From 678a5ead966cc319bd590337c5248c08f254d3ab Mon Sep 17 00:00:00 2001 From: tobtoht Date: Fri, 24 Mar 2023 05:16:28 +0100 Subject: [PATCH] guix: cleanup unused signing packages --- contrib/guix/manifest.scm | 303 +------------------------------------- 1 file changed, 2 insertions(+), 301 deletions(-) diff --git a/contrib/guix/manifest.scm b/contrib/guix/manifest.scm index 2026a4b..50fe0ba 100644 --- a/contrib/guix/manifest.scm +++ b/contrib/guix/manifest.scm @@ -257,304 +257,6 @@ chain for " target " development.")) parse, modify and abstract ELF, PE and MachO formats.") (license license:asl2.0))) -(define osslsigncode - (package - (name "osslsigncode") - (version "2.0") - (source (origin - (method url-fetch) - (uri (string-append "https://github.com/mtrojnar/" - name "/archive/" version ".tar.gz")) - (sha256 - (base32 - "0byri6xny770wwb2nciq44j5071122l14bvv65axdd70nfjf0q2s")))) - (build-system gnu-build-system) - (native-inputs - `(("pkg-config" ,pkg-config) - ("autoconf" ,autoconf) - ("automake" ,automake) - ("libtool" ,libtool))) - (inputs - `(("openssl" ,openssl))) - (arguments - `(#:configure-flags - `("--without-gsf" - "--without-curl" - "--disable-dependency-tracking"))) - (home-page "https://github.com/mtrojnar/osslsigncode") - (synopsis "Authenticode signing and timestamping tool") - (description "osslsigncode is a small tool that implements part of the -functionality of the Microsoft tool signtool.exe - more exactly the Authenticode -signing and timestamping. But osslsigncode is based on OpenSSL and cURL, and -thus should be able to compile on most platforms where these exist.") - (license license:gpl3+))) ; license is with openssl exception - -(define-public python-elfesteem - (let ((commit "2eb1e5384ff7a220fd1afacd4a0170acff54fe56")) - (package - (name "python-elfesteem") - (version (git-version "0.1" "1" commit)) - (source - (origin - (method git-fetch) - (uri (git-reference - (url "https://github.com/LRGH/elfesteem") - (commit commit))) - (file-name (git-file-name name commit)) - (sha256 - (base32 - "07x6p8clh11z8s1n2kdxrqwqm2almgc5qpkcr9ckb6y5ivjdr5r6")))) - (build-system python-build-system) - ;; There are no tests, but attempting to run python setup.py test leads to - ;; PYTHONPATH problems, just disable the test - (arguments '(#:tests? #f)) - (home-page "https://github.com/LRGH/elfesteem") - (synopsis "ELF/PE/Mach-O parsing library") - (description "elfesteem parses ELF, PE and Mach-O files.") - (license license:lgpl2.1)))) - -(define-public python-oscrypto - (package - (name "python-oscrypto") - (version "1.2.1") - (source - (origin - (method git-fetch) - (uri (git-reference - (url "https://github.com/wbond/oscrypto") - (commit version))) - (file-name (git-file-name name version)) - (sha256 - (base32 - "1d4d8s4z340qhvb3g5m5v3436y3a71yc26wk4749q64m09kxqc3l")) - (patches (search-our-patches "oscrypto-hard-code-openssl.patch")))) - (build-system python-build-system) - (native-search-paths - (list (search-path-specification - (variable "SSL_CERT_FILE") - (file-type 'regular) - (separator #f) ;single entry - (files '("etc/ssl/certs/ca-certificates.crt"))))) - - (propagated-inputs - `(("python-asn1crypto" ,python-asn1crypto) - ("openssl" ,openssl))) - (arguments - `(#:phases - (modify-phases %standard-phases - (add-after 'unpack 'hard-code-path-to-libscrypt - (lambda* (#:key inputs #:allow-other-keys) - (let ((openssl (assoc-ref inputs "openssl"))) - (substitute* "oscrypto/__init__.py" - (("@GUIX_OSCRYPTO_USE_OPENSSL@") - (string-append openssl "/lib/libcrypto.so" "," openssl "/lib/libssl.so"))) - #t))) - (add-after 'unpack 'disable-broken-tests - (lambda _ - ;; This test is broken as there is no keyboard interrupt. - (substitute* "tests/test_trust_list.py" - (("^(.*)class TrustListTests" line indent) - (string-append indent - "@unittest.skip(\"Disabled by Guix\")\n" - line))) - (substitute* "tests/test_tls.py" - (("^(.*)class TLSTests" line indent) - (string-append indent - "@unittest.skip(\"Disabled by Guix\")\n" - line))) - #t)) - (replace 'check - (lambda _ - (invoke "python" "run.py" "tests") - #t))))) - (home-page "https://github.com/wbond/oscrypto") - (synopsis "Compiler-free Python crypto library backed by the OS") - (description "oscrypto is a compilation-free, always up-to-date encryption library for Python.") - (license license:expat))) - -(define-public python-oscryptotests - (package (inherit python-oscrypto) - (name "python-oscryptotests") - (propagated-inputs - `(("python-oscrypto" ,python-oscrypto))) - (arguments - `(#:tests? #f - #:phases - (modify-phases %standard-phases - (add-after 'unpack 'hard-code-path-to-libscrypt - (lambda* (#:key inputs #:allow-other-keys) - (chdir "tests") - #t))))))) - -(define-public python-certvalidator - (let ((commit "a145bf25eb75a9f014b3e7678826132efbba6213")) - (package - (name "python-certvalidator") - (version (git-version "0.1" "1" commit)) - (source - (origin - (method git-fetch) - (uri (git-reference - (url "https://github.com/achow101/certvalidator") - (commit commit))) - (file-name (git-file-name name commit)) - (sha256 - (base32 - "1qw2k7xis53179lpqdqyylbcmp76lj7sagp883wmxg5i7chhc96k")))) - (build-system python-build-system) - (propagated-inputs - `(("python-asn1crypto" ,python-asn1crypto) - ("python-oscrypto" ,python-oscrypto) - ("python-oscryptotests", python-oscryptotests))) ;; certvalidator tests import oscryptotests - (arguments - `(#:phases - (modify-phases %standard-phases - (add-after 'unpack 'disable-broken-tests - (lambda _ - (substitute* "tests/test_certificate_validator.py" - (("^(.*)class CertificateValidatorTests" line indent) - (string-append indent - "@unittest.skip(\"Disabled by Guix\")\n" - line))) - (substitute* "tests/test_crl_client.py" - (("^(.*)def test_fetch_crl" line indent) - (string-append indent - "@unittest.skip(\"Disabled by Guix\")\n" - line))) - (substitute* "tests/test_ocsp_client.py" - (("^(.*)def test_fetch_ocsp" line indent) - (string-append indent - "@unittest.skip(\"Disabled by Guix\")\n" - line))) - (substitute* "tests/test_registry.py" - (("^(.*)def test_build_paths" line indent) - (string-append indent - "@unittest.skip(\"Disabled by Guix\")\n" - line))) - (substitute* "tests/test_validate.py" - (("^(.*)def test_revocation_mode_hard" line indent) - (string-append indent - "@unittest.skip(\"Disabled by Guix\")\n" - line))) - (substitute* "tests/test_validate.py" - (("^(.*)def test_revocation_mode_soft" line indent) - (string-append indent - "@unittest.skip(\"Disabled by Guix\")\n" - line))) - #t)) - (replace 'check - (lambda _ - (invoke "python" "run.py" "tests") - #t))))) - (home-page "https://github.com/wbond/certvalidator") - (synopsis "Python library for validating X.509 certificates and paths") - (description "certvalidator is a Python library for validating X.509 -certificates or paths. Supports various options, including: validation at a -specific moment in time, whitelisting and revocation checks.") - (license license:expat)))) - -(define-public python-altgraph - (package - (name "python-altgraph") - (version "0.17") - (source - (origin - (method git-fetch) - (uri (git-reference - (url "https://github.com/ronaldoussoren/altgraph") - (commit (string-append "v" version)))) - (file-name (git-file-name name version)) - (sha256 - (base32 - "09sm4srvvkw458pn48ga9q7ykr4xlz7q8gh1h9w7nxpf001qgpwb")))) - (build-system python-build-system) - (home-page "https://github.com/ronaldoussoren/altgraph") - (synopsis "Python graph (network) package") - (description "altgraph is a fork of graphlib: a graph (network) package for -constructing graphs, BFS and DFS traversals, topological sort, shortest paths, -etc. with graphviz output.") - (license license:expat))) - -(define-public python-macholib - (package - (name "python-macholib") - (version "1.14") - (source - (origin - (method git-fetch) - (uri (git-reference - (url "https://github.com/ronaldoussoren/macholib") - (commit (string-append "v" version)))) - (file-name (git-file-name name version)) - (sha256 - (base32 - "0aislnnfsza9wl4f0vp45ivzlc0pzhp9d4r08700slrypn5flg42")))) - (build-system python-build-system) - (propagated-inputs - `(("python-altgraph" ,python-altgraph))) - (arguments - '(#:phases - (modify-phases %standard-phases - (add-after 'unpack 'disable-broken-tests - (lambda _ - ;; This test is broken as there is no keyboard interrupt. - (substitute* "macholib_tests/test_command_line.py" - (("^(.*)class TestCmdLine" line indent) - (string-append indent - "@unittest.skip(\"Disabled by Guix\")\n" - line))) - (substitute* "macholib_tests/test_dyld.py" - (("^(.*)def test_\\S+_find" line indent) - (string-append indent - "@unittest.skip(\"Disabled by Guix\")\n" - line)) - (("^(.*)def testBasic" line indent) - (string-append indent - "@unittest.skip(\"Disabled by Guix\")\n" - line)) - ) - #t))))) - (home-page "https://github.com/ronaldoussoren/macholib") - (synopsis "Python library for analyzing and editing Mach-O headers") - (description "macholib is a Macho-O header analyzer and editor. It's -typically used as a dependency analysis tool, and also to rewrite dylib -references in Mach-O headers to be @executable_path relative. Though this tool -targets a platform specific file format, it is pure python code that is platform -and endian independent.") - (license license:expat))) - -(define-public python-signapple - (let ((commit "8a945a2e7583be2665cf3a6a89d665b70ecd1ab6")) - (package - (name "python-signapple") - (version (git-version "0.1" "1" commit)) - (source - (origin - (method git-fetch) - (uri (git-reference - (url "https://github.com/achow101/signapple") - (commit commit))) - (file-name (git-file-name name commit)) - (sha256 - (base32 - "0fr1hangvfyiwflca6jg5g8zvg3jc9qr7vd2c12ff89pznf38dlg")))) - (build-system python-build-system) - (propagated-inputs - `(("python-asn1crypto" ,python-asn1crypto) - ("python-oscrypto" ,python-oscrypto) - ("python-certvalidator" ,python-certvalidator) - ("python-elfesteem" ,python-elfesteem) - ("python-requests" ,python-requests) - ("python-macholib" ,python-macholib))) - ;; There are no tests, but attempting to run python setup.py test leads to - ;; problems, just disable the test - (arguments '(#:tests? #f)) - (home-page "https://github.com/achow101/signapple") - (synopsis "Mach-O binary signature tool") - (description "signapple is a Python tool for creating, verifying, and -inspecting signatures in Mach-O binaries.") - (license license:expat)))) - (define (make-glibc-without-werror glibc) (package-with-extra-configure-variable glibc "enable_werror" "no")) @@ -707,10 +409,9 @@ inspecting signatures in Mach-O binaries.") (cond ((string-suffix? "-mingw32" target) ;; Windows (list (make-mingw-pthreads-cross-toolchain "x86_64-w64-mingw32") - (make-nsis-for-gcc-10 nsis-x86_64) - osslsigncode)) + (make-nsis-for-gcc-10 nsis-x86_64))) ((string-contains target "-linux-") (list (make-bitcoin-cross-toolchain target) cmake)) ((string-contains target "darwin") - (list clang-toolchain-10 binutils cmake python-signapple ldid)) + (list clang-toolchain-10 binutils cmake ldid)) (else '())))))