;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014, 2015, 2016, 2017, 2018 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014 Ian Denhardt <ian@zenhack.net>
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2015, 2016, 2017, 2018, 2019 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016, 2017, 2019 Efraim Flashner <efraim@flashner.co.il>
-;;; Copyright © 2016, 2017, 2018 ng0 <ng0@n0.is>
+;;; Copyright © 2016, 2017, 2018 Nikita <nikita@n0.is>
;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
-;;; Copyright © 2017, 2018, 2019 Marius Bakke <mbakke@fastmail.com>
+;;; Copyright © 2017, 2018, 2019, 2020 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com>
+;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
#:use-module (gnu packages dns)
#:use-module (gnu packages gawk)
#:use-module (gnu packages guile)
+ #:use-module (gnu packages hurd)
#:use-module (gnu packages libbsd)
#:use-module (gnu packages libffi)
#:use-module (gnu packages libidn)
(define-public libtasn1
(package
(name "libtasn1")
- (version "4.15.0")
+ (version "4.16.0")
(source
(origin
(method url-fetch)
version ".tar.gz"))
(sha256
(base32
- "17kkh89zfnwszw657fj13y2gamzay33lsrfazgm4sc7mx2gm0xyx"))))
+ "179jskl7dmfp1rd2khkzmlibzgki4wi6hvmmwfv7q49r728b03qf"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags '("--disable-static")))
(define-public p11-kit
(package
(name "p11-kit")
- (version "0.23.18.1")
+ (version "0.23.20")
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/p11-glue/p11-kit/releases/"
- "download/" version "/p11-kit-" version ".tar.gz"))
+ "download/" version "/p11-kit-" version ".tar.xz"))
(sha256
(base32
- "0vrwab1082f7l5sbzpb28nrs3q4d2q7wzbi8c977rpah026bvhrl"))))
+ "0131maw666ha4d6iyj13fkz18c4pnb3lw2xwv5kvkmnzqcj61n0l"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))
(define-public gnutls
(package
(name "gnutls")
- (version "3.6.11.1")
+ ;; XXX Unversion openconnect's "gnutls" input when ungrafting.
+ (replacement gnutls-3.6.14)
+ (version "3.6.12")
(source (origin
(method url-fetch)
(uri
(patches (search-patches "gnutls-skip-trust-store-test.patch"))
(sha256
(base32
- "1y1wadpsrj5ai603xv5bgssl9v0pb1si2hg14zqdnmcsvgri5fpv"))))
+ "0jvca1qahn9lrwv6f5kfs95icirc15b2a8x9fzczyj996ipg3b5z"))))
(build-system gnu-build-system)
(arguments
- `(; Ensure we don't keep a reference to this buggy software.
- #:disallowed-references (,net-tools)
+ `(#:tests? ,(not (hurd-target?))
+ ;; Ensure we don't keep a reference to net-tools.
+ #:disallowed-references ,(if (hurd-target?) '() (list net-tools))
#:configure-flags
(list
;; GnuTLS doesn't consult any environment variables to specify
"debug"
"doc")) ;4.1 MiB of man pages
(native-inputs
- `(("net-tools" ,net-tools)
+ `(,@(if (hurd-target?) '()
+ `(("net-tools" ,net-tools)))
("pkg-config" ,pkg-config)
- ("which" ,which)))
+ ("which" ,which)
+ ,@(if (hurd-target?) '()
+ `(("datefudge" ,datefudge))) ;tests rely on 'datefudge'
+ ("util-linux" ,util-linux))) ;one test needs 'setsid'
(inputs
- `(("guile" ,guile-2.2)))
+ `(("guile" ,guile-3.0)))
(propagated-inputs
;; These are all in the 'Requires.private' field of gnutls.pc.
`(("libtasn1" ,libtasn1)
(properties '((ftp-server . "ftp.gnutls.org")
(ftp-directory . "/gcrypt/gnutls")))))
-(define-public gnutls/guile-2.0
- ;; GnuTLS for Guile 2.0.
+(define-public gnutls-3.6.14
(package
(inherit gnutls)
+ (version "3.6.14")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnupg/gnutls/v"
+ (version-major+minor version)
+ "/gnutls-" version ".tar.xz"))
+ (patches (search-patches "gnutls-skip-trust-store-test.patch"
+ "gnutls-cross.patch"))
+ (sha256
+ (base32
+ "0qwxsfizynly0ns537vnhnlm5lh03la4vbsmz675n0n7vqd7ac2n"))))
+ (native-inputs
+ `(,@(if (%current-target-system) ;for cross-build
+ `(("guile" ,guile-3.0)) ;to create .go files
+ '())
+ ,@(package-native-inputs gnutls)))))
+
+(define-public gnutls/guile-2.0
+ ;; GnuTLS for Guile 2.0.
+ (package/inherit gnutls
(name "guile2.0-gnutls")
(inputs `(("guile" ,guile-2.0)
,@(alist-delete "guile" (package-inputs gnutls))))))
;; Authentication of Named Entities. This is required for GNS functionality
;; by GNUnet and gnURL. This is done in an extra package definition
;; to have the choice between GnuTLS with Dane and without Dane.
- (package
- (inherit gnutls)
+ (package/inherit gnutls
(name "gnutls-dane")
(inputs `(("unbound" ,unbound)
,@(package-inputs gnutls)))))
-(define gnutls-3.6.10
- ;; This is for 'guile3.0-gnutls', below. Version 3.6.10 is the first to
- ;; introduce Guile 2.9/3.0 support.
+(define-public guile2.2-gnutls
(package
(inherit gnutls)
- (version "3.6.10")
- (source (origin
- (inherit (package-source gnutls))
- (uri (string-append "mirror://gnupg/gnutls/v"
- (version-major+minor version)
- "/gnutls-" version ".tar.xz"))
- (sha256
- (base32
- "14r2h73yfj66cm14k9mnb3kgzq5a7qjg5b31m53bf19vcxkwmwxi"))))))
+ (name "guile2.2-gnutls")
+ (inputs `(("guile" ,guile-2.2)
+ ,@(alist-delete "guile"
+ (package-inputs gnutls))))))
(define-public guile3.0-gnutls
- (package
- (inherit gnutls-3.6.10)
- (name "guile3.0-gnutls")
- (arguments
- (substitute-keyword-arguments (package-arguments gnutls-3.6.10)
- ((#:phases phases '%standard-phases)
- `(modify-phases ,phases
- (add-before 'build 'leave-guile-stdout-open
- (lambda _
- ;; Work around <https://bugs.gnu.org/38348>.
- (substitute* "guile/Makefile"
- (("out=-") "out=/dev/null"))
- #t))))))
- (inputs `(("guile" ,guile-next)
- ,@(alist-delete "guile"
- (package-inputs gnutls-3.6.10))))))
+ (deprecated-package "guile3.0-gnutls" gnutls))
(define-public openssl
(package
(name "openssl")
- (version "1.1.1d")
+ (version "1.1.1f")
+ (replacement openssl-1.1.1g)
(source (origin
(method url-fetch)
(uri (list (string-append "https://www.openssl.org/source/openssl-"
"/openssl-" version ".tar.gz")))
(sha256
(base32
- "1whinyw402z3b9xlb3qaxv4b9sk4w1bgh9k0y8df1z4x3yy92fhy"))
+ "0d9zv9srjqivs8nn099fpbjv1wyhfcb8lzy491dpmfngdvz6nv0q"))
(patches (search-patches "openssl-1.1-c-rehash-in.patch"))))
(build-system gnu-build-system)
(outputs '("out"
(setenv "CROSS_COMPILE" (string-append target "-"))
(setenv "CONFIGURE_TARGET_ARCH"
(cond
+ ((string-prefix? "i586" target)
+ "hurd-x86")
((string-prefix? "i686" target)
"linux-x86")
((string-prefix? "x86_64" target)
(license license:openssl)
(home-page "https://www.openssl.org/")))
+(define openssl-1.1.1g
+ (package
+ (inherit openssl)
+ (version "1.1.1g")
+ (source (origin
+ (method url-fetch)
+ (uri (list (string-append "https://www.openssl.org/source/openssl-"
+ version ".tar.gz")
+ (string-append "ftp://ftp.openssl.org/source/"
+ "openssl-" version ".tar.gz")
+ (string-append "ftp://ftp.openssl.org/source/old/"
+ (string-trim-right version char-set:letter)
+ "/openssl-" version ".tar.gz")))
+ (patches (search-patches "openssl-1.1-c-rehash-in.patch"))
+ (sha256
+ (base32
+ "0ikdcc038i7jk8h7asq5xcn8b1xc2rrbc88yfm4hqbz3y5s4gc6x"))))))
+
(define-public openssl-1.0
(package
(inherit openssl)
(name "openssl")
- (version "1.0.2t")
+ (version "1.0.2u")
(source (origin
(method url-fetch)
(uri (list (string-append "https://www.openssl.org/source/openssl-"
"/openssl-" version ".tar.gz")))
(sha256
(base32
- "1g67ra0ph7gpz6fgvv1i96d792jmd6ymci5kk53vbikszr74djql"))
+ "05lxcs4hzyfqd5jn0d9p0fvqna62v2s4pc9qgmq0dpcknkzwdl7c"))
(patches (search-patches "openssl-runpath.patch"
"openssl-c-rehash-in.patch"))))
(outputs '("out"
(define-public libressl
(package
(name "libressl")
- (version "2.7.4")
+ (version "3.0.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://openbsd/LibreSSL/"
"libressl-" version ".tar.gz"))
(sha256
(base32
- "19kxa5i97q7p6rrps9qm0nd8zqhdjvzx02j72400c73cl2nryfhy"))))
+ "13ir2lpxz8y1m151k7lrx306498nzfhwlvgkgv97v5cvywmifyyz"))))
(build-system gnu-build-system)
(arguments
;; Do as if 'getentropy' was missing since older Linux kernels lack it
(package
(name "python-acme")
;; Remember to update the hash of certbot when updating python-acme.
- (version "1.0.0")
+ (version "1.3.0")
(source (origin
(method url-fetch)
(uri (pypi-uri "acme" version))
(sha256
(base32
- "1hl62dnh8zsipa5azzpy5kwgjgb5vflinhna1fsn7rcchhpz223a"))))
+ "03fjmg0fgfy7xfn3i8rzn9i0i4amajmijkash84qb8mlphgrxpn0"))))
(build-system python-build-system)
(arguments
`(#:phases
(uri (pypi-uri "certbot" version))
(sha256
(base32
- "0aih7sir5byy8ah9lrgzwcaga7hjw98qj8bb1pxzzzqrvcqjvf46"))))
+ "1n5i0k6kwmd6wvivshfl3k4djwcpwx390c39xmr2hhrgpk5r285w"))))
(build-system python-build-system)
(arguments
`(,@(substitute-keyword-arguments (package-arguments python-acme)
(define-public mbedtls-apache
(package
(name "mbedtls-apache")
- (version "2.16.3")
+ ;; XXX Check whether ‘-Wformat-signedness’ still breaks mbedtls-for-hiawatha
+ ;; when updating.
+ (version "2.23.0")
(source
(origin
- (method url-fetch)
- ;; XXX: The download links on the website are script redirection links
- ;; which effectively lead to the format listed in the uri here.
- (uri (string-append "https://tls.mbed.org/download/mbedtls-"
- version "-apache.tgz"))
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/ARMmbed/mbedtls")
+ (commit (string-append "mbedtls-" version))))
(sha256
- (base32
- "0qd65lnr63vmx2gxla6lcmm5gawlnaj4wy4h4vmdc3h9h9nyw6zc"))))
+ (base32 "13fa9h2i989cbf8n8c0j019mshv6wg213va18my1s787lhcq2d62"))
+ (file-name (git-file-name name version))))
(build-system cmake-build-system)
(arguments
`(#:configure-flags
- (list "-DUSE_SHARED_MBEDTLS_LIBRARY=ON")))
+ (list "-DUSE_SHARED_MBEDTLS_LIBRARY=ON"
+ "-DUSE_STATIC_MBEDTLS_LIBRARY=OFF")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'make-source-writable
+ (lambda _
+ (for-each make-file-writable (find-files "."))
+ #t)))))
(native-inputs
`(("perl" ,perl)
("python" ,python)))
(package
(inherit mbedtls-apache)
(arguments
- (substitute-keyword-arguments
- `(#:phases
- (modify-phases %standard-phases
- (add-after 'configure 'configure-extra-features
- (lambda _
- (for-each (lambda (feature)
- (invoke "scripts/config.pl" "set" feature))
- (list "MBEDTLS_THREADING_C"
- "MBEDTLS_THREADING_PTHREAD"))
- #t)))
- ,@(package-arguments mbedtls-apache)))))))
+ (substitute-keyword-arguments (package-arguments mbedtls-apache)
+ ((#:phases phases)
+ `(modify-phases ,phases
+ (add-before 'configure 'configure-extra-features
+ (lambda _
+ (for-each (lambda (feature)
+ (invoke "scripts/config.pl" "set" feature))
+ (list "MBEDTLS_THREADING_C"
+ "MBEDTLS_THREADING_PTHREAD"))
+ ;; XXX The above enables code that breaks with -Werror…
+ (substitute* "CMakeLists.txt"
+ ((" -Wformat-signedness") ""))
+ #t)))))))))
(define-public dehydrated
(package
(source (origin
(method url-fetch)
(uri (string-append
- "https://github.com/lukas2511/dehydrated/releases/download/"
+ "https://github.com/dehydrated-io/dehydrated/releases/download/"
"v" version "/dehydrated-" version ".tar.gz"))
(sha256
(base32
"0dgskgbdd95p13jx6s13p77y15wngb5cm6p4305cf2s54w0bvahh"))))
(build-system trivial-build-system)
(arguments
- `(#:modules ((guix build utils))
+ `(#:modules ((guix build utils)
+ (srfi srfi-26))
#:builder
(begin
- (use-modules (guix build utils))
+ (use-modules (guix build utils)
+ (srfi srfi-26))
(let* ((source (assoc-ref %build-inputs "source"))
(tar (assoc-ref %build-inputs "tar"))
(gz (assoc-ref %build-inputs "gzip"))
(out (assoc-ref %outputs "out"))
(bin (string-append out "/bin"))
- (doc (string-append out "/share/doc/"))
+ (doc (string-append out "/share/doc/" ,name "-" ,version))
+ (man (string-append out "/share/man"))
(bash (in-vicinity (assoc-ref %build-inputs "bash") "bin")))
(setenv "PATH" (string-append gz "/bin"))
(invoke (string-append tar "/bin/tar") "xvf" source)
(chdir (string-append ,name "-" ,version))
+ (copy-recursively "docs" doc)
+ (install-file "LICENSE" doc)
+
+ (mkdir-p man)
+ (rename-file (string-append doc "/man")
+ (string-append man "/man1"))
+ (for-each (cut invoke "gzip" "-9" <>)
+ (find-files man ".*"))
+
(install-file "dehydrated" bin)
- (install-file "LICENSE" (string-append doc ,name "-" ,version))
(with-directory-excursion bin
(patch-shebang "dehydrated" (list bash))
- ;; Do not try to write in the store.
+ ;; Do not try to write to the store.
(substitute* "dehydrated"
(("SCRIPTDIR=\"\\$.*\"") "SCRIPTDIR=~/.dehydrated"))
(license license:expat)))
(define-public go-github-com-certifi-gocertifi
- (let ((commit "d2eda712971317d7dd278bc2a52acda7e945f97e")
- (revision "0"))
+ (let ((commit "a5e0173ced670013bfb649c7e806bc9529c986ec")
+ (revision "1"))
(package
(name "go-github-com-certifi-gocertifi")
(version (git-version "2018.01.18" revision commit))
(file-name (git-file-name name version))
(sha256
(base32
- "0f3v26xps7gadw4qfmh1kxbpgp0cgqdd61a257xnnvnd7ll6k8dh"))))
+ "1n9drccl3q1rr8wg3nf60slkf1lgsmz5ahifrglbdrc6har3rryj"))))
(build-system go-build-system)
(arguments
'(#:import-path "github.com/certifi/gocertifi"))