diff options
author | Peter Hoeg <peter@hoeg.com> | 2019-04-24 11:54:57 +0800 |
---|---|---|
committer | Peter Hoeg <peter@hoeg.com> | 2019-04-24 11:54:57 +0800 |
commit | c9b0c68dc09722293af6f5c0b4a360c5fc771a24 (patch) | |
tree | 503f9c6d427d19dfb976026dffa5ed3557e869d7 /pkgs/tools/security/rng-tools | |
parent | c4919b614e4ab8e0ceaf69496d915ac85a9f5066 (diff) | |
download | nixlib-c9b0c68dc09722293af6f5c0b4a360c5fc771a24.tar nixlib-c9b0c68dc09722293af6f5c0b4a360c5fc771a24.tar.gz nixlib-c9b0c68dc09722293af6f5c0b4a360c5fc771a24.tar.bz2 nixlib-c9b0c68dc09722293af6f5c0b4a360c5fc771a24.tar.lz nixlib-c9b0c68dc09722293af6f5c0b4a360c5fc771a24.tar.xz nixlib-c9b0c68dc09722293af6f5c0b4a360c5fc771a24.tar.zst nixlib-c9b0c68dc09722293af6f5c0b4a360c5fc771a24.zip |
rng-tools: 6.6 -> 6.7
A few other changes: - use autoreconfHook instead of doing it manually - clean up with/enable flags - add support for PKCS11 entropy sources PKCS11 is not fully tested yet as my hardware hasn't arrived.
Diffstat (limited to 'pkgs/tools/security/rng-tools')
-rw-r--r-- | pkgs/tools/security/rng-tools/default.nix | 43 |
1 files changed, 27 insertions, 16 deletions
diff --git a/pkgs/tools/security/rng-tools/default.nix b/pkgs/tools/security/rng-tools/default.nix index 86a5a1b7c396..3e460c5f8448 100644 --- a/pkgs/tools/security/rng-tools/default.nix +++ b/pkgs/tools/security/rng-tools/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, libtool, autoconf, automake, pkgconfig +{ stdenv, fetchFromGitHub, libtool, autoreconfHook, pkgconfig , sysfsutils # WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS # https://www.nist.gov/programs-projects/nist-randomness-beacon @@ -8,32 +8,43 @@ # Not sure if jitterentropy is safe to use for cryptography # and thus a default entropy source , jitterentropy ? null, withJitterEntropy ? false +, libp11 ? null, withPkcs11 ? true }: + with stdenv.lib; + stdenv.mkDerivation rec { - name = "rng-tools-${version}"; - version = "6.6"; + pname = "rng-tools"; + version = "6.7"; src = fetchFromGitHub { owner = "nhorman"; repo = "rng-tools"; rev = "v${version}"; - sha256 = "0c32sxfvngdjzfmxn5ngc5yxwi8ij3yl216nhzyz9r31qi3m14v7"; + sha256 = "19f75m6mzg8h7b4snzg7d6ypvkz6nq32lrpi9ja95gqz4wsd18a5"; }; - nativeBuildInputs = [ libtool autoconf automake pkgconfig ]; + postPatch = '' + cp README.md README + ''; - preConfigure = "./autogen.sh"; + nativeBuildInputs = [ autoreconfHook libtool pkgconfig ]; - configureFlags = - optional (!withJitterEntropy) "--disable-jitterentropy" - ++ optional (!withNistBeacon) "--without-nistbeacon" - ++ optional (!withGcrypt) "--without-libgcrypt"; + configureFlags = [ + (withFeature withGcrypt "libgcrypt") + (enableFeature withJitterEntropy "jitterentropy") + (withFeature withNistBeacon "nistbeacon") + (withFeature withPkcs11 "pkcs11") + ]; buildInputs = [ sysfsutils ] - ++ optional withJitterEntropy [ jitterentropy ] - ++ optional withGcrypt [ libgcrypt.dev ] - ++ optional withNistBeacon [ openssl.dev curl.dev libxml2.dev ]; + ++ optionals withGcrypt [ libgcrypt ] + ++ optionals withJitterEntropy [ jitterentropy ] + ++ optionals withNistBeacon [ openssl curl libxml2 ] + ++ optionals withPkcs11 [ libp11 openssl ]; + + # This shouldn't be necessary but is as of 6.7 + NIX_LDFLAGS = optionalString withPkcs11 "-lcrypto"; enableParallelBuilding = true; @@ -43,8 +54,8 @@ stdenv.mkDerivation rec { meta = { description = "A random number generator daemon"; homepage = https://github.com/nhorman/rng-tools; - license = stdenv.lib.licenses.gpl2Plus; - platforms = stdenv.lib.platforms.linux; - maintainers = with stdenv.lib.maintainers; [ johnazoidberg ]; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ johnazoidberg ]; }; } |