summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/gnome.scm3
-rw-r--r--gnu/packages/patches/glib-networking-connection.patch51
3 files changed, 54 insertions, 1 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index b55382cc5d..158d157395 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -742,6 +742,7 @@ dist_patch_DATA = \
%D%/packages/patches/ghostscript-no-header-creationdate.patch \
%D%/packages/patches/giflib-make-reallocarray-private.patch \
%D%/packages/patches/glib-tests-timer.patch \
+ %D%/packages/patches/glib-networking-connection.patch \
%D%/packages/patches/glibc-CVE-2015-5180.patch \
%D%/packages/patches/glibc-CVE-2015-7547.patch \
%D%/packages/patches/glibc-CVE-2016-3075.patch \
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index 95bfcaf564..49872e6afe 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -2398,7 +2398,8 @@ library.")
name "-" version ".tar.xz"))
(sha256
(base32
- "0s006gs9nsq6mg31spqha1jffzmp6qjh10y27h0fxf1iw1ah5ymx"))))
+ "0s006gs9nsq6mg31spqha1jffzmp6qjh10y27h0fxf1iw1ah5ymx"))
+ (patches (search-patches "glib-networking-connection.patch"))))
(build-system meson-build-system)
(arguments
`(#:configure-flags '("-Dlibproxy_support=false")
diff --git a/gnu/packages/patches/glib-networking-connection.patch b/gnu/packages/patches/glib-networking-connection.patch
new file mode 100644
index 0000000000..f64b090ae5
--- /dev/null
+++ b/gnu/packages/patches/glib-networking-connection.patch
@@ -0,0 +1,51 @@
+https://gitlab.gnome.org/GNOME/glib-networking/issues/4
+https://gitlab.gnome.org/GNOME/glib-networking/commit/55daf3e5fd4bc9e4ebad1a9eab93f852dcbf527e.patch
+This ultimately rejected work-around should be removed with the next
+release, as the bug has supposedly been fixed for real.
+
+
+From 55daf3e5fd4bc9e4ebad1a9eab93f852dcbf527e Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <mcatanzaro@igalia.com>
+Date: Thu, 19 Jul 2018 11:16:35 -0500
+Subject: [PATCH] Fix intermittent failures in missing client private key test
+
+Because our APIs do nice things like encapsulating the TLS connection
+establishment, we have our test server writing to the client after
+establishing the TCP connection, because the TLS connection is
+established. It's fine in theory, but results in some weirdness like the
+server seeing its write having completed successfully before TLS
+connection establishment. Normally that's what happens and this test
+passes (server sees no error), but sometimes the server sees that the
+client has already failed and the test fails.
+
+This is unfortunate, and tricky to fix properly, so let's just remove
+the bad check. The point of the test is to ensure that the TLS
+connection is not established, and the client-side check is going to
+have to be sufficient, because rewriting the test to wait for the TLS
+connection to be established on the server side is quite tricky: my
+naive attempt resulted in both sides waiting forever on the other.
+
+P.S. At no point in this test does the server ever examine the client
+certificate. That's not quite what I expected when I added the test, but
+it's fine.
+
+Fixes #4
+---
+ tls/tests/connection.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/tls/tests/connection.c b/tls/tests/connection.c
+index 94645c3..390275d 100644
+--- a/tls/tests/connection.c
++++ b/tls/tests/connection.c
+@@ -1125,7 +1125,6 @@ test_client_auth_fail_missing_client_private_key (TestConnection *test,
+ g_main_loop_run (test->loop);
+
+ g_assert_error (test->read_error, G_TLS_ERROR, G_TLS_ERROR_CERTIFICATE_REQUIRED);
+- g_assert_no_error (test->server_error);
+ }
+
+ static void
+--
+2.18.1
+