diff options
| author | Zach van Rijn <me@zv.io> | 2022-05-08 03:29:06 +0000 |
|---|---|---|
| committer | Zach van Rijn <me@zv.io> | 2022-06-12 23:51:39 +0000 |
| commit | a3555c1473f8b70467e4cdc2c483f5f19d6d3910 (patch) | |
| tree | 92c9ce5a274245b6fa775aaf576dce4a27575ca3 | |
| parent | 0dbe8927a9cbd0e78c7cea75e0bb72ff955157b3 (diff) | |
| download | packages-a3555c1473f8b70467e4cdc2c483f5f19d6d3910.tar.gz packages-a3555c1473f8b70467e4cdc2c483f5f19d6d3910.tar.bz2 packages-a3555c1473f8b70467e4cdc2c483f5f19d6d3910.tar.xz packages-a3555c1473f8b70467e4cdc2c483f5f19d6d3910.zip | |
user/gnutls: bump { 3.6.16 --> 3.7.4 }.
| -rw-r--r-- | user/gnutls/APKBUILD | 10 | ||||
| -rw-r--r-- | user/gnutls/disable-certtool-test.patch | 33 | ||||
| -rw-r--r-- | user/gnutls/gnulib-tests-dont-require-gpg-passphrase.patch | 10 | ||||
| -rw-r--r-- | user/gnutls/tests-certtool.patch | 33 |
4 files changed, 37 insertions, 49 deletions
diff --git a/user/gnutls/APKBUILD b/user/gnutls/APKBUILD index 08967d27a..a88d25db0 100644 --- a/user/gnutls/APKBUILD +++ b/user/gnutls/APKBUILD @@ -2,7 +2,7 @@ # Contributor: Michael Mason <ms13sp@gmail.com> # Maintainer: Zach van Rijn <me@zv.io> pkgname=gnutls -pkgver=3.6.16 +pkgver=3.7.4 pkgrel=0 pkgdesc="A TLS protocol implementation" url="https://www.gnutls.org/" @@ -22,8 +22,7 @@ case $pkgver in ;; esac source="https://www.gnupg.org/ftp/gcrypt/gnutls/v${_v}/$pkgname-$pkgver.tar.xz - gnulib-tests-dont-require-gpg-passphrase.patch - disable-certtool-test.patch + tests-certtool.patch " # secfixes: @@ -85,6 +84,5 @@ xx() { mv "$pkgdir"/usr/lib/lib*xx.so.* "$subpkgdir"/usr/lib/ } -sha512sums="72c78d7fcb024393c1d15f2a1856608ae4460ba43cc5bbbb4c29b80508cae6cb822df4638029de2363437d110187e0a3cc19a7288c3b2f44b2f648399a028438 gnutls-3.6.16.tar.xz -abc24ee59cc67805fe953535b0bae33080fc8b0bf788304377f6d10ec8c162c4cf203a69c98a4ba3483b4c60ed7a204433cc7db9b8190eddb0d68f6fb6dad52d gnulib-tests-dont-require-gpg-passphrase.patch -25400be364c1f27b88451002a471cbf841b9738dd93c42dcbeaf7644c3deea6afc85300b40d5ae32d29dc4d441237e8b311f3e07f0af2fb4788701ee4e240c0f disable-certtool-test.patch" +sha512sums="38b488ca1223d9aa8fc25756df08db6f29aaf76fb5816fdeaa14bd89fb431a2e1c495fefc64094f726337d5b89e198146ec7dc22e9a1bca6841a9d881b0d99e6 gnutls-3.7.4.tar.xz +2006876dd33559a9ee4abe73e7cedc6867c4f480befdfd5fe9e3eca327e291c3cdb12385156c2ba5ab9496dec870b15178249e015363397f1d979ef785906366 tests-certtool.patch" diff --git a/user/gnutls/disable-certtool-test.patch b/user/gnutls/disable-certtool-test.patch deleted file mode 100644 index 2ae16a38e..000000000 --- a/user/gnutls/disable-certtool-test.patch +++ /dev/null @@ -1,33 +0,0 @@ -If GNUTLS_PIN is not available in the environment, the test will fail -because it cannot ask for the password: - -Generating a self signed certificate... -No PIN given. -note: when operating in batch mode, set the GNUTLS_PIN or GNUTLS_SO_PIN environment variables -cert generation failed -FAIL certtool (exit status: 1) - -The comment above this line says "some CI runners need GNUTLS_PIN -(GNUTLS_PIN=${PASS})" (i.e. GNUTLS_PIN=1234). When this is passed -instead, the test fails again because "No password was asked" (it greps -for "Enter password" in the output, but this won't happen because -GNUTLS_PIN is set). - -The folks at Nix believe this is an incompatibility due to musl's -getpass not falling back to stdin/stderr if it cannot connect to a tty, -as glibc does. - -https://gitlab.com/gnutls/gnutls/-/issues/945 - ---- gnutls-3.6.13/tests/cert-tests/certtool 2020-01-01 14:10:19.000000000 -0600 -+++ gnutls-3.6.13/tests/cert-tests/certtool 2020-06-02 20:36:20.380039844 -0500 -@@ -20,6 +20,9 @@ - - #set -e - -+echo 'this test is not compatible with musl' -+exit 77 -+ - srcdir="${srcdir:-.}" - CERTTOOL="${CERTTOOL:-../../src/certtool${EXEEXT}}" - DIFF="${DIFF:-diff -b -B}" diff --git a/user/gnutls/gnulib-tests-dont-require-gpg-passphrase.patch b/user/gnutls/gnulib-tests-dont-require-gpg-passphrase.patch deleted file mode 100644 index 2c9276cbc..000000000 --- a/user/gnutls/gnulib-tests-dont-require-gpg-passphrase.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- gnutls-3.6.2/gl/tests/test-vc-list-files-git.sh 2018-01-03 18:36:29.000000000 -0600 -+++ gnutls-3.6.2/gl/tests/test-vc-list-files-git.sh 2018-06-18 21:57:08.305562148 -0500 -@@ -32,6 +32,7 @@ - touch d/a b c && - git config user.email "you@example.com" && - git config user.name "Your Name" && -+ git config commit.gpgsign false && - git add . > /dev/null && - git commit -q -a -m log && - printf '%s\n' b c d/a > expected && diff --git a/user/gnutls/tests-certtool.patch b/user/gnutls/tests-certtool.patch new file mode 100644 index 000000000..13dc12b3b --- /dev/null +++ b/user/gnutls/tests-certtool.patch @@ -0,0 +1,33 @@ +I think this tests is simply wrong. +When a PIN is given, the program should run in batch mode. +So the question for "Enter password" should _not_ be present. + +Fails on the builders: + +> Generating a 3072 bit RSA private key... +> Generating a self signed certificate... +> No PIN given. +> note: when operating in batch mode, set the GNUTLS_PIN or GNUTLS_SO_PIN environment variables +> cert generation failed +> FAIL certtool.sh (exit status: 1) + +--- a/tests/cert-tests/certtool.sh 2019-02-07 07:33:45.960887338 +0000 ++++ b/tests/cert-tests/certtool.sh 2019-02-07 07:36:14.550955051 +0000 +@@ -49,7 +49,7 @@ + + #check whether password is being honoured + #some CI runners need GNUTLS_PIN (GNUTLS_PIN=${PASS}) +- ${SETSID} "${CERTTOOL}" --generate-self-signed --load-privkey ${TMPFILE1} --template ${srcdir}/templates/template-test.tmpl --ask-pass >${TMPFILE2} 2>&1 <<EOF ++ GNUTLS_PIN=${PASS} ${SETSID} "${CERTTOOL}" --generate-self-signed --load-privkey ${TMPFILE1} --template ${srcdir}/templates/template-test.tmpl --ask-pass >${TMPFILE2} 2>&1 <<EOF + $PASS + EOF + if test $? != 0;then +@@ -59,7 +59,7 @@ + fi + + grep "Enter password" ${TMPFILE2} >/dev/null 2>&1 +- if test $? != 0;then ++ if test $? != 1; then + cat ${TMPFILE2} + echo "No password was asked" + exit 1 |