gnu: le-certs: Create OpenSSL hash symlinks.

* gnu/packages/certs.scm (le-certs)[arguments]: Run 'c_rehash' on the
result.
[native-inputs]: New fields.
This commit is contained in:
Ludovic Courtès 2017-07-28 14:50:52 +02:00
parent c4b006ba12
commit 6f0f55148d
No known key found for this signature in database
GPG Key ID: 090B11993D9AEBB5
1 changed files with 16 additions and 3 deletions

View File

@ -1,7 +1,7 @@
;;; GNU Guix --- Functional package management for GNU ;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2016, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2017 Leo Famulari <leo@famulari.name> ;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
@ -155,13 +155,26 @@ taken from the NSS package and thus ultimately from the Mozilla project.")
(let ((root (assoc-ref %build-inputs "isrgrootx1.pem")) (let ((root (assoc-ref %build-inputs "isrgrootx1.pem"))
(intermediate (assoc-ref %build-inputs "letsencryptauthorityx3.pem")) (intermediate (assoc-ref %build-inputs "letsencryptauthorityx3.pem"))
(backup (assoc-ref %build-inputs "letsencryptauthorityx4.pem")) (backup (assoc-ref %build-inputs "letsencryptauthorityx4.pem"))
(out (string-append (assoc-ref %outputs "out") "/etc/ssl/certs"))) (out (string-append (assoc-ref %outputs "out") "/etc/ssl/certs"))
(openssl (assoc-ref %build-inputs "openssl"))
(perl (assoc-ref %build-inputs "perl")))
(mkdir-p out) (mkdir-p out)
(for-each (for-each
(lambda (cert) (lambda (cert)
(copy-file cert (string-append out "/" (copy-file cert (string-append out "/"
(strip-store-file-name cert)))) (strip-store-file-name cert))))
(list root intermediate backup)))))) (list root intermediate backup))
;; Create hash symlinks suitable for OpenSSL ('SSL_CERT_DIR' and
;; similar.)
(chdir (string-append %output "/etc/ssl/certs"))
(unless (zero? (system* (string-append perl "/bin/perl")
(string-append openssl "/bin/c_rehash")
"."))
(error "'c_rehash' failed" openssl))))))
(native-inputs
`(("openssl" ,openssl)
("perl" ,perl))) ;for 'c_rehash'
(inputs (inputs
`(; The Let's Encrypt root certificate, "ISRG Root X1". `(; The Let's Encrypt root certificate, "ISRG Root X1".
("isrgrootx1.pem" ("isrgrootx1.pem"