commit
5ea6d5fa72
2 changed files with 115 additions and 43 deletions
|
@ -1,9 +1,17 @@
|
|||
{ stdenv, lib, fetchFromGitHub, tzdata, iana_etc, go_bootstrap, runCommand
|
||||
{ stdenv, fetchFromGitHub, tzdata, iana_etc, go_bootstrap, runCommand, writeScriptBin
|
||||
, perl, which, pkgconfig, patch, fetchpatch
|
||||
, pcre
|
||||
, pcre, cacert
|
||||
, Security, Foundation, bash }:
|
||||
|
||||
let
|
||||
|
||||
inherit (stdenv.lib) optional optionals optionalString;
|
||||
|
||||
clangHack = writeScriptBin "clang" ''
|
||||
#!${stdenv.shell}
|
||||
exec ${stdenv.cc}/bin/clang "$@" 2> >(sed '/ld: warning:.*ignoring unexpected dylib file/ d' 1>&2)
|
||||
'';
|
||||
|
||||
goBootstrap = runCommand "go-bootstrap" {} ''
|
||||
mkdir $out
|
||||
cp -rf ${go_bootstrap}/* $out/
|
||||
|
@ -11,6 +19,7 @@ let
|
|||
find $out -name "*.c" -delete
|
||||
cp -rf $out/bin/* $out/share/go/bin/
|
||||
'';
|
||||
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
|
@ -27,28 +36,11 @@ stdenv.mkDerivation rec {
|
|||
# perl is used for testing go vet
|
||||
nativeBuildInputs = [ perl which pkgconfig patch ];
|
||||
buildInputs = [ pcre ];
|
||||
propagatedBuildInputs = lib.optionals stdenv.isDarwin [
|
||||
Security Foundation
|
||||
];
|
||||
propagatedBuildInputs = optionals stdenv.isDarwin [ Security Foundation ];
|
||||
|
||||
hardeningDisable = [ "all" ];
|
||||
|
||||
# I'm not sure what go wants from its 'src', but the go installation manual
|
||||
# describes an installation keeping the src.
|
||||
preUnpack = ''
|
||||
topdir=$PWD
|
||||
mkdir -p $out/share
|
||||
cd $out/share
|
||||
'';
|
||||
|
||||
prePatch = ''
|
||||
# Ensure that the source directory is named go
|
||||
cd ..
|
||||
if [ ! -d go ]; then
|
||||
mv * go
|
||||
fi
|
||||
|
||||
cd go
|
||||
patchShebangs ./ # replace /bin/bash
|
||||
|
||||
# This source produces shell script at run time,
|
||||
|
@ -81,9 +73,9 @@ stdenv.mkDerivation rec {
|
|||
# Disable cgo lookup tests not works, they depend on resolver
|
||||
rm src/net/cgo_unix_test.go
|
||||
|
||||
'' + lib.optionalString stdenv.isLinux ''
|
||||
'' + optionalString stdenv.isLinux ''
|
||||
sed -i 's,/usr/share/zoneinfo/,${tzdata}/share/zoneinfo/,' src/time/zoneinfo_unix.go
|
||||
'' + lib.optionalString stdenv.isDarwin ''
|
||||
'' + optionalString stdenv.isDarwin ''
|
||||
substituteInPlace src/race.bash --replace \
|
||||
"sysctl machdep.cpu.extfeatures | grep -qv EM64T" true
|
||||
sed -i 's,strings.Contains(.*sysctl.*,true {,' src/cmd/dist/util.go
|
||||
|
@ -93,6 +85,7 @@ stdenv.mkDerivation rec {
|
|||
sed -i '/TestChdirAndGetwd/areturn' src/os/os_test.go
|
||||
sed -i '/TestRead0/areturn' src/os/os_test.go
|
||||
sed -i '/TestNohup/areturn' src/os/signal/signal_test.go
|
||||
sed -i '/TestCurrent/areturn' src/os/user/user_test.go
|
||||
sed -i '/TestSystemRoots/areturn' src/crypto/x509/root_darwin_test.go
|
||||
|
||||
sed -i '/TestGoInstallRebuildsStalePackagesInOtherGOPATH/areturn' src/cmd/go/go_test.go
|
||||
|
@ -106,20 +99,11 @@ stdenv.mkDerivation rec {
|
|||
touch $TMPDIR/group $TMPDIR/hosts $TMPDIR/passwd
|
||||
|
||||
sed -i '1 a\exit 0' misc/cgo/errors/test.bash
|
||||
|
||||
mkdir $topdir/dirtyhacks
|
||||
cat <<EOF > $topdir/dirtyhacks/clang
|
||||
#!${bash}/bin/bash
|
||||
$(type -P clang) "\$@" 2> >(sed '/ld: warning:.*ignoring unexpected dylib file/ d' 1>&2)
|
||||
exit $?
|
||||
EOF
|
||||
chmod +x $topdir/dirtyhacks/clang
|
||||
PATH=$topdir/dirtyhacks:$PATH
|
||||
'';
|
||||
|
||||
patches = [
|
||||
./remove-tools-1.7.patch
|
||||
];
|
||||
patches = [ ./remove-tools-1.7.patch ./cacert-1.7.patch ];
|
||||
|
||||
SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||
|
||||
GOOS = if stdenv.isDarwin then "darwin" else "linux";
|
||||
GOARCH = if stdenv.isDarwin then "amd64"
|
||||
|
@ -127,7 +111,7 @@ stdenv.mkDerivation rec {
|
|||
else if stdenv.system == "x86_64-linux" then "amd64"
|
||||
else if stdenv.isArm then "arm"
|
||||
else throw "Unsupported system";
|
||||
GOARM = stdenv.lib.optionalString (stdenv.system == "armv5tel-linux") "5";
|
||||
GOARM = optionalString (stdenv.system == "armv5tel-linux") "5";
|
||||
GO386 = 387; # from Arch: don't assume sse2 on i686
|
||||
CGO_ENABLED = 1;
|
||||
GOROOT_BOOTSTRAP = "${goBootstrap}/share/go";
|
||||
|
@ -136,19 +120,25 @@ stdenv.mkDerivation rec {
|
|||
# just want the generic `cc` here.
|
||||
CC = if stdenv.isDarwin then "clang" else "cc";
|
||||
|
||||
configurePhase = ''
|
||||
mkdir -p $out/share/go/bin
|
||||
export GOROOT=$out/share/go
|
||||
export GOBIN=$GOROOT/bin
|
||||
export PATH=$GOBIN:$PATH
|
||||
'';
|
||||
|
||||
postConfigure = optionalString stdenv.isDarwin ''
|
||||
export PATH=${clangHack}/bin:$PATH
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p "$out/bin"
|
||||
export GOROOT="$(pwd)/"
|
||||
export GOBIN="$out/bin"
|
||||
export PATH="$GOBIN:$PATH"
|
||||
cd ./src
|
||||
echo Building
|
||||
./all.bash
|
||||
cp -r . $GOROOT
|
||||
( cd $GOROOT/src && ./all.bash )
|
||||
'';
|
||||
|
||||
preFixup = ''
|
||||
rm -r $out/share/go/pkg/bootstrap
|
||||
rmdir $out/bin && mv $out/share/go/bin $out/bin
|
||||
mv $out/share/go/bin $out/bin
|
||||
'';
|
||||
|
||||
setupHook = ./setup-hook.sh;
|
||||
|
|
82
pkgs/development/compilers/go/cacert-1.7.patch
Normal file
82
pkgs/development/compilers/go/cacert-1.7.patch
Normal file
|
@ -0,0 +1,82 @@
|
|||
diff --git a/src/crypto/x509/root_cgo_darwin.go b/src/crypto/x509/root_cgo_darwin.go
|
||||
index a4b33c7..9700b75 100644
|
||||
--- a/src/crypto/x509/root_cgo_darwin.go
|
||||
+++ b/src/crypto/x509/root_cgo_darwin.go
|
||||
@@ -151,11 +151,20 @@ int FetchPEMRoots(CFDataRef *pemRoots) {
|
||||
import "C"
|
||||
import (
|
||||
"errors"
|
||||
+ "io/ioutil"
|
||||
+ "os"
|
||||
"unsafe"
|
||||
)
|
||||
|
||||
func loadSystemRoots() (*CertPool, error) {
|
||||
roots := NewCertPool()
|
||||
+ if file := os.Getenv("SSL_CERT_FILE"); file != "" {
|
||||
+ data, err := ioutil.ReadFile(file)
|
||||
+ if err == nil {
|
||||
+ roots.AppendCertsFromPEM(data)
|
||||
+ return roots, nil
|
||||
+ }
|
||||
+ }
|
||||
|
||||
var data C.CFDataRef = nil
|
||||
err := C.FetchPEMRoots(&data)
|
||||
diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go
|
||||
index 78de56c..05eada4 100644
|
||||
--- a/src/crypto/x509/root_darwin.go
|
||||
+++ b/src/crypto/x509/root_darwin.go
|
||||
@@ -6,20 +6,31 @@
|
||||
|
||||
package x509
|
||||
|
||||
-import "os/exec"
|
||||
+import (
|
||||
+ "io/ioutil"
|
||||
+ "os"
|
||||
+ "os/exec"
|
||||
+)
|
||||
|
||||
func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func execSecurityRoots() (*CertPool, error) {
|
||||
+ roots := NewCertPool()
|
||||
+ if file := os.Getenv("SSL_CERT_FILE"); file != "" {
|
||||
+ data, err := ioutil.ReadFile(file)
|
||||
+ if err == nil {
|
||||
+ roots.AppendCertsFromPEM(data)
|
||||
+ return roots, nil
|
||||
+ }
|
||||
+ }
|
||||
cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain")
|
||||
data, err := cmd.Output()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
- roots := NewCertPool()
|
||||
roots.AppendCertsFromPEM(data)
|
||||
return roots, nil
|
||||
}
|
||||
diff --git a/src/crypto/x509/root_unix.go b/src/crypto/x509/root_unix.go
|
||||
index 7bcb3d6..3986e1a 100644
|
||||
--- a/src/crypto/x509/root_unix.go
|
||||
+++ b/src/crypto/x509/root_unix.go
|
||||
@@ -24,6 +24,14 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate
|
||||
|
||||
func loadSystemRoots() (*CertPool, error) {
|
||||
roots := NewCertPool()
|
||||
+ if file := os.Getenv("SSL_CERT_FILE"); file != "" {
|
||||
+ data, err := ioutil.ReadFile(file)
|
||||
+ if err == nil {
|
||||
+ roots.AppendCertsFromPEM(data)
|
||||
+ return roots, nil
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
var firstErr error
|
||||
for _, file := range certFiles {
|
||||
data, err := ioutil.ReadFile(file)
|
Loading…
Reference in a new issue