1 |
commit: 161af48a5a8d86be95b1a07f4877a0dbc8df1db3 |
2 |
Author: Sam James <sam <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Dec 2 03:27:26 2022 +0000 |
4 |
Commit: Sam James <sam <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Dec 2 03:27:33 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=161af48a |
7 |
|
8 |
net-libs/glib-networking: fix tests w/ gnutls 3.7.8 |
9 |
|
10 |
Closes: https://bugs.gentoo.org/877077 |
11 |
Signed-off-by: Sam James <sam <AT> gentoo.org> |
12 |
|
13 |
...lib-networking-2.74.0-gnutls-tls-1.3-test.patch | 85 ++++++++++++++++++++++ |
14 |
.../glib-networking/glib-networking-2.74.0.ebuild | 4 + |
15 |
2 files changed, 89 insertions(+) |
16 |
|
17 |
diff --git a/net-libs/glib-networking/files/glib-networking-2.74.0-gnutls-tls-1.3-test.patch b/net-libs/glib-networking/files/glib-networking-2.74.0-gnutls-tls-1.3-test.patch |
18 |
new file mode 100644 |
19 |
index 000000000000..b93cb8ab9828 |
20 |
--- /dev/null |
21 |
+++ b/net-libs/glib-networking/files/glib-networking-2.74.0-gnutls-tls-1.3-test.patch |
22 |
@@ -0,0 +1,85 @@ |
23 |
+https://bugs.gentoo.org/877077 |
24 |
+https://gitlab.gnome.org/GNOME/glib-networking/-/issues/201 |
25 |
+https://gitlab.gnome.org/GNOME/glib-networking/-/commit/205b578c6de0a6b42dd24d97f08ab47d0347431a |
26 |
+ |
27 |
+From 205b578c6de0a6b42dd24d97f08ab47d0347431a Mon Sep 17 00:00:00 2001 |
28 |
+From: Natanael Copa <ncopa@×××××××××××.org> |
29 |
+Date: Wed, 2 Nov 2022 13:26:53 +0100 |
30 |
+Subject: [PATCH] tests: skip tls-exporter test for TLS 1.2 |
31 |
+ |
32 |
+TLS exporter does not exist before TLS 1.3 so skip the tls-exporter test |
33 |
+for TLS 1.2. |
34 |
+ |
35 |
+Fixes https://gitlab.gnome.org/GNOME/glib-networking/-/issues/201 |
36 |
+ |
37 |
+Part-of: <https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/227> |
38 |
+--- a/tls/tests/connection.c |
39 |
++++ b/tls/tests/connection.c |
40 |
+@@ -2988,6 +2988,8 @@ test_connection_binding_match_tls_exporter (TestConnection *test, |
41 |
+ GByteArray *client_cb, *server_cb; |
42 |
+ gchar *client_b64, *server_b64; |
43 |
+ GError *error = NULL; |
44 |
++ gboolean client_supports_tls_exporter; |
45 |
++ gboolean server_supports_tls_exporter; |
46 |
+ |
47 |
+ test->database = g_tls_file_database_new (tls_test_file_path ("ca-roots.pem"), &error); |
48 |
+ g_assert_no_error (error); |
49 |
+@@ -3016,27 +3018,38 @@ test_connection_binding_match_tls_exporter (TestConnection *test, |
50 |
+ g_main_loop_run (test->loop); |
51 |
+ |
52 |
+ /* Smoke test: ensure both sides support tls-exporter */ |
53 |
+- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection), |
54 |
+- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL)); |
55 |
+- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection), |
56 |
+- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL)); |
57 |
++ client_supports_tls_exporter = g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection), |
58 |
++ G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL); |
59 |
++ server_supports_tls_exporter = g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection), |
60 |
++ G_TLS_CHANNEL_BINDING_TLS_EXPORTER, NULL, NULL); |
61 |
+ |
62 |
+- /* Real test: retrieve bindings and compare */ |
63 |
+- client_cb = g_byte_array_new (); |
64 |
+- server_cb = g_byte_array_new (); |
65 |
+- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection), |
66 |
+- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, client_cb, NULL)); |
67 |
+- g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection), |
68 |
+- G_TLS_CHANNEL_BINDING_TLS_EXPORTER, server_cb, NULL)); |
69 |
++ g_assert_true (client_supports_tls_exporter == server_supports_tls_exporter); |
70 |
+ |
71 |
+- client_b64 = g_base64_encode (client_cb->data, client_cb->len); |
72 |
+- server_b64 = g_base64_encode (server_cb->data, server_cb->len); |
73 |
+- g_assert_cmpstr (client_b64, ==, server_b64); |
74 |
++ if (client_supports_tls_exporter) |
75 |
++ { |
76 |
++ /* Real test: retrieve bindings and compare */ |
77 |
++ client_cb = g_byte_array_new (); |
78 |
++ server_cb = g_byte_array_new (); |
79 |
++ g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->client_connection), |
80 |
++ G_TLS_CHANNEL_BINDING_TLS_EXPORTER, client_cb, NULL)); |
81 |
++ g_assert_true (g_tls_connection_get_channel_binding_data (G_TLS_CONNECTION (test->server_connection), |
82 |
++ G_TLS_CHANNEL_BINDING_TLS_EXPORTER, server_cb, NULL)); |
83 |
+ |
84 |
+- g_free (client_b64); |
85 |
+- g_free (server_b64); |
86 |
+- g_byte_array_unref (client_cb); |
87 |
+- g_byte_array_unref (server_cb); |
88 |
++ client_b64 = g_base64_encode (client_cb->data, client_cb->len); |
89 |
++ server_b64 = g_base64_encode (server_cb->data, server_cb->len); |
90 |
++ g_assert_cmpstr (client_b64, ==, server_b64); |
91 |
++ |
92 |
++ g_free (client_b64); |
93 |
++ g_free (server_b64); |
94 |
++ g_byte_array_unref (client_cb); |
95 |
++ g_byte_array_unref (server_cb); |
96 |
++ } |
97 |
++ else |
98 |
++ { |
99 |
++ g_assert_true (g_tls_connection_get_protocol_version ( |
100 |
++ G_TLS_CONNECTION (test->client_connection)) == G_TLS_PROTOCOL_VERSION_TLS_1_2); |
101 |
++ g_test_skip ("tls-exporter is not supported before TLS 1.3"); |
102 |
++ } |
103 |
+ |
104 |
+ /* drop the mic */ |
105 |
+ close_server_connection (test); |
106 |
+-- |
107 |
+GitLab |
108 |
|
109 |
diff --git a/net-libs/glib-networking/glib-networking-2.74.0.ebuild b/net-libs/glib-networking/glib-networking-2.74.0.ebuild |
110 |
index e985a534551d..df3083026204 100644 |
111 |
--- a/net-libs/glib-networking/glib-networking-2.74.0.ebuild |
112 |
+++ b/net-libs/glib-networking/glib-networking-2.74.0.ebuild |
113 |
@@ -30,6 +30,10 @@ BDEPEND=" |
114 |
test? ( sys-apps/dbus ) |
115 |
" |
116 |
|
117 |
+PATCHES=( |
118 |
+ "${FILESDIR}"/${PN}-2.74.0-gnutls-tls-1.3-test.patch |
119 |
+) |
120 |
+ |
121 |
src_prepare() { |
122 |
default |
123 |
xdg_environment_reset |