go: 1.7.4 -> 1.7.5

This commit is contained in:
Yann Hodique 2017-05-07 14:09:24 -07:00 committed by Robin Gloster
parent 0a4cf89ae4
commit 19ebff1d95
5 changed files with 6 additions and 86 deletions

View file

@ -24,13 +24,13 @@ in
stdenv.mkDerivation rec {
name = "go-${version}";
version = "1.7.4";
version = "1.7.5";
src = fetchFromGitHub {
owner = "golang";
repo = "go";
rev = "go${version}";
sha256 = "1ks3xph20afrfp3vqs1sjnkpjb0lgxblv8706wa3iiyg7rka4axv";
sha256 = "00radlwbrssn0x3naamb33cfx7ap2jv7s51bqr705nmn2j5yyblk";
};
# perl is used for testing go vet
@ -105,7 +105,7 @@ stdenv.mkDerivation rec {
patches =
[ ./remove-tools-1.7.patch
./ssl-cert-file-1.7.patch
./ssl-cert-file.patch
./creds-test.patch
# This test checks for the wrong thing with recent tzdata. It's been fixed in master but the patch

View file

@ -107,7 +107,7 @@ stdenv.mkDerivation rec {
patches =
[ ./remove-tools-1.8.patch
./ssl-cert-file-1.8.patch
./ssl-cert-file.patch
./creds-test.patch
./remove-test-pie-1.8.patch

View file

@ -1,78 +0,0 @@
diff --git a/src/crypto/x509/root_cgo_darwin.go b/src/crypto/x509/root_cgo_darwin.go
index a4b33c7..9700b75 100644
--- a/src/crypto/x509/root_cgo_darwin.go
+++ b/src/crypto/x509/root_cgo_darwin.go
@@ -151,11 +151,20 @@ int FetchPEMRoots(CFDataRef *pemRoots) {
import "C"
import (
"errors"
+ "io/ioutil"
+ "os"
"unsafe"
)
func loadSystemRoots() (*CertPool, error) {
roots := NewCertPool()
+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" {
+ data, err := ioutil.ReadFile(file)
+ if err == nil {
+ roots.AppendCertsFromPEM(data)
+ return roots, nil
+ }
+ }
var data C.CFDataRef = nil
err := C.FetchPEMRoots(&data)
diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go
index 59b303d..d4a34ac 100644
--- a/src/crypto/x509/root_darwin.go
+++ b/src/crypto/x509/root_darwin.go
@@ -28,16 +28,25 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate
// The linker will not include these unused functions in binaries built with cgo enabled.
func execSecurityRoots() (*CertPool, error) {
+ var (
+ mu sync.Mutex
+ roots = NewCertPool()
+ )
+
+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" {
+ data, err := ioutil.ReadFile(file)
+ if err == nil {
+ roots.AppendCertsFromPEM(data)
+ return roots, nil
+ }
+ }
+
cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain")
data, err := cmd.Output()
if err != nil {
return nil, err
}
- var (
- mu sync.Mutex
- roots = NewCertPool()
- )
add := func(cert *Certificate) {
mu.Lock()
defer mu.Unlock()
diff --git a/src/crypto/x509/root_unix.go b/src/crypto/x509/root_unix.go
index 7bcb3d6..3986e1a 100644
--- a/src/crypto/x509/root_unix.go
+++ b/src/crypto/x509/root_unix.go
@@ -24,6 +24,14 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate
func loadSystemRoots() (*CertPool, error) {
roots := NewCertPool()
+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" {
+ data, err := ioutil.ReadFile(file)
+ if err == nil {
+ roots.AppendCertsFromPEM(data)
+ return roots, nil
+ }
+ }
+
var firstErr error
for _, file := range certFiles {
data, err := ioutil.ReadFile(file)

View file

@ -5348,11 +5348,9 @@ with pkgs;
inherit (darwin.apple_sdk.frameworks) Security Foundation;
};
go_1_7 = callPackage ../development/compilers/go/1.7.nix ({
go_1_7 = callPackage ../development/compilers/go/1.7.nix {
inherit (darwin.apple_sdk.frameworks) Security Foundation;
} // stdenv.lib.optionalAttrs stdenv.isDarwin {
stdenv = stdenvAdapters.overrideCC pkgs.stdenv pkgs.clang_38;
});
};
go_1_8 = callPackage ../development/compilers/go/1.8.nix ({
inherit (darwin.apple_sdk.frameworks) Security Foundation;