GNU bug report logs - #59867
Update mbedtls-apache to 3.2.1

Previous Next

To reply to this bug, email your comments to 59867 AT debbugs.gnu.org.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Gabriel Wicki <gabriel <at> erlikon.ch>
To: guix-patches <at> gnu.org
Subject: Update mbedtls-apache to 3.2.1
Date: Wed, 07 Dec 2022 01:01:28 +0100

Hi

Working with it i realized today that mbedtls is somewhat outdated in
Guix, so i took the liberty of creating an update patch.  Following the
comments in the package definition i realized that updating mbedtls
would break hiawatha, since that project upgraded to mbedtls 3 with
version 11.  So i updatet that package as well.
I removed the snippets in both source blocks since they aren't needed
anymore.

Thanks for review and merge!  Kind regards

gabriel



From 94ade2b4e1cf65b4859418ea2e7f7e12e35289bc Mon Sep 17 00:00:00 2001
From: Gabriel Wicki <wicg <at> zhaw.ch>
Date: Tue, 6 Dec 2022 16:36:11 +0100
Subject: [PATCH] gnu: mbedtls-apache: Update to version 3.2.1.

* gnu/packages/tls.scm (mbedtls-apache): Update to 3.2.1.
[source]: Remove snippet.
* gnu/packages/web.scm (hiawatha): Update to version 11.2
[source] Remove snippet.
---
 gnu/packages/tls.scm | 15 +++------------
 gnu/packages/web.scm | 10 ++--------
 2 files changed, 5 insertions(+), 20 deletions(-)

diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index f1e844b608..ee81359a66 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -1002,7 +1002,7 @@ (define-public mbedtls-apache
     (name "mbedtls-apache")
     ;; XXX Check whether ‘-Wformat-signedness’ still breaks mbedtls-for-hiawatha
     ;; when updating.
-    (version "2.26.0")
+    (version "3.2.1")
     (source
      (origin
        (method git-fetch)
@@ -1010,17 +1010,8 @@ (define-public mbedtls-apache
              (url "https://github.com/ARMmbed/mbedtls")
              (commit (string-append "mbedtls-" version))))
        (sha256
-        (base32 "0scwpmrgvg6q7rvqkc352d2fqlsx0aylcbyibcp1f1rsn8iiif2m"))
-       (file-name (git-file-name name version))
-       (modules '((guix build utils)))
-       (snippet
-        '(begin
-           ;; Can be removed with the next version.
-           ;; Reduce level of format truncation warnings due to false positives.
-           ;; https://github.com/ARMmbed/mbedtls/commit/2065a8d8af27c6cb1e40c9462b5933336dca7434
-           (substitute* "CMakeLists.txt"
-             (("Wformat-truncation=2") "Wformat-truncation"))
-           #t))))
+        (base32 "1dvj1m2i5lkaf8bcmslap8d82z2pi7ypgr8n7lv0rqjyy4vgmkgq"))
+       (file-name (git-file-name name version))))
     (build-system cmake-build-system)
     (arguments
      `(#:configure-flags
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index a313b0c7a4..f046ddd025 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -6095,20 +6095,14 @@ (define-public tidy-html
 (define-public hiawatha
   (package
     (name "hiawatha")
-    (version "10.11")
+    (version "11.2")
     (source
      (origin
        (method url-fetch)
        (uri (string-append "https://www.hiawatha-webserver.org/files/"
                            "hiawatha-" version ".tar.gz"))
-       (modules '((guix build utils)))
-       (snippet '(begin
-                   ;; We use packaged libraries, so delete the bundled copies.
-                   (for-each delete-file-recursively
-                             (list "extra/nghttp2.tgz" "mbedtls"))
-                   #t))
        (sha256
-        (base32 "09wpgilbv13zal71v9lbsqr8c3fignygadykpd1p1pb8blb5vn3r"))))
+        (base32 "1i8vrxbvpcj6yxmshbg19gm9g8vrxds6pdra0sgld4vzj9v4zilr"))))
     (build-system cmake-build-system)
     (arguments
      `(#:tests? #f                      ; no tests included
-- 
2.38.0

Message #8 received at 59867 <at> debbugs.gnu.org (full text, mbox):

From: Simon Tournier <zimon.toutoune <at> gmail.com>
To: Gabriel Wicki <gabriel <at> erlikon.ch>
Cc: 59867 <at> debbugs.gnu.org
Subject: Re: bug#59867: Update mbedtls-apache to 3.2.1
Date: Fri, 27 Jan 2023 14:59:53 +0100

Hi,

Thanks for the contribution.

On mer., 07 déc. 2022 at 01:01, Gabriel Wicki <gabriel <at> erlikon.ch> wrote:

> Working with it i realized today that mbedtls is somewhat outdated in
> Guix, so i took the liberty of creating an update patch.  Following the
> comments in the package definition i realized that updating mbedtls
> would break hiawatha, since that project upgraded to mbedtls 3 with
> version 11.  So i updatet that package as well.
> I removed the snippets in both source blocks since they aren't needed
> anymore.

I get this:

--8<---------------cut here---------------start------------->8---
$ guix refresh -l mbedtls-apache
Building the following 52 packages would ensure 312 dependent packages are rebuilt: dolphin-emu <at> 5.0-13178.a34823d superstarfighter <at> 0.6.5 openrgb <at> 0.8 hashlink <at> 1.12 inspircd <at> 3.12.0 julia-juno <at> 0.8.4 julia-measures <at> 0.3.1 julia-cenum <at> 0.4.1 julia-genericschur <at> 0.5.3 julia-sundials-jll <at> 5.2.1+0 julia-ffmpeg <at> 0.4.1 julia-bfloat16s <at> 0.4.0 julia-fuzzycompletions <at> 0.4.1 julia-millboard <at> 0.2.5 julia-showoff <at> 1.0.2 julia-msgpack <at> 1.1.0 julia-softglobalscope <at> 1.1.0 julia-scratch <at> 1.1.0 julia-tableiointerface <at> 0.1.6 julia-mocking <at> 0.7.3 julia-static <at> 0.8.3 julia-pyplot <at> 2.10.0 julia-infinity <at> 0.2.4 julia-mutablearithmetics <at> 0.2.20 julia-gpuarrays <at> 8.1.3 julia-gr <at> 0.58.1 julia-configurations <at> 0.16.4 julia-bioalignments <at> 2.0.0 julia-suppressor <at> 0.2.0 julia-quadmath <at> 0.5.5 julia-referencetests <at> 0.9.7 julia-imagemagick <at> 1.2.1 julia-optim <at> 1.6.0 julia-lazyarrays <at> 0.22.16 julia-testimages <at> 1.5.0 julia-plotthemes <at> 2.0.1 julia-recipespipeline <at> 0.3.4 julia-csv <at> 0.10.4 julia-bson <at> 0.3.6 julia-geometrybasics <at> 0.4.2 bluez-alsa <at> 3.0.0 kopete <at> 22.04.3 mswebrtc <at> 1.1.1-0.946ca70 msopenh264 <at> 1.2.1-0.88697cc mssilk <at> 1.1.1-0.dd0f31e msamr <at> 1.1.3-0.5ab5c09 linphone-desktop <at> 4.2.5 dislocker <at> 0.7.3 nng <at> 1.3.2 obs-spectralizer <at> 1.3.3 obs-websocket <at> 4.9.1 obs-wlrobs <at> 1.0
--8<---------------cut here---------------end--------------->8---

which means it is tangent for master. :-)  Have you rebuilt all these?
Does the update only break hiawatha?


Then, it is not a clean patch; it is not straightforward apply. :-)

Please, could you use “git-send-email” as recommended by the manual [1].
Please mention the base commit against which the patch applies, it helps
as in this case when the file gnu/packages/tls.scm has changed in the
mean time.

Could you send v2?

1: <https://guix.gnu.org/manual/devel/en/guix.html#Submitting-Patches>


Thanks,
simon

Message #11 received at 59867 <at> debbugs.gnu.org (full text, mbox):

From: "Wicki Gabriel (wicg)" <wicg <at> zhaw.ch>
To: "59867 <at> debbugs.gnu.org" <59867 <at> debbugs.gnu.org>
Subject: Updated Mbed TLS 3 patchset
Date: Wed, 1 Feb 2023 13:12:00 +0000

[Message part 1 (text/plain, inline)]

Thanks for your review and the comments, Simon!

I've prepared another patchset (on top of base commit: 14323edcc37d9efaae2491cf5f57ea0621412d7e).  Since there are so many applications relying on mbedtls v2 I figured it would be best to introduce mbedtls-apache3 to allow gradually upgrading the packages affected -- MbedTLS breaks parts of its old API.

[Message part 2 (text/html, inline)]

[0001-gnu-mbedtls-apache3-Add-Mbed-TLS-3.patch (text/x-patch, attachment)]

[0002-gnu-hiawatha-Update-to-11.2.patch (text/x-patch, attachment)]

[0003-gnu-mbedtls-apache-Improve-package-style.patch (text/x-patch, attachment)]

[0004-gnu-hiawatha-Improve-package-style.patch (text/x-patch, attachment)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.