mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-23 21:17:11 -05:00
daemon: Use `openssl' from $PATH.
* daemon.am (-DOPENSSL_PATH): Default to "openssl". * TODO: Mention removal of OpenSSL dependency.
This commit is contained in:
parent
4d152bf1d9
commit
a9128eac41
2 changed files with 10 additions and 1 deletions
9
TODO
9
TODO
|
@ -14,6 +14,15 @@ and GC-related tasks. The daemon mainly uses ‘libstore’ from Nix.
|
|||
Integrating it in Guix itself will make Guix self-contained, thereby
|
||||
simplifying our users’ lives.
|
||||
|
||||
** Remove dependency on OpenSSL
|
||||
|
||||
The ‘openssl’ command-line tool is used in libstore to sign store paths
|
||||
to be exported, and to check such signatures. The signing keys are
|
||||
usually in /etc/nix/signing-key.{pub,sec}. They are a PKCS#8-encoded
|
||||
X.509 SubjectPublicKeyInfo. These can be decoded with the [[http://lists.gnu.org/archive/html/help-gnutls/2012-12/msg00012.html][C API of
|
||||
GnuTLS]], but not yet with its Guile bindings. There’s also
|
||||
‘gnutls_privkey_sign_data’ to sign, and related functions.
|
||||
|
||||
* infrastructure
|
||||
|
||||
** have a Hydra instance build Guix packages
|
||||
|
|
|
@ -114,7 +114,7 @@ libstore_a_CPPFLAGS = \
|
|||
-DNIX_CONF_DIR=\"$(sysconfdir)/nix\" \
|
||||
-DNIX_LIBEXEC_DIR=\"$(libexecdir)\" \
|
||||
-DNIX_BIN_DIR=\"$(bindir)\" \
|
||||
-DOPENSSL_PATH="\"FIXME--no OpenSSL support\""
|
||||
-DOPENSSL_PATH="\"openssl\""
|
||||
|
||||
libstore_a_CFLAGS = \
|
||||
$(SQLITE3_CFLAGS) $(LIBGCRYPT_CFLAGS)
|
||||
|
|
Loading…
Reference in a new issue