summary refs log tree commit diff
diff options
context:
space:
mode:
authorWout Mertens <Wout.Mertens@gmail.com>2014-11-27 13:29:50 +0100
committerWout Mertens <Wout.Mertens@gmail.com>2014-11-27 13:29:50 +0100
commitcacf3f6c1e4dddc3d44b442fbc2cec4d7b935dcb (patch)
tree2481bc086eacbc629c4d43340fd8c451e0d56782
parentabcb355453805f1f5078e0e16c930929047163dd (diff)
parentf4ab3dc223ede44cb9d20ed0638d7528219b04fa (diff)
downloadnixpkgs-cacf3f6c1e4dddc3d44b442fbc2cec4d7b935dcb.tar
nixpkgs-cacf3f6c1e4dddc3d44b442fbc2cec4d7b935dcb.tar.gz
nixpkgs-cacf3f6c1e4dddc3d44b442fbc2cec4d7b935dcb.tar.bz2
nixpkgs-cacf3f6c1e4dddc3d44b442fbc2cec4d7b935dcb.tar.lz
nixpkgs-cacf3f6c1e4dddc3d44b442fbc2cec4d7b935dcb.tar.xz
nixpkgs-cacf3f6c1e4dddc3d44b442fbc2cec4d7b935dcb.tar.zst
nixpkgs-cacf3f6c1e4dddc3d44b442fbc2cec4d7b935dcb.zip
Merge branch 'curl-ssl-cert-file' of https://github.com/the-kenny/nixpkgs into staging
Standardize NixOS on using only SSL_CERT_FILE for the trusted SSL certificate store.
-rw-r--r--pkgs/tools/networking/curl/7.15.nix6
-rw-r--r--pkgs/tools/networking/curl/default.nix5
2 files changed, 11 insertions, 0 deletions
diff --git a/pkgs/tools/networking/curl/7.15.nix b/pkgs/tools/networking/curl/7.15.nix
index 47ac790e2ad..2b13437d95c 100644
--- a/pkgs/tools/networking/curl/7.15.nix
+++ b/pkgs/tools/networking/curl/7.15.nix
@@ -32,6 +32,12 @@ stdenv.mkDerivation rec {
   preConfigure = ''
     sed -e 's|/usr/bin|/no-such-path|g' -i.bak configure
   '';
+
+  # make curl honor CURL_CA_BUNDLE & SSL_CERT_FILE
+  postConfigure = ''
+    echo  '#define CURL_CA_BUNDLE (getenv("CURL_CA_BUNDLE") || getenv("SSL_CERT_FILE"))' >> lib/curl_config.h
+  '';
+
   configureFlags = [
       ( if sslSupport then "--with-ssl=${openssl}" else "--without-ssl" )
       ( if scpSupport then "--with-libssh2=${libssh2}" else "--without-libssh2" )
diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix
index b4ea6f99376..2e106c899b9 100644
--- a/pkgs/tools/networking/curl/default.nix
+++ b/pkgs/tools/networking/curl/default.nix
@@ -35,6 +35,11 @@ stdenv.mkDerivation rec {
     rm src/tool_hugehelp.c
   '';
 
+  # make curl honor CURL_CA_BUNDLE & SSL_CERT_FILE
+  postConfigure = ''
+    echo  '#define CURL_CA_BUNDLE (getenv("CURL_CA_BUNDLE") || getenv("SSL_CERT_FILE"))' >> lib/curl_config.h
+  '';
+
   configureFlags = [
       ( if sslSupport then "--with-ssl=${openssl}" else "--without-ssl" )
       ( if scpSupport then "--with-libssh2=${libssh2}" else "--without-libssh2" )