summaryrefslogtreecommitdiffstats
path: root/makefu/5pkgs/cmpforopenssl
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2017-08-24 17:39:53 +0200
committertv <tv@krebsco.de>2017-08-24 17:39:53 +0200
commitfd69096a27575b9d4d87a10af1492b273dad167c (patch)
treeaa3e7dc121d3188a16a37a6751ec774abcc0df81 /makefu/5pkgs/cmpforopenssl
parentb9a4e834c06bc32fa38389e13c0ec42467c0fc46 (diff)
parentfd6b42355907de5313ea3576e5d1bfa549433099 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu/5pkgs/cmpforopenssl')
-rw-r--r--makefu/5pkgs/cmpforopenssl/default.nix82
-rw-r--r--makefu/5pkgs/cmpforopenssl/nix-ssl-cert-file.patch14
2 files changed, 96 insertions, 0 deletions
diff --git a/makefu/5pkgs/cmpforopenssl/default.nix b/makefu/5pkgs/cmpforopenssl/default.nix
new file mode 100644
index 000000000..3b9a20098
--- /dev/null
+++ b/makefu/5pkgs/cmpforopenssl/default.nix
@@ -0,0 +1,82 @@
+{ stdenv, fetchurl, buildPackages, perl, fetchgit
+, hostPlatform
+}:
+
+with stdenv.lib;
+
+let
+
+ common = args@{ rev, sha256, patches ? [] }: stdenv.mkDerivation rec {
+ name = "cmpforopenssl-${rev}";
+
+ src = fetchgit {
+ url = "https://git.code.sf.net/p/cmpforopenssl/git";
+ inherit sha256 rev;
+ fetchSubmodules = false;
+ deepClone = false;
+ };
+
+ patches =
+ (args.patches or [])
+ ++ [ ./nix-ssl-cert-file.patch ];
+
+ outputs = [ "bin" "dev" "out" "man" ];
+ setOutputFlags = false;
+ separateDebugInfo = stdenv.isLinux;
+
+ nativeBuildInputs = [ perl ];
+
+ configureScript = "./config";
+
+ configureFlags = [
+ "shared"
+ "--libdir=lib"
+ "--openssldir=etc/ssl"
+ ] ;
+
+ makeFlags = [ "MANDIR=$(man)/share/man" ];
+
+ # Parallel building is broken in OpenSSL.
+ enableParallelBuilding = false;
+
+ postInstall = ''
+ # If we're building dynamic libraries, then don't install static
+ # libraries.
+ if [ -n "$(echo $out/lib/*.so $out/lib/*.dylib $out/lib/*.dll)" ]; then
+ rm "$out/lib/"*.a
+ fi
+
+ mkdir -p $bin
+ mv $out/bin $bin/
+
+ mkdir $dev
+ mv $out/include $dev/
+
+ # remove dependency on Perl at runtime
+ rm -r $out/etc/ssl/misc
+
+ rmdir $out/etc/ssl/{certs,private}
+ '';
+
+ postFixup = ''
+ # Check to make sure the main output doesn't depend on perl
+ if grep -r '${buildPackages.perl}' $out; then
+ echo "Found an erroneous dependency on perl ^^^" >&2
+ exit 1
+ fi
+ '';
+
+
+ meta = {
+ homepage = https://sourceforge.net/p/cmpforopenssl ;
+ description = "A cryptographic library that implements the SSL and TLS protocols";
+ platforms = stdenv.lib.platforms.all;
+ maintainers = [ stdenv.lib.maintainers.makefu ];
+ priority = 0; # resolves collision with ‘man-pages’
+ };
+ };
+
+in common {
+ rev = "462b3";
+ sha256 = "1h2k1c4lg27gmsyd72zrlr303jw765x8sscxblq2jwb44jag85na";
+ }
diff --git a/makefu/5pkgs/cmpforopenssl/nix-ssl-cert-file.patch b/makefu/5pkgs/cmpforopenssl/nix-ssl-cert-file.patch
new file mode 100644
index 000000000..b615f1482
--- /dev/null
+++ b/makefu/5pkgs/cmpforopenssl/nix-ssl-cert-file.patch
@@ -0,0 +1,14 @@
+diff -ru -x '*~' openssl-1.0.2j-orig/crypto/x509/by_file.c openssl-1.0.2j/crypto/x509/by_file.c
+--- openssl-1.0.2j-orig/crypto/x509/by_file.c 2016-09-26 11:49:07.000000000 +0200
++++ openssl-1.0.2j/crypto/x509/by_file.c 2016-10-13 16:54:31.400288302 +0200
+@@ -97,7 +97,9 @@
+ switch (cmd) {
+ case X509_L_FILE_LOAD:
+ if (argl == X509_FILETYPE_DEFAULT) {
+- file = (char *)getenv(X509_get_default_cert_file_env());
++ file = (char *)getenv("NIX_SSL_CERT_FILE");
++ if (!file)
++ file = (char *)getenv(X509_get_default_cert_file_env());
+ if (file)
+ ok = (X509_load_cert_crl_file(ctx, file,
+ X509_FILETYPE_PEM) != 0);