Installing Mandos (Client and Server) on Ubuntu 16.04

Teddy Hogeborn teddy at recompile.se
Sun Oct 30 05:00:32 CET 2016 

Paul Schulz <paul at mawsonlakes.org> writes:

> I have installed the 16.04 default packages of 'mandos' and
> 'mandos-client' (version 1.7.1) on my network, but it doesn't appear
> to be working correctly.
>
> So.. my preferences to fix this are:
> (1) Install a later version via a package - 1.7.13.
> Is there a preferred package source (or ppa?) for Ubuntu 14.04.

Here are instructions to compile Mandos packages on and for Ubuntu 14.04
(also attached):

# Install build dependencies
sudo apt-get install build-essential debhelper docbook-xml docbook-xsl libavahi-core-dev libgpgme11-dev libgnutls28-dev xsltproc pkg-config libnl-route-3-dev

# Download latest version (tested with rev. 886, 2016-10-30 04:02:49 +0100)
bzr branch https://ftp.recompile.se/pub/mandos/trunk mandos
cd mandos

# Back out change for GnuTLS 3.3
bzr merge . --revision 812..811

# Change Debian package dependency from GnuTLS 3.3 to 3.2.11
sed --in-place --expression='s/libgnutls28-dev (>= 3.3.0)/libgnutls28-dev (>= 3.2.11)/' debian/control

# Use GnuPG 2 even with libgpgme11 version 1.4.3
sed --in-place --expression='s/ ge 1\.5\.0-0\.1/ ge 1.4.3/' initramfs-tools-hook

# Remove build dependency on systemd
sed --in-place --expression='s/Build-Depends-Indep: systemd, /Build-Depends-Indep: /' debian/control

# Patch server to do the things necessary in GnuTLS before version 3.3
patch --strip=0 <<EOF
--- mandos	2016-10-29 13:44:49 +0000
+++ mandos	2016-10-29 13:46:03 +0000
@@ -512,7 +512,7 @@
         library = ctypes.util.find_library("gnutls-deb0")
     _library = ctypes.cdll.LoadLibrary(library)
     del library
-    _need_version = b"3.3.0"
+    _need_version = b"3.2.11"
 
     def __init__(self):
         # Need to use "self" here, since this method is called before
@@ -520,6 +520,12 @@
         if self.check_version(self._need_version) is None:
             raise self.Error("Needs GnuTLS {} or later"
                              .format(self._need_version))
+        self.global_init()
+
+    def __del__(self):
+        # Need to use "self" here, since this method could be called
+        # after the "gnutls" global variable is unbound.
+        self.global_deinit()
 
     # Unless otherwise indicated, the constants and types below are
     # all from the gnutls/gnutls.h C header file.
@@ -645,6 +651,14 @@
     # all from the gnutls/gnutls.h C header file.
 
     # Functions
+    global_init = _library.gnutls_global_init
+    global_init.argtypes = []
+    global_init.restype = _error_code
+
+    global_deinit = _library.gnutls_global_deinit
+    global_deinit.argtypes = []
+    global_deinit.restype = None
+
     priority_set_direct = _library.gnutls_priority_set_direct
     priority_set_direct.argtypes = [session_t, ctypes.c_char_p,
                                     ctypes.POINTER(ctypes.c_char_p)]

EOF

# Try to build - this will fail with "*.tar.gz.pgp has unknown extension"
bzr builddeb --builder='debuild -i -us -uc -b'

# Remove the offending file
rm ../build-area/mandos_*.orig.tar.gz.pgp

# Try to build again - this should succeed
bzr builddeb --builder='debuild -i -us -uc -b'

/Teddy Hogeborn

-- 
The Mandos Project
https://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: build-mandos-on-ubuntu-14.04
Type: text/x-sh
Size: 2655 bytes
Desc: build-mandos-on-ubuntu-14.04
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20161030/4cb054a9/attachment.sh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20161030/4cb054a9/attachment.sig>

More information about the Mandos-Dev mailing list