[arch-general] about ecryptfs-utils, openssl supporting should be added ?

Eli Schwartz eschwartz at archlinux.org
Wed Nov 27 17:22:04 UTC 2019 

On 11/27/19 11:52 AM, Karol Babioch wrote:
> Hi,
> 
> Am 27.11.19 um 05:42 schrieb Yi Zheng via arch-general:
>> why not add '--enable-openssl' into the configure options?
>>
>> Does it support OpenSSL now?
> 
> This mailing list might not be the right place (TM) to ask those kind of
> questions. You should rather ask questions like this directly to the
> package maintainer(s), which for this package [1] happen to be:
> 
>> # Maintainer: Timothy Redaelli <timothy.redaelli at gmail.com>
>> # Contributor: Richard Murri <admin at richardmurri.com>
>> # Contributor: Michal Krenek <mikos at sg1.cz>

The maintainer listed in the file retired from Arch, and the package has
not been updated since then except for two mass rebuilds, one for
openssl 1.1.0 and one for PIE/BUILDINFO.

Wait, what was that about openssl support?

> Alternatively you can file a bug [2], so it gets attention by the right
> people.

Always try to verify if the bug actually exists before reporting it.
Whether the --enable-openssl flag is passed or not is irrelevant, most
projects will tend to make support for basic things like openssl, the
default.

$ pkg-list-linked-libraries ecryptfs-utils
==> checking linked libraries for ecryptfs-utils-111-3-x86_64.pkg.tar.xz ...
[..]
/usr/lib/ecryptfs/libecryptfs_key_mod_openssl.so
  NEEDED               libcrypto.so.1.1
  NEEDED               libdl.so.2
  NEEDED               libc.so.6
[...]

And indeed, the configure.ac for the project contains:

AC_ARG_ENABLE(
	[openssl],
	[AS_HELP_STRING([--disable-openssl],[Disable build of OpenSSL key
module])],
	,
	[enable_openssl="detect"]
)

If not explicitly disabled, it will try to check for libcrypto using
pkg-config, then fall back on checking for openssl using pkg-config,
then fall back on using AC_CHECK_LIB to try to find -lcrypto with a
usable RSA_version public function.

The "detect" criteria is always met because openssl is a core
functionality for Arch Linux, for example curl/libcurl depends on
libssl, and pacman uses libcurl as well as directly using libcrypto.
coreutils also depends on openssl.

In the unlikely event that openssl was removed from the set of packages
installed in a base installation (which would be an event of note for
linux distributions in general), the ecryptfs-utils PKGBUILD would only
need to explicitly depend on openssl.

-- 
Eli Schwartz
Bug Wrangler and Trusted User

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1601 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20191127/1effd416/attachment.sig>

More information about the arch-general mailing list