mbedtls: cmake&ninja, threading, clean-up; hiawatha: options, Nix mbedtls (#41722)

* mbedtls: build with cmake&ninja, clean-up * mbedtls: cmake ninja Darwin build clean-up * hiawatha: add build options, use system mbedTLS, platforms -> unix
2018-06-28 23:25:19 +03:00
parent 9fcc63abb5
commit c876db629d
2 changed files with 39 additions and 57 deletions
--- a/pkgs/development/libraries/mbedtls/default.nix
+++ b/pkgs/development/libraries/mbedtls/default.nix
@@ -1,7 +1,16 @@
-{ stdenv, fetchFromGitHub, perl }:
+{ stdenv
+, fetchFromGitHub
+
+, cmake
+, ninja
+, perl # Project uses Perl for scripting and testing
+
+, enableThreading ? true # Threading can be disabled to increase security https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
+}:

 stdenv.mkDerivation rec {
-  name = "mbedtls-2.11.0";
+  name = "mbedtls-${version}";
+  version = "2.11.0";

  src = fetchFromGitHub {
    owner = "ARMmbed";
@@ -10,47 +19,19 @@ stdenv.mkDerivation rec {
    sha256 = "1d4a0jc08q3h051amv8hhh3hmqp4f1rk5z7ffyfs2g8dassm78ir";
  };

-  nativeBuildInputs = [ perl ];
+  nativeBuildInputs = [ cmake ninja perl ];

-  postPatch = ''
-    patchShebangs .
-  '' + stdenv.lib.optionalString stdenv.isDarwin ''
-    substituteInPlace library/Makefile --replace "-soname" "-install_name"
-    substituteInPlace tests/scripts/run-test-suites.pl --replace "LD_LIBRARY_PATH" "DYLD_LIBRARY_PATH"
-    # Necessary for install_name_tool below
-    echo "LOCAL_LDFLAGS += -headerpad_max_install_names" >> programs/Makefile
+  postConfigure = stdenv.lib.optionals enableThreading ''
+    perl scripts/config.pl set MBEDTLS_THREADING_C    # Threading abstraction layer
+    perl scripts/config.pl set MBEDTLS_THREADING_PTHREAD    # POSIX thread wrapper layer for the threading layer.
  '';

-  makeFlags = [
-    "SHARED=1"
-  ] ++ stdenv.lib.optionals stdenv.isDarwin [
-    "DLEXT=dylib"
-  ];
-
-  installFlags = [
-    "DESTDIR=\${out}"
-  ];
-
-  postInstall = stdenv.lib.optionalString stdenv.isDarwin ''
-    install_name_tool -change libmbedcrypto.dylib $out/lib/libmbedcrypto.dylib $out/lib/libmbedtls.dylib
-    install_name_tool -change libmbedcrypto.dylib $out/lib/libmbedcrypto.dylib $out/lib/libmbedx509.dylib
-    install_name_tool -change libmbedx509.dylib $out/lib/libmbedx509.dylib $out/lib/libmbedtls.dylib
-
-    for exe in $out/bin/*; do
-      if [[ $exe != *.sh ]]; then
-        install_name_tool -change libmbedtls.dylib $out/lib/libmbedtls.dylib $exe
-        install_name_tool -change libmbedx509.dylib $out/lib/libmbedx509.dylib $exe
-        install_name_tool -change libmbedcrypto.dylib $out/lib/libmbedcrypto.dylib $exe
-      fi
-    done
-  '';
-
-  doCheck = true;
+  cmakeFlags = [ "-DUSE_SHARED_MBEDTLS_LIBRARY=on" ];

  meta = with stdenv.lib; {
    homepage = https://tls.mbed.org/;
-    description = "Portable cryptographic and SSL/TLS library, aka polarssl";
-    license = licenses.gpl3;
+    description = "Portable cryptographic and TLS library, formerly known as PolarSSL";
+    license = licenses.asl20;
    platforms = platforms.all;
    maintainers = with maintainers; [ wkennington fpletz ];
  };