GNU bug report logs - #22831
OpenSSL should not depend on Perl

Previous Next

Package: guix;

Reported by: ludo <at> gnu.org (Ludovic Courtès)

Date: Sat, 27 Feb 2016 17:06:02 UTC

Severity: normal

Done: ludo <at> gnu.org (Ludovic Courtès)

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: ludo <at> gnu.org (Ludovic Courtès)
Subject: bug#22831: closed (Re: bug#22831: OpenSSL should not depend on Perl)
Date: Tue, 01 Mar 2016 17:25:02 +0000

[Message part 1 (text/plain, inline)]
Your bug report

#22831: OpenSSL should not depend on Perl

which was filed against the guix package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 22831 <at> debbugs.gnu.org.

-- 
22831: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=22831
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: ludo <at> gnu.org (Ludovic Courtès)
To: Leo Famulari <leo <at> famulari.name>
Cc: 22831-done <at> debbugs.gnu.org
Subject: Re: bug#22831: OpenSSL should not depend on Perl
Date: Tue, 01 Mar 2016 18:24:15 +0100

ludo <at> gnu.org (Ludovic Courtès) skribis:

> Leo Famulari <leo <at> famulari.name> skribis:
>
>> On Sun, Feb 28, 2016 at 02:35:12PM +0100, Ludovic Courtès wrote:
>>> Leo Famulari <leo <at> famulari.name> skribis:
>>> 
>>> > On Sat, Feb 27, 2016 at 06:05:29PM +0100, Ludovic Courtès wrote:
>>> >> Commit 784d6e91 changed OpenSSL such that it does not depend on Perl,
>>> >> but one of the subsequent upgrades broke it:
>>> >
>>> > Bisecting, I narrowed it down to:
>>> > 86c8f1daf8ed10f13f2b1e973a28845629b8ce47
>>> > (gnu: openssl: Update to 1.0.2e [fixes CVE-2015-{3193,3194,3195}].).
>>> >
>>> > I'll get the openssl sources corresponding to the good and bad commmits
>>> > and try to figure out what changed that pulled perl back in.
>>> 
>>> Awesome.  Hopefully we can apply the fix when we upgrade OpenSSL this
>>> Tuesday.
>>
>> 'openssl-c-rehash.patch' is being applied, but at some point in the
>> build process the change is reverted.
>
> In the source, I see:
>
> $ find -name c_rehash\*
> ./tools/c_rehash
> ./tools/c_rehash.in
> ./doc/apps/c_rehash.pod
>
> Could it be that the unpatched one ends up being installed or something?

Indeed.  Fixed in caeadfd, though without #:allowed-references—it’ll be
more convenient to use #:disallowed-references when it’s implemented.

Ludo’.


[Message part 3 (message/rfc822, inline)]
From: ludo <at> gnu.org (Ludovic Courtès)
To: bug-guix <at> gnu.org
Subject: OpenSSL should not depend on Perl
Date: Sat, 27 Feb 2016 18:05:29 +0100

Commit 784d6e91 changed OpenSSL such that it does not depend on Perl,
but one of the subsequent upgrades broke it:

--8<---------------cut here---------------start------------->8---
$ guix build perl
/gnu/store/x2p2biyybcb2wac77qz9468asc5fm48i-perl-5.22.1
$ grep -r x2p2biyybcb2wac77qz9468asc5fm48i $(guix build openssl)
/gnu/store/qvx4q6lbwi4s3cwr8wqaa7kcva0a5c4b-openssl-1.0.2f/bin/c_rehash:#!/gnu/store/x2p2biyybcb2wac77qz9468asc5fm48i-perl-5.22.1/bin/perl
--8<---------------cut here---------------end--------------->8---

Somehow ‘openssl-c-rehash.patch’ seems to no longer have the desired
effect.

Ludo’.
This bug report was last modified 9 years and 119 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.