diff options
author | Ludovic Courtès <ludo@gnu.org> | 2012-12-12 15:32:35 +0100 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2012-12-12 15:32:35 +0100 |
commit | a9128eac414e56882a12571e4856873a19ff6ec3 (patch) | |
tree | e12bc338d77c78fff998953dd0d7f1cf27f22e18 /TODO | |
parent | 4d152bf1d9ff894119e913e6506632348107cf65 (diff) | |
download | guix-a9128eac414e56882a12571e4856873a19ff6ec3.tar.gz guix-a9128eac414e56882a12571e4856873a19ff6ec3.zip |
daemon: Use `openssl' from $PATH.
* daemon.am (-DOPENSSL_PATH): Default to "openssl".
* TODO: Mention removal of OpenSSL dependency.
Diffstat (limited to 'TODO')
-rw-r--r-- | TODO | 9 |
1 files changed, 9 insertions, 0 deletions
@@ -14,6 +14,15 @@ and GC-related tasks. The daemon mainly uses ‘libstore’ from Nix. Integrating it in Guix itself will make Guix self-contained, thereby simplifying our users’ lives. +** Remove dependency on OpenSSL + +The ‘openssl’ command-line tool is used in libstore to sign store paths +to be exported, and to check such signatures. The signing keys are +usually in /etc/nix/signing-key.{pub,sec}. They are a PKCS#8-encoded +X.509 SubjectPublicKeyInfo. These can be decoded with the [[http://lists.gnu.org/archive/html/help-gnutls/2012-12/msg00012.html][C API of +GnuTLS]], but not yet with its Guile bindings. There’s also +‘gnutls_privkey_sign_data’ to sign, and related functions. + * infrastructure ** have a Hydra instance build Guix packages |