From 31088363f66f29c41768e9da77efb3a41b07e40c Mon Sep 17 00:00:00 2001
From: Flatcar Buildbot <buildbot@flatcar-linux.org>
Date: Mon, 26 Aug 2024 07:17:58 +0000
Subject: [PATCH] net-libs/gnutls: Sync with Gentoo

It's from Gentoo commit 54f9c1fafdc7a60435ef47b8a3c26459ced96256.
---
 .../gnutls/files/gnutls-3.8.7.1-tests.patch   | 45 +++++++++++++++++++
 .../net-libs/gnutls/gnutls-3.8.7.1-r1.ebuild  | 14 +++---
 2 files changed, 52 insertions(+), 7 deletions(-)
 create mode 100644 sdk_container/src/third_party/portage-stable/net-libs/gnutls/files/gnutls-3.8.7.1-tests.patch

diff --git a/sdk_container/src/third_party/portage-stable/net-libs/gnutls/files/gnutls-3.8.7.1-tests.patch b/sdk_container/src/third_party/portage-stable/net-libs/gnutls/files/gnutls-3.8.7.1-tests.patch
new file mode 100644
index 0000000000..1e1b3b54f4
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/net-libs/gnutls/files/gnutls-3.8.7.1-tests.patch
@@ -0,0 +1,45 @@
+https://gitlab.com/gnutls/gnutls/-/commit/f3e8eac0586a19f4dafd89f68006a536b826e65a
+
+From f3e8eac0586a19f4dafd89f68006a536b826e65a Mon Sep 17 00:00:00 2001
+From: Andreas Metzler <ametzler@bebt.de>
+Date: Thu, 15 Aug 2024 16:22:02 +0200
+Subject: [PATCH] revert back to datefudge for "openssl ocsp".
+
+openssl's -attime only changes the verification logic but not the
+generation.
+
+Broken by: d1bc7f644422c4d87edfcd9fafe7f292a1a3a6de
+
+Signed-off-by: Andreas Metzler <ametzler@bebt.de>
+--- a/tests/ocsp-tests/ocsp-must-staple-connection.sh
++++ b/tests/ocsp-tests/ocsp-must-staple-connection.sh
+@@ -48,6 +48,8 @@ fi
+ 
+ . "${srcdir}/scripts/common.sh"
+ 
++skip_if_no_datefudge
++
+ eval "${GETPORT}"
+ # Port for gnutls-serv
+ TLS_SERVER_PORT=$PORT
+@@ -69,7 +71,6 @@ fi
+ 
+ CERTDATE="2016-04-28 00:00:00"
+ TESTDATE="2016-04-29 00:00:00"
+-EPOCHTESTDATE=1461888000
+ EXP_OCSP_DATE="2016-03-27 00:00:00"
+ 
+ OCSP_PID=""
+@@ -129,8 +130,8 @@ cp "${srcdir}/ocsp-tests/certs/ocsp_index.txt.attr" ${ATTRFILE}
+ # SO_REUSEADDR usage.
+ PORT=${OCSP_PORT}
+ launch_bare_server \
+-	  "${OPENSSL}" ocsp -attime "${EPOCHTESTDATE}" \
+-	  -index "${INDEXFILE}" -text \
++	  "$FAKETIME" "${TESTDATE}" \
++	  "${OPENSSL}" ocsp -index "${INDEXFILE}" -text \
+ 	  -port "${OCSP_PORT}" \
+ 	  -rsigner "${srcdir}/ocsp-tests/certs/ocsp-server.pem" \
+ 	  -rkey "${srcdir}/ocsp-tests/certs/ocsp-server.key" \
+-- 
+GitLab
diff --git a/sdk_container/src/third_party/portage-stable/net-libs/gnutls/gnutls-3.8.7.1-r1.ebuild b/sdk_container/src/third_party/portage-stable/net-libs/gnutls/gnutls-3.8.7.1-r1.ebuild
index 3474e58c49..8dee2bec3d 100644
--- a/sdk_container/src/third_party/portage-stable/net-libs/gnutls/gnutls-3.8.7.1-r1.ebuild
+++ b/sdk_container/src/third_party/portage-stable/net-libs/gnutls/gnutls-3.8.7.1-r1.ebuild
@@ -74,6 +74,7 @@ QA_CONFIG_IMPL_DECL_SKIP=(
 
 PATCHES=(
 	"${FILESDIR}"/${PN}-3.8.7.1-configure-brotli.patch
+	"${FILESDIR}"/${PN}-3.8.7.1-tests.patch
 )
 
 src_prepare() {
@@ -89,13 +90,6 @@ src_prepare() {
 	# fails to compile in certain configurations
 	sed -i -e 's/__APPLE__/__NO_APPLE__/' lib/system/certs.c || die
 
-	if [[ ${CHOST} == *-solaris* ]] ; then
-		# should be gone on next release, for gnulib memset_s breakage
-		append-cppflags -D__STDC_WANT_LIB_EXT1__=1
-		# alloca usage, similar
-		sed -i -e '$a#include <alloca.h>' config.h.in || die
-	fi
-
 	# Use sane .so versioning on FreeBSD.
 	#elibtoolize
 
@@ -155,6 +149,12 @@ multilib_src_configure() {
 	)
 
 	ECONF_SOURCE="${S}" econf "${libconf[@]}" "${myeconfargs[@]}"
+
+	if [[ ${CHOST} == *-solaris* ]] ; then
+		# gnulib ends up defining its own pthread_mutexattr_gettype
+		# otherwise, which is causing versioning problems
+		echo "#define PTHREAD_IN_USE_DETECTION_HARD 1" >> config.h || die
+	fi
 }
 
 multilib_src_install_all() {