gnu: nss: Make tests deterministic.

Tests would fail once certificates had expired, along these lines: chains.sh: Verifying certificate(s) PayPalEE.cert with flags -d AllDB -pp -o OID.2.16.840.1.114412.1.1 vfychain -d AllDB -pp -vv -o OID.2.16.840.1.114412.1.1 /tmp/guix-build-nss-3.39.drv-0/nss-3.39/nss/tests/libpkix/certs/PayPalEE.cert Chain is bad! PROBLEM WITH THE CERT CHAIN: CERT 0. PayPalEE : ERROR -8181: Peer's Certificate has expired. Returned value is 1, expected result is pass Using 'faketime' allows us to get deterministic results. * gnu/packages/gnuzilla.scm (nss)[arguments]: In 'check' phase, run 'all.sh' under 'faketime'. [native-inputs]: Add LIBFAKETIME.
2018-11-17 19:02:18 +01:00 · 2018-11-17 19:02:18 +01:00 · bc9aa60bd5
parent 85b28320d4
commit bc9aa60bd5
1 changed files with 9 additions and 2 deletions
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@ -39,6 +39,7 @@
  #:use-module (gnu packages audio)
  #:use-module (gnu packages autotools)
  #:use-module (gnu packages base)
+  #:use-module (gnu packages check)
  #:use-module (gnu packages databases)
  #:use-module (gnu packages glib)
  #:use-module (gnu packages gtk)
@ -417,7 +418,12 @@ in the Mozilla clients.")
             (setenv "DOMSUF" "(none)")
             (setenv "USE_IP" "TRUE")
             (setenv "IP_ADDRESS" "127.0.0.1")
-             (invoke "./nss/tests/all.sh")))
+
+             ;; The "PayPalEE.cert" certificate expires every six months,
+             ;; leading to test failures:
+             ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>.  To
+             ;; work around that, set the time to roughly the release date.
+             (invoke "faketime" "2018-09-01" "./nss/tests/all.sh")))
           (replace 'install
             (lambda* (#:key outputs #:allow-other-keys)
               (let* ((out (assoc-ref outputs "out"))
@ -453,7 +459,8 @@ in the Mozilla clients.")
     `(("sqlite" ,sqlite)
       ("zlib" ,zlib)))
    (propagated-inputs `(("nspr" ,nspr))) ; required by nss.pc.
-    (native-inputs `(("perl" ,perl)))
+    (native-inputs `(("perl" ,perl)
+                     ("libfaketime" ,libfaketime))) ;for tests

    ;; The NSS test suite takes around 48 hours on Loongson 3A (MIPS) when
    ;; another build is happening concurrently on the same machine.