Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FTBFS against gnutls 3.4.0 #45

Open
GoogleCodeExporter opened this issue Jul 4, 2015 · 1 comment
Open

FTBFS against gnutls 3.4.0 #45

GoogleCodeExporter opened this issue Jul 4, 2015 · 1 comment
Labels
auto-migrated Priority-Medium Type-Defect

Comments

@GoogleCodeExporter
Copy link 

As reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782820
iksemel FTBFS against the recently released GnuTLS 3.4.0:
--------------------------
/bin/bash ../libtool  --tag=CC   --mode=link gcc  -g -O2 -fPIE 
-fstack-protector-strong -Wformat -Werror=format-security -Wall  -fPIE -pie 
-Wl,-z,relro -Wl,-z,now -o ikslint ikslint.o hash.o ../src/libiksemel.la
libtool: link: gcc -g -O2 -fPIE -fstack-protector-strong -Wformat 
-Werror=format-security -Wall -fPIE -pie -Wl,-z -Wl,relro -Wl,-z -Wl,now -o 
.libs/ikslint ikslint.o hash.o  ../src/.libs/libiksemel.so
../src/.libs/libiksemel.so: undefined reference to `gnutls_mac_set_priority'
../src/.libs/libiksemel.so: undefined reference to 
`gnutls_protocol_set_priority'
../src/.libs/libiksemel.so: undefined reference to `gnutls_kx_set_priority'
../src/.libs/libiksemel.so: undefined reference to `gnutls_cipher_set_priority'
../src/.libs/libiksemel.so: undefined reference to 
`gnutls_compression_set_priority'
collect2: error: ld returned 1 exit status
Makefile:386: recipe for target 'ikslint' failed
make[2]: *** [ikslint] Error 1
make[2]: Leaving directory '/tmp/buildd/libiksemel-1.4/tools'
--------------------------
These functions were dropped in 3.4.0, see
http://www.gnutls.org/manual/html_node/Upgrading-from-previous-versions.html#Upg
rading-from-previous-versions
for information on upgrading.

Original issue reported on code.google.com by only...@gmail.com on 19 Apr 2015 at 1:39
@ametzler
Copy link

Hello,

I have posted further info in the Debian bug report https://bugs.debian.org/782820 and am copying it below.

The respective code seems to be this one:
src/tls-gnutls.c
const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
const int kx_priority[] = { GNUTLS_KX_RSA, 0 };
const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0};
const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
[...]
gnutls_protocol_set_priority (data->sess, protocol_priority);
gnutls_cipher_set_priority(data->sess, cipher_priority);
gnutls_compression_set_priority(data->sess, comp_priority);
gnutls_kx_set_priority(data->sess, kx_priority);
gnutls_mac_set_priority(data->sess, mac_priority);

Is there a good reason for this selection? Enabling SSL3.0 and
disabling TLS1.1 and TLS1.2, allowing MD5 as MAC but not SHA256. etc.

If there is not a very good reason for just move to
gnutls_set_default_priority().

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auto-migrated Priority-Medium Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ametzler @GoogleCodeExporter