build ocserv 0.8.6 with GnuTLS 3.3.9
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Thu Oct 23 00:07:58 PDT 2014
On Wed, Oct 22, 2014 at 12:59 PM, David Frank <bitinn at gmail.com> wrote:
> Hello,
>
> I wanted to try out this particular setting for ocserv
>
> tls-priorities = "NONE:%SERVER_PRECEDENCE:PFS"
>
> PFS is only available on 3.3.x, but ubuntu only have GnuTLS 3.2.x package, so I build 3.3.9 from source, and during ./configure I saw this output:
> configure: External hardware support:
>
> /dev/crypto: no
> Hardware accel: x86-64
> Padlock accel: yes
> PKCS#11 support: no
> TPM support: no
>
> With GnuTLS installed, I try to configure and make ocserv, but saw this error:
> sec-mod.o: In function `sec_mod_server':
> /home/dev/tools/ocserv-0.8.6/src/sec-mod.c:458: undefined reference to `gnutls_pkcs11_reinit'
> collect2: error: ld returned 1 exit status
It seems that the OS installed library is queried in the ocserv's
configure step, PKCS #11 is detected, and thus the error you see, as
you don't have PKCS #11 in your compiled library. One option is to
enable PKCS #11 support in your compiled library by installing
p11-kit, the other is to somehow force configure to use your compiled
library.
regards,
Nikos
More information about the openconnect-devel
mailing list