headers
John Lodder | 3 Nov 2003 20:25
Picon
Favicon

opencdk build error?

I'm trying to build opencdk on Solaris 8 using gcc 3.3.2.  The build
fails when it gets to the 'tests' subdirectory, with undefined symbol
vasprintf.  Same error happens with opencdk 0.5.1 and 0.5.2;  I've
appended a snippet from building 0.5.2, below.

Any help appreciated, and apologies if this is a common FAQ,

john.
=====
make[2]: Leaving directory `/local/stuff/tnt/gnutls/opencdk-0.5.2/doc'
Making all in tests
make[2]: Entering directory `/local/stuff/tnt/gnutls/opencdk-0.5.2/tests'
if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../src -I/local/stuff/tnt/gaim/build/include 
-I/local/stuff/tnt/gaim/build/include   -g -O2 -Wall -Wcast-align -Wshadow -Wstrict-prototypes -MT
t-stream.o -MD -MP -MF ".deps/t-stream.Tpo" \
  -c -o t-stream.o `test -f 't-stream.c' || echo './'`t-stream.c; \
then mv -f ".deps/t-stream.Tpo" ".deps/t-stream.Po"; \
else rm -f ".deps/t-stream.Tpo"; exit 1; \
fi
t-stream.c: In function `stream_clearsign':
t-stream.c:446: warning: `rc' might be used uninitialized in this function
t-stream.c: In function `test_keydb_routines':
t-stream.c:787: warning: char format, void arg (arg 2)
t-stream.c: At top level:
t-stream.c:424: warning: `stream_verify' defined but not used
t-stream.c:442: warning: `stream_clearsign' defined but not used
/bin/bash ../libtool --mode=link gcc  -g -O2 -Wall -Wcast-align -Wshadow -Wstrict-prototypes   -o
t-stream  t-stream.o ../src/libopencdk.la -L/local/stuff/tnt/gaim/build/lib -lgcrypt
-L/local/stuff/tnt/gaim/build/lib -lgpg-error -lz 
mkdir .libs
(Continue reading)

Permalink | Reply | 1 comment |
headers
Pete Naylor | 3 Nov 2003 22:05

Re: opencdk build error?


John Lodder wrote...

> I'm trying to build opencdk on Solaris 8 using gcc 3.3.2.  The build
> fails when it gets to the 'tests' subdirectory, with undefined symbol
> vasprintf.  Same error happens with opencdk 0.5.1 and 0.5.2;  I've
> appended a snippet from building 0.5.2, below.

This is because Solaris 8 doesn't have vasprintf - it's unfortunately
rather common for developers using Linux/FreeBSD etc to make poor
assumptions regarding the availability of such functions.  I worked around
it by editing src/misc.c - there's a vasprintf function defined there but
an #ifdef causes it to only be defined on Win32.  Remove the #ifdef and
the included vasprintf function works fine for Solaris.
Permalink | Reply | 0 comments |
headers
Stephane Bortzmeyer | 5 Nov 2003 13:12
Picon

GNU TLS inside a loop: what to do at each iteration?

Hello,

I'm porting echoping <URL:http://echoping.sourceforge.net/> from
OpenSSL to GNU TLS and I have a question about looping. echoping can
perform a given test repeatedly. What do I have to do at each
iteration?

I tried, at every iteration:

gnutls_transport_set_ptr (session, gnutls_transport_ptr) sockfd);
gnutls_handshake (session);
... Work
gnutls_bye (session, GNUTLS_SHUT_RDWR);

But it fails at the second iteration (-10: The specified session has
been invalidated for some reason. (Bad file descriptor)).

I then tried:

gnutls_init(&session, GNU_TLS_CLIENT);
gnutls_transport_set_ptr (session, gnutls_transport_ptr) sockfd);
gnutls_handshake (session);
... Work
gnutls_bye (channel.tls, GNUTLS_SHUT_RDWR);
gnutls_deinit (session); 

And it fails at the second iteration (ASN1 parser: Element was not
found. (Bad file descriptor).

[For the record, OpenSSL has exactly the same problems and the
(Continue reading)

Permalink | Reply | 5 comments |
headers
Nikos Mavroyanopoulos | 6 Nov 2003 10:12

Re: GNU TLS inside a loop: what to do at each iteration?

On Wed, Nov 05, 2003 at 01:12:28PM +0100, Stephane Bortzmeyer wrote:

> Hello,

> I tried, at every iteration:
> gnutls_transport_set_ptr (session, gnutls_transport_ptr) sockfd);
> gnutls_handshake (session);
> ... Work
> gnutls_bye (session, GNUTLS_SHUT_RDWR);
> But it fails at the second iteration (-10: The specified session has
> been invalidated for some reason. (Bad file descriptor)).
Yes, this is not a correct use of a gnutls session.

> I then tried:
> gnutls_init(&session, GNU_TLS_CLIENT);
> gnutls_transport_set_ptr (session, gnutls_transport_ptr) sockfd);
> gnutls_handshake (session);
> ... Work
> gnutls_bye (channel.tls, GNUTLS_SHUT_RDWR);
> gnutls_deinit (session); 
> And it fails at the second iteration (ASN1 parser: Element was not
> found. (Bad file descriptor).

You probably haven't called gnutls_global_init(). In any case try reading
the examples on how to properly initialize a TLS session.

--

-- 
Nikos Mavroyanopoulos
Permalink | Reply | 3 comments |
headers
Stephane Bortzmeyer | 6 Nov 2003 10:31
Picon

Re: GNU TLS inside a loop: what to do at each iteration?

On Thu, Nov 06, 2003 at 11:12:20AM +0200,
 Nikos Mavroyanopoulos <nmav <at> gnutls.org> wrote 
 a message of 34 lines which said:

> > I then tried:
> > gnutls_init(&session, GNU_TLS_CLIENT);
> > gnutls_transport_set_ptr (session, gnutls_transport_ptr) sockfd);
> > gnutls_handshake (session);
> > ... Work
> > gnutls_bye (channel.tls, GNUTLS_SHUT_RDWR);
> > gnutls_deinit (session); 
> > And it fails at the second iteration (ASN1 parser: Element was not
> > found. (Bad file descriptor).
> 
> You probably haven't called gnutls_global_init(). 

Of course I did. I just showed only the instructions that are
loop-specific but, at the beginning of the program, before starting
the loop, I have:

      gnutls_global_init ();
      gnutls_certificate_allocate_credentials (&xcred);

> In any case try reading the examples on how to properly initialize a
> TLS session.

No example on the Web site covers the case of a loop.
Permalink | Reply | 2 comments |
headers
Nikos Mavroyanopoulos | 6 Nov 2003 11:39

Re: GNU TLS inside a loop: what to do at each iteration?

On Thu, Nov 06, 2003 at 10:31:26AM +0100, Stephane Bortzmeyer wrote:

> > > gnutls_bye (channel.tls, GNUTLS_SHUT_RDWR);
> > > gnutls_deinit (session); 
> > > And it fails at the second iteration (ASN1 parser: Element was not
> > > found. (Bad file descriptor).
> > You probably haven't called gnutls_global_init(). 
> Of course I did. I just showed only the instructions that are
> loop-specific but, at the beginning of the program, before starting
> the loop, I have:
>       gnutls_global_init ();
>       gnutls_certificate_allocate_credentials (&xcred);
> > In any case try reading the examples on how to properly initialize a
> > TLS session.
> No example on the Web site covers the case of a loop.

The example in section 5.2.5 (client with resume capability)
connects to a server twice by using a loop. If this doesn't help
either use the following to get more detailed error reporting, or
send a small program to reproduce the error.

static void tls_log_func( int level, const char* str)
{
        fprintf(stderr, "|<%d>| %s", level, str);
}

gnutls_global_set_log_function( tls_log_func);
gnutls_global_set_log_level(2);

--

--
(Continue reading)

Permalink | Reply | 1 comment |
headers
Stephane Bortzmeyer | 7 Nov 2003 14:07
Picon

Re: GNU TLS inside a loop: what to do at each iteration?

On Thu, Nov 06, 2003 at 12:39:39PM +0200,
 Nikos Mavroyanopoulos <nmav <at> gnutls.org> wrote 
 a message of 37 lines which said:

> The example in section 5.2.5 (client with resume capability)
> connects to a server twice by using a loop. 

OK, my fault, I had a gnutls_global_deinit at the wrong place in the
loop. I now have the following structure:

      gnutls_global_init ();
      gnutls_certificate_allocate_credentials (&xcred);

      loop {
          gnutls_init (&session, GNUTLS_CLIENT);
	  gnutls_set_default_priority (session);
	  gnutls_certificate_type_set_priority (session,
						    cert_type_priority);
	  gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
	  gnutls_transport_set_ptr (session,
					(gnutls_transport_ptr) sockfd);
	  gnutls_handshake (session);
          Work ...
          shutdown()
	  gnutls_bye (channel.tls, GNUTLS_SHUT_RDWR);
	  gnutls_deinit (session);
      }

      gnutls_global_deinit ();
(Continue reading)

Permalink | Reply | 0 comments |
headers
Stephane Bortzmeyer | 11 Nov 2003 16:15
Picon

echoping 5.1 released (now with GNU TLS support)

echoping 5.1 <URL:http://echoping.sourceforge.net/> now can use GNU
TLS, not only OpenSSL. Why not a list of programs using GNU TLS on
www.gnutls.org?
Permalink | Reply | 0 comments |
headers
Andreas Metzler | 28 Nov 2003 14:52
Picon
Picon
Favicon

OpenSSL-like directory of certfiles with hash.0 name/symlink

Hello,
Does GnuTLS support reading certificates from a directory like OpenSSL
does, i.e. each file contains one certificates and is either named
`openssl x509 -hash -noout -in /cert/file`.0 or has a symlink with this
name pointing to it?
               cu andreas
Permalink | Reply | 1 comment |
headers
Nikos Mavroyanopoulos | 29 Nov 2003 12:50

Re: OpenSSL-like directory of certfiles with hash.0 name/symlink

On Fri, Nov 28, 2003 at 01:52:37PM +0000, Andreas Metzler wrote:

> Hello,
> Does GnuTLS support reading certificates from a directory like OpenSSL
> does, i.e. each file contains one certificates and is either named
> `openssl x509 -hash -noout -in /cert/file`.0 or has a symlink with this
> name pointing to it?
Hello Andreas,
 No there is no such function.

>                cu andreas

--

-- 
Nikos Mavroyanopoulos
Permalink | Reply | 0 comments |

Gmane