From 4115e8ea3bd3d64e7e2c85c74a4ea12bf0a81241 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 4 Dec 2018 16:57:41 +0100 Subject: gnu: json-glib: Update to 1.4.4. * gnu/packages/patches/json-glib-fix-tests-32bit.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. * gnu/packages/gnome.scm (json-glib): Update to 1.4.4. [source](patches): Remove. --- gnu/packages/gnome.scm | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'gnu/packages/gnome.scm') diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index b497b965bc..9652f32fb0 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -2292,16 +2292,15 @@ configuration storage systems.") (define-public json-glib (package (name "json-glib") - (version "1.4.2") + (version "1.4.4") (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/" name "/" (version-major+minor version) "/" name "-" version ".tar.xz")) - (patches (search-patches "json-glib-fix-tests-32bit.patch")) (sha256 (base32 - "1j3dd2xj1l9fi12m1gpmfgf5p4c1w0i970m6k62k3is98yj0jxrd")))) + "0ixwyis47v5bkx6h8a1iqlw3638cxcv57ivxv4gw2gaig51my33j")))) (build-system meson-build-system) (native-inputs `(("gettext" ,gettext-minimal) -- cgit 1.4.1 From 06f5bc4e12a78883c6f4a543711311bd66e6832b Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Mon, 10 Dec 2018 02:38:32 +0100 Subject: gnu: GnuTLS: Update to 3.6.5. * gnu/packages/patches/gnutls-skip-pkgconfig-test.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. * gnu/packages/tls.scm (gnutls): Update to 3.6.5. [source](patches): Remove obsolete. [source](snippet): Add Guile detection fix. * gnu/packages/gnome.scm (libsoup)[arguments]: Adjust 'certtool' invokation to cope with the new API. --- gnu/local.mk | 1 - gnu/packages/gnome.scm | 3 ++- .../patches/gnutls-skip-pkgconfig-test.patch | 24 ---------------------- gnu/packages/tls.scm | 17 ++++++++++----- 4 files changed, 14 insertions(+), 31 deletions(-) delete mode 100644 gnu/packages/patches/gnutls-skip-pkgconfig-test.patch (limited to 'gnu/packages/gnome.scm') diff --git a/gnu/local.mk b/gnu/local.mk index 0d279e55eb..3f2ca7a845 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -772,7 +772,6 @@ dist_patch_DATA = \ %D%/packages/patches/gnucash-price-quotes-perl.patch \ %D%/packages/patches/gnucash-disable-failing-tests.patch \ %D%/packages/patches/gnutls-skip-trust-store-test.patch \ - %D%/packages/patches/gnutls-skip-pkgconfig-test.patch \ %D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \ %D%/packages/patches/gobject-introspection-cc.patch \ %D%/packages/patches/gobject-introspection-girepository.patch \ diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 9d8e4a8d33..cea9445191 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -2556,7 +2556,8 @@ libxml to ease remote use of the RESTful API.") "" ;URI of subject "127.0.0.1" ;IP address of subject "" ;signing? - "" ;encryption? + "" ;encryption (RSA)? + "" ;data encryption? "" ;sign OCSP requests? "" ;sign code? "" ;time stamping? diff --git a/gnu/packages/patches/gnutls-skip-pkgconfig-test.patch b/gnu/packages/patches/gnutls-skip-pkgconfig-test.patch deleted file mode 100644 index 1fad7c14e3..0000000000 --- a/gnu/packages/patches/gnutls-skip-pkgconfig-test.patch +++ /dev/null @@ -1,24 +0,0 @@ -FIXME: The static test fails with an error such as: - -/tmp/guix-build-gnutls-3.5.13.drv-0/ccOnGPmc.o: In function `main': -c.29617.tmp.c:(.text+0x5): undefined reference to `gnutls_global_init' -collect2: error: ld returned 1 exit status -FAIL pkgconfig.sh (exit status: 1) - -diff --git a/tests/pkgconfig.sh b/tests/pkgconfig.sh -index 6bd4e62f9..05aab8278 100755 ---- a/tests/pkgconfig.sh -+++ b/tests/pkgconfig.sh -@@ -57,11 +57,7 @@ echo "Trying dynamic linking with:" - echo " * flags: $(${PKGCONFIG} --libs gnutls)" - echo " * common: ${COMMON}" - echo " * lib: ${CFLAGS}" --cc ${TMPFILE} -o ${TMPFILE_O} $(${PKGCONFIG} --libs gnutls) $(${PKGCONFIG} --cflags gnutls) ${COMMON} -- --echo "" --echo "Trying static linking with $(${PKGCONFIG} --libs --static gnutls)" --cc ${TMPFILE} -o ${TMPFILE_O} $(${PKGCONFIG} --static --libs gnutls) $(${PKGCONFIG} --cflags gnutls) ${COMMON} -+gcc ${TMPFILE} -o ${TMPFILE_O} $(${PKGCONFIG} --libs gnutls) $(${PKGCONFIG} --cflags gnutls) ${COMMON} - - rm -f ${TMPFILE} ${TMPFILE_O} - diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index d9971441c6..73be90d0d3 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -162,7 +162,7 @@ living in the same process.") (define-public gnutls (package (name "gnutls") - (version "3.5.18") + (version "3.6.5") (source (origin (method url-fetch) (uri @@ -171,12 +171,19 @@ living in the same process.") (string-append "mirror://gnupg/gnutls/v" (version-major+minor version) "/gnutls-" version ".tar.xz")) - (patches - (search-patches "gnutls-skip-trust-store-test.patch" - "gnutls-skip-pkgconfig-test.patch")) + (patches (search-patches "gnutls-skip-trust-store-test.patch")) (sha256 (base32 - "0d02x28fwkkx7xzn7807nww6idchizzq3plx8sfcyiw7wzclh8mf")))) + "0ddvg97dyrh8dkffv1mdc0knxx5my3qdbzv97s4a6jggmk9wwgh7")) + (modules '((guix build utils))) + (snippet + '(begin + ;; XXX: The generated configure script in GnuTLS 3.6.5 + ;; apparently does not know about Guile 2.2. + (substitute* "configure" + (("guile_versions_to_search=\"2\\.0 1\\.8\"") + "guile_versions_to_search=\"2.2 2.0 1.8\"")) + #t)))) (build-system gnu-build-system) (arguments `(; Ensure we don't keep a reference to this buggy software. -- cgit 1.4.1 From 6521155212990e22a903ea7a89da676cb2a09499 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Mon, 10 Dec 2018 07:39:52 +0100 Subject: gnu: glib-networking: Update to 2.58.0. * gnu/packages/gnome.scm (glib-networking): Update to 2.58.0. [build-system]: Change to MESON-BUILD-SYSTEM. [arguments]: Explicitly disable libproxy; add phase to appease tests. (libgdata, libsoup)[arguments]: Remove phase that sets SSL_CERT_FILE. * gnu/packages/spice.scm (spice)[arguments]: Likewise. * gnu/packages/web.scm (uhttpmock)[arguments]: Likewise. --- gnu/local.mk | 1 - gnu/packages/gnome.scm | 43 ++++++---------------- .../patches/glib-networking-ssl-cert-file.patch | 29 --------------- gnu/packages/spice.scm | 6 +-- gnu/packages/web.scm | 9 ----- 5 files changed, 12 insertions(+), 76 deletions(-) delete mode 100644 gnu/packages/patches/glib-networking-ssl-cert-file.patch (limited to 'gnu/packages/gnome.scm') diff --git a/gnu/local.mk b/gnu/local.mk index 3f2ca7a845..03627b98c1 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -741,7 +741,6 @@ dist_patch_DATA = \ %D%/packages/patches/ghostscript-no-header-uuid.patch \ %D%/packages/patches/ghostscript-no-header-creationdate.patch \ %D%/packages/patches/giflib-make-reallocarray-private.patch \ - %D%/packages/patches/glib-networking-ssl-cert-file.patch \ %D%/packages/patches/glib-tests-timer.patch \ %D%/packages/patches/glibc-CVE-2015-5180.patch \ %D%/packages/patches/glibc-CVE-2015-7547.patch \ diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index cea9445191..95bfcaf564 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -360,12 +360,6 @@ formats like PNG, SVG, PDF and EPS.") (arguments '(#:phases (modify-phases %standard-phases - (add-before 'check 'use-empty-ssl-cert-file - (lambda _ - ;; The ca-certificates.crt is not available in the build - ;; environment. - (setenv "SSL_CERT_FILE" "/dev/null") - #t)) (add-before 'check 'disable-failing-tests (lambda _ ;; The PicasaWeb API tests fail with gnome-online-accounts@3.24.2. @@ -2396,7 +2390,7 @@ library.") (define-public glib-networking (package (name "glib-networking") - (version "2.54.1") + (version "2.58.0") (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/glib-networking/" @@ -2404,29 +2398,17 @@ library.") name "-" version ".tar.xz")) (sha256 (base32 - "0bq16m9nh3gcz9x2fvygr0iwxd2pxcbrm3lj3kihsnh1afv8g9za")) - (patches - (search-patches "glib-networking-ssl-cert-file.patch")))) - (build-system gnu-build-system) + "0s006gs9nsq6mg31spqha1jffzmp6qjh10y27h0fxf1iw1ah5ymx")))) + (build-system meson-build-system) (arguments - `(#:configure-flags - '("--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt") - #:phases - (modify-phases %standard-phases - (add-before 'configure 'patch-giomoduledir - ;; Install GIO modules into $out/lib/gio/modules. - (lambda _ - (substitute* "configure" - (("GIO_MODULE_DIR=.*") - (string-append "GIO_MODULE_DIR=" %output - "/lib/gio/modules\n"))) - #t)) - (add-before 'check 'use-empty-ssl-cert-file - (lambda _ - ;; The ca-certificates.crt is not available in the build - ;; environment. - (setenv "SSL_CERT_FILE" "/dev/null") - #t))))) + `(#:configure-flags '("-Dlibproxy_support=false") + #:phases (modify-phases %standard-phases + (add-before 'check 'disable-TLSv1.3 + (lambda _ + ;; XXX: One test fails when TLS 1.3 is enabled, fixed in 2.60.0: + ;; . + (setenv "G_TLS_GNUTLS_PRIORITY" "NORMAL:-VERS-TLS1.3") + #t))))) (native-inputs `(("pkg-config" ,pkg-config) ("intltool" ,intltool))) @@ -2516,9 +2498,6 @@ libxml to ease remote use of the RESTful API.") ;; The 'check-local' target runs 'env LANG=C sort -u', ;; unset 'LC_ALL' to make 'LANG' working. (unsetenv "LC_ALL") - ;; The ca-certificates.crt is not available in the build - ;; environment. - (setenv "SSL_CERT_FILE" "/dev/null") ;; HTTPD in Guix uses mod_event and does not build prefork. (substitute* "tests/httpd.conf" (("^LoadModule mpm_prefork_module.*$") "\n")) diff --git a/gnu/packages/patches/glib-networking-ssl-cert-file.patch b/gnu/packages/patches/glib-networking-ssl-cert-file.patch deleted file mode 100644 index 32bdd0790f..0000000000 --- a/gnu/packages/patches/glib-networking-ssl-cert-file.patch +++ /dev/null @@ -1,29 +0,0 @@ -From b010e41346d418220582c20ab8d7f3971e4fb78a Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?=E5=AE=8B=E6=96=87=E6=AD=A6?= -Date: Fri, 14 Aug 2015 17:28:36 +0800 -Subject: [PATCH] gnutls: Allow overriding the anchor file location by - 'SSL_CERT_FILE' - ---- - tls/gnutls/gtlsbackend-gnutls.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/tls/gnutls/gtlsbackend-gnutls.c b/tls/gnutls/gtlsbackend-gnutls.c -index 55ec1a5..217d3c8 100644 ---- a/tls/gnutls/gtlsbackend-gnutls.c -+++ b/tls/gnutls/gtlsbackend-gnutls.c -@@ -101,8 +101,10 @@ g_tls_backend_gnutls_real_create_database (GTlsBackendGnutls *self, - GError **error) - { - const gchar *anchor_file = NULL; -+ anchor_file = g_getenv ("SSL_CERT_FILE"); - #ifdef GTLS_SYSTEM_CA_FILE -- anchor_file = GTLS_SYSTEM_CA_FILE; -+ if (!anchor_file) -+ anchor_file = GTLS_SYSTEM_CA_FILE; - #endif - return g_tls_file_database_new (anchor_file, error); - } --- -2.4.3 - diff --git a/gnu/packages/spice.scm b/gnu/packages/spice.scm index 94e6aa8438..8ab5a335c8 100644 --- a/gnu/packages/spice.scm +++ b/gnu/packages/spice.scm @@ -213,11 +213,7 @@ which allows users to view a desktop computing environment.") "--enable-automated-tests") ;; Several tests appear to be opening the same sockets concurrently. - #:parallel-tests? #f - - #:phases (modify-phases %standard-phases - (add-before 'check 'use-empty-ssl-cert-file - (lambda _ (setenv "SSL_CERT_FILE" "/dev/null") #t))))) + #:parallel-tests? #f)) (synopsis "Server implementation of the SPICE protocol") (description "SPICE is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 9b85bb4309..0aa0b321ff 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -4243,15 +4243,6 @@ you'd expect.") (base32 "163py4klka423x7li2b685gmg3a6hjf074mlff2ajhmi3l0lm8x6")))) (build-system glib-or-gtk-build-system) - (arguments - `(#:phases - (modify-phases %standard-phases - (add-before 'check 'use-empty-ssl-cert-file - (lambda _ - ;; Search for ca-certificates.crt files - ;; during the check phase. - (setenv "SSL_CERT_FILE" "/dev/null") - #t))))) (native-inputs `(("gobject-introspection" ,gobject-introspection) ;; For check phase. -- cgit 1.4.1 From 1262be5c61ce6508990e67ac161605bbc9bda923 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Thu, 27 Dec 2018 12:55:11 +0200 Subject: gnu: glib-networking: Work around test failure. * gnu/packages/gnome.scm (glib-networking)[source]: Add patch. * gnu/packages/patches/glib-networking-connection.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. --- gnu/local.mk | 1 + gnu/packages/gnome.scm | 3 +- .../patches/glib-networking-connection.patch | 51 ++++++++++++++++++++++ 3 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/glib-networking-connection.patch (limited to 'gnu/packages/gnome.scm') diff --git a/gnu/local.mk b/gnu/local.mk index b55382cc5d..158d157395 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -742,6 +742,7 @@ dist_patch_DATA = \ %D%/packages/patches/ghostscript-no-header-creationdate.patch \ %D%/packages/patches/giflib-make-reallocarray-private.patch \ %D%/packages/patches/glib-tests-timer.patch \ + %D%/packages/patches/glib-networking-connection.patch \ %D%/packages/patches/glibc-CVE-2015-5180.patch \ %D%/packages/patches/glibc-CVE-2015-7547.patch \ %D%/packages/patches/glibc-CVE-2016-3075.patch \ diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 95bfcaf564..49872e6afe 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -2398,7 +2398,8 @@ library.") name "-" version ".tar.xz")) (sha256 (base32 - "0s006gs9nsq6mg31spqha1jffzmp6qjh10y27h0fxf1iw1ah5ymx")))) + "0s006gs9nsq6mg31spqha1jffzmp6qjh10y27h0fxf1iw1ah5ymx")) + (patches (search-patches "glib-networking-connection.patch")))) (build-system meson-build-system) (arguments `(#:configure-flags '("-Dlibproxy_support=false") diff --git a/gnu/packages/patches/glib-networking-connection.patch b/gnu/packages/patches/glib-networking-connection.patch new file mode 100644 index 0000000000..f64b090ae5 --- /dev/null +++ b/gnu/packages/patches/glib-networking-connection.patch @@ -0,0 +1,51 @@ +https://gitlab.gnome.org/GNOME/glib-networking/issues/4 +https://gitlab.gnome.org/GNOME/glib-networking/commit/55daf3e5fd4bc9e4ebad1a9eab93f852dcbf527e.patch +This ultimately rejected work-around should be removed with the next +release, as the bug has supposedly been fixed for real. + + +From 55daf3e5fd4bc9e4ebad1a9eab93f852dcbf527e Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Thu, 19 Jul 2018 11:16:35 -0500 +Subject: [PATCH] Fix intermittent failures in missing client private key test + +Because our APIs do nice things like encapsulating the TLS connection +establishment, we have our test server writing to the client after +establishing the TCP connection, because the TLS connection is +established. It's fine in theory, but results in some weirdness like the +server seeing its write having completed successfully before TLS +connection establishment. Normally that's what happens and this test +passes (server sees no error), but sometimes the server sees that the +client has already failed and the test fails. + +This is unfortunate, and tricky to fix properly, so let's just remove +the bad check. The point of the test is to ensure that the TLS +connection is not established, and the client-side check is going to +have to be sufficient, because rewriting the test to wait for the TLS +connection to be established on the server side is quite tricky: my +naive attempt resulted in both sides waiting forever on the other. + +P.S. At no point in this test does the server ever examine the client +certificate. That's not quite what I expected when I added the test, but +it's fine. + +Fixes #4 +--- + tls/tests/connection.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/tls/tests/connection.c b/tls/tests/connection.c +index 94645c3..390275d 100644 +--- a/tls/tests/connection.c ++++ b/tls/tests/connection.c +@@ -1125,7 +1125,6 @@ test_client_auth_fail_missing_client_private_key (TestConnection *test, + g_main_loop_run (test->loop); + + g_assert_error (test->read_error, G_TLS_ERROR, G_TLS_ERROR_CERTIFICATE_REQUIRED); +- g_assert_no_error (test->server_error); + } + + static void +-- +2.18.1 + -- cgit 1.4.1 From 965ff0233e16174d4a012bbb28964caf3a06f124 Mon Sep 17 00:00:00 2001 From: Oleg Pykhalov Date: Mon, 4 Feb 2019 00:31:26 +0300 Subject: gnu: gtk-vnc: Update to 0.9.0. * gnu/packages/gnome.scm (gtk-vnc): Update to 0.9.0. --- gnu/packages/gnome.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/gnome.scm') diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index a6f0c7fbf1..4f2b24b8ee 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -5658,7 +5658,7 @@ like switching to windows and launching applications.") (define-public gtk-vnc (package (name "gtk-vnc") - (version "0.7.1") + (version "0.9.0") (source (origin (method url-fetch) @@ -5667,7 +5667,7 @@ like switching to windows and launching applications.") name "-" version ".tar.xz")) (sha256 (base32 - "1cdaywj5lqnl5b22qzd7k7lmacsnmk8b8rc4drk6gvqmcrlsljzk")))) + "1dya1wc9vis8h0fv625pii1n70cckf1xjg1m2hndz989d118i6is")))) (build-system gnu-build-system) (arguments '(#:configure-flags '("--with-gtk=3.0"))) -- cgit 1.4.1