GNU bug report logs - #74092
[PATCH] fix gnutls package

Previous Next

Package: guix-patches;

Reported by: Adam Quandour <adam.quandour <at> gmail.com>

Date: Tue, 29 Oct 2024 17:34:01 UTC

Severity: normal

Tags: patch

Done: Vagrant Cascadian <vagrant <at> debian.org>

Bug is archived. No further changes may be made.

Full log

Message #11 received at 74092 <at> debbugs.gnu.org (full text, mbox):

From: Adam <adam.quandour <at> gmail.com>
To: Tomas Volf <~@wolfsden.cz>
Cc: 74092 <at> debbugs.gnu.org
Subject: Re: [bug#74092] [PATCH] fix gnutls package
Date: Tue, 29 Oct 2024 21:31:58 +0300

[Message part 1 (text/plain, inline)]
The main reason I wrote the patch - I cannot build gnutls <at> 3.8.3 from source
code.
This command
```
guix build gnutls <at> 3.8.3 --no-substitutes
```
returns me this
```
  expected hash: 0ghpyhhfa3nsraph6dws50jb3dc8g2cfl7dizdnyrm179fawakzp
  actual hash:   0kayjxy3rr2y08jjimz5f0dx92pq3xjiaj2pdnsn15h1rp2k21pa
hash mismatch for store item
'/gnu/store/9zh4mcmwp2afyl4ig56943w64czdz2kp-gnutls-3.8.3.tar.xz'
```
Guix I'm using
```
    guix:
      repository URL: https://git.savannah.gnu.org/git/guix.git
      branch: master
      commit: 4009d1de954d694cb11af391d4113d29c5c1379d
```
Am I getting it right - you are suggesting I
replace "mirror://gnupg/gnutls/v" with
"https://gnutls.org/" or "ftp://gnutls.org" ?
I'm asking because I'm not the original author of this package, so it's not
obvious to me,
what will be the right decision here?

On Tue, Oct 29, 2024 at 8:59 PM Tomas Volf <~@wolfsden.cz> wrote:
>
> Adam Quandour <adam.quandour <at> gmail.com> writes:
>
> > Actual hash of this package is not the same as the specified one.
> > ---
> >  gnu/packages/tls.scm | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
> > index 1a1ce0d..4f862ff 100644
> > --- a/gnu/packages/tls.scm
> > +++ b/gnu/packages/tls.scm
> > @@ -212,7 +212,7 @@ (define-public gnutls
> >                (patches (search-patches
"gnutls-skip-trust-store-test.patch"))
> >                (sha256
> >                 (base32
> > -
 "0ghpyhhfa3nsraph6dws50jb3dc8g2cfl7dizdnyrm179fawakzp"))))
> > +
 "0kayjxy3rr2y08jjimz5f0dx92pq3xjiaj2pdnsn15h1rp2k21pa"))))
>
> When I download the release from the official website[0], via the gnupg
> ftp[1], I do get the file with the old hash[2].
>
> I am not sure what is going on here, but the discrepancy should be
> investigated and documented in the commit message.  Just adjusting the
> hash is probably not the best choice.
>
> I would assume the upstream[0] should be the authoritative source for
> the hash, not the mirror.
>
> 0: https://gnutls.org/download.html
> 1: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/
> 2: 0ghpyhhfa3nsraph6dws50jb3dc8g2cfl7dizdnyrm179fawakzp
>
> >      (build-system gnu-build-system)
> >      (arguments
> >       (list #:tests? (not (or (%current-target-system)
>
> Have a nice day,
> Tomas
>
> --
> There are only two hard things in Computer Science:
> cache invalidation, naming things and off-by-one errors.

[Message part 2 (text/html, inline)]
This bug report was last modified 195 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.