daemon: Use `openssl' from $PATH.

* daemon.am (-DOPENSSL_PATH): Default to "openssl".
* TODO: Mention removal of OpenSSL dependency.
This commit is contained in:
Ludovic Courtès 2012-12-12 15:32:35 +01:00
parent 4d152bf1d9
commit a9128eac41
2 changed files with 10 additions and 1 deletions

9
TODO
View File

@ -14,6 +14,15 @@ and GC-related tasks. The daemon mainly uses libstore from Nix.
Integrating it in Guix itself will make Guix self-contained, thereby
simplifying our users lives.
** Remove dependency on OpenSSL
The openssl command-line tool is used in libstore to sign store paths
to be exported, and to check such signatures. The signing keys are
usually in /etc/nix/signing-key.{pub,sec}. They are a PKCS#8-encoded
X.509 SubjectPublicKeyInfo. These can be decoded with the [[http://lists.gnu.org/archive/html/help-gnutls/2012-12/msg00012.html][C API of
GnuTLS]], but not yet with its Guile bindings. Theres also
gnutls_privkey_sign_data to sign, and related functions.
* infrastructure
** have a Hydra instance build Guix packages

View File

@ -114,7 +114,7 @@ libstore_a_CPPFLAGS = \
-DNIX_CONF_DIR=\"$(sysconfdir)/nix\" \
-DNIX_LIBEXEC_DIR=\"$(libexecdir)\" \
-DNIX_BIN_DIR=\"$(bindir)\" \
-DOPENSSL_PATH="\"FIXME--no OpenSSL support\""
-DOPENSSL_PATH="\"openssl\""
libstore_a_CFLAGS = \
$(SQLITE3_CFLAGS) $(LIBGCRYPT_CFLAGS)