From e2e4c1182e837e02deaa41e93e85fc818d316295 Mon Sep 17 00:00:00 2001 From: Russell O'Connor Date: Sat, 21 Mar 2015 17:49:42 -0400 Subject: [PATCH] Update OpenSSL dependency of bitcoin to be the latest OpenSSL. Purge OpenSSL version 1.0.1j. --- pkgs/applications/altcoins/default.nix | 4 +- pkgs/development/libraries/openssl/1.0.1j.nix | 114 ------------------ .../libraries/openssl/cert-file-1.0.1j.patch | 41 ------- .../openssl/no-date-in-library.patch | 12 -- pkgs/top-level/all-packages.nix | 9 -- 5 files changed, 2 insertions(+), 178 deletions(-) delete mode 100644 pkgs/development/libraries/openssl/1.0.1j.nix delete mode 100644 pkgs/development/libraries/openssl/cert-file-1.0.1j.patch delete mode 100644 pkgs/development/libraries/openssl/no-date-in-library.patch diff --git a/pkgs/applications/altcoins/default.nix b/pkgs/applications/altcoins/default.nix index dbf9ac3940c..1196e6d5ebd 100644 --- a/pkgs/applications/altcoins/default.nix +++ b/pkgs/applications/altcoins/default.nix @@ -2,8 +2,8 @@ rec { - bitcoin = callPackage ./bitcoin.nix { openssl = pkgs.openssl_1_0_1j; withGui = true; }; - bitcoind = callPackage ./bitcoin.nix { openssl = pkgs.openssl_1_0_1j; withGui = false; }; + bitcoin = callPackage ./bitcoin.nix { withGui = true; }; + bitcoind = callPackage ./bitcoin.nix { withGui = false; }; darkcoin = callPackage ./darkcoin.nix { withGui = true; }; darkcoind = callPackage ./darkcoin.nix { withGui = false; }; diff --git a/pkgs/development/libraries/openssl/1.0.1j.nix b/pkgs/development/libraries/openssl/1.0.1j.nix deleted file mode 100644 index 541561b0b70..00000000000 --- a/pkgs/development/libraries/openssl/1.0.1j.nix +++ /dev/null @@ -1,114 +0,0 @@ -{ stdenv, fetchurl, perl -, withCryptodev ? false, cryptodevHeaders }: - -let - name = "openssl-1.0.1j"; - - opensslCrossSystem = stdenv.lib.attrByPath [ "openssl" "system" ] - (throw "openssl needs its platform name cross building" null) - stdenv.cross; - - patchesCross = isCross: let - isDarwin = stdenv.isDarwin || (isCross && stdenv.cross.libc == "libSystem"); - in - [ # Allow the location of the X509 certificate file (the CA - # bundle) to be set through the environment variable - # ‘OPENSSL_X509_CERT_FILE’. This is necessary because the - # default location ($out/ssl/cert.pem) doesn't exist, and - # hardcoding something like /etc/ssl/cert.pem is impure and - # cannot be overriden per-process. For security, the - # environment variable is ignored for setuid binaries. - ./cert-file-1.0.1j.patch - # Remove the compilation time from the library - ./no-date-in-library.patch - ] - - ++ stdenv.lib.optionals (isCross && opensslCrossSystem == "hurd-x86") - [ ./cert-file-path-max.patch # merge with `cert-file.patch' eventually - ./gnu.patch # submitted upstream - ] - - ++ stdenv.lib.optionals (stdenv.system == "x86_64-kfreebsd-gnu") - [ ./gnu.patch - ./kfreebsd-gnu.patch - ] - - ++ stdenv.lib.optional isDarwin ./darwin-arch.patch; - -in - -stdenv.mkDerivation { - inherit name; - - src = fetchurl { - urls = [ - "http://www.openssl.org/source/${name}.tar.gz" - "http://openssl.linux-mirror.org/source/${name}.tar.gz" - ]; - sha256 = "1wzdaiix40lz0rsyf51qv0wiq4ywp29j5ni0xzl06vxsi63wlq0v"; - }; - - patches = patchesCross false; - - buildInputs = stdenv.lib.optional withCryptodev cryptodevHeaders; - - nativeBuildInputs = [ perl ]; - - # On x86_64-darwin, "./config" misdetects the system as - # "darwin-i386-cc". So specify the system type explicitly. - configureScript = - if stdenv.system == "x86_64-darwin" then "./Configure darwin64-x86_64-cc" - else if stdenv.system == "x86_64-solaris" then "./Configure solaris64-x86_64-gcc" - else "./config"; - - configureFlags = "shared --libdir=lib --openssldir=etc/ssl" + - stdenv.lib.optionalString withCryptodev " -DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS" + - stdenv.lib.optionalString (stdenv.system == "x86_64-cygwin") " no-asm"; - - preBuild = stdenv.lib.optionalString (stdenv.system == "x86_64-cygwin") '' - sed -i -e "s|-march=i486|-march=x86-64|g" Makefile - ''; - - makeFlags = "MANDIR=$(out)/share/man"; - - # Parallel building is broken in OpenSSL. - enableParallelBuilding = false; - - postInstall = - '' - # If we're building dynamic libraries, then don't install static - # libraries. - if [ -n "$(echo $out/lib/*.so $out/lib/*.dylib)" ]; then - rm $out/lib/*.a - fi - ''; # */ - - crossAttrs = { - patches = patchesCross true; - - preConfigure='' - # It's configure does not like --build or --host - export configureFlags="--libdir=lib --cross-compile-prefix=${stdenv.cross.config}- shared ${opensslCrossSystem}" - ''; - - postInstall = '' - # Openssl installs readonly files, which otherwise we can't strip. - # This could at some stdenv hash change be put out of crossAttrs, too - chmod -R +w $out - - # Remove references to perl, to avoid depending on it at runtime - rm $out/bin/c_rehash $out/ssl/misc/CA.pl $out/ssl/misc/tsget - ''; - configureScript = "./Configure"; - } // stdenv.lib.optionalAttrs (opensslCrossSystem == "darwin64-x86_64-cc") { - CC = "gcc"; - }; - - meta = { - homepage = http://www.openssl.org/; - description = "A cryptographic library that implements the SSL and TLS protocols"; - platforms = stdenv.lib.platforms.all; - maintainers = [ stdenv.lib.maintainers.simons ]; - priority = 10; # resolves collision with ‘man-pages’ - }; -} diff --git a/pkgs/development/libraries/openssl/cert-file-1.0.1j.patch b/pkgs/development/libraries/openssl/cert-file-1.0.1j.patch deleted file mode 100644 index 26b51c0295e..00000000000 --- a/pkgs/development/libraries/openssl/cert-file-1.0.1j.patch +++ /dev/null @@ -1,41 +0,0 @@ -diff -ru -x '*~' openssl-1.0.0e-orig/crypto/x509/x509_def.c openssl-1.0.0e/crypto/x509/x509_def.c ---- openssl-1.0.0e-orig/crypto/x509/x509_def.c 1999-09-11 19:54:11.000000000 +0200 -+++ openssl-1.0.0e/crypto/x509/x509_def.c 2011-09-12 18:30:59.386501609 +0200 -@@ -57,6 +57,10 @@ - */ - - #include -+#include -+#include -+#include -+#include - #include "cryptlib.h" - #include - #include -@@ -71,7 +75,25 @@ - { return(X509_CERT_DIR); } - - const char *X509_get_default_cert_file(void) -- { return(X509_CERT_FILE); } -+ { -+ static char buf[PATH_MAX] = X509_CERT_FILE; -+ static int init = 0; -+ if (!init) { -+ init = 1; -+ char * s = getenv("OPENSSL_X509_CERT_FILE"); -+ if (s) { -+#ifndef OPENSSL_SYS_WINDOWS -+ if (getuid() == geteuid()) { -+#endif -+ strncpy(buf, s, sizeof(buf)); -+ buf[sizeof(buf) - 1] = 0; -+#ifndef OPENSSL_SYS_WINDOWS -+ } -+#endif -+ } -+ } -+ return buf; -+ } - - const char *X509_get_default_cert_dir_env(void) - { return(X509_CERT_DIR_EVP); } diff --git a/pkgs/development/libraries/openssl/no-date-in-library.patch b/pkgs/development/libraries/openssl/no-date-in-library.patch deleted file mode 100644 index 3eb501dfa02..00000000000 --- a/pkgs/development/libraries/openssl/no-date-in-library.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -ur openssl-1.0.1f.orig/crypto/Makefile openssl-1.0.1f/crypto/Makefile ---- openssl-1.0.1f.orig/crypto/Makefile 2014-01-06 15:35:56.000000000 +0100 -+++ openssl-1.0.1f/crypto/Makefile 2014-04-09 13:05:28.071346204 +0200 -@@ -57,7 +57,7 @@ - echo ' /* auto-generated by crypto/Makefile for crypto/cversion.c */'; \ - echo ' #define CFLAGS "$(CC) $(CFLAG)"'; \ - echo ' #define PLATFORM "$(PLATFORM)"'; \ -- echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \ -+ echo " #define DATE \"Thu Jan 1 00:00:01 UTC 1970\""; \ - echo '#endif' ) >buildinf.h - - x86cpuid.s: x86cpuid.pl perlasm/x86asm.pl diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 0ebe98e8ab7..90325f9b38f 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7109,15 +7109,6 @@ let }; }; - # bitcoin 0.9.3 requires openssl 1.0.1j - openssl_1_0_1j = callPackage ../development/libraries/openssl/1.0.1j.nix { - fetchurl = fetchurlBoot; - cryptodevHeaders = linuxPackages.cryptodev.override { - fetchurl = fetchurlBoot; - onlyHeaders = true; - }; - }; - ortp = callPackage ../development/libraries/ortp { srtp = srtp_linphone; };