From patchwork Sat May 7 08:37:31 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: M X-Patchwork-Id: 39137 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 501E827BBEA; Sat, 7 May 2022 09:39:30 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-3.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2, SPF_HELO_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 9C86C27BBE9 for ; Sat, 7 May 2022 09:39:29 +0100 (BST) Received: from localhost ([::1]:48386 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nnFyK-0003Va-EP for patchwork@mira.cbaines.net; Sat, 07 May 2022 04:39:28 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:37656) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nnFx0-00026J-2R for guix-patches@gnu.org; Sat, 07 May 2022 04:38:06 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:56507) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nnFwz-0002l5-Q0 for guix-patches@gnu.org; Sat, 07 May 2022 04:38:05 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1nnFwz-0003r4-Nr for guix-patches@gnu.org; Sat, 07 May 2022 04:38:05 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#55297] [PATCH 01/10] search-paths: Define $SSL_CERT_DIR and $SSL_CERT_FILE. References: In-Reply-To: Resent-From: Maxime Devos Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 07 May 2022 08:38:05 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 55297 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 55297@debbugs.gnu.org Cc: Maxime Devos Received: via spool by 55297-submit@debbugs.gnu.org id=B55297.165191267414737 (code B ref 55297); Sat, 07 May 2022 08:38:05 +0000 Received: (at 55297) by debbugs.gnu.org; 7 May 2022 08:37:54 +0000 Received: from localhost ([127.0.0.1]:50395 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nnFwn-0003pX-Tw for submit@debbugs.gnu.org; Sat, 07 May 2022 04:37:54 -0400 Received: from albert.telenet-ops.be ([195.130.137.90]:44044) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nnFwe-0003nP-0s for 55297@debbugs.gnu.org; Sat, 07 May 2022 04:37:48 -0400 Received: from localhost.localdomain ([IPv6:2a02:1811:8c09:9d00:3c5f:2eff:feb0:ba5a]) by albert.telenet-ops.be with bizsmtp id Tkdi270084UW6Th06kdiWP; Sat, 07 May 2022 10:37:42 +0200 From: Maxime Devos Date: Sat, 7 May 2022 08:37:31 +0000 Message-Id: <20220507083740.59995-1-maximedevos@telenet.be> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r22; t=1651912662; bh=WuP+sSvxhpiaToBL8HGKvUhPb08CQidw57KI+bUZIwU=; h=From:To:Cc:Subject:Date; b=nNNz5C86GWvEZ618KHalLRKuZqr5qLqo5K5LY8AqNPwCzTc3WodYJLd/EZw57r98f NV2uCtcE/ytTazD0N1NyTjw2Nwa/o9R2f9P4BQRgChdAsleFUQcqgyfv86pJRUwDHA m3kadV1iZfbNYVhNzsmu7cU+iTcnqOP7/q8mYhz4sQ/wjKRYKKcH+TwLaDEIF2avE1 TcWJKqvJ6jpWiaY8ipIRnb6QPjJFyuOS4f5POtMCvY/QSmCy+8BydBRlmpG1CHtPwo 9JCuhUI7DUo4tkMVpCHNgJw1qdnlXgZPAdPBFVafHi7UfiIPPE7gMD9dvpfXxLLOUl y+50j0ZwxVpzQ== X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches For the ‘why’, see the docstring next to $SSL_CERT_DIR. In later commits, packages will be changed to use these variables and the variables will be added to more packages. * guix/search-paths.scm ($SSL_CERT_DIR, $SSL_CERT_FILE): New variables. * doc/guix.texi (Search Paths): Document them. --- doc/guix.texi | 21 ++++++++++++++++++++- guix/search-paths.scm | 26 ++++++++++++++++++++++++++ 2 files changed, 46 insertions(+), 1 deletion(-) base-commit: 855097683230b756ba28636bed03ce904b6f3589 prerequisite-patch-id: 8c36bd91ff2f97cee25843119fdb12a71b3947bd prerequisite-patch-id: 3082a0c917de3ca7abf1fc40c2fced691da6d99f prerequisite-patch-id: ae89e00772cf3737e32b3b7bd191bfbeaaf5d0ed prerequisite-patch-id: d74573180a62eaa0b6ac57ef46d08409fb5652a8 prerequisite-patch-id: ccb777079d8182a3e44b29cc061f59496ae16188 prerequisite-patch-id: cbb90155003134235f98b750f5e4de2096c9e414 prerequisite-patch-id: ff8b567c0b58018b9c2085a324ce02711eadc77e prerequisite-patch-id: 6569c696b96227cfb2f056a894d441b99141a571 prerequisite-patch-id: eeb5c4446896b7d5209de79e7b9a2486a9a5dadb prerequisite-patch-id: 226931bbd40f2e7b43df22ea44783293d663e97a prerequisite-patch-id: 7b0f5bf490c804d1ce3f3bb0daf45273ce9bae8a prerequisite-patch-id: 0605551576cb5fbb0215575f8acee2ad91441ec8 prerequisite-patch-id: 851c816dcdc728b085c2cad0f00b140113915af7 prerequisite-patch-id: eca886865831aca6a9803626f60fd37f1f3e1a49 prerequisite-patch-id: 49190c9aa45e582877c7716c59f4f509a4623948 prerequisite-patch-id: f9e4fa15bc34d249aecf318c66cb598762ee5728 prerequisite-patch-id: 69e49a32a11f33c23ccaa1a785c40dfc04068403 prerequisite-patch-id: ec55a066dbaf5790b993edfbead3d27c7817949e prerequisite-patch-id: 44dedf2945b47ffe0a298b7129e7134567327d2d prerequisite-patch-id: 441f8c8acc52886c30a2ca167329cf5117b9d024 prerequisite-patch-id: ad05c828905c092a370a7b267c09c4ec2dbc4850 prerequisite-patch-id: 4683b5d9fe136a4f71cf3f8f6fa99363b80aaa64 prerequisite-patch-id: bd6189df0a2a0122a769ba3f849dcd1f047dea14 prerequisite-patch-id: b723e932d080a91ab5d87a92c154e6ede074fe9c prerequisite-patch-id: cb2dd382af23e9d1d7eb63f55c463ea15ab7fb95 diff --git a/doc/guix.texi b/doc/guix.texi index 7369a306f6..25e2429533 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -88,7 +88,7 @@ Copyright @copyright{} 2020 Daniel Brooks@* Copyright @copyright{} 2020 John Soo@* Copyright @copyright{} 2020 Jonathan Brielmaier@* Copyright @copyright{} 2020 Edgar Vincent@* -Copyright @copyright{} 2021 Maxime Devos@* +Copyright @copyright{} 2021, 2022 Maxime Devos@* Copyright @copyright{} 2021 B. Wilson@* Copyright @copyright{} 2021 Xinglu Chen@* Copyright @copyright{} 2021 Raghav Gururajan@* @@ -9830,6 +9830,25 @@ Again, the libxml2 example shows a situation where this is needed. @end table @end deftp +Some search paths are not tied by a single package but to many packages. +To reduce duplications, some of them are pre-defined in @code{(guix +search-paths)}. + +@defvr {Scheme Variable} $SSL_CERT_DIR +@defvrx {Scheme Variable} $SSL_CERT_FILE +These two search paths indicate where X.509 certificates can be found +(@pxref{X.509 Certificates}). +@end defvr + +These pre-defined search paths can be used as in the following example: + +@lisp +(package + (name "curl") + ;; some fields omitted ... + (native-search-paths (list $SSL_CERT_DIR $SSL_CERT_FILE))) +@end lisp + How do you turn search path specifications on one hand and a bunch of directories on the other hand in a set of environment variable definitions? That's the job of @code{evaluate-search-paths}. diff --git a/guix/search-paths.scm b/guix/search-paths.scm index 002e6342bb..6b13a98946 100644 --- a/guix/search-paths.scm +++ b/guix/search-paths.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015, 2017, 2018 Ludovic Courtès +;;; Copyright © 2022 Maxime Devos ;;; ;;; This file is part of GNU Guix. ;;; @@ -32,6 +33,8 @@ (define-module (guix search-paths) search-path-specification-file-pattern $PATH + $SSL_CERT_DIR + $SSL_CERT_FILE search-path-specification->sexp sexp->search-path-specification @@ -70,6 +73,29 @@ (define $PATH (variable "PATH") (files '("bin" "sbin")))) +;; Two variables for certificates (see (guix)X.509 Certificates), +;; respected by 'openssl', possibly GnuTLS in the future +;; (https://gitlab.com/gnutls/gnutls/-/merge_requests/1541) +;; and many of their dependents -- even some GnuTLS depepdents +;; like Guile. As they are not tied to a single package, define +;; them here to avoid duplication. +;; +;; Additionally, the 'native-search-paths' field is not thunked, +;; so doing (package-native-search-paths openssl) +;; could cause import cycle issues. +(define-public $SSL_CERT_DIR + (search-path-specification + (variable "SSL_CERT_DIR") + (separator #f) ;single entry + (files '("etc/ssl/certs")))) + +(define-public $SSL_CERT_FILE + (search-path-specification + (variable "SSL_CERT_FILE") + (file-type 'regular) + (separator #f) ;single entry + (files '("etc/ssl/certs/ca-certificates.crt")))) + (define (search-path-specification->sexp spec) "Return an sexp representing SPEC, a . The sexp corresponds to the arguments expected by `set-path-environment-variable'."