#2697 Cannot configure with DTLS Transport
Hello,
On Ubuntu 4.2.0-27-generic #32-Ubuntu SMP Fri Jan 22 04:49:08 UTC 2016 x86_64 GNU/Linux, I'm trying to configure stable 5.7.3 with the following options:
./configure --enable-ipv6 \
--with-transports="UDPIPv6 TCPIPv6 DTLSUDP TLSTCP" \
--with-security-modules="usm ksm tsm" \
--with-mib-modules="ucd-snmp/lmSensors ip-mib/ipv4InterfaceTable ip-mib/ipv6InterfaceTable tunnel misc/ipfwacc ipfwchains/ipfwchains" \
--with-python-modules \
--with-openssl=/usr/local/ssl \
--prefix=/usr --sysconfdir=/etc --localstatedir=/var
The script complains with the following:
checking for DTLSv1_method in -lssl... no
configure: error: The DTLS based transports require the libssl library from OpenSSL to be available and support DTLS
Actually, DTLS is present by default in openssl.
There is also another error:
./build-net-snmp-stable.sh: line 19: --with-openssl=/usr/local/ssl: No such file or directory
whereas:
root@samsung-ubuntu:/usr/local/ssl# ll
total 48
drwxr-xr-x 9 root root 4096 Feb 23 14:44 ./
drwxr-xr-x 12 root root 4096 Jan 3 11:55 ../
drwxr-xr-x 2 root root 4096 Feb 23 14:44 bin/
drwxr-xr-x 2 root root 4096 May 5 2015 certs/
drwxr-xr-x 3 root root 4096 May 5 2015 include/
drwxr-xr-x 4 root root 4096 Feb 23 14:44 lib/
drwxr-xr-x 6 root root 4096 May 5 2015 man/
drwxr-xr-x 2 root root 4096 Feb 23 14:44 misc/
-rw-r--r-- 1 root root 10835 Feb 23 14:43 openssl.cnf
drwxr-xr-x 2 root root 4096 May 5 2015 private/
Something is badly broken in your configure.
you seem to have bug in your script ...
What version of OpenSSL do you have in /usr/local/lib?
I have found the ssl issue: it is in the ssl comment that comes with "configure --help":
should have been displayed as:
because the following configure openssl option passes:
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ **--with-openssl=/usr/local/ssl/lib** \ --with-systemd \ --enable-ipv6 \ --with-transports="UDP UDPIPv6 TCP TCPIPv6 TLSTCP" \ --with-security-modules="usm ksm tsm" \ --with-mib-modules="ip-mib/ipv4InterfaceTable ip-mib/ipv6InterfaceTable tunnel misc/ipfwacc agentx" \ --with-python-modulesLast edit: Jean-christophe Manciot 2016-02-24
However, there is still an issue with DTLS and even TLS:
The previous configure options lead to:
--------------------------------------------------------- Net-SNMP configuration summary: --------------------------------------------------------- SNMP Versions Supported: 1 2c 3 Building for: linux Net-SNMP Version: 5.7.3 Network transport support: Callback Unix Alias TCP UDP TCPIPv6 UDPIPv6 IPv4Base SocketBase TCPBase UDPIPv4Base UDPBase IPv6Base SNMPv3 Security Modules: usm Agent MIB code: default_modules => snmpv3mibs mibII ucd_snmp notification notification-log-mib target agent_mibs agentx disman/event disman/schedule utilities host MYSQL Trap Logging: unavailable Embedded Perl support: disabled SNMP Perl modules: building -- not embeddable SNMP Python modules: disabled Crypto support from: crypto Authentication support: MD5 SHA1 Encryption support: DES AES Local DNSSEC validation: disabled --------------------------------------------------------- **./build-net-snmp-stable.sh: line 18: --with-transports=UDP UDPIPv6 TCP TCPIPv6 DTLSUDP TLSTCP: command not found** ./build-net-snmp-stable.sh: line 21: --with-python-modules: command not foundWhere is the issue this time?
Can you upload your build-net-snmp-stable.sh? These errors that you are seeing from the shell while parsing your script sound like the script itself is what is causing you trouble (e.g., missing backslashes?)
OK, after removing some comments within the list of options which confuses configure, here's the issue:
The filename is different:
This means I'm the first one to compile with the option DTLSUDP in 1 year & a half...
Last edit: Jean-christophe Manciot 2016-02-24
You are surely not the first to do this. I do it, if not daily then at least weekly, for several Linux and BSD distributions and several branches of net-snmp.