-
Notifications
You must be signed in to change notification settings - Fork 26
Isolate libtomcrypt 'der_*' functions #79
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
I just run into some issues with a compiled binary which was using libtomcrypt from multiple sources In my example these two libraries are providing 'der_*' helpers
At the end the binary is confused by which version to use |
also reported the issue to heimdal as heimdal/heimdal#911 |
Looks like this addresses the same issue as reported in #68. |
As I mentioned in #68 I do know how to fix this properly. The solution I would like will create CryptX.so in a way that it does not export "unwanted" symbols. |
we should consider something like this by default if possible to do not advertise the symbols
|
Well, CFLAGS hack did not work for me, the resulting CryptX.so still exports a tons of functions. But my experiments with |
@atoomic could you please try this simple patch diff --git a/Makefile.PL b/Makefile.PL
index dcc55858..101478e1 100644
--- a/Makefile.PL
+++ b/Makefile.PL
@@ -62,6 +62,9 @@ else {
MYEXTLIB => "src/liballinone$Config{lib_ext}",
clean => { 'FILES' => join(' ', @myobjs, "src/liballinone$Config{lib_ext}") },
);
+ if ($Config{ld} =~ /gcc|g\+\+/) {
+ push @EUMM_INC_LIB, (LDDLFLAGS => "$Config{lddlflags} -Wl,--exclude-libs,ALL");
+ }
}
my %eumm_args = ( Any suggestions how to improve |
BTW this kind of "protection" should be IMO a feature of perl toolchain. |
@karel-m sure I m going to test but I think the one we want is |
my current patch looks like this, testing your now diff --git a/Makefile.PL b/Makefile.PL
index dcc5585870..541c110121 100644
--- a/Makefile.PL
+++ b/Makefile.PL
@@ -31,6 +31,11 @@ else {
$mycflags .= " $ENV{CFLAGS} " if $ENV{CFLAGS};
$mycflags .= " $ENV{CPPFLAGS} " if $ENV{CPPFLAGS};
+ # avoid der_* functions to conflict with libhx509.so
+ if ( $^O ne 'MSWin32' && $Config{ld} =~ /gcc|g\+\+/) {
+ $mycflags .= "-fvisibility=hidden";
+ }
+
#### remove all lto hacks - https://github.com/DCIT/perl-CryptX/issues/70
## #FIX: gcc with -flto is a trouble maker see https://github.com/DCIT/perl-CryptX/issues/32
## #FIX: another issue with "-flto=auto" see https://github.com/DCIT/perl-CryptX/pull/66 |
@karel-m I can confirm that your patch is working fine, thank you so much for your quick feedback |
We should not merge this change |
bfcd9bd
to
e28506b
Compare
I reopened the PR with your suggested patch after confirming it was working fine |
Thanks again @karel-m for the patch |
now on CPAN as CryptX-0.075_001 |
When compiling Perl or a binary with different versions
of tomcrypt this is going to have unexpected behaviors
as we cannot guarantee which flavor of the C function is used.
This changeset is isolating all the 'der_' C functions
by adding a prefix 'cryptx_der_' so they are unique
and would not conflict with another library linked to our binary.
Recipe replacement rules applied:
replace ' der_' ' cryptx_der_'
replace '(der_' '(cryptx_der_'
replace ')der_' ')cryptx_der_'
replace '!der_' '!cryptx_der_'
replace '=der_' '=cryptx_der_'
replace '= der_' '= cryptx_der_'
replace 'cryptx_der_to_pem' 'der_to_pem' lib/**/*..pm
Note: we should consider adding this to src/update-libtom.pl