dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #224243 from LeSuisse/curl-rustls

Browse Source 
curl: add support for Rustls backend
This commit is contained in:
Martin Weinelt 2023-04-04 14:38:29 +02:00 committed by GitHub
commit 89c483dad7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkgs/development/libraries/rustls-ffi/default.nix
View File

@ -1,4 +1,4 @@
{ lib, stdenv, fetchFromGitHub, rustPlatform, Security, apacheHttpd }:
{ lib, stdenv, fetchFromGitHub, rustPlatform, Security, apacheHttpd, curl }:
rustPlatform.buildRustPackage rec {
pname = "rustls-ffi";
@ -28,6 +28,7 @@ rustPlatform.buildRustPackage rec {
passthru.tests = {
apacheHttpd = apacheHttpd.override { modTlsSupport = true; };
curl = curl.override { opensslSupport = false; rustlsSupport = true; };
};
meta = with lib; {

13
pkgs/tools/networking/curl/default.nix
View File

@ -22,6 +22,7 @@
, rtmpSupport ? false, rtmpdump
, scpSupport ? zlibSupport && !stdenv.isSunOS && !stdenv.isCygwin, libssh2
, wolfsslSupport ? false, wolfssl
, rustlsSupport ? false, rustls-ffi
, zlibSupport ? true, zlib
, zstdSupport ? false, zstd
@ -42,9 +43,7 @@
# cgit) that are needed here should be included directly in Nixpkgs as
# files.
assert !(gnutlsSupport && opensslSupport);
assert !(gnutlsSupport && wolfsslSupport);
assert !(opensslSupport && wolfsslSupport);
assert !((lib.count (x: x) [ gnutlsSupport opensslSupport wolfsslSupport rustlsSupport ]) > 1);
stdenv.mkDerivation (finalAttrs: {
pname = "curl";
@ -89,6 +88,7 @@ stdenv.mkDerivation (finalAttrs: {
optional rtmpSupport rtmpdump ++
optional scpSupport libssh2 ++
optional wolfsslSupport wolfssl ++
optional rustlsSupport rustls-ffi ++
optional zlibSupport zlib ++
optional zstdSupport zstd;
@ -104,11 +104,12 @@ stdenv.mkDerivation (finalAttrs: {
(lib.enableFeature c-aresSupport "ares")
(lib.enableFeature ldapSupport "ldap")
(lib.enableFeature ldapSupport "ldaps")
# The build fails when using wolfssl with --with-ca-fallback
(lib.withFeature (!wolfsslSupport) "ca-fallback")
# --with-ca-fallback is only supported for openssl and gnutls https://github.com/curl/curl/blame/curl-8_0_1/acinclude.m4#L1640
(lib.withFeature (opensslSupport || gnutlsSupport) "ca-fallback")
(lib.withFeature http3Support "nghttp3")
(lib.withFeature http3Support "ngtcp2")
(lib.withFeature rtmpSupport "librtmp")
(lib.withFeature rustlsSupport "rustls")
(lib.withFeature zstdSupport "zstd")
(lib.withFeatureAs brotliSupport "brotli" (lib.getDev brotli))
(lib.withFeatureAs gnutlsSupport "gnutls" (lib.getDev gnutls))
@ -129,7 +130,7 @@ stdenv.mkDerivation (finalAttrs: {
# Without this curl might detect /etc/ssl/cert.pem at build time on macOS, causing curl to ignore NIX_SSL_CERT_FILE.
"--without-ca-bundle"
"--without-ca-path"
] ++ lib.optionals (!gnutlsSupport && !opensslSupport && !wolfsslSupport) [
] ++ lib.optionals (!gnutlsSupport && !opensslSupport && !wolfsslSupport && !rustlsSupport) [
"--without-ssl"
];