diff options
Diffstat (limited to 'nixpkgs/pkgs/os-specific/linux/sgx/ssl/default.nix')
-rw-r--r-- | nixpkgs/pkgs/os-specific/linux/sgx/ssl/default.nix | 34 |
1 files changed, 10 insertions, 24 deletions
diff --git a/nixpkgs/pkgs/os-specific/linux/sgx/ssl/default.nix b/nixpkgs/pkgs/os-specific/linux/sgx/ssl/default.nix index f3f6ce485063..9d1905e09d1f 100644 --- a/nixpkgs/pkgs/os-specific/linux/sgx/ssl/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/sgx/ssl/default.nix @@ -1,8 +1,8 @@ { stdenv , fetchFromGitHub -, fetchpatch , fetchurl , lib +, openssl , perl , sgx-sdk , which @@ -10,9 +10,9 @@ }: let sgxVersion = sgx-sdk.versionTag; - opensslVersion = "1.1.1l"; + opensslVersion = "1.1.1u"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { pname = "sgx-ssl" + lib.optionalString debug "-debug"; version = "${sgxVersion}_${opensslVersion}"; @@ -20,25 +20,20 @@ stdenv.mkDerivation rec { owner = "intel"; repo = "intel-sgx-ssl"; rev = "lin_${sgxVersion}_${opensslVersion}"; - hash = "sha256-ibPXs90ni2fkxJ09fNO6wWVpfCFdko6MjBFkEsyIih8="; + hash = "sha256-zbXEQz72VUPqnGrboX6oXliaLpbcos7tV6K9lX+zleg="; }; postUnpack = let opensslSourceArchive = fetchurl { url = "https://www.openssl.org/source/openssl-${opensslVersion}.tar.gz"; - hash = "sha256-C3o+XlnDSCf+DDp0t+yLrvMCuY+oAIjX+RU6oW+na9E="; + hash = "sha256-4vjYS1I+7NBse+diaDA3AwD7zBU4a/UULXJ1j2lj68Y="; }; in '' ln -s ${opensslSourceArchive} $sourceRoot/openssl_source/openssl-${opensslVersion}.tar.gz ''; - patches = [ - # https://github.com/intel/intel-sgx-ssl/pull/111 - ./intel-sgx-ssl-pr-111.patch - ]; - postPatch = '' patchShebangs Linux/build_openssl.sh @@ -48,8 +43,6 @@ stdenv.mkDerivation rec { 'bash -c "true"' ''; - enableParallelBuilding = true; - nativeBuildInputs = [ perl sgx-sdk @@ -68,28 +61,21 @@ stdenv.mkDerivation rec { ]; # Build the test app - # - # Running the test app is currently only supported on Intel CPUs - # and will fail on non-Intel CPUs even in SGX simulation mode. - # Therefore, we only build the test app without running it until - # upstream resolves the issue: https://github.com/intel/intel-sgx-ssl/issues/113 doInstallCheck = true; - installCheckTarget = "all"; + installCheckTarget = "test"; installCheckFlags = [ "SGX_MODE=SIM" - "-C sgx/test_app" "-j 1" # Makefile doesn't support multiple jobs ]; - preInstallCheck = '' - # Expects the enclave file in the current working dir - ln -s sgx/test_app/TestEnclave.signed.so . - ''; + nativeInstallCheckInputs = [ + openssl + ]; meta = with lib; { description = "Cryptographic library for Intel SGX enclave applications based on OpenSSL"; homepage = "https://github.com/intel/intel-sgx-ssl"; maintainers = with maintainers; [ trundle veehaitch ]; platforms = [ "x86_64-linux" ]; - license = with licenses; [ bsd3 openssl ]; + license = [ licenses.bsd3 licenses.openssl ]; }; } |