From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51652) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ey3L0-0005sU-Rj for guix-patches@gnu.org; Mon, 19 Mar 2018 18:33:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ey3Kw-0007Xz-Rp for guix-patches@gnu.org; Mon, 19 Mar 2018 18:33:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:34426) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ey3Kw-0007Xs-Ne for guix-patches@gnu.org; Mon, 19 Mar 2018 18:33:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1ey3Kw-0005ju-FF for guix-patches@gnu.org; Mon, 19 Mar 2018 18:33:02 -0400 Subject: [bug#30845] [PATCH 05/82] gnu: Add java-bouncycastle. Resent-Message-ID: Date: Mon, 19 Mar 2018 23:32:29 +0100 From: =?UTF-8?Q?Bj=C3=B6rn_?= =?UTF-8?Q?H=C3=B6fling?= Message-ID: <20180319233229.100a43dd@alma-ubu> In-Reply-To: <20180318130530.1654-5-julien@lepiller.eu> References: <20180318134211.38163cd6@lepiller.eu> <20180318130530.1654-5-julien@lepiller.eu> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; boundary="Sig_/uCFWtZevfzxMpp0j.n95e4E"; protocol="application/pgp-signature" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Julien Lepiller Cc: 30845@debbugs.gnu.org --Sig_/uCFWtZevfzxMpp0j.n95e4E Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Sun, 18 Mar 2018 14:05:25 +0100 Julien Lepiller wrote: > * gnu/packages/java.scm (java-bouncycastle): New variable. > (java-bouncycastle-bcprov, java-bouncycastle-bcpkix): Remove variable. > (java-kafka-clients): Use java-bouncycastle. What's the difference between the old ones and the new one, besides of the hosting site? > --- > gnu/packages/java.scm | 69 > ++++++++++++++++----------------------------------- 1 file changed, > 21 insertions(+), 48 deletions(-) >=20 > diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm > index b1ecf843d..9f5b234bb 100644 > --- a/gnu/packages/java.scm > +++ b/gnu/packages/java.scm > @@ -8229,29 +8229,37 @@ by technical operatives or consultants > working with enterprise platforms.") algorithms and xxHash hashing > algorithm.") (license license:asl2.0))) > =20 > -(define-public java-bouncycastle-bcprov > +(define-public java-bouncycastle > (package > - (name "java-bouncycastle-bcprov") > + (name "java-bouncycastle") > (version "1.58") Upstream has 1.59 available that fixes a CVE. Can you use the newest version, or do you need that specific one for Maven? If the latter is the case, write a comment next to the version. > (source (origin > (method url-fetch) > - (uri > "https://bouncycastle.org/download/bcprov-jdk15on-158.tar.gz") > + (uri (string-append > "https://github.com/bcgit/bc-java/archive/r" > + (substring version 0 1) "rv" > + (substring version 2 4) ".tar.gz")) > + ;(uri > "https://bouncycastle.org/download/bcprov-jdk15on-158.tar.gz") (sha256 Old URI is kept as a comment. Is that by intention? Why? > (base32 > - > "1hgkg96llbvgs8i0krwz2n0j7wlg6jfnq8w8kg0cc899j0wfmf3n")))) > + ;"1hgkg96llbvgs8i0krwz2n0j7wlg6jfnq8w8kg0cc899j0wfmf3n")= ))) Same for the old hash. OK? At least the 1.59 version contains two jars for the test: bc-java-r1rv59$ find . -name "*.jar" ./test/libs/jna-4.3.0.jar ./test/libs/jna-platform-4.3.0.jar Can you snip them away? I tried to build it but it still hangs here: [..] test: [mkdir] Created dir: /tmp/guix-build-java-bouncycastle-1.58.drv-0/bc-ja= va-r1rv58/build/jdk15on [junit] Test org.bouncycastle.mail.smime.test.AllTests FAILED Maybe it takes a bit longer and I know something tomorrow. Final review in that series for me for tonight :-) Thank you, Bj=C3=B6rn --Sig_/uCFWtZevfzxMpp0j.n95e4E Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlqwOn4ACgkQvyhstlk+X/2ROACfc/QXEwUgSVEetCN3v51V3Bp5 +DIAoKE/V3gKrsy5Z7GX6AQWmnABBQy1 =gjeM -----END PGP SIGNATURE----- --Sig_/uCFWtZevfzxMpp0j.n95e4E--