diff --git a/pkgs/development/libraries/libressl/default.nix b/pkgs/development/libraries/libressl/default.nix index 71b8d2bb20e..4bfa6cd0b8e 100644 --- a/pkgs/development/libraries/libressl/default.nix +++ b/pkgs/development/libraries/libressl/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, lib, cmake }: +{ stdenv, fetchurl, lib, cmake, cacert }: let @@ -31,6 +31,12 @@ let rm configure ''; + # Since 2.9.x the default location can't be configured from the build using + # DEFAULT_CA_FILE anymore, instead we have to patch the default value. + postPatch = lib.optionalString (lib.versionAtLeast version "2.9.2") '' + substituteInPlace ./tls/tls_config.c --replace '"/etc/ssl/cert.pem"' '"${cacert}/etc/ssl/certs/ca-bundle.crt"' + ''; + enableParallelBuilding = true; outputs = [ "bin" "dev" "out" "man" "nc" ];