diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2016-02-03 13:45:05 +0100 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2016-02-03 13:45:05 +0100 |
commit | 788da6894fac5b20d183ce5afbab3bacd7ddeaca (patch) | |
tree | a8ab23792a993d5eaf20a73d97dbd8b62fcc6239 /pkgs/development/libraries/openssl/default.nix | |
parent | 9f358f809d1db46f3206d4a09a5366f13c93e777 (diff) | |
download | nixlib-788da6894fac5b20d183ce5afbab3bacd7ddeaca.tar nixlib-788da6894fac5b20d183ce5afbab3bacd7ddeaca.tar.gz nixlib-788da6894fac5b20d183ce5afbab3bacd7ddeaca.tar.bz2 nixlib-788da6894fac5b20d183ce5afbab3bacd7ddeaca.tar.lz nixlib-788da6894fac5b20d183ce5afbab3bacd7ddeaca.tar.xz nixlib-788da6894fac5b20d183ce5afbab3bacd7ddeaca.tar.zst nixlib-788da6894fac5b20d183ce5afbab3bacd7ddeaca.zip |
openssl: Compile in /etc/ssl/certs/ca-certificates.crt
Diffstat (limited to 'pkgs/development/libraries/openssl/default.nix')
-rw-r--r-- | pkgs/development/libraries/openssl/default.nix | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index be224fd54eb5..e37bdf855dc5 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -1,6 +1,6 @@ { stdenv, fetchurl, perl , withCryptodev ? false, cryptodevHeaders -, defaultCertificate ? "/etc/ssl/certs/ca-certificates.crt" }: +}: with stdenv.lib; let @@ -21,7 +21,9 @@ stdenv.mkDerivation rec { outputs = [ "out" "man" ]; - patches = optional stdenv.isCygwin ./1.0.1-cygwin64.patch + patches = + [ ./use-etc-ssl-certs.patch ] + ++ optional stdenv.isCygwin ./1.0.1-cygwin64.patch ++ optional (stdenv.isDarwin || (stdenv ? cross && stdenv.cross.libc == "libSystem")) ./darwin-arch.patch; nativeBuildInputs = [ perl ]; @@ -60,8 +62,7 @@ stdenv.mkDerivation rec { # remove dependency on Perl at runtime rm -r $out/etc/ssl/misc $out/bin/c_rehash - # configure the default trust store - ${optionalString (defaultCertificate != null) "ln -s ${defaultCertificate} $out/etc/ssl/cert.pem"} + rmdir $out/etc/ssl/certs ''; postFixup = '' @@ -72,6 +73,11 @@ stdenv.mkDerivation rec { fi ''; + setupHook = builtins.toFile "openssl-setup-hook" + '' + export SSL_CERT_FILE=/no-cert-file.crt + ''; + crossAttrs = { # upstream patch: https://rt.openssl.org/Ticket/Display.html?id=2558 postPatch = '' |