GNU bug report logs - #75026
[PATCH core-updates 0/7] Update gnutls and curl.

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Subject: bug#75026: closed (Re: [bug#75026] [PATCH core-updates 1/7] gnu:
 gnutls: Update to 3.8.8.)
Date: Wed, 21 May 2025 07:34:02 +0000

[Message part 1 (text/plain, inline)]

Your bug report

#75026: [PATCH core-updates 0/7] Update gnutls and curl.

which was filed against the guix-patches package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 75026 <at> debbugs.gnu.org.

-- 
75026: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=75026
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 75026-done <at> debbugs.gnu.org
Subject: Re: [bug#75026] [PATCH core-updates 1/7] gnu: gnutls: Update to 3.8.8.
Date: Wed, 21 May 2025 16:33:35 +0900

Hi Ludovic,

Ludovic Courtès <ludo <at> gnu.org> writes:

[...]

>> +           #~(list (string-append
>> +                    "XFAIL_TESTS="
>> +                    ;; This test checks that the default trust store is
>> +                    ;; readable; expect it to fail since the trust store
>> +                    ;; doesn't exist in the build environment.
>> +                    "trust-store "
>
> This suggests that the patch above was still useful, after all?  (The
> patch still applies apparently:
> <https://ci.guix.gnu.org/build/6753571/log>.)

There was an issue where the certificates added were not trusted by
p11-kit, despite being added to something called the 'trust_paths',
haha!  The trick was to expose them via an 'anchors/' subdirectory.
p11-kit special-case this for trusted .pem certificates made available
via a directory.

> Also, lack of the patch might trigger failures in the test suites of
> dependents.  What does ‘guix build -P1 gnutls’ say?
>
>> +                    ;; This one fails only inside the build environment, for
>> +                    ;; reasons unknown (see:
>> +                    ;; <https://gitlab.com/gnutls/gnutls/-/issues/1634>).
>> +                    "tls13/compress-cert-neg2 "))
>
> This is weird, would be interesting to investigate, maybe stracing the
> test to see why it would fail in the build environment and not outside
> of it?

That's been resolved via the '--with-zlib=link configuration flag.

I'll close this series and submit a fresh one, since the curl updates
has been moved to another series.

-- 
Thanks,
Maxim

[Message part 3 (message/rfc822, inline)]

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: guix-patches <at> gnu.org
Cc: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Subject: [PATCH core-updates 0/7] Update gnutls and curl.
Date: Mon, 23 Dec 2024 00:52:54 +0900

Maxim Cournoyer (7):
  gnu: gnutls: Update to 3.8.8.
  gnu: gnutls: Enable zstd compression.
  gnu: gnutls: Streamline mips64el conditionals.
  gnu: brotli: Update to 1.1.0.
  gnu: libidn: Update to 1.42.
  gnu: curl: Update to 8.11.1 and ungraft.
  gnu: curl: Enable zstd support.

 gnu/local.mk                                  |   2 -
 gnu/packages/compression.scm                  |  47 ++--
 gnu/packages/curl.scm                         |  59 +++---
 gnu/packages/libidn.scm                       |   4 +-
 gnu/packages/patches/curl-CVE-2024-8096.patch | 200 ------------------
 .../gnutls-skip-trust-store-test.patch        |  15 --
 gnu/packages/tls.scm                          |  50 ++---
 7 files changed, 74 insertions(+), 303 deletions(-)
 delete mode 100644 gnu/packages/patches/curl-CVE-2024-8096.patch
 delete mode 100644 gnu/packages/patches/gnutls-skip-trust-store-test.patch


base-commit: 42ba1aa8b3090f3a4957d36be14e93c5e36f1825
-- 
2.46.0

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.