guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#30845] [PATCH 05/82] gnu: Add java-bouncycastle.

From: julien lepiller
Subject: [bug#30845] [PATCH 05/82] gnu: Add java-bouncycastle.
Date: Tue, 20 Mar 2018 09:06:00 +0100
User-agent: Roundcube Webmail/1.3.3 
Le 2018-03-19 23:32, Björn Höfling a écrit :

On Sun, 18 Mar 2018 14:05:25 +0100
Julien Lepiller <address@hidden> wrote:


* gnu/packages/java.scm (java-bouncycastle): New variable.
(java-bouncycastle-bcprov, java-bouncycastle-bcpkix): Remove variable.
(java-kafka-clients): Use java-bouncycastle.


What's the difference between the old ones and the new one, besides of
the hosting site?
The new one includes all subpackages (bouncycastle-bcprov, -bcpkix, -bcpg, -bcmail, …) and no generated source. 




---
 gnu/packages/java.scm | 69
++++++++++++++++----------------------------------- 1 file changed,
21 insertions(+), 48 deletions(-)

diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm
index b1ecf843d..9f5b234bb 100644
--- a/gnu/packages/java.scm
+++ b/gnu/packages/java.scm
@@ -8229,29 +8229,37 @@ by technical operatives or consultants
working with enterprise platforms.") algorithms and xxHash hashing
algorithm.") (license license:asl2.0)))

-(define-public java-bouncycastle-bcprov
+(define-public java-bouncycastle
   (package
-    (name "java-bouncycastle-bcprov")
+    (name "java-bouncycastle")
     (version "1.58")


Upstream has 1.59 available that fixes a CVE. Can you use the newest
version, or do you need that specific one for Maven? If the latter is
the case, write a comment next to the version.


OK, I'll try with 1.59.




     (source (origin
               (method url-fetch)
-              (uri
"https://bouncycastle.org/download/bcprov-jdk15on-158.tar.gz";)
+              (uri (string-append
"https://github.com/bcgit/bc-java/archive/r";
+                                  (substring version 0 1) "rv"
+                                  (substring version 2 4) ".tar.gz"))
+              ;(uri
"https://bouncycastle.org/download/bcprov-jdk15on-158.tar.gz";) (sha256


Old URI is kept as a comment. Is that by intention? Why?

Oops, my mistake.




                (base32
-
"1hgkg96llbvgs8i0krwz2n0j7wlg6jfnq8w8kg0cc899j0wfmf3n"))))
+ ;"1hgkg96llbvgs8i0krwz2n0j7wlg6jfnq8w8kg0cc899j0wfmf3n")))) 

Same for the old hash. OK?


At least the 1.59 version contains two jars for the test:

bc-java-r1rv59$ find . -name "*.jar"
./test/libs/jna-4.3.0.jar
./test/libs/jna-platform-4.3.0.jar

Can you snip them away?
Oh, good catch! But jna and jna-platform are patches 9 and 10, and they depend on bouncycastle... 



I tried to build it but it still hangs here:

[..]
test:
    [mkdir] Created dir:
/tmp/guix-build-java-bouncycastle-1.58.drv-0/bc-java-r1rv58/build/jdk15on
    [junit] Test org.bouncycastle.mail.smime.test.AllTests FAILED


Maybe it takes a bit longer and I know something tomorrow.
This phase takes a lot of time without output, but it eventually terminates. My only concern is that the first test fails, but the phase terminates correctly, so bouncycastle is installed disregarding test result. I'll investigate. 



Final review in that series for me for tonight :-)

Thank you,

Björn
reply via email to
[Prev in Thread] Current Thread [Next in Thread]