diff options
author | Alyssa Ross <hi@alyssa.is> | 2019-04-22 21:15:06 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2019-04-22 21:18:23 +0000 |
commit | b935ae5f3cfb2bb4f9a3746d284f156a6dece505 (patch) | |
tree | 5efe4e2e7a7723a737d0130a333b057c5e76df40 /nixpkgs/pkgs/development/compilers/go/ssl-cert-file-1.12.1.patch | |
parent | dc9566e91c9453378c24e98b5737234364670df5 (diff) | |
parent | d26027792812fbfad4d0f451b5f47fdabf7fdeb9 (diff) | |
download | nixlib-b935ae5f3cfb2bb4f9a3746d284f156a6dece505.tar nixlib-b935ae5f3cfb2bb4f9a3746d284f156a6dece505.tar.gz nixlib-b935ae5f3cfb2bb4f9a3746d284f156a6dece505.tar.bz2 nixlib-b935ae5f3cfb2bb4f9a3746d284f156a6dece505.tar.lz nixlib-b935ae5f3cfb2bb4f9a3746d284f156a6dece505.tar.xz nixlib-b935ae5f3cfb2bb4f9a3746d284f156a6dece505.tar.zst nixlib-b935ae5f3cfb2bb4f9a3746d284f156a6dece505.zip |
Merge commit 'd26027792812fbfad4d0f451b5f47fdabf7fdeb9'
Diffstat (limited to 'nixpkgs/pkgs/development/compilers/go/ssl-cert-file-1.12.1.patch')
-rw-r--r-- | nixpkgs/pkgs/development/compilers/go/ssl-cert-file-1.12.1.patch | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/development/compilers/go/ssl-cert-file-1.12.1.patch b/nixpkgs/pkgs/development/compilers/go/ssl-cert-file-1.12.1.patch new file mode 100644 index 000000000000..aa3116d76c12 --- /dev/null +++ b/nixpkgs/pkgs/development/compilers/go/ssl-cert-file-1.12.1.patch @@ -0,0 +1,59 @@ +diff -Naur a/src/crypto/x509/root_cgo_darwin.go b/src/crypto/x509/root_cgo_darwin.go +--- a/src/crypto/x509/root_cgo_darwin.go 2019-03-15 11:33:55.920232337 -0700 ++++ b/src/crypto/x509/root_cgo_darwin.go 2019-03-15 11:34:53.323180897 -0700 +@@ -270,11 +270,20 @@ + import "C" + import ( + "errors" ++ "io/ioutil" ++ "os" + "unsafe" + ) + + func loadSystemRoots() (*CertPool, error) { + roots := NewCertPool() ++ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { ++ data, err := ioutil.ReadFile(file) ++ if err == nil { ++ roots.AppendCertsFromPEM(data) ++ return roots, nil ++ } ++ } + + var data C.CFDataRef = 0 + var untrustedData C.CFDataRef = 0 +diff -Naur a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go +--- a/src/crypto/x509/root_darwin.go 2019-03-15 11:33:55.920232337 -0700 ++++ b/src/crypto/x509/root_darwin.go 2019-03-15 11:36:21.205123541 -0700 +@@ -92,6 +92,14 @@ + verifyCh = make(chan rootCandidate) + ) + ++ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { ++ data, err := ioutil.ReadFile(file) ++ if err == nil { ++ roots.AppendCertsFromPEM(data) ++ return roots, nil ++ } ++ } ++ + // Using 4 goroutines to pipe into verify-cert seems to be + // about the best we can do. The verify-cert binary seems to + // just RPC to another server with coarse locking anyway, so +diff -Naur a/src/crypto/x509/root_unix.go b/src/crypto/x509/root_unix.go +--- a/src/crypto/x509/root_unix.go 2019-03-15 11:33:55.920232337 -0700 ++++ b/src/crypto/x509/root_unix.go 2019-03-15 11:37:15.737326340 -0700 +@@ -38,6 +38,13 @@ + + func loadSystemRoots() (*CertPool, error) { + roots := NewCertPool() ++ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { ++ data, err := ioutil.ReadFile(file) ++ if err == nil { ++ roots.AppendCertsFromPEM(data) ++ return roots, nil ++ } ++ } + + files := certFiles + if f := os.Getenv(certFileEnv); f != "" { |