;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
-;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2016, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
;;;
;;; This file is part of GNU Guix.
(let ((root (assoc-ref %build-inputs "isrgrootx1.pem"))
(intermediate (assoc-ref %build-inputs "letsencryptauthorityx3.pem"))
(backup (assoc-ref %build-inputs "letsencryptauthorityx4.pem"))
- (out (string-append (assoc-ref %outputs "out") "/etc/ssl/certs")))
+ (out (string-append (assoc-ref %outputs "out") "/etc/ssl/certs"))
+ (openssl (assoc-ref %build-inputs "openssl"))
+ (perl (assoc-ref %build-inputs "perl")))
(mkdir-p out)
(for-each
(lambda (cert)
(copy-file cert (string-append out "/"
(strip-store-file-name cert))))
- (list root intermediate backup))))))
+ (list root intermediate backup))
+
+ ;; Create hash symlinks suitable for OpenSSL ('SSL_CERT_DIR' and
+ ;; similar.)
+ (chdir (string-append %output "/etc/ssl/certs"))
+ (unless (zero? (system* (string-append perl "/bin/perl")
+ (string-append openssl "/bin/c_rehash")
+ "."))
+ (error "'c_rehash' failed" openssl))))))
+ (native-inputs
+ `(("openssl" ,openssl)
+ ("perl" ,perl))) ;for 'c_rehash'
(inputs
`(; The Let's Encrypt root certificate, "ISRG Root X1".
("isrgrootx1.pem"
HCoop / jackhill / guix / guix.git / commitdiff