From febceef0784aa0826b63af636c58afbcb25ffc60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Tue, 19 Apr 2022 15:20:41 +0200 Subject: [PATCH] curl: gate darwin workarounds behind stdenv.isDarwin to make life on linux easier Closes #3382 --- pkgs/tools/networking/curl/default.nix | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index 7c7f301552e7e..a4056fd28a92c 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -108,11 +108,6 @@ stdenv.mkDerivation rec { configureFlags = [ # Build without manual "--disable-manual" - # Disable default CA bundle, use NIX_SSL_CERT_FILE or fallback - # to nss-cacert from the default profile. - # https://github.com/curl/curl/issues/8696 - fallback is not supported by HTTP3 - (if http3Support then "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt" else "--without-ca-bundle") - "--without-ca-path" (lib.enableFeature c-aresSupport "ares") (lib.enableFeature ldapSupport "ldap") (lib.enableFeature ldapSupport "ldaps") @@ -136,6 +131,12 @@ stdenv.mkDerivation rec { ++ lib.optionals stdenv.hostPlatform.isWindows [ "--disable-shared" "--enable-static" + ] ++ lib.optionals stdenv.isDarwin [ + # Disable default CA bundle, use NIX_SSL_CERT_FILE or fallback to nss-cacert from the default profile. + # Without this curl might detect /etc/ssl/cert.pem at build time on macOS, causing curl to ignore NIX_SSL_CERT_FILE. + # https://github.com/curl/curl/issues/8696 - fallback is not supported by HTTP3 + (if http3Support then "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt" else "--without-ca-bundle") + "--without-ca-path" ]; CXX = "${stdenv.cc.targetPrefix}c++";