• Registered: 2024-10-30
  • Posts: 29

Topic: Link ld.exe issue

Hello Everyone,
After library is built in Visual Studio , should I need to run make install from shell, because LD is failing to locate -lwolfssl when compiling strongswan 


libtool: link: ( cd ".libs" && rm -f "libstrongswan-kernel-wfp.la" && cp -pR "../libstrongswan-kernel-wfp.la" "libstrongswan-kernel-wfp.la" )
/bin/sh ../../../../libtool  --tag=CC   --mode=link gcc  -Wno-format -Wno-format-security -Wno-implicit-fallthrough -Wno-missing-field-initializers -Wno-pointer-sign -Wno-sign-compare -Wno-type-limits -Wno-unused-parameter -g -O2 -Wall -Wno-pointer-sign -Wno-format-security -mno-ms-bitfields -include /home/volga629/strongswan-5.9.14/config.h   -o ipsecdump.exe ipsecdump.o libstrongswan-kernel-wfp.la ../../../../src/libstrongswan/libstrongswan.la
libtool: link: gcc -Wno-format -Wno-format-security -Wno-implicit-fallthrough -Wno-missing-field-initializers -Wno-pointer-sign -Wno-sign-compare -Wno-type-limits -Wno-unused-parameter -g -O2 -Wall -Wno-pointer-sign -Wno-format-security -mno-ms-bitfields -include /home/volga629/strongswan-5.9.14/config.h -o .libs/ipsecdump.exe ipsecdump.o  ./.libs/libstrongswan-kernel-wfp.a -lfwpuclnt ../../../../src/libstrongswan/.libs/libstrongswan.a -L/home/volga629/strongswan-5.9.14/wolfssl-5.7.4-gplv3-fips-ready/DLL-Release -ldl -lws2_32 -lpsapi -lwinhttp -lunbound -lldns -lwolfssl
C:/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/13.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe: cannot find -lwolfssl: No such file or directory
collect2.exe: error: ld returned 1 exit status

Share

  • Registered: 2021-07-06
  • Posts: 139

Re: Link ld.exe issue

Hello volga629,

Yes, after building wolfSSL you will want to install it with "sudo make install" so your linker can find it.  Depending on wolfSSL's install path, you may need to add the path to LD_LIBRARY_PATH as well.

Thanks,
Kareem

Share

  • Registered: 2024-10-30
  • Posts: 29

Re: Link ld.exe issue

Sorry I forgot  to  mention that Windows setup.

Share

  • Registered: 2021-07-06
  • Posts: 139

Re: Link ld.exe issue

For Visual Studio you'll need to add the path to your wolfSSL library to your project's additional library directories and wolfssl.lib to your additional dependencies in project properties -> librarian -> general.

Share

5 Reply by volga629 (edited by volga629 2024-11-12 09:17:14)

  • Registered: 2024-10-30
  • Posts: 29

Re: Link ld.exe issue

I added the following PATH. Is this correct ?
Some reason can't upload screenshot.




http://ftpsrv01.networklab.ca/scripts/Screenshot%202024-11-11%20at%2012.58.13%E2%80%AFPM.png

Share

  • Registered: 2024-10-30
  • Posts: 29

Re: Link ld.exe issue

I tried add custom PATH in Visual studio , but error still present.
Also added 

LDFLAGS="-L$(pwd)/wolfssl-5.7.4-gplv3-fips-ready/DLL-Release2" \

Share

  • Registered: 2024-10-30
  • Posts: 29

Re: Link ld.exe issue

I figure out linkage issue, but wolfssl give  undef functions errors


https://paste.centos.org/view/2a303948

Share

  • Registered: 2024-10-30
  • Posts: 29

Re: Link ld.exe issue

I will need you help to identify the issue.
I added additional Path in Visual Studio, but it not resolve the issue.
When compiling strongswan it quits on wolfssl 

*** Warning: linker path does not have real file for library -lwolfssl.
*** I have the capability to make that library automatically link in when
*** you link to this library.  But I can only do this if you have a
*** shared version of the library, which you do not appear to have
*** because I did check the linker path looking for a file starting
*** with libwolfssl and none of the candidates passed a file format test
*** using a file magic. Last file checked: /mingw64/lib/libldns.dll.a
*** The inter-library dependencies that have been dropped here will be
*** automatically added whenever a program is linked with this library
*** or is declared to -dlopen it.

*** Since this library must not contain undefined symbols,
*** because either the platform does not support them or
*** it was explicitly requested with -no-undefined,
*** libtool will only create a static version of it.

I specified additional library path for strongswan too 

LDFLAGS="-L/mingw64/lib -L$(pwd)/wolfssl-5.7.4-gplv3-fips-ready/DLL-Release2/x64"

Share

  • Registered: 2021-07-06
  • Posts: 139

Re: Link ld.exe issue

Hi volga629,

You can safely disregard the message in your most recent post as it is just a warning.

For the missing references you are seeing, you will need multiple defines added to your build settings for strongswan.  Since you are using FIPS ready, you will want to start with our "WIN10" Visual Studio project and define WOLFSSL_FIPS_READY in user_settings.h: https://github.com/wolfSSL/wolfssl/tree … /IDE/WIN10
Then you will want to add the following defines to fully enable strongswan support:

#define OPENSSL_ALL
#define SESSION_CERTS
#define WOLFSSL_KEY_GEN
#define WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_EXT
#define HAVE_CRL
#define WOLFSSL_CERT_REQ
#define HAVE_OCSP
#define WOLFSSL_DES_ECB
#define WOLFSSL_LOG_PRINTF
#define WOLFSSL_PUBLIC_MP
#define HAVE_EX_DATA
#define WOLFSSL_DTLS

Thanks,
Kareem

Share

10 Reply by volga629 (edited by volga629 2024-11-13 08:48:11)

  • Registered: 2024-10-30
  • Posts: 29

Re: Link ld.exe issue

I tried to compile and first error is asked to add HAVE_TLS_EXTENSIONS.
Right now is failing here are please check screenshot.

https://pasteboard.co/4DcZHwHXtLf4.png




10:37:55:285    1>C:\msys64\home\volga629\strongswan-5.9.14\wolfssl-5.7.4-gplv3-fips-ready\src\internal.c(39616,1): error C1189: #error:  "No encryption algorithm available for default ticket encryption."

Share

  • Registered: 2024-10-30
  • Posts: 29

Re: Link ld.exe issue

I resolved issue above with additional def

List 

#define OPENSSL_ALL
#define SESSION_CERTS
#define ECC_USER_CURVES
#define HAVE_SUPPORTED_CURVES
#define HAVE_CRL
#define HAVE_OCSP
#define HAVE_EX_DATA
#define HAVE_TLS_EXTENSIONS
#define HAVE_ECC192
#define HAVE_ECC224
#define HAVE_ECC256
#define HAVE_ECC384
#define HAVE_ECC521
#define HAVE_FFDHE_4096
#define HAVE_FFDHE_6144
#define HAVE_FFDHE_8192
#define HAVE_AESGCM
#define HAVE_HASHDRBG
#define HAVE_THREAD_LS
#define HAVE_AEAD
#define HAVE_HKDF
#define WOLFSSL_DES_ECB
#define WOLFSSL_LOG_PRINTF
#define WOLFSSL_PUBLIC_MP
#define WOLFSSL_DTLS
#define WC_RSA_PSS
#define WOLFSSL_TLS13
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512
#define WOLFSSL_KEY_GEN
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512
#define WOLFSSL_KEY_GEN
#define WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_EXT
#define WOLFSSL_CERT_REQ
#define NO_DES
#define NO_DES3
#define NO_MD5
#define NO_OLD_TLS
#define NO_PSK
#define NO_RC4
#define NO_DSA
#define NO_MD4

But strongswan still missing some refs

Paste build output

https://paste.centos.org/view/b93316c4

Share

12 Reply by volga629 (edited by volga629 2024-11-13 16:26:47)

  • Registered: 2024-10-30
  • Posts: 29

Re: Link ld.exe issue

For test purpose I compiled FIPS source without Visual Studio and that generated library which  strongswan is complete compilation no error.
Also it generate all required header files .

Is this good way to do too ?

Configure 

 ./configure --host=x86_64-w64-mingw32 --enable-reproducible-build --enable-keygen --enable-rsapss \
            --enable-secure-renegotiation --enable-strongswan --enable-fastmath \
            --enable-ed25519 --enable-curve25519 --enable-fips=ready  --prefix=$(pwd)/wolfssl-fips-build \
            --enable-ecc \
            --disable-fpecc \
            --disable-aligndata \
            --disable-static \
            --disable-jni \
            --disable-crl-monitor\
            --disable-examples \
            LDFLAGS="-lws2_32 -lcrypt32 -Wl,-s -Wl,--gc-sections"

Library

volga629@dskt01 MSYS ~/strongswan-5.9.14/wolfssl-5.7.4-gplv3-fips-ready/wolfssl-fips-build
$ ls -alh lib/
total 2.2M
drwxr-xr-x 1 volga629 Domain Users    0 Nov 12 13:41 .
drwxr-xr-x 1 volga629 Domain Users    0 Nov 12 13:41 ..
-rw-r--r-- 1 volga629 Domain Users 2.2M Nov 12 13:41 libwolfssl.dll.a
-rw-r--r-- 1 volga629 Domain Users 1019 Nov 12 13:41 libwolfssl.la
drwxr-xr-x 1 volga629 Domain Users    0 Nov 12 13:41 pkgconfig

```

Share

  • Registered: 2021-07-06
  • Posts: 139

Re: Link ld.exe issue

Hi volga629,

Yes, configure is what I would recommend to set up wolfSSL with strongswan, since you are able to use configure arguments instead of having to define every single setting.  Your setup looks correct to me.

For the Visual Studio case you will also need the IDE/WIN10 user_settings.h I linked merged with yours, and WOLFSSL_FIPS_READY  defined.

Thanks,
Kareem

Share

  • Registered: 2024-10-30
  • Posts: 29

Re: Link ld.exe issue

Thank you for confirmation

Share