diff options
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/kerberos')
5 files changed, 265 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/development/libraries/kerberos/heimdal-make-missing-headers.patch b/nixpkgs/pkgs/development/libraries/kerberos/heimdal-make-missing-headers.patch new file mode 100644 index 000000000000..a0fa625538b7 --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/kerberos/heimdal-make-missing-headers.patch @@ -0,0 +1,10 @@ +--- a/lib/hx509/Makefile.am 2018-03-21 15:41:38.622968809 +0100 ++++ b/lib/hx509/Makefile.am 2018-03-21 15:41:32.655162197 +0100 +@@ -9,6 +9,8 @@ + sel-gram.h \ + $(gen_files_ocsp:.x=.c) \ + $(gen_files_pkcs10:.x=.c) \ ++ ocsp_asn1.h \ ++ pkcs10_asn1.h \ + hx509_err.c \ + hx509_err.h diff --git a/nixpkgs/pkgs/development/libraries/kerberos/heimdal.nix b/nixpkgs/pkgs/development/libraries/kerberos/heimdal.nix new file mode 100644 index 000000000000..804749bbdb53 --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/kerberos/heimdal.nix @@ -0,0 +1,98 @@ +{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, python2, perl, yacc, flex +, texinfo, perlPackages +, openldap, libcap_ng, sqlite, openssl, db, libedit, pam +, CoreFoundation, Security, SystemConfiguration +}: + +with lib; +stdenv.mkDerivation rec { + pname = "heimdal"; + version = "7.7.0"; + + src = fetchFromGitHub { + owner = "heimdal"; + repo = "heimdal"; + rev = "heimdal-${version}"; + sha256 = "099qn9b8q20invvi5r8d8q9rnwpcm3nr89hx5rj7gj2ah2x5vgxs"; + }; + + outputs = [ "out" "dev" "man" "info" ]; + + patches = [ ./heimdal-make-missing-headers.patch ]; + + nativeBuildInputs = [ autoreconfHook pkg-config python2 perl yacc flex texinfo ] + ++ (with perlPackages; [ JSON ]); + buildInputs = optionals (stdenv.isLinux) [ libcap_ng ] + ++ [ db sqlite openssl libedit openldap pam] + ++ optionals (stdenv.isDarwin) [ CoreFoundation Security SystemConfiguration ]; + + ## ugly, X should be made an option + configureFlags = [ + "--sysconfdir=/etc" + "--localstatedir=/var" + "--infodir=$info/share/info" + "--enable-hdb-openldap-module" + "--with-sqlite3=${sqlite.dev}" + + # ugly, --with-libedit is not enought, it fall back to bundled libedit + "--with-libedit-include=${libedit.dev}/include" + "--with-libedit-lib=${libedit}/lib" + "--with-openssl=${openssl.dev}" + "--without-x" + "--with-berkeley-db" + "--with-berkeley-db-include=${db.dev}/include" + "--with-openldap=${openldap.dev}" + ] ++ optionals (stdenv.isLinux) [ + "--with-capng" + ]; + + postUnpack = '' + sed -i '/^DEFAULT_INCLUDES/ s,$, -I..,' source/cf/Makefile.am.common + sed -i -e 's/date/date --date="@$SOURCE_DATE_EPOCH"/' source/configure.ac + ''; + + preConfigure = '' + configureFlagsArray+=( + "--bindir=$out/bin" + "--sbindir=$out/sbin" + "--libexecdir=$out/libexec/heimdal" + "--mandir=$man/share/man" + "--infodir=$man/share/info" + "--includedir=$dev/include") + ''; + + # We need to build hcrypt for applications like samba + postBuild = '' + (cd include/hcrypto; make -j $NIX_BUILD_CORES) + (cd lib/hcrypto; make -j $NIX_BUILD_CORES) + ''; + + postInstall = '' + # Install hcrypto + (cd include/hcrypto; make -j $NIX_BUILD_CORES install) + (cd lib/hcrypto; make -j $NIX_BUILD_CORES install) + + # Do we need it? + rm $out/bin/su + + mkdir -p $dev/bin + mv $out/bin/krb5-config $dev/bin/ + + # asn1 compilers, move them to $dev + mv $out/libexec/heimdal/heimdal/* $dev/bin + rmdir $out/libexec/heimdal/heimdal + ''; + + # Issues with hydra + # In file included from hxtool.c:34:0: + # hx_locl.h:67:25: fatal error: pkcs10_asn1.h: No such file or directory + #enableParallelBuilding = true; + + meta = { + description = "An implementation of Kerberos 5 (and some more stuff)"; + license = licenses.bsd3; + platforms = platforms.unix; + }; + + passthru.implementation = "heimdal"; +} diff --git a/nixpkgs/pkgs/development/libraries/kerberos/krb5-Fix-Linux-build-error-with-musl-libc.patch b/nixpkgs/pkgs/development/libraries/kerberos/krb5-Fix-Linux-build-error-with-musl-libc.patch new file mode 100644 index 000000000000..0f33815b6e91 --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/kerberos/krb5-Fix-Linux-build-error-with-musl-libc.patch @@ -0,0 +1,32 @@ +From cbdbc8d00d31344fafe00e0fdf984e04e631f7c4 Mon Sep 17 00:00:00 2001 +From: TBK <tbk@jjtc.eu> +Date: Wed, 26 Feb 2020 21:12:45 +0100 +Subject: [PATCH] Fix Linux build error with musl libc + +Commit bf5953c549a6d279977df69ffe89b2ba51460eaf caused a build failure +on non-glibc Linux build environments. Change the conditionalization +so that __GLIBC_PREREQ will only be used if it is defined. + +[ghudson@mit.edu: simplified conditionals; rewrote commit message] + +ticket: 8880 (new) +tags: pullup +target_version: 1.18-next +--- + src/util/support/plugins.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/util/support/plugins.c b/src/util/support/plugins.c +index 3329db7dc3..1644d16fd0 100644 +--- a/src/util/support/plugins.c ++++ b/src/util/support/plugins.c +@@ -62,8 +62,7 @@ + * dlopen() with RTLD_NODELETE, we weren't going to unload the plugin objects + * anyway. + */ +-#ifdef __linux__ +-#include <features.h> ++#ifdef __GLIBC__PREREQ + #if ! __GLIBC_PREREQ(2, 25) + #define dlclose(x) + #endif diff --git a/nixpkgs/pkgs/development/libraries/kerberos/krb5-Fix-typo-in-musl-build-fix.patch b/nixpkgs/pkgs/development/libraries/kerberos/krb5-Fix-typo-in-musl-build-fix.patch new file mode 100644 index 000000000000..f8718606a7f8 --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/kerberos/krb5-Fix-typo-in-musl-build-fix.patch @@ -0,0 +1,28 @@ +From b009cca2026b615ef5386faa4c0230bc27c4161d Mon Sep 17 00:00:00 2001 +From: Greg Hudson <ghudson@mit.edu> +Date: Thu, 12 Mar 2020 00:44:10 -0400 +Subject: [PATCH] Fix typo in musl build fix + +Commit cbdbc8d00d31344fafe00e0fdf984e04e631f7c4 checked for +__GLIBC__PREREQ instead of __GLIBC_PREREQ, thus accidentally reverting +the workaround introduced in commit +bf5953c549a6d279977df69ffe89b2ba51460eaf. Fix the typo. + +ticket: 8880 +--- + src/util/support/plugins.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/util/support/plugins.c b/src/util/support/plugins.c +index 1644d16fd0..1ff10c354d 100644 +--- a/src/util/support/plugins.c ++++ b/src/util/support/plugins.c +@@ -62,7 +62,7 @@ + * dlopen() with RTLD_NODELETE, we weren't going to unload the plugin objects + * anyway. + */ +-#ifdef __GLIBC__PREREQ ++#ifdef __GLIBC_PREREQ + #if ! __GLIBC_PREREQ(2, 25) + #define dlclose(x) + #endif diff --git a/nixpkgs/pkgs/development/libraries/kerberos/krb5.nix b/nixpkgs/pkgs/development/libraries/kerberos/krb5.nix new file mode 100644 index 000000000000..5ef9e496b94d --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/kerberos/krb5.nix @@ -0,0 +1,97 @@ +{ lib, stdenv, fetchurl, pkg-config, perl, yacc, bootstrap_cmds +, openssl, openldap, libedit, keyutils + +# Extra Arguments +, type ? "" +# This is called "staticOnly" because krb5 does not support +# builting both static and shared, see below. +, staticOnly ? false +}: + +# Note: this package is used for bootstrapping fetchurl, and thus +# cannot use fetchpatch! All mutable patches (generated by GitHub or +# cgit) that are needed here should be included directly in Nixpkgs as +# files. + +let + libOnly = type == "lib"; +in +with lib; +stdenv.mkDerivation rec { + name = "${type}krb5-${version}"; + majorVersion = "1.18"; # remove patches below with next upgrade + version = majorVersion; + + src = fetchurl { + url = "https://kerberos.org/dist/krb5/${majorVersion}/krb5-${version}.tar.gz"; + sha256 = "121c5xsy3x0i4wdkrpw62yhvji6virbh6n30ypazkp0isws3k4bk"; + }; + + patches = optionals stdenv.hostPlatform.isMusl [ + # TODO: Remove with next release > 1.18 + # Patches to fix musl build with 1.18. + # Not using `fetchpatch` for these for now to avoid infinite recursion + # errors in downstream projects (unclear if it's a nixpkgs issue so far). + ./krb5-Fix-Linux-build-error-with-musl-libc.patch + ./krb5-Fix-typo-in-musl-build-fix.patch + ]; + + outputs = [ "out" "dev" ]; + + configureFlags = [ "--with-tcl=no" "--localstatedir=/var/lib"] + # krb5's ./configure does not allow passing --enable-shared and --enable-static at the same time. + # See https://bbs.archlinux.org/viewtopic.php?pid=1576737#p1576737 + ++ optional staticOnly [ "--enable-static" "--disable-shared" ] + ++ optional stdenv.isFreeBSD ''WARN_CFLAGS=""'' + ++ optionals (stdenv.buildPlatform != stdenv.hostPlatform) + [ "krb5_cv_attr_constructor_destructor=yes,yes" + "ac_cv_func_regcomp=yes" + "ac_cv_printf_positional=yes" + ]; + + nativeBuildInputs = [ pkg-config perl ] + ++ optional (!libOnly) yacc + # Provides the mig command used by the build scripts + ++ optional stdenv.isDarwin bootstrap_cmds; + + buildInputs = [ openssl ] + ++ optionals (stdenv.hostPlatform.isLinux && stdenv.hostPlatform.libc != "bionic" && !(stdenv.hostPlatform.useLLVM or false)) [ keyutils ] + ++ optionals (!libOnly) [ openldap libedit ]; + + preConfigure = "cd ./src"; + + buildPhase = optionalString libOnly '' + MAKE="make -j $NIX_BUILD_CORES -l $NIX_BUILD_CORES" + (cd util; $MAKE) + (cd include; $MAKE) + (cd lib; $MAKE) + (cd build-tools; $MAKE) + ''; + + installPhase = optionalString libOnly '' + mkdir -p "$out"/{bin,sbin,lib/pkgconfig,share/{et,man/man1}} \ + "$dev"/include/{gssapi,gssrpc,kadm5,krb5} + (cd util; $MAKE install) + (cd include; $MAKE install) + (cd lib; $MAKE install) + (cd build-tools; $MAKE install) + ${postInstall} + ''; + + # not via outputBin, due to reference from libkrb5.so + postInstall = '' + moveToOutput bin/krb5-config "$dev" + ''; + + enableParallelBuilding = true; + doCheck = false; # fails with "No suitable file for testing purposes" + + meta = { + description = "MIT Kerberos 5"; + homepage = "http://web.mit.edu/kerberos/"; + license = licenses.mit; + platforms = platforms.unix ++ platforms.windows; + }; + + passthru.implementation = "krb5"; +} |