-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 That means that that package did not install any files. That should of course not happen. Check if you are calling "make install" and perform a clean build. Best, - -Michael On Sun, 2018-06-17 at 10:37 +0200, Peter Müller wrote: > Hello, > > while updating gnupg, I stumbled over an empty log file (log/gunpg-1.4.23). > However, it seems to compile successfully. What is this supposed to mean? > > Thanks, and best regards, > Peter Müller > > > Hi, > > > > On Sun, 2018-01-07 at 14:42 +0100, Peter Müller wrote: > > > Hello, > > > > > > while trying to update entire packages in IPFire (some > > > of them are outdated) and to fix some bugs, I ran into > > > a couple of questions: > > > > > > (a) How to update entire packages? > > > > > > As far as I understood, to every package belongs a file > > > in lfs/[package_name], containing information about how > > > to build, apply patches to it, and so on. > > > > Yes. > > > > > It seems like packages are downloaded from https://source.ipfire.org/ , > > > but it did not became clear to me how to upload a new > > > version of a package to this server. Of course, the > > > download URL can be changed manually, but that seems rather > > > ugly to me. > > > > We usually upload everything here manually since the official download > > mirrors > > are always a bit slow and maintainers seem to move their packages around a > > lot > > by moving them to an /old/ directory and then the URLs break. That's not > > fun. > > > > So we need to create an LDAP account for you and then you can login to > > git.ipfire.org and upload them to /pub/sources/... > > > > > Unfortunately, I was unable to find a sort of tutorial > > > in the wiki for this issue. > > > > Indeed this isn't being documented. > > > > > (b) How to apply patches to downloaded packages with changed filenames? > > > > > > As discussed in December (https://wiki.ipfire.org/devel/telco/2017-12-04), > > > I am supposed to have a look at the DEFAULT cipher suite in > > > OpenSSL. > > > > > > To change this value, the .tar.gz file needs to be downloaded > > > and unpacked first. After that, the file "ssl/ssl.h" needs to be > > > changed. > > > > We NEVER change the original archives that we download from some project's > > website. That makes it impossible to track what has been changed compared to > > the > > official release. So, we use patches. > > > > > The patch at src/patches/openssl-1.0.2h-weak-ciphers.patch does > > > something similar: > > > > > > diff -Naur openssl-1.0.2h.org/ssl/ssl.h openssl-1.0.2h/ssl/ssl.h > > > --- openssl-1.0.2h.org/ssl/ssl.h 2016-05-03 15:44:42.000000000 > > > +0200 > > > +++ openssl-1.0.2h/ssl/ssl.h 2016-05-03 18:49:10.393302264 +0200 > > > @@ -338,7 +338,7 @@ > > > * The following cipher list is used by default. It also is substituted > > > when > > > * an application-defined cipher list string starts with 'DEFAULT'. > > > */ > > > -# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2" > > > +# define SSL_DEFAULT_CIPHER_LIST > > > "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2:!RC2:!DES" > > > /* > > > * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always > > > * starts with a reasonable order, and all we have to do for DEFAULT is > > > > > > But where does the file openssl-[...].org came from? > > > > That isn't a domain name. It is usually that I extract the archive like > > this: > > > > tar xvfa openssl-1.0.2h.tar.gz > > > > Then I move everything to a new directory that usually gets a ".org" or "- > > vanilla" suffix. This is the original version as it comes from the upstream > > project. > > > > Then I extract the tarball again and modify my files. > > > > And finally I just diff the changed directory against the original one like > > this: > > > > diff -Nur openssl-1.0.2h.org/ openssl-1.0.2h/ > > > > And that creates the patch. > > > > For bigger changes I just check out their Git repository and create a new > > branch > > based on the latest release. This is also handy when submitting the patches > > upstream. > > > > > (c) How to build the distribution partly? > > > > > > In the past, I handed in some patches to allow remote syslogging via > > > TCP, too. After some struggles (settings are written by a C program, not > > > the CGI file itself), I modified syslogdctrl.c, and the changes were > > > shipped. > > > (See https://bugzilla.ipfire.org/show_bug.cgi?id=11540 for details.) > > > > > > But since this program now crashes with a segfault on my machine (*sigh*), > > > it seems like my patch contained some errors. > > > > > > However, building the entire distribution is somewhat time-consuming > > > and not worth the effort for a probably small error. Is there any way > > > of just building this C program, and omit the rest? > > > > You have to build the entire distribution the first time. If you want to > > rebuild > > a single package, you have to delete the log file for that package from the > > logs/ directory and run "./make.sh build" again. > > > > Hope this helps so far. If you have any more questions, please ask. > > > > Best, > > -Michael > > > > > > > > > > > Thanks in advance! > > > > > > Best regards, > > > Peter Müller > > -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE5/rW5l3GGe2ypktxgHnw/2+QCQcFAlsmYPYACgkQgHnw/2+Q CQeJCw/+O6SPT7VsVO+fdSq6zn7eN3WWFoPNaibCldfV/+jSRtNBCMQD9LRjhXW8 Qe7XPFrD0ApvRFTOSDwqgBlSstAB0pZ3cI0jdvdWFK2Oi39ZTvHxCWMxnHPyhdxH AdPJp/QIKYbDpoCGnghvhBf644GmryooTxTaoTrntEI+aQQoESdkc0DxmZZ6QsbV AtboCRSBQgc15g7vaZttakarHLIqyG8YKjQ+4AXJQ8Ntr7y6tpfCjan4MaMykbS1 f5gtIu0FBuRvpSAyoqCoLYTCME1J1Wk7w2evtkpm43f+ciBdBmQtRsBjC1jGJwBH I5ZAR97PqG9cIDIBkOhXP0bZAKbiETEkMr0TIrEj0dPJRyHUn+imtM1RujtybURb 1ybkT/SFpua7JSlrRVJzxH0DdSpbU6LQZDygwnduVCHe+fmfskRUWC8OtC6ERQJO 5jU5gFOqUmsEeuOsYpJUstNeekpAac/7gN+1IizCKfPwb5t0tjob02YhlVbHvKHq uEylBrJA7R6kqGGrChfdev1j1zP3fmAXArQS7W8Y2BGex/U958LqXwmXjalW7dbR XVJ0K8yZF8m3amYX0iGOzxc5BF+ot9DE9/bmxS5PQTkqKwv9BZBUnNCJvST0/Jg9 HIKGlC/dhrPNRAVT648XyCUiUFLuZf7OtQV2gzn+33knJsp9z6M= =FSqs -----END PGP SIGNATURE-----