I have noticed that my qbittorrent links to gnutls and after some investigation it was found that it is the case because of this package. The project bundles (and exposes!) it's own gnutls which can be observed in https://github.com/airium/libtorrent-rasterbar/blob/20/include/libtorrent/ssl.hpp. Eli has did some more testing and what he found is an even bigger proof if that: /var/tmp/portage/net-libs/libtorrent-rasterbar-2.0.10/image/usr/lib64/cmake/LibtorrentRasterbar/LibtorrentRasterbarConfig.cmake 25:find_dependency(GnuTLS) And when switching from -gnutls to gnutls iwdevtools reports * FILES:+usr/include/boost/asio/gnutls.hpp * FILES:+usr/include/boost/asio/gnutls/context.hpp * FILES:+usr/include/boost/asio/gnutls/context_base.hpp * FILES:+usr/include/boost/asio/gnutls/error.hpp * FILES:+usr/include/boost/asio/gnutls/host_name_verification.hpp * FILES:+usr/include/boost/asio/gnutls/rfc2818_verification.hpp * FILES:+usr/include/boost/asio/gnutls/stream.hpp * FILES:+usr/include/boost/asio/gnutls/stream_base.hpp * FILES:+usr/include/boost/asio/gnutls/verify_context.hpp * ABI: libtorrent-rasterbar.so.2.0(64) func(+30,-35) vars(-29) [BREAKING] This is bad for obvious reasons and we are not really how to go about it. I think for now as a quick fix USE=gnutls could be masked to prevent breakage. On the other hand do one has reported any errors and this has been going on for quite some time so I do not know if that is needed.
I don't think it's bundling gnutls. It does include a Boost GnuTLS module.
Yup -- what it's bundling is https://github.com/paullouisageneau/boost-asio-gnutls The main issue here is that even if we debundled this, which is complicated since it is not remotely supported: https://github.com/arvidn/libtorrent/blob/57fd4e452eff0466957460b1608b96719599076e/CMakeLists.txt#L764-L767 and also because boost-asio-gnutls uses Jam as its build system lmao (really doheader works instead, I suppose)... ... it turns out that libtorrent-rasterbar exposes, in its public API and ABI, the TLS library it uses. If you link libtorrent-rasterbar with openssl instead, then qbittorrent gets a couple extra links to openssl (and openssl is in the libtorrent-rasterbar CMake files as a public interface). But it doesn't matter since qbittorrent also uses openssl directly itself for other reasons. So, libtorrent-rasterbar is "viral" and infects all its reverse dependencies with a direct DT_NEEDED link to its tls library, which means we need to account for that when it comes to subslot rebuilds, which is messy.
For example, if we look at the output of nm -D --demangle /usr/bin/qbittorrent, with both libtorrent-rasterbar variants, we get this: diff --git a/tmp/qbt-libtorrent-has-gnutls.nm b/tmp/qbt-libtorrent-has-openssl.nm index ad58a3f57199..0ee163185f06 100644 --- a/tmp/qbt-libtorrent-has-gnutls.nm +++ b/tmp/qbt-libtorrent-has-openssl.nm @@ -86,7 +86,9 @@ U __dynamic_cast@CXXABI_1.3 D _edata B _end + U ERR_lib_error_string@OPENSSL_3.0.0 U __errno_location@GLIBC_2.2.5 + U ERR_reason_error_string@OPENSSL_3.0.0 U EVP_sha512@OPENSSL_3.0.0 U fclose@GLIBC_2.2.5 U fcntl@GLIBC_2.2.5 @@ -98,7 +100,6 @@ A __gentoo_check_ldflags__ U getrlimit@GLIBC_2.2.5 w __gmon_start__ - U gnutls_strerror@GNUTLS_3_4 U __gxx_personality_v0@CXXABI_1.3 U if_indextoname@GLIBC_2.2.5 U if_nametoindex@GLIBC_2.2.5 @@ -319,6 +320,7 @@ B guard variable for Http::HEADER_X_CONTENT_TYPE_OPTIONS B guard variable for Http::HEADER_CONTENT_SECURITY_POLICY B guard variable for Http::HEADER_CROSS_ORIGIN_OPENER_POLICY + B guard variable for boost::asio::ssl::detail::openssl_init<true>::instance_ B guard variable for boost::asio::detail::call_stack<boost::asio::detail::strand_service::strand_impl, unsigned char>::top_ B guard variable for boost::asio::detail::call_stack<boost::asio::detail::thread_context, boost::asio::detail::thread_info_base>::top_ B guard variable for boost::asio::detail::call_stack<boost::asio::detail::strand_executor_service::strand_impl, unsigned char>::top_ @@ -346,6 +348,7 @@ B guard variable for Color::Primer::Light::severeFg B guard variable for Color::Primer::Light::successFg B guard variable for Utils::ForeignApps::PYTHON_ISOLATE_MODE_FLAG + B guard variable for boost::asio::ssl::detail::openssl_init_base::instance()::init B guard variable for QMetaType::registerConverterImpl<QSet<BitTorrent::TorrentID>, QIterable<QMetaSequence> >(std::function<bool (void const*, void*)>, QMetaType, QMetaType)::unregister B guard variable for QMetaType::registerConverterImpl<QHash<QString, Utils::Version<2, 2> >, QIterable<QMetaAssociation> >(std::function<bool (void const*, void*)>, QMetaType, QMetaType)::unregister B guard variable for QMetaType::registerConverterImpl<QList<Path>, QIterable<QMetaSequence> >(std::function<bool (void const*, void*)>, QMetaType, QMetaType)::unregister @@ -4243,6 +4246,7 @@ U QUrl::~QUrl()@Qt_6 T boost::stacktrace::detail::unwind_callback(_Unwind_Context*, void*) R boost::multi_index::detail::bucket_array_base<true>::sizes + B boost::asio::ssl::detail::openssl_init<true>::instance_ B boost::asio::detail::call_stack<boost::asio::detail::strand_service::strand_impl, unsigned char>::top_ B boost::asio::detail::call_stack<boost::asio::detail::thread_context, boost::asio::detail::thread_info_base>::top_ B boost::asio::detail::call_stack<boost::asio::detail::strand_executor_service::strand_impl, unsigned char>::top_ @@ -8924,10 +8928,11 @@ R typeinfo name for boost::wrapexcept<std::out_of_range> R typeinfo name for boost::exception_detail::clone_base R typeinfo name for boost::asio::ip::bad_address_cast + R typeinfo name for boost::asio::ssl::error::detail::stream_category + R typeinfo name for boost::asio::error::detail::ssl_category R typeinfo name for boost::asio::error::detail::misc_category R typeinfo name for boost::asio::error::detail::netdb_category R typeinfo name for boost::asio::error::detail::addrinfo_category - R typeinfo name for boost::asio::gnutls::error_category R typeinfo name for boost::system::system_error R typeinfo name for boost::system::error_category R typeinfo name for boost::system::detail::system_error_category @@ -8953,6 +8958,7 @@ R typeinfo name for std::shared_ptr<libtorrent::torrent_plugin> (*)(libtorrent::torrent_handle const&, libtorrent::client_data_t) R typeinfo name for std::unique_ptr<libtorrent::disk_interface, std::default_delete<libtorrent::disk_interface> > (*)(boost::asio::io_context&, libtorrent::settings_interface const&, libtorrent::counters&) R typeinfo name for std::_Mutex_base<(__gnu_cxx::_Lock_policy)2> + R typeinfo name for std::_Sp_counted_ptr<boost::asio::ssl::detail::openssl_init_base::do_init*, (__gnu_cxx::_Lock_policy)2> R typeinfo name for std::_Sp_counted_base<(__gnu_cxx::_Lock_policy)2> R typeinfo name for std::bad_optional_access R typeinfo name for std::_Sp_make_shared_tag @@ -9359,6 +9365,9 @@ T QtMetaContainerPrivate::QMetaAssociationForContainer<QHash<QString, Utils::Version<2, 2> > >::createIteratorAtKeyFn()::{lambda(void*, void const*)#1}::_FUN(void*, void const*) T QtMetaContainerPrivate::QMetaAssociationForContainer<QHash<QString, Utils::Version<2, 2> > >::getSetMappedAtIteratorFn()::{lambda(void const*, void const*)#1}::_FUN(void const*, void const*) T QtMetaContainerPrivate::QMetaAssociationForContainer<QHash<QString, Utils::Version<2, 2> > >::createConstIteratorAtKeyFn()::{lambda(void const*, void const*)#1}::_FUN(void const*, void const*) + D boost::asio::ssl::error::get_stream_category()::instance + B boost::asio::ssl::detail::openssl_init_base::instance()::init + D boost::asio::error::get_ssl_category()::instance D boost::asio::error::get_misc_category()::instance D boost::asio::error::get_netdb_category()::instance D boost::asio::error::get_addrinfo_category()::instance Disregarding the boost::asio::* symbols, we see direct usage of gnutls or openssl due to "error string". And that's it! Quite unfortunate...
The simplest way to handle this that allows users to continue choosing whatever they want, and simply corrects the dependencies: every package that depends on libtorrent-rasterbar, changes to depend on this: IUSE+="gnutls" DEPEND+=" gnutls? ( net-libs/libtorrent-rasterbar:=[gnutls] net-libs/gnutls:= ) !gnutls? ( net-libs/libtorrent-rasterbar:=[-gnutls] dev-libs/openssl:= ) " RDEPEND+="${DEPEND}"
bug 392239 is also kind of related but really needed for runtime deps, not build time deps.
