diff --git a/pkgs/applications/graphics/shotwell/default.nix b/pkgs/applications/graphics/shotwell/default.nix index 2b25f8d41f6b..052ba9402bed 100644 --- a/pkgs/applications/graphics/shotwell/default.nix +++ b/pkgs/applications/graphics/shotwell/default.nix @@ -1,7 +1,7 @@ { fetchurl, stdenv, m4, glibc, gtk3, libexif, libgphoto2, libsoup, libxml2, vala, sqlite , webkitgtk24x, pkgconfig, gnome3, gst_all_1, which, udev, libraw, glib, json_glib , gettext, desktop_file_utils, lcms2, gdk_pixbuf, librsvg, makeWrapper -, gnome_doc_utils, hicolor_icon_theme, cacert }: +, gnome_doc_utils, hicolor_icon_theme }: # for dependencies see http://www.yorba.org/projects/shotwell/install/ @@ -15,9 +15,9 @@ stdenv.mkDerivation rec { }; NIX_CFLAGS_COMPILE = "-I${glib}/include/glib-2.0 -I${glib}/lib/glib-2.0/include"; - + configureFlags = [ "--disable-gsettings-convert-install" ]; - + preConfigure = '' patchShebangs . ''; diff --git a/pkgs/applications/networking/browsers/vimb/default.nix b/pkgs/applications/networking/browsers/vimb/default.nix index 3222e87ac650..84a2870b6d0a 100644 --- a/pkgs/applications/networking/browsers/vimb/default.nix +++ b/pkgs/applications/networking/browsers/vimb/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, pkgconfig, libsoup, webkit, gtk, glib_networking -, gsettings_desktop_schemas, makeWrapper, cacert +, gsettings_desktop_schemas, makeWrapper }: stdenv.mkDerivation rec { @@ -11,11 +11,6 @@ stdenv.mkDerivation rec { sha256 = "0h9m5qfs09lb0dz8a79yccmm3a5rv6z8gi5pkyfh8fqkgkh2940p"; }; - # Nixos default ca bundle - patchPhase = '' - sed -i s,/etc/ssl/certs/ca-certificates.crt,${cacert}/etc/ssl/certs/ca-bundle.crt, src/config.def.h - ''; - buildInputs = [ makeWrapper gtk libsoup pkgconfig webkit gsettings_desktop_schemas ]; makeFlags = [ "PREFIX=$(out)" ]; diff --git a/pkgs/applications/networking/browsers/vimprobable2/default.nix b/pkgs/applications/networking/browsers/vimprobable2/default.nix index ad5f8aa46912..6f8eede9b3f8 100644 --- a/pkgs/applications/networking/browsers/vimprobable2/default.nix +++ b/pkgs/applications/networking/browsers/vimprobable2/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, makeWrapper, glib, glib_networking, gtk, libsoup, libX11, perl, - pkgconfig, webkit, gsettings_desktop_schemas, cacert }: + pkgconfig, webkit, gsettings_desktop_schemas }: stdenv.mkDerivation rec { version = "1.4.2"; @@ -9,11 +9,6 @@ stdenv.mkDerivation rec { sha256 = "13jdximksh9r3cgd2f8vms0pbsn3x0gxvyqdqiw16xp5fmdx5kzr"; }; - # Nixos default ca bundle - patchPhase = '' - sed -i s,/etc/ssl/certs/ca-certificates.crt,${cacert}/etc/ssl/certs/ca-bundle.crt, config.h - ''; - buildInputs = [ makeWrapper gtk libsoup libX11 perl pkgconfig webkit gsettings_desktop_schemas ]; installPhase = '' diff --git a/pkgs/applications/networking/cluster/panamax/api/default.nix b/pkgs/applications/networking/cluster/panamax/api/default.nix index 524433b45fbc..dcfef83f1bec 100644 --- a/pkgs/applications/networking/cluster/panamax/api/default.nix +++ b/pkgs/applications/networking/cluster/panamax/api/default.nix @@ -1,5 +1,5 @@ { stdenv, buildEnv, fetchgit, fetchurl, makeWrapper, bundlerEnv, bundler_HEAD -, ruby, libxslt, libxml2, sqlite, openssl, cacert, docker +, ruby, libxslt, libxml2, sqlite, openssl, docker , dataDir ? "/var/lib/panamax-api" }: with stdenv.lib; @@ -62,7 +62,7 @@ stdenv.mkDerivation rec { --prefix "PATH" : "$out/share/panamax-api/bin:${env.ruby}/bin:$PATH" \ --prefix "HOME" : "$out/share/panamax-api" \ --prefix "GEM_HOME" : "${env}/${env.ruby.gemPath}" \ - --prefix "SSL_CERT_FILE" : "${cacert}/etc/ssl/certs/ca-bundle.crt" \ + --prefix "SSL_CERT_FILE" : /etc/ssl/certs/ca-certificates.crt \ --prefix "GEM_PATH" : "$out/share/panamax-api:${bundler}/${env.ruby.gemPath}" ''; diff --git a/pkgs/applications/networking/instant-messengers/fuze/default.nix b/pkgs/applications/networking/instant-messengers/fuze/default.nix index 6b85e107d06c..33ffe87a4ffb 100644 --- a/pkgs/applications/networking/instant-messengers/fuze/default.nix +++ b/pkgs/applications/networking/instant-messengers/fuze/default.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, dpkg, openssl, alsaLib, libXext, libXfixes, libXrandr , libjpeg, curl, libX11, libXmu, libXv, libXtst, qt4, mesa, zlib -, gnome, libidn, rtmpdump, c-ares, openldap, makeWrapper, cacert +, gnome, libidn, rtmpdump, c-ares, openldap, makeWrapper }: assert stdenv.system == "x86_64-linux"; let curl_custom = stdenv.lib.overrideDerivation curl (args: { - configureFlags = args.configureFlags ++ ["--with-ca-bundle=${cacert}/etc/ssl/certs/ca-bundle.crt"] ; + configureFlags = args.configureFlags ++ ["--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt"] ; } ); in stdenv.mkDerivation { diff --git a/pkgs/applications/networking/instant-messengers/telepathy/gabble/default.nix b/pkgs/applications/networking/instant-messengers/telepathy/gabble/default.nix index a74885b2ce30..971a834f4096 100644 --- a/pkgs/applications/networking/instant-messengers/telepathy/gabble/default.nix +++ b/pkgs/applications/networking/instant-messengers/telepathy/gabble/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, pkgconfig, libxslt, telepathy_glib, libxml2, dbus_glib, dbus_daemon -, sqlite, libsoup, libnice, gnutls, cacert }: +, sqlite, libsoup, libnice, gnutls }: stdenv.mkDerivation rec { name = "telepathy-gabble-0.18.2"; @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { buildInputs = [ libxml2 dbus_glib sqlite libsoup libnice telepathy_glib gnutls ] ++ stdenv.lib.optional doCheck dbus_daemon; - configureFlags = "--with-ca-certificates=${cacert}/etc/ssl/certs/ca-bundle.crt"; + configureFlags = "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt"; enableParallelBuilding = true; doCheck = true; diff --git a/pkgs/applications/networking/irc/weechat/default.nix b/pkgs/applications/networking/irc/weechat/default.nix index c39c5be1d4ca..060be8ab1eb1 100644 --- a/pkgs/applications/networking/irc/weechat/default.nix +++ b/pkgs/applications/networking/irc/weechat/default.nix @@ -1,6 +1,6 @@ { stdenv, fetchurl, ncurses, openssl, perl, python, aspell, gnutls , zlib, curl , pkgconfig, libgcrypt, ruby, lua5, tcl, guile -, pythonPackages, cacert, cmake, makeWrapper, libobjc +, pythonPackages, cmake, makeWrapper, libobjc , extraBuildInputs ? [] }: stdenv.mkDerivation rec { @@ -15,11 +15,11 @@ stdenv.mkDerivation rec { buildInputs = [ ncurses perl python openssl aspell gnutls zlib curl pkgconfig libgcrypt ruby lua5 tcl guile pythonPackages.pycrypto makeWrapper - cacert cmake ] + cmake ] ++ stdenv.lib.optionals stdenv.isDarwin [ pythonPackages.pync libobjc ] ++ extraBuildInputs; - NIX_CFLAGS_COMPILE = "-I${python}/include/${python.libPrefix} -DCA_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt"; + NIX_CFLAGS_COMPILE = "-I${python}/include/${python.libPrefix} -DCA_FILE=/etc/ssl/certs/ca-certificates.crt"; postInstall = '' NIX_PYTHONPATH="$out/lib/${python.libPrefix}/site-packages" diff --git a/pkgs/applications/version-management/bazaar/default.nix b/pkgs/applications/version-management/bazaar/default.nix index c3b238eeb0aa..28406cecbb00 100644 --- a/pkgs/applications/version-management/bazaar/default.nix +++ b/pkgs/applications/version-management/bazaar/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pythonPackages, cacert }: +{ stdenv, fetchurl, pythonPackages }: stdenv.mkDerivation rec { version = "2.6"; @@ -19,10 +19,9 @@ stdenv.mkDerivation rec { patches = [ ./add_certificates.patch ]; postPatch = '' substituteInPlace bzrlib/transport/http/_urllib2_wrappers.py \ - --subst-var-by "certPath" "${cacert}/etc/ssl/certs/ca-bundle.crt" + --subst-var-by certPath /etc/ssl/certs/ca-certificates.crt ''; - installPhase = '' python setup.py install --prefix=$out wrapPythonPrograms diff --git a/pkgs/applications/version-management/mercurial/default.nix b/pkgs/applications/version-management/mercurial/default.nix index 4d8b2fe27c60..12f3c8f11d86 100644 --- a/pkgs/applications/version-management/mercurial/default.nix +++ b/pkgs/applications/version-management/mercurial/default.nix @@ -1,6 +1,5 @@ { stdenv, fetchurl, python, makeWrapper, docutils, unzip, hg-git, dulwich -, guiSupport ? false, tk ? null, curses, cacert - +, guiSupport ? false, tk ? null, curses , ApplicationServices }: let @@ -48,7 +47,7 @@ stdenv.mkDerivation { mkdir -p $out/etc/mercurial cat >> $out/etc/mercurial/hgrc << EOF [web] - cacerts = ${cacert}/etc/ssl/certs/ca-bundle.crt + cacerts = /etc/ssl/certs/ca-certificates.crt EOF # copy hgweb.cgi to allow use in apache diff --git a/pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix b/pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix index a6621aebe432..c3f16db359e5 100644 --- a/pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix +++ b/pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix @@ -1,6 +1,6 @@ { stdenv, fetchurl, pkgconfig, dbus, libgcrypt, libtasn1, pam, python, glib, libxslt , intltool, pango, gcr, gdk_pixbuf, atk, p11_kit, makeWrapper -, docbook_xsl_ns, docbook_xsl, gnome3, cacert }: +, docbook_xsl_ns, docbook_xsl, gnome3 }: let majVer = gnome3.version; @@ -22,7 +22,7 @@ in stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig intltool docbook_xsl_ns docbook_xsl ]; configureFlags = [ - "--with-ca-certificates=${cacert}/etc/ssl/certs/ca-bundle.crt" # NixOS hardcoded path + "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt" # NixOS hardcoded path "--with-pkcs11-config=$$out/etc/pkcs11/" # installation directories "--with-pkcs11-modules=$$out/lib/pkcs11/" ]; diff --git a/pkgs/desktops/gnome-3/3.16/core/rest/default.nix b/pkgs/desktops/gnome-3/3.16/core/rest/default.nix index 354f1715dc19..eada9ab19934 100644 --- a/pkgs/desktops/gnome-3/3.16/core/rest/default.nix +++ b/pkgs/desktops/gnome-3/3.16/core/rest/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, glib, libsoup, gobjectIntrospection, cacert, gnome3 }: +{ stdenv, fetchurl, pkgconfig, glib, libsoup, gobjectIntrospection, gnome3 }: stdenv.mkDerivation rec { name = "rest-0.7.92"; @@ -10,7 +10,7 @@ stdenv.mkDerivation rec { buildInputs = [ pkgconfig glib libsoup gobjectIntrospection]; - configureFlags = "--with-ca-certificates=${cacert}/etc/ssl/certs/ca-bundle.crt"; + configureFlags = "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt"; meta = with stdenv.lib; { platforms = platforms.linux; diff --git a/pkgs/development/interpreters/elixir/default.nix b/pkgs/development/interpreters/elixir/default.nix index 99d649f3f684..c9a837744868 100644 --- a/pkgs/development/interpreters/elixir/default.nix +++ b/pkgs/development/interpreters/elixir/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, erlang, rebar, makeWrapper, coreutils, curl, bash, cacert }: +{ stdenv, fetchurl, erlang, rebar, makeWrapper, coreutils, curl, bash }: let version = "1.0.5"; @@ -32,8 +32,8 @@ stdenv.mkDerivation { b=$(basename $f) if [ $b == "mix" ]; then continue; fi wrapProgram $f \ - --prefix PATH ":" "${erlang}/bin:${coreutils}/bin:${curl}/bin:${bash}/bin" \ - --set CURL_CA_BUNDLE "${cacert}/etc/ssl/certs/ca-bundle.crt" + --prefix PATH ":" "${erlang}/bin:${coreutils}/bin:${curl}/bin:${bash}/bin" \ + --set CURL_CA_BUNDLE /etc/ssl/certs/ca-certificates.crt done ''; diff --git a/pkgs/development/libraries/glib-networking/default.nix b/pkgs/development/libraries/glib-networking/default.nix index 79b31b1365b7..a17b7a21409b 100644 --- a/pkgs/development/libraries/glib-networking/default.nix +++ b/pkgs/development/libraries/glib-networking/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, pkgconfig, glib, intltool, gnutls, libproxy -, gsettings_desktop_schemas, cacert }: +, gsettings_desktop_schemas }: let ver_maj = "2.44"; @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { sha256 = "8f8a340d3ba99bfdef38b653da929652ea6640e27969d29f7ac51fbbe11a4346"; }; - configureFlags = "--with-ca-certificates=${cacert}/etc/ssl/certs/ca-bundle.crt"; + configureFlags = "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt"; preBuild = '' sed -e "s@${glib}/lib/gio/modules@$out/lib/gio/modules@g" -i $(find . -name Makefile) diff --git a/pkgs/servers/mail/opensmtpd/default.nix b/pkgs/servers/mail/opensmtpd/default.nix index 810012fb60ad..a95a5d81ce95 100644 --- a/pkgs/servers/mail/opensmtpd/default.nix +++ b/pkgs/servers/mail/opensmtpd/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { "--with-sock-dir=/run" "--with-privsep-user=smtpd" "--with-queue-user=smtpq" - "--with-ca-file=${cacert}/etc/ssl/certs/ca-bundle.crt" + "--with-ca-file=/etc/ssl/certs/ca-certificates.crt" ]; installFlags = [ diff --git a/pkgs/tools/misc/pipelight/pipelight.patch b/pkgs/tools/misc/pipelight/pipelight.patch index bde6ecf943d9..66dd0fdab4c0 100644 --- a/pkgs/tools/misc/pipelight/pipelight.patch +++ b/pkgs/tools/misc/pipelight/pipelight.patch @@ -43,7 +43,7 @@ diff -urN pipelight.old/bin/pipelight-plugin.in pipelight.new/bin/pipelight-plug -fi +download_file() +{ -+ curl --cacert /etc/ssl/certs/ca-bundle.crt -o "$1" "$2" ++ curl --cacert /etc/ssl/certs/ca-certificates.crt -o "$1" "$2" +} # Use shasum instead of sha256sum on MacOS / *BSD @@ -111,7 +111,7 @@ diff -urN pipelight.old/share/install-dependency pipelight.new/share/install-dep -fi +download_file() +{ -+ curl --cacert /etc/ssl/certs/ca-bundle.crt -o "$1" "$2" ++ curl --cacert /etc/ssl/certs/ca-certificates.crt -o "$1" "$2" +} +get_download_size() +{ diff --git a/pkgs/tools/networking/aria2/default.nix b/pkgs/tools/networking/aria2/default.nix index 8d7f4541cade..e48beb3fe35b 100644 --- a/pkgs/tools/networking/aria2/default.nix +++ b/pkgs/tools/networking/aria2/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, cacert, c-ares, openssl, libxml2, sqlite, zlib }: +{ stdenv, fetchurl, pkgconfig, c-ares, openssl, libxml2, sqlite, zlib }: stdenv.mkDerivation rec { name = "aria2-${version}"; @@ -11,9 +11,7 @@ stdenv.mkDerivation rec { buildInputs = [ pkgconfig c-ares openssl libxml2 sqlite zlib ]; - propagatedBuildInputs = [ cacert ]; - - configureFlags = [ "--with-ca-bundle=${cacert}/etc/ssl/certs/ca-bundle.crt" ]; + configureFlags = [ "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt" ]; meta = with stdenv.lib; { homepage = http://aria2.sourceforge.net/; diff --git a/pkgs/tools/security/prey/default.nix b/pkgs/tools/security/prey/default.nix index d04f48c0f313..b36c11cf9345 100644 --- a/pkgs/tools/security/prey/default.nix +++ b/pkgs/tools/security/prey/default.nix @@ -1,5 +1,4 @@ -{ stdenv, fetchurl, fetchgit, curl, scrot, imagemagick, xawtv, inetutils -, makeWrapper, coreutils, cacert +{ stdenv, fetchurl, fetchgit, curl, scrot, imagemagick, xawtv, inetutils, makeWrapper, coreutils , apiKey ? "" , deviceKey ? "" }: @@ -36,7 +35,7 @@ in stdenv.mkDerivation rec { cp -R ${modulesSrc}/* $out/modules/ wrapProgram "$out/prey.sh" \ --prefix PATH ":" "${xawtv}/bin:${imagemagick}/bin:${curl}/bin:${scrot}/bin:${inetutils}/bin:${coreutils}/bin" \ - --set CURL_CA_BUNDLE "${cacert}/etc/ssl/certs/ca-bundle.crt" + --set CURL_CA_BUNDLE "/etc/ssl/certs/ca-certificates.crt" ''; meta = with stdenv.lib; {