diff options
author | Alyssa Ross <hi@alyssa.is> | 2024-01-20 12:31:50 +0100 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2024-01-20 12:32:25 +0100 |
commit | b7baf40e099b4215181fe7b0c63083b12ef2c7fb (patch) | |
tree | a6efabd31d05b6d0a36624729e80377bbbfb0149 /nixpkgs/pkgs/development/libraries/kerberos | |
parent | 710028664e26e85cb831a869b3da9f6993902255 (diff) | |
parent | 0799f514b1cd74878174939df79ac60ca5036673 (diff) | |
download | nixlib-b7baf40e099b4215181fe7b0c63083b12ef2c7fb.tar nixlib-b7baf40e099b4215181fe7b0c63083b12ef2c7fb.tar.gz nixlib-b7baf40e099b4215181fe7b0c63083b12ef2c7fb.tar.bz2 nixlib-b7baf40e099b4215181fe7b0c63083b12ef2c7fb.tar.lz nixlib-b7baf40e099b4215181fe7b0c63083b12ef2c7fb.tar.xz nixlib-b7baf40e099b4215181fe7b0c63083b12ef2c7fb.tar.zst nixlib-b7baf40e099b4215181fe7b0c63083b12ef2c7fb.zip |
Merge branch 'nixos-unstable-small' of https://github.com/NixOS/nixpkgs
Conflicts: nixpkgs/pkgs/build-support/rust/build-rust-package/default.nix
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/kerberos')
-rw-r--r-- | nixpkgs/pkgs/development/libraries/kerberos/heimdal-make-missing-headers.patch | 10 | ||||
-rw-r--r-- | nixpkgs/pkgs/development/libraries/kerberos/heimdal.nix | 170 |
2 files changed, 124 insertions, 56 deletions
diff --git a/nixpkgs/pkgs/development/libraries/kerberos/heimdal-make-missing-headers.patch b/nixpkgs/pkgs/development/libraries/kerberos/heimdal-make-missing-headers.patch deleted file mode 100644 index a0fa625538b7..000000000000 --- a/nixpkgs/pkgs/development/libraries/kerberos/heimdal-make-missing-headers.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/lib/hx509/Makefile.am 2018-03-21 15:41:38.622968809 +0100 -+++ b/lib/hx509/Makefile.am 2018-03-21 15:41:32.655162197 +0100 -@@ -9,6 +9,8 @@ - sel-gram.h \ - $(gen_files_ocsp:.x=.c) \ - $(gen_files_pkcs10:.x=.c) \ -+ ocsp_asn1.h \ -+ pkcs10_asn1.h \ - hx509_err.c \ - hx509_err.h diff --git a/nixpkgs/pkgs/development/libraries/kerberos/heimdal.nix b/nixpkgs/pkgs/development/libraries/kerberos/heimdal.nix index e4a61a3c0731..ff211b6b9c34 100644 --- a/nixpkgs/pkgs/development/libraries/kerberos/heimdal.nix +++ b/nixpkgs/pkgs/development/libraries/kerberos/heimdal.nix @@ -1,63 +1,138 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, python3, perl, bison, flex -, texinfo, perlPackages -, openldap, libcap_ng, sqlite, openssl, db, libedit, pam -, CoreFoundation, Security, SystemConfiguration +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, pkg-config +, python3 +, perl +, bison +, flex +, texinfo +, perlPackages + +, openldap +, libcap_ng +, sqlite +, openssl +, db +, libedit +, pam +, krb5 +, libmicrohttpd +, cjson + +, CoreFoundation +, Security +, SystemConfiguration + +, curl +, jdk +, unzip +, which + +, nixosTests + +, withCJSON ? true +, withCapNG ? stdenv.isLinux +# libmicrohttpd should theoretically work for darwin as well, but something is broken. +# It affects tests check-bx509d and check-httpkadmind. +, withMicroHTTPD ? stdenv.isLinux +, withOpenLDAP ? true +, withOpenLDAPAsHDBModule ? false +, withOpenSSL ? true +, withSQLite3 ? true }: -stdenv.mkDerivation rec { +assert lib.assertMsg (withOpenLDAPAsHDBModule -> withOpenLDAP) '' + OpenLDAP needs to be enabled in order to build the OpenLDAP HDB Module. +''; + +stdenv.mkDerivation { pname = "heimdal"; - version = "7.8.0"; + version = "7.8.0-unstable-2023-11-29"; src = fetchFromGitHub { owner = "heimdal"; repo = "heimdal"; - rev = "heimdal-${version}"; - sha256 = "sha256-iXOaar1S3y0xHdL0S+vS0uxoFQjy43kABxqE+KEhxjU="; + rev = "3253c49544eacb33d5ad2f6f919b0696e5aab794"; + hash = "sha256-uljzQBzXrZCZjcIWfioqHN8YsbUUNy14Vo+A3vZIXzM="; }; outputs = [ "out" "dev" "man" "info" ]; - patches = [ ./heimdal-make-missing-headers.patch ]; - - nativeBuildInputs = [ autoreconfHook pkg-config python3 perl bison flex texinfo ] - ++ (with perlPackages; [ JSON ]); - buildInputs = lib.optionals (stdenv.isLinux) [ libcap_ng ] - ++ [ db sqlite openssl libedit openldap pam] - ++ lib.optionals (stdenv.isDarwin) [ CoreFoundation Security SystemConfiguration ]; + nativeBuildInputs = [ + autoreconfHook + pkg-config + python3 + perl + bison + flex + texinfo + ] + ++ (with perlPackages; [ JSON ]); + + buildInputs = [ db libedit pam ] + ++ lib.optionals (stdenv.isDarwin) [ CoreFoundation Security SystemConfiguration ] + ++ lib.optionals (withCJSON) [ cjson ] + ++ lib.optionals (withCapNG) [ libcap_ng ] + ++ lib.optionals (withMicroHTTPD) [ libmicrohttpd ] + ++ lib.optionals (withOpenLDAP) [ openldap ] + ++ lib.optionals (withOpenSSL) [ openssl ] + ++ lib.optionals (withSQLite3) [ sqlite ]; + + doCheck = true; + nativeCheckInputs = [ + curl + jdk + unzip + which + ]; - ## ugly, X should be made an option configureFlags = [ - "--sysconfdir=/etc" - "--localstatedir=/var" - "--infodir=$info/share/info" - "--enable-hdb-openldap-module" - "--with-sqlite3=${sqlite.dev}" - - # ugly, --with-libedit is not enought, it fall back to bundled libedit "--with-libedit-include=${libedit.dev}/include" "--with-libedit-lib=${libedit}/lib" - "--with-openssl=${openssl.dev}" - "--without-x" - "--with-berkeley-db" "--with-berkeley-db-include=${db.dev}/include" - "--with-openldap=${openldap.dev}" - ] ++ lib.optionals (stdenv.isLinux) [ + "--with-berkeley-db" + + "--without-x" + "--disable-afs-string-to-key" + ] ++ lib.optionals (withCapNG) [ "--with-capng" + ] ++ lib.optionals (withCJSON) [ + "--with-cjson=${cjson}" + ] ++ lib.optionals (withOpenLDAP) [ + "--with-openldap=${openldap.dev}" + ] ++ lib.optionals (withOpenLDAPAsHDBModule) [ + "--enable-hdb-openldap-module" + ] ++ lib.optionals (withSQLite3) [ + "--with-sqlite3=${sqlite.dev}" ]; - postUnpack = '' - sed -i '/^DEFAULT_INCLUDES/ s,$, -I..,' source/cf/Makefile.am.common - sed -i -e 's/date/date --date="@$SOURCE_DATE_EPOCH"/' source/configure.ac + # (check-ldap) slapd resides within ${openldap}/libexec, + # which is not part of $PATH by default. + # (check-ldap) prepending ${openldap}/bin to the path to avoid + # using the default installation of openldap on unsandboxed darwin systems, + # which does not support the new mdb backend at the moment (2024-01-13). + # (check-ldap) the bdb backend got deprecated in favour of mdb in openldap 2.5.0, + # but the heimdal tests still seem to expect bdb as the openldap backend. + # This might be fixed upstream in a future update. + patchPhase = '' + runHook prePatch + + substituteInPlace tests/ldap/slapd-init.in \ + --replace 'SCHEMA_PATHS="' 'SCHEMA_PATHS="${openldap}/etc/schema ' + substituteInPlace tests/ldap/check-ldap.in \ + --replace 'PATH=' 'PATH=${openldap}/libexec:${openldap}/bin:' + substituteInPlace tests/ldap/slapd.conf \ + --replace 'database bdb' 'database mdb' + + runHook postPatch ''; - preConfigure = '' - configureFlagsArray+=( - "--bindir=$out/bin" - "--sbindir=$out/sbin" - "--libexecdir=$out/libexec/heimdal" - "--mandir=$man/share/man" - "--infodir=$man/share/info" - "--includedir=$dev/include") + # (test_cc) heimdal uses librokens implementation of `secure_getenv` on darwin, + # which expects either USER or LOGNAME to be set. + preCheck = lib.optionalString (stdenv.isDarwin) '' + export USER=nix-builder ''; # We need to build hcrypt for applications like samba @@ -71,15 +146,12 @@ stdenv.mkDerivation rec { (cd include/hcrypto; make -j $NIX_BUILD_CORES install) (cd lib/hcrypto; make -j $NIX_BUILD_CORES install) - # Do we need it? - rm $out/bin/su - mkdir -p $dev/bin mv $out/bin/krb5-config $dev/bin/ # asn1 compilers, move them to $dev - mv $out/libexec/heimdal/heimdal/* $dev/bin - rmdir $out/libexec/heimdal/heimdal + mv $out/libexec/heimdal/* $dev/bin + rmdir $out/libexec/heimdal # compile_et is needed for cross-compiling this package and samba mv lib/com_err/.libs/compile_et $dev/bin @@ -90,11 +162,17 @@ stdenv.mkDerivation rec { # hx_locl.h:67:25: fatal error: pkcs10_asn1.h: No such file or directory #enableParallelBuilding = true; + passthru = { + implementation = "heimdal"; + tests.nixos = nixosTests.kerberos.heimdal; + }; + meta = with lib; { + homepage = "https://www.heimdal.software"; + changelog = "https://github.com/heimdal/heimdal/releases"; description = "An implementation of Kerberos 5 (and some more stuff)"; license = licenses.bsd3; platforms = platforms.unix; + maintainers = with maintainers; [ h7x4 ]; }; - - passthru.implementation = "heimdal"; } |