buildRustPackage: Fix Cargo.lock being ignored

It turns out that `cargo`, with respect to registry dependencies, was
ignoring the package versions locked in `Cargo.lock` because we changed
the registry index URL.

Therefore, every time `rustRegistry` would be updated, we'd always try
to use the latest version available for every dependency and as a result
the deps' SHA256 hashes would almost always have to be changed.

To fix this, now we do a string substitution in `Cargo.lock` of the
`crates.io` registry URL with our URL. This should be safe because our
registry is just a copy of the `crates.io` registry at a certain point
in time.

Since now we don't always use the latest version of every dependency,
the build of `cargo` actually started to fail because two of the
dependencies specified in its `Cargo.lock` file have build failures.

To fix the latter problem, I've added a `cargoUpdateHook` variable that
gets ran both when fetching dependencies and just before building the
program. The purpose of `cargoUpdateHook` is to do any ad-hoc updating
of dependencies necessary to get the package to build. The use of the
'--precise' flag is needed so that cargo doesn't try to fetch an even
newer version whenever `rustRegistry` is updated (and therefore have to
change depsSha256 as a consequence).

pkgs/build-support/rust/default.nix

@@ -1,5 +1,5 @@
 { stdenv, cacert, git, rustc, cargo, rustRegistry }:
-{ name, src, depsSha256, buildInputs ? [], ... } @ args:
+{ name, src, depsSha256, buildInputs ? [], cargoUpdateHook ? "", ... } @ args:
 
 let
   fetchDeps = import ./fetchcargo.nix {
@@ -7,12 +7,12 @@ let
   };
 
   cargoDeps = fetchDeps {
-    inherit name src;
+    inherit name src cargoUpdateHook;
     sha256 = depsSha256;
   };
 
 in stdenv.mkDerivation (args // {
-  inherit cargoDeps rustRegistry;
+  inherit cargoDeps rustRegistry cargoUpdateHook;
 
   buildInputs = [ git cargo rustc ] ++ buildInputs;
 
@@ -23,8 +23,15 @@ in stdenv.mkDerivation (args // {
     (
         cd $sourceRoot
         ln -s $rustRegistry ./cargo-rust-registry
-        cargo clean
+
+        substituteInPlace Cargo.lock \
+            --replace "registry+https://github.com/rust-lang/crates.io-index" \
+                      "registry+file:///proc/self/cwd/cargo-rust-registry"
+
+        eval "$cargoUpdateHook"
+
         cargo fetch
+        cargo clean
     )
   '' + (args.postUnpack or "");
 

pkgs/build-support/rust/fetch-cargo-deps

@@ -1,6 +1,8 @@
-#! /bin/sh -eu
+#! /bin/sh
 
-set -o pipefail
+source $stdenv/setup
+
+set -euo pipefail
 
 src=$(realpath $1)
 out=$(realpath $2)
@@ -38,6 +40,15 @@ EOF
 
 export CARGO_HOME=$out
 cd $src
+
+set +u
+substituteInPlace Cargo.lock \
+    --replace "registry+https://github.com/rust-lang/crates.io-index" \
+              "registry+file:///proc/self/cwd/cargo-rust-registry"
+set -u
+
+eval "$cargoUpdateHook"
+
 cargo fetch --verbose
 
 # TODO: check that Cargo.lock exists, and hasn't changed

pkgs/build-support/rust/fetchcargo.nix

@@ -1,12 +1,12 @@
 { stdenv, cacert, git, rustc, cargo, rustRegistry }:
-{ name ? "cargo-deps", src, sha256 }:
+{ name ? "cargo-deps", src, sha256, cargoUpdateHook ? "" }:
 
 stdenv.mkDerivation {
   name = "${name}-fetch";
   buildInputs = [ rustc cargo git ];
   builder = ./fetch-builder.sh;
   fetcher = ./fetch-cargo-deps;
-  inherit src rustRegistry;
+  inherit src rustRegistry cargoUpdateHook;
 
   outputHashAlgo = "sha256";
   outputHashMode = "recursive";

pkgs/development/tools/build-managers/cargo/default.nix

@@ -15,7 +15,15 @@ buildRustPackage rec {
     leaveDotGit = true;
   };
 
-  depsSha256 = "1yi39asmnrya8w83jrjxym658cf1a5ffp8ym8502rqqvx30y0yx4";
+  cargoUpdateHook = ''
+    # Updating because version 2.1.4 has an invalid Cargo.toml
+    cargo update -p libressl-pnacl-sys --precise 2.1.5
+
+    # Updating because version 0.1.3 has a build failure with recent rustc
+    cargo update -p threadpool --precise 0.1.4
+  '';
+
+  depsSha256 = "12d2v4b85qabagrypvqiam2iybd4jwcg0sky0gqarfhjh2dhwfm6";
 
   buildInputs = [ file curl pkgconfig python openssl cmake zlib ];