glusterfs: patch around SSL_CERT_PATH detection
The upstream configure.ac invokes `openssl version -d` in order to find the system path for certificates. This is problematic for us since that resolves to the nix store and lots of other mechanisms (including the glusterfs module) expect /etc/ssl to be the place for certificates, so this addition patches the file to set the value manually.
This commit is contained in:
parent
52272c9f03
commit
922bb56029
2 changed files with 34 additions and 0 deletions
|
@ -65,6 +65,17 @@ in stdenv.mkDerivation rec {
|
|||
};
|
||||
inherit buildInputs propagatedBuildInputs;
|
||||
|
||||
patches = [
|
||||
# Upstream invokes `openssl version -d` to derive the canonical system path
|
||||
# for certificates, which resolves to a nix store path, so this patch
|
||||
# statically sets the configure.ac value. There's probably a less-brittle
|
||||
# way to do this! (this will likely fail on a version bump)
|
||||
# References:
|
||||
# - https://github.com/gluster/glusterfs/issues/3234
|
||||
# - https://github.com/gluster/glusterfs/commit/a7dc43f533ad4b8ff68bf57704fefc614da65493
|
||||
./ssl_cert_path.patch
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
sed -e '/chmod u+s/d' -i contrib/fuse-util/Makefile.am
|
||||
substituteInPlace libglusterfs/src/glusterfs/lvm-defaults.h \
|
||||
|
|
23
pkgs/tools/filesystems/glusterfs/ssl_cert_path.patch
Normal file
23
pkgs/tools/filesystems/glusterfs/ssl_cert_path.patch
Normal file
|
@ -0,0 +1,23 @@
|
|||
diff --git a/configure.ac b/configure.ac
|
||||
index fb8db11e9e..4c40683057 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -766,14 +766,10 @@ AS_IF([test "x$enable_fuse_notifications" != "xno"], [
|
||||
|
||||
dnl Find out OpenSSL trusted certificates path
|
||||
AC_MSG_CHECKING([for OpenSSL trusted certificates path])
|
||||
-SSL_CERT_PATH=$(openssl version -d | sed -e 's|OPENSSLDIR: "\(.*\)".*|\1|')
|
||||
-if test -d $SSL_CERT_PATH 1>/dev/null 2>&1; then
|
||||
- AC_MSG_RESULT([$SSL_CERT_PATH])
|
||||
- AC_DEFINE_UNQUOTED(SSL_CERT_PATH, ["$SSL_CERT_PATH"], [Path to OpenSSL trusted certificates.])
|
||||
- AC_SUBST(SSL_CERT_PATH)
|
||||
-else
|
||||
- AC_MSG_ERROR([Unable to detect path to OpenSSL trusted certificates])
|
||||
-fi
|
||||
+SSL_CERT_PATH=/etc/ssl
|
||||
+AC_MSG_RESULT([$SSL_CERT_PATH])
|
||||
+AC_DEFINE_UNQUOTED(SSL_CERT_PATH, ["$SSL_CERT_PATH"], [Path to OpenSSL trusted certificates.])
|
||||
+AC_SUBST(SSL_CERT_PATH)
|
||||
|
||||
AC_CHECK_LIB([ssl], TLS_method, [HAVE_OPENSSL_1_1="yes"], [HAVE_OPENSSL_1_1="no"])
|
||||
if test "x$HAVE_OPENSSL_1_1" = "xyes"; then
|
Loading…
Reference in a new issue