GNU bug report logs - #49706
[PATCH] gnu: gmnisrv: Update to commit 32854b7.

Previous Next

Full log

View this message in rfc822 format

From: Xinglu Chen <public <at> yoctocell.xyz>
To: Sarah Morgensen <iskarian <at> mgsn.dev>, 49706 <at> debbugs.gnu.org
Subject: [bug#49706] [PATCH] gnu: gmnisrv: Update to commit 32854b7.
Date: Sat, 24 Jul 2021 15:29:30 +0200

[Message part 1 (text/plain, inline)]

On Fri, Jul 23 2021, Sarah Morgensen wrote:

> Update to latest commit. Gmnisrv uses v3 X509 certificates now, and so
> "requires fresh certificates, which could break clients with strict
> trust-on-first-use policies."
>
> gnu/packages/web.scm (gmnisrv): Update to commit 32854b7.
> ---
> Hello Guix,
>
> There is one possibly breaking change in this update:
>
>>    Use v3 X509 certificate
>>
>>    This fixes an issue where rustls failed to validate the X509v1 certificate.
>>
>>    Tested with Amfora, av-98, and titan (https://github.com/mkeeter/titan)
>>
>>    This requires fresh certificates, which could break clients with strict
>>    trust-on-first-use policies; unfortunately, it doesn't appear to be possible
>>    to migrate v1 certificates to v3.
>
> Also, I'm not sure if this is the correct style for updating unversioned
> software, so if I missed something, please let me know!

It is usually has the format VERSION-REVISION.COMMIT, where COMMIT is
the first 7 characters of the commit id.  In this case the commit
summary would be:

  gnu: gmnisrv: Update to 0-2.32854b7.

If you use Emacs, there is a Yasnippet snippet for generating commit
messages in Magit, just type “update<TAB>” in the commit buffer.

I don’t use ‘gmnisrv’, so I can’t really test it, but it builds fine for
me.  :)

[signature.asc (application/pgp-signature, inline)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.