Merge pull request #81613 from prusnak/libfido2

libfido2: change dependency from libressl to openssl
author: Will Dietz <w@wdtz.org> 2020-03-10 19:31:28 -0500
committer: GitHub <noreply@github.com> 2020-03-10 19:31:28 -0500
commit: d84703247866fc0d57b0ee39ead3dd508b23e87c (patch)
tree: 7b5af78a5ae2b2c312e49f80c3460967820223b6 /pkgs/development/libraries
parent: 6687d1e638c02db94cdb6f1d0f970703eb7d29f9 (diff)
parent: c1d66a5588c023e85a7f2d31cf0f8d36f36ca9c9 (diff)
download: nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.tar
nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.tar.gz
nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.tar.bz2
nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.tar.lz
nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.tar.xz
nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.tar.zst
nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.zip
1 files changed, 33 insertions, 6 deletions
diff --git a/pkgs/development/libraries/libfido2/default.nix b/pkgs/development/libraries/libfido2/default.nix
index 01a73f4a1308..d5d2b18e5ed5 100644
--- a/pkgs/development/libraries/libfido2/default.nix
+++ b/pkgs/development/libraries/libfido2/default.nix
@@ -1,4 +1,12 @@
-{ stdenv, fetchurl, cmake, pkgconfig, libcbor, libressl, udev, IOKit }:
+{ stdenv
+, fetchurl
+, fetchpatch
+, cmake
+, pkgconfig
+, libcbor
+, openssl
+, udev
+, IOKit }:
 
 stdenv.mkDerivation rec {
   pname = "libfido2";
@@ -9,14 +17,33 @@ stdenv.mkDerivation rec {
   };
 
   nativeBuildInputs = [ cmake pkgconfig ];
-  buildInputs = [ libcbor libressl ]
+
+  buildInputs = [ libcbor openssl ]
     ++ stdenv.lib.optionals stdenv.isLinux [ udev ]
     ++ stdenv.lib.optionals stdenv.isDarwin [ IOKit ];
 
-  patches = [ ./detect_apple_ld.patch ];
+  patches = [
+    # fix build on darwin
+    (fetchpatch {
+      url = "https://github.com/Yubico/libfido2/commit/916ebd18a89e4028de203d603726805339be7a5b.patch";
+      sha256 = "07f0xpxnq02cccmqcric87b6pms7k7ssvdw722zr970a6qs8p6i7";
+    })
+    # allow attestation using any supported algorithm
+    (fetchpatch {
+      url = "https://github.com/Yubico/libfido2/commit/f7a9471fa0588cb91cbefffb13c1e4d06c2179b7.patch";
+      sha256 = "02qbw9bqy3sixvwig6az7v3vimgznxnfikn9p1jczm3d7mn8asw2";
+    })
+    # fix EdDSA attestation signature verification bug
+    (fetchpatch {
+      url = "https://github.com/Yubico/libfido2/commit/95126eea52294419515e6540dfd7220f35664c48.patch";
+      sha256 = "076mwpl9xndjhy359jdv2drrwyq7wd3pampkn28mn1rlwxfgf0d0";
+    })
+  ];
 
-  cmakeFlags = [ "-DUDEV_RULES_DIR=${placeholder "out"}/etc/udev/rules.d"
-                 "-DCMAKE_INSTALL_LIBDIR=lib" ];
+  cmakeFlags = [
+    "-DUDEV_RULES_DIR=${placeholder "out"}/etc/udev/rules.d"
+    "-DCMAKE_INSTALL_LIBDIR=lib"
+  ];
 
   meta = with stdenv.lib; {
     description = ''
@@ -24,7 +51,7 @@ stdenv.mkDerivation rec {
     '';
     homepage = https://github.com/Yubico/libfido2;
     license = licenses.bsd2;
-    maintainers = with maintainers; [ dtzWill ];
+    maintainers = with maintainers; [ dtzWill prusnak ];
     platforms = platforms.unix;
   };
 }
author	Will Dietz <w@wdtz.org>	2020-03-10 19:31:28 -0500
committer	GitHub <noreply@github.com>	2020-03-10 19:31:28 -0500
commit	d84703247866fc0d57b0ee39ead3dd508b23e87c (patch)
tree	7b5af78a5ae2b2c312e49f80c3460967820223b6 /pkgs/development/libraries
parent	6687d1e638c02db94cdb6f1d0f970703eb7d29f9 (diff)
parent	c1d66a5588c023e85a7f2d31cf0f8d36f36ca9c9 (diff)
download	nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.tar nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.tar.gz nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.tar.bz2 nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.tar.lz nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.tar.xz nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.tar.zst nixlib-d84703247866fc0d57b0ee39ead3dd508b23e87c.zip