mirror of
https://codeberg.org/guix/guix.git
synced 2025-10-02 02:15:12 +00:00
gnu: nss-certs: Relocate to (gnu packages nss).
This is made so that the source can be shared without introducing module circular dependencies. * gnu/packages/certs.scm (nss-certs) (nss-certs-for-test): Move to... * gnu/packages/nss.scm: ... here. Adjust the module imports via: git grep -l '(gnu packages certs)' | xargs sed 's/(gnu packages certs)/(gnu packages nss)/' -i Change-Id: I56d7bc52ddcdffbced8a162e8db8ea5071b0cb0f
This commit is contained in:
Maxim Cournoyer
Andreas Enge
parent
4918534be1
commit
af9e540b71
29 changed files with 156 additions and 177 deletions
|
|
@ -43,7 +43,7 @@
|
||||||
#:use-module (gnu packages boost)
|
#:use-module (gnu packages boost)
|
||||||
#:use-module (gnu packages build-tools)
|
#:use-module (gnu packages build-tools)
|
||||||
#:use-module (gnu packages c)
|
#:use-module (gnu packages c)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages cmake)
|
#:use-module (gnu packages cmake)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
|
|
|
||||||
|
|
@ -47,7 +47,7 @@
|
||||||
#:use-module (gnu packages base)
|
#:use-module (gnu packages base)
|
||||||
#:use-module (gnu packages bash)
|
#:use-module (gnu packages bash)
|
||||||
#:use-module (gnu packages c)
|
#:use-module (gnu packages c)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
#:use-module (gnu packages databases)
|
#:use-module (gnu packages databases)
|
||||||
|
|
|
||||||
|
|
@ -137,6 +137,7 @@
|
||||||
#:use-module (gnu packages mpi)
|
#:use-module (gnu packages mpi)
|
||||||
#:use-module (gnu packages ncurses)
|
#:use-module (gnu packages ncurses)
|
||||||
#:use-module (gnu packages node)
|
#:use-module (gnu packages node)
|
||||||
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages ocaml)
|
#:use-module (gnu packages ocaml)
|
||||||
#:use-module (gnu packages pcre)
|
#:use-module (gnu packages pcre)
|
||||||
#:use-module (gnu packages package-management)
|
#:use-module (gnu packages package-management)
|
||||||
|
|
|
||||||
|
|
@ -59,7 +59,7 @@
|
||||||
#:use-module (gnu packages autotools)
|
#:use-module (gnu packages autotools)
|
||||||
#:use-module (gnu packages bash)
|
#:use-module (gnu packages bash)
|
||||||
#:use-module (gnu packages boost)
|
#:use-module (gnu packages boost)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages cmake)
|
#:use-module (gnu packages cmake)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
|
|
|
||||||
|
|
@ -1,13 +1,8 @@
|
||||||
;;; GNU Guix --- Functional package management for GNU
|
;;; GNU Guix --- Functional package management for GNU
|
||||||
;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
|
|
||||||
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
|
|
||||||
;;; Copyright © 2016-2017, 2021-2022 Ludovic Courtès <ludo@gnu.org>
|
;;; Copyright © 2016-2017, 2021-2022 Ludovic Courtès <ludo@gnu.org>
|
||||||
;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
|
;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
|
||||||
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
|
|
||||||
;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
||||||
;;; Copyright © 2021 Efraim Flashner <efraim@flashner.co.il>
|
|
||||||
;;; Copyright © 2021 Raghav Gururajan <rg@raghavgururajan.name>
|
;;; Copyright © 2021 Raghav Gururajan <rg@raghavgururajan.name>
|
||||||
;;; Copyright © 2024 Zheng Junjie <873216071@qq.com>
|
|
||||||
;;;
|
;;;
|
||||||
;;; This file is part of GNU Guix.
|
;;; This file is part of GNU Guix.
|
||||||
;;;
|
;;;
|
||||||
|
|
@ -26,7 +21,6 @@
|
||||||
|
|
||||||
(define-module (gnu packages certs)
|
(define-module (gnu packages certs)
|
||||||
#:use-module ((guix licenses) #:prefix license:)
|
#:use-module ((guix licenses) #:prefix license:)
|
||||||
#:use-module ((guix search-paths) #:select ($SSL_CERT_DIR $SSL_CERT_FILE))
|
|
||||||
#:use-module (guix packages)
|
#:use-module (guix packages)
|
||||||
#:use-module (guix utils)
|
#:use-module (guix utils)
|
||||||
#:use-module (guix download)
|
#:use-module (guix download)
|
||||||
|
|
@ -36,11 +30,51 @@
|
||||||
#:use-module (guix build-system gnu)
|
#:use-module (guix build-system gnu)
|
||||||
#:use-module (guix build-system trivial)
|
#:use-module (guix build-system trivial)
|
||||||
#:use-module (gnu packages)
|
#:use-module (gnu packages)
|
||||||
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages curl)
|
#:use-module (gnu packages curl)
|
||||||
#:use-module (gnu packages python)
|
#:use-module (gnu packages python)
|
||||||
#:use-module (gnu packages perl)
|
#:use-module (gnu packages perl)
|
||||||
#:use-module (gnu packages tls))
|
#:use-module (gnu packages tls))
|
||||||
|
|
||||||
|
(define-public certdata2pem
|
||||||
|
(let ((revision "1")
|
||||||
|
(commit "4c576f350f44186d439179f63d5be19f710a73f5"))
|
||||||
|
(package
|
||||||
|
(name "certdata2pem")
|
||||||
|
(version "0.0.0") ;no version
|
||||||
|
(source (origin
|
||||||
|
(method url-fetch)
|
||||||
|
(uri (string-append
|
||||||
|
"https://raw.githubusercontent.com/sabotage-linux/sabotage/"
|
||||||
|
commit "/KEEP/certdata2pem.c"))
|
||||||
|
(sha256
|
||||||
|
(base32
|
||||||
|
"1rywp29q4l1cs2baplkbcravxqs4kw2cys4yifhfznbc210pskq6"))))
|
||||||
|
(build-system gnu-build-system)
|
||||||
|
(arguments
|
||||||
|
`(#:phases (modify-phases %standard-phases
|
||||||
|
(delete 'configure)
|
||||||
|
(add-before 'build 'fix-extension
|
||||||
|
(lambda _
|
||||||
|
(substitute* "certdata2pem.c"
|
||||||
|
(("\\.crt")
|
||||||
|
".pem"))))
|
||||||
|
(replace 'build
|
||||||
|
(lambda _
|
||||||
|
(invoke ,(cc-for-target) "certdata2pem.c"
|
||||||
|
"-o" "certdata2pem")))
|
||||||
|
(delete 'check) ;no test suite
|
||||||
|
(replace 'install
|
||||||
|
(lambda* (#:key outputs #:allow-other-keys)
|
||||||
|
(let ((out (assoc-ref outputs "out")))
|
||||||
|
(install-file "certdata2pem"
|
||||||
|
(string-append out "/bin"))))))))
|
||||||
|
(home-page "https://github.com/sabotage-linux/")
|
||||||
|
(synopsis "Utility to split TLS certificates data into multiple PEM files")
|
||||||
|
(description "This is a C version of the certdata2pem Python utility
|
||||||
|
that was originally contributed to Debian.")
|
||||||
|
(license license:isc))))
|
||||||
|
|
||||||
(define-public desec-certbot-hook
|
(define-public desec-certbot-hook
|
||||||
(let ((commit "68da7abc0793602fd336962a7e2348b57c5d6fd6")
|
(let ((commit "68da7abc0793602fd336962a7e2348b57c5d6fd6")
|
||||||
(revision "0"))
|
(revision "0"))
|
||||||
|
|
@ -88,151 +122,6 @@ port forwarding to your local machine.")
|
||||||
(home-page "https://desec.io")
|
(home-page "https://desec.io")
|
||||||
(license license:expat))))
|
(license license:expat))))
|
||||||
|
|
||||||
(define-public certdata2pem
|
|
||||||
(let ((revision "1")
|
|
||||||
(commit "4c576f350f44186d439179f63d5be19f710a73f5"))
|
|
||||||
(package
|
|
||||||
(name "certdata2pem")
|
|
||||||
(version "0.0.0") ;no version
|
|
||||||
(source (origin
|
|
||||||
(method url-fetch)
|
|
||||||
(uri (string-append
|
|
||||||
"https://raw.githubusercontent.com/sabotage-linux/sabotage/"
|
|
||||||
commit "/KEEP/certdata2pem.c"))
|
|
||||||
(sha256
|
|
||||||
(base32
|
|
||||||
"1rywp29q4l1cs2baplkbcravxqs4kw2cys4yifhfznbc210pskq6"))))
|
|
||||||
(build-system gnu-build-system)
|
|
||||||
(arguments
|
|
||||||
`(#:phases (modify-phases %standard-phases
|
|
||||||
(delete 'configure)
|
|
||||||
(add-before 'build 'fix-extension
|
|
||||||
(lambda _
|
|
||||||
(substitute* "certdata2pem.c"
|
|
||||||
(("\\.crt")
|
|
||||||
".pem"))))
|
|
||||||
(replace 'build
|
|
||||||
(lambda _
|
|
||||||
(invoke ,(cc-for-target) "certdata2pem.c"
|
|
||||||
"-o" "certdata2pem")))
|
|
||||||
(delete 'check) ;no test suite
|
|
||||||
(replace 'install
|
|
||||||
(lambda* (#:key outputs #:allow-other-keys)
|
|
||||||
(let ((out (assoc-ref outputs "out")))
|
|
||||||
(install-file "certdata2pem"
|
|
||||||
(string-append out "/bin"))))))))
|
|
||||||
(home-page "https://github.com/sabotage-linux/")
|
|
||||||
(synopsis "Utility to split TLS certificates data into multiple PEM files")
|
|
||||||
(description "This is a C version of the certdata2pem Python utility
|
|
||||||
that was originally contributed to Debian.")
|
|
||||||
(license license:isc))))
|
|
||||||
|
|
||||||
(define-public nss-certs
|
|
||||||
(package
|
|
||||||
(name "nss-certs")
|
|
||||||
;; FIXME We used to refer to the nss package here, but that eventually caused
|
|
||||||
;; module cycles. The below is a quick copy-paste job that must be kept in
|
|
||||||
;; sync manually. Surely there's a better way…?
|
|
||||||
(version "3.99")
|
|
||||||
(source (origin
|
|
||||||
(method url-fetch)
|
|
||||||
(uri (let ((version-with-underscores
|
|
||||||
(string-join (string-split version #\.) "_")))
|
|
||||||
(string-append
|
|
||||||
"https://ftp.mozilla.org/pub/mozilla.org/security/nss/"
|
|
||||||
"releases/NSS_" version-with-underscores "_RTM/src/"
|
|
||||||
"nss-" version ".tar.gz")))
|
|
||||||
(sha256
|
|
||||||
(base32
|
|
||||||
"1g89ig40gfi1sp02gybvl2z818lawcnrqjzsws36cdva834c5maw"))
|
|
||||||
;; Create nss.pc and nss-config.
|
|
||||||
(patches (search-patches "nss-3.56-pkgconfig.patch"
|
|
||||||
"nss-getcwd-nonnull.patch"
|
|
||||||
"nss-increase-test-timeout.patch"))
|
|
||||||
(modules '((guix build utils)))
|
|
||||||
(snippet
|
|
||||||
'(begin
|
|
||||||
;; Delete the bundled copy of these libraries.
|
|
||||||
(delete-file-recursively "nss/lib/zlib")
|
|
||||||
(delete-file-recursively "nss/lib/sqlite")))))
|
|
||||||
(build-system gnu-build-system)
|
|
||||||
(outputs '("out"))
|
|
||||||
(native-inputs
|
|
||||||
(list certdata2pem openssl))
|
|
||||||
(inputs '())
|
|
||||||
(propagated-inputs '())
|
|
||||||
(arguments
|
|
||||||
(list #:modules '((guix build gnu-build-system)
|
|
||||||
(guix build utils)
|
|
||||||
(rnrs io ports)
|
|
||||||
(srfi srfi-26))
|
|
||||||
#:phases
|
|
||||||
#~(modify-phases
|
|
||||||
(map (cut assq <> %standard-phases)
|
|
||||||
'(set-paths install-locale unpack))
|
|
||||||
(add-after 'unpack 'install
|
|
||||||
(lambda _
|
|
||||||
(let ((certsdir (string-append #$output
|
|
||||||
"/etc/ssl/certs/")))
|
|
||||||
(with-directory-excursion "nss/lib/ckfw/builtins/"
|
|
||||||
(unless (file-exists? "blacklist.txt")
|
|
||||||
(call-with-output-file "blacklist.txt" (const #t)))
|
|
||||||
;; Extract selected single certificates from blob.
|
|
||||||
(invoke "certdata2pem")
|
|
||||||
;; Copy .pem files into the output.
|
|
||||||
(for-each (cut install-file <> certsdir)
|
|
||||||
(find-files "." ".*\\.pem$")))
|
|
||||||
(invoke "openssl" "rehash" certsdir)))))))
|
|
||||||
(synopsis "CA certificates from Mozilla")
|
|
||||||
(description
|
|
||||||
"This package provides certificates for Certification Authorities (CA)
|
|
||||||
taken from the NSS package and thus ultimately from the Mozilla project.")
|
|
||||||
(home-page "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS")
|
|
||||||
(license license:mpl2.0)))
|
|
||||||
|
|
||||||
(define-public nss-certs-for-test
|
|
||||||
(hidden-package
|
|
||||||
(package
|
|
||||||
(inherit nss-certs)
|
|
||||||
(name "nss-certs-for-test")
|
|
||||||
(source #f)
|
|
||||||
(build-system trivial-build-system)
|
|
||||||
(native-inputs (list nss-certs))
|
|
||||||
(inputs '())
|
|
||||||
(propagated-inputs '())
|
|
||||||
(arguments
|
|
||||||
(list #:modules '((guix build utils)
|
|
||||||
(rnrs io ports)
|
|
||||||
(srfi srfi-26))
|
|
||||||
#:builder
|
|
||||||
#~(begin
|
|
||||||
(use-modules (guix build utils)
|
|
||||||
(rnrs io ports)
|
|
||||||
(srfi srfi-26))
|
|
||||||
(define certs-dir (string-append #$output "/etc/ssl/certs/"))
|
|
||||||
(define ca-files
|
|
||||||
(find-files (string-append #+(this-package-native-input
|
|
||||||
"nss-certs")
|
|
||||||
"/etc/ssl/certs")
|
|
||||||
(lambda (file stat)
|
|
||||||
(string-suffix? ".pem" file))))
|
|
||||||
(define (concatenate-files files result)
|
|
||||||
"Make RESULT the concatenation of all of FILES."
|
|
||||||
(define (dump file port)
|
|
||||||
(display (call-with-input-file file get-string-all) port)
|
|
||||||
(newline port))
|
|
||||||
(call-with-output-file result
|
|
||||||
(lambda (port)
|
|
||||||
(for-each (cut dump <> port) files))))
|
|
||||||
|
|
||||||
(mkdir-p certs-dir)
|
|
||||||
(concatenate-files
|
|
||||||
ca-files (string-append certs-dir "/ca-certificates.crt"))
|
|
||||||
(for-each (cut install-file <> certs-dir) ca-files))))
|
|
||||||
(native-search-paths
|
|
||||||
(list $SSL_CERT_DIR
|
|
||||||
$SSL_CERT_FILE)))))
|
|
||||||
|
|
||||||
(define-public le-certs
|
(define-public le-certs
|
||||||
(package
|
(package
|
||||||
(name "le-certs")
|
(name "le-certs")
|
||||||
|
|
|
||||||
|
|
@ -83,7 +83,7 @@
|
||||||
#:use-module (gnu packages crates-check)
|
#:use-module (gnu packages crates-check)
|
||||||
#:use-module (gnu packages crates-graphics)
|
#:use-module (gnu packages crates-graphics)
|
||||||
#:use-module (gnu packages crates-io)
|
#:use-module (gnu packages crates-io)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages cmake)
|
#:use-module (gnu packages cmake)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
#:use-module (gnu packages cpp)
|
#:use-module (gnu packages cpp)
|
||||||
|
|
|
||||||
|
|
@ -84,7 +84,7 @@
|
||||||
#:use-module (gnu packages base)
|
#:use-module (gnu packages base)
|
||||||
#:use-module (gnu packages bash)
|
#:use-module (gnu packages bash)
|
||||||
#:use-module (gnu packages c)
|
#:use-module (gnu packages c)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages cmake)
|
#:use-module (gnu packages cmake)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
#:use-module (gnu packages cpp)
|
#:use-module (gnu packages cpp)
|
||||||
|
|
|
||||||
|
|
@ -92,7 +92,7 @@
|
||||||
#:use-module (gnu packages bash)
|
#:use-module (gnu packages bash)
|
||||||
#:use-module (gnu packages bison)
|
#:use-module (gnu packages bison)
|
||||||
#:use-module (gnu packages boost)
|
#:use-module (gnu packages boost)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages cmake)
|
#:use-module (gnu packages cmake)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
|
|
|
||||||
|
|
@ -74,7 +74,7 @@
|
||||||
#:use-module (gnu packages bash)
|
#:use-module (gnu packages bash)
|
||||||
#:use-module (gnu packages build-tools)
|
#:use-module (gnu packages build-tools)
|
||||||
#:use-module (gnu packages c)
|
#:use-module (gnu packages c)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
#:use-module (gnu packages crypto)
|
#:use-module (gnu packages crypto)
|
||||||
|
|
|
||||||
|
|
@ -78,7 +78,7 @@
|
||||||
#:use-module (gnu packages build-tools)
|
#:use-module (gnu packages build-tools)
|
||||||
#:use-module (gnu packages busybox)
|
#:use-module (gnu packages busybox)
|
||||||
#:use-module (gnu packages c)
|
#:use-module (gnu packages c)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages cmake)
|
#:use-module (gnu packages cmake)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
|
|
|
||||||
|
|
@ -58,7 +58,7 @@
|
||||||
#:use-module (gnu packages autotools)
|
#:use-module (gnu packages autotools)
|
||||||
#:use-module (gnu packages base)
|
#:use-module (gnu packages base)
|
||||||
#:use-module (gnu packages bash)
|
#:use-module (gnu packages bash)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages cpio)
|
#:use-module (gnu packages cpio)
|
||||||
#:use-module (gnu packages cups)
|
#:use-module (gnu packages cups)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
|
|
|
||||||
|
|
@ -77,7 +77,7 @@
|
||||||
#:use-module (gnu packages cmake)
|
#:use-module (gnu packages cmake)
|
||||||
#:use-module (gnu packages boost)
|
#:use-module (gnu packages boost)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages code)
|
#:use-module (gnu packages code)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
#:use-module (gnu packages cpp)
|
#:use-module (gnu packages cpp)
|
||||||
|
|
|
||||||
|
|
@ -31,7 +31,7 @@
|
||||||
#:use-module ((guix licenses) #:prefix license:)
|
#:use-module ((guix licenses) #:prefix license:)
|
||||||
#:use-module (guix packages)
|
#:use-module (guix packages)
|
||||||
#:use-module (gnu packages bdw-gc)
|
#:use-module (gnu packages bdw-gc)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages parallel)
|
#:use-module (gnu packages parallel)
|
||||||
#:use-module (gnu packages pcre)
|
#:use-module (gnu packages pcre)
|
||||||
#:use-module (gnu packages sqlite)
|
#:use-module (gnu packages sqlite)
|
||||||
|
|
|
||||||
|
|
@ -1,12 +1,13 @@
|
||||||
;;; GNU Guix --- Functional package management for GNU
|
;;; GNU Guix --- Functional package management for GNU
|
||||||
;;; Copyright © 2013-2019, 2023 Ludovic Courtès <ludo@gnu.org>
|
;;; Copyright © 2013-2019, 2023 Ludovic Courtès <ludo@gnu.org>
|
||||||
;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2021 Mark H Weaver <mhw@netris.org>
|
;;; Copyright © 2014-2021 Mark H Weaver <mhw@netris.org>
|
||||||
;;; Copyright © 2016-2019, 2021-2024 Efraim Flashner <efraim@flashner.co.il>
|
;;; Copyright © 2016-2019, 2021-2024 Efraim Flashner <efraim@flashner.co.il>
|
||||||
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
|
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
|
||||||
;;; Copyright © 2020, 2021 Marius Bakke <marius@gnu.org>
|
;;; Copyright © 2020, 2021 Marius Bakke <marius@gnu.org>
|
||||||
;;; Copyright © 2020 Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
;;; Copyright © 2020 Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
||||||
;;; Copyright © 2021, 2022, 2023, 2024 Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
;;; Copyright © 2021-2025 Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
||||||
;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
|
;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
|
||||||
|
;;; Copyright © 2024 Zheng Junjie <873216071@qq.com>
|
||||||
;;;
|
;;;
|
||||||
;;; This file is part of GNU Guix.
|
;;; This file is part of GNU Guix.
|
||||||
;;;
|
;;;
|
||||||
|
|
@ -25,6 +26,7 @@
|
||||||
|
|
||||||
(define-module (gnu packages nss)
|
(define-module (gnu packages nss)
|
||||||
#:use-module (guix packages)
|
#:use-module (guix packages)
|
||||||
|
#:use-module ((guix search-paths) #:select ($SSL_CERT_DIR $SSL_CERT_FILE))
|
||||||
#:use-module (guix utils)
|
#:use-module (guix utils)
|
||||||
#:use-module (guix gexp)
|
#:use-module (guix gexp)
|
||||||
#:use-module (guix download)
|
#:use-module (guix download)
|
||||||
|
|
@ -32,10 +34,12 @@
|
||||||
#:use-module (guix build-system cargo)
|
#:use-module (guix build-system cargo)
|
||||||
#:use-module (guix build-system gnu)
|
#:use-module (guix build-system gnu)
|
||||||
#:use-module (guix build-system mozilla)
|
#:use-module (guix build-system mozilla)
|
||||||
|
#:use-module (guix build-system trivial)
|
||||||
#:use-module ((guix licenses) #:prefix license:)
|
#:use-module ((guix licenses) #:prefix license:)
|
||||||
#:use-module (gnu packages)
|
#:use-module (gnu packages)
|
||||||
#:use-module (gnu packages base)
|
#:use-module (gnu packages base)
|
||||||
#:use-module (gnu packages bash)
|
#:use-module (gnu packages bash)
|
||||||
|
#:use-module (gnu packages certs)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages crates-check)
|
#:use-module (gnu packages crates-check)
|
||||||
#:use-module (gnu packages crates-io)
|
#:use-module (gnu packages crates-io)
|
||||||
|
|
@ -43,6 +47,7 @@
|
||||||
#:use-module (gnu packages perl)
|
#:use-module (gnu packages perl)
|
||||||
#:use-module (gnu packages sqlite)
|
#:use-module (gnu packages sqlite)
|
||||||
#:use-module (gnu packages time)
|
#:use-module (gnu packages time)
|
||||||
|
#:use-module (gnu packages tls)
|
||||||
#:use-module (srfi srfi-1)
|
#:use-module (srfi srfi-1)
|
||||||
#:use-module (srfi srfi-26))
|
#:use-module (srfi srfi-26))
|
||||||
|
|
||||||
|
|
@ -349,6 +354,88 @@ security standards.
|
||||||
|
|
||||||
This package tracks the Rapid Release channel, which updates frequently.")))
|
This package tracks the Rapid Release channel, which updates frequently.")))
|
||||||
|
|
||||||
|
(define-public nss-certs
|
||||||
|
(package
|
||||||
|
(inherit nss)
|
||||||
|
(name "nss-certs")
|
||||||
|
(build-system gnu-build-system)
|
||||||
|
(outputs '("out"))
|
||||||
|
(native-inputs
|
||||||
|
(list certdata2pem openssl))
|
||||||
|
(inputs '())
|
||||||
|
(propagated-inputs '())
|
||||||
|
(arguments
|
||||||
|
(list #:modules '((guix build gnu-build-system)
|
||||||
|
(guix build utils)
|
||||||
|
(rnrs io ports)
|
||||||
|
(srfi srfi-26))
|
||||||
|
#:phases
|
||||||
|
#~(modify-phases
|
||||||
|
(map (cut assq <> %standard-phases)
|
||||||
|
'(set-paths install-locale unpack))
|
||||||
|
(add-after 'unpack 'install
|
||||||
|
(lambda _
|
||||||
|
(let ((certsdir (string-append #$output
|
||||||
|
"/etc/ssl/certs/")))
|
||||||
|
(with-directory-excursion "nss/lib/ckfw/builtins/"
|
||||||
|
(unless (file-exists? "blacklist.txt")
|
||||||
|
(call-with-output-file "blacklist.txt" (const #t)))
|
||||||
|
;; Extract selected single certificates from blob.
|
||||||
|
(invoke "certdata2pem")
|
||||||
|
;; Copy .pem files into the output.
|
||||||
|
(for-each (cut install-file <> certsdir)
|
||||||
|
(find-files "." ".*\\.pem$")))
|
||||||
|
(invoke "openssl" "rehash" certsdir)))))))
|
||||||
|
(synopsis "CA certificates from Mozilla")
|
||||||
|
(description
|
||||||
|
"This package provides certificates for Certification Authorities (CA)
|
||||||
|
taken from the NSS package and thus ultimately from the Mozilla project.")
|
||||||
|
(home-page "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS")
|
||||||
|
(license license:mpl2.0)))
|
||||||
|
|
||||||
|
(define-public nss-certs-for-test
|
||||||
|
(hidden-package
|
||||||
|
(package
|
||||||
|
(inherit nss-certs)
|
||||||
|
(name "nss-certs-for-test")
|
||||||
|
(source #f)
|
||||||
|
(build-system trivial-build-system)
|
||||||
|
(native-inputs (list nss-certs))
|
||||||
|
(inputs '())
|
||||||
|
(propagated-inputs '())
|
||||||
|
(arguments
|
||||||
|
(list #:modules '((guix build utils)
|
||||||
|
(rnrs io ports)
|
||||||
|
(srfi srfi-26))
|
||||||
|
#:builder
|
||||||
|
#~(begin
|
||||||
|
(use-modules (guix build utils)
|
||||||
|
(rnrs io ports)
|
||||||
|
(srfi srfi-26))
|
||||||
|
(define certs-dir (string-append #$output "/etc/ssl/certs/"))
|
||||||
|
(define ca-files
|
||||||
|
(find-files (string-append #+(this-package-native-input
|
||||||
|
"nss-certs")
|
||||||
|
"/etc/ssl/certs")
|
||||||
|
(lambda (file stat)
|
||||||
|
(string-suffix? ".pem" file))))
|
||||||
|
(define (concatenate-files files result)
|
||||||
|
"Make RESULT the concatenation of all of FILES."
|
||||||
|
(define (dump file port)
|
||||||
|
(display (call-with-input-file file get-string-all) port)
|
||||||
|
(newline port))
|
||||||
|
(call-with-output-file result
|
||||||
|
(lambda (port)
|
||||||
|
(for-each (cut dump <> port) files))))
|
||||||
|
|
||||||
|
(mkdir-p certs-dir)
|
||||||
|
(concatenate-files
|
||||||
|
ca-files (string-append certs-dir "/ca-certificates.crt"))
|
||||||
|
(for-each (cut install-file <> certs-dir) ca-files))))
|
||||||
|
(native-search-paths
|
||||||
|
(list $SSL_CERT_DIR
|
||||||
|
$SSL_CERT_FILE)))))
|
||||||
|
|
||||||
(define-public nsncd
|
(define-public nsncd
|
||||||
(package
|
(package
|
||||||
(name "nsncd")
|
(name "nsncd")
|
||||||
|
|
|
||||||
|
|
@ -22,7 +22,7 @@
|
||||||
(define-module (gnu packages pypy)
|
(define-module (gnu packages pypy)
|
||||||
#:use-module ((guix licenses) #:prefix license:)
|
#:use-module ((guix licenses) #:prefix license:)
|
||||||
#:use-module (gnu packages base)
|
#:use-module (gnu packages base)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
#:use-module (gnu packages dbm)
|
#:use-module (gnu packages dbm)
|
||||||
#:use-module (gnu packages libffi)
|
#:use-module (gnu packages libffi)
|
||||||
|
|
|
||||||
|
|
@ -55,7 +55,7 @@
|
||||||
#:use-module (gnu packages admin)
|
#:use-module (gnu packages admin)
|
||||||
#:use-module (gnu packages base)
|
#:use-module (gnu packages base)
|
||||||
#:use-module (gnu packages bash)
|
#:use-module (gnu packages bash)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages django)
|
#:use-module (gnu packages django)
|
||||||
#:use-module (gnu packages jupyter)
|
#:use-module (gnu packages jupyter)
|
||||||
|
|
|
||||||
|
|
@ -57,7 +57,7 @@
|
||||||
#:use-module (guix build-system python)
|
#:use-module (guix build-system python)
|
||||||
#:use-module (guix utils)
|
#:use-module (guix utils)
|
||||||
#:use-module (gnu packages)
|
#:use-module (gnu packages)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages crates-io)
|
#:use-module (gnu packages crates-io)
|
||||||
#:use-module (gnu packages crates-tls)
|
#:use-module (gnu packages crates-tls)
|
||||||
|
|
|
||||||
|
|
@ -107,7 +107,7 @@
|
||||||
#:use-module (gnu packages admin)
|
#:use-module (gnu packages admin)
|
||||||
#:use-module (gnu packages base)
|
#:use-module (gnu packages base)
|
||||||
#:use-module (gnu packages bash)
|
#:use-module (gnu packages bash)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages cmake)
|
#:use-module (gnu packages cmake)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
|
|
|
||||||
|
|
@ -197,7 +197,7 @@
|
||||||
#:use-module (gnu packages bdw-gc)
|
#:use-module (gnu packages bdw-gc)
|
||||||
#:use-module (gnu packages bioinformatics)
|
#:use-module (gnu packages bioinformatics)
|
||||||
#:use-module (gnu packages build-tools)
|
#:use-module (gnu packages build-tools)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages cmake)
|
#:use-module (gnu packages cmake)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
|
|
|
||||||
|
|
@ -47,7 +47,7 @@
|
||||||
#:use-module (guix build-system pyproject)
|
#:use-module (guix build-system pyproject)
|
||||||
#:use-module ((guix licenses) #:prefix license:)
|
#:use-module ((guix licenses) #:prefix license:)
|
||||||
#:use-module (gnu packages)
|
#:use-module (gnu packages)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages fonts)
|
#:use-module (gnu packages fonts)
|
||||||
#:use-module (gnu packages fontutils)
|
#:use-module (gnu packages fontutils)
|
||||||
|
|
|
||||||
|
|
@ -80,6 +80,7 @@
|
||||||
#:use-module (gnu packages golang-xyz)
|
#:use-module (gnu packages golang-xyz)
|
||||||
#:use-module (gnu packages java)
|
#:use-module (gnu packages java)
|
||||||
#:use-module (gnu packages ncurses)
|
#:use-module (gnu packages ncurses)
|
||||||
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages pcre)
|
#:use-module (gnu packages pcre)
|
||||||
#:use-module (gnu packages perl)
|
#:use-module (gnu packages perl)
|
||||||
#:use-module (gnu packages pkg-config)
|
#:use-module (gnu packages pkg-config)
|
||||||
|
|
|
||||||
|
|
@ -75,6 +75,7 @@
|
||||||
#:use-module (gnu packages ncurses)
|
#:use-module (gnu packages ncurses)
|
||||||
#:use-module (gnu packages nettle)
|
#:use-module (gnu packages nettle)
|
||||||
#:use-module (gnu packages networking)
|
#:use-module (gnu packages networking)
|
||||||
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages perl)
|
#:use-module (gnu packages perl)
|
||||||
#:use-module (gnu packages pkg-config)
|
#:use-module (gnu packages pkg-config)
|
||||||
#:use-module (gnu packages python)
|
#:use-module (gnu packages python)
|
||||||
|
|
|
||||||
|
|
@ -130,7 +130,7 @@
|
||||||
#:use-module (gnu packages bittorrent)
|
#:use-module (gnu packages bittorrent)
|
||||||
#:use-module (gnu packages boost)
|
#:use-module (gnu packages boost)
|
||||||
#:use-module (gnu packages cdrom)
|
#:use-module (gnu packages cdrom)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages cmake)
|
#:use-module (gnu packages cmake)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
|
|
|
||||||
|
|
@ -130,7 +130,7 @@
|
||||||
#:use-module (gnu packages bittorrent)
|
#:use-module (gnu packages bittorrent)
|
||||||
#:use-module (gnu packages boost)
|
#:use-module (gnu packages boost)
|
||||||
#:use-module (gnu packages build-tools)
|
#:use-module (gnu packages build-tools)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages check)
|
#:use-module (gnu packages check)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
#:use-module (gnu packages cpp)
|
#:use-module (gnu packages cpp)
|
||||||
|
|
|
||||||
|
|
@ -27,7 +27,7 @@
|
||||||
#:use-module ((gnu packages base)
|
#:use-module ((gnu packages base)
|
||||||
#:select (canonical-package findutils coreutils sed))
|
#:select (canonical-package findutils coreutils sed))
|
||||||
#:use-module (gnu packages file-systems)
|
#:use-module (gnu packages file-systems)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages disk)
|
#:use-module (gnu packages disk)
|
||||||
#:use-module (gnu packages package-management)
|
#:use-module (gnu packages package-management)
|
||||||
#:use-module (gnu packages linux)
|
#:use-module (gnu packages linux)
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,7 @@
|
||||||
#:use-module (gnu services shepherd)
|
#:use-module (gnu services shepherd)
|
||||||
#:use-module (gnu system shadow)
|
#:use-module (gnu system shadow)
|
||||||
#:use-module (gnu packages admin)
|
#:use-module (gnu packages admin)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages glib)
|
#:use-module (gnu packages glib)
|
||||||
#:use-module (gnu packages guile-xyz)
|
#:use-module (gnu packages guile-xyz)
|
||||||
#:use-module (gnu packages jami)
|
#:use-module (gnu packages jami)
|
||||||
|
|
|
||||||
|
|
@ -51,7 +51,7 @@
|
||||||
#:use-module (gnu packages admin)
|
#:use-module (gnu packages admin)
|
||||||
#:use-module (gnu packages base)
|
#:use-module (gnu packages base)
|
||||||
#:use-module (gnu packages bash)
|
#:use-module (gnu packages bash)
|
||||||
#:use-module ((gnu packages certs) #:select (nss-certs))
|
#:use-module ((gnu packages nss) #:select (nss-certs))
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
#:use-module (gnu packages cross-base)
|
#:use-module (gnu packages cross-base)
|
||||||
#:use-module (gnu packages firmware)
|
#:use-module (gnu packages firmware)
|
||||||
|
|
|
||||||
|
|
@ -27,7 +27,7 @@
|
||||||
#:use-module (gnu packages admin)
|
#:use-module (gnu packages admin)
|
||||||
#:use-module (gnu packages base)
|
#:use-module (gnu packages base)
|
||||||
#:use-module (gnu packages bash)
|
#:use-module (gnu packages bash)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (gnu packages compression)
|
#:use-module (gnu packages compression)
|
||||||
#:use-module (gnu packages cross-base)
|
#:use-module (gnu packages cross-base)
|
||||||
#:use-module (gnu packages file)
|
#:use-module (gnu packages file)
|
||||||
|
|
|
||||||
|
|
@ -22,7 +22,7 @@
|
||||||
#:use-module (gnu bootloader u-boot)
|
#:use-module (gnu bootloader u-boot)
|
||||||
#:use-module (gnu image)
|
#:use-module (gnu image)
|
||||||
#:use-module (gnu packages linux)
|
#:use-module (gnu packages linux)
|
||||||
#:use-module (gnu packages certs)
|
#:use-module (gnu packages nss)
|
||||||
#:use-module (guix platforms arm)
|
#:use-module (guix platforms arm)
|
||||||
#:use-module (gnu services)
|
#:use-module (gnu services)
|
||||||
#:use-module (gnu services base)
|
#:use-module (gnu services base)
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue