cross-compiling for arm

[itspa1]

Hi,

I was looking to cross compile libunbound to arm, since another package that needs to be cross-compiled to arm depends on unbound. I was using the configure script, and the issue is really with openssl. Openssl is heavy and won't run on arm, so my other option is to use wolfssl. So, I've compiled wolfssl for arm and trying to use that with libunbound. I use the --with-ssl and point it at my wolfssl directory, but it doesn't seem to pick up the library.

I'm relatively new to doing this, so apologies if this is a relatively simple thing. Please do let me know, what my issue is, any pointers are helpful.

Thanks,

Pavan

[wcawijngaards]

Unbound's --with-ssl option can have the directories set up in different ways.

With --with-ssl=dir that dir can then contain dir/include/openssl/ssl.h and dir/lib/libssl.so, this is the normal install. The library can also be in dir/lib64/libssl.so. Or a static library. This is how openssl installs itself. On most systems the dir argument is then /usr or /usr/local or so, and unbound searches there by default.

Otherwise an include dir can be specified in --with-ssl=dir. That looks like --with-ssl=/usr/include/openssl11. The dir then contains the files dir/openssl/ssl.h and the library can be found in s/include/lib/ of dir; in /usr/lib/openssl11/libssl.so. This also works if the library is in /usr/lib64/openssl11/libssl.so and with a static library. So, the name of the include directory is passed, and unbound searches for the library in a similar lib directory. This is useful for installs of different versions, not in /usr/local or so, but inside /usr/lib and /usr/include subdirectories.

The name openssl is fixed. Also the source code needs a directory called openssl, where the header files can be found. So for another lib, it would need to have an include/openssl with the headers and a libssl and libcrypto library. Perhaps a symlink or copy of the files could work, if the API is similar.

[itspa1]

@wcawijngaards Thanks for the early response, taking your advice, since wolfssl is a replacement for openssl, I added the required files under lib64/wolfssl/libssl.a. Now, it gives a different error saying, it found ssl in /usr but is not version 0.9.7 or higher. whereas, I've told it to specifically use wolfssl using the --with-ssl=dir option.

Any idea what the issue might be now?

[wcawijngaards]

The configure script attempts to link with -lcrypto and that is not working. The functions are not provided.

The added libssl.a file is thus not really used yet in this part of configure. It is using libcrypto.a here.

The configure script also logs in config.log, and details can be found there about failures. Like, failures from the linker when configure attempts to link with the library and find the specified functions.

[itspa1]

Hi @wcawijngaards , thanks for the early response. Sorry about not giving you enough context, here is what I'm trying to do. I'm trying to port a DNSSEC package onto the arduino via RIOT OS, so I need to cross compile that package onto arm, and that depends on libunbound, so I'm trying to compile libunbound onto arm. libunbound uses openssl, but wolfssl is the alternative to run on a microcontroller, so I'm trying to compile libunbound with wolfssl for arm.

I tried again and took a look at the config.log. Yes, it does not seem to look at libssl.a added in, it complains pthread and the code I see around it is EVP_sha256. so, I'm not clear as to what is wrong.

Also, please find the complete log file, if it might help config.log

Please, do let me know, if you have any pointers as to what are somethings that I'll have to try in order to get this to work.

Thanks again

[wcawijngaards]

The error from the config.log file seems to be:

configure:18227: checking for EVP_sha256 in -lcrypto
configure:18245: arm-none-eabi-gcc -o conftest --specs=nosys.specs   conftest.c  -lcrypto >&5
/usr/lib/gcc/arm-none-eabi/5.4.1/../../../arm-none-eabi/bin/ld: cannot find -lcrypto

There is no libcrypto library that it can find and this is what the configure script is trying to link with. This is what causes the error printout to get printed.

[sneurlax]

I am having the same issue on a different host for a different target. I am trying to build for Windows using MinGW 64-bit on both Ubuntu and Windows and have been having difficulties cross-compiling for Windows... Do you have any advice for that? Or for building for Windows, on Windows?

On Ubuntu using MinGW 64-bit to target Windows, config.log at L5993 first says cannot find -lpthreads as in #489 but then it also says elsewhere

cannot find -llthread
cannot find -lgdi32
cannot find -lws2_32

I'm sorry if this is obtuse, but how would you recommend including these for unbound?

I notice this as well:

configure:14879: checking for EVP_sha256 in -lcrypto
configure:14897: gcc -o conftest -fPIC -D_GNU_SOURCE -pthread  -I/home/user/src/flutter_libmonero/scripts/windows/build/prefix_x86_64/include  -L/home/user/src/flutter_libmonero/scripts/windows/build/prefix_x86_64/lib conftest.c  -lcrypto >&5
/usr/bin/ld: /home/user/src/flutter_libmonero/scripts/windows/build/prefix_x86_64/lib/libcrypto.a(cryptlib.o):cryptlib.c:(.text+0x50): undefined reference to `__imp_GetEnvironmentVariableW'

Due to not finding one of the above libraries. How do I link that? I do that for OpenSSL like:

./Configure mingw64 \
    no-shared no-tests \
    --with-zlib-include=${PREFIX}/include \
    --with-zlib-lib=${PREFIX}/lib \
    --prefix=${PREFIX} \
    --openssldir=${PREFIX} \
    OPENSSL_LIBS="-lcrypt32 -lws2_32 -lwsock32"

I've tried rebuilding OpenSSL with additional libraries like OPENSSL_LIBS="-lcrypt32 -lgdi32 -ladvapi32 -luser32 -lws2_32 -lwsock32" as well

[sneurlax]

I was not able to pinpoint the specific change I made to progress past the OpenSSL 0.9.7 issue, but I did by configuring OpenSSL and Unbound like this, respectively:

# OpenSSL
CROSS_COMPILE="x86_64-w64-mingw32.static-"
./Configure mingw64 \
    no-shared no-tests no-capieng no-dso no-dtls1 no-ec_nistp_64_gcc_128 no-gost no-heartbeats no-md2 no-rc5 no-rdrand no-rfc3779 no-sctp no-ssl-trace no-ssl2 no-ssl3 no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic \
    --cross-compile-prefix=x86_64-w64-mingw32- \
    --with-zlib-include=${PREFIX}/include \
    --with-zlib-lib=${PREFIX}/lib \
    --prefix=${PREFIX} \
    --openssldir=${PREFIX} \
    OPENSSL_LIBS="-lcrypt32 -lwsock32 -lws2_32"

# Unbound
./configure \
    CFLAGS=-fPIC \
    CXXFLAGS=-fPIC \
    --prefix=${PREFIX} \
    --host=${HOST} \
    --enable-static \
    --disable-shared \
    --disable-flto \
    --enable-static-openssl \
    --with-openssl-includes=${PREFIX} \
    --with-ssl=${PREFIX} \
    --with-libexpat=${PREFIX}

I would need to go and comb through the differences from previous states. I still think this would be an issue with unbound configure