build ocserv 0.8.6 with GnuTLS 3.3.9
David Frank
bitinn at gmail.com
Wed Oct 22 03:59:01 PDT 2014
Hello,
I wanted to try out this particular setting for ocserv
tls-priorities = "NONE:%SERVER_PRECEDENCE:PFS”
PFS is only available on 3.3.x, but ubuntu only have GnuTLS 3.2.x package, so I build 3.3.9 from source, and during ./configure I saw this output:
configure: External hardware support:
/dev/crypto: no
Hardware accel: x86-64
Padlock accel: yes
PKCS#11 support: no
TPM support: no
With GnuTLS installed, I try to configure and make ocserv, but saw this error:
sec-mod.o: In function `sec_mod_server':
/home/dev/tools/ocserv-0.8.6/src/sec-mod.c:458: undefined reference to `gnutls_pkcs11_reinit'
collect2: error: ld returned 1 exit status
Since it was building correctly with gnutls 3.2.x previously, I suspect I missed something when building gnutls 3.3.x, I tried to configure GnuTLS build using --without-p11-kit, but same error appears.
Looking at ocserv source, it does check for pkcs11 support in GnuTLS before invoking, what can I do to make this build successful?
Suggestion much appreciated.
More information about the openconnect-devel
mailing list