Merge pull request #195828 from helsinki-systems/revert/openssl

openssl: revert withdrawn releases

pkgs/development/libraries/openssl/3.0/openssl-disable-kernel-detection.patch

@@ -1,25 +1,22 @@
 diff --git a/Configure b/Configure
-index a558e5ab1a..9a884f0b0f 100755
+index f0ad787bc4..a48d2008c6 100755
 --- a/Configure
 +++ b/Configure
-@@ -1714,20 +1714,6 @@ unless ($disabled{devcryptoeng}) {
- 
+@@ -1688,17 +1688,6 @@ unless ($disabled{devcryptoeng}) {
  unless ($disabled{ktls}) {
      $config{ktls}="";
--    my $cc = $config{CROSS_COMPILE}.$config{CC};
--    if ($target =~ m/^linux/) {
--        system("printf '#include <sys/types.h>\n#include <linux/tls.h>' | $cc -E - >/dev/null 2>&1");
--        if ($? != 0) {
+     if ($target =~ m/^linux/) {
+-        my $usr = "/usr/$config{cross_compile_prefix}";
+-        chop($usr);
+-        if ($config{cross_compile_prefix} eq "") {
+-            $usr = "/usr";
+-        }
+-        my $minver = (4 << 16) + (13 << 8) + 0;
+-        my @verstr = split(" ",`cat $usr/include/linux/version.h | grep LINUX_VERSION_CODE`);
+-
+-        if ($verstr[2] < $minver) {
 -            disable('too-old-kernel', 'ktls');
 -        }
--    } elsif ($target =~ m/^BSD/) {
--        system("printf '#include <sys/types.h>\n#include <sys/ktls.h>' | $cc -E - >/dev/null 2>&1");
--        if ($? != 0) {
--            disable('too-old-freebsd', 'ktls');
--        }
--    } else {
--        disable('not-linux-or-freebsd', 'ktls');
--    }
- }
- 
- push @{$config{openssl_other_defines}}, "OPENSSL_NO_KTLS" if ($disabled{ktls});
+     } elsif ($target =~ m/^BSD/) {
+         my $cc = $config{CROSS_COMPILE}.$config{CC};
+         system("printf '#include <sys/types.h>\n#include <sys/ktls.h>' | $cc -E - >/dev/null 2>&1");

pkgs/development/libraries/openssl/default.nix

@@ -16,14 +16,14 @@
 # files.
 
 let
-  common = { version, hash, patches ? [], withDocs ? false, extraMeta ? {} }:
+  common = { version, sha256, patches ? [], withDocs ? false, extraMeta ? {} }:
    stdenv.mkDerivation rec {
     pname = "openssl";
     inherit version;
 
     src = fetchurl {
       url = "https://www.openssl.org/source/${pname}-${version}.tar.gz";
-      inherit hash;
+      inherit sha256;
     };
 
     inherit patches;
@@ -213,8 +213,8 @@ in {
 
 
   openssl_1_1 = common rec {
-    version = "1.1.1r";
-    hash = "sha256-44k1KuPVrk04WXv4pU8dy2+zyLUPT+WKlLsb9/hdgqA=";
+    version = "1.1.1q";
+    sha256 = "sha256-15Oc5hQCnN/wtsIPDi5XAxWKSJpyslB7i9Ub+Mj9EMo=";
     patches = [
       ./1.1/nix-ssl-cert-file.patch
 
@@ -228,8 +228,8 @@ in {
   };
 
   openssl_3 = common {
-    version = "3.0.6";
-    hash = "sha256-5KEKKYaUXj8aHy69aKx4BEmhdzuWtqF0/fZQ1ryWEfE=";
+    version = "3.0.5";
+    sha256 = "sha256-qn2Nm+9xrWUlxVuhHl9Dl4ic5Jwsk0nc6m0+TwsCSno=";
     patches = [
       ./3.0/nix-ssl-cert-file.patch