diff mbox

gnu: lynx: Fix GnuTLS support.

Message ID 877f9k8bkx.fsf@openmailbox.org
State New
Headers show

Commit Message

Kei Yamashita Oct. 7, 2016, 2:42 p.m. UTC
Leo Famulari <leo@famulari.name> writes:

> On Thu, Oct 06, 2016 at 08:48:31PM -0400, Kei Kebreau wrote:
>> HTTPS connections using lynx work on my machine with this patch. Would
>> someone else like to see about this?
>
> Thanks for working on this!
>
> It still fails for me, but in a different way than before [0]:
>
> -----
> $ lynx https://famulari.name                   
>
> Looking up famulari.name
> Making HTTPS connection to famulari.name
> Retrying connection without TLS.
> Looking up famulari.name
> Making HTTPS connection to famulari.name
> Alert!: Unable to make secure connection to remote host.
>
> lynx: Can't access startfile https://famulari.name/
> -----
>
> I assume that I'm missing some environment variable on this Guix /
> Debian system. Any ideas?
>
> If it works for you, I'd say go for it.
>
>> From c18ab7b9c24f07ab86529d7f5f08f4dd21cea549 Mon Sep 17 00:00:00 2001
>> From: Kei Kebreau <kei@openmailbox.org>
>> Date: Thu, 6 Oct 2016 20:38:39 -0400
>> Subject: [PATCH] gnu: lynx: Fix GnuTLS support.
>> 
>> * gnu/packages/lynx.scm (lynx)[arguments]: Pass "--with-gnutls" in
>
> I think this commit message is truncated.
>
> [0] Without this patch, lynx says:
> Alert!: This client does not contain support for HTTPS URLs.

I get the same problem here. Lynx does mention that GnuTLS support is
experimental. Your and Tobias' page work using OpenSSL instead. Try the
new patch attached.
From ee3a889e6902686de4d7c949afcb8cd4a810bd0f Mon Sep 17 00:00:00 2001
From: Kei Kebreau <kei@openmailbox.org>
Date: Fri, 7 Oct 2016 10:36:11 -0400
Subject: [PATCH] gnu: lynx: Support HTTPS (SSL) connections

* gnu/packages/lynx.scm (lynx)[inputs]: Add 'openssl' and remove 'gnutls'.
[arguments]: Add configure flags for OpenSSL support; remove configure flags
for GnuTLS support.
---
 gnu/packages/lynx.scm | 30 ++++++++++++++++--------------
 1 file changed, 16 insertions(+), 14 deletions(-)

Comments

ng0 Oct. 8, 2016, 1:58 p.m. UTC | #1
Hi,

Kei I think you need to consider packaging one of the "pre" versions of
lynx. I understand we are fixed on packaging this with gnutls, so if you
read the changelog of the recent pre versions releases, you will
discover that there was work on gnutls support. If you don't want to
package pre version itself, there might be patches directly. I don't
know how this all works together and it wasn't my intention to find out
when I looked into this, but we should really consider to package recent
pre release of lynx. Note that this is not dev, dev is more experimental
than pre.

Kei Kebreau <kei@openmailbox.org> writes:

> [ Unknown signature status ]
> Leo Famulari <leo@famulari.name> writes:
>
>> On Thu, Oct 06, 2016 at 08:48:31PM -0400, Kei Kebreau wrote:
>>> HTTPS connections using lynx work on my machine with this patch. Would
>>> someone else like to see about this?
>>
>> Thanks for working on this!
>>
>> It still fails for me, but in a different way than before [0]:
>>
>> -----
>> $ lynx https://famulari.name                   
>>
>> Looking up famulari.name
>> Making HTTPS connection to famulari.name
>> Retrying connection without TLS.
>> Looking up famulari.name
>> Making HTTPS connection to famulari.name
>> Alert!: Unable to make secure connection to remote host.
>>
>> lynx: Can't access startfile https://famulari.name/
>> -----
>>
>> I assume that I'm missing some environment variable on this Guix /
>> Debian system. Any ideas?
>>
>> If it works for you, I'd say go for it.
>>
>>> From c18ab7b9c24f07ab86529d7f5f08f4dd21cea549 Mon Sep 17 00:00:00 2001
>>> From: Kei Kebreau <kei@openmailbox.org>
>>> Date: Thu, 6 Oct 2016 20:38:39 -0400
>>> Subject: [PATCH] gnu: lynx: Fix GnuTLS support.
>>> 
>>> * gnu/packages/lynx.scm (lynx)[arguments]: Pass "--with-gnutls" in
>>
>> I think this commit message is truncated.
>>
>> [0] Without this patch, lynx says:
>> Alert!: This client does not contain support for HTTPS URLs.
>
> I get the same problem here. Lynx does mention that GnuTLS support is
> experimental. Your and Tobias' page work using OpenSSL instead. Try the
> new patch attached.
> From ee3a889e6902686de4d7c949afcb8cd4a810bd0f Mon Sep 17 00:00:00 2001
> From: Kei Kebreau <kei@openmailbox.org>
> Date: Fri, 7 Oct 2016 10:36:11 -0400
> Subject: [PATCH] gnu: lynx: Support HTTPS (SSL) connections
>
> * gnu/packages/lynx.scm (lynx)[inputs]: Add 'openssl' and remove 'gnutls'.
> [arguments]: Add configure flags for OpenSSL support; remove configure flags
> for GnuTLS support.
> ---
>  gnu/packages/lynx.scm | 30 ++++++++++++++++--------------
>  1 file changed, 16 insertions(+), 14 deletions(-)
>
> diff --git a/gnu/packages/lynx.scm b/gnu/packages/lynx.scm
> index 3182b3e..84e9038 100644
> --- a/gnu/packages/lynx.scm
> +++ b/gnu/packages/lynx.scm
> @@ -46,26 +46,28 @@
>                       ("perl" ,perl)))
>      (inputs `(("ncurses" ,ncurses)
>                ("libidn" ,libidn)
> -              ("gnutls" ,gnutls)
> +              ("openssl" ,openssl)
>                ("libgcrypt" ,libgcrypt)
>                ("unzip" ,unzip)
>                ("zlib" ,zlib)
>                ("gzip" ,gzip)
>                ("bzip2" ,bzip2)))
>      (arguments
> -     `(#:configure-flags '("--with-pkg-config"
> -                           "--with-screen=ncurses"
> -                           "--with-zlib"
> -                           "--with-bzlib"
> -                           "--with-gnutls"
> -                           ;; "--with-socks5"    ; XXX TODO
> -                           "--enable-widec"
> -                           "--enable-ascii-ctypes"
> -                           "--enable-local-docs"
> -                           "--enable-htmlized-cfg"
> -                           "--enable-gzip-help"
> -                           "--enable-nls"
> -                           "--enable-ipv6")
> +     `(#:configure-flags
> +       (let ((openssl (assoc-ref %build-inputs "openssl")))
> +         `("--with-pkg-config"
> +           "--with-screen=ncurses"
> +           "--with-zlib"
> +           "--with-bzlib"
> +           ,(string-append "--with-ssl=" openssl)
> +           ;; "--with-socks5"    ; XXX TODO
> +           "--enable-widec"
> +           "--enable-ascii-ctypes"
> +           "--enable-local-docs"
> +           "--enable-htmlized-cfg"
> +           "--enable-gzip-help"
> +           "--enable-nls"
> +           "--enable-ipv6"))
>         #:tests? #f  ; no check target
>         #:phases (alist-replace
>                   'install
> -- 
> 2.10.0
>

--
Kei Yamashita Oct. 8, 2016, 4:22 p.m. UTC | #2
ng0 <ngillmann@runbox.com> writes:

> Hi,
>
> Kei I think you need to consider packaging one of the "pre" versions of
> lynx. I understand we are fixed on packaging this with gnutls, so if you
> read the changelog of the recent pre versions releases, you will
> discover that there was work on gnutls support. If you don't want to
> package pre version itself, there might be patches directly. I don't
> know how this all works together and it wasn't my intention to find out
> when I looked into this, but we should really consider to package recent
> pre release of lynx. Note that this is not dev, dev is more experimental
> than pre.
>

I only see lynx 2.8.9 development tarballs. I don't have a problem
targeting those temporarily if it is acceptable to package it and it works.
Leo Famulari Oct. 8, 2016, 9:47 p.m. UTC | #3
On Fri, Oct 07, 2016 at 10:42:38AM -0400, Kei Kebreau wrote:
> I get the same problem here. Lynx does mention that GnuTLS support is
> experimental. Your and Tobias' page work using OpenSSL instead. Try the
> new patch attached.

> From ee3a889e6902686de4d7c949afcb8cd4a810bd0f Mon Sep 17 00:00:00 2001
> From: Kei Kebreau <kei@openmailbox.org>
> Date: Fri, 7 Oct 2016 10:36:11 -0400
> Subject: [PATCH] gnu: lynx: Support HTTPS (SSL) connections
> 
> * gnu/packages/lynx.scm (lynx)[inputs]: Add 'openssl' and remove 'gnutls'.
> [arguments]: Add configure flags for OpenSSL support; remove configure flags
> for GnuTLS support.

Thanks, this works for me.

I think it's fine to use the "dev" releases with GnuTLS too. Debian and
Fedora both use them.
Kei Yamashita Oct. 9, 2016, 5:55 p.m. UTC | #4
Leo Famulari <leo@famulari.name> writes:

> On Fri, Oct 07, 2016 at 10:42:38AM -0400, Kei Kebreau wrote:
>> I get the same problem here. Lynx does mention that GnuTLS support is
>> experimental. Your and Tobias' page work using OpenSSL instead. Try the
>> new patch attached.
>
>> From ee3a889e6902686de4d7c949afcb8cd4a810bd0f Mon Sep 17 00:00:00 2001
>> From: Kei Kebreau <kei@openmailbox.org>
>> Date: Fri, 7 Oct 2016 10:36:11 -0400
>> Subject: [PATCH] gnu: lynx: Support HTTPS (SSL) connections
>> 
>> * gnu/packages/lynx.scm (lynx)[inputs]: Add 'openssl' and remove 'gnutls'.
>> [arguments]: Add configure flags for OpenSSL support; remove configure flags
>> for GnuTLS support.
>
> Thanks, this works for me.
>
> I think it's fine to use the "dev" releases with GnuTLS too. Debian and
> Fedora both use them.

I can confirm that lynx 2.8.9dev.9 works properly with GnuTLS. Should we
use the current stable release with OpenSSL or the development release
with GnuTLS? And if we use the development release, should I submit the
patches as a single version bump with the necessary small adjustments?
Leo Famulari Oct. 9, 2016, 7:20 p.m. UTC | #5
On Sun, Oct 09, 2016 at 01:55:10PM -0400, Kei Kebreau wrote:
> Leo Famulari <leo@famulari.name> writes:
> 
> > On Fri, Oct 07, 2016 at 10:42:38AM -0400, Kei Kebreau wrote:
> >> I get the same problem here. Lynx does mention that GnuTLS support is
> >> experimental. Your and Tobias' page work using OpenSSL instead. Try the
> >> new patch attached.
> >
> >> From ee3a889e6902686de4d7c949afcb8cd4a810bd0f Mon Sep 17 00:00:00 2001
> >> From: Kei Kebreau <kei@openmailbox.org>
> >> Date: Fri, 7 Oct 2016 10:36:11 -0400
> >> Subject: [PATCH] gnu: lynx: Support HTTPS (SSL) connections
> >> 
> >> * gnu/packages/lynx.scm (lynx)[inputs]: Add 'openssl' and remove 'gnutls'.
> >> [arguments]: Add configure flags for OpenSSL support; remove configure flags
> >> for GnuTLS support.
> >
> > Thanks, this works for me.
> >
> > I think it's fine to use the "dev" releases with GnuTLS too. Debian and
> > Fedora both use them.
> 
> I can confirm that lynx 2.8.9dev.9 works properly with GnuTLS. Should we
> use the current stable release with OpenSSL or the development release
> with GnuTLS? And if we use the development release, should I submit the
> patches as a single version bump with the necessary small adjustments?

I would do it all in one: update to 2.8.9dev.9 and correct the configure
flags so it works correctly. I think that "update" and "make the updated
version work correctly" belong in the same commit since one change
doesn't make sense without the other.
diff mbox

Patch

diff --git a/gnu/packages/lynx.scm b/gnu/packages/lynx.scm
index 3182b3e..84e9038 100644
--- a/gnu/packages/lynx.scm
+++ b/gnu/packages/lynx.scm
@@ -46,26 +46,28 @@ 
                      ("perl" ,perl)))
     (inputs `(("ncurses" ,ncurses)
               ("libidn" ,libidn)
-              ("gnutls" ,gnutls)
+              ("openssl" ,openssl)
               ("libgcrypt" ,libgcrypt)
               ("unzip" ,unzip)
               ("zlib" ,zlib)
               ("gzip" ,gzip)
               ("bzip2" ,bzip2)))
     (arguments
-     `(#:configure-flags '("--with-pkg-config"
-                           "--with-screen=ncurses"
-                           "--with-zlib"
-                           "--with-bzlib"
-                           "--with-gnutls"
-                           ;; "--with-socks5"    ; XXX TODO
-                           "--enable-widec"
-                           "--enable-ascii-ctypes"
-                           "--enable-local-docs"
-                           "--enable-htmlized-cfg"
-                           "--enable-gzip-help"
-                           "--enable-nls"
-                           "--enable-ipv6")
+     `(#:configure-flags
+       (let ((openssl (assoc-ref %build-inputs "openssl")))
+         `("--with-pkg-config"
+           "--with-screen=ncurses"
+           "--with-zlib"
+           "--with-bzlib"
+           ,(string-append "--with-ssl=" openssl)
+           ;; "--with-socks5"    ; XXX TODO
+           "--enable-widec"
+           "--enable-ascii-ctypes"
+           "--enable-local-docs"
+           "--enable-htmlized-cfg"
+           "--enable-gzip-help"
+           "--enable-nls"
+           "--enable-ipv6"))
        #:tests? #f  ; no check target
        #:phases (alist-replace
                  'install