gnu: le-certs: Create OpenSSL hash symlinks.

* gnu/packages/certs.scm (le-certs)[arguments]: Run 'c_rehash' on the result. [native-inputs]: New fields.
author: Ludovic Courtès <ludo@gnu.org> 2017-07-28 14:50:52 +0200
committer: Ludovic Courtès <ludo@gnu.org> 2017-07-28 18:09:43 +0200
commit: 6f0f55148d8f70ff5bb7455689a4e78b1807d555 (patch)
tree: 35b524f1578572a0aa1d37bd7149b12aa854cc8a
parent: c4b006ba12cd12a1c4971a36303582a096ce0948 (diff)
download: gnu-guix-6f0f55148d8f70ff5bb7455689a4e78b1807d555.tar
gnu-guix-6f0f55148d8f70ff5bb7455689a4e78b1807d555.tar.gz
1 files changed, 16 insertions, 3 deletions
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index c7242dea92..31ffa54d87 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -1,7 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
 ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
-;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2016, 2017 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -155,13 +155,26 @@ taken from the NSS package and thus ultimately from the Mozilla project.")
          (let ((root (assoc-ref %build-inputs "isrgrootx1.pem"))
                (intermediate (assoc-ref %build-inputs "letsencryptauthorityx3.pem"))
                (backup (assoc-ref %build-inputs "letsencryptauthorityx4.pem"))
-               (out (string-append (assoc-ref %outputs "out") "/etc/ssl/certs")))
+               (out (string-append (assoc-ref %outputs "out") "/etc/ssl/certs"))
+               (openssl (assoc-ref %build-inputs "openssl"))
+               (perl (assoc-ref %build-inputs "perl")))
            (mkdir-p out)
            (for-each
              (lambda (cert)
                (copy-file cert (string-append out "/"
                                               (strip-store-file-name cert))))
-             (list root intermediate backup))))))
+             (list root intermediate backup))
+
+           ;; Create hash symlinks suitable for OpenSSL ('SSL_CERT_DIR' and
+           ;; similar.)
+           (chdir (string-append %output "/etc/ssl/certs"))
+           (unless (zero? (system* (string-append perl "/bin/perl")
+                                   (string-append openssl "/bin/c_rehash")
+                                   "."))
+             (error "'c_rehash' failed" openssl))))))
+    (native-inputs
+     `(("openssl" ,openssl)
+       ("perl" ,perl)))                           ;for 'c_rehash'
     (inputs
      `(; The Let's Encrypt root certificate, "ISRG Root X1".
        ("isrgrootx1.pem"
author	Ludovic Courtès <ludo@gnu.org>	2017-07-28 14:50:52 +0200
committer	Ludovic Courtès <ludo@gnu.org>	2017-07-28 18:09:43 +0200
commit	6f0f55148d8f70ff5bb7455689a4e78b1807d555 (patch)
tree	35b524f1578572a0aa1d37bd7149b12aa854cc8a
parent	c4b006ba12cd12a1c4971a36303582a096ce0948 (diff)
download	gnu-guix-6f0f55148d8f70ff5bb7455689a4e78b1807d555.tar gnu-guix-6f0f55148d8f70ff5bb7455689a4e78b1807d555.tar.gz