Am Dienstag, den 17.03.2015, 10:01 +0100 schrieb Sebastien Ferre: > Hi, > > when trying to use gnutls for TLS-secured > connections with ocamlnet, I encounter a > problem with SRP functions. > > When linking with package nettls-gnutls of > ocamlnet, I get the following linking errors > (excerpt here, full log at the end). > > /local/ferre/.opam/system/lib/nettls-gnutls/libnettls-gnutls.a(nettls_gnutls_bindings_stubs.o): > In function `abs_gnutls_srp_client_credentials_t_finalize': > /home/ferre/.opam/system/build/ocamlnet.4.0.2/src/nettls-gnutls/nettls_gnutls_bindings_stubs.c:1841: > undefined reference to `gnutls_srp_free_client_credentials' > [...] > > All undefined functions start with 'gnutls_srp_'. After > some web search, I found that those functions are excluded > in some Linux distributions (mine is a Fedora) because of > patent issues. I was unaware of this. > Are those functions really necessary for TLS connections ? For TLS connections secured by X.509 keys these are not needed. (TLS is a wide area, and there are more cryptographic options than what you typically find in e.g. web browsers. SRP is one of these options.) > If not, is there a patch of the package 'nettls-gnutls' that > avoids them ? If yes, is there a workaround ? Has anybody else > encounter the same problem. In the svn repo of ocamlnet I just marked the srp functions as optional (https://godirepo.camlcity.org/svn/lib-ocamlnet2/trunk/). I don't know whether this is sufficient or not, as I have no system for testing. Gerd > > My global objective is to provide a secure authentication > for a Web application. > > Thanks, > --- > Sébastien Ferré > > ============================================================== > /local/ferre/.opam/system/lib/nettls-gnutls/libnettls-gnutls.a(nettls_gnutls_bindings_stubs.o): > In function `abs_gnutls_srp_client_credentials_t_finalize': > /home/ferre/.opam/system/build/ocamlnet.4.0.2/src/nettls-gnutls/nettls_gnutls_bindings_stubs.c:1841: > undefined reference to `gnutls_srp_free_client_credentials' > /local/ferre/.opam/system/lib/nettls-gnutls/libnettls-gnutls.a(nettls_gnutls_bindings_stubs.o): > In function `abs_gnutls_srp_server_credentials_t_finalize': > /home/ferre/.opam/system/build/ocamlnet.4.0.2/src/nettls-gnutls/nettls_gnutls_bindings_stubs.c:1770: > undefined reference to `gnutls_srp_free_server_credentials' > /local/ferre/.opam/system/lib/nettls-gnutls/libnettls-gnutls.a(nettls_gnutls_bindings_stubs.o): > In function `net_gnutls_srp_allocate_client_credentials': > /home/ferre/.opam/system/build/ocamlnet.4.0.2/src/nettls-gnutls/nettls_gnutls_bindings_stubs.c:5431: > undefined reference to `gnutls_srp_allocate_client_credentials' > /local/ferre/.opam/system/lib/nettls-gnutls/libnettls-gnutls.a(nettls_gnutls_bindings_stubs.o): > In function `net_gnutls_srp_set_client_credentials': > /home/ferre/.opam/system/build/ocamlnet.4.0.2/src/nettls-gnutls/nettls_gnutls_bindings_stubs.c:5446: > undefined reference to `gnutls_srp_set_client_credentials' > /local/ferre/.opam/system/lib/nettls-gnutls/libnettls-gnutls.a(nettls_gnutls_bindings_stubs.o): > In function `net_gnutls_srp_allocate_server_credentials': > /home/ferre/.opam/system/build/ocamlnet.4.0.2/src/nettls-gnutls/nettls_gnutls_bindings_stubs.c:5456: > undefined reference to `gnutls_srp_allocate_server_credentials' > /local/ferre/.opam/system/lib/nettls-gnutls/libnettls-gnutls.a(nettls_gnutls_bindings_stubs.o): > In function `net_gnutls_srp_set_server_credentials_file': > /home/ferre/.opam/system/build/ocamlnet.4.0.2/src/nettls-gnutls/nettls_gnutls_bindings_stubs.c:5471: > undefined reference to `gnutls_srp_set_server_credentials_file' > /local/ferre/.opam/system/lib/nettls-gnutls/libnettls-gnutls.a(nettls_gnutls_bindings_stubs.o): > In function `net_gnutls_srp_server_get_username': > /home/ferre/.opam/system/build/ocamlnet.4.0.2/src/nettls-gnutls/nettls_gnutls_bindings_stubs.c:5482: > undefined reference to `gnutls_srp_server_get_username' > /local/ferre/.opam/system/lib/nettls-gnutls/libnettls-gnutls.a(nettls_gnutls_bindings_stubs.o): > In function `net_gnutls_srp_set_prime_bits': > /home/ferre/.opam/system/build/ocamlnet.4.0.2/src/nettls-gnutls/nettls_gnutls_bindings_stubs.c:5493: > undefined reference to `gnutls_srp_set_prime_bits' > /local/ferre/.opam/system/lib/nettls-gnutls/libnettls-gnutls.a(nettls_gnutls_bindings_stubs.o): > In function `net_gnutls_srp_verifier': > /home/ferre/.opam/system/build/ocamlnet.4.0.2/src/nettls-gnutls/nettls_gnutls_bindings_stubs.c:5512: > undefined reference to `gnutls_srp_verifier' > collect2: error: ld returned 1 exit status > File "caml_startup", line 1: > Error: Error during linking > > -- ------------------------------------------------------------ Gerd Stolpmann, Darmstadt, Germany gerd@gerd-stolpmann.de My OCaml site: http://www.camlcity.org Contact details: http://www.camlcity.org/contact.html Company homepage: http://www.gerd-stolpmann.de ------------------------------------------------------------