openssl: remove run-time dependency of perl due to c_rehash

Replaces perl based c_rehash script with shell script wrapping `openssl rehash` with the same functionality. Fixes: #19965 Supersedes: #156776, #83446 Possibly related to: #157093, #82924
2023-03-03 09:00:16 +00:00 · 2023-03-03 09:00:16 +00:00 · 18f1be7071
commit 18f1be7071
parent 731f1a0ffb
1 changed files with 11 additions and 23 deletions
--- a/pkgs/development/libraries/openssl/default.nix
+++ b/pkgs/development/libraries/openssl/default.nix
@ -1,14 +1,11 @@
-{ lib, stdenv, fetchurl, buildPackages, perl, coreutils
+{ lib, stdenv, fetchurl, buildPackages, perl, coreutils, writeShellScript
+, makeWrapper
 , withCryptodev ? false, cryptodev
 , withZlib ? false, zlib
 , enableSSL2 ? false
 , enableSSL3 ? false
 , enableKTLS ? stdenv.isLinux
 , static ? stdenv.hostPlatform.isStatic
-# Used to avoid cross compiling perl, for example, in darwin bootstrap tools.
-# This will cause c_rehash to refer to perl via the environment, but otherwise
-# will produce a perfectly functional openssl binary and library.
-, withPerl ? stdenv.hostPlatform == stdenv.buildPlatform
 # path to openssl.cnf file. will be placed in $etc/etc/ssl/openssl.cnf to replace the default
 , conf ? null
 , removeReferencesTo
@ -72,12 +69,9 @@ let
      !(stdenv.hostPlatform.useLLVM or false) &&
      stdenv.cc.isGNU;

-    nativeBuildInputs = [ perl ]
+    nativeBuildInputs = [ makeWrapper perl ]
      ++ lib.optionals static [ removeReferencesTo ];
    buildInputs = lib.optional withCryptodev cryptodev
-      # perl is included to allow the interpreter path fixup hook to set the
-      # correct interpreter in c_rehash.
-      ++ lib.optional withPerl perl
      ++ lib.optional withZlib zlib;

    # TODO(@Ericson2314): Improve with mass rebuild
@ -172,23 +166,17 @@ let

      # 'etc' is a separate output on static builds only.
      etc=$out
-    '') + lib.optionalString (!stdenv.hostPlatform.isWindows)
-      # Fix bin/c_rehash's perl interpreter line
-      #
-      # - openssl 1_0_2: embeds a reference to buildPackages.perl
-      # - openssl 1_1:   emits "#!/usr/bin/env perl"
-      #
-      # In the case of openssl_1_0_2, reset the invalid reference and let the
-      # interpreter hook take care of it.
-      #
-      # In both cases, if withPerl = false, the intepreter line is expected be
-      # "#!/usr/bin/env perl"
-    ''
-      substituteInPlace $out/bin/c_rehash --replace ${buildPackages.perl}/bin/perl "/usr/bin/env perl"
-    '' + ''
+    '') + ''
      mkdir -p $bin
      mv $out/bin $bin/bin

+      # c_rehash is a legacy perl script with the same functionality
+      # as `openssl rehash`
+      # this wrapper script is created to maintain backwards compatibility without
+      # depending on perl
+      makeWrapper $bin/bin/openssl $bin/bin/c_rehash \
+        --add-flags "rehash"
+
      mkdir $dev
      mv $out/include $dev/