[bug#68410] [PATCH 1-2/2] gnu: Add libgda-5. gnu: sequeler: Use libgda-5 and granite-6.

unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / code / Atom feed

* [bug#68410] [PATCH 1-2/2] gnu: Add libgda-5. gnu: sequeler: Use libgda-5 and granite-6.
@ 2024-01-12 17:58 Alexandre Hannud Abdo
  0 siblings, 0 replies; only message in thread
From: Alexandre Hannud Abdo @ 2024-01-12 17:58 UTC (permalink / raw)
  To: 68410; +Cc: rg, liliana.prikler, maxim.cournoyer

[-- Attachment #1: Type: text/plain, Size: 0 bytes --]



[-- Attachment #2: 0001-gnu-Add-libgda-5.patch --]
[-- Type: text/x-patch, Size: 6121 bytes --]

From 18f9bc99e948430868cfc01a7f41c8885d0b653f Mon Sep 17 00:00:00 2001
Message-ID: <18f9bc99e948430868cfc01a7f41c8885d0b653f.1705081307.git.abdo@member.fsf.org>
From: Ale Abdo <abdo@member.fsf.org>
Date: Tue, 5 Dec 2023 00:59:14 +0100
Subject: [PATCH 1/2] gnu: Add libgda-5.

* gnu/packages/gnome.scm (libgda-5): New variable.

Bring back libgda at version 5, required by sequeler.
Adapt and apply patch for cve-2021-39359.

Change-Id: I152273ebe788029e596193912ed63a24f489eab6
---
 gnu/packages/gnome.scm                        | 90 +++++++++++++++++++
 .../patches/libgda-5-cve-2021-39359.patch     | 33 +++++++
 2 files changed, 123 insertions(+)
 create mode 100644 gnu/packages/patches/libgda-5-cve-2021-39359.patch

diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index b43e533769..86ca01f517 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -13242,6 +13242,96 @@ (define-public libgda
 your data.")
     (license license:lgpl2.1+)))
 
+
+;; This is required for 'sequeler which has not been ported to libgda-6 yet.
+(define-public libgda-5
+  (package
+    (name "libgda")
+    (version "5.2.10")
+    (source
+     (origin
+       (method git-fetch)
+       (uri (git-reference
+             (url "https://gitlab.gnome.org/GNOME/libgda.git/")
+             (commit (string-append "LIBGDA_" (string-replace-substring
+                                               version "." "_")))))
+       (file-name (git-file-name name version))
+       (sha256
+        (base32 "18rg773gq9v3cdywpmrp12c5xyp97ir9yqjinccpi22sksb1kl8a"))
+       (modules '((guix build utils)))
+       (snippet
+        ;; Remove the bundled sqlite, but keep its header because code relies
+        ;; on this header variant.
+        '(delete-file "libgda/sqlite/sqlite-src/sqlite3.c"))
+       (patches (search-patches "libgda-5-cve-2021-39359.patch"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:configure-flags '("--enable-system-sqlite" "--enable-vala")
+       ;; There's a race between check_cnc_lock and check_threaded_cnc
+       ;; in tests/multi-threading.
+       #:parallel-tests? #f
+       #:phases
+       (modify-phases %standard-phases
+         (add-after 'unpack 'fix-glade-install
+           (lambda _
+             (substitute* "configure.ac"
+               (("`\\$PKG_CONFIG --variable=catalogdir gladeui-2\\.0`")
+                "${datadir}/glade/catalogs")
+               (("`\\$PKG_CONFIG --variable=pixmapdir gladeui-2\\.0`")
+                "${datadir}/glade/pixmaps"))
+             #t))
+         (add-before 'check 'pre-check
+           (lambda* (#:key inputs #:allow-other-keys)
+             ;; Tests require a running X server.
+             (system "Xvfb :1 &")
+             (setenv "DISPLAY" ":1")
+             #t))
+         (add-after 'install 'symlink-glade-module
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let* ((shlib "libgda-ui-5.0.so")
+                    (out (assoc-ref outputs "out"))
+                    (out/lib (string-append out "/lib"))
+                    (moduledir (string-append out/lib "/glade/modules")))
+               (mkdir-p moduledir)
+               (symlink (string-append out/lib "/" shlib)
+                        (string-append moduledir "/" shlib))
+               #t))))))
+    (propagated-inputs
+     (list libxml2))           ; required by libgda-5.0.pc
+    (inputs
+     (list glib
+           glade3
+           gtk+
+           libsecret
+           libxslt
+           openssl
+           sqlite
+           vala))
+    (native-inputs
+     (list autoconf
+           autoconf-archive
+           automake
+           `(,glib "bin")
+           gnome-common
+           gobject-introspection
+           gtk-doc/stable
+           intltool
+           libtool
+           pkg-config
+           vala
+           which
+           xorg-server-for-tests
+           yelp-tools))
+    (home-page "https://gitlab.gnome.org/GNOME/libgda")
+    (synopsis "Uniform data access")
+    (description
+     "GNU Data Access (GDA) is an attempt to provide uniform access to
+different kinds of data sources (databases, information servers, mail spools,
+etc).  It is a complete architecture that provides all you need to access
+your data.")
+    (license license:lgpl2.1+)))
+
+
 (define-public gtranslator
   (package
     (name "gtranslator")
diff --git a/gnu/packages/patches/libgda-5-cve-2021-39359.patch b/gnu/packages/patches/libgda-5-cve-2021-39359.patch
new file mode 100644
index 0000000000..960eab7e4e
--- /dev/null
+++ b/gnu/packages/patches/libgda-5-cve-2021-39359.patch
@@ -0,0 +1,33 @@
+From bebdffb4de586fb43fd07ac549121f4b22f6812d Mon Sep 17 00:00:00 2001
+From: "Douglas R. Reno" <renodr@linuxfromscratch.org>
+Date: Mon, 18 Oct 2021 13:18:01 -0500
+Subject: [PATCH] Fix CVE-2021-39359 by forcing TLS certificate validation
+
+This was done by adding "ssl-use-system-ca-file", TRUE to the options
+for each soup_session_new_with_options() call that was made.
+
+Tested on Linux From Scratch 11.0 and Debian 11.
+
+Fixes #249
+---
+ providers/web/gda-web-provider.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/providers/web/gda-web-provider.c b/providers/web/gda-web-provider.c
+index cf8d14dc3..cc818895f 100644
+--- a/providers/web/gda-web-provider.c
++++ b/providers/web/gda-web-provider.c
+@@ -355,8 +355,8 @@ gda_web_provider_open_connection (GdaServerProvider *provider, GdaConnection *cn
+ 	g_rec_mutex_init (& (cdata->mutex));
+ 	cdata->server_id = NULL;
+ 	cdata->forced_closing = FALSE;
+-	cdata->worker_session = soup_session_sync_new ();
+-	cdata->front_session = soup_session_sync_new_with_options ("max-conns-per-host", 1, NULL);
++	cdata->worker_session = soup_session_new_with_options ("ssl-use-system-ca-file", TRUE, NULL);
++	cdata->front_session = soup_session_new_with_options ("max-conns-per-host", 1, "ssl-use-system-ca-file", TRUE, NULL);
+ 	if (use_ssl) {
+ 		server_url = g_string_new ("https://");
+ 		g_print ("USING SSL\n");
+-- 
+GitLab
+

base-commit: c4fa3e945eee84f0459760f3ba8232dec49bd1ba
-- 
2.41.0


[-- Attachment #3: 0002-gnu-sequeler-Use-libgda-5-and-granite-6.patch --]
[-- Type: text/x-patch, Size: 2226 bytes --]

From 2bb9072f5253529f08801a80380c7cd417e87721 Mon Sep 17 00:00:00 2001
Message-ID: <2bb9072f5253529f08801a80380c7cd417e87721.1705081307.git.abdo@member.fsf.org>
In-Reply-To: <18f9bc99e948430868cfc01a7f41c8885d0b653f.1705081307.git.abdo@member.fsf.org>
References: <18f9bc99e948430868cfc01a7f41c8885d0b653f.1705081307.git.abdo@member.fsf.org>
From: Ale Abdo <abdo@member.fsf.org>
Date: Tue, 5 Dec 2023 01:03:45 +0100
Subject: [PATCH 2/2] gnu: sequeler: Use libgda-5 and granite-6.

---
 gnu/packages/databases.scm | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm
index 564927c2a7..69d2249d71 100644
--- a/gnu/packages/databases.scm
+++ b/gnu/packages/databases.scm
@@ -5088,23 +5088,23 @@ (define-public sequeler
                (("gtk-update-icon-cache") "true")
                (("update-desktop-database") "true")))))))
     (native-inputs
-     `(;("appstream-glib" ,appstream-glib)  ; validation fails for lack of network
-       ("gettext-minimal" ,gettext-minimal)
-       ("glib:bin" ,glib "bin")             ; for glib-compile-resources
-       ("gtk+" ,gtk+ "bin")
-       ("pkg-config" ,pkg-config)
-       ("vala" ,vala)))
+     (list ; appstream-glib  ; validation fails for lack of network
+      gettext-minimal
+      `(,glib "bin")         ; for glib-compile-resources
+      `(,gtk+ "bin")
+      pkg-config
+      vala))
     (inputs
-     `(("glib" ,glib)
-       ("granite" ,granite)
-       ("gsettings-desktop-schemas" ,gsettings-desktop-schemas)
-       ("gtk+" ,gtk+)
-       ("gtksourceview-3" ,gtksourceview-3)
-       ("libgda" ,libgda)
-       ("libgee" ,libgee)
-       ("libsecret" ,libsecret)
-       ("libssh2" ,libssh2)
-       ("libxml2" ,libxml2)))
+     (list glib
+           granite-6
+           gsettings-desktop-schemas
+           gtk+
+           gtksourceview-3
+           libgda-5
+           libgee
+           libsecret
+           libssh2
+           libxml2))
     (synopsis "Friendly SQL Client")
     (description "Sequeler is a native Linux SQL client built in Vala and
 Gtk.  It allows you to connect to your local and remote databases, write SQL in
-- 
2.41.0


^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2024-01-12 17:59 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-01-12 17:58 [bug#68410] [PATCH 1-2/2] gnu: Add libgda-5. gnu: sequeler: Use libgda-5 and granite-6 Alexandre Hannud Abdo

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).