diff options
author | Daiderd Jordan <daiderd@gmail.com> | 2018-06-23 12:13:23 +0200 |
---|---|---|
committer | Daiderd Jordan <daiderd@gmail.com> | 2018-06-23 12:16:42 +0200 |
commit | 288939ce22a8d63077e888db227289d9e36d41e5 (patch) | |
tree | 79658026473e4ae9ce826461d13dabddf74cc991 /pkgs/tools/networking/curl | |
parent | 59daa4fd629f7e6547bdff047d9759c353f29067 (diff) |
curl: disable default CA bundle
Without this curl might detect /etc/ssl/cert.pem at build time on macOS, causing curl to ignore NIX_SSL_CERT_FILE. Fixes #42317
Diffstat (limited to 'pkgs/tools/networking/curl')
-rw-r--r-- | pkgs/tools/networking/curl/default.nix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index 3d8cdd2653b78..4a476a6ba1373 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -63,6 +63,10 @@ stdenv.mkDerivation rec { ''; configureFlags = [ + # Disable default CA bundle, use NIX_SSL_CERT_FILE or fallback + # to nss-cacert from the default profile. + "--without-ca-bundle" + "--without-ca-path" "--with-ca-fallback" "--disable-manual" ( if sslSupport then "--with-ssl=${openssl.dev}" else "--without-ssl" ) |