search

cloudflare / sslconfig

Cloudflare's Internet facing SSL configuration
BSD 3-Clause "New" or "Revised" License
1.3k stars 132 forks source link

openssl-1.0.2f/apps/speed.c:1878: undefined reference to `EVP_chacha20_poly1305' #23

Closed Whissi closed 7 years ago

Whissi commented 8 years ago

I am trying to integrate the patch in a custom Debian openssl package. Works fine until linking:

shlib_target=; if [ -n "libcrypto.so.1.0.0 libssl.so.1.0.0" ]; then \
        shlib_target="linux-shared"; \
elif [ -n "" ]; then \
  FIPSLD_CC="gcc"; CC=/usr/local/ssl/fips-2.0/bin/fipsld; export CC FIPSLD_CC; \
fi; \
LIBRARIES="-L.. -lssl  -L.. -lcrypto" ; \
make -f ../Makefile.shared -e \
        APPNAME=openssl OBJECTS="openssl.o verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o app_rand.o version.o sess_id.o ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o srp.o" \
        LIBDEPS=" $LIBRARIES -ldl" \
        link_app.${shlib_target}
make[3]: Entering directory '/usr/local/src/openssl/openssl-1.0.2f/apps'
speed.o: In function `speed_main':
/usr/local/src/openssl/openssl-1.0.2f/apps/speed.c:1878: undefined reference to `EVP_chacha20_poly1305'
collect2: error: ld returned 1 exit status
make[3]: *** [link_app.gnu] Error 1
../Makefile.shared:171: recipe for target 'link_app.gnu' failed
make[3]: Leaving directory '/usr/local/src/openssl/openssl-1.0.2f/apps'
make[2]: *** [openssl] Error 2
Makefile:156: recipe for target 'openssl' failed
make[2]: Leaving directory '/usr/local/src/openssl/openssl-1.0.2f/apps'
make[1]: *** [build_apps] Error 1
Makefile:293: recipe for target 'build_apps' failed
make[1]: Leaving directory '/usr/local/src/openssl/openssl-1.0.2f'
make: *** [build-stamp] Error 2
debian/rules:49: recipe for target 'build-stamp' failed

(Ignore the soname)

rraptorr commented 8 years ago

You must add 'EVP_chacha20_poly1305' (and 'EVP_chacha20_poly1305_draft' if you are using the latest patch) to openssl.ld file. I've also had to disable tests. Just remove changes to test/Makefile from the patch.

I believe CloudFlare links their servers statically with OpenSSL, so it works for them without those changes :)

Whissi commented 8 years ago

Thanks, adding the mentioned methods to the ld file solved the problem.

I can confirm problems with the test suite:

chapolytest.o: In function `main':
/usr/local/src/openssl-1.0.2g/test/chapolytest.c:394: undefined reference to `CRYPTO_chacha_20'
/usr/local/src/openssl-1.0.2g/test/chapolytest.c:439: undefined reference to `poly1305_init_x64'
/usr/local/src/openssl-1.0.2g/test/chapolytest.c:440: undefined reference to `poly1305_update_avx2'
/usr/local/src/openssl-1.0.2g/test/chapolytest.c:441: undefined reference to `poly1305_finish_avx2'
/usr/local/src/openssl-1.0.2g/test/chapolytest.c:443: undefined reference to `poly1305_init_x64'
/usr/local/src/openssl-1.0.2g/test/chapolytest.c:444: undefined reference to `poly1305_update_x64'
/usr/local/src/openssl-1.0.2g/test/chapolytest.c:445: undefined reference to `poly1305_finish_x64'
collect2: error: ld returned 1 exit status