diff --git a/pkgs/applications/version-management/git-and-tools/git/ssl-cert-file.patch b/pkgs/applications/version-management/git-and-tools/git/ssl-cert-file.patch index 0e0697dfb211f..bafd65e8c93e1 100644 --- a/pkgs/applications/version-management/git-and-tools/git/ssl-cert-file.patch +++ b/pkgs/applications/version-management/git-and-tools/git/ssl-cert-file.patch @@ -1,14 +1,11 @@ diff -ru git-2.7.4-orig/http.c git-2.7.4/http.c --- git-2.7.4-orig/http.c 2016-03-17 21:47:59.000000000 +0100 +++ git-2.7.4/http.c 2016-04-12 11:38:33.187070848 +0200 -@@ -544,6 +544,10 @@ +@@ -544,6 +544,7 @@ #if LIBCURL_VERSION_NUM >= 0x070908 set_from_env(&ssl_capath, "GIT_SSL_CAPATH"); #endif -+ if (getenv("NIX_SSL_CERT_FILE")) -+ set_from_env(&ssl_cainfo, "NIX_SSL_CERT_FILE"); -+ else -+ set_from_env(&ssl_cainfo, "SSL_CERT_FILE"); ++ set_from_env(&ssl_cainfo, "SSL_CERT_FILE"); set_from_env(&ssl_cainfo, "GIT_SSL_CAINFO"); set_from_env(&user_agent, "GIT_HTTP_USER_AGENT"); diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index 6aefc8b797236..ea89bb859e5f5 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -19,7 +19,6 @@ let patches = (args.patches or []) - ++ [ ./nix-ssl-cert-file.patch ] ++ optional (versionOlder version "1.1.0") ./use-etc-ssl-certs.patch ++ optional stdenv.isCygwin ./1.0.1-cygwin64.patch ++ optional diff --git a/pkgs/development/libraries/openssl/nix-ssl-cert-file.patch b/pkgs/development/libraries/openssl/nix-ssl-cert-file.patch deleted file mode 100644 index 4b3c6f458b4cb..0000000000000 --- a/pkgs/development/libraries/openssl/nix-ssl-cert-file.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff -ru -x '*~' openssl-1.0.2j-orig/crypto/x509/by_file.c openssl-1.0.2j/crypto/x509/by_file.c ---- openssl-1.0.2j-orig/crypto/x509/by_file.c 2016-09-26 11:49:07.000000000 +0200 -+++ openssl-1.0.2j/crypto/x509/by_file.c 2016-10-13 16:54:31.400288302 +0200 -@@ -97,7 +97,10 @@ - switch (cmd) { - case X509_L_FILE_LOAD: - if (argl == X509_FILETYPE_DEFAULT) { -- file = (char *)getenv(X509_get_default_cert_file_env()); -+ file = (char *)getenv("NIX_SSL_CERT_FILE"); -+ if (!file) -+ file = (char *)getenv(X509_get_default_cert_file_env()); -+ fprintf(stderr, "OPEN %s", file); - if (file) - ok = (X509_load_cert_crl_file(ctx, file, - X509_FILETYPE_PEM) != 0); diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index d1936cb11ad31..958bea34e7d34 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -25,8 +25,6 @@ stdenv.mkDerivation rec { sha256 = "1v6q83qsrf7dgp3y5fa5vkppgqyy82pnsk8z9b4047b6fvclfwvv"; }; - patches = [ ./nix-ssl-cert-file.patch ]; - outputs = [ "bin" "dev" "out" "man" "devdoc" ]; nativeBuildInputs = [ pkgconfig perl ]; diff --git a/pkgs/tools/networking/curl/nix-ssl-cert-file.patch b/pkgs/tools/networking/curl/nix-ssl-cert-file.patch deleted file mode 100644 index 20c408bfae230..0000000000000 --- a/pkgs/tools/networking/curl/nix-ssl-cert-file.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff -ru -x '*~' curl-7.50.3-orig/src/tool_operate.c curl-7.50.3/src/tool_operate.c ---- curl-7.50.3-orig/src/tool_operate.c 2016-09-06 23:25:06.000000000 +0200 -+++ curl-7.50.3/src/tool_operate.c 2016-10-14 11:51:48.999943142 +0200 -@@ -269,7 +269,9 @@ - capath_from_env = true; - } - else { -- env = curlx_getenv("SSL_CERT_FILE"); -+ env = curlx_getenv("NIX_SSL_CERT_FILE"); -+ if(!env) -+ env = curlx_getenv("SSL_CERT_FILE"); - if(env) { - config->cacert = strdup(env); - if(!config->cacert) {