[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/04: gnu: mbedtls-apache: Update to 2.23.0 [security fixes].
From: |
guix-commits |
Subject: |
01/04: gnu: mbedtls-apache: Update to 2.23.0 [security fixes]. |
Date: |
Mon, 13 Jul 2020 21:25:17 -0400 (EDT) |
nckx pushed a commit to branch master
in repository guix.
commit 927ecd4ebe234b46d6386a61e1b9a11bd4d3243c
Author: Tobias Geerinckx-Rice <me@tobias.gr>
AuthorDate: Tue Jul 14 03:06:05 2020 +0200
gnu: mbedtls-apache: Update to 2.23.0 [security fixes].
* gnu/packages/tls.scm (mbedtls-apache): Update to 2.23.0.
[source]: Use GIT-FETCH and GIT-FILE-NAME.
[arguments]: Make source files writable. Enable threading.
---
gnu/packages/tls.scm | 35 ++++++++++++++++++++++++++---------
1 file changed, 26 insertions(+), 9 deletions(-)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 37f62c9..1003ae8 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -891,22 +891,39 @@ then ported to the GNU / Linux environment.")
(define-public mbedtls-apache
(package
(name "mbedtls-apache")
- (version "2.16.6")
+ ;; XXX Check whether ‘-Wformat-signedness’ below still breaks when
updating.
+ (version "2.23.0")
(source
(origin
- (method url-fetch)
- ;; XXX: The download links on the website are script redirection links
- ;; which effectively lead to the format listed in the uri here.
- (uri (string-append "https://tls.mbed.org/download/mbedtls-"
- version "-apache.tgz"))
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/ARMmbed/mbedtls")
+ (commit (string-append "mbedtls-" version))))
(sha256
- (base32
- "0w0p51vx0cc6fyqfdn59669q6n4187vi64fw5ha302hrlqimwib6"))))
+ (base32 "13fa9h2i989cbf8n8c0j019mshv6wg213va18my1s787lhcq2d62"))
+ (file-name (git-file-name name version))))
(build-system cmake-build-system)
(arguments
`(#:configure-flags
(list "-DUSE_SHARED_MBEDTLS_LIBRARY=ON"
- "-DUSE_STATIC_MBEDTLS_LIBRARY=OFF")))
+ "-DUSE_STATIC_MBEDTLS_LIBRARY=OFF")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'make-source-writable
+ (lambda _
+ (for-each make-file-writable (find-files "."))
+ #t))
+ (add-before 'configure 'enable-features
+ ;; Some packages like Hiawatha depend on ’less embedded’ features.
+ (lambda _
+ (substitute* "include/mbedtls/config.h"
+ (("//(#define MBEDTLS_THREADING_(C|PTHREAD))"
+ _ match)
+ match))
+ ;; XXX The above enables code that breaks with -Werror…
+ (substitute* "CMakeLists.txt"
+ ((" -Wformat-signedness") ""))
+ #t)))))
(native-inputs
`(("perl" ,perl)
("python" ,python)))