[1/2] gnu: Add sqlcipher.

  * gnu/packages/database.scm (sqlcipher): New variable.
---
 gnu/packages/databases.scm | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
  

On Wed, Sep 14, 2016 at 03:30:13PM -0400, Andy Patterson wrote:
> * gnu/packages/database.scm (sqlcipher): New variable.
> ---
>  gnu/packages/databases.scm | 37 +++++++++++++++++++++++++++++++++++++
>  1 file changed, 37 insertions(+)
> 
> diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm
> index fc31653..d424848 100644
> --- a/gnu/packages/databases.scm
> +++ b/gnu/packages/databases.scm
> @@ -11,6 +11,7 @@
>  ;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
>  ;;; Copyright © 2016 Roel Janssen <roel@gnu.org>
>  ;;; Copyright © 2016 David Craven <david@craven.ch>
> +;;; Copyright © 2016 Andy Patterson <ajpatter@uwaterloo.ca>
>  ;;;
>  ;;; This file is part of GNU Guix.
>  ;;;
> @@ -33,11 +34,13 @@
>    #:use-module (gnu packages avahi)
>    #:use-module (gnu packages bash)
>    #:use-module (gnu packages boost)
> +  #:use-module (gnu packages crypto)
>    #:use-module (gnu packages gettext)
>    #:use-module (gnu packages glib)
>    #:use-module (gnu packages perl)
>    #:use-module (gnu packages language)
>    #:use-module (gnu packages linux)
> +  #:use-module (gnu packages tcl)
>    #:use-module (gnu packages tls)
>    #:use-module (gnu packages compression)
>    #:use-module (gnu packages ncurses)
> @@ -1094,3 +1097,37 @@ trees (LSM), for sustained throughput under random insert workloads.")
>      (synopsis "Lightning memory-mapped database library")
>      (description "Lightning memory-mapped database library.")
>      (license license:openldap2.8)))
> +
> +(define-public sqlcipher
> +  (package
> +    (name "sqlcipher")
> +    (version "3.4.0")
> +    (source
> +     (origin
> +       (method url-fetch)
> +       (uri (string-append "https://github.com/sqlcipher/" name
> +                           "/archive/v" version ".tar.gz"))
> +       (sha256
> +        (base32 "1l23lbp9pmf20xkshrs45gbg0igixr6dwdbvgfzh5plnyzn05dwr"))
> +       (file-name (string-append name "-" version ".tar.gz"))))
> +    (build-system gnu-build-system)
> +    (inputs
> +     `(("libcrypto" ,openssl)))
> +    (native-inputs
> +     `(("tcl" ,tcl)))
> +    (arguments
> +     '(#:configure-flags
> +       '("--enable-tempstore=yes"
> +         "CFLAGS=-DSQLITE_HAS_CODEC"
> +         "LDFLAGS=-lcrypto"
> +         "--disable-tcl")
> +       ;; tests are un-maintained in this fork
> +       #:tests? #f))
> +    (home-page "https://www.zetetic.net/sqlcipher/")
> +    (synopsis
> +     "Library providing transparent encryption of SQLite database files")
> +    (description "SQLCipher is an SQLite extension that provides transparent
> +256-bit AES encryption of database files.  Pages are encrypted before being
> +written to disk and are decrypted when read back.  It’s well suited for
> +protecting embedded application databases and for mobile development.")
> +    (license license:bsd-3)))
> -- 
> 2.10.0
> 

I'm a little confused how much of this is actually upstream sqlite and
how much is their own code. The commit messages look like they're
continually merging in sqlite. Also, many of the files in the src folder
I checked are public-domain and not bsd-3 licensed.
  

On Tue, Sep 20, 2016 at 11:42:44AM +0300, Efraim Flashner wrote:
> On Wed, Sep 14, 2016 at 03:30:13PM -0400, Andy Patterson wrote:
> > +       ;; tests are un-maintained in this fork
> > +       #:tests? #f))
> > +    (home-page "https://www.zetetic.net/sqlcipher/")
> > +    (synopsis
> > +     "Library providing transparent encryption of SQLite database files")
> > +    (description "SQLCipher is an SQLite extension that provides transparent
> > +256-bit AES encryption of database files.  Pages are encrypted before being
> > +written to disk and are decrypted when read back.  It’s well suited for
> > +protecting embedded application databases and for mobile development.")
> > +    (license license:bsd-3)))
> > -- 
> > 2.10.0
> > 
> 
> I'm a little confused how much of this is actually upstream sqlite and
> how much is their own code. The commit messages look like they're
> continually merging in sqlite. Also, many of the files in the src folder
> I checked are public-domain and not bsd-3 licensed.

I'm also wondering what the relationship is between this project and
SQLite. The comment about disabling tests describes SQLCipher as a fork,
but the SQLCipher home page describe it as an extension.
  

On Tue, 20 Sep 2016 17:49:50 -0400
Leo Famulari <leo@famulari.name> wrote:

> On Tue, Sep 20, 2016 at 11:42:44AM +0300, Efraim Flashner wrote:
> > On Wed, Sep 14, 2016 at 03:30:13PM -0400, Andy Patterson wrote:  
> > > +       ;; tests are un-maintained in this fork
> > > +       #:tests? #f))
> > > +    (home-page "https://www.zetetic.net/sqlcipher/")
> > > +    (synopsis
> > > +     "Library providing transparent encryption of SQLite
> > > database files")
> > > +    (description "SQLCipher is an SQLite extension that provides
> > > transparent +256-bit AES encryption of database files.  Pages are
> > > encrypted before being +written to disk and are decrypted when
> > > read back.  It’s well suited for +protecting embedded application
> > > databases and for mobile development.")
> > > +    (license license:bsd-3)))
> > > -- 
> > > 2.10.0
> > >   
> > 
> > I'm a little confused how much of this is actually upstream sqlite
> > and how much is their own code. The commit messages look like
> > they're continually merging in sqlite. Also, many of the files in
> > the src folder I checked are public-domain and not bsd-3 licensed.  
> 
> I'm also wondering what the relationship is between this project and
> SQLite. The comment about disabling tests describes SQLCipher as a
> fork, but the SQLCipher home page describe it as an extension.

I'd say it's a fork based on the source structure and commit history as
Efraim mentioned. I think the upstream describes it as an extension
because it adds extra behaviour on top of SQLite while maintaining API
compatibility, rather than changing its fundamental behaviour. I could
alter the description (I've currently just used the upstream's wording)
in order to reflect the fact that this isn't an SQLite "loadable
extension". Do you have any reccomendations along those lines?

Thanks,

--
Andy
  

On Tue, 20 Sep 2016 11:42:44 +0300
Efraim Flashner <efraim@flashner.co.il> wrote:

> I'm a little confused how much of this is actually upstream sqlite and
> how much is their own code. The commit messages look like they're
> continually merging in sqlite. Also, many of the files in the src
> folder I checked are public-domain and not bsd-3 licensed.
> 

You're right; it seems to be the new files which the project has added
which fall under the bsd-3 license. I'll do some investigation in order
to make the license field more descriptive, and send an updated patch.

Thanks,

--
Andy