mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-25 20:34:52 +03:00
Move setting $SSL_CERT_FILE to stdenv
Doing it in an openssl setup hook only works if packages have openssl as a build input - it doesn't work if they're using a program linked against openssl.
This commit is contained in:
parent
cc2cec6300
commit
917ca8920d
@ -70,11 +70,6 @@ let
|
||||
fi
|
||||
'';
|
||||
|
||||
setupHook = builtins.toFile "openssl-setup-hook"
|
||||
''
|
||||
export SSL_CERT_FILE=/no-cert-file.crt
|
||||
'';
|
||||
|
||||
crossAttrs = {
|
||||
# upstream patch: https://rt.openssl.org/Ticket/Display.html?id=2558
|
||||
postPatch = ''
|
||||
|
@ -371,6 +371,11 @@ export NIX_BUILD_CORES
|
||||
paxmark() { true; }
|
||||
|
||||
|
||||
# Prevent OpenSSL-based applications from using certificates in
|
||||
# /etc/ssl.
|
||||
export SSL_CERT_FILE=/no-cert-file.crt
|
||||
|
||||
|
||||
######################################################################
|
||||
# Textual substitution functions.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user