Setting certificate failed: Internal error in memory allocation.

Joe Beiter joe.beiter at gmail.com
Thu May 22 13:02:18 PDT 2014


Looks like I'm running:
----------------------------------------------
gnutls-cli (GnuTLS) 2.12.23
Packaged by Debian (2.12.23-12ubuntu2)
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by Nikos Mavrogiannopoulos.
---------------------------------------------

but I'm not sure if that gnutls-cli is what openconnect is calling. I
tried to find a .deb for a later version of gnutls but no luck.  Tried
compiling 3.1.24 but can't get past the "libnettle 2.5" requirement.

less config.log
configure:9154: checking whether to use nettle
configure:9157: result: yes
configure:9652: checking for libnettle
configure:9674: gcc -std=gnu99 -o conftest -g -O2   conftest.c
/usr/local/lib/libnettle.so -lhogweed -lgmp -Wl,-rpath
-Wl,/usr/local/lib >&5
/usr/bin/ld: cannot find -lhogweed
collect2: error: ld returned 1 exit status
configure:9674: $? = 1
configure: failed program was:
| /* confdefs.h */
| #define PACKAGE_NAME "GnuTLS"
| #define PACKAGE_TARNAME "gnutls"
| #define PACKAGE_VERSION "3.1.24"
| #define PACKAGE_STRING "GnuTLS 3.1.24"
| #define PACKAGE_BUGREPORT "bugs at gnutls.org"
| #define PACKAGE_URL ""
| #define PACKAGE "gnutls"
| #define VERSION "3.1.24"
| #define STDC_HEADERS 1
| #define HAVE_SYS_TYPES_H 1
| #define HAVE_SYS_STAT_H 1
| #define HAVE_STDLIB_H 1
| #define HAVE_STRING_H 1
| #define HAVE_MEMORY_H 1
| #define HAVE_STRINGS_H 1
| #define HAVE_INTTYPES_H 1
| #define HAVE_STDINT_H 1
| #define HAVE_UNISTD_H 1
| #define __EXTENSIONS__ 1
| #define _ALL_SOURCE 1
| #define _DARWIN_C_SOURCE 1
| #define _GNU_SOURCE 1
| #define _POSIX_PTHREAD_SEMANTICS 1
| #define _TANDEM_SOURCE 1
| #define HAVE_FSEEKO 1
| #define _DARWIN_USE_64_BIT_INODE 1
| #define STDC_HEADERS 1
| #define HAVE_CPUID_H 1
| /* end confdefs.h.  */
| #include <nettle/rsa.h>
| int
| main ()
| {
| rsa_decrypt_tr (0,0,0,0,0,0,0)
|   ;
|   return 0;
| }
configure:9684: result: no
configure:9710: error:
  ***
  *** Libnettle 2.5 was not found. Note that you must compile nettle
with gmp support.

On Thu, May 22, 2014 at 3:04 PM, Nikos Mavrogiannopoulos
<nmav at gnutls.org> wrote:
> On Thu, 2014-05-22 at 12:34 -0400, Joe Beiter wrote:
>> I've been using openconnect with a PIV card in ubuntu 12 fine. I'm trying
>> to migrate to a new laptop using ubuntu 14.04 and having problems
>>
>> OpenConnect version v5.02 (old one was 4.07)
>> Using GnuTLS. Features present: PKCS#11, TOTP software token, DTLS (using
>> OpenSSL)
>>
>> Linux jwb-laptop 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:30:00 UTC
>> 2014 x86_64 x86_64 x86_64 GNU/Linux
>>
>> sudo openconnect -v -c 'my piv key cert string' --authgroup=mygroup
>> https://our-cisco-vpnconcent
>>
>> output:
>>
>> Using PKCS#11 key <mykey>
>> Using client certificate 'my name'
>> Setting certificate failed: Internal error in memory allocation.
>
> This is a gnutls error. Which version of gnutls is in that system? Is
> that issue fixed if you upgrade to the latest version?
>
> regards,
> Nikos
>
>



More information about the openconnect-devel mailing list