gnu/packages/tls.scm

   1 ;;; GNU Guix --- Functional package management for GNU
   2 ;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
   3 ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
   4 ;;; Copyright © 2014 Ian Denhardt <ian@zenhack.net>
   5 ;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
   6 ;;;
   7 ;;; This file is part of GNU Guix.
   8 ;;;
   9 ;;; GNU Guix is free software; you can redistribute it and/or modify it
  10 ;;; under the terms of the GNU General Public License as published by
  11 ;;; the Free Software Foundation; either version 3 of the License, or (at
  12 ;;; your option) any later version.
  13 ;;;
  14 ;;; GNU Guix is distributed in the hope that it will be useful, but
  15 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
  16 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17 ;;; GNU General Public License for more details.
  18 ;;;
  19 ;;; You should have received a copy of the GNU General Public License
  20 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
  21
  22 (define-module (gnu packages tls)
  23   #:use-module ((guix licenses) #:select (lgpl2.0+ lgpl2.1+ bsd-3))
  24   #:use-module (guix packages)
  25   #:use-module (guix download)
  26   #:use-module (guix utils)
  27   #:use-module (guix build-system gnu)
  28   #:use-module (gnu packages compression)
  29   #:use-module (gnu packages)
  30   #:use-module (gnu packages guile)
  31   #:use-module (gnu packages libffi)
  32   #:use-module (gnu packages libidn)
  33   #:use-module (gnu packages nettle)
  34   #:use-module (gnu packages perl)
  35   #:use-module (gnu packages pkg-config)
  36   #:use-module (gnu packages texinfo)
  37   #:use-module (gnu packages base))
  38
  39 (define-public libtasn1
  40   (package
  41     (name "libtasn1")
  42     (version "4.5")
  43     (source
  44      (origin
  45       (method url-fetch)
  46       (uri (string-append "mirror://gnu/libtasn1/libtasn1-"
  47                           version ".tar.gz"))
  48       (sha256
  49        (base32
  50         "1nhvnznhg2aqfrfjxc8v008hjlzkh5831jsfahqk89qrw7fbbcw9"))))
  51     (build-system gnu-build-system)
  52     (native-inputs `(("perl" ,perl)
  53
  54                      ;; XXX: For some reason, libtasn1.info wants to be
  55                      ;; rebuilt, so we must provide 'makeinfo'.
  56                      ("texinfo" ,texinfo)))
  57     (home-page "http://www.gnu.org/software/libtasn1/")
  58     (synopsis "ASN.1 library")
  59     (description
  60      "GNU libtasn1 is a library implementing the ASN.1 notation.  It is used
  61 for transmitting machine-neutral encodings of data objects in computer
  62 networking, allowing for formal validation of data according to some
  63 specifications.")
  64     (license lgpl2.0+)))
  65
  66 (define-public p11-kit
  67   (package
  68     (name "p11-kit")
  69     (version "0.23.1")
  70     (source
  71      (origin
  72       (method url-fetch)
  73       (uri (string-append "http://p11-glue.freedesktop.org/releases/p11-kit-"
  74                           version ".tar.gz"))
  75       (sha256
  76        (base32
  77         "1i3a1wdpagm0p3y1bwaz5x5rjhcpqbcrnhkcp10p259vkxk72wz5"))
  78       (modules '((guix build utils))) ; for substitute*
  79       (snippet
  80         '(begin
  81            ;; Drop one test that fails, also when trying to compile manually.
  82            ;; Reported upstream at
  83            ;; https://bugs.freedesktop.org/show_bug.cgi?id=89027
  84            (substitute* "Makefile.in"
  85              (("test-module\\$\\(EXEEXT\\) ") ""))))))
  86     (build-system gnu-build-system)
  87     (native-inputs
  88      `(("pkg-config" ,pkg-config)))
  89     (inputs
  90      `(("libffi" ,libffi)
  91        ("libtasn1" ,libtasn1)))
  92     (arguments
  93      `(#:configure-flags '("--without-trust-paths")))
  94     (home-page "http://p11-glue.freedesktop.org/p11-kit.html")
  95     (synopsis "PKCS#11 library")
  96     (description
  97      "p11-kit provides a way to load and enumerate PKCS#11 modules.  It
  98 provides a standard configuration setup for installing PKCS#11 modules
  99 in such a way that they are discoverable.  It also solves problems with
 100 coordinating the use of PKCS#11 by different components or libraries
 101 living in the same process.")
 102     (license bsd-3)))
 103
 104 (define-public gnutls
 105   (package
 106     (name "gnutls")
 107     (version "3.4.1")
 108     (source (origin
 109              (method url-fetch)
 110              (uri
 111               ;; Note: Releases are no longer on ftp.gnu.org since the
 112               ;; schism (after version 3.1.5).
 113               (string-append "mirror://gnupg/gnutls/v"
 114                              (version-major+minor version)
 115                              "/gnutls-" version ".tar.xz"))
 116              (sha256
 117               (base32
 118                "0bmih0zyiplr4v8798w0v9g3215zmganq18n8935cizkxj5zbdg9"))))
 119     (build-system gnu-build-system)
 120     (arguments
 121      '(#:configure-flags
 122        (list (string-append "--with-guile-site-dir="
 123                             (assoc-ref %outputs "out")
 124                             "/share/guile/site/2.0")
 125              ;; GnuTLS doesn't consult any environment variables to specify
 126              ;; the location of the system-wide trust store.  Instead it has a
 127              ;; configure-time option.  Unless specified, its configure script
 128              ;; attempts to auto-detect the location by looking for common
 129              ;; places in the filesystem, none of which are present in our
 130              ;; chroot build environment.  If not found, then no default trust
 131              ;; store is used, so each program has to provide its own
 132              ;; fallback, and users have to configure each program
 133              ;; independently.  This seems suboptimal.
 134              "--with-default-trust-store-dir=/etc/ssl/certs"
 135
 136              ;; FIXME: Temporarily disable p11-kit support since it is not
 137              ;; working on mips64el.
 138              "--without-p11-kit")
 139
 140        #:phases (modify-phases %standard-phases
 141                   (add-after
 142                    'install 'move-doc
 143                    (lambda* (#:key outputs #:allow-other-keys)
 144                      ;; Copy the 4.1 MiB of section 3 man pages to "doc".
 145                      (let* ((out    (assoc-ref outputs "out"))
 146                             (doc    (assoc-ref outputs "doc"))
 147                             (mandir (string-append doc "/share/man"))
 148                             (oldman (string-append out "/share/man/man3")))
 149                        (mkdir-p mandir)
 150                        (copy-recursively oldman mandir)
 151                        (delete-file-recursively oldman)
 152                        #t))))))
 153     (outputs '("out"                              ;4.4 MiB
 154                "debug"
 155                "doc"))                            ;4.1 MiB of man pages
 156     (native-inputs
 157      `(("pkg-config" ,pkg-config)
 158        ("which" ,which)))
 159     (inputs
 160      `(("guile" ,guile-2.0)
 161        ("perl" ,perl)))
 162     (propagated-inputs
 163      ;; These are all in the 'Requires.private' field of gnutls.pc.
 164      `(("libtasn1" ,libtasn1)
 165        ("libidn" ,libidn)
 166        ("nettle" ,nettle)
 167        ("zlib" ,zlib)))
 168     (home-page "http://www.gnu.org/software/gnutls/")
 169     (synopsis "Transport layer security library")
 170     (description
 171      "GnuTLS is a secure communications library implementing the SSL, TLS
 172 and DTLS protocols.  It is provided in the form of a C library to support the
 173 protocols, as well as to parse and write X.5009, PKCS 12, OpenPGP and other
 174 required structures.")
 175     (license lgpl2.1+)))