From a095d983ea230d48472f123ceb62f20d137eee3b Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Fri, 15 Oct 2021 00:38:40 -0400 Subject: [PATCH] gnu: openssl: Absorb 1.1.1l graft. * gnu/packages/tls.scm (openssl)[replacement]: Remove. [source]: Update to 1.1.1l. Fix indentation. * gnu/packages/tls.scm (openssl-1.1.1l): Delete variable. --- gnu/packages/tls.scm | 44 ++++++++++++-------------------------------- 1 file changed, 12 insertions(+), 32 deletions(-) diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 908858f6eb..be8f7a4a12 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -385,8 +385,7 @@ OpenSSL for TARGET." (define-public openssl (package (name "openssl") - (version "1.1.1k") - (replacement openssl-1.1.1l) + (version "1.1.1l") (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -399,11 +398,11 @@ OpenSSL for TARGET." (patches (search-patches "openssl-1.1-c-rehash-in.patch")) (sha256 (base32 - "1rdfzcrxy9y38wqdw5942vmdax9hjhgrprzxm42csal7p5shhal9")))) + "1lbblxps2fhmz7bqh058iywh5wxfignbfx1s1kz2fj63b5g3wyhb")))) (build-system gnu-build-system) (outputs '("out" - "doc" ;6.8 MiB of man3 pages and full HTML documentation - "static")) ;6.4 MiB of .a files + "doc" ;6.8 MiB of man3 pages and full HTML documentation + "static")) ;6.4 MiB of .a files (native-inputs `(("perl" ,perl))) (arguments `(#:parallel-tests? #f @@ -428,11 +427,11 @@ OpenSSL for TARGET." ;; https://github.com/openssl/openssl/issues/12242 #$@(if (or (target-arm?) (target-riscv64?)) - #~((replace 'check - (lambda* (#:key tests? test-target #:allow-other-keys) - (when tests? - (invoke "make" "TESTS=-test_afalg" test-target))))) - #~()) + #~((replace 'check + (lambda* (#:key tests? test-target #:allow-other-keys) + (when tests? + (invoke "make" "TESTS=-test_afalg" test-target))))) + #~()) (replace 'configure (lambda* (#:key configure-flags #:allow-other-keys) (let* ((out #$output) @@ -446,7 +445,7 @@ OpenSSL for TARGET." invoke #$@(if (%current-target-system) #~("./Configure") #~("./config")) - "shared" ;build shared libraries + "shared" ;build shared libraries "--libdir=lib" ;; The default for this catch-all directory is @@ -499,12 +498,12 @@ OpenSSL for TARGET." (native-search-paths (list (search-path-specification (variable "SSL_CERT_DIR") - (separator #f) ;single entry + (separator #f) ;single entry (files '("etc/ssl/certs"))) (search-path-specification (variable "SSL_CERT_FILE") (file-type 'regular) - (separator #f) ;single entry + (separator #f) ;single entry (files '("etc/ssl/certs/ca-certificates.crt"))))) (synopsis "SSL/TLS implementation") (description @@ -512,25 +511,6 @@ OpenSSL for TARGET." (license license:openssl) (home-page "https://www.openssl.org/"))) -;; Replacement package to fix multiple CVEs. -(define openssl-1.1.1l - (package - (inherit openssl) - (version "1.1.1l") - (source (origin - (method url-fetch) - (uri (list (string-append "https://www.openssl.org/source/openssl-" - version ".tar.gz") - (string-append "ftp://ftp.openssl.org/source/" - "openssl-" version ".tar.gz") - (string-append "ftp://ftp.openssl.org/source/old/" - (string-trim-right version char-set:letter) - "/openssl-" version ".tar.gz"))) - (patches (search-patches "openssl-1.1-c-rehash-in.patch")) - (sha256 - (base32 - "1lbblxps2fhmz7bqh058iywh5wxfignbfx1s1kz2fj63b5g3wyhb")))))) - ;; We will not add any new uses of this package. If you add new code that uses ;; this package, your change will be reverted! ;;