[Openvpn-devel] [PATCH applied] Re: Fix IPv6 route add/delete message log level
Patch looks good, makes sense, thanks for that. Interesting enough, the old code had weird formatting ("msg( M_INFO") which led to weird indenting of the *next* lines - this patch changed the msg() call to have no leading blank, and uncrustify complained that now the successive lines had whitespace errors... fixed on the fly. Not tested beyond "looks reasonable, compiles, and add_route() indeed uses D_ROUTE for informational msg() calls". Your patch has been applied to the master and release/2.6 branch. commit b959b02b4f607628896b4092f7ddfa675e87d929 (master) commit 9abf74c92c1c13de089523babc1dfeda7bb7255f (release/2.6) Author: Steffan Karger Date: Fri Jan 5 14:57:42 2024 +0100 Fix IPv6 route add/delete message log level Signed-off-by: Steffan Karger Acked-by: Gert Doering Message-Id: <20240105135742.21174-1-stef...@karger.me> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27954.html Signed-off-by: Gert Doering -- kind regards, Gert Doering ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH] Fix IPv6 route add/delete message log level
Hi, On Fri, Jan 05, 2024 at 02:57:42PM +0100, Steffan Karger wrote: > We have D_ROUTE for route addition/deletion messages, which prints at > loglevel 3. Use that for IPv6, like we do for IPv4 to reduce terminal > spam for non-legacy-networking setups. Prvious code would print the > messages at --verb 1. Good catch, and a happy new year :-) Acked-By: Gert Doering gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] Fix IPv6 route add/delete message log level
We have D_ROUTE for route addition/deletion messages, which prints at loglevel 3. Use that for IPv6, like we do for IPv4 to reduce terminal spam for non-legacy-networking setups. Prvious code would print the messages at --verb 1. Signed-off-by: Steffan Karger --- src/openvpn/route.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 2f472a1f..e784782b 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -1940,10 +1940,10 @@ add_route_ipv6(struct route_ipv6 *r6, const struct tuntap *tt, #endif #ifndef _WIN32 -msg( M_INFO, "add_route_ipv6(%s/%d -> %s metric %d) dev %s", +msg(D_ROUTE, "add_route_ipv6(%s/%d -> %s metric %d) dev %s", network, r6->netbits, gateway, r6->metric, device ); #else -msg( M_INFO, "add_route_ipv6(%s/%d -> %s metric %d) IF %lu", +msg(D_ROUTE, "add_route_ipv6(%s/%d -> %s metric %d) IF %lu", network, r6->netbits, gateway, r6->metric, r6->adapter_index ? r6->adapter_index : tt->adapter_index); #endif @@ -2394,7 +2394,7 @@ delete_route_ipv6(const struct route_ipv6 *r6, const struct tuntap *tt, } #endif -msg( M_INFO, "delete_route_ipv6(%s/%d)", network, r6->netbits ); +msg(D_ROUTE, "delete_route_ipv6(%s/%d)", network, r6->netbits ); #if defined(TARGET_LINUX) int metric = -1; -- 2.34.1 ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: Clarify that the tls-crypt-v2-verify has a very limited env set
cron2 has uploaded a new patch set (#3) to the change originally created by plaisthos. ( http://gerrit.openvpn.net/c/openvpn/+/488?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by cron2 Change subject: Clarify that the tls-crypt-v2-verify has a very limited env set .. Clarify that the tls-crypt-v2-verify has a very limited env set Change-Id: Ida4d22455c51773b6713caf94a4b4fbe136a6ded Signed-off-by: Arne Schwabe Acked-by: Gert Doering Message-Id: <20240105142432.26298-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27944.html Signed-off-by: Gert Doering --- M doc/man-sections/tls-options.rst 1 file changed, 3 insertions(+), 1 deletion(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/88/488/3 diff --git a/doc/man-sections/tls-options.rst b/doc/man-sections/tls-options.rst index 4c45b10..460cecf 100644 --- a/doc/man-sections/tls-options.rst +++ b/doc/man-sections/tls-options.rst @@ -538,7 +538,9 @@ stack (including the notoriously dangerous X.509 and ASN.1 stacks) to the connecting client. - OpenVPN supplies the following environment variables to the command: + OpenVPN supplies the following environment variables to the command (and + only these variables. The normal environment variables available for + other scripts are NOT present): * :code:`script_type` is set to :code:`tls-crypt-v2-verify` -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/488?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ida4d22455c51773b6713caf94a4b4fbe136a6ded Gerrit-Change-Number: 488 Gerrit-PatchSet: 3 Gerrit-Owner: plaisthos Gerrit-Reviewer: cron2 Gerrit-Reviewer: flichtenheld Gerrit-CC: openvpn-devel Gerrit-MessageType: newpatchset ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: Clarify that the tls-crypt-v2-verify has a very limited env set
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/488?usp=email ) Change subject: Clarify that the tls-crypt-v2-verify has a very limited env set .. Clarify that the tls-crypt-v2-verify has a very limited env set Change-Id: Ida4d22455c51773b6713caf94a4b4fbe136a6ded Signed-off-by: Arne Schwabe Acked-by: Gert Doering Message-Id: <20240105142432.26298-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27944.html Signed-off-by: Gert Doering --- M doc/man-sections/tls-options.rst 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/doc/man-sections/tls-options.rst b/doc/man-sections/tls-options.rst index 4c45b10..460cecf 100644 --- a/doc/man-sections/tls-options.rst +++ b/doc/man-sections/tls-options.rst @@ -538,7 +538,9 @@ stack (including the notoriously dangerous X.509 and ASN.1 stacks) to the connecting client. - OpenVPN supplies the following environment variables to the command: + OpenVPN supplies the following environment variables to the command (and + only these variables. The normal environment variables available for + other scripts are NOT present): * :code:`script_type` is set to :code:`tls-crypt-v2-verify` -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/488?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ida4d22455c51773b6713caf94a4b4fbe136a6ded Gerrit-Change-Number: 488 Gerrit-PatchSet: 3 Gerrit-Owner: plaisthos Gerrit-Reviewer: cron2 Gerrit-Reviewer: flichtenheld Gerrit-CC: openvpn-devel Gerrit-MessageType: merged ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH applied] Re: Clarify that the tls-crypt-v2-verify has a very limited env set
More clear documentation helps avoid user frustration... Your patch has been applied to the master and release/2.6 branch. commit a9fe012ca64d81af37a08666d3e4e74250113db2 (master) commit 322b11ab47763e0d062576cdc907351c700ef371 (release/2.6) Author: Arne Schwabe Date: Fri Jan 5 15:24:32 2024 +0100 Clarify that the tls-crypt-v2-verify has a very limited env set Signed-off-by: Arne Schwabe Acked-by: Gert Doering Message-Id: <20240105142432.26298-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27944.html Signed-off-by: Gert Doering -- kind regards, Gert Doering ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: Make it more explicit and visible when pkg-config is not found
cron2 has uploaded a new patch set (#6) to the change originally created by plaisthos. ( http://gerrit.openvpn.net/c/openvpn/+/465?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by ordex Change subject: Make it more explicit and visible when pkg-config is not found .. Make it more explicit and visible when pkg-config is not found Users seem to struggle to read the full error message. This adds an indication if pkg-config is actually found to the warning/error message that use pkg-config. On platforms that do not require pkg-config and for optional libraries, the existence of pkg-config is mentioned as part of the error/warning message. When found: configure: error: libnl-genl-3.0 package not found or too old. Is the development package and pkg-config (/usr/bin/pkg-config) installed? Must be version 3.4.0 or newer for DCO not found: configure: error: libnl-genl-3.0 package not found or too old. Is the development package and pkg-config (not found) installed? Must be version 3.4.0 or newer for DCO On platforms where pkg-config is required (only Linux at the moment), configure will abort when not detecting pkg-config: checking for pkg-config... no configure: error: pkg-config is required Change-Id: Iebaa35a23e217a4cd7739af229cbfc08a3d8854a Signed-off-by: Arne Schwabe Acked-by: Antonio Quartulli Message-Id: <20240105140540.14757-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27939.html Signed-off-by: Gert Doering --- M configure.ac 1 file changed, 17 insertions(+), 5 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/65/465/6 diff --git a/configure.ac b/configure.ac index f420612..3ad9f14 100644 --- a/configure.ac +++ b/configure.ac @@ -323,6 +323,7 @@ AM_CONDITIONAL([TARGET_LINUX], [true]) AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix]) have_sitnl="yes" + pkg_config_required="yes" ;; *-*-solaris*) AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?]) @@ -376,6 +377,16 @@ AM_CONDITIONAL([CROSS_COMPILING], test "${cross_compiling}" = "yes") PKG_PROG_PKG_CONFIG +# Add variable to print if pkg-config is found or not. Users often miss that +if test "${PKG_CONFIG}" = ""; then + if test "${pkg_config_required}" = "yes"; then + AC_MSG_ERROR([pkg-config is required]) + fi + pkg_config_found="(not found)" +else + pkg_config_found="(${PKG_CONFIG})" +fi + AC_PROG_CPP AC_PROG_INSTALL AC_PROG_LN_S @@ -810,7 +821,7 @@ [libnl-genl-3.0 >= 3.4.0], [have_libnl="yes"], [ - AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config installed? Must be version 3.4.0 or newer for DCO]) + AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config ${pkg_config_found} installed? Must be version 3.4.0 or newer for DCO]) ] ) CFLAGS="${CFLAGS} ${LIBNL_GENL_CFLAGS}" @@ -854,10 +865,11 @@ dnl case "$host" in *-*-linux*) + # We require pkg-config PKG_CHECK_MODULES([LIBCAPNG], [libcap-ng], [], - [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config installed?])] + [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config ${pkg_config_found} installed?])] ) AC_CHECK_HEADER([sys/prctl.h],,[AC_MSG_ERROR([sys/prctl.h not found!])]) @@ -878,7 +890,7 @@ [OPENSSL], [openssl >= 1.0.2], [have_openssl="yes"], - [] # If this fails, we will do another test next + [AC_MSG_WARN([OpenSSL not found by pkg-config ${pkg_config_found}])] # If this fails, we will do another test next ) OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto} fi @@ -1083,7 +1095,7 @@ [WOLFSSL], [wolfssl], [], - [AC_MSG_ERROR([Could not find wolfSSL.])] + [AC_MSG_ERROR([Could not find wolfSSL using pkg-config ${pkg_config_found}])] ) PKG_CHECK_VAR( [WOLFSSL_INCLUDEDIR], @@ -1508,7 +1520,7 @@ PKG_CHECK_MODULES( [CMOCKA], [cmocka],
[Openvpn-devel] [S] Change in openvpn[master]: Make it more explicit and visible when pkg-config is not found
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/465?usp=email ) Change subject: Make it more explicit and visible when pkg-config is not found .. Make it more explicit and visible when pkg-config is not found Users seem to struggle to read the full error message. This adds an indication if pkg-config is actually found to the warning/error message that use pkg-config. On platforms that do not require pkg-config and for optional libraries, the existence of pkg-config is mentioned as part of the error/warning message. When found: configure: error: libnl-genl-3.0 package not found or too old. Is the development package and pkg-config (/usr/bin/pkg-config) installed? Must be version 3.4.0 or newer for DCO not found: configure: error: libnl-genl-3.0 package not found or too old. Is the development package and pkg-config (not found) installed? Must be version 3.4.0 or newer for DCO On platforms where pkg-config is required (only Linux at the moment), configure will abort when not detecting pkg-config: checking for pkg-config... no configure: error: pkg-config is required Change-Id: Iebaa35a23e217a4cd7739af229cbfc08a3d8854a Signed-off-by: Arne Schwabe Acked-by: Antonio Quartulli Message-Id: <20240105140540.14757-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27939.html Signed-off-by: Gert Doering --- M configure.ac 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/configure.ac b/configure.ac index f420612..3ad9f14 100644 --- a/configure.ac +++ b/configure.ac @@ -323,6 +323,7 @@ AM_CONDITIONAL([TARGET_LINUX], [true]) AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix]) have_sitnl="yes" + pkg_config_required="yes" ;; *-*-solaris*) AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?]) @@ -376,6 +377,16 @@ AM_CONDITIONAL([CROSS_COMPILING], test "${cross_compiling}" = "yes") PKG_PROG_PKG_CONFIG +# Add variable to print if pkg-config is found or not. Users often miss that +if test "${PKG_CONFIG}" = ""; then + if test "${pkg_config_required}" = "yes"; then + AC_MSG_ERROR([pkg-config is required]) + fi + pkg_config_found="(not found)" +else + pkg_config_found="(${PKG_CONFIG})" +fi + AC_PROG_CPP AC_PROG_INSTALL AC_PROG_LN_S @@ -810,7 +821,7 @@ [libnl-genl-3.0 >= 3.4.0], [have_libnl="yes"], [ - AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config installed? Must be version 3.4.0 or newer for DCO]) + AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config ${pkg_config_found} installed? Must be version 3.4.0 or newer for DCO]) ] ) CFLAGS="${CFLAGS} ${LIBNL_GENL_CFLAGS}" @@ -854,10 +865,11 @@ dnl case "$host" in *-*-linux*) + # We require pkg-config PKG_CHECK_MODULES([LIBCAPNG], [libcap-ng], [], - [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config installed?])] + [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config ${pkg_config_found} installed?])] ) AC_CHECK_HEADER([sys/prctl.h],,[AC_MSG_ERROR([sys/prctl.h not found!])]) @@ -878,7 +890,7 @@ [OPENSSL], [openssl >= 1.0.2], [have_openssl="yes"], - [] # If this fails, we will do another test next + [AC_MSG_WARN([OpenSSL not found by pkg-config ${pkg_config_found}])] # If this fails, we will do another test next ) OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto} fi @@ -1083,7 +1095,7 @@ [WOLFSSL], [wolfssl], [], - [AC_MSG_ERROR([Could not find wolfSSL.])] + [AC_MSG_ERROR([Could not find wolfSSL using pkg-config ${pkg_config_found}])] ) PKG_CHECK_VAR( [WOLFSSL_INCLUDEDIR], @@ -1508,7 +1520,7 @@ PKG_CHECK_MODULES( [CMOCKA], [cmocka], [have_cmocka="yes"], - [AC_MSG_WARN([cmocka.pc not found on the system. Unit tests disabled])] + [AC_MSG_WARN([cmocka.pc not found on the system using pkg-config ${pkg_config_found}.
[Openvpn-devel] [S] Change in openvpn[master]: GHA: increase verbosity for make check
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/485?usp=email ) Change subject: GHA: increase verbosity for make check .. GHA: increase verbosity for make check Make sure we get to see the test-suite.log on failure. Change-Id: Ie44a4b750605c4cc3ac1f75e1fa5ab85804ffa71 Signed-off-by: Frank Lichtenheld Acked-by: Arne Schwabe Message-Id: <20240105142340.25735-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27943.html Signed-off-by: Gert Doering --- M .github/workflows/build.yaml 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 4393f5c..51100c3 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -163,7 +163,7 @@ - name: make all run: make -j3 - name: make check -run: make check +run: make check VERBOSE=1 ubuntu-clang-asan: strategy: @@ -190,7 +190,7 @@ - name: make all run: make -j3 - name: make check -run: make check +run: make check VERBOSE=1 macos: strategy: @@ -239,7 +239,7 @@ - name: make all run: make -j4 - name: make check -run: make check +run: make check VERBOSE=1 msvc: strategy: @@ -348,7 +348,7 @@ - name: make all run: make -j3 - name: make check -run: make check +run: make check VERBOSE=1 mbedtls3: strategy: @@ -399,4 +399,4 @@ - name: make all run: make -j3 - name: make check -run: make check +run: make check VERBOSE=1 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/485?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ie44a4b750605c4cc3ac1f75e1fa5ab85804ffa71 Gerrit-Change-Number: 485 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-MessageType: merged ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: GHA: increase verbosity for make check
cron2 has uploaded a new patch set (#2) to the change originally created by flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/485?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by plaisthos Change subject: GHA: increase verbosity for make check .. GHA: increase verbosity for make check Make sure we get to see the test-suite.log on failure. Change-Id: Ie44a4b750605c4cc3ac1f75e1fa5ab85804ffa71 Signed-off-by: Frank Lichtenheld Acked-by: Arne Schwabe Message-Id: <20240105142340.25735-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27943.html Signed-off-by: Gert Doering --- M .github/workflows/build.yaml 1 file changed, 5 insertions(+), 5 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/85/485/2 diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 4393f5c..51100c3 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -163,7 +163,7 @@ - name: make all run: make -j3 - name: make check -run: make check +run: make check VERBOSE=1 ubuntu-clang-asan: strategy: @@ -190,7 +190,7 @@ - name: make all run: make -j3 - name: make check -run: make check +run: make check VERBOSE=1 macos: strategy: @@ -239,7 +239,7 @@ - name: make all run: make -j4 - name: make check -run: make check +run: make check VERBOSE=1 msvc: strategy: @@ -348,7 +348,7 @@ - name: make all run: make -j3 - name: make check -run: make check +run: make check VERBOSE=1 mbedtls3: strategy: @@ -399,4 +399,4 @@ - name: make all run: make -j3 - name: make check -run: make check +run: make check VERBOSE=1 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/485?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ie44a4b750605c4cc3ac1f75e1fa5ab85804ffa71 Gerrit-Change-Number: 485 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-MessageType: newpatchset ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH applied] Re: GHA: increase verbosity for make check
serial-tests change is only in master, so this only goes to master (for now). Your patch has been applied to the master branch. commit 55c734d7c02f9778321af550a9e0d12638fe12a0 Author: Frank Lichtenheld Date: Fri Jan 5 15:23:39 2024 +0100 GHA: increase verbosity for make check Signed-off-by: Frank Lichtenheld Acked-by: Arne Schwabe Message-Id: <20240105142340.25735-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27943.html Signed-off-by: Gert Doering -- kind regards, Gert Doering ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH applied] Re: Make it more explicit and visible when pkg-config is not found
This should be really helping clearing up user confusion, which our current messages don't do ("but I do have all the libraries, why is it still failing?"). Thanks, Antonio, for testing and ACKing. I have not explicitly tested anything, just pushed to GHA and buildbot, to be sure it's not accidently breaking some oddball plattform. Your patch has been applied to the master and release/2.6 branch. commit c0f38019b4a2044c1fe873d7d33c13ce571d3386 (master) commit d602fc03e9719681fd3c9f45922fbca9470e3afa (release/2.6) Author: Arne Schwabe Date: Fri Jan 5 15:05:40 2024 +0100 Make it more explicit and visible when pkg-config is not found Signed-off-by: Arne Schwabe Acked-by: Antonio Quartulli Message-Id: <20240105140540.14757-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27939.html Signed-off-by: Gert Doering -- kind regards, Gert Doering ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH v2] Clarify that the tls-crypt-v2-verify has a very limited env set
From: Arne Schwabe Change-Id: Ida4d22455c51773b6713caf94a4b4fbe136a6ded Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/488 This mail reflects revision 2 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/doc/man-sections/tls-options.rst b/doc/man-sections/tls-options.rst index 4c45b10..460cecf 100644 --- a/doc/man-sections/tls-options.rst +++ b/doc/man-sections/tls-options.rst @@ -538,7 +538,9 @@ stack (including the notoriously dangerous X.509 and ASN.1 stacks) to the connecting client. - OpenVPN supplies the following environment variables to the command: + OpenVPN supplies the following environment variables to the command (and + only these variables. The normal environment variables available for + other scripts are NOT present): * :code:`script_type` is set to :code:`tls-crypt-v2-verify` ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH v1] GHA: increase verbosity for make check
From: Frank Lichtenheld Make sure we get to see the test-suite.log on failure. Change-Id: Ie44a4b750605c4cc3ac1f75e1fa5ab85804ffa71 Signed-off-by: Frank Lichtenheld Acked-by: Arne Schwabe --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/485 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Arne Schwabe diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 4393f5c..51100c3 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -163,7 +163,7 @@ - name: make all run: make -j3 - name: make check -run: make check +run: make check VERBOSE=1 ubuntu-clang-asan: strategy: @@ -190,7 +190,7 @@ - name: make all run: make -j3 - name: make check -run: make check +run: make check VERBOSE=1 macos: strategy: @@ -239,7 +239,7 @@ - name: make all run: make -j4 - name: make check -run: make check +run: make check VERBOSE=1 msvc: strategy: @@ -348,7 +348,7 @@ - name: make all run: make -j3 - name: make check -run: make check +run: make check VERBOSE=1 mbedtls3: strategy: @@ -399,4 +399,4 @@ - name: make all run: make -j3 - name: make check -run: make check +run: make check VERBOSE=1 ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: GHA: increase verbosity for make check
Attention is currently required from: flichtenheld. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/485?usp=email ) Change subject: GHA: increase verbosity for make check .. Patch Set 1: Code-Review+2 (1 comment) Patchset: PS1: > Retracting my previous ACK. I mixed up cmake VERBOSE=1 with the V=1 of make. I had still a backout of the serial test in my branch, so I did had the generated code for this in my tree: tests/unit_tests/openvpn/Makefile:test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); So it actually works. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/485?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ie44a4b750605c4cc3ac1f75e1fa5ab85804ffa71 Gerrit-Change-Number: 485 Gerrit-PatchSet: 1 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Fri, 05 Jan 2024 14:19:56 + Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Comment-In-Reply-To: plaisthos Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: Clarify that the tls-crypt-v2-verify has a very limited env set
Attention is currently required from: flichtenheld, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/488?usp=email ) Change subject: Clarify that the tls-crypt-v2-verify has a very limited env set .. Patch Set 2: Code-Review+2 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/488?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ida4d22455c51773b6713caf94a4b4fbe136a6ded Gerrit-Change-Number: 488 Gerrit-PatchSet: 2 Gerrit-Owner: plaisthos Gerrit-Reviewer: cron2 Gerrit-Reviewer: flichtenheld Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Fri, 05 Jan 2024 14:17:26 + Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: GHA: increase verbosity for make check
Attention is currently required from: flichtenheld. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/485?usp=email ) The change is no longer submittable: Code-Review is unsatisfied now. Change subject: GHA: increase verbosity for make check .. Patch Set 1: -Code-Review (1 comment) Patchset: PS1: Retracting my previous ACK. I mixed up cmake VERBOSE=1 with the V=1 of make. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/485?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ie44a4b750605c4cc3ac1f75e1fa5ab85804ffa71 Gerrit-Change-Number: 485 Gerrit-PatchSet: 1 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Fri, 05 Jan 2024 14:09:44 + Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH v5] Make it more explicit and visible when pkg-config is not found
From: Arne Schwabe Users seem to struggle to read the full error message. This adds an indication if pkg-config is actually found to the warning/error message that use pkg-config. On platforms that do not require pkg-config and for optional libraries, the existence of pkg-config is mentioned as part of the error/warning message. When found: configure: error: libnl-genl-3.0 package not found or too old. Is the development package and pkg-config (/usr/bin/pkg-config) installed? Must be version 3.4.0 or newer for DCO not found: configure: error: libnl-genl-3.0 package not found or too old. Is the development package and pkg-config (not found) installed? Must be version 3.4.0 or newer for DCO On platforms where pkg-config is required (only Linux at the moment), configure will abort when not detecting pkg-config: checking for pkg-config... no configure: error: pkg-config is required Change-Id: Iebaa35a23e217a4cd7739af229cbfc08a3d8854a Signed-off-by: Arne Schwabe Acked-by: Antonio Quartulli --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/465 This mail reflects revision 5 of this Change. Acked-by according to Gerrit (reflected above): Antonio Quartulli diff --git a/configure.ac b/configure.ac index f420612..3ad9f14 100644 --- a/configure.ac +++ b/configure.ac @@ -323,6 +323,7 @@ AM_CONDITIONAL([TARGET_LINUX], [true]) AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix]) have_sitnl="yes" + pkg_config_required="yes" ;; *-*-solaris*) AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?]) @@ -376,6 +377,16 @@ AM_CONDITIONAL([CROSS_COMPILING], test "${cross_compiling}" = "yes") PKG_PROG_PKG_CONFIG +# Add variable to print if pkg-config is found or not. Users often miss that +if test "${PKG_CONFIG}" = ""; then + if test "${pkg_config_required}" = "yes"; then + AC_MSG_ERROR([pkg-config is required]) + fi + pkg_config_found="(not found)" +else + pkg_config_found="(${PKG_CONFIG})" +fi + AC_PROG_CPP AC_PROG_INSTALL AC_PROG_LN_S @@ -810,7 +821,7 @@ [libnl-genl-3.0 >= 3.4.0], [have_libnl="yes"], [ - AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config installed? Must be version 3.4.0 or newer for DCO]) + AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config ${pkg_config_found} installed? Must be version 3.4.0 or newer for DCO]) ] ) CFLAGS="${CFLAGS} ${LIBNL_GENL_CFLAGS}" @@ -854,10 +865,11 @@ dnl case "$host" in *-*-linux*) + # We require pkg-config PKG_CHECK_MODULES([LIBCAPNG], [libcap-ng], [], - [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config installed?])] + [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config ${pkg_config_found} installed?])] ) AC_CHECK_HEADER([sys/prctl.h],,[AC_MSG_ERROR([sys/prctl.h not found!])]) @@ -878,7 +890,7 @@ [OPENSSL], [openssl >= 1.0.2], [have_openssl="yes"], - [] # If this fails, we will do another test next + [AC_MSG_WARN([OpenSSL not found by pkg-config ${pkg_config_found}])] # If this fails, we will do another test next ) OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto} fi @@ -1083,7 +1095,7 @@ [WOLFSSL], [wolfssl], [], - [AC_MSG_ERROR([Could not find wolfSSL.])] + [AC_MSG_ERROR([Could not find wolfSSL using pkg-config ${pkg_config_found}])] ) PKG_CHECK_VAR( [WOLFSSL_INCLUDEDIR], @@ -1508,7 +1520,7 @@ PKG_CHECK_MODULES( [CMOCKA], [cmocka], [have_cmocka="yes"], - [AC_MSG_WARN([cmocka.pc not found on the system. Unit tests disabled])] + [AC_MSG_WARN([cmocka.pc not found on the system using pkg-config ${pkg_config_found}. Unit tests disabled])] ) AM_CONDITIONAL([ENABLE_UNITTESTS], [test "${enable_unit_tests}" = "yes" -a "${have_cmocka}" = "yes" ]) AC_SUBST([ENABLE_UNITTESTS]) ___ Openvpn-devel mailing
[Openvpn-devel] [M] Change in openvpn[master]: Implement generating TLS 1.0 PRF using new OpenSSL 3.0 APIs
Attention is currently required from: flichtenheld. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/457?usp=email ) Change subject: Implement generating TLS 1.0 PRF using new OpenSSL 3.0 APIs .. Patch Set 8: (2 comments) File src/openvpn/crypto_openssl.c: http://gerrit.openvpn.net/c/openvpn/+/457/comment/c96ab8f9_d5967aa5 : PS7, Line 1406: (uint8_t *) secret, (size_t) secret_len); > Makes format-check unhappy Done http://gerrit.openvpn.net/c/openvpn/+/457/comment/648e41e0_161b8fa0 : PS7, Line 1424: EVP_KDF_free(kdf); > double free? Done -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/457?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ic74195a4ed340547c5e862dc2438f95be318c286 Gerrit-Change-Number: 457 Gerrit-PatchSet: 8 Gerrit-Owner: plaisthos Gerrit-Reviewer: flichtenheld Gerrit-CC: openvpn-devel Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Fri, 05 Jan 2024 13:56:11 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: flichtenheld Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [M] Change in openvpn[master]: Implement generating TLS 1.0 PRF using new OpenSSL 3.0 APIs
Attention is currently required from: plaisthos. Hello flichtenheld, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/457?usp=email to look at the new patch set (#8). Change subject: Implement generating TLS 1.0 PRF using new OpenSSL 3.0 APIs .. Implement generating TLS 1.0 PRF using new OpenSSL 3.0 APIs OpenSSL 3.0 introduced a new API for doing key derivation. So this leaves us now with three different implementation for 1.0.2, 1.1.x and 3.x. This was initially done to maybe still have a working TLS 1.0 PRF when using OpenSSL 3.0 in FIPS butit gives the same error as with the older API but since moving to a new API is always good, we use the new API when using OpenSSL 3.0. We also print the internal OpenSSL error message when the KDF fails. This also allows us now to compile an OpenSSL build that has been built with OPENSSL_NO_MD5. Which is not yet common but might be in the future. Change-Id: Ic74195a4ed340547c5e862dc2438f95be318c286 Signed-off-by: Arne Schwabe --- M src/openvpn/crypto_openssl.c 1 file changed, 51 insertions(+), 1 deletion(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/57/457/8 diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index e8ddf14..4fd5e6b 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -54,6 +54,7 @@ #endif #if OPENSSL_VERSION_NUMBER >= 0x3000L #include +#include #endif #if defined(_WIN32) && defined(OPENSSL_NO_EC) @@ -1329,8 +1330,57 @@ { return CRYPTO_memcmp(a, b, size); } +#if (OPENSSL_VERSION_NUMBER >= 0x3000L) && !defined(LIBRESSL_VERSION_NUMBER) +bool +ssl_tls1_PRF(const uint8_t *seed, int seed_len, const uint8_t *secret, + int secret_len, uint8_t *output, int output_len) +{ +bool ret = true; +EVP_KDF_CTX *kctx = NULL; -#if (OPENSSL_VERSION_NUMBER >= 0x1010L) && !defined(LIBRESSL_VERSION_NUMBER) + +EVP_KDF *kdf = EVP_KDF_fetch(NULL, "TLS1-PRF", NULL); +if (!kdf) +{ +goto err; +} + +kctx = EVP_KDF_CTX_new(kdf); + +if (!kctx) +{ +goto err; +} + +OSSL_PARAM params[4]; + +/* The OpenSSL APIs require us to cast the const aways even though the + * strings are never changed and only read */ +params[0] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, + SN_md5_sha1, strlen(SN_md5_sha1)); +params[1] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET, + (uint8_t *) secret, (size_t) secret_len); +params[2] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED, + (uint8_t *) seed, (size_t) seed_len); +params[3] = OSSL_PARAM_construct_end(); + +if (EVP_KDF_derive(kctx, output, output_len, params) <= 0) +{ +crypto_msg(D_TLS_DEBUG_LOW, "Generating TLS 1.0 PRF using " + "EVP_KDF_derive failed"); +goto err; +} + +goto out; + +err: +ret = false; +out: +EVP_KDF_free(kdf); + +return ret; +} +#elif (OPENSSL_VERSION_NUMBER >= 0x1010L) && !defined(LIBRESSL_VERSION_NUMBER) bool ssl_tls1_PRF(const uint8_t *seed, int seed_len, const uint8_t *secret, int secret_len, uint8_t *output, int output_len) -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/457?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ic74195a4ed340547c5e862dc2438f95be318c286 Gerrit-Change-Number: 457 Gerrit-PatchSet: 8 Gerrit-Owner: plaisthos Gerrit-Reviewer: flichtenheld Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-MessageType: newpatchset ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: GHA: increase verbosity for make check
Attention is currently required from: flichtenheld. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/485?usp=email ) Change subject: GHA: increase verbosity for make check .. Patch Set 1: Code-Review+2 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/485?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ie44a4b750605c4cc3ac1f75e1fa5ab85804ffa71 Gerrit-Change-Number: 485 Gerrit-PatchSet: 1 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Fri, 05 Jan 2024 13:54:02 + Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: Make it more explicit and visible when pkg-config is not found
Attention is currently required from: cron2, flichtenheld, plaisthos. ordex has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/465?usp=email ) Change subject: Make it more explicit and visible when pkg-config is not found .. Patch Set 5: Code-Review+2 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/465?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Iebaa35a23e217a4cd7739af229cbfc08a3d8854a Gerrit-Change-Number: 465 Gerrit-PatchSet: 5 Gerrit-Owner: plaisthos Gerrit-Reviewer: cron2 Gerrit-Reviewer: flichtenheld Gerrit-Reviewer: ordex Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: cron2 Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Fri, 05 Jan 2024 13:51:23 + Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: Make it more explicit and visible when pkg-config is not found
Attention is currently required from: cron2, flichtenheld, ordex. Hello cron2, flichtenheld, ordex, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/465?usp=email to look at the new patch set (#5). Change subject: Make it more explicit and visible when pkg-config is not found .. Make it more explicit and visible when pkg-config is not found Users seem to struggle to read the full error message. This adds an indication if pkg-config is actually found to the warning/error message that use pkg-config. On platforms that do not require pkg-config and for optional libraries, the existence of pkg-config is mentioned as part of the error/warning message. When found: configure: error: libnl-genl-3.0 package not found or too old. Is the development package and pkg-config (/usr/bin/pkg-config) installed? Must be version 3.4.0 or newer for DCO not found: configure: error: libnl-genl-3.0 package not found or too old. Is the development package and pkg-config (not found) installed? Must be version 3.4.0 or newer for DCO On platforms where pkg-config is required (only Linux at the moment), configure will abort when not detecting pkg-config: checking for pkg-config... no configure: error: pkg-config is required Change-Id: Iebaa35a23e217a4cd7739af229cbfc08a3d8854a Signed-off-by: Arne Schwabe --- M configure.ac 1 file changed, 17 insertions(+), 5 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/65/465/5 diff --git a/configure.ac b/configure.ac index f420612..3ad9f14 100644 --- a/configure.ac +++ b/configure.ac @@ -323,6 +323,7 @@ AM_CONDITIONAL([TARGET_LINUX], [true]) AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix]) have_sitnl="yes" + pkg_config_required="yes" ;; *-*-solaris*) AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?]) @@ -376,6 +377,16 @@ AM_CONDITIONAL([CROSS_COMPILING], test "${cross_compiling}" = "yes") PKG_PROG_PKG_CONFIG +# Add variable to print if pkg-config is found or not. Users often miss that +if test "${PKG_CONFIG}" = ""; then + if test "${pkg_config_required}" = "yes"; then + AC_MSG_ERROR([pkg-config is required]) + fi + pkg_config_found="(not found)" +else + pkg_config_found="(${PKG_CONFIG})" +fi + AC_PROG_CPP AC_PROG_INSTALL AC_PROG_LN_S @@ -810,7 +821,7 @@ [libnl-genl-3.0 >= 3.4.0], [have_libnl="yes"], [ - AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config installed? Must be version 3.4.0 or newer for DCO]) + AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config ${pkg_config_found} installed? Must be version 3.4.0 or newer for DCO]) ] ) CFLAGS="${CFLAGS} ${LIBNL_GENL_CFLAGS}" @@ -854,10 +865,11 @@ dnl case "$host" in *-*-linux*) + # We require pkg-config PKG_CHECK_MODULES([LIBCAPNG], [libcap-ng], [], - [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config installed?])] + [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config ${pkg_config_found} installed?])] ) AC_CHECK_HEADER([sys/prctl.h],,[AC_MSG_ERROR([sys/prctl.h not found!])]) @@ -878,7 +890,7 @@ [OPENSSL], [openssl >= 1.0.2], [have_openssl="yes"], - [] # If this fails, we will do another test next + [AC_MSG_WARN([OpenSSL not found by pkg-config ${pkg_config_found}])] # If this fails, we will do another test next ) OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto} fi @@ -1083,7 +1095,7 @@ [WOLFSSL], [wolfssl], [], - [AC_MSG_ERROR([Could not find wolfSSL.])] + [AC_MSG_ERROR([Could not find wolfSSL using pkg-config ${pkg_config_found}])] ) PKG_CHECK_VAR( [WOLFSSL_INCLUDEDIR], @@ -1508,7 +1520,7 @@ PKG_CHECK_MODULES( [CMOCKA], [cmocka], [have_cmocka="yes"], - [AC_MSG_WARN([cmocka.pc not found on the system. Unit tests disabled])] + [AC_MSG_WARN([cmocka.pc not found on the system using pkg-config
[Openvpn-devel] [S] Change in openvpn[master]: Make it more explicit and visible when pkg-config is not found
Attention is currently required from: cron2, flichtenheld, ordex, plaisthos. Hello cron2, flichtenheld, ordex, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/465?usp=email to look at the new patch set (#4). The following approvals got outdated and were removed: Code-Review+2 by cron2, Code-Review-1 by ordex The change is no longer submittable: Code-Review and checks~ChecksSubmitRule are unsatisfied now. Change subject: Make it more explicit and visible when pkg-config is not found .. Make it more explicit and visible when pkg-config is not found Users seem to struggle to read the full error message. This adds an indication if pkg-config is actually found to the warning/error message that use pkg-config. On platforms that do not require pkg-config and for optional libraries, the existence of pkg-config is mentioned as part of the error/warning message. When found: configure: error: libnl-genl-3.0 package not found or too old. Is the development package and pkg-config (/usr/bin/pkg-config) installed? Must be version 3.4.0 or newer for DCO not found: configure: error: libnl-genl-3.0 package not found or too old. Is the development package and pkg-config (not found) installed? Must be version 3.4.0 or newer for DCO On platforms where pkg-config is required (only Linux at the moment), configure will abort when not detecting pkg-config: checking for pkg-config... no configure: error: pkg-config is required Change-Id: Iebaa35a23e217a4cd7739af229cbfc08a3d8854a Signed-off-by: Arne Schwabe --- M configure.ac 1 file changed, 17 insertions(+), 5 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/65/465/4 diff --git a/configure.ac b/configure.ac index f420612..17e2f49 100644 --- a/configure.ac +++ b/configure.ac @@ -323,6 +323,7 @@ AM_CONDITIONAL([TARGET_LINUX], [true]) AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["L"], [Target prefix]) have_sitnl="yes" + pkg_config_required="yes" ;; *-*-solaris*) AC_DEFINE([TARGET_SOLARIS], [1], [Are we running on Solaris?]) @@ -376,6 +377,16 @@ AM_CONDITIONAL([CROSS_COMPILING], test "${cross_compiling}" = "yes") PKG_PROG_PKG_CONFIG +# Add variable to print if pkg-config is found or not. Users often miss that +if test "${PKG_CONFIG}" = ""; then +if test "${pkg_config_required}" = "yes"; then +AC_MSG_ERROR([pkg-config is required]) +fi +pkg_config_found="(not found)" +else +pkg_config_found="(${PKG_CONFIG})" +fi + AC_PROG_CPP AC_PROG_INSTALL AC_PROG_LN_S @@ -810,7 +821,7 @@ [libnl-genl-3.0 >= 3.4.0], [have_libnl="yes"], [ - AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config installed? Must be version 3.4.0 or newer for DCO]) + AC_MSG_ERROR([libnl-genl-3.0 package not found or too old. Is the development package and pkg-config ${pkg_config_found} installed? Must be version 3.4.0 or newer for DCO]) ] ) CFLAGS="${CFLAGS} ${LIBNL_GENL_CFLAGS}" @@ -854,10 +865,11 @@ dnl case "$host" in *-*-linux*) + # We require pkg-config PKG_CHECK_MODULES([LIBCAPNG], [libcap-ng], [], - [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config installed?])] + [AC_MSG_ERROR([libcap-ng package not found. Is the development package and pkg-config ${pkg_config_found} installed?])] ) AC_CHECK_HEADER([sys/prctl.h],,[AC_MSG_ERROR([sys/prctl.h not found!])]) @@ -878,7 +890,7 @@ [OPENSSL], [openssl >= 1.0.2], [have_openssl="yes"], - [] # If this fails, we will do another test next + [AC_MSG_WARN([OpenSSL not found by pkg-config ${pkg_config_found}])] # If this fails, we will do another test next ) OPENSSL_LIBS=${OPENSSL_LIBS:--lssl -lcrypto} fi @@ -1083,7 +1095,7 @@ [WOLFSSL], [wolfssl], [], - [AC_MSG_ERROR([Could not find wolfSSL.])] + [AC_MSG_ERROR([Could not find wolfSSL using pkg-config ${pkg_config_found}])] ) PKG_CHECK_VAR( [WOLFSSL_INCLUDEDIR], @@ -1508,7 +1520,7 @@ PKG_CHECK_MODULES(
[Openvpn-devel] [S] Change in openvpn[master]: Make it more explicit and visible when pkg-config is not found
Attention is currently required from: cron2, flichtenheld, ordex. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/465?usp=email ) Change subject: Make it more explicit and visible when pkg-config is not found .. Patch Set 4: (2 comments) File configure.ac: http://gerrit.openvpn.net/c/openvpn/+/465/comment/dcc958e2_10a99171 : PS3, Line 385: pkg_config_found="(not found)" > am I wrong or there is some indentation havoc here? The line above uses > 8blanks tab, but the lines b […] Done http://gerrit.openvpn.net/c/openvpn/+/465/comment/2097ad6b_aaa8c8c1 : PS3, Line 387: pkg_config_found="(using ${PKG_CONFIG})" > many error messages already contain 'using pkg-config', therefore the text > above will lead to 'using […] Done -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/465?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Iebaa35a23e217a4cd7739af229cbfc08a3d8854a Gerrit-Change-Number: 465 Gerrit-PatchSet: 4 Gerrit-Owner: plaisthos Gerrit-Reviewer: cron2 Gerrit-Reviewer: flichtenheld Gerrit-Reviewer: ordex Gerrit-CC: openvpn-devel Gerrit-Attention: cron2 Gerrit-Attention: flichtenheld Gerrit-Attention: ordex Gerrit-Comment-Date: Fri, 05 Jan 2024 12:25:08 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: ordex Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel