From b7e2eb1e2111ae9ef1be83e1bf34154f30afedbc Mon Sep 17 00:00:00 2001 From: Markus Theil Date: Sat, 5 Oct 2024 11:09:56 +0200 Subject: [PATCH] openssl_3_2: remove and switch single user to the default openssl Signed-off-by: Markus Theil Picked from PR https://github.com/NixOS/nixpkgs/pull/345998 except that vcunat used `openssl` instead of `openssl_3_3` I do think that we should be well covered with 3.0 and 3.3. https://github.com/openssl/openssl/blob/openssl-3.3.0/NEWS.md --- .../use-etc-ssl-certs-darwin.patch | 0 .../{3.2 => 3.3}/use-etc-ssl-certs.patch | 0 .../development/libraries/openssl/default.nix | 27 ++----------------- .../networking/cloudflare-warp/default.nix | 4 +-- pkgs/top-level/all-packages.nix | 1 - 5 files changed, 4 insertions(+), 28 deletions(-) rename pkgs/development/libraries/openssl/{3.2 => 3.3}/use-etc-ssl-certs-darwin.patch (100%) rename pkgs/development/libraries/openssl/{3.2 => 3.3}/use-etc-ssl-certs.patch (100%) diff --git a/pkgs/development/libraries/openssl/3.2/use-etc-ssl-certs-darwin.patch b/pkgs/development/libraries/openssl/3.3/use-etc-ssl-certs-darwin.patch similarity index 100% rename from pkgs/development/libraries/openssl/3.2/use-etc-ssl-certs-darwin.patch rename to pkgs/development/libraries/openssl/3.3/use-etc-ssl-certs-darwin.patch diff --git a/pkgs/development/libraries/openssl/3.2/use-etc-ssl-certs.patch b/pkgs/development/libraries/openssl/3.3/use-etc-ssl-certs.patch similarity index 100% rename from pkgs/development/libraries/openssl/3.2/use-etc-ssl-certs.patch rename to pkgs/development/libraries/openssl/3.3/use-etc-ssl-certs.patch diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index 0c6c8ae98a09..3dee6474adee 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -312,29 +312,6 @@ in { }; }; - openssl_3_2 = common { - version = "3.2.3"; - hash = "sha256-UrXxxrgCK8WGjDCMVPt3cF5wLWxvRZT5mg3yFqz0Yjk="; - - patches = [ - ./3.0/nix-ssl-cert-file.patch - - # openssl will only compile in KTLS if the current kernel supports it. - # This patch disables build-time detection. - ./3.0/openssl-disable-kernel-detection.patch - - (if stdenv.hostPlatform.isDarwin - then ./3.2/use-etc-ssl-certs-darwin.patch - else ./3.2/use-etc-ssl-certs.patch) - ]; - - withDocs = true; - - extraMeta = { - license = lib.licenses.asl20; - }; - }; - openssl_3_3 = common { version = "3.3.2"; hash = "sha256-LopAsBl5r+i+C7+z3l3BxnCf7bRtbInBDaEUq1/D0oE="; @@ -347,8 +324,8 @@ in { ./3.0/openssl-disable-kernel-detection.patch (if stdenv.hostPlatform.isDarwin - then ./3.2/use-etc-ssl-certs-darwin.patch - else ./3.2/use-etc-ssl-certs.patch) + then ./3.3/use-etc-ssl-certs-darwin.patch + else ./3.3/use-etc-ssl-certs.patch) ]; withDocs = true; diff --git a/pkgs/tools/networking/cloudflare-warp/default.nix b/pkgs/tools/networking/cloudflare-warp/default.nix index c36ec7c947b1..fb03bee688a6 100644 --- a/pkgs/tools/networking/cloudflare-warp/default.nix +++ b/pkgs/tools/networking/cloudflare-warp/default.nix @@ -11,7 +11,7 @@ , makeWrapper , nftables , nss -, openssl_3_2 +, openssl }: stdenv.mkDerivation rec { @@ -42,7 +42,7 @@ stdenv.mkDerivation rec { dbus gtk3 libpcap - openssl_3_2 + openssl nss stdenv.cc.cc.lib ]; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index ab9a453819d5..1d7359382592 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -22467,7 +22467,6 @@ with pkgs; inherit (callPackages ../development/libraries/openssl { }) openssl_1_1 openssl_3 - openssl_3_2 openssl_3_3; opensubdiv = callPackage ../development/libraries/opensubdiv { };