diff options
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/libressl/default.nix')
-rw-r--r-- | nixpkgs/pkgs/development/libraries/libressl/default.nix | 29 |
1 files changed, 28 insertions, 1 deletions
diff --git a/nixpkgs/pkgs/development/libraries/libressl/default.nix b/nixpkgs/pkgs/development/libraries/libressl/default.nix index fb362ebbad2f..d70672f63ac3 100644 --- a/nixpkgs/pkgs/development/libraries/libressl/default.nix +++ b/nixpkgs/pkgs/development/libraries/libressl/default.nix @@ -1,8 +1,16 @@ -{ stdenv, fetchurl, lib, cmake, cacert, fetchpatch +{ stdenv +, fetchurl +, lib +, cmake +, cacert +, fetchpatch , buildShared ? !stdenv.hostPlatform.isStatic }: let + ldLibPathEnvName = if stdenv.isDarwin + then "DYLD_LIBRARY_PATH" + else "LD_LIBRARY_PATH"; generic = { version, sha256, patches ? [] }: stdenv.mkDerivation rec { pname = "libressl"; @@ -42,6 +50,15 @@ let substituteInPlace ./tls/tls_config.c --replace '"/etc/ssl/cert.pem"' '"${cacert}/etc/ssl/certs/ca-bundle.crt"' ''; + doCheck = true; + preCheck = '' + export PREVIOUS_${ldLibPathEnvName}=$${ldLibPathEnvName} + export ${ldLibPathEnvName}="$${ldLibPathEnvName}:$(realpath tls/):$(realpath ssl/):$(realpath crypto/)" + ''; + postCheck = '' + export ${ldLibPathEnvName}=$PREVIOUS_${ldLibPathEnvName} + ''; + outputs = [ "bin" "dev" "out" "man" "nc" ]; postFixup = '' @@ -66,5 +83,15 @@ in { libressl_3_2 = generic { version = "3.2.5"; sha256 = "1zkwrs3b19s1ybz4q9hrb7pqsbsi8vxcs44qanfy11fkc7ynb2kr"; + patches = [ + ./CVE-2021-41581.patch + ]; + }; + libressl_3_4 = generic { + version = "3.4.0"; + sha256 = "1lhn76nd59p1dfd27b4636zj6wh3f5xsi8b3sxqnl820imsswbp5"; + patches = [ + ./CVE-2021-41581.patch + ]; }; } |