From mboxrd@z Thu Jan 1 00:00:00 1970 From: ng0 Subject: HELP needed with CA certificates! [PATCH] gnu: Add tup, Add pbpst. Date: Thu, 25 Aug 2016 20:12:40 +0000 Message-ID: <87y43ksj47.fsf@we.make.ritual.n0.is> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:53779) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bd118-0008Vb-TH for guix-devel@gnu.org; Thu, 25 Aug 2016 16:12:53 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bd114-000148-DI for guix-devel@gnu.org; Thu, 25 Aug 2016 16:12:49 -0400 Received: from mithlond.libertad.in-berlin.de ([2001:67c:1400:2490::1]:59344 helo=beleriand.n0.is) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bd114-00012b-2I for guix-devel@gnu.org; Thu, 25 Aug 2016 16:12:46 -0400 Received: by beleriand.n0.is (OpenSMTPD) with ESMTPSA id 16cf5225 TLS version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO for ; Thu, 25 Aug 2016 20:12:40 +0000 (UTC) List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org --=-=-= Content-Type: text/plain First things first: Corrections will happen, this is not what I ask for. I need help with getting pbpst (which just uses curl for this) to learn about the certificates on the system. I can not continue this, all the greping and no advance. I can not solve this, I need help. --=-=-= Content-Type: text/x-patch; charset=utf-8 Content-Disposition: inline; filename=0001-gnu-Add-tup.patch Content-Transfer-Encoding: 8bit >From 9556d469f3be74a0ea0ada9e4879c25a32858a3e Mon Sep 17 00:00:00 2001 From: ng0 Date: Mon, 15 Aug 2016 00:26:40 +0000 Subject: [PATCH 1/2] gnu: Add tup. * gnu/packages/tup.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. --- gnu/local.mk | 2 ++ gnu/packages/tup.scm | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 85 insertions(+) create mode 100644 gnu/packages/tup.scm diff --git a/gnu/local.mk b/gnu/local.mk index b8c5378..bc4b968 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -5,6 +5,7 @@ # Copyright © 2013, 2014, 2015, 2016 Mark H Weaver # Copyright © 2016 Chris Marusich # Copyright © 2016 Kei Kebreau +# Coypright © 2016 ng0 # # This file is part of GNU Guix. # @@ -343,6 +344,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/tmux.scm \ %D%/packages/tor.scm \ %D%/packages/tre.scm \ + %D%/packages/tup.scm \ %D%/packages/tv.scm \ %D%/packages/unrtf.scm \ %D%/packages/upnp.scm \ diff --git a/gnu/packages/tup.scm b/gnu/packages/tup.scm new file mode 100644 index 0000000..66ce099 --- /dev/null +++ b/gnu/packages/tup.scm @@ -0,0 +1,83 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 ng0 +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages tup) + #:use-module (gnu packages) + #:use-module (gnu packages linux) + #:use-module (gnu packages pkg-config) + #:use-module (gnu packages version-control) + #:use-module (gnu packages perl) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix build-system gnu)) + +(define-public tup + (package + (name "tup") + (version "0.7.4") + (source (origin + (method url-fetch) + (uri (string-append "https://github.com/gittup/" + name "/archive/v" version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "044h9kbcg1sfwpn13j1grw79kwysqhyn3w3g6yy8ap4j32v10gz2")))) + (build-system gnu-build-system) + (arguments + ;; tup requires fusermount to have suid, which we cannot provide in build env, + ;; we bootstrap it and use tup generate. This also means that no tests are run. + `(#:tests? #f + #:modules ((guix build gnu-build-system) + (guix build utils)) + #:phases + (modify-phases %standard-phases + (replace 'configure + (lambda* (#:key outputs #:allow-other-keys) + (zero? (system* "./build.sh")) + (zero? (system* "./build/tup" "generate" "script.sh")))) + (replace 'build + (lambda* (#:key outputs #:allow-other-keys) + (substitute* "script.sh" + (("`git describe`") (string-append "v" ,version))) + (zero? (system* "./script.sh")) + #t)) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin")) + (man (string-append out "/share/man/man1"))) + (install-file "tup" bin) + (install-file "tup.1" man)) + #t))))) + (native-inputs + `(("pkg-config" ,pkg-config) + ("perl" ,perl))) + (inputs + `(("fuse" ,fuse))) + (synopsis "A file-based build system") + (description + "Tup is a file-based build system for Linux, OSX, and Windows. It inputs a list +of file changes and a directed acyclic graph (DAG), then processes the DAG to +execute the appropriate commands required to update dependent files. Updates are +performed with very little overhead since tup implements powerful build +algorithms to avoid doing unnecessary work. This means you can stay focused on +your project rather than on your build system.") + (home-page "http://gittup.org/tup/") + (license license:gpl2))) -- 2.9.3 --=-=-= Content-Type: text/x-patch; charset=utf-8 Content-Disposition: inline; filename=0002-gnu-Add-pbpst.patch Content-Transfer-Encoding: 8bit >From 50008c80803517cb3be0ddf435ee47095b4bf622 Mon Sep 17 00:00:00 2001 From: ng0 Date: Tue, 16 Aug 2016 00:59:33 +0000 Subject: [PATCH 2/2] gnu: Add pbpst. * gnu/packages/pastebin.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. --- gnu/local.mk | 1 + gnu/packages/pastebin.scm | 163 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 164 insertions(+) create mode 100644 gnu/packages/pastebin.scm diff --git a/gnu/local.mk b/gnu/local.mk index bc4b968..ff5e1a1 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -272,6 +272,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/package-management.scm \ %D%/packages/parallel.scm \ %D%/packages/password-utils.scm \ + %D%/packages/pastebin.scm \ %D%/packages/patchutils.scm \ %D%/packages/pciutils.scm \ %D%/packages/pcre.scm \ diff --git a/gnu/packages/pastebin.scm b/gnu/packages/pastebin.scm new file mode 100644 index 0000000..95bb781 --- /dev/null +++ b/gnu/packages/pastebin.scm @@ -0,0 +1,163 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 ng0 +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages pastebin) + #:use-module (gnu packages) + #:use-module (gnu packages bash) + #:use-module (gnu packages certs) + #:use-module (gnu packages curl) + #:use-module (gnu packages libidn) + #:use-module (gnu packages llvm) + #:use-module (gnu packages tls) + #:use-module (gnu packages tup) + #:use-module (gnu packages pkg-config) + #:use-module (gnu packages python) + #:use-module (gnu packages web) + #:use-module (gnu packages zsh) + #:use-module (guix build-system gnu) + #:use-module (guix git-download) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages)) + +;; We use this git checkout because it applies fixes needed to build +;; pbpst on Guix, essential additions to the used build system. +(define-public pbpst + (let ((revision "2") + (commit "4aeb782cdd05251a902af427ce942f3b8a866188")) + (package + (name "pbpst") + (version (string-append "1.2.0-" revision "." (string-take commit 7))) + (source (origin + ;; (method url-fetch) + ;; (uri (string-append "https://github.com/HalosGhost/" + ;; name "/archive/v" version ".tar.gz")) + (method git-fetch) + (uri (git-reference + (url "https://github.com/HalosGhost/pbpst") + (commit commit))) + (file-name (string-append name "-" version "-checkout")) + (sha256 + (base32 + "1w0js3z5xk4l1inxvh49w6ydahz33r7vn2mziziihn9h5qfadlhs")))) + (build-system gnu-build-system) + ;; XXX: "make simple" runs "make gen dist @./make.sh". make.sh is generated + ;; by the primary build system, which is tup based. we can not use the + ;; full tup build system as it requires to load FUSE. "make gen" runs + ;; `tup generate make.sh' which is a new file, we need to apply some + ;; Guix specific patching before we can continue. We therefore remove + ;; "@./make.sh" from the "make simple" and run it manually, this way we can + ;; patch make.sh before running it. + (arguments + `(#:make-flags (list + (string-append "PREFIX=" (assoc-ref %outputs "out")) + "simple") + #:tests? #f + #:phases + (modify-phases %standard-phases + (replace 'configure + (lambda _ + (substitute* "Makefile" + (("@./make.sh") "") + ;; XXX: Because this is a drop-in replacement build system, there are + ;; some unexplainable special behaviors introduced. One of them is that + ;; building pbpst binary out to ../dist/pbpst fails, but inside cwd + ;; "src/" succeeds. I blame dark matter. Fix this if you feel the + ;; desire for a headache. + (("dist/\\$\\(PROGNM\\)") "src/$(PROGNM)") + (("src/\\$\\(PROGNM\\)\\.1") "dist/$(PROGNM).1")) + (substitute* "Tuprules.tup" + (("`git describe --long --tags`") ,version)))) + ;;(setenv "SSL_CERT_FILE" "/dev/null"))) ; I have no idea. + ;;(setenv "SSL_CERT_DIR" "/etc/ssl/certs") + ;;(setenv "SSL_CERT_FILE" "/etc/ssl/certs/ca-certificates.crt"))) + (add-after 'build 'make-it + (lambda _ + (patch-shebang "make.sh") + (substitute* "make.sh" + (("clang -g -O3 -fPIE -pie -Weverything -Werror -std=c11 -ggdb -D_FORTIFY_SOURCE=2 -fstack-protector-strong -march=native --param=ssp-buffer-size=1 -Wl,-z,relro,-z,now -fsanitize=undefined -fsanitize-trap=undefined `pkg-config --libs-only-l libcurl jansson` callback.c main.c pb.c pbpst_db.c -o ../dist/pbpst") + "clang -v -g -O3 -fPIE -pie -Weverything -Werror -std=c11 -ggdb -D_FORTIFY_SOURCE=2 -fstack-protector-strong -march=native --param=ssp-buffer-size=1 -Wl,-z,relro,-z,now -fsanitize=undefined -fsanitize-trap=undefined `pkg-config --libs-only-l libcurl jansson` callback.c main.c pb.c pbpst_db.c -o pbpst")) + ;; (("gcc -g -O3 -fPIE -pie -Weverything -Werror -std=c11 -ggdb -D_FORTIFY_SOURCE=2 -fstack-protector-strong -march=native --param=ssp-buffer-size=1 -Wl,-z,relro,-z,now -fsanitize=undefined -fsanitize-trap=undefined `pkg-config --libs-only-l libcurl jansson` callback.c main.c pb.c pbpst_db.c -o ../dist/pbpst") + ;; "gcc -v -g -O3 -fPIE -pie -Werror -std=c11 -ggdb -D_FORTIFY_SOURCE=2 -fstack-protector-strong -march=native --param=ssp-buffer-size=1 -Wl,-z,relro,-z,now -fsanitize=undefined `pkg-config --libs-only-l libcurl jansson` callback.c main.c pb.c pbpst_db.c -o pbpst")) +;; (("cp bash ../dist/bash") +;; "cp bash ../dist/bash + ;;cd '..'")) + (zero? (system* "bash" "make.sh"))))))) + ;; the above fails, the one below was used with the 2.1.0 release ball: + ;; (replace 'build + ;; (lambda _ + ;; (zero? (system* "make" "simple")) + ;; (patch-shebang "make.sh") + ;; (substitute* "make.sh" + ;; (("`git describe --tags`") ,version)) + ;; (zero? (system* "bash" "make.sh")))) + ;; ;; (mkdir-p (string-append out "/dist")) + ;; (mkdir-p "dist") + ;; (chdir "src") + ;; (zero? (system* "clang" "-g" "-O3" "-fPIE" "-pie" "-Weverything" + ;; "-Werror" "-std=c11" "-ggdb" "-D_FORTIFY_SOURCE=2" + ;; "-fstack-protector-strong" "-march=native" + ;; "--param=ssp-buffer-size=1" "-Wl,-z,relro,-z,now" + ;; "-fsanitize=undefined" "-fsanitize-trap=undefined" + ;; "pkg-config" "--libs-only-l" "libcurl" "jansson" + ;; "callback.c" "main.c" "pb.c" "pbpst_db.c" + ;; "-o ../dist/pbpst")) + ;; (chdir "../cmp") + ;; (copy-file "zsh" "../dist/zsh") + ;; (copy-file "bash" "../dist/bash") + ;; (chdir "../doc") + ;; (system* "sphinx-build" "-b man" "-Dversion=`git describe --tags`" + ;; "-d doctree" "-E . ../dist pbpst.rst pbpst_db.rst") + ;; (delete-file-recursively "doctree")))) + (inputs + `(("curl" ,curl) + ("jansson" ,jansson) + ("openssl" ,openssl) + ("libidn" ,libidn) + ;;("gnutls" ,gnutls) + ;;("nss-certs" ,nss-certs) + ("zsh" ,zsh) ; zsh completions + ("bash" ,bash))) ; bash completions + (native-inputs + `(("clang" ,clang) + ("clang-runtime" ,clang-runtime) + ("tup" ,tup) + ("pkg-config" ,pkg-config) + ("python" ,python) + ("python-sphinx" ,python-sphinx))) + (outputs '("out" "debug")) + ;; (native-search-paths + ;; ;; FIXME: These two variables must designate a single file or directory + ;; ;; and are not actually "search paths." In practice it works OK in + ;; ;; user profiles because there's always just one item that matches the + ;; ;; specification. + ;; (list (search-path-specification + ;; (variable "SSL_CERT_DIR") + ;; (files '("etc/ssl/certs"))) + ;; (search-path-specification + ;; (variable "SSL_CERT_FILE") + ;; (files '("etc/ssl/certs/ca-certificates.crt"))))) + (synopsis "Command-line libcurl C client for pb deployments") + (description + "pbpst is a small tool to make interacting with pb instances as simple as +possible. pb is a versatile, free and open source pastebin which has more + features, is more robust, and is faster than any other pastebin with which I + am familiar. You can find the reference instance (which tracks pb's master + branch) at ptpb. Ideally, pbpst will support as many features of pb as + possible (hopefully, nearly all) in a simple, unassuming CLI.") + (home-page "https://github.com/HalosGhost/pbpst/") + (license license:gpl2)))) -- 2.9.3 --=-=-= Content-Type: text/plain -- ng0 For non-prism friendly talk find me on http://www.psyced.org --=-=-=--