1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-27 08:01:14 +00:00
nixpkgs/pkgs/development/libraries/nss/nix_secload_fixup.patch
aszlig 38a4d77665 nss: Fix referencePath to security modules.
This adds a patch from Debian, as they're already have security modules from NSS
in it's own library directory rather than /usr/lib{,64}/ and patch in loading of
libsoftokn as well.

The patch and our own fix of the patch (well, they hardcode Debian specific
stuff in there) ensures that SECMOD_AddNewModule() will find the right module
from the derivation's output path, so the built-in CA root certificates are
recognized and verified correctly.
2012-08-22 08:29:09 +02:00

51 lines
2.5 KiB
Diff

diff --git a/mozilla/security/coreconf/config.mk b/mozilla/security/coreconf/config.mk
index 72557c6..bdcbf88 100644
--- a/mozilla/security/coreconf/config.mk
+++ b/mozilla/security/coreconf/config.mk
@@ -207,3 +207,5 @@ endif
DEFINES += -DUSE_UTIL_DIRECTLY
USE_UTIL_DIRECTLY = 1
+# nix specific stuff:
+DEFINES += -DNIX_NSS_LIBDIR=\"$(out)/lib/\"
diff --git a/mozilla/security/nss/cmd/shlibsign/shlibsign.c b/mozilla/security/nss/cmd/shlibsign/shlibsign.c
index 5ce626e..e1e8039 100644
--- a/mozilla/security/nss/cmd/shlibsign/shlibsign.c
+++ b/mozilla/security/nss/cmd/shlibsign/shlibsign.c
@@ -770,7 +770,7 @@ int main(int argc, char **argv)
assert(libname != NULL);
lib = PR_LoadLibrary(libname);
if (!lib)
- lib = PR_LoadLibrary("/usr/lib/nss/libsoftokn3.so");
+ lib = PR_LoadLibrary(NIX_NSS_LIBDIR"libsoftokn3.so");
assert(lib != NULL);
PR_FreeLibraryName(libname);
diff --git a/mozilla/security/nss/lib/util/secload.c b/mozilla/security/nss/lib/util/secload.c
index 7d6fc22..0b7759b 100644
--- a/mozilla/security/nss/lib/util/secload.c
+++ b/mozilla/security/nss/lib/util/secload.c
@@ -105,9 +105,9 @@ loader_LoadLibInReferenceDir(const char *referencePath, const char *name)
/* Remove the trailing filename from referencePath and add the new one */
c = strrchr(referencePath, PR_GetDirectorySeparator());
if (!c) { /* referencePath doesn't contain a / means that dladdr gave us argv[0]
- * and program was called from $PATH. Hack to get libs from /usr/lib */
- referencePath = "/usr/lib/";
- c = &referencePath[8]; /* last / */
+ * and program was called from $PATH. Hack to get libs from NIX_NSS_LIBDIR */
+ referencePath = NIX_NSS_LIBDIR;
+ c = &referencePath[sizeof(NIX_NSS_LIBDIR) - 1]; /* last / */
}
if (c) {
size_t referencePathSize = 1 + c - referencePath;
@@ -125,8 +125,7 @@ loader_LoadLibInReferenceDir(const char *referencePath, const char *name)
(strncmp(fullName + referencePathSize - 4, "bin", 3) == 0)) {
memcpy(fullName + referencePathSize -4, "lib", 3);
}
- strcpy(fullName + referencePathSize, "nss/");
- strcpy(fullName + referencePathSize + 4, name);
+ strcpy(fullName + referencePathSize, name);
dlh = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL
#ifdef PR_LD_ALT_SEARCH_PATH
/* allow library's dependencies to be found in the same directory