commit a126dda7bc2b8198300b55da0cf58ac2fcbd2c0d · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

python3Packages.nassl: 3.0.0 -> 3.1.0

authored by Vincent Haupert and committed by Jonathan Ringer 5 years ago a126dda7 b4659c88

+21 -32

2 changed files

expand all

unified split

pkgs

development

python-modules

nassl

default.nix

nix-ssl-cert-file.patch

+21 -18

pkgs/development/python-modules/nassl/default.nix

··· 5 5 , pkgsStatic 6 6 , openssl 7 7 , invoke 8 - , pytest 9 8 , tls-parser 10 9 , cacert 10 + , pytestCheckHook 11 11 }: 12 12 13 13 let ··· 36 36 opensslStatic = (openssl.override nasslOpensslArgs).overrideAttrs ( 37 37 oldAttrs: rec { 38 38 name = "openssl-${version}"; 39 - version = "1.1.1"; 39 + version = "1.1.1h"; 40 40 src = fetchurl { 41 41 url = "https://www.openssl.org/source/${name}.tar.gz"; 42 - sha256 = "0gbab2fjgms1kx5xjvqx8bxhr98k4r8l2fa8vw7kvh491xd8fdi8"; 42 + sha256 = "1ncmcnh5bmxkwrvm0m1q4kdcjjfpwvlyjspjhibkxc6p9dvsi72w"; 43 43 }; 44 44 configureFlags = oldAttrs.configureFlags ++ nasslOpensslFlagsCommon ++ [ 45 45 "enable-weak-ssl-ciphers" 46 46 "enable-tls1_3" 47 47 "no-async" 48 48 ]; 49 - patches = [ ./nix-ssl-cert-file.patch ]; 50 49 buildInputs = oldAttrs.buildInputs ++ [ zlibStatic cacert ]; 51 50 } 52 51 ); ··· 68 67 in 69 68 buildPythonPackage rec { 70 69 pname = "nassl"; 71 - version = "3.0.0"; 70 + version = "3.1.0"; 72 71 73 72 src = fetchFromGitHub { 74 73 owner = "nabla-c0d3"; 75 74 repo = pname; 76 75 rev = version; 77 - sha256 = "1dhgkpldadq9hg5isb6mrab7z80sy5bvzad2fb54pihnknfwhp8z"; 76 + sha256 = "1x1v0fpb6gcc2r0k2rsy0mc3v25s3qbva78apvi46n08c2l309ci"; 78 77 }; 79 78 80 - postPatch = '' 81 - mkdir -p deps/openssl-OpenSSL_1_0_2e/ 79 + postPatch = let 80 + legacyOpenSSLVersion = lib.replaceStrings ["."] ["_"] opensslLegacyStatic.version; 81 + modernOpenSSLVersion = lib.replaceStrings ["."] ["_"] opensslStatic.version; 82 + zlibVersion = zlibStatic.version; 83 + in '' 84 + mkdir -p deps/openssl-OpenSSL_${legacyOpenSSLVersion}/ 82 85 cp ${opensslLegacyStatic.out}/lib/libssl.a \ 83 86 ${opensslLegacyStatic.out}/lib/libcrypto.a \ 84 - deps/openssl-OpenSSL_1_0_2e/ 85 - ln -s ${opensslLegacyStatic.out.dev}/include deps/openssl-OpenSSL_1_0_2e/include 86 - ln -s ${opensslLegacyStatic.bin}/bin deps/openssl-OpenSSL_1_0_2e/apps 87 + deps/openssl-OpenSSL_${legacyOpenSSLVersion}/ 88 + ln -s ${opensslLegacyStatic.out.dev}/include deps/openssl-OpenSSL_${legacyOpenSSLVersion}/include 89 + ln -s ${opensslLegacyStatic.bin}/bin deps/openssl-OpenSSL_${legacyOpenSSLVersion}/apps 87 90 88 - mkdir -p deps/openssl-OpenSSL_1_1_1/ 91 + mkdir -p deps/openssl-OpenSSL_${modernOpenSSLVersion}/ 89 92 cp ${opensslStatic.out}/lib/libssl.a \ 90 93 ${opensslStatic.out}/lib/libcrypto.a \ 91 - deps/openssl-OpenSSL_1_1_1/ 92 - ln -s ${opensslStatic.out.dev}/include deps/openssl-OpenSSL_1_1_1/include 93 - ln -s ${opensslStatic.bin}/bin deps/openssl-OpenSSL_1_1_1/apps 94 + deps/openssl-OpenSSL_${modernOpenSSLVersion}/ 95 + ln -s ${opensslStatic.out.dev}/include deps/openssl-OpenSSL_${modernOpenSSLVersion}/include 96 + ln -s ${opensslStatic.bin}/bin deps/openssl-OpenSSL_${modernOpenSSLVersion}/apps 94 97 95 - mkdir -p deps/zlib-1.2.11/ 96 - cp ${zlibStatic.out}/lib/libz.a deps/zlib-1.2.11/ 98 + mkdir -p deps/zlib-${zlibVersion}/ 99 + cp ${zlibStatic.out}/lib/libz.a deps/zlib-${zlibVersion}/ 97 100 ''; 98 101 99 102 propagatedBuildInputs = [ tls-parser ]; ··· 105 108 invoke package.wheel 106 109 ''; 107 110 108 - checkInputs = [ pytest ]; 111 + checkInputs = [ pytestCheckHook ]; 109 112 110 113 checkPhase = '' 111 114 # Skip online tests

-14

pkgs/development/python-modules/nassl/nix-ssl-cert-file.patch

··· 1 - diff -ru -x '*~' openssl-1.0.2j-orig/crypto/x509/by_file.c openssl-1.0.2j/crypto/x509/by_file.c 2 - --- openssl-1.0.2j-orig/crypto/x509/by_file.c 2016-09-26 11:49:07.000000000 +0200 3 - +++ openssl-1.0.2j/crypto/x509/by_file.c 2016-10-13 16:54:31.400288302 +0200 4 - @@ -97,7 +97,9 @@ 5 - switch (cmd) { 6 - case X509_L_FILE_LOAD: 7 - if (argl == X509_FILETYPE_DEFAULT) { 8 - - file = getenv(X509_get_default_cert_file_env()); 9 - + file = getenv("NIX_SSL_CERT_FILE"); 10 - + if (!file) 11 - + file = getenv(X509_get_default_cert_file_env()); 12 - if (file) 13 - ok = (X509_load_cert_crl_file(ctx, file, 14 - X509_FILETYPE_PEM) != 0);