Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 691688 - net-dns/bind-tools-9.14.4[-ssl]: configure: error: Invalid --with-openssl value
Summary: net-dns/bind-tools-9.14.4[-ssl]: configure: error: Invalid --with-openssl value
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Christian Ruppert (idl0r)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-08-07 15:34 UTC by Quentin Retornaz
Modified: 2019-08-23 11:35 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
emerge --info (file_691688.txt,7.19 KB, text/plain)
2019-08-07 15:34 UTC, Quentin Retornaz
Details
build.log (build.log,10.80 KB, text/plain)
2019-08-07 15:38 UTC, Quentin Retornaz
Details
environment (environment,78.08 KB, application/octet-stream)
2019-08-07 15:40 UTC, Quentin Retornaz
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Quentin Retornaz 2019-08-07 15:34:41 UTC
Created attachment 585982 [details]
emerge --info

net-dns/bind-tools-9.14.4[-ssl] is failing to build because of $(use_with ssl openssl "${EPREFIX}"/usr) in src_configure.

Maybe a workaround like in bug 607400 could fix the issue.
Comment 1 Quentin Retornaz 2019-08-07 15:38:01 UTC
Created attachment 585984 [details]
build.log
Comment 2 Quentin Retornaz 2019-08-07 15:40:04 UTC
Created attachment 585986 [details]
environment
Comment 3 Sergei Trofimovich (RETIRED) gentoo-dev 2019-08-10 10:45:22 UTC
I think openssl is not an optional depend of bind anymore (with DNSSEC and friends). ./configure detection always wants an SSL implementation.
Comment 4 Petr Pisar 2019-08-15 15:23:04 UTC
From CHANGES file:

4945.   [func]          BIND can no longer be built without DNSSEC support.
                        A cryptography provder (i.e., OpenSSL or a hardware
                        service module with PKCS#11 support) must be
                        available. [GL #244]

4936.   [func]          Always use OpenSSL or PKCS#11 random data providers,
                        and remove the --{enable,disable}-crypto-rand configure
                        options. [GL #165]

I don't know whether net-dns/bind-tools executables indeed cannot be built without DNSSEC support (e.g. libcrypto symbols in bin/delv/delv comes from lib/isc/aes.c) but the change in the configure.ac seems intentional.
Comment 5 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-08-23 11:35:19 UTC
fixed in all versions of bind{,-tools}