From 14c1e0fa1f9eacf9b039662747d317f1afc24fea Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 29 May 2015 14:03:34 -0700 Subject: [PATCH] Fix ca-bundle paths --- pkgs/applications/networking/cluster/panamax/api/default.nix | 4 ++-- .../networking/instant-messengers/fuze/default.nix | 2 +- pkgs/applications/networking/irc/weechat/default.nix | 2 +- pkgs/applications/version-management/bazaar/default.nix | 4 ++-- pkgs/build-support/fetchgit/default.nix | 2 +- pkgs/build-support/rust/fetchcargo.nix | 2 +- pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix | 4 ++-- pkgs/development/compilers/icedtea/default.nix | 2 +- pkgs/development/compilers/openjdk/default.nix | 2 +- pkgs/development/compilers/openjdk/openjdk8.nix | 2 +- pkgs/development/interpreters/elixir/default.nix | 2 +- pkgs/development/lisp-modules/lisp-packages.nix | 4 ++-- pkgs/tools/networking/aria2/default.nix | 2 +- 13 files changed, 17 insertions(+), 17 deletions(-) diff --git a/pkgs/applications/networking/cluster/panamax/api/default.nix b/pkgs/applications/networking/cluster/panamax/api/default.nix index 6cbec878a484..dae0315a31b2 100644 --- a/pkgs/applications/networking/cluster/panamax/api/default.nix +++ b/pkgs/applications/networking/cluster/panamax/api/default.nix @@ -62,8 +62,8 @@ stdenv.mkDerivation rec { --prefix "PATH" : "$out/share/panamax-api/bin:${env.ruby}/bin:$PATH" \ --prefix "HOME" : "$out/share/panamax-api" \ --prefix "GEM_HOME" : "${env}/${env.ruby.gemPath}" \ - --prefix "OPENSSL_X509_CERT_FILE" : "${cacert}/etc/ca-bundle.crt" \ - --prefix "SSL_CERT_FILE" : "${cacert}/etc/ca-bundle.crt" \ + --prefix "OPENSSL_X509_CERT_FILE" : "${cacert}/ca-bundle.crt" \ + --prefix "SSL_CERT_FILE" : "${cacert}/ca-bundle.crt" \ --prefix "GEM_PATH" : "$out/share/panamax-api:${bundler}/${env.ruby.gemPath}" ''; diff --git a/pkgs/applications/networking/instant-messengers/fuze/default.nix b/pkgs/applications/networking/instant-messengers/fuze/default.nix index bc9246d8845c..77fe37481d87 100644 --- a/pkgs/applications/networking/instant-messengers/fuze/default.nix +++ b/pkgs/applications/networking/instant-messengers/fuze/default.nix @@ -6,7 +6,7 @@ assert stdenv.system == "x86_64-linux"; let curl_custom = stdenv.lib.overrideDerivation curl (args: { - configureFlags = args.configureFlags ++ ["--with-ca-bundle=${cacert}/etc/ca-bundle.crt"] ; + configureFlags = args.configureFlags ++ ["--with-ca-bundle=${cacert}/ca-bundle.crt"] ; } ); in stdenv.mkDerivation { diff --git a/pkgs/applications/networking/irc/weechat/default.nix b/pkgs/applications/networking/irc/weechat/default.nix index d5cc3fb7718f..bbad15879820 100644 --- a/pkgs/applications/networking/irc/weechat/default.nix +++ b/pkgs/applications/networking/irc/weechat/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { cacert cmake ] ++ extraBuildInputs; - NIX_CFLAGS_COMPILE = "-I${python}/include/${python.libPrefix} -DCA_FILE=${cacert}/etc/ca-bundle.crt"; + NIX_CFLAGS_COMPILE = "-I${python}/include/${python.libPrefix} -DCA_FILE=${cacert}/ca-bundle.crt"; postInstall = '' NIX_PYTHONPATH="$out/lib/${python.libPrefix}/site-packages" diff --git a/pkgs/applications/version-management/bazaar/default.nix b/pkgs/applications/version-management/bazaar/default.nix index 648d59ac01c2..ad6f0c50a379 100644 --- a/pkgs/applications/version-management/bazaar/default.nix +++ b/pkgs/applications/version-management/bazaar/default.nix @@ -10,7 +10,7 @@ stdenv.mkDerivation rec { sha256 = "1c6sj77h5f97qimjc14kr532kgc0jk3wq778xrkqi0pbh9qpk509"; }; - buildInputs = [ pythonPackages.python pythonPackages.wrapPython cacert ]; + buildInputs = [ pythonPackages.python pythonPackages.wrapPython ]; # Readline support is needed by bzrtools. pythonPath = [ pythonPackages.readline ]; @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { patches = [ ./add_certificates.patch ]; postPatch = '' substituteInPlace bzrlib/transport/http/_urllib2_wrappers.py \ - --subst-var-by "certPath" "${cacert}/etc/ca-bundle.crt" + --subst-var-by "certPath" "${cacert}/ca-bundle.crt" ''; diff --git a/pkgs/build-support/fetchgit/default.nix b/pkgs/build-support/fetchgit/default.nix index e5ad7200cecf..7259fa8ff4c5 100644 --- a/pkgs/build-support/fetchgit/default.nix +++ b/pkgs/build-support/fetchgit/default.nix @@ -54,7 +54,7 @@ stdenv.mkDerivation { inherit url rev leaveDotGit fetchSubmodules deepClone branchName; - GIT_SSL_CAINFO = "${cacert}/etc/ca-bundle.crt"; + GIT_SSL_CAINFO = "${cacert}/ca-bundle.crt"; impureEnvVars = [ # We borrow these environment variables from the caller to allow diff --git a/pkgs/build-support/rust/fetchcargo.nix b/pkgs/build-support/rust/fetchcargo.nix index 575df64c6b29..1f5166d5c434 100644 --- a/pkgs/build-support/rust/fetchcargo.nix +++ b/pkgs/build-support/rust/fetchcargo.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation { outputHashMode = "recursive"; outputHash = sha256; - SSL_CERT_FILE = "${cacert}/etc/ca-bundle.crt"; + SSL_CERT_FILE = "${cacert}/ca-bundle.crt"; impureEnvVars = [ "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" ]; preferLocalBuild = true; diff --git a/pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix b/pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix index aacc62a30a9c..7afa2800105f 100644 --- a/pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix +++ b/pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix @@ -1,6 +1,6 @@ { stdenv, fetchurl, pkgconfig, dbus, libgcrypt, libtasn1, pam, python, glib, libxslt , intltool, pango, gcr, gdk_pixbuf, atk, p11_kit, makeWrapper -, docbook_xsl_ns, docbook_xsl, gnome3 }: +, docbook_xsl_ns, docbook_xsl, gnome3, cacert }: let majVer = gnome3.version; @@ -22,7 +22,7 @@ in stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig intltool docbook_xsl_ns docbook_xsl ]; configureFlags = [ - "--with-ca-certificates=/etc/ssl/certs/ca-bundle.crt" # NixOS hardcoded path + "--with-ca-certificates=${cacert}/ca-bundle.crt" # NixOS hardcoded path "--with-pkcs11-config=$$out/etc/pkcs11/" # installation directories "--with-pkcs11-modules=$$out/lib/pkcs11/" ]; diff --git a/pkgs/development/compilers/icedtea/default.nix b/pkgs/development/compilers/icedtea/default.nix index 5e008821d950..fe7ec5851557 100644 --- a/pkgs/development/compilers/icedtea/default.nix +++ b/pkgs/development/compilers/icedtea/default.nix @@ -135,7 +135,7 @@ let # Generate certificates. pushd $jre/lib/icedtea/jre/lib/security rm cacerts - perl ${./generate-cacerts.pl} $jre/lib/icedtea/jre/bin/keytool ${cacert}/etc/ca-bundle.crt + perl ${./generate-cacerts.pl} $jre/lib/icedtea/jre/bin/keytool ${cacert}/ca-bundle.crt popd ln -s $out/lib/icedtea/bin $out/bin diff --git a/pkgs/development/compilers/openjdk/default.nix b/pkgs/development/compilers/openjdk/default.nix index ec095bb4efa3..d0ca85af0e0e 100644 --- a/pkgs/development/compilers/openjdk/default.nix +++ b/pkgs/development/compilers/openjdk/default.nix @@ -142,7 +142,7 @@ let # Generate certificates. pushd $jre/lib/openjdk/jre/lib/security rm cacerts - perl ${./generate-cacerts.pl} $jre/lib/openjdk/jre/bin/keytool ${cacert}/etc/ca-bundle.crt + perl ${./generate-cacerts.pl} $jre/lib/openjdk/jre/bin/keytool ${cacert}/ca-bundle.crt popd ln -s $out/lib/openjdk/bin $out/bin diff --git a/pkgs/development/compilers/openjdk/openjdk8.nix b/pkgs/development/compilers/openjdk/openjdk8.nix index 63d42e6e3d64..b0dae2512a5b 100644 --- a/pkgs/development/compilers/openjdk/openjdk8.nix +++ b/pkgs/development/compilers/openjdk/openjdk8.nix @@ -134,7 +134,7 @@ let # Generate certificates. pushd $jre/lib/openjdk/jre/lib/security rm cacerts - perl ${./generate-cacerts.pl} $jre/lib/openjdk/jre/bin/keytool ${cacert}/etc/ca-bundle.crt + perl ${./generate-cacerts.pl} $jre/lib/openjdk/jre/bin/keytool ${cacert}/ca-bundle.crt popd ln -s $out/lib/openjdk/bin $out/bin diff --git a/pkgs/development/interpreters/elixir/default.nix b/pkgs/development/interpreters/elixir/default.nix index 1166c7075c85..9d12d42cee88 100644 --- a/pkgs/development/interpreters/elixir/default.nix +++ b/pkgs/development/interpreters/elixir/default.nix @@ -33,7 +33,7 @@ stdenv.mkDerivation { if [ $b == "mix" ]; then continue; fi wrapProgram $f \ --prefix PATH ":" "${erlang}/bin:${coreutils}/bin:${curl}/bin:${bash}/bin" \ - --set CURL_CA_BUNDLE "${cacert}/etc/ca-bundle.crt" + --set CURL_CA_BUNDLE "${cacert}/ca-bundle.crt" done ''; diff --git a/pkgs/development/lisp-modules/lisp-packages.nix b/pkgs/development/lisp-modules/lisp-packages.nix index 91c08419e706..910a082b88a7 100644 --- a/pkgs/development/lisp-modules/lisp-packages.nix +++ b/pkgs/development/lisp-modules/lisp-packages.nix @@ -40,7 +40,7 @@ let lispPackages = rec { url = "https://common-lisp.net/project/iterate/darcs/iterate"; sha256 = "0gm05s3laiivsqgqjfj1rkz83c2c0jyn4msfgbv6sz42znjpam25"; context = ./iterate.darcs-context; - }) (x: {SSL_CERT_FILE=pkgs.cacert + "/etc/ca-bundle.crt";})); + }) (x: {SSL_CERT_FILE=pkgs.cacert + "/ca-bundle.crt";})); overrides = x: { configurePhase="buildPhase(){ true; }"; }; @@ -314,7 +314,7 @@ let lispPackages = rec { src = (pkgs.lib.overrideDerivation (pkgs.fetchdarcs { url = ''http://common-lisp.net/project/trivial-utf-8/darcs/trivial-utf-8/''; sha256 = "1jz27gz8gvqdmvp3k9bxschs6d5b3qgk94qp2bj6nv1d0jc3m1l1"; - }) (x: {SSL_CERT_FILE=pkgs.cacert + "/etc/ca-bundle.crt";})); + }) (x: {SSL_CERT_FILE=pkgs.cacert + "/ca-bundle.crt";})); }; cl-fuse-meta-fs = buildLispPackage rec { diff --git a/pkgs/tools/networking/aria2/default.nix b/pkgs/tools/networking/aria2/default.nix index 3167f7ffc225..df972a4287bd 100644 --- a/pkgs/tools/networking/aria2/default.nix +++ b/pkgs/tools/networking/aria2/default.nix @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { propagatedBuildInputs = [ cacert ]; - configureFlags = [ "--with-ca-bundle=${cacert}/etc/ca-bundle.crt" ]; + configureFlags = [ "--with-ca-bundle=${cacert}/ca-bundle.crt" ]; meta = with stdenv.lib; { homepage = http://aria2.sourceforge.net/;