ocserv from source CentOS 6.4 x64

Martin Lambev fsh3mve at gmail.com
Fri Nov 15 22:54:35 EST 2013

Hello Nikos,

Inline too…
>> $ autoreconf -fvi
>> autoreconf: Entering directory `.'
>> autoreconf: configure.ac: not using Gettext
>> autoreconf: running: aclocal --force -I gl/m4 -I libopts/m4
>> configure.ac:14: warning: macro `AM_PROG_AR' not found in library
> You need a newer automake, or just remove the AM_PROG_AR line and you're fine.

I've removed AM_PROG_AR line form configure.am, but end up with another error:
autoreconf: configure.ac: not using Gettext
autoreconf: running: aclocal --force -I gl/m4 -I libopts/m4
autoreconf: configure.ac: tracing
autoreconf: configure.ac: not using Libtool
autoreconf: running: /usr/bin/autoconf --force
autoreconf: running: /usr/bin/autoheader --force
autoreconf: running: automake --add-missing --copy --force-missing
configure.ac:7: require Automake 1.11.3, but have 1.11.1
autoreconf: automake failed with exit status: 1

I guess you are right newer automate will solve this!

>> The GnuTLS bundled with CentOS 6.4 is GnuTLS ver.2.8.5
> Hell no! (that's 2009 :)

I guess they port only security updates from mainstream and keep it for stability? 
>> So I'm grabbing one from GnuTLS website stable release  gnutls-3.1.16.tar.xz, Nettle crypto back-end lib (nettle-2.7.1.tar.gz), GMP arithmetic library (gmp-5.1.3.tar.xz) are also required, as an option I'm also compile zlib v.1.2.8.
> It is better to use the 3.2.x branch. It's not less stable than the
> other and is much faster in packet processing.
Okay got gnutls 3.2.6 and during configure it failed: 

checking for NETTLE... no
configure: error: 
  *** Libnettle 2.7 was not found.
Altho i have just recompiled and installed v.2.7.1 again. Tryied to define netlibs location:
$ export NETTLE_LIBS=/usr/local/lib64/
$ ./configure --with-libdir=lib64

Neither of these solve this issue… but at the same time v.3.1.16 configures installs fine? 

Found a workaround: export PKG_CONFIG_PATH=/usr/local/lib64/pkgconfig/

I could configure gnutls v.3.2.6

>> Step 3: nettle** There was an error with nettle make:
>> hogweed-benchmark.c:576: error: ‘struct openssl_ctx’ has no member named ‘digest’
>> make[1]: *** [hogweed-benchmark.o] Error 1
>> make[1]: Leaving directory `/home/mve/Downloads/ocserv/nettle/nettle-2.7.1/examples'
>> make: *** [all] Error 1
> No idea. Note that in nettle it is better not to compile with -j.
> In any case report this to nettle's list.
Send an email as your suggestion…
>> and also to tune PKG_CONFIG_PATH but did not work quite well…
>> still dies on "make" and/or after "make install" ocserv complains that cant find missing libs
> You may need to do something like:
> echo "/usr/local/lib" >/etc/ld.so.conf.d/local.conf
> echo "/usr/local/lib64" >>/etc/ld.so.conf.d/local.conf
> ldconfig
> This will solve finding the correct library on runtime.
> What errors did you have on "make"?

Again stuck in loop, can't get to make even…. configure yelled this: 

checking size of unsigned long... 8
checking whether byte ordering is bigendian... no
checking for LIBGNUTLS... no
configure: error: Package requirements (gnutls >= 3.1.10) were not met:

Requested 'gnutls >= 3.1.10' but version of GnuTLS is 2.8.5
You may find new versions of GnuTLS at http://www.gnu.org/software/gnutls/

Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.

Alternatively, you may set the environment variables LIBGNUTLS_CFLAGS
and LIBGNUTLS_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.

I tried to set PKG_CONFIG_PATH, and LIBGNUTLS_LIBS and LIBGNUTLS_CFLAGS but If I manage to trick ./configure to pass it leads to other issues with "make" it complains that /usr/local/lib/" is a directory

I'm clueless how to configure it properly… this is the info about libs and bins… 
ldconfig -p | grep '\(gmp\|tasn1\|nettle\|gnu\|hogweed\)'
	libtasn1.so.3 (libc6,x86-64) => /usr/lib64/libtasn1.so.3
	libnettle.so.4 (libc6,x86-64) => /usr/local/lib64/libnettle.so.4
	libnettle.so (libc6,x86-64) => /usr/local/lib64/libnettle.so
	libhogweed.so.2 (libc6,x86-64) => /usr/local/lib64/libhogweed.so.2
	libhogweed.so (libc6,x86-64) => /usr/local/lib64/libhogweed.so
	libgnutlsxx.so.28 (libc6,x86-64) => /usr/local/lib/libgnutlsxx.so.28
	libgnutlsxx.so.26 (libc6,x86-64) => /usr/lib64/libgnutlsxx.so.26
	libgnutlsxx.so (libc6,x86-64) => /usr/local/lib/libgnutlsxx.so
	libgnutlsxx.so (libc6,x86-64) => /usr/lib64/libgnutlsxx.so
	libgnutls.so.28 (libc6,x86-64) => /usr/local/lib/libgnutls.so.28
	libgnutls.so.26 (libc6,x86-64) => /usr/lib64/libgnutls.so.26
	libgnutls.so (libc6,x86-64) => /usr/local/lib/libgnutls.so
	libgnutls.so (libc6,x86-64) => /usr/lib64/libgnutls.so
	libgnutls-xssl.so.0 (libc6,x86-64) => /usr/local/lib/libgnutls-xssl.so.0
	libgnutls-xssl.so (libc6,x86-64) => /usr/local/lib/libgnutls-xssl.so
	libgnutls-openssl.so.27 (libc6,x86-64) => /usr/local/lib/libgnutls-openssl.so.27
	libgnutls-openssl.so (libc6,x86-64) => /usr/local/lib/libgnutls-openssl.so
	libgnutls-extra.so.26 (libc6,x86-64) => /usr/lib64/libgnutls-extra.so.26
	libgnutls-extra.so (libc6,x86-64) => /usr/lib64/libgnutls-extra.so
	libgmpxx.so.4 (libc6,x86-64) => /usr/lib64/libgmpxx.so.4
	libgmp.so.10 (libc6,x86-64) => /usr/local/lib/libgmp.so.10
	libgmp.so.3 (libc6,x86-64) => /usr/lib64/libgmp.so.3
	libgmp.so (libc6,x86-64) => /usr/local/lib/libgmp.so

ls -lah /usr/local/bin/
drwxr-xr-x.  2 root root 4.0K Nov 15 19:24 .
drwxr-xr-x. 12 root root 4.0K Aug 29  2012 ..
-rwxr-xr-x   1 root root 568K Nov 15 19:24 certtool
-rwxr-xr-x   1 root root  52K Nov 15 19:24 crywrap
-rwxr-xr-x   1 root root 477K Nov 15 19:24 danetool
-rwxr-xr-x   1 root root 496K Nov 15 19:24 gnutls-cli
-rwxr-xr-x   1 root root 442K Nov 15 19:24 gnutls-cli-debug
-rwxr-xr-x   1 root root 449K Nov 15 19:24 gnutls-serv
-rwxr-xr-x   1 root root 121K Nov 15 18:13 nettle-hash
-rwxr-xr-x   1 root root  45K Nov 15 18:13 nettle-lfib-stream
-rwxr-xr-x   1 root root 339K Nov 15 07:32 ocpasswd
-rwxr-xr-x   1 root root 376K Nov 15 19:24 ocsptool
-rwxr-xr-x   1 root root 153K Nov 15 18:13 pkcs1-conv
-rwxr-xr-x   1 root root 331K Nov 15 19:24 psktool
-rwxr-xr-x   1 root root 288K Nov 15 18:13 sexp-conv
-rwxr-xr-x   1 root root 349K Nov 15 19:24 srptool

gnutls-cli -v
gnutls-cli 3.2.6

Altho part of the confusion may be brought by already installed gnutls


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20131116/e720e9a9/attachment.sig>

More information about the openconnect-devel mailing list