gnu: libressl: Update to 2.5.1.

[jackhill/guix/guix.git] / gnu / packages / tls.scm

diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index c3f2d9b..32aa7a6 100644 (file)
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -4,10 +4,9 @@
 ;;; Copyright © 2014 Ian Denhardt <ian@zenhack.net>
 ;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
 ;;; Copyright © 2015 David Thompson <davet@gnu.org>
-;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name>
 ;;; Copyright © 2015, 2016, 2017 Leo Famulari <leo@famulari.name>
 ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
-;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
 ;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -33,6 +32,7 @@
   #:use-module (guix build-system gnu)
   #:use-module (guix build-system perl)
   #:use-module (guix build-system python)
+  #:use-module (guix build-system cmake)
   #:use-module (gnu packages compression)
   #:use-module (gnu packages)
   #:use-module (gnu packages guile)
@@ -406,7 +406,7 @@ required structures.")
     (inherit openssl)
     (replacement #f)
     (name "openssl")
-    (version "1.1.0d")
+    (version "1.1.0e")
     (source (origin
              (method url-fetch)
              (uri (list (string-append "ftp://ftp.openssl.org/source/"
@@ -417,7 +417,7 @@ required structures.")
               (patches (search-patches "openssl-1.1.0-c-rehash-in.patch"))
               (sha256
                (base32
-                "1pv0zql3r73qpjini90hn29l28d65b7i777zav0larbmi6gbnpkx"))))
+                "0k47sdd9gs6yxfv6ldlgpld2lyzrkcv9kz4cf88ck04xjwc8dgjp"))))
     (outputs '("out"
                "doc"        ;1.3MiB of man3 pages
                "static"))   ; 5.5MiB of .a files
@@ -469,7 +469,7 @@ required structures.")
 (define-public libressl
   (package
     (name "libressl")
-    (version "2.5.0")
+    (version "2.5.1")
     (source
      (origin
       (method url-fetch)
@@ -478,7 +478,7 @@ required structures.")
              version ".tar.gz"))
       (sha256
        (base32
-        "1bkfvapi4z826slycmicvs7hwgk4l82gd8w6nqvznldbammvyll6"))))
+        "1kc709scgd76vk7fld4jnb4wb5lxdv1cj8zsgyjb33xp4jlf06pp"))))
     (build-system gnu-build-system)
     (native-search-paths
       ;; FIXME: These two variables must designate a single file or directory
@@ -506,13 +506,14 @@ security, and applying best practice development processes.")
 (define-public python-acme
   (package
     (name "python-acme")
-    (version "0.10.2")
+    ;; Remember to update the hash of certbot when updating python-acme.
+    (version "0.12.0")
     (source (origin
               (method url-fetch)
               (uri (pypi-uri "acme" version))
       (sha256
        (base32
-        "0y6y8d66yvwdcby96g0dlqqwy72b81yh6hws4va8r7w4aribcrb4"))))
+        "1pzv8fcfwdqzvvpyhgjz412is0b98yj9495k8sidzzqgbdmvlp50"))))
     (build-system python-build-system)
     (arguments
      `(#:phases
@@ -555,13 +556,15 @@ security, and applying best practice development processes.")
 (define-public certbot
   (package
     (name "certbot")
-    (version "0.10.2")
+    ;; Certbot and python-acme are developed in the same repository, and their
+    ;; versions should remain synchronized.
+    (version (package-version python-acme))
     (source (origin
               (method url-fetch)
               (uri (pypi-uri name version))
               (sha256
                (base32
-                "0c8nidbbq8p4rjhcrw31saw04n5rz4zgr08chbch17gw03hrqwik"))))
+                "1dw86gb8lyap5ckjawmli1hxgbchw2g62g1lqfvxyqjv0df94waa"))))
     (build-system python-build-system)
     (arguments
      `(#:python ,python-2
@@ -752,7 +755,7 @@ number generator")
 (define-public acme-client
   (package
     (name "acme-client")
-    (version "0.1.15")
+    (version "0.1.16")
     (source (origin
               (method url-fetch)
               (uri (string-append "https://kristaps.bsd.lv/" name "/"
@@ -760,7 +763,7 @@ number generator")
                                   version ".tgz"))
               (sha256
                (base32
-                "07p723391whrswl4rir0l1k03l457sjscnj0cfaxr8mfnkx4y3wi"))))
+                "00q05b3b1dfnfp7sr1nbd212n0mqrycl3cr9lbs51m7ncaihbrz9"))))
     (build-system gnu-build-system)
     (arguments
      '(#:tests? #f ; no test suite
@@ -791,3 +794,31 @@ then ported to the GNU / Linux environment.")
     ;; acme-client is distributed under the ISC license, but the files 'jsmn.h'
     ;; and 'jsmn.c' are distributed under the Expat license.
     (license (list license:isc license:expat))))
+
+;; The "-apache" variant is the upstreamed prefered variant. A "-gpl"
+;; variant exists in addition to the "-apache" one.
+(define-public mbedtls-apache
+  (package
+    (name "mbedtls-apache")
+    (version "2.4.0")
+    (source
+     (origin
+       (method url-fetch)
+       ;; XXX: The download links on the website are script redirection links
+       ;; which effectively lead to the format listed in the uri here.
+       (uri (string-append "https://tls.mbed.org/download/mbedtls-"
+                           version "-apache.tgz"))
+       (sha256
+        (base32
+         "03bzbfidigljva6xj49k38q3kwlbj75lrky4a0ainylzsfg5bhy1"))))
+    (build-system cmake-build-system)
+    (native-inputs
+     `(("perl" ,perl)))
+    (synopsis "Small TLS library")
+    (description
+     "@code{mbed TLS}, formerly known as PolarSSL, makes it trivially easy
+for developers to include cryptographic and SSL/TLS capabilities in their
+(embedded) products, facilitating this functionality with a minimal
+coding footprint.")
+    (home-page "https://tls.mbed.org")
+    (license license:asl2.0)))