[bug #63431] --disable-ntlm ignored if nettle is present

2022-12-10 Thread Hannu Nyman 
Follow-up Comment #2, bug #63431 (project wget):

It seems that the patch does not quite fully fix things for us. 

Our purpose is to keep the no-SSL version of wget small, and avoid unnecessary
features. (Context is OpenWrt, Linux for embedded routers with limited flash
storage space). 

Our buildbot also builds nettle as an optional extra package (along hundreds
of others), so the wget compilation detects it in the build system, although
we have no intention of forcing wget users to also install the rarely needed
nettle.

With this new fix, I still similar error as earlier, that the presence of a
nettle library forces it to be linked with "-lnettle" when there is no SSL
feature. NTLM feature itself is shown disabled, but nettle is still forced
into the build as a library.


--localstatedir=/var --mandir=/usr/man --infodir=/usr/info --disable-nls 
--disable-rpath --disable-iri --disable-pcre2 --with-included-libunistring
--without-libuuid --without-libpsl --disable-ntlm --without-ssl ; fi; )

configure: loading site script /Openwrt/e8450/include/site/aarch64
...
checking for zlib... yes
checking for nettle... yes
checking for INET6 protocol support... yes
...
  LDFlags:  
-L/Openwrt/e8450/staging_dir/toolchain-aarch64_cortex-a53_gcc-11.3.0_musl/usr/lib
-L/Openwrt/e8450/staging_dir/toolchain-aarch64_cortex-a53_gcc-11.3.0_musl/lib
-znow -zrelro 
  Libs: 
-L/Openwrt/e8450/staging_dir/target-aarch64_cortex-a53_musl/usr/lib -lpcre 
-L/Openwrt/e8450/staging_dir/target-aarch64_cortex-a53_musl/usr/lib -lnettle 
-L/Openwrt/e8450/staging_dir/target-aarch64_cortex-a53_musl/usr/lib -lz  
  SSL:   no
  Zlib:  yes
  PSL:   no
  PCRE:  yes, via libpcre
  Digest:yes
  NTLM:  no
  OPIE:  yes
  POSIX xattr:   yes


The fix apparently turns NTLM off, but still causes the nettle library to be
included, although is only needed for the NTLM feature (to my understanding).

Likely line 644 in configure.ac gets applied.
https://git.savannah.gnu.org/cgit/wget.git/tree/configure.ac?id=485217d0ff8d0d17ea3815244b2bc2b747451e15#n644

In the earlier version of configure.ac, the inclusion of nettle was
conditional for "if test x"$ENABLE_NTLM" != xno" on line 639. Otherwise the
NETTLE_LIBS did not get applied on line 645:
https://git.savannah.gnu.org/cgit/wget.git/tree/configure.ac?id=c984cb316a790bf672b71d14d3b903921aacc00d#n635

Hopefully that behaviour can be restored.


For keeping the unnecessary nettle from being linked, I earlier authored the
following patch to fix the problem. My patch fully disables nettle detection
in the "disable-ntlm" case:

--- a/configure.ac
+++ b/configure.ac
@@ -630,6 +630,7 @@ then
 AC_DEFINE([ENABLE_NTLM], 1, [Define if you want the NTLM authorization
support compiled in.])
   fi
 else
+ if test x"$ENABLE_NTLM" != xno; then
   PKG_CHECK_MODULES([NETTLE], nettle, [
 HAVE_NETTLE=yes
 LIBS="$NETTLE_LIBS $LIBS"
@@ -651,6 +652,7 @@ else
 ENABLE_NTLM=yes
 AC_DEFINE([ENABLE_NTLM], 1, [Define if you want the NTLM authorization
support compiled in.])
   fi
+ fi
 fi
 
 dnl **







___

Reply to this item at:

  

___
Message sent via Savannah
https://savannah.gnu.org/

[bug #63431] --disable-ntlm ignored if nettle is present

2022-11-27 Thread Hannu Nyman 
URL:
  <https://savannah.gnu.org/bugs/?63431>

 Summary: --disable-ntlm ignored if nettle is present
 Project: GNU Wget
   Submitter: hnyman
   Submitted: Mon 28 Nov 2022 12:35:53 AM EET
Category: Build/Install
Severity: 3 - Normal
Priority: 5 - Normal
  Status: None
 Privacy: Public
 Assigned to: None
 Originator Name: 
Originator Email: 
 Open/Closed: Open
 Release: None
 Discussion Lock: Any
Operating System: None
 Reproducibility: Every Time
   Fixed Release: None
 Planned Release: None
  Regression: Yes
   Work Required: None
  Patch Included: None


___

Follow-up Comments:


---
Date: Mon 28 Nov 2022 12:35:53 AM EET By: Hannu Nyman 
Apparently with 1.21.3, the NTLM feature can't be disabled if the nettle
library is detected to be present. 

I suspect that commit a24e67e239e changed things so that the presence of
nettle overrides the user's explicit selection of disabling NTLM.

https://git.savannah.gnu.org/cgit/wget.git/commit/?h=v1.21.3=a24e67e239ef949cc77a4c4e5a0beb703026a296

With the previous 1.21.2, the --disable-ntlm option worked ok, and the NTLM
feature could be disabled even if the nettle library is present.


Extract from the configure step from the build log:
...
--localstatedir=/var --mandir=/usr/man --infodir=/usr/info --disable-nls 
--disable-rpath --disable-iri --disable-pcre2 --with-included-libunistring
--without-libuuid --without-libpsl --disable-ntlm --without-ssl ; fi; )
configure: loading site script /Openwrt/e8450/include/site/aarch64
configure: configuring for GNU Wget 1.21.3
...
checking pkg-config is at least version 0.9.0... yes
checking for ZLIB... yes
checking for NETTLE... yes
checking for INET6 protocol support... yes
...
config.status: creating gnulib_po/Makefile
configure: Summary of build options:

  Version:   1.21.3
  Host OS:   linux-gnu
  Install prefix:/usr
  Compiler:  aarch64-openwrt-linux-musl-gcc
  CFlags:... 
  Libs: 
-L/Openwrt/e8450/staging_dir/target-aarch64_cortex-a53_musl/usr/lib -lpcre 
-L/Openwrt/e8450/staging_dir/target-aarch64_cortex-a53_musl/usr/lib -lnettle 
-L/Openwrt/e8450/staging_dir/target-aarch64_cortex-a53_musl/usr/lib -lz  
  SSL:   no
  Zlib:  yes
  PSL:   no
  PCRE:  yes, via libpcre
  Digest:yes
  NTLM:  yes
  OPIE:  yes
  POSIX xattr:   yes
...








___

Reply to this item at:

  <https://savannah.gnu.org/bugs/?63431>

___
Message sent via Savannah
https://savannah.gnu.org/

[Bug-wget] [bug #46537] Compilation of 1.17 fails when no SSL: 'using_data_security' undeclared

2015-11-26 Thread Hannu Nyman 
URL:
  

 Summary: Compilation of 1.17 fails when no SSL:
'using_data_security' undeclared
 Project: GNU Wget
Submitted by: hnyman
Submitted on: Thu 26 Nov 2015 09:05:42 AM GMT
Category: Build/Install
Severity: 3 - Normal
Priority: 5 - Normal
  Status: None
 Privacy: Public
 Assigned to: None
 Originator Name: 
Originator Email: 
 Open/Closed: Open
 Discussion Lock: Any
 Release: trunk
Operating System: GNU/Linux
 Reproducibility: Every Time
   Fixed Release: None
 Planned Release: None
  Regression: Yes
   Work Required: None
  Patch Included: None

___

Details:

When wget 1.17 is compiled without SSL support, the compilation fails:

ftp.c: In function 'getftp':
ftp.c:396:7: error: 'using_data_security' undeclared (first use in this
function)
   using_data_security = con->st & DATA_CHANNEL_SECURITY;
   ^
ftp.c:396:7: note: each undeclared identifier is reported only once for each
function it appears in

That is because on line 396 there is one statement with 'using_data_security'
outside the "ifdef HAVE_SSL" wrappers. 

http://git.savannah.gnu.org/cgit/wget.git/tree/src/ftp.c?id=v1.17#n396

The variable introduction is inside ifdef, which makes it unknown when no SSL
support is active:
http://git.savannah.gnu.org/cgit/wget.git/tree/src/ftp.c?id=v1.17#n336

The bug is due to commit
http://git.savannah.gnu.org/cgit/wget.git/commit/src/ftp.c?id=f8901af4e02d69c1d8cbedc5d344269d54a73498

Bug is present both in the released 1.17 code and the git master branch.


Ps.
release 1.17 is missing from the bug tracker's release dropdown.




___

Reply to this item at:

  

___
  Message sent via/by Savannah
  http://savannah.gnu.org/

[Bug-wget] [bug #46537] Compilation of 1.17 fails when no SSL: 'using_data_security' undeclared

2015-11-26 Thread Hannu Nyman 
Follow-up Comment #1, bug #46537 (project wget):

There is apparently a second similar HAVE_SSL definition thing:
SCHEME_FTPS is declared inside a HAVE_SSL ifdef, but it is evaluated in main.o
outside such wrapper, causing a second compilation error.

Lines 1845 and 1851:

http://git.savannah.gnu.org/cgit/wget.git/tree/src/main.c#n1845


___

Reply to this item at:

  

___
  Message sent via/by Savannah
  http://savannah.gnu.org/