cannot configure curl 7.71.0 with static WolfSSL installed outside system directories

[ryanwoodsmall]

I did this

On CentOS 7/x86_64...

• grab curl 7.71.0 source, extract
• grab WolfSSL 4.4.0 source: https://github.com/wolfSSL/wolfssl/archive/v4.4.0-stable.tar.gz
• extract wolfssl into curl source dir, cd to it, run libtoolize ; autoreconf -fiv
• configure, build, install static wolfssl with...

./configure --prefix=$(dirname ${PWD})/wolfssl --enable-static --enable-static=yes --disable-shared --enable-shared=no --enable-all --enable-singlethreaded --enable-distro --disable-fips --enable-tlsv10 --enable-jobserver=no --disable-examples LDFLAGS=-static LIBS=-pthread
make -j$(($(nproc)*2+1))
make install
install -m 644 wolfssl/options.h ../wolfssl/include/wolfssl/

• configure and attempt to build curl with static wolfssl using...

./configure --prefix=${PWD}-built --disable-shared --enable-shared=no --enable-static --enable-static=yes --with-wolfssl=${PWD}/wolfssl LIBS='-pthread -lm'

This works fine on 7.70.0 - just tested successfully to verify. On 7.71.0, configure errors out with:

checking run-time libs availability... failed
configure: error: one or more libs available at link-time are not available run-time. Libs used at link-time: -lwolfssl -lm -lz -pthread -lm

config.log shows the following:

configure:30213: checking run-time libs availability
configure:30234: gcc -o conftest -Werror-implicit-function-declaration -O2 -Wno-system-headers -I/usr/local/tmp/curl-7.71.0/wolfssl/include  /wolfssl    -I/usr/local/tmp/curl-7.71.0/wolfssl/include  
    -L/usr/local/tmp/curl-7.71.0/wolfssl/lib   conftest.c -lwolfssl -lm -lz -pthread -lm >&5
gcc: error: /wolfssl: No such file or directory
configure:30234: $? = 1
configure: program exited with status 1

I'm wondering where the bare /wolfssl is coming from and if the new -L handling in the autotools setup is causing this. The same pattern seems to work fine with OpenSSL/LibreSSL, mbedTLS, and bearssl, though, so I'm not sure what the difference is with WolfSSL, or if the -L change is completely unrelated.

I expected the following

A src/curl built with static wolfssl.

curl/libcurl version

7.71.0

operating system

CentOS 7 (x86_64)

I tested under CentOS 6 (x86_64) as well with the same results.

[ryanwoodsmall]

This appears to be related to the changes in handling WolfSSL with NTLM and interplay with the WolfSSL --enable-distro and/or --enable-all options. If both (or either) of those config options are removed and WolfSSL rebuilt, I'm then able to build curl 7.71.0 against a static libwolfssl.a as expected. The WolfSSL configure options also don't appear to be cumulative, i.e., --disable-alpn won't actually do that if it's set via --enable-all or --enable-distro.

Will have to tune my WolfSSL config a bit as I think the issue is there, not curl, but this was unexpected as I've been using something like this for months and multiple curl versions. Thanks!

[bagder]

I'm wondering where the bare /wolfssl is coming from and if the new -L handling in the autotools setup is causing this.

config.log is the first thing to investigate to get some details for this. That bare /wolfssl certainly looks wrong.

(we build with wolfSSL outside of system directories in our CI builds, so very frequently...)

[bagder]

You can perhaps start by showing us the wolfSSL section from curl's configure output when it ran.

[a5ehren]

Not the OP, but I see the same issue trying to build cURL 7.71.1 with wolfSSL in a Yocto environment.

Quick testing shows that this breaks going from 7.70.0->7.71.0, which would relate it to this commit. It seems like the configure script is trying to take the pkg-config values even if I provide a path to the option.

Configure invoked with:

$ ../curl-7.71.1/configure --build=x86_64-linux --host=aarch64-WaveserverOS-linux --target=aarch64-WaveserverOS-linux --prefix=/usr --exec_prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --libexecdir=/usr/libexec --datadir=/usr/share --sysconfdir=/etc --sharedstatedir=/com --localstatedir=/var --libdir=/usr/lib --includedir=/usr/include --oldincludedir=/usr/include --infodir=/usr/share/info --mandir=/usr/share/man --disable-silent-rules --disable-dependency-tracking --with-libtool-sysroot=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot --disable-libcurl-option --disable-ntlm-wb --enable-crypto-auth --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt --without-libmetalink --without-libpsl --enable-debug --enable-optimize --disable-curldebug --disable-ares --without-brotli --disable-manual --disable-dict --without-gnutls --disable-gopher --disable-imap --enable-ipv6 --without-gssapi --disable-ldap --disable-ldaps --without-libidn2 --with-libssh2 --without-mbedtls --disable-mqtt --without-nghttp2 --without-nss --disable-pop3 --enable-proxy --without-librtmp --disable-rtsp --disable-smb --disable-smtp --without-ssl --disable-telnet --enable-tftp --enable-threaded-resolver --enable-verbose --with-wolfssl=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr --with-random=/dev/urandom --with-zlib=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/../

WolfSSL section of config.log:

configure:24526: checking for wolfssl options with pkg-config
configure:24540: result: found
configure:24545: Check dir /localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/pkgconfig
configure:24591: Add  to LDFLAGS
configure:24595: Add  to CPPFLAGS
configure:24601: Add -lwolfssl to LIBS
configure:24604: checking for wolfSSL_Init in -lwolfssl
configure:24626: aarch64-WaveserverOS-linux-gcc  -march=armv8-a+crc --sysroot=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot -o conftest -pipe -feliminate-unused-debug-types -fmacro-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot= -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot-native= -Werror-implicit-function-declaration -g -O2 -pedantic -Wall -W -Wpointer-arith -Wwrite-strings -Wunused -Wshadow -Winline -Wnested-externs -Wmissing-declarations -Wmissing-prototypes -Wno-long-long -Wbad-function-cast -Wfloat-equal -Wno-multichar -Wsign-compare -Wundef -Wno-format-nonliteral -Wendif-labels -Wstrict-prototypes -Wdeclaration-after-statement -Wold-style-definition -Wstrict-aliasing=3 -Wcast-align -Wtype-limits -Wold-style-declaration -Wmissing-parameter-type -Wempty-body -Wclobbered -Wignored-qualifiers -Wconversion -Wno-sign-conversion -Wvla -ftree-vrp -Wdouble-promotion -Wformat=2 -Warray-bounds=2 -Wshift-negative-value -Wshift-overflow=2 -Wnull-dereference -fdelete-null-pointer-checks -Wduplicated-cond -Wunused-const-variable -Wduplicated-branches -Wrestrict -Walloc-zero -Wformat-overflow=2 -Wformat-truncation=2 -Wimplicit-fallthrough=4 -Wno-system-headers  -I/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//include  -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -L/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//lib  conftest.c -lwolfssl -lz  >&5
In file included from /localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/include/wolfssl/ssl.h:23,
                 from conftest.c:51:
/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/include/wolfssl/wolfcrypt/settings.h:1985:14: warning: #warning "For timing resistance / side-channel attack prevention consider using harden options" [-Wcpp]
             #warning "For timing resistance / side-channel attack prevention consider using harden options"
              ^~~~~~~
configure:24626: $? = 0
configure:24628: result: yes
configure:24655: detected wolfSSL
configure:24659: checking size of long long
configure:24678: aarch64-WaveserverOS-linux-gcc  -march=armv8-a+crc --sysroot=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot -c -pipe -feliminate-unused-debug-types -fmacro-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot= -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot-native= -Werror-implicit-function-declaration -g -O2 -pedantic -Wall -W -Wpointer-arith -Wwrite-strings -Wunused -Wshadow -Winline -Wnested-externs -Wmissing-declarations -Wmissing-prototypes -Wno-long-long -Wbad-function-cast -Wfloat-equal -Wno-multichar -Wsign-compare -Wundef -Wno-format-nonliteral -Wendif-labels -Wstrict-prototypes -Wdeclaration-after-statement -Wold-style-definition -Wstrict-aliasing=3 -Wcast-align -Wtype-limits -Wold-style-declaration -Wmissing-parameter-type -Wempty-body -Wclobbered -Wignored-qualifiers -Wconversion -Wno-sign-conversion -Wvla -ftree-vrp -Wdouble-promotion -Wformat=2 -Warray-bounds=2 -Wshift-negative-value -Wshift-overflow=2 -Wnull-dereference -fdelete-null-pointer-checks -Wduplicated-cond -Wunused-const-variable -Wduplicated-branches -Wrestrict -Walloc-zero -Wformat-overflow=2 -Wformat-truncation=2 -Wimplicit-fallthrough=4 -Wno-system-headers  -I/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//include  conftest.c >&5
conftest.c: In function 'main':
conftest.c:52:20: error: duplicate case value
 switch (0) case 0: case (sizeof (long long) == 4):;
                    ^~~~
conftest.c:52:12: note: previously used here
 switch (0) case 0: case (sizeof (long long) == 4):;
            ^~~~
configure:24678: $? = 1
configure: failed program was:
| /* confdefs.h */
| #define PACKAGE_NAME "curl"
| #define PACKAGE_TARNAME "curl"
| #define PACKAGE_VERSION "-"
| #define PACKAGE_STRING "curl -"
| #define PACKAGE_BUGREPORT "a suitable curl mailing list: https://curl.haxx.se/mail/"
| #define PACKAGE_URL ""
| #define DEBUGBUILD 1
| #define PACKAGE "curl"
| #define VERSION "-"
| #define OS "aarch64-WaveserverOS-linux-gnu"
| #define STDC_HEADERS 1
| #define HAVE_SYS_TYPES_H 1
| #define HAVE_SYS_STAT_H 1
| #define HAVE_STDLIB_H 1
| #define HAVE_STRING_H 1
| #define HAVE_MEMORY_H 1
| #define HAVE_STRINGS_H 1
| #define HAVE_INTTYPES_H 1
| #define HAVE_STDINT_H 1
| #define HAVE_UNISTD_H 1
| #define HAVE_DLFCN_H 1
| #define LT_OBJDIR ".libs/"
| #define CURL_DISABLE_LDAP 1
| #define CURL_DISABLE_LDAPS 1
| #define CURL_DISABLE_RTSP 1
| #define CURL_DISABLE_DICT 1
| #define CURL_DISABLE_TELNET 1
| #define CURL_DISABLE_POP3 1
| #define CURL_DISABLE_IMAP 1
| #define CURL_DISABLE_SMB 1
| #define CURL_DISABLE_SMTP 1
| #define CURL_DISABLE_GOPHER 1
| #define CURL_DISABLE_LIBCURL_OPTION 1
| #define TIME_WITH_SYS_TIME 1
| #define HAVE_SYS_TYPES_H 1
| #define HAVE_SYS_TIME_H 1
| #define HAVE_TIME_H 1
| #define HAVE_CLOCK_GETTIME_MONOTONIC 1
| #define HAVE_ZLIB_H 1
| #define HAVE_LIBZ 1
| #define ENABLE_IPV6 1
| #define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1
| #define USE_WOLFSSL 1
| /* end confdefs.h.  */
| 
| #include <sys/types.h>
| 
| 
| int main (void)
| {
| switch (0) case 0: case (sizeof (long long) == 4):;
|  ;
|  return 0;
| }
configure:24678: aarch64-WaveserverOS-linux-gcc  -march=armv8-a+crc --sysroot=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot -c -pipe -feliminate-unused-debug-types -fmacro-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot= -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot-native= -Werror-implicit-function-declaration -g -O2 -pedantic -Wall -W -Wpointer-arith -Wwrite-strings -Wunused -Wshadow -Winline -Wnested-externs -Wmissing-declarations -Wmissing-prototypes -Wno-long-long -Wbad-function-cast -Wfloat-equal -Wno-multichar -Wsign-compare -Wundef -Wno-format-nonliteral -Wendif-labels -Wstrict-prototypes -Wdeclaration-after-statement -Wold-style-definition -Wstrict-aliasing=3 -Wcast-align -Wtype-limits -Wold-style-declaration -Wmissing-parameter-type -Wempty-body -Wclobbered -Wignored-qualifiers -Wconversion -Wno-sign-conversion -Wvla -ftree-vrp -Wdouble-promotion -Wformat=2 -Warray-bounds=2 -Wshift-negative-value -Wshift-overflow=2 -Wnull-dereference -fdelete-null-pointer-checks -Wduplicated-cond -Wunused-const-variable -Wduplicated-branches -Wrestrict -Walloc-zero -Wformat-overflow=2 -Wformat-truncation=2 -Wimplicit-fallthrough=4 -Wno-system-headers  -I/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//include  conftest.c >&5
configure:24678: $? = 0
configure:24690: result: 8
configure:24706: checking for wolfSSLv3_client_method
configure:24706: aarch64-WaveserverOS-linux-gcc  -march=armv8-a+crc --sysroot=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot -o conftest -pipe -feliminate-unused-debug-types -fmacro-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot= -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot-native= -Werror-implicit-function-declaration -g -O2 -pedantic -Wall -W -Wpointer-arith -Wwrite-strings -Wunused -Wshadow -Winline -Wnested-externs -Wmissing-declarations -Wmissing-prototypes -Wno-long-long -Wbad-function-cast -Wfloat-equal -Wno-multichar -Wsign-compare -Wundef -Wno-format-nonliteral -Wendif-labels -Wstrict-prototypes -Wdeclaration-after-statement -Wold-style-definition -Wstrict-aliasing=3 -Wcast-align -Wtype-limits -Wold-style-declaration -Wmissing-parameter-type -Wempty-body -Wclobbered -Wignored-qualifiers -Wconversion -Wno-sign-conversion -Wvla -ftree-vrp -Wdouble-promotion -Wformat=2 -Warray-bounds=2 -Wshift-negative-value -Wshift-overflow=2 -Wnull-dereference -fdelete-null-pointer-checks -Wduplicated-cond -Wunused-const-variable -Wduplicated-branches -Wrestrict -Walloc-zero -Wformat-overflow=2 -Wformat-truncation=2 -Wimplicit-fallthrough=4 -Wno-system-headers  -I/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//include  -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -L/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//lib  conftest.c -lwolfssl -lm -lz  >&5
conftest.c:58:1: warning: function declaration isn't a prototype [-Wstrict-prototypes]
 char wolfSSLv3_client_method ();
 ^~~~
/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot-native/usr/bin/aarch64-WaveserverOS-linux/../../libexec/aarch64-WaveserverOS-linux/gcc/aarch64-WaveserverOS-linux/8.3.0/ld: /tmp/ccxRZlM9.o: in function `main':
/usr/src/debug/curl/7.71.1-r0/build/conftest.c:65: undefined reference to `wolfSSLv3_client_method'
collect2: error: ld returned 1 exit status
configure:24706: $? = 1
configure: failed program was:
| /* confdefs.h */
| #define PACKAGE_NAME "curl"
| #define PACKAGE_TARNAME "curl"
| #define PACKAGE_VERSION "-"
| #define PACKAGE_STRING "curl -"
| #define PACKAGE_BUGREPORT "a suitable curl mailing list: https://curl.haxx.se/mail/"
| #define PACKAGE_URL ""
| #define DEBUGBUILD 1
| #define PACKAGE "curl"
| #define VERSION "-"
| #define OS "aarch64-WaveserverOS-linux-gnu"
| #define STDC_HEADERS 1
| #define HAVE_SYS_TYPES_H 1
| #define HAVE_SYS_STAT_H 1
| #define HAVE_STDLIB_H 1
| #define HAVE_STRING_H 1
| #define HAVE_MEMORY_H 1
| #define HAVE_STRINGS_H 1
| #define HAVE_INTTYPES_H 1
| #define HAVE_STDINT_H 1
| #define HAVE_UNISTD_H 1
| #define HAVE_DLFCN_H 1
| #define LT_OBJDIR ".libs/"
| #define CURL_DISABLE_LDAP 1
| #define CURL_DISABLE_LDAPS 1
| #define CURL_DISABLE_RTSP 1
| #define CURL_DISABLE_DICT 1
| #define CURL_DISABLE_TELNET 1
| #define CURL_DISABLE_POP3 1
| #define CURL_DISABLE_IMAP 1
| #define CURL_DISABLE_SMB 1
| #define CURL_DISABLE_SMTP 1
| #define CURL_DISABLE_GOPHER 1
| #define CURL_DISABLE_LIBCURL_OPTION 1
| #define TIME_WITH_SYS_TIME 1
| #define HAVE_SYS_TYPES_H 1
| #define HAVE_SYS_TIME_H 1
| #define HAVE_TIME_H 1
| #define HAVE_CLOCK_GETTIME_MONOTONIC 1
| #define HAVE_ZLIB_H 1
| #define HAVE_LIBZ 1
| #define ENABLE_IPV6 1
| #define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1
| #define USE_WOLFSSL 1
| #define SIZEOF_LONG_LONG 8
| /* end confdefs.h.  */
| 
| #define wolfSSLv3_client_method innocuous_wolfSSLv3_client_method
| #ifdef __STDC__
| # include <limits.h>
| #else
| # include <assert.h>
| #endif
| #undef wolfSSLv3_client_method
| #ifdef __cplusplus
| extern "C"
| #endif
| char wolfSSLv3_client_method ();
| #if defined __stub_wolfSSLv3_client_method || defined __stub___wolfSSLv3_client_method
| choke me
| #endif
| 
| int main (void)
| {
| return wolfSSLv3_client_method ();
|  ;
|  return 0;
| }
configure:24706: result: no
configure:24706: checking for wolfSSL_get_peer_certificate
configure:24706: aarch64-WaveserverOS-linux-gcc  -march=armv8-a+crc --sysroot=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot -o conftest -pipe -feliminate-unused-debug-types -fmacro-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot= -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot-native= -Werror-implicit-function-declaration -g -O2 -pedantic -Wall -W -Wpointer-arith -Wwrite-strings -Wunused -Wshadow -Winline -Wnested-externs -Wmissing-declarations -Wmissing-prototypes -Wno-long-long -Wbad-function-cast -Wfloat-equal -Wno-multichar -Wsign-compare -Wundef -Wno-format-nonliteral -Wendif-labels -Wstrict-prototypes -Wdeclaration-after-statement -Wold-style-definition -Wstrict-aliasing=3 -Wcast-align -Wtype-limits -Wold-style-declaration -Wmissing-parameter-type -Wempty-body -Wclobbered -Wignored-qualifiers -Wconversion -Wno-sign-conversion -Wvla -ftree-vrp -Wdouble-promotion -Wformat=2 -Warray-bounds=2 -Wshift-negative-value -Wshift-overflow=2 -Wnull-dereference -fdelete-null-pointer-checks -Wduplicated-cond -Wunused-const-variable -Wduplicated-branches -Wrestrict -Walloc-zero -Wformat-overflow=2 -Wformat-truncation=2 -Wimplicit-fallthrough=4 -Wno-system-headers  -I/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//include  -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -L/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//lib  conftest.c -lwolfssl -lm -lz  >&5
conftest.c:58:1: warning: function declaration isn't a prototype [-Wstrict-prototypes]
 char wolfSSL_get_peer_certificate ();
 ^~~~
configure:24706: $? = 0
configure:24706: result: yes
configure:24706: checking for wolfSSL_UseALPN
configure:24706: aarch64-WaveserverOS-linux-gcc  -march=armv8-a+crc --sysroot=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot -o conftest -pipe -feliminate-unused-debug-types -fmacro-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot= -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot-native= -Werror-implicit-function-declaration -g -O2 -pedantic -Wall -W -Wpointer-arith -Wwrite-strings -Wunused -Wshadow -Winline -Wnested-externs -Wmissing-declarations -Wmissing-prototypes -Wno-long-long -Wbad-function-cast -Wfloat-equal -Wno-multichar -Wsign-compare -Wundef -Wno-format-nonliteral -Wendif-labels -Wstrict-prototypes -Wdeclaration-after-statement -Wold-style-definition -Wstrict-aliasing=3 -Wcast-align -Wtype-limits -Wold-style-declaration -Wmissing-parameter-type -Wempty-body -Wclobbered -Wignored-qualifiers -Wconversion -Wno-sign-conversion -Wvla -ftree-vrp -Wdouble-promotion -Wformat=2 -Warray-bounds=2 -Wshift-negative-value -Wshift-overflow=2 -Wnull-dereference -fdelete-null-pointer-checks -Wduplicated-cond -Wunused-const-variable -Wduplicated-branches -Wrestrict -Walloc-zero -Wformat-overflow=2 -Wformat-truncation=2 -Wimplicit-fallthrough=4 -Wno-system-headers  -I/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//include  -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -L/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//lib  conftest.c -lwolfssl -lm -lz  >&5
conftest.c:59:1: warning: function declaration isn't a prototype [-Wstrict-prototypes]
 char wolfSSL_UseALPN ();
 ^~~~
/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot-native/usr/bin/aarch64-WaveserverOS-linux/../../libexec/aarch64-WaveserverOS-linux/gcc/aarch64-WaveserverOS-linux/8.3.0/ld: /tmp/ccFTDHqh.o: in function `main':
/usr/src/debug/curl/7.71.1-r0/build/conftest.c:66: undefined reference to `wolfSSL_UseALPN'
collect2: error: ld returned 1 exit status
configure:24706: $? = 1
configure: failed program was:
| /* confdefs.h */
| #define PACKAGE_NAME "curl"
| #define PACKAGE_TARNAME "curl"
| #define PACKAGE_VERSION "-"
| #define PACKAGE_STRING "curl -"
| #define PACKAGE_BUGREPORT "a suitable curl mailing list: https://curl.haxx.se/mail/"
| #define PACKAGE_URL ""
| #define DEBUGBUILD 1
| #define PACKAGE "curl"
| #define VERSION "-"
| #define OS "aarch64-WaveserverOS-linux-gnu"
| #define STDC_HEADERS 1
| #define HAVE_SYS_TYPES_H 1
| #define HAVE_SYS_STAT_H 1
| #define HAVE_STDLIB_H 1
| #define HAVE_STRING_H 1
| #define HAVE_MEMORY_H 1
| #define HAVE_STRINGS_H 1
| #define HAVE_INTTYPES_H 1
| #define HAVE_STDINT_H 1
| #define HAVE_UNISTD_H 1
| #define HAVE_DLFCN_H 1
| #define LT_OBJDIR ".libs/"
| #define CURL_DISABLE_LDAP 1
| #define CURL_DISABLE_LDAPS 1
| #define CURL_DISABLE_RTSP 1
| #define CURL_DISABLE_DICT 1
| #define CURL_DISABLE_TELNET 1
| #define CURL_DISABLE_POP3 1
| #define CURL_DISABLE_IMAP 1
| #define CURL_DISABLE_SMB 1
| #define CURL_DISABLE_SMTP 1
| #define CURL_DISABLE_GOPHER 1
| #define CURL_DISABLE_LIBCURL_OPTION 1
| #define TIME_WITH_SYS_TIME 1
| #define HAVE_SYS_TYPES_H 1
| #define HAVE_SYS_TIME_H 1
| #define HAVE_TIME_H 1
| #define HAVE_CLOCK_GETTIME_MONOTONIC 1
| #define HAVE_ZLIB_H 1
| #define HAVE_LIBZ 1
| #define ENABLE_IPV6 1
| #define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1
| #define USE_WOLFSSL 1
| #define SIZEOF_LONG_LONG 8
| #define HAVE_WOLFSSL_GET_PEER_CERTIFICATE 1
| /* end confdefs.h.  */
| 
| #define wolfSSL_UseALPN innocuous_wolfSSL_UseALPN
| #ifdef __STDC__
| # include <limits.h>
| #else
| # include <assert.h>
| #endif
| #undef wolfSSL_UseALPN
| #ifdef __cplusplus
| extern "C"
| #endif
| char wolfSSL_UseALPN ();
| #if defined __stub_wolfSSL_UseALPN || defined __stub___wolfSSL_UseALPN
| choke me
| #endif
| 
| int main (void)
| {
| return wolfSSL_UseALPN ();
|  ;
|  return 0;
| }
configure:24706: result: no
configure:24716: checking for wolfSSL_DES_set_odd_parity
configure:24716: aarch64-WaveserverOS-linux-gcc  -march=armv8-a+crc --sysroot=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot -o conftest -pipe -feliminate-unused-debug-types -fmacro-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot= -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot-native= -Werror-implicit-function-declaration -g -O2 -pedantic -Wall -W -Wpointer-arith -Wwrite-strings -Wunused -Wshadow -Winline -Wnested-externs -Wmissing-declarations -Wmissing-prototypes -Wno-long-long -Wbad-function-cast -Wfloat-equal -Wno-multichar -Wsign-compare -Wundef -Wno-format-nonliteral -Wendif-labels -Wstrict-prototypes -Wdeclaration-after-statement -Wold-style-definition -Wstrict-aliasing=3 -Wcast-align -Wtype-limits -Wold-style-declaration -Wmissing-parameter-type -Wempty-body -Wclobbered -Wignored-qualifiers -Wconversion -Wno-sign-conversion -Wvla -ftree-vrp -Wdouble-promotion -Wformat=2 -Warray-bounds=2 -Wshift-negative-value -Wshift-overflow=2 -Wnull-dereference -fdelete-null-pointer-checks -Wduplicated-cond -Wunused-const-variable -Wduplicated-branches -Wrestrict -Walloc-zero -Wformat-overflow=2 -Wformat-truncation=2 -Wimplicit-fallthrough=4 -Wno-system-headers  -I/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//include  -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -L/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//lib  conftest.c -lwolfssl -lm -lz  >&5
conftest.c:59:1: warning: function declaration isn't a prototype [-Wstrict-prototypes]
 char wolfSSL_DES_set_odd_parity ();
 ^~~~
configure:24716: $? = 0
configure:24716: result: yes
configure:24723: Add /wolfssl to CPPFLAGS
configure:25517: built with one SSL backend

The actual part that fails is from the libssh2 tests right after that:

configure:25559: checking default CA cert bundle/path
configure:25671: result: /etc/ssl/certs/ca-certificates.crt
configure:25689: checking whether to use builtin CA store of SSL library
configure:25703: result: no
configure:26227: checking for aarch64-WaveserverOS-linux-pkg-config
configure:26258: result: /localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot-native/usr/bin/pkg-config
configure:26327: checking for libssh2 options with pkg-config
configure:26341: result: found
configure:26374: checking for libssh2_channel_open_ex in -lssh2
configure:26396: aarch64-WaveserverOS-linux-gcc  -march=armv8-a+crc --sysroot=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot -o conftest -pipe -feliminate-unused-debug-types -fmacro-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0=/usr/src/debug/curl/7.71.1-r0 -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot= -fdebug-prefix-map=/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot-native= -Werror-implicit-function-declaration -g -O2 -pedantic -Wall -W -Wpointer-arith -Wwrite-strings -Wunused -Wshadow -Winline -Wnested-externs -Wmissing-declarations -Wmissing-prototypes -Wno-long-long -Wbad-function-cast -Wfloat-equal -Wno-multichar -Wsign-compare -Wundef -Wno-format-nonliteral -Wendif-labels -Wstrict-prototypes -Wdeclaration-after-statement -Wold-style-definition -Wstrict-aliasing=3 -Wcast-align -Wtype-limits -Wold-style-declaration -Wmissing-parameter-type -Wempty-body -Wclobbered -Wignored-qualifiers -Wconversion -Wno-sign-conversion -Wvla -ftree-vrp -Wdouble-promotion -Wformat=2 -Warray-bounds=2 -Wshift-negative-value -Wshift-overflow=2 -Wnull-dereference -fdelete-null-pointer-checks -Wduplicated-cond -Wunused-const-variable -Wduplicated-branches -Wrestrict -Walloc-zero -Wformat-overflow=2 -Wformat-truncation=2 -Wimplicit-fallthrough=4 -Wno-system-headers /wolfssl  -I/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//include   -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -L/localdisk/workspace/ws_cov/waveserver-build/build/tmp/work/aarch64-WaveserverOS-linux/curl/7.71.1-r0/recipe-sysroot/usr/lib/..//lib   conftest.c -lssh2  -lssh2 -lwolfssl -lm -lz  >&5
aarch64-WaveserverOS-linux-gcc: error: /wolfssl: No such file or directory

[bagder]

Ah, but that 's a slightly different use case though @a5ehren. When building cross-compiled, it shouldn't use the pkg-config file as it's usually not right for that. I'll submit a PR in a sec to address that.

[a5ehren]

I've confirmed that the commit fixes the config step for my exact case (--with-wolfssl=), but the link for libcurl.so fails with "undefined reference to wolfSSL_DES_ecb_encrypt". This function is hidden behind an extra #ifdef when compared to wolfSSL_DES_set_odd_parity that is tested for in the configure script when checking to add NTLM support (at least in the two versions of wolfSSL I have access to - 4.3 and 4.4). This function (for whatever reason) only gets added to the OpenSSL compatibility layer if the user is building for stunnel, wpa_supplicant, or openVPN support - otherwise it is not present.

Using the plain "--with-wolfssl" fails a Yocto QA check, because the addcflag, etc, doesn't get blanked back to defaults properly.

I've got a pretty good idea of what to do to fix all this, so I'll be sending a PR in soon.