* [PATCH 1/2] gnu: Add mbedtls.
@ 2017-01-25 12:25 contact.ng0
2017-01-25 12:29 ` ng0
2017-01-26 3:11 ` Leo Famulari
0 siblings, 2 replies; 9+ messages in thread
From: contact.ng0 @ 2017-01-25 12:25 UTC (permalink / raw)
To: guix-devel; +Cc: ng0
From: ng0 <ng0@libertad.pw>
* gnu/packages/tls.scm (mbedtls): New variable.
---
gnu/packages/tls.scm | 36 +++++++++++++++++++++++++++++++++++-
1 file changed, 35 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 1198eb7d0..aa6837f78 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -7,7 +7,7 @@
;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2015, 2016, 2017 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
-;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;;
;;; This file is part of GNU Guix.
@@ -33,9 +33,12 @@
#:use-module (guix build-system gnu)
#:use-module (guix build-system perl)
#:use-module (guix build-system python)
+ #:use-module (guix build-system cmake)
#:use-module (gnu packages compression)
+ #:use-module (gnu packages documentation)
#:use-module (gnu packages)
#:use-module (gnu packages guile)
+ #:use-module (gnu packages graphviz)
#:use-module (gnu packages libbsd)
#:use-module (gnu packages libffi)
#:use-module (gnu packages libidn)
@@ -769,3 +772,34 @@ then ported to the GNU / Linux environment.")
;; acme-client is distributed under the ISC license, but the files 'jsmn.h'
;; and 'jsmn.c' are distributed under the Expat license.
(license (list license:isc license:expat))))
+
+(define-public mbedtls
+ (package
+ (name "mbedtls")
+ (version "2.4.1")
+ (source
+ (origin
+ (method url-fetch)
+ ;; FIXME: Tarball on tls.mbed.org can no be fetched by our downloader.
+ (uri (string-append "https://github.com/ARMmbed/mbedtls/archive"
+ "/mbedtls-" version ".tar.gz"))
+ (file-name (string-append name "-" version ".tgz"))
+ (sha256
+ (base32
+ "1jzl99vkrddyjb1ldxygnql1hlxx846drvqpiwf6nhphw5czx18c"))))
+ (build-system cmake-build-system)
+ (native-inputs
+ `(("perl" ,perl) ; Tests
+ ("doxygen" ,doxygen)
+ ("graphviz" ,graphviz)))
+ (inputs
+ `(("zlib" ,zlib)
+ ("openssl" ,openssl)))
+ (synopsis "Small TLS library")
+ (description
+ "@code{mbed TLS}, formerly known as PolarSSL, makes it trivially easy
+for developers to include cryptographic and SSL/TLS capabilities in their
+(embedded) products, facilitating this functionality with a minimal
+coding footprint.")
+ (home-page "https://tls.mbed.org")
+ (license license:asl2.0)))
--
2.11.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 1/2] gnu: Add mbedtls.
2017-01-25 12:25 [PATCH 1/2] gnu: Add mbedtls contact.ng0
@ 2017-01-25 12:29 ` ng0
2017-01-26 3:11 ` Leo Famulari
1 sibling, 0 replies; 9+ messages in thread
From: ng0 @ 2017-01-25 12:29 UTC (permalink / raw)
To: guix-devel
Actually it is 1/2 because this is a requirement for hiawatha
webserver, but I checked the bin/hello of mbedtls and it
worked. I'm positive this is functional without the need for a
PoC application which depends on it.
contact.ng0@cryptolab.net writes:
> From: ng0 <ng0@libertad.pw>
>
> * gnu/packages/tls.scm (mbedtls): New variable.
> ---
> gnu/packages/tls.scm | 36 +++++++++++++++++++++++++++++++++++-
> 1 file changed, 35 insertions(+), 1 deletion(-)
>
> diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
> index 1198eb7d0..aa6837f78 100644
> --- a/gnu/packages/tls.scm
> +++ b/gnu/packages/tls.scm
> @@ -7,7 +7,7 @@
> ;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name>
> ;;; Copyright © 2015, 2016, 2017 Leo Famulari <leo@famulari.name>
> ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
> -;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
> +;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
> ;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
> ;;;
> ;;; This file is part of GNU Guix.
> @@ -33,9 +33,12 @@
> #:use-module (guix build-system gnu)
> #:use-module (guix build-system perl)
> #:use-module (guix build-system python)
> + #:use-module (guix build-system cmake)
> #:use-module (gnu packages compression)
> + #:use-module (gnu packages documentation)
> #:use-module (gnu packages)
> #:use-module (gnu packages guile)
> + #:use-module (gnu packages graphviz)
> #:use-module (gnu packages libbsd)
> #:use-module (gnu packages libffi)
> #:use-module (gnu packages libidn)
> @@ -769,3 +772,34 @@ then ported to the GNU / Linux environment.")
> ;; acme-client is distributed under the ISC license, but the files 'jsmn.h'
> ;; and 'jsmn.c' are distributed under the Expat license.
> (license (list license:isc license:expat))))
> +
> +(define-public mbedtls
> + (package
> + (name "mbedtls")
> + (version "2.4.1")
> + (source
> + (origin
> + (method url-fetch)
> + ;; FIXME: Tarball on tls.mbed.org can no be fetched by our downloader.
> + (uri (string-append "https://github.com/ARMmbed/mbedtls/archive"
> + "/mbedtls-" version ".tar.gz"))
> + (file-name (string-append name "-" version ".tgz"))
> + (sha256
> + (base32
> + "1jzl99vkrddyjb1ldxygnql1hlxx846drvqpiwf6nhphw5czx18c"))))
> + (build-system cmake-build-system)
> + (native-inputs
> + `(("perl" ,perl) ; Tests
> + ("doxygen" ,doxygen)
> + ("graphviz" ,graphviz)))
> + (inputs
> + `(("zlib" ,zlib)
> + ("openssl" ,openssl)))
> + (synopsis "Small TLS library")
> + (description
> + "@code{mbed TLS}, formerly known as PolarSSL, makes it trivially easy
> +for developers to include cryptographic and SSL/TLS capabilities in their
> +(embedded) products, facilitating this functionality with a minimal
> +coding footprint.")
> + (home-page "https://tls.mbed.org")
> + (license license:asl2.0)))
> --
> 2.11.0
>
>
--
♥Ⓐ ng0 -- https://www.inventati.org/patternsinthechaos/
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 1/2] gnu: Add mbedtls.
2017-01-25 12:25 [PATCH 1/2] gnu: Add mbedtls contact.ng0
2017-01-25 12:29 ` ng0
@ 2017-01-26 3:11 ` Leo Famulari
2017-01-26 14:48 ` ng0
1 sibling, 1 reply; 9+ messages in thread
From: Leo Famulari @ 2017-01-26 3:11 UTC (permalink / raw)
To: contact.ng0; +Cc: guix-devel, ng0
On Wed, Jan 25, 2017 at 12:25:17PM +0000, contact.ng0@cryptolab.net wrote:
> * gnu/packages/tls.scm (mbedtls): New variable.
> + ;; FIXME: Tarball on tls.mbed.org can no be fetched by our downloader.
Please add a comment explaining what goes wrong.
> + (native-inputs
> + `(("perl" ,perl) ; Tests
> + ("doxygen" ,doxygen)
> + ("graphviz" ,graphviz)))
> + (inputs
> + `(("zlib" ,zlib)
> + ("openssl" ,openssl)))
The only dependency it needs to build is Perl.
The rest can be missing and mbedtls will still pass its test suite.
Doxygen seems unused; no documentation is installed when its available.
If they are available, zlib and openssl are not referred to by the output
(checked with `guix gc --references`).
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 1/2] gnu: Add mbedtls.
2017-01-26 3:11 ` Leo Famulari
@ 2017-01-26 14:48 ` ng0
2017-01-26 15:40 ` mbedtls, v2 contact.ng0
0 siblings, 1 reply; 9+ messages in thread
From: ng0 @ 2017-01-26 14:48 UTC (permalink / raw)
To: Leo Famulari; +Cc: guix-devel
Leo Famulari <leo@famulari.name> writes:
> On Wed, Jan 25, 2017 at 12:25:17PM +0000, contact.ng0@cryptolab.net wrote:
>> * gnu/packages/tls.scm (mbedtls): New variable.
>
>> + ;; FIXME: Tarball on tls.mbed.org can no be fetched by our downloader.
>
> Please add a comment explaining what goes wrong.
>
>> + (native-inputs
>> + `(("perl" ,perl) ; Tests
>> + ("doxygen" ,doxygen)
>> + ("graphviz" ,graphviz)))
>> + (inputs
>> + `(("zlib" ,zlib)
>> + ("openssl" ,openssl)))
>
> The only dependency it needs to build is Perl.
>
> The rest can be missing and mbedtls will still pass its test suite.
>
> Doxygen seems unused; no documentation is installed when its available.
>
> If they are available, zlib and openssl are not referred to by the output
> (checked with `guix gc --references`).
Good catch, seems like some things have indeed changed since I
wrote the Gentoo ebuild. Check yourself I guess...
Thanks!
These are small changes, I see to send them in today. Thanks for
the review.
--
♥Ⓐ ng0 -- https://www.inventati.org/patternsinthechaos/
^ permalink raw reply [flat|nested] 9+ messages in thread
* mbedtls, v2
2017-01-26 14:48 ` ng0
@ 2017-01-26 15:40 ` contact.ng0
2017-01-26 15:40 ` [PATCH 1/2] gnu: Add mbedtls contact.ng0
2017-01-27 16:11 ` Add: mbedtls (v3), and hiawatha contact.ng0
0 siblings, 2 replies; 9+ messages in thread
From: contact.ng0 @ 2017-01-26 15:40 UTC (permalink / raw)
To: guix-devel
It really seems to require perl only. Fixed the download, removed the unnecessary inputs.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 1/2] gnu: Add mbedtls.
2017-01-26 15:40 ` mbedtls, v2 contact.ng0
@ 2017-01-26 15:40 ` contact.ng0
2017-01-27 16:11 ` Add: mbedtls (v3), and hiawatha contact.ng0
1 sibling, 0 replies; 9+ messages in thread
From: contact.ng0 @ 2017-01-26 15:40 UTC (permalink / raw)
To: guix-devel; +Cc: ng0
From: ng0 <ng0@libertad.pw>
* gnu/packages/tls.scm (mbedtls): New variable.
---
gnu/packages/tls.scm | 29 ++++++++++++++++++++++++++++-
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 1198eb7d0..4da442a1d 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -7,7 +7,7 @@
;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2015, 2016, 2017 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
-;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;;
;;; This file is part of GNU Guix.
@@ -33,6 +33,7 @@
#:use-module (guix build-system gnu)
#:use-module (guix build-system perl)
#:use-module (guix build-system python)
+ #:use-module (guix build-system cmake)
#:use-module (gnu packages compression)
#:use-module (gnu packages)
#:use-module (gnu packages guile)
@@ -769,3 +770,29 @@ then ported to the GNU / Linux environment.")
;; acme-client is distributed under the ISC license, but the files 'jsmn.h'
;; and 'jsmn.c' are distributed under the Expat license.
(license (list license:isc license:expat))))
+
+(define-public mbedtls
+ (package
+ (name "mbedtls")
+ (version "2.4.0")
+ (source
+ (origin
+ (method url-fetch)
+ ;; XXX: The download links on the website are script redirection links
+ ;; which effectively lead to the format listed in the uri here.
+ (uri (string-append "https://tls.mbed.org/download/mbedtls-"
+ version "-apache.tgz"))
+ (sha256
+ (base32
+ "03bzbfidigljva6xj49k38q3kwlbj75lrky4a0ainylzsfg5bhy1"))))
+ (build-system cmake-build-system)
+ (native-inputs
+ `(("perl" ,perl)))
+ (synopsis "Small TLS library")
+ (description
+ "@code{mbed TLS}, formerly known as PolarSSL, makes it trivially easy
+for developers to include cryptographic and SSL/TLS capabilities in their
+(embedded) products, facilitating this functionality with a minimal
+coding footprint.")
+ (home-page "https://tls.mbed.org")
+ (license license:asl2.0)))
--
2.11.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Add: mbedtls (v3), and hiawatha
2017-01-26 15:40 ` mbedtls, v2 contact.ng0
2017-01-26 15:40 ` [PATCH 1/2] gnu: Add mbedtls contact.ng0
@ 2017-01-27 16:11 ` contact.ng0
2017-01-27 16:11 ` [PATCH 1/2] gnu: Add mbedtls-apache contact.ng0
2017-01-27 16:11 ` [PATCH 2/2] gnu: Add hiawatha contact.ng0
1 sibling, 2 replies; 9+ messages in thread
From: contact.ng0 @ 2017-01-27 16:11 UTC (permalink / raw)
To: guix-devel
Hi,
this adds mbedtls with hiawatha as an application using it.
As hiawatha is a webserver, we'll need a short service to make it usable
but this was the reason I packaged mbedtls.
Changes:
"mbedtls" was renamed to "mbedtls-apache":
This is prefered upstream variant, and also the version hiawatha ships with.
As noted in the patch, "mbedtls-gpl" exists.
Added an explanation to (source) of mbedtls-apache for future updaters.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 1/2] gnu: Add mbedtls-apache.
2017-01-27 16:11 ` Add: mbedtls (v3), and hiawatha contact.ng0
@ 2017-01-27 16:11 ` contact.ng0
2017-01-27 16:11 ` [PATCH 2/2] gnu: Add hiawatha contact.ng0
1 sibling, 0 replies; 9+ messages in thread
From: contact.ng0 @ 2017-01-27 16:11 UTC (permalink / raw)
To: guix-devel; +Cc: ng0
From: ng0 <ng0@libertad.pw>
* gnu/packages/tls.scm (mbedtls-apache): New variable.
---
gnu/packages/tls.scm | 31 ++++++++++++++++++++++++++++++-
1 file changed, 30 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index c3f2d9ba1..11a4fe496 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -7,7 +7,7 @@
;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2015, 2016, 2017 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
-;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;;
;;; This file is part of GNU Guix.
@@ -33,6 +33,7 @@
#:use-module (guix build-system gnu)
#:use-module (guix build-system perl)
#:use-module (guix build-system python)
+ #:use-module (guix build-system cmake)
#:use-module (gnu packages compression)
#:use-module (gnu packages)
#:use-module (gnu packages guile)
@@ -791,3 +792,31 @@ then ported to the GNU / Linux environment.")
;; acme-client is distributed under the ISC license, but the files 'jsmn.h'
;; and 'jsmn.c' are distributed under the Expat license.
(license (list license:isc license:expat))))
+
+;; The "-apache" variant is the upstreamed prefered variant. A "-gpl"
+;; variant exists in addition to the "-apache" one.
+(define-public mbedtls-apache
+ (package
+ (name "mbedtls-apache")
+ (version "2.4.0")
+ (source
+ (origin
+ (method url-fetch)
+ ;; XXX: The download links on the website are script redirection links
+ ;; which effectively lead to the format listed in the uri here.
+ (uri (string-append "https://tls.mbed.org/download/mbedtls-"
+ version "-apache.tgz"))
+ (sha256
+ (base32
+ "03bzbfidigljva6xj49k38q3kwlbj75lrky4a0ainylzsfg5bhy1"))))
+ (build-system cmake-build-system)
+ (native-inputs
+ `(("perl" ,perl)))
+ (synopsis "Small TLS library")
+ (description
+ "@code{mbed TLS}, formerly known as PolarSSL, makes it trivially easy
+for developers to include cryptographic and SSL/TLS capabilities in their
+(embedded) products, facilitating this functionality with a minimal
+coding footprint.")
+ (home-page "https://tls.mbed.org")
+ (license license:asl2.0)))
--
2.11.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 2/2] gnu: Add hiawatha.
2017-01-27 16:11 ` Add: mbedtls (v3), and hiawatha contact.ng0
2017-01-27 16:11 ` [PATCH 1/2] gnu: Add mbedtls-apache contact.ng0
@ 2017-01-27 16:11 ` contact.ng0
1 sibling, 0 replies; 9+ messages in thread
From: contact.ng0 @ 2017-01-27 16:11 UTC (permalink / raw)
To: guix-devel; +Cc: ng0
From: ng0 <ng0@libertad.pw>
* gnu/packages/web.scm (hiawatha): New variable.
---
gnu/packages/web.scm | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 56 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 67b9797bb..48f1f867d 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -13,7 +13,7 @@
;;; Copyright © 2016 Rene Saavedra <rennes@openmailbox.org>
;;; Copyright © 2016 Ben Woodcroft <donttrustben@gmail.com>
;;; Copyright © 2016 Clément Lassieur <clement@lassieur.org>
-;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2016 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2016 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2016 Bake Timmons <b3timmons@speedymail.org>
@@ -3995,3 +3995,58 @@ programs' code. Its architecture is optimized for security, portability, and
scalability (including load-balancing), making it suitable for large
deployments.")
(license l:gpl2+)))
+
+(define-public hiawatha
+ (package
+ (name "hiawatha")
+ (version "10.4")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://www.hiawatha-webserver.org/files/"
+ "hiawatha-" version ".tar.gz"))
+ (modules '((guix build utils)))
+ (snippet
+ ;; We use our packaged mbedtls, so delete the included copy.
+ '(delete-file-recursively "mbedtls"))
+ (sha256
+ (base32
+ "0m2llzm72s29c32abnj03532m85fawvi8ybjpx6s3mgvx2yvq3p4"))))
+ (build-system cmake-build-system)
+ (arguments
+ `(#:tests? #f ; No tests included
+ #:configure-flags (list (string-append "-DUSE_SYSTEM_MBEDTLS=on")
+ (string-append "-DENABLE_TOMAHAWK=on")
+ (string-append "-DWEBROOT_DIR="
+ (assoc-ref %outputs "out")
+ "/share/hiawatha/html"))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'install 'remove-empty-dirs
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out")))
+ ;; The directories in "var" are empty, remove them.
+ (delete-file-recursively (string-append out "/var"))
+ #t)))
+ (add-after 'install 'wrap
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; Make sure 'hiawatha' finds 'mbedtls'.
+ (let* ((out (assoc-ref outputs "out"))
+ (sbin (string-append out "/sbin"))
+ (mbed (assoc-ref inputs "mbedtls-apache")))
+ (wrap-program (string-append sbin "/hiawatha")
+ `("PATH" ":" prefix (,mbed)))))))))
+ (inputs
+ ;; TODO: package "hiawatha-monitor", an optional dependency of "hiawatha".
+ `(("mbedtls-apache" ,mbedtls-apache) ;Hiawatha includes this version.
+ ("zlib" ,zlib)
+ ("libxslt" ,libxslt)
+ ("libxml2" ,libxml2)))
+ (home-page "https://www.hiawatha-webserver.org")
+ (synopsis "Webserver with focus on security")
+ (description
+ "Hiawatha has been written with security in mind. This resulted in a
+highly secure webserver in both code and features. Hiawatha can stop SQL
+injections, XSS and CSRF attacks and exploit attempts. Via a specially
+crafted monitoring tool, you can keep track of all your webservers.")
+ (license l:gpl2)))
--
2.11.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
end of thread, other threads:[~2017-01-27 16:10 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-01-25 12:25 [PATCH 1/2] gnu: Add mbedtls contact.ng0
2017-01-25 12:29 ` ng0
2017-01-26 3:11 ` Leo Famulari
2017-01-26 14:48 ` ng0
2017-01-26 15:40 ` mbedtls, v2 contact.ng0
2017-01-26 15:40 ` [PATCH 1/2] gnu: Add mbedtls contact.ng0
2017-01-27 16:11 ` Add: mbedtls (v3), and hiawatha contact.ng0
2017-01-27 16:11 ` [PATCH 1/2] gnu: Add mbedtls-apache contact.ng0
2017-01-27 16:11 ` [PATCH 2/2] gnu: Add hiawatha contact.ng0
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).