Merge branch 'master.upstream' into staging.upstream

4 files changed, 71 insertions, 6 deletions

diff --git a/pkgs/tools/security/gnupg/21.nix b/pkgs/tools/security/gnupg/21.nix
index 2bbd73763dc7..2a0f12545131 100644
--- a/pkgs/tools/security/gnupg/21.nix
+++ b/pkgs/tools/security/gnupg/21.nix
@@ -13,11 +13,11 @@ with stdenv.lib;
 assert x11Support -> pinentry != null;
 
 stdenv.mkDerivation rec {
-  name = "gnupg-2.1.6";
+  name = "gnupg-2.1.7";
 
   src = fetchurl {
     url = "mirror://gnupg/gnupg/${name}.tar.bz2";
-    sha256 = "1zcj5vsrc64zyq7spnx2xlxlq6wxaf5bilpf6gbkp7qr8barlnay";
+    sha256 = "0vl4wzraln0h4db0kfza4l5by5pgfijqplji5n4riv3zsiv3g2n1";
   };
 
   postPatch = stdenv.lib.optionalString stdenv.isLinux ''
diff --git a/pkgs/tools/security/nsjail/default.nix b/pkgs/tools/security/nsjail/default.nix
new file mode 100644
index 000000000000..f2ec3af139fa
--- /dev/null
+++ b/pkgs/tools/security/nsjail/default.nix
@@ -0,0 +1,30 @@
+{ stdenv, fetchgit }:
+
+stdenv.mkDerivation rec {
+  name = "nsjail-git-2015-08-10";
+
+  src = fetchgit {
+    url = https://github.com/google/nsjail;
+    rev = "8b951e6c2827386786cde4a124cd1846d25b9404";
+    sha256 = "b3b863423cc676111d2d1afbac524eee6fa824588cafccb7c42ff470508a13b1";
+  };
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp nsjail $out/bin
+  '';
+
+  meta = {
+    description = ''
+      A light-weight process isolation tool, making use of Linux namespaces
+      and seccomp-bpf syscall filters
+      '';
+    homepage = http://google.github.io/nsjail;
+
+    license = stdenv.lib.licenses.apsl20;
+
+    maintainers = [ stdenv.lib.maintainers.bosu ];
+
+    platforms = stdenv.lib.platforms.linux;
+  };
+}
diff --git a/pkgs/tools/security/pinentry/default.nix b/pkgs/tools/security/pinentry/default.nix
index 7b8e2fe27616..30d717c7bc11 100644
--- a/pkgs/tools/security/pinentry/default.nix
+++ b/pkgs/tools/security/pinentry/default.nix
@@ -1,5 +1,5 @@
 { fetchurl, stdenv, pkgconfig
-, libcap ? null, ncurses ? null, gtk2 ? null, qt4 ? null
+, libgpgerror, libassuan, libcap ? null, ncurses ? null, gtk2 ? null, qt4 ? null
 }:
 
 let
@@ -10,14 +10,14 @@ let
 in
 with stdenv.lib;
 stdenv.mkDerivation rec {
-  name = "pinentry-0.9.4";
+  name = "pinentry-0.9.5";
 
   src = fetchurl {
     url = "mirror://gnupg/pinentry/${name}.tar.bz2";
-    sha256 = "1q72ir9r9j70px61rdpd80an56k4ixmzy810nr14aildffxkb22b";
+    sha256 = "1338hj1h3sh34897120y30x12b64wyj3xjzzk5asm2hdzhxgsmva";
   };
 
-  buildInputs = [ libcap gtk2 ncurses qt4 ];
+  buildInputs = [ libgpgerror libassuan libcap gtk2 ncurses qt4 ];
 
   prePatch = ''
     substituteInPlace pinentry/pinentry-curses.c --replace ncursesw ncurses
diff --git a/pkgs/tools/security/stoken/default.nix b/pkgs/tools/security/stoken/default.nix
new file mode 100644
index 000000000000..17652e220da6
--- /dev/null
+++ b/pkgs/tools/security/stoken/default.nix
@@ -0,0 +1,35 @@
+{ stdenv, fetchFromGitHub, autoconf, automake, libtool, pkgconfig
+, libxml2, nettle
+, withGTK3 ? true, gtk3 }:
+
+stdenv.mkDerivation rec {
+  pname = "stoken";
+  version = "v0.90";
+  name = "${pname}-${version}";
+  src = fetchFromGitHub {
+    owner = "cernekee";
+    repo = pname;
+    rev = version;
+    sha256 = "1k7wn8pmp7dv646g938dsr99090lsphl7zy4m9x7qbh2zlnnf9af";
+  };
+
+  preConfigure = ''
+    aclocal
+    libtoolize --automake --copy
+    autoheader
+    automake --add-missing --copy
+    autoconf
+  '';
+  buildInputs = [
+    autoconf automake libtool pkgconfig
+    libxml2 nettle
+  ] ++ stdenv.lib.optional withGTK3 gtk3;
+
+  meta = with stdenv.lib; {
+    description = "Software Token for Linux/UNIX";
+    homepage = https://github.com/cernekee/stoken;
+    license = licenses.lgpl21Plus;
+    maintainers = [ maintainers.fuuzetsu ];
+    platforms = platforms.all;
+  };
+}