diff options
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/packages/gnupg.scm | 37 | ||||
-rw-r--r-- | gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch | 67 |
3 files changed, 97 insertions, 8 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 5dec691d01..e3bf241c8e 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -596,6 +596,7 @@ dist_patch_DATA = \ %D%/packages/patches/gmp-faulty-test.patch \ %D%/packages/patches/gnome-tweak-tool-search-paths.patch \ %D%/packages/patches/gnucash-price-quotes-perl.patch \ + %D%/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch \ %D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \ %D%/packages/patches/gobject-introspection-cc.patch \ %D%/packages/patches/gobject-introspection-girepository.patch \ diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm index befd29961c..4fc9f38521 100644 --- a/gnu/packages/gnupg.scm +++ b/gnu/packages/gnupg.scm @@ -217,14 +217,15 @@ compatible to GNU Pth.") (define-public gnupg (package (name "gnupg") - (version "2.1.18") + (version "2.1.19") (source (origin (method url-fetch) (uri (string-append "mirror://gnupg/gnupg/gnupg-" version ".tar.bz2")) + (patches (search-patches "gnupg-2.1-fix-Y2038-test-failure.patch")) (sha256 (base32 - "157rrv3ly9j2k0acz43nhiba5hfl6h7048jvj55wwqjmgsmnyk6h")))) + "1w4vccmb5l50lm4yrz9vkdj7whbfvzx543r55362kkj1aqgyvk26")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) @@ -243,7 +244,11 @@ compatible to GNU Pth.") ("sqlite" ,sqlite) ("zlib" ,zlib))) (arguments - `(#:configure-flags '("--enable-gpg2-is-gpg") + `(#:configure-flags '("--enable-gpg2-is-gpg" + ;; Otherwise, the test suite looks for the `gpg` + ;; executable in its installation directory in + ;; /gnu/store before it has been installed. + "--enable-gnupg-builddir-envvar") #:phases (modify-phases %standard-phases (add-before 'configure 'patch-paths @@ -259,11 +264,27 @@ compatible to GNU Pth.") (("/usr/bin/env gpgscm") (string-append (getcwd) "/tests/gpgscm/gpgscm"))) #t)) - ;; If this variable is undefined, /bin/pwd is invoked. - (add-before 'check 'set-gnupg-home - (lambda _ - (setenv "GNUPGHOME" (getcwd)) - #t))))) + (add-before 'build 'patch-test-paths + (lambda* (#:key inputs #:allow-other-keys) + (let* ((coreutils (assoc-ref inputs "coreutils")) + (cat (string-append coreutils "/bin/cat")) + (pwd (string-append coreutils "/bin/pwd")) + (true (string-append coreutils "/bin/true")) + (false (string-append coreutils "/bin/false"))) + (substitute* '("tests/inittests" + "tests/pkits/inittests" + "tests/Makefile" + "tests/pkits/common.sh" + "tests/pkits/Makefile" + ) + (("/bin/pwd") pwd)) + (substitute* "common/t-exectool.c" + (("/bin/cat") cat)) + (substitute* "common/t-exectool.c" + (("/bin/true") true)) + (substitute* "common/t-exectool.c" + (("/bin/false") false)) + #t)))))) (home-page "https://gnupg.org/") (synopsis "GNU Privacy Guard") (description diff --git a/gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch b/gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch new file mode 100644 index 0000000000..b3a198c499 --- /dev/null +++ b/gnu/packages/patches/gnupg-2.1-fix-Y2038-test-failure.patch @@ -0,0 +1,67 @@ +Fix a Y2038 test failure on systems where time_t is a signed 32-bit value: + +https://bugs.gnupg.org/gnupg/issue2988 + +Patch copied from upstream source repository: + +https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=de3838372ae3cdecbd83eea2c53c8e2656d93052 + +From de3838372ae3cdecbd83eea2c53c8e2656d93052 Mon Sep 17 00:00:00 2001 +From: Justus Winter <justus@g10code.com> +Date: Tue, 7 Mar 2017 12:18:59 +0100 +Subject: [PATCH] tests: Avoid overflowing signed 32 bit time_t. + +* tests/openpgp/quick-key-manipulation.scm: Use expiration times in +the year 2038 instead of 2105 to avoid overflowing 32 bit time_t. +time_t is used internally to parse the expiraton time from the iso +timestamp. + +GnuPG-bug-id: 2988 +Signed-off-by: Justus Winter <justus@g10code.com> +--- + tests/openpgp/quick-key-manipulation.scm | 15 +++++++++++---- + 1 file changed, 11 insertions(+), 4 deletions(-) + +diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm +index 10f0bfe21..08ef62613 100755 +--- a/tests/openpgp/quick-key-manipulation.scm ++++ b/tests/openpgp/quick-key-manipulation.scm +@@ -125,8 +125,13 @@ + (default default never) + (rsa "sign auth encr" "seconds=600") ;; GPGME uses this + (rsa "auth,encr" "2") ;; "without a letter, days is assumed" +- (rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105" +- (rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105" ++ ;; Sadly, the timestamp is truncated by the use of time_t on ++ ;; systems where time_t is a signed 32 bit value. ++ (rsa "sign" "2038-01-01") ;; unix millennium ++ (rsa "sign" "20380101T115500") ;; unix millennium ++ ;; Once fixed, we can use later timestamps: ++ ;; (rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105" ++ ;; (rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105" + (rsa sign "2d") + (rsa1024 sign "2w") + (rsa2048 encr "2m") +@@ -157,7 +162,8 @@ + (lambda (subkey) + (assert (= 1 (:alg subkey))) + (assert (string-contains? (:cap subkey) "s")) +- (assert (time-matches? 4260207600 ;; 2105-01-01 ++ (assert (time-matches? 2145916800 ;; 2038-01-01 ++ ;; 4260207600 ;; 2105-01-01 + (string->number (:expire subkey)) + ;; This is off by 12h, but I guess it just + ;; choses the middle of the day. +@@ -165,7 +171,8 @@ + (lambda (subkey) + (assert (= 1 (:alg subkey))) + (assert (string-contains? (:cap subkey) "s")) +- (assert (time-matches? 4260254100 ;; UTC 2105-01-01 11:55:00 ++ (assert (time-matches? 2145959700 ;; UTC 2038-01-01 11:55:00 ++ ;; 4260254100 ;; UTC 2105-01-01 11:55:00 + (string->number (:expire subkey)) + (minutes->seconds 5)))) + (lambda (subkey) +-- +2.12.0 + |