __STDC__
    | # include <limits.h>
    | #else
    | # include <assert.h>
    | #endif
    | #undef SSL_CTX_set_not_resumable_session_callback
    | #ifdef __cplusplus
    | extern "C"
    | #endif
    | char SSL_CTX_set_not_resumable_session_callback ();
    | #if defined __stub_SSL_CTX_set_not_resumable_session_callback || defined __stub___SSL_CTX_set_not_resumable_session_callback
    | choke me
    | #endif
    | 
    | int main (void)
    | {
    | return SSL_CTX_set_not_resumable_session_callback ();
    |  ;
    |  return 0;
    | }
    | 
    configure:22739: /usr/bin/gcc-5 -o conftest -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -Wno-system-headers -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include   -L/usr/local/ssl/lib64  -Wl,-rpath,/usr/local/ssl/lib64  -L/usr/local/lib64 -L/usr/local/lib64 -Wl,-rpath,/usr/local/lib64 -L/usr/local/ssl/lib64  conftest.c -lssl -lcrypto -lssl -lcrypto  -lz  -lssl -lcrypto  -lssh2 >&5
    configure:22739: $? = 0
    configure:23123: result: 1.0.2
    configure:23131: checking for OpenSSL headers and library versions matching
    configure:23141: result: fail
    configure:23144: WARNING: Can not compare OpenSSL headers and library versions.
    configure:23177: checking for "/dev/urandom"
    configure:23191: result: yes
    configure:23216: checking for SRP_Calc_client_key in -lcrypto
    configure:23238: /usr/bin/gcc-5 -o conftest -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -Wno-system-headers -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include   -L/usr/local/ssl/lib64  -Wl,-rpath,/usr/local/ssl/lib64  -L/usr/local/lib64 -L/usr/local/lib64 -Wl,-rpath,/usr/local/lib64 -L/usr/local/ssl/lib64  conftest.c -lcrypto  -lssl -lcrypto -lssl -lcrypto  -lz  -lssl -lcrypto  -lssh2 >&5
    configure:23238: $? = 0
    configure:23247: result: yes
    configure:24923: checking default CA cert bundle/path
    configure:25022: result: /etc/ssl/certs/ (capath)
    configure:25041: checking for library containing psl_builtin
    configure:25069: /usr/bin/gcc-5 -o conftest -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -Wno-system-headers -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include   -L/usr/local/ssl/lib64  -Wl,-rpath,/usr/local/ssl/lib64  -L/usr/local/lib64 -L/usr/local/lib64 -Wl,-rpath,/usr/local/lib64 -L/usr/local/ssl/lib64  conftest.c -lssl -lcrypto -lssl -lcrypto  -lz  -lssl -lcrypto  -lssh2 >&5
    /tmp/ccojbLuv.o: In function `main':
    conftest.c:(.text.startup+0x7): undefined reference to `psl_builtin'
    collect2: error: ld returned 1 exit status
    configure:25069: $? = 1
    configure: failed program was:
    | /* confdefs.h */
    | #define PACKAGE_NAME "curl"
    | #define PACKAGE_TARNAME "curl"
    | #define PACKAGE_VERSION "-"
    | #define PACKAGE_STRING "curl -"
    | #define PACKAGE_BUGREPORT "a suitable curl mailing list: https://curl.haxx.se/mail/"
    | #define PACKAGE_URL ""
    | #define PACKAGE "curl"
    | #define VERSION "-"
    | #define OS "x86_64-suse-linux-gnu"
    | #define HAVE_SYS_TYPES_H 1
    | #define HAVE_STDINT_H 1
    | #define HAVE_INTTYPES_H 1
    | #define STDC_HEADERS 1
    | #define HAVE_SYS_TYPES_H 1
    | #define HAVE_SYS_STAT_H 1
    | #define HAVE_STDLIB_H 1
    | #define HAVE_STRING_H 1
    | #define HAVE_MEMORY_H 1
    | #define HAVE_STRINGS_H 1
    | #define HAVE_INTTYPES_H 1
    | #define HAVE_STDINT_H 1
    | #define HAVE_UNISTD_H 1
    | #define SIZEOF_LONG 8
    | #define SIZEOF_VOIDP 8
    | #define CURL_TYPEOF_CURL_OFF_T long
    | #define CURL_FORMAT_CURL_OFF_T "ld"
    | #define CURL_FORMAT_CURL_OFF_TU "lu"
    | #define CURL_FORMAT_OFF_T "%ld"
    | #define CURL_SIZEOF_CURL_OFF_T 8
    | #define CURL_SUFFIX_CURL_OFF_T L
    | #define CURL_SUFFIX_CURL_OFF_TU UL
    | #define HAVE_DLFCN_H 1
    | #define LT_OBJDIR ".libs/"
    | #define CURL_DISABLE_LDAP 1
    | #define CURL_DISABLE_LDAPS 1
    | #define TIME_WITH_SYS_TIME 1
    | #define HAVE_SYS_TYPES_H 1
    | #define HAVE_SYS_TIME_H 1
    | #define HAVE_TIME_H 1
    | #define HAVE_CLOCK_GETTIME_MONOTONIC 1
    | #define HAVE_ZLIB_H 1
    | #define HAVE_LIBZ 1
    | #define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1
    | #define HAVE_WRITABLE_ARGV 1
    | #define HAVE_LIBSSL 1
    | #define HAVE_OPENSSL_X509_H 1
    | #define USE_OPENSSL 1
    | #define HAVE_OPENSSL_RSA_H 1
    | #define USE_OPENSSL 1
    | #define HAVE_OPENSSL_CRYPTO_H 1
    | #define USE_OPENSSL 1
    | #define HAVE_OPENSSL_PEM_H 1
    | #define USE_OPENSSL 1
    | #define HAVE_OPENSSL_SSL_H 1
    | #define USE_OPENSSL 1
    | #define HAVE_OPENSSL_ERR_H 1
    | #define USE_OPENSSL 1
    | #define HAVE_OPENSSL_PKCS12_H 1
    | #define HAVE_OPENSSL_ENGINE_H 1
    | #define HAVE_ENGINE_LOAD_BUILTIN_ENGINES 1
    | #define HAVE_RAND_STATUS 1
    | #define HAVE_RAND_EGD 1
    | #define HAVE_ENGINE_CLEANUP 1
    | #define HAVE_CRYPTO_CLEANUP_ALL_EX_DATA 1
    | #define HAVE_SSL_GET_SHUTDOWN 1
    | #define HAVE_DES_SET_ODD_PARITY 1
    | #define RANDOM_FILE "/dev/urandom"
    | #define HAVE_OPENSSL_SRP 1
    | #define CURL_CA_PATH "/etc/ssl/certs/"
    | /* end confdefs.h.  */
    | 
    ...
    -------------------

also check opensslv.h which is where OPENSSL_VERSION_NUMBER should be defined like # define OPENSSL_VERSION_NUMBER 0x1000207fL

grep OPENSSL_VERSION_NUMBER /usr/local/ssl/include/openssl/opensslv.h
    # define OPENSSL_VERSION_NUMBER  0x1000207fL

@jay
Copy link
Member

jay commented Mar 17, 2016

I don't see anything unusual there. It's probably failing to parse. Can you save a copy of the conftest file that is used to get the version number? This way we can go step by step to figure out what the problem is. Apply this:

diff --git a/acinclude.m4 b/acinclude.m4
index 4f25ac6..0f21624 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -56,6 +56,9 @@ CURL_DEF_TOKEN $1
     if test -z "$tmp_exp" || test "$tmp_exp" = "$1"; then
       tmp_exp=""
     fi
+    if test "x$1" = "xOPENSSL_VERSION_NUMBER"; then
+      cp conftest.$ac_ext osslver.c
+    fi
   ])
   if test -z "$tmp_exp"; then
     AS_VAR_SET(ac_HaveDef, no)

Use ./buildconf to regenerate then ./configure same way you did before. Check that the result is the same. You should now have a osslver.c file. Try to parse it manually using the same method configure should be using:

gcc -E -isystem /usr/local/include -isystem /usr/include -O3 \
  -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables \
  -grecord-gcc-switches -march=native -mtune=native \
  -fasynchronous-unwind-tables -fmessage-length=0 \
  -I/usr/local/ssl/include \
  osslver.c | \
grep CURL_DEF_TOKEN | \
sed 's/.*CURL_DEF_TOKEN[ ][ ]*//' | \
sed 's/["][ ]*["]//g'

The expected output is 0x1000207fL. If not judge from any error messages and step back until you figure it out.

@ghost
Copy link
Author

ghost commented Mar 17, 2016

The expected output is 0x1000207fL.

and so it is ... :-/

cd curl
git branch -a | grep \*
    * curl-7_47_1
git clean -xfd
git reset --hard
    HEAD is now at 8f995e2 RELEASE-NOTES: curl 7.47.1 time!

cat /usr/local/src/libcurl-openssl.patch
    diff --git a/acinclude.m4 b/acinclude.m4
    index 4f25ac6..0f21624 100644
    --- a/acinclude.m4
    +++ b/acinclude.m4
    @@ -56,6 +56,9 @@ CURL_DEF_TOKEN $1
         if test -z "$tmp_exp" || test "$tmp_exp" = "$1"; then
           tmp_exp=""
         fi
    +    if test "x$1" = "xOPENSSL_VERSION_NUMBER"; then
    +      cp conftest.$ac_ext osslver.c
    +    fi
       ])
       if test -z "$tmp_exp"; then
         AS_VAR_SET(ac_HaveDef, no)

patch -p1 < /usr/local/src/libcurl-openssl.patch
    patching file acinclude.m4

echo $LDFLAGS
    -L/usr/local/ssl/lib64 -Wl,-rpath,/usr/local/ssl/lib64 -L/usr/local/lib64 -L/usr/local/lib64 -Wl,-rpath,/usr/local/lib64
echo $LIBS
    -lssl -lcrypto -lssh2

./buildconf
./configure --with-ssl

cat osslver.c
    /* confdefs.h */
    #define PACKAGE_NAME "curl"
    #define PACKAGE_TARNAME "curl"
    #define PACKAGE_VERSION "-"
    #define PACKAGE_STRING "curl -"
    #define PACKAGE_BUGREPORT "a suitable curl mailing list: https://curl.haxx.se/mail/"
    #define PACKAGE_URL ""
    #define PACKAGE "curl"
    #define VERSION "-"
    #define OS "x86_64-suse-linux-gnu"
    #define HAVE_SYS_TYPES_H 1
    #define HAVE_STDINT_H 1
    #define HAVE_INTTYPES_H 1
    #define STDC_HEADERS 1
    #define HAVE_SYS_TYPES_H 1
    #define HAVE_SYS_STAT_H 1
    #define HAVE_STDLIB_H 1
    #define HAVE_STRING_H 1
    #define HAVE_MEMORY_H 1
    #define HAVE_STRINGS_H 1
    #define HAVE_INTTYPES_H 1
    #define HAVE_STDINT_H 1
    #define HAVE_UNISTD_H 1
    #define SIZEOF_LONG 8
    #define SIZEOF_VOIDP 8
    #define CURL_TYPEOF_CURL_OFF_T long
    #define CURL_FORMAT_CURL_OFF_T "ld"
    #define CURL_FORMAT_CURL_OFF_TU "lu"
    #define CURL_FORMAT_OFF_T "%ld"
    #define CURL_SIZEOF_CURL_OFF_T 8
    #define CURL_SUFFIX_CURL_OFF_T L
    #define CURL_SUFFIX_CURL_OFF_TU UL
    #define HAVE_DLFCN_H 1
    #define LT_OBJDIR ".libs/"
    #define HAVE_LDAP_SSL 1
    #define TIME_WITH_SYS_TIME 1
    #define HAVE_SYS_TYPES_H 1
    #define HAVE_SYS_TIME_H 1
    #define HAVE_TIME_H 1
    #define HAVE_CLOCK_GETTIME_MONOTONIC 1
    #define HAVE_ZLIB_H 1
    #define HAVE_LIBZ 1
    #define HAVE_LBER_H 1
    #define HAVE_LDAP_H 1
    #define HAVE_LDAP_URL_PARSE 1
    #define HAVE_LDAP_INIT_FD 1
    #define USE_OPENLDAP 1
    #define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1
    #define HAVE_WRITABLE_ARGV 1
    #define HAVE_LIBSSL 1
    #define HAVE_OPENSSL_X509_H 1
    #define USE_OPENSSL 1
    #define HAVE_OPENSSL_RSA_H 1
    #define USE_OPENSSL 1
    #define HAVE_OPENSSL_CRYPTO_H 1
    #define USE_OPENSSL 1
    #define HAVE_OPENSSL_PEM_H 1
    #define USE_OPENSSL 1
    #define HAVE_OPENSSL_SSL_H 1
    #define USE_OPENSSL 1
    #define HAVE_OPENSSL_ERR_H 1
    #define USE_OPENSSL 1
    #define HAVE_OPENSSL_PKCS12_H 1
    #define HAVE_OPENSSL_ENGINE_H 1
    #define HAVE_ENGINE_LOAD_BUILTIN_ENGINES 1
    #define HAVE_RAND_STATUS 1
    #define HAVE_RAND_EGD 1
    #define HAVE_ENGINE_CLEANUP 1
    #define HAVE_CRYPTO_CLEANUP_ALL_EX_DATA 1
    #define HAVE_SSL_GET_SHUTDOWN 1
    #define HAVE_DES_SET_ODD_PARITY 1
    /* end confdefs.h.  */


    #   ifdef USE_OPENSSL
    #     include <openssl/crypto.h>
    #   else
    #     include <crypto.h>
    #   endif

    #ifdef OPENSSL_VERSION_NUMBER
    CURL_DEF_TOKEN OPENSSL_VERSION_NUMBER
    #endif

gcc -E -isystem /usr/local/include -isystem /usr/include -O3 \
  -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables \
  -grecord-gcc-switches -march=native -mtune=native \
  -fasynchronous-unwind-tables -fmessage-length=0 \
  -I/usr/local/ssl/include \
  osslver.c | \
grep CURL_DEF_TOKEN | \
sed 's/.*CURL_DEF_TOKEN[ ][ ]*//' | \
sed 's/["][ ]*["]//g'

    0x1000207fL

Note, however, that is NOT the cmd string from above. Rather, this is:

/usr/bin/gcc-5 -E -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include  conftest.c

Exec'ing that against the saved osslver.c

/usr/bin/gcc-5 -E -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include  \
  osslver.c | \
grep CURL_DEF_TOKEN | \
sed 's/.*CURL_DEF_TOKEN[ ][ ]*//' | \
sed 's/["][ ]*["]//g'

returns

(null)

, nothing.

@jay
Copy link
Member

jay commented Mar 17, 2016

might be gcc-5 , walk it back like

/usr/bin/gcc-5 -E -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include \
  osslver.c | \
grep CURL_DEF_TOKEN | \
sed 's/.*CURL_DEF_TOKEN[ ][ ]*//' | \
sed 's/["][ ]*["]//g'
/usr/bin/gcc-5 -E -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include  \
  osslver.c | \
grep CURL_DEF_TOKEN | \
sed 's/.*CURL_DEF_TOKEN[ ][ ]*//'
/usr/bin/gcc-5 -E -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include  \
  osslver.c | \
grep CURL_DEF_TOKEN
/usr/bin/gcc-5 -E -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include  \
  osslver.c

@ghost
Copy link
Author

ghost commented Mar 17, 2016

As before

git clean -xfd
git reset --hard
patch -p1 < /usr/local/src/libcurl-openssl.patch
./buildconf
./configure --with-ssl

the walk-back

/usr/bin/gcc-5 -E -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include \
  osslver.c | \
grep CURL_DEF_TOKEN | \
sed 's/.*CURL_DEF_TOKEN[ ][ ]*//' | \
sed 's/["][ ]*["]//g'

    (empty)

/usr/bin/gcc-5 -E -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include  \
  osslver.c | \
grep CURL_DEF_TOKEN | \
sed 's/.*CURL_DEF_TOKEN[ ][ ]*//'

    (empty)

/usr/bin/gcc-5 -E -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include  \
  osslver.c | \
grep CURL_DEF_TOKEN

    CURL_DEF_TOKEN 

/usr/bin/gcc-5 -E -isystem /usr/local/ssl/include -isystem /usr/include -O3 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -I/usr/local/ssl/include  \
  osslver.c

-->
output at pastebin (or this attachment)

So, can certainly see where it's going 'empty'. I'll have to stare it a bit to figure out the expected behavior ...

@jay
Copy link
Member

jay commented Mar 18, 2016

The preprocessor output for gcc 4 looks like this:

# 87 "osslver.c" 2
[some blank lines]
CURL_DEF_TOKEN 0x1000207fL

Yours looks like:

# 82 "osslver.c"
CURL_DEF_TOKEN 
# 82 "osslver.c" 3 4
              0x1000207fL

This exact issue is described in GCC 5 porting issues. Try adding the -P option to remove linemarkers and see what that gives you.

@jay jay added the build label Mar 18, 2016
@ghost
Copy link
Author

ghost commented Mar 18, 2016

adding

export CPPFLAGS+=" -P"

appears to cure the config issue

./buildconf
./configure ...
    ...
    configure: Added /usr/local/ssl/lib64 to LD_LIBRARY_PATH
    checking for OpenSSL headers version... 1.0.2 - 0x1000207fL
    checking for OpenSSL library version... 1.0.2
    checking for OpenSSL headers and library versions matching... yes
    ...

hat's off - nice catch!

Given that gcc5's long been in release, and as

https://gcc.gnu.org/gcc-5/porting_to.html
"These new markers can cause intriguing problems for software not ready to handle them."

should this issue be re-branded as a "port build to gcc5" bug?

@bagder
Copy link
Member

bagder commented Mar 18, 2016

... and I've been using gcc5 on my systems for years without ever having this problem, and I build curl may times every day. What Linux distro and version is this?

@bagder bagder changed the title curl 7_47_1 build's './configure' FAILs @ "OpenSSL headers and library versions matching" configure fails to detect OpenSSL with gcc5 Mar 18, 2016
@ghost
Copy link
Author

ghost commented Mar 18, 2016

of course it works for you ;-)

This is Opensuse Leap

lsb_release -rd
    Description:    openSUSE Leap 42.1 (x86_64)
    Release:        42.1

With GCC 5

gcc -v
    Using built-in specs.
    COLLECT_GCC=gcc
    COLLECT_LTO_WRAPPER=/usr/lib64/gcc/x86_64-suse-linux/5/lto-wrapper
    Target: x86_64-suse-linux
    Configured with: ../configure --prefix=/usr --infodir=/usr/share/info --mandir=/usr/share/man --libdir=/usr/lib64 --libexecdir=/usr/lib64 --enable-languages=c,c++,objc,fortran,obj-c++,java,ada,go --enable-checking=release --with-gxx-include-dir=/usr/include/c++/5 --enable-ssp --disable-libssp --disable-libvtv --enable-libmpx --disable-plugin --with-bugurl=http://bugs.opensuse.org/ --with-pkgversion='SUSE Linux' --disable-libgcj --with-slibdir=/lib64 --with-system-zlib --enable-__cxa_atexit --enable-libstdcxx-allocator=new --disable-libstdcxx-pch --with-default-libstdcxx-abi=gcc4-compatible --enable-version-specific-runtime-libs --enable-linker-build-id --enable-linux-futex --program-suffix=-5 --without-system-libunwind --enable-multilib --with-arch-32=x86-64 --with-tune=generic --build=x86_64-suse-linux --host=x86_64-suse-linux
    Thread model: posix
    gcc version 5.3.1 20160301 [gcc-5-branch revision 233849] (SUSE Linux) 

tracked from the project's dev repo

http://download.opensuse.org/repositories/devel:/gcc/openSUSE_Leap_42.1

@bagder
Copy link
Member

bagder commented Mar 18, 2016

I also have gcc 5.3.1, but looking at my configure output closer it actually says:

checking for OpenSSL headers version... unknown
checking for OpenSSL library version... 1.0.2
checking for OpenSSL headers and library versions matching... fail
configure: WARNING: Can not compare OpenSSL headers and library versions.

@ghost
Copy link
Author

ghost commented Mar 18, 2016

and with the "-P" added to your CPPFLAGS ... ?

@bagder
Copy link
Member

bagder commented Mar 18, 2016

Yeah, I can fix the script with -P. I guess I just need to make sure the preprocessor actually supports -P first before using it...

diff --git a/acinclude.m4 b/acinclude.m4
index 4f25ac6..e993e1e 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -29,10 +29,12 @@ dnl includes even if no INCLUDES argument is given. This macro will run
 dnl silently when invoked with three arguments. If the expansion would
 dnl result in a set of double-quoted strings the returned expansion will
 dnl actually be a single double-quoted string concatenating all them.

 AC_DEFUN([CURL_CHECK_DEF], [
+  OLDCPPFLAGS=$CPPFLAGS
+  CPPFLAGS="$CPPFLAGS -P"
   AS_VAR_PUSHDEF([ac_HaveDef], [curl_cv_have_def_$1])dnl
   AS_VAR_PUSHDEF([ac_Def], [curl_cv_def_$1])dnl
   if test -z "$SED"; then
     AC_MSG_ERROR([SED not set. Cannot continue without SED being set.])
   fi
@@ -65,10 +67,11 @@ CURL_DEF_TOKEN $1
     AS_VAR_SET(ac_Def, $tmp_exp)
     ifelse($3,,[AC_MSG_RESULT([$tmp_exp])])
   fi
   AS_VAR_POPDEF([ac_Def])dnl
   AS_VAR_POPDEF([ac_HaveDef])dnl
+  CPPFLAGS=$OLDCPPFLAGS
 ])


 dnl CURL_CHECK_DEF_CC (SYMBOL, [INCLUDES], [SILENT])
 dnl -------------------------------------------------

@bagder bagder closed this as completed in ecf9534 Mar 18, 2016
@bagder
Copy link
Member

bagder commented Mar 18, 2016

I pushed a configure fix that detects if cpp -P is necesary, then if cpp -P works and if so, it uses cpp -P when it extracts defined values. Works for me, I hope it works for you too!

@ghost
Copy link
Author

ghost commented Mar 18, 2016

Great, thx.

That's a push to master, not backported to curl-7_47_1 release tag, I assume. Expect it in the next release, then?

In any case, the "-P" is a good enough workaround.

Based on the

"These new markers can cause intriguing problems for software not ready to handle them."

comment, it looks like the need for "-P" is still cuz the code's GCC4-friendly, not yet GCC5-ready. Should this be planned for additional/other cleanup to, well, be "ready to handle them."? Or is this -P add'n sufficient?

@jay
Copy link
Member

jay commented Mar 18, 2016

Well there's not a whole lot of difference actually. I didn't see any other issues. We're not using %a in scanf and other than that it looks like mostly warnings that aren't serious and nothing blocking. Thanks for helping us reproduce this, your info was very thorough.

@bagder
Copy link
Member

bagder commented Mar 18, 2016

That's a push to master, not backported to curl-7_47_1 release tag, I assume. Expect it in the next release, then?

Right, this will be included in the pending 7.48.0 release. We normally don't maintain any other branches than just the master branch.

it looks like the need for "-P" is still cuz the code's GCC4-friendly, not yet GCC5-ready. Should this be planned for additional/other cleanup to, well, be "ready to handle them."? Or is this -P add'n sufficient?

I'm not aware of anything else that needs fixing for gcc5. The -P thing should be enough.

@ghost
Copy link
Author

ghost commented Apr 22, 2016

fyi, remove the "-P" for a gcc6 build

edit: that's building branch curl-7_48_0

@bagder
Copy link
Member

bagder commented Apr 22, 2016

the current script checks if -P is needed and only uses it then

@dertin
Copy link

dertin commented Jun 17, 2017

1- Install OpenSSL 1.1.0f in Debian 8.8 x32:

 ./config -Wl,--enable-new-dtags,-rpath,'$(LIBRPATH)'
 make
 make test
 make install
 openssl version -v

2- Install nghttp2

3- Problems to install curl 7.54.1 ./configure --with-nghttp2 --with-ssl

OpenSSL version: opensslv.h
CURL: config.log

CURL Error:

checking for OpenSSL headers version... 1.1.0 - 0x1010006fL
checking for OpenSSL library version... 1.0.1
checking for OpenSSL headers and library versions matching... no
configure: WARNING: OpenSSL headers and library versions do not match.
...
...
...
...
vtls/openssl.c: In function ‘Curl_ossl_seed’:
vtls/openssl.c:279:5: error: implicit declaration of function ‘RAND_egd’ [-Werro r=implicit-function-declaration]
int ret = RAND_egd(data->set.str[STRING_SSL_EGDSOCKET]?
^
cc1: some warnings being treated as errors
Makefile:2030: recipe for target 'vtls/libcurl_la-openssl.lo' failed
make[2]: *** [vtls/libcurl_la-openssl.lo] Error 1
make[2]: Leaving directory '/var/tmp/curl_build/curl_src/lib'
Makefile:741: recipe for target 'all' failed
make[1]: *** [all] Error 2
make[1]: Leaving directory '/var/tmp/curl_build/curl_src/lib'
Makefile:902: recipe for target 'all-recursive' failed
make: *** [all-recursive] Error 1
Making install in lib
make[1]: Entering directory '/var/tmp/curl_build/curl_src/lib'
CC vtls/libcurl_la-openssl.lo
vtls/openssl.c: In function ‘Curl_ossl_seed’:
vtls/openssl.c:279:5: error: implicit declaration of function ‘RAND_egd’ [-Werro r=implicit-function-declaration]
int ret = RAND_egd(data->set.str[STRING_SSL_EGDSOCKET]?
^
cc1: some warnings being treated as errors
Makefile:2030: recipe for target 'vtls/libcurl_la-openssl.lo' failed
make[1]: *** [vtls/libcurl_la-openssl.lo] Error 1
make[1]: Leaving directory '/var/tmp/curl_build/curl_src/lib'
Makefile:902: recipe for target 'install-recursive' failed
make: *** [install-recursive] Error 1

In config.log see:

configure:23234: Added /usr/local/lib to LD_LIBRARY_PATH
configure:23244: checking for OpenSSL headers version
configure:23274: gcc -E -I/usr/local/include conftest.c
configure:23274: $? = 0
configure:23335: result: 1.1.0 - 0x1010006fL :thumbsup:
configure:23344: checking for OpenSSL library version
configure:23412: gcc -o conftest -Werror-implicit-function-declaration -O2 -Wno-system-headers -I/usr/local/include -L/usr/lib/i386-linux-gnu -L/usr/local/lib conftest.c -lssl -lcrypto -lssl -lcrypto -llber -lldap -lz >&5
/tmp/cconm5OL.o: In function main': conftest.c:(.text.startup+0x12): undefined reference to SSL_CTX_set_not_resumable_session_callback'
collect2: error: ld returned 1 exit status 👎
configure:23412: $? = 1
configure: failed program was:

Can there be a problem with the order of the directories ?
-I/usr/local/include -L/usr/lib/i386-linux-gnu -L/usr/local/lib

@jay
Copy link
Member

jay commented Jun 17, 2017

@dertin don't hijack please open a new issue explaining your problem. It looks like a system directory is included in -L which should not happen. We've seen one or two other reports of that. I doubt curl is at fault but I can look into it. Please attach the config.log to your issue.

@lock lock bot locked as resolved and limited conversation to collaborators May 6, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Development

No branches or pull requests

3 participants