diff options
| author | Alyssa Ross <hi@alyssa.is> | 2022-02-22 10:43:06 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2022-03-11 16:17:56 +0000 |
| commit | ca1aada113c0ebda1ab8667199f6453f8e01c4fc (patch) | |
| tree | 55e402280096f62eb0bc8bcad5ce6050c5a0aec7 /nixpkgs/pkgs/development/libraries/openssl | |
| parent | e4df5a52a6a6531f32626f57205356a773ac2975 (diff) | |
| parent | 93883402a445ad467320925a0a5dbe43a949f25b (diff) | |
| download | nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.tar nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.tar.gz nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.tar.bz2 nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.tar.lz nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.tar.xz nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.tar.zst nixlib-ca1aada113c0ebda1ab8667199f6453f8e01c4fc.zip | |
Merge commit '93883402a445ad467320925a0a5dbe43a949f25b'
Conflicts: nixpkgs/nixos/modules/programs/ssh.nix nixpkgs/pkgs/applications/networking/browsers/firefox/packages.nix nixpkgs/pkgs/data/fonts/noto-fonts/default.nix nixpkgs/pkgs/development/go-modules/generic/default.nix nixpkgs/pkgs/development/interpreters/ruby/default.nix nixpkgs/pkgs/development/libraries/mesa/default.nix
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/openssl')
| -rw-r--r-- | nixpkgs/pkgs/development/libraries/openssl/default.nix | 31 |
1 files changed, 12 insertions, 19 deletions
diff --git a/nixpkgs/pkgs/development/libraries/openssl/default.nix b/nixpkgs/pkgs/development/libraries/openssl/default.nix index 30721129073b..390227cfe95c 100644 --- a/nixpkgs/pkgs/development/libraries/openssl/default.nix +++ b/nixpkgs/pkgs/development/libraries/openssl/default.nix @@ -9,18 +9,11 @@ , withPerl ? stdenv.hostPlatform == stdenv.buildPlatform }: -assert ( - lib.assertMsg (!withPerl -> stdenv.hostPlatform != stdenv.buildPlatform) - "withPerl should not be disabled unless cross compiling" -); - # Note: this package is used for bootstrapping fetchurl, and thus # cannot use fetchpatch! All mutable patches (generated by GitHub or # cgit) that are needed here should be included directly in Nixpkgs as # files. -with lib; - let common = { version, sha256, patches ? [], withDocs ? false, extraMeta ? {} }: stdenv.mkDerivation rec { @@ -36,7 +29,7 @@ let postPatch = '' patchShebangs Configure - '' + optionalString (versionOlder version "1.1.0") '' + '' + lib.optionalString (lib.versionOlder version "1.1.0") '' patchShebangs test/* for a in test/t* ; do substituteInPlace "$a" \ @@ -44,15 +37,15 @@ let done '' # config is a configure script which is not installed. - + optionalString (versionAtLeast version "1.1.1") '' + + lib.optionalString (lib.versionAtLeast version "1.1.1") '' substituteInPlace config --replace '/usr/bin/env' '${buildPackages.coreutils}/bin/env' - '' + optionalString (versionAtLeast version "1.1.0" && stdenv.hostPlatform.isMusl) '' + '' + lib.optionalString (lib.versionAtLeast version "1.1.0" && stdenv.hostPlatform.isMusl) '' substituteInPlace crypto/async/arch/async_posix.h \ --replace '!defined(__ANDROID__) && !defined(__OpenBSD__)' \ '!defined(__ANDROID__) && !defined(__OpenBSD__) && 0' ''; - outputs = [ "bin" "dev" "out" "man" ] ++ optional withDocs "doc"; + outputs = [ "bin" "dev" "out" "man" ] ++ lib.optional withDocs "doc"; setOutputFlags = false; separateDebugInfo = !stdenv.hostPlatform.isDarwin && @@ -86,7 +79,7 @@ let else if stdenv.hostPlatform.isBSD then "./Configure BSD-generic${toString stdenv.hostPlatform.parsed.cpu.bits}" else if stdenv.hostPlatform.isMinGW - then "./Configure mingw${optionalString + then "./Configure mingw${lib.optionalString (stdenv.hostPlatform.parsed.cpu.bits != 32) (toString stdenv.hostPlatform.parsed.cpu.bits)}" else if stdenv.hostPlatform.isLinux @@ -108,12 +101,12 @@ let "-DUSE_CRYPTODEV_DIGESTS" ] ++ lib.optional enableSSL2 "enable-ssl2" ++ lib.optional enableSSL3 "enable-ssl3" - ++ lib.optional (versionAtLeast version "3.0.0") "enable-ktls" - ++ lib.optional (versionAtLeast version "1.1.0" && stdenv.hostPlatform.isAarch64) "no-afalgeng" + ++ lib.optional (lib.versionAtLeast version "3.0.0") "enable-ktls" + ++ lib.optional (lib.versionAtLeast version "1.1.0" && stdenv.hostPlatform.isAarch64) "no-afalgeng" # OpenSSL needs a specific `no-shared` configure flag. # See https://wiki.openssl.org/index.php/Compilation_and_Installation#Configure_Options # for a comprehensive list of configuration options. - ++ lib.optional (versionAtLeast version "1.1.0" && static) "no-shared"; + ++ lib.optional (lib.versionAtLeast version "1.1.0" && static) "no-shared"; makeFlags = [ "MANDIR=$(man)/share/man" @@ -192,16 +185,16 @@ in { extraMeta.knownVulnerabilities = [ "Support for OpenSSL 1.0.2 ended with 2019." ]; }; - openssl_1_1 = common { - version = "1.1.1l"; - sha256 = "sha256-C3o+XlnDSCf+DDp0t+yLrvMCuY+oAIjX+RU6oW+na9E="; + openssl_1_1 = common rec { + version = "1.1.1m"; + sha256 = "sha256-+JGZvosjykX8fLnx2NPuZzEjGChq0DD1MWrKZGLbbJY="; patches = [ ./1.1/nix-ssl-cert-file.patch (if stdenv.hostPlatform.isDarwin then ./use-etc-ssl-certs-darwin.patch else ./use-etc-ssl-certs.patch) - ] ++ lib.optionals (stdenv.isDarwin) [ + ] ++ lib.optionals (stdenv.isDarwin && (builtins.substring 5 5 version) < "m") [ ./1.1/macos-yosemite-compat.patch ]; withDocs = true; |