[gnutls-help] on finding nettle under /usr/local rather than under /usr (GNU+Linux 64-bit system)

Marco Maggi marco.maggi-ipsu at poste.it
Thu Jun 6 21:19:50 CEST 2013 

Nikos Mavrogiannopoulos wrote:
> That's pretty strange. Did you run ldconfig on your system (and does
> its configuration include /usr/local/lib)? I'd expect that the latest
> library would be used.

Sorry for  the very late  reply and  for this very  long message.
Unfortunately Gnutls 3.2.1 still does not work.  To recapitulate:

* I have the libraries:

    $ ls -1 \
         /usr/lib64/libgmp.so \
         /usr/lib64/libnettle.so \
         /usr/lib64/libhogweed.so \
         /usr/lib64/libtasn1.so
    /usr/lib64/libgmp.so
    /usr/lib64/libhogweed.so
    /usr/lib64/libnettle.so
    /usr/lib64/libtasn1.so

    $ ls -1 \
         /usr/local/lib/libgmp.so \
         /usr/local/lib/libnettle.so \
         /usr/local/lib/libhogweed.so \
         /usr/local/lib/libtasn1.so
    /usr/local/lib/libgmp.so
    /usr/local/lib/libhogweed.so
    /usr/local/lib/libnettle.so
    /usr/local/lib/libtasn1.so

* I have the ld config file

    $ cat /etc/ld.so.conf
    /usr/local/lib
    /usr/local/lib64
    ...

  and see the libraries:

    $ /sbin/ldconfig -p | grep '\(gmp\|tasn1\|nettle\|hogweed\)'
    libtasn1.so.6 (libc6,x86-64) => /usr/local/lib/libtasn1.so.6
    libtasn1.so.3 (libc6,x86-64) => /usr/lib64/libtasn1.so.3
    libtasn1.so (libc6,x86-64) => /usr/local/lib/libtasn1.so
    libtasn1.so (libc6,x86-64) => /usr/lib64/libtasn1.so
    libnettle.so.4 (libc6,x86-64) => /usr/local/lib/libnettle.so.4
    libnettle.so.4 (libc6,x86-64) => /usr/lib64/libnettle.so.4
    libnettle.so (libc6,x86-64) => /usr/local/lib/libnettle.so
    libnettle.so (libc6,x86-64) => /usr/lib64/libnettle.so
    libhogweed.so.2 (libc6,x86-64) => /usr/local/lib/libhogweed.so.2
    libhogweed.so.2 (libc6,x86-64) => /usr/lib64/libhogweed.so.2
    libhogweed.so (libc6,x86-64) => /usr/local/lib/libhogweed.so
    libhogweed.so (libc6,x86-64) => /usr/lib64/libhogweed.so
    libgmpxx.so.4 (libc6,x86-64) => /usr/lib64/libgmpxx.so.4
    libgmpxx.so (libc6,x86-64) => /usr/lib64/libgmpxx.so
    libgmp.so.10 (libc6,x86-64) => /usr/local/lib/libgmp.so.10
    libgmp.so.10 (libc6,x86-64) => /usr/lib64/libgmp.so.10
    libgmp.so.3 (libc6,x86-64) => /usr/lib64/libgmp.so.3
    libgmp.so (libc6,x86-64) => /usr/local/lib/libgmp.so
    libgmp.so (libc6,x86-64) => /usr/lib64/libgmp.so

* I prepare the environment:

    $ export LD_LIBRARY_PATH=
    $ export LD_RUN_PATH=

* I see:

    $ ldd /usr/local/lib/libhogweed.so | grep nettle
    libnettle.so.4 => /usr/local/lib/libnettle.so.4 (0x00007fef99914000)

* I prepare the file:

    $ cat demo.c
    #include <stdio.h>
    #include <nettle/base64.h>
    #include <libtasn1.h>

    int
    main (int argc, const char *const argv[])
    {
      struct base64_encode_ctx ctx;
      base64_encode_init(&ctx);
      printf("%s\n", asn1_strerror(ASN1_SUCCESS));
      return 0;
    }

  and compile it with:

    $ gcc -Wall -I/usr/local/include -L/usr/local/lib \
       -o demo demo.c \
       -ltasn1 -lnettle -lhogweed

  it compiles fine and runs fine,  and it appears to be linked to
  the right libraries under "/usr/local/lib":

    $ ldd ./demo
    linux-vdso.so.1 (0x00007fff91df4000)
    libtasn1.so.6 => /usr/local/lib/libtasn1.so.6 (0x00007f9074638000)
    libnettle.so.4 => /usr/local/lib/libnettle.so.4 (0x00007f9074407000)
    libhogweed.so.2 => /usr/local/lib/libhogweed.so.2 (0x00007f90741d8000)
    libc.so.6 => /lib64/libc.so.6 (0x00007f9073e18000)
    libgmp.so.10 => /usr/local/lib/libgmp.so.10 (0x00007f9073ba0000)
    /lib64/ld-linux-x86-64.so.2 (0x00007f907487a000)

* When compiling the same program without the local flags:

    $ gcc -Wall -o demo demo.c -ltasn1 -lnettle -lhogweed

  the program compiles  fine, runs fine, and  it *almost* appears
  to be linked to the correct libraries:

    $ ldd ./demo
    linux-vdso.so.1 (0x00007ffff4fff000)
    libtasn1.so.3 => /usr/lib64/libtasn1.so.3 (0x00007fa01ea3e000)
    libnettle.so.4 => /usr/local/lib/libnettle.so.4 (0x00007fa01e80d000)
    libhogweed.so.2 => /usr/local/lib/libhogweed.so.2 (0x00007fa01e5de000)
    libc.so.6 => /lib64/libc.so.6 (0x00007fa01e21e000)
    libgmp.so.10 => /usr/local/lib/libgmp.so.10 (0x00007fa01dfa6000)
    /lib64/ld-linux-x86-64.so.2 (0x00007fa01ec7d000)

  with the exception of libtasn1, for no reason I can understand.

  I conclude that  my system is almost fine  when running outside
of the GNU Autotools infrastructure... whatever this means.  Also
I have the  packages GMP and MPFR with  libraries installed under
"/usr/lib64" and also a local installation of GMP, MPFR, MPC with
libraries  installed under  "/usr/local/lib"; all  these packages
make  use of  Libtool  (they  install .la  files)  and the  local
installations   are  correctly   linked   with  libraries   under
"/usr/local/lib".  Nettle does not use Libtool, but this does not
appear to be a problem when compiling by hand.

  Now I  start with a  fresh unpacking  of Gnutls 3.2.1  and just
run:

   $ ./configure

it appears to complete successfully and:

   $ grep '\(nettle\|NETTLE\)' config.log
   config.log:589:configure:8667: checking for NETTLE
   config.log:590:configure:8675: $PKG_CONFIG --exists --print-errors "nettle >= 2.7"
   config.log:592:configure:8693: $PKG_CONFIG --exists --print-errors "nettle >= 2.7"
   config.log:716:| #define HAVE_LIBNETTLE 1
   ...
   config.log:37166:config.status:3259: creating lib/nettle/Makefile
   config.log:37301:ac_cv_env_NETTLE_CFLAGS_set=
   config.log:37302:ac_cv_env_NETTLE_CFLAGS_value=
   config.log:37303:ac_cv_env_NETTLE_LIBS_set=
   config.log:37304:ac_cv_env_NETTLE_LIBS_value=
   config.log:38427:pkg_cv_NETTLE_CFLAGS='-I/usr/local/include '
   config.log:38428:pkg_cv_NETTLE_LIBS='-L/usr/local/lib -lnettle '
   config.log:38524:ENABLE_NETTLE_FALSE='#'
   config.log:38525:ENABLE_NETTLE_TRUE=''
   config.log:38954:GNUTLS_REQUIRES_PRIVATE='Requires.private: nettle, hogweed, libtasn1, p11-kit-1, zlib'
   config.log:39414:NETTLE_CFLAGS='-I/usr/local/include '
   config.log:39415:NETTLE_LIBS='-L/usr/local/lib -lnettle '
   config.log:39851:#define HAVE_LIBNETTLE 1

   $ find -name Makefile| xargs grep NETTLE
   ./doc/credentials/x509/Makefile:NETTLE_CFLAGS = -I/usr/local/include
   ./doc/credentials/x509/Makefile:NETTLE_LIBS = -L/usr/local/lib -lnettle
   ...

everything looks fine.  Now I run "make" and it fails:

   $ make
   ...
   CCLD crywrap
   ../../lib/.libs/libgnutls.so: undefined reference to `nettle_umac96_set_key'
   ../../lib/.libs/libgnutls.so: undefined reference to `nettle_secp_224r1'
   ../../lib/.libs/libgnutls.so: undefined reference to `nettle_ecc_point_get'
   ...

  I have refreshed my memory reading the documentation of Libtool
and my understanding  is that it imposes its own  karma both when
linking libraries in the build tree and when linking libraries in
the installation  directory; so I  am not  sure it make  sense to
apply "ldd" upon the libraries in the build tree, but anyway:

   $ ldd ./lib/.libs/libgnutls.so |grep '\(nettle\|tasn\|gmp\)'
   libtasn1.so.6 => /usr/local/lib/libtasn1.so.6 (0x00007f27b394b000)
   libnettle.so.4 => /usr/lib64/libnettle.so.4 (0x00007f27b3726000)
   libgmp.so.10 => /usr/lib64/libgmp.so.10 (0x00007f27b2ac6000)

for what is worth: it is not  right.  In the mess of the Makefile
it seems to me that the command that links libgnutls is:

   echo " CCLD " libgnutls.la;/bin/sh ../libtool --silent --tag=CC --mode=link gcc -std=gnu99 -g -O2 -no-undefined -version-info 50:0:22 -Wl,--version-script=./libgnutls.map -o libgnutls.la -rpath /usr/local/lib gnutls_range.lo gnutls_record.lo gnutls_compress.lo debug.lo gnutls_cipher.lo gnutls_mbuffers.lo gnutls_buffers.lo gnutls_handshake.lo gnutls_num.lo gnutls_errors.lo gnutls_dh.lo gnutls_kx.lo gnutls_priority.lo gnutls_hash_int.lo gnutls_cipher_int.lo gnutls_session.lo gnutls_db.lo x509_b64.lo gnutls_extensions.lo gnutls_auth.lo gnutls_v2_compat.lo gnutls_datum.lo gnutls_session_pack.lo gnutls_mpi.lo gnutls_pk.lo gnutls_cert.lo gnutls_global.lo gnutls_constate.lo gnutls_anon_cred.lo pkix_asn1_tab.lo gnutls_asn1_tab.lo gnutls_mem.lo gnutls_ui.lo gnutls_sig.lo gnutls_ecc.lo gnutls_dh_primes.lo gnutls_alert.lo system.lo gnutls_str.lo gnutls_state.lo gnutls_x509.lo gnutls_rsa_export.lo gnutls_helper.lo gnutls_supplemental.lo random.lo crypto-api.lo gnutls_privkey.lo gnutls_pcert.lo gnutls_pubkey.lo locks.lo gnutls_dtls.lo system_override.lo crypto-backend.lo verify-tofu.lo pin.lo tpm.lo pkcs11.lo pkcs11_privkey.lo pkcs11_write.lo pkcs11_secret.lo gnutls_srp.lo gnutls_psk.lo ../gl/libgnu.la x509/libgnutls_x509.la accelerated/libaccelerated.la ext/libgnutls_ext.la auth/libgnutls_auth.la algorithms/libgnutls_alg.la extras/libgnutls_extras.la openpgp/libgnutls_openpgp.la opencdk/libminiopencdk.la nettle/libcrypto.la -lz -lp11-kit -L/usr/local/lib -ltasn1 -L/usr/local/lib -lnettle -L/usr/local/lib -lhogweed

which looks  fine.  The only thing  I can say is  that "-lz" will
find the  library "/usr/lib64/libz.so" and "-lp11-kit"  will find
"/usr/lib64/libp11-kit.la"     and    "/usr/lib64/libp11-kit.so";
"libp11-kit.la" contains:

   libdir='/usr/lib64'

but I doubt it makes some difference.

  Of course  I can  just use  the old  libraries in  my Slackware
installation; I am lost here. :-/
-- 
"Now feel the funk blast!"
Rage Against the Machine - "Calm like a bomb"

More information about the Gnutls-help mailing list