Anyone have a working openssl = libressl overlay?

I’d like to replace openssl with libressl, but I haven’t yet figured out how to get an overlay that works. Anyone have one already?

The simple openssl = libressl overlay results in:

  called with unexpected argument 'buildPackages'


Extremely relevant with the upcoming critical OpenSSL release. Presumably, swapping to LibreSSL, even if just for a day, would be a good way to give yourself time to upgrade.

Similar question on Unix & Linux Stack Exchange.

1 Like

You could just put it in an overlay but that’ll result in rebuilding everything. There is the system.replaceRuntimeDependencies option to do it without rebuilding everything. Note that you probably have to do something to get the package’s name to be the same length:

The original derivation and replacement derivation must have the same name length, and ideally should have close-to-identical directory layout

I don’t necessarily mind the rebuilding, but the ‘put it in an overlay’ part didn’t work for me. Instead it led me in to a mess of bootstrap code that I was hoping someone else already solved. You wouldn’t happen to have a working overlay would you?

1 Like