aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/gnupg.scm37
-rw-r--r--gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch67
3 files changed, 97 insertions, 8 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 5dec691d01..e3bf241c8e 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -596,6 +596,7 @@ dist_patch_DATA = \
%D%/packages/patches/gmp-faulty-test.patch \
%D%/packages/patches/gnome-tweak-tool-search-paths.patch \
%D%/packages/patches/gnucash-price-quotes-perl.patch \
+ %D%/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch \
%D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \
%D%/packages/patches/gobject-introspection-cc.patch \
%D%/packages/patches/gobject-introspection-girepository.patch \
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index befd29961c..4fc9f38521 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -217,14 +217,15 @@ compatible to GNU Pth.")
(define-public gnupg
(package
(name "gnupg")
- (version "2.1.18")
+ (version "2.1.19")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnupg/gnupg/gnupg-" version
".tar.bz2"))
+ (patches (search-patches "gnupg-2.1-fix-Y2038-test-failure.patch"))
(sha256
(base32
- "157rrv3ly9j2k0acz43nhiba5hfl6h7048jvj55wwqjmgsmnyk6h"))))
+ "1w4vccmb5l50lm4yrz9vkdj7whbfvzx543r55362kkj1aqgyvk26"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))
@@ -243,7 +244,11 @@ compatible to GNU Pth.")
("sqlite" ,sqlite)
("zlib" ,zlib)))
(arguments
- `(#:configure-flags '("--enable-gpg2-is-gpg")
+ `(#:configure-flags '("--enable-gpg2-is-gpg"
+ ;; Otherwise, the test suite looks for the `gpg`
+ ;; executable in its installation directory in
+ ;; /gnu/store before it has been installed.
+ "--enable-gnupg-builddir-envvar")
#:phases
(modify-phases %standard-phases
(add-before 'configure 'patch-paths
@@ -259,11 +264,27 @@ compatible to GNU Pth.")
(("/usr/bin/env gpgscm")
(string-append (getcwd) "/tests/gpgscm/gpgscm")))
#t))
- ;; If this variable is undefined, /bin/pwd is invoked.
- (add-before 'check 'set-gnupg-home
- (lambda _
- (setenv "GNUPGHOME" (getcwd))
- #t)))))
+ (add-before 'build 'patch-test-paths
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((coreutils (assoc-ref inputs "coreutils"))
+ (cat (string-append coreutils "/bin/cat"))
+ (pwd (string-append coreutils "/bin/pwd"))
+ (true (string-append coreutils "/bin/true"))
+ (false (string-append coreutils "/bin/false")))
+ (substitute* '("tests/inittests"
+ "tests/pkits/inittests"
+ "tests/Makefile"
+ "tests/pkits/common.sh"
+ "tests/pkits/Makefile"
+ )
+ (("/bin/pwd") pwd))
+ (substitute* "common/t-exectool.c"
+ (("/bin/cat") cat))
+ (substitute* "common/t-exectool.c"
+ (("/bin/true") true))
+ (substitute* "common/t-exectool.c"
+ (("/bin/false") false))
+ #t))))))
(home-page "https://gnupg.org/")
(synopsis "GNU Privacy Guard")
(description
diff --git a/gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch b/gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch
new file mode 100644
index 0000000000..b3a198c499
--- /dev/null
+++ b/gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch
@@ -0,0 +1,67 @@
+Fix a Y2038 test failure on systems where time_t is a signed 32-bit value:
+
+https://bugs.gnupg.org/gnupg/issue2988
+
+Patch copied from upstream source repository:
+
+https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=de3838372ae3cdecbd83eea2c53c8e2656d93052
+
+From de3838372ae3cdecbd83eea2c53c8e2656d93052 Mon Sep 17 00:00:00 2001
+From: Justus Winter <justus@g10code.com>
+Date: Tue, 7 Mar 2017 12:18:59 +0100
+Subject: [PATCH] tests: Avoid overflowing signed 32 bit time_t.
+
+* tests/openpgp/quick-key-manipulation.scm: Use expiration times in
+the year 2038 instead of 2105 to avoid overflowing 32 bit time_t.
+time_t is used internally to parse the expiraton time from the iso
+timestamp.
+
+GnuPG-bug-id: 2988
+Signed-off-by: Justus Winter <justus@g10code.com>
+---
+ tests/openpgp/quick-key-manipulation.scm | 15 +++++++++++----
+ 1 file changed, 11 insertions(+), 4 deletions(-)
+
+diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm
+index 10f0bfe21..08ef62613 100755
+--- a/tests/openpgp/quick-key-manipulation.scm
++++ b/tests/openpgp/quick-key-manipulation.scm
+@@ -125,8 +125,13 @@
+ (default default never)
+ (rsa "sign auth encr" "seconds=600") ;; GPGME uses this
+ (rsa "auth,encr" "2") ;; "without a letter, days is assumed"
+- (rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105"
+- (rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105"
++ ;; Sadly, the timestamp is truncated by the use of time_t on
++ ;; systems where time_t is a signed 32 bit value.
++ (rsa "sign" "2038-01-01") ;; unix millennium
++ (rsa "sign" "20380101T115500") ;; unix millennium
++ ;; Once fixed, we can use later timestamps:
++ ;; (rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105"
++ ;; (rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105"
+ (rsa sign "2d")
+ (rsa1024 sign "2w")
+ (rsa2048 encr "2m")
+@@ -157,7 +162,8 @@
+ (lambda (subkey)
+ (assert (= 1 (:alg subkey)))
+ (assert (string-contains? (:cap subkey) "s"))
+- (assert (time-matches? 4260207600 ;; 2105-01-01
++ (assert (time-matches? 2145916800 ;; 2038-01-01
++ ;; 4260207600 ;; 2105-01-01
+ (string->number (:expire subkey))
+ ;; This is off by 12h, but I guess it just
+ ;; choses the middle of the day.
+@@ -165,7 +171,8 @@
+ (lambda (subkey)
+ (assert (= 1 (:alg subkey)))
+ (assert (string-contains? (:cap subkey) "s"))
+- (assert (time-matches? 4260254100 ;; UTC 2105-01-01 11:55:00
++ (assert (time-matches? 2145959700 ;; UTC 2038-01-01 11:55:00
++ ;; 4260254100 ;; UTC 2105-01-01 11:55:00
+ (string->number (:expire subkey))
+ (minutes->seconds 5))))
+ (lambda (subkey)
+--
+2.12.0
+