aboutsummaryrefslogtreecommitdiff
path: root/infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix')
-rw-r--r--infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix10
1 files changed, 9 insertions, 1 deletions
diff --git a/infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix b/infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix
index 8c98d7ae9bbd..7b02e3497f0a 100644
--- a/infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix
+++ b/infra/libkookie/nixpkgs/pkgs/development/libraries/nss/default.nix
@@ -1,4 +1,7 @@
-{ lib, stdenv, fetchurl, nspr, perl, zlib, sqlite, darwin, fixDarwinDylibNames, buildPackages, ninja
+{ lib, stdenv, fetchurl, nspr, perl, zlib
+, sqlite, ninja
+, darwin, fixDarwinDylibNames, buildPackages
+, useP11kit ? true, p11-kit
, # allow FIPS mode. Note that this makes the output non-reproducible.
# https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Tech_Notes/nss_tech_note6
enableFIPS ? false
@@ -139,6 +142,11 @@ in stdenv.mkDerivation rec {
chmod 0755 $out/bin/nss-config
'';
+ postInstall = lib.optionalString useP11kit ''
+ # Replace built-in trust with p11-kit connection
+ ln -sf ${p11-kit}/lib/pkcs11/p11-kit-trust.so $out/lib/libnssckbi.so
+ '';
+
postFixup = let
isCross = stdenv.hostPlatform != stdenv.buildPlatform;
nss = if isCross then buildPackages.nss.tools else "$out";
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-02 07:23:46 +0000