[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
02/05: gnu: openssl: Update to 1.0.2g.
|
From: |
Ludovic Courtès |
|
Subject: |
02/05: gnu: openssl: Update to 1.0.2g. |
|
Date: |
Wed, 09 Mar 2016 14:39:56 +0000 |
civodul pushed a commit to branch security-updates
in repository guix.
commit 4cff124bbf13bbfefdf7a5844f171b282ac0d9b0
Author: Ludovic Courtès <address@hidden>
Date: Wed Mar 9 15:20:34 2016 +0100
gnu: openssl: Update to 1.0.2g.
* gnu/packages/tls.scm (openssl)[replacement]: Remove.
[version, source]: Bump to 1.0.2g. Use "openssl-c-rehash-in.patch"
instead of "openssl-c-rehash.patch".
(openssl-1.0.2g): Remove.
* gnu-system.am (dist_patch_DATA): Remove "openssl-c-rehash.patch".
---
gnu-system.am | 1 -
gnu/packages/patches/openssl-c-rehash.patch | 17 ------
gnu/packages/tls.scm | 81 ++++----------------------
3 files changed, 13 insertions(+), 86 deletions(-)
diff --git a/gnu-system.am b/gnu-system.am
index 4566eca..dc1d038 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -636,7 +636,6 @@ dist_patch_DATA =
\
gnu/packages/patches/openjpeg-CVE-2015-6581.patch \
gnu/packages/patches/openjpeg-use-after-free-fix.patch \
gnu/packages/patches/openssl-runpath.patch \
- gnu/packages/patches/openssl-c-rehash.patch \
gnu/packages/patches/openssl-c-rehash-in.patch \
gnu/packages/patches/orpheus-cast-errors-and-includes.patch \
gnu/packages/patches/ots-no-include-missing-file.patch \
diff --git a/gnu/packages/patches/openssl-c-rehash.patch
b/gnu/packages/patches/openssl-c-rehash.patch
deleted file mode 100644
index f873a9a..0000000
--- a/gnu/packages/patches/openssl-c-rehash.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-This patch removes the explicit reference to the 'perl' binary,
-such that OpenSSL does not retain a reference to Perl.
-
-The 'c_rehash' program is seldom used, but it is used nonetheless
-to create symbolic links to certificates, for instance in the 'nss-certs'
-package.
-
---- openssl-1.0.2d/tools/c_rehash 2015-09-09 18:36:07.313316482 +0200
-+++ openssl-1.0.2d/tools/c_rehash 2015-09-09 18:36:28.965458458 +0200
-@@ -1,4 +1,6 @@
--#!/usr/bin/perl
-+eval '(exit $?0)' && eval 'exec perl -wS "$0" ${1+"$@"}'
-+ & eval 'exec perl -wS "$0" $argv:q'
-+ if 0;
-
- # Perl c_rehash script, scan all files in a directory
- # and add symbolic links to their hash values.
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index b6bf257..d6225f7 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -179,22 +179,21 @@ required structures.")
(define-public openssl
(package
- (replacement openssl-1.0.2g)
(name "openssl")
- (version "1.0.2f")
+ (version "1.0.2g")
(source (origin
- (method url-fetch)
- (uri (list (string-append "ftp://ftp.openssl.org/source/";
- name "-" version ".tar.gz")
- (string-append "ftp://ftp.openssl.org/source/old/";
- (string-trim-right version
char-set:letter)
- "/" name "-" version ".tar.gz")))
- (sha256
- (base32
- "171fkdg9v6j29d962nh6kb79kfm8kkhy7n9makw39d7jvvj4wawk"))
- (patches (map search-patch
- '("openssl-runpath.patch"
- "openssl-c-rehash.patch")))))
+ (method url-fetch)
+ (uri (list (string-append "ftp://ftp.openssl.org/source/";
+ name "-" version ".tar.gz")
+ (string-append "ftp://ftp.openssl.org/source/old/";
+ (string-trim-right version
char-set:letter)
+ "/" name "-" version ".tar.gz")))
+ (sha256
+ (base32
+ "0cxajjayi859czi545ddafi24m9nwsnjsw4q82zrmqvwj2rv315p"))
+ (patches (map search-patch
+ '("openssl-runpath.patch"
+ "openssl-c-rehash-in.patch")))))
(build-system gnu-build-system)
(native-inputs `(("perl" ,perl)))
(arguments
@@ -283,60 +282,6 @@ required structures.")
(license license:openssl)
(home-page "http://www.openssl.org/";)))
-(define openssl-1.0.2g
- (package
- (inherit openssl)
- (replacement #f)
- (source
- (let ((name "openssl") (version "1.0.2g"))
- (origin
- (method url-fetch)
- (uri (list (string-append "ftp://ftp.openssl.org/source/";
- name "-" version ".tar.gz")
- (string-append "ftp://ftp.openssl.org/source/old/";
- (string-trim-right version char-set:letter)
- "/" name "-" version ".tar.gz")))
- (sha256
- (base32
- "0cxajjayi859czi545ddafi24m9nwsnjsw4q82zrmqvwj2rv315p"))
- (patches (map search-patch
- '("openssl-runpath.patch"
- "openssl-c-rehash-in.patch"))))))
- (arguments
- (substitute-keyword-arguments (package-arguments openssl)
- ((#:phases phases)
- `(modify-phases ,phases
- (replace 'configure
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- (zero?
- (system*
- "./config"
-
- ;; XXX TEMPORARY, FOR GRAFTING ONLY
- ;; Enable ssl2 code to preserve
- ;; ABI compatibility with 1.0.2f
- "enable-ssl2"
-
- "shared" ;build shared libraries
- "--libdir=lib"
-
- ;; The default for this catch-all directory is
- ;; PREFIX/ssl. Change that to something more
- ;; conventional.
- (string-append "--openssldir=" out
- "/share/openssl-" ,(package-version openssl))
-
- (string-append "--prefix=" out)
-
- ;; XXX FIXME: Work around a code generation bug in GCC
- ;; 4.9.3 on ARM when compiled with -mfpu=neon. See:
- ;; <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66917>
- ,@(if (and (not (%current-target-system))
- (string-prefix? "armhf" (%current-system)))
- '("-mfpu=vfpv3")
- '()))))))))))))
-
(define-public libressl
(package
(name "libressl")