From fd78240ac82ada2b598d4491dbf6ff8622bd3dff Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Fri, 25 Mar 2022 15:33:21 +0000 Subject: treewide: use lib.getLib for OpenSSL libraries At some point, I'd like to make another attempt at 71f1f4884b5 ("openssl: stop static binaries referencing libs"), which was reverted in 195c7da07df. One problem with my previous attempt is that I moved OpenSSL's libraries to a lib output, but many dependent packages were hardcoding the out output as the location of the libraries. This patch fixes every such case I could find in the tree. It won't have any effect immediately, but will mean these packages will automatically use an OpenSSL lib output if it is reintroduced in future. This patch should cause very few rebuilds, because it shouldn't make any change at all to most packages I'm touching. The few rebuilds that are introduced come from when I've changed a package builder not to use variable names like openssl.out in scripts / substitution patterns, which would be confusing since they don't hardcode the output any more. I started by making the following global replacements: ${pkgs.openssl.out}/lib -> ${lib.getLib pkgs.openssl}/lib ${openssl.out}/lib -> ${lib.getLib openssl}/lib Then I removed the ".out" suffix when part of the argument to lib.makeLibraryPath, since that function uses lib.getLib internally. Then I fixed up cases where openssl was part of the -L flag to the compiler/linker, since that unambigously is referring to libraries. Then I manually investigated and fixed the following packages: - pycurl - citrix-workspace - ppp - wraith - unbound - gambit - acl2 I'm reasonably confindent in my fixes for all of them. For acl2, since the openssl library paths are manually provided above anyway, I don't think openssl is required separately as a build input at all. Removing it doesn't make a difference to the output size, the file list, or the closure. I've tested evaluation with the OfBorg meta checks, to protect against introducing evaluation failures. --- pkgs/applications/audio/spotify/default.nix | 4 ++-- pkgs/applications/blockchains/snarkos/default.nix | 2 +- pkgs/applications/blockchains/solana/default.nix | 2 +- pkgs/applications/editors/kodestudio/default.nix | 2 +- pkgs/applications/editors/sublime/3/common.nix | 2 +- .../editors/vscode/extensions/ms-dotnettools-csharp/default.nix | 2 +- pkgs/applications/networking/irc/wraith/configure.patch | 2 +- pkgs/applications/networking/irc/wraith/default.nix | 6 +++--- pkgs/applications/networking/mailreaders/mailspring/default.nix | 2 +- pkgs/applications/networking/remote/citrix-workspace/generic.nix | 2 +- pkgs/applications/version-management/subversion/default.nix | 2 +- 11 files changed, 14 insertions(+), 14 deletions(-) (limited to 'pkgs/applications') diff --git a/pkgs/applications/audio/spotify/default.nix b/pkgs/applications/audio/spotify/default.nix index aa04eba7fe8a..d2fe381ac6ae 100644 --- a/pkgs/applications/audio/spotify/default.nix +++ b/pkgs/applications/audio/spotify/default.nix @@ -126,8 +126,8 @@ stdenv.mkDerivation { # Work around Spotify referring to a specific minor version of # OpenSSL. - ln -s ${openssl.out}/lib/libssl.so $libdir/libssl.so.1.0.0 - ln -s ${openssl.out}/lib/libcrypto.so $libdir/libcrypto.so.1.0.0 + ln -s ${lib.getLib openssl}/lib/libssl.so $libdir/libssl.so.1.0.0 + ln -s ${lib.getLib openssl}/lib/libcrypto.so $libdir/libcrypto.so.1.0.0 ln -s ${nspr.out}/lib/libnspr4.so $libdir/libnspr4.so ln -s ${nspr.out}/lib/libplc4.so $libdir/libplc4.so diff --git a/pkgs/applications/blockchains/snarkos/default.nix b/pkgs/applications/blockchains/snarkos/default.nix index c52780c9564e..82c3555f64d6 100644 --- a/pkgs/applications/blockchains/snarkos/default.nix +++ b/pkgs/applications/blockchains/snarkos/default.nix @@ -27,7 +27,7 @@ rustPlatform.buildRustPackage rec { # Needed to get openssl-sys to use pkg-config. OPENSSL_NO_VENDOR = 1; - OPENSSL_LIB_DIR = "${openssl.out}/lib"; + OPENSSL_LIB_DIR = "${lib.getLib openssl}/lib"; OPENSSL_DIR="${lib.getDev openssl}"; LIBCLANG_PATH="${llvmPackages.libclang.lib}/lib"; diff --git a/pkgs/applications/blockchains/solana/default.nix b/pkgs/applications/blockchains/solana/default.nix index bfa9382b245a..0eb48b19c88f 100644 --- a/pkgs/applications/blockchains/solana/default.nix +++ b/pkgs/applications/blockchains/solana/default.nix @@ -37,7 +37,7 @@ rustPlatform.buildRustPackage rec { # checkInputs = lib.optionals stdenv.isDarwin [ pkg-config rustfmt ]; # Needed to get openssl-sys to use pkg-config. # OPENSSL_NO_VENDOR = 1; - # OPENSSL_LIB_DIR = "${openssl.out}/lib"; + # OPENSSL_LIB_DIR = "${lib.getLib openssl}/lib"; # OPENSSL_DIR="${lib.getDev openssl}"; # LLVM_CONFIG_PATH="${llvm}/bin/llvm-config"; # LIBCLANG_PATH="${llvmPackages.libclang.lib}/lib"; diff --git a/pkgs/applications/editors/kodestudio/default.nix b/pkgs/applications/editors/kodestudio/default.nix index e975678591c7..2620a87ce425 100644 --- a/pkgs/applications/editors/kodestudio/default.nix +++ b/pkgs/applications/editors/kodestudio/default.nix @@ -57,7 +57,7 @@ in $out/kodestudio patchelf \ --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ - --set-rpath ".:${stdenv.cc.libc}/lib:${xorg.libXinerama}/lib:${xorg.libX11}/lib:${alsa-lib}/lib:${libGL}/lib:${libGLU}/lib:${openssl.out}/lib" \ + --set-rpath ".:${stdenv.cc.libc}/lib:${xorg.libXinerama}/lib:${xorg.libX11}/lib:${alsa-lib}/lib:${libGL}/lib:${libGLU}/lib:${lib.getLib openssl}/lib" \ $out/resources/app/extensions/krom/Krom/linux/Krom patchelf \ --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ diff --git a/pkgs/applications/editors/sublime/3/common.nix b/pkgs/applications/editors/sublime/3/common.nix index b4bfc6c9ea73..a5cf2d560c01 100644 --- a/pkgs/applications/editors/sublime/3/common.nix +++ b/pkgs/applications/editors/sublime/3/common.nix @@ -101,7 +101,7 @@ in let "''${gappsWrapperArgs[@]}" # Without this, plugin_host crashes, even though it has the rpath - wrapProgram $out/plugin_host --prefix LD_PRELOAD : ${stdenv.cc.cc.lib}/lib${lib.optionalString stdenv.is64bit "64"}/libgcc_s.so.1:${openssl.out}/lib/libssl.so:${bzip2.out}/lib/libbz2.so + wrapProgram $out/plugin_host --prefix LD_PRELOAD : ${stdenv.cc.cc.lib}/lib${lib.optionalString stdenv.is64bit "64"}/libgcc_s.so.1:${lib.getLib openssl}/lib/libssl.so:${bzip2.out}/lib/libbz2.so ''; }; in stdenv.mkDerivation (rec { diff --git a/pkgs/applications/editors/vscode/extensions/ms-dotnettools-csharp/default.nix b/pkgs/applications/editors/vscode/extensions/ms-dotnettools-csharp/default.nix index d91cbccb8083..b1a3917417d9 100644 --- a/pkgs/applications/editors/vscode/extensions/ms-dotnettools-csharp/default.nix +++ b/pkgs/applications/editors/vscode/extensions/ms-dotnettools-csharp/default.nix @@ -107,7 +107,7 @@ vscode-utils.buildVscodeMarketplaceExtension { patchelf_add_icu_as_needed "$elf" patchelf --add-needed "libssl.so" "$elf" patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ - --set-rpath "${lib.makeLibraryPath [ stdenv.cc.cc openssl.out icu.out ]}:\$ORIGIN" \ + --set-rpath "${lib.makeLibraryPath [ stdenv.cc.cc openssl icu.out ]}:\$ORIGIN" \ "$elf" } diff --git a/pkgs/applications/networking/irc/wraith/configure.patch b/pkgs/applications/networking/irc/wraith/configure.patch index 16e65be00a25..2ecba77920eb 100644 --- a/pkgs/applications/networking/irc/wraith/configure.patch +++ b/pkgs/applications/networking/irc/wraith/configure.patch @@ -52,7 +52,7 @@ -fi -unset cf_openssl_basedir +SSL_INCLUDES="-I@openssl.dev@/include" -+SSL_LIBS="-L@openssl.out@/lib" ++SSL_LIBS="-L@openssl-lib@/lib" save_CXX="$CXX" CXX="$CXX $SSL_INCLUDES" diff --git a/pkgs/applications/networking/irc/wraith/default.nix b/pkgs/applications/networking/irc/wraith/default.nix index 30aec18c107f..a8923042c7d6 100644 --- a/pkgs/applications/networking/irc/wraith/default.nix +++ b/pkgs/applications/networking/irc/wraith/default.nix @@ -12,9 +12,9 @@ stdenv.mkDerivation rec { patches = [ ./configure.patch ./dlopen.patch ]; postPatch = '' substituteInPlace configure --subst-var-by openssl.dev ${openssl.dev} \ - --subst-var-by openssl.out ${openssl.out} - substituteInPlace src/libssl.cc --subst-var-by openssl ${openssl.out} - substituteInPlace src/libcrypto.cc --subst-var-by openssl ${openssl.out} + --subst-var-by openssl-lib ${lib.getLib openssl} + substituteInPlace src/libssl.cc --subst-var-by openssl ${lib.getLib openssl} + substituteInPlace src/libcrypto.cc --subst-var-by openssl ${lib.getLib openssl} ''; installPhase = '' mkdir -p $out/bin diff --git a/pkgs/applications/networking/mailreaders/mailspring/default.nix b/pkgs/applications/networking/mailreaders/mailspring/default.nix index d2e5beb17180..9b51545083ba 100644 --- a/pkgs/applications/networking/mailreaders/mailspring/default.nix +++ b/pkgs/applications/networking/mailreaders/mailspring/default.nix @@ -70,7 +70,7 @@ stdenv.mkDerivation rec { --replace dirname ${coreutils}/bin/dirname ln -s $out/share/mailspring/mailspring $out/bin/mailspring - ln -s ${openssl.out}/lib/libcrypto.so $out/lib/libcrypto.so.1.0.0 + ln -s ${lib.getLib openssl}/lib/libcrypto.so $out/lib/libcrypto.so.1.0.0 runHook postInstall ''; diff --git a/pkgs/applications/networking/remote/citrix-workspace/generic.nix b/pkgs/applications/networking/remote/citrix-workspace/generic.nix index ac0030961183..bfd9e402f956 100644 --- a/pkgs/applications/networking/remote/citrix-workspace/generic.nix +++ b/pkgs/applications/networking/remote/citrix-workspace/generic.nix @@ -14,7 +14,7 @@ let openssl' = symlinkJoin { name = "openssl-backwards-compat"; nativeBuildInputs = [ makeWrapper ]; - paths = [ openssl.out ]; + paths = [ (lib.getLib openssl) ]; postBuild = '' ln -sf $out/lib/libcrypto.so $out/lib/libcrypto.so.1.0.0 ln -sf $out/lib/libssl.so $out/lib/libssl.so.1.0.0 diff --git a/pkgs/applications/version-management/subversion/default.nix b/pkgs/applications/version-management/subversion/default.nix index 2e7484327674..4789d654ae68 100644 --- a/pkgs/applications/version-management/subversion/default.nix +++ b/pkgs/applications/version-management/subversion/default.nix @@ -92,7 +92,7 @@ let --replace "${expat.dev}/lib" "${expat.out}/lib" \ --replace "${zlib.dev}/lib" "${zlib.out}/lib" \ --replace "${sqlite.dev}/lib" "${sqlite.out}/lib" \ - --replace "${openssl.dev}/lib" "${openssl.out}/lib" + --replace "${openssl.dev}/lib" "${lib.getLib openssl}/lib" done ''; -- cgit 1.4.1