diff options
author | Eelco Dolstra <edolstra@gmail.com> | 2016-10-14 12:04:28 +0200 |
---|---|---|
committer | Eelco Dolstra <edolstra@gmail.com> | 2016-10-14 12:06:10 +0200 |
commit | 942dbf89c6120cb5b52fb2ab456855d1fbf2994e (patch) | |
tree | 2abe1536e2d47fc0c8ace6da13dbea1de0f92ac8 /pkgs/tools/networking | |
parent | 027efec8798547c0e8cff7861680f9b95732c12d (diff) | |
download | nixlib-942dbf89c6120cb5b52fb2ab456855d1fbf2994e.tar nixlib-942dbf89c6120cb5b52fb2ab456855d1fbf2994e.tar.gz nixlib-942dbf89c6120cb5b52fb2ab456855d1fbf2994e.tar.bz2 nixlib-942dbf89c6120cb5b52fb2ab456855d1fbf2994e.tar.lz nixlib-942dbf89c6120cb5b52fb2ab456855d1fbf2994e.tar.xz nixlib-942dbf89c6120cb5b52fb2ab456855d1fbf2994e.tar.zst nixlib-942dbf89c6120cb5b52fb2ab456855d1fbf2994e.zip |
openssl, curl, git: Respect $NIX_SSL_CERT_FILE
$NIX_SSL_CERT_FILE overrides $SSL_CERT_FILE, which in turn overrides the default CA path (/etc/ssl/certs/ca-certificates.crt). This allows Nix to set a CA path without interfering with other packages (such as Homebrew). See https://github.com/NixOS/nix/issues/921.
Diffstat (limited to 'pkgs/tools/networking')
-rw-r--r-- | pkgs/tools/networking/curl/default.nix | 2 | ||||
-rw-r--r-- | pkgs/tools/networking/curl/nix-ssl-cert-file.patch | 14 |
2 files changed, 16 insertions, 0 deletions
diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index 958bea34e7d3..d1936cb11ad3 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -25,6 +25,8 @@ stdenv.mkDerivation rec { sha256 = "1v6q83qsrf7dgp3y5fa5vkppgqyy82pnsk8z9b4047b6fvclfwvv"; }; + patches = [ ./nix-ssl-cert-file.patch ]; + outputs = [ "bin" "dev" "out" "man" "devdoc" ]; nativeBuildInputs = [ pkgconfig perl ]; diff --git a/pkgs/tools/networking/curl/nix-ssl-cert-file.patch b/pkgs/tools/networking/curl/nix-ssl-cert-file.patch new file mode 100644 index 000000000000..20c408bfae23 --- /dev/null +++ b/pkgs/tools/networking/curl/nix-ssl-cert-file.patch @@ -0,0 +1,14 @@ +diff -ru -x '*~' curl-7.50.3-orig/src/tool_operate.c curl-7.50.3/src/tool_operate.c +--- curl-7.50.3-orig/src/tool_operate.c 2016-09-06 23:25:06.000000000 +0200 ++++ curl-7.50.3/src/tool_operate.c 2016-10-14 11:51:48.999943142 +0200 +@@ -269,7 +269,9 @@ + capath_from_env = true; + } + else { +- env = curlx_getenv("SSL_CERT_FILE"); ++ env = curlx_getenv("NIX_SSL_CERT_FILE"); ++ if(!env) ++ env = curlx_getenv("SSL_CERT_FILE"); + if(env) { + config->cacert = strdup(env); + if(!config->cacert) { |