Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cawbird: backport gnutls patches fixing TLS connection issues #72340

Closed
wants to merge 2 commits into from
Closed

cawbird: backport gnutls patches fixing TLS connection issues #72340

wants to merge 2 commits into from

Conversation

schmittlauch
Copy link
Member

Motivation for this change

Cawbird suffers from frequent TLS connection issues due to a gnutls bug. I backported the fixes for TLS session resumption from gnutls master to gnutls-3.6.9 used in our stable branch. Cawbird now uses a vendored, patched gnutls.
I decided not to apply these changes to nixpkgs master, as gnutls-3.6.11 containing these fixes is supposed to be released in November 2019 and thus will land in the next stable release anyways.

already includes the backport of #72339

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nix-review --run "nix-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after): increased by 2965304 Bytes
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.
Notify maintainers

cc @

@schmittlauch
cawbird: 1.0.2 -> 1.0.3.1
b95b704 
(cherry picked from commit d5c3688)
@schmittlauch
cawbird: backport upstream gnutls TLS resumption patches
8e8d88d 
- frequent TLS connection errors are cause by gnutls (see
https://gitlab.com/gnutls/gnutls/issues/841)
- latest gnutls master contains fixes for that, supposed to be released
in 3.6.11 targeted for November 2019 (see
https://gitlab.com/gnutls/gnutls/commit/afa6e340c084542ef416afc9aaaa6dd0329f5507)
@schmittlauch schmittlauch changed the title Cawbird gnutls cawbird: backport gnutls patches fixing TLS connection issues Oct 31, 2019
@schmittlauch
Copy link
Member Author

Looks like this needs some further work, unfortunately not all TLS issues are resolved :(

@ofborg ofborg bot requested a review from jonafato October 31, 2019 01:04
@schmittlauch schmittlauch mentioned this pull request Oct 31, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonafato jonafato Awaiting requested review from jonafato

Assignees
No one assigned
Labels
10.rebuild-darwin: 0 10.rebuild-linux: 1-10 11.by: package-maintainer
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@schmittlauch