您的位置: 首页  >  技术问答  >  如何将openssl-sys板条箱静态链接到共享库?

如何将openssl-sys板条箱静态链接到共享库?

分类: 技术问答 2022-04-01 17:11:48

如何将openssl-sys板条箱静态链接到共享库?

问题描述:

我正在使用依赖于 openssl-sys 的库.根据文档,如果我将OPENSSL_STATIC=1指定为环境变量,则OpenSSL将静态链接到共享库输出中.

I am using a library which depends on openssl-sys. According to the documentation, if I specify OPENSSL_STATIC=1 as an environment variable, OpenSSL will be statically linked into the shared library output.

由于一系列复杂的问题,我需要将OpenSSL静态链接到共享库输出中.

Due to a host of complicated problems, I need to statically link OpenSSL into my shared library output.

这是我的Cargo.toml:

[package]
name = "api"
version = "0.1.0"
authors = ["Naftuli Kay <me@naftuli.wtf>"]
publish = false

[lib]
name = "lambda"
crate-type = ["cdylib"]

[dependencies]
chrono = { version = "0.4", features = ["serde"] }
constant_time_eq = "0.1.3"
cpython = { version = "0.1", default-features = false }
crowbar = { version = "0.2", default-features = false }
libc = "0.2.29"
lazy_static = "1.0"
log = "0.4.1"
log4rs = "0.8.0"
openssl-sys = "0.9.27"
parking_lot ="0.5.4"
rand = "0.4.2"
rusoto_core = "0.32.0"
rusoto_kms = "0.32.0"
serde = "1.0.27"
serde-aux = "0.5.2"
serde_derive = "1.0.27"
serde_json = "1.0.9"
serde_qs = "0.3.0"
tokio = "0.1.3"
tokio-reactor = "0.1.0"

[features]
default = ["cpython/python3-sys"]

这是我的lib.rs:

#[link(name="openssl", kind="static")]
extern crate openssl_sys;

当我查看制作的liblambda.so时,仍然看到它与libssl相关联:

When I look at my liblambda.so produced, I still see it is linked against libssl:

[vagrant@api vagrant]$ OPENSSL_STATIC=1 cargo build
    Finished dev [unoptimized + debuginfo] target(s) in 0.94 secs
[vagrant@api vagrant]$ ldd target/debug/liblambda.so | grep -i ssl
        libssl.so.10 => /lib64/libssl.so.10 (0x00007faa5f5bf000)

我似乎已经以各种方式告诉了我,我知道如何将libssl静态链接到共享库输出中.

I seem to have told it in every way I know how to statically link libssl into the shared library output.

我想念什么?

在检查openssl-sys随附的build.rs文件时,我注意到了两件事.

Inspecting the build.rs file supplied with openssl-sys, I noticed two things.

  1. 如果未同时设置OPENSSL_LIB_DIROPENSSL_INCLUDE_DIR,则它将通过调用pkg-config尝试检测OpenSSL目录.如果成功(并且在我的系统中成功),则它将提早退出,甚至不会考虑OPENSSL_STATIC的值.

  1. If you do not set both OPENSSL_LIB_DIR and OPENSSL_INCLUDE_DIR, then it will try to detect the OpenSSL directories by calling pkg-config. If that succeeds (and it does in my system) then it will exit early, and never even considers the value of OPENSSL_STATIC.

可以说这是一个错误,但是我发现如果我使用以下命令行:

Arguably that's a bug, but I found that if I used this command line:

OPENSSL_STATIC=1 OPENSSL_LIB_DIR=/usr/lib64 OPENSSL_INCLUDE_DIR=/usr/include/openssl cargo build

然后它将执行静态链接.

then it would perform static linking.

在我的Centos 7系统上,仅安装openssl-devel是不够的.静态库包含在openssl-static软件包中.

On my Centos 7 system, it was not enough to install openssl-devel. The static libraries are included in the openssl-static package.

即使如此,它也无法成功构建-有很多未定义的符号引用.在build.rs中的注释中,它指出在编译OpenSSL时使用的编译选项可能会影响可用的API组件-我认为这是链接失败的原因.显然,这与OpenSSL 1.1.0无关紧要(我的系统具有1.0.2).

Even after all this, it did not successfully build - there were a lot of undefined symbol references. Within the comments in build.rs it states that compilation options used when compiling OpenSSL may affect which API components are available - I assume this is the reason for the link failure. Apparently this is less of a problem from OpenSSL 1.1.0 (my system had 1.0.2).

我的建议是从源代码编译OpenSSL 1.1.0并对此进行链接.

My advice would be to compile OpenSSL 1.1.0 from source and link against that.

相关推荐