about summary refs log tree commit diff
path: root/pkgs/servers/certificate-transparency
diff options
context:
space:
mode:
authorPhilip Potter <philip.g.potter@gmail.com>2015-11-10 07:20:20 +0000
committerEdward Tjörnhammar <ed@cflags.cc>2015-11-29 15:01:22 +0100
commit01eb385346b09f12994c187af835ee72254640d6 (patch)
treea1159d0e359d2a749971085cce9fc06d052669d6 /pkgs/servers/certificate-transparency
parent8795eeb6e131ab465a104d7d2f904d151cd8bd48 (diff)
downloadnixlib-01eb385346b09f12994c187af835ee72254640d6.tar
nixlib-01eb385346b09f12994c187af835ee72254640d6.tar.gz
nixlib-01eb385346b09f12994c187af835ee72254640d6.tar.bz2
nixlib-01eb385346b09f12994c187af835ee72254640d6.tar.lz
nixlib-01eb385346b09f12994c187af835ee72254640d6.tar.xz
nixlib-01eb385346b09f12994c187af835ee72254640d6.tar.zst
nixlib-01eb385346b09f12994c187af835ee72254640d6.zip
certificate-transparency: init at 2015-11-27
libevhtp: 1.2.10 -> 1.2.11

Package for certificate-transparency

This adds openssl support to libevent.  Libevent can be compiled without
openssl, in which case it just doesn't build the libevent_openssl
library.  However it seems simpler just to default to including openssl
support.

This bumps evhtp's version because 1.2.11 provides pkg-config
information which makes building certificate-transparency easier.

This has been tested with `doCheck = true;`.

Signed-off-by: Edward Tjörnhammar <ed@cflags.cc>
Diffstat (limited to 'pkgs/servers/certificate-transparency')
-rw-r--r--pkgs/servers/certificate-transparency/default.nix57
-rw-r--r--pkgs/servers/certificate-transparency/protobuf-include-from-env.patch14
2 files changed, 71 insertions, 0 deletions
diff --git a/pkgs/servers/certificate-transparency/default.nix b/pkgs/servers/certificate-transparency/default.nix
new file mode 100644
index 000000000000..ebfa7427fc00
--- /dev/null
+++ b/pkgs/servers/certificate-transparency/default.nix
@@ -0,0 +1,57 @@
+{ stdenv, pkgs, ...}:
+
+stdenv.mkDerivation rec {
+  name = "certificate-transparency-${version}";
+
+  version = "2015-11-27";
+  rev = "dc5a51e55af989ff5871a6647166d00d0de478ab";
+
+  meta = with stdenv.lib; {
+    homepage = https://www.certificate-transparency.org/;
+    description = "Auditing for TLS certificates.";
+    license = licenses.asl20;
+    platforms = platforms.unix;
+    maintainers = with maintainers; [ philandstuff ];
+  };
+
+  src = pkgs.fetchFromGitHub {
+    owner = "google";
+    repo  = "certificate-transparency";
+    rev   = rev;
+    sha256 = "14sgc2kcjjsnrykwcjin21h1f3v4kg83w6jqiq9qdm1ha165yhvx";
+  };
+
+  # need to disable regex support in evhtp or building will fail
+  libevhtp_without_regex = stdenv.lib.overrideDerivation pkgs.libevhtp
+    (oldAttrs: {
+      cmakeFlags="-DEVHTP_DISABLE_REGEX:STRING=ON -DCMAKE_C_FLAGS:STRING=-fPIC";
+    });
+
+  buildInputs = with pkgs; [
+    autoconf automake clang_34 pkgconfig
+    glog gmock google-gflags gperftools gtest json_c leveldb
+    libevent libevhtp_without_regex openssl protobuf sqlite
+  ];
+
+  patches = [
+    ./protobuf-include-from-env.patch
+  ];
+
+  doCheck = false;
+
+  preConfigure = ''
+    ./autogen.sh
+    configureFlagsArray=(
+      CC=clang
+      CXX=clang++
+      GMOCK_DIR=${pkgs.gmock}
+      GTEST_DIR=${pkgs.gtest}
+    )
+  '';
+
+  # the default Makefile constructs BUILD_VERSION from `git describe`
+  # which isn't available in the nix build environment
+  makeFlags = "BUILD_VERSION=${version}-${rev}";
+
+  protocFlags = "-I ${pkgs.protobuf}/include";
+}
diff --git a/pkgs/servers/certificate-transparency/protobuf-include-from-env.patch b/pkgs/servers/certificate-transparency/protobuf-include-from-env.patch
new file mode 100644
index 000000000000..a1f9a1849b63
--- /dev/null
+++ b/pkgs/servers/certificate-transparency/protobuf-include-from-env.patch
@@ -0,0 +1,14 @@
+Get protobuf include path from environment
+
+--- a/python/Makefile
++++ b/python/Makefile
+@@ -5,7 +5,7 @@ all: ct/proto/client_pb2.py ct/proto/ct_pb2.py ct/proto/tls_options_pb2.py \
+ 	ct/proto/test_message_pb2.py ct/proto/certificate_pb2.py
+ 
+ ct/proto/%_pb2.py: ct/proto/%.proto
+-	$(PROTOC) $^ -I/usr/include/ -I/usr/local/include -I$(INSTALL_DIR)/include -I. --python_out=.
++	$(PROTOC) $^ $(protocFlags) -I. --python_out=.
+ 
+ ct/proto/ct_pb2.py: ../proto/ct.proto
+ 	$(PROTOC) --python_out=ct/proto -I../proto ../proto/ct.proto
+