diff options
author | Alyssa Ross <hi@alyssa.is> | 2022-01-03 23:55:00 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2022-02-19 11:03:39 +0000 |
commit | f4cf97a04cd5d0b86aa46baec9fb228a8f671c03 (patch) | |
tree | 28192415ff39a661d0001563bf81cc93fa25d16d /nixpkgs/pkgs/development/libraries/gnutls/default.nix | |
parent | f8422837c9bde058e8f2de37702e7e94b2226040 (diff) | |
parent | 18c84ea816348e2a098390101b92d1e39a9dbd45 (diff) | |
download | nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.tar nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.tar.gz nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.tar.bz2 nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.tar.lz nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.tar.xz nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.tar.zst nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.zip |
Merge commit '18c84ea816348e2a098390101b92d1e39a9dbd45'
Conflicts: nixpkgs/nixos/modules/misc/documentation.nix nixpkgs/pkgs/applications/networking/browsers/firefox/packages.nix nixpkgs/pkgs/applications/window-managers/sway/default.nix nixpkgs/pkgs/build-support/rust/build-rust-package/default.nix nixpkgs/pkgs/development/go-modules/generic/default.nix nixpkgs/pkgs/development/interpreters/ruby/default.nix nixpkgs/pkgs/development/interpreters/ruby/patchsets.nix nixpkgs/pkgs/development/libraries/boehm-gc/7.6.6.nix nixpkgs/pkgs/development/python-modules/django-mailman3/default.nix nixpkgs/pkgs/servers/mail/mailman/web.nix nixpkgs/pkgs/top-level/aliases.nix nixpkgs/pkgs/top-level/all-packages.nix nixpkgs/pkgs/top-level/impure.nix
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/gnutls/default.nix')
-rw-r--r-- | nixpkgs/pkgs/development/libraries/gnutls/default.nix | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/nixpkgs/pkgs/development/libraries/gnutls/default.nix b/nixpkgs/pkgs/development/libraries/gnutls/default.nix index 4c4094987dde..f56052953033 100644 --- a/nixpkgs/pkgs/development/libraries/gnutls/default.nix +++ b/nixpkgs/pkgs/development/libraries/gnutls/default.nix @@ -1,8 +1,10 @@ { config, lib, stdenv, fetchurl, zlib, lzo, libtasn1, nettle, pkg-config, lzip -, perl, gmp, autoconf, automake, libidn, p11-kit, libiconv -, unbound, dns-root-data, gettext, cacert, util-linux +, perl, gmp, autoconf, automake, libidn, libiconv +, unbound, dns-root-data, gettext, util-linux +, cxxBindings ? !stdenv.hostPlatform.isStatic # tries to link libstdc++.so , guileBindings ? config.gnutls.guile or false, guile , tpmSupport ? false, trousers, which, nettools, libunistring +, withP11-kit ? !stdenv.hostPlatform.isStatic, p11-kit , withSecurity ? false, Security # darwin Security.framework }: @@ -51,11 +53,15 @@ stdenv.mkDerivation rec { preConfigure = "patchShebangs ."; configureFlags = - lib.optional stdenv.isLinux "--with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt" - ++ [ + lib.optionals withP11-kit [ + "--with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt" + "--with-default-trust-store-pkcs11=pkcs11:" + ] ++ [ "--disable-dependency-tracking" "--enable-fast-install" "--with-unbound-root-key-file=${dns-root-data}/root.key" + (lib.withFeature withP11-kit "p11-kit") + (lib.enableFeature cxxBindings "cxx") ] ++ lib.optional guileBindings [ "--enable-guile" "--with-guile-site-dir=\${out}/share/guile/site" @@ -65,7 +71,8 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - buildInputs = [ lzo lzip libtasn1 libidn p11-kit zlib gmp libunistring unbound gettext libiconv ] + buildInputs = [ lzo lzip libtasn1 libidn zlib gmp libunistring unbound gettext libiconv ] + ++ lib.optional (withP11-kit) p11-kit ++ lib.optional (isDarwin && withSecurity) Security ++ lib.optional (tpmSupport && stdenv.isLinux) trousers ++ lib.optional guileBindings guile; @@ -77,9 +84,9 @@ stdenv.mkDerivation rec { propagatedBuildInputs = [ nettle ]; inherit doCheck; - # stdenv's `NIX_SSL_CERT_FILE=/no-cert-file.crt` broke tests with: - # Error setting the x509 trust file: Error while reading file. - checkInputs = [ cacert ]; + # stdenv's `NIX_SSL_CERT_FILE=/no-cert-file.crt` breaks tests. + # Also empty files won't work, and we want to avoid potentially impure /etc/ + preCheck = "NIX_SSL_CERT_FILE=${./dummy.crt}"; # Fixup broken libtool and pkg-config files preFixup = lib.optionalString (!isDarwin) '' |