sumanar
commented
8 years ago @carlopires Please let us know if you were able to compile this successfully.
Closed carlopires closed 8 years ago
sumanar
commented
8 years ago @carlopires Please let us know if you were able to compile this successfully.
adepasquale
commented
8 years ago @carlopires @sumanar I need to double check, but the page SK110425 - OPSEC SDK - SHA-256 support mentions that:
Note: The static libraries are currently not functional.
I'll try switching to dynamic linking and let you know.
adepasquale
commented
8 years ago Could you please test the above commit and let us know?
sumanar
commented
8 years ago Thank you @adepasquale fw1-loggrabber now compiles successfully with new OPSEC SDK!
P.S.: to avoid this warning:
fw1-loggrabber.c: In function ‘submit_syslog’: fw1-loggrabber.c:4888:3: warning: format not a string literal and no format arguments [-Wformat-security] syslog (LOG_NOTICE, message);
We can edit the line 4888 on fw1-loggrabber.c file as:
syslog (LOG_NOTICE, "%s", message);
Thank you.
adepasquale
commented
8 years ago Thanks for your feedback.
mplough-tenable
commented
8 years ago Hi @adepasquale - I checked the SK110425 - OPSEC SDK - SHA-256 support page and it has been updated since you posted on April 5. They now provide an example dependency list for static linking so it may be possible to statically link again.
mterron
commented
7 years ago Is there any chance of you guys providing a statically build binary of fw1-loggrabber with the latest OPSEC SDK with SHA256 and TLS1.2 support?
adepasquale
commented
7 years ago I'm sorry @mterron, for now you'll need to click the Check Point "Download Agreement" button yourself.
mterron
commented
7 years ago I understand Andrea, maybe provide instructions to generate a static build then? The current instructions generate dynamically linked binaries.
A make static option would be brilliant: This are the changes I made to the Makefile to compile a statically linked version:
OPSEC_LIB_DIR = $(OPSEC_PKG_DIR)/lib/release.static
OPSEC_LIBS = -lsicobj -lopsecext -lmastersapi -llogfilter -lfwsmtpobj -lfwadb -lCPMIClient501 -lCP_version_info -lCPMIBase501 -lopsec -lReg -lobjlib -lcpxerces_c -lCPStrings -lobjlibclient -lResolver -lcpprod50 -lCPSrvIS -lcplic_cntrct -lcpsic -lsicauth -lskey -lfwsetdb -lndb -lmessaging -lsic -lcp_policy -lcvars -lcpexpat -lcpca -lckpssl -lcpcert -lcpcryptutil -lEncode -lcpprng -lasn1cpp -lProdUtils -lcpbcrypt -lcpopenssl -lAppUtils -lComUtils -lResolve -lEventUtils -lDataStruct -lOSThere are some warnings like:
OPSEC_SDK/pkg_rel/lib/release.static/libcpopenssl.a(dso_dlfcn.o): In function `DSO_METHOD_dlfcn':
(.text+0x6b6): warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libOS.a(fs_utils.o): In function `cpGetTempName':
(.text+0x6a2): warning: the use of `tmpnam_r' is dangerous, better use `mkstemp'
OPSEC_SDK/pkg_rel/lib/release.static/libOS.a(shmem.o): In function `IpcShmAllocExOwnedBy':
(.text+0xf4): warning: Using 'getpwnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libComUtils.a(fwasync.o): In function `fwasync_make_connection_ipv6_e':
(.text+0x5722): warning: Using 'getaddrinfo' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libcpcert.a(fdb.o): In function `fdb_store':
(.text+0x7f6): warning: the use of `mktemp' is dangerous, better use `mkstemp' or `mkdtemp'
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(resolver.o): In function `dns_gethostbyaddr':
(.text+0x5f7): warning: Using 'gethostbyaddr' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libOS.a(inet_utils.o): In function `CpGethostbyaddr':
(.text+0x264b): warning: Using 'gethostbyaddr_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(resolver.o): In function `resolver_gethostbyname':
(.text+0x2b0): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libOS.a(inet_utils.o): In function `CpGethostbyname':
(.text+0x2575): warning: Using 'gethostbyname_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `gethost':
(.text+0x2b0): warning: Using 'sethostent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `gethost':
(.text+0x239): warning: Using 'getnetbyaddr' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libOS.a(ckp_netutils.o): In function `CP_getnetbyaddr':
(.text+0x194): warning: Using 'getnetbyaddr_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `getnetwork':
(.text+0x4f): warning: Using 'getnetbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `getnetwork':
(.text+0x88): warning: Using 'setnetent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libOS.a(ckp_netutils.o): In function `CP_getnetbyname':
(.text+0x21d): warning: Using 'getnetbyname_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `gethost':
(.text+0x33f): warning: Using 'getprotobynumber' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libOS.a(ckp_netutils.o): In function `CP_getprotobynumber':
(.text+0x39f): warning: Using 'getprotobynumber_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `sym_add':
(.text+0x1659): warning: Using 'getprotoent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `sym_add':
(.text+0x1654): warning: Using 'setprotoent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `sym_add':
(.text+0x16c7): warning: Using 'endprotoent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `getproto':
(.text+0xdd): warning: Using 'getprotobyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libOS.a(ckp_netutils.o): In function `CP_getprotobyname':
(.text+0x41f): warning: Using 'getprotobyname_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `getservice':
(.text+0x129): warning: Using 'getservbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libOS.a(ckp_netutils.o): In function `CP_getservbyname':
(.text+0x326): warning: Using 'getservbyname_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `gethost':
(.text+0x308): warning: Using 'getservbyport' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libOS.a(ckp_netutils.o): In function `CP_getservbyport':
(.text+0x2a8): warning: Using 'getservbyport_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `sym_add':
(.text+0x13f1): warning: Using 'getservent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `sym_add':
(.text+0x13e7): warning: Using 'setservent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `sym_add':
(.text+0x14d3): warning: Using 'endservent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `sym_add':
(.text+0x1319): warning: Using 'getrpcent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `getrpc':
(.text+0x9d): warning: Using 'getrpcbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `gethost':
(.text+0x2df): warning: Using 'getrpcbynumber' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `sym_add':
(.text+0x1314): warning: Using 'setrpcent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libResolve.a(getsym.o): In function `sym_add':
(.text+0x1397): warning: Using 'endrpcent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libOS.a(ckp_netutils.o): In function `CP_getrpcbyname':
(.text+0xff): warning: Using 'getrpcbyname_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
OPSEC_SDK/pkg_rel/lib/release.static/libOS.a(ckp_netutils.o): In function `CP_getrpcbynumber':
(.text+0x7f): warning: Using 'getrpcbynumber_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
When trying to compile fw1-loggrabber the new SDK with SHA256 support from CheckPoint I get a these errors:
Does anyone know how to circumvent this?