Bug 246096 - ftp/curl 7.70.0 fails to build with error: unknown type name 'GSS_DLLIMP'
Summary: ftp/curl 7.70.0 fails to build with error: unknown type name 'GSS_DLLIMP'
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Sunpoet Po-Chuan Hsieh
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-05-01 13:53 UTC by hakan
Modified: 2020-05-25 18:50 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (sunpoet)


Attachments
Portmaster output (45.20 KB, text/plain)
2020-05-01 13:53 UTC, hakan
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description hakan 2020-05-01 13:53:48 UTC
Created attachment 214000 [details]
Portmaster output

Greetings,

I tried to update curl via portmaster and ran into the attached error.

I also got:
pkg which /usr/local/include/gssapi/gssapi.h
/usr/local/include/gssapi/gssapi.h was installed by package krb5-1.18.1

Is there any other useful information I could provide?
Comment 1 Sunpoet Po-Chuan Hsieh freebsd_committer 2020-05-01 15:04:13 UTC
I'm not familiar with portmaster.

What happened if you run "make deinstall clean install"?
Besides, are you using default versions (DEFAULT_VERSIONS in /etc/make.conf) and options? If not, what are the changes?
Comment 2 hakan 2020-05-01 15:29:06 UTC
(In reply to Sunpoet Po-Chuan Hsieh from comment #1)
I am seeing the exact same error with `make deinstall clean install`.

My make.conf looks like this:

cat /etc/make.conf
WITH_CCACHE_BUILD=yes

DEFAULT_VERSIONS+= perl5=5.30


perl5 already reached that default version so I removed it from make.conf and tried it again with the same result.
Comment 3 hakan 2020-05-01 15:42:04 UTC
Just to be sure, I downgraded to the previous version by running

 portdowngrade ftp/curl r530365 

and this builds fine with:

 make deinstall install clean
Comment 4 Michael Osipov 2020-05-04 12:59:28 UTC
The problem is related to the fact GSSAPI_BASE is on, but MIT Kerberos is installed.

root@deblndw010x - /usr/ports/ftp/curl
2108 # make debug-krb
cc -O2 -pipe  -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing  -o /tmp/debug-krb.x -I"/usr/include"  -lkrb5 -lgssapi -lgssapi_krb5    /tmp/debug-krb.c &&  ldd /tmp/debug-krb.x;  /bin/rm -f /tmp/debug-krb.x
ld: error: undefined symbol: krb5_gss_register_acceptor_identity
>>> referenced by debug-krb.c
>>>               /tmp/debug-krb-a9d39b.o:(main)
cc: error: linker command failed with exit code 1 (use -v to see invocation)
PREFIX: /usr/local
GSSAPIBASEDIR: /usr
GSSAPIINCDIR: /usr/include
GSSAPILIBDIR: /usr/lib
GSSAPILIBS: -lkrb5 -lgssapi -lgssapi_krb5
GSSAPICPPFLAGS: -I/usr/include
GSSAPILDFLAGS:
GSSAPI_CONFIGURE_ARGS: CFLAGS=-I/usr/include -O2 -pipe -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing   LDFLAGS= -L/usr/lib -L/usr/lib -fstack-protector-strong   LIBS=-lkrb5 -lgssapi -lgssapi_krb5 -lkrb5 -lgssapi -lgssapi_krb5 -L/usr/local/lib  KRB5CONFIG=/usr/bin/krb5-config
KRB5CONFIG: /usr/bin/krb5-config
CFLAGS: -O2 -pipe  -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing
LDFLAGS:   -L/usr/lib -L/usr/lib -fstack-protector-strong
LDADD:

"-isystem /usr/local/include" gets passed. Therefore header files from MIT Kerberos is used. Base headers are ignored. This is also passed to ./configure. Removing it manually makes it work:

root@deblndw010x - /usr/ports/ftp/curl
2110 # find . -name \*.so
./work/curl-7.70.0/lib/.libs/libcurl.so

root@deblndw010x - /usr/ports/ftp/curl
2111 # ldd ./work/curl-7.70.0/lib/.libs/libcurl.so
./work/curl-7.70.0/lib/.libs/libcurl.so:
        libnghttp2.so.14 => /usr/local/lib/libnghttp2.so.14 (0x800701000)
        libssl.so.111 => /usr/lib/libssl.so.111 (0x80072e000)
        libheimntlm.so.11 => /usr/lib/libheimntlm.so.11 (0x8007c5000)
        libhx509.so.11 => /usr/lib/libhx509.so.11 (0x800e00000)
        libcom_err.so.5 => /usr/lib/libcom_err.so.5 (0x8007ce000)
        libcrypto.so.111 => /lib/libcrypto.so.111 (0x800e51000)
        libasn1.so.11 => /usr/lib/libasn1.so.11 (0x80111d000)
        libwind.so.11 => /usr/lib/libwind.so.11 (0x8007d2000)
        libheimbase.so.11 => /usr/lib/libheimbase.so.11 (0x8011c3000)
        libroken.so.11 => /usr/lib/libroken.so.11 (0x8011c9000)
        libcrypt.so.5 => /lib/libcrypt.so.5 (0x8011de000)
        libz.so.6 => /lib/libz.so.6 (0x8011fe000)
        libkrb5.so.11 => /usr/lib/libkrb5.so.11 (0x801219000)
        libgssapi.so.10 => /usr/lib/libgssapi.so.10 (0x80129a000)
        libgssapi_krb5.so.10 => /usr/lib/libgssapi_krb5.so.10 (0x8012a6000)
        libthr.so.3 => /lib/libthr.so.3 (0x8012c7000)
        libc.so.7 => /lib/libc.so.7 (0x80024b000)
        libprivateheimipcc.so.11 => /usr/lib/libprivateheimipcc.so.11 (0x8012f3000)

I cannot exactly tell whether the cause is curl or /usr/ports/Mk/Uses/gssapi.mk.
Comment 5 Michael Osipov 2020-05-04 13:26:07 UTC
Here is the cause failing the build:

27ea8fc2faa4e4753a9cff0a7f48d1dba68013d6 is the first bad commit
commit 27ea8fc2faa4e4753a9cff0a7f48d1dba68013d6
Author: Daniel Stenberg <daniel@haxx.se>
Date:   Sun Mar 8 11:08:13 2020 +0100

    configure: convert -I to -isystem as a last step

    As all the -I uses in CFLAGS at that point are for system headers and
    third party libraries this helps us remove/ignore warnings on those!

    Closes #5060

 configure.ac         | 2 ++
 m4/curl-compilers.m4 | 9 ++++-----
 2 files changed, 6 insertions(+), 5 deletions(-)


I not sure whether this is really regression or simply reveals a bug in gssapi.mk. cyrus-sasl-gssapi2 compiles fine for both. I would recommend to talk to gssapi.mk's maintainer first before raising a bug upstream.
Comment 6 Michael Osipov 2020-05-04 13:35:21 UTC
(In reply to hakan from comment #3)

The bug was already present, but simply not visible:

# svn up -r530365
Updating '.':
U    Makefile
A    files/patch-lib-easy.c
U    distinfo
Updated to revision 530365.
root@deblndw011x:/usr/ports/ftp/curl
# make debug-krb
cc -O2 -pipe  -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing  -o /tmp/debug-krb.x -I"/usr/include"  -lkrb5 -lgssapi -lgssapi_krb5    /tmp/debug-krb.c &&  ldd /tmp/debug-krb.x;  /bin/rm -f /tmp/debug-krb.x
ld: error: undefined symbol: krb5_gss_register_acceptor_identity
>>> referenced by debug-krb.c
>>>               /tmp/debug-krb-a62152.o:(main)
cc: error: linker command failed with exit code 1 (use -v to see invocation)
PREFIX: /usr/local
GSSAPIBASEDIR: /usr
GSSAPIINCDIR: /usr/include
GSSAPILIBDIR: /usr/lib
GSSAPILIBS: -lkrb5 -lgssapi -lgssapi_krb5
GSSAPICPPFLAGS: -I/usr/include
GSSAPILDFLAGS:
GSSAPI_CONFIGURE_ARGS: CFLAGS=-I/usr/include -O2 -pipe -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing   LDFLAGS= -L/usr/lib -L/usr/lib -fstack-protector-strong   LIBS=-lkrb5 -lgssapi -lgssapi_krb5 -lkrb5 -lgssapi -lgssapi_krb5 -L/usr/local/lib  KRB5CONFIG=/usr/bin/krb5-config
KRB5CONFIG: /usr/bin/krb5-config
CFLAGS: -O2 -pipe  -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing
LDFLAGS:   -L/usr/lib -L/usr/lib -fstack-protector-strong
LDADD:
Comment 7 Michael Osipov 2020-05-04 13:54:38 UTC
OK, I have found the cause, but don't know how to fix it.
Here is the bug:

root@deblndw011x:/usr/ports/ftp/curl
# make -V CPPFLAGS
-I"/usr/include" -DCURL_DISABLE_NTLM -I/usr/include -isystem /usr/local/include

root@deblndw011x:/usr/ports/Mk/Uses
# grep -r isystem ..
../Uses/compiler.mk:CXXFLAGS+=  -nostdinc++ -isystem /usr/include/c++/v1
../Uses/localbase.mk:CPPFLAGS+= -isystem ${LOCALBASE}/include
../Uses/localbase.mk:CFLAGS+=   -isystem ${LOCALBASE}/include
../Uses/localbase.mk:CXXFLAGS+= -isystem ${LOCALBASE}/include

root@deblndw011x:/usr/ports/ftp/curl
# grep -r localbase .
./Makefile:USES=                cpe libtool localbase pathfix perl5 shebangfix tar:xz

Basically, localbase kills the environment!
Comment 8 Michael Osipov 2020-05-04 14:01:54 UTC
this patch makes it work again:

root@deblndw011x:/usr/ports/ftp/curl
# svn diff
Index: Makefile
===================================================================
--- Makefile    (revision 533925)
+++ Makefile    (working copy)
@@ -43,7 +43,7 @@
 THREADED_RESOLVER_DESC=        Threaded DNS resolver
 TLS_SRP_DESC=          TLS-SRP (Secure Remote Password) support

-USES=          cpe libtool localbase pathfix perl5 shebangfix tar:xz
+USES=          cpe libtool pathfix perl5 shebangfix tar:xz
 USE_PERL5=     build

 CONFIGURE_ARGS=        --disable-werror \

root@deblndw011x:/usr/ports/ftp/curl
# make debug-krb
cc -O2 -pipe  -fstack-protector-strong -fno-strict-aliasing  -o /tmp/debug-krb.x -I"/usr/include"  -lkrb5 -lgssapi -lgssapi_krb5    /tmp/debug-krb.c &&  ldd /tmp/debug-krb.x;  /bin/rm -f /tmp/debug-krb.x
/tmp/debug-krb.x:
        libkrb5.so.11 => /usr/lib/libkrb5.so.11 (0x80024a000)
        libgssapi.so.10 => /usr/lib/libgssapi.so.10 (0x8002cb000)
        libgssapi_krb5.so.10 => /usr/lib/libgssapi_krb5.so.10 (0x8002d7000)
        libc.so.7 => /lib/libc.so.7 (0x8002f8000)
        libasn1.so.11 => /usr/lib/libasn1.so.11 (0x8006ef000)
        libcom_err.so.5 => /usr/lib/libcom_err.so.5 (0x800795000)
        libcrypt.so.5 => /lib/libcrypt.so.5 (0x800799000)
        libcrypto.so.111 => /lib/libcrypto.so.111 (0x8007b9000)
        libhx509.so.11 => /usr/lib/libhx509.so.11 (0x800a85000)
        libroken.so.11 => /usr/lib/libroken.so.11 (0x800ad6000)
        libwind.so.11 => /usr/lib/libwind.so.11 (0x800aeb000)
        libheimbase.so.11 => /usr/lib/libheimbase.so.11 (0x800b15000)
        libprivateheimipcc.so.11 => /usr/lib/libprivateheimipcc.so.11 (0x800b1b000)
        libthr.so.3 => /lib/libthr.so.3 (0x800b20000)
PREFIX: /usr/local
GSSAPIBASEDIR: /usr
GSSAPIINCDIR: /usr/include
GSSAPILIBDIR: /usr/lib
GSSAPILIBS: -lkrb5 -lgssapi -lgssapi_krb5
GSSAPICPPFLAGS: -I/usr/include
GSSAPILDFLAGS:
GSSAPI_CONFIGURE_ARGS: CFLAGS=-I/usr/include -O2 -pipe -fstack-protector-strong -fno-strict-aliasing   LDFLAGS= -L/usr/lib -L/usr/lib -fstack-protector-strong   LIBS=-lkrb5 -lgssapi -lgssapi_krb5 -lkrb5 -lgssapi -lgssapi_krb5  KRB5CONFIG=/usr/bin/krb5-config
KRB5CONFIG: /usr/bin/krb5-config
CFLAGS: -O2 -pipe  -fstack-protector-strong -fno-strict-aliasing
LDFLAGS:   -L/usr/lib -L/usr/lib -fstack-protector-strong
LDADD:
Comment 9 Michael Osipov 2020-05-20 19:39:24 UTC
Port maintainer, can we make progress here? I have provided a lot of information to solve this issue.
Comment 10 Sunpoet Po-Chuan Hsieh freebsd_committer 2020-05-25 17:29:30 UTC
I could build this port successfully with GSSAPI_BASE (default), GSSAPI_MIT or GSSAPI_HEIDMAL.

(In reply to Michael Osipov from comment #4)

> The problem is related to the fact GSSAPI_BASE is on, but MIT Kerberos is installed.

You should always choose the proper GSSAPI option.
If you use MIT Kerberos, you should choose GSSAPI_MIT.

(In reply to Michael Osipov from comment #6)

With GSSAPI_MIT:
% make debug-krb
cc -O2 -pipe  -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing  -o /tmp/debug-krb.x -I"/usr/local/include"  -lkrb5 -lgssapi_krb5 -L"/usr/local/lib" -Wl,-rpath,/usr/local/lib  /tmp/debug-krb.c &&  ldd /tmp/debug-krb.x;  /bin/rm -f /tmp/debug-krb.x
/tmp/debug-krb.x:
        libkrb5.so.3.3 => /usr/local/lib/libkrb5.so.3.3 (0x800823000)
        libgssapi_krb5.so.2.2 => /usr/local/lib/libgssapi_krb5.so.2.2 (0x800b0d000)
        libc.so.7 => /lib/libc.so.7 (0x800d5f000)
        libk5crypto.so.3.1 => /usr/local/lib/libk5crypto.so.3.1 (0x80111a000)
        libcom_err.so.3.0 => /usr/local/lib/libcom_err.so.3.0 (0x80134a000)
        libkrb5support.so.0.1 => /usr/local/lib/libkrb5support.so.0.1 (0x80154d000)
        libintl.so.8 => /usr/local/lib/libintl.so.8 (0x80175c000)
PREFIX: /usr/local
GSSAPIBASEDIR: /usr/local
GSSAPIINCDIR: /usr/local/include
GSSAPILIBDIR: /usr/local/lib
GSSAPILIBS: -lkrb5 -lgssapi_krb5
GSSAPICPPFLAGS: -I/usr/local/include
GSSAPILDFLAGS: -L/usr/local/lib
GSSAPI_CONFIGURE_ARGS: CFLAGS=-I/usr/local/include -O2 -pipe -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing   LDFLAGS=-L/usr/local/lib -L/usr/local/lib -L/usr/lib -Wl,-rpath,/usr/local/lib:/usr/lib -L/usr/lib -fstack-protector-strong   LIBS=-lkrb5 -lgssapi_krb5 -lkrb5 -lgssapi_krb5 -L/usr/local/lib  KRB5CONFIG=/usr/local/bin/krb5-config
KRB5CONFIG: /usr/local/bin/krb5-config
CFLAGS: -O2 -pipe  -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing
LDFLAGS:  -L/usr/local/lib -L/usr/lib -Wl,-rpath,/usr/local/lib:/usr/lib -L/usr/lib -fstack-protector-strong
LDADD:
Comment 11 Michael Osipov 2020-05-25 18:50:50 UTC
I do not fully agree. Even if MIT Kerberos is installed, this shouldn't force me to compile with it. I should work with base. Other ports do work too. I think this has to be discussed with LOCALBASE and GSSAPI .mk maintainers.

Especially because that this is issue is very hard to find for most admins users as you can see I have put a lot of dev effort into it.