gnu: Use OpenSSL 1.1 as the default OpenSSL package.

* gnu/packages/tls.scm (openssl-next): Delete variable.  Move related code ...
(openssl) ... here.
(openssl-1.0): New public variable.  Retain old arguments.
* gnu/packages/crypto.scm (asignify)[inputs]: Change OPENSSL-NEXT to OPENSSL.
* gnu/packages/databases.scm (mariadb)[inputs]: Change from OPENSSL to OPENSSL-1.0.
* gnu/packages/node.scm (node)[inputs]: Likewise.
* gnu/packages/rust.scm (rust-1.19)[inputs]: Likewise.
This commit is contained in:
Marius Bakke 2019-03-01 17:52:57 +01:00
parent b0f5ec4ffb
commit e74f153a10
No known key found for this signature in database
GPG key ID: A2A06DF2A33A54FA
5 changed files with 105 additions and 112 deletions

View file

@ -817,7 +817,7 @@ (define-public asignify
("automake" ,automake) ("automake" ,automake)
("libtool" ,libtool))) ("libtool" ,libtool)))
(inputs (inputs
`(("openssl" ,openssl-next))) `(("openssl" ,openssl)))
(home-page "https://github.com/vstakhov/asignify") (home-page "https://github.com/vstakhov/asignify")
(synopsis "Cryptographic authentication and encryption tool and library") (synopsis "Cryptographic authentication and encryption tool and library")
(description "Asignify offers public cryptographic signatures and (description "Asignify offers public cryptographic signatures and

View file

@ -671,7 +671,7 @@ (define-public mariadb
("zlib" ,zlib))) ("zlib" ,zlib)))
(propagated-inputs (propagated-inputs
;; mariadb.pc says -lssl -lcrypto, so propagate it. ;; mariadb.pc says -lssl -lcrypto, so propagate it.
`(("openssl" ,openssl))) `(("openssl" ,openssl-1.0)))
;; The test suite is very resource intensive and can take more than three ;; The test suite is very resource intensive and can take more than three
;; hours on a x86_64 system. Give slow and busy machines some leeway. ;; hours on a x86_64 system. Give slow and busy machines some leeway.
(properties '((timeout . 64800))) ;18 hours (properties '((timeout . 64800))) ;18 hours

View file

@ -186,7 +186,7 @@ (define (delete-if-exists file)
("icu4c" ,icu4c) ("icu4c" ,icu4c)
("libuv" ,libuv-1.19) ("libuv" ,libuv-1.19)
("nghttp2" ,nghttp2 "lib") ("nghttp2" ,nghttp2 "lib")
("openssl" ,openssl) ("openssl" ,openssl-1.0)
("zlib" ,zlib))) ("zlib" ,zlib)))
(synopsis "Evented I/O for V8 JavaScript") (synopsis "Evented I/O for V8 JavaScript")
(description "Node.js is a platform built on Chrome's JavaScript runtime (description "Node.js is a platform built on Chrome's JavaScript runtime

View file

@ -400,7 +400,7 @@ (define rust-1.19
(inputs (inputs
`(("jemalloc" ,jemalloc-4.5.0) `(("jemalloc" ,jemalloc-4.5.0)
("llvm" ,llvm-3.9.1) ("llvm" ,llvm-3.9.1)
("openssl" ,openssl) ("openssl" ,openssl-1.0)
("libssh2" ,libssh2) ; For "cargo" ("libssh2" ,libssh2) ; For "cargo"
("libcurl" ,curl))) ; For "cargo" ("libcurl" ,curl))) ; For "cargo"

View file

@ -9,7 +9,7 @@
;;; Copyright © 2016, 2017, 2018 Nils Gillmann <ng0@n0.is> ;;; Copyright © 2016, 2017, 2018 Nils Gillmann <ng0@n0.is>
;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com> ;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2017, 2018 Marius Bakke <mbakke@fastmail.com> ;;; Copyright © 2017, 2018, 2019 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com> ;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org> ;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org>
@ -262,7 +262,7 @@ (define-public gnutls/dane
(define-public openssl (define-public openssl
(package (package
(name "openssl") (name "openssl")
(version "1.0.2r") (version "1.1.1b")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (list (string-append "https://www.openssl.org/source/openssl-" (uri (list (string-append "https://www.openssl.org/source/openssl-"
@ -274,13 +274,12 @@ (define-public openssl
"/openssl-" version ".tar.gz"))) "/openssl-" version ".tar.gz")))
(sha256 (sha256
(base32 (base32
"1mnh27zf6r1bhm5d9fxqq9slv2gz0d9z2ij9i679b0wapa5x0ldf")) "0jza8cmznnyiia43056dij1jdmz62dx17wsn0zxksh9h6817nmaw"))
(patches (search-patches "openssl-runpath.patch" (patches (search-patches "openssl-1.1-c-rehash-in.patch"))))
"openssl-c-rehash-in.patch"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(outputs '("out" (outputs '("out"
"doc" ;1.5MiB of man3 pages "doc" ;6.8 MiB of man3 pages and full HTML documentation
"static")) ;6MiB of .a files "static")) ;6.4 MiB of .a files
(native-inputs `(("perl" ,perl))) (native-inputs `(("perl" ,perl)))
(arguments (arguments
`(#:disallowed-references (,perl) `(#:disallowed-references (,perl)
@ -293,31 +292,27 @@ (define-public openssl
#:disallowed-references ,(list (canonical-package perl)) #:disallowed-references ,(list (canonical-package perl))
#:phases #:phases
(modify-phases %standard-phases (modify-phases %standard-phases
(add-before (replace 'configure
'configure 'patch-Makefile.org (lambda* (#:key outputs #:allow-other-keys)
(lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out"))
;; The default MANDIR is some unusual place. Fix that. (lib (string-append out "/lib")))
(let ((out (assoc-ref outputs "out"))) ;; It's not a shebang so patch-source-shebangs misses it.
(patch-makefile-SHELL "Makefile.org") (substitute* "config"
(substitute* "Makefile.org" (("/usr/bin/env")
(("^MANDIR[[:blank:]]*=.*$") (string-append (assoc-ref %build-inputs "coreutils")
(string-append "MANDIR = " out "/share/man\n"))) "/bin/env")))
#t))) (invoke "./config"
(replace "shared" ;build shared libraries
'configure "--libdir=lib"
(lambda* (#:key outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out")))
(invoke "./config"
"shared" ;build shared libraries
"--libdir=lib"
;; The default for this catch-all directory is ;; The default for this catch-all directory is
;; PREFIX/ssl. Change that to something more ;; PREFIX/ssl. Change that to something more
;; conventional. ;; conventional.
(string-append "--openssldir=" out (string-append "--openssldir=" out
"/share/openssl-" ,version) "/share/openssl-" ,version)
(string-append "--prefix=" out))))) (string-append "--prefix=" out)
(string-append "-Wl,-rpath," lib)))))
(add-after 'install 'move-static-libraries (add-after 'install 'move-static-libraries
(lambda* (#:key outputs #:allow-other-keys) (lambda* (#:key outputs #:allow-other-keys)
;; Move static libraries to the "static" output. ;; Move static libraries to the "static" output.
@ -330,31 +325,20 @@ (define-public openssl
(delete-file file)) (delete-file file))
(find-files lib "\\.a$")) (find-files lib "\\.a$"))
#t))) #t)))
(add-after 'install 'move-man3-pages (add-after 'install 'move-extra-documentation
(lambda* (#:key outputs #:allow-other-keys) (lambda* (#:key outputs #:allow-other-keys)
;; Move section 3 man pages to "doc". ;; Move man3 pages and full HTML documentation to "doc".
(let* ((out (assoc-ref outputs "out")) (let* ((out (assoc-ref outputs "out"))
(man3 (string-append out "/share/man/man3")) (man3 (string-append out "/share/man/man3"))
(doc (assoc-ref outputs "doc")) (html (string-append out "/share/doc/openssl"))
(target (string-append doc "/share/man/man3"))) (doc (assoc-ref outputs "doc"))
(mkdir-p target) (man-target (string-append doc "/share/man/man3"))
(for-each (lambda (file) (html-target (string-append doc "/share/doc/openssl")))
(rename-file file (copy-recursively man3 man-target)
(string-append target "/" (delete-file-recursively man3)
(basename file)))) (copy-recursively html html-target)
(find-files man3)) (delete-file-recursively html)
(delete-file-recursively man3) #t)))
#t)))
(add-before
'patch-source-shebangs 'patch-tests
(lambda* (#:key inputs native-inputs #:allow-other-keys)
(let ((bash (assoc-ref (or native-inputs inputs) "bash")))
(substitute* (find-files "test" ".*")
(("/bin/sh")
(string-append bash "/bin/sh"))
(("/bin/rm")
"rm"))
#t)))
(add-after (add-after
'install 'remove-miscellany 'install 'remove-miscellany
(lambda* (#:key outputs #:allow-other-keys) (lambda* (#:key outputs #:allow-other-keys)
@ -380,72 +364,81 @@ (define-public openssl
(license license:openssl) (license license:openssl)
(home-page "https://www.openssl.org/"))) (home-page "https://www.openssl.org/")))
(define-public openssl-next (define-public openssl-1.0
(package (package
(inherit openssl) (inherit openssl)
(name "openssl") (name "openssl")
(version "1.1.1b") (version "1.0.2r")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (list (string-append "https://www.openssl.org/source/openssl-" (uri (list (string-append "https://www.openssl.org/source/openssl-"
version ".tar.gz") version ".tar.gz")
(string-append "ftp://ftp.openssl.org/source/" (string-append "ftp://ftp.openssl.org/source/"
"openssl-" version ".tar.gz") "openssl-" version ".tar.gz")
(string-append "ftp://ftp.openssl.org/source/old/" (string-append "ftp://ftp.openssl.org/source/old/"
(string-trim-right version char-set:letter) (string-trim-right version char-set:letter)
"/openssl-" version ".tar.gz"))) "/openssl-" version ".tar.gz")))
(patches (search-patches "openssl-1.1-c-rehash-in.patch"))
(sha256 (sha256
(base32 (base32
"0jza8cmznnyiia43056dij1jdmz62dx17wsn0zxksh9h6817nmaw")))) "1mnh27zf6r1bhm5d9fxqq9slv2gz0d9z2ij9i679b0wapa5x0ldf"))
(patches (search-patches "openssl-runpath.patch"
"openssl-c-rehash-in.patch"))))
(outputs '("out" (outputs '("out"
"doc" ; 6.8 MiB of man3 pages and full HTML documentation "doc" ;1.5MiB of man3 pages
"static")) ; 6.4 MiB of .a files "static")) ;6MiB of .a files
(arguments (arguments
(substitute-keyword-arguments (package-arguments openssl) (substitute-keyword-arguments (package-arguments openssl)
((#:phases phases) ((#:phases phases)
`(modify-phases ,phases `(modify-phases ,phases
(delete 'patch-tests) ; These two phases are not needed by (add-before 'patch-source-shebangs 'patch-tests
(delete 'patch-Makefile.org) ; OpenSSL 1.1. (lambda* (#:key inputs native-inputs #:allow-other-keys)
(let ((bash (assoc-ref (or native-inputs inputs) "bash")))
;; Override configure phase since -rpath is now a configure option. (substitute* (find-files "test" ".*")
(replace 'configure (("/bin/sh")
(lambda* (#:key outputs #:allow-other-keys) (string-append bash "/bin/sh"))
(let* ((out (assoc-ref outputs "out")) (("/bin/rm")
(lib (string-append out "/lib"))) "rm"))
;; It's not a shebang so patch-source-shebangs misses it.
(substitute* "config"
(("/usr/bin/env")
(string-append (assoc-ref %build-inputs "coreutils")
"/bin/env")))
(invoke "./config"
"shared" ;build shared libraries
"--libdir=lib"
;; The default for this catch-all directory is
;; PREFIX/ssl. Change that to something more
;; conventional.
(string-append "--openssldir=" out
"/share/openssl-" ,version)
(string-append "--prefix=" out)
(string-append "-Wl,-rpath," lib)))))
(delete 'move-man3-pages)
(add-after 'install 'move-extra-documentation
(lambda* (#:key outputs #:allow-other-keys)
;; Move man3 pages and full HTML documentation to "doc".
(let* ((out (assoc-ref outputs "out"))
(man3 (string-append out "/share/man/man3"))
(html (string-append out "/share/doc/openssl"))
(doc (assoc-ref outputs "doc"))
(man-target (string-append doc "/share/man/man3"))
(html-target (string-append doc "/share/doc/openssl")))
(copy-recursively man3 man-target)
(delete-file-recursively man3)
(copy-recursively html html-target)
(delete-file-recursively html)
#t))) #t)))
(add-before 'configure 'patch-Makefile.org
(lambda* (#:key outputs #:allow-other-keys)
;; The default MANDIR is some unusual place. Fix that.
(let ((out (assoc-ref outputs "out")))
(patch-makefile-SHELL "Makefile.org")
(substitute* "Makefile.org"
(("^MANDIR[[:blank:]]*=.*$")
(string-append "MANDIR = " out "/share/man\n")))
#t)))
(replace 'configure
;; Override this phase because OpenSSL 1.0 does not understand -rpath.
(lambda* (#:key outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out")))
(invoke "./config"
"shared" ;build shared libraries
"--libdir=lib"
;; The default for this catch-all directory is
;; PREFIX/ssl. Change that to something more
;; conventional.
(string-append "--openssldir=" out
"/share/openssl-" ,version)
(string-append "--prefix=" out)))))
(delete 'move-extra-documentation)
(add-after 'install 'move-man3-pages
(lambda* (#:key outputs #:allow-other-keys)
;; Move section 3 man pages to "doc".
(let* ((out (assoc-ref outputs "out"))
(man3 (string-append out "/share/man/man3"))
(doc (assoc-ref outputs "doc"))
(target (string-append doc "/share/man/man3")))
(mkdir-p target)
(for-each (lambda (file)
(rename-file file
(string-append target "/"
(basename file))))
(find-files man3))
(delete-file-recursively man3)
#t)))
;; XXX: Duplicate this phase to make sure 'version' evaluates ;; XXX: Duplicate this phase to make sure 'version' evaluates
;; in the current scope and not the inherited one. ;; in the current scope and not the inherited one.
(replace 'remove-miscellany (replace 'remove-miscellany