From 84aa75162cd5ba73caa76864496fadd2551a5caa Mon Sep 17 00:00:00 2001
From: Carlos O'Donell <carlos@systemhalted.org>
Date: Fri, 2 Dec 2016 15:39:09 -0500
Subject: Bug 20918 - Building with --enable-nss-crypt fails tst-linkall-static

Some configurations may use NSS cryptographic routines but have no
static library for those routines. The following changes allow glibc to
be built and tested with --enable-nss-crypt, but without having a static
NSS library. At a high level the change does two things:

(1) Detect at configure time if static NSS crypto libraries are
    available.  Assumes libfreebl3.a (instead of the existing Fedora
    libfreebl.a which is incomplete) which matches libfreebl3.so.

(2) If static NSS crypto libraries are _not_ available then adjust the
    way in which we build tst-linkall-static. This includes excluding a
    reference to crypt and not linking against libcrypt.a, all of which
    will fail otherwise.

Testing assumptions:
* Static library is named libfreebl3.a (not libfreebl.a as is currently
  provided in Fedora), matching libfreebl3.so shared link name.

Tested on x86_64 on Fedora with:

(a) --enable-nss-crypt, with no static NSS library support: PASS
    (previous FAIL)

(b) --enable-nss-crypt, with faked static NSS library support: PASS
    (unsupported)
	* Requires changing elf/Makefile to include a stub
	  /lib64/libfreebl3.a for testing purposes.

(c) --disable-nss-crypt: PASS
    (default)

No regressions on x86_64.

For details see:
https://www.sourceware.org/ml/libc-alpha/2016-11/msg00647.html
---
 configure | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

(limited to 'configure')

diff --git a/configure b/configure
index d9f8c06bca..5cf3230b56 100755
--- a/configure
+++ b/configure
@@ -665,6 +665,7 @@ add_ons
 build_pt_chown
 build_nscd
 link_obsolete_rpc
+libc_cv_static_nss_crypt
 libc_cv_nss_crypt
 enable_werror
 all_warnings
@@ -3529,6 +3530,7 @@ cannot find NSS headers with lowlevel hash function interfaces" "$LINENO" 5
 fi
 rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
   old_LIBS="$LIBS"
+  old_LDFLAGS="$LDFLAGS"
   LIBS="$LIBS -lfreebl3"
   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
@@ -3551,14 +3553,41 @@ cannot link program using lowlevel NSS hash functions" "$LINENO" 5
 fi
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext conftest.$ac_ext
+  # Check to see if there is a static NSS cryptographic library.
+  # If there isn't then we can't link anything with libcrypt.a,
+  # and that might mean disabling some static tests.
+  LDFLAGS="$LDFLAGS -static"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+typedef int PRBool;
+#include <hasht.h>
+#include <nsslowhash.h>
+int
+main ()
+{
+NSSLOW_Init();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  libc_cv_static_nss_crypt=yes
+else
+  libc_cv_static_nss_crypt=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+  LDFLAGS="$old_LDFLAGS"
   CFLAGS="$old_CFLAGS"
   LIBS="$old_LIBS"
 else
   libc_cv_nss_crypt=no
+  libc_cv_static_nss_crypt=no
 fi
 
 
 
+
 # Check whether --enable-obsolete-rpc was given.
 if test "${enable_obsolete_rpc+set}" = set; then :
   enableval=$enable_obsolete_rpc; link_obsolete_rpc=$enableval
-- 
cgit 1.4.1