diff options
author | Frederik Rietdijk <fridh@fridh.nl> | 2020-05-27 15:27:21 +0200 |
---|---|---|
committer | Frederik Rietdijk <fridh@fridh.nl> | 2020-05-27 15:27:28 +0200 |
commit | 362d88c2b19e3857576b2571722dc66c381c185a (patch) | |
tree | 7dc706e1918e7dc1e9762573831c851be4343559 /pkgs/tools/security | |
parent | 0367fa630d59673624d6742e2758b87eb12fff4c (diff) | |
parent | 1b7204ab3cff3c0aeb0f0e1689b1ef2f7960bb2e (diff) | |
download | nixlib-362d88c2b19e3857576b2571722dc66c381c185a.tar nixlib-362d88c2b19e3857576b2571722dc66c381c185a.tar.gz nixlib-362d88c2b19e3857576b2571722dc66c381c185a.tar.bz2 nixlib-362d88c2b19e3857576b2571722dc66c381c185a.tar.lz nixlib-362d88c2b19e3857576b2571722dc66c381c185a.tar.xz nixlib-362d88c2b19e3857576b2571722dc66c381c185a.tar.zst nixlib-362d88c2b19e3857576b2571722dc66c381c185a.zip |
Merge staging-next into staging
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r-- | pkgs/tools/security/ecryptfs/default.nix | 13 | ||||
-rw-r--r-- | pkgs/tools/security/fprintd/default.nix | 104 | ||||
-rw-r--r-- | pkgs/tools/security/hcxdumptool/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/tpm2-tools/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/yara/default.nix | 28 |
5 files changed, 103 insertions, 50 deletions
diff --git a/pkgs/tools/security/ecryptfs/default.nix b/pkgs/tools/security/ecryptfs/default.nix index 9fd8c3ac7a22..e4caa9c4e18d 100644 --- a/pkgs/tools/security/ecryptfs/default.nix +++ b/pkgs/tools/security/ecryptfs/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, perl, utillinux, keyutils, nss, nspr, python2, pam +{ stdenv, fetchurl, pkgconfig, perl, utillinux, keyutils, nss, nspr, python2, pam, enablePython ? false , intltool, makeWrapper, coreutils, bash, gettext, cryptsetup, lvm2, rsync, which, lsof }: stdenv.mkDerivation rec { @@ -33,8 +33,15 @@ stdenv.mkDerivation rec { done ''; - nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ perl nss nspr python2 pam intltool makeWrapper ]; + configureFlags = stdenv.lib.optionals (!enablePython) [ "--disable-pywrap" ]; + + nativeBuildInputs = [ pkgconfig ] + # if python2 support is requested, it is needed at builtime as well as runtime. + ++ stdenv.lib.optionals (enablePython) [ python2 ] + ; + buildInputs = [ perl nss nspr pam intltool makeWrapper ] + ++ stdenv.lib.optionals (enablePython) [ python2 ] + ; propagatedBuildInputs = [ coreutils gettext cryptsetup lvm2 rsync keyutils which ]; postInstall = '' diff --git a/pkgs/tools/security/fprintd/default.nix b/pkgs/tools/security/fprintd/default.nix index b119a6ed29ff..62f5dda17f67 100644 --- a/pkgs/tools/security/fprintd/default.nix +++ b/pkgs/tools/security/fprintd/default.nix @@ -1,42 +1,70 @@ -{ thinkpad ? false -, stdenv -, fetchurl +{ stdenv +, fetchFromGitLab , fetchpatch , pkgconfig -, intltool -, libfprint-thinkpad ? null -, libfprint ? null +, meson +, ninja +, perl +, gettext +, cairo +, gtk-doc +, libxslt +, docbook-xsl-nons +, docbook_xml_dtd_412 , glib +, dbus , dbus-glib , polkit , nss , pam , systemd -, autoreconfHook -, gtk-doc +, libfprint +, python3 }: stdenv.mkDerivation rec { - pname = "fprintd" + stdenv.lib.optionalString thinkpad "-thinkpad"; - version = "0.9.0"; + pname = "fprintd"; + version = "1.90.1"; + outputs = [ "out" "devdoc" ]; - src = fetchurl { - url = "https://gitlab.freedesktop.org/libfprint/fprintd/uploads/9dec4b63d1f00e637070be1477ce63c0/fprintd-${version}.tar.xz"; - sha256 = "182gcnwb6zjwmk0dn562rjmpbk7ac7dhipbfdhfic2sn1jzis49p"; + src = fetchFromGitLab { + domain = "gitlab.freedesktop.org"; + owner = "libfprint"; + repo = pname; + rev = version; + sha256 = "0mbzk263x7f58i9cxhs44mrngs7zw5wkm62j5r6xlcidhmfn03cg"; }; patches = [ + # Fixes issue with ":" when there is multiple paths (might be the case on NixOS) + # https://gitlab.freedesktop.org/libfprint/fprintd/-/merge_requests/50 + (fetchpatch { + url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/commit/d7fec03f24d10f88d34581c72f0eef201f5eafac.patch"; + sha256 = "QNN05WF4YZ0XiTwm5NkfqZDuQpyXlnrh+RJF9SNsCDk="; + }) + + # Fix locating libpam_wrapper for tests + (fetchpatch { + url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/merge_requests/40.patch"; + sha256 = "43uPihK6HhygHw1Qplwci80Wseq/S77VUp+OdEECHmM="; + }) (fetchpatch { - url = "https://gitlab.freedesktop.org/libfprint/fprintd/merge_requests/16.patch"; - sha256 = "1y39zsmxjll9hip8464qwhq5qg06c13pnafyafgxdph75lvhdll7"; + url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/commit/f401f399a85dbeb2de165b9b9162eb552ab6eea7.patch"; + sha256 = "Pga+/QEkln8DOwGZfKM1r2urJX4Y3X0bozWWxKZ5ia0="; }) ]; nativeBuildInputs = [ - intltool pkgconfig - autoreconfHook # Drop with above patch - gtk-doc # Drop with above patch + meson + ninja + perl + gettext + gtk-doc + libxslt + dbus + docbook-xsl-nons + docbook_xml_dtd_412 ]; buildInputs = [ @@ -46,23 +74,43 @@ stdenv.mkDerivation rec { nss pam systemd - ] - ++ stdenv.lib.optional thinkpad libfprint-thinkpad - ++ stdenv.lib.optional (!thinkpad) libfprint - ; + libfprint + ]; + + checkInputs = with python3.pkgs; [ + python-dbusmock + dbus-python + pygobject3 + pycairo + pypamtest + ]; - configureFlags = [ - # is hardcoded to /var/lib/fprint, this is for the StateDirectory install target - "--localstatedir=${placeholder "out"}/var" - "--sysconfdir=${placeholder "out"}/etc" - "--with-systemdsystemunitdir=${placeholder "out"}/lib/systemd/system" + mesonFlags = [ + "-Dgtk_doc=true" + "-Dpam_modules_dir=${placeholder "out"}/lib/security" + "-Dsysconfdir=${placeholder "out"}/etc" + "-Ddbus_service_dir=${placeholder "out"}/share/dbus-1/system-services" + "-Dsystemd_system_unit_dir=${placeholder "out"}/lib/systemd/system" ]; + PKG_CONFIG_DBUS_1_INTERFACES_DIR = "${placeholder "out"}/share/dbus-1/interfaces"; + PKG_CONFIG_POLKIT_GOBJECT_1_POLICYDIR = "${placeholder "out"}/share/polkit-1/actions"; + PKG_CONFIG_DBUS_1_DATADIR = "${placeholder "out"}/share"; + + # FIXME: Ugly hack for tests to find libpam_wrapper.so + LIBRARY_PATH = stdenv.lib.makeLibraryPath [ python3.pkgs.pypamtest ]; + + doCheck = true; + + postPatch = '' + patchShebangs po/check-translations.sh + ''; + meta = with stdenv.lib; { homepage = "https://fprint.freedesktop.org/"; description = "D-Bus daemon that offers libfprint functionality over the D-Bus interprocess communication bus"; license = licenses.gpl2; platforms = platforms.linux; - maintainers = with maintainers; [ abbradar ]; + maintainers = with maintainers; [ abbradar elyhaka ]; }; } diff --git a/pkgs/tools/security/hcxdumptool/default.nix b/pkgs/tools/security/hcxdumptool/default.nix index 6a2eee471432..c7a5a9985552 100644 --- a/pkgs/tools/security/hcxdumptool/default.nix +++ b/pkgs/tools/security/hcxdumptool/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "hcxdumptool"; - version = "6.0.5"; + version = "6.0.6"; src = fetchFromGitHub { owner = "ZerBea"; repo = "hcxdumptool"; rev = version; - sha256 = "0rh19lblz8wp8q2x123nlwvxq1pjq9zw12w18z83v2l2knjbc524"; + sha256 = "1b4d543y64ib92w9gcmiyjn5hz2vyjqmxk3f3yr1zk04fhw16gmf"; }; buildInputs = [ openssl ]; diff --git a/pkgs/tools/security/tpm2-tools/default.nix b/pkgs/tools/security/tpm2-tools/default.nix index 06826173e340..282b1df299cf 100644 --- a/pkgs/tools/security/tpm2-tools/default.nix +++ b/pkgs/tools/security/tpm2-tools/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { pname = "tpm2-tools"; - version = "4.1.1"; + version = "4.1.2"; src = fetchurl { url = "https://github.com/tpm2-software/${pname}/releases/download/${version}/${pname}-${version}.tar.gz"; - sha256 = "1cd74nd57wmms2yrnzs64xki29rf4kx61kd30fyd56wlicyjdfa0"; + sha256 = "0di97zmxdh04m2ibyshcgvillwxx6rnd0543scm7q10y7nv74m0p"; }; nativeBuildInputs = [ pandoc pkgconfig makeWrapper ]; diff --git a/pkgs/tools/security/yara/default.nix b/pkgs/tools/security/yara/default.nix index a470ad11caff..8a1195350234 100644 --- a/pkgs/tools/security/yara/default.nix +++ b/pkgs/tools/security/yara/default.nix @@ -1,30 +1,28 @@ -{ stdenv, fetchFromGitHub, fetchpatch, autoconf, automake, libtool, pcre +{ stdenv +, fetchFromGitHub +, autoreconfHook +, pcre +, pkg-config +, protobufc , withCrypto ? true, openssl , enableMagic ? true, file , enableCuckoo ? true, jansson }: stdenv.mkDerivation rec { - version = "3.11.0"; + version = "4.0.1"; pname = "yara"; src = fetchFromGitHub { owner = "VirusTotal"; repo = "yara"; rev = "v${version}"; - sha256 = "0mx3xm2a70fx8vlynkavq8gfd9w5yjcix5rx85444i2s1h6kcd0j"; + sha256 = "0dy8jf0pdn0wilxy1pj6pqjxg7icxkwax09w54np87gl9p00f5rk"; }; - # See: https://github.com/VirusTotal/yara/issues/1036 - # TODO: This patch should not be necessary in the next release - patches = [ - (fetchpatch { - url = "https://github.com/VirusTotal/yara/commit/04df811fa61fa54390b274bfcf56d7403c184404.patch"; - sha256 = "0hsbc2k7nmk2kskll971draz0an4rmcs5v0iql47mz596vqvkzmb"; - }) - ]; + nativeBuildInputs = [ autoreconfHook pkg-config ]; - buildInputs = [ autoconf automake libtool pcre ] + buildInputs = [ pcre protobufc ] ++ stdenv.lib.optionals withCrypto [ openssl ] ++ stdenv.lib.optionals enableMagic [ file ] ++ stdenv.lib.optionals enableCuckoo [ jansson ] @@ -40,8 +38,8 @@ stdenv.mkDerivation rec { meta = with stdenv.lib; { description = "The pattern matching swiss knife for malware researchers"; - homepage = "http://Virustotal.github.io/yara/"; - license = licenses.asl20; - platforms = stdenv.lib.platforms.all; + homepage = "http://Virustotal.github.io/yara/"; + license = licenses.asl20; + platforms = platforms.all; }; } |