diff options
| author | Daiderd Jordan <daiderd@gmail.com> | 2018-06-23 12:13:23 +0200 |
|---|---|---|
| committer | Daiderd Jordan <daiderd@gmail.com> | 2018-06-23 12:16:42 +0200 |
| commit | 288939ce22a8d63077e888db227289d9e36d41e5 (patch) | |
| tree | 79658026473e4ae9ce826461d13dabddf74cc991 /pkgs/tools | |
| parent | 59daa4fd629f7e6547bdff047d9759c353f29067 (diff) | |
| download | nixlib-288939ce22a8d63077e888db227289d9e36d41e5.tar nixlib-288939ce22a8d63077e888db227289d9e36d41e5.tar.gz nixlib-288939ce22a8d63077e888db227289d9e36d41e5.tar.bz2 nixlib-288939ce22a8d63077e888db227289d9e36d41e5.tar.lz nixlib-288939ce22a8d63077e888db227289d9e36d41e5.tar.xz nixlib-288939ce22a8d63077e888db227289d9e36d41e5.tar.zst nixlib-288939ce22a8d63077e888db227289d9e36d41e5.zip | |
curl: disable default CA bundle
Without this curl might detect /etc/ssl/cert.pem at build time on macOS, causing curl to ignore NIX_SSL_CERT_FILE. Fixes #42317
Diffstat (limited to 'pkgs/tools')
| -rw-r--r-- | pkgs/tools/networking/curl/default.nix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index 3d8cdd2653b7..4a476a6ba137 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -63,6 +63,10 @@ stdenv.mkDerivation rec { ''; configureFlags = [ + # Disable default CA bundle, use NIX_SSL_CERT_FILE or fallback + # to nss-cacert from the default profile. + "--without-ca-bundle" + "--without-ca-path" "--with-ca-fallback" "--disable-manual" ( if sslSupport then "--with-ssl=${openssl.dev}" else "--without-ssl" ) |