unbound-full: fix the build again

... by not avoiding openssl dependency in .lib.
dnstap part of code ran into issues with this during checkPhase.

The benefit of withSlimLib is mainly for `unbound`;
for the fuller builds it doesn't seem important.
This commit is contained in:
Vladimír Čunát 2021-11-28 15:41:19 +01:00
parent 115f3513da
commit 9a0723cc3f
No known key found for this signature in database
GPG key ID: E747DF1F9575A3AA

View file

@ -32,6 +32,9 @@
, withDNSTAP ? false
, withTFO ? false
, withRedis ? false
# Avoid .lib depending on openssl.out
# The build gets a little hacky, so in some cases we disable this approach.
, withSlimLib ? stdenv.isLinux && !stdenv.hostPlatform.isMusl && !withDNSTAP
, libnghttp2
}:
@ -105,10 +108,9 @@ stdenv.mkDerivation rec {
--prefix PATH : ${lib.makeBinPath [ openssl ]}
'';
preFixup = lib.optionalString (stdenv.isLinux && !stdenv.hostPlatform.isMusl) # XXX: revisit
preFixup = lib.optionalString withSlimLib
# Build libunbound again, but only against nettle instead of openssl.
# This avoids gnutls.out -> unbound.lib -> openssl.out.
# There was some problem with this on Darwin; let's not complicate non-Linux.
''
configureFlags="$configureFlags --with-nettle=${nettle.dev} --with-libunbound-only"
configurePhase