Move setting $SSL_CERT_FILE to stdenv

Doing it in an openssl setup hook only works if packages have openssl
as a build input - it doesn't work if they're using a program linked
against openssl.
This commit is contained in:
Eelco Dolstra 2016-02-03 13:59:10 +01:00
parent cc2cec6300
commit 917ca8920d
2 changed files with 5 additions and 5 deletions

View File

@ -70,11 +70,6 @@ let
fi fi
''; '';
setupHook = builtins.toFile "openssl-setup-hook"
''
export SSL_CERT_FILE=/no-cert-file.crt
'';
crossAttrs = { crossAttrs = {
# upstream patch: https://rt.openssl.org/Ticket/Display.html?id=2558 # upstream patch: https://rt.openssl.org/Ticket/Display.html?id=2558
postPatch = '' postPatch = ''

View File

@ -371,6 +371,11 @@ export NIX_BUILD_CORES
paxmark() { true; } paxmark() { true; }
# Prevent OpenSSL-based applications from using certificates in
# /etc/ssl.
export SSL_CERT_FILE=/no-cert-file.crt
###################################################################### ######################################################################
# Textual substitution functions. # Textual substitution functions.