pyrox.dev
Merge pull request #31147 from grahamc/openssl
Upgrade OpenSSL for CVE-2017-3732, CVE-2017-3193
authored by Graham Christensen and committed by GitHub e080b87b 4d7c34fb
+4
-4
pkgs/development/libraries/openssl/default.nix
+4
-4
pkgs/development/libraries/openssl/default.nix
+3
-3
pkgs/development/libraries/openssl/nix-ssl-cert-file.patch
+3
-3
pkgs/development/libraries/openssl/nix-ssl-cert-file.patch
···
5
switch (cmd) {
6
case X509_L_FILE_LOAD:
7
if (argl == X509_FILETYPE_DEFAULT) {
8
-
- file = (char *)getenv(X509_get_default_cert_file_env());
9
-
+ file = (char *)getenv("NIX_SSL_CERT_FILE");
10
+ if (!file)
11
-
+ file = (char *)getenv(X509_get_default_cert_file_env());
12
if (file)
13
ok = (X509_load_cert_crl_file(ctx, file,
14
X509_FILETYPE_PEM) != 0);
···
5
switch (cmd) {
6
case X509_L_FILE_LOAD:
7
if (argl == X509_FILETYPE_DEFAULT) {
8
+
- file = getenv(X509_get_default_cert_file_env());
9
+
+ file = getenv("NIX_SSL_CERT_FILE");
10
+ if (!file)
11
+
+ file = getenv(X509_get_default_cert_file_env());
12
if (file)
13
ok = (X509_load_cert_crl_file(ctx, file,
14
X509_FILETYPE_PEM) != 0);