Opened 8 years ago

Closed 8 years ago

Last modified 8 years ago

#51641 closed defect (fixed)

gnupg21 @2.1.12_0: enables TLS support opportunistically

Reported by: larryv (Lawrence Velázquez) Owned by: Ionic (Mihai Moldovan)
Priority: Normal Milestone:
Component: ports Version: 2.3.99
Keywords: Cc: roederja
Port: gnupg21

Description

Without gnutls installed:

:info:configure checking for ntbtls-config... no
:info:configure checking for NTBTLS - version >= 0.1.0... no
:info:configure checking for LIBGNUTLS... no
:info:configure configure: WARNING:
:info:configure ***
:info:configure *** Building without NTBTLS and GNUTLS - no TLS access to keyservers.
:info:configure ***
:info:configure *** No package 'gnutls' found
:info:configure         GnuPG v2.1.12 has been configured as follows:
:info:configure         TLS support:         no

With gnutls installed:

:info:configure checking for ntbtls-config... no
:info:configure checking for NTBTLS - version >= 0.1.0... no
:info:configure checking for LIBGNUTLS... yes
:info:configure         GnuPG v2.1.12 has been configured as follows:
:info:configure         TLS support:         gnutls

I don’t know how you want to deal with this. I think it would be best to add the dependency on gnutls so that TLS is always available, but that means requiring curl +gnutls. At a minimum, the port should configure with --disable-gnutls to prevent the opportunistic behavior.

Attachments (2)

gnupg21.no-gnutls.log (69.3 KB) - added by larryv (Lawrence Velázquez) 8 years ago.
gnupg21.gnutls.log (69.1 KB) - added by larryv (Lawrence Velázquez) 8 years ago.

Download all attachments as: .zip

Change History (7)

Changed 8 years ago by larryv (Lawrence Velázquez)

Attachment: gnupg21.no-gnutls.log added

Changed 8 years ago by larryv (Lawrence Velázquez)

Attachment: gnupg21.gnutls.log added

comment:1 Changed 8 years ago by roederja

Hi, thanks for finding this. I will add the GNUTLS dependency.

comment:2 in reply to:  1 ; Changed 8 years ago by larryv (Lawrence Velázquez)

Enabling GnuTLS support might not actually not require curl +gnutls. I don’t know whether GnuPG cares what curl is using. Hopefully it doesn’t care at all, and we can avoid variant-dependency shenanigans.

comment:3 in reply to:  2 Changed 8 years ago by larryv (Lawrence Velázquez)

At a glance, it looks like the 2.1 series hasn’t actually used cURL in a while—the configure script doesn’t even check for it. Ideally, you can simply remove the dependency on curl and add one for gnutls when you push the 2.1.13 update (which dropped a couple of hours ago).

comment:4 Changed 8 years ago by roederja

Resolution: fixed
Status: newclosed

Fixed in r149405. Thanks

comment:5 in reply to:  4 Changed 8 years ago by larryv (Lawrence Velázquez)

Thank you!

Note: See TracTickets for help on using tickets.