| Summary: | ASTERISK-26942: pjproject_bundled: Pass asterisk library overrides to pjproject configure | ||
| Reporter: | Badalian Vyacheslav (slavon) | Labels: | |
| Date Opened: | 2017-04-12 14:48:23 | Date Closed: | |
| Priority: | Trivial | Regression? | |
| Status: | Open/New | Components: | |
| Versions: | 13.15.0 | Frequency of Occurrence | |
| Related Issues: | |||
| Environment: | Attachments: | ||
| Description: | if configure used wih --with-ssl options need:
1. Add -Wl,-rpath=dir to cflags and ldflags in user.mak in PJSIP 2. Add LD_PRELOAD to systemctl ENV becouse some dll without rpath will use system ssl lib, this load two ssl libs (centos 7 have other library name) and code have two jump lables. This leads to strange behavior. Also for full support DTLS 1.2 and chrome chipers for WebRTC need compile last openssl library. It is very difficult for a simple user, because I have to play with non-standard parameters. May be you add -with-openssl-bundle options like PJSIP? | ||
| Comments: | By: Asterisk Team (asteriskteam) 2017-04-12 14:48:24.158-0500 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. By: George Joseph (gjoseph) 2017-04-18 15:02:25.049-0500 The first part of the issue is a little confusing to me. We build and run on CentOS7 all the time. Are you saying that if you specify --with-ssl with the asterisk configure, we're not passing it to the bundled pjproject's configure? If so, then yes, that's a bug and I'll we'll open an internal issue for that. If you're saying something else, please give more details. Having a bundled version of openssl is an interesting idea but I'm afraid that would't be acceptable. Unlike pjproject, we aren't dependent on the internals of openssl and that was the reason for bundling pjproject. By: Badalian Vyacheslav (slavon) 2017-04-24 17:35:22.091-0500 I'll try with Google translator :) If I do configure with pjproject bundled and with-ssl, then: 1. configure for pjproject is started without the --with-ssl option. 2. The rpath rules CFLAGS and LDFLAGS are not added to user.mak 3. Without LD_PRELOAD in the direction of /usr/local/ssl/lib64,in systemd service in centos 7 libcrypto.1.0.0x and libssl.1.0.0x are loaded ... but there are other libraries that are loaded by dependencies. And they loading libcrypto.10 and libssl.10 (from the delivery of the system). As a result, we get a strange confession, since the names of functions in libraries are similar, but the code is different. Precisely because of point 3, we would like to be able to generate * .a files from openssl bundled and to insert logic into the asterisk libraries. Firstly, it will give new chipers, in the second, calls will not return with the loading of other libraries that load the system version of openssl. | ||