|
From: | julien lepiller |
Subject: | [bug#30845] [PATCH 05/82] gnu: Add java-bouncycastle. |
Date: | Tue, 20 Mar 2018 09:06:00 +0100 |
User-agent: | Roundcube Webmail/1.3.3 |
Le 2018-03-19 23:32, Björn Höfling a écrit :
On Sun, 18 Mar 2018 14:05:25 +0100 Julien Lepiller <address@hidden> wrote:* gnu/packages/java.scm (java-bouncycastle): New variable. (java-bouncycastle-bcprov, java-bouncycastle-bcpkix): Remove variable. (java-kafka-clients): Use java-bouncycastle.What's the difference between the old ones and the new one, besides of the hosting site?
The new one includes all subpackages (bouncycastle-bcprov, -bcpkix, -bcpg, -bcmail, …) and no generated source.
--- gnu/packages/java.scm | 69 ++++++++++++++++----------------------------------- 1 file changed, 21 insertions(+), 48 deletions(-) diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm index b1ecf843d..9f5b234bb 100644 --- a/gnu/packages/java.scm +++ b/gnu/packages/java.scm @@ -8229,29 +8229,37 @@ by technical operatives or consultants working with enterprise platforms.") algorithms and xxHash hashing algorithm.") (license license:asl2.0))) -(define-public java-bouncycastle-bcprov +(define-public java-bouncycastle (package - (name "java-bouncycastle-bcprov") + (name "java-bouncycastle") (version "1.58")Upstream has 1.59 available that fixes a CVE. Can you use the newest version, or do you need that specific one for Maven? If the latter is the case, write a comment next to the version.
OK, I'll try with 1.59.
(source (origin (method url-fetch) - (uri "https://bouncycastle.org/download/bcprov-jdk15on-158.tar.gz") + (uri (string-append "https://github.com/bcgit/bc-java/archive/r" + (substring version 0 1) "rv" + (substring version 2 4) ".tar.gz")) + ;(uri "https://bouncycastle.org/download/bcprov-jdk15on-158.tar.gz") (sha256Old URI is kept as a comment. Is that by intention? Why?
Oops, my mistake.
(base32 - "1hgkg96llbvgs8i0krwz2n0j7wlg6jfnq8w8kg0cc899j0wfmf3n"))))+ ;"1hgkg96llbvgs8i0krwz2n0j7wlg6jfnq8w8kg0cc899j0wfmf3n"))))Same for the old hash. OK? At least the 1.59 version contains two jars for the test: bc-java-r1rv59$ find . -name "*.jar" ./test/libs/jna-4.3.0.jar ./test/libs/jna-platform-4.3.0.jar Can you snip them away?
Oh, good catch! But jna and jna-platform are patches 9 and 10, and they depend on bouncycastle...
I tried to build it but it still hangs here: [..] test: [mkdir] Created dir: /tmp/guix-build-java-bouncycastle-1.58.drv-0/bc-java-r1rv58/build/jdk15on [junit] Test org.bouncycastle.mail.smime.test.AllTests FAILED Maybe it takes a bit longer and I know something tomorrow.
This phase takes a lot of time without output, but it eventually terminates. My only concern is that the first test fails, but the phase terminates correctly, so bouncycastle is installed disregarding test result. I'll investigate.
Final review in that series for me for tonight :-) Thank you, Björn
[Prev in Thread] | Current Thread | [Next in Thread] |