Subject: pkg/29462: gnutls-1.2.0 breaks net/libsoup-devel and mail/wmbiff
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: None <reilles@loria.fr>
List: pkgsrc-bugs
Date: 02/20/2005 13:25:00
>Number: 29462
>Category: pkg
>Synopsis: gnutls-1.2.0 breaks net/libsoup-devel and mail/wmbiff
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Feb 20 13:25:00 +0000 2005
>Originator: Antoine Reilles
>Release: NetBSD 2.99.15
>Organization:
>Environment:
System: NetBSD arcelot.loria.fr 2.99.15 NetBSD 2.99.15 (MYKERNEL) #1: Thu Feb 10 11:31:16 CET 2005 tonio@arcelot.loria.fr:/usr/obj/sys/arch/i386/compile/MYKERNEL i386
Architecture: i386
Machine: i386
>Description:
gnutls-1.2.0 breaks net/libsoup-devel and mail/wmbiff
This is due to a change in gnutls flags, from GNUTLS_CERT_NOT_TRUSTED to
GNUTLS_CERT_INVALID. the log message in gnutls cvs repository says:
"GNUTLS_CERT_NOT_TRUSTED was replaced by GNUTLS_CERT_INVALID, to avoid
having two flags for the same thing."
net/libsoup-devel and mail/wmbiff still use this flag, so they fail to compile.
This is annoying, since gnome-base depends on net/libsoup-devel
>How-To-Repeat:
update security/gnutls, and then try to make net/libsoup-devel or mail/wmbiff
>Fix:
I managed to build net/libsoup-devel and mail/wmbiff by simply patching them to
remove mention to GNUTLS_CERT_NOT_TRUSTED. However, i'm not sure it is the good
way to do it.
I added the patches/patch-aa to net/libsoup-devel:
--- libsoup/soup-gnutls.c.orig 2005-02-19 19:30:47.000000000 +0100
+++ libsoup/soup-gnutls.c 2005-02-19 19:31:13.000000000 +0100
@@ -61,7 +61,6 @@
}
if (status & GNUTLS_CERT_INVALID ||
- status & GNUTLS_CERT_NOT_TRUSTED ||
status & GNUTLS_CERT_REVOKED)
{
g_warning ("The certificate is not trusted.");
make makepathsum, and then it compiles without problems (and all the thing depending on libsoup-devel too.
also, for mail/wmbiff, i added the patches/patch-ac:
--- wmbiff/tlsComm.c.orig 2005-02-19 19:33:11.000000000 +0100
+++ wmbiff/tlsComm.c 2005-02-19 19:35:40.000000000 +0100
@@ -407,10 +407,6 @@
"server's certificate is invalid or not X.509.\n"
"there may be a problem with the certificate stored in your certfile\n");
}
- } else if (certstat & GNUTLS_CERT_NOT_TRUSTED) {
- TDM(DEBUG_INFO, "server's certificate is not trusted.\n");
- TDM(DEBUG_INFO,
- "to verify that a certificate is trusted, use the certfile option.\n");
}
if (gnutls_x509_crt_init(&cert) < 0) {
make makpatchsum, and it builds fine
>Unformatted: