From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id 2AI7Az4wdmKhSAAAbAwnHQ (envelope-from ) for ; Sat, 07 May 2022 10:39:26 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id uGEzAz4wdmKK5wAA9RJhRA (envelope-from ) for ; Sat, 07 May 2022 10:39:26 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id B959A50C2 for ; Sat, 7 May 2022 10:39:25 +0200 (CEST) Received: from localhost ([::1]:48386 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nnFyG-0003Va-TC for larch@yhetil.org; Sat, 07 May 2022 04:39:24 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:37656) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nnFx0-00026J-2R for guix-patches@gnu.org; Sat, 07 May 2022 04:38:06 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:56507) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nnFwz-0002l5-Q0 for guix-patches@gnu.org; Sat, 07 May 2022 04:38:05 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1nnFwz-0003r4-Nr for guix-patches@gnu.org; Sat, 07 May 2022 04:38:05 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#55297] [PATCH 01/10] search-paths: Define $SSL_CERT_DIR and $SSL_CERT_FILE. References: In-Reply-To: Resent-From: Maxime Devos Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 07 May 2022 08:38:05 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 55297 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 55297@debbugs.gnu.org Cc: Maxime Devos Received: via spool by 55297-submit@debbugs.gnu.org id=B55297.165191267414737 (code B ref 55297); Sat, 07 May 2022 08:38:05 +0000 Received: (at 55297) by debbugs.gnu.org; 7 May 2022 08:37:54 +0000 Received: from localhost ([127.0.0.1]:50395 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nnFwn-0003pX-Tw for submit@debbugs.gnu.org; Sat, 07 May 2022 04:37:54 -0400 Received: from albert.telenet-ops.be ([195.130.137.90]:44044) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nnFwe-0003nP-0s for 55297@debbugs.gnu.org; Sat, 07 May 2022 04:37:48 -0400 Received: from localhost.localdomain ([IPv6:2a02:1811:8c09:9d00:3c5f:2eff:feb0:ba5a]) by albert.telenet-ops.be with bizsmtp id Tkdi270084UW6Th06kdiWP; Sat, 07 May 2022 10:37:42 +0200 From: Maxime Devos Date: Sat, 7 May 2022 08:37:31 +0000 Message-Id: <20220507083740.59995-1-maximedevos@telenet.be> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r22; t=1651912662; bh=WuP+sSvxhpiaToBL8HGKvUhPb08CQidw57KI+bUZIwU=; h=From:To:Cc:Subject:Date; b=nNNz5C86GWvEZ618KHalLRKuZqr5qLqo5K5LY8AqNPwCzTc3WodYJLd/EZw57r98f NV2uCtcE/ytTazD0N1NyTjw2Nwa/o9R2f9P4BQRgChdAsleFUQcqgyfv86pJRUwDHA m3kadV1iZfbNYVhNzsmu7cU+iTcnqOP7/q8mYhz4sQ/wjKRYKKcH+TwLaDEIF2avE1 TcWJKqvJ6jpWiaY8ipIRnb6QPjJFyuOS4f5POtMCvY/QSmCy+8BydBRlmpG1CHtPwo 9JCuhUI7DUo4tkMVpCHNgJw1qdnlXgZPAdPBFVafHi7UfiIPPE7gMD9dvpfXxLLOUl y+50j0ZwxVpzQ== X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1651912765; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=WuP+sSvxhpiaToBL8HGKvUhPb08CQidw57KI+bUZIwU=; b=Y78oE7OYEQaHyBcSNKyge6pQXZM/lrKnzWhawnR3rBfxA8MGdojmQyABB7dJ7rpKEXLS3g HMXHEa/eFiVAp+lSxslmfMCVcbNIrHy3DDz2s9TvVHhdiXeRbQ2TWsKoXmoCAKbg3zgsjl /Vcf/dkGSzr71iPC1/VHATwjstQ2T0d2IHkWT9saRRoVdKz7aLafokLj0CSXtN4mP+rUjo oZjAqpeeqLLdpsnjAdaGpthl0/42v1jFvIpFtdKbcyClAGCyjvQBDjA1Nb6wSwb9keXr4q 9Fg2Cp8Kv1LkS0mrUXT8GgFrbY1ghAtSj1/JwjZT6tg4QzJJxFBxO50/kVaaAQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1651912765; a=rsa-sha256; cv=none; b=VYY/4YoLWl/SlMESM6HWRw2PwTVCZ4ylJ4CmYyi5w8GAOuKV/glx+RkADUvEKS8wEIxQqz wdT6aDvjtLyt+MTIyo6Noyg3/t2HpDwF/0o1jFvW9Pev+C2VV084i+6GXUKbo0UJviHZcr qXdorM1Cxtryuf2tFUK/R/AYSVoIUZZYjAYjeuxoQEU7x7dRE6Z/uqVp/PDcEUvGJtLF1v UzKao6gwlpEw+iyIEp/KRPhbd1HDsiTATlFP3momy71Y7IHZiTrdSeEsvRsVJozlw0CO9S U2legsd1G+7+At6e6SgCjHebP52hr6pFpicHW/q9krjWsUAhlfB5fsYSopxUsQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=telenet.be header.s=r22 header.b=nNNz5C86; dmarc=fail reason="SPF not aligned (relaxed)" header.from=telenet.be (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: 8.90 X-Spam: Yes Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=telenet.be header.s=r22 header.b=nNNz5C86; dmarc=fail reason="SPF not aligned (relaxed)" header.from=telenet.be (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: B959A50C2 X-Spam-Score: 8.90 X-Migadu-Spam: Yes X-Migadu-Scanner: scn0.migadu.com X-TUID: Jg1NBKoTYzWe For the ‘why’, see the docstring next to $SSL_CERT_DIR. In later commits, packages will be changed to use these variables and the variables will be added to more packages. * guix/search-paths.scm ($SSL_CERT_DIR, $SSL_CERT_FILE): New variables. * doc/guix.texi (Search Paths): Document them. --- doc/guix.texi | 21 ++++++++++++++++++++- guix/search-paths.scm | 26 ++++++++++++++++++++++++++ 2 files changed, 46 insertions(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index 7369a306f6..25e2429533 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -88,7 +88,7 @@ Copyright @copyright{} 2020 Daniel Brooks@* Copyright @copyright{} 2020 John Soo@* Copyright @copyright{} 2020 Jonathan Brielmaier@* Copyright @copyright{} 2020 Edgar Vincent@* -Copyright @copyright{} 2021 Maxime Devos@* +Copyright @copyright{} 2021, 2022 Maxime Devos@* Copyright @copyright{} 2021 B. Wilson@* Copyright @copyright{} 2021 Xinglu Chen@* Copyright @copyright{} 2021 Raghav Gururajan@* @@ -9830,6 +9830,25 @@ Again, the libxml2 example shows a situation where this is needed. @end table @end deftp +Some search paths are not tied by a single package but to many packages. +To reduce duplications, some of them are pre-defined in @code{(guix +search-paths)}. + +@defvr {Scheme Variable} $SSL_CERT_DIR +@defvrx {Scheme Variable} $SSL_CERT_FILE +These two search paths indicate where X.509 certificates can be found +(@pxref{X.509 Certificates}). +@end defvr + +These pre-defined search paths can be used as in the following example: + +@lisp +(package + (name "curl") + ;; some fields omitted ... + (native-search-paths (list $SSL_CERT_DIR $SSL_CERT_FILE))) +@end lisp + How do you turn search path specifications on one hand and a bunch of directories on the other hand in a set of environment variable definitions? That's the job of @code{evaluate-search-paths}. diff --git a/guix/search-paths.scm b/guix/search-paths.scm index 002e6342bb..6b13a98946 100644 --- a/guix/search-paths.scm +++ b/guix/search-paths.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015, 2017, 2018 Ludovic Courtès +;;; Copyright © 2022 Maxime Devos ;;; ;;; This file is part of GNU Guix. ;;; @@ -32,6 +33,8 @@ (define-module (guix search-paths) search-path-specification-file-pattern $PATH + $SSL_CERT_DIR + $SSL_CERT_FILE search-path-specification->sexp sexp->search-path-specification @@ -70,6 +73,29 @@ (define $PATH (variable "PATH") (files '("bin" "sbin")))) +;; Two variables for certificates (see (guix)X.509 Certificates), +;; respected by 'openssl', possibly GnuTLS in the future +;; (https://gitlab.com/gnutls/gnutls/-/merge_requests/1541) +;; and many of their dependents -- even some GnuTLS depepdents +;; like Guile. As they are not tied to a single package, define +;; them here to avoid duplication. +;; +;; Additionally, the 'native-search-paths' field is not thunked, +;; so doing (package-native-search-paths openssl) +;; could cause import cycle issues. +(define-public $SSL_CERT_DIR + (search-path-specification + (variable "SSL_CERT_DIR") + (separator #f) ;single entry + (files '("etc/ssl/certs")))) + +(define-public $SSL_CERT_FILE + (search-path-specification + (variable "SSL_CERT_FILE") + (file-type 'regular) + (separator #f) ;single entry + (files '("etc/ssl/certs/ca-certificates.crt")))) + (define (search-path-specification->sexp spec) "Return an sexp representing SPEC, a . The sexp corresponds to the arguments expected by `set-path-environment-variable'." base-commit: 855097683230b756ba28636bed03ce904b6f3589 prerequisite-patch-id: 8c36bd91ff2f97cee25843119fdb12a71b3947bd prerequisite-patch-id: 3082a0c917de3ca7abf1fc40c2fced691da6d99f prerequisite-patch-id: ae89e00772cf3737e32b3b7bd191bfbeaaf5d0ed prerequisite-patch-id: d74573180a62eaa0b6ac57ef46d08409fb5652a8 prerequisite-patch-id: ccb777079d8182a3e44b29cc061f59496ae16188 prerequisite-patch-id: cbb90155003134235f98b750f5e4de2096c9e414 prerequisite-patch-id: ff8b567c0b58018b9c2085a324ce02711eadc77e prerequisite-patch-id: 6569c696b96227cfb2f056a894d441b99141a571 prerequisite-patch-id: eeb5c4446896b7d5209de79e7b9a2486a9a5dadb prerequisite-patch-id: 226931bbd40f2e7b43df22ea44783293d663e97a prerequisite-patch-id: 7b0f5bf490c804d1ce3f3bb0daf45273ce9bae8a prerequisite-patch-id: 0605551576cb5fbb0215575f8acee2ad91441ec8 prerequisite-patch-id: 851c816dcdc728b085c2cad0f00b140113915af7 prerequisite-patch-id: eca886865831aca6a9803626f60fd37f1f3e1a49 prerequisite-patch-id: 49190c9aa45e582877c7716c59f4f509a4623948 prerequisite-patch-id: f9e4fa15bc34d249aecf318c66cb598762ee5728 prerequisite-patch-id: 69e49a32a11f33c23ccaa1a785c40dfc04068403 prerequisite-patch-id: ec55a066dbaf5790b993edfbead3d27c7817949e prerequisite-patch-id: 44dedf2945b47ffe0a298b7129e7134567327d2d prerequisite-patch-id: 441f8c8acc52886c30a2ca167329cf5117b9d024 prerequisite-patch-id: ad05c828905c092a370a7b267c09c4ec2dbc4850 prerequisite-patch-id: 4683b5d9fe136a4f71cf3f8f6fa99363b80aaa64 prerequisite-patch-id: bd6189df0a2a0122a769ba3f849dcd1f047dea14 prerequisite-patch-id: b723e932d080a91ab5d87a92c154e6ede074fe9c prerequisite-patch-id: cb2dd382af23e9d1d7eb63f55c463ea15ab7fb95 -- 2.35.1