Merge commit 'a2e06fc3423c4be53181b15c28dfbe0bcf67dd73'

2 files changed, 3 insertions, 85 deletions

diff --git a/nixpkgs/pkgs/servers/http/apache-modules/mod_csr/default.nix b/nixpkgs/pkgs/servers/http/apache-modules/mod_csr/default.nix
index 60f97d2f3615..6547d3aa2b5c 100644
--- a/nixpkgs/pkgs/servers/http/apache-modules/mod_csr/default.nix
+++ b/nixpkgs/pkgs/servers/http/apache-modules/mod_csr/default.nix
@@ -1,35 +1,19 @@
 { stdenv, fetchurl, pkgconfig, mod_ca, apr, aprutil }:
 
+
 stdenv.mkDerivation rec {
   pname = "mod_csr";
-  version = "0.2.1";
+  version = "0.2.3";
 
   src = fetchurl {
     url = "https://redwax.eu/dist/rs/${pname}-${version}.tar.gz";
-    sha256 = "01sdvv07kchdd6ssrmd2cbhj50qh2ibp5g5h6jy1jqbzp0b3j9ja";
+    sha256 = "1p4jc0q40453wpvwqgnr1n007b4jxpkizzy3r4jygsxxgg4x9w7x";
   };
 
   nativeBuildInputs = [ pkgconfig ];
   buildInputs = [ mod_ca apr aprutil ];
   inherit (mod_ca) configureFlags installFlags;
 
-  # After openssl-1.0.2t, starting in  openssl-1.1.0l
-  # parts of the OpenSSL struct API was replaced by
-  # getters - but some setters where forgotten.
-  #
-  # It is expected that these are back/retrofitted in version
-  # openssl-1.1.1d -- but while fixing this it was found
-  # that there were quite a few other setters missing and
-  # that some of the memory management needed was at odds
-  # with the principles used sofar.
-  #
-  # See https://github.com/openssl/openssl/pull/10563
-  #
-  # So as a stopgap - use a minimalist compat. layer
-  # https://source.redwax.eu/projects/RS/repos/mod_csr/browse/openssl_setter_compat.h
-  #
-  preBuild = "cp ${./openssl_setter_compat.h} openssl_setter_compat.h";
-
   meta = with stdenv.lib; {
     description = "RedWax CA service module to handle Certificate Signing Requests";
 
diff --git a/nixpkgs/pkgs/servers/http/apache-modules/mod_csr/openssl_setter_compat.h b/nixpkgs/pkgs/servers/http/apache-modules/mod_csr/openssl_setter_compat.h
deleted file mode 100644
index a2a9e0f7a18d..000000000000
--- a/nixpkgs/pkgs/servers/http/apache-modules/mod_csr/openssl_setter_compat.h
+++ /dev/null
@@ -1,66 +0,0 @@
-/* Licensed to Stichting The Commons Conservancy (TCC) under one or more
- * contributor license agreements.  See the AUTHORS file distributed with
- * this work for additional information regarding copyright ownership.
- * TCC licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-// These routines are copies from OpenSSL/1.1.1 its x509/x509_req.c
-// and the private header files for that. They are needed as
-// starting with OpenSSL 1.1.0 the X509_req structure became
-// private; and got some get0 functions to access its internals.
-// But no getter's until post 1.1.1 (PR#10563). So this is a
-// stopgap for these lacking releases.
-//
-// Testest against: 
-//   openssl-1.0.2t 0x01000214fL (does not need it, privates still accessile)
-//   openssl-1.1.0l 0x0101000cfL (needs it)
-//   openssl-1.1.1d 0x01010104fL (last version that needs it)
-//   openssl-1.1.1-dev		 (should not need it - post PR#10563).
-//
-/* #if OPENSSL_VERSION_NUMBER >= 0x010100000L &&  OPENSSL_VERSION_NUMBER  <= 0x01010104fL */
-#if OPENSSL_VERSION_NUMBER >= 0x010100000L 
-#include "openssl/x509.h"
-
-#define HAS_OPENSSL_PR10563_WORK_AROUND
-
-struct X509_req_info_st {
-    ASN1_ENCODING enc;          
-    ASN1_INTEGER *version;     
-    X509_NAME *subject;       
-    X509_PUBKEY *pubkey;     
-    STACK_OF(X509_ATTRIBUTE) *attributes;
-};
-
-typedef _Atomic int CRYPTO_REF_COUNT;
-
-struct X509_req_st {
-    X509_REQ_INFO req_info; 
-    X509_ALGOR sig_alg;       
-    ASN1_BIT_STRING *signature; /* signature */
-    CRYPTO_REF_COUNT references;
-    CRYPTO_RWLOCK *lock;
-# ifndef OPENSSL_NO_SM2
-    ASN1_OCTET_STRING *sm2_id;
-# endif
-};
-
-
-static void _X509_REQ_set1_signature(X509_REQ *req, X509_ALGOR *palg)
-{
-    if (req->sig_alg.algorithm)
-        ASN1_OBJECT_free(req->sig_alg.algorithm);
-    if (req->sig_alg.parameter)
-        ASN1_TYPE_free(req->sig_alg.parameter);
-    req->sig_alg = *palg;
-}
-#endif