| From: | Joshua Brindle <joshua(dot)brindle(at)crunchydata(dot)com> |
|---|---|
| To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Cc: | Kevin Burke <kevin(at)burke(dot)dev>, Jacob Champion <pchampion(at)vmware(dot)com>, "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org>, "hlinnaka(at)iki(dot)fi" <hlinnaka(at)iki(dot)fi>, "andrew(dot)dunstan(at)2ndquadrant(dot)com" <andrew(dot)dunstan(at)2ndquadrant(dot)com>, "sfrost(at)snowman(dot)net" <sfrost(at)snowman(dot)net>, "rachelmheaton(at)gmail(dot)com" <rachelmheaton(at)gmail(dot)com>, "thomas(dot)munro(at)gmail(dot)com" <thomas(dot)munro(at)gmail(dot)com>, "michael(at)paquier(dot)xyz" <michael(at)paquier(dot)xyz>, "andres(at)anarazel(dot)de" <andres(at)anarazel(dot)de> |
| Subject: | Re: Support for NSS as a libpq TLS backend |
| Date: | 2021-11-09 21:22:59 |
| Message-ID: | CAGB+Vh7FA3F2fS==ey+fcRByg0A+CgbLNEQaG1uSt5oBjnkmXw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Nov 9, 2021 at 2:02 PM Joshua Brindle
<joshua(dot)brindle(at)crunchydata(dot)com> wrote:
>
> On Tue, Nov 9, 2021 at 1:59 PM Joshua Brindle
> <joshua(dot)brindle(at)crunchydata(dot)com> wrote:
> >
> > On Fri, Nov 5, 2021 at 6:01 AM Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
> > >
> > > Attached is a rebase fixing a tiny bug in the documentation which prevented it
> > > from being able to compile.
> > >
> >
> > Hello, I'm looking to help out with reviews for this CF and I'm
> > currently looking at this patchset.
> >
> > currently I'm stuck trying to configure:
> >
> > checking for nss-config... /usr/bin/nss-config
> > checking for nspr-config... /usr/bin/nspr-config
> > ...
> > checking nss/ssl.h usability... no
> > checking nss/ssl.h presence... no
> > checking for nss/ssl.h... no
> > configure: error: header file <nss/ssl.h> is required for NSS
> >
> > This is on fedora 33 and nss-devel is installed, nss-config is
> > available (and configure finds it) but the directory is different from
> > Ubuntu:
> > (base) [vagrant(at)fedora ~]$ nss-config --includedir
> > /usr/include/nss3
> > (base) [vagrant(at)fedora ~]$ ls -al /usr/include/nss3/ssl.h
> > -rw-r--r--. 1 root root 70450 Sep 30 05:41 /usr/include/nss3/ssl.h
> >
> > So if nss-config --includedir is used then #include <ssl.h> should be
> > used, or if not then #include <nss3/ssl.h> but on this system #include
> > <nss/ssl.h> is not going to work.
>
> FYI, if I make a symlink to get past this, configure completes but
> compilation fails because nspr/nspr.h cannot be found (I'm not sure
> why configure doesn't discover this)
> ../../src/include/common/nss.h:31:10: fatal error: 'nspr/nspr.h' file not found
> #include <nspr/nspr.h>In file included from protocol_nss.c:24:
> ../../src/include/common/nss.h:31:10: fatal error: 'nspr/nspr.h' file not found
> #include <nspr/nspr.h>
> ^~~~~~~~~~~~~
>
> It's a similar issue:
> $ nspr-config --includedir
> /usr/include/nspr4
If these get resolved the next issue is llvm bitcode doesn't compile
because the nss includedir is missing from CPPFLAGS:
/usr/bin/clang -Wno-ignored-attributes -fno-strict-aliasing -fwrapv
-O2 -I../../../src/include -D_GNU_SOURCE -I/usr/include/libxml2
-I/usr/include -flto=thin -emit-llvm -c -o be-secure-nss.bc
be-secure-nss.c
In file included from be-secure-nss.c:20:
In file included from ../../../src/include/common/nss.h:38:
In file included from /usr/include/nss/nss.h:34:
/usr/include/nss/seccomon.h:17:10: fatal error: 'prtypes.h' file not found
#include "prtypes.h"
^~~~~~~~~~~
1 error generated.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2021-11-09 21:34:34 | Re: Commitfest 2021-11 Patch Triage - Part 2 |
| Previous Message | Michail Nikolaev | 2021-11-09 21:15:42 | Re: Slow standby snapshot |