From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44579) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dyLjG-0003WB-2I for guix-patches@gnu.org; Sat, 30 Sep 2017 13:39:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dyLjB-0003Xa-VG for guix-patches@gnu.org; Sat, 30 Sep 2017 13:39:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:60950) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dyLjB-0003XL-SK for guix-patches@gnu.org; Sat, 30 Sep 2017 13:39:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1dyLjB-0001Lb-MD for guix-patches@gnu.org; Sat, 30 Sep 2017 13:39:01 -0400 Subject: [bug#28170] Add gnutls/dane + use it where its needed (gnurl, libmicrohttpd, gnunet) Resent-Message-ID: Date: Sat, 30 Sep 2017 18:38:15 +0100 From: Christopher Baines Message-ID: <20170930183815.4d69dd6c@cbaines.net> In-Reply-To: <20170930163605.x4sl5irccreah67l@abyayala> References: <20170821095726.qtf2ko526nup4yba@abyayala> <20170930122616.17079913@cbaines.net> <20170930122309.akl2dxa46eru36pb@abyayala> <20170930134346.54a4c54a@cbaines.net> <20170930140144.yenmf7pr2ffecmll@abyayala> <20170930141255.yrnasw4aenfl77n4@abyayala> <20170930153444.3e49436f@cbaines.net> <20170930145636.dpri5bh7ipy22mib@abyayala> <20170930150152.oqwfd7ff5xshkt4s@abyayala> <20170930170504.1c476ed8@cbaines.net> <20170930163605.x4sl5irccreah67l@abyayala> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/.3OnZ1+Lxun5V53DChYKYJg"; protocol="application/pgp-signature" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: ng0 Cc: 28170@debbugs.gnu.org --Sig_/.3OnZ1+Lxun5V53DChYKYJg Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Sat, 30 Sep 2017 16:36:05 +0000 ng0 wrote: > Christopher Baines transcribed 3.6K bytes: > > On Sat, 30 Sep 2017 15:01:52 +0000 > > ng0 wrote: > > =20 > > > ng0 transcribed 2.1K bytes: =20 > > > > Christopher Baines transcribed 1.7K bytes: =20 > > > > > On Sat, 30 Sep 2017 14:12:55 +0000 > > > > > ng0 wrote: > > > > > =20 > > > > > > The fix in this version is to only add the necessary input > > > > > > to the inherited gnutls. =20 > > > > >=20 > > > > > Ok. One hopefully final thing. From the commit message [1], > > > > > it's not clear to me if this is fixing an issue with the > > > > > GNUnet package, by providing it with the right dependencies, > > > > > or, adding additional functionality to the GNUnet package, by > > > > > providing a more capable GnuTLS? > > > > >=20 > > > > > 1: "GNUnet and its dependency chain needs GnuTLS with DANE > > > > > support." =20 > > > > It provides the right GnuTLS to GNUnet, libmicrohttpd and gnURL. > > > > Certain features of these applications will not work without it. > > > > GnuTLS without Dane is not fatal error for these packages, but > > > > Dane is recommended. > > > > I have no idea how I should put this into the very strict > > > > dictionary we have in commit messages=E2=80=A6 In more free-form it > > > > would be no problem for me. > > > > --=20 > > > > ng0 > > > > GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588 > > > > GnuPG: https://krosos.org/dist/keys/ > > > > https://www.infotropique.org https://krosos.org =20 > > >=20 > > > Okay, I now see what you mean. > > >=20 > > > To make it short: the correct dependency is provided in place > > > of the current working-but-not-correct GnuTLS. > > >=20 > > > Is that more clear? =20 > >=20 > > I think you've made it clear to me now. > >=20 > > From what you're saying, I think its the 2nd thing I said. Making > > this change will enable some functionality in the GNUnet package > > (and possibly some of the other packages changed). > >=20 > > I'm not sure using the word "correct" helps, unless you say what the > > dependencies are correct/incorrect with respect to, for example, if > > the GNUnet documentation says that it should be built with GnuTLS > > with Dane support, then that would be a reason to talk about > > correctness. =20 >=20 > Yes it does state this, in the documentation and all these > applications list the dependency in README aswell. > This is why I thought the original, first version, comment I made in > gnutls/dane was enough. But I'll have to be more clear then. > Well if gnURL doesn't state it in its README I have to add it, if it's > not in there it's my mistake - it's correct nevertheless. Ah yes, I didn't really take in that comment in when I read the patch, but I can see it now "This is required for GNS functionality by GNUnet and gnURL.". That's great information, and having it in the commit would also be great. --Sig_/.3OnZ1+Lxun5V53DChYKYJg Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAlnP1odfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE 9XdpkQ//Q+KWe8N8BWZwFQi6Urmjyeoey0DimORQPURVKtzx0nzMjAlp4LbN3GUV 8FoesMd71BxAb4tI8H7HoY7u91GIwwe+/LKS8iCEQ9lIbhrMxKnKeK3ibcDFl2U8 L9A/Df4bXK/kzzZIkNFl8qCdUGV55oWezde2wrdx1pfy9jQs6KsQSllpUI9H9c96 Fuki4I3G7++TaVBXTF4qv2KFbr5+GHu8i4lXwaw26YgdCnLFXvt/hoQ03E2G7DeZ cO4cSscaiDxhzweSMKTNaDGRJy9RCeCHwJxruFc2097hlazWKjAIG44EbMvbCFD6 3HrdlpZENmim0uIdq9IsqfdxTCciaNl9hVlp/Kc6iAOya14gyKklk2k8Qhhe3+gb oQ1RxFXb4R898hLXJUL5MVcK7MvhJ7pdJwmyFCF5KlPRGSiadBxIYfEC2W8fBjDg kN3ckFQsPnIi9iP3wB89JfiNk7dWl2LrHCzOW29/CYuS+v0t00hcnkjPo5jTl8yN 5NSJYdbqmz79hsk8j1S6Tb/rDvXpUBvCWGJw7TgJkkMTmLOcl9y4f4xJkalkG1KZ hDUo+wxINr6bbQkz5kdr15+KRA3eU/M/8mVpoLQLRbIc247HFe8PedN3GE8b3AJG AKUPl1yhyZBu1tuvgndPhNyCQH8dOYwDqM3qzIyxeSwMGpyVDTM= =V5aU -----END PGP SIGNATURE----- --Sig_/.3OnZ1+Lxun5V53DChYKYJg--