将OpenSSL链接到动态库
[英]Linking OpenSSL into a dynamic library
问题描述
I'm trying to static link OpenSSL into my program. 
我正在尝试将OpenSSL静态链接到我的程序中。
It works fine when linking into the executable. 链接到可执行文件时,它工作正常。 I need to use OpenSSL in a shared library (so, or dll) that I dynamically load later on when the process executes. 我需要在共享库(so或dll)中使用OpenSSL,该共享库稍后会在进程执行时动态加载。
Trying to statically link OpenSSL into the shared library causes errors due to OpenSSL not being compiled with -fPIC. 由于未使用-fPIC编译OpenSSL,尝试将OpenSSL静态链接到共享库会导致错误。 Is it possible to do this without recompiling openssl? 是否可以在不重新编译openssl的情况下执行此操作?
Also, is there a better way to do this? 另外,还有更好的方法吗?
1 个解决方案
解决方案1
1 2015-05-08 19:18:53
I'm trying to static link OpenSSL into my program.
In this case, its as simple as: 在这种情况下,它很简单:
gcc prog.c /usr/local/lib/libssl.a /usr/local/lib/libcrypto.a -o prog.exe -ldl
It works fine when linking into the executable.
Devil's advocate... Does it work fine with Position Independent Code (PIE)? 魔鬼的拥护者...与位置独立代码(PIE)配合使用是否可行? PIE on a program is the equivalent to PIC on a shared object (some hand waiving). 程序上的PIE等效于共享对象上的PIC(有些放弃)。
gcc -fPIE prog.c /usr/local/lib/libssl.a /usr/local/lib/libcrypto.a -o prog.exe -ldl
According to the GCC folks, you can compile with fPIC , and then build a shared object with -fPIC or a relocatable executable with -fPIE . 据GCC人士介绍,您可以使用fPIC进行编译,然后使用-fPIC或使用-fPIE构建可重定位的可执行文件。 That is, its OK to use -fPIC for both. 也就是说,可以同时使用-fPIC 。
Trying to statically link OpenSSL into the shared library causes errors due to OpenSSL not being compiled with -fPIC.
That's easy enough to fix. 这很容易修复。 You simply specify shared in configure: 您只需在configure中指定shared :
./config shared no-ssl2 no-ssl3 no-comp --openssldir=/usr/local/ssl
make
sudo make install
I think you can also (notice the lack of shared ): 我认为您也可以(注意缺少shared ):
export CFLAGS="-fPIC"
./config no-ssl2 no-ssl3 no-comp --openssldir=/usr/local/ssl
make
sudo make install
not being compiled with -fPIC.
NO, you have to compile with PIC to ensure GCC generates relocatable code. 不,您必须使用PIC进行编译以确保GCC生成可重定位的代码。
Also, is there a better way to do this?
Usually you just configure with shared . 通常,您只需使用shared配置。 That triggers -fPIC , which gets you relocatable code. 这将触发-fPIC ,从而使您可以重定位代码。
There's other things you can do, but they are more intrusive. 您还可以做其他事情,但是它们更具侵入性。 For example, you can modify Configure line (like linux-x86_64 ), and add -fPIC in the second field. 例如,您可以修改Configure行(例如linux-x86_64 ),并在第二个字段中添加-fPIC 。 The fields are separated by colons, and the second field is $cflags used by the OpenSSL build system. 这些字段由冒号分隔,第二个字段是OpenSSL构建系统使用的$cflags 。
You can see an example of modifying Configure at Build OpenSSL with RPATH? 您可以看到一个使用RPATH在Build OpenSSL上修改Configure的示例?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.