about summary refs log tree commit diff
path: root/nixpkgs/pkgs/development/libraries/openssl
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/openssl')
-rw-r--r--nixpkgs/pkgs/development/libraries/openssl/default.nix28
1 files changed, 24 insertions, 4 deletions
diff --git a/nixpkgs/pkgs/development/libraries/openssl/default.nix b/nixpkgs/pkgs/development/libraries/openssl/default.nix
index 49ac7954169f..fda0c71655a6 100644
--- a/nixpkgs/pkgs/development/libraries/openssl/default.nix
+++ b/nixpkgs/pkgs/development/libraries/openssl/default.nix
@@ -3,8 +3,17 @@
 , enableSSL2 ? false
 , enableSSL3 ? false
 , static ? stdenv.hostPlatform.isStatic
+# Used to avoid cross compiling perl, for example, in darwin bootstrap tools.
+# This will cause c_rehash to refer to perl via the environment, but otherwise
+# will produce a perfectly functional openssl binary and library.
+, withPerl ? true
 }:
 
+assert (
+  lib.assertMsg (!withPerl -> stdenv.hostPlatform != stdenv.buildPlatform)
+  "withPerl should not be disabled unless cross compiling"
+);
+
 # Note: this package is used for bootstrapping fetchurl, and thus
 # cannot use fetchpatch! All mutable patches (generated by GitHub or
 # cgit) that are needed here should be included directly in Nixpkgs as
@@ -46,7 +55,10 @@ let
     separateDebugInfo = !(stdenv.hostPlatform.useLLVM or false) && stdenv.cc.isGNU;
 
     nativeBuildInputs = [ perl ];
-    buildInputs = lib.optional withCryptodev cryptodev;
+    buildInputs = lib.optional withCryptodev cryptodev
+      # perl is included to allow the interpreter path fixup hook to set the
+      # correct interpreter in c_rehash.
+      ++ lib.optional withPerl perl;
 
     # TODO(@Ericson2314): Improve with mass rebuild
     configurePlatforms = [];
@@ -108,12 +120,20 @@ let
           rm "$out/lib/"*.a
       fi
 
-    '' +
-    ''
       mkdir -p $bin
     '' + lib.optionalString (!stdenv.hostPlatform.isWindows)
+      # Fix bin/c_rehash's perl interpreter line
+      #
+      # - openssl 1_0_2: embeds a reference to buildPackages.perl
+      # - openssl 1_1:   emits "#!/usr/bin/env perl"
+      #
+      # In the case of openssl_1_0_2, reset the invalid reference and let the
+      # interpreter hook take care of it.
+      #
+      # In both cases, if withPerl = false, the intepreter line is expected be
+      # "#!/usr/bin/env perl"
     ''
-      substituteInPlace $out/bin/c_rehash --replace ${buildPackages.perl} ${perl}
+      substituteInPlace $out/bin/c_rehash --replace ${buildPackages.perl}/bin/perl "/usr/bin/env perl"
     '' +
     ''
       mv $out/bin $bin/
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-04 02:46:13 +0000