05/05: gnu: openssl: Remove run-time dependency on Perl.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

05/05: gnu: openssl: Remove run-time dependency on Perl.

From:	Ludovic Court�s
Subject:	05/05: gnu: openssl: Remove run-time dependency on Perl.
Date:	Wed, 09 Sep 2015 17:20:15 +0000

civodul pushed a commit to branch core-updates
in repository guix.

commit 784d6e9115990b9f44a19d1fbf6d1f84c3e1bfaa
Author: Ludovic Courtès <address@hidden>
Date:   Wed Sep 9 19:01:48 2015 +0200

    gnu: openssl: Remove run-time dependency on Perl.
    
    This shrinks the closure of OpenSSL from 154 MiB to 73 MiB.
    
    * gnu/packages/patches/openssl-c-rehash.patch: New file.
    * gnu-system.am (dist_patch_DATA): Add it.
    * gnu/packages/tls.scm (openssl)[source]: Use it.
      [arguments]: Add 'remove-miscellany' phase.
    * gnu/packages/certs.scm (nss-certs)[native-inputs]: Add PERL.
---
 gnu-system.am                               |    1 +
 gnu/packages/certs.scm                      |    4 +++-
 gnu/packages/patches/openssl-c-rehash.patch |   17 +++++++++++++++++
 gnu/packages/tls.scm                        |   15 +++++++++++++--
 4 files changed, 34 insertions(+), 3 deletions(-)

diff --git a/gnu-system.am b/gnu-system.am
index e98ae20..749d744 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -567,6 +567,7 @@ dist_patch_DATA =                                           
\
   gnu/packages/patches/nvi-db4.patch                           \
   gnu/packages/patches/openexr-missing-samples.patch           \
   gnu/packages/patches/openssl-runpath.patch                   \
+  gnu/packages/patches/openssl-c-rehash.patch                  \
   gnu/packages/patches/orpheus-cast-errors-and-includes.patch  \
   gnu/packages/patches/ots-no-include-missing-file.patch       \
   gnu/packages/patches/patchelf-page-size.patch                        \
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 0f5a105..dd7d339 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -26,6 +26,7 @@
   #:use-module (gnu packages)
   #:use-module (gnu packages gnuzilla)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages perl)
   #:use-module (gnu packages tls))
 
 (define certdata2pem
@@ -76,7 +77,8 @@
     (outputs '("out"))
     (native-inputs
      `(("certdata2pem" ,certdata2pem)
-       ("openssl" ,openssl)))
+       ("openssl" ,openssl)
+       ("perl" ,perl)))                           ;for OpenSSL's 'c_rehash'
     (inputs '())
     (propagated-inputs '())
     (arguments
diff --git a/gnu/packages/patches/openssl-c-rehash.patch 
b/gnu/packages/patches/openssl-c-rehash.patch
new file mode 100644
index 0000000..f873a9a
--- /dev/null
+++ b/gnu/packages/patches/openssl-c-rehash.patch
@@ -0,0 +1,17 @@
+This patch removes the explicit reference to the 'perl' binary,
+such that OpenSSL does not retain a reference to Perl.
+
+The 'c_rehash' program is seldom used, but it is used nonetheless
+to create symbolic links to certificates, for instance in the 'nss-certs'
+package.
+
+--- openssl-1.0.2d/tools/c_rehash      2015-09-09 18:36:07.313316482 +0200
++++ openssl-1.0.2d/tools/c_rehash      2015-09-09 18:36:28.965458458 +0200
+@@ -1,4 +1,6 @@
+-#!/usr/bin/perl
++eval '(exit $?0)' && eval 'exec perl -wS "$0" ${1+"$@"}'
++  & eval 'exec perl -wS "$0" $argv:q'
++    if 0;
+ 
+ # Perl c_rehash script, scan all files in a directory
+ # and add symbolic links to their hash values.
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index e7baa52..8b607df 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -195,7 +195,9 @@ required structures.")
             (sha256
              (base32
               "1j58r7rdj9fz2lanir8ajbx4bspb5jnm5ikl6dq8lql5fx43c737"))
-            (patches (list (search-patch "openssl-runpath.patch")))))
+            (patches (map search-patch
+                          '("openssl-runpath.patch"
+                            "openssl-c-rehash.patch")))))
    (build-system gnu-build-system)
    (native-inputs `(("perl" ,perl)))
    (arguments
@@ -255,7 +257,16 @@ required structures.")
                (("/bin/sh")
                 (string-append bash "/bin/bash"))
                (("/bin/rm")
-                "rm"))))))))
+                "rm")))))
+        (add-after
+         'install 'remove-miscellany
+         (lambda* (#:key outputs #:allow-other-keys)
+           ;; The 'misc' directory contains random undocumented shell and Perl
+           ;; scripts.  Remove them to avoid retaining a reference on Perl.
+           (let ((out (assoc-ref outputs "out")))
+             (delete-file-recursively (string-append out "/share/openssl-"
+                                                     ,version "/misc"))
+             #t))))))
    (native-search-paths
     ;; FIXME: These two variables must designate a single file or directory
     ;; and are not actually "search paths."  In practice it works OK in user

[Prev in Thread]

Current Thread

[Next in Thread]

branch core-updates updated (c5d8e68 -> 784d6e9), Ludovic Court�s, 2015/09/09
- 02/05: gnu: openssl: Use 'modify-phases'., Ludovic Court�s, 2015/09/09
- 01/05: gnu: libtiff: Add "doc" output., Ludovic Court�s, 2015/09/09
- 03/05: gnu: openssl: Install data and documentation to PREFIX/share., Ludovic Court�s, 2015/09/09
- 05/05: gnu: openssl: Remove run-time dependency on Perl., Ludovic Court�s <=
- 04/05: gnu: openssl: Allow shared objects to be stripped., Ludovic Court�s, 2015/09/09

Prev by Date: 03/05: gnu: openssl: Install data and documentation to PREFIX/share.
Next by Date: 04/05: gnu: openssl: Allow shared objects to be stripped.
Previous by thread: 03/05: gnu: openssl: Install data and documentation to PREFIX/share.
Next by thread: 04/05: gnu: openssl: Allow shared objects to be stripped.
Index(es):
- Date
- Thread