diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix
index f0212aeabee..d05e3f21e8a 100644
--- a/pkgs/development/libraries/openssl/default.nix
+++ b/pkgs/development/libraries/openssl/default.nix
@@ -1,22 +1,14 @@
{ stdenv, fetchurl, perl
, withCryptodev ? false, cryptodevHeaders }:
+with stdenv.lib;
let
- name = "openssl-1.0.1o";
-
- opensslCrossSystem = stdenv.lib.attrByPath [ "openssl" "system" ]
+ opensslCrossSystem = attrByPath [ "openssl" "system" ]
(throw "openssl needs its platform name cross building" null)
stdenv.cross;
-
- patchesCross = isCross: let
- isDarwin = stdenv.isDarwin || (isCross && stdenv.cross.libc == "libSystem");
- in stdenv.lib.optional isDarwin ./darwin-arch.patch;
-
- extraPatches = stdenv.lib.optional stdenv.isCygwin ./1.0.1-cygwin64.patch;
in
-
-stdenv.mkDerivation {
- inherit name;
+stdenv.mkDerivation rec {
+ name = "openssl-1.0.1o";
src = fetchurl {
urls = [
@@ -26,11 +18,11 @@ stdenv.mkDerivation {
sha1 = "b003e3382607ef2c6d85b51e4ed7a4c0a76b8d5a";
};
- patches = (patchesCross false) ++ extraPatches;
-
- buildInputs = stdenv.lib.optional withCryptodev cryptodevHeaders;
+ patches = optional stdenv.isCygwin ./1.0.1-cygwin64.patch
+ ++ optional (stdenv.isDarwin || (stdenv ? cross && stdenv.cross.libc == "libSystem")) ./darwin-arch.patch;
nativeBuildInputs = [ perl ];
+ buildInputs = stdenv.lib.optional withCryptodev cryptodevHeaders;
# On x86_64-darwin, "./config" misdetects the system as
# "darwin-i386-cc". So specify the system type explicitly.
@@ -39,45 +31,48 @@ stdenv.mkDerivation {
else if stdenv.system == "x86_64-solaris" then "./Configure solaris64-x86_64-gcc"
else "./config";
- configureFlags = "shared --libdir=lib --openssldir=etc/ssl" +
- stdenv.lib.optionalString withCryptodev " -DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS";
+ configureFlags = [
+ "shared"
+ "--libdir=lib"
+ "--openssldir=etc/ssl"
+ ] ++ stdenv.lib.optionals withCryptodev [
+ "-DHAVE_CRYPTODEV"
+ "-DUSE_CRYPTODEV_DIGESTS"
+ ];
- makeFlags = "MANDIR=$(out)/share/man";
+ makeFlags = [
+ "MANDIR=$(out)/share/man"
+ ];
# Parallel building is broken in OpenSSL.
enableParallelBuilding = false;
- postInstall =
- ''
- # If we're building dynamic libraries, then don't install static
- # libraries.
- if [ -n "$(echo $out/lib/*.so $out/lib/*.dylib)" ]; then
- rm "$out/lib/"*.a
- fi
+ postInstall = ''
+ # If we're building dynamic libraries, then don't install static
+ # libraries.
+ if [ -n "$(echo $out/lib/*.so $out/lib/*.dylib $out/lib/*.dll)" ]; then
+ rm "$out/lib/"*.a
+ fi
- # remove dependency on Perl at runtime
- rm -rf $out/etc/ssl/misc
- '';
+ # remove dependency on Perl at runtime
+ rm -r $out/etc/ssl/misc $out/bin/c_rehash
+ '';
+
+ postFixup = ''
+ # Check to make sure we don't depend on perl
+ if grep -r '${perl}' $out; then
+ echo "Found an erroneous dependency on perl ^^^" >&2
+ exit 1
+ fi
+ '';
crossAttrs = {
- patches = patchesCross true;
-
preConfigure=''
# It's configure does not like --build or --host
- export configureFlags="--libdir=lib --cross-compile-prefix=${stdenv.cross.config}- shared ${opensslCrossSystem}"
+ export configureFlags="${concatStringsSep " " (configureFlags ++ [ opensslCrossSystem ])}"
'';
- postInstall = ''
- # Openssl installs readonly files, which otherwise we can't strip.
- # This could at some stdenv hash change be put out of crossAttrs, too
- chmod -R +w $out
-
- # Remove references to perl, to avoid depending on it at runtime
- rm $out/bin/c_rehash $out/ssl/misc/CA.pl $out/ssl/misc/tsget
- '';
configureScript = "./Configure";
- } // stdenv.lib.optionalAttrs (opensslCrossSystem == "darwin64-x86_64-cc") {
- CC = "gcc";
};
meta = {