[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
02/03: gnu: libsoup: Adjust to new GnuTLS certificate-check behavior.
From: |
Ludovic Courtès |
Subject: |
02/03: gnu: libsoup: Adjust to new GnuTLS certificate-check behavior. |
Date: |
Sat, 8 Jul 2017 10:40:23 -0400 (EDT) |
civodul pushed a commit to branch core-updates
in repository guix.
commit 2deb146f6d2f38aa121c51b3141c33790a734be5
Author: Ludovic Courtès <address@hidden>
Date: Sat Jul 8 16:38:26 2017 +0200
gnu: libsoup: Adjust to new GnuTLS certificate-check behavior.
* gnu/packages/gnome.scm (libsoup)[arguments]: Add #:modules.
In 'pre-check' phase, invoke 'certtool'.
[native-inputs]: Add GNUTLS.
---
gnu/packages/gnome.scm | 50 +++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 49 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index fb2d840..8d88829 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -2314,7 +2314,11 @@ libxml to ease remote use of the RESTful API.")
(build-system gnu-build-system)
(outputs '("out" "doc"))
(arguments
- `(#:configure-flags
+ `(#:modules ((guix build utils)
+ (guix build gnu-build-system)
+ (ice-9 popen))
+
+ #:configure-flags
(list (string-append "--with-html-dir="
(assoc-ref %outputs "doc")
"/share/gtk-doc/html")
@@ -2341,6 +2345,49 @@ libxml to ease remote use of the RESTful API.")
;; HTTPD in Guix uses mod_event and does not build prefork.
(substitute* "tests/httpd.conf"
(("^LoadModule mpm_prefork_module.*$") "\n"))
+
+ ;; Generate a self-signed certificate that has "localhost" as its
+ ;; 'dnsName'. Failing to do that, and starting with GnuTLS
+ ;; 3.5.12, tests such as "ssl-tests" fail:
+ ;;
+ ;; ERROR:ssl-test.c:406:do_tls_interaction_test: Unexpected
status 6 Unacceptable TLS certificate (expected 200 OK)
+ ;;
+ ;; 'certtool' is interactive so we have to pipe it the answers.
+ ;; Reported at
<https://bugzilla.gnome.org/show_bug.cgi?id=784696>.
+ (let ((pipe (open-output-pipe "certtool --generate-self-signed \
+ --load-privkey tests/test-key.pem --outfile tests/test-cert.pem")))
+ (for-each (lambda (line)
+ (display line pipe)
+ (newline pipe))
+ '("" ;Common name
+ "" ;UID
+ "Guix" ;Organizational unit name
+ "GNU" ;Organization name
+ "" ;Locality name
+ "" ;State or province
+ "" ;Country
+ "" ;subject's domain component (DC)
+ "" ;E-mail
+ "" ;serial number
+ "-1" ;expiration time
+ "N" ;belong to authority?
+ "N" ;web client certificate?
+ "N" ;IPsec IKE?
+ "Y" ;web server certificate?
+ "localhost" ;dnsName of subject
+ "" ;dnsName of subject (end)
+ "" ;URI of subject
+ "127.0.0.1" ;IP address of subject
+ "" ;signing?
+ "" ;encryption?
+ "" ;sign OCSP requests?
+ "" ;sign code?
+ "" ;time stamping?
+ "" ;email protection?
+ "" ;URI of the CRL distribution point
+ "y" ;above info OK?
+ ))
+ (close-pipe pipe))
#t))
(replace 'install
(lambda _
@@ -2360,6 +2407,7 @@ libxml to ease remote use of the RESTful API.")
;; These are needed for the tests.
;; FIXME: Add PHP once available.
("curl" ,curl)
+ ("gnutls" ,gnutls) ;for 'certtool'
("httpd" ,httpd)))
(propagated-inputs
;; libsoup-2.4.pc refers to all these.