mirror of
https://github.com/NixOS/nix
synced 2025-07-07 18:31:49 +02:00
Call getDefaultSSLCertFile() only when none is specified
This does pathExists on various paths, which crashes on EPERM in the
macOS sandbox.
(cherry picked from commit b7cde90c6b
)
This commit is contained in:
parent
75ec8e3130
commit
24e1dc4d74
2 changed files with 3 additions and 1 deletions
|
@ -47,6 +47,8 @@ Settings::Settings()
|
|||
auto sslOverride = getEnv("NIX_SSL_CERT_FILE").value_or(getEnv("SSL_CERT_FILE").value_or(""));
|
||||
if (sslOverride != "")
|
||||
caFile = sslOverride;
|
||||
else if (caFile == "")
|
||||
caFile = getDefaultSSLCertFile();
|
||||
|
||||
/* Backwards compatibility. */
|
||||
auto s = getEnv("NIX_REMOTE_SYSTEMS");
|
||||
|
|
|
@ -858,7 +858,7 @@ public:
|
|||
)"};
|
||||
|
||||
Setting<Path> caFile{
|
||||
this, getDefaultSSLCertFile(), "ssl-cert-file",
|
||||
this, "", "ssl-cert-file",
|
||||
R"(
|
||||
The path of a file containing CA certificates used to
|
||||
authenticate `https://` downloads. Nix by default will use
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue