[gnutls-help] Bug#964284: guile-gnutls: update to use guile 3.0

Ludovic Courtès ludo at gnu.org
Fri Feb 5 15:22:40 CET 2021

Hi all,

Ludovic Courtès <ludo at gnu.org> skribis:

> Where to go from here?  Here are options that come to mind:
>   • Configure Nettle with ‘--enable-mini-gmp’.  However, the manual
>     mentions that it’s “slower” and “more likely to leak side-channel
>     information” (info "(nettle) Installation").

I tried building GnuTLS against Nettle-with-mini-GMP, but GnuTLS still
adds a dependency on GMP; quoth ‘hooks.m4’:

--8<---------------cut here---------------start------------->8---
  if test "$mini_nettle" != no;then
    if test x$GMP_LIBS = x; then
	AC_CHECK_LIB(gmp, __gmpz_cmp, [GMP_LIBS="-lgmp"], [AC_MSG_ERROR([[
*** gmp was not found.
--8<---------------cut here---------------end--------------->8---

GMP is used by ‘GNUTLS/lib/nettle/ecc/eccdata.c’ in particular.  That
makes the use of Nettle-with-mini-GMP moot.

The other option is to build GnuTLS with ‘--with-nettle-mini’ to use a
bundled Nettle containing mini-GMP, but the ‘configure’ script bails out
anyway if Nettle is not found, making this option unusable AFAICS.  From

--8<---------------cut here---------------start------------->8---
  PKG_CHECK_MODULES(NETTLE, [nettle >= $NETTLE_MINIMUM], [cryptolib="nettle"], [
  *** Libnettle $NETTLE_MINIMUM was not found.
--8<---------------cut here---------------end--------------->8---

Adding Nettle to the build environment *and* passing
‘--with-nettle-mini’ leads to the GMP link error already mentioned:

--8<---------------cut here---------------start------------->8---
/tmp/guix-build-gnutls-3.6.15.drv-0/gnutls-3.6.15/lib/nettle/ecc/eccdata.c:1273: undefined reference to `__gmpz_add_ui'
ld: /tmp/guix-build-gnutls-3.6.15.drv-0/gnutls-3.6.15/lib/nettle/ecc/eccdata.c:1274: undefined reference to `__gmpz_fdiv_q_2exp'
ld: /tmp/guix-build-gnutls-3.6.15.drv-0/gnutls-3.6.15/lib/nettle/ecc/eccdata.c:1299: undefined reference to `__gmpz_add_ui'
--8<---------------cut here---------------end--------------->8---

(This is all with 3.6.15.)

>   • Have Guile use mini-GMP; this is not implemented yet.
>   • In Guile-GnuTLS, arrange so that GnuTLS allocations are made through
>     libgc.  Unfortunately, ‘gnutls_global_set_mem_functions’ was
>     deprecated in GnuTLS 3.3.0 so this doesn’t look like an option.
>   • Build Guile with ‘scm_install_gmp_memory_functions = 0’.  This would
>     have a negative impact on the performance of bignum-heavy workloads
>     such as the compiler itself.
> I can’t think of a good workaround.  Thoughts?

I’d still appreciate feedback and suggestions.  :-)


More information about the Gnutls-help mailing list