From patchwork Wed Jul 31 03:54:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian Eure X-Patchwork-Id: 66567 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id C3D7027BBEA; Wed, 31 Jul 2024 04:56:32 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-7.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_VALIDITY_CERTIFIED, RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE,SPF_HELO_PASS, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 2BF0A27BBE2 for ; Wed, 31 Jul 2024 04:56:31 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sZ0RK-0005dP-5b; Tue, 30 Jul 2024 23:55:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sZ0RH-0005cg-FP for guix-patches@gnu.org; Tue, 30 Jul 2024 23:55:47 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sZ0RH-0004u6-66 for guix-patches@gnu.org; Tue, 30 Jul 2024 23:55:47 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:References:In-Reply-To:Date:From:To:Subject; bh=1rhjv2L81+g8qZi64AubNkHzZl2s4wtlCwF6ZAxRUI0=; b=APe3yY1NrxJqeeXh5Q3pUik8/WyI37mJelP6asUKArw12J2Em02cbsZfBC0KlYFE0FkpkHUq3ZaD0qV9NLuetaxvJ0LrVAd4z9VGQUBuwZkrY6udfs3tbhQHytqU7T4NrbrLHgG91sD0lW1SX89MQcgY/EEMFHMt8kxbtf1KKHIIr8v9j2PpJoCMLxi91mqLADay7B9+1gApfrlr0mVaGHtepJt99KagzkEyI1wV9opx4u8obHj8FVznThsrQLFi8Z8yf4aXoAQ5xOY4ltUeDettZpHDf0hkEdb8qo8mB5MIXDLrIF/DpLYHmWpYgcIaYLCrl2rn3Txz2Xhxm5bL8g==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1sZ0RV-0001zG-Nw for guix-patches@gnu.org; Tue, 30 Jul 2024 23:56:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#71832] [PATCH v5 1/3] gnu: Add nss-rapid. Resent-From: Ian Eure Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 31 Jul 2024 03:56:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 71832 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 71832@debbugs.gnu.org Cc: Ian Eure Received: via spool by 71832-submit@debbugs.gnu.org id=B71832.17223981317569 (code B ref 71832); Wed, 31 Jul 2024 03:56:01 +0000 Received: (at 71832) by debbugs.gnu.org; 31 Jul 2024 03:55:31 +0000 Received: from localhost ([127.0.0.1]:48821 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sZ0R1-0001y0-6f for submit@debbugs.gnu.org; Tue, 30 Jul 2024 23:55:31 -0400 Received: from fout8-smtp.messagingengine.com ([103.168.172.151]:51533) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sZ0Qx-0001xS-Hb for 71832@debbugs.gnu.org; Tue, 30 Jul 2024 23:55:29 -0400 Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailfout.nyi.internal (Postfix) with ESMTP id 2FB6D1382188; Tue, 30 Jul 2024 23:55:07 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Tue, 30 Jul 2024 23:55:07 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm2; t=1722398107; x= 1722484507; bh=1rhjv2L81+g8qZi64AubNkHzZl2s4wtlCwF6ZAxRUI0=; b=G /THzIkxG9isWVy7ADG3YMjbSOc2Xls83K63rzZNXmXQqtDmhZar0dHnu1qUQzGdq BV6ym117KOWzUJjvj8UOna+TNjeAJx0reLBcLdBgFuFAxgfNM19UP+jIqsOSKAjS 0wJqa/2MKK/bBhV4HSeTuYGJ/0MEbXrSSHQcGS8Ku00Shwoh4fBXg5ucczH+47Cn b3/QYZTyHtPZEQf7hTJZHZ+rfSBK/SBWyX7lBjtveYXEnrBcs673YJd97oGO/aaE DyxxhRkkGFKK+a8tYD/jmiQW+36mWUIL/1rN2E9O1+YIu3N7gicurvkclH5z4wP/ kzgN3gMBTCQez4BJNneUg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1722398107; x= 1722484507; bh=1rhjv2L81+g8qZi64AubNkHzZl2s4wtlCwF6ZAxRUI0=; b=I MV0gVUtrtKvc8/uqymVRIliBHmzK3bBw4UjTYlUUPhLtR22YlN8YsYlhQKz5HoYn mHcGZOYYHTVdDfe+OITlNCjTY6FA63pfrGBGm4cLZ3hX9UMdc0FmukyuyFEg20lW U2MfoN4WBRUOEUkzMHGorMrXL1np5o9ueJ01fy0cEFakuMj73yn0paeIdXm4BoRs Cq8PYDv4CpGn1LB+S7ptXmngz3BaD2jl04Tk9SQreVNk84fMKAnm88xBnQ6vki8x xReiZXPaOeUfsaA5ilQx46x8OgmtuTPQxmT+cVyXAW76GhMxLKynr3mLAyXOSVyl du7ALHEz7x5CZYpgK4QkQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrjeehgdejkecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhephffvvefufffkofgjfhgggfestdekre dtredttdenucfhrhhomhepkfgrnhcugfhurhgvuceoihgrnhesrhgvthhrohhsphgvtgdr thhvqeenucggtffrrghtthgvrhhnpefgteeiffdvleejleeiieevgeegleegieevjeekfe evledugfehteetgfeuffevhfenucffohhmrghinhepmhhoiihilhhlrgdrohhrghenucev lhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehirghnsehrvg htrhhoshhpvggtrdhtvhdpnhgspghrtghpthhtoheptd X-ME-Proxy: Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 30 Jul 2024 23:55:06 -0400 (EDT) From: Ian Eure Date: Tue, 30 Jul 2024 20:54:59 -0700 Message-ID: <20240731035501.27512-2-ian@retrospec.tv> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240731035501.27512-1-ian@retrospec.tv> References: <20240731035501.27512-1-ian@retrospec.tv> MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches * gnu/packages/nss.scm (nss-rapid): New variable. Change-Id: I2bdd2119fb0c857feae9eb2e47a28909b8228cd7 --- gnu/packages/nss.scm | 80 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 74 insertions(+), 6 deletions(-) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 9224a8ed5a..17f05a65b0 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -106,6 +106,9 @@ (define-public nspr-4.32 (base32 "0v3zds1id71j5a5si42a658fjz8nv2f6zp6w4gqrqmdr6ksz8sxv")))))) +;; nss should track ESRs, but currently doesn't. When the next ESR it out, it +;; should get updated. + (define-public nss (package (name "nss") @@ -153,13 +156,13 @@ (define-public nss ;; Ensure we are building for the (%current-target-system). #$@(if (%current-target-system) #~((string-append - "OS_TEST=" - (string-take #$(%current-target-system) - (string-index #$(%current-target-system) #\-))) + "OS_TEST=" + (string-take #$(%current-target-system) + (string-index #$(%current-target-system) #\-))) (string-append - "KERNEL=" (cond (#$(target-hurd?) "gnu") - (#$(target-linux?) "linux") - (else "")))) + "KERNEL=" (cond (#$(target-hurd?) "gnu") + (#$(target-linux?) "linux") + (else "")))) #~()) #$@(if (%current-target-system) #~("CROSS_COMPILE=1") @@ -303,6 +306,71 @@ (define-public nss/fixed (invoke "faketime" "2024-01-23" "./nss/tests/all.sh")) (format #t "test suite not run~%")))))))))))) +;; nss-rapid tracks the rapid release channel. Unless your package requires a +;; newer version, you should prefer the `nss' package, which tracks the ESR +;; channel. +;; +;; See https://wiki.mozilla.org/NSS:Release_Versions +;; and https://wiki.mozilla.org/Rapid_Release_Model + +(define-public nss-rapid + (package + (inherit nss) + (name "nss-rapid") + (version "3.102.1") + (source (origin + (inherit (package-source nss)) + (uri (let ((version-with-underscores + (string-join (string-split version #\.) "_"))) + (string-append + "https://ftp.mozilla.org/pub/mozilla.org/security/nss/" + "releases/NSS_" version-with-underscores "_RTM/src/" + "nss-" version ".tar.gz"))) + (sha256 + (base32 + "1k1pjxz0ab4lg8xqggbb8pw77c1q8h4bldi09z4pj5g4hwsjv62l")))) + (arguments + (substitute-keyword-arguments (package-arguments nss) + ((#:phases phases) + #~(modify-phases #$phases + (replace 'check + (lambda* (#:key tests? #:allow-other-keys) + (if tests? + (begin + ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for + ;; testing. The latter requires a working DNS or /etc/hosts. + (setenv "DOMSUF" "localdomain") + (setenv "USE_IP" "TRUE") + (setenv "IP_ADDRESS" "127.0.0.1") + + ;; This specific test is looking at performance "now + ;; verify that we can quickly dump a database", and + ;; we're not testing performance here (especially + ;; since we're using faketime), so raise the + ;; threshold + (substitute* "nss/tests/dbtests/dbtests.sh" + ((" -lt 5") " -lt 50")) + + ;; Since the test suite is very lengthy, run the test + ;; suite once, not thrice as done by default, by + ;; selecting only the 'standard' cycle. + (setenv "NSS_CYCLES" "standard") + + ;; The "PayPalEE.cert" certificate expires every six months, + ;; leading to test failures: + ;; . To + ;; work around that, set the time to roughly the release date. + (invoke "faketime" "2024-01-23" "./nss/tests/all.sh")) + (format #t "test suite not run~%")))))))) + (synopsis "Network Security Services (Rapid Release)") + (description + "Network Security Services (@dfn{NSS}) is a set of libraries designed to +support cross-platform development of security-enabled client and server +applications. Applications built with NSS can support SSL v2 and v3, TLS, +PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other +security standards. + +This package tracks the Rapid Release channel, which updates frequently."))) (define-public nsncd (package (name "nsncd")