diff options
Diffstat (limited to 'infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix')
-rw-r--r-- | infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix b/infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix index 8c98d7ae9bbd..7b02e3497f0a 100644 --- a/infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix +++ b/infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix @@ -1,4 +1,7 @@ -{ lib, stdenv, fetchurl, nspr, perl, zlib, sqlite, darwin, fixDarwinDylibNames, buildPackages, ninja +{ lib, stdenv, fetchurl, nspr, perl, zlib +, sqlite, ninja +, darwin, fixDarwinDylibNames, buildPackages +, useP11kit ? true, p11-kit , # allow FIPS mode. Note that this makes the output non-reproducible. # https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Tech_Notes/nss_tech_note6 enableFIPS ? false @@ -139,6 +142,11 @@ in stdenv.mkDerivation rec { chmod 0755 $out/bin/nss-config ''; + postInstall = lib.optionalString useP11kit '' + # Replace built-in trust with p11-kit connection + ln -sf ${p11-kit}/lib/pkcs11/p11-kit-trust.so $out/lib/libnssckbi.so + ''; + postFixup = let isCross = stdenv.hostPlatform != stdenv.buildPlatform; nss = if isCross then buildPackages.nss.tools else "$out"; |