diff options
| author | nyanotech <nyanotechnology@gmail.com> | 2023-06-16 03:18:39 -0700 |
|---|---|---|
| committer | nyanotech <nyanotechnology@gmail.com> | 2023-06-17 10:57:59 -0700 |
| commit | aefce34bc550d1b5405cc96eb1850f8081ebcb46 (patch) | |
| tree | b67b4a25172dcfcdcabdbebbbd718312ff47c74c /pkgs/applications/networking/syncplay | |
| parent | b88ce3f36742c2a6ff09ca0a48c074259394c42c (diff) | |
syncplay: fix tls support in client
Adds "pem", which is a new dependency added in the last release from upstream. Nixos patches certifi to return the system ca bundle, which includes openssl-format "trusted certificate"s, which pyopenssl seems to choke on when syncplay tries to load them. Therefore, we add a patch that skips those "trusted certificates".
Diffstat (limited to 'pkgs/applications/networking/syncplay')
| -rw-r--r-- | pkgs/applications/networking/syncplay/default.nix | 4 | ||||
| -rw-r--r-- | pkgs/applications/networking/syncplay/trusted_certificates.patch | 12 |
2 files changed, 15 insertions, 1 deletions
diff --git a/pkgs/applications/networking/syncplay/default.nix b/pkgs/applications/networking/syncplay/default.nix index 306822d74e7b0..36b6b5c143393 100644 --- a/pkgs/applications/networking/syncplay/default.nix +++ b/pkgs/applications/networking/syncplay/default.nix @@ -3,6 +3,7 @@ , fetchFromGitHub , buildPythonApplication , fetchpatch +, pem , pyside6 , twisted , certifi @@ -30,10 +31,11 @@ buildPythonApplication rec { url = "https://github.com/Syncplay/syncplay/commit/b62b038cdf58c54205987dfc52ebf228505ad03b.patch"; hash = "sha256-pSP33Qn1I+nJBW8T1E1tSJKRh5OnZMRsbU+jr5z4u7c="; }) + ./trusted_certificates.patch ]; buildInputs = lib.optionals enableGUI [ (if stdenv.isLinux then qt6.qtwayland else qt6.qtbase) ]; - propagatedBuildInputs = [ twisted certifi ] + propagatedBuildInputs = [ certifi pem twisted ] ++ twisted.optional-dependencies.tls ++ lib.optional enableGUI pyside6 ++ lib.optional (stdenv.isDarwin && enableGUI) appnope; diff --git a/pkgs/applications/networking/syncplay/trusted_certificates.patch b/pkgs/applications/networking/syncplay/trusted_certificates.patch new file mode 100644 index 0000000000000..4cf613080024a --- /dev/null +++ b/pkgs/applications/networking/syncplay/trusted_certificates.patch @@ -0,0 +1,12 @@ +diff --git a/syncplay/client.py b/syncplay/client.py +index b7cb245..be72d94 100755 +--- a/syncplay/client.py ++++ b/syncplay/client.py +@@ -848,6 +848,7 @@ class SyncplayClient(object): + self._endpoint = HostnameEndpoint(reactor, host, port) + try: + certs = pem.parse_file(SSL_CERT_FILE) ++ certs = [cert for cert in certs if type(cert) is pem.Certificate] + trustRoot = trustRootFromCertificates([Certificate.loadPEM(str(cert)) for cert in certs]) + self.protocolFactory.options = optionsForClientTLS(hostname=host, trustRoot=trustRoot) + self._clientSupportsTLS = True |