From patchwork Sun Jul 9 18:15:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bruno Victal X-Patchwork-Id: 51654 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 8E3AC27BBEA; Sun, 9 Jul 2023 19:23:25 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,MAILING_LIST_MULTI, SPF_HELO_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 703B527BBE9 for ; Sun, 9 Jul 2023 19:23:24 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qIZ3p-0007MM-8g; Sun, 09 Jul 2023 14:23:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qIZ3n-0007MA-CS for guix-patches@gnu.org; Sun, 09 Jul 2023 14:23:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qIZ3n-00075y-4j for guix-patches@gnu.org; Sun, 09 Jul 2023 14:23:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1qIZ3m-0007Ih-Hz for guix-patches@gnu.org; Sun, 09 Jul 2023 14:23:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#64545] [PATCH] gnu: Add get-trust-anchor. Resent-From: Bruno Victal Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 09 Jul 2023 18:23:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 64545 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 64545@debbugs.gnu.org Cc: Bruno Victal X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.168892693827994 (code B ref -1); Sun, 09 Jul 2023 18:23:02 +0000 Received: (at submit) by debbugs.gnu.org; 9 Jul 2023 18:22:18 +0000 Received: from localhost ([127.0.0.1]:47149 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qIZ34-0007HR-3a for submit@debbugs.gnu.org; Sun, 09 Jul 2023 14:22:18 -0400 Received: from lists.gnu.org ([209.51.188.17]:33602) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qIZ31-0007HJ-BN for submit@debbugs.gnu.org; Sun, 09 Jul 2023 14:22:16 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qIZ31-0007JA-26 for guix-patches@gnu.org; Sun, 09 Jul 2023 14:22:15 -0400 Received: from smtpmciv4.myservices.hosting ([185.26.107.240]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qIZ2z-00071U-0f for guix-patches@gnu.org; Sun, 09 Jul 2023 14:22:14 -0400 Received: from mail1.netim.hosting (unknown [185.26.106.173]) by smtpmciv4.myservices.hosting (Postfix) with ESMTP id 0FBD220817 for ; Sun, 9 Jul 2023 20:22:03 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by mail1.netim.hosting (Postfix) with ESMTP id 8F16A80097; Sun, 9 Jul 2023 20:16:06 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at mail1.netim.hosting Received: from mail1.netim.hosting ([127.0.0.1]) by localhost (mail1-2.netim.hosting [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id GuXIGEegINwq; Sun, 9 Jul 2023 20:16:06 +0200 (CEST) Received: from guix-nuc.home.arpa (unknown [10.192.1.83]) (Authenticated sender: lumen@makinata.eu) by mail1.netim.hosting (Postfix) with ESMTPSA id DABAB80060; Sun, 9 Jul 2023 20:16:05 +0200 (CEST) From: Bruno Victal Date: Sun, 9 Jul 2023 19:15:55 +0100 Message-Id: <9e371eab576e76ee438c39746ddbe4be103231a7.1688926431.git.mirai@makinata.eu> X-Mailer: git-send-email 2.40.1 MIME-Version: 1.0 Received-SPF: pass client-ip=185.26.107.240; envelope-from=mirai@makinata.eu; helo=smtpmciv4.myservices.hosting X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches * gnu/packages/dns.scm (get-trust-anchor): New variable. * gnu/packages/patches/get-trust-anchor-setuptools.patch: New file. * gnu/local.mk: Register it. --- Notes: * Patch sent upstream: gnu/local.mk | 1 + gnu/packages/dns.scm | 49 +++++++++++++++++++ .../patches/get-trust-anchor-setuptools.patch | 48 ++++++++++++++++++ 3 files changed, 98 insertions(+) create mode 100644 gnu/packages/patches/get-trust-anchor-setuptools.patch base-commit: 2ba2e80ee6e19f6ab710035445d8e234f100e25d diff --git a/gnu/local.mk b/gnu/local.mk index 96f4594835..1f40cf8fa9 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1228,6 +1228,7 @@ dist_patch_DATA = \ %D%/packages/patches/genimage-mke2fs-test.patch \ %D%/packages/patches/geoclue-config.patch \ %D%/packages/patches/gettext-libunicode-update.patch \ + %D%/packages/patches/get-trust-anchor-setuptools.patch \ %D%/packages/patches/ghc-8.0-fall-back-to-madv_dontneed.patch \ %D%/packages/patches/ghc-9.2-glibc-2.33-link-order.patch \ %D%/packages/patches/ghc-9.2-grep-warnings.patch \ diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm index a34e4ced89..f375c608a6 100644 --- a/gnu/packages/dns.scm +++ b/gnu/packages/dns.scm @@ -92,8 +92,57 @@ (define-module (gnu packages dns) #:use-module (guix build-system glib-or-gtk) #:use-module (guix build-system gnu) #:use-module (guix build-system meson) + #:use-module (guix build-system python) #:use-module (guix build-system trivial)) +;; Manually test by running (requires online connectivity): +;; $ guix shell --container --network --no-cwd \ +;; get-trust-anchor nss-certs -- get-trust-anchor +(define-public get-trust-anchor + (let ((commit "a149f31483a647af09f1b4c99871a07f7614e08f") + (revision "0")) ; no releases + (package + (name "get-trust-anchor") + (version (git-version "0.0.0" revision commit)) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/iana-org/get-trust-anchor") + (commit commit))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "05dsqykyqfxy90s264a6wk1xxpnv31gzil7fgcccbxi64zpx8zq4")) + (patches (search-patches "get-trust-anchor-setuptools.patch")))) + (build-system python-build-system) + (arguments + (list + #:tests? #f ; tests require online connectivity + #:modules '((guix build python-build-system) + (guix build utils) + (srfi srfi-1)) + #:phases + #~(modify-phases %standard-phases + (add-before 'wrap 'wrap-path + (lambda* (#:key inputs #:allow-other-keys) + (let ((prog (string-append #$output "/bin/get-trust-anchor")) + (path (map (lambda (f) + (dirname (search-input-file inputs f))) + '("/bin/openssl" "/bin/which")))) + (wrap-program prog + `("PATH" = ,path)))))))) + (inputs (list openssl which)) + (native-search-paths + (list $SSL_CERT_DIR $SSL_CERT_FILE)) + (synopsis "Tool for fetching IANA's DNS Root Trust Anchors") + (description "This package provides the @command{get-trust-anchor} +command, a tool that fetches the current DNSSEC trust anchor from IANA +and the root @acronym{KSK, Key Signing Key} from Google Public DNS +via @acronym{DoH, DNS over HTTPS} or by downloading the root zone file.") + (home-page "https://www.iana.org/dnssec/files") + (license license:bsd-2)))) + (define-public cloudflare-cli (let ((commit "2d986d3ec1b0e3158c4bd40e8918947cb74aa392") (revision "1")) diff --git a/gnu/packages/patches/get-trust-anchor-setuptools.patch b/gnu/packages/patches/get-trust-anchor-setuptools.patch new file mode 100644 index 0000000000..f3de9b1ae3 --- /dev/null +++ b/gnu/packages/patches/get-trust-anchor-setuptools.patch @@ -0,0 +1,48 @@ +From fcc6daa582400a68d9cbc9e834c018a8c90650c4 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Bruno Victal +Date: Sun, 9 Jul 2023 17:31:37 +0100 +Subject: [PATCH] setuptools: use entry_points. + +--- + get_trust_anchor.py => get_trust_anchor/__main__.py | 2 +- + setup.py | 9 ++++++--- + 2 files changed, 7 insertions(+), 4 deletions(-) + rename get_trust_anchor.py => get_trust_anchor/__main__.py (99%) + +diff --git a/get_trust_anchor.py b/get_trust_anchor/__main__.py +similarity index 99% +rename from get_trust_anchor.py +rename to get_trust_anchor/__main__.py +index 42bd041..369ce54 100644 +--- a/get_trust_anchor.py ++++ b/get_trust_anchor/__main__.py +@@ -474,4 +474,4 @@ def main(): + print("Could not delete {}: '{}'. Continuing".format(this_file, this_exception)) + + if __name__ == "__main__": +- main() ++ sys.exit(main()) +diff --git a/setup.py b/setup.py +index 491c832..7900037 100644 +--- a/setup.py ++++ b/setup.py +@@ -12,7 +12,10 @@ setup( + 'Programming Language :: Python :: 3' + ], + url='https://github.com/iana-org/get_trust_anchor/', +- scripts=[ +- 'get_trust_anchor.py' +- ] ++ packages=['get_trust_anchor'], ++ entry_points={ ++ 'console_scripts': [ ++ 'get-trust-anchor = get_trust_anchor.__main__:main' ++ ] ++ } + ) + +base-commit: a149f31483a647af09f1b4c99871a07f7614e08f +-- +2.40.1 +