From: ng0 <ng0@infotropique.org>
To: 28170@debbugs.gnu.org
Subject: [bug#28170] Add gnutls/dane + use it where its needed (gnurl, libmicrohttpd, gnunet)
Date: Mon, 21 Aug 2017 09:57:26 +0000 [thread overview]
Message-ID: <20170821095726.qtf2ko526nup4yba@abyayala> (raw)
[-- Attachment #1.1: Type: text/plain, Size: 492 bytes --]
The dependency chain of GNUnet demands GnuTLS with DANE support.
You can use it without DANE, but there are certain parts which
will not work. DANE is recommended. (ports of FREEBSD uses
gnutls-dane for libmicrohttpd aswell for example).
The attached patches:
- Add 'gnutls/dane'
- Use it in
- libmicrohttpd
- gnurl
- gnunet
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://n0is.noblogs.org/my-keys
https://www.infotropique.org https://krosos.org
[-- Attachment #1.2: 0001-gnu-gnutls-Add-gnutls-dane.patch --]
[-- Type: text/plain, Size: 1883 bytes --]
From c9dedfd1a6f91d557006b00505a428be84102b1e Mon Sep 17 00:00:00 2001
From: ng0 <ng0@infotropique.org>
Date: Mon, 21 Aug 2017 09:28:51 +0000
Subject: [PATCH 1/4] gnu: gnutls: Add 'gnutls-dane'.
* gnu/packages/tls.scm (gnutls/dane): New variable.
---
gnu/packages/tls.scm | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 88c71a908..43c37690d 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -6,7 +6,7 @@
;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2015, 2016, 2017 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
-;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
+;;; Copyright © 2016, 2017 ng0 <ng0@infotropique.org>
;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;;
@@ -36,6 +36,7 @@
#:use-module (guix build-system cmake)
#:use-module (gnu packages compression)
#:use-module (gnu packages)
+ #:use-module (gnu packages dns)
#:use-module (gnu packages guile)
#:use-module (gnu packages libbsd)
#:use-module (gnu packages libffi)
@@ -253,6 +254,17 @@ required structures.")
(inputs `(("guile" ,guile-2.2)
,@(alist-delete "guile" (package-inputs gnutls))))))
+(define-public gnutls/dane
+ ;; GnuTLS with build libgnutls-dane, implementing DNS-based
+ ;; Authentication of Named Entities. This is required for GNS functionality
+ ;; by GNUnet and gnURL.
+ (package
+ (inherit gnutls)
+ (source (package-source gnutls-3.5.13))
+ (name "gnutls-dane")
+ (inputs `(("unbound" ,unbound)
+ ,@(package-inputs gnutls)))))
+
(define-public openssl
(package
(name "openssl")
--
2.14.1
[-- Attachment #1.3: 0002-gnu-gnurl-Use-gnutls-dane-as-input.patch --]
[-- Type: text/plain, Size: 966 bytes --]
From 54bde59405ccae78aa48f9cdd325b3280178408e Mon Sep 17 00:00:00 2001
From: ng0 <ng0@infotropique.org>
Date: Mon, 21 Aug 2017 09:38:55 +0000
Subject: [PATCH 2/4] gnu: gnurl: Use 'gnutls/dane' as input.
GNUnet and its dependency chain needs GnuTLS with DANE support.
* gnu/packages/gnunet.scm (gnurl)[inputs]: Replace gnutls with 'gnutls/dane'.
---
gnu/packages/gnunet.scm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gnu/packages/gnunet.scm b/gnu/packages/gnunet.scm
index 7ff1a3f6f..93aab2894 100644
--- a/gnu/packages/gnunet.scm
+++ b/gnu/packages/gnunet.scm
@@ -197,7 +197,7 @@ and support for SSL3 and TLS.")
(build-system gnu-build-system)
(outputs '("out"
"doc")) ; 1.5 MiB of man3 pages
- (inputs `(("gnutls" ,gnutls)
+ (inputs `(("gnutls" ,gnutls/dane)
("libidn" ,libidn)
("zlib" ,zlib)))
(native-inputs
--
2.14.1
[-- Attachment #1.4: 0003-gnu-libmicrohttpd-Use-gnutls-dane-as-input.patch --]
[-- Type: text/plain, Size: 937 bytes --]
From 6bdd32e899d955cb14980cf98a645204247528c4 Mon Sep 17 00:00:00 2001
From: ng0 <ng0@infotropique.org>
Date: Mon, 21 Aug 2017 09:45:54 +0000
Subject: [PATCH 3/4] gnu: libmicrohttpd: Use 'gnutls/dane' as input.
GNUnet and its dependency chain needs GnuTLS with DANE support.
* gnu/packages/gnunet.scm (libmicrohttpd)[inputs]: Replace gnutls with 'gnutls/dane'.
---
gnu/packages/gnunet.scm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gnu/packages/gnunet.scm b/gnu/packages/gnunet.scm
index 93aab2894..5d8d72fbb 100644
--- a/gnu/packages/gnunet.scm
+++ b/gnu/packages/gnunet.scm
@@ -155,7 +155,7 @@ tool to extract metadata from a file and print the results.")
(build-system gnu-build-system)
(inputs
`(("curl" ,curl)
- ("gnutls" ,gnutls)
+ ("gnutls" ,gnutls/dane)
("libgcrypt" ,libgcrypt)
("openssl" ,openssl)
("zlib" ,zlib)))
--
2.14.1
[-- Attachment #1.5: 0004-gnu-gnunet-Use-gnutls-dane-as-input.patch --]
[-- Type: text/plain, Size: 940 bytes --]
From 78ec8c48d225bddb51078b9ec57d6ff432598f53 Mon Sep 17 00:00:00 2001
From: ng0 <ng0@infotropique.org>
Date: Mon, 21 Aug 2017 09:48:32 +0000
Subject: [PATCH 4/4] gnu: gnunet: Use 'gnutls/dane' as input.
GNUnet and its dependency chain needs GnuTLS with DANE support.
* gnu/packages/gnunet.scm (gnunet)[inputs]: Replace gnutls with 'gnutls/dane'.
---
gnu/packages/gnunet.scm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gnu/packages/gnunet.scm b/gnu/packages/gnunet.scm
index 5d8d72fbb..83b0ba613 100644
--- a/gnu/packages/gnunet.scm
+++ b/gnu/packages/gnunet.scm
@@ -277,7 +277,7 @@ supports HTTP, HTTPS and GnuTLS.")
("gnurl" ,gnurl)
("gstreamer" ,gstreamer)
("gst-plugins-base" ,gst-plugins-base)
- ("gnutls" ,gnutls)
+ ("gnutls" ,gnutls/dane)
("libextractor" ,libextractor)
("libgcrypt" ,libgcrypt)
("libidn" ,libidn)
--
2.14.1
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next reply other threads:[~2017-08-21 9:59 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-21 9:57 ng0 [this message]
2017-09-30 11:26 ` [bug#28170] Add gnutls/dane + use it where its needed (gnurl, libmicrohttpd, gnunet) Christopher Baines
2017-09-30 12:23 ` ng0
2017-09-30 12:43 ` Christopher Baines
2017-09-30 14:01 ` ng0
2017-09-30 14:12 ` ng0
2017-09-30 14:34 ` Christopher Baines
2017-09-30 14:56 ` ng0
2017-09-30 15:01 ` ng0
2017-09-30 16:05 ` Christopher Baines
2017-09-30 16:36 ` ng0
2017-09-30 17:38 ` Christopher Baines
2017-10-01 9:52 ` bug#28170: " Christopher Baines
2017-09-30 14:03 ` [bug#28170] " ng0
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170821095726.qtf2ko526nup4yba@abyayala \
--to=ng0@infotropique.org \
--cc=28170@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.