gnutls: Don't depend on trousers by default

Let's keep the base system free of "trusted" computing crap...

1 files changed, 10 insertions, 12 deletions

diff --git a/pkgs/development/libraries/gnutls/generic.nix b/pkgs/development/libraries/gnutls/generic.nix
index 07760933935a..436f6beb54eb 100644
--- a/pkgs/development/libraries/gnutls/generic.nix
+++ b/pkgs/development/libraries/gnutls/generic.nix
@@ -1,5 +1,6 @@
-{ fetchurl, stdenv, autoreconfHook, zlib, lzo, libtasn1, nettle, pkgconfig, lzip
-, guileBindings, guile, perl, gmp, libidn, p11_kit, unbound, trousers
+{ lib, fetchurl, stdenv, autoreconfHook, zlib, lzo, libtasn1, nettle, pkgconfig, lzip
+, guileBindings, guile, perl, gmp, libidn, p11_kit, unbound
+, tpmSupport ? false, trousers
 
 # Version dependent args
 , version, src, patches ? []
@@ -7,9 +8,6 @@
 
 assert guileBindings -> guile != null;
 
-let
-  inherit (stdenv.lib) optional optionals optionalString;
-in
 stdenv.mkDerivation rec {
   name = "gnutls-${version}";
 
@@ -17,11 +15,11 @@ stdenv.mkDerivation rec {
 
   configureFlags =
     # FIXME: perhaps use $SSL_CERT_FILE instead
-    optional stdenv.isLinux "--with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt"
+    lib.optional stdenv.isLinux "--with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt"
   ++ [
     "--disable-dependency-tracking"
     "--enable-fast-install"
-  ] ++ optionals guileBindings
+  ] ++ lib.optional guileBindings
     [ "--enable-guile" "--with-guile-site-dir=\${out}/share/guile/site" ];
 
   # Build of the Guile bindings is not parallel-safe.  See
@@ -30,9 +28,9 @@ stdenv.mkDerivation rec {
   enableParallelBuilding = !guileBindings;
 
   buildInputs = [ lzo lzip nettle libtasn1 libidn p11_kit zlib gmp ]
-    ++ optional stdenv.isLinux trousers
+    ++ lib.optional (tpmSupport && stdenv.isLinux) trousers
     ++ [ unbound ]
-    ++ optional guileBindings guile;
+    ++ lib.optional guileBindings guile;
 
   nativeBuildInputs = [ perl pkgconfig autoreconfHook ];
 
@@ -41,14 +39,14 @@ stdenv.mkDerivation rec {
   doCheck = (!stdenv.isFreeBSD && !stdenv.isDarwin);
 
   # Fixup broken libtool and pkgconfig files
-  preFixup = optionalString (!stdenv.isDarwin) ''
-    sed -e 's,-ltspi,-L${trousers}/lib -ltspi,' \
+  preFixup = lib.optionalString (!stdenv.isDarwin) ''
+    sed ${lib.optionalString tpmSupport "-e 's,-ltspi,-L${trousers}/lib -ltspi,'"} \
         -e 's,-lz,-L${zlib}/lib -lz,' \
         -e 's,-lgmp,-L${gmp}/lib -lgmp,' \
         -i $out/lib/libgnutls.la $out/lib/pkgconfig/gnutls.pc
   '';
 
-  meta = with stdenv.lib; {
+  meta = with lib; {
     description = "The GNU Transport Layer Security Library";
 
     longDescription = ''