Bug#1031553: gnutls28: please depend on faketime instead of datefudge
Andreas Metzler
ametzler at bebt.de
Wed Apr 5 17:45:03 BST 2023
On 2023-02-18 Nicolas Boulenguez <nicolas at debian.org> wrote:
> Source: gnutls28
> Version: 3.7.9-1
> Hello.
> Datefudge is broken on 32-bit architectures (release-critical bug
> #1028587). The author recommends to use alternative tools in message
> 24 of the bug log. Only two consumers are remaining, gnutls28 and
> oath-toolkit.
> The attached diff replaces datefudge with faketime in gnutls28.
> The change only affects tests.
> A test fails after a local build, but the timestamps seem correct.
> The severity is 'wishlist' for gnutls28, but the attached patch (and a
> similar one for oath-toolkit) would allow to remove the datefudge
> package and 1 RC bug from bookworm.
[...]
Hello,
after a couple of iterations and reworks gnutls upstream /master/ branch
now supports both faketime and datefudge. However I am a bit reluctant
to patch gnutls 3.7 for bookworm:
* Net win (and only if oath-toolkit also switches in time for bookworm) is
that datefudge could be removed. The real brokenness remains, since
faketime also suffers from the bug (#1032177) and I /think/ it is
unlikely to be fixed in time for bookworm.
* Downsides:
+ Rather huge patch that is unlikely to end up in gnutls 3.7.x series
+ GnuTLS master branch (3.8.x) will probaby move away from
datefudge/faketime and use a (newly added) -attime option. So we
will patch in dead code.
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-gnutls-maint
mailing list