[Dnsmasq-discuss] Stumped

Simon Kelley simon at thekelleys.org.uk
Wed Oct 31 21:04:28 GMT 2018


I'm confused by the references to openssl in your description. Dnsmasq
with DNSSEC does NOT depend on openSSL. You just need libnettle and
libhogweed installed in the standard way, and accessible via pkg-config.

version 3.4 should be fine.


Cheers,

Simon.



On 31/10/2018 03:21, Peter Nehem wrote:
> Hello All,
>  I'm stumped I've been trying to compile dnsmasq for Centos 7.5 because
> the version for Centos 7.5 doesn't have any of the extra features turned
> on, namely dnssec and several others. But I keep getting this error
> message no matter what I do:
> 
> ccache gcc -Wall -W -O2   -DVERSION='"2.76"' -I/usr/include/dbus-1.0
> -I/usr/lib64/dbus-1.0/include           -I/usr/local/include    -c
> dnssec.c   
> dnssec.c: In function ‘dnsmasq_ecdsa_verify’:
> dnssec.c:266:36: error: ‘nettle_secp_256r1’ undeclared (first use in
> this function)
>     nettle_ecc_point_init(key_256, &nettle_secp_256r1);
>                                     ^
> dnssec.c:266:36: note: each undeclared identifier is reported only once
> for each function it appears in
> dnssec.c:279:36: error: ‘nettle_secp_384r1’ undeclared (first use in
> this function)
>     nettle_ecc_point_init(key_384, &nettle_secp_384r1);
>                                     ^
> make[1]: *** [/mnt/sdb1/dnsmasq-2.76/Makefile:157: dnssec.o] Error 1
> make[1]: Leaving directory '/mnt/sdb1/dnsmasq-2.76/src'
> make: *** [Makefile:83: all] Error 2
> 
> I have gotten it in every version I've tried to compile. I've tried
> dnsmasq-master, dnsmasq-2.80, most recent snapshot, dnsmasq-2.76. I
> tried having it read from openssl-1.1.1 that I have complied for nginx,
> but that didn't work, so I recompiled Nettle-3.4 ( I used this for the
> configure line: ./configure --enable-fat --enable-gcov
> --disable-documentation --disable-arm-neon
> --with-include-path=/opt/openssl/include/openssl ) Took a few tried to
> finally get it to compile but I got it to use the files from
> openssl-1.1.1 so that Nettle would be up to the task.
> 
>  For each try I had to copy dbus.h from my includes folder because it
> will error out and it seems to like it right in the main folder, I've
> also tried copying the whole dbus folder from includes to the src
> folder, for 2.80 I copied the nettle includes into src because it
> couldn't find that as well.
> 
> These are the changes I did to config.h each time I tried to compile:
> This was for 2.7
> 
> #define DEFLEASE 86400 /* default lease time, 1 hour */
> #define CHUSER "dnsmasq"
> #define CHGRP "dnsmasq"
> 
> #define HAVE_LUASCRIPT */
> #define HAVE_DBUS */
> #define HAVE_IDN */
> #define HAVE_CONNTRACK */
> #define HAVE_DNSSEC */
> 
> #define LEASEFILE "/var/lib/dnsmasq/dnsmasq.leases"
> 
> For 2.8
> #define HAVE_LUASCRIPT
> #define HAVE_DBUS
> #define HAVE_IDN
> #define HAVE_LIBIDN2
> #define HAVE_CONNTRACK
> #define HAVE_DNSSEC
> 
> In the makefile I chg Lua to 5.3 because Centos only has 5.1 and I added
> this for 2.8 LIBS  = -L/usr/local/lib64 - this time I didn't copy over
> the nettle includes:
> 
> crypto.c: In function ‘dnsmasq_ecdsa_verify’:
> crypto.c:297:36: error: ‘nettle_secp_256r1’ undeclared (first use in
> this function)
>     nettle_ecc_point_init(key_256, &nettle_secp_256r1);
>                                     ^
> crypto.c:297:36: note: each undeclared identifier is reported only once
> for each function it appears in
> crypto.c:310:36: error: ‘nettle_secp_384r1’ undeclared (first use in
> this function)
>     nettle_ecc_point_init(key_384, &nettle_secp_384r1);
>                                     ^
> make[1]: *** [/mnt/sdb1/dnsmasq-2.80/Makefile:161: crypto.o] Error 1
> make[1]: Leaving directory '/mnt/sdb1/dnsmasq-2.80/src'
> make: *** [Makefile:86: all] Error 2
> 
> This is line 297: nettle_ecc_point_init(key_256, &nettle_secp_256r1);
> This is line 310: nettle_ecc_point_init(key_384, &nettle_secp_384r1);
> 
> I looked through openssl to try and see how the defined this and I can't
> remember where it was at
> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20181031/189dd344/attachment.sig>


More information about the Dnsmasq-discuss mailing list