Re: [RFS] golang-mozilla-pkcs7

To: debian-go@lists.debian.org
Subject: Re: [RFS] golang-mozilla-pkcs7
From: Peymaneh Nejad <p.nejad@posteo.de>
Date: Sun, 11 Jul 2021 14:42:33 +0000
Message-id: <[🔎] 9b39401e-0128-0e46-5e4d-afd6ce2d5294@posteo.de>
In-reply-to: <[🔎] 689BE112-FF4B-49D6-A05F-0251CF5AF0F2@nileshpatra.info>
References: <[🔎] 71476d89-ec3d-2bbd-4785-c88435bffb8c@posteo.de> <[🔎] YN8LyvBrnC3vdz7i@debian> <[🔎] d9d9e9ce-6236-7131-91d6-496b3fb93864@posteo.de> <[🔎] d3fc266a-b2a1-09d6-9ab8-9b0396d534bc@posteo.de> <[🔎] 689BE112-FF4B-49D6-A05F-0251CF5AF0F2@nileshpatra.info>



Am 11.07.21 um 15:35 schrieb Nilesh Patra:



Hi,

On 11 July 2021 6:51:19 pm IST, Peymaneh Nejad <p.nejad@posteo.de> wrote:

Hi Nilesh

Am 02.07.21 um 14:51 schrieb Nilesh Patra:

On 02/07/21 12:04 PM, Peymaneh Nejad wrote:


Another dependency for step-cli:

https://salsa.debian.org/go-team/packages/golang-mozilla-pkcs7


There's already github.com/fullsailor/pkcs7 of which the go.mozilla
package is a fork.
Is it impossible to replace the go.mozilla pkcs7 with the former in

the

package?

If yes, that should be done. I do not see a lot of point (or any

point) in

packaging
forks unless very essential.
As an example, it has been done here[1] so if you can do
so, make some tweaks and check, that'd be good.

If it does not work, maybe it'd be better to add missing
functionalitites as a debian patch to  github.com/fullsailor/pkcs7
provided it isn't too hard to maintain


I looked into the diffs between the fullsailor/pkcs7 and the mozilla
fork since
this is also a dependency of smallstep/certificates (another of caddys
dependencies).

To sum up:
4 of the 7 functions that are used have been modified directly or
indirectly by
the fork. A complete overview of the changes is here[1]

While some of the changes are rather easy to patch (like adding support
for
another en-/decryption mode while staying backwards compatible) there
are some
commits that change the functions themselves and I am not sure if I can
grasp
the implications of the changes to the functionality of the package.

Please have a look and let me know what you think


Looks like a rather huge delta, unfortunately. However, what I was asking for was not to see what's different between the fork and the original package.

What I wanted to ask and wanted you to test was:

1. Does smallstep/certificates (the package which you're targetting) work with fullsailor/pkcs7 instead of mozilla/pkcs7?

2. If it does not, will it be possible to apply some minimal patches to fullsailor/pkc7 to make it work?

If choice 1 works, change the import paths and done. If choice 2 works, simply patch the fullsailor/pkcs7 package a little and we are good to go.

If none of these work, I'd want to think of uploading the fork then.


Ah, I see. Then I'll try that. Thx for your patience :)

Peymaneh

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to:

References:
- [RFS] golang-mozilla-pkcs7
  - From: Peymaneh Nejad <p.nejad@posteo.de>
- Re: [RFS] golang-mozilla-pkcs7
  - From: Nilesh Patra <nilesh@debian.org>
- Re: [RFS] golang-mozilla-pkcs7
  - From: Peymaneh Nejad <p.nejad@posteo.de>
- Re: [RFS] golang-mozilla-pkcs7
  - From: Peymaneh Nejad <p.nejad@posteo.de>
- Re: [RFS] golang-mozilla-pkcs7
  - From: Nilesh Patra <nilesh@nileshpatra.info>

Prev by Date: Re: [RFS] golang-mozilla-pkcs7
Next by Date: Bug#990946: ITP: step-ca -- private certificate authority
Previous by thread: Re: [RFS] golang-mozilla-pkcs7
Next by thread: Errors Packaging Nebula
Index(es):
- Date
- Thread