tech-pkg: Re: net/libsoup-devel does not build with the new gnutls

Subject: Re: net/libsoup-devel does not build with the new gnutls
To: None <tech-pkg@netbsd.org>
From: Antoine Reilles <Antoine.Reilles@loria.fr>
List: tech-pkg
Date: 02/19/2005 19:40:59

--SxgehGEc6vB0cZwN
Content-Type: multipart/mixed; boundary="u5E4XgoOPWr4PD9E"
Content-Disposition: inline


--u5E4XgoOPWr4PD9E
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Feb 19, 2005 at 06:39:51PM +0100, Bernd Ernesti wrote:
> On Sat, Feb 19, 2005 at 06:22:36PM +0100, Antoine Reilles wrote:
> > The change from GNUTLS_CERT_NOT_TRUSTED to GNUTLS_CERT_INVALID is
> > noted in the gnutls cvs repository:
> > "GNUTLS_CERT_NOT_TRUSTED was replaced by GNUTLS_CERT_INVALID, to avoid
> >   having two flags for the same thing."
>=20
> Did you even check the patch?
Maybe i was too quick in doing this ;-)
>=20
> Now there would be two lines with 'status & GNUTLS_CERT_INVALID' in that =
if
> statement.
totally right
>=20
> IMHO that line (with GNUTLS_CERT_NOT_TRUSTED) should be just removed.
yes, it's better, the patch should be:

--- libsoup/soup-gnutls.c.orig	2005-02-19 19:30:47.000000000 +0100
+++ libsoup/soup-gnutls.c	2005-02-19 19:31:13.000000000 +0100
@@ -61,7 +61,6 @@
 	}
=20
 	if (status & GNUTLS_CERT_INVALID ||
-	    status & GNUTLS_CERT_NOT_TRUSTED ||
 	    status & GNUTLS_CERT_REVOKED)
 	{
 		g_warning ("The certificate is not trusted.");


I had the same problem with mail/wmbiff, which use
GNUTLS_CERT_NOT_TRUSTED. I added the following patch-ac to
mail/wmbiff/patches and got it to compile and work

regards,
antoine

--u5E4XgoOPWr4PD9E
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=patch-ac
Content-Transfer-Encoding: quoted-printable

--- wmbiff/tlsComm.c.orig	2005-02-19 19:33:11.000000000 +0100
+++ wmbiff/tlsComm.c	2005-02-19 19:35:40.000000000 +0100
@@ -407,10 +407,6 @@
 							"server's certificate is invalid or not X.509.\n"
 							"there may be a problem with the certificate stored in your certfil=
e\n");
 		}
-	} else if (certstat & GNUTLS_CERT_NOT_TRUSTED) {
-		TDM(DEBUG_INFO, "server's certificate is not trusted.\n");
-		TDM(DEBUG_INFO,
-			"to verify that a certificate is trusted, use the certfile option.\n");
 	}
=20
 	if (gnutls_x509_crt_init(&cert) < 0) {

--u5E4XgoOPWr4PD9E--

--SxgehGEc6vB0cZwN
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (NetBSD)

iD8DBQFCF4g74VqmoGDE/mwRAlvRAJ9fy5xCSMZ1fX1d1mfrdl50jyW1lQCfbjDx
CQne0gKA1F2N2AHf32NkIBg=
=Uslw
-----END PGP SIGNATURE-----

--SxgehGEc6vB0cZwN--