diff options
-rw-r--r-- | gnu/packages/certs.scm | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm index c7242dea92..31ffa54d87 100644 --- a/gnu/packages/certs.scm +++ b/gnu/packages/certs.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> -;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2016, 2017 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2017 Leo Famulari <leo@famulari.name> ;;; ;;; This file is part of GNU Guix. @@ -155,13 +155,26 @@ taken from the NSS package and thus ultimately from the Mozilla project.") (let ((root (assoc-ref %build-inputs "isrgrootx1.pem")) (intermediate (assoc-ref %build-inputs "letsencryptauthorityx3.pem")) (backup (assoc-ref %build-inputs "letsencryptauthorityx4.pem")) - (out (string-append (assoc-ref %outputs "out") "/etc/ssl/certs"))) + (out (string-append (assoc-ref %outputs "out") "/etc/ssl/certs")) + (openssl (assoc-ref %build-inputs "openssl")) + (perl (assoc-ref %build-inputs "perl"))) (mkdir-p out) (for-each (lambda (cert) (copy-file cert (string-append out "/" (strip-store-file-name cert)))) - (list root intermediate backup)))))) + (list root intermediate backup)) + + ;; Create hash symlinks suitable for OpenSSL ('SSL_CERT_DIR' and + ;; similar.) + (chdir (string-append %output "/etc/ssl/certs")) + (unless (zero? (system* (string-append perl "/bin/perl") + (string-append openssl "/bin/c_rehash") + ".")) + (error "'c_rehash' failed" openssl)))))) + (native-inputs + `(("openssl" ,openssl) + ("perl" ,perl))) ;for 'c_rehash' (inputs `(; The Let's Encrypt root certificate, "ISRG Root X1". ("isrgrootx1.pem" |