GNU bug report logs -
#49706
[PATCH] gnu: gmnisrv: Update to commit 32854b7.
Previous Next
Reported by: Sarah Morgensen <iskarian <at> mgsn.dev>
Date: Fri, 23 Jul 2021 08:09:02 UTC
Severity: normal
Tags: patch
Done: Arun Isaac <arunisaac <at> systemreboot.net>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 49706 in the body.
You can then email your comments to 49706 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
guix-patches <at> gnu.org
:
bug#49706
; Package
guix-patches
.
(Fri, 23 Jul 2021 08:09:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Sarah Morgensen <iskarian <at> mgsn.dev>
:
New bug report received and forwarded. Copy sent to
guix-patches <at> gnu.org
.
(Fri, 23 Jul 2021 08:09:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Update to latest commit. Gmnisrv uses v3 X509 certificates now, and so
"requires fresh certificates, which could break clients with strict
trust-on-first-use policies."
gnu/packages/web.scm (gmnisrv): Update to commit 32854b7.
---
Hello Guix,
There is one possibly breaking change in this update:
> Use v3 X509 certificate
>
> This fixes an issue where rustls failed to validate the X509v1 certificate.
>
> Tested with Amfora, av-98, and titan (https://github.com/mkeeter/titan)
>
> This requires fresh certificates, which could break clients with strict
> trust-on-first-use policies; unfortunately, it doesn't appear to be possible
> to migrate v1 certificates to v3.
Also, I'm not sure if this is the correct style for updating unversioned
software, so if I missed something, please let me know!
--
Sarah
gnu/packages/web.scm | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 12ba55cdc8..270ad31331 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -7968,8 +7968,8 @@ solution for any project's interface needs:
(license license:expat)))
(define-public gmnisrv
- (let ((commit "d484ba0ab0020866535a44be5948c9482b8f2b8d")
- (revision "1"))
+ (let ((commit "32854b79c73b278bf33eb5123abf1c36abdc7c01")
+ (revision "2"))
(package
(name "gmnisrv")
(version (git-version "0" revision commit))
@@ -7981,7 +7981,7 @@ solution for any project's interface needs:
(commit commit)))
(sha256
(base32
- "11phipixsxx1jgm42agp76p5s68l0zj65kgb41vzaymgwcq79ivn"))
+ "0lbb3ablwkdcgm1cjr1hikr55y8gpl420nh8b8g9wn4abhm2xgr9"))
(file-name (git-file-name name version))))
(build-system gnu-build-system)
(arguments
base-commit: 89ea0918a4a6cc9c250b85c0b713e471b7769c48
prerequisite-patch-id: 2d6692cc3cf8a733e69e6ff6b02863a160b03011
--
2.31.1
Information forwarded
to
guix-patches <at> gnu.org
:
bug#49706
; Package
guix-patches
.
(Sat, 24 Jul 2021 13:30:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 49706 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Fri, Jul 23 2021, Sarah Morgensen wrote:
> Update to latest commit. Gmnisrv uses v3 X509 certificates now, and so
> "requires fresh certificates, which could break clients with strict
> trust-on-first-use policies."
>
> gnu/packages/web.scm (gmnisrv): Update to commit 32854b7.
> ---
> Hello Guix,
>
> There is one possibly breaking change in this update:
>
>> Use v3 X509 certificate
>>
>> This fixes an issue where rustls failed to validate the X509v1 certificate.
>>
>> Tested with Amfora, av-98, and titan (https://github.com/mkeeter/titan)
>>
>> This requires fresh certificates, which could break clients with strict
>> trust-on-first-use policies; unfortunately, it doesn't appear to be possible
>> to migrate v1 certificates to v3.
>
> Also, I'm not sure if this is the correct style for updating unversioned
> software, so if I missed something, please let me know!
It is usually has the format VERSION-REVISION.COMMIT, where COMMIT is
the first 7 characters of the commit id. In this case the commit
summary would be:
gnu: gmnisrv: Update to 0-2.32854b7.
If you use Emacs, there is a Yasnippet snippet for generating commit
messages in Magit, just type “update<TAB>” in the commit buffer.
I don’t use ‘gmnisrv’, so I can’t really test it, but it builds fine for
me. :)
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
guix-patches <at> gnu.org
:
bug#49706
; Package
guix-patches
.
(Sun, 25 Jul 2021 01:44:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 49706 <at> debbugs.gnu.org (full text, mbox):
Update to latest commit. Gmnisrv uses v3 X509 certificates now, and so
"requires fresh certificates, which could break clients with strict
trust-on-first-use policies."
gnu/packages/web.scm (gmnisrv): Update to 0-2.32854b7.
---
gnu/packages/web.scm | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 12ba55cdc8..270ad31331 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -7968,8 +7968,8 @@ solution for any project's interface needs:
(license license:expat)))
(define-public gmnisrv
- (let ((commit "d484ba0ab0020866535a44be5948c9482b8f2b8d")
- (revision "1"))
+ (let ((commit "32854b79c73b278bf33eb5123abf1c36abdc7c01")
+ (revision "2"))
(package
(name "gmnisrv")
(version (git-version "0" revision commit))
@@ -7981,7 +7981,7 @@ solution for any project's interface needs:
(commit commit)))
(sha256
(base32
- "11phipixsxx1jgm42agp76p5s68l0zj65kgb41vzaymgwcq79ivn"))
+ "0lbb3ablwkdcgm1cjr1hikr55y8gpl420nh8b8g9wn4abhm2xgr9"))
(file-name (git-file-name name version))))
(build-system gnu-build-system)
(arguments
base-commit: 89ea0918a4a6cc9c250b85c0b713e471b7769c48
prerequisite-patch-id: 2d6692cc3cf8a733e69e6ff6b02863a160b03011
--
2.31.1
Reply sent
to
Arun Isaac <arunisaac <at> systemreboot.net>
:
You have taken responsibility.
(Sun, 25 Jul 2021 10:32:01 GMT)
Full text and
rfc822 format available.
Notification sent
to
Sarah Morgensen <iskarian <at> mgsn.dev>
:
bug acknowledged by developer.
(Sun, 25 Jul 2021 10:32:02 GMT)
Full text and
rfc822 format available.
Message #16 received at 49706-done <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi Sarah and Xinglu,
Thanks for working on this patch! I have pushed this with the following
two minor changes.
1. Added copyright header for Sarah.
> Update to latest commit. Gmnisrv uses v3 X509 certificates now, and so
2. Downcased Gmnisrv to gmnisrv since that seems to be the correct
capitalization according to upstream.
Regards,
Arun
[signature.asc (application/pgp-signature, inline)]
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org
.
(Sun, 22 Aug 2021 11:24:04 GMT)
Full text and
rfc822 format available.
This bug report was last modified 2 years and 240 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.