gnu: p11-kit@0.24.0: Use certificates from /etc/ssl/certs.
Fixes <https://issues.guix.gnu.org/49957>. Flatpak has a soft dependency on p11-kit, which was configured without knowledge of the system-wide CA certificate store. This caused some flatpak apps to fail with ERR_CERT_AUTHORITY_INVALID errors. Reported by Andrew Whatson <whatson@gmail.com>. * gnu/packages/tls.scm (p11-kit-next)[arguments]: New field. Co-authored-by: Andrew Whatson <whatson@gmail.com> Co-authored-by: John Kehayias <john.kehayias@protonmail.com>master
Ludovic Courtès
parent
811b62d8c8
commit
b4d29851e4
|
|
@ -176,7 +176,13 @@ living in the same process.")
|
||||||
(uri (string-append "https://github.com/p11-glue/p11-kit/releases/"
|
(uri (string-append "https://github.com/p11-glue/p11-kit/releases/"
|
||||||
"download/" version "/p11-kit-" version ".tar.xz"))
|
"download/" version "/p11-kit-" version ".tar.xz"))
|
||||||
(sha256
|
(sha256
|
||||||
(base32 "11f6saclxsclc1f3lbavzw8kikws4cr3mfd1avly8dgnhh2i9rl1"))))))
|
(base32 "11f6saclxsclc1f3lbavzw8kikws4cr3mfd1avly8dgnhh2i9rl1"))))
|
||||||
|
(arguments
|
||||||
|
;; Use the default certificates so that users such as flatpak find them.
|
||||||
|
;; See <https://issues.guix.gnu.org/49957>.
|
||||||
|
(substitute-keyword-arguments (package-arguments p11-kit)
|
||||||
|
((#:configure-flags flags ''())
|
||||||
|
''("--with-trust-paths=/etc/ssl/certs/ca-certificates.crt"))))))
|
||||||
|
|
||||||
(define-public gnutls
|
(define-public gnutls
|
||||||
(package
|
(package
|
||||||
|
|
|
||||||
Reference in New Issue