diff options
| author | Alyssa Ross <hi@alyssa.is> | 2021-01-26 18:06:19 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2021-01-26 18:21:18 +0000 |
| commit | 7ac6743433dd45ceaead2ca96f6356dc0d064ce6 (patch) | |
| tree | b68ec89d7d2a8d2b6e6b1ff94ba26d6af4096350 /nixpkgs/pkgs/tools/security | |
| parent | c5c7451dbef37b51f52792d6395a670ef5183d27 (diff) | |
| parent | 891f607d5301d6730cb1f9dcf3618bcb1ab7f10e (diff) | |
| download | nixlib-7ac6743433dd45ceaead2ca96f6356dc0d064ce6.tar nixlib-7ac6743433dd45ceaead2ca96f6356dc0d064ce6.tar.gz nixlib-7ac6743433dd45ceaead2ca96f6356dc0d064ce6.tar.bz2 nixlib-7ac6743433dd45ceaead2ca96f6356dc0d064ce6.tar.lz nixlib-7ac6743433dd45ceaead2ca96f6356dc0d064ce6.tar.xz nixlib-7ac6743433dd45ceaead2ca96f6356dc0d064ce6.tar.zst nixlib-7ac6743433dd45ceaead2ca96f6356dc0d064ce6.zip | |
Merge commit '891f607d5301d6730cb1f9dcf3618bcb1ab7f10e'
Diffstat (limited to 'nixpkgs/pkgs/tools/security')
271 files changed, 1892 insertions, 984 deletions
diff --git a/nixpkgs/pkgs/tools/security/1password-gui/default.nix b/nixpkgs/pkgs/tools/security/1password-gui/default.nix index 667a21343e61..ead8aae7d1c8 100644 --- a/nixpkgs/pkgs/tools/security/1password-gui/default.nix +++ b/nixpkgs/pkgs/tools/security/1password-gui/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , fetchurl , appimageTools , makeWrapper @@ -8,11 +8,11 @@ stdenv.mkDerivation rec { pname = "1password"; - version = "0.9.7"; + version = "0.9.9-3"; src = fetchurl { url = "https://onepassword.s3.amazonaws.com/linux/appimage/${pname}-${version}.AppImage"; - hash = "sha256-JaYFJL24Pgwh5CrsKjJPL8u0fx1x0beFTK+EGNT1iqA="; + hash = "sha256-REuES0yTjTsBHapmj1YLCTIq2cIVtr7Z8ZiEgMCrwrs="; }; nativeBuildInputs = [ makeWrapper ]; @@ -48,12 +48,12 @@ stdenv.mkDerivation rec { # Wrap the application with Electron. makeWrapper "${electron_11}/bin/electron" "$out/bin/${pname}" \ --add-flags "$out/share/${pname}/resources/app.asar" \ - --prefix LD_LIBRARY_PATH : "${stdenv.lib.makeLibraryPath runtimeLibs}" + --prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath runtimeLibs}" ''; passthru.updateScript = ./update.sh; - meta = with stdenv.lib; { + meta = with lib; { description = "Multi-platform password manager"; longDescription = '' 1Password is a multi-platform package manager. diff --git a/nixpkgs/pkgs/tools/security/2fa/default.nix b/nixpkgs/pkgs/tools/security/2fa/default.nix index 7b6048660c45..c8518ef0a9fb 100644 --- a/nixpkgs/pkgs/tools/security/2fa/default.nix +++ b/nixpkgs/pkgs/tools/security/2fa/default.nix @@ -1,7 +1,7 @@ -{ stdenv, buildGoPackage, fetchFromGitHub }: +{ lib, stdenv, buildGoPackage, fetchFromGitHub }: buildGoPackage rec { - version = "1.1.0"; + version = "1.2.0"; pname = "2fa"; goPackagePath = "rsc.io/2fa"; @@ -10,10 +10,10 @@ buildGoPackage rec { owner = "rsc"; repo = "2fa"; rev = "v${version}"; - sha256 = "0827vl2bxd6m2rbj00x7857cs7cic3mlg5nlhqzd0n73dm5vk2za"; + sha256 = "sha256-cB5iADZwvJQwwK1GockE2uicFlqFMEAY6xyeXF5lnUY="; }; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://rsc.io/2fa"; description = "Two-factor authentication on the command line"; maintainers = with maintainers; [ rvolosatovs ]; diff --git a/nixpkgs/pkgs/tools/security/acsccid/default.nix b/nixpkgs/pkgs/tools/security/acsccid/default.nix index 53842cbb1fc4..da461a96957a 100644 --- a/nixpkgs/pkgs/tools/security/acsccid/default.nix +++ b/nixpkgs/pkgs/tools/security/acsccid/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , fetchFromGitHub , autoconf , automake @@ -6,7 +6,7 @@ , gettext , flex , perl -, pkgconfig +, pkg-config , pcsclite , libusb1 , libiconv @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ - pkgconfig + pkg-config autoconf automake libtool @@ -36,7 +36,7 @@ stdenv.mkDerivation rec { buildInputs = [ pcsclite libusb1 - ] ++ stdenv.lib.optionals stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ libiconv ]; @@ -60,7 +60,7 @@ stdenv.mkDerivation rec { autoconf ''; - meta = with stdenv.lib; { + meta = with lib; { description = "A PC/SC driver for Linux/Mac OS X and it supports ACS CCID smart card readers"; longDescription = '' acsccid is a PC/SC driver for Linux/Mac OS X and it supports ACS CCID smart card diff --git a/nixpkgs/pkgs/tools/security/aespipe/default.nix b/nixpkgs/pkgs/tools/security/aespipe/default.nix index e25416e55b88..f2244f98d54b 100644 --- a/nixpkgs/pkgs/tools/security/aespipe/default.nix +++ b/nixpkgs/pkgs/tools/security/aespipe/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, sharutils, makeWrapper }: +{ lib, stdenv, fetchurl, sharutils, makeWrapper }: stdenv.mkDerivation rec { pname = "aespipe"; @@ -16,10 +16,10 @@ stdenv.mkDerivation rec { postInstall = '' cp bz2aespipe $out/bin wrapProgram $out/bin/bz2aespipe \ - --prefix PATH : $out/bin:${stdenv.lib.makeBinPath [ sharutils ]} + --prefix PATH : $out/bin:${lib.makeBinPath [ sharutils ]} ''; - meta = with stdenv.lib; { + meta = with lib; { description = "AES encrypting or decrypting pipe"; homepage = "http://loop-aes.sourceforge.net/aespipe.README"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/afl/default.nix b/nixpkgs/pkgs/tools/security/afl/default.nix index 091b52bfcf04..056aa3b07fde 100644 --- a/nixpkgs/pkgs/tools/security/afl/default.nix +++ b/nixpkgs/pkgs/tools/security/afl/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, callPackage, makeWrapper +{ lib, stdenv, fetchFromGitHub, callPackage, makeWrapper , clang, llvm, which, libcgroup }: @@ -74,9 +74,9 @@ let testing regimes down the road. ''; homepage = "https://lcamtuf.coredump.cx/afl/"; - license = stdenv.lib.licenses.asl20; + license = lib.licenses.asl20; platforms = ["x86_64-linux" "i686-linux"]; - maintainers = with stdenv.lib.maintainers; [ thoughtpolice ris ]; + maintainers = with lib.maintainers; [ thoughtpolice ris ]; }; }; in afl diff --git a/nixpkgs/pkgs/tools/security/afl/libdislocator.nix b/nixpkgs/pkgs/tools/security/afl/libdislocator.nix index 103786d12441..400464c00567 100644 --- a/nixpkgs/pkgs/tools/security/afl/libdislocator.nix +++ b/nixpkgs/pkgs/tools/security/afl/libdislocator.nix @@ -1,7 +1,7 @@ -{ stdenv, afl}: +{ lib, stdenv, afl}: stdenv.mkDerivation { - version = stdenv.lib.getVersion afl; + version = lib.getVersion afl; pname = "libdislocator"; src = afl.src; @@ -21,14 +21,14 @@ stdenv.mkDerivation { chmod +x $out/bin/get-libdislocator-so ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://lcamtuf.coredump.cx/afl/"; description = '' Drop-in replacement for the libc allocator which improves the odds of bumping into heap-related security bugs in several ways. ''; - license = stdenv.lib.licenses.asl20; + license = lib.licenses.asl20; maintainers = with maintainers; [ ris ]; }; } diff --git a/nixpkgs/pkgs/tools/security/afl/qemu.nix b/nixpkgs/pkgs/tools/security/afl/qemu.nix index 3af44763a8a6..b88da7599d1d 100644 --- a/nixpkgs/pkgs/tools/security/afl/qemu.nix +++ b/nixpkgs/pkgs/tools/security/afl/qemu.nix @@ -1,8 +1,8 @@ -{ stdenv, fetchurl, afl, python2, zlib, pkgconfig, glib, perl +{ lib, stdenv, fetchurl, afl, python2, zlib, pkg-config, glib, perl , texinfo, libuuid, flex, bison, pixman, autoconf }: -with stdenv.lib; +with lib; let qemuName = "qemu-2.10.0"; @@ -34,7 +34,7 @@ stdenv.mkDerivation { ''; nativeBuildInputs = [ - python2 perl pkgconfig flex bison autoconf texinfo + python2 perl pkg-config flex bison autoconf texinfo ]; buildInputs = [ @@ -69,7 +69,7 @@ stdenv.mkDerivation { "--localstatedir=/var" ]; - meta = with stdenv.lib; { + meta = with lib; { homepage = "http://www.qemu.org/"; description = "Fork of QEMU with AFL instrumentation support"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/aflplusplus/default.nix b/nixpkgs/pkgs/tools/security/aflplusplus/default.nix index 8e5db3cd22c9..79a0779e60a1 100644 --- a/nixpkgs/pkgs/tools/security/aflplusplus/default.nix +++ b/nixpkgs/pkgs/tools/security/aflplusplus/default.nix @@ -1,4 +1,4 @@ -{ stdenv, stdenvNoCC, fetchFromGitHub, callPackage, makeWrapper +{ lib, stdenv, stdenvNoCC, fetchFromGitHub, callPackage, makeWrapper , clang, llvm, gcc, which, libcgroup, python, perl, gmp , file, wine ? null, fetchpatch }: @@ -31,7 +31,7 @@ let # script. nativeBuildInputs = [ makeWrapper which clang gcc ]; buildInputs = [ llvm python gmp ] - ++ stdenv.lib.optional (wine != null) python.pkgs.wrapPython; + ++ lib.optional (wine != null) python.pkgs.wrapPython; postPatch = '' @@ -91,7 +91,7 @@ let patchShebangs $out/bin - '' + stdenv.lib.optionalString (wine != null) '' + '' + lib.optionalString (wine != null) '' substitute afl-wine-trace $out/bin/afl-wine-trace \ --replace "qemu_mode/unsigaction" "$out/lib/afl" chmod +x $out/bin/afl-wine-trace @@ -128,9 +128,9 @@ let and improvements from the community ''; homepage = "https://aflplus.plus"; - license = stdenv.lib.licenses.asl20; + license = lib.licenses.asl20; platforms = ["x86_64-linux" "i686-linux"]; - maintainers = with stdenv.lib.maintainers; [ ris mindavi ]; + maintainers = with lib.maintainers; [ ris mindavi ]; }; }; in aflplusplus diff --git a/nixpkgs/pkgs/tools/security/aflplusplus/libdislocator.nix b/nixpkgs/pkgs/tools/security/aflplusplus/libdislocator.nix index 6f947a7280af..ed695a7a7027 100644 --- a/nixpkgs/pkgs/tools/security/aflplusplus/libdislocator.nix +++ b/nixpkgs/pkgs/tools/security/aflplusplus/libdislocator.nix @@ -1,7 +1,7 @@ -{ stdenv, aflplusplus}: +{ lib, stdenv, aflplusplus}: stdenv.mkDerivation { - version = stdenv.lib.getVersion aflplusplus; + version = lib.getVersion aflplusplus; pname = "libdislocator"; src = aflplusplus.src; @@ -24,14 +24,14 @@ stdenv.mkDerivation { chmod +x $out/bin/get-libdislocator-so ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/vanhauser-thc/AFLplusplus"; description = '' Drop-in replacement for the libc allocator which improves the odds of bumping into heap-related security bugs in several ways. ''; - license = stdenv.lib.licenses.asl20; + license = lib.licenses.asl20; maintainers = with maintainers; [ ris ]; }; } diff --git a/nixpkgs/pkgs/tools/security/aflplusplus/libtokencap.nix b/nixpkgs/pkgs/tools/security/aflplusplus/libtokencap.nix index 9421ee0d1e2b..f3ea5d4ec6b7 100644 --- a/nixpkgs/pkgs/tools/security/aflplusplus/libtokencap.nix +++ b/nixpkgs/pkgs/tools/security/aflplusplus/libtokencap.nix @@ -1,7 +1,7 @@ -{ stdenv, aflplusplus}: +{ lib, stdenv, aflplusplus}: stdenv.mkDerivation { - version = stdenv.lib.getVersion aflplusplus; + version = lib.getVersion aflplusplus; pname = "libtokencap"; src = aflplusplus.src; @@ -23,10 +23,10 @@ stdenv.mkDerivation { chmod +x $out/bin/get-libtokencap-so ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/vanhauser-thc/AFLplusplus"; description = "strcmp & memcmp token capture library"; - license = stdenv.lib.licenses.asl20; + license = lib.licenses.asl20; maintainers = with maintainers; [ ris ]; }; } diff --git a/nixpkgs/pkgs/tools/security/aflplusplus/qemu.nix b/nixpkgs/pkgs/tools/security/aflplusplus/qemu.nix index c51c839afe85..0a98f27182bf 100644 --- a/nixpkgs/pkgs/tools/security/aflplusplus/qemu.nix +++ b/nixpkgs/pkgs/tools/security/aflplusplus/qemu.nix @@ -1,8 +1,8 @@ -{ stdenv, fetchurl, aflplusplus, python2, zlib, pkgconfig, glib, perl +{ lib, stdenv, fetchurl, aflplusplus, python2, zlib, pkg-config, glib, perl , texinfo, libuuid, flex, bison, pixman, autoconf }: -with stdenv.lib; +with lib; let qemuName = "qemu-3.1.0"; @@ -44,7 +44,7 @@ stdenv.mkDerivation { ''; nativeBuildInputs = [ - python2 perl pkgconfig flex bison autoconf texinfo + python2 perl pkg-config flex bison autoconf texinfo ]; buildInputs = [ @@ -73,7 +73,7 @@ stdenv.mkDerivation { "--localstatedir=/var" ]; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://www.qemu.org/"; description = "Fork of QEMU with AFL++ instrumentation support"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/age/default.nix b/nixpkgs/pkgs/tools/security/age/default.nix index 4eb88211d6d0..74a2bb7a6206 100644 --- a/nixpkgs/pkgs/tools/security/age/default.nix +++ b/nixpkgs/pkgs/tools/security/age/default.nix @@ -2,14 +2,14 @@ buildGoModule rec { pname = "age"; - version = "1.0.0-beta5"; - vendorSha256 = "0km7a2826j3fk2nrkmgc990chrkcfz006wfw14yilsa4p2hmfl7m"; + version = "1.0.0-beta6"; + vendorSha256 = "sha256-FTByNpLkWWHAWe5wVDRBGtKap/5+XGHeBMQAIdlPCkA="; src = fetchFromGitHub { owner = "FiloSottile"; repo = "age"; rev = "v${version}"; - sha256 = "1hdbxd359z8zvnz7h8c4pa16nc7r8db36lx3gpks38lpi0r8hzqk"; + sha256 = "sha256-1LCcCEf2/R0am0jpA8yKl44+AoUFkbepxp9V6/nZkBQ="; }; meta = with lib; { diff --git a/nixpkgs/pkgs/tools/security/aide/default.nix b/nixpkgs/pkgs/tools/security/aide/default.nix index 59b723207583..49291775e379 100644 --- a/nixpkgs/pkgs/tools/security/aide/default.nix +++ b/nixpkgs/pkgs/tools/security/aide/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, flex, bison, libmhash, zlib, acl, attr, libselinux, pcre }: +{ lib, stdenv, fetchurl, flex, bison, libmhash, zlib, acl, attr, libselinux, pcre }: stdenv.mkDerivation rec { pname = "aide"; @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { "--with-xattr" ]; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://aide.github.io/"; description = "A file and directory integrity checker"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/aiodnsbrute/default.nix b/nixpkgs/pkgs/tools/security/aiodnsbrute/default.nix new file mode 100644 index 000000000000..77f03e4174f6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/aiodnsbrute/default.nix @@ -0,0 +1,45 @@ +{ lib +, buildPythonApplication +, fetchFromGitHub +, aiodns +, click +, tqdm +, uvloop +}: + +buildPythonApplication rec { + pname = "aiodnsbrute"; + version = "0.3.2"; + + src = fetchFromGitHub { + owner = "blark"; + repo = pname; + rev = "v${version}"; + sha256 = "0fs8544kx7vwvc97zpg4rs3lmvnb4vwika5g952rv3bfx4rv3bpg"; + }; + + # https://github.com/blark/aiodnsbrute/pull/8 + prePatch = '' + substituteInPlace setup.py --replace " 'asyncio', " "" + ''; + + propagatedBuildInputs = [ + aiodns + click + tqdm + uvloop + ]; + + # no tests present + doCheck = false; + + pythonImportsCheck = [ "aiodnsbrute.cli" ]; + + meta = with lib; { + description = "DNS brute force utility"; + homepage = "https://github.com/blark/aiodnsbrute"; + # https://github.com/blark/aiodnsbrute/issues/5 + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/apg/default.nix b/nixpkgs/pkgs/tools/security/apg/default.nix index 1dcdeae832d5..579026f07ca9 100644 --- a/nixpkgs/pkgs/tools/security/apg/default.nix +++ b/nixpkgs/pkgs/tools/security/apg/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, openssl }: +{ lib, stdenv, fetchurl, openssl }: stdenv.mkDerivation rec { name = "apg-2.3.0b"; src = fetchurl { @@ -8,14 +8,14 @@ stdenv.mkDerivation rec { configurePhase = '' substituteInPlace Makefile --replace /usr/local "$out" ''; - makeFlags = stdenv.lib.optionals stdenv.isDarwin ["CC=cc"]; + makeFlags = lib.optionals stdenv.isDarwin ["CC=cc"]; patches = [ ./apg.patch ./phony-install-target.patch ]; - postPatch = stdenv.lib.optionalString stdenv.isDarwin '' + postPatch = lib.optionalString stdenv.isDarwin '' sed -i -e 's|APG_CLIBS += -lcrypt|APG_CLIBS += -L${openssl.out}/lib -lcrypto|' Makefile ''; @@ -65,8 +65,8 @@ stdenv.mkDerivation rec { password generation ''; homepage = "http://www.adel.nursat.kz/apg/"; - license = stdenv.lib.licenses.bsd3; - maintainers = with stdenv.lib.maintainers; [ astsmtl ]; - platforms = stdenv.lib.platforms.unix; + license = lib.licenses.bsd3; + maintainers = with lib.maintainers; [ astsmtl ]; + platforms = lib.platforms.unix; }; } diff --git a/nixpkgs/pkgs/tools/security/asc-key-to-qr-code-gif/default.nix b/nixpkgs/pkgs/tools/security/asc-key-to-qr-code-gif/default.nix index ee5fa924cb6f..3256b5431a75 100644 --- a/nixpkgs/pkgs/tools/security/asc-key-to-qr-code-gif/default.nix +++ b/nixpkgs/pkgs/tools/security/asc-key-to-qr-code-gif/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, imagemagick, qrencode +{ lib, stdenv, fetchFromGitHub, imagemagick, qrencode , testQR ? false, zbar ? null }: @@ -23,12 +23,12 @@ stdenv.mkDerivation { substitutions = [ ''--replace "convert" "${imagemagick}/bin/convert"'' ''--replace "qrencode" "${qrencode.bin}/bin/qrencode"'' - ] ++ stdenv.lib.optional testQR [ + ] ++ lib.optional testQR [ ''--replace "hash zbarimg" "true"'' # hash does not work on NixOS ''--replace "$(zbarimg --raw" "$(${zbar.out}/bin/zbarimg --raw"'' ]; in '' - substituteInPlace asc-to-gif.sh ${stdenv.lib.concatStringsSep " " substitutions} + substituteInPlace asc-to-gif.sh ${lib.concatStringsSep " " substitutions} ''; installPhase = '' @@ -36,7 +36,7 @@ stdenv.mkDerivation { cp * $out/bin/ ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/yishilin14/asc-key-to-qr-code-gif"; description = "Convert ASCII-armored PGP keys to animated QR code"; platforms = platforms.linux; diff --git a/nixpkgs/pkgs/tools/security/aws-iam-authenticator/default.nix b/nixpkgs/pkgs/tools/security/aws-iam-authenticator/default.nix index 44282d5f9643..851eed43adef 100644 --- a/nixpkgs/pkgs/tools/security/aws-iam-authenticator/default.nix +++ b/nixpkgs/pkgs/tools/security/aws-iam-authenticator/default.nix @@ -1,4 +1,4 @@ -{ stdenv, buildGoPackage, fetchFromGitHub }: +{ lib, stdenv, buildGoPackage, fetchFromGitHub }: buildGoPackage rec { pname = "aws-iam-authenticator"; @@ -13,7 +13,7 @@ buildGoPackage rec { sha256 = "1ghl2vms9wmvczdl2raqhy0gffxmk24h158gjb5mlw7rggzvb7bg"; }; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/kubernetes-sigs/aws-iam-authenticator"; description = "AWS IAM credentials for Kubernetes authentication"; license = licenses.asl20; diff --git a/nixpkgs/pkgs/tools/security/aws-okta/default.nix b/nixpkgs/pkgs/tools/security/aws-okta/default.nix index 340c2cd971c6..73d95f52b8cf 100644 --- a/nixpkgs/pkgs/tools/security/aws-okta/default.nix +++ b/nixpkgs/pkgs/tools/security/aws-okta/default.nix @@ -1,8 +1,8 @@ -{ buildGoPackage, fetchFromGitHub, libusb1, pkgconfig, stdenv, libiconv }: +{ buildGoPackage, fetchFromGitHub, libusb1, pkg-config, lib, stdenv, libiconv }: buildGoPackage rec { pname = "aws-okta"; - version = "1.0.8"; + version = "1.0.11"; goPackagePath = "github.com/segmentio/aws-okta"; @@ -10,17 +10,17 @@ buildGoPackage rec { owner = "segmentio"; repo = "aws-okta"; rev = "v${version}"; - sha256 = "14bg9rdfxkpw00phc8faz4ghiyb0j7a9qai74lidrzplzl139bzf"; + sha256 = "sha256-1cprKpIFgM3+lUEHNvda34nJTH4Ch3LtTRq/Dp6QBQ8="; }; buildFlags = [ "--tags" "release" ]; buildFlagsArray = [ "-ldflags=-X main.Version=${version}" ]; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ libusb1 libiconv ]; - meta = with stdenv.lib; { + meta = with lib; { inherit version; description = "aws-vault like tool for Okta authentication"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/b2sum/default.nix b/nixpkgs/pkgs/tools/security/b2sum/default.nix index fdd4f2c73fd4..393043df6758 100644 --- a/nixpkgs/pkgs/tools/security/b2sum/default.nix +++ b/nixpkgs/pkgs/tools/security/b2sum/default.nix @@ -1,6 +1,6 @@ -{ stdenv, fetchzip, openmp ? null }: +{ lib, stdenv, fetchzip, openmp ? null }: -with stdenv.lib; +with lib; stdenv.mkDerivation { pname = "b2sum"; diff --git a/nixpkgs/pkgs/tools/security/badchars/default.nix b/nixpkgs/pkgs/tools/security/badchars/default.nix new file mode 100644 index 000000000000..3125ff0c28c9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/badchars/default.nix @@ -0,0 +1,32 @@ +{ lib +, buildPythonApplication +, fetchPypi +}: + +buildPythonApplication rec { + pname = "badchars"; + version = "0.4.0"; + + src = fetchPypi { + inherit pname version; + sha256 = "1xqki8qnfwl97d60xj69alyzwa1mnfbwki25j0vhvhb05varaxz2"; + }; + + postPatch = '' + substituteInPlace setup.py --replace "argparse" "" + ''; + + # no tests are available and it can't be imported (it's only a script, not a module) + doCheck = false; + + meta = with lib; { + description = "HEX badchar generator for different programming languages"; + longDescription = '' + A HEX bad char generator to instruct encoders such as shikata-ga-nai to + transform those to other chars. + ''; + homepage = "https://github.com/cytopia/badchars"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bash-supergenpass/default.nix b/nixpkgs/pkgs/tools/security/bash-supergenpass/default.nix index 53bc45acf8f7..9276c9b11677 100644 --- a/nixpkgs/pkgs/tools/security/bash-supergenpass/default.nix +++ b/nixpkgs/pkgs/tools/security/bash-supergenpass/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , fetchFromGitHub , unstableGitUpdater , makeWrapper @@ -21,12 +21,12 @@ stdenv.mkDerivation { installPhase = '' install -m755 -D supergenpass.sh "$out/bin/supergenpass" - wrapProgram "$out/bin/supergenpass" --prefix PATH : "${stdenv.lib.makeBinPath [ openssl coreutils gnugrep ]}" + wrapProgram "$out/bin/supergenpass" --prefix PATH : "${lib.makeBinPath [ openssl coreutils gnugrep ]}" ''; passthru.updateScript = unstableGitUpdater { }; - meta = with stdenv.lib; { + meta = with lib; { description = "Bash shell-script implementation of SuperGenPass password generation"; longDescription = '' Bash shell-script implementation of SuperGenPass password generation diff --git a/nixpkgs/pkgs/tools/security/bettercap/default.nix b/nixpkgs/pkgs/tools/security/bettercap/default.nix index 17cb0308a168..f2df464a907b 100644 --- a/nixpkgs/pkgs/tools/security/bettercap/default.nix +++ b/nixpkgs/pkgs/tools/security/bettercap/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , buildGoModule , fetchFromGitHub , pkg-config @@ -10,24 +10,24 @@ buildGoModule rec { pname = "bettercap"; - version = "2.28"; + version = "2.29"; src = fetchFromGitHub { owner = pname; repo = pname; rev = "v${version}"; - sha256 = "0aihinn3i3jj350l2rqph7nv3wy4nh4f8syidf77zybjcp9nmcys"; + sha256 = "sha256-hXYsFRYSyYKYJM4gS0Dyiia9aPA07GWSsp9doA0vYGI="; }; - vendorSha256 = "0yfs1f18d8frbkrshsajzzbj4wh2azd89g2h35wm6wqknvlipwr0"; + vendorSha256 = "sha256-yIvwYUK+4cnHFwvJS2seDa9vJ/2cQ10Q46hR8U0aSRE="; doCheck = false; nativeBuildInputs = [ pkg-config ]; buildInputs = [ libpcap libusb1 ] - ++ stdenv.lib.optionals stdenv.isLinux [ libnfnetlink libnetfilter_queue ]; + ++ lib.optionals stdenv.isLinux [ libnfnetlink libnetfilter_queue ]; - meta = with stdenv.lib; { + meta = with lib; { description = "A man in the middle tool"; longDescription = '' BetterCAP is a powerful, flexible and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more. diff --git a/nixpkgs/pkgs/tools/security/bitwarden/default.nix b/nixpkgs/pkgs/tools/security/bitwarden/default.nix index c35a4d60e9e7..8763c361d70d 100644 --- a/nixpkgs/pkgs/tools/security/bitwarden/default.nix +++ b/nixpkgs/pkgs/tools/security/bitwarden/default.nix @@ -17,14 +17,14 @@ let pname = "bitwarden"; version = { - x86_64-linux = "1.23.0"; + x86_64-linux = "1.23.1"; }.${system} or ""; sha256 = { - x86_64-linux = "1z1r8327xymqf2h98wb2fb02s41pxc6fh5w4bxmdgpx7k1jx5kvg"; + x86_64-linux = "1jv6w1g6b9c4xa5zy7pgzrkn8k4pyy3cdkh0nw2czn1cw2gaccs1"; }.${system} or ""; - meta = with stdenv.lib; { + meta = with lib; { description = "A secure and free password manager for all of your devices"; homepage = "https://bitwarden.com"; license = licenses.gpl3; @@ -78,7 +78,7 @@ let postFixup = '' makeWrapper $out/opt/Bitwarden/bitwarden $out/bin/bitwarden \ - --prefix LD_LIBRARY_PATH : "${stdenv.lib.makeLibraryPath [ libsecret stdenv.cc.cc ] }" \ + --prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ libsecret stdenv.cc.cc ] }" \ "''${gappsWrapperArgs[@]}" ''; }; diff --git a/nixpkgs/pkgs/tools/security/bitwarden_rs/default.nix b/nixpkgs/pkgs/tools/security/bitwarden_rs/default.nix index 57e865ef596a..3b623cefd0de 100644 --- a/nixpkgs/pkgs/tools/security/bitwarden_rs/default.nix +++ b/nixpkgs/pkgs/tools/security/bitwarden_rs/default.nix @@ -1,5 +1,5 @@ -{ stdenv, rustPlatform, fetchFromGitHub, nixosTests -, pkgconfig, openssl +{ lib, stdenv, rustPlatform, fetchFromGitHub, nixosTests +, pkg-config, openssl , Security, CoreServices , dbBackend ? "sqlite", libmysqlclient, postgresql }: @@ -17,8 +17,8 @@ in rustPlatform.buildRustPackage rec { sha256 = "0hi29vy23a5r23pgzdssd2gvim8vw2vmykck5cl5phq11a3az31p"; }; - nativeBuildInputs = [ pkgconfig ]; - buildInputs = with stdenv.lib; [ openssl ] + nativeBuildInputs = [ pkg-config ]; + buildInputs = with lib; [ openssl ] ++ optionals stdenv.isDarwin [ Security CoreServices ] ++ optional (dbBackend == "mysql") libmysqlclient ++ optional (dbBackend == "postgresql") postgresql; @@ -37,7 +37,7 @@ in rustPlatform.buildRustPackage rec { passthru.tests = nixosTests.bitwarden; - meta = with stdenv.lib; { + meta = with lib; { description = "Unofficial Bitwarden compatible server written in Rust"; homepage = "https://github.com/dani-garcia/bitwarden_rs"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/bitwarden_rs/vault.nix b/nixpkgs/pkgs/tools/security/bitwarden_rs/vault.nix index 786ff5784557..bef7fc8d6be4 100644 --- a/nixpkgs/pkgs/tools/security/bitwarden_rs/vault.nix +++ b/nixpkgs/pkgs/tools/security/bitwarden_rs/vault.nix @@ -1,12 +1,12 @@ -{ stdenv, fetchurl, nixosTests }: +{ lib, stdenv, fetchurl, nixosTests }: stdenv.mkDerivation rec { pname = "bitwarden_rs-vault"; - version = "2.16.1"; + version = "2.17.1"; src = fetchurl { url = "https://github.com/dani-garcia/bw_web_builds/releases/download/v${version}/bw_web_v${version}.tar.gz"; - sha256 = "1c4fcf8jzgd6636wv903r5msc9z5l56l2i4k93kvb2zvg7qj014w"; + sha256 = "1kd21higniszk1na5ag7q4g0l7h6ddl91gpbjbwym28hsbjvxla7"; }; buildCommand = '' @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { passthru.tests = nixosTests.bitwarden; - meta = with stdenv.lib; { + meta = with lib; { description = "Integrates the web vault into bitwarden_rs"; homepage = "https://github.com/dani-garcia/bw_web_builds"; platforms = platforms.all; diff --git a/nixpkgs/pkgs/tools/security/bmrsa/11.nix b/nixpkgs/pkgs/tools/security/bmrsa/11.nix index c7d4c4d01741..c8188fe4216a 100644 --- a/nixpkgs/pkgs/tools/security/bmrsa/11.nix +++ b/nixpkgs/pkgs/tools/security/bmrsa/11.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, unzip }: +{ lib, stdenv, fetchurl, unzip }: stdenv.mkDerivation rec { pname = "bmrsa"; @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { echo -e 'install:\n\tcp bmrsa '$out'/bin' >> Makefile ''; - meta = with stdenv.lib; { + meta = with lib; { description = "RSA utility"; homepage = "http://bmrsa.sourceforge.net/"; license = licenses.gpl1; diff --git a/nixpkgs/pkgs/tools/security/bruteforce-luks/default.nix b/nixpkgs/pkgs/tools/security/bruteforce-luks/default.nix index cfa27a5c6865..084368c105b2 100644 --- a/nixpkgs/pkgs/tools/security/bruteforce-luks/default.nix +++ b/nixpkgs/pkgs/tools/security/bruteforce-luks/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoreconfHook, cryptsetup }: +{ lib, stdenv, fetchFromGitHub, autoreconfHook, cryptsetup }: stdenv.mkDerivation rec { pname = "bruteforce-luks"; @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { doCheck = true; - meta = with stdenv.lib; { + meta = with lib; { inherit (src.meta) homepage; description = "Cracks passwords of LUKS encrypted volumes"; longDescription = '' diff --git a/nixpkgs/pkgs/tools/security/brutespray/default.nix b/nixpkgs/pkgs/tools/security/brutespray/default.nix index 78dd789047d0..25b9aecb8e0e 100644 --- a/nixpkgs/pkgs/tools/security/brutespray/default.nix +++ b/nixpkgs/pkgs/tools/security/brutespray/default.nix @@ -1,4 +1,4 @@ -{ stdenv, python3, fetchFromGitHub, makeWrapper, medusa }: +{ lib, stdenv, python3, fetchFromGitHub, makeWrapper, medusa }: stdenv.mkDerivation rec { pname = "brutespray"; @@ -25,13 +25,13 @@ stdenv.mkDerivation rec { patchShebangs $out/bin patchPythonScript $out/bin/brutespray wrapProgram $out/bin/brutespray \ - --prefix PATH : ${stdenv.lib.makeBinPath [ medusa ]} + --prefix PATH : ${lib.makeBinPath [ medusa ]} mkdir -p $out/share/brutespray cp -r wordlist/ $out/share/brutespray/wordlist ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/x90skysn3k/brutespray"; description = "Brute-Forcing from Nmap output - Automatically attempts default creds on found services"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/bundler-audit/gemset.nix b/nixpkgs/pkgs/tools/security/bundler-audit/gemset.nix index 2121a3c08e55..c543920549f6 100644 --- a/nixpkgs/pkgs/tools/security/bundler-audit/gemset.nix +++ b/nixpkgs/pkgs/tools/security/bundler-audit/gemset.nix @@ -20,4 +20,4 @@ }; version = "1.0.1"; }; -} \ No newline at end of file +} diff --git a/nixpkgs/pkgs/tools/security/bypass403/default.nix b/nixpkgs/pkgs/tools/security/bypass403/default.nix new file mode 100644 index 000000000000..5bf40766883a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bypass403/default.nix @@ -0,0 +1,25 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "bypass403"; + version = "1.4.0"; + + src = fetchFromGitHub { + owner = "drsigned"; + repo = pname; + rev = "v${version}"; + sha256 = "1x3a4lnxjxbv80kaydy57809n9r7vzci9ki4f98smf3w04s86rcl"; + }; + + vendorSha256 = "1bp6bf99rxlyg91pn1y228q18lawpykmvkl22cydmclms0q0n238"; + + meta = with lib; { + description = "Tool to bypass 403 Forbidden responses"; + homepage = "https://github.com/drsigned/bypass403"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ccid/default.nix b/nixpkgs/pkgs/tools/security/ccid/default.nix index b7f408e748fd..b20b513ac282 100644 --- a/nixpkgs/pkgs/tools/security/ccid/default.nix +++ b/nixpkgs/pkgs/tools/security/ccid/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pcsclite, pkgconfig, libusb1, perl }: +{ lib, stdenv, fetchurl, pcsclite, pkg-config, libusb1, perl }: stdenv.mkDerivation rec { pname = "ccid"; @@ -18,10 +18,10 @@ stdenv.mkDerivation rec { configureFlagsArray+=("--enable-usbdropdir=$out/pcsc/drivers") ''; - nativeBuildInputs = [ pkgconfig perl ]; + nativeBuildInputs = [ pkg-config perl ]; buildInputs = [ pcsclite libusb1 ]; - meta = with stdenv.lib; { + meta = with lib; { description = "ccid drivers for pcsclite"; homepage = "https://ccid.apdu.fr/"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/ccrypt/default.nix b/nixpkgs/pkgs/tools/security/ccrypt/default.nix index a3210b2a5987..bf5f26f7044f 100644 --- a/nixpkgs/pkgs/tools/security/ccrypt/default.nix +++ b/nixpkgs/pkgs/tools/security/ccrypt/default.nix @@ -1,4 +1,4 @@ -{stdenv, fetchurl, perl}: +{lib, stdenv, fetchurl, perl}: stdenv.mkDerivation { name = "ccrypt-1.11"; @@ -15,8 +15,8 @@ stdenv.mkDerivation { meta = { homepage = "http://ccrypt.sourceforge.net/"; description = "Utility for encrypting and decrypting files and streams with AES-256"; - license = stdenv.lib.licenses.gpl2Plus; - maintainers = with stdenv.lib.maintainers; [viric]; - platforms = with stdenv.lib.platforms; all; + license = lib.licenses.gpl2Plus; + maintainers = with lib.maintainers; [viric]; + platforms = with lib.platforms; all; }; } diff --git a/nixpkgs/pkgs/tools/security/certmgr/default.nix b/nixpkgs/pkgs/tools/security/certmgr/default.nix index be3f891cc8bb..47848b25b435 100644 --- a/nixpkgs/pkgs/tools/security/certmgr/default.nix +++ b/nixpkgs/pkgs/tools/security/certmgr/default.nix @@ -1,4 +1,4 @@ -{ stdenv, buildGoPackage, fetchFromGitHub, fetchpatch }: +{ lib, stdenv, buildGoPackage, fetchFromGitHub, fetchpatch }: let generic = { patches ? [] }: @@ -17,7 +17,7 @@ let inherit patches; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://cfssl.org/"; description = "Cloudflare's certificate manager"; platforms = platforms.linux; diff --git a/nixpkgs/pkgs/tools/security/certstrap/default.nix b/nixpkgs/pkgs/tools/security/certstrap/default.nix index 99ba5c9e29b7..f0c756f54f9d 100644 --- a/nixpkgs/pkgs/tools/security/certstrap/default.nix +++ b/nixpkgs/pkgs/tools/security/certstrap/default.nix @@ -1,4 +1,4 @@ -{ stdenv, buildGoPackage, fetchFromGitHub }: +{ lib, stdenv, buildGoPackage, fetchFromGitHub }: buildGoPackage rec { pname = "certstrap"; @@ -13,7 +13,7 @@ buildGoPackage rec { sha256 = "1ymchnn7c9g3pq7rw4lrwsd6z3wfjx90g7qgrw6r5hssl77mnscj"; }; - meta = with stdenv.lib; { + meta = with lib; { inherit (src.meta) homepage; description = "Tools to bootstrap CAs, certificate requests, and signed certificates"; license = licenses.asl20; diff --git a/nixpkgs/pkgs/tools/security/cfssl/default.nix b/nixpkgs/pkgs/tools/security/cfssl/default.nix index d926aaca68fb..835c5daa72c5 100644 --- a/nixpkgs/pkgs/tools/security/cfssl/default.nix +++ b/nixpkgs/pkgs/tools/security/cfssl/default.nix @@ -1,4 +1,4 @@ -{ stdenv, buildGoModule, fetchFromGitHub, go-rice }: +{ lib, stdenv, buildGoModule, fetchFromGitHub, go-rice }: buildGoModule rec { pname = "cfssl"; @@ -40,7 +40,7 @@ buildGoModule rec { -X github.com/cloudflare/cfssl/cli/version.version=v${version} ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://cfssl.org/"; description = "Cloudflare's PKI and TLS toolkit"; license = licenses.bsd2; diff --git a/nixpkgs/pkgs/tools/security/chaps/default.nix b/nixpkgs/pkgs/tools/security/chaps/default.nix index decc9ba31268..2f89c3ea5858 100644 --- a/nixpkgs/pkgs/tools/security/chaps/default.nix +++ b/nixpkgs/pkgs/tools/security/chaps/default.nix @@ -1,5 +1,5 @@ -{ stdenv, fetchFromGitiles, fetchFromGitHub, fetchurl, trousers, leveldb, unzip -, scons, pkgconfig, glib, dbus_cplusplus, dbus, protobuf, openssl, snappy, pam +{ lib, stdenv, fetchFromGitiles, fetchFromGitHub, fetchurl, trousers, leveldb, unzip +, scons, pkg-config, glib, dbus_cplusplus, dbus, protobuf, openssl, snappy, pam }: let @@ -49,7 +49,7 @@ stdenv.mkDerivation rec { substituteInPlace makefile --replace @@NIXOS_LEVELDB@@ ${leveldb} ''; - nativeBuildInputs = [ unzip scons pkgconfig ]; + nativeBuildInputs = [ unzip scons pkg-config ]; buildInputs = [ trousers glib dbus_cplusplus dbus protobuf openssl snappy leveldb pam ]; @@ -80,7 +80,7 @@ stdenv.mkDerivation rec { cp ${name}/man/* $out/usr/share/man/man8/. ''; - meta = with stdenv.lib; { + meta = with lib; { description = "PKCS #11 implementation based on trusted platform module (TPM)"; homepage = "https://www.chromium.org/developers/design-documents/chaps-technical-design"; maintainers = [ maintainers.tstrobel ]; diff --git a/nixpkgs/pkgs/tools/security/chipsec/default.nix b/nixpkgs/pkgs/tools/security/chipsec/default.nix index 0f162347cc83..45d6349af403 100644 --- a/nixpkgs/pkgs/tools/security/chipsec/default.nix +++ b/nixpkgs/pkgs/tools/security/chipsec/default.nix @@ -25,7 +25,7 @@ pythonPackages.buildPythonApplication rec { KERNEL_SRC_DIR = lib.optionalString withDriver "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; - meta = with stdenv.lib; { + meta = with lib; { description = "Platform Security Assessment Framework"; longDescription = '' CHIPSEC is a framework for analyzing the security of PC platforms diff --git a/nixpkgs/pkgs/tools/security/chkrootkit/default.nix b/nixpkgs/pkgs/tools/security/chkrootkit/default.nix index 864d73aaa972..f9f0dd96a11b 100644 --- a/nixpkgs/pkgs/tools/security/chkrootkit/default.nix +++ b/nixpkgs/pkgs/tools/security/chkrootkit/default.nix @@ -1,11 +1,11 @@ -{ stdenv, fetchurl }: +{ lib, stdenv, fetchurl }: stdenv.mkDerivation rec { - name = "chkrootkit-0.53"; + name = "chkrootkit-0.54"; src = fetchurl { url = "ftp://ftp.pangeia.com.br/pub/seg/pac/${name}.tar.gz"; - sha256 = "1da5ry3p7jb6xs6xlfml1ly09q2rs5q6n5axif17d29k7gixlqkj"; + sha256 = "sha256-FUySaSH1PbYHKKfLyXyohli2lMFLfSiO/jg+CEmRVgc="; }; # TODO: a lazy work-around for linux build failure ... @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { cp check_wtmpx chkdirs chklastlog chkproc chkrootkit chkutmp chkwtmp ifpromisc strings-static $out/sbin ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Locally checks for signs of a rootkit"; homepage = "http://www.chkrootkit.org/"; license = licenses.bsd2; diff --git a/nixpkgs/pkgs/tools/security/chntpw/default.nix b/nixpkgs/pkgs/tools/security/chntpw/default.nix index 0a44c463eb70..ef462f5bf2dc 100644 --- a/nixpkgs/pkgs/tools/security/chntpw/default.nix +++ b/nixpkgs/pkgs/tools/security/chntpw/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, unzip }: +{ lib, stdenv, fetchurl, unzip }: stdenv.mkDerivation rec { pname = "chntpw"; @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { }; buildInputs = [ unzip ] - ++ stdenv.lib.optionals stdenv.isLinux [ stdenv.glibc.out stdenv.glibc.static ]; + ++ lib.optionals stdenv.isLinux [ stdenv.glibc.out stdenv.glibc.static ]; patches = [ ./00-chntpw-build-arch-autodetect.patch @@ -22,11 +22,11 @@ stdenv.mkDerivation rec { make install PREFIX=$out ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "http://pogostick.net/~pnh/ntpasswd/"; description = "An utility to reset the password of any user that has a valid local account on a Windows system"; - maintainers = with stdenv.lib.maintainers; [ deepfire ]; + maintainers = with lib.maintainers; [ deepfire ]; license = licenses.gpl2; - platforms = with stdenv.lib.platforms; linux; + platforms = with lib.platforms; linux; }; } diff --git a/nixpkgs/pkgs/tools/security/chrome-token-signing/default.nix b/nixpkgs/pkgs/tools/security/chrome-token-signing/default.nix index 0065758e1c3f..4966c6412ab6 100644 --- a/nixpkgs/pkgs/tools/security/chrome-token-signing/default.nix +++ b/nixpkgs/pkgs/tools/security/chrome-token-signing/default.nix @@ -1,4 +1,4 @@ -{ stdenv, mkDerivation, fetchFromGitHub, qmake, pcsclite, pkgconfig, opensc }: +{ lib, stdenv, mkDerivation, fetchFromGitHub, qmake, pcsclite, pkg-config, opensc }: mkDerivation rec { pname = "chrome-token-signing"; @@ -11,7 +11,7 @@ mkDerivation rec { sha256 = "1vbghy12fjmq4m5l7hisq1ylnzy0rdnnd920xwamjamlx38jj3ln"; }; - buildInputs = [ qmake pcsclite pkgconfig ]; + buildInputs = [ qmake pcsclite pkg-config ]; dontUseQmakeConfigure = true; patchPhase = '' @@ -28,7 +28,7 @@ mkDerivation rec { install -D -t $out/lib/mozilla/native-messaging-hosts host-linux/ff/ee.ria.esteid.json ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Chrome and Firefox extension for signing with your eID on the web"; homepage = "https://github.com/open-eid/chrome-token-signing/wiki"; license = licenses.lgpl21; diff --git a/nixpkgs/pkgs/tools/security/clamav/default.nix b/nixpkgs/pkgs/tools/security/clamav/default.nix index e3c57cbc9e90..eb9fc8e7b957 100644 --- a/nixpkgs/pkgs/tools/security/clamav/default.nix +++ b/nixpkgs/pkgs/tools/security/clamav/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkg-config +{ lib, stdenv, fetchurl, pkg-config , zlib, bzip2, libiconv, libxml2, openssl, ncurses, curl, libmilter, pcre2 , libmspack, systemd, Foundation, json_c, check }: @@ -21,8 +21,8 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkg-config ]; buildInputs = [ zlib bzip2 libxml2 openssl ncurses curl libiconv libmilter pcre2 libmspack json_c check - ] ++ stdenv.lib.optional stdenv.isLinux systemd - ++ stdenv.lib.optional stdenv.isDarwin Foundation; + ] ++ lib.optional stdenv.isLinux systemd + ++ lib.optional stdenv.isDarwin Foundation; configureFlags = [ "--libdir=$(out)/lib" @@ -37,7 +37,7 @@ stdenv.mkDerivation rec { "--enable-milter" "--disable-unrar" # disable unrar because it's non-free and requires some extra patching to work properly "--enable-check" - ] ++ stdenv.lib.optional stdenv.isLinux + ] ++ lib.optional stdenv.isLinux "--with-systemdsystemunitdir=$(out)/lib/systemd"; postInstall = '' @@ -49,7 +49,7 @@ stdenv.mkDerivation rec { hardeningDisable = [ "format" ]; doCheck = true; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://www.clamav.net"; description = "Antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/clevis/default.nix b/nixpkgs/pkgs/tools/security/clevis/default.nix index 0b8f50c11901..36b5ab47304c 100644 --- a/nixpkgs/pkgs/tools/security/clevis/default.nix +++ b/nixpkgs/pkgs/tools/security/clevis/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, meson, ninja, pkgconfig, asciidoc +{ lib, stdenv, fetchFromGitHub, meson, ninja, pkg-config, asciidoc , jansson, jose, cryptsetup, curl, libpwquality, luksmeta }: @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { sha256 = "0wfgd2v1r47ckh5qp60b903191fx0fa27zyadxlsb8riqszhmwvz"; }; - nativeBuildInputs = [ meson ninja pkgconfig asciidoc ]; + nativeBuildInputs = [ meson ninja pkg-config asciidoc ]; buildInputs = [ jansson jose cryptsetup curl libpwquality luksmeta ]; outputs = [ "out" "man" ]; diff --git a/nixpkgs/pkgs/tools/security/cloudbrute/default.nix b/nixpkgs/pkgs/tools/security/cloudbrute/default.nix new file mode 100644 index 000000000000..06f0dd413a5f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cloudbrute/default.nix @@ -0,0 +1,30 @@ +{ buildGoModule +, fetchFromGitHub +, lib, stdenv +}: + +buildGoModule rec { + pname = "cloudbrute"; + version = "1.0.7"; + + src = fetchFromGitHub { + owner = "0xsha"; + repo = "CloudBrute"; + rev = "v${version}"; + sha256 = "05b9klddk8wvi78j47jyg9pix6qpxyr01l1m7k1j7598siazfv9g"; + }; + + vendorSha256 = "0f3n0wrmg9d2qyn8hlnhf9lsfqd9443myzr04p48v68m8n83j6a9"; + + meta = with lib; { + description = "Cloud enumeration tool"; + longDescription = '' + A tool to find a company (target) infrastructure, files, and apps on + the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, + Alibaba, Vultr, Linode). + ''; + homepage = "https://github.com/0xsha/CloudBrute"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/corsmisc/default.nix b/nixpkgs/pkgs/tools/security/corsmisc/default.nix new file mode 100644 index 000000000000..4c64677f3240 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/corsmisc/default.nix @@ -0,0 +1,25 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "corsmisc"; + version = "1.3.0"; + + src = fetchFromGitHub { + owner = "drsigned"; + repo = pname; + rev = "v${version}"; + sha256 = "18a70v093jl85vnih80i50wvac8hsg3f2gmcws9jyhj2brndq2qj"; + }; + + vendorSha256 = "1bp6bf99rxlyg91pn1y228q18lawpykmvkl22cydmclms0q0n238"; + + meta = with lib; { + description = "Tool to discover CORS misconfigurations vulnerabilities"; + homepage = "https://github.com/drsigned/corsmisc"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cowpatty/default.nix b/nixpkgs/pkgs/tools/security/cowpatty/default.nix index 7d58de8553b3..4cd420650f3b 100644 --- a/nixpkgs/pkgs/tools/security/cowpatty/default.nix +++ b/nixpkgs/pkgs/tools/security/cowpatty/default.nix @@ -1,7 +1,7 @@ -{ stdenv, fetchurl, openssl, libpcap +{ lib, stdenv, fetchurl, openssl, libpcap }: -with stdenv.lib; +with lib; stdenv.mkDerivation rec { pname = "cowpatty"; diff --git a/nixpkgs/pkgs/tools/security/crackxls/default.nix b/nixpkgs/pkgs/tools/security/crackxls/default.nix index aff6bbd028ad..748bfdcb2cad 100644 --- a/nixpkgs/pkgs/tools/security/crackxls/default.nix +++ b/nixpkgs/pkgs/tools/security/crackxls/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, pkgconfig, autoconf, automake, openssl, libgsf, gmp }: +{ lib, stdenv, fetchFromGitHub, pkg-config, autoconf, automake, openssl, libgsf, gmp }: stdenv.mkDerivation rec { @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { sha256 = "0q5jl7hcds3f0rhly3iy4fhhbyh9cdrfaw7zdrazzf1wswwhyssz"; }; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ autoconf automake openssl libgsf gmp ]; installPhase = @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { cp crackxls2003 $out/bin/ ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/GavinSmith0123/crackxls2003/"; description = "Used to break the encryption on old Microsoft Excel and Microsoft Word files"; platforms = platforms.linux; diff --git a/nixpkgs/pkgs/tools/security/creddump/default.nix b/nixpkgs/pkgs/tools/security/creddump/default.nix index ffa2fd2311c1..7a936408433a 100644 --- a/nixpkgs/pkgs/tools/security/creddump/default.nix +++ b/nixpkgs/pkgs/tools/security/creddump/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitLab, python2, python2Packages }: +{ lib, stdenv, fetchFromGitLab, python2, python2Packages }: python2Packages.buildPythonApplication rec { pname = "creddump"; @@ -24,7 +24,7 @@ python2Packages.buildPythonApplication rec { cp lsadump.py ${placeholder "out"}/bin/lsadump ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Python tool to extract various credentials and secrets from Windows registry hives"; homepage = "https://gitlab.com/kalilinux/packages/creddump"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/crlfuzz/default.nix b/nixpkgs/pkgs/tools/security/crlfuzz/default.nix new file mode 100644 index 000000000000..feddd893cece --- /dev/null +++ b/nixpkgs/pkgs/tools/security/crlfuzz/default.nix @@ -0,0 +1,27 @@ +{ buildGoModule +, fetchFromGitHub +, lib, stdenv +}: + +buildGoModule rec { + pname = "crlfuzz"; + version = "1.4.0"; + + src = fetchFromGitHub { + owner = "dwisiswant0"; + repo = pname; + rev = "v${version}"; + sha256 = "03g7z7cczn52hvg6srp1i5xhdbpia226adrh2d54cs640063bx3m"; + }; + + vendorSha256 = "19cj07f7d3ksp7lh5amdjz1s8p7xmqbwal4vp61al82n8944ify8"; + + doCheck = true; + + meta = with lib; { + description = "Tool to scan for CRLF vulnerability"; + homepage = "https://github.com/dwisiswant0/crlfuzz"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/crowbar/default.nix b/nixpkgs/pkgs/tools/security/crowbar/default.nix index cd4e7db87186..2f197421e1f7 100644 --- a/nixpkgs/pkgs/tools/security/crowbar/default.nix +++ b/nixpkgs/pkgs/tools/security/crowbar/default.nix @@ -3,7 +3,7 @@ , nmap , openvpn , python3Packages -, stdenv +, lib, stdenv , tigervnc }: @@ -33,7 +33,7 @@ python3Packages.buildPythonApplication rec { $out/bin/crowbar --help > /dev/null ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/galkan/crowbar"; description = "A brute forcing tool that can be used during penetration tests"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/crunch/default.nix b/nixpkgs/pkgs/tools/security/crunch/default.nix index b53ead1c8527..2422a2278bb5 100644 --- a/nixpkgs/pkgs/tools/security/crunch/default.nix +++ b/nixpkgs/pkgs/tools/security/crunch/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, which }: +{ lib, stdenv, fetchurl, which }: stdenv.mkDerivation rec { pname = "crunch"; @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { makeFlags = [ "PREFIX=$(out)" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Wordlist generator"; homepage = "https://sourceforge.net/projects/crunch-wordlist/"; platforms = platforms.unix; diff --git a/nixpkgs/pkgs/tools/security/ctmg/default.nix b/nixpkgs/pkgs/tools/security/ctmg/default.nix index a30523c3bbc1..b08af06825e3 100644 --- a/nixpkgs/pkgs/tools/security/ctmg/default.nix +++ b/nixpkgs/pkgs/tools/security/ctmg/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchzip }: +{ lib, stdenv, fetchzip }: stdenv.mkDerivation rec { pname = "ctmg"; @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { installPhase = "install -D ctmg.sh $out/bin/ctmg"; - meta = with stdenv.lib; { + meta = with lib; { description = "An encrypted container manager for Linux using cryptsetup"; homepage = "https://git.zx2c4.com/ctmg/about/"; license = licenses.isc; diff --git a/nixpkgs/pkgs/tools/security/deepsea/default.nix b/nixpkgs/pkgs/tools/security/deepsea/default.nix new file mode 100644 index 000000000000..855549bb0c81 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/deepsea/default.nix @@ -0,0 +1,30 @@ +{ buildGoModule +, fetchFromGitHub +, lib, stdenv +}: + +buildGoModule rec { + pname = "deepsea"; + version = "0.9"; + + src = fetchFromGitHub { + owner = "dsnezhkov"; + repo = pname; + rev = "v${version}"; + sha256 = "02s03sha8vwp7dsaw3z446pskhb6wmy0hyj0mhpbx58sf147rkig"; + }; + + vendorSha256 = "0vpkzykfg1rq4qi1v5lsa0drpil9i6ccfw96k48ppi9hiwzpq94w"; + + meta = with lib; { + description = "Phishing tool for red teams and pentesters"; + longDescription = '' + DeepSea phishing gear aims to help RTOs and pentesters with the + delivery of opsec-tight, flexible email phishing campaigns carried + out on the outside as well as on the inside of a perimeter. + ''; + homepage = "https://github.com/dsnezhkov/deepsea"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dirmngr/default.nix b/nixpkgs/pkgs/tools/security/dirmngr/default.nix index ee97bda19064..cab059ca33ea 100644 --- a/nixpkgs/pkgs/tools/security/dirmngr/default.nix +++ b/nixpkgs/pkgs/tools/security/dirmngr/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, libgpgerror, libgcrypt, libassuan, libksba, pth, openldap +{ lib, stdenv, fetchurl, libgpgerror, libgcrypt, libassuan, libksba, pth, openldap , libiconv}: stdenv.mkDerivation rec { @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { pth openldap libiconv ]; meta = { - platforms = stdenv.lib.platforms.unix; - license = stdenv.lib.licenses.gpl2Plus; + platforms = lib.platforms.unix; + license = lib.licenses.gpl2Plus; }; } diff --git a/nixpkgs/pkgs/tools/security/dnsenum/default.nix b/nixpkgs/pkgs/tools/security/dnsenum/default.nix index 3374c827d756..a24fc96621f1 100644 --- a/nixpkgs/pkgs/tools/security/dnsenum/default.nix +++ b/nixpkgs/pkgs/tools/security/dnsenum/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, makeWrapper, perl, perlPackages }: +{ lib, stdenv, fetchFromGitHub, makeWrapper, perl, perlPackages }: stdenv.mkDerivation rec { pname = "dnsenum"; @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { install -vD dns.txt -t $out/share ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/fwaeytens/dnsenum"; description = "A tool to enumerate DNS information"; maintainers = with maintainers; [ c0bw3b ]; diff --git a/nixpkgs/pkgs/tools/security/dnsrecon/default.nix b/nixpkgs/pkgs/tools/security/dnsrecon/default.nix index 2575636aeca2..65b18c5c8226 100644 --- a/nixpkgs/pkgs/tools/security/dnsrecon/default.nix +++ b/nixpkgs/pkgs/tools/security/dnsrecon/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, python3 }: +{ lib, stdenv, fetchFromGitHub, python3 }: python3.pkgs.buildPythonApplication rec { pname = "dnsrecon"; @@ -34,7 +34,7 @@ python3.pkgs.buildPythonApplication rec { runHook postInstall ''; - meta = with stdenv.lib; { + meta = with lib; { description = "DNS Enumeration Script"; homepage = "https://github.com/darkoperator/dnsrecon"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/dnsx/default.nix b/nixpkgs/pkgs/tools/security/dnsx/default.nix index 21bf7d4664cc..1a82467201df 100644 --- a/nixpkgs/pkgs/tools/security/dnsx/default.nix +++ b/nixpkgs/pkgs/tools/security/dnsx/default.nix @@ -1,6 +1,6 @@ { buildGoModule , fetchFromGitHub -, stdenv +, lib, stdenv }: buildGoModule rec { @@ -16,7 +16,7 @@ buildGoModule rec { vendorSha256 = "0j2cqvskzxbyfrvsv4gm4qwfjm0digizcg157z5iignnknddajax"; - meta = with stdenv.lib; { + meta = with lib; { description = "Fast and multi-purpose DNS toolkit"; longDescription = '' dnsx is a fast and multi-purpose DNS toolkit allow to run multiple diff --git a/nixpkgs/pkgs/tools/security/doona/default.nix b/nixpkgs/pkgs/tools/security/doona/default.nix index 5e1233f308c3..e0f459ad7453 100644 --- a/nixpkgs/pkgs/tools/security/doona/default.nix +++ b/nixpkgs/pkgs/tools/security/doona/default.nix @@ -1,5 +1,5 @@ { fetchFromGitHub -, stdenv +, lib, stdenv , perl }: @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { chmod +x $out/bin/doona ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/wireghoul/doona"; description = "A fork of the Bruteforce Exploit Detector Tool (BED)"; longDescription = '' diff --git a/nixpkgs/pkgs/tools/security/doppler/default.nix b/nixpkgs/pkgs/tools/security/doppler/default.nix index 0822828eb90b..08a83f8c9b2d 100644 --- a/nixpkgs/pkgs/tools/security/doppler/default.nix +++ b/nixpkgs/pkgs/tools/security/doppler/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "doppler"; - version = "3.19.0"; + version = "3.21.0"; src = fetchFromGitHub { owner = "dopplerhq"; repo = "cli"; rev = version; - sha256 = "049x8y7zjvpd1gvkrld69dffnf4pawjwm7by71r6z408hwvfqjpa"; + sha256 = "sha256-ll4PabDy5xnyi+cZdjvSySizRCxthRY7uHLzdYP6U5M="; }; - vendorSha256 = "1s8zwjfk9kcddn8cywr7llh9v5m140kvmi5lmy2glvwh3rwccgxf"; + vendorSha256 = "sha256-rQrlnIYYnRc+cqyiyJoh1YqxD61doyjte7ehrX4RDTI="; buildFlagsArray = "-ldflags=-X github.com/DopplerHQ/cli/pkg/version.ProgramVersion=v${version}"; diff --git a/nixpkgs/pkgs/tools/security/duo-unix/default.nix b/nixpkgs/pkgs/tools/security/duo-unix/default.nix index 2c3a7a441afd..40645ce089d8 100644 --- a/nixpkgs/pkgs/tools/security/duo-unix/default.nix +++ b/nixpkgs/pkgs/tools/security/duo-unix/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pam, openssl, zlib }: +{ lib, stdenv, fetchurl, pam, openssl, zlib }: stdenv.mkDerivation rec { pname = "duo-unix"; @@ -21,8 +21,8 @@ stdenv.mkDerivation rec { meta = { description = "Duo Security Unix login integration"; homepage = "https://duosecurity.com"; - license = stdenv.lib.licenses.gpl2; - platforms = stdenv.lib.platforms.unix; - maintainers = [ stdenv.lib.maintainers.thoughtpolice ]; + license = lib.licenses.gpl2; + platforms = lib.platforms.unix; + maintainers = [ lib.maintainers.thoughtpolice ]; }; } diff --git a/nixpkgs/pkgs/tools/security/ecdsatool/default.nix b/nixpkgs/pkgs/tools/security/ecdsatool/default.nix index b1a86fe7e64a..0498b758c1d3 100644 --- a/nixpkgs/pkgs/tools/security/ecdsatool/default.nix +++ b/nixpkgs/pkgs/tools/security/ecdsatool/default.nix @@ -1,4 +1,4 @@ -{ stdenv, pkgs }: +{ lib, stdenv, pkgs }: stdenv.mkDerivation { version = "0.0.1"; @@ -19,7 +19,7 @@ stdenv.mkDerivation { nativeBuildInputs = with pkgs; [openssl autoconf automake]; buildInputs = with pkgs; [libuecc]; - meta = with stdenv.lib; { + meta = with lib; { description = "Create and manipulate ECC NISTP256 keypairs"; homepage = "https://github.com/kaniini/ecdsatool/"; license = with licenses; [free]; diff --git a/nixpkgs/pkgs/tools/security/ecdsautils/default.nix b/nixpkgs/pkgs/tools/security/ecdsautils/default.nix index f5ead317f4ec..6c126673259a 100644 --- a/nixpkgs/pkgs/tools/security/ecdsautils/default.nix +++ b/nixpkgs/pkgs/tools/security/ecdsautils/default.nix @@ -1,4 +1,4 @@ -{ stdenv, pkgs }: +{ lib, stdenv, pkgs }: stdenv.mkDerivation { version = "0.4.0"; @@ -11,10 +11,10 @@ stdenv.mkDerivation { sha256 = "18sr8x3qiw8s9l5pfi7r9i3ayplz4jqdml75ga9y933vj7vs0k4d"; }; - nativeBuildInputs = with pkgs; [ cmake pkgconfig doxygen ]; + nativeBuildInputs = with pkgs; [ cmake pkg-config doxygen ]; buildInputs = with pkgs; [ libuecc ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Tiny collection of programs used for ECDSA (keygen, sign, verify)"; homepage = "https://github.com/tcatm/ecdsautils/"; license = with licenses; [ mit bsd2 ]; diff --git a/nixpkgs/pkgs/tools/security/ecryptfs/default.nix b/nixpkgs/pkgs/tools/security/ecryptfs/default.nix index 1a8329885ba2..569b83feb9ae 100644 --- a/nixpkgs/pkgs/tools/security/ecryptfs/default.nix +++ b/nixpkgs/pkgs/tools/security/ecryptfs/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, perl, util-linux, keyutils, nss, nspr, python2, pam, enablePython ? false +{ lib, stdenv, fetchurl, pkg-config, perl, util-linux, keyutils, nss, nspr, python2, pam, enablePython ? false , intltool, makeWrapper, coreutils, bash, gettext, cryptsetup, lvm2, rsync, which, lsof }: stdenv.mkDerivation rec { @@ -33,14 +33,14 @@ stdenv.mkDerivation rec { done ''; - configureFlags = stdenv.lib.optionals (!enablePython) [ "--disable-pywrap" ]; + configureFlags = lib.optionals (!enablePython) [ "--disable-pywrap" ]; - nativeBuildInputs = [ pkgconfig ] + nativeBuildInputs = [ pkg-config ] # if python2 support is requested, it is needed at builtime as well as runtime. - ++ stdenv.lib.optionals (enablePython) [ python2 ] + ++ lib.optionals (enablePython) [ python2 ] ; buildInputs = [ perl nss nspr pam intltool makeWrapper ] - ++ stdenv.lib.optionals (enablePython) [ python2 ] + ++ lib.optionals (enablePython) [ python2 ] ; propagatedBuildInputs = [ coreutils gettext cryptsetup lvm2 rsync keyutils which ]; @@ -58,7 +58,7 @@ stdenv.mkDerivation rec { done ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Enterprise-class stacked cryptographic filesystem"; license = licenses.gpl2Plus; maintainers = with maintainers; [ obadz ]; diff --git a/nixpkgs/pkgs/tools/security/ecryptfs/helper.nix b/nixpkgs/pkgs/tools/security/ecryptfs/helper.nix index fcb8d091d933..ecd12a2738d8 100644 --- a/nixpkgs/pkgs/tools/security/ecryptfs/helper.nix +++ b/nixpkgs/pkgs/tools/security/ecryptfs/helper.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , fetchurl , makeWrapper , python2 @@ -24,7 +24,7 @@ stdenv.mkDerivation { makeWrapper "${python2.interpreter}" "$out/bin/ecryptfs-helper" --add-flags "$out/libexec/ecryptfs-helper.py" ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Helper script to create/mount/unemount encrypted directories using eCryptfs without needing root permissions"; license = licenses.gpl2Plus; maintainers = with maintainers; [ obadz ]; diff --git a/nixpkgs/pkgs/tools/security/efitools/default.nix b/nixpkgs/pkgs/tools/security/efitools/default.nix index 33b6c3b672da..60bb3627cc99 100644 --- a/nixpkgs/pkgs/tools/security/efitools/default.nix +++ b/nixpkgs/pkgs/tools/security/efitools/default.nix @@ -1,4 +1,4 @@ -{ stdenv, gnu-efi, openssl, sbsigntool, perl, perlPackages, +{ lib, stdenv, gnu-efi, openssl, sbsigntool, perl, perlPackages, help2man, fetchgit }: stdenv.mkDerivation rec { pname = "efitools"; @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { patchShebangs . ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Tools for manipulating UEFI secure boot platforms"; homepage = "https://git.kernel.org/cgit/linux/kernel/git/jejb/efitools.git"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/eid-mw/default.nix b/nixpkgs/pkgs/tools/security/eid-mw/default.nix index a55c1d8db661..cbe56694da14 100644 --- a/nixpkgs/pkgs/tools/security/eid-mw/default.nix +++ b/nixpkgs/pkgs/tools/security/eid-mw/default.nix @@ -1,5 +1,5 @@ -{ stdenv, fetchFromGitHub -, autoreconfHook, pkgconfig +{ lib, stdenv, fetchFromGitHub +, autoreconfHook, pkg-config , gtk3, nssTools, pcsclite , libxml2, libproxy , openssl, curl @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { owner = "Fedict"; }; - nativeBuildInputs = [ autoreconfHook pkgconfig makeWrapper ]; + nativeBuildInputs = [ autoreconfHook pkg-config makeWrapper ]; buildInputs = [ gtk3 pcsclite libxml2 libproxy curl openssl ]; preConfigure = '' mkdir openssl @@ -56,7 +56,7 @@ stdenv.mkDerivation rec { doCheck = true; - meta = with stdenv.lib; { + meta = with lib; { description = "Belgian electronic identity card (eID) middleware"; homepage = "https://eid.belgium.be/en/using_your_eid/installing_the_eid_software/linux/"; license = licenses.lgpl3; diff --git a/nixpkgs/pkgs/tools/security/enchive/default.nix b/nixpkgs/pkgs/tools/security/enchive/default.nix index 3c7d3144d3b2..960ef251b1cd 100644 --- a/nixpkgs/pkgs/tools/security/enchive/default.nix +++ b/nixpkgs/pkgs/tools/security/enchive/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub }: +{ lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "enchive"; @@ -20,8 +20,8 @@ stdenv.mkDerivation rec { meta = { description = "Encrypted personal archives"; homepage = "https://github.com/skeeto/enchive"; - license = stdenv.lib.licenses.unlicense; - platforms = stdenv.lib.platforms.unix; - maintainers = [ stdenv.lib.maintainers.nico202 ]; + license = lib.licenses.unlicense; + platforms = lib.platforms.unix; + maintainers = [ lib.maintainers.nico202 ]; }; } diff --git a/nixpkgs/pkgs/tools/security/encryptr/default.nix b/nixpkgs/pkgs/tools/security/encryptr/default.nix index 62311a41da37..e1a5de7754e7 100644 --- a/nixpkgs/pkgs/tools/security/encryptr/default.nix +++ b/nixpkgs/pkgs/tools/security/encryptr/default.nix @@ -24,7 +24,7 @@ in stdenv.mkDerivation rec { dontBuild = true; - rpath = stdenv.lib.makeLibraryPath [ + rpath = lib.makeLibraryPath [ glib nss nspr gconf fontconfig freetype pango cairo libX11 libXi libXcursor libXext libXfixes libXrender libXcomposite alsaLib libXdamage libXtst libXrandr expat libcap dbus gtk2 gdk-pixbuf @@ -47,7 +47,7 @@ in stdenv.mkDerivation rec { # its application and shows a generic page dontStrip = true; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://spideroak.com/solutions/encryptr"; description = "Free, private and secure password management tool and e-wallet"; license = licenses.unfree; diff --git a/nixpkgs/pkgs/tools/security/enpass/default.nix b/nixpkgs/pkgs/tools/security/enpass/default.nix index be2e5b06246d..3b25dd58b347 100644 --- a/nixpkgs/pkgs/tools/security/enpass/default.nix +++ b/nixpkgs/pkgs/tools/security/enpass/default.nix @@ -51,7 +51,7 @@ let url = "${baseUrl}/${data.path}"; }; - meta = with stdenv.lib; { + meta = with lib; { description = "A well known password manager"; homepage = "https://www.enpass.io/"; license = licenses.unfree; diff --git a/nixpkgs/pkgs/tools/security/enum4linux-ng/default.nix b/nixpkgs/pkgs/tools/security/enum4linux-ng/default.nix new file mode 100644 index 000000000000..33694ad79ae3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/enum4linux-ng/default.nix @@ -0,0 +1,41 @@ +{ lib +, buildPythonApplication +, fetchFromGitHub +, impacket +, ldap3 +, pyyaml +, samba +}: + +buildPythonApplication rec { + pname = "enum4linux-ng"; + version = "1.0.0"; + + src = fetchFromGitHub { + owner = "cddmp"; + repo = pname; + rev = "v${version}"; + sha256 = "0dhg8cwbdn0vlnchhscx31ay4mgj5p6rf73wzgs8nvqg0shsawmy"; + }; + + propagatedBuildInputs = [ + impacket + ldap3 + pyyaml + samba + ]; + + # It's only a script and not a Python module. Project has no tests + doCheck = false; + + meta = with lib; { + description = "Windows/Samba enumeration tool"; + longDescription = '' + enum4linux-ng.py is a rewrite of Mark Lowe's enum4linux.pl, a tool for + enumerating information from Windows and Samba systems. + ''; + homepage = "https://github.com/cddmp/enum4linux-ng"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/enum4linux/default.nix b/nixpkgs/pkgs/tools/security/enum4linux/default.nix index 9a7d1861d9bd..9a9f2039ac20 100644 --- a/nixpkgs/pkgs/tools/security/enum4linux/default.nix +++ b/nixpkgs/pkgs/tools/security/enum4linux/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, makeWrapper, samba, perl, openldap }: +{ lib, stdenv, fetchurl, makeWrapper, samba, perl, openldap }: stdenv.mkDerivation rec { pname = "enum4linux"; @@ -17,10 +17,10 @@ stdenv.mkDerivation rec { cp enum4linux.pl $out/bin/enum4linux wrapProgram $out/bin/enum4linux \ - --prefix PATH : ${stdenv.lib.makeBinPath [ samba openldap ]} + --prefix PATH : ${lib.makeBinPath [ samba openldap ]} ''; - meta = with stdenv.lib; { + meta = with lib; { description = "A tool for enumerating information from Windows and Samba systems"; homepage = "https://labs.portcullis.co.uk/tools/enum4linux/"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/eschalot/default.nix b/nixpkgs/pkgs/tools/security/eschalot/default.nix index 28df3a284427..0c984c5d35e5 100644 --- a/nixpkgs/pkgs/tools/security/eschalot/default.nix +++ b/nixpkgs/pkgs/tools/security/eschalot/default.nix @@ -1,14 +1,14 @@ -{ stdenv, fetchFromGitHub, openssl }: +{ lib, stdenv, fetchFromGitHub, openssl }: stdenv.mkDerivation rec { pname = "eschalot"; - version = "2018-01-19"; + version = "1.2.0.20191006"; src = fetchFromGitHub { owner = "ReclaimYourPrivacy"; repo = pname; - rev = "56a967b62631cfd3c7ef68541263dbd54cbbc2c4"; - sha256 = "1iw1jrydasm9dmgpcdimd8dy9n281ys9krvf3fd3dlymkgsj604d"; + rev = "a45bad5b9a3e4939340ddd8a751ceffa3c0db76a"; + sha256 = "1wbi0azc2b57nmmx6c1wmvng70d9ph1s83yhnl5lxaaqaj85h22g"; }; buildInputs = [ openssl ]; @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { install -D -t $out/bin eschalot worgen ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Tor hidden service name generator"; homepage = src.meta.homepage; license = licenses.isc; diff --git a/nixpkgs/pkgs/tools/security/fail2ban/default.nix b/nixpkgs/pkgs/tools/security/fail2ban/default.nix index c27f82d70536..922fb412cad7 100644 --- a/nixpkgs/pkgs/tools/security/fail2ban/default.nix +++ b/nixpkgs/pkgs/tools/security/fail2ban/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, python3 }: +{ lib, stdenv, fetchFromGitHub, python3 }: let version = "0.11.1"; in @@ -14,7 +14,7 @@ python3.pkgs.buildPythonApplication { }; pythonPath = with python3.pkgs; - stdenv.lib.optionals stdenv.isLinux [ + lib.optionals stdenv.isLinux [ systemd ]; @@ -49,7 +49,7 @@ python3.pkgs.buildPythonApplication { rm -rf ${sitePackages}/etc ${sitePackages}/usr ${sitePackages}/var; ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://www.fail2ban.org/"; description = "A program that scans log files for repeated failing login attempts and bans IP addresses"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/fcrackzip/default.nix b/nixpkgs/pkgs/tools/security/fcrackzip/default.nix index 15510f7b7096..31d0b44fb710 100644 --- a/nixpkgs/pkgs/tools/security/fcrackzip/default.nix +++ b/nixpkgs/pkgs/tools/security/fcrackzip/default.nix @@ -1,4 +1,4 @@ -{stdenv, fetchurl}: +{lib, stdenv, fetchurl}: stdenv.mkDerivation rec { pname = "fcrackzip"; @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { # Do not clash with unizp/zipinfo postInstall = "mv $out/bin/zipinfo $out/bin/fcrackzip-zipinfo"; - meta = with stdenv.lib; { + meta = with lib; { description = "zip password cracker, similar to fzc, zipcrack and others"; homepage = "http://oldhome.schmorp.de/marc/fcrackzip.html"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/ffuf/default.nix b/nixpkgs/pkgs/tools/security/ffuf/default.nix index 77a286df4c69..084601a41222 100644 --- a/nixpkgs/pkgs/tools/security/ffuf/default.nix +++ b/nixpkgs/pkgs/tools/security/ffuf/default.nix @@ -1,6 +1,6 @@ { buildGoModule , fetchFromGitHub -, stdenv +, lib, stdenv }: buildGoModule rec { @@ -20,7 +20,7 @@ buildGoModule rec { # https://github.com/ffuf/ffuf/issues/367 doCheck = false; - meta = with stdenv.lib; { + meta = with lib; { description = "Fast web fuzzer written in Go"; longDescription = '' FFUF, or “Fuzz Faster you Fool” is an open source web fuzzing tool, diff --git a/nixpkgs/pkgs/tools/security/fido2luks/default.nix b/nixpkgs/pkgs/tools/security/fido2luks/default.nix index d2a5d91467a8..e0dcdadb7b07 100644 --- a/nixpkgs/pkgs/tools/security/fido2luks/default.nix +++ b/nixpkgs/pkgs/tools/security/fido2luks/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , rustPlatform , fetchFromGitHub , cryptsetup @@ -27,7 +27,7 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "19drjql13z8bw257z10kjppxm25jlfgrpc9g1jf68ka5j2b3nx7k"; - meta = with stdenv.lib; { + meta = with lib; { description = "Decrypt your LUKS partition using a FIDO2 compatible authenticator"; homepage = "https://github.com/shimunn/fido2luks"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/fierce/default.nix b/nixpkgs/pkgs/tools/security/fierce/default.nix index 13146c3373e7..3d6472cbb44f 100644 --- a/nixpkgs/pkgs/tools/security/fierce/default.nix +++ b/nixpkgs/pkgs/tools/security/fierce/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, python3 }: +{ lib, stdenv, fetchFromGitHub, python3 }: python3.pkgs.buildPythonApplication rec { pname = "fierce"; @@ -21,7 +21,7 @@ python3.pkgs.buildPythonApplication rec { doCheck = false; pythonImportsCheck = [ "fierce" ]; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/mschwager/fierce"; description = "DNS reconnaissance tool for locating non-contiguous IP space"; license = licenses.gpl3Plus; diff --git a/nixpkgs/pkgs/tools/security/fpm2/default.nix b/nixpkgs/pkgs/tools/security/fpm2/default.nix index 2f297ffd6b79..0ca45957d695 100644 --- a/nixpkgs/pkgs/tools/security/fpm2/default.nix +++ b/nixpkgs/pkgs/tools/security/fpm2/default.nix @@ -1,8 +1,8 @@ -{ stdenv, fetchurl, pkgconfig, gnupg, gtk2 +{ lib, stdenv, fetchurl, pkg-config, gnupg, gtk2 , libxml2, intltool }: -with stdenv.lib; +with lib; stdenv.mkDerivation rec { pname = "fpm2"; @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { sha256 = "d55e9ce6be38a44fc1053d82db2d117cf3991a51898bd86d7913bae769f04da7"; }; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ gnupg gtk2 libxml2 intltool ]; meta = { diff --git a/nixpkgs/pkgs/tools/security/fprintd/default.nix b/nixpkgs/pkgs/tools/security/fprintd/default.nix index b14aff386aba..72c0bc204f8a 100644 --- a/nixpkgs/pkgs/tools/security/fprintd/default.nix +++ b/nixpkgs/pkgs/tools/security/fprintd/default.nix @@ -1,7 +1,7 @@ -{ stdenv +{ lib, stdenv , fetchFromGitLab , fetchpatch -, pkgconfig +, pkg-config , meson , ninja , perl @@ -55,7 +55,7 @@ stdenv.mkDerivation rec { ]; nativeBuildInputs = [ - pkgconfig + pkg-config meson ninja perl @@ -98,7 +98,7 @@ stdenv.mkDerivation rec { PKG_CONFIG_DBUS_1_DATADIR = "${placeholder "out"}/share"; # FIXME: Ugly hack for tests to find libpam_wrapper.so - LIBRARY_PATH = stdenv.lib.makeLibraryPath [ python3.pkgs.pypamtest ]; + LIBRARY_PATH = lib.makeLibraryPath [ python3.pkgs.pypamtest ]; doCheck = true; @@ -106,7 +106,7 @@ stdenv.mkDerivation rec { patchShebangs po/check-translations.sh ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://fprint.freedesktop.org/"; description = "D-Bus daemon that offers libfprint functionality over the D-Bus interprocess communication bus"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/fprot/default.nix b/nixpkgs/pkgs/tools/security/fprot/default.nix index 12b47694db3c..22779327a9bf 100644 --- a/nixpkgs/pkgs/tools/security/fprot/default.nix +++ b/nixpkgs/pkgs/tools/security/fprot/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl }: +{ lib, stdenv, fetchurl }: stdenv.mkDerivation { @@ -32,7 +32,7 @@ stdenv.mkDerivation { cp doc/man/fpupdate.8 $out/share/man/man8 ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "http://www.f-prot.com"; description = "A popular proprietary antivirus program"; license = licenses.unfree; diff --git a/nixpkgs/pkgs/tools/security/fwknop/default.nix b/nixpkgs/pkgs/tools/security/fwknop/default.nix index 0f1c37aa7975..b56ba93dc7bc 100644 --- a/nixpkgs/pkgs/tools/security/fwknop/default.nix +++ b/nixpkgs/pkgs/tools/security/fwknop/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoreconfHook +{ lib, stdenv, fetchFromGitHub, autoreconfHook , libpcap, texinfo , iptables , gnupgSupport ? true, gnupg, gpgme # Increases dependencies! @@ -19,17 +19,17 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook ]; buildInputs = [ libpcap texinfo ] - ++ stdenv.lib.optionals gnupgSupport [ gnupg gpgme.dev ] - ++ stdenv.lib.optionals wgetSupport [ wget ]; + ++ lib.optionals gnupgSupport [ gnupg gpgme.dev ] + ++ lib.optionals wgetSupport [ wget ]; configureFlags = [ "--sysconfdir=/etc" "--localstatedir=/run" "--with-iptables=${iptables}/sbin/iptables" - (stdenv.lib.enableFeature buildServer "server") - (stdenv.lib.enableFeature buildClient "client") - (stdenv.lib.withFeatureAs wgetSupport "wget" "${wget}/bin/wget") - ] ++ stdenv.lib.optionalString gnupgSupport [ + (lib.enableFeature buildServer "server") + (lib.enableFeature buildClient "client") + (lib.withFeatureAs wgetSupport "wget" "${wget}/bin/wget") + ] ++ lib.optionalString gnupgSupport [ "--with-gpgme" "--with-gpgme-prefix=${gpgme.dev}" "--with-gpg=${gnupg}" @@ -47,7 +47,7 @@ stdenv.mkDerivation rec { "wknopddir = $out/etc/fwknop" ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Single Packet Authorization (and Port Knocking) server/client"; longDescription = '' diff --git a/nixpkgs/pkgs/tools/security/gau/default.nix b/nixpkgs/pkgs/tools/security/gau/default.nix index cfbae951526c..98045a107e50 100644 --- a/nixpkgs/pkgs/tools/security/gau/default.nix +++ b/nixpkgs/pkgs/tools/security/gau/default.nix @@ -1,6 +1,6 @@ { buildGoModule , fetchFromGitHub -, stdenv +, lib, stdenv }: buildGoModule rec { @@ -16,7 +16,7 @@ buildGoModule rec { vendorSha256 = "17ag2wvaxv2dyx3yx3fvlf36ww4a44660pn4gvpbrwacsan9as5s"; - meta = with stdenv.lib; { + meta = with lib; { description = "Tool to fetch known URLs"; longDescription = '' getallurls (gau) fetches known URLs from various sources for any diff --git a/nixpkgs/pkgs/tools/security/gen-oath-safe/default.nix b/nixpkgs/pkgs/tools/security/gen-oath-safe/default.nix index 68536a519aa3..51ff5b0e81e9 100644 --- a/nixpkgs/pkgs/tools/security/gen-oath-safe/default.nix +++ b/nixpkgs/pkgs/tools/security/gen-oath-safe/default.nix @@ -1,4 +1,4 @@ -{ coreutils, fetchFromGitHub, file, libcaca, makeWrapper, python, openssl, qrencode, stdenv, yubikey-manager }: +{ coreutils, fetchFromGitHub, file, libcaca, makeWrapper, python, openssl, qrencode, lib, stdenv, yubikey-manager }: stdenv.mkDerivation rec { pname = "gen-oath-safe"; @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { installPhase = let - path = stdenv.lib.makeBinPath [ + path = lib.makeBinPath [ coreutils file libcaca.bin @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { wrapProgram $out/bin/gen-oath-safe \ --prefix PATH : ${path} ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/mcepl/gen-oath-safe"; description = "Script for generating HOTP/TOTP keys (and QR code)"; platforms = platforms.unix; diff --git a/nixpkgs/pkgs/tools/security/gencfsm/default.nix b/nixpkgs/pkgs/tools/security/gencfsm/default.nix index e56c9e20fd43..53127173f790 100644 --- a/nixpkgs/pkgs/tools/security/gencfsm/default.nix +++ b/nixpkgs/pkgs/tools/security/gencfsm/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, autoconf, automake, intltool, libtool, pkgconfig, encfs +{ lib, stdenv, fetchurl, autoconf, automake, intltool, libtool, pkg-config, encfs , glib , gnome3, gtk3, libgnome-keyring, vala, wrapGAppsHook, xorg, gobject-introspection }: @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { sha256 = "1h6x8dyp1fvxvr8fwki98ppf4sa20qf7g59jc9797b2vrgm60h1i"; }; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ autoconf automake intltool libtool vala glib encfs gtk3 libgnome-keyring gnome3.libgee xorg.libSM xorg.libICE wrapGAppsHook gobject-introspection ]; @@ -24,11 +24,11 @@ stdenv.mkDerivation rec { configureFlags = [ "--disable-appindicator" ]; - preFixup = ''gappsWrapperArgs+=(--prefix PATH : ${encfs}/bin)''; + preFixup = "gappsWrapperArgs+=(--prefix PATH : ${encfs}/bin)"; enableParallelBuilding = true; - meta = with stdenv.lib; { + meta = with lib; { homepage = "http://www.libertyzero.com/GEncfsM/"; downloadPage = "https://launchpad.net/gencfsm/"; description = "EncFS manager and mounter with GNOME3 integration"; diff --git a/nixpkgs/pkgs/tools/security/genpass/default.nix b/nixpkgs/pkgs/tools/security/genpass/default.nix index 6818af194b3a..29703ee1fc87 100644 --- a/nixpkgs/pkgs/tools/security/genpass/default.nix +++ b/nixpkgs/pkgs/tools/security/genpass/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , fetchgit , rustPlatform , CoreFoundation @@ -17,9 +17,9 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "1cwxpc3xkw673wiamr4v7clrzwxl8ma1vdr6bw0hixm37gxdxz7x"; - buildInputs = stdenv.lib.optionals stdenv.isDarwin [ CoreFoundation libiconv Security ]; + buildInputs = lib.optionals stdenv.isDarwin [ CoreFoundation libiconv Security ]; - meta = with stdenv.lib; { + meta = with lib; { description = "A simple yet robust commandline random password generator"; homepage = "https://sr.ht/~cyplo/genpass/"; license = licenses.agpl3; diff --git a/nixpkgs/pkgs/tools/security/git-hound/default.nix b/nixpkgs/pkgs/tools/security/git-hound/default.nix new file mode 100644 index 000000000000..56fa2ce47636 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/git-hound/default.nix @@ -0,0 +1,30 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "git-hound"; + version = "1.3"; + + src = fetchFromGitHub { + owner = "tillson"; + repo = pname; + rev = "v${version}"; + sha256 = "1l2bif7qpc1yl93ih01g9jci7ba47rsnpq9js88rz216q93dzmsf"; + }; + + vendorSha256 = "055hpfjbqng513c9rscb8jhnlxj7p82sr8cbsvwnzk569n71qwma"; + + meta = with lib; { + description = "Reconnaissance tool for GitHub code search"; + longDescription = '' + GitHound pinpoints exposed API keys and other sensitive information + across all of GitHub using pattern matching, commit history searching, + and a unique result scoring system. + ''; + homepage = "https://github.com/tillson/git-hound"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gitjacker/default.nix b/nixpkgs/pkgs/tools/security/gitjacker/default.nix new file mode 100644 index 000000000000..0b8c087eccd0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gitjacker/default.nix @@ -0,0 +1,43 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, git +, stdenv +}: + +buildGoModule rec { + pname = "gitjacker"; + version = "0.0.2"; + + src = fetchFromGitHub { + owner = "liamg"; + repo = "gitjacker"; + rev = "v${version}"; + sha256 = "0fg95i2y8sj7dsvqj8mx0k5pps7d0h1i4a3lk85l8jjab4kxx8h9"; + }; + + vendorSha256 = null; + + propagatedBuildInputs = [ git ]; + + checkInputs = [ git ]; + + doCheck = !stdenv.isDarwin; + + preCheck = '' + export PATH=$TMPDIR/usr/bin:$PATH + ''; + + meta = with lib; { + description = "Leak git repositories from misconfigured websites"; + longDescription = '' + Gitjacker downloads git repositories and extracts their contents + from sites where the .git directory has been mistakenly uploaded. + It will still manage to recover a significant portion of a repository + even where directory listings are disabled. + ''; + homepage = "https://github.com/liamg/gitjacker"; + license = with licenses; [ unlicense ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gitleaks/default.nix b/nixpkgs/pkgs/tools/security/gitleaks/default.nix new file mode 100644 index 000000000000..982774612759 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gitleaks/default.nix @@ -0,0 +1,29 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "gitleaks"; + version = "7.2.0"; + + src = fetchFromGitHub { + owner = "zricethezav"; + repo = pname; + rev = "v${version}"; + sha256 = "1pdbkjx8h6ijypsxyv34lykymaqf8wnfyjk3ldp49apbx01bl34y"; + }; + + vendorSha256 = "0kk8ci7vprqw4v7cigspshfd13k2wyy4pdkxf11pqc2fz8j07kh9"; + + meta = with lib; { + description = "Scan git repos (or files) for secrets"; + longDescription = '' + Gitleaks is a SAST tool for detecting hardcoded secrets like passwords, + API keys, and tokens in git repos. + ''; + homepage = "https://github.com/zricethezav/gitleaks"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gnome-keysign/default.nix b/nixpkgs/pkgs/tools/security/gnome-keysign/default.nix index 4b9a6fb0e321..db0e88a805ba 100644 --- a/nixpkgs/pkgs/tools/security/gnome-keysign/default.nix +++ b/nixpkgs/pkgs/tools/security/gnome-keysign/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , fetchFromGitLab , fetchpatch , python3 @@ -73,7 +73,7 @@ python3.pkgs.buildPythonApplication rec { # bunch of linting doCheck = false; - meta = with stdenv.lib; { + meta = with lib; { description = "GTK/GNOME application to use GnuPG for signing other peoples’ keys"; homepage = "https://wiki.gnome.org/Apps/Keysign"; license = licenses.gpl3Plus; diff --git a/nixpkgs/pkgs/tools/security/gnu-pw-mgr/default.nix b/nixpkgs/pkgs/tools/security/gnu-pw-mgr/default.nix index af6893b26e86..8478c3748366 100644 --- a/nixpkgs/pkgs/tools/security/gnu-pw-mgr/default.nix +++ b/nixpkgs/pkgs/tools/security/gnu-pw-mgr/default.nix @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { homepage = "https://www.gnu.org/software/gnu-pw-mgr/"; description = "A password manager designed to make it easy to reconstruct difficult passwords"; license = with licenses; [ gpl3Plus lgpl3Plus ]; - platforms = stdenv.lib.platforms.linux; + platforms = lib.platforms.linux; maintainers = with maintainers; [ qoelet ]; }; } diff --git a/nixpkgs/pkgs/tools/security/gnupg-pkcs11-scd/default.nix b/nixpkgs/pkgs/tools/security/gnupg-pkcs11-scd/default.nix index 04af88e33352..c8accce7d40b 100644 --- a/nixpkgs/pkgs/tools/security/gnupg-pkcs11-scd/default.nix +++ b/nixpkgs/pkgs/tools/security/gnupg-pkcs11-scd/default.nix @@ -1,5 +1,5 @@ -{ stdenv, fetchurl, libgpgerror, libassuan, libgcrypt, pkcs11helper, - pkgconfig, openssl }: +{ lib, stdenv, fetchurl, libgpgerror, libassuan, libgcrypt, pkcs11helper, + pkg-config, openssl }: stdenv.mkDerivation rec { pname = "gnupg-pkcs11-scd"; @@ -10,7 +10,7 @@ stdenv.mkDerivation rec { sha256 = "1mfh9zjbahjd788rq1mzx009pd7p1sq62sbz586rd7szif7pkpgx"; }; - buildInputs = [ pkcs11helper pkgconfig openssl ]; + buildInputs = [ pkcs11helper pkg-config openssl ]; configureFlags = [ "--with-libgpg-error-prefix=${libgpgerror.dev}" @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { "--with-libgcrypt-prefix=${libgcrypt.dev}" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "A smart-card daemon to enable the use of PKCS#11 tokens with GnuPG"; longDescription = '' gnupg-pkcs11 is a project to implement a BSD-licensed smart-card diff --git a/nixpkgs/pkgs/tools/security/gnupg/1.nix b/nixpkgs/pkgs/tools/security/gnupg/1.nix index 20ecd7c92fb2..66b05384c6be 100644 --- a/nixpkgs/pkgs/tools/security/gnupg/1.nix +++ b/nixpkgs/pkgs/tools/security/gnupg/1.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, readline, bzip2 }: +{ lib, stdenv, fetchurl, readline, bzip2 }: stdenv.mkDerivation rec { name = "gnupg-1.4.23"; @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { doCheck = true; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://gnupg.org"; description = "Classic (1.4) release of the GNU Privacy Guard, a GPL OpenPGP implementation"; license = licenses.gpl3Plus; diff --git a/nixpkgs/pkgs/tools/security/gnupg/22.nix b/nixpkgs/pkgs/tools/security/gnupg/22.nix index f641a5343806..1030ce3e7910 100644 --- a/nixpkgs/pkgs/tools/security/gnupg/22.nix +++ b/nixpkgs/pkgs/tools/security/gnupg/22.nix @@ -1,4 +1,4 @@ -{ fetchurl, fetchpatch, stdenv, pkgconfig, libgcrypt, libassuan, libksba +{ fetchurl, fetchpatch, lib, stdenv, pkg-config, libgcrypt, libassuan, libksba , libgpgerror, libiconv, npth, gettext, texinfo, buildPackages # Each of the dependencies below are optional. @@ -9,22 +9,22 @@ null }: -with stdenv.lib; +with lib; assert guiSupport -> pinentry != null && enableMinimal == false; stdenv.mkDerivation rec { pname = "gnupg"; - version = "2.2.24"; + version = "2.2.27"; src = fetchurl { url = "mirror://gnupg/gnupg/${pname}-${version}.tar.bz2"; - sha256 = "0ilcp7m1dvwnri3i7q9wanf5pvhwxk7h106pd62g0d5fz80b944h"; + sha256 = "1693s2rp9sjwvdslj94n03wnb6rxysjy0dli0q1698af044h1ril"; }; depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ pkgconfig texinfo ]; + nativeBuildInputs = [ pkg-config texinfo ]; buildInputs = [ libgcrypt libassuan libksba libiconv npth gettext readline libusb1 gnutls adns openldap zlib bzip2 sqlite @@ -42,8 +42,8 @@ stdenv.mkDerivation rec { # Fix broken SOURCE_DATE_EPOCH usage - remove on the next upstream update sed -i 's/$SOURCE_DATE_EPOCH/''${SOURCE_DATE_EPOCH}/' doc/Makefile.am sed -i 's/$SOURCE_DATE_EPOCH/''${SOURCE_DATE_EPOCH}/' doc/Makefile.in - '' + stdenv.lib.optionalString ( stdenv.isLinux && pcsclite != null) '' - sed -i 's,"libpcsclite\.so[^"]*","${stdenv.lib.getLib pcsclite}/lib/libpcsclite.so",g' scd/scdaemon.c + '' + lib.optionalString ( stdenv.isLinux && pcsclite != null) '' + sed -i 's,"libpcsclite\.so[^"]*","${lib.getLib pcsclite}/lib/libpcsclite.so",g' scd/scdaemon.c ''; pinentryBinaryPath = pinentry.binaryPath or "bin/pinentry"; @@ -76,7 +76,7 @@ stdenv.mkDerivation rec { ln -s -t $out/bin $out/libexec/* ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://gnupg.org"; description = "Modern (2.1) release of the GNU Privacy Guard, a GPL OpenPGP implementation"; license = licenses.gpl3Plus; diff --git a/nixpkgs/pkgs/tools/security/gopass/default.nix b/nixpkgs/pkgs/tools/security/gopass/default.nix index ff855cce240c..d85c6ca28693 100644 --- a/nixpkgs/pkgs/tools/security/gopass/default.nix +++ b/nixpkgs/pkgs/tools/security/gopass/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , makeWrapper , buildGoModule , fetchFromGitHub @@ -12,7 +12,7 @@ buildGoModule rec { pname = "gopass"; - version = "1.10.1"; + version = "1.11.0"; nativeBuildInputs = [ installShellFiles makeWrapper ]; @@ -20,21 +20,21 @@ buildGoModule rec { owner = "gopasspw"; repo = pname; rev = "v${version}"; - sha256 = "0dhh64mxfhk610wr7bpakzgmc4a4iyhfkkl3qhjp6a46g9iygana"; + sha256 = "0plg3hck6yqxcazjczx9m5palzz5h3qs5minzmmq8yzvfwi0shic"; }; - vendorSha256 = "07wv6yahx4yzr3h1x93x4r5rvw8wbfk836f04b4r9xjbnpq7lb2a"; + vendorSha256 = "1sycbcld5qyriqb771l52drxy4vhzm4nh9q5s6kn70nq1s2a3h7x"; doCheck = false; buildFlagsArray = [ "-ldflags=-s -w -X main.version=${version} -X main.commit=${src.rev}" ]; - wrapperPath = stdenv.lib.makeBinPath ( + wrapperPath = lib.makeBinPath ( [ git gnupg xclip - ] ++ stdenv.lib.optional stdenv.isLinux wl-clipboard + ] ++ lib.optional stdenv.isLinux wl-clipboard ); postInstall = '' @@ -42,20 +42,17 @@ buildGoModule rec { $out/bin/gopass completion $shell > gopass.$shell installShellCompletion gopass.$shell done - '' + stdenv.lib.optionalString passAlias '' + '' + lib.optionalString passAlias '' ln -s $out/bin/gopass $out/bin/pass ''; - # --run to work around WONTFIX in https://github.com/gopasspw/gopass/issues/1662 postFixup = '' for bin in $out/bin/*; do - wrapProgram $bin \ - --prefix PATH : "${wrapperPath}" \ - --run 'rm -f "''${XDG_CONFIG_HOME:-~/.config}/gopass/gpg-binary.loc"' + wrapProgram $bin --prefix PATH : "${wrapperPath}" done ''; - meta = with stdenv.lib; { + meta = with lib; { description = "The slightly more awesome Standard Unix Password Manager for Teams. Written in Go"; homepage = "https://www.gopass.pw/"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/gorilla-bin/default.nix b/nixpkgs/pkgs/tools/security/gorilla-bin/default.nix index 975976c6a3c1..68aa7c488198 100644 --- a/nixpkgs/pkgs/tools/security/gorilla-bin/default.nix +++ b/nixpkgs/pkgs/tools/security/gorilla-bin/default.nix @@ -1,4 +1,4 @@ -{ fetchurl, makeWrapper, patchelf, stdenv, libXft, libX11, freetype, fontconfig, libXrender, libXScrnSaver, libXext }: +{ fetchurl, makeWrapper, patchelf, lib, stdenv, libXft, libX11, freetype, fontconfig, libXrender, libXScrnSaver, libXext }: stdenv.mkDerivation rec { pname = "gorilla-bin"; @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { installPhase = let interpreter = "$(< \"$NIX_CC/nix-support/dynamic-linker\")"; - libPath = stdenv.lib.makeLibraryPath [ libXft libX11 freetype fontconfig libXrender libXScrnSaver libXext ]; + libPath = lib.makeLibraryPath [ libXft libX11 freetype fontconfig libXrender libXScrnSaver libXext ]; in '' mkdir -p $out/opt/password-gorilla mkdir -p $out/bin @@ -34,8 +34,8 @@ stdenv.mkDerivation rec { meta = { description = "Password Gorilla is a Tk based password manager"; homepage = "https://github.com/zdia/gorilla/wiki"; - maintainers = [ stdenv.lib.maintainers.namore ]; + maintainers = [ lib.maintainers.namore ]; platforms = [ "x86_64-linux" ]; - license = stdenv.lib.licenses.gpl2; + license = lib.licenses.gpl2; }; } diff --git a/nixpkgs/pkgs/tools/security/gospider/default.nix b/nixpkgs/pkgs/tools/security/gospider/default.nix index b7c94c940239..f32ecdc94e65 100644 --- a/nixpkgs/pkgs/tools/security/gospider/default.nix +++ b/nixpkgs/pkgs/tools/security/gospider/default.nix @@ -1,25 +1,25 @@ { buildGoModule , fetchFromGitHub -, stdenv +, lib, stdenv }: buildGoModule rec { pname = "gospider"; - version = "1.1.4"; + version = "1.1.5"; src = fetchFromGitHub { owner = "jaeles-project"; repo = pname; rev = version; - sha256 = "03gl8y2047iwa6bhmayyds3li21wy3sw1x4hpp9zgqgi95039q86"; + sha256 = "sha256-yfW94sQzT1u6O0s1sqpeANlukC5y8fNvHNL2c77+dxU="; }; - vendorSha256 = "0dc4ddi26i38c5rvy9zbal27a7qvn17h64w1yhbig4iyb79b18ym"; + vendorSha256 = "sha256-1aOw0lk+khcX9IETA0+wGx91BFXrJ79zYWhEI2JrhDU="; # tests require internet access and API keys doCheck = false; - meta = with stdenv.lib; { + meta = with lib; { description = "Fast web spider written in Go"; longDescription = '' GoSpider is a fast web crawler that parses sitemap.xml and robots.txt file. diff --git a/nixpkgs/pkgs/tools/security/gpgstats/default.nix b/nixpkgs/pkgs/tools/security/gpgstats/default.nix index 80153b857c4f..f6f6d3678109 100644 --- a/nixpkgs/pkgs/tools/security/gpgstats/default.nix +++ b/nixpkgs/pkgs/tools/security/gpgstats/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, ncurses, gpgme }: +{ lib, stdenv, fetchurl, ncurses, gpgme }: stdenv.mkDerivation rec { pname = "gpgstats"; @@ -16,10 +16,10 @@ stdenv.mkDerivation rec { cp gpgstats $out/bin ''; - NIX_CFLAGS_COMPILE = stdenv.lib.optionalString (!stdenv.is64bit) + NIX_CFLAGS_COMPILE = lib.optionalString (!stdenv.is64bit) "-D_FILE_OFFSET_BITS=64 -DLARGEFILE_SOURCE=1"; - meta = with stdenv.lib; { + meta = with lib; { description = "Calculates statistics on the keys in your gpg key-ring"; longDescription = '' GPGstats calculates statistics on the keys in your key-ring. diff --git a/nixpkgs/pkgs/tools/security/grype/default.nix b/nixpkgs/pkgs/tools/security/grype/default.nix new file mode 100644 index 000000000000..495302139855 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/grype/default.nix @@ -0,0 +1,35 @@ +{ buildGoModule +, docker +, fetchFromGitHub +, lib, stdenv +}: + +buildGoModule rec { + pname = "grype"; + version = "0.6.1"; + + src = fetchFromGitHub { + owner = "anchore"; + repo = pname; + rev = "v${version}"; + sha256 = "0schq11vckvdj538mnkdzhxl452nrssqrfapab9qc44yxdi1wf8k"; + }; + + vendorSha256 = "0lna7zhsj3wnw83nv0dp93aj869pplb51gqzrkka7vnqp0rjcw50"; + + propagatedBuildInputs = [ docker ]; + + # tests require a running Docker instance + doCheck = false; + + meta = with lib; { + description = "Vulnerability scanner for container images and filesystems"; + longDescription = '' + As a vulnerability scanner is grype abale to scan the contents of a container + image or filesystem to find known vulnerabilities. + ''; + homepage = "https://github.com/anchore/grype"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/haka/default.nix b/nixpkgs/pkgs/tools/security/haka/default.nix index 9468ee2843bd..809902e88976 100644 --- a/nixpkgs/pkgs/tools/security/haka/default.nix +++ b/nixpkgs/pkgs/tools/security/haka/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, cmake, swig, wireshark, check, rsync, libpcap, gawk, libedit, pcre }: +{ lib, stdenv, fetchurl, cmake, swig, wireshark, check, rsync, libpcap, gawk, libedit, pcre }: let version = "0.3.0"; in @@ -21,15 +21,14 @@ stdenv.mkDerivation { sed -i 's,/etc,'$out'/etc,' doc/user/tool_suite_haka.rst ''; - buildInputs = [ cmake swig wireshark check rsync libpcap gawk libedit pcre ]; - - enableParallelBuilding = true; + nativeBuildInputs = [ cmake ]; + buildInputs = [ swig wireshark check rsync libpcap gawk libedit pcre ]; meta = { description = "A collection of tools that allows capturing TCP/IP packets and filtering them based on Lua policy files"; homepage = "http://www.haka-security.org/"; - license = stdenv.lib.licenses.mpl20; - maintainers = [ stdenv.lib.maintainers.tvestelind ]; + license = lib.licenses.mpl20; + maintainers = [ lib.maintainers.tvestelind ]; platforms = [ "x86_64-linux" "i686-linux" ]; # fails on aarch64 }; } diff --git a/nixpkgs/pkgs/tools/security/hakrawler/default.nix b/nixpkgs/pkgs/tools/security/hakrawler/default.nix new file mode 100644 index 000000000000..fc5ee32bcbab --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hakrawler/default.nix @@ -0,0 +1,30 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "hakrawler"; + version = "20201224-${lib.strings.substring 0 7 rev}"; + rev = "e39a514d0e179d33362ee244c017fb65cc2c12a5"; + + src = fetchFromGitHub { + owner = "hakluke"; + repo = "hakrawler"; + inherit rev; + sha256 = "0wpqfbpgnr94q5n7i4zh806k8n0phyg0ncnz43hqh4bbdh7l1y8a"; + }; + + vendorSha256 = "18zs2l77ds0a3wxfqcd91h269g0agnwhginrx3j6gj30dbfls8a1"; + + meta = with lib; { + description = "Web crawler for the discovery of endpoints and assets"; + homepage = "https://github.com/hakluke/hakrawler"; + longDescription = '' + Simple, fast web crawler designed for easy, quick discovery of endpoints + and assets within a web application. + ''; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hash-slinger/default.nix b/nixpkgs/pkgs/tools/security/hash-slinger/default.nix index 4fa0499f1dde..b8759d3571b5 100644 --- a/nixpkgs/pkgs/tools/security/hash-slinger/default.nix +++ b/nixpkgs/pkgs/tools/security/hash-slinger/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, pythonPackages, unbound, libreswan }: +{ lib, stdenv, fetchFromGitHub, pythonPackages, unbound, libreswan }: let inherit (pythonPackages) python; @@ -39,7 +39,7 @@ in stdenv.mkDerivation rec { meta = { description = "Various tools to generate special DNS records"; homepage = "https://github.com/letoams/hash-slinger"; - license = stdenv.lib.licenses.gpl2Plus; - maintainers = [ stdenv.lib.maintainers.leenaars ]; + license = lib.licenses.gpl2Plus; + maintainers = [ lib.maintainers.leenaars ]; }; } diff --git a/nixpkgs/pkgs/tools/security/hash_extender/default.nix b/nixpkgs/pkgs/tools/security/hash_extender/default.nix index dc8ea8b2c9b4..5baeb71ce899 100644 --- a/nixpkgs/pkgs/tools/security/hash_extender/default.nix +++ b/nixpkgs/pkgs/tools/security/hash_extender/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, openssl }: +{ lib, stdenv, fetchFromGitHub, openssl }: stdenv.mkDerivation { pname = "hash_extender"; @@ -21,7 +21,7 @@ stdenv.mkDerivation { cp hash_extender $out/bin ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Tool to automate hash length extension attacks"; homepage = "https://github.com/iagox86/hash_extender"; license = licenses.bsd3; diff --git a/nixpkgs/pkgs/tools/security/hashcash/default.nix b/nixpkgs/pkgs/tools/security/hashcash/default.nix index bb8fba33e1d4..f86684178fcb 100644 --- a/nixpkgs/pkgs/tools/security/hashcash/default.nix +++ b/nixpkgs/pkgs/tools/security/hashcash/default.nix @@ -1,16 +1,16 @@ -{ stdenv, fetchurl, openssl }: +{ lib, stdenv, fetchurl, openssl }: stdenv.mkDerivation rec { pname = "hashcash"; version = "1.22"; - + buildInputs = [ openssl ]; src = fetchurl { url = "http://www.hashcash.org/source/hashcash-${version}.tgz"; sha256 = "15kqaimwb2y8wvzpn73021bvay9mz1gqqfc40gk4hj6f84nz34h1"; }; - + makeFlags = [ "generic-openssl" "LIBCRYPTO=-lcrypto" @@ -21,8 +21,8 @@ stdenv.mkDerivation rec { "MAN_INSTALL_PATH=${placeholder "out"}/share/man/man1" "DOC_INSTALL_PATH=${placeholder "out"}/share/doc/hashcash-$(version)" ]; - - meta = with stdenv.lib; { + + meta = with lib; { description = "Proof-of-work algorithm used as spam and denial-of-service counter measure"; homepage = "http://hashcash.org"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/hashcat-utils/default.nix b/nixpkgs/pkgs/tools/security/hashcat-utils/default.nix index 7dcfff038a8d..8b91a53db013 100644 --- a/nixpkgs/pkgs/tools/security/hashcat-utils/default.nix +++ b/nixpkgs/pkgs/tools/security/hashcat-utils/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub }: +{ lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "hashcat-utils"; @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { runHook postInstall ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Small utilities that are useful in advanced password cracking"; homepage = "https://github.com/hashcat/hashcat-utils"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/hashcat/default.nix b/nixpkgs/pkgs/tools/security/hashcat/default.nix index b156cda99ac7..20b5aed39320 100644 --- a/nixpkgs/pkgs/tools/security/hashcat/default.nix +++ b/nixpkgs/pkgs/tools/security/hashcat/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , fetchurl , makeWrapper , opencl-headers @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { wrapProgram $out/bin/hashcat --prefix LD_LIBRARY_PATH : ${ocl-icd}/lib ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Fast password cracker"; homepage = "https://hashcat.net/hashcat/"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/hashdeep/default.nix b/nixpkgs/pkgs/tools/security/hashdeep/default.nix index 4ad656462b14..4841dc5e07fa 100644 --- a/nixpkgs/pkgs/tools/security/hashdeep/default.nix +++ b/nixpkgs/pkgs/tools/security/hashdeep/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoreconfHook }: +{ lib, stdenv, fetchFromGitHub, autoreconfHook }: let version = "4.4"; in stdenv.mkDerivation { @@ -13,11 +13,11 @@ in stdenv.mkDerivation { nativeBuildInputs = [ autoreconfHook ]; - meta = with stdenv.lib; { + meta = with lib; { description = "A set of cross-platform tools to compute hashes"; homepage = "https://github.com/jessek/hashdeep"; license = licenses.gpl2; platforms = with platforms; linux ++ freebsd ++ openbsd; - maintainers = [ stdenv.lib.maintainers.karantan ]; + maintainers = [ lib.maintainers.karantan ]; }; } diff --git a/nixpkgs/pkgs/tools/security/haveged/default.nix b/nixpkgs/pkgs/tools/security/haveged/default.nix index c676a173092d..b088f07c6e3d 100644 --- a/nixpkgs/pkgs/tools/security/haveged/default.nix +++ b/nixpkgs/pkgs/tools/security/haveged/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl }: +{ lib, stdenv, fetchurl }: stdenv.mkDerivation rec { pname = "haveged"; @@ -20,8 +20,8 @@ stdenv.mkDerivation rec { the barriers to using haveged for other tasks. ''; homepage = "http://www.issihosts.com/haveged/"; - license = stdenv.lib.licenses.gpl3; - maintainers = [ stdenv.lib.maintainers.domenkozar ]; - platforms = stdenv.lib.platforms.unix; + license = lib.licenses.gpl3; + maintainers = [ lib.maintainers.domenkozar ]; + platforms = lib.platforms.unix; }; } diff --git a/nixpkgs/pkgs/tools/security/hcxdumptool/default.nix b/nixpkgs/pkgs/tools/security/hcxdumptool/default.nix index afc08d88a590..082ebac7f6f9 100644 --- a/nixpkgs/pkgs/tools/security/hcxdumptool/default.nix +++ b/nixpkgs/pkgs/tools/security/hcxdumptool/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { installFlags = [ "PREFIX=$(out)" ]; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/ZerBea/hcxdumptool"; description = "Small tool to capture packets from wlan devices"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/hcxtools/default.nix b/nixpkgs/pkgs/tools/security/hcxtools/default.nix index a81c1ef75cf0..a1ba32b35ed7 100644 --- a/nixpkgs/pkgs/tools/security/hcxtools/default.nix +++ b/nixpkgs/pkgs/tools/security/hcxtools/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, curl, openssl, zlib }: +{ lib, stdenv, fetchFromGitHub, curl, openssl, zlib }: stdenv.mkDerivation rec { pname = "hcxtools"; @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { "PREFIX=${placeholder "out"}" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Tools for capturing wlan traffic and conversion to hashcat and John the Ripper formats"; homepage = "https://github.com/ZerBea/hcxtools"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/hologram/default.nix b/nixpkgs/pkgs/tools/security/hologram/default.nix index 9a8722ac2639..6ec4d7776e1f 100644 --- a/nixpkgs/pkgs/tools/security/hologram/default.nix +++ b/nixpkgs/pkgs/tools/security/hologram/default.nix @@ -1,4 +1,4 @@ -{ stdenv, buildGoPackage, fetchFromGitHub }: +{ lib, stdenv, buildGoPackage, fetchFromGitHub }: buildGoPackage rec { name = "hologram-2018-03-19"; @@ -17,7 +17,7 @@ buildGoPackage rec { sed -i 's|cacheTimeout != 3600|cacheTimeout != 0|' cmd/hologram-server/main.go ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/AdRoll/hologram/"; description = "Easy, painless AWS credentials on developer laptops"; maintainers = with maintainers; [ nand0p ]; diff --git a/nixpkgs/pkgs/tools/security/honggfuzz/default.nix b/nixpkgs/pkgs/tools/security/honggfuzz/default.nix index a46acef81d75..081e26e34abb 100644 --- a/nixpkgs/pkgs/tools/security/honggfuzz/default.nix +++ b/nixpkgs/pkgs/tools/security/honggfuzz/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, callPackage, makeWrapper +{ lib, stdenv, fetchFromGitHub, callPackage, makeWrapper , clang, llvm, libbfd, libopcodes, libunwind, libblocksruntime }: @@ -43,9 +43,9 @@ let feedback-based coverage metrics. ''; homepage = "https://honggfuzz.dev/"; - license = stdenv.lib.licenses.asl20; + license = lib.licenses.asl20; platforms = ["x86_64-linux"]; - maintainers = with stdenv.lib.maintainers; [ cpu ]; + maintainers = with lib.maintainers; [ cpu ]; }; }; in honggfuzz diff --git a/nixpkgs/pkgs/tools/security/httpx/default.nix b/nixpkgs/pkgs/tools/security/httpx/default.nix index c7d83075e9da..7135baab3759 100644 --- a/nixpkgs/pkgs/tools/security/httpx/default.nix +++ b/nixpkgs/pkgs/tools/security/httpx/default.nix @@ -1,6 +1,6 @@ { buildGoModule , fetchFromGitHub -, stdenv +, lib, stdenv }: buildGoModule rec { @@ -16,7 +16,7 @@ buildGoModule rec { vendorSha256 = "0fg93vhwpx113fpw8qg4ram4bdh6a8x3a36pr1c962s4vhrabwy2"; - meta = with stdenv.lib; { + meta = with lib; { description = "Fast and multi-purpose HTTP toolkit"; longDescription = '' httpx is a fast and multi-purpose HTTP toolkit allow to run multiple diff --git a/nixpkgs/pkgs/tools/security/ifdnfc/default.nix b/nixpkgs/pkgs/tools/security/ifdnfc/default.nix index bab6527f4153..34c140023ac2 100644 --- a/nixpkgs/pkgs/tools/security/ifdnfc/default.nix +++ b/nixpkgs/pkgs/tools/security/ifdnfc/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub , pkgconfig +{ lib, stdenv, fetchFromGitHub , pkg-config , pcsclite , autoreconfHook , libnfc @@ -14,13 +14,13 @@ stdenv.mkDerivation { rev = "0e48e8e"; sha256 = "1cxnvhhlcbm8h49rlw5racspb85fmwqqhd3gzzpzy68vrs0b37vg"; }; - nativeBuildInputs = [ pkgconfig autoreconfHook ]; + nativeBuildInputs = [ pkg-config autoreconfHook ]; buildInputs = [ pcsclite libnfc ]; configureFlags = [ "--prefix=$(out)" ]; makeFlags = [ "DESTDIR=/" "usbdropdir=$(out)/pcsc/drivers" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "PC/SC IFD Handler based on libnfc"; longDescription = '' libnfc Interface Plugin to be used in <code>services.pcscd.plugins</code>. diff --git a/nixpkgs/pkgs/tools/security/ike-scan/default.nix b/nixpkgs/pkgs/tools/security/ike-scan/default.nix new file mode 100644 index 000000000000..5d54e36585d0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ike-scan/default.nix @@ -0,0 +1,54 @@ +{ lib +, autoconf +, automake +, autoreconfHook +, fetchFromGitHub +, fetchpatch +, openssl +, stdenv +}: + +stdenv.mkDerivation rec { + pname = "ike-scan"; + version = "1.9.4"; + + src = fetchFromGitHub { + owner = "royhills"; + repo = pname; + rev = version; + sha256 = "01a39bk9ma2lm59q320m9g11909if5gc3qynd8pzn6slqiq5r8kw"; + }; + + nativeBuildInputs = [ + autoreconfHook + openssl + ]; + + configureFlags = [ "--with-openssl=${openssl.dev}" ]; + + patches = [ + # Using the same patches as for the Fedora RPM + (fetchpatch { + # Memory leaks, https://github.com/royhills/ike-scan/pull/15 + url = "https://github.com/royhills/ike-scan/pull/15/commits/d864811de08dcddd65ac9b8d0f2acf5d7ddb9dea.patch"; + sha256 = "0wbrq89dl8js7cdivd0c45hckmflan33cpgc3qm5s3az6r4mjljm"; + }) + (fetchpatch { + # Unknown vendor IDs, https://github.com/royhills/ike-scan/pull/18, was merged but not released + url = "https://github.com/royhills/ike-scan/pull/18/commits/e065ddbe471880275dc7975e7da235e7a2097c22.patch"; + sha256 = "13ly01c96nnd5yh7rxrhv636csm264m5xf2a1inprrzxkkri5sls"; + }) + ]; + + meta = with lib; { + description = "Tool to discover, fingerprint and test IPsec VPN servers"; + longDescription = '' + ike-scan is a command-line tool that uses the IKE protocol to discover, + fingerprint and test IPsec VPN servers. + ''; + homepage = "https://github.com/royhills/ike-scan"; + license = with licenses; [ gpl3Plus ]; + platforms = platforms.linux; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ipscan/default.nix b/nixpkgs/pkgs/tools/security/ipscan/default.nix index 4963f5774875..a5b0fe8d9289 100644 --- a/nixpkgs/pkgs/tools/security/ipscan/default.nix +++ b/nixpkgs/pkgs/tools/security/ipscan/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, jdk, jre, swt, makeWrapper, xorg, dpkg }: +{ lib, stdenv, fetchurl, jdk, jre, swt, makeWrapper, xorg, dpkg }: stdenv.mkDerivation rec { pname = "ipscan"; @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { cp usr/lib/ipscan/ipscan-any-${version}.jar $out/share/${pname}-${version}.jar makeWrapper ${jre}/bin/java $out/bin/ipscan \ - --prefix LD_LIBRARY_PATH : "$out/lib/:${stdenv.lib.makeLibraryPath [ swt xorg.libXtst ]}" \ + --prefix LD_LIBRARY_PATH : "$out/lib/:${lib.makeLibraryPath [ swt xorg.libXtst ]}" \ --add-flags "-Xmx256m -cp $out/share/${pname}-${version}.jar:${swt}/jars/swt.jar net.azib.ipscan.Main" mkdir -p $out/share/applications @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { cp usr/share/pixmaps/ipscan.png $out/share/pixmaps/ipscan.png ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Fast and friendly network scanner"; homepage = "https://angryip.org"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/jadx/default.nix b/nixpkgs/pkgs/tools/security/jadx/default.nix index 770062736bf1..02533f7f6f5f 100644 --- a/nixpkgs/pkgs/tools/security/jadx/default.nix +++ b/nixpkgs/pkgs/tools/security/jadx/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, gradle, jdk, makeWrapper, perl }: +{ lib, stdenv, fetchFromGitHub, gradle, jdk, makeWrapper, perl }: let pname = "jadx"; @@ -90,7 +90,7 @@ in stdenv.mkDerivation { done ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Dex to Java decompiler"; longDescription = '' Command line and GUI tools for produce Java source code from Android Dex diff --git a/nixpkgs/pkgs/tools/security/jd-gui/default.nix b/nixpkgs/pkgs/tools/security/jd-gui/default.nix index 91c092922f04..046abed36f0c 100644 --- a/nixpkgs/pkgs/tools/security/jd-gui/default.nix +++ b/nixpkgs/pkgs/tools/security/jd-gui/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, jre, jdk, gradle_5, makeDesktopItem, copyDesktopItems, perl, writeText, runtimeShell }: +{ lib, stdenv, fetchFromGitHub, jre, jdk, gradle_5, makeDesktopItem, copyDesktopItems, perl, writeText, runtimeShell }: let pname = "jd-gui"; @@ -99,7 +99,7 @@ in stdenv.mkDerivation rec { desktopItems = [ desktopItem ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Fast Java Decompiler with powerful GUI"; homepage = "https://java-decompiler.github.io/"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/john/default.nix b/nixpkgs/pkgs/tools/security/john/default.nix index 2fedec48c700..b243e10d3531 100644 --- a/nixpkgs/pkgs/tools/security/john/default.nix +++ b/nixpkgs/pkgs/tools/security/john/default.nix @@ -1,8 +1,8 @@ -{ stdenv, fetchurl, openssl, nss, nspr, kerberos, gmp, zlib, libpcap, re2 +{ lib, stdenv, fetchurl, openssl, nss, nspr, kerberos, gmp, zlib, libpcap, re2 , gcc, python3Packages, perl, perlPackages, makeWrapper }: -with stdenv.lib; +with lib; stdenv.mkDerivation rec { pname = "john"; diff --git a/nixpkgs/pkgs/tools/security/jwt-cli/default.nix b/nixpkgs/pkgs/tools/security/jwt-cli/default.nix index db73bb958eb6..6b4639a53079 100644 --- a/nixpkgs/pkgs/tools/security/jwt-cli/default.nix +++ b/nixpkgs/pkgs/tools/security/jwt-cli/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, rustPlatform, Security, fetchpatch }: +{ lib, stdenv, fetchFromGitHub, rustPlatform, Security, fetchpatch }: rustPlatform.buildRustPackage rec { pname = "jwt-cli"; @@ -13,12 +13,12 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "1k13pw202fr5mvd0ys39n3dxwcl3sd01j6izfb28k06b6pav3wc8"; - buildInputs = stdenv.lib.optional stdenv.isDarwin Security; + buildInputs = lib.optional stdenv.isDarwin Security; doInstallCheck = true; installCheckPhase = "$out/bin/jwt --version"; - meta = with stdenv.lib; { + meta = with lib; { description = "Super fast CLI tool to decode and encode JWTs"; homepage = "https://github.com/mike-engel/jwt-cli"; license = with licenses; [ mit ]; diff --git a/nixpkgs/pkgs/tools/security/kbs2/default.nix b/nixpkgs/pkgs/tools/security/kbs2/default.nix index a13e7214cbbd..80e6e25518e6 100644 --- a/nixpkgs/pkgs/tools/security/kbs2/default.nix +++ b/nixpkgs/pkgs/tools/security/kbs2/default.nix @@ -1,4 +1,4 @@ -{ stdenv, rustPlatform, fetchFromGitHub, installShellFiles, python3, libxcb, AppKit }: +{ lib, stdenv, rustPlatform, fetchFromGitHub, installShellFiles, python3, libxcb, AppKit }: rustPlatform.buildRustPackage rec { pname = "kbs2"; @@ -14,18 +14,18 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "1gvvmfavaq29p40p5mq1phpp2a1nw04dz4975pzm1b6z89p0jlzl"; nativeBuildInputs = [ installShellFiles ] - ++ stdenv.lib.optionals stdenv.isLinux [ python3 ]; + ++ lib.optionals stdenv.isLinux [ python3 ]; buildInputs = [ ] - ++ stdenv.lib.optionals stdenv.isLinux [ libxcb ] - ++ stdenv.lib.optionals stdenv.isDarwin [ AppKit ]; + ++ lib.optionals stdenv.isLinux [ libxcb ] + ++ lib.optionals stdenv.isDarwin [ AppKit ]; preCheck = '' export HOME=$TMPDIR ''; checkFlags = [ "--skip=kbs2::config::tests::test_find_config_dir" ] - ++ stdenv.lib.optionals stdenv.isDarwin [ "--skip=test_ragelib_rewrap_keyfile" ]; + ++ lib.optionals stdenv.isDarwin [ "--skip=test_ragelib_rewrap_keyfile" ]; postInstall = '' mkdir -p $out/share/kbs2 @@ -36,7 +36,7 @@ rustPlatform.buildRustPackage rec { done ''; - meta = with stdenv.lib; { + meta = with lib; { description = "A secret manager backed by age"; homepage = "https://github.com/woodruffw/kbs2"; changelog = "https://github.com/woodruffw/kbs2/blob/v${version}/CHANGELOG.md"; diff --git a/nixpkgs/pkgs/tools/security/keybase/default.nix b/nixpkgs/pkgs/tools/security/keybase/default.nix index ddc83ce0ce62..50724d1199ae 100644 --- a/nixpkgs/pkgs/tools/security/keybase/default.nix +++ b/nixpkgs/pkgs/tools/security/keybase/default.nix @@ -28,10 +28,10 @@ buildGoPackage rec { }) ]; - buildInputs = stdenv.lib.optionals stdenv.isDarwin [ AVFoundation AudioToolbox ImageIO CoreMedia Foundation CoreGraphics MediaToolbox ]; + buildInputs = lib.optionals stdenv.isDarwin [ AVFoundation AudioToolbox ImageIO CoreMedia Foundation CoreGraphics MediaToolbox ]; buildFlags = [ "-tags production" ]; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://www.keybase.io/"; description = "The Keybase official command-line utility and service"; platforms = platforms.linux ++ platforms.darwin; diff --git a/nixpkgs/pkgs/tools/security/keybase/gui.nix b/nixpkgs/pkgs/tools/security/keybase/gui.nix index 13a1fed2e308..54be692b007b 100644 --- a/nixpkgs/pkgs/tools/security/keybase/gui.nix +++ b/nixpkgs/pkgs/tools/security/keybase/gui.nix @@ -105,7 +105,7 @@ stdenv.mkDerivation rec { --replace run_keybase $out/bin/keybase-gui ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://www.keybase.io/"; description = "The Keybase official GUI"; platforms = [ "x86_64-linux" ]; diff --git a/nixpkgs/pkgs/tools/security/keybase/kbfs.nix b/nixpkgs/pkgs/tools/security/keybase/kbfs.nix index e9284e7230fb..6916d6b99bd8 100644 --- a/nixpkgs/pkgs/tools/security/keybase/kbfs.nix +++ b/nixpkgs/pkgs/tools/security/keybase/kbfs.nix @@ -1,4 +1,4 @@ -{ stdenv, buildGoPackage, fetchFromGitHub, keybase }: +{ lib, stdenv, buildGoPackage, fetchFromGitHub, keybase }: buildGoPackage { pname = "kbfs"; @@ -12,7 +12,7 @@ buildGoPackage { buildFlags = [ "-tags production" ]; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://keybase.io/docs/kbfs"; description = "The Keybase filesystem"; platforms = platforms.unix; diff --git a/nixpkgs/pkgs/tools/security/keycard-cli/default.nix b/nixpkgs/pkgs/tools/security/keycard-cli/default.nix index 73eab6c3dec9..4c276cb6e900 100644 --- a/nixpkgs/pkgs/tools/security/keycard-cli/default.nix +++ b/nixpkgs/pkgs/tools/security/keycard-cli/default.nix @@ -1,4 +1,4 @@ -{ lib, buildGoPackage, fetchFromGitHub, pkgconfig, pcsclite }: +{ lib, buildGoPackage, fetchFromGitHub, pkg-config, pcsclite }: buildGoPackage rec { pname = "keycard-cli"; @@ -7,7 +7,7 @@ buildGoPackage rec { goPackagePath = "github.com/status-im/keycard-cli"; subPackages = [ "." ]; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ pcsclite ]; src = fetchFromGitHub { diff --git a/nixpkgs/pkgs/tools/security/knockknock/default.nix b/nixpkgs/pkgs/tools/security/knockknock/default.nix index 9478bb4ca237..7a00f183f15d 100644 --- a/nixpkgs/pkgs/tools/security/knockknock/default.nix +++ b/nixpkgs/pkgs/tools/security/knockknock/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, python2Packages, hping }: +{ lib, stdenv, fetchFromGitHub, python2Packages, hping }: let rev = "bf14bbff"; in python2Packages.buildPythonApplication rec { @@ -23,7 +23,7 @@ in python2Packages.buildPythonApplication rec { substituteInPlace knockknock.py --replace 'existsInPath("hping3")' '"${hping}/bin/hping3"' ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Simple, secure port knocking daemon and client written in Python"; homepage = "http://www.thoughtcrime.org/software/knockknock/"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/kpcli/default.nix b/nixpkgs/pkgs/tools/security/kpcli/default.nix index 12e2bb03d38d..d0e260bb6775 100644 --- a/nixpkgs/pkgs/tools/security/kpcli/default.nix +++ b/nixpkgs/pkgs/tools/security/kpcli/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, makeWrapper, perl, perlPackages }: +{ lib, stdenv, fetchurl, makeWrapper, perl, perlPackages }: stdenv.mkDerivation rec { version = "3.6"; @@ -21,14 +21,14 @@ stdenv.mkDerivation rec { makeWrapper $out/share/kpcli.pl $out/bin/kpcli --set PERL5LIB \ "${with perlPackages; makePerlPath ([ CaptureTiny Clipboard Clone CryptRijndael SortNaturally TermReadKey TermShellUI FileKeePass TermReadLineGnu XMLParser - ] ++ stdenv.lib.optional stdenv.isDarwin MacPasteboard)}" + ] ++ lib.optional stdenv.isDarwin MacPasteboard)}" ''; - meta = with stdenv.lib; { + meta = with lib; { description = "KeePass Command Line Interface"; longDescription = '' - KeePass Command Line Interface (CLI) / interactive shell. + KeePass Command Line Interface (CLI) / interactive shell. Use this program to access and manage your KeePass 1.x or 2.x databases from a Unix-like command line. ''; license = licenses.artistic1; diff --git a/nixpkgs/pkgs/tools/security/kwalletcli/default.nix b/nixpkgs/pkgs/tools/security/kwalletcli/default.nix index d03de5f7cfc2..c1849bdca395 100644 --- a/nixpkgs/pkgs/tools/security/kwalletcli/default.nix +++ b/nixpkgs/pkgs/tools/security/kwalletcli/default.nix @@ -1,4 +1,4 @@ -{ mkDerivation, fetchFromGitHub, lib, makeWrapper, pkgconfig +{ mkDerivation, fetchFromGitHub, lib, makeWrapper, pkg-config , kcoreaddons, ki18n, kwallet, mksh, pinentry-qt }: mkDerivation rec { @@ -26,7 +26,7 @@ mkDerivation rec { makeFlags = [ "KDE_VER=5" ]; - nativeBuildInputs = [ makeWrapper pkgconfig ]; + nativeBuildInputs = [ makeWrapper pkg-config ]; # if using just kwallet, cmake will be added as a buildInput and fail the build propagatedBuildInputs = [ kcoreaddons ki18n (lib.getLib kwallet) ]; diff --git a/nixpkgs/pkgs/tools/security/lastpass-cli/default.nix b/nixpkgs/pkgs/tools/security/lastpass-cli/default.nix index 37da20225205..8d2074f9835a 100644 --- a/nixpkgs/pkgs/tools/security/lastpass-cli/default.nix +++ b/nixpkgs/pkgs/tools/security/lastpass-cli/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchFromGitHub, asciidoc, cmake, docbook_xsl, pkgconfig +{ stdenv, lib, fetchFromGitHub, asciidoc, cmake, docbook_xsl, pkg-config , bash-completion, openssl, curl, libxml2, libxslt }: stdenv.mkDerivation rec { @@ -12,14 +12,12 @@ stdenv.mkDerivation rec { sha256 = "168jg8kjbylfgalhicn0llbykd7kdc9id2989gg0nxlgmnvzl58a"; }; - nativeBuildInputs = [ asciidoc cmake docbook_xsl pkgconfig ]; + nativeBuildInputs = [ asciidoc cmake docbook_xsl pkg-config ]; buildInputs = [ bash-completion curl openssl libxml2 libxslt ]; - enableParallelBuilding = true; - installTargets = [ "install" "install-doc" ]; postInstall = '' diff --git a/nixpkgs/pkgs/tools/security/ldeep/default.nix b/nixpkgs/pkgs/tools/security/ldeep/default.nix new file mode 100644 index 000000000000..855ffc6fdba1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ldeep/default.nix @@ -0,0 +1,38 @@ +{ lib +, buildPythonApplication +, fetchPypi +, commandparse +, dnspython +, ldap3 +, termcolor +, tqdm +}: + +buildPythonApplication rec { + pname = "ldeep"; + version = "1.0.9"; + + src = fetchPypi { + inherit pname version; + sha256 = "0n38idkn9hy31m5xkrc36dmw364d137c7phssvj76gr2gqsrqjy3"; + }; + + propagatedBuildInputs = [ + commandparse + dnspython + ldap3 + termcolor + tqdm + ]; + + # no tests are present + doCheck = false; + pythonImportsCheck = [ "ldeep" ]; + + meta = with lib; { + description = "In-depth LDAP enumeration utility"; + homepage = "https://github.com/franc-pentest/ldeep"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/lesspass-cli/default.nix b/nixpkgs/pkgs/tools/security/lesspass-cli/default.nix index 5bf7358fa76a..20473d1003e4 100644 --- a/nixpkgs/pkgs/tools/security/lesspass-cli/default.nix +++ b/nixpkgs/pkgs/tools/security/lesspass-cli/default.nix @@ -1,4 +1,4 @@ -{ stdenv, python3, fetchFromGitHub }: +{ lib, stdenv, python3, fetchFromGitHub }: let inherit (python3.pkgs) buildPythonApplication pytest mock pexpect; @@ -30,7 +30,7 @@ buildPythonApplication rec { pytest tests ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Stateless password manager"; homepage = "https://lesspass.com"; maintainers = with maintainers; [ jasoncarr ]; diff --git a/nixpkgs/pkgs/tools/security/libacr38u/default.nix b/nixpkgs/pkgs/tools/security/libacr38u/default.nix index b56c15af3d62..314abba853df 100644 --- a/nixpkgs/pkgs/tools/security/libacr38u/default.nix +++ b/nixpkgs/pkgs/tools/security/libacr38u/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, pcsclite , libusb-compat-0_1 }: +{ lib, stdenv, fetchurl, pkg-config, pcsclite , libusb-compat-0_1 }: stdenv.mkDerivation { version = "1.7.11"; @@ -11,14 +11,14 @@ stdenv.mkDerivation { doCheck = true; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ pcsclite libusb-compat-0_1 ]; preBuild = '' makeFlagsArray=(usbdropdir="$out/pcsc/drivers"); ''; - meta = with stdenv.lib; { + meta = with lib; { description = "ACR38U smartcard reader driver for pcsclite"; longDescription = '' A PC/SC IFD handler implementation for the ACS ACR38U @@ -38,4 +38,4 @@ stdenv.mkDerivation { maintainers = with maintainers; [ berce ]; platforms = with platforms; unix; }; -} +} diff --git a/nixpkgs/pkgs/tools/security/libmodsecurity/default.nix b/nixpkgs/pkgs/tools/security/libmodsecurity/default.nix index 01e9a3847920..2222316a7426 100644 --- a/nixpkgs/pkgs/tools/security/libmodsecurity/default.nix +++ b/nixpkgs/pkgs/tools/security/libmodsecurity/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig +{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config , doxygen, perl, valgrind , curl, geoip, libxml2, lmdb, lua, pcre, yajl }: @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { sha256 = "00g2407g2679zv73q67zd50z0f1g1ij734ssv2pp77z4chn5dzib"; }; - nativeBuildInputs = [ autoreconfHook pkgconfig doxygen ]; + nativeBuildInputs = [ autoreconfHook pkg-config doxygen ]; buildInputs = [ perl valgrind curl geoip libxml2 lmdb lua pcre yajl ]; @@ -28,7 +28,7 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - meta = with stdenv.lib; { + meta = with lib; { description = '' ModSecurity v3 library component. ''; diff --git a/nixpkgs/pkgs/tools/security/logkeys/default.nix b/nixpkgs/pkgs/tools/security/logkeys/default.nix index f3ea25d71601..7cd6b5fd194b 100644 --- a/nixpkgs/pkgs/tools/security/logkeys/default.nix +++ b/nixpkgs/pkgs/tools/security/logkeys/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoconf, automake, which, procps, kbd }: +{ lib, stdenv, fetchFromGitHub, autoconf, automake, which, procps, kbd }: stdenv.mkDerivation { pname = "logkeys"; @@ -21,7 +21,7 @@ stdenv.mkDerivation { preConfigure = "./autogen.sh"; - meta = with stdenv.lib; { + meta = with lib; { description = "A GNU/Linux keylogger that works!"; license = licenses.gpl3; homepage = "https://github.com/kernc/logkeys"; diff --git a/nixpkgs/pkgs/tools/security/lynis/default.nix b/nixpkgs/pkgs/tools/security/lynis/default.nix index 9bbbc455b9b3..27dc6504e8bb 100644 --- a/nixpkgs/pkgs/tools/security/lynis/default.nix +++ b/nixpkgs/pkgs/tools/security/lynis/default.nix @@ -1,14 +1,14 @@ -{ stdenv, makeWrapper, fetchFromGitHub, gawk, installShellFiles }: +{ lib, stdenv, makeWrapper, fetchFromGitHub, gawk, installShellFiles }: stdenv.mkDerivation rec { pname = "lynis"; - version = "3.0.1"; + version = "3.0.3"; src = fetchFromGitHub { owner = "CISOfy"; repo = pname; rev = version; - sha256 = "0lsb455rimr1cjxqcgy819xjxf1faas8wlx2x0pxhn5yha9w9sfs"; + sha256 = "sha256-+RkzsBcQhHrfY8gEiJK3ptDeulJzA3IuVXiYEpyAsmk="; }; nativeBuildInputs = [ installShellFiles makeWrapper ]; @@ -21,14 +21,14 @@ stdenv.mkDerivation rec { install -d $out/bin $out/share/lynis/plugins cp -r include db default.prf $out/share/lynis/ cp -a lynis $out/bin - wrapProgram "$out/bin/lynis" --prefix PATH : ${stdenv.lib.makeBinPath [ gawk ]} + wrapProgram "$out/bin/lynis" --prefix PATH : ${lib.makeBinPath [ gawk ]} installManPage lynis.8 installShellCompletion --bash --name lynis.bash \ extras/bash_completion.d/lynis ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Security auditing tool for Linux, macOS, and UNIX-based systems"; homepage = "https://cisofy.com/lynis/"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/masscan/default.nix b/nixpkgs/pkgs/tools/security/masscan/default.nix index 297d13ef9f95..0f45edcff6cf 100644 --- a/nixpkgs/pkgs/tools/security/masscan/default.nix +++ b/nixpkgs/pkgs/tools/security/masscan/default.nix @@ -1,14 +1,14 @@ -{ stdenv, fetchFromGitHub, makeWrapper, libpcap }: +{ lib, stdenv, fetchFromGitHub, makeWrapper, libpcap }: stdenv.mkDerivation rec { pname = "masscan"; - version = "1.0.5"; + version = "1.3.0"; src = fetchFromGitHub { owner = "robertdavidgraham"; repo = "masscan"; rev = version; - sha256 = "0q0c7bsf0pbl8napry1qyg0gl4pd8wn872h4mz9b56dx4rx90vqg"; + sha256 = "04nlnficybgxa16kq9fwrrfjsbyiaps4mikfqgdr206fkqk9i05y"; }; nativeBuildInputs = [ makeWrapper ]; @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { wrapProgram $out/bin/masscan --prefix LD_LIBRARY_PATH : "${libpcap}/lib" ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Fast scan of the Internet"; homepage = "https://github.com/robertdavidgraham/masscan"; license = licenses.agpl3; diff --git a/nixpkgs/pkgs/tools/security/mbox/default.nix b/nixpkgs/pkgs/tools/security/mbox/default.nix index 7292ac6785f6..dd73e1624c7d 100644 --- a/nixpkgs/pkgs/tools/security/mbox/default.nix +++ b/nixpkgs/pkgs/tools/security/mbox/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, openssl, which }: +{ lib, stdenv, fetchFromGitHub, openssl, which }: stdenv.mkDerivation { name = "mbox-20140526"; @@ -16,7 +16,7 @@ stdenv.mkDerivation { cd src cp {.,}configsbox.h ''; - + doCheck = true; checkPhase = '' rm tests/test-*vim.sh tests/test-pip.sh @@ -27,7 +27,7 @@ stdenv.mkDerivation { ./testall.sh ''; - meta = with stdenv.lib; + meta = with lib; { description = "Lightweight sandboxing mechanism that any user can use without special privileges"; homepage = "http://pdos.csail.mit.edu/mbox/"; maintainers = with maintainers; [ ehmry ]; diff --git a/nixpkgs/pkgs/tools/security/medusa/default.nix b/nixpkgs/pkgs/tools/security/medusa/default.nix index bc18f165be73..43a30aad8255 100644 --- a/nixpkgs/pkgs/tools/security/medusa/default.nix +++ b/nixpkgs/pkgs/tools/security/medusa/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, pkg-config, freerdp, openssl, libssh2 }: +{ lib, stdenv, fetchFromGitHub, pkg-config, freerdp, openssl, libssh2 }: stdenv.mkDerivation rec { pname = "medusa-unstable"; @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkg-config ]; buildInputs = [ freerdp openssl libssh2 ]; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/jmk-foofus/medusa"; description = "A speedy, parallel, and modular, login brute-forcer"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/meo/default.nix b/nixpkgs/pkgs/tools/security/meo/default.nix index 54b96917623a..05aa8323cc91 100644 --- a/nixpkgs/pkgs/tools/security/meo/default.nix +++ b/nixpkgs/pkgs/tools/security/meo/default.nix @@ -1,8 +1,8 @@ -{ stdenv, fetchhg, openssl, pcre-cpp, qt4, boost, pkcs11helper }: +{ lib, stdenv, fetchhg, openssl, pcre-cpp, qt4, boost, pkcs11helper }: stdenv.mkDerivation { name = "meo-20121113"; - + src = fetchhg { url = "http://oss.stamfest.net/hg/meo"; rev = "b48e5f16cff8"; @@ -27,9 +27,9 @@ stdenv.mkDerivation { meta = { homepage = "http://oss.stamfest.net/wordpress/meo-multiple-eyepairs-only"; description = "Tools to use cryptography for things like four-eyes principles"; - license = stdenv.lib.licenses.agpl3Plus; - maintainers = with stdenv.lib.maintainers; [viric]; - platforms = with stdenv.lib.platforms; linux; + license = lib.licenses.agpl3Plus; + maintainers = with lib.maintainers; [viric]; + platforms = with lib.platforms; linux; broken = true; }; } diff --git a/nixpkgs/pkgs/tools/security/metasploit/Gemfile b/nixpkgs/pkgs/tools/security/metasploit/Gemfile index 4df0d2235a05..b7be0d586f09 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/Gemfile +++ b/nixpkgs/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.0.12" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.0.27" diff --git a/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock b/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock index 8ef6d3b3148a..3195fbfd4304 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock +++ b/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: 8ba313ed85b03ef54bec32086c2a8708a7e1df58 - ref: refs/tags/6.0.12 + revision: 025cd522b2ab698130cf964c8e7ca91b0729e07a + ref: refs/tags/6.0.27 specs: - metasploit-framework (6.0.12) + metasploit-framework (6.0.27) actionpack (~> 5.2.2) activerecord (~> 5.2.2) activesupport (~> 5.2.2) @@ -31,9 +31,9 @@ GIT metasploit-concern metasploit-credential metasploit-model - metasploit-payloads (= 2.0.22) + metasploit-payloads (= 2.0.27) metasploit_data_models - metasploit_payloads-mettle (= 1.0.2) + metasploit_payloads-mettle (= 1.0.5) mqtt msgpack nessus_rest @@ -50,6 +50,7 @@ GIT pcaprub pdf-reader pg + puma railties rb-readline recog @@ -86,6 +87,7 @@ GIT windows_error xdr xmlrpc + zeitwerk GEM remote: https://rubygems.org/ @@ -119,41 +121,41 @@ GEM public_suffix (>= 2.0.2, < 5.0) afm (0.2.2) arel (9.0.0) - arel-helpers (2.11.0) + arel-helpers (2.12.0) activerecord (>= 3.1.0, < 7) aws-eventstream (1.1.0) - aws-partitions (1.385.0) - aws-sdk-core (3.109.1) + aws-partitions (1.418.0) + aws-sdk-core (3.111.2) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.239.0) aws-sigv4 (~> 1.1) jmespath (~> 1.0) - aws-sdk-ec2 (1.202.0) + aws-sdk-ec2 (1.221.0) aws-sdk-core (~> 3, >= 3.109.0) aws-sigv4 (~> 1.1) aws-sdk-iam (1.46.0) aws-sdk-core (~> 3, >= 3.109.0) aws-sigv4 (~> 1.1) - aws-sdk-kms (1.39.0) + aws-sdk-kms (1.41.0) aws-sdk-core (~> 3, >= 3.109.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.83.1) + aws-sdk-s3 (1.87.0) aws-sdk-core (~> 3, >= 3.109.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.1) aws-sigv4 (1.2.2) aws-eventstream (~> 1, >= 1.0.2) bcrypt (3.1.16) - bcrypt_pbkdf (1.0.1) + bcrypt_pbkdf (1.1.0) bindata (2.4.8) bit-struct (0.16) - bson (4.11.0) + bson (4.11.1) builder (3.2.4) concurrent-ruby (1.0.5) cookiejar (0.3.3) crass (1.0.6) daemons (1.3.1) - dnsruby (1.61.4) + dnsruby (1.61.5) simpleidn (~> 0.1) ed25519 (1.2.4) em-http-request (1.1.7) @@ -164,13 +166,15 @@ GEM http_parser.rb (>= 0.6.0) em-socksify (0.3.2) eventmachine (>= 1.0.0.beta.4) - erubi (1.9.0) + erubi (1.10.0) eventmachine (1.2.7) - faker (2.14.0) + faker (2.15.1) i18n (>= 1.6, < 2) - faraday (1.1.0) + faraday (1.3.0) + faraday-net_http (~> 1.0) multipart-post (>= 1.2, < 3) ruby2_keywords + faraday-net_http (1.0.1) faye-websocket (0.11.0) eventmachine (>= 0.12.0) websocket-driver (>= 0.5.1) @@ -179,24 +183,24 @@ GEM hrr_rb_ssh (0.3.0.pre2) ed25519 (~> 1.2) http_parser.rb (0.6.0) - i18n (1.8.5) + i18n (1.8.7) concurrent-ruby (~> 1.0) - io-console (0.5.6) - irb (1.2.7) + io-console (0.5.7) + irb (1.3.2) reline (>= 0.1.5) jmespath (1.4.0) jsobfu (0.4.2) rkelly-remix - json (2.3.1) - loofah (2.7.0) + json (2.5.1) + loofah (2.9.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) metasm (1.0.4) - metasploit-concern (3.0.0) + metasploit-concern (3.0.1) activemodel (~> 5.2.2) activesupport (~> 5.2.2) railties (~> 5.2.2) - metasploit-credential (4.0.2) + metasploit-credential (4.0.3) metasploit-concern metasploit-model metasploit_data_models (>= 3.0.0) @@ -206,12 +210,12 @@ GEM rex-socket rubyntlm rubyzip - metasploit-model (3.1.2) + metasploit-model (3.1.3) activemodel (~> 5.2.2) activesupport (~> 5.2.2) railties (~> 5.2.2) - metasploit-payloads (2.0.22) - metasploit_data_models (4.1.0) + metasploit-payloads (2.0.27) + metasploit_data_models (4.1.1) activerecord (~> 5.2.2) activesupport (~> 5.2.2) arel-helpers @@ -220,23 +224,25 @@ GEM pg railties (~> 5.2.2) recog (~> 2.0) - metasploit_payloads-mettle (1.0.2) + metasploit_payloads-mettle (1.0.5) method_source (1.0.0) - mini_portile2 (2.4.0) - minitest (5.14.2) + mini_portile2 (2.5.0) + minitest (5.14.3) mqtt (0.5.0) msgpack (1.3.3) multipart-post (2.1.1) mustermann (1.1.1) ruby2_keywords (~> 0.0.1) nessus_rest (0.1.6) - net-ldap (0.16.3) + net-ldap (0.17.0) net-ssh (6.1.0) network_interface (0.0.2) nexpose (7.2.1) - nokogiri (1.10.10) - mini_portile2 (~> 2.4.0) - octokit (4.19.0) + nio4r (2.5.4) + nokogiri (1.11.1) + mini_portile2 (~> 2.5.0) + racc (~> 1.4) + octokit (4.20.0) faraday (>= 0.9) sawyer (~> 0.8.0, >= 0.5.3) openssl-ccm (1.2.2) @@ -254,6 +260,9 @@ GEM ttfunk pg (1.2.3) public_suffix (4.0.6) + puma (5.1.1) + nio4r (~> 2.0) + racc (1.5.2) rack (2.2.3) rack-protection (2.1.0) rack @@ -270,65 +279,65 @@ GEM method_source rake (>= 0.8.7) thor (>= 0.19.0, < 2.0) - rake (13.0.1) + rake (13.0.3) rb-readline (0.5.5) - recog (2.3.15) + recog (2.3.18) nokogiri - redcarpet (3.5.0) - reline (0.1.6) + redcarpet (3.5.1) + reline (0.2.2) io-console (~> 0.5) - rex-arch (0.1.13) + rex-arch (0.1.14) rex-text - rex-bin_tools (0.1.6) + rex-bin_tools (0.1.7) metasm rex-arch rex-core rex-struct2 rex-text - rex-core (0.1.13) - rex-encoder (0.1.4) + rex-core (0.1.14) + rex-encoder (0.1.5) metasm rex-arch rex-text - rex-exploitation (0.1.24) + rex-exploitation (0.1.26) jsobfu metasm rex-arch rex-encoder rex-text - rex-java (0.1.5) - rex-mime (0.1.5) + rex-java (0.1.6) + rex-mime (0.1.6) rex-text - rex-nop (0.1.1) + rex-nop (0.1.2) rex-arch - rex-ole (0.1.6) + rex-ole (0.1.7) rex-text - rex-powershell (0.1.87) + rex-powershell (0.1.89) rex-random_identifier rex-text ruby-rc4 - rex-random_identifier (0.1.4) + rex-random_identifier (0.1.5) rex-text - rex-registry (0.1.3) - rex-rop_builder (0.1.3) + rex-registry (0.1.4) + rex-rop_builder (0.1.4) metasm rex-core rex-text - rex-socket (0.1.24) + rex-socket (0.1.25) rex-core rex-sslscan (0.1.5) rex-core rex-socket rex-text - rex-struct2 (0.1.2) - rex-text (0.2.28) - rex-zip (0.1.3) + rex-struct2 (0.1.3) + rex-text (0.2.31) + rex-zip (0.1.4) rex-text rkelly-remix (0.0.7) - ruby-macho (2.3.0) + ruby-macho (2.5.0) ruby-rc4 (0.1.5) - ruby2_keywords (0.0.2) - ruby_smb (2.0.6) + ruby2_keywords (0.0.4) + ruby_smb (2.0.7) bindata openssl-ccm openssl-cmac @@ -339,7 +348,7 @@ GEM sawyer (0.8.2) addressable (>= 2.3.5) faraday (> 0.8, < 2.0) - simpleidn (0.1.1) + simpleidn (0.2.1) unf (~> 0.1.4) sinatra (2.1.0) mustermann (~> 1.0) @@ -348,17 +357,17 @@ GEM tilt (~> 2.0) sqlite3 (1.4.2) sshkey (2.0.0) - thin (1.7.2) + thin (1.8.0) daemons (~> 1.0, >= 1.0.9) eventmachine (~> 1.0, >= 1.0.4) rack (>= 1, < 3) - thor (1.0.1) + thor (1.1.0) thread_safe (0.3.6) tilt (2.0.10) - ttfunk (1.6.2.1) - tzinfo (1.2.7) + ttfunk (1.7.0) + tzinfo (1.2.9) thread_safe (~> 0.1) - tzinfo-data (1.2020.4) + tzinfo-data (1.2020.6) tzinfo (>= 1.0.0) unf (0.1.4) unf_ext @@ -372,7 +381,8 @@ GEM xdr (3.0.2) activemodel (>= 4.2, < 7.0) activesupport (>= 4.2, < 7.0) - xmlrpc (0.3.0) + xmlrpc (0.3.1) + zeitwerk (2.4.2) PLATFORMS ruby diff --git a/nixpkgs/pkgs/tools/security/metasploit/default.nix b/nixpkgs/pkgs/tools/security/metasploit/default.nix index a2a0a28bbff6..bf9d8628cf1f 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/default.nix +++ b/nixpkgs/pkgs/tools/security/metasploit/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, makeWrapper, ruby, bundlerEnv }: +{ lib, stdenv, fetchFromGitHub, makeWrapper, ruby, bundlerEnv }: let env = bundlerEnv { @@ -8,13 +8,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "6.0.12"; + version = "6.0.27"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = version; - sha256 = "1kh5alvw68lxnm1wcwbka983b5ww7bqvbkih831mrf6sfmv4wkxs"; + sha256 = "sha256-G+Ki0YyuY7XxLegmQhDkR9XQurSWG8K40n+8pwJnvZU="; }; buildInputs = [ makeWrapper ]; @@ -39,7 +39,7 @@ in stdenv.mkDerivation rec { # run with: nix-shell maintainers/scripts/update.nix --argstr path metasploit passthru.updateScript = ./update.sh; - meta = with stdenv.lib; { + meta = with lib; { description = "Metasploit Framework - a collection of exploits"; homepage = "https://github.com/rapid7/metasploit-framework/wiki"; platforms = platforms.unix; diff --git a/nixpkgs/pkgs/tools/security/metasploit/gemset.nix b/nixpkgs/pkgs/tools/security/metasploit/gemset.nix index 4879eb922846..d1dbb26ec28e 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/gemset.nix +++ b/nixpkgs/pkgs/tools/security/metasploit/gemset.nix @@ -84,10 +84,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16irs6rai9pasv36yy31glijs3p2pvgry5g1lh03vnzg8xpb1msp"; + sha256 = "12wgkhajfsm3fgk43zf7xyxrx7q2kc4ggq459p1az6p0b9jscarx"; type = "gem"; }; - version = "2.11.0"; + version = "2.12.0"; }; Ascii85 = { groups = ["default"]; @@ -114,30 +114,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04i4bry59c3g1anbjpsz9g1pz7yy23kh4vvhg7z611amlcr48zvb"; + sha256 = "0p4w1sxxrpvngw54q2z8dm3plljzc7pysvd2716fd3sf7g8907zr"; type = "gem"; }; - version = "1.385.0"; + version = "1.418.0"; }; aws-sdk-core = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xmppcxq7jm8lffqibkhq257hfwfbv82zm2y1fbhwm3icgxzwlfx"; + sha256 = "0bfj1cnpp0ljr9jc44kljdwl5399cbqlvlqkz6fxq5i4r6ckggi4"; type = "gem"; }; - version = "3.109.1"; + version = "3.111.2"; }; aws-sdk-ec2 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0fsf9qhlxczz8cz755xlcdpfqn384d4kr3ybx2p54n377wamdq08"; + sha256 = "0mwd98gmnakz9bkn5kqn5wbk5q2iz7hsbd1xi8256f6ppw07wzi3"; type = "gem"; }; - version = "1.202.0"; + version = "1.221.0"; }; aws-sdk-iam = { groups = ["default"]; @@ -154,20 +154,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ly1m631qm2ciif7sysbzrgczjvz95ga3g6w6vrzvfdv31jjnl9a"; + sha256 = "02f70a4rr5h2na7navjhaf3n15ifq95zdl1avsryyxdvqzm5gzwm"; type = "gem"; }; - version = "1.39.0"; + version = "1.41.0"; }; aws-sdk-s3 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "021yqghdb1i980vn249hv44jajr0v3hq4ik4r6fqh9kwp04fsbqv"; + sha256 = "0capqhvm08ngq74n33ym0khixkdj342jpikssw57avdmd8g6kaq7"; type = "gem"; }; - version = "1.83.1"; + version = "1.87.0"; }; aws-sigv4 = { groups = ["default"]; @@ -194,10 +194,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "02vssr285m7kpsr47jdmzbar1h1d0mnkmyrpr1zg828isfmwii35"; + sha256 = "0ndamfaivnkhc6hy0yqyk2gkwr6f3bz6216lh74hsiiyk3axz445"; type = "gem"; }; - version = "1.0.1"; + version = "1.1.0"; }; bindata = { groups = ["default"]; @@ -224,10 +224,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1bm64q413wrrm3pda6ha2kn1yipyl0qp5240fwsdw1hkqhbjdnjm"; + sha256 = "12v95l3v7n7lh3mk8k1jdrkpn2vjnkb8k636hcygaczzv4jdsdfp"; type = "gem"; }; - version = "4.11.0"; + version = "4.11.1"; }; builder = { groups = ["default"]; @@ -284,10 +284,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0i4mq4zm8bqd0ik908gnn8nm3kph268af7q173wlq4krg3nw562x"; + sha256 = "0q7k7wn8flcdr0kzgknq40cjddd0zn3g3n4gwwwdz0kq30pinzxx"; type = "gem"; }; - version = "1.61.4"; + version = "1.61.5"; }; ed25519 = { groups = ["default"]; @@ -324,10 +324,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1nwzxnqhr31fn7nbqmffcysvxjdfl3bhxi0bld5qqhcnfc1xd13x"; + sha256 = "09l8lz3j00m898li0yfsnb6ihc63rdvhw3k5xczna5zrjk104f2l"; type = "gem"; }; - version = "1.9.0"; + version = "1.10.0"; }; eventmachine = { groups = ["default"]; @@ -344,20 +344,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06sh8492k03p9lsfzv5zifzn51ilb4734vrvwl30vzmzg1apzml6"; + sha256 = "1l0dvswigzxaz9558wmfix3v8cmwwkgdvrx1fmpd3qnr5hky1qrk"; type = "gem"; }; - version = "2.14.0"; + version = "2.15.1"; }; faraday = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16dapwi5pivrl25r4lkr1mxjrzkznj4wlcb08fzkmxnj4g5c6y35"; + sha256 = "1hmssd8pj4n7yq4kz834ylkla8ryyvhaap6q9nzymp93m1xq21kz"; type = "gem"; }; - version = "1.1.0"; + version = "1.3.0"; + }; + faraday-net_http = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1fi8sda5hc54v1w3mqfl5yz09nhx35kglyx72w7b8xxvdr0cwi9j"; + type = "gem"; + }; + version = "1.0.1"; }; faye-websocket = { groups = ["default"]; @@ -414,30 +424,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "153sx77p16vawrs4qpkv7qlzf9v5fks4g7xqcj1dwk40i6g7rfzk"; + sha256 = "1kr0bx9323fv5ys6nlhsy05kmwcbs94h6ac7ka9qqywy0vbdvrrv"; type = "gem"; }; - version = "1.8.5"; + version = "1.8.7"; }; io-console = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0vbn4nvnr1pcmjsn0gghc3bz2md89njxq4801zi5dv5niypdxlsp"; + sha256 = "1gp1xx2g1x81wsh929x7rzsm0c8qgkhr2mkjn79fbdwyfnk4s04l"; type = "gem"; }; - version = "0.5.6"; + version = "0.5.7"; }; irb = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10d9xr1hdpkqhljxhvdm44c2qbxdjfqm5x00d4v6aw0fym1w7r2g"; + sha256 = "166xravh6r82w46d8hcjrg55gnyjdf0501g16lb48i2h06k363l2"; type = "gem"; }; - version = "1.2.7"; + version = "1.3.2"; }; jmespath = { groups = ["default"]; @@ -464,20 +474,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "158fawfwmv2sq4whqqaksfykkiad2xxrrj0nmpnc6vnlzi1bp7iz"; + sha256 = "0lrirj0gw420kw71bjjlqkqhqbrplla61gbv1jzgsz6bv90qr3ci"; type = "gem"; }; - version = "2.3.1"; + version = "2.5.1"; }; loofah = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1alz1x6rkhbw10qpszr384299rf52rcyasn0619a9p50vzs8vczq"; + sha256 = "0bzwvxvilx7w1p3pg028ks38925y9i0xm870lm7s12w7598hiyck"; type = "gem"; }; - version = "2.7.0"; + version = "2.9.0"; }; metasm = { groups = ["default"]; @@ -494,72 +504,72 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10a9dr0pi25vsnk7x1bavx2ja62lqswdkym0hvhjsds6awvx1cf2"; + sha256 = "19cz0g463wl35gpdy1630n88a9m7fhhlcylspvvwc0m01sipc33g"; type = "gem"; }; - version = "3.0.0"; + version = "3.0.1"; }; metasploit-credential = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "03339i3v6lgz0cymn2i7y0sylpw2nihsc8h75c4yn3bq9p6wk6sx"; + sha256 = "1f6cjvk68yypciycp8vdvhc5hrwmc8qi4y06s1cd77zj4m2skkmn"; type = "gem"; }; - version = "4.0.2"; + version = "4.0.3"; }; metasploit-framework = { groups = ["default"]; platforms = []; source = { fetchSubmodules = false; - rev = "8ba313ed85b03ef54bec32086c2a8708a7e1df58"; - sha256 = "1kh5alvw68lxnm1wcwbka983b5ww7bqvbkih831mrf6sfmv4wkxs"; + rev = "025cd522b2ab698130cf964c8e7ca91b0729e07a"; + sha256 = "15dxcw1agg3zsawc46wnnjxd1ma7wh8449p85pqvaqxfik8s5qhv"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "6.0.12"; + version = "6.0.27"; }; metasploit-model = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0szwqs6djh882alpnmnnkx46s548jg3vb0ya61hibw3kqcw3i1ig"; + sha256 = "0gmh23c3hc4my244m5lpd4kiysrsprag4rn6kvnnphxiflxvi4f7"; type = "gem"; }; - version = "3.1.2"; + version = "3.1.3"; }; metasploit-payloads = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1yiwwyc12f9jln58l4j26yjbixij1v5h3spp4ci3ik4dxyk2r4zb"; + sha256 = "1c3jn9gjy1bknyd7wrwwfbcjwlmijd6nnsjzyqc7yszjjy0yqca2"; type = "gem"; }; - version = "2.0.22"; + version = "2.0.27"; }; metasploit_data_models = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1n7vb6pg446jadjsgrc29kxnc9b6ga29hw8pg52dnrzhp7rwhiyl"; + sha256 = "1czqg49b7n9n2iqp6r4f1cxh8kd39gbjvydq09hzmzdmkwxh3x1f"; type = "gem"; }; - version = "4.1.0"; + version = "4.1.1"; }; metasploit_payloads-mettle = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "147s4jd2hckls76binsskb6rvnh1crd2agmf1lk7fsj1n55dhkvk"; + sha256 = "0z6gnidpcpdm80vvl0yw1h10kchkaw9whcsv2kwy7ih6247l7nbq"; type = "gem"; }; - version = "1.0.2"; + version = "1.0.5"; }; method_source = { groups = ["default"]; @@ -576,20 +586,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15zplpfw3knqifj9bpf604rb3wc1vhq6363pd6lvhayng8wql5vy"; + sha256 = "1hdbpmamx8js53yk3h8cqy12kgv6ca06k0c9n3pxh6b6cjfs19x7"; type = "gem"; }; - version = "2.4.0"; + version = "2.5.0"; }; minitest = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "170y2cvx51gm3cm3nhdf7j36sxnkh6vv8ls36p90ric7w8w16h4v"; + sha256 = "0ipjhdw8ds6q9h7bs3iw28bjrwkwp215hr4l3xf6215fsl80ky5j"; type = "gem"; }; - version = "5.14.2"; + version = "5.14.3"; }; mqtt = { groups = ["default"]; @@ -646,10 +656,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "13lh6qizxi8fza8py73b2dvjp9p010dvbaq7diagir9nh8plsinv"; + sha256 = "1j19yxrz7h3hj7kiiln13c7bz7hvpdqr31bwi88dj64zifr7896n"; type = "gem"; }; - version = "0.16.3"; + version = "0.17.0"; }; net-ssh = { groups = ["default"]; @@ -681,25 +691,35 @@ }; version = "7.2.1"; }; + nio4r = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1cbwp1kbv6b2qfxv8sarv0d0ilb257jihlvdqj8f5pdm0ksq1sgk"; + type = "gem"; + }; + version = "2.5.4"; + }; nokogiri = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xmf60nj5kg9vaj5bysy308687sgmkasgx06vbbnf94p52ih7si2"; + sha256 = "1ajwkqr28hwqbyl1l3czx4a34c88acxywyqp8cjyy0zgsd6sbhj2"; type = "gem"; }; - version = "1.10.10"; + version = "1.11.1"; }; octokit = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1dz8na8fk445yqrwpkl31fimnap7p4xf9m9qm9i7cpvaxxgk2n24"; + sha256 = "1fl517ld5vj0llyshp3f9kb7xyl9iqy28cbz3k999fkbwcxzhlyq"; type = "gem"; }; - version = "4.19.0"; + version = "4.20.0"; }; openssl-ccm = { groups = ["default"]; @@ -791,6 +811,26 @@ }; version = "4.0.6"; }; + puma = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13640p5fk19705ygp8j6p07lccag3d80bx8bmjgpd5zsxxsdc50b"; + type = "gem"; + }; + version = "5.1.1"; + }; + racc = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "178k7r0xn689spviqzhvazzvxfq6fyjldxb3ywjbgipbfi4s8j1g"; + type = "gem"; + }; + version = "1.5.2"; + }; rack = { groups = ["default"]; platforms = []; @@ -856,10 +896,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0w6qza25bq1s825faaglkx1k6d59aiyjjk3yw3ip5sb463mhhai9"; + sha256 = "1iik52mf9ky4cgs38fp2m8r6skdkq1yz23vh18lk95fhbcxb6a67"; type = "gem"; }; - version = "13.0.1"; + version = "13.0.3"; }; rb-readline = { groups = ["default"]; @@ -876,170 +916,170 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0vxnm9ld3rn8xxccq9jyhzz6558bqfxdb3sd4na20frg9f5pflb7"; + sha256 = "0inz904fbsjscjs71lxxj4070lm1klm27m9prmrhqybc0hr95l69"; type = "gem"; }; - version = "2.3.15"; + version = "2.3.18"; }; redcarpet = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0skcyx1h8b5ms0rp2zm3ql6g322b8c1adnkwkqyv7z3kypb4bm7k"; + sha256 = "0bvk8yyns5s1ls437z719y5sdv9fr8kfs8dmr6g8s761dv5n8zvi"; type = "gem"; }; - version = "3.5.0"; + version = "3.5.1"; }; reline = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0sspfd5x8aq80pmkdj0dzd20iclhrdjan1ibkrivgk7j8af23hbk"; + sha256 = "0zinl7l63gzy6y477j8w1azfm5655h2026hxl49w4c73qcfdjj3x"; type = "gem"; }; - version = "0.1.6"; + version = "0.2.2"; }; rex-arch = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cvdy2ysiphdig258lkicbxqq2y47bkl69kgj4kkj8w338rb5kwa"; + sha256 = "1gi9641869pg30ij7ba3r2z89flvdqsma4spbpww6c8ph62iy4bp"; type = "gem"; }; - version = "0.1.13"; + version = "0.1.14"; }; rex-bin_tools = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "19q4cj7cis29k3zx9j2gp4h3ib0zig2fa4rs56c1gjr32f192zzk"; + sha256 = "16w219ashxrgrgb5via9k45h7whrib77rmwy0f7akqf409pzjdp7"; type = "gem"; }; - version = "0.1.6"; + version = "0.1.7"; }; rex-core = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1b9pf7f8m2zjck65dpp8h8v4n0a05kfas6cn9adv0w8d9z58aqvv"; + sha256 = "0mmsckkrds6jvg1b4sdq4cv9s1q0idjiy1k8kjfvgylz96ap0vlw"; type = "gem"; }; - version = "0.1.13"; + version = "0.1.14"; }; rex-encoder = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1zm5jdxgyyp8pkfqwin34izpxdrmglx6vmk20ifnvcsm55c9m70z"; + sha256 = "0lnrlii8d3r35927wp42bpdzh37dx3jqgdxk6lk5d6xvz6h14kp7"; type = "gem"; }; - version = "0.1.4"; + version = "0.1.5"; }; rex-exploitation = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0inrf2vahmpxhjf84i8ak2b7gcirsrjrmb1rnvvqqr9kl0xw5xm3"; + sha256 = "0z4dn579mxl22qdxcnbmxp0diia6kr7c20giv0bn4r0viavz49gc"; type = "gem"; }; - version = "0.1.24"; + version = "0.1.26"; }; rex-java = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0j58k02p5g9snkpak64sb4aymkrvrh9xpqh8wsnya4w7b86w2y6i"; + sha256 = "0g8xdj7ij4y51wgh6l29al6i107bqn6pwql6za7ahms75m8s9dys"; type = "gem"; }; - version = "0.1.5"; + version = "0.1.6"; }; rex-mime = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15a14kz429h7pn81ysa6av3qijxjmxagjff6dyss5v394fxzxf4a"; + sha256 = "0wzw1qcdgbn3iyskppy5038mcdrzplyai45pilm5qjj4fwvjdl6m"; type = "gem"; }; - version = "0.1.5"; + version = "0.1.6"; }; rex-nop = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0aigf9qsqsmiraa6zvfy1a7cyvf7zc3iyhzxi6fjv5sb8f64d6ny"; + sha256 = "0yjlmgmaaa65lkd6jrm71g8yfn8xy91jl07nd1v90xp9jrzrrl92"; type = "gem"; }; - version = "0.1.1"; + version = "0.1.2"; }; rex-ole = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1pnzbqfnvbs0vc0z0ryszk3fxhgxrjd6gzwqa937rhlphwp5jpww"; + sha256 = "0rlsy1a4lig7iqvb4zn60fpf125v8k4bjrjzakks74prjb2qmqnp"; type = "gem"; }; - version = "0.1.6"; + version = "0.1.7"; }; rex-powershell = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "11wi8dpb2s8bvkqhbf80g16nyj2hscs3vz31ffzl1g0g6imcs0dl"; + sha256 = "1wza4g3kkscc17kaw44hnq8qs2nmvppb9awaf27lp4v1c1kdxixs"; type = "gem"; }; - version = "0.1.87"; + version = "0.1.89"; }; rex-random_identifier = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0fg94sczff5c2rlvqqgw2dndlqyzjil5rjk3p9f46ss2hc8zxlbk"; + sha256 = "0pqd8pfcxqd44ql8dawk59k9s5jnhx7inc8wnpjhkbx0y0sldq8q"; type = "gem"; }; - version = "0.1.4"; + version = "0.1.5"; }; rex-registry = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0wv812ghnz143vx10ixmv32ypj1xrzr4rh4kgam8d8wwjwxsgw1q"; + sha256 = "09b6jhcih4srrh0j52v49vbffqz8ngki6qpmq9b2wdabqnw63d1v"; type = "gem"; }; - version = "0.1.3"; + version = "0.1.4"; }; rex-rop_builder = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xjd3d6wnbq4ym0d0m268md8fb16f2hbwrahvxnl14q63fj9i3wy"; + sha256 = "0ssynxq3kc86v3xnc6jx8pg5zh13q61wl2klqbi9hzn2n8lhdgvj"; type = "gem"; }; - version = "0.1.3"; + version = "0.1.4"; }; rex-socket = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1y6p1sw0wiw4x4dk89lwhf7vzsb0cjgpbr8hf7m119lg2kzm5g8y"; + sha256 = "1601b7vhp56sif21lk7mqcn3bbkhdrp6zz0vag8yzma3ji707pqg"; type = "gem"; }; - version = "0.1.24"; + version = "0.1.25"; }; rex-sslscan = { groups = ["default"]; @@ -1056,30 +1096,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1nbdn53264a20cr2m2nq2v4mg0n33dvrd1jj1sixl37qjzw2k452"; + sha256 = "1hp8yv55j995dl587hismwa7ydyprs03c75gia6rwp7v5bhshy4n"; type = "gem"; }; - version = "0.1.2"; + version = "0.1.3"; }; rex-text = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0wx8pncrk7yb2zxxqaycm4ikvb577zj7rma8jdfi74a0c5119c44"; + sha256 = "078bdybz7cw3zd0mr59qgr1x6pifnn352636s74i1ncqzrzni46b"; type = "gem"; }; - version = "0.2.28"; + version = "0.2.31"; }; rex-zip = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mbfryyhcw47i7jb8cs8vilbyqgyiyjkfl1ngl6wdbf7d87dwdw7"; + sha256 = "0azm4g4dm9k6vrav769vn0gffrv7pgxknlj4dr9yav632920cvqj"; type = "gem"; }; - version = "0.1.3"; + version = "0.1.4"; }; rkelly-remix = { groups = ["default"]; @@ -1096,10 +1136,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "12khgv5hx90a4dxqca2hzbksalx9czb51bsz0bhq0czsql9pwby8"; + sha256 = "05nfdv5isk3g13qhzm6axg70bghg1z5nbsl04dwqqhaifjys0dhf"; type = "gem"; }; - version = "2.3.0"; + version = "2.5.0"; }; ruby-rc4 = { groups = ["default"]; @@ -1116,20 +1156,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "17pcc0wgvh3ikrkr7bm3nx0qhyiqwidd13ij0fa50k7gsbnr2p0l"; + sha256 = "15wfcqxyfgka05v2a7kpg64x57gl1y4xzvnc9lh60bqx5sf1iqrs"; type = "gem"; }; - version = "0.0.2"; + version = "0.0.4"; }; ruby_smb = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0fsdnvisswchk27knii6ijq8sjsc7qm9jiffdsf71q195ga2qi66"; + sha256 = "0px84i3d9kqb40ff7nk3k7hb3w3kk80w5zsgi61svgddp1dbzh1n"; type = "gem"; }; - version = "2.0.6"; + version = "2.0.7"; }; rubyntlm = { groups = ["default"]; @@ -1166,10 +1206,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0b9v0xs4ksd68zckamv6rbrrqllpa9am0p29bycq9fxvlkqd7w2w"; + sha256 = "06f7w6ph3bzzqk212yylfp4jfx275shgp9zg3xszbpv1ny2skp9m"; type = "gem"; }; - version = "0.1.1"; + version = "0.2.1"; }; sinatra = { groups = ["default"]; @@ -1206,20 +1246,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nagbf9pwy1vg09k6j4xqhbjjzrg5dwzvkn4ffvlj76fsn6vv61f"; + sha256 = "0g5p3r47qxxfmfagdf8wb68pd24938cgzdfn6pmpysrn296pg5m5"; type = "gem"; }; - version = "1.7.2"; + version = "1.8.0"; }; thor = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1xbhkmyhlxwzshaqa7swy2bx6vd64mm0wrr8g3jywvxy7hg0cwkm"; + sha256 = "18yhlvmfya23cs3pvhr1qy38y41b6mhr5q9vwv5lrgk16wmf3jna"; type = "gem"; }; - version = "1.0.1"; + version = "1.1.0"; }; thread_safe = { groups = ["default"]; @@ -1246,30 +1286,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0w0bjn6k38xv46mr02p3038gwk5jj5hl398bv5kr625msxkdhqzn"; + sha256 = "15iaxz9iak5643bq2bc0jkbjv8w2zn649lxgvh5wg48q9d4blw13"; type = "gem"; }; - version = "1.6.2.1"; + version = "1.7.0"; }; tzinfo = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1i3jh086w1kbdj3k5l60lc3nwbanmzdf8yjj3mlrx9b2gjjxhi9r"; + sha256 = "0zwqqh6138s8b321fwvfbywxy00lw1azw4ql3zr0xh1aqxf8cnvj"; type = "gem"; }; - version = "1.2.7"; + version = "1.2.9"; }; tzinfo-data = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "02anabncgfjwsqn07ra9jdqvmi0a4yngzp6dfiz2yxb1m9qpdm4a"; + sha256 = "131dgg2sz3j15vp71xaijlb72nlii9fn8v5dc4vr6q7hrdq4kjf4"; type = "gem"; }; - version = "1.2020.4"; + version = "1.2020.6"; }; unf = { groups = ["default"]; @@ -1346,9 +1386,19 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1s744iwblw262gj357pky3d9fcx9hisvla7rnw29ysn5zsb6i683"; + sha256 = "0yihlrbipgiivgpkbx06qx8wgbic0jm26by6jymdwxb01zsd0yj1"; + type = "gem"; + }; + version = "0.3.1"; + }; + zeitwerk = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1746czsjarixq0x05f7p3hpzi38ldg6wxnxxw74kbjzh1sdjgmpl"; type = "gem"; }; - version = "0.3.0"; + version = "2.4.2"; }; -} \ No newline at end of file +} diff --git a/nixpkgs/pkgs/tools/security/mfcuk/default.nix b/nixpkgs/pkgs/tools/security/mfcuk/default.nix index 59908f2a9ce5..3128a787807a 100644 --- a/nixpkgs/pkgs/tools/security/mfcuk/default.nix +++ b/nixpkgs/pkgs/tools/security/mfcuk/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, libnfc }: +{ lib, stdenv, fetchurl, pkg-config, libnfc }: stdenv.mkDerivation { pname = "mfcuk"; @@ -9,10 +9,10 @@ stdenv.mkDerivation { sha256 = "0m9sy61rsbw63xk05jrrmnyc3xda0c3m1s8pg3sf8ijbbdv9axcp"; }; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ libnfc ]; - meta = with stdenv.lib; { + meta = with lib; { description = "MiFare Classic Universal toolKit"; license = licenses.gpl2; homepage = "https://github.com/nfc-tools/mfcuk"; diff --git a/nixpkgs/pkgs/tools/security/mfoc/default.nix b/nixpkgs/pkgs/tools/security/mfoc/default.nix index fb622ad82496..ca1f4a5e4f25 100644 --- a/nixpkgs/pkgs/tools/security/mfoc/default.nix +++ b/nixpkgs/pkgs/tools/security/mfoc/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, fetchpatch, autoreconfHook, pkgconfig, libnfc }: +{ lib, stdenv, fetchFromGitHub, fetchpatch, autoreconfHook, pkg-config, libnfc }: stdenv.mkDerivation rec { pname = "mfoc"; @@ -22,10 +22,10 @@ stdenv.mkDerivation rec { }) ]; - nativeBuildInputs = [ autoreconfHook pkgconfig ]; + nativeBuildInputs = [ autoreconfHook pkg-config ]; buildInputs = [ libnfc ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Mifare Classic Offline Cracker"; license = licenses.gpl2; homepage = "https://github.com/nfc-tools/mfoc"; diff --git a/nixpkgs/pkgs/tools/security/minisign/default.nix b/nixpkgs/pkgs/tools/security/minisign/default.nix index b67b65b0cf8b..1fb1d6893a9f 100644 --- a/nixpkgs/pkgs/tools/security/minisign/default.nix +++ b/nixpkgs/pkgs/tools/security/minisign/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, cmake, pkg-config, libsodium }: +{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, libsodium }: stdenv.mkDerivation rec { pname = "minisign"; @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake pkg-config ]; buildInputs = [ libsodium ]; - meta = with stdenv.lib; { + meta = with lib; { description = "A simple tool for signing files and verifying signatures"; longDescription = '' minisign uses public key cryptography to help facilitate secure (but not diff --git a/nixpkgs/pkgs/tools/security/mkpasswd/default.nix b/nixpkgs/pkgs/tools/security/mkpasswd/default.nix index b88852966ee1..e001239f3136 100644 --- a/nixpkgs/pkgs/tools/security/mkpasswd/default.nix +++ b/nixpkgs/pkgs/tools/security/mkpasswd/default.nix @@ -1,4 +1,4 @@ -{ stdenv, whois, perl }: +{ lib, stdenv, whois, perl }: stdenv.mkDerivation { name = "mkpasswd-${whois.version}"; @@ -11,7 +11,7 @@ stdenv.mkDerivation { buildPhase = "make mkpasswd"; installPhase = "make install-mkpasswd"; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://packages.qa.debian.org/w/whois.html"; description = "Overfeatured front-end to crypt, from the Debian whois package"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/mkrand/default.nix b/nixpkgs/pkgs/tools/security/mkrand/default.nix index 54934b7111a9..59b48f1881d2 100644 --- a/nixpkgs/pkgs/tools/security/mkrand/default.nix +++ b/nixpkgs/pkgs/tools/security/mkrand/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl }: +{ lib, stdenv, fetchurl }: stdenv.mkDerivation { name = "mkrand-0.1.0"; @@ -14,7 +14,7 @@ stdenv.mkDerivation { description = "A Digital Random Bit Generator"; longDescription = "MKRAND is a utility for generating random information."; homepage = "https://github.com/mknight-tag/MKRAND/"; - license = stdenv.lib.licenses.mit; - platforms = stdenv.lib.platforms.all; + license = lib.licenses.mit; + platforms = lib.platforms.all; }; } diff --git a/nixpkgs/pkgs/tools/security/mktemp/default.nix b/nixpkgs/pkgs/tools/security/mktemp/default.nix index 0732adecc45b..dc3f2a8904bc 100644 --- a/nixpkgs/pkgs/tools/security/mktemp/default.nix +++ b/nixpkgs/pkgs/tools/security/mktemp/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, groff }: +{ lib, stdenv, fetchurl, groff }: stdenv.mkDerivation { name = "mktemp-1.7"; @@ -16,7 +16,7 @@ stdenv.mkDerivation { sha256 = "0x969152znxxjbj7387xb38waslr4yv6bnj5jmhb4rpqxphvk54f"; }; - meta = with stdenv.lib; { + meta = with lib; { description = "Simple tool to make temporary file handling in shells scripts safe and simple"; homepage = "https://www.mktemp.org"; license = licenses.isc; diff --git a/nixpkgs/pkgs/tools/security/modsecurity/default.nix b/nixpkgs/pkgs/tools/security/modsecurity/default.nix index b9b696c17be6..1bbefd1342c3 100644 --- a/nixpkgs/pkgs/tools/security/modsecurity/default.nix +++ b/nixpkgs/pkgs/tools/security/modsecurity/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchurl, pkgconfig +{ stdenv, lib, fetchurl, pkg-config , curl, apacheHttpd, pcre, apr, aprutil, libxml2 , luaSupport ? false, lua5 }: @@ -6,7 +6,7 @@ with lib; let luaValue = if luaSupport then lua5 else "no"; - optional = stdenv.lib.optional; + optional = lib.optional; in stdenv.mkDerivation rec { @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { sha256 = "0611nskd2y6yagrciqafxdn4rxbdk2v4swf45kc1sgwx2sfh34j1"; }; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ curl apacheHttpd pcre apr aprutil libxml2 ] ++ optional luaSupport lua5; @@ -49,6 +49,6 @@ stdenv.mkDerivation rec { license = licenses.asl20; homepage = "https://www.modsecurity.org/"; maintainers = with maintainers; [offline]; - platforms = stdenv.lib.platforms.linux ++ stdenv.lib.platforms.darwin; + platforms = lib.platforms.linux ++ lib.platforms.darwin; }; } diff --git a/nixpkgs/pkgs/tools/security/monkeysphere/default.nix b/nixpkgs/pkgs/tools/security/monkeysphere/default.nix index 4b1f75698871..bc267a9a7703 100644 --- a/nixpkgs/pkgs/tools/security/monkeysphere/default.nix +++ b/nixpkgs/pkgs/tools/security/monkeysphere/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, makeWrapper +{ lib, stdenv, fetchurl, makeWrapper , perl, libassuan, libgcrypt , perlPackages, lockfileProgs, gnupg, coreutils # For the tests: @@ -32,7 +32,7 @@ in stdenv.mkDerivation rec { nativeBuildInputs = [ makeWrapper ]; buildInputs = [ perl libassuan libgcrypt ] - ++ stdenv.lib.optional doCheck + ++ lib.optional doCheck ([ gnupg opensshUnsafe which socat cpio hexdump procps lockfileProgs ] ++ (with perlPackages; [ CryptOpenSSLRSA CryptOpenSSLBignum ])); @@ -45,7 +45,7 @@ in stdenv.mkDerivation rec { # but they aren't enabled by default because they "drain" entropy (GnuPG # still uses /dev/random). doCheck = false; - preCheck = stdenv.lib.optionalString doCheck '' + preCheck = lib.optionalString doCheck '' patchShebangs tests/ patchShebangs src/ sed -i \ @@ -64,12 +64,12 @@ in stdenv.mkDerivation rec { CryptOpenSSLRSA CryptOpenSSLBignum ]) - + stdenv.lib.optionalString + + lib.optionalString (builtins.length runtimeDeps > 0) - " --prefix PATH : ${stdenv.lib.makeBinPath runtimeDeps}"; + " --prefix PATH : ${lib.makeBinPath runtimeDeps}"; wrapMonkeysphere = runtimeDeps: program: "wrapProgram $out/bin/${program} ${wrapperArgs runtimeDeps}\n"; - wrapPrograms = runtimeDeps: programs: stdenv.lib.concatMapStrings + wrapPrograms = runtimeDeps: programs: lib.concatMapStrings (wrapMonkeysphere runtimeDeps) programs; in wrapPrograms [ gnupg ] [ "monkeysphere-authentication" "monkeysphere-host" ] @@ -84,7 +84,7 @@ in stdenv.mkDerivation rec { done ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "http://web.monkeysphere.info/"; description = "Leverage the OpenPGP web of trust for SSH and TLS authentication"; longDescription = '' diff --git a/nixpkgs/pkgs/tools/security/monsoon/default.nix b/nixpkgs/pkgs/tools/security/monsoon/default.nix new file mode 100644 index 000000000000..3f414081500f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/monsoon/default.nix @@ -0,0 +1,32 @@ +{ buildGoModule +, fetchFromGitHub +, lib, stdenv +}: + +buildGoModule rec { + pname = "monsoon"; + version = "0.6.0"; + + src = fetchFromGitHub { + owner = "RedTeamPentesting"; + repo = "monsoon"; + rev = "v${version}"; + sha256 = "01c84s11m645mqaa2vdnbsj0kb842arqjhicgjv0ahb7qdw65zz4"; + }; + + vendorSha256 = "1g84az07hv8w0jha2yl4f5jm0p9nkbawgw9l7cpmn8ckbfa54l7q"; + + # tests fails on darwin + doCheck = !stdenv.isDarwin; + + meta = with lib; { + description = "Fast HTTP enumerator"; + longDescription = '' + A fast HTTP enumerator that allows you to execute a large number of HTTP + requests, filter the responses and display them in real-time. + ''; + homepage = "https://github.com/RedTeamPentesting/monsoon"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mpw/default.nix b/nixpkgs/pkgs/tools/security/mpw/default.nix index 9d25daf29a69..3973ed51343f 100644 --- a/nixpkgs/pkgs/tools/security/mpw/default.nix +++ b/nixpkgs/pkgs/tools/security/mpw/default.nix @@ -1,4 +1,4 @@ -{ stdenv, cmake, fetchFromGitLab +{ lib, stdenv, cmake, fetchFromGitLab , json_c, libsodium, libxml2, ncurses }: let @@ -53,7 +53,7 @@ in stdenv.mkDerivation rec { runHook postCheck ''; - meta = with stdenv.lib; { + meta = with lib; { description = "A stateless password management solution"; homepage = "https://masterpasswordapp.com/"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/munge/default.nix b/nixpkgs/pkgs/tools/security/munge/default.nix index ee1858ad2845..0462db8859c9 100644 --- a/nixpkgs/pkgs/tools/security/munge/default.nix +++ b/nixpkgs/pkgs/tools/security/munge/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoreconfHook, gawk, gnused, libgcrypt, zlib, bzip2 }: +{ lib, stdenv, fetchFromGitHub, autoreconfHook, gawk, gnused, libgcrypt, zlib, bzip2 }: stdenv.mkDerivation rec { name = "munge-0.5.14"; @@ -22,7 +22,7 @@ stdenv.mkDerivation rec { "--localstatedir=/var" ]; - meta = with stdenv.lib; { + meta = with lib; { description = '' An authentication service for creating and validating credentials ''; diff --git a/nixpkgs/pkgs/tools/security/nasty/default.nix b/nixpkgs/pkgs/tools/security/nasty/default.nix index 7f423860100b..b3b19c9268bf 100644 --- a/nixpkgs/pkgs/tools/security/nasty/default.nix +++ b/nixpkgs/pkgs/tools/security/nasty/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, gpgme }: +{ lib, stdenv, fetchurl, gpgme }: stdenv.mkDerivation rec { pname = "nasty"; @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { cp nasty $out/bin ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Recover the passphrase of your PGP or GPG-key"; longDescription = '' Nasty is a program that helps you to recover the passphrase of your PGP or GPG-key diff --git a/nixpkgs/pkgs/tools/security/ncrack/default.nix b/nixpkgs/pkgs/tools/security/ncrack/default.nix index e377d9748645..e1504eb12b4c 100644 --- a/nixpkgs/pkgs/tools/security/ncrack/default.nix +++ b/nixpkgs/pkgs/tools/security/ncrack/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, openssl, zlib }: +{ lib, stdenv, fetchFromGitHub, openssl, zlib }: stdenv.mkDerivation rec { pname = "ncrack"; @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { buildInputs = [ openssl zlib ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Network authentication tool"; homepage = "https://nmap.org/ncrack/"; license = licenses.gpl2Only; diff --git a/nixpkgs/pkgs/tools/security/neopg/default.nix b/nixpkgs/pkgs/tools/security/neopg/default.nix index 8c0d31853ff9..e39be14475ef 100644 --- a/nixpkgs/pkgs/tools/security/neopg/default.nix +++ b/nixpkgs/pkgs/tools/security/neopg/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , fetchFromGitHub , cmake , sqlite @@ -6,7 +6,7 @@ , boost , curl , gettext -, pkgconfig +, pkg-config , libusb1 , gnutls }: @@ -22,7 +22,7 @@ stdenv.mkDerivation rec { fetchSubmodules = true; }; - nativeBuildInputs = [ cmake gettext pkgconfig ]; + nativeBuildInputs = [ cmake gettext pkg-config ]; buildInputs = [ sqlite botan2 boost curl libusb1 gnutls ]; @@ -34,7 +34,7 @@ stdenv.mkDerivation rec { export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$(pwd)/3rdparty/googletest/googletest:$(pwd)/neopg ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://neopg.io/"; description = "Modern replacement for GnuPG 2"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/nitrokey-app/default.nix b/nixpkgs/pkgs/tools/security/nitrokey-app/default.nix index a4936d763b6c..bc7731a0a7aa 100644 --- a/nixpkgs/pkgs/tools/security/nitrokey-app/default.nix +++ b/nixpkgs/pkgs/tools/security/nitrokey-app/default.nix @@ -1,23 +1,18 @@ -{ stdenv, bash-completion, cmake, fetchFromGitHub, hidapi, libusb1, pkgconfig +{ lib, stdenv, bash-completion, cmake, fetchFromGitHub, hidapi, libusb1, pkg-config , qtbase, qttranslations, qtsvg, wrapQtAppsHook }: stdenv.mkDerivation rec { pname = "nitrokey-app"; - version = "1.3.2"; + version = "1.4.2"; src = fetchFromGitHub { owner = "Nitrokey"; repo = "nitrokey-app"; rev = "v${version}"; - sha256 = "193kzlz3qn9il56h78faiqkgv749hdils1nn1iw6g3wphgx5fjs2"; + sha256 = "1k0w921hfrya4q2r7bqn7kgmwvwb7c15k9ymlbnksmfc9yyjyfcv"; fetchSubmodules = true; }; - postPatch = '' - substituteInPlace libnitrokey/CMakeLists.txt \ - --replace '/data/41-nitrokey.rules' '/libnitrokey/data/41-nitrokey.rules' - ''; - buildInputs = [ bash-completion hidapi @@ -28,12 +23,12 @@ stdenv.mkDerivation rec { ]; nativeBuildInputs = [ cmake - pkgconfig + pkg-config wrapQtAppsHook ]; cmakeFlags = [ "-DCMAKE_BUILD_TYPE=Release" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Provides extra functionality for the Nitrokey Pro and Storage"; longDescription = '' The nitrokey-app provides a QT system tray widget with wich you can diff --git a/nixpkgs/pkgs/tools/security/nitrokey-app/udev-rules.nix b/nixpkgs/pkgs/tools/security/nitrokey-app/udev-rules.nix index a89fa7238269..11dcd63d7761 100644 --- a/nixpkgs/pkgs/tools/security/nitrokey-app/udev-rules.nix +++ b/nixpkgs/pkgs/tools/security/nitrokey-app/udev-rules.nix @@ -1,18 +1,13 @@ -{ stdenv, nitrokey-app -, group ? "nitrokey" -}: +{ lib, stdenv, nitrokey-app }: + stdenv.mkDerivation { - name = "nitrokey-udev-rules-${stdenv.lib.getVersion nitrokey-app}"; + name = "nitrokey-udev-rules-${lib.getVersion nitrokey-app}"; inherit (nitrokey-app) src; dontBuild = true; - patchPhase = '' - substituteInPlace libnitrokey/data/41-nitrokey.rules --replace plugdev "${group}" - ''; - installPhase = '' mkdir -p $out/etc/udev/rules.d cp libnitrokey/data/41-nitrokey.rules $out/etc/udev/rules.d diff --git a/nixpkgs/pkgs/tools/security/nmap/default.nix b/nixpkgs/pkgs/tools/security/nmap/default.nix index bd543154494c..531eb6eae4a5 100644 --- a/nixpkgs/pkgs/tools/security/nmap/default.nix +++ b/nixpkgs/pkgs/tools/security/nmap/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, fetchpatch, libpcap, pkgconfig, openssl, lua5_3 +{ lib, stdenv, fetchurl, fetchpatch, libpcap, pkg-config, openssl, lua5_3 , pcre, liblinear, libssh2 , graphicalSupport ? false , libX11 ? null @@ -8,7 +8,7 @@ , withLua ? true }: -with stdenv.lib; +with lib; stdenv.mkDerivation rec { name = "nmap${optionalString graphicalSupport "-graphical"}-${version}"; @@ -52,7 +52,7 @@ stdenv.mkDerivation rec { pygtk pysqlite pygobject2 pycairo ]; - nativeBuildInputs = [ pkgconfig ] ++ optionals graphicalSupport [ python2.pkgs.wrapPython ]; + nativeBuildInputs = [ pkg-config ] ++ optionals graphicalSupport [ python2.pkgs.wrapPython ]; buildInputs = [ pcre liblinear libssh2 libpcap openssl ] ++ optionals graphicalSupport (with python2.pkgs; [ python2 libX11 gtk2 ]); diff --git a/nixpkgs/pkgs/tools/security/nmap/qt.nix b/nixpkgs/pkgs/tools/security/nmap/qt.nix index 216186daa5be..b4e406a0035b 100644 --- a/nixpkgs/pkgs/tools/security/nmap/qt.nix +++ b/nixpkgs/pkgs/tools/security/nmap/qt.nix @@ -1,7 +1,7 @@ -{ stdenv +{ lib, stdenv , fetchFromGitHub , cmake -, pkgconfig +, pkg-config , wrapQtAppsHook , dnsutils , nmap @@ -21,12 +21,10 @@ stdenv.mkDerivation rec { sha256 = "sha256-q3XfwJ4TGK4E58haN0Q0xRH4GDpKD8VZzyxHe/VwBqY="; }; - nativeBuildInputs = [ cmake pkgconfig wrapQtAppsHook ]; + nativeBuildInputs = [ cmake pkg-config wrapQtAppsHook ]; buildInputs = [ qtbase qtscript qtwebengine ]; - enableParallelBuilding = true; - postPatch = '' substituteInPlace src/platform/digmanager.cpp \ --replace '"dig"' '"${dnsutils}/bin/dig"' @@ -53,7 +51,7 @@ stdenv.mkDerivation rec { done ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Qt frontend for nmap"; license = licenses.gpl2; maintainers = with maintainers; [ peterhoeg ]; diff --git a/nixpkgs/pkgs/tools/security/notary/default.nix b/nixpkgs/pkgs/tools/security/notary/default.nix index 020f37c836ba..fa3db0c3623c 100644 --- a/nixpkgs/pkgs/tools/security/notary/default.nix +++ b/nixpkgs/pkgs/tools/security/notary/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, buildGoPackage, libtool }: +{ lib, stdenv, fetchFromGitHub, buildGoPackage, libtool }: buildGoPackage rec { pname = "notary"; @@ -35,7 +35,7 @@ buildGoPackage rec { make test PKGS=github.com/theupdateframework/notary/cmd/notary ''; - meta = with stdenv.lib; { + meta = with lib; { description = "A project that allows anyone to have trust over arbitrary collections of data"; longDescription = '' The Notary project comprises a server and a client for running and diff --git a/nixpkgs/pkgs/tools/security/nsjail/default.nix b/nixpkgs/pkgs/tools/security/nsjail/default.nix index 4522d0e897af..d48564ce95b0 100644 --- a/nixpkgs/pkgs/tools/security/nsjail/default.nix +++ b/nixpkgs/pkgs/tools/security/nsjail/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoconf, bison, flex, libtool, pkgconfig, which +{ lib, stdenv, fetchFromGitHub, autoconf, bison, flex, libtool, pkg-config, which , libnl, protobuf, protobufc, shadow }: @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { sha256 = "1w6x8xcrs0i1y3q41gyq8z3cq9x24qablklc4jiydf855lhqn4dh"; }; - nativeBuildInputs = [ autoconf bison flex libtool pkgconfig which ]; + nativeBuildInputs = [ autoconf bison flex libtool pkg-config which ]; buildInputs = [ libnl protobuf protobufc ]; enableParallelBuilding = true; @@ -28,7 +28,7 @@ stdenv.mkDerivation rec { install nsjail.1 $out/share/man/man1/ ''; - meta = with stdenv.lib; { + meta = with lib; { description = "A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters"; homepage = "http://nsjail.com/"; license = licenses.asl20; diff --git a/nixpkgs/pkgs/tools/security/nuclei/default.nix b/nixpkgs/pkgs/tools/security/nuclei/default.nix index 22013352a38d..7e9d3d52e56b 100644 --- a/nixpkgs/pkgs/tools/security/nuclei/default.nix +++ b/nixpkgs/pkgs/tools/security/nuclei/default.nix @@ -1,6 +1,6 @@ { buildGoModule , fetchFromGitHub -, stdenv +, lib, stdenv }: buildGoModule rec { @@ -20,7 +20,7 @@ buildGoModule rec { mv v2/* . ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Tool for configurable targeted scanning"; longDescription = '' Nuclei is used to send requests across targets based on a template diff --git a/nixpkgs/pkgs/tools/security/nwipe/default.nix b/nixpkgs/pkgs/tools/security/nwipe/default.nix index c72ada867614..d87be0c29749 100644 --- a/nixpkgs/pkgs/tools/security/nwipe/default.nix +++ b/nixpkgs/pkgs/tools/security/nwipe/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, ncurses, parted, automake, autoconf, pkgconfig }: +{ lib, stdenv, fetchFromGitHub, ncurses, parted, automake, autoconf, pkg-config }: stdenv.mkDerivation rec { version = "0.28"; @@ -9,10 +9,10 @@ stdenv.mkDerivation rec { rev = "v${version}"; sha256 = "1aw905lmn1vm6klqn3q7445dwmwbjhcmwnkygpq9rddacgig1gdx"; }; - nativeBuildInputs = [ automake autoconf pkgconfig ]; + nativeBuildInputs = [ automake autoconf pkg-config ]; buildInputs = [ ncurses parted ]; preConfigure = "sh init.sh || :"; - meta = with stdenv.lib; { + meta = with lib; { description = "Securely erase disks"; homepage = "https://github.com/martijnvanbrummelen/nwipe"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/oath-toolkit/default.nix b/nixpkgs/pkgs/tools/security/oath-toolkit/default.nix index 22327c6a38f0..ba49da102fb2 100644 --- a/nixpkgs/pkgs/tools/security/oath-toolkit/default.nix +++ b/nixpkgs/pkgs/tools/security/oath-toolkit/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitLab, fetchpatch, pam, xmlsec, autoreconfHook, pkgconfig, libxml2, gtk-doc, perl, gengetopt, bison, help2man }: +{ lib, stdenv, fetchFromGitLab, fetchpatch, pam, xmlsec, autoreconfHook, pkg-config, libxml2, gtk-doc, perl, gengetopt, bison, help2man }: let securityDependency = @@ -26,7 +26,7 @@ in stdenv.mkDerivation { buildInputs = [ securityDependency libxml2 perl gengetopt bison ]; - nativeBuildInputs = [ autoreconfHook gtk-doc help2man pkgconfig ]; + nativeBuildInputs = [ autoreconfHook gtk-doc help2man pkg-config ]; # man file generation fails when true enableParallelBuilding = false; @@ -40,7 +40,7 @@ in stdenv.mkDerivation { touch ChangeLog ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Components for building one-time password authentication systems"; homepage = "https://www.nongnu.org/oath-toolkit/"; platforms = with platforms; linux ++ darwin; diff --git a/nixpkgs/pkgs/tools/security/omapd/default.nix b/nixpkgs/pkgs/tools/security/omapd/default.nix index 8ed23864ced5..7ce377e601a3 100644 --- a/nixpkgs/pkgs/tools/security/omapd/default.nix +++ b/nixpkgs/pkgs/tools/security/omapd/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, qt4, gdb, zlib }: +{ lib, stdenv, fetchurl, qt4, gdb, zlib }: stdenv.mkDerivation rec { pname = "omapd"; @@ -26,7 +26,7 @@ stdenv.mkDerivation rec { ln -s $out/usr/lib/omapd/plugins $out/bin/plugins ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://code.google.com/archive/p/omapd/"; description = "IF-MAP Server that implements the IF-MAP v1.1 and v2.0 specifications published by the Trusted Computing Group (TCG)"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/onesixtyone/default.nix b/nixpkgs/pkgs/tools/security/onesixtyone/default.nix index 4eed52b07f0e..374d1322246b 100644 --- a/nixpkgs/pkgs/tools/security/onesixtyone/default.nix +++ b/nixpkgs/pkgs/tools/security/onesixtyone/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub }: +{ lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "onesixtyone"; @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { install -D onesixtyone $out/bin/onesixtyone ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Fast SNMP Scanner"; homepage = "https://github.com/trailofbits/onesixtyone"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/onioncircuits/default.nix b/nixpkgs/pkgs/tools/security/onioncircuits/default.nix index 92888a8de2a1..bdaf087004a1 100644 --- a/nixpkgs/pkgs/tools/security/onioncircuits/default.nix +++ b/nixpkgs/pkgs/tools/security/onioncircuits/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchgit, python3, intltool, gtk3, gobject-introspection, gnome3 }: +{ lib, stdenv, fetchgit, python3, intltool, gtk3, gobject-introspection, gnome3 }: python3.pkgs.buildPythonApplication rec { pname = "onioncircuits"; @@ -20,7 +20,7 @@ python3.pkgs.buildPythonApplication rec { --prefix XDG_DATA_DIRS : "$out/share:${gnome3.adwaita-icon-theme}/share" ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://tails.boum.org"; description = "GTK application to display Tor circuits and streams"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/open-ecard/default.nix b/nixpkgs/pkgs/tools/security/open-ecard/default.nix index bac036e67900..c46d5b65cd8e 100644 --- a/nixpkgs/pkgs/tools/security/open-ecard/default.nix +++ b/nixpkgs/pkgs/tools/security/open-ecard/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, jre, pcsclite, makeDesktopItem, makeWrapper }: +{ lib, stdenv, fetchurl, jre, pcsclite, makeDesktopItem, makeWrapper }: let version = "1.2.4"; @@ -50,10 +50,10 @@ in stdenv.mkDerivation rec { makeWrapper ${jre}/bin/java $out/bin/${appName} \ --add-flags "-cp $out/share/java/cifs-${version}.jar" \ --add-flags "-jar $out/share/java/richclient-${version}.jar" \ - --suffix LD_LIBRARY_PATH ':' ${stdenv.lib.getLib pcsclite}/lib + --suffix LD_LIBRARY_PATH ':' ${lib.getLib pcsclite}/lib ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Client side implementation of the eCard-API-Framework (BSI TR-03112) and related international standards, such as ISO/IEC 24727"; homepage = "https://www.openecard.org/"; diff --git a/nixpkgs/pkgs/tools/security/opencryptoki/default.nix b/nixpkgs/pkgs/tools/security/opencryptoki/default.nix index 1eb4aab66b47..0825708f71fd 100644 --- a/nixpkgs/pkgs/tools/security/opencryptoki/default.nix +++ b/nixpkgs/pkgs/tools/security/opencryptoki/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, openssl, trousers, autoreconfHook, libtool, bison, flex }: +{ lib, stdenv, fetchFromGitHub, openssl, trousers, autoreconfHook, libtool, bison, flex }: stdenv.mkDerivation rec { pname = "opencryptoki"; @@ -31,7 +31,7 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - meta = with stdenv.lib; { + meta = with lib; { description = "PKCS#11 implementation for Linux"; homepage = "https://github.com/opencryptoki/opencryptoki"; license = licenses.cpl10; diff --git a/nixpkgs/pkgs/tools/security/opensc/default.nix b/nixpkgs/pkgs/tools/security/opensc/default.nix index 735f7558e7a8..51e0c1f58f93 100644 --- a/nixpkgs/pkgs/tools/security/opensc/default.nix +++ b/nixpkgs/pkgs/tools/security/opensc/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, zlib, readline, openssl +{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, zlib, readline, openssl , libiconv, pcsclite, libassuan, libXt , docbook_xsl, libxslt, docbook_xml_dtd_412 , Carbon, PCSC, buildPackages @@ -16,12 +16,12 @@ stdenv.mkDerivation rec { sha256 = "sha256-OjOfA1pIu8NeN+hPuow5UVMKsg0PrsLojw5h05/Qm+o="; }; - nativeBuildInputs = [ pkgconfig autoreconfHook ]; + nativeBuildInputs = [ pkg-config autoreconfHook ]; buildInputs = [ zlib readline openssl libassuan libXt libxslt libiconv docbook_xml_dtd_412 ] - ++ stdenv.lib.optional stdenv.isDarwin Carbon + ++ lib.optional stdenv.isDarwin Carbon ++ (if withApplePCSC then [ PCSC ] else [ pcsclite ]); NIX_CFLAGS_COMPILE = "-Wno-error"; @@ -41,13 +41,13 @@ stdenv.mkDerivation rec { if withApplePCSC then "${PCSC}/Library/Frameworks/PCSC.framework/PCSC" else - "${stdenv.lib.getLib pcsclite}/lib/libpcsclite${stdenv.hostPlatform.extensions.sharedLibrary}" + "${lib.getLib pcsclite}/lib/libpcsclite${stdenv.hostPlatform.extensions.sharedLibrary}" }" - (stdenv.lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) + (lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) "XSLTPROC=${buildPackages.libxslt}/bin/xsltproc") ]; - PCSC_CFLAGS = stdenv.lib.optionalString withApplePCSC + PCSC_CFLAGS = lib.optionalString withApplePCSC "-I${PCSC}/Library/Frameworks/PCSC.framework/Headers"; installFlags = [ @@ -55,7 +55,7 @@ stdenv.mkDerivation rec { "completiondir=$(out)/etc" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Set of libraries and utilities to access smart cards"; homepage = "https://github.com/OpenSC/OpenSC/wiki"; license = licenses.lgpl21Plus; diff --git a/nixpkgs/pkgs/tools/security/ossec/default.nix b/nixpkgs/pkgs/tools/security/ossec/default.nix index 285e275a81f7..22374e1d302b 100644 --- a/nixpkgs/pkgs/tools/security/ossec/default.nix +++ b/nixpkgs/pkgs/tools/security/ossec/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, which }: +{ lib, stdenv, fetchurl, which }: stdenv.mkDerivation { name = "ossec-client-2.6"; @@ -33,8 +33,8 @@ yes meta = { description = "Open source host-based instrusion detection system"; homepage = "https://www.ossec.net"; - license = stdenv.lib.licenses.gpl2; - platforms = stdenv.lib.platforms.linux; + license = lib.licenses.gpl2; + platforms = lib.platforms.linux; }; } diff --git a/nixpkgs/pkgs/tools/security/p0f/default.nix b/nixpkgs/pkgs/tools/security/p0f/default.nix index 02d888b725ff..84221fbd566c 100644 --- a/nixpkgs/pkgs/tools/security/p0f/default.nix +++ b/nixpkgs/pkgs/tools/security/p0f/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, libpcap, bash }: +{ lib, stdenv, fetchurl, libpcap, bash }: stdenv.mkDerivation rec { pname = "p0f"; @@ -34,8 +34,8 @@ stdenv.mkDerivation rec { meta = { description = "Passive network reconnaissance and fingerprinting tool"; homepage = "https://lcamtuf.coredump.cx/p0f3/"; - license = stdenv.lib.licenses.lgpl21; - platforms = stdenv.lib.platforms.linux; - maintainers = [ stdenv.lib.maintainers.thoughtpolice ]; + license = lib.licenses.lgpl21; + platforms = lib.platforms.linux; + maintainers = [ lib.maintainers.thoughtpolice ]; }; } diff --git a/nixpkgs/pkgs/tools/security/pamtester/default.nix b/nixpkgs/pkgs/tools/security/pamtester/default.nix index a1055dadc6ca..1944e5187d21 100644 --- a/nixpkgs/pkgs/tools/security/pamtester/default.nix +++ b/nixpkgs/pkgs/tools/security/pamtester/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pam }: +{ lib, stdenv, fetchurl, pam }: stdenv.mkDerivation rec { name = "pamtester-0.1.2"; @@ -10,7 +10,7 @@ stdenv.mkDerivation rec { buildInputs = [ pam ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Utility program to test the PAM facility"; homepage = "http://pamtester.sourceforge.net/"; license = licenses.bsd3; diff --git a/nixpkgs/pkgs/tools/security/paperkey/default.nix b/nixpkgs/pkgs/tools/security/paperkey/default.nix index dc3582b7369f..766b570a074e 100644 --- a/nixpkgs/pkgs/tools/security/paperkey/default.nix +++ b/nixpkgs/pkgs/tools/security/paperkey/default.nix @@ -1,4 +1,4 @@ -{ fetchurl, stdenv }: +{ fetchurl, lib, stdenv }: stdenv.mkDerivation rec { pname = "paperkey"; @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - meta = with stdenv.lib; { + meta = with lib; { description = "Store OpenPGP or GnuPG on paper"; longDescription = '' A reasonable way to achieve a long term backup of OpenPGP (GnuPG, PGP, etc) diff --git a/nixpkgs/pkgs/tools/security/pass/default.nix b/nixpkgs/pkgs/tools/security/pass/default.nix index 354437a9bd56..a7872c50fb3b 100644 --- a/nixpkgs/pkgs/tools/security/pass/default.nix +++ b/nixpkgs/pkgs/tools/security/pass/default.nix @@ -26,7 +26,7 @@ let env = extensions: let selected = [ pass ] ++ extensions passExtensions - ++ stdenv.lib.optional tombPluginSupport passExtensions.tomb; + ++ lib.optional tombPluginSupport passExtensions.tomb; in buildEnv { name = "pass-extensions-env"; paths = selected; @@ -63,10 +63,10 @@ stdenv.mkDerivation rec { patches = [ ./set-correct-program-name-for-sleep.patch ./extension-dir.patch - ] ++ stdenv.lib.optional stdenv.isDarwin ./no-darwin-getopt.patch + ] ++ lib.optional stdenv.isDarwin ./no-darwin-getopt.patch # TODO (@Ma27) this patch adds support for wl-clipboard and can be removed during the next # version bump. - ++ stdenv.lib.optional waylandSupport ./clip-wayland-support.patch; + ++ lib.optional waylandSupport ./clip-wayland-support.patch; nativeBuildInputs = [ makeWrapper ]; @@ -82,7 +82,7 @@ stdenv.mkDerivation rec { cp "contrib/dmenu/passmenu" "$out/bin/" ''; - wrapperPath = with stdenv.lib; makeBinPath ([ + wrapperPath = with lib; makeBinPath ([ coreutils findutils getopt @@ -107,7 +107,7 @@ stdenv.mkDerivation rec { # Ensure all dependencies are in PATH wrapProgram $out/bin/pass \ --prefix PATH : "${wrapperPath}" - '' + stdenv.lib.optionalString dmenuSupport '' + '' + lib.optionalString dmenuSupport '' # We just wrap passmenu with the same PATH as pass. It doesn't # need all the tools in there but it doesn't hurt either. wrapProgram $out/bin/passmenu \ @@ -127,7 +127,7 @@ stdenv.mkDerivation rec { -e 's@^GPGS=.*''$@GPG=${gnupg}/bin/gpg2@' \ -e '/which gpg/ d' \ tests/setup.sh - '' + stdenv.lib.optionalString stdenv.isDarwin '' + '' + lib.optionalString stdenv.isDarwin '' # 'pass edit' uses hdid, which is not available from the sandbox. rm -f tests/t0200-edit-tests.sh rm -f tests/t0010-generate-tests.sh @@ -149,7 +149,7 @@ stdenv.mkDerivation rec { withExtensions = env; }; - meta = with stdenv.lib; { + meta = with lib; { description = "Stores, retrieves, generates, and synchronizes passwords securely"; homepage = "https://www.passwordstore.org/"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/audit/default.nix b/nixpkgs/pkgs/tools/security/pass/extensions/audit/default.nix index ec0f23ddc383..415a4b9e79d1 100644 --- a/nixpkgs/pkgs/tools/security/pass/extensions/audit/default.nix +++ b/nixpkgs/pkgs/tools/security/pass/extensions/audit/default.nix @@ -1,4 +1,4 @@ -{ stdenv, pass, fetchFromGitHub, pythonPackages, makeWrapper, gnupg }: +{ lib, stdenv, pass, fetchFromGitHub, pythonPackages, makeWrapper, gnupg }: let pythonEnv = pythonPackages.python.withPackages (p: [ p.requests p.setuptools p.zxcvbn ]); @@ -43,7 +43,7 @@ in stdenv.mkDerivation rec { --prefix PYTHONPATH : "$out/lib/${pythonEnv.libPrefix}/site-packages" ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Pass extension for auditing your password repository."; homepage = "https://github.com/roddhjav/pass-audit"; license = licenses.gpl3Plus; diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix b/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix index 83a1d7a8872d..bafaabba843b 100644 --- a/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix +++ b/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub +{ lib, stdenv, fetchFromGitHub , curl, findutils, gnugrep, gnused }: stdenv.mkDerivation rec { @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { install -D -m755 checkup.bash $out/lib/password-store/extensions/checkup.bash ''; - meta = with stdenv.lib; { + meta = with lib; { description = "A pass extension to check against the Have I been pwned API to see if your passwords are publicly leaked or not"; homepage = "https://github.com/etu/pass-checkup"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/genphrase.nix b/nixpkgs/pkgs/tools/security/pass/extensions/genphrase.nix index d45e35d9bbc0..dff64d7f1855 100644 --- a/nixpkgs/pkgs/tools/security/pass/extensions/genphrase.nix +++ b/nixpkgs/pkgs/tools/security/pass/extensions/genphrase.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub }: +{ lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "pass-genphrase"; @@ -22,7 +22,7 @@ stdenv.mkDerivation rec { --replace '$EXTENSIONS' "$out/lib/password-store/extensions/" ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Pass extension that generates memorable passwords"; homepage = "https://github.com/congma/pass-genphrase"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/import.nix b/nixpkgs/pkgs/tools/security/pass/extensions/import.nix index 885dd05110f3..0fd14901d0db 100644 --- a/nixpkgs/pkgs/tools/security/pass/extensions/import.nix +++ b/nixpkgs/pkgs/tools/security/pass/extensions/import.nix @@ -1,4 +1,4 @@ -{ stdenv, pass, fetchFromGitHub, pythonPackages, makeWrapper, fetchpatch }: +{ lib, stdenv, pass, fetchFromGitHub, pythonPackages, makeWrapper, fetchpatch }: let pythonEnv = pythonPackages.python.withPackages (p: [ @@ -39,7 +39,7 @@ in stdenv.mkDerivation rec { --prefix PYTHONPATH : "$out/${pythonPackages.python.sitePackages}" ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Pass extension for importing data from existing password managers"; homepage = "https://github.com/roddhjav/pass-import"; license = licenses.gpl3Plus; diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix b/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix index 835e693c2c5c..8d9b350543dc 100644 --- a/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix +++ b/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, oathToolkit }: +{ lib, stdenv, fetchFromGitHub, oathToolkit }: stdenv.mkDerivation rec { pname = "pass-otp"; @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { "BASHCOMPDIR=$(out)/share/bash-completion/completions" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "A pass extension for managing one-time-password (OTP) tokens"; homepage = "https://github.com/tadfisher/pass-otp"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/tomb.nix b/nixpkgs/pkgs/tools/security/pass/extensions/tomb.nix index 43c74a9029b3..74f8694f224c 100644 --- a/nixpkgs/pkgs/tools/security/pass/extensions/tomb.nix +++ b/nixpkgs/pkgs/tools/security/pass/extensions/tomb.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, tomb }: +{ lib, stdenv, fetchFromGitHub, tomb }: stdenv.mkDerivation rec { pname = "pass-tomb"; @@ -22,7 +22,7 @@ stdenv.mkDerivation rec { --replace 'TOMB="''${PASSWORD_STORE_TOMB:-tomb}"' 'TOMB="''${PASSWORD_STORE_TOMB:-${tomb}/bin/tomb}"' ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Pass extension that keeps the password store encrypted inside a tomb"; homepage = "https://github.com/roddhjav/pass-tomb"; license = licenses.gpl3Plus; diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/update.nix b/nixpkgs/pkgs/tools/security/pass/extensions/update.nix index c364c341bda5..50a4c49b90d1 100644 --- a/nixpkgs/pkgs/tools/security/pass/extensions/update.nix +++ b/nixpkgs/pkgs/tools/security/pass/extensions/update.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub }: +{ lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "pass-update"; @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { installFlags = [ "PREFIX=$(out)" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Pass extension that provides an easy flow for updating passwords"; homepage = "https://github.com/roddhjav/pass-update"; license = licenses.gpl3Plus; diff --git a/nixpkgs/pkgs/tools/security/pass/rofi-pass.nix b/nixpkgs/pkgs/tools/security/pass/rofi-pass.nix index d46aac93e86b..b6547deb560a 100644 --- a/nixpkgs/pkgs/tools/security/pass/rofi-pass.nix +++ b/nixpkgs/pkgs/tools/security/pass/rofi-pass.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, pass, rofi, coreutils, util-linux, xdotool, gnugrep +{ lib, stdenv, fetchFromGitHub, pass, rofi, coreutils, util-linux, xdotool, gnugrep , libnotify, pwgen, findutils, gawk, gnused, xclip, makeWrapper }: @@ -25,7 +25,7 @@ stdenv.mkDerivation rec { cp -a config.example $out/share/doc/rofi-pass/config.example ''; - wrapperPath = with stdenv.lib; makeBinPath [ + wrapperPath = with lib; makeBinPath [ coreutils findutils gawk @@ -50,7 +50,7 @@ stdenv.mkDerivation rec { meta = { description = "A script to make rofi work with password-store"; homepage = "https://github.com/carnager/rofi-pass"; - license = stdenv.lib.licenses.gpl3; - platforms = with stdenv.lib.platforms; linux; + license = lib.licenses.gpl3; + platforms = with lib.platforms; linux; }; } diff --git a/nixpkgs/pkgs/tools/security/passff-host/default.nix b/nixpkgs/pkgs/tools/security/passff-host/default.nix index 0bdb04b76129..fb348800f5a1 100644 --- a/nixpkgs/pkgs/tools/security/passff-host/default.nix +++ b/nixpkgs/pkgs/tools/security/passff-host/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, python3, pass }: +{ lib, stdenv, fetchFromGitHub, python3, pass }: stdenv.mkDerivation rec { pname = "passff-host"; @@ -38,7 +38,7 @@ stdenv.mkDerivation rec { done ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Host app for the WebExtension PassFF"; homepage = "https://github.com/passff/passff-host"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/pbis/default.nix b/nixpkgs/pkgs/tools/security/pbis/default.nix index 176ef7f7616b..7561b1fae98f 100644 --- a/nixpkgs/pkgs/tools/security/pbis/default.nix +++ b/nixpkgs/pkgs/tools/security/pbis/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoconf, automake, libtool, perl, flex, bison, curl, +{ lib, stdenv, fetchFromGitHub, autoconf, automake, libtool, perl, flex, bison, curl, pam, popt, libiconv, libuuid, openssl_1_0_2, cyrus_sasl, sqlite, tdb, libxml2 }: stdenv.mkDerivation rec { @@ -33,9 +33,9 @@ stdenv.mkDerivation rec { if [ $CC = gcc ]; then NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -Wno-error=format-overflow -Wno-error=address-of-packed-member" fi - NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -isystem ${stdenv.lib.getDev libxml2}/include/libxml2 -Wno-error=array-bounds -Wno-error=pointer-sign -Wno-error=deprecated-declarations -Wno-error=unused-variable" + NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -isystem ${lib.getDev libxml2}/include/libxml2 -Wno-error=array-bounds -Wno-error=pointer-sign -Wno-error=deprecated-declarations -Wno-error=unused-variable" ''; - configureScript = ''../configure''; + configureScript = "../configure"; configureFlags = [ "CFLAGS=-O" "--docdir=${placeholder "prefix"}/share/doc" @@ -61,7 +61,7 @@ stdenv.mkDerivation rec { ''; outputs = [ "out" "sys" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "BeyondTrust AD Bridge Open simplifies the process of joining non-Microsoft hosts to Active Directory domains"; homepage = "https://github.com/BeyondTrust/pbis-open"; license = with licenses; [ gpl2 lgpl21 ]; diff --git a/nixpkgs/pkgs/tools/security/pcsc-cyberjack/default.nix b/nixpkgs/pkgs/tools/security/pcsc-cyberjack/default.nix index 7ae062547aa2..40736cdc86ba 100644 --- a/nixpkgs/pkgs/tools/security/pcsc-cyberjack/default.nix +++ b/nixpkgs/pkgs/tools/security/pcsc-cyberjack/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, autoreconfHook, pkgconfig, libusb1, pcsclite }: +{ lib, stdenv, fetchurl, autoreconfHook, pkg-config, libusb1, pcsclite }: let version = "3.99.5"; @@ -17,12 +17,14 @@ in stdenv.mkDerivation rec { outputs = [ "out" "tools" ]; - nativeBuildInputs = [ autoreconfHook pkgconfig ]; + nativeBuildInputs = [ autoreconfHook pkg-config ]; buildInputs = [ libusb1 pcsclite ]; enableParallelBuilding = true; + NIX_CFLAGS_COMPILE = "-Wno-error=narrowing"; + configureFlags = [ "--with-usbdropdir=${placeholder "out"}/pcsc/drivers" "--bindir=${placeholder "tools"}/bin" @@ -30,7 +32,7 @@ in stdenv.mkDerivation rec { postInstall = "make -C tools/cjflash install"; - meta = with stdenv.lib; { + meta = with lib; { description = "REINER SCT cyberJack USB chipcard reader user space driver"; homepage = "https://www.reiner-sct.com/"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/pcsc-scm-scl011/default.nix b/nixpkgs/pkgs/tools/security/pcsc-scm-scl011/default.nix index 02e38bbe249a..b7c4319fa058 100644 --- a/nixpkgs/pkgs/tools/security/pcsc-scm-scl011/default.nix +++ b/nixpkgs/pkgs/tools/security/pcsc-scm-scl011/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, unzip, libusb-compat-0_1 }: +{ lib, stdenv, fetchurl, unzip, libusb-compat-0_1 }: let arch = if stdenv.hostPlatform.system == "i686-linux" then "32" @@ -30,14 +30,14 @@ stdenv.mkDerivation rec { cp -r proprietary/*.bundle $out/pcsc/drivers ''; - libPath = stdenv.lib.makeLibraryPath [ libusb-compat-0_1 ]; + libPath = lib.makeLibraryPath [ libusb-compat-0_1 ]; fixupPhase = '' patchelf --set-rpath $libPath \ $out/pcsc/drivers/SCLGENERIC.bundle/Contents/Linux/libSCLGENERIC.so.${version}; ''; - meta = with stdenv.lib; { + meta = with lib; { description = "SCM Microsystems SCL011 chipcard reader user space driver"; homepage = "https://www.scm-pc-card.de/index.php?lang=en&page=product&function=show_product&product_id=630"; downloadPage = "https://support.identiv.com/scl010-scl011/"; diff --git a/nixpkgs/pkgs/tools/security/pcsclite/default.nix b/nixpkgs/pkgs/tools/security/pcsclite/default.nix index 98a3e8797fbf..1d874a16da64 100644 --- a/nixpkgs/pkgs/tools/security/pcsclite/default.nix +++ b/nixpkgs/pkgs/tools/security/pcsclite/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, udev, dbus, perl, python3 +{ lib, stdenv, fetchurl, pkg-config, udev, dbus, perl, python3 , IOKit ? null }: stdenv.mkDerivation rec { @@ -18,9 +18,9 @@ stdenv.mkDerivation rec { # The OS should care on preparing the drivers into this location "--enable-usbdropdir=/var/lib/pcsc/drivers" "--enable-confdir=/etc" - ] ++ stdenv.lib.optional stdenv.isLinux + ] ++ lib.optional stdenv.isLinux "--with-systemdsystemunitdir=\${out}/etc/systemd/system" - ++ stdenv.lib.optional (!stdenv.isLinux) + ++ lib.optional (!stdenv.isLinux) "--disable-libsystemd"; postConfigure = '' @@ -34,11 +34,11 @@ stdenv.mkDerivation rec { moveToOutput bin/pcsc-spy "$dev" ''; - nativeBuildInputs = [ pkgconfig perl ]; - buildInputs = [ python3 ] ++ stdenv.lib.optionals stdenv.isLinux [ udev dbus ] - ++ stdenv.lib.optionals stdenv.isDarwin [ IOKit ]; + nativeBuildInputs = [ pkg-config perl ]; + buildInputs = [ python3 ] ++ lib.optionals stdenv.isLinux [ udev dbus ] + ++ lib.optionals stdenv.isDarwin [ IOKit ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Middleware to access a smart card using SCard API (PC/SC)"; homepage = "https://pcsclite.apdu.fr/"; license = licenses.bsd3; diff --git a/nixpkgs/pkgs/tools/security/pcsctools/default.nix b/nixpkgs/pkgs/tools/security/pcsctools/default.nix index b2ef4e7e0302..613388fc6a30 100644 --- a/nixpkgs/pkgs/tools/security/pcsctools/default.nix +++ b/nixpkgs/pkgs/tools/security/pcsctools/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchurl, makeWrapper, pkgconfig, udev, dbus, pcsclite +{ stdenv, lib, fetchurl, makeWrapper, pkg-config, udev, dbus, pcsclite , wget, coreutils, perlPackages }: @@ -14,7 +14,7 @@ in stdenv.mkDerivation rec { buildInputs = [ udev dbus perlPackages.perl pcsclite ]; - nativeBuildInputs = [ makeWrapper pkgconfig ]; + nativeBuildInputs = [ makeWrapper pkg-config ]; postInstall = '' wrapProgram $out/bin/scriptor \ diff --git a/nixpkgs/pkgs/tools/security/pgpdump/default.nix b/nixpkgs/pkgs/tools/security/pgpdump/default.nix index cd421224fa63..c0f496438a4e 100644 --- a/nixpkgs/pkgs/tools/security/pgpdump/default.nix +++ b/nixpkgs/pkgs/tools/security/pgpdump/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub +{ lib, stdenv, fetchFromGitHub , supportCompressedPackets ? true, zlib, bzip2 }: @@ -13,9 +13,9 @@ stdenv.mkDerivation rec { sha256 = "0pi9qdbmcmi58gmljin51ylbi3zkknl8fm26jm67cpl55hvfsn23"; }; - buildInputs = stdenv.lib.optionals supportCompressedPackets [ zlib bzip2 ]; + buildInputs = lib.optionals supportCompressedPackets [ zlib bzip2 ]; - meta = with stdenv.lib; { + meta = with lib; { description = "A PGP packet visualizer"; longDescription = '' pgpdump is a PGP packet visualizer which displays the packet format of diff --git a/nixpkgs/pkgs/tools/security/phrasendrescher/default.nix b/nixpkgs/pkgs/tools/security/phrasendrescher/default.nix index f62288c062b8..7e8c87f6e82c 100644 --- a/nixpkgs/pkgs/tools/security/phrasendrescher/default.nix +++ b/nixpkgs/pkgs/tools/security/phrasendrescher/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, openssl, libssh2, gpgme }: +{ lib, stdenv, fetchurl, openssl, libssh2, gpgme }: stdenv.mkDerivation rec { pname = "phrasendrescher"; @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--with-plugins" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "A modular and multi processing pass phrase cracking tool"; homepage = "https://leidecker.info/projects/phrasendrescher/index.shtml"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/pinentry/default.nix b/nixpkgs/pkgs/tools/security/pinentry/default.nix index a72e8f9f5b2a..909bbbaed162 100644 --- a/nixpkgs/pkgs/tools/security/pinentry/default.nix +++ b/nixpkgs/pkgs/tools/security/pinentry/default.nix @@ -1,11 +1,11 @@ -{ fetchurl, mkDerivation, fetchpatch, stdenv, lib, pkgconfig, autoreconfHook, wrapGAppsHook +{ fetchurl, mkDerivation, fetchpatch, stdenv, lib, pkg-config, autoreconfHook, wrapGAppsHook , libgpgerror, libassuan, qtbase, wrapQtAppsHook , ncurses, gtk2, gcr , libcap ? null, libsecret ? null , enabledFlavors ? [ "curses" "tty" "gtk2" "qt" "emacs" ] ++ lib.optionals stdenv.isLinux [ "gnome3" ] }: -with stdenv.lib; +with lib; assert isList enabledFlavors && enabledFlavors != []; @@ -48,7 +48,7 @@ pinentryMkDerivation rec { sha256 = "0w35ypl960pczg5kp6km3dyr000m1hf0vpwwlh72jjkjza36c1v8"; }; - nativeBuildInputs = [ pkgconfig autoreconfHook ] + nativeBuildInputs = [ pkg-config autoreconfHook ] ++ concatMap(f: flavorInfo.${f}.nativeBuildInputs or []) enabledFlavors; buildInputs = [ libgpgerror libassuan libcap libsecret ] ++ concatMap(f: flavorInfo.${f}.buildInputs or []) enabledFlavors; @@ -89,7 +89,7 @@ pinentryMkDerivation rec { passthru = { flavors = enabledFlavors; }; - meta = with stdenv.lib; { + meta = with lib; { homepage = "http://gnupg.org/aegypten2/"; description = "GnuPG’s interface to passphrase input"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/pinentry/mac.nix b/nixpkgs/pkgs/tools/security/pinentry/mac.nix index 1c3b87cd9f02..f208576561e4 100644 --- a/nixpkgs/pkgs/tools/security/pinentry/mac.nix +++ b/nixpkgs/pkgs/tools/security/pinentry/mac.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, xcbuildHook, libiconv, ncurses, Cocoa }: +{ lib, stdenv, fetchFromGitHub, xcbuildHook, libiconv, ncurses, Cocoa }: stdenv.mkDerivation { name = "pinentry-mac-0.9.4"; @@ -24,8 +24,8 @@ stdenv.mkDerivation { meta = { description = "Pinentry for GPG on Mac"; - license = stdenv.lib.licenses.gpl2Plus; + license = lib.licenses.gpl2Plus; homepage = "https://github.com/GPGTools/pinentry-mac"; - platforms = stdenv.lib.platforms.darwin; + platforms = lib.platforms.darwin; }; } diff --git a/nixpkgs/pkgs/tools/security/pius/default.nix b/nixpkgs/pkgs/tools/security/pius/default.nix index f1b4d80a3554..7d038a1aeabb 100644 --- a/nixpkgs/pkgs/tools/security/pius/default.nix +++ b/nixpkgs/pkgs/tools/security/pius/default.nix @@ -1,4 +1,4 @@ -{ fetchFromGitHub, stdenv, python3Packages, gnupg, perl }: +{ fetchFromGitHub, lib, stdenv, python3Packages, gnupg, perl }: let version = "3.0.0"; in python3Packages.buildPythonApplication { @@ -33,9 +33,9 @@ python3Packages.buildPythonApplication { to the process. ''; - license = stdenv.lib.licenses.gpl2; + license = lib.licenses.gpl2; - platforms = stdenv.lib.platforms.gnu ++ stdenv.lib.platforms.linux; - maintainers = with stdenv.lib.maintainers; [ kierdavis ]; + platforms = lib.platforms.gnu ++ lib.platforms.linux; + maintainers = with lib.maintainers; [ kierdavis ]; }; } diff --git a/nixpkgs/pkgs/tools/security/polkit-gnome/default.nix b/nixpkgs/pkgs/tools/security/polkit-gnome/default.nix index 559911699680..c4c9e9929d53 100644 --- a/nixpkgs/pkgs/tools/security/polkit-gnome/default.nix +++ b/nixpkgs/pkgs/tools/security/polkit-gnome/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, polkit, gtk3, pkgconfig, intltool }: +{ lib, stdenv, fetchurl, polkit, gtk3, pkg-config, intltool }: stdenv.mkDerivation rec { pname = "polkit-gnome"; version = "0.105"; @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { }; buildInputs = [ polkit gtk3 ]; - nativeBuildInputs = [ pkgconfig intltool ]; + nativeBuildInputs = [ pkg-config intltool ]; configureFlags = [ "--disable-introspection" ]; @@ -22,8 +22,8 @@ stdenv.mkDerivation rec { meta = { homepage = "https://gitlab.gnome.org/Archive/policykit-gnome"; description = "A dbus session bus service that is used to bring up authentication dialogs"; - license = stdenv.lib.licenses.lgpl2Plus; - maintainers = with stdenv.lib.maintainers; [ phreedom ]; - platforms = stdenv.lib.platforms.linux; + license = lib.licenses.lgpl2Plus; + maintainers = with lib.maintainers; [ phreedom ]; + platforms = lib.platforms.linux; }; } diff --git a/nixpkgs/pkgs/tools/security/proxmark3/default.nix b/nixpkgs/pkgs/tools/security/proxmark3/default.nix index 304ba041b46d..3b1f21ac7187 100644 --- a/nixpkgs/pkgs/tools/security/proxmark3/default.nix +++ b/nixpkgs/pkgs/tools/security/proxmark3/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, pkgconfig, ncurses, readline, pcsclite, qt5 +{ lib, stdenv, fetchFromGitHub, pkg-config, ncurses, readline, pcsclite, qt5 , gcc-arm-embedded }: let @@ -12,7 +12,7 @@ let inherit rev sha256; }; - nativeBuildInputs = [ pkgconfig gcc-arm-embedded ]; + nativeBuildInputs = [ pkg-config gcc-arm-embedded ]; buildInputs = [ ncurses readline pcsclite qt5.qtbase ]; postPatch = '' @@ -33,7 +33,7 @@ let install -Dt $out/firmware bootrom/obj/bootrom.elf armsrc/obj/fullimage.elf ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Client for proxmark3, powerful general purpose RFID tool"; homepage = "http://www.proxmark.org"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/proxmark3/proxmark3-rrg.nix b/nixpkgs/pkgs/tools/security/proxmark3/proxmark3-rrg.nix new file mode 100644 index 000000000000..bf1bcd67d11d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/proxmark3/proxmark3-rrg.nix @@ -0,0 +1,38 @@ +{ stdenv, mkDerivation, fetchFromGitHub, pkg-config, gcc-arm-embedded, bluez5 +, readline + +, hardwarePlatform ? "PM3RDV4" + +, hardwarePlatformExtras ? "" }: + +mkDerivation rec { + pname = "proxmark3-rrg"; + version = "4.9237"; + + src = fetchFromGitHub { + owner = "RfidResearchGroup"; + repo = "proxmark3"; + rev = "v${version}"; + sha256 = "13xrhvrsm73rfgqpgca6a37c3jixdkxvfggmacnnx5fdfb393bfx"; + }; + + nativeBuildInputs = [ pkg-config gcc-arm-embedded ]; + buildInputs = [ bluez5 readline ]; + + makeFlags = [ + "PLATFORM=${hardwarePlatform}" + "PLATFORM_EXTRAS=${hardwarePlatformExtras}" + ]; + + installPhase = '' + install -Dt $out/bin client/proxmark3 + install -Dt $out/firmware bootrom/obj/bootrom.elf armsrc/obj/fullimage.elf + ''; + + meta = with stdenv.lib; { + description = "Client for proxmark3, powerful general purpose RFID tool"; + homepage = "https://rfidresearchgroup.com/"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ nyanotech ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pwdsafety/default.nix b/nixpkgs/pkgs/tools/security/pwdsafety/default.nix new file mode 100644 index 000000000000..2a6ed328e49e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pwdsafety/default.nix @@ -0,0 +1,25 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "pwdsafety"; + version = "0.1.4"; + + src = fetchFromGitHub { + owner = "edoardottt"; + repo = pname; + rev = "v${version}"; + sha256 = "1qnkabgc2924qg9x1ij51jq7lnxzcj1ygdp3x4mzi9gl532i191w"; + }; + + vendorSha256 = "0avm4zwwqv476yrraaf5xkc1lac0mwnmzav5wckifws6r4x3xrsb"; + + meta = with lib; { + description = "Command line tool checking password safety"; + homepage = "https://github.com/edoardottt/pwdsafety"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pwgen/default.nix b/nixpkgs/pkgs/tools/security/pwgen/default.nix index a63e40b744e8..c84b9472e96f 100644 --- a/nixpkgs/pkgs/tools/security/pwgen/default.nix +++ b/nixpkgs/pkgs/tools/security/pwgen/default.nix @@ -1,4 +1,4 @@ -{stdenv, fetchurl, autoreconfHook}: +{lib, stdenv, fetchurl, autoreconfHook}: stdenv.mkDerivation { name = "pwgen-2.08"; @@ -11,6 +11,6 @@ stdenv.mkDerivation { meta = { description = "Password generator which creates passwords which can be easily memorized by a human"; - platforms = stdenv.lib.platforms.all; + platforms = lib.platforms.all; }; } diff --git a/nixpkgs/pkgs/tools/security/pyrit/default.nix b/nixpkgs/pkgs/tools/security/pyrit/default.nix index 93ae86416e13..ead55036425f 100644 --- a/nixpkgs/pkgs/tools/security/pyrit/default.nix +++ b/nixpkgs/pkgs/tools/security/pyrit/default.nix @@ -32,7 +32,7 @@ python2Packages.buildPythonApplication rec { buildInputs = [ openssl zlib libpcap ]; propagatedBuildInputs = [ cpyrit_opencl ]; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/JPaulMora/Pyrit"; description = "GPGPU-driven WPA/WPA2-PSK key cracker"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/qdigidoc/default.nix b/nixpkgs/pkgs/tools/security/qdigidoc/default.nix index fcbc166689e3..2b769ee0a15c 100644 --- a/nixpkgs/pkgs/tools/security/qdigidoc/default.nix +++ b/nixpkgs/pkgs/tools/security/qdigidoc/default.nix @@ -1,4 +1,4 @@ -{ stdenv, mkDerivation, fetchgit, fetchurl, cmake, darkhttpd, gettext, makeWrapper, pkgconfig +{ lib, stdenv, mkDerivation, fetchgit, fetchurl, cmake, darkhttpd, gettext, makeWrapper, pkg-config , libdigidocpp, opensc, openldap, openssl, pcsclite, qtbase, qttranslations, qtsvg }: mkDerivation rec { @@ -17,7 +17,7 @@ mkDerivation rec { sha256 = "0llr2fj8vd097hcr1d0xmzdy4jydv0b5j5qlksbjffs22rqgal14"; }; - nativeBuildInputs = [ cmake darkhttpd gettext makeWrapper pkgconfig ]; + nativeBuildInputs = [ cmake darkhttpd gettext makeWrapper pkg-config ]; postPatch = '' substituteInPlace client/CMakeLists.txt \ @@ -40,7 +40,7 @@ mkDerivation rec { --prefix LD_LIBRARY_PATH : ${opensc}/lib/pkcs11/ ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Qt-based UI for signing and verifying DigiDoc documents"; homepage = "https://www.id.ee/"; license = licenses.lgpl21Plus; diff --git a/nixpkgs/pkgs/tools/security/radamsa/default.nix b/nixpkgs/pkgs/tools/security/radamsa/default.nix index b1d6400f2d0d..2ddbc4034926 100644 --- a/nixpkgs/pkgs/tools/security/radamsa/default.nix +++ b/nixpkgs/pkgs/tools/security/radamsa/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, fetchFromGitLab, bash }: +{ lib, stdenv, fetchurl, fetchFromGitLab, bash }: let # Fetch explicitly, otherwise build will try to do so @@ -32,12 +32,12 @@ stdenv.mkDerivation rec { checkInputs = [ bash ]; doCheck = true; - + meta = { description = "A general purpose fuzzer"; longDescription = "Radamsa is a general purpose data fuzzer. It reads data from given sample files, or standard input if none are given, and outputs modified data. It is usually used to generate malformed data for testing programs."; homepage = "https://gitlab.com/akihe/radamsa"; - maintainers = [ stdenv.lib.maintainers.markWot ]; - platforms = stdenv.lib.platforms.all; + maintainers = [ lib.maintainers.markWot ]; + platforms = lib.platforms.all; }; } diff --git a/nixpkgs/pkgs/tools/security/rage/default.nix b/nixpkgs/pkgs/tools/security/rage/default.nix index 69ea8c0f9c2c..d70e58d72939 100644 --- a/nixpkgs/pkgs/tools/security/rage/default.nix +++ b/nixpkgs/pkgs/tools/security/rage/default.nix @@ -1,4 +1,4 @@ -{ stdenv, rustPlatform, fetchFromGitHub, installShellFiles +{ lib, stdenv, rustPlatform, fetchFromGitHub, installShellFiles , Foundation, Security }: rustPlatform.buildRustPackage rec { @@ -16,7 +16,7 @@ rustPlatform.buildRustPackage rec { nativeBuildInputs = [ installShellFiles ]; - buildInputs = stdenv.lib.optionals stdenv.isDarwin [ + buildInputs = lib.optionals stdenv.isDarwin [ Foundation Security ]; @@ -31,7 +31,7 @@ rustPlatform.buildRustPackage rec { installShellCompletion target/completions/*.{bash,fish,zsh} ''; - meta = with stdenv.lib; { + meta = with lib; { description = "A simple, secure and modern encryption tool with small explicit keys, no config options, and UNIX-style composability"; homepage = "https://github.com/str4d/rage"; changelog = "https://github.com/str4d/rage/releases/tag/v${version}"; diff --git a/nixpkgs/pkgs/tools/security/rarcrack/default.nix b/nixpkgs/pkgs/tools/security/rarcrack/default.nix index 9749d8251688..94800ca8c04f 100644 --- a/nixpkgs/pkgs/tools/security/rarcrack/default.nix +++ b/nixpkgs/pkgs/tools/security/rarcrack/default.nix @@ -1,4 +1,4 @@ -{stdenv, fetchFromGitHub, libxml2, file, p7zip, unrar, unzip}: +{lib, stdenv, fetchFromGitHub, libxml2, file, p7zip, unrar, unzip}: stdenv.mkDerivation { pname = "rarcrack"; @@ -12,7 +12,7 @@ stdenv.mkDerivation { }; buildInputs = [ libxml2 file p7zip unrar unzip ]; - buildFlags = stdenv.lib.optional stdenv.cc.isClang "CC=clang"; + buildFlags = lib.optional stdenv.cc.isClang "CC=clang"; installFlags = [ "PREFIX=\${out}" ]; patchPhase = '' @@ -23,7 +23,7 @@ stdenv.mkDerivation { mkdir -p $out/bin ''; - meta = with stdenv.lib; { + meta = with lib; { description = "This program can crack zip,7z and rar file passwords"; longDescription = '' If you forget your password for compressed archive (rar, 7z, zip), this program is the solution. diff --git a/nixpkgs/pkgs/tools/security/rbw/default.nix b/nixpkgs/pkgs/tools/security/rbw/default.nix index bd5e88663744..6ea2f45b8062 100644 --- a/nixpkgs/pkgs/tools/security/rbw/default.nix +++ b/nixpkgs/pkgs/tools/security/rbw/default.nix @@ -4,7 +4,7 @@ , fetchCrate , pinentry , openssl -, pkgconfig +, pkg-config , makeWrapper , Security @@ -31,7 +31,7 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "19gznam64s17kha3accgjks5rmd9kpqqgxg3dfrk7fg5v4431007"; nativeBuildInputs = [ - pkgconfig + pkg-config makeWrapper ]; diff --git a/nixpkgs/pkgs/tools/security/rhash/default.nix b/nixpkgs/pkgs/tools/security/rhash/default.nix index 394dd89484fe..f4cc65f5d8e7 100644 --- a/nixpkgs/pkgs/tools/security/rhash/default.nix +++ b/nixpkgs/pkgs/tools/security/rhash/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, which }: +{ lib, stdenv, fetchFromGitHub, which }: stdenv.mkDerivation rec { version = "1.4.0"; @@ -22,7 +22,7 @@ stdenv.mkDerivation rec { installTargets = [ "install" "install-lib-shared" "install-lib-so-link" "install-lib-headers" ]; - meta = with stdenv.lib; { + meta = with lib; { homepage = "http://rhash.sourceforge.net/"; description = "Console utility and library for computing and verifying hash sums of files"; license = licenses.bsd0; diff --git a/nixpkgs/pkgs/tools/security/ripasso/cursive.nix b/nixpkgs/pkgs/tools/security/ripasso/cursive.nix index 29229bff0028..4cdc3f6d89e2 100644 --- a/nixpkgs/pkgs/tools/security/ripasso/cursive.nix +++ b/nixpkgs/pkgs/tools/security/ripasso/cursive.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, rustPlatform, fetchFromGitHub, pkgconfig, ncurses, python3, openssl, libgpgerror, gpgme, xorg, AppKit, Security }: +{ stdenv, lib, rustPlatform, fetchFromGitHub, pkg-config, ncurses, python3, openssl, libgpgerror, gpgme, xorg, AppKit, Security }: with rustPlatform; buildRustPackage rec { @@ -18,10 +18,10 @@ buildRustPackage rec { cargoBuildFlags = [ "-p ripasso-cursive -p ripasso-man" ]; - nativeBuildInputs = [ pkgconfig gpgme python3 ]; + nativeBuildInputs = [ pkg-config gpgme python3 ]; buildInputs = [ ncurses openssl libgpgerror gpgme xorg.libxcb - ] ++ stdenv.lib.optionals stdenv.isDarwin [ AppKit Security ]; + ] ++ lib.optionals stdenv.isDarwin [ AppKit Security ]; preFixup = '' mkdir -p "$out/man/man1" @@ -29,7 +29,7 @@ buildRustPackage rec { rm $out/bin/ripasso-man ''; - meta = with stdenv.lib; { + meta = with lib; { description = "A simple password manager written in Rust"; homepage = "https://github.com/cortex/ripasso"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/rng-tools/default.nix b/nixpkgs/pkgs/tools/security/rng-tools/default.nix index 16952e6dabb4..617224a6af36 100644 --- a/nixpkgs/pkgs/tools/security/rng-tools/default.nix +++ b/nixpkgs/pkgs/tools/security/rng-tools/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, libtool, autoreconfHook, pkgconfig +{ lib, stdenv, fetchFromGitHub, libtool, autoreconfHook, pkg-config , sysfsutils , argp-standalone # WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS @@ -10,7 +10,7 @@ , libp11 ? null, opensc ? null, withPkcs11 ? true }: -with stdenv.lib; +with lib; stdenv.mkDerivation rec { pname = "rng-tools"; @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { ''} ''; - nativeBuildInputs = [ autoreconfHook libtool pkgconfig ]; + nativeBuildInputs = [ autoreconfHook libtool pkg-config ]; configureFlags = [ (withFeature withGcrypt "libgcrypt") diff --git a/nixpkgs/pkgs/tools/security/rustscan/default.nix b/nixpkgs/pkgs/tools/security/rustscan/default.nix index 43b6a3a0afd7..80cc8c8cc1fb 100644 --- a/nixpkgs/pkgs/tools/security/rustscan/default.nix +++ b/nixpkgs/pkgs/tools/security/rustscan/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, rustPlatform, nmap, Security }: +{ lib, stdenv, fetchFromGitHub, rustPlatform, nmap, Security }: rustPlatform.buildRustPackage rec { pname = "rustscan"; @@ -18,7 +18,7 @@ rustPlatform.buildRustPackage rec { --replace 'Command::new("nmap")' 'Command::new("${nmap}/bin/nmap")' ''; - buildInputs = stdenv.lib.optional stdenv.isDarwin Security; + buildInputs = lib.optional stdenv.isDarwin Security; checkFlags = [ "--skip=infer_ulimit_lowering_no_panic" @@ -29,7 +29,7 @@ rustPlatform.buildRustPackage rec { "--skip=run_python_script" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Faster Nmap Scanning with Rust"; homepage = "https://github.com/RustScan/RustScan"; license = licenses.gpl3Only; diff --git a/nixpkgs/pkgs/tools/security/safe/default.nix b/nixpkgs/pkgs/tools/security/safe/default.nix index 43d791e19dbe..2f0f4501fd2f 100644 --- a/nixpkgs/pkgs/tools/security/safe/default.nix +++ b/nixpkgs/pkgs/tools/security/safe/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , buildGoPackage , fetchFromGitHub }: @@ -22,7 +22,7 @@ buildGoPackage rec { buildFlagsArray+=("-ldflags" "-X main.Version=${version}") ''; - meta = with stdenv.lib; { + meta = with lib; { description = "A Vault CLI"; homepage = "https://github.com/starkandwayne/safe"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/saml2aws/default.nix b/nixpkgs/pkgs/tools/security/saml2aws/default.nix index 68721bbdebc1..ade299ec5893 100644 --- a/nixpkgs/pkgs/tools/security/saml2aws/default.nix +++ b/nixpkgs/pkgs/tools/security/saml2aws/default.nix @@ -1,4 +1,4 @@ -{ stdenv, buildGoModule, fetchFromGitHub }: +{ lib, stdenv, buildGoModule, fetchFromGitHub }: buildGoModule rec { pname = "saml2aws"; @@ -22,11 +22,11 @@ buildGoModule rec { -ldflags=-X main.Version=${version} ''; - meta = with stdenv.lib; { + meta = with lib; { description = "CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP"; homepage = "https://github.com/Versent/saml2aws"; license = licenses.mit; - platforms = stdenv.lib.platforms.unix; - maintainers = [ stdenv.lib.maintainers.pmyjavec ]; + platforms = lib.platforms.unix; + maintainers = [ lib.maintainers.pmyjavec ]; }; } diff --git a/nixpkgs/pkgs/tools/security/sbsigntool/default.nix b/nixpkgs/pkgs/tools/security/sbsigntool/default.nix index 1a42ddf8beca..7a0bb37d4a4c 100644 --- a/nixpkgs/pkgs/tools/security/sbsigntool/default.nix +++ b/nixpkgs/pkgs/tools/security/sbsigntool/default.nix @@ -1,5 +1,5 @@ -{ stdenv -, fetchgit, autoconf, automake, pkgconfig, help2man +{ lib, stdenv +, fetchgit, autoconf, automake, pkg-config, help2man , openssl, libuuid, gnu-efi, libbfd }: @@ -17,7 +17,7 @@ stdenv.mkDerivation { prePatch = "patchShebangs ."; - nativeBuildInputs = [ autoconf automake pkgconfig help2man ]; + nativeBuildInputs = [ autoconf automake pkg-config help2man ]; buildInputs = [ openssl libuuid libbfd gnu-efi ]; configurePhase = '' @@ -42,7 +42,7 @@ stdenv.mkDerivation { make install ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Tools for maintaining UEFI signature databases"; homepage = "http://jk.ozlabs.org/docs/sbkeysync-maintaing-uefi-key-databases"; maintainers = [ maintainers.tstrobel ]; diff --git a/nixpkgs/pkgs/tools/security/scallion/default.nix b/nixpkgs/pkgs/tools/security/scallion/default.nix index 1395b8e10617..6f0dcd1bb013 100644 --- a/nixpkgs/pkgs/tools/security/scallion/default.nix +++ b/nixpkgs/pkgs/tools/security/scallion/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, makeWrapper, mono, openssl_1_0_2, ocl-icd }: +{ lib, stdenv, fetchFromGitHub, makeWrapper, mono, openssl_1_0_2, ocl-icd }: stdenv.mkDerivation rec { version = "2.1"; @@ -22,11 +22,11 @@ stdenv.mkDerivation rec { mkdir -p $out/share cp scallion/bin/Debug/* $out/share/ makeWrapper ${mono}/bin/mono $out/bin/scallion \ - --prefix LD_LIBRARY_PATH : ${stdenv.lib.makeLibraryPath [ openssl_1_0_2 ocl-icd ]} \ + --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ openssl_1_0_2 ocl-icd ]} \ --add-flags $out/share/scallion.exe ''; - meta = with stdenv.lib; { + meta = with lib; { description = "GPU-based tor hidden service name generator"; homepage = src.meta.homepage; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/scilla/default.nix b/nixpkgs/pkgs/tools/security/scilla/default.nix new file mode 100644 index 000000000000..1983aef17265 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/scilla/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "scilla"; + version = "20210118-${lib.strings.substring 0 7 rev}"; + rev = "74dd81492fef92b95765df1d0f629276a146a5a4"; + + src = fetchFromGitHub { + owner = "edoardottt"; + repo = pname; + inherit rev; + sha256 = "10qvaigfarljydfb9vx2fb9nk293j4g9w2h9mr8xw6adbvl0qr9q"; + }; + + vendorSha256 = "04wqsl4269gc3r6l9srqhcq19zarnyyab8k1shj3w6lkfcc61z25"; + + meta = with lib; { + description = "Information gathering tool for DNS, ports and more"; + homepage = "https://github.com/edoardottt/scilla"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/scrypt/default.nix b/nixpkgs/pkgs/tools/security/scrypt/default.nix index e230b2ee4574..89ff50e0a8a0 100644 --- a/nixpkgs/pkgs/tools/security/scrypt/default.nix +++ b/nixpkgs/pkgs/tools/security/scrypt/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, openssl, util-linux, getconf }: +{ lib, stdenv, fetchurl, openssl, util-linux, getconf }: stdenv.mkDerivation rec { pname = "scrypt"; @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { checkTarget = "test"; checkInputs = [ util-linux ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Encryption utility"; homepage = "https://www.tarsnap.com/scrypt.html"; license = licenses.bsd2; diff --git a/nixpkgs/pkgs/tools/security/seccure/default.nix b/nixpkgs/pkgs/tools/security/seccure/default.nix index e0f01f4f2c41..07c8d0382ca5 100644 --- a/nixpkgs/pkgs/tools/security/seccure/default.nix +++ b/nixpkgs/pkgs/tools/security/seccure/default.nix @@ -1,16 +1,16 @@ -{ stdenv, fetchurl, libgcrypt }: +{ lib, stdenv, fetchurl, libgcrypt }: stdenv.mkDerivation rec { pname = "seccure"; version = "0.5"; - + src = fetchurl { url = "http://point-at-infinity.org/seccure/${pname}-${version}.tar.gz"; sha256 = "0nwnk3hfhgvf5xr0xipbh6smfnya22wphc5rj0vgi5d0zr5cwrk5"; }; buildInputs = [ libgcrypt ]; - + preConfigure = '' sed -e s@/usr/@$out/@g -i Makefile sed -e 's@ln -f@ln -sf@g' -i Makefile @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { meta = { homepage = "http://point-at-infinity.org/seccure/"; description = "Zero-configuration elliptic curve cryptography utility"; - platforms = stdenv.lib.platforms.unix; - license = stdenv.lib.licenses.lgpl3; + platforms = lib.platforms.unix; + license = lib.licenses.lgpl3; }; } diff --git a/nixpkgs/pkgs/tools/security/secp256k1/default.nix b/nixpkgs/pkgs/tools/security/secp256k1/default.nix index d3b43d6adf69..a8acf3586c9e 100644 --- a/nixpkgs/pkgs/tools/security/secp256k1/default.nix +++ b/nixpkgs/pkgs/tools/security/secp256k1/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoreconfHook, jdk +{ lib, stdenv, fetchFromGitHub, autoreconfHook, jdk # Enable ECDSA pubkey recovery module , enableRecovery ? true @@ -13,7 +13,7 @@ }: -let inherit (stdenv.lib) optionals; in +let inherit (lib) optionals; in stdenv.mkDerivation { pname = "secp256k1"; @@ -42,7 +42,7 @@ stdenv.mkDerivation { doCheck = true; checkPhase = "./tests"; - meta = with stdenv.lib; { + meta = with lib; { description = "Optimized C library for EC operations on curve secp256k1"; longDescription = '' Optimized C library for EC operations on curve secp256k1. Part of diff --git a/nixpkgs/pkgs/tools/security/sedutil/default.nix b/nixpkgs/pkgs/tools/security/sedutil/default.nix index 4877a8adfcef..6ed4a23af1dd 100644 --- a/nixpkgs/pkgs/tools/security/sedutil/default.nix +++ b/nixpkgs/pkgs/tools/security/sedutil/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoreconfHook }: +{ lib, stdenv, fetchFromGitHub, autoreconfHook }: stdenv.mkDerivation rec { pname = "sedutil"; @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - meta = with stdenv.lib; { + meta = with lib; { description = "DTA sedutil Self encrypting drive software"; homepage = "https://www.drivetrust.com"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/sequoia/default.nix b/nixpkgs/pkgs/tools/security/sequoia/default.nix index 201b4c56f2b9..706c9edc481c 100644 --- a/nixpkgs/pkgs/tools/security/sequoia/default.nix +++ b/nixpkgs/pkgs/tools/security/sequoia/default.nix @@ -97,7 +97,7 @@ rustPlatform.buildRustPackage rec { checkPhase = null; installPhase = null; - meta = with stdenv.lib; { + meta = with lib; { description = "A cool new OpenPGP implementation"; homepage = "https://sequoia-pgp.org/"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/sha1collisiondetection/default.nix b/nixpkgs/pkgs/tools/security/sha1collisiondetection/default.nix index 8c6a026a6124..07c9ed9b2408 100644 --- a/nixpkgs/pkgs/tools/security/sha1collisiondetection/default.nix +++ b/nixpkgs/pkgs/tools/security/sha1collisiondetection/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, libtool, which }: +{ lib, stdenv, fetchFromGitHub, libtool, which }: stdenv.mkDerivation rec { pname = "sha1collisiondetection"; @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ libtool which ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Library and command line tool to detect SHA-1 collision"; longDescription = '' This library and command line tool were designed as near drop-in diff --git a/nixpkgs/pkgs/tools/security/shc/default.nix b/nixpkgs/pkgs/tools/security/shc/default.nix index 3705d2c7ed1a..4cbedb232187 100644 --- a/nixpkgs/pkgs/tools/security/shc/default.nix +++ b/nixpkgs/pkgs/tools/security/shc/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub }: +{ lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "shc"; @@ -12,10 +12,10 @@ stdenv.mkDerivation rec { sha256 = "0bfn404plsssa14q89k9l3s5lxq3df0sny5lis4j2w75qrkqx694"; }; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://neurobin.org/projects/softwares/unix/shc/"; description = "Shell Script Compiler"; - platforms = stdenv.lib.platforms.linux; + platforms = lib.platforms.linux; license = licenses.gpl3; }; } diff --git a/nixpkgs/pkgs/tools/security/signify/default.nix b/nixpkgs/pkgs/tools/security/signify/default.nix index 3ec260a7c0c5..fb3df51167b4 100644 --- a/nixpkgs/pkgs/tools/security/signify/default.nix +++ b/nixpkgs/pkgs/tools/security/signify/default.nix @@ -1,26 +1,26 @@ -{ stdenv, fetchFromGitHub, libbsd, pkgconfig }: +{ lib, stdenv, fetchFromGitHub, libbsd, pkg-config }: stdenv.mkDerivation rec { pname = "signify"; - version = "25"; + version = "30"; src = fetchFromGitHub { owner = "aperezdc"; repo = "signify"; rev = "v${version}"; - sha256 = "0zg0rffxwj2a71s1bllhrn491xsmirg9sshpq8f3vl25lv4c2cnq"; + sha256 = "02xh6x6rszkvk3rf6zai7n3ivchmw0d8mwllpinjxc7k6sd415c3"; }; doCheck = true; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ libbsd ]; preInstall = '' export PREFIX=$out ''; - meta = with stdenv.lib; { + meta = with lib; { description = "OpenBSD signing tool"; longDescription = '' OpenBSDs signing tool, which uses the Ed25519 public key signature system diff --git a/nixpkgs/pkgs/tools/security/signing-party/default.nix b/nixpkgs/pkgs/tools/security/signing-party/default.nix index 17c65d28884e..ee099b704aaa 100644 --- a/nixpkgs/pkgs/tools/security/signing-party/default.nix +++ b/nixpkgs/pkgs/tools/security/signing-party/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitLab, autoconf, automake, makeWrapper +{ lib, stdenv, fetchFromGitLab, autoconf, automake, makeWrapper , python3, perl, perlPackages , libmd, gnupg, which, getopt, libpaper, nettools, qprint , sendmailPath ? "/run/wrappers/bin/sendmail" }: @@ -127,62 +127,62 @@ in stdenv.mkDerivation rec { TextTemplate MIMETools MailTools TimeDate NetIDNEncode ] ++ GnuPGInterfaceRuntimeDependencies)} \ --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ nettools gnupg ]}" + "${lib.makeBinPath [ nettools gnupg ]}" wrapProgram $out/bin/gpg-key2latex --set PERL5LIB \ ${perlPackages.makePerlPath GnuPGInterfaceRuntimeDependencies} \ --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ gnupg libpaper ]}" + "${lib.makeBinPath [ gnupg libpaper ]}" wrapProgram $out/bin/gpg-key2ps --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ which gnupg libpaper ]}" + "${lib.makeBinPath [ which gnupg libpaper ]}" wrapProgram $out/bin/gpg-mailkeys --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ gnupg qprint ]}" + "${lib.makeBinPath [ gnupg qprint ]}" wrapProgram $out/bin/gpgdir --set PERL5LIB \ ${with perlPackages; makePerlPath ([ TermReadKey ] ++ GnuPGInterfaceRuntimeDependencies)} \ --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ gnupg ]}" + "${lib.makeBinPath [ gnupg ]}" wrapProgram $out/bin/gpglist --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ gnupg ]}" + "${lib.makeBinPath [ gnupg ]}" wrapProgram $out/bin/gpgparticipants --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ getopt gnupg ]}" + "${lib.makeBinPath [ getopt gnupg ]}" # wrapProgram $out/bin/gpgparticipants-prefill wrapProgram $out/bin/gpgparticipants-filter --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ gnupg ]}" + "${lib.makeBinPath [ gnupg ]}" wrapProgram $out/bin/gpgsigs --set PERL5LIB \ ${perlPackages.makePerlPath GnuPGInterfaceRuntimeDependencies} \ --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ gnupg ]}" + "${lib.makeBinPath [ gnupg ]}" wrapProgram $out/bin/gpgwrap --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ gnupg ]}" + "${lib.makeBinPath [ gnupg ]}" # wrapProgram $out/bin/keyanalyze --set PERL5LIB \ wrapProgram $out/bin/keyart --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ gnupg ]}" + "${lib.makeBinPath [ gnupg ]}" wrapProgram $out/bin/keylookup --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ gnupg ]}" + "${lib.makeBinPath [ gnupg ]}" wrapProgram $out/bin/pgp-clean --set PERL5LIB \ ${perlPackages.makePerlPath GnuPGInterfaceRuntimeDependencies} \ --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ gnupg ]}" + "${lib.makeBinPath [ gnupg ]}" wrapProgram $out/bin/pgp-fixkey --set PERL5LIB \ ${perlPackages.makePerlPath GnuPGInterfaceRuntimeDependencies} \ --prefix PATH ":" \ - "${stdenv.lib.makeBinPath [ gnupg ]}" + "${lib.makeBinPath [ gnupg ]}" # wrapProgram $out/bin/pgpring @@ -196,7 +196,7 @@ in stdenv.mkDerivation rec { ${with perlPackages; makePerlPath [ GD ]} ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://salsa.debian.org/signing-party-team/signing-party"; description = "A collection of several projects relating to OpenPGP"; longDescription = '' diff --git a/nixpkgs/pkgs/tools/security/sigurlx/default.nix b/nixpkgs/pkgs/tools/security/sigurlx/default.nix new file mode 100644 index 000000000000..b6908c274228 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sigurlx/default.nix @@ -0,0 +1,25 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "sigurlx"; + version = "2.1.0"; + + src = fetchFromGitHub { + owner = "drsigned"; + repo = pname; + rev = "v${version}"; + sha256 = "1q5vy05387qx7h4xcccvn2z2ks1kiff3mfbd2w3w0l0a4qgz74xs"; + }; + + vendorSha256 = "1bp6bf99rxlyg91pn1y228q18lawpykmvkl22cydmclms0q0n238"; + + meta = with lib; { + description = "Tool to map the attack surface of web applications"; + homepage = "https://github.com/drsigned/sigurlx"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/simple-tpm-pk11/default.nix b/nixpkgs/pkgs/tools/security/simple-tpm-pk11/default.nix index 2a360b4321c5..4d5c020ad422 100644 --- a/nixpkgs/pkgs/tools/security/simple-tpm-pk11/default.nix +++ b/nixpkgs/pkgs/tools/security/simple-tpm-pk11/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, trousers, openssl, opencryptoki, autoreconfHook, libtool }: +{ lib, stdenv, fetchFromGitHub, trousers, openssl, opencryptoki, autoreconfHook, libtool }: stdenv.mkDerivation rec { pname = "simple-tpm-pk11"; @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - meta = with stdenv.lib; { + meta = with lib; { description = "Simple PKCS11 provider for TPM chips"; longDescription = '' A simple library for using the TPM chip to secure SSH keys. diff --git a/nixpkgs/pkgs/tools/security/sn0int/default.nix b/nixpkgs/pkgs/tools/security/sn0int/default.nix index 8b99649e0c9f..7cc343b78234 100644 --- a/nixpkgs/pkgs/tools/security/sn0int/default.nix +++ b/nixpkgs/pkgs/tools/security/sn0int/default.nix @@ -1,20 +1,20 @@ -{ lib, fetchFromGitHub, rustPlatform, libsodium, libseccomp, sqlite, pkgconfig +{ lib, fetchFromGitHub, rustPlatform, libsodium, libseccomp, sqlite, pkg-config }: rustPlatform.buildRustPackage rec { pname = "sn0int"; - version = "0.19.1"; + version = "0.20.0"; src = fetchFromGitHub { owner = "kpcyrd"; repo = pname; rev = "v${version}"; - sha256 = "10f1wblczxlww09f4dl8i9zzgpr14jj7s329wkvm7lafmwx3qrn5"; + sha256 = "1zjrbrkk7phv8s5qr0gj6fnssa31j3k3m8c55pdfmajh7ry7wwd1"; }; - cargoSha256 = "1v0q751ylsfpdjwsbl20pvn7g75w503jwjl5kn5kc8xq3g0lnp65"; + cargoSha256 = "1jvaavhjyalnh10vfhrdyqg1jnl8b4a3gnp8a31bgi3mb0v466k3"; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ libsodium libseccomp sqlite ]; @@ -25,7 +25,7 @@ rustPlatform.buildRustPackage rec { meta = with lib; { description = "Semi-automatic OSINT framework and package manager"; homepage = "https://github.com/kpcyrd/sn0int"; - license = licenses.gpl3; + license = with licenses; [ gpl3Plus ]; maintainers = with maintainers; [ xrelkd ]; platforms = platforms.linux; }; diff --git a/nixpkgs/pkgs/tools/security/snow/default.nix b/nixpkgs/pkgs/tools/security/snow/default.nix index db52d853b7a3..6d264c09ade9 100644 --- a/nixpkgs/pkgs/tools/security/snow/default.nix +++ b/nixpkgs/pkgs/tools/security/snow/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl }: +{ lib, stdenv, fetchurl }: stdenv.mkDerivation rec { pname = "snow"; @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { install -Dm755 snow -t $out/bin ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Conceal messages in ASCII text by appending whitespace to the end of lines"; homepage = "http://www.darkside.com.au/snow/"; license = licenses.apsl20; diff --git a/nixpkgs/pkgs/tools/security/softhsm/default.nix b/nixpkgs/pkgs/tools/security/softhsm/default.nix index 61afb9082d0f..873cfdbbb056 100644 --- a/nixpkgs/pkgs/tools/security/softhsm/default.nix +++ b/nixpkgs/pkgs/tools/security/softhsm/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, botan2, libobjc, Security }: +{ lib, stdenv, fetchurl, botan2, libobjc, Security }: stdenv.mkDerivation rec { @@ -18,13 +18,13 @@ stdenv.mkDerivation rec { ]; propagatedBuildInputs = - stdenv.lib.optionals stdenv.isDarwin [ libobjc Security ]; + lib.optionals stdenv.isDarwin [ libobjc Security ]; buildInputs = [ botan2 ]; postInstall = "rm -rf $out/var"; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://www.opendnssec.org/softhsm"; description = "Cryptographic store accessible through a PKCS #11 interface"; longDescription = " diff --git a/nixpkgs/pkgs/tools/security/sops/default.nix b/nixpkgs/pkgs/tools/security/sops/default.nix index 7557fa6a6d38..9eddc308a4ff 100644 --- a/nixpkgs/pkgs/tools/security/sops/default.nix +++ b/nixpkgs/pkgs/tools/security/sops/default.nix @@ -1,4 +1,4 @@ -{ stdenv, buildGoModule, fetchFromGitHub }: +{ lib, stdenv, buildGoModule, fetchFromGitHub }: buildGoModule rec { pname = "sops"; @@ -15,7 +15,7 @@ buildGoModule rec { doCheck = false; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/mozilla/sops"; description = "Mozilla sops (Secrets OPerationS) is an editor of encrypted files"; maintainers = [ maintainers.marsam ]; diff --git a/nixpkgs/pkgs/tools/security/spectre-meltdown-checker/default.nix b/nixpkgs/pkgs/tools/security/spectre-meltdown-checker/default.nix index b8f4eeea338f..49aa4a2a4ca5 100644 --- a/nixpkgs/pkgs/tools/security/spectre-meltdown-checker/default.nix +++ b/nixpkgs/pkgs/tools/security/spectre-meltdown-checker/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, makeWrapper, coreutils, binutils-unwrapped }: +{ lib, stdenv, fetchFromGitHub, makeWrapper, coreutils, binutils-unwrapped }: stdenv.mkDerivation rec { pname = "spectre-meltdown-checker"; @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ makeWrapper ]; - installPhase = with stdenv.lib; '' + installPhase = with lib; '' runHook preInstall install -Dm755 spectre-meltdown-checker.sh $out/bin/spectre-meltdown-checker @@ -28,7 +28,7 @@ stdenv.mkDerivation rec { runHook postInstall ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Spectre & Meltdown vulnerability/mitigation checker for Linux"; homepage = "https://github.com/speed47/spectre-meltdown-checker"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/srm/default.nix b/nixpkgs/pkgs/tools/security/srm/default.nix index 853ad4f280a2..587d7782e765 100644 --- a/nixpkgs/pkgs/tools/security/srm/default.nix +++ b/nixpkgs/pkgs/tools/security/srm/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl }: +{ lib, stdenv, fetchurl }: stdenv.mkDerivation rec { @@ -10,7 +10,7 @@ stdenv.mkDerivation rec { sha256 = "10sjarhprs6s4zandndg720528rcnd4xk8dl48pjj7li1q9c30vm"; }; - meta = with stdenv.lib; { + meta = with lib; { description = "Delete files securely"; longDescription = '' srm (secure rm) is a command-line compatible rm(1) which diff --git a/nixpkgs/pkgs/tools/security/ssdeep/default.nix b/nixpkgs/pkgs/tools/security/ssdeep/default.nix index 33ab4c373bca..acc617103d71 100644 --- a/nixpkgs/pkgs/tools/security/ssdeep/default.nix +++ b/nixpkgs/pkgs/tools/security/ssdeep/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoreconfHook }: +{ lib, stdenv, fetchFromGitHub, autoreconfHook }: stdenv.mkDerivation rec { pname = "ssdeep"; @@ -19,8 +19,8 @@ stdenv.mkDerivation rec { meta = { description = "A program for calculating fuzzy hashes"; homepage = "http://www.ssdeep.sf.net"; - license = stdenv.lib.licenses.gpl2; - platforms = stdenv.lib.platforms.unix; - maintainers = [ stdenv.lib.maintainers.thoughtpolice ]; + license = lib.licenses.gpl2; + platforms = lib.platforms.unix; + maintainers = [ lib.maintainers.thoughtpolice ]; }; } diff --git a/nixpkgs/pkgs/tools/security/sshchecker/default.nix b/nixpkgs/pkgs/tools/security/sshchecker/default.nix new file mode 100644 index 000000000000..5dfc37dcf6cf --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sshchecker/default.nix @@ -0,0 +1,29 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "sshchecker"; + version = "1.0"; + + src = fetchFromGitHub { + owner = "lazytools"; + repo = pname; + rev = "v${version}"; + sha256 = "139b850h1w0392k8jcgj22jscsl2l60b5kk0n8378b6g57ikmis0"; + }; + + vendorSha256 = "19hdaf7d6lvwrl5rc1srrjsjx57g25cy4lvw0vvs6j52impdk6ak"; + + meta = with lib; { + description = "Dedicated SSH brute-forcing tool"; + longDescription = '' + sshchecker is a fast dedicated SSH brute-forcing tool to check + SSH login on the giving IP list. + ''; + homepage = "https://github.com/lazytools/sshchecker"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sshguard/default.nix b/nixpkgs/pkgs/tools/security/sshguard/default.nix index 6bae0fddc23d..88e726bc8635 100644 --- a/nixpkgs/pkgs/tools/security/sshguard/default.nix +++ b/nixpkgs/pkgs/tools/security/sshguard/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, autoreconfHook, yacc, flex}: +{ lib, stdenv, fetchurl, autoreconfHook, yacc, flex}: stdenv.mkDerivation rec { version = "2.4.1"; @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--sysconfdir=/etc" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Protects hosts from brute-force attacks"; longDescription = '' SSHGuard can read log messages from various input sources. Log messages are parsed, line-by-line, for recognized patterns. diff --git a/nixpkgs/pkgs/tools/security/sshuttle/default.nix b/nixpkgs/pkgs/tools/security/sshuttle/default.nix index 6f620904872d..dbdd94a3d5c9 100644 --- a/nixpkgs/pkgs/tools/security/sshuttle/default.nix +++ b/nixpkgs/pkgs/tools/security/sshuttle/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , python3Packages , makeWrapper , coreutils @@ -23,14 +23,14 @@ python3Packages.buildPythonApplication rec { checkInputs = with python3Packages; [ mock pytest pytestcov pytestrunner flake8 ]; - runtimeDeps = [ coreutils openssh procps ] ++ stdenv.lib.optionals stdenv.isLinux [ iptables nettools ]; + runtimeDeps = [ coreutils openssh procps ] ++ lib.optionals stdenv.isLinux [ iptables nettools ]; postInstall = '' wrapProgram $out/bin/sshuttle \ - --prefix PATH : "${stdenv.lib.makeBinPath runtimeDeps}" \ + --prefix PATH : "${lib.makeBinPath runtimeDeps}" \ ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/sshuttle/sshuttle/"; description = "Transparent proxy server that works as a poor man's VPN"; longDescription = '' diff --git a/nixpkgs/pkgs/tools/security/sslscan/default.nix b/nixpkgs/pkgs/tools/security/sslscan/default.nix index 68efa7a17d1f..fcf9c4c1ac2f 100644 --- a/nixpkgs/pkgs/tools/security/sslscan/default.nix +++ b/nixpkgs/pkgs/tools/security/sslscan/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, openssl }: +{ lib, stdenv, fetchFromGitHub, openssl }: stdenv.mkDerivation rec { pname = "sslscan"; @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { makeFlags = [ "PREFIX=$(out)" "CC=cc" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Tests SSL/TLS services and discover supported cipher suites"; homepage = "https://github.com/rbsec/sslscan"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/ssss/default.nix b/nixpkgs/pkgs/tools/security/ssss/default.nix index bd7de72e6bec..34407f5f5ad9 100644 --- a/nixpkgs/pkgs/tools/security/ssss/default.nix +++ b/nixpkgs/pkgs/tools/security/ssss/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, gmp }: +{ lib, stdenv, fetchurl, gmp }: stdenv.mkDerivation { name = "ssss-0.5"; @@ -22,7 +22,7 @@ stdenv.mkDerivation { meta = { description = "Shamir Secret Sharing Scheme"; homepage = "http://point-at-infinity.org/ssss/"; - platforms = stdenv.lib.platforms.unix; - license = stdenv.lib.licenses.gpl2; + platforms = lib.platforms.unix; + license = lib.licenses.gpl2; }; } diff --git a/nixpkgs/pkgs/tools/security/steghide/default.nix b/nixpkgs/pkgs/tools/security/steghide/default.nix index 5ac40e0a0474..cb2a0473cf15 100644 --- a/nixpkgs/pkgs/tools/security/steghide/default.nix +++ b/nixpkgs/pkgs/tools/security/steghide/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, libjpeg, libmcrypt, zlib, libmhash, gettext, libtool}: +{ lib, stdenv, fetchurl, libjpeg, libmcrypt, zlib, libmhash, gettext, libtool}: stdenv.mkDerivation rec { buildInputs = [ libjpeg libmcrypt zlib libmhash gettext libtool ]; @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { export AM_CXXFLAGS="$CXXFLAGS -std=c++0x" ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "http://steghide.sourceforge.net/"; description = "Steganography program that is able to hide data in various kinds of image- and audio-files"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/stegseek/default.nix b/nixpkgs/pkgs/tools/security/stegseek/default.nix new file mode 100644 index 000000000000..d2fb825b5296 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/stegseek/default.nix @@ -0,0 +1,44 @@ +{ lib, stdenv +, cmake +, fetchFromGitHub +, libjpeg +, libmcrypt +, libmhash +, libtool +, zlib +}: + +stdenv.mkDerivation rec { + pname = "stegseek"; + version = "0.5"; + + src = fetchFromGitHub { + owner = "RickdeJager"; + repo = pname; + rev = "v${version}"; + sha256 = "19hzr5533b607ihmjj71x682qjr45s75cqxh9zap21z16346ahqn"; + }; + + nativeBuildInputs = [ cmake ]; + + buildInputs = [ + libjpeg + libmcrypt + libmhash + libtool + zlib + ]; + + doCheck = true; + + meta = with lib; { + description = "Tool to crack steganography"; + longDescription = '' + Stegseek is a lightning fast steghide cracker that can be + used to extract hidden data from files. + ''; + homepage = "https://github.com/RickdeJager/stegseek"; + license = with licenses; [ gpl2Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/stoken/default.nix b/nixpkgs/pkgs/tools/security/stoken/default.nix index 22dc5e476e7f..f5f733d70b91 100644 --- a/nixpkgs/pkgs/tools/security/stoken/default.nix +++ b/nixpkgs/pkgs/tools/security/stoken/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoconf, automake, libtool, pkgconfig +{ lib, stdenv, fetchFromGitHub, autoconf, automake, libtool, pkg-config , libxml2, nettle , withGTK3 ? true, gtk3 }: @@ -20,13 +20,13 @@ stdenv.mkDerivation rec { autoconf ''; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ autoconf automake libtool libxml2 nettle - ] ++ stdenv.lib.optional withGTK3 gtk3; + ] ++ lib.optional withGTK3 gtk3; - meta = with stdenv.lib; { + meta = with lib; { description = "Software Token for Linux/UNIX"; homepage = "https://github.com/cernekee/stoken"; license = licenses.lgpl21Plus; diff --git a/nixpkgs/pkgs/tools/security/stricat/default.nix b/nixpkgs/pkgs/tools/security/stricat/default.nix index 28c462cbb0a2..460838965a02 100644 --- a/nixpkgs/pkgs/tools/security/stricat/default.nix +++ b/nixpkgs/pkgs/tools/security/stricat/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl }: +{ lib, stdenv, fetchurl }: stdenv.mkDerivation rec { pname = "stricat"; @@ -19,8 +19,8 @@ stdenv.mkDerivation rec { meta = { description = "Multi-use cryptographic tool based on the STRIBOB algorithm"; homepage = "https://www.stribob.com/stricat/"; - license = stdenv.lib.licenses.bsd3; - platforms = stdenv.lib.platforms.unix; - maintainers = [ stdenv.lib.maintainers.thoughtpolice ]; + license = lib.licenses.bsd3; + platforms = lib.platforms.unix; + maintainers = [ lib.maintainers.thoughtpolice ]; }; } diff --git a/nixpkgs/pkgs/tools/security/su-exec/default.nix b/nixpkgs/pkgs/tools/security/su-exec/default.nix index 8ff33ee1ec91..0e26d2430cb1 100644 --- a/nixpkgs/pkgs/tools/security/su-exec/default.nix +++ b/nixpkgs/pkgs/tools/security/su-exec/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub }: +{ lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "su-exec"; @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { cp -a su-exec $out/bin/su-exec ''; - meta = with stdenv.lib; { + meta = with lib; { description = "switch user and group id and exec"; homepage = "https://github.com/ncopa/su-exec"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/subjs/default.nix b/nixpkgs/pkgs/tools/security/subjs/default.nix new file mode 100644 index 000000000000..5b9a237d49cb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/subjs/default.nix @@ -0,0 +1,32 @@ +{ buildGoModule +, fetchFromGitHub +, lib, stdenv +}: + +buildGoModule rec { + pname = "subjs"; + version = "1.0.1"; + + src = fetchFromGitHub { + owner = "lc"; + repo = pname; + rev = "v${version}"; + sha256 = "01cip5rf35dnh3l325p03y6axyqdpf48ry4zcwiyd7hlfsglbk3j"; + }; + + vendorSha256 = "1y01k8pvv7y9zb15wbk068cvkx0g83484jak2dvcvghqcf5j1fr1"; + + buildFlagsArray = [ "-ldflags=-s -w -X main.AppVersion=${version}" ]; + + meta = with lib; { + description = "Fetcher for Javascript files"; + longDescription = '' + subjs fetches Javascript files from a list of URLs or subdomains. + Analyzing Javascript files can help you find undocumented endpoints, + secrets and more. + ''; + homepage = "https://github.com/lc/subjs"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sudo/default.nix b/nixpkgs/pkgs/tools/security/sudo/default.nix index 776823a6a280..1e6af55baab2 100644 --- a/nixpkgs/pkgs/tools/security/sudo/default.nix +++ b/nixpkgs/pkgs/tools/security/sudo/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, coreutils, pam, groff, sssd, nixosTests +{ lib, stdenv, fetchurl, coreutils, pam, groff, sssd, nixosTests , sendmailPath ? "/run/wrappers/bin/sendmail" , withInsults ? false , withSssd ? false @@ -6,11 +6,11 @@ stdenv.mkDerivation rec { pname = "sudo"; - version = "1.9.4p2"; + version = "1.9.5p1"; src = fetchurl { url = "https://www.sudo.ws/dist/${pname}-${version}.tar.gz"; - sha256 = "0r0g8z289ipw0zpkhmm33cpfm42j01jds2q1wilhh3flg7xg2jn3"; + sha256 = "10kqdfbfpf3vk5ihz5gwynv4pxdf1lg6ircrlanyygb549yg7pad"; }; prePatch = '' @@ -27,10 +27,10 @@ stdenv.mkDerivation rec { "--with-iologdir=/var/log/sudo-io" "--with-sendmail=${sendmailPath}" "--enable-tmpfiles.d=no" - ] ++ stdenv.lib.optional withInsults [ + ] ++ lib.optional withInsults [ "--with-insults" "--with-all-insults" - ] ++ stdenv.lib.optional withSssd [ + ] ++ lib.optional withSssd [ "--with-sssd" "--with-sssd-lib=${sssd}/lib" ]; @@ -78,8 +78,8 @@ stdenv.mkDerivation rec { license = "https://www.sudo.ws/sudo/license.html"; - maintainers = with stdenv.lib.maintainers; [ eelco delroth ]; + maintainers = with lib.maintainers; [ eelco delroth ]; - platforms = stdenv.lib.platforms.linux; + platforms = lib.platforms.linux; }; } diff --git a/nixpkgs/pkgs/tools/security/sudolikeaboss/default.nix b/nixpkgs/pkgs/tools/security/sudolikeaboss/default.nix index 639926578c7b..bdaf8f129d02 100644 --- a/nixpkgs/pkgs/tools/security/sudolikeaboss/default.nix +++ b/nixpkgs/pkgs/tools/security/sudolikeaboss/default.nix @@ -1,9 +1,9 @@ # This file was generated by go2nix, then modified by hand for Darwin support. -{ stdenv, buildGoPackage, fetchFromGitHub, darwin }: +{ lib, stdenv, buildGoPackage, fetchFromGitHub, darwin }: buildGoPackage rec { pname = "sudolikeaboss-unstable"; - version = "20161127-${stdenv.lib.strings.substring 0 7 rev}"; + version = "20161127-${lib.strings.substring 0 7 rev}"; rev = "2d9afe19f872c9f433d476e57ee86169781b164c"; goPackagePath = "github.com/ravenac95/sudolikeaboss"; @@ -21,7 +21,7 @@ buildGoPackage rec { Cocoa ]; - meta = with stdenv.lib; { + meta = with lib; { inherit version; inherit (src.meta) homepage; description = "Get 1password access from iterm2"; diff --git a/nixpkgs/pkgs/tools/security/super/default.nix b/nixpkgs/pkgs/tools/security/super/default.nix index 79a7cd839e5b..f8e78c66979f 100644 --- a/nixpkgs/pkgs/tools/security/super/default.nix +++ b/nixpkgs/pkgs/tools/security/super/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, fetchpatch }: +{ lib, stdenv, fetchurl, fetchpatch }: stdenv.mkDerivation rec { name = "super-3.30.0"; @@ -44,6 +44,6 @@ stdenv.mkDerivation rec { in /etc/super.tab); and 2) “setuid”, which allows root to execute a command under a different uid. ''; - platforms = stdenv.lib.platforms.linux; + platforms = lib.platforms.linux; }; } diff --git a/nixpkgs/pkgs/tools/security/tboot/default.nix b/nixpkgs/pkgs/tools/security/tboot/default.nix index 38f467fb441f..bf13fe7822e8 100644 --- a/nixpkgs/pkgs/tools/security/tboot/default.nix +++ b/nixpkgs/pkgs/tools/security/tboot/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, trousers, openssl, zlib }: +{ lib, stdenv, fetchurl, trousers, openssl, zlib }: stdenv.mkDerivation rec { pname = "tboot"; @@ -28,7 +28,7 @@ stdenv.mkDerivation rec { installFlags = [ "DESTDIR=$(out)" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "A pre-kernel/VMM module that uses Intel(R) TXT to perform a measured and verified launch of an OS kernel/VMM"; homepage = "https://sourceforge.net/projects/tboot/"; license = licenses.bsd3; diff --git a/nixpkgs/pkgs/tools/security/tcpcrypt/default.nix b/nixpkgs/pkgs/tools/security/tcpcrypt/default.nix index a6eb09fd2c5f..eb889cfef165 100644 --- a/nixpkgs/pkgs/tools/security/tcpcrypt/default.nix +++ b/nixpkgs/pkgs/tools/security/tcpcrypt/default.nix @@ -1,9 +1,9 @@ -{ stdenv, fetchFromGitHub, autoreconfHook +{ lib, stdenv, fetchFromGitHub, autoreconfHook , openssl , libcap, libpcap, libnfnetlink, libnetfilter_conntrack, libnetfilter_queue }: -with stdenv.lib; +with lib; stdenv.mkDerivation rec { pname = "tcpcrypt"; @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { sha256 = "0a015rlyvagz714pgwr85f8gjq1fkc0il7d7l39qcgxrsp15b96w"; }; - postUnpack = ''mkdir -vp $sourceRoot/m4''; + postUnpack = "mkdir -vp $sourceRoot/m4"; outputs = [ "bin" "dev" "out" ]; nativeBuildInputs = [ autoreconfHook ]; diff --git a/nixpkgs/pkgs/tools/security/teler/default.nix b/nixpkgs/pkgs/tools/security/teler/default.nix index 378663758591..1acb9e5609eb 100644 --- a/nixpkgs/pkgs/tools/security/teler/default.nix +++ b/nixpkgs/pkgs/tools/security/teler/default.nix @@ -1,6 +1,6 @@ { buildGoModule , fetchFromGitHub -, stdenv +, lib, stdenv }: buildGoModule rec { @@ -19,7 +19,7 @@ buildGoModule rec { # test require internet access doCheck = false; - meta = with stdenv.lib; { + meta = with lib; { description = "Real-time HTTP Intrusion Detection"; longDescription = '' teler is an real-time intrusion detection and threat alert diff --git a/nixpkgs/pkgs/tools/security/terrascan/default.nix b/nixpkgs/pkgs/tools/security/terrascan/default.nix new file mode 100644 index 000000000000..fddd10da6180 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/terrascan/default.nix @@ -0,0 +1,33 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "terrascan"; + version = "1.2.0"; + + src = fetchFromGitHub { + owner = "accurics"; + repo = pname; + rev = "v${version}"; + sha256 = "1kjis0ylvmv1gvzp5qvi9a7x4611bjv8yx5mb6nkc0a8lscwb4c3"; + }; + + vendorSha256 = "0yfybzwjvnan4qf5w25k22iwh5hp9v8si93p4jv9bx25rw91swws"; + + # tests want to download a vulnerable Terraform project + doCheck = false; + + meta = with lib; { + description = "Detect compliance and security violations across Infrastructure"; + longDescription = '' + Detect compliance and security violations across Infrastructure as Code to + mitigate risk before provisioning cloud native infrastructure. It contains + 500+ polices and support for Terraform and Kubernetes. + ''; + homepage = "https://github.com/accurics/terrascan"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/thc-hydra/default.nix b/nixpkgs/pkgs/tools/security/thc-hydra/default.nix index f83d2675c6ac..88ea30088f5e 100644 --- a/nixpkgs/pkgs/tools/security/thc-hydra/default.nix +++ b/nixpkgs/pkgs/tools/security/thc-hydra/default.nix @@ -1,5 +1,5 @@ { stdenv, lib, fetchFromGitHub, zlib, openssl, ncurses, libidn, pcre, libssh, libmysqlclient, postgresql -, withGUI ? false, makeWrapper, pkgconfig, gtk2 }: +, withGUI ? false, makeWrapper, pkg-config, gtk2 }: stdenv.mkDerivation rec { pname = "thc-hydra"; @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { --replace "-lcurses" "-lncurses" ''; - nativeBuildInputs = lib.optionals withGUI [ pkgconfig makeWrapper ]; + nativeBuildInputs = lib.optionals withGUI [ pkg-config makeWrapper ]; buildInputs = [ zlib openssl ncurses libidn pcre libssh libmysqlclient postgresql @@ -38,7 +38,7 @@ stdenv.mkDerivation rec { --add-flags --hydra-path --add-flags "$out/bin/hydra" ''; - meta = with stdenv.lib; { + meta = with lib; { description = "A very fast network logon cracker which support many different services"; homepage = "https://www.thc.org/thc-hydra/"; license = licenses.agpl3; diff --git a/nixpkgs/pkgs/tools/security/thc-ipv6/default.nix b/nixpkgs/pkgs/tools/security/thc-ipv6/default.nix index b8175ef6dbac..6e7f4fb2891a 100644 --- a/nixpkgs/pkgs/tools/security/thc-ipv6/default.nix +++ b/nixpkgs/pkgs/tools/security/thc-ipv6/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, libpcap, openssl, libnetfilter_queue, libnfnetlink }: +{ lib, stdenv, fetchFromGitHub, libpcap, openssl, libnetfilter_queue, libnfnetlink }: stdenv.mkDerivation rec { pname = "thc-ipv6"; version = "3.8"; @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { "PREFIX=$(out)" ]; - meta = with stdenv.lib; { + meta = with lib; { description = "IPv6 attack toolkit"; homepage = "https://github.com/vanhauser-thc/thc-ipv6"; maintainers = with maintainers; [ ajs124 ]; diff --git a/nixpkgs/pkgs/tools/security/theharvester/default.nix b/nixpkgs/pkgs/tools/security/theharvester/default.nix index 4153ddafbf48..7a03649859e4 100644 --- a/nixpkgs/pkgs/tools/security/theharvester/default.nix +++ b/nixpkgs/pkgs/tools/security/theharvester/default.nix @@ -1,8 +1,11 @@ -{ lib, fetchFromGitHub, python3 }: +{ lib +, fetchFromGitHub +, python3 +}: python3.pkgs.buildPythonApplication rec { pname = "theHarvester"; - version = "3.1"; + version = "3.2.2"; src = fetchFromGitHub { owner = "laramies"; @@ -11,9 +14,27 @@ python3.pkgs.buildPythonApplication rec { sha256 = "0lxzxfa9wbzim50d2jmd27i57szd0grm1dfayhnym86jn01qpvn3"; }; - propagatedBuildInputs = with python3.pkgs; [ - aiodns beautifulsoup4 dns grequests netaddr - plotly pyyaml requests retrying shodan texttable + propagatedBuildInputs = with python3.pkgs; [ + aiodns + aiohttp + aiomultiprocess + aiosqlite + beautifulsoup4 + censys + certifi + dns + gevent + grequests + lxml + netaddr + plotly + pyppeteer + pyyaml + requests + retrying + shodan + texttable + uvloop ]; checkInputs = [ python3.pkgs.pytest ]; @@ -31,6 +52,6 @@ python3.pkgs.buildPythonApplication rec { ''; homepage = "https://github.com/laramies/theHarvester"; maintainers = with maintainers; [ c0bw3b treemo ]; - license = licenses.gpl2; + license = licenses.gpl2Only; }; } diff --git a/nixpkgs/pkgs/tools/security/tor/default.nix b/nixpkgs/pkgs/tools/security/tor/default.nix index 04bf598d132a..b4adbfe8c644 100644 --- a/nixpkgs/pkgs/tools/security/tor/default.nix +++ b/nixpkgs/pkgs/tools/security/tor/default.nix @@ -1,5 +1,6 @@ -{ stdenv, fetchurl, pkgconfig, libevent, openssl, zlib, torsocks +{ lib, stdenv, fetchurl, pkg-config, libevent, openssl, zlib, torsocks , libseccomp, systemd, libcap, lzma, zstd, scrypt, nixosTests +, writeShellScript # for update.nix , writeScript @@ -12,7 +13,21 @@ , gnused , nix }: - +let + tor-client-auth-gen = writeShellScript "tor-client-auth-gen" '' + PATH="${lib.makeBinPath [coreutils gnugrep openssl]}" + pem="$(openssl genpkey -algorithm x25519)" + + printf private_key=descriptor:x25519: + echo "$pem" | grep -v " PRIVATE KEY" | + base64 -d | tail --bytes=32 | base32 | tr -d = + + printf public_key=descriptor:x25519: + echo "$pem" | openssl pkey -in /dev/stdin -pubout | + grep -v " PUBLIC KEY" | + base64 -d | tail --bytes=32 | base32 | tr -d = + ''; +in stdenv.mkDerivation rec { pname = "tor"; version = "0.4.4.6"; @@ -24,17 +39,17 @@ stdenv.mkDerivation rec { outputs = [ "out" "geoip" ]; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ libevent openssl zlib lzma zstd scrypt ] ++ - stdenv.lib.optionals stdenv.isLinux [ libseccomp systemd libcap ]; + lib.optionals stdenv.isLinux [ libseccomp systemd libcap ]; patches = [ ./disable-monotonic-timer-tests.patch ]; # cross compiles correctly but needs the following - configureFlags = stdenv.lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) + configureFlags = lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "--disable-tool-name-check"; - NIX_CFLAGS_LINK = stdenv.lib.optionalString stdenv.cc.isGNU "-lgcc_s"; + NIX_CFLAGS_LINK = lib.optionalString stdenv.cc.isGNU "-lgcc_s"; postPatch = '' substituteInPlace contrib/client-tools/torify \ @@ -52,6 +67,7 @@ stdenv.mkDerivation rec { mkdir -p $geoip/share/tor mv $out/share/tor/geoip{,6} $geoip/share/tor rm -rf $out/share/tor + ln -s ${tor-client-auth-gen} $out/bin/tor-client-auth-gen ''; passthru = { @@ -72,7 +88,7 @@ stdenv.mkDerivation rec { }; }; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://www.torproject.org/"; repositories.git = "https://git.torproject.org/git/tor"; description = "Anonymizing overlay network"; diff --git a/nixpkgs/pkgs/tools/security/tor/tor-arm.nix b/nixpkgs/pkgs/tools/security/tor/tor-arm.nix index 896ab50562d8..fcdb628e0f4a 100644 --- a/nixpkgs/pkgs/tools/security/tor/tor-arm.nix +++ b/nixpkgs/pkgs/tools/security/tor/tor-arm.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, makeWrapper +{ lib, stdenv, fetchurl, makeWrapper , python2Packages, ncurses, lsof, nettools }: @@ -48,8 +48,8 @@ stdenv.mkDerivation rec { meta = { description = "A terminal status monitor for Tor relays"; homepage = "https://www.atagar.com/arm/"; - license = stdenv.lib.licenses.gpl3; - platforms = stdenv.lib.platforms.unix; - maintainers = [ stdenv.lib.maintainers.thoughtpolice ]; + license = lib.licenses.gpl3; + platforms = lib.platforms.unix; + maintainers = [ lib.maintainers.thoughtpolice ]; }; } diff --git a/nixpkgs/pkgs/tools/security/tor/torsocks.nix b/nixpkgs/pkgs/tools/security/tor/torsocks.nix index 381377032d6e..22cfa51d4e52 100644 --- a/nixpkgs/pkgs/tools/security/tor/torsocks.nix +++ b/nixpkgs/pkgs/tools/security/tor/torsocks.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchgit, fetchurl, autoreconfHook, libcap }: +{ lib, stdenv, fetchgit, fetchurl, autoreconfHook, libcap }: stdenv.mkDerivation rec { pname = "torsocks"; @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook ]; - patches = stdenv.lib.optional stdenv.isDarwin + patches = lib.optional stdenv.isDarwin (fetchurl { url = "https://trac.torproject.org/projects/tor/raw-attachment/ticket/28538/0001-Fix-macros-for-accept4-2.patch"; sha256 = "97881f0b59b3512acc4acb58a0d6dfc840d7633ead2f400fad70dda9b2ba30b0"; @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { sed -i \ -e 's,\(local app_path\)=`which $1`,\1=`type -P $1`,' \ src/bin/torsocks.in - '' + stdenv.lib.optionalString stdenv.isLinux '' + '' + lib.optionalString stdenv.isLinux '' sed -i \ -e 's,\(local getcap\)=.*,\1=${libcap}/bin/getcap,' \ src/bin/torsocks.in @@ -36,8 +36,8 @@ stdenv.mkDerivation rec { description = "Wrapper to safely torify applications"; homepage = "https://github.com/dgoulet/torsocks"; repositories.git = "https://git.torproject.org/torsocks.git"; - license = stdenv.lib.licenses.gpl2; - platforms = stdenv.lib.platforms.unix; - maintainers = with stdenv.lib.maintainers; [ phreedom thoughtpolice ]; + license = lib.licenses.gpl2; + platforms = lib.platforms.unix; + maintainers = with lib.maintainers; [ phreedom thoughtpolice ]; }; } diff --git a/nixpkgs/pkgs/tools/security/tpm-luks/default.nix b/nixpkgs/pkgs/tools/security/tpm-luks/default.nix index fc1931fa4ba2..25e28f158315 100644 --- a/nixpkgs/pkgs/tools/security/tpm-luks/default.nix +++ b/nixpkgs/pkgs/tools/security/tpm-luks/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchgit, autoreconfHook, gawk, trousers, cryptsetup, openssl }: +{ lib, stdenv, fetchgit, autoreconfHook, gawk, trousers, cryptsetup, openssl }: stdenv.mkDerivation { pname = "tpm-luks"; @@ -25,7 +25,7 @@ stdenv.mkDerivation { rm -r $out/nix ''; - meta = with stdenv.lib; { + meta = with lib; { description = "LUKS key storage in TPM NVRAM"; homepage = "https://github.com/shpedoikal/tpm-luks/"; maintainers = [ maintainers.tstrobel ]; diff --git a/nixpkgs/pkgs/tools/security/tpm-quote-tools/default.nix b/nixpkgs/pkgs/tools/security/tpm-quote-tools/default.nix index a652867a0d09..938d0a6f2946 100644 --- a/nixpkgs/pkgs/tools/security/tpm-quote-tools/default.nix +++ b/nixpkgs/pkgs/tools/security/tpm-quote-tools/default.nix @@ -1,10 +1,10 @@ -{ stdenv, fetchurl, trousers, openssl }: +{ lib, stdenv, fetchurl, trousers, openssl }: -stdenv.mkDerivation rec { +stdenv.mkDerivation rec { pname = "tpm-quote-tools"; version = "1.0.4"; - src = fetchurl { + src = fetchurl { url = "mirror://sourceforge/project/tpmquotetools/${version}/${pname}-${version}.tar.gz"; sha256 = "1qjs83xb4np4yn1bhbjfhvkiika410v8icwnjix5ad96w2nlxp0h"; }; @@ -13,11 +13,11 @@ stdenv.mkDerivation rec { postFixup = '' patchelf \ - --set-rpath "${stdenv.lib.makeLibraryPath [ openssl ]}:$(patchelf --print-rpath $out/bin/tpm_mkaik)" \ + --set-rpath "${lib.makeLibraryPath [ openssl ]}:$(patchelf --print-rpath $out/bin/tpm_mkaik)" \ $out/bin/tpm_mkaik ''; - meta = with stdenv.lib; { + meta = with lib; { description = "A collection of programs that provide support for TPM based attestation using the TPM quote mechanism"; longDescription = '' The TPM Quote Tools is a collection of programs that provide support diff --git a/nixpkgs/pkgs/tools/security/tpm-tools/default.nix b/nixpkgs/pkgs/tools/security/tpm-tools/default.nix index 5e0b4e6d94f4..c0e2941323a6 100644 --- a/nixpkgs/pkgs/tools/security/tpm-tools/default.nix +++ b/nixpkgs/pkgs/tools/security/tpm-tools/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, trousers, openssl, opencryptoki, perl }: +{ lib, stdenv, fetchurl, trousers, openssl, opencryptoki, perl }: let version = "1.3.9.1"; @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ perl ]; buildInputs = [ trousers openssl opencryptoki ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Management tools for TPM hardware"; longDescription = '' tpm-tools is an open-source package designed to enable user and diff --git a/nixpkgs/pkgs/tools/security/tpm2-tools/default.nix b/nixpkgs/pkgs/tools/security/tpm2-tools/default.nix index e6a7621d9877..6b33d1d4d598 100644 --- a/nixpkgs/pkgs/tools/security/tpm2-tools/default.nix +++ b/nixpkgs/pkgs/tools/security/tpm2-tools/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, lib -, pandoc, pkgconfig, makeWrapper, curl, openssl, tpm2-tss +, pandoc, pkg-config, makeWrapper, curl, openssl, tpm2-tss , abrmdSupport ? true, tpm2-abrmd ? null }: stdenv.mkDerivation rec { @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { sha256 = "0117r0zzdnblkibv81y71v3limixsw5m7g9xwf7lcx8fc8836pdv"; }; - nativeBuildInputs = [ pandoc pkgconfig makeWrapper ]; + nativeBuildInputs = [ pandoc pkg-config makeWrapper ]; buildInputs = [ curl openssl tpm2-tss ]; diff --git a/nixpkgs/pkgs/tools/security/trousers/default.nix b/nixpkgs/pkgs/tools/security/trousers/default.nix index 2cc702cf6f2f..c7a11e16f390 100644 --- a/nixpkgs/pkgs/tools/security/trousers/default.nix +++ b/nixpkgs/pkgs/tools/security/trousers/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, openssl, pkgconfig }: +{ lib, stdenv, fetchurl, openssl, pkg-config }: stdenv.mkDerivation rec { pname = "trousers"; @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { sourceRoot = "."; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ openssl ]; patches = [ ./allow-non-tss-config-file-owner.patch ]; @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { NIX_CFLAGS_COMPILE = [ "-DALLOW_NON_TSS_CONFIG_FILE" ]; enableParallelBuilding = true; - meta = with stdenv.lib; { + meta = with lib; { description = "Trusted computing software stack"; homepage = "http://trousers.sourceforge.net/"; license = licenses.bsd3; diff --git a/nixpkgs/pkgs/tools/security/urlhunter/default.nix b/nixpkgs/pkgs/tools/security/urlhunter/default.nix new file mode 100644 index 000000000000..3364b622ad63 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/urlhunter/default.nix @@ -0,0 +1,29 @@ +{ buildGoModule +, fetchFromGitHub +, lib, stdenv +}: + +buildGoModule rec { + pname = "urlhunter"; + version = "0.1.1"; + + src = fetchFromGitHub { + owner = "utkusen"; + repo = pname; + rev = "v${version}"; + sha256 = "0ph0pwfd8bb5499bsx3bd8sqhn69y00zk32ayc3n61gpcc6rmvn7"; + }; + + vendorSha256 = "165kplaqigis0anafvzfqzwc3jjhsn2mwgf4phb4ck75n3yf85ys"; + + meta = with lib; { + description = "Recon tool that allows searching shortened URLs"; + longDescription = '' + urlhunter is a recon tool that allows searching on URLs that are + exposed via shortener services such as bit.ly and goo.gl. + ''; + homepage = "https://github.com/utkusen/urlhunter"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/vault/default.nix b/nixpkgs/pkgs/tools/security/vault/default.nix index 4b460e74024b..3af00b9a22b3 100644 --- a/nixpkgs/pkgs/tools/security/vault/default.nix +++ b/nixpkgs/pkgs/tools/security/vault/default.nix @@ -1,14 +1,14 @@ -{ stdenv, fetchFromGitHub, buildGoPackage, installShellFiles, nixosTests }: +{ lib, stdenv, fetchFromGitHub, buildGoPackage, installShellFiles, nixosTests }: buildGoPackage rec { pname = "vault"; - version = "1.6.0"; + version = "1.6.1"; src = fetchFromGitHub { owner = "hashicorp"; repo = "vault"; rev = "v${version}"; - sha256 = "13fasdiijxy87m33wfyd8gylyz556i0bdd7xp706ip2fcckrmz7a"; + sha256 = "1pgyyl2zgnr3wy4k8c5xsk2s5dpl97xdfq67lpfss7fz1bij8x47"; }; goPackagePath = "github.com/hashicorp/vault"; @@ -26,7 +26,7 @@ buildGoPackage rec { passthru.tests.vault = nixosTests.vault; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://www.vaultproject.io/"; description = "A tool for managing secrets"; changelog = "https://github.com/hashicorp/vault/blob/v${version}/CHANGELOG.md"; diff --git a/nixpkgs/pkgs/tools/security/vault/vault-bin.nix b/nixpkgs/pkgs/tools/security/vault/vault-bin.nix index 805afe89d31a..775bd8c6951e 100644 --- a/nixpkgs/pkgs/tools/security/vault/vault-bin.nix +++ b/nixpkgs/pkgs/tools/security/vault/vault-bin.nix @@ -1,26 +1,26 @@ -{ stdenv, fetchurl, unzip }: +{ lib, stdenv, fetchurl, unzip }: let - version = "1.6.0"; + version = "1.6.1"; sources = let base = "https://releases.hashicorp.com/vault/${version}"; in { x86_64-linux = fetchurl { url = "${base}/vault_${version}_linux_amd64.zip"; - sha256 = "0fay6bw31x9kxmc52sh5qp63nfkwji74fbnlx8pj3smz3qnqw143"; + sha256 = "1la2pylcj9y5gr7hr4aaa49427y3lgxi2phhl46pqmr7an62pkbm"; }; i686-linux = fetchurl { url = "${base}/vault_${version}_linux_386.zip"; - sha256 = "0bjks9lpgl39cq55c9cyc0glhmyxzs37a2an8ynzza94gv5mgcxa"; + sha256 = "1a2rhv5bpv43qp74a49msrwr7djzy86irsn73jl0xnkh0k6ijci1"; }; x86_64-darwin = fetchurl { url = "${base}/vault_${version}_darwin_amd64.zip"; - sha256 = "0hl1k35x78y0hi3y5xjnzby1ygisqjyvdak7s61m9f363nsr1shh"; + sha256 = "0snswwai2ya26crm3ksifrmbdnajr36v4vamh7g65plg6vzban9a"; }; aarch64-linux = fetchurl { url = "${base}/vault_${version}_linux_arm64.zip"; - sha256 = "018a5i14x6phhx1axvx0bvqn4ggsimfizs48xbmykgiyfmzkrwgz"; + sha256 = "0ix99da3xd4z200dgvpfc2h1sfx6l8cipichvfjlj39md45grs89"; }; }; @@ -40,11 +40,11 @@ in stdenv.mkDerivation { echo "complete -C $out/bin/vault vault" > $out/share/bash-completion/completions/vault ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://www.vaultproject.io"; description = "A tool for managing secrets, this binary includes the UI"; platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" ]; license = licenses.mpl20; - maintainers = with maintainers; [ offline psyanticy mkaito ]; + maintainers = with maintainers; [ offline psyanticy mkaito Chili-Man ]; }; } diff --git a/nixpkgs/pkgs/tools/security/volatility/default.nix b/nixpkgs/pkgs/tools/security/volatility/default.nix index 4f1e90eb9100..80cd0d971a3f 100644 --- a/nixpkgs/pkgs/tools/security/volatility/default.nix +++ b/nixpkgs/pkgs/tools/security/volatility/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, pythonPackages }: +{ lib, stdenv, fetchFromGitHub, pythonPackages }: pythonPackages.buildPythonApplication rec { pname = "volatility"; @@ -15,10 +15,10 @@ pythonPackages.buildPythonApplication rec { propagatedBuildInputs = [ pythonPackages.pycrypto pythonPackages.distorm3 ]; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://www.volatilityfoundation.org/"; description = "Advanced memory forensics framework"; maintainers = with maintainers; [ bosu ]; - license = stdenv.lib.licenses.gpl2Plus; + license = lib.licenses.gpl2Plus; }; } diff --git a/nixpkgs/pkgs/tools/security/vulnix/default.nix b/nixpkgs/pkgs/tools/security/vulnix/default.nix index d4a3a0c621a1..e95adf3e1e6c 100644 --- a/nixpkgs/pkgs/tools/security/vulnix/default.nix +++ b/nixpkgs/pkgs/tools/security/vulnix/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , python3Packages , nix , ronn @@ -48,7 +48,7 @@ python3Packages.buildPythonApplication rec { dontStrip = true; - meta = with stdenv.lib; { + meta = with lib; { description = "NixOS vulnerability scanner"; homepage = "https://github.com/flyingcircusio/vulnix"; license = licenses.bsd3; diff --git a/nixpkgs/pkgs/tools/security/wipe/default.nix b/nixpkgs/pkgs/tools/security/wipe/default.nix index 6b84803d2c46..2c3c9376f67b 100644 --- a/nixpkgs/pkgs/tools/security/wipe/default.nix +++ b/nixpkgs/pkgs/tools/security/wipe/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl }: +{ lib, stdenv, fetchurl }: stdenv.mkDerivation rec { pname = "wipe"; @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { patches = [ ./fix-install.patch ]; - meta = with stdenv.lib; { + meta = with lib; { description = "Secure file wiping utility"; homepage = "http://wipe.sourceforge.net/"; license = licenses.gpl2; diff --git a/nixpkgs/pkgs/tools/security/yara/default.nix b/nixpkgs/pkgs/tools/security/yara/default.nix index 8a1195350234..f11e772390d9 100644 --- a/nixpkgs/pkgs/tools/security/yara/default.nix +++ b/nixpkgs/pkgs/tools/security/yara/default.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib, stdenv , fetchFromGitHub , autoreconfHook , pcre @@ -23,20 +23,20 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook pkg-config ]; buildInputs = [ pcre protobufc ] - ++ stdenv.lib.optionals withCrypto [ openssl ] - ++ stdenv.lib.optionals enableMagic [ file ] - ++ stdenv.lib.optionals enableCuckoo [ jansson ] + ++ lib.optionals withCrypto [ openssl ] + ++ lib.optionals enableMagic [ file ] + ++ lib.optionals enableCuckoo [ jansson ] ; preConfigure = "./bootstrap.sh"; configureFlags = [ - (stdenv.lib.withFeature withCrypto "crypto") - (stdenv.lib.enableFeature enableMagic "magic") - (stdenv.lib.enableFeature enableCuckoo "cuckoo") + (lib.withFeature withCrypto "crypto") + (lib.enableFeature enableMagic "magic") + (lib.enableFeature enableCuckoo "cuckoo") ]; - meta = with stdenv.lib; { + meta = with lib; { description = "The pattern matching swiss knife for malware researchers"; homepage = "http://Virustotal.github.io/yara/"; license = licenses.asl20; diff --git a/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix b/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix index 5860fb3a03e4..d4f3e1567caa 100644 --- a/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix +++ b/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchFromGitHub, buildGoModule, libnotify, makeWrapper, pcsclite, pinentry_mac, pkgconfig, darwin }: +{ stdenv, lib, fetchFromGitHub, buildGoModule, libnotify, makeWrapper, pcsclite, pinentry_mac, pkg-config, darwin }: buildGoModule rec { pname = "yubikey-agent"; @@ -15,7 +15,7 @@ buildGoModule rec { lib.optional stdenv.isLinux (lib.getDev pcsclite) ++ lib.optional stdenv.isDarwin (darwin.apple_sdk.frameworks.PCSC); - nativeBuildInputs = [ makeWrapper pkgconfig ]; + nativeBuildInputs = [ makeWrapper pkg-config ]; # pull in go-piv/piv-go#75 # once go-piv/piv-go#75 is merged and released, we should diff --git a/nixpkgs/pkgs/tools/security/zmap/default.nix b/nixpkgs/pkgs/tools/security/zmap/default.nix index e2350b67c7d7..0e37b725db49 100644 --- a/nixpkgs/pkgs/tools/security/zmap/default.nix +++ b/nixpkgs/pkgs/tools/security/zmap/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, cmake, pkgconfig, libjson, json_c, gengetopt, flex, byacc, gmp +{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, libjson, json_c, gengetopt, flex, byacc, gmp , libpcap }: @@ -21,12 +21,12 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DRESPECT_INSTALL_PREFIX_CONFIG=ON" ]; dontUseCmakeBuildDir = true; - nativeBuildInputs = [ cmake pkgconfig gengetopt flex byacc ]; + nativeBuildInputs = [ cmake pkg-config gengetopt flex byacc ]; buildInputs = [ libjson json_c gmp libpcap ]; outputs = [ "out" "man" ]; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://zmap.io/"; license = licenses.asl20; description = "Fast single packet network scanner designed for Internet-wide network surveys"; diff --git a/nixpkgs/pkgs/tools/security/zzuf/default.nix b/nixpkgs/pkgs/tools/security/zzuf/default.nix index 428f1ec1d09c..f8f7bece3a59 100644 --- a/nixpkgs/pkgs/tools/security/zzuf/default.nix +++ b/nixpkgs/pkgs/tools/security/zzuf/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoconf, automake, libtool, pkgconfig }: +{ lib, stdenv, fetchFromGitHub, autoconf, automake, libtool, pkg-config }: stdenv.mkDerivation rec { pname = "zzuf"; @@ -11,11 +11,11 @@ stdenv.mkDerivation rec { sha256 = "0li1s11xf32dafxq1jbnc8c63313hy9ry09dja2rymk9mza4x2n9"; }; - buildInputs = [ autoconf automake libtool pkgconfig ]; + buildInputs = [ autoconf automake libtool pkg-config ]; preConfigure = "./bootstrap"; - meta = with stdenv.lib; { + meta = with lib; { description = "Transparent application input fuzzer"; homepage = "http://caca.zoy.org/wiki/zzuf"; license = licenses.wtfpl; |