Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 567822 - app-crypt/gnupg-2.1.10: hkps support missing
Summary: app-crypt/gnupg-2.1.10: hkps support missing
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Crypto team [DISABLED]
URL: https://bugs.gnupg.org/gnupg/issue2197
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-12-09 10:11 UTC by poncho
Modified: 2015-12-19 10:38 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
without tofu (no-tofu-fail-config.log,203.64 KB, text/plain)
2015-12-09 12:18 UTC, poncho
Details
with tofu (with-tofu.log,206.09 KB, text/plain)
2015-12-09 12:19 UTC, poncho
Details

Note You need to log in before you can comment on or make changes to this bug.
Description poncho 2015-12-09 10:11:45 UTC
with 2.1.10:

poncho ~ % dirmngr
dirmngr[29958.0]: permanently loaded certificates: 0
dirmngr[29958.0]:     runtime cached certificates: 0
# Home: ~/.gnupg
# Config: /home/poncho/.gnupg/dirmngr.conf
OK Dirmngr 2.1.10 at your service
KEYSERVER --help
S # Known schemata:
S #   hkp
S #   http
S #   finger
S #   kdns
S # (Use an URL for engine specific help.)
OK


with 2.1.9:

poncho ~ % dirmngr
dirmngr[6414.0]: permanently loaded certificates: 0
dirmngr[6414.0]:     runtime cached certificates: 0
# Home: ~/.gnupg
# Config: /home/poncho/.gnupg/dirmngr.conf
OK Dirmngr 2.1.9 at your service
KEYSERVER --help
S # Known schemata:
S #   hkp
S #   hkps
S #   http
S #   finger
S #   kdns
S # (Use an URL for engine specific help.)
OK

emerge --info --ignore-default-opts app-crypt/gnupg
Portage 2.2.24 (python 2.7.10-final-0, default/linux/amd64/13.0/desktop/gnome/systemd, gcc-4.9.3, glibc-2.21-r1, 4.3.0 x86_64)
=================================================================
                         System Settings
=================================================================
System uname: Linux-4.3.0-x86_64-Intel-R-_Core-TM-_i7-4770K_CPU_@_3.50GHz-with-gentoo-2.2
KiB Mem:    16348092 total,  11906600 free
KiB Swap:   15624188 total,  15624188 free
sh bash 4.3_p39
ld GNU ld (Gentoo 2.25.1 p1.1) 2.25.1
app-shells/bash:          4.3_p39::gentoo
dev-java/java-config:     2.2.0::gentoo
dev-lang/perl:            5.20.2::gentoo
dev-lang/python:          2.7.10-r1::gentoo, 3.4.3::gentoo
dev-util/cmake:           3.3.1-r1::gentoo
dev-util/pkgconfig:       0.28-r2::gentoo
sys-apps/baselayout:      2.2::gentoo
sys-apps/sandbox:         2.6-r1::gentoo
sys-devel/autoconf:       2.13::gentoo, 2.69::gentoo
sys-devel/automake:       1.11.6-r1::gentoo, 1.14.1::gentoo, 1.15::gentoo
sys-devel/binutils:       2.25.1-r1::gentoo
sys-devel/gcc:            4.8.5::gentoo, 4.9.3::gentoo
sys-devel/gcc-config:     1.7.3::gentoo
sys-devel/libtool:        2.4.6::gentoo
sys-devel/make:           4.1-r1::gentoo
sys-kernel/linux-headers: 3.18::gentoo (virtual/os-headers)
sys-libs/glibc:           2.21-r1::gentoo
Repositories:

mozilla
    location: /var/portage/layman/mozilla
    sync-type: git
    sync-uri: https://anongit.gentoo.org/git/proj/mozilla.git
    masters: gentoo
    priority: 50

steam-overlay
    location: /var/portage/layman/steam-overlay
    sync-type: git
    sync-uri: https://github.com/anyc/steam-overlay.git
    masters: gentoo
    priority: 50

vmware
    location: /var/portage/layman/vmware
    sync-type: git
    sync-uri: https://anongit.gentoo.org/git/proj/vmware.git
    masters: gentoo
    priority: 50

gentoo
    location: /var/portage/tree
    sync-type: git
    sync-uri: https://github.com/gentoo/gentoo.git
    priority: 1000

poncho
    location: /var/portage/local/poncho-overlay
    sync-type: git
    sync-uri: git://github.com/MeisterP/poncho-overlay.git
    masters: gentoo
    priority: 1050

torbrowser
    location: /var/portage/local/torbrowser-overlay
    sync-type: git
    sync-uri: git://github.com/MeisterP/torbrowser-overlay.git
    masters: gentoo
    priority: 1050

Installed sets: @kernels
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA AdobeFlash-11.x skype-4.0.0.7-copyright FraunhoferFDK google-chrome"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=native -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/lib64/firefox/browser/searchplugins/google.xml /usr/share/backgrounds/gnome/adwaita-timed.xml /usr/share/gnome-shell/theme/gnome-shell.css /usr/share/gnupg/qualified.txt /usr/share/thumbnailers/ffmpegthumbnailer.thumbnailer"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-march=native -O2 -pipe"
DISTDIR="/var/portage/distfiles"
EMERGE_DEFAULT_OPTS="--with-bdeps=y --ask --jobs=9 --load-average=8 --verbose"
FCFLAGS="-O2 -pipe"
FEATURES="assume-digests binpkg-logs cgroup config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync network-sandbox news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-O2 -pipe"
GENTOO_MIRRORS="http://mirror.switch.ch/ftp/mirror/gentoo 	http://ftp-stud.hs-esslingen.de/pub/Mirrors/gentoo 	http://distfiles.gentoo.org"
INSTALL_MASK=" /etc/init.d"
LANG="en_US.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j9 -l8"
PKGDIR="/var/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
USE="X a52 aac acl acpi aften alac alsa amd64 argyllcms bash-completion berkdb bluetooth bluray bzip2 cairo cdda cdio cdr cdrdao cli colord cracklib crypt cryptsetup css cue cups cxx dbus device-mapper dirac dri dts dvd dvdr egl emboss encode evo exif fam fdk ffmpeg firefox flac fontconfig fortran gif glamor gles2 gnome gnome-keyring gnome-online-accounts gstreamer gtk gtk3 iconv id3tag introspection ipv6 jpeg kate kms lame lcms libass libnotify libproxy libsecret libtiger mad matroska mmx mmxext mng modules mp3 mp4 mpeg multilib nautilus ncurses networkmanager nls nptl nss nvidia ogg opengl openmp opus pam pango pcre pdf png policykit postscript ppds pulseaudio qt3support quicktime raw readline rtmp schroedinger sdl seccomp session sndfile speex spell sse sse2 ssl startup-notification svg systemd tcpd theora threads tiff tracker truetype udev udisks unicode upower usb v4l vaapi vdpau vorbis vpx wav wavpack webp x264 x265 xattr xcb xinerama xml xmp xps xv xvid zlib zsh-completion" ABI_X86="64" ALSA_CARDS="hda-intel" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx avx2 fma3 mmx mmxext popcnt sse sse2 sse3 sse4_1 sse4_2 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="evdev roccat_arvo roccat_konepure" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_US" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_4" RUBY_TARGETS="ruby21" USERLAND="GNU" VIDEO_CARDS="nvidia vesa" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
USE_PYTHON="2.7"
Unset:  CC, CPPFLAGS, CTARGET, CXX, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

=================================================================
                        Package Settings
=================================================================

app-crypt/gnupg-2.1.9-r1::gentoo was built with the following:
USE="bzip2 gnutls nls readline usb -doc -ldap (-selinux) -smartcard -static -tools" ABI_X86="64"
Comment 1 poncho 2015-12-09 12:18:31 UTC
Created attachment 418836 [details]
without tofu

gnutls detection fails without the tofu useflag
Comment 2 poncho 2015-12-09 12:19:06 UTC
Created attachment 418838 [details]
with tofu

734c61dc9d4915605816803182c9adcc1594e008 is the first bad commit
commit 734c61dc9d4915605816803182c9adcc1594e008
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Oct 20 17:32:23 2015 +0200

    build: Allow building without SQLlite support.
    
    * configure.ac: Add option --dsiable-tofu and --disable-sqlite.
    (NEED_SQLITE_VERSION): New var.
    (USE_TOFU): New ac_define and am_conditional.
    * autogen.sh (build-w32): Add PKG_CONFIG_LIBDIR to configure so that
    pkg-config find the correct .pc file.
    
    * g10/Makefile.am (tofu_source): New.  Build only if enabled.
    * g10/gpg.c (parse_trust_model)[!USE_TOFU]: Disable tofu models.
    (parse_tofu_policy)[!USE_TOFU]: Disable all.
    (parse_tofu_db_format)[!USE_TOFU]: Disable all.
    (main) <aTOFUPolicy>[!USE_TOFU]: Skip.
    * g10/keyedit.c (show_key_with_all_names_colon)[!USE_TOFU]: Do not
    call tofu functions.
    * g10/keylist.c (list_keyblock_colon)[!USE_TOFU]: Ditto.
    * g10/trustdb.c (tdb_get_validity_core)[!USE_TOFU]: Skip tofu
    processing.
    --
    
    This allows to build a minimal version of GnuPG.  It is also currently
    required to build for Windows.
    
    Signed-off-by: Werner Koch <wk@gnupg.org>
Comment 3 Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-12-10 09:48:36 UTC
Thanks for the report. I can now reproduce this 

checking for NTBTLS - version >= 0.1.0... no
checking for LIBGNUTLS... no
configure: WARNING:
***
*** Building without NTBTLS and GNUTLS - no TLS access to keyservers.
*** 

despite gnutls IUSE being enabled.

... will look into it
Comment 4 Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-12-15 21:20:49 UTC
Opened upstream bug
Comment 5 Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-12-19 10:38:26 UTC
Fixed in 2.1.10-r1 , https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0e03adc0a22f6e026474ed7bb252b630dbb20716