Opened 20 months ago
Closed 19 months ago
#67233 closed defect (fixed)
oath-toolkit @2.6.6: rev-upgrade fails in trace mode with: error: use of undeclared identifier 'XMLSEC_CRYPTO'
Reported by: | cooljeanius (Eric Gallager) | Owned by: | mascguy (Christopher Nielsen) |
---|---|---|---|
Priority: | Normal | Milestone: | |
Component: | ports | Version: | 2.8.1 |
Keywords: | Cc: | Schamschula (Marius Schamschula), fracai | |
Port: | oath-toolkit |
Description
oath-toolkit got marked for rev-upgrade due to an icu update:
Could not open /opt/local/lib/libicudata.67.dylib: Error opening or reading file (referenced from /opt/local/bin/pskctool) DEBUG: Marking /opt/local/bin/pskctool as broken Could not open /opt/local/lib/libicuuc.67.dylib: Error opening or reading file (referenced from /opt/local/bin/pskctool) DEBUG: Marking /opt/local/bin/pskctool as broken Could not open /opt/local/lib/libicui18n.67.dylib: Error opening or reading file (referenced from /opt/local/bin/pskctool) DEBUG: Marking /opt/local/bin/pskctool as broken DEBUG: Marking /opt/local/lib/libpskc.0.dylib as broken DEBUG: Marking /opt/local/lib/libpskc.0.dylib as broken DEBUG: Marking /opt/local/lib/libpskc.0.dylib as broken
Unfortunately, the attempt to rebuild it failed with this error:
global.c:77:43: error: use of undeclared identifier 'XMLSEC_CRYPTO' if (xmlSecCryptoDLLoadLibrary (BAD_CAST XMLSEC_CRYPTO) < 0) ^ 1 error generated. sign.c:111:22: warning: 'xmlSecCryptoAppKeyLoad' is deprecated [-Wdeprecated-declarations] dsigCtx->signKey = xmlSecCryptoAppKeyLoad (key_file, ^ /opt/local/include/xmlsec1/xmlsec/app.h:718:1: note: 'xmlSecCryptoAppKeyLoad' has been explicitly marked deprecated here XMLSEC_DEPRECATED XMLSEC_EXPORT xmlSecKeyPtr xmlSecCryptoAppKeyLoad (const char *filename, ^ /opt/local/include/xmlsec1/xmlsec/xmlsec.h:110:42: note: expanded from macro 'XMLSEC_DEPRECATED' #define XMLSEC_DEPRECATED __attribute__((deprecated)) ^ make[4]: *** [global.lo] Error 1 make[4]: *** Waiting for unfinished jobs....
I'm on Big Sur with Xcode 13.
Attachments (1)
Change History (13)
Changed 20 months ago by cooljeanius (Eric Gallager)
Attachment: | oath-toolkit_main.log added |
---|
comment:1 Changed 20 months ago by ryandesign (Ryan Carsten Schmidt)
oath-toolkit doesn't declare a dependency on icu which is why it wasn't revbumped when icu was updated. If oath-toolkit directly uses icu it should list the dependency. However oath-toolkit depends on xmlsec which depends on libxml2 which depends on icu. xmlsec has pkg-config files and also a xmlsec1-config script. The pkg-config files correctly do not show icu libraries being directly required, however the xmlsec1-config script does show icu libraries being required, which it has to since that script could be used for either static or dynamic linking. So I suspect oath-toolkit is using xmlsec1-config to find its dependencies. The solution is to switch it to use pkg-config.
xmlsec was just updated to 1.3.0. It seems XMLSEC_CRYPTO
has been deprecated since xmlsec 1.2.21 and I guess it was removed in 1.3.0. oath-toolkit will need to stop using it.
These are probably not MacPorts-specific issues and should be reported to the developers of oath-toolkit to be fixed.
comment:2 Changed 20 months ago by ryandesign (Ryan Carsten Schmidt)
Cc: | fracai removed |
---|---|
Owner: | set to fracai |
Status: | new → assigned |
We should update to 2.6.7 but none of the changes for 2.6.7 nor the unreleased 2.6.8 in the NEWS file seem to relate to these issues.
comment:3 Changed 20 months ago by cooljeanius (Eric Gallager)
ok, reported upstream: https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/33
comment:4 follow-up: 5 Changed 20 months ago by cooljeanius (Eric Gallager)
btw here's my port-depcheck.sh
output for oath-toolkit:
$ port-depcheck.sh oath-toolkit Finding MacPorts libraries that oath-toolkit links against... Checking symbols in linked-against libraries... Checking to see if oath-toolkit actually uses symbols from libiconv... no (TODO: use sed properly to remove "libiconv" from list of dependencies) Checking to see if oath-toolkit actually uses symbols from libicudata... no (TODO: use sed properly to remove "" from list of dependencies) Checking to see if oath-toolkit actually uses symbols from libicui18n... no (TODO: use sed properly to remove "" from list of dependencies) Checking to see if oath-toolkit actually uses symbols from libicuuc... no (TODO: use sed properly to remove "" from list of dependencies) Checking to see if oath-toolkit actually uses symbols from libltdl... no (TODO: use sed properly to remove "" from list of dependencies) Checking to see if oath-toolkit actually uses symbols from liblzma... no (TODO: use sed properly to remove "" from list of dependencies) Checking to see if oath-toolkit actually uses symbols from liboath... yes Checking to see if oath-toolkit actually uses symbols from libpskc... yes Checking to see if oath-toolkit actually uses symbols from libxml2... yes Checking to see if oath-toolkit actually uses symbols from libxmlsec1... yes Checking to see if oath-toolkit actually uses symbols from libxslt... no (TODO: use sed properly to remove "libxslt" from list of dependencies) Checking to see if oath-toolkit actually uses symbols from libz... no (TODO: use sed properly to remove "" from list of dependencies) Checking libtool archives for overlinking should not be necessary for your MacPorts version (2.8.1), unless you have NOT rebuilt everything since you updated... This script does NOT know whether or not you have rebuilt as such though, so we shall assume the best of you and skip the libtool-archives check. (the libtool-archives check was just a back-up check in case the check with `nm(1)` failed, anyways, so skipping it should be harmless) Finding the libraries that /opt/local/var/macports/sources/rsync.macports.org/macports/release/tarballs/ports/security/oath-toolkit/Portfile lists as dependencies... oath-toolkit is installed with the following active variants: @2.6.6_0 So we shall find the dependencies for those variants... xmlsec Comparing the list of library linkages with the list of library dependencies... --- /var/folders/28/gnjs38js27lfysyhm4zfvx5w0000gn/T//port-depcheck.sh.23390220232.ONe9l4 2023-04-13 23:39:25.000000000 -0400 +++ /var/folders/28/gnjs38js27lfysyhm4zfvx5w0000gn/T//port-depcheck.sh.23390220231.AV9VUM 2023-04-13 23:39:11.000000000 -0400 @@ -1 +1 @@ -xmlsec + Output a diff file to /var/folders/28/gnjs38js27lfysyhm4zfvx5w0000gn/T//oath-toolkit-deps.2339022023.diff
(the script has probably bitrotted a bit since I last updated it, so I'll probably need to do some debugging to fix its suggestion to remove the xmlsec dependency, because from this bug we can see that oath-toolkit very clearly does actually use xmlsec... also, it looks like the oath-toolkit port should have a dependency on libxml2 added, too)
comment:5 Changed 20 months ago by ryandesign (Ryan Carsten Schmidt)
Replying to cooljeanius:
also, it looks like the oath-toolkit port should have a dependency on libxml2 added, too)
Ah yes. And it looks like fixing the overlinking with icu, by switching from xml2-config to pkg-config, already happened after 2.6.6 was released:
https://gitlab.com/oath-toolkit/oath-toolkit/-/commit/42cbb0acc8f8404eb46a9cd57bbe1303f7296305
comment:6 Changed 19 months ago by mascguy (Christopher Nielsen)
Cc: | mascguy added |
---|
comment:7 Changed 19 months ago by mascguy (Christopher Nielsen)
I just added an initial fix - utilizing Marius' new xmlsec-1.2
, along with declaring the various lib deps - via the following commit:
[162b897fa738da4e7c5980eb9e1402a58758c43b/macports-ports]
If there are over-linking issues, perhaps we need to refine it further. But it's a positive step forward, and fixes the build issue.
comment:8 Changed 19 months ago by mascguy (Christopher Nielsen)
Cc: | Schamschula added |
---|
comment:9 follow-up: 10 Changed 19 months ago by ryandesign (Ryan Carsten Schmidt)
I suspect the overlinking will be fixed by updating to 2.6.7, so in the same commit where that's done, please remove the transitive libxml2 deps you added.
comment:10 Changed 19 months ago by mascguy (Christopher Nielsen)
Cc: | fracai added; mascguy removed |
---|---|
Owner: | changed from fracai to mascguy |
Replying to ryandesign:
I suspect the overlinking will be fixed by updating to 2.6.7, so in the same commit where that's done, please remove the transitive libxml2 deps you added.
Sounds good, I'll take care of this later today.
comment:11 Changed 19 months ago by mascguy (Christopher Nielsen)
Things look much better with 2.6.7, relative to linkage:
$ otool -L $(which pskctool) /opt/local/bin/pskctool: /opt/local/lib/libpskc.0.dylib (compatibility version 1.0.0, current version 1.1.0) /opt/local/lib/xmlsec-1.2/lib/libxmlsec1.1.dylib (compatibility version 4.0.0, current version 4.37.0) /opt/local/lib/libltdl.7.dylib (compatibility version 11.0.0, current version 11.2.0) /opt/local/lib/libxslt.1.dylib (compatibility version 3.0.0, current version 3.37.0) /opt/local/lib/libxml2.2.dylib (compatibility version 13.0.0, current version 13.4.0) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1238.60.2) $ otool -L $(which oathtool) /opt/local/bin/oathtool: /opt/local/lib/liboath.0.dylib (compatibility version 2.0.0, current version 2.3.0) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1238.60.2) $ otool -L /opt/local/lib/libpskc.0.dylib /opt/local/lib/libpskc.0.dylib: /opt/local/lib/libpskc.0.dylib (compatibility version 1.0.0, current version 1.1.0) /opt/local/lib/xmlsec-1.2/lib/libxmlsec1.1.dylib (compatibility version 4.0.0, current version 4.37.0) /opt/local/lib/libltdl.7.dylib (compatibility version 11.0.0, current version 11.2.0) /opt/local/lib/libxslt.1.dylib (compatibility version 3.0.0, current version 3.37.0) /opt/local/lib/libxml2.2.dylib (compatibility version 13.0.0, current version 13.4.0) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1238.60.2) $ otool -L /opt/local/lib/liboath.0.dylib /opt/local/lib/liboath.0.dylib: /opt/local/lib/liboath.0.dylib (compatibility version 2.0.0, current version 2.3.0) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1238.60.2)
I'll commit the update shortly.
comment:12 Changed 19 months ago by Christopher Nielsen <mascguy@…>
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
main.log for oath-toolkit