04/06: gnu: OpenSSL: Add 3.0.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

04/06: gnu: OpenSSL: Add 3.0.

From:	guix-commits
Subject:	04/06: gnu: OpenSSL: Add 3.0.
Date:	Sun, 30 Jan 2022 11:15:46 -0500 (EST)

mbakke pushed a commit to branch master
in repository guix.

commit 2932c421a3921ccf7dd045cdbd54b23843882d8e
Author: Marius Bakke <marius@gnu.org>
AuthorDate: Sun Jan 30 16:27:48 2022 +0100

    gnu: OpenSSL: Add 3.0.
    
    * gnu/packages/tls.scm (openssl-3.0): New variable.
    * gnu/packages/patches/openssl-3.0-c-rehash-in.patch: New file.
    * gnu/local.mk (dist_patch_DATA): Adjust accordingly.
---
 gnu/local.mk                                       |  1 +
 gnu/packages/patches/openssl-3.0-c-rehash-in.patch | 18 +++++++++++++
 gnu/packages/tls.scm                               | 30 +++++++++++++++++++++-
 3 files changed, 48 insertions(+), 1 deletion(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index 898e8e92e3..4822e8e250 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1579,6 +1579,7 @@ dist_patch_DATA =                                         
\
   %D%/packages/patches/opensles-add-license-file.patch                 \
   %D%/packages/patches/openssl-runpath.patch                   \
   %D%/packages/patches/openssl-1.1-c-rehash-in.patch           \
+  %D%/packages/patches/openssl-3.0-c-rehash-in.patch           \
   %D%/packages/patches/openssl-c-rehash-in.patch               \
   %D%/packages/patches/openssl-CVE-2019-1559.patch             \
   %D%/packages/patches/open-zwave-hidapi.patch                 \
diff --git a/gnu/packages/patches/openssl-3.0-c-rehash-in.patch 
b/gnu/packages/patches/openssl-3.0-c-rehash-in.patch
new file mode 100644
index 0000000000..6871e9348c
--- /dev/null
+++ b/gnu/packages/patches/openssl-3.0-c-rehash-in.patch
@@ -0,0 +1,18 @@
+This patch removes the explicit reference to the 'perl' binary,
+such that OpenSSL does not retain a reference to Perl.
+
+The 'c_rehash' program is seldom used, but it is used nonetheless
+to create symbolic links to certificates, for instance in the 'nss-certs'
+package.
+
+diff --git a/tools/c_rehash.in b/tools/c_rehash.in
+--- a/tools/c_rehash.in
++++ b/tools/c_rehash.in
+@@ -1,4 +1,6 @@
+-#!{- $config{HASHBANGPERL} -}
++eval '(exit $?0)' && eval 'exec perl -wS "$0" ${1+"$@"}'
++  & eval 'exec perl -wS "$0" $argv:q'
++    if 0;
+ {- use OpenSSL::Util; -}
+ # {- join("\n# ", @autowarntext) -}
+ # Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index d5b42c58a0..cf3663ae7d 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -9,7 +9,7 @@
 ;;; Copyright © 2016, 2017, 2018 Nikita <nikita@n0.is>
 ;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
 ;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
-;;; Copyright © 2017, 2018, 2019, 2020, 2021 Marius Bakke <marius@gnu.org>
+;;; Copyright © 2017-2022 Marius Bakke <marius@gnu.org>
 ;;; Copyright © 2017–2021 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
 ;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org>
@@ -528,6 +528,34 @@ OpenSSL for TARGET."
                (base32
                 "15kcvdi69jka67sk1l3a50c26cb7xv9xiwdrgky4bji3ifz9k4gq"))))))
 
+(define-public openssl-3.0
+  (package
+    (inherit openssl)
+    (version "3.0.1")
+    (source (origin
+              (method url-fetch)
+              (uri (list (string-append 
"https://www.openssl.org/source/openssl-";
+                                        version ".tar.gz")
+                         (string-append "ftp://ftp.openssl.org/source/";
+                                        "openssl-" version ".tar.gz")
+                         (string-append "ftp://ftp.openssl.org/source/old/";
+                                        (string-trim-right version 
char-set:letter)
+                                        "/openssl-" version ".tar.gz")))
+              (patches (search-patches "openssl-3.0-c-rehash-in.patch"))
+              (sha256
+               (base32
+                "1l86kgn57av5yh711qp7c9zmi2haqmiah0ddxnbfgg2k6f2ss4f3"))))
+    (arguments
+     (substitute-keyword-arguments (package-arguments openssl)
+       ((#:phases phases '%standard-phases)
+        #~(modify-phases #$phases
+            (add-before 'configure 'configure-perl
+              (lambda* (#:key native-inputs inputs #:allow-other-keys)
+                (setenv "HASHBANGPERL"
+                        (search-input-file (or native-inputs inputs)
+                                           "/bin/perl"))))))))
+    (license license:asl2.0)))
+
 ;; We will not add any new uses of this package. If you add new code that uses
 ;; this package, your change will be reverted!
 ;;

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (3e497b3a4c -> 43dd34c777), guix-commits, 2022/01/30
- 02/06: gnu: expat: Update replacement to 2.4.4 [fixes CVE-2022-23852, CVE-2022-23990]., guix-commits, 2022/01/30
- 04/06: gnu: OpenSSL: Add 3.0., guix-commits <=
- 01/06: gnu: waylandpp: Update to 0.2.9., guix-commits, 2022/01/30
- 06/06: gnu: Remove OpenSSL 1.0., guix-commits, 2022/01/30
- 03/06: gnu: util-linux-with-udev: Remove input labels., guix-commits, 2022/01/30
- 05/06: gnu: Remove unused patch., guix-commits, 2022/01/30

Prev by Date: 02/06: gnu: expat: Update replacement to 2.4.4 [fixes CVE-2022-23852, CVE-2022-23990].
Next by Date: 01/06: gnu: waylandpp: Update to 0.2.9.
Previous by thread: 02/06: gnu: expat: Update replacement to 2.4.4 [fixes CVE-2022-23852, CVE-2022-23990].
Next by thread: 01/06: gnu: waylandpp: Update to 0.2.9.
Index(es):
- Date
- Thread