diff options
author | Dima <dgoldin+github@protonmail.ch> | 2019-09-10 00:01:59 +0200 |
---|---|---|
committer | Dima <dgoldin+github@protonmail.ch> | 2019-09-17 23:08:43 +0200 |
commit | 044f771d593bacc97c56cdfe046f527cd3a30184 (patch) | |
tree | 8c1d54e63b94af0c25bcbff632756c303828fb44 | |
parent | 78879ae0e99a00d5abadb16c6bc1d20c517dffcf (diff) |
libressl: fixing nc for version>=2.9
This addresses https://github.com/NixOS/nixpkgs/issues/68286
When `-R` (CA file location) is not specified, nc tries to fall back to
a default location. In 2.8 this was still configurable at compile time,
but was changed somewhere after. This replaces `/etc/ssl/cert.pem`
with `${cacert}/etc/ssl/cert.pem` in the code directly.
For a discussion of this, see https://github.com/NixOS/nixpkgs/pull/68456
-rw-r--r-- | pkgs/development/libraries/libressl/default.nix | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/pkgs/development/libraries/libressl/default.nix b/pkgs/development/libraries/libressl/default.nix index 71b8d2bb20e6..4bfa6cd0b8e4 100644 --- a/pkgs/development/libraries/libressl/default.nix +++ b/pkgs/development/libraries/libressl/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, lib, cmake }: +{ stdenv, fetchurl, lib, cmake, cacert }: let @@ -31,6 +31,12 @@ let rm configure ''; + # Since 2.9.x the default location can't be configured from the build using + # DEFAULT_CA_FILE anymore, instead we have to patch the default value. + postPatch = lib.optionalString (lib.versionAtLeast version "2.9.2") '' + substituteInPlace ./tls/tls_config.c --replace '"/etc/ssl/cert.pem"' '"${cacert}/etc/ssl/certs/ca-bundle.crt"' + ''; + enableParallelBuilding = true; outputs = [ "bin" "dev" "out" "man" "nc" ]; |