diff options
author | Martin Weinelt <hexa@darmstadt.ccc.de> | 2021-06-08 20:29:28 +0200 |
---|---|---|
committer | Martin Weinelt <hexa@darmstadt.ccc.de> | 2021-06-09 00:01:00 +0200 |
commit | 42e25d855fa959b7832fbdbc0a384294460d9258 (patch) | |
tree | 09f6565e8283dec7dc3a6574db579ca11b66bd6d | |
parent | 9be8db34cf5c05aad77128c87c746bcc909f570d (diff) | |
download | nixpkgs-42e25d855fa959b7832fbdbc0a384294460d9258.tar nixpkgs-42e25d855fa959b7832fbdbc0a384294460d9258.tar.gz nixpkgs-42e25d855fa959b7832fbdbc0a384294460d9258.tar.bz2 nixpkgs-42e25d855fa959b7832fbdbc0a384294460d9258.tar.lz nixpkgs-42e25d855fa959b7832fbdbc0a384294460d9258.tar.xz nixpkgs-42e25d855fa959b7832fbdbc0a384294460d9258.tar.zst nixpkgs-42e25d855fa959b7832fbdbc0a384294460d9258.zip |
firefox: use nss without p11-kit
Quickfix to allow firefox to recognize certificates as trusted by Mozilla. Related: #126065
-rw-r--r-- | pkgs/applications/networking/browsers/firefox/common.nix | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/pkgs/applications/networking/browsers/firefox/common.nix b/pkgs/applications/networking/browsers/firefox/common.nix index e35fd6ca701..a44fb2032f4 100644 --- a/pkgs/applications/networking/browsers/firefox/common.nix +++ b/pkgs/applications/networking/browsers/firefox/common.nix @@ -116,7 +116,9 @@ let then overrideCC stdenv llvmPackages.clangUseLLVM else stdenv; - nss_pkg = if lib.versionOlder ffversion "83" then nss_3_53 else nss; + # Disable p11-kit support in nss until our cacert packages has caught up exposing CKA_NSS_MOZILLA_CA_POLICY + # https://github.com/NixOS/nixpkgs/issues/126065 + nss_pkg = if lib.versionOlder ffversion "83" then nss_3_53 else nss.override { useP11kit = false; }; # --enable-release adds -ffunction-sections & LTO that require a big amount of # RAM and the 32-bit memory space cannot handle that linking |