SSL and dietlibc March 2018

Building small SSL libraries is a challenge. This series of articles follow up on how to build SSL libraries with diet libc at different points in time.

We use this to compile gatling with https support. The respective recipe is also included in this post.

Preconditions

This is local software
which needs diet libc.
Optionally gatling, if you want the web server.

Building mbedtls with dietlibc

cd ~/progs
curl -O https://tls.mbed.org/download/start/mbedtls-2.7.0-apache.tgz
tar xzf ~/mbedtls-2.7.0-apache.tgz
cd mbedtls-2.7.0
make CC="diet -Os gcc -pipe -nostdinc" DESTDIR=/opt/diet install

Building openssl with dietlibc

cd ~/progs
curl -O https://www.openssl.org/source/openssl-1.1.0g.tar.gz
cd openssl-1.1.0g
./config no-dso no-shared no-engine -L/opt/diet/lib-i386 --prefix=/opt/diet -lpthread
make CC="diet -Os gcc -pipe -nostdinc" install_sw

Building gatling with https support

gatling with mbedtls 2.7.0

You might want to make clean before.

make LDFLAGS="-L../libowfat -L/opt/diet/lib" LDLIBS="-lmbedx509 -lmbedcrypto -lpthread -lowfat -lz `cat libsocket libiconv libcrypt`" ptlsgatling
make install

gatling with openssl-1.1.0g

Apply the following patch to gatlings ssl.c file.

Index: ssl.c
===================================================================
RCS file: /cvs/gatling/ssl.c,v
retrieving revision 1.26
diff -u -r1.26 ssl.c
--- ssl.c  1 Feb 2018 02:06:18 -0000   1.26
+++ ssl.c  28 Mar 2018 16:28:18 -0000
@@ -8,6 +8,7 @@
 #include <fcntl.h>
 #include <openssl/ssl.h>
 #include <openssl/engine.h>
+#include <openssl/err.h>
 #include <ctype.h>
 #include <sys/time.h>
 #include <sys/stat.h>
@@ -325,7 +326,7 @@
   if (!library_inited) {
     library_inited=1;
     SSL_library_init();
-    ENGINE_load_builtin_engines();
+//    ENGINE_load_builtin_engines();
     SSL_load_error_strings();
   }
   if (!(ctx=SSL_CTX_new(SSLv23_client_method()))) return -1;
@@ -354,7 +355,7 @@

 void free_tls_memory() {
   SSL_CTX_free(ctx);
-  ENGINE_cleanup();
+//  ENGINE_cleanup();
   CRYPTO_cleanup_all_ex_data();
   ASN1_STRING_TABLE_cleanup();
   ERR_free_strings();

You might want to make clean before.

make CFLAGS=-I/opt/diet/include gatling
make CFLAGS=-I/opt/diet/include LDFLAGS="-L/opt/diet/lib-x86_64 -L/opt/diet/lib" LDLIBS="-lpthread -lowfat" tlsgatling
make install

Results

$ ls -1hs /opt/diet/bin/*gatling
204K /opt/diet/bin/gatling
704K /opt/diet/bin/ptlsgatling
2.4M /opt/diet/bin/tlsgatling