HCoop / jackhill / guix / guix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
gnu: openssl: Remove redundant use of mkdir-p.
[jackhill/guix/guix.git] / gnu / packages / tls.scm
1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
3 ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
4 ;;; Copyright © 2014 Ian Denhardt <ian@zenhack.net>
5 ;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
6 ;;; Copyright © 2015 David Thompson <davet@gnu.org>
7 ;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name>
8 ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
9 ;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
10 ;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
11 ;;;
12 ;;; This file is part of GNU Guix.
13 ;;;
14 ;;; GNU Guix is free software; you can redistribute it and/or modify it
15 ;;; under the terms of the GNU General Public License as published by
16 ;;; the Free Software Foundation; either version 3 of the License, or (at
17 ;;; your option) any later version.
18 ;;;
19 ;;; GNU Guix is distributed in the hope that it will be useful, but
20 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
21 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 ;;; GNU General Public License for more details.
23 ;;;
24 ;;; You should have received a copy of the GNU General Public License
25 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
26
27 (define-module (gnu packages tls)
28 #:use-module ((guix licenses) #:prefix license:)
29 #:use-module (guix packages)
30 #:use-module (guix download)
31 #:use-module (guix utils)
32 #:use-module (guix build-system gnu)
33 #:use-module (guix build-system perl)
34 #:use-module (guix build-system python)
35 #:use-module (gnu packages compression)
36 #:use-module (gnu packages)
37 #:use-module (gnu packages guile)
38 #:use-module (gnu packages libbsd)
39 #:use-module (gnu packages libffi)
40 #:use-module (gnu packages libidn)
41 #:use-module (gnu packages linux)
42 #:use-module (gnu packages ncurses)
43 #:use-module (gnu packages nettle)
44 #:use-module (gnu packages perl)
45 #:use-module (gnu packages pkg-config)
46 #:use-module (gnu packages python)
47 #:use-module (gnu packages texinfo)
48 #:use-module (gnu packages base))
49
50 (define-public libtasn1
51 (package
52 (name "libtasn1")
53 (version "4.9")
54 (source
55 (origin
56 (method url-fetch)
57 (uri (string-append "mirror://gnu/libtasn1/libtasn1-"
58 version ".tar.gz"))
59 (sha256
60 (base32
61 "0869cp6jx7cajgv6cnddsh3vc7bimmdkdjn80y1jpb4iss7plvsg"))))
62 (build-system gnu-build-system)
63 (native-inputs `(("perl" ,perl)))
64 (home-page "http://www.gnu.org/software/libtasn1/")
65 (synopsis "ASN.1 library")
66 (description
67 "GNU libtasn1 is a library implementing the ASN.1 notation. It is used
68 for transmitting machine-neutral encodings of data objects in computer
69 networking, allowing for formal validation of data according to some
70 specifications.")
71 (license license:lgpl2.0+)))
72
73 (define-public asn1c
74 (package
75 (name "asn1c")
76 (version "0.9.27")
77 (source (origin
78 (method url-fetch)
79 (uri (string-append "https://lionet.info/soft/asn1c-"
80 version ".tar.gz"))
81 (sha256
82 (base32
83 "17nvn2kzvlryasr9dzqg6gs27b9lvqpval0k31pb64bjqbhn8pq2"))))
84 (build-system gnu-build-system)
85 (native-inputs
86 `(("perl" ,perl)))
87 (home-page "https://lionet.info/asn1c")
88 (synopsis "ASN.1 to C compiler")
89 (description "The ASN.1 to C compiler takes ASN.1 module
90 files and generates C++ compatible C source code. That code can be
91 used to serialize the native C structures into compact and unambiguous
92 BER/XER/PER-based data files, and deserialize the files back.
93
94 Various ASN.1 based formats are widely used in the industry, such as to encode
95 the X.509 certificates employed in the HTTPS handshake, to exchange control
96 data between mobile phones and cellular networks, to car-to-car communication
97 in intelligent transportation networks.")
98 (license license:bsd-2)))
99
100 (define-public p11-kit
101 (package
102 (name "p11-kit")
103 (version "0.23.2")
104 (source
105 (origin
106 (method url-fetch)
107 (uri (string-append "https://p11-glue.freedesktop.org/releases/p11-kit-"
108 version ".tar.gz"))
109 (sha256
110 (base32
111 "1w7szm190phlkg7qx05ychlj2dbvkgkhx9gw6dx4d5rw62l6wwms"))
112 (modules '((guix build utils))) ; for substitute*
113 (snippet
114 '(begin
115 ;; Drop one test that fails, also when trying to compile manually.
116 ;; Reported upstream at
117 ;; https://bugs.freedesktop.org/show_bug.cgi?id=89027
118 (substitute* "Makefile.in"
119 (("test-module\\$\\(EXEEXT\\) ") ""))))))
120 (build-system gnu-build-system)
121 (native-inputs
122 `(("pkg-config" ,pkg-config)))
123 (inputs
124 `(("libffi" ,libffi)
125 ("libtasn1" ,libtasn1)))
126 (arguments
127 `(#:configure-flags '("--without-trust-paths")))
128 (home-page "http://p11-glue.freedesktop.org/p11-kit.html")
129 (synopsis "PKCS#11 library")
130 (description
131 "p11-kit provides a way to load and enumerate PKCS#11 modules. It
132 provides a standard configuration setup for installing PKCS#11 modules
133 in such a way that they are discoverable. It also solves problems with
134 coordinating the use of PKCS#11 by different components or libraries
135 living in the same process.")
136 (license license:bsd-3)))
137
138 (define-public gnutls
139 (package
140 (name "gnutls")
141 (version "3.5.4")
142 (source (origin
143 (method url-fetch)
144 (uri
145 ;; Note: Releases are no longer on ftp.gnu.org since the
146 ;; schism (after version 3.1.5).
147 (string-append "mirror://gnupg/gnutls/v"
148 (version-major+minor version)
149 "/gnutls-" version ".tar.xz"))
150 (sha256
151 (base32
152 "1sx8p7v452s9m854r2c5pvcd1k15a3caiv5h35fhrxz0691h2f2f"))))
153 (build-system gnu-build-system)
154 (arguments
155 '(#:configure-flags
156 (list (string-append "--with-guile-site-dir="
157 (assoc-ref %outputs "out")
158 "/share/guile/site/2.0")
159 ;; GnuTLS doesn't consult any environment variables to specify
160 ;; the location of the system-wide trust store. Instead it has a
161 ;; configure-time option. Unless specified, its configure script
162 ;; attempts to auto-detect the location by looking for common
163 ;; places in the file system, none of which are present in our
164 ;; chroot build environment. If not found, then no default trust
165 ;; store is used, so each program has to provide its own
166 ;; fallback, and users have to configure each program
167 ;; independently. This seems suboptimal.
168 "--with-default-trust-store-dir=/etc/ssl/certs"
169
170 ;; FIXME: Temporarily disable p11-kit support since it is not
171 ;; working on mips64el.
172 "--without-p11-kit")
173
174 #:phases (modify-phases %standard-phases
175 (add-after
176 'install 'move-doc
177 (lambda* (#:key outputs #:allow-other-keys)
178 ;; Copy the 4.1 MiB of section 3 man pages to "doc".
179 (let* ((out (assoc-ref outputs "out"))
180 (doc (assoc-ref outputs "doc"))
181 (mandir (string-append doc "/share/man/man3"))
182 (oldman (string-append out "/share/man/man3")))
183 (mkdir-p mandir)
184 (copy-recursively oldman mandir)
185 (delete-file-recursively oldman)
186 #t))))))
187 (outputs '("out" ;4.4 MiB
188 "debug"
189 "doc")) ;4.1 MiB of man pages
190 (native-inputs
191 `(("net-tools" ,net-tools)
192 ("pkg-config" ,pkg-config)
193 ("which" ,which)))
194 (inputs
195 `(("guile" ,guile-2.0)
196 ("perl" ,perl)))
197 (propagated-inputs
198 ;; These are all in the 'Requires.private' field of gnutls.pc.
199 `(("libtasn1" ,libtasn1)
200 ("libidn" ,libidn)
201 ("nettle" ,nettle)
202 ("zlib" ,zlib)))
203 (home-page "https://www.gnu.org/software/gnutls/")
204 (synopsis "Transport layer security library")
205 (description
206 "GnuTLS is a secure communications library implementing the SSL, TLS
207 and DTLS protocols. It is provided in the form of a C library to support the
208 protocols, as well as to parse and write X.5009, PKCS 12, OpenPGP and other
209 required structures.")
210 (license license:lgpl2.1+)
211 (properties '((ftp-server . "ftp.gnutls.org")
212 (ftp-directory . "/gcrypt/gnutls")))))
213
214 (define-public openssl
215 (package
216 (name "openssl")
217 (version "1.0.2j")
218 (source (origin
219 (method url-fetch)
220 (uri (list (string-append "ftp://ftp.openssl.org/source/"
221 name "-" version ".tar.gz")
222 (string-append "ftp://ftp.openssl.org/source/old/"
223 (string-trim-right version char-set:letter)
224 "/" name "-" version ".tar.gz")))
225 (sha256
226 (base32
227 "0cf4ar97ijfc7mg35zdgpad6x8ivkdx9qii6mz35khi1ps9g5bz7"))
228 (patches (search-patches "openssl-runpath.patch"
229 "openssl-c-rehash-in.patch"))))
230 (build-system gnu-build-system)
231 (outputs '("out"
232 "doc" ;1.5MiB of man3 pages
233 "static")) ;6MiB of .a files
234 (native-inputs `(("perl" ,perl)))
235 (arguments
236 `(#:disallowed-references (,perl)
237 #:parallel-build? #f
238 #:parallel-tests? #f
239 #:test-target "test"
240
241 ;; Changes to OpenSSL sometimes cause Perl to "sneak in" to the closure,
242 ;; so we explicitly disallow it here.
243 #:disallowed-references ,(list (canonical-package perl))
244 #:phases
245 (modify-phases %standard-phases
246 (add-before
247 'configure 'patch-Makefile.org
248 (lambda* (#:key outputs #:allow-other-keys)
249 ;; The default MANDIR is some unusual place. Fix that.
250 (let ((out (assoc-ref outputs "out")))
251 (patch-makefile-SHELL "Makefile.org")
252 (substitute* "Makefile.org"
253 (("^MANDIR[[:blank:]]*=.*$")
254 (string-append "MANDIR = " out "/share/man\n")))
255 #t)))
256 (replace
257 'configure
258 (lambda* (#:key outputs #:allow-other-keys)
259 (let ((out (assoc-ref outputs "out")))
260 (zero?
261 (system* "./config"
262 "shared" ;build shared libraries
263 "--libdir=lib"
264
265 ;; The default for this catch-all directory is
266 ;; PREFIX/ssl. Change that to something more
267 ;; conventional.
268 (string-append "--openssldir=" out
269 "/share/openssl-" ,version)
270
271 (string-append "--prefix=" out)
272
273 ;; XXX FIXME: Work around a code generation bug in GCC
274 ;; 4.9.3 on ARM when compiled with -mfpu=neon. See:
275 ;; <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66917>
276 ,@(if (and (not (%current-target-system))
277 (string-prefix? "armhf" (%current-system)))
278 '("-mfpu=vfpv3")
279 '()))))))
280 (add-after
281 'install 'make-libraries-writable
282 (lambda* (#:key outputs #:allow-other-keys)
283 ;; Make libraries writable so that 'strip' does its job.
284 (let ((out (assoc-ref outputs "out")))
285 (for-each (lambda (file)
286 (chmod file #o644))
287 (find-files (string-append out "/lib")
288 "\\.so"))
289 #t)))
290 (add-after 'install 'move-static-libraries
291 (lambda* (#:key outputs #:allow-other-keys)
292 ;; Move static libraries to the "static" output.
293 (let* ((out (assoc-ref outputs "out"))
294 (lib (string-append out "/lib"))
295 (static (assoc-ref outputs "static"))
296 (slib (string-append static "/lib")))
297 (for-each (lambda (file)
298 (install-file file slib)
299 (delete-file file))
300 (find-files lib "\\.a$"))
301 #t)))
302 (add-after 'install 'move-man3-pages
303 (lambda* (#:key outputs #:allow-other-keys)
304 ;; Move section 3 man pages to "doc".
305 (let* ((out (assoc-ref outputs "out"))
306 (man3 (string-append out "/share/man/man3"))
307 (doc (assoc-ref outputs "doc"))
308 (target (string-append doc "/share/man/man3")))
309 (mkdir-p target)
310 (for-each (lambda (file)
311 (rename-file file
312 (string-append target "/"
313 (basename file))))
314 (find-files man3))
315 (delete-file-recursively man3)
316 #t)))
317 (add-before
318 'patch-source-shebangs 'patch-tests
319 (lambda* (#:key inputs native-inputs #:allow-other-keys)
320 (let ((bash (assoc-ref (or native-inputs inputs) "bash")))
321 (substitute* (find-files "test" ".*")
322 (("/bin/sh")
323 (string-append bash "/bin/bash"))
324 (("/bin/rm")
325 "rm"))
326 #t)))
327 (add-after
328 'install 'remove-miscellany
329 (lambda* (#:key outputs #:allow-other-keys)
330 ;; The 'misc' directory contains random undocumented shell and Perl
331 ;; scripts. Remove them to avoid retaining a reference on Perl.
332 (let ((out (assoc-ref outputs "out")))
333 (delete-file-recursively (string-append out "/share/openssl-"
334 ,version "/misc"))
335 #t))))))
336 (native-search-paths
337 ;; FIXME: These two variables must designate a single file or directory
338 ;; and are not actually "search paths." In practice it works OK in user
339 ;; profiles because there's always just one item that matches the
340 ;; specification.
341 (list (search-path-specification
342 (variable "SSL_CERT_DIR")
343 (files '("etc/ssl/certs")))
344 (search-path-specification
345 (variable "SSL_CERT_FILE")
346 (files '("etc/ssl/certs/ca-certificates.crt")))))
347 (synopsis "SSL/TLS implementation")
348 (description
349 "OpenSSL is an implementation of SSL/TLS.")
350 (license license:openssl)
351 (home-page "http://www.openssl.org/")))
352
353 (define-public openssl-next
354 (package
355 (inherit openssl)
356 (name "openssl")
357 (version "1.1.0b")
358 (source (origin
359 (method url-fetch)
360 (uri (list (string-append "ftp://ftp.openssl.org/source/"
361 name "-" version ".tar.gz")
362 (string-append "ftp://ftp.openssl.org/source/old/"
363 (string-trim-right version char-set:letter)
364 "/" name "-" version ".tar.gz")))
365 (patches (search-patches "openssl-1.1.0-c-rehash-in.patch"))
366 (sha256
367 (base32
368 "1xznrqvb1dbngv2k2nb6da6fdw00c01sy2i36yjdxr4vpxrf0pd4"))))
369 (outputs '("out"
370 "doc" ;1.3MiB of man3 pages
371 "static")) ; 5.5MiB of .a files
372 (arguments
373 (substitute-keyword-arguments (package-arguments openssl)
374 ((#:phases phases)
375 `(modify-phases ,phases
376 (delete 'patch-tests) ; These two phases are not needed by
377 (delete 'patch-Makefile.org) ; OpenSSL 1.1.0.
378
379 (add-after 'configure 'patch-runpath
380 (lambda* (#:key outputs #:allow-other-keys)
381 (let ((lib (string-append (assoc-ref outputs "out") "/lib")))
382 (substitute* "Makefile.shared"
383 (("\\$\\$\\{SHAREDCMD\\} \\$\\$\\{SHAREDFLAGS\\}")
384 (string-append "$${SHAREDCMD} $${SHAREDFLAGS}"
385 " -Wl,-rpath," lib)))
386 #t)))))))))
387
388 (define-public libressl
389 (package
390 (name "libressl")
391 (version "2.5.0")
392 (source
393 (origin
394 (method url-fetch)
395 (uri (string-append
396 "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-"
397 version ".tar.gz"))
398 (sha256
399 (base32
400 "1bkfvapi4z826slycmicvs7hwgk4l82gd8w6nqvznldbammvyll6"))))
401 (build-system gnu-build-system)
402 (native-search-paths
403 ;; FIXME: These two variables must designate a single file or directory
404 ;; and are not actually "search paths." In practice it works OK in
405 ;; user profiles because there's always just one item that matches the
406 ;; specification.
407 (list (search-path-specification
408 (variable "SSL_CERT_DIR")
409 (files '("etc/ssl/certs")))
410 (search-path-specification
411 (variable "SSL_CERT_FILE")
412 (files '("etc/ssl/certs/ca-certificates.crt")))))
413 (home-page "http://www.libressl.org/")
414 (synopsis "SSL/TLS implementation")
415 (description "LibreSSL is a version of the TLS/crypto stack forked
416 from OpenSSL in 2014, with the goals of modernizing the codebase, improving
417 security, and applying best practice development processes.")
418 ;; Files taken from OpenSSL keep their license, others are under various
419 ;; non-copyleft licenses.
420 (license (list license:openssl
421 (license:non-copyleft
422 "file://COPYING"
423 "See COPYING in the distribution.")))))
424
425 (define-public python-acme
426 (package
427 (name "python-acme")
428 (version "0.9.3")
429 (source (origin
430 (method url-fetch)
431 (uri (pypi-uri "acme" version))
432 (sha256
433 (base32
434 "16a02bb0apnk1bm68bcabdmmwd6rnvnjzanrmcb46bpbapwz3vx6"))))
435 (build-system python-build-system)
436 (arguments
437 `(#:phases
438 (modify-phases %standard-phases
439 (add-before 'install 'disable-egg-compression
440 (lambda _
441 ;; Do not compress the egg.
442 ;; See <http://bugs.gnu.org/20765>.
443 (let ((port (open-file "setup.cfg" "a")))
444 (display "\n[easy_install]\nzip_ok = 0\n"
445 port)
446 (close-port port)
447 #t)))
448 (add-after 'install 'docs
449 (lambda* (#:key outputs #:allow-other-keys)
450 (let* ((out (assoc-ref outputs "out"))
451 (man (string-append out "/share/man/man1"))
452 (info (string-append out "/info")))
453 (and (zero? (system* "make" "-C" "docs" "man" "info"))
454 (install-file "docs/_build/texinfo/acme-python.info" info)
455 (install-file "docs/_build/man/acme-python.1" man)
456 #t)))))))
457 ;; TODO: Add optional inputs for testing.
458 (native-inputs
459 `(("python-mock" ,python-mock)
460 ;; For documentation
461 ("python-sphinx" ,python-sphinx)
462 ("python-sphinxcontrib-programoutput" ,python-sphinxcontrib-programoutput)
463 ("python-sphinx-rtd-theme" ,python-sphinx-rtd-theme)
464 ("python-setuptools" ,python-setuptools)
465 ("texinfo" ,texinfo)))
466 (propagated-inputs
467 `(("python-ndg-httpsclient" ,python-ndg-httpsclient)
468 ("python-werkzeug" ,python-werkzeug)
469 ("python-six" ,python-six)
470 ("python-requests" ,python-requests)
471 ("python-pytz" ,python-pytz)
472 ("python-pyrfc3339" ,python-pyrfc3339)
473 ("python-pyasn1" ,python-pyasn1)
474 ("python-cryptography" ,python-cryptography)
475 ("python-pyopenssl" ,python-pyopenssl)))
476 (home-page "https://github.com/letsencrypt/letsencrypt")
477 (synopsis "ACME protocol implementation in Python")
478 (description "ACME protocol implementation in Python")
479 (license license:asl2.0)))
480
481 (define-public python2-acme
482 (package-with-python2 python-acme))
483
484 (define-public certbot
485 (package
486 (name "certbot")
487 (version "0.9.3")
488 (source (origin
489 (method url-fetch)
490 (uri (pypi-uri name version))
491 (sha256
492 (base32
493 "1c7k4lfq5j78d1rvrwrb9082ngwibz92cwkf4kazaa9b76w9q538"))))
494 (build-system python-build-system)
495 (arguments
496 `(#:python ,python-2
497 #:phases
498 (modify-phases %standard-phases
499 (add-after 'build 'docs
500 (lambda* (#:key outputs #:allow-other-keys)
501 (let* ((out (assoc-ref outputs "out"))
502 (man1 (string-append out "/share/man/man1"))
503 (man7 (string-append out "/share/man/man7"))
504 (info (string-append out "/info")))
505 (and
506 (zero? (system* "make" "-C" "docs" "man" "info"))
507 (install-file "docs/_build/texinfo/Certbot.info" info)
508 (install-file "docs/_build/man/certbot.1" man1)
509 (install-file "docs/_build/man/certbot.7" man7)
510 #t)))))))
511 ;; TODO: Add optional inputs for testing.
512 (native-inputs
513 `(("python2-nose" ,python2-nose)
514 ("python2-mock" ,python2-mock)
515 ;; For documentation
516 ("python2-sphinx" ,python2-sphinx)
517 ("python2-sphinx-rtd-theme" ,python2-sphinx-rtd-theme)
518 ("python2-sphinx-repoze-autointerface" ,python2-sphinx-repoze-autointerface)
519 ("python2-sphinxcontrib-programoutput" ,python2-sphinxcontrib-programoutput)
520 ("texinfo" ,texinfo)))
521 (propagated-inputs
522 `(("python2-acme" ,python2-acme)
523 ("python2-zope-interface" ,python2-zope-interface)
524 ("python2-pythondialog" ,python2-pythondialog)
525 ("python2-pyrfc3339" ,python2-pyrfc3339)
526 ("python2-pyopenssl" ,python2-pyopenssl)
527 ("python2-configobj" ,python2-configobj)
528 ("python2-configargparse" ,python2-configargparse)
529 ("python2-zope-component" ,python2-zope-component)
530 ("python2-parsedatetime" ,python2-parsedatetime)
531 ("python2-six" ,python2-six)
532 ("python2-psutil" ,python2-psutil)
533 ("python2-requests" ,python2-requests)
534 ("python2-pytz" ,python2-pytz)))
535 (synopsis "Let's Encrypt client by the Electronic Frontier Foundation")
536 (description "Tool to automatically receive and install X.509 certificates
537 to enable TLS on servers. The client will interoperate with the Let’s Encrypt CA which
538 will be issuing browser-trusted certificates for free.")
539 (home-page "https://certbot.eff.org/")
540 (license license:asl2.0)))
541
542 (define-public letsencrypt
543 (package (inherit certbot)
544 (name "letsencrypt")
545 (properties `((superseded . ,certbot)))))
546
547 (define-public perl-net-ssleay
548 (package
549 (name "perl-net-ssleay")
550 (version "1.68")
551 (source (origin
552 (method url-fetch)
553 (uri (string-append "mirror://cpan/authors/id/M/MI/MIKEM/"
554 "Net-SSLeay-" version ".tar.gz"))
555 (sha256
556 (base32
557 "1m2wwzhjwsg0drlhp9w12fl6bsgj69v8gdz72jqrqll3qr7f408p"))))
558 (build-system perl-build-system)
559 (native-inputs
560 `(("patch" ,patch)
561 ("patch/disable-ede-test"
562 ,(search-patch "perl-net-ssleay-disable-ede-test.patch"))))
563 (inputs `(("openssl" ,openssl)))
564 (arguments
565 `(#:phases
566 (modify-phases %standard-phases
567 (add-after
568 'unpack 'apply-patch
569 (lambda* (#:key inputs #:allow-other-keys)
570 ;; XXX We apply this patch here instead of in the 'origin' because
571 ;; this package's build system fails badly when the source file
572 ;; times are zeroed.
573 ;; XXX Try removing this patch for perl-net-ssleay > 1.68
574 (zero? (system* "patch" "--force" "-p1" "-i"
575 (assoc-ref inputs "patch/disable-ede-test")))))
576 (add-before
577 'configure 'set-ssl-prefix
578 (lambda* (#:key inputs #:allow-other-keys)
579 (setenv "OPENSSL_PREFIX" (assoc-ref inputs "openssl"))
580 #t)))))
581 (synopsis "Perl extension for using OpenSSL")
582 (description
583 "This module offers some high level convenience functions for accessing
584 web pages on SSL servers (for symmetry, the same API is offered for accessing
585 http servers, too), an sslcat() function for writing your own clients, and
586 finally access to the SSL api of the SSLeay/OpenSSL package so you can write
587 servers or clients for more complicated applications.")
588 (license (package-license perl))
589 (home-page "http://search.cpan.org/~mikem/Net-SSLeay-1.66/")))
590
591 (define-public perl-crypt-openssl-rsa
592 (package
593 (name "perl-crypt-openssl-rsa")
594 (version "0.28")
595 (source
596 (origin
597 (method url-fetch)
598 (uri (string-append
599 "mirror://cpan/authors/id/P/PE/PERLER/Crypt-OpenSSL-RSA-"
600 version
601 ".tar.gz"))
602 (sha256
603 (base32
604 "1gnpvv09b2gpifwdzc5jnhama3d1a4c39lzj9hcaicsb8rvzjmsk"))))
605 (build-system perl-build-system)
606 (inputs
607 `(("perl-crypt-openssl-bignum" ,perl-crypt-openssl-bignum)
608 ("perl-crypt-openssl-random" ,perl-crypt-openssl-random)
609 ("openssl" ,openssl)))
610 (arguments perl-crypt-arguments)
611 (home-page
612 "http://search.cpan.org/dist/Crypt-OpenSSL-RSA")
613 (synopsis
614 "RSA encoding and decoding, using the openSSL libraries")
615 (description "Crypt::OpenSSL::RSA does RSA encoding and decoding (using the
616 OpenSSL libraries).")
617 (license (package-license perl))))
618
619 (define perl-crypt-arguments
620 `(#:phases (modify-phases %standard-phases
621 (add-before 'configure 'patch-Makefile.PL
622 (lambda* (#:key inputs #:allow-other-keys)
623 (substitute* "Makefile.PL"
624 (("'LIBS'.*=>.*") (string-append "'LIBS' => ['-L"
625 (assoc-ref inputs "openssl")
626 "/lib -lcrypto'],")))
627 #t)))))
628
629 (define-public perl-crypt-openssl-bignum
630 (package
631 (name "perl-crypt-openssl-bignum")
632 (version "0.06")
633 (source
634 (origin
635 (method url-fetch)
636 (uri (string-append
637 "mirror://cpan/authors/id/K/KM/KMX/Crypt-OpenSSL-Bignum-"
638 version
639 ".tar.gz"))
640 (sha256
641 (base32
642 "05yzrdglrrzp191krf77zrwfkmzrfwrsrx1vyskbj94522lszk67"))))
643 (build-system perl-build-system)
644 (inputs `(("openssl" ,openssl)))
645 (arguments perl-crypt-arguments)
646 (home-page
647 "http://search.cpan.org/dist/Crypt-OpenSSL-Bignum")
648 (synopsis
649 "OpenSSL's multiprecision integer arithmetic in Perl")
650 (description "Crypt::OpenSSL::Bignum provides multiprecision integer
651 arithmetic in Perl.")
652 ;; At your option either gpl1+ or the Artistic License
653 (license (package-license perl))))
654
655 (define-public perl-crypt-openssl-random
656 (package
657 (name "perl-crypt-openssl-random")
658 (version "0.11")
659 (source
660 (origin
661 (method url-fetch)
662 (uri (string-append
663 "mirror://cpan/authors/id/R/RU/RURBAN/Crypt-OpenSSL-Random-"
664 version
665 ".tar.gz"))
666 (sha256
667 (base32
668 "0yjcabkibrkafywvdkmd1xpi6br48skyk3l15ni176wvlg38335v"))))
669 (build-system perl-build-system)
670 (inputs `(("openssl" ,openssl)))
671 (arguments perl-crypt-arguments)
672 (home-page
673 "http://search.cpan.org/dist/Crypt-OpenSSL-Random")
674 (synopsis
675 "OpenSSL/LibreSSL pseudo-random number generator access")
676 (description "Crypt::OpenSSL::Random is a OpenSSL/LibreSSL pseudo-random
677 number generator")
678 (license (package-license perl))))
679
680 (define-public acme-client
681 (package
682 (name "acme-client")
683 (version "0.1.14")
684 (source (origin
685 (method url-fetch)
686 (uri (string-append "https://kristaps.bsd.lv/" name "/"
687 "snapshots/" name "-portable-"
688 version ".tgz"))
689 (sha256
690 (base32
691 "1qq4xk41pn65m3v7nnvkmxg96pr06vz6hzdrm0vcmlp3clzpbahl"))))
692 (build-system gnu-build-system)
693 (arguments
694 '(#:tests? #f ; no test suite
695 #:make-flags
696 (list "CC=gcc"
697 (string-append "PREFIX=" (assoc-ref %outputs "out")))
698 #:phases
699 (modify-phases %standard-phases
700 (delete 'configure)))) ; no './configure' script
701 (inputs
702 `(("libbsd" ,libbsd)
703 ("libressl" ,libressl)))
704 (synopsis "Let's Encrypt client by the OpenBSD project")
705 (description "acme-client is a Let's Encrypt client implemented in C. It
706 uses a modular design, and attempts to secure itself by dropping privileges and
707 operating in a chroot where possible. acme-client is developed on OpenBSD and
708 then ported to the GNU / Linux environment.")
709 (home-page "https://kristaps.bsd.lv/acme-client/")
710 ;; acme-client is distributed under the ISC license, but the files 'jsmn.h'
711 ;; and 'jsmn.c' are distributed under the Expat license.
712 (license (list license:isc license:expat))))
jackhill's copy of GNU Guix: https://guix.gnu.org/