From patchwork Tue Jul 2 00:21:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian Eure X-Patchwork-Id: 65829 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 0239927BBEA; Tue, 2 Jul 2024 01:22:56 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id DACF627BBE2 for ; Tue, 2 Jul 2024 01:22:54 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sORHb-0008Ug-PJ; Mon, 01 Jul 2024 20:22:07 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sORHV-0008Tr-TT for guix-patches@gnu.org; Mon, 01 Jul 2024 20:22:03 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sORHV-0007g3-KG for guix-patches@gnu.org; Mon, 01 Jul 2024 20:22:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1sORHW-0005DR-Ck for guix-patches@gnu.org; Mon, 01 Jul 2024 20:22:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#71832] [PATCH v3 1/2] gnu: Add nss-rapid. Resent-From: Ian Eure Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 02 Jul 2024 00:22:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 71832 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 71832@debbugs.gnu.org Cc: Ian Eure Received: via spool by 71832-submit@debbugs.gnu.org id=B71832.171987968419981 (code B ref 71832); Tue, 02 Jul 2024 00:22:02 +0000 Received: (at 71832) by debbugs.gnu.org; 2 Jul 2024 00:21:24 +0000 Received: from localhost ([127.0.0.1]:35171 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sORGt-0005C7-Ji for submit@debbugs.gnu.org; Mon, 01 Jul 2024 20:21:24 -0400 Received: from fhigh5-smtp.messagingengine.com ([103.168.172.156]:40065) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sORGq-0005Bk-JV for 71832@debbugs.gnu.org; Mon, 01 Jul 2024 20:21:22 -0400 Received: from compute7.internal (compute7.nyi.internal [10.202.2.48]) by mailfhigh.nyi.internal (Postfix) with ESMTP id 9FF64114018E; Mon, 1 Jul 2024 20:21:14 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute7.internal (MEProxy); Mon, 01 Jul 2024 20:21:14 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm1; t=1719879674; x= 1719966074; bh=LmCjBBGxTnzhSaAdOd/Kr2DAWUyzcvU2yaZlIkzLcEk=; b=i TRAUEgfqRmhIDYbV5ZY4vnxk/gTBvx4w4T4QFKp1+3aJtVelpVT9PybUq7uFKQvE dFHjkVgau7ObAJTrGrwnUn9yL0EHjlNYvhEGUeKYxWNnr6L39pk7jZ6xoUSTh8BZ KKEJ02V2woKP4NCdjzaktGYruR26gw60s/3q3i2s76ZfIWjHyj0mUM6IHt5+S5Ih xdXIFFhdOVNoz8u/wwkXI2AKbqYu2MpGZ2HIl/0dA0cyXmGx7CMvHEKnGcXVUwjq 8FDI855m+jwi9x60kuW8UTfmNU/yu+jLzIHZoaq9v2VNgGVcStmrfjYXC8ot6fEs 6+qa552EEomAHPqmLgDvw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1719879674; x= 1719966074; bh=LmCjBBGxTnzhSaAdOd/Kr2DAWUyzcvU2yaZlIkzLcEk=; b=E 4FiYukmJ1OBo9j5+ilBfSmolmnfO9b87GBF/SERuCHdyvvJKatcxeqtTTSsdRpjn bGADOQobhptb0iTiyOy9u6nIX/77Y5ryboHklq1LSQIbX+6ggLQlua4DUDaAFFgZ UrbXNB/ojE3vVLjM/0lVIbss06eR6SiWVeDbncJZ4LPN1tBrZKed0TurhSuQoBMt vctc9n8lLN5X/YWx8PIsPrNwMpGqfglR8v7rCG+xD4ZXf8st3pe4PRQAnAru0G8v RMYDJQWhmyG6IZuDjiPovaTQbu96x+OH2RMKaIk3NfWGcHv/hsuc+LOcue4G19PK sbUGfcGbU7lJKzsh1JcWQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrudeggdeffecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofgjfhgggfestdekre dtredttdenucfhrhhomhepkfgrnhcugfhurhgvuceoihgrnhesrhgvthhrohhsphgvtgdr thhvqeenucggtffrrghtthgvrhhnpefgteeiffdvleejleeiieevgeegleegieevjeekfe evledugfehteetgfeuffevhfenucffohhmrghinhepmhhoiihilhhlrgdrohhrghenucev lhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehirghnsehrvg htrhhoshhpvggtrdhtvh X-ME-Proxy: Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 1 Jul 2024 20:21:13 -0400 (EDT) From: Ian Eure Date: Mon, 1 Jul 2024 17:21:02 -0700 Message-ID: <20240702002103.9015-2-ian@retrospec.tv> X-Mailer: git-send-email 2.45.1 In-Reply-To: <20240702002103.9015-1-ian@retrospec.tv> References: <20240702002103.9015-1-ian@retrospec.tv> MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches * gnu/packages/nss.scm (nss-rapid): New variable. Change-Id: I2bdd2119fb0c857feae9eb2e47a28909b8228cd7 --- gnu/packages/nss.scm | 80 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 74 insertions(+), 6 deletions(-) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index d558079f44..4e892ce649 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -106,6 +106,9 @@ (define-public nspr-4.32 (base32 "0v3zds1id71j5a5si42a658fjz8nv2f6zp6w4gqrqmdr6ksz8sxv")))))) +;; nss should track ESRs, but currently doesn't. When the next ESR it out, it +;; should get updated. + (define-public nss (package (name "nss") @@ -153,13 +156,13 @@ (define-public nss ;; Ensure we are building for the (%current-target-system). #$@(if (%current-target-system) #~((string-append - "OS_TEST=" - (string-take #$(%current-target-system) - (string-index #$(%current-target-system) #\-))) + "OS_TEST=" + (string-take #$(%current-target-system) + (string-index #$(%current-target-system) #\-))) (string-append - "KERNEL=" (cond (#$(target-hurd?) "gnu") - (#$(target-linux?) "linux") - (else "")))) + "KERNEL=" (cond (#$(target-hurd?) "gnu") + (#$(target-linux?) "linux") + (else "")))) #~()) #$@(if (%current-target-system) #~("CROSS_COMPILE=1") @@ -303,6 +306,71 @@ (define-public nss/fixed (invoke "faketime" "2024-01-23" "./nss/tests/all.sh")) (format #t "test suite not run~%")))))))))))) +;; nss-rapid tracks the rapid release channel. Unless your package requires a +;; newer version, you should prefer the `nss' package, which tracks the ESR +;; channel. +;; +;; See https://wiki.mozilla.org/NSS:Release_Versions +;; and https://wiki.mozilla.org/Rapid_Release_Model + +(define-public nss-rapid + (package + (inherit nss) + (name "nss-rapid") + (version "3.101") + (source (origin + (inherit (package-source nss)) + (uri (let ((version-with-underscores + (string-join (string-split version #\.) "_"))) + (string-append + "https://ftp.mozilla.org/pub/mozilla.org/security/nss/" + "releases/NSS_" version-with-underscores "_RTM/src/" + "nss-" version ".tar.gz"))) + (sha256 + (base32 + "1rw5xpclsy174znvxcb4d4zgjwadxy45mbh0wvkm3fxpnkq4i5w5")))) + (arguments + (substitute-keyword-arguments (package-arguments nss) + ((#:phases phases) + #~(modify-phases #$phases + (replace 'check + (lambda* (#:key tests? #:allow-other-keys) + (if tests? + (begin + ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for + ;; testing. The latter requires a working DNS or /etc/hosts. + (setenv "DOMSUF" "localdomain") + (setenv "USE_IP" "TRUE") + (setenv "IP_ADDRESS" "127.0.0.1") + + ;; This specific test is looking at performance "now + ;; verify that we can quickly dump a database", and + ;; we're not testing performance here (especially + ;; since we're using faketime), so raise the + ;; threshold + (substitute* "nss/tests/dbtests/dbtests.sh" + ((" -lt 5") " -lt 50")) + + ;; Since the test suite is very lengthy, run the test + ;; suite once, not thrice as done by default, by + ;; selecting only the 'standard' cycle. + (setenv "NSS_CYCLES" "standard") + + ;; The "PayPalEE.cert" certificate expires every six months, + ;; leading to test failures: + ;; . To + ;; work around that, set the time to roughly the release date. + (invoke "faketime" "2024-01-23" "./nss/tests/all.sh")) + (format #t "test suite not run~%")))))))) + (synopsis "Network Security Services (Rapid Release)") + (description + "Network Security Services (@dfn{NSS}) is a set of libraries designed to +support cross-platform development of security-enabled client and server +applications. Applications built with NSS can support SSL v2 and v3, TLS, +PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other +security standards. + +This package tracks the Rapid Release channel, which updates frequently."))) (define-public nsncd (package (name "nsncd")