Skip to content

Comments

p11-kit: add darwin tls ca store path#194844

Merged
rnhmjoj merged 1 commit intoNixOS:stagingfrom
lilyinstarlight:fix/p11-kit-macos
Oct 12, 2022
Merged

p11-kit: add darwin tls ca store path#194844
rnhmjoj merged 1 commit intoNixOS:stagingfrom
lilyinstarlight:fix/p11-kit-macos

Conversation

@lilyinstarlight
Copy link
Member

@lilyinstarlight lilyinstarlight commented Oct 7, 2022

Description of changes

Allows p11-kit to correctly find the root CA store on macOS. This is relevant when building something like curl with NSS and are intending to use libnssckbi (p11-trust-kit) for the CA store (like the curl-impersonate-ff derivation from #194310)

I tested this in GitHub Actions (since I don't have a Mac) and this patch allowed curl-impersonate-ff to work correctly

Things done
  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 22.11 Release Notes (or backporting 22.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
    • (Release notes changes) Ran nixos/doc/manual/md-to-db.sh to update generated release notes
  • Fits CONTRIBUTING.md.

@ofborg ofborg bot added the 6.topic: darwin Running or building packages on Darwin label Oct 7, 2022
@lilyinstarlight lilyinstarlight mentioned this pull request Oct 7, 2022
Merged
13 tasks
@ofborg ofborg bot added 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. labels Oct 7, 2022
@bobby285271 bobby285271 added the 12.approvals: 1 This PR was reviewed and approved by one person. label Oct 7, 2022
@lilyinstarlight
Copy link
Member Author

lilyinstarlight commented Oct 12, 2022

@rnhmjoj, any chance this could be merged before the next staging cycle starts or do you want someone else to give it an additional review first?

@rnhmjoj
Copy link
Contributor

rnhmjoj commented Oct 12, 2022

I was giving some time for others to review, but it been a while and this change should be completely harmless.
Let's merge this.

@rnhmjoj rnhmjoj merged commit fd4c573 into NixOS:staging Oct 12, 2022
@lilyinstarlight lilyinstarlight deleted the fix/p11-kit-macos branch October 12, 2022 13:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rnhmjoj rnhmjoj rnhmjoj approved these changes

Assignees

No one assigned

Labels

6.topic: darwin Running or building packages on Darwin 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. 12.approvals: 1 This PR was reviewed and approved by one person.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lilyinstarlight @rnhmjoj @bobby285271