RESOLVED FIXED 202347
Fedora crypto patch broken by 2.26.1
https://bugs.webkit.org/show_bug.cgi?id=202347
Summary Fedora crypto patch broken by 2.26.1
Chris King
Reported Saturday, September 28, 2019 6:05:18 PM UTC
Created attachment 379788 [details] the patch in question Hey, I'm running into some more problems packaging the most recent version of WPE. Since I've packaged WPE for Fedora, we've needed to include this (attached) crypto-policy patch as a response to this bug [0]. When attempting to build 2.26.1, the patch no longer functions, as the lines that it changes no longer exist in either of the files that it changes. I don't see anything about this in the NEWS file, and I don't feel like I know enough to really tell if a similar patch is still needed but just in another place, or if this is no longer needed and I can remove the patch. Thanks in advance. [0] https://bugs.webkit.org/show_bug.cgi?id=158785
Attachments
the patch in question (1.83 KB, patch)
2019-09-28 10:05 PDT, Chris King
no flags
Adrian Perez
Comment 1 Saturday, September 28, 2019 8:43:48 PM UTC
The patch for bug #172154 has been merged to the 2.26 stable branch, and the 2.26.1 release does not try to set the the G_TLS_GNUTLS_PRIORITY variable anymore — that is why your patch does not apply. With version 2.26.1 or newer you won't need the patch because GnuTLS 3.5 fixed its lists of allowed algorithms, and we would rather not use ugly hacks in WebKit, and instead rely on updated versions of GnuTLS (which distros *need* to keep to up to date anyway because it is a an important component for security!). TL;DR: WebKit does not have a hack anymore for this, and relies on GnuTLS and glib-networking know to do the right thing. You don't need this patch anymore for building :)
Chris King
Comment 2 Saturday, September 28, 2019 8:56:12 PM UTC
(In reply to Adrian Perez from comment #1) > TL;DR: WebKit does not have a hack anymore for this, and relies > on GnuTLS and glib-networking know to do the right thing. You > don't need this patch anymore for building :) Sweet, thanks for the writeup!
Adrian Perez
Comment 3 Saturday, September 28, 2019 9:49:08 PM UTC
(In reply to Chris King from comment #2) > (In reply to Adrian Perez from comment #1) > > TL;DR: WebKit does not have a hack anymore for this, and relies > > on GnuTLS and glib-networking know to do the right thing. You > > don't need this patch anymore for building :) > > Sweet, thanks for the writeup! Happy to help =)
Note You need to log in before you can comment on or make changes to this bug.