Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

autoconf cross-compile fails in 2.3.0 with PR #414 #479

Closed
abelbeck opened this issue Jan 12, 2020 · 7 comments
Closed

autoconf cross-compile fails in 2.3.0 with PR #414 #479

abelbeck opened this issue Jan 12, 2020 · 7 comments

Comments

@abelbeck
Copy link

Using release 2.3.0 containing the PR #414 change, the autoconf test hard fails when cross compiling ...

checking if OPENSSL_cleanse is broken... configure: error: in `/home/dev/astlinux/trunk/output/build/libsrtp-2.3.0':
configure: error: cannot run test program while cross compiling
See `config.log' for more details

There is no assumed case while cross compiling.
ydroneaud added a commit to ydroneaud/libsrtp that referenced this issue Jun 15, 2020
@ydroneaud
configure: check OPENSSL_cleanse() only when not cross compiling
69e6593 
As reported in cisco#479, testing for OPENSSL_cleanse()
behavior within ./configure cannot happen when used
in cross compilation environment.

And autoconf -Wall reminds us about this issue:

configure.ac:267: warning: AC_RUN_IFELSE called without default to allow cross compiling
../../lib/autoconf/general.m4:2759: AC_RUN_IFELSE is expanded from...
configure.ac:267: the top level
configure.ac:267: warning: AC_RUN_IFELSE called without default to allow cross compiling
../../lib/autoconf/general.m4:2759: AC_RUN_IFELSE is expanded from...
configure.ac:267: the top level

If cross-compiling, OPENSSL_cleanse() behavior cannot
be validated, and should be considered broken.
ydroneaud added a commit to ydroneaud/libsrtp that referenced this issue Jun 15, 2020
@ydroneaud
configure: check OPENSSL_cleanse() behavior based OpenSSL version
0325e08 
As reported in cisco#479, testing for OPENSSL_cleanse()
behavior within ./configure cannot happen when used
in cross compilation environment.

The initial issue addressed by this runtime test in
./configure was reported in cisco#414 with OPENSSL_cleanse()
and was said to be related to OpenSSL 1.0.2g on aarch64.

Subsequent releases of OpenSSL address the issue, and
should be considered fixed as of:
- OpenSSL 1.0.2i,
  with commit 5bbdc26cadc01cab811040e861f1f98e0f3af348 ("crypto/mem_clr.c: switch to OPENSSL_cleanse implementation from master.")
- OpenSSL 1.1.0 and up,
  with commit 104ce8a9f02d250dd43c255eb7b8747e81b29422 ("RT4116: Change cleanse to just memset")

Then there's no reason for current OpenSSL versions to
use the broken OPENSSL_cleanse() implementation, so the
runtime test is almost useless and can be replaced by
a version check.

If older OpenSSL version is detected, runtime OPENSSL_cleanse()
test will take place as before (provided libsrtp is not
to be cross compiled). If newer OpenSSL version is detected,
no runtime OPENSSL_cleanse() is needed.
ydroneaud added a commit to ydroneaud/libsrtp that referenced this issue Jun 15, 2020
@ydroneaud
configure: check OPENSSL_cleanse() only when not cross compiling
9e33049 
As reported in cisco#479, testing for OPENSSL_cleanse()
behavior within ./configure cannot happen when used
in cross compilation environment.

And autoconf -Wall reminds us about this issue:

configure.ac:267: warning: AC_RUN_IFELSE called without default to allow cross compiling
../../lib/autoconf/general.m4:2759: AC_RUN_IFELSE is expanded from...
configure.ac:267: the top level
configure.ac:267: warning: AC_RUN_IFELSE called without default to allow cross compiling
../../lib/autoconf/general.m4:2759: AC_RUN_IFELSE is expanded from...
configure.ac:267: the top level

If cross-compiling, OPENSSL_cleanse() behavior cannot
be validated, and should be considered broken.
ydroneaud added a commit to ydroneaud/libsrtp that referenced this issue Jun 15, 2020
@ydroneaud
configure: check OPENSSL_cleanse() behavior based OpenSSL version
312a339 
As reported in cisco#479, testing for OPENSSL_cleanse()
behavior within ./configure cannot happen when used
in cross compilation environment.

The initial issue addressed by this runtime test in
./configure was reported in cisco#414 with OPENSSL_cleanse()
and was said to be related to OpenSSL 1.0.2g on aarch64.

Subsequent releases of OpenSSL address the issue, and
should be considered fixed as of:
- OpenSSL 1.0.2i,
  with commit 5bbdc26cadc01cab811040e861f1f98e0f3af348 ("crypto/mem_clr.c: switch to OPENSSL_cleanse implementation from master.")
- OpenSSL 1.1.0 and up,
  with commit 104ce8a9f02d250dd43c255eb7b8747e81b29422 ("RT4116: Change cleanse to just memset")

Then there's no reason for current OpenSSL versions to
use the broken OPENSSL_cleanse() implementation, so the
runtime test is almost useless and can be replaced by
a version check.

If older OpenSSL version is detected, runtime OPENSSL_cleanse()
test will take place as before (provided libsrtp is not
to be cross compiled). If newer OpenSSL version is detected,
no runtime OPENSSL_cleanse() is needed.
@ydroneaud ydroneaud mentioned this issue Jun 15, 2020
Merged
@disa6302
Copy link

disa6302 commented Oct 20, 2020
edited
Loading

Is this going to be merged in anytime soon?
I am running into this issue when I run ./configure on ARM platform.

@disa6302
Copy link

Also, if this is not going to be merged anytime soon, is there a workaround?

@abelbeck
Copy link
Author

@disa6302 : The solution is to revert PR #414 ... this issue documents the problem.

@disa6302
Copy link

disa6302 commented Oct 20, 2020
edited
Loading

Got it. Would the revert be made part of the release anytime soon? I am adding v2.3.0 as an external project, so will not be able to make any custom changes

@abelbeck
Copy link
Author

I do not have any permissions here, just a project that uses it, but it seems to me the OpenSSL version the PR #414 fixes is deprecated and no longer supported. So rather than fixing #414 it may be best to revert it at this point in time.

@pabuhler
Copy link
Member

Hi, sorry for not following up sooner, will review again now an give some feedback.

@pabuhler
Copy link
Member

This should now be merged. reopen if you still have problems

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@abelbeck @pabuhler @disa6302