daemon: Use `openssl' from $PATH.
* daemon.am (-DOPENSSL_PATH): Default to "openssl". * TODO: Mention removal of OpenSSL dependency.master
parent
4d152bf1d9
commit
a9128eac41
9
TODO
9
TODO
|
@ -14,6 +14,15 @@ and GC-related tasks. The daemon mainly uses ‘libstore’ from Nix.
|
||||||
Integrating it in Guix itself will make Guix self-contained, thereby
|
Integrating it in Guix itself will make Guix self-contained, thereby
|
||||||
simplifying our users’ lives.
|
simplifying our users’ lives.
|
||||||
|
|
||||||
|
** Remove dependency on OpenSSL
|
||||||
|
|
||||||
|
The ‘openssl’ command-line tool is used in libstore to sign store paths
|
||||||
|
to be exported, and to check such signatures. The signing keys are
|
||||||
|
usually in /etc/nix/signing-key.{pub,sec}. They are a PKCS#8-encoded
|
||||||
|
X.509 SubjectPublicKeyInfo. These can be decoded with the [[http://lists.gnu.org/archive/html/help-gnutls/2012-12/msg00012.html][C API of
|
||||||
|
GnuTLS]], but not yet with its Guile bindings. There’s also
|
||||||
|
‘gnutls_privkey_sign_data’ to sign, and related functions.
|
||||||
|
|
||||||
* infrastructure
|
* infrastructure
|
||||||
|
|
||||||
** have a Hydra instance build Guix packages
|
** have a Hydra instance build Guix packages
|
||||||
|
|
|
@ -114,7 +114,7 @@ libstore_a_CPPFLAGS = \
|
||||||
-DNIX_CONF_DIR=\"$(sysconfdir)/nix\" \
|
-DNIX_CONF_DIR=\"$(sysconfdir)/nix\" \
|
||||||
-DNIX_LIBEXEC_DIR=\"$(libexecdir)\" \
|
-DNIX_LIBEXEC_DIR=\"$(libexecdir)\" \
|
||||||
-DNIX_BIN_DIR=\"$(bindir)\" \
|
-DNIX_BIN_DIR=\"$(bindir)\" \
|
||||||
-DOPENSSL_PATH="\"FIXME--no OpenSSL support\""
|
-DOPENSSL_PATH="\"openssl\""
|
||||||
|
|
||||||
libstore_a_CFLAGS = \
|
libstore_a_CFLAGS = \
|
||||||
$(SQLITE3_CFLAGS) $(LIBGCRYPT_CFLAGS)
|
$(SQLITE3_CFLAGS) $(LIBGCRYPT_CFLAGS)
|
||||||
|
|
Reference in New Issue