Quoting Fabian Grünbichler (2025-04-12 16:13:42)
> On Mon, Apr 7, 2025, at 9:37 AM, Jonas Smedegaard wrote:
> > Quoting Jonas Smedegaard (2025-04-07 09:29:04)
> >> Package: librust-secret-service-dev
> >> Version: 4.0.0-4
> >> Severity: grave
> >>
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA512
> >>
> >> Builds involving this package fails to build:
> >>
> >> error[E0428]: the name `hkdf` is defined multiple times
> >> -->
> >> /build/rust-email-lib-0+20250111/debian/cargo_registry/secret-service-4.0.0/src/session.rs:131:1
> >> |
> >> 111 | fn hkdf(ikm: Vec<u8>, salt: Option<&[u8]>, okm: &mut [u8]) {
> >> | ---------------------------------------------------------- previous
> >> definition of the value `hkdf` here
> >> ...
> >> 131 | fn hkdf(ikm: Vec<u8>, salt: Option<&[u8]>, okm: &mut [u8]) {
> >> | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ `hkdf`
> >> redefined here
> >> |
> >> = note: `hkdf` must be defined only once in the value namespace of
> >> this module
> >>
> >> error[E0428]: the name `encrypt` is defined multiple times
> >> -->
> >> /build/rust-email-lib-0+20250111/debian/cargo_registry/secret-service-4.0.0/src/session.rs:267:1
> >> |
> >> 242 | pub fn encrypt(data: &[u8], key: &AesKey, iv: &[u8]) -> Vec<u8> {
> >> | ---------------------------------------------------------------
> >> previous definition of the value `encrypt` here
> >> ...
> >> 267 | pub fn encrypt(data: &[u8], key: &AesKey, iv: &[u8]) -> Vec<u8> {
> >> | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >> `encrypt` redefined here
> >> |
> >> = note: `encrypt` must be defined only once in the value namespace of
> >> this module
> >>
> >> error[E0428]: the name `decrypt` is defined multiple times
> >> -->
> >> /build/rust-email-lib-0+20250111/debian/cargo_registry/secret-service-4.0.0/src/session.rs:284:1
> >> |
> >> 254 | pub fn decrypt(encrypted_data: &[u8], key: &AesKey, iv: &[u8]) ->
> >> Result<Vec<u8>, Error> {
> >> |
> >> ----------------------------------------------------------------------------------------
> >> previous definition of the value `decrypt` here
> >> ...
> >> 284 | pub fn decrypt(encrypted_data: &[u8], key: &AesKey, iv: &[u8]) ->
> >> Result<Vec<u8>, Error> {
> >> |
> >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >> `decrypt` redefined here
> >> |
> >> = note: `decrypt` must be defined only once in the value namespace of
> >> this module
> >
> > Possibly the cause of this issue is that the Debian packaging carries a
> > patch that mangles upstream default feature to enforce a specific
> > crypto engine: That might very well wreak havoc for any reverse
> > dependency expecting to be able to, well, *choose* a crypto engine.
> >
> > Just a guess, and since the patch is totally undocumented - i.e. lacks
> > DEP-3 patch headers and is not mentioned in changelog, I give up
> > speculating any further...
>
> I looked at this a bit during the BSP here - could you give more context
> about how you trigger the failure? AFAICT you can just disable default
> features on your side and pick the runtime+crypto-backend combination
> of your choice and things should work as expected - the latter you
> have to do anyway, since neither no features enabled, nor all features
> enabled would work.
>
> the default feature is the easiest way to get some build/autopkgtest
> coverage, we could of course also skip tests at build time altogether
> instead, or add a ton of manual overrides, but I am not sure it is worth
> it..Upstream default for the crate secret-service is to not decide on a crypto engine. Debian packaging enforces a crypto engine, which means that downstream reverse dependencies of secret-service needs to be patched to match that fork of the upstream API. I fail to understand how that is "the easiest way". - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ * Sponsorship: https://ko-fi.com/drjones [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
