Hi all, Ludovic Courtès <l...@gnu.org> skribis:
> Where to go from here? Here are options that come to mind: > > • Configure Nettle with ‘--enable-mini-gmp’. However, the manual > mentions that it’s “slower” and “more likely to leak side-channel > information” (info "(nettle) Installation"). I tried building GnuTLS against Nettle-with-mini-GMP, but GnuTLS still adds a dependency on GMP; quoth ‘hooks.m4’: --8<---------------cut here---------------start------------->8--- if test "$mini_nettle" != no;then GMP_CFLAGS="" GMP_LIBS="" else if test x$GMP_LIBS = x; then AC_CHECK_LIB(gmp, __gmpz_cmp, [GMP_LIBS="-lgmp"], [AC_MSG_ERROR([[ *** *** gmp was not found. ]])]) fi fi --8<---------------cut here---------------end--------------->8--- GMP is used by ‘GNUTLS/lib/nettle/ecc/eccdata.c’ in particular. That makes the use of Nettle-with-mini-GMP moot. The other option is to build GnuTLS with ‘--with-nettle-mini’ to use a bundled Nettle containing mini-GMP, but the ‘configure’ script bails out anyway if Nettle is not found, making this option unusable AFAICS. From ‘hooks.m4’: --8<---------------cut here---------------start------------->8--- PKG_CHECK_MODULES(NETTLE, [nettle >= $NETTLE_MINIMUM], [cryptolib="nettle"], [ AC_MSG_ERROR([[ *** *** Libnettle $NETTLE_MINIMUM was not found. ]]) ]) --8<---------------cut here---------------end--------------->8--- Adding Nettle to the build environment *and* passing ‘--with-nettle-mini’ leads to the GMP link error already mentioned: --8<---------------cut here---------------start------------->8--- /tmp/guix-build-gnutls-3.6.15.drv-0/gnutls-3.6.15/lib/nettle/ecc/eccdata.c:1273: undefined reference to `__gmpz_add_ui' ld: /tmp/guix-build-gnutls-3.6.15.drv-0/gnutls-3.6.15/lib/nettle/ecc/eccdata.c:1274: undefined reference to `__gmpz_fdiv_q_2exp' ld: /tmp/guix-build-gnutls-3.6.15.drv-0/gnutls-3.6.15/lib/nettle/ecc/eccdata.c:1299: undefined reference to `__gmpz_add_ui' […] --8<---------------cut here---------------end--------------->8--- (This is all with 3.6.15.) > • Have Guile use mini-GMP; this is not implemented yet. > > • In Guile-GnuTLS, arrange so that GnuTLS allocations are made through > libgc. Unfortunately, ‘gnutls_global_set_mem_functions’ was > deprecated in GnuTLS 3.3.0 so this doesn’t look like an option. > > • Build Guile with ‘scm_install_gmp_memory_functions = 0’. This would > have a negative impact on the performance of bignum-heavy workloads > such as the compiler itself. > > I can’t think of a good workaround. Thoughts? I’d still appreciate feedback and suggestions. :-) Ludo’. _______________________________________________ Gnutls-help mailing list Gnutls-help@lists.gnutls.org http://lists.gnupg.org/mailman/listinfo/gnutls-help