diff options
| author | Franz Geffke <franz@pantherx.org> | 2023-06-25 16:07:34 +0100 |
|---|---|---|
| committer | Franz Geffke <franz@pantherx.org> | 2023-06-25 16:07:34 +0100 |
| commit | 54b4056ac571611892c743b65f4c47dc298c49da (patch) | |
| tree | 36e4a84137d2b9bc9a241cf82563da6114bf6189 /px/packages/tls.scm | |
initial commit
Diffstat (limited to 'px/packages/tls.scm')
| -rw-r--r-- | px/packages/tls.scm | 174 |
1 files changed, 174 insertions, 0 deletions
diff --git a/px/packages/tls.scm b/px/packages/tls.scm new file mode 100644 index 0000000..65b8829 --- /dev/null +++ b/px/packages/tls.scm @@ -0,0 +1,174 @@ +(define-module (px packages tls) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix build-system gnu) + #:use-module (guix download) + #:use-module (guix gexp) + #:use-module (guix packages) + #:use-module (guix utils) + #:use-module (gnu packages) + #:use-module (gnu packages base) + #:use-module (gnu packages perl)) + + +(define-public openssl-1.0 + (package + (name "openssl") + (version "1.0.2u") + (source (origin + (method url-fetch) + (uri (list (string-append "https://www.openssl.org/source/openssl-" + version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/" + "openssl-" version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/old/" + (string-trim-right version char-set:letter) + "/openssl-" version ".tar.gz"))) + (patches (search-patches "openssl-runpath.patch" + "openssl-c-rehash-in.patch")) + (sha256 + (base32 + "05lxcs4hzyfqd5jn0d9p0fvqna62v2s4pc9qgmq0dpcknkzwdl7c")))) + (build-system gnu-build-system) + (outputs '("out" + "doc" ;1.5MiB of man3 pages + "static")) ;6MiB of .a files + (native-inputs (list perl)) + (arguments + `(#:parallel-tests? #f + #:test-target "test" + + ;; Changes to OpenSSL sometimes cause Perl to "sneak in" to the closure, + ;; so we explicitly disallow it here. + #:disallowed-references ,(list (canonical-package perl)) + #:phases + ,#~ + (modify-phases %standard-phases + #$@(if (%current-target-system) + #~((add-before + 'configure 'set-cross-compile + (lambda* (#:key target #:allow-other-keys) + (setenv "CROSS_COMPILE" (string-append target "-")) + (setenv "CONFIGURE_TARGET_ARCH" + #$(target->openssl-target + (%current-target-system)))))) + #~()) + ;; This test seems to be dependant on kernel features. + ;; https://github.com/openssl/openssl/issues/12242 + #$@(if (or (target-arm?) + (target-riscv64?)) + #~((replace 'check + (lambda* (#:key tests? test-target #:allow-other-keys) + (when tests? + (invoke "make" "TESTS=-test_afalg" test-target))))) + #~()) + (replace 'configure + ;; Override this phase because OpenSSL 1.0 does not understand -rpath. + (lambda* (#:key outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + (invoke #$@(if (%current-target-system) + #~("./Configure") + #~("./config")) + "shared" ;build shared libraries + "--libdir=lib" + + ;; The default for this catch-all directory is + ;; PREFIX/ssl. Change that to something more + ;; conventional. + (string-append "--openssldir=" out + "/share/openssl-" #$version) + + (string-append "--prefix=" out) + #$@(if (%current-target-system) + '((getenv "CONFIGURE_TARGET_ARCH")) + '()))))) + (add-after 'install 'move-static-libraries + (lambda _ + ;; Move static libraries to the "static" output. + (let* ((out #$output) + (lib (string-append out "/lib")) + (static #$output:static) + (slib (string-append static "/lib"))) + (for-each (lambda (file) + (install-file file slib) + (delete-file file)) + (find-files lib "\\.a$"))))) + (add-after 'install 'move-extra-documentation + (lambda _ + ;; Move man pages and full HTML documentation to "doc". + (let* ((out #$output) + (man (string-append out "/share/man")) + (html (string-append out "/share/doc/openssl")) + (doc #$output:doc) + (man-target (string-append doc "/share/man")) + (html-target (string-append doc "/share/doc/openssl"))) + (mkdir-p (dirname man-target)) + (mkdir-p (dirname html-target)) + (rename-file man man-target) + (rename-file html html-target)))) + (add-after 'install 'remove-miscellany + (lambda _ + ;; The 'misc' directory contains random undocumented shell and Perl + ;; scripts. Remove them to avoid retaining a reference on Perl. + (delete-file-recursively (string-append #$output "/share/openssl-" + #$(package-version this-package) + "/misc")))) + (add-before 'patch-source-shebangs 'patch-tests + (lambda* (#:key inputs native-inputs #:allow-other-keys) + (let ((bash (assoc-ref (or native-inputs inputs) "bash"))) + (substitute* (find-files "test" ".*") + (("/bin/sh") + (string-append bash "/bin/sh")) + (("/bin/rm") + "rm")) + #t))) + (add-before 'configure 'patch-Makefile.org + (lambda* (#:key outputs #:allow-other-keys) + ;; The default MANDIR is some unusual place. Fix that. + (let ((out (assoc-ref outputs "out"))) + (patch-makefile-SHELL "Makefile.org") + (substitute* "Makefile.org" + (("^MANDIR[[:blank:]]*=.*$") + (string-append "MANDIR = " out "/share/man\n"))) + #t))) + (delete 'move-extra-documentation) + (add-after 'install 'move-man3-pages + (lambda* (#:key outputs #:allow-other-keys) + ;; Move section 3 man pages to "doc". + (let* ((out (assoc-ref outputs "out")) + (man3 (string-append out "/share/man/man3")) + (doc (assoc-ref outputs "doc")) + (target (string-append doc "/share/man/man3"))) + (mkdir-p target) + (for-each (lambda (file) + (rename-file file + (string-append target "/" + (basename file)))) + (find-files man3)) + (delete-file-recursively man3) + #t))) + ;; XXX: Duplicate this phase to make sure 'version' evaluates + ;; in the current scope and not the inherited one. + (replace 'remove-miscellany + (lambda* (#:key outputs #:allow-other-keys) + ;; The 'misc' directory contains random undocumented shell and Perl + ;; scripts. Remove them to avoid retaining a reference on Perl. + (let ((out (assoc-ref outputs "out"))) + (delete-file-recursively (string-append out "/share/openssl-" + #$version "/misc")) + #t))) + ))) + (native-search-paths + (list (search-path-specification + (variable "SSL_CERT_DIR") + (separator #f) ;single entry + (files '("etc/ssl/certs"))) + (search-path-specification + (variable "SSL_CERT_FILE") + (file-type 'regular) + (separator #f) ;single entry + (files '("etc/ssl/certs/ca-certificates.crt"))))) + (synopsis "SSL/TLS implementation") + (description + "OpenSSL is an implementation of SSL/TLS.") + (license license:openssl) + (home-page "https://www.openssl.org/"))) |