[英]Linking OpenSSL into a dynamic library
I'm trying to static link OpenSSL into my program. 我正在尝试将OpenSSL静态链接到我的程序中。
It works fine when linking into the executable. 链接到可执行文件时,它工作正常。 I need to use OpenSSL in a shared library (so, or dll) that I dynamically load later on when the process executes.
我需要在共享库(so或dll)中使用OpenSSL,该共享库稍后会在进程执行时动态加载。
Trying to statically link OpenSSL into the shared library causes errors due to OpenSSL not being compiled with -fPIC. 由于未使用-fPIC编译OpenSSL,尝试将OpenSSL静态链接到共享库会导致错误。 Is it possible to do this without recompiling openssl?
是否可以在不重新编译openssl的情况下执行此操作?
Also, is there a better way to do this? 另外,还有更好的方法吗?
I'm trying to static link OpenSSL into my program.
我正在尝试将OpenSSL静态链接到我的程序中。
In this case, its as simple as: 在这种情况下,它很简单:
gcc prog.c /usr/local/lib/libssl.a /usr/local/lib/libcrypto.a -o prog.exe -ldl
It works fine when linking into the executable.
链接到可执行文件时,它工作正常。
Devil's advocate... Does it work fine with Position Independent Code (PIE)? 魔鬼的拥护者...与位置独立代码(PIE)配合使用是否可行? PIE on a program is the equivalent to PIC on a shared object (some hand waiving).
程序上的PIE等效于共享对象上的PIC(有些放弃)。
gcc -fPIE prog.c /usr/local/lib/libssl.a /usr/local/lib/libcrypto.a -o prog.exe -ldl
According to the GCC folks, you can compile with fPIC
, and then build a shared object with -fPIC
or a relocatable executable with -fPIE
. 据GCC人士介绍,您可以使用
fPIC
进行编译,然后使用-fPIC
或使用-fPIE
构建可重定位的可执行文件。 That is, its OK to use -fPIC
for both. 也就是说,可以同时使用
-fPIC
。
Trying to statically link OpenSSL into the shared library causes errors due to OpenSSL not being compiled with -fPIC.
由于未使用-fPIC编译OpenSSL,尝试将OpenSSL静态链接到共享库会导致错误。
That's easy enough to fix. 这很容易修复。 You simply specify
shared
in configure: 您只需在configure中指定
shared
:
./config shared no-ssl2 no-ssl3 no-comp --openssldir=/usr/local/ssl
make
sudo make install
I think you can also (notice the lack of shared
): 我认为您也可以(注意缺少
shared
):
export CFLAGS="-fPIC"
./config no-ssl2 no-ssl3 no-comp --openssldir=/usr/local/ssl
make
sudo make install
not being compiled with -fPIC.
未使用-fPIC进行编译。 Is it possible to do this without recompiling openssl?
是否可以在不重新编译openssl的情况下执行此操作?
NO, you have to compile with PIC to ensure GCC generates relocatable code. 不,您必须使用PIC进行编译以确保GCC生成可重定位的代码。
Also, is there a better way to do this?
另外,还有更好的方法吗?
Usually you just configure with shared
. 通常,您只需使用
shared
配置。 That triggers -fPIC
, which gets you relocatable code. 这将触发
-fPIC
,从而使您可以重定位代码。
There's other things you can do, but they are more intrusive. 您还可以做其他事情,但是它们更具侵入性。 For example, you can modify
Configure
line (like linux-x86_64
), and add -fPIC
in the second field. 例如,您可以修改
Configure
行(例如linux-x86_64
),并在第二个字段中添加-fPIC
。 The fields are separated by colons, and the second field is $cflags
used by the OpenSSL build system. 这些字段由冒号分隔,第二个字段是OpenSSL构建系统使用的
$cflags
。
You can see an example of modifying Configure
at Build OpenSSL with RPATH? 您可以看到一个使用RPATH在Build OpenSSL上修改
Configure
的示例?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.