summary refs log tree commit diff
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2019-03-01 17:52:57 +0100
committerMarius Bakke <mbakke@fastmail.com>2019-03-10 18:49:59 +0100
commite74f153a10ca387a50c3acaf685981048c1bdb70 (patch)
treeeb578251f3f71b6008ee7d63e641e826f78e9275
parentb0f5ec4ffb9fd509c84c0fcf125b2e038e543ebc (diff)
downloadguix-e74f153a10ca387a50c3acaf685981048c1bdb70.tar.gz
gnu: Use OpenSSL 1.1 as the default OpenSSL package.
* gnu/packages/tls.scm (openssl-next): Delete variable.  Move related code ...
(openssl) ... here.
(openssl-1.0): New public variable.  Retain old arguments.
* gnu/packages/crypto.scm (asignify)[inputs]: Change OPENSSL-NEXT to OPENSSL.
* gnu/packages/databases.scm (mariadb)[inputs]: Change from OPENSSL to OPENSSL-1.0.
* gnu/packages/node.scm (node)[inputs]: Likewise.
* gnu/packages/rust.scm (rust-1.19)[inputs]: Likewise.
-rw-r--r--gnu/packages/crypto.scm2
-rw-r--r--gnu/packages/databases.scm2
-rw-r--r--gnu/packages/node.scm2
-rw-r--r--gnu/packages/rust.scm2
-rw-r--r--gnu/packages/tls.scm211
5 files changed, 106 insertions, 113 deletions
diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm
index cc09f4abe1..cfd1df123d 100644
--- a/gnu/packages/crypto.scm
+++ b/gnu/packages/crypto.scm
@@ -817,7 +817,7 @@ security.")
          ("automake" ,automake)
          ("libtool" ,libtool)))
       (inputs
-       `(("openssl" ,openssl-next)))
+       `(("openssl" ,openssl)))
       (home-page "https://github.com/vstakhov/asignify")
       (synopsis "Cryptographic authentication and encryption tool and library")
       (description "Asignify offers public cryptographic signatures and
diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm
index f63257034f..e151a5d9e2 100644
--- a/gnu/packages/databases.scm
+++ b/gnu/packages/databases.scm
@@ -671,7 +671,7 @@ Language.")
        ("zlib" ,zlib)))
     (propagated-inputs
      ;; mariadb.pc says -lssl -lcrypto, so propagate it.
-     `(("openssl" ,openssl)))
+     `(("openssl" ,openssl-1.0)))
     ;; The test suite is very resource intensive and can take more than three
     ;; hours on a x86_64 system.  Give slow and busy machines some leeway.
     (properties '((timeout . 64800)))        ;18 hours
diff --git a/gnu/packages/node.scm b/gnu/packages/node.scm
index a0221601dd..2772f56d9f 100644
--- a/gnu/packages/node.scm
+++ b/gnu/packages/node.scm
@@ -186,7 +186,7 @@
        ("icu4c" ,icu4c)
        ("libuv" ,libuv-1.19)
        ("nghttp2" ,nghttp2 "lib")
-       ("openssl" ,openssl)
+       ("openssl" ,openssl-1.0)
        ("zlib" ,zlib)))
     (synopsis "Evented I/O for V8 JavaScript")
     (description "Node.js is a platform built on Chrome's JavaScript runtime
diff --git a/gnu/packages/rust.scm b/gnu/packages/rust.scm
index 2c9668c2f2..abd873aefa 100644
--- a/gnu/packages/rust.scm
+++ b/gnu/packages/rust.scm
@@ -400,7 +400,7 @@ test = { path = \"../libtest\" }
     (inputs
      `(("jemalloc" ,jemalloc-4.5.0)
        ("llvm" ,llvm-3.9.1)
-       ("openssl" ,openssl)
+       ("openssl" ,openssl-1.0)
        ("libssh2" ,libssh2) ; For "cargo"
        ("libcurl" ,curl)))  ; For "cargo"
 
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index f736447523..1ab9ec5a54 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -9,7 +9,7 @@
 ;;; Copyright © 2016, 2017, 2018 Nils Gillmann <ng0@n0.is>
 ;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
 ;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
-;;; Copyright © 2017, 2018 Marius Bakke <mbakke@fastmail.com>
+;;; Copyright © 2017, 2018, 2019 Marius Bakke <mbakke@fastmail.com>
 ;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
 ;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org>
@@ -262,7 +262,7 @@ required structures.")
 (define-public openssl
   (package
    (name "openssl")
-   (version "1.0.2r")
+   (version "1.1.1b")
    (source (origin
              (method url-fetch)
              (uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -274,13 +274,12 @@ required structures.")
                                        "/openssl-" version ".tar.gz")))
              (sha256
               (base32
-               "1mnh27zf6r1bhm5d9fxqq9slv2gz0d9z2ij9i679b0wapa5x0ldf"))
-             (patches (search-patches "openssl-runpath.patch"
-                                      "openssl-c-rehash-in.patch"))))
+               "0jza8cmznnyiia43056dij1jdmz62dx17wsn0zxksh9h6817nmaw"))
+             (patches (search-patches "openssl-1.1-c-rehash-in.patch"))))
    (build-system gnu-build-system)
    (outputs '("out"
-              "doc"                               ;1.5MiB of man3 pages
-              "static"))                          ;6MiB of .a files
+              "doc"         ;6.8 MiB of man3 pages and full HTML documentation
+              "static"))    ;6.4 MiB of .a files
    (native-inputs `(("perl" ,perl)))
    (arguments
     `(#:disallowed-references (,perl)
@@ -293,31 +292,27 @@ required structures.")
       #:disallowed-references ,(list (canonical-package perl))
       #:phases
       (modify-phases %standard-phases
-        (add-before
-         'configure 'patch-Makefile.org
-         (lambda* (#:key outputs #:allow-other-keys)
-           ;; The default MANDIR is some unusual place.  Fix that.
-           (let ((out (assoc-ref outputs "out")))
-             (patch-makefile-SHELL "Makefile.org")
-             (substitute* "Makefile.org"
-               (("^MANDIR[[:blank:]]*=.*$")
-                (string-append "MANDIR = " out "/share/man\n")))
-             #t)))
-        (replace
-         'configure
-         (lambda* (#:key outputs #:allow-other-keys)
-           (let ((out (assoc-ref outputs "out")))
-             (invoke "./config"
-                     "shared"                 ;build shared libraries
-                     "--libdir=lib"
-
-                     ;; The default for this catch-all directory is
-                     ;; PREFIX/ssl.  Change that to something more
-                     ;; conventional.
-                     (string-append "--openssldir=" out
-                                    "/share/openssl-" ,version)
-
-                     (string-append "--prefix=" out)))))
+        (replace 'configure
+          (lambda* (#:key outputs #:allow-other-keys)
+            (let* ((out (assoc-ref outputs "out"))
+                   (lib (string-append out "/lib")))
+              ;; It's not a shebang so patch-source-shebangs misses it.
+              (substitute* "config"
+                (("/usr/bin/env")
+                 (string-append (assoc-ref %build-inputs "coreutils")
+                                "/bin/env")))
+              (invoke "./config"
+                      "shared"       ;build shared libraries
+                      "--libdir=lib"
+
+                      ;; The default for this catch-all directory is
+                      ;; PREFIX/ssl.  Change that to something more
+                      ;; conventional.
+                      (string-append "--openssldir=" out
+                                     "/share/openssl-" ,version)
+
+                      (string-append "--prefix=" out)
+                      (string-append "-Wl,-rpath," lib)))))
         (add-after 'install 'move-static-libraries
           (lambda* (#:key outputs #:allow-other-keys)
             ;; Move static libraries to the "static" output.
@@ -330,31 +325,20 @@ required structures.")
                           (delete-file file))
                         (find-files lib "\\.a$"))
               #t)))
-        (add-after 'install 'move-man3-pages
+        (add-after 'install 'move-extra-documentation
           (lambda* (#:key outputs #:allow-other-keys)
-            ;; Move section 3 man pages to "doc".
-            (let* ((out    (assoc-ref outputs "out"))
-                   (man3   (string-append out "/share/man/man3"))
-                   (doc    (assoc-ref outputs "doc"))
-                   (target (string-append doc "/share/man/man3")))
-              (mkdir-p target)
-              (for-each (lambda (file)
-                          (rename-file file
-                                       (string-append target "/"
-                                                      (basename file))))
-                        (find-files man3))
-              (delete-file-recursively man3)
-              #t)))
-        (add-before
-         'patch-source-shebangs 'patch-tests
-         (lambda* (#:key inputs native-inputs #:allow-other-keys)
-           (let ((bash (assoc-ref (or native-inputs inputs) "bash")))
-             (substitute* (find-files "test" ".*")
-               (("/bin/sh")
-                (string-append bash "/bin/sh"))
-               (("/bin/rm")
-                "rm"))
-             #t)))
+               ;; Move man3 pages and full HTML documentation to "doc".
+               (let* ((out    (assoc-ref outputs "out"))
+                      (man3   (string-append out "/share/man/man3"))
+                      (html (string-append out "/share/doc/openssl"))
+                      (doc    (assoc-ref outputs "doc"))
+                      (man-target (string-append doc "/share/man/man3"))
+                      (html-target (string-append doc "/share/doc/openssl")))
+                 (copy-recursively man3 man-target)
+                 (delete-file-recursively man3)
+                 (copy-recursively html html-target)
+                 (delete-file-recursively html)
+                 #t)))
         (add-after
          'install 'remove-miscellany
          (lambda* (#:key outputs #:allow-other-keys)
@@ -380,72 +364,81 @@ required structures.")
    (license license:openssl)
    (home-page "https://www.openssl.org/")))
 
-(define-public openssl-next
+(define-public openssl-1.0
   (package
     (inherit openssl)
     (name "openssl")
-    (version "1.1.1b")
+    (version "1.0.2r")
     (source (origin
-             (method url-fetch)
-             (uri (list (string-append "https://www.openssl.org/source/openssl-"
-                                       version ".tar.gz")
-                        (string-append "ftp://ftp.openssl.org/source/"
-                                       "openssl-" version ".tar.gz")
-                        (string-append "ftp://ftp.openssl.org/source/old/"
-                                       (string-trim-right version char-set:letter)
-                                       "/openssl-" version ".tar.gz")))
-              (patches (search-patches "openssl-1.1-c-rehash-in.patch"))
+              (method url-fetch)
+              (uri (list (string-append "https://www.openssl.org/source/openssl-"
+                                        version ".tar.gz")
+                         (string-append "ftp://ftp.openssl.org/source/"
+                                        "openssl-" version ".tar.gz")
+                         (string-append "ftp://ftp.openssl.org/source/old/"
+                                        (string-trim-right version char-set:letter)
+                                        "/openssl-" version ".tar.gz")))
               (sha256
                (base32
-                "0jza8cmznnyiia43056dij1jdmz62dx17wsn0zxksh9h6817nmaw"))))
+                "1mnh27zf6r1bhm5d9fxqq9slv2gz0d9z2ij9i679b0wapa5x0ldf"))
+              (patches (search-patches "openssl-runpath.patch"
+                                       "openssl-c-rehash-in.patch"))))
     (outputs '("out"
-               "doc"        ; 6.8 MiB of man3 pages and full HTML documentation
-               "static"))   ; 6.4 MiB of .a files
+               "doc"                    ;1.5MiB of man3 pages
+               "static"))               ;6MiB of .a files
     (arguments
      (substitute-keyword-arguments (package-arguments openssl)
        ((#:phases phases)
         `(modify-phases ,phases
-           (delete 'patch-tests)          ; These two phases are not needed by
-           (delete 'patch-Makefile.org)   ; OpenSSL 1.1.
-
-           ;; Override configure phase since -rpath is now a configure option.
-           (replace 'configure
-             (lambda* (#:key outputs #:allow-other-keys)
-               (let* ((out (assoc-ref outputs "out"))
-                      (lib (string-append out "/lib")))
-                 ;; It's not a shebang so patch-source-shebangs misses it.
-                 (substitute* "config"
-                   (("/usr/bin/env")
-                    (string-append (assoc-ref %build-inputs "coreutils")
-                                   "/bin/env")))
-                 (invoke "./config"
-                         "shared"       ;build shared libraries
-                         "--libdir=lib"
-
-                         ;; The default for this catch-all directory is
-                         ;; PREFIX/ssl.  Change that to something more
-                         ;; conventional.
-                         (string-append "--openssldir=" out
-                                        "/share/openssl-" ,version)
-
-                         (string-append "--prefix=" out)
-                         (string-append "-Wl,-rpath," lib)))))
-
-           (delete 'move-man3-pages)
-           (add-after 'install 'move-extra-documentation
+           (add-before 'patch-source-shebangs 'patch-tests
+             (lambda* (#:key inputs native-inputs #:allow-other-keys)
+               (let ((bash (assoc-ref (or native-inputs inputs) "bash")))
+                 (substitute* (find-files "test" ".*")
+                   (("/bin/sh")
+                    (string-append bash "/bin/sh"))
+                   (("/bin/rm")
+                    "rm"))
+                 #t)))
+           (add-before 'configure 'patch-Makefile.org
              (lambda* (#:key outputs #:allow-other-keys)
-               ;; Move man3 pages and full HTML documentation to "doc".
-               (let* ((out    (assoc-ref outputs "out"))
-                      (man3   (string-append out "/share/man/man3"))
-                      (html (string-append out "/share/doc/openssl"))
-                      (doc    (assoc-ref outputs "doc"))
-                      (man-target (string-append doc "/share/man/man3"))
-                      (html-target (string-append doc "/share/doc/openssl")))
-                 (copy-recursively man3 man-target)
-                 (delete-file-recursively man3)
-                 (copy-recursively html html-target)
-                 (delete-file-recursively html)
+               ;; The default MANDIR is some unusual place.  Fix that.
+               (let ((out (assoc-ref outputs "out")))
+                 (patch-makefile-SHELL "Makefile.org")
+                 (substitute* "Makefile.org"
+                   (("^MANDIR[[:blank:]]*=.*$")
+                    (string-append "MANDIR = " out "/share/man\n")))
                  #t)))
+        (replace 'configure
+          ;; Override this phase because OpenSSL 1.0 does not understand -rpath.
+          (lambda* (#:key outputs #:allow-other-keys)
+            (let ((out (assoc-ref outputs "out")))
+              (invoke "./config"
+                      "shared"                 ;build shared libraries
+                      "--libdir=lib"
+
+                      ;; The default for this catch-all directory is
+                      ;; PREFIX/ssl.  Change that to something more
+                      ;; conventional.
+                      (string-append "--openssldir=" out
+                                     "/share/openssl-" ,version)
+
+                      (string-append "--prefix=" out)))))
+        (delete 'move-extra-documentation)
+        (add-after 'install 'move-man3-pages
+          (lambda* (#:key outputs #:allow-other-keys)
+            ;; Move section 3 man pages to "doc".
+            (let* ((out    (assoc-ref outputs "out"))
+                   (man3   (string-append out "/share/man/man3"))
+                   (doc    (assoc-ref outputs "doc"))
+                   (target (string-append doc "/share/man/man3")))
+              (mkdir-p target)
+              (for-each (lambda (file)
+                          (rename-file file
+                                       (string-append target "/"
+                                                      (basename file))))
+                        (find-files man3))
+              (delete-file-recursively man3)
+              #t)))
            ;; XXX: Duplicate this phase to make sure 'version' evaluates
            ;; in the current scope and not the inherited one.
            (replace 'remove-miscellany