[PATCH core-updates] gnu: gnutls: Enable p11-kit.

  • Done
  • quality assurance status badge
Details
2 participants
  • Jakub K?dzio?ka
  • Christopher Baines
Owner
unassigned
Submitted by
Christopher Baines
Severity
normal
C
C
Christopher Baines wrote on 16 Apr 2020 10:34
[PATCH] gnu: gnutls: Enable p11-kit.
(address . guix-patches@gnu.org)
20200416083409.6230-1-mail@cbaines.net
Everywhere except mips64el, where a comment says it doesn't work. I can't test
as I can't build this on mips64el anyway.

This change will enable running the tests for libcacard.

* gnu/packages/tls.scm (gnutls)[arguments]: Only specify --without-p11-kit on
mips64el.
[inputs]: Include the p11-kit for all systems except mips64el.
---
gnu/packages/tls.scm | 20 +++++++++++++++-----
1 file changed, 15 insertions(+), 5 deletions(-)

Toggle diff (47 lines)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 3eb32fc27a..85f159a401 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -181,7 +181,7 @@ living in the same process.")
`(; Ensure we don't keep a reference to this buggy software.
#:disallowed-references (,net-tools)
#:configure-flags
- (list
+ (cons*
;; GnuTLS doesn't consult any environment variables to specify
;; the location of the system-wide trust store. Instead it has a
;; configure-time option. Unless specified, its configure script
@@ -202,9 +202,14 @@ living in the same process.")
(string-append "--with-guile-extension-dir="
"$(libdir)/guile/$(GUILE_EFFECTIVE_VERSION)/extensions")
- ;; FIXME: Temporarily disable p11-kit support since it is not
- ;; working on mips64el.
- "--without-p11-kit")
+ (let ((system ,(or (%current-target-system)
+ (%current-system))))
+ (if (string-prefix? "mips64el" system)
+ (list
+ ;; FIXME: Temporarily disable p11-kit support since it is
+ ;; not working on mips64el.
+ "--without-p11-kit")
+ '())))
#:phases (modify-phases %standard-phases
(add-after
@@ -227,7 +232,12 @@ living in the same process.")
("pkg-config" ,pkg-config)
("which" ,which)))
(inputs
- `(("guile" ,guile-2.2)))
+ `(("guile" ,guile-2.2)
+ ,@(let ((system (or (%current-target-system)
+ (%current-system))))
+ (if (string-prefix? "mips64el" system)
+ '()
+ `(("p11-kit" ,p11-kit))))))
(propagated-inputs
;; These are all in the 'Requires.private' field of gnutls.pc.
`(("libtasn1" ,libtasn1)
--
2.26.0
J
J
Jakub K?dzio?ka wrote on 16 Apr 2020 14:16
(name . Christopher Baines)(address . mail@cbaines.net)
20200416121627.6uaox5yd3vmpym53@gravity
retitle 40654 [PATCH core-updates] gnu: gnutls: Enable p11-kit.
thanks

On Thu, Apr 16, 2020 at 09:34:09AM +0100, Christopher Baines wrote:
Toggle quote (9 lines)
> Everywhere except mips64el, where a comment says it doesn't work. I can't test
> as I can't build this on mips64el anyway.
>
> This change will enable running the tests for libcacard.
>
> * gnu/packages/tls.scm (gnutls)[arguments]: Only specify --without-p11-kit on
> mips64el.
> [inputs]: Include the p11-kit for all systems except mips64el.

Chris,

not sure if you noticed, but even though `guix refresh --list-dependent
gnutls' lists only 2 packages, this change will trigger a
core-updates-worthy rebuild due to the graft currently used for gnutls.

I was under the impression that, as a convention, we mark such patches
with [PATCH core-updates] in the subject, which made me uncertain as to
whether you realized that this will rebuild the world. (Though, now that
I think of it, testing this has probably required a significant amount
of time...)

Have a nice day!

Jakub K?dzio?ka
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEE5Xa/ss9usT31cTO54xWnWEYTFWQFAl6YTJsACgkQ4xWnWEYT
FWQnaA//b/zsGvpCP6qGuSWajQ6JUCoM1fDOlypnqtC7JjfYymBXfh1jiDQs7+f3
6NFXTtzIREn5IbB9lpOpSRsgDLs3JBwKzliOhcxIC8u0kEpW3EMBEEC58hJV69K7
ruUudoiTTUtgC51tHniKTSO6kWh4h0SOVpzMP+2zfL9c8qVfA9+wuHs4LZPmlTIp
KVotsBTvt/BAG8J/IdF3Tg8ATV18kOy9Jn1OVlIG+/wKXxLWnVWNioCwUujZBdWv
608O+Nn3MgkZMpVzMDFliuLW0A5kKgv31KQW3F4ePcVMdiJ7RWu49DCWJQzM3UB4
Bp4uTPitmR5rN8BPN+nhec0YbUqUlF7cl3IdmLRjQmTZxrhD3c6lLNT3m3UvHIhq
L6aiOwwc/M4xXqukIVW+rb63S2JF1Fl4vsY1hf3hSpPZZzObtauJZL2ZcyBwhFC+
URLzyx62K/WsckHA4B7bt4JdOApVDZvaho0GSwNvm4XI1Lemie8Ft+t6MVpDH41I
cMMX6A213mJLr5L/N1au9bAhnU3j9wIP+zGXeLcc/bR72jLeXT1iClArQP53C87a
PE4aR501lUClTJEt3c3AAxqq+q58IHvHbmE68e4J8yzzYRKXSQj86JkULGQFxmHH
u1M3p7ZFFi18mqE538dgIFHMPjJRyPa0GtQ3vWQtKFXUF909nsE=
=UJe5
-----END PGP SIGNATURE-----


C
C
Christopher Baines wrote on 16 Apr 2020 19:37
(name . Jakub K?dzio?ka)(address . kuba@kadziolka.net)(address . 40654@debbugs.gnu.org)
87o8rr5o20.fsf@cbaines.net
Jakub K?dzio?ka <kuba@kadziolka.net> writes:

Toggle quote (16 lines)
> On Thu, Apr 16, 2020 at 09:34:09AM +0100, Christopher Baines wrote:
>> Everywhere except mips64el, where a comment says it doesn't work. I can't test
>> as I can't build this on mips64el anyway.
>>
>> This change will enable running the tests for libcacard.
>>
>> * gnu/packages/tls.scm (gnutls)[arguments]: Only specify --without-p11-kit on
>> mips64el.
>> [inputs]: Include the p11-kit for all systems except mips64el.
>
> Chris,
>
> not sure if you noticed, but even though `guix refresh --list-dependent
> gnutls' lists only 2 packages, this change will trigger a
> core-updates-worthy rebuild due to the graft currently used for gnutls.

Yeah, I noticed. This is a change I made when working on the QEMU
smartcard support for GNOME Boxes [1], and I sent it as a separate patch
as it does need handling differently.


Toggle quote (6 lines)
> I was under the impression that, as a convention, we mark such patches
> with [PATCH core-updates] in the subject, which made me uncertain as to
> whether you realized that this will rebuild the world. (Though, now that
> I think of it, testing this has probably required a significant amount
> of time...)

I simply didn't know about that convention, thanks for letting me know
:)

Chris
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAl6Yl/dfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE
9XcgGhAAlrxEGhRrNzmKpt0BOIa7XaHlcdMfcjHxovnKNkjZenyeZ4nNlbcxGuLm
QVIpZpV6OuDTMjIh4QvvWovfBgJ7A/n5XGybMyFeHQvnqtMYeu3cWMHrXgaO5JgD
F003AqM0X7cLEi29SYyZvEDmQK1LqFUovP0xDEs43HqrFW9VPdzmhsHrz9sBFOW4
5kLae/5oVvLMCJ2qsPHDYJpEHKBY82rPwJWyi7WwSc3b7008aeKC+nP6ZPERDQyT
+go0FOl/b0xm+Df76hNIIzC3RYR0DR6lAkHINc/9m3jIEUQ8U0GoxhuOmxjB2h5q
Z7d2qC5j2fcqkmggL9XK56vCZyfELfx5XM+MOWkFVA3zmXyo/kA6vqk7c6KTyKOl
TTXB9xZxHzr9Z7Jz6XS2D2BY3xzBn7M7dw/uHq3BbQPRPiG7Y0UsyIy/AXz1So7X
SWvRvlrDjMya+O4qLSlDH0euOn4QW8prypNchil1dwoSm9r3gYuUxtlqR6CtHEKG
DtuXL5Lyw3slhO7pi2gpCTllEIUQyHtUk+/4QZW7/h7JH/I/DpKlwdtqgoEbe3Oj
TLZUF6wapEDiH788MY6aD8EvkwEaZoUYG6VVA4cqOlCYmNW2HZWeL32Vs052Wnsk
umkGe9RwKus+P/d5QhtKG9opKD1miLzCk+sAJgwKfYbnic9f9pU=
=hoKq
-----END PGP SIGNATURE-----

C
C
Christopher Baines wrote on 21 Oct 2020 22:50
Re: [bug#40654] [PATCH] gnu: gnutls: Enable p11-kit.
(address . 40654-done@debbugs.gnu.org)
87h7qngv69.fsf@cbaines.net
Christopher Baines <mail@cbaines.net> writes:

Toggle quote (58 lines)
> Everywhere except mips64el, where a comment says it doesn't work. I can't test
> as I can't build this on mips64el anyway.
>
> This change will enable running the tests for libcacard.
>
> * gnu/packages/tls.scm (gnutls)[arguments]: Only specify --without-p11-kit on
> mips64el.
> [inputs]: Include the p11-kit for all systems except mips64el.
> ---
> gnu/packages/tls.scm | 20 +++++++++++++++-----
> 1 file changed, 15 insertions(+), 5 deletions(-)
>
> diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
> index 3eb32fc27a..85f159a401 100644
> --- a/gnu/packages/tls.scm
> +++ b/gnu/packages/tls.scm
> @@ -181,7 +181,7 @@ living in the same process.")
> `(; Ensure we don't keep a reference to this buggy software.
> #:disallowed-references (,net-tools)
> #:configure-flags
> - (list
> + (cons*
> ;; GnuTLS doesn't consult any environment variables to specify
> ;; the location of the system-wide trust store. Instead it has a
> ;; configure-time option. Unless specified, its configure script
> @@ -202,9 +202,14 @@ living in the same process.")
> (string-append "--with-guile-extension-dir="
> "$(libdir)/guile/$(GUILE_EFFECTIVE_VERSION)/extensions")
>
> - ;; FIXME: Temporarily disable p11-kit support since it is not
> - ;; working on mips64el.
> - "--without-p11-kit")
> + (let ((system ,(or (%current-target-system)
> + (%current-system))))
> + (if (string-prefix? "mips64el" system)
> + (list
> + ;; FIXME: Temporarily disable p11-kit support since it is
> + ;; not working on mips64el.
> + "--without-p11-kit")
> + '())))
>
> #:phases (modify-phases %standard-phases
> (add-after
> @@ -227,7 +232,12 @@ living in the same process.")
> ("pkg-config" ,pkg-config)
> ("which" ,which)))
> (inputs
> - `(("guile" ,guile-2.2)))
> + `(("guile" ,guile-2.2)
> + ,@(let ((system (or (%current-target-system)
> + (%current-system))))
> + (if (string-prefix? "mips64el" system)
> + '()
> + `(("p11-kit" ,p11-kit))))))
> (propagated-inputs
> ;; These are all in the 'Requires.private' field of gnutls.pc.
> `(("libtasn1" ,libtasn1)

I've pushed this to core-updates now as
1c2889b1ce08e1f91193e237e03462dc74c63726.
-----BEGIN PGP SIGNATURE-----

iQKlBAEBCgCPFiEEPonu50WOcg2XVOCyXiijOwuE9XcFAl+Qny5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcRHG1haWxAY2Jh
aW5lcy5uZXQACgkQXiijOwuE9XeSfg/7BHSDQqEEEwDLRqMDye4Fk/cjFWCAd7qa
21Q3pdYiEHd6QbaH7baiSzScHHzT41TLWRIz6hHQtbYDk72OzhQr3idX+//ZYY6P
/0TLmvKJUKHLlkm2uGmu9IF2s2+asJcY4WlprBPp/yuedKFqIERXAw6hLUJErNOQ
OlfSpwsDLBQeL4/iVR46YBi1q291rjNxHxtKsXyUMI4dWw0mQnFCA+iXHD5m/ecI
gnaLJIscpEPoD0/E0R9/F1Fv+TzfyrwyCr02LRRiFpy1E+58BVK/LbeC7kae1Zoi
TiJTaJZN03bteQ7mNZE1XQFaxwnnVaASgsWNluXE3RSY1BVCtYCe0Ktxfm9hZOAy
o048DiOeVD4F09rXyNCG5TIiTBcu8OdGW3Xd6yvwpaCdSPq5MjACeXnXX6LNlF2v
U7CEkn/umqBxTWkLAQtGnyK8NuJ4waZDo4vDy48UcInqXlwUAkoej5sMhn8yDqSD
Rtxp4KXxwrcwU5aeDpyZcxbuNrXq6Er89B1uz4oJV4iGYQbj+tD7Z9Z09Pl9pVOw
Yk8Xv04rrw02DgBlQzeCflkVlniUeKIfbWFDh3JAT3+bFAGS/8EFu48+6RHMTykI
+DN26Hg5xlL5dU3dFfadQhjjKbFNvxBtWigJjm7eDkLn6DJ1ZneRQrQCxEsGysym
o0Q17KA9YjY=
=R7OM
-----END PGP SIGNATURE-----

Closed
?