Message ID | dd38681508c8f591655f17171d573d448a9982ce.camel@telenet.be |
---|---|
Headers | show |
Series | Make adding SSL_CERT_FILE/DIR search paths easier and add some missing ones | expand |
Maxime Devos schreef op za 07-05-2022 om 10:35 [+0200]: > > TODO: > > * [ ] build dependents Looks like data.guix-patches.cbaines.net will do so: https://data.guix-patches.cbaines.net/revision/5e5fafa3cd6e6d9b8674081a6e43ff2a95d096c4 (in-progress at time of writing, not yet completed). Greetings, Maxime
Maxime Devos schreef op za 07-05-2022 om 10:48 [+0200]: > Maxime Devos schreef op za 07-05-2022 om 10:35 [+0200]: > > > > TODO: > > > > * [ ] build dependents > > Looks like data.guix-patches.cbaines.net will do so: > https://data.guix-patches.cbaines.net/revision/5e5fafa3cd6e6d9b8674081a6e43ff2a95d096c4 > (in-progress at time of writing, not yet completed). According to <https://data.guix-patches.cbaines.net/compare/package-derivations?base_commit=312879fddcf0713c0f1dafcc6faa089edbbb6e04&target_commit=5e5fafa3cd6e6d9b8674081a6e43ff2a95d096c4&build_change=broken&after_name=&limit_results=40>, there are no new build failures. However, according to <https://data.guix-patches.cbaines.net/compare/package-derivations?base_commit=312879fddcf0713c0f1dafcc6faa089edbbb6e04&target_commit=5e5fafa3cd6e6d9b8674081a6e43ff2a95d096c4&build_change=still-working&after_name=&limit_results=40>, there are no ‘still working’ builds either, so maybe I'm misinterpreting things? Greetings, Maxime.
Hi! Maxime Devos <maximedevos@telenet.be> skribis: > This patch series adds $SSL_CERT_DIR/$SSL_CERT_FILE to youtube-dl, some > dependents and w3m, as they respect $SSL_CERT_DIR/$SSL_CERT_FILE. > > To make this easier (e.g. less duplication), I moved the definition of > $SSL_CERT_DIR/$SSL_CERT_FILE to a single location (guix search-paths) > instead of many separate packages. > > This moving was previously rejected by Ludo, but that was in a > different context, maybe in this context it's considered ok? I don’t remember the previous discussion, but here I think it’s reasonable. It’s a case where, effectively, those variables that were initially OpenSSL-specific are now honored by other pieces of software. However, the last few patches are incorrect in that, for example, w3m does not honor these variables by itself (its code doesn’t call getenv): --8<---------------cut here---------------start------------->8--- $ grep -r SSL_CERT_ $(guix build -S w3m) /gnu/store/aqdk56qa1lssjs50gvrii47ccc7ibmkp-w3m-0.5.3+git20210102-checkout/rc.c:#define CMT_SSL_CERT_FILE N_("PEM encoded certificate file of client") /gnu/store/aqdk56qa1lssjs50gvrii47ccc7ibmkp-w3m-0.5.3+git20210102-checkout/rc.c: CMT_SSL_CERT_FILE, NULL}, --8<---------------cut here---------------end--------------->8--- Instead, it honors them because it’s linked against OpenSSL. Likewise for youtube-dl & co. So I’m omitting the last few patches that add search paths. I hope that makes sense. Thanks! Ludo’.
Ludovic Courtès schreef op vr 13-05-2022 om 17:32 [+0200]: > However, the last few patches are incorrect in that, for example, w3m > does not honor these variables by itself (its code doesn’t call getenv): > > --8<---------------cut here---------------start------------->8--- > $ grep -r SSL_CERT_ $(guix build -S w3m) > /gnu/store/aqdk56qa1lssjs50gvrii47ccc7ibmkp-w3m-0.5.3+git20210102-checkout/rc.c:#define CMT_SSL_CERT_FILE N_("PEM encoded certificate file of client") > /gnu/store/aqdk56qa1lssjs50gvrii47ccc7ibmkp-w3m-0.5.3+git20210102-checkout/rc.c: CMT_SSL_CERT_FILE, NULL}, > --8<---------------cut here---------------end--------------->8--- > > Instead, it honors them because it’s linked against OpenSSL. > > Likewise for youtube-dl & co. > > So I’m omitting the last few patches that add search paths. <https://issues.guix.gnu.org/22138> has not been resolved yet though, so it's still necessary (see experiment in commit message of patch 10/10), though perhaps it could have been worded more precisely. Greetings, Maxime.