gnu: OpenSSL: Add 3.0.

* gnu/packages/tls.scm (openssl-3.0): New variable.
* gnu/packages/patches/openssl-3.0-c-rehash-in.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
This commit is contained in:
Marius Bakke 2022-01-30 16:27:48 +01:00
parent 753cacb1ad
commit 2932c421a3
No known key found for this signature in database
GPG key ID: A2A06DF2A33A54FA
3 changed files with 48 additions and 1 deletions

View file

@ -1579,6 +1579,7 @@ dist_patch_DATA = \
%D%/packages/patches/opensles-add-license-file.patch \
%D%/packages/patches/openssl-runpath.patch \
%D%/packages/patches/openssl-1.1-c-rehash-in.patch \
%D%/packages/patches/openssl-3.0-c-rehash-in.patch \
%D%/packages/patches/openssl-c-rehash-in.patch \
%D%/packages/patches/openssl-CVE-2019-1559.patch \
%D%/packages/patches/open-zwave-hidapi.patch \

View file

@ -0,0 +1,18 @@
This patch removes the explicit reference to the 'perl' binary,
such that OpenSSL does not retain a reference to Perl.
The 'c_rehash' program is seldom used, but it is used nonetheless
to create symbolic links to certificates, for instance in the 'nss-certs'
package.
diff --git a/tools/c_rehash.in b/tools/c_rehash.in
--- a/tools/c_rehash.in
+++ b/tools/c_rehash.in
@@ -1,4 +1,6 @@
-#!{- $config{HASHBANGPERL} -}
+eval '(exit $?0)' && eval 'exec perl -wS "$0" ${1+"$@"}'
+ & eval 'exec perl -wS "$0" $argv:q'
+ if 0;
{- use OpenSSL::Util; -}
# {- join("\n# ", @autowarntext) -}
# Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.

View file

@ -9,7 +9,7 @@
;;; Copyright © 2016, 2017, 2018 Nikita <nikita@n0.is>
;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2017, 2018, 2019, 2020, 2021 Marius Bakke <marius@gnu.org>
;;; Copyright © 2017-2022 Marius Bakke <marius@gnu.org>
;;; Copyright © 20172021 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org>
@ -528,6 +528,34 @@ (define openssl/fixed
(base32
"15kcvdi69jka67sk1l3a50c26cb7xv9xiwdrgky4bji3ifz9k4gq"))))))
(define-public openssl-3.0
(package
(inherit openssl)
(version "3.0.1")
(source (origin
(method url-fetch)
(uri (list (string-append "https://www.openssl.org/source/openssl-"
version ".tar.gz")
(string-append "ftp://ftp.openssl.org/source/"
"openssl-" version ".tar.gz")
(string-append "ftp://ftp.openssl.org/source/old/"
(string-trim-right version char-set:letter)
"/openssl-" version ".tar.gz")))
(patches (search-patches "openssl-3.0-c-rehash-in.patch"))
(sha256
(base32
"1l86kgn57av5yh711qp7c9zmi2haqmiah0ddxnbfgg2k6f2ss4f3"))))
(arguments
(substitute-keyword-arguments (package-arguments openssl)
((#:phases phases '%standard-phases)
#~(modify-phases #$phases
(add-before 'configure 'configure-perl
(lambda* (#:key native-inputs inputs #:allow-other-keys)
(setenv "HASHBANGPERL"
(search-input-file (or native-inputs inputs)
"/bin/perl"))))))))
(license license:asl2.0)))
;; We will not add any new uses of this package. If you add new code that uses
;; this package, your change will be reverted!
;;