Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 605886 - net-misc/openvpn-2.4.0: USE flag 'mbedtls' incorrectly passed to configure step
Summary: net-misc/openvpn-2.4.0: USE flag 'mbedtls' incorrectly passed to configure step
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Manuel Rüger (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-01-16 13:52 UTC by Chris Box
Modified: 2017-01-24 15:25 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Chris Box 2017-01-16 13:52:43 UTC 
/usr/portage/net-misc/openvpn/openvpn-2.4.0.ebuild contains the following line:

$(usex mbedtls 'with-crypto-library' 'mbedtls' '' '') \

My /etc/portage/package.use contains:

net-misc/openvpn        -pam examples mbedtls

When performing emerge of openvpn this then leads to the following configure step:

>>> Configuring source in /var/tmp/portage/net-misc/openvpn-2.4.0/work/openvpn-2.4.0 ...
 * econf: updating openvpn-2.4.0/config.sub with /usr/share/gnuconfig/config.sub
 * econf: updating openvpn-2.4.0/config.guess with /usr/share/gnuconfig/config.guess
./configure --prefix=/usr --build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu --mandir=/usr/share/man --infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc --localstatedir=/var/lib --disable-dependency-tracking --disable-silent-rules --docdir=/usr/share/doc/openvpn-2.4.0 --htmldir=/usr/share/doc/openvpn-2.4.0/html --libdir=/usr/lib64 --with-plugindir=//usr/lib64/openvpn with-crypto-library --disable-async-push --enable-crypto --disable-lz4 --enable-lzo --disable-pkcs11 --enable-plugins --enable-iproute2 --disable-plugin-auth-pam --disable-plugin-down-root --disable-tests --disable-systemd

Note the bare string "with-crypto-library". I believe this should say "--with-crypto-library=mbedtls".

As a quick and dirty fix I made an overlay ebuild with this modified line:

$(usex mbedtls '--with-crypto-library=mbedtls' '' '' '') \

As I'm more of a gentoo user than a developer, I don't know if there's a more elegant way of writing the above. Anyway the resulting compile works, and the mbedtls libraries are used.
Comment 1 Chris Box 2017-01-16 14:04:06 UTC 
Just to clarify that the outcome of this bug, with an unmodified ebuild, is that the compile goes ahead, the binaries are built but the daemon that runs announces to syslog that it is using OpenSSL.

OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH/PKTINFO] [AEAD] built on Jan 13 2017

In other words, the USE flag is ignored.

When the configure line is corrected, and it's recompiled, the daemon reports "mbed TLS" as expected.

OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (mbed TLS)] [LZO] [EPOLL] [MH/PKTINFO] [AEAD] built on Jan 13 2017
Comment 2 Manuel Rüger (RETIRED) gentoo-dev 2017-01-24 15:25:09 UTC 
commit 710355ef28028341349d7811cc631c7588c7ee55
Author: Manuel Rüger <mrueg@gentoo.org>
Date:   Tue Jan 24 16:23:28 2017 +0100

    net-misc/openvpn: Fix USE=mbedtls
    
    Thanks to Chris Box
    
    Gentoo-Bug: #605886
    
    Package-Manager: Portage-2.3.3, Repoman-2.3.1