gnu: Add openssl-next.
* gnu/packages/tls.scm (openssl-next): New variable. * gnu/packages/patches/openssl-1.1.0-c-rehash-in.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
This commit is contained in:
parent
83457fe00e
commit
763899f0db
|
@ -702,6 +702,7 @@ dist_patch_DATA = \
|
|||
%D%/packages/patches/openjpeg-CVE-2015-6581.patch \
|
||||
%D%/packages/patches/openjpeg-use-after-free-fix.patch \
|
||||
%D%/packages/patches/openssl-runpath.patch \
|
||||
%D%/packages/patches/openssl-1.1.0-c-rehash-in.patch \
|
||||
%D%/packages/patches/openssl-c-rehash-in.patch \
|
||||
%D%/packages/patches/openssl-CVE-2016-2177.patch \
|
||||
%D%/packages/patches/openssl-CVE-2016-2178.patch \
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
This patch removes the explicit reference to the 'perl' binary,
|
||||
such that OpenSSL does not retain a reference to Perl.
|
||||
|
||||
The 'c_rehash' program is seldom used, but it is used nonetheless
|
||||
to create symbolic links to certificates, for instance in the 'nss-certs'
|
||||
package.
|
||||
|
||||
diff --git a/tools/c_rehash.in b/tools/c_rehash.in
|
||||
index 2fef627..9d40eae 100644
|
||||
--- a/tools/c_rehash.in
|
||||
+++ b/tools/c_rehash.in
|
||||
@@ -1,4 +1,6 @@
|
||||
-#!{- $config{hashbangperl} -}
|
||||
+eval '(exit $?0)' && eval 'exec perl -wS "$0" ${1+"$@"}'
|
||||
+ & eval 'exec perl -wS "$0" $argv:q'
|
||||
+ if 0;
|
||||
|
||||
# {- join("\n# ", @autowarntext) -}
|
||||
# Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
@ -323,6 +323,41 @@ required structures.")
|
|||
(license license:openssl)
|
||||
(home-page "http://www.openssl.org/")))
|
||||
|
||||
(define-public openssl-next
|
||||
(package
|
||||
(inherit openssl)
|
||||
(name "openssl")
|
||||
(version "1.1.0")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (list (string-append "ftp://ftp.openssl.org/source/"
|
||||
name "-" version ".tar.gz")
|
||||
(string-append "ftp://ftp.openssl.org/source/old/"
|
||||
(string-trim-right version char-set:letter)
|
||||
"/" name "-" version ".tar.gz")))
|
||||
(patches (search-patches "openssl-1.1.0-c-rehash-in.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"10lcpmnxap9nw8ymdglys93cgkwd1lf1rz4fhq5whwhlmkwrzipm"))))
|
||||
(outputs '("out"
|
||||
"doc" ;1.3MiB of man3 pages
|
||||
"static")) ; 5.5MiB of .a files
|
||||
(arguments
|
||||
(substitute-keyword-arguments (package-arguments openssl)
|
||||
((#:phases phases)
|
||||
`(modify-phases ,phases
|
||||
(delete 'patch-tests) ; These two phases are not needed by
|
||||
(delete 'patch-Makefile.org) ; OpenSSL 1.1.0.
|
||||
|
||||
(add-after 'configure 'patch-runpath
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
(let ((lib (string-append (assoc-ref outputs "out") "/lib")))
|
||||
(substitute* "Makefile.shared"
|
||||
(("\\$\\$\\{SHAREDCMD\\} \\$\\$\\{SHAREDFLAGS\\}")
|
||||
(string-append "$${SHAREDCMD} $${SHAREDFLAGS}"
|
||||
" -Wl,-rpath," lib)))
|
||||
#t)))))))))
|
||||
|
||||
(define-public libressl
|
||||
(package
|
||||
(name "libressl")
|
||||
|
|
Loading…
Reference in New Issue