mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-26 21:33:03 +03:00
Move setting $SSL_CERT_FILE to stdenv
Doing it in an openssl setup hook only works if packages have openssl as a build input - it doesn't work if they're using a program linked against openssl.
This commit is contained in:
parent
cc2cec6300
commit
917ca8920d
@ -70,11 +70,6 @@ let
|
|||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
|
|
||||||
setupHook = builtins.toFile "openssl-setup-hook"
|
|
||||||
''
|
|
||||||
export SSL_CERT_FILE=/no-cert-file.crt
|
|
||||||
'';
|
|
||||||
|
|
||||||
crossAttrs = {
|
crossAttrs = {
|
||||||
# upstream patch: https://rt.openssl.org/Ticket/Display.html?id=2558
|
# upstream patch: https://rt.openssl.org/Ticket/Display.html?id=2558
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
|
@ -371,6 +371,11 @@ export NIX_BUILD_CORES
|
|||||||
paxmark() { true; }
|
paxmark() { true; }
|
||||||
|
|
||||||
|
|
||||||
|
# Prevent OpenSSL-based applications from using certificates in
|
||||||
|
# /etc/ssl.
|
||||||
|
export SSL_CERT_FILE=/no-cert-file.crt
|
||||||
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
# Textual substitution functions.
|
# Textual substitution functions.
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user