diff options
author | 7c6f434c <7c6f434c@mail.ru> | 2022-07-26 05:17:44 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-07-26 05:17:44 +0000 |
commit | 702c2b914c1104db25eccd90a805c10cce77e538 (patch) | |
tree | 0f42f3e60ab83e03c79b659f7de19994b5896035 | |
parent | 1cfb6dab0f502768db6a8c31bd3cd46e46234b0c (diff) | |
parent | 922bb56029fdee1ae004e006a59e05c32e49bd91 (diff) |
Merge pull request #181804 from tylerjl/glusterfs-ssl-path-patch
glusterfs: patch around SSL_CERT_PATH detection
-rw-r--r-- | pkgs/tools/filesystems/glusterfs/default.nix | 11 | ||||
-rw-r--r-- | pkgs/tools/filesystems/glusterfs/ssl_cert_path.patch | 23 |
2 files changed, 34 insertions, 0 deletions
diff --git a/pkgs/tools/filesystems/glusterfs/default.nix b/pkgs/tools/filesystems/glusterfs/default.nix index e25c50e09503..125fb01d88a1 100644 --- a/pkgs/tools/filesystems/glusterfs/default.nix +++ b/pkgs/tools/filesystems/glusterfs/default.nix @@ -65,6 +65,17 @@ in stdenv.mkDerivation rec { }; inherit buildInputs propagatedBuildInputs; + patches = [ + # Upstream invokes `openssl version -d` to derive the canonical system path + # for certificates, which resolves to a nix store path, so this patch + # statically sets the configure.ac value. There's probably a less-brittle + # way to do this! (this will likely fail on a version bump) + # References: + # - https://github.com/gluster/glusterfs/issues/3234 + # - https://github.com/gluster/glusterfs/commit/a7dc43f533ad4b8ff68bf57704fefc614da65493 + ./ssl_cert_path.patch + ]; + postPatch = '' sed -e '/chmod u+s/d' -i contrib/fuse-util/Makefile.am substituteInPlace libglusterfs/src/glusterfs/lvm-defaults.h \ diff --git a/pkgs/tools/filesystems/glusterfs/ssl_cert_path.patch b/pkgs/tools/filesystems/glusterfs/ssl_cert_path.patch new file mode 100644 index 000000000000..5964e14787e7 --- /dev/null +++ b/pkgs/tools/filesystems/glusterfs/ssl_cert_path.patch @@ -0,0 +1,23 @@ +diff --git a/configure.ac b/configure.ac +index fb8db11e9e..4c40683057 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -766,14 +766,10 @@ AS_IF([test "x$enable_fuse_notifications" != "xno"], [ + + dnl Find out OpenSSL trusted certificates path + AC_MSG_CHECKING([for OpenSSL trusted certificates path]) +-SSL_CERT_PATH=$(openssl version -d | sed -e 's|OPENSSLDIR: "\(.*\)".*|\1|') +-if test -d $SSL_CERT_PATH 1>/dev/null 2>&1; then +- AC_MSG_RESULT([$SSL_CERT_PATH]) +- AC_DEFINE_UNQUOTED(SSL_CERT_PATH, ["$SSL_CERT_PATH"], [Path to OpenSSL trusted certificates.]) +- AC_SUBST(SSL_CERT_PATH) +-else +- AC_MSG_ERROR([Unable to detect path to OpenSSL trusted certificates]) +-fi ++SSL_CERT_PATH=/etc/ssl ++AC_MSG_RESULT([$SSL_CERT_PATH]) ++AC_DEFINE_UNQUOTED(SSL_CERT_PATH, ["$SSL_CERT_PATH"], [Path to OpenSSL trusted certificates.]) ++AC_SUBST(SSL_CERT_PATH) + + AC_CHECK_LIB([ssl], TLS_method, [HAVE_OPENSSL_1_1="yes"], [HAVE_OPENSSL_1_1="no"]) + if test "x$HAVE_OPENSSL_1_1" = "xyes"; then |