diff options
author | Matthew Bauer <mjbauer95@gmail.com> | 2020-07-06 14:41:57 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-07-06 14:41:57 -0400 |
commit | a2c2a8648828cbfb8e022e244ccfa7787072443c (patch) | |
tree | 6aae259f4cb74db7ffc42f1342cb16fca28966c6 | |
parent | a07576adfa22725f214cd73d28b982d54a30fe2a (diff) | |
parent | 669eb09bd5b4f539e8d93383697a4ddfdacac239 (diff) |
Merge pull request #89885 from matthewbauer/fetchurl-no-hash
fetchurl: allow empty hash
-rw-r--r-- | pkgs/build-support/fetchurl/builder.sh | 8 | ||||
-rw-r--r-- | pkgs/build-support/fetchurl/default.nix | 9 | ||||
-rw-r--r-- | pkgs/development/arduino/arduino-core/default.nix | 44 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 1 |
4 files changed, 36 insertions, 26 deletions
diff --git a/pkgs/build-support/fetchurl/builder.sh b/pkgs/build-support/fetchurl/builder.sh index e93c98419a67..5b04a702aff4 100644 --- a/pkgs/build-support/fetchurl/builder.sh +++ b/pkgs/build-support/fetchurl/builder.sh @@ -15,8 +15,14 @@ curl=( --retry 3 --disable-epsv --cookie-jar cookies - --insecure --user-agent "curl/$curlVersion Nixpkgs/$nixpkgsVersion" +) + +if ! [ -f "$SSL_CERT_FILE" ]; then + curl+=(--insecure) +fi + +curl+=( $curlOpts $NIX_CURL_FLAGS ) diff --git a/pkgs/build-support/fetchurl/default.nix b/pkgs/build-support/fetchurl/default.nix index a0c48468dfac..c65738aef41a 100644 --- a/pkgs/build-support/fetchurl/default.nix +++ b/pkgs/build-support/fetchurl/default.nix @@ -1,4 +1,6 @@ -{ lib, buildPackages ? { inherit stdenvNoCC; }, stdenvNoCC, curl }: # Note that `curl' may be `null', in case of the native stdenvNoCC. +{ lib, buildPackages ? { inherit stdenvNoCC; }, stdenvNoCC +, curl # Note that `curl' may be `null', in case of the native stdenvNoCC. +, cacert ? null }: let @@ -112,6 +114,7 @@ let else if sha512 != "" then { outputHashAlgo = "sha512"; outputHash = sha512; } else if sha256 != "" then { outputHashAlgo = "sha256"; outputHash = sha256; } else if sha1 != "" then { outputHashAlgo = "sha1"; outputHash = sha1; } + else if cacert != null then { outputHashAlgo = "sha256"; outputHash = ""; } else throw "fetchurl requires a hash for fixed-output derivation: ${lib.concatStringsSep ", " urls_}"; in @@ -134,6 +137,10 @@ stdenvNoCC.mkDerivation { # New-style output content requirements. inherit (hash_) outputHashAlgo outputHash; + SSL_CERT_FILE = if hash_.outputHash == "" + then "${cacert}/etc/ssl/certs/ca-bundle.crt" + else "/no-cert-file.crt"; + outputHashMode = if (recursiveHash || executable) then "recursive" else "flat"; inherit curlOpts showURLs mirrorsFile postFetch downloadToTemp executable; diff --git a/pkgs/development/arduino/arduino-core/default.nix b/pkgs/development/arduino/arduino-core/default.nix index 2a7387c4378a..1c537edd0b42 100644 --- a/pkgs/development/arduino/arduino-core/default.nix +++ b/pkgs/development/arduino/arduino-core/default.nix @@ -68,13 +68,14 @@ let xorg.libXxf86vm zlib ]; - teensy_architecture = - lib.optionalString (stdenv.hostPlatform.system == "x86_64-linux") "linux64" - + lib.optionalString (stdenv.hostPlatform.system == "i686-linux") "linux32" - + lib.optionalString (stdenv.hostPlatform.system == "aarch64-linux") "linuxaarch64" - + lib.optionalString (builtins.match "armv[67]l-linux" stdenv.hostPlatform.system != null) "linuxarm"; - flavor = ( if withTeensyduino then "teensyduino" else "arduino") - + stdenv.lib.optionalString (!withGui) "-core"; + teensy_architecture = if stdenv.hostPlatform.isx86_32 then "linux32" + else if stdenv.hostPlatform.isx86_64 then "linux64" + else if stdenv.hostPlatform.isAarch64 then "linuxaarch64" + else if stdenv.hostPlatform.isAarch32 then "linuxarm" + else throw "${stdenv.hostPlatform.system} is not supported in teensy"; + + flavor = (if withTeensyduino then "teensyduino" else "arduino") + + stdenv.lib.optionalString (!withGui) "-core"; in stdenv.mkDerivation rec { version = "1.8.12"; @@ -90,28 +91,23 @@ stdenv.mkDerivation rec { teensyduino_version = "151"; teensyduino_src = fetchurl { url = "https://www.pjrc.com/teensy/td_${teensyduino_version}/TeensyduinoInstall.${teensy_architecture}"; - sha256 = - lib.optionalString (teensy_architecture == "linux64") - "0q8mw9bm2vb5vwa98gwcs6ad164i98hc1qqh2qw029yhwm599pn0" - + lib.optionalString (teensy_architecture == "linux32") - "1rq6sx0048ab200jy0cz5vznwxi99avidngj42rjnh7kcfas5c4m" - + lib.optionalString (teensy_architecture == "linuxaarch64") - "09k78dycn1vcpcx37c1dak8bgjv8gs34l89n9r9s0c3rqmv3pg4x" - + lib.optionalString (teensy_architecture == "linuxarm") - "19j55bq36040rpdpfxcqimda76rkbx137q15bs8nvxj13wrbl4ip"; + sha256 = { + linux64 = "0q8mw9bm2vb5vwa98gwcs6ad164i98hc1qqh2qw029yhwm599pn0"; + linux32 = "1rq6sx0048ab200jy0cz5vznwxi99avidngj42rjnh7kcfas5c4m"; + linuxarm = "19j55bq36040rpdpfxcqimda76rkbx137q15bs8nvxj13wrbl4ip"; + linuxaarch64 = "09k78dycn1vcpcx37c1dak8bgjv8gs34l89n9r9s0c3rqmv3pg4x"; + }.${teensy_architecture} or (throw "No arduino binaries for ${teensy_architecture}"); }; # Used because teensyduino requires jars be a specific size arduino_dist_src = fetchurl { url = "http://downloads.arduino.cc/arduino-${version}-${teensy_architecture}.tar.xz"; sha256 = - lib.optionalString (teensy_architecture == "linux64") - "128f34kkxz7ab6ir5mqyr8d1mgxig8f9jygwxy44pdnq2rk6gmh9" - + lib.optionalString (teensy_architecture == "linux32") - "11n85lwsn1w4ysfacyw08v85s3f3zvl8j8ac7rld19yxgjslvisi" - + lib.optionalString (teensy_architecture == "linuxaarch64") - "04v2nhyjhahml6nmz23bfb63c0an4a7zxgcgxqqq442i8vd304wa" - + lib.optionalString (teensy_architecture == "linuxarm") - "1k8yjivaydm6y16mplrjyblgx7l0wjzm3mjxh5saxrjq7drswmxx"; + { + linux64 = "128f34kkxz7ab6ir5mqyr8d1mgxig8f9jygwxy44pdnq2rk6gmh9"; + linux32 = "11n85lwsn1w4ysfacyw08v85s3f3zvl8j8ac7rld19yxgjslvisi"; + linuxarm = "1k8yjivaydm6y16mplrjyblgx7l0wjzm3mjxh5saxrjq7drswmxx"; + linuxaarch64 = "04v2nhyjhahml6nmz23bfb63c0an4a7zxgcgxqqq442i8vd304wa"; + }.${teensy_architecture} or (throw "No arduino binaries for ${teensy_architecture}"); }; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 109c39e804f1..467e38a565fe 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -335,6 +335,7 @@ in then buildPackages.fetchurl # No need to do special overrides twice, else makeOverridable (import ../build-support/fetchurl) { inherit lib stdenvNoCC buildPackages; + inherit cacert; curl = buildPackages.curl.override (old: rec { # break dependency cycles fetchurl = stdenv.fetchurlBoot; |