;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2015, 2016, 2017 Leo Famulari <leo@famulari.name>
-;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;;
(method url-fetch)
(uri (string-append "mirror://gnu/libtasn1/libtasn1-"
version ".tar.gz"))
+ (patches (search-patches "libtasn1-CVE-2017-6891.patch"))
(sha256
(base32
"00jsix5hny0g768zv4hk78dib7w0qmk5fbizf4jj37r51nd4s6k8"))))
(define-public asn1c
(package
(name "asn1c")
- (version "0.9.27")
+ (version "0.9.28")
(source (origin
(method url-fetch)
(uri (string-append "https://lionet.info/soft/asn1c-"
version ".tar.gz"))
(sha256
(base32
- "17nvn2kzvlryasr9dzqg6gs27b9lvqpval0k31pb64bjqbhn8pq2"))))
+ "1fc64g45ykmv73kdndr4zdm4wxhimhrir4rxnygxvwkych5l81w0"))))
(build-system gnu-build-system)
(native-inputs
`(("perl" ,perl)))
(define-public gnutls
(package
(name "gnutls")
- (version "3.5.9")
+ (version "3.5.10")
(source (origin
(method url-fetch)
(uri
"/gnutls-" version ".tar.xz"))
(sha256
(base32
- "0l9971841jsfdcvcyhas17sk5rsby6x5vvwcmmj4x3zi9q60zcc2"))))
+ "17apwvdkkazh5w8z8mbanpj2yj8s2002qwy46wz4v3akpa33wi5g"))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags
- (list (string-append "--with-guile-site-dir="
- (assoc-ref %outputs "out")
- "/share/guile/site/2.0")
+ (list
;; GnuTLS doesn't consult any environment variables to specify
;; the location of the system-wide trust store. Instead it has a
;; configure-time option. Unless specified, its configure script
("pkg-config" ,pkg-config)
("which" ,which)))
(inputs
- `(("guile" ,guile-2.0)))
+ `(("guile" ,guile-2.2)))
(propagated-inputs
;; These are all in the 'Requires.private' field of gnutls.pc.
`(("libtasn1" ,libtasn1)
(ftp-directory . "/gcrypt/gnutls")))))
(define-public gnutls/guile-2.2
- ;; GnuTLS for Guile 2.2. This is supported by GnuTLS >= 3.5.5.
+ (deprecated-package "guile2.2-gnutls" gnutls))
+
+(define-public gnutls/guile-2.0
+ ;; GnuTLS for Guile 2.0.
(package
(inherit gnutls)
- (name "guile2.2-gnutls")
- (arguments
- ;; Remove '--with-guile-site-dir=…/2.0'.
- (substitute-keyword-arguments (package-arguments gnutls)
- ((#:configure-flags flags)
- `(cdr ,flags))))
- (inputs `(("guile" ,guile-2.2)
+ (name "guile2.0-gnutls")
+ (inputs `(("guile" ,guile-2.0)
,@(alist-delete "guile" (package-inputs gnutls))))))
(define-public openssl
(define-public libressl
(package
(name "libressl")
- (version "2.5.3")
+ (version "2.5.4")
(source
(origin
(method url-fetch)
version ".tar.gz"))
(sha256
(base32
- "0c4awq45cl757fv7f7f75i5i0ibc6v7ns13n7xvfak7chv2lrqql"))))
+ "1ykf6dqlbafafhbdfmcj19pjj1z6wmsq0rmyqga1i0xv5x95nyhh"))))
(build-system gnu-build-system)
+ (arguments
+ ;; Do as if 'getentropy' was missing since older Linux kernels lack it
+ ;; and libc would return ENOSYS, which is not properly handled.
+ ;; See <https://lists.gnu.org/archive/html/guix-devel/2017-04/msg00235.html>.
+ '(#:configure-flags '("ac_cv_func_getentropy=no")))
(native-search-paths
;; FIXME: These two variables must designate a single file or directory
;; and are not actually "search paths." In practice it works OK in
(search-path-specification
(variable "SSL_CERT_FILE")
(files '("etc/ssl/certs/ca-certificates.crt")))))
- (home-page "http://www.libressl.org/")
+ (home-page "https://www.libressl.org/")
(synopsis "SSL/TLS implementation")
(description "LibreSSL is a version of the TLS/crypto stack forked
from OpenSSL in 2014, with the goals of modernizing the codebase, improving
(package
(name "python-acme")
;; Remember to update the hash of certbot when updating python-acme.
- (version "0.13.0")
+ (version "0.14.1")
(source (origin
(method url-fetch)
(uri (pypi-uri "acme" version))
(sha256
(base32
- "05cqadwzgfcianw3v0qxwja65dxnzw429f7dk8w0mnh21pib72bl"))))
+ "0asmkfkzbswnkrvbj5m01xgy4f6g1fjbj2nir1hhrn3ipcdrsv8f"))))
(build-system python-build-system)
-
(arguments
`(#:phases
(modify-phases %standard-phases
("python-sphinx-rtd-theme" ,python-sphinx-rtd-theme)
("texinfo" ,texinfo)))
(propagated-inputs
- `(("python-ndg-httpsclient" ,python-ndg-httpsclient)
- ("python-werkzeug" ,python-werkzeug)
- ("python-six" ,python-six)
+ `(("python-six" ,python-six)
("python-requests" ,python-requests)
("python-pytz" ,python-pytz)
("python-pyrfc3339" ,python-pyrfc3339)
(uri (pypi-uri name version))
(sha256
(base32
- "1wq0khcf4ixda71cgfd9rkqqzx6j8hp8ha0cssvjzjnsgrsdffpn"))))
+ "0rdby57hw35qdrbl7kigscphnz4kqb608bqzrcb73nb99092i6si"))))
(build-system python-build-system)
(arguments
`(#:python ,python-2
(propagated-inputs
`(("python2-acme" ,python2-acme)
("python2-zope-interface" ,python2-zope-interface)
- ("python2-pythondialog" ,python2-pythondialog)
("python2-pyrfc3339" ,python2-pyrfc3339)
("python2-pyopenssl" ,python2-pyopenssl)
("python2-configobj" ,python2-configobj)
http servers, too), an sslcat() function for writing your own clients, and
finally access to the SSL api of the SSLeay/OpenSSL package so you can write
servers or clients for more complicated applications.")
- (license (package-license perl))
+ (license license:perl-license)
(home-page "http://search.cpan.org/~mikem/Net-SSLeay-1.66/")))
(define-public perl-crypt-openssl-rsa
"RSA encoding and decoding, using the openSSL libraries")
(description "Crypt::OpenSSL::RSA does RSA encoding and decoding (using the
OpenSSL libraries).")
- (license (package-license perl))))
+ (license license:perl-license)))
(define perl-crypt-arguments
`(#:phases (modify-phases %standard-phases
(description "Crypt::OpenSSL::Bignum provides multiprecision integer
arithmetic in Perl.")
;; At your option either gpl1+ or the Artistic License
- (license (package-license perl))))
+ (license license:perl-license)))
(define-public perl-crypt-openssl-random
(package
"OpenSSL/LibreSSL pseudo-random number generator access")
(description "Crypt::OpenSSL::Random is a OpenSSL/LibreSSL pseudo-random
number generator")
- (license (package-license perl))))
+ (license license:perl-license)))
(define-public acme-client
(package
HCoop / jackhill / guix / guix.git / blobdiff