guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#48985] [PATCH] gnu: libressl: Remove search paths.

From: Ludovic Courtès
Subject: [bug#48985] [PATCH] gnu: libressl: Remove search paths.
Date: Wed, 16 Jun 2021 22:57:46 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) 
Brice Waegeneire <brice@waegenei.re> skribis:

> Unlike OpenSSL, LibreSSL hardcode it's certificate bundle and doesn't
> allow to specify it through a environment variable.
>
> * gnu/packages/tls.scm (libressl)[configure-flags]: Specify OpenSSL
> configuration directory.
> [native-search-paths]: Remove it.
> * gnu/packages/ntp.scm (openntpd)[configure-flags]: Adjust CAcert
> location.

[...]

> -                            ,(string-append "--with-cacert="
> -                                            (assoc-ref %build-inputs 
> "libressl")
> -                                            "/etc/ssl/cert.pem"))
> +     `(#:configure-flags (list "--with-privsep-user=ntpd"
> +                               "--localstatedir=/var"
> +                               (string-append "--with-cacert="
> +                                              (assoc-ref %build-inputs 
> "libressl")
> +                                              "/share/libressl-"
> +                                              ,(package-version libressl)
> +                                              "/cert.pem"))

So the etc/ssl/cert.pm file name was wrong for a while?

Note: instead of (package-version libressl), we should look at the
libressl input of ‘this-package’, though it’s probably not big deal
here.

Otherwise LGTM, thanks!

Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]