I tell a slight lie. I have libreswan-3.21-1.el7.centos.x86_64. I
did not realise you'd separated the repos, but the same comments
apply. rpm -qR libreswan-3.21-1.el7.centos.x86_64 does not appear to
have any version requirements for libunbound.so.2 or
libevent-2.0.so.5. I' not sure even where to find the el7.centos
packages on the download site. Presumably the repos are looking
somewhere else. I'll have to dig further.
On 10/08/2017 21:35, Nick Howitt wrote:
Sorry, but I did not build the files. Libreswan came down
automatically from the Libreswan repo last night with a nightly
"yum update". Looking in https://download.libreswan.org/binaries/rhel/7/x86_64/
there are no unbound/unbound-devel packages. Presumably also there
is no requirement in the libreswan rpm for unbound >= 1.5.0
either as that would have stopped it from installing.
On 10/08/2017 21:27, Paul Wouters
wrote:
On Thu, 10 Aug 2017, Nick Howitt wrote:
Presumably then this would be a
non-standard centos7/el7 version of unbound? I normally just
use their pre-compiled rpm
packages and have never compiled any myself. I currently have
v1.4.20-28.el7. I thought in the past when we needed
non-standard versions of the rpm's they were compiled into the
libreswan repo.
Support for that was added in 1.5.0. If you are on rhel/centos
then the
version is not good enough. There is rhbz#1251440 to request a
rebase
for RHEL-7.5. You can find updated unbound packages meanwhile in
our
repository on download.libreswan.org/binaries/rhel/7/
The reason it compiled must have been because
USE_UNBOUND_EVENT_H_COPY
is set to true per default and so you got the newer include file
while having on older library. The reason for this is that due
to
a bug in upstream unbound, they did not install unbound-event.h
even if they compiled in support for libevent into the library.
So
we have to ship our own version of the include file for now
while
distro's catch up and properly ship unbound-event.h.
It's unfortunate that this lead to your upgrade state where
unbound
is not good enough. We did however upgrade our shipped spec
files
to require unbound >= 1.5.0, so I assume you build from your
own
spec file where this was not updated, or else it should have
failed
to build, or when using our binary repo on
download.libreswan.org
for rhel/epel, it would have dragged in a newer unbound as well.
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
|
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
