guix/gnu/packages/patches/gnutls-skip-trust-store-test.patch
Marius Bakke 88e2511e21
gnu: gnutls: Replace with 3.5.13.
This update addresses the following security advisories:

GNUTLS-SA-2017-3 (aka CVE-2017-7869) and GNUTLS-SA-2017-4.

See <https://gnutls.org/security.html> and <https://gnutls.org/news.html>.

* gnu/packages/patches/gnutls-skip-pkgconfig-test.patch,
gnu/packages/patches/gnutls-skip-trust-store-test.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register patches.
* gnu/packages/tls.scm (gnutls)[replacement]: New field.
(gnutls-3.5.13): New variable.
(gnutls/guile-2.2)[replacement]: New field. Set #f.
[source]: Inherit from GNUTLS-3.5.13.
2017-06-11 01:08:58 +02:00

15 lines
579 B
Diff

Version 3.5.11 added a test to check that the default trust store is readable.
It does not exist in the build environment, so pretend everything is fine.
diff a/tests/trust-store.c b/tests/trust-store.c
--- a/tests/trust-store.c
+++ b/tests/trust-store.c
@@ -61,7 +61,7 @@
} else if (ret < 0) {
fail("error loading system trust store: %s\n", gnutls_strerror(ret));
} else if (ret == 0) {
- fail("no certificates were found in system trust store!\n");
+ success("no trust store in the Guix build environment!\n");
}
gnutls_certificate_free_credentials(x509_cred);