diff options
Diffstat (limited to 'gnu/packages/tls.scm')
-rw-r--r-- | gnu/packages/tls.scm | 146 |
1 files changed, 63 insertions, 83 deletions
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index c8eea9c928..ce8abfb9a2 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2019 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2019, 2020 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2014, 2015, 2016, 2017, 2018 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2014 Ian Denhardt <ian@zenhack.net> ;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr> @@ -13,6 +13,7 @@ ;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com> ;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org> +;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -70,7 +71,7 @@ (define-public libtasn1 (package (name "libtasn1") - (version "4.14") + (version "4.16.0") (source (origin (method url-fetch) @@ -78,7 +79,7 @@ version ".tar.gz")) (sha256 (base32 - "025sqnlzji78ss2fi78dajc0v0h5fi02wp39hws41sn8qnjlnq4y")))) + "179jskl7dmfp1rd2khkzmlibzgki4wi6hvmmwfv7q49r728b03qf")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--disable-static"))) @@ -162,7 +163,7 @@ living in the same process.") (define-public gnutls (package (name "gnutls") - (version "3.6.9") + (version "3.6.12") (source (origin (method url-fetch) (uri @@ -174,7 +175,7 @@ living in the same process.") (patches (search-patches "gnutls-skip-trust-store-test.patch")) (sha256 (base32 - "1jqz5s3lv8sa53348cfi9nr5pw5l55n8m40b8msdvv0pb2jzqca3")))) + "0jvca1qahn9lrwv6f5kfs95icirc15b2a8x9fzczyj996ipg3b5z")))) (build-system gnu-build-system) (arguments `(; Ensure we don't keep a reference to this buggy software. @@ -224,9 +225,11 @@ living in the same process.") (native-inputs `(("net-tools" ,net-tools) ("pkg-config" ,pkg-config) - ("which" ,which))) + ("which" ,which) + ("datefudge" ,datefudge) ;tests rely on 'datefudge' + ("util-linux" ,util-linux))) ;one test needs 'setsid' (inputs - `(("guile" ,guile-2.2))) + `(("guile" ,guile-3.0))) (propagated-inputs ;; These are all in the 'Requires.private' field of gnutls.pc. `(("libtasn1" ,libtasn1) @@ -263,51 +266,21 @@ required structures.") (inputs `(("unbound" ,unbound) ,@(package-inputs gnutls))))) -(define gnutls-3.6.10 - ;; This is for 'guile3.0-gnutls', below. Version 3.6.10 is the first to - ;; introduce Guile 2.9/3.0 support. +(define-public guile2.2-gnutls (package (inherit gnutls) - (version "3.6.10") - (source (origin - (inherit (package-source gnutls)) - (uri (string-append "mirror://gnupg/gnutls/v" - (version-major+minor version) - "/gnutls-" version ".tar.xz")) - (sha256 - (base32 - "14r2h73yfj66cm14k9mnb3kgzq5a7qjg5b31m53bf19vcxkwmwxi")))) - (native-inputs - `(,@(package-native-inputs gnutls) - - ;; Datefudge is used to fuzz time for tests, and its presence - ;; enables a test that uses 'setsid' from util-linux. - ("datefudge" ,datefudge) - ("util-linux" ,util-linux))))) + (name "guile2.2-gnutls") + (inputs `(("guile" ,guile-2.2) + ,@(alist-delete "guile" + (package-inputs gnutls)))))) (define-public guile3.0-gnutls - (package - (inherit gnutls-3.6.10) - (name "guile3.0-gnutls") - (arguments - (substitute-keyword-arguments (package-arguments gnutls-3.6.10) - ((#:phases phases '%standard-phases) - `(modify-phases ,phases - (add-before 'build 'leave-guile-stdout-open - (lambda _ - ;; Work around <https://bugs.gnu.org/38348>. - (substitute* "guile/Makefile" - (("out=-") "out=/dev/null")) - #t)))))) - (inputs `(("guile" ,guile-next) - ,@(alist-delete "guile" - (package-inputs gnutls-3.6.10)))))) + (deprecated-package "guile3.0-gnutls" gnutls)) (define-public openssl (package (name "openssl") - (version "1.1.1c") - (replacement openssl-1.1.1d) + (version "1.1.1d") (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -319,7 +292,7 @@ required structures.") "/openssl-" version ".tar.gz"))) (sha256 (base32 - "142c7zdlz06hjrrvinb9f276czc78bnkyhd9xma621qmmmwk1yzn")) + "1whinyw402z3b9xlb3qaxv4b9sk4w1bgh9k0y8df1z4x3yy92fhy")) (patches (search-patches "openssl-1.1-c-rehash-in.patch")))) (build-system gnu-build-system) (outputs '("out" @@ -327,9 +300,7 @@ required structures.") "static")) ;6.4 MiB of .a files (native-inputs `(("perl" ,perl))) (arguments - `(#:disallowed-references (,perl) - #:parallel-build? #f - #:parallel-tests? #f + `(#:parallel-tests? #f #:test-target "test" ;; Changes to OpenSSL sometimes cause Perl to "sneak in" to the closure, @@ -337,6 +308,23 @@ required structures.") #:disallowed-references ,(list (canonical-package perl)) #:phases (modify-phases %standard-phases + ,@(if (%current-target-system) + '((add-before + 'configure 'set-cross-compile + (lambda* (#:key target outputs #:allow-other-keys) + (setenv "CROSS_COMPILE" (string-append target "-")) + (setenv "CONFIGURE_TARGET_ARCH" + (cond + ((string-prefix? "i686" target) + "linux-x86") + ((string-prefix? "x86_64" target) + "linux-x86_64") + ((string-prefix? "arm" target) + "linux-armv4") + ((string-prefix? "aarch64" target) + "linux-aarch64"))) + #t))) + '()) (replace 'configure (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) @@ -346,7 +334,9 @@ required structures.") (("/usr/bin/env") (string-append (assoc-ref %build-inputs "coreutils") "/bin/env"))) - (invoke "./config" + (invoke ,@(if (%current-target-system) + '("./Configure") + '("./config")) "shared" ;build shared libraries "--libdir=lib" @@ -357,7 +347,10 @@ required structures.") "/share/openssl-" ,version) (string-append "--prefix=" out) - (string-append "-Wl,-rpath," lib))))) + (string-append "-Wl,-rpath," lib) + ,@(if (%current-target-system) + '((getenv "CONFIGURE_TARGET_ARCH")) + '()))))) (add-after 'install 'move-static-libraries (lambda* (#:key outputs #:allow-other-keys) ;; Move static libraries to the "static" output. @@ -409,24 +402,6 @@ required structures.") (license license:openssl) (home-page "https://www.openssl.org/"))) -(define openssl-1.1.1d - (package - (inherit openssl) - (version "1.1.1d") - (source (origin - (method url-fetch) - (uri (list (string-append "https://www.openssl.org/source/openssl-" - version ".tar.gz") - (string-append "ftp://ftp.openssl.org/source/" - "openssl-" version ".tar.gz") - (string-append "ftp://ftp.openssl.org/source/old/" - (string-trim-right version char-set:letter) - "/openssl-" version ".tar.gz"))) - (patches (search-patches "openssl-1.1-c-rehash-in.patch")) - (sha256 - (base32 - "1whinyw402z3b9xlb3qaxv4b9sk4w1bgh9k0y8df1z4x3yy92fhy")))))) - (define-public openssl-1.0 (package (inherit openssl) @@ -473,21 +448,26 @@ required structures.") (("^MANDIR[[:blank:]]*=.*$") (string-append "MANDIR = " out "/share/man\n"))) #t))) - (replace 'configure - ;; Override this phase because OpenSSL 1.0 does not understand -rpath. - (lambda* (#:key outputs #:allow-other-keys) - (let ((out (assoc-ref outputs "out"))) - (invoke "./config" - "shared" ;build shared libraries - "--libdir=lib" - - ;; The default for this catch-all directory is - ;; PREFIX/ssl. Change that to something more - ;; conventional. - (string-append "--openssldir=" out - "/share/openssl-" ,version) - - (string-append "--prefix=" out))))) + (replace 'configure + ;; Override this phase because OpenSSL 1.0 does not understand -rpath. + (lambda* (#:key outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + (invoke ,@(if (%current-target-system) + '("./Configure") + '("./config")) + "shared" ;build shared libraries + "--libdir=lib" + + ;; The default for this catch-all directory is + ;; PREFIX/ssl. Change that to something more + ;; conventional. + (string-append "--openssldir=" out + "/share/openssl-" ,version) + + (string-append "--prefix=" out) + ,@(if (%current-target-system) + '((getenv "CONFIGURE_TARGET_ARCH")) + '()))))) (delete 'move-extra-documentation) (add-after 'install 'move-man3-pages (lambda* (#:key outputs #:allow-other-keys) |