Compile issues with LibreSSL 2.1.2 and nginx #51

pouar · 2014-12-18T16:59:23Z

Trying to statically compile nginx with LibreSSL 2.1.2 following the instructions here
https://www.mare-system.de/blog/page/1405201517/

It works perfectly fine with LibreSSL 2.1.1, but it won't compile with 2.1.2. One of those problems is that it's saying it can't find winsock2.h, which considering I'm trying to compile in Arch Linux, this obviously wasn't supposed to happen.

Here's the PKGBUILD

# $Id: PKGBUILD 107711 2014-03-18 17:19:21Z bpiotrowski $
# Maintainer: Bartłomiej Piotrowski <bpiotrowski@archlinux.org>
# Maintainer: Sébastien Luttringer
# Contributor: Sergej Pupykin <pupykin.s+arch@gmail.com>
# Contributor: Miroslaw Szot <mss@czlug.icis.pcz.pl>

pkgname=nginx-pouar
provides=('nginx')
conflicts=('nginx')
replaces=('nginx')
pkgver=1.7.8
pkgrel=1
pkgdesc='Lightweight HTTP server and IMAP/POP3 proxy server'
arch=('i686' 'x86_64')
url='http://nginx.org'
license=('custom')
depends=('pcre' 'zlib' 'openssl'  'geoip' 'geoip-database' 'gd')
makedepends=(
    'libxslt'
    'gd'
    'git'
)
backup=('etc/nginx/fastcgi.conf'
        'etc/nginx/fastcgi_params'
        'etc/nginx/koi-win'
        'etc/nginx/koi-utf'
        'etc/nginx/mime.types'
        'etc/nginx/nginx.conf'
        'etc/nginx/scgi_params'
        'etc/nginx/uwsgi_params'
        'etc/nginx/win-utf'
        'etc/logrotate.d/nginx')
install=nginx.install
_cachepurge_ver="2.2"
_cachepurge_dirname="ngx_cachepurge"
_slowfscache_ver="1.10"
_slowfscache_dirname="ngx_slowfscache"
_echo_ver="v0.57"
_echo_dirname="ngx_echo"
_headersmore_ver="v0.25"
_headersmore_dirname="ngx_headersmore"
_uploadprogress_ver="v0.9.1"
_uploadprogress_dirname="ngx_uploadprogress"
_upstreamfair_hash="a18b4099fbd458111983200e098b6f0c8efed4bc"
_upstreamfair_dirname="ngx_upstreamfair"
_authpam_ver="1.3"
_authpam_dirname="ngx_authpam"
_pagespeed_ver="1.9.32.2"
_pagespeed_dirname="ngx_pagespeed"
_accesskey_ver="2.0.3"
_accesskey_dirname="ngx_accesskey"
_rtmp_ver="v1.1.6"
_rtmp_dirname="ngx_rtmp"
_davext_ver="v0.0.3"
_davext_dirname="ngx_daxext"
_naxsi_ver="0.53-2"
_naxsi_dirname="ngx_naxsi"
_clojure_ver="v0.3.0"
_clojure_dirname="ngx_clojure"
_lua_ver="v0.9.13"
_lua_dirname="ngx_lua"
_http_internal_redirect_ver="0.6"
_http_internal_redirect_dirname="ngx_http_internal_redirect"
source=($url/download/nginx-$pkgver.tar.gz
        service
        logrotate
        "${_cachepurge_dirname}.tar.gz::http://labs.frickle.com/files/ngx_cache_purge-${_cachepurge_ver}.tar.gz"
        "${_slowfscache_dirname}.tar.gz::http://labs.frickle.com/files/ngx_slowfs_cache-${_slowfscache_ver}.tar.gz"
        "${_uploadprogress_dirname}.tar.gz::https://github.com/masterzen/nginx-upload-progress-module/tarball/${_uploadprogress_ver}"
        "${_headersmore_dirname}.tar.gz::https://github.com/agentzh/headers-more-nginx-module/tarball/${_headersmore_ver}"
        "${_echo_dirname}.tar.gz::https://github.com/agentzh/echo-nginx-module/tarball/${_echo_ver}"
        "${_upstreamfair_dirname}.tar.gz::https://github.com/gnosek/nginx-upstream-fair/tarball/${_upstreamfair_hash}"
        "${_authpam_dirname}.tar.gz::http://web.iti.upv.es/~sto/nginx/ngx_http_auth_pam_module-${_authpam_ver}.tar.gz"
        "${_pagespeed_dirname}.tar.gz::https://github.com/pagespeed/ngx_pagespeed/archive/v${_pagespeed_ver}-beta.tar.gz"
        "psol-${_pagespeed_ver}.tar.gz::https://dl.google.com/dl/page-speed/psol/${_pagespeed_ver}.tar.gz"
        "${_accesskey_dirname}.tar.gz::http://wiki.nginx.org/images/5/51/Nginx-accesskey-${_accesskey_ver}.tar.gz"
        "${_rtmp_dirname}.tar.gz::https://github.com/arut/nginx-rtmp-module/archive/${_rtmp_ver}.tar.gz"
        "${_davext_dirname}.tar.gz::https://github.com/arut/nginx-dav-ext-module/archive/${_davext_ver}.tar.gz"
        "${_naxsi_dirname}.tar.gz::https://github.com/nbs-system/naxsi/archive/${_naxsi_ver}.tar.gz"
        "${_clojure_dirname}.tar.gz::https://github.com/nginx-clojure/nginx-clojure/archive/${_clojure_ver}.tar.gz"
        "${_lua_dirname}.tar.gz::https://github.com/openresty/lua-nginx-module/archive/${_lua_ver}.tar.gz"
        "${_http_internal_redirect_dirname}.tar.gz::https://github.com/flygoast/ngx_http_internal_redirect/archive/v${_http_internal_redirect_ver}.tar.gz"
        git+https://github.com/simpl/ngx_mongo.git
        'http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.1.2.tar.gz'
        "libressl-dummy-rand-egd.patch"
        'nginx__libressl.patch')
md5sums=('fd5ab813fc1853cd8efe580ead577c3e'
         'ce9a06bcaf66ec4a3c4eb59b636e0dfd'
         '3441ce77cdd1aab6f0ab7e212698a8a7'
         '82c6281e14ffee73e0ad69c134d6e5e1'
         '68a1af12d5c1218fb2b3e05ed7ff6f0c'
         'f7dee95dbe8ada5f4d8e9d59ca1f4797'
         '10e178b0cecf6ce891ee297d32ba2f14'
         '1ba466e7efc03cd9934dd711ce9d84e7'
         'ac5e7f485476af70e0ee1c52016cddaf'
         'bf3c3389353f11f5f2047b67ce08ba79'
         '53d356f24cf2a67e45d0c1ba061ed839'
         '60a6b6e4e3c2fa7aff7fe25150b0f067'
         '9b5304346d5139b1841f5baa01ab0cbe'
         'ceca9874cd89e6027fae8178f5c3af86'
         '2cb502dbda335be4ebd5fed0b3182bae'
         '348b50914a1eedaed09a2509621adf43'
         'e43f86f16529179f754e4c96e1fdd84f'
         '23eecdc84fb996fe22f2ec7ff93622da'
         'b94a636bdfcac5c69f265d493a25874c'
         'SKIP'
         'c979a977e3b54fbecfa762c74a631bc3'
         '708f29ac93db537a705dfe1f6dac0a50'
         'SKIP')





prepare() {

  cd ${srcdir}

    cp -r ngx_cache_purge-* ${_cachepurge_dirname}
    cp -r ngx_slowfs_cache-* ${_slowfscache_dirname}
    cp -r openresty-headers-more-nginx-module-* ${_headersmore_dirname}
    cp -r openresty-echo-nginx-module-* ${_echo_dirname}
    cp -r masterzen-nginx-upload-progress-module-* ${_uploadprogress_dirname}
    cp -r gnosek-nginx-upstream-fair-* ${_upstreamfair_dirname}
    cp -r ngx_http_auth_pam_module-${_authpam_ver} ${_authpam_dirname}
    cp -r ngx_pagespeed-* ${_pagespeed_dirname}
    cp -r psol ${_pagespeed_dirname}/
    cp -r nginx-accesskey* ${_accesskey_dirname}
    cp -r nginx-rtmp-module* ${_rtmp_dirname}
    cp -r nginx-dav-ext-module* ${_davext_dirname}
    cp -r naxsi* ${_naxsi_dirname}
    cp -r nginx-clojure-* ${_clojure_dirname}
    cp -r lua-nginx-module-* ${_lua_dirname}
    cp -r ngx_http_internal_redirect-* ${_http_internal_redirect_dirname}
    # patch -Np0 < $srcdir/libressl-dummy-rand-egd.patch || exit 1
    #cd nginx-$pkgver
    #patch -Np1 < $srcdir/nginx__libressl.patch
}
build() {
    cd $srcdir/libressl-2.1.2
    echo "#! /bin/bash

./configure" > config
./configure && make -j8 check 
if  [ -d ".openssl" ]; then
  rm -Rf .openssl
fi

mkdir -p .openssl/lib

cp crypto/.libs/libcrypto.a ssl/.libs/libssl.a .openssl/lib
cd .openssl && ln -s ../include ./

  cd $srcdir/nginx-$pkgver
  ./configure \
   --with-openssl="$srcdir/libressl-2.1.2" \
    --prefix=/etc/nginx \
    --conf-path=/etc/nginx/nginx.conf \
    --sbin-path=/usr/bin/nginx \
    --pid-path=/run/nginx.pid \
    --lock-path=/run/lock/nginx.lock \
    --user=http \
    --group=http \
    --http-log-path=/var/log/nginx/access.log \
    --error-log-path=stderr \
    --http-client-body-temp-path=/var/lib/nginx/client-body \
    --http-proxy-temp-path=/var/lib/nginx/proxy \
    --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
    --http-scgi-temp-path=/var/lib/nginx/scgi \
    --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
    --with-imap \
    --with-imap_ssl_module \
    --with-ipv6 \
    --with-pcre-jit \
    --with-file-aio \
      --with-pcre \
        --with-libatomic  \
 --with-http_ssl_module  \
  --with-http_spdy_module  \
  --with-http_realip_module  \
  --with-http_addition_module  \
  --with-http_xslt_module   \
  --with-http_image_filter_module \
  --with-http_geoip_module   \
  --with-http_sub_module      \
  --with-http_dav_module     \
  --with-http_flv_module  \
  --with-http_mp4_module \
  --with-http_gunzip_module \
  --with-http_gzip_static_module  \
  --with-http_auth_request_module  \
  --with-http_random_index_module  \
  --with-http_secure_link_module  \
  --with-http_degradation_module \
  --with-http_stub_status_module \
    --with-http_perl_module \
      --with-mail  \
       --with-mail_ssl_module \
         --with-google_perftools_module \
     --with-poll_module \
       --with-rtsig_module  \
  --with-select_module \
                --add-module=../${_cachepurge_dirname} \
                --add-module=../${_echo_dirname} \
                --add-module=../${_headersmore_dirname} \
                --add-module=../${_slowfscache_dirname} \
                --add-module=../${_uploadprogress_dirname} \
                --add-module=../${_upstreamfair_dirname} \
                --add-module=../${_authpam_dirname} \
                --add-module=../${_pagespeed_dirname} \
                --add-module=../${_accesskey_dirname} \
                --add-module=../${_rtmp_dirname} \
                --add-module=../${_http_internal_redirect_dirname} \
                --add-module=../${_davext_dirname} \
                --add-module=../ngx_mongo

        touch $srcdir/libressl-2.1.2/.openssl/include/openssl/ssl.h

  make
}

package() {
  cd $srcdir/nginx-$pkgver
  make DESTDIR="$pkgdir" install

  sed -e 's|\<user\s\+\w\+;|user html;|g' \
    -e '44s|html|/usr/share/nginx/html|' \
    -e '54s|html|/usr/share/nginx/html|' \
    -i "$pkgdir"/etc/nginx/nginx.conf

  rm "$pkgdir"/etc/nginx/*.default

  install -d "$pkgdir"/var/lib/nginx
  install -dm700 "$pkgdir"/var/lib/nginx/proxy

  chmod 750 "$pkgdir"/var/log/nginx
  chown http:log "$pkgdir"/var/log/nginx

  install -d "$pkgdir"/usr/share/nginx
  cp -r "$pkgdir"/etc/nginx/html/ "$pkgdir"/usr/share/nginx

  install -Dm644 ../logrotate "$pkgdir"/etc/logrotate.d/nginx
  install -Dm644 ../service "$pkgdir"/usr/lib/systemd/system/nginx.service
  install -Dm644 LICENSE "$pkgdir"/usr/share/licenses/$pkgname/LICENSE

  rmdir "$pkgdir"/run
}

# vim:set ts=2 sw=2 et:

The text was updated successfully, but these errors were encountered:

busterb · 2014-12-19T01:30:25Z

I think your package needs serious work. If earlier versions of libressl worked with it, it was purely by accident. There are a few missing dependencies to start with:

makedepends=(
    'libxslt'
    'gd'
    'git'
    'gperftools'
    'yajl'
)

You appear to be both building libressl standalone and linking the tarball's private 'include' directory into your install path, and telling nginx to build and link it statically? These lines are certainly wrong, as you're 'installing' private include files by just linking that include directory:

cp crypto/.libs/libcrypto.a ssl/.libs/libssl.a .openssl/lib
cd .openssl && ln -s ../include ./

Do something like this instead:

./configure --prefix=/
make && make install DESTDIR=`pwd`/.openssl

I think your first instinct should be, if you need to run 'sudo pkgbuild --asroot', you're probably doing something wrong. Here's a modified version of your PKGBUILD I tested with the next release, though it still probably needs some work:

https://gist.github.com/busterb/5dbfaeb6b24b496d6339

busterb · 2014-12-19T01:34:46Z

The little config script hack should also be unneeded in the next release - I missed getting it packaged in the tarball in the last release. Check out this package as another example: https://github.com/technion/libressl_nginx

busterb closed this as completed Dec 19, 2014

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Compile issues with LibreSSL 2.1.2 and nginx #51

Compile issues with LibreSSL 2.1.2 and nginx #51

pouar commented Dec 18, 2014

busterb commented Dec 19, 2014

busterb commented Dec 19, 2014

Compile issues with LibreSSL 2.1.2 and nginx #51

Compile issues with LibreSSL 2.1.2 and nginx #51

Comments

pouar commented Dec 18, 2014

busterb commented Dec 19, 2014

busterb commented Dec 19, 2014