diff --git a/gnu/local.mk b/gnu/local.mk index b55382cc5d..158d157395 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -742,6 +742,7 @@ dist_patch_DATA = \ %D%/packages/patches/ghostscript-no-header-creationdate.patch \ %D%/packages/patches/giflib-make-reallocarray-private.patch \ %D%/packages/patches/glib-tests-timer.patch \ + %D%/packages/patches/glib-networking-connection.patch \ %D%/packages/patches/glibc-CVE-2015-5180.patch \ %D%/packages/patches/glibc-CVE-2015-7547.patch \ %D%/packages/patches/glibc-CVE-2016-3075.patch \ diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 95bfcaf564..49872e6afe 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -2398,7 +2398,8 @@ (define-public glib-networking name "-" version ".tar.xz")) (sha256 (base32 - "0s006gs9nsq6mg31spqha1jffzmp6qjh10y27h0fxf1iw1ah5ymx")))) + "0s006gs9nsq6mg31spqha1jffzmp6qjh10y27h0fxf1iw1ah5ymx")) + (patches (search-patches "glib-networking-connection.patch")))) (build-system meson-build-system) (arguments `(#:configure-flags '("-Dlibproxy_support=false") diff --git a/gnu/packages/patches/glib-networking-connection.patch b/gnu/packages/patches/glib-networking-connection.patch new file mode 100644 index 0000000000..f64b090ae5 --- /dev/null +++ b/gnu/packages/patches/glib-networking-connection.patch @@ -0,0 +1,51 @@ +https://gitlab.gnome.org/GNOME/glib-networking/issues/4 +https://gitlab.gnome.org/GNOME/glib-networking/commit/55daf3e5fd4bc9e4ebad1a9eab93f852dcbf527e.patch +This ultimately rejected work-around should be removed with the next +release, as the bug has supposedly been fixed for real. + + +From 55daf3e5fd4bc9e4ebad1a9eab93f852dcbf527e Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Thu, 19 Jul 2018 11:16:35 -0500 +Subject: [PATCH] Fix intermittent failures in missing client private key test + +Because our APIs do nice things like encapsulating the TLS connection +establishment, we have our test server writing to the client after +establishing the TCP connection, because the TLS connection is +established. It's fine in theory, but results in some weirdness like the +server seeing its write having completed successfully before TLS +connection establishment. Normally that's what happens and this test +passes (server sees no error), but sometimes the server sees that the +client has already failed and the test fails. + +This is unfortunate, and tricky to fix properly, so let's just remove +the bad check. The point of the test is to ensure that the TLS +connection is not established, and the client-side check is going to +have to be sufficient, because rewriting the test to wait for the TLS +connection to be established on the server side is quite tricky: my +naive attempt resulted in both sides waiting forever on the other. + +P.S. At no point in this test does the server ever examine the client +certificate. That's not quite what I expected when I added the test, but +it's fine. + +Fixes #4 +--- + tls/tests/connection.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/tls/tests/connection.c b/tls/tests/connection.c +index 94645c3..390275d 100644 +--- a/tls/tests/connection.c ++++ b/tls/tests/connection.c +@@ -1125,7 +1125,6 @@ test_client_auth_fail_missing_client_private_key (TestConnection *test, + g_main_loop_run (test->loop); + + g_assert_error (test->read_error, G_TLS_ERROR, G_TLS_ERROR_CERTIFICATE_REQUIRED); +- g_assert_no_error (test->server_error); + } + + static void +-- +2.18.1 +