guix_mirror_bot pushed a commit to branch gnome-team
in repository guix.
commit 80f4347426158cf50779d14f6811a3800933974d
Author: Maxim Cournoyer <[email protected]>
AuthorDate: Sun Dec 22 11:00:35 2024 +0900
gnu: gnutls: Streamline definition.
* gnu/packages/tls.scm (gnutls)[source] <patches>: Add
gnutls-no-which.patch.
[arguments] <#:configure-flags>: Do not build without p11-kit on
mips64el (debian has a package for it, it ought to work). Add
--with-zlib=link flag.
<#:phases>: Delete disable-failing-tests phase.
[native-inputs]: Remove which.
[propagated-inputs]: Do not avoid p11-kit on mips64el architecture.
* gnu/packages/patches/gnutls-no-which.patch: Add file.
* gnu/local.mk (dist_patch_DATA): Register it.
Change-Id: I6519b789896dba00de6a1af7a6f772906ce660c1
---
gnu/local.mk | 1 +
gnu/packages/patches/gnutls-no-which.patch | 92 ++++++++++++++++++++++++++++++
gnu/packages/tls.scm | 45 ++++-----------
3 files changed, 104 insertions(+), 34 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index c5d1253605..c327090186 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1511,6 +1511,7 @@ dist_patch_DATA =
\
%D%/packages/patches/gnupg-default-pinentry.patch \
%D%/packages/patches/gnupg-1-build-with-gcc10.patch \
%D%/packages/patches/gnutls-skip-trust-store-test.patch \
+ %D%/packages/patches/gnutls-no-which.patch \
%D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \
%D%/packages/patches/gobject-introspection-absolute-shlib-path-1.72.patch \
%D%/packages/patches/gobject-introspection-cc.patch \
diff --git a/gnu/packages/patches/gnutls-no-which.patch
b/gnu/packages/patches/gnutls-no-which.patch
new file mode 100644
index 0000000000..2d95739189
--- /dev/null
+++ b/gnu/packages/patches/gnutls-no-which.patch
@@ -0,0 +1,92 @@
+Upstream-status:
+
+diff --git a/tests/pkcs11-tool.sh b/tests/pkcs11-tool.sh
+index 2d650b52f..e64803fc3 100755
+--- a/tests/pkcs11-tool.sh
++++ b/tests/pkcs11-tool.sh
+@@ -64,7 +64,7 @@ if ! test -f "${SOFTHSM_MODULE}"; then
+ exit 77
+ fi
+
+-if [ -z "$(which pkcs11-tool 2>/dev/null)" ]; then
++if ! command -v pkcs11-tool >/dev/null; then
+ echo "Need pkcs11-tool from opensc package to run this test."
+ exit 77
+ fi
+diff --git a/tests/tpm2.sh b/tests/tpm2.sh
+index d48364c6c..a03945da8 100755
+--- a/tests/tpm2.sh
++++ b/tests/tpm2.sh
+@@ -29,22 +29,22 @@ if ! test -x "${CERTTOOL}"; then
+ exit 77
+ fi
+
+-if [ -z "$(which swtpm 2>/dev/null)" ]; then
++if ! command -v swtpm >/dev/null; then
+ echo "Need swtpm package to run this test."
+ exit 77
+ fi
+
+-if [ -z "$(which ncat 2>/dev/null)" ]; then
++if ! command -v ncat >/dev/null; then
+ echo "Need ncat from nmap-ncat package to run this test."
+ exit 77
+ fi
+
+-if [ -z "$(which tpm2_startup 2>/dev/null)" ]; then
++if ! command -v tpm2_startup >/dev/null; then
+ echo "Need tpm2_startup from tpm2-tools package to run this test."
+ exit 77
+ fi
+
+-if [ -z "$(which base64 2>/dev/null)" ]; then
++if ! command -v base64 >/dev/null; then
+ echo "Need the base64 tool to run this test."
+ exit 77
+ fi
+@@ -58,7 +58,7 @@ case `"$OPENSSL" version` in
+ ;;
+ esac
+
+-if [ -z "$(which tpm2tss-genkey 2>/dev/null)" ]; then
++if ! command -v tpm2tss-genkey >/dev/null; then
+ echo "Need tpm2tss-genkey from tpm2-tss-engine package to run this
test."
+ exit 77
+ fi
+diff --git a/tests/tpmtool_test.sh b/tests/tpmtool_test.sh
+index a14242808..962d571f6 100755
+--- a/tests/tpmtool_test.sh
++++ b/tests/tpmtool_test.sh
+@@ -28,27 +28,27 @@ if [ "$(id -u)" -ne 0 ]; then
+ exit 77
+ fi
+
+-if [ -z "$(which swtpm 2>/dev/null)" ]; then
++if ! command -v swtpm >/dev/null; then
+ echo "Need swtpm package to run this test."
+ exit 77
+ fi
+
+-if [ -z "$(which tcsd 2>/dev/null)" ]; then
++if ! command -v tcsd >/dev/null; then
+ echo "Need tcsd (TrouSerS) package to run this test."
+ exit 77
+ fi
+
+-if [ -z "$(which tpm_createek 2>/dev/null)" ]; then
++if ! command -v tpm_createek >/dev/null; then
+ echo "Need tpm_createek from tpm-tools package to run this test."
+ exit 77
+ fi
+
+-if [ -z "$(which ncat 2>/dev/null)" ]; then
++if ! command -v ncat >/dev/null; then
+ echo "Need ncat from nmap-ncat package to run this test."
+ exit 77
+ fi
+
+-if [ -z "$(which expect 2>/dev/null)" ]; then
++if ! command -v expect >/dev/null; then
+ echo "Need expect from expect package to run this test."
+ exit 77
+ fi
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 3f677e0db1..9b912949c4 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -217,7 +217,8 @@ living in the same process.")
(uri (string-append "mirror://gnupg/gnutls/v"
(version-major+minor version)
"/gnutls-" version ".tar.xz"))
- (patches (search-patches "gnutls-skip-trust-store-test.patch"))
+ (patches (search-patches "gnutls-no-which.patch"
+ "gnutls-skip-trust-store-test.patch"))
(sha256
(base32
"1v9090cbajf02cw01idfbp0cgmgjn5091ff1b96hqryi0bc17qb9"))))
@@ -234,7 +235,11 @@ living in the same process.")
(this-package-native-input "socat")))
#:configure-flags
- #~(cons*
+ #~(list
+ ;; dlopen (the default otherwise) doesn't work reliably on Guix
+ ;; due to its non-FHS nature and the lack of a global
+ ;; ld.so.cache file.
+ "--with-zlib=link"
;; GnuTLS doesn't consult any environment variables to specify
;; the location of the system-wide trust store. Instead it has a
;; configure-time option. Unless specified, its configure script
@@ -244,33 +249,9 @@ living in the same process.")
;; store is used, so each program has to provide its own
;; fallback, and users have to configure each program
;; independently. This seems suboptimal.
- "--with-default-trust-store-dir=/etc/ssl/certs"
-
- ;; The compression extensions dlopen compression libraries.
- ;; Give them the absolute file name to look for. (The variable
- ;; is called 'soname' but it's really the file name.)
- (string-append "gnutls_cv_soname_z="
- #$(this-package-input "zlib") "/lib/libz.so")
-
- (let ((system #$(or (%current-target-system)
- (%current-system))))
- (if (string-prefix? "mips64el" system)
- (list
- ;; FIXME: Temporarily disable p11-kit support since it is
- ;; not working on mips64el.
- "--without-p11-kit")
- '())))
-
+ "--with-default-trust-store-dir=/etc/ssl/certs")
#:phases
#~(modify-phases %standard-phases
- ;; fastopen.sh fails to connect to the server in the builder
- ;; environment (see:
- ;; https://gitlab.com/gnutls/gnutls/-/issues/1095).
- (add-after 'unpack 'disable-failing-tests
- (lambda _
- (substitute* "tests/fastopen.sh"
- (("^unset RETCODE")
- "exit 77\n")))) ;skip
#$@(if (target-ppc32?)
;; https://gitlab.com/gnutls/gnutls/-/issues/1354
;; Extend the test timeout from the default of 20 * 1000
@@ -292,7 +273,8 @@ living in the same process.")
"debug"
"doc")) ;4.1 MiB of man pages
(native-inputs
- (append (list pkg-config texinfo which
+ (append (list pkg-config
+ texinfo
util-linux) ;one test needs 'setsid'
(if (target-hurd?)
'()
@@ -303,12 +285,7 @@ living in the same process.")
(inputs (list libunistring zlib))
(propagated-inputs
;; These are all in the 'Requires.private' field of gnutls.pc.
- (append (list libtasn1 libidn2 nettle zlib)
- (let ((system (or (%current-target-system)
- (%current-system))))
- (if (string-prefix? "mips64el" system)
- '()
- (list p11-kit)))))
+ (list libtasn1 libidn2 p11-kit nettle zlib))
(home-page "https://gnutls.org";)
(synopsis "Transport layer security library")
(description
