diff --git a/pkgs/misc/emulators/wine/base.nix b/pkgs/misc/emulators/wine/base.nix index c4858c6c579d..0be36daac9f9 100644 --- a/pkgs/misc/emulators/wine/base.nix +++ b/pkgs/misc/emulators/wine/base.nix @@ -2,6 +2,7 @@ name, version, src, mingwGccs, monos, geckos, platforms, pkgconfig, fontforge, makeWrapper, flex, bison, supportFlags, + patches, buildScript ? null, configureFlags ? [] }: @@ -9,6 +10,7 @@ with import ./util.nix { inherit lib; }; let vkd3d = callPackage ./vkd3d.nix {}; + patches' = patches; in stdenv.mkDerivation ((lib.optionalAttrs (buildScript != null) { builder = buildScript; @@ -73,10 +75,7 @@ stdenv.mkDerivation ((lib.optionalAttrs (buildScript != null) { ]) ++ [ pkgs.xorg.libX11 pkgs.perl ])); - patches = [ - # Also look for root certificates at $NIX_SSL_CERT_FILE - ./cert-path.patch - ]; + patches = [ ] ++ patches'; # Wine locates a lot of libraries dynamically through dlopen(). Add # them to the RPATH so that the user doesn't have to set them in diff --git a/pkgs/misc/emulators/wine/cert-path-stable.patch b/pkgs/misc/emulators/wine/cert-path-stable.patch new file mode 100644 index 000000000000..da01a4778102 --- /dev/null +++ b/pkgs/misc/emulators/wine/cert-path-stable.patch @@ -0,0 +1,24 @@ +diff --git a/dlls/crypt32/rootstore.c b/dlls/crypt32/rootstore.c +index f795181..fb4926a 100644 +--- a/dlls/crypt32/rootstore.c ++++ b/dlls/crypt32/rootstore.c +@@ -18,6 +18,7 @@ + #include "config.h" + #include + #include ++#include /* getenv */ + #include + #ifdef HAVE_SYS_STAT_H + #include +@@ -916,6 +917,11 @@ static void read_trusted_roots_from_known_locations(HCERTSTORE store) + + for (i = 0; !ret && i < ARRAY_SIZE(CRYPT_knownLocations); i++) + ret = import_certs_from_path(CRYPT_knownLocations[i], from, TRUE); ++ ++ char *nix_cert_file = getenv("NIX_SSL_CERT_FILE"); ++ if (nix_cert_file != NULL) ++ ret = import_certs_from_path(nix_cert_file, from, TRUE); ++ + check_and_store_certs(from, store); + } + CertCloseStore(from, 0); diff --git a/pkgs/misc/emulators/wine/packages.nix b/pkgs/misc/emulators/wine/packages.nix index 31d21058e3aa..c4fec3360e1f 100644 --- a/pkgs/misc/emulators/wine/packages.nix +++ b/pkgs/misc/emulators/wine/packages.nix @@ -7,7 +7,7 @@ let src = lib.getAttr wineRelease (callPackage ./sources.nix {}); in with src; { wine32 = pkgsi686Linux.callPackage ./base.nix { name = "wine-${version}"; - inherit src version supportFlags; + inherit src version supportFlags patches; pkgArches = [ pkgsi686Linux ]; geckos = [ gecko32 ]; mingwGccs = with pkgsCross; [ mingw32.buildPackages.gcc ]; @@ -16,7 +16,7 @@ in with src; { }; wine64 = callPackage ./base.nix { name = "wine64-${version}"; - inherit src version supportFlags; + inherit src version supportFlags patches; pkgArches = [ pkgs ]; mingwGccs = with pkgsCross; [ mingwW64.buildPackages.gcc ]; geckos = [ gecko64 ]; @@ -26,7 +26,7 @@ in with src; { }; wineWow = callPackage ./base.nix { name = "wine-wow-${version}"; - inherit src version supportFlags; + inherit src version supportFlags patches; stdenv = stdenv_32bit; pkgArches = [ pkgs pkgsi686Linux ]; geckos = [ gecko32 gecko64 ]; diff --git a/pkgs/misc/emulators/wine/sources.nix b/pkgs/misc/emulators/wine/sources.nix index 081594e62147..5abfab2691df 100644 --- a/pkgs/misc/emulators/wine/sources.nix +++ b/pkgs/misc/emulators/wine/sources.nix @@ -35,6 +35,11 @@ in rec { url = "https://dl.winehq.org/wine/wine-mono/${version}/wine-mono-${version}-x86.msi"; sha256 = "09wjrfxbw0072iv6d2vqnkc3y7dzj15vp8mv4ay44n1qp5ji4m3l"; }; + + patches = [ + # Also look for root certificates at $NIX_SSL_CERT_FILE + ./cert-path-stable.patch + ]; }; unstable = fetchurl rec {