diff options
author | Klemens Nanni <klemens@posteo.de> | 2022-06-03 09:30:18 +0200 |
---|---|---|
committer | Klemens Nanni <klemens@posteo.de> | 2022-06-03 19:57:12 +0200 |
commit | 11c7d480161716db3e880fe69b2a564ada07ea4a (patch) | |
tree | fce2b1dd8cac05035489a8187b00821c9ad7edb1 | |
parent | e6776218b674f80e05bec30d4f7667ed5b77cf7f (diff) | |
download | nixpkgs-11c7d480161716db3e880fe69b2a564ada07ea4a.tar nixpkgs-11c7d480161716db3e880fe69b2a564ada07ea4a.tar.gz nixpkgs-11c7d480161716db3e880fe69b2a564ada07ea4a.tar.bz2 nixpkgs-11c7d480161716db3e880fe69b2a564ada07ea4a.tar.lz nixpkgs-11c7d480161716db3e880fe69b2a564ada07ea4a.tar.xz nixpkgs-11c7d480161716db3e880fe69b2a564ada07ea4a.tar.zst nixpkgs-11c7d480161716db3e880fe69b2a564ada07ea4a.zip |
libdigidocpp: Fix crashes due to newer OpenSSL
The OpenSSL 1.1.1l -> 1.1.1m update introduced a regression which libdigidocpp upstream fixed. Pull the fix to unbreak `digidoc-tool create --file=in.txt out.asice` as well as the graphical pendant in `qdigidoc4`.
-rw-r--r-- | pkgs/development/libraries/libdigidocpp/default.nix | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/pkgs/development/libraries/libdigidocpp/default.nix b/pkgs/development/libraries/libdigidocpp/default.nix index 94254b93665..9c60fb16f43 100644 --- a/pkgs/development/libraries/libdigidocpp/default.nix +++ b/pkgs/development/libraries/libdigidocpp/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, cmake, makeWrapper, minizip, pcsclite, opensc, openssl +{ lib, stdenv, fetchurl, fetchpatch, cmake, makeWrapper, minizip, pcsclite, opensc, openssl , xercesc, xml-security-c, pkg-config, xsd, zlib, xalanc, xxd }: stdenv.mkDerivation rec { @@ -10,6 +10,18 @@ stdenv.mkDerivation rec { sha256 = "sha256-U5i5IAyJF4359q6M6mQemEuG7+inPYIXqLy8GHv4dkg="; }; + patches = [ + (fetchpatch { + # fix runtime crashes when signing with OpenSSL>1.1.1l + # https://github.com/open-eid/libdigidocpp/issues/474 asks for a new release + url = "https://github.com/open-eid/libdigidocpp/commit/42a8cfd834c10bdd206fe784a13217df222b1c8e.patch"; + sha256 = "sha256-o3ZT0dXhIu79C5ZR+2HPdLMZ3YwPG1v3vly5bseuxtU="; + excludes = [ + ".github/workflows/build.yml" # failed hunk + ]; + }) + ]; + nativeBuildInputs = [ cmake makeWrapper pkg-config xxd ]; buildInputs = [ |