GNU bug report logs -
#49706
[PATCH] gnu: gmnisrv: Update to commit 32854b7.
Previous Next
Reported by: Sarah Morgensen <iskarian <at> mgsn.dev>
Date: Fri, 23 Jul 2021 08:09:02 UTC
Severity: normal
Tags: patch
Done: Arun Isaac <arunisaac <at> systemreboot.net>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your message dated Sun, 25 Jul 2021 16:01:03 +0530
with message-id <87im0yfzx4.fsf <at> systemreboot.net>
and subject line Re: [bug#49706] [PATCH v2] gnu: gmnisrv: Update to 0-2.32854b7.
has caused the debbugs.gnu.org bug report #49706,
regarding [PATCH] gnu: gmnisrv: Update to commit 32854b7.
to be marked as done.
(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)
--
49706: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=49706
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
Update to latest commit. Gmnisrv uses v3 X509 certificates now, and so
"requires fresh certificates, which could break clients with strict
trust-on-first-use policies."
gnu/packages/web.scm (gmnisrv): Update to commit 32854b7.
---
Hello Guix,
There is one possibly breaking change in this update:
> Use v3 X509 certificate
>
> This fixes an issue where rustls failed to validate the X509v1 certificate.
>
> Tested with Amfora, av-98, and titan (https://github.com/mkeeter/titan)
>
> This requires fresh certificates, which could break clients with strict
> trust-on-first-use policies; unfortunately, it doesn't appear to be possible
> to migrate v1 certificates to v3.
Also, I'm not sure if this is the correct style for updating unversioned
software, so if I missed something, please let me know!
--
Sarah
gnu/packages/web.scm | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 12ba55cdc8..270ad31331 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -7968,8 +7968,8 @@ solution for any project's interface needs:
(license license:expat)))
(define-public gmnisrv
- (let ((commit "d484ba0ab0020866535a44be5948c9482b8f2b8d")
- (revision "1"))
+ (let ((commit "32854b79c73b278bf33eb5123abf1c36abdc7c01")
+ (revision "2"))
(package
(name "gmnisrv")
(version (git-version "0" revision commit))
@@ -7981,7 +7981,7 @@ solution for any project's interface needs:
(commit commit)))
(sha256
(base32
- "11phipixsxx1jgm42agp76p5s68l0zj65kgb41vzaymgwcq79ivn"))
+ "0lbb3ablwkdcgm1cjr1hikr55y8gpl420nh8b8g9wn4abhm2xgr9"))
(file-name (git-file-name name version))))
(build-system gnu-build-system)
(arguments
base-commit: 89ea0918a4a6cc9c250b85c0b713e471b7769c48
prerequisite-patch-id: 2d6692cc3cf8a733e69e6ff6b02863a160b03011
--
2.31.1
[Message part 3 (message/rfc822, inline)]
[Message part 4 (text/plain, inline)]
Hi Sarah and Xinglu,
Thanks for working on this patch! I have pushed this with the following
two minor changes.
1. Added copyright header for Sarah.
> Update to latest commit. Gmnisrv uses v3 X509 certificates now, and so
2. Downcased Gmnisrv to gmnisrv since that seems to be the correct
capitalization according to upstream.
Regards,
Arun
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 3 years and 298 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.