[Nix-commits] SVN commit: nix - r30233 - in nixpkgs/branches/stdenv-updates/pkgs: development/libraries/openssl top-level

Fri, 04 Nov 2011 11:48:36 -0700 

Author: eelco
Date: Fri Nov  4 18:48:25 2011
New Revision: 30233
URL: https://nixos.org/websvn/nix/?rev=30233&sc=1

Log:
* Make OpenSSL 1.0.0e the default.

Replaced:
   
nixpkgs/branches/stdenv-updates/pkgs/development/libraries/openssl/default.nix
      - copied unchanged from r30203, 
nixpkgs/branches/stdenv-updates/pkgs/development/libraries/openssl/1.0.0e.nix
Deleted:
   nixpkgs/branches/stdenv-updates/pkgs/development/libraries/openssl/1.0.0e.nix
Modified:
   nixpkgs/branches/stdenv-updates/pkgs/top-level/all-packages.nix

Copied: 
nixpkgs/branches/stdenv-updates/pkgs/development/libraries/openssl/default.nix 
(from r30203, 
nixpkgs/branches/stdenv-updates/pkgs/development/libraries/openssl/1.0.0e.nix)
==============================================================================
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ 
nixpkgs/branches/stdenv-updates/pkgs/development/libraries/openssl/default.nix  
    Fri Nov  4 18:48:25 2011        (r30233, copy of r30203, 
nixpkgs/branches/stdenv-updates/pkgs/development/libraries/openssl/1.0.0e.nix)
@@ -0,0 +1,74 @@
+{ stdenv, fetchurl, perl }:
+
+let
+  name = "openssl-1.0.0e";
+
+  opensslCrossSystem = stdenv.lib.attrByPath [ "openssl" "system" ]
+    (throw "openssl needs its platform name cross building" null)
+    stdenv.cross;
+in
+
+stdenv.mkDerivation {
+  inherit name;
+
+  src = fetchurl {
+    url = "http://www.openssl.org/source/${name}.tar.gz";;
+    sha256 = "1xw0ffzmr4wbnb0glywgks375dvq8x87pgxmwx6vhgvkflkxqqg3";
+  };
+
+  patches =
+    [ # Allow the location of the X509 certificate file (the CA
+      # bundle) to be set through the environment variable
+      # ‘OPENSSL_X509_CERT_FILE’.  This is necessary because the
+      # default location ($out/ssl/cert.pem) doesn't exist, and
+      # hardcoding something like /etc/ssl/cert.pem is impure and
+      # cannot be overriden per-process.  For security, the
+      # environment variable is ignored for setuid binaries.
+      ./cert-file.patch
+    ]
+    ++ stdenv.lib.optional stdenv.isDarwin ./darwin-arch.patch;
+
+  buildNativeInputs = [ perl ];
+
+  # On x86_64-darwin, "./config" misdetects the system as
+  # "darwin-i386-cc".  So specify the system type explicitly.
+  configureScript =
+    if stdenv.system == "x86_64-darwin" then "./Configure darwin64-x86_64-cc" 
else "./config";
+
+  configureFlags = "shared --libdir=lib";
+
+  makeFlags = "MANDIR=$(out)/share/man";
+
+  postInstall =
+    ''
+      # If we're building dynamic libraries, then don't install static
+      # libraries.
+      if [ -n "$(echo $out/lib/*.so)" ]; then
+          rm $out/lib/*.a
+      fi
+    ''; # */
+
+  crossAttrs = {
+    preConfigure=''
+      # It's configure does not like --build or --host
+      export configureFlags="--libdir=lib 
--cross-compile-prefix=${stdenv.cross.config}- shared ${opensslCrossSystem}"
+    '';
+
+    postInstall = ''
+      # Openssl installs readonly files, which otherwise we can't strip.
+      # This could at some stdenv hash change be put out of crossAttrs, too
+      chmod -R +w $out
+
+      # Remove references to perl, to avoid depending on it at runtime
+      rm $out/bin/c_rehash $out/ssl/misc/CA.pl $out/ssl/misc/tsget
+    '';
+    configureScript = "./Configure";
+  };
+
+  meta = {
+    homepage = http://www.openssl.org/;
+    description = "A cryptographic library that implements the SSL and TLS 
protocols";
+    platforms = stdenv.lib.platforms.all;
+    maintainers = [ stdenv.lib.maintainers.simons ];
+  };
+}

Modified: nixpkgs/branches/stdenv-updates/pkgs/top-level/all-packages.nix
==============================================================================
--- nixpkgs/branches/stdenv-updates/pkgs/top-level/all-packages.nix     Fri Nov 
 4 18:48:00 2011        (r30232)
+++ nixpkgs/branches/stdenv-updates/pkgs/top-level/all-packages.nix     Fri Nov 
 4 18:48:25 2011        (r30233)
@@ -4265,7 +4265,6 @@
   neon029 = callPackage ../development/libraries/neon/0.29.nix {
     compressionSupport = true;
     sslSupport = true;
-    openssl = opensslNew;
   };
 
   nethack = builderDefsPackage (import ../games/nethack) {
@@ -4339,8 +4338,6 @@
     fetchurl = fetchurlBoot;
   };
 
-  opensslNew = callPackage ../development/libraries/openssl/1.0.0e.nix { };
-
   ortp = callPackage ../development/libraries/ortp { };
 
   pangoxsl = callPackage ../development/libraries/pangoxsl {
_______________________________________________
nix-commits mailing list
nix-comm...@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-commits

Reply via email to