glusterfs: patch around SSL_CERT_PATH detection

lol

The upstream configure.ac invokes `openssl version -d` in order to find the
system path for certificates. This is problematic for us since that resolves to
the nix store and lots of other mechanisms (including the glusterfs module)
expect /etc/ssl to be the place for certificates, so this addition patches the
file to set the value manually.

Tyler Langlois 3 years ago 922bb560 52272c9f

+34

2 changed files

expand all

unified split

pkgs

tools

filesystems

glusterfs

default.nix

ssl_cert_path.patch

+11

pkgs/tools/filesystems/glusterfs/default.nix

··· 65 65 }; 66 66 inherit buildInputs propagatedBuildInputs; 67 67 68 + patches = [ 69 + # Upstream invokes `openssl version -d` to derive the canonical system path 70 + # for certificates, which resolves to a nix store path, so this patch 71 + # statically sets the configure.ac value. There's probably a less-brittle 72 + # way to do this! (this will likely fail on a version bump) 73 + # References: 74 + # - https://github.com/gluster/glusterfs/issues/3234 75 + # - https://github.com/gluster/glusterfs/commit/a7dc43f533ad4b8ff68bf57704fefc614da65493 76 + ./ssl_cert_path.patch 77 + ]; 78 + 68 79 postPatch = '' 69 80 sed -e '/chmod u+s/d' -i contrib/fuse-util/Makefile.am 70 81 substituteInPlace libglusterfs/src/glusterfs/lvm-defaults.h \

+23

pkgs/tools/filesystems/glusterfs/ssl_cert_path.patch

··· 1 + diff --git a/configure.ac b/configure.ac 2 + index fb8db11e9e..4c40683057 100644 3 + --- a/configure.ac 4 + +++ b/configure.ac 5 + @@ -766,14 +766,10 @@ AS_IF([test "x$enable_fuse_notifications" != "xno"], [ 6 + 7 + dnl Find out OpenSSL trusted certificates path 8 + AC_MSG_CHECKING([for OpenSSL trusted certificates path]) 9 + -SSL_CERT_PATH=$(openssl version -d | sed -e 's|OPENSSLDIR: "$.*$".*|\1|') 10 + -if test -d $SSL_CERT_PATH 1>/dev/null 2>&1; then 11 + - AC_MSG_RESULT([$SSL_CERT_PATH]) 12 + - AC_DEFINE_UNQUOTED(SSL_CERT_PATH, ["$SSL_CERT_PATH"], [Path to OpenSSL trusted certificates.]) 13 + - AC_SUBST(SSL_CERT_PATH) 14 + -else 15 + - AC_MSG_ERROR([Unable to detect path to OpenSSL trusted certificates]) 16 + -fi 17 + +SSL_CERT_PATH=/etc/ssl 18 + +AC_MSG_RESULT([$SSL_CERT_PATH]) 19 + +AC_DEFINE_UNQUOTED(SSL_CERT_PATH, ["$SSL_CERT_PATH"], [Path to OpenSSL trusted certificates.]) 20 + +AC_SUBST(SSL_CERT_PATH) 21 + 22 + AC_CHECK_LIB([ssl], TLS_method, [HAVE_OPENSSL_1_1="yes"], [HAVE_OPENSSL_1_1="no"]) 23 + if test "x$HAVE_OPENSSL_1_1" = "xyes"; then