Remove packages that depend on unsupported old OpenSSL releases

DoneSubmitted by Leo Famulari.
Details
6 participants
  • Efraim Flashner
  • Giovanni Biscuolo
  • Julien Lepiller
  • Leo Famulari
  • Ludovic Courtès
  • Pierre Langlois
Owner
unassigned
Severity
normal
L
L
Leo Famulari wrote on 4 Aug 03:08 +0200
[PATCH] gnu: Remove dillo.
(address . guix-patches@gnu.org)
0ee91a928acdf41a8f3fb932827dfb45423ad0d1.1628039334.git.leo@famulari.name
As discussed in https://bugs.gnu.org/46602, Dillo does not include asupported implementation of TLS / HTTPS, and there does not seem to beany activity upstream to improve that.
* gnu/packages/web-browsers.scm (dillo): Remove variable.--- gnu/packages/web-browsers.scm | 31 ------------------------------- 1 file changed, 31 deletions(-)
Toggle diff (44 lines)diff --git a/gnu/packages/web-browsers.scm b/gnu/packages/web-browsers.scmindex bd5ed1b5ac..6e011e8b14 100644--- a/gnu/packages/web-browsers.scm+++ b/gnu/packages/web-browsers.scm@@ -147,37 +147,6 @@ management, extensions such as advertisement blocker and colorful tabs.") (home-page "https://www.midori-browser.org") (license license:lgpl2.1+))) -(define-public dillo- (package- (name "dillo")- (version "3.0.5")- (source (origin- (method url-fetch)- (uri (string-append "https://www.dillo.org/download/"- "dillo-" version ".tar.bz2"))- (sha256- (base32- "12ql8n1lypv3k5zqgwjxlw1md90ixz3ag6j1gghfnhjq3inf26yv"))))- (build-system gnu-build-system)- (arguments `(#:configure-flags '("--enable-ssl" "--enable-ipv6")))- (native-inputs `(("pkg-config" ,pkg-config)))- (inputs `(("fltk" ,fltk)- ("fontconfig" ,fontconfig)- ("libjpeg" ,libjpeg-turbo)- ("libpng" ,libpng)- ("libxcursor" ,libxcursor)- ("libxft" ,libxft)- ("libxi" ,libxi)- ("libxinerama" ,libxinerama)- ("openssl" ,openssl-1.0) ;XXX try latest openssl for dillo > 3.0.5- ("perl" ,perl)- ("zlib" ,zlib)))- (synopsis "Very small and fast graphical web browser")- (description "Dillo is a minimalistic web browser particularly intended for-older or slower computers and embedded systems.")- (home-page "https://www.dillo.org")- (license license:gpl3+)))- (define-public links (package (name "links")-- 2.32.0
L
L
Leo Famulari wrote on 4 Aug 03:20 +0200
(no subject)
(address . control@debbugs.gnu.org)
YQnrS81w1NxHSQHW@jasmine.lan
retitle 49859 Remove packages that depend on unsupported old OpenSSL releases
L
L
Leo Famulari wrote on 4 Aug 03:20 +0200
[PATCH 1/6] gnu: Remove pidentd.
(address . 49859@debbugs.gnu.org)
e874bdd3732a0423a9fa1c52f2996411ce08072c.1628040048.git.leo@famulari.name
As discussed in https://bugs.gnu.org/46602, pidentd does not support acurrent release of OpenSSL, and there does not seem to be any activityupstream to improve that.
* gnu/packages/networking.scm (pidentd): Remove variable.--- gnu/packages/networking.scm | 27 --------------------------- 1 file changed, 27 deletions(-)
Toggle diff (40 lines)diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scmindex 05fd092b23..212d4eac2f 100644--- a/gnu/packages/networking.scm+++ b/gnu/packages/networking.scm@@ -2595,33 +2595,6 @@ enabled due to license conflicts between the BSD advertising clause and the GPL. ;; distribution for clarification. (license (list license:bsd-3 license:bsd-4)))) -(define-public pidentd- (package- (name "pidentd")- (version "3.0.19")- (source- (origin- (method git-fetch)- (uri (git-reference- (url "https://github.com/ptrrkssn/pidentd")- (commit (string-append "v" version))))- (file-name (git-file-name name version))- (sha256- (base32- "1k4rr0b4ygxssbnsykzjvz4hjhazzz4j5arlilyc1iq7b1wzsk7i"))))- (build-system gnu-build-system)- (arguments- `(#:tests? #f)) ; No tests are included- (inputs- `(("openssl" ,openssl-1.0))) ;for the DES library- (home-page "https://www.lysator.liu.se/~pen/pidentd/")- (synopsis "Small Ident Daemon")- (description- "@dfn{Pidentd} (Peter's Ident Daemon) is an identd, which implements a-identification server. Pidentd looks up specific TCP/IP connections and-returns the user name and other information about the connection.")- (license license:public-domain)))- (define-public spiped (package (name "spiped")-- 2.32.0
L
L
Leo Famulari wrote on 4 Aug 03:20 +0200
[PATCH 3/6] gnu: Remove adb and fastboot.
(address . 49859@debbugs.gnu.org)
98b6d8eee70e27683b6617ba92afd7a353514e45.1628040049.git.leo@famulari.name
As discussed in https://bugs.gnu.org/46602, this version of adb doesnot support a current release of OpenSSL.
* gnu/packages/android.scm (adb, fastboot): Remove variables.--- gnu/packages/android.scm | 95 ---------------------------------------- 1 file changed, 95 deletions(-)
Toggle diff (115 lines)diff --git a/gnu/packages/android.scm b/gnu/packages/android.scmindex eb538f6540..746a104d43 100644--- a/gnu/packages/android.scm+++ b/gnu/packages/android.scm@@ -351,53 +351,6 @@ various Android core host applications.") various Android core host applications.") (license license:asl2.0))) -(define-public adb- (package- (name "adb")- (version (android-platform-version))- (source (android-platform-system-core version))- (build-system android-ndk-build-system)- (arguments- `(#:tests? #f ; Test failure: sysdeps_poll.fd_count- #:make-flags- (list "CFLAGS=-Wno-error"- "CXXFLAGS=-fpermissive -Wno-error -std=gnu++14 -D_Nonnull= -D_Nullable= -I ."- (string-append "LDFLAGS=-Wl,-rpath=" (assoc-ref %outputs "out") "/lib "- "-Wl,-rpath=" (assoc-ref %build-inputs "openssl") "/lib -L ."))- #:phases- (modify-phases %standard-phases- (add-after 'unpack 'enter-source- (lambda _ (chdir "adb") #t))- (add-after 'enter-source 'glibc-compat- (lambda _- ;; Include sysmacros.h for "major" and "minor" in Glibc 2.28.- (substitute* "usb_linux.cpp"- (("#include <sys/types.h>" all)- (string-append all "\n#include <sys/sysmacros.h>\n")))- #t))- (add-after 'enter-source 'make-libs-available- (lambda* (#:key inputs outputs #:allow-other-keys)- (substitute* "Android.mk"- (("libcrypto_static") "libcrypto"))- #t))- (add-after 'install 'install-headers- (lambda* (#:key inputs outputs #:allow-other-keys)- (install-file "diagnose_usb.h" (string-append (assoc-ref outputs "out") "/include"))- #t)))))- (inputs- `(("android-libbase" ,android-libbase)- ("android-libcutils" ,android-libcutils)- ("android-liblog" ,android-liblog)- ("openssl" ,openssl-1.0)))- (home-page "https://developer.android.com/studio/command-line/adb.html")- (synopsis "Android Debug Bridge")- (description- "@command{adb} is a versatile command line tool that lets you communicate-with an emulator instance or connected Android device. It facilitates a variety-of device actions, such as installing and debugging apps, and it provides access-to a Unix shell that can run commands on the connected device or emulator.")- (license license:asl2.0)))- (define-public mkbootimg (package (name "mkbootimg")@@ -652,54 +605,6 @@ file system.") (description "@code{android-libutils} provides utilities for Android NDK developers.") (license license:asl2.0))) -(define-public fastboot- (package- (name "fastboot")- (version (android-platform-version))- (source (android-platform-system-core version))- (build-system android-ndk-build-system)- (arguments- `(#:phases- (modify-phases %standard-phases- (add-after 'unpack 'enter-source- (lambda _- (chdir "fastboot")- #t))- (add-after 'enter-source 'patch-source- (lambda _- (substitute* "Android.mk"- (("libext4_utils_host") "libext4_utils_host libselinux libpcre"))- #t))- (replace 'install- (lambda* (#:key outputs #:allow-other-keys)- (let* ((out (assoc-ref outputs "out"))- (lib (string-append out "/lib"))- (bin (string-append out "/bin")))- (install-file "fastboot" bin)- #t))))))- (inputs- `(("adb" ,adb)- ("android-safe-iop" ,android-safe-iop)- ("android-ext4-utils" ,android-ext4-utils)- ("android-f2fs-utils" ,android-f2fs-utils)- ("android-libbase" ,android-libbase)- ("android-libcutils" ,android-libcutils)- ("android-liblog" ,android-liblog)- ("android-libutils" ,android-libutils)- ("android-libsparse" ,android-libsparse)- ("android-libziparchive" ,android-libziparchive)- ("android-libselinux" ,android-libselinux)- ("pcre" ,pcre)- ("mkbootimg" ,mkbootimg)- ("zlib" ,zlib)))- (native-inputs- `(("xz" ,xz)))- (home-page "https://developer.android.com/studio/command-line/")- (synopsis "Android image flasher")- (description- "This package provides @command{fastboot}, a tool to upload file system images to Android devices.")- (license license:asl2.0)))- (define-public android-udev-rules (package (name "android-udev-rules")-- 2.32.0
L
L
Leo Famulari wrote on 4 Aug 03:20 +0200
[PATCH 2/6] gnu: Remove cadaver.
(address . 49859@debbugs.gnu.org)
09d99994542520b463a469b45b8a67b500b177cc.1628040048.git.leo@famulari.name
As discussed in https://bugs.gnu.org/46602, cadaver does not support acurrent release of OpenSSL.
* gnu/packages/web.scm (cadaver): Remove variable.--- gnu/packages/web.scm | 32 -------------------------------- 1 file changed, 32 deletions(-)
Toggle diff (45 lines)diff --git a/gnu/packages/web.scm b/gnu/packages/web.scmindex 432ed3c445..24dd08d44f 100644--- a/gnu/packages/web.scm+++ b/gnu/packages/web.scm@@ -6614,38 +6614,6 @@ file links.") license:psfl ; linkcheck/gzip2.py license:expat)))) ; linkcheck/mem.py -(define-public cadaver- (package- (name "cadaver")- (version "0.23.3")- (source- (origin- (method url-fetch)- (uri (string-append "http://www.webdav.org/cadaver/"- name "-" version ".tar.gz"))- (sha256- (base32- "1jizq69ifrjbjvz5y79wh1ny94gsdby4gdxwjad4bfih6a5fck7x"))))- (build-system gnu-build-system)- ;; TODO: Unbundle libneon and make build succeed with new neon.- (arguments- `(#:configure-flags (list "--with-ssl=openssl")- #:tests? #f)) ;No tests included- (native-inputs- `(("gettext" ,gettext-minimal)- ("pkg-config" ,pkg-config)- ("intltool" ,intltool)))- (inputs- `(("expat" ,expat)- ("openssl" ,openssl-1.0)))- (home-page "http://www.webdav.org/cadaver/")- (synopsis "Command-line WebDAV client")- (description- "Cadaver is a command-line WebDAV client for Unix. It supports-file upload, download, on-screen display, namespace operations (move/copy),-collection creation and deletion, and locking operations.")- (license license:gpl2)))- (define-public castor (package (name "castor")-- 2.32.0
L
L
Leo Famulari wrote on 4 Aug 03:20 +0200
[PATCH 4/6] gnu: Remove eschalot.
(address . 49859@debbugs.gnu.org)
f0b61ab3c4dc99fab70cfb6ec54c5e8ee8c26446.1628040049.git.leo@famulari.name
As discussed in https://bugs.gnu.org/46602, eschalot does not supporta current release of OpenSSL.
* gnu/packages/crypto.scm (eschalot): Remove variable.--- gnu/packages/crypto.scm | 57 ----------------------------------------- 1 file changed, 57 deletions(-)
Toggle diff (70 lines)diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scmindex fe2cec045d..83c1a08dee 100644--- a/gnu/packages/crypto.scm+++ b/gnu/packages/crypto.scm@@ -398,63 +398,6 @@ secure operations. ") (license (list license:lgpl2.1+ ; the files keyutils.* license:gpl2+)))) ; the rest -;; There is no release candidate but commits point out a version number,-;; furthermore no tarball exists.-(define-public eschalot- (let ((commit "0bf31d88a11898c19b1ed25ddd2aff7b35dbac44")- (revision "1"))- (package- (name "eschalot")- (version (string-append "1.2.0-" revision "." (string-take commit 7)))- (source- (origin- (method git-fetch)- (uri (git-reference- (url "https://github.com/schnabear/eschalot")- (commit commit)))- (file-name (string-append name "-" version))- (sha256- (base32- "0lj38ldh8vzi11wp4ghw4k0fkwp0s04zv8k8d473p1snmbh7mx98"))))- (inputs- `(("openssl" ,openssl-1.0))) ; for openssl/{bn,pem,rsa,sha}.h- (build-system gnu-build-system)- (arguments- `(#:make-flags (list (string-append "CC=" ,(cc-for-target))- (string-append "PREFIX=" (assoc-ref %outputs "out"))- (string-append "INSTALL=" "install"))- ;; XXX: make test would run a !VERY! long hashing of names with the use- ;; of a wordlist, the amount of computing time this would waste on build- ;; servers is in no relation to the size or importance of this small- ;; application, therefore we run our own tests on eschalot and worgen.- #:phases- (modify-phases %standard-phases- (delete 'configure)- (replace 'check- (lambda _- (invoke "./worgen" "8-12" "top1000.txt" "3-10" "top400nouns.txt"- "3-6" "top150adjectives.txt" "3-6")- (invoke "./eschalot" "-r" "^guix|^guixsd")- (invoke "./eschalot" "-r" "^gnu|^free")- (invoke "./eschalot" "-r" "^cyber|^hack")- (invoke "./eschalot" "-r" "^troll")))- ;; Make install can not create the bin dir, create it.- (add-before 'install 'create-bin-dir- (lambda* (#:key outputs #:allow-other-keys)- (let* ((out (assoc-ref outputs "out"))- (bin (string-append out "/bin")))- (mkdir-p bin)- #t))))))- (home-page "https://github.com/schnabear/eschalot")- (synopsis "Tor hidden service name generator")- (description- "Eschalot is a tor hidden service name generator, it allows one to-produce customized vanity .onion addresses using a brute-force method. Searches-for valid names can be run with regular expressions and wordlists. For the-generation of wordlists the included tool @code{worgen} can be used. There is-no man page, refer to the home page for usage details.")- (license (list license:isc license:expat)))))- (define-public ssss (package (name "ssss")-- 2.32.0
L
L
Leo Famulari wrote on 4 Aug 03:20 +0200
[PATCH 5/6] gnu: Remove psyclpc.
(address . 49859@debbugs.gnu.org)
cce346e3f56b2eeb0c68db54630d638f87dceb87.1628040049.git.leo@famulari.name
As discussed in https://bugs.gnu.org/46602, psyclpc does not support acurrent release of OpenSSL.
* gnu/packages/messaging.scm (psyclpc): Remove variable.--- gnu/packages/messaging.scm | 73 -------------------------------------- 1 file changed, 73 deletions(-)
Toggle diff (86 lines)diff --git a/gnu/packages/messaging.scm b/gnu/packages/messaging.scmindex e5ecdb8894..3aa386ed6d 100644--- a/gnu/packages/messaging.scm+++ b/gnu/packages/messaging.scm@@ -1839,79 +1839,6 @@ including psyced.") (synopsis "PSYC library in C") (license license:agpl3+))) -;; This commit removes the historic bundled pcre and makes psyclpc reproducible.-(define-public psyclpc- (let* ((commit "61cf9aa81297085e5c40170fd01221c752f8deba")- (revision "2"))- (package- (name "psyclpc")- (version (string-append "20160821-" revision "." (string-take commit 7)))- (source (origin- (method git-fetch)- (uri (git-reference- (url "git://git.psyced.org/git/psyclpc")- (commit commit)))- (file-name (string-append name "-" version "-checkout"))- (sha256- (base32- "1viwqymbhn3cwvx0zl58rlzl5gw47zxn0ldg2nbi55ghm5zxl1z5"))))- (build-system gnu-build-system)- (arguments- `(#:tests? #f ; There are no tests/checks.- #:configure-flags- ;; If you have questions about this part, look at- ;; "src/settings/psyced" and the ebuild.- (list- "--enable-use-tls=yes"- "--enable-use-mccp" ; Mud Client Compression Protocol, leave this enabled.- (string-append "--prefix="- (assoc-ref %outputs "out"))- ;; src/Makefile: Set MUD_LIB to the directory which contains- ;; the mud data. defaults to MUD_LIB = @libdir@- (string-append "--libdir="- (assoc-ref %outputs "out")- "/opt/psyced/world")- (string-append "--bindir="- (assoc-ref %outputs "out")- "/opt/psyced/bin")- ;; src/Makefile: Set ERQ_DIR to directory which contains the- ;; stuff which ERQ can execute (hopefully) savely. Was formerly- ;; defined in config.h. defaults to ERQ_DIR= @libexecdir@- (string-append "--libexecdir="- (assoc-ref %outputs "out")- "/opt/psyced/run"))- #:phases- (modify-phases %standard-phases- (add-before 'configure 'chdir-to-src- ;; We need to pass this as env variables- ;; and manually change the directory.- (lambda _- (chdir "src")- (setenv "CONFIG_SHELL" (which "sh"))- (setenv "SHELL" (which "sh"))- #t)))- #:make-flags (list "install-all")))- (inputs- `(("zlib" ,zlib)- ("openssl" ,openssl-1.0)- ("pcre" ,pcre)))- (native-inputs- `(("pkg-config" ,pkg-config)- ("bison" ,bison)- ("gettext" ,gettext-minimal)- ("help2man" ,help2man)- ("autoconf" ,autoconf)- ("automake" ,automake)))- (home-page "http://lpc.psyc.eu/")- (synopsis "psycLPC is a multi-user network server programming language")- (description- "LPC is a bytecode language, invented to specifically implement-multi user virtual environments on the internet. This technology is used for-MUDs and also the psyced implementation of the Protocol for SYnchronous-Conferencing (PSYC). psycLPC is a fork of LDMud with some new features and-many bug fixes.")- (license license:gpl2))))- (define-public loudmouth (package (name "loudmouth")-- 2.32.0
L
L
Leo Famulari wrote on 4 Aug 03:20 +0200
[PATCH 6/6] gnu: Remove tlsdate.
(address . 49859@debbugs.gnu.org)
0498f753e60dc28c5c82b9f8c331db307a67f8c0.1628040049.git.leo@famulari.name
As discussed in https://bugs.gnu.org/46602, tlsdate does not support acurrent release of OpenSSL.
* gnu/packages/ntp.scm (tlsdate): Remove variable.--- gnu/packages/ntp.scm | 51 -------------------------------------------- 1 file changed, 51 deletions(-)
Toggle diff (61 lines)diff --git a/gnu/packages/ntp.scm b/gnu/packages/ntp.scmindex 191eedd158..55b9a73b22 100644--- a/gnu/packages/ntp.scm+++ b/gnu/packages/ntp.scm@@ -216,54 +216,3 @@ secure, easy to configure, and accurate enough for most purposes, so it's more minimalist than ntpd.") ;; A few of the source files are under bsd-3. (license (list l:isc l:bsd-3))))--(define-public tlsdate- (package- (name "tlsdate")- (version "0.0.13")- (home-page "https://github.com/ioerror/tlsdate")- (source (origin- (method git-fetch)- (uri (git-reference- (commit (string-append "tlsdate-" version))- (url home-page)))- (sha256- (base32- "0w3v63qmbhpqlxjsvf4k3zp90k6mdzi8cdpgshan9iphy1f44xgl"))- (file-name (string-append name "-" version "-checkout"))))- (build-system gnu-build-system)- (arguments- `(;; Disable seccomp when it's not supported--e.g., on aarch64. See- ;; 'src/seccomp.c' for the list of supported systems.- #:configure-flags ,(if (any (lambda (system)- (string-contains (or- (%current-target-system)- (%current-system))- system))- '("x86_64" "i686" "arm"))- ''()- ''("--disable-seccomp-filter"))-- #:phases (modify-phases %standard-phases- (add-after 'unpack 'autogen- (lambda _- ;; The ancestor of 'SOURCE_DATE_EPOCH'; it contains the- ;; date that is recorded in binaries. It must be a- ;; "recent date" since it is used to detect bogus dates- ;; received from servers.- (setenv "COMPILE_DATE" (number->string 1530144000))- (invoke "sh" "autogen.sh"))))))- (inputs `(("openssl" ,openssl-1.0)- ("libevent" ,libevent)))- (native-inputs `(("pkg-config" ,pkg-config)- ("autoconf" ,autoconf)- ("automake" ,automake)- ("libtool" ,libtool)))- (synopsis "Extract remote time from TLS handshakes")- (description- "@command{tlsdate} sets the local clock by securely connecting with TLS-to remote servers and extracting the remote time out of the secure handshake.-Unlike ntpdate, @command{tlsdate} uses TCP, for instance connecting to a-remote HTTPS or TLS enabled service, and provides some protection against-adversaries that try to feed you malicious time information.")- (license l:bsd-3)))-- 2.32.0
L
L
Leo Famulari wrote on 4 Aug 03:29 +0200
Re: Remove packages that depend on unsupported old OpenSSL releases
(address . 49859@debbugs.gnu.org)
YQntlUpQ2VNVW1gO@jasmine.lan
My plan is to push these patches within 2 weeks.
J
J
Julien Lepiller wrote on 4 Aug 04:42 +0200
Re: [bug#49859] [PATCH 3/6] gnu: Remove adb and fastboot.
83DA07E5-55F3-4F1C-9C57-8957526A53B6@lepiller.eu
Gasp… do we have no other choice? Adb and fastboot are really useful to me.
Le 3 août 2021 21:20:46 GMT-04:00, Leo Famulari <leo@famulari.name> a écrit :
Toggle quote (127 lines)>As discussed in https://bugs.gnu.org/46602, this version of adb does>not support a current release of OpenSSL.>>* gnu/packages/android.scm (adb, fastboot): Remove variables.>---> gnu/packages/android.scm | 95 ----------------------------------------> 1 file changed, 95 deletions(-)>>diff --git a/gnu/packages/android.scm b/gnu/packages/android.scm>index eb538f6540..746a104d43 100644>--- a/gnu/packages/android.scm>+++ b/gnu/packages/android.scm>@@ -351,53 +351,6 @@ various Android core host applications.")> various Android core host applications.")> (license license:asl2.0)))> >-(define-public adb>- (package>- (name "adb")>- (version (android-platform-version))>- (source (android-platform-system-core version))>- (build-system android-ndk-build-system)>- (arguments>- `(#:tests? #f ; Test failure: sysdeps_poll.fd_count>- #:make-flags>- (list "CFLAGS=-Wno-error">- "CXXFLAGS=-fpermissive -Wno-error -std=gnu++14 -D_Nonnull= -D_Nullable= -I .">- (string-append "LDFLAGS=-Wl,-rpath=" (assoc-ref %outputs "out") "/lib ">- "-Wl,-rpath=" (assoc-ref %build-inputs "openssl") "/lib -L ."))>- #:phases>- (modify-phases %standard-phases>- (add-after 'unpack 'enter-source>- (lambda _ (chdir "adb") #t))>- (add-after 'enter-source 'glibc-compat>- (lambda _>- ;; Include sysmacros.h for "major" and "minor" in Glibc 2.28.>- (substitute* "usb_linux.cpp">- (("#include <sys/types.h>" all)>- (string-append all "\n#include <sys/sysmacros.h>\n")))>- #t))>- (add-after 'enter-source 'make-libs-available>- (lambda* (#:key inputs outputs #:allow-other-keys)>- (substitute* "Android.mk">- (("libcrypto_static") "libcrypto"))>- #t))>- (add-after 'install 'install-headers>- (lambda* (#:key inputs outputs #:allow-other-keys)>- (install-file "diagnose_usb.h" (string-append (assoc-ref outputs "out") "/include"))>- #t)))))>- (inputs>- `(("android-libbase" ,android-libbase)>- ("android-libcutils" ,android-libcutils)>- ("android-liblog" ,android-liblog)>- ("openssl" ,openssl-1.0)))>- (home-page "https://developer.android.com/studio/command-line/adb.html")>- (synopsis "Android Debug Bridge")>- (description>- "@command{adb} is a versatile command line tool that lets you communicate>-with an emulator instance or connected Android device. It facilitates a variety>-of device actions, such as installing and debugging apps, and it provides access>-to a Unix shell that can run commands on the connected device or emulator.")>- (license license:asl2.0)))>-> (define-public mkbootimg> (package> (name "mkbootimg")>@@ -652,54 +605,6 @@ file system.")> (description "@code{android-libutils} provides utilities for Android NDK developers.")> (license license:asl2.0)))> >-(define-public fastboot>- (package>- (name "fastboot")>- (version (android-platform-version))>- (source (android-platform-system-core version))>- (build-system android-ndk-build-system)>- (arguments>- `(#:phases>- (modify-phases %standard-phases>- (add-after 'unpack 'enter-source>- (lambda _>- (chdir "fastboot")>- #t))>- (add-after 'enter-source 'patch-source>- (lambda _>- (substitute* "Android.mk">- (("libext4_utils_host") "libext4_utils_host libselinux libpcre"))>- #t))>- (replace 'install>- (lambda* (#:key outputs #:allow-other-keys)>- (let* ((out (assoc-ref outputs "out"))>- (lib (string-append out "/lib"))>- (bin (string-append out "/bin")))>- (install-file "fastboot" bin)>- #t))))))>- (inputs>- `(("adb" ,adb)>- ("android-safe-iop" ,android-safe-iop)>- ("android-ext4-utils" ,android-ext4-utils)>- ("android-f2fs-utils" ,android-f2fs-utils)>- ("android-libbase" ,android-libbase)>- ("android-libcutils" ,android-libcutils)>- ("android-liblog" ,android-liblog)>- ("android-libutils" ,android-libutils)>- ("android-libsparse" ,android-libsparse)>- ("android-libziparchive" ,android-libziparchive)>- ("android-libselinux" ,android-libselinux)>- ("pcre" ,pcre)>- ("mkbootimg" ,mkbootimg)>- ("zlib" ,zlib)))>- (native-inputs>- `(("xz" ,xz)))>- (home-page "https://developer.android.com/studio/command-line/")>- (synopsis "Android image flasher")>- (description>- "This package provides @command{fastboot}, a tool to upload file system images to Android devices.")>- (license license:asl2.0)))>-> (define-public android-udev-rules> (package> (name "android-udev-rules")>-- >2.32.0>>>>
Attachment: file
L
L
Leo Famulari wrote on 4 Aug 04:53 +0200
(name . Julien Lepiller)(address . julien@lepiller.eu)(address . 49859@debbugs.gnu.org)
YQoBD7/TqncxyRG4@jasmine.lan
On Tue, Aug 03, 2021 at 10:42:50PM -0400, Julien Lepiller wrote:
Toggle quote (2 lines)> Gasp… do we have no other choice? Adb and fastboot are really useful to me.
I think there must be a new version of adb that doesn't use the oldunsupported OpenSSL. Do you have time to check on that?
The unsupported OpenSSL version is the 1.0 series.
The supported version is 1.1.1.
Looking at android.scm, I see that our packages are based on the Git tag7.1.2_r36 from this repo:
https://android.googlesource.com/platform/system/core
J
J
Julien Lepiller wrote on 4 Aug 04:58 +0200
(name . Leo Famulari)(address . leo@famulari.name)(address . 49859@debbugs.gnu.org)
FCC37C95-6E9F-46C2-8A08-EF9CADB4CEE8@lepiller.eu
There are more recent versions, unfortunately this is the latest version we can support. Later versions use a different build system, soong, that require much more work. I have a wip for that, but it will need more work to be really useful and be able to build adb and fastboot.
Le 3 août 2021 22:53:03 GMT-04:00, Leo Famulari <leo@famulari.name> a écrit :
Toggle quote (14 lines)>On Tue, Aug 03, 2021 at 10:42:50PM -0400, Julien Lepiller wrote:>> Gasp… do we have no other choice? Adb and fastboot are really useful to me.>>I think there must be a new version of adb that doesn't use the old>unsupported OpenSSL. Do you have time to check on that?>>The unsupported OpenSSL version is the 1.0 series.>>The supported version is 1.1.1.>>Looking at android.scm, I see that our packages are based on the Git tag>7.1.2_r36 from this repo:>>https://android.googlesource.com/platform/system/core
Attachment: file
L
L
Leo Famulari wrote on 4 Aug 05:01 +0200
(name . Julien Lepiller)(address . julien@lepiller.eu)(address . 49859@debbugs.gnu.org)
YQoDA7UrMBzBPQse@jasmine.lan
On Tue, Aug 03, 2021 at 10:53:03PM -0400, Leo Famulari wrote:
Toggle quote (3 lines)> Looking at android.scm, I see that our packages are based on the Git tag> 7.1.2_r36 from this repo:
I checked the license for 'libcrypto.so' on my phone, which is onAndroid 11. And they are not even using OpenSSL anymore, but insteadBoringSSL. So, maybe there is some intermediate version of Androidbetween 7 and 11 that uses OpenSSL 1.1.1 (released September 2018).
https://boringssl.googlesource.com/boringssl/
Or, maybe we can move these packages (openssl-1.0 and these Android 7packages) to guix-past. Or maybe someone has some other ideas.
L
L
Leo Famulari wrote on 4 Aug 05:21 +0200
(name . Julien Lepiller)(address . julien@lepiller.eu)(address . 49859@debbugs.gnu.org)
YQoHsO+cSPwRamQi@jasmine.lan
On Tue, Aug 03, 2021 at 10:58:46PM -0400, Julien Lepiller wrote:
Toggle quote (2 lines)> There are more recent versions, unfortunately this is the latest version we can support. Later versions use a different build system, soong, that require much more work. I have a wip for that, but it will need more work to be really useful and be able to build adb and fastboot.
I see. Well, the packages could be moved to guix-past for now. Let'swait and see what others have to say.
This version of OpenSSL became unsupported at the end of 2019.
L
L
Leo Famulari wrote on 4 Aug 18:29 +0200
(name . Julien Lepiller)(address . julien@lepiller.eu)(address . 49859@debbugs.gnu.org)
YQrAViNOKnI4nG+4@jasmine.lan
On Tue, Aug 03, 2021 at 11:21:20PM -0400, Leo Famulari wrote:
Toggle quote (6 lines)> On Tue, Aug 03, 2021 at 10:58:46PM -0400, Julien Lepiller wrote:> > There are more recent versions, unfortunately this is the latest version we can support. Later versions use a different build system, soong, that require much more work. I have a wip for that, but it will need more work to be really useful and be able to build adb and fastboot.> > I see. Well, the packages could be moved to guix-past for now. Let's> wait and see what others have to say.
I got more feedback on #guix IRC that we should not remove adb /fastboot, because it's an important tool for freeing Androidsmartphones.
Is there a reason we shouldn't use guix-past to hold these packages?
E
E
Efraim Flashner wrote on 5 Aug 10:11 +0200
(name . Leo Famulari)(address . leo@famulari.name)
YQudScMrlKJ3DFtC@3900XT
On Wed, Aug 04, 2021 at 12:29:10PM -0400, Leo Famulari wrote:
Toggle quote (14 lines)> On Tue, Aug 03, 2021 at 11:21:20PM -0400, Leo Famulari wrote:> > On Tue, Aug 03, 2021 at 10:58:46PM -0400, Julien Lepiller wrote:> > > There are more recent versions, unfortunately this is the latest version we can support. Later versions use a different build system, soong, that require much more work. I have a wip for that, but it will need more work to be really useful and be able to build adb and fastboot.> > > > I see. Well, the packages could be moved to guix-past for now. Let's> > wait and see what others have to say.> > I got more feedback on #guix IRC that we should not remove adb /> fastboot, because it's an important tool for freeing Android> smartphones.> > Is there a reason we shouldn't use guix-past to hold these packages?>
I'm in favor of moving openssl-1.0 to guix-past, it's the perfect typeof package to go there. Upstream has declared it dead and no one isgoing to touch it. Similar to how qt-4 moved there a few months ago.
ADB and fastboot are still useful, and (ignoring some networking optionsthey apparently have) are localhost only. I'd rather leave them both fornow with an eye to shoehorning in an updated version somehow, hidingopenssl-1.0, and adding a note to remove it as soon as nothing needs itanymore.
-- Efraim Flashner <efraim@flashner.co.il> אפרים פלשנרGPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351Confidentiality cannot be guaranteed on emails sent or received unencrypted
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAmELnUcACgkQQarn3Mo9g1GzCBAAsrXGOMYQxUdlh9FiYjgGn4+eEdnOWbmtkjfSlEZd9OdA0sMXyLXT8tER25IhW3hmBbwrkHo6ftTmWR/K865PL5L00idVpqe/HG+hW0NZva4YIQMbvYxB59wnlQsHp4cS2+6ASDgYzVMjIR37TcNvu2FrgOrmucmP+BAOQgfYNKEWhA/LNd84IspvZZf4HDshVZZLxygXOL4AW0p3KVbeTGmor9yLQ19TQhDbWQrGcbgfqDA9Q+1ilf2o2T66XSArOk+43L3tboXU4M6wJa2En36dwgbCpf/TaQsUwnKdMOreXGBBTlyj3mUJN3gLXRgTfpf8qsldm+2hsmAp3uBt/jHEi8enJowCMHlT6dMmt89GQVQNTIcvcegl2ATyR349uHXxvBE80Js3FMkjkboWc3p+J7eXYJquLrVFpzLzHOQnCHuJQZV4kgcwwnoia/v3jOLznPr+bVrXu5KitfzNVWyCUqau5ieiDoJwkRXGOnM3VBiXjNsg9HE/XR9WT6ydXttfyHOO6Xa1mRukLR0t8F0X+tceGojk+ESPlDGSNZMTtGJwQWYQlS7Sx9HsrW5qW0r0GPbuVTFPzKRrO/2pBxiM7VUHa7DxnGJD9sFpaRJf8hUT7/YdHEks22ruFVVaFmifvSBYAkh70cox6yKUah2bb5g6yGOQ3abhg7sRJl8==xfO7-----END PGP SIGNATURE-----

L
L
Ludovic Courtès wrote on 11 Aug 16:08 +0200
Re: bug#49859: Remove packages that depend on unsupported old OpenSSL releases
(name . Efraim Flashner)(address . efraim@flashner.co.il)
877dgsm5uy.fsf_-_@gnu.org
Hi,
Efraim Flashner <efraim@flashner.co.il> skribis:
Toggle quote (4 lines)> I'm in favor of moving openssl-1.0 to guix-past, it's the perfect type> of package to go there. Upstream has declared it dead and no one is> going to touch it. Similar to how qt-4 moved there a few months ago.
Agreed. However…
Toggle quote (6 lines)> ADB and fastboot are still useful, and (ignoring some networking options> they apparently have) are localhost only. I'd rather leave them both for> now with an eye to shoehorning in an updated version somehow, hiding> openssl-1.0, and adding a note to remove it as soon as nothing needs it> anymore.
… this means we need to keep openssl 1.0, hidden, in Guix proper. Thatsounds like a reasonable option to me. Leo’s approach of progressivelyremoving anything that depends on it sounds good to me nevertheless, butit’s good that we can weigh the pros and cons for each candidate.
Julien said upgrading ADB/fastboot is not an option, at least not now.
Another option would be to patch ADB so it can use OpenSSL 1.1.Hopefully the changes can be relatively simple and isolated. Worthtrying?
Ludo’.
G
G
Giovanni Biscuolo wrote on 11 Aug 17:18 +0200
Re: [bug#49859] Remove packages that depend on unsupported old OpenSSL releases
87k0ksf1rl.fsf@xelera.eu
Hi,
Ludovic Courtès <ludo@gnu.org> writes:
[...]
Toggle quote (4 lines)> Another option would be to patch ADB so it can use OpenSSL 1.1.> Hopefully the changes can be relatively simple and isolated. Worth> trying?
AFAIU Debian was applying this patch:https://sources.debian.org/patches/android-platform-system-core/1:7.0.0+r33-1/adb_libssl_11.diff/
in the adb package ver 1:7.0.0+r33-1
OpenWRT was (is?) applying this (more "invasive") patch:https://github.com/openwrt/openwrt/pull/971/files
I'll try the Debian one and send a patch if I succeed.
Thanks! Gio'
-- Giovanni Biscuolo
Xelera IT Infrastructures
-----BEGIN PGP SIGNATURE-----
iQJABAEBCgAqFiEERcxjuFJYydVfNLI5030Op87MORIFAmET6k8MHGdAeGVsZXJhLmV1AAoJENN9DqfOzDkS240P/0Fb3BEjZ6mCM1JsgrxhtPqDj0HJ7ZajNsNyD6C7pj/wW+Kq/LrnnaMMqEMuTfy08usENtBKVsjkrCo4mS0OAnyTAc6FD24HSkvMQtqxylA1CaMFdmKd+FVeBRD5PL9pYqAoso83b2JkiL68o9Rn7UBHb4lgHr47IHHEKzwDy+gjmn7mpU+ORd8Vgona00aXCAk4Cceue57CeUqzniff6dihPMb3snswhW9cHDuws+0nyRx0RnbuTQABgR/pqfHEmWhMiTM/e95XER94DzX6EGQl05z66f3MtLEWgeOIbtoBZj4SW57IXF9Nd0p3SqMjX+wDI84eKb3W37j6SQA2xi1/Dq8QB2ppxrERbJCjqaAqc9GlqELtQ1SbgKtZ1gX2WTrpDsMcKYz+xCExK2ayFHMA1Y/WQ9Rvmkzqh+Y+4kklteKYa36z+NlsdBx1qUQJXqzCX2vg6FAAL+h4PUO9yya/zGux6Px10DL4S/IL0vbGknztSmJNDEc9nj/mD2OxmX0G1lvf+DIwlvFfaZC64pmvxOFfU50oSsrlJHXE6+J950IjMo/c+Lahpu75uB8Unvc70lPBvi5gzQMooEmdY3uaZIEt+59j2lyQjJVlxCaOxJiUDjvYOE1rutSA8VfoWzdPhMqVfRA03zX3dxcpw+6KEa+G6FsjwgjQoqGmtkuj=PRmF-----END PGP SIGNATURE-----
L
L
Leo Famulari wrote on 11 Aug 19:52 +0200
(name . Giovanni Biscuolo)(address . g@xelera.eu)
YRQOXXauAu5aY+t6@jasmine.lan
On Wed, Aug 11, 2021 at 05:18:38PM +0200, Giovanni Biscuolo wrote:
Toggle quote (20 lines)> Hi,> > Ludovic Court�s <ludo@gnu.org> writes:> > [...]> > > Another option would be to patch ADB so it can use OpenSSL 1.1.> > Hopefully the changes can be relatively simple and isolated. Worth> > trying?> > AFAIU Debian was applying this patch:> https://sources.debian.org/patches/android-platform-system-core/1:7.0.0+r33-1/adb_libssl_11.diff/> > in the adb package ver 1:7.0.0+r33-1> > OpenWRT was (is?) applying this (more "invasive") patch:> https://github.com/openwrt/openwrt/pull/971/files> > I'll try the Debian one and send a patch if I succeed.
Awesome, thanks! Let us know how it goes. I'll proceed with hidingopenssl-1.0 and removing the other packages (not adb or fastboot) in themeantime.
L
L
Leo Famulari wrote on 11 Aug 19:58 +0200
(no subject)
(address . control@debbugs.gnu.org)
YRQPz0Hj/SRPoJ/F@jasmine.lan
block 46602 with 49859
P
P
Pierre Langlois wrote on 11 Aug 20:13 +0200
Re: [bug#49859] [PATCH 3/6] gnu: Remove adb and fastboot.
(name . Julien Lepiller)(address . julien@lepiller.eu)
87a6lnonfi.fsf@gmx.com
Hi Julien and Leo,
Julien Lepiller <julien@lepiller.eu> writes:
Toggle quote (3 lines)> There are more recent versions, unfortunately this is the latest version we can support. Later versions use a different build system, soong, that require much more work. I have a wip for that, but it will need more work to be really useful and be able to build adb and> fastboot.
Recently I noticed this repository, by looking at how Archlinux managedto package newer versions of adb/fastboot: https://github.com/nmeum/android-tools
I wonder if using it is something you've considered? Using submodules togather all the sources isn't very guix-y, but at least it's using cmakeso we wouldn't need to package Android build tools.
Just thought I'd make sure we're aware this exists! I too would be saidto see adb/fastboot go away :-).
Thanks,Pierre
-----BEGIN PGP SIGNATURE-----
iQFMBAEBCgA2FiEEctU9gYy29KFyWDdMqPyeRH9PfVQFAmEUFGEYHHBpZXJyZS5sYW5nbG9pc0BnbXguY29tAAoJEKj8nkR/T31URSwH+QHmxED+Rr+YL/gaRdFJldNPVlU07g86LHLv0fxxKLax8jXDi8m4kWjFA31cL2HHlDUQ24OgsJ/fXQ0HcIu8d9crfAz/6PSFBaNySzfpCnGIF/QD7cyXEmLGe2EEFDyYAXLXDu3euCa/ipBCG90W2wiHTq4qnDGh05RCwizRxbc6UwCmiPaqRDLnUNYrqrgXdjeKDIARorDrYwF3V3f4nOP1fCRtE0LLN1kc1PiLGihNBuDgZX9tumvgJAXhriyG6VFy+moQWQ9U9yKz3T9lB6PTLOwmDmv1H+ZO3OR3AY6OmfuyBTU41XjDAyYjmyMiwz6SUHPsv0QQuSi9C5KO2Po==hnm0-----END PGP SIGNATURE-----
G
G
Giovanni Biscuolo wrote on 12 Aug 19:24 +0200
Re: [bug#49859] Remove packages that depend on unsupported old OpenSSL releases
87a6lmfuen.fsf@xelera.eu
Hi Leo,
Leo Famulari <leo@famulari.name> writes:
[...]
Toggle quote (12 lines)>> AFAIU Debian was applying this patch:>> https://sources.debian.org/patches/android-platform-system-core/1:7.0.0+r33-1/adb_libssl_11.diff/>> >> in the adb package ver 1:7.0.0+r33-1>> >> OpenWRT was (is?) applying this (more "invasive") patch:>> https://github.com/openwrt/openwrt/pull/971/files>> >> I'll try the Debian one and send a patch if I succeed.>> Awesome, thanks! Let us know how it goes.
It seems I did it! :-D (fortunately it was really easy)
I sent a patch as bug#50029.
AFAIU the adb patch also fixes the issue with fastboot, since fastbootdoes not directly depend on openssl but indirectly via adb andandroid-libselinux that already have openssl (1.1) as input: right?
Toggle quote (3 lines)> I'll proceed with hiding openssl-1.0 and removing the other packages> (not adb or fastboot) in the meantime.
Thank you and happy hacking!
Ciao, Gio'
-- Giovanni Biscuolo
Xelera IT Infrastructures
-----BEGIN PGP SIGNATURE-----
iQJABAEBCgAqFiEERcxjuFJYydVfNLI5030Op87MORIFAmEVWVAMHGdAeGVsZXJhLmV1AAoJENN9DqfOzDkSGjwP/i5DsThMIhSyOUGrw2N6kjWef6srn0ne/fetBrBt0/wxhGO+rHwssbkk6oaJPeDx9Gg9WByChaKYzbcA852zHi38Z9FS3NcOj8rxsogEgZiA4BKrbohiOPIwEV3gaLQtuaxceVSFi4iuFKcukDDFtFGV8Ntk/QSGwfDElBG04N6MPrHJG0SddeqPz2LwZnFq7wNG+504+EOojfa1zNX2sq1k6b1to961seTIgUOrdkus/pUyz3SObKcrh2FKh78S4cG3J9ueI7myDkbpK7FJX2+GKklhWtXC4HxM09t9q/QN6ZzRI8Q5si3S5Bw5ypNlTwo8k4dBoEViFlGqNjPx7hiQcXzdT8smTAmb6CVYno2q0HlEODm4krYo670jQrgQnJ1vBiJjtRFhYu4/7Wdfb+8h4dBdBMeKy2ViE3wn2+NaTJ8Coy4ALuY2p+HISnq90iLFDpqyP9yBCto7OXJXQ18cKQ65FcULn/dTT6o06o1+6CG4uPo2YNHk9iwizqPUT2qtiVSc2NxpoPIsC2EotehfomM6wKBYx+JiqYKVBWazvewslQnCcUqqGWbPzRVB5QeP6p16/mQKJVX2t9tVkyQMW9ECjQz+diHs9SAq7pNIzyGaw0wPN1GIc9Oo4T8QBtnLtg64PzpYxeYxqCjd0tu2MEiUa6r9qvRr/TVtWz+D=H4eK-----END PGP SIGNATURE-----
L
L
Leo Famulari wrote on 16 Aug 00:10 +0200
(name . Giovanni Biscuolo)(address . g@xelera.eu)
YRmQxQGEoGO351p+@jasmine.lan
On Wed, Aug 11, 2021 at 01:52:29PM -0400, Leo Famulari wrote:
Toggle quote (4 lines)> Awesome, thanks! Let us know how it goes. I'll proceed with hiding> openssl-1.0 and removing the other packages (not adb or fastboot) in the> meantime.
Done as 12099eac1b161d364be923451d27d7d739d0f14d
Closed
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send email to 49859@debbugs.gnu.org