diff options
author | Renaud <c0bw3b@users.noreply.github.com> | 2018-10-24 20:11:10 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-10-24 20:11:10 +0200 |
commit | 9b2059f077ca71304fb43f37ee89b96e13004f5c (patch) | |
tree | 4d55c43afb97776d24868262d106db1fe679e058 | |
parent | 85e92a943044609eedca128b11ebe4ee46f79349 (diff) | |
parent | b2f6aa00696f174f8d7ab453a89b8b7370dd128b (diff) | |
download | nixlib-9b2059f077ca71304fb43f37ee89b96e13004f5c.tar nixlib-9b2059f077ca71304fb43f37ee89b96e13004f5c.tar.gz nixlib-9b2059f077ca71304fb43f37ee89b96e13004f5c.tar.bz2 nixlib-9b2059f077ca71304fb43f37ee89b96e13004f5c.tar.lz nixlib-9b2059f077ca71304fb43f37ee89b96e13004f5c.tar.xz nixlib-9b2059f077ca71304fb43f37ee89b96e13004f5c.tar.zst nixlib-9b2059f077ca71304fb43f37ee89b96e13004f5c.zip |
Merge pull request #48843 from JohnAZoidberg/rng-tools-6.6
rng-tools: 5 -> 6.6, jitterentropy: init at 2.1.2
-rw-r--r-- | nixos/modules/security/rngd.nix | 2 | ||||
-rw-r--r-- | pkgs/development/libraries/jitterentropy/default.nix | 30 | ||||
-rw-r--r-- | pkgs/tools/security/rng-tools/default.nix | 50 | ||||
-rw-r--r-- | pkgs/top-level/aliases.nix | 1 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 4 |
5 files changed, 73 insertions, 14 deletions
diff --git a/nixos/modules/security/rngd.nix b/nixos/modules/security/rngd.nix index 3a1ffc55e5fe..81e04a44b115 100644 --- a/nixos/modules/security/rngd.nix +++ b/nixos/modules/security/rngd.nix @@ -30,7 +30,7 @@ with lib; description = "Hardware RNG Entropy Gatherer Daemon"; - serviceConfig.ExecStart = "${pkgs.rng_tools}/sbin/rngd -f -v" + + serviceConfig.ExecStart = "${pkgs.rng-tools}/sbin/rngd -f -v" + (if config.services.tcsd.enable then " --no-tpm=1" else ""); }; }; diff --git a/pkgs/development/libraries/jitterentropy/default.nix b/pkgs/development/libraries/jitterentropy/default.nix new file mode 100644 index 000000000000..175097ef7855 --- /dev/null +++ b/pkgs/development/libraries/jitterentropy/default.nix @@ -0,0 +1,30 @@ +{ stdenv, fetchFromGitHub }: +stdenv.mkDerivation rec { + name = "jitterentropy-${version}"; + version = "2.1.2"; + + src = fetchFromGitHub { + owner = "smuellerDD"; + repo = "jitterentropy-library"; + rev = "v${version}"; + sha256 = "10yl1hi0hysr53wzy2i8brs0qqnxh46mz3dcjh5mk0ad03wvbfsl"; + }; + + enableParallelBuilding = true; + + preInstall = '' + mkdir -p $out/include + ''; + + installFlags = [ + "PREFIX=$(out)" + ]; + + meta = { + description = "Provides a noise source using the CPU execution timing jitter"; + homepage = https://github.com/smuellerDD/jitterentropy-library; + license = with stdenv.lib.licenses; [ gpl2 bsd3 ]; + platforms = stdenv.lib.platforms.linux; + maintainers = with stdenv.lib.maintainers; [ johnazoidberg ]; + }; +} diff --git a/pkgs/tools/security/rng-tools/default.nix b/pkgs/tools/security/rng-tools/default.nix index d2326c7e8c38..86a5a1b7c396 100644 --- a/pkgs/tools/security/rng-tools/default.nix +++ b/pkgs/tools/security/rng-tools/default.nix @@ -1,24 +1,50 @@ -{ stdenv, fetchurl }: - +{ stdenv, fetchFromGitHub, libtool, autoconf, automake, pkgconfig +, sysfsutils + # WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS + # https://www.nist.gov/programs-projects/nist-randomness-beacon +, curl ? null, libxml2 ? null, openssl ? null, withNistBeacon ? false + # Systems that support RDRAND but not AES-NI require libgcrypt to use RDRAND as an entropy source +, libgcrypt ? null, withGcrypt ? true + # Not sure if jitterentropy is safe to use for cryptography + # and thus a default entropy source +, jitterentropy ? null, withJitterEntropy ? false +}: +with stdenv.lib; stdenv.mkDerivation rec { - name = "rng-tools-5"; + name = "rng-tools-${version}"; + version = "6.6"; + + src = fetchFromGitHub { + owner = "nhorman"; + repo = "rng-tools"; + rev = "v${version}"; + sha256 = "0c32sxfvngdjzfmxn5ngc5yxwi8ij3yl216nhzyz9r31qi3m14v7"; + }; - src = fetchurl { - url = "mirror://sourceforge/gkernel/${name}.tar.gz"; + nativeBuildInputs = [ libtool autoconf automake pkgconfig ]; - sha256 = "13h7lc8wl9khhvkr0i3bl5j9bapf8anhqis1lcnwxg1vc2v058b0"; - }; + preConfigure = "./autogen.sh"; + + configureFlags = + optional (!withJitterEntropy) "--disable-jitterentropy" + ++ optional (!withNistBeacon) "--without-nistbeacon" + ++ optional (!withGcrypt) "--without-libgcrypt"; + + buildInputs = [ sysfsutils ] + ++ optional withJitterEntropy [ jitterentropy ] + ++ optional withGcrypt [ libgcrypt.dev ] + ++ optional withNistBeacon [ openssl.dev curl.dev libxml2.dev ]; + + enableParallelBuilding = true; # For cross-compilation makeFlags = [ "AR:=$(AR)" ]; meta = { description = "A random number generator daemon"; - - homepage = https://sourceforge.net/projects/gkernel; - - license = stdenv.lib.licenses.gpl2; - + homepage = https://github.com/nhorman/rng-tools; + license = stdenv.lib.licenses.gpl2Plus; platforms = stdenv.lib.platforms.linux; + maintainers = with stdenv.lib.maintainers; [ johnazoidberg ]; }; } diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index a0f611dd9611..c5cbc3abce99 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -234,6 +234,7 @@ mapAliases ({ qwt6 = libsForQt5.qwt; # added 2015-12-19 rdiff_backup = rdiff-backup; # added 2014-11-23 rdmd = dtools; # added 2017-08-19 + rng_tools = rng-tools; # added 2018-10-24 robomongo = robo3t; #added 2017-09-28 rssglx = rss-glx; #added 2015-03-25 ruby_2_0_0 = throw "deprecated 2018-0213: use a newer version of ruby"; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 45984c3e9678..16f1b80eef77 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3459,6 +3459,8 @@ with pkgs; jira-cli = callPackage ../development/tools/jira_cli { }; + jitterentropy = callPackage ../development/libraries/jitterentropy { }; + jl = haskellPackages.callPackage ../development/tools/jl { }; jmespath = callPackage ../development/tools/jmespath { }; @@ -5083,7 +5085,7 @@ with pkgs; inherit (pythonPackages) sphinx; }; - rng_tools = callPackage ../tools/security/rng-tools { }; + rng-tools = callPackage ../tools/security/rng-tools { }; rnv = callPackage ../tools/text/xml/rnv { }; |