Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[S] Why does (only my?) GnuTLS come w/o programs (certtool)?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
guru meditation
n00b
n00b


Joined: 18 Mar 2018
Posts: 35
Location: Planet Earth

PostPosted: Sat Aug 17, 2019 2:23 am    Post subject: [S] Why does (only my?) GnuTLS come w/o programs (certtool)? Reply with quote

Is only my Gentoo some GnuTLS programs like certtool missing, or why is only the library compiled and installed?

I helped myself temporarily by compiling the programs from source statically and copied them to /usr/local/bin.


Last edited by guru meditation on Sun Aug 18, 2019 3:53 am; edited 1 time in total
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 14060

PostPosted: Sat Aug 17, 2019 3:31 am    Post subject: Reply with quote

What is the output of emerge --info net-libs/gnutls?
Back to top
View user's profile Send private message
fedeliallalinea
Bodhisattva
Bodhisattva


Joined: 08 Mar 2003
Posts: 22163
Location: here

PostPosted: Sat Aug 17, 2019 7:03 am    Post subject: Reply with quote

Probably you should enable tools use flags
_________________
Questions are guaranteed in life; Answers aren't.
Back to top
View user's profile Send private message
guru meditation
n00b
n00b


Joined: 18 Mar 2018
Posts: 35
Location: Planet Earth

PostPosted: Sat Aug 17, 2019 8:39 am    Post subject: Reply with quote

Yes, tools would obviously help.

If emerge wouldn't ignore my global "-guile" USE flag and constantly trying to compile guile (which takes ages even on a 8+ core).
Back to top
View user's profile Send private message
fedeliallalinea
Bodhisattva
Bodhisattva


Joined: 08 Mar 2003
Posts: 22163
Location: here

PostPosted: Sat Aug 17, 2019 11:39 am    Post subject: Reply with quote

guru meditation wrote:
If emerge wouldn't ignore my global "-guile" USE flag and constantly trying to compile guile (which takes ages even on a 8+ core).

You can post emerge output?
_________________
Questions are guaranteed in life; Answers aren't.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 14060

PostPosted: Sat Aug 17, 2019 3:27 pm    Post subject: Reply with quote

net-libs/gnutls[tools] has a BDEPEND on sys-devel/autogen. If you want to build with USE=tools, you must install autogen.

sys-devel/autogen has a DEPEND on dev-scheme/guile, not controlled by a USE flag. USE=-guile cannot suppress this dependency. If you want to avoid guile, you cannot build or run autogen.

Therefore, if you want to avoid guile, you cannot build net-libs/gnutls with USE=tools. If you find this disagreeable, modify autogen not to use guile or modify gnutls not to need autogen.
Back to top
View user's profile Send private message
guru meditation
n00b
n00b


Joined: 18 Mar 2018
Posts: 35
Location: Planet Earth

PostPosted: Sun Aug 18, 2019 3:51 am    Post subject: Reply with quote

Thanks for the expanation. I'm fne with compiling a static GnuTLS from source and copy the tools over to either /usr/bin or /usr/local/bin.The configure does not detect guile, and simply does not need it.

No need to fiddle around with overlays and preferences of Gentoo dependencies. :)
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 14060

PostPosted: Sun Aug 18, 2019 3:49 pm    Post subject: Reply with quote

If gnutls does not actually require autogen, then that is a bug in the ebuild. It should not request packages that are not used. Please try installing all gnutls dependencies other than autogen and guile, uninstalling autogen and guile, then installing gnutls with USE=tools and emerge --nodeps to force Portage not to install autogen (and therefore not to need guile). If it works, and there are no negative side effects, file a bug to have the bogus dependency removed.
Back to top
View user's profile Send private message
GDH-gentoo
n00b
n00b


Joined: 20 Jul 2019
Posts: 65
Location: South America

PostPosted: Mon Aug 19, 2019 7:49 pm    Post subject: Reply with quote

gnutls-3.6.7.ebuild:
Code:
# NOTICE: sys-devel/autogen is required at runtime as we
# use system libopts

This seems to be the condition the package maintainer wants to trigger in GnuTLS' configure script, to avoid using the bundled libopt.

configure.ac for version 3.6.7
Code:
included_libopts=no
if test "$enable_tools" != "no" || test "$enable_doc" != "no"; then
   AC_CHECK_PROGS([autogen], [autogen])

   if test -z "$autogen"; then
      AC_MSG_WARN([[
***
*** autogen not found. Will not link against system libopts.
*** ]])
      dnl simulate specifying option on the command line
      enable_local_libopts=yes
   fi
   LIBOPTS_CHECK([src/libopts])
   if test "$NEED_LIBOPTS_DIR" = "true";then
      dnl replace libopts-generated files with distributed backups, if present
      included_libopts=yes
   fi
else
   ...
fi
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 14060

PostPosted: Tue Aug 20, 2019 2:24 am    Post subject: Reply with quote

That makes sense. Can libopt be unbundled from autogen so that users can have a system libopts without autogen, or would such a setup require building so much of autogen that the user avoids nothing?
Back to top
View user's profile Send private message
GDH-gentoo
n00b
n00b


Joined: 20 Jul 2019
Posts: 65
Location: South America

PostPosted: Tue Aug 20, 2019 9:58 pm    Post subject: Reply with quote

I don't know, I only checked that yes, AutoOpts is the 'authoritative' source of libopts, and AutoOpts is indeed part of AutoGen.

Edit to add: I see, some of the C source files needed to build the tools the OP wants are in turn generated from .def files using autogen. They are distributed with the release tarballs just like the configure script generated from configure.ac (using autoconf) is, and they introduce the dependency on libopts.
Back to top
View user's profile Send private message
guru meditation
n00b
n00b


Joined: 18 Mar 2018
Posts: 35
Location: Planet Earth

PostPosted: Thu Aug 22, 2019 6:51 am    Post subject: Reply with quote

I downloaded the 3.6.9 sources and compiled it OK (without GUILE) with:
./configure --prefix=/opt/gnutls --enable-static --enable-shared

Code:
  version:              3.6.9 shared 55:0:25
  Host/Target system:   x86_64-pc-linux-gnu
  Build system:         x86_64-pc-linux-gnu
  Install prefix:       /opt/gnutls
  Compiler:             gcc
  Valgrind:             no
  CFlags:               -g -O2
  Library types:        Shared=yes, Static=yes
  Local libopts:        yes
  Local libtasn1:       no
  Local unistring:      no
  Use nettle-mini:      no
  Documentation:        yes (manpages: yes)

configure: External hardware support:

  /dev/crypto:          no
  Hardware accel:       x86-64
  Padlock accel:        yes
  Random gen. variant:  getrandom
  PKCS#11 support:      yes
  TPM support:          no

configure: Optional features:
(note that included applications might not compile properly
if features are disabled)

  SSL3.0 support:       no
  SSL2.0 client hello:  yes
  Allow SHA1 sign:      no
  DTLS-SRTP support:    yes
  ALPN support:         yes
  OCSP support:         yes
  SRP support:          yes
  PSK support:          yes
  DHE support:          yes
  ECDHE support:        yes
  GOST support:         yes
  Anon auth support:    yes
  Heartbeat support:    yes
  IDNA support:         IDNA 2008 (libidn2)
  Non-SuiteB curves:    yes
  FIPS140 mode:         no

configure: Optional libraries:

  Guile wrappers:       no
  C++ library:          yes
  DANE library:         no
  OpenSSL compat:       no


It compiles fine, make check passes all tests OK:
Code:
Testsuite summary for GnuTLS 3.6.9
============================================================================
# TOTAL: 110
# PASS:  108
# SKIP:  2

Testsuite summary for GnuTLS 3.6.9
============================================================================
# TOTAL: 436
# PASS:  388
# SKIP:  48

Testsuite summary for GnuTLS 3.6.9
============================================================================
# TOTAL: 71
# PASS:  46
# SKIP:  25

Testsuite summary for GnuTLS 3.6.9
============================================================================
# TOTAL: 7
# PASS:  7

Testsuite summary for GnuTLS 3.6.9
============================================================================
# TOTAL: 20
# PASS:  4
# SKIP:  16


config.log (split in 3 parts)
https://pastebin.com/piyzHspE
https://pastebin.com/wCZaS60h
https://pastebin.com/F4PyQTtB

I don't see any (real) dependency of GnuTLS to GUILE.

Maybe this is a bit of a help.
Back to top
View user's profile Send private message
GDH-gentoo
n00b
n00b


Joined: 20 Jul 2019
Posts: 65
Location: South America

PostPosted: Thu Aug 22, 2019 12:52 pm    Post subject: Reply with quote

guru meditation wrote:
Code:
  Local libopts:        yes

Code:

configure:60469: checking for autogen
configure:60499: result: no
configure:60512: WARNING:
***
*** autogen not found. Will not link against system libopts.
***
...
AUTOGEN='${SHELL} /root/src/gnutls-3.6.9/build-aux/missing autogen'
...
LIBOPTS_CFLAGS='-I$(top_srcdir)/src/libopts'
LIBOPTS_DIR='src/libopts'
LIBOPTS_LDADD='$(top_builddir)/src/libopts/libopts.la'

This is what Gentoo's maintainer wanted to avoid. Whether it is worth it or not, is another discussion.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 14060

PostPosted: Fri Aug 23, 2019 2:38 am    Post subject: Reply with quote

Avoiding bundled copies is almost always worth it. My only complaint with the gnutls ebuild would be that it doesn't go far enough. It ought to remove the bundled copy of libopts, so that configure cannot fall back to it when the system copy is unusable. As is, users may unknowingly switch to the bundled copy if configure fails to accept the system copy (such as if the system copy is not in the library search path, or develops a secondary dependency that configure doesn't link in). It would be better to have a hard failure, so that users are aware when their system libopts is incompatible. We could optionally hide this hard fail behind a USE flag such as system-libopt, so that people who would prefer a bundled copy over a failed build can express their choice.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum