[Bug 1744758] Re: libvirt 2.5.0-3ubuntu5.6~cloud0 appears to be compiled without gnutls
ChristianEhrhardt
1744758 at bugs.launchpad.net
Tue Jan 23 07:04:05 UTC 2018
Hi,
first of all thanks Lee for the update and your help to spot and fix another issue.
So this is 2.5 which was based on the version in Zesty IIRC.
There are no build logs anymore as zesty is out of support already.
So I checked the others first.
Xenial (1.3.1):
checking for GNUTLS... yes
checking for gnutls/crypto.h... yes
configure: gnutls: -I/usr/include/p11-kit-1 -lgnutls
Artful (3.6):
checking for GNUTLS... yes
checking for gnutls/crypto.h... yes
checking for gnutls_rnd... yes
checking for gnutls_cipher_encrypt... yes
configure: gnutls: yes (CFLAGS='-I/usr/include/p11-kit-1' LIBS='-lgnutls')
Ok, good on those two.
So I really need to dig towards the 2.5 version
IIRC there was a bug in gnutls which broke libvirt completely
2.1.0-1ubuntu12 fixed the related FTBFS
2.1.0-1ubuntu13 then depended on the newer fixed gnutls
2.5.0-3ubuntu5.6 is the last of these zesty builds in the main archive
Zesty (2.5):
checking for GNUTLS... yes
checking for gnutls/crypto.h... yes
checking for gnutls_rnd... yes
checking for gnutls_cipher_encrypt... yes
configure: gnutls: yes (CFLAGS='-I/usr/include/p11-kit-1' LIBS='-lgnutls')
But knowing that there was an issue in gnutls causing a FTBFS in libvirt, and that it relied on a newer gnutls might imply that on the cloud archive build this was reverted/dropped - as it most likely has to build against the Xenial version of the lib.
So I checked the cluod-archive build of 2.5.0-3ubuntu5.6~cloud0 at:
https://launchpad.net/~ubuntu-cloud-archive/+archive/ubuntu/ocata-staging/+packages
But that has it as well:
checking for GNUTLS... yes
checking for gnutls/crypto.h... yes
checking for gnutls_rnd... yes
checking for gnutls_cipher_encrypt... yes
configure: gnutls: yes (CFLAGS='-I/usr/include/p11-kit-1' LIBS='-lgnutls')
hmm ...?
** Also affects: cloud-archive
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1744758
Title:
libvirt 2.5.0-3ubuntu5.6~cloud0 appears to be compiled without gnutls
Status in Ubuntu Cloud Archive:
New
Status in libvirt package in Ubuntu:
Incomplete
Bug description:
Currently seeing the following error in OpenStack CI on 16.04 with
Libvirt 2.5.0 provided via the UCA when attempting to create a `luks`
Libvirt secret:
http://logs.openstack.org/50/536350/1/check/legacy-grenade-dsvm-
neutron-multinode-live-
migration/5f7ed57/logs/screen-n-cpu.txt.gz?level=ERROR#_Jan_22_15_09_28_467904
~~~
libvirtError: unsupported configuration: luks encryption requires encrypted secrets to be supported
~~~
This appears to be bubbling up due to the HAVE_GNUTLS_CIPHER_ENCRYPT
macro being 0 in this build due to gnutls_cipher_encrypt being missing
at build time :
src/util/vircrypto.c
102 virCryptoHaveCipher(virCryptoCipher algorithm)
103 {
104 switch (algorithm) {
105
106 case VIR_CRYPTO_CIPHER_AES256CBC:
107 #ifdef HAVE_GNUTLS_CIPHER_ENCRYPT
108 return true;
109 #else
110 return false;
111 #endif
112
113 case VIR_CRYPTO_CIPHER_NONE:
114 case VIR_CRYPTO_CIPHER_LAST:
115 break;
116 };
117
118 return false;
119 }
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1744758/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list