From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id AIO2IIXu+mOjgQAAbAwnHQ (envelope-from ) for ; Sun, 26 Feb 2023 06:30:45 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id kImxIIXu+mPgUAEAauVa8A (envelope-from ) for ; Sun, 26 Feb 2023 06:30:45 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 016CEEE9A for ; Sun, 26 Feb 2023 06:30:45 +0100 (CET) Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20210112 header.b=J5Pe5RPC; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none) ARC-Seal: i=1; s=key1; d=yhetil.org; t=1677389445; a=rsa-sha256; cv=none; b=uDTXfTSlSBDEhLBTLqvVa3wpPUoCAM2NUVveIPvCkBRVlz5TU9uk2ew+hmw+B9p6gIB44k g73qa6/NXRqX8z2QhKlIa9pcCudG7bCZYVZ/rTWpj1kaRaxka3qYghbh7NKu8UJ+iKn4dR /+vKJwN4vQLVKXt/jyVD5VoiR1VzHXhTKFngp+i0V6rV4OPaHao3vX9ytikv+1m9QZpZCK KNIJjlc6z/ULDL8nf0wuA94+VBEJBiVyakGgOM+3c7vSqQ2Thy+XG1xnHx1zihu+aoMp1a CDpeoXieZgjUR0w06WTSG9FrZZBLbcInIkLLcJe7vCIDh3g3pwNgICtpxaPx3g== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20210112 header.b=J5Pe5RPC; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1677389445; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=O8LxQZZZtWAr/eAfLlrv1+BctuBSNRHMj3XYANWRD8g=; b=iHI/smbUx2A63J7jSvKZJ54tzggoV/mQrAY0aNM0eb2bzSkrzOvvcIeb+lKjnk11xG1w6K zd/XygjfJX1CcgeCtTZbES/6o7tSUUXs/KWU/WNp7p7iv7Uu9Xwxq0fnTorHbnCU/XRIOi Ie1v5c+9KQDCFyPYZQBUwh+/eNGz9xKrQ07JvCWGPnTvQ+hyuJkJXEK7xFMGoTZhUEMhnB EB3XQpfAeoD0EzkY3qDROOmNrdMpJfAqvVFGwzchB3v8Yw7hwPQmnfl9TloVM/eUSJlpXW zCLrNO7joh8+kb23lZNxtrKJgsZXZNx6/nDYm2FQgcTqlHPpa2gBUrluY/YPHw== Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pW9c4-0003Pl-10; Sun, 26 Feb 2023 00:30:20 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pW9bo-0003ON-DJ for bug-guix@gnu.org; Sun, 26 Feb 2023 00:30:08 -0500 Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1pW9bo-0003go-4o for bug-guix@gnu.org; Sun, 26 Feb 2023 00:30:04 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1pW9bo-0006DC-06 for bug-guix@gnu.org; Sun, 26 Feb 2023 00:30:04 -0500 X-Loop: help-debbugs@gnu.org Subject: bug#56137: [PATCH 2/2] gnu: openssl-1.1: Run the test suite through datefudge. Resent-From: Maxim Cournoyer Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Sun, 26 Feb 2023 05:30:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 56137 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 56137@debbugs.gnu.org Cc: sjors@sprovoost.nl, ludo@gnu.org, maximedevos@telenet.be, Maxim Cournoyer , zimon.toutoune@gmail.com Received: via spool by 56137-submit@debbugs.gnu.org id=B56137.167738936523716 (code B ref 56137); Sun, 26 Feb 2023 05:30:03 +0000 Received: (at 56137) by debbugs.gnu.org; 26 Feb 2023 05:29:25 +0000 Received: from localhost ([127.0.0.1]:42144 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pW9bA-0006AS-1u for submit@debbugs.gnu.org; Sun, 26 Feb 2023 00:29:24 -0500 Received: from mail-qt1-f178.google.com ([209.85.160.178]:47082) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pW9b7-0006A3-Ot for 56137@debbugs.gnu.org; Sun, 26 Feb 2023 00:29:22 -0500 Received: by mail-qt1-f178.google.com with SMTP id c19so3523919qtn.13 for <56137@debbugs.gnu.org>; Sat, 25 Feb 2023 21:29:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=O8LxQZZZtWAr/eAfLlrv1+BctuBSNRHMj3XYANWRD8g=; b=J5Pe5RPCbtl7FTBSwxrgd9Xm8JEX6d9Dk0rHevEFbjDj+d5f4mwkMudbxR5QZYTvTK ilenRfbsdKabeGtFeSRJDvHKKAeX2fIikE95RCZXv9fGRWSpUZIa01UBqlAiAgxyCgCM ra/E9g+HUHuDevIF0CIA0LCDl13pyx0GHspn/u4Oc8qM3+/hH66cYmy5aUfQL6lTb/gp lIWG35wrDUnzg2S7czZJKKK6ev0BSv1h0n+uRti6UpuWnvFi+4JhUBrJw+8G3Lzx/+Rl WiKKNkmTRwAng5YmPo3FDNt8NHpenSKXgRiDhWItDHTsZrydC42/NozVnrElLuTK2uX3 Vwfw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=O8LxQZZZtWAr/eAfLlrv1+BctuBSNRHMj3XYANWRD8g=; b=KFTavEx1BYGa0nSoOU+W1S8J5HWHbTPcYvzz5bH87iN+uOvrnRKrN2nmIz9or7c//4 beokgCx3dfrz8fRZmonX9BcwtwLrTr6aJokStjwumh0Kej6ke2hunrUOxOmVzpoh0m+t WK7CkeYEyAFw7WrkkBP6YWbpaJn4aU7s/eyGLwkZ29w6HWrWNXgn2CBWafDrJhEfulWe piO/v5eELGXBbXoH5X3v4SQLIjpgRSO8PpFRrA/VsniSajJxYt5UTbJEwn+8vKYfGIzw EDzjNS6i4PqcVGczL4oAejZs0aevZryPOCFygP7P20B6sBawVUGxhZOs2n5slanZgCcR Q61A== X-Gm-Message-State: AO0yUKWwW65sV62qFZJH3cwA8qtYJ4DD0OgfyiF3jNtcIzAAbkCpsieF fIpn4EojL15k1Na2A3tB1XiwrBEHZGFofFsC X-Google-Smtp-Source: AK7set/B7HflMS6xPlSflhbdUnXQYwT+mL7sketgjoRVbna68R3qnSQZJDNKzV0z1P192MI4LfwYOg== X-Received: by 2002:a05:622a:24b:b0:3b9:ca95:da6e with SMTP id c11-20020a05622a024b00b003b9ca95da6emr34924221qtx.44.1677389355985; Sat, 25 Feb 2023 21:29:15 -0800 (PST) Received: from localhost.localdomain (dsl-141-27.b2b2c.ca. [66.158.141.27]) by smtp.gmail.com with ESMTPSA id z15-20020ac8454f000000b003b848759ed8sm2429567qtn.47.2023.02.25.21.29.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Feb 2023 21:29:15 -0800 (PST) From: Maxim Cournoyer Date: Sun, 26 Feb 2023 00:29:05 -0500 Message-Id: <20230226052906.784-2-maxim.cournoyer@gmail.com> X-Mailer: git-send-email 2.39.1 In-Reply-To: <20230226052906.784-1-maxim.cournoyer@gmail.com> References: <20230226052906.784-1-maxim.cournoyer@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: X-Migadu-Queue-Id: 016CEEE9A X-Spam-Score: -1.18 X-Migadu-Spam-Score: -1.18 X-Migadu-Scanner: scn0.migadu.com List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: bug-guix-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-TUID: 1D3FTE0JbEm+ Fixes . * gnu/packages/tls.scm (openssl-1.1): Bind a RELEASE-DATE variable. [arguments]: Invoke the test suite through datefudge, to avoid certificates from expiring as time passes. [native-inputs]: Add datefudge. --- gnu/packages/tls.scm | 266 +++++++++++++++++++++++-------------------- 1 file changed, 144 insertions(+), 122 deletions(-) diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 524b801443..c20548e89a 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -492,130 +492,152 @@ (define (target->openssl-target target) (string-append kernel "-" arch)))) (define-public openssl-1.1 - (package - (name "openssl") - (version "1.1.1l") - (replacement openssl/fixed) - (source (origin - (method url-fetch) - (uri (list (string-append "https://www.openssl.org/source/openssl-" - version ".tar.gz") - (string-append "ftp://ftp.openssl.org/source/" - "openssl-" version ".tar.gz") - (string-append "ftp://ftp.openssl.org/source/old/" - (string-trim-right version char-set:letter) - "/openssl-" version ".tar.gz"))) - (patches (search-patches "openssl-1.1-c-rehash-in.patch")) - (sha256 - (base32 - "1lbblxps2fhmz7bqh058iywh5wxfignbfx1s1kz2fj63b5g3wyhb")))) - (build-system gnu-build-system) - (outputs '("out" - "doc" ;6.8 MiB of man3 pages and full HTML documentation - "static")) ;6.4 MiB of .a files - (native-inputs (list perl)) - (arguments - (list - #:parallel-tests? #f - #:test-target "test" - - ;; Changes to OpenSSL sometimes cause Perl to "sneak in" to the closure, - ;; so we explicitly disallow it here. - #:disallowed-references (list (canonical-package perl)) - #:phases - #~(modify-phases %standard-phases - #$@(if (%current-target-system) - #~((add-before 'configure 'set-cross-compile - (lambda* (#:key target #:allow-other-keys) - (setenv "CROSS_COMPILE" (string-append target "-")) - (setenv "CONFIGURE_TARGET_ARCH" - #$(target->openssl-target - (%current-target-system)))))) - #~()) - ;; This test seems to be dependant on kernel features. - ;; https://github.com/openssl/openssl/issues/12242 - #$@(if (or (target-arm?) - (target-riscv64?)) - #~((replace 'check - (lambda* (#:key tests? test-target #:allow-other-keys) - (when tests? - (invoke "make" "TESTS=-test_afalg" test-target))))) - #~()) - (replace 'configure - (lambda* (#:key configure-flags #:allow-other-keys) - (let* ((out #$output) - (lib (string-append out "/lib"))) - ;; It's not a shebang so patch-source-shebangs misses it. - (substitute* "config" - (("/usr/bin/env") - (string-append (assoc-ref %build-inputs "coreutils") - "/bin/env"))) - (apply - invoke #$@(if (%current-target-system) - #~("./Configure") - #~("./config")) - "shared" ;build shared libraries - "--libdir=lib" + ;; Note to maintainers: when updating this package, make sure to update the + ;; RELEASE-DATE variable below. It is used by datefudge to avoid time bombs + ;; in the test suite. + (let ((release-date "2021-12-14 00:00")) + (package + (name "openssl") + (version "1.1.1l") + (replacement openssl/fixed) + (source (origin + (method url-fetch) + (uri (list (string-append "https://www.openssl.org/source/openssl-" + version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/" + "openssl-" version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/old/" + (string-trim-right version char-set:letter) + "/openssl-" version ".tar.gz"))) + (patches (search-patches "openssl-1.1-c-rehash-in.patch")) + (sha256 + (base32 + "1lbblxps2fhmz7bqh058iywh5wxfignbfx1s1kz2fj63b5g3wyhb")))) + (build-system gnu-build-system) + (outputs '("out" + "doc" ;6.8 MiB of man3 pages and full HTML documentation + "static")) ;6.4 MiB of .a files + (native-inputs (list datefudge perl)) + (arguments + (list + #:modules '((guix build gnu-build-system) + (guix build utils) + (srfi srfi-34)) + #:parallel-tests? #f + #:test-target "test" + #:make-flags + #~(list #$@(if (or (target-arm?) + (target-riscv64?)) + ;; This test seems to be dependant on kernel features. + ;; https://github.com/openssl/openssl/issues/12242 + #~("TESTS=-test_afalg") + #~())) + ;; Changes to OpenSSL sometimes cause Perl to "sneak in" to the closure, + ;; so we explicitly disallow it here. + #:disallowed-references (list (canonical-package perl)) + #:phases + #~(modify-phases %standard-phases + #$@(if (%current-target-system) + #~((add-before 'configure 'set-cross-compile + (lambda* (#:key target #:allow-other-keys) + (setenv "CROSS_COMPILE" (string-append target "-")) + (setenv "CONFIGURE_TARGET_ARCH" + #$(target->openssl-target + (%current-target-system)))))) + #~()) + (replace 'check + (lambda* (#:key target make-flags tests? test-target + parallel-tests? test-suite-log-regexp + #:allow-other-keys) + (if tests? + (guard (c ((invoke-error? c) + ;; Dump the test suite log to facilitate debugging. + (display "\nTest suite failed, dumping logs.\n" + (current-error-port)) + (dump-file-contents "." test-suite-log-regexp) + (raise c))) + (apply invoke "datefudge" #$release-date + "make" test-target + `(,@(if parallel-tests? + `("-j" ,(number->string (parallel-job-count))) + '()) + ,@make-flags))) + (format #t "test suite not run~%")))) + (replace 'configure + (lambda* (#:key configure-flags #:allow-other-keys) + (let* ((out #$output) + (lib (string-append out "/lib"))) + ;; It's not a shebang so patch-source-shebangs misses it. + (substitute* "config" + (("/usr/bin/env") + (string-append (assoc-ref %build-inputs "coreutils") + "/bin/env"))) + (apply + invoke #$@(if (%current-target-system) + #~("./Configure") + #~("./config")) + "shared" ;build shared libraries + "--libdir=lib" - ;; The default for this catch-all directory is - ;; PREFIX/ssl. Change that to something more - ;; conventional. - (string-append "--openssldir=" out - "/share/openssl-" - #$(package-version this-package)) + ;; The default for this catch-all directory is + ;; PREFIX/ssl. Change that to something more + ;; conventional. + (string-append "--openssldir=" out + "/share/openssl-" + #$(package-version this-package)) - (string-append "--prefix=" out) - (string-append "-Wl,-rpath," lib) - #$@(if (%current-target-system) - #~((getenv "CONFIGURE_TARGET_ARCH")) - #~()) - configure-flags) - ;; Output the configure variables. - (invoke "perl" "configdata.pm" "--dump")))) - (add-after 'install 'move-static-libraries - (lambda _ - ;; Move static libraries to the "static" output. - (let* ((out #$output) - (lib (string-append out "/lib")) - (static #$output:static) - (slib (string-append static "/lib"))) - (for-each (lambda (file) - (install-file file slib) - (delete-file file)) - (find-files - lib - #$(if (target-mingw?) - '(lambda (filename _) - (and (string-suffix? ".a" filename) - (not (string-suffix? ".dll.a" filename)))) - "\\.a$")))))) - (add-after 'install 'move-extra-documentation - (lambda _ - ;; Move man pages and full HTML documentation to "doc". - (let* ((out #$output) - (man (string-append out "/share/man")) - (html (string-append out "/share/doc/openssl")) - (doc #$output:doc) - (man-target (string-append doc "/share/man")) - (html-target (string-append doc "/share/doc/openssl"))) - (mkdir-p (dirname man-target)) - (mkdir-p (dirname html-target)) - (rename-file man man-target) - (rename-file html html-target)))) - (add-after - 'install 'remove-miscellany - (lambda _ - ;; The 'misc' directory contains random undocumented shell and Perl - ;; scripts. Remove them to avoid retaining a reference on Perl. - (delete-file-recursively (string-append #$output "/share/openssl-" - #$(package-version this-package) - "/misc"))))))) - (native-search-paths - (list $SSL_CERT_DIR $SSL_CERT_FILE)) - (synopsis "SSL/TLS implementation") - (description "OpenSSL is an implementation of SSL/TLS.") - (license license:openssl) - (home-page "https://www.openssl.org/"))) + (string-append "--prefix=" out) + (string-append "-Wl,-rpath," lib) + #$@(if (%current-target-system) + #~((getenv "CONFIGURE_TARGET_ARCH")) + #~()) + configure-flags) + ;; Output the configure variables. + (invoke "perl" "configdata.pm" "--dump")))) + (add-after 'install 'move-static-libraries + (lambda _ + ;; Move static libraries to the "static" output. + (let* ((out #$output) + (lib (string-append out "/lib")) + (static #$output:static) + (slib (string-append static "/lib"))) + (for-each (lambda (file) + (install-file file slib) + (delete-file file)) + (find-files + lib + #$(if (target-mingw?) + '(lambda (filename _) + (and (string-suffix? ".a" filename) + (not (string-suffix? ".dll.a" filename)))) + "\\.a$")))))) + (add-after 'install 'move-extra-documentation + (lambda _ + ;; Move man pages and full HTML documentation to "doc". + (let* ((out #$output) + (man (string-append out "/share/man")) + (html (string-append out "/share/doc/openssl")) + (doc #$output:doc) + (man-target (string-append doc "/share/man")) + (html-target (string-append doc "/share/doc/openssl"))) + (mkdir-p (dirname man-target)) + (mkdir-p (dirname html-target)) + (rename-file man man-target) + (rename-file html html-target)))) + (add-after + 'install 'remove-miscellany + (lambda _ + ;; The 'misc' directory contains random undocumented shell and Perl + ;; scripts. Remove them to avoid retaining a reference on Perl. + (delete-file-recursively (string-append #$output "/share/openssl-" + #$(package-version this-package) + "/misc"))))))) + (native-search-paths + (list $SSL_CERT_DIR $SSL_CERT_FILE)) + (synopsis "SSL/TLS implementation") + (description "OpenSSL is an implementation of SSL/TLS.") + (license license:openssl) + (home-page "https://www.openssl.org/")))) (define openssl/fixed (package -- 2.39.1