pantry/projects/openssl.org/package.yml
2022-09-25 09:35:44 -04:00

64 lines
1.8 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# NOTE
# on darwin we use Apples provided TLS certs at /etc/certs
# on linux we grab the curl certs (usually these are package as ca-certificates)
distributable:
url: https://github.com/openssl/openssl/archive/refs/tags/OpenSSL_1_1_1q.tar.gz
strip-components: 1
versions:
- 1.1.118
# TODO
# github: openssl/openssl
# parser: version-parser.ts
provides:
- bin/openssl
- bin/c_rehash
build:
dependencies:
tea.xyz/gx/cc: c99
tea.xyz/gx/make: '*'
perl.org: 5
curl.se: '*' # to download ca-certs on linux
git-scm.org: 2 # to apply our patch
script: |
git apply props/x509_def.c.diff
./Configure --prefix={{ prefix }} $ARCH no-tests $ARGS --openssldir={{prefix}}/ssl
make --jobs {{ hw.concurrency }}
make install_sw # `_sw` avoids installing docs
#FIXME needs to be a curl.se/ca-certs that gets updates
#FIXME on macOS use /etc/ssl/cert.pem (I couldn't make this work)
#FIXME or on macOS get certs from the keychain
cd "{{prefix}}"
mkdir -p ssl
curl -k https://curl.se/ca/cacert-2022-07-19.pem -o ssl/cert.pem
env:
darwin/aarch64: {ARCH: 'darwin64-arm64-cc'}
darwin/x86-64: {ARCH: 'darwin64-x86_64-cc'}
linux/aarch64: {ARCH: 'linux-aarch64'}
linux/x86-64: {ARCH: 'linux-x86_64'}
darwin:
# supposedly enables important optimizations
ARGS: enable-ec_nistp_64_gcc_128
test:
make test
#TODO need to test the SSL certs work
# otherwise we are basically relying on wget etc. to test for it
test:
dependencies:
gnu.org/wget: '*'
script: |
echo "This is a test file" > in
openssl dgst -sha256 -out out ./in
test "$(cat ./out)" = "$SAMPLE"
wget tea.xyz # test the certs work
env:
SAMPLE: SHA256(./in)= c87e2ca771bab6024c269b933389d2a92d4941c848c52f155b9b84e1f109fe35