JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1de5f1bbeb
nixpkgs/pkgs/development/libraries/git2/disable-security.framework.patch
Moritz Ulrich 3cfe3ab6b6 libgit2: Disable Security.framework transport on Darwin. 
When used by cargo, `libgit2` crashes with a Segmentation Fault on
Darwin. This crash is somehow connected to the `Security.framework`
native to Darwin, and while being easy to reproduce, is very hard to
track down.

This commit introduces a patch to `libgit2` which disables the
troublesome transport and instead depends on `libcurl`. The patch also
adds support for `SSL_CERT_FILE` to `libgit2`.

Upstream tracking issue is
https://github.com/libgit2/libgit2/issues/3885.
2016-08-10 21:16:37 +02:00

59 lines
1.8 KiB
Diff
Raw Blame History

From fbc2ea65406236a740b8734dd41dc5ddbc24f8c9 Mon Sep 17 00:00:00 2001
From: mulrich <mulrich@entwicklerheld.local>
Date: Mon, 8 Aug 2016 15:36:07 +0200
Subject: [PATCH] disable security.framework
---
CMakeLists.txt | 7 +++----
src/curl_stream.c | 9 ++++++++-
2 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 93a9e47..331e148 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -49,7 +49,8 @@ ENDIF()
IF(${CMAKE_SYSTEM_NAME} MATCHES "Darwin")
SET( USE_ICONV ON )
- FIND_PACKAGE(Security)
+ # FIND_PACKAGE(Security)
+ SET(SECURITY_FOUND "NO")
FIND_PACKAGE(CoreFoundation REQUIRED)
ENDIF()
@@ -87,9 +88,7 @@ IF(MSVC)
OPTION(MSVC_CRTDBG "Enable CRTDBG memory leak reporting" OFF)
ENDIF()
-IF (NOT ${CMAKE_SYSTEM_NAME} MATCHES "Darwin")
- OPTION( USE_OPENSSL "Link with and use openssl library" ON )
-ENDIF()
+OPTION( USE_OPENSSL "Link with and use openssl library" ON )
CHECK_STRUCT_HAS_MEMBER ("struct stat" st_mtim "sys/types.h;sys/stat.h"
HAVE_STRUCT_STAT_ST_MTIM LANGUAGE C)
diff --git a/src/curl_stream.c b/src/curl_stream.c
index 98de187..a8a9f4c 100644
--- a/src/curl_stream.c
+++ b/src/curl_stream.c
@@ -309,7 +309,14 @@ int git_curl_stream_new(git_stream **out, const char *host, const char *port)
curl_easy_setopt(handle, CURLOPT_HTTPPROXYTUNNEL, 1);
curl_easy_setopt(handle, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
- /* curl_easy_setopt(handle, CURLOPT_VERBOSE, 1); */
+ const char* cainfo = getenv("SSL_CERT_FILE");
+ if(cainfo != NULL) {
+ curl_easy_setopt(handle, CURLOPT_CAINFO, cainfo);
+ }
+
+ /*
+ curl_easy_setopt(handle, CURLOPT_VERBOSE, 1);
+ */
st->parent.version = GIT_STREAM_VERSION;
st->parent.encrypted = 0; /* we don't encrypt ourselves */
--
2.3.8 (Apple Git-58)
Reference in New Issue View Git Blame Copy Permalink