public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

python3Packages.nassl: 3.0.0 -> 3.1.0

Browse Source
This commit is contained in:
Vincent Haupert 2020-12-04 20:25:13 +01:00 committed by Jonathan Ringer
parent b4659c888e
commit a126dda7bc
2 changed files with 21 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
pkgs/development/python-modules/nassl/default.nix
View File

@ -5,9 +5,9 @@
, pkgsStatic , pkgsStatic
, openssl , openssl
, invoke , invoke
, pytest
, tls-parser , tls-parser
, cacert , cacert
, pytestCheckHook
}: }:
let let
@ -36,17 +36,16 @@ let
opensslStatic = (openssl.override nasslOpensslArgs).overrideAttrs ( opensslStatic = (openssl.override nasslOpensslArgs).overrideAttrs (
oldAttrs: rec { oldAttrs: rec {
name = "openssl-${version}"; name = "openssl-${version}";
version = "1.1.1"; version = "1.1.1h";
src = fetchurl { src = fetchurl {
url = "https://www.openssl.org/source/${name}.tar.gz"; url = "https://www.openssl.org/source/${name}.tar.gz";
sha256 = "0gbab2fjgms1kx5xjvqx8bxhr98k4r8l2fa8vw7kvh491xd8fdi8"; sha256 = "1ncmcnh5bmxkwrvm0m1q4kdcjjfpwvlyjspjhibkxc6p9dvsi72w";
}; };
configureFlags = oldAttrs.configureFlags ++ nasslOpensslFlagsCommon ++ [ configureFlags = oldAttrs.configureFlags ++ nasslOpensslFlagsCommon ++ [
"enable-weak-ssl-ciphers" "enable-weak-ssl-ciphers"
"enable-tls1_3" "enable-tls1_3"
"no-async" "no-async"
]; ];
patches = [ ./nix-ssl-cert-file.patch ];
buildInputs = oldAttrs.buildInputs ++ [ zlibStatic cacert ]; buildInputs = oldAttrs.buildInputs ++ [ zlibStatic cacert ];
} }
); );
@ -68,32 +67,36 @@ let
in in
buildPythonPackage rec { buildPythonPackage rec {
pname = "nassl"; pname = "nassl";
version = "3.0.0"; version = "3.1.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "nabla-c0d3"; owner = "nabla-c0d3";
repo = pname; repo = pname;
rev = version; rev = version;
sha256 = "1dhgkpldadq9hg5isb6mrab7z80sy5bvzad2fb54pihnknfwhp8z"; sha256 = "1x1v0fpb6gcc2r0k2rsy0mc3v25s3qbva78apvi46n08c2l309ci";
}; };
postPatch = '' postPatch = let
mkdir -p deps/openssl-OpenSSL_1_0_2e/ legacyOpenSSLVersion = lib.replaceStrings ["."] ["_"] opensslLegacyStatic.version;
modernOpenSSLVersion = lib.replaceStrings ["."] ["_"] opensslStatic.version;
zlibVersion = zlibStatic.version;
in ''
mkdir -p deps/openssl-OpenSSL_${legacyOpenSSLVersion}/
cp ${opensslLegacyStatic.out}/lib/libssl.a \ cp ${opensslLegacyStatic.out}/lib/libssl.a \
${opensslLegacyStatic.out}/lib/libcrypto.a \ ${opensslLegacyStatic.out}/lib/libcrypto.a \
deps/openssl-OpenSSL_1_0_2e/ deps/openssl-OpenSSL_${legacyOpenSSLVersion}/
ln -s ${opensslLegacyStatic.out.dev}/include deps/openssl-OpenSSL_1_0_2e/include ln -s ${opensslLegacyStatic.out.dev}/include deps/openssl-OpenSSL_${legacyOpenSSLVersion}/include
ln -s ${opensslLegacyStatic.bin}/bin deps/openssl-OpenSSL_1_0_2e/apps ln -s ${opensslLegacyStatic.bin}/bin deps/openssl-OpenSSL_${legacyOpenSSLVersion}/apps
mkdir -p deps/openssl-OpenSSL_1_1_1/ mkdir -p deps/openssl-OpenSSL_${modernOpenSSLVersion}/
cp ${opensslStatic.out}/lib/libssl.a \ cp ${opensslStatic.out}/lib/libssl.a \
${opensslStatic.out}/lib/libcrypto.a \ ${opensslStatic.out}/lib/libcrypto.a \
deps/openssl-OpenSSL_1_1_1/ deps/openssl-OpenSSL_${modernOpenSSLVersion}/
ln -s ${opensslStatic.out.dev}/include deps/openssl-OpenSSL_1_1_1/include ln -s ${opensslStatic.out.dev}/include deps/openssl-OpenSSL_${modernOpenSSLVersion}/include
ln -s ${opensslStatic.bin}/bin deps/openssl-OpenSSL_1_1_1/apps ln -s ${opensslStatic.bin}/bin deps/openssl-OpenSSL_${modernOpenSSLVersion}/apps
mkdir -p deps/zlib-1.2.11/ mkdir -p deps/zlib-${zlibVersion}/
cp ${zlibStatic.out}/lib/libz.a deps/zlib-1.2.11/ cp ${zlibStatic.out}/lib/libz.a deps/zlib-${zlibVersion}/
''; '';
propagatedBuildInputs = [ tls-parser ]; propagatedBuildInputs = [ tls-parser ];
@ -105,7 +108,7 @@ buildPythonPackage rec {
invoke package.wheel invoke package.wheel
''; '';
checkInputs = [ pytest ]; checkInputs = [ pytestCheckHook ];
checkPhase = '' checkPhase = ''
# Skip online tests # Skip online tests

14
pkgs/development/python-modules/nassl/nix-ssl-cert-file.patch
View File

@ -1,14 +0,0 @@
diff -ru -x '*~' openssl-1.0.2j-orig/crypto/x509/by_file.c openssl-1.0.2j/crypto/x509/by_file.c
--- openssl-1.0.2j-orig/crypto/x509/by_file.c 2016-09-26 11:49:07.000000000 +0200
+++ openssl-1.0.2j/crypto/x509/by_file.c 2016-10-13 16:54:31.400288302 +0200
@@ -97,7 +97,9 @@
switch (cmd) {
case X509_L_FILE_LOAD:
if (argl == X509_FILETYPE_DEFAULT) {
- file = getenv(X509_get_default_cert_file_env());
+ file = getenv("NIX_SSL_CERT_FILE");
+ if (!file)
+ file = getenv(X509_get_default_cert_file_env());
if (file)
ok = (X509_load_cert_crl_file(ctx, file,
X509_FILETYPE_PEM) != 0);