Gert Doering wrote: > > > Did some testing to see if creating a static binary would be > > > trivial. As it was not, > > > > Why wasn't it? Please share details from the testing. > > Naively just calling "gcc -static" led to linker failures due to > OpenSSL not being found. > > This was a "can we do it that easily?" quick test, so we didn't > investigate further why it failed.
It failed because dependencies were not met, so the test doesn't really say much about OpenVPN.. I tried to add a comment to the ticket in Trac about USE flags in Gentoo, but Trac rejects it as potential spam and I will not waste my life trying to work around the filter. I tried adding -static -lz when building openvpn-testing.git and got the following: $ gcc -g -O2 -static -o openvpn base64.o buffer.o crypto.o dhcp.o error.o event.o fdmisc.o forward.o fragment.o gremlin.o helper.o httpdigest.o lladdr.o init.o interval.o list.o lzo.o manage.o mbuf.o misc.o mroute.o mss.o mtcp.o mtu.o mudp.o multi.o ntlm.o occ.o pkcs11.o openvpn.o options.o otime.o packet_id.o perf.o pf.o ping.o plugin.o pool.o proto.o proxy.o ieproxy.o ps.o push.o reliable.o route.o schedule.o session_id.o shaper.o sig.o socket.o socks.o ssl.o status.o thread.o tun.o win32.o cryptoapi.o -lssl -lcrypto -llzo2 -ldl -lz plugin.o: In function `plugin_init_item': /tmp/openvpn-testing/plugin.c:215: warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking misc.o: In function `get_group': /tmp/openvpn-testing/misc.c:117: warning: Using 'getgrnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking misc.o: In function `get_user': /tmp/openvpn-testing/misc.c:82: warning: Using 'getpwnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking socket.o: In function `getaddr_multi': /tmp/openvpn-testing/socket.c:170: warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking /usr/lib/gcc/i686-pc-linux-gnu/4.4.4/../../../libcrypto.a(b_sock.o): In function `BIO_get_port': (.text+0x48a): warning: Using 'getservbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking I get a binary though: $ ls -l openvpn -rwxr-xr-x 1 stuge stuge 3781597 Aug 29 00:58 openvpn $ strip openvpn $ ls -l openvpn -rwxr-xr-x 1 stuge stuge 2160084 Aug 29 00:59 openvpn The only thing missing was -lz to satisfy OpenSSL dependencies. If pkg-config is available in the system then pkg-config openssl --libs is all that is needed to get the linker flags needed for OpenSSL. Maybe use PKG_CHECK_MODULES() in configure.ac to check for OpenSSL before trying the current seemingly manual tests? //Peter
pgpFuTUuhcTEx.pgp
Description: PGP signature
