Re: Issues with security/step-cli

Reply: Markus Wipp : "Re: Issues with security/step-cli"
In reply to: Markus Wipp : "Re: Issues with security/step-cli"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Michael Gmelin <freebsd_at_grem.de>
Date: Tue, 03 Aug 2021 12:34:18 UTC

On Tue, 3 Aug 2021 13:41:42 +0200
Markus Wipp <mw@wipp.bayern> wrote:

> Sure. I attached you the diff.
> 
> 
> > On 3. Aug 2021, at 13:35, Michael Gmelin <freebsd@grem.de> wrote:
> > 
> > 
> >   
> >> On 3. Aug 2021, at 13:29, Markus Wipp <mw@wipp.bayern> wrote:
> >> 
> >> Hi all, 
> >> 
> >> I’m the maintainer of the security/step-cli port and I’m currently
> >> facing some issues, I seem to be unable to fix.
> >> 
> >> I currently try to create the patch for the latest version 0.16.1
> >> 
> >> I did the following:
> >> 
> >> 1) I removed all files in /usr/ports/distfiles
> >> 2) I did a make clean makesum stage (which ran fine)
> >> 3) I did a make clean package (which always runs into the
> >> following error: => Attempting to fetch
> >> https://codeload.github.com/etcd-io/etcd/tar.gz/v3.5.0?dummy=/etcd-io-etcd-v3.5.0_GH0.tar.gz
> >> fetch: 4020010: No such file or directory fetch: 4020010: No such
> >> file or directory fetch: 4020010: No such file or directory
> >> fetch: 4020010: No such file or directory
> >> fetch: 4020010: No such file or directory
> >> fetch: 4020010: No such file or directory
> >> fetch: 4020010: No such file or directory
> >> fetch: 4020010: No such file or directory
> >> fetch: 4020010: No such file or directory
> >> fetch:
> >> https://codeload.github.com/etcd-io/etcd/tar.gz/v3.5.0?dummy=/etcd-io-etcd-v3.5.0_GH0.tar.gz:
> >> size unknown fetch:
> >> https://codeload.github.com/etcd-io/etcd/tar.gz/v3.5.0?dummy=/etcd-io-etcd-v3.5.0_GH0.tar.gz:
> >> size of remote file is not known etcd-io-etcd-v3.5.0_GH0.tar.gz
> >>                     3925 kB   10 MBps    00s => Attempting to
> >> fetch
> >> http://distcache.FreeBSD.org/ports-distfiles/etcd-io-etcd-v3.5.0_GH0.tar.gz
> >> fetch: 4020010: No such file or directory fetch: 4020010: No such
> >> file or directory fetch: 4020010: No such file or directory fetch:
> >> 4020010: No such file or directory fetch: 4020010: No such file or
> >> directory fetch: 4020010: No such file or directory fetch:
> >> 4020010: No such file or directory fetch: 4020010: No such file or
> >> directory fetch: 4020010: No such file or directory fetch:
> >> http://distcache.FreeBSD.org/ports-distfiles/etcd-io-etcd-v3.5.0_GH0.tar.gz:
> >> Not Found => Couldn't fetch it - please try to retrieve this =>
> >> port manually into /usr/ports/distfiles/ and try again. *** Error
> >> code 1
> >> 
> >> Is there anything I did wrong? Anything I can do to fix this issue?
> >>   
> > 
> > Unless someone else knows what’s wrong anyway: Could you share your
> > port skeleton? (at least the files that changed or the output of
> > `git diff’)
> > 
> >   
> >> Thanks in advance
> >> Markus  
> 

distinfo contains the entry for etcd-io-etcd-v3.5.0_GH0.tar.gz multiple
times (due to it being listed multiple times in GH_TUPLE).

It seems to build okay when getting rid of the duplicates in distinfo.
I don't know if what you're doing is officially supported, but if it
is, we should probably adapt tooling. Also, portlint didn't
complain and `make makesum' re-creates the duplicates.

@portmgr Please find attached an example of a patch that dedups distinfo
on `make makesum', it might more sense to fix this somewhere else in
the framework (so that e.g., checksums aren't validated multiple times
etc.), up to you.

Cheers,
Michael

-- 
Michael Gmelin