#:use-module (gnu packages python)
#:use-module (gnu packages python-crypto)
#:use-module (gnu packages python-web)
+ #:use-module (gnu packages python-xyz)
#:use-module (gnu packages texinfo)
#:use-module (gnu packages time)
#:use-module (gnu packages base)
(base32
"1jlc1iahj8k3haz28j55nzg7sgni5h41vqy461i1bpbx6668wlky"))))
(build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags '("--disable-static")))
(native-inputs `(("perl" ,perl)))
(home-page "https://www.gnu.org/software/libtasn1/")
(synopsis "ASN.1 library")
(define-public p11-kit
(package
(name "p11-kit")
- (version "0.23.14")
+ (version "0.23.15")
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/p11-glue/p11-kit/releases/"
"download/" version "/p11-kit-" version ".tar.gz"))
+ (patches (search-patches "p11-kit-jks-timestamps.patch"))
(sha256
(base32
- "0w0dkq9388grbbn4bv2p55vy1j51f7nd9hzlc9gz4fbm4dnzmf8w"))))
+ "166pwj00cffv4qq4dvx0k53zka0b0r1fa0whc49007vsqyh3khgp"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))
(define-public gnutls
(package
(name "gnutls")
- (version "3.5.18")
+ (version "3.6.5")
(source (origin
(method url-fetch)
(uri
(string-append "mirror://gnupg/gnutls/v"
(version-major+minor version)
"/gnutls-" version ".tar.xz"))
- (patches
- (search-patches "gnutls-skip-trust-store-test.patch"
- "gnutls-skip-pkgconfig-test.patch"))
+ (patches (search-patches "gnutls-skip-trust-store-test.patch"))
(sha256
(base32
- "0d02x28fwkkx7xzn7807nww6idchizzq3plx8sfcyiw7wzclh8mf"))))
+ "0ddvg97dyrh8dkffv1mdc0knxx5my3qdbzv97s4a6jggmk9wwgh7"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; XXX: The generated configure script in GnuTLS 3.6.5
+ ;; apparently does not know about Guile 2.2.
+ (substitute* "configure"
+ (("guile_versions_to_search=\"2\\.0 1\\.8\"")
+ "guile_versions_to_search=\"2.2 2.0 1.8\""))
+ #t))))
(build-system gnu-build-system)
(arguments
`(; Ensure we don't keep a reference to this buggy software.
(define-public openssl
(package
(name "openssl")
- (replacement openssl/fixed)
- (version "1.0.2o")
+ (version "1.0.2p")
(source (origin
(method url-fetch)
(uri (list (string-append "https://www.openssl.org/source/openssl-"
"/" name "-" version ".tar.gz")))
(sha256
(base32
- "0kcy13l701054nhpbd901mz32v1kn4g311z0nifd83xs2jbmqgzc"))
+ "003xh9f898i56344vpvpxxxzmikivxig4xwlm7vbi7m8n43qxaah"))
(patches (search-patches "openssl-runpath.patch"
"openssl-c-rehash-in.patch"))))
(build-system gnu-build-system)
(string-append "--openssldir=" out
"/share/openssl-" ,version)
- (string-append "--prefix=" out)
-
- ;; XXX FIXME: Work around a code generation bug in GCC
- ;; 4.9.3 on ARM when compiled with -mfpu=neon. See:
- ;; <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66917>
- ,@(if (and (not (%current-target-system))
- (string-prefix? "armhf" (%current-system)))
- '("-mfpu=vfpv3")
- '())))))
+ (string-append "--prefix=" out)))))
(add-after
'install 'make-libraries-writable
(lambda* (#:key outputs #:allow-other-keys)
(license license:openssl)
(home-page "https://www.openssl.org/")))
-(define openssl/fixed
- (package
- (inherit openssl)
- (source (origin
- (inherit (package-source openssl))
- (patches (append (origin-patches (package-source openssl))
- (search-patches "openssl-1.0.2-CVE-2018-0495.patch"
- "openssl-1.0.2-CVE-2018-0732.patch")))))))
-
(define-public openssl-next
(package
(inherit openssl)
(name "openssl")
- (version "1.1.1")
+ (version "1.1.1a")
(source (origin
(method url-fetch)
(uri (list (string-append "https://www.openssl.org/source/openssl-"
(patches (search-patches "openssl-1.1-c-rehash-in.patch"))
(sha256
(base32
- "0gbab2fjgms1kx5xjvqx8bxhr98k4r8l2fa8vw7kvh491xd8fdi8"))))
+ "0hcz7znzznbibpy3iyyhvlqrq44y88plxwdj32wjzgbwic7i687w"))))
(outputs '("out"
- "doc" ; 6.7 MiB of man3 pages and full HTML documentation
+ "doc" ; 6.8 MiB of man3 pages and full HTML documentation
"static")) ; 6.4 MiB of .a files
(arguments
(substitute-keyword-arguments (package-arguments openssl)
((#:phases phases)
`(modify-phases ,phases
(delete 'patch-tests) ; These two phases are not needed by
- (delete 'patch-Makefile.org) ; OpenSSL 1.1.0.
+ (delete 'patch-Makefile.org) ; OpenSSL 1.1.
;; Override configure phase since -rpath is now a configure option.
(replace 'configure
(package
(name "python-acme")
;; Remember to update the hash of certbot when updating python-acme.
- (version "0.27.1")
+ (version "0.31.0")
(source (origin
(method url-fetch)
(uri (pypi-uri "acme" version))
(sha256
(base32
- "142gynlfx7yv0sdba3gpdxlnhg9chhz7hpdxdrp630z17h1bk9ri"))))
+ "1gxjv09c695lj8swspa390nch117i60qkrgy135383vfk00jsp3y"))))
(build-system python-build-system)
(arguments
`(#:phases
(uri (pypi-uri name version))
(sha256
(base32
- "0anh3vjy9sif1bkp25nj76ii37xx8hh0igcx60ppag12xlabsw1m"))))
+ "0wq4jgyzli684h154w26xplp0fzyks2vlrnmhafhyb0h1bw9cc8c"))))
(build-system python-build-system)
(arguments
`(,@(substitute-keyword-arguments (package-arguments python-acme)
`(("python-nose" ,python-nose)
("python-mock" ,python-mock)
;; For documentation
- ("python-sphinx" ,python-sphinx-1.6)
+ ("python-sphinx" ,python-sphinx)
("python-sphinx-rtd-theme" ,python-sphinx-rtd-theme)
("python-sphinx-repoze-autointerface" ,python-sphinx-repoze-autointerface)
("python-sphinxcontrib-programoutput" ,python-sphinxcontrib-programoutput)
(define-public mbedtls-apache
(package
(name "mbedtls-apache")
- (version "2.7.6")
+ (version "2.16.0")
(source
(origin
(method url-fetch)
version "-apache.tgz"))
(sha256
(base32
- "0fl2nrxvlgx9ja7yy3kd1zadpr98fxbvn3f6fl2mj87gryhkfqlk"))))
+ "1qlscr0m97favkqmrlj90rlgw40h8lcypxz0snvr1iwkj1pbbnp3"))))
(build-system cmake-build-system)
(arguments
`(#:configure-flags
(list "-DUSE_SHARED_MBEDTLS_LIBRARY=ON")))
(native-inputs
- `(("perl" ,perl)))
+ `(("perl" ,perl)
+ ("python" ,python)))
(synopsis "Small TLS library")
(description
"@code{mbed TLS}, formerly known as PolarSSL, makes it trivially easy
(home-page "https://tls.mbed.org")
(license license:asl2.0)))
+;; The Hiawatha Web server requires some specific features to be enabled.
+(define-public mbedtls-for-hiawatha
+ (hidden-package
+ (package
+ (inherit mbedtls-apache)
+ (arguments
+ (substitute-keyword-arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (add-after 'configure 'configure-extra-features
+ (lambda _
+ (for-each (lambda (feature)
+ (invoke "scripts/config.pl" "set" feature))
+ (list "MBEDTLS_THREADING_C"
+ "MBEDTLS_THREADING_PTHREAD"))
+ #t)))
+ ,@(package-arguments mbedtls-apache)))))))
+
(define-public ghc-tls
(package
(name "ghc-tls")
- (version "1.3.8")
+ (version "1.4.1")
(source (origin
(method url-fetch)
(uri (string-append "https://hackage.haskell.org/package/"
"tls/tls-" version ".tar.gz"))
(sha256
(base32
- "1rdidf18i781c0vdvy9yn79yh08hmcacf6fp3sgghyiy3h0wyh5l"))))
+ "1y083724mym28n6xfaz7pcc7zqxdhjpaxpbvzxfbs25qq2px3smv"))))
(build-system haskell-build-system)
(inputs
- `(("ghc-mtl" ,ghc-mtl)
- ("ghc-cereal" ,ghc-cereal)
+ `(("ghc-cereal" ,ghc-cereal)
("ghc-data-default-class" ,ghc-data-default-class)
("ghc-memory" ,ghc-memory)
("ghc-cryptonite" ,ghc-cryptonite)