ryan77627/guix
1
0
Fork 0
mirror of https://git.in.rschanz.org/ryan77627/guix.git synced 2025-01-03 18:09:18 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: mbedtls-apache: Update to 2.23.0 [security fixes].

Browse source 
* gnu/packages/tls.scm (mbedtls-apache): Update to 2.23.0.
[source]: Use GIT-FETCH and GIT-FILE-NAME.
[arguments]: Make source files writable.  Enable threading.
This commit is contained in:
Tobias Geerinckx-Rice 2020-07-14 03:06:05 +02:00
parent 338f5428d6
commit 927ecd4ebe
No known key found for this signature in database
GPG key ID: 0DB0FF884F556D79
1 changed files with 26 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
gnu/packages/tls.scm
View file

@ -891,22 +891,39 @@ (define-public acme-client
(define-public mbedtls-apache (define-public mbedtls-apache
(package (package
(name "mbedtls-apache") (name "mbedtls-apache")
(version "2.16.6") ;; XXX Check whether -Wformat-signedness below still breaks when updating.
(version "2.23.0")
(source (source
(origin (origin
(method url-fetch) (method git-fetch)
;; XXX: The download links on the website are script redirection links (uri (git-reference
;; which effectively lead to the format listed in the uri here. (url "https://github.com/ARMmbed/mbedtls")
(uri (string-append "https://tls.mbed.org/download/mbedtls-" (commit (string-append "mbedtls-" version))))
version "-apache.tgz"))
(sha256 (sha256
(base32 (base32 "13fa9h2i989cbf8n8c0j019mshv6wg213va18my1s787lhcq2d62"))
"0w0p51vx0cc6fyqfdn59669q6n4187vi64fw5ha302hrlqimwib6")))) (file-name (git-file-name name version))))
(build-system cmake-build-system) (build-system cmake-build-system)
(arguments (arguments
`(#:configure-flags `(#:configure-flags
(list "-DUSE_SHARED_MBEDTLS_LIBRARY=ON" (list "-DUSE_SHARED_MBEDTLS_LIBRARY=ON"
"-DUSE_STATIC_MBEDTLS_LIBRARY=OFF"))) "-DUSE_STATIC_MBEDTLS_LIBRARY=OFF")
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'make-source-writable
(lambda _
(for-each make-file-writable (find-files "."))
#t))
(add-before 'configure 'enable-features
;; Some packages like Hiawatha depend on less embedded features.
(lambda _
(substitute* "include/mbedtls/config.h"
(("//(#define MBEDTLS_THREADING_(C|PTHREAD))"
_ match)
match))
;; XXX The above enables code that breaks with -Werror…
(substitute* "CMakeLists.txt"
((" -Wformat-signedness") ""))
#t)))))
(native-inputs (native-inputs
`(("perl" ,perl) `(("perl" ,perl)
("python" ,python))) ("python" ,python)))