python3Packages.nassl: 3.0.0 -> 3.1.0

author: Vincent Haupert <mail@vincent-haupert.de> 2020-12-04 20:25:13 +0100
committer: Jonathan Ringer <jonringer@users.noreply.github.com> 2021-01-11 20:23:56 -0800
commit: a126dda7bc2b8198300b55da0cf58ac2fcbd2c0d (patch)
tree: cd2cdfb6a5764190f5e774a93d0a7b1b1c2337f6 /pkgs/development/python-modules/nassl
parent: b4659c888e239b01fa2ced0dadef991a82c8be37 (diff)
2 files changed, 21 insertions, 32 deletions
diff --git a/pkgs/development/python-modules/nassl/default.nix b/pkgs/development/python-modules/nassl/default.nix
index 78a9dd9b4eefc..908ecff8c177d 100644
--- a/pkgs/development/python-modules/nassl/default.nix
+++ b/pkgs/development/python-modules/nassl/default.nix
@@ -5,9 +5,9 @@
 , pkgsStatic
 , openssl
 , invoke
-, pytest
 , tls-parser
 , cacert
+, pytestCheckHook
 }:
 
 let
@@ -36,17 +36,16 @@ let
   opensslStatic = (openssl.override nasslOpensslArgs).overrideAttrs (
     oldAttrs: rec {
       name = "openssl-${version}";
-      version = "1.1.1";
+      version = "1.1.1h";
       src = fetchurl {
         url = "https://www.openssl.org/source/${name}.tar.gz";
-        sha256 = "0gbab2fjgms1kx5xjvqx8bxhr98k4r8l2fa8vw7kvh491xd8fdi8";
+        sha256 = "1ncmcnh5bmxkwrvm0m1q4kdcjjfpwvlyjspjhibkxc6p9dvsi72w";
       };
       configureFlags = oldAttrs.configureFlags ++ nasslOpensslFlagsCommon ++ [
         "enable-weak-ssl-ciphers"
         "enable-tls1_3"
         "no-async"
       ];
-      patches = [ ./nix-ssl-cert-file.patch ];
       buildInputs = oldAttrs.buildInputs ++ [ zlibStatic cacert ];
     }
   );
@@ -68,32 +67,36 @@ let
 in
 buildPythonPackage rec {
   pname = "nassl";
-  version = "3.0.0";
+  version = "3.1.0";
 
   src = fetchFromGitHub {
     owner = "nabla-c0d3";
     repo = pname;
     rev = version;
-    sha256 = "1dhgkpldadq9hg5isb6mrab7z80sy5bvzad2fb54pihnknfwhp8z";
+    sha256 = "1x1v0fpb6gcc2r0k2rsy0mc3v25s3qbva78apvi46n08c2l309ci";
   };
 
-  postPatch = ''
-    mkdir -p deps/openssl-OpenSSL_1_0_2e/
+  postPatch = let
+    legacyOpenSSLVersion = lib.replaceStrings ["."] ["_"] opensslLegacyStatic.version;
+    modernOpenSSLVersion = lib.replaceStrings ["."] ["_"] opensslStatic.version;
+    zlibVersion = zlibStatic.version;
+  in ''
+    mkdir -p deps/openssl-OpenSSL_${legacyOpenSSLVersion}/
     cp ${opensslLegacyStatic.out}/lib/libssl.a \
       ${opensslLegacyStatic.out}/lib/libcrypto.a \
-      deps/openssl-OpenSSL_1_0_2e/
-    ln -s ${opensslLegacyStatic.out.dev}/include deps/openssl-OpenSSL_1_0_2e/include
-    ln -s ${opensslLegacyStatic.bin}/bin deps/openssl-OpenSSL_1_0_2e/apps
+      deps/openssl-OpenSSL_${legacyOpenSSLVersion}/
+    ln -s ${opensslLegacyStatic.out.dev}/include deps/openssl-OpenSSL_${legacyOpenSSLVersion}/include
+    ln -s ${opensslLegacyStatic.bin}/bin deps/openssl-OpenSSL_${legacyOpenSSLVersion}/apps
 
-    mkdir -p deps/openssl-OpenSSL_1_1_1/
+    mkdir -p deps/openssl-OpenSSL_${modernOpenSSLVersion}/
     cp ${opensslStatic.out}/lib/libssl.a \
       ${opensslStatic.out}/lib/libcrypto.a \
-      deps/openssl-OpenSSL_1_1_1/
-    ln -s ${opensslStatic.out.dev}/include deps/openssl-OpenSSL_1_1_1/include
-    ln -s ${opensslStatic.bin}/bin deps/openssl-OpenSSL_1_1_1/apps
+      deps/openssl-OpenSSL_${modernOpenSSLVersion}/
+    ln -s ${opensslStatic.out.dev}/include deps/openssl-OpenSSL_${modernOpenSSLVersion}/include
+    ln -s ${opensslStatic.bin}/bin deps/openssl-OpenSSL_${modernOpenSSLVersion}/apps
 
-    mkdir -p deps/zlib-1.2.11/
-    cp ${zlibStatic.out}/lib/libz.a deps/zlib-1.2.11/
+    mkdir -p deps/zlib-${zlibVersion}/
+    cp ${zlibStatic.out}/lib/libz.a deps/zlib-${zlibVersion}/
   '';
 
   propagatedBuildInputs = [ tls-parser ];
@@ -105,7 +108,7 @@ buildPythonPackage rec {
     invoke package.wheel
   '';
 
-  checkInputs = [ pytest ];
+  checkInputs = [ pytestCheckHook ];
 
   checkPhase = ''
     # Skip online tests
diff --git a/pkgs/development/python-modules/nassl/nix-ssl-cert-file.patch b/pkgs/development/python-modules/nassl/nix-ssl-cert-file.patch
deleted file mode 100644
index 893fb3eb6643a..0000000000000
--- a/pkgs/development/python-modules/nassl/nix-ssl-cert-file.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-diff -ru -x '*~' openssl-1.0.2j-orig/crypto/x509/by_file.c openssl-1.0.2j/crypto/x509/by_file.c
---- openssl-1.0.2j-orig/crypto/x509/by_file.c	2016-09-26 11:49:07.000000000 +0200
-+++ openssl-1.0.2j/crypto/x509/by_file.c	2016-10-13 16:54:31.400288302 +0200
-@@ -97,7 +97,9 @@
-     switch (cmd) {
-     case X509_L_FILE_LOAD:
-         if (argl == X509_FILETYPE_DEFAULT) {
--            file = getenv(X509_get_default_cert_file_env());
-+            file = getenv("NIX_SSL_CERT_FILE");
-+            if (!file)
-+                file = getenv(X509_get_default_cert_file_env());
-             if (file)
-                 ok = (X509_load_cert_crl_file(ctx, file,
-                                               X509_FILETYPE_PEM) != 0);
author	Vincent Haupert <mail@vincent-haupert.de>	2020-12-04 20:25:13 +0100
committer	Jonathan Ringer <jonringer@users.noreply.github.com>	2021-01-11 20:23:56 -0800
commit	a126dda7bc2b8198300b55da0cf58ac2fcbd2c0d (patch)
tree	cd2cdfb6a5764190f5e774a93d0a7b1b1c2337f6 /pkgs/development/python-modules/nassl
parent	b4659c888e239b01fa2ced0dadef991a82c8be37 (diff)