diff options
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/packages/patches/p11-kit-jks-timestamps.patch | 42 | ||||
-rw-r--r-- | gnu/packages/tls.scm | 5 |
3 files changed, 46 insertions, 2 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index bf2b2cb4e4..7481b39007 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1104,6 +1104,7 @@ dist_patch_DATA = \ %D%/packages/patches/osip-CVE-2017-7853.patch \ %D%/packages/patches/ots-no-include-missing-file.patch \ %D%/packages/patches/owncloud-disable-updatecheck.patch \ + %D%/packages/patches/p11-kit-jks-timestamps.patch \ %D%/packages/patches/p7zip-CVE-2016-9296.patch \ %D%/packages/patches/p7zip-CVE-2017-17969.patch \ %D%/packages/patches/p7zip-remove-unused-code.patch \ diff --git a/gnu/packages/patches/p11-kit-jks-timestamps.patch b/gnu/packages/patches/p11-kit-jks-timestamps.patch new file mode 100644 index 0000000000..8cb8ed8684 --- /dev/null +++ b/gnu/packages/patches/p11-kit-jks-timestamps.patch @@ -0,0 +1,42 @@ +Fix test failures induced by setting the SOURCE_DATE_EPOCH variable. + +Taken from upstream: <https://github.com/p11-glue/p11-kit/pull/213>. + +From 2a474e1fe8f4bd8b4ed7622e5cf3b2718a202562 Mon Sep 17 00:00:00 2001 +From: Daiki Ueno <dueno@redhat.com> +Date: Mon, 28 Jan 2019 13:03:15 +0100 +Subject: [PATCH] extract-jks: Prefer _p11_extract_jks_timestamp to + SOURCE_DATE_EPOCH + +Give _p11_extract_jks_timestamp precedence over SOURCE_DATE_EPOCH so +that the test results are not affected by the envvar settings. +--- + trust/extract-jks.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/trust/extract-jks.c b/trust/extract-jks.c +index ad8dc35..a6f855f 100644 +--- a/trust/extract-jks.c ++++ b/trust/extract-jks.c +@@ -250,7 +250,9 @@ prepare_jks_buffer (p11_enumerate *ex, + * when this was this certificate was added to the keystore, however + * we don't have that information. Java uses time in milliseconds + */ +- { ++ if (_p11_extract_jks_timestamp) ++ now = _p11_extract_jks_timestamp; ++ else { + char *source_date_epoch; + source_date_epoch = secure_getenv ("SOURCE_DATE_EPOCH"); + if (source_date_epoch) { +@@ -276,9 +278,7 @@ prepare_jks_buffer (p11_enumerate *ex, + return false; + } + now = epoch; +- } else if (_p11_extract_jks_timestamp) +- now = _p11_extract_jks_timestamp; +- else ++ } else + now = time (NULL); + } + diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 864f55b2f8..84f71255fe 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -123,15 +123,16 @@ in intelligent transportation networks.") (define-public p11-kit (package (name "p11-kit") - (version "0.23.14") + (version "0.23.15") (source (origin (method url-fetch) (uri (string-append "https://github.com/p11-glue/p11-kit/releases/" "download/" version "/p11-kit-" version ".tar.gz")) + (patches (search-patches "p11-kit-jks-timestamps.patch")) (sha256 (base32 - "0w0dkq9388grbbn4bv2p55vy1j51f7nd9hzlc9gz4fbm4dnzmf8w")))) + "166pwj00cffv4qq4dvx0k53zka0b0r1fa0whc49007vsqyh3khgp")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) |