| Message ID | 20171219101024.ihi276tfg6s5gti6@zenon.in.qult.net |
|---|---|
| State | Accepted |
| Headers | show |
| Series | nginx: Harden patches for using pkg-config | expand |
Hello, On Tue, 19 Dec 2017 11:10:24 +0100, Ignacy Gawędzki wrote: > Don't simply remove "-I" from the output of pkg-config --cflags-only-I > but match the -I argument more generally. OK, but why? What is this fixing? Thomas
On Tue, Dec 19, 2017 at 01:43:16PM +0100, thus spake Thomas Petazzoni: > Hello, > > On Tue, 19 Dec 2017 11:10:24 +0100, Ignacy Gawędzki wrote: > > Don't simply remove "-I" from the output of pkg-config --cflags-only-I > > but match the -I argument more generally. > > OK, but why? What is this fixing? Suppose that the lib has been installed in /usr/Some-Install-Location/ then pkg-config --cflags-only-I may return -I/usr/Some-Install-Location/include which, piped through sed 's/-I//g' would end up being /usr/Somenstall-Location/include which is probably not going to work.
Hello, On Tue, 19 Dec 2017 13:59:04 +0100, Ignacy Gawędzki wrote: > On Tue, Dec 19, 2017 at 01:43:16PM +0100, thus spake Thomas Petazzoni: > > Hello, > > > > On Tue, 19 Dec 2017 11:10:24 +0100, Ignacy Gawędzki wrote: > > > Don't simply remove "-I" from the output of pkg-config --cflags-only-I > > > but match the -I argument more generally. > > > > OK, but why? What is this fixing? > > Suppose that the lib has been installed in /usr/Some-Install-Location/ > then pkg-config --cflags-only-I may return > > -I/usr/Some-Install-Location/include > > which, piped through sed 's/-I//g' would end up being > > /usr/Somenstall-Location/include > > which is probably not going to work. Indeed, makes total sense. I've applied your patch, after rewording the commit log to be clearer about what is being fixed. Thanks! Thomas
diff --git a/package/nginx/0004-auto-lib-libxslt-conf-use-pkg-config.patch b/package/nginx/0004-auto-lib-libxslt-conf-use-pkg-config.patch index b315909c34..103f90b305 100644 --- a/package/nginx/0004-auto-lib-libxslt-conf-use-pkg-config.patch +++ b/package/nginx/0004-auto-lib-libxslt-conf-use-pkg-config.patch @@ -15,13 +15,14 @@ diff --git a/auto/lib/libxslt/conf b/auto/lib/libxslt/conf index 3a0f37b..3c2a60e 100644 --- a/auto/lib/libxslt/conf +++ b/auto/lib/libxslt/conf -@@ -12,8 +12,8 @@ +@@ -12,8 +12,9 @@ #include <libxslt/xsltInternals.h> #include <libxslt/transform.h> #include <libxslt/xsltutils.h>" - ngx_feature_path="/usr/include/libxml2" - ngx_feature_libs="-lxml2 -lxslt" -+ ngx_feature_path="$(${PKG_CONFIG:=pkg-config} --cflags-only-I libxslt|sed 's/-I//g')" ++ ngx_feature_path="$(${PKG_CONFIG:=pkg-config} --cflags-only-I libxslt| ++ sed -re 's/(^|\s)-I\s*(\S+)/\1\2/g')" + ngx_feature_libs="$(${PKG_CONFIG:=pkg-config} --libs libxslt)" ngx_feature_test="xmlParserCtxtPtr ctxt = NULL; xsltStylesheetPtr sheet = NULL; diff --git a/package/nginx/0006-auto-lib-openssl-conf-use-pkg-config.patch b/package/nginx/0006-auto-lib-openssl-conf-use-pkg-config.patch index 0c94890625..0bd4d337c8 100644 --- a/package/nginx/0006-auto-lib-openssl-conf-use-pkg-config.patch +++ b/package/nginx/0006-auto-lib-openssl-conf-use-pkg-config.patch @@ -15,13 +15,14 @@ diff --git a/auto/lib/openssl/conf b/auto/lib/openssl/conf index 39d9602..995c6f3 100644 --- a/auto/lib/openssl/conf +++ b/auto/lib/openssl/conf -@@ -58,8 +58,8 @@ else +@@ -58,8 +58,9 @@ else ngx_feature_name="NGX_OPENSSL" ngx_feature_run=no ngx_feature_incs="#include <openssl/ssl.h>" - ngx_feature_path= - ngx_feature_libs="-lssl -lcrypto $NGX_LIBDL" -+ ngx_feature_path="$(${PKG_CONFIG:=pkg-config} --cflags-only-I openssl|sed 's/-I//g')" ++ ngx_feature_path="$(${PKG_CONFIG:=pkg-config} --cflags-only-I openssl| ++ sed -re 's/(^|\s)-I\s*(\S+)/\1\2/g')" + ngx_feature_libs="$(${PKG_CONFIG:=pkg-config} --libs openssl)" ngx_feature_test="SSL_CTX_set_options(NULL, 0)" . auto/feature
Don't simply remove "-I" from the output of pkg-config --cflags-only-I but match the -I argument more generally. Signed-off-by: Ignacy Gawędzki <ignacy.gawedzki@green-communications.fr> --- package/nginx/0004-auto-lib-libxslt-conf-use-pkg-config.patch | 5 +++-- package/nginx/0006-auto-lib-openssl-conf-use-pkg-config.patch | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-)