nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-04-15 11:08:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

openssl: stop static binaries referencing libs

Browse Source 
Previously, the "out" output of openssl would contain would contain a
couple of tiny libraries in etc/, and the big OpenSSL libraries in
lib/.  This bloated closures when building things against OpenSSL with
pkgsStatic.  To fix this, introduce a lib output, so only the config
files are left in out.

Additionally, we have to disable support for dynamic engines in static
builds to avoid a reference to the engines directory in $lib.  I don't
think it's likely that this would ever have worked anyway.
This commit is contained in:
Alyssa Ross 2022-01-24 12:49:58 +00:00
parent a6659c6444
commit 71f1f4884b
1 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
pkgs/development/libraries/openssl/default.nix
View File

@ -45,7 +45,7 @@ let
'!defined(__ANDROID__) && !defined(__OpenBSD__) && 0' '!defined(__ANDROID__) && !defined(__OpenBSD__) && 0'
''; '';
outputs = [ "bin" "dev" "out" "man" ] ++ lib.optional withDocs "doc"; outputs = [ "bin" "dev" "out" "lib" "man" ] ++ lib.optional withDocs "doc";
setOutputFlags = false; setOutputFlags = false;
separateDebugInfo = separateDebugInfo =
!stdenv.hostPlatform.isDarwin && !stdenv.hostPlatform.isDarwin &&
@ -94,7 +94,7 @@ let
dontAddStaticConfigureFlags = true; dontAddStaticConfigureFlags = true;
configureFlags = [ configureFlags = [
"shared" # "shared" builds both shared and static libraries "shared" # "shared" builds both shared and static libraries
"--libdir=lib" "--libdir=${placeholder "lib"}/lib"
"--openssldir=etc/ssl" "--openssldir=etc/ssl"
] ++ lib.optionals withCryptodev [ ] ++ lib.optionals withCryptodev [
"-DHAVE_CRYPTODEV" "-DHAVE_CRYPTODEV"
@ -103,6 +103,7 @@ let
++ lib.optional enableSSL3 "enable-ssl3" ++ lib.optional enableSSL3 "enable-ssl3"
++ lib.optional (lib.versionAtLeast version "3.0.0") "enable-ktls" ++ lib.optional (lib.versionAtLeast version "3.0.0") "enable-ktls"
++ lib.optional (lib.versionAtLeast version "1.1.0" && stdenv.hostPlatform.isAarch64) "no-afalgeng" ++ lib.optional (lib.versionAtLeast version "1.1.0" && stdenv.hostPlatform.isAarch64) "no-afalgeng"
++ lib.optional static "disable-dynamic-engine"
# OpenSSL needs a specific `no-shared` configure flag. # OpenSSL needs a specific `no-shared` configure flag.
# See https://wiki.openssl.org/index.php/Compilation_and_Installation#Configure_Options # See https://wiki.openssl.org/index.php/Compilation_and_Installation#Configure_Options
# for a comprehensive list of configuration options. # for a comprehensive list of configuration options.
@ -117,8 +118,21 @@ let
"MANSUFFIX=ssl" "MANSUFFIX=ssl"
]; ];
buildFlags = lib.optionals static [
# Even though engines are disabled in static builds, we have to
# override ENGINESDIR so the bin output doesn't end up with an
# reference to the lib output.
"ENGINESDIR=/"
];
enableParallelBuilding = true; enableParallelBuilding = true;
preInstall = lib.optionalString static ''
# Build system wants to be able to create the engines directory
# even though nothing will get installed to it.
installFlagsArray+=(ENGINESDIR="$NIX_BUILD_TOP/engines")
'';
postInstall = postInstall =
lib.optionalString (!static) '' lib.optionalString (!static) ''
# If we're building dynamic libraries, then don't install static # If we're building dynamic libraries, then don't install static