openssl_3_2: init at 3.2.0

Signed-off-by: Markus Theil <theil.markus@gmail.com>
2023-11-23 16:01:41 +01:00 · 2023-11-23 16:01:41 +01:00 · 1d19b2cb78
commit 1d19b2cb78
parent 231ffe1942
4 changed files with 51 additions and 1 deletions
--- a/pkgs/development/libraries/openssl/3.2/use-etc-ssl-certs-darwin.patch
+++ b/pkgs/development/libraries/openssl/3.2/use-etc-ssl-certs-darwin.patch
@ -0,0 +1,13 @@
+diff --git a/include/internal/common.h b/include/internal/common.h
+index 15666f1..d91e25b 100644
+--- a/include/internal/common.h
+++ b/include/internal/common.h
+@@ -83,7 +83,7 @@ __owur static ossl_inline int ossl_assert_int(int expr, const char *exprstr,
+ # ifndef OPENSSL_SYS_VMS
+ #  define X509_CERT_AREA          OPENSSLDIR
+ #  define X509_CERT_DIR           OPENSSLDIR "/certs"
+-#  define X509_CERT_FILE          OPENSSLDIR "/cert.pem"
+#  define X509_CERT_FILE          "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
+ #  define X509_PRIVATE_DIR        OPENSSLDIR "/private"
+ #  define CTLOG_FILE              OPENSSLDIR "/ct_log_list.cnf"
+ # else
--- a/pkgs/development/libraries/openssl/3.2/use-etc-ssl-certs.patch
+++ b/pkgs/development/libraries/openssl/3.2/use-etc-ssl-certs.patch
@ -0,0 +1,13 @@
+diff --git a/include/internal/common.h b/include/internal/common.h
+index 15666f1..d91e25b 100644
+--- a/include/internal/common.h
+++ b/include/internal/common.h
+@@ -83,7 +83,7 @@ __owur static ossl_inline int ossl_assert_int(int expr, const char *exprstr,
+ # ifndef OPENSSL_SYS_VMS
+ #  define X509_CERT_AREA          OPENSSLDIR
+ #  define X509_CERT_DIR           OPENSSLDIR "/certs"
+-#  define X509_CERT_FILE          OPENSSLDIR "/cert.pem"
+#  define X509_CERT_FILE          "/etc/ssl/certs/ca-certificates.crt"
+ #  define X509_PRIVATE_DIR        OPENSSLDIR "/private"
+ #  define CTLOG_FILE              OPENSSLDIR "/ct_log_list.cnf"
+ # else
--- a/pkgs/development/libraries/openssl/default.nix
+++ b/pkgs/development/libraries/openssl/default.nix
@ -301,4 +301,27 @@ in {
      license = licenses.asl20;
    };
  };
+
+  openssl_3_2 = common {
+    version = "3.2.0";
+    hash = "sha256-FMgm8Hx+QzcG+1xp+p4l2rlWhIRLTJYqLPG/GD60aQ4=";
+
+    patches = [
+      ./3.0/nix-ssl-cert-file.patch
+
+      # openssl will only compile in KTLS if the current kernel supports it.
+      # This patch disables build-time detection.
+      ./3.0/openssl-disable-kernel-detection.patch
+
+      (if stdenv.hostPlatform.isDarwin
+       then ./3.2/use-etc-ssl-certs-darwin.patch
+       else ./3.2/use-etc-ssl-certs.patch)
+    ];
+
+    withDocs = true;
+
+    extraMeta = with lib; {
+      license = licenses.asl20;
+    };
+  };
 }
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -24402,7 +24402,8 @@ with pkgs;
  inherit (callPackages ../development/libraries/openssl { })
    openssl_1_1
    openssl_3
-    openssl_3_1;
+    openssl_3_1
+    openssl_3_2;

  opensubdiv = callPackage ../development/libraries/opensubdiv { };