aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/tls.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/tls.scm')
-rw-r--r--gnu/packages/tls.scm105
1 files changed, 47 insertions, 58 deletions
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index bd86b2e0d9..6b1005c2f8 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -1,10 +1,10 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
-;;; Copyright © 2014, 2015, 2016, 2017 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014 Ian Denhardt <ian@zenhack.net>
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015 David Thompson <davet@gnu.org>
-;;; Copyright © 2015, 2016, 2017 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2015, 2016, 2017, 2018 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016, 2017 ng0 <ng0@infotropique.org>
;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
@@ -65,8 +65,7 @@
(define-public libtasn1
(package
(name "libtasn1")
- (version "4.12")
- (replacement libtasn1/fixed)
+ (version "4.13")
(source
(origin
(method url-fetch)
@@ -74,8 +73,7 @@
version ".tar.gz"))
(sha256
(base32
- "0ls7jdq3y5fnrwg0pzhq11m21r8pshac2705bczz6mqjc8pdllv7"))
- (patches (search-patches "libtasn1-CVE-2017-10790.patch"))))
+ "1jlc1iahj8k3haz28j55nzg7sgni5h41vqy461i1bpbx6668wlky"))))
(build-system gnu-build-system)
(native-inputs `(("perl" ,perl)))
(home-page "https://www.gnu.org/software/libtasn1/")
@@ -87,14 +85,6 @@ networking, allowing for formal validation of data according to some
specifications.")
(license license:lgpl2.0+)))
-(define libtasn1/fixed
- (package
- (inherit libtasn1)
- (source (origin
- (inherit (package-source libtasn1))
- (patches (search-patches "libtasn1-CVE-2017-10790.patch"
- "libtasn1-CVE-2018-6003.patch"))))))
-
(define-public asn1c
(package
(name "asn1c")
@@ -155,7 +145,7 @@ living in the same process.")
(define-public gnutls
(package
(name "gnutls")
- (version "3.5.13")
+ (version "3.5.18")
(source (origin
(method url-fetch)
(uri
@@ -169,7 +159,7 @@ living in the same process.")
"gnutls-skip-pkgconfig-test.patch"))
(sha256
(base32
- "15ihq6p0hnnhs8cnjrkj40dmlcaa1jjg8xg0g2ydbnlqs454ixbr"))))
+ "0d02x28fwkkx7xzn7807nww6idchizzq3plx8sfcyiw7wzclh8mf"))))
(build-system gnu-build-system)
(arguments
`(; Ensure we don't keep a reference to this buggy software.
@@ -307,26 +297,25 @@ required structures.")
'configure
(lambda* (#:key outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out")))
- (zero?
- (system* "./config"
- "shared" ;build shared libraries
- "--libdir=lib"
-
- ;; The default for this catch-all directory is
- ;; PREFIX/ssl. Change that to something more
- ;; conventional.
- (string-append "--openssldir=" out
- "/share/openssl-" ,version)
-
- (string-append "--prefix=" out)
-
- ;; XXX FIXME: Work around a code generation bug in GCC
- ;; 4.9.3 on ARM when compiled with -mfpu=neon. See:
- ;; <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66917>
- ,@(if (and (not (%current-target-system))
- (string-prefix? "armhf" (%current-system)))
- '("-mfpu=vfpv3")
- '()))))))
+ (apply invoke "./config"
+ "shared" ;build shared libraries
+ "--libdir=lib"
+
+ ;; The default for this catch-all directory is
+ ;; PREFIX/ssl. Change that to something more
+ ;; conventional.
+ (string-append "--openssldir=" out
+ "/share/openssl-" ,version)
+
+ (string-append "--prefix=" out)
+
+ ;; XXX FIXME: Work around a code generation bug in GCC
+ ;; 4.9.3 on ARM when compiled with -mfpu=neon. See:
+ ;; <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66917>
+ ,@(if (and (not (%current-target-system))
+ (string-prefix? "armhf" (%current-system)))
+ '("-mfpu=vfpv3")
+ '())))))
(add-after
'install 'make-libraries-writable
(lambda* (#:key outputs #:allow-other-keys)
@@ -432,27 +421,26 @@ required structures.")
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(lib (string-append out "/lib")))
- (zero?
- (system* "./config"
- "shared" ;build shared libraries
- "--libdir=lib"
-
- ;; The default for this catch-all directory is
- ;; PREFIX/ssl. Change that to something more
- ;; conventional.
- (string-append "--openssldir=" out
- "/share/openssl-" ,version)
-
- (string-append "--prefix=" out)
- (string-append "-Wl,-rpath," lib)
-
- ;; XXX FIXME: Work around a code generation bug in GCC
- ;; 4.9.3 on ARM when compiled with -mfpu=neon. See:
- ;; <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66917>
- ,@(if (and (not (%current-target-system))
- (string-prefix? "armhf" (%current-system)))
- '("-mfpu=vfpv3")
- '()))))))
+ (apply invoke "./config"
+ "shared" ;build shared libraries
+ "--libdir=lib"
+
+ ;; The default for this catch-all directory is
+ ;; PREFIX/ssl. Change that to something more
+ ;; conventional.
+ (string-append "--openssldir=" out
+ "/share/openssl-" ,version)
+
+ (string-append "--prefix=" out)
+ (string-append "-Wl,-rpath," lib)
+
+ ;; XXX FIXME: Work around a code generation bug in GCC
+ ;; 4.9.3 on ARM when compiled with -mfpu=neon. See:
+ ;; <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66917>
+ ,@(if (and (not (%current-target-system))
+ (string-prefix? "armhf" (%current-system)))
+ '("-mfpu=vfpv3")
+ '())))))
;; XXX: Duplicate this phase to make sure 'version' evaluates
;; in the current scope and not the inherited one.
@@ -805,7 +793,8 @@ then ported to the GNU / Linux environment.")
'(begin
(substitute* "include/mbedtls/dhm.h"
(("#define MBEDTLS_DHM_RFC5114_MODP_P")
- "#define MBEDTLS_DHM_RFC5114_MODP_2048_P"))))))
+ "#define MBEDTLS_DHM_RFC5114_MODP_2048_P"))
+ #t))))
(build-system cmake-build-system)
(arguments
`(#:configure-flags