libdigidocpp: Fix crashes due to newer OpenSSL

The OpenSSL 1.1.1l -> 1.1.1m update introduced a regression which libdigidocpp upstream fixed. Pull the fix to unbreak `digidoc-tool create --file=in.txt out.asice` as well as the graphical pendant in `qdigidoc4`.
2025-02-17 17:44:44 +00:00 · 2022-06-03 09:30:18 +02:00 · 2022-06-03 09:30:18 +02:00 · 11c7d48016
commit 11c7d48016
parent e6776218b6
1 changed files with 13 additions and 1 deletions
--- a/pkgs/development/libraries/libdigidocpp/default.nix
+++ b/pkgs/development/libraries/libdigidocpp/default.nix
@ -1,4 +1,4 @@
-{ lib, stdenv, fetchurl, cmake, makeWrapper, minizip, pcsclite, opensc, openssl
+{ lib, stdenv, fetchurl, fetchpatch, cmake, makeWrapper, minizip, pcsclite, opensc, openssl
 , xercesc, xml-security-c, pkg-config, xsd, zlib, xalanc, xxd }:

 stdenv.mkDerivation rec {
@ -10,6 +10,18 @@ stdenv.mkDerivation rec {
     sha256 = "sha256-U5i5IAyJF4359q6M6mQemEuG7+inPYIXqLy8GHv4dkg=";
  };

+  patches = [
+    (fetchpatch {
+      # fix runtime crashes when signing with OpenSSL>1.1.1l
+      # https://github.com/open-eid/libdigidocpp/issues/474 asks for a new release
+      url = "https://github.com/open-eid/libdigidocpp/commit/42a8cfd834c10bdd206fe784a13217df222b1c8e.patch";
+      sha256 = "sha256-o3ZT0dXhIu79C5ZR+2HPdLMZ3YwPG1v3vly5bseuxtU=";
+      excludes = [
+        ".github/workflows/build.yml" # failed hunk
+      ];
+    })
+  ];
+
  nativeBuildInputs = [ cmake makeWrapper pkg-config xxd ];

  buildInputs = [