[Pkg-openssl-devel] Bug#845193: Bug#845193: dpkg: recent -specs PIE changes break openssl

[Sebastian Andrzej Siewior]

On 2016-12-28 17:01:10 [+0100], Kurt Roeckx wrote:
> On Wed, Dec 28, 2016 at 02:59:18PM +0100, Sebastian Andrzej Siewior wrote:
> > On 2016-12-08 01:20:06 [+0100], Guillem Jover wrote:
> > > Hi!
> > Hi,
> > 
> > > The actual problem here, is that for whatever reason on x32 and only
> > > x32, the build system is (as I noted in #845193#10) calling link_a.gnu
> > > instead of the link_o.gnu target, which tries to link a static library
> > > composed of PIE objects into a shared library, which makes it fail.
> > 
> > so is there anything we need to do on the openssl side?
> 
> Figure out why it uses link_a instead of link_o, and maybe fix it?

So I assumed that this is something not related to openssl but I've been
wrong then. And I didn't get why that "-specs" thing is used for PIE
but…
So we crash in the testsuite while doing

| ssltest -key keyU.ss -cert certU.ss -c_key keyU.ss -c_cert certU.ss -cipher AES128-SHA -bytes 8m

and according to gdb somewhere in the asm corner. So going from
x86_64_asm to no_asm makes it build. Is there a reason why we should fix
asm for x32 in the old openssl while it seems to work in 1.1.0?
Otherwise I would drop the asm for x32 and be done with it.

btw: During the build I saw
|gcc: note: pie specs /usr/share/dpkg/pie-compile.specs ignored when pie is not enabled
|gcc: note: pie specs /usr/share/dpkg/pie-link.specs ignored when pie is not enabled

after each gcc line. This pops up also with openssl 1.1.0 but I don't
see it in any for of the build logs (for 1.0.2 or 1.1.0) so it must be
new.

> Kurt

Sebastian