aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2017-07-08 16:38:26 +0200
committerLudovic Courtès <ludo@gnu.org>2017-07-08 16:39:40 +0200
commit2deb146f6d2f38aa121c51b3141c33790a734be5 (patch)
treece01eceabcc46f70ac5fffe629b2c6459f8a9313
parent26c228f9b49a4292e5bc288582167d175ce2e30b (diff)
downloadguix-2deb146f6d2f38aa121c51b3141c33790a734be5.tar
guix-2deb146f6d2f38aa121c51b3141c33790a734be5.tar.gz
gnu: libsoup: Adjust to new GnuTLS certificate-check behavior.
* gnu/packages/gnome.scm (libsoup)[arguments]: Add #:modules. In 'pre-check' phase, invoke 'certtool'. [native-inputs]: Add GNUTLS.
-rw-r--r--gnu/packages/gnome.scm50
1 files changed, 49 insertions, 1 deletions
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index fb2d840b5d..8d88829ec7 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -2314,7 +2314,11 @@ libxml to ease remote use of the RESTful API.")
(build-system gnu-build-system)
(outputs '("out" "doc"))
(arguments
- `(#:configure-flags
+ `(#:modules ((guix build utils)
+ (guix build gnu-build-system)
+ (ice-9 popen))
+
+ #:configure-flags
(list (string-append "--with-html-dir="
(assoc-ref %outputs "doc")
"/share/gtk-doc/html")
@@ -2341,6 +2345,49 @@ libxml to ease remote use of the RESTful API.")
;; HTTPD in Guix uses mod_event and does not build prefork.
(substitute* "tests/httpd.conf"
(("^LoadModule mpm_prefork_module.*$") "\n"))
+
+ ;; Generate a self-signed certificate that has "localhost" as its
+ ;; 'dnsName'. Failing to do that, and starting with GnuTLS
+ ;; 3.5.12, tests such as "ssl-tests" fail:
+ ;;
+ ;; ERROR:ssl-test.c:406:do_tls_interaction_test: Unexpected status 6 Unacceptable TLS certificate (expected 200 OK)
+ ;;
+ ;; 'certtool' is interactive so we have to pipe it the answers.
+ ;; Reported at <https://bugzilla.gnome.org/show_bug.cgi?id=784696>.
+ (let ((pipe (open-output-pipe "certtool --generate-self-signed \
+ --load-privkey tests/test-key.pem --outfile tests/test-cert.pem")))
+ (for-each (lambda (line)
+ (display line pipe)
+ (newline pipe))
+ '("" ;Common name
+ "" ;UID
+ "Guix" ;Organizational unit name
+ "GNU" ;Organization name
+ "" ;Locality name
+ "" ;State or province
+ "" ;Country
+ "" ;subject's domain component (DC)
+ "" ;E-mail
+ "" ;serial number
+ "-1" ;expiration time
+ "N" ;belong to authority?
+ "N" ;web client certificate?
+ "N" ;IPsec IKE?
+ "Y" ;web server certificate?
+ "localhost" ;dnsName of subject
+ "" ;dnsName of subject (end)
+ "" ;URI of subject
+ "127.0.0.1" ;IP address of subject
+ "" ;signing?
+ "" ;encryption?
+ "" ;sign OCSP requests?
+ "" ;sign code?
+ "" ;time stamping?
+ "" ;email protection?
+ "" ;URI of the CRL distribution point
+ "y" ;above info OK?
+ ))
+ (close-pipe pipe))
#t))
(replace 'install
(lambda _
@@ -2360,6 +2407,7 @@ libxml to ease remote use of the RESTful API.")
;; These are needed for the tests.
;; FIXME: Add PHP once available.
("curl" ,curl)
+ ("gnutls" ,gnutls) ;for 'certtool'
("httpd" ,httpd)))
(propagated-inputs
;; libsoup-2.4.pc refers to all these.