diff options
author | Pavol Rusnak <pavol@rusnak.io> | 2020-02-15 20:51:49 +0100 |
---|---|---|
committer | Frederik Rietdijk <freddyrietdijk@fridh.nl> | 2020-02-27 10:21:52 +0100 |
commit | 44864b292f041d96696155daa78eda8bd03d796f (patch) | |
tree | cc1d8399ba960a16b0a6fbce01d34048daef5b4e /pkgs/tools/networking | |
parent | 5d33637dd940f2053724359c207c052647ce7112 (diff) | |
download | nixlib-44864b292f041d96696155daa78eda8bd03d796f.tar nixlib-44864b292f041d96696155daa78eda8bd03d796f.tar.gz nixlib-44864b292f041d96696155daa78eda8bd03d796f.tar.bz2 nixlib-44864b292f041d96696155daa78eda8bd03d796f.tar.lz nixlib-44864b292f041d96696155daa78eda8bd03d796f.tar.xz nixlib-44864b292f041d96696155daa78eda8bd03d796f.tar.zst nixlib-44864b292f041d96696155daa78eda8bd03d796f.zip |
openssh: 8.1p1 -> 8.2p1
https://www.openssh.com/txt/release-8.2 add libfido2 to enable hardware tokens support added in this release
Diffstat (limited to 'pkgs/tools/networking')
-rw-r--r-- | pkgs/tools/networking/openssh/default.nix | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix index 90ecba0891d6..2603200e0f3d 100644 --- a/pkgs/tools/networking/openssh/default.nix +++ b/pkgs/tools/networking/openssh/default.nix @@ -4,6 +4,8 @@ , withKerberos ? true , withGssapiPatches ? false , kerberos +, libfido2 +, withFIDO ? stdenv.hostPlatform.isUnix , linkOpenssl? true }: @@ -12,15 +14,15 @@ let # **please** update this patch when you update to a new openssh release. gssapiPatch = fetchpatch { name = "openssh-gssapi.patch"; - url = "https://salsa.debian.org/ssh-team/openssh/raw/debian/1%258.1p1-2/debian/patches/gssapi.patch"; - sha256 = "0zfxx46a5lpjp317z354yyswa2wvmb1pp5p0nxsbhsrzw94jvxsj"; + url = "https://salsa.debian.org/ssh-team/openssh/raw/debian/1%258.2p1-1/debian/patches/gssapi.patch"; + sha256 = "081gryqkfr5zr4f5m4v0piq1sxz06sb38z5lqxccgpivql7pa8d8"; }; in with stdenv.lib; stdenv.mkDerivation rec { pname = "openssh"; - version = if hpnSupport then "7.8p1" else "8.1p1"; + version = if hpnSupport then "7.8p1" else "8.2p1"; src = if hpnSupport then fetchurl { @@ -30,7 +32,7 @@ stdenv.mkDerivation rec { else fetchurl { url = "mirror://openbsd/OpenSSH/portable/${pname}-${version}.tar.gz"; - sha256 = "1zwk3g57gb13br206k6jdhgnp6y1nibwswzraqspbl1m73pxpx82"; + sha256 = "0wg6ckzvvklbzznijxkk28fb8dnwyjd0w30ra0afwv6gwr8m34j3"; }; patches = @@ -61,6 +63,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig ] ++ optional (hpnSupport || withGssapiPatches) autoreconfHook; buildInputs = [ zlib openssl libedit pam ] + ++ optional withFIDO libfido2 ++ optional withKerberos kerberos; preConfigure = '' @@ -80,6 +83,7 @@ stdenv.mkDerivation rec { "--disable-strip" (if pam != null then "--with-pam" else "--without-pam") ] ++ optional (etcDir != null) "--sysconfdir=${etcDir}" + ++ optional withFIDO "--with-security-key-builtin=yes" ++ optional withKerberos (assert kerberos != null; "--with-kerberos5=${kerberos}") ++ optional stdenv.isDarwin "--disable-libutil" ++ optional (!linkOpenssl) "--without-openssl"; |