Failure occurs when running make about rpki-client-portable HOT 20 CLOSED

@dorpauli on Debian Bullseye or Ubuntu Hirsute it might be easier to just do apt install rpki-client

from rpki-client-portable.

I added vis.c and vis.h to the proable framework in d637dd3.
This should now hopefully compile.

from rpki-client-portable.

Ok now the compilation continues. But then another failure occurs. There seems to be a undefined reference. I post the output of make check as text file:

compile.log

On the same machine, the compilation went through a few weeks ago and the software worked.

from rpki-client-portable.

Can you compile with make AM_DEFAULT_VERBOSITY=1.
Also could you send me the configure output?
It seems that the library includes are incorrect -lcrypto is missing.

from rpki-client-portable.

Here are the two output files.

configure.txt
make.txt

from rpki-client-portable.

For some reasons the sk_num, and friends are not found during linking. Even though there is a -lcrypto in the link command.
What system is that and what version of -lcrypto are you linking against?
I did build this on an older alpine image I had around and it is working with the last pushes I made today.

from rpki-client-portable.

Oh wait, I see the problem. You compile with libressl headers but link against an openssl library. That does not work. You need to use either the libressl -lcrypto or make sure that the openssl includes are from OpenSSL.
sk_num is defined to OPENSSL_sk_num in OpenSSL 1.1.

from rpki-client-portable.

Ok thank you for your help.

I don't know much about these thinks. I only tried to get it compiled and for that i installed libressl, because the configure script said "libtls headers required".

It's a Debian based system and i don't know the best way to solve it. I have not found libtls-standalone.

from rpki-client-portable.

I found a solution, that works for now. I just used this repository to install libtls.

from rpki-client-portable.

The proper solution is to get the various linux distros to actually package and ship an up-to-date version of libtls.
Just take libtls and tls.h (and the manpages) from libressl-portable and package that, everyone would benefit.

from rpki-client-portable.

But what is the right solution in the current situation? For Debian it is not possible to compile the software with the current installation instructions and without some workaround...

However, I ran some tests with the new binary and there are nearly 30.000 vrps missing. Maybe it's caused by the outdated version of libtls.

from rpki-client-portable.

If you have OpenSSL and need libtls, then you need the LibreTLS package, which unfortunately is not yet widely packaged for Linux distributions as Repology says. Having both OpenSSL and LibreSSL on one system seems to be error-prone from my experience.

from rpki-client-portable.

As mentioned you only need libtls from libressl. Since LibreSSL 3.2.0 libtls is self-sufficent and does not need any external dependencies anymore. tls.h does neither depend on any openssl/ header so that should possible.
In this regard libretls is more or less exactly this but depends on -lssl and -lcrypto from OpenSSL.
Anyway, I'm super happy if other people help to push libtls or libretls into more Linux distros.

from rpki-client-portable.

First of all thank you both for the help.

I could now install libtls and ldconfig is aware of it. I also installed the man pages and lib.h. This works fine, but configure still prints:

checking tls.h usability... yes
checking tls.h presence... yes
checking for tls.h... yes
checking for library containing tls_read... no 
configure: error: LibreSSL libtls library required

from rpki-client-portable.

To add some more information about this i searched for the corresponding lines in config.log. And here they are:

cat config.log | grep libtls
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `arc4random_buf'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `X509_OBJECT_free_contents'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `sk_pop_free'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `sk_free'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `strlcpy'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `ASN1_time_tm_clamp_notafter'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `sk_value'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `SSL_CTX_load_verify_mem'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `SSL_CTX_set1_groups'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `X509_STORE_get_by_subject'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `freezero'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `SSLv23_client_method'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `arc4random'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `sk_num'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `ASN1_time_parse'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `SSL_CTX_use_certificate_chain_mem'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `timingsafe_memcmp'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `ECDSA_set_ex_data'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `SSLv23_server_method'
/usr/bin/ld: //usr/local/lib/libtls.so: undefined reference to `SSLv23_method'
configure:10467: error: LibreSSL libtls library required

It seems that this have something to do with the linking against openssl like @cjeker mentioned before:

Oh wait, I see the problem. You compile with libressl headers but link against an openssl library. That does not work. You need to use either the libressl -lcrypto or make sure that the openssl includes are from OpenSSL.
sk_num is defined to OPENSSL_sk_num in OpenSSL 1.1.

I really have no idea how to solve this. As i said i only installed libtls, tls.h and the man pages from libressl repository.

from rpki-client-portable.

Not sure what version of libtls.so you use. That one is not self-hosted.
I built libressl-3.2.5 and there is no reference to any of the objects you mentioned in your build.
As mentioned you need to use libressl-3.2.0 or newer to get a self-hosted libtls.

from rpki-client-portable.

The version i built from is also 3.2.5.

from rpki-client-portable.

Thanks for the bash script to install libtls. Now i can compile again.

However, i wonder why it doesn't worked before. The only difference i made was fetching the libressl-portable version from Github. https://github.com/libressl-portable/portable/releases/tag/v3.2.5

from rpki-client-portable.

However, I ran some tests with the new binary and there are nearly 30.000 vrps missing. Maybe it's caused by the outdated version of libtls.

Are you sure you installed all the Trust Anchors you want to use? https://rpki.readthedocs.io/en/latest/rpkiclient/installation.html#extra-tals

from rpki-client-portable.

@job i can't remember exactly. But i think i did

Anyway, it runs again as expected. My problem was really just getting Client to run. But the script, that @cjeker provides to install libtls did the thing. So now there are no missing entries anymore.

from rpki-client-portable.