HCoop / jackhill / guix / guix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'master' into core-updates
[jackhill/guix/guix.git] / gnu / packages / tls.scm
1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
3 ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
4 ;;; Copyright © 2014 Ian Denhardt <ian@zenhack.net>
5 ;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
6 ;;; Copyright © 2015 David Thompson <davet@gnu.org>
7 ;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name>
8 ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
9 ;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
10 ;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
11 ;;;
12 ;;; This file is part of GNU Guix.
13 ;;;
14 ;;; GNU Guix is free software; you can redistribute it and/or modify it
15 ;;; under the terms of the GNU General Public License as published by
16 ;;; the Free Software Foundation; either version 3 of the License, or (at
17 ;;; your option) any later version.
18 ;;;
19 ;;; GNU Guix is distributed in the hope that it will be useful, but
20 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
21 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 ;;; GNU General Public License for more details.
23 ;;;
24 ;;; You should have received a copy of the GNU General Public License
25 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
26
27 (define-module (gnu packages tls)
28 #:use-module ((guix licenses) #:prefix license:)
29 #:use-module (guix packages)
30 #:use-module (guix download)
31 #:use-module (guix utils)
32 #:use-module (guix build-system gnu)
33 #:use-module (guix build-system perl)
34 #:use-module (guix build-system python)
35 #:use-module (gnu packages compression)
36 #:use-module (gnu packages)
37 #:use-module (gnu packages guile)
38 #:use-module (gnu packages libbsd)
39 #:use-module (gnu packages libffi)
40 #:use-module (gnu packages libidn)
41 #:use-module (gnu packages linux)
42 #:use-module (gnu packages ncurses)
43 #:use-module (gnu packages nettle)
44 #:use-module (gnu packages perl)
45 #:use-module (gnu packages pkg-config)
46 #:use-module (gnu packages python)
47 #:use-module (gnu packages texinfo)
48 #:use-module (gnu packages base))
49
50 (define-public libtasn1
51 (package
52 (name "libtasn1")
53 (version "4.9")
54 (source
55 (origin
56 (method url-fetch)
57 (uri (string-append "mirror://gnu/libtasn1/libtasn1-"
58 version ".tar.gz"))
59 (sha256
60 (base32
61 "0869cp6jx7cajgv6cnddsh3vc7bimmdkdjn80y1jpb4iss7plvsg"))))
62 (build-system gnu-build-system)
63 (native-inputs `(("perl" ,perl)))
64 (home-page "http://www.gnu.org/software/libtasn1/")
65 (synopsis "ASN.1 library")
66 (description
67 "GNU libtasn1 is a library implementing the ASN.1 notation. It is used
68 for transmitting machine-neutral encodings of data objects in computer
69 networking, allowing for formal validation of data according to some
70 specifications.")
71 (license license:lgpl2.0+)))
72
73 (define-public asn1c
74 (package
75 (name "asn1c")
76 (version "0.9.27")
77 (source (origin
78 (method url-fetch)
79 (uri (string-append "https://lionet.info/soft/asn1c-"
80 version ".tar.gz"))
81 (sha256
82 (base32
83 "17nvn2kzvlryasr9dzqg6gs27b9lvqpval0k31pb64bjqbhn8pq2"))))
84 (build-system gnu-build-system)
85 (native-inputs
86 `(("perl" ,perl)))
87 (home-page "https://lionet.info/asn1c")
88 (synopsis "ASN.1 to C compiler")
89 (description "The ASN.1 to C compiler takes ASN.1 module
90 files and generates C++ compatible C source code. That code can be
91 used to serialize the native C structures into compact and unambiguous
92 BER/XER/PER-based data files, and deserialize the files back.
93
94 Various ASN.1 based formats are widely used in the industry, such as to encode
95 the X.509 certificates employed in the HTTPS handshake, to exchange control
96 data between mobile phones and cellular networks, to car-to-car communication
97 in intelligent transportation networks.")
98 (license license:bsd-2)))
99
100 (define-public p11-kit
101 (package
102 (name "p11-kit")
103 (version "0.23.2")
104 (source
105 (origin
106 (method url-fetch)
107 (uri (string-append "https://p11-glue.freedesktop.org/releases/p11-kit-"
108 version ".tar.gz"))
109 (sha256
110 (base32
111 "1w7szm190phlkg7qx05ychlj2dbvkgkhx9gw6dx4d5rw62l6wwms"))
112 (modules '((guix build utils))) ; for substitute*
113 (snippet
114 '(begin
115 ;; Drop one test that fails, also when trying to compile manually.
116 ;; Reported upstream at
117 ;; https://bugs.freedesktop.org/show_bug.cgi?id=89027
118 (substitute* "Makefile.in"
119 (("test-module\\$\\(EXEEXT\\) ") ""))))))
120 (build-system gnu-build-system)
121 (native-inputs
122 `(("pkg-config" ,pkg-config)))
123 (inputs
124 `(("libffi" ,libffi)
125 ("libtasn1" ,libtasn1)))
126 (arguments
127 `(#:configure-flags '("--without-trust-paths")))
128 (home-page "http://p11-glue.freedesktop.org/p11-kit.html")
129 (synopsis "PKCS#11 library")
130 (description
131 "p11-kit provides a way to load and enumerate PKCS#11 modules. It
132 provides a standard configuration setup for installing PKCS#11 modules
133 in such a way that they are discoverable. It also solves problems with
134 coordinating the use of PKCS#11 by different components or libraries
135 living in the same process.")
136 (license license:bsd-3)))
137
138 (define-public gnutls
139 (package
140 (name "gnutls")
141 (version "3.5.4")
142 (source (origin
143 (method url-fetch)
144 (uri
145 ;; Note: Releases are no longer on ftp.gnu.org since the
146 ;; schism (after version 3.1.5).
147 (string-append "mirror://gnupg/gnutls/v"
148 (version-major+minor version)
149 "/gnutls-" version ".tar.xz"))
150 (sha256
151 (base32
152 "1sx8p7v452s9m854r2c5pvcd1k15a3caiv5h35fhrxz0691h2f2f"))))
153 (build-system gnu-build-system)
154 (arguments
155 '(#:configure-flags
156 (list (string-append "--with-guile-site-dir="
157 (assoc-ref %outputs "out")
158 "/share/guile/site/2.0")
159 ;; GnuTLS doesn't consult any environment variables to specify
160 ;; the location of the system-wide trust store. Instead it has a
161 ;; configure-time option. Unless specified, its configure script
162 ;; attempts to auto-detect the location by looking for common
163 ;; places in the file system, none of which are present in our
164 ;; chroot build environment. If not found, then no default trust
165 ;; store is used, so each program has to provide its own
166 ;; fallback, and users have to configure each program
167 ;; independently. This seems suboptimal.
168 "--with-default-trust-store-dir=/etc/ssl/certs"
169
170 ;; FIXME: Temporarily disable p11-kit support since it is not
171 ;; working on mips64el.
172 "--without-p11-kit")
173
174 #:phases (modify-phases %standard-phases
175 (add-after
176 'install 'move-doc
177 (lambda* (#:key outputs #:allow-other-keys)
178 ;; Copy the 4.1 MiB of section 3 man pages to "doc".
179 (let* ((out (assoc-ref outputs "out"))
180 (doc (assoc-ref outputs "doc"))
181 (mandir (string-append doc "/share/man/man3"))
182 (oldman (string-append out "/share/man/man3")))
183 (mkdir-p mandir)
184 (copy-recursively oldman mandir)
185 (delete-file-recursively oldman)
186 #t))))))
187 (outputs '("out" ;4.4 MiB
188 "debug"
189 "doc")) ;4.1 MiB of man pages
190 (native-inputs
191 `(("net-tools" ,net-tools)
192 ("pkg-config" ,pkg-config)
193 ("which" ,which)))
194 (inputs
195 `(("guile" ,guile-2.0)
196 ("perl" ,perl)))
197 (propagated-inputs
198 ;; These are all in the 'Requires.private' field of gnutls.pc.
199 `(("libtasn1" ,libtasn1)
200 ("libidn" ,libidn)
201 ("nettle" ,nettle)
202 ("zlib" ,zlib)))
203 (home-page "https://www.gnu.org/software/gnutls/")
204 (synopsis "Transport layer security library")
205 (description
206 "GnuTLS is a secure communications library implementing the SSL, TLS
207 and DTLS protocols. It is provided in the form of a C library to support the
208 protocols, as well as to parse and write X.5009, PKCS 12, OpenPGP and other
209 required structures.")
210 (license license:lgpl2.1+)
211 (properties '((ftp-server . "ftp.gnutls.org")
212 (ftp-directory . "/gcrypt/gnutls")))))
213
214 (define-public openssl
215 (package
216 (name "openssl")
217 (version "1.0.2j")
218 (source (origin
219 (method url-fetch)
220 (uri (list (string-append "ftp://ftp.openssl.org/source/"
221 name "-" version ".tar.gz")
222 (string-append "ftp://ftp.openssl.org/source/old/"
223 (string-trim-right version char-set:letter)
224 "/" name "-" version ".tar.gz")))
225 (sha256
226 (base32
227 "0cf4ar97ijfc7mg35zdgpad6x8ivkdx9qii6mz35khi1ps9g5bz7"))
228 (patches (search-patches "openssl-runpath.patch"
229 "openssl-c-rehash-in.patch"))))
230 (build-system gnu-build-system)
231 (outputs '("out"
232 "doc" ;1.5MiB of man3 pages
233 "static")) ;6MiB of .a files
234 (native-inputs `(("perl" ,perl)))
235 (arguments
236 `(#:disallowed-references (,perl)
237 #:parallel-build? #f
238 #:parallel-tests? #f
239 #:test-target "test"
240
241 ;; Changes to OpenSSL sometimes cause Perl to "sneak in" to the closure,
242 ;; so we explicitly disallow it here.
243 #:disallowed-references ,(list (canonical-package perl))
244 #:phases
245 (modify-phases %standard-phases
246 (add-before
247 'configure 'patch-Makefile.org
248 (lambda* (#:key outputs #:allow-other-keys)
249 ;; The default MANDIR is some unusual place. Fix that.
250 (let ((out (assoc-ref outputs "out")))
251 (patch-makefile-SHELL "Makefile.org")
252 (substitute* "Makefile.org"
253 (("^MANDIR[[:blank:]]*=.*$")
254 (string-append "MANDIR = " out "/share/man\n")))
255 #t)))
256 (replace
257 'configure
258 (lambda* (#:key outputs #:allow-other-keys)
259 (let ((out (assoc-ref outputs "out")))
260 (zero?
261 (system* "./config"
262 "shared" ;build shared libraries
263 "--libdir=lib"
264
265 ;; The default for this catch-all directory is
266 ;; PREFIX/ssl. Change that to something more
267 ;; conventional.
268 (string-append "--openssldir=" out
269 "/share/openssl-" ,version)
270
271 (string-append "--prefix=" out)
272
273 ;; XXX FIXME: Work around a code generation bug in GCC
274 ;; 4.9.3 on ARM when compiled with -mfpu=neon. See:
275 ;; <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66917>
276 ,@(if (and (not (%current-target-system))
277 (string-prefix? "armhf" (%current-system)))
278 '("-mfpu=vfpv3")
279 '()))))))
280 (add-after
281 'install 'make-libraries-writable
282 (lambda* (#:key outputs #:allow-other-keys)
283 ;; Make libraries writable so that 'strip' does its job.
284 (let ((out (assoc-ref outputs "out")))
285 (for-each (lambda (file)
286 (chmod file #o644))
287 (find-files (string-append out "/lib")
288 "\\.so"))
289 #t)))
290 (add-after 'install 'move-static-libraries
291 (lambda* (#:key outputs #:allow-other-keys)
292 ;; Move static libraries to the "static" output.
293 (let* ((out (assoc-ref outputs "out"))
294 (lib (string-append out "/lib"))
295 (static (assoc-ref outputs "static"))
296 (slib (string-append static "/lib")))
297 (mkdir-p slib)
298 (for-each (lambda (file)
299 (install-file file slib)
300 (delete-file file))
301 (find-files lib "\\.a$"))
302 #t)))
303 (add-after 'install 'move-man3-pages
304 (lambda* (#:key outputs #:allow-other-keys)
305 ;; Move section 3 man pages to "doc".
306 (let* ((out (assoc-ref outputs "out"))
307 (man3 (string-append out "/share/man/man3"))
308 (doc (assoc-ref outputs "doc"))
309 (target (string-append doc "/share/man/man3")))
310 (mkdir-p target)
311 (for-each (lambda (file)
312 (rename-file file
313 (string-append target "/"
314 (basename file))))
315 (find-files man3))
316 (delete-file-recursively man3)
317 #t)))
318 (add-before
319 'patch-source-shebangs 'patch-tests
320 (lambda* (#:key inputs native-inputs #:allow-other-keys)
321 (let ((bash (assoc-ref (or native-inputs inputs) "bash")))
322 (substitute* (find-files "test" ".*")
323 (("/bin/sh")
324 (string-append bash "/bin/bash"))
325 (("/bin/rm")
326 "rm"))
327 #t)))
328 (add-after
329 'install 'remove-miscellany
330 (lambda* (#:key outputs #:allow-other-keys)
331 ;; The 'misc' directory contains random undocumented shell and Perl
332 ;; scripts. Remove them to avoid retaining a reference on Perl.
333 (let ((out (assoc-ref outputs "out")))
334 (delete-file-recursively (string-append out "/share/openssl-"
335 ,version "/misc"))
336 #t))))))
337 (native-search-paths
338 ;; FIXME: These two variables must designate a single file or directory
339 ;; and are not actually "search paths." In practice it works OK in user
340 ;; profiles because there's always just one item that matches the
341 ;; specification.
342 (list (search-path-specification
343 (variable "SSL_CERT_DIR")
344 (files '("etc/ssl/certs")))
345 (search-path-specification
346 (variable "SSL_CERT_FILE")
347 (files '("etc/ssl/certs/ca-certificates.crt")))))
348 (synopsis "SSL/TLS implementation")
349 (description
350 "OpenSSL is an implementation of SSL/TLS.")
351 (license license:openssl)
352 (home-page "http://www.openssl.org/")))
353
354 (define-public openssl-next
355 (package
356 (inherit openssl)
357 (name "openssl")
358 (version "1.1.0b")
359 (source (origin
360 (method url-fetch)
361 (uri (list (string-append "ftp://ftp.openssl.org/source/"
362 name "-" version ".tar.gz")
363 (string-append "ftp://ftp.openssl.org/source/old/"
364 (string-trim-right version char-set:letter)
365 "/" name "-" version ".tar.gz")))
366 (patches (search-patches "openssl-1.1.0-c-rehash-in.patch"))
367 (sha256
368 (base32
369 "1xznrqvb1dbngv2k2nb6da6fdw00c01sy2i36yjdxr4vpxrf0pd4"))))
370 (outputs '("out"
371 "doc" ;1.3MiB of man3 pages
372 "static")) ; 5.5MiB of .a files
373 (arguments
374 (substitute-keyword-arguments (package-arguments openssl)
375 ((#:phases phases)
376 `(modify-phases ,phases
377 (delete 'patch-tests) ; These two phases are not needed by
378 (delete 'patch-Makefile.org) ; OpenSSL 1.1.0.
379
380 (add-after 'configure 'patch-runpath
381 (lambda* (#:key outputs #:allow-other-keys)
382 (let ((lib (string-append (assoc-ref outputs "out") "/lib")))
383 (substitute* "Makefile.shared"
384 (("\\$\\$\\{SHAREDCMD\\} \\$\\$\\{SHAREDFLAGS\\}")
385 (string-append "$${SHAREDCMD} $${SHAREDFLAGS}"
386 " -Wl,-rpath," lib)))
387 #t)))))))))
388
389 (define-public libressl
390 (package
391 (name "libressl")
392 (version "2.5.0")
393 (source
394 (origin
395 (method url-fetch)
396 (uri (string-append
397 "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-"
398 version ".tar.gz"))
399 (sha256
400 (base32
401 "1bkfvapi4z826slycmicvs7hwgk4l82gd8w6nqvznldbammvyll6"))))
402 (build-system gnu-build-system)
403 (native-search-paths
404 ;; FIXME: These two variables must designate a single file or directory
405 ;; and are not actually "search paths." In practice it works OK in
406 ;; user profiles because there's always just one item that matches the
407 ;; specification.
408 (list (search-path-specification
409 (variable "SSL_CERT_DIR")
410 (files '("etc/ssl/certs")))
411 (search-path-specification
412 (variable "SSL_CERT_FILE")
413 (files '("etc/ssl/certs/ca-certificates.crt")))))
414 (home-page "http://www.libressl.org/")
415 (synopsis "SSL/TLS implementation")
416 (description "LibreSSL is a version of the TLS/crypto stack forked
417 from OpenSSL in 2014, with the goals of modernizing the codebase, improving
418 security, and applying best practice development processes.")
419 ;; Files taken from OpenSSL keep their license, others are under various
420 ;; non-copyleft licenses.
421 (license (list license:openssl
422 (license:non-copyleft
423 "file://COPYING"
424 "See COPYING in the distribution.")))))
425
426 (define-public python-acme
427 (package
428 (name "python-acme")
429 (version "0.9.3")
430 (source (origin
431 (method url-fetch)
432 (uri (pypi-uri "acme" version))
433 (sha256
434 (base32
435 "16a02bb0apnk1bm68bcabdmmwd6rnvnjzanrmcb46bpbapwz3vx6"))))
436 (build-system python-build-system)
437 (arguments
438 `(#:phases
439 (modify-phases %standard-phases
440 (add-before 'install 'disable-egg-compression
441 (lambda _
442 ;; Do not compress the egg.
443 ;; See <http://bugs.gnu.org/20765>.
444 (let ((port (open-file "setup.cfg" "a")))
445 (display "\n[easy_install]\nzip_ok = 0\n"
446 port)
447 (close-port port)
448 #t)))
449 (add-after 'install 'docs
450 (lambda* (#:key outputs #:allow-other-keys)
451 (let* ((out (assoc-ref outputs "out"))
452 (man (string-append out "/share/man/man1"))
453 (info (string-append out "/info")))
454 (and (zero? (system* "make" "-C" "docs" "man" "info"))
455 (install-file "docs/_build/texinfo/acme-python.info" info)
456 (install-file "docs/_build/man/acme-python.1" man)
457 #t)))))))
458 ;; TODO: Add optional inputs for testing.
459 (native-inputs
460 `(("python-mock" ,python-mock)
461 ;; For documentation
462 ("python-sphinx" ,python-sphinx)
463 ("python-sphinxcontrib-programoutput" ,python-sphinxcontrib-programoutput)
464 ("python-sphinx-rtd-theme" ,python-sphinx-rtd-theme)
465 ("python-setuptools" ,python-setuptools)
466 ("texinfo" ,texinfo)))
467 (propagated-inputs
468 `(("python-ndg-httpsclient" ,python-ndg-httpsclient)
469 ("python-werkzeug" ,python-werkzeug)
470 ("python-six" ,python-six)
471 ("python-requests" ,python-requests)
472 ("python-pytz" ,python-pytz)
473 ("python-pyrfc3339" ,python-pyrfc3339)
474 ("python-pyasn1" ,python-pyasn1)
475 ("python-cryptography" ,python-cryptography)
476 ("python-pyopenssl" ,python-pyopenssl)))
477 (home-page "https://github.com/letsencrypt/letsencrypt")
478 (synopsis "ACME protocol implementation in Python")
479 (description "ACME protocol implementation in Python")
480 (license license:asl2.0)))
481
482 (define-public python2-acme
483 (package-with-python2 python-acme))
484
485 (define-public certbot
486 (package
487 (name "certbot")
488 (version "0.9.3")
489 (source (origin
490 (method url-fetch)
491 (uri (pypi-uri name version))
492 (sha256
493 (base32
494 "1c7k4lfq5j78d1rvrwrb9082ngwibz92cwkf4kazaa9b76w9q538"))))
495 (build-system python-build-system)
496 (arguments
497 `(#:python ,python-2
498 #:phases
499 (modify-phases %standard-phases
500 (add-after 'build 'docs
501 (lambda* (#:key outputs #:allow-other-keys)
502 (let* ((out (assoc-ref outputs "out"))
503 (man1 (string-append out "/share/man/man1"))
504 (man7 (string-append out "/share/man/man7"))
505 (info (string-append out "/info")))
506 (and
507 (zero? (system* "make" "-C" "docs" "man" "info"))
508 (install-file "docs/_build/texinfo/Certbot.info" info)
509 (install-file "docs/_build/man/certbot.1" man1)
510 (install-file "docs/_build/man/certbot.7" man7)
511 #t)))))))
512 ;; TODO: Add optional inputs for testing.
513 (native-inputs
514 `(("python2-nose" ,python2-nose)
515 ("python2-mock" ,python2-mock)
516 ;; For documentation
517 ("python2-sphinx" ,python2-sphinx)
518 ("python2-sphinx-rtd-theme" ,python2-sphinx-rtd-theme)
519 ("python2-sphinx-repoze-autointerface" ,python2-sphinx-repoze-autointerface)
520 ("python2-sphinxcontrib-programoutput" ,python2-sphinxcontrib-programoutput)
521 ("texinfo" ,texinfo)))
522 (propagated-inputs
523 `(("python2-acme" ,python2-acme)
524 ("python2-zope-interface" ,python2-zope-interface)
525 ("python2-pythondialog" ,python2-pythondialog)
526 ("python2-pyrfc3339" ,python2-pyrfc3339)
527 ("python2-pyopenssl" ,python2-pyopenssl)
528 ("python2-configobj" ,python2-configobj)
529 ("python2-configargparse" ,python2-configargparse)
530 ("python2-zope-component" ,python2-zope-component)
531 ("python2-parsedatetime" ,python2-parsedatetime)
532 ("python2-six" ,python2-six)
533 ("python2-psutil" ,python2-psutil)
534 ("python2-requests" ,python2-requests)
535 ("python2-pytz" ,python2-pytz)))
536 (synopsis "Let's Encrypt client by the Electronic Frontier Foundation")
537 (description "Tool to automatically receive and install X.509 certificates
538 to enable TLS on servers. The client will interoperate with the Let’s Encrypt CA which
539 will be issuing browser-trusted certificates for free.")
540 (home-page "https://certbot.eff.org/")
541 (license license:asl2.0)))
542
543 (define-public letsencrypt
544 (package (inherit certbot)
545 (name "letsencrypt")
546 (properties `((superseded . ,certbot)))))
547
548 (define-public perl-net-ssleay
549 (package
550 (name "perl-net-ssleay")
551 (version "1.68")
552 (source (origin
553 (method url-fetch)
554 (uri (string-append "mirror://cpan/authors/id/M/MI/MIKEM/"
555 "Net-SSLeay-" version ".tar.gz"))
556 (sha256
557 (base32
558 "1m2wwzhjwsg0drlhp9w12fl6bsgj69v8gdz72jqrqll3qr7f408p"))))
559 (build-system perl-build-system)
560 (native-inputs
561 `(("patch" ,patch)
562 ("patch/disable-ede-test"
563 ,(search-patch "perl-net-ssleay-disable-ede-test.patch"))))
564 (inputs `(("openssl" ,openssl)))
565 (arguments
566 `(#:phases
567 (modify-phases %standard-phases
568 (add-after
569 'unpack 'apply-patch
570 (lambda* (#:key inputs #:allow-other-keys)
571 ;; XXX We apply this patch here instead of in the 'origin' because
572 ;; this package's build system fails badly when the source file
573 ;; times are zeroed.
574 ;; XXX Try removing this patch for perl-net-ssleay > 1.68
575 (zero? (system* "patch" "--force" "-p1" "-i"
576 (assoc-ref inputs "patch/disable-ede-test")))))
577 (add-before
578 'configure 'set-ssl-prefix
579 (lambda* (#:key inputs #:allow-other-keys)
580 (setenv "OPENSSL_PREFIX" (assoc-ref inputs "openssl"))
581 #t)))))
582 (synopsis "Perl extension for using OpenSSL")
583 (description
584 "This module offers some high level convenience functions for accessing
585 web pages on SSL servers (for symmetry, the same API is offered for accessing
586 http servers, too), an sslcat() function for writing your own clients, and
587 finally access to the SSL api of the SSLeay/OpenSSL package so you can write
588 servers or clients for more complicated applications.")
589 (license (package-license perl))
590 (home-page "http://search.cpan.org/~mikem/Net-SSLeay-1.66/")))
591
592 (define-public perl-crypt-openssl-rsa
593 (package
594 (name "perl-crypt-openssl-rsa")
595 (version "0.28")
596 (source
597 (origin
598 (method url-fetch)
599 (uri (string-append
600 "mirror://cpan/authors/id/P/PE/PERLER/Crypt-OpenSSL-RSA-"
601 version
602 ".tar.gz"))
603 (sha256
604 (base32
605 "1gnpvv09b2gpifwdzc5jnhama3d1a4c39lzj9hcaicsb8rvzjmsk"))))
606 (build-system perl-build-system)
607 (inputs
608 `(("perl-crypt-openssl-bignum" ,perl-crypt-openssl-bignum)
609 ("perl-crypt-openssl-random" ,perl-crypt-openssl-random)
610 ("openssl" ,openssl)))
611 (arguments perl-crypt-arguments)
612 (home-page
613 "http://search.cpan.org/dist/Crypt-OpenSSL-RSA")
614 (synopsis
615 "RSA encoding and decoding, using the openSSL libraries")
616 (description "Crypt::OpenSSL::RSA does RSA encoding and decoding (using the
617 OpenSSL libraries).")
618 (license (package-license perl))))
619
620 (define perl-crypt-arguments
621 `(#:phases (modify-phases %standard-phases
622 (add-before 'configure 'patch-Makefile.PL
623 (lambda* (#:key inputs #:allow-other-keys)
624 (substitute* "Makefile.PL"
625 (("'LIBS'.*=>.*") (string-append "'LIBS' => ['-L"
626 (assoc-ref inputs "openssl")
627 "/lib -lcrypto'],")))
628 #t)))))
629
630 (define-public perl-crypt-openssl-bignum
631 (package
632 (name "perl-crypt-openssl-bignum")
633 (version "0.06")
634 (source
635 (origin
636 (method url-fetch)
637 (uri (string-append
638 "mirror://cpan/authors/id/K/KM/KMX/Crypt-OpenSSL-Bignum-"
639 version
640 ".tar.gz"))
641 (sha256
642 (base32
643 "05yzrdglrrzp191krf77zrwfkmzrfwrsrx1vyskbj94522lszk67"))))
644 (build-system perl-build-system)
645 (inputs `(("openssl" ,openssl)))
646 (arguments perl-crypt-arguments)
647 (home-page
648 "http://search.cpan.org/dist/Crypt-OpenSSL-Bignum")
649 (synopsis
650 "OpenSSL's multiprecision integer arithmetic in Perl")
651 (description "Crypt::OpenSSL::Bignum provides multiprecision integer
652 arithmetic in Perl.")
653 ;; At your option either gpl1+ or the Artistic License
654 (license (package-license perl))))
655
656 (define-public perl-crypt-openssl-random
657 (package
658 (name "perl-crypt-openssl-random")
659 (version "0.11")
660 (source
661 (origin
662 (method url-fetch)
663 (uri (string-append
664 "mirror://cpan/authors/id/R/RU/RURBAN/Crypt-OpenSSL-Random-"
665 version
666 ".tar.gz"))
667 (sha256
668 (base32
669 "0yjcabkibrkafywvdkmd1xpi6br48skyk3l15ni176wvlg38335v"))))
670 (build-system perl-build-system)
671 (inputs `(("openssl" ,openssl)))
672 (arguments perl-crypt-arguments)
673 (home-page
674 "http://search.cpan.org/dist/Crypt-OpenSSL-Random")
675 (synopsis
676 "OpenSSL/LibreSSL pseudo-random number generator access")
677 (description "Crypt::OpenSSL::Random is a OpenSSL/LibreSSL pseudo-random
678 number generator")
679 (license (package-license perl))))
680
681 (define-public acme-client
682 (package
683 (name "acme-client")
684 (version "0.1.11")
685 (source (origin
686 (method url-fetch)
687 (uri (string-append "https://kristaps.bsd.lv/" name "/"
688 "snapshots/" name "-portable-"
689 version ".tgz"))
690 (sha256
691 (base32
692 "09pipyfk448gxqr7ci56gsq5la8wlydv7wwn9wk0zgjxmlh7h6fb"))))
693 (build-system gnu-build-system)
694 (arguments
695 '(#:tests? #f ; no test suite
696 #:make-flags
697 (list "CC=gcc"
698 (string-append "PREFIX=" (assoc-ref %outputs "out")))
699 #:phases
700 (modify-phases %standard-phases
701 (delete 'configure)))) ; no './configure' script
702 (inputs
703 `(("libbsd" ,libbsd)
704 ("libressl" ,libressl)))
705 (synopsis "Let's Encrypt client by the OpenBSD project")
706 (description "acme-client is a Let's Encrypt client implemented in C. It
707 uses a modular design, and attempts to secure itself by dropping privileges and
708 operating in a chroot where possible. acme-client is developed on OpenBSD and
709 then ported to the GNU / Linux environment.")
710 (home-page "https://kristaps.bsd.lv/acme-client/")
711 ;; acme-client is distributed under the ISC license, but the files 'jsmn.h'
712 ;; and 'jsmn.c' are distributed under the Expat license.
713 (license (list license:isc license:expat))))
jackhill's copy of GNU Guix: https://guix.gnu.org/