Compile Static Library

最後更新: 2020-02-24

目錄

  • Check Static / Dynamic linking
  • GCC
  • nm
  • Flag
  • randomize_va_space
  • Openssl
  • Static Linking Flag
  • Troubleshoot Static Linking
  • libdl
  • Static Link Openssl
  • librsync

Check Static / Dynamic linking

 

ldd openssl

[]

not a dynamic executable

[]

linux-vdso.so.1 (0x00007ffe25989000)
libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f3f53bd0000)
libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f3f538e7000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f3f538e2000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f3f538c1000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f3f53700000)
/lib64/ld-linux-x86-64.so.2 (0x00007f3f53d38000)

*.o *.a

  • object file (*.o)
  • static library (archiver, *.a 一個 object file 的集合)
  • .so 為動態函式庫

 


GCC

 

# foo.c -> foo.o

$ gcc -g -fPIC -c foo.c

-fPIC

PIC = position-independent code

# foo.o -> libfoo.so

$ gcc -shared foo.o -o libfoo.so

# Compile main link libfoo.so

gcc -g -o main main.c -lfoo -L.

-lfoo: 表示要連結 libfoo.so

-L.: 表示搜尋 libfoo.so 時, 除了預設目錄外, 也要找目前的位置 "./"

Test

# 因為 libfoo.so 不在 ld.so 搜尋的路徑裡

LD_LIBRARY_PATH=. ./main

call foo

 


nm

 

nm - list symbols from object files

nm -A libssl.a

libssl.a:bio_ssl.o:                 U BIO_callback_ctrl
...

Remark

  • "U" The symbol is undefined.
  • "T" The symbol is in the text (code) section.

 


Flag

 

  • CC            # C compiler command
  • CFLAGS    # C compiler flags
  • LDFLAGS   #  linker flags, e.g. -L<lib dir> if you have libraries in a nonstandard directory <lib dir>
  • LIBS         # libraries to pass to the linker, e.g. -l<library>
  • CPPFLAGS   #  (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if you have headers in a nonstandard directory <include dir>
  • CPP          # C preprocessor

i.e.

# "-I", "-L"

-I=/opt/openssl/include/openssl  -L=/opt/openssl/lib

# pass linker flags in via LDFLAGS

./configure LDFLAGS=-static

 


randomize_va_space

 

此方法可以 Pack all so with binary

/proc/sys/kernel/randomize_va_space

Address space layout randomization

 


Openssl

 

cd /usr/src

wget https://www.openssl.org/source/openssl-1.1.1d.tar.gz

tar -zxf openssl-1.1.1d.tar.gz

cd openssl-1.1.1d

config

./config \
--prefix=/opt/openssl \
--openssldir=/opt/openssl \
-static \
no-ssl2 no-ssl3 no-shared no-dso no-engine no-hw no-srp

Opt

--prefix=DIR

The top of the installation directory tree.

--openssldir=DIR

Directory for OpenSSL configuration files, and also the

default certificate and key store.

no-threads

Disables threading support.

no-engine    

Disables hardware support (useful on mobile devices)

no-hw

Disables hardware support (useful on mobile devices)

no-dso    

Disables the OpenSSL DSO API (the library offers a shared object abstraction layer).

If you disable DSO, then you must disable Engines also

no-shared

no-srp     

Disables Secure Remote Password (SRP).

SRP provides mutual authentication independent of trusted authorities, but its rarely offered or used

zlib

Build with support for zlib compression/decompression. (CLI: openssl zlib)

zlib-dynamic

Like "zlib", but has OpenSSL load the zlib library dynamically when needed. 

This is only supported on systems where loading of shared libraries is supported.

Remark: zlib

data compression on TLS communication may lead to attacks like CRIME,

thus, building openssl with zlib is better to be done when you need it for an specific data compression task

make -j 4

Troubleshoot

...
/usr/bin/ld: cannot find -ldl
/usr/bin/ld: cannot find -lpthread
/usr/bin/ld: cannot find -lc
...

Fix

 

Install

make install_sw

Opts:

install_sw

Only install the OpenSSL software components.

ls -l /opt/openssl/lib

# 沒有 so 檔

 


Static Linking Flag

Flag

# On systems that support dynamic linking, this overrides -pie and prevents linking with the shared libraries.

CFLAGS="-static"

LDFLAGS=-static

# 準備

yum install openssl-static uthash-devel

# "--disable-" 愈小 libray 依賴愈好

./configure \
--prefix=/opt/burp \
--disable-acl \
--disable-xattr \
--enable-static \
CFLAGS="-static"

error

configure: error: Unable to find librsync.h, please install librsync

# Centos7 Version: 2.0.2

rpm -ql librsync

/usr/bin/rdiff
/usr/lib64/librsync.so.2
...

 


Troubleshoot Static Linking

 

./configure 有 error error

./configure \
--prefix=/opt/burp \
--enable-static \
--disable-ipv6 \
--disable-acl \
--disable-xattr \
--with-openssl=/opt/openssl

config.log

configure:9811: gcc -o conftest -Wall -g -O2 -I/opt/openssl/include   -L/opt/openssl/lib conftest.c -lm  -lssl -lcrypto >&5
/usr/bin/ld: /opt/openssl/lib/libcrypto.a(threads_pthread.o): in function `CRYPTO_THREAD_lock_new':
threads_pthread.c:(.text+0x45): undefined reference to `pthread_rwlock_init'
...

Test

nm -A /opt/openssl/lib/libcrypto.a | grep pthread_rwlock_init

/opt/openssl/lib/libcrypto.a:threads_pthread.o:    U pthread_rwlock_init

nm -A /usr/lib/x86_64-linux-gnu/libssl.a | grep pthread

configure.ac

位置

  • /opt/openssl/lib
  • /opt/openssl/include/openssl
OPENSSL_LIB        "-lssl -lcrypto"
OPENSSL_LDFLAGS="-L${openssl_dir}/lib"
OPENSSL_INC="-I${openssl_dir}/include"

 


libdl

 

libdl - dynamic linking library

Historically, functions in libdl provided for dynamic linking support.

This functionality now resides in libc(ld.so).

This library is maintained to provide backward compatibility for both runtime and compilation environments.

The shared object is implemented as a filter on the runtime linker.

 


Static Link Openssl

 

-lssl -lcrypto -ldl -lpthread

 


librsync

 

Version: 0.9.7

tar -zxf librsync-0.9.7.tar.gz

cd librsync-0.9.7

./configure \
--prefix=/opt/librsync \
--enable-static

make -j 4

make install

ls -l /opt/librsync/lib

total 432
-rw-r--r-- 1 root root 436460 Mar  9 03:32 librsync.a
-rwxr-xr-x 1 root root    758 Mar  9 03:32 librsync.la

Version: 2.2.1

 * Centos 7 自帶的 2.0.2 沒有 "BUILD_SHARED_LIBS=OFF"

mkdir /usr/src/librsync

cd /usr/src/librsync

wget https://github.com/librsync/librsync/archive/v2.2.1.zip -O librsync-v2.2.1.zip

unzip librsync-v2.2.1.zip

cd librsync-2.2.1

# yum install cmake

cmake \
-DCMAKE_INSTALL_PREFIX=/opt/librsync\
-DBUILD_SHARED_LIBS=OFF \
-DBUILD_RDIFF=OFF .

make -j 4

ls -l /opt/librsync/lib

librsync.a