Open
Bug 1326208
Opened 7 years ago
Updated 2 years ago
Statically link signmar
Categories
(Firefox Build System :: General, defect)
Tracking
(Not tracked)
NEW
People
(Reporter: rail, Unassigned)
References
Details
In bug 1324501 I tried to build signmar on Linux. It works fine, except that it's not statically linked and requires some moz libraries (mozsqlite, nss, etc). Having a statically linked signmar is one of the requirements we have and use on releng signing servers (the current signmar is just a single binary). I tried to hack around by enforcing MOZ_FOLD_LIBS to trigger https://dxr.mozilla.org/mozilla-central/source/security/moz.build#12 behaviour, but it the build system fails to link nss: 44:42.76 Executing: /usr/bin/g++ -std=gnu++11 -o pk12util -Wall -Wc++11-compat -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wsign-compare -Wtype-limits -Wunreachable-code -Wwrite-strings -Wno-invalid-offsetof -Wc++14-compat -Wno-error=maybe-uninit ialized -Wno-error=deprecated-declarations -Wno-error=array-bounds -fno-exceptions -fno-strict-aliasing -fno-rtti -fno-exceptions -fno-math-errno -pthread -pipe -g -freorder-blocks -Os -fno-omit-frame-pointer /home/rail/work/mozilla/repos/mozilla-unified/obj-x86_64-pc-linux -gnu/security/nss/cmd/pk12util/pk12util_pk12util/tmpe8nB_x.list -lpthread -Wl,-z,noexecstack -Wl,-z,text -Wl,--build-id -B ../../../../../build/unix/gold -Wl,-rpath-link,/home/rail/work/mozilla/repos/mozilla-unified/obj-x86_64-pc-linux-gnu/dist/bin -Wl,-rpath-link,/usr/loca l/lib -fdiagnostics-color ../../../../libnss3.so -ldl -lpthread -ldl -lc 44:42.77 /home/rail/work/mozilla/repos/mozilla-unified/obj-x86_64-pc-linux-gnu/security/nss/cmd/pk12util/pk12util_pk12util/tmpe8nB_x.list: 44:42.77 INPUT("pk12util.o") 44:42.77 INPUT("../../lib/lib_sectool/basicutil.o") 44:42.77 INPUT("../../lib/lib_sectool/derprint.o") 44:42.77 INPUT("../../lib/lib_sectool/ffs.o") 44:42.77 INPUT("../../lib/lib_sectool/moreoids.o") 44:42.77 INPUT("../../lib/lib_sectool/pk11table.o") 44:42.77 INPUT("../../lib/lib_sectool/pppolicy.o") 44:42.77 INPUT("../../lib/lib_sectool/secpwd.o") 44:42.77 INPUT("../../lib/lib_sectool/secutil.o") 44:42.77 44:42.77 /home/rail/work/mozilla/repos/mozilla-unified/security/nss/cmd/pk12util/pk12util.c:85: error: undefined reference to 'PR_Close' 44:42.77 /home/rail/work/mozilla/repos/mozilla-unified/security/nss/cmd/pk12util/pk12util.c:90: error: undefined reference to 'PR_Delete' 44:42.78 /home/rail/work/mozilla/repos/mozilla-unified/security/nss/cmd/pk12util/pk12util.c:92: error: undefined reference to 'PL_strfree' ..... ..... 44:42.84 collect2: error: ld returned 1 exit status 44:42.84 /home/rail/work/mozilla/repos/mozilla-unified/config/rules.mk:640: recipe for target 'pk12util' failed 44:42.84 make[5]: *** [pk12util] Error 1 Per https://dxr.mozilla.org/mozilla-central/source/old-configure.in#2013-2020 this behaviour should work on other platforms.
|
||
Comment 1•7 years ago
|
||
As I understand it, the current signmar is not statically linked to NSS, it has the same issue as the version of signmar with the patches to support SHA384, and afaik I don't think it is possible to statically link NSS ( see bug 699700 comment #58 )
|
||
Updated•6 years ago
|
Product: Core → Firefox Build System
|
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•