diff options
author | Orivej Desh <orivej@gmx.fr> | 2017-11-21 22:48:36 +0000 |
---|---|---|
committer | Orivej Desh <orivej@gmx.fr> | 2017-11-21 22:48:36 +0000 |
commit | b8e1e7191e99af29125fbb37f42cb68f43af800c (patch) | |
tree | 1ca52bd4c93d50473ebdb7cebc7721140e84a924 /pkgs/tools/security | |
parent | 71a2a5ae40b2b94150365bb846fb78b620562df8 (diff) | |
parent | 91d2cf96424cc5209d3cf799bc2b4fa52af34596 (diff) | |
download | nixlib-b8e1e7191e99af29125fbb37f42cb68f43af800c.tar nixlib-b8e1e7191e99af29125fbb37f42cb68f43af800c.tar.gz nixlib-b8e1e7191e99af29125fbb37f42cb68f43af800c.tar.bz2 nixlib-b8e1e7191e99af29125fbb37f42cb68f43af800c.tar.lz nixlib-b8e1e7191e99af29125fbb37f42cb68f43af800c.tar.xz nixlib-b8e1e7191e99af29125fbb37f42cb68f43af800c.tar.zst nixlib-b8e1e7191e99af29125fbb37f42cb68f43af800c.zip |
Merge branch 'master' into staging
* master: (80 commits) lkl: Supports aarch64 wimlib: nitpicks gitAndTools.git-codeowners: 0.1.1 -> 0.1.2 wimlib: init at 1.12.0 kernel: improve modDirVersion error message releaseTools.sourceTarball: Clean up temporary files dotnetPackages.SmartIrc4net: rehash source migmix: make it a fixed-output derivation vm: Create /dev/full samba: 4.6.8 -> 4.6.11 to address CVEs CVE-2017-14746 & CVE-2017-15275 microcodeIntel: 20170707 -> 20171117 sshd: Remove ripemd160 MACs kernel config: Enable MEDIA_CONTROLLER linux: 4.4.99 -> 4.4.100 linux: 4.9.63 -> 4.9.64 nix-bash-completions: 0.4 -> 0.5 linux: 4.14 -> 4.14.1 linux: 4.13.14 -> 4.13.15 nix-zsh-completions: 0.3.3 -> 0.3.5 dns-root-data: use a stable URL that I maintain anyway ...
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r-- | pkgs/tools/security/opencryptoki/default.nix | 43 | ||||
-rw-r--r-- | pkgs/tools/security/simple-tpm-pk11/default.nix | 26 |
2 files changed, 37 insertions, 32 deletions
diff --git a/pkgs/tools/security/opencryptoki/default.nix b/pkgs/tools/security/opencryptoki/default.nix index 9ea9c2f4892b..f2929f3e22b4 100644 --- a/pkgs/tools/security/opencryptoki/default.nix +++ b/pkgs/tools/security/opencryptoki/default.nix @@ -1,38 +1,41 @@ -{ stdenv, fetchurl, openssl, trousers, automake, autoconf, libtool, bison, flex }: +{ stdenv, fetchFromGitHub, openssl, trousers, autoreconfHook, libtool, bison, flex }: stdenv.mkDerivation rec { - version = "3.2"; name = "opencryptoki-${version}"; + version = "3.8.1"; - src = fetchurl { - url = "mirror://sourceforge/opencryptoki/opencryptoki/v${version}/opencryptoki-v${version}.tgz"; - sha256 = "06r6zp299vxdspl6k65myzgjv0bihg7kc500v7s4jd3mcrkngd6h"; + src = fetchFromGitHub { + owner = "opencryptoki"; + repo = "opencryptoki"; + rev = "v${version}"; + sha256 = "1m618pjfzw18irmh6i4pfq1gvcxgyfh9ikjn33nrdj55v2l27g31"; }; - buildInputs = [ automake autoconf libtool openssl trousers bison flex ]; + nativeBuildInputs = [ autoreconfHook libtool bison flex ]; + buildInputs = [ openssl trousers ]; - preConfigure = '' - substituteInPlace configure.in --replace "chown" "true" - substituteInPlace configure.in --replace "chgrp" "true" - sh bootstrap.sh --prefix=$out + postPatch = '' + substituteInPlace configure.ac \ + --replace "usermod" "true" \ + --replace "groupadd" "true" \ + --replace "chmod" "true" \ + --replace "chgrp" "true" + substituteInPlace usr/lib/Makefile.am --replace "DESTDIR" "out" ''; - configureFlags = [ "--disable-ccatok" "--disable-icatok" ]; + configureFlags = [ + "--prefix=$(out)" + "--disable-ccatok" + "--disable-icatok" + ]; - makeFlags = "DESTDIR=$(out)"; - - # work around the build script of opencryptoki - postInstall = '' - cp -r $out/$out/* $out - rm -r $out/nix - ''; + enableParallelBuilding = true; meta = with stdenv.lib; { description = "PKCS#11 implementation for Linux"; - homepage = http://opencryptoki.sourceforge.net/; + homepage = https://github.com/opencryptoki/opencryptoki; license = licenses.cpl10; maintainers = [ maintainers.tstrobel ]; platforms = platforms.unix; }; } - diff --git a/pkgs/tools/security/simple-tpm-pk11/default.nix b/pkgs/tools/security/simple-tpm-pk11/default.nix index 75886399fdc5..96565ec84b52 100644 --- a/pkgs/tools/security/simple-tpm-pk11/default.nix +++ b/pkgs/tools/security/simple-tpm-pk11/default.nix @@ -1,27 +1,29 @@ -{ stdenv, fetchgit, trousers, openssl, opencryptoki, automake, autoconf, libtool }: +{ stdenv, fetchFromGitHub, trousers, openssl, opencryptoki, autoreconfHook, libtool }: stdenv.mkDerivation rec { - name = "simple-tpm-pk11-2016-07-12"; + name = "simple-tpm-pk11-${version}"; + version = "0.06"; - src = fetchgit { - url = "https://github.com/ThomasHabets/simple-tpm-pk11"; - rev = "6f1f7a6b96ac82965e977cfecb88d930f1d70243"; - sha256 = "06vf3djp29slh7hrh4hlh3npyl277fy7d77jv9mxa1sk1idjklxc"; + src = fetchFromGitHub { + owner = "ThomasHabets"; + repo = "simple-tpm-pk11"; + rev = version; + sha256 = "0vpbaklr4r1a2am0pqcm6m41ph22mkcrq33y8ab5h8qkhkvhd6a6"; }; - buildInputs = [ trousers openssl opencryptoki automake autoconf libtool ]; + nativeBuildInputs = [ autoreconfHook libtool ]; + buildInputs = [ trousers openssl opencryptoki ]; - preConfigure = "sh bootstrap.sh"; + enableParallelBuilding = true; meta = with stdenv.lib; { description = "Simple PKCS11 provider for TPM chips"; longDescription = '' A simple library for using the TPM chip to secure SSH keys. - ''; + ''; homepage = https://github.com/ThomasHabets/simple-tpm-pk11; - license = stdenv.lib.licenses.asl20; - maintainers = with stdenv.lib; [ maintainers.tstrobel ]; + license = licenses.asl20; + maintainers = with maintainers; [ tstrobel ]; platforms = platforms.unix; }; } - |