diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security')
751 files changed, 58825 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/tools/security/2fa/default.nix b/nixpkgs/pkgs/tools/security/2fa/default.nix new file mode 100644 index 000000000000..d1d4cc42a1ff --- /dev/null +++ b/nixpkgs/pkgs/tools/security/2fa/default.nix @@ -0,0 +1,25 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "2fa"; + version = "1.2.0"; + + src = fetchFromGitHub { + owner = "rsc"; + repo = "2fa"; + rev = "v${version}"; + sha256 = "sha256-cB5iADZwvJQwwK1GockE2uicFlqFMEAY6xyeXF5lnUY="; + }; + + deleteVendor = true; + vendorHash = "sha256-4h/+ZNxlJPYY0Kyu2vDE1pDXxC/kGE5JdnagWVOGzAE="; + + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + homepage = "https://rsc.io/2fa"; + description = "Two-factor authentication on the command line"; + license = licenses.bsd3; + maintainers = with maintainers; [ rvolosatovs ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/acltoolkit/default.nix b/nixpkgs/pkgs/tools/security/acltoolkit/default.nix new file mode 100644 index 000000000000..14b19e3cd7b8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/acltoolkit/default.nix @@ -0,0 +1,45 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonPackage rec { + pname = "acltoolkit"; + version = "unstable-2023-02-03"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "zblurx"; + repo = "acltoolkit"; + rev = "a5219946aa445c0a3b4a406baea67b33f78bca7c"; + hash = "sha256-97cbkGyIkq2Pk1hydMcViXWoh+Ipi3m0YvEYiaV4zcM="; + }; + + postPatch = '' + # Ignore pinned versions + sed -i -e "s/==[0-9.]*//" setup.py + ''; + + propagatedBuildInputs = with python3.pkgs; [ + asn1crypto + dnspython + impacket + ldap3 + pyasn1 + pycryptodome + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "acltoolkit" + ]; + + meta = with lib; { + description = "ACL abuse swiss-knife"; + homepage = "https://github.com/zblurx/acltoolkit"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/acsccid/default.nix b/nixpkgs/pkgs/tools/security/acsccid/default.nix new file mode 100644 index 000000000000..f471393b2cfc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/acsccid/default.nix @@ -0,0 +1,84 @@ +{ lib +, stdenv +, fetchFromGitHub +, autoconf +, automake +, libtool +, gettext +, flex +, perl +, pkg-config +, pcsclite +, libusb1 +, libiconv +}: + +stdenv.mkDerivation rec { + version = "1.1.8"; + pname = "acsccid"; + + src = fetchFromGitHub { + owner = "acshk"; + repo = pname; + rev = "v${version}"; + sha256 = "12aahrvsk21qgpjwcrr01s742ixs44nmjkvcvqyzhqb307x1rrn3"; + }; + + nativeBuildInputs = [ + pkg-config + autoconf + automake + libtool + gettext + flex + perl + ]; + + buildInputs = [ + pcsclite + libusb1 + ] ++ lib.optionals stdenv.isDarwin [ + libiconv + ]; + + configureFlags = [ + "--enable-usbdropdir=${placeholder "out"}/pcsc/drivers" + ]; + + doCheck = true; + + postPatch = '' + sed -e s_/bin/echo_echo_g -i src/Makefile.am + patchShebangs src/convert_version.pl + patchShebangs src/create_Info_plist.pl + ''; + + preConfigure = '' + libtoolize --force + aclocal + autoheader + automake --force-missing --add-missing + autoconf + ''; + + meta = with lib; { + description = "A PC/SC driver for Linux/Mac OS X and it supports ACS CCID smart card readers"; + longDescription = '' + acsccid is a PC/SC driver for Linux/Mac OS X and it supports ACS CCID smart card + readers. This library provides a PC/SC IFD handler implementation and + communicates with the readers through the PC/SC Lite resource manager (pcscd). + + acsccid is based on ccid. See CCID free software driver for more + information: + https://ccid.apdu.fr/ + + It can be enabled in /etc/nixos/configuration.nix by adding: + services.pcscd.enable = true; + services.pcscd.plugins = [ pkgs.acsccid ]; + ''; + homepage = src.meta.homepage; + license = licenses.lgpl2Plus; + maintainers = with maintainers; [ ]; + platforms = with platforms; unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/adenum/default.nix b/nixpkgs/pkgs/tools/security/adenum/default.nix new file mode 100644 index 000000000000..018fd0e263fc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/adenum/default.nix @@ -0,0 +1,47 @@ +{ lib +, fetchFromGitHub +, john +, python3 +}: + +python3.pkgs.buildPythonApplication { + pname = "adenum"; + version = "unstable-2022-04-01"; + format = "other"; + + src = fetchFromGitHub { + owner = "SecuProject"; + repo = "ADenum"; + rev = "0e3576eca1d987d3ef22d53fc725189bb301e804"; + hash = "sha256-8s4Kmt4ZjYbQGGVDWKfuRZ6kthcL8FiQytoq9Koy7Kc="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + impacket + pwntools + python-ldap + ] ++ [ + john + ]; + + installPhase = '' + runHook preInstall + + # Add shebang so we can patch it + sed -i -e '1i#!/usr/bin/python' ADenum.py + patchShebangs ADenum.py + install -vD ADenum.py $out/bin/adenum + + runHook postInstall + ''; + + # Project has no tests + doCheck = false; + + meta = with lib; { + description = "Tool to find misconfiguration through LDAP"; + homepage = "https://github.com/SecuProject/ADenum"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/adreaper/default.nix b/nixpkgs/pkgs/tools/security/adreaper/default.nix new file mode 100644 index 000000000000..873760250618 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/adreaper/default.nix @@ -0,0 +1,33 @@ +{ lib +, stdenv +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "adreaper"; + version = "1.1"; + + src = fetchFromGitHub { + owner = "AidenPearce369"; + repo = "ADReaper"; + rev = "ADReaperv${version}"; + sha256 = "sha256-+FCb5TV9MUcRyex2M4rn2RhcIsXQFbtm1T4r7MpcRQs="; + }; + + vendorHash = "sha256-lU39kj/uz0l7Rodsu6+UMv2o579eu1KUbutUNZni7bM="; + + postInstall = lib.optionalString (!stdenv.isDarwin) '' + mv $out/bin/ADReaper $out/bin/$pname + ''; + + meta = with lib; { + description = "Enumeration tool for Windows Active Directories"; + homepage = "https://github.com/AidenPearce369/ADReaper"; + # Upstream doesn't have a license yet + # https://github.com/AidenPearce369/ADReaper/issues/2 + license = with licenses; [ unfree ]; + maintainers = with maintainers; [ fab ]; + mainProgram = "ADReaper"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/aesfix/default.nix b/nixpkgs/pkgs/tools/security/aesfix/default.nix new file mode 100644 index 000000000000..b2eb2e0e96ca --- /dev/null +++ b/nixpkgs/pkgs/tools/security/aesfix/default.nix @@ -0,0 +1,26 @@ +{ lib +, stdenv +, fetchurl +}: + +stdenv.mkDerivation rec { + pname = "aesfix"; + version = "1.0.1"; + + src = fetchurl { + url = "https://citpsite.s3.amazonaws.com/memory-content/src/aesfix-${version}.tar.gz"; + sha256 = "sha256-exd+h2yu5qrkjwEjEC8R32WUpzhIP5pH8sdv6BzARdQ="; + }; + installPhase = '' + runHook preInstall + mkdir -p $out/bin + cp aesfix $out/bin + runHook postInstall + ''; + + meta = with lib; { + description = "Correct bit errors in an AES key schedules"; + homepage = "https://citp.princeton.edu/our-work/memory/"; + maintainers = with maintainers; [ fedx-sudo ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/aeskeyfind/default.nix b/nixpkgs/pkgs/tools/security/aeskeyfind/default.nix new file mode 100644 index 000000000000..08b2481ff00d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/aeskeyfind/default.nix @@ -0,0 +1,30 @@ +{ lib +, stdenv +, fetchurl +}: + +stdenv.mkDerivation rec { + pname = "aeskeyfind"; + version = "1.0"; + + src = fetchurl { + url = "https://citpsite.s3.amazonaws.com/memory-content/src/aeskeyfind-${version}.tar.gz"; + sha256 = "sha256-FBflwbYehruVJ9sfW+4ZlaDuqCR12zy8iA4Ev3Bgg+Q="; + }; + + installPhase = '' + runHook preInstall + mkdir -p $out/bin + cp aeskeyfind $out/bin + runHook postInstall + ''; + + meta = with lib; { + description = "Locates 128-bit and 256-bit AES keys in a captured memory image"; + homepage = "https://citp.princeton.edu/our-work/memory/"; + license = licenses.bsd3; + maintainers = with maintainers; [ fedx-sudo ]; + }; + +} + diff --git a/nixpkgs/pkgs/tools/security/aespipe/default.nix b/nixpkgs/pkgs/tools/security/aespipe/default.nix new file mode 100644 index 000000000000..ad4cf36fa32d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/aespipe/default.nix @@ -0,0 +1,29 @@ +{ lib, stdenv, fetchurl, sharutils, makeWrapper }: + +stdenv.mkDerivation rec { + pname = "aespipe"; + version = "2.4f"; + + src = fetchurl { + url = "mirror://sourceforge/loop-aes/aespipe/aespipe-v${version}.tar.bz2"; + sha256 = "15pg9j27mjzl78mpzkdqd84kdafj0g6j72f8wgjrpp2qkxjy2ddi"; + }; + + nativeBuildInputs = [ makeWrapper ]; + + configureFlags = [ "--enable-padlock" "--enable-intelaes" ]; + + postInstall = '' + cp bz2aespipe $out/bin + wrapProgram $out/bin/bz2aespipe \ + --prefix PATH : $out/bin:${lib.makeBinPath [ sharutils ]} + ''; + + meta = with lib; { + description = "AES encrypting or decrypting pipe"; + homepage = "https://loop-aes.sourceforge.net/aespipe.README"; + license = licenses.gpl2; + maintainers = [ maintainers.goibhniu ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/afl/README.md b/nixpkgs/pkgs/tools/security/afl/README.md new file mode 100644 index 000000000000..180cad6bc4ca --- /dev/null +++ b/nixpkgs/pkgs/tools/security/afl/README.md @@ -0,0 +1,19 @@ +Updating the QEMU patches +========================= + +When updating to the latest American Fuzzy Lop, make sure to check for +any new patches to qemu for binary fuzzing support: + +https://github.com/google/AFL/tree/master/qemu_mode + +Be sure to check the build script and make sure it's also using the +right QEMU version and options in `qemu.nix`: + +https://github.com/google/AFL/blob/master/qemu_mode/build_qemu_support.sh + +`afl-config.h`, `afl-types.h`, and `afl-qemu-cpu-inl.h` are part of +the afl source code, and copied from `config.h`, `types.h` and +`afl-qemu-cpu-inl.h` appropriately. These files and the QEMU patches +need to be slightly adjusted to fix their `#include`s (the patches +try to otherwise include files like `../../config.h` which causes the +build to fail). diff --git a/nixpkgs/pkgs/tools/security/afl/default.nix b/nixpkgs/pkgs/tools/security/afl/default.nix new file mode 100644 index 000000000000..ccdbd78716d9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/afl/default.nix @@ -0,0 +1,82 @@ +{ lib, stdenv, fetchFromGitHub, callPackage, makeWrapper +, clang, llvm, which, libcgroup +}: + +let + afl-qemu = callPackage ./qemu.nix { inherit afl; }; + qemu-exe-name = if stdenv.hostPlatform.system == "x86_64-linux" then "qemu-x86_64" + else if stdenv.hostPlatform.system == "i686-linux" then "qemu-i386" + else throw "afl: no support for ${stdenv.hostPlatform.system}!"; + afl = stdenv.mkDerivation rec { + pname = "afl"; + version = "2.57b"; + + src = fetchFromGitHub { + owner = "google"; + repo = pname; + rev = "v${version}"; + sha256 = "0fqj3g6ds1f21kxz7m9mc1fspi9r4jg9jcmi60inwxijrc5ncvr6"; + }; + enableParallelBuilding = true; + + # Note: libcgroup isn't needed for building, just for the afl-cgroup + # script. + nativeBuildInputs = [ makeWrapper which llvm.dev ]; + buildInputs = [ llvm ]; + + makeFlags = [ "PREFIX=$(out)" ]; + postBuild = '' + make -C llvm_mode $makeFlags -j$NIX_BUILD_CORES + ''; + postInstall = '' + # Install the custom QEMU emulator for binary blob fuzzing. + cp ${afl-qemu}/bin/${qemu-exe-name} $out/bin/afl-qemu-trace + + # Install the cgroups wrapper for asan-based fuzzing. + cp experimental/asan_cgroups/limit_memory.sh $out/bin/afl-cgroup + chmod +x $out/bin/afl-cgroup + substituteInPlace $out/bin/afl-cgroup \ + --replace "cgcreate" "${libcgroup}/bin/cgcreate" \ + --replace "cgexec" "${libcgroup}/bin/cgexec" \ + --replace "cgdelete" "${libcgroup}/bin/cgdelete" + + # Patch shebangs before wrapping + patchShebangs $out/bin + + # Wrap afl-clang-fast(++) with a *different* AFL_PATH, because it + # has totally different semantics in that case(?) - and also set a + # proper AFL_CC and AFL_CXX so we don't pick up the wrong one out + # of $PATH. + # first though we need to replace the afl-clang-fast++ symlink with + # a real copy to prevent wrapProgram skipping the symlink and confusing + # nix's cc wrapper + rm $out/bin/afl-clang-fast++ + cp $out/bin/afl-clang-fast $out/bin/afl-clang-fast++ + for x in $out/bin/afl-clang-fast $out/bin/afl-clang-fast++; do + wrapProgram $x \ + --prefix AFL_PATH : "$out/lib/afl" \ + --run 'export AFL_CC=''${AFL_CC:-${clang}/bin/clang} AFL_CXX=''${AFL_CXX:-${clang}/bin/clang++}' + done + ''; + + passthru.qemu = afl-qemu; + + meta = { + description = "Powerful fuzzer via genetic algorithms and instrumentation"; + longDescription = '' + American fuzzy lop is a fuzzer that employs a novel type of + compile-time instrumentation and genetic algorithms to + automatically discover clean, interesting test cases that + trigger new internal states in the targeted binary. This + substantially improves the functional coverage for the fuzzed + code. The compact synthesized corpora produced by the tool are + also useful for seeding other, more labor or resource-intensive + testing regimes down the road. + ''; + homepage = "https://lcamtuf.coredump.cx/afl/"; + license = lib.licenses.asl20; + platforms = ["x86_64-linux" "i686-linux"]; + maintainers = with lib.maintainers; [ thoughtpolice ris ]; + }; + }; +in afl diff --git a/nixpkgs/pkgs/tools/security/afl/libdislocator.nix b/nixpkgs/pkgs/tools/security/afl/libdislocator.nix new file mode 100644 index 000000000000..400464c00567 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/afl/libdislocator.nix @@ -0,0 +1,34 @@ +{ lib, stdenv, afl}: + +stdenv.mkDerivation { + version = lib.getVersion afl; + pname = "libdislocator"; + + src = afl.src; + sourceRoot = "${afl.src.name}/libdislocator"; + + makeFlags = [ "PREFIX=$(out)" ]; + + preInstall = '' + mkdir -p $out/lib/afl + ''; + postInstall = '' + mkdir $out/bin + cat > $out/bin/get-libdislocator-so <<END + #!${stdenv.shell} + echo $out/lib/afl/libdislocator.so + END + chmod +x $out/bin/get-libdislocator-so + ''; + + meta = with lib; { + homepage = "https://lcamtuf.coredump.cx/afl/"; + description = '' + Drop-in replacement for the libc allocator which improves + the odds of bumping into heap-related security bugs in + several ways. + ''; + license = lib.licenses.asl20; + maintainers = with maintainers; [ ris ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/afl/qemu-patches/no-etc-install.patch b/nixpkgs/pkgs/tools/security/afl/qemu-patches/no-etc-install.patch new file mode 100644 index 000000000000..5dfbfd780f1c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/afl/qemu-patches/no-etc-install.patch @@ -0,0 +1,13 @@ +diff --git a/Makefile b/Makefile +index d6b9dc1..ce7c493 100644 +--- a/Makefile ++++ b/Makefile +@@ -601,7 +601,7 @@ install-localstatedir: + endif + + +-install: all $(if $(BUILD_DOCS),install-doc) install-datadir install-localstatedir ++install: all $(if $(BUILD_DOCS),install-doc) install-datadir + ifneq ($(TOOLS),) + $(call install-prog,$(subst qemu-ga,qemu-ga$(EXESUF),$(TOOLS)),$(DESTDIR)$(bindir)) + endif diff --git a/nixpkgs/pkgs/tools/security/afl/qemu-patches/syscall-glibc2_30.diff b/nixpkgs/pkgs/tools/security/afl/qemu-patches/syscall-glibc2_30.diff new file mode 100644 index 000000000000..aa2950bf157c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/afl/qemu-patches/syscall-glibc2_30.diff @@ -0,0 +1,51 @@ +--- qemu-2.10.0-clean/linux-user/syscall.c 2020-03-12 18:47:47.898592169 +0100 ++++ qemu-2.10.0/linux-user/syscall.c 2020-03-13 09:13:42.461809699 +0100 +@@ -34,6 +34,7 @@ + #include <sys/resource.h> + #include <sys/swap.h> + #include <linux/capability.h> ++#include <linux/sockios.h> // https://lkml.org/lkml/2019/6/3/988 + #include <sched.h> + #include <sys/timex.h> + #ifdef __ia64__ +@@ -256,7 +257,9 @@ static type name (type1 arg1,type2 arg2, + #endif + + #ifdef __NR_gettid +-_syscall0(int, gettid) ++// taken from https://patchwork.kernel.org/patch/10862231/ ++#define __NR_sys_gettid __NR_gettid ++_syscall0(int, sys_gettid) + #else + /* This is a replacement for the host gettid() and must return a host + errno. */ +@@ -6219,7 +6222,7 @@ static void *clone_func(void *arg) + cpu = ENV_GET_CPU(env); + thread_cpu = cpu; + ts = (TaskState *)cpu->opaque; +- info->tid = gettid(); ++ info->tid = sys_gettid(); + task_settid(ts); + if (info->child_tidptr) + put_user_u32(info->tid, info->child_tidptr); +@@ -6363,9 +6366,9 @@ static int do_fork(CPUArchState *env, un + mapping. We can't repeat the spinlock hack used above because + the child process gets its own copy of the lock. */ + if (flags & CLONE_CHILD_SETTID) +- put_user_u32(gettid(), child_tidptr); ++ put_user_u32(sys_gettid(), child_tidptr); + if (flags & CLONE_PARENT_SETTID) +- put_user_u32(gettid(), parent_tidptr); ++ put_user_u32(sys_gettid(), parent_tidptr); + ts = (TaskState *)cpu->opaque; + if (flags & CLONE_SETTLS) + cpu_set_tls (env, newtls); +@@ -11402,7 +11405,7 @@ abi_long do_syscall(void *cpu_env, int n + break; + #endif + case TARGET_NR_gettid: +- ret = get_errno(gettid()); ++ ret = get_errno(sys_gettid()); + break; + #ifdef TARGET_NR_readahead + case TARGET_NR_readahead: diff --git a/nixpkgs/pkgs/tools/security/afl/qemu.nix b/nixpkgs/pkgs/tools/security/afl/qemu.nix new file mode 100644 index 000000000000..9a8b4b3ca364 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/afl/qemu.nix @@ -0,0 +1,77 @@ +{ lib, stdenv, fetchurl, afl, python2, zlib, pkg-config, glib, perl +, texinfo, libuuid, flex, bison, pixman, autoconf +}: + +let + cpuTarget = if stdenv.hostPlatform.system == "x86_64-linux" then "x86_64-linux-user" + else if stdenv.hostPlatform.system == "i686-linux" then "i386-linux-user" + else throw "afl: no support for ${stdenv.hostPlatform.system}!"; +in +stdenv.mkDerivation rec { + pname = "afl-qemu"; + version = "2.10.0"; + + srcs = [ + (fetchurl { + url = "http://wiki.qemu.org/download/qemu-${version}.tar.bz2"; + sha256 = "0j3dfxzrzdp1w21k21fjvmakzc6lcha1rsclaicwqvbf63hkk7vy"; + }) + afl.src + ]; + + sourceRoot = "qemu-${version}"; + + postUnpack = '' + cp ${afl.src.name}/types.h $sourceRoot/afl-types.h + substitute ${afl.src.name}/config.h $sourceRoot/afl-config.h \ + --replace "types.h" "afl-types.h" + substitute ${afl.src.name}/qemu_mode/patches/afl-qemu-cpu-inl.h $sourceRoot/afl-qemu-cpu-inl.h \ + --replace "../../config.h" "afl-config.h" + substituteInPlace ${afl.src.name}/qemu_mode/patches/cpu-exec.diff \ + --replace "../patches/afl-qemu-cpu-inl.h" "afl-qemu-cpu-inl.h" + ''; + + nativeBuildInputs = [ + python2 perl pkg-config flex bison autoconf texinfo + ]; + + buildInputs = [ + zlib glib pixman libuuid + ]; + + enableParallelBuilding = true; + + patches = [ + # patches extracted from afl source + "../${afl.src.name}/qemu_mode/patches/cpu-exec.diff" + "../${afl.src.name}/qemu_mode/patches/elfload.diff" + "../${afl.src.name}/qemu_mode/patches/syscall.diff" + "../${afl.src.name}/qemu_mode/patches/configure.diff" + "../${afl.src.name}/qemu_mode/patches/memfd.diff" + # nix-specific patches to make installation more well-behaved + ./qemu-patches/no-etc-install.patch + # patch for fixing qemu build on glibc >= 2.30 + ./qemu-patches/syscall-glibc2_30.diff + ]; + + configureFlags = + [ "--disable-system" + "--enable-linux-user" + "--disable-gtk" + "--disable-sdl" + "--disable-vnc" + "--disable-kvm" + "--target-list=${cpuTarget}" + "--enable-pie" + "--sysconfdir=/etc" + "--localstatedir=/var" + ]; + + meta = with lib; { + homepage = "http://www.qemu.org/"; + description = "Fork of QEMU with AFL instrumentation support"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ thoughtpolice ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/aflplusplus/default.nix b/nixpkgs/pkgs/tools/security/aflplusplus/default.nix new file mode 100644 index 000000000000..bbadd0d9e5d6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/aflplusplus/default.nix @@ -0,0 +1,173 @@ +{ lib, stdenv, stdenvNoCC, fetchFromGitHub, callPackage, makeWrapper +, clang, llvm, gcc, which, libcgroup, python3, perl, gmp +, file, wine ? null +, cmocka +, llvmPackages +}: + +# wine fuzzing is only known to work for win32 binaries, and using a mixture of +# 32 and 64-bit libraries ... complicates things, so it's recommended to build +# a full 32bit version of this package if you want to do wine fuzzing +assert (wine != null) -> (stdenv.targetPlatform.system == "i686-linux"); + +let + aflplusplus-qemu = callPackage ./qemu.nix { }; + qemu-exe-name = if stdenv.targetPlatform.system == "x86_64-linux" then "qemu-x86_64" + else if stdenv.targetPlatform.system == "i686-linux" then "qemu-i386" + else throw "aflplusplus: no support for ${stdenv.targetPlatform.system}!"; + libdislocator = callPackage ./libdislocator.nix { inherit aflplusplus; }; + libtokencap = callPackage ./libtokencap.nix { inherit aflplusplus; }; + aflplusplus = stdenvNoCC.mkDerivation rec { + pname = "aflplusplus"; + version = "4.08c"; + + src = fetchFromGitHub { + owner = "AFLplusplus"; + repo = "AFLplusplus"; + rev = "v${version}"; + sha256 = "sha256-r1elJlvGuVrMFLECYCfMsZVEJcCPYRdkljMbF4uRHQY="; + }; + enableParallelBuilding = true; + + # Note: libcgroup isn't needed for building, just for the afl-cgroup + # script. + nativeBuildInputs = [ makeWrapper which clang gcc ]; + buildInputs = [ llvm python3 gmp llvmPackages.bintools ] + ++ lib.optional (wine != null) python3.pkgs.wrapPython; + + # Flag is already set by package and causes some compiler warnings. + # warning: "_FORTIFY_SOURCE" redefined + hardeningDisable = [ "fortify" ]; + + postPatch = '' + # Don't care about this. + rm Android.bp + + # Replace the CLANG_BIN variables with the correct path. + # Replace "gcc" and friends with full paths in afl-gcc. + # Prevents afl-gcc picking up any (possibly incorrect) gcc from the path. + # Replace LLVM_BINDIR with a non-existing path to give a hard error when it's used. + substituteInPlace src/afl-cc.c \ + --replace "CLANGPP_BIN" '"${clang}/bin/clang++"' \ + --replace "CLANG_BIN" '"${clang}/bin/clang"' \ + --replace '"gcc"' '"${gcc}/bin/gcc"' \ + --replace '"g++"' '"${gcc}/bin/g++"' \ + --replace 'getenv("AFL_PATH")' "(getenv(\"AFL_PATH\") ? getenv(\"AFL_PATH\") : \"$out/lib/afl\")" + + substituteInPlace src/afl-ld-lto.c \ + --replace 'LLVM_BINDIR' '"/nixpkgs-patched-does-not-exist"' + + # Remove the rest of the line + sed -i 's|LLVM_BINDIR = .*|LLVM_BINDIR = |' utils/aflpp_driver/GNUmakefile + substituteInPlace utils/aflpp_driver/GNUmakefile \ + --replace 'LLVM_BINDIR = ' 'LLVM_BINDIR = ${clang}/bin/' + + substituteInPlace GNUmakefile.llvm \ + --replace "\$(LLVM_BINDIR)/clang" "${clang}/bin/clang" + ''; + + env.NIX_CFLAGS_COMPILE = toString [ + # Needed with GCC 12 + "-Wno-error=use-after-free" + ]; + + makeFlags = [ + "PREFIX=$(out)" + "USE_BINDIR=0" + ]; + buildPhase = '' + runHook preBuild + + common="$makeFlags -j$NIX_BUILD_CORES" + make distrib $common + make -C qemu_mode/libcompcov $common + make -C qemu_mode/unsigaction $common + + runHook postBuild + ''; + + postInstall = '' + # remove afl-clang(++) which are just symlinks to afl-clang-fast + rm $out/bin/afl-clang $out/bin/afl-clang++ + + # the makefile neglects to install unsigaction + cp qemu_mode/unsigaction/unsigaction*.so $out/lib/afl/ + + # Install the custom QEMU emulator for binary blob fuzzing. + ln -s ${aflplusplus-qemu}/bin/${qemu-exe-name} $out/bin/afl-qemu-trace + + # give user a convenient way of accessing libcompconv.so, libdislocator.so, libtokencap.so + cat > $out/bin/get-afl-qemu-libcompcov-so <<END + #!${stdenv.shell} + echo $out/lib/afl/libcompcov.so + END + chmod +x $out/bin/get-afl-qemu-libcompcov-so + ln -s ${libdislocator}/bin/get-libdislocator-so $out/bin/ + ln -s ${libtokencap}/bin/get-libtokencap-so $out/bin/ + + # Install the cgroups wrapper for asan-based fuzzing. + cp utils/asan_cgroups/limit_memory.sh $out/bin/afl-cgroup + chmod +x $out/bin/afl-cgroup + substituteInPlace $out/bin/afl-cgroup \ + --replace "cgcreate" "${libcgroup}/bin/cgcreate" \ + --replace "cgexec" "${libcgroup}/bin/cgexec" \ + --replace "cgdelete" "${libcgroup}/bin/cgdelete" + + patchShebangs $out/bin + + '' + lib.optionalString (wine != null) '' + substitute afl-wine-trace $out/bin/afl-wine-trace \ + --replace "qemu_mode/unsigaction" "$out/lib/afl" + chmod +x $out/bin/afl-wine-trace + + # qemu needs to be fed ELFs, not wrapper scripts, so we have to cheat a bit if we + # detect a wrapped wine + for winePath in ${wine}/bin/.wine ${wine}/bin/wine; do + if [ -x $winePath ]; then break; fi + done + makeWrapperArgs="--set-default 'AFL_WINE_PATH' '$winePath'" \ + wrapPythonProgramsIn $out/bin ${python3.pkgs.pefile} + ''; + + nativeInstallCheckInputs = [ perl file cmocka ]; + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + + # replace references to tools in build directory with references to installed locations + substituteInPlace test/test-qemu-mode.sh \ + --replace '../libcompcov.so' '`$out/bin/get-afl-qemu-libcompcov-so`' \ + --replace '../afl-qemu-trace' '$out/bin/afl-qemu-trace' \ + --replace '../afl-fuzz' '$out/bin/afl-fuzz' \ + --replace '../qemu_mode/unsigaction/unsigaction32.so' '$out/lib/afl/unsigaction32.so' \ + --replace '../qemu_mode/unsigaction/unsigaction64.so' '$out/lib/afl/unsigaction64.so' + + substituteInPlace test/test-libextensions.sh \ + --replace '../libdislocator.so' '`$out/bin/get-libdislocator-so`' \ + --replace '../libtokencap.so' '`$out/bin/get-libtokencap-so`' + substituteInPlace test/test-llvm.sh \ + --replace '../afl-cmin.bash' '`$out/bin/afl-cmin.bash`' + # perl -pi -e 's|(?<!\.)(?<!-I)(\.\./)([^\s\/]+?)(?<!\.c)(?<!\.s?o)(?=\s)|\$out/bin/\2|g' test/test.sh + patchShebangs . + cd test && ./test-all.sh + + runHook postInstallCheck + ''; + + passthru = { + inherit libdislocator libtokencap; + qemu = aflplusplus-qemu; + }; + + meta = { + description = '' + A heavily enhanced version of AFL, incorporating many features + and improvements from the community + ''; + homepage = "https://aflplus.plus"; + license = lib.licenses.asl20; + platforms = ["x86_64-linux" "i686-linux"]; + maintainers = with lib.maintainers; [ ris mindavi ]; + }; + }; +in aflplusplus diff --git a/nixpkgs/pkgs/tools/security/aflplusplus/libdislocator.nix b/nixpkgs/pkgs/tools/security/aflplusplus/libdislocator.nix new file mode 100644 index 000000000000..6a17ff9703b8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/aflplusplus/libdislocator.nix @@ -0,0 +1,36 @@ +{ lib, stdenv, aflplusplus}: + +stdenv.mkDerivation { + version = lib.getVersion aflplusplus; + pname = "libdislocator"; + + src = aflplusplus.src; + postUnpack = "chmod -R +w ${aflplusplus.src.name}"; + sourceRoot = "${aflplusplus.src.name}/utils/libdislocator"; + + makeFlags = [ "PREFIX=$(out)" ]; + + preInstall = '' + mkdir -p $out/lib/afl + ''; + + postInstall = '' + mkdir $out/bin + cat > $out/bin/get-libdislocator-so <<END + #!${stdenv.shell} + echo $out/lib/afl/libdislocator.so + END + chmod +x $out/bin/get-libdislocator-so + ''; + + meta = with lib; { + homepage = "https://github.com/vanhauser-thc/AFLplusplus"; + description = '' + Drop-in replacement for the libc allocator which improves + the odds of bumping into heap-related security bugs in + several ways. + ''; + license = lib.licenses.asl20; + maintainers = with maintainers; [ ris ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/aflplusplus/libtokencap.nix b/nixpkgs/pkgs/tools/security/aflplusplus/libtokencap.nix new file mode 100644 index 000000000000..8bad6c607c2d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/aflplusplus/libtokencap.nix @@ -0,0 +1,32 @@ +{ lib, stdenv, aflplusplus}: + +stdenv.mkDerivation { + version = lib.getVersion aflplusplus; + pname = "libtokencap"; + + src = aflplusplus.src; + postUnpack = "chmod -R +w ${aflplusplus.src.name}"; + sourceRoot = "${aflplusplus.src.name}/utils/libtokencap"; + + makeFlags = [ "PREFIX=$(out)" ]; + + preInstall = '' + mkdir -p $out/lib/afl + mkdir -p $out/share/doc/afl + ''; + postInstall = '' + mkdir $out/bin + cat > $out/bin/get-libtokencap-so <<END + #!${stdenv.shell} + echo $out/lib/afl/libtokencap.so + END + chmod +x $out/bin/get-libtokencap-so + ''; + + meta = with lib; { + homepage = "https://github.com/AFLplusplus/AFLplusplus"; + description = "strcmp & memcmp token capture library"; + license = lib.licenses.asl20; + maintainers = with maintainers; [ ris ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/aflplusplus/qemu-no-etc-install.patch b/nixpkgs/pkgs/tools/security/aflplusplus/qemu-no-etc-install.patch new file mode 100644 index 000000000000..5dfbfd780f1c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/aflplusplus/qemu-no-etc-install.patch @@ -0,0 +1,13 @@ +diff --git a/Makefile b/Makefile +index d6b9dc1..ce7c493 100644 +--- a/Makefile ++++ b/Makefile +@@ -601,7 +601,7 @@ install-localstatedir: + endif + + +-install: all $(if $(BUILD_DOCS),install-doc) install-datadir install-localstatedir ++install: all $(if $(BUILD_DOCS),install-doc) install-datadir + ifneq ($(TOOLS),) + $(call install-prog,$(subst qemu-ga,qemu-ga$(EXESUF),$(TOOLS)),$(DESTDIR)$(bindir)) + endif diff --git a/nixpkgs/pkgs/tools/security/aflplusplus/qemu.nix b/nixpkgs/pkgs/tools/security/aflplusplus/qemu.nix new file mode 100644 index 000000000000..f412b8e40499 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/aflplusplus/qemu.nix @@ -0,0 +1,144 @@ +{ lib +, stdenv +, python3 +, zlib +, pkg-config +, glib +, perl +, texinfo +, libuuid +, flex +, bison +, pixman +, meson +, fetchFromGitHub +, ninja +}: + +let + qemuName = "qemu-5.2.50"; +in +stdenv.mkDerivation { + name = "aflplusplus-${qemuName}"; + + src = fetchFromGitHub { + owner = "AFLplusplus"; + repo = "qemuafl"; + rev = "a1321713c7502c152dd7527555e0f8a800d55225"; + sha256 = "sha256-HLlOHqT2vrHjHyu4n83IzVzKv9ErinephLLev1E10nM="; + fetchSubmodules = true; + }; + + nativeBuildInputs = [ + python3 + perl + pkg-config + flex + bison + meson + texinfo + ninja + ]; + + buildInputs = [ + zlib + glib + pixman + libuuid + ]; + + enableParallelBuilding = true; + + dontUseMesonConfigure = true; # meson's configurePhase isn't compatible with qemu build + preBuild = "cd build"; + preConfigure = '' + # this script isn't marked as executable b/c it's indirectly used by meson. Needed to patch its shebang + chmod +x ./scripts/shaderinclude.pl + patchShebangs . + ''; + + configureFlags = + [ + "--target-list=${stdenv.hostPlatform.uname.processor}-linux-user" + "--sysconfdir=/etc" + "--localstatedir=/var" + "--meson=meson" + "--disable-system" + "--enable-linux-user" + "--enable-pie" + "--audio-drv-list=" + "--disable-blobs" + "--disable-bochs" + "--disable-brlapi" + "--disable-bsd-user" + "--disable-bzip2" + "--disable-cap-ng" + "--disable-cloop" + "--disable-curl" + "--disable-curses" + "--disable-dmg" + "--disable-fdt" + "--disable-gcrypt" + "--disable-glusterfs" + "--disable-gnutls" + "--disable-gtk" + "--disable-guest-agent" + "--disable-iconv" + "--disable-libiscsi" + "--disable-libnfs" + "--disable-libssh" + "--disable-libusb" + "--disable-linux-aio" + "--disable-live-block-migration" + "--disable-lzo" + "--disable-nettle" + "--disable-numa" + "--disable-opengl" + "--disable-parallels" + "--disable-plugins" + "--disable-qcow1" + "--disable-qed" + "--disable-rbd" + "--disable-rdma" + "--disable-replication" + "--disable-sdl" + "--disable-seccomp" + "--disable-sheepdog" + "--disable-smartcard" + "--disable-snappy" + "--disable-spice" + "--disable-system" + "--disable-tools" + "--disable-tpm" + "--disable-usb-redir" + "--disable-vde" + "--disable-vdi" + "--disable-vhost-crypto" + "--disable-vhost-kernel" + "--disable-vhost-net" + "--disable-vhost-scsi" + "--disable-vhost-user" + "--disable-vhost-vdpa" + "--disable-vhost-vsock" + "--disable-virglrenderer" + "--disable-virtfs" + "--disable-vnc" + "--disable-vnc-jpeg" + "--disable-vnc-png" + "--disable-vnc-sasl" + "--disable-vte" + "--disable-vvfat" + "--disable-xen" + "--disable-xen-pci-passthrough" + "--disable-xfsctl" + "--without-default-devices" + ]; + + meta = with lib; { + homepage = "https://github.com/AFLplusplus/qemuafl"; + description = "Fork of QEMU with AFL++ instrumentation support"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ ris ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/age-plugin-ledger/default.nix b/nixpkgs/pkgs/tools/security/age-plugin-ledger/default.nix new file mode 100644 index 000000000000..6ed6b526b65d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/age-plugin-ledger/default.nix @@ -0,0 +1,44 @@ +{ lib +, stdenv +, rustPlatform +, fetchFromGitHub +, pkg-config +, libusb1 +, openssl +, rage +, AppKit +}: + +rustPlatform.buildRustPackage rec { + pname = "age-plugin-ledger"; + version = "0.1.2"; + + src = fetchFromGitHub { + owner = "Ledger-Donjon"; + repo = "age-plugin-ledger"; + rev = "v${version}"; + hash = "sha256-g5GbWXhaGEafiM3qkGlRXHcOzPZl2pbDWEBPg4gQWcg="; + }; + + cargoHash = "sha256-SbgH67XuxBa7WFirSdOIUxfJGlIYezISCEA3LJGN3ys="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + libusb1 + openssl + ] ++ lib.optional stdenv.isDarwin AppKit; + + nativeCheckInputs = [ + rage + ]; + + meta = with lib; { + description = "A Ledger Nano plugin for age"; + homepage = "https://github.com/Ledger-Donjon/age-plugin-ledger"; + license = with licenses; [ mit asl20 ]; + maintainers = with maintainers; [ erdnaxe ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/age-plugin-tpm/default.nix b/nixpkgs/pkgs/tools/security/age-plugin-tpm/default.nix new file mode 100644 index 000000000000..4885aa326dda --- /dev/null +++ b/nixpkgs/pkgs/tools/security/age-plugin-tpm/default.nix @@ -0,0 +1,43 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, swtpm +, openssl +}: + +buildGoModule rec { + pname = "age-plugin-tpm"; + version = "0.2.0"; + + src = fetchFromGitHub { + owner = "Foxboron"; + repo = "age-plugin-tpm"; + rev = "v${version}"; + hash = "sha256-oTvK8U5j+llHgoChhGb+vcUrUf9doVYxd3d5MEuCNz8="; + }; + + proxyVendor = true; + + vendorHash = "sha256-BSb+8p5+RJMfcYc2+BuT4YbhCWCbcYOt9upesD11Ytw="; + + nativeCheckInputs = [ + swtpm + ]; + + buildInputs = [ + openssl + ]; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "TPM 2.0 plugin for age (This software is experimental, use it at your own risk)"; + homepage = "https://github.com/Foxboron/age-plugin-tpm"; + license = licenses.mit; + platforms = platforms.linux; + maintainers = with maintainers; [ kranzes sgo ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/age-plugin-yubikey/default.nix b/nixpkgs/pkgs/tools/security/age-plugin-yubikey/default.nix new file mode 100644 index 000000000000..7a3364c8420b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/age-plugin-yubikey/default.nix @@ -0,0 +1,47 @@ +{ lib +, stdenv +, rustPlatform +, fetchFromGitHub +, pkg-config +, openssl +, pcsclite +, PCSC +, Foundation +, IOKit +}: + +rustPlatform.buildRustPackage rec { + pname = "age-plugin-yubikey"; + version = "0.4.0"; + + src = fetchFromGitHub { + owner = "str4d"; + repo = pname; + rev = "v${version}"; + hash = "sha256-V3NzZyCfslUBsARO5UC8N+cuptLxg2euM87DGqtLpPk="; + }; + + cargoHash = "sha256-5qmwCcrhDkJlyeTS+waMiTxro1HjMHiQE5Ds/4sVpx4="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + openssl + ] + ++ lib.optional stdenv.isLinux pcsclite + ++ lib.optionals stdenv.isDarwin [ + IOKit + Foundation + PCSC + ]; + + meta = with lib; { + description = "YubiKey plugin for age"; + homepage = "https://github.com/str4d/age-plugin-yubikey"; + changelog = "https://github.com/str4d/age-plugin-yubikey/blob/${src.rev}/CHANGELOG.md"; + license = with licenses; [ mit asl20 ]; + maintainers = with maintainers; [ kranzes vtuan10 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/age/default.nix b/nixpkgs/pkgs/tools/security/age/default.nix new file mode 100644 index 000000000000..8ad4ff9c904c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/age/default.nix @@ -0,0 +1,63 @@ +{ lib, buildGoModule, fetchFromGitHub, fetchpatch, installShellFiles }: + +buildGoModule rec { + pname = "age"; + version = "1.1.1"; + vendorHash = "sha256-MumPdRTz840+hoisJ7ADgBhyK3n8P6URobbRJYDFkDY="; + + src = fetchFromGitHub { + owner = "FiloSottile"; + repo = "age"; + rev = "v${version}"; + sha256 = "sha256-LRxxJQLQkzoCNYGS/XBixVmYXoZ1mPHKvFicPGXYLcw="; + }; + + # Worked with the upstream to change the way test vectors were sourced from + # another repo at test run time, so we can run test without network access. + # https://github.com/FiloSottile/age/pull/476 + # + # Changes landed after v1.1.1, so we'll patch this one until next release. + patches = [ + # Revert "all: temporarily disable testscript tests" + (fetchpatch { + name = "0001-revert-temporarily-disabled-testscript-tests.patch"; + url = "https://github.com/FiloSottile/age/commit/5471e05672de168766f5f11453fd324c53c264e5.patch"; + sha256 = "sha256-F3oDhRWJqqcF9MDDWPeO9V/wUGXkmUXY87wgokUIoOk="; + }) + + # age: depend on c2sp.org/CCTV/age for TestVectors + (fetchpatch { + name = "0002-depend-on-c2sp_cctv_age__TestVectors.patch"; + url = "https://github.com/FiloSottile/age/commit/edf7388f7731b274b055dcab3ec4006cc4961b68.patch"; + sha256 = "sha256-CloCj/uF3cqTeCfRkV6TeYiovuDQXm1ZIklREWAot1E="; + }) + ]; + + ldflags = [ + "-s" "-w" "-X main.Version=${version}" + ]; + + nativeBuildInputs = [ installShellFiles ]; + + preInstall = '' + installManPage doc/*.1 + ''; + + doInstallCheck = true; + installCheckPhase = '' + if [[ "$("$out/bin/${pname}" --version)" == "${version}" ]]; then + echo '${pname} smoke check passed' + else + echo '${pname} smoke check failed' + return 1 + fi + ''; + + meta = with lib; { + homepage = "https://age-encryption.org/"; + description = "Modern encryption tool with small explicit keys"; + license = licenses.bsd3; + mainProgram = "age"; + maintainers = with maintainers; [ tazjin ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/agebox/default.nix b/nixpkgs/pkgs/tools/security/agebox/default.nix new file mode 100644 index 000000000000..ea50c8779b3d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/agebox/default.nix @@ -0,0 +1,29 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "agebox"; + version = "0.6.1"; + + src = fetchFromGitHub { + owner = "slok"; + repo = pname; + rev = "v${version}"; + hash = "sha256-W6/v5BIl+k6tMan/Wdua7mHKMsq23QZN13Cy24akJr4="; + }; + + vendorHash = "sha256-PLeNTlQ0OMcupfbVN/KGb0iJYf3Jbcevg8gTcKHpn8s="; + + ldflags = [ + "-s" + "-w" + "-X main.Version=${version}" + ]; + + meta = with lib; { + homepage = "https://github.com/slok/agebox"; + changelog = "https://github.com/slok/agebox/releases/tag/v${version}"; + description = "Age based repository file encryption gitops tool"; + license = licenses.asl20; + maintainers = with maintainers; [ lesuisse ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/aide/default.nix b/nixpkgs/pkgs/tools/security/aide/default.nix new file mode 100644 index 000000000000..b34be9a37710 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/aide/default.nix @@ -0,0 +1,28 @@ +{ lib, stdenv, fetchurl, flex, bison, libmhash, zlib, acl, attr, libselinux, pcre }: + +stdenv.mkDerivation rec { + pname = "aide"; + version = "0.17.4"; + + src = fetchurl { + url = "https://github.com/aide/aide/releases/download/v${version}/${pname}-${version}.tar.gz"; + sha256 = "sha256-yBUFJG8//C52A21Dp3ISroKJW1iB2bniXBNhsam3qEY="; + }; + + buildInputs = [ flex bison libmhash zlib acl attr libselinux pcre ]; + + + configureFlags = [ + "--with-posix-acl" + "--with-selinux" + "--with-xattr" + ]; + + meta = with lib; { + homepage = "https://aide.github.io/"; + description = "A file and directory integrity checker"; + license = licenses.gpl2Plus; + maintainers = [ ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/aiodnsbrute/default.nix b/nixpkgs/pkgs/tools/security/aiodnsbrute/default.nix new file mode 100644 index 000000000000..c11255e6ab80 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/aiodnsbrute/default.nix @@ -0,0 +1,39 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "aiodnsbrute"; + version = "0.3.3"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "blark"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-cEpk71VoQJZfKeAZummkk7yjtXKSMndgo0VleYiMlWE="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + aiodns + click + tqdm + uvloop + ]; + + # Project no tests + doCheck = false; + + pythonImportsCheck = [ + "aiodnsbrute.cli" + ]; + + meta = with lib; { + description = "DNS brute force utility"; + homepage = "https://github.com/blark/aiodnsbrute"; + changelog = "https://github.com/blark/aiodnsbrute/releases/tag/v${version}"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/alterx/default.nix b/nixpkgs/pkgs/tools/security/alterx/default.nix new file mode 100644 index 000000000000..9fcdb7378b70 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/alterx/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "alterx"; + version = "0.0.3"; + + src = fetchFromGitHub { + owner = "projectdiscovery"; + repo = "alterx"; + rev = "refs/tags/v${version}"; + hash = "sha256-A01XROFB2NkArfFtRMv/r9Nu5QoKMTOVzVIUnFoVe78="; + }; + + vendorHash = "sha256-efwU41kFR8QYa2cevvj4pYAXgCisJ4OHaRIhWVnETvc="; + + meta = with lib; { + description = "Fast and customizable subdomain wordlist generator using DSL"; + homepage = "https://github.com/projectdiscovery/alterx"; + changelog = "https://github.com/projectdiscovery/alterx/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/amber/default.nix b/nixpkgs/pkgs/tools/security/amber/default.nix new file mode 100644 index 000000000000..2b64480c4a00 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/amber/default.nix @@ -0,0 +1,26 @@ +{ lib, stdenv, rustPlatform, fetchFromGitHub, Security }: + +rustPlatform.buildRustPackage rec { + # Renaming it to amber-secret because another package named amber exists + pname = "amber-secret"; + version = "0.1.5"; + + src = fetchFromGitHub { + owner = "fpco"; + repo = "amber"; + rev = "v${version}"; + sha256 = "sha256-11dqfOi/DdfFrFTeboPyFkixXG+fCJ2jpHM55qsQ1jw="; + }; + + cargoHash = "sha256-u0vceIurenYnKfF3gWNw304hX4vVFoszZD7AMwffOmc="; + + buildInputs = lib.optionals stdenv.isDarwin [ Security ]; + + meta = with lib; { + description = "Manage secret values in-repo via public key cryptography"; + homepage = "https://github.com/fpco/amber"; + license = licenses.mit; + maintainers = with maintainers; [ psibi ]; + mainProgram = "amber"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/amoco/default.nix b/nixpkgs/pkgs/tools/security/amoco/default.nix new file mode 100644 index 000000000000..a9c182ca4cbc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/amoco/default.nix @@ -0,0 +1,72 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "amoco"; + version = "2.9.8"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "bdcht"; + repo = pname; + rev = "v${version}"; + hash = "sha256-3+1ssFyU7SKFJgDYBQY0kVjmTHOD71D2AjnH+4bfLXo="; + }; + + nativeBuildInputs = with python3.pkgs; [ + pythonRelaxDepsHook + ]; + + propagatedBuildInputs = with python3.pkgs; [ + blessed + click + crysp + grandalf + pyparsing + tqdm + traitlets + ]; + + passthru.optional-dependencies = { + app = with python3.pkgs; [ + # ccrawl + ipython + prompt-toolkit + pygments + # pyside6 + z3 + ]; + }; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + postPatch = '' + substituteInPlace setup.py \ + --replace "'pytest-runner'," "" + ''; + + pythonRelaxDeps = [ + "grandalf" + "crysp" + ]; + + pythonImportsCheck = [ + "amoco" + ]; + + disabledTests = [ + # AttributeError: 'str' object has no attribute '__dict__' + "test_func" + ]; + + meta = with lib; { + description = "Tool for analysing binaries"; + homepage = "https://github.com/bdcht/amoco"; + license = licenses.gpl2Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/apachetomcatscanner/default.nix b/nixpkgs/pkgs/tools/security/apachetomcatscanner/default.nix new file mode 100644 index 000000000000..41c68aa79792 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/apachetomcatscanner/default.nix @@ -0,0 +1,44 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "apachetomcatscanner"; + version = "3.5"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "p0dalirius"; + repo = "ApacheTomcatScanner"; + rev = "refs/tags/${version}"; + hash = "sha256-ChVVXUjm6y71iRs64Kv63oiOG1GSqmx6J0YiGtEI0ao="; + }; + + # Posted a PR for discussion upstream that can be followed: + # https://github.com/p0dalirius/ApacheTomcatScanner/pull/32 + postPatch = '' + sed -i '/apachetomcatscanner=apachetomcatscanner\.__main__:main/d' setup.py + ''; + + propagatedBuildInputs = with python3.pkgs; [ + requests + sectools + xlsxwriter + ]; + + # Project has no test + doCheck = false; + + pythonImportsCheck = [ + "apachetomcatscanner" + ]; + + meta = with lib; { + description = "Tool to scan for Apache Tomcat server vulnerabilities"; + homepage = "https://github.com/p0dalirius/ApacheTomcatScanner"; + changelog = "https://github.com/p0dalirius/ApacheTomcatScanner/releases/tag/${version}"; + license = with licenses; [ gpl2Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/apg/default.nix b/nixpkgs/pkgs/tools/security/apg/default.nix new file mode 100644 index 000000000000..a283678e0a16 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/apg/default.nix @@ -0,0 +1,67 @@ +{ lib, stdenv, fetchFromGitHub, openssl, autoreconfHook }: +stdenv.mkDerivation rec { + pname = "apg"; + version = "unstable-2015-01-29"; + + src = fetchFromGitHub { + owner = "wilx"; + repo = "apg"; + rev = "7ecdbac79156c8864fa3ff8d61e9f1eb264e56c2"; + sha256 = "sha256-+7TrJACdm/i/pc0dsp8edEIOjx8cip+x0Qc2gONajSE="; + }; + + nativeBuildInputs = [ autoreconfHook ]; + + buildInputs = [ openssl ]; + + meta = { + description = "Tools for random password generation"; + longDescription = '' + APG (Automated Password Generator) is the tool set for random + password generation. + + Standalone version + + Generates some random words of required type and prints them + to standard output. + + Network version + + APG server: When client's request is arrived generates some + random words of predefined type and send them to client over + the network (according to RFC0972). + + APG client: Sends the password generation request to the APG + server, wait for generated Passwords arrival and then prints + them to the standard output. + + Advantages + + * Built-in ANSI X9.17 RNG (Random Number Generator) (CAST/SHA1) + * Built-in password quality checking system (it has support for + Bloom filter for faster access) + * Two Password Generation Algorithms: + 1. Pronounceable Password Generation Algorithm (according to + NIST FIPS 181) + 2. Random Character Password Generation Algorithm with 35 + configurable modes of operation + * Configurable password length parameters + * Configurable amount of generated passwords + * Ability to initialize RNG with user string + * Support for /dev/random + * Ability to crypt() generated passwords and print them as + additional output + * Special parameters to use APG in script + * Ability to log password generation requests for network version + * Ability to control APG service access using tcpd + * Ability to use password generation service from any type of box + (Mac, WinXX, etc.) that connected to network + * Ability to enforce remote users to use only allowed type of + password generation + ''; + homepage = "https://github.com/wilx/apg"; + license = lib.licenses.bsd3; + maintainers = with lib.maintainers; [ astsmtl ]; + platforms = lib.platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/apkleaks/default.nix b/nixpkgs/pkgs/tools/security/apkleaks/default.nix new file mode 100644 index 000000000000..133601e4025f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/apkleaks/default.nix @@ -0,0 +1,37 @@ +{ lib +, fetchFromGitHub +, jadx +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "apkleaks"; + version = "2.6.1"; + + disabled = python3.pythonOlder "3.6"; + + src = fetchFromGitHub { + owner = "dwisiswant0"; + repo = pname; + rev = "v${version}"; + sha256 = "0ysciv643p8gkqw2wp7zy4n07hihdcyil8d20lj86cpgga71rd64"; + }; + + propagatedBuildInputs = with python3.pkgs; [ + jadx + pyaxmlparser + setuptools + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ "apkleaks" ]; + + meta = with lib; { + description = "Scanning APK file for URIs, endpoints and secrets"; + homepage = "https://github.com/dwisiswant0/apkleaks"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ares-rs/default.nix b/nixpkgs/pkgs/tools/security/ares-rs/default.nix new file mode 100644 index 000000000000..433cdaa5792a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ares-rs/default.nix @@ -0,0 +1,27 @@ +{ lib +, rustPlatform +, fetchFromGitHub +}: + +rustPlatform.buildRustPackage rec { + pname = "ares-rs"; + version = "0.9.0"; + + src = fetchFromGitHub { + owner = "bee-san"; + repo = "ares"; + rev = "refs/tags/${version}"; + hash = "sha256-F+uBGRL1G8kiNZUCsiPbISBfId5BPwShenusqkcsHug="; + }; + + cargoHash = "sha256-7zDq66oWT+j6t9LEBUoeby8MQ1Ihhvk3KLwWPQAThyc="; + + meta = with lib; { + description = "Automated decoding of encrypted text without knowing the key or ciphers used"; + homepage = "https://github.com/bee-san/ares"; + changelog = "https://github.com/bee-san/Ares/releases/tag${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + mainProgram = "ares"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/argocd-vault-plugin/default.nix b/nixpkgs/pkgs/tools/security/argocd-vault-plugin/default.nix new file mode 100644 index 000000000000..d2557b36dc2e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/argocd-vault-plugin/default.nix @@ -0,0 +1,26 @@ +{ buildGoModule, fetchFromGitHub, lib }: + +buildGoModule rec { + pname = "argocd-vault-plugin"; + version = "1.16.1"; + + src = fetchFromGitHub { + owner = "argoproj-labs"; + repo = pname; + rev = "v${version}"; + hash = "sha256-7bUpshg+OqlS5wvFkZkovQVaLglvSpp7FsVA9qNOk1U="; + }; + + vendorHash = "sha256-r9Pcm95gU0QTiREdiQiyJMOKZb5Lt2bIJywLerzgbdg="; + + # integration tests require filesystem and network access for credentials + doCheck = false; + + meta = with lib; { + homepage = "https://argocd-vault-plugin.readthedocs.io"; + changelog = "https://github.com/argoproj-labs/argocd-vault-plugin/releases/tag/v${version}"; + description = "An Argo CD plugin to retrieve secrets from Secret Management tools and inject them into Kubernetes secrets"; + license = licenses.asl20; + maintainers = with maintainers; [ urandom ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/arsenal/default.nix b/nixpkgs/pkgs/tools/security/arsenal/default.nix new file mode 100644 index 000000000000..62dd9a598668 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/arsenal/default.nix @@ -0,0 +1,40 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "arsenal"; + version = "1.1.0"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "Orange-Cyberdefense"; + repo = "arsenal"; + rev = version; + sha256 = "sha256-NbNXyR5aNKvRJU9JWGk/ndwU1bhNgDOdcRqBkAY9nPA="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + libtmux + docutils + pyfzf + pyperclip + pyyaml + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "arsenal" + ]; + + meta = with lib; { + description = "Tool to generate commands for security and network tools"; + homepage = "https://github.com/Orange-Cyberdefense/arsenal"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + mainProgram = "arsenal"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/arti/default.nix b/nixpkgs/pkgs/tools/security/arti/default.nix new file mode 100644 index 000000000000..0ed6ca8a25d8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/arti/default.nix @@ -0,0 +1,43 @@ +{ lib +, stdenv +, rustPlatform +, fetchFromGitLab +, pkg-config +, sqlite +, openssl +, CoreServices +}: + +rustPlatform.buildRustPackage rec { + pname = "arti"; + version = "1.1.9"; + + src = fetchFromGitLab { + domain = "gitlab.torproject.org"; + group = "tpo"; + owner = "core"; + repo = "arti"; + rev = "arti-v${version}"; + sha256 = "sha256-nce+WpT9uloO9Ce/h1ziPWJhYMcL4yZvYO1EP8AEfxI="; + }; + + cargoHash = "sha256-Qqm39QK+/rCmad3dJLVPGd7ZKP8ldtFI+NnxC6iQUBA="; + + nativeBuildInputs = lib.optionals stdenv.isLinux [ pkg-config ]; + + buildInputs = [ sqlite ] + ++ lib.optionals stdenv.isLinux [ openssl ] + ++ lib.optionals stdenv.isDarwin [ CoreServices ]; + + cargoBuildFlags = [ "--package" "arti" ]; + + cargoTestFlags = [ "--package" "arti" ]; + + meta = with lib; { + description = "An implementation of Tor in Rust"; + homepage = "https://gitlab.torproject.org/tpo/core/arti"; + changelog = "https://gitlab.torproject.org/tpo/core/arti/-/raw/${src.rev}/CHANGELOG.md"; + license = with licenses; [ asl20 /* or */ mit ]; + maintainers = with maintainers; [ marsam ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/arubaotp-seed-extractor/default.nix b/nixpkgs/pkgs/tools/security/arubaotp-seed-extractor/default.nix new file mode 100644 index 000000000000..a1ab0fd9f290 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/arubaotp-seed-extractor/default.nix @@ -0,0 +1,46 @@ +{ lib +, python3Packages +, fetchFromGitHub +}: + +python3Packages.buildPythonApplication { + pname = "arubaotp-seed-extractor"; + version = "unstable-22-12-2022"; + + src = fetchFromGitHub { + owner = "andry08"; + repo = "ArubaOTP-seed-extractor"; + rev = "534f78bb71594d5806fd2d7a8eade109b0e1d402"; + hash = "sha256-1pv88OClskQOPtJaP7g0duXMe/X3M6Tk+ituZ9UxoIE="; + }; + + format = "other"; + + nativeBuildInputs = [ + python3Packages.wrapPython + ]; + + pythonPath = with python3Packages; [ + pycryptodome + pyotp + qrcode + requests + ]; + + installPhase = '' + libdir="$out/lib/${python3Packages.python.libPrefix}/site-packages/arubaotp-seed-extractor" + mkdir -p "$libdir" + cp scripts/* "$libdir" + chmod +x "$libdir/main.py" + wrapPythonProgramsIn "$libdir" "$pythonPath" + mkdir -p $out/bin + ln -s "$libdir/main.py" $out/bin/arubaotp-seed-extractor + ''; + + meta = with lib; { + homepage = "https://github.com/andry08/ArubaOTP-seed-extractor"; + description = "Extract TOTP seed instead of using ArubaOTP app"; + license = licenses.mit; + maintainers = with maintainers; [ fgaz ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/asc-key-to-qr-code-gif/default.nix b/nixpkgs/pkgs/tools/security/asc-key-to-qr-code-gif/default.nix new file mode 100644 index 000000000000..28913c685778 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/asc-key-to-qr-code-gif/default.nix @@ -0,0 +1,45 @@ +{ lib, stdenv, fetchFromGitHub, imagemagick, qrencode +, testQR ? false, zbar ? null +}: + +assert testQR -> zbar != false; + +stdenv.mkDerivation { + pname = "asc-key-to-qr-code-gif"; + version = "20180613"; + + src = fetchFromGitHub { + owner = "yishilin14"; + repo = "asc-key-to-qr-code-gif"; + rev = "5b7b239a0089a5269444cbe8a651c99dd43dce3f"; + sha256 = "0yrc302a2fhbzryb10718ky4fymfcps3lk67ivis1qab5kbp6z8r"; + }; + + dontBuild = true; + dontStrip = true; + dontPatchELF = true; + + preInstall = let + substitutions = [ + ''--replace "convert" "${imagemagick}/bin/convert"'' + ''--replace "qrencode" "${qrencode.bin}/bin/qrencode"'' + ] ++ lib.optionals testQR [ + ''--replace "hash zbarimg" "true"'' # hash does not work on NixOS + ''--replace "$(zbarimg --raw" "$(${zbar.out}/bin/zbarimg --raw"'' + ]; + in '' + substituteInPlace asc-to-gif.sh ${lib.concatStringsSep " " substitutions} + ''; + + installPhase = '' + mkdir -p $out/bin + cp * $out/bin/ + ''; + + meta = with lib; { + homepage = "https://github.com/yishilin14/asc-key-to-qr-code-gif"; + description = "Convert ASCII-armored PGP keys to animated QR code"; + platforms = platforms.unix; + maintainers = with maintainers; [ asymmetric ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/asnmap/default.nix b/nixpkgs/pkgs/tools/security/asnmap/default.nix new file mode 100644 index 000000000000..b2c58136d9a8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/asnmap/default.nix @@ -0,0 +1,29 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "asnmap"; + version = "1.0.5"; + + src = fetchFromGitHub { + owner = "projectdiscovery"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-JdbKFc374U/MjRiLUbVOqb7qeFYpvMevUdis7GDZz3Y="; + }; + + vendorHash = "sha256-3/R8dhaJnoAsJgD4pqZ7etTXDFZnhW9sbUrnGp4md5o="; + + # Tests require network access + doCheck = false; + + meta = with lib; { + description = "Tool to gather network ranges using ASN information"; + homepage = "https://github.com/projectdiscovery/asnmap"; + changelog = "https://github.com/projectdiscovery/asnmap/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/atomic-operator/default.nix b/nixpkgs/pkgs/tools/security/atomic-operator/default.nix new file mode 100644 index 000000000000..6db7f0ecdd08 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/atomic-operator/default.nix @@ -0,0 +1,59 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "atomic-operator"; + version = "0.8.5"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "swimlane"; + repo = pname; + rev = version; + hash = "sha256-DyNqu3vndyLkmfybCfTbgxk3t/ALg7IAkAMg4kBkH7Q="; + }; + + postPatch = '' + substituteInPlace setup.py \ + --replace "charset_normalizer~=2.0.0" "charset_normalizer" + ''; + + propagatedBuildInputs = with python3.pkgs; [ + attrs + certifi + chardet + charset-normalizer + fire + idna + paramiko + pick + pypsrp + pyyaml + requests + urllib3 + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "atomic_operator" + ]; + + disabledTests = [ + # Tests require network access + "test_download_of_atomic_red_team_repo" + "test_setting_input_arguments" + "test_config_parser" + ]; + + meta = with lib; { + description = "Tool to execute Atomic Red Team tests (Atomics)"; + homepage = "https://www.atomic-operator.com/"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/authoscope/default.nix b/nixpkgs/pkgs/tools/security/authoscope/default.nix new file mode 100644 index 000000000000..f21df67035e4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/authoscope/default.nix @@ -0,0 +1,50 @@ +{ lib +, stdenv +, fetchFromGitHub +, installShellFiles +, libcap +, openssl +, pkg-config +, rustPlatform +, Security +, zlib +}: + +rustPlatform.buildRustPackage rec { + pname = "authoscope"; + version = "0.8.1"; + + src = fetchFromGitHub { + owner = "kpcyrd"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-SKgb/N249s0+Rb59moBT/MeFb4zAAElCMQJto0diyUk="; + }; + + cargoSha256 = "sha256-rSHuKy86iJNLAKSVcb7fn7A/cc75EOc97jGI14EaC6k="; + + nativeBuildInputs = [ + installShellFiles + pkg-config + ]; + + buildInputs = [ + libcap + zlib + openssl + ] ++ lib.optional stdenv.isDarwin Security; + + postInstall = '' + installManPage docs/${pname}.1 + ''; + + # Tests requires access to httpin.org + doCheck = false; + + meta = with lib; { + description = "Scriptable network authentication cracker"; + homepage = "https://github.com/kpcyrd/authoscope"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/authz0/default.nix b/nixpkgs/pkgs/tools/security/authz0/default.nix new file mode 100644 index 000000000000..04d2598fd521 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/authz0/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "authz0"; + version = "1.1.2"; + + src = fetchFromGitHub { + owner = "hahwul"; + repo = pname; + rev = "v${version}"; + hash = "sha256-NrArxuhzd57NIdM4d9p/wfCB1e6l83pV+cjjCgZ9YtM="; + }; + + vendorHash = "sha256-ARPrArvCgxLdCaiUdJyjB/9GbbldnMXwFbyYubbsqxc="; + + meta = with lib; { + description = "Automated authorization test tool"; + homepage = "https://github.com/hahwul/authz0"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/aws-iam-authenticator/default.nix b/nixpkgs/pkgs/tools/security/aws-iam-authenticator/default.nix new file mode 100644 index 000000000000..f186c43721f4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/aws-iam-authenticator/default.nix @@ -0,0 +1,36 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "aws-iam-authenticator"; + version = "0.6.12"; + + src = fetchFromGitHub { + owner = "kubernetes-sigs"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-IIlAsxxEYjR7+wdWExdsQAH0x4yOXZ+bVQWwn7mrhRw="; + }; + + vendorHash = "sha256-RcZqnyZtonE4qeu+llL1OPGPG93/Rx8ESWM5wapZ1BM="; + + ldflags = let PKG = "sigs.k8s.io/aws-iam-authenticator"; in [ + "-s" + "-w" + "-X=${PKG}/pkg.Version=${version}" + "-X=${PKG}/pkg.BuildDate=1970-01-01T01:01:01Z" + "-X ?${PKG}/pkg.CommitID=${version}" + ]; + + subPackages = [ "cmd/aws-iam-authenticator" ]; + + meta = with lib; { + homepage = "https://github.com/kubernetes-sigs/aws-iam-authenticator"; + description = "AWS IAM credentials for Kubernetes authentication"; + changelog = "https://github.com/kubernetes-sigs/aws-iam-authenticator/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ srhb ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/b2sum/default.nix b/nixpkgs/pkgs/tools/security/b2sum/default.nix new file mode 100644 index 000000000000..1f0f2a2bf0cb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/b2sum/default.nix @@ -0,0 +1,35 @@ +{ lib, stdenv, fetchFromGitHub, openmp ? null }: + +stdenv.mkDerivation (finalAttrs: { + pname = "b2sum"; + version = "20190724"; + + src = fetchFromGitHub { + owner = "BLAKE2"; + repo = "BLAKE2"; + rev = finalAttrs.version; + sha256 = "sha256-6BVl3Rh+CRPQq3QxcUlk5ArvjIj/IcPCA2/Ok0Zu7UI="; + }; + + # Use the generic C implementation rather than the SSE optimised version on non-x86 platforms + postPatch = lib.optionalString (!stdenv.hostPlatform.isx86) '' + substituteInPlace makefile \ + --replace "#FILES=b2sum.c ../ref/" "FILES=b2sum.c ../ref/" \ + --replace "FILES=b2sum.c ../sse/" "#FILES=b2sum.c ../sse/" + ''; + + sourceRoot = "${finalAttrs.src.name}/b2sum"; + + buildInputs = [ openmp ]; + + buildFlags = [ (lib.optional (openmp == null) "NO_OPENMP=1") ]; + installFlags = [ "PREFIX=$(out)" ]; + + meta = with lib; { + description = "The b2sum utility is similar to the md5sum or shasum utilities but for BLAKE2"; + homepage = "https://blake2.net"; + license = with licenses; [ asl20 cc0 openssl ]; + maintainers = with maintainers; [ kirelagin ]; + platforms = platforms.unix; + }; +}) diff --git a/nixpkgs/pkgs/tools/security/b3sum/default.nix b/nixpkgs/pkgs/tools/security/b3sum/default.nix new file mode 100644 index 000000000000..858226fb569b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/b3sum/default.nix @@ -0,0 +1,21 @@ +{ lib, fetchCrate, rustPlatform }: + +rustPlatform.buildRustPackage rec { + pname = "b3sum"; + version = "1.5.0"; + + src = fetchCrate { + inherit version pname; + sha256 = "sha256-yjMuXL0eW+6mm26LgIjD22WyTjb+KMjKRI68mpGGAZA="; + }; + + cargoHash = "sha256-Ka+5RKRSVQYoLFXE1bEc6fGFQcbrFTVgi6yAoGIDdUI="; + + meta = { + description = "BLAKE3 cryptographic hash function"; + homepage = "https://github.com/BLAKE3-team/BLAKE3/"; + maintainers = with lib.maintainers; [ fpletz ivan ]; + license = with lib.licenses; [ cc0 asl20 ]; + changelog = "https://github.com/BLAKE3-team/BLAKE3/releases/tag/${version}"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/baboossh/default.nix b/nixpkgs/pkgs/tools/security/baboossh/default.nix new file mode 100644 index 000000000000..e9ad7b260efe --- /dev/null +++ b/nixpkgs/pkgs/tools/security/baboossh/default.nix @@ -0,0 +1,39 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "baboossh"; + version = "1.2.0"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "cybiere"; + repo = "baboossh"; + rev = "refs/tags/v${version}"; + hash = "sha256-dorIqnJuAS/y9W6gyt65QjwGwx4bJHKLmdqRPzY25yA="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + cmd2 + tabulate + paramiko + python-libnmap + ]; + + # No tests available + doCheck = false; + + pythonImportsCheck = [ + "baboossh" + ]; + + meta = with lib; { + description = "Tool to do SSH spreading"; + homepage = "https://github.com/cybiere/baboossh"; + changelog = "https://github.com/cybiere/baboossh/releases/tag/v${version}"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/badchars/default.nix b/nixpkgs/pkgs/tools/security/badchars/default.nix new file mode 100644 index 000000000000..3125ff0c28c9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/badchars/default.nix @@ -0,0 +1,32 @@ +{ lib +, buildPythonApplication +, fetchPypi +}: + +buildPythonApplication rec { + pname = "badchars"; + version = "0.4.0"; + + src = fetchPypi { + inherit pname version; + sha256 = "1xqki8qnfwl97d60xj69alyzwa1mnfbwki25j0vhvhb05varaxz2"; + }; + + postPatch = '' + substituteInPlace setup.py --replace "argparse" "" + ''; + + # no tests are available and it can't be imported (it's only a script, not a module) + doCheck = false; + + meta = with lib; { + description = "HEX badchar generator for different programming languages"; + longDescription = '' + A HEX bad char generator to instruct encoders such as shikata-ga-nai to + transform those to other chars. + ''; + homepage = "https://github.com/cytopia/badchars"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/badrobot/default.nix b/nixpkgs/pkgs/tools/security/badrobot/default.nix new file mode 100644 index 000000000000..e25e18b5ead2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/badrobot/default.nix @@ -0,0 +1,45 @@ +{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: + +buildGoModule rec { + pname = "badrobot"; + version = "0.1.3"; + + src = fetchFromGitHub { + owner = "controlplaneio"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-mLBJLeB85QeC4PYH4FyOI8lHz1OxIJlJbqgDfXTNnhM="; + }; + vendorHash = "sha256-SB7gGgm7BwMSo4ocKX4UGB+OdjVY92S5YZfOmTl4VEk="; + + nativeBuildInputs = [ installShellFiles ]; + + ldflags = [ + "-s" + "-w" + "-X github.com/controlplaneio/badrobot/cmd.version=v${version}" + ]; + + postInstall = '' + installShellCompletion --cmd badrobot \ + --bash <($out/bin/badrobot completion bash) \ + --fish <($out/bin/badrobot completion fish) \ + --zsh <($out/bin/badrobot completion zsh) + ''; + + meta = with lib; { + homepage = "https://github.com/controlplaneio/badrobot"; + changelog = "https://github.com/controlplaneio/badrobot/blob/v${version}/CHANGELOG.md"; + description = "Operator Security Audit Tool"; + longDescription = '' + Badrobot is a Kubernetes Operator audit tool. It statically analyses + manifests for high risk configurations such as lack of security + restrictions on the deployed controller and the permissions of an + associated clusterole. The risk analysis is primarily focussed on the + likelihood that a compromised Operator would be able to obtain full + cluster permissions. + ''; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ jk ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bao/default.nix b/nixpkgs/pkgs/tools/security/bao/default.nix new file mode 100644 index 000000000000..f948bccc5f43 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bao/default.nix @@ -0,0 +1,24 @@ +{ lib +, rustPlatform +, fetchCrate +}: + +rustPlatform.buildRustPackage rec { + pname = "bao"; + version = "0.12.1"; + + src = fetchCrate { + inherit version; + pname = "${pname}_bin"; + sha256 = "sha256-+MjfqIg/aKPWhzxbPJ0dnS4egCj50Ib7ob3zXUSBXRg="; + }; + + cargoHash = "sha256-SNsRN5XgchZq6/BZnMeahIqnkP4Jq6bZxbE5cDVpsQA="; + + meta = { + description = "An implementation of BLAKE3 verified streaming"; + homepage = "https://github.com/oconnor663/bao"; + maintainers = with lib.maintainers; [ amarshall ]; + license = with lib.licenses; [ cc0 asl20 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bash-supergenpass/default.nix b/nixpkgs/pkgs/tools/security/bash-supergenpass/default.nix new file mode 100644 index 000000000000..ae831bf86753 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bash-supergenpass/default.nix @@ -0,0 +1,49 @@ +{ lib, stdenv +, fetchFromGitHub +, unstableGitUpdater +, makeWrapper +, openssl +, coreutils +, gnugrep }: + +stdenv.mkDerivation { + pname = "bash-supergenpass"; + version = "unstable-2020-02-03"; + + nativeBuildInputs = [ makeWrapper ]; + + src = fetchFromGitHub { + owner = "lanzz"; + repo = "bash-supergenpass"; + rev = "e5d96599b65d65a37148996f00f9d057e522e4d8"; + sha256 = "1d8csp94l2p5y5ln53aza5qf246rwmd10043x0x1yrswqrrya40f"; + }; + + installPhase = '' + install -m755 -D supergenpass.sh "$out/bin/supergenpass" + wrapProgram "$out/bin/supergenpass" --prefix PATH : "${lib.makeBinPath [ openssl coreutils gnugrep ]}" + ''; + + passthru.updateScript = unstableGitUpdater { + url = "https://github.com/lanzz/bash-supergenpass.git"; + }; + + meta = with lib; { + description = "Bash shell-script implementation of SuperGenPass password generation"; + longDescription = '' + Bash shell-script implementation of SuperGenPass password generation + Usage: ./supergenpass.sh <domain> [ <length> ] + + Default <length> is 10, which is also the original SuperGenPass default length. + + The <domain> parameter is also optional, but it does not make much sense to omit it. + + supergenpass will ask for your master password interactively, and it will not be displayed on your terminal. + ''; + homepage = "https://github.com/lanzz/bash-supergenpass"; + license = licenses.mit; + maintainers = with maintainers; [ fgaz ]; + mainProgram = "supergenpass"; + platforms = platforms.all; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bettercap/default.nix b/nixpkgs/pkgs/tools/security/bettercap/default.nix new file mode 100644 index 000000000000..69736b4cc308 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bettercap/default.nix @@ -0,0 +1,41 @@ +{ lib, stdenv +, buildGoModule +, fetchFromGitHub +, pkg-config +, libpcap +, libnfnetlink +, libnetfilter_queue +, libusb1 +}: + +buildGoModule rec { + pname = "bettercap"; + version = "2.32.0"; + + src = fetchFromGitHub { + owner = pname; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-OND8WPqU/95rKykqMAPWmDsJ+AjsjGjrncZ2/m3mpt0="; + }; + + vendorHash = "sha256-QKv8F9QLRi+1Bqj9KywJsTErjs7o6gFM4tJLA8y52MY="; + + doCheck = false; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ libpcap libusb1 ] + ++ lib.optionals stdenv.isLinux [ libnfnetlink libnetfilter_queue ]; + + meta = with lib; { + description = "A man in the middle tool"; + longDescription = '' + BetterCAP is a powerful, flexible and portable tool created to perform various + types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic + in realtime, sniff for credentials and much more. + ''; + homepage = "https://www.bettercap.org/"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ y0no ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/beyond-identity/default.nix b/nixpkgs/pkgs/tools/security/beyond-identity/default.nix new file mode 100644 index 000000000000..31b3439f0e87 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/beyond-identity/default.nix @@ -0,0 +1,90 @@ +{ lib, stdenv, fetchurl, dpkg, buildFHSEnv +, glibc, glib, openssl, tpm2-tss +, gtk3, gnome, polkit, polkit_gnome +}: + +let + pname = "beyond-identity"; + version = "2.60.0-0"; + libPath = lib.makeLibraryPath ([ glib glibc openssl tpm2-tss gtk3 gnome.gnome-keyring polkit polkit_gnome ]); + meta = with lib; { + description = "Passwordless MFA identities for workforces, customers, and developers"; + homepage = "https://www.beyondidentity.com"; + downloadPage = "https://app.byndid.com/downloads"; + sourceProvenance = with sourceTypes; [ binaryNativeCode ]; + license = licenses.unfree; + maintainers = with maintainers; [ klden ]; + platforms = [ "x86_64-linux" ]; + }; + + beyond-identity = stdenv.mkDerivation { + inherit pname version meta; + + src = fetchurl { + url = "https://packages.beyondidentity.com/public/linux-authenticator/deb/ubuntu/pool/focal/main/b/be/${pname}_${version}/${pname}_${version}_amd64.deb"; + hash = "sha512-JrHLf7KkJVbJLxx54OTvOSaIzY3+hjX+bpkeBHKX23YriCJssUUvEP6vlbI4r6gjMMFMhW92k0iikAgD1Tr4ug=="; + }; + + nativeBuildInputs = [ + dpkg + ]; + + unpackPhase = '' + dpkg -x $src . + ''; + + installPhase = '' + mkdir -p $out/opt/beyond-identity + + rm -rf usr/share/doc + + # https://github.com/NixOS/nixpkgs/issues/42117 + sed -i -e 's/auth_self/yes/g' usr/share/polkit-1/actions/com.beyondidentity.endpoint.stepup.policy + + cp -ar usr/{bin,share} $out + cp -ar opt/beyond-identity/bin $out/opt/beyond-identity + + ln -s $out/opt/beyond-identity/bin/* $out/bin/ + ''; + + postFixup = '' + substituteInPlace \ + $out/share/applications/com.beyondidentity.endpoint.BeyondIdentity.desktop \ + --replace /usr/bin/ $out/bin/ + substituteInPlace \ + $out/share/applications/com.beyondidentity.endpoint.webserver.BeyondIdentity.desktop \ + --replace /opt/ $out/opt/ + substituteInPlace \ + $out/opt/beyond-identity/bin/byndid-web \ + --replace /opt/ $out/opt/ + substituteInPlace \ + $out/bin/beyond-identity \ + --replace /opt/ $out/opt/ \ + --replace /usr/bin/gtk-launch ${gtk3}/bin/gtk-launch + + patchelf \ + --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ + --set-rpath "${libPath}" \ + --force-rpath \ + $out/bin/byndid + ''; + }; +# /usr/bin/pkcheck is hardcoded in binary - we need FHS +in buildFHSEnv { + inherit meta; + name = pname; + + targetPkgs = pkgs: [ + beyond-identity + glib glibc openssl tpm2-tss + gtk3 gnome.gnome-keyring + polkit polkit_gnome + ]; + + extraInstallCommands = '' + ln -s ${beyond-identity}/share $out + ''; + + runScript = "beyond-identity"; +} + diff --git a/nixpkgs/pkgs/tools/security/binbloom/default.nix b/nixpkgs/pkgs/tools/security/binbloom/default.nix new file mode 100644 index 000000000000..0805e7b988d4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/binbloom/default.nix @@ -0,0 +1,27 @@ +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +}: + +stdenv.mkDerivation rec { + pname = "binbloom"; + version = "2.0"; + + src = fetchFromGitHub { + owner = "quarkslab"; + repo = pname; + rev = "v${version}"; + hash = "sha256-UiKiDey/pHtJDr4UYqt+T/TneKig5tT8YU2u98Ttjmo="; + }; + + nativeBuildInputs = [ autoreconfHook ]; + + meta = with lib; { + description = "Raw binary firmware analysis software"; + homepage = "https://github.com/quarkslab/binbloom"; + license = licenses.asl20; + maintainers = with maintainers; [ erdnaxe ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/biscuit-cli/default.nix b/nixpkgs/pkgs/tools/security/biscuit-cli/default.nix new file mode 100644 index 000000000000..74dac8b56586 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/biscuit-cli/default.nix @@ -0,0 +1,38 @@ +{ lib +, fetchFromGitHub +, rustPlatform +, testers +, nix-update-script +, biscuit-cli +}: + +rustPlatform.buildRustPackage rec { + pname = "biscuit-cli"; + version = "0.4.1"; + + src = fetchFromGitHub { + owner = "biscuit-auth"; + repo = "biscuit-cli"; + rev = version; + sha256 = "sha256-Mvrv3BU0Pw85fs8IbjMKSQLIhtU6SKoLC0cuGdhfAYs="; + }; + + cargoHash = "sha256-tgmM0rswIFrpFyupaASTXYvIyhVu0fXJJN+hg0p+vrQ="; + + passthru = { + updateScript = nix-update-script { }; + tests.version = testers.testVersion { + inherit version; + package = biscuit-cli; + command = "biscuit --version"; + }; + }; + + meta = with lib; { + description = "CLI to generate and inspect biscuit tokens"; + homepage = "https://www.biscuitsec.org/"; + maintainers = with maintainers; [ shlevy gaelreyrol ]; + license = licenses.bsd3; + mainProgram = "biscuit"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bitwarden/cli.nix b/nixpkgs/pkgs/tools/security/bitwarden/cli.nix new file mode 100644 index 000000000000..3be69ae97fdb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bitwarden/cli.nix @@ -0,0 +1,52 @@ +{ lib +, stdenv +, buildNpmPackage +, nodejs_18 +, fetchFromGitHub +, python3 +, darwin +, nixosTests +}: + +let + buildNpmPackage' = buildNpmPackage.override { nodejs = nodejs_18; }; +in buildNpmPackage' rec { + pname = "bitwarden-cli"; + version = "2023.9.1"; + + src = fetchFromGitHub { + owner = "bitwarden"; + repo = "clients"; + rev = "cli-v${version}"; + hash = "sha256-1dyrjEhcZDrA89rEvGg16f/MI8oNPPF4lwgGQQF9huE="; + }; + + npmDepsHash = "sha256-7GgjrH5s09zwGhWPOYHLTIMSKYndq+cAG06jZ0IySOQ="; + + nativeBuildInputs = [ + python3 + ] ++ lib.optionals stdenv.isDarwin [ + darwin.cctools + ]; + + makeCacheWritable = true; + + env.ELECTRON_SKIP_BINARY_DOWNLOAD = "1"; + + npmBuildScript = "build:prod"; + + npmWorkspace = "apps/cli"; + + passthru.tests = { + vaultwarden = nixosTests.vaultwarden.sqlite; + }; + + meta = with lib; { + changelog = "https://github.com/bitwarden/clients/releases/tag/${src.rev}"; + description = "A secure and free password manager for all of your devices"; + homepage = "https://bitwarden.com"; + license = lib.licenses.gpl3Only; + mainProgram = "bw"; + maintainers = with maintainers; [ dotlambda ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bitwarden/default.nix b/nixpkgs/pkgs/tools/security/bitwarden/default.nix new file mode 100644 index 000000000000..84ce6b59d787 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bitwarden/default.nix @@ -0,0 +1,168 @@ +{ lib +, buildNpmPackage +, cargo +, copyDesktopItems +, dbus +, electron_25 +, fetchFromGitHub +, glib +, gnome +, gtk3 +, jq +, libsecret +, makeDesktopItem +, makeWrapper +, moreutils +, napi-rs-cli +, nodejs_18 +, pkg-config +, python3 +, rustc +, rustPlatform +}: + +let + description = "A secure and free password manager for all of your devices"; + icon = "bitwarden"; + + buildNpmPackage' = buildNpmPackage.override { nodejs = nodejs_18; }; + electron = electron_25; +in buildNpmPackage' rec { + pname = "bitwarden"; + version = "2023.9.3"; + + src = fetchFromGitHub { + owner = "bitwarden"; + repo = "clients"; + rev = "desktop-v${version}"; + hash = "sha256-NiMJmtCx+yD24BCyMgHLpRApNwoIJRps5qmmlVdB0G0="; + }; + + makeCacheWritable = true; + npmWorkspace = "apps/desktop"; + npmDepsHash = "sha256-HQPxmATA9bUc4NTfvYsL6fGuicU9baySCmNHahs8EF4="; + + cargoDeps = rustPlatform.fetchCargoTarball { + name = "${pname}-${version}"; + inherit src; + sourceRoot = "${src.name}/${cargoRoot}"; + hash = "sha256-mFxvK9cmSBRVnUwEbzADUa5W5TCL51wcUHxuR5JZwLE="; + }; + cargoRoot = "apps/desktop/desktop_native"; + + env.ELECTRON_SKIP_BINARY_DOWNLOAD = "1"; + + nativeBuildInputs = [ + cargo + copyDesktopItems + jq + makeWrapper + moreutils + napi-rs-cli + pkg-config + python3 + rustc + rustPlatform.cargoCheckHook + rustPlatform.cargoSetupHook + ]; + + buildInputs = [ + glib + gtk3 + libsecret + ]; + + preBuild = '' + if [[ $(jq --raw-output '.devDependencies.electron' < package.json | grep -E --only-matching '^[0-9]+') != ${lib.escapeShellArg (lib.versions.major electron.version)} ]]; then + echo 'ERROR: electron version mismatch' + exit 1 + fi + ''; + + postBuild = '' + pushd apps/desktop + + # desktop_native/index.js loads a file of that name regarldess of the libc being used + mv desktop_native/desktop_native.* desktop_native/desktop_native.linux-x64-musl.node + + npm exec electron-builder -- \ + --dir \ + -c.electronDist=${electron}/libexec/electron \ + -c.electronVersion=${electron.version} + + popd + ''; + + doCheck = true; + + nativeCheckInputs = [ + dbus + (gnome.gnome-keyring.override { useWrappedDaemon = false; }) + ]; + + checkFlags = [ + "--skip=password::password::tests::test" + ]; + + checkPhase = '' + runHook preCheck + + pushd ${cargoRoot} + export HOME=$(mktemp -d) + export -f cargoCheckHook runHook _eval _callImplicitHook + export cargoCheckType=release + dbus-run-session \ + --config-file=${dbus}/share/dbus-1/session.conf \ + -- bash -e -c cargoCheckHook + popd + + runHook postCheck + ''; + + installPhase = '' + runHook preInstall + + mkdir $out + + pushd apps/desktop/dist/linux-unpacked + mkdir -p $out/opt/Bitwarden + cp -r locales resources{,.pak} $out/opt/Bitwarden + popd + + makeWrapper '${electron}/bin/electron' "$out/bin/bitwarden" \ + --add-flags $out/opt/Bitwarden/resources/app.asar \ + --add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --enable-features=WaylandWindowDecorations}}" \ + --set-default ELECTRON_IS_DEV 0 \ + --inherit-argv0 + + pushd apps/desktop/resources/icons + for icon in *.png; do + dir=$out/share/icons/hicolor/"''${icon%.png}"/apps + mkdir -p "$dir" + cp "$icon" "$dir"/${icon}.png + done + popd + + runHook postInstall + ''; + + desktopItems = [ + (makeDesktopItem { + name = "bitwarden"; + exec = "bitwarden %U"; + inherit icon; + comment = description; + desktopName = "Bitwarden"; + categories = [ "Utility" ]; + }) + ]; + + meta = { + changelog = "https://github.com/bitwarden/clients/releases/tag/${src.rev}"; + inherit description; + homepage = "https://bitwarden.com"; + license = lib.licenses.gpl3; + maintainers = with lib.maintainers; [ amarshall kiwi ]; + platforms = [ "x86_64-linux" ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bkcrack/default.nix b/nixpkgs/pkgs/tools/security/bkcrack/default.nix new file mode 100644 index 000000000000..e2ed76743c4c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bkcrack/default.nix @@ -0,0 +1,36 @@ +{ lib +, stdenv +, fetchFromGitHub +, cmake +, openmp +}: + +stdenv.mkDerivation rec { + pname = "bkcrack"; + version = "1.5.0"; + + src = fetchFromGitHub { + owner = "kimci86"; + repo = pname; + rev = "v${version}"; + hash = "sha256-iyx4mOTr6MHECk9S9zrIAE5pt+cxWnOKS7iQPUyWfzs="; + }; + + nativeBuildInputs = [ cmake ]; + buildInputs = [ openmp ]; + + postInstall = '' + mkdir -p $out/bin $out/share/licenses/bkcrack + mv $out/bkcrack $out/bin/ + mv $out/license.txt $out/share/licenses/bkcrack + rm -r $out/example $out/tools $out/readme.md + ''; + + meta = with lib; { + description = "Crack legacy zip encryption with Biham and Kocher's known plaintext attack"; + homepage = "https://github.com/kimci86/bkcrack"; + license = licenses.zlib; + platforms = platforms.unix; + maintainers = with maintainers; [ erdnaxe ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bloodhound-py/default.nix b/nixpkgs/pkgs/tools/security/bloodhound-py/default.nix new file mode 100644 index 000000000000..197be429bee9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bloodhound-py/default.nix @@ -0,0 +1,31 @@ +{ lib +, fetchPypi +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "bloodhound-py"; + version = "1.6.1"; + + src = fetchPypi { + inherit version; + pname = "bloodhound"; + hash = "sha256-SRP74I5euKJErnSkm6OSdAwznv/ZQeEtNG4XofnIEec="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + impacket + ldap3 + dnspython + ]; + + # the package has no tests + doCheck = false; + + meta = with lib; { + description = "Ingestor for BloodHound"; + homepage = "https://github.com/fox-it/BloodHound.py"; + license = licenses.mit; + maintainers = with maintainers; [ exploitoverload ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bmrsa/11.nix b/nixpkgs/pkgs/tools/security/bmrsa/11.nix new file mode 100644 index 000000000000..932566c65060 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bmrsa/11.nix @@ -0,0 +1,29 @@ +{ lib, stdenv, fetchurl, unzip }: + +stdenv.mkDerivation rec { + pname = "bmrsa"; + version = "11"; + + src = fetchurl { + url = "mirror://sourceforge/bmrsa/bmrsa${version}.zip"; + sha256 = "0ksd9xkvm9lkvj4yl5sl0zmydp1wn3xhc55b28gj70gi4k75kcl4"; + }; + + nativeBuildInputs = [ unzip ]; + + unpackPhase = '' + mkdir bmrsa + cd bmrsa + unzip ${src} + sed -e 's/gcc/g++/' -i Makefile + mkdir -p $out/bin + echo -e 'install:\n\tcp bmrsa '$out'/bin' >> Makefile + ''; + + meta = with lib; { + description = "RSA utility"; + homepage = "http://bmrsa.sourceforge.net/"; + license = licenses.gpl2Only; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/boofuzz/default.nix b/nixpkgs/pkgs/tools/security/boofuzz/default.nix new file mode 100644 index 000000000000..37724d87394d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/boofuzz/default.nix @@ -0,0 +1,62 @@ +{ lib +, stdenv +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "boofuzz"; + version = "0.4.1"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "jtpereyda"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-mbxImm5RfYWq1JCCSvvG58Sxv2ad4BOh+RLvtNjQCKE="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + attrs + click + colorama + flask + funcy + future + psutil + pyserial + pydot + six + tornado + ]; + + nativeCheckInputs = with python3.pkgs; [ + mock + netifaces + pytest-bdd + pytestCheckHook + ]; + + disabledTests = [ + "TestNetworkMonitor" + "TestNoResponseFailure" + "TestProcessMonitor" + "TestSocketConnection" + # SyntaxError: invalid syntax, https://github.com/jtpereyda/boofuzz/issues/663 + "test_msg_60_bytes" + ] ++ lib.optionals stdenv.isDarwin [ + "test_time_repeater" + ]; + + pythonImportsCheck = [ + "boofuzz" + ]; + + meta = with lib; { + description = "Network protocol fuzzing tool"; + homepage = "https://github.com/jtpereyda/boofuzz"; + changelog = "https://github.com/jtpereyda/boofuzz/blob/v${version}/CHANGELOG.rst"; + license = with licenses; [ gpl2Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bpb/default.nix b/nixpkgs/pkgs/tools/security/bpb/default.nix new file mode 100644 index 000000000000..88eeb7c254d0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bpb/default.nix @@ -0,0 +1,32 @@ +{ stdenv +, lib +, rustPlatform +, fetchFromGitHub +, Security +}: + +rustPlatform.buildRustPackage rec { + pname = "bpb"; + version = "unstable-2018-07-27"; + + src = fetchFromGitHub { + owner = "withoutboats"; + repo = "bpb"; + rev = "b1ef5ca1d2dea0e2ec0b1616f087f110ea17adfa"; + sha256 = "sVfM8tlAsF4uKLxl3g/nSYgOx+znHIdPalSIiCd18o4="; + }; + + cargoSha256 = "7cARRJWRxF1kMySX6KcB6nrVf8k1p/nr3OyAwNLmztc="; + + # a nightly compiler is required unless we use this cheat code. + RUSTC_BOOTSTRAP = 1; + + buildInputs = lib.optional stdenv.isDarwin Security; + + meta = with lib; { + description = "Tool to automatically sign git commits, replacing gpg for that purpose"; + homepage = "https://github.com/withoutboats/bpb"; + license = licenses.mit; + maintainers = with maintainers; [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/browserpass/default.nix b/nixpkgs/pkgs/tools/security/browserpass/default.nix new file mode 100644 index 000000000000..73c40a718c28 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/browserpass/default.nix @@ -0,0 +1,72 @@ +{ lib +, stdenv +, buildGoModule +, fetchFromGitHub +, gnupg +, makeWrapper +, autoPatchelfHook +, testers +, browserpass +}: + +buildGoModule rec { + pname = "browserpass"; + version = "3.1.0"; + + src = fetchFromGitHub { + owner = "browserpass"; + repo = "browserpass-native"; + rev = version; + sha256 = "sha256-UZzOPRRiCUIG7uSSp9AEPMDN/+4cgyK47RhrI8oUx8U="; + }; + + nativeBuildInputs = [ makeWrapper ] ++ lib.optionals stdenv.isLinux [ autoPatchelfHook ]; + + vendorHash = "sha256-CjuH4ANP2bJDeA+o+1j+obbtk5/NVLet/OFS3Rms4r0="; + + doCheck = stdenv.buildPlatform.canExecute stdenv.hostPlatform; + + postPatch = '' + # Because this Makefile will be installed to be used by the user, patch + # variables to be valid by default + substituteInPlace Makefile \ + --replace "PREFIX ?= /usr" "" + sed -i -e 's/SED =.*/SED = sed/' Makefile + sed -i -e 's/INSTALL =.*/INSTALL = install/' Makefile + ''; + + DESTDIR = placeholder "out"; + + postConfigure = '' + make configure + ''; + + buildPhase = '' + make browserpass + ''; + + checkTarget = "test"; + + installPhase = '' + make install + + wrapProgram $out/bin/browserpass \ + --suffix PATH : ${lib.makeBinPath [ gnupg ]} + + # This path is used by our firefox wrapper for finding native messaging hosts + mkdir -p $out/lib/mozilla/native-messaging-hosts + ln -s $out/lib/browserpass/hosts/firefox/*.json $out/lib/mozilla/native-messaging-hosts + ''; + + passthru.tests.version = testers.testVersion { + package = browserpass; + command = "browserpass --version"; + }; + + meta = with lib; { + description = "Browserpass native client app"; + homepage = "https://github.com/browserpass/browserpass-native"; + license = licenses.isc; + maintainers = with maintainers; [ rvolosatovs infinisil ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bruteforce-luks/default.nix b/nixpkgs/pkgs/tools/security/bruteforce-luks/default.nix new file mode 100644 index 000000000000..084368c105b2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bruteforce-luks/default.nix @@ -0,0 +1,35 @@ +{ lib, stdenv, fetchFromGitHub, autoreconfHook, cryptsetup }: + +stdenv.mkDerivation rec { + pname = "bruteforce-luks"; + version = "1.4.0"; + + src = fetchFromGitHub { + sha256 = "0yyrda077avdapq1mvavgv5mvj2r94d6p01q56bbnaq4a3h5kfd6"; + rev = version; + repo = "bruteforce-luks"; + owner = "glv2"; + }; + + nativeBuildInputs = [ autoreconfHook ]; + buildInputs = [ cryptsetup ]; + + enableParallelBuilding = true; + + doCheck = true; + + meta = with lib; { + inherit (src.meta) homepage; + description = "Cracks passwords of LUKS encrypted volumes"; + longDescription = '' + The program tries to decrypt at least one of the key slots by trying + all the possible passwords. It is especially useful if you know + something about the password (i.e. you forgot a part of your password but + still remember most of it). Finding the password of a volume without + knowing anything about it would take way too much time (unless the + password is really short and/or weak). It can also use a dictionary. + ''; + license = licenses.gpl3Plus; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/brutespray/default.nix b/nixpkgs/pkgs/tools/security/brutespray/default.nix new file mode 100644 index 000000000000..9b7ad8c1a666 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/brutespray/default.nix @@ -0,0 +1,50 @@ +{ lib +, stdenv +, python3 +, fetchFromGitHub +, makeWrapper +, medusa +}: + +stdenv.mkDerivation rec { + pname = "brutespray"; + version = "1.8.1"; + + src = fetchFromGitHub { + owner = "x90skysn3k"; + repo = pname; + rev = "${pname}-${version}"; + sha256 = "sha256-O9HOsj0R6oHI7jjG4FBqbrSAQSVomgeD7tyPDNCNmIo="; + }; + + postPatch = '' + substituteInPlace brutespray.py \ + --replace "/usr/share/brutespray" "$out/share/brutespray" + ''; + + dontBuild = true; + nativeBuildInputs = [ python3.pkgs.wrapPython makeWrapper ]; + buildInputs = [ python3 ]; + + installPhase = '' + install -Dm0755 brutespray.py $out/bin/brutespray + patchShebangs $out/bin + patchPythonScript $out/bin/brutespray + wrapProgram $out/bin/brutespray \ + --prefix PATH : ${lib.makeBinPath [ medusa ]} + + mkdir -p $out/share/brutespray + cp -r wordlist/ $out/share/brutespray/wordlist + ''; + + meta = with lib; { + homepage = "https://github.com/x90skysn3k/brutespray"; + description = "Tool to do brute-forcing from Nmap output"; + longDescription = '' + This tool automatically attempts default credentials on found services + directly from Nmap output. + ''; + license = licenses.mit; + maintainers = with maintainers; [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bundler-audit/Gemfile b/nixpkgs/pkgs/tools/security/bundler-audit/Gemfile new file mode 100644 index 000000000000..f9fb0e329bd4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bundler-audit/Gemfile @@ -0,0 +1,2 @@ +source 'https://rubygems.org' +gem 'bundler-audit' diff --git a/nixpkgs/pkgs/tools/security/bundler-audit/Gemfile.lock b/nixpkgs/pkgs/tools/security/bundler-audit/Gemfile.lock new file mode 100644 index 000000000000..5d51735440d6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bundler-audit/Gemfile.lock @@ -0,0 +1,16 @@ +GEM + remote: https://rubygems.org/ + specs: + bundler-audit (0.9.1) + bundler (>= 1.2.0, < 3) + thor (~> 1.0) + thor (1.2.1) + +PLATFORMS + ruby + +DEPENDENCIES + bundler-audit + +BUNDLED WITH + 2.3.9 diff --git a/nixpkgs/pkgs/tools/security/bundler-audit/default.nix b/nixpkgs/pkgs/tools/security/bundler-audit/default.nix new file mode 100644 index 000000000000..c24831f26b06 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bundler-audit/default.nix @@ -0,0 +1,29 @@ +{ bundlerEnv, ruby, lib, bundlerUpdateScript }: + +bundlerEnv rec { + name = "${pname}-${version}"; + pname = "bundler-audit"; + version = (import ./gemset.nix).bundler-audit.version; + + inherit ruby; + gemdir = ./.; + + passthru.updateScript = bundlerUpdateScript "bundler-audit"; + + meta = with lib; { + description = "Patch-level verification for Bundler"; + longDescription = '' + Features: + - Checks for vulnerable versions of gems in Gemfile.lock. + - Checks for insecure gem sources (http://). + - Allows ignoring certain advisories that have been manually worked around. + - Prints advisory information. + - Does not require a network connection. + ''; + homepage = "https://github.com/rubysec/bundler-audit"; + changelog = "https://github.com/rubysec/bundler-audit/blob/v${version}/ChangeLog.md"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ primeos nicknovitski ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bundler-audit/gemset.nix b/nixpkgs/pkgs/tools/security/bundler-audit/gemset.nix new file mode 100644 index 000000000000..bbe7a0e8274b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bundler-audit/gemset.nix @@ -0,0 +1,23 @@ +{ + bundler-audit = { + dependencies = ["thor"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0gdx0019vj04n1512shhdx7hwphzqmdpw4vva2k551nd47y1dixx"; + type = "gem"; + }; + version = "0.9.1"; + }; + thor = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0inl77jh4ia03jw3iqm5ipr76ghal3hyjrd6r8zqsswwvi9j2xdi"; + type = "gem"; + }; + version = "1.2.1"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/buttercup-desktop/default.nix b/nixpkgs/pkgs/tools/security/buttercup-desktop/default.nix new file mode 100644 index 000000000000..4138acb2cedf --- /dev/null +++ b/nixpkgs/pkgs/tools/security/buttercup-desktop/default.nix @@ -0,0 +1,32 @@ +{ lib, fetchurl, appimageTools }: + +let + pname = "buttercup-desktop"; + version = "2.20.3"; + src = fetchurl { + url = "https://github.com/buttercup/buttercup-desktop/releases/download/v${version}/Buttercup-linux-x86_64.AppImage"; + sha256 = "sha256-e7CZjJSkAAkNn73Z3cg+D5SUdReBp6pqz7zKrbkHs38="; + }; + appimageContents = appimageTools.extractType2 { inherit pname src version; }; + +in appimageTools.wrapType2 { + inherit pname src version; + + extraPkgs = pkgs: (appimageTools.defaultFhsEnvArgs.multiPkgs pkgs) ++ [ pkgs.libsecret ]; + + extraInstallCommands = '' + mv $out/bin/${pname}-${version} $out/bin/${pname} + install -m 444 -D ${appimageContents}/buttercup.desktop -t $out/share/applications + substituteInPlace $out/share/applications/buttercup.desktop \ + --replace 'Exec=AppRun' 'Exec=${pname}' + cp -r ${appimageContents}/usr/share/icons $out/share + ''; + + meta = with lib; { + description = "Cross-Platform Passwords & Secrets Vault"; + homepage = "https://buttercup.pw"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ wolfangaukang ]; + platforms = [ "x86_64-linux" ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/bws/default.nix b/nixpkgs/pkgs/tools/security/bws/default.nix new file mode 100644 index 000000000000..5c3987319109 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/bws/default.nix @@ -0,0 +1,53 @@ +{ lib +, rustPlatform +, fetchFromGitHub +, pkg-config +, oniguruma +, openssl +, stdenv +, darwin +, python3 +}: + +rustPlatform.buildRustPackage rec { + pname = "bws"; + version = "0.3.0"; + + src = fetchFromGitHub { + owner = "bitwarden"; + repo = "sdk"; + rev = "bws-v${version}"; + hash = "sha256-o+tmO9E881futhA/fN6+EX2yEBKnKUmKk/KilIt5vYY="; + }; + + cargoHash = "sha256-nmsAfXNn1nqmqHzGD7jl2JNrif/nJycCJZWZYjv7G4c="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = + [ + oniguruma + openssl + ] + ++ lib.optionals stdenv.isDarwin [ + darwin.apple_sdk.frameworks.Security + ]; + + env = { + PYO3_PYTHON = "${python3}/bin/python3"; + RUSTONIG_SYSTEM_LIBONIG = true; + }; + + buildAndTestSubdir = "crates/bws"; + + meta = { + changelog = "https://github.com/bitwarden/sdk/blob/${src.rev}/CHANGELOG.md"; + description = "Bitwarden Secrets Manager CLI"; + homepage = "https://github.com/bitwarden/sdk"; + license = lib.licenses.unfree; # BITWARDEN SOFTWARE DEVELOPMENT KIT LICENSE AGREEMENT + mainProgram = "bws"; + maintainers = with lib.maintainers; [ dit7ya ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cameradar/default.nix b/nixpkgs/pkgs/tools/security/cameradar/default.nix new file mode 100644 index 000000000000..2182fe3b0b7b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cameradar/default.nix @@ -0,0 +1,45 @@ +{ lib +, buildGoModule +, curl +, fetchFromGitHub +, pkg-config +}: + +buildGoModule rec { + pname = "cameradar"; + version = "5.0.2"; + + src = fetchFromGitHub { + owner = "Ullaakut"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-GOqmz/aiOLGMfs9rQBIEQSgBycPzhu8BohcAc2U+gBw="; + }; + + vendorHash = "sha256-AIi57DWMvAKl0PhuwHO/0cHoDKk5e0bJsqHYBka4NiU="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + curl + ]; + + subPackages = [ + "cmd/cameradar" + ]; + # At least one test is outdated + #doCheck = false; + + meta = with lib; { + description = "RTSP stream access tool"; + homepage = "https://github.com/Ullaakut/cameradar"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + # Upstream issue, doesn't build with latest curl, see + # https://github.com/Ullaakut/cameradar/issues/320 + # https://github.com/andelf/go-curl/issues/84 + broken = true; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cariddi/default.nix b/nixpkgs/pkgs/tools/security/cariddi/default.nix new file mode 100644 index 000000000000..6a41ce214d1d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cariddi/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "cariddi"; + version = "1.3.2"; + + src = fetchFromGitHub { + owner = "edoardottt"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-oM4A4chSBTiCMr3bW0AvjAFlyuqvKKKY2Ji4PYRsUqA="; + }; + + vendorHash = "sha256-EeoJssX/OkIJKltANfvMirvDVmVVIe9hDj+rThKpd10="; + + meta = with lib; { + description = "Crawler for URLs and endpoints"; + homepage = "https://github.com/edoardottt/cariddi"; + changelog = "https://github.com/edoardottt/cariddi/releases/tag/v${version}"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ccid/default.nix b/nixpkgs/pkgs/tools/security/ccid/default.nix new file mode 100644 index 000000000000..821d0a8d6be6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ccid/default.nix @@ -0,0 +1,30 @@ +{ lib, stdenv, fetchurl, pcsclite, pkg-config, libusb1, perl }: + +stdenv.mkDerivation rec { + pname = "ccid"; + version = "1.5.2"; + + src = fetchurl { + url = "https://ccid.apdu.fr/files/${pname}-${version}.tar.bz2"; + sha256 = "sha256-E5NEh+b4tI9pmhbTZ8x6GvejyodN5yGsbpYzvrhuchk="; + }; + + postPatch = '' + patchShebangs . + substituteInPlace src/Makefile.in --replace /bin/echo echo + ''; + + preConfigure = '' + configureFlagsArray+=("--enable-usbdropdir=$out/pcsc/drivers") + ''; + + nativeBuildInputs = [ pkg-config perl ]; + buildInputs = [ pcsclite libusb1 ]; + + meta = with lib; { + description = "ccid drivers for pcsclite"; + homepage = "https://ccid.apdu.fr/"; + license = licenses.gpl2Plus; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ccrypt/default.nix b/nixpkgs/pkgs/tools/security/ccrypt/default.nix new file mode 100644 index 000000000000..9da5a6d42c55 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ccrypt/default.nix @@ -0,0 +1,23 @@ +{lib, stdenv, fetchurl, perl}: + +stdenv.mkDerivation rec { + pname = "ccrypt"; + version = "1.11"; + + src = fetchurl { + url = "mirror://sourceforge/ccrypt/ccrypt-${version}.tar.gz"; + sha256 = "0kx4a5mhmp73ljknl2lcccmw9z3f5y8lqw0ghaymzvln1984g75i"; + }; + + nativeBuildInputs = [ perl ]; + + hardeningDisable = [ "format" ]; + + meta = { + homepage = "https://ccrypt.sourceforge.net/"; + description = "Utility for encrypting and decrypting files and streams with AES-256"; + license = lib.licenses.gpl2Plus; + maintainers = with lib.maintainers; [viric]; + platforms = with lib.platforms; all; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cdk-go/default.nix b/nixpkgs/pkgs/tools/security/cdk-go/default.nix new file mode 100644 index 000000000000..79040fb2749d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cdk-go/default.nix @@ -0,0 +1,32 @@ +{ lib +, stdenv +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "cdk-go"; + version = "1.5.2"; + + src = fetchFromGitHub { + owner = "cdk-team"; + repo = "CDK"; + rev = "refs/tags/v${version}"; + hash = "sha256-jgGOSlhlLO1MU1mHWZgw+ov4IrZwMo2GdG6L25ah9Z8="; + }; + + vendorHash = "sha256-aJN/d/BxmleRXKw6++k6e0Vb0Gs5zg1QfakviABYTog="; + + # At least one test is outdated + doCheck = false; + + meta = with lib; { + description = "Container penetration toolkit"; + homepage = "https://github.com/cdk-team/CDK"; + changelog = "https://github.com/cdk-team/CDK/releases/tag/v${version}"; + license = with licenses; [ gpl2Only ]; + maintainers = with maintainers; [ fab ]; + mainProgram = "cdk"; + broken = stdenv.isDarwin; # needs to update gopsutil to at least v3.21.3 to include https://github.com/shirou/gopsutil/pull/1042 + }; +} diff --git a/nixpkgs/pkgs/tools/security/cdxgen/default.nix b/nixpkgs/pkgs/tools/security/cdxgen/default.nix new file mode 100644 index 000000000000..ffdd977da416 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cdxgen/default.nix @@ -0,0 +1,27 @@ +{ lib +, fetchFromGitHub +, buildNpmPackage +}: + +buildNpmPackage rec { + pname = "cdxgen"; + version = "6.0.14"; + + src = fetchFromGitHub { + owner = "AppThreat"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-ddeX2EwA2g6wgfsNxf/5ZVsQOHlINGhxif/y6368wCw="; + }; + + npmDepsHash = "sha256-CJ939wT9dKUzMDH2yHKgT056F2AVBevJlS/NhUBjx0E="; + + dontNpmBuild = true; + + meta = with lib; { + description = "Creates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images"; + homepage = "https://github.com/AppThreat/cdxgen"; + license = licenses.asl20; + maintainers = with maintainers; [ dit7ya ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/certdump/default.nix b/nixpkgs/pkgs/tools/security/certdump/default.nix new file mode 100644 index 000000000000..7b5b6744b345 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/certdump/default.nix @@ -0,0 +1,43 @@ +{ lib +, buildDotnetModule +, fetchFromGitHub +, dotnetCorePackages +, callPackage +}: + +buildDotnetModule rec { + pname = "certdump"; + version = "unstable-2023-07-12"; + + src = fetchFromGitHub { + owner = "secana"; + repo = "CertDump"; + rev = "1300005115786b3c214d73fa506de2de06a62cbb"; + sha256 = "sha256-VqKOoW4fAXr0MtY5rgWvRqay1dazF+ZpzJUHkDeXpPs="; + }; + + projectFile = [ "CertDump.sln" ]; + nugetDeps = ./deps.nix; + + selfContainedBuild = true; + executables = [ "CertDump" ]; + xBuildFiles = [ "CertDump/CertDump.csproj" ]; + + dotnet-runtime = dotnetCorePackages.aspnetcore_7_0; + dotnet-sdk = dotnetCorePackages.sdk_7_0; + + dotnetFlags = [ + "-property:ImportByWildcardBeforeSolution=false" + "-property:GenerateAssemblyInfo=false" + ]; + + meta = with lib; { + description = "Dump certificates from PE files in different formats"; + homepage = "https://github.com/secana/CertDump"; + longDescription = '' + Cross-Platform tool to dump the signing certificate from a Portable Executable (PE) file. + ''; + license = licenses.asl20; + maintainers = [ maintainers.baloo ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/certdump/deps.nix b/nixpkgs/pkgs/tools/security/certdump/deps.nix new file mode 100644 index 000000000000..cd7641823629 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/certdump/deps.nix @@ -0,0 +1,28 @@ +# This file was automatically generated by passthru.fetch-deps. +# Please dont edit it manually, your changes might get overwritten! + +{ fetchNuGet }: [ + (fetchNuGet { pname = "CommandLineParser"; version = "2.9.1"; sha256 = "1sldkj8lakggn4hnyabjj1fppqh50fkdrr1k99d4gswpbk5kv582"; }) + (fetchNuGet { pname = "Microsoft.AspNetCore.App.Ref"; version = "5.0.0"; sha256 = "0d7sjr89zwq0wxirf8la05hfalv9nhvlczg1c7a508k8aw79jvfg"; }) + (fetchNuGet { pname = "Microsoft.AspNetCore.App.Runtime.linux-arm64"; version = "5.0.17"; sha256 = "183xgqzlwd5lhacxdwcjl8vcq7r7xypv0hddps9k32mmmwf83d8h"; }) + (fetchNuGet { pname = "Microsoft.AspNetCore.App.Runtime.linux-x64"; version = "5.0.17"; sha256 = "066fwdlssbv556zd9w1x87x1j8j4kafj9rxyy0692bssdb4gcyc8"; }) + (fetchNuGet { pname = "Microsoft.AspNetCore.App.Runtime.osx-x64"; version = "5.0.17"; sha256 = "1qvvqf8mmzzc7a7fhx324dprnbxhknr3qxspb2xhsn3yyg44xn2d"; }) + (fetchNuGet { pname = "Microsoft.DotNet.ILCompiler"; version = "7.0.9"; sha256 = "06hg5q1nbbqcz2s2pl8g941jmjzfl3x06hcpi8km4ikzvp25l5bd"; }) + (fetchNuGet { pname = "Microsoft.NETCore.App.Host.linux-arm64"; version = "5.0.17"; sha256 = "07v7vyqm556xr1ypkazfp6gh6drgf20zkwbhkpja8bwdcr6lphbb"; }) + (fetchNuGet { pname = "Microsoft.NETCore.App.Host.linux-x64"; version = "5.0.17"; sha256 = "1lc2jhr4ikffi5ylyf8f6ya6k0hdj0wp1l0017grrwd4m5ajj4vv"; }) + (fetchNuGet { pname = "Microsoft.NETCore.App.Host.osx-x64"; version = "5.0.17"; sha256 = "02g5w41ivrw3n6cy3l3ixhcl8bw1fsv4bzs2m34k9h5fqmliaf3c"; }) + (fetchNuGet { pname = "Microsoft.NETCore.App.Ref"; version = "5.0.0"; sha256 = "1p62khf9zk23lh91lvz7plv3g1nzmm3b5szqrcm6mb8w3sjk03wi"; }) + (fetchNuGet { pname = "Microsoft.NETCore.App.Runtime.linux-arm64"; version = "5.0.17"; sha256 = "16whaq82pj6fqa0vam3a0va9ly843aa1z12hza040vn6252kk9fq"; }) + (fetchNuGet { pname = "Microsoft.NETCore.App.Runtime.linux-x64"; version = "5.0.17"; sha256 = "0jgcfs3jc98jfyaaamssznckbpnaygplk8pjsp6dswpansz5bnnq"; }) + (fetchNuGet { pname = "Microsoft.NETCore.App.Runtime.osx-x64"; version = "5.0.17"; sha256 = "1ph5kx18syinp8bpzw80bgq3njl65gwzws727xcmxnysgm7snmjp"; }) + (fetchNuGet { pname = "PeNet"; version = "3.0.0"; sha256 = "1qbb970b4f6ymic1l7cy3kdkgy0605wpm0nyqa50mkzdq03c192j"; }) + (fetchNuGet { pname = "PeNet.Asn1"; version = "2.0.1"; sha256 = "14nzz1w69bcxnc2yhfca4g5ahl53czfpbmbv32w0cf2mpssjk4na"; }) + (fetchNuGet { pname = "runtime.linux-arm64.Microsoft.DotNet.ILCompiler"; version = "7.0.9"; sha256 = "0hpbb13459izw1c5qw7lh1sy5fbnmg7n8977jci5far584zbf3im"; }) + (fetchNuGet { pname = "runtime.linux-x64.Microsoft.DotNet.ILCompiler"; version = "7.0.9"; sha256 = "0crf80nb3pw4wr83bvsx7f48i63f2l1b2zc18sny4xhqlvbcfick"; }) + (fetchNuGet { pname = "runtime.osx-x64.Microsoft.DotNet.ILCompiler"; version = "7.0.9"; sha256 = "1370mahfnshdy63vlxbyqpbhmv5rby5azfbnyc72xb7zglf9aqcb"; }) + (fetchNuGet { pname = "System.Buffers"; version = "4.5.1"; sha256 = "04kb1mdrlcixj9zh1xdi5as0k0qi8byr5mi3p3jcxx72qz93s2y3"; }) + (fetchNuGet { pname = "System.Formats.Asn1"; version = "7.0.0"; sha256 = "1a14kgpqz4k7jhi7bs2gpgf67ym5wpj99203zxgwjypj7x47xhbq"; }) + (fetchNuGet { pname = "System.Memory"; version = "4.5.5"; sha256 = "08jsfwimcarfzrhlyvjjid61j02irx6xsklf32rv57x2aaikvx0h"; }) + (fetchNuGet { pname = "System.Security.Cryptography.Cng"; version = "5.0.0"; sha256 = "06hkx2za8jifpslkh491dfwzm5dxrsyxzj5lsc0achb6yzg4zqlw"; }) + (fetchNuGet { pname = "System.Security.Cryptography.Pkcs"; version = "7.0.0"; sha256 = "0834gh4k84xbv73mk6s9djkksq3bd6m2k1ixincjnaawv0pyz7fw"; }) +] diff --git a/nixpkgs/pkgs/tools/security/certgraph/default.nix b/nixpkgs/pkgs/tools/security/certgraph/default.nix new file mode 100644 index 000000000000..da8f8358d799 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/certgraph/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "certgraph"; + version = "20220513"; + + src = fetchFromGitHub { + owner = "lanrat"; + repo = pname; + rev = version; + sha256 = "sha256-7tvPiJHZE9X7I79DFNF1ZAQiaAkrtrXiD2fY7AkbWMk="; + }; + + vendorHash = "sha256-ErTn7pUCtz6ip2kL8FCe+3Rhs876xtqto+z5nZqQ6cI="; + + meta = with lib; { + description = "Intelligence tool to crawl the graph of certificate alternate names"; + homepage = "https://github.com/lanrat/certgraph"; + license = with licenses; [ gpl2Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/certmgr/default.nix b/nixpkgs/pkgs/tools/security/certmgr/default.nix new file mode 100644 index 000000000000..e2318c853f11 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/certmgr/default.nix @@ -0,0 +1,43 @@ +{ lib, buildGoPackage, fetchFromGitHub, fetchpatch }: + +let + generic = { patches ? [] }: + buildGoPackage rec { + version = "1.6.4"; + pname = "certmgr"; + + goPackagePath = "github.com/cloudflare/certmgr/"; + + src = fetchFromGitHub { + owner = "cloudflare"; + repo = "certmgr"; + rev = "v${version}"; + sha256 = "0glvyp61ya21pdm2bsvq3vfhmmxc2998vxc6hiyc79ijsv9n6jqi"; + }; + + inherit patches; + + meta = with lib; { + homepage = "https://cfssl.org/"; + description = "Cloudflare's certificate manager"; + platforms = platforms.linux; + license = licenses.bsd2; + maintainers = with maintainers; [ johanot srhb ]; + }; + }; +in +{ + certmgr = generic {}; + + certmgr-selfsigned = generic { + # The following patch makes it possible to use a self-signed x509 cert + # for the cfssl apiserver. + # TODO: remove patch when PR is merged. + patches = [ + (fetchpatch { + url = "https://github.com/cloudflare/certmgr/pull/51.patch"; + sha256 = "0jhsw159d2mgybvbbn6pmvj4yqr5cwcal5fjwkcn9m4f4zlb6qrs"; + }) + ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/certstrap/default.nix b/nixpkgs/pkgs/tools/security/certstrap/default.nix new file mode 100644 index 000000000000..8808b98985f8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/certstrap/default.nix @@ -0,0 +1,34 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "certstrap"; + version = "1.3.0"; + + src = fetchFromGitHub { + owner = "square"; + repo = "certstrap"; + rev = "v${version}"; + sha256 = "sha256-mbZtomR8nnawXr3nGVSEuVObe79M1CqTlYN/aEpKmcU="; + }; + + vendorHash = "sha256-r7iYhTmFKTjfv11fEerC72M7JBp64rWfbkoTKzObNqM="; + + subPackages = [ "." ]; + + ldflags = [ "-X main.release=${version}" ]; + + meta = with lib; { + description = "Tools to bootstrap CAs, certificate requests, and signed certificates"; + longDescription = '' + A simple certificate manager written in Go, to bootstrap your own + certificate authority and public key infrastructure. Adapted from etcd-ca. + ''; + homepage = "https://github.com/square/certstrap"; + changelog = "https://github.com/square/certstrap/releases/tag/${src.rev}"; + license = licenses.asl20; + maintainers = with maintainers; [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/certsync/default.nix b/nixpkgs/pkgs/tools/security/certsync/default.nix new file mode 100644 index 000000000000..15878c7826fb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/certsync/default.nix @@ -0,0 +1,37 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "certsync"; + version = "unstable-2023-04-14"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "zblurx"; + repo = "certsync"; + rev = "f3c8b61f0967a6403d4c592dcbfa8921682452a6"; + hash = "sha256-7Pzss83jf3zKmgQZki18R47OWn5VniZZ/d4N8JgZs+0="; + }; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + certipy-ad + tqdm + ]; + + pythonImportsCheck = [ + "certsync" + ]; + + meta = with lib; { + description = "Dump NTDS with golden certificates and UnPAC the hash"; + homepage = "https://github.com/zblurx/certsync"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cewl/Gemfile b/nixpkgs/pkgs/tools/security/cewl/Gemfile new file mode 100644 index 000000000000..97d9ae757acc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cewl/Gemfile @@ -0,0 +1,8 @@ +source 'https://rubygems.org' +gem 'mime' +gem 'mime-types', ">=3.3.1" +gem 'mini_exiftool' +gem 'nokogiri' +gem 'rexml' +gem 'rubyzip' +gem 'spider' diff --git a/nixpkgs/pkgs/tools/security/cewl/Gemfile.lock b/nixpkgs/pkgs/tools/security/cewl/Gemfile.lock new file mode 100644 index 000000000000..85bb2eb4b822 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cewl/Gemfile.lock @@ -0,0 +1,31 @@ +GEM + remote: https://rubygems.org/ + specs: + mime (0.4.4) + mime-types (3.3.1) + mime-types-data (~> 3.2015) + mime-types-data (3.2021.0704) + mini_exiftool (2.10.2) + mini_portile2 (2.5.3) + nokogiri (1.11.7) + mini_portile2 (~> 2.5.0) + racc (~> 1.4) + racc (1.5.2) + rexml (3.2.5) + rubyzip (2.3.2) + spider (0.5.4) + +PLATFORMS + ruby + +DEPENDENCIES + mime + mime-types (>= 3.3.1) + mini_exiftool + nokogiri + rexml + rubyzip + spider + +BUNDLED WITH + 2.1.4 diff --git a/nixpkgs/pkgs/tools/security/cewl/default.nix b/nixpkgs/pkgs/tools/security/cewl/default.nix new file mode 100644 index 000000000000..06d983c14e36 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cewl/default.nix @@ -0,0 +1,33 @@ +{ stdenv, lib, fetchFromGitHub, bundlerEnv }: + +let + rubyEnv = bundlerEnv { + name = "cewl-ruby-env"; + gemdir = ./.; + }; +in +stdenv.mkDerivation rec { + pname = "cewl"; + version = "5.5.2"; + src = fetchFromGitHub { + owner = "digininja"; + repo = "CeWL"; + rev = version; + sha256 = "sha256-5LTZUr3OMeu1NODhIgBiVqtQnUWYfZTm73q61vT3rXc="; + }; + + buildInputs = [ rubyEnv.wrappedRuby ]; + + installPhase = '' + mkdir -p $out/bin + cp *.rb $out/bin/ + mv $out/bin/cewl.rb $out/bin/cewl + ''; + + meta = with lib; { + description = "Custom wordlist generator"; + homepage = "https://digi.ninja/projects/cewl.php/"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ elohmeier ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cewl/gemset.nix b/nixpkgs/pkgs/tools/security/cewl/gemset.nix new file mode 100644 index 000000000000..851a6d2442d3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cewl/gemset.nix @@ -0,0 +1,104 @@ +{ + mime = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0nskys7brz2bylhxiknl0z9i19w3wb1knf0h93in6mjq70jdw5cr"; + type = "gem"; + }; + version = "0.4.4"; + }; + mime-types = { + dependencies = ["mime-types-data"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1zj12l9qk62anvk9bjvandpa6vy4xslil15wl6wlivyf51z773vh"; + type = "gem"; + }; + version = "3.3.1"; + }; + mime-types-data = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dlxwc75iy0dj23x824cxpvpa7c8aqcpskksrmb32j6m66h5mkcy"; + type = "gem"; + }; + version = "3.2021.0704"; + }; + mini_exiftool = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ir4wigpm6nkd3f40wcjdqrhjx3l60w1hwcg143is1a95ypnvqhr"; + type = "gem"; + }; + version = "2.10.2"; + }; + mini_portile2 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ad0mli9rc0f17zw4ibp24dbj1y39zkykijsjmnzl4gwpg5s0j6k"; + type = "gem"; + }; + version = "2.5.3"; + }; + nokogiri = { + dependencies = ["mini_portile2" "racc"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1vrn31385ix5k9b0yalnlzv360isv6dincbcvi8psllnwz4sjxj9"; + type = "gem"; + }; + version = "1.11.7"; + }; + racc = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "178k7r0xn689spviqzhvazzvxfq6fyjldxb3ywjbgipbfi4s8j1g"; + type = "gem"; + }; + version = "1.5.2"; + }; + rexml = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08ximcyfjy94pm1rhcx04ny1vx2sk0x4y185gzn86yfsbzwkng53"; + type = "gem"; + }; + version = "3.2.5"; + }; + rubyzip = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0grps9197qyxakbpw02pda59v45lfgbgiyw48i0mq9f2bn9y6mrz"; + type = "gem"; + }; + version = "2.3.2"; + }; + spider = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0fix7zhnvlfqg66bxwdpbsffbynzdnaifnxpakn07bjh3rdj75cx"; + type = "gem"; + }; + version = "0.5.4"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cfripper/default.nix b/nixpkgs/pkgs/tools/security/cfripper/default.nix new file mode 100644 index 000000000000..7f83fe7873e6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cfripper/default.nix @@ -0,0 +1,61 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "cfripper"; + version = "1.13.2"; + + src = fetchFromGitHub { + owner = "Skyscanner"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-wcOtj56l2bUYE+WdbDwtB3aWlP2zEAFaaqw4THcHxbY="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + boto3 + cfn-flip + click + pluggy + pycfmodel + pydash + pyyaml + setuptools + ]; + + nativeCheckInputs = with python3.pkgs; [ + moto + pytestCheckHook + ]; + + postPatch = '' + substituteInPlace setup.py \ + --replace "click~=7.1.1" "click" \ + --replace "pluggy~=0.13.1" "pluggy" \ + --replace "pydash~=4.7.6" "pydash" + ''; + + disabledTestPaths = [ + # Tests are failing + "tests/test_boto3_client.py" + "tests/config/test_pluggy.py" + ]; + + disabledTests = [ + # Assertion fails + "test_multiple_resources_with_wildcard_resources_are_detected" + ]; + + pythonImportsCheck = [ + "cfripper" + ]; + + meta = with lib; { + description = "Tool for analysing CloudFormation templates"; + homepage = "https://github.com/Skyscanner/cfripper"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cfssl/default.nix b/nixpkgs/pkgs/tools/security/cfssl/default.nix new file mode 100644 index 000000000000..903b52f8bd0c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cfssl/default.nix @@ -0,0 +1,42 @@ +{ lib, buildGoModule, fetchFromGitHub, nixosTests }: + +buildGoModule rec { + pname = "cfssl"; + version = "1.6.4"; + + src = fetchFromGitHub { + owner = "cloudflare"; + repo = "cfssl"; + rev = "v${version}"; + sha256 = "sha256-QVKgfwyHzN6n8CnvGT9gg2ncfaDo+Pe4IAQhm4gNiz4="; + }; + + subPackages = [ + "cmd/cfssl" + "cmd/cfssljson" + "cmd/cfssl-bundle" + "cmd/cfssl-certinfo" + "cmd/cfssl-newkey" + "cmd/cfssl-scan" + "cmd/multirootca" + "cmd/mkbundle" + ]; + + vendorHash = null; + + doCheck = false; + + ldflags = [ + "-s" "-w" + "-X github.com/cloudflare/cfssl/cli/version.version=v${version}" + ]; + + passthru.tests = { inherit (nixosTests) cfssl; }; + + meta = with lib; { + homepage = "https://cfssl.org/"; + description = "Cloudflare's PKI and TLS toolkit"; + license = licenses.bsd2; + maintainers = with maintainers; [ mbrgm ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/chain-bench/default.nix b/nixpkgs/pkgs/tools/security/chain-bench/default.nix new file mode 100644 index 000000000000..fef69399cc14 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/chain-bench/default.nix @@ -0,0 +1,57 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles +}: + +buildGoModule rec { + pname = "chain-bench"; + version = "0.1.8"; + + src = fetchFromGitHub { + owner = "aquasecurity"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-vQzxTOShxQGitZRCuR8izSxCkZdPWm2ohoXBOvAkwfw="; + }; + vendorHash = "sha256-sAZIMJRx/E+l12Zyp/vKfuiaCMeaonRbEcsRIRXbXm8="; + + nativeBuildInputs = [ installShellFiles ]; + + ldflags = [ + "-s" + "-w" + "-X main.version=v${version}" + ]; + + postInstall = '' + installShellCompletion --cmd chain-bench \ + --bash <($out/bin/chain-bench completion bash) \ + --fish <($out/bin/chain-bench completion fish) \ + --zsh <($out/bin/chain-bench completion zsh) + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + $out/bin/chain-bench --help + $out/bin/chain-bench --version | grep "v${version}" + runHook postInstallCheck + ''; + + meta = with lib; { + homepage = "https://github.com/aquasecurity/chain-bench"; + changelog = "https://github.com/aquasecurity/chain-bench/releases/tag/v${version}"; + description = "An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark"; + longDescription = '' + Chain-bench is an open-source tool for auditing your software supply chain + stack for security compliance based on a new CIS Software Supply Chain + benchmark. The auditing focuses on the entire SDLC process, where it can + reveal risks from code time into deploy time. To win the race against + hackers and protect your sensitive data and customer trust, you need to + ensure your code is compliant with your organization's policies. + ''; + license = licenses.asl20; + maintainers = with maintainers; [ jk ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/chainsaw/Cargo.lock b/nixpkgs/pkgs/tools/security/chainsaw/Cargo.lock new file mode 100644 index 000000000000..8ddb4bbf29e0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/chainsaw/Cargo.lock @@ -0,0 +1,2310 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "ahash" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c99f64d1e06488f620f932677e24bc6e2897582980441ae90a671415bd7ec2f" +dependencies = [ + "cfg-if", + "once_cell", + "version_check", +] + +[[package]] +name = "aho-corasick" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6748e8def348ed4d14996fa801f4122cd763fff530258cdc03f64b25f89d3a5a" +dependencies = [ + "memchr", +] + +[[package]] +name = "android-tzdata" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e999941b234f3131b00bc13c22d06e8c5ff726d1b6318ac7eb276997bbb4fef0" + +[[package]] +name = "android_system_properties" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" +dependencies = [ + "libc", +] + +[[package]] +name = "anstream" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ca84f3628370c59db74ee214b3263d58f9aadd9b4fe7e711fd87dc452b7f163" +dependencies = [ + "anstyle", + "anstyle-parse", + "anstyle-query", + "anstyle-wincon", + "colorchoice", + "is-terminal", + "utf8parse", +] + +[[package]] +name = "anstyle" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3a30da5c5f2d5e72842e00bcb57657162cdabef0931f40e2deb9b4140440cecd" + +[[package]] +name = "anstyle-parse" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "938874ff5980b03a87c5524b3ae5b59cf99b1d6bc836848df7bc5ada9643c333" +dependencies = [ + "utf8parse", +] + +[[package]] +name = "anstyle-query" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5ca11d4be1bab0c8bc8734a9aa7bf4ee8316d462a08c6ac5052f888fef5b494b" +dependencies = [ + "windows-sys 0.48.0", +] + +[[package]] +name = "anstyle-wincon" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c677ab05e09154296dd37acecd46420c17b9713e8366facafa8fc0885167cf4c" +dependencies = [ + "anstyle", + "windows-sys 0.48.0", +] + +[[package]] +name = "anyhow" +version = "1.0.73" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f768393e7fabd388fe8409b13faa4d93ab0fef35db1508438dfdb066918bcf38" + +[[package]] +name = "arrayref" +version = "0.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b4930d2cb77ce62f89ee5d5289b4ac049559b1c45539271f5ed4fdc7db34545" + +[[package]] +name = "arrayvec" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96d30a06541fbafbc7f82ed10c06164cfbd2c401138f6addd8404629c4b16711" + +[[package]] +name = "assert_cmd" +version = "2.0.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "88903cb14723e4d4003335bb7f8a14f27691649105346a0f0957466c096adfe6" +dependencies = [ + "anstyle", + "bstr", + "doc-comment", + "predicates", + "predicates-core", + "predicates-tree", + "wait-timeout", +] + +[[package]] +name = "atty" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" +dependencies = [ + "hermit-abi 0.1.19", + "libc", + "winapi", +] + +[[package]] +name = "autocfg" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" + +[[package]] +name = "base64" +version = "0.21.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "604178f6c5c21f02dc555784810edfb88d34ac2c73b2eae109655649ee73ce3d" + +[[package]] +name = "bincode" +version = "1.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1f45e9417d87227c7a56d22e471c6206462cba514c7590c09aff4cf6d1ddcad" +dependencies = [ + "serde", +] + +[[package]] +name = "bitflags" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "bitflags" +version = "2.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4682ae6287fcf752ecaabbfcc7b6f9b72aa33933dc23a554d853aea8eea8635" + +[[package]] +name = "blake3" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "199c42ab6972d92c9f8995f086273d25c42fc0f7b2a1fcefba465c1352d25ba5" +dependencies = [ + "arrayref", + "arrayvec", + "cc", + "cfg-if", + "constant_time_eq", + "digest", +] + +[[package]] +name = "block-buffer" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" +dependencies = [ + "generic-array", +] + +[[package]] +name = "bstr" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6798148dccfbff0fae41c7574d2fa8f1ef3492fba0face179de5d8d447d67b05" +dependencies = [ + "memchr", + "regex-automata", + "serde", +] + +[[package]] +name = "bumpalo" +version = "3.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a3e2c3daef883ecc1b5d58c15adae93470a91d425f3532ba1695849656af3fc1" + +[[package]] +name = "bytecount" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c676a478f63e9fa2dd5368a42f28bba0d6c560b775f38583c8bbaa7fcd67c9c" + +[[package]] +name = "byteorder" +version = "1.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" + +[[package]] +name = "bytesize" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38fcc2979eff34a4b84e1cf9a1e3da42a7d44b3b690a40cdcb23e3d556cfb2e5" + +[[package]] +name = "camino" +version = "1.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c59e92b5a388f549b863a7bea62612c09f24c8393560709a54558a9abdfb3b9c" +dependencies = [ + "serde", +] + +[[package]] +name = "cargo-platform" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2cfa25e60aea747ec7e1124f238816749faa93759c6ff5b31f1ccdda137f4479" +dependencies = [ + "serde", +] + +[[package]] +name = "cargo_metadata" +version = "0.14.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4acbb09d9ee8e23699b9634375c72795d095bf268439da88562cf9b501f181fa" +dependencies = [ + "camino", + "cargo-platform", + "semver", + "serde", + "serde_json", +] + +[[package]] +name = "cc" +version = "1.0.82" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "305fe645edc1442a0fa8b6726ba61d422798d37a52e12eaecf4b022ebbb88f01" +dependencies = [ + "libc", +] + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "chainsaw" +version = "2.7.3" +dependencies = [ + "aho-corasick", + "anyhow", + "assert_cmd", + "base64", + "bincode", + "bytesize", + "chrono", + "chrono-tz", + "clap 4.3.21", + "crossterm", + "evtx", + "indicatif", + "lazy_static", + "mft", + "notatin", + "once_cell", + "paste", + "predicates", + "prettytable-rs", + "quick-xml 0.30.0", + "rayon", + "regex", + "rustc-hash", + "serde", + "serde_json", + "serde_yaml", + "smallvec", + "tau-engine", + "tempfile", + "terminal_size", + "uuid", +] + +[[package]] +name = "chrono" +version = "0.4.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec837a71355b28f6556dbd569b37b3f363091c0bd4b2e735674521b4c5fd9bc5" +dependencies = [ + "android-tzdata", + "iana-time-zone", + "js-sys", + "num-traits", + "serde", + "time 0.1.45", + "wasm-bindgen", + "winapi", +] + +[[package]] +name = "chrono-tz" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1369bc6b9e9a7dfdae2055f6ec151fe9c554a9d23d357c0237cee2e25eaabb7" +dependencies = [ + "chrono", + "chrono-tz-build", + "phf", + "serde", +] + +[[package]] +name = "chrono-tz-build" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2f5ebdc942f57ed96d560a6d1a459bae5851102a25d5bf89dc04ae453e31ecf" +dependencies = [ + "parse-zoneinfo", + "phf", + "phf_codegen", +] + +[[package]] +name = "clap" +version = "3.2.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ea181bf566f71cb9a5d17a59e1871af638180a18fb0035c92ae62b705207123" +dependencies = [ + "atty", + "bitflags 1.3.2", + "clap_lex 0.2.4", + "indexmap 1.9.3", + "strsim", + "termcolor", + "textwrap", +] + +[[package]] +name = "clap" +version = "4.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c27cdf28c0f604ba3f512b0c9a409f8de8513e4816705deb0498b627e7c3a3fd" +dependencies = [ + "clap_builder", + "clap_derive", + "once_cell", +] + +[[package]] +name = "clap_builder" +version = "4.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08a9f1ab5e9f01a9b81f202e8562eb9a10de70abf9eaeac1be465c28b75aa4aa" +dependencies = [ + "anstream", + "anstyle", + "clap_lex 0.5.0", + "strsim", +] + +[[package]] +name = "clap_derive" +version = "4.3.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "54a9bb5758fc5dfe728d1019941681eccaf0cf8a4189b692a0ee2f2ecf90a050" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "clap_lex" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2850f2f5a82cbf437dd5af4d49848fbdfc27c157c3d010345776f952765261c5" +dependencies = [ + "os_str_bytes", +] + +[[package]] +name = "clap_lex" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2da6da31387c7e4ef160ffab6d5e7f00c42626fe39aea70a7b0f1773f7dd6c1b" + +[[package]] +name = "colorchoice" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7" + +[[package]] +name = "console" +version = "0.15.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c926e00cc70edefdc64d3a5ff31cc65bb97a3460097762bd23afb4d8145fccf8" +dependencies = [ + "encode_unicode 0.3.6", + "lazy_static", + "libc", + "unicode-width", + "windows-sys 0.45.0", +] + +[[package]] +name = "constant_time_eq" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f7144d30dcf0fafbce74250a3963025d8d52177934239851c917d29f1df280c2" + +[[package]] +name = "core-foundation-sys" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e496a50fda8aacccc86d7529e2c1e0892dbd0f898a6b5645b5561b89c3210efa" + +[[package]] +name = "crc32fast" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b540bd8bc810d3885c6ea91e2018302f68baba2129ab3e88f32389ee9370880d" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "crossbeam-channel" +version = "0.5.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a33c2bf77f2df06183c3aa30d1e96c0695a313d4f9c453cc3762a6db39f99200" +dependencies = [ + "cfg-if", + "crossbeam-utils", +] + +[[package]] +name = "crossbeam-deque" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce6fd6f855243022dcecf8702fef0c297d4338e226845fe067f6341ad9fa0cef" +dependencies = [ + "cfg-if", + "crossbeam-epoch", + "crossbeam-utils", +] + +[[package]] +name = "crossbeam-epoch" +version = "0.9.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae211234986c545741a7dc064309f67ee1e5ad243d0e48335adc0484d960bcc7" +dependencies = [ + "autocfg", + "cfg-if", + "crossbeam-utils", + "memoffset", + "scopeguard", +] + +[[package]] +name = "crossbeam-utils" +version = "0.8.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a22b2d63d4d1dc0b7f1b6b2747dd0088008a9be28b6ddf0b1e7d335e3037294" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "crossterm" +version = "0.27.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f476fe445d41c9e991fd07515a6f463074b782242ccf4a5b7b1d1012e70824df" +dependencies = [ + "bitflags 2.4.0", + "crossterm_winapi", + "libc", + "mio", + "parking_lot", + "signal-hook", + "signal-hook-mio", + "winapi", +] + +[[package]] +name = "crossterm_winapi" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "acdd7c62a3665c7f6830a51635d9ac9b23ed385797f70a83bb8bafe9c572ab2b" +dependencies = [ + "winapi", +] + +[[package]] +name = "crypto-common" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +dependencies = [ + "generic-array", + "typenum", +] + +[[package]] +name = "csv" +version = "1.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "626ae34994d3d8d668f4269922248239db4ae42d538b14c398b74a52208e8086" +dependencies = [ + "csv-core", + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "csv-core" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b2466559f260f48ad25fe6317b3c8dac77b5bdb5763ac7d9d6103530663bc90" +dependencies = [ + "memchr", +] + +[[package]] +name = "deranged" +version = "0.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7684a49fb1af197853ef7b2ee694bc1f5b4179556f1e5710e1760c5db6f5e929" + +[[package]] +name = "dialoguer" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59c6f2989294b9a498d3ad5491a79c6deb604617378e1cdc4bfc1c1361fe2f87" +dependencies = [ + "console", + "shell-words", + "tempfile", + "zeroize", +] + +[[package]] +name = "difflib" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6184e33543162437515c2e2b48714794e37845ec9851711914eec9d308f6ebe8" + +[[package]] +name = "digest" +version = "0.10.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" +dependencies = [ + "block-buffer", + "crypto-common", + "subtle", +] + +[[package]] +name = "dirs-next" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b98cf8ebf19c3d1b223e151f99a4f9f0690dca41414773390fc824184ac833e1" +dependencies = [ + "cfg-if", + "dirs-sys-next", +] + +[[package]] +name = "dirs-sys-next" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ebda144c4fe02d1f7ea1a7d9641b6fc6b580adcfa024ae48797ecdeb6825b4d" +dependencies = [ + "libc", + "redox_users", + "winapi", +] + +[[package]] +name = "doc-comment" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fea41bba32d969b513997752735605054bc0dfa92b4c56bf1189f2e174be7a10" + +[[package]] +name = "either" +version = "1.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a26ae43d7bcc3b814de94796a5e736d4029efb0ee900c12e2d54c993ad1a1e07" + +[[package]] +name = "encode_unicode" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a357d28ed41a50f9c765dbfe56cbc04a64e53e5fc58ba79fbc34c10ef3df831f" + +[[package]] +name = "encode_unicode" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34aa73646ffb006b8f5147f3dc182bd4bcb190227ce861fc4a4844bf8e3cb2c0" + +[[package]] +name = "encoding" +version = "0.2.33" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b0d943856b990d12d3b55b359144ff341533e516d94098b1d3fc1ac666d36ec" +dependencies = [ + "encoding-index-japanese", + "encoding-index-korean", + "encoding-index-simpchinese", + "encoding-index-singlebyte", + "encoding-index-tradchinese", +] + +[[package]] +name = "encoding-index-japanese" +version = "1.20141219.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04e8b2ff42e9a05335dbf8b5c6f7567e5591d0d916ccef4e0b1710d32a0d0c91" +dependencies = [ + "encoding_index_tests", +] + +[[package]] +name = "encoding-index-korean" +version = "1.20141219.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4dc33fb8e6bcba213fe2f14275f0963fd16f0a02c878e3095ecfdf5bee529d81" +dependencies = [ + "encoding_index_tests", +] + +[[package]] +name = "encoding-index-simpchinese" +version = "1.20141219.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d87a7194909b9118fc707194baa434a4e3b0fb6a5a757c73c3adb07aa25031f7" +dependencies = [ + "encoding_index_tests", +] + +[[package]] +name = "encoding-index-singlebyte" +version = "1.20141219.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3351d5acffb224af9ca265f435b859c7c01537c0849754d3db3fdf2bfe2ae84a" +dependencies = [ + "encoding_index_tests", +] + +[[package]] +name = "encoding-index-tradchinese" +version = "1.20141219.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd0e20d5688ce3cab59eb3ef3a2083a5c77bf496cb798dc6fcdb75f323890c18" +dependencies = [ + "encoding_index_tests", +] + +[[package]] +name = "encoding_index_tests" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a246d82be1c9d791c5dfde9a2bd045fc3cbba3fa2b11ad558f27d01712f00569" + +[[package]] +name = "enum-primitive-derive" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c375b9c5eadb68d0a6efee2999fef292f45854c3444c86f09d8ab086ba942b0e" +dependencies = [ + "num-traits", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "env_logger" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44533bbbb3bb3c1fa17d9f2e4e38bbbaf8396ba82193c4cb1b6445d711445d36" +dependencies = [ + "atty", + "humantime", + "log", + "regex", + "termcolor", +] + +[[package]] +name = "equivalent" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" + +[[package]] +name = "errno" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b30f669a7961ef1631673d2766cc92f52d64f7ef354d4fe0ddfd30ed52f0f4f" +dependencies = [ + "errno-dragonfly", + "libc", + "windows-sys 0.48.0", +] + +[[package]] +name = "errno-dragonfly" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" +dependencies = [ + "cc", + "libc", +] + +[[package]] +name = "error-chain" +version = "0.12.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2d2f06b9cac1506ece98fe3231e3cc9c4410ec3d5b1f24ae1c8946f0742cdefc" +dependencies = [ + "version_check", +] + +[[package]] +name = "evtx" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b3c0a23f64c81e962c993ccb5d9e88bbd62a3fcabdec20b037a8383f7c3e163f" +dependencies = [ + "anyhow", + "bitflags 1.3.2", + "byteorder", + "chrono", + "clap 3.2.25", + "crc32fast", + "dialoguer", + "encoding", + "indoc 1.0.9", + "log", + "quick-xml 0.24.1", + "rayon", + "serde", + "serde_json", + "simplelog", + "skeptic", + "thiserror", + "winstructs", +] + +[[package]] +name = "fastrand" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6999dc1837253364c2ebb0704ba97994bd874e8f195d665c50b7548f6ea92764" + +[[package]] +name = "float-cmp" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "98de4bbd547a563b716d8dfa9aad1cb19bfab00f4fa09a6a4ed21dbcf44ce9c4" +dependencies = [ + "num-traits", +] + +[[package]] +name = "generic-array" +version = "0.14.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" +dependencies = [ + "typenum", + "version_check", +] + +[[package]] +name = "getrandom" +version = "0.2.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427" +dependencies = [ + "cfg-if", + "libc", + "wasi 0.11.0+wasi-snapshot-preview1", +] + +[[package]] +name = "glob" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" + +[[package]] +name = "hashbrown" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" + +[[package]] +name = "hashbrown" +version = "0.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43a3c133739dddd0d2990f9a4bdf8eb4b21ef50e4851ca85ab661199821d510e" +dependencies = [ + "ahash", +] + +[[package]] +name = "hashbrown" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c6201b9ff9fd90a5a3bac2e56a830d0caa509576f0e503818ee82c181b3437a" + +[[package]] +name = "heck" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" + +[[package]] +name = "hermit-abi" +version = "0.1.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33" +dependencies = [ + "libc", +] + +[[package]] +name = "hermit-abi" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "443144c8cdadd93ebf52ddb4056d257f5b52c04d3c804e657d19eb73fc33668b" + +[[package]] +name = "humantime" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df004cfca50ef23c36850aaaa59ad52cc70d0e90243c3c7737a4dd32dc7a3c4f" +dependencies = [ + "quick-error", +] + +[[package]] +name = "iana-time-zone" +version = "0.1.57" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2fad5b825842d2b38bd206f3e81d6957625fd7f0a361e345c30e01a0ae2dd613" +dependencies = [ + "android_system_properties", + "core-foundation-sys", + "iana-time-zone-haiku", + "js-sys", + "wasm-bindgen", + "windows", +] + +[[package]] +name = "iana-time-zone-haiku" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f" +dependencies = [ + "cc", +] + +[[package]] +name = "indexmap" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" +dependencies = [ + "autocfg", + "hashbrown 0.12.3", +] + +[[package]] +name = "indexmap" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5477fe2230a79769d8dc68e0eabf5437907c0457a5614a9e8dddb67f65eb65d" +dependencies = [ + "equivalent", + "hashbrown 0.14.0", +] + +[[package]] +name = "indicatif" +version = "0.17.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b297dc40733f23a0e52728a58fa9489a5b7638a324932de16b41adc3ef80730" +dependencies = [ + "console", + "instant", + "number_prefix", + "portable-atomic", + "unicode-width", +] + +[[package]] +name = "indoc" +version = "1.0.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfa799dd5ed20a7e349f3b4639aa80d74549c81716d9ec4f994c9b5815598306" + +[[package]] +name = "indoc" +version = "2.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c785eefb63ebd0e33416dfcb8d6da0bf27ce752843a45632a67bf10d4d4b5c4" + +[[package]] +name = "instant" +version = "0.1.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "io-lifetimes" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2" +dependencies = [ + "hermit-abi 0.3.2", + "libc", + "windows-sys 0.48.0", +] + +[[package]] +name = "is-terminal" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb0889898416213fab133e1d33a0e5858a48177452750691bde3666d0fdbaf8b" +dependencies = [ + "hermit-abi 0.3.2", + "rustix 0.38.8", + "windows-sys 0.48.0", +] + +[[package]] +name = "itertools" +version = "0.10.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473" +dependencies = [ + "either", +] + +[[package]] +name = "itoa" +version = "1.0.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af150ab688ff2122fcef229be89cb50dd66af9e01a4ff320cc137eecc9bacc38" + +[[package]] +name = "js-sys" +version = "0.3.64" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c5f195fe497f702db0f318b07fdd68edb16955aed830df8363d837542f8f935a" +dependencies = [ + "wasm-bindgen", +] + +[[package]] +name = "lazy_static" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" + +[[package]] +name = "libc" +version = "0.2.147" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" + +[[package]] +name = "linux-raw-sys" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" + +[[package]] +name = "linux-raw-sys" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57bcfdad1b858c2db7c38303a6d2ad4dfaf5eb53dfeb0910128b2c26d6158503" + +[[package]] +name = "lock_api" +version = "0.4.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1cc9717a20b1bb222f333e6a92fd32f7d8a18ddc5a3191a11af45dcbf4dcd16" +dependencies = [ + "autocfg", + "scopeguard", +] + +[[package]] +name = "log" +version = "0.4.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f" + +[[package]] +name = "lru" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "71e7d46de488603ffdd5f30afbc64fbba2378214a2c3a2fb83abf3d33126df17" +dependencies = [ + "hashbrown 0.13.2", +] + +[[package]] +name = "md5" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "490cc448043f947bae3cbee9c203358d62dbee0db12107a74be5c30ccfd09771" + +[[package]] +name = "memchr" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" + +[[package]] +name = "memoffset" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a634b1c61a95585bd15607c6ab0c4e5b226e695ff2800ba0cdccddf208c406c" +dependencies = [ + "autocfg", +] + +[[package]] +name = "mft" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "52cf53faa705fc7f6574f99a34fae16ffa12b6391eabd9f7269377738e583e99" +dependencies = [ + "anyhow", + "bitflags 1.3.2", + "byteorder", + "chrono", + "clap 4.3.21", + "csv", + "dialoguer", + "encoding", + "indoc 2.0.3", + "itertools", + "log", + "lru", + "num-derive", + "num-traits", + "rand", + "serde", + "serde_json", + "simplelog", + "skeptic", + "thiserror", + "winstructs", +] + +[[package]] +name = "minimal-lexical" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" + +[[package]] +name = "mio" +version = "0.8.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "927a765cd3fc26206e66b296465fa9d3e5ab003e651c1b3c060e7956d96b19d2" +dependencies = [ + "libc", + "log", + "wasi 0.11.0+wasi-snapshot-preview1", + "windows-sys 0.48.0", +] + +[[package]] +name = "nom" +version = "7.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a" +dependencies = [ + "memchr", + "minimal-lexical", +] + +[[package]] +name = "normalize-line-endings" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61807f77802ff30975e01f4f071c8ba10c022052f98b3294119f3e615d13e5be" + +[[package]] +name = "notatin" +version = "1.0.0" +source = "git+https://github.com/strozfriedberg/notatin?tag=v1.0.0#f07fddb498d5dfc8a61e1988ced0a28a2c8f253c" +dependencies = [ + "bitflags 2.4.0", + "blake3", + "chrono", + "crossterm", + "enum-primitive-derive", + "md5", + "nom", + "num", + "num-traits", + "paste", + "regex", + "serde", + "serde_json", + "strum_macros", + "thiserror", + "winstructs", +] + +[[package]] +name = "num" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b05180d69e3da0e530ba2a1dae5110317e49e3b7f3d41be227dc5f92e49ee7af" +dependencies = [ + "num-bigint", + "num-complex", + "num-integer", + "num-iter", + "num-rational", + "num-traits", +] + +[[package]] +name = "num-bigint" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f93ab6289c7b344a8a9f60f88d80aa20032336fe78da341afc91c8a2341fc75f" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-complex" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ba157ca0885411de85d6ca030ba7e2a83a28636056c7c699b07c8b6f7383214" +dependencies = [ + "num-traits", +] + +[[package]] +name = "num-derive" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "876a53fff98e03a936a674b29568b0e605f06b29372c2489ff4de23f1949743d" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "num-integer" +version = "0.1.45" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" +dependencies = [ + "autocfg", + "num-traits", +] + +[[package]] +name = "num-iter" +version = "0.1.43" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d03e6c028c5dc5cac6e2dec0efda81fc887605bb3d884578bb6d6bf7514e252" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-rational" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0638a1c9d0a3c0914158145bc76cff373a75a627e6ecbfb71cbe6f453a5a19b0" +dependencies = [ + "autocfg", + "num-bigint", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-traits" +version = "0.2.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f30b0abd723be7e2ffca1272140fac1a2f084c77ec3e123c192b66af1ee9e6c2" +dependencies = [ + "autocfg", +] + +[[package]] +name = "num_cpus" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" +dependencies = [ + "hermit-abi 0.3.2", + "libc", +] + +[[package]] +name = "num_threads" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44" +dependencies = [ + "libc", +] + +[[package]] +name = "number_prefix" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "830b246a0e5f20af87141b25c173cd1b609bd7779a4617d6ec582abaf90870f3" + +[[package]] +name = "once_cell" +version = "1.18.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" + +[[package]] +name = "os_str_bytes" +version = "6.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4d5d9eb14b174ee9aa2ef96dc2b94637a2d4b6e7cb873c7e171f0c20c6cf3eac" + +[[package]] +name = "parking_lot" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" +dependencies = [ + "lock_api", + "parking_lot_core", +] + +[[package]] +name = "parking_lot_core" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93f00c865fe7cabf650081affecd3871070f26767e7b2070a3ffae14c654b447" +dependencies = [ + "cfg-if", + "libc", + "redox_syscall 0.3.5", + "smallvec", + "windows-targets 0.48.2", +] + +[[package]] +name = "parse-zoneinfo" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c705f256449c60da65e11ff6626e0c16a0a0b96aaa348de61376b249bc340f41" +dependencies = [ + "regex", +] + +[[package]] +name = "paste" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c" + +[[package]] +name = "phf" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ade2d8b8f33c7333b51bcf0428d37e217e9f32192ae4772156f65063b8ce03dc" +dependencies = [ + "phf_shared", +] + +[[package]] +name = "phf_codegen" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8d39688d359e6b34654d328e262234662d16cc0f60ec8dcbe5e718709342a5a" +dependencies = [ + "phf_generator", + "phf_shared", +] + +[[package]] +name = "phf_generator" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48e4cc64c2ad9ebe670cb8fd69dd50ae301650392e81c05f9bfcb2d5bdbc24b0" +dependencies = [ + "phf_shared", + "rand", +] + +[[package]] +name = "phf_shared" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "90fcb95eef784c2ac79119d1dd819e162b5da872ce6f3c3abe1e8ca1c082f72b" +dependencies = [ + "siphasher", +] + +[[package]] +name = "pin-project-lite" +version = "0.2.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "12cc1b0bf1727a77a54b6654e7b5f1af8604923edc8b81885f8ec92f9e3f0a05" + +[[package]] +name = "portable-atomic" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f32154ba0af3a075eefa1eda8bb414ee928f62303a54ea85b8d6638ff1a6ee9e" + +[[package]] +name = "ppv-lite86" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" + +[[package]] +name = "predicates" +version = "3.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09963355b9f467184c04017ced4a2ba2d75cbcb4e7462690d388233253d4b1a9" +dependencies = [ + "anstyle", + "difflib", + "float-cmp", + "itertools", + "normalize-line-endings", + "predicates-core", + "regex", +] + +[[package]] +name = "predicates-core" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b794032607612e7abeb4db69adb4e33590fa6cf1149e95fd7cb00e634b92f174" + +[[package]] +name = "predicates-tree" +version = "1.0.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "368ba315fb8c5052ab692e68a0eefec6ec57b23a36959c14496f0b0df2c0cecf" +dependencies = [ + "predicates-core", + "termtree", +] + +[[package]] +name = "prettytable-rs" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eea25e07510aa6ab6547308ebe3c036016d162b8da920dbb079e3ba8acf3d95a" +dependencies = [ + "csv", + "encode_unicode 1.0.0", + "is-terminal", + "lazy_static", + "term", + "unicode-width", +] + +[[package]] +name = "proc-macro2" +version = "1.0.66" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "pulldown-cmark" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77a1a2f1f0a7ecff9c31abbe177637be0e97a0aef46cf8738ece09327985d998" +dependencies = [ + "bitflags 1.3.2", + "memchr", + "unicase", +] + +[[package]] +name = "quick-error" +version = "1.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0" + +[[package]] +name = "quick-xml" +version = "0.24.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37dddbbe9df96afafcb8027fcf263971b726530e12f0787f620a7ba5b4846081" +dependencies = [ + "memchr", +] + +[[package]] +name = "quick-xml" +version = "0.30.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eff6510e86862b57b210fd8cbe8ed3f0d7d600b9c2863cd4549a2e033c66e956" +dependencies = [ + "memchr", + "serde", +] + +[[package]] +name = "quote" +version = "1.0.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50f3b39ccfb720540debaa0164757101c08ecb8d326b15358ce76a62c7e85965" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha", + "rand_core", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] + +[[package]] +name = "rayon" +version = "1.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d2df5196e37bcc87abebc0053e20787d73847bb33134a69841207dd0a47f03b" +dependencies = [ + "either", + "rayon-core", +] + +[[package]] +name = "rayon-core" +version = "1.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b8f95bd6966f5c87776639160a66bd8ab9895d9d4ab01ddba9fc60661aebe8d" +dependencies = [ + "crossbeam-channel", + "crossbeam-deque", + "crossbeam-utils", + "num_cpus", +] + +[[package]] +name = "redox_syscall" +version = "0.2.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a" +dependencies = [ + "bitflags 1.3.2", +] + +[[package]] +name = "redox_syscall" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29" +dependencies = [ + "bitflags 1.3.2", +] + +[[package]] +name = "redox_users" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b033d837a7cf162d7993aded9304e30a83213c648b6e389db233191f891e5c2b" +dependencies = [ + "getrandom", + "redox_syscall 0.2.16", + "thiserror", +] + +[[package]] +name = "regex" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "81bc1d4caf89fac26a70747fe603c130093b53c773888797a6329091246d651a" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fed1ceff11a1dddaee50c9dc8e4938bd106e9d89ae372f192311e7da498e3b69" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e5ea92a5b6195c6ef2a0295ea818b312502c6fc94dde986c5553242e18fd4ce2" + +[[package]] +name = "rustc-hash" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" + +[[package]] +name = "rustix" +version = "0.37.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4d69718bf81c6127a49dc64e44a742e8bb9213c0ff8869a22c308f84c1d4ab06" +dependencies = [ + "bitflags 1.3.2", + "errno", + "io-lifetimes", + "libc", + "linux-raw-sys 0.3.8", + "windows-sys 0.48.0", +] + +[[package]] +name = "rustix" +version = "0.38.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19ed4fa021d81c8392ce04db050a3da9a60299050b7ae1cf482d862b54a7218f" +dependencies = [ + "bitflags 2.4.0", + "errno", + "libc", + "linux-raw-sys 0.4.5", + "windows-sys 0.48.0", +] + +[[package]] +name = "rustversion" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ffc183a10b4478d04cbbbfc96d0873219d962dd5accaff2ffbd4ceb7df837f4" + +[[package]] +name = "ryu" +version = "1.0.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ad4cc8da4ef723ed60bced201181d83791ad433213d8c24efffda1eec85d741" + +[[package]] +name = "same-file" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "scopeguard" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" + +[[package]] +name = "semver" +version = "1.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0293b4b29daaf487284529cc2f5675b8e57c61f70167ba415a463651fd6a918" +dependencies = [ + "serde", +] + +[[package]] +name = "serde" +version = "1.0.183" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32ac8da02677876d532745a130fc9d8e6edfa81a269b107c5b00829b91d8eb3c" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.183" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aafe972d60b0b9bee71a91b92fee2d4fb3c9d7e8f6b179aa99f27203d99a4816" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "serde_json" +version = "1.0.104" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "076066c5f1078eac5b722a31827a8832fe108bed65dfa75e233c89f8206e976c" +dependencies = [ + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "serde_yaml" +version = "0.9.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a49e178e4452f45cb61d0cd8cebc1b0fafd3e41929e996cef79aa3aca91f574" +dependencies = [ + "indexmap 2.0.0", + "itoa", + "ryu", + "serde", + "unsafe-libyaml", +] + +[[package]] +name = "shell-words" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24188a676b6ae68c3b2cb3a01be17fbf7240ce009799bb56d5b1409051e78fde" + +[[package]] +name = "signal-hook" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8621587d4798caf8eb44879d42e56b9a93ea5dcd315a6487c357130095b62801" +dependencies = [ + "libc", + "signal-hook-registry", +] + +[[package]] +name = "signal-hook-mio" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "29ad2e15f37ec9a6cc544097b78a1ec90001e9f71b81338ca39f430adaca99af" +dependencies = [ + "libc", + "mio", + "signal-hook", +] + +[[package]] +name = "signal-hook-registry" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d8229b473baa5980ac72ef434c4415e70c4b5e71b423043adb4ba059f89c99a1" +dependencies = [ + "libc", +] + +[[package]] +name = "simplelog" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "acee08041c5de3d5048c8b3f6f13fafb3026b24ba43c6a695a0c76179b844369" +dependencies = [ + "log", + "termcolor", + "time 0.3.25", +] + +[[package]] +name = "siphasher" +version = "0.3.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7bd3e3206899af3f8b12af284fafc038cc1dc2b41d1b89dd17297221c5d225de" + +[[package]] +name = "skeptic" +version = "0.13.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "16d23b015676c90a0f01c197bfdc786c20342c73a0afdda9025adb0bc42940a8" +dependencies = [ + "bytecount", + "cargo_metadata", + "error-chain", + "glob", + "pulldown-cmark", + "tempfile", + "walkdir", +] + +[[package]] +name = "smallvec" +version = "1.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62bb4feee49fdd9f707ef802e22365a35de4b7b299de4763d44bfea899442ff9" + +[[package]] +name = "strsim" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" + +[[package]] +name = "strum_macros" +version = "0.25.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ad8d03b598d3d0fff69bf533ee3ef19b8eeb342729596df84bcc7e1f96ec4059" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "rustversion", + "syn 2.0.28", +] + +[[package]] +name = "subtle" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc" + +[[package]] +name = "syn" +version = "1.0.109" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "syn" +version = "2.0.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04361975b3f5e348b2189d8dc55bc942f278b2d482a6a0365de5bdd62d351567" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "tau-engine" +version = "1.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4566a9d67931bc2b779cbabb58ddef3e9b452e6059333fb34992ca46525a8413" +dependencies = [ + "aho-corasick", + "lazy_static", + "regex", + "serde", + "serde_json", + "serde_yaml", + "tracing", +] + +[[package]] +name = "tempfile" +version = "3.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc02fddf48964c42031a0b3fe0428320ecf3a73c401040fc0096f97794310651" +dependencies = [ + "cfg-if", + "fastrand", + "redox_syscall 0.3.5", + "rustix 0.38.8", + "windows-sys 0.48.0", +] + +[[package]] +name = "term" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c59df8ac95d96ff9bede18eb7300b0fda5e5d8d90960e76f8e14ae765eedbf1f" +dependencies = [ + "dirs-next", + "rustversion", + "winapi", +] + +[[package]] +name = "termcolor" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bab24d30b911b2376f3a13cc2cd443142f0c81dda04c118693e35b3835757755" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "terminal_size" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e6bf6f19e9f8ed8d4048dc22981458ebcf406d67e94cd422e5ecd73d63b3237" +dependencies = [ + "rustix 0.37.23", + "windows-sys 0.48.0", +] + +[[package]] +name = "termtree" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3369f5ac52d5eb6ab48c6b4ffdc8efbcad6b89c765749064ba298f2c68a16a76" + +[[package]] +name = "textwrap" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "222a222a5bfe1bba4a77b45ec488a741b3cb8872e5e499451fd7d0129c9c7c3d" + +[[package]] +name = "thiserror" +version = "1.0.45" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dedd246497092a89beedfe2c9f176d44c1b672ea6090edc20544ade01fbb7ea0" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.45" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d7b1fadccbbc7e19ea64708629f9d8dccd007c260d66485f20a6d41bc1cf4b3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "time" +version = "0.1.45" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b797afad3f312d1c66a56d11d0316f916356d11bd158fbc6ca6389ff6bf805a" +dependencies = [ + "libc", + "wasi 0.10.0+wasi-snapshot-preview1", + "winapi", +] + +[[package]] +name = "time" +version = "0.3.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0fdd63d58b18d663fbdf70e049f00a22c8e42be082203be7f26589213cd75ea" +dependencies = [ + "deranged", + "itoa", + "libc", + "num_threads", + "serde", + "time-core", + "time-macros", +] + +[[package]] +name = "time-core" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb" + +[[package]] +name = "time-macros" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eb71511c991639bb078fd5bf97757e03914361c48100d52878b8e52b46fb92cd" +dependencies = [ + "time-core", +] + +[[package]] +name = "tracing" +version = "0.1.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ce8c33a8d48bd45d624a6e523445fd21ec13d3653cd51f681abf67418f54eb8" +dependencies = [ + "cfg-if", + "pin-project-lite", + "tracing-attributes", + "tracing-core", +] + +[[package]] +name = "tracing-attributes" +version = "0.1.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f4f31f56159e98206da9efd823404b79b6ef3143b4a7ab76e67b1751b25a4ab" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "tracing-core" +version = "0.1.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0955b8137a1df6f1a2e9a37d8a6656291ff0297c1a97c24e0d8425fe2312f79a" +dependencies = [ + "once_cell", +] + +[[package]] +name = "typenum" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" + +[[package]] +name = "unicase" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50f37be617794602aabbeee0be4f259dc1778fabe05e2d67ee8f79326d5cb4f6" +dependencies = [ + "version_check", +] + +[[package]] +name = "unicode-ident" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "301abaae475aa91687eb82514b328ab47a211a533026cb25fc3e519b86adfc3c" + +[[package]] +name = "unicode-width" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0edd1e5b14653f783770bce4a4dabb4a5108a5370a5f5d8cfe8710c361f6c8b" + +[[package]] +name = "unsafe-libyaml" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f28467d3e1d3c6586d8f25fa243f544f5800fec42d97032474e17222c2b75cfa" + +[[package]] +name = "utf8parse" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a" + +[[package]] +name = "uuid" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79daa5ed5740825c40b389c5e50312b9c86df53fccd33f281df655642b43869d" +dependencies = [ + "getrandom", + "serde", +] + +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" + +[[package]] +name = "wait-timeout" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9f200f5b12eb75f8c1ed65abd4b2db8a6e1b138a20de009dacee265a2498f3f6" +dependencies = [ + "libc", +] + +[[package]] +name = "walkdir" +version = "2.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "36df944cda56c7d8d8b7496af378e6b16de9284591917d307c9b4d313c44e698" +dependencies = [ + "same-file", + "winapi-util", +] + +[[package]] +name = "wasi" +version = "0.10.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f" + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "wasm-bindgen" +version = "0.2.87" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7706a72ab36d8cb1f80ffbf0e071533974a60d0a308d01a5d0375bf60499a342" +dependencies = [ + "cfg-if", + "wasm-bindgen-macro", +] + +[[package]] +name = "wasm-bindgen-backend" +version = "0.2.87" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5ef2b6d3c510e9625e5fe6f509ab07d66a760f0885d858736483c32ed7809abd" +dependencies = [ + "bumpalo", + "log", + "once_cell", + "proc-macro2", + "quote", + "syn 2.0.28", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.87" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dee495e55982a3bd48105a7b947fd2a9b4a8ae3010041b9e0faab3f9cd028f1d" +dependencies = [ + "quote", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.87" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "54681b18a46765f095758388f2d0cf16eb8d4169b639ab575a8f5693af210c7b" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", + "wasm-bindgen-backend", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.87" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca6ad05a4870b2bf5fe995117d3728437bd27d7cd5f06f13c17443ef369775a1" + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-util" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178" +dependencies = [ + "winapi", +] + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e686886bc078bc1b0b600cac0147aadb815089b6e4da64016cbd754b6342700f" +dependencies = [ + "windows-targets 0.48.2", +] + +[[package]] +name = "windows-sys" +version = "0.45.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75283be5efb2831d37ea142365f009c02ec203cd29a3ebecbc093d52315b66d0" +dependencies = [ + "windows-targets 0.42.2", +] + +[[package]] +name = "windows-sys" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" +dependencies = [ + "windows-targets 0.48.2", +] + +[[package]] +name = "windows-targets" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e5180c00cd44c9b1c88adb3693291f1cd93605ded80c250a75d472756b4d071" +dependencies = [ + "windows_aarch64_gnullvm 0.42.2", + "windows_aarch64_msvc 0.42.2", + "windows_i686_gnu 0.42.2", + "windows_i686_msvc 0.42.2", + "windows_x86_64_gnu 0.42.2", + "windows_x86_64_gnullvm 0.42.2", + "windows_x86_64_msvc 0.42.2", +] + +[[package]] +name = "windows-targets" +version = "0.48.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d1eeca1c172a285ee6c2c84c341ccea837e7c01b12fbb2d0fe3c9e550ce49ec8" +dependencies = [ + "windows_aarch64_gnullvm 0.48.2", + "windows_aarch64_msvc 0.48.2", + "windows_i686_gnu 0.48.2", + "windows_i686_msvc 0.48.2", + "windows_x86_64_gnu 0.48.2", + "windows_x86_64_gnullvm 0.48.2", + "windows_x86_64_msvc 0.48.2", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "597a5118570b68bc08d8d59125332c54f1ba9d9adeedeef5b99b02ba2b0698f8" + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.48.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b10d0c968ba7f6166195e13d593af609ec2e3d24f916f081690695cf5eaffb2f" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e08e8864a60f06ef0d0ff4ba04124db8b0fb3be5776a5cd47641e942e58c4d43" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.48.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "571d8d4e62f26d4932099a9efe89660e8bd5087775a2ab5cdd8b747b811f1058" + +[[package]] +name = "windows_i686_gnu" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c61d927d8da41da96a81f029489353e68739737d3beca43145c8afec9a31a84f" + +[[package]] +name = "windows_i686_gnu" +version = "0.48.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2229ad223e178db5fbbc8bd8d3835e51e566b8474bfca58d2e6150c48bb723cd" + +[[package]] +name = "windows_i686_msvc" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44d840b6ec649f480a41c8d80f9c65108b92d89345dd94027bfe06ac444d1060" + +[[package]] +name = "windows_i686_msvc" +version = "0.48.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "600956e2d840c194eedfc5d18f8242bc2e17c7775b6684488af3a9fff6fe3287" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8de912b8b8feb55c064867cf047dda097f92d51efad5b491dfb98f6bbb70cb36" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.48.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea99ff3f8b49fb7a8e0d305e5aec485bd068c2ba691b6e277d29eaeac945868a" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26d41b46a36d453748aedef1486d5c7a85db22e56aff34643984ea85514e94a3" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.48.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f1a05a1ece9a7a0d5a7ccf30ba2c33e3a61a30e042ffd247567d1de1d94120d" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9aec5da331524158c6d1a4ac0ab1541149c0b9505fde06423b02f5ef0106b9f0" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.48.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d419259aba16b663966e29e6d7c6ecfa0bb8425818bb96f6f1f3c3eb71a6e7b9" + +[[package]] +name = "winstructs" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "13eb723aae62864dbb48c23bd55a51be9c53a1880c7762805efdd62570c22acf" +dependencies = [ + "bitflags 1.3.2", + "byteorder", + "chrono", + "env_logger", + "log", + "num-derive", + "num-traits", + "serde", + "serde_json", + "thiserror", +] + +[[package]] +name = "zeroize" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a0956f1ba7c7909bfb66c2e9e4124ab6f6482560f6628b5aaeba39207c9aad9" diff --git a/nixpkgs/pkgs/tools/security/chainsaw/default.nix b/nixpkgs/pkgs/tools/security/chainsaw/default.nix new file mode 100644 index 000000000000..fc4c3d523625 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/chainsaw/default.nix @@ -0,0 +1,37 @@ +{ lib +, rustPlatform +, fetchFromGitHub +, stdenv +, darwin +}: + +rustPlatform.buildRustPackage rec { + pname = "chainsaw"; + version = "2.7.3"; + + src = fetchFromGitHub { + owner = "WithSecureLabs"; + repo = "chainsaw"; + rev = "refs/tags/v${version}"; + hash = "sha256-plfEVVMbiTXzBhshO3NZVeuHuNeI9+Lcw1G5xeBiTks="; + }; + + cargoLock = { + lockFile = ./Cargo.lock; + outputHashes = { + "notatin-1.0.0" = "sha256-eeryJhH7kX8QWwVuEq5RzanVT2FBfFJWAzUDFgUKqR8="; + }; + }; + + buildInputs = lib.optionals stdenv.isDarwin [ + darwin.apple_sdk.frameworks.CoreFoundation + ]; + + meta = with lib; { + description = "Rapidly Search and Hunt through Windows Forensic Artefacts"; + homepage = "https://github.com/WithSecureLabs/chainsaw"; + changelog = "https://github.com/WithSecureLabs/chainsaw/releases/tag/v${version}"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cherrybomb/default.nix b/nixpkgs/pkgs/tools/security/cherrybomb/default.nix new file mode 100644 index 000000000000..9f1478a8d231 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cherrybomb/default.nix @@ -0,0 +1,38 @@ +{ lib +, rustPlatform +, fetchCrate +, pkg-config +, openssl +, stdenv +, darwin +}: + +rustPlatform.buildRustPackage rec { + pname = "cherrybomb"; + version = "1.0.0"; + + src = fetchCrate { + inherit pname version; + hash = "sha256-qZ1eKcRAwCzrzvw6QR28oZ8sGnsXmoOW/bWLQTlpqlo="; + }; + + cargoHash = "sha256-eosK7MQ3UB8rxKHCrb3s3+BVarv19h0cL+uzwg95Hc8="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + openssl + ] ++ lib.optionals stdenv.isDarwin [ + darwin.apple_sdk.frameworks.Security + ]; + + meta = with lib; { + description = "A CLI tool that helps you avoid undefined user behavior by validating your API specifications"; + homepage = "https://github.com/blst-security/cherrybomb"; + changelog = "https://github.com/blst-security/cherrybomb/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ figsoda ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/chipsec/compile-ko.diff b/nixpkgs/pkgs/tools/security/chipsec/compile-ko.diff new file mode 100644 index 000000000000..2ac6f69b4f64 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/chipsec/compile-ko.diff @@ -0,0 +1,13 @@ +diff --git a/setup.py b/setup.py +index 3465765c..ae128922 100755 +--- a/setup.py ++++ b/setup.py +@@ -137,7 +137,7 @@ class build_ext(_build_ext): + elif platform.system().lower() == "windows": + driver_build_function = self._build_win_driver + +- if not self.skip_driver: ++ if True: + driver_build_function() + + def get_source_files(self): diff --git a/nixpkgs/pkgs/tools/security/chipsec/default.nix b/nixpkgs/pkgs/tools/security/chipsec/default.nix new file mode 100644 index 000000000000..8842cbab248c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/chipsec/default.nix @@ -0,0 +1,80 @@ +{ lib +, stdenv +, fetchFromGitHub +, kernel ? null +, libelf +, nasm +, python3 +, withDriver ? false +}: + +python3.pkgs.buildPythonApplication rec { + pname = "chipsec"; + version = "1.10.6"; + + disabled = !stdenv.isLinux; + + src = fetchFromGitHub { + owner = "chipsec"; + repo = "chipsec"; + rev = version; + hash = "sha256-+pbFG1SmSO/cnt1e+kel7ereC0I1OCJKKsS0KaJDWdc="; + }; + + patches = lib.optionals withDriver [ ./ko-path.diff ./compile-ko.diff ]; + + KSRC = lib.optionalString withDriver "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; + + nativeBuildInputs = [ + libelf + nasm + ] ++ lib.optionals withDriver kernel.moduleBuildDependencies; + + nativeCheckInputs = with python3.pkgs; [ + distro + pytestCheckHook + ]; + + preBuild = lib.optionalString withDriver '' + export CHIPSEC_BUILD_LIB=$(mktemp -d) + mkdir -p $CHIPSEC_BUILD_LIB/chipsec/helper/linux + ''; + + env.NIX_CFLAGS_COMPILE = toString [ + # Needed with GCC 12 + "-Wno-error=dangling-pointer" + ]; + + preInstall = lib.optionalString withDriver '' + mkdir -p $out/${python3.pkgs.python.sitePackages}/drivers/linux + mv $CHIPSEC_BUILD_LIB/chipsec/helper/linux/chipsec.ko \ + $out/${python3.pkgs.python.sitePackages}/drivers/linux/chipsec.ko + ''; + + setupPyBuildFlags = [ + "--build-lib=$CHIPSEC_BUILD_LIB" + ] ++ lib.optionals (!withDriver) [ + "--skip-driver" + ]; + + pythonImportsCheck = [ + "chipsec" + ]; + + meta = with lib; { + description = "Platform Security Assessment Framework"; + longDescription = '' + CHIPSEC is a framework for analyzing the security of PC platforms + including hardware, system firmware (BIOS/UEFI), and platform components. + It includes a security test suite, tools for accessing various low level + interfaces, and forensic capabilities. It can be run on Windows, Linux, + Mac OS X and UEFI shell. + ''; + license = licenses.gpl2Only; + homepage = "https://github.com/chipsec/chipsec"; + maintainers = with maintainers; [ johnazoidberg erdnaxe ]; + platforms = [ "x86_64-linux" ] ++ lib.optional (!withDriver) "x86_64-darwin"; + # https://github.com/chipsec/chipsec/issues/1793 + broken = withDriver && kernel.kernelOlder "5.4" && kernel.isHardened; + }; +} diff --git a/nixpkgs/pkgs/tools/security/chipsec/ko-path.diff b/nixpkgs/pkgs/tools/security/chipsec/ko-path.diff new file mode 100644 index 000000000000..f7359600a8e6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/chipsec/ko-path.diff @@ -0,0 +1,13 @@ +diff --git a/chipsec/helper/linux/linuxhelper.py b/chipsec/helper/linux/linuxhelper.py +index 2fd65140..f3f26bcb 100644 +--- a/chipsec/helper/linux/linuxhelper.py ++++ b/chipsec/helper/linux/linuxhelper.py +@@ -153,7 +153,7 @@ class LinuxHelper(Helper): + else: + a2 = f'a2=0x{phys_mem_access_prot}' + +- driver_path = os.path.join(chipsec.file.get_main_dir(), "chipsec", "helper", "linux", "chipsec.ko") ++ driver_path = os.path.join(chipsec.file.get_main_dir(), "drivers", "linux", "chipsec.ko") + if not os.path.exists(driver_path): + driver_path += ".xz" + if not os.path.exists(driver_path): diff --git a/nixpkgs/pkgs/tools/security/chkrootkit/default.nix b/nixpkgs/pkgs/tools/security/chkrootkit/default.nix new file mode 100644 index 000000000000..b365fa62f953 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/chkrootkit/default.nix @@ -0,0 +1,36 @@ +{ lib, stdenv, fetchurl, makeWrapper, binutils-unwrapped }: + +stdenv.mkDerivation rec { + pname = "chkrootkit"; + version = "0.55"; + + src = fetchurl { + url = "ftp://ftp.pangeia.com.br/pub/seg/pac/${pname}-${version}.tar.gz"; + sha256 = "sha256-qBwChuxEkxP5U3ASAqAOgbIE/Cz0PieFhaEcEqXgJYs="; + }; + + # TODO: a lazy work-around for linux build failure ... + makeFlags = [ "STATIC=" ]; + + nativeBuildInputs = [ makeWrapper ]; + + postPatch = '' + substituteInPlace chkrootkit \ + --replace " ./" " $out/bin/" + ''; + + installPhase = '' + mkdir -p $out/sbin + cp check_wtmpx chkdirs chklastlog chkproc chkrootkit chkutmp chkwtmp ifpromisc strings-static $out/sbin + + wrapProgram $out/sbin/chkrootkit \ + --prefix PATH : "${lib.makeBinPath [ binutils-unwrapped ]}" + ''; + + meta = with lib; { + description = "Locally checks for signs of a rootkit"; + homepage = "http://www.chkrootkit.org/"; + license = licenses.bsd2; + platforms = with platforms; linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/chntpw/00-chntpw-build-arch-autodetect.patch b/nixpkgs/pkgs/tools/security/chntpw/00-chntpw-build-arch-autodetect.patch new file mode 100644 index 000000000000..cd130affa6c4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/chntpw/00-chntpw-build-arch-autodetect.patch @@ -0,0 +1,28 @@ +--- chntpw-140201.orig/Makefile 2014-02-01 17:54:37.000000000 +0100 ++++ chntpw-140201/Makefile 2022-04-21 00:14:45.000000000 +0200 +@@ -6,24 +6,7 @@ + # See INSTALL for more info. + # + +-#SSLPATH=/usr/local/ssl +-OSSLPATH=/usr +-OSSLINC=$(OSSLPATH)/include +- +-CC=gcc +- +-# Force 32 bit +-CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall -m32 +-OSSLLIB=$(OSSLPATH)/lib +- +-# 64 bit if default for compiler setup +-#CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall +-#OSSLLIB=$(OSSLPATH)/lib64 +- +- +-# This is to link with whatever we have, SSL crypto lib we put in static +-#LIBS=-L$(OSSLLIB) $(OSSLLIB)/libcrypto.a +-LIBS=-L$(OSSLLIB) ++CFLAGS= -DUSEOPENSSL -g -I. -Wall + + + all: chntpw chntpw.static cpnt reged reged.static samusrgrp samusrgrp.static sampasswd sampasswd.static diff --git a/nixpkgs/pkgs/tools/security/chntpw/01-chntpw-install-target.patch b/nixpkgs/pkgs/tools/security/chntpw/01-chntpw-install-target.patch new file mode 100644 index 000000000000..67c62273aeb6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/chntpw/01-chntpw-install-target.patch @@ -0,0 +1,20 @@ +--- chntpw-140201/Makefile 2022-04-21 00:14:45.000000000 +0200 ++++ chntpw-140201.new/Makefile 2022-04-21 09:15:42.000000000 +0200 +@@ -6,10 +6,16 @@ + # See INSTALL for more info. + # + ++PREFIX ?= /usr ++ + CFLAGS= -DUSEOPENSSL -g -I. -Wall + ++BINARIES := chntpw cpnt reged samusrgrp sampasswd + +-all: chntpw chntpw.static cpnt reged reged.static samusrgrp samusrgrp.static sampasswd sampasswd.static ++all: $(BINARIES) ++install: $(BINARIES) ++ mkdir -p $(PREFIX)/bin ++ cp $^ $(PREFIX)/bin + + chntpw: chntpw.o ntreg.o edlib.o libsam.o + $(CC) $(CFLAGS) -o chntpw chntpw.o ntreg.o edlib.o libsam.o $(LIBS) diff --git a/nixpkgs/pkgs/tools/security/chntpw/default.nix b/nixpkgs/pkgs/tools/security/chntpw/default.nix new file mode 100644 index 000000000000..c4463d16d348 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/chntpw/default.nix @@ -0,0 +1,68 @@ +{ lib, stdenv, fetchurl, unzip, fetchpatch }: + +stdenv.mkDerivation rec { + pname = "chntpw"; + + version = "140201"; + + src = fetchurl { + url = "http://pogostick.net/~pnh/ntpasswd/chntpw-source-${version}.zip"; + sha256 = "1k1cxsj0221dpsqi5yibq2hr7n8xywnicl8yyaicn91y8h2hkqln"; + }; + + nativeBuildInputs = [ unzip ]; + + patches = [ + ./00-chntpw-build-arch-autodetect.patch + ./01-chntpw-install-target.patch + # Import various bug fixes from debian + (fetchpatch { + url = "https://sources.debian.org/data/main/c/chntpw/140201-1/debian/patches/04_get_abs_path"; + sha256 = "17h0gaczqd5b792481synr1ny72frwslb779lm417pyrz6kh9q8n"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/c/chntpw/140201-1/debian/patches/06_correct_test_open_syscall"; + sha256 = "00lg83bimbki988n71w54mmhjp9529r0ngm40d7fdmnc2dlpj3hd"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/c/chntpw/140201-1/debian/patches/07_detect_failure_to_write_key"; + sha256 = "0pk6xnprh2pqyx4n4lw3836z6fqsw3mclkzppl5rhjaahriwxw4l"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/c/chntpw/140201-1/debian/patches/08_no_deref_null"; + sha256 = "1g7pfmjaj0c2sm64s3api2kglj7jbgddjjd3r4drw6phwdkah0zs"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/c/chntpw/140201-1/debian/patches/09_improve_robustness"; + sha256 = "1nszkdy01ixnain7cwdmfbhjngphw1300ifagc1wgl9wvghzviaa"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/c/chntpw/140201-1/debian/patches/11_improve_documentation"; + sha256 = "0yql6hj72q7cq69rrspsjkpiipdhcwb0b9w5j8nhq40cnx9mgqgg"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/c/chntpw/140201-1/debian/patches/12_readonly_filesystem"; + sha256 = "1kxcy7f2pl6fqgmjg8bnl3pl5wgiw5xnbyx12arinmqkkggp4fa4"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/c/chntpw/140201-1/debian/patches/13_write_to_hive"; + sha256 = "1638lcyxjkrkmbr3n28byixny0qrxvkciw1xd97x48mj6bnwqrkv"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/c/chntpw/140201-1/debian/patches/14_improve_description"; + sha256 = "11y5kc4dh4zv24nkb0jw2zwlifx6nzsd4jbizn63l6dbpqgb25rs"; + }) + ]; + + installPhase = '' + make install PREFIX=$out + ''; + + meta = with lib; { + homepage = "http://pogostick.net/~pnh/ntpasswd/"; + description = "An utility to reset the password of any user that has a valid local account on a Windows system"; + maintainers = with lib.maintainers; [ deepfire ]; + license = licenses.gpl2; + platforms = lib.platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/chopchop/default.nix b/nixpkgs/pkgs/tools/security/chopchop/default.nix new file mode 100644 index 000000000000..fc7bd0326fd4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/chopchop/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "chopchop"; + version = "1.0.0"; + + src = fetchFromGitHub { + owner = "michelin"; + repo = "ChopChop"; + rev = "v${version}"; + hash = "sha256-qSBQdcS6d0tctSHRbkY4T7s6Zj7xI2abaPUvNKh1M2E="; + }; + + vendorHash = "sha256-UxWARWOFp8AYKEdiJwRZNwFrphgMTJSZjnvktTNOsgU="; + + meta = with lib; { + description = "CLI to search for sensitive services/files/folders"; + homepage = "https://github.com/michelin/ChopChop"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/chrome-token-signing/default.nix b/nixpkgs/pkgs/tools/security/chrome-token-signing/default.nix new file mode 100644 index 000000000000..8081c7ef6eb5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/chrome-token-signing/default.nix @@ -0,0 +1,39 @@ +{ lib, mkDerivation, fetchFromGitHub, qmake, pcsclite, pkg-config, opensc }: + +mkDerivation rec { + pname = "chrome-token-signing"; + version = "1.1.5"; + + src = fetchFromGitHub { + owner = "open-eid"; + repo = "chrome-token-signing"; + rev = "v${version}"; + sha256 = "sha256-wKy/RVR7jx5AkMJgHXsuV+jlzyfH5nDRggcIUgh2ML4="; + }; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ qmake pcsclite ]; + dontUseQmakeConfigure = true; + + patchPhase = '' + substituteInPlace host-linux/ee.ria.esteid.json --replace /usr $out + # TODO: macos + substituteInPlace host-shared/PKCS11Path.cpp \ + --replace opensc-pkcs11.so ${opensc}/lib/pkcs11/opensc-pkcs11.so + ''; + + installPhase = '' + install -D -t $out/bin host-linux/chrome-token-signing + # TODO: wire these up + install -D -t $out/etc/chromium/native-messaging-hosts host-linux/ee.ria.esteid.json + install -D -t $out/lib/mozilla/native-messaging-hosts host-linux/ff/ee.ria.esteid.json + ''; + + meta = with lib; { + description = "Chrome and Firefox extension for signing with your eID on the web"; + homepage = "https://github.com/open-eid/chrome-token-signing/wiki"; + license = licenses.lgpl21; + maintainers = [ maintainers.mmahut ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cie-middleware-linux/default.nix b/nixpkgs/pkgs/tools/security/cie-middleware-linux/default.nix new file mode 100644 index 000000000000..7af3e9240f1e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cie-middleware-linux/default.nix @@ -0,0 +1,174 @@ +{ stdenv +, lib +, fetchFromGitHub +, makeWrapper +, strip-nondeterminism +, meson +, ninja +, pkg-config +, gradle_7 +, curl +, cryptopp +, fontconfig +, jre +, libxml2 +, openssl +, pcsclite +, podofo +, ghostscript +}: + +let + pname = "cie-middleware-linux"; + version = "1.4.4.0"; + + src = fetchFromGitHub { + owner = "M0rf30"; + repo = pname; + rev = "${version}-podofo"; + sha256 = "sha256-Kyr9OTiY6roJ/wVJS/1aWfrrzDNQbuRTJQqo0akbMUU="; + }; + + gradle = gradle_7; + + # Shared libraries needed by the Java application + libraries = lib.makeLibraryPath [ ghostscript ]; + + # Fixed-output derivation that fetches the Java dependencies + javaDeps = stdenv.mkDerivation { + pname = "cie-java-deps"; + inherit src version; + + nativeBuildInputs = [ gradle ]; + + buildPhase = '' + # Run the fetchDeps task + export GRADLE_USER_HOME=$(mktemp -d) + gradle --no-daemon -b cie-java/build.gradle fetchDeps + ''; + + installPhase = '' + # Build a tree compatible with the maven repository format + pushd "$GRADLE_USER_HOME/caches/modules-2/files-2.1" + find -type f | awk -F/ -v OFS=/ -v out="$out" '{ + infile = $0 + gsub(/\./, "/", $2) + system("install -m644 -D "infile" "out"/"$2"/"$3"/"$4"/"$6) + }' + popd + ''; + + outputHashAlgo = "sha256"; + outputHashMode = "recursive"; + outputHash = "sha256-WzT5vYF9yCMU2A7EkLZyjgWrN3gD7pnkPXc3hDFqpD8="; + }; + +in + +stdenv.mkDerivation { + inherit pname src version; + + hardeningDisable = [ "format" ]; + + outputs = [ "out" "dev" ]; + + nativeBuildInputs = [ + makeWrapper + meson + ninja + pkg-config + gradle + strip-nondeterminism + ]; + + buildInputs = [ + cryptopp + fontconfig + podofo + openssl + pcsclite + curl + libxml2 + ]; + + postPatch = '' + # substitute the cieid command with this $out/bin/cieid + substituteInPlace libs/pkcs11/src/CSP/AbilitaCIE.cpp \ + --replace 'file = "cieid"' 'file = "'$out'/bin/cieid"' + ''; + + # Note: we use pushd/popd to juggle between the + # libraries and the Java application builds. + preConfigure = "pushd libs"; + + postBuild = '' + popd + + # Use the packages in javaDeps for both plugins and dependencies + localRepo="maven { url uri('${javaDeps}') }" + sed -i cie-java/settings.gradle -e "1i \ + pluginManagement { repositories { $localRepo } }" + substituteInPlace cie-java/build.gradle \ + --replace 'mavenCentral()' "$localRepo" + + # Build the Java application + export GRADLE_USER_HOME=$(mktemp -d) + gradle standalone \ + --no-daemon \ + --offline \ + --parallel \ + --info -Dorg.gradle.java.home=${jre} \ + --build-file cie-java/build.gradle + + pushd libs/build + ''; + + postInstall = '' + popd + + # Install the Java application + install -Dm755 cie-java/build/libs/CIEID-standalone.jar \ + "$out/share/cieid/cieid.jar" + + # Create a wrapper + mkdir -p "$out/bin" + makeWrapper "${jre}/bin/java" "$out/bin/cieid" \ + --add-flags "-Djna.library.path='$out/lib:${libraries}'" \ + --add-flags '-Dawt.useSystemAAFontSettings=on' \ + --add-flags "-cp $out/share/cieid/cieid.jar" \ + --add-flags "it.ipzs.cieid.MainApplication" + + # Install other files + install -Dm644 data/cieid.desktop "$out/share/applications/cieid.desktop" + install -Dm755 data/logo.png "$out/share/pixmaps/cieid.png" + install -Dm644 LICENSE "$out/share/licenses/cieid/LICENSE" + ''; + + postFixup = '' + # Move static libraries to the dev output + mv -t "$dev/lib" "$out/lib/"*.a + + # Make the jar deterministic (mainly, sorting its files) + strip-nondeterminism "$out/share/cieid/cieid.jar" + ''; + + passthru = { inherit javaDeps; }; + + meta = with lib; { + homepage = "https://github.com/M0Rf30/cie-middleware-linux"; + description = "Middleware for the Italian Electronic Identity Card (CIE)"; + longDescription = '' + Software for the usage of the Italian Electronic Identity Card (CIE). + Access to PA services, signing and verification of documents + + Warning: this is an unofficial fork because the original software, as + distributed by the Italian government, is essentially lacking a build + system and is in violation of the license of the PoDoFo library. + ''; + license = licenses.bsd3; + platforms = platforms.unix; + # Note: fails due to a lot of broken type conversions + badPlatforms = platforms.darwin; + maintainers = with maintainers; [ rnhmjoj ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cirrusgo/default.nix b/nixpkgs/pkgs/tools/security/cirrusgo/default.nix new file mode 100644 index 000000000000..61c8e6b8b28f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cirrusgo/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "cirrusgo"; + version = "0.1.0"; + + src = fetchFromGitHub { + owner = "Ph33rr"; + repo = pname; + rev = "v${version}"; + hash = "sha256-FYI/Ldu91YB/4wCiVADeYxYQOeBGro1msY5VXsnixw4="; + }; + + vendorHash = "sha256-KCf2KQ8u+nX/+zMGZ6unWb/Vz6zPNkKtMioFo1FlnVI="; + + meta = with lib; { + description = "Tool to scan SAAS and PAAS applications"; + homepage = "https://github.com/Ph33rr/cirrusgo"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/clairvoyance/default.nix b/nixpkgs/pkgs/tools/security/clairvoyance/default.nix new file mode 100644 index 000000000000..ba88338347fc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/clairvoyance/default.nix @@ -0,0 +1,53 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "clairvoyance"; + version = "2.5.3"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "nikitastupin"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-CVXa2HvX7M0cwqnTeZVETg07j324ATQuMNreEgAC2QA="; + }; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + aiohttp + rich + ]; + + nativeCheckInputs = with python3.pkgs; [ + aiounittest + pytestCheckHook + ]; + + postPatch = '' + substituteInPlace pyproject.toml \ + --replace 'asyncio = "^3.4.3"' "" + ''; + + pythonImportsCheck = [ + "clairvoyance" + ]; + + disabledTests = [ + # KeyError + "test_probe_typename" + ]; + + meta = with lib; { + description = "Tool to obtain GraphQL API schemas"; + homepage = "https://github.com/nikitastupin/clairvoyance"; + changelog = "https://github.com/nikitastupin/clairvoyance/releases/tag/v${version}"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/clamav/default.nix b/nixpkgs/pkgs/tools/security/clamav/default.nix new file mode 100644 index 000000000000..2188cf99a3c9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/clamav/default.nix @@ -0,0 +1,43 @@ +{ lib, stdenv, fetchurl, pkg-config, cmake +, zlib, bzip2, libiconv, libxml2, openssl, ncurses, curl, libmilter, pcre2 +, libmspack, systemd, Foundation, json_c, check +, rustc, rust-bindgen, rustfmt, cargo, python3 +}: + +stdenv.mkDerivation rec { + pname = "clamav"; + version = "1.2.0"; + + src = fetchurl { + url = "https://www.clamav.net/downloads/production/${pname}-${version}.tar.gz"; + hash = "sha256-l6GS3/4UFIC1bKvxBj15qfxVzVkgMkH6Qb/HqYpUgCA="; + }; + + patches = [ + # Flaky test, remove this when https://github.com/Cisco-Talos/clamav/issues/343 is fixed + ./remove-freshclam-test.patch + ./sample-cofiguration-file-install-location.patch + ]; + + enableParallelBuilding = true; + nativeBuildInputs = [ cmake pkg-config rustc rust-bindgen rustfmt cargo python3 ]; + buildInputs = [ + zlib bzip2 libxml2 openssl ncurses curl libiconv libmilter pcre2 libmspack json_c check + ] ++ lib.optional stdenv.isLinux systemd + ++ lib.optional stdenv.isDarwin Foundation; + + cmakeFlags = [ + "-DSYSTEMD_UNIT_DIR=${placeholder "out"}/lib/systemd" + "-DAPP_CONFIG_DIRECTORY=/etc/clamav" + ]; + + doCheck = true; + + meta = with lib; { + homepage = "https://www.clamav.net"; + description = "Antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats"; + license = licenses.gpl2; + maintainers = with maintainers; [ robberer qknight globin ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/clamav/remove-freshclam-test.patch b/nixpkgs/pkgs/tools/security/clamav/remove-freshclam-test.patch new file mode 100644 index 000000000000..93078b52aaad --- /dev/null +++ b/nixpkgs/pkgs/tools/security/clamav/remove-freshclam-test.patch @@ -0,0 +1,20 @@ +diff --git a/unit_tests/CMakeLists.txt b/unit_tests/CMakeLists.txt +index 1460357ba..1194abc9d 100644 +--- a/unit_tests/CMakeLists.txt ++++ b/unit_tests/CMakeLists.txt +@@ -371,15 +371,6 @@ if(ENABLE_APP) + set_property(TEST clamd_valgrind PROPERTY ENVIRONMENT ${ENVIRONMENT} VALGRIND=${Valgrind_EXECUTABLE}) + endif() + +- add_test(NAME freshclam COMMAND ${PythonTest_COMMAND};freshclam_test.py +- WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}) +- set_property(TEST freshclam PROPERTY ENVIRONMENT ${ENVIRONMENT}) +- if(Valgrind_FOUND) +- add_test(NAME freshclam_valgrind COMMAND ${PythonTest_COMMAND};freshclam_test.py +- WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}) +- set_property(TEST freshclam_valgrind PROPERTY ENVIRONMENT ${ENVIRONMENT} VALGRIND=${Valgrind_EXECUTABLE}) +- endif() +- + add_test(NAME sigtool COMMAND ${PythonTest_COMMAND};sigtool_test.py + WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}) + set_property(TEST sigtool PROPERTY ENVIRONMENT ${ENVIRONMENT}) diff --git a/nixpkgs/pkgs/tools/security/clamav/sample-cofiguration-file-install-location.patch b/nixpkgs/pkgs/tools/security/clamav/sample-cofiguration-file-install-location.patch new file mode 100644 index 000000000000..46444627dd38 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/clamav/sample-cofiguration-file-install-location.patch @@ -0,0 +1,29 @@ +diff --git a/etc/CMakeLists.txt b/etc/CMakeLists.txt +index 826fff1..3cefc34 100644 +--- a/etc/CMakeLists.txt ++++ b/etc/CMakeLists.txt +@@ -6,14 +6,14 @@ install( + FILES + ${CMAKE_CURRENT_SOURCE_DIR}/clamd.conf.sample + DESTINATION +- ${APP_CONFIG_DIRECTORY} ++ ${CMAKE_INSTALL_PREFIX}/${APP_CONFIG_DIRECTORY} + COMPONENT programs) + + install( + FILES + ${CMAKE_CURRENT_SOURCE_DIR}/freshclam.conf.sample + DESTINATION +- ${APP_CONFIG_DIRECTORY} ++ ${CMAKE_INSTALL_PREFIX}/${APP_CONFIG_DIRECTORY} + COMPONENT programs) + + if(ENABLE_MILTER) +@@ -21,6 +21,6 @@ if(ENABLE_MILTER) + FILES + ${CMAKE_CURRENT_SOURCE_DIR}/clamav-milter.conf.sample + DESTINATION +- ${APP_CONFIG_DIRECTORY} ++ ${CMAKE_INSTALL_PREFIX}/${APP_CONFIG_DIRECTORY} + COMPONENT programs) + endif() diff --git a/nixpkgs/pkgs/tools/security/clevis/default.nix b/nixpkgs/pkgs/tools/security/clevis/default.nix new file mode 100644 index 000000000000..0498f0599052 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/clevis/default.nix @@ -0,0 +1,75 @@ +{ lib +, stdenv +, asciidoc +, coreutils +, cryptsetup +, curl +, fetchFromGitHub +, gnugrep +, gnused +, jansson +, jose +, libpwquality +, luksmeta +, makeWrapper +, meson +, ninja +, pkg-config +, tpm2-tools +}: + +stdenv.mkDerivation rec { + pname = "clevis"; + version = "19"; + + src = fetchFromGitHub { + owner = "latchset"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-3J3ti/jRiv+p3eVvJD7u0ko28rPd8Gte0mCJaVaqyOs="; + }; + + postPatch = '' + for f in $(find src/ -type f); do + grep -q "/bin/cat" "$f" && substituteInPlace "$f" \ + --replace '/bin/cat' '${coreutils}/bin/cat' || true + done + ''; + + postInstall = '' + # We wrap the main clevis binary entrypoint but not the sub-binaries. + wrapProgram $out/bin/clevis \ + --prefix PATH ':' "${lib.makeBinPath [tpm2-tools jose cryptsetup libpwquality luksmeta gnugrep gnused coreutils]}:${placeholder "out"}/bin" + ''; + + nativeBuildInputs = [ + asciidoc + makeWrapper + meson + ninja + pkg-config + ]; + + buildInputs = [ + cryptsetup + curl + jansson + jose + libpwquality + luksmeta + tpm2-tools + ]; + + outputs = [ + "out" + "man" + ]; + + meta = with lib; { + description = "Automated Encryption Framework"; + homepage = "https://github.com/latchset/clevis"; + changelog = "https://github.com/latchset/clevis/releases/tag/v${version}"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cliam/default.nix b/nixpkgs/pkgs/tools/security/cliam/default.nix new file mode 100644 index 000000000000..400cf8b7e7c5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cliam/default.nix @@ -0,0 +1,48 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles +}: + +buildGoModule rec { + pname = "cliam"; + version = "2.2.0"; + + src = fetchFromGitHub { + owner = "securisec"; + repo = pname; + rev = version; + hash = "sha256-59nPoH0+k1umMwFg95hQHOr/SRGKqr1URFG7xtVRiTs="; + }; + + vendorHash = "sha256-Tcz8W/PX+9WE+0iFVhqHuElJI7qWD+AdwOKdTc7FQTE="; + + nativeBuildInputs = [ + installShellFiles + ]; + + ldflags = [ + "-s" + "-w" + "-X github.com/securisec/cliam/cli/version.Version=${version}" + ]; + + postBuild = '' + # should be called cliam + mv $GOPATH/bin/{cli,cliam} + ''; + + postInstall = '' + installShellCompletion --cmd cliam \ + --bash <($out/bin/cliam completion bash) \ + --fish <($out/bin/cliam completion fish) \ + --zsh <($out/bin/cliam completion zsh) + ''; + + meta = with lib; { + description = "Cloud agnostic IAM permissions enumerator"; + homepage = "https://github.com/securisec/cliam"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cloudbrute/default.nix b/nixpkgs/pkgs/tools/security/cloudbrute/default.nix new file mode 100644 index 000000000000..677c14021509 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cloudbrute/default.nix @@ -0,0 +1,30 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "cloudbrute"; + version = "1.0.7"; + + src = fetchFromGitHub { + owner = "0xsha"; + repo = "CloudBrute"; + rev = "v${version}"; + hash = "sha256-L233VdQolSPDPDXQALLvF5seb3peHiLRiZuj2RqdaRU="; + }; + + vendorHash = "sha256-SRk5kEUVmY3IJSB/XwchqWGnaXLQUoisx6KlVzMHdjg="; + + meta = with lib; { + description = "Cloud enumeration tool"; + longDescription = '' + A tool to find a company (target) infrastructure, files, and apps on + the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, + Alibaba, Vultr, Linode). + ''; + homepage = "https://github.com/0xsha/CloudBrute"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cloudfox/default.nix b/nixpkgs/pkgs/tools/security/cloudfox/default.nix new file mode 100644 index 000000000000..df34f3e18bf7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cloudfox/default.nix @@ -0,0 +1,29 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "cloudfox"; + version = "1.12.2"; + + src = fetchFromGitHub { + owner = "BishopFox"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-r9YIJ+PRUA1stKTL39+/T+m1WMkocpjfzG8Y9knnFU4="; + }; + + vendorHash = "sha256-nSisRurpareGI4EHENayMhsYOKL1hE1wVw2Ueiqii4U="; + + # Some tests are failing because of wrong filename/path + doCheck = false; + + meta = with lib; { + description = "Tool for situational awareness of cloud penetration tests"; + homepage = "https://github.com/BishopFox/cloudfox"; + changelog = "https://github.com/BishopFox/cloudfox/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cloudhunter/default.nix b/nixpkgs/pkgs/tools/security/cloudhunter/default.nix new file mode 100644 index 000000000000..109bd5a9df7a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cloudhunter/default.nix @@ -0,0 +1,51 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "cloudhunter"; + version = "0.7.0"; + format = "other"; + + src = fetchFromGitHub { + owner = "belane"; + repo = "CloudHunter"; + rev = "refs/tags/v${version}"; + hash = "sha256-yRl3x1dboOcoPeKxpUEhDk8OJx1hynEJRHL9/Su8OyA="; + }; + + postPatch = '' + substituteInPlace cloudhunter.py \ + --replace "'permutations.txt'" "'$out/share/permutations.txt'" \ + --replace "'resolvers.txt'" "'$out/share/resolvers.txt'" + ''; + + propagatedBuildInputs = with python3.pkgs; [ + beautifulsoup4 + dnspython + requests + tldextract + urllib3 + xmltodict + ]; + + installPhase = '' + runHook preInstall + install -vD cloudhunter.py $out/bin/cloudhunter + install -vD permutations-big.txt permutations.txt resolvers.txt -t $out/share + install -vd $out/${python3.sitePackages}/ + runHook postInstall + ''; + + # Project has no tests + doCheck = false; + + meta = with lib; { + description = "Cloud bucket scanner"; + homepage = "https://github.com/belane/CloudHunter"; + changelog = "https://github.com/belane/CloudHunter/releases/tag/v${version}"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cloudlist/default.nix b/nixpkgs/pkgs/tools/security/cloudlist/default.nix new file mode 100644 index 000000000000..b3e13d1691e8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cloudlist/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "cloudlist"; + version = "1.0.4"; + + src = fetchFromGitHub { + owner = "projectdiscovery"; + repo = pname; + rev = "refs/tags/v${version}"; + sha256 = "sha256-m0b7gtbI9i1tD8HduEAF+Mo2UpI4gqldEO8q4u+Wo3E="; + }; + + vendorHash = "sha256-GHQnI4T6y/p+BlQyrNJmIaSek0sC1J3UwcuvDQH5gCI="; + + meta = with lib; { + description = "Tool for listing assets from multiple cloud providers"; + homepage = "https://github.com/projectdiscovery/cloudlist"; + changelog = "https://github.com/projectdiscovery/cloudlist/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cmospwd/default.nix b/nixpkgs/pkgs/tools/security/cmospwd/default.nix new file mode 100644 index 000000000000..fa04ac652074 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cmospwd/default.nix @@ -0,0 +1,37 @@ +{ lib +, fetchurl +, stdenv +}: + +stdenv.mkDerivation (finalAttrs: { + pname = "cmospwd"; + version = "5.1"; + + src = fetchurl { + url = "https://www.cgsecurity.org/cmospwd-${finalAttrs.version}.tar.bz2"; + hash = "sha256-8pbSl5eUsKa3JrgK/JLk0FnGXcJhKksJN3wWiDPYYvQ="; + }; + + preConfigure = '' + cd src + + # It already contains compiled executable (that doesn't work), so make + # will refuse to build if it's still there + rm cmospwd + ''; + + # There is no install make target + installPhase = '' + runHook preInstall + install -Dm0755 cmospwd -t "$out/bin" + runHook postInstall + ''; + + meta = with lib; { + description = "Decrypt password stored in cmos used to access BIOS SETUP"; + homepage = "https://www.cgsecurity.org/wiki/CmosPwd"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ t4ccer ]; + platforms = platforms.linux; + }; +}) diff --git a/nixpkgs/pkgs/tools/security/cnspec/default.nix b/nixpkgs/pkgs/tools/security/cnspec/default.nix new file mode 100644 index 000000000000..bcfadcc4da71 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cnspec/default.nix @@ -0,0 +1,37 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "cnspec"; + version = "9.2.3"; + + src = fetchFromGitHub { + owner = "mondoohq"; + repo = "cnspec"; + rev = "refs/tags/v${version}"; + hash = "sha256-gCKmaioBko4UsfhPBcpVxHC7knhZGZU54HZFu/rHIbw="; + }; + + proxyVendor = true; + vendorHash = "sha256-YN1y+K/9EdZ7RlZRVWK/HEppZv/dX6XrkaqIlZVoC8c="; + + subPackages = [ + "apps/cnspec" + ]; + + ldflags = [ + "-s" + "-w" + "-X=go.mondoo.com/cnspec.Version=${version}" + ]; + + meta = with lib; { + description = "An open source, cloud-native security and policy project"; + homepage = "https://github.com/mondoohq/cnspec"; + changelog = "https://github.com/mondoohq/cnspec/releases/tag/v${version}"; + license = licenses.mpl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/coercer/default.nix b/nixpkgs/pkgs/tools/security/coercer/default.nix new file mode 100644 index 000000000000..3d1e6cb46963 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/coercer/default.nix @@ -0,0 +1,42 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "coercer"; + version = "1.6"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "p0dalirius"; + repo = "Coercer"; + rev = "refs/tags/${version}"; + hash = "sha256-xftYnwu6uUTvJTZU9E7wvdgBxqa8xy83K5GOlgNSCvc="; + }; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + impacket + ]; + + pythonImportsCheck = [ + "coercer" + ]; + + # this file runs into issues on case-insensitive filesystems + # ValueError: Both <...>/coercer and <...>/coercer.py exist + postPatch = '' + rm Coercer.py + ''; + + meta = with lib; { + description = "Tool to automatically coerce a Windows server"; + homepage = "https://github.com/p0dalirius/Coercer"; + license = with licenses; [ gpl2Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/commix/default.nix b/nixpkgs/pkgs/tools/security/commix/default.nix new file mode 100644 index 000000000000..94290619f0f3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/commix/default.nix @@ -0,0 +1,34 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "commix"; + version = "3.8"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "commixproject"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-S/2KzZb3YUF0VJharWV/+7IG+r1EnB2sOveMpd1ryEI="; + }; + + postInstall = '' + # Helper files are not handled by setup.py + mkdir -p $out/${python3.sitePackages}/src/txt + install -vD src/txt/* $out/${python3.sitePackages}/src/txt/ + ''; + + # Project has no tests + doCheck = false; + + meta = with lib; { + description = "Automated Command Injection Exploitation Tool"; + homepage = "https://github.com/commixproject/commix"; + changelog = "https://github.com/commixproject/commix/releases/tag/v${version}"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cosign/default.nix b/nixpkgs/pkgs/tools/security/cosign/default.nix new file mode 100644 index 000000000000..c08a8cf1dd17 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cosign/default.nix @@ -0,0 +1,77 @@ +{ stdenv +, lib +, buildGoModule +, fetchFromGitHub +, pcsclite +, pkg-config +, installShellFiles +, PCSC +, pivKeySupport ? true +, pkcs11Support ? true +, testers +, cosign +}: +buildGoModule rec { + pname = "cosign"; + version = "2.2.0"; + + src = fetchFromGitHub { + owner = "sigstore"; + repo = pname; + rev = "v${version}"; + hash = "sha256-VE/rm85KZs3JWMsidIlUGJ9JrtZ4VBI+Go1yujq7z1s="; + }; + + buildInputs = + lib.optional (stdenv.isLinux && pivKeySupport) (lib.getDev pcsclite) + ++ lib.optionals (stdenv.isDarwin && pivKeySupport) [ PCSC ]; + + nativeBuildInputs = [ pkg-config installShellFiles ]; + + vendorHash = "sha256-mpT4/BS/NofMueBbwhh4v6pNEONEpWM9RDKuYZ+9BtA="; + + subPackages = [ + "cmd/cosign" + ]; + + tags = [ ] ++ lib.optionals pivKeySupport [ "pivkey" ] ++ lib.optionals pkcs11Support [ "pkcs11key" ]; + + ldflags = [ + "-s" + "-w" + "-X sigs.k8s.io/release-utils/version.gitVersion=v${version}" + "-X sigs.k8s.io/release-utils/version.gitTreeState=clean" + ]; + + __darwinAllowLocalNetworking = true; + + preCheck = '' + # test all paths + unset subPackages + + rm pkg/cosign/ctlog_test.go # Require network access + rm pkg/cosign/tlog_test.go # Require network access + rm cmd/cosign/cli/verify/verify_blob_attestation_test.go # Require network access + ''; + + postInstall = '' + installShellCompletion --cmd cosign \ + --bash <($out/bin/cosign completion bash) \ + --fish <($out/bin/cosign completion fish) \ + --zsh <($out/bin/cosign completion zsh) + ''; + + passthru.tests.version = testers.testVersion { + package = cosign; + command = "cosign version"; + version = "v${version}"; + }; + + meta = with lib; { + homepage = "https://github.com/sigstore/cosign"; + changelog = "https://github.com/sigstore/cosign/releases/tag/v${version}"; + description = "Container Signing CLI with support for ephemeral keys and Sigstore signing"; + license = licenses.asl20; + maintainers = with maintainers; [ lesuisse jk developer-guy ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cowpatty/default.nix b/nixpkgs/pkgs/tools/security/cowpatty/default.nix new file mode 100644 index 000000000000..2c6e0cfa414f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cowpatty/default.nix @@ -0,0 +1,61 @@ +{ lib +, stdenv +, clang +, fetchFromGitHub +, fetchpatch +, installShellFiles +, openssl +, libpcap +}: + +stdenv.mkDerivation rec { + pname = "cowpatty"; + version = "4.8"; + + src = fetchFromGitHub { + owner = "joswr1ght"; + repo = pname; + rev = version; + sha256 = "0fvwwghhd7wsx0lw2dj9rdsjnirawnq3c6silzvhi0yfnzn5fs0s"; + }; + + patches = [ + # Pull upstream fix for parallel builds: + # https://github.com/joswr1ght/cowpatty/pull/5 + (fetchpatch { + name = "fix-parallel.patch"; + url = "https://github.com/joswr1ght/cowpatty/commit/9c8cc09c4fa90aebee44afcd0ad6a35539178478.patch"; + hash = "sha256-k0Qht80HcjvPoxVPF6wAXwxN3d2mxBrEyeFGuU7w9eA="; + }) + ]; + + nativeBuildInputs = [ + clang + installShellFiles + ]; + + buildInputs = [ + openssl + libpcap + ]; + + enableParallelBuilding = true; + + makeFlags = [ + "DESTDIR=$(out)" + "BINDIR=/bin" + ]; + + postInstall = '' + installManPage cowpatty.1 + installManPage genpmk.1 + ''; + + meta = with lib; { + description = "Offline dictionary attack against WPA/WPA2 networks"; + homepage = "https://github.com/joswr1ght/cowpatty"; + license = licenses.bsd3; + maintainers = with maintainers; [ nico202 fab ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/coze/default.nix b/nixpkgs/pkgs/tools/security/coze/default.nix new file mode 100644 index 000000000000..03da09c19e91 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/coze/default.nix @@ -0,0 +1,26 @@ +{ lib, fetchFromGitHub, buildGoModule }: + +buildGoModule rec { + pname = "coze"; + version = "0.0.3"; + + src = fetchFromGitHub { + owner = "Cyphrme"; + repo = "Coze_cli"; + rev = "v${version}"; + hash = "sha256-/Cznx5Q0a9vVrC4oAoBmAkejT1505AQzzCW/wi3itv4="; + }; + + vendorHash = "sha256-MdU6fls9jQ51uCa+nB8RF8XDoZ3XgGowUGcSOAK/k+4="; + + postInstall = '' + mv $out/bin/coze_cli $out/bin/coze + ''; + + meta = with lib; { + description = "CLI client for Coze, a cryptographic JSON messaging specification."; + homepage = "https://github.com/Cyphrme/coze_cli"; + license = with licenses; [ bsd3 ]; + maintainers = with maintainers; [ qbit ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/crackmapexec/default.nix b/nixpkgs/pkgs/tools/security/crackmapexec/default.nix new file mode 100644 index 000000000000..85b987d78c7c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/crackmapexec/default.nix @@ -0,0 +1,66 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "crackmapexec"; + version = "5.4.0"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "Porchetta-Industries"; + repo = "CrackMapExec"; + rev = "refs/tags/v${version}"; + hash = "sha256-V2n840QyLofTfQE4vtFYGfQwl65sklp+KfNS9RCLvI8="; + }; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + pythonRelaxDepsHook + ]; + + propagatedBuildInputs = with python3.pkgs; [ + aioconsole + aardwolf + beautifulsoup4 + dsinternals + impacket + lsassy + masky + msgpack + neo4j + paramiko + pylnk3 + pypsrp + pywerview + requests + requests_ntlm + termcolor + terminaltables + xmltodict + ]; + + postPatch = '' + substituteInPlace pyproject.toml \ + --replace '{ git = "https://github.com/mpgn/impacket.git", branch = "master" }' '"x"' + ''; + + pythonRelaxDeps = true; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "cme" + ]; + + meta = with lib; { + description = "Tool for pentesting networks"; + homepage = "https://github.com/Porchetta-Industries/CrackMapExec"; + changelog = "https://github.com/Porchetta-Industries/CrackMapExec/releases/tag/v${version}"; + license = with licenses; [ bsd2 ]; + maintainers = with maintainers; [ fab ]; + mainProgram = "cme"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/crackql/default.nix b/nixpkgs/pkgs/tools/security/crackql/default.nix new file mode 100644 index 000000000000..ab78f177fd7c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/crackql/default.nix @@ -0,0 +1,37 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "crackql"; + version = "unstable-20220821"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "nicholasaleks"; + repo = "CrackQL"; + # rev = "refs/tags/${version}"; + # Switch to tag with the next update + rev = "5bcf92f4520a4dd036baf9f47c5ebbf18e6a032a"; + hash = "sha256-XlHbGkwdOV1nobjtQP/M3IIEuzXHBuwf52EsXf3MWoM="; + }; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + requests + graphql-core + jinja2 + typing-extensions + ]; + + meta = with lib; { + description = "GraphQL password brute-force and fuzzing utility"; + homepage = "https://github.com/nicholasaleks/CrackQL"; + license = with licenses; [ bsd3 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/crackxls/default.nix b/nixpkgs/pkgs/tools/security/crackxls/default.nix new file mode 100644 index 000000000000..f3c1745321eb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/crackxls/default.nix @@ -0,0 +1,43 @@ +{ lib, stdenv, fetchFromGitHub, fetchpatch, pkg-config, autoconf, automake, openssl, libgsf, gmp }: + +stdenv.mkDerivation rec { + + pname = "crackxls"; + version = "0.4"; + + src = fetchFromGitHub { + owner = "GavinSmith0123"; + repo = "crackxls2003"; + rev = "v${version}"; + sha256 = "0q5jl7hcds3f0rhly3iy4fhhbyh9cdrfaw7zdrazzf1wswwhyssz"; + }; + + patches = [ + # Pull patch pending upstream inclusion for -fno-common support: + # https://github.com/GavinSmith0123/crackxls2003/pull/3 + (fetchpatch { + name = "fno-common.patch"; + url = "https://github.com/GavinSmith0123/crackxls2003/commit/613d6c1844f76c7b67671aaa265375fed56c2a56.patch"; + sha256 = "1pk67x67d9wji576mc57z5bzqlf9ygvn9m1z47w12mad7qmj9h1n"; + }) + ]; + + nativeBuildInputs = [ pkg-config autoconf automake ]; + buildInputs = [ openssl libgsf gmp ]; + + # Avoid "-O5 -march=native" + makeFlags = [ "OPTIM_FLAGS=" ]; + + installPhase = + '' + mkdir -p $out/bin + cp crackxls2003 $out/bin/ + ''; + + meta = with lib; { + homepage = "https://github.com/GavinSmith0123/crackxls2003/"; + description = "Used to break the encryption on old Microsoft Excel and Microsoft Word files"; + platforms = platforms.linux; + license = licenses.gpl3; + }; +} diff --git a/nixpkgs/pkgs/tools/security/credential-detector/default.nix b/nixpkgs/pkgs/tools/security/credential-detector/default.nix new file mode 100644 index 000000000000..fd3e40b6536c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/credential-detector/default.nix @@ -0,0 +1,27 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "credential-detector"; + version = "1.14.3"; + + src = fetchFromGitHub { + owner = "ynori7"; + repo = pname; + rev = "v${version}"; + hash = "sha256-20ySTLpjTc1X0iJsbzbeLmWF0xYzzREGOqEWrB2X1GQ="; + }; + + vendorHash = "sha256-VWmfATUbfnI3eJbFTUp6MR1wGESuI15PHZWuon5M5rg="; + + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + description = "Tool to detect potentially hard-coded credentials"; + homepage = "https://github.com/ynori7/credential-detector"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/creds/default.nix b/nixpkgs/pkgs/tools/security/creds/default.nix new file mode 100644 index 000000000000..9f218f89bdd9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/creds/default.nix @@ -0,0 +1,43 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "creds"; + version = "0.5"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "ihebski"; + repo = "DefaultCreds-cheat-sheet"; + rev = "refs/tags/creds-${version}"; + hash = "sha256-s9ja2geFTnul7vUlGI4Am+IG3C0igICf0whnyd3SHdQ="; + }; + + postPatch = '' + substituteInPlace requirements.txt \ + --replace "tinydb==4.3" "tinydb" \ + --replace "pathlib" "" + substituteInPlace creds \ + --replace "pathlib.Path(__file__).parent" "pathlib.Path.home()" + ''; + + propagatedBuildInputs = with python3.pkgs; [ + fire + prettytable + requests + tinydb + ]; + + # Project has no tests + doCheck = false; + + meta = with lib; { + description = "Tool to search a collection of default credentials"; + homepage = "https://github.com/ihebski/DefaultCreds-cheat-sheet"; + changelog = "https://github.com/ihebski/DefaultCreds-cheat-sheet/releases/tag/creds-${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/credslayer/default.nix b/nixpkgs/pkgs/tools/security/credslayer/default.nix new file mode 100644 index 000000000000..7d9d67577930 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/credslayer/default.nix @@ -0,0 +1,58 @@ +{ lib +, fetchFromGitHub +, python3 +, wireshark-cli +}: + +python3.pkgs.buildPythonApplication rec { + pname = "credslayer"; + version = "0.1.3"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "ShellCode33"; + repo = "CredSLayer"; + rev = "refs/tags/v${version}"; + hash = "sha256-gryV9MHULY6ZHy6YDFQDIkZsfIX8La0tHT0vrrQJNDQ="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + pyshark + ]; + + nativeCheckInputs = with python3.pkgs; [ + py + pytestCheckHook + wireshark-cli + ]; + + pytestFlagsArray = [ + "tests/tests.py" + ]; + + disabledTests = [ + # Requires a telnet setup + "test_telnet" + # stdout has all the correct data, but the underlying test code fails + # functionally everything seems to be intact + "http_get_auth" + "test_http_post_auth" + "test_ntlmssp" + ]; + + pythonImportsCheck = [ + "credslayer" + ]; + + postInstall = '' + wrapProgram $out/bin/credslayer \ + --prefix PATH : "${lib.makeBinPath [ wireshark-cli ]}" + ''; + + meta = with lib; { + description = "Extract credentials and other useful info from network captures"; + homepage = "https://github.com/ShellCode33/CredSLayer"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/crlfsuite/default.nix b/nixpkgs/pkgs/tools/security/crlfsuite/default.nix new file mode 100644 index 000000000000..bc375f03c0c4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/crlfsuite/default.nix @@ -0,0 +1,36 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "crlfsuite"; + version = "2.5.2"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "Nefcore"; + repo = "CRLFsuite"; + rev = "refs/tags/v${version}"; + sha256 = "sha256-mK20PbVGhTEjhY5L6coCzSMIrG/PHHmNq30ZoJEs6uI="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + colorama + requests + ]; + + # No tests present + doCheck = false; + + pythonImportsCheck = [ + "crlfsuite" + ]; + + meta = with lib; { + description = "CRLF injection (HTTP Response Splitting) scanner"; + homepage = "https://github.com/Nefcore/CRLFsuite"; + license = licenses.mit; + maintainers = with maintainers; [ c0bw3b fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/crlfuzz/default.nix b/nixpkgs/pkgs/tools/security/crlfuzz/default.nix new file mode 100644 index 000000000000..f28f96e5f4cd --- /dev/null +++ b/nixpkgs/pkgs/tools/security/crlfuzz/default.nix @@ -0,0 +1,27 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "crlfuzz"; + version = "1.4.1"; + + src = fetchFromGitHub { + owner = "dwisiswant0"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-rqhdxOQmZCRtq+IZygKLleb5GoKP2akyEc3rbGcnZmw="; + }; + + vendorHash = "sha256-yLtISEJWIKqCuZtQxReu/Vykw5etqgLpuXqOdtwBkqU="; + + doCheck = true; + + meta = with lib; { + description = "Tool to scan for CRLF vulnerability"; + homepage = "https://github.com/dwisiswant0/crlfuzz"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/crowbar/default.nix b/nixpkgs/pkgs/tools/security/crowbar/default.nix new file mode 100644 index 000000000000..e58f77457de2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/crowbar/default.nix @@ -0,0 +1,42 @@ +{ fetchFromGitHub +, freerdp +, nmap +, openvpn +, python3Packages +, lib +, tigervnc +}: + +python3Packages.buildPythonApplication rec { + pname = "crowbar"; + version = "unstable-2020-04-23"; + + src = fetchFromGitHub { + owner = "galkan"; + repo = pname; + rev = "500d633ff5ddfcbc70eb6d0b4d2181e5b8d3c535"; + sha256 = "05m9vywr9976pc7il0ak8nl26mklzxlcqx0p8rlfyx1q766myqzf"; + }; + + propagatedBuildInputs = [ python3Packages.paramiko ]; + + patchPhase = '' + sed -i 's,/usr/bin/xfreerdp,${freerdp}/bin/xfreerdp,g' lib/main.py + sed -i 's,/usr/bin/vncviewer,${tigervnc}/bin/vncviewer,g' lib/main.py + sed -i 's,/usr/sbin/openvpn,${openvpn}/bin/openvpn,g' lib/main.py + + sed -i 's,/usr/bin/nmap,${nmap}/bin/nmap,g' lib/nmap.py + ''; + + # Sanity check + checkPhase = '' + $out/bin/crowbar --help > /dev/null + ''; + + meta = with lib; { + homepage = "https://github.com/galkan/crowbar"; + description = "A brute forcing tool that can be used during penetration tests"; + license = licenses.mit; + maintainers = with maintainers; [ pamplemousse ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/crowdsec/default.nix b/nixpkgs/pkgs/tools/security/crowdsec/default.nix new file mode 100644 index 000000000000..9c3dceda96f6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/crowdsec/default.nix @@ -0,0 +1,64 @@ +{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: + +buildGoModule rec { + pname = "crowdsec"; + version = "1.5.4"; + + src = fetchFromGitHub { + owner = "crowdsecurity"; + repo = pname; + rev = "v${version}"; + hash = "sha256-5VwsuPNoAhCvhKUJDUkXnEVLMqHx2M1Nz11VoBASoxU="; + }; + + vendorHash = "sha256-6ODcb7UQPgM5n5RPN4AdkrY3+vlu+GXlUfrlTePywyY="; + + nativeBuildInputs = [ installShellFiles ]; + + subPackages = [ + "cmd/crowdsec" + "cmd/crowdsec-cli" + ]; + + ldflags = [ + "-s" + "-w" + "-X github.com/crowdsecurity/go-cs-lib/pkg/version.Version=v${version}" + "-X github.com/crowdsecurity/go-cs-lib/pkg/version.BuildDate=1970-01-01_00:00:00" + "-X github.com/crowdsecurity/go-cs-lib/pkg/version.Tag=${src.rev}" + "-X github.com/crowdsecurity/crowdsec/pkg/cwversion.Codename=alphaga" + "-X github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultConfigDir=/etc/crowdsec" + "-X github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultDataDir=/var/lib/crowdsec/data" + ]; + + postBuild = "mv $GOPATH/bin/{crowdsec-cli,cscli}"; + + postInstall = '' + mkdir -p $out/share/crowdsec + cp -r ./config $out/share/crowdsec/ + + installShellCompletion --cmd cscli \ + --bash <($out/bin/cscli completion bash) \ + --fish <($out/bin/cscli completion fish) \ + --zsh <($out/bin/cscli completion zsh) + ''; + + meta = with lib; { + homepage = "https://crowdsec.net/"; + changelog = "https://github.com/crowdsecurity/crowdsec/releases/tag/v${version}"; + description = "CrowdSec is a free, open-source and collaborative IPS"; + longDescription = '' + CrowdSec is a free, modern & collaborative behavior detection engine, + coupled with a global IP reputation network. It stacks on fail2ban's + philosophy but is IPV6 compatible and 60x faster (Go vs Python), uses Grok + patterns to parse logs and YAML scenario to identify behaviors. CrowdSec + is engineered for modern Cloud/Containers/VM based infrastructures (by + decoupling detection and remediation). Once detected you can remedy + threats with various bouncers (firewall block, nginx http 403, Captchas, + etc.) while the aggressive IP can be sent to CrowdSec for curation before + being shared among all users to further improve everyone's security. + ''; + license = licenses.mit; + maintainers = with maintainers; [ jk urandom ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/crunch/default.nix b/nixpkgs/pkgs/tools/security/crunch/default.nix new file mode 100644 index 000000000000..d287fb32fb67 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/crunch/default.nix @@ -0,0 +1,33 @@ +{ lib, stdenv, fetchurl, which }: + +stdenv.mkDerivation rec { + pname = "crunch"; + version = "3.6"; + + src = fetchurl { + url = "mirror://sourceforge/crunch-wordlist/${pname}-${version}.tgz"; + sha256 = "0mgy6ghjvzr26yrhj1bn73qzw6v9qsniskc5wqq1kk0hfhy6r3va"; + }; + + nativeBuildInputs = [ which ]; + + preBuild = '' + substituteInPlace Makefile \ + --replace '-g root -o root' "" \ + --replace '-g wheel -o root' "" \ + --replace 'sudo ' "" + ''; + + makeFlags = [ + "CC=${stdenv.cc.targetPrefix}cc" + "PREFIX=$(out)" + ]; + + meta = with lib; { + description = "Wordlist generator"; + homepage = "https://sourceforge.net/projects/crunch-wordlist/"; + platforms = platforms.unix; + license = with licenses; [ gpl2Only ]; + maintainers = with maintainers; [ lnl7 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cryptomator/default.nix b/nixpkgs/pkgs/tools/security/cryptomator/default.nix new file mode 100644 index 000000000000..e235ec5f746f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cryptomator/default.nix @@ -0,0 +1,94 @@ +{ lib, stdenv, fetchFromGitHub +, autoPatchelfHook +, fuse3 +, maven, jdk, makeShellWrapper, glib, wrapGAppsHook +}: + + +let + mavenJdk = maven.override { + jdk = jdk; + }; +in +assert stdenv.isLinux; # better than `called with unexpected argument 'enableJavaFX'` +mavenJdk.buildMavenPackage rec { + pname = "cryptomator"; + version = "1.10.1"; + + src = fetchFromGitHub { + owner = "cryptomator"; + repo = "cryptomator"; + rev = version; + hash = "sha256-xhj7RUurBRq9ZIDAlcq7KyYGnLqc+vTjaf2VMNStpVQ"; + }; + + mvnParameters = "-Dmaven.test.skip=true"; + mvnHash = "sha256-XAIwKn8wMqILMQbg9wM4kHAaRSGWQaBx9AXQyJuUO5k="; + + preBuild = '' + VERSION=${version} + SEMVER_STR=${version} + ''; + + + # This is based on the instructins in https://github.com/cryptomator/cryptomator/blob/develop/dist/linux/appimage/build.sh + installPhase = '' + mkdir -p $out/bin/ $out/share/cryptomator/libs/ $out/share/cryptomator/mods/ + + cp target/libs/* $out/share/cryptomator/libs/ + cp target/mods/* target/cryptomator-*.jar $out/share/cryptomator/mods/ + + makeShellWrapper ${jdk}/bin/java $out/bin/cryptomator \ + --add-flags "--enable-preview" \ + --add-flags "--class-path '$out/share/cryptomator/libs/*'" \ + --add-flags "--module-path '$out/share/cryptomator/mods'" \ + --add-flags "-Dcryptomator.logDir='~/.local/share/Cryptomator/logs'" \ + --add-flags "-Dcryptomator.pluginDir='~/.local/share/Cryptomator/plugins'" \ + --add-flags "-Dcryptomator.settingsPath='~/.config/Cryptomator/settings.json'" \ + --add-flags "-Dcryptomator.ipcSocketPath='~/.config/Cryptomator/ipc.socket'" \ + --add-flags "-Dcryptomator.mountPointsDir='~/.local/share/Cryptomator/mnt'" \ + --add-flags "-Dcryptomator.showTrayIcon=false" \ + --add-flags "-Dcryptomator.buildNumber='nix'" \ + --add-flags "-Dcryptomator.appVersion='${version}'" \ + --add-flags "-Djdk.gtk.version=3" \ + --add-flags "-Xss20m" \ + --add-flags "-Xmx512m" \ + --add-flags "-Djavafx.embed.singleThread=true " \ + --add-flags "-Dawt.useSystemAAFontSettings=on" \ + --add-flags "--module org.cryptomator.desktop/org.cryptomator.launcher.Cryptomator" \ + --prefix PATH : "$out/share/cryptomator/libs/:${lib.makeBinPath [ jdk glib ]}" \ + --prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ fuse3 ]}" \ + --set JAVA_HOME "${jdk.home}" + + # install desktop entry and icons + cp -r ${src}/dist/linux/appimage/resources/AppDir/usr/* $out/ + # The directory is read only when copied, enable read to install additional files + chmod +w -R $out/ + cp ${src}/dist/linux/common/org.cryptomator.Cryptomator256.png $out/share/icons/hicolor/256x256/apps/org.cryptomator.Cryptomator.png + cp ${src}/dist/linux/common/org.cryptomator.Cryptomator512.png $out/share/icons/hicolor/512x512/apps/org.cryptomator.Cryptomator.png + cp ${src}/dist/linux/common/org.cryptomator.Cryptomator.svg $out/share/icons/hicolor/scalable/apps/org.cryptomator.Cryptomator.svg + cp ${src}/dist/linux/common/org.cryptomator.Cryptomator.desktop $out/share/applications/org.cryptomator.Cryptomator.desktop + cp ${src}/dist/linux/common/org.cryptomator.Cryptomator.metainfo.xml $out/share/metainfo/org.cryptomator.Cryptomator.metainfo.xml + cp ${src}/dist/linux/common/application-vnd.cryptomator.vault.xml $out/share/mime/packages/application-vnd.cryptomator.vault.xml + ''; + + nativeBuildInputs = [ + autoPatchelfHook + makeShellWrapper + wrapGAppsHook + jdk + ]; + buildInputs = [ fuse3 jdk glib ]; + + meta = with lib; { + description = "Free client-side encryption for your cloud files"; + homepage = "https://cryptomator.org"; + sourceProvenance = with sourceTypes; [ + fromSource + binaryBytecode # deps + ]; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ bachp ]; + platforms = [ "x86_64-linux" ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ctmg/default.nix b/nixpkgs/pkgs/tools/security/ctmg/default.nix new file mode 100644 index 000000000000..b08af06825e3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ctmg/default.nix @@ -0,0 +1,21 @@ +{ lib, stdenv, fetchzip }: + +stdenv.mkDerivation rec { + pname = "ctmg"; + version = "1.2"; + + src = fetchzip { + url = "https://git.zx2c4.com/ctmg/snapshot/ctmg-${version}.tar.xz"; + sha256 = "1i4v8sriwjrmj3yizbl1ysckb711yl9qsn9x45jq0ij1apsydhyc"; + }; + + installPhase = "install -D ctmg.sh $out/bin/ctmg"; + + meta = with lib; { + description = "An encrypted container manager for Linux using cryptsetup"; + homepage = "https://git.zx2c4.com/ctmg/about/"; + license = licenses.isc; + maintainers = with maintainers; [ mrVanDalo ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cve-bin-tool/default.nix b/nixpkgs/pkgs/tools/security/cve-bin-tool/default.nix new file mode 100644 index 000000000000..88b52da21eb3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cve-bin-tool/default.nix @@ -0,0 +1,145 @@ +{ lib +, buildPythonApplication +, fetchFromGitHub +, fetchpatch +, jsonschema +, plotly +, beautifulsoup4 +, pyyaml +, isort +, py +, jinja2 +, rpmfile +, reportlab +, zstandard +, rich +, aiohttp +, toml +, distro + # aiohttp[speedups] +, aiodns +, brotlipy +, faust-cchardet +, pillow +, pytestCheckHook +, xmlschema +, setuptools +, packaging +, cvss +, google-cloud-sdk +, pip +, testers +, cve-bin-tool +# pinned packaging +, pyparsing +, fetchPypi +, buildPythonPackage +, pretend +, pythonOlder +, wheel +}: + +let + # pin packaging to < 22 until issue related to https://github.com/intel/cve-bin-tool/pull/2436 are resolved by upstream (post-3.2) + packaging_21_3 = buildPythonPackage rec { + inherit (packaging) pname passthru meta; + version = "21.3"; + format = "pyproject"; + disabled = pythonOlder "3.6"; + + src = fetchPypi { + inherit pname version; + sha256 = "sha256-3UfEKSfYmrkR5gZRiQfMLTofOLvQJjhZcGQ/nFuOz+s="; + }; + nativeBuildInputs = [ + setuptools + wheel + ]; + propagatedBuildInputs = [ + pyparsing + ]; + + nativeCheckInputs = [ + pytestCheckHook + pretend + ]; + + doCheck = false; + }; +in +buildPythonApplication rec { + pname = "cve-bin-tool"; + version = "3.2"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "intel"; + repo = "cve-bin-tool"; + rev = "refs/tags/v${version}"; + hash = "sha256-QOnWt6iit0/F6d/MfZ8qJqDuT3IHh0Qjs6BcJkI/CBw="; + }; + + patches = [ + # Not needed as python dependency, should just be on the PATH + ./no-gsutil-python-dependency.patch + # Already merged upstream, to be removed post-3.2 + # https://github.com/intel/cve-bin-tool/pull/2524 + (fetchpatch { + name = "cve-bin-tool-version-success.patch"; + url = "https://github.com/intel/cve-bin-tool/commit/6f9bd565219932c565c1443ac467fe4163408dd8.patch"; + hash = "sha256-Glj6qiOvmvsuetXn4tysyiN/vrcOPFLORh+u3BoGzCI="; + }) + ]; + + # Wants to open a sqlite database, access the internet, etc + doCheck = false; + + propagatedNativeBuildInputs = [ + pip + ]; + + propagatedBuildInputs = [ + google-cloud-sdk + jsonschema + plotly + beautifulsoup4 + pyyaml + isort + py + jinja2 + rpmfile + reportlab + zstandard + rich + aiohttp + toml + distro + # aiohttp[speedups] + aiodns + brotlipy + faust-cchardet + # needed by brotlipy + pillow + setuptools + xmlschema + cvss + packaging_21_3 + ]; + + nativeCheckInputs = [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "cve_bin_tool" + ]; + + passthru.tests.version = testers.testVersion { package = cve-bin-tool; }; + + meta = with lib; { + description = "CVE Binary Checker Tool"; + homepage = "https://github.com/intel/cve-bin-tool"; + license = licenses.gpl3Plus; + maintainers = [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/cve-bin-tool/no-gsutil-python-dependency.patch b/nixpkgs/pkgs/tools/security/cve-bin-tool/no-gsutil-python-dependency.patch new file mode 100644 index 000000000000..9bbac57b5fb4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cve-bin-tool/no-gsutil-python-dependency.patch @@ -0,0 +1,12 @@ +diff --git a/requirements.txt b/requirements.txt +index 1d4aa9a..c9e9171 100644 +--- a/requirements.txt ++++ b/requirements.txt +@@ -14,6 +14,6 @@ xmlschema + importlib_metadata; python_version < "3.8" + requests + urllib3>=1.26.5 # dependency of requests added explictly to avoid CVEs +-gsutil ++#gsutil + cvss + packaging diff --git a/nixpkgs/pkgs/tools/security/cyclonedx-gomod/default.nix b/nixpkgs/pkgs/tools/security/cyclonedx-gomod/default.nix new file mode 100644 index 000000000000..1c404aa3f836 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/cyclonedx-gomod/default.nix @@ -0,0 +1,29 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "cyclonedx-gomod"; + version = "1.4.1"; + + src = fetchFromGitHub { + owner = "CycloneDX"; + repo = pname; + rev = "v${version}"; + hash = "sha256-JczDfNBYT/Ap2lDucEvuT8NAwuQgmavOUvtznI6Q+Zc="; + }; + + vendorHash = "sha256-5Mn+f+oVwbn2qGaZct5+9f6tOBXfsB/I72yD7fHUrC8="; + + # Tests require network access and cyclonedx executable + doCheck = false; + + meta = with lib; { + description = "Tool to create CycloneDX Software Bill of Materials (SBOM) from Go modules"; + homepage = "https://github.com/CycloneDX/cyclonedx-gomod"; + changelog = "https://github.com/CycloneDX/cyclonedx-gomod/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dalfox/default.nix b/nixpkgs/pkgs/tools/security/dalfox/default.nix new file mode 100644 index 000000000000..85fc3c55a3b0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dalfox/default.nix @@ -0,0 +1,29 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "dalfox"; + version = "2.9.0"; + + src = fetchFromGitHub { + owner = "hahwul"; + repo = pname; + rev = "refs/tags/v${version}"; + sha256 = "sha256-AG5CNqkxPQJQ+HN3JGUIgSYxgFigmUqVGn1yAHmo7Mo="; + }; + + vendorHash = "sha256-OLT85GOcTnWmU+ZRem2+vY29nzvzXhnmIN2W+U6phPk="; + + # Tests require network access + doCheck = false; + + meta = with lib; { + description = "Tool for analysing parameter and XSS scanning"; + homepage = "https://github.com/hahwul/dalfox"; + changelog = "https://github.com/hahwul/dalfox/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/das/default.nix b/nixpkgs/pkgs/tools/security/das/default.nix new file mode 100644 index 000000000000..2f7cd2fa98f7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/das/default.nix @@ -0,0 +1,51 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "das"; + version = "0.3.8"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "snovvcrash"; + repo = "DivideAndScan"; + rev = "refs/tags/v${version}"; + hash = "sha256-a9gnEBTvZshw42M/GrpCgjZh6FOzL45aZqGRyeHO0ec="; + }; + + postPatch = '' + substituteInPlace pyproject.toml \ + --replace 'networkx = "^2.8.4"' 'networkx = "*"' \ + --replace 'pandas = "^1.4.2"' 'pandas = "*"' + ''; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + dash + defusedxml + dnspython + netaddr + networkx + pandas + plotly + python-nmap + scipy + tinydb + ]; + + pythonImportsCheck = [ + "das" + ]; + + meta = with lib; { + description = "Divide full port scan results and use it for targeted Nmap runs"; + homepage = "https://github.com/snovvcrash/DivideAndScan"; + license = licenses.bsd2; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/davtest/default.nix b/nixpkgs/pkgs/tools/security/davtest/default.nix new file mode 100644 index 000000000000..226ead57ffde --- /dev/null +++ b/nixpkgs/pkgs/tools/security/davtest/default.nix @@ -0,0 +1,40 @@ +{ lib, stdenv, perl, fetchurl }: + +stdenv.mkDerivation rec { + pname = "davtest"; + version = "1.0"; + + src = fetchurl { + url = "https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/davtest/davtest-${version}.tar.bz2"; + sha256 = "0kigcgv1bbnan9yr5481s4b9islmvzl2arpg1ig1i39sxrna06y7"; + }; + + postPatch = '' + substituteInPlace davtest.pl \ + --replace "backdoors/" "$out/share/davtest/backdoors/" \ + --replace "tests/" "$out/share/davtest/tests/" + ''; + + buildInputs = [ + (perl.withPackages (p: with p; [ HTTPDAV ])) + ]; + + installPhase = '' + runHook preInstall + + install -Dm755 davtest.pl $out/bin/davtest.pl + mkdir -p $out/share/davtest + cp -r backdoors/ tests/ $out/share/davtest/ + + runHook postInstall + ''; + + meta = with lib; { + description = "Tests WebDAV servers by uploading test files, and then optionally testing for command execution or other actions directly on the target"; + homepage = "https://code.google.com/p/davtest/"; + mainProgram = "davtest.pl"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ emilytrau ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dbmonster/default.nix b/nixpkgs/pkgs/tools/security/dbmonster/default.nix new file mode 100644 index 000000000000..13d0cded0a3e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dbmonster/default.nix @@ -0,0 +1,56 @@ +{ lib +, aircrack-ng +, fetchFromGitHub +, iproute2 +, networkmanager +, python3 +, tshark +, wirelesstools +}: + +python3.pkgs.buildPythonApplication rec { + pname = "dbmonster"; + version = "unstable-2022-09-17"; + format = "other"; + + src = fetchFromGitHub { + owner = "90N45-d3v"; + repo = "dBmonster"; + rev = "4c79549079782a2991309120a55c8158701a9b70"; + hash = "sha256-9RP3LmZF7P2c0+Jt/kMSVPb4cBtyH6P3FZ5UrQpBP0I="; + }; + + propagatedBuildInputs = [ + aircrack-ng + iproute2 + networkmanager + tshark + wirelesstools + ] ++ (with python3.pkgs; [ + matplotlib + ]); + + dontBuild = true; + + installPhase = '' + runHook preInstall + + install -vD dBmonster.py $out/bin/$pname.py + + makeWrapper ${python3.interpreter} $out/bin/$pname \ + --set PYTHONPATH "$PYTHONPATH:$out/bin/$pname" \ + --add-flags "-O $out/bin/$pname.py" + + runHook postInstall + ''; + + # Only script available + doCheck = false; + + meta = with lib; { + description = "Tool to track WiFi devices by signal strength"; + homepage = "https://github.com/90N45-d3v/dBmonster"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/decoder/default.nix b/nixpkgs/pkgs/tools/security/decoder/default.nix new file mode 100644 index 000000000000..76dd3003d500 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/decoder/default.nix @@ -0,0 +1,50 @@ +{ lib +, stdenv +, fetchFromGitHub +, fetchpatch +, openssl +}: + +stdenv.mkDerivation rec { + pname = "decoder"; + version = "unstable-2021-11-20"; + + src = fetchFromGitHub { + owner = "PeterPawn"; + repo = "decoder"; + rev = "da0f826629d4e7b873f9d1a39f24c50ff0a68cd2"; + sha256 = "sha256-1sT1/iwtc2ievmLuNuooy9b14pTs1ZC5noDwzFelk7w="; + }; + + patches = [ + # Pull fix pending upstream inclusion for -fno-common toolchains: + # https://github.com/PeterPawn/decoder/pull/29 + (fetchpatch { + name = "fno-common.patch"; + url = "https://github.com/PeterPawn/decoder/commit/843ac477c31108023d8008581bf91c5a3acc1859.patch"; + sha256 = "sha256-rRylz8cxgNyPSqL/THdgEBpzcVx1K+xbjUn4PwP9Jn4="; + }) + ]; + + buildInputs = [ + openssl + ]; + + makeFlags = [ "OPENSSL=y" ]; + + installPhase = '' + runHook preInstall + + install -Dm755 src/decoder "$out/bin/decoder" + + runHook postInstall + ''; + + meta = with lib; { + homepage = "https://github.com/PeterPawn/decoder"; + description = ''"secrets" decoding for FRITZ!OS devices''; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ Luflosi ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/deepsea/default.nix b/nixpkgs/pkgs/tools/security/deepsea/default.nix new file mode 100644 index 000000000000..2f0a9f175f39 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/deepsea/default.nix @@ -0,0 +1,31 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "deepsea"; + version = "0.9"; + + src = fetchFromGitHub { + owner = "dsnezhkov"; + repo = pname; + rev = "v${version}"; + sha256 = "02s03sha8vwp7dsaw3z446pskhb6wmy0hyj0mhpbx58sf147rkig"; + }; + + vendorHash = null; + + meta = with lib; { + description = "Phishing tool for red teams and pentesters"; + longDescription = '' + DeepSea phishing gear aims to help RTOs and pentesters with the + delivery of opsec-tight, flexible email phishing campaigns carried + out on the outside as well as on the inside of a perimeter. + ''; + homepage = "https://github.com/dsnezhkov/deepsea"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + broken = true; # vendor isn't reproducible with go > 1.17: nix-build -A $name.goModules --check + }; +} diff --git a/nixpkgs/pkgs/tools/security/deepsecrets/default.nix b/nixpkgs/pkgs/tools/security/deepsecrets/default.nix new file mode 100644 index 000000000000..09c8aac926b8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/deepsecrets/default.nix @@ -0,0 +1,50 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "deepsecrets"; + version = "1.0.6"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "avito-tech"; + repo = "deepsecrets"; + rev = "refs/tags/v${version}"; + hash = "sha256-VfIsPgStHcIYGbfrOs1mvgoq0ZoVSZwILFVBeMt/5Jc="; + }; + + postPatch = '' + substituteInPlace pyproject.toml \ + --replace 'pyyaml = "^5.4.1"' 'pyyaml = "*"' \ + --replace 'regex = "^2023.3.23"' 'regex = "*"' \ + --replace 'mmh3 = "^3.0.0"' 'mmh3 = "*"' + ''; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + dotwiz + mmh3 + ordered-set + pydantic + pygments + pyyaml + regex + ]; + + pythonImportsCheck = [ + "deepsecrets" + ]; + + meta = with lib; { + description = "Secrets scanner that understands code"; + homepage = "https://github.com/avito-tech/deepsecrets"; + changelog = "https://github.com/avito-tech/deepsecrets/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/der-ascii/default.nix b/nixpkgs/pkgs/tools/security/der-ascii/default.nix new file mode 100644 index 000000000000..5fc3b179b3ad --- /dev/null +++ b/nixpkgs/pkgs/tools/security/der-ascii/default.nix @@ -0,0 +1,27 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "der-ascii"; + version = "0.1.0"; + + src = fetchFromGitHub { + owner = "google"; + repo = pname; + rev = "v${version}"; + sha256 = "1my93m1rx08kn2yms6k8w43byr8k61r1nra4b082j8b393wwxkqc"; + }; + vendorHash = null; + + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + description = '' + A small human-editable language to emit DER or BER encodings of ASN.1 + structures and malformed variants of them + ''; + homepage = "https://github.com/google/der-ascii"; + license = licenses.asl20; + maintainers = with maintainers; [ alexshpilkin cpu hawkw ]; + mainProgram = "ascii2der"; # has stable output, unlike its inverse + }; +} diff --git a/nixpkgs/pkgs/tools/security/dieharder/default.nix b/nixpkgs/pkgs/tools/security/dieharder/default.nix new file mode 100644 index 000000000000..51370ad8dcc2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dieharder/default.nix @@ -0,0 +1,36 @@ +{ lib, stdenv, fetchurl, gsl +, dieharder, testers }: + +stdenv.mkDerivation rec { + pname = "dieharder"; + version = "3.31.1"; + + src = fetchurl { + url = "http://webhome.phy.duke.edu/~rgb/General/dieharder/dieharder-${version}.tgz"; + hash = "sha256-bP8P+DlMVTVJrHQzNZzPyVX7JnlCYDFGIN+l5M1Lcn8="; + }; + + patches = [ + # Include missing stdint.h header + ./stdint.patch + ]; + + # Workaround build failure on -fno-common toolchains: + # ld: include/dieharder/parse.h:21: multiple definition of `splitbuf'; + # include/dieharder/parse.h:21: first defined here + env.NIX_CFLAGS_COMPILE = "-fcommon"; + + buildInputs = [ gsl ]; + + passthru = { + tests.version = testers.testVersion { package = dieharder; }; + }; + + meta = with lib; { + description = "A Random Number Generator test suite"; + homepage = "https://webhome.phy.duke.edu/~rgb/General/dieharder.php"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ zhaofengli ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dieharder/stdint.patch b/nixpkgs/pkgs/tools/security/dieharder/stdint.patch new file mode 100644 index 000000000000..91dccfafd665 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dieharder/stdint.patch @@ -0,0 +1,10 @@ +--- a/include/dieharder/libdieharder.h 2011-10-14 15:41:37.000000000 +0200 ++++ b/include/dieharder/libdieharder.h 2015-03-27 16:34:40.978860858 +0100 +@@ -13,6 +13,7 @@ + #include <stdlib.h> + #include <stdarg.h> + #include <string.h> ++#include <stdint.h> + #include <sys/time.h> + + /* This turns on uint macro in c99 */ diff --git a/nixpkgs/pkgs/tools/security/dirstalk/default.nix b/nixpkgs/pkgs/tools/security/dirstalk/default.nix new file mode 100644 index 000000000000..1397a0b8aa9e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dirstalk/default.nix @@ -0,0 +1,45 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, fetchpatch +}: + +buildGoModule rec { + pname = "dirstalk"; + version = "1.3.3"; + + src = fetchFromGitHub { + owner = "stefanoj3"; + repo = pname; + rev = version; + hash = "sha256-gSMkTGzMDI+scG3FQ0u0liUDL4qOPPW2UWLlAQcmmaA="; + }; + + patches = [ + # update dependencies to fix darwin build - remove in next release + (fetchpatch { + url = "https://github.com/stefanoj3/dirstalk/commit/79aef14c5c048f3a3a8374f42c7a0d52fc9f7b50.patch"; + sha256 = "sha256-2rSrMowfYdKV69Yg2QBzam3WOwGrSHQB+3uVi1Z2oJ8="; + }) + ]; + + vendorHash = "sha256-XY4vIh5de0tp4KPXTpzTm7/2bDisTjCsojLzxVDf4Jw="; + + subPackages = "cmd/dirstalk"; + + ldflags = [ + "-w" + "-s" + "-X github.com/stefanoj3/dirstalk/pkg/cmd.Version=${version}" + ]; + + # Tests want to write to the root directory + doCheck = false; + + meta = with lib; { + description = "Tool to brute force paths on web servers"; + homepage = "https://github.com/stefanoj3/dirstalk"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dismap/default.nix b/nixpkgs/pkgs/tools/security/dismap/default.nix new file mode 100644 index 000000000000..52e046aa80c1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dismap/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "dismap"; + version = "0.4"; + + src = fetchFromGitHub { + owner = "zhzyker"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-YjjiS6iLIQvrPS378v2nyrgwWBJ9YtDeNTPz0ze05mU="; + }; + + vendorHash = "sha256-GnchyE2TswvjYlehhMYesZruTTwyTorfR+17K0RXXFY="; + + meta = with lib; { + description = "Asset discovery and identification tools"; + homepage = "https://github.com/zhzyker/dismap"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dismember/default.nix b/nixpkgs/pkgs/tools/security/dismember/default.nix new file mode 100644 index 000000000000..2dffd8116b9c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dismember/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "dismember"; + version = "0.0.1"; + + src = fetchFromGitHub { + owner = "liamg"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-myoBXoi7VqHOLmu/XrvnlfBDlEnXm+0fp8WQec+3EJY="; + }; + + vendorHash = "sha256-xxZQz94sr7aSNhmvFWdRtVnS0yk2KQIkAHjwZeJPBwY="; + + meta = with lib; { + description = "Tool to scan memory for secrets"; + homepage = "https://github.com/liamg/dismember"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dnsenum/default.nix b/nixpkgs/pkgs/tools/security/dnsenum/default.nix new file mode 100644 index 000000000000..a24fc96621f1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dnsenum/default.nix @@ -0,0 +1,31 @@ +{ lib, stdenv, fetchFromGitHub, makeWrapper, perl, perlPackages }: + +stdenv.mkDerivation rec { + pname = "dnsenum"; + version = "1.2.4.2"; + + src = fetchFromGitHub { + owner = "fwaeytens"; + repo = pname; + rev = version; + sha256 = "1bg1ljv6klic13wq4r53bg6inhc74kqwm3w210865b1v1n8wj60v"; + }; + + propagatedBuildInputs = with perlPackages; [ + perl NetDNS NetIP NetNetmask StringRandom XMLWriter NetWhoisIP WWWMechanize + ]; + nativeBuildInputs = [ makeWrapper ]; + + installPhase = '' + install -vD dnsenum.pl $out/bin/dnsenum + install -vD dns.txt -t $out/share + ''; + + meta = with lib; { + homepage = "https://github.com/fwaeytens/dnsenum"; + description = "A tool to enumerate DNS information"; + maintainers = with maintainers; [ c0bw3b ]; + license = licenses.gpl2Plus; + platforms = platforms.all; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dnspeep/Cargo.lock b/nixpkgs/pkgs/tools/security/dnspeep/Cargo.lock new file mode 100644 index 000000000000..a4966f07a5ec --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dnspeep/Cargo.lock @@ -0,0 +1,669 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "aho-corasick" +version = "0.7.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7404febffaa47dac81aa44dba71523c9d069b1bdc50a77db41195149e17f68e5" +dependencies = [ + "memchr", +] + +[[package]] +name = "autocfg" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" + +[[package]] +name = "base64" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" + +[[package]] +name = "bitflags" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" + +[[package]] +name = "byteorder" +version = "1.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" + +[[package]] +name = "bytes" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0e4cec68f03f32e44924783795810fa50a7035d8c8ebe78580ad7e6c703fba38" + +[[package]] +name = "bytes" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c4872d67bab6358e59559027aa3b9157c53d9358c51423c17554809a8858e0f8" + +[[package]] +name = "cfg-if" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "chrono" +version = "0.4.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "670ad68c9088c2a963aaa298cb369688cf3f9465ce5e2d4ca10e6e0098a1ce73" +dependencies = [ + "libc", + "num-integer", + "num-traits", + "time", + "winapi 0.3.9", +] + +[[package]] +name = "dns-message-parser" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b393503f9263e08ba3efe0a3578cdde90d6da5ae1af232cc338640670451c992" +dependencies = [ + "base64", + "bytes 1.1.0", + "hex", + "thiserror", +] + +[[package]] +name = "dnspeep" +version = "0.1.3" +dependencies = [ + "bytes 1.1.0", + "chrono", + "dns-message-parser", + "etherparse", + "eyre", + "futures", + "getopts", + "hex", + "libc", + "pcap", + "tokio", +] + +[[package]] +name = "etherparse" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2fa20922281f9ee5ffcda45e80d56085829279f1270f79fbabc39809a4354807" +dependencies = [ + "byteorder", +] + +[[package]] +name = "eyre" +version = "0.6.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "221239d1d5ea86bf5d6f91c9d6bc3646ffe471b08ff9b0f91c44f115ac969d2b" +dependencies = [ + "indenter", + "once_cell", +] + +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "fuchsia-zircon" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e9763c69ebaae630ba35f74888db465e49e259ba1bc0eda7d06f4a067615d82" +dependencies = [ + "bitflags", + "fuchsia-zircon-sys", +] + +[[package]] +name = "fuchsia-zircon-sys" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3dcaa9ae7725d12cdb85b3ad99a434db70b468c09ded17e012d86b5c1010f7a7" + +[[package]] +name = "futures" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f55667319111d593ba876406af7c409c0ebb44dc4be6132a783ccf163ea14c1" +dependencies = [ + "futures-channel", + "futures-core", + "futures-executor", + "futures-io", + "futures-sink", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-channel" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c2dd2df839b57db9ab69c2c9d8f3e8c81984781937fe2807dc6dcf3b2ad2939" +dependencies = [ + "futures-core", + "futures-sink", +] + +[[package]] +name = "futures-core" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "15496a72fabf0e62bdc3df11a59a3787429221dd0710ba8ef163d6f7a9112c94" + +[[package]] +name = "futures-executor" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "891a4b7b96d84d5940084b2a37632dd65deeae662c114ceaa2c879629c9c0ad1" +dependencies = [ + "futures-core", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-io" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d71c2c65c57704c32f5241c1223167c2c3294fd34ac020c807ddbe6db287ba59" + +[[package]] +name = "futures-macro" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea405816a5139fb39af82c2beb921d52143f556038378d6db21183a5c37fbfb7" +dependencies = [ + "proc-macro-hack", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "futures-sink" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85754d98985841b7d4f5e8e6fbfa4a4ac847916893ec511a2917ccd8525b8bb3" + +[[package]] +name = "futures-task" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa189ef211c15ee602667a6fcfe1c1fd9e07d42250d2156382820fba33c9df80" + +[[package]] +name = "futures-util" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1812c7ab8aedf8d6f2701a43e1243acdbcc2b36ab26e2ad421eb99ac963d96d1" +dependencies = [ + "futures-channel", + "futures-core", + "futures-io", + "futures-macro", + "futures-sink", + "futures-task", + "memchr", + "pin-project-lite 0.2.6", + "pin-utils", + "proc-macro-hack", + "proc-macro-nested", + "slab", +] + +[[package]] +name = "getopts" +version = "0.2.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14dbbfd5c71d70241ecf9e6f13737f7b5ce823821063188d7e46c41d371eebd5" +dependencies = [ + "unicode-width", +] + +[[package]] +name = "hermit-abi" +version = "0.1.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "322f4de77956e22ed0e5032c359a0f1273f1f7f0d79bfa3b8ffbc730d7fbcc5c" +dependencies = [ + "libc", +] + +[[package]] +name = "hex" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" + +[[package]] +name = "indenter" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce23b50ad8242c51a442f3ff322d56b02f08852c77e4c0b4d3fd684abc89c683" + +[[package]] +name = "iovec" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2b3ea6ff95e175473f8ffe6a7eb7c00d054240321b84c57051175fe3c1e075e" +dependencies = [ + "libc", +] + +[[package]] +name = "kernel32-sys" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7507624b29483431c0ba2d82aece8ca6cdba9382bff4ddd0f7490560c056098d" +dependencies = [ + "winapi 0.2.8", + "winapi-build", +] + +[[package]] +name = "lazy_static" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" + +[[package]] +name = "libc" +version = "0.2.91" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8916b1f6ca17130ec6568feccee27c156ad12037880833a3b842a823236502e7" + +[[package]] +name = "libloading" +version = "0.6.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "351a32417a12d5f7e82c368a66781e307834dae04c6ce0cd4456d52989229883" +dependencies = [ + "cfg-if 1.0.0", + "winapi 0.3.9", +] + +[[package]] +name = "log" +version = "0.4.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "51b9bbe6c47d51fc3e1a9b945965946b4c44142ab8792c50835a980d362c2710" +dependencies = [ + "cfg-if 1.0.0", +] + +[[package]] +name = "memchr" +version = "2.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ee1c47aaa256ecabcaea351eae4a9b01ef39ed810004e298d2511ed284b1525" + +[[package]] +name = "mio" +version = "0.6.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4afd66f5b91bf2a3bc13fad0e21caedac168ca4c707504e75585648ae80e4cc4" +dependencies = [ + "cfg-if 0.1.10", + "fuchsia-zircon", + "fuchsia-zircon-sys", + "iovec", + "kernel32-sys", + "libc", + "log", + "miow 0.2.2", + "net2", + "slab", + "winapi 0.2.8", +] + +[[package]] +name = "mio-named-pipes" +version = "0.1.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0840c1c50fd55e521b247f949c241c9997709f23bd7f023b9762cd561e935656" +dependencies = [ + "log", + "mio", + "miow 0.3.7", + "winapi 0.3.9", +] + +[[package]] +name = "mio-uds" +version = "0.6.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "afcb699eb26d4332647cc848492bbc15eafb26f08d0304550d5aa1f612e066f0" +dependencies = [ + "iovec", + "libc", + "mio", +] + +[[package]] +name = "miow" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebd808424166322d4a38da87083bfddd3ac4c131334ed55856112eb06d46944d" +dependencies = [ + "kernel32-sys", + "net2", + "winapi 0.2.8", + "ws2_32-sys", +] + +[[package]] +name = "miow" +version = "0.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9f1c5b025cda876f66ef43a113f91ebc9f4ccef34843000e0adf6ebbab84e21" +dependencies = [ + "winapi 0.3.9", +] + +[[package]] +name = "net2" +version = "0.2.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "391630d12b68002ae1e25e8f974306474966550ad82dac6886fb8910c19568ae" +dependencies = [ + "cfg-if 0.1.10", + "libc", + "winapi 0.3.9", +] + +[[package]] +name = "num-integer" +version = "0.1.44" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2cc698a63b549a70bc047073d2949cce27cd1c7b0a4a862d08a8031bc2801db" +dependencies = [ + "autocfg", + "num-traits", +] + +[[package]] +name = "num-traits" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a64b1ec5cda2586e284722486d802acf1f7dbdc623e2bfc57e65ca1cd099290" +dependencies = [ + "autocfg", +] + +[[package]] +name = "num_cpus" +version = "1.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05499f3756671c15885fee9034446956fff3f243d6077b91e5767df161f766b3" +dependencies = [ + "hermit-abi", + "libc", +] + +[[package]] +name = "once_cell" +version = "1.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af8b08b04175473088b46763e51ee54da5f9a164bc162f615b91bc179dbf15a3" + +[[package]] +name = "pcap" +version = "0.8.1" +source = "git+https://github.com/jvns/pcap#ae2aa7f501ae5bb7069155cf7c5c700b7482681d" +dependencies = [ + "futures", + "libc", + "libloading", + "mio", + "regex", + "tokio", + "widestring", +] + +[[package]] +name = "pin-project-lite" +version = "0.1.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "257b64915a082f7811703966789728173279bdebb956b143dbcd23f6f970a777" + +[[package]] +name = "pin-project-lite" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc0e1f259c92177c30a4c9d177246edd0a3568b25756a977d0632cf8fa37e905" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "proc-macro-hack" +version = "0.5.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5" + +[[package]] +name = "proc-macro-nested" +version = "0.1.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bc881b2c22681370c6a780e47af9840ef841837bc98118431d4e1868bd0c1086" + +[[package]] +name = "proc-macro2" +version = "1.0.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e0704ee1a7e00d7bb417d0770ea303c1bccbabf0ef1667dae92b5967f5f8a71" +dependencies = [ + "unicode-xid", +] + +[[package]] +name = "quote" +version = "1.0.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3d0b9745dc2debf507c8422de05d7226cc1f0644216dfdfead988f9b1ab32a7" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "regex" +version = "1.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "957056ecddbeba1b26965114e191d2e8589ce74db242b6ea25fc4062427a5c19" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.6.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24d5f089152e60f62d28b835fbff2cd2e8dc0baf1ac13343bef92ab7eed84548" + +[[package]] +name = "signal-hook-registry" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "16f1d0fef1604ba8f7a073c7e701f213e056707210e9020af4528e0101ce11a6" +dependencies = [ + "libc", +] + +[[package]] +name = "slab" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c111b5bd5695e56cffe5129854aa230b39c93a305372fdbb2668ca2394eea9f8" + +[[package]] +name = "syn" +version = "1.0.65" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f3a1d708c221c5a612956ef9f75b37e454e88d1f7b899fbd3a18d4252012d663" +dependencies = [ + "proc-macro2", + "quote", + "unicode-xid", +] + +[[package]] +name = "thiserror" +version = "1.0.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "854babe52e4df1653706b98fcfc05843010039b406875930a70e4d9644e5c417" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa32fd3f627f367fe16f893e2597ae3c05020f8bba2666a4e6ea73d377e5714b" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "time" +version = "0.1.44" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6db9e6914ab8b1ae1c260a4ae7a49b6c5611b40328a735b21862567685e73255" +dependencies = [ + "libc", + "wasi", + "winapi 0.3.9", +] + +[[package]] +name = "tokio" +version = "0.2.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6703a273949a90131b290be1fe7b039d0fc884aa1935860dfcbe056f28cd8092" +dependencies = [ + "bytes 0.5.6", + "fnv", + "futures-core", + "iovec", + "lazy_static", + "libc", + "memchr", + "mio", + "mio-named-pipes", + "mio-uds", + "num_cpus", + "pin-project-lite 0.1.12", + "signal-hook-registry", + "slab", + "tokio-macros", + "winapi 0.3.9", +] + +[[package]] +name = "tokio-macros" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e44da00bfc73a25f814cd8d7e57a68a5c31b74b3152a0a1d1f590c97ed06265a" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "unicode-width" +version = "0.1.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9337591893a19b88d8d87f2cec1e73fad5cdfd10e5a6f349f498ad6ea2ffb1e3" + +[[package]] +name = "unicode-xid" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564" + +[[package]] +name = "wasi" +version = "0.10.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f" + +[[package]] +name = "widestring" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7157704c2e12e3d2189c507b7482c52820a16dfa4465ba91add92f266667cadb" + +[[package]] +name = "winapi" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "167dc9d6949a9b857f3451275e911c3f44255842c1f7a76f33c55103a909087a" + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-build" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2d315eee3b34aca4797b2da6b13ed88266e6d612562a0c46390af8299fc699bc" + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "ws2_32-sys" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d59cefebd0c892fa2dd6de581e937301d8552cb44489cdff035c6187cb63fa5e" +dependencies = [ + "winapi 0.2.8", + "winapi-build", +] diff --git a/nixpkgs/pkgs/tools/security/dnspeep/default.nix b/nixpkgs/pkgs/tools/security/dnspeep/default.nix new file mode 100644 index 000000000000..978ec5ed2f8b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dnspeep/default.nix @@ -0,0 +1,30 @@ +{ lib, rustPlatform, fetchFromGitHub, libpcap }: + +rustPlatform.buildRustPackage rec { + pname = "dnspeep"; + version = "0.1.3"; + + src = fetchFromGitHub { + owner = "jvns"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-QpUbHiMDQFRCTVyjrO9lfQQ62Z3qanv0j+8eEXjE3n4="; + }; + + cargoLock = { + lockFile = ./Cargo.lock; + outputHashes = { + "pcap-0.8.1" = "sha256-baoHK3Q+5Qp9ccGqDGd5K5q87c5JufpNJHRdBin0zto="; + }; + }; + + LIBPCAP_LIBDIR = lib.makeLibraryPath [ libpcap ]; + LIBPCAP_VER = libpcap.version; + + meta = with lib; { + description = "Spy on the DNS queries your computer is making"; + homepage = "https://github.com/jvns/dnspeep"; + license = licenses.mit; + maintainers = with maintainers; [ figsoda ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dnsrecon/default.nix b/nixpkgs/pkgs/tools/security/dnsrecon/default.nix new file mode 100644 index 000000000000..65fae4928c6f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dnsrecon/default.nix @@ -0,0 +1,49 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "dnsrecon"; + version = "1.1.5"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "darkoperator"; + repo = pname; + rev = version; + hash = "sha256-W7ZFc+kF00ANoYVTlsY+lJ9FjMEGbqYfNojoZFiRHU8="; + }; + + postPatch = '' + substituteInPlace requirements.txt \ + --replace "flake8" "" \ + --replace "pytest" "" + ''; + + propagatedBuildInputs = with python3.pkgs; [ + dnspython + netaddr + lxml + setuptools + ]; + + preFixup = '' + # Install wordlists, etc. + install -vD namelist.txt subdomains-*.txt snoop.txt -t $out/share/wordlists + ''; + + # Tests require access to /etc/resolv.conf + doCheck = false; + + pythonImportsCheck = [ + "dnsrecon" + ]; + + meta = with lib; { + description = "DNS Enumeration script"; + homepage = "https://github.com/darkoperator/dnsrecon"; + license = licenses.gpl2Only; + maintainers = with maintainers; [ c0bw3b fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dnsx/default.nix b/nixpkgs/pkgs/tools/security/dnsx/default.nix new file mode 100644 index 000000000000..e3ff230c1e61 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dnsx/default.nix @@ -0,0 +1,35 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "dnsx"; + version = "1.1.5"; + + src = fetchFromGitHub { + owner = "projectdiscovery"; + repo = "dnsx"; + rev = "refs/tags/v${version}"; + hash = "sha256-hO6m4WsoK50tLBr7I9ui7HE3rxKpOES8IOugi04yeQo="; + }; + + vendorHash = "sha256-c3HHfcWppAUfKjePsB+/CvxJWjp5zV6TJvsm3yKH4cw="; + + # Tests require network access + doCheck = false; + + meta = with lib; { + description = "Fast and multi-purpose DNS toolkit"; + longDescription = '' + dnsx is a fast and multi-purpose DNS toolkit allow to run multiple + probers using retryabledns library, that allows you to perform + multiple DNS queries of your choice with a list of user supplied + resolvers. + ''; + homepage = "https://github.com/projectdiscovery/dnsx"; + changelog = "https://github.com/projectdiscovery/dnsx/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/doas-sudo-shim/default.nix b/nixpkgs/pkgs/tools/security/doas-sudo-shim/default.nix new file mode 100644 index 000000000000..80b913d4cc9e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/doas-sudo-shim/default.nix @@ -0,0 +1,54 @@ +{ lib +, stdenv +, fetchFromGitHub +, runCommand +, asciidoctor +, coreutils +, gawk +, glibc +, util-linux +, bash +, makeBinaryWrapper +, doas-sudo-shim +}: + +stdenv.mkDerivation rec { + pname = "doas-sudo-shim"; + version = "0.1.1"; + + src = fetchFromGitHub { + owner = "jirutka"; + repo = "doas-sudo-shim"; + rev = "v${version}"; + sha256 = "QYVqGxeWC7Tiz8aNY/LukwG4EW0km/RunGEfkzY/A38="; + }; + + nativeBuildInputs = [ asciidoctor makeBinaryWrapper ]; + buildInputs = [ bash coreutils gawk glibc util-linux ]; + + dontConfigure = true; + dontBuild = true; + + installFlags = [ "DESTDIR=$(out)" "PREFIX=\"\"" ]; + + postInstall = '' + wrapProgram $out/bin/sudo \ + --prefix PATH : ${lib.makeBinPath [ bash coreutils gawk glibc util-linux ]} + ''; + + passthru.tests = { + helpTest = runCommand "${pname}-helpTest" {} '' + ${doas-sudo-shim}/bin/sudo -h > $out + grep -q "Execute a command as another user using doas(1)" $out + ''; + }; + + meta = with lib; { + description = "A shim for the sudo command that utilizes doas"; + homepage = "https://github.com/jirutka/doas-sudo-shim"; + license = licenses.isc; + mainProgram = "sudo"; + maintainers = with maintainers; [ dsuetin ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/doas/0001-add-NixOS-specific-dirs-to-safe-PATH.patch b/nixpkgs/pkgs/tools/security/doas/0001-add-NixOS-specific-dirs-to-safe-PATH.patch new file mode 100644 index 000000000000..a22781269d8b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/doas/0001-add-NixOS-specific-dirs-to-safe-PATH.patch @@ -0,0 +1,24 @@ +From 9218347b8f833ab05d016dfba5617dcdeb59eb7b Mon Sep 17 00:00:00 2001 +From: Cole Helbling <cole.e.helbling@outlook.com> +Date: Wed, 27 May 2020 08:02:57 -0700 +Subject: [PATCH] add NixOS-specific dirs to safe PATH + +--- + doas.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/doas.c b/doas.c +index e253905..2fdb20f 100644 +--- a/doas.c ++++ b/doas.c +@@ -234,6 +234,7 @@ int + main(int argc, char **argv) + { + const char *safepath = "/bin:/sbin:/usr/bin:/usr/sbin:" ++ "/run/wrappers/bin:/run/current-system/sw/bin:/run/current-system/sw/sbin:" + "/usr/local/bin:/usr/local/sbin"; + const char *confpath = NULL; + char *shargv[] = { NULL, NULL }; +-- +2.26.2 + diff --git a/nixpkgs/pkgs/tools/security/doas/default.nix b/nixpkgs/pkgs/tools/security/doas/default.nix new file mode 100644 index 000000000000..03268bc98479 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/doas/default.nix @@ -0,0 +1,58 @@ +{ lib +, stdenv +, fetchFromGitHub +, bison +, pam +, libxcrypt + +, withPAM ? true +, withTimestamp ? true +}: + +stdenv.mkDerivation rec { + pname = "doas"; + version = "6.8.2"; + + src = fetchFromGitHub { + owner = "Duncaen"; + repo = "OpenDoas"; + rev = "v${version}"; + sha256 = "9uOQ2Ta5HzEpbCz2vbqZEEksPuIjL8lvmfmynfqxMeM="; + }; + + # otherwise confuses ./configure + dontDisableStatic = true; + + configureFlags = [ + (lib.optionalString withTimestamp "--with-timestamp") # to allow the "persist" setting + (lib.optionalString (!withPAM) "--without-pam") + ]; + + patches = [ + # Allow doas to discover binaries in /run/current-system/sw/{s,}bin and + # /run/wrappers/bin + ./0001-add-NixOS-specific-dirs-to-safe-PATH.patch + ]; + + # ./configure script does not understand `--disable-shared` + dontAddStaticConfigureFlags = true; + + postPatch = '' + sed -i '/\(chown\|chmod\)/d' GNUmakefile + '' + lib.optionalString (withPAM && stdenv.hostPlatform.isStatic) '' + sed -i 's/-lpam/-lpam -laudit/' configure + ''; + + nativeBuildInputs = [ bison ]; + buildInputs = [ ] + ++ lib.optional withPAM pam + ++ lib.optional (!withPAM) libxcrypt; + + meta = with lib; { + description = "Executes the given command as another user"; + homepage = "https://github.com/Duncaen/OpenDoas"; + license = licenses.isc; + platforms = platforms.linux; + maintainers = with maintainers; [ cole-h ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/donkey/default.nix b/nixpkgs/pkgs/tools/security/donkey/default.nix new file mode 100644 index 000000000000..514df406f3b9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/donkey/default.nix @@ -0,0 +1,54 @@ +{ stdenv +, fetchFromGitLab +, libmd +, coreutils +, lib +, testers +, donkey +}: + +stdenv.mkDerivation rec { + pname = "donkey"; + version = "1.2.0"; + + src = fetchFromGitLab { + owner = "donkey"; + repo = "donkey"; + rev = "tags/release/${version}"; + hash = "sha256-2xgb9l0Eko39HJVROAWEIP3qLg5t/5h/rm2MoXoKnJI="; + }; + sourceRoot = "${src.name}/src"; + + buildInputs = [ libmd ]; + + preInstall = '' + # don't change the owner, use global permissions: + export INSTALL_PROGRAM="${coreutils}/bin/install -m 555" + export INSTALL_DATA="${coreutils}/bin/install -m 444" + ''; + + passthru.tests.version = testers.testVersion { package = donkey; }; + + meta = with lib; { + description = "an alternative for S/KEY's 'key' command."; + longDescription = '' +Donkey is an alternative for S/KEY's "key" command. The new feature that +the original key doesn't have is print an entry for skeykeys as +follows; + + kazu 0099 al02004 115d83956f1089b6 Apr 26,1995 22:13:27 + +This means that donkey is also an alternative for "keyinit". Since the +entry is printed to stdout (not to /etc/skeykeys), you can easily send +it to a remote operator by e-mail (with a PGP signature or something). +So, it is possible to initiate S/KEY without logging in from the console of +the host. + +The name "Donkey" is an acronym of "Don't Key". + ''; + homepage = "https://devel.ringlet.net/security/donkey"; + license = licenses.gpl2; + maintainers = with maintainers; [ raboof ]; + platforms = platforms.all; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dontgo403/default.nix b/nixpkgs/pkgs/tools/security/dontgo403/default.nix new file mode 100644 index 000000000000..79002c1cfc89 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dontgo403/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "dontgo403"; + version = "0.9.4"; + + src = fetchFromGitHub { + owner = "devploit"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-PKI/DqMihhMaIa9OzDKtLIs34TRUtewAbBkx89IXLU4="; + }; + + vendorHash = "sha256-IGnTbuaQH8A6aKyahHMd2RyFRh4WxZ3Vx/A9V3uelRg="; + + meta = with lib; { + description = "Tool to bypass 40X response codes"; + homepage = "https://github.com/devploit/dontgo403"; + changelog = "https://github.com/devploit/dontgo403/releases/tag/${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/doona/default.nix b/nixpkgs/pkgs/tools/security/doona/default.nix new file mode 100644 index 000000000000..e0f459ad7453 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/doona/default.nix @@ -0,0 +1,36 @@ +{ fetchFromGitHub +, lib, stdenv +, perl +}: + +stdenv.mkDerivation rec { + pname = "doona"; + version = "unstable-2019-03-08"; + + src = fetchFromGitHub { + owner = "wireghoul"; + repo = pname; + rev = "master"; + sha256 = "0x9irwrw5x2ia6ch6gshadrlqrgdi1ivkadmr7j4m75k04a7nvz1"; + }; + + buildInputs = [ perl ]; + + installPhase = '' + mkdir -p $out/bin + cp -r ${src}/bedmod $out/bin/bedmod + cp ${src}/doona.pl $out/bin/doona + chmod +x $out/bin/doona + ''; + + meta = with lib; { + homepage = "https://github.com/wireghoul/doona"; + description = "A fork of the Bruteforce Exploit Detector Tool (BED)"; + longDescription = '' + A fork of the Bruteforce Exploit Detector Tool (BED). + BED is a program which is designed to check daemons for potential buffer overflows, format string bugs etc. + ''; + license = licenses.gpl2; + maintainers = with maintainers; [ pamplemousse ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/doppler/default.nix b/nixpkgs/pkgs/tools/security/doppler/default.nix new file mode 100644 index 000000000000..272caf42e90e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/doppler/default.nix @@ -0,0 +1,48 @@ +{ buildGoModule +, doppler +, fetchFromGitHub +, installShellFiles +, lib +, testers +}: + +buildGoModule rec { + pname = "doppler"; + version = "3.66.3"; + + src = fetchFromGitHub { + owner = "dopplerhq"; + repo = "cli"; + rev = version; + sha256 = "sha256-zS5nIULnzoOG43nNcVb6MdmKNDcDK75mh3SOMB5BXIY="; + }; + + vendorHash = "sha256-FOmaK6S61fkzybpDx6qfi6m4e2IaqBpavaFhEgIvmqw="; + + ldflags = [ + "-s -w" + "-X github.com/DopplerHQ/cli/pkg/version.ProgramVersion=v${version}" + ]; + + nativeBuildInputs = [ installShellFiles ]; + + postInstall = '' + mv $out/bin/cli $out/bin/doppler + installShellCompletion --cmd doppler \ + --bash <($out/bin/doppler completion bash) \ + --fish <($out/bin/doppler completion fish) \ + --zsh <($out/bin/doppler completion zsh) + ''; + + passthru.tests.version = testers.testVersion { + package = doppler; + version = "v${version}"; + }; + + meta = with lib; { + description = "The official CLI for interacting with your Doppler Enclave secrets and configuration"; + homepage = "https://doppler.com"; + license = licenses.asl20; + maintainers = with maintainers; [ lucperkins ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dorkscout/default.nix b/nixpkgs/pkgs/tools/security/dorkscout/default.nix new file mode 100644 index 000000000000..e5b5057c6089 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dorkscout/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "dorkscout"; + version = "1.0"; + + src = fetchFromGitHub { + owner = "R4yGM"; + repo = pname; + rev = version; + hash = "sha256-v0OgEfl6L92ux+2GbSPHEgkmA/ZobQHB66O2LlEhVUA="; + }; + + vendorHash = "sha256-8Nrg90p/5hQBpuyh2NBE4KKxT4BM9jhWIZ6hXBpMdhc="; + + meta = with lib; { + description = "Tool to automate the work with Google dorks"; + homepage = "https://github.com/R4yGM/dorkscout"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/dumpasn1/configpath.patch b/nixpkgs/pkgs/tools/security/dumpasn1/configpath.patch new file mode 100644 index 000000000000..4578faafc350 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dumpasn1/configpath.patch @@ -0,0 +1,28 @@ +From ab8bd63b32b963ddc7346a2dabfd39fba8bfba72 Mon Sep 17 00:00:00 2001 +From: Paul Meyer <49727155+katexochen@users.noreply.github.com> +Date: Sun, 13 Aug 2023 14:13:21 +0200 +Subject: [PATCH] make config path injectable during build + +This way a config path can be added to the list during build by +defining the makro. + +Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> +--- + dumpasn1.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/dumpasn1.c b/dumpasn1.c +index e7bf268..94f1582 100644 +--- a/dumpasn1.c ++++ b/dumpasn1.c +@@ -451,6 +451,10 @@ static const char *configPaths[] = { + /* General environment-based paths */ + "$DUMPASN1_PATH/", + ++ #ifdef DUMPASN1_CONFIG_PATH ++ DUMPASN1_CONFIG_PATH, ++ #endif /* DUMPASN1_CONFIG_PATH */ ++ + NULL + }; + #endif /* OS-specific search paths */ diff --git a/nixpkgs/pkgs/tools/security/dumpasn1/default.nix b/nixpkgs/pkgs/tools/security/dumpasn1/default.nix new file mode 100644 index 000000000000..030d73a447be --- /dev/null +++ b/nixpkgs/pkgs/tools/security/dumpasn1/default.nix @@ -0,0 +1,35 @@ +{ lib +, stdenv +, fetchFromGitHub +}: +stdenv.mkDerivation (finalAttrs: { + pname = "dumpasn1"; + version = "20230207.0.0"; + + src = fetchFromGitHub { + owner = "katexochen"; + repo = "dumpasn1"; + rev = "v${finalAttrs.version}"; + hash = "sha256-r40czSLdjCYbt73zK7exCoP/kMq6+pyJfz9LKJLLaXM="; + }; + + CFLAGS = ''-DDUMPASN1_CONFIG_PATH='"$(out)/etc/"' ''; + + makeFlags = [ "prefix=$(out)" ]; + + patches = [ + # Allow adding a config file path during build via makro. + # Used to add the store path of the included config file through CFLAGS. + # This won't be merged upstream. + ./configpath.patch + ]; + + meta = with lib; { + description = "Display and debug ASN.1 data"; + homepage = "https://github.com/katexochen/dumpasn1"; + license = licenses.bsd2; + mainProgram = "dumpasn1"; + maintainers = with maintainers; [ katexochen ]; + platforms = platforms.linux ++ platforms.darwin; + }; +}) diff --git a/nixpkgs/pkgs/tools/security/duo-unix/default.nix b/nixpkgs/pkgs/tools/security/duo-unix/default.nix new file mode 100644 index 000000000000..f0ddb1c0c2aa --- /dev/null +++ b/nixpkgs/pkgs/tools/security/duo-unix/default.nix @@ -0,0 +1,28 @@ +{ lib, stdenv, fetchurl, pam, openssl, zlib }: + +stdenv.mkDerivation rec { + pname = "duo-unix"; + version = "2.0.2"; + + src = fetchurl { + url = "https://dl.duosecurity.com/duo_unix-${version}.tar.gz"; + sha256 = "sha256-7huWd71SdnTe1ef8OoHgQKjYQKVpE8k/oNT7bA+OJR0="; + }; + + buildInputs = [ pam openssl zlib ]; + configureFlags = + [ "--with-pam=$(out)/lib/security" + "--prefix=$(out)" + "--sysconfdir=$(out)/etc/duo" + "--with-openssl=${openssl.dev}" + "--enable-lib64=no" + ]; + + meta = { + description = "Duo Security Unix login integration"; + homepage = "https://duosecurity.com"; + license = lib.licenses.gpl2; + platforms = lib.platforms.unix; + maintainers = [ lib.maintainers.thoughtpolice ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/earlybird/default.nix b/nixpkgs/pkgs/tools/security/earlybird/default.nix new file mode 100644 index 000000000000..c7c16ab47d38 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/earlybird/default.nix @@ -0,0 +1,32 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "earlybird"; + version = "3.16.0"; + + src = fetchFromGitHub { + owner = "americanexpress"; + repo = "earlybird"; + rev = "v${version}"; + hash = "sha256-qSW8O13UW5L2eVsqIuqOguhCyZBPqevZ9fJ7qkraa7M="; + }; + + patches = [ + ./fix-go.mod-dependency.patch + ]; + + vendorHash = "sha256-ktsQvWc0CTnqOer+9cc0BddrQp0F3Xk7YJP3jxfuw1w="; + + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + description = "A sensitive data detection tool capable of scanning source code repositories for passwords, key files, and more"; + homepage = "https://github.com/americanexpress/earlybird"; + changelog = "https://github.com/americanexpress/earlybird/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/earlybird/fix-go.mod-dependency.patch b/nixpkgs/pkgs/tools/security/earlybird/fix-go.mod-dependency.patch new file mode 100644 index 000000000000..fb1cf4afdabc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/earlybird/fix-go.mod-dependency.patch @@ -0,0 +1,13 @@ +--- a/go.mod ++++ b/go.mod +@@ -42,8 +42,9 @@ require ( + github.com/src-d/gcfg v1.4.0 // indirect + github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf // indirect + github.com/xanzy/ssh-agent v0.2.1 // indirect +- golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 // indirect ++ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect + golang.org/x/sys v0.0.0-20220906165534-d0df966e6959 // indirect ++ golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect + google.golang.org/protobuf v1.23.0 // indirect + gopkg.in/src-d/go-billy.v4 v4.3.2 // indirect + gopkg.in/warnings.v0 v0.1.2 // indirect diff --git a/nixpkgs/pkgs/tools/security/ec2stepshell/default.nix b/nixpkgs/pkgs/tools/security/ec2stepshell/default.nix new file mode 100644 index 000000000000..ff6ee22b08eb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ec2stepshell/default.nix @@ -0,0 +1,46 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "ec2stepshell"; + version = "unstable-2023-04-07"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "saw-your-packet"; + repo = "EC2StepShell"; + rev = "ab1298fa7f2650de711e86e870a693dcce0e1935"; + hash = "sha256-zy33CgGwa2pBYouqaJ1LM6uRIh3Q1uxi2zNXpDNPsuQ="; + }; + + postPatch = '' + # https://github.com/saw-your-packet/EC2StepShell/pull/1 + substituteInPlace pyproject.toml \ + --replace "realpython" "ec2stepshell" + ''; + + nativeBuildInputs = with python3.pkgs; [ + setuptools + ]; + + propagatedBuildInputs = with python3.pkgs; [ + boto3 + colorama + pyfiglet + termcolor + ]; + + pythonImportsCheck = [ + "ec2stepshell" + ]; + + meta = with lib; { + description = "AWS post-exploitation tool"; + homepage = "https://github.com/saw-your-packet/EC2StepShell"; + changelog = "https://github.com/saw-your-packet/EC2StepShell/blob/${version}/CHANGELOG.txt"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ecdsatool/default.nix b/nixpkgs/pkgs/tools/security/ecdsatool/default.nix new file mode 100644 index 000000000000..0498b758c1d3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ecdsatool/default.nix @@ -0,0 +1,28 @@ +{ lib, stdenv, pkgs }: + +stdenv.mkDerivation { + version = "0.0.1"; + pname = "ecdsatool"; + + src = pkgs.fetchFromGitHub { + owner = "kaniini"; + repo = "ecdsatool"; + rev = "7c0b2c51e2e64d1986ab1dc2c57c2d895cc00ed1"; + sha256 = "08z9309znkhrjpwqd4ygvm7cd1ha1qbrnlzw64fr8704jrmx762k"; + }; + + configurePhase = '' + ./autogen.sh + ./configure --prefix=$out + ''; + + nativeBuildInputs = with pkgs; [openssl autoconf automake]; + buildInputs = with pkgs; [libuecc]; + + meta = with lib; { + description = "Create and manipulate ECC NISTP256 keypairs"; + homepage = "https://github.com/kaniini/ecdsatool/"; + license = with licenses; [free]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ecdsautils/default.nix b/nixpkgs/pkgs/tools/security/ecdsautils/default.nix new file mode 100644 index 000000000000..0a43260eb831 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ecdsautils/default.nix @@ -0,0 +1,27 @@ +{ lib, stdenv, pkgs }: + +let + pname = "ecdsautils"; + version = "0.4.1"; +in +stdenv.mkDerivation { + inherit pname version; + + src = pkgs.fetchFromGitHub { + owner = "freifunk-gluon"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-dv0guQTmot5UO1GkMgzvD6uJFyum5kV89LI3xWS1DZA="; + }; + + nativeBuildInputs = with pkgs; [ cmake pkg-config doxygen ]; + buildInputs = with pkgs; [ libuecc ]; + + meta = with lib; { + description = "Tiny collection of programs used for ECDSA (keygen, sign, verify)"; + homepage = "https://github.com/freifunk-gluon/ecdsautils/"; + license = with licenses; [ mit bsd2 ]; + maintainers = with maintainers; [ ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/echidna/default.nix b/nixpkgs/pkgs/tools/security/echidna/default.nix new file mode 100644 index 000000000000..80dcba3a8038 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/echidna/default.nix @@ -0,0 +1,84 @@ +{ lib +, mkDerivation +, fetchFromGitHub +, fetchpatch +, haskellPackages +, haskell +, slither-analyzer +}: + +let haskellPackagesOverride = haskellPackages.override { + overrides = self: super: { + # following the revision specified in echidna/stack.yaml + # TODO: 0.51.3 is not in haskellPackages yet + hevm = haskell.lib.overrideCabal super.hevm (oa: { + version = "0.51.3"; + src = fetchFromGitHub { + owner = "ethereum"; + repo = "hevm"; + rev = "release/0.51.3"; + hash = "sha256-H6oURBGoQWSOuPhBB+UKg2UarVzXgv1tmfDBLnOtdhU="; + }; + libraryHaskellDepends = oa.libraryHaskellDepends + ++ (with haskellPackages;[githash witch]); + }); + }; + }; +in mkDerivation rec { + pname = "echidna"; + version = "2.2.1"; + + src = fetchFromGitHub { + owner = "crytic"; + repo = "echidna"; + rev = "v${version}"; + sha256 = "sha256-5d9ttPR3rRHywBeLM85EGCEZLNZNZzOAhIN6AJToJyI="; + }; + + # Note: pending PR https://github.com/crytic/echidna/pull/1096 + patches = [ + (fetchpatch { + name = "brick-1.9-update"; + url = "https://github.com/crytic/echidna/pull/1096/commits/36657d54943727e569691a6b3d85b83130480a2e.patch"; + sha256 = "sha256-AOmB/fAZCF7ruXW1HusRe7wWWsLyMCWw+j3qIPARIAc="; + }) + ]; + + isLibrary = true; + isExecutable = true; + + libraryToolDepends = with haskellPackagesOverride; [ + haskellPackages.hpack + ]; + + # Note: This can be extracted from package.yaml of echidna, the list is shorter because some are transitive. + executableHaskellDepends = with haskellPackagesOverride; + [aeson base base16-bytestring binary brick bytestring code-page containers data-dword data-has directory exceptions extra + filepath hashable hevm html-conduit html-entities http-conduit lens ListLike MonadRandom mtl optics optparse-applicative + process random semver text transformers unix unliftio unordered-containers vector vector-instances vty with-utf8 + xml-conduit yaml]; + + # Note: there is also a runtime dependency of slither-analyzer, let's include it also. + executableSystemDepends = [ slither-analyzer ]; + + testHaskellDepends = with haskellPackagesOverride; [ + tasty tasty-hunit tasty-quickcheck + ]; + + preConfigure = '' + hpack + # re-enable dynamic build for Linux + sed -i -e 's/os(linux)/false/' echidna.cabal + ''; + shellHook = "hpack"; + doHaddock = false; + # tests depend on a specific version of solc + doCheck = false; + + description = "Ethereum smart contract fuzzer"; + homepage = "https://github.com/crytic/echidna"; + license = lib.licenses.agpl3Plus; + maintainers = with lib.maintainers; [ arturcygan hellwolf ]; + platforms = lib.platforms.unix; + mainProgram = "echidna-test"; +} diff --git a/nixpkgs/pkgs/tools/security/ecryptfs/default.nix b/nixpkgs/pkgs/tools/security/ecryptfs/default.nix new file mode 100644 index 000000000000..777aaea41ec2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ecryptfs/default.nix @@ -0,0 +1,67 @@ +{ lib, stdenv, fetchurl, pkg-config, perl, util-linux, keyutils, nss, nspr, python2, pam, enablePython ? false +, intltool, makeWrapper, coreutils, bash, gettext, cryptsetup, lvm2, rsync, which, lsof }: + +stdenv.mkDerivation rec { + pname = "ecryptfs"; + version = "111"; + + src = fetchurl { + url = "https://launchpad.net/ecryptfs/trunk/${version}/+download/ecryptfs-utils_${version}.orig.tar.gz"; + sha256 = "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i"; + }; + + # TODO: replace wrapperDir below with from <nixos> config.security.wrapperDir; + wrapperDir = "/run/wrappers/bin"; + + postPatch = '' + FILES="$(grep -r '/bin/sh' src/utils -l; find src -name \*.c)" + for file in $FILES; do + substituteInPlace "$file" \ + --replace /bin/mount ${util-linux}/bin/mount \ + --replace /bin/umount ${util-linux}/bin/umount \ + --replace /sbin/mount.ecryptfs_private ${wrapperDir}/mount.ecryptfs_private \ + --replace /sbin/umount.ecryptfs_private ${wrapperDir}/umount.ecryptfs_private \ + --replace /sbin/mount.ecryptfs $out/sbin/mount.ecryptfs \ + --replace /sbin/umount.ecryptfs $out/sbin/umount.ecryptfs \ + --replace /usr/bin/ecryptfs-rewrite-file $out/bin/ecryptfs-rewrite-file \ + --replace /usr/bin/ecryptfs-mount-private $out/bin/ecryptfs-mount-private \ + --replace /usr/bin/ecryptfs-setup-private $out/bin/ecryptfs-setup-private \ + --replace /sbin/cryptsetup ${cryptsetup}/sbin/cryptsetup \ + --replace /sbin/dmsetup ${lvm2}/sbin/dmsetup \ + --replace /sbin/unix_chkpwd ${wrapperDir}/unix_chkpwd \ + --replace /bin/bash ${bash}/bin/bash + done + ''; + + configureFlags = lib.optionals (!enablePython) [ "--disable-pywrap" ]; + + nativeBuildInputs = [ pkg-config makeWrapper intltool ] + # if python2 support is requested, it is needed at builtime as well as runtime. + ++ lib.optionals (enablePython) [ python2 ] + ; + buildInputs = [ perl nss nspr pam ] + ++ lib.optionals (enablePython) [ python2 ] + ; + propagatedBuildInputs = [ coreutils gettext cryptsetup lvm2 rsync keyutils which ]; + + postInstall = '' + FILES="$(grep -r '/bin/sh' $out/bin -l)" + for file in $FILES; do + wrapProgram $file \ + --prefix PATH ":" "${coreutils}/bin" \ + --prefix PATH ":" "${gettext}/bin" \ + --prefix PATH ":" "${rsync}/bin" \ + --prefix PATH ":" "${keyutils}/bin" \ + --prefix PATH ":" "${which}/bin" \ + --prefix PATH ":" "${lsof}/bin" \ + --prefix PATH ":" "$out/bin" + done + ''; + + meta = with lib; { + description = "Enterprise-class stacked cryptographic filesystem"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ obadz ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ecryptfs/helper.nix b/nixpkgs/pkgs/tools/security/ecryptfs/helper.nix new file mode 100644 index 000000000000..e0252dac820a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ecryptfs/helper.nix @@ -0,0 +1,34 @@ +{ lib, stdenv +, fetchurl +, makeWrapper +, python2 +}: + +stdenv.mkDerivation { + pname = "ecryptfs-helper"; + version = "20160722"; + + src = fetchurl { + url = "https://gist.githubusercontent.com/obadz/ec053fdb00dcb48441d8313169874e30/raw/4b657a4b7c3dc684e4d5e3ffaf46ced1b7675163/ecryptfs-helper.py"; + sha256 = "0gp4m22zc80814ng80s38hp930aa8r4zqihr7jr23m0m2iq4pdpg"; + }; + + dontUnpack = true; + + nativeBuildInputs = [ makeWrapper ]; + + # Do not hardcode PATH to ${ecryptfs} as we need the script to invoke executables from /run/wrappers/bin + installPhase = '' + mkdir -p $out/bin $out/libexec + cp $src $out/libexec/ecryptfs-helper.py + makeWrapper "${python2.interpreter}" "$out/bin/ecryptfs-helper" --add-flags "$out/libexec/ecryptfs-helper.py" + ''; + + meta = with lib; { + description = "Helper script to create/mount/unemount encrypted directories using eCryptfs without needing root permissions"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ obadz ]; + platforms = platforms.linux; + hydraPlatforms = []; + }; +} diff --git a/nixpkgs/pkgs/tools/security/efitools/default.nix b/nixpkgs/pkgs/tools/security/efitools/default.nix new file mode 100644 index 000000000000..59cb794d718e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/efitools/default.nix @@ -0,0 +1,40 @@ +{ lib, stdenv, gnu-efi, openssl, sbsigntool, perl, perlPackages, +help2man, fetchgit }: +stdenv.mkDerivation rec { + pname = "efitools"; + version = "1.9.2"; + + buildInputs = [ + gnu-efi + openssl + sbsigntool + ]; + + nativeBuildInputs = [ + perl + perlPackages.FileSlurp + help2man + ]; + + src = fetchgit { + url = "https://git.kernel.org/pub/scm/linux/kernel/git/jejb/efitools.git"; + rev = "v${version}"; + sha256 = "0jabgl2pxvfl780yvghq131ylpf82k7banjz0ksjhlm66ik8gb1i"; + }; + + postPatch = '' + sed -i -e 's#/usr/include/efi#${gnu-efi}/include/efi/#g' Make.rules + sed -i -e 's#/usr/lib64/gnuefi#${gnu-efi}/lib/#g' Make.rules + sed -i -e 's#$(DESTDIR)/usr#$(out)#g' Make.rules + substituteInPlace lib/console.c --replace "EFI_WARN_UNKOWN_GLYPH" "EFI_WARN_UNKNOWN_GLYPH" + patchShebangs . + ''; + + meta = with lib; { + description = "Tools for manipulating UEFI secure boot platforms"; + homepage = "https://git.kernel.org/pub/scm/linux/kernel/git/jejb/efitools.git"; + license = licenses.gpl2; + maintainers = [ maintainers.grahamc ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/eid-mw/default.nix b/nixpkgs/pkgs/tools/security/eid-mw/default.nix new file mode 100644 index 000000000000..e399974b4c6e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/eid-mw/default.nix @@ -0,0 +1,104 @@ +{ lib +, stdenv +, fetchFromGitHub +, autoconf-archive +, autoreconfHook +, makeWrapper +, pkg-config +, substituteAll +, curl +, gtk3 +, libassuan +, libbsd +, libproxy +, libxml2 +, nssTools +, openssl +, p11-kit +, pcsclite +}: + +stdenv.mkDerivation rec { + pname = "eid-mw"; + # NOTE: Don't just blindly update to the latest version/tag. Releases are always for a specific OS. + version = "5.1.11"; + + src = fetchFromGitHub { + owner = "Fedict"; + repo = "eid-mw"; + rev = "v${version}"; + hash = "sha256-70UjfkH+rx1Q+2XEuAByoDsP5ZelyuGXaHdkjTe/sCY="; + }; + + postPatch = '' + sed 's@m4_esyscmd_s(.*,@[${version}],@' -i configure.ac + substituteInPlace configure.ac --replace 'p11kitcfdir=""' 'p11kitcfdir="'$out/share/p11-kit/modules'"' + ''; + + + nativeBuildInputs = [ autoreconfHook autoconf-archive pkg-config makeWrapper ]; + buildInputs = [ curl gtk3 libassuan libbsd libproxy libxml2 openssl p11-kit pcsclite ]; + + preConfigure = '' + mkdir openssl + ln -s ${lib.getLib openssl}/lib openssl + ln -s ${openssl.bin}/bin openssl + ln -s ${openssl.dev}/include openssl + export SSL_PREFIX=$(realpath openssl) + substituteInPlace plugins_tools/eid-viewer/Makefile.in \ + --replace "c_rehash" "openssl rehash" + ''; + # pinentry uses hardcoded `/usr/bin/pinentry`, so use the built-in (uglier) dialogs for pinentry. + configureFlags = [ "--disable-pinentry" ]; + + postInstall = + let + eid-nssdb-in = substituteAll { + inherit (stdenv) shell; + isExecutable = true; + src = ./eid-nssdb.in; + }; + in + '' + install -D ${eid-nssdb-in} $out/bin/eid-nssdb + substituteInPlace $out/bin/eid-nssdb \ + --replace "modutil" "${nssTools}/bin/modutil" + + rm $out/bin/about-eid-mw + wrapProgram $out/bin/eid-viewer --prefix XDG_DATA_DIRS : "$out/share/gsettings-schemas/$name" + ''; + + enableParallelBuilding = true; + + doCheck = true; + + meta = with lib; { + description = "Belgian electronic identity card (eID) middleware"; + homepage = "https://eid.belgium.be/en"; + license = licenses.lgpl3Only; + longDescription = '' + Allows user authentication and digital signatures with Belgian ID cards. + Also requires a running pcscd service and compatible card reader. + + eid-viewer is also installed. + + This package only installs the libraries. To use eIDs in Firefox or + Chromium, the eID Belgium add-on must be installed. + This package only installs the libraries. To use eIDs in NSS-compatible + browsers like Chrom{e,ium} or Firefox, each user must first execute: + ~$ eid-nssdb add + (Running the script once as root with the --system option enables eID + support for all users, but will *not* work when using Chrom{e,ium}!) + Before uninstalling this package, it is a very good idea to run + ~$ eid-nssdb [--system] remove + and remove all ~/.pki and/or /etc/pki directories no longer needed. + + The above procedure doesn't seem to work in Firefox. You can override the + firefox wrapper to add this derivation to the PKCS#11 modules, like so: + + firefox.override { pkcs11Modules = [ pkgs.eid-mw ]; } + ''; + platforms = platforms.linux; + maintainers = with maintainers; [ bfortz chvp ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/eid-mw/eid-nssdb.in b/nixpkgs/pkgs/tools/security/eid-mw/eid-nssdb.in new file mode 100644 index 000000000000..636b4c1ee118 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/eid-mw/eid-nssdb.in @@ -0,0 +1,83 @@ +#!@shell@ + +rootdb="/etc/pki/nssdb" +userdb="$HOME/.pki/nssdb" +dbentry="Belgium eID" +libfile="/run/current-system/sw/lib/libbeidpkcs11.so" + +dbdir="$userdb" + +while true; do + case "$1" in + --help|"") cat << EOF +(Un)register $dbentry with NSS-compatible browsers. + +Usage: `basename "$0"` [OPTION] ACTION [LIBRARY] + +Options: + --db PATH use custom NSS database directory PATH + --user use user NSS database $userdb (default) + --system use global NSS database $rootdb + --help show this message + +Actions: + add add $dbentry to NSS database + remove remove $dbentry from NSS database + show show $dbentry NSS database entry + +Default arguments if unspecified: + LIBRARY $libfile +EOF + exit ;; + --db) dbdir="$2" + shift 2 ;; + --user) dbdir="$userdb" + shift ;; + --system) + dbdir="$rootdb" + shift ;; + -*) echo "$0: unknown option: '$1'" >&2 + echo "Try --help for usage information." + exit 1 ;; + *) break ;; + esac +done + +if [ "$2" ]; then + libfile="$2" + if ! [ -f "$libfile" ]; then + echo "$0: error: '$libfile' not found" >&2 + exit 1 + fi +fi + +mkdir -p "$dbdir" +if ! [ -d "$dbdir" ]; then + echo "$0: error: '$dbdir' must be a writable directory" >&2 + exit 1 +fi + +dbdir="sql:$dbdir" + +echo "NSS database: $dbdir" +echo "BEID library: $libfile" + +case "$1" in +add) echo "Adding $dbentry to database:" + modutil -dbdir "$dbdir" -add "$dbentry" -libfile "$libfile" || + echo "Tip: try removing the module before adding it again." ;; +remove) echo "Removing $dbentry from database:" + modutil -dbdir "$dbdir" -delete "$dbentry" ;; +show) echo "Displaying $dbentry database entry, if any:" + echo "Note: this may fail if you don't have the correct permissions." ;; +'') exec "$0" --help ;; +*) echo "$0: unknown action: '$1'" >&2 + echo "Try --help for usage information." + exit 1 ;; +esac + +ret=$? + +modutil -dbdir "$dbdir" -list "$dbentry" 2>/dev/null + +exit $ret diff --git a/nixpkgs/pkgs/tools/security/enc/default.nix b/nixpkgs/pkgs/tools/security/enc/default.nix new file mode 100644 index 000000000000..646d7c80559e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/enc/default.nix @@ -0,0 +1,54 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, git +, installShellFiles +}: + +buildGoModule rec { + pname = "enc"; + version = "1.1.2"; + + src = fetchFromGitHub { + owner = "life4"; + repo = "enc"; + rev = version; + hash = "sha256-kVK/+pR3Rzg7oCjHKr+i+lK6nhqlBN6Wj92i4SKU2l0="; + }; + + vendorHash = "sha256-6LNo4iBZDc0DTn8f/2PdCb6CNFCjU6o1xDkB5m/twJk="; + + nativeBuildInputs = [ installShellFiles ]; + + subPackages = "."; + + ldflags = [ + "-s" + "-w" + "-X github.com/life4/enc/version.GitCommit=${version}" + ]; + + nativeCheckInputs = [ git ]; + + postInstall = '' + installShellCompletion --cmd enc \ + --bash <($out/bin/enc completion bash) \ + --fish <($out/bin/enc completion fish) \ + --zsh <($out/bin/enc completion zsh) + ''; + + meta = with lib; { + homepage = "https://github.com/life4/enc"; + changelog = "https://github.com/life4/enc/releases/tag/v${version}"; + description = "A modern and friendly alternative to GnuPG"; + longDescription = '' + Enc is a CLI tool for encryption, a modern and friendly alternative to GnuPG. + It is easy to use, secure by default and can encrypt and decrypt files using password or encryption keys, + manage and download keys, and sign data. + Our goal was to make encryption available to all engineers without the need to learn a lot of new words, concepts, + and commands. It is the most beginner-friendly CLI tool for encryption, and keeping it that way is our top priority. + ''; + license = licenses.mit; + maintainers = with maintainers; [ rvnstn ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/enchive/default.nix b/nixpkgs/pkgs/tools/security/enchive/default.nix new file mode 100644 index 000000000000..960ef251b1cd --- /dev/null +++ b/nixpkgs/pkgs/tools/security/enchive/default.nix @@ -0,0 +1,27 @@ +{ lib, stdenv, fetchFromGitHub }: + +stdenv.mkDerivation rec { + pname = "enchive"; + version = "3.5"; + src = fetchFromGitHub { + owner = "skeeto"; + repo = "enchive"; + rev = version; + sha256 = "0fdrfc5l42lj2bvmv9dmkmhmm7qiszwk7cmdvnqad3fs7652g0qa"; + }; + + makeFlags = ["PREFIX=$(out)"]; + + postInstall = '' + mkdir -p $out/share/emacs/site-lisp/ + cp -v "$src/enchive-mode.el" "$out/share/emacs/site-lisp/" + ''; + + meta = { + description = "Encrypted personal archives"; + homepage = "https://github.com/skeeto/enchive"; + license = lib.licenses.unlicense; + platforms = lib.platforms.unix; + maintainers = [ lib.maintainers.nico202 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/enpass/data.json b/nixpkgs/pkgs/tools/security/enpass/data.json new file mode 100644 index 000000000000..dc6ef2049723 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/enpass/data.json @@ -0,0 +1,12 @@ +{ + "amd64": { + "path": "pool/main/e/enpass/enpass_6.9.0.1467_amd64.deb", + "sha256": "fe405f7119d45822164da3ad009b99c5cd516685198c1d335b7803d84e5ba2ca", + "version": "6.9.0.1467" + }, + "i386": { + "path": "pool/main/e/enpass/enpass_5.6.9_i386.deb", + "sha256": "3f699ac3e2ecfd4afee1505d8d364d4f6b6b94c55ba989d0a80bd678ff66cb2c", + "version": "5.6.9" + } +} diff --git a/nixpkgs/pkgs/tools/security/enpass/default.nix b/nixpkgs/pkgs/tools/security/enpass/default.nix new file mode 100644 index 000000000000..cd5a3bc4618f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/enpass/default.nix @@ -0,0 +1,105 @@ +{ stdenv, fetchurl, dpkg, xorg +, glib, libGLU, libGL, libpulseaudio, zlib, dbus, fontconfig, freetype +, gtk3, pango +, makeWrapper , python3Packages, lib, libcap +, lsof, curl, libuuid, cups, mesa, xz, libxkbcommon +}: + +let + all_data = lib.importJSON ./data.json; + system_map = { + # i686-linux = "i386"; Uncomment if enpass 6 becomes available on i386 + x86_64-linux = "amd64"; + }; + + data = all_data.${system_map.${stdenv.hostPlatform.system} or (throw "Unsupported platform")}; + + baseUrl = "https://apt.enpass.io"; + + # used of both wrappers and libpath + libPath = lib.makeLibraryPath (with xorg; [ + mesa.drivers + libGLU libGL + fontconfig + freetype + libpulseaudio + zlib + dbus + libX11 + libXi + libSM + libICE + libXrender + libXScrnSaver + libxcb + libcap + glib + gtk3 + pango + curl + libuuid + cups + xcbutilwm # libxcb-icccm.so.4 + xcbutilimage # libxcb-image.so.0 + xcbutilkeysyms # libxcb-keysyms.so.1 + xcbutilrenderutil # libxcb-render-util.so.0 + xz + libxkbcommon + ]); + package = stdenv.mkDerivation { + + inherit (data) version; + pname = "enpass"; + + src = fetchurl { + inherit (data) sha256; + url = "${baseUrl}/${data.path}"; + }; + + meta = with lib; { + description = "A well known password manager"; + homepage = "https://www.enpass.io/"; + sourceProvenance = with sourceTypes; [ binaryNativeCode ]; + license = licenses.unfree; + platforms = [ "x86_64-linux" "i686-linux"]; + maintainers = with maintainers; [ ewok dritter ]; + }; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [dpkg]; + + unpackPhase = "dpkg -X $src ."; + installPhase='' + mkdir -p $out/bin + cp -r opt/enpass/* $out/bin + cp -r usr/* $out + + sed \ + -i s@/opt/enpass/Enpass@$out/bin/Enpass@ \ + $out/share/applications/enpass.desktop + + for i in $out/bin/{Enpass,importer_enpass}; do + patchelf --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) $i + done + + # lsof must be in PATH for proper operation + wrapProgram $out/bin/Enpass \ + --set LD_LIBRARY_PATH "${libPath}" \ + --prefix PATH : ${lsof}/bin \ + --unset QML2_IMPORT_PATH \ + --unset QT_PLUGIN_PATH + ''; + }; + updater = { + update = stdenv.mkDerivation { + name = "enpass-update-script"; + SCRIPT =./update_script.py; + + buildInputs = with python3Packages; [python requests pathlib2 six attrs ]; + shellHook = '' + exec python $SCRIPT --target pkgs/tools/security/enpass/data.json --repo ${baseUrl} + ''; + + }; + }; +in (package // {refresh = updater;}) diff --git a/nixpkgs/pkgs/tools/security/enpass/update_script.py b/nixpkgs/pkgs/tools/security/enpass/update_script.py new file mode 100755 index 000000000000..ab0b6ce3f48e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/enpass/update_script.py @@ -0,0 +1,74 @@ +#! /usr/bin/env nix-shell +#! nix-shell -i python3 -p python3 python3.pkgs.packaging python3.pkgs.requests +import gzip +import json +import logging +import pathlib +import re +import subprocess +import sys + +from packaging import version +import requests + +logging.basicConfig(stream=sys.stdout, level=logging.DEBUG) + +current_path = pathlib.Path(__file__).parent +DATA_JSON = current_path.joinpath("data.json").resolve() +logging.debug(f"Path to version file: {DATA_JSON}") +last_new_version = None + +with open(DATA_JSON, "r") as versions_file: + versions = json.load(versions_file) + +def find_latest_version(arch): + CHECK_URL = f'https://apt.enpass.io/dists/stable/main/binary-{arch}/Packages.gz' + packages = gzip.decompress(requests.get(CHECK_URL).content).decode() + + # Loop every package to find the newest one! + version_selector = re.compile("Version: (?P<version>.+)") + path_selector = re.compile("Filename: (?P<path>.+)") + hash_selector = re.compile("SHA256: (?P<sha256>.+)") + last_version = version.parse("0") + for package in packages.split("\n\n"): + matches = version_selector.search(package) + matched_version = matches.group('version') if matches and matches.group('version') else "0" + parsed_version = version.parse(matched_version) + if parsed_version > last_version: + path = path_selector.search(package).group('path') + sha256 = hash_selector.search(package).group('sha256') + last_version = parsed_version + return {"path": path, "sha256": sha256, "version": matched_version} + +for arch in versions.keys(): + current_version = versions[arch]['version'] + logging.info(f"Current Version for {arch} is {current_version}") + new_version = find_latest_version(arch) + + if not new_version or new_version['version'] == current_version: + continue + + last_current_version = current_version + last_new_version = new_version + logging.info(f"Update found ({arch}): enpass: {current_version} -> {new_version['version']}") + versions[arch]['path'] = new_version['path'] + versions[arch]['sha256'] = new_version['sha256'] + versions[arch]['version'] = new_version['version'] + + +if not last_new_version: + logging.info('#### No update found ####') + sys.exit(0) + +# write new versions back +with open(DATA_JSON, "w") as versions_file: + json.dump(versions, versions_file, indent=2) + versions_file.write("\n") + +# Commit the result: +logging.info("Committing changes...") +commit_message = f"enpass: {last_current_version} -> {last_new_version['version']}" +subprocess.run(['git', 'add', DATA_JSON], check=True) +subprocess.run(['git', 'commit', '--file=-'], input=commit_message.encode(), check=True) + +logging.info("Done.") diff --git a/nixpkgs/pkgs/tools/security/enum4linux-ng/default.nix b/nixpkgs/pkgs/tools/security/enum4linux-ng/default.nix new file mode 100644 index 000000000000..2c9ab122e657 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/enum4linux-ng/default.nix @@ -0,0 +1,42 @@ +{ lib +, buildPythonApplication +, fetchFromGitHub +, impacket +, ldap3 +, pyyaml +, samba +}: + +buildPythonApplication rec { + pname = "enum4linux-ng"; + version = "1.3.1"; + + src = fetchFromGitHub { + owner = "cddmp"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-qO34sVK8eunALPCzLoCqWkO78tG4iEavij8jClCRi88="; + }; + + propagatedBuildInputs = [ + impacket + ldap3 + pyyaml + samba + ]; + + # It's only a script and not a Python module. Project has no tests + doCheck = false; + + meta = with lib; { + description = "Windows/Samba enumeration tool"; + longDescription = '' + enum4linux-ng.py is a rewrite of Mark Lowe's enum4linux.pl, a tool for + enumerating information from Windows and Samba systems. + ''; + homepage = "https://github.com/cddmp/enum4linux-ng"; + changelog = "https://github.com/cddmp/enum4linux-ng/releases/tag/v${version}"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/enum4linux/default.nix b/nixpkgs/pkgs/tools/security/enum4linux/default.nix new file mode 100644 index 000000000000..b6da742dc6fa --- /dev/null +++ b/nixpkgs/pkgs/tools/security/enum4linux/default.nix @@ -0,0 +1,49 @@ +{ lib +, stdenv +, fetchFromGitHub +, makeWrapper +, samba +, perl +, openldap +}: + +stdenv.mkDerivation rec { + pname = "enum4linux"; + version = "0.9.1"; + + src = fetchFromGitHub { + owner = "CiscoCXSecurity"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-/R0P4Ft9Y0LZwKwhDGAe36UKviih6CNbJbj1lcNKEkM="; + }; + + dontBuild = true; + + nativeBuildInputs = [ + makeWrapper + ]; + + buildInputs = [ + openldap + perl + samba + ]; + + installPhase = '' + mkdir -p $out/bin + cp enum4linux.pl $out/bin/enum4linux + + wrapProgram $out/bin/enum4linux \ + --prefix PATH : ${lib.makeBinPath [ samba openldap ]} + ''; + + meta = with lib; { + description = "A tool for enumerating information from Windows and Samba systems"; + homepage = "https://labs.portcullis.co.uk/tools/enum4linux/"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ fishi0x01 ]; + platforms = platforms.unix; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/enumerepo/default.nix b/nixpkgs/pkgs/tools/security/enumerepo/default.nix new file mode 100644 index 000000000000..31ff035950bd --- /dev/null +++ b/nixpkgs/pkgs/tools/security/enumerepo/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "enumerepo"; + version = "1.0.0"; + + src = fetchFromGitHub { + owner = "trickest"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-PWWx6b+fttxKxMtuHAYPTeEsta0E6+IQ1DSKO6c7Jdc="; + }; + + vendorHash = "sha256-Dt3QS1Rm/20Yitgg4zbBcWQXV8mTlpNbzc/k4DaTuQc="; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "Tool to list all public repositories for (valid) GitHub usernames"; + homepage = "https://github.com/trickest/enumerepo"; + changelog = "https://github.com/trickest/enumerepo/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/erosmb/default.nix b/nixpkgs/pkgs/tools/security/erosmb/default.nix new file mode 100644 index 000000000000..b7984feac513 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/erosmb/default.nix @@ -0,0 +1,48 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "erosmb"; + version = "0.1.5"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "viktor02"; + repo = "EroSmb"; + rev = "refs/tags/v${version}"; + hash = "sha256-9Zs5Z+3JiBiJkV9Ixl5pPmLv0dUT59CT0UkQDsmneWc="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + chardet + colorama + cryptography + impacket + ldap3 + ldapdomaindump + pyasn1 + setuptools + six + ]; + + # Project has no tests + doCheck = false; + + doInstallCheck = true; + + installCheckPhase = '' + runHook preInstallCheck + $out/bin/erosmb --help + runHook postInstallCheck + ''; + + meta = with lib; { + description = "SMB network scanner"; + homepage = "https://github.com/viktor02/EroSmb"; + changelog = "https://github.com/viktor02/EroSmb/releases/tag/v${version}"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/eschalot/default.nix b/nixpkgs/pkgs/tools/security/eschalot/default.nix new file mode 100644 index 000000000000..0c984c5d35e5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/eschalot/default.nix @@ -0,0 +1,27 @@ +{ lib, stdenv, fetchFromGitHub, openssl }: + +stdenv.mkDerivation rec { + pname = "eschalot"; + version = "1.2.0.20191006"; + + src = fetchFromGitHub { + owner = "ReclaimYourPrivacy"; + repo = pname; + rev = "a45bad5b9a3e4939340ddd8a751ceffa3c0db76a"; + sha256 = "1wbi0azc2b57nmmx6c1wmvng70d9ph1s83yhnl5lxaaqaj85h22g"; + }; + + buildInputs = [ openssl ]; + + installPhase = '' + install -D -t $out/bin eschalot worgen + ''; + + meta = with lib; { + description = "Tor hidden service name generator"; + homepage = src.meta.homepage; + license = licenses.isc; + platforms = platforms.unix; + maintainers = with maintainers; [ dotlambda ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/evil-winrm/Gemfile b/nixpkgs/pkgs/tools/security/evil-winrm/Gemfile new file mode 100644 index 000000000000..ebdf6f575a05 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/evil-winrm/Gemfile @@ -0,0 +1,7 @@ +source 'https://rubygems.org' + +gem 'winrm' +gem 'winrm-fs' +gem 'stringio' +gem 'logger' +gem 'fileutils' diff --git a/nixpkgs/pkgs/tools/security/evil-winrm/Gemfile.lock b/nixpkgs/pkgs/tools/security/evil-winrm/Gemfile.lock new file mode 100644 index 000000000000..8b442f035590 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/evil-winrm/Gemfile.lock @@ -0,0 +1,51 @@ +GEM + remote: https://rubygems.org/ + specs: + builder (3.2.3) + erubis (2.7.0) + ffi (1.11.1) + fileutils (0.7.2) + gssapi (1.3.0) + ffi (>= 1.0.1) + gyoku (1.3.1) + builder (>= 2.1.2) + httpclient (2.8.3) + little-plugger (1.1.4) + logger (1.4.3) + logging (2.2.2) + little-plugger (~> 1.1) + multi_json (~> 1.10) + multi_json (1.14.1) + nori (2.6.0) + rexml (3.2.5) + rubyntlm (0.6.2) + rubyzip (1.3.0) + stringio (0.0.2) + winrm (2.3.2) + builder (>= 2.1.2) + erubis (~> 2.7) + gssapi (~> 1.2) + gyoku (~> 1.0) + httpclient (~> 2.2, >= 2.2.0.2) + logging (>= 1.6.1, < 3.0) + nori (~> 2.0) + rexml (>= 3.2.3.1) + rubyntlm (~> 0.6.0, >= 0.6.1) + winrm-fs (1.3.2) + erubis (~> 2.7) + logging (>= 1.6.1, < 3.0) + rubyzip (~> 1.1) + winrm (~> 2.0) + +PLATFORMS + ruby + +DEPENDENCIES + fileutils + logger + stringio + winrm + winrm-fs + +BUNDLED WITH + 2.2.24 diff --git a/nixpkgs/pkgs/tools/security/evil-winrm/default.nix b/nixpkgs/pkgs/tools/security/evil-winrm/default.nix new file mode 100644 index 000000000000..30420c7aad68 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/evil-winrm/default.nix @@ -0,0 +1,46 @@ +{ lib +, stdenv +, fetchFromGitHub +, makeWrapper +, bundlerEnv +}: + +stdenv.mkDerivation rec { + pname = "evil-winrm"; + version = "3.5"; + + src = fetchFromGitHub { + owner = "Hackplayers"; + repo = "evil-winrm"; + rev = "refs/tags/v${version}"; + hash = "sha256-8Lyo7BgypzrHMEcbYlxo/XWwOtBqs2tczYnc3+XEbeA="; + }; + + env = bundlerEnv { + name = pname; + gemfile = ./Gemfile; + lockfile = ./Gemfile.lock; + gemset = ./gemset.nix; + }; + + nativeBuildInputs = [ + makeWrapper + ]; + + buildInputs = [ + env.wrappedRuby + ]; + + installPhase = '' + mkdir -p $out/bin + cp evil-winrm.rb $out/bin/evil-winrm + ''; + + meta = with lib; { + description = "WinRM shell for hacking/pentesting"; + homepage = "https://github.com/Hackplayers/evil-winrm"; + changelog = "https://github.com/Hackplayers/evil-winrm/blob/v${version}/CHANGELOG.md"; + license = licenses.lgpl3Plus; + maintainers = with maintainers; [ elohmeier ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/evil-winrm/gemset.nix b/nixpkgs/pkgs/tools/security/evil-winrm/gemset.nix new file mode 100644 index 000000000000..19e4e1cc862e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/evil-winrm/gemset.nix @@ -0,0 +1,187 @@ +{ + builder = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0qibi5s67lpdv1wgcj66wcymcr04q6j4mzws6a479n0mlrmh5wr1"; + type = "gem"; + }; + version = "3.2.3"; + }; + erubis = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1fj827xqjs91yqsydf0zmfyw9p4l2jz5yikg3mppz6d7fi8kyrb3"; + type = "gem"; + }; + version = "2.7.0"; + }; + ffi = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "06mvxpjply8qh4j3fj9wh08kdzwkbnvsiysh0vrhlk5cwxzjmblh"; + type = "gem"; + }; + version = "1.11.1"; + }; + fileutils = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "173z4dsqp9khcsl7x93dq1qj9d7rd378a7yfg53b1s6mczlkvh2k"; + type = "gem"; + }; + version = "0.7.2"; + }; + gssapi = { + dependencies = ["ffi"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13l6pqbfrx3vv7cw26nq9p8rnyp9br31gaz85q32wx6hnzfcriwh"; + type = "gem"; + }; + version = "1.3.0"; + }; + gyoku = { + dependencies = ["builder"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1wn0sl14396g5lyvp8sjmcb1hw9rbyi89gxng91r7w4df4jwiidh"; + type = "gem"; + }; + version = "1.3.1"; + }; + httpclient = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "19mxmvghp7ki3klsxwrlwr431li7hm1lczhhj8z4qihl2acy8l99"; + type = "gem"; + }; + version = "2.8.3"; + }; + little-plugger = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1frilv82dyxnlg8k1jhrvyd73l6k17mxc5vwxx080r4x1p04gwym"; + type = "gem"; + }; + version = "1.1.4"; + }; + logger = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ihvvl2im9qii31d42c9kfscdg2flfqajs6ycbpslznclmfc71gc"; + type = "gem"; + }; + version = "1.4.3"; + }; + logging = { + dependencies = ["little-plugger" "multi_json"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "06j6iaj89h9jhkx1x3hlswqrfnqds8br05xb1qra69dpvbdmjcwn"; + type = "gem"; + }; + version = "2.2.2"; + }; + multi_json = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xy54mjf7xg41l8qrg1bqri75agdqmxap9z466fjismc1rn2jwfr"; + type = "gem"; + }; + version = "1.14.1"; + }; + nori = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "066wc774a2zp4vrq3k7k8p0fhv30ymqmxma1jj7yg5735zls8agn"; + type = "gem"; + }; + version = "2.6.0"; + }; + rexml = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08ximcyfjy94pm1rhcx04ny1vx2sk0x4y185gzn86yfsbzwkng53"; + type = "gem"; + }; + version = "3.2.5"; + }; + rubyntlm = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1p6bxsklkbcqni4bcq6jajc2n57g0w5rzn4r49c3lb04wz5xg0dy"; + type = "gem"; + }; + version = "0.6.2"; + }; + rubyzip = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1qxc2zxwwipm6kviiar4gfhcakpx1jdcs89v6lvzivn5hq1xk78l"; + type = "gem"; + }; + version = "1.3.0"; + }; + stringio = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1hj8awh547kf6a7vgs565xh8hicffd0brb2a96jna5lr3a2fvmj8"; + type = "gem"; + }; + version = "0.0.2"; + }; + winrm = { + dependencies = ["builder" "erubis" "gssapi" "gyoku" "httpclient" "logging" "nori" "rexml" "rubyntlm"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "19vxrclxc5l8n2agwvv291740s6gna2phg3lkybjb0ldkmpi3sj2"; + type = "gem"; + }; + version = "2.3.2"; + }; + winrm-fs = { + dependencies = ["erubis" "logging" "rubyzip" "winrm"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0fy4yj52kssrm5hchq7l2mbry6w6yvi736p1wjpyv8m19rx7k0c3"; + type = "gem"; + }; + version = "1.3.2"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/evtx/default.nix b/nixpkgs/pkgs/tools/security/evtx/default.nix new file mode 100644 index 000000000000..e12408d22752 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/evtx/default.nix @@ -0,0 +1,31 @@ +{ lib +, rustPlatform +, fetchFromGitHub +}: + +rustPlatform.buildRustPackage rec { + pname = "evtx"; + version = "0.8.1"; + + src = fetchFromGitHub { + owner = "omerbenamram"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-aa04Ia11+Ae1amc3JAtYdSWf+f/fenTt0Bny/AauaHo="; + }; + + cargoHash = "sha256-4pQP+cvKfOvRgWRFa4+/dEpBq+gfcOuEENC5aP4Cp7U="; + + postPatch = '' + # CLI tests will fail in the sandbox + rm tests/test_cli_interactive.rs + ''; + + meta = with lib; { + description = "Parser for the Windows XML Event Log (EVTX) format"; + homepage = "https://github.com/omerbenamram/evtx"; + changelog = "https://github.com/omerbenamram/evtx/blob/v${version}/CHANGELOG.md"; + license = with licenses; [ asl20 /* or */ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/expliot/default.nix b/nixpkgs/pkgs/tools/security/expliot/default.nix new file mode 100644 index 000000000000..1414d7c36afd --- /dev/null +++ b/nixpkgs/pkgs/tools/security/expliot/default.nix @@ -0,0 +1,86 @@ +{ lib +, fetchFromGitLab +, python3 +}: +let + py = python3.override { + packageOverrides = self: super: { + + cmd2 = super.cmd2.overridePythonAttrs (oldAttrs: rec { + version = "1.5.0"; + src = oldAttrs.src.override { + inherit version; + hash = "sha256-cBqMmXXEq8ReXROQarFJ+Vn4EoaRBjRzI6P4msDoKmI="; + }; + doCheck = false; + }); + }; + }; +in +with py.pkgs; + +buildPythonApplication rec { + pname = "expliot"; + version = "0.9.8"; + + src = fetchFromGitLab { + owner = "expliot_framework"; + repo = pname; + rev = version; + hash = "sha256-7Cuj3YKKwDxP2KKueJR9ZO5Bduv+lw0Y87Rw4b0jbGY="; + }; + + pythonRelaxDeps = [ + "pymodbus" + "pynetdicom" + "cryptography" + "python-can" + "pyparsing" + "zeroconf" + ]; + + nativeBuildInputs = [ + pythonRelaxDepsHook + ]; + + propagatedBuildInputs = [ + aiocoap + awsiotpythonsdk + bluepy + can + cmd2 + cryptography + paho-mqtt + pyi2cflash + pymodbus + pynetdicom + pyparsing + pyserial + pyspiflash + upnpy + xmltodict + zeroconf + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "expliot" + ]; + + meta = with lib; { + description = "IoT security testing and exploitation framework"; + longDescription = '' + EXPLIoT is a Framework for security testing and exploiting IoT + products and IoT infrastructure. It provides a set of plugins + (test cases) which are used to perform the assessment and can + be extended easily with new ones. The name EXPLIoT (pronounced + expl-aa-yo-tee) is a pun on the word exploit and explains the + purpose of the framework i.e. IoT exploitation. + ''; + homepage = "https://expliot.readthedocs.io/"; + license = with licenses; [ agpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/exploitdb/default.nix b/nixpkgs/pkgs/tools/security/exploitdb/default.nix new file mode 100644 index 000000000000..73a297548e70 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/exploitdb/default.nix @@ -0,0 +1,38 @@ +{ lib +, stdenv +, fetchFromGitLab +, makeWrapper +}: + +stdenv.mkDerivation rec { + pname = "exploitdb"; + version = "2023-10-24"; + + src = fetchFromGitLab { + owner = "exploit-database"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-F3UPg7wBpm1iK2hZ9YOC4bRsvGHn7j4U5y4w7qpF+tM="; + }; + + nativeBuildInputs = [ + makeWrapper + ]; + + installPhase = '' + runHook preInstall + mkdir -p $out/bin $out/share + cp --recursive . $out/share/exploitdb + makeWrapper $out/share/exploitdb/searchsploit $out/bin/searchsploit + runHook postInstall + ''; + + meta = with lib; { + homepage = "https://gitlab.com/exploit-database/exploitdb"; + description = "Archive of public exploits and corresponding vulnerable software"; + license = with licenses; [ gpl2Plus gpl3Plus mit ]; + maintainers = with maintainers; [ applePrincess fab ]; + mainProgram = "searchsploit"; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/extrude/default.nix b/nixpkgs/pkgs/tools/security/extrude/default.nix new file mode 100644 index 000000000000..7145314fbd41 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/extrude/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "extrude"; + version = "0.0.12"; + + src = fetchFromGitHub { + owner = "liamg"; + repo = pname; + rev = "v${version}"; + hash = "sha256-7gCEBhnNU5CqC5n0KP4Dd/fmddPRwNqyMFXTrRrJjfU="; + }; + + vendorHash = "sha256-8qjIYPkWtYTvl7wAnefpZAjbNSQLQFqRnGGccYZ8ZmU="; + + meta = with lib; { + description = "Tool to analyse binaries for missing security features"; + homepage = "https://github.com/liamg/extrude"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/fail2ban/default.nix b/nixpkgs/pkgs/tools/security/fail2ban/default.nix new file mode 100644 index 000000000000..d26429b813de --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fail2ban/default.nix @@ -0,0 +1,80 @@ +{ lib, stdenv, fetchFromGitHub +, python3 +, installShellFiles +}: + +python3.pkgs.buildPythonApplication rec { + pname = "fail2ban"; + version = "1.0.2"; + + src = fetchFromGitHub { + owner = "fail2ban"; + repo = "fail2ban"; + rev = version; + hash = "sha256-Zd8zLkFlvXTbeInEkNFyHgcAiOsX4WwF6hf5juSQvbY="; + }; + + outputs = [ "out" "man" ]; + + nativeBuildInputs = [ installShellFiles ]; + + pythonPath = with python3.pkgs; + lib.optionals stdenv.isLinux [ + systemd + pyinotify + ]; + + preConfigure = '' + patchShebangs fail2ban-2to3 + ./fail2ban-2to3 + + for i in config/action.d/sendmail*.conf; do + substituteInPlace $i \ + --replace /usr/sbin/sendmail sendmail + done + + substituteInPlace config/filter.d/dovecot.conf \ + --replace dovecot.service dovecot2.service + ''; + + doCheck = false; + + preInstall = '' + substituteInPlace setup.py --replace /usr/share/doc/ share/doc/ + + # see https://github.com/NixOS/nixpkgs/issues/4968 + ${python3.pythonForBuild.interpreter} setup.py install_data --install-dir=$out --root=$out + ''; + + postInstall = + let + sitePackages = "$out/${python3.sitePackages}"; + in + '' + install -m 644 -D -t "$out/lib/systemd/system" build/fail2ban.service + # Replace binary paths + sed -i "s#build/bdist.*/wheel/fail2ban.*/scripts/#$out/bin/#g" $out/lib/systemd/system/fail2ban.service + # Delete creating the runtime directory, systemd does that + sed -i "/ExecStartPre/d" $out/lib/systemd/system/fail2ban.service + + # see https://github.com/NixOS/nixpkgs/issues/4968 + rm -r "${sitePackages}/etc" + + installManPage man/*.[1-9] + + # This is a symlink to the build python version created by `updatePyExec`, seemingly to assure the same python version is used? + rm $out/bin/fail2ban-python + ln -s ${python3.interpreter} $out/bin/fail2ban-python + + '' + lib.optionalString stdenv.isLinux '' + # see https://github.com/NixOS/nixpkgs/issues/4968 + rm -r "${sitePackages}/usr" + ''; + + meta = with lib; { + homepage = "https://www.fail2ban.org/"; + description = "A program that scans log files for repeated failing login attempts and bans IP addresses"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ eelco lovek323 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/faraday-agent-dispatcher/default.nix b/nixpkgs/pkgs/tools/security/faraday-agent-dispatcher/default.nix new file mode 100644 index 000000000000..39f9398260f1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/faraday-agent-dispatcher/default.nix @@ -0,0 +1,73 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "faraday-agent-dispatcher"; + version = "2.6.2"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "infobyte"; + repo = "faraday_agent_dispatcher"; + rev = "refs/tags/${version}"; + hash = "sha256-+lsejepg/iBHo6CRAGNHjiUC7ZgboHbKu7EDmlN3lVk="; + }; + + postPatch = '' + substituteInPlace setup.py \ + --replace '"pytest-runner",' "" + ''; + + nativeBuildInputs = with python3.pkgs; [ + setuptools-scm + ]; + + propagatedBuildInputs = with python3.pkgs; [ + aiohttp + click + faraday-agent-parameters-types + faraday-plugins + itsdangerous + psutil + pytenable + python-gvm + python-owasp-zap-v2-4 + pyyaml + requests + syslog-rfc5424-formatter + websockets + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytest-asyncio + pytestCheckHook + ]; + + preCheck = '' + export HOME=$(mktemp -d); + ''; + + disabledTests = [ + "test_execute_agent" + "SSL" + ]; + + disabledTestPaths = [ + # Tests require a running Docker instance + "tests/plugins-docker/test_executors.py" + ]; + + pythonImportsCheck = [ + "faraday_agent_dispatcher" + ]; + + meta = with lib; { + description = "Tool to send result from tools to the Faraday Platform"; + homepage = "https://github.com/infobyte/faraday_agent_dispatcher"; + changelog = "https://github.com/infobyte/faraday_agent_dispatcher/releases/tag/${version}"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/faraday-cli/default.nix b/nixpkgs/pkgs/tools/security/faraday-cli/default.nix new file mode 100644 index 000000000000..cebe1540c605 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/faraday-cli/default.nix @@ -0,0 +1,51 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "faraday-cli"; + version = "2.1.9"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "infobyte"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-8D1oYYqf0R41DPYtorcvykZ99p6P6Diwe7PgEN378pU="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + arrow + click + cmd2 + colorama + faraday-plugins + jsonschema + log-symbols + luddite + packaging + pyyaml + py-sneakers + simple-rest-client + spinners + tabulate + termcolor + validators + ]; + + # Tests requires credentials + doCheck = false; + + pythonImportsCheck = [ + "faraday_cli" + ]; + + meta = with lib; { + description = "Command Line Interface for Faraday"; + homepage = "https://github.com/infobyte/faraday-cli"; + changelog = "https://github.com/infobyte/faraday-cli/releases/tag/${version}"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/fcrackzip/default.nix b/nixpkgs/pkgs/tools/security/fcrackzip/default.nix new file mode 100644 index 000000000000..31d0b44fb710 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fcrackzip/default.nix @@ -0,0 +1,26 @@ +{lib, stdenv, fetchurl}: + +stdenv.mkDerivation rec { + pname = "fcrackzip"; + version = "1.0"; + src = fetchurl { + url = "http://oldhome.schmorp.de/marc/data/${pname}-${version}.tar.gz"; + sha256 = "0l1qsk949vnz18k4vjf3ppq8p497966x4c7f2yx18x8pk35whn2a"; + }; + + # 'fcrackzip --use-unzip' cannot deal with file names containing a single quote + # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=430387 + patches = [ ./fcrackzip_forkexec.patch ]; + + # Do not clash with unizp/zipinfo + postInstall = "mv $out/bin/zipinfo $out/bin/fcrackzip-zipinfo"; + + meta = with lib; { + description = "zip password cracker, similar to fzc, zipcrack and others"; + homepage = "http://oldhome.schmorp.de/marc/fcrackzip.html"; + license = licenses.gpl2; + maintainers = with maintainers; [ nico202 ]; + platforms = with platforms; unix; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/fcrackzip/fcrackzip_forkexec.patch b/nixpkgs/pkgs/tools/security/fcrackzip/fcrackzip_forkexec.patch new file mode 100644 index 000000000000..8e508ec1f596 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fcrackzip/fcrackzip_forkexec.patch @@ -0,0 +1,105 @@ +--- origin/main.c 2016-12-12 12:53:38.344285376 +0100 ++++ main.c 2016-12-12 13:01:41.134548824 +0100 +@@ -26,11 +26,13 @@ + #include <string.h> + + #ifdef USE_UNIX_REDIRECTION +-#define DEVNULL ">/dev/null 2>&1" ++#define DEVNULL "/dev/null" + #else +-#define DEVNULL ">NUL 2>&1" ++#define DEVNULL "NUL" + #endif + ++#include <errno.h> ++ + #include "crack.h" + + int use_unzip; +@@ -47,21 +49,77 @@ + int REGPARAM + check_unzip (const char *pw) + { +- char buff[1024]; +- int status; ++pid_t cpid; ++cpid = fork (); ++if (cpid == -1) ++ { ++ perror ("fork"); ++ exit (EXIT_FAILURE); ++ } ++ ++if (cpid == 0) ++ { ++ // Redirect STDERR/STDOUT to /dev/null ++ int oldfd_stderr, oldfd_stdout; ++ oldfd_stdout = dup (fileno (stdout)); ++ if (oldfd_stdout == -1) ++ { ++ perror ("dup for stdout"); ++ _exit (127); ++ } ++ oldfd_stderr = dup (fileno (stderr)); ++ if (oldfd_stderr == -1) ++ { ++ perror ("dup for stderr"); ++ _exit (127); ++ } ++ if (freopen (DEVNULL, "w", stdout) == NULL) ++ { ++ perror ("freopen " DEVNULL " for stdout"); ++ _exit (127); ++ } ++ if (freopen (DEVNULL, "w", stderr) == NULL) ++ { ++ perror ("freopen " DEVNULL " for stderr"); ++ _exit (127); ++ } ++ execlp ("unzip", "unzip", "-qqtP", pw, file_path[0], NULL); ++ ++ // When execlp failed. ++ // Restores the stderr/stdout redirection to print an error. ++ int errno_saved = errno; ++ dup2 (oldfd_stderr, fileno (stderr)); ++ dup2 (oldfd_stdout, fileno (stdout)); ++ close (oldfd_stderr); ++ close (oldfd_stdout); ++ errno = errno_saved; ++ perror ("execlp for unzip"); ++ _exit (127); // Returns 127 on error as system(3) does ++ } + +- sprintf (buff, "unzip -qqtP \"%s\" %s " DEVNULL, pw, file_path[0]); +- status = system (buff); +- +-#undef REDIR ++ int status; + +- if (status == EXIT_SUCCESS) ++ if (waitpid (cpid, &status, 0) == -1) + { +- printf("\n\nPASSWORD FOUND!!!!: pw == %s\n", pw); ++ perror ("waitpid"); ++ exit (EXIT_FAILURE); ++ } ++ ++ // The child process does not terminated normally, OR returns the exit status 127. ++ if (!WIFEXITED (status) ++ || (WIFEXITED (status) && (WEXITSTATUS (status) == 127))) ++ { ++ fprintf (stderr, "Executing unzip failed.\n"); ++ exit (EXIT_FAILURE); ++ } ++// unzip exited normally with the exit status 0 then... ++ if (WIFEXITED (status) && (WEXITSTATUS (status) == EXIT_SUCCESS)) ++ { ++ printf ("\n\nPASSWORD FOUND!!!!: pw == %s\n", pw); + exit (EXIT_SUCCESS); + } + +- return !status; ++ return 0; + } + + /* misc. callbacks. */ diff --git a/nixpkgs/pkgs/tools/security/feroxbuster/default.nix b/nixpkgs/pkgs/tools/security/feroxbuster/default.nix new file mode 100644 index 000000000000..09f14d6799a4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/feroxbuster/default.nix @@ -0,0 +1,52 @@ +{ lib +, stdenv +, fetchFromGitHub +, openssl +, pkg-config +, rustPlatform +, Security +}: + +rustPlatform.buildRustPackage rec { + pname = "feroxbuster"; + version = "2.10.0"; + + src = fetchFromGitHub { + owner = "epi052"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-u2c+s5kCAYOKwl5eb1zY7xdl4pD6eAjiyRj6JFkA07M="; + }; + + # disable linker overrides on aarch64-linux + postPatch = '' + rm .cargo/config + ''; + + cargoHash = "sha256-rPFj53KQkucz1/yAr6U2nk6gTdxcBxyRHVqGeawBYZU="; + + OPENSSL_NO_VENDOR = true; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + openssl + ] ++ lib.optionals stdenv.isDarwin [ + Security + ]; + + # Tests require network access + doCheck = false; + + meta = with lib; { + description = "Fast, simple, recursive content discovery tool"; + homepage = "https://github.com/epi052/feroxbuster"; + changelog = "https://github.com/epi052/feroxbuster/releases/tag/v${version}"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + platforms = platforms.unix; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/ffuf/default.nix b/nixpkgs/pkgs/tools/security/ffuf/default.nix new file mode 100644 index 000000000000..3831ff4d8e22 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ffuf/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "ffuf"; + version = "2.0.0"; + + src = fetchFromGitHub { + owner = pname; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-TfPglATKQ3RIGODcIpSRL6FjbLyCjDzbi70jTLKYlLk="; + }; + + vendorHash = "sha256-nqv45e1W7MA8ElsJ7b4XWs26OicJ7IXmh93+wkueZg4="; + + meta = with lib; { + description = "Fast web fuzzer written in Go"; + longDescription = '' + FFUF, or “Fuzz Faster you Fool†is an open source web fuzzing tool, + intended for discovering elements and content within web applications + or web servers. + ''; + homepage = "https://github.com/ffuf/ffuf"; + changelog = "https://github.com/ffuf/ffuf/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/fido2luks/default.nix b/nixpkgs/pkgs/tools/security/fido2luks/default.nix new file mode 100644 index 000000000000..123b73819bdc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fido2luks/default.nix @@ -0,0 +1,32 @@ +{ lib +, rustPlatform +, fetchFromGitHub +, cryptsetup +, pkg-config +}: + +rustPlatform.buildRustPackage rec { + pname = "fido2luks"; + version = "0.2.21"; + + src = fetchFromGitHub { + owner = "shimunn"; + repo = pname; + rev = version; + sha256 = "sha256-bXwaFiRHURvS5KtTqIj+3GlGNbEulDgMDP51ZiO1w9o="; + }; + + nativeBuildInputs = [ pkg-config rustPlatform.bindgenHook ]; + + buildInputs = [ cryptsetup ]; + + cargoSha256 = "sha256-MPji87jYJjYtDAXO+v/Z4XRtCKo+ftsNvmlBrM9iMTk="; + + meta = with lib; { + description = "Decrypt your LUKS partition using a FIDO2 compatible authenticator"; + homepage = "https://github.com/shimunn/fido2luks"; + license = licenses.mpl20; + maintainers = with maintainers; [ prusnak mmahut ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/fierce/default.nix b/nixpkgs/pkgs/tools/security/fierce/default.nix new file mode 100644 index 000000000000..9b8d8735b079 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fierce/default.nix @@ -0,0 +1,40 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "fierce"; + version = "1.5.0"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "mschwager"; + repo = pname; + rev = version; + sha256 = "sha256-9VTPD5i203BTl2nADjq131W9elgnaHNIWGIUuCiYlHg="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + dnspython + ]; + + postPatch = '' + substituteInPlace requirements.txt \ + --replace 'dnspython==1.16.0' 'dnspython' + ''; + + # tests require network access + doCheck = false; + + pythonImportsCheck = [ + "fierce" + ]; + + meta = with lib; { + description = "DNS reconnaissance tool for locating non-contiguous IP space"; + homepage = "https://github.com/mschwager/fierce"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ c0bw3b ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/fingerprintx/default.nix b/nixpkgs/pkgs/tools/security/fingerprintx/default.nix new file mode 100644 index 000000000000..9055f9002391 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fingerprintx/default.nix @@ -0,0 +1,34 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "fingerprintx"; + version = "1.1.10"; + + src = fetchFromGitHub { + owner = "praetorian-inc"; + repo = "fingerprintx"; + rev = "refs/tags/v${version}"; + hash = "sha256-WwIIZlO310519aEPpvi3pY2Jn3HRNUZNiwoAyZ4VP1A="; + }; + + vendorHash = "sha256-TMy6FwAFlo+ARvm+RiRqly0xIk4lBCXuZrtdnNSMSxw="; + + ldflags = [ + "-s" + "-w" + ]; + + # Tests require network access + doCheck = false; + + meta = with lib; { + description = "Standalone utility for service discovery on open ports"; + homepage = "https://github.com/praetorian-inc/fingerprintx"; + changelog = "https://github.com/praetorian-inc/fingerprintx/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/firefox_decrypt/default.nix b/nixpkgs/pkgs/tools/security/firefox_decrypt/default.nix new file mode 100644 index 000000000000..57f1215ed817 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/firefox_decrypt/default.nix @@ -0,0 +1,39 @@ +{ lib +, fetchFromGitHub +, buildPythonApplication +, setuptools +, setuptools-scm +, wheel +, nss +, nix-update-script +}: + +buildPythonApplication rec { + pname = "firefox_decrypt"; + version = "1.1.0"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "unode"; + repo = pname; + rev = "0931c0484d7429f7d4de3a2f5b62b01b7924b49f"; + hash = "sha256-9HbH8DvHzmlem0XnDbcrIsMQRBuf82cHObqpLzQxNZM="; + }; + + nativeBuildInputs = [ + setuptools + setuptools-scm + wheel + ]; + + makeWrapperArgs = [ "--prefix" "LD_LIBRARY_PATH" ":" (lib.makeLibraryPath [ nss ]) ]; + + passthru.updateScript = nix-update-script { }; + + meta = with lib; { + homepage = "https://github.com/unode/firefox_decrypt"; + description = "A tool to extract passwords from profiles of Mozilla Firefox and derivates"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ schnusch ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/flare-floss/default.nix b/nixpkgs/pkgs/tools/security/flare-floss/default.nix new file mode 100644 index 000000000000..b049ea166108 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/flare-floss/default.nix @@ -0,0 +1,58 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonPackage rec { + pname = "flare-floss"; + version = "2.3.0"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "mandiant"; + repo = "flare-floss"; + rev = "refs/tags/v${version}"; + fetchSubmodules = true; # for tests + hash = "sha256-tOLnve5XBc3TtSgucPIddBHD0YJhsRpRduXsKrtJ/eQ="; + }; + + postPatch = '' + substituteInPlace setup.py \ + --replace "==" ">=" + + substituteInPlace floss/main.py \ + --replace 'sigs_path = os.path.join(get_default_root(), "sigs")' 'sigs_path = "'"$out"'/share/flare-floss/sigs"' + ''; + + propagatedBuildInputs = with python3.pkgs; [ + halo + networkx + pefile + pydantic + rich + tabulate + tqdm + viv-utils + vivisect + ] ++ viv-utils.optional-dependencies.flirt; + + nativeCheckInputs = with python3.pkgs; [ + pytest-sugar + pytestCheckHook + pyyaml + ]; + + postInstall = '' + mkdir -p $out/share/flare-floss/ + cp -r floss/sigs $out/share/flare-floss/ + ''; + + meta = with lib; { + description = "Automatically extract obfuscated strings from malware"; + homepage = "https://github.com/mandiant/flare-floss"; + changelog = "https://github.com/mandiant/flare-floss/releases/tag/v${version}"; + license = licenses.asl20; + mainProgram = "floss"; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/fpm2/default.nix b/nixpkgs/pkgs/tools/security/fpm2/default.nix new file mode 100644 index 000000000000..69e6c7f02817 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fpm2/default.nix @@ -0,0 +1,24 @@ +{ lib, stdenv, fetchurl, pkg-config, gnupg, gtk3 +, libxml2, intltool, nettle +}: + +stdenv.mkDerivation rec { + pname = "fpm2"; + version = "0.90"; + + src = fetchurl { + url = "https://als.regnet.cz/fpm2/download/fpm2-${version}.tar.xz"; + sha256 = "1lfzja3vzd6l6hfvw8gvg4qkl5iy6gra5pa8gjlps9l63k2bjfhz"; + }; + + nativeBuildInputs = [ pkg-config intltool ]; + buildInputs = [ gnupg gtk3 libxml2 nettle ]; + + meta = with lib; { + description = "GTK2 port from Figaro's Password Manager originally developed by John Conneely, with some new enhancements"; + homepage = "https://als.regnet.cz/fpm2/"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ hce ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/fprintd/default.nix b/nixpkgs/pkgs/tools/security/fprintd/default.nix new file mode 100644 index 000000000000..27425b1a1491 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fprintd/default.nix @@ -0,0 +1,115 @@ +{ lib, stdenv +, fetchFromGitLab +, fetchpatch +, pkg-config +, gobject-introspection +, meson +, ninja +, perl +, gettext +, gtk-doc +, libxslt +, docbook-xsl-nons +, docbook_xml_dtd_412 +, glib +, gusb +, dbus +, polkit +, nss +, pam +, systemd +, libfprint +, python3 +}: + +stdenv.mkDerivation rec { + pname = "fprintd"; + version = "1.94.2"; + outputs = [ "out" "devdoc" ]; + + src = fetchFromGitLab { + domain = "gitlab.freedesktop.org"; + owner = "libfprint"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-ePhcIZyXoGr8XlBuzKjpibU9D/44iCXYBlpVR9gcswQ="; + }; + + patches = [ + # backport upstream patch fixing tests + (fetchpatch { + url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/commit/ae04fa989720279e5558c3b8ff9ebe1959b1cf36.patch"; + sha256 = "sha256-jW5vlzrbZQ1gUDLBf7G50GnZfZxhlnL2Eu+9Bghdwdw="; + }) + ]; + + nativeBuildInputs = [ + pkg-config + meson + ninja + perl # for pod2man + gettext + gtk-doc + libxslt + dbus + docbook-xsl-nons + docbook_xml_dtd_412 + ]; + + buildInputs = [ + glib + polkit + nss + pam + systemd + libfprint + ]; + + nativeCheckInputs = with python3.pkgs; [ + gobject-introspection # for setup hook + python-dbusmock + dbus-python + pygobject3 + pycairo + pypamtest + gusb # Required by libfprint’s typelib + ]; + + mesonFlags = [ + "-Dgtk_doc=true" + "-Dpam_modules_dir=${placeholder "out"}/lib/security" + "-Dsysconfdir=${placeholder "out"}/etc" + "-Ddbus_service_dir=${placeholder "out"}/share/dbus-1/system-services" + "-Dsystemd_system_unit_dir=${placeholder "out"}/lib/systemd/system" + ]; + + PKG_CONFIG_DBUS_1_INTERFACES_DIR = "${placeholder "out"}/share/dbus-1/interfaces"; + PKG_CONFIG_POLKIT_GOBJECT_1_POLICYDIR = "${placeholder "out"}/share/polkit-1/actions"; + PKG_CONFIG_DBUS_1_DATADIR = "${placeholder "out"}/share"; + + # FIXME: Ugly hack for tests to find libpam_wrapper.so + LIBRARY_PATH = lib.makeLibraryPath [ python3.pkgs.pypamtest ]; + + doCheck = true; + + postPatch = '' + patchShebangs \ + po/check-translations.sh \ + tests/unittest_inspector.py + + # Stop tests from failing due to unhandled GTasks uncovered by GLib 2.76 bump. + # https://gitlab.freedesktop.org/libfprint/fprintd/-/issues/151 + substituteInPlace tests/fprintd.py \ + --replace "env['G_DEBUG'] = 'fatal-criticals'" "" + substituteInPlace tests/meson.build \ + --replace "'G_DEBUG=fatal-criticals'," "" + ''; + + meta = with lib; { + homepage = "https://fprint.freedesktop.org/"; + description = "D-Bus daemon that offers libfprint functionality over the D-Bus interprocess communication bus"; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ abbradar ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/fprintd/tod.nix b/nixpkgs/pkgs/tools/security/fprintd/tod.nix new file mode 100644 index 000000000000..e1c836e76b25 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fprintd/tod.nix @@ -0,0 +1,51 @@ +{ lib +, fetchFromGitLab +, fetchpatch +, fprintd +, libfprint-tod +}: + +(fprintd.override { libfprint = libfprint-tod; }).overrideAttrs (oldAttrs: rec { + pname = "fprintd-tod"; + version = "1.90.9"; + + src = fetchFromGitLab { + domain = "gitlab.freedesktop.org"; + owner = "libfprint"; + repo = "fprintd"; + rev = "v${version}"; + sha256 = "sha256-rOTVThHOY/Q2IIu2RGiv26UE2V/JFfWWnfKZQfKl5Mg="; + }; + + patches = oldAttrs.patches or [] ++ [ + (fetchpatch { + name = "use-more-idiomatic-correct-embedded-shell-scripting"; + url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/commit/f4256533d1ffdc203c3f8c6ee42e8dcde470a93f.patch"; + sha256 = "sha256-4uPrYEgJyXU4zx2V3gwKKLaD6ty0wylSriHlvKvOhek="; + }) + (fetchpatch { + name = "remove-pointless-copying-of-files-into-build-directory"; + url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/commit/2c34cef5ef2004d8479475db5523c572eb409a6b.patch"; + sha256 = "sha256-2pZBbMF1xjoDKn/jCAIldbeR2JNEVduXB8bqUrj2Ih4="; + }) + (fetchpatch { + name = "build-Do-not-use-positional-arguments-in-i18n.merge_file"; + url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/commit/50943b1bd4f18d103c35233f0446ce7a31d1817e.patch"; + sha256 = "sha256-ANkAq6fr0VRjkS0ckvf/ddVB2mH4b2uJRTI4H8vPPes="; + }) + ]; + + postPatch = oldAttrs.postPatch or "" + '' + # part of "remove-pointless-copying-of-files-into-build-directory" but git-apply doesn't handle renaming + mv src/device.xml src/net.reactivated.Fprint.Device.xml + mv src/manager.xml src/net.reactivated.Fprint.Manager.xml + ''; + + meta = { + homepage = "https://fprint.freedesktop.org/"; + description = "fprintd built with libfprint-tod to support Touch OEM Drivers"; + license = lib.licenses.gpl2Plus; + platforms = lib.platforms.linux; + maintainers = with lib.maintainers; [ hmenke ]; + }; + }) diff --git a/nixpkgs/pkgs/tools/security/freeze/default.nix b/nixpkgs/pkgs/tools/security/freeze/default.nix new file mode 100644 index 000000000000..a8a8dbb59346 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/freeze/default.nix @@ -0,0 +1,35 @@ +{ lib +, stdenv +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "freeze"; + version = "1.3"; + + src = fetchFromGitHub { + owner = "optiv"; + repo = "Freeze"; + rev = "v${version}"; + hash = "sha256-BE5MvCU+NfEccauOdWNty/FwMiWwLttPh7eE9+UzEMY="; + }; + + vendorHash = "sha256-R8kdFweMhAUjJ8zJ7HdF5+/vllbNmARdhU4hOw4etZo="; + + ldflags = [ + "-s" + "-w" + ]; + + postInstall = lib.optionalString (!stdenv.isDarwin) '' + mv $out/bin/Freeze $out/bin/freeze + ''; + + meta = with lib; { + description = "Payload toolkit for bypassing EDRs"; + homepage = "https://github.com/optiv/Freeze"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/frida-tools/default.nix b/nixpkgs/pkgs/tools/security/frida-tools/default.nix new file mode 100644 index 000000000000..c38d4edbb6ab --- /dev/null +++ b/nixpkgs/pkgs/tools/security/frida-tools/default.nix @@ -0,0 +1,25 @@ +{ lib, fetchPypi, python3Packages }: + +python3Packages.buildPythonApplication rec { + pname = "frida-tools"; + version = "12.1.2"; + + src = fetchPypi { + inherit pname version; + hash = "sha256-9SlDyp1fLOzLqu6sxVqY2jwEzQjrnbzfQXIRoyviPJY="; + }; + + propagatedBuildInputs = with python3Packages; [ + pygments + prompt-toolkit + colorama + frida-python + ]; + + meta = { + description = "Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers (client tools)"; + homepage = "https://www.frida.re/"; + maintainers = with lib.maintainers; [ s1341 ]; + license = lib.licenses.wxWindows; + }; +} diff --git a/nixpkgs/pkgs/tools/security/fscan/default.nix b/nixpkgs/pkgs/tools/security/fscan/default.nix new file mode 100644 index 000000000000..29a1c55d610a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fscan/default.nix @@ -0,0 +1,23 @@ +{ lib, fetchFromGitHub, buildGoModule }: + +buildGoModule rec { + pname = "fscan"; + version = "1.8.2"; + + src = fetchFromGitHub { + owner = "shadow1ng"; + repo = "fscan"; + rev = version; + hash = "sha256-PbhCKIr7qy4/hzx3TC7lnrQQw8rlUlprAbHdKdxgVuY="; + }; + + vendorHash = "sha256-pzcZgBcjGU5AyZfh+mHnphEboDDvQqseiuouwgb8rN8="; + + meta = with lib; { + description = "An intranet comprehensive scanning tool"; + homepage = "https://github.com/shadow1ng/fscan"; + license = licenses.mit; + maintainers = with maintainers; [ Misaka13514 ]; + platforms = with platforms; unix ++ windows; + }; +} diff --git a/nixpkgs/pkgs/tools/security/fulcio/default.nix b/nixpkgs/pkgs/tools/security/fulcio/default.nix new file mode 100644 index 000000000000..4d085fb9980a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fulcio/default.nix @@ -0,0 +1,83 @@ +{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: + +buildGoModule rec { + pname = "fulcio"; + version = "1.4.1"; + + src = fetchFromGitHub { + owner = "sigstore"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-6muoKiryWTGIoy1U3kWjuka0X1+gcrUQOvbuas26H1M="; + # populate values that require us to use git. By doing this in postFetch we + # can delete .git afterwards and maintain better reproducibility of the src. + leaveDotGit = true; + postFetch = '' + cd "$out" + git rev-parse HEAD > $out/COMMIT + # 0000-00-00T00:00:00Z + date -u -d "@$(git log -1 --pretty=%ct)" "+%Y-%m-%dT%H:%M:%SZ" > $out/SOURCE_DATE_EPOCH + find "$out" -name .git -print0 | xargs -0 rm -rf + ''; + }; + vendorHash = "sha256-i9RK9kNSB9FOnVbYcHLBHt8KKBQCNsEDONNm1IxgTJc="; + + nativeBuildInputs = [ installShellFiles ]; + + subPackages = [ "." ]; + + ldflags = [ + "-s" + "-w" + "-X sigs.k8s.io/release-utils/version.gitVersion=v${version}" + "-X sigs.k8s.io/release-utils/version.gitTreeState=clean" + ]; + + # ldflags based on metadata from git and source + preBuild = '' + ldflags+=" -X sigs.k8s.io/release-utils/version.gitCommit=$(cat COMMIT)" + ldflags+=" -X sigs.k8s.io/release-utils/version.buildDate=$(cat SOURCE_DATE_EPOCH)" + ''; + + preCheck = '' + # test all paths + unset subPackages + + # skip test that requires networking + substituteInPlace pkg/config/config_network_test.go \ + --replace "TestLoad" "SkipLoad" + ''; + + postInstall = '' + installShellCompletion --cmd fulcio \ + --bash <($out/bin/fulcio completion bash) \ + --fish <($out/bin/fulcio completion fish) \ + --zsh <($out/bin/fulcio completion zsh) + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + $out/bin/fulcio --help + $out/bin/fulcio version 2>&1 | grep "v${version}" + runHook postInstallCheck + ''; + + meta = with lib; { + homepage = "https://github.com/sigstore/fulcio"; + changelog = "https://github.com/sigstore/fulcio/releases/tag/v${version}"; + description = "A Root-CA for code signing certs - issuing certificates based on an OIDC email address"; + longDescription = '' + Fulcio is a free code signing Certificate Authority, built to make + short-lived certificates available to anyone. Based on an Open ID Connect + email address, Fulcio signs x509 certificates valid for under 20 minutes. + + Fulcio was designed to run as a centralized, public-good instance backed + up by other transparency logs. Development is now underway to support + different delegation models, and to deploy and run Fulcio as a + disconnected instance. + ''; + license = licenses.asl20; + maintainers = with maintainers; [ lesuisse jk ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/fwbuilder/default.nix b/nixpkgs/pkgs/tools/security/fwbuilder/default.nix new file mode 100644 index 000000000000..6787e2f923b9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fwbuilder/default.nix @@ -0,0 +1,55 @@ +{ lib +, stdenv +, fetchFromGitHub +, cmake +, ninja +, wrapQtAppsHook +, wayland +, wayland-protocols +, qtwayland +}: + +stdenv.mkDerivation rec { + pname = "fwbuilder"; + version = "6.0.0-rc1"; + + src = fetchFromGitHub { + owner = "fwbuilder"; + repo = "fwbuilder"; + rev = "v${version}"; + hash = "sha256-j5HjGcIqq93Ca9OBqEgSotoSXyw+q6Fqxa3hKk1ctwQ="; + }; + + postPatch = '' + # Avoid blanket -Werror as it triggers on any minor compiler + # warnings like deprecated functions or invalid indentat8ion. + # Leave fixing these problems to upstream. + substituteInPlace CMakeLists.txt --replace ';-Werror;' ';' + ''; + + nativeBuildInputs = [ + cmake + ninja + wrapQtAppsHook + ]; + + buildInputs = [ + wayland + wayland-protocols + qtwayland + ]; + + meta = with lib; { + description = "GUI Firewall Management Application"; + longDescription = '' + Firewall Builder is a GUI firewall management application for iptables, + PF, Cisco ASA/PIX/FWSM, Cisco router ACL and more. Firewall configuration + data is stored in a central file that can scale to hundreds of firewalls + managed from a single UI. + ''; + homepage = "https://github.com/fwbuilder/fwbuilder"; + license = licenses.gpl2Only; + platforms = platforms.linux; + maintainers = [ maintainers.elatov ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/fwknop/default.nix b/nixpkgs/pkgs/tools/security/fwknop/default.nix new file mode 100644 index 000000000000..5625ab47058d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/fwknop/default.nix @@ -0,0 +1,72 @@ +{ lib, stdenv, fetchFromGitHub, fetchpatch, autoreconfHook +, libpcap, texinfo +, iptables +, gnupgSupport ? true, gnupg, gpgme # Increases dependencies! +, wgetSupport ? true, wget +, buildServer ? true +, buildClient ? true }: + +stdenv.mkDerivation rec { + pname = "fwknop"; + version = "2.6.10"; + + src = fetchFromGitHub { + owner = "mrash"; + repo = pname; + rev = version; + sha256 = "05kvqhmxj9p2y835w75f3jvhr38bb96cd58mvfd7xil9dhmhn9ra"; + }; + + patches = [ + # Pull patch pending upstream inclusion for -fno-common tollchains: + # https://github.com/mrash/fwknop/pull/319 + (fetchpatch { + name = "fno-common.patch"; + url = "https://github.com/mrash/fwknop/commit/a8214fd58bc46d23b64b3a55db023c7f5a5ea6af.patch"; + sha256 = "0cp1350q66n455hpd3rdydb9anx66bcirza5gyyyy5232zgg58bi"; + }) + ]; + + nativeBuildInputs = [ autoreconfHook ]; + buildInputs = [ libpcap texinfo ] + ++ lib.optionals gnupgSupport [ gnupg gpgme.dev ] + ++ lib.optionals wgetSupport [ wget ]; + + configureFlags = [ + "--sysconfdir=/etc" + "--localstatedir=/run" + "--with-iptables=${iptables}/sbin/iptables" + (lib.enableFeature buildServer "server") + (lib.enableFeature buildClient "client") + (lib.withFeatureAs wgetSupport "wget" "${wget}/bin/wget") + ] ++ lib.optionalString gnupgSupport [ + "--with-gpgme" + "--with-gpgme-prefix=${gpgme.dev}" + "--with-gpg=${gnupg}" + ]; + + # Temporary hack to copy the example configuration files into the nix-store, + # this'll probably be helpful until there's a NixOS module for that (feel free + # to ping me (@primeos) if you want to help). + preInstall = '' + substituteInPlace Makefile --replace\ + "sysconfdir = /etc"\ + "sysconfdir = $out/etc" + substituteInPlace server/Makefile --replace\ + "wknopddir = /etc/fwknop"\ + "wknopddir = $out/etc/fwknop" + ''; + + meta = with lib; { + description = + "Single Packet Authorization (and Port Knocking) server/client"; + longDescription = '' + fwknop stands for the "FireWall KNock OPerator", and implements an + authorization scheme called Single Packet Authorization (SPA). + ''; + homepage = "https://www.cipherdyne.org/fwknop/"; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ primeos ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/galer/default.nix b/nixpkgs/pkgs/tools/security/galer/default.nix new file mode 100644 index 000000000000..bfe7cb18d1eb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/galer/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "galer"; + version = "0.0.2"; + + src = fetchFromGitHub { + owner = "dwisiswant0"; + repo = pname; + rev = "v${version}"; + hash = "sha256-i3rrXpKnUV9REnn4lQWIFpWc2SzkxVomruiAmcMBQ6Q="; + }; + + vendorHash = "sha256-2nJgQfSeo9GrK6Kor29esnMEFmd5pTd8lGwzRi4zq1w="; + + meta = with lib; { + description = "Tool to fetch URLs from HTML attributes"; + homepage = "https://github.com/dwisiswant0/galer"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gallia/default.nix b/nixpkgs/pkgs/tools/security/gallia/default.nix new file mode 100644 index 000000000000..f0e71f8c9c05 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gallia/default.nix @@ -0,0 +1,68 @@ +{ lib +, fetchFromGitHub +, python3 +, cacert +}: + +python3.pkgs.buildPythonApplication rec { + pname = "gallia"; + version = "1.1.4"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "Fraunhofer-AISEC"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-McHzHK404kDB992T2f84dZHDxujpPIz4qglYMmv3kTw="; + }; + + pythonRelaxDeps = [ + "aiofiles" + "argcomplete" + "msgspec" + ]; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + pythonRelaxDepsHook + ]; + + propagatedBuildInputs = with python3.pkgs; [ + aiofiles + aiohttp + aiosqlite + argcomplete + can + construct + msgspec + pydantic + pygit2 + tabulate + tomli + zstandard + ]; + + SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + pytest-asyncio + ]; + + pythonImportsCheck = [ + "gallia" + ]; + + preCheck = '' + export PATH=$out/bin:$PATH + ''; + + meta = with lib; { + description = "Extendable Pentesting Framework for the Automotive Domain"; + homepage = "https://github.com/Fraunhofer-AISEC/gallia"; + changelog = "https://github.com/Fraunhofer-AISEC/gallia/releases/tag/v${version}"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab rumpelsepp ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gau/default.nix b/nixpkgs/pkgs/tools/security/gau/default.nix new file mode 100644 index 000000000000..1a67b89855f9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gau/default.nix @@ -0,0 +1,29 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "gau"; + version = "2.2.0"; + + src = fetchFromGitHub { + owner = "lc"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-09Mf6KmTO3gper7txhvPZ/lb/cFOTDWicpu7+JrNrbo="; + }; + + vendorHash = "sha256-nhsGhuX5AJMHg+zQUt1G1TwVgMCxnuJ2T3uBrx7bJNs="; + + meta = with lib; { + description = "Tool to fetch known URLs"; + longDescription = '' + getallurls (gau) fetches known URLs from various sources for any + given domain. + ''; + homepage = "https://github.com/lc/gau"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gen-oath-safe/default.nix b/nixpkgs/pkgs/tools/security/gen-oath-safe/default.nix new file mode 100644 index 000000000000..bb607c1fbd32 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gen-oath-safe/default.nix @@ -0,0 +1,43 @@ +{ coreutils, fetchFromGitHub, file, libcaca, makeWrapper, python3, openssl, qrencode, lib, stdenv, yubikey-manager }: + +stdenv.mkDerivation rec { + pname = "gen-oath-safe"; + version = "0.11.0"; + src = fetchFromGitHub { + owner = "mcepl"; + repo = "gen-oath-safe"; + rev = version; + sha256 = "1914z0jgj7lni0nf3hslkjgkv87mhxdr92cmhmbzhpjgjgr23ydp"; + }; + + nativeBuildInputs = [ makeWrapper ]; + + dontBuild = true; + + installPhase = + let + path = lib.makeBinPath [ + coreutils + file + libcaca.bin + openssl.bin + python3 + qrencode + yubikey-manager + ]; + in + '' + mkdir -p $out/bin + cp gen-oath-safe $out/bin/ + wrapProgram $out/bin/gen-oath-safe \ + --prefix PATH : ${path} + ''; + meta = with lib; { + homepage = "https://github.com/mcepl/gen-oath-safe"; + description = "Script for generating HOTP/TOTP keys (and QR code)"; + platforms = platforms.unix; + license = licenses.mit; + maintainers = [ maintainers.makefu ]; + }; + +} diff --git a/nixpkgs/pkgs/tools/security/gencfsm/default.nix b/nixpkgs/pkgs/tools/security/gencfsm/default.nix new file mode 100644 index 000000000000..33f6297905ea --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gencfsm/default.nix @@ -0,0 +1,57 @@ +{ lib, stdenv, fetchurl, autoconf, automake, intltool, libtool, pkg-config +, encfs, libsecret , glib , libgee, gtk3, vala, wrapGAppsHook, xorg +, gobject-introspection +}: + +stdenv.mkDerivation rec { + version = "1.9"; + pname = "gnome-encfs-manager"; + + src = fetchurl { + url = with lib.versions; + "https://launchpad.net/gencfsm/trunk/${major version}.${minor version}/+download/gnome-encfs-manager_${version}.tar.xz"; + sha256 = "RXVwg/xhfAQv3pWp3UylOhMKDh9ZACTuKM4lPrn1dk8="; + }; + + nativeBuildInputs = [ + autoconf + automake + intltool + libtool + pkg-config + vala + wrapGAppsHook + gobject-introspection + ]; + buildInputs = [ + glib + encfs + gtk3 + libgee + xorg.libSM + xorg.libICE + libsecret + ]; + + # Fix hardcoded paths to /bin/mkdir + patches = [ ./makefile-mkdir.patch ]; + + preConfigure = '' + ./autogen.sh + ''; + + configureFlags = [ "--disable-appindicator" ]; + + preFixup = "gappsWrapperArgs+=(--prefix PATH : ${encfs}/bin)"; + + enableParallelBuilding = true; + + meta = with lib; { + homepage = "http://www.libertyzero.com/GEncfsM/"; + downloadPage = "https://launchpad.net/gencfsm/"; + description = "EncFS manager and mounter with GNOME3 integration"; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = [ maintainers.spacefrogg ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gencfsm/makefile-mkdir.patch b/nixpkgs/pkgs/tools/security/gencfsm/makefile-mkdir.patch new file mode 100644 index 000000000000..49c7b0b4d9d1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gencfsm/makefile-mkdir.patch @@ -0,0 +1,14 @@ +--- a/dist/Makefile.am ++++ b/dist/Makefile.am +@@ -10,9 +10,9 @@ install-data-hook: + chmod 0755 $(shell find $(dist) -type d) + chmod 0644 $(shell find $(dist) -type f) + chmod 0755 $(shell find "scripts" -type f) +- test -z "$(DESTDIR)$(datadir)/dbus-1/services/" || /bin/mkdir -p "$(DESTDIR)$(datadir)/dbus-1/services/" ++ test -z "$(DESTDIR)$(datadir)/dbus-1/services/" || $(MKDIR_P) "$(DESTDIR)$(datadir)/dbus-1/services/" + cp "extra/com.libertyzero.gnome-encfs-manager.service" "$(DESTDIR)$(datadir)/dbus-1/services/" +- test -z "$(gencfsmdir)" || /bin/mkdir -p "$(gencfsmdir)" ++ test -z "$(gencfsmdir)" || $(MKDIR_P) "$(gencfsmdir)" + cp --parent -rf $(dist) "$(gencfsmdir)" + cp --parent -rf $(icons) $(DESTDIR)$(datadir) + diff --git a/nixpkgs/pkgs/tools/security/genpass/default.nix b/nixpkgs/pkgs/tools/security/genpass/default.nix new file mode 100644 index 000000000000..9565bf80c950 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/genpass/default.nix @@ -0,0 +1,28 @@ +{ lib, stdenv +, fetchgit +, rustPlatform +, CoreFoundation +, libiconv +, Security +}: +rustPlatform.buildRustPackage rec { + pname = "genpass"; + version = "0.5.1"; + + src = fetchgit { + url = "https://git.sr.ht/~cyplo/genpass"; + rev = "v${version}"; + sha256 = "UyEgOlKtDyneRteN3jHA2BJlu5U1HFL8HA2MTQz5rns="; + }; + + cargoSha256 = "ls3tzZ+gtZQlObmbtwJDq6N/f5nY+Ps7RL5R/fR5Vgg="; + + buildInputs = lib.optionals stdenv.isDarwin [ CoreFoundation libiconv Security ]; + + meta = with lib; { + description = "A simple yet robust commandline random password generator"; + homepage = "https://sr.ht/~cyplo/genpass/"; + license = licenses.agpl3Only; + maintainers = with maintainers; [ cyplo ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gfshare/default.nix b/nixpkgs/pkgs/tools/security/gfshare/default.nix new file mode 100644 index 000000000000..e0da2fdaf35b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gfshare/default.nix @@ -0,0 +1,29 @@ +{ lib, stdenv, fetchgit, autoreconfHook }: + +stdenv.mkDerivation rec { + pname = "gfshare"; + version = "2.0.0"; + + src = fetchgit { + url = "git://git.gitano.org.uk/libgfshare.git"; + rev = version; + sha256 = "0s37xn9pr5p820hd40489xwra7kg3gzqrxhc2j9rnxnd489hl0pr"; + }; + + nativeBuildInputs = [ autoreconfHook ]; + doCheck = true; + + outputs = [ "bin" "lib" "dev" "out" ]; + + meta = with lib; { + # Not the most descriptive homepage but it's what Debian and Ubuntu use + # https://packages.debian.org/sid/libgfshare2 + # https://launchpad.net/ubuntu/impish/+source/libgfshare/+copyright + homepage = "https://git.gitano.org.uk/libgfshare.git/"; + description = "Shamir's secret-sharing method in the Galois Field GF(2**8)"; + license = licenses.mit; + platforms = platforms.all; + maintainers = [ maintainers.rraval ]; + broken = stdenv.isDarwin; # never built on Hydra https://hydra.nixos.org/job/nixpkgs/trunk/gfshare.x86_64-darwin + }; +} diff --git a/nixpkgs/pkgs/tools/security/ggshield/default.nix b/nixpkgs/pkgs/tools/security/ggshield/default.nix new file mode 100644 index 000000000000..e24aff905f12 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ggshield/default.nix @@ -0,0 +1,78 @@ +{ lib +, fetchFromGitHub +, git +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "ggshield"; + version = "1.20.0"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "GitGuardian"; + repo = "ggshield"; + rev = "refs/tags/v${version}"; + hash = "sha256-J2kz8PcR6f7u9+pI1jGAYCakSwj0/WKskQLWuYC5+Hs="; + }; + + pythonRelaxDeps = true; + + nativeBuildInputs = with python3.pkgs; [ + pythonRelaxDepsHook + setuptools + ]; + + propagatedBuildInputs = with python3.pkgs; [ + appdirs + charset-normalizer + click + cryptography + marshmallow + marshmallow-dataclass + oauthlib + pygitguardian + pyjwt + python-dotenv + pyyaml + requests + rich + ]; + + nativeCheckInputs = [ + git + ] ++ (with python3.pkgs; [ + pyfakefs + pytest-mock + pytest-voluptuous + pytestCheckHook + snapshottest + vcrpy + ]); + + pythonImportsCheck = [ + "ggshield" + ]; + + disabledTestPaths = [ + # Don't run functional tests + "tests/functional/" + ]; + + disabledTests = [ + # No TLS certificate, no .git folder, etc. + "test_cache_catches" + "test_is_git_dir" + "test_is_valid_git_commit_ref" + "test_check_git_dir" + "test_does_not_fail_if_cache" + ]; + + meta = with lib; { + description = "Tool to find and fix various types of hardcoded secrets and infrastructure-as-code misconfigurations"; + homepage = "https://github.com/GitGuardian/ggshield"; + changelog = "https://github.com/GitGuardian/ggshield/blob/${version}/CHANGELOG.md"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ghauri/default.nix b/nixpkgs/pkgs/tools/security/ghauri/default.nix new file mode 100644 index 000000000000..fb230dc68d27 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghauri/default.nix @@ -0,0 +1,39 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "ghauri"; + version = "1.1.8"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "r0oth3x49"; + repo = "ghauri"; + rev = "refs/tags/${version}"; + hash = "sha256-WEWiWu8U7DmRjj42BEBXA3CHTyJh2Apz59ImFrmQXEk="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + chardet + colorama + requests + tldextract + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "ghauri" + ]; + + meta = with lib; { + description = "Tool for detecting and exploiting SQL injection security flaws"; + homepage = "https://github.com/r0oth3x49/ghauri"; + changelog = "https://github.com/r0oth3x49/ghauri/releases/tag/${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ghdorker/default.nix b/nixpkgs/pkgs/tools/security/ghdorker/default.nix new file mode 100644 index 000000000000..28336c30ea15 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghdorker/default.nix @@ -0,0 +1,36 @@ +{ lib +, python3 +, fetchPypi +}: + +python3.pkgs.buildPythonApplication rec { + pname = "ghdorker"; + version = "0.3.2"; + format = "setuptools"; + + src = fetchPypi { + inherit pname version; + sha256 = "sha256-wF4QoXxH55SpdYgKLHf4sCwUk1rkCpSdnIX5FvFi/BU="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + ghapi + glom + python-dotenv + pyyaml + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "GHDorker" + ]; + + meta = with lib; { + description = "Extensible GitHub dorking tool"; + homepage = "https://github.com/dtaivpp/ghdorker"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ghidra/0001-Use-protobuf-gradle-plugin.patch b/nixpkgs/pkgs/tools/security/ghidra/0001-Use-protobuf-gradle-plugin.patch new file mode 100644 index 000000000000..03ddf76e8ffe --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghidra/0001-Use-protobuf-gradle-plugin.patch @@ -0,0 +1,202 @@ +diff --git a/Ghidra/Debug/Debugger-gadp/build.gradle b/Ghidra/Debug/Debugger-gadp/build.gradle +index f4dbd3cd0..6108e8534 100644 +--- a/Ghidra/Debug/Debugger-gadp/build.gradle ++++ b/Ghidra/Debug/Debugger-gadp/build.gradle +@@ -23,42 +23,18 @@ apply from: "${rootProject.projectDir}/gradle/javaTestProject.gradle" + apply from: "${rootProject.projectDir}/gradle/distributableGhidraModule.gradle" + + apply plugin: 'eclipse' ++apply plugin: 'com.google.protobuf' + eclipse.project.name = 'Debug Debugger-gadp' + +-configurations { +- allProtocArtifacts +- protocArtifact +-} +- + def platform = getCurrentPlatformName() + +-dependencies { +- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:windows-x86_64@exe' +- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:linux-x86_64@exe' +- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:linux-aarch_64@exe' +- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:osx-x86_64@exe' +- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:osx-aarch_64@exe' +- +- if (isCurrentWindows()) { +- protocArtifact 'com.google.protobuf:protoc:3.21.8:windows-x86_64@exe' +- } +- if (isCurrentLinux()) { +- if (platform.endsWith("x86_64")) { +- protocArtifact 'com.google.protobuf:protoc:3.21.8:linux-x86_64@exe' +- } +- else { +- protocArtifact 'com.google.protobuf:protoc:3.21.8:linux-aarch_64@exe' +- } +- } +- if (isCurrentMac()) { +- if (platform.endsWith("x86_64")) { +- protocArtifact 'com.google.protobuf:protoc:3.21.8:osx-x86_64@exe' +- } +- else { +- protocArtifact 'com.google.protobuf:protoc:3.21.8:osx-aarch_64@exe' +- } ++buildscript { ++ dependencies { ++ classpath 'com.google.protobuf:protobuf-gradle-plugin:0.8.18' + } ++} + ++dependencies { + api project(':Framework-AsyncComm') + api project(':Framework-Debugging') + api project(':ProposedUtils') +@@ -73,37 +49,3 @@ dependencies { + } + }*/ + +-task generateProto { +- ext.srcdir = file("src/main/proto") +- ext.src = fileTree(srcdir) { +- include "**/*.proto" +- } +- ext.outdir = file("build/generated/source/proto/main/java") +- outputs.dir(outdir) +- inputs.files(src) +- dependsOn(configurations.protocArtifact) +- doLast { +- def exe = configurations.protocArtifact.first() +- if (!isCurrentWindows()) { +- exe.setExecutable(true) +- } +- exec { +- commandLine exe, "--java_out=$outdir", "-I$srcdir" +- args src +- } +- } +-} +- +-tasks.compileJava.dependsOn(tasks.generateProto) +-tasks.eclipse.dependsOn(tasks.generateProto) +-rootProject.tasks.prepDev.dependsOn(tasks.generateProto) +- +-sourceSets { +- main { +- java { +- srcDir tasks.generateProto.outdir +- } +- } +-} +-zipSourceSubproject.dependsOn generateProto +- +diff --git a/Ghidra/Debug/Debugger-isf/build.gradle b/Ghidra/Debug/Debugger-isf/build.gradle +index 6bf945c2e..3225d095d 100644 +--- a/Ghidra/Debug/Debugger-isf/build.gradle ++++ b/Ghidra/Debug/Debugger-isf/build.gradle +@@ -20,42 +20,18 @@ apply from: "${rootProject.projectDir}/gradle/javaTestProject.gradle" + apply from: "${rootProject.projectDir}/gradle/distributableGhidraModule.gradle" + + apply plugin: 'eclipse' ++apply plugin: 'com.google.protobuf' + eclipse.project.name = 'Debug Debugger-isf' + +-configurations { +- allProtocArtifacts +- protocArtifact +-} +- + def platform = getCurrentPlatformName() + +-dependencies { +- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:windows-x86_64@exe' +- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:linux-x86_64@exe' +- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:linux-aarch_64@exe' +- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:osx-x86_64@exe' +- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:osx-aarch_64@exe' +- +- if (isCurrentWindows()) { +- protocArtifact 'com.google.protobuf:protoc:3.21.8:windows-x86_64@exe' +- } +- if (isCurrentLinux()) { +- if (platform.endsWith("x86_64")) { +- protocArtifact 'com.google.protobuf:protoc:3.21.8:linux-x86_64@exe' +- } +- else { +- protocArtifact 'com.google.protobuf:protoc:3.21.8:linux-aarch_64@exe' +- } +- } +- if (isCurrentMac()) { +- if (platform.endsWith("x86_64")) { +- protocArtifact 'com.google.protobuf:protoc:3.21.8:osx-x86_64@exe' +- } +- else { +- protocArtifact 'com.google.protobuf:protoc:3.21.8:osx-aarch_64@exe' +- } ++buildscript { ++ dependencies { ++ classpath 'com.google.protobuf:protobuf-gradle-plugin:0.8.18' + } ++} + ++dependencies { + api project(':Framework-AsyncComm') + api project(':Framework-Debugging') + api project(':ProposedUtils') +@@ -64,40 +40,6 @@ dependencies { + testImplementation project(path: ':Framework-Debugging', configuration: 'testArtifacts') + } + +-task generateProto { +- ext.srcdir = file("src/main/proto") +- ext.src = fileTree(srcdir) { +- include "**/*.proto" +- } +- ext.outdir = file("build/generated/source/proto/main/java") +- outputs.dir(outdir) +- inputs.files(src) +- dependsOn(configurations.protocArtifact) +- doLast { +- def exe = configurations.protocArtifact.first() +- if (!isCurrentWindows()) { +- exe.setExecutable(true) +- } +- exec { +- commandLine exe, "--java_out=$outdir", "-I$srcdir" +- args src +- } +- } +-} +- +-tasks.compileJava.dependsOn(tasks.generateProto) +-tasks.eclipse.dependsOn(tasks.generateProto) +-rootProject.tasks.prepDev.dependsOn(tasks.generateProto) +- +-sourceSets { +- main { +- java { +- srcDir tasks.generateProto.outdir +- } +- } +-} +-zipSourceSubproject.dependsOn generateProto +- + // Include buildable native source in distribution + rootProject.assembleDistribution { + from (this.project.projectDir.toString()) { +diff --git a/build.gradle b/build.gradle +index b0c717fb1..5f56506a5 100644 +--- a/build.gradle ++++ b/build.gradle +@@ -74,6 +74,12 @@ if (flatRepo.isDirectory()) { + jcenter() + flatDir name: "flat", dirs:["$flatRepo"] + } ++ buildscript { ++ repositories { ++ mavenLocal() ++ mavenCentral() ++ } ++ } + } + } + else { diff --git a/nixpkgs/pkgs/tools/security/ghidra/build.nix b/nixpkgs/pkgs/tools/security/ghidra/build.nix new file mode 100644 index 000000000000..16bc1dbe5cd7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghidra/build.nix @@ -0,0 +1,180 @@ +{ stdenv +, fetchFromGitHub +, lib +, gradle_7 +, perl +, makeWrapper +, openjdk17 +, unzip +, makeDesktopItem +, icoutils +, xcbuild +, protobuf +}: + +let + pkg_path = "$out/lib/ghidra"; + pname = "ghidra"; + version = "10.3.3"; + + src = fetchFromGitHub { + owner = "NationalSecurityAgency"; + repo = "Ghidra"; + rev = "Ghidra_${version}_build"; + hash = "sha256-KDSiZ/JwAqX6Obg9UD8ZQut01l/eMXbioJy//GluXn0="; + }; + + gradle = gradle_7; + + desktopItem = makeDesktopItem { + name = "ghidra"; + exec = "ghidra"; + icon = "ghidra"; + desktopName = "Ghidra"; + genericName = "Ghidra Software Reverse Engineering Suite"; + categories = [ "Development" ]; + }; + + # postPatch scripts. + # Tells ghidra to use our own protoc binary instead of the prebuilt one. + fixProtoc = '' + cat >>Ghidra/Debug/Debugger-gadp/build.gradle <<HERE +protobuf { + protoc { + path = '${protobuf}/bin/protoc' + } +} +HERE + cat >>Ghidra/Debug/Debugger-isf/build.gradle <<HERE +protobuf { + protoc { + path = '${protobuf}/bin/protoc' + } +} +HERE + ''; + + # Adds a gradle step that downloads all the dependencies to the gradle cache. + addResolveStep = '' + cat >>build.gradle <<HERE +task resolveDependencies { + doLast { + project.rootProject.allprojects.each { subProject -> + subProject.buildscript.configurations.each { configuration -> + resolveConfiguration(subProject, configuration, "buildscript config \''${configuration.name}") + } + subProject.configurations.each { configuration -> + resolveConfiguration(subProject, configuration, "config \''${configuration.name}") + } + } + } +} +void resolveConfiguration(subProject, configuration, name) { + if (configuration.canBeResolved) { + logger.info("Resolving project {} {}", subProject.name, name) + configuration.resolve() + } +} +HERE + ''; + + # fake build to pre-download deps into fixed-output derivation + # Taken from mindustry derivation. + deps = stdenv.mkDerivation { + pname = "${pname}-deps"; + inherit version src; + + patches = [ ./0001-Use-protobuf-gradle-plugin.patch ]; + postPatch = fixProtoc + addResolveStep; + + nativeBuildInputs = [ gradle perl ] ++ lib.optional stdenv.isDarwin xcbuild; + buildPhase = '' + export HOME="$NIX_BUILD_TOP/home" + mkdir -p "$HOME" + export JAVA_TOOL_OPTIONS="-Duser.home='$HOME'" + export GRADLE_USER_HOME="$HOME/.gradle" + + # First, fetch the static dependencies. + gradle --no-daemon --info -Dorg.gradle.java.home=${openjdk17} -I gradle/support/fetchDependencies.gradle init + + # Then, fetch the maven dependencies. + gradle --no-daemon --info -Dorg.gradle.java.home=${openjdk17} resolveDependencies + ''; + # perl code mavenizes pathes (com.squareup.okio/okio/1.13.0/a9283170b7305c8d92d25aff02a6ab7e45d06cbe/okio-1.13.0.jar -> com/squareup/okio/okio/1.13.0/okio-1.13.0.jar) + installPhase = '' + find $GRADLE_USER_HOME/caches/modules-2 -type f -regex '.*\.\(jar\|pom\)' \ + | perl -pe 's#(.*/([^/]+)/([^/]+)/([^/]+)/[0-9a-f]{30,40}/([^/\s]+))$# ($x = $2) =~ tr|\.|/|; "install -Dm444 $1 \$out/maven/$x/$3/$4/$5" #e' \ + | sh + cp -r dependencies $out/dependencies + ''; + outputHashAlgo = "sha256"; + outputHashMode = "recursive"; + outputHash = "sha256-HveS3f8XHpJqefc4djYmnYfd01H2OBFK5PLNOsHAqlc="; + }; + +in stdenv.mkDerivation { + inherit pname version src; + + nativeBuildInputs = [ + gradle unzip makeWrapper icoutils + ] ++ lib.optional stdenv.isDarwin xcbuild; + + dontStrip = true; + + patches = [ ./0001-Use-protobuf-gradle-plugin.patch ]; + postPatch = fixProtoc; + + buildPhase = '' + export HOME="$NIX_BUILD_TOP/home" + mkdir -p "$HOME" + export JAVA_TOOL_OPTIONS="-Duser.home='$HOME'" + + ln -s ${deps}/dependencies dependencies + + sed -i "s#mavenLocal()#mavenLocal(); maven { url '${deps}/maven' }#g" build.gradle + + gradle --offline --no-daemon --info -Dorg.gradle.java.home=${openjdk17} buildGhidra + ''; + + installPhase = '' + mkdir -p "${pkg_path}" "$out/share/applications" + + ZIP=build/dist/$(ls build/dist) + echo $ZIP + unzip $ZIP -d ${pkg_path} + f=("${pkg_path}"/*) + mv "${pkg_path}"/*/* "${pkg_path}" + rmdir "''${f[@]}" + + ln -s ${desktopItem}/share/applications/* $out/share/applications + + icotool -x "Ghidra/RuntimeScripts/Windows/support/ghidra.ico" + rm ghidra_4_40x40x32.png + for f in ghidra_*.png; do + res=$(basename "$f" ".png" | cut -d"_" -f3 | cut -d"x" -f1-2) + mkdir -pv "$out/share/icons/hicolor/$res/apps" + mv "$f" "$out/share/icons/hicolor/$res/apps/ghidra.png" + done; + ''; + + postFixup = '' + mkdir -p "$out/bin" + ln -s "${pkg_path}/ghidraRun" "$out/bin/ghidra" + wrapProgram "${pkg_path}/support/launch.sh" \ + --prefix PATH : ${lib.makeBinPath [ openjdk17 ]} + ''; + + meta = with lib; { + description = "A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission"; + homepage = "https://ghidra-sre.org/"; + platforms = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ]; + sourceProvenance = with sourceTypes; [ + fromSource + binaryBytecode # deps + ]; + license = licenses.asl20; + maintainers = with maintainers; [ roblabla ]; + broken = stdenv.isDarwin && stdenv.isx86_64; + }; + +} diff --git a/nixpkgs/pkgs/tools/security/ghidra/default.nix b/nixpkgs/pkgs/tools/security/ghidra/default.nix new file mode 100644 index 000000000000..34dcca4b4ca3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghidra/default.nix @@ -0,0 +1,80 @@ +{ stdenv +, fetchzip +, lib +, makeWrapper +, autoPatchelfHook +, openjdk17 +, pam +, makeDesktopItem +, icoutils +}: + +let + + pkg_path = "$out/lib/ghidra"; + + desktopItem = makeDesktopItem { + name = "ghidra"; + exec = "ghidra"; + icon = "ghidra"; + desktopName = "Ghidra"; + genericName = "Ghidra Software Reverse Engineering Suite"; + categories = [ "Development" ]; + }; + +in stdenv.mkDerivation rec { + pname = "ghidra"; + version = "10.3.1"; + versiondate = "20230614"; + + src = fetchzip { + url = "https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_${version}_build/ghidra_${version}_PUBLIC_${versiondate}.zip"; + hash = "sha256-I4FUEbBF/iwMP/iiA9Hjf36J4sAInhO80hLTbxWmUFc="; + }; + + nativeBuildInputs = [ + makeWrapper + icoutils + ] + ++ lib.optionals stdenv.isLinux [ autoPatchelfHook ]; + + buildInputs = [ + stdenv.cc.cc.lib + pam + ]; + + dontStrip = true; + + installPhase = '' + mkdir -p "${pkg_path}" + mkdir -p "${pkg_path}" "$out/share/applications" + cp -a * "${pkg_path}" + ln -s ${desktopItem}/share/applications/* $out/share/applications + + icotool -x "${pkg_path}/support/ghidra.ico" + rm ghidra_4_40x40x32.png + for f in ghidra_*.png; do + res=$(basename "$f" ".png" | cut -d"_" -f3 | cut -d"x" -f1-2) + mkdir -pv "$out/share/icons/hicolor/$res/apps" + mv "$f" "$out/share/icons/hicolor/$res/apps/ghidra.png" + done; + ''; + + postFixup = '' + mkdir -p "$out/bin" + ln -s "${pkg_path}/ghidraRun" "$out/bin/ghidra" + + wrapProgram "${pkg_path}/support/launch.sh" \ + --prefix PATH : ${lib.makeBinPath [ openjdk17 ]} + ''; + + meta = with lib; { + description = "A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission"; + homepage = "https://github.com/NationalSecurityAgency/ghidra"; + platforms = [ "x86_64-linux" "x86_64-darwin" ]; + sourceProvenance = with sourceTypes; [ binaryBytecode ]; + license = licenses.asl20; + maintainers = with maintainers; [ ck3d govanify mic92 ]; + }; + +} diff --git a/nixpkgs/pkgs/tools/security/ghost/default.nix b/nixpkgs/pkgs/tools/security/ghost/default.nix new file mode 100644 index 000000000000..124caef45c20 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghost/default.nix @@ -0,0 +1,34 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "ghost"; + version = "8.0.0"; + + disabled = python3.pythonOlder "3.7"; + + src = fetchFromGitHub { + owner = "EntySec"; + repo = "Ghost"; + rev = version; + sha256 = "13p3inw7v55na8438awr692v9vb7zgf5ggxpha9r3m8vfm3sb4iz"; + }; + + propagatedBuildInputs = with python3.pkgs; [ + adb-shell + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ "ghost" ]; + + meta = with lib; { + description = "Android post-exploitation framework"; + homepage = "https://github.com/EntySec/ghost"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gitjacker/default.nix b/nixpkgs/pkgs/tools/security/gitjacker/default.nix new file mode 100644 index 000000000000..c233032d9359 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gitjacker/default.nix @@ -0,0 +1,43 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, git +, stdenv +}: + +buildGoModule rec { + pname = "gitjacker"; + version = "0.1.0"; + + src = fetchFromGitHub { + owner = "liamg"; + repo = "gitjacker"; + rev = "v${version}"; + sha256 = "sha256-rEn9FpcRfEt2yGepIPEAO9m8JeVb+nMhYMBWhC/barc="; + }; + + vendorHash = null; + + propagatedBuildInputs = [ git ]; + + nativeCheckInputs = [ git ]; + + doCheck = !stdenv.isDarwin; + + preCheck = '' + export PATH=$TMPDIR/usr/bin:$PATH + ''; + + meta = with lib; { + description = "Leak git repositories from misconfigured websites"; + longDescription = '' + Gitjacker downloads git repositories and extracts their contents + from sites where the .git directory has been mistakenly uploaded. + It will still manage to recover a significant portion of a repository + even where directory listings are disabled. + ''; + homepage = "https://github.com/liamg/gitjacker"; + license = with licenses; [ unlicense ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gitleaks/default.nix b/nixpkgs/pkgs/tools/security/gitleaks/default.nix new file mode 100644 index 000000000000..96c4b0f4e155 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gitleaks/default.nix @@ -0,0 +1,58 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, gitleaks +, installShellFiles +, testers +}: + +buildGoModule rec { + pname = "gitleaks"; + version = "8.18.0"; + + src = fetchFromGitHub { + owner = "zricethezav"; + repo = pname; + rev = "v${version}"; + hash = "sha256-659wQBv8DuYB4vI+qnBLS9u22kGlg4ne4DyKFoomlOw="; + }; + + vendorHash = "sha256-PPEEQ2Bt20UK+mQL59jVnX8HtzCsqW4uRwR3mOdhDis="; + + ldflags = [ + "-s" + "-w" + "-X github.com/zricethezav/gitleaks/v${lib.versions.major version}/cmd.Version=${version}" + ]; + + nativeBuildInputs = [ + installShellFiles + ]; + + # With v8 the config tests are are blocking + doCheck = false; + + postInstall = '' + installShellCompletion --cmd ${pname} \ + --bash <($out/bin/${pname} completion bash) \ + --fish <($out/bin/${pname} completion fish) \ + --zsh <($out/bin/${pname} completion zsh) + ''; + + passthru.tests.version = testers.testVersion { + package = gitleaks; + command = "${pname} version"; + }; + + meta = with lib; { + description = "Scan git repos (or files) for secrets"; + longDescription = '' + Gitleaks is a SAST tool for detecting hardcoded secrets like passwords, + API keys and tokens in git repos. + ''; + homepage = "https://github.com/zricethezav/gitleaks"; + changelog = "https://github.com/zricethezav/gitleaks/releases/tag/v${version}"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gnome-keysign/default.nix b/nixpkgs/pkgs/tools/security/gnome-keysign/default.nix new file mode 100644 index 000000000000..56ea016eda93 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnome-keysign/default.nix @@ -0,0 +1,63 @@ +{ lib +, fetchFromGitLab +, python3 +, wrapGAppsHook +, gobject-introspection +, gtk3 +, glib +, gst_all_1 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "gnome-keysign"; + version = "1.3.0"; + + src = fetchFromGitLab { + domain = "gitlab.gnome.org"; + owner = "GNOME"; + repo = "gnome-keysign"; + rev = version; + hash = "sha256-k77z8Yligzs4rHpPckRGcC5qnCHynHQRjdDkzxwt1Ss="; + }; + + nativeBuildInputs = [ + wrapGAppsHook + gobject-introspection + ] ++ (with python3.pkgs; [ + babel + babelgladeextractor + ]); + + buildInputs = [ + # TODO: add avahi support + gtk3 + glib + gst_all_1.gstreamer + gst_all_1.gst-plugins-base + (gst_all_1.gst-plugins-good.override { gtkSupport = true; }) + (gst_all_1.gst-plugins-bad.override { enableZbar = true; }) # for zbar plug-in + ]; + + propagatedBuildInputs = with python3.pkgs; [ + dbus-python + future + gpgme + magic-wormhole + pygobject3 + pybluez + qrcode + requests + twisted + ]; + + # bunch of linting + doCheck = false; + + meta = with lib; { + description = "GTK/GNOME application to use GnuPG for signing other peoples’ keys"; + homepage = "https://wiki.gnome.org/Apps/Keysign"; + license = licenses.gpl3Plus; + maintainers = teams.gnome.members; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gnu-pw-mgr/default.nix b/nixpkgs/pkgs/tools/security/gnu-pw-mgr/default.nix new file mode 100644 index 000000000000..8478c3748366 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnu-pw-mgr/default.nix @@ -0,0 +1,20 @@ +{ stdenv, lib, fetchurl, gnulib }: + +stdenv.mkDerivation rec { + pname = "gnu-pw-mgr"; + version = "2.7.4"; + src = fetchurl { + url = "https://ftp.gnu.org/gnu/gnu-pw-mgr/${pname}-${version}.tar.xz"; + sha256 = "0fhwvsmsqpw0vnivarfg63l8pgwqfv7d5wi6l80jpb41dj6qpjz8"; + }; + + buildInputs = [ gnulib ]; + + meta = with lib; { + homepage = "https://www.gnu.org/software/gnu-pw-mgr/"; + description = "A password manager designed to make it easy to reconstruct difficult passwords"; + license = with licenses; [ gpl3Plus lgpl3Plus ]; + platforms = lib.platforms.linux; + maintainers = with maintainers; [ qoelet ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gnupg-pkcs11-scd/default.nix b/nixpkgs/pkgs/tools/security/gnupg-pkcs11-scd/default.nix new file mode 100644 index 000000000000..f7c22cddb5cb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg-pkcs11-scd/default.nix @@ -0,0 +1,34 @@ +{ lib, stdenv, fetchurl, libgpg-error, libassuan, libgcrypt, pkcs11helper, + pkg-config, openssl }: + +stdenv.mkDerivation rec { + pname = "gnupg-pkcs11-scd"; + version = "0.10.0"; + + src = fetchurl { + url = "https://github.com/alonbl/${pname}/releases/download/${pname}-${version}/${pname}-${version}.tar.bz2"; + sha256 = "sha256-Kb8p53gPkhxtOhH2COKwSDwbtRDFr6hHMJAkndV8Ukk="; + }; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ pkcs11helper openssl ]; + + configureFlags = [ + "--with-libgpg-error-prefix=${libgpg-error.dev}" + "--with-libassuan-prefix=${libassuan.dev}" + "--with-libgcrypt-prefix=${libgcrypt.dev}" + ]; + + meta = with lib; { + description = "A smart-card daemon to enable the use of PKCS#11 tokens with GnuPG"; + longDescription = '' + gnupg-pkcs11 is a project to implement a BSD-licensed smart-card + daemon to enable the use of PKCS#11 tokens with GnuPG. + ''; + homepage = "https://gnupg-pkcs11.sourceforge.net/"; + license = licenses.bsd3; + maintainers = with maintainers; [ matthiasbeyer philandstuff ]; + platforms = platforms.unix; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/gnupg/1.nix b/nixpkgs/pkgs/tools/security/gnupg/1.nix new file mode 100644 index 000000000000..390665fe44fd --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg/1.nix @@ -0,0 +1,40 @@ +{ lib, stdenv, fetchurl, readline, bzip2 }: + +stdenv.mkDerivation rec { + pname = "gnupg"; + version = "1.4.23"; + + src = fetchurl { + url = "mirror://gnupg/gnupg/gnupg-${version}.tar.bz2"; + sha256 = "1fkq4sqldvf6a25mm2qz95swv1qjg464736091w51djiwqbjyin9"; + }; + + buildInputs = [ readline bzip2 ]; + + # Workaround build failure on -fno-common toolchains like upstream + # gcc-10. Otherwise build fails as: + # ld: ../util/libutil.a(estream-printf.o):/build/gnupg-1.4.23/util/../include/memory.h:100: multiple definition of + # `memory_debug_mode'; gpgsplit.o:/build/gnupg-1.4.23/tools/../include/memory.h:100: first defined here + env.NIX_CFLAGS_COMPILE = "-fcommon"; + + doCheck = true; + + meta = with lib; { + homepage = "https://gnupg.org"; + description = "Classic (1.4) release of the GNU Privacy Guard, a GPL OpenPGP implementation"; + license = licenses.gpl3Plus; + longDescription = '' + The GNU Privacy Guard is the GNU project's complete and free + implementation of the OpenPGP standard as defined by RFC4880. GnuPG + "classic" (1.4) is the old standalone version which is most suitable for + older or embedded platforms. GnuPG allows to encrypt and sign your data + and communication, features a versatile key management system as well as + access modules for all kind of public key directories. GnuPG, also known + as GPG, is a command line tool with features for easy integration with + other applications. A wealth of frontend applications and libraries are + available. + ''; + platforms = platforms.all; + mainProgram = "gpg"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gnupg/1compat.nix b/nixpkgs/pkgs/tools/security/gnupg/1compat.nix new file mode 100644 index 000000000000..6625a4567954 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg/1compat.nix @@ -0,0 +1,31 @@ +{ stdenv, gnupg, coreutils, writeScript }: + +stdenv.mkDerivation { + pname = "gnupg1compat"; + version = gnupg.version; + + builder = writeScript "gnupg1compat-builder" '' + PATH=${coreutils}/bin + # First symlink all top-level dirs + mkdir -p $out + ln -s "${gnupg}/"* $out + + # Replace bin with directory and symlink it contents + rm $out/bin + mkdir -p $out/bin + ln -s "${gnupg}/bin/"* $out/bin + + # Add symlinks for any executables that end in 2 and lack any non-*2 version + for f in $out/bin/*2; do + [[ -x $f ]] || continue # ignore failed globs and non-executable files + [[ -e ''${f%2} ]] && continue # ignore commands that already have non-*2 versions + ln -s -- "''${f##*/}" "''${f%2}" + done + ''; + + meta = gnupg.meta // { + description = gnupg.meta.description + + " with symbolic links for gpg and gpgv"; + priority = -1; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gnupg/22-allow-import-of-previously-known-keys-even-without-UI.patch b/nixpkgs/pkgs/tools/security/gnupg/22-allow-import-of-previously-known-keys-even-without-UI.patch new file mode 100644 index 000000000000..e8fbe1688402 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg/22-allow-import-of-previously-known-keys-even-without-UI.patch @@ -0,0 +1,107 @@ +From: Vincent Breitmoser <look@my.amazin.horse> +Date: Thu, 13 Jun 2019 21:27:42 +0200 +Subject: gpg: allow import of previously known keys, even without UIDs + +* g10/import.c (import_one): Accept an incoming OpenPGP certificate that +has no user id, as long as we already have a local variant of the cert +that matches the primary key. + +-- + +This fixes two of the three broken tests in import-incomplete.scm. + +GnuPG-Bug-id: 4393 +Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +--- + g10/import.c | 44 +++++++++++--------------------------------- + 1 file changed, 11 insertions(+), 33 deletions(-) + + +diff --git a/g10/import.c b/g10/import.c +index cd3363fc7..8f10771db 100644 +--- a/g10/import.c ++++ b/g10/import.c +@@ -1858,7 +1858,6 @@ import_one_real (ctrl_t ctrl, + size_t an; + char pkstrbuf[PUBKEY_STRING_SIZE]; + int merge_keys_done = 0; +- int any_filter = 0; + KEYDB_HANDLE hd = NULL; + + if (r_valid) +@@ -1896,13 +1895,6 @@ import_one_real (ctrl_t ctrl, + } + + +- if (!uidnode ) +- { +- if (!silent) +- log_error( _("key %s: no user ID\n"), keystr_from_pk(pk)); +- return 0; +- } +- + if (screener && screener (keyblock, screener_arg)) + { + log_error (_("key %s: %s\n"), keystr_from_pk (pk), +@@ -1977,18 +1969,10 @@ import_one_real (ctrl_t ctrl, + } + } + +- /* Delete invalid parts and bail out if there are no user ids left. */ +- if (!delete_inv_parts (ctrl, keyblock, keyid, options, otherrevsigs)) +- { +- if (!silent) +- { +- log_error( _("key %s: no valid user IDs\n"), keystr_from_pk(pk)); +- if (!opt.quiet ) +- log_info(_("this may be caused by a missing self-signature\n")); +- } +- stats->no_user_id++; +- return 0; +- } ++ /* Delete invalid parts, and note if we have any valid ones left. ++ * We will later abort import if this key is new but contains ++ * no valid uids. */ ++ delete_inv_parts (ctrl, keyblock, keyid, options, otherrevsigs); + + /* Get rid of deleted nodes. */ + commit_kbnode (&keyblock); +@@ -1998,24 +1982,11 @@ import_one_real (ctrl_t ctrl, + { + apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid); + commit_kbnode (&keyblock); +- any_filter = 1; + } + if (import_filter.drop_sig) + { + apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig); + commit_kbnode (&keyblock); +- any_filter = 1; +- } +- +- /* If we ran any filter we need to check that at least one user id +- * is left in the keyring. Note that we do not use log_error in +- * this case. */ +- if (any_filter && !any_uid_left (keyblock)) +- { +- if (!opt.quiet ) +- log_info ( _("key %s: no valid user IDs\n"), keystr_from_pk (pk)); +- stats->no_user_id++; +- return 0; + } + + /* The keyblock is valid and ready for real import. */ +@@ -2073,6 +2044,13 @@ import_one_real (ctrl_t ctrl, + err = 0; + stats->skipped_new_keys++; + } ++ else if (err && !any_uid_left (keyblock)) ++ { ++ if (!silent) ++ log_info( _("key %s: new key but contains no user ID - skipped\n"), keystr(keyid)); ++ err = 0; ++ stats->no_user_id++; ++ } + else if (err) /* Insert this key. */ + { + /* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY. */ diff --git a/nixpkgs/pkgs/tools/security/gnupg/22.nix b/nixpkgs/pkgs/tools/security/gnupg/22.nix new file mode 100644 index 000000000000..78f4af894a30 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg/22.nix @@ -0,0 +1,105 @@ +{ lib, stdenv, fetchurl, buildPackages +, pkg-config, texinfo +, gettext, libassuan, libgcrypt, libgpg-error, libiconv, libksba, npth +, adns, bzip2, gnutls, libusb1, openldap, readline, sqlite, zlib +, enableMinimal ? false +, withPcsc ? !enableMinimal, pcsclite +, guiSupport ? stdenv.isDarwin, pinentry +}: + +assert guiSupport -> enableMinimal == false; + +stdenv.mkDerivation rec { + pname = "gnupg"; + version = "2.2.41"; + + src = fetchurl { + url = "mirror://gnupg/gnupg/${pname}-${version}.tar.bz2"; + hash = "sha256-E/MpEAel6FRvy3vAxmEM5EqqmzmVBZ1PgUW6Cf1b4+E="; + }; + + depsBuildBuild = [ buildPackages.stdenv.cc ]; + nativeBuildInputs = [ pkg-config texinfo ]; + buildInputs = [ + gettext libassuan libgcrypt libgpg-error libiconv libksba npth + ] ++ lib.optionals (!enableMinimal) [ + adns bzip2 gnutls libusb1 openldap readline sqlite zlib + ]; + + patches = [ + ./fix-libusb-include-path.patch + ./tests-add-test-cases-for-import-without-uid.patch + ./accept-subkeys-with-a-good-revocation-but-no-self-sig.patch + ./22-allow-import-of-previously-known-keys-even-without-UI.patch + ]; + + postPatch = '' + sed -i 's,hkps://hkps.pool.sks-keyservers.net,hkps://keys.openpgp.org,g' configure doc/dirmngr.texi doc/gnupg.info-1 + # Fix broken SOURCE_DATE_EPOCH usage - remove on the next upstream update + sed -i 's/$SOURCE_DATE_EPOCH/''${SOURCE_DATE_EPOCH}/' doc/Makefile.am + sed -i 's/$SOURCE_DATE_EPOCH/''${SOURCE_DATE_EPOCH}/' doc/Makefile.in + '' + lib.optionalString (stdenv.isLinux && withPcsc) '' + sed -i 's,"libpcsclite\.so[^"]*","${lib.getLib pcsclite}/lib/libpcsclite.so",g' scd/scdaemon.c + ''; + + configureFlags = [ + "--with-libgpg-error-prefix=${libgpg-error.dev}" + "--with-libgcrypt-prefix=${libgcrypt.dev}" + "--with-libassuan-prefix=${libassuan.dev}" + "--with-ksba-prefix=${libksba.dev}" + "--with-npth-prefix=${npth}" + ] + ++ lib.optional guiSupport "--with-pinentry-pgm=${pinentry}/${pinentry.binaryPath or "bin/pinentry"}" + ++ lib.optional stdenv.isDarwin "--disable-ccid-driver"; + + postInstall = if enableMinimal + then '' + rm -r $out/{libexec,sbin,share} + for f in $(find $out/bin -type f -not -name gpg) + do + rm $f + done + '' else '' + mkdir -p $out/lib/systemd/user + for f in doc/examples/systemd-user/*.{service,socket} ; do + substitute $f $out/lib/systemd/user/$(basename $f) \ + --replace /usr/bin $out/bin + done + + # add gpg2 symlink to make sure git does not break when signing commits + ln -s $out/bin/gpg $out/bin/gpg2 + + # Make libexec tools available in PATH + for f in $out/libexec/; do + if [[ "$(basename $f)" == "gpg-wks-client" ]]; then continue; fi + ln -s $f $out/bin/$(basename $f) + done + + ln -s -t $out/bin $out/libexec/* + ''; + + enableParallelBuilding = true; + + passthru.tests = lib.nixosTests.gnupg; + + meta = with lib; { + homepage = "https://gnupg.org"; + changelog = "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=${pname}.git;a=blob;f=NEWS;hb=refs/tags/${pname}-${version}"; + description = "LTS release of the GNU Privacy Guard, a GPL OpenPGP implementation"; + license = licenses.gpl3Plus; + longDescription = '' + The GNU Privacy Guard is the GNU project's complete and free + implementation of the OpenPGP standard as defined by RFC4880. GnuPG + "modern" (2.1) is the latest development with a lot of new features. + GnuPG allows to encrypt and sign your data and communication, features a + versatile key management system as well as access modules for all kind of + public key directories. GnuPG, also known as GPG, is a command line tool + with features for easy integration with other applications. A wealth of + frontend applications and libraries are available. Version 2 of GnuPG + also provides support for S/MIME. + ''; + maintainers = with maintainers; [ fpletz vrthra ]; + platforms = platforms.all; + mainProgram = "gpg"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gnupg/24-allow-import-of-previously-known-keys-even-without-UI.patch b/nixpkgs/pkgs/tools/security/gnupg/24-allow-import-of-previously-known-keys-even-without-UI.patch new file mode 100644 index 000000000000..8d4f703a3dd1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg/24-allow-import-of-previously-known-keys-even-without-UI.patch @@ -0,0 +1,107 @@ +From: Vincent Breitmoser <look@my.amazin.horse> +Date: Thu, 13 Jun 2019 21:27:42 +0200 +Subject: gpg: allow import of previously known keys, even without UIDs + +* g10/import.c (import_one): Accept an incoming OpenPGP certificate that +has no user id, as long as we already have a local variant of the cert +that matches the primary key. + +-- + +This fixes two of the three broken tests in import-incomplete.scm. + +GnuPG-Bug-id: 4393 +Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +--- + g10/import.c | 44 +++++++++++--------------------------------- + 1 file changed, 11 insertions(+), 33 deletions(-) + + +diff --git a/g10/import.c b/g10/import.c +index 9fab46ca6..61896a6bf 100644 +--- a/g10/import.c ++++ b/g10/import.c +@@ -1954,7 +1954,6 @@ import_one_real (ctrl_t ctrl, + size_t an; + char pkstrbuf[PUBKEY_STRING_SIZE]; + int merge_keys_done = 0; +- int any_filter = 0; + KEYDB_HANDLE hd = NULL; + + if (r_valid) +@@ -1992,13 +1991,6 @@ import_one_real (ctrl_t ctrl, + } + + +- if (!uidnode) +- { +- if (!silent) +- log_error( _("key %s: no user ID\n"), keystr_from_pk(pk)); +- return 0; +- } +- + if (screener && screener (keyblock, screener_arg)) + { + log_error (_("key %s: %s\n"), keystr_from_pk (pk), +@@ -2078,18 +2070,10 @@ import_one_real (ctrl_t ctrl, + } + } + +- /* Delete invalid parts and bail out if there are no user ids left. */ +- if (!delete_inv_parts (ctrl, keyblock, keyid, options, otherrevsigs)) +- { +- if (!silent) +- { +- log_error ( _("key %s: no valid user IDs\n"), keystr_from_pk(pk)); +- if (!opt.quiet) +- log_info(_("this may be caused by a missing self-signature\n")); +- } +- stats->no_user_id++; +- return 0; +- } ++ /* Delete invalid parts, and note if we have any valid ones left. ++ * We will later abort import if this key is new but contains ++ * no valid uids. */ ++ delete_inv_parts (ctrl, keyblock, keyid, options, otherrevsigs); + + /* Get rid of deleted nodes. */ + commit_kbnode (&keyblock); +@@ -2099,24 +2083,11 @@ import_one_real (ctrl_t ctrl, + { + apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid); + commit_kbnode (&keyblock); +- any_filter = 1; + } + if (import_filter.drop_sig) + { + apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig); + commit_kbnode (&keyblock); +- any_filter = 1; +- } +- +- /* If we ran any filter we need to check that at least one user id +- * is left in the keyring. Note that we do not use log_error in +- * this case. */ +- if (any_filter && !any_uid_left (keyblock)) +- { +- if (!opt.quiet ) +- log_info ( _("key %s: no valid user IDs\n"), keystr_from_pk (pk)); +- stats->no_user_id++; +- return 0; + } + + /* The keyblock is valid and ready for real import. */ +@@ -2174,6 +2145,13 @@ import_one_real (ctrl_t ctrl, + err = 0; + stats->skipped_new_keys++; + } ++ else if (err && !any_uid_left (keyblock)) ++ { ++ if (!silent) ++ log_info( _("key %s: new key but contains no user ID - skipped\n"), keystr(keyid)); ++ err = 0; ++ stats->no_user_id++; ++ } + else if (err) /* Insert this key. */ + { + /* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY. */ diff --git a/nixpkgs/pkgs/tools/security/gnupg/24.nix b/nixpkgs/pkgs/tools/security/gnupg/24.nix new file mode 100644 index 000000000000..2f5c6e2ce428 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg/24.nix @@ -0,0 +1,105 @@ +{ lib, stdenv, fetchurl, buildPackages +, pkg-config, texinfo +, gettext, libassuan, libgcrypt, libgpg-error, libiconv, libksba, npth +, adns, bzip2, gnutls, libusb1, openldap, readline, sqlite, zlib +, enableMinimal ? false +, withPcsc ? !enableMinimal, pcsclite +, guiSupport ? stdenv.isDarwin, pinentry +, withTpm2Tss ? !stdenv.isDarwin && !enableMinimal, tpm2-tss +, nixosTests +}: + +assert guiSupport -> enableMinimal == false; + +stdenv.mkDerivation rec { + pname = "gnupg"; + version = "2.4.1"; + + src = fetchurl { + url = "mirror://gnupg/gnupg/${pname}-${version}.tar.bz2"; + hash = "sha256-drceWutEO/2RDOnLyCgbYXyDQWh6+2e65FWHeXK1neg="; + }; + + depsBuildBuild = [ buildPackages.stdenv.cc ]; + nativeBuildInputs = [ pkg-config texinfo ]; + buildInputs = [ + gettext libassuan libgcrypt libgpg-error libiconv libksba npth + ] ++ lib.optionals (!enableMinimal) [ + adns bzip2 gnutls libusb1 openldap readline sqlite zlib + ] ++ lib.optionals withTpm2Tss [ tpm2-tss ]; + + patches = [ + ./fix-libusb-include-path.patch + ./tests-add-test-cases-for-import-without-uid.patch + ./accept-subkeys-with-a-good-revocation-but-no-self-sig.patch + ./24-allow-import-of-previously-known-keys-even-without-UI.patch + # Patch for DoS vuln from https://seclists.org/oss-sec/2022/q3/27 + ./v3-0001-Disallow-compressed-signatures-and-certificates.patch + ]; + + postPatch = '' + sed -i 's,\(hkps\|https\)://keyserver.ubuntu.com,hkps://keys.openpgp.org,g' configure configure.ac doc/dirmngr.texi doc/gnupg.info-1 + '' + lib.optionalString (stdenv.isLinux && withPcsc) '' + sed -i 's,"libpcsclite\.so[^"]*","${lib.getLib pcsclite}/lib/libpcsclite.so",g' scd/scdaemon.c + ''; + + configureFlags = [ + "--sysconfdir=/etc" + "--with-libgpg-error-prefix=${libgpg-error.dev}" + "--with-libgcrypt-prefix=${libgcrypt.dev}" + "--with-libassuan-prefix=${libassuan.dev}" + "--with-ksba-prefix=${libksba.dev}" + "--with-npth-prefix=${npth}" + ] + ++ lib.optional guiSupport "--with-pinentry-pgm=${pinentry}/${pinentry.binaryPath or "bin/pinentry"}" + ++ lib.optional withTpm2Tss "--with-tss=intel" + ++ lib.optional stdenv.isDarwin "--disable-ccid-driver"; + + postInstall = if enableMinimal + then '' + rm -r $out/{libexec,sbin,share} + for f in $(find $out/bin -type f -not -name gpg) + do + rm $f + done + '' else '' + # add gpg2 symlink to make sure git does not break when signing commits + ln -s $out/bin/gpg $out/bin/gpg2 + + # Make libexec tools available in PATH + for f in $out/libexec/; do + if [[ "$(basename $f)" == "gpg-wks-client" ]]; then continue; fi + ln -s $f $out/bin/$(basename $f) + done + + for f in $out/libexec/; do + if [[ "$(basename $f)" == "gpg-wks-client" ]]; then continue; fi + ln -s $f $out/bin/$(basename $f) + done + ''; + + enableParallelBuilding = true; + + passthru.tests = nixosTests.gnupg; + + meta = with lib; { + homepage = "https://gnupg.org"; + changelog = "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=${pname}.git;a=blob;f=NEWS;hb=refs/tags/${pname}-${version}"; + description = "Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation"; + license = licenses.gpl3Plus; + longDescription = '' + The GNU Privacy Guard is the GNU project's complete and free + implementation of the OpenPGP standard as defined by RFC4880. GnuPG + "modern" (2.1) is the latest development with a lot of new features. + GnuPG allows to encrypt and sign your data and communication, features a + versatile key management system as well as access modules for all kind of + public key directories. GnuPG, also known as GPG, is a command line tool + with features for easy integration with other applications. A wealth of + frontend applications and libraries are available. Version 2 of GnuPG + also provides support for S/MIME. + ''; + maintainers = with maintainers; [ fpletz vrthra ]; + platforms = platforms.all; + mainProgram = "gpg"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gnupg/accept-subkeys-with-a-good-revocation-but-no-self-sig.patch b/nixpkgs/pkgs/tools/security/gnupg/accept-subkeys-with-a-good-revocation-but-no-self-sig.patch new file mode 100644 index 000000000000..5cbec92ae683 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg/accept-subkeys-with-a-good-revocation-but-no-self-sig.patch @@ -0,0 +1,32 @@ +From: Vincent Breitmoser <look@my.amazin.horse> +Date: Thu, 13 Jun 2019 21:27:43 +0200 +Subject: gpg: accept subkeys with a good revocation but no self-sig during + import + +* g10/import.c (chk_self_sigs): Set the NODE_GOOD_SELFSIG flag when we +encounter a valid revocation signature. This allows import of subkey +revocation signatures, even in the absence of a corresponding subkey +binding signature. + +-- + +This fixes the remaining test in import-incomplete.scm. + +GnuPG-Bug-id: 4393 +Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +--- + g10/import.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/g10/import.c b/g10/import.c +index 4fdf248..ee2fed8 100644 +--- a/g10/import.c ++++ b/g10/import.c +@@ -3613,6 +3613,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self) + /* It's valid, so is it newer? */ + if (sig->timestamp >= rsdate) + { ++ knode->flag |= NODE_GOOD_SELFSIG; /* Subkey is valid. */ + if (rsnode) + { + /* Delete the last revocation sig since diff --git a/nixpkgs/pkgs/tools/security/gnupg/clang.patch b/nixpkgs/pkgs/tools/security/gnupg/clang.patch new file mode 100644 index 000000000000..842785e5c932 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg/clang.patch @@ -0,0 +1,13 @@ +diff --git a/gl/stdint_.h b/gl/stdint_.h +index bc27595..303e81a 100644 +--- a/gl/stdint_.h ++++ b/gl/stdint_.h +@@ -62,7 +62,7 @@ + int{8,16,32,64}_t, uint{8,16,32,64}_t and __BIT_TYPES_DEFINED__. + <inttypes.h> also defines intptr_t and uintptr_t. */ + # define _GL_JUST_INCLUDE_ABSOLUTE_INTTYPES_H +-# include <inttypes.h> ++// # include <inttypes.h> + # undef _GL_JUST_INCLUDE_ABSOLUTE_INTTYPES_H + #elif @HAVE_SYS_INTTYPES_H@ + /* Solaris 7 <sys/inttypes.h> has the types except the *_fast*_t types, and diff --git a/nixpkgs/pkgs/tools/security/gnupg/fix-libusb-include-path.patch b/nixpkgs/pkgs/tools/security/gnupg/fix-libusb-include-path.patch new file mode 100644 index 000000000000..f20249b1cad1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg/fix-libusb-include-path.patch @@ -0,0 +1,12 @@ +--- a/configure ++++ b/configure +@@ -9281,8 +9281,7 @@ fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking libusb include dir" >&5 + $as_echo_n "checking libusb include dir... " >&6; } + usb_incdir_found="no" +- for _incdir in "" "/usr/include/libusb-1.0" \ +- "/usr/local/include/libusb-1.0" "/usr/pkg/include/libusb-1.0"; do ++ for _incdir in "$($PKG_CONFIG --variable=includedir libusb-1.0)/libusb-1.0"; do + _libusb_save_cppflags=$CPPFLAGS + if test -n "${_incdir}"; then + CPPFLAGS="-I${_incdir} ${CPPFLAGS}" diff --git a/nixpkgs/pkgs/tools/security/gnupg/gpgkey2ssh-20.patch b/nixpkgs/pkgs/tools/security/gnupg/gpgkey2ssh-20.patch new file mode 100644 index 000000000000..65804bac7642 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg/gpgkey2ssh-20.patch @@ -0,0 +1,14 @@ +diff --git a/tools/gpgkey2ssh.c b/tools/gpgkey2ssh.c +index 903fb5b..d5611dc 100644 +--- a/tools/gpgkey2ssh.c ++++ b/tools/gpgkey2ssh.c +@@ -268,7 +268,7 @@ main (int argc, char **argv) + keyid = argv[1]; + + ret = asprintf (&command, +- "gpg --list-keys --with-colons --with-key-data '%s'", ++ "@out@/bin/gpg --list-keys --with-colons --with-key-data '%s'", + keyid); + assert (ret > 0); + + diff --git a/nixpkgs/pkgs/tools/security/gnupg/tests-add-test-cases-for-import-without-uid.patch b/nixpkgs/pkgs/tools/security/gnupg/tests-add-test-cases-for-import-without-uid.patch new file mode 100644 index 000000000000..37ddeea22495 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg/tests-add-test-cases-for-import-without-uid.patch @@ -0,0 +1,201 @@ +From: Vincent Breitmoser <look@my.amazin.horse> +Date: Thu, 13 Jun 2019 21:27:41 +0200 +Subject: tests: add test cases for import without uid + +This commit adds a test case that does the following, in order: +- Import of a primary key plus user id +- Check that import of a subkey works, without a user id present in the +imported key +- Check that import of a subkey revocation works, without a user id or +subkey binding signature present in the imported key +- Check that import of a primary key revocation works, without a user id +present in the imported key + +-- + +Note that this test currently fails. The following changesets will +fix gpg so that the tests pass. + +GnuPG-Bug-id: 4393 +Signed-Off-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +--- + tests/openpgp/Makefile.am | 1 + + tests/openpgp/import-incomplete.scm | 68 ++++++++++++++++++++++ + .../import-incomplete/primary+revocation.asc | 9 +++ + .../primary+subkey+sub-revocation.asc | 10 ++++ + .../import-incomplete/primary+subkey+sub-sig.asc | 10 ++++ + .../openpgp/import-incomplete/primary+uid-sig.asc | 10 ++++ + tests/openpgp/import-incomplete/primary+uid.asc | 10 ++++ + 7 files changed, 118 insertions(+) + create mode 100755 tests/openpgp/import-incomplete.scm + create mode 100644 tests/openpgp/import-incomplete/primary+revocation.asc + create mode 100644 tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc + create mode 100644 tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc + create mode 100644 tests/openpgp/import-incomplete/primary+uid-sig.asc + create mode 100644 tests/openpgp/import-incomplete/primary+uid.asc + +diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am +index f6014c9..6423da1 100644 +--- a/tests/openpgp/Makefile.am ++++ b/tests/openpgp/Makefile.am +@@ -78,6 +78,7 @@ XTESTS = \ + gpgv-forged-keyring.scm \ + armor.scm \ + import.scm \ ++ import-incomplete.scm \ + import-revocation-certificate.scm \ + ecc.scm \ + 4gb-packet.scm \ +diff --git a/tests/openpgp/import-incomplete.scm b/tests/openpgp/import-incomplete.scm +new file mode 100755 +index 0000000..727a027 +--- /dev/null ++++ b/tests/openpgp/import-incomplete.scm +@@ -0,0 +1,68 @@ ++#!/usr/bin/env gpgscm ++ ++;; Copyright (C) 2016 g10 Code GmbH ++;; ++;; This file is part of GnuPG. ++;; ++;; GnuPG is free software; you can redistribute it and/or modify ++;; it under the terms of the GNU General Public License as published by ++;; the Free Software Foundation; either version 3 of the License, or ++;; (at your option) any later version. ++;; ++;; GnuPG is distributed in the hope that it will be useful, ++;; but WITHOUT ANY WARRANTY; without even the implied warranty of ++;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++;; GNU General Public License for more details. ++;; ++;; You should have received a copy of the GNU General Public License ++;; along with this program; if not, see <http://www.gnu.org/licenses/>. ++ ++(load (in-srcdir "tests" "openpgp" "defs.scm")) ++(setup-environment) ++ ++(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+uid.asc"))) ++ ++(info "Test import of new subkey, from a certificate without uid") ++(define keyid "573EA710367356BB") ++(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+subkey+sub-sig.asc"))) ++(tr:do ++ (tr:pipe-do ++ (pipe:gpg `(--list-keys --with-colons ,keyid))) ++ (tr:call-with-content ++ (lambda (c) ++ ;; XXX we do not have a regexp library ++ (unless (any (lambda (line) ++ (and (string-prefix? line "sub:") ++ (string-contains? line "573EA710367356BB"))) ++ (string-split-newlines c)) ++ (exit 1))))) ++ ++(info "Test import of a subkey revocation, from a certificate without uid") ++(define keyid "573EA710367356BB") ++(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+subkey+sub-revocation.asc"))) ++(tr:do ++ (tr:pipe-do ++ (pipe:gpg `(--list-keys --with-colons ,keyid))) ++ (tr:call-with-content ++ (lambda (c) ++ ;; XXX we do not have a regexp library ++ (unless (any (lambda (line) ++ (and (string-prefix? line "sub:r:") ++ (string-contains? line "573EA710367356BB"))) ++ (string-split-newlines c)) ++ (exit 1))))) ++ ++(info "Test import of revocation, from a certificate without uid") ++(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+revocation.asc"))) ++(tr:do ++ (tr:pipe-do ++ (pipe:gpg `(--list-keys --with-colons ,keyid))) ++ (tr:call-with-content ++ (lambda (c) ++ ;; XXX we do not have a regexp library ++ (unless (any (lambda (line) ++ (and (string-prefix? line "pub:r:") ++ (string-contains? line "0843DA969AA8DAFB"))) ++ (string-split-newlines c)) ++ (exit 1))))) ++ +diff --git a/tests/openpgp/import-incomplete/primary+revocation.asc b/tests/openpgp/import-incomplete/primary+revocation.asc +new file mode 100644 +index 0000000..6b7b608 +--- /dev/null ++++ b/tests/openpgp/import-incomplete/primary+revocation.asc +@@ -0,0 +1,9 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Comment: [E] primary key, revocation signature over primary (no user ID) ++ ++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ ++631VAN2IeAQgFggAIBYhBLRpj5W82H/gSMzKKQhD2paaqNr7BQJc2ZQZAh0AAAoJ ++EAhD2paaqNr7qAwA/2jBUpnN0BxwRO/4CrxvrLIsL+C9aSXJUOTv8XkP4lvtAQD3 ++XsDFfFNgEueiTfF7HtOGt5LPmRqVvUpQSMVgJJW6CQ== ++=tM90 ++-----END PGP PUBLIC KEY BLOCK----- +diff --git a/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc b/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc +new file mode 100644 +index 0000000..83a51a5 +--- /dev/null ++++ b/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc +@@ -0,0 +1,10 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Comment: [D] primary key, subkey, subkey revocation (no user ID) ++ ++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ ++631VAN24OARc2ZQhEgorBgEEAZdVAQUBAQdABsd5ha0AWXdXcSmfeiWIfrNcGqQK ++j++lwwWDAOlkVicDAQgHiHgEKBYIACAWIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC ++XNmnkAIdAgAKCRAIQ9qWmqja+ylaAQDmIKf86BJEq4OpDqU+V9D+wn2cyuxbyWVQ ++3r9LiL9qNwD/QAjyrhSN8L3Mfq+wdTHo5i0yB9ZCCpHLXSbhCqfWZwQ= ++=dwx2 ++-----END PGP PUBLIC KEY BLOCK----- +diff --git a/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc b/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc +new file mode 100644 +index 0000000..dc47a02 +--- /dev/null ++++ b/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc +@@ -0,0 +1,10 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Comment: [B] primary key, subkey, subkey binding sig (no user ID) ++ ++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ ++631VAN24OARc2ZQhEgorBgEEAZdVAQUBAQdABsd5ha0AWXdXcSmfeiWIfrNcGqQK ++j++lwwWDAOlkVicDAQgHiHgEGBYIACAWIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC ++XNmUIQIbDAAKCRAIQ9qWmqja++vFAP98G1L+1/rWTGbsnxOAV2RocBYIroAvsbkR ++Ly6FdP8YNwEA7jOgT05CoKIe37MstpOz23mM80AK369Ca3JMmKKCQgg= ++=xuDu ++-----END PGP PUBLIC KEY BLOCK----- +diff --git a/tests/openpgp/import-incomplete/primary+uid-sig.asc b/tests/openpgp/import-incomplete/primary+uid-sig.asc +new file mode 100644 +index 0000000..134607d +--- /dev/null ++++ b/tests/openpgp/import-incomplete/primary+uid-sig.asc +@@ -0,0 +1,10 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Comment: [C] primary key and self-sig expiring in 2024 (no user ID) ++ ++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ ++631VAN2IlgQTFggAPgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBLRpj5W8 ++2H/gSMzKKQhD2paaqNr7BQJc2ZR1BQkJZgHcAAoJEAhD2paaqNr79soA/0lWkUsu ++3NLwgbni6EzJxnTzgeNMpljqNpipHAwfix9hAP93AVtFdC8g7hdUZxawobl9lnSN ++9ohXOEBWvdJgVv2YAg== ++=KWIK ++-----END PGP PUBLIC KEY BLOCK----- +diff --git a/tests/openpgp/import-incomplete/primary+uid.asc b/tests/openpgp/import-incomplete/primary+uid.asc +new file mode 100644 +index 0000000..055f300 +--- /dev/null ++++ b/tests/openpgp/import-incomplete/primary+uid.asc +@@ -0,0 +1,10 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Comment: [A] primary key, user ID, and self-sig expiring in 2021 ++ ++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ ++631VAN20CHRlc3Qga2V5iJYEExYIAD4WIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC ++XNmUGQIbAwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAIQ9qWmqja +++0G1AQDdQiwhXxjXLMqoth+D4SigVHTJK8ORwifzsy3UE7mPGwD/aZ67XbAF/lgI ++kv2O1Jo0u9BL9RNNF+L0DM7rAFbfMAs= ++=1eII ++-----END PGP PUBLIC KEY BLOCK----- diff --git a/nixpkgs/pkgs/tools/security/gnupg/v3-0001-Disallow-compressed-signatures-and-certificates.patch b/nixpkgs/pkgs/tools/security/gnupg/v3-0001-Disallow-compressed-signatures-and-certificates.patch new file mode 100644 index 000000000000..267085dff4c8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gnupg/v3-0001-Disallow-compressed-signatures-and-certificates.patch @@ -0,0 +1,216 @@ +From 459b61fa21db755d6c879c3ef9ab85b3d1786c9f Mon Sep 17 00:00:00 2001 +From: Demi Marie Obenour <demi () invisiblethingslab com> +Date: Fri, 27 May 2022 19:51:19 -0400 +Subject: [PATCH GnuPG v3] Disallow compressed signatures and certificates + +Compressed packets have significant attack surface, due to the potential +for both denial of service (zip bombs and the like) and for code +execution via memory corruption vulnerabilities in the decompressor. +Furthermore, I am not aware of any implementation that uses them in keys +or detached signatures. Therefore, disallow their use in such contexts +entirely. This includes signatures that are part of a cleartext-signed +message. + +When parsing detached signatures, forbid any packet that is not a +signature or marker packet. When parsing keys, return an error when +encountering a compressed packet, instead of decompressing the packet. + +Furthermore, certificates, keys, and signatures are not allowed to +contain partial-length or indeterminate-length packets. Reject those in +parse_packet, rather than activating the partial-length filter code. +This is not (yet) implemented for cleartext-signed messages, as these +messages are internally represented as inline-signed messages. + +GnuPG-bug-id: T5993 +Signed-off-by: Demi Marie Obenour <demiobenour () gmail com> +--- + g10/import.c | 18 ++---------------- + g10/mainproc.c | 24 +++++++++++++++++++++--- + g10/packet.h | 2 ++ + g10/parse-packet.c | 44 +++++++++++++++++++++++++++++++++++++++++++- + 4 files changed, 68 insertions(+), 20 deletions(-) + +diff --git a/g10/import.c b/g10/import.c +index bb0bf67934a8316130cde182cd43d56353e0171d..a8136351f6f7dae8c65634ed8e1c242d323e2009 100644 +--- a/g10/import.c ++++ b/g10/import.c +@@ -1042,22 +1042,8 @@ read_block( IOBUF a, unsigned int options, + switch (pkt->pkttype) + { + case PKT_COMPRESSED: +- if (check_compress_algo (pkt->pkt.compressed->algorithm)) +- { +- rc = GPG_ERR_COMPR_ALGO; +- goto ready; +- } +- else +- { +- compress_filter_context_t *cfx = xmalloc_clear( sizeof *cfx ); +- pkt->pkt.compressed->buf = NULL; +- if (push_compress_filter2 (a, cfx, +- pkt->pkt.compressed->algorithm, 1)) +- xfree (cfx); /* e.g. in case of compression_algo NONE. */ +- } +- free_packet (pkt, &parsectx); +- init_packet(pkt); +- break; ++ rc = GPG_ERR_UNEXPECTED; ++ goto ready; + + case PKT_RING_TRUST: + /* Skip those packets unless we are in restore mode. */ +diff --git a/g10/mainproc.c b/g10/mainproc.c +index af11877aa257e46662c42b6ff573ee01c3ad1547..3629fc921b742afd131e8d8e2664b201095990f0 100644 +--- a/g10/mainproc.c ++++ b/g10/mainproc.c +@@ -152,6 +152,7 @@ add_onepass_sig (CTX c, PACKET *pkt) + { + kbnode_t node; + ++ log_assert(!(c->sigs_only && c->signed_data.used)); + if (c->list) /* Add another packet. */ + add_kbnode (c->list, new_kbnode (pkt)); + else /* Insert the first one. */ +@@ -1076,8 +1077,16 @@ proc_compressed (CTX c, PACKET *pkt) + int rc; + + /*printf("zip: compressed data packet\n");*/ +- if (c->sigs_only) +- rc = handle_compressed (c->ctrl, c, zd, proc_compressed_cb, c); ++ if ( literals_seen ) ++ { ++ log_error ("Compressed packet follows literal data packet\n"); ++ rc = GPG_ERR_UNEXPECTED; ++ } ++ else if ( c->sigs_only ) ++ { ++ log_assert(!c->signed_data.used); ++ rc = handle_compressed (c->ctrl, c, zd, proc_compressed_cb, c); ++ } + else if( c->encrypt_only ) + rc = handle_compressed (c->ctrl, c, zd, proc_encrypt_cb, c); + else +@@ -1596,6 +1605,7 @@ do_proc_packets (CTX c, iobuf_t a) + c->iobuf = a; + init_packet(pkt); + init_parse_packet (&parsectx, a); ++ parsectx.sigs_only = c->sigs_only && c->signed_data.used; + while ((rc=parse_packet (&parsectx, pkt)) != -1) + { + any_data = 1; +@@ -1607,6 +1617,12 @@ do_proc_packets (CTX c, iobuf_t a) + if (gpg_err_code (rc) == GPG_ERR_INV_PACKET + && opt.list_packets == 0) + break; ++ ++ if (gpg_err_code (rc) == GPG_ERR_UNEXPECTED) ++ { ++ write_status_text( STATUS_UNEXPECTED, "0" ); ++ goto leave; ++ } + continue; + } + newpkt = -1; +@@ -1644,7 +1660,9 @@ do_proc_packets (CTX c, iobuf_t a) + case PKT_COMPRESSED: rc = proc_compressed (c, pkt); break; + case PKT_ONEPASS_SIG: newpkt = add_onepass_sig (c, pkt); break; + case PKT_GPG_CONTROL: newpkt = add_gpg_control (c, pkt); break; +- default: newpkt = 0; break; ++ default: ++ log_assert(!c->signed_data.used); ++ newpkt = 0; break; + } + } + else if (c->encrypt_only) +diff --git a/g10/packet.h b/g10/packet.h +index 5a14015a16c872fe7b0b15468598daf7a05ffc02..82dfe786b46051491e7015e64441678140defa9e 100644 +--- a/g10/packet.h ++++ b/g10/packet.h +@@ -657,6 +657,7 @@ struct parse_packet_ctx_s + int free_last_pkt; /* Indicates that LAST_PKT must be freed. */ + int skip_meta; /* Skip ring trust packets. */ + unsigned int n_parsed_packets; /* Number of parsed packets. */ ++ int sigs_only; /* Only accept detached signature packets */ + }; + typedef struct parse_packet_ctx_s *parse_packet_ctx_t; + +@@ -667,6 +668,7 @@ typedef struct parse_packet_ctx_s *parse_packet_ctx_t; + (a)->free_last_pkt = 0; \ + (a)->skip_meta = 0; \ + (a)->n_parsed_packets = 0; \ ++ (a)->sigs_only = 0; \ + } while (0) + + #define deinit_parse_packet(a) do { \ +diff --git a/g10/parse-packet.c b/g10/parse-packet.c +index cea1f7ebc5daec3863ae963c1ab25500f86796fe..dca66ff427ea6778e536782ec6bda83584877342 100644 +--- a/g10/parse-packet.c ++++ b/g10/parse-packet.c +@@ -738,6 +738,20 @@ parse (parse_packet_ctx_t ctx, PACKET *pkt, int onlykeypkts, off_t * retpos, + case PKT_ENCRYPTED_MDC: + case PKT_ENCRYPTED_AEAD: + case PKT_COMPRESSED: ++ if (ctx->sigs_only) ++ { ++ log_error (_("partial length packet of type %d in detached" ++ " signature\n"), pkttype); ++ rc = gpg_error (GPG_ERR_UNEXPECTED); ++ goto leave; ++ } ++ if (onlykeypkts) ++ { ++ log_error (_("partial length packet of type %d in keyring\n"), ++ pkttype); ++ rc = gpg_error (GPG_ERR_UNEXPECTED); ++ goto leave; ++ } + iobuf_set_partial_body_length_mode (inp, c & 0xff); + pktlen = 0; /* To indicate partial length. */ + partial = 1; +@@ -775,6 +789,20 @@ parse (parse_packet_ctx_t ctx, PACKET *pkt, int onlykeypkts, off_t * retpos, + rc = gpg_error (GPG_ERR_INV_PACKET); + goto leave; + } ++ else if (ctx->sigs_only) ++ { ++ log_error (_("indeterminate length packet of type %d in detached" ++ " signature\n"), pkttype); ++ rc = gpg_error (GPG_ERR_UNEXPECTED); ++ goto leave; ++ } ++ else if (onlykeypkts) ++ { ++ log_error (_("indeterminate length packet of type %d in" ++ " keyring\n"), pkttype); ++ rc = gpg_error (GPG_ERR_UNEXPECTED); ++ goto leave; ++ } + } + else + { +@@ -828,7 +856,21 @@ parse (parse_packet_ctx_t ctx, PACKET *pkt, int onlykeypkts, off_t * retpos, + goto leave; + } + +- if (with_uid && pkttype == PKT_USER_ID) ++ if (ctx->sigs_only) ++ switch (pkttype) ++ { ++ case PKT_SIGNATURE: ++ case PKT_MARKER: ++ break; ++ default: ++ log_error(_("Packet type %d not allowed in detached signature\n"), ++ pkttype); ++ iobuf_skip_rest (inp, pktlen, partial); ++ *skip = 1; ++ rc = GPG_ERR_UNEXPECTED; ++ goto leave; ++ } ++ else if (with_uid && pkttype == PKT_USER_ID) + /* If ONLYKEYPKTS is set to 2, then we never skip user id packets, + even if DO_SKIP is set. */ + ; +-- +2.36.1 + diff --git a/nixpkgs/pkgs/tools/security/go-cve-search/default.nix b/nixpkgs/pkgs/tools/security/go-cve-search/default.nix new file mode 100644 index 000000000000..d4b231c63a18 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/go-cve-search/default.nix @@ -0,0 +1,33 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "go-cve-search"; + version = "0.1.4"; + + src = fetchFromGitHub { + owner = "s-index"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-ofa6lfA3XKj70YM6AVNKRgGI53teK7OB09luAom8HpQ="; + }; + + vendorHash = "sha256-QXYjLPrfIPcZE8UTcE1kR9QQIusR/rAJG+e/IQ4P0PU="; + + # Tests requires network access + doCheck = false; + + meta = with lib; { + description = "A lightweight CVE search tool"; + longDescription = '' + go-cve-search is a lightweight tool to search CVE (Common Vulnerabilities + and Exposures). + ''; + homepage = "https://github.com/s-index/go-cve-search"; + changelog = "https://github.com/s-index/go-cve-search/releases/tag/v${version}"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/go-dork/default.nix b/nixpkgs/pkgs/tools/security/go-dork/default.nix new file mode 100644 index 000000000000..5e6c21d2397b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/go-dork/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "go-dork"; + version = "1.0.2"; + + src = fetchFromGitHub { + owner = "dwisiswant0"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-tFmXutX3UnKAFFS4mO4PCv7Bhw1wJ7qjdA1ROryqYZU="; + }; + + vendorHash = "sha256-6V58RRRPamBMDAf0gg4sQMQkoD5dWauCFtPrwf5EasI="; + + meta = with lib; { + description = "Dork scanner"; + homepage = "https://github.com/dwisiswant0/go-dork"; + changelog = "https://github.com/dwisiswant0/go-dork/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/go-exploitdb/default.nix b/nixpkgs/pkgs/tools/security/go-exploitdb/default.nix new file mode 100644 index 000000000000..345b40fbaf14 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/go-exploitdb/default.nix @@ -0,0 +1,32 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "go-exploitdb"; + version = "0.4.5"; + + src = fetchFromGitHub { + owner = "vulsio"; + repo = "go-exploitdb"; + rev = "refs/tags/v${version}"; + hash = "sha256-iBOpgeL/cLoQufla0MpQs/0icRWUj1HngnAwOcKLSsQ="; + }; + + vendorHash = "sha256-e+E8qcc5sRlb9clOFUrOzVwJlp3AFnZ6/lNAxaBe+hQ="; + + ldflags = [ + "-s" + "-w" + "-X=github.com/vulsio/go-exploitdb/config.Version=${version}" + ]; + + meta = with lib; { + description = "Tool for searching Exploits from Exploit Databases, etc"; + homepage = "https://github.com/vulsio/go-exploitdb"; + changelog = "https://github.com/vulsio/go-exploitdb/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/go365/default.nix b/nixpkgs/pkgs/tools/security/go365/default.nix new file mode 100644 index 000000000000..381df6d74629 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/go365/default.nix @@ -0,0 +1,32 @@ +{ lib +, stdenv +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "go365"; + version = "2.0"; + + src = fetchFromGitHub { + owner = "optiv"; + repo = "Go365"; + rev = "refs/tags/v${version}"; + hash = "sha256-jmsbZrqc6XogUhuEWcU59v88id2uLqN/68URwylzWZI="; + }; + + vendorHash = "sha256-Io+69kIW4DV2EkA73pjaTcTRbDSYBf61R7F+141Jojs="; + + postInstall = lib.optionalString (!stdenv.isDarwin) '' + mv $out/bin/Go365 $out/bin/$pname + ''; + + meta = with lib; { + description = "Office 365 enumeration tool"; + homepage = "https://github.com/optiv/Go365"; + changelog = "https://github.com/optiv/Go365/releases/tag/v${version}"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + mainProgram = "Go365"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/goblob/default.nix b/nixpkgs/pkgs/tools/security/goblob/default.nix new file mode 100644 index 000000000000..401a655d65ab --- /dev/null +++ b/nixpkgs/pkgs/tools/security/goblob/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "goblob"; + version = "1.2.2"; + + src = fetchFromGitHub { + owner = "Macmod"; + repo = "goblob"; + rev = "refs/tags/v${version}"; + hash = "sha256-FnSlfLi40VwDyQY77PvhV7EbhUDs1uGx0VsgP8HgKTw="; + }; + + vendorHash = null; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "Enumeration tool for publicly exposed Azure Storage blobs"; + homepage = "https://github.com/Macmod/goblob"; + changelog = "https://github.com/Macmod/goblob/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gobuster/default.nix b/nixpkgs/pkgs/tools/security/gobuster/default.nix new file mode 100644 index 000000000000..878fa576b4cd --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gobuster/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "gobuster"; + version = "3.6.0"; + + src = fetchFromGitHub { + owner = "OJ"; + repo = "gobuster"; + rev = "refs/tags/v${version}"; + hash = "sha256-LZL9Zje2u0v6iAQinfjflvusV57ys5J5Il6Q7br3Suc="; + }; + + vendorHash = "sha256-w+G5PsWXhKipjYIHtz633sia+Wg9FSFVpcugEl8fp0E="; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "Tool used to brute-force URIs, DNS subdomains, Virtual Host names on target web servers"; + homepage = "https://github.com/OJ/gobuster"; + changelog = "https://github.com/OJ/gobuster/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ fab pamplemousse ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gomapenum/default.nix b/nixpkgs/pkgs/tools/security/gomapenum/default.nix new file mode 100644 index 000000000000..6e1da08d14f0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gomapenum/default.nix @@ -0,0 +1,29 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "gomapenum"; + version = "1.1.0"; + + src = fetchFromGitHub { + owner = "nodauf"; + repo = "GoMapEnum"; + rev = "v${version}"; + sha256 = "sha256-a0JpHk5pUe+MkcmJl871JwkOfFDg3S4yOzFIeXCReLE="; + }; + + vendorHash = "sha256-5C0dDY/42H8oHNdQaKYiuqpi2QqqgHC7VMO/0kFAofY="; + + postInstall = '' + mv $out/bin/src $out/bin/$pname + ''; + + meta = with lib; { + description = "Tools for user enumeration and password bruteforce"; + homepage = "https://github.com/nodauf/GoMapEnum"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gopass/default.nix b/nixpkgs/pkgs/tools/security/gopass/default.nix new file mode 100644 index 000000000000..92c0992c86e6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gopass/default.nix @@ -0,0 +1,78 @@ +{ lib +, stdenv +, makeWrapper +, buildGoModule +, fetchFromGitHub +, installShellFiles +, git +, gnupg +, xclip +, wl-clipboard +, passAlias ? false +}: + +buildGoModule rec { + pname = "gopass"; + version = "1.15.8"; + + nativeBuildInputs = [ installShellFiles makeWrapper ]; + + src = fetchFromGitHub { + owner = "gopasspw"; + repo = "gopass"; + rev = "v${version}"; + hash = "sha256-l8Ce0ioMnSlet+PMrQCMvyH3IvmQaE1MQSJR9myyLB8="; + }; + + vendorHash = "sha256-xyQTlbTPAC2iG8XQ4oEHBXjfXauwuBhaTbsew23nlVw="; + + subPackages = [ "." ]; + + ldflags = [ "-s" "-w" "-X main.version=${version}" "-X main.commit=${src.rev}" ]; + + wrapperPath = lib.makeBinPath ( + [ + git + gnupg + xclip + ] ++ lib.optional stdenv.isLinux wl-clipboard + ); + + postInstall = '' + installManPage gopass.1 + installShellCompletion --cmd gopass \ + --zsh zsh.completion \ + --bash bash.completion \ + --fish fish.completion + '' + lib.optionalString passAlias '' + ln -s $out/bin/gopass $out/bin/pass + ''; + + postFixup = '' + wrapProgram $out/bin/gopass \ + --prefix PATH : "${wrapperPath}" \ + --set GOPASS_NO_REMINDER true + ''; + passthru = { + inherit wrapperPath; + }; + + meta = with lib; { + description = "The slightly more awesome Standard Unix Password Manager for Teams. Written in Go"; + homepage = "https://www.gopass.pw/"; + license = licenses.mit; + maintainers = with maintainers; [ rvolosatovs sikmir ]; + changelog = "https://github.com/gopasspw/gopass/blob/v${version}/CHANGELOG.md"; + + longDescription = '' + gopass is a rewrite of the pass password manager in Go with the aim of + making it cross-platform and adding additional features. Our target + audience are professional developers and sysadmins (and especially teams + of those) who are well versed with a command line interface. One explicit + goal for this project is to make it more approachable to non-technical + users. We go by the UNIX philosophy and try to do one thing and do it + well, providing a stellar user experience and a sane, simple interface. + ''; + mainProgram = "gopass"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gopass/git-credential.nix b/nixpkgs/pkgs/tools/security/gopass/git-credential.nix new file mode 100644 index 000000000000..aac7deb19d5f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gopass/git-credential.nix @@ -0,0 +1,42 @@ +{ lib +, makeWrapper +, buildGoModule +, fetchFromGitHub +, gopass +}: + +buildGoModule rec { + pname = "git-credential-gopass"; + version = "1.15.8"; + + src = fetchFromGitHub { + owner = "gopasspw"; + repo = "git-credential-gopass"; + rev = "v${version}"; + hash = "sha256-gp/5ZBAxngQKRmr924f7ZQ4GX3uYHz2ULw1Gn+d7vug="; + }; + + vendorHash = "sha256-IXY8w5TLXA3SIT2Jyjqt+pPtZ35zQnG0wY08OB1spDw="; + + subPackages = [ "." ]; + + nativeBuildInputs = [ makeWrapper ]; + + ldflags = [ + "-s" "-w" "-X main.version=${version}" "-X main.commit=${src.rev}" + ]; + + postFixup = '' + wrapProgram $out/bin/git-credential-gopass \ + --prefix PATH : "${lib.makeBinPath [ gopass ]}" + ''; + + meta = with lib; { + description = "Manage git credentials using gopass"; + homepage = "https://github.com/gopasspw/git-credential-gopass"; + changelog = "https://github.com/gopasspw/git-credential-gopass/blob/v${version}/CHANGELOG.md"; + license = licenses.mit; + maintainers = with maintainers; [ benneti ]; + mainProgram = "git-credential-gopass"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gopass/hibp.nix b/nixpkgs/pkgs/tools/security/gopass/hibp.nix new file mode 100644 index 000000000000..590b183194eb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gopass/hibp.nix @@ -0,0 +1,42 @@ +{ lib +, makeWrapper +, buildGoModule +, fetchFromGitHub +, gopass +}: + +buildGoModule rec { + pname = "gopass-hibp"; + version = "1.15.8"; + + src = fetchFromGitHub { + owner = "gopasspw"; + repo = "gopass-hibp"; + rev = "v${version}"; + hash = "sha256-dNzvC+ubkZPHx40bVwFT2R7TMrPdeD5oJz0lAd0vtw0="; + }; + + vendorHash = "sha256-zaB8xrzqk3moR/ScXdHtqIgA9lZqWFzLWi4NAqbs0XU="; + + subPackages = [ "." ]; + + nativeBuildInputs = [ makeWrapper ]; + + ldflags = [ + "-s" "-w" "-X main.version=${version}" "-X main.commit=${src.rev}" + ]; + + postFixup = '' + wrapProgram $out/bin/gopass-hibp \ + --prefix PATH : "${lib.makeBinPath [ gopass ]}" + ''; + + meta = with lib; { + description = "Gopass haveibeenpwnd.com integration"; + homepage = "https://github.com/gopasspw/gopass-hibp"; + changelog = "https://github.com/gopasspw/gopass-hibp/blob/v${version}/CHANGELOG.md"; + license = licenses.mit; + maintainers = with maintainers; [ sikmir ]; + mainProgram = "gopass-hibp"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gopass/jsonapi.nix b/nixpkgs/pkgs/tools/security/gopass/jsonapi.nix new file mode 100644 index 000000000000..b00b4bf01479 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gopass/jsonapi.nix @@ -0,0 +1,43 @@ +{ lib +, makeWrapper +, buildGoModule +, fetchFromGitHub +, installShellFiles +, gopass +}: + +buildGoModule rec { + pname = "gopass-jsonapi"; + version = "1.15.8"; + + src = fetchFromGitHub { + owner = "gopasspw"; + repo = "gopass-jsonapi"; + rev = "v${version}"; + hash = "sha256-CL9PcztiFCCy1T7w0v2SzLmwkA6z8aPUx65ye5AJDr4="; + }; + + vendorHash = "sha256-Czlp3MyxRGcIV5uFZzF8t0JrucLzPzxyCUCtjICjPM0="; + + subPackages = [ "." ]; + + nativeBuildInputs = [ installShellFiles makeWrapper ]; + + ldflags = [ + "-s" "-w" "-X main.version=${version}" "-X main.commit=${src.rev}" + ]; + + postFixup = '' + wrapProgram $out/bin/gopass-jsonapi \ + --prefix PATH : "${gopass.wrapperPath}" + ''; + + meta = with lib; { + description = "Enables communication with gopass via JSON messages"; + homepage = "https://github.com/gopasspw/gopass-jsonapi"; + changelog = "https://github.com/gopasspw/gopass-jsonapi/blob/v${version}/CHANGELOG.md"; + license = licenses.mit; + maintainers = with maintainers; [ maxhbr ]; + mainProgram = "gopass-jsonapi"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gopass/summon.nix b/nixpkgs/pkgs/tools/security/gopass/summon.nix new file mode 100644 index 000000000000..848cff91a65d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gopass/summon.nix @@ -0,0 +1,42 @@ +{ lib +, makeWrapper +, buildGoModule +, fetchFromGitHub +, gopass +}: + +buildGoModule rec { + pname = "gopass-summon-provider"; + version = "1.15.8"; + + src = fetchFromGitHub { + owner = "gopasspw"; + repo = "gopass-summon-provider"; + rev = "v${version}"; + hash = "sha256-7Oj/1h1468zz6r3+Cv5IaIFbkrs0dPteY0SRsOZ8UXI="; + }; + + vendorHash = "sha256-IXY8w5TLXA3SIT2Jyjqt+pPtZ35zQnG0wY08OB1spDw="; + + subPackages = [ "." ]; + + nativeBuildInputs = [ makeWrapper ]; + + ldflags = [ + "-s" "-w" "-X main.version=${version}" "-X main.commit=${src.rev}" + ]; + + postFixup = '' + wrapProgram $out/bin/gopass-summon-provider \ + --prefix PATH : "${lib.makeBinPath [ gopass ]}" + ''; + + meta = with lib; { + description = "Gopass Summon Provider"; + homepage = "https://github.com/gopasspw/gopass-summon-provider"; + changelog = "https://github.com/gopasspw/gopass-summon-provider/blob/v${version}/CHANGELOG.md"; + license = licenses.mit; + maintainers = with maintainers; [ sikmir ]; + mainProgram = "gopass-summon-provider"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gorilla-bin/default.nix b/nixpkgs/pkgs/tools/security/gorilla-bin/default.nix new file mode 100644 index 000000000000..388996c62fb5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gorilla-bin/default.nix @@ -0,0 +1,41 @@ +{ fetchurl, makeWrapper, patchelf, lib, stdenv, libXft, libX11, freetype, fontconfig, libXrender, libXScrnSaver, libXext }: + +stdenv.mkDerivation rec { + pname = "gorilla-bin"; + version = "1.5.3.7"; + + src = fetchurl { + name = "gorilla1537_64.bin"; + url = "http://gorilla.dp100.com/downloads/gorilla1537_64.bin"; + sha256 = "19ir6x4c01825hpx2wbbcxkk70ymwbw4j03v8b2xc13ayylwzx0r"; + }; + + nativeBuildInputs = [ patchelf makeWrapper ]; + + unpackCmd = '' + mkdir gorilla; + cp $curSrc gorilla/gorilla-${version}; + ''; + + installPhase = let + interpreter = "$(< \"$NIX_CC/nix-support/dynamic-linker\")"; + libPath = lib.makeLibraryPath [ libXft libX11 freetype fontconfig libXrender libXScrnSaver libXext ]; + in '' + mkdir -p $out/opt/password-gorilla + mkdir -p $out/bin + cp gorilla-${version} $out/opt/password-gorilla + chmod ugo+x $out/opt/password-gorilla/gorilla-${version} + patchelf --set-interpreter "${interpreter}" "$out/opt/password-gorilla/gorilla-${version}" + makeWrapper "$out/opt/password-gorilla/gorilla-${version}" "$out/bin/gorilla" \ + --prefix LD_LIBRARY_PATH : "${libPath}" + ''; + + meta = { + description = "Password Gorilla is a Tk based password manager"; + homepage = "https://github.com/zdia/gorilla/wiki"; + maintainers = [ lib.maintainers.namore ]; + platforms = [ "x86_64-linux" ]; + sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ]; + license = lib.licenses.gpl2; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gosh/default.nix b/nixpkgs/pkgs/tools/security/gosh/default.nix new file mode 100644 index 000000000000..41ef9fa1f540 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gosh/default.nix @@ -0,0 +1,28 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "gosh"; + version = "1.0.0"; + + src = fetchFromGitHub { + owner = "redcode-labs"; + repo = "GoSH"; + rev = "refs/tags/v${version}"; + hash = "sha256-h4WqaN2okAeaU/+0fs8zLYDtyQLuLkCDdGrkGz8rdhg="; + }; + + vendorHash = "sha256-ITz6nkhttG6bsIZLsp03rcbEBHUQ7pFl4H6FOHTXIU4="; + + subPackages = [ "." ]; + + meta = with lib; { + description = "Reverse/bind shell generator"; + homepage = "https://github.com/redcode-labs/GoSH"; + license = licenses.mit; + maintainers = with maintainers; [ fab ] ++ teams.redcodelabs.members; + mainProgram = "GoSH"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gospider/default.nix b/nixpkgs/pkgs/tools/security/gospider/default.nix new file mode 100644 index 000000000000..91e940ec87eb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gospider/default.nix @@ -0,0 +1,33 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "gospider"; + version = "1.1.6"; + + src = fetchFromGitHub { + owner = "jaeles-project"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-1EnKheHaS1kxw0cjxCahT3rUWBXiqxjKefrDBI2xIvY="; + }; + + vendorHash = "sha256-egjjSEZH8F6UMbnkz3xytIzdW/oITB3RL1ddxrmvSZM="; + + # tests require internet access and API keys + doCheck = false; + + meta = with lib; { + description = "Fast web spider written in Go"; + longDescription = '' + GoSpider is a fast web crawler that parses sitemap.xml and robots.txt file. + It can generate and verify link from JavaScript files, extract URLs from + various sources and can detect subdomains from the response source. + ''; + homepage = "https://github.com/jaeles-project/gospider"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gotestwaf/default.nix b/nixpkgs/pkgs/tools/security/gotestwaf/default.nix new file mode 100644 index 000000000000..46ad8ffd952b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gotestwaf/default.nix @@ -0,0 +1,46 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, gotestwaf +, testers +}: + +buildGoModule rec { + pname = "gotestwaf"; + version = "0.4.6"; + + src = fetchFromGitHub { + owner = "wallarm"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-jiEs5/HWNZ3DmahWVC6j2eJqFyCAibp1rFS+gtK7haI="; + }; + + vendorHash = null; + + # Some tests require networking as of v0.4.0 + doCheck = false; + + ldflags = [ + "-X=github.com/wallarm/gotestwaf/internal/version.Version=v${version}" + ]; + + postFixup = '' + # Rename binary + mv $out/bin/cmd $out/bin/${pname} + ''; + + passthru.tests.version = testers.testVersion { + command = "gotestwaf --version"; + package = gotestwaf; + version = "v${version}"; + }; + + meta = with lib; { + description = "Tool for API and OWASP attack simulation"; + homepage = "https://github.com/wallarm/gotestwaf"; + changelog = "https://github.com/wallarm/gotestwaf/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gotrue/default.nix b/nixpkgs/pkgs/tools/security/gotrue/default.nix new file mode 100644 index 000000000000..112e0c4ddc6d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gotrue/default.nix @@ -0,0 +1,32 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "gotrue"; + version = "1.0.1"; + + src = fetchFromGitHub { + owner = "netlify"; + repo = pname; + rev = "v${version}"; + hash = "sha256-9h6CyCY7741tJR+qWDLwgPkAtE/kmaoTqlXEY+mOW58="; + }; + + vendorHash = "sha256-x96+l9EBzYplGRFHsfQazSjqZs35bdXQEJv3pBuaJVo="; + + ldflags = [ + "-s" + "-w" + "-X=github.com/netlify/gotrue/cmd.Version=${version}" + ]; + + # integration tests require network access + doCheck = false; + + meta = with lib; { + homepage = "https://github.com/netlify/gotrue"; + description = "An SWT based API for managing users and issuing SWT tokens"; + changelog = "https://github.com/netlify/gotrue/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ urandom ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gotrue/supabase.nix b/nixpkgs/pkgs/tools/security/gotrue/supabase.nix new file mode 100644 index 000000000000..6955f08a2264 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gotrue/supabase.nix @@ -0,0 +1,43 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, testers +, gotrue-supabase +}: + +buildGoModule rec { + pname = "gotrue"; + version = "2.99.0"; + + src = fetchFromGitHub { + owner = "supabase"; + repo = pname; + rev = "v${version}"; + hash = "sha256-OUxiAEPX1mWL4td3xdiK9420i4K9pwNdGqch/5T21BY="; + }; + + vendorHash = "sha256-r1xJka1ISahaHJOkFwjn/Nrf2EU0iGVosz8PZnH31TE="; + + ldflags = [ + "-s" + "-w" + "-X github.com/supabase/gotrue/internal/utilities.Version=${version}" + ]; + + # integration tests require network to connect to postgres database + doCheck = false; + + passthru.tests.version = testers.testVersion { + package = gotrue-supabase; + command = "gotrue version"; + inherit version; + }; + + meta = with lib; { + homepage = "https://github.com/supabase/gotrue"; + description = "A JWT based API for managing users and issuing JWT tokens"; + changelog = "https://github.com/supabase/gotrue/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ urandom ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/goverview/default.nix b/nixpkgs/pkgs/tools/security/goverview/default.nix new file mode 100644 index 000000000000..77f46526d95d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/goverview/default.nix @@ -0,0 +1,34 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "goverview"; + version = "1.0.1"; + + src = fetchFromGitHub { + owner = "j3ssie"; + repo = "goverview"; + rev = "refs/tags/v${version}"; + hash = "sha256-IgvpMuDwMK9IdPs1IRbPbpgr7xZuDX3boVT5d7Lb+3w="; + }; + + vendorHash = "sha256-i/m2s9e8PDfGmguNihynVI3Y7nAXC4weoWFXOwUVDSE="; + + ldflags = [ + "-w" + "-s" + ]; + + # Tests require network access + doCheck = false; + + meta = with lib; { + description = "Tool to get an overview of the list of URLs"; + homepage = "https://github.com/j3ssie/goverview"; + changelog = "https://github.com/j3ssie/goverview/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/govulncheck/default.nix b/nixpkgs/pkgs/tools/security/govulncheck/default.nix new file mode 100644 index 000000000000..61249d354df1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/govulncheck/default.nix @@ -0,0 +1,59 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "govulncheck"; + version = "1.0.1"; + + src = fetchFromGitHub { + owner = "golang"; + repo = "vuln"; + rev = "refs/tags/v${version}"; + hash = "sha256-cewQ03dK/k3mXevE09M01Yox/3ZWP6IrG0H4QsZMzy8="; + }; + + vendorHash = "sha256-r9XshbgVA5rppJF46SFYPad344ZHMLWTHTnL6vbIFH8="; + + subPackages = [ + "cmd/govulncheck" + ]; + + # Vendoring breaks tests + doCheck = false; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + homepage = "https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck"; + downloadPage = "https://github.com/golang/vuln"; + description = "The database client and tools for the Go vulnerability database, also known as vuln"; + longDescription = '' + Govulncheck reports known vulnerabilities that affect Go code. It uses + static analysis of source code or a binary's symbol table to narrow down + reports to only those that could affect the application. + + By default, govulncheck makes requests to the Go vulnerability database at + https://vuln.go.dev. Requests to the vulnerability database contain only + module paths, not code or other properties of your program. See + https://vuln.go.dev/privacy.html for more. Set the GOVULNDB environment + variable to specify a different database, which must implement the + specification at https://go.dev/security/vuln/database. + + Govulncheck looks for vulnerabilities in Go programs using a specific + build configuration. For analyzing source code, that configuration is the + operating system, architecture, and Go version specified by GOOS, GOARCH, + and the “go†command found on the PATH. For binaries, the build + configuration is the one used to build the binary. Note that different + build configurations may have different known vulnerabilities. For + example, a dependency with a Windows-specific vulnerability will not be + reported for a Linux build. + ''; + license = with licenses; [ bsd3 ]; + maintainers = with maintainers; [ jk SuperSandro2000 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gowitness/default.nix b/nixpkgs/pkgs/tools/security/gowitness/default.nix new file mode 100644 index 000000000000..a361c141d3a0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gowitness/default.nix @@ -0,0 +1,24 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "gowitness"; + version = "2.5.0"; + + src = fetchFromGitHub { + owner = "sensepost"; + repo = pname; + rev = version; + sha256 = "sha256-rylft6v6Np8xOm2AUtH7e/zDZQ87WNPeerXEtziSrDw="; + }; + + vendorHash = "sha256-l6jdVsKKLqEyFpz7JhkLLjVTWX1pZenlCY5UqSZVMdc="; + + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + description = "Web screenshot utility"; + homepage = "https://github.com/sensepost/gowitness"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/gpg-tui/default.nix b/nixpkgs/pkgs/tools/security/gpg-tui/default.nix new file mode 100644 index 000000000000..44f7b5dd0fc1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/gpg-tui/default.nix @@ -0,0 +1,58 @@ +{ lib +, stdenv +, rustPlatform +, fetchFromGitHub +, gpgme +, libgpg-error +, libxcb +, libxkbcommon +, pkg-config +, python3 +, AppKit +, Foundation +, libiconv +, libobjc +, libresolv +}: + +rustPlatform.buildRustPackage rec { + pname = "gpg-tui"; + version = "0.10.0"; + + src = fetchFromGitHub { + owner = "orhun"; + repo = "gpg-tui"; + rev = "v${version}"; + hash = "sha256-zTFWIIqIDMI77lg2CB1ug+GeKPVIT1OQ1p80x6tLgGg="; + }; + + cargoHash = "sha256-5qLrmU/SfUfiQOOpECTEn8K142STnbhqE3XbJFxKPZg="; + + nativeBuildInputs = [ + gpgme # for gpgme-config + libgpg-error # for gpg-error-config + pkg-config + python3 + ]; + + buildInputs = [ + gpgme + libgpg-error + libxcb + libxkbcommon + ] ++ lib.optionals stdenv.isDarwin [ + AppKit + Foundation + libiconv + libobjc + libresolv + ]; + + meta = with lib; { + description = "Terminal user interface for GnuPG"; + homepage = "https://github.com/orhun/gpg-tui"; + changelog = "https://github.com/orhun/gpg-tui/blob/${src.rev}/CHANGELOG.md"; + license = licenses.mit; + maintainers = with maintainers; [ dotlambda ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/grap/default.nix b/nixpkgs/pkgs/tools/security/grap/default.nix new file mode 100644 index 000000000000..1d77e9bf99cb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/grap/default.nix @@ -0,0 +1,51 @@ +{ lib, stdenv, fetchFromGitHub, boost, libseccomp, flex, swig4, bison, cmake, python3 }: + +stdenv.mkDerivation rec { + pname = "grap"; + version = "1.3.1"; + + src = fetchFromGitHub { + owner = "QuoSecGmbH"; + repo = "grap"; + rev = "v${version}"; + sha256 = "1fkdi7adfffxg1k4h6r9i69i3wi93s44c1j4cvr69blxsfh0mcnc"; + }; + + nativeBuildInputs = [ + bison + cmake + flex + python3 + ]; + + buildInputs = [ + boost.all + libseccomp + swig4 + ]; + + strictDeps = true; + + cmakeFlags = [ + "-DPYTHON_SITE_DIR=$out/${python3.sitePackages}" + "../src" + ]; + + postPatch = '' + substituteInPlace src/tools/grap-match/CMakeLists.txt --replace "/usr/local/bin" "$out/bin" + substituteInPlace src/tools/grap/CMakeLists.txt --replace "/usr/local/bin" "$out/bin" + ''; + + meta = with lib; { + description = "Define and match graph patterns within binaries"; + longDescription = '' + grap takes patterns and binary files, uses a Casptone-based disassembler to obtain the control flow graphs from the binaries, then matches the patterns against them. + + Patterns are user-defined graphs with instruction conditions ("opcode is xor and arg1 is eax") and repetition conditions (3 identical instructions, basic blocks...). + ''; + homepage = "https://github.com/QuoSecGmbH/grap/"; + license = licenses.mit; + maintainers = [ maintainers.s1341 ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/graphinder/default.nix b/nixpkgs/pkgs/tools/security/graphinder/default.nix new file mode 100644 index 000000000000..f0256dff7cbe --- /dev/null +++ b/nixpkgs/pkgs/tools/security/graphinder/default.nix @@ -0,0 +1,56 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "graphinder"; + version = "1.11.6"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "Escape-Technologies"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-TDc6aIFkxShlfC6fLYMKULfrFUAYhQZrIHZNDuMh68g="; + }; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + aiohttp + beautifulsoup4 + requests + setuptools + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytest-asyncio + pytest-mock + pytestCheckHook + ]; + + pythonImportsCheck = [ + "graphinder" + ]; + + disabledTests = [ + # Tests require network access + "test_domain_class" + "test_extract_file_zip" + "test_fetch_assets" + "test_full_run" + "test_init_domain_tasks" + "test_is_gql_endpoint" + ]; + + meta = with lib; { + description = "Tool to find GraphQL endpoints using subdomain enumeration"; + homepage = "https://github.com/Escape-Technologies/graphinder"; + changelog = "https://github.com/Escape-Technologies/graphinder/releases/tag/v${version}"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/graphqlmap/default.nix b/nixpkgs/pkgs/tools/security/graphqlmap/default.nix new file mode 100644 index 000000000000..84b72d3b6a16 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/graphqlmap/default.nix @@ -0,0 +1,35 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "graphqlmap"; + version = "unstable-2022-01-17"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "swisskyrepo"; + repo = "GraphQLmap"; + rev = "98997bd7cf647aac7378b72913241060464749b1"; + hash = "sha256-lGnhNwtDc8KoPlwJ1p2FYq0NQ8PhSR3HgtluU7uxa/c="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + requests + ]; + + # Tests are not available + doCheck = false; + + pythonImportsCheck = [ + "graphqlmap" + ]; + + meta = with lib; { + description = "Tool to interact with a GraphQL endpoint"; + homepage = "https://github.com/swisskyrepo/GraphQLmap"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/graphw00f/default.nix b/nixpkgs/pkgs/tools/security/graphw00f/default.nix new file mode 100644 index 000000000000..caa7586d37f6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/graphw00f/default.nix @@ -0,0 +1,37 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "graphw00f"; + version = "1.1.8"; + format = "other"; + + src = fetchFromGitHub { + owner = "dolevf"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-stTCUHt9UCu1QuxDPB8a26LsrHNttyoVd0tmS7e2t2Y="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + requests + ]; + + installPhase = '' + runHook preInstall + + install -vD main.py $out/bin/graphw00f + install -vD {conf,version}.py -t $out/${python3.sitePackages}/ + install -vD graphw00f/* -t $out/${python3.sitePackages}/graphw00f + + runHook postInstall + ''; + meta = with lib; { + description = "GraphQL Server Engine Fingerprinting utility"; + homepage = "https://github.com/dolevf/graphw00f"; + license = licenses.bsd3; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/grype/default.nix b/nixpkgs/pkgs/tools/security/grype/default.nix new file mode 100644 index 000000000000..ff996562572b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/grype/default.nix @@ -0,0 +1,109 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles +, openssl +}: + +buildGoModule rec { + pname = "grype"; + version = "0.69.1"; + + src = fetchFromGitHub { + owner = "anchore"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-AXw2mtN4FC6EKWN8dObrU04+WSHDWLY19FSWqQlkq/Q="; + # populate values that require us to use git. By doing this in postFetch we + # can delete .git afterwards and maintain better reproducibility of the src. + leaveDotGit = true; + postFetch = '' + cd "$out" + git rev-parse HEAD > $out/COMMIT + # 0000-00-00T00:00:00Z + date -u -d "@$(git log -1 --pretty=%ct)" "+%Y-%m-%dT%H:%M:%SZ" > $out/SOURCE_DATE_EPOCH + find "$out" -name .git -print0 | xargs -0 rm -rf + ''; + }; + + proxyVendor = true; + + vendorHash = "sha256-iitWThvWVfeJMLcJLgmFnVguFVF4DejObZPZ3qB5cY0="; + + nativeBuildInputs = [ + installShellFiles + ]; + + nativeCheckInputs = [ + openssl + ]; + + subPackages = [ "cmd/grype" ]; + + excludedPackages = "test/integration"; + + ldflags = [ + "-s" + "-w" + "-X=main.version=${version}" + "-X=main.gitDescription=v${version}" + "-X=main.gitTreeState=clean" + ]; + + preBuild = '' + # grype version also displays the version of the syft library used + # we need to grab it from the go.sum and add an ldflag for it + SYFT_VERSION="$(grep "github.com/anchore/syft" go.sum -m 1 | awk '{print $2}')" + ldflags+=" -X main.syftVersion=$SYFT_VERSION" + ldflags+=" -X main.gitCommit=$(cat COMMIT)" + ldflags+=" -X main.buildDate=$(cat SOURCE_DATE_EPOCH)" + ''; + + preCheck = '' + # test all dirs (except excluded) + unset subPackages + # test goldenfiles expect no version + unset ldflags + + # patch utility script + patchShebangs grype/db/test-fixtures/tls/generate-x509-cert-pair.sh + + # remove tests that depend on docker + substituteInPlace test/cli/cmd_test.go \ + --replace "TestCmd" "SkipCmd" + substituteInPlace grype/pkg/provider_test.go \ + --replace "TestSyftLocationExcludes" "SkipSyftLocationExcludes" + # remove tests that depend on git + substituteInPlace test/cli/db_validations_test.go \ + --replace "TestDBValidations" "SkipDBValidations" + substituteInPlace test/cli/registry_auth_test.go \ + --replace "TestRegistryAuth" "SkipRegistryAuth" + substituteInPlace test/cli/sbom_input_test.go \ + --replace "TestSBOMInput_FromStdin" "SkipSBOMInput_FromStdin" \ + --replace "TestSBOMInput_AsArgument" "SkipSBOMInput_AsArgument" + substituteInPlace test/cli/subprocess_test.go \ + --replace "TestSubprocessStdin" "SkipSubprocessStdin" + + # segfault + rm grype/db/v5/namespace/cpe/namespace_test.go + ''; + + postInstall = '' + installShellCompletion --cmd grype \ + --bash <($out/bin/grype completion bash) \ + --fish <($out/bin/grype completion fish) \ + --zsh <($out/bin/grype completion zsh) + ''; + + meta = with lib; { + homepage = "https://github.com/anchore/grype"; + changelog = "https://github.com/anchore/grype/releases/tag/v${version}"; + description = "Vulnerability scanner for container images and filesystems"; + longDescription = '' + As a vulnerability scanner grype is able to scan the contents of a + container image or filesystem to find known vulnerabilities. + ''; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab jk kashw2 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/haka/default.nix b/nixpkgs/pkgs/tools/security/haka/default.nix new file mode 100644 index 000000000000..b20abbb8bf20 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/haka/default.nix @@ -0,0 +1,36 @@ +{ lib, stdenv, fetchurl, cmake, swig, wireshark, check, rsync, libpcap, gawk, libedit, pcre, nixosTests }: + +let version = "0.3.0"; in + +stdenv.mkDerivation { + pname = "haka"; + inherit version; + + src = fetchurl { + name = "haka_${version}_source.tar.gz"; + url = "https://github.com/haka-security/haka/releases/download/v${version}/haka_${version}_source.tar.gz"; + sha256 = "0dm39g3k77sa70zrjsqadidg27a6iqq61jzfdxazpllnrw4mjy4w"; + }; + + env.NIX_CFLAGS_COMPILE = "-Wno-error"; + + preConfigure = '' + sed -i 's,/etc,'$out'/etc,' src/haka/haka.c + sed -i 's,/etc,'$out'/etc,' src/haka/CMakeLists.txt + sed -i 's,/opt/haka/etc,$out/opt/haka/etc,' src/haka/haka.1 + sed -i 's,/etc,'$out'/etc,' doc/user/tool_suite_haka.rst + ''; + + nativeBuildInputs = [ cmake ]; + buildInputs = [ swig wireshark check rsync libpcap gawk libedit pcre ]; + + passthru.tests = { inherit (nixosTests) haka; }; + + meta = { + description = "A collection of tools that allows capturing TCP/IP packets and filtering them based on Lua policy files"; + homepage = "http://www.haka-security.org/"; + license = lib.licenses.mpl20; + maintainers = [ lib.maintainers.tvestelind ]; + platforms = [ "x86_64-linux" "i686-linux" ]; # fails on aarch64 + }; +} diff --git a/nixpkgs/pkgs/tools/security/hakrawler/default.nix b/nixpkgs/pkgs/tools/security/hakrawler/default.nix new file mode 100644 index 000000000000..0577ceb8c103 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hakrawler/default.nix @@ -0,0 +1,29 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "hakrawler"; + version = "2.1"; + + src = fetchFromGitHub { + owner = "hakluke"; + repo = "hakrawler"; + rev = version; + hash = "sha256-ZJG5KlIlzaztG27NoSlILj0I94cm2xZq28qx1ebrSmc="; + }; + + vendorHash = "sha256-NzgFwPvuEZ2/Ks5dZNRJjzzCNPRGelQP/A6eZltqkmM="; + + meta = with lib; { + description = "Web crawler for the discovery of endpoints and assets"; + homepage = "https://github.com/hakluke/hakrawler"; + longDescription = '' + Simple, fast web crawler designed for easy, quick discovery of endpoints + and assets within a web application. + ''; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hash-identifier/default.nix b/nixpkgs/pkgs/tools/security/hash-identifier/default.nix new file mode 100644 index 000000000000..5e9b49dd73db --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hash-identifier/default.nix @@ -0,0 +1,27 @@ +{ lib, fetchFromGitLab, python3Packages }: + +python3Packages.buildPythonApplication rec { + pname = "hash-identifier"; + version = "1.2"; + + src = fetchFromGitLab { + owner = "kalilinux"; + repo = "packages/hash-identifier"; + rev = "kali/${version}+git20180314-0kali1"; + sha256 = "1amz48ijwjjkccg6gmdn3ffnyp2p52ksagy4m9gy8l2v5wj3j32h"; + }; + + format = "other"; # no setup.py + + installPhase = '' + install -Dm0775 hash-id.py $out/bin/hash-identifier + ''; + + meta = with lib; { + description = "Software to identify the different types of hashes used to encrypt data and especially passwords."; + homepage = "https://github.com/blackploit/hash-identifier"; + license = licenses.gpl3Plus; + platforms = platforms.unix; + maintainers = with maintainers; [ ethancedwards8 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hash-slinger/default.nix b/nixpkgs/pkgs/tools/security/hash-slinger/default.nix new file mode 100644 index 000000000000..0f0eeeb6b2af --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hash-slinger/default.nix @@ -0,0 +1,63 @@ +{ lib +, stdenv +, fetchFromGitHub +, python3 +, unbound +, libreswan +}: + +stdenv.mkDerivation rec { + pname = "hash-slinger"; + version = "3.3"; + + src = fetchFromGitHub { + owner = "letoams"; + repo = pname; + rev = version; + sha256 = "sha256-c6IZHUFuhcccUWZYSOUGFbKpTtwMclIvEvDX8gE5d8o="; + }; + + pythonPath = with python3.pkgs; [ + dnspython + m2crypto + python-gnupg + pyunbound + ]; + + buildInputs = [ + python3.pkgs.wrapPython + ]; + + propagatedBuildInputs = [ + unbound + libreswan + ] ++ pythonPath; + + propagatedUserEnvPkgs = [ + unbound + libreswan + ]; + + postPatch = '' + substituteInPlace Makefile \ + --replace "$(DESTDIR)/usr" "$out" + substituteInPlace ipseckey \ + --replace "/usr/sbin/ipsec" "${libreswan}/sbin/ipsec" + substituteInPlace tlsa \ + --replace "/var/lib/unbound/root" "${python3.pkgs.pyunbound}/etc/pyunbound/root" + patchShebangs * + ''; + + installPhase = '' + mkdir -p $out/bin $out/man $out/lib/${python3.libPrefix}/site-packages + make install + wrapPythonPrograms + ''; + + meta = with lib; { + description = "Various tools to generate special DNS records"; + homepage = "https://github.com/letoams/hash-slinger"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ leenaars ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hash_extender/default.nix b/nixpkgs/pkgs/tools/security/hash_extender/default.nix new file mode 100644 index 000000000000..b90dff6cd17c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hash_extender/default.nix @@ -0,0 +1,35 @@ +{ lib, stdenv, fetchFromGitHub, openssl }: + +stdenv.mkDerivation { + pname = "hash_extender"; + version = "unstable-2020-03-24"; + + src = fetchFromGitHub { + owner = "iagox86"; + repo = "hash_extender"; + rev = "cb8aaee49f93e9c0d2f03eb3cafb429c9eed723d"; + sha256 = "1fj118566hr1wv03az2w0iqknazsqqkak0mvlcvwpgr6midjqi9b"; + }; + + buildInputs = [ openssl ]; + + doCheck = true; + checkPhase = "./hash_extender --test"; + + # https://github.com/iagox86/hash_extender/issues/26 + hardeningDisable = [ "fortify3" ]; + + env.NIX_CFLAGS_COMPILE = "-Wno-error=deprecated-declarations"; + + installPhase = '' + mkdir -p $out/bin + cp hash_extender $out/bin + ''; + + meta = with lib; { + description = "Tool to automate hash length extension attacks"; + homepage = "https://github.com/iagox86/hash_extender"; + license = licenses.bsd3; + maintainers = with maintainers; [ oxzi ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hashcash/default.nix b/nixpkgs/pkgs/tools/security/hashcash/default.nix new file mode 100644 index 000000000000..f86684178fcb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hashcash/default.nix @@ -0,0 +1,31 @@ +{ lib, stdenv, fetchurl, openssl }: + +stdenv.mkDerivation rec { + pname = "hashcash"; + version = "1.22"; + + buildInputs = [ openssl ]; + + src = fetchurl { + url = "http://www.hashcash.org/source/hashcash-${version}.tgz"; + sha256 = "15kqaimwb2y8wvzpn73021bvay9mz1gqqfc40gk4hj6f84nz34h1"; + }; + + makeFlags = [ + "generic-openssl" + "LIBCRYPTO=-lcrypto" + ]; + + installFlags = [ + "INSTALL_PATH=${placeholder "out"}/bin" + "MAN_INSTALL_PATH=${placeholder "out"}/share/man/man1" + "DOC_INSTALL_PATH=${placeholder "out"}/share/doc/hashcash-$(version)" + ]; + + meta = with lib; { + description = "Proof-of-work algorithm used as spam and denial-of-service counter measure"; + homepage = "http://hashcash.org"; + license = licenses.gpl2; + maintainers = with maintainers; [ kisonecat ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hashcat-utils/default.nix b/nixpkgs/pkgs/tools/security/hashcat-utils/default.nix new file mode 100644 index 000000000000..f252c7eedce7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hashcat-utils/default.nix @@ -0,0 +1,30 @@ +{ lib, stdenv, fetchFromGitHub }: + +stdenv.mkDerivation rec { + pname = "hashcat-utils"; + version = "1.9"; + + src = fetchFromGitHub { + owner = "hashcat"; + repo = pname; + rev = "v${version}"; + sha256 = "0wgc6wv7i6cs95rgzzx3zqm14xxbjyajvcqylz8w97d8kk4x4wjr"; + }; + + sourceRoot = "${src.name}/src"; + + installPhase = '' + runHook preInstall + install -Dm0555 *.bin -t $out/bin + install -Dm0555 *.pl -t $out/bin + runHook postInstall + ''; + + meta = with lib; { + description = "Small utilities that are useful in advanced password cracking"; + homepage = "https://github.com/hashcat/hashcat-utils"; + license = licenses.mit; + platforms = platforms.unix; + maintainers = with maintainers; [ fadenb ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hashcat/default.nix b/nixpkgs/pkgs/tools/security/hashcat/default.nix new file mode 100644 index 000000000000..5a2304b5fd0b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hashcat/default.nix @@ -0,0 +1,83 @@ +{ lib, stdenv +, addOpenGLRunpath +, config +, cudaPackages ? {} +, cudaSupport ? config.cudaSupport +, fetchurl +, makeWrapper +, opencl-headers +, ocl-icd +, xxHash +, Foundation, IOKit, Metal, OpenCL, libiconv +}: + +stdenv.mkDerivation rec { + pname = "hashcat"; + version = "6.2.6"; + + src = fetchurl { + url = "https://hashcat.net/files/hashcat-${version}.tar.gz"; + sha256 = "sha256-sl4Qd7zzSQjMjxjBppouyYsEeyy88PURRNzzuh4Leyo="; + }; + + postPatch = '' + # Remove hardcoded paths on darwin + substituteInPlace src/Makefile \ + --replace "/usr/bin/ar" "ar" \ + --replace "/usr/bin/sed" "sed" \ + --replace '-i ""' '-i' + ''; + + nativeBuildInputs = [ + makeWrapper + ] ++ lib.optionals cudaSupport [ + addOpenGLRunpath + ]; + + buildInputs = [ opencl-headers xxHash ] + ++ lib.optionals stdenv.hostPlatform.isDarwin [ Foundation IOKit Metal OpenCL libiconv ]; + + makeFlags = [ + "PREFIX=${placeholder "out"}" + "COMPTIME=1337" + "VERSION_TAG=${version}" + "USE_SYSTEM_OPENCL=1" + "USE_SYSTEM_XXHASH=1" + ] ++ lib.optionals (stdenv.hostPlatform.isDarwin && stdenv.hostPlatform == stdenv.buildPlatform) [ + "IS_APPLE_SILICON='${if stdenv.hostPlatform.isAarch64 then "1" else "0"}'" + ]; + + enableParallelBuilding = true; + + preFixup = '' + for f in $out/share/hashcat/OpenCL/*.cl; do + # Rewrite files to be included for compilation at runtime for opencl offload + sed "s|#include \"\(.*\)\"|#include \"$out/share/hashcat/OpenCL/\1\"|g" -i "$f" + sed "s|#define COMPARE_\([SM]\) \"\(.*\.cl\)\"|#define COMPARE_\1 \"$out/share/hashcat/OpenCL/\2\"|g" -i "$f" + done + ''; + + postFixup = let + LD_LIBRARY_PATH = builtins.concatStringsSep ":" ([ + "${ocl-icd}/lib" + ] ++ lib.optionals cudaSupport [ + "${cudaPackages.cudatoolkit}/lib" + ]); + in '' + wrapProgram $out/bin/hashcat \ + --prefix LD_LIBRARY_PATH : ${lib.escapeShellArg LD_LIBRARY_PATH} + '' + lib.optionalString cudaSupport '' + for program in $out/bin/hashcat $out/bin/.hashcat-wrapped; do + isELF "$program" || continue + addOpenGLRunpath "$program" + done + ''; + + meta = with lib; { + description = "Fast password cracker"; + homepage = "https://hashcat.net/hashcat/"; + license = licenses.mit; + platforms = platforms.unix; + maintainers = with maintainers; [ felixalbrigtsen kierdavis zimbatm ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hashdeep/default.nix b/nixpkgs/pkgs/tools/security/hashdeep/default.nix new file mode 100644 index 000000000000..5bc752eb3611 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hashdeep/default.nix @@ -0,0 +1,40 @@ +{ lib, stdenv, fetchFromGitHub, fetchpatch, autoreconfHook }: + +stdenv.mkDerivation rec { + pname = "hashdeep"; + version = "4.4"; + + src = fetchFromGitHub { + owner = "jessek"; + repo = "hashdeep"; + rev = "release-${version}"; + sha256 = "0m2b042ndikavmplv3qjdhfj44hl1h8car83c192xi9nv5ahi7mf"; + }; + + patches = [ + (fetchpatch { + # Relevant link: <https://www.open-std.org/jtc1/sc22/wg21/docs/cwg_defects.html#1512> + # Defect report fixed in GCC 11 + # Search for "DR 1512" in <https://gcc.gnu.org/gcc-11/changes.html> + name = "fix-cpp-defect-report-1512.patch"; + url = "https://github.com/jessek/hashdeep/commit/6ef69a26126ee4e69a25392fd456b8a66c51dffd.patch"; + sha256 = "sha256-IrqcnrKINeoh56FR25FzSM1YJMkM2yFd/GwOeWGRLFo="; + }) + (fetchpatch { + # Fix the spacing between the string literals and macros, see https://github.com/jessek/hashdeep/pull/385 + name = "string-literal-spacing.patch"; + url = "https://github.com/jessek/hashdeep/commit/18a6b5d57f7a648d2b7dcc6e50ff00a1e4b05fcc.patch"; + sha256 = "sha256-S6hzC8jPtG3ozsvVq5JfAUMwqKxytLGwBAtNYNr6RJ0="; + }) + ]; + + nativeBuildInputs = [ autoreconfHook ]; + + meta = with lib; { + description = "A set of cross-platform tools to compute hashes"; + homepage = "https://github.com/jessek/hashdeep"; + license = licenses.gpl2; + maintainers = [ maintainers.karantan ]; + platforms = platforms.all; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hashrat/default.nix b/nixpkgs/pkgs/tools/security/hashrat/default.nix new file mode 100644 index 000000000000..7923021f8355 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hashrat/default.nix @@ -0,0 +1,32 @@ +{ lib +, stdenv +, fetchFromGitHub +}: + +stdenv.mkDerivation rec { + pname = "hashrat"; + version = "1.15"; + + src = fetchFromGitHub { + owner = "ColumPaget"; + repo = "Hashrat"; + rev = "v${version}"; + hash = "sha256-+3IPCJS++7CE0ZrJb62LCRrAn2J4uCF3a1oOzDoOW0w="; + }; + + configureFlags = [ "--enable-xattr" ]; + + makeFlags = [ "PREFIX=$(out)" ]; + + meta = with lib; { + description = "Command-line hash-generation utility"; + longDescription = '' + Hashing tool supporting md5,sha1,sha256,sha512,whirlpool,jh and hmac versions of these. + Includes recursive file hashing and other features. + ''; + homepage = "http://www.cjpaget.co.uk/Code/Hashrat"; + license = licenses.gpl3Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ zendo ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/haveged/default.nix b/nixpkgs/pkgs/tools/security/haveged/default.nix new file mode 100644 index 000000000000..c28ae465e0eb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/haveged/default.nix @@ -0,0 +1,46 @@ +{ lib +, stdenv +, fetchFromGitHub +}: + +stdenv.mkDerivation rec { + pname = "haveged"; + version = "1.9.18"; + + src = fetchFromGitHub { + owner = "jirka-h"; + repo = "haveged"; + rev = "v${version}"; + hash = "sha256-fyL/J2A13ap582j4gdC8u63Ah67Old+BaO/CLyEeN/g="; + }; + + strictDeps = true; + + postPatch = '' + patchShebangs ent # test shebang + ''; + + installFlags = [ + "sbindir=$(out)/bin" # no reason for us to have a $out/sbin, its just a symlink to $out/bin + ]; + + doCheck = true; + + meta = with lib; { + description = "A simple entropy daemon"; + longDescription = '' + The haveged project is an attempt to provide an easy-to-use, unpredictable + random number generator based upon an adaptation of the HAVEGE algorithm. + Haveged was created to remedy low-entropy conditions in the Linux random device + that can occur under some workloads, especially on headless servers. Current development + of haveged is directed towards improving overall reliability and adaptability while minimizing + the barriers to using haveged for other tasks. + ''; + homepage = "https://github.com/jirka-h/haveged"; + changelog = "https://raw.githubusercontent.com/jirka-h/haveged/v${version}/ChangeLog"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ domenkozar ]; + platforms = platforms.unix; + badPlatforms = platforms.darwin; # fails to build since v1.9.15 + }; +} diff --git a/nixpkgs/pkgs/tools/security/hcxdumptool/default.nix b/nixpkgs/pkgs/tools/security/hcxdumptool/default.nix new file mode 100644 index 000000000000..0633e74e76f3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hcxdumptool/default.nix @@ -0,0 +1,25 @@ +{ stdenv, lib, fetchFromGitHub, openssl }: + +stdenv.mkDerivation rec { + pname = "hcxdumptool"; + version = "6.3.1"; + + src = fetchFromGitHub { + owner = "ZerBea"; + repo = "hcxdumptool"; + rev = version; + sha256 = "sha256-FWBr0uDpefu2MCWQZrMfPJ/MUJcmk9fWMzhtTDmC0L0="; + }; + + buildInputs = [ openssl ]; + + installFlags = [ "PREFIX=$(out)" ]; + + meta = with lib; { + homepage = "https://github.com/ZerBea/hcxdumptool"; + description = "Small tool to capture packets from wlan devices"; + license = licenses.mit; + platforms = platforms.linux; + maintainers = with maintainers; [ danielfullmer ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hcxtools/default.nix b/nixpkgs/pkgs/tools/security/hcxtools/default.nix new file mode 100644 index 000000000000..fb0d921ec2f6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hcxtools/default.nix @@ -0,0 +1,28 @@ +{ lib, stdenv, fetchFromGitHub, pkg-config, curl, openssl, zlib }: + +stdenv.mkDerivation rec { + pname = "hcxtools"; + version = "6.3.1"; + + src = fetchFromGitHub { + owner = "ZerBea"; + repo = pname; + rev = version; + sha256 = "sha256-EDTxzstQwQy7MSkdi1nQis8qEm8ZPblkeOkM8B48IRE="; + }; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ curl openssl zlib ]; + + makeFlags = [ + "PREFIX=${placeholder "out"}" + ]; + + meta = with lib; { + description = "Tools for capturing wlan traffic and conversion to hashcat and John the Ripper formats"; + homepage = "https://github.com/ZerBea/hcxtools"; + license = licenses.mit; + platforms = platforms.linux; + maintainers = with maintainers; [ dywedir ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hfinger/default.nix b/nixpkgs/pkgs/tools/security/hfinger/default.nix new file mode 100644 index 000000000000..2c584f35ff4f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hfinger/default.nix @@ -0,0 +1,36 @@ +{ lib +, fetchFromGitHub +, python3 +, wireshark-cli +}: + +python3.pkgs.buildPythonApplication rec { + pname = "hfinger"; + version = "0.2.1"; + disabled = python3.pythonOlder "3.3"; + + src = fetchFromGitHub { + owner = "CERT-Polska"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-QKnrprDDBq+D8N1brkqgcfK4E+6ssvgPtRaSxkF0C84="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + fnvhash + python-magic + ] ++ [ + wireshark-cli + ]; + + # Project has no tests + doCheck = false; + pythonImportsCheck = [ "hfinger" ]; + + meta = with lib; { + description = "Fingerprinting tool for HTTP requests"; + homepage = "https://github.com/CERT-Polska/hfinger"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/himitsu-firefox/default.nix b/nixpkgs/pkgs/tools/security/himitsu-firefox/default.nix new file mode 100644 index 000000000000..46a014ce4053 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/himitsu-firefox/default.nix @@ -0,0 +1,51 @@ +{ lib +, stdenv +, fetchFromSourcehut +, hare +, himitsu +, zip +}: + +stdenv.mkDerivation rec { + pname = "himitsu-firefox"; + version = "0.3"; + + src = fetchFromSourcehut { + name = pname + "-src"; + owner = "~sircmpwn"; + repo = pname; + rev = "d6d0fdb30aefc93f6ff7d48e5737557051f1ffea"; + hash = "sha256-5RbNdEGPnfDt1KDeU2LnuRsqqqMRyV/Dh2cgEWkz4vQ="; + }; + + nativeBuildInputs = [ + hare + zip + ]; + + buildInputs = [ + himitsu + ]; + + preConfigure = '' + export HARECACHE=$(mktemp -d) + ''; + + buildFlags = [ "LIBEXECDIR=$(out)/libexec" ]; + + # Only install the native component; per the docs: + # > To install the add-on for Firefox ESR, run make install-xpi. Be advised + # > that this will probably not work. The recommended installation procedure + # > for the native extension is to install it from addons.mozilla.org instead. + installTargets = [ "install-native" ]; + installFlags = [ "PREFIX=" "DESTDIR=$(out)" ]; + + meta = with lib; { + homepage = "https://git.sr.ht/~sircmpwn/himitsu-firefox"; + description = "Himitsu integration for Firefox"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ auchter ]; + inherit (hare.meta) platforms badPlatforms; + broken = true; + }; +} diff --git a/nixpkgs/pkgs/tools/security/himitsu/default.nix b/nixpkgs/pkgs/tools/security/himitsu/default.nix new file mode 100644 index 000000000000..a29b65ae3b17 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/himitsu/default.nix @@ -0,0 +1,38 @@ +{ lib +, stdenv +, fetchFromSourcehut +, hare +, scdoc +}: + +stdenv.mkDerivation rec { + pname = "himitsu"; + version = "0.3"; + + src = fetchFromSourcehut { + name = pname + "-src"; + owner = "~sircmpwn"; + repo = pname; + rev = version; + hash = "sha256-HoAntg9aQhMmff3T3/xnor7Sf3yX9qBbZlpVfyac5o8="; + }; + + nativeBuildInputs = [ + hare + scdoc + ]; + + preConfigure = '' + export HARECACHE=$(mktemp -d) + ''; + + installFlags = [ "PREFIX=" "DESTDIR=$(out)" ]; + + meta = with lib; { + homepage = "https://himitsustore.org/"; + description = "A secret storage manager"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ auchter ]; + inherit (hare.meta) platforms badPlatforms; + }; +} diff --git a/nixpkgs/pkgs/tools/security/holehe/default.nix b/nixpkgs/pkgs/tools/security/holehe/default.nix new file mode 100644 index 000000000000..ed8146fec688 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/holehe/default.nix @@ -0,0 +1,46 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "holehe"; + version = "unstable-2023-05-18"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "megadose"; + repo = "holehe"; + rev = "bec2f582c286a4e32de4dfc1f241297f60bd8713"; + hash = "sha256-dLfuQew6cqb32r9AMubuo51A7TeaIafEdZs0OrQF7Gg="; + }; + + postPatch = '' + # https://github.com/megadose/holehe/pull/178 + substituteInPlace setup.py \ + --replace "bs4" "beautifulsoup4" + ''; + + propagatedBuildInputs = with python3.pkgs; [ + beautifulsoup4 + colorama + httpx + termcolor + tqdm + trio + ]; + + # Project has no test + doCheck = false; + + pythonImportsCheck = [ + "holehe" + ]; + + meta = with lib; { + description = "CLI to check if the mail is used on different sites"; + homepage = "https://github.com/megadose/holehe"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hologram/default.nix b/nixpkgs/pkgs/tools/security/hologram/default.nix new file mode 100644 index 000000000000..86bc4293747c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hologram/default.nix @@ -0,0 +1,30 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "hologram"; + version = "1.3"; + + src = fetchFromGitHub { + owner = "AdRoll"; + repo = "hologram"; + rev = version; + hash = "sha256-b65mplfDuwk8lEfJLKBY7BF0yGRksxHjwbEW6A7moo4="; + }; + + postPatch = '' + sed -i 's|cacheTimeout != 3600|cacheTimeout != 0|' cmd/hologram-server/main.go + + rm -f agent/metadata_service_test.go server/persistent_ldap_test.go server/server_test.go + ''; + + vendorHash = "sha256-HI5+02qSQVLy6ZKaFjy1bWtvVk5bqMBg1umu2ic5HuY="; + + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + homepage = "https://github.com/AdRoll/hologram/"; + description = "Easy, painless AWS credentials on developer laptops"; + maintainers = with maintainers; [ ]; + license = licenses.asl20; + }; +} diff --git a/nixpkgs/pkgs/tools/security/honeytrap/default.nix b/nixpkgs/pkgs/tools/security/honeytrap/default.nix new file mode 100644 index 000000000000..e0252d06f154 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/honeytrap/default.nix @@ -0,0 +1,28 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: +buildGoModule { + pname = "honeytrap"; + version = "unstable-2021-12-20"; + + src = fetchFromGitHub { + owner = "honeytrap"; + repo = "honeytrap"; + rev = "05965fc67deab17b48e43873abc5f509067ef098"; + hash = "sha256-KSVqjHlXl85JaqKiW5R86HCMdtFBwTMJkxFoySOcahs="; + }; + + vendorHash = "sha256-W8w66weYzCpZ+hmFyK2F6wdFz6aAZ9UxMhccNy1X1R8="; + + # Otherwise, will try to install a "scripts" binary; it's only used in + # dockerize.sh, which we don't care about. + subPackages = [ "." ]; + + meta = with lib; { + description = "Advanced Honeypot framework"; + homepage = "https://github.com/honeytrap/honeytrap"; + license = licenses.asl20; + maintainers = [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/honggfuzz/default.nix b/nixpkgs/pkgs/tools/security/honggfuzz/default.nix new file mode 100644 index 000000000000..3885316271b9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/honggfuzz/default.nix @@ -0,0 +1,66 @@ +{ lib +, stdenv +, fetchFromGitHub +, makeWrapper +, clang +, llvm +# TODO: switch to latest versions when 2.6 release is out to include +# https://github.com/google/honggfuzz/commit/90fdf81006614664ef05e5e3c6f94d91610f11b2 +, libbfd_2_38, libopcodes_2_38 +, libunwind +, libblocksruntime }: + +stdenv.mkDerivation rec { + pname = "honggfuzz"; + version = "2.5"; + + src = fetchFromGitHub { + owner = "google"; + repo = pname; + rev = version; + sha256 = "sha256-TkyUKmiiSAfCnfQhSOUxuce6+dRyMmHy7vFK59jPIxM="; + }; + + postPatch = '' + substituteInPlace hfuzz_cc/hfuzz-cc.c \ + --replace '"clang' '"${clang}/bin/clang' + ''; + + enableParallelBuilding = true; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ llvm ]; + propagatedBuildInputs = [ libbfd_2_38 libopcodes_2_38 libunwind libblocksruntime ]; + + makeFlags = [ "PREFIX=$(out)" ]; + + postInstall = '' + mkdir -p $out/lib + cp libhfuzz/libhfuzz.a $out/lib + cp libhfuzz/libhfuzz.so $out/lib + cp libhfcommon/libhfcommon.a $out/lib + cp libhfnetdriver/libhfnetdriver.a $out/lib + ''; + + meta = { + description = + "A security oriented, feedback-driven, evolutionary, easy-to-use fuzzer"; + longDescription = '' + Honggfuzz is a security oriented, feedback-driven, evolutionary, + easy-to-use fuzzer with interesting analysis options. It is + multi-process and multi-threaded, blazingly fast when the persistent + fuzzing mode is used and has a solid track record of uncovered security + bugs. + + Honggfuzz uses low-level interfaces to monitor processes and it will + discover and report hijacked/ignored signals from crashes. Feed it + a simple corpus directory (can even be empty for the feedback-driven + fuzzing), and it will work its way up, expanding it by utilizing + feedback-based coverage metrics. + ''; + homepage = "https://honggfuzz.dev/"; + license = lib.licenses.asl20; + platforms = lib.platforms.linux; + maintainers = with lib.maintainers; [ cpu chivay ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/hstsparser/default.nix b/nixpkgs/pkgs/tools/security/hstsparser/default.nix new file mode 100644 index 000000000000..8b4e4882f556 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/hstsparser/default.nix @@ -0,0 +1,37 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "hstsparser"; + version = "1.2.0"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "thebeanogamer"; + repo = "hstsparser"; + rev = "refs/tags/${version}"; + hash = "sha256-9ZNBzPa4mFXbao73QukEL56sM/3dg4ElOMXgNGTVh1g="; + }; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + prettytable + ]; + + pythonImportsCheck = [ + "hstsparser" + ]; + + meta = with lib; { + description = "Tool to parse Firefox and Chrome HSTS databases into forensic artifacts"; + homepage = "https://github.com/thebeanogamer/hstsparser"; + changelog = "https://github.com/thebeanogamer/hstsparser/releases/tag/${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/httpdump/default.nix b/nixpkgs/pkgs/tools/security/httpdump/default.nix new file mode 100644 index 000000000000..d745adc50d5d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/httpdump/default.nix @@ -0,0 +1,30 @@ +{ buildGoModule +, fetchFromGitHub +, lib +, libpcap +}: + +buildGoModule rec { + pname = "httpdump"; + version = "unstable-2023-05-07"; + + src = fetchFromGitHub { + owner = "hsiafan"; + repo = pname; + rev = "e971e00e0136d5c770c4fdddb1c2095327d419d8"; + hash = "sha256-3BzvIaZKBr/HHplJe5hM7u8kigmMHxCvkiVXFZopUCQ="; + }; + + vendorHash = "sha256-NKCAzx1+BkqZGeAORl7gCA7f9PSsyKxP2eggZyBB2l8="; + + propagatedBuildInputs = [ libpcap ]; + + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + description = "Parse and display HTTP traffic from network device or pcap file"; + homepage = "https://github.com/hsiafan/httpdump"; + license = with licenses; [ bsd2 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/httpx/default.nix b/nixpkgs/pkgs/tools/security/httpx/default.nix new file mode 100644 index 000000000000..4bcc379c5c9a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/httpx/default.nix @@ -0,0 +1,43 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "httpx"; + version = "1.3.5"; + + src = fetchFromGitHub { + owner = "projectdiscovery"; + repo = "httpx"; + rev = "refs/tags/v${version}"; + hash = "sha256-DayYelnimsIvM5zkUoCQcS3TiZi81MDjvys/5M2xc48="; + }; + + vendorHash = "sha256-aUQc8dv3IHTIgeg8YHcoMbT2EzBoqCj4ST2113tg73Q="; + + subPackages = [ + "cmd/httpx" + ]; + + ldflags = [ + "-s" + "-w" + ]; + + # Tests require network access + doCheck = false; + + meta = with lib; { + description = "Fast and multi-purpose HTTP toolkit"; + longDescription = '' + httpx is a fast and multi-purpose HTTP toolkit allow to run multiple + probers using retryablehttp library, it is designed to maintain the + result reliability with increased threads. + ''; + homepage = "https://github.com/projectdiscovery/httpx"; + changelog = "https://github.com/projectdiscovery/httpx/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/iaito/default.nix b/nixpkgs/pkgs/tools/security/iaito/default.nix new file mode 100644 index 000000000000..641f7edf2406 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/iaito/default.nix @@ -0,0 +1,100 @@ +{ lib +, stdenv +, fetchFromGitHub +, meson +, ninja +, pkg-config +, python3 +, qtbase +, qttools +, radare2 +, wrapQtAppsHook +}: + +let + pname = "iaito"; + version = "5.8.8"; + + main_src = fetchFromGitHub rec { + owner = "radareorg"; + repo = pname; + rev = version; + hash = "sha256-/sXdp6QpDxltesg5i2CD0K2r18CrbGZmmI7HqULvFfA="; + name = repo; + }; + + translations_src = fetchFromGitHub rec { + owner = "radareorg"; + repo = "iaito-translations"; + rev = "e66b3a962a7fc7dfd730764180011ecffbb206bf"; + hash = "sha256-6NRTZ/ydypsB5TwbivvwOH9TEMAff/LH69hCXTvMPp8="; + name = repo; + }; +in + +stdenv.mkDerivation rec { + inherit pname version; + + srcs = [ main_src translations_src ]; + sourceRoot = "${main_src.name}/src"; + + postUnpack = '' + chmod -R u+w ${translations_src.name} + ''; + + postPatch = '' + substituteInPlace common/ResourcePaths.cpp \ + --replace "/app/share/iaito/translations" "$out/share/iaito/translations" + ''; + + nativeBuildInputs = [ + meson + ninja + pkg-config + python3 + qttools + wrapQtAppsHook + ]; + + buildInputs = [ + qtbase + radare2 + ]; + + # the radare2 binary package seems to not install all necessary headers. + env.NIX_CFLAGS_COMPILE = toString [ "-I" "${radare2.src}/shlr/sdb/include/sdb" ]; + + postBuild = '' + pushd ../../../${translations_src.name} + make build -j$NIX_BUILD_CORES PREFIX=$out + popd + ''; + + installPhase = '' + runHook preInstall + + install -m755 -Dt $out/bin iaito + install -m644 -Dt $out/share/metainfo ../org.radare.iaito.appdata.xml + install -m644 -Dt $out/share/applications ../org.radare.iaito.desktop + install -m644 -Dt $out/share/pixmaps ../img/iaito-o.svg + + pushd ../../../${translations_src.name} + make install -j$NIX_BUILD_CORES PREFIX=$out + popd + + runHook postInstall + ''; + + meta = with lib; { + description = "An official graphical interface of radare2"; + longDescription = '' + iaito is the official graphical interface of radare2. It's the + continuation of Cutter for radare2 after the Rizin fork. + ''; + homepage = "https://radare.org/n/iaito.html"; + changelog = "https://github.com/radareorg/iaito/releases/tag/${version}"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ azahi ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ibm-sw-tpm2/default.nix b/nixpkgs/pkgs/tools/security/ibm-sw-tpm2/default.nix new file mode 100644 index 000000000000..012d492aacad --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ibm-sw-tpm2/default.nix @@ -0,0 +1,39 @@ +{ stdenv, fetchurl, lib, openssl }: + +stdenv.mkDerivation rec { + pname = "ibm-sw-tpm2"; + version = "1682"; + + src = fetchurl { + url = "mirror://sourceforge/ibmswtpm2/ibmtpm${version}.tar.gz"; + hash = "sha256-PLZC+HGheyPVCwRuX5X0ScIodBX8HnrrS9u4kg28s48="; + }; + + buildInputs = [ openssl ]; + + sourceRoot = "src"; + + prePatch = '' + # Fix hardcoded path to GCC. + substituteInPlace makefile --replace /usr/bin/gcc "${stdenv.cc}/bin/cc" + + # Remove problematic default CFLAGS. + substituteInPlace makefile \ + --replace -Werror "" \ + --replace -O0 "" \ + --replace -ggdb "" + ''; + + installPhase = '' + mkdir -p $out/bin + cp tpm_server $out/bin + ''; + + meta = with lib; { + description = "IBM's Software TPM 2.0, an implementation of the TCG TPM 2.0 specification"; + homepage = "https://sourceforge.net/projects/ibmswtpm2/"; + platforms = platforms.linux; + maintainers = with maintainers; [ delroth ]; + license = licenses.bsd3; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ic-keysmith/default.nix b/nixpkgs/pkgs/tools/security/ic-keysmith/default.nix new file mode 100644 index 000000000000..c3fd58933a3b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ic-keysmith/default.nix @@ -0,0 +1,22 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "keysmith"; + version = "1.6.2"; + + src = fetchFromGitHub { + owner = "dfinity"; + repo = "keysmith"; + rev = "v${version}"; + sha256 = "sha256-+wYWIoPYc7qpTRS4Zlxp50Up8obZOmfQpiT0SWwVJE0="; + }; + + vendorHash = "sha256-rIH10TRWOgmJM8bnKXYTsmmAtlrMMxHc8rnaCmMJGdw="; + + meta = with lib; { + description = "Hierarchical Deterministic Key Derivation for the Internet Computer"; + homepage = "https://github.com/dfinity/keysmith"; + license = licenses.mit; + maintainers = with maintainers; [ imalison ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ifdnfc/default.nix b/nixpkgs/pkgs/tools/security/ifdnfc/default.nix new file mode 100644 index 000000000000..34c140023ac2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ifdnfc/default.nix @@ -0,0 +1,45 @@ +{ lib, stdenv, fetchFromGitHub , pkg-config +, pcsclite +, autoreconfHook +, libnfc +}: + +stdenv.mkDerivation { + pname = "ifdnfc"; + version = "2016-03-01"; + + src = fetchFromGitHub { + owner = "nfc-tools"; + repo = "ifdnfc"; + rev = "0e48e8e"; + sha256 = "1cxnvhhlcbm8h49rlw5racspb85fmwqqhd3gzzpzy68vrs0b37vg"; + }; + nativeBuildInputs = [ pkg-config autoreconfHook ]; + buildInputs = [ pcsclite libnfc ]; + + configureFlags = [ "--prefix=$(out)" ]; + makeFlags = [ "DESTDIR=/" "usbdropdir=$(out)/pcsc/drivers" ]; + + meta = with lib; { + description = "PC/SC IFD Handler based on libnfc"; + longDescription = + '' libnfc Interface Plugin to be used in <code>services.pcscd.plugins</code>. + It provides support for all readers which are not supported by ccid but by libnfc. + + For activating your reader you need to run + <code>ifdnfc-activate yes<code> with this package in your + <code>environment.systemPackages</code> + + To use your reader you may need to blacklist your reader kernel modules: + <code>boot.blacklistedKernelModules = [ "pn533" "pn533_usb" "nfc" ];</code> + + Supports the pn533 smart-card reader chip which is for example used in + the SCM SCL3711. + ''; + homepage = "https://github.com/nfc-tools/ifdnfc"; + license = licenses.gpl3; + platforms = platforms.linux; + maintainers = with maintainers; [ makefu ]; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/ike-scan/default.nix b/nixpkgs/pkgs/tools/security/ike-scan/default.nix new file mode 100644 index 000000000000..3c6374cab9a3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ike-scan/default.nix @@ -0,0 +1,47 @@ +{ lib +, autoreconfHook +, fetchFromGitHub +, fetchpatch +, openssl +, stdenv +}: + +stdenv.mkDerivation rec { + pname = "ike-scan"; + version = "1.9.5"; + + src = fetchFromGitHub { + owner = "royhills"; + repo = pname; + rev = version; + sha256 = "sha256-mbfg8p3y4aKoXpmLuF9GXAMPEqV5CsvetwGCRDJ9UNY="; + }; + + nativeBuildInputs = [ + autoreconfHook + openssl + ]; + + configureFlags = [ "--with-openssl=${openssl.dev}" ]; + + patches = [ + # Using the same patches as for the Fedora RPM + (fetchpatch { + # Memory leaks, https://github.com/royhills/ike-scan/pull/15 + url = "https://github.com/royhills/ike-scan/pull/15/commits/d864811de08dcddd65ac9b8d0f2acf5d7ddb9dea.patch"; + sha256 = "0wbrq89dl8js7cdivd0c45hckmflan33cpgc3qm5s3az6r4mjljm"; + }) + ]; + + meta = with lib; { + description = "Tool to discover, fingerprint and test IPsec VPN servers"; + longDescription = '' + ike-scan is a command-line tool that uses the IKE protocol to discover, + fingerprint and test IPsec VPN servers. + ''; + homepage = "https://github.com/royhills/ike-scan"; + license = with licenses; [ gpl3Plus ]; + platforms = platforms.linux; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/imdshift/default.nix b/nixpkgs/pkgs/tools/security/imdshift/default.nix new file mode 100644 index 000000000000..c33e0878cd4d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/imdshift/default.nix @@ -0,0 +1,39 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "imdshift"; + version = "1.0.0"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "ayushpriya10"; + repo = "IMDShift"; + rev = "refs/tags/v${version}"; + hash = "sha256-Uoa0uNOhCkT622Yy8GEg8jz9k5zmtXwGmvdb3MVTLX8="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + boto3 + click + prettytable + tqdm + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "IMDShift" + ]; + + meta = with lib; { + description = "Tool to migrate workloads to IMDSv2"; + homepage = "https://github.com/ayushpriya10/IMDShift"; + changelog = "https://github.com/ayushpriya10/IMDShift/releases/tag/v${version}"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/inql/default.nix b/nixpkgs/pkgs/tools/security/inql/default.nix new file mode 100644 index 000000000000..272e28292ac8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/inql/default.nix @@ -0,0 +1,41 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "inql"; + version = "4.0.6"; + + src = fetchFromGitHub { + owner = "doyensec"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-DFGJHqdrCmOZn8GdY5SZ1PrOhuIsMLoK+2Fry9WkRiY="; + }; + + postPatch = '' + # To set the version a full git checkout would be needed + substituteInPlace setup.py \ + --replace "version=version()," "version='${version}'," + ''; + + propagatedBuildInputs = with python3.pkgs; [ + stickytape + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "inql" + ]; + + meta = with lib; { + description = "Security testing tool for GraphQL"; + homepage = "https://github.com/doyensec/inql"; + changelog = "https://github.com/doyensec/inql/releases/tag/v${version}"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ioc-scan/default.nix b/nixpkgs/pkgs/tools/security/ioc-scan/default.nix new file mode 100644 index 000000000000..0fea93dc5081 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ioc-scan/default.nix @@ -0,0 +1,43 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "ioc-scan"; + version = "1.5.0"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "cisagov"; + repo = "ioc-scanner"; + rev = "refs/tags/v${version}"; + hash = "sha256-dRrLd41HVVHJse7nkem8Cy+ltfJRnJiWrX/WShMfcOw="; + }; + + postPatch = '' + substituteInPlace pytest.ini \ + --replace " --cov" "" + ''; + + propagatedBuildInputs = with python3.pkgs; [ + docopt + ]; + + nativeCheckInputs = with python3.pkgs; [ + pyfakefs + pytestCheckHook + ]; + + pythonImportsCheck = [ + "ioc_scan" + ]; + + meta = with lib; { + description = "Tool to search a filesystem for indicators of compromise (IoC)"; + homepage = "https://github.com/cisagov/ioc-scanner"; + changelog = "https://github.com/cisagov/ioc-scanner/releases/tag/v${version}"; + license = with licenses; [ cc0 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ioccheck/default.nix b/nixpkgs/pkgs/tools/security/ioccheck/default.nix new file mode 100644 index 000000000000..fc457e0c7fd4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ioccheck/default.nix @@ -0,0 +1,93 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +let + py = python3.override { + packageOverrides = self: super: { + emoji = super.emoji.overridePythonAttrs rec { + version = "1.7.0"; + + src = fetchFromGitHub { + owner = "carpedm20"; + repo = "emoji"; + rev = "v${version}"; + sha256 = "sha256-vKQ51RP7uy57vP3dOnHZRSp/Wz+YDzeLUR8JnIELE/I="; + }; + }; + + # Support for later tweepy releases is missing + # https://github.com/ranguli/ioccheck/issues/70 + tweepy = super.tweepy.overridePythonAttrs rec { + version = "3.10.0"; + + src = fetchFromGitHub { + owner = "tweepy"; + repo = "tweepy"; + rev = "v${version}"; + sha256 = "0k4bdlwjna6f1k19jki4xqgckrinkkw8b9wihzymr1l04rwd05nw"; + }; + doCheck = false; + }; + }; + }; +in +with py.pkgs; + +buildPythonApplication rec { + pname = "ioccheck"; + version = "unstable-2021-09-29"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "ranguli"; + repo = pname; + rev = "db02d921e2519b77523a200ca2d78417802463db"; + hash = "sha256-qf5tHIpbj/BfrzUST+EzohKh1hUg09KwF+vT0tj1+FE="; + }; + + nativeBuildInputs = with py.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with py.pkgs; [ + backoff + click + emoji + jinja2 + pyfiglet + ratelimit + requests + shodan + tabulate + termcolor + tweepy + vt-py + ]; + + nativeCheckInputs = with py.pkgs; [ + pytestCheckHook + ]; + + postPatch = '' + # Can be removed with the next release + substituteInPlace pyproject.toml \ + --replace '"hurry.filesize" = "^0.9"' "" \ + --replace 'vt-py = ">=0.6.1,<0.8.0"' 'vt-py = ">=0.6.1"' \ + --replace 'backoff = "^1.10.0"' 'backoff = ">=1.10.0"' \ + --replace 'termcolor = "^1.1.0"' 'termcolor = "*"' \ + --replace 'tabulate = "^0.8.9"' 'tabulate = "*"' + ''; + + pythonImportsCheck = [ + "ioccheck" + ]; + + meta = with lib; { + description = "Tool for researching IOCs"; + homepage = "https://github.com/ranguli/ioccheck"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ipscan/default.nix b/nixpkgs/pkgs/tools/security/ipscan/default.nix new file mode 100644 index 000000000000..72a44a4ab8a1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ipscan/default.nix @@ -0,0 +1,54 @@ +{ lib +, stdenv +, fetchurl +, jdk +, jre +, swt +, makeWrapper +, xorg +, dpkg +}: + +stdenv.mkDerivation rec { + pname = "ipscan"; + version = "3.9.1"; + + src = fetchurl { + url = "https://github.com/angryip/ipscan/releases/download/${version}/ipscan_${version}_amd64.deb"; + hash = "sha256-UPkUwZV3NIeVfL3yYvqOhm4X5xW+40GOlZGy8WGhYmk="; + }; + + sourceRoot = "."; + unpackCmd = "${dpkg}/bin/dpkg-deb -x $src ."; + + nativeBuildInputs = [ makeWrapper ]; + + buildInputs = [ jdk ]; + + installPhase = '' + mkdir -p $out/share + cp usr/lib/ipscan/ipscan-linux64-${version}.jar $out/share/${pname}-${version}.jar + + makeWrapper ${jre}/bin/java $out/bin/ipscan \ + --prefix LD_LIBRARY_PATH : "$out/lib/:${lib.makeLibraryPath [ swt xorg.libXtst ]}" \ + --add-flags "-Xmx256m -cp $out/share/${pname}-${version}.jar:${swt}/jars/swt.jar net.azib.ipscan.Main" + + mkdir -p $out/share/applications + cp usr/share/applications/ipscan.desktop $out/share/applications/ipscan.desktop + substituteInPlace $out/share/applications/ipscan.desktop --replace "/usr/bin" "$out/bin" + + mkdir -p $out/share/pixmaps + cp usr/share/pixmaps/ipscan.png $out/share/pixmaps/ipscan.png + ''; + + meta = with lib; { + description = "Angry IP Scanner - fast and friendly network scanner"; + homepage = "https://angryip.org"; + downloadPage = "https://github.com/angryip/ipscan/releases/tag/${version}"; + changelog = "https://github.com/angryip/ipscan/blob/${version}/CHANGELOG"; + sourceProvenance = with sourceTypes; [ binaryBytecode ]; + license = licenses.gpl2Only; + platforms = [ "x86_64-linux" ]; + maintainers = with maintainers; [ kylesferrazza totoroot ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/isolate/default.nix b/nixpkgs/pkgs/tools/security/isolate/default.nix new file mode 100644 index 000000000000..ae975dc78ae9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/isolate/default.nix @@ -0,0 +1,49 @@ +{ lib +, stdenv +, fetchFromGitHub +, asciidoc +, libcap +, installShellFiles +}: + +stdenv.mkDerivation rec { + pname = "isolate"; + version = "1.10"; + + src = fetchFromGitHub { + owner = "ioi"; + repo = "isolate"; + rev = "v${version}"; + hash = "sha256-fuv9HOw0XkRBRjwAp4b6LpoB5p7a+yo66AcT3B0yQUw="; + }; + + nativeBuildInputs = [ + asciidoc + installShellFiles + ]; + + buildInputs = [ + libcap.dev + ]; + + buildFlags = [ + "isolate" + "isolate.1" + ]; + + installPhase = '' + runHook preInstall + + install -Dm755 ./isolate $out/bin/isolate + installManPage isolate.1 + + runHook postInstall + ''; + + meta = { + description = "Sandbox for securely executing untrusted programs"; + homepage = "https://github.com/ioi/isolate"; + license = lib.licenses.gpl2Plus; + maintainers = with lib.maintainers; [ virchau13 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/jadx/default.nix b/nixpkgs/pkgs/tools/security/jadx/default.nix new file mode 100644 index 000000000000..10f67d5f0b35 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/jadx/default.nix @@ -0,0 +1,158 @@ +{ lib +, stdenv +, fetchFromGitHub +, gradle +, jdk +, makeWrapper +, perl +, imagemagick +, makeDesktopItem +, copyDesktopItems +, desktopToDarwinBundle +}: + +let + pname = "jadx"; + version = "1.4.7"; + + src = fetchFromGitHub { + owner = "skylot"; + repo = pname; + rev = "v${version}"; + hash = "sha256-3t2e3WfH/ohkdGWlfV3t9oHJ1Q6YM6nSLOgmzgJEkls="; + }; + + deps = stdenv.mkDerivation { + name = "${pname}-deps"; + inherit src; + + nativeBuildInputs = [ gradle jdk perl ]; + + buildPhase = '' + export GRADLE_USER_HOME=$(mktemp -d) + export JADX_VERSION=${version} + gradle --no-daemon jar + + # Apparently, Gradle won't cache the `compileOnlyApi` dependency + # `org.jetbrains:annotations:22.0.0` which is defined in + # `io.github.skylot:raung-common`. To make it available in the + # output, we patch `build.gradle` and run Gradle again. + substituteInPlace build.gradle \ + --replace 'org.jetbrains:annotations:23.0.0' 'org.jetbrains:annotations:22.0.0' + gradle --no-daemon jar + ''; + + # Mavenize dependency paths + # e.g. org.codehaus.groovy/groovy/2.4.0/{hash}/groovy-2.4.0.jar -> org/codehaus/groovy/groovy/2.4.0/groovy-2.4.0.jar + installPhase = '' + find $GRADLE_USER_HOME/caches/modules-2 -type f -regex '.*\.\(jar\|pom\)' \ + | perl -pe 's#(.*/([^/]+)/([^/]+)/([^/]+)/[0-9a-f]{30,40}/([^/\s]+))$# ($x = $2) =~ tr|\.|/|; "install -Dm444 $1 \$out/$x/$3/$4/$5" #e' \ + | sh + + # Work around okio-2.10.0 bug, fixed in 3.0. Remove "-jvm" from filename. + # https://github.com/square/okio/issues/954 + mv $out/com/squareup/okio/okio/2.10.0/okio{-jvm,}-2.10.0.jar + ''; + + outputHashMode = "recursive"; + outputHash = "sha256-QebPRmfLtXy4ZlyKeGC5XNzhMTsYI0X36My+nTFvQpM="; + }; +in stdenv.mkDerivation (finalAttrs: { + inherit pname version src; + + nativeBuildInputs = [ gradle jdk imagemagick makeWrapper copyDesktopItems ] + ++ lib.optionals stdenv.hostPlatform.isDarwin [ desktopToDarwinBundle ]; + + # Otherwise, Gradle fails with `java.net.SocketException: Operation not permitted` + __darwinAllowLocalNetworking = true; + + buildPhase = '' + # The installDist Gradle build phase tries to copy some dependency .jar + # files multiple times into the build directory. This ends up failing when + # the dependencies are read directly from the Nix store since they are not + # marked as chmod +w. To work around this, get a local copy of the + # dependency store, and give write permissions. + depsDir=$(mktemp -d) + cp -R ${deps}/* $depsDir + chmod -R u+w $depsDir + + gradleInit=$(mktemp) + cat >$gradleInit <<EOF + gradle.projectsLoaded { + rootProject.allprojects { + buildscript { + repositories { + clear() + maven { url '$depsDir' } + } + } + repositories { + clear() + maven { url '$depsDir' } + } + } + } + + settingsEvaluated { settings -> + settings.pluginManagement { + repositories { + maven { url '$depsDir' } + } + } + } + EOF + + export GRADLE_USER_HOME=$(mktemp -d) + export JADX_VERSION=${version} + gradle --offline --no-daemon --info --init-script $gradleInit pack + ''; + + installPhase = '' + runHook preInstall + + mkdir $out $out/bin + cp -R build/jadx/lib $out + for prog in jadx jadx-gui; do + cp build/jadx/bin/$prog $out/bin + wrapProgram $out/bin/$prog --set JAVA_HOME ${jdk.home} + done + + for size in 16 32 48; do + install -Dm444 \ + jadx-gui/src/main/resources/logos/jadx-logo-"$size"px.png \ + $out/share/icons/hicolor/"$size"x"$size"/apps/jadx.png + done + for size in 64 128 256; do + mkdir -p $out/share/icons/hicolor/"$size"x"$size"/apps + convert -resize "$size"x"$size" jadx-gui/src/main/resources/logos/jadx-logo.png $out/share/icons/hicolor/"$size"x"$size"/apps/jadx.png + done + + runHook postInstall + ''; + + desktopItems = [ + (makeDesktopItem { + name = "jadx"; + desktopName = "JADX"; + exec = "jadx-gui"; + icon = "jadx"; + comment = finalAttrs.meta.description; + categories = [ "Development" "Utility" ]; + }) + ]; + + meta = with lib; { + description = "Dex to Java decompiler"; + longDescription = '' + Command line and GUI tools for produce Java source code from Android Dex + and Apk files. + ''; + sourceProvenance = with sourceTypes; [ + fromSource + binaryBytecode # deps + ]; + license = licenses.asl20; + platforms = platforms.unix; + maintainers = with maintainers; [ delroth ]; + }; +}) diff --git a/nixpkgs/pkgs/tools/security/jaeles/default.nix b/nixpkgs/pkgs/tools/security/jaeles/default.nix new file mode 100644 index 000000000000..5ab635b35ac2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/jaeles/default.nix @@ -0,0 +1,29 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "jaeles"; + version = "0.17.1"; + + src = fetchFromGitHub { + owner = "jaeles-project"; + repo = pname; + rev = "beta-v${version}"; + hash = "sha256-IGvIjO1nCilg2sPyScGTH5Zmv0rORlGwRv3NRxQk+aM="; + }; + + vendorHash = "sha256-/Ow2qdcFduZ2ZyUUfCqpZxSh9yy3+tI/2N9Wl1fKXVI="; + + # Tests want to download signatures + doCheck = false; + + meta = with lib; { + description = "Tool for automated Web application testing"; + homepage = "https://github.com/jaeles-project/jaeles"; + changelog = "https://github.com/jaeles-project/jaeles/releases/tag/beta-v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/jd-cli/default.nix b/nixpkgs/pkgs/tools/security/jd-cli/default.nix new file mode 100644 index 000000000000..367851a0d434 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/jd-cli/default.nix @@ -0,0 +1,32 @@ +{ lib, fetchFromGitHub, jre, makeWrapper, maven }: + +maven.buildMavenPackage rec { + pname = "jd-cli"; + version = "1.2.1"; + + src = fetchFromGitHub { + owner = "intoolswetrust"; + repo = pname; + rev = "${pname}-${version}"; + hash = "sha256-rRttA5H0A0c44loBzbKH7Waoted3IsOgxGCD2VM0U/Q="; + }; + + mvnHash = "sha256-1zn980QP48fWvm45HR1yDHdyzHYPkl/P0RpII+Zu+xc="; + + nativeBuildInputs = [ makeWrapper ]; + + installPhase = '' + mkdir -p $out/bin $out/share/jd-cli + install -Dm644 jd-cli/target/jd-cli.jar $out/share/jd-cli + + makeWrapper ${jre}/bin/java $out/bin/jd-cli \ + --add-flags "-jar $out/share/jd-cli/jd-cli.jar" + ''; + + meta = with lib; { + description = "Simple command line wrapper around JD Core Java Decompiler project"; + homepage = "https://github.com/intoolswetrust/jd-cli"; + license = licenses.gpl3; + maintainers = with maintainers; [ majiir ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/jd-gui/default.nix b/nixpkgs/pkgs/tools/security/jd-gui/default.nix new file mode 100644 index 000000000000..2663af4ed620 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/jd-gui/default.nix @@ -0,0 +1,134 @@ +{ lib +, stdenv +, fetchFromGitHub +, fetchpatch +, jre +, jdk +, gradle_6 +, makeDesktopItem +, copyDesktopItems +, perl +, writeText +, runtimeShell +}: + +let + pname = "jd-gui"; + version = "1.6.6"; + + src = fetchFromGitHub { + owner = "java-decompiler"; + repo = pname; + rev = "v${version}"; + hash = "sha256-QHiZPYFwDQzbXVSuhwzQqBRXlkG9QVU+Jl6SKvBoCwQ="; + }; + + patches = [ + # https://github.com/java-decompiler/jd-gui/pull/362 + (fetchpatch { + name = "nebula-plugin-gradle-6-compatibility.patch"; + url = "https://github.com/java-decompiler/jd-gui/commit/91f805f9dc8ce0097460e63c8095ccea870687e6.patch"; + hash = "sha256-9eaM9Mx2FaKIhGSOHjATKN/CrtvJeXyrH8Mdx8LNtpE="; + }) + ]; + + deps = stdenv.mkDerivation { + name = "${pname}-deps"; + inherit src patches; + + nativeBuildInputs = [ jdk perl gradle_6 ]; + + buildPhase = '' + export GRADLE_USER_HOME=$(mktemp -d); + gradle --no-daemon jar + ''; + + # Mavenize dependency paths + # e.g. org.codehaus.groovy/groovy/2.4.0/{hash}/groovy-2.4.0.jar -> org/codehaus/groovy/groovy/2.4.0/groovy-2.4.0.jar + installPhase = '' + find $GRADLE_USER_HOME/caches/modules-2 -type f -regex '.*\.\(jar\|pom\)' \ + | perl -pe 's#(.*/([^/]+)/([^/]+)/([^/]+)/[0-9a-f]{30,40}/([^/\s]+))$# ($x = $2) =~ tr|\.|/|; "install -Dm444 $1 \$out/$x/$3/$4/$5" #e' \ + | sh + ''; + + outputHashAlgo = "sha256"; + outputHashMode = "recursive"; + outputHash = "sha256-gqUyZE+MoZRYCcJx95Qc4dZIC3DZvxee6UQhpfveDI4="; + }; + + # Point to our local deps repo + gradleInit = writeText "init.gradle" '' + logger.lifecycle 'Replacing Maven repositories with ${deps}...' + + gradle.projectsLoaded { + rootProject.allprojects { + buildscript { + repositories { + clear() + maven { url '${deps}' } + } + } + repositories { + clear() + maven { url '${deps}' } + } + } + } + ''; + + desktopItem = makeDesktopItem { + name = "jd-gui"; + exec = "jd-gui %F"; + icon = "jd-gui"; + comment = "Java Decompiler JD-GUI"; + desktopName = "JD-GUI"; + genericName = "Java Decompiler"; + mimeTypes = [ "application/java" "application/java-vm" "application/java-archive" ]; + categories = [ "Development" "Debugger" ]; + startupWMClass = "org-jd-gui-App"; + }; + +in stdenv.mkDerivation rec { + inherit pname version src patches; + name = "${pname}-${version}"; + + nativeBuildInputs = [ jdk gradle_6 copyDesktopItems ]; + + buildPhase = '' + export GRADLE_USER_HOME=$(mktemp -d) + gradle --offline --no-daemon --info --init-script ${gradleInit} jar + ''; + + installPhase = let + jar = "$out/share/jd-gui/${name}.jar"; + in '' + runHook preInstall + + mkdir -p $out/bin $out/share/{jd-gui,icons/hicolor/128x128/apps} + cp build/libs/${name}.jar ${jar} + cp src/linux/resources/jd_icon_128.png $out/share/icons/hicolor/128x128/apps/jd-gui.png + + cat > $out/bin/jd-gui <<EOF + #!${runtimeShell} + export JAVA_HOME=${jre} + exec ${jre}/bin/java -jar ${jar} "\$@" + EOF + chmod +x $out/bin/jd-gui + + runHook postInstall + ''; + + desktopItems = [ desktopItem ]; + + meta = with lib; { + description = "Fast Java Decompiler with powerful GUI"; + homepage = "https://java-decompiler.github.io/"; + sourceProvenance = with sourceTypes; [ + fromSource + binaryBytecode # deps + ]; + license = licenses.gpl3; + platforms = platforms.unix; + maintainers = [ maintainers.thoughtpolice ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/john/default.nix b/nixpkgs/pkgs/tools/security/john/default.nix new file mode 100644 index 000000000000..745b027a057e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/john/default.nix @@ -0,0 +1,91 @@ +{ lib, stdenv, fetchFromGitHub, openssl, nss, nspr, libkrb5, gmp, zlib, libpcap, re2 +, gcc, python3Packages, perl, perlPackages, makeWrapper, fetchpatch +}: + +stdenv.mkDerivation rec { + pname = "john"; + version = "1.9.0-jumbo-1"; + + src = fetchFromGitHub { + owner = "openwall"; + repo = pname; + rev = "1.9.0-Jumbo-1"; + sha256 = "sha256-O1iPh5QTMjZ78sKvGbvSpaHFbBuVc1z49UKTbMa24Rs="; + }; + + patches = [ + (fetchpatch { + name = "fix-gcc-11-struct-allignment-incompatibility.patch"; + url = "https://github.com/openwall/john/commit/154ee1156d62dd207aff0052b04c61796a1fde3b.patch"; + sha256 = "sha256-3rfS2tu/TF+KW2MQiR+bh4w/FVECciTooDQNTHNw31A="; + }) + (fetchpatch { + name = "improve-apple-clang-pseudo-intrinsics-portability.patch"; + url = "https://github.com/openwall/john/commit/c9825e688d1fb9fdd8942ceb0a6b4457b0f9f9b4.patch"; + excludes = [ "doc/*" ]; + sha256 = "sha256-hgoiz7IgR4f66fMP7bV1F8knJttY8g2Hxyk3QfkTu+g="; + }) + ]; + + postPatch = '' + sed -ri -e ' + s!^(#define\s+CFG_[A-Z]+_NAME\s+).*/!\1"'"$out"'/etc/john/! + /^#define\s+JOHN_SYSTEMWIDE/s!/usr!'"$out"'! + ' src/params.h + sed -ri -e '/^\.include/ { + s!\$JOHN!'"$out"'/etc/john! + s!^(\.include\s*)<([^./]+\.conf)>!\1"'"$out"'/etc/john/\2"! + }' run/*.conf + ''; + + preConfigure = '' + cd src + # Makefile.in depends on AS and LD being set to CC, which is set by default in configure.ac. + # This ensures we override the environment variables set in cc-wrapper/setup-hook.sh + export AS=$CC + export LD=$CC + ''; + configureFlags = [ + "--disable-native-tests" + "--with-systemwide" + ]; + + buildInputs = [ openssl nss nspr libkrb5 gmp zlib libpcap re2 ]; + nativeBuildInputs = [ gcc python3Packages.wrapPython perl makeWrapper ]; + propagatedBuildInputs = (with python3Packages; [ dpkt scapy lxml ]) ++ # For pcap2john.py + (with perlPackages; [ DigestMD4 DigestSHA1 GetoptLong # For pass_gen.pl + CompressRawLzma # For 7z2john.pl + perlldap ]); # For sha-dump.pl + # TODO: Get dependencies for radius2john.pl and lion2john-alt.pl + + # gcc -DAC_BUILT -Wall vncpcap2john.o memdbg.o -g -lpcap -fopenmp -o ../run/vncpcap2john + # gcc: error: memdbg.o: No such file or directory + enableParallelBuilding = false; + + postInstall = '' + mkdir -p "$out/bin" "$out/etc/john" "$out/share/john" "$out/share/doc/john" "$out/share/john/rules" "$out/${perlPackages.perl.libPrefix}" + find -L ../run -mindepth 1 -maxdepth 1 -type f -executable \ + -exec cp -d {} "$out/bin" \; + cp -vt "$out/etc/john" ../run/*.conf + cp -vt "$out/share/john" ../run/*.chr ../run/password.lst + cp -vt "$out/share/john/rules" ../run/rules/*.rule + cp -vrt "$out/share/doc/john" ../doc/* + cp -vt "$out/${perlPackages.perl.libPrefix}" ../run/lib/* + ''; + + postFixup = '' + wrapPythonPrograms + + for i in $out/bin/*.pl; do + wrapProgram "$i" --prefix PERL5LIB : "$PERL5LIB:$out/${perlPackages.perl.libPrefix}" + done + ''; + + meta = with lib; { + description = "John the Ripper password cracker"; + license = licenses.gpl2Plus; + homepage = "https://github.com/openwall/john/"; + maintainers = with maintainers; [ offline matthewbauer ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/joincap/default.nix b/nixpkgs/pkgs/tools/security/joincap/default.nix new file mode 100644 index 000000000000..1589602ac062 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/joincap/default.nix @@ -0,0 +1,36 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, libpcap +}: + +buildGoModule rec { + pname = "joincap"; + version = "0.10.2"; + + src = fetchFromGitHub { + owner = "assafmo"; + repo = "joincap"; + rev = "v${version}"; + hash = "sha256-Xli9G/VkDWKkc+7mldmLfvigvPPcdcToc4e15uoadDQ="; + }; + + vendorHash = "sha256-YsLIbt3uiA1d08yIEhSRdep1+52AxRvbIzDHlhc5s7Y="; + + buildInputs = [ + libpcap + ]; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "Merge multiple pcap files together, gracefully"; + homepage = "https://github.com/assafmo/joincap"; + changelog = "https://github.com/assafmo/joincap/blob/${version}/CHANGELOG.md"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/jsluice/default.nix b/nixpkgs/pkgs/tools/security/jsluice/default.nix new file mode 100644 index 000000000000..18a386c94b0d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/jsluice/default.nix @@ -0,0 +1,30 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "jsluice"; + version = "unstable-2023-06-23"; + + src = fetchFromGitHub { + owner = "BishopFox"; + repo = "jsluice"; + rev = "f10429e1016a9573da0157eacde8f7feb9deb8c7"; + hash = "sha256-l9rwC1ljtt7Q+FYKdQFhtnLJDS8OwMJXIIpZgya0zwU="; + }; + + vendorHash = "sha256-u4E+b/vChXArovtaZ4LODaINWit86i5K4GyHLR0JSyU="; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "Tool for extracting URLs, paths, secrets, and other data from JavaScript source code"; + homepage = "https://github.com/BishopFox/jsluice"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/jsubfinder/default.nix b/nixpkgs/pkgs/tools/security/jsubfinder/default.nix new file mode 100644 index 000000000000..328c81143d1c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/jsubfinder/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "jsubfinder"; + version = "unstable-2022-05-31"; + + src = fetchFromGitHub { + owner = "ThreatUnkown"; + repo = pname; + rev = "e21de1ebc174bb69485f1c224e8063c77d87e4ad"; + hash = "sha256-QjRYJyk0uFGa6FCCYK9SIJhoyam4ALsQJ26DsmbNk8s="; + }; + + vendorHash = "sha256-pr4KkszyzEl+yLJousx29tr7UZDJf0arEfXBb7eumww="; + + meta = with lib; { + description = "Tool to search for in Javascript hidden subdomains and secrets"; + homepage = "https://github.com/ThreatUnkown/jsubfinder"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/jwt-cli/default.nix b/nixpkgs/pkgs/tools/security/jwt-cli/default.nix new file mode 100644 index 000000000000..6d970dca9519 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/jwt-cli/default.nix @@ -0,0 +1,32 @@ +{ lib, stdenv, fetchFromGitHub, rustPlatform, Security }: + +rustPlatform.buildRustPackage rec { + pname = "jwt-cli"; + version = "6.0.0"; + + src = fetchFromGitHub { + owner = "mike-engel"; + repo = pname; + rev = version; + sha256 = "sha256-EzXpiJGTAlTDHJwl7FwIsDHMqStj2PLD1PHmv0flBKc="; + }; + + cargoHash = "sha256-l1W+eYuKnMPN2wPhYPXo5ixUz2bX+FZnDazk+FbxquU="; + + buildInputs = lib.optional stdenv.isDarwin Security; + + doInstallCheck = true; + installCheckPhase = '' + $out/bin/jwt --version > /dev/null + $out/bin/jwt decode eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c \ + | grep -q 'John Doe' + ''; + + meta = with lib; { + description = "Super fast CLI tool to decode and encode JWTs"; + homepage = "https://github.com/mike-engel/jwt-cli"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ rycee ]; + mainProgram = "jwt"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/jwt-hack/default.nix b/nixpkgs/pkgs/tools/security/jwt-hack/default.nix new file mode 100644 index 000000000000..351414b25eee --- /dev/null +++ b/nixpkgs/pkgs/tools/security/jwt-hack/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "jwt-hack"; + version = "1.1.2"; + + src = fetchFromGitHub { + owner = "hahwul"; + repo = pname; + rev = "v${version}"; + hash = "sha256-K0ZtEi0zAKRlIGvorrXmtmkcMvyLIXWPnVMQANZbClk="; + }; + + vendorHash = "sha256-VYh3oRy8bmtXf6AnLNi/M2kA6t+crW3AXBiGovpdt8U="; + + meta = with lib; { + description = "Tool for attacking JWT"; + homepage = "https://github.com/hahwul/jwt-hack"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/jwx/default.nix b/nixpkgs/pkgs/tools/security/jwx/default.nix new file mode 100644 index 000000000000..efe847e5fa01 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/jwx/default.nix @@ -0,0 +1,27 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "jwx"; + version = "2.0.14"; + + src = fetchFromGitHub { + owner = "lestrrat-go"; + repo = pname; + rev = "v${version}"; + hash = "sha256-EtfxlSWYlfWme/t89IuvcNl11X3JL2K2rcKHAumisEw="; + }; + + vendorHash = "sha256-o3EHPIXGLz/io0d8jhl9cxzctP3CeOjEDMQl1SY9lXg="; + + sourceRoot = "${src.name}/cmd/jwx"; + + meta = with lib; { + description = " Implementation of various JWx (Javascript Object Signing and Encryption/JOSE) technologies"; + homepage = "https://github.com/lestrrat-go/jwx"; + license = licenses.mit; + maintainers = with maintainers; [ arianvp flokli ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/katana/default.nix b/nixpkgs/pkgs/tools/security/katana/default.nix new file mode 100644 index 000000000000..04ae5c74ad1b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/katana/default.nix @@ -0,0 +1,28 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "katana"; + version = "1.0.4"; + + src = fetchFromGitHub { + owner = "projectdiscovery"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-wpGRpgRJtywkTJ3YBk5TzXc2taPPWjOhj+Kg8hAgm7M="; + }; + + vendorHash = "sha256-qqivaKipe7lfUq3Neod8JMvtMVQN4O03JpDMSMHf8YY="; + + subPackages = [ "cmd/katana" ]; + + meta = with lib; { + description = "A next-generation crawling and spidering framework"; + homepage = "https://github.com/projectdiscovery/katana"; + changelog = "https://github.com/projectdiscovery/katana/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ dit7ya ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kbs2/default.nix b/nixpkgs/pkgs/tools/security/kbs2/default.nix new file mode 100644 index 000000000000..3e9a726651a6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kbs2/default.nix @@ -0,0 +1,55 @@ +{ lib +, stdenv +, rustPlatform +, fetchFromGitHub +, installShellFiles +, python3 +, libxcb +, AppKit +, SystemConfiguration +}: + +rustPlatform.buildRustPackage rec { + pname = "kbs2"; + version = "0.7.2"; + + src = fetchFromGitHub { + owner = "woodruffw"; + repo = pname; + rev = "v${version}"; + hash = "sha256-o8/ENAWzVqs7rokST6xnyu9Q/pKqq/UnKWOFRuIuGes="; + }; + + cargoHash = "sha256-LcnvCWGVdBxhDgQDoGHXRppGeEpfjOv/F0dZMN2bOF8="; + + nativeBuildInputs = [ installShellFiles ] + ++ lib.optionals stdenv.isLinux [ python3 ]; + + buildInputs = [ ] + ++ lib.optionals stdenv.isLinux [ libxcb ] + ++ lib.optionals stdenv.isDarwin [ SystemConfiguration AppKit ]; + + preCheck = '' + export HOME=$TMPDIR + ''; + + checkFlags = [ "--skip=kbs2::config::tests::test_find_config_dir" ] + ++ lib.optionals stdenv.isDarwin [ "--skip=test_ragelib_rewrap_keyfile" ]; + + postInstall = '' + mkdir -p $out/share/kbs2 + cp -r contrib/ $out/share/kbs2 + installShellCompletion --cmd kbs2 \ + --bash <($out/bin/kbs2 --completions bash) \ + --fish <($out/bin/kbs2 --completions fish) \ + --zsh <($out/bin/kbs2 --completions zsh) + ''; + + meta = with lib; { + description = "A secret manager backed by age"; + homepage = "https://github.com/woodruffw/kbs2"; + changelog = "https://github.com/woodruffw/kbs2/blob/v${version}/CHANGELOG.md"; + license = licenses.mit; + maintainers = [ maintainers.marsam ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kdigger/default.nix b/nixpkgs/pkgs/tools/security/kdigger/default.nix new file mode 100644 index 000000000000..82070c89447a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kdigger/default.nix @@ -0,0 +1,74 @@ +{ lib +, stdenv +, buildGoModule +, fetchFromGitHub +, installShellFiles +}: + +buildGoModule rec { + pname = "kdigger"; + version = "1.5.0"; + + src = fetchFromGitHub { + owner = "quarkslab"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-/F1wmP1hfhrAmx2jJtAn02LkTabi0RJu36T/oW3tyZw="; + # populate values that require us to use git. By doing this in postFetch we + # can delete .git afterwards and maintain better reproducibility of the src. + leaveDotGit = true; + postFetch = '' + cd "$out" + git rev-parse HEAD > $out/COMMIT + find "$out" -name .git -print0 | xargs -0 rm -rf + ''; + }; + vendorHash = "sha256-rDJFowbOj77n/sBoDgFEF+2PgghxufvIgzbMqrHehws="; + + nativeBuildInputs = [ installShellFiles ]; + + # static to be easily copied into containers since it's an in-pod pen-testing tool + CGO_ENABLED = 0; + + ldflags = [ + "-s" + "-w" + "-X github.com/quarkslab/kdigger/commands.VERSION=v${version}" + "-X github.com/quarkslab/kdigger/commands.BUILDERARCH=${stdenv.hostPlatform.linuxArch}" + ]; + + preBuild = '' + ldflags+=" -X github.com/quarkslab/kdigger/commands.GITCOMMIT=$(cat COMMIT)" + ''; + + postInstall = '' + installShellCompletion --cmd kdigger \ + --bash <($out/bin/kdigger completion bash) \ + --fish <($out/bin/kdigger completion fish) \ + --zsh <($out/bin/kdigger completion zsh) + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + + $out/bin/kdigger --help + + runHook postInstallCheck + ''; + + meta = with lib; { + homepage = "https://github.com/quarkslab/kdigger"; + changelog = "https://github.com/quarkslab/kdigger/releases/tag/v${version}"; + description = "An in-pod context discovery tool for Kubernetes penetration testing"; + longDescription = '' + kdigger, short for "Kubernetes digger", is a context discovery tool for + Kubernetes penetration testing. This tool is a compilation of various + plugins called buckets to facilitate pentesting Kubernetes from inside a + pod. + ''; + license = licenses.asl20; + maintainers = with maintainers; [ jk ]; + platforms = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/keepwn/default.nix b/nixpkgs/pkgs/tools/security/keepwn/default.nix new file mode 100644 index 000000000000..9720e14d7a50 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/keepwn/default.nix @@ -0,0 +1,44 @@ +{ lib +, stdenv +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "keepwn"; + version = "0.1"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "Orange-Cyberdefense"; + repo = "KeePwn"; + rev = "refs/tags/${version}"; + hash = "sha256-s+r6QEUzkzCbs5j1G+PVgDx8cvnmQzEQ1MHAakG+skA="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + chardet + impacket + lxml + termcolor + ]; + + postInstall = lib.optionalString (!stdenv.isDarwin) '' + mv $out/bin/KeePwn $out/bin/$pname + ''; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "keepwn" + ]; + + meta = with lib; { + description = "Tool to automate KeePass discovery and secret extraction"; + homepage = "https://github.com/Orange-Cyberdefense/KeePwn"; + changelog = "https://github.com/Orange-Cyberdefense/KeePwn/releases/tag/${version}"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kepler/default.nix b/nixpkgs/pkgs/tools/security/kepler/default.nix new file mode 100644 index 000000000000..f4a229030f1d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kepler/default.nix @@ -0,0 +1,47 @@ +{ lib +, stdenv +, darwin +, fetchFromGitHub +, openssl +, pkg-config +, postgresql +, rustPlatform +, zstd +}: + +rustPlatform.buildRustPackage rec { + pname = "kepler"; + version = "unstable-2023-07-19"; + + src = fetchFromGitHub { + owner = "Exein-io"; + repo = "kepler"; + rev = "9f4f9c617f2477850ed70f1b1d7387807c35d26c"; + hash = "sha256-jmQ88flSMrS0CB7GNj1Ee60HZgroDKTwLk0i/kg6gVM="; + }; + + cargoHash = "sha256-+WLb4DsAW6tnO0KdtD9zMnYCEb1t0onZqFhnqhbIStU="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + openssl + postgresql + zstd + ] ++ lib.optionals stdenv.isDarwin [ + darwin.apple_sdk.frameworks.Security + ]; + + env = { + ZSTD_SYS_USE_PKG_CONFIG = true; + }; + + meta = with lib; { + description = "NIST-based CVE lookup store and API powered by Rust"; + homepage = "https://github.com/Exein-io/kepler"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kerbrute/default.nix b/nixpkgs/pkgs/tools/security/kerbrute/default.nix new file mode 100644 index 000000000000..dbadde6129d8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kerbrute/default.nix @@ -0,0 +1,29 @@ +{ lib, python3, fetchPypi }: + +python3.pkgs.buildPythonApplication rec { + pname = "kerbrute"; + version = "0.0.2"; + + src = fetchPypi { + inherit pname version; + sha256 = "sha256-ok/yttRSkCaEdV4aM2670qERjgDBll6Oi3L5TV5YEEA="; + }; + + # This package does not have any tests + doCheck = false; + + propagatedBuildInputs = with python3.pkgs; [ + impacket + ]; + + installChechPhase = '' + $out/bin/kerbrute --version + ''; + + meta = { + homepage = "https://github.com/TarlogicSecurity/kerbrute"; + description = "Kerberos bruteforce utility"; + license = lib.licenses.gpl3Only; + maintainers = with lib.maintainers; [ applePrincess ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kestrel/default.nix b/nixpkgs/pkgs/tools/security/kestrel/default.nix new file mode 100644 index 000000000000..8384fa920498 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kestrel/default.nix @@ -0,0 +1,39 @@ +{ lib +, fetchFromGitHub +, rustPlatform +, installShellFiles +}: + +rustPlatform.buildRustPackage rec { + pname = "kestrel"; + version = "0.11.0"; + + src = fetchFromGitHub { + owner = "finfet"; + repo = pname; + rev = "v${version}"; + hash = "sha256-l9YYzwyi7POXbCxRmmhULO2YJauNJBfRGuXYU3uZQN4="; + }; + + cargoHash = "sha256-XqyFGxTNQyY1ryTbL9/9s1WVP4bVk/zbG9xNdddLX10="; + + nativeBuildInputs = [ + installShellFiles + ]; + + postInstall = '' + installManPage docs/man/kestrel.1 + installShellCompletion --bash --name ${pname} completion/kestrel.bash-completion + ''; + + meta = with lib; { + description = "File encryption done right"; + longDescription = " + Kestrel is a data-at-rest file encryption program + that lets you encrypt files to anyone with a public key. + "; + homepage = "https://getkestrel.com"; + license = licenses.bsd3; + maintainers = with maintainers; [ zendo ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/keybase/default.nix b/nixpkgs/pkgs/tools/security/keybase/default.nix new file mode 100644 index 000000000000..28665e618d04 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/keybase/default.nix @@ -0,0 +1,42 @@ +{ stdenv, substituteAll, lib, buildGoModule, fetchFromGitHub +, AVFoundation, AudioToolbox, ImageIO, CoreMedia +, Foundation, CoreGraphics, MediaToolbox, gnupg +}: + +buildGoModule rec { + pname = "keybase"; + version = "6.2.2"; + + modRoot = "go"; + subPackages = [ "kbnm" "keybase" ]; + + dontRenameImports = true; + + src = fetchFromGitHub { + owner = "keybase"; + repo = "client"; + rev = "v${version}"; + hash = "sha256-1vJCuAkJmehFcVYLwp3UIlQiGji7mHVczCBtXq9Fl68="; + }; + vendorHash = "sha256-tXEEVEfjoKub2A4m7F3hDc5ABJ+R+axwX1+1j7e3BAM="; + + patches = [ + (substituteAll { + src = ./fix-paths-keybase.patch; + gpg = "${gnupg}/bin/gpg"; + gpg2 = "${gnupg}/bin/gpg2"; + }) + ]; + + buildInputs = lib.optionals stdenv.isDarwin [ AVFoundation AudioToolbox ImageIO CoreMedia Foundation CoreGraphics MediaToolbox ]; + tags = [ "production" ]; + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + homepage = "https://www.keybase.io/"; + description = "The Keybase official command-line utility and service"; + platforms = platforms.linux ++ platforms.darwin; + maintainers = with maintainers; [ avaq carlsverre np rvolosatovs Br1ght0ne shofius ]; + license = licenses.bsd3; + }; +} diff --git a/nixpkgs/pkgs/tools/security/keybase/fix-paths-keybase.patch b/nixpkgs/pkgs/tools/security/keybase/fix-paths-keybase.patch new file mode 100644 index 000000000000..b3de7bbb530d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/keybase/fix-paths-keybase.patch @@ -0,0 +1,16 @@ +diff --git a/go/libkb/gpg_cli.go b/go/libkb/gpg_cli.go +index 3c7c6257..ae8f7e2f 100644 +--- a/go/libkb/gpg_cli.go ++++ b/go/libkb/gpg_cli.go +@@ -54,9 +54,9 @@ func (g *GpgCLI) Configure(mctx MetaContext) (err error) { + if len(prog) > 0 { + err = canExec(prog) + } else { +- prog, err = exec.LookPath("gpg2") ++ prog, err = exec.LookPath("@gpg2@") + if err != nil { +- prog, err = exec.LookPath("gpg") ++ prog, err = exec.LookPath("@gpg@") + } + } + if err != nil { diff --git a/nixpkgs/pkgs/tools/security/keybase/gui.nix b/nixpkgs/pkgs/tools/security/keybase/gui.nix new file mode 100644 index 000000000000..15bc22a7f1bb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/keybase/gui.nix @@ -0,0 +1,117 @@ +{ stdenv, lib, fetchurl, alsa-lib, atk, cairo, cups, udev, libdrm, mesa +, dbus, expat, fontconfig, freetype, gdk-pixbuf, glib, gtk3, libappindicator-gtk3 +, libnotify, nspr, nss, pango, systemd, xorg, autoPatchelfHook, wrapGAppsHook +, runtimeShell, gsettings-desktop-schemas }: + +let + versionSuffix = "20230726175256.4464bfb32d"; +in + +stdenv.mkDerivation rec { + pname = "keybase-gui"; + version = "6.2.2"; # Find latest version from https://prerelease.keybase.io/deb/dists/stable/main/binary-amd64/Packages + + src = fetchurl { + url = "https://s3.amazonaws.com/prerelease.keybase.io/linux_binaries/deb/keybase_${version + "-" + versionSuffix}_amd64.deb"; + hash = "sha256-X3BJksdddTdxeUqVjzcq3cDRGRqmaYE7Z+eXtHoqbkg="; + }; + + nativeBuildInputs = [ + autoPatchelfHook + wrapGAppsHook + ]; + + buildInputs = [ + alsa-lib + atk + cairo + cups + dbus + expat + fontconfig + freetype + gdk-pixbuf + glib + gsettings-desktop-schemas + gtk3 + libappindicator-gtk3 + libnotify + nspr + nss + pango + systemd + xorg.libX11 + xorg.libXScrnSaver + xorg.libXcomposite + xorg.libXcursor + xorg.libXdamage + xorg.libXext + xorg.libXfixes + xorg.libXi + xorg.libXrandr + xorg.libXrender + xorg.libXtst + xorg.libxcb + libdrm + mesa.out + ]; + + runtimeDependencies = [ + (lib.getLib udev) + libappindicator-gtk3 + ]; + + dontBuild = true; + dontConfigure = true; + dontPatchELF = true; + + unpackPhase = '' + ar xf $src + tar xf data.tar.xz + ''; + + installPhase = '' + mkdir -p $out/bin + mv usr/share $out/share + mv opt/keybase $out/share/ + + cat > $out/bin/keybase-gui <<EOF + #!${runtimeShell} + + checkFailed() { + if [ "\$NIX_SKIP_KEYBASE_CHECKS" = "1" ]; then + return + fi + echo "Set NIX_SKIP_KEYBASE_CHECKS=1 if you want to skip this check." >&2 + exit 1 + } + + if [ ! -S "\$XDG_RUNTIME_DIR/keybase/keybased.sock" ]; then + echo "Keybase service doesn't seem to be running." >&2 + echo "You might need to run: keybase service" >&2 + checkFailed + fi + + if [ -z "\$(keybase status | grep kbfsfuse)" ]; then + echo "Could not find kbfsfuse client in keybase status." >&2 + echo "You might need to run: kbfsfuse" >&2 + checkFailed + fi + + exec $out/share/keybase/Keybase "\$@" + EOF + chmod +x $out/bin/keybase-gui + + substituteInPlace $out/share/applications/keybase.desktop \ + --replace run_keybase $out/bin/keybase-gui + ''; + + meta = with lib; { + homepage = "https://www.keybase.io/"; + description = "The Keybase official GUI"; + platforms = [ "x86_64-linux" ]; + maintainers = with maintainers; [ avaq rvolosatovs puffnfresh np Br1ght0ne shofius ]; + sourceProvenance = with sourceTypes; [ binaryNativeCode ]; + license = licenses.bsd3; + }; +} diff --git a/nixpkgs/pkgs/tools/security/keybase/kbfs.nix b/nixpkgs/pkgs/tools/security/keybase/kbfs.nix new file mode 100644 index 000000000000..3c508e86f76f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/keybase/kbfs.nix @@ -0,0 +1,20 @@ +{ lib, buildGoModule, keybase }: + +buildGoModule { + pname = "kbfs"; + + inherit (keybase) src version vendorHash; + + modRoot = "go"; + subPackages = [ "kbfs/kbfsfuse" "kbfs/redirector" "kbfs/kbfsgit/git-remote-keybase" ]; + + tags = [ "production" ]; + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + homepage = "https://keybase.io/docs/kbfs"; + description = "The Keybase filesystem"; + maintainers = with maintainers; [ avaq rvolosatovs bennofs np shofius ]; + license = licenses.bsd3; + }; +} diff --git a/nixpkgs/pkgs/tools/security/keycard-cli/default.nix b/nixpkgs/pkgs/tools/security/keycard-cli/default.nix new file mode 100644 index 000000000000..851a0dac9031 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/keycard-cli/default.nix @@ -0,0 +1,28 @@ +{ lib, stdenv, buildGoModule, fetchFromGitHub, pkg-config, pcsclite }: + +buildGoModule rec { + pname = "keycard-cli"; + version = "0.7.0"; + + src = fetchFromGitHub { + owner = "status-im"; + repo = pname; + rev = version; + hash = "sha256-K2XxajprpPjfIs8rrnf2coIEQjPnir9/U0fTvqV2++g="; + }; + + vendorHash = "sha256-3XzWOiZF2WNs2pdumYN9bphvBKY+rrjuT+wWhB2pwT0="; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ pcsclite ]; + + ldflags = [ "-s" "-w" "-X main.version=${version}" ]; + + meta = with lib; { + description = "A command line tool and shell to manage keycards"; + homepage = "https://keycard.status.im"; + license = licenses.mpl20; + maintainers = [ maintainers.zimbatm ]; + broken = stdenv.isDarwin; # never built on Hydra https://hydra.nixos.org/job/nixpkgs/trunk/keycard-cli.x86_64-darwin + }; +} diff --git a/nixpkgs/pkgs/tools/security/keyscope/default.nix b/nixpkgs/pkgs/tools/security/keyscope/default.nix new file mode 100644 index 000000000000..31d97256f0e7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/keyscope/default.nix @@ -0,0 +1,49 @@ +{ lib +, rustPlatform +, fetchFromGitHub +, pkg-config +, openssl +, stdenv +, DiskArbitration +, Foundation +, IOKit +, Security +}: + +rustPlatform.buildRustPackage rec { + pname = "keyscope"; + version = "1.3.0"; + + src = fetchFromGitHub { + owner = "spectralops"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-SrBtgirg52q7gM3GZsJsV8ASACvb4sYv5HDbyItpjbk="; + }; + + cargoSha256 = "sha256-MFP3AqlfaclmZxRwaWFw6hsZwCQMRKJEyFEyUN+QLqo="; + + nativeBuildInputs = [ pkg-config ]; + + buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ + DiskArbitration + Foundation + IOKit + Security + ]; + + # build script tries to get information from git + postPatch = '' + echo "fn main() {}" > build.rs + ''; + + VERGEN_GIT_SEMVER = "v${version}"; + + meta = with lib; { + description = "A key and secret workflow (validation, invalidation, etc.) tool"; + homepage = "https://github.com/spectralops/keyscope"; + changelog = "https://github.com/spectralops/keyscope/blob/v${version}/CHANGELOG.md"; + license = licenses.asl20; + maintainers = with maintainers; [ figsoda ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kiterunner/default.nix b/nixpkgs/pkgs/tools/security/kiterunner/default.nix new file mode 100644 index 000000000000..5f73ba055902 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kiterunner/default.nix @@ -0,0 +1,39 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "kiterunner"; + version = "1.0.2"; + + src = fetchFromGitHub { + owner = "assetnote"; + repo = pname; + rev = "v${version}"; + hash = "sha256-vIYPpkbqyk0zH10DGp2FF0aI4lFpsZavulBIiR/3kiA="; + }; + + vendorHash = "sha256-fgtDP6X84iPO2Tcwq5jl8700PDKixJlIihgNaPX/n9k="; + + ldflags = [ + "-s" "-w" "-X github.com/assetnote/kiterunner/cmd/kiterunner/cmd.Version=${version}" + ]; + + subPackages = [ "./cmd/kiterunner" ]; + + # Test data is missing in the repo + doCheck = false; + + meta = with lib; { + description = "Contextual content discovery tool"; + longDescription = '' + Kiterunner is a tool that is capable of not only performing traditional + content discovery at lightning fast speeds, but also bruteforcing routes + and endpoints in modern applications. + ''; + homepage = "https://github.com/assetnote/kiterunner"; + license = with licenses; [ agpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/knockpy/default.nix b/nixpkgs/pkgs/tools/security/knockpy/default.nix new file mode 100644 index 000000000000..a3342e0b3809 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/knockpy/default.nix @@ -0,0 +1,41 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "knockpy"; + version = "6.1.0"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "guelfoweb"; + repo = "knock"; + rev = "refs/tags/${version}"; + hash = "sha256-O4tXq4pDzuTBEGAls2I9bfBRdHssF4rFBec4OtfUx6A="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + beautifulsoup4 + colorama + matplotlib + networkx + pyqt5 + requests + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "knockpy" + ]; + + meta = with lib; { + description = "Tool to scan subdomains"; + homepage = "https://github.com/guelfoweb/knock"; + changelog = "https://github.com/guelfoweb/knock/releases/tag/${version}"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/knowsmore/default.nix b/nixpkgs/pkgs/tools/security/knowsmore/default.nix new file mode 100644 index 000000000000..d9a806ef2a58 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/knowsmore/default.nix @@ -0,0 +1,55 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "knowsmore"; + version = "0.1.37"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "helviojunior"; + repo = "knowsmore"; + rev = "refs/tags/v${version}"; + hash = "sha256-UxBoWK3L4u9xSQaGGHpzvs/mRlmhF3EqiS/4BYyTKos="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + aioconsole + ansi2image + beautifulsoup4 + clint + colorama + impacket + levenshtein + minikerberos + neo4j + numpy + pypsrp + requests + tabulate + urllib3 + xmltodict + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "knowsmore" + ]; + + pytestFlagsArray = [ + "tests/tests*" + ]; + + meta = with lib; { + description = "Tool for pentesting Microsoft Active Directory"; + homepage = "https://github.com/helviojunior/knowsmore"; + changelog = "https://github.com/helviojunior/knowsmore/releases/tag/v${version}"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kpcli/default.nix b/nixpkgs/pkgs/tools/security/kpcli/default.nix new file mode 100644 index 000000000000..3ca03ee3ca10 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kpcli/default.nix @@ -0,0 +1,40 @@ +{ lib, stdenv, fetchurl, makeWrapper, perl, perlPackages }: + +stdenv.mkDerivation rec { + version = "4.0"; + pname = "kpcli"; + + src = fetchurl { + url = "mirror://sourceforge/kpcli/${pname}-${version}.pl"; + sha256 = "sha256-UYnX2tad3Jg00kdX5WHStI6u2pyts+SZlgj/jv4o/TU="; + }; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ perl ]; + + dontUnpack = true; + + installPhase = '' + mkdir -p $out/{bin,share} + cp ${src} $out/share/kpcli.pl + chmod +x $out/share/kpcli.pl + + makeWrapper $out/share/kpcli.pl $out/bin/kpcli --set PERL5LIB \ + "${with perlPackages; makePerlPath ([ + CaptureTiny Clipboard Clone CryptRijndael SortNaturally TermReadKey TermShellUI FileKeePass TermReadLineGnu XMLParser + ] ++ lib.optional stdenv.isDarwin MacPasteboard)}" + ''; + + + meta = with lib; { + description = "KeePass Command Line Interface"; + longDescription = '' + KeePass Command Line Interface (CLI) / interactive shell. + Use this program to access and manage your KeePass 1.x or 2.x databases from a Unix-like command line. + ''; + license = licenses.artistic1; + homepage = "http://kpcli.sourceforge.net"; + platforms = platforms.all; + maintainers = [ maintainers.j-keck ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/krunner-pass/default.nix b/nixpkgs/pkgs/tools/security/krunner-pass/default.nix new file mode 100644 index 000000000000..032840b7d33c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/krunner-pass/default.nix @@ -0,0 +1,59 @@ +{ mkDerivation +, lib +, fetchFromGitHub +, fetchpatch +, cmake +, extra-cmake-modules +, kauth +, krunner +, pass +}: + +mkDerivation rec { + pname = "krunner-pass"; + # when upgrading the version, check if cmakeFlags is still needed + version = "1.3.0"; + + src = fetchFromGitHub { + owner = "akermu"; + repo = "krunner-pass"; + rev = "v${version}"; + sha256 = "032fs2174ls545kjixbhzyd65wgxkw4s5vg8b20irc5c9ak3pxm0"; + }; + + buildInputs = [ + kauth + krunner + (pass.withExtensions (p: with p; [ pass-otp ])) + ]; + + nativeBuildInputs = [ cmake extra-cmake-modules ]; + + patches = [ + (fetchpatch { + url = "https://github.com/peterhoeg/krunner-pass/commit/be2695f4ae74b0cccec8294defcc92758583d96b.patch"; + sha256 = "098dqnal57994p51p2srfzg4lgcd6ybp29h037llr9cdv02hdxvl"; + name = "fix_build.patch"; + }) + ./pass-path.patch + ]; + + CXXFLAGS = [ + ''-DNIXPKGS_PASS=\"${lib.getBin pass}/bin/pass\"'' + ]; + + cmakeFlags = [ + # there are *lots* of pointless warnings in v1.3.0 + "-Wno-dev" + # required for kf5auth to work correctly + "-DCMAKE_POLICY_DEFAULT_CMP0012=NEW" + ]; + + meta = with lib; { + description = "Integrates krunner with pass the unix standard password manager (https://www.passwordstore.org/)"; + homepage = "https://github.com/akermu/krunner-pass"; + license = licenses.gpl3; + maintainers = with maintainers; [ ysndr ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/krunner-pass/pass-path.patch b/nixpkgs/pkgs/tools/security/krunner-pass/pass-path.patch new file mode 100644 index 000000000000..4ceb3c5d92da --- /dev/null +++ b/nixpkgs/pkgs/tools/security/krunner-pass/pass-path.patch @@ -0,0 +1,13 @@ +diff --git a/pass.cpp b/pass.cpp +index c02f9d0..85c5b99 100644 +--- a/pass.cpp ++++ b/pass.cpp +@@ -193,7 +193,7 @@ void Pass::run(const Plasma::RunnerContext &context, const Plasma::QueryMatch &m + } else { + args << "show" << match.text(); + } +- pass->start("pass", args); ++ pass->start(NIXPKGS_PASS, args); + + connect(pass, static_cast<void(QProcess::*)(int, QProcess::ExitStatus)>(&QProcess::finished), + [=](int exitCode, QProcess::ExitStatus exitStatus) { diff --git a/nixpkgs/pkgs/tools/security/kstart/default.nix b/nixpkgs/pkgs/tools/security/kstart/default.nix new file mode 100644 index 000000000000..88ccc960bc9f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kstart/default.nix @@ -0,0 +1,60 @@ +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, keyutils +, libkrb5 +, openafs +, perl +, pkg-config +, enableSetPAG ? false +}: + +stdenv.mkDerivation (finalAttrs: { + pname = "kstart"; + version = "4.3"; + + src = fetchFromGitHub { + owner = "rra"; + repo = "kstart"; + rev = "release/${finalAttrs.version}"; + hash = "sha256-MGWL4oNc0MZTGWqBEt2wRTkqoagiUTDrS0kz4ewbZZA="; + }; + + nativeBuildInputs = [ + autoreconfHook + perl + pkg-config + ]; + + buildInputs = [ + keyutils + libkrb5 + openafs + ]; + + configureFlags = [ + "--enable-silent-rules" + ] + ++ (lib.optional enableSetPAG "--enable-setpag"); + + preBuild = '' + for f in k5start krenew; do + pod2man --release="${finalAttrs.version}" --center="kstart" docs/"$f".pod >docs/"$f".1 + done + ''; + + doCheck = true; + preCheck = '' + patchShebangs tests + ''; + + outputs = [ "out" "man" ]; + + meta = with lib; { + outputsToInstall = [ "out" "man" ]; + description = "Modified version of kerberos tools that support automatic ticket refresh"; + license = licenses.mit; + platforms = platforms.linux ++ platforms.darwin; + }; +}) diff --git a/nixpkgs/pkgs/tools/security/kube-bench/default.nix b/nixpkgs/pkgs/tools/security/kube-bench/default.nix new file mode 100644 index 000000000000..b0b8d8d7a70a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kube-bench/default.nix @@ -0,0 +1,49 @@ +{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: + +buildGoModule rec { + pname = "kube-bench"; + version = "0.6.18"; + + src = fetchFromGitHub { + owner = "aquasecurity"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-2ZbkghPZYRrxBS6mlwpjhwJYAcKSsUsG0V8sd3n9CZg="; + }; + + vendorHash = "sha256-dBN6Yi8HtS9LzXr08jhw1hqDwS8a4UqrYaRpM+RzvVM="; + + nativeBuildInputs = [ installShellFiles ]; + + ldflags = [ + "-s" + "-w" + "-X github.com/aquasecurity/kube-bench/cmd.KubeBenchVersion=v${version}" + ]; + + postInstall = '' + mkdir -p $out/share/kube-bench/ + mv ./cfg $out/share/kube-bench/ + + installShellCompletion --cmd kube-bench \ + --bash <($out/bin/kube-bench completion bash) \ + --fish <($out/bin/kube-bench completion fish) \ + --zsh <($out/bin/kube-bench completion zsh) + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + $out/bin/kube-bench --help + $out/bin/kube-bench version | grep "v${version}" + runHook postInstallCheck + ''; + + meta = with lib; { + homepage = "https://github.com/aquasecurity/kube-bench"; + changelog = "https://github.com/aquasecurity/kube-bench/releases/tag/v${version}"; + description = "Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark"; + license = licenses.asl20; + maintainers = with maintainers; [ jk ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kube-hunter/default.nix b/nixpkgs/pkgs/tools/security/kube-hunter/default.nix new file mode 100644 index 000000000000..05ee083f4d77 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kube-hunter/default.nix @@ -0,0 +1,63 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "kube-hunter"; + version = "0.6.8"; + + src = fetchFromGitHub { + owner = "aquasecurity"; + repo = pname; + rev = "refs/tags/v${version}"; + sha256 = "sha256-+M8P/VSF9SKPvq+yNPjokyhggY7hzQ9qLLhkiTNbJls="; + }; + + SETUPTOOLS_SCM_PRETEND_VERSION = version; + + nativeBuildInputs = with python3.pkgs; [ + setuptools-scm + ]; + + propagatedBuildInputs = with python3.pkgs; [ + netaddr + netifaces + requests + prettytable + urllib3 + ruamel-yaml + future + packaging + pluggy + kubernetes + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + requests-mock + ]; + + postPatch = '' + substituteInPlace setup.cfg \ + --replace "dataclasses" "" \ + --replace "kubernetes==12.0.1" "kubernetes" \ + --replace "--cov=kube_hunter" "" + ''; + + pythonImportsCheck = [ + "kube_hunter" + ]; + + disabledTests = [ + # Test is out-dated + "test_K8sCveHunter" + ]; + + meta = with lib; { + description = "Tool to search issues in Kubernetes clusters"; + homepage = "https://github.com/aquasecurity/kube-hunter"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kubeaudit/default.nix b/nixpkgs/pkgs/tools/security/kubeaudit/default.nix new file mode 100644 index 000000000000..61488fdb513b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kubeaudit/default.nix @@ -0,0 +1,33 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "kubeaudit"; + version = "0.22.0"; + + src = fetchFromGitHub { + owner = "Shopify"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-e6No8Md/KZUFNtPJOrSdv1GlGmxX7+tmWNjQGFdtJpc="; + }; + + vendorHash = "sha256-IxrAJaltg7vo3SQRC7OokSD5SM8xiX7iG8ZxKYEe9/E="; + + postInstall = '' + mv $out/bin/cmd $out/bin/$pname + ''; + + # Tests require a running Kubernetes instance + doCheck = false; + + meta = with lib; { + description = "Audit tool for Kubernetes"; + homepage = "https://github.com/Shopify/kubeaudit"; + changelog = "https://github.com/Shopify/kubeaudit/releases/tag/v${version}"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kubeclarity/default.nix b/nixpkgs/pkgs/tools/security/kubeclarity/default.nix new file mode 100644 index 000000000000..ca4cb1bfb592 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kubeclarity/default.nix @@ -0,0 +1,55 @@ +{ lib +, btrfs-progs +, buildGoModule +, fetchFromGitHub +, lvm2 +, pkg-config +}: + +buildGoModule rec { + pname = "kubeclarity"; + version = "2.21.1"; + + src = fetchFromGitHub { + owner = "openclarity"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-+kWqw8o5KlVciWIB8cCVkMuiqW0wpIfua5qVgXZG3ww="; + }; + + vendorHash = "sha256-kYdKCHqzDbfCGMlTMPSHAQkSLyhkCl/OvV7CF5jdyaY="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + btrfs-progs + lvm2 + ]; + + sourceRoot = "${src.name}/cli"; + + ldflags = [ + "-s" + "-w" + ]; + + postInstall = '' + mv $out/bin/cli $out/bin/kubeclarity + ''; + + meta = with lib; { + description = "Kubernetes runtime scanner"; + longDescription = '' + KubeClarity is a vulnerabilities scanning and CIS Docker benchmark tool that + allows users to get an accurate and immediate risk assessment of their + kubernetes clusters. Kubei scans all images that are being used in a + Kubernetes cluster, including images of application pods and system pods. + ''; + homepage = "https://github.com/openclarity/kubeclarity"; + changelog = "https://github.com/openclarity/kubeclarity/releases/tag/v${version}"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kubernetes-polaris/default.nix b/nixpkgs/pkgs/tools/security/kubernetes-polaris/default.nix new file mode 100644 index 000000000000..c8f8dbf07b87 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kubernetes-polaris/default.nix @@ -0,0 +1,52 @@ +{ lib, buildGoModule, fetchFromGitHub, installShellFiles, packr, ... }: + +buildGoModule rec { + pname = "kubernetes-polaris"; + version = "8.5.1"; + + src = fetchFromGitHub { + owner = "FairwindsOps"; + repo = "polaris"; + rev = version; + sha256 = "sha256-cfasYaZvUF5Ptc/BDVhafQ8wP6FA5msY+2IaeqmOvD8="; + }; + + vendorHash = "sha256-ZWetW+Xar4BXXlR0iG+O/NRqYk41x+PPVCGis2W2Nkk="; + + nativeBuildInputs = [ installShellFiles ]; + + ldflags = [ + "-s" + "-w" + "-X main.Version=${version}" + "-X main.Commit=${version}" + ]; + + preBuild = '' + ${packr}/bin/packr2 -v --ignore-imports + ''; + + postInstall = '' + installShellCompletion --cmd polaris \ + --bash <($out/bin/polaris completion bash) \ + --fish <($out/bin/polaris completion fish) \ + --zsh <($out/bin/polaris completion zsh) + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + + $out/bin/polaris help + $out/bin/polaris version | grep 'Polaris version:${version}' + + runHook postInstallCheck + ''; + + meta = with lib; { + description = "Validate and remediate Kubernetes resources to ensure configuration best practices are followed"; + homepage = "https://www.fairwinds.com/polaris"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ longer ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kubescape/default.nix b/nixpkgs/pkgs/tools/security/kubescape/default.nix new file mode 100644 index 000000000000..b5661ccbcd3c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kubescape/default.nix @@ -0,0 +1,90 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles +, kubescape +, testers +}: + +buildGoModule rec { + pname = "kubescape"; + version = "2.9.1"; + + src = fetchFromGitHub { + owner = "kubescape"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-FKWR3pxFtJBEa14Mn3RKsLvrliHaj6TuF4F2JLtw2qA="; + fetchSubmodules = true; + }; + + vendorHash = "sha256-zcv8oYm6srwkwT3pUECtTewyqVVpCIcs3i0VRTRft68="; + + nativeBuildInputs = [ + installShellFiles + ]; + + ldflags = [ + "-s" + "-w" + "-X=github.com/kubescape/kubescape/v2/core/cautils.BuildNumber=v${version}" + ]; + + subPackages = [ "." ]; + + preCheck = '' + # Feed in all but the integration tests for testing + # This is because subPackages above limits what is built to just what we + # want but also limits the tests + # Skip httphandler tests - the checkPhase doesn't care about excludedPackages + getGoDirs() { + go list ./... | grep -v httphandler + } + + # remove tests that use networking + rm core/pkg/resourcehandler/urlloader_test.go + rm core/pkg/opaprocessor/*_test.go + rm core/cautils/getter/downloadreleasedpolicy_test.go + + # remove tests that use networking + substituteInPlace core/pkg/resourcehandler/repositoryscanner_test.go \ + --replace "TestScanRepository" "SkipScanRepository" \ + --replace "TestGit" "SkipGit" + + # remove test that requires networking + substituteInPlace core/cautils/scaninfo_test.go \ + --replace "TestSetContextMetadata" "SkipSetContextMetadata" + ''; + + postInstall = '' + installShellCompletion --cmd kubescape \ + --bash <($out/bin/kubescape completion bash) \ + --fish <($out/bin/kubescape completion fish) \ + --zsh <($out/bin/kubescape completion zsh) + ''; + + passthru.tests.version = testers.testVersion { + package = kubescape; + command = "kubescape version"; + version = "v${version}"; + }; + + meta = with lib; { + description = "Tool for testing if Kubernetes is deployed securely"; + homepage = "https://github.com/kubescape/kubescape"; + changelog = "https://github.com/kubescape/kubescape/releases/tag/v${version}"; + longDescription = '' + Kubescape is the first open-source tool for testing if Kubernetes is + deployed securely according to multiple frameworks: regulatory, customized + company policies and DevSecOps best practices, such as the NSA-CISA and + the MITRE ATT&CK®. + Kubescape scans K8s clusters, YAML files, and HELM charts, and detect + misconfigurations and software vulnerabilities at early stages of the + CI/CD pipeline and provides a risk score instantly and risk trends over + time. Kubescape integrates natively with other DevOps tools, including + Jenkins, CircleCI and Github workflows. + ''; + license = licenses.asl20; + maintainers = with maintainers; [ fab jk ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kubesec/default.nix b/nixpkgs/pkgs/tools/security/kubesec/default.nix new file mode 100644 index 000000000000..a2b7078896ac --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kubesec/default.nix @@ -0,0 +1,54 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles +}: + +buildGoModule rec { + pname = "kubesec"; + version = "2.13.0"; + + src = fetchFromGitHub { + owner = "controlplaneio"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-9WhY1mJawMkSgqM50DO0y9bxGYW89N14gLirO5zVuzc="; + }; + vendorHash = "sha256-xcIFveR0MwpYGYhHKXwQPHF08620yilEtb+BdKZWrdw="; + + nativeBuildInputs = [ installShellFiles ]; + + ldflags = [ + "-s" + "-w" + "-X github.com/controlplaneio/kubesec/v${lib.versions.major version}/cmd.version=v${version}" + ]; + + # Tests wants to download the kubernetes schema for use with kubeval + doCheck = false; + + postInstall = '' + installShellCompletion --cmd kubesec \ + --bash <($out/bin/kubesec completion bash) \ + --fish <($out/bin/kubesec completion fish) \ + --zsh <($out/bin/kubesec completion zsh) + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + + $out/bin/kubesec --help + $out/bin/kubesec version | grep "${version}" + + runHook postInstallCheck + ''; + + meta = with lib; { + description = "Security risk analysis tool for Kubernetes resources"; + homepage = "https://github.com/controlplaneio/kubesec"; + changelog = "https://github.com/controlplaneio/kubesec/blob/v${version}/CHANGELOG.md"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab jk ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kubestroyer/default.nix b/nixpkgs/pkgs/tools/security/kubestroyer/default.nix new file mode 100644 index 000000000000..bbe0d9cad7a3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kubestroyer/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "kubestroyer"; + version = "0.2"; + + src = fetchFromGitHub { + owner = "Rolix44"; + repo = "Kubestroyer"; + rev = "refs/tags/v${version}"; + hash = "sha256-M/abb2IT0mXwj8lAitr18VtIgC4NvapPywBwcUWr9i8="; + }; + + vendorHash = "sha256-x0lIi4QUuYn0kv0HV4h8k61kRu10LCyELudisqUdTAg="; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "Kubernetes exploitation tool"; + homepage = "https://github.com/Rolix44/Kubestroyer"; + changelog = "https://github.com/Rolix44/Kubestroyer/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/kwalletcli/default.nix b/nixpkgs/pkgs/tools/security/kwalletcli/default.nix new file mode 100644 index 000000000000..3b01e4a2fb50 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kwalletcli/default.nix @@ -0,0 +1,54 @@ +{ mkDerivation, fetchFromGitHub, lib, makeWrapper, pkg-config +, kcoreaddons, ki18n, kwallet, mksh, pinentry-qt }: + +mkDerivation rec { + pname = "kwalletcli"; + version = "3.03"; + + src = fetchFromGitHub { + owner = "MirBSD"; + repo = pname; + rev = "${pname}-${lib.replaceStrings [ "." ] [ "_" ] version}"; + sha256 = "sha256-DUtaQITzHhQrqA9QJd0U/5EDjH0IzY9/kal/7SYQ/Ck="; + }; + + postPatch = '' + substituteInPlace GNUmakefile \ + --replace -I/usr/include/KF5/KCoreAddons -I${kcoreaddons.dev}/include/KF5/KCoreAddons \ + --replace -I/usr/include/KF5/KI18n -I${ki18n.dev}/include/KF5/KI18n \ + --replace -I/usr/include/KF5/KWallet -I${kwallet.dev}/include/KF5/KWallet \ + --replace /usr/bin $out/bin \ + --replace /usr/share/man $out/share/man + + substituteInPlace pinentry-kwallet \ + --replace '/usr/bin/env mksh' ${mksh}/bin/mksh + + substituteInPlace kwalletcli_getpin \ + --replace '/usr/bin/env mksh' ${mksh}/bin/mksh + ''; + + makeFlags = [ "KDE_VER=5" ]; + + nativeBuildInputs = [ makeWrapper pkg-config ]; + # if using just kwallet, cmake will be added as a buildInput and fail the build + propagatedBuildInputs = [ kcoreaddons ki18n (lib.getLib kwallet) ]; + + preInstall = '' + mkdir -p $out/bin $out/share/man/man1 + ''; + + postInstall = '' + for program in pinentry-kwallet kwalletcli_getpin; do + wrapProgram $out/bin/$program \ + --prefix PATH : $out/bin:${lib.makeBinPath [ pinentry-qt ]} \ + --set-default PINENTRY pinentry-qt + done + ''; + + meta = with lib; { + description = "Command-Line Interface to the KDE Wallet"; + homepage = "https://www.mirbsd.org/kwalletcli.htm"; + license = licenses.miros; + maintainers = with maintainers; [ peterhoeg ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/lastpass-cli/default.nix b/nixpkgs/pkgs/tools/security/lastpass-cli/default.nix new file mode 100644 index 000000000000..c20157cb4194 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/lastpass-cli/default.nix @@ -0,0 +1,62 @@ +{ stdenv +, lib +, fetchFromGitHub +, fetchpatch +, asciidoc +, cmake +, docbook_xsl +, pkg-config +, bash-completion +, openssl +, curl +, libxml2 +, libxslt +}: + +stdenv.mkDerivation rec { + pname = "lastpass-cli"; + version = "1.3.6"; + + src = fetchFromGitHub { + owner = "lastpass"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-ntUBwZ0bVkkpvWK/jQBkLNpCYEDI14/ki0cLwYpEWXk="; + }; + + patches = [ + # Pull fix pending upstream inclusion for -fno-common toolchains: + # https://github.com/lastpass/lastpass-cli/pull/576 + (fetchpatch { + name = "fno-common.patch"; + url = "https://github.com/lastpass/lastpass-cli/commit/e3311cebdb29a3267843cf656a32f01c5062897e.patch"; + sha256 = "1yjx2p98nb3n8ywc9lhf2zal5fswawb5i6lgnicdin23zngff5l8"; + }) + ]; + + nativeBuildInputs = [ asciidoc cmake docbook_xsl pkg-config ]; + + buildInputs = [ + bash-completion + curl + openssl + libxml2 + libxslt + ]; + + installTargets = [ "install" "install-doc" ]; + + postInstall = '' + install -Dm644 -T ../contrib/lpass_zsh_completion $out/share/zsh/site-functions/_lpass + install -Dm644 -T ../contrib/completions-lpass.fish $out/share/fish/vendor_completions.d/lpass.fish + install -Dm755 -T ../contrib/examples/git-credential-lastpass $out/bin/git-credential-lastpass + ''; + + meta = with lib; { + description = "Stores, retrieves, generates, and synchronizes passwords securely"; + homepage = "https://github.com/lastpass/lastpass-cli"; + license = licenses.gpl2Plus; + platforms = platforms.unix; + maintainers = with maintainers; [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ldapmonitor/default.nix b/nixpkgs/pkgs/tools/security/ldapmonitor/default.nix new file mode 100644 index 000000000000..51295d2841a9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ldapmonitor/default.nix @@ -0,0 +1,41 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "ldapmonitor"; + version = "1.4"; + format = "other"; + + src = fetchFromGitHub { + owner = "p0dalirius"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-BmTj/6dOUYfia6wO4nvkEW01MIC9TuBk4kYAsVHMsWY="; + }; + + sourceRoot = "${src.name}/python"; + + propagatedBuildInputs = with python3.pkgs; [ + impacket + ldap3 + python-ldap + ]; + + installPhase = '' + runHook preInstall + + install -vD pyLDAPmonitor.py $out/bin/ldapmonitor + + runHook postInstall + ''; + + meta = with lib; { + description = "Tool to monitor creation, deletion and changes to LDAP objects"; + homepage = "https://github.com/p0dalirius/LDAPmonitor"; + changelog = "https://github.com/p0dalirius/LDAPmonitor/releases/tag/${version}"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ldapnomnom/default.nix b/nixpkgs/pkgs/tools/security/ldapnomnom/default.nix new file mode 100644 index 000000000000..132ecf70591a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ldapnomnom/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "ldapnomnom"; + version = "1.1.0"; + + src = fetchFromGitHub { + owner = "lkarlslund"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-o29vcPKRX8TWRCpa20DVsh/4K7d3IbaLS3B+jJGBEmo="; + }; + + vendorHash = "sha256-3ucnLD+qhBSWY2wLtBcsOcuEf1woqHP17qQg7LlERA8="; + + meta = with lib; { + description = "Tool to anonymously bruteforce usernames from Domain controllers"; + homepage = "https://github.com/lkarlslund/ldapnomnom"; + changelog = "https://github.com/lkarlslund/ldapnomnom/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ldeep/default.nix b/nixpkgs/pkgs/tools/security/ldeep/default.nix new file mode 100644 index 000000000000..ebc1ca5922e5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ldeep/default.nix @@ -0,0 +1,47 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "ldeep"; + version = "1.0.42"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "franc-pentest"; + repo = "ldeep"; + rev = "refs/tags/${version}"; + hash = "sha256-kXXZU4/nWUKAFJbcp9PFyPUxd+fRXJb6JbS/fybHh3g="; + }; + + nativeBuildInputs = with python3.pkgs; [ + cython + ]; + + propagatedBuildInputs = with python3.pkgs; [ + commandparse + cryptography + dnspython + ldap3 + pycryptodomex + six + termcolor + tqdm + ]; + + # no tests are present + doCheck = false; + + pythonImportsCheck = [ + "ldeep" + ]; + + meta = with lib; { + description = "In-depth LDAP enumeration utility"; + homepage = "https://github.com/franc-pentest/ldeep"; + changelog = "https://github.com/franc-pentest/ldeep/releases/tag/${version}"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/lesspass-cli/default.nix b/nixpkgs/pkgs/tools/security/lesspass-cli/default.nix new file mode 100644 index 000000000000..34d36f93b5fb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/lesspass-cli/default.nix @@ -0,0 +1,39 @@ +{ lib, python3, fetchFromGitHub }: + +let + inherit (python3.pkgs) buildPythonApplication pytest mock pexpect; + repo = "lesspass"; +in +buildPythonApplication rec { + pname = "lesspass-cli"; + version = "9.1.9"; + + src = fetchFromGitHub { + owner = repo; + repo = repo; + rev = version; + sha256 = "126zk248s9r72qk9b8j27yvb8gglw49kazwz0sd69b5kkxvhz2dh"; + }; + sourceRoot = "${src.name}/cli"; + + # some tests are designed to run against code in the source directory - adapt to run against + # *installed* code + postPatch = '' + for f in tests/test_functional.py tests/test_interaction.py ; do + substituteInPlace $f --replace "lesspass/core.py" "-m lesspass.core" + done + ''; + + nativeCheckInputs = [ pytest mock pexpect ]; + checkPhase = '' + mv lesspass lesspass.hidden # ensure we're testing against *installed* package + pytest tests + ''; + + meta = with lib; { + description = "Stateless password manager"; + homepage = "https://lesspass.com"; + maintainers = with maintainers; [ jasoncarr ]; + license = licenses.gpl3; + }; +} diff --git a/nixpkgs/pkgs/tools/security/lethe/default.nix b/nixpkgs/pkgs/tools/security/lethe/default.nix new file mode 100644 index 000000000000..0e63b0db2a53 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/lethe/default.nix @@ -0,0 +1,29 @@ +{ lib +, stdenv +, fetchFromGitHub +, rustPlatform +, Security +}: + +rustPlatform.buildRustPackage rec { + pname = "lethe"; + version = "0.8.2"; + + src = fetchFromGitHub { + owner = "kostassoid"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-y2D/80pnpYpTl+q9COTQkvtj9lzBlOWuMcnn5WFnX8E="; + }; + + cargoSha256 = "sha256-SFNNpbHZdDJvH95f+VWyVKnQp3OJwQmCOqHtLAhhkOk="; + + buildInputs = lib.optional stdenv.isDarwin Security; + + meta = with lib; { + description = "Tool to wipe drives in a secure way"; + homepage = "https://github.com/kostassoid/lethe"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/libacr38u/default.nix b/nixpkgs/pkgs/tools/security/libacr38u/default.nix new file mode 100644 index 000000000000..5211f42b96ef --- /dev/null +++ b/nixpkgs/pkgs/tools/security/libacr38u/default.nix @@ -0,0 +1,42 @@ +{ lib, stdenv, fetchurl, autoreconfHook, pkg-config, pcsclite , libusb-compat-0_1, IOKit }: + +stdenv.mkDerivation { + version = "1.7.11"; + pname = "libacr38u"; + + src = fetchurl { + url = "http://http.debian.net/debian/pool/main/a/acr38/acr38_1.7.11.orig.tar.bz2"; + sha256 = "0lxbq17y51cablx6bcd89klwnyigvkz0rsf9nps1a97ggnllyzkx"; + }; + + doCheck = true; + + nativeBuildInputs = [ autoreconfHook pkg-config ]; + buildInputs = [ pcsclite libusb-compat-0_1 ] + ++ lib.optional stdenv.isDarwin IOKit; + + preBuild = '' + makeFlagsArray=(usbdropdir="$out/pcsc/drivers"); + ''; + + meta = with lib; { + description = "ACR38U smartcard reader driver for pcsclite"; + longDescription = '' + A PC/SC IFD handler implementation for the ACS ACR38U + smartcard readers. This driver is for the non-CCID version only. + + This package is needed to communicate with the ACR38U smartcard readers through + the PC/SC Lite resource manager (pcscd). + + It can be enabled in /etc/nixos/configuration.nix by adding: + services.pcscd.enable = true; + services.pcscd.plugins = [ libacr38u ]; + + The package is based on the debian package libacr38u. + ''; + homepage = "https://www.acs.com.hk"; + license = licenses.lgpl2Plus; + maintainers = with maintainers; [ berce ]; + platforms = with platforms; unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/libmodsecurity/default.nix b/nixpkgs/pkgs/tools/security/libmodsecurity/default.nix new file mode 100644 index 000000000000..e1d78b79753e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/libmodsecurity/default.nix @@ -0,0 +1,80 @@ +{ lib, stdenv, fetchFromGitHub +, autoreconfHook, bison, flex, pkg-config +, curl, geoip, libmaxminddb, libxml2, lmdb, lua, pcre, pcre2, ssdeep, yajl +, nixosTests +}: + +stdenv.mkDerivation rec { + pname = "libmodsecurity"; + version = "3.0.10"; + + src = fetchFromGitHub { + owner = "SpiderLabs"; + repo = "ModSecurity"; + rev = "v${version}"; + sha256 = "sha256-VaoPpJ0twuGWU7G9AvKK4kq9Ed0BeG2J7B81sOuJVrE="; + fetchSubmodules = true; + }; + + nativeBuildInputs = [ autoreconfHook bison flex pkg-config ]; + buildInputs = [ curl geoip libmaxminddb libxml2 lmdb lua pcre pcre2 ssdeep yajl ]; + + outputs = [ "out" "dev" ]; + + configureFlags = [ + "--enable-parser-generation" + "--disable-doxygen-doc" + "--with-curl=${curl.dev}" + "--with-libxml=${libxml2.dev}" + "--with-lmdb=${lmdb.out}" + "--with-maxmind=${libmaxminddb}" + "--with-pcre=${pcre.dev}" + "--with-pcre2=${pcre2.out}" + "--with-ssdeep=${ssdeep}" + ]; + + postPatch = '' + substituteInPlace build/lmdb.m4 \ + --replace "\''${path}/include/lmdb.h" "${lmdb.dev}/include/lmdb.h" \ + --replace "lmdb_inc_path=\"\''${path}/include\"" "lmdb_inc_path=\"${lmdb.dev}/include\"" + substituteInPlace build/pcre2.m4 \ + --replace "/usr/local/pcre2" "${pcre2.out}/lib" \ + --replace "\''${path}/include/pcre2.h" "${pcre2.dev}/include/pcre2.h" \ + --replace "pcre2_inc_path=\"\''${path}/include\"" "pcre2_inc_path=\"${pcre2.dev}/include\"" + substituteInPlace build/ssdeep.m4 \ + --replace "/usr/local/libfuzzy" "${ssdeep}/lib" \ + --replace "\''${path}/include/fuzzy.h" "${ssdeep}/include/fuzzy.h" \ + --replace "ssdeep_inc_path=\"\''${path}/include\"" "ssdeep_inc_path=\"${ssdeep}/include\"" + substituteInPlace modsecurity.conf-recommended \ + --replace "SecUnicodeMapFile unicode.mapping 20127" "SecUnicodeMapFile $out/share/modsecurity/unicode.mapping 20127" + ''; + + postInstall = '' + mkdir -p $out/share/modsecurity + cp ${src}/{AUTHORS,CHANGES,LICENSE,README.md,modsecurity.conf-recommended,unicode.mapping} $out/share/modsecurity + ''; + + enableParallelBuilding = true; + + passthru.tests = { + nginx-modsecurity = nixosTests.nginx-modsecurity; + }; + + meta = with lib; { + homepage = "https://github.com/SpiderLabs/ModSecurity"; + description = '' + ModSecurity v3 library component. + ''; + longDescription = '' + Libmodsecurity is one component of the ModSecurity v3 project. The + library codebase serves as an interface to ModSecurity Connectors taking + in web traffic and applying traditional ModSecurity processing. In + general, it provides the capability to load/interpret rules written in + the ModSecurity SecRules format and apply them to HTTP content provided + by your application via Connectors. + ''; + license = licenses.asl20; + platforms = platforms.all; + maintainers = with maintainers; [ izorkin ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/libtpms/default.nix b/nixpkgs/pkgs/tools/security/libtpms/default.nix new file mode 100644 index 000000000000..a7249481454a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/libtpms/default.nix @@ -0,0 +1,41 @@ +{ lib +, stdenv +, fetchFromGitHub +, pkg-config, autoreconfHook +, openssl, perl +}: + +stdenv.mkDerivation rec { + pname = "libtpms"; + version = "0.9.6"; + + src = fetchFromGitHub { + owner = "stefanberger"; + repo = "libtpms"; + rev = "v${version}"; + sha256 = "sha256-I2TYuOLwgEm6ofF2onWI7j2yu9wpXxNt7lJePSpF9VM="; + }; + + nativeBuildInputs = [ + autoreconfHook + pkg-config + perl # needed for pod2man + ]; + buildInputs = [ openssl ]; + + outputs = [ "out" "man" "dev" ]; + + enableParallelBuilding = true; + + configureFlags = [ + "--with-openssl" + "--with-tpm2" + ]; + + meta = with lib; { + description = "The libtpms library provides software emulation of a Trusted Platform Module (TPM 1.2 and TPM 2.0)"; + homepage = "https://github.com/stefanberger/libtpms"; + license = licenses.bsd3; + maintainers = [ maintainers.baloo ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/lil-pwny/default.nix b/nixpkgs/pkgs/tools/security/lil-pwny/default.nix new file mode 100644 index 000000000000..c8251dfaa249 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/lil-pwny/default.nix @@ -0,0 +1,32 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "lil-pwny"; + version = "2.0.0"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "PaperMtn"; + repo = "lil-pwny"; + rev = "refs/tags/${version}"; + hash = "sha256-EE6+PQTmvAv5EvxI9QR/dQcPby13BBk66KSc7XDNAZA="; + }; + + # Project has no test + doCheck = false; + + pythonImportsCheck = [ + "lil_pwny" + ]; + + meta = with lib; { + description = "Offline auditing of Active Directory passwords"; + homepage = "https://github.com/PaperMtn/lil-pwny"; + changelog = "https://github.com/PaperMtn/lil-pwny/blob/${version}/CHANGELOG.md"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/linux-exploit-suggester/default.nix b/nixpkgs/pkgs/tools/security/linux-exploit-suggester/default.nix new file mode 100644 index 000000000000..9744c416bb74 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/linux-exploit-suggester/default.nix @@ -0,0 +1,29 @@ +{ lib, stdenvNoCC, fetchFromGitHub }: + +stdenvNoCC.mkDerivation rec { + pname = "linux-exploit-suggester"; + version = "unstable-2022-04-01"; + + src = fetchFromGitHub { + owner = "mzet-"; + repo = pname; + rev = "54a5c01497d6655be88f6262ccad5bc5a5e4f4ec"; + sha256 = "v0Q8O+aaXEqwWAwGP/u5Nkm4DzM6nM11GI4XbK2PeWM="; + }; + + installPhase = '' + runHook preInstall + + install -Dm755 linux-exploit-suggester.sh $out/bin/${pname} + + runHook postInstall + ''; + + meta = with lib; { + description = "Tool designed to assist in detecting security deficiencies for given Linux kernel/Linux-based machine"; + homepage = "https://github.com/mzet-/linux-exploit-suggester"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ emilytrau ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/lmp/default.nix b/nixpkgs/pkgs/tools/security/lmp/default.nix new file mode 100644 index 000000000000..2b945478f3da --- /dev/null +++ b/nixpkgs/pkgs/tools/security/lmp/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "lmp"; + version = "2.0"; + + src = fetchFromGitHub { + owner = "0xInfection"; + repo = "LogMePwn"; + rev = "v${version}"; + sha256 = "sha256-VL/Hp7YaXNcV9JPb3kgRHcdhJJ5p3KHUf3hHbT3gKVk="; + }; + + vendorHash = "sha256-3NTaJ/Y3Tc6UGLfYTKjZxAAI43GJyZQ5wQVYbnXHSYc="; + + meta = with lib; { + description = "Scanning and validation toolkit for the Log4J vulnerability"; + homepage = "https://github.com/0xInfection/LogMePwn"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/log4j-detect/default.nix b/nixpkgs/pkgs/tools/security/log4j-detect/default.nix new file mode 100644 index 000000000000..aaad1fb94efb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/log4j-detect/default.nix @@ -0,0 +1,38 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "log4j-detect"; + version = "unstable-2021-12-14"; + format = "other"; + + src = fetchFromGitHub { + owner = "takito1812"; + repo = pname; + rev = "2f5b7a598a6d0b4aee8111bb574ea72c6a1c76d6"; + sha256 = "sha256-fFKW7uPBfrnze0UoPL3Mfwd4sFOuHYuDP7kv6VtdM3o="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + requests + ]; + + postPatch = '' + sed -i "1 i #!/usr/bin/python" ${pname}.py + ''; + + installPhase = '' + runHook preInstall + install -vD ${pname}.py $out/bin/${pname} + runHook postInstall + ''; + + meta = with lib; { + description = "Tool to detect the log4j vulnerability"; + homepage = "https://github.com/takito1812/log4j-detect"; + license = licenses.unfree; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/log4j-scan/default.nix b/nixpkgs/pkgs/tools/security/log4j-scan/default.nix new file mode 100644 index 000000000000..bd2772efb416 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/log4j-scan/default.nix @@ -0,0 +1,44 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "log4j-scan"; + version = "unstable-2021-12-18"; + format = "other"; + + src = fetchFromGitHub { + owner = "fullhunt"; + repo = pname; + rev = "070fbd00f0945645bd5e0daa199a554ef3884b95"; + sha256 = "sha256-ORSc4KHyAMjuA7QHReDh6SYY5yZRunBBN1+lkCayqL4="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + pycryptodome + requests + termcolor + ]; + + postPatch = '' + substituteInPlace log4j-scan.py \ + --replace "headers.txt" "../share/headers.txt" + ''; + + installPhase = '' + runHook preInstall + + install -vD ${pname}.py $out/bin/${pname} + install -vD headers.txt headers-large.txt -t $out/share + + runHook postInstall + ''; + + meta = with lib; { + description = "Scanner for finding hosts which are vulnerable for log4j"; + homepage = "https://github.com/fullhunt/log4j-scan"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/log4j-sniffer/default.nix b/nixpkgs/pkgs/tools/security/log4j-sniffer/default.nix new file mode 100644 index 000000000000..dec7ce35866a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/log4j-sniffer/default.nix @@ -0,0 +1,36 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, git +}: + +buildGoModule rec { + pname = "log4j-sniffer"; + version = "1.9.0"; + + src = fetchFromGitHub { + owner = "palantir"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-pO6difzNvQvKQtRLyksXmExtQHlnnwyF3iNEmSBgUmU="; + }; + + vendorHash = null; + + nativeCheckInputs = [ + git + ]; + + preCheck = '' + export HOME=$(mktemp -d); + cd $HOME + git init + ''; + + meta = with lib; { + description = "Tool that scans archives to check for vulnerable log4j versions"; + homepage = "https://github.com/palantir/log4j-sniffer"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/log4j-vuln-scanner/default.nix b/nixpkgs/pkgs/tools/security/log4j-vuln-scanner/default.nix new file mode 100644 index 000000000000..57e884d37fef --- /dev/null +++ b/nixpkgs/pkgs/tools/security/log4j-vuln-scanner/default.nix @@ -0,0 +1,30 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "log4j-vuln-scanner"; + version = "0.13"; + + src = fetchFromGitHub { + owner = "hillu"; + repo = "local-log4j-vuln-scanner"; + rev = "v${version}"; + sha256 = "sha256-YMD2233EdrrF1SLjwiRcNr53b7Rf5Tu8CZC43QhSY7c="; + }; + + vendorHash = null; + + postInstall = '' + mv $out/bin/scanner $out/bin/$pname + mv $out/bin/patcher $out/bin/log4j-vuln-patcher + ''; + + meta = with lib; { + description = "Local log4j vulnerability scanner"; + homepage = "https://github.com/hillu/local-log4j-vuln-scanner"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/log4jcheck/default.nix b/nixpkgs/pkgs/tools/security/log4jcheck/default.nix new file mode 100644 index 000000000000..291bf1ff96b4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/log4jcheck/default.nix @@ -0,0 +1,34 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "log4jcheck"; + version = "unstable-2021-12-14"; + format = "other"; + + src = fetchFromGitHub { + owner = "NorthwaveSecurity"; + repo = pname; + rev = "736f1f4044e8a9b7bf5db515e2d1b819253f0f6d"; + sha256 = "sha256-1al7EMYbE/hFXKV4mYZlkEWTUIKYxgXYU3qBLlczYvs="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + requests + ]; + + installPhase = '' + runHook preInstall + install -vD nw_log4jcheck.py $out/bin/${pname} + runHook postInstall + ''; + + meta = with lib; { + description = "Tool to check for vulnerable Log4j (CVE-2021-44228) systems"; + homepage = "https://github.com/NorthwaveSecurity/log4jcheck"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/log4shell-detector/default.nix b/nixpkgs/pkgs/tools/security/log4shell-detector/default.nix new file mode 100644 index 000000000000..76fc65728438 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/log4shell-detector/default.nix @@ -0,0 +1,40 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "log4shell-detector"; + version = "unstable-2021-12-16"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "Neo23x0"; + repo = pname; + rev = "622b88e7ea36819da23ce6ac090785cd6cca77f9"; + sha256 = "sha256-N81x9hq473LfM+bQIQLWizCAsVc/pzyB84PV7/N5jk4="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + zstandard + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + installPhase = '' + runHook preInstall + install -vD ${pname}.py $out/bin/${pname} + install -vd $out/${python3.sitePackages}/ + cp -R Log4ShellDetector $out/${python3.sitePackages} + runHook postInstall + ''; + + meta = with lib; { + description = "Detector for Log4Shell exploitation attempts"; + homepage = "https://github.com/Neo23x0/log4shell-detector"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/logkeys/default.nix b/nixpkgs/pkgs/tools/security/logkeys/default.nix new file mode 100644 index 000000000000..a0c6e0a5f628 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/logkeys/default.nix @@ -0,0 +1,32 @@ +{ lib, stdenv, fetchFromGitHub, autoconf, automake, which, procps, kbd }: + +stdenv.mkDerivation { + pname = "logkeys"; + version = "2018-01-22"; + + src = fetchFromGitHub { + owner = "kernc"; + repo = "logkeys"; + rev = "7a9f19fb6b152d9f00a0b3fe29ab266ff1f88129"; + sha256 = "1k6kj0913imwh53lh6hrhqmrpygqg2h462raafjsn7gbd3vkgx8n"; + }; + + nativeBuildInputs = [ autoconf automake ]; + buildInputs = [ which procps kbd ]; + + postPatch = '' + substituteInPlace src/Makefile.am --replace 'root' '$(id -u)' + substituteInPlace configure.ac --replace '/dev/input' '/tmp' + sed -i '/chmod u+s/d' src/Makefile.am + ''; + + preConfigure = "./autogen.sh"; + + meta = with lib; { + description = "A GNU/Linux keylogger that works!"; + license = licenses.gpl3; + homepage = "https://github.com/kernc/logkeys"; + maintainers = with maintainers; [mikoim offline]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/logmap/default.nix b/nixpkgs/pkgs/tools/security/logmap/default.nix new file mode 100644 index 000000000000..d6d4cb0f1a54 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/logmap/default.nix @@ -0,0 +1,34 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "logmap"; + version = "unstable-2021-12-15"; + format = "other"; + + src = fetchFromGitHub { + owner = "zhzyker"; + repo = pname; + rev = "5040707b4ae260830072de93ccd6a23615073abf"; + sha256 = "sha256-LOGjK5l/gaKObWbC9vaLruE8DdDsabztnEW/TjvCdtE="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + requests + ]; + + installPhase = '' + runHook preInstall + install -vD ${pname}.py $out/bin/${pname} + runHook postInstall + ''; + + meta = with lib; { + description = "Tools for fuzzing Log4j2 jndi injection"; + homepage = "https://github.com/zhzyker/logmap"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/lynis/default.nix b/nixpkgs/pkgs/tools/security/lynis/default.nix new file mode 100644 index 000000000000..2a5030a954a6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/lynis/default.nix @@ -0,0 +1,38 @@ +{ lib, stdenv, makeWrapper, fetchFromGitHub, gawk, installShellFiles }: + +stdenv.mkDerivation rec { + pname = "lynis"; + version = "3.0.9"; + + src = fetchFromGitHub { + owner = "CISOfy"; + repo = pname; + rev = version; + sha256 = "sha256-Qf5YVvsw4o2ZS3KjrHPJt8+iPr7G97egdDRN+peL8eU="; + }; + + nativeBuildInputs = [ installShellFiles makeWrapper ]; + + postPatch = '' + grep -rl '/usr/local/lynis' ./ | xargs sed -i "s@/usr/local/lynis@$out/share/lynis@g" + ''; + + installPhase = '' + install -d $out/bin $out/share/lynis/plugins + cp -r include db default.prf $out/share/lynis/ + cp -a lynis $out/bin + wrapProgram "$out/bin/lynis" --prefix PATH : ${lib.makeBinPath [ gawk ]} + + installManPage lynis.8 + installShellCompletion --bash --name lynis.bash \ + extras/bash_completion.d/lynis + ''; + + meta = with lib; { + description = "Security auditing tool for Linux, macOS, and UNIX-based systems"; + homepage = "https://cisofy.com/lynis/"; + license = licenses.gpl3Only; + platforms = platforms.unix; + maintainers = [ maintainers.ryneeverett ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/maigret/default.nix b/nixpkgs/pkgs/tools/security/maigret/default.nix new file mode 100644 index 000000000000..f2d706bfe510 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/maigret/default.nix @@ -0,0 +1,112 @@ +{ lib +, stdenv +, fetchFromGitHub +, fetchpatch +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "maigret"; + version = "0.4.4"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "soxoj"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-Z8SnA7Z5+oKW0AOaNf+c/zR30lrPFmXaxxKkbnDXNNs="; + }; + + patches = [ + # https://github.com/soxoj/maigret/pull/1117 + (fetchpatch { + name = "pytest-7.3-compatibility.patch"; + url = "https://github.com/soxoj/maigret/commit/ecb33de9e6eec12b6b45a1152199177f32c85be2.patch"; + hash = "sha256-nFx3j1Q37YLtYhb0QS34UgZFgAc5Z/RVgbO9o1n1ONE="; + }) + ]; + + nativeBuildInputs = [ python3.pkgs.pythonRelaxDepsHook ]; + + propagatedBuildInputs = with python3.pkgs; [ + aiodns + aiohttp + aiohttp-socks + arabic-reshaper + async-timeout + attrs + beautifulsoup4 + certifi + chardet + cloudscraper + colorama + future + html5lib + idna + jinja2 + lxml + markupsafe + mock + multidict + networkx + pycountry + pypdf2 + pysocks + python-bidi + pyvis + requests + requests-futures + six + socid-extractor + soupsieve + stem + torrequest + tqdm + typing-extensions + webencodings + xhtml2pdf + xmind + yarl + ]; + + __darwinAllowLocalNetworking = true; + + nativeCheckInputs = with python3.pkgs; [ + pytest-httpserver + pytest-asyncio + pytestCheckHook + ]; + + pythonRelaxDeps = true; + pythonRemoveDeps = [ "future-annotations" ]; + + pytestFlagsArray = [ + # DeprecationWarning: There is no current event loop + "-W ignore::DeprecationWarning" + ]; + + disabledTests = [ + # Tests require network access + "test_extract_ids_from_page" + "test_import_aiohttp_cookies" + "test_maigret_results" + "test_pdf_report" + "test_self_check_db_negative_enabled" + "test_self_check_db_positive_enable" + ] ++ lib.optionals stdenv.isDarwin [ + # AsyncioProgressbarExecutor is slower on darwin than it should be, + # Upstream issue: https://github.com/soxoj/maigret/issues/679 + "test_asyncio_progressbar_executor" + ]; + + pythonImportsCheck = [ + "maigret" + ]; + + meta = with lib; { + description = "Tool to collect details about an username"; + homepage = "https://maigret.readthedocs.io"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mantra/default.nix b/nixpkgs/pkgs/tools/security/mantra/default.nix new file mode 100644 index 000000000000..7453926a8bd3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mantra/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "mantra"; + version = "1.1"; + + src = fetchFromGitHub { + owner = "MrEmpy"; + repo = "Mantra"; + rev = "refs/tags/v.${version}"; + hash = "sha256-wIFZgxl6qULDvdUeq4yiuc5dPDudKsYvVUewSL0ITNM="; + }; + + vendorHash = null; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "Tool used to hunt down API key leaks in JS files and pages"; + homepage = "https://github.com/MrEmpy/Mantra"; + changelog = "https://github.com/MrEmpy/Mantra/releases/tag/v.${version}"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/masscan/default.nix b/nixpkgs/pkgs/tools/security/masscan/default.nix new file mode 100644 index 000000000000..107ffe92b2cc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/masscan/default.nix @@ -0,0 +1,70 @@ +{ lib +, stdenv +, fetchFromGitHub +, fetchpatch +, installShellFiles +, makeWrapper +, libpcap +}: + +stdenv.mkDerivation rec { + pname = "masscan"; + version = "1.3.2"; + + src = fetchFromGitHub { + owner = "robertdavidgraham"; + repo = "masscan"; + rev = version; + sha256 = "sha256-mnGC/moQANloR5ODwRjzJzBa55OEZ9QU+9WpAHxQE/g="; + }; + + patches = [ + # Patches the missing "--resume" functionality + (fetchpatch { + name = "resume.patch"; + url = "https://github.com/robertdavidgraham/masscan/commit/90791550bbdfac8905917a109ed74024161f14b3.patch"; + sha256 = "sha256-A7Fk3MBNxaad69MrUYg7fdMG77wba5iESDTIRigYslw="; + }) + ]; + + postPatch = lib.optionalString stdenv.isDarwin '' + # Fix broken install command + substituteInPlace Makefile --replace "-pm755" "-pDm755" + ''; + + nativeBuildInputs = [ makeWrapper installShellFiles ]; + + makeFlags = [ + "PREFIX=$(out)" + "GITVER=${version}" + "CC=${stdenv.cc.targetPrefix}cc" + ]; + + enableParallelBuilding = true; + + postInstall = '' + installManPage doc/masscan.? + + install -Dm444 -t $out/etc/masscan data/exclude.conf + install -Dm444 -t $out/share/doc/masscan doc/*.{html,js,md} + install -Dm444 -t $out/share/licenses/masscan LICENSE + + wrapProgram $out/bin/masscan \ + --prefix LD_LIBRARY_PATH : "${libpcap}/lib" + ''; + + doInstallCheck = true; + + installCheckPhase = '' + $out/bin/masscan --selftest + ''; + + meta = with lib; { + description = "Fast scan of the Internet"; + homepage = "https://github.com/robertdavidgraham/masscan"; + changelog = "https://github.com/robertdavidgraham/masscan/releases/tag/${version}"; + license = licenses.agpl3Only; + platforms = platforms.unix; + maintainers = with maintainers; [ rnhmjoj ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mbox/default.nix b/nixpkgs/pkgs/tools/security/mbox/default.nix new file mode 100644 index 000000000000..a39d226aac57 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mbox/default.nix @@ -0,0 +1,39 @@ +{ lib, stdenv, fetchFromGitHub, openssl, which }: + +stdenv.mkDerivation { + pname = "mbox"; + version = "unstable-2014-05-26"; + + src = fetchFromGitHub { + owner = "tsgates"; + repo = "mbox"; + rev = "a131424b6cb577e1c916bd0e8ffb2084a5f73048"; + sha256 = "06qggqxnzcxnc34m6sbafxwr2p64x65m9zm5wp7pwyarcckhh2hd"; + }; + + buildInputs = [ openssl which ]; + + preConfigure = '' + cd src + cp {.,}configsbox.h + ''; + + doCheck = true; + checkPhase = '' + rm tests/test-*vim.sh tests/test-pip.sh + + patchShebangs ./; dontPatchShebags=1 + sed -i 's|^/bin/||' tests/test-fileops.sh + + ./testall.sh + ''; + + meta = with lib; { + description = "Lightweight sandboxing mechanism that any user can use without special privileges"; + homepage = "http://pdos.csail.mit.edu/mbox/"; + maintainers = with maintainers; [ ehmry ]; + license = licenses.bsd3; + platforms = [ "x86_64-linux" ]; + broken = true; + }; +} diff --git a/nixpkgs/pkgs/tools/security/medusa/default.nix b/nixpkgs/pkgs/tools/security/medusa/default.nix new file mode 100644 index 000000000000..a5ac8f06d16d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/medusa/default.nix @@ -0,0 +1,37 @@ +{ lib, stdenv, fetchFromGitHub, fetchpatch, pkg-config, freerdp, openssl, libssh2 }: + +stdenv.mkDerivation rec { + pname = "medusa-unstable"; + version = "2018-12-16"; + + src = fetchFromGitHub { + owner = "jmk-foofus"; + repo = "medusa"; + rev = "292193b3995444aede53ff873899640b08129fc7"; + sha256 = "0njlz4fqa0165wdmd5y8lfnafayf3c4la0r8pf3hixkdwsss1509"; + }; + + patches = [ + # Pull upstream fix for -fno-common tollchains like gcc-10: + # https://github.com/jmk-foofus/medusa/pull/36 + (fetchpatch { + name = "fno-common.patch"; + url = "https://github.com/jmk-foofus/medusa/commit/a667656ad085b3eb95309932666c250d97a92767.patch"; + sha256 = "01marqqhjd3qwar3ymp50y1h2im5ilgpaxk7wrc2kcxgmzvbdfxc"; + }) + ]; + + outputs = [ "out" "man" ]; + + configureFlags = [ "--enable-module-ssh=yes" ]; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ freerdp openssl libssh2 ]; + + meta = with lib; { + homepage = "https://github.com/jmk-foofus/medusa"; + description = "A speedy, parallel, and modular, login brute-forcer"; + license = licenses.gpl2; + maintainers = with maintainers; [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/melt/default.nix b/nixpkgs/pkgs/tools/security/melt/default.nix new file mode 100644 index 000000000000..99186a40c170 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/melt/default.nix @@ -0,0 +1,25 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "melt"; + version = "0.5.0"; + + src = fetchFromGitHub { + owner = "charmbracelet"; + repo = "melt"; + rev = "v${version}"; + sha256 = "sha256-ZDUvwBxPFE0RBgNGoZlU+LkyIXINZITqBnKDFnr59+Q="; + }; + + vendorHash = "sha256-vTSLyRdv4rAYvy/2S7NnQNs144wyJOLzFkyBBW0TRmo="; + + ldflags = [ "-s" "-w" "-X=main.Version=${version}" ]; + + meta = with lib; { + description = "Backup and restore Ed25519 SSH keys with seed words"; + homepage = "https://github.com/charmbracelet/melt"; + changelog = "https://github.com/charmbracelet/melt/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ penguwin ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/metabigor/default.nix b/nixpkgs/pkgs/tools/security/metabigor/default.nix new file mode 100644 index 000000000000..84e4d39d6a2c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/metabigor/default.nix @@ -0,0 +1,28 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "metabigor"; + version = "1.12.1"; + + src = fetchFromGitHub { + owner = "j3ssie"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-T1P+jAAsKObKRaoxH8c/DMEfXtmSrvnDd5Y3ocKcCSc="; + }; + + vendorHash = "sha256-V+72l2TvhEWgDg7kvn5OOjYcyEgWGLgTGnt58Bu+AEQ="; + + # Disabled for now as there are some failures ("undefined:") + doCheck = false; + + meta = with lib; { + description = "Tool to perform OSINT tasks"; + homepage = "https://github.com/j3ssie/metabigor"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/metasploit/Gemfile b/nixpkgs/pkgs/tools/security/metasploit/Gemfile new file mode 100644 index 000000000000..719091e6d9a6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/metasploit/Gemfile @@ -0,0 +1,4 @@ +# frozen_string_literal: true +source "https://rubygems.org" + +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.39" diff --git a/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock b/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock new file mode 100644 index 000000000000..d9488beb1780 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock @@ -0,0 +1,465 @@ +GIT + remote: https://github.com/rapid7/metasploit-framework + revision: 77fb7ae14f17fd7f4851bca87e0c28c704797591 + ref: refs/tags/6.3.39 + specs: + metasploit-framework (6.3.39) + actionpack (~> 7.0.0) + activerecord (~> 7.0.0) + activesupport (~> 7.0.0) + aws-sdk-ec2 + aws-sdk-ec2instanceconnect + aws-sdk-iam + aws-sdk-s3 + aws-sdk-ssm + bcrypt + bcrypt_pbkdf + bootsnap + bson + chunky_png + dnsruby + ed25519 + em-http-request + eventmachine + faker + faraday + faraday-retry + faye-websocket + filesize + hrr_rb_ssh-ed25519 + http-cookie + irb (~> 1.7.4) + jsobfu + json + metasm + metasploit-concern + metasploit-credential + metasploit-model + metasploit-payloads (= 2.0.156) + metasploit_data_models + metasploit_payloads-mettle (= 1.0.26) + mqtt + msgpack (~> 1.6.0) + nessus_rest + net-imap + net-ldap + net-smtp + net-ssh + network_interface + nexpose + nokogiri (~> 1.14.0) + octokit (~> 4.0) + openssl-ccm + openvas-omp + packetfu + patch_finder + pcaprub + pdf-reader + pg + puma + railties + rasn1 + rb-readline + recog + redcarpet + rex-arch + rex-bin_tools + rex-core + rex-encoder + rex-exploitation + rex-java + rex-mime + rex-nop + rex-ole + rex-powershell + rex-random_identifier + rex-registry + rex-rop_builder + rex-socket + rex-sslscan + rex-struct2 + rex-text + rex-zip + ruby-macho + ruby-mysql + ruby_smb (~> 3.2.0) + rubyntlm + rubyzip + sinatra + sqlite3 + sshkey + swagger-blocks + thin + tzinfo + tzinfo-data + unix-crypt + warden + win32api + windows_error + winrm + xdr + xmlrpc + zeitwerk + +GEM + remote: https://rubygems.org/ + specs: + Ascii85 (1.1.0) + actionpack (7.0.7.2) + actionview (= 7.0.7.2) + activesupport (= 7.0.7.2) + rack (~> 2.0, >= 2.2.4) + rack-test (>= 0.6.3) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.0, >= 1.2.0) + actionview (7.0.7.2) + activesupport (= 7.0.7.2) + builder (~> 3.1) + erubi (~> 1.4) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.1, >= 1.2.0) + activemodel (7.0.7.2) + activesupport (= 7.0.7.2) + activerecord (7.0.7.2) + activemodel (= 7.0.7.2) + activesupport (= 7.0.7.2) + activesupport (7.0.7.2) + concurrent-ruby (~> 1.0, >= 1.0.2) + i18n (>= 1.6, < 2) + minitest (>= 5.1) + tzinfo (~> 2.0) + addressable (2.8.5) + public_suffix (>= 2.0.2, < 6.0) + afm (0.2.2) + arel-helpers (2.14.0) + activerecord (>= 3.1.0, < 8) + aws-eventstream (1.2.0) + aws-partitions (1.811.0) + aws-sdk-core (3.181.0) + aws-eventstream (~> 1, >= 1.0.2) + aws-partitions (~> 1, >= 1.651.0) + aws-sigv4 (~> 1.5) + jmespath (~> 1, >= 1.6.1) + aws-sdk-ec2 (1.402.0) + aws-sdk-core (~> 3, >= 3.177.0) + aws-sigv4 (~> 1.1) + aws-sdk-ec2instanceconnect (1.32.0) + aws-sdk-core (~> 3, >= 3.177.0) + aws-sigv4 (~> 1.1) + aws-sdk-iam (1.86.0) + aws-sdk-core (~> 3, >= 3.177.0) + aws-sigv4 (~> 1.1) + aws-sdk-kms (1.71.0) + aws-sdk-core (~> 3, >= 3.177.0) + aws-sigv4 (~> 1.1) + aws-sdk-s3 (1.134.0) + aws-sdk-core (~> 3, >= 3.181.0) + aws-sdk-kms (~> 1) + aws-sigv4 (~> 1.6) + aws-sdk-ssm (1.156.0) + aws-sdk-core (~> 3, >= 3.177.0) + aws-sigv4 (~> 1.1) + aws-sigv4 (1.6.0) + aws-eventstream (~> 1, >= 1.0.2) + bcrypt (3.1.19) + bcrypt_pbkdf (1.1.0) + bindata (2.4.15) + bootsnap (1.16.0) + msgpack (~> 1.2) + bson (4.15.0) + builder (3.2.4) + chunky_png (1.4.0) + concurrent-ruby (1.2.2) + cookiejar (0.3.3) + crass (1.0.6) + daemons (1.4.1) + date (3.3.3) + dnsruby (1.70.0) + simpleidn (~> 0.2.1) + domain_name (0.5.20190701) + unf (>= 0.0.5, < 1.0.0) + ed25519 (1.3.0) + em-http-request (1.1.7) + addressable (>= 2.3.4) + cookiejar (!= 0.3.1) + em-socksify (>= 0.3) + eventmachine (>= 1.0.3) + http_parser.rb (>= 0.6.0) + em-socksify (0.3.2) + eventmachine (>= 1.0.0.beta.4) + erubi (1.12.0) + eventmachine (1.2.7) + faker (3.2.1) + i18n (>= 1.8.11, < 2) + faraday (2.7.10) + faraday-net_http (>= 2.0, < 3.1) + ruby2_keywords (>= 0.0.4) + faraday-net_http (3.0.2) + faraday-retry (2.2.0) + faraday (~> 2.0) + faye-websocket (0.11.3) + eventmachine (>= 0.12.0) + websocket-driver (>= 0.5.1) + ffi (1.15.5) + filesize (0.2.0) + gssapi (1.3.1) + ffi (>= 1.0.1) + gyoku (1.4.0) + builder (>= 2.1.2) + rexml (~> 3.0) + hashery (2.1.2) + hrr_rb_ssh (0.4.2) + hrr_rb_ssh-ed25519 (0.4.2) + ed25519 (~> 1.2) + hrr_rb_ssh (>= 0.4) + http-cookie (1.0.5) + domain_name (~> 0.5) + http_parser.rb (0.8.0) + httpclient (2.8.3) + i18n (1.14.1) + concurrent-ruby (~> 1.0) + io-console (0.6.0) + irb (1.7.4) + reline (>= 0.3.6) + jmespath (1.6.2) + jsobfu (0.4.2) + rkelly-remix + json (2.6.3) + little-plugger (1.1.4) + logging (2.3.1) + little-plugger (~> 1.1) + multi_json (~> 1.14) + loofah (2.21.3) + crass (~> 1.0.2) + nokogiri (>= 1.12.0) + metasm (1.0.5) + metasploit-concern (5.0.1) + activemodel (~> 7.0) + activesupport (~> 7.0) + railties (~> 7.0) + zeitwerk + metasploit-credential (6.0.5) + metasploit-concern + metasploit-model + metasploit_data_models (>= 5.0.0) + net-ssh + pg + railties + rex-socket + rubyntlm + rubyzip + metasploit-model (5.0.1) + activemodel (~> 7.0) + activesupport (~> 7.0) + railties (~> 7.0) + metasploit-payloads (2.0.156) + metasploit_data_models (6.0.2) + activerecord (~> 7.0) + activesupport (~> 7.0) + arel-helpers + metasploit-concern + metasploit-model (>= 3.1) + pg + railties (~> 7.0) + recog + webrick + metasploit_payloads-mettle (1.0.26) + method_source (1.0.0) + mini_portile2 (2.8.4) + minitest (5.19.0) + mqtt (0.6.0) + msgpack (1.6.1) + multi_json (1.15.0) + mustermann (3.0.0) + ruby2_keywords (~> 0.0.1) + nessus_rest (0.1.6) + net-imap (0.3.7) + date + net-protocol + net-ldap (0.18.0) + net-protocol (0.2.1) + timeout + net-smtp (0.3.3) + net-protocol + net-ssh (7.2.0) + network_interface (0.0.4) + nexpose (7.3.0) + nio4r (2.5.9) + nokogiri (1.14.5) + mini_portile2 (~> 2.8.0) + racc (~> 1.4) + nori (2.6.0) + octokit (4.25.1) + faraday (>= 1, < 3) + sawyer (~> 0.9) + openssl-ccm (1.2.3) + openssl-cmac (2.0.2) + openvas-omp (0.0.4) + packetfu (2.0.0) + pcaprub (~> 0.13.1) + patch_finder (1.0.2) + pcaprub (0.13.1) + pdf-reader (2.11.0) + Ascii85 (~> 1.0) + afm (~> 0.2.1) + hashery (~> 2.0) + ruby-rc4 + ttfunk + pg (1.5.3) + public_suffix (5.0.3) + puma (6.3.1) + nio4r (~> 2.0) + racc (1.7.1) + rack (2.2.8) + rack-protection (3.1.0) + rack (~> 2.2, >= 2.2.4) + rack-test (2.1.0) + rack (>= 1.3) + rails-dom-testing (2.2.0) + activesupport (>= 5.0.0) + minitest + nokogiri (>= 1.6) + rails-html-sanitizer (1.6.0) + loofah (~> 2.21) + nokogiri (~> 1.14) + railties (7.0.7.2) + actionpack (= 7.0.7.2) + activesupport (= 7.0.7.2) + method_source + rake (>= 12.2) + thor (~> 1.0) + zeitwerk (~> 2.5) + rake (13.0.6) + rasn1 (0.12.1) + strptime (~> 0.2.5) + rb-readline (0.5.5) + recog (3.1.2) + nokogiri + redcarpet (3.6.0) + reline (0.3.8) + io-console (~> 0.5) + rex-arch (0.1.14) + rex-text + rex-bin_tools (0.1.8) + metasm + rex-arch + rex-core + rex-struct2 + rex-text + rex-core (0.1.31) + rex-encoder (0.1.6) + metasm + rex-arch + rex-text + rex-exploitation (0.1.38) + jsobfu + metasm + rex-arch + rex-encoder + rex-text + rexml + rex-java (0.1.6) + rex-mime (0.1.7) + rex-text + rex-nop (0.1.2) + rex-arch + rex-ole (0.1.7) + rex-text + rex-powershell (0.1.98) + rex-random_identifier + rex-text + ruby-rc4 + rex-random_identifier (0.1.10) + rex-text + rex-registry (0.1.4) + rex-rop_builder (0.1.4) + metasm + rex-core + rex-text + rex-socket (0.1.52) + rex-core + rex-sslscan (0.1.9) + rex-core + rex-socket + rex-text + rex-struct2 (0.1.3) + rex-text (0.2.52) + rex-zip (0.1.4) + rex-text + rexml (3.2.6) + rkelly-remix (0.0.7) + ruby-macho (4.0.0) + ruby-mysql (4.0.0) + ruby-rc4 (0.1.5) + ruby2_keywords (0.0.5) + ruby_smb (3.2.5) + bindata + openssl-ccm + openssl-cmac + rubyntlm + windows_error (>= 0.1.4) + rubyntlm (0.6.3) + rubyzip (2.3.2) + sawyer (0.9.2) + addressable (>= 2.3.5) + faraday (>= 0.17.3, < 3) + simpleidn (0.2.1) + unf (~> 0.1.4) + sinatra (3.1.0) + mustermann (~> 3.0) + rack (~> 2.2, >= 2.2.4) + rack-protection (= 3.1.0) + tilt (~> 2.0) + sqlite3 (1.6.3) + mini_portile2 (~> 2.8.0) + sshkey (3.0.0) + strptime (0.2.5) + swagger-blocks (3.0.0) + thin (1.8.2) + daemons (~> 1.0, >= 1.0.9) + eventmachine (~> 1.0, >= 1.0.4) + rack (>= 1, < 3) + thor (1.2.2) + tilt (2.2.0) + timeout (0.4.0) + ttfunk (1.7.0) + tzinfo (2.0.6) + concurrent-ruby (~> 1.0) + tzinfo-data (1.2023.3) + tzinfo (>= 1.0.0) + unf (0.1.4) + unf_ext + unf_ext (0.0.8.2) + unix-crypt (1.3.1) + warden (1.2.9) + rack (>= 2.0.9) + webrick (1.8.1) + websocket-driver (0.7.6) + websocket-extensions (>= 0.1.0) + websocket-extensions (0.1.5) + win32api (0.1.0) + windows_error (0.1.5) + winrm (2.3.6) + builder (>= 2.1.2) + erubi (~> 1.8) + gssapi (~> 1.2) + gyoku (~> 1.0) + httpclient (~> 2.2, >= 2.2.0.2) + logging (>= 1.6.1, < 3.0) + nori (~> 2.0) + rubyntlm (~> 0.6.0, >= 0.6.3) + xdr (3.0.3) + activemodel (>= 4.2, < 8.0) + activesupport (>= 4.2, < 8.0) + xmlrpc (0.3.3) + webrick + zeitwerk (2.6.11) + +PLATFORMS + ruby + +DEPENDENCIES + metasploit-framework! + +BUNDLED WITH + 2.4.19 diff --git a/nixpkgs/pkgs/tools/security/metasploit/default.nix b/nixpkgs/pkgs/tools/security/metasploit/default.nix new file mode 100644 index 000000000000..d50d8760e21d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/metasploit/default.nix @@ -0,0 +1,65 @@ +{ lib +, stdenv +, fetchFromGitHub +, makeWrapper +, ruby +, bundlerEnv +, python3 +}: + +let + env = bundlerEnv { + inherit ruby; + name = "metasploit-bundler-env"; + gemdir = ./.; + }; +in stdenv.mkDerivation rec { + pname = "metasploit-framework"; + version = "6.3.39"; + + src = fetchFromGitHub { + owner = "rapid7"; + repo = "metasploit-framework"; + rev = version; + sha256 = "sha256-EKLzIhrNiTUM3OtezPJL8g70BmR+vEyNcllyme5hH8o="; + }; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ (python3.withPackages (ps: [ ps.requests ])) ]; + + dontPatchELF = true; # stay away from exploit executables + + installPhase = '' + mkdir -p $out/{bin,share/msf} + + cp -r * $out/share/msf + + grep -rl "^#\!.*python2$" $out/share/msf | xargs -d '\n' rm + + ( + cd $out/share/msf/ + for i in msf*; do + makeWrapper ${env}/bin/bundle $out/bin/$i \ + --add-flags "exec ${ruby}/bin/ruby $out/share/msf/$i" + done + ) + + makeWrapper ${env}/bin/bundle $out/bin/msf-pattern_create \ + --add-flags "exec ${ruby}/bin/ruby $out/share/msf/tools/exploit/pattern_create.rb" + + makeWrapper ${env}/bin/bundle $out/bin/msf-pattern_offset \ + --add-flags "exec ${ruby}/bin/ruby $out/share/msf/tools/exploit/pattern_offset.rb" + ''; + + # run with: nix-shell maintainers/scripts/update.nix --argstr path metasploit + passthru.updateScript = ./update.sh; + + meta = with lib; { + description = "Metasploit Framework - a collection of exploits"; + homepage = "https://docs.metasploit.com/"; + platforms = platforms.unix; + license = licenses.bsd3; + maintainers = with maintainers; [ fab makefu ]; + mainProgram = "msfconsole"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/metasploit/gemset.nix b/nixpkgs/pkgs/tools/security/metasploit/gemset.nix new file mode 100644 index 000000000000..631d9f8c4dd8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/metasploit/gemset.nix @@ -0,0 +1,1666 @@ +{ + actionpack = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0qamc5ly521wk9i1658h9jv7avmyyp92kffa1da2fn5zk0wgyhf4"; + type = "gem"; + }; + version = "7.0.7.2"; + }; + actionview = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "151zxb61bb6q7g0sn34qz79k8bg02vmb8mmnsn0fr15lxw92dfhm"; + type = "gem"; + }; + version = "7.0.7.2"; + }; + activemodel = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1crjq1dznlbsrwd5yijxraz1591xmg4vdcwwnmrw4nh6hrwq5fj5"; + type = "gem"; + }; + version = "7.0.7.2"; + }; + activerecord = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "03vrssdqaqm41w27s21r37skdfxa41midvjy37i2zh3rnbnq8ps2"; + type = "gem"; + }; + version = "7.0.7.2"; + }; + activesupport = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1vlzcnyqlbchaq85phmdv73ydlc18xpvxy1cbsk191cwd29i7q32"; + type = "gem"; + }; + version = "7.0.7.2"; + }; + addressable = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "05r1fwy487klqkya7vzia8hnklcxy4vr92m9dmni3prfwk6zpw33"; + type = "gem"; + }; + version = "2.8.5"; + }; + afm = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "06kj9hgd0z8pj27bxp2diwqh6fv7qhwwm17z64rhdc4sfn76jgn8"; + type = "gem"; + }; + version = "0.2.2"; + }; + arel-helpers = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1b14yqwfjynlvl6x7jclhr4b2imik2cvabwxn9cpylabdnhr7gza"; + type = "gem"; + }; + version = "2.14.0"; + }; + Ascii85 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ds4v9xgsyvijnlflak4dzf1qwmda9yd5bv8jwsb56nngd399rlw"; + type = "gem"; + }; + version = "1.1.0"; + }; + aws-eventstream = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1pyis1nvnbjxk12a43xvgj2gv0mvp4cnkc1gzw0v1018r61399gz"; + type = "gem"; + }; + version = "1.2.0"; + }; + aws-partitions = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0082fsywglghvam55i4jz7cj2vyd8hb8b7658cr9yqlwna9j1sp3"; + type = "gem"; + }; + version = "1.811.0"; + }; + aws-sdk-core = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xjw9cf6ldbw50xi5ric8d63r8kybpsvaqxh2v6n7374hfady73i"; + type = "gem"; + }; + version = "3.181.0"; + }; + aws-sdk-ec2 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1kl5b8m0ad2dxj2r0f5wkphfwhnpq820jbzrdmxyh20kivckv33c"; + type = "gem"; + }; + version = "1.402.0"; + }; + aws-sdk-ec2instanceconnect = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1jbvh6v2kbybk1qjzhzrl82d7advh6hf3va9zyaxlrcijkz6jjg4"; + type = "gem"; + }; + version = "1.32.0"; + }; + aws-sdk-iam = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "02bp18pi29zncznkzkjzlg5j1cl99q41xvw0z5qx9q55mcwaj7i8"; + type = "gem"; + }; + version = "1.86.0"; + }; + aws-sdk-kms = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1zr5w2cjd895abyn7y5gifhq37bxcinssvdx2l1qmlkllbdxbwq0"; + type = "gem"; + }; + version = "1.71.0"; + }; + aws-sdk-s3 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1fbz259as60xnf563z9byp8blq5fsc81h92h3wicai4bmz45w4r5"; + type = "gem"; + }; + version = "1.134.0"; + }; + aws-sdk-ssm = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "178nnrlpz5ihx5615i1mml7ymg2pklvfxxakhhwcjbys52cz6jsk"; + type = "gem"; + }; + version = "1.156.0"; + }; + aws-sigv4 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0z889c4c1w7wsjm3szg64ay5j51kjl4pdf94nlr1yks2rlanm7na"; + type = "gem"; + }; + version = "1.6.0"; + }; + bcrypt = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "14crcsmcsyiskr9xzgzcfz2dr74zg1jvavrrxpf5vnn9q75fakz9"; + type = "gem"; + }; + version = "3.1.19"; + }; + bcrypt_pbkdf = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ndamfaivnkhc6hy0yqyk2gkwr6f3bz6216lh74hsiiyk3axz445"; + type = "gem"; + }; + version = "1.1.0"; + }; + bindata = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "04y4zgh4bbcb8wmkxwfqg4saky1d1f3xw8z6yk543q13h8ky8rz5"; + type = "gem"; + }; + version = "2.4.15"; + }; + bootsnap = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1vcg52gwl64xhhal6kwk1pc01y1klzdlnv1awyk89kb91z010x7q"; + type = "gem"; + }; + version = "1.16.0"; + }; + bson = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "19vgs9rzzyvd7jfrzynjnc6518q0ffpfciyicfywbp77zl8nc9hk"; + type = "gem"; + }; + version = "4.15.0"; + }; + builder = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "045wzckxpwcqzrjr353cxnyaxgf0qg22jh00dcx7z38cys5g1jlr"; + type = "gem"; + }; + version = "3.2.4"; + }; + chunky_png = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1znw5x86hmm9vfhidwdsijz8m38pqgmv98l9ryilvky0aldv7mc9"; + type = "gem"; + }; + version = "1.4.0"; + }; + concurrent-ruby = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0krcwb6mn0iklajwngwsg850nk8k9b35dhmc2qkbdqvmifdi2y9q"; + type = "gem"; + }; + version = "1.2.2"; + }; + cookiejar = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0q0kmbks9l3hl0wdq744hzy97ssq9dvlzywyqv9k9y1p3qc9va2a"; + type = "gem"; + }; + version = "0.3.3"; + }; + crass = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0pfl5c0pyqaparxaqxi6s4gfl21bdldwiawrc0aknyvflli60lfw"; + type = "gem"; + }; + version = "1.0.6"; + }; + daemons = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "07cszb0zl8mqmwhc8a2yfg36vi6lbgrp4pa5bvmryrpcz9v6viwg"; + type = "gem"; + }; + version = "1.4.1"; + }; + date = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "03skfikihpx37rc27vr3hwrb057gxnmdzxhmzd4bf4jpkl0r55w1"; + type = "gem"; + }; + version = "3.3.3"; + }; + dnsruby = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "17bjlic4ac9980vas3pgnhi5lkisq28vd730bhcg8jdh8xcp6r48"; + type = "gem"; + }; + version = "1.70.0"; + }; + domain_name = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0lcqjsmixjp52bnlgzh4lg9ppsk52x9hpwdjd53k8jnbah2602h0"; + type = "gem"; + }; + version = "0.5.20190701"; + }; + ed25519 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0zb2dr2ihb1qiknn5iaj1ha1w9p7lj9yq5waasndlfadz225ajji"; + type = "gem"; + }; + version = "1.3.0"; + }; + em-http-request = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1azx5rgm1zvx7391sfwcxzyccs46x495vb34ql2ch83f58mwgyqn"; + type = "gem"; + }; + version = "1.1.7"; + }; + em-socksify = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rk43ywaanfrd8180d98287xv2pxyl7llj291cwy87g1s735d5nk"; + type = "gem"; + }; + version = "0.3.2"; + }; + erubi = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08s75vs9cxlc4r1q2bjg4br8g9wc5lc5x5vl0vv4zq5ivxsdpgi7"; + type = "gem"; + }; + version = "1.12.0"; + }; + eventmachine = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0wh9aqb0skz80fhfn66lbpr4f86ya2z5rx6gm5xlfhd05bj1ch4r"; + type = "gem"; + }; + version = "1.2.7"; + }; + faker = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ysiqlvyy1351bzx7h92r93a35s32l8giyf9bac6sgr142sh3cnn"; + type = "gem"; + }; + version = "3.2.1"; + }; + faraday = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "187clqhp9mv5mnqmjlfdp57svhsg1bggz84ak8v333j9skrnrgh9"; + type = "gem"; + }; + version = "2.7.10"; + }; + faraday-net_http = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13byv3mp1gsjyv8k0ih4612y6vw5kqva6i03wcg4w2fqpsd950k8"; + type = "gem"; + }; + version = "3.0.2"; + }; + faraday-retry = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ia19zgni6cw96rvsr0s004vjs9m2r6la4s00zcff36xaia4m0l0"; + type = "gem"; + }; + version = "2.2.0"; + }; + faye-websocket = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "01xkpv5b4fjc5n6n1fq6z1ris991av2fbadvs8r71i9r34b8g48h"; + type = "gem"; + }; + version = "0.11.3"; + }; + ffi = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1862ydmclzy1a0cjbvm8dz7847d9rch495ib0zb64y84d3xd4bkg"; + type = "gem"; + }; + version = "1.15.5"; + }; + filesize = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "17p7rf1x7h3ivaznb4n4kmxnnzj25zaviryqgn2n12v2kmibhp8g"; + type = "gem"; + }; + version = "0.2.0"; + }; + gssapi = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1qdfhj12aq8v0y961v4xv96a1y2z80h3xhvzrs9vsfgf884g6765"; + type = "gem"; + }; + version = "1.3.1"; + }; + gyoku = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1kd2q59xpm39hpvmmvyi6g3f1fr05xjbnxwkrdqz4xy7hirqi79q"; + type = "gem"; + }; + version = "1.4.0"; + }; + hashery = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0qj8815bf7q6q7llm5rzdz279gzmpqmqqicxnzv066a020iwqffj"; + type = "gem"; + }; + version = "2.1.2"; + }; + hrr_rb_ssh = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1dr6mv98ll0crdn2wm2yy9ywh130iljcsvnnvs6639k19qbfk7qf"; + type = "gem"; + }; + version = "0.4.2"; + }; + hrr_rb_ssh-ed25519 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1mfsvjcjmm63fwjf3zqkmg3cf55vx34vmvix0wj0ba4h9dzjq7p8"; + type = "gem"; + }; + version = "0.4.2"; + }; + http-cookie = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13rilvlv8kwbzqfb644qp6hrbsj82cbqmnzcvqip1p6vqx36sxbk"; + type = "gem"; + }; + version = "1.0.5"; + }; + "http_parser.rb" = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1gj4fmls0mf52dlr928gaq0c0cb0m3aqa9kaa6l0ikl2zbqk42as"; + type = "gem"; + }; + version = "0.8.0"; + }; + httpclient = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "19mxmvghp7ki3klsxwrlwr431li7hm1lczhhj8z4qihl2acy8l99"; + type = "gem"; + }; + version = "2.8.3"; + }; + i18n = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0qaamqsh5f3szhcakkak8ikxlzxqnv49n2p7504hcz2l0f4nj0wx"; + type = "gem"; + }; + version = "1.14.1"; + }; + io-console = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dikardh14c72gd9ypwh8dim41wvqmzfzf35mincaj5yals9m7ff"; + type = "gem"; + }; + version = "0.6.0"; + }; + irb = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "158ca10kj3qqnql5g8f1g2arsnhgdl79mg74manpf8ldkwjjn3n8"; + type = "gem"; + }; + version = "1.7.4"; + }; + jmespath = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1cdw9vw2qly7q7r41s7phnac264rbsdqgj4l0h4nqgbjb157g393"; + type = "gem"; + }; + version = "1.6.2"; + }; + jsobfu = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1hchns89cfj0gggm2zbr7ghb630imxm2x2d21ffx2jlasn9xbkyk"; + type = "gem"; + }; + version = "0.4.2"; + }; + json = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0nalhin1gda4v8ybk6lq8f407cgfrj6qzn234yra4ipkmlbfmal6"; + type = "gem"; + }; + version = "2.6.3"; + }; + little-plugger = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1frilv82dyxnlg8k1jhrvyd73l6k17mxc5vwxx080r4x1p04gwym"; + type = "gem"; + }; + version = "1.1.4"; + }; + logging = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1zflchpx4g8c110gjdcs540bk5a336nq6nmx379rdg56xw0pjd02"; + type = "gem"; + }; + version = "2.3.1"; + }; + loofah = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1p744kjpb5zk2ihklbykzii77alycjc04vpnm2ch2f3cp65imlj3"; + type = "gem"; + }; + version = "2.21.3"; + }; + metasm = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dpjbkdvi4h6v0g01db7vlcsg15pfiyslkz3zd7wfk04yrc6g7wi"; + type = "gem"; + }; + version = "1.0.5"; + }; + metasploit-concern = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "12qhihgrhlxcr8pss42blf9jx6sdwp85kg0790n6lf6knz9yi7yc"; + type = "gem"; + }; + version = "5.0.1"; + }; + metasploit-credential = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0pdfrbw8442aspvf4h691p542sgm6rj2xfl3bfc6rplmz82j1ay5"; + type = "gem"; + }; + version = "6.0.5"; + }; + metasploit-framework = { + groups = ["default"]; + platforms = []; + source = { + fetchSubmodules = false; + rev = "77fb7ae14f17fd7f4851bca87e0c28c704797591"; + sha256 = "1jhzc7p9jwjrfa6lrg3ych3g83pj9grcqppbvh63b2fd38ig78hh"; + type = "git"; + url = "https://github.com/rapid7/metasploit-framework"; + }; + version = "6.3.39"; + }; + metasploit-model = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "01i35h3wl7qly2kx20f5r1x00grmfd5vnarjvi3qjjyy380qw793"; + type = "gem"; + }; + version = "5.0.1"; + }; + metasploit-payloads = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1x2lyyz9n89ii16v1pkw69yrywyjx1mv46rg5z4wa95gbp236mmy"; + type = "gem"; + }; + version = "2.0.156"; + }; + metasploit_data_models = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "07k32bv9qnxg9vcq29p0r6qcfrhwby3aydpir3z8a7h8iz17lz9i"; + type = "gem"; + }; + version = "6.0.2"; + }; + metasploit_payloads-mettle = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1qprmbmpw4c8396m0whbp08xzdbjc0s2zd0jkxqnh3aswmx8pj3m"; + type = "gem"; + }; + version = "1.0.26"; + }; + method_source = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1pnyh44qycnf9mzi1j6fywd5fkskv3x7nmsqrrws0rjn5dd4ayfp"; + type = "gem"; + }; + version = "1.0.0"; + }; + mini_portile2 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "02mj8mpd6ck5gpcnsimx5brzggw5h5mmmpq2djdypfq16wcw82qq"; + type = "gem"; + }; + version = "2.8.4"; + }; + minitest = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0jnpsbb2dbcs95p4is4431l2pw1l5pn7dfg3vkgb4ga464j0c5l6"; + type = "gem"; + }; + version = "5.19.0"; + }; + mqtt = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "14iacsn0l8kl5pw9giaz2p3i06dwwj0mad9m0949bl5g8g35vsb3"; + type = "gem"; + }; + version = "0.6.0"; + }; + msgpack = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1jr9grsdnlb8wgd9by7mhsc9c1wixijh9an4m4yq1ph0jg26x9rk"; + type = "gem"; + }; + version = "1.6.1"; + }; + multi_json = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0pb1g1y3dsiahavspyzkdy39j4q377009f6ix0bh1ag4nqw43l0z"; + type = "gem"; + }; + version = "1.15.0"; + }; + mustermann = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rwbq20s2gdh8dljjsgj5s6wqqfmnbclhvv2c2608brv7jm6jdbd"; + type = "gem"; + }; + version = "3.0.0"; + }; + nessus_rest = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1allyrd4rll333zbmsi3hcyg6cw1dhc4bg347ibsw191nswnp8ci"; + type = "gem"; + }; + version = "0.1.6"; + }; + net-imap = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0lf7wqg7czhaj51qsnmn28j7jmcxhkh3m28rl1cjrqsgjxhwj7r3"; + type = "gem"; + }; + version = "0.3.7"; + }; + net-ldap = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xqcffn3c1564c4fizp10dzw2v5g2pabdzrcn25hq05bqhsckbar"; + type = "gem"; + }; + version = "0.18.0"; + }; + net-protocol = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dxckrlw4q1lcn3qg4mimmjazmg9bma5gllv72f8js3p36fb3b91"; + type = "gem"; + }; + version = "0.2.1"; + }; + net-smtp = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1c6md06hm5bf6rv53sk54dl2vg038pg8kglwv3rayx0vk2mdql9x"; + type = "gem"; + }; + version = "0.3.3"; + }; + net-ssh = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1jyj6j7w9zpj2zhp4dyhdjiwsn9rqwksj7s7fzpnn7rx2xvz2a1a"; + type = "gem"; + }; + version = "7.2.0"; + }; + network_interface = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0hqkas4c809w2gnic1srhq5rd2hpsfnhmrvm1vkix8w775qql74z"; + type = "gem"; + }; + version = "0.0.4"; + }; + nexpose = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0jz5xiwiwagd663qdlfhmc9fm76x78cqhighmfivy6w5v0n4xyq0"; + type = "gem"; + }; + version = "7.3.0"; + }; + nio4r = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0w9978zwjf1qhy3amkivab0f9syz6a7k0xgydjidaf7xc831d78f"; + type = "gem"; + }; + version = "2.5.9"; + }; + nokogiri = { + dependencies = ["mini_portile2" "racc"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1g6wvxab4qwnbny983n9bckc0afy6y6s3g5v3csdbsp8n7g9vxi3"; + type = "gem"; + }; + version = "1.14.5"; + }; + nori = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "066wc774a2zp4vrq3k7k8p0fhv30ymqmxma1jj7yg5735zls8agn"; + type = "gem"; + }; + version = "2.6.0"; + }; + octokit = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15lvy06h276jryxg19258b2yqaykf0567sp0n16yipywhbp94860"; + type = "gem"; + }; + version = "4.25.1"; + }; + openssl-ccm = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1mqr538wcfjc1q9qxsc2pz0s81kw1f3xk7k1qy903n5b3bh9vri3"; + type = "gem"; + }; + version = "1.2.3"; + }; + openssl-cmac = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1mml6105j6ryd9d019gbwzkdjmvycjlxxld0qzg9vs70f1qdihcc"; + type = "gem"; + }; + version = "2.0.2"; + }; + openvas-omp = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "14xf614vd76qjdjxjv14mmjar6s64fwp4cwb7bv5g1wc29srg28x"; + type = "gem"; + }; + version = "0.0.4"; + }; + packetfu = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0crsc4mcikpc01d19ppryzwgvhk9hg9r73g5bwac32x979zwyks8"; + type = "gem"; + }; + version = "2.0.0"; + }; + patch_finder = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1md9scls55n1riw26vw1ak0ajq38dfygr36l0h00wqhv51cq745m"; + type = "gem"; + }; + version = "1.0.2"; + }; + pcaprub = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0886fcc5bi0kc0rbma5fj3wa3hbg2nl7ivnbi2j995yzg36zq7xy"; + type = "gem"; + }; + version = "0.13.1"; + }; + pdf-reader = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "09sx25jpnip2sp6wh5sn5ad7za78rfi95qp5iiczfh43z4jqa8q3"; + type = "gem"; + }; + version = "2.11.0"; + }; + pg = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1zcvxmfa8hxkhpp59fhxyxy1arp70f11zi1jh9c7bsdfspifb7kb"; + type = "gem"; + }; + version = "1.5.3"; + }; + public_suffix = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0n9j7mczl15r3kwqrah09cxj8hxdfawiqxa60kga2bmxl9flfz9k"; + type = "gem"; + }; + version = "5.0.3"; + }; + puma = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1x4dwx2shx0p7lsms97r85r7ji7zv57bjy3i1kmcpxc8bxvrr67c"; + type = "gem"; + }; + version = "6.3.1"; + }; + racc = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "11v3l46mwnlzlc371wr3x6yylpgafgwdf0q7hc7c1lzx6r414r5g"; + type = "gem"; + }; + version = "1.7.1"; + }; + rack = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15rdwbyk71c9nxvd527bvb8jxkcys8r3dj3vqra5b3sa63qs30vv"; + type = "gem"; + }; + version = "2.2.8"; + }; + rack-protection = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xsz78hccgza144n37bfisdkzpr2c8m0xl6rnlzgxdbsm1zrkg7r"; + type = "gem"; + }; + version = "3.1.0"; + }; + rack-test = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ysx29gk9k14a14zsp5a8czys140wacvp91fja8xcja0j1hzqq8c"; + type = "gem"; + }; + version = "2.1.0"; + }; + rails-dom-testing = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0fx9dx1ag0s1lr6lfr34lbx5i1bvn3bhyf3w3mx6h7yz90p725g5"; + type = "gem"; + }; + version = "2.2.0"; + }; + rails-html-sanitizer = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1pm4z853nyz1bhhqr7fzl44alnx4bjachcr6rh6qjj375sfz3sc6"; + type = "gem"; + }; + version = "1.6.0"; + }; + railties = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "01pdn9sn7kawwrvrbr3vz44j287xbka8mm7nrv9cl510y8gzxi2x"; + type = "gem"; + }; + version = "7.0.7.2"; + }; + rake = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15whn7p9nrkxangbs9hh75q585yfn66lv0v2mhj6q6dl6x8bzr2w"; + type = "gem"; + }; + version = "13.0.6"; + }; + rasn1 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "05n3ki7jlkll0rf6zrqi41a9fc6zmw87f94ai21jgmvsswjfx15i"; + type = "gem"; + }; + version = "0.12.1"; + }; + rb-readline = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "14w79a121czmvk1s953qfzww30mqjb2zc0k9qhi0ivxxk3hxg6wy"; + type = "gem"; + }; + version = "0.5.5"; + }; + recog = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15633qvzbgsigx55dxb9b07xh0spwr9njd5y2f454kc5zrrapp1a"; + type = "gem"; + }; + version = "3.1.2"; + }; + redcarpet = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1sg9sbf9pm91l7lac7fs4silabyn0vflxwaa2x3lrzsm0ff8ilca"; + type = "gem"; + }; + version = "3.6.0"; + }; + reline = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0lv1nv7z63n4qmsm3h5h273m7daxngkcq8ynkk9j8lmn7jji98lb"; + type = "gem"; + }; + version = "0.3.8"; + }; + rex-arch = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1gi9641869pg30ij7ba3r2z89flvdqsma4spbpww6c8ph62iy4bp"; + type = "gem"; + }; + version = "0.1.14"; + }; + rex-bin_tools = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0p5r2h0zaixdjhp9k0jq0vgsvbhifx2jh3p9pr2w80qda1hkgqgj"; + type = "gem"; + }; + version = "0.1.8"; + }; + rex-core = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0s5fz1fipk2x9grd8rj7n09wfmq78kdhw9fvrmgr9z52zi640xzs"; + type = "gem"; + }; + version = "0.1.31"; + }; + rex-encoder = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15c2yqrvn3hxf6gn4cqrz2l65rdh68gbk2a7lwdq43nchfjnsnvg"; + type = "gem"; + }; + version = "0.1.6"; + }; + rex-exploitation = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1afz3qvdmaav542klxz2jwwgrayhw1lyrivmpfv5jk2c613cky3n"; + type = "gem"; + }; + version = "0.1.38"; + }; + rex-java = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0g8xdj7ij4y51wgh6l29al6i107bqn6pwql6za7ahms75m8s9dys"; + type = "gem"; + }; + version = "0.1.6"; + }; + rex-mime = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "00qpd5i8naw601q6aij652gw8x6my5d5drf63lq9fridjrqj0nja"; + type = "gem"; + }; + version = "0.1.7"; + }; + rex-nop = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0yjlmgmaaa65lkd6jrm71g8yfn8xy91jl07nd1v90xp9jrzrrl92"; + type = "gem"; + }; + version = "0.1.2"; + }; + rex-ole = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rlsy1a4lig7iqvb4zn60fpf125v8k4bjrjzakks74prjb2qmqnp"; + type = "gem"; + }; + version = "0.1.7"; + }; + rex-powershell = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "09bsf88faglr04ag71cplyhhmy7drp1cqs2dqq77m7q8w1ibk8rj"; + type = "gem"; + }; + version = "0.1.98"; + }; + rex-random_identifier = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "11gdz9n44jlhq1w5swq63705gliwjc7jg7avgprgw2j4sscnypjp"; + type = "gem"; + }; + version = "0.1.10"; + }; + rex-registry = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "09b6jhcih4srrh0j52v49vbffqz8ngki6qpmq9b2wdabqnw63d1v"; + type = "gem"; + }; + version = "0.1.4"; + }; + rex-rop_builder = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ssynxq3kc86v3xnc6jx8pg5zh13q61wl2klqbi9hzn2n8lhdgvj"; + type = "gem"; + }; + version = "0.1.4"; + }; + rex-socket = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0b8pymg7c6yjb2jc73sky917rdq2kmn9cwxlhm7703yc3y1fyj2x"; + type = "gem"; + }; + version = "0.1.52"; + }; + rex-sslscan = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0lgwadsmdwdkv9irxlvrc2x0wh1c1r1b9254blpc797ksh5qm4l1"; + type = "gem"; + }; + version = "0.1.9"; + }; + rex-struct2 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1hp8yv55j995dl587hismwa7ydyprs03c75gia6rwp7v5bhshy4n"; + type = "gem"; + }; + version = "0.1.3"; + }; + rex-text = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xibdr82pr0p4h7jixf4r56y70rqzda5287bv3mw43r9vwsi949f"; + type = "gem"; + }; + version = "0.2.52"; + }; + rex-zip = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0azm4g4dm9k6vrav769vn0gffrv7pgxknlj4dr9yav632920cvqj"; + type = "gem"; + }; + version = "0.1.4"; + }; + rexml = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "05i8518ay14kjbma550mv0jm8a6di8yp5phzrd8rj44z9qnrlrp0"; + type = "gem"; + }; + version = "3.2.6"; + }; + rkelly-remix = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1g7hjl9nx7f953y7lncmfgp0xgxfxvgfm367q6da9niik6rp1y3j"; + type = "gem"; + }; + version = "0.0.7"; + }; + ruby-macho = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1yf8fq0l5hlqkjklcpxmg6vhzvbyigwd2n441aq42b2wa2f8xj5q"; + type = "gem"; + }; + version = "4.0.0"; + }; + ruby-mysql = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1sh12qscqrc1ihgy7734r4vrg9kzd9lifwsfk4n1r5i4gv5q0jd2"; + type = "gem"; + }; + version = "4.0.0"; + }; + ruby-rc4 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "00vci475258mmbvsdqkmqadlwn6gj9m01sp7b5a3zd90knil1k00"; + type = "gem"; + }; + version = "0.1.5"; + }; + ruby2_keywords = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1vz322p8n39hz3b4a9gkmz9y7a5jaz41zrm2ywf31dvkqm03glgz"; + type = "gem"; + }; + version = "0.0.5"; + }; + ruby_smb = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "075ib787qp2g0ghx0pww76ff843l09y5d5h1x63zbnxzm3q3v4dz"; + type = "gem"; + }; + version = "3.2.5"; + }; + rubyntlm = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0b8hczk8hysv53ncsqzx4q6kma5gy5lqc7s5yx8h64x3vdb18cjv"; + type = "gem"; + }; + version = "0.6.3"; + }; + rubyzip = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0grps9197qyxakbpw02pda59v45lfgbgiyw48i0mq9f2bn9y6mrz"; + type = "gem"; + }; + version = "2.3.2"; + }; + sawyer = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1jks1qjbmqm8f9kvwa81vqj39avaj9wdnzc531xm29a55bb74fps"; + type = "gem"; + }; + version = "0.9.2"; + }; + simpleidn = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "06f7w6ph3bzzqk212yylfp4jfx275shgp9zg3xszbpv1ny2skp9m"; + type = "gem"; + }; + version = "0.2.1"; + }; + sinatra = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "00541cnypsh1mnilfxxqlz6va9afrixf9m1asn4wzjp5m59777p8"; + type = "gem"; + }; + version = "3.1.0"; + }; + sqlite3 = { + dependencies = ["mini_portile2"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0h95kr5529qv786mfk8r2jjdsdi6v7v3k3dpz69mrcc9i0vpdd37"; + type = "gem"; + }; + version = "1.6.3"; + }; + sshkey = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1k8i5pzjhcnyf0bhcyn5iixpfp4pz0556rcxwpglh6p0sr8s6nv5"; + type = "gem"; + }; + version = "3.0.0"; + }; + strptime = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ycs0xz58kymf7yp4h56f0nid2z7g3s18dj7pa3p790pfzzpgvcq"; + type = "gem"; + }; + version = "0.2.5"; + }; + swagger-blocks = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bycg5si4pr69b0qqiqzhwcich90mvmn0v0gs39slvxg5nv3h28k"; + type = "gem"; + }; + version = "3.0.0"; + }; + thin = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08g1yq6zzvgndj8fd98ah7pp8g2diw28p8bfjgv7rvjvp8d2am8w"; + type = "gem"; + }; + version = "1.8.2"; + }; + thor = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0k7j2wn14h1pl4smibasw0bp66kg626drxb59z7rzflch99cd4rg"; + type = "gem"; + }; + version = "1.2.2"; + }; + tilt = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bmjgbv8158klwp2r3klxjwaj93nh1sbl4xvj9wsha0ic478avz7"; + type = "gem"; + }; + version = "2.2.0"; + }; + timeout = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1d9cvm0f4zdpwa795v3zv4973y5zk59j7s1x3yn90jjrhcz1yvfd"; + type = "gem"; + }; + version = "0.4.0"; + }; + ttfunk = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15iaxz9iak5643bq2bc0jkbjv8w2zn649lxgvh5wg48q9d4blw13"; + type = "gem"; + }; + version = "1.7.0"; + }; + tzinfo = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "16w2g84dzaf3z13gxyzlzbf748kylk5bdgg3n1ipvkvvqy685bwd"; + type = "gem"; + }; + version = "2.0.6"; + }; + tzinfo-data = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0m2d0gpsgqnv29j5h2d6g57g0rayvd460b8s2vjr8sn46bqf89m5"; + type = "gem"; + }; + version = "1.2023.3"; + }; + unf = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bh2cf73i2ffh4fcpdn9ir4mhq8zi50ik0zqa1braahzadx536a9"; + type = "gem"; + }; + version = "0.1.4"; + }; + unf_ext = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1yj2nz2l101vr1x9w2k83a0fag1xgnmjwp8w8rw4ik2rwcz65fch"; + type = "gem"; + }; + version = "0.0.8.2"; + }; + unix-crypt = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "11p5ij6iasr46fbzz0z3jibaiwf242bq8xwav33rljwcwh85sy5y"; + type = "gem"; + }; + version = "1.3.1"; + }; + warden = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1l7gl7vms023w4clg02pm4ky9j12la2vzsixi2xrv9imbn44ys26"; + type = "gem"; + }; + version = "1.2.9"; + }; + webrick = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13qm7s0gr2pmfcl7dxrmq38asaza4w0i2n9my4yzs499j731wh8r"; + type = "gem"; + }; + version = "1.8.1"; + }; + websocket-driver = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1nyh873w4lvahcl8kzbjfca26656d5c6z3md4sbqg5y1gfz0157n"; + type = "gem"; + }; + version = "0.7.6"; + }; + websocket-extensions = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0hc2g9qps8lmhibl5baa91b4qx8wqw872rgwagml78ydj8qacsqw"; + type = "gem"; + }; + version = "0.1.5"; + }; + win32api = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1liryy0pz0gpw5sadbb9xwaflay272b8bwv4pclh6wkhldnh7wg7"; + type = "gem"; + }; + version = "0.1.0"; + }; + windows_error = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1825v7hvcl0xss6scyfv76i0cs0kvj72wy20kn7xqylw9avjga2r"; + type = "gem"; + }; + version = "0.1.5"; + }; + winrm = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0nxf6a47d1xf1nvi7rbfbzjyyjhz0iakrnrsr2hj6y24a381sd8i"; + type = "gem"; + }; + version = "2.3.6"; + }; + xdr = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1vsimn1vha6qjh1zbkvma5biwlh3hzc6s24ksw7vsxg0z27m8bmz"; + type = "gem"; + }; + version = "3.0.3"; + }; + xmlrpc = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0fwfnccagsjrbvrav5nbk3zracj9zncr7i375nn20jd4cfy4cggc"; + type = "gem"; + }; + version = "0.3.3"; + }; + zeitwerk = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1mwdd445w63khz13hpv17m2br5xngyjl3jdj08xizjbm78i2zrxd"; + type = "gem"; + }; + version = "2.6.11"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/metasploit/shell.nix b/nixpkgs/pkgs/tools/security/metasploit/shell.nix new file mode 100644 index 000000000000..ccd510f63af2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/metasploit/shell.nix @@ -0,0 +1,17 @@ +# Env to update Gemfile.lock / gemset.nix +with import <nixpkgs> {}; +stdenv.mkDerivation { + name = "env"; + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ + bundix + git + libiconv + libpcap + libxml2 + libxslt + postgresql + ruby.devEnv + sqlite + ]; +} diff --git a/nixpkgs/pkgs/tools/security/metasploit/update.sh b/nixpkgs/pkgs/tools/security/metasploit/update.sh new file mode 100755 index 000000000000..ba41b78c0e8d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/metasploit/update.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p curl bundix git libiconv libpcap libxml2 libxslt pkg-config postgresql ruby.devEnv sqlite xmlstarlet nix-update + +set -eu -o pipefail +cd "$(dirname "$(readlink -f "$0")")" + +latest=$(curl https://github.com/rapid7/metasploit-framework/tags.atom | xmlstarlet sel -N atom="http://www.w3.org/2005/Atom" -t -m /atom:feed/atom:entry -v atom:title -n | head -n1) +echo "Updating metasploit to $latest" + +sed -i "s#refs/tags/.*#refs/tags/$latest\"#" Gemfile + +bundler install +bundix +sed -i '/[ ]*dependencies =/d' gemset.nix + +cd "../../../../" +nix-update metasploit --version "$latest" diff --git a/nixpkgs/pkgs/tools/security/mfcuk/default.nix b/nixpkgs/pkgs/tools/security/mfcuk/default.nix new file mode 100644 index 000000000000..3128a787807a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mfcuk/default.nix @@ -0,0 +1,22 @@ +{ lib, stdenv, fetchurl, pkg-config, libnfc }: + +stdenv.mkDerivation { + pname = "mfcuk"; + version = "0.3.8"; + + src = fetchurl { + url = "https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/mfcuk/mfcuk-0.3.8.tar.gz"; + sha256 = "0m9sy61rsbw63xk05jrrmnyc3xda0c3m1s8pg3sf8ijbbdv9axcp"; + }; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ libnfc ]; + + meta = with lib; { + description = "MiFare Classic Universal toolKit"; + license = licenses.gpl2; + homepage = "https://github.com/nfc-tools/mfcuk"; + maintainers = with maintainers; [ offline ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mfoc/default.nix b/nixpkgs/pkgs/tools/security/mfoc/default.nix new file mode 100644 index 000000000000..ca1f4a5e4f25 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mfoc/default.nix @@ -0,0 +1,35 @@ +{ lib, stdenv, fetchFromGitHub, fetchpatch, autoreconfHook, pkg-config, libnfc }: + +stdenv.mkDerivation rec { + pname = "mfoc"; + version = "0.10.7"; + + src = fetchFromGitHub { + owner = "nfc-tools"; + repo = pname; + rev = "${pname}-${version}"; + sha256 = "0hbg1fn4000qdg1cfc7y8l0vh1mxlxcz7gapkcq54xp2l6kk1z65"; + }; + + patches = [ + (fetchpatch { + url = "https://github.com/nfc-tools/mfoc/commit/f13efb0a6deb1d97ba945d555a6a5d6be89b593f.patch"; + sha256 = "109gqzp8rdsjvj0nra686vy0dpd2bl6q5v9m4v98cpxkbz496450"; + }) + (fetchpatch { + url = "https://github.com/nfc-tools/mfoc/commit/00eae36f891bc4580103e3b54f0bb5228af2cdef.patch"; + sha256 = "1w56aj96g776f37j53jmf3hk21x4mqik3l2bmghrdp8drixc8bzk"; + }) + ]; + + nativeBuildInputs = [ autoreconfHook pkg-config ]; + buildInputs = [ libnfc ]; + + meta = with lib; { + description = "Mifare Classic Offline Cracker"; + license = licenses.gpl2; + homepage = "https://github.com/nfc-tools/mfoc"; + maintainers = with maintainers; [ offline ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/minica/default.nix b/nixpkgs/pkgs/tools/security/minica/default.nix new file mode 100644 index 000000000000..6dd6d1fd5ce0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/minica/default.nix @@ -0,0 +1,34 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "minica"; + version = "1.0.2"; + + src = fetchFromGitHub { + owner = "jsha"; + repo = "minica"; + rev = "v${version}"; + sha256 = "sha256-3p6rUFFiWXhX9BBbxqWxRoyRceexvNnqcFCyNi5HoaA="; + }; + + vendorHash = null; + + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + description = "A simple tool for generating self signed certificates"; + longDescription = '' + Minica is a simple CA intended for use in situations where the CA operator + also operates each host where a certificate will be used. It automatically + generates both a key and a certificate when asked to produce a + certificate. + ''; + homepage = "https://github.com/jsha/minica/"; + changelog = "https://github.com/jsha/minica/releases/tag/${src.rev}"; + license = licenses.mit; + maintainers = with maintainers; [ m1cr0man ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/minio-certgen/default.nix b/nixpkgs/pkgs/tools/security/minio-certgen/default.nix new file mode 100644 index 000000000000..fed6bdca2c54 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/minio-certgen/default.nix @@ -0,0 +1,23 @@ +{ lib, fetchFromGitHub, buildGoModule }: + +buildGoModule rec { + pname = "minio-certgen"; + version = "1.2.1"; + + src = fetchFromGitHub { + owner = "minio"; + repo = "certgen"; + rev = "v${version}"; + sha256 = "sha256-qi+SeNLW/jE2dGar4Lf16TKRT3ZTmWB/j8EsnoyrdxI="; + }; + + vendorHash = null; + + meta = with lib; { + description = "A simple Minio tool to generate self-signed certificates, and provides SAN certificates with DNS and IP entries"; + downloadPage = "https://github.com/minio/certgen"; + license = licenses.bsd3; + maintainers = with maintainers; [ bryanasdev000 ]; + mainProgram = "certgen"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/minisign/default.nix b/nixpkgs/pkgs/tools/security/minisign/default.nix new file mode 100644 index 000000000000..2ab1babcafc7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/minisign/default.nix @@ -0,0 +1,29 @@ +{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, libsodium }: + +stdenv.mkDerivation rec { + pname = "minisign"; + version = "0.11"; + + src = fetchFromGitHub { + repo = "minisign"; + owner = "jedisct1"; + rev = version; + sha256 = "sha256-sczGs6du797WUkfr3JiTI/bUHp7vKEeZtJdCryFcYu8="; + }; + + nativeBuildInputs = [ cmake pkg-config ]; + buildInputs = [ libsodium ]; + + meta = with lib; { + description = "A simple tool for signing files and verifying signatures"; + longDescription = '' + minisign uses public key cryptography to help facilitate secure (but not + necessarily private) file transfer, e.g., of software artefacts. minisign + is similar to and compatible with OpenBSD's signify. + ''; + homepage = "https://jedisct1.github.io/minisign/"; + license = licenses.isc; + maintainers = with maintainers; [ joachifm ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/minizign/default.nix b/nixpkgs/pkgs/tools/security/minizign/default.nix new file mode 100644 index 000000000000..a5fd19405a37 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/minizign/default.nix @@ -0,0 +1,30 @@ +{ lib +, stdenv +, fetchFromGitHub +, zig_0_11 +}: + +stdenv.mkDerivation { + pname = "minizign"; + version = "unstable-2023-08-13"; + + src = fetchFromGitHub { + owner = "jedisct1"; + repo = "zig-minisign"; + rev = "47edc26d0c7bcfb531fe08e3b2411d8dda516d47"; + hash = "sha256-zyxjUFxg+VufEVycYGCQPdjERE3p5Vz5iIi2UDujEjI="; + }; + + nativeBuildInputs = [ + zig_0_11.hook + ]; + + meta = with lib; { + description = "Minisign reimplemented in Zig"; + homepage = "https://github.com/jedisct1/zig-minisign"; + license = licenses.isc; + maintainers = with maintainers; [ figsoda ]; + mainProgram = "minizign"; + inherit (zig_0_11.meta) platforms; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mitm6/default.nix b/nixpkgs/pkgs/tools/security/mitm6/default.nix new file mode 100644 index 000000000000..a7587330e7b9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mitm6/default.nix @@ -0,0 +1,36 @@ +{ lib +, fetchPypi +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "mitm6"; + version = "0.3.0"; + format = "setuptools"; + + src = fetchPypi { + inherit pname version; + hash = "sha256-g+eFcJdgP7CQ6ntN17guJa4LdkGIb91mr/NKRPIukP8="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + scapy + future + twisted + netifaces + ]; + + # No tests exist for mitm6. + doCheck = false; + + pythonImportsCheck = [ + "mitm6" + ]; + + meta = { + description = "DHCPv6 network spoofing application"; + homepage = "https://github.com/dirkjanm/mitm6"; + license = lib.licenses.gpl2Only; + maintainers = with lib.maintainers; [ arcayr ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mitmproxy2swagger/default.nix b/nixpkgs/pkgs/tools/security/mitmproxy2swagger/default.nix new file mode 100644 index 000000000000..053824c3bd3b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mitmproxy2swagger/default.nix @@ -0,0 +1,42 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "mitmproxy2swagger"; + version = "0.10.1"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "alufers"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-vWeMAtNyxYpuVlxav0ibTMoTKwLCNRFJpFKG3bIatTQ="; + }; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + json-stream + mitmproxy + ruamel-yaml + ]; + + # No tests available + doCheck = false; + + pythonImportsCheck = [ + "mitmproxy2swagger" + ]; + + meta = with lib; { + description = "Tool to automagically reverse-engineer REST APIs"; + homepage = "https://github.com/alufers/mitmproxy2swagger"; + changelog = "https://github.com/alufers/mitmproxy2swagger/releases/tag/${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mkp224o/default.nix b/nixpkgs/pkgs/tools/security/mkp224o/default.nix new file mode 100644 index 000000000000..2ac4304d6d2e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mkp224o/default.nix @@ -0,0 +1,47 @@ +{ stdenv, lib, fetchFromGitHub, autoreconfHook, libsodium }: + +stdenv.mkDerivation rec { + pname = "mkp224o"; + version = "1.6.1"; + + src = fetchFromGitHub { + owner = "cathugger"; + repo = "mkp224o"; + rev = "v${version}"; + sha256 = "sha256-+TJ137DmgaFZX+/N6VwXJwfVCoTWtC8NqfXfYJC8UHo="; + }; + + buildCommand = + let + # compile few variants with different implementation of crypto + # the fastest depends on a particular cpu + variants = [ + { suffix = "ref10"; configureFlags = ["--enable-ref10"]; } + { suffix = "donna"; configureFlags = ["--enable-donna"]; } + ] ++ lib.optionals stdenv.hostPlatform.isx86 [ + { suffix = "donna-sse2"; configureFlags = ["--enable-donna-sse2"]; } + ] ++ lib.optionals (!stdenv.isDarwin && stdenv.isx86_64) [ + { suffix = "amd64-51-30k"; configureFlags = ["--enable-amd64-51-30k"]; } + { suffix = "amd64-64-24k"; configureFlags = ["--enable-amd64-64-24k"]; } + ]; + in + lib.concatMapStrings ({suffix, configureFlags}: '' + install -D ${ + stdenv.mkDerivation { + name = "mkp224o-${suffix}-${version}"; + inherit version src configureFlags; + nativeBuildInputs = [ autoreconfHook ]; + buildInputs = [ libsodium ]; + installPhase = "install -D mkp224o $out"; + } + } $out/bin/mkp224o-${suffix} + '') variants; + + meta = with lib; { + description = "Vanity address generator for tor onion v3 (ed25519) hidden services"; + homepage = "http://cathug2kyi4ilneggumrenayhuhsvrgn6qv2y47bgeet42iivkpynqad.onion/"; + license = licenses.cc0; + platforms = platforms.unix; + maintainers = with maintainers; [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mkpasswd/default.nix b/nixpkgs/pkgs/tools/security/mkpasswd/default.nix new file mode 100644 index 000000000000..38c26a93b4e3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mkpasswd/default.nix @@ -0,0 +1,21 @@ +{ lib, stdenv, whois, libxcrypt, perl, pkg-config }: + +stdenv.mkDerivation { + pname = "mkpasswd"; + inherit (whois) version src; + + nativeBuildInputs = [ perl pkg-config ]; + buildInputs = [ libxcrypt ]; + + inherit (whois) preConfigure; + buildPhase = "make mkpasswd"; + installPhase = "make install-mkpasswd"; + + meta = with lib; { + homepage = "https://packages.qa.debian.org/w/whois.html"; + description = "Overfeatured front-end to crypt, from the Debian whois package"; + license = licenses.gpl2; + maintainers = with maintainers; [ fpletz ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mkrand/default.nix b/nixpkgs/pkgs/tools/security/mkrand/default.nix new file mode 100644 index 000000000000..21c9586cd6c3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mkrand/default.nix @@ -0,0 +1,21 @@ +{ lib, stdenv, fetchurl }: + +stdenv.mkDerivation rec { + pname = "mkrand"; + version = "0.1.0"; + + src = fetchurl { + url = "https://github.com/mknight-tag/MKRAND/releases/download/v${version}/mkrand-${version}.tar.gz"; + sha256 = "1irwyv2j5c3606k3qbq77yrd65y27rcq3jdlp295rz875q8iq9fs"; + }; + + doCheck = true; + + meta = { + description = "A Digital Random Bit Generator"; + longDescription = "MKRAND is a utility for generating random information."; + homepage = "https://github.com/mknight-tag/MKRAND/"; + license = lib.licenses.mit; + platforms = lib.platforms.all; + }; + } diff --git a/nixpkgs/pkgs/tools/security/mktemp/default.nix b/nixpkgs/pkgs/tools/security/mktemp/default.nix new file mode 100644 index 000000000000..5010780800de --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mktemp/default.nix @@ -0,0 +1,42 @@ +{ lib +, stdenv +, fetchurl +, fetchpatch +, groff +}: + +stdenv.mkDerivation rec { + pname = "mktemp"; + version = "1.7"; + + # Have `configure' avoid `/usr/bin/nroff' in non-chroot builds. + NROFF = "${groff}/bin/nroff"; + + patches = [ + # Pull upstream fix for parallel install failures. + (fetchpatch { + name = "parallel-install.patch"; + url = "https://www.mktemp.org/repos/mktemp/raw-rev/eb87d96ce8b7"; + hash = "sha256-cJ/0pFj8tOkByUwhlMwLNSQgTHyAU8svEkjKWWwsNmY="; + }) + ]; + + # Don't use "install -s" + postPatch = '' + substituteInPlace Makefile.in --replace " 0555 -s " " 0555 " + ''; + + src = fetchurl { + url = "ftp://ftp.mktemp.org/pub/mktemp/mktemp-${version}.tar.gz"; + sha256 = "0x969152znxxjbj7387xb38waslr4yv6bnj5jmhb4rpqxphvk54f"; + }; + + enableParallelBuilding = true; + + meta = with lib; { + description = "Simple tool to make temporary file handling in shells scripts safe and simple"; + homepage = "https://www.mktemp.org"; + license = licenses.isc; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/modsecurity-crs/default.nix b/nixpkgs/pkgs/tools/security/modsecurity-crs/default.nix new file mode 100644 index 000000000000..16e21577f78e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/modsecurity-crs/default.nix @@ -0,0 +1,42 @@ +{ lib, stdenv, fetchFromGitHub }: + +stdenv.mkDerivation rec { + version = "3.3.4"; + pname = "modsecurity-crs"; + + src = fetchFromGitHub { + owner = "coreruleset"; + repo = "coreruleset"; + rev = "v${version}"; + sha256 = "sha256-WDJW4K85YdHrw9cys3LrnZUoTxc0WhiuCW6CiC1cAbk="; + }; + + installPhase = '' + install -D -m444 -t $out/rules ${src}/rules/*.conf + install -D -m444 -t $out/rules ${src}/rules/*.data + install -D -m444 -t $out/share/doc/modsecurity-crs ${src}/*.md + install -D -m444 -t $out/share/doc/modsecurity-crs ${src}/{CHANGES,INSTALL,LICENSE} + install -D -m444 -t $out/share/modsecurity-crs ${src}/rules/*.example + install -D -m444 -t $out/share/modsecurity-crs ${src}/crs-setup.conf.example + cat > $out/share/modsecurity-crs/modsecurity-crs.load.example <<EOF + ## + ## This is a sample file for loading OWASP CRS's rules. + ## + Include /etc/modsecurity/crs/crs-setup.conf + IncludeOptional /etc/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf + Include $out/rules/*.conf + IncludeOptional /etc/modsecurity/crs/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf + EOF + ''; + + meta = with lib; { + homepage = "https://coreruleset.org"; + description = '' + The OWASP ModSecurity Core Rule Set is a set of generic attack detection + rules for use with ModSecurity or compatible web application firewalls. + ''; + license = licenses.asl20; + platforms = platforms.all; + maintainers = with maintainers; [ izorkin ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/modsecurity/Makefile.am.patch b/nixpkgs/pkgs/tools/security/modsecurity/Makefile.am.patch new file mode 100644 index 000000000000..6f2e2ed36454 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/modsecurity/Makefile.am.patch @@ -0,0 +1,17 @@ +--- a/apache2/Makefile.am ++++ b/apache2/Makefile.am +@@ -179,7 +179,6 @@ install-exec-hook: $(pkglib_LTLIBRARIES) + for m in $(pkglib_LTLIBRARIES); do \ + base=`echo $$m | sed 's/\..*//'`; \ + rm -f $(DESTDIR)$(pkglibdir)/$$base.*a; \ +- install -D -m444 $(DESTDIR)$(pkglibdir)/$$base.so $(DESTDIR)$(APXS_MODULES)/$$base.so; \ + done + else + install-exec-hook: $(pkglib_LTLIBRARIES) +@@ -187,6 +186,5 @@ install-exec-hook: $(pkglib_LTLIBRARIES) + for m in $(pkglib_LTLIBRARIES); do \ + base=`echo $$m | sed 's/\..*//'`; \ + rm -f $(DESTDIR)$(pkglibdir)/$$base.*a; \ +- cp -p $(DESTDIR)$(pkglibdir)/$$base.so $(DESTDIR)$(APXS_MODULES); \ + done + endif diff --git a/nixpkgs/pkgs/tools/security/modsecurity/default.nix b/nixpkgs/pkgs/tools/security/modsecurity/default.nix new file mode 100644 index 000000000000..f8564bfe00f1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/modsecurity/default.nix @@ -0,0 +1,57 @@ +{ stdenv, lib, fetchFromGitHub, pkg-config, autoreconfHook +, curl, apacheHttpd, pcre, apr, aprutil, libxml2 +, luaSupport ? false, lua5, perl +}: + +let luaValue = if luaSupport then lua5 else "no"; + optional = lib.optional; +in + +stdenv.mkDerivation rec { + pname = "modsecurity"; + version = "2.9.7"; + + src = fetchFromGitHub { + owner = "SpiderLabs"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-hJ8wYeC83dl85bkUXGZKHpHzw9QRgtusj1/+Coxsx0k="; + }; + + nativeBuildInputs = [ pkg-config autoreconfHook ]; + buildInputs = [ curl apacheHttpd pcre apr aprutil libxml2 ] ++ + optional luaSupport lua5; + + configureFlags = [ + "--enable-standalone-module" + "--enable-static" + "--with-curl=${curl.dev}" + "--with-apxs=${apacheHttpd.dev}/bin/apxs" + "--with-pcre=${pcre.dev}" + "--with-apr=${apr.dev}" + "--with-apu=${aprutil.dev}/bin/apu-1-config" + "--with-libxml=${libxml2.dev}" + "--with-lua=${luaValue}" + ]; + + outputs = ["out" "nginx"]; + # by default modsecurity's install script copies compiled output to httpd's modules folder + # this patch removes those lines + patches = [ ./Makefile.am.patch ]; + + doCheck = true; + nativeCheckInputs = [ perl ]; + + postInstall = '' + mkdir -p $nginx + cp -R * $nginx + ''; + + meta = with lib; { + description = "Open source, cross-platform web application firewall (WAF)"; + license = licenses.asl20; + homepage = "https://www.modsecurity.org/"; + maintainers = with maintainers; [offline]; + platforms = lib.platforms.linux ++ lib.platforms.darwin; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mokutil/default.nix b/nixpkgs/pkgs/tools/security/mokutil/default.nix new file mode 100644 index 000000000000..5a597b73a7ce --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mokutil/default.nix @@ -0,0 +1,42 @@ +{ stdenv +, lib +, fetchFromGitHub +, autoreconfHook +, pkg-config +, openssl +, efivar +, keyutils +, libxcrypt +}: + +stdenv.mkDerivation rec { + pname = "mokutil"; + version = "0.6.0"; + + src = fetchFromGitHub { + owner = "lcp"; + repo = pname; + rev = version; + sha256 = "sha256-qwSEv14mMpaKmm6RM882JzEnBQG3loqsoglg4qTFWUg="; + }; + + nativeBuildInputs = [ + autoreconfHook + pkg-config + ]; + + buildInputs = [ + openssl + efivar + keyutils + libxcrypt + ]; + + meta = with lib; { + homepage = "https://github.com/lcp/mokutil"; + description = "Utility to manipulate machines owner keys"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ nickcao ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mongoaudit/default.nix b/nixpkgs/pkgs/tools/security/mongoaudit/default.nix new file mode 100644 index 000000000000..3ba19256ec34 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mongoaudit/default.nix @@ -0,0 +1,39 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "mongoaudit"; + version = "0.1.1"; + + disabled = python3.pythonOlder "3.8"; + + src = fetchFromGitHub { + owner = "stampery"; + repo = pname; + rev = version; + sha256 = "17k4vw5d3kr961axl49ywid4cf3n7zxvm885c4lv15w7s2al1425"; + }; + + propagatedBuildInputs = with python3.pkgs; [ + pymongo + setuptools + urwid + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "mongoaudit" + ]; + + meta = with lib; { + description = "MongoDB auditing and pentesting tool"; + homepage = "https://github.com/stampery/mongoaudit"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/monkeysphere/default.nix b/nixpkgs/pkgs/tools/security/monkeysphere/default.nix new file mode 100644 index 000000000000..bc267a9a7703 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/monkeysphere/default.nix @@ -0,0 +1,103 @@ +{ lib, stdenv, fetchurl, makeWrapper +, perl, libassuan, libgcrypt +, perlPackages, lockfileProgs, gnupg, coreutils +# For the tests: +, openssh, which, socat, cpio, hexdump, procps, openssl +}: + +let + # A patch is needed to run the tests inside the Nix sandbox: + # /etc/passwd: "nixbld:x:1000:100:Nix build user:/build:/noshell" + # sshd: "User nixbld not allowed because shell /noshell does not exist" + opensshUnsafe = openssh.overrideAttrs (oldAttrs: { + patches = oldAttrs.patches ++ [ ./openssh-nixos-sandbox.patch ]; + }); +in stdenv.mkDerivation rec { + pname = "monkeysphere"; + version = "0.44"; + + # The patched OpenSSH binary MUST NOT be used (except in the check phase): + disallowedRequisites = [ opensshUnsafe ]; + + src = fetchurl { + url = "http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_${version}.orig.tar.gz"; + sha256 = "1ah7hy8r9gj96pni8azzjb85454qky5l17m3pqn37854l6grgika"; + }; + + patches = [ ./monkeysphere.patch ]; + + postPatch = '' + sed -i "s,/usr/bin/env,${coreutils}/bin/env," src/share/ma/update_users + ''; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ perl libassuan libgcrypt ] + ++ lib.optional doCheck + ([ gnupg opensshUnsafe which socat cpio hexdump procps lockfileProgs ] ++ + (with perlPackages; [ CryptOpenSSLRSA CryptOpenSSLBignum ])); + + makeFlags = [ + "PREFIX=/" + "DESTDIR=$(out)" + ]; + + # The tests should be run (and succeed) when making changes to this package + # but they aren't enabled by default because they "drain" entropy (GnuPG + # still uses /dev/random). + doCheck = false; + preCheck = lib.optionalString doCheck '' + patchShebangs tests/ + patchShebangs src/ + sed -i \ + -e "s,/usr/sbin/sshd,${opensshUnsafe}/bin/sshd," \ + -e "s,/bin/true,${coreutils}/bin/true," \ + -e "s,/bin/false,${coreutils}/bin/false," \ + -e "s,openssl\ req,${openssl}/bin/openssl req," \ + tests/basic + sed -i "s/<(hd/<(hexdump/" tests/keytrans + ''; + + postFixup = + let wrapperArgs = runtimeDeps: + "--prefix PERL5LIB : " + + (with perlPackages; makePerlPath [ # Optional (only required for keytrans) + CryptOpenSSLRSA + CryptOpenSSLBignum + ]) + + lib.optionalString + (builtins.length runtimeDeps > 0) + " --prefix PATH : ${lib.makeBinPath runtimeDeps}"; + wrapMonkeysphere = runtimeDeps: program: + "wrapProgram $out/bin/${program} ${wrapperArgs runtimeDeps}\n"; + wrapPrograms = runtimeDeps: programs: lib.concatMapStrings + (wrapMonkeysphere runtimeDeps) + programs; + in wrapPrograms [ gnupg ] [ "monkeysphere-authentication" "monkeysphere-host" ] + + wrapPrograms [ gnupg lockfileProgs ] [ "monkeysphere" ] + + '' + # These 4 programs depend on the program name ($0): + for program in openpgp2pem openpgp2spki openpgp2ssh pem2openpgp; do + rm $out/bin/$program + ln -sf keytrans $out/share/monkeysphere/$program + makeWrapper $out/share/monkeysphere/$program $out/bin/$program \ + ${wrapperArgs [ ]} + done + ''; + + meta = with lib; { + homepage = "http://web.monkeysphere.info/"; + description = "Leverage the OpenPGP web of trust for SSH and TLS authentication"; + longDescription = '' + The Monkeysphere project's goal is to extend OpenPGP's web of + trust to new areas of the Internet to help us securely identify + servers we connect to, as well as each other while we work online. + The suite of Monkeysphere utilities provides a framework to + transparently leverage the web of trust for authentication of + TLS/SSL communications through the normal use of tools you are + familiar with, such as your web browser0 or secure shell. + ''; + license = licenses.gpl3Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ primeos ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/monkeysphere/monkeysphere.patch b/nixpkgs/pkgs/tools/security/monkeysphere/monkeysphere.patch new file mode 100644 index 000000000000..8cdd85017b93 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/monkeysphere/monkeysphere.patch @@ -0,0 +1,23 @@ +diff --git a/Makefile b/Makefile +--- a/Makefile ++++ b/Makefile +@@ -52,7 +52,7 @@ clean: + replaced/%: % + mkdir -p $(dir $@) + sed < $< > $@ \ +- -e 's:__SYSSHAREDIR_PREFIX__:$(PREFIX):' \ ++ -e 's:__SYSSHAREDIR_PREFIX__:$(DESTDIR):' \ + -e 's:__SYSCONFDIR_PREFIX__:$(ETCPREFIX):' \ + -e 's:__SYSDATADIR_PREFIX__:$(LOCALSTATEDIR):' + +diff --git a/src/share/keytrans b/src/share/keytrans +--- a/src/share/keytrans ++++ b/src/share/keytrans +@@ -1,4 +1,4 @@ +-#!/usr/bin/perl -T ++#!/usr/bin/perl + + # keytrans: this is an RSA key translation utility; it is capable of + # transforming RSA keys (both public keys and secret keys) between +-- +2.16.3 diff --git a/nixpkgs/pkgs/tools/security/monkeysphere/openssh-nixos-sandbox.patch b/nixpkgs/pkgs/tools/security/monkeysphere/openssh-nixos-sandbox.patch new file mode 100644 index 000000000000..2a9a1fc8dfa9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/monkeysphere/openssh-nixos-sandbox.patch @@ -0,0 +1,17 @@ +diff --git a/auth.c b/auth.c +index d2a8cd65..811a129f 100644 +--- a/auth.c ++++ b/auth.c +@@ -580,6 +580,12 @@ getpwnamallow(const char *user) + #endif + + pw = getpwnam(user); ++ if (pw != NULL) { ++ // This is only for testing purposes, ++ // DO NOT USE THIS PATCH IN PRODUCTION! ++ char *shell = "/bin/sh"; ++ pw->pw_shell = shell; ++ } + + #if defined(_AIX) && defined(HAVE_SETAUTHDB) + aix_restoreauthdb(); diff --git a/nixpkgs/pkgs/tools/security/monsoon/default.nix b/nixpkgs/pkgs/tools/security/monsoon/default.nix new file mode 100644 index 000000000000..8ac0c834ee03 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/monsoon/default.nix @@ -0,0 +1,34 @@ +{ lib +, stdenv +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "monsoon"; + version = "0.8.0"; + + src = fetchFromGitHub { + owner = "RedTeamPentesting"; + repo = "monsoon"; + rev = "refs/tags/v${version}"; + hash = "sha256-7cfy8dYhiReFVz10wui3qqxlXOX7wheREkvSnj2KyOw="; + }; + + vendorHash = "sha256-SZDX61iPwT/mfxJ+n2nlvzgEvUu6h3wVkmeqZtxQ9KE="; + + # Tests fails on darwin + doCheck = !stdenv.isDarwin; + + meta = with lib; { + description = "Fast HTTP enumerator"; + longDescription = '' + A fast HTTP enumerator that allows you to execute a large number of HTTP + requests, filter the responses and display them in real-time. + ''; + homepage = "https://github.com/RedTeamPentesting/monsoon"; + changelog = "https://github.com/RedTeamPentesting/monsoon/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mpw/default.nix b/nixpkgs/pkgs/tools/security/mpw/default.nix new file mode 100644 index 000000000000..8d6f7f4f3b1d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mpw/default.nix @@ -0,0 +1,64 @@ +{ lib, stdenv, cmake, fetchFromGitLab +, json_c, libsodium, libxml2, ncurses }: + +let + rev = "22796663dcad81684ab24308d9db570f6781ba2c"; + +in stdenv.mkDerivation rec { + name = "mpw-${version}-${builtins.substring 0 8 rev}"; + version = "2.6"; + + src = fetchFromGitLab { + owner = "MasterPassword"; + repo = "MasterPassword"; + sha256 = "1f2vqacgbyam1mazawrfim8zwp38gnwf5v3xkkficsfnv789g6fw"; + inherit rev; + }; + + sourceRoot = "${src.name}/platform-independent/c/cli"; + + postPatch = '' + rm build + substituteInPlace mpw-cli-tests \ + --replace '/usr/bin/env bash' ${stdenv.shell} \ + --replace ./mpw ./build/mpw + ''; + + cmakeFlags = [ + "-Dmpw_version=${version}" + "-DBUILD_MPW_TESTS=ON" + ]; + + nativeBuildInputs = [ cmake ]; + + buildInputs = [ json_c libxml2 libsodium ncurses ]; + + installPhase = '' + runHook preInstall + + install -Dm755 mpw $out/bin/mpw + install -Dm644 ../mpw.completion.bash $out/share/bash-completion/completions/_mpw + install -Dm644 ../../../../README.md $out/share/doc/mpw/README.md + + runHook postInstall + ''; + + # Some tests are expected to fail on ARM64 + # See: https://gitlab.com/spectre.app/cli/-/issues/27#note_962950844 (mpw is a predecessor to spectre-cli and this issue is relevant to mpw as well) + doCheck = !(stdenv.isLinux && stdenv.isAarch64); + + checkPhase = '' + runHook preCheck + + ../mpw-cli-tests + + runHook postCheck + ''; + + meta = with lib; { + description = "A stateless password management solution"; + homepage = "https://masterpasswordapp.com/"; + license = licenses.gpl3; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/msfpc/default.nix b/nixpkgs/pkgs/tools/security/msfpc/default.nix new file mode 100644 index 000000000000..428611181410 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/msfpc/default.nix @@ -0,0 +1,38 @@ +{ lib, stdenv, fetchFromGitHub, makeWrapper, metasploit, curl, inetutils, openssl }: + +stdenv.mkDerivation rec { + pname = "msfpc"; + version = "1.4.5"; + + src = fetchFromGitHub { + owner = "g0tmi1k"; + repo = pname; + rev = "v${version}"; + sha256 = "UIdE0oSaNu16pf+M96x8AnNju88hdzokv86wm8uBYDQ="; + }; + + nativeBuildInputs = [ + makeWrapper + ]; + + installPhase = '' + runHook preInstall + + install -Dm755 msfpc.sh $out/bin/msfpc + + runHook postInstall + ''; + + postFixup = '' + wrapProgram $out/bin/msfpc \ + --prefix PATH : "${lib.makeBinPath [ metasploit curl inetutils openssl ]}" + ''; + + meta = with lib; { + description = "MSFvenom Payload Creator"; + homepage = "https://github.com/g0tmi1k/msfpc"; + license = licenses.mit; + maintainers = with maintainers; [ emilytrau ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/msldapdump/default.nix b/nixpkgs/pkgs/tools/security/msldapdump/default.nix new file mode 100644 index 000000000000..cf232c3df697 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/msldapdump/default.nix @@ -0,0 +1,46 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "msldapdump"; + version = "unstable-2023-06-12"; + format = "other"; + + src = fetchFromGitHub { + owner = "dievus"; + repo = "msLDAPDump"; + rev = "bdffe66be20ff844f55f69fd6d842d7f75f66f2d"; + hash = "sha256-qH4AaebrTKYxxjXawllxgiG9fVm03zmTRv/HAyNpewg="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + colorama + ldap3 + ]; + + dontBuild = true; + + installPhase = '' + runHook preInstall + + install -vD msLDAPDump.py $out/bin/msLDAPDump.py + + makeWrapper ${python3.interpreter} $out/bin/msldapdump \ + --set PYTHONPATH "$PYTHONPATH:$out/bin/msLDAPDump.py" \ + --add-flags "-O $out/bin/msLDAPDump.py" + + runHook postInstall + ''; + + # Project has no tests + doCheck = false; + + meta = with lib; { + description = "LDAP enumeration tool"; + homepage = "https://github.com/dievus/msLDAPDump"; + license = licenses.agpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/munge/default.nix b/nixpkgs/pkgs/tools/security/munge/default.nix new file mode 100644 index 000000000000..fcf9026f215c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/munge/default.nix @@ -0,0 +1,42 @@ +{ lib, stdenv, fetchFromGitHub, autoreconfHook, libgcrypt, zlib, bzip2 }: + +stdenv.mkDerivation rec { + pname = "munge"; + version = "0.5.15"; + + src = fetchFromGitHub { + owner = "dun"; + repo = "munge"; + rev = "${pname}-${version}"; + sha256 = "sha256-Ot/oH/RdfPAzoi3P7EYkxS0Fr24KRWfBJxBEWRF0ctI="; + }; + + strictDeps = true; + nativeBuildInputs = [ + autoreconfHook + libgcrypt # provides libgcrypt.m4 + ]; + buildInputs = [ libgcrypt zlib bzip2 ]; + + preAutoreconf = '' + # Remove the install-data stuff, since it tries to write to /var + substituteInPlace src/Makefile.am --replace "etc \\" "\\" + ''; + + configureFlags = [ + "--localstatedir=/var" + "--with-libgcrypt-prefix=${libgcrypt.dev}" + # workaround for cross compilation: https://github.com/dun/munge/issues/103 + "ac_cv_file__dev_spx=no" + "x_ac_cv_check_fifo_recvfd=no" + ]; + + meta = with lib; { + description = '' + An authentication service for creating and validating credentials + ''; + license = licenses.lgpl3; + platforms = platforms.unix; + maintainers = [ maintainers.rickynils ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/mx-takeover/default.nix b/nixpkgs/pkgs/tools/security/mx-takeover/default.nix new file mode 100644 index 000000000000..88ef8fbf3ed0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/mx-takeover/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "mx-takeover"; + version = "0.1.1"; + + src = fetchFromGitHub { + owner = "musana"; + repo = "mx-takeover"; + rev = "refs/tags/v${version}"; + hash = "sha256-yDQd2FEVFFsUu3wKxp26VDhGjnuXmAtxpWoKjV6ZrHA="; + }; + + vendorHash = "sha256-mJ8pVsgRM6lhEa8jtCxFhavkf7XFlBqEN9l1r0/GTvM="; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "Tool to work with DNS MX records"; + homepage = "https://github.com/musana/mx-takeover"; + changelog = "https://github.com/musana/mx-takeover/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/naabu/default.nix b/nixpkgs/pkgs/tools/security/naabu/default.nix new file mode 100644 index 000000000000..9715e756a96e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/naabu/default.nix @@ -0,0 +1,43 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, libpcap +}: + +buildGoModule rec { + pname = "naabu"; + version = "2.1.9"; + + src = fetchFromGitHub { + owner = "projectdiscovery"; + repo = "naabu"; + rev = "refs/tags/v${version}"; + hash = "sha256-MxIAWVcMiLLmddvyjPNprJWseOw+9ZEYV+LSMeH2Igo="; + }; + + vendorHash = "sha256-4lTik5POzK4aE3c1gGi3NuefEdbMdTLvJIkvTRSPraI="; + + buildInputs = [ + libpcap + ]; + + modRoot = "./v2"; + + subPackages = [ + "cmd/naabu/" + ]; + + meta = with lib; { + description = "Fast SYN/CONNECT port scanner"; + longDescription = '' + Naabu is a port scanning tool written in Go that allows you to enumerate + valid ports for hosts in a fast and reliable manner. It is a really simple + tool that does fast SYN/CONNECT scans on the host/list of hosts and lists + all ports that return a reply. + ''; + homepage = "https://github.com/projectdiscovery/naabu"; + changelog = "https://github.com/projectdiscovery/naabu/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/nasty/default.nix b/nixpkgs/pkgs/tools/security/nasty/default.nix new file mode 100644 index 000000000000..b3b19c9268bf --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nasty/default.nix @@ -0,0 +1,36 @@ +{ lib, stdenv, fetchurl, gpgme }: + +stdenv.mkDerivation rec { + pname = "nasty"; + version = "0.6"; + + src = fetchurl { + url = "https://www.vanheusden.com/nasty/${pname}-${version}.tgz"; + sha256 = "1dznlxr728k1pgy1kwmlm7ivyl3j3rlvkmq34qpwbwbj8rnja1vn"; + }; + + # does not apply cleanly with patchPhase/fetchpatch + # https://sources.debian.net/src/nasty/0.6-3/debian/patches/02_add_largefile_support.patch + CFLAGS = "-D_FILE_OFFSET_BITS=64"; + + buildInputs = [ gpgme ]; + + installPhase = '' + mkdir -p $out/bin + cp nasty $out/bin + ''; + + meta = with lib; { + description = "Recover the passphrase of your PGP or GPG-key"; + longDescription = '' + Nasty is a program that helps you to recover the passphrase of your PGP or GPG-key + in case you forget or lost it. It is mostly a proof-of-concept: with a different implementation + this program could be at least 100x faster. + ''; + homepage = "http://www.vanheusden.com/nasty/"; + license = licenses.gpl2; + maintainers = with maintainers; [ davidak ]; + platforms = platforms.unix; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/nbtscanner/Cargo.lock.patch b/nixpkgs/pkgs/tools/security/nbtscanner/Cargo.lock.patch new file mode 100644 index 000000000000..7ca50b7b4a11 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nbtscanner/Cargo.lock.patch @@ -0,0 +1,176 @@ +diff --git a/Cargo.lock b/Cargo.lock +index 9b32d00..9767c48 100644 +--- a/Cargo.lock ++++ b/Cargo.lock +@@ -1,39 +1,44 @@ + # This file is automatically @generated by Cargo. + # It is not intended for manual editing. ++version = 3 ++ + [[package]] + name = "ansi_term" +-version = "0.10.2" ++version = "0.12.1" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "6b3568b48b7cefa6b8ce125f9bb4989e52fbcc29ebea88df04cc7c5f12f70455" ++checksum = "d52a9bb7ec0cf484c551830a7ce27bd20d67eac647e1befb56b0be4ee39a55d2" ++dependencies = [ ++ "winapi", ++] + + [[package]] + name = "assert_matches" +-version = "1.1.0" ++version = "1.5.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "9e772942dccdf11b368c31e044e4fca9189f80a773d2f0808379de65894cbf57" ++checksum = "9b34d609dfbaf33d6889b2b7106d3ca345eacad44200913df5ba02bfd31d2ba9" + + [[package]] + name = "atty" +-version = "0.2.6" ++version = "0.2.14" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "8352656fd42c30a0c3c89d26dea01e3b77c0ab2af18230835c15e2e13cd51859" ++checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" + dependencies = [ ++ "hermit-abi", + "libc", +- "termion", + "winapi", + ] + + [[package]] + name = "bitflags" +-version = "1.0.1" ++version = "1.3.2" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "b3c30d3802dfb7281680d6285f2ccdaa8c2d8fee41f93805dba5c4cf50dc23cf" ++checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + + [[package]] + name = "clap" +-version = "2.29.1" ++version = "2.34.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "8f4a2b3bb7ef3c672d7c13d15613211d5a6976b6892c598b0fcb5d40765f19c2" ++checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c" + dependencies = [ + "ansi_term", + "atty", +@@ -45,77 +50,60 @@ dependencies = [ + ] + + [[package]] +-name = "libc" +-version = "0.2.36" ++name = "hermit-abi" ++version = "0.1.19" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "1e5d97d6708edaa407429faa671b942dc0f2727222fb6b6539bf1db936e4b121" +- +-[[package]] +-name = "nbtscanner" +-version = "0.0.1" ++checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33" + dependencies = [ +- "assert_matches", +- "clap", ++ "libc", + ] + + [[package]] +-name = "redox_syscall" +-version = "0.1.37" ++name = "libc" ++version = "0.2.147" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "0d92eecebad22b767915e4d529f89f28ee96dbbf5a4810d2b844373f136417fd" ++checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" + + [[package]] +-name = "redox_termios" +-version = "0.1.1" +-source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "7e891cfe48e9100a70a3b6eb652fef28920c117d366339687bd5576160db0f76" ++name = "nbtscanner" ++version = "0.0.2" + dependencies = [ +- "redox_syscall", ++ "assert_matches", ++ "clap", + ] + + [[package]] + name = "strsim" +-version = "0.6.0" +-source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "b4d15c810519a91cf877e7e36e63fe068815c678181439f2f29e2562147c3694" +- +-[[package]] +-name = "termion" +-version = "1.5.1" ++version = "0.8.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "689a3bdfaab439fd92bc87df5c4c78417d3cbe537487274e9b0b2dce76e92096" +-dependencies = [ +- "libc", +- "redox_syscall", +- "redox_termios", +-] ++checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a" + + [[package]] + name = "textwrap" +-version = "0.9.0" ++version = "0.11.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "c0b59b6b4b44d867f1370ef1bd91bfb262bf07bf0ae65c202ea2fbc16153b693" ++checksum = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060" + dependencies = [ + "unicode-width", + ] + + [[package]] + name = "unicode-width" +-version = "0.1.4" ++version = "0.1.10" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "bf3a113775714a22dcb774d8ea3655c53a32debae63a063acc00a91cc586245f" ++checksum = "c0edd1e5b14653f783770bce4a4dabb4a5108a5370a5f5d8cfe8710c361f6c8b" + + [[package]] + name = "vec_map" +-version = "0.8.0" ++version = "0.8.2" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "887b5b631c2ad01628bbbaa7dd4c869f80d3186688f8d0b6f58774fbe324988c" ++checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191" + + [[package]] + name = "winapi" +-version = "0.3.3" ++version = "0.3.9" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "b09fb3b6f248ea4cd42c9a65113a847d612e17505d6ebd1f7357ad68a8bf8693" ++checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" + dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +@@ -123,12 +111,12 @@ dependencies = [ + + [[package]] + name = "winapi-i686-pc-windows-gnu" +-version = "0.3.2" ++version = "0.4.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "ec6667f60c23eca65c561e63a13d81b44234c2e38a6b6c959025ee907ec614cc" ++checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + + [[package]] + name = "winapi-x86_64-pc-windows-gnu" +-version = "0.3.2" ++version = "0.4.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "98f12c52b2630cd05d2c3ffd8e008f7f48252c042b4871c72aed9dc733b96668" ++checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" diff --git a/nixpkgs/pkgs/tools/security/nbtscanner/default.nix b/nixpkgs/pkgs/tools/security/nbtscanner/default.nix new file mode 100644 index 000000000000..51e9f085164b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nbtscanner/default.nix @@ -0,0 +1,33 @@ +{ lib +, stdenv +, rustPlatform +, fetchFromGitHub +, Security +}: + +rustPlatform.buildRustPackage rec { + pname = "nbtscanner"; + version = "0.0.2"; + + src = fetchFromGitHub { + owner = "jonkgrimes"; + repo = pname; + rev = version; + hash = "sha256-lnTTutOc829COwfNhBkSK8UpiNnGsm7Da53b+eSBt1Q="; + }; + + cargoHash = "sha256-NffNQXKJ+b1w7Ar2M6UDev/AxruDEf8IGQ+mNdvU6e4="; + + cargoPatches = [ + ./Cargo.lock.patch + ]; + + buildInputs = lib.optional stdenv.isDarwin Security; + + meta = with lib; { + description = "NetBIOS scanner written in Rust"; + homepage = "https://github.com/jonkgrimes/nbtscanner"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/nbutools/default.nix b/nixpkgs/pkgs/tools/security/nbutools/default.nix new file mode 100644 index 000000000000..15401e3db258 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nbutools/default.nix @@ -0,0 +1,41 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "nbutools"; + version = "unstable-2023-06-06"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "airbus-seclab"; + repo = "nbutools"; + rev = "d82fb96d5623e7d3076cc0a1db06a640f63b9552"; + hash = "sha256-YOiFlTIDpeTFOHPU37v0pYf8s3HdaE/4pnd9qrsFtSI="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + aiodns + aiohttp + beautifulsoup4 + graphviz + jaydebeapi + jpype1 + lxml + pycryptodome + requests + scapy + tabulate + ]; + + # Project has no tests + doCheck = false; + + meta = with lib; { + description = "Tools for offensive security of NetBackup infrastructures"; + homepage = "https://github.com/airbus-seclab/nbutools"; + license = with licenses; [ gpl2Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ncrack/default.nix b/nixpkgs/pkgs/tools/security/ncrack/default.nix new file mode 100644 index 000000000000..4b0feccb412a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ncrack/default.nix @@ -0,0 +1,36 @@ +{ lib, stdenv, fetchFromGitHub, fetchpatch, openssl, zlib }: + +stdenv.mkDerivation rec { + pname = "ncrack"; + version = "0.7"; + + src = fetchFromGitHub { + owner = "nmap"; + repo = "ncrack"; + rev = version; + sha256 = "1gnv5xdd7n04glcpy7q1mkb6f8gdhdrhlrh8z6k4g2pjdhxlz26g"; + }; + + patches = [ + # Pull upstream fix for -fno-common toolchains like upstream gcc-10: + # https://github.com/nmap/ncrack/pull/83 + (fetchpatch { + name = "fno-common.patch"; + url = "https://github.com/nmap/ncrack/commit/cc4103267bab6017a4da9d41156d0c1075012eba.patch"; + sha256 = "06nlfvc7p108f8ppbcgwmj4iwmjy95xhc1sawa8c78lrx22r7gy3"; + }) + ]; + + # Our version is good; the check is bad. + configureFlags = [ "--without-zlib-version-check" ]; + + buildInputs = [ openssl zlib ]; + + meta = with lib; { + description = "Network authentication tool"; + homepage = "https://nmap.org/ncrack/"; + license = licenses.gpl2Only; + maintainers = with maintainers; [ siraben ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/networkminer/default.nix b/nixpkgs/pkgs/tools/security/networkminer/default.nix new file mode 100644 index 000000000000..6e762ef543fe --- /dev/null +++ b/nixpkgs/pkgs/tools/security/networkminer/default.nix @@ -0,0 +1,72 @@ +{ lib +, buildDotnetModule +, fetchurl +, unzip +, dos2unix +, msbuild +, mono +}: +buildDotnetModule rec { + pname = "networkminer"; + version = "2.8"; + + src = fetchurl { + # Upstream does not provide versioned releases, a mirror has been uploaded + # to archive.org + url = "https://archive.org/download/networkminer-${lib.replaceStrings ["."] ["-"] version}/NetworkMiner_${lib.replaceStrings ["."] ["-"] version}_source.zip"; + sha256 = "1n2312acq5rq0jizlcfk0crslx3wgcsd836p47nk3pnapzw0cqvv"; + }; + + nativeBuildInputs = [ unzip dos2unix msbuild ]; + + patches = [ + # Store application data in XDG_DATA_DIRS instead of trying to write to nix store + ./xdg-dirs.patch + ]; + + postPatch = '' + # Not all files have UTF-8 BOM applied consistently + find . -type f -exec dos2unix -m {} \+ + + # Embedded base64-encoded app icon in resx fails to parse. Delete it + sed -zi 's|<data name="$this.Icon".*</data>||g' NetworkMiner/NamedPipeForm.resx + sed -zi 's|<data name="$this.Icon".*</data>||g' NetworkMiner/UpdateCheck.resx + ''; + + nugetDeps = ./deps.nix; + + buildPhase = '' + runHook preBuild + + msbuild /p:Configuration=Release NetworkMiner.sln + + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + + mkdir -p $out/bin $out/share + cp -r NetworkMiner/bin/Release $out/share/NetworkMiner + makeWrapper ${mono}/bin/mono $out/bin/NetworkMiner \ + --add-flags "$out/share/NetworkMiner/NetworkMiner.exe" \ + --add-flags "--noupdatecheck" + + install -D NetworkMiner/NetworkMiner.desktop $out/share/applications/NetworkMiner.desktop + substituteInPlace $out/share/applications/NetworkMiner.desktop \ + --replace "Exec=mono NetworkMiner.exe %f" "Exec=NetworkMiner" \ + --replace "Icon=./networkminericon-96x96.png" "Icon=NetworkMiner" + install -D NetworkMiner/networkminericon-96x96.png $out/share/pixmaps/NetworkMiner.png + + runHook postInstall + ''; + + meta = with lib; { + description = "The Open Source Network Forensic Analysis Tool (NFAT)"; + homepage = "https://www.netresec.com/?page=NetworkMiner"; + license = licenses.gpl2Only; + maintainers = with maintainers; [ emilytrau ]; + platforms = platforms.linux; + mainProgram = "NetworkMiner"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/networkminer/deps.nix b/nixpkgs/pkgs/tools/security/networkminer/deps.nix new file mode 100644 index 000000000000..196ca32bf1ea --- /dev/null +++ b/nixpkgs/pkgs/tools/security/networkminer/deps.nix @@ -0,0 +1,8 @@ +# This file was automatically generated by passthru.fetch-deps. +# Please dont edit it manually, your changes might get overwritten! + +{ fetchNuGet }: [ + (fetchNuGet { pname = "Microsoft.NETFramework.ReferenceAssemblies"; version = "1.0.2"; sha256 = "0i42rn8xmvhn08799manpym06kpw89qy9080myyy2ngy565pqh0a"; }) + (fetchNuGet { pname = "Microsoft.NETFramework.ReferenceAssemblies.net461"; version = "1.0.2"; sha256 = "0js3dp26nszx82q0phv7hmsm5z23dva7javbmk6a91lbkm07y8p2"; }) + (fetchNuGet { pname = "Microsoft.NETFramework.ReferenceAssemblies.net472"; version = "1.0.2"; sha256 = "1dny43jksy6dm9zrkdm8j80gb25w6wdvjlxnphj7ngf0fbg3dd2c"; }) +] diff --git a/nixpkgs/pkgs/tools/security/networkminer/xdg-dirs.patch b/nixpkgs/pkgs/tools/security/networkminer/xdg-dirs.patch new file mode 100644 index 000000000000..58c0745d338b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/networkminer/xdg-dirs.patch @@ -0,0 +1,174 @@ +diff --git a/NetworkMiner/NetworkMinerForm.cs b/NetworkMiner/NetworkMinerForm.cs +index 06c808b..6495b73 100644 +--- a/NetworkMiner/NetworkMinerForm.cs ++++ b/NetworkMiner/NetworkMinerForm.cs +@@ -1,4 +1,4 @@ +-// Copyright: Erik Hjelmvik, NETRESEC ++// Copyright: Erik Hjelmvik, NETRESEC + // + // NetworkMiner is free software; you can redistribute it and/or modify it + // under the terms of the GNU General Public License +@@ -419,7 +419,7 @@ namespace NetworkMiner { + } + try { + //require FileIOPermission to be PermissionState.Unrestricted +- string path = System.IO.Path.GetDirectoryName(System.Windows.Forms.Application.ExecutablePath) + System.IO.Path.DirectorySeparatorChar + PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY; ++ string path = System.IO.Path.GetDirectoryName(SharedUtils.XdgDirectories.GetOrCreateXdgDataHome()) + System.IO.Path.DirectorySeparatorChar + PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY; + System.Security.Permissions.FileIOPermission fileIOPerm = new System.Security.Permissions.FileIOPermission(System.Security.Permissions.FileIOPermissionAccess.AllAccess, path); + fileIOPerm.Demand(); + } +@@ -1023,13 +1023,13 @@ namespace NetworkMiner { + public void CreateNewPacketHandlerWrapper(System.IO.DirectoryInfo outputDirectory) { + //make sure that folders exists + try { +- System.IO.DirectoryInfo di = new System.IO.DirectoryInfo(outputDirectory.FullName + System.IO.Path.DirectorySeparatorChar + PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY); ++ System.IO.DirectoryInfo di = new System.IO.DirectoryInfo(SharedUtils.XdgDirectories.GetOrCreateXdgDataHome() + System.IO.Path.DirectorySeparatorChar + PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY); + if (!di.Exists) + di.Create(); +- di = new System.IO.DirectoryInfo(outputDirectory.FullName + System.IO.Path.DirectorySeparatorChar + PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY + System.IO.Path.DirectorySeparatorChar + "cache"); ++ di = new System.IO.DirectoryInfo(SharedUtils.XdgDirectories.GetOrCreateXdgDataHome() + System.IO.Path.DirectorySeparatorChar + PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY + System.IO.Path.DirectorySeparatorChar + "cache"); + if (!di.Exists) + di.Create(); +- di = new System.IO.DirectoryInfo(outputDirectory.FullName + System.IO.Path.DirectorySeparatorChar + "Captures"); ++ di = new System.IO.DirectoryInfo(SharedUtils.XdgDirectories.GetOrCreateXdgDataHome() + System.IO.Path.DirectorySeparatorChar + "Captures"); + if (!di.Exists) + di.Create(); + } +@@ -1962,7 +1962,7 @@ namespace NetworkMiner { + string filename = Tools.GenerateCaptureFileName(DateTime.Now); + //string filename="NM_"+DateTime.Now.ToString("s", System.Globalization.DateTimeFormatInfo.InvariantInfo).Replace(':','-')+".pcap"; + +- string fileFullPath = this.OutputDirectory.FullName + "Captures" + System.IO.Path.DirectorySeparatorChar + filename; ++ string fileFullPath = SharedUtils.XdgDirectories.GetOrCreateXdgDataHome() + System.IO.Path.DirectorySeparatorChar + "Captures" + System.IO.Path.DirectorySeparatorChar + filename; + //string fileFullPath = System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(System.Windows.Forms.Application.ExecutablePath)) + System.IO.Path.DirectorySeparatorChar + "Captures" + System.IO.Path.DirectorySeparatorChar + filename; + + //make sure to get the right datalink type +@@ -2534,7 +2534,7 @@ namespace NetworkMiner { + + if (removeCapturedFiles) { + PacketParser.FileTransfer.FileStreamAssemblerList.RemoveTempFiles(); +- string capturesDirectory = System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(System.Windows.Forms.Application.ExecutablePath)) + System.IO.Path.DirectorySeparatorChar + "Captures"; ++ string capturesDirectory = System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(SharedUtils.XdgDirectories.GetOrCreateXdgDataHome())) + System.IO.Path.DirectorySeparatorChar + "Captures"; + if (System.IO.Directory.Exists(capturesDirectory)) { + foreach (string pcapFile in System.IO.Directory.GetFiles(capturesDirectory)) + try { +@@ -2545,7 +2545,7 @@ namespace NetworkMiner { + //this.ShowAnomaly("Error deleting file \"" + pcapFile + "\"", DateTime.Now); + } + } +- capturesDirectory = this.packetHandlerWrapper.PacketHandler.OutputDirectory + "Captures"; ++ capturesDirectory = SharedUtils.XdgDirectories.GetOrCreateXdgDataHome() + System.IO.Path.DirectorySeparatorChar + "Captures"; + if (System.IO.Directory.Exists(capturesDirectory)) { + foreach (string pcapFile in System.IO.Directory.GetFiles(capturesDirectory)) + try { +@@ -2635,7 +2635,7 @@ namespace NetworkMiner { + try { + PacketParser.Utils.ByteConverter.ToByteArrayFromHexString(keyword);//to force valid hex + this.keywordListBox.Items.Add(keyword); +- //Lägg till keywordet till PacketHandler.PacketHandler!!! ++ //L�gg till keywordet till PacketHandler.PacketHandler!!! + } + catch (Exception ex) { + errorMessage = ex.Message; +@@ -2720,7 +2720,7 @@ namespace NetworkMiner { + #endregion + + private void hostSortOrderComboBox_SelectedIndexChanged(object sender, EventArgs e) { +- //HÄR SKA detailsHeader LIGGA Enabled MASSA OLIKA SORTERINGSORDNINGAR: ++ //H�R SKA detailsHeader LIGGA Enabled MASSA OLIKA SORTERINGSORDNINGAR: + //IP, HOTSNAME, SENT PACKETS, RECEIVED PACKETS, MAC ADDRESS + this.RebuildHostsTree(sender, e); + } +@@ -2754,7 +2754,7 @@ namespace NetworkMiner { + foreach (string p in paths) { + if (!p.Contains(PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY)) + return false; +- if (!this.IsSubDirectoryOf(new System.IO.DirectoryInfo(p), new System.IO.DirectoryInfo(this.packetHandlerWrapper.PacketHandler.OutputDirectory + PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY))) ++ if (!this.IsSubDirectoryOf(new System.IO.DirectoryInfo(p), new System.IO.DirectoryInfo(SharedUtils.XdgDirectories.GetOrCreateXdgDataHome() + System.IO.Path.DirectorySeparatorChar + PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY))) + return false; + } + return true; +@@ -3976,7 +3976,7 @@ finally { + } + + private void closeToolStripMenuItem_Click(object sender, EventArgs e) { +- DialogResult yesOrNo = MessageBox.Show("Would you like to delete all extracted files from:" + Environment.NewLine + this.OutputDirectory.FullName + PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY + System.IO.Path.DirectorySeparatorChar, "Delete extracted files?", MessageBoxButtons.YesNo); ++ DialogResult yesOrNo = MessageBox.Show("Would you like to delete all extracted files from:" + Environment.NewLine + SharedUtils.XdgDirectories.GetOrCreateXdgDataHome() + System.IO.Path.DirectorySeparatorChar + PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY + System.IO.Path.DirectorySeparatorChar, "Delete extracted files?", MessageBoxButtons.YesNo); + this.ResetCapturedData(false, yesOrNo == DialogResult.Yes, true); + } + +diff --git a/NetworkMiner/PcapOverIP/ReceivePcapOverTcpForm.cs b/NetworkMiner/PcapOverIP/ReceivePcapOverTcpForm.cs +index 9bae5f0..72586d4 100644 +--- a/NetworkMiner/PcapOverIP/ReceivePcapOverTcpForm.cs ++++ b/NetworkMiner/PcapOverIP/ReceivePcapOverTcpForm.cs +@@ -162,7 +162,7 @@ namespace NetworkMiner.PcapOverIP { + DateTime lastFrameTimestamp = DateTime.MinValue; + + string filename = Tools.GenerateCaptureFileName(DateTime.Now); +- string fileFullPath = this.packetHandler.OutputDirectory + "Captures" + System.IO.Path.DirectorySeparatorChar + filename; ++ string fileFullPath = SharedUtils.XdgDirectories.GetOrCreateXdgDataHome() + System.IO.Path.DirectorySeparatorChar + "Captures" + System.IO.Path.DirectorySeparatorChar + filename; + //string fileFullPath = System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(System.Windows.Forms.Application.ExecutablePath)) + System.IO.Path.DirectorySeparatorChar + "Captures" + System.IO.Path.DirectorySeparatorChar + filename; + + PcapFileWriter pcapFileWriter = new PcapFileWriter(fileFullPath, this.pcapStreamReader.FileDataLinkType[0]); +diff --git a/PacketParser/FileTransfer/FileStreamAssemblerList.cs b/PacketParser/FileTransfer/FileStreamAssemblerList.cs +index 4a6a4dd..129d48b 100644 +--- a/PacketParser/FileTransfer/FileStreamAssemblerList.cs ++++ b/PacketParser/FileTransfer/FileStreamAssemblerList.cs +@@ -191,7 +191,7 @@ namespace PacketParser.FileTransfer { + if (removeExtractedFilesFromDisk) { + //remove all files + foreach (string subDirectory in System.IO.Directory.GetDirectories(this.FileOutputDirectory)) { +- if (subDirectory == this.FileOutputDirectory + System.IO.Path.DirectorySeparatorChar + "cache") { ++ if (subDirectory == SharedUtils.XdgDirectories.GetOrCreateXdgDataHome() + System.IO.Path.DirectorySeparatorChar + "cache") { + foreach (string cacheFile in System.IO.Directory.GetFiles(subDirectory)) + try { + System.IO.File.Delete(cacheFile); +diff --git a/PacketParser/PacketHandler.cs b/PacketParser/PacketHandler.cs +index a600200..cb78071 100644 +--- a/PacketParser/PacketHandler.cs ++++ b/PacketParser/PacketHandler.cs +@@ -1,4 +1,4 @@ +-// Copyright: Erik Hjelmvik, NETRESEC ++// Copyright: Erik Hjelmvik, NETRESEC + // + // NetworkMiner is free software; you can redistribute it and/or modify it + // under the terms of the GNU General Public License +@@ -228,7 +228,7 @@ namespace PacketParser { + //this.networkTcpSessionDictionary=new Dictionary<int, NetworkTcpSession>(); + this.networkTcpSessionList=new PopularityList<int, NetworkTcpSession>(200); + this.networkTcpSessionList.PopularityLost+=new PopularityList<int, NetworkTcpSession>.PopularityLostEventHandler(networkTcpSessionList_PopularityLost); +- this.FileStreamAssemblerList = new FileTransfer.FileStreamAssemblerList(this, 100, this.OutputDirectory + PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY + System.IO.Path.DirectorySeparatorChar); ++ this.FileStreamAssemblerList = new FileTransfer.FileStreamAssemblerList(this, 100, SharedUtils.XdgDirectories.GetOrCreateXdgDataHome() + System.IO.Path.DirectorySeparatorChar + PacketParser.FileTransfer.FileStreamAssembler.ASSMEBLED_FILES_DIRECTORY + System.IO.Path.DirectorySeparatorChar); + this.FileStreamAssemblerList.PopularityLost += this.FileStreamAssemblerList_PopularityLost; + this.ReconstructedFileList=new List<FileTransfer.ReconstructedFile>(); + this.credentialList=new SortedList<string, NetworkCredential>(); +@@ -874,7 +874,7 @@ namespace PacketParser { + + //check the frame content for keywords + foreach (byte[] keyword in this.keywordList) { +- //jAG SLUTADE HÄR. FUNKAR EJ VID RELOAD ++ //jAG SLUTADE H�R. FUNKAR EJ VID RELOAD + int keyIndex = receivedFrame.IndexOf(keyword); + if (keyIndex >= 0) { + if (networkPacket != null) +diff --git a/SharedUtils/XdgDirectories.cs b/SharedUtils/XdgDirectories.cs +new file mode 100644 +index 0000000..80c09e3 +--- /dev/null ++++ b/SharedUtils/XdgDirectories.cs +@@ -0,0 +1,15 @@ ++using System; ++using System.IO; ++ ++namespace SharedUtils { ++ public class XdgDirectories { ++ public static string GetOrCreateXdgDataHome() { ++ string home = Environment.GetFolderPath(Environment.SpecialFolder.UserProfile); ++ string data = Environment.GetEnvironmentVariable("XDG_DATA_HOME") ?? home + System.IO.Path.DirectorySeparatorChar + ".local" + System.IO.Path.DirectorySeparatorChar + "share"; ++ string dir = data + System.IO.Path.DirectorySeparatorChar + "NetworkMiner"; ++ // Directory.CreateDirectory(dir); ++ return dir; ++ } ++ ++ } ++} diff --git a/nixpkgs/pkgs/tools/security/nitrokey-app/default.nix b/nixpkgs/pkgs/tools/security/nitrokey-app/default.nix new file mode 100644 index 000000000000..d48047a7b1c6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nitrokey-app/default.nix @@ -0,0 +1,51 @@ +{ lib +, stdenv +, cmake +, fetchFromGitHub +, pkg-config +, wrapQtAppsHook +, libnitrokey +, cppcodec +, qttools +}: + +stdenv.mkDerivation rec { + pname = "nitrokey-app"; + version = "1.4.2"; + + src = fetchFromGitHub { + owner = "Nitrokey"; + repo = "nitrokey-app"; + rev = "v${version}"; + hash = "sha256-c6EC5uuMna07xVHDRFq0UDwuSeopZTmZGZ9ZD5zaq8Y="; + }; + + nativeBuildInputs = [ + cmake + pkg-config + wrapQtAppsHook + qttools + ]; + + cmakeFlags = [ + "-DADD_GIT_INFO=OFF" + "-DBASH_COMPLETION_PATH=share/bash-completion/completions" + ]; + + buildInputs = [ + libnitrokey + cppcodec + ]; + + meta = with lib; { + description = "Provides extra functionality for the Nitrokey Pro and Storage"; + longDescription = '' + The nitrokey-app provides a QT system tray widget with which you can + access the extra functionality of a Nitrokey Storage or Nitrokey Pro. + See https://www.nitrokey.com/ for more information. + ''; + homepage = "https://github.com/Nitrokey/nitrokey-app"; + license = licenses.gpl3; + maintainers = with maintainers; [ kaiha panicgh ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/nitrokey-app2/default.nix b/nixpkgs/pkgs/tools/security/nitrokey-app2/default.nix new file mode 100644 index 000000000000..3d35b4d07750 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nitrokey-app2/default.nix @@ -0,0 +1,69 @@ +{ lib +, python3 +, fetchFromGitHub +, pynitrokey +, wrapQtAppsHook +}: + +python3.pkgs.buildPythonApplication rec { + pname = "nitrokey-app2"; + version = "2.1.2"; + pyproject = true; + + disabled = python3.pythonOlder "3.9"; + + src = fetchFromGitHub { + owner = "Nitrokey"; + repo = "nitrokey-app2"; + rev = "v${version}"; + hash = "sha256-VyhIFNXxH/FohgjhBeZXoQYppP7PEz+ei0qzsWz1xhk="; + }; + + # https://github.com/Nitrokey/nitrokey-app2/issues/152 + # + # pythonRelaxDepsHook does not work here, because it runs in postBuild and + # only modifies the dependencies in the built distribution. + postPatch = '' + substituteInPlace pyproject.toml --replace "pynitrokey ==" "pynitrokey >=" + ''; + + # The pyproject.toml file seems to be incomplete and does not generate + # resources (i.e. run pyrcc5 and pyuic5) but the Makefile does. + preBuild = '' + make build-ui + ''; + + nativeBuildInputs = with python3.pkgs; [ + flit-core + pyqt5 + wrapQtAppsHook + ]; + + dontWrapQtApps = true; + + propagatedBuildInputs = with python3.pkgs; [ + pynitrokey + pyudev + pyqt5 + pyqt5-stubs + qt-material + ]; + + preFixup = '' + wrapQtApp "$out/bin/nitrokeyapp" \ + --set-default CRYPTOGRAPHY_OPENSSL_NO_LEGACY 1 + ''; + + pythonImportsCheck = [ + "nitrokeyapp" + ]; + + meta = with lib; { + description = "This application allows to manage Nitrokey 3 devices"; + homepage = "https://github.com/Nitrokey/nitrokey-app2"; + changelog = "https://github.com/Nitrokey/nitrokey-app2/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ _999eagle ]; + mainProgram = "nitrokeyapp"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/nmap-formatter/default.nix b/nixpkgs/pkgs/tools/security/nmap-formatter/default.nix new file mode 100644 index 000000000000..02379ed53aea --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nmap-formatter/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "nmap-formatter"; + version = "2.1.3"; + + src = fetchFromGitHub { + owner = "vdjagilev"; + repo = pname; + rev = "v${version}"; + hash = "sha256-tc946SAWBeKSNgLJZSkEoygxyXm3xbQm3cinIK1uOoY="; + }; + + vendorHash = "sha256-c2n8GlaD6q21gWUqr31UOioZRxO0s0tSpVRKl/YHXZU="; + + meta = with lib; { + description = "Tool that allows you to convert nmap output"; + homepage = "https://github.com/vdjagilev/nmap-formatter"; + changelog = "https://github.com/vdjagilev/nmap-formatter/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/nmap/default.nix b/nixpkgs/pkgs/tools/security/nmap/default.nix new file mode 100644 index 000000000000..1f9084964b29 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nmap/default.nix @@ -0,0 +1,49 @@ +{ lib, stdenv, fetchurl, libpcap, pkg-config, openssl, lua5_4 +, pcre, libssh2 +, withLua ? true +}: + +stdenv.mkDerivation rec { + pname = "nmap"; + version = "7.94"; + + src = fetchurl { + url = "https://nmap.org/dist/nmap-${version}.tar.bz2"; + sha256 = "sha256-1xvhie7EPX4Jm6yFcVCdMWxFd8p5SRgyrD4SF7yPksw="; + }; + + prePatch = lib.optionalString stdenv.isDarwin '' + substituteInPlace libz/configure \ + --replace /usr/bin/libtool ar \ + --replace 'AR="libtool"' 'AR="ar"' \ + --replace 'ARFLAGS="-o"' 'ARFLAGS="-r"' + ''; + + configureFlags = [ + (if withLua then "--with-liblua=${lua5_4}" else "--without-liblua") + "--with-liblinear=included" + "--without-ndiff" + "--without-zenmap" + ]; + + makeFlags = lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ + "AR=${stdenv.cc.bintools.targetPrefix}ar" + "RANLIB=${stdenv.cc.bintools.targetPrefix}ranlib" + "CC=${stdenv.cc.targetPrefix}gcc" + ]; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ pcre libssh2 libpcap openssl ]; + + enableParallelBuilding = true; + + doCheck = false; # fails 3 tests, probably needs the net + + meta = with lib; { + description = "A free and open source utility for network discovery and security auditing"; + homepage = "http://www.nmap.org"; + license = licenses.gpl2; + platforms = platforms.all; + maintainers = with maintainers; [ thoughtpolice fpletz ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/nmap/qt.nix b/nixpkgs/pkgs/tools/security/nmap/qt.nix new file mode 100644 index 000000000000..b4e406a0035b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nmap/qt.nix @@ -0,0 +1,60 @@ +{ lib, stdenv +, fetchFromGitHub +, cmake +, pkg-config +, wrapQtAppsHook +, dnsutils +, nmap +, qtbase +, qtscript +, qtwebengine +}: + +stdenv.mkDerivation rec { + pname = "nmapsi4"; + version = "0.5-alpha2"; + + src = fetchFromGitHub { + owner = "nmapsi4"; + repo = "nmapsi4"; + rev = "v${version}"; + sha256 = "sha256-q3XfwJ4TGK4E58haN0Q0xRH4GDpKD8VZzyxHe/VwBqY="; + }; + + nativeBuildInputs = [ cmake pkg-config wrapQtAppsHook ]; + + buildInputs = [ qtbase qtscript qtwebengine ]; + + postPatch = '' + substituteInPlace src/platform/digmanager.cpp \ + --replace '"dig"' '"${dnsutils}/bin/dig"' + substituteInPlace src/platform/discover.cpp \ + --replace '"nping"' '"${nmap}/bin/nping"' + for f in \ + src/platform/monitor/monitor.cpp \ + src/platform/nsemanager.cpp ; do + + substituteInPlace $f \ + --replace '"nmap"' '"${nmap}/bin/nmap"' + done + ''; + + postInstall = '' + mv $out/share/applications/kde4/*.desktop $out/share/applications + rmdir $out/share/applications/kde4 + + for f in $out/share/applications/* ; do + substituteInPlace $f \ + --replace Qt4 Qt5 \ + --replace Exec=nmapsi4 Exec=$out/bin/nmapsi4 \ + --replace "Exec=kdesu nmapsi4" "Exec=kdesu $out/bin/nmapsi4" + done + ''; + + meta = with lib; { + description = "Qt frontend for nmap"; + license = licenses.gpl2; + maintainers = with maintainers; [ peterhoeg ]; + inherit (src.meta) homepage; + }; +} diff --git a/nixpkgs/pkgs/tools/security/noseyparker/default.nix b/nixpkgs/pkgs/tools/security/noseyparker/default.nix new file mode 100644 index 000000000000..c6e4056d9fab --- /dev/null +++ b/nixpkgs/pkgs/tools/security/noseyparker/default.nix @@ -0,0 +1,49 @@ +{ lib +, rustPlatform +, fetchFromGitHub +, cmake +, pkg-config +, openssl +, hyperscan +}: + +rustPlatform.buildRustPackage rec { + pname = "noseyparker"; + version = "0.12.0"; + + src = fetchFromGitHub { + owner = "praetorian-inc"; + repo = "noseyparker"; + rev = "v${version}"; + hash = "sha256-qop6KjTFPQ5o1kPEVPP0AfDfr8w/JP3YmC+sb5OUbDY="; + }; + + cargoHash = "sha256-ZtoJO/R11qTFYAE6G7AVCpnYZ3JGrxtVSXvCm0W8DAA="; + + postPatch = '' + # disabledTests (network, failing) + rm tests/test_noseyparker_github.rs + rm tests/test_noseyparker_scan.rs + ''; + + nativeBuildInputs = [ + cmake + pkg-config + ]; + buildInputs = [ + openssl + hyperscan + ]; + + OPENSSL_NO_VENDOR = 1; + + meta = with lib; { + description = "Find secrets and sensitive information in textual data"; + homepage = "https://github.com/praetorian-inc/noseyparker"; + changelog = "https://github.com/praetorian-inc/noseyparker/blob/v${version}/CHANGELOG.md"; + license = licenses.asl20; + maintainers = with maintainers; [ _0x4A6F ]; + # limited by hyperscan + platforms = [ "x86_64-linux" ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/nosqli/default.nix b/nixpkgs/pkgs/tools/security/nosqli/default.nix new file mode 100644 index 000000000000..47095902cea6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nosqli/default.nix @@ -0,0 +1,25 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "nosqli"; + version = "0.5.4"; + + src = fetchFromGitHub { + owner = "Charlie-belmer"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-CgD9b5eHDK/8QhQmrqT09Jf9snn9WItNMtTNbJFT2sI="; + }; + + vendorHash = "sha256-QnrzEei4Pt4C0vCJu4YN28lWWAqEikmNLrqshd3knx4="; + + meta = with lib; { + description = "NoSql Injection tool for finding vulnerable websites using MongoDB"; + homepage = "https://github.com/Charlie-belmer/nosqli"; + license = with licenses; [ agpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/notary/default.nix b/nixpkgs/pkgs/tools/security/notary/default.nix new file mode 100644 index 000000000000..ab6ec0b16818 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/notary/default.nix @@ -0,0 +1,65 @@ +{ lib, fetchFromGitHub, buildGoPackage, libtool }: + +buildGoPackage rec { + pname = "notary"; + version = "0.6.1"; + gitcommit = "d6e1431f"; + + src = fetchFromGitHub { + owner = "theupdateframework"; + repo = "notary"; + rev = "v${version}"; + sha256 = "1ak9dk6vjny5069hp3w36dbjawcnaq82l3i2qvf7mn7zfglbsnf9"; + }; + + patches = [ ./no-git-usage.patch ]; + + buildInputs = [ libtool ]; + buildPhase = '' + runHook preBuild + cd go/src/github.com/theupdateframework/notary + SKIPENVCHECK=1 make client GITCOMMIT=${gitcommit} + runHook postBuild + ''; + + goPackagePath = "github.com/theupdateframework/notary"; + + installPhase = '' + runHook preInstall + install -D bin/notary $out/bin/notary + runHook postInstall + ''; + + #doCheck = true; # broken by tzdata: 2018g -> 2019a + checkPhase = '' + make test PKGS=github.com/theupdateframework/notary/cmd/notary + ''; + + meta = with lib; { + description = "A project that allows anyone to have trust over arbitrary collections of data"; + longDescription = '' + The Notary project comprises a server and a client for running and + interacting with trusted collections. See the service architecture + documentation for more information. + + Notary aims to make the internet more secure by making it easy for people + to publish and verify content. We often rely on TLS to secure our + communications with a web server which is inherently flawed, as any + compromise of the server enables malicious content to be substituted for + the legitimate content. + + With Notary, publishers can sign their content offline using keys kept + highly secure. Once the publisher is ready to make the content available, + they can push their signed trusted collection to a Notary Server. + + Consumers, having acquired the publisher's public key through a secure + channel, can then communicate with any notary server or (insecure) mirror, + relying only on the publisher's key to determine the validity and + integrity of the received content. + ''; + license = licenses.asl20; + homepage = "https://github.com/theupdateframework/notary"; + maintainers = with maintainers; [ vdemeester ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/notary/no-git-usage.patch b/nixpkgs/pkgs/tools/security/notary/no-git-usage.patch new file mode 100644 index 000000000000..363eefe36921 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/notary/no-git-usage.patch @@ -0,0 +1,15 @@ +diff --git a/Makefile b/Makefile +index ab794165..0cbd047f 100644 +--- a/Makefile ++++ b/Makefile +@@ -5,8 +5,8 @@ PREFIX?=$(shell pwd) + # Add to compile time flags + NOTARY_PKG := github.com/theupdateframework/notary + NOTARY_VERSION := $(shell cat NOTARY_VERSION) +-GITCOMMIT := $(shell git rev-parse --short HEAD) +-GITUNTRACKEDCHANGES := $(shell git status --porcelain --untracked-files=no) ++GITCOMMIT ?= $(shell git rev-parse --short HEAD) ++GITUNTRACKEDCHANGES := + ifneq ($(GITUNTRACKEDCHANGES),) + GITCOMMIT := $(GITCOMMIT)-dirty + endif diff --git a/nixpkgs/pkgs/tools/security/notation/default.nix b/nixpkgs/pkgs/tools/security/notation/default.nix new file mode 100644 index 000000000000..845f3fbc4b8d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/notation/default.nix @@ -0,0 +1,37 @@ +{ lib, buildGoModule, fetchFromGitHub, testers, notation }: + +buildGoModule rec { + pname = "notation"; + version = "1.0.0"; + + src = fetchFromGitHub { + owner = "notaryproject"; + repo = pname; + rev = "v${version}"; + hash = "sha256-mj+LCO6Q4kKfYewPl0R9axZB9O4Yy+GkLlUIDe6yhlI="; + }; + + vendorHash = "sha256-wQTRgOSOq0LeiSwF5eowaW4R2xCx+kEb0WQ+upsxdAA="; + + # This is a Go sub-module and cannot be built directly (e2e tests). + excludedPackages = [ "./test" ]; + + ldflags = [ + "-s" + "-w" + "-X github.com/notaryproject/notation/internal/version.Version=${version}" + "-X github.com/notaryproject/notation/internal/version.BuildMetadata=" + ]; + + passthru.tests.version = testers.testVersion { + package = notation; + command = "notation version"; + }; + + meta = with lib; { + description = "CLI tool to sign and verify OCI artifacts and container images"; + homepage = "https://notaryproject.dev/"; + license = licenses.asl20; + maintainers = with maintainers; [ aaronjheng ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/nsjail/default.nix b/nixpkgs/pkgs/tools/security/nsjail/default.nix new file mode 100644 index 000000000000..187674596e1f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nsjail/default.nix @@ -0,0 +1,40 @@ +{ lib, stdenv, fetchFromGitHub, autoconf, bison, flex, libtool, pkg-config, which +, libnl, protobuf, protobufc, shadow, installShellFiles +}: + +stdenv.mkDerivation rec { + pname = "nsjail"; + version = "3.4"; + + src = fetchFromGitHub { + owner = "google"; + repo = "nsjail"; + rev = version; + fetchSubmodules = true; + hash = "sha256-/K+qJV5Dq+my45Cpw6czdsWLtO9lnJwZTsOIRt4Iijk="; + }; + + nativeBuildInputs = [ autoconf bison flex installShellFiles libtool pkg-config which ]; + buildInputs = [ libnl protobuf protobufc ]; + enableParallelBuilding = true; + + preBuild = '' + makeFlagsArray+=(USER_DEFINES='-DNEWUIDMAP_PATH=${shadow}/bin/newuidmap -DNEWGIDMAP_PATH=${shadow}/bin/newgidmap') + ''; + + installPhase = '' + runHook preInstall + install -Dm755 nsjail "$out/bin/nsjail" + installManPage nsjail.1 + runHook postInstall + ''; + + meta = with lib; { + description = "A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters"; + homepage = "https://nsjail.dev/"; + changelog = "https://github.com/google/nsjail/releases/tag/${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ arturcygan bosu c0bw3b ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ntlmrecon/default.nix b/nixpkgs/pkgs/tools/security/ntlmrecon/default.nix new file mode 100644 index 000000000000..648e2d585e09 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ntlmrecon/default.nix @@ -0,0 +1,39 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "ntlmrecon"; + version = "0.4"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "pwnfoo"; + repo = "NTLMRecon"; + rev = "refs/tags/v-${version}"; + sha256 = "0rrx49li2l9xlcax84qxjf60nbzp3fgq77c36yqmsp0pc9i89ah6"; + }; + + propagatedBuildInputs = with python3.pkgs; [ + colorama + iptools + requests + termcolor + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "ntlmrecon" + ]; + + meta = with lib; { + description = "Information enumerator for NTLM authentication enabled web endpoints"; + homepage = "https://github.com/pwnfoo/NTLMRecon"; + changelog = "https://github.com/pwnfoo/NTLMRecon/releases/tag/v-${version}"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/nuclei/default.nix b/nixpkgs/pkgs/tools/security/nuclei/default.nix new file mode 100644 index 000000000000..ae6e1d78f6fa --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nuclei/default.nix @@ -0,0 +1,40 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "nuclei"; + version = "3.0.1"; + + src = fetchFromGitHub { + owner = "projectdiscovery"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-5Z40wc8ihN2UR3DyMCaD0MOKpgbUQX0OJMyZw2gVNYM="; + }; + + vendorHash = "sha256-CaeYAw7QU/KySFDSkUr4oHrG3wyPHxty3KCZ6zlPqIk="; + + subPackages = [ + "cmd/nuclei/" + ]; + + # Test files are not part of the release tarball + doCheck = false; + + meta = with lib; { + description = "Tool for configurable targeted scanning"; + longDescription = '' + Nuclei is used to send requests across targets based on a template + leading to zero false positives and providing effective scanning + for known paths. Main use cases for nuclei are during initial + reconnaissance phase to quickly check for low hanging fruits or + CVEs across targets that are known and easily detectable. + ''; + homepage = "https://github.com/projectdiscovery/nuclei"; + changelog = "https://github.com/projectdiscovery/nuclei/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab Misaka13514 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/nwipe/default.nix b/nixpkgs/pkgs/tools/security/nwipe/default.nix new file mode 100644 index 000000000000..35ca1f9b4125 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/nwipe/default.nix @@ -0,0 +1,42 @@ +{ lib +, stdenv +, autoreconfHook +, fetchFromGitHub +, ncurses +, parted +, pkg-config +}: + +stdenv.mkDerivation rec { + pname = "nwipe"; + version = "0.34"; + + src = fetchFromGitHub { + owner = "martijnvanbrummelen"; + repo = "nwipe"; + rev = "v${version}"; + sha256 = "sha256-7WI8AwWkg9rOjAbOyDgCVOpeMxvJ5Bd1yvzfSv6TPLs="; + }; + + nativeBuildInputs = [ + autoreconfHook + pkg-config + ]; + + buildInputs = [ + ncurses + parted + ]; + + preConfigure = '' + sh init.sh || : + ''; + + meta = with lib; { + description = "Securely erase disks"; + homepage = "https://github.com/martijnvanbrummelen/nwipe"; + license = licenses.gpl2Only; + maintainers = with maintainers; [ woffs ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/oath-toolkit/default.nix b/nixpkgs/pkgs/tools/security/oath-toolkit/default.nix new file mode 100644 index 000000000000..fe8367ea57e4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/oath-toolkit/default.nix @@ -0,0 +1,30 @@ +{ lib, stdenv, fetchurl, nix-update-script, pam, xmlsec }: + +let + # TODO: Switch to OpenPAM once https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/26 is addressed upstream + securityDependency = + if stdenv.isDarwin then xmlsec + else pam; + +in stdenv.mkDerivation rec { + pname = "oath-toolkit"; + version = "2.6.7"; + + src = fetchurl { + url = "mirror://savannah/${pname}/${pname}-${version}.tar.gz"; + sha256 = "1aa620k05lsw3l3slkp2mzma40q3p9wginspn9zk8digiz7dzv9n"; + }; + + buildInputs = [ securityDependency ]; + + configureFlags = lib.optionals stdenv.isDarwin [ "--disable-pam" ]; + + passthru.updateScript = nix-update-script { }; + + meta = with lib; { + description = "Components for building one-time password authentication systems"; + homepage = "https://www.nongnu.org/oath-toolkit/"; + maintainers = with maintainers; [ schnusch ]; + platforms = with platforms; linux ++ darwin; + }; +} diff --git a/nixpkgs/pkgs/tools/security/oauth2c/default.nix b/nixpkgs/pkgs/tools/security/oauth2c/default.nix new file mode 100644 index 000000000000..b576bad13727 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/oauth2c/default.nix @@ -0,0 +1,34 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "oauth2c"; + version = "1.12.0"; + + src = fetchFromGitHub { + owner = "cloudentity"; + repo = pname; + rev = "v${version}"; + hash = "sha256-7WZJdB4D1UnveAgf8+aZlE/4+d0rUIPIYqG5k993nk4="; + }; + + vendorHash = "sha256-euEmslrSbXPVDNZkIguq+ukt74Um4H0+lIXEyCBorjE="; + + doCheck = false; # tests want to talk to oauth2c.us.authz.cloudentity.io + + meta = with lib; { + homepage = "https://github.com/cloudentity/oauth2c"; + description = "User-friendly OAuth2 CLI"; + longDescription = '' + oauth2c is a command-line tool for interacting with OAuth 2.0 + authorization servers. Its goal is to make it easy to fetch access tokens + using any grant type or client authentication method. It is compliant with + almost all basic and advanced OAuth 2.0, OIDC, OIDF FAPI and JWT profiles. + ''; + license = licenses.asl20; + maintainers = [ maintainers.flokli ]; + platforms = platforms.darwin ++ platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/octosuite/default.nix b/nixpkgs/pkgs/tools/security/octosuite/default.nix new file mode 100644 index 000000000000..88b29dce721c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/octosuite/default.nix @@ -0,0 +1,44 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "octosuite"; + version = "3.1.0"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "bellingcat"; + repo = "octosuite"; + rev = "refs/tags/${version}"; + hash = "sha256-C73txVtyWTcIrJSApBy4uIKDcuUq0HZrGM6dqDVLkKY="; + }; + + postPatch = '' + # pyreadline3 is Windows-only + substituteInPlace setup.py \ + --replace ', "pyreadline3"' "" + ''; + + propagatedBuildInputs = with python3.pkgs; [ + psutil + requests + rich + ]; + + pythonImportsCheck = [ + "octosuite" + ]; + + # Project has no tests + doCheck = false; + + meta = with lib; { + description = "Advanced Github OSINT framework"; + homepage = "https://github.com/bellingcat/octosuite"; + changelog = "https://github.com/bellingcat/octosuite/releases/tag/${version}"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/offensive-azure/default.nix b/nixpkgs/pkgs/tools/security/offensive-azure/default.nix new file mode 100644 index 000000000000..fb5dce6798dc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/offensive-azure/default.nix @@ -0,0 +1,55 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "offensive-azure"; + version = "0.4.10"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "blacklanternsecurity"; + repo = pname; + rev = "v${version}"; + hash = "sha256-5JHix+/uGGhXM89VLimI81g4evci5ZUtNV1c1xopjuI="; + }; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + certifi + charset-normalizer + colorama + dnspython + idna + pycryptodome + python-whois + requests + requests + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + postPatch = '' + # Use default Python module + substituteInPlace pyproject.toml \ + --replace 'uuid = "^1.30"' "" \ + --replace 'python-whois = "^0.7.3"' 'python-whois = "*"' + ''; + + pythonImportsCheck = [ + "offensive_azure" + ]; + + meta = with lib; { + description = "Collection of offensive tools targeting Microsoft Azure"; + homepage = "https://github.com/blacklanternsecurity/offensive-azure"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/onesixtyone/default.nix b/nixpkgs/pkgs/tools/security/onesixtyone/default.nix new file mode 100644 index 000000000000..374d1322246b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/onesixtyone/default.nix @@ -0,0 +1,30 @@ +{ lib, stdenv, fetchFromGitHub }: + +stdenv.mkDerivation rec { + pname = "onesixtyone"; + version = "unstable-2019-12-26"; + + src = fetchFromGitHub { + owner = "trailofbits"; + repo = "onesixtyone"; + rev = "9ce1dcdad73d45c8694086a4f90d7713be1cbdd7"; + sha256 = "111nxn4pcbx6p9j8cjjxv1j1s7dgf7f4dix8acsmahwbpzinzkg3"; + }; + + buildPhase = '' + $CC -o onesixtyone onesixtyone.c + ''; + + installPhase = '' + install -D onesixtyone $out/bin/onesixtyone + ''; + + meta = with lib; { + description = "Fast SNMP Scanner"; + homepage = "https://github.com/trailofbits/onesixtyone"; + license = licenses.gpl2Plus; + platforms = platforms.unix; + maintainers = [ maintainers.fishi0x01 ]; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/onioncircuits/default.nix b/nixpkgs/pkgs/tools/security/onioncircuits/default.nix new file mode 100644 index 000000000000..c1468becc262 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/onioncircuits/default.nix @@ -0,0 +1,58 @@ +{ stdenv +, lib +, fetchFromGitLab +, fetchpatch +, gobject-introspection +, intltool +, python3 +, wrapGAppsHook +}: + +python3.pkgs.buildPythonApplication rec { + pname = "onioncircuits"; + version = "0.7"; + + src = fetchFromGitLab { + domain = "gitlab.tails.boum.org"; + owner = "tails"; + repo = "onioncircuits"; + rev = version; + sha256 = "sha256-O4tSbKBTmve4u8bXVg128RLyuxvTbU224JV8tQ+aDAQ="; + }; + + nativeBuildInputs = [ + gobject-introspection + intltool + wrapGAppsHook + python3.pkgs.distutils-extra + ]; + + propagatedBuildInputs = with python3.pkgs; [ + pygobject3 + stem + ]; + + patches = [ + # Fix https://gitlab.tails.boum.org/tails/onioncircuits/-/merge_requests/4 + (fetchpatch { + name = "fix-setuptool-package-discovery.patch"; + url = "https://gitlab.tails.boum.org/tails/onioncircuits/-/commit/4c620c77f36f540fa27041fcbdeaf05c9f57826c.patch"; + sha256 = "sha256-WXqyDa2meRMMHkHLO5Xl7x43KUGtlsai+eOVzUGUPpo="; + }) + ]; + + postInstall = '' + mkdir -p $out/etc/apparmor.d + + cp apparmor/usr.bin.onioncircuits $out/etc/apparmor.d + ''; + + meta = with lib; { + broken = stdenv.isDarwin; + homepage = "https://tails.boum.org"; + description = "GTK application to display Tor circuits and streams"; + license = licenses.gpl3; + maintainers = with maintainers; [ milran ]; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/onlykey-agent/default.nix b/nixpkgs/pkgs/tools/security/onlykey-agent/default.nix new file mode 100644 index 000000000000..48dab9b19726 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/onlykey-agent/default.nix @@ -0,0 +1,74 @@ +{ lib +, python3Packages +, fetchPypi +, onlykey-cli +}: + +let + bech32 = with python3Packages; buildPythonPackage rec { + pname = "bech32"; + version = "1.2.0"; + + src = fetchPypi { + inherit pname version; + sha256 = "sha256-fW24IUYDvXhx/PpsCCbvaLhbCr2Q+iHChanF4h0r2Jk="; + }; + }; + + # onlykey requires a patched version of libagent + lib-agent = with python3Packages; libagent.overridePythonAttrs (oa: rec{ + version = "1.0.6"; + src = fetchPypi { + inherit version; + pname = "lib-agent"; + sha256 = "sha256-IrJizIHDIPHo4tVduUat7u31zHo3Nt8gcMOyUUqkNu0="; + }; + propagatedBuildInputs = oa.propagatedBuildInputs or [ ] ++ [ + bech32 + cryptography + docutils + pycryptodome + pynacl + wheel + ]; + + # turn off testing because I can't get it to work + doCheck = false; + pythonImportsCheck = [ "libagent" ]; + + meta = oa.meta // { + description = "Using OnlyKey as hardware SSH and GPG agent"; + homepage = "https://github.com/trustcrypto/onlykey-agent/tree/ledger"; + maintainers = with lib.maintainers; [ kalbasit ]; + }; + }); +in +python3Packages.buildPythonApplication rec { + pname = "onlykey-agent"; + version = "1.1.15"; + + src = fetchPypi { + inherit pname version; + sha256 = "sha256-SbGb7CjcD7cFPvASZtip56B4uxRiFKZBvbsf6sb8fds="; + }; + + propagatedBuildInputs = with python3Packages; [ lib-agent onlykey-cli ]; + + # move the python library into the sitePackages. + postInstall = '' + mkdir $out/${python3Packages.python.sitePackages}/onlykey_agent + mv $out/bin/onlykey_agent.py $out/${python3Packages.python.sitePackages}/onlykey_agent/__init__.py + chmod a-x $out/${python3Packages.python.sitePackages}/onlykey_agent/__init__.py + ''; + + # no tests + doCheck = false; + pythonImportsCheck = [ "onlykey_agent" ]; + + meta = with lib; { + description = " The OnlyKey agent is essentially middleware that lets you use OnlyKey as a hardware SSH/GPG device."; + homepage = "https://github.com/trustcrypto/onlykey-agent"; + license = licenses.lgpl3Only; + maintainers = with maintainers; [ kalbasit ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/onlykey-cli/default.nix b/nixpkgs/pkgs/tools/security/onlykey-cli/default.nix new file mode 100644 index 000000000000..4d0b0a267a38 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/onlykey-cli/default.nix @@ -0,0 +1,34 @@ +{ lib, python3Packages, fetchPypi }: + +python3Packages.buildPythonApplication rec { + pname = "onlykey-cli"; + version = "1.2.10"; + + src = fetchPypi { + inherit version; + pname = "onlykey"; + sha256 = "sha256-ZmQnyZx9YlIIxMMdZ0U2zb+QANfcwrtG7iR1LpgzmBQ="; + }; + + propagatedBuildInputs = with python3Packages; [ + aenum + cython + ecdsa + hidapi + onlykey-solo-python + prompt-toolkit + pynacl + six + ]; + + # Requires having the physical onlykey (a usb security key) + doCheck = false; + pythonImportsCheck = [ "onlykey.client" ]; + + meta = with lib; { + description = "OnlyKey client and command-line tool"; + homepage = "https://github.com/trustcrypto/python-onlykey"; + license = licenses.mit; + maintainers = with maintainers; [ ranfdev ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/onlykey/default.nix b/nixpkgs/pkgs/tools/security/onlykey/default.nix new file mode 100644 index 000000000000..018c53b0c083 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/onlykey/default.nix @@ -0,0 +1,53 @@ +{ lib +, node_webkit +, pkgs +, runCommand +, stdenv +, writeShellScript +}: + +let + # parse the version from package.json + version = + let + packageJson = lib.importJSON ./package.json; + splits = builtins.split "^.*#v(.*)$" (builtins.getAttr "onlykey" (builtins.head packageJson)); + matches = builtins.elemAt splits 1; + elem = builtins.head matches; + in + elem; + + # this must be updated anytime this package is updated. + onlykeyPkg = "onlykey-git+https://github.com/trustcrypto/OnlyKey-App.git#v${version}"; + + # define a shortcut to get to onlykey. + onlykey = self."${onlykeyPkg}"; + + super = import ./onlykey.nix { + inherit pkgs; + inherit (stdenv.hostPlatform) system; + }; + + self = super // { + "${onlykeyPkg}" = super."${onlykeyPkg}".override (attrs: { + # when installing packages, nw tries to download nwjs in its postInstall + # script. There are currently no other postInstall scripts, so this + # should not break other things. + npmFlags = attrs.npmFlags or "" + " --ignore-scripts"; + + # this package requires to be built in order to become runnable. + postInstall = '' + cd $out/lib/node_modules/${attrs.packageName} + npm run build + ''; + }); + }; + + script = writeShellScript "${onlykey.packageName}-starter-${onlykey.version}" '' + ${node_webkit}/bin/nw ${onlykey}/lib/node_modules/${onlykey.packageName}/build + ''; +in +runCommand "${onlykey.packageName}-${onlykey.version}" { } '' + mkdir -p $out/bin + ln -s ${script} $out/bin/onlykey +'' diff --git a/nixpkgs/pkgs/tools/security/onlykey/generate.sh b/nixpkgs/pkgs/tools/security/onlykey/generate.sh new file mode 100755 index 000000000000..b6afb497463e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/onlykey/generate.sh @@ -0,0 +1,5 @@ +#!/usr/bin/env nix-shell +#! nix-shell -i bash -p nodePackages.node2nix + +# XXX: --development is given here because we need access to gulp in order to build OnlyKey. +exec node2nix --nodejs-18 --development -i package.json -c onlykey.nix -e ../../../development/node-packages/node-env.nix --no-copy-node-env diff --git a/nixpkgs/pkgs/tools/security/onlykey/node-packages.nix b/nixpkgs/pkgs/tools/security/onlykey/node-packages.nix new file mode 100644 index 000000000000..001ff6916708 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/onlykey/node-packages.nix @@ -0,0 +1,6710 @@ +# This file has been generated by node2nix 1.11.1. Do not edit! + +{nodeEnv, fetchurl, fetchgit, nix-gitignore, stdenv, lib, globalBuildInputs ? []}: + +let + sources = { + "@eslint-community/eslint-utils-4.4.0" = { + name = "_at_eslint-community_slash_eslint-utils"; + packageName = "@eslint-community/eslint-utils"; + version = "4.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.4.0.tgz"; + sha512 = "1/sA4dwrzBAyeUoQ6oxahHKmrZvsnLCg4RfxW3ZFGGmQkSNQPFNLV9CUEFQP1x9EYXHTo5p6xdhZM1Ne9p/AfA=="; + }; + }; + "@eslint-community/regexpp-4.5.1" = { + name = "_at_eslint-community_slash_regexpp"; + packageName = "@eslint-community/regexpp"; + version = "4.5.1"; + src = fetchurl { + url = "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.5.1.tgz"; + sha512 = "Z5ba73P98O1KUYCCJTUeVpja9RcGoMdncZ6T49FCUl2lN38JtCJ+3WgIDBv0AuY4WChU5PmtJmOCTlN6FZTFKQ=="; + }; + }; + "@eslint/eslintrc-2.0.3" = { + name = "_at_eslint_slash_eslintrc"; + packageName = "@eslint/eslintrc"; + version = "2.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.0.3.tgz"; + sha512 = "+5gy6OQfk+xx3q0d6jGZZC3f3KzAkXc/IanVxd1is/VIIziRqqt3ongQz0FiTUXqTk0c7aDB3OaFuKnuSoJicQ=="; + }; + }; + "@eslint/js-8.42.0" = { + name = "_at_eslint_slash_js"; + packageName = "@eslint/js"; + version = "8.42.0"; + src = fetchurl { + url = "https://registry.npmjs.org/@eslint/js/-/js-8.42.0.tgz"; + sha512 = "6SWlXpWU5AvId8Ac7zjzmIOqMOba/JWY8XZ4A7q7Gn1Vlfg/SFFIlrtHXt9nPn4op9ZPAkl91Jao+QQv3r/ukw=="; + }; + }; + "@gulp-sourcemaps/identity-map-2.0.1" = { + name = "_at_gulp-sourcemaps_slash_identity-map"; + packageName = "@gulp-sourcemaps/identity-map"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/@gulp-sourcemaps/identity-map/-/identity-map-2.0.1.tgz"; + sha512 = "Tb+nSISZku+eQ4X1lAkevcQa+jknn/OVUgZ3XCxEKIsLsqYuPoJwJOPQeaOk75X3WPftb29GWY1eqE7GLsXb1Q=="; + }; + }; + "@gulp-sourcemaps/map-sources-1.0.0" = { + name = "_at_gulp-sourcemaps_slash_map-sources"; + packageName = "@gulp-sourcemaps/map-sources"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/@gulp-sourcemaps/map-sources/-/map-sources-1.0.0.tgz"; + sha512 = "o/EatdaGt8+x2qpb0vFLC/2Gug/xYPRXb6a+ET1wGYKozKN3krDWC/zZFZAtrzxJHuDL12mwdfEFKcKMNvc55A=="; + }; + }; + "@humanwhocodes/config-array-0.11.10" = { + name = "_at_humanwhocodes_slash_config-array"; + packageName = "@humanwhocodes/config-array"; + version = "0.11.10"; + src = fetchurl { + url = "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.10.tgz"; + sha512 = "KVVjQmNUepDVGXNuoRRdmmEjruj0KfiGSbS8LVc12LMsWDQzRXJ0qdhN8L8uUigKpfEHRhlaQFY0ib1tnUbNeQ=="; + }; + }; + "@humanwhocodes/module-importer-1.0.1" = { + name = "_at_humanwhocodes_slash_module-importer"; + packageName = "@humanwhocodes/module-importer"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz"; + sha512 = "bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA=="; + }; + }; + "@humanwhocodes/object-schema-1.2.1" = { + name = "_at_humanwhocodes_slash_object-schema"; + packageName = "@humanwhocodes/object-schema"; + version = "1.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz"; + sha512 = "ZnQMnLV4e7hDlUvw8H+U8ASL02SS2Gn6+9Ac3wGGLIe7+je2AeAOxPY+izIPJDfFDb7eDjev0Us8MO1iFRN8hA=="; + }; + }; + "@nodelib/fs.scandir-2.1.5" = { + name = "_at_nodelib_slash_fs.scandir"; + packageName = "@nodelib/fs.scandir"; + version = "2.1.5"; + src = fetchurl { + url = "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz"; + sha512 = "vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g=="; + }; + }; + "@nodelib/fs.stat-2.0.5" = { + name = "_at_nodelib_slash_fs.stat"; + packageName = "@nodelib/fs.stat"; + version = "2.0.5"; + src = fetchurl { + url = "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz"; + sha512 = "RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A=="; + }; + }; + "@nodelib/fs.walk-1.2.8" = { + name = "_at_nodelib_slash_fs.walk"; + packageName = "@nodelib/fs.walk"; + version = "1.2.8"; + src = fetchurl { + url = "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz"; + sha512 = "oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg=="; + }; + }; + "abbrev-1.1.1" = { + name = "abbrev"; + packageName = "abbrev"; + version = "1.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz"; + sha512 = "nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q=="; + }; + }; + "acorn-6.4.2" = { + name = "acorn"; + packageName = "acorn"; + version = "6.4.2"; + src = fetchurl { + url = "https://registry.npmjs.org/acorn/-/acorn-6.4.2.tgz"; + sha512 = "XtGIhXwF8YM8bJhGxG5kXgjkEuNGLTkoYqVE+KMR+aspr4KGYmKYg7yUe3KghyQ9yheNwLnjmzh/7+gfDBmHCQ=="; + }; + }; + "acorn-8.8.2" = { + name = "acorn"; + packageName = "acorn"; + version = "8.8.2"; + src = fetchurl { + url = "https://registry.npmjs.org/acorn/-/acorn-8.8.2.tgz"; + sha512 = "xjIYgE8HBrkpd/sJqOGNspf8uHG+NOHGOw6a/Urj8taM2EXfdNAH2oFcPeIFfsv3+kz/mJrS5VuMqbNLjCa2vw=="; + }; + }; + "acorn-jsx-5.3.2" = { + name = "acorn-jsx"; + packageName = "acorn-jsx"; + version = "5.3.2"; + src = fetchurl { + url = "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz"; + sha512 = "rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ=="; + }; + }; + "ajv-6.12.6" = { + name = "ajv"; + packageName = "ajv"; + version = "6.12.6"; + src = fetchurl { + url = "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz"; + sha512 = "j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g=="; + }; + }; + "ansi-colors-1.1.0" = { + name = "ansi-colors"; + packageName = "ansi-colors"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/ansi-colors/-/ansi-colors-1.1.0.tgz"; + sha512 = "SFKX67auSNoVR38N3L+nvsPjOE0bybKTYbkf5tRvushrAPQ9V75huw0ZxBkKVeRU9kqH3d6HA4xTckbwZ4ixmA=="; + }; + }; + "ansi-colors-4.1.1" = { + name = "ansi-colors"; + packageName = "ansi-colors"; + version = "4.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz"; + sha512 = "JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA=="; + }; + }; + "ansi-gray-0.1.1" = { + name = "ansi-gray"; + packageName = "ansi-gray"; + version = "0.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/ansi-gray/-/ansi-gray-0.1.1.tgz"; + sha512 = "HrgGIZUl8h2EHuZaU9hTR/cU5nhKxpVE1V6kdGsQ8e4zirElJ5fvtfc8N7Q1oq1aatO275i8pUFUCpNWCAnVWw=="; + }; + }; + "ansi-regex-2.1.1" = { + name = "ansi-regex"; + packageName = "ansi-regex"; + version = "2.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz"; + sha512 = "TIGnTpdo+E3+pCyAluZvtED5p5wCqLdezCyhPZzKPcxvFplEt4i+W7OONCKgeZFT3+y5NZZfOOS/Bdcanm1MYA=="; + }; + }; + "ansi-regex-5.0.1" = { + name = "ansi-regex"; + packageName = "ansi-regex"; + version = "5.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz"; + sha512 = "quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ=="; + }; + }; + "ansi-styles-2.2.1" = { + name = "ansi-styles"; + packageName = "ansi-styles"; + version = "2.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/ansi-styles/-/ansi-styles-2.2.1.tgz"; + sha512 = "kmCevFghRiWM7HB5zTPULl4r9bVFSWjz62MhqizDGUrq2NWuNMQyuv4tHHoKJHs69M/MF64lEcHdYIocrdWQYA=="; + }; + }; + "ansi-styles-4.3.0" = { + name = "ansi-styles"; + packageName = "ansi-styles"; + version = "4.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz"; + sha512 = "zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg=="; + }; + }; + "ansi-wrap-0.1.0" = { + name = "ansi-wrap"; + packageName = "ansi-wrap"; + version = "0.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/ansi-wrap/-/ansi-wrap-0.1.0.tgz"; + sha512 = "ZyznvL8k/FZeQHr2T6LzcJ/+vBApDnMNZvfVFy3At0knswWd6rJ3/0Hhmpu8oqa6C92npmozs890sX9Dl6q+Qw=="; + }; + }; + "anymatch-1.3.2" = { + name = "anymatch"; + packageName = "anymatch"; + version = "1.3.2"; + src = fetchurl { + url = "https://registry.npmjs.org/anymatch/-/anymatch-1.3.2.tgz"; + sha512 = "0XNayC8lTHQ2OI8aljNCN3sSx6hsr/1+rlcDAotXJR7C1oZZHCNsfpbKwMjRA3Uqb5tF1Rae2oloTr4xpq+WjA=="; + }; + }; + "anymatch-2.0.0" = { + name = "anymatch"; + packageName = "anymatch"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/anymatch/-/anymatch-2.0.0.tgz"; + sha512 = "5teOsQWABXHHBFP9y3skS5P3d/WfWXpv3FUpy+LorMrNYaT9pI4oLMQX7jzQ2KklNpGpWHzdCXTDT2Y3XGlZBw=="; + }; + }; + "anymatch-3.1.3" = { + name = "anymatch"; + packageName = "anymatch"; + version = "3.1.3"; + src = fetchurl { + url = "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz"; + sha512 = "KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw=="; + }; + }; + "append-buffer-1.0.2" = { + name = "append-buffer"; + packageName = "append-buffer"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/append-buffer/-/append-buffer-1.0.2.tgz"; + sha512 = "WLbYiXzD3y/ATLZFufV/rZvWdZOs+Z/+5v1rBZ463Jn398pa6kcde27cvozYnBoxXblGZTFfoPpsaEw0orU5BA=="; + }; + }; + "applescript-1.0.0" = { + name = "applescript"; + packageName = "applescript"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/applescript/-/applescript-1.0.0.tgz"; + sha512 = "yvtNHdWvtbYEiIazXAdp/NY+BBb65/DAseqlNiJQjOx9DynuzOYDbVLBJvuc0ve0VL9x6B3OHF6eH52y9hCBtQ=="; + }; + }; + "archy-1.0.0" = { + name = "archy"; + packageName = "archy"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/archy/-/archy-1.0.0.tgz"; + sha512 = "Xg+9RwCg/0p32teKdGMPTPnVXKD0w3DfHnFTficozsAgsvq2XenPJq/MYpzzQ/v8zrOyJn6Ds39VA4JIDwFfqw=="; + }; + }; + "argparse-2.0.1" = { + name = "argparse"; + packageName = "argparse"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz"; + sha512 = "8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q=="; + }; + }; + "arr-diff-2.0.0" = { + name = "arr-diff"; + packageName = "arr-diff"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/arr-diff/-/arr-diff-2.0.0.tgz"; + sha512 = "dtXTVMkh6VkEEA7OhXnN1Ecb8aAGFdZ1LFxtOCoqj4qkyOJMt7+qs6Ahdy6p/NQCPYsRSXXivhSB/J5E9jmYKA=="; + }; + }; + "arr-diff-4.0.0" = { + name = "arr-diff"; + packageName = "arr-diff"; + version = "4.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/arr-diff/-/arr-diff-4.0.0.tgz"; + sha512 = "YVIQ82gZPGBebQV/a8dar4AitzCQs0jjXwMPZllpXMaGjXPYVUawSxQrRsjhjupyVxEvbHgUmIhKVlND+j02kA=="; + }; + }; + "arr-filter-1.1.2" = { + name = "arr-filter"; + packageName = "arr-filter"; + version = "1.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/arr-filter/-/arr-filter-1.1.2.tgz"; + sha512 = "A2BETWCqhsecSvCkWAeVBFLH6sXEUGASuzkpjL3GR1SlL/PWL6M3J8EAAld2Uubmh39tvkJTqC9LeLHCUKmFXA=="; + }; + }; + "arr-flatten-1.1.0" = { + name = "arr-flatten"; + packageName = "arr-flatten"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/arr-flatten/-/arr-flatten-1.1.0.tgz"; + sha512 = "L3hKV5R/p5o81R7O02IGnwpDmkp6E982XhtbuwSe3O4qOtMMMtodicASA1Cny2U+aCXcNpml+m4dPsvsJ3jatg=="; + }; + }; + "arr-map-2.0.2" = { + name = "arr-map"; + packageName = "arr-map"; + version = "2.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/arr-map/-/arr-map-2.0.2.tgz"; + sha512 = "tVqVTHt+Q5Xb09qRkbu+DidW1yYzz5izWS2Xm2yFm7qJnmUfz4HPzNxbHkdRJbz2lrqI7S+z17xNYdFcBBO8Hw=="; + }; + }; + "arr-union-3.1.0" = { + name = "arr-union"; + packageName = "arr-union"; + version = "3.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/arr-union/-/arr-union-3.1.0.tgz"; + sha512 = "sKpyeERZ02v1FeCZT8lrfJq5u6goHCtpTAzPwJYe7c8SPFOboNjNg1vz2L4VTn9T4PQxEx13TbXLmYUcS6Ug7Q=="; + }; + }; + "array-each-1.0.1" = { + name = "array-each"; + packageName = "array-each"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/array-each/-/array-each-1.0.1.tgz"; + sha512 = "zHjL5SZa68hkKHBFBK6DJCTtr9sfTCPCaph/L7tMSLcTFgy+zX7E+6q5UArbtOtMBCtxdICpfTCspRse+ywyXA=="; + }; + }; + "array-initial-1.1.0" = { + name = "array-initial"; + packageName = "array-initial"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/array-initial/-/array-initial-1.1.0.tgz"; + sha512 = "BC4Yl89vneCYfpLrs5JU2aAu9/a+xWbeKhvISg9PT7eWFB9UlRvI+rKEtk6mgxWr3dSkk9gQ8hCrdqt06NXPdw=="; + }; + }; + "array-last-1.3.0" = { + name = "array-last"; + packageName = "array-last"; + version = "1.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/array-last/-/array-last-1.3.0.tgz"; + sha512 = "eOCut5rXlI6aCOS7Z7kCplKRKyiFQ6dHFBem4PwlwKeNFk2/XxTrhRh5T9PyaEWGy/NHTZWbY+nsZlNFJu9rYg=="; + }; + }; + "array-slice-1.1.0" = { + name = "array-slice"; + packageName = "array-slice"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/array-slice/-/array-slice-1.1.0.tgz"; + sha512 = "B1qMD3RBP7O8o0H2KbrXDyB0IccejMF15+87Lvlor12ONPRHP6gTjXMNkt/d3ZuOGbAe66hFmaCfECI24Ufp6w=="; + }; + }; + "array-sort-1.0.0" = { + name = "array-sort"; + packageName = "array-sort"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/array-sort/-/array-sort-1.0.0.tgz"; + sha512 = "ihLeJkonmdiAsD7vpgN3CRcx2J2S0TiYW+IS/5zHBI7mKUq3ySvBdzzBfD236ubDBQFiiyG3SWCPc+msQ9KoYg=="; + }; + }; + "array-unique-0.2.1" = { + name = "array-unique"; + packageName = "array-unique"; + version = "0.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/array-unique/-/array-unique-0.2.1.tgz"; + sha512 = "G2n5bG5fSUCpnsXz4+8FUkYsGPkNfLn9YvS66U5qbTIXI2Ynnlo4Bi42bWv+omKUCqz+ejzfClwne0alJWJPhg=="; + }; + }; + "array-unique-0.3.2" = { + name = "array-unique"; + packageName = "array-unique"; + version = "0.3.2"; + src = fetchurl { + url = "https://registry.npmjs.org/array-unique/-/array-unique-0.3.2.tgz"; + sha512 = "SleRWjh9JUud2wH1hPs9rZBZ33H6T9HOiL0uwGnGx9FpE6wKGyfWugmbkEOIs6qWrZhg0LWeLziLrEwQJhs5mQ=="; + }; + }; + "asn1-0.2.6" = { + name = "asn1"; + packageName = "asn1"; + version = "0.2.6"; + src = fetchurl { + url = "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz"; + sha512 = "ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ=="; + }; + }; + "assert-plus-1.0.0" = { + name = "assert-plus"; + packageName = "assert-plus"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz"; + sha512 = "NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw=="; + }; + }; + "assertion-error-1.1.0" = { + name = "assertion-error"; + packageName = "assertion-error"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/assertion-error/-/assertion-error-1.1.0.tgz"; + sha512 = "jgsaNduz+ndvGyFt3uSuWqvy4lCnIJiovtouQN5JZHOKCS2QuhEdbcQHFhVksz2N2U9hXJo8odG7ETyWlEeuDw=="; + }; + }; + "assign-symbols-1.0.0" = { + name = "assign-symbols"; + packageName = "assign-symbols"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/assign-symbols/-/assign-symbols-1.0.0.tgz"; + sha512 = "Q+JC7Whu8HhmTdBph/Tq59IoRtoy6KAm5zzPv00WdujX82lbAL8K7WVjne7vdCsAmbF4AYaDOPyO3k0kl8qIrw=="; + }; + }; + "async-done-1.3.2" = { + name = "async-done"; + packageName = "async-done"; + version = "1.3.2"; + src = fetchurl { + url = "https://registry.npmjs.org/async-done/-/async-done-1.3.2.tgz"; + sha512 = "uYkTP8dw2og1tu1nmza1n1CMW0qb8gWWlwqMmLb7MhBVs4BXrFziT6HXUd+/RlRA/i4H9AkofYloUbs1fwMqlw=="; + }; + }; + "async-each-1.0.6" = { + name = "async-each"; + packageName = "async-each"; + version = "1.0.6"; + src = fetchurl { + url = "https://registry.npmjs.org/async-each/-/async-each-1.0.6.tgz"; + sha512 = "c646jH1avxr+aVpndVMeAfYw7wAa6idufrlN3LPA4PmKS0QEGp6PIC9nwz0WQkkvBGAMEki3pFdtxaF39J9vvg=="; + }; + }; + "async-settle-1.0.0" = { + name = "async-settle"; + packageName = "async-settle"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/async-settle/-/async-settle-1.0.0.tgz"; + sha512 = "VPXfB4Vk49z1LHHodrEQ6Xf7W4gg1w0dAPROHngx7qgDjqmIQ+fXmwgGXTW/ITLai0YLSvWepJOP9EVpMnEAcw=="; + }; + }; + "asynckit-0.4.0" = { + name = "asynckit"; + packageName = "asynckit"; + version = "0.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz"; + sha512 = "Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q=="; + }; + }; + "atob-2.1.2" = { + name = "atob"; + packageName = "atob"; + version = "2.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/atob/-/atob-2.1.2.tgz"; + sha512 = "Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg=="; + }; + }; + "auto-launch-5.0.6" = { + name = "auto-launch"; + packageName = "auto-launch"; + version = "5.0.6"; + src = fetchurl { + url = "https://registry.npmjs.org/auto-launch/-/auto-launch-5.0.6.tgz"; + sha512 = "OgxiAm4q9EBf9EeXdPBiVNENaWE3jUZofwrhAkWjHDYGezu1k3FRZHU8V2FBxGuSJOHzKmTJEd0G7L7/0xDGFA=="; + }; + }; + "aws-sign2-0.7.0" = { + name = "aws-sign2"; + packageName = "aws-sign2"; + version = "0.7.0"; + src = fetchurl { + url = "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz"; + sha512 = "08kcGqnYf/YmjoRhfxyu+CLxBjUtHLXLXX/vUfx9l2LYzG3c1m61nrpyFUZI6zeS+Li/wWMMidD9KgrqtGq3mA=="; + }; + }; + "aws4-1.12.0" = { + name = "aws4"; + packageName = "aws4"; + version = "1.12.0"; + src = fetchurl { + url = "https://registry.npmjs.org/aws4/-/aws4-1.12.0.tgz"; + sha512 = "NmWvPnx0F1SfrQbYwOi7OeaNGokp9XhzNioJ/CSBs8Qa4vxug81mhJEAVZwxXuBmYB5KDRfMq/F3RR0BIU7sWg=="; + }; + }; + "bach-1.2.0" = { + name = "bach"; + packageName = "bach"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/bach/-/bach-1.2.0.tgz"; + sha512 = "bZOOfCb3gXBXbTFXq3OZtGR88LwGeJvzu6szttaIzymOTS4ZttBNOWSv7aLZja2EMycKtRYV0Oa8SNKH/zkxvg=="; + }; + }; + "balanced-match-1.0.2" = { + name = "balanced-match"; + packageName = "balanced-match"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz"; + sha512 = "3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="; + }; + }; + "base-0.11.2" = { + name = "base"; + packageName = "base"; + version = "0.11.2"; + src = fetchurl { + url = "https://registry.npmjs.org/base/-/base-0.11.2.tgz"; + sha512 = "5T6P4xPgpp0YDFvSWwEZ4NoE3aM4QBQXDzmVbraCkFj8zHM+mba8SyqB5DbZWyR7mYHo6Y7BdQo3MoA4m0TeQg=="; + }; + }; + "base64-js-1.5.1" = { + name = "base64-js"; + packageName = "base64-js"; + version = "1.5.1"; + src = fetchurl { + url = "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz"; + sha512 = "AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA=="; + }; + }; + "bcrypt-pbkdf-1.0.2" = { + name = "bcrypt-pbkdf"; + packageName = "bcrypt-pbkdf"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz"; + sha512 = "qeFIXtP4MSoi6NLqO12WfqARWWuCKi2Rn/9hJLEmtB5yTNr9DqFWkJRCf2qShWzPeAMRnOgCrq0sg/KLv5ES9w=="; + }; + }; + "binary-0.3.0" = { + name = "binary"; + packageName = "binary"; + version = "0.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/binary/-/binary-0.3.0.tgz"; + sha512 = "D4H1y5KYwpJgK8wk1Cue5LLPgmwHKYSChkbspQg5JtVuR5ulGckxfR62H3AE9UDkdMC8yyXlqYihuz3Aqg2XZg=="; + }; + }; + "binary-extensions-1.13.1" = { + name = "binary-extensions"; + packageName = "binary-extensions"; + version = "1.13.1"; + src = fetchurl { + url = "https://registry.npmjs.org/binary-extensions/-/binary-extensions-1.13.1.tgz"; + sha512 = "Un7MIEDdUC5gNpcGDV97op1Ywk748MpHcFTHoYs6qnj1Z3j7I53VG3nwZhKzoBZmbdRNnb6WRdFlwl7tSDuZGw=="; + }; + }; + "binary-extensions-2.2.0" = { + name = "binary-extensions"; + packageName = "binary-extensions"; + version = "2.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.2.0.tgz"; + sha512 = "jDctJ/IVQbZoJykoeHbhXpOlNBqGNcwXJKJog42E5HDPUwQTSdjCHdihjj0DlnheQ7blbT6dHOafNAiS8ooQKA=="; + }; + }; + "bindings-1.5.0" = { + name = "bindings"; + packageName = "bindings"; + version = "1.5.0"; + src = fetchurl { + url = "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz"; + sha512 = "p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ=="; + }; + }; + "bl-1.2.3" = { + name = "bl"; + packageName = "bl"; + version = "1.2.3"; + src = fetchurl { + url = "https://registry.npmjs.org/bl/-/bl-1.2.3.tgz"; + sha512 = "pvcNpa0UU69UT341rO6AYy4FVAIkUHuZXRIWbq+zHnsVcRzDDjIAhGuuYoi0d//cwIwtt4pkpKycWEfjdV+vww=="; + }; + }; + "brace-expansion-1.1.11" = { + name = "brace-expansion"; + packageName = "brace-expansion"; + version = "1.1.11"; + src = fetchurl { + url = "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz"; + sha512 = "iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA=="; + }; + }; + "brace-expansion-2.0.1" = { + name = "brace-expansion"; + packageName = "brace-expansion"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz"; + sha512 = "XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA=="; + }; + }; + "braces-1.8.5" = { + name = "braces"; + packageName = "braces"; + version = "1.8.5"; + src = fetchurl { + url = "https://registry.npmjs.org/braces/-/braces-1.8.5.tgz"; + sha512 = "xU7bpz2ytJl1bH9cgIurjpg/n8Gohy9GTw81heDYLJQ4RU60dlyJsa+atVF2pI0yMMvKxI9HkKwjePCj5XI1hw=="; + }; + }; + "braces-2.3.2" = { + name = "braces"; + packageName = "braces"; + version = "2.3.2"; + src = fetchurl { + url = "https://registry.npmjs.org/braces/-/braces-2.3.2.tgz"; + sha512 = "aNdbnj9P8PjdXU4ybaWLK2IF3jc/EoDYbC7AazW6to3TRsfXxscC9UXOB5iDiEQrkyIbWp2SLQda4+QAa7nc3w=="; + }; + }; + "braces-3.0.2" = { + name = "braces"; + packageName = "braces"; + version = "3.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz"; + sha512 = "b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A=="; + }; + }; + "browser-stdout-1.3.1" = { + name = "browser-stdout"; + packageName = "browser-stdout"; + version = "1.3.1"; + src = fetchurl { + url = "https://registry.npmjs.org/browser-stdout/-/browser-stdout-1.3.1.tgz"; + sha512 = "qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw=="; + }; + }; + "buffer-5.7.1" = { + name = "buffer"; + packageName = "buffer"; + version = "5.7.1"; + src = fetchurl { + url = "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz"; + sha512 = "EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ=="; + }; + }; + "buffer-alloc-1.2.0" = { + name = "buffer-alloc"; + packageName = "buffer-alloc"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/buffer-alloc/-/buffer-alloc-1.2.0.tgz"; + sha512 = "CFsHQgjtW1UChdXgbyJGtnm+O/uLQeZdtbDo8mfUgYXCHSM1wgrVxXm6bSyrUuErEb+4sYVGCzASBRot7zyrow=="; + }; + }; + "buffer-alloc-unsafe-1.1.0" = { + name = "buffer-alloc-unsafe"; + packageName = "buffer-alloc-unsafe"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/buffer-alloc-unsafe/-/buffer-alloc-unsafe-1.1.0.tgz"; + sha512 = "TEM2iMIEQdJ2yjPJoSIsldnleVaAk1oW3DBVUykyOLsEsFmEc9kn+SFFPz+gl54KQNxlDnAwCXosOS9Okx2xAg=="; + }; + }; + "buffer-crc32-0.2.13" = { + name = "buffer-crc32"; + packageName = "buffer-crc32"; + version = "0.2.13"; + src = fetchurl { + url = "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.13.tgz"; + sha512 = "VO9Ht/+p3SN7SKWqcrgEzjGbRSJYTx+Q1pTQC0wrWqHx0vpJraQ6GtHx8tvcg1rlK1byhU5gccxgOgj7B0TDkQ=="; + }; + }; + "buffer-equal-1.0.1" = { + name = "buffer-equal"; + packageName = "buffer-equal"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/buffer-equal/-/buffer-equal-1.0.1.tgz"; + sha512 = "QoV3ptgEaQpvVwbXdSO39iqPQTCxSF7A5U99AxbHYqUdCizL/lH2Z0A2y6nbZucxMEOtNyZfG2s6gsVugGpKkg=="; + }; + }; + "buffer-fill-1.0.0" = { + name = "buffer-fill"; + packageName = "buffer-fill"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/buffer-fill/-/buffer-fill-1.0.0.tgz"; + sha512 = "T7zexNBwiiaCOGDg9xNX9PBmjrubblRkENuptryuI64URkXDFum9il/JGL8Lm8wYfAXpredVXXZz7eMHilimiQ=="; + }; + }; + "buffer-from-1.1.2" = { + name = "buffer-from"; + packageName = "buffer-from"; + version = "1.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz"; + sha512 = "E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ=="; + }; + }; + "buffers-0.1.1" = { + name = "buffers"; + packageName = "buffers"; + version = "0.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/buffers/-/buffers-0.1.1.tgz"; + sha512 = "9q/rDEGSb/Qsvv2qvzIzdluL5k7AaJOTrw23z9reQthrbF7is4CtlT0DXyO1oei2DCp4uojjzQ7igaSHp1kAEQ=="; + }; + }; + "bufferutil-4.0.7" = { + name = "bufferutil"; + packageName = "bufferutil"; + version = "4.0.7"; + src = fetchurl { + url = "https://registry.npmjs.org/bufferutil/-/bufferutil-4.0.7.tgz"; + sha512 = "kukuqc39WOHtdxtw4UScxF/WVnMFVSQVKhtx3AjZJzhd0RGZZldcrfSEbVsWWe6KNH253574cq5F+wpv0G9pJw=="; + }; + }; + "cache-base-1.0.1" = { + name = "cache-base"; + packageName = "cache-base"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/cache-base/-/cache-base-1.0.1.tgz"; + sha512 = "AKcdTnFSWATd5/GCPRxr2ChwIJ85CeyrEyjRHlKxQ56d4XJMGym0uAiKn0xbLOGOl3+yRpOTi484dVCEc5AUzQ=="; + }; + }; + "call-bind-1.0.2" = { + name = "call-bind"; + packageName = "call-bind"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/call-bind/-/call-bind-1.0.2.tgz"; + sha512 = "7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA=="; + }; + }; + "callsites-3.1.0" = { + name = "callsites"; + packageName = "callsites"; + version = "3.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz"; + sha512 = "P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ=="; + }; + }; + "camelcase-2.1.1" = { + name = "camelcase"; + packageName = "camelcase"; + version = "2.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/camelcase/-/camelcase-2.1.1.tgz"; + sha512 = "DLIsRzJVBQu72meAKPkWQOLcujdXT32hwdfnkI1frSiSRMK1MofjKHf+MEx0SB6fjEFXL8fBDv1dKymBlOp4Qw=="; + }; + }; + "camelcase-3.0.0" = { + name = "camelcase"; + packageName = "camelcase"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/camelcase/-/camelcase-3.0.0.tgz"; + sha512 = "4nhGqUkc4BqbBBB4Q6zLuD7lzzrHYrjKGeYaEji/3tFR5VdJu9v+LilhGIVe8wxEJPPOeWo7eg8dwY13TZ1BNg=="; + }; + }; + "camelcase-6.3.0" = { + name = "camelcase"; + packageName = "camelcase"; + version = "6.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz"; + sha512 = "Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA=="; + }; + }; + "capture-stack-trace-1.0.2" = { + name = "capture-stack-trace"; + packageName = "capture-stack-trace"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/capture-stack-trace/-/capture-stack-trace-1.0.2.tgz"; + sha512 = "X/WM2UQs6VMHUtjUDnZTRI+i1crWteJySFzr9UpGoQa4WQffXVTTXuekjl7TjZRlcF2XfjgITT0HxZ9RnxeT0w=="; + }; + }; + "caseless-0.12.0" = { + name = "caseless"; + packageName = "caseless"; + version = "0.12.0"; + src = fetchurl { + url = "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz"; + sha512 = "4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw=="; + }; + }; + "caw-2.0.1" = { + name = "caw"; + packageName = "caw"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/caw/-/caw-2.0.1.tgz"; + sha512 = "Cg8/ZSBEa8ZVY9HspcGUYaK63d/bN7rqS3CYCzEGUxuYv6UlmcjzDUz2fCFFHyTvUW5Pk0I+3hkA3iXlIj6guA=="; + }; + }; + "chai-4.3.7" = { + name = "chai"; + packageName = "chai"; + version = "4.3.7"; + src = fetchurl { + url = "https://registry.npmjs.org/chai/-/chai-4.3.7.tgz"; + sha512 = "HLnAzZ2iupm25PlN0xFreAlBA5zaBSv3og0DdeGA4Ar6h6rJ3A0rolRUKJhSF2V10GZKDgWF/VmAEsNWjCRB+A=="; + }; + }; + "chai-as-promised-7.1.1" = { + name = "chai-as-promised"; + packageName = "chai-as-promised"; + version = "7.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/chai-as-promised/-/chai-as-promised-7.1.1.tgz"; + sha512 = "azL6xMoi+uxu6z4rhWQ1jbdUhOMhis2PvscD/xjLqNMkv3BPPp2JyyuTHOrf9BOosGpNQ11v6BKv/g57RXbiaA=="; + }; + }; + "chainsaw-0.1.0" = { + name = "chainsaw"; + packageName = "chainsaw"; + version = "0.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/chainsaw/-/chainsaw-0.1.0.tgz"; + sha512 = "75kWfWt6MEKNC8xYXIdRpDehRYY/tNSgwKaJq+dbbDcxORuVrrQ+SEHoWsniVn9XPYfP4gmdWIeDk/4YNp1rNQ=="; + }; + }; + "chalk-1.1.3" = { + name = "chalk"; + packageName = "chalk"; + version = "1.1.3"; + src = fetchurl { + url = "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz"; + sha512 = "U3lRVLMSlsCfjqYPbLyVv11M9CPW4I728d6TCKMAOJueEeB9/8o+eSsMnxPJD+Q+K909sdESg7C+tIkoH6on1A=="; + }; + }; + "chalk-4.1.2" = { + name = "chalk"; + packageName = "chalk"; + version = "4.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz"; + sha512 = "oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA=="; + }; + }; + "check-error-1.0.2" = { + name = "check-error"; + packageName = "check-error"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/check-error/-/check-error-1.0.2.tgz"; + sha512 = "BrgHpW9NURQgzoNyjfq0Wu6VFO6D7IZEmJNdtgNqpzGG8RuNFHt2jQxWlAs4HMe119chBnv+34syEZtc6IhLtA=="; + }; + }; + "chokidar-1.7.0" = { + name = "chokidar"; + packageName = "chokidar"; + version = "1.7.0"; + src = fetchurl { + url = "https://registry.npmjs.org/chokidar/-/chokidar-1.7.0.tgz"; + sha512 = "mk8fAWcRUOxY7btlLtitj3A45jOwSAxH4tOFOoEGbVsl6cL6pPMWUy7dwZ/canfj3QEdP6FHSnf/l1c6/WkzVg=="; + }; + }; + "chokidar-2.1.8" = { + name = "chokidar"; + packageName = "chokidar"; + version = "2.1.8"; + src = fetchurl { + url = "https://registry.npmjs.org/chokidar/-/chokidar-2.1.8.tgz"; + sha512 = "ZmZUazfOzf0Nve7duiCKD23PFSCs4JPoYyccjUFF3aQkQadqBhfzhjkwBH2mNOG9cTBwhamM37EIsIkZw3nRgg=="; + }; + }; + "chokidar-3.5.3" = { + name = "chokidar"; + packageName = "chokidar"; + version = "3.5.3"; + src = fetchurl { + url = "https://registry.npmjs.org/chokidar/-/chokidar-3.5.3.tgz"; + sha512 = "Dr3sfKRP6oTcjf2JmUmFJfeVMvXBdegxB0iVQ5eb2V10uFJUCAS8OByZdVAyVb8xXNz3GjjTgj9kLWsZTqE6kw=="; + }; + }; + "class-utils-0.3.6" = { + name = "class-utils"; + packageName = "class-utils"; + version = "0.3.6"; + src = fetchurl { + url = "https://registry.npmjs.org/class-utils/-/class-utils-0.3.6.tgz"; + sha512 = "qOhPa/Fj7s6TY8H8esGu5QNpMMQxz79h+urzrNYN6mn+9BnxlDGf5QZ+XeCDsxSjPqsSR56XOZOJmpeurnLMeg=="; + }; + }; + "cliui-3.2.0" = { + name = "cliui"; + packageName = "cliui"; + version = "3.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/cliui/-/cliui-3.2.0.tgz"; + sha512 = "0yayqDxWQbqk3ojkYqUKqaAQ6AfNKeKWRNA8kR0WXzAsdHpP4BIaOmMAG87JGuO6qcobyW4GjxHd9PmhEd+T9w=="; + }; + }; + "cliui-7.0.4" = { + name = "cliui"; + packageName = "cliui"; + version = "7.0.4"; + src = fetchurl { + url = "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz"; + sha512 = "OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ=="; + }; + }; + "cliui-8.0.1" = { + name = "cliui"; + packageName = "cliui"; + version = "8.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz"; + sha512 = "BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ=="; + }; + }; + "clone-2.1.2" = { + name = "clone"; + packageName = "clone"; + version = "2.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/clone/-/clone-2.1.2.tgz"; + sha512 = "3Pe/CF1Nn94hyhIYpjtiLhdCoEoz0DqQ+988E9gmeEdQZlojxnOb74wctFyuwWQHzqyf9X7C7MG8juUpqBJT8w=="; + }; + }; + "clone-buffer-1.0.0" = { + name = "clone-buffer"; + packageName = "clone-buffer"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/clone-buffer/-/clone-buffer-1.0.0.tgz"; + sha512 = "KLLTJWrvwIP+OPfMn0x2PheDEP20RPUcGXj/ERegTgdmPEZylALQldygiqrPPu8P45uNuPs7ckmReLY6v/iA5g=="; + }; + }; + "clone-stats-1.0.0" = { + name = "clone-stats"; + packageName = "clone-stats"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/clone-stats/-/clone-stats-1.0.0.tgz"; + sha512 = "au6ydSpg6nsrigcZ4m8Bc9hxjeW+GJ8xh5G3BJCMt4WXe1H10UNaVOamqQTmrx1kjVuxAHIQSNU6hY4Nsn9/ag=="; + }; + }; + "cloneable-readable-1.1.3" = { + name = "cloneable-readable"; + packageName = "cloneable-readable"; + version = "1.1.3"; + src = fetchurl { + url = "https://registry.npmjs.org/cloneable-readable/-/cloneable-readable-1.1.3.tgz"; + sha512 = "2EF8zTQOxYq70Y4XKtorQupqF0m49MBz2/yf5Bj+MHjvpG3Hy7sImifnqD6UA+TKYxeSV+u6qqQPawN5UvnpKQ=="; + }; + }; + "code-point-at-1.1.0" = { + name = "code-point-at"; + packageName = "code-point-at"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/code-point-at/-/code-point-at-1.1.0.tgz"; + sha512 = "RpAVKQA5T63xEj6/giIbUEtZwJ4UFIc3ZtvEkiaUERylqe8xb5IvqcgOurZLahv93CLKfxcw5YI+DZcUBRyLXA=="; + }; + }; + "collection-map-1.0.0" = { + name = "collection-map"; + packageName = "collection-map"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/collection-map/-/collection-map-1.0.0.tgz"; + sha512 = "5D2XXSpkOnleOI21TG7p3T0bGAsZ/XknZpKBmGYyluO8pw4zA3K8ZlrBIbC4FXg3m6z/RNFiUFfT2sQK01+UHA=="; + }; + }; + "collection-visit-1.0.0" = { + name = "collection-visit"; + packageName = "collection-visit"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/collection-visit/-/collection-visit-1.0.0.tgz"; + sha512 = "lNkKvzEeMBBjUGHZ+q6z9pSJla0KWAQPvtzhEV9+iGyQYG+pBpl7xKDhxoNSOZH2hhv0v5k0y2yAM4o4SjoSkw=="; + }; + }; + "color-convert-2.0.1" = { + name = "color-convert"; + packageName = "color-convert"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz"; + sha512 = "RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ=="; + }; + }; + "color-name-1.1.4" = { + name = "color-name"; + packageName = "color-name"; + version = "1.1.4"; + src = fetchurl { + url = "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz"; + sha512 = "dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA=="; + }; + }; + "color-support-1.1.3" = { + name = "color-support"; + packageName = "color-support"; + version = "1.1.3"; + src = fetchurl { + url = "https://registry.npmjs.org/color-support/-/color-support-1.1.3.tgz"; + sha512 = "qiBjkpbMLO/HL68y+lh4q0/O1MZFj2RX6X/KmMa3+gJD3z+WwI1ZzDHysvqHGS3mP6mznPckpXmw1nI9cJjyRg=="; + }; + }; + "combined-stream-1.0.8" = { + name = "combined-stream"; + packageName = "combined-stream"; + version = "1.0.8"; + src = fetchurl { + url = "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz"; + sha512 = "FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg=="; + }; + }; + "commander-2.20.3" = { + name = "commander"; + packageName = "commander"; + version = "2.20.3"; + src = fetchurl { + url = "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz"; + sha512 = "GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ=="; + }; + }; + "component-emitter-1.3.0" = { + name = "component-emitter"; + packageName = "component-emitter"; + version = "1.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/component-emitter/-/component-emitter-1.3.0.tgz"; + sha512 = "Rd3se6QB+sO1TwqZjscQrurpEPIfO0/yYnSin6Q/rD3mOutHvUrCAhJub3r90uNb+SESBuE0QYoB90YdfatsRg=="; + }; + }; + "concat-map-0.0.1" = { + name = "concat-map"; + packageName = "concat-map"; + version = "0.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz"; + sha512 = "/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg=="; + }; + }; + "concat-stream-1.6.2" = { + name = "concat-stream"; + packageName = "concat-stream"; + version = "1.6.2"; + src = fetchurl { + url = "https://registry.npmjs.org/concat-stream/-/concat-stream-1.6.2.tgz"; + sha512 = "27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw=="; + }; + }; + "config-chain-1.1.13" = { + name = "config-chain"; + packageName = "config-chain"; + version = "1.1.13"; + src = fetchurl { + url = "https://registry.npmjs.org/config-chain/-/config-chain-1.1.13.tgz"; + sha512 = "qj+f8APARXHrM0hraqXYb2/bOVSV4PvJQlNZ/DVj0QrmNM2q2euizkeuVckQ57J+W0mRH6Hvi+k50M4Jul2VRQ=="; + }; + }; + "convert-source-map-1.9.0" = { + name = "convert-source-map"; + packageName = "convert-source-map"; + version = "1.9.0"; + src = fetchurl { + url = "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz"; + sha512 = "ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A=="; + }; + }; + "copy-descriptor-0.1.1" = { + name = "copy-descriptor"; + packageName = "copy-descriptor"; + version = "0.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/copy-descriptor/-/copy-descriptor-0.1.1.tgz"; + sha512 = "XgZ0pFcakEUlbwQEVNg3+QAis1FyTL3Qel9FYy8pSkQqoG3PNoT0bOCQtOXcOkur21r2Eq2kI+IE+gsmAEVlYw=="; + }; + }; + "copy-props-2.0.5" = { + name = "copy-props"; + packageName = "copy-props"; + version = "2.0.5"; + src = fetchurl { + url = "https://registry.npmjs.org/copy-props/-/copy-props-2.0.5.tgz"; + sha512 = "XBlx8HSqrT0ObQwmSzM7WE5k8FxTV75h1DX1Z3n6NhQ/UYYAvInWYmG06vFt7hQZArE2fuO62aihiWIVQwh1sw=="; + }; + }; + "core-util-is-1.0.2" = { + name = "core-util-is"; + packageName = "core-util-is"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz"; + sha512 = "3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ=="; + }; + }; + "core-util-is-1.0.3" = { + name = "core-util-is"; + packageName = "core-util-is"; + version = "1.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz"; + sha512 = "ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ=="; + }; + }; + "create-error-class-3.0.2" = { + name = "create-error-class"; + packageName = "create-error-class"; + version = "3.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/create-error-class/-/create-error-class-3.0.2.tgz"; + sha512 = "gYTKKexFO3kh200H1Nit76sRwRtOY32vQd3jpAQKpLtZqyNsSQNfI4N7o3eP2wUjV35pTWKRYqFUDBvUha/Pkw=="; + }; + }; + "cross-spawn-7.0.3" = { + name = "cross-spawn"; + packageName = "cross-spawn"; + version = "7.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz"; + sha512 = "iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w=="; + }; + }; + "css-3.0.0" = { + name = "css"; + packageName = "css"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/css/-/css-3.0.0.tgz"; + sha512 = "DG9pFfwOrzc+hawpmqX/dHYHJG+Bsdb0klhyi1sDneOgGOXy9wQIC8hzyVp1e4NRYDBdxcylvywPkkXCHAzTyQ=="; + }; + }; + "d-1.0.1" = { + name = "d"; + packageName = "d"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/d/-/d-1.0.1.tgz"; + sha512 = "m62ShEObQ39CfralilEQRjH6oAMtNCV1xJyEx5LpRYUVN+EviphDgUc/F3hnYbADmkiNs67Y+3ylmlG7Lnu+FA=="; + }; + }; + "dashdash-1.14.1" = { + name = "dashdash"; + packageName = "dashdash"; + version = "1.14.1"; + src = fetchurl { + url = "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz"; + sha512 = "jRFi8UDGo6j+odZiEpjazZaWqEal3w/basFjQHQEwVtZJGDpxbH1MeYluwCS8Xq5wmLJooDlMgvVarmWfGM44g=="; + }; + }; + "debounce-1.2.1" = { + name = "debounce"; + packageName = "debounce"; + version = "1.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/debounce/-/debounce-1.2.1.tgz"; + sha512 = "XRRe6Glud4rd/ZGQfiV1ruXSfbvfJedlV9Y6zOlP+2K04vBYiJEte6stfFkCP03aMnY5tsipamumUjL14fofug=="; + }; + }; + "debug-2.6.9" = { + name = "debug"; + packageName = "debug"; + version = "2.6.9"; + src = fetchurl { + url = "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz"; + sha512 = "bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA=="; + }; + }; + "debug-3.2.7" = { + name = "debug"; + packageName = "debug"; + version = "3.2.7"; + src = fetchurl { + url = "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz"; + sha512 = "CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ=="; + }; + }; + "debug-4.3.4" = { + name = "debug"; + packageName = "debug"; + version = "4.3.4"; + src = fetchurl { + url = "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz"; + sha512 = "PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ=="; + }; + }; + "debug-fabulous-1.1.0" = { + name = "debug-fabulous"; + packageName = "debug-fabulous"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/debug-fabulous/-/debug-fabulous-1.1.0.tgz"; + sha512 = "GZqvGIgKNlUnHUPQhepnUZFIMoi3dgZKQBzKDeL2g7oJF9SNAji/AAu36dusFUas0O+pae74lNeoIPHqXWDkLg=="; + }; + }; + "decamelize-1.2.0" = { + name = "decamelize"; + packageName = "decamelize"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz"; + sha512 = "z2S+W9X73hAUUki+N+9Za2lBlun89zigOyGrsax+KUQ6wKW4ZoWpEYBkGhQjwAjjDCkWxhY0VKEhk8wzY7F5cA=="; + }; + }; + "decamelize-4.0.0" = { + name = "decamelize"; + packageName = "decamelize"; + version = "4.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/decamelize/-/decamelize-4.0.0.tgz"; + sha512 = "9iE1PgSik9HeIIw2JO94IidnE3eBoQrFJ3w7sFuzSX4DpmZ3v5sZpUiV5Swcf6mQEF+Y0ru8Neo+p+nyh2J+hQ=="; + }; + }; + "decode-uri-component-0.2.2" = { + name = "decode-uri-component"; + packageName = "decode-uri-component"; + version = "0.2.2"; + src = fetchurl { + url = "https://registry.npmjs.org/decode-uri-component/-/decode-uri-component-0.2.2.tgz"; + sha512 = "FqUYQ+8o158GyGTrMFJms9qh3CqTKvAqgqsTnkLI8sKu0028orqBhxNMFkFen0zGyg6epACD32pjVk58ngIErQ=="; + }; + }; + "decompress-4.2.1" = { + name = "decompress"; + packageName = "decompress"; + version = "4.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/decompress/-/decompress-4.2.1.tgz"; + sha512 = "e48kc2IjU+2Zw8cTb6VZcJQ3lgVbS4uuB1TfCHbiZIP/haNXm+SVyhu+87jts5/3ROpd82GSVCoNs/z8l4ZOaQ=="; + }; + }; + "decompress-tar-4.1.1" = { + name = "decompress-tar"; + packageName = "decompress-tar"; + version = "4.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/decompress-tar/-/decompress-tar-4.1.1.tgz"; + sha512 = "JdJMaCrGpB5fESVyxwpCx4Jdj2AagLmv3y58Qy4GE6HMVjWz1FeVQk1Ct4Kye7PftcdOo/7U7UKzYBJgqnGeUQ=="; + }; + }; + "decompress-tarbz2-4.1.1" = { + name = "decompress-tarbz2"; + packageName = "decompress-tarbz2"; + version = "4.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/decompress-tarbz2/-/decompress-tarbz2-4.1.1.tgz"; + sha512 = "s88xLzf1r81ICXLAVQVzaN6ZmX4A6U4z2nMbOwobxkLoIIfjVMBg7TeguTUXkKeXni795B6y5rnvDw7rxhAq9A=="; + }; + }; + "decompress-targz-4.1.1" = { + name = "decompress-targz"; + packageName = "decompress-targz"; + version = "4.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/decompress-targz/-/decompress-targz-4.1.1.tgz"; + sha512 = "4z81Znfr6chWnRDNfFNqLwPvm4db3WuZkqV+UgXQzSngG3CEKdBkw5jrv3axjjL96glyiiKjsxJG3X6WBZwX3w=="; + }; + }; + "decompress-unzip-4.0.1" = { + name = "decompress-unzip"; + packageName = "decompress-unzip"; + version = "4.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/decompress-unzip/-/decompress-unzip-4.0.1.tgz"; + sha512 = "1fqeluvxgnn86MOh66u8FjbtJpAFv5wgCT9Iw8rcBqQcCo5tO8eiJw7NNTrvt9n4CRBVq7CstiS922oPgyGLrw=="; + }; + }; + "decompress-zip-0.3.3" = { + name = "decompress-zip"; + packageName = "decompress-zip"; + version = "0.3.3"; + src = fetchurl { + url = "https://registry.npmjs.org/decompress-zip/-/decompress-zip-0.3.3.tgz"; + sha512 = "/fy1L4s+4jujqj3kNptWjilFw3E6De8U6XUFvqmh4npN3Vsypm3oT2V0bXcmbBWS+5j5tr4okYaFrOmyZkszEg=="; + }; + }; + "deep-eql-4.1.3" = { + name = "deep-eql"; + packageName = "deep-eql"; + version = "4.1.3"; + src = fetchurl { + url = "https://registry.npmjs.org/deep-eql/-/deep-eql-4.1.3.tgz"; + sha512 = "WaEtAOpRA1MQ0eohqZjpGD8zdI0Ovsm8mmFhaDN8dvDZzyoUMcYDnf5Y6iu7HTXxf8JDS23qWa4a+hKCDyOPzw=="; + }; + }; + "deep-is-0.1.4" = { + name = "deep-is"; + packageName = "deep-is"; + version = "0.1.4"; + src = fetchurl { + url = "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz"; + sha512 = "oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ=="; + }; + }; + "default-compare-1.0.0" = { + name = "default-compare"; + packageName = "default-compare"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/default-compare/-/default-compare-1.0.0.tgz"; + sha512 = "QWfXlM0EkAbqOCbD/6HjdwT19j7WCkMyiRhWilc4H9/5h/RzTF9gv5LYh1+CmDV5d1rki6KAWLtQale0xt20eQ=="; + }; + }; + "default-resolution-2.0.0" = { + name = "default-resolution"; + packageName = "default-resolution"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/default-resolution/-/default-resolution-2.0.0.tgz"; + sha512 = "2xaP6GiwVwOEbXCGoJ4ufgC76m8cj805jrghScewJC2ZDsb9U0b4BIrba+xt/Uytyd0HvQ6+WymSRTfnYj59GQ=="; + }; + }; + "define-properties-1.2.0" = { + name = "define-properties"; + packageName = "define-properties"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/define-properties/-/define-properties-1.2.0.tgz"; + sha512 = "xvqAVKGfT1+UAvPwKTVw/njhdQ8ZhXK4lI0bCIuCMrp2up9nPnaDftrLtmpTazqd1o+UY4zgzU+avtMbDP+ldA=="; + }; + }; + "define-property-0.2.5" = { + name = "define-property"; + packageName = "define-property"; + version = "0.2.5"; + src = fetchurl { + url = "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz"; + sha512 = "Rr7ADjQZenceVOAKop6ALkkRAmH1A4Gx9hV/7ZujPUN2rkATqFO0JZLZInbAjpZYoJ1gUx8MRMQVkYemcbMSTA=="; + }; + }; + "define-property-1.0.0" = { + name = "define-property"; + packageName = "define-property"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz"; + sha512 = "cZTYKFWspt9jZsMscWo8sc/5lbPC9Q0N5nBLgb+Yd915iL3udB1uFgS3B8YCx66UVHq018DAVFoee7x+gxggeA=="; + }; + }; + "define-property-2.0.2" = { + name = "define-property"; + packageName = "define-property"; + version = "2.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/define-property/-/define-property-2.0.2.tgz"; + sha512 = "jwK2UV4cnPpbcG7+VRARKTZPUWowwXA8bzH5NP6ud0oeAxyYPuGZUAC7hMugpCdz4BeSZl2Dl9k66CHJ/46ZYQ=="; + }; + }; + "delayed-stream-1.0.0" = { + name = "delayed-stream"; + packageName = "delayed-stream"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz"; + sha512 = "ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ=="; + }; + }; + "detect-file-1.0.0" = { + name = "detect-file"; + packageName = "detect-file"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/detect-file/-/detect-file-1.0.0.tgz"; + sha512 = "DtCOLG98P007x7wiiOmfI0fi3eIKyWiLTGJ2MDnVi/E04lWGbf+JzrRHMm0rgIIZJGtHpKpbVgLWHrv8xXpc3Q=="; + }; + }; + "detect-newline-2.1.0" = { + name = "detect-newline"; + packageName = "detect-newline"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/detect-newline/-/detect-newline-2.1.0.tgz"; + sha512 = "CwffZFvlJffUg9zZA0uqrjQayUTC8ob94pnr5sFwaVv3IOmkfUHcWH+jXaQK3askE51Cqe8/9Ql/0uXNwqZ8Zg=="; + }; + }; + "diff-5.0.0" = { + name = "diff"; + packageName = "diff"; + version = "5.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/diff/-/diff-5.0.0.tgz"; + sha512 = "/VTCrvm5Z0JGty/BWHljh+BAiw3IK+2j87NGMu8Nwc/f48WoDAC395uomO9ZD117ZOBaHmkX1oyLvkVM/aIT3w=="; + }; + }; + "doctrine-3.0.0" = { + name = "doctrine"; + packageName = "doctrine"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz"; + sha512 = "yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w=="; + }; + }; + "download-5.0.3" = { + name = "download"; + packageName = "download"; + version = "5.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/download/-/download-5.0.3.tgz"; + sha512 = "rE0V29BV5FyylK3Uw5hmP90TBuwGHAqPYfaRHW/VHsKe9Xqi7RACVg0k0FokeE+MTWr9mtUy75GyszRACiD3Ow=="; + }; + }; + "duplexer3-0.1.5" = { + name = "duplexer3"; + packageName = "duplexer3"; + version = "0.1.5"; + src = fetchurl { + url = "https://registry.npmjs.org/duplexer3/-/duplexer3-0.1.5.tgz"; + sha512 = "1A8za6ws41LQgv9HrE/66jyC5yuSjQ3L/KOpFtoBilsAK2iA2wuS5rTt1OCzIvtS2V7nVmedsUU+DGRcjBmOYA=="; + }; + }; + "duplexify-3.7.1" = { + name = "duplexify"; + packageName = "duplexify"; + version = "3.7.1"; + src = fetchurl { + url = "https://registry.npmjs.org/duplexify/-/duplexify-3.7.1.tgz"; + sha512 = "07z8uv2wMyS51kKhD1KsdXJg5WQ6t93RneqRxUHnskXVtlYYkLqM0gqStQZ3pj073g687jPCHrqNfCzawLYh5g=="; + }; + }; + "each-props-1.3.2" = { + name = "each-props"; + packageName = "each-props"; + version = "1.3.2"; + src = fetchurl { + url = "https://registry.npmjs.org/each-props/-/each-props-1.3.2.tgz"; + sha512 = "vV0Hem3zAGkJAyU7JSjixeU66rwdynTAa1vofCrSA5fEln+m67Az9CcnkVD776/fsN/UjIWmBDoNRS6t6G9RfA=="; + }; + }; + "ecc-jsbn-0.1.2" = { + name = "ecc-jsbn"; + packageName = "ecc-jsbn"; + version = "0.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz"; + sha512 = "eh9O+hwRHNbG4BLTjEl3nw044CkGm5X6LoaCf7LPp7UU8Qrt47JYNi6nPX8xjW97TKGKm1ouctg0QSpZe9qrnw=="; + }; + }; + "emoji-regex-8.0.0" = { + name = "emoji-regex"; + packageName = "emoji-regex"; + version = "8.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz"; + sha512 = "MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A=="; + }; + }; + "end-of-stream-1.4.4" = { + name = "end-of-stream"; + packageName = "end-of-stream"; + version = "1.4.4"; + src = fetchurl { + url = "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz"; + sha512 = "+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q=="; + }; + }; + "error-ex-1.3.2" = { + name = "error-ex"; + packageName = "error-ex"; + version = "1.3.2"; + src = fetchurl { + url = "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz"; + sha512 = "7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g=="; + }; + }; + "es5-ext-0.10.62" = { + name = "es5-ext"; + packageName = "es5-ext"; + version = "0.10.62"; + src = fetchurl { + url = "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.62.tgz"; + sha512 = "BHLqn0klhEpnOKSrzn/Xsz2UIW8j+cGmo9JLzr8BiUapV8hPL9+FliFqjwr9ngW7jWdnxv6eO+/LqyhJVqgrjA=="; + }; + }; + "es6-iterator-2.0.3" = { + name = "es6-iterator"; + packageName = "es6-iterator"; + version = "2.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/es6-iterator/-/es6-iterator-2.0.3.tgz"; + sha512 = "zw4SRzoUkd+cl+ZoE15A9o1oQd920Bb0iOJMQkQhl3jNc03YqVjAhG7scf9C5KWRU/R13Orf588uCC6525o02g=="; + }; + }; + "es6-symbol-3.1.3" = { + name = "es6-symbol"; + packageName = "es6-symbol"; + version = "3.1.3"; + src = fetchurl { + url = "https://registry.npmjs.org/es6-symbol/-/es6-symbol-3.1.3.tgz"; + sha512 = "NJ6Yn3FuDinBaBRWl/q5X/s4koRHBrgKAu+yGI6JCBeiu3qrcbJhwT2GeR/EXVfylRk8dpQVJoLEFhK+Mu31NA=="; + }; + }; + "es6-weak-map-2.0.3" = { + name = "es6-weak-map"; + packageName = "es6-weak-map"; + version = "2.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/es6-weak-map/-/es6-weak-map-2.0.3.tgz"; + sha512 = "p5um32HOTO1kP+w7PRnB+5lQ43Z6muuMuIMffvDN8ZB4GcnjLBV6zGStpbASIMk4DCAvEaamhe2zhyCb/QXXsA=="; + }; + }; + "escalade-3.1.1" = { + name = "escalade"; + packageName = "escalade"; + version = "3.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz"; + sha512 = "k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw=="; + }; + }; + "escape-string-regexp-1.0.5" = { + name = "escape-string-regexp"; + packageName = "escape-string-regexp"; + version = "1.0.5"; + src = fetchurl { + url = "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz"; + sha512 = "vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg=="; + }; + }; + "escape-string-regexp-4.0.0" = { + name = "escape-string-regexp"; + packageName = "escape-string-regexp"; + version = "4.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz"; + sha512 = "TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA=="; + }; + }; + "eslint-8.42.0" = { + name = "eslint"; + packageName = "eslint"; + version = "8.42.0"; + src = fetchurl { + url = "https://registry.npmjs.org/eslint/-/eslint-8.42.0.tgz"; + sha512 = "ulg9Ms6E1WPf67PHaEY4/6E2tEn5/f7FXGzr3t9cBMugOmf1INYvuUwwh1aXQN4MfJ6a5K2iNwP3w4AColvI9A=="; + }; + }; + "eslint-scope-7.2.0" = { + name = "eslint-scope"; + packageName = "eslint-scope"; + version = "7.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.2.0.tgz"; + sha512 = "DYj5deGlHBfMt15J7rdtyKNq/Nqlv5KfU4iodrQ019XESsRnwXH9KAE0y3cwtUHDo2ob7CypAnCqefh6vioWRw=="; + }; + }; + "eslint-visitor-keys-3.4.1" = { + name = "eslint-visitor-keys"; + packageName = "eslint-visitor-keys"; + version = "3.4.1"; + src = fetchurl { + url = "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.1.tgz"; + sha512 = "pZnmmLwYzf+kWaM/Qgrvpen51upAktaaiI01nsJD/Yr3lMOdNtq0cxkrrg16w64VtisN6okbs7Q8AfGqj4c9fA=="; + }; + }; + "espree-9.5.2" = { + name = "espree"; + packageName = "espree"; + version = "9.5.2"; + src = fetchurl { + url = "https://registry.npmjs.org/espree/-/espree-9.5.2.tgz"; + sha512 = "7OASN1Wma5fum5SrNhFMAMJxOUAbhyfQ8dQ//PJaJbNw0URTPWqIghHWt1MmAANKhHZIYOHruW4Kw4ruUWOdGw=="; + }; + }; + "esquery-1.5.0" = { + name = "esquery"; + packageName = "esquery"; + version = "1.5.0"; + src = fetchurl { + url = "https://registry.npmjs.org/esquery/-/esquery-1.5.0.tgz"; + sha512 = "YQLXUplAwJgCydQ78IMJywZCceoqk1oH01OERdSAJc/7U2AylwjhSCLDEtqwg811idIS/9fIU5GjG73IgjKMVg=="; + }; + }; + "esrecurse-4.3.0" = { + name = "esrecurse"; + packageName = "esrecurse"; + version = "4.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz"; + sha512 = "KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag=="; + }; + }; + "estraverse-5.3.0" = { + name = "estraverse"; + packageName = "estraverse"; + version = "5.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz"; + sha512 = "MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA=="; + }; + }; + "esutils-2.0.3" = { + name = "esutils"; + packageName = "esutils"; + version = "2.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz"; + sha512 = "kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g=="; + }; + }; + "event-emitter-0.3.5" = { + name = "event-emitter"; + packageName = "event-emitter"; + version = "0.3.5"; + src = fetchurl { + url = "https://registry.npmjs.org/event-emitter/-/event-emitter-0.3.5.tgz"; + sha512 = "D9rRn9y7kLPnJ+hMq7S/nhvoKwwvVJahBi2BPmx3bvbsEdK3W9ii8cBSGjP+72/LnM4n6fo3+dkCX5FeTQruXA=="; + }; + }; + "expand-brackets-0.1.5" = { + name = "expand-brackets"; + packageName = "expand-brackets"; + version = "0.1.5"; + src = fetchurl { + url = "https://registry.npmjs.org/expand-brackets/-/expand-brackets-0.1.5.tgz"; + sha512 = "hxx03P2dJxss6ceIeri9cmYOT4SRs3Zk3afZwWpOsRqLqprhTR8u++SlC+sFGsQr7WGFPdMF7Gjc1njDLDK6UA=="; + }; + }; + "expand-brackets-2.1.4" = { + name = "expand-brackets"; + packageName = "expand-brackets"; + version = "2.1.4"; + src = fetchurl { + url = "https://registry.npmjs.org/expand-brackets/-/expand-brackets-2.1.4.tgz"; + sha512 = "w/ozOKR9Obk3qoWeY/WDi6MFta9AoMR+zud60mdnbniMcBxRuFJyDt2LdX/14A1UABeqk+Uk+LDfUpvoGKppZA=="; + }; + }; + "expand-range-1.8.2" = { + name = "expand-range"; + packageName = "expand-range"; + version = "1.8.2"; + src = fetchurl { + url = "https://registry.npmjs.org/expand-range/-/expand-range-1.8.2.tgz"; + sha512 = "AFASGfIlnIbkKPQwX1yHaDjFvh/1gyKJODme52V6IORh69uEYgZp0o9C+qsIGNVEiuuhQU0CSSl++Rlegg1qvA=="; + }; + }; + "expand-tilde-2.0.2" = { + name = "expand-tilde"; + packageName = "expand-tilde"; + version = "2.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/expand-tilde/-/expand-tilde-2.0.2.tgz"; + sha512 = "A5EmesHW6rfnZ9ysHQjPdJRni0SRar0tjtG5MNtm9n5TUvsYU8oozprtRD4AqHxcZWWlVuAmQo2nWKfN9oyjTw=="; + }; + }; + "ext-1.7.0" = { + name = "ext"; + packageName = "ext"; + version = "1.7.0"; + src = fetchurl { + url = "https://registry.npmjs.org/ext/-/ext-1.7.0.tgz"; + sha512 = "6hxeJYaL110a9b5TEJSj0gojyHQAmA2ch5Os+ySCiA1QGdS697XWY1pzsrSjqA9LDEEgdB/KypIlR59RcLuHYw=="; + }; + }; + "extend-3.0.2" = { + name = "extend"; + packageName = "extend"; + version = "3.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz"; + sha512 = "fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g=="; + }; + }; + "extend-shallow-2.0.1" = { + name = "extend-shallow"; + packageName = "extend-shallow"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz"; + sha512 = "zCnTtlxNoAiDc3gqY2aYAWFx7XWWiasuF2K8Me5WbN8otHKTUKBwjPtNpRs/rbUZm7KxWAaNj7P1a/p52GbVug=="; + }; + }; + "extend-shallow-3.0.2" = { + name = "extend-shallow"; + packageName = "extend-shallow"; + version = "3.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/extend-shallow/-/extend-shallow-3.0.2.tgz"; + sha512 = "BwY5b5Ql4+qZoefgMj2NUmx+tehVTH/Kf4k1ZEtOHNFcm2wSxMRo992l6X3TIgni2eZVTZ85xMOjF31fwZAj6Q=="; + }; + }; + "extglob-0.3.2" = { + name = "extglob"; + packageName = "extglob"; + version = "0.3.2"; + src = fetchurl { + url = "https://registry.npmjs.org/extglob/-/extglob-0.3.2.tgz"; + sha512 = "1FOj1LOwn42TMrruOHGt18HemVnbwAmAak7krWk+wa93KXxGbK+2jpezm+ytJYDaBX0/SPLZFHKM7m+tKobWGg=="; + }; + }; + "extglob-2.0.4" = { + name = "extglob"; + packageName = "extglob"; + version = "2.0.4"; + src = fetchurl { + url = "https://registry.npmjs.org/extglob/-/extglob-2.0.4.tgz"; + sha512 = "Nmb6QXkELsuBr24CJSkilo6UHHgbekK5UiZgfE6UHD3Eb27YC6oD+bhcT+tJ6cl8dmsgdQxnWlcry8ksBIBLpw=="; + }; + }; + "extsprintf-1.3.0" = { + name = "extsprintf"; + packageName = "extsprintf"; + version = "1.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz"; + sha512 = "11Ndz7Nv+mvAC1j0ktTa7fAb0vLyGGX+rMHNBYQviQDGU0Hw7lhctJANqbPhu9nV9/izT/IntTgZ7Im/9LJs9g=="; + }; + }; + "fancy-log-1.3.3" = { + name = "fancy-log"; + packageName = "fancy-log"; + version = "1.3.3"; + src = fetchurl { + url = "https://registry.npmjs.org/fancy-log/-/fancy-log-1.3.3.tgz"; + sha512 = "k9oEhlyc0FrVh25qYuSELjr8oxsCoc4/LEZfg2iJJrfEk/tZL9bCoJE47gqAvI2m/AUjluCS4+3I0eTx8n3AEw=="; + }; + }; + "fast-deep-equal-3.1.3" = { + name = "fast-deep-equal"; + packageName = "fast-deep-equal"; + version = "3.1.3"; + src = fetchurl { + url = "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz"; + sha512 = "f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q=="; + }; + }; + "fast-json-stable-stringify-2.1.0" = { + name = "fast-json-stable-stringify"; + packageName = "fast-json-stable-stringify"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz"; + sha512 = "lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw=="; + }; + }; + "fast-levenshtein-1.1.4" = { + name = "fast-levenshtein"; + packageName = "fast-levenshtein"; + version = "1.1.4"; + src = fetchurl { + url = "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-1.1.4.tgz"; + sha512 = "Ia0sQNrMPXXkqVFt6w6M1n1oKo3NfKs+mvaV811Jwir7vAk9a6PVV9VPYf6X3BU97QiLEmuW3uXH9u87zDFfdw=="; + }; + }; + "fast-levenshtein-2.0.6" = { + name = "fast-levenshtein"; + packageName = "fast-levenshtein"; + version = "2.0.6"; + src = fetchurl { + url = "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz"; + sha512 = "DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw=="; + }; + }; + "fastq-1.15.0" = { + name = "fastq"; + packageName = "fastq"; + version = "1.15.0"; + src = fetchurl { + url = "https://registry.npmjs.org/fastq/-/fastq-1.15.0.tgz"; + sha512 = "wBrocU2LCXXa+lWBt8RoIRD89Fi8OdABODa/kEnyeyjS5aZO5/GNvI5sEINADqP/h8M29UHTHUb53sUu5Ihqdw=="; + }; + }; + "fd-slicer-1.1.0" = { + name = "fd-slicer"; + packageName = "fd-slicer"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/fd-slicer/-/fd-slicer-1.1.0.tgz"; + sha512 = "cE1qsB/VwyQozZ+q1dGxR8LBYNZeofhEdUNGSMbQD3Gw2lAzX9Zb3uIU6Ebc/Fmyjo9AWWfnn0AUCHqtevs/8g=="; + }; + }; + "file-entry-cache-6.0.1" = { + name = "file-entry-cache"; + packageName = "file-entry-cache"; + version = "6.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz"; + sha512 = "7Gps/XWymbLk2QLYK4NzpMOrYjMhdIxXuIvy2QBsLE6ljuodKvdkWs/cpyJJ3CVIVpH0Oi1Hvg1ovbMzLdFBBg=="; + }; + }; + "file-exists-2.0.0" = { + name = "file-exists"; + packageName = "file-exists"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/file-exists/-/file-exists-2.0.0.tgz"; + sha512 = "xiDzGS+oe7RleGLItoPTKVj3DjKHiVANV6dEyWTt3yB08H/AHuyvjh0aZ8jISQ53yhyTWVLsDzhJ5IbvPciBjg=="; + }; + }; + "file-type-3.9.0" = { + name = "file-type"; + packageName = "file-type"; + version = "3.9.0"; + src = fetchurl { + url = "https://registry.npmjs.org/file-type/-/file-type-3.9.0.tgz"; + sha512 = "RLoqTXE8/vPmMuTI88DAzhMYC99I8BWv7zYP4A1puo5HIjEJ5EX48ighy4ZyKMG9EDXxBgW6e++cn7d1xuFghA=="; + }; + }; + "file-type-5.2.0" = { + name = "file-type"; + packageName = "file-type"; + version = "5.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/file-type/-/file-type-5.2.0.tgz"; + sha512 = "Iq1nJ6D2+yIO4c8HHg4fyVb8mAJieo1Oloy1mLLaB2PvezNedhBVm+QU7g0qM42aiMbRXTxKKwGD17rjKNJYVQ=="; + }; + }; + "file-type-6.2.0" = { + name = "file-type"; + packageName = "file-type"; + version = "6.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/file-type/-/file-type-6.2.0.tgz"; + sha512 = "YPcTBDV+2Tm0VqjybVd32MHdlEGAtuxS3VAYsumFokDSMG+ROT5wawGlnHDoz7bfMcMDt9hxuXvXwoKUx2fkOg=="; + }; + }; + "file-uri-to-path-1.0.0" = { + name = "file-uri-to-path"; + packageName = "file-uri-to-path"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz"; + sha512 = "0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw=="; + }; + }; + "filename-regex-2.0.1" = { + name = "filename-regex"; + packageName = "filename-regex"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/filename-regex/-/filename-regex-2.0.1.tgz"; + sha512 = "BTCqyBaWBTsauvnHiE8i562+EdJj+oUpkqWp2R1iCoR8f6oo8STRu3of7WJJ0TqWtxN50a5YFpzYK4Jj9esYfQ=="; + }; + }; + "filename-reserved-regex-2.0.0" = { + name = "filename-reserved-regex"; + packageName = "filename-reserved-regex"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/filename-reserved-regex/-/filename-reserved-regex-2.0.0.tgz"; + sha512 = "lc1bnsSr4L4Bdif8Xb/qrtokGbq5zlsms/CYH8PP+WtCkGNF65DPiQY8vG3SakEdRn8Dlnm+gW/qWKKjS5sZzQ=="; + }; + }; + "filenamify-2.1.0" = { + name = "filenamify"; + packageName = "filenamify"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/filenamify/-/filenamify-2.1.0.tgz"; + sha512 = "ICw7NTT6RsDp2rnYKVd8Fu4cr6ITzGy3+u4vUujPkabyaz+03F24NWEX7fs5fp+kBonlaqPH8fAO2NM+SXt/JA=="; + }; + }; + "fill-range-2.2.4" = { + name = "fill-range"; + packageName = "fill-range"; + version = "2.2.4"; + src = fetchurl { + url = "https://registry.npmjs.org/fill-range/-/fill-range-2.2.4.tgz"; + sha512 = "cnrcCbj01+j2gTG921VZPnHbjmdAf8oQV/iGeV2kZxGSyfYjjTyY79ErsK1WJWMpw6DaApEX72binqJE+/d+5Q=="; + }; + }; + "fill-range-4.0.0" = { + name = "fill-range"; + packageName = "fill-range"; + version = "4.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/fill-range/-/fill-range-4.0.0.tgz"; + sha512 = "VcpLTWqWDiTerugjj8e3+esbg+skS3M9e54UuR3iCeIDMXCLTsAH8hTSzDQU/X6/6t3eYkOKoZSef2PlU6U1XQ=="; + }; + }; + "fill-range-7.0.1" = { + name = "fill-range"; + packageName = "fill-range"; + version = "7.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz"; + sha512 = "qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ=="; + }; + }; + "find-up-1.1.2" = { + name = "find-up"; + packageName = "find-up"; + version = "1.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/find-up/-/find-up-1.1.2.tgz"; + sha512 = "jvElSjyuo4EMQGoTwo1uJU5pQMwTW5lS1x05zzfJuTIyLR3zwO27LYrxNg+dlvKpGOuGy/MzBdXh80g0ve5+HA=="; + }; + }; + "find-up-5.0.0" = { + name = "find-up"; + packageName = "find-up"; + version = "5.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz"; + sha512 = "78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng=="; + }; + }; + "findup-sync-2.0.0" = { + name = "findup-sync"; + packageName = "findup-sync"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/findup-sync/-/findup-sync-2.0.0.tgz"; + sha512 = "vs+3unmJT45eczmcAZ6zMJtxN3l/QXeccaXQx5cu/MeJMhewVfoWZqibRkOxPnmoR59+Zy5hjabfQc6JLSah4g=="; + }; + }; + "findup-sync-3.0.0" = { + name = "findup-sync"; + packageName = "findup-sync"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/findup-sync/-/findup-sync-3.0.0.tgz"; + sha512 = "YbffarhcicEhOrm4CtrwdKBdCuz576RLdhJDsIfvNtxUuhdRet1qZcsMjqbePtAseKdAnDyM/IyXbu7PRPRLYg=="; + }; + }; + "fined-1.2.0" = { + name = "fined"; + packageName = "fined"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/fined/-/fined-1.2.0.tgz"; + sha512 = "ZYDqPLGxDkDhDZBjZBb+oD1+j0rA4E0pXY50eplAAOPg2N/gUBSSk5IM1/QhPfyVo19lJ+CvXpqfvk+b2p/8Ng=="; + }; + }; + "flagged-respawn-1.0.1" = { + name = "flagged-respawn"; + packageName = "flagged-respawn"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/flagged-respawn/-/flagged-respawn-1.0.1.tgz"; + sha512 = "lNaHNVymajmk0OJMBn8fVUAU1BtDeKIqKoVhk4xAALB57aALg6b4W0MfJ/cUE0g9YBXy5XhSlPIpYIJ7HaY/3Q=="; + }; + }; + "flat-5.0.2" = { + name = "flat"; + packageName = "flat"; + version = "5.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/flat/-/flat-5.0.2.tgz"; + sha512 = "b6suED+5/3rTpUBdG1gupIl8MPFCAMA0QXwmljLhvCUKcUvdE4gWky9zpuGCcXHOsz4J9wPGNWq6OKpmIzz3hQ=="; + }; + }; + "flat-cache-3.0.4" = { + name = "flat-cache"; + packageName = "flat-cache"; + version = "3.0.4"; + src = fetchurl { + url = "https://registry.npmjs.org/flat-cache/-/flat-cache-3.0.4.tgz"; + sha512 = "dm9s5Pw7Jc0GvMYbshN6zchCA9RgQlzzEZX3vylR9IqFfS8XciblUXOKfW6SiuJ0e13eDYZoZV5wdrev7P3Nwg=="; + }; + }; + "flatted-3.2.7" = { + name = "flatted"; + packageName = "flatted"; + version = "3.2.7"; + src = fetchurl { + url = "https://registry.npmjs.org/flatted/-/flatted-3.2.7.tgz"; + sha512 = "5nqDSxl8nn5BSNxyR3n4I6eDmbolI6WT+QqR547RwxQapgjQBmtktdP+HTBb/a/zLsbzERTONyUB5pefh5TtjQ=="; + }; + }; + "flush-write-stream-1.1.1" = { + name = "flush-write-stream"; + packageName = "flush-write-stream"; + version = "1.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/flush-write-stream/-/flush-write-stream-1.1.1.tgz"; + sha512 = "3Z4XhFZ3992uIq0XOqb9AreonueSYphE6oYbpt5+3u06JWklbsPkNv3ZKkP9Bz/r+1MWCaMoSQ28P85+1Yc77w=="; + }; + }; + "for-in-1.0.2" = { + name = "for-in"; + packageName = "for-in"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz"; + sha512 = "7EwmXrOjyL+ChxMhmG5lnW9MPt1aIeZEwKhQzoBUdTV0N3zuwWDZYVJatDvZ2OyzPUvdIAZDsCetk3coyMfcnQ=="; + }; + }; + "for-own-0.1.5" = { + name = "for-own"; + packageName = "for-own"; + version = "0.1.5"; + src = fetchurl { + url = "https://registry.npmjs.org/for-own/-/for-own-0.1.5.tgz"; + sha512 = "SKmowqGTJoPzLO1T0BBJpkfp3EMacCMOuH40hOUbrbzElVktk4DioXVM99QkLCyKoiuOmyjgcWMpVz2xjE7LZw=="; + }; + }; + "for-own-1.0.0" = { + name = "for-own"; + packageName = "for-own"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/for-own/-/for-own-1.0.0.tgz"; + sha512 = "0OABksIGrxKK8K4kynWkQ7y1zounQxP+CWnyclVwj81KW3vlLlGUx57DKGcP/LH216GzqnstnPocF16Nxs0Ycg=="; + }; + }; + "forever-agent-0.6.1" = { + name = "forever-agent"; + packageName = "forever-agent"; + version = "0.6.1"; + src = fetchurl { + url = "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz"; + sha512 = "j0KLYPhm6zeac4lz3oJ3o65qvgQCcPubiyotZrXqEaG4hNagNYO8qdlUrX5vwqv9ohqeT/Z3j6+yW067yWWdUw=="; + }; + }; + "form-data-2.3.3" = { + name = "form-data"; + packageName = "form-data"; + version = "2.3.3"; + src = fetchurl { + url = "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz"; + sha512 = "1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ=="; + }; + }; + "fragment-cache-0.2.1" = { + name = "fragment-cache"; + packageName = "fragment-cache"; + version = "0.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/fragment-cache/-/fragment-cache-0.2.1.tgz"; + sha512 = "GMBAbW9antB8iZRHLoGw0b3HANt57diZYFO/HL1JGIC1MjKrdmhxvrJbupnVvpys0zsz7yBApXdQyfepKly2kA=="; + }; + }; + "fs-constants-1.0.0" = { + name = "fs-constants"; + packageName = "fs-constants"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz"; + sha512 = "y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow=="; + }; + }; + "fs-extra-7.0.1" = { + name = "fs-extra"; + packageName = "fs-extra"; + version = "7.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/fs-extra/-/fs-extra-7.0.1.tgz"; + sha512 = "YJDaCJZEnBmcbw13fvdAM9AwNOJwOzrE4pqMqBq5nFiEqXUqHwlK4B+3pUw6JNvfSPtX05xFHtYy/1ni01eGCw=="; + }; + }; + "fs-jetpack-5.1.0" = { + name = "fs-jetpack"; + packageName = "fs-jetpack"; + version = "5.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/fs-jetpack/-/fs-jetpack-5.1.0.tgz"; + sha512 = "Xn4fDhLydXkuzepZVsr02jakLlmoARPy+YWIclo4kh0GyNGUHnTqeH/w/qIsVn50dFxtp8otPL2t/HcPJBbxUA=="; + }; + }; + "fs-mkdirp-stream-1.0.0" = { + name = "fs-mkdirp-stream"; + packageName = "fs-mkdirp-stream"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/fs-mkdirp-stream/-/fs-mkdirp-stream-1.0.0.tgz"; + sha512 = "+vSd9frUnapVC2RZYfL3FCB2p3g4TBhaUmrsWlSudsGdnxIuUvBB2QM1VZeBtc49QFwrp+wQLrDs3+xxDgI5gQ=="; + }; + }; + "fs.realpath-1.0.0" = { + name = "fs.realpath"; + packageName = "fs.realpath"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz"; + sha512 = "OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw=="; + }; + }; + "fsevents-1.2.13" = { + name = "fsevents"; + packageName = "fsevents"; + version = "1.2.13"; + src = fetchurl { + url = "https://registry.npmjs.org/fsevents/-/fsevents-1.2.13.tgz"; + sha512 = "oWb1Z6mkHIskLzEJ/XWX0srkpkTQ7vaopMQkyaEIoq0fmtFVxOthb8cCxeT+p3ynTdkk/RZwbgG4brR5BeWECw=="; + }; + }; + "fsevents-2.3.2" = { + name = "fsevents"; + packageName = "fsevents"; + version = "2.3.2"; + src = fetchurl { + url = "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz"; + sha512 = "xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA=="; + }; + }; + "function-bind-1.1.1" = { + name = "function-bind"; + packageName = "function-bind"; + version = "1.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz"; + sha512 = "yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A=="; + }; + }; + "get-caller-file-1.0.3" = { + name = "get-caller-file"; + packageName = "get-caller-file"; + version = "1.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/get-caller-file/-/get-caller-file-1.0.3.tgz"; + sha512 = "3t6rVToeoZfYSGd8YoLFR2DJkiQrIiUrGcjvFX2mDw3bn6k2OtwHN0TNCLbBO+w8qTvimhDkv+LSscbJY1vE6w=="; + }; + }; + "get-caller-file-2.0.5" = { + name = "get-caller-file"; + packageName = "get-caller-file"; + version = "2.0.5"; + src = fetchurl { + url = "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz"; + sha512 = "DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg=="; + }; + }; + "get-func-name-2.0.0" = { + name = "get-func-name"; + packageName = "get-func-name"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/get-func-name/-/get-func-name-2.0.0.tgz"; + sha512 = "Hm0ixYtaSZ/V7C8FJrtZIuBBI+iSgL+1Aq82zSu8VQNB4S3Gk8e7Qs3VwBDJAhmRZcFqkl3tQu36g/Foh5I5ig=="; + }; + }; + "get-intrinsic-1.2.1" = { + name = "get-intrinsic"; + packageName = "get-intrinsic"; + version = "1.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.1.tgz"; + sha512 = "2DcsyfABl+gVHEfCOaTrWgyt+tb6MSEGmKq+kI5HwLbIYgjgmMcV8KQ41uaKz1xxUcn9tJtgFbQUEVcEbd0FYw=="; + }; + }; + "get-proxy-2.1.0" = { + name = "get-proxy"; + packageName = "get-proxy"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/get-proxy/-/get-proxy-2.1.0.tgz"; + sha512 = "zmZIaQTWnNQb4R4fJUEp/FC51eZsc6EkErspy3xtIYStaq8EB/hDIWipxsal+E8rz0qD7f2sL/NA9Xee4RInJw=="; + }; + }; + "get-stream-2.3.1" = { + name = "get-stream"; + packageName = "get-stream"; + version = "2.3.1"; + src = fetchurl { + url = "https://registry.npmjs.org/get-stream/-/get-stream-2.3.1.tgz"; + sha512 = "AUGhbbemXxrZJRD5cDvKtQxLuYaIbNtDTK8YqupCI393Q2KSTreEsLUN3ZxAWFGiKTzL6nKuzfcIvieflUX9qA=="; + }; + }; + "get-stream-3.0.0" = { + name = "get-stream"; + packageName = "get-stream"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/get-stream/-/get-stream-3.0.0.tgz"; + sha512 = "GlhdIUuVakc8SJ6kK0zAFbiGzRFzNnY4jUuEbV9UROo4Y+0Ny4fjvcZFVTeDA4odpFyOQzaw6hXukJSq/f28sQ=="; + }; + }; + "get-value-2.0.6" = { + name = "get-value"; + packageName = "get-value"; + version = "2.0.6"; + src = fetchurl { + url = "https://registry.npmjs.org/get-value/-/get-value-2.0.6.tgz"; + sha512 = "Ln0UQDlxH1BapMu3GPtf7CuYNwRZf2gwCuPqbyG6pB8WfmFpzqcy4xtAaAMUhnNqjMKTiCPZG2oMT3YSx8U2NA=="; + }; + }; + "getpass-0.1.7" = { + name = "getpass"; + packageName = "getpass"; + version = "0.1.7"; + src = fetchurl { + url = "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz"; + sha512 = "0fzj9JxOLfJ+XGLhR8ze3unN0KZCgZwiSSDz168VERjK8Wl8kVSdcu2kspd4s4wtAa1y/qrVRiAA0WclVsu0ng=="; + }; + }; + "glob-7.2.0" = { + name = "glob"; + packageName = "glob"; + version = "7.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/glob/-/glob-7.2.0.tgz"; + sha512 = "lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q=="; + }; + }; + "glob-7.2.3" = { + name = "glob"; + packageName = "glob"; + version = "7.2.3"; + src = fetchurl { + url = "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz"; + sha512 = "nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q=="; + }; + }; + "glob-base-0.3.0" = { + name = "glob-base"; + packageName = "glob-base"; + version = "0.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/glob-base/-/glob-base-0.3.0.tgz"; + sha512 = "ab1S1g1EbO7YzauaJLkgLp7DZVAqj9M/dvKlTt8DkXA2tiOIcSMrlVI2J1RZyB5iJVccEscjGn+kpOG9788MHA=="; + }; + }; + "glob-parent-2.0.0" = { + name = "glob-parent"; + packageName = "glob-parent"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/glob-parent/-/glob-parent-2.0.0.tgz"; + sha512 = "JDYOvfxio/t42HKdxkAYaCiBN7oYiuxykOxKxdaUW5Qn0zaYN3gRQWolrwdnf0shM9/EP0ebuuTmyoXNr1cC5w=="; + }; + }; + "glob-parent-3.1.0" = { + name = "glob-parent"; + packageName = "glob-parent"; + version = "3.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz"; + sha512 = "E8Ak/2+dZY6fnzlR7+ueWvhsH1SjHr4jjss4YS/h4py44jY9MhK/VFdaZJAWDz6BbL21KeteKxFSFpq8OS5gVA=="; + }; + }; + "glob-parent-5.1.2" = { + name = "glob-parent"; + packageName = "glob-parent"; + version = "5.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz"; + sha512 = "AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow=="; + }; + }; + "glob-parent-6.0.2" = { + name = "glob-parent"; + packageName = "glob-parent"; + version = "6.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz"; + sha512 = "XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A=="; + }; + }; + "glob-stream-6.1.0" = { + name = "glob-stream"; + packageName = "glob-stream"; + version = "6.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/glob-stream/-/glob-stream-6.1.0.tgz"; + sha512 = "uMbLGAP3S2aDOHUDfdoYcdIePUCfysbAd0IAoWVZbeGU/oNQ8asHVSshLDJUPWxfzj8zsCG7/XeHPHTtow0nsw=="; + }; + }; + "glob-watcher-5.0.5" = { + name = "glob-watcher"; + packageName = "glob-watcher"; + version = "5.0.5"; + src = fetchurl { + url = "https://registry.npmjs.org/glob-watcher/-/glob-watcher-5.0.5.tgz"; + sha512 = "zOZgGGEHPklZNjZQaZ9f41i7F2YwE+tS5ZHrDhbBCk3stwahn5vQxnFmBJZHoYdusR6R1bLSXeGUy/BhctwKzw=="; + }; + }; + "global-modules-1.0.0" = { + name = "global-modules"; + packageName = "global-modules"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/global-modules/-/global-modules-1.0.0.tgz"; + sha512 = "sKzpEkf11GpOFuw0Zzjzmt4B4UZwjOcG757PPvrfhxcLFbq0wpsgpOqxpxtxFiCG4DtG93M6XRVbF2oGdev7bg=="; + }; + }; + "global-prefix-1.0.2" = { + name = "global-prefix"; + packageName = "global-prefix"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/global-prefix/-/global-prefix-1.0.2.tgz"; + sha512 = "5lsx1NUDHtSjfg0eHlmYvZKv8/nVqX4ckFbM+FrGcQ+04KWcWFo9P5MxPZYSzUvyzmdTbI7Eix8Q4IbELDqzKg=="; + }; + }; + "globals-13.20.0" = { + name = "globals"; + packageName = "globals"; + version = "13.20.0"; + src = fetchurl { + url = "https://registry.npmjs.org/globals/-/globals-13.20.0.tgz"; + sha512 = "Qg5QtVkCy/kv3FUSlu4ukeZDVf9ee0iXLAUYX13gbR17bnejFTzr4iS9bY7kwCf1NztRNm1t91fjOiyx4CSwPQ=="; + }; + }; + "glogg-1.0.2" = { + name = "glogg"; + packageName = "glogg"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/glogg/-/glogg-1.0.2.tgz"; + sha512 = "5mwUoSuBk44Y4EshyiqcH95ZntbDdTQqA3QYSrxmzj28Ai0vXBGMH1ApSANH14j2sIRtqCEyg6PfsuP7ElOEDA=="; + }; + }; + "got-6.7.1" = { + name = "got"; + packageName = "got"; + version = "6.7.1"; + src = fetchurl { + url = "https://registry.npmjs.org/got/-/got-6.7.1.tgz"; + sha512 = "Y/K3EDuiQN9rTZhBvPRWMLXIKdeD1Rj0nzunfoi0Yyn5WBEbzxXKU9Ub2X41oZBagVWOBU3MuDonFMgPWQFnwg=="; + }; + }; + "graceful-fs-4.2.11" = { + name = "graceful-fs"; + packageName = "graceful-fs"; + version = "4.2.11"; + src = fetchurl { + url = "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz"; + sha512 = "RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ=="; + }; + }; + "graphemer-1.4.0" = { + name = "graphemer"; + packageName = "graphemer"; + version = "1.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/graphemer/-/graphemer-1.4.0.tgz"; + sha512 = "EtKwoO6kxCL9WO5xipiHTZlSzBm7WLT627TqC/uVRd0HKmq8NXyebnNYxDoBi7wt8eTWrUrKXCOVaFq9x1kgag=="; + }; + }; + "gulp-4.0.2" = { + name = "gulp"; + packageName = "gulp"; + version = "4.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/gulp/-/gulp-4.0.2.tgz"; + sha512 = "dvEs27SCZt2ibF29xYgmnwwCYZxdxhQ/+LFWlbAW8y7jt68L/65402Lz3+CKy0Ov4rOs+NERmDq7YlZaDqUIfA=="; + }; + }; + "gulp-cli-2.3.0" = { + name = "gulp-cli"; + packageName = "gulp-cli"; + version = "2.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/gulp-cli/-/gulp-cli-2.3.0.tgz"; + sha512 = "zzGBl5fHo0EKSXsHzjspp3y5CONegCm8ErO5Qh0UzFzk2y4tMvzLWhoDokADbarfZRL2pGpRp7yt6gfJX4ph7A=="; + }; + }; + "gulp-sourcemaps-3.0.0" = { + name = "gulp-sourcemaps"; + packageName = "gulp-sourcemaps"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/gulp-sourcemaps/-/gulp-sourcemaps-3.0.0.tgz"; + sha512 = "RqvUckJkuYqy4VaIH60RMal4ZtG0IbQ6PXMNkNsshEGJ9cldUPRb/YCgboYae+CLAs1HQNb4ADTKCx65HInquQ=="; + }; + }; + "gulplog-1.0.0" = { + name = "gulplog"; + packageName = "gulplog"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/gulplog/-/gulplog-1.0.0.tgz"; + sha512 = "hm6N8nrm3Y08jXie48jsC55eCZz9mnb4OirAStEk2deqeyhXU3C1otDVh+ccttMuc1sBi6RX6ZJ720hs9RCvgw=="; + }; + }; + "har-schema-2.0.0" = { + name = "har-schema"; + packageName = "har-schema"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz"; + sha512 = "Oqluz6zhGX8cyRaTQlFMPw80bSJVG2x/cFb8ZPhUILGgHka9SsokCCOQgpveePerqidZOrT14ipqfJb7ILcW5Q=="; + }; + }; + "har-validator-5.1.5" = { + name = "har-validator"; + packageName = "har-validator"; + version = "5.1.5"; + src = fetchurl { + url = "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz"; + sha512 = "nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w=="; + }; + }; + "has-1.0.3" = { + name = "has"; + packageName = "has"; + version = "1.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/has/-/has-1.0.3.tgz"; + sha512 = "f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw=="; + }; + }; + "has-ansi-2.0.0" = { + name = "has-ansi"; + packageName = "has-ansi"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/has-ansi/-/has-ansi-2.0.0.tgz"; + sha512 = "C8vBJ8DwUCx19vhm7urhTuUsr4/IyP6l4VzNQDv+ryHQObW3TTTp9yB68WpYgRe2bbaGuZ/se74IqFeVnMnLZg=="; + }; + }; + "has-flag-4.0.0" = { + name = "has-flag"; + packageName = "has-flag"; + version = "4.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz"; + sha512 = "EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ=="; + }; + }; + "has-property-descriptors-1.0.0" = { + name = "has-property-descriptors"; + packageName = "has-property-descriptors"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.0.tgz"; + sha512 = "62DVLZGoiEBDHQyqG4w9xCuZ7eJEwNmJRWw2VY84Oedb7WFcA27fiEVe8oUQx9hAUJ4ekurquucTGwsyO1XGdQ=="; + }; + }; + "has-proto-1.0.1" = { + name = "has-proto"; + packageName = "has-proto"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz"; + sha512 = "7qE+iP+O+bgF9clE5+UoBFzE65mlBiVj3tKCrlNQ0Ogwm0BjpT/gK4SlLYDMybDh5I3TCTKnPPa0oMG7JDYrhg=="; + }; + }; + "has-symbol-support-x-1.4.2" = { + name = "has-symbol-support-x"; + packageName = "has-symbol-support-x"; + version = "1.4.2"; + src = fetchurl { + url = "https://registry.npmjs.org/has-symbol-support-x/-/has-symbol-support-x-1.4.2.tgz"; + sha512 = "3ToOva++HaW+eCpgqZrCfN51IPB+7bJNVT6CUATzueB5Heb8o6Nam0V3HG5dlDvZU1Gn5QLcbahiKw/XVk5JJw=="; + }; + }; + "has-symbols-1.0.3" = { + name = "has-symbols"; + packageName = "has-symbols"; + version = "1.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz"; + sha512 = "l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A=="; + }; + }; + "has-to-string-tag-x-1.4.1" = { + name = "has-to-string-tag-x"; + packageName = "has-to-string-tag-x"; + version = "1.4.1"; + src = fetchurl { + url = "https://registry.npmjs.org/has-to-string-tag-x/-/has-to-string-tag-x-1.4.1.tgz"; + sha512 = "vdbKfmw+3LoOYVr+mtxHaX5a96+0f3DljYd8JOqvOLsf5mw2Otda2qCDT9qRqLAhrjyQ0h7ual5nOiASpsGNFw=="; + }; + }; + "has-value-0.3.1" = { + name = "has-value"; + packageName = "has-value"; + version = "0.3.1"; + src = fetchurl { + url = "https://registry.npmjs.org/has-value/-/has-value-0.3.1.tgz"; + sha512 = "gpG936j8/MzaeID5Yif+577c17TxaDmhuyVgSwtnL/q8UUTySg8Mecb+8Cf1otgLoD7DDH75axp86ER7LFsf3Q=="; + }; + }; + "has-value-1.0.0" = { + name = "has-value"; + packageName = "has-value"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/has-value/-/has-value-1.0.0.tgz"; + sha512 = "IBXk4GTsLYdQ7Rvt+GRBrFSVEkmuOUy4re0Xjd9kJSUQpnTrWR4/y9RpfexN9vkAPMFuQoeWKwqzPozRTlasGw=="; + }; + }; + "has-values-0.1.4" = { + name = "has-values"; + packageName = "has-values"; + version = "0.1.4"; + src = fetchurl { + url = "https://registry.npmjs.org/has-values/-/has-values-0.1.4.tgz"; + sha512 = "J8S0cEdWuQbqD9//tlZxiMuMNmxB8PlEwvYwuxsTmR1G5RXUePEX/SJn7aD0GMLieuZYSwNH0cQuJGwnYunXRQ=="; + }; + }; + "has-values-1.0.0" = { + name = "has-values"; + packageName = "has-values"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/has-values/-/has-values-1.0.0.tgz"; + sha512 = "ODYZC64uqzmtfGMEAX/FvZiRyWLpAC3vYnNunURUnkGVTS+mI0smVsWaPydRBsE3g+ok7h960jChO8mFcWlHaQ=="; + }; + }; + "he-1.2.0" = { + name = "he"; + packageName = "he"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/he/-/he-1.2.0.tgz"; + sha512 = "F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw=="; + }; + }; + "homedir-polyfill-1.0.3" = { + name = "homedir-polyfill"; + packageName = "homedir-polyfill"; + version = "1.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/homedir-polyfill/-/homedir-polyfill-1.0.3.tgz"; + sha512 = "eSmmWE5bZTK2Nou4g0AI3zZ9rswp7GRKoKXS1BLUkvPviOqs4YTN1djQIqrXy9k5gEtdLPy86JjRwsNM9tnDcA=="; + }; + }; + "hosted-git-info-2.8.9" = { + name = "hosted-git-info"; + packageName = "hosted-git-info"; + version = "2.8.9"; + src = fetchurl { + url = "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.9.tgz"; + sha512 = "mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw=="; + }; + }; + "http-signature-1.2.0" = { + name = "http-signature"; + packageName = "http-signature"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz"; + sha512 = "CAbnr6Rz4CYQkLYUtSNXxQPUH2gK8f3iWexVlsnMeD+GjlsQ0Xsy1cOX+mN3dtxYomRy21CiOzU8Uhw6OwncEQ=="; + }; + }; + "ieee754-1.2.1" = { + name = "ieee754"; + packageName = "ieee754"; + version = "1.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz"; + sha512 = "dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA=="; + }; + }; + "ignore-5.2.4" = { + name = "ignore"; + packageName = "ignore"; + version = "5.2.4"; + src = fetchurl { + url = "https://registry.npmjs.org/ignore/-/ignore-5.2.4.tgz"; + sha512 = "MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ=="; + }; + }; + "immediate-3.0.6" = { + name = "immediate"; + packageName = "immediate"; + version = "3.0.6"; + src = fetchurl { + url = "https://registry.npmjs.org/immediate/-/immediate-3.0.6.tgz"; + sha512 = "XXOFtyqDjNDAQxVfYxuF7g9Il/IbWmmlQg2MYKOH8ExIT1qg6xc4zyS3HaEEATgs1btfzxq15ciUiY7gjSXRGQ=="; + }; + }; + "import-fresh-3.3.0" = { + name = "import-fresh"; + packageName = "import-fresh"; + version = "3.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz"; + sha512 = "veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw=="; + }; + }; + "imurmurhash-0.1.4" = { + name = "imurmurhash"; + packageName = "imurmurhash"; + version = "0.1.4"; + src = fetchurl { + url = "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz"; + sha512 = "JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA=="; + }; + }; + "inflight-1.0.6" = { + name = "inflight"; + packageName = "inflight"; + version = "1.0.6"; + src = fetchurl { + url = "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz"; + sha512 = "k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA=="; + }; + }; + "inherits-2.0.4" = { + name = "inherits"; + packageName = "inherits"; + version = "2.0.4"; + src = fetchurl { + url = "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz"; + sha512 = "k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="; + }; + }; + "ini-1.3.8" = { + name = "ini"; + packageName = "ini"; + version = "1.3.8"; + src = fetchurl { + url = "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz"; + sha512 = "JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew=="; + }; + }; + "interpret-1.4.0" = { + name = "interpret"; + packageName = "interpret"; + version = "1.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/interpret/-/interpret-1.4.0.tgz"; + sha512 = "agE4QfB2Lkp9uICn7BAqoscw4SZP9kTE2hxiFI3jBPmXJfdqiahTbUuKGsMoN2GtqL9AxhYioAcVvgsb1HvRbA=="; + }; + }; + "invert-kv-1.0.0" = { + name = "invert-kv"; + packageName = "invert-kv"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz"; + sha512 = "xgs2NH9AE66ucSq4cNG1nhSFghr5l6tdL15Pk+jl46bmmBapgoaY/AacXyaDznAqmGL99TiLSQgO/XazFSKYeQ=="; + }; + }; + "is-absolute-1.0.0" = { + name = "is-absolute"; + packageName = "is-absolute"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-absolute/-/is-absolute-1.0.0.tgz"; + sha512 = "dOWoqflvcydARa360Gvv18DZ/gRuHKi2NU/wU5X1ZFzdYfH29nkiNZsF3mp4OJ3H4yo9Mx8A/uAGNzpzPN3yBA=="; + }; + }; + "is-accessor-descriptor-0.1.6" = { + name = "is-accessor-descriptor"; + packageName = "is-accessor-descriptor"; + version = "0.1.6"; + src = fetchurl { + url = "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-0.1.6.tgz"; + sha512 = "e1BM1qnDbMRG3ll2U9dSK0UMHuWOs3pY3AtcFsmvwPtKL3MML/Q86i+GilLfvqEs4GW+ExB91tQ3Ig9noDIZ+A=="; + }; + }; + "is-accessor-descriptor-1.0.0" = { + name = "is-accessor-descriptor"; + packageName = "is-accessor-descriptor"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz"; + sha512 = "m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ=="; + }; + }; + "is-arrayish-0.2.1" = { + name = "is-arrayish"; + packageName = "is-arrayish"; + version = "0.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz"; + sha512 = "zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg=="; + }; + }; + "is-binary-path-1.0.1" = { + name = "is-binary-path"; + packageName = "is-binary-path"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/is-binary-path/-/is-binary-path-1.0.1.tgz"; + sha512 = "9fRVlXc0uCxEDj1nQzaWONSpbTfx0FmJfzHF7pwlI8DkWGoHBBea4Pg5Ky0ojwwxQmnSifgbKkI06Qv0Ljgj+Q=="; + }; + }; + "is-binary-path-2.1.0" = { + name = "is-binary-path"; + packageName = "is-binary-path"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz"; + sha512 = "ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw=="; + }; + }; + "is-buffer-1.1.6" = { + name = "is-buffer"; + packageName = "is-buffer"; + version = "1.1.6"; + src = fetchurl { + url = "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz"; + sha512 = "NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w=="; + }; + }; + "is-core-module-2.12.1" = { + name = "is-core-module"; + packageName = "is-core-module"; + version = "2.12.1"; + src = fetchurl { + url = "https://registry.npmjs.org/is-core-module/-/is-core-module-2.12.1.tgz"; + sha512 = "Q4ZuBAe2FUsKtyQJoQHlvP8OvBERxO3jEmy1I7hcRXcJBGGHFh/aJBswbXuS9sgrDH2QUO8ilkwNPHvHMd8clg=="; + }; + }; + "is-data-descriptor-0.1.4" = { + name = "is-data-descriptor"; + packageName = "is-data-descriptor"; + version = "0.1.4"; + src = fetchurl { + url = "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-0.1.4.tgz"; + sha512 = "+w9D5ulSoBNlmw9OHn3U2v51SyoCd0he+bB3xMl62oijhrspxowjU+AIcDY0N3iEJbUEkB15IlMASQsxYigvXg=="; + }; + }; + "is-data-descriptor-1.0.0" = { + name = "is-data-descriptor"; + packageName = "is-data-descriptor"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz"; + sha512 = "jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ=="; + }; + }; + "is-descriptor-0.1.6" = { + name = "is-descriptor"; + packageName = "is-descriptor"; + version = "0.1.6"; + src = fetchurl { + url = "https://registry.npmjs.org/is-descriptor/-/is-descriptor-0.1.6.tgz"; + sha512 = "avDYr0SB3DwO9zsMov0gKCESFYqCnE4hq/4z3TdUlukEy5t9C0YRq7HLrsN52NAcqXKaepeCD0n+B0arnVG3Hg=="; + }; + }; + "is-descriptor-1.0.2" = { + name = "is-descriptor"; + packageName = "is-descriptor"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz"; + sha512 = "2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg=="; + }; + }; + "is-dotfile-1.0.3" = { + name = "is-dotfile"; + packageName = "is-dotfile"; + version = "1.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/is-dotfile/-/is-dotfile-1.0.3.tgz"; + sha512 = "9YclgOGtN/f8zx0Pr4FQYMdibBiTaH3sn52vjYip4ZSf6C4/6RfTEZ+MR4GvKhCxdPh21Bg42/WL55f6KSnKpg=="; + }; + }; + "is-equal-shallow-0.1.3" = { + name = "is-equal-shallow"; + packageName = "is-equal-shallow"; + version = "0.1.3"; + src = fetchurl { + url = "https://registry.npmjs.org/is-equal-shallow/-/is-equal-shallow-0.1.3.tgz"; + sha512 = "0EygVC5qPvIyb+gSz7zdD5/AAoS6Qrx1e//6N4yv4oNm30kqvdmG66oZFWVlQHUWe5OjP08FuTw2IdT0EOTcYA=="; + }; + }; + "is-extendable-0.1.1" = { + name = "is-extendable"; + packageName = "is-extendable"; + version = "0.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz"; + sha512 = "5BMULNob1vgFX6EjQw5izWDxrecWK9AM72rugNr0TFldMOi0fj6Jk+zeKIt0xGj4cEfQIJth4w3OKWOJ4f+AFw=="; + }; + }; + "is-extendable-1.0.1" = { + name = "is-extendable"; + packageName = "is-extendable"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz"; + sha512 = "arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA=="; + }; + }; + "is-extglob-1.0.0" = { + name = "is-extglob"; + packageName = "is-extglob"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-extglob/-/is-extglob-1.0.0.tgz"; + sha512 = "7Q+VbVafe6x2T+Tu6NcOf6sRklazEPmBoB3IWk3WdGZM2iGUwU/Oe3Wtq5lSEkDTTlpp8yx+5t4pzO/i9Ty1ww=="; + }; + }; + "is-extglob-2.1.1" = { + name = "is-extglob"; + packageName = "is-extglob"; + version = "2.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz"; + sha512 = "SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ=="; + }; + }; + "is-fullwidth-code-point-1.0.0" = { + name = "is-fullwidth-code-point"; + packageName = "is-fullwidth-code-point"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz"; + sha512 = "1pqUqRjkhPJ9miNq9SwMfdvi6lBJcd6eFxvfaivQhaH3SgisfiuudvFntdKOmxuee/77l+FPjKrQjWvmPjWrRw=="; + }; + }; + "is-fullwidth-code-point-3.0.0" = { + name = "is-fullwidth-code-point"; + packageName = "is-fullwidth-code-point"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz"; + sha512 = "zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg=="; + }; + }; + "is-glob-2.0.1" = { + name = "is-glob"; + packageName = "is-glob"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/is-glob/-/is-glob-2.0.1.tgz"; + sha512 = "a1dBeB19NXsf/E0+FHqkagizel/LQw2DjSQpvQrj3zT+jYPpaUCryPnrQajXKFLCMuf4I6FhRpaGtw4lPrG6Eg=="; + }; + }; + "is-glob-3.1.0" = { + name = "is-glob"; + packageName = "is-glob"; + version = "3.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-glob/-/is-glob-3.1.0.tgz"; + sha512 = "UFpDDrPgM6qpnFNI+rh/p3bUaq9hKLZN8bMUWzxmcnZVS3omf4IPK+BrewlnWjO1WmUsMYuSjKh4UJuV4+Lqmw=="; + }; + }; + "is-glob-4.0.3" = { + name = "is-glob"; + packageName = "is-glob"; + version = "4.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz"; + sha512 = "xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg=="; + }; + }; + "is-natural-number-4.0.1" = { + name = "is-natural-number"; + packageName = "is-natural-number"; + version = "4.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/is-natural-number/-/is-natural-number-4.0.1.tgz"; + sha512 = "Y4LTamMe0DDQIIAlaer9eKebAlDSV6huy+TWhJVPlzZh2o4tRP5SQWFlLn5N0To4mDD22/qdOq+veo1cSISLgQ=="; + }; + }; + "is-negated-glob-1.0.0" = { + name = "is-negated-glob"; + packageName = "is-negated-glob"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-negated-glob/-/is-negated-glob-1.0.0.tgz"; + sha512 = "czXVVn/QEmgvej1f50BZ648vUI+em0xqMq2Sn+QncCLN4zj1UAxlT+kw/6ggQTOaZPd1HqKQGEqbpQVtJucWug=="; + }; + }; + "is-number-2.1.0" = { + name = "is-number"; + packageName = "is-number"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-number/-/is-number-2.1.0.tgz"; + sha512 = "QUzH43Gfb9+5yckcrSA0VBDwEtDUchrk4F6tfJZQuNzDJbEDB9cZNzSfXGQ1jqmdDY/kl41lUOWM9syA8z8jlg=="; + }; + }; + "is-number-3.0.0" = { + name = "is-number"; + packageName = "is-number"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz"; + sha512 = "4cboCqIpliH+mAvFNegjZQ4kgKc3ZUhQVr3HvWbSh5q3WH2v82ct+T2Y1hdU5Gdtorx/cLifQjqCbL7bpznLTg=="; + }; + }; + "is-number-4.0.0" = { + name = "is-number"; + packageName = "is-number"; + version = "4.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-number/-/is-number-4.0.0.tgz"; + sha512 = "rSklcAIlf1OmFdyAqbnWTLVelsQ58uvZ66S/ZyawjWqIviTWCjg2PzVGw8WUA+nNuPTqb4wgA+NszrJ+08LlgQ=="; + }; + }; + "is-number-7.0.0" = { + name = "is-number"; + packageName = "is-number"; + version = "7.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz"; + sha512 = "41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng=="; + }; + }; + "is-object-1.0.2" = { + name = "is-object"; + packageName = "is-object"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/is-object/-/is-object-1.0.2.tgz"; + sha512 = "2rRIahhZr2UWb45fIOuvZGpFtz0TyOZLf32KxBbSoUCeZR495zCKlWUKKUByk3geS2eAs7ZAABt0Y/Rx0GiQGA=="; + }; + }; + "is-path-inside-3.0.3" = { + name = "is-path-inside"; + packageName = "is-path-inside"; + version = "3.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz"; + sha512 = "Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ=="; + }; + }; + "is-plain-obj-2.1.0" = { + name = "is-plain-obj"; + packageName = "is-plain-obj"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-2.1.0.tgz"; + sha512 = "YWnfyRwxL/+SsrWYfOpUtz5b3YD+nyfkHvjbcanzk8zgyO4ASD67uVMRt8k5bM4lLMDnXfriRhOpemw+NfT1eA=="; + }; + }; + "is-plain-object-2.0.4" = { + name = "is-plain-object"; + packageName = "is-plain-object"; + version = "2.0.4"; + src = fetchurl { + url = "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz"; + sha512 = "h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og=="; + }; + }; + "is-plain-object-5.0.0" = { + name = "is-plain-object"; + packageName = "is-plain-object"; + version = "5.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-plain-object/-/is-plain-object-5.0.0.tgz"; + sha512 = "VRSzKkbMm5jMDoKLbltAkFQ5Qr7VDiTFGXxYFXXowVj387GeGNOCsOH6Msy00SGZ3Fp84b1Naa1psqgcCIEP5Q=="; + }; + }; + "is-posix-bracket-0.1.1" = { + name = "is-posix-bracket"; + packageName = "is-posix-bracket"; + version = "0.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/is-posix-bracket/-/is-posix-bracket-0.1.1.tgz"; + sha512 = "Yu68oeXJ7LeWNmZ3Zov/xg/oDBnBK2RNxwYY1ilNJX+tKKZqgPK+qOn/Gs9jEu66KDY9Netf5XLKNGzas/vPfQ=="; + }; + }; + "is-primitive-2.0.0" = { + name = "is-primitive"; + packageName = "is-primitive"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-primitive/-/is-primitive-2.0.0.tgz"; + sha512 = "N3w1tFaRfk3UrPfqeRyD+GYDASU3W5VinKhlORy8EWVf/sIdDL9GAcew85XmktCfH+ngG7SRXEVDoO18WMdB/Q=="; + }; + }; + "is-promise-2.2.2" = { + name = "is-promise"; + packageName = "is-promise"; + version = "2.2.2"; + src = fetchurl { + url = "https://registry.npmjs.org/is-promise/-/is-promise-2.2.2.tgz"; + sha512 = "+lP4/6lKUBfQjZ2pdxThZvLUAafmZb8OAxFb8XXtiQmS35INgr85hdOGoEs124ez1FCnZJt6jau/T+alh58QFQ=="; + }; + }; + "is-redirect-1.0.0" = { + name = "is-redirect"; + packageName = "is-redirect"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-redirect/-/is-redirect-1.0.0.tgz"; + sha512 = "cr/SlUEe5zOGmzvj9bUyC4LVvkNVAXu4GytXLNMr1pny+a65MpQ9IJzFHD5vi7FyJgb4qt27+eS3TuQnqB+RQw=="; + }; + }; + "is-relative-1.0.0" = { + name = "is-relative"; + packageName = "is-relative"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-relative/-/is-relative-1.0.0.tgz"; + sha512 = "Kw/ReK0iqwKeu0MITLFuj0jbPAmEiOsIwyIXvvbfa6QfmN9pkD1M+8pdk7Rl/dTKbH34/XBFMbgD4iMJhLQbGA=="; + }; + }; + "is-retry-allowed-1.2.0" = { + name = "is-retry-allowed"; + packageName = "is-retry-allowed"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.2.0.tgz"; + sha512 = "RUbUeKwvm3XG2VYamhJL1xFktgjvPzL0Hq8C+6yrWIswDy3BIXGqCxhxkc30N9jqK311gVU137K8Ei55/zVJRg=="; + }; + }; + "is-stream-1.1.0" = { + name = "is-stream"; + packageName = "is-stream"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz"; + sha512 = "uQPm8kcs47jx38atAcWTVxyltQYoPT68y9aWYdV6yWXSyW8mzSat0TL6CiWdZeCdF3KrAvpVtnHbTv4RN+rqdQ=="; + }; + }; + "is-typedarray-1.0.0" = { + name = "is-typedarray"; + packageName = "is-typedarray"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz"; + sha512 = "cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA=="; + }; + }; + "is-unc-path-1.0.0" = { + name = "is-unc-path"; + packageName = "is-unc-path"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-unc-path/-/is-unc-path-1.0.0.tgz"; + sha512 = "mrGpVd0fs7WWLfVsStvgF6iEJnbjDFZh9/emhRDcGWTduTfNHd9CHeUwH3gYIjdbwo4On6hunkztwOaAw0yllQ=="; + }; + }; + "is-unicode-supported-0.1.0" = { + name = "is-unicode-supported"; + packageName = "is-unicode-supported"; + version = "0.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-unicode-supported/-/is-unicode-supported-0.1.0.tgz"; + sha512 = "knxG2q4UC3u8stRGyAVJCOdxFmv5DZiRcdlIaAQXAbSfJya+OhopNotLQrstBhququ4ZpuKbDc/8S6mgXgPFPw=="; + }; + }; + "is-utf8-0.2.1" = { + name = "is-utf8"; + packageName = "is-utf8"; + version = "0.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz"; + sha512 = "rMYPYvCzsXywIsldgLaSoPlw5PfoB/ssr7hY4pLfcodrA5M/eArza1a9VmTiNIBNMjOGr1Ow9mTyU2o69U6U9Q=="; + }; + }; + "is-valid-glob-1.0.0" = { + name = "is-valid-glob"; + packageName = "is-valid-glob"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-valid-glob/-/is-valid-glob-1.0.0.tgz"; + sha512 = "AhiROmoEFDSsjx8hW+5sGwgKVIORcXnrlAx/R0ZSeaPw70Vw0CqkGBBhHGL58Uox2eXnU1AnvXJl1XlyedO5bA=="; + }; + }; + "is-windows-1.0.2" = { + name = "is-windows"; + packageName = "is-windows"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz"; + sha512 = "eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA=="; + }; + }; + "isarray-0.0.1" = { + name = "isarray"; + packageName = "isarray"; + version = "0.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz"; + sha512 = "D2S+3GLxWH+uhrNEcoh/fnmYeP8E8/zHl644d/jdA0g2uyXvy3sb0qxotE+ne0LtccHknQzWwZEzhak7oJ0COQ=="; + }; + }; + "isarray-1.0.0" = { + name = "isarray"; + packageName = "isarray"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz"; + sha512 = "VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ=="; + }; + }; + "isexe-2.0.0" = { + name = "isexe"; + packageName = "isexe"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz"; + sha512 = "RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw=="; + }; + }; + "isobject-2.1.0" = { + name = "isobject"; + packageName = "isobject"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/isobject/-/isobject-2.1.0.tgz"; + sha512 = "+OUdGJlgjOBZDfxnDjYYG6zp487z0JGNQq3cYQYg5f5hKR+syHMsaztzGeml/4kGG55CSpKSpWTY+jYGgsHLgA=="; + }; + }; + "isobject-3.0.1" = { + name = "isobject"; + packageName = "isobject"; + version = "3.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/isobject/-/isobject-3.0.1.tgz"; + sha512 = "WhB9zCku7EGTj/HQQRz5aUQEUeoQZH2bWcltRErOpymJ4boYE6wL9Tbr23krRPSZ+C5zqNSrSw+Cc7sZZ4b7vg=="; + }; + }; + "isstream-0.1.2" = { + name = "isstream"; + packageName = "isstream"; + version = "0.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz"; + sha512 = "Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g=="; + }; + }; + "isurl-1.0.0" = { + name = "isurl"; + packageName = "isurl"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/isurl/-/isurl-1.0.0.tgz"; + sha512 = "1P/yWsxPlDtn7QeRD+ULKQPaIaN6yF368GZ2vDfv0AL0NwpStafjWCDDdn0k8wgFMWpVAqG7oJhxHnlud42i9w=="; + }; + }; + "js-sha256-0.9.0" = { + name = "js-sha256"; + packageName = "js-sha256"; + version = "0.9.0"; + src = fetchurl { + url = "https://registry.npmjs.org/js-sha256/-/js-sha256-0.9.0.tgz"; + sha512 = "sga3MHh9sgQN2+pJ9VYZ+1LPwXOxuBJBA5nrR5/ofPfuiJBE2hnjsaN8se8JznOmGLN2p49Pe5U/ttafcs/apA=="; + }; + }; + "js-yaml-4.1.0" = { + name = "js-yaml"; + packageName = "js-yaml"; + version = "4.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz"; + sha512 = "wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA=="; + }; + }; + "jsbn-0.1.1" = { + name = "jsbn"; + packageName = "jsbn"; + version = "0.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz"; + sha512 = "UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg=="; + }; + }; + "json-11.0.0" = { + name = "json"; + packageName = "json"; + version = "11.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/json/-/json-11.0.0.tgz"; + sha512 = "N/ITv3Yw9Za8cGxuQqSqrq6RHnlaHWZkAFavcfpH/R52522c26EbihMxnY7A1chxfXJ4d+cEFIsyTgfi9GihrA=="; + }; + }; + "json-schema-0.4.0" = { + name = "json-schema"; + packageName = "json-schema"; + version = "0.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz"; + sha512 = "es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA=="; + }; + }; + "json-schema-traverse-0.4.1" = { + name = "json-schema-traverse"; + packageName = "json-schema-traverse"; + version = "0.4.1"; + src = fetchurl { + url = "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz"; + sha512 = "xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg=="; + }; + }; + "json-stable-stringify-without-jsonify-1.0.1" = { + name = "json-stable-stringify-without-jsonify"; + packageName = "json-stable-stringify-without-jsonify"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz"; + sha512 = "Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw=="; + }; + }; + "json-stringify-safe-5.0.1" = { + name = "json-stringify-safe"; + packageName = "json-stringify-safe"; + version = "5.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz"; + sha512 = "ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA=="; + }; + }; + "jsonfile-4.0.0" = { + name = "jsonfile"; + packageName = "jsonfile"; + version = "4.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz"; + sha512 = "m6F1R3z8jjlf2imQHS2Qez5sjKWQzbuuhuJ/FKYFRZvPE3PuHcSMVZzfsLhGVOkfd20obL5SWEBew5ShlquNxg=="; + }; + }; + "jsprim-1.4.2" = { + name = "jsprim"; + packageName = "jsprim"; + version = "1.4.2"; + src = fetchurl { + url = "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz"; + sha512 = "P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw=="; + }; + }; + "jszip-3.10.1" = { + name = "jszip"; + packageName = "jszip"; + version = "3.10.1"; + src = fetchurl { + url = "https://registry.npmjs.org/jszip/-/jszip-3.10.1.tgz"; + sha512 = "xXDvecyTpGLrqFrvkrUSoxxfJI5AH7U8zxxtVclpsUtMCq4JQ290LY8AW5c7Ggnr/Y/oK+bQMbqK2qmtk3pN4g=="; + }; + }; + "just-debounce-1.1.0" = { + name = "just-debounce"; + packageName = "just-debounce"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/just-debounce/-/just-debounce-1.1.0.tgz"; + sha512 = "qpcRocdkUmf+UTNBYx5w6dexX5J31AKK1OmPwH630a83DdVVUIngk55RSAiIGpQyoH0dlr872VHfPjnQnK1qDQ=="; + }; + }; + "kind-of-3.2.2" = { + name = "kind-of"; + packageName = "kind-of"; + version = "3.2.2"; + src = fetchurl { + url = "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz"; + sha512 = "NOW9QQXMoZGg/oqnVNoNTTIFEIid1627WCffUBJEdMxYApq7mNE7CpzucIPc+ZQg25Phej7IJSmX3hO+oblOtQ=="; + }; + }; + "kind-of-4.0.0" = { + name = "kind-of"; + packageName = "kind-of"; + version = "4.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/kind-of/-/kind-of-4.0.0.tgz"; + sha512 = "24XsCxmEbRwEDbz/qz3stgin8TTzZ1ESR56OMCN0ujYg+vRutNSiOj9bHH9u85DKgXguraugV5sFuvbD4FW/hw=="; + }; + }; + "kind-of-5.1.0" = { + name = "kind-of"; + packageName = "kind-of"; + version = "5.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/kind-of/-/kind-of-5.1.0.tgz"; + sha512 = "NGEErnH6F2vUuXDh+OlbcKW7/wOcfdRHaZ7VWtqCztfHri/++YKmP51OdWeGPuqCOba6kk2OTe5d02VmTB80Pw=="; + }; + }; + "kind-of-6.0.3" = { + name = "kind-of"; + packageName = "kind-of"; + version = "6.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz"; + sha512 = "dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw=="; + }; + }; + "last-run-1.1.1" = { + name = "last-run"; + packageName = "last-run"; + version = "1.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/last-run/-/last-run-1.1.1.tgz"; + sha512 = "U/VxvpX4N/rFvPzr3qG5EtLKEnNI0emvIQB3/ecEwv+8GHaUKbIB8vxv1Oai5FAF0d0r7LXHhLLe5K/yChm5GQ=="; + }; + }; + "lazystream-1.0.1" = { + name = "lazystream"; + packageName = "lazystream"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/lazystream/-/lazystream-1.0.1.tgz"; + sha512 = "b94GiNHQNy6JNTrt5w6zNyffMrNkXZb3KTkCZJb2V1xaEGCk093vkZ2jk3tpaeP33/OiXC+WvK9AxUebnf5nbw=="; + }; + }; + "lcid-1.0.0" = { + name = "lcid"; + packageName = "lcid"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz"; + sha512 = "YiGkH6EnGrDGqLMITnGjXtGmNtjoXw9SVUzcaos8RBi7Ps0VBylkq+vOcY9QE5poLasPCR849ucFUkl0UzUyOw=="; + }; + }; + "lead-1.0.0" = { + name = "lead"; + packageName = "lead"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/lead/-/lead-1.0.0.tgz"; + sha512 = "IpSVCk9AYvLHo5ctcIXxOBpMWUe+4TKN3VPWAKUbJikkmsGp0VrSM8IttVc32D6J4WUsiPE6aEFRNmIoF/gdow=="; + }; + }; + "levn-0.4.1" = { + name = "levn"; + packageName = "levn"; + version = "0.4.1"; + src = fetchurl { + url = "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz"; + sha512 = "+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ=="; + }; + }; + "lie-3.3.0" = { + name = "lie"; + packageName = "lie"; + version = "3.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/lie/-/lie-3.3.0.tgz"; + sha512 = "UaiMJzeWRlEujzAuw5LokY1L5ecNQYZKfmyZ9L7wDHb/p5etKaxXhohBcrw0EYby+G/NA52vRSN4N39dxHAIwQ=="; + }; + }; + "liftoff-3.1.0" = { + name = "liftoff"; + packageName = "liftoff"; + version = "3.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/liftoff/-/liftoff-3.1.0.tgz"; + sha512 = "DlIPlJUkCV0Ips2zf2pJP0unEoT1kwYhiiPUGF3s/jtxTCjziNLoiVVh+jqWOWeFi6mmwQ5fNxvAUyPad4Dfog=="; + }; + }; + "load-json-file-1.1.0" = { + name = "load-json-file"; + packageName = "load-json-file"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz"; + sha512 = "cy7ZdNRXdablkXYNI049pthVeXFurRyb9+hA/dZzerZ0pGTx42z+y+ssxBaVV2l70t1muq5IdKhn4UtcoGUY9A=="; + }; + }; + "locate-path-6.0.0" = { + name = "locate-path"; + packageName = "locate-path"; + version = "6.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz"; + sha512 = "iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw=="; + }; + }; + "lodash.merge-4.6.2" = { + name = "lodash.merge"; + packageName = "lodash.merge"; + version = "4.6.2"; + src = fetchurl { + url = "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz"; + sha512 = "0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ=="; + }; + }; + "log-symbols-4.1.0" = { + name = "log-symbols"; + packageName = "log-symbols"; + version = "4.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/log-symbols/-/log-symbols-4.1.0.tgz"; + sha512 = "8XPvpAA8uyhfteu8pIvQxpJZ7SYYdpUivZpGy6sFsBuKRY/7rQGavedeB8aK+Zkyq6upMFVL/9AW6vOYzfRyLg=="; + }; + }; + "loupe-2.3.6" = { + name = "loupe"; + packageName = "loupe"; + version = "2.3.6"; + src = fetchurl { + url = "https://registry.npmjs.org/loupe/-/loupe-2.3.6.tgz"; + sha512 = "RaPMZKiMy8/JruncMU5Bt6na1eftNoo++R4Y+N2FrxkDVTrGvcyzFTsaGif4QTeKESheMGegbhw6iUAq+5A8zA=="; + }; + }; + "lowercase-keys-1.0.1" = { + name = "lowercase-keys"; + packageName = "lowercase-keys"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.1.tgz"; + sha512 = "G2Lj61tXDnVFFOi8VZds+SoQjtQC3dgokKdDG2mTm1tx4m50NUHBOZSBwQQHyy0V12A0JTG4icfZQH+xPyh8VA=="; + }; + }; + "lru-queue-0.1.0" = { + name = "lru-queue"; + packageName = "lru-queue"; + version = "0.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/lru-queue/-/lru-queue-0.1.0.tgz"; + sha512 = "BpdYkt9EvGl8OfWHDQPISVpcl5xZthb+XPsbELj5AQXxIC8IriDZIQYjBJPEm5rS420sjZ0TLEzRcq5KdBhYrQ=="; + }; + }; + "make-dir-1.3.0" = { + name = "make-dir"; + packageName = "make-dir"; + version = "1.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/make-dir/-/make-dir-1.3.0.tgz"; + sha512 = "2w31R7SJtieJJnQtGc7RVL2StM2vGYVfqUOvUDxH6bC6aJTxPxTF0GnIgCyu7tjockiUWAYQRbxa7vKn34s5sQ=="; + }; + }; + "make-iterator-1.0.1" = { + name = "make-iterator"; + packageName = "make-iterator"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/make-iterator/-/make-iterator-1.0.1.tgz"; + sha512 = "pxiuXh0iVEq7VM7KMIhs5gxsfxCux2URptUQaXo4iZZJxBAzTPOLE2BumO5dbfVYq/hBJFBR/a1mFDmOx5AGmw=="; + }; + }; + "map-cache-0.2.2" = { + name = "map-cache"; + packageName = "map-cache"; + version = "0.2.2"; + src = fetchurl { + url = "https://registry.npmjs.org/map-cache/-/map-cache-0.2.2.tgz"; + sha512 = "8y/eV9QQZCiyn1SprXSrCmqJN0yNRATe+PO8ztwqrvrbdRLA3eYJF0yaR0YayLWkMbsQSKWS9N2gPcGEc4UsZg=="; + }; + }; + "map-visit-1.0.0" = { + name = "map-visit"; + packageName = "map-visit"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/map-visit/-/map-visit-1.0.0.tgz"; + sha512 = "4y7uGv8bd2WdM9vpQsiQNo41Ln1NvhvDRuVt0k2JZQ+ezN2uaQes7lZeZ+QQUHOLQAtDaBJ+7wCbi+ab/KFs+w=="; + }; + }; + "matchdep-2.0.0" = { + name = "matchdep"; + packageName = "matchdep"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/matchdep/-/matchdep-2.0.0.tgz"; + sha512 = "LFgVbaHIHMqCRuCZyfCtUOq9/Lnzhi7Z0KFUE2fhD54+JN2jLh3hC02RLkqauJ3U4soU6H1J3tfj/Byk7GoEjA=="; + }; + }; + "math-random-1.0.4" = { + name = "math-random"; + packageName = "math-random"; + version = "1.0.4"; + src = fetchurl { + url = "https://registry.npmjs.org/math-random/-/math-random-1.0.4.tgz"; + sha512 = "rUxjysqif/BZQH2yhd5Aaq7vXMSx9NdEsQcyA07uEzIvxgI7zIr33gGsh+RU0/XjmQpCW7RsVof1vlkvQVCK5A=="; + }; + }; + "memoizee-0.4.15" = { + name = "memoizee"; + packageName = "memoizee"; + version = "0.4.15"; + src = fetchurl { + url = "https://registry.npmjs.org/memoizee/-/memoizee-0.4.15.tgz"; + sha512 = "UBWmJpLZd5STPm7PMUlOw/TSy972M+z8gcyQ5veOnSDRREz/0bmpyTfKt3/51DhEBqCZQn1udM/5flcSPYhkdQ=="; + }; + }; + "merge-1.2.1" = { + name = "merge"; + packageName = "merge"; + version = "1.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/merge/-/merge-1.2.1.tgz"; + sha512 = "VjFo4P5Whtj4vsLzsYBu5ayHhoHJ0UqNm7ibvShmbmoz7tGi0vXaoJbGdB+GmDMLUdg8DpQXEIeVDAe8MaABvQ=="; + }; + }; + "micromatch-2.3.11" = { + name = "micromatch"; + packageName = "micromatch"; + version = "2.3.11"; + src = fetchurl { + url = "https://registry.npmjs.org/micromatch/-/micromatch-2.3.11.tgz"; + sha512 = "LnU2XFEk9xxSJ6rfgAry/ty5qwUTyHYOBU0g4R6tIw5ljwgGIBmiKhRWLw5NpMOnrgUNcDJ4WMp8rl3sYVHLNA=="; + }; + }; + "micromatch-3.1.10" = { + name = "micromatch"; + packageName = "micromatch"; + version = "3.1.10"; + src = fetchurl { + url = "https://registry.npmjs.org/micromatch/-/micromatch-3.1.10.tgz"; + sha512 = "MWikgl9n9M3w+bpsY3He8L+w9eF9338xRl8IAO5viDizwSzziFEyUzo2xrrloB64ADbTf8uA8vRqqttDTOmccg=="; + }; + }; + "mime-db-1.52.0" = { + name = "mime-db"; + packageName = "mime-db"; + version = "1.52.0"; + src = fetchurl { + url = "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz"; + sha512 = "sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg=="; + }; + }; + "mime-types-2.1.35" = { + name = "mime-types"; + packageName = "mime-types"; + version = "2.1.35"; + src = fetchurl { + url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz"; + sha512 = "ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw=="; + }; + }; + "minimatch-3.1.2" = { + name = "minimatch"; + packageName = "minimatch"; + version = "3.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz"; + sha512 = "J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw=="; + }; + }; + "minimatch-5.0.1" = { + name = "minimatch"; + packageName = "minimatch"; + version = "5.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/minimatch/-/minimatch-5.0.1.tgz"; + sha512 = "nLDxIFRyhDblz3qMuq+SoRZED4+miJ/G+tdDrjkkkRnjAsBexeGpgjLEQ0blJy7rHhR2b93rhQY4SvyWu9v03g=="; + }; + }; + "minimatch-5.1.6" = { + name = "minimatch"; + packageName = "minimatch"; + version = "5.1.6"; + src = fetchurl { + url = "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz"; + sha512 = "lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g=="; + }; + }; + "minimist-1.2.8" = { + name = "minimist"; + packageName = "minimist"; + version = "1.2.8"; + src = fetchurl { + url = "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz"; + sha512 = "2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA=="; + }; + }; + "mixin-deep-1.3.2" = { + name = "mixin-deep"; + packageName = "mixin-deep"; + version = "1.3.2"; + src = fetchurl { + url = "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz"; + sha512 = "WRoDn//mXBiJ1H40rqa3vH0toePwSsGb45iInWlTySa+Uu4k3tYUSxa2v1KqAiLtvlrSzaExqS1gtk96A9zvEA=="; + }; + }; + "mkdirp-0.5.6" = { + name = "mkdirp"; + packageName = "mkdirp"; + version = "0.5.6"; + src = fetchurl { + url = "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.6.tgz"; + sha512 = "FP+p8RB8OWpF3YZBCrP5gtADmtXApB5AMLn+vdyA+PyxCjrCs00mjyUozssO33cwDeT3wNGdLxJ5M//YqtHAJw=="; + }; + }; + "mkpath-0.1.0" = { + name = "mkpath"; + packageName = "mkpath"; + version = "0.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/mkpath/-/mkpath-0.1.0.tgz"; + sha512 = "bauHShmaxVQiEvlrAPWxSPn8spSL8gDVRl11r8vLT4r/KdnknLqtqwQbToZ2Oa8sJkExYY1z6/d+X7pNiqo4yg=="; + }; + }; + "mocha-10.2.0" = { + name = "mocha"; + packageName = "mocha"; + version = "10.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/mocha/-/mocha-10.2.0.tgz"; + sha512 = "IDY7fl/BecMwFHzoqF2sg/SHHANeBoMMXFlS9r0OXKDssYE1M5O43wUY/9BVPeIvfH2zmEbBfseqN9gBQZzXkg=="; + }; + }; + "ms-2.0.0" = { + name = "ms"; + packageName = "ms"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz"; + sha512 = "Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A=="; + }; + }; + "ms-2.1.2" = { + name = "ms"; + packageName = "ms"; + version = "2.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz"; + sha512 = "sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="; + }; + }; + "ms-2.1.3" = { + name = "ms"; + packageName = "ms"; + version = "2.1.3"; + src = fetchurl { + url = "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz"; + sha512 = "6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA=="; + }; + }; + "mute-stdout-1.0.1" = { + name = "mute-stdout"; + packageName = "mute-stdout"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/mute-stdout/-/mute-stdout-1.0.1.tgz"; + sha512 = "kDcwXR4PS7caBpuRYYBUz9iVixUk3anO3f5OYFiIPwK/20vCzKCHyKoulbiDY1S53zD2bxUpxN/IJ+TnXjfvxg=="; + }; + }; + "nan-2.17.0" = { + name = "nan"; + packageName = "nan"; + version = "2.17.0"; + src = fetchurl { + url = "https://registry.npmjs.org/nan/-/nan-2.17.0.tgz"; + sha512 = "2ZTgtl0nJsO0KQCjEpxcIr5D+Yv90plTitZt9JBfQvVJDS5seMl3FOvsh3+9CoYWXf/1l5OaZzzF6nDm4cagaQ=="; + }; + }; + "nanoid-3.3.3" = { + name = "nanoid"; + packageName = "nanoid"; + version = "3.3.3"; + src = fetchurl { + url = "https://registry.npmjs.org/nanoid/-/nanoid-3.3.3.tgz"; + sha512 = "p1sjXuopFs0xg+fPASzQ28agW1oHD7xDsd9Xkf3T15H3c/cifrFHVwrh74PdoklAPi+i7MdRsE47vm2r6JoB+w=="; + }; + }; + "nanomatch-1.2.13" = { + name = "nanomatch"; + packageName = "nanomatch"; + version = "1.2.13"; + src = fetchurl { + url = "https://registry.npmjs.org/nanomatch/-/nanomatch-1.2.13.tgz"; + sha512 = "fpoe2T0RbHwBTBUOftAfBPaDEi06ufaUai0mE6Yn1kacc3SnTErfb/h+X94VXzI64rKFHYImXSvdwGGCmwOqCA=="; + }; + }; + "natural-compare-1.4.0" = { + name = "natural-compare"; + packageName = "natural-compare"; + version = "1.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz"; + sha512 = "OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw=="; + }; + }; + "next-tick-1.1.0" = { + name = "next-tick"; + packageName = "next-tick"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/next-tick/-/next-tick-1.1.0.tgz"; + sha512 = "CXdUiJembsNjuToQvxayPZF9Vqht7hewsvy2sOWafLvi2awflj9mOC6bHIg50orX8IJvWKY9wYQ/zB2kogPslQ=="; + }; + }; + "node-gyp-build-4.6.0" = { + name = "node-gyp-build"; + packageName = "node-gyp-build"; + version = "4.6.0"; + src = fetchurl { + url = "https://registry.npmjs.org/node-gyp-build/-/node-gyp-build-4.6.0.tgz"; + sha512 = "NTZVKn9IylLwUzaKjkas1e4u2DLNcV4rdYagA4PWdPwW87Bi7z+BznyKSRwS/761tV/lzCGXplWsiaMjLqP2zQ=="; + }; + }; + "nopt-1.0.10" = { + name = "nopt"; + packageName = "nopt"; + version = "1.0.10"; + src = fetchurl { + url = "https://registry.npmjs.org/nopt/-/nopt-1.0.10.tgz"; + sha512 = "NWmpvLSqUrgrAC9HCuxEvb+PSloHpqVu+FqcO4eeF2h5qYRhA7ev6KvelyQAKtegUbC6RypJnlEOhd8vloNKYg=="; + }; + }; + "nopt-3.0.6" = { + name = "nopt"; + packageName = "nopt"; + version = "3.0.6"; + src = fetchurl { + url = "https://registry.npmjs.org/nopt/-/nopt-3.0.6.tgz"; + sha512 = "4GUt3kSEYmk4ITxzB/b9vaIDfUVWN/Ml1Fwl11IlnIG2iaJ9O6WXZ9SrYM9NLI8OCBieN2Y8SWC2oJV0RQ7qYg=="; + }; + }; + "normalize-package-data-2.5.0" = { + name = "normalize-package-data"; + packageName = "normalize-package-data"; + version = "2.5.0"; + src = fetchurl { + url = "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz"; + sha512 = "/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA=="; + }; + }; + "normalize-path-2.1.1" = { + name = "normalize-path"; + packageName = "normalize-path"; + version = "2.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/normalize-path/-/normalize-path-2.1.1.tgz"; + sha512 = "3pKJwH184Xo/lnH6oyP1q2pMd7HcypqqmRs91/6/i2CGtWwIKGCkOOMTm/zXbgTEWHw1uNpNi/igc3ePOYHb6w=="; + }; + }; + "normalize-path-3.0.0" = { + name = "normalize-path"; + packageName = "normalize-path"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz"; + sha512 = "6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA=="; + }; + }; + "now-and-later-2.0.1" = { + name = "now-and-later"; + packageName = "now-and-later"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/now-and-later/-/now-and-later-2.0.1.tgz"; + sha512 = "KGvQ0cB70AQfg107Xvs/Fbu+dGmZoTRJp2TaPwcwQm3/7PteUyN2BCgk8KBMPGBUXZdVwyWS8fDCGFygBm19UQ=="; + }; + }; + "npm-conf-1.1.3" = { + name = "npm-conf"; + packageName = "npm-conf"; + version = "1.1.3"; + src = fetchurl { + url = "https://registry.npmjs.org/npm-conf/-/npm-conf-1.1.3.tgz"; + sha512 = "Yic4bZHJOt9RCFbRP3GgpqhScOY4HH3V2P8yBj6CeYq118Qr+BLXqT2JvpJ00mryLESpgOxf5XlFv4ZjXxLScw=="; + }; + }; + "number-is-nan-1.0.1" = { + name = "number-is-nan"; + packageName = "number-is-nan"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz"; + sha512 = "4jbtZXNAsfZbAHiiqjLPBiCl16dES1zI4Hpzzxw61Tk+loF+sBDBKx1ICKKKwIqQ7M0mFn1TmkN7euSncWgHiQ=="; + }; + }; + "nw-0.71.1" = { + name = "nw"; + packageName = "nw"; + version = "0.71.1"; + src = fetchurl { + url = "https://registry.npmjs.org/nw/-/nw-0.71.1.tgz"; + sha512 = "EQVv20UEY8JHC36iKyJPb9q19mmeKcezT5MnaIUjRhsgMcnZztXz9+Uaj2nOTLB3ZGq4EF/7rYSiZ0wU+Prspg=="; + }; + }; + "nw-autoupdater-1.1.11" = { + name = "nw-autoupdater"; + packageName = "nw-autoupdater"; + version = "1.1.11"; + src = fetchurl { + url = "https://registry.npmjs.org/nw-autoupdater/-/nw-autoupdater-1.1.11.tgz"; + sha512 = "kCDRDCRayjZSwE8VhIclUyDjkylzHz9JT2WK/45wFNcW/9y6zaR/fy+AG2V266YF4XWFEId9ZuK2M3nIBpm9iw=="; + }; + }; + "nw-dev-3.0.1" = { + name = "nw-dev"; + packageName = "nw-dev"; + version = "3.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/nw-dev/-/nw-dev-3.0.1.tgz"; + sha512 = "wlabaoKfO+2ZngERU5L6e7eXf0Hi41eAD01IBvjYh7wrIUdQKe1/wfVaeSMuZ0UYeu9zmOFu2uA2wOLTdY6+pg=="; + }; + }; + "oauth-sign-0.9.0" = { + name = "oauth-sign"; + packageName = "oauth-sign"; + version = "0.9.0"; + src = fetchurl { + url = "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz"; + sha512 = "fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ=="; + }; + }; + "object-assign-4.1.1" = { + name = "object-assign"; + packageName = "object-assign"; + version = "4.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz"; + sha512 = "rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg=="; + }; + }; + "object-copy-0.1.0" = { + name = "object-copy"; + packageName = "object-copy"; + version = "0.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/object-copy/-/object-copy-0.1.0.tgz"; + sha512 = "79LYn6VAb63zgtmAteVOWo9Vdj71ZVBy3Pbse+VqxDpEP83XuujMrGqHIwAXJ5I/aM0zU7dIyIAhifVTPrNItQ=="; + }; + }; + "object-keys-1.1.1" = { + name = "object-keys"; + packageName = "object-keys"; + version = "1.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/object-keys/-/object-keys-1.1.1.tgz"; + sha512 = "NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA=="; + }; + }; + "object-visit-1.0.1" = { + name = "object-visit"; + packageName = "object-visit"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/object-visit/-/object-visit-1.0.1.tgz"; + sha512 = "GBaMwwAVK9qbQN3Scdo0OyvgPW7l3lnaVMj84uTOZlswkX0KpF6fyDBJhtTthf7pymztoN36/KEr1DyhF96zEA=="; + }; + }; + "object.assign-4.1.4" = { + name = "object.assign"; + packageName = "object.assign"; + version = "4.1.4"; + src = fetchurl { + url = "https://registry.npmjs.org/object.assign/-/object.assign-4.1.4.tgz"; + sha512 = "1mxKf0e58bvyjSCtKYY4sRe9itRk3PJpquJOjeIkz885CczcI4IvJJDLPS72oowuSh+pBxUFROpX+TU++hxhZQ=="; + }; + }; + "object.defaults-1.1.0" = { + name = "object.defaults"; + packageName = "object.defaults"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/object.defaults/-/object.defaults-1.1.0.tgz"; + sha512 = "c/K0mw/F11k4dEUBMW8naXUuBuhxRCfG7W+yFy8EcijU/rSmazOUd1XAEEe6bC0OuXY4HUKjTJv7xbxIMqdxrA=="; + }; + }; + "object.map-1.0.1" = { + name = "object.map"; + packageName = "object.map"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/object.map/-/object.map-1.0.1.tgz"; + sha512 = "3+mAJu2PLfnSVGHwIWubpOFLscJANBKuB/6A4CxBstc4aqwQY0FWcsppuy4jU5GSB95yES5JHSI+33AWuS4k6w=="; + }; + }; + "object.omit-2.0.1" = { + name = "object.omit"; + packageName = "object.omit"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/object.omit/-/object.omit-2.0.1.tgz"; + sha512 = "UiAM5mhmIuKLsOvrL+B0U2d1hXHF3bFYWIuH1LMpuV2EJEHG1Ntz06PgLEHjm6VFd87NpH8rastvPoyv6UW2fA=="; + }; + }; + "object.pick-1.3.0" = { + name = "object.pick"; + packageName = "object.pick"; + version = "1.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/object.pick/-/object.pick-1.3.0.tgz"; + sha512 = "tqa/UMy/CCoYmj+H5qc07qvSL9dqcs/WZENZ1JbtWBlATP+iVOe778gE6MSijnyCnORzDuX6hU+LA4SZ09YjFQ=="; + }; + }; + "object.reduce-1.0.1" = { + name = "object.reduce"; + packageName = "object.reduce"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/object.reduce/-/object.reduce-1.0.1.tgz"; + sha512 = "naLhxxpUESbNkRqc35oQ2scZSJueHGQNUfMW/0U37IgN6tE2dgDWg3whf+NEliy3F/QysrO48XKUz/nGPe+AQw=="; + }; + }; + "once-1.4.0" = { + name = "once"; + packageName = "once"; + version = "1.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/once/-/once-1.4.0.tgz"; + sha512 = "lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w=="; + }; + }; + "optionator-0.9.1" = { + name = "optionator"; + packageName = "optionator"; + version = "0.9.1"; + src = fetchurl { + url = "https://registry.npmjs.org/optionator/-/optionator-0.9.1.tgz"; + sha512 = "74RlY5FCnhq4jRxVUPKDaRwrVNXMqsGsiW6AJw4XK8hmtm10wC0ypZBLw5IIp85NZMr91+qd1RvvENwg7jjRFw=="; + }; + }; + "ordered-read-streams-1.0.1" = { + name = "ordered-read-streams"; + packageName = "ordered-read-streams"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/ordered-read-streams/-/ordered-read-streams-1.0.1.tgz"; + sha512 = "Z87aSjx3r5c0ZB7bcJqIgIRX5bxR7A4aSzvIbaxd0oTkWBCOoKfuGHiKj60CHVUgg1Phm5yMZzBdt8XqRs73Mw=="; + }; + }; + "os-locale-1.4.0" = { + name = "os-locale"; + packageName = "os-locale"; + version = "1.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz"; + sha512 = "PRT7ZORmwu2MEFt4/fv3Q+mEfN4zetKxufQrkShY2oGvUms9r8otu5HfdyIFHkYXjO7laNsoVGmM2MANfuTA8g=="; + }; + }; + "p-limit-3.1.0" = { + name = "p-limit"; + packageName = "p-limit"; + version = "3.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz"; + sha512 = "TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ=="; + }; + }; + "p-locate-5.0.0" = { + name = "p-locate"; + packageName = "p-locate"; + version = "5.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz"; + sha512 = "LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw=="; + }; + }; + "pako-1.0.11" = { + name = "pako"; + packageName = "pako"; + version = "1.0.11"; + src = fetchurl { + url = "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz"; + sha512 = "4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw=="; + }; + }; + "parent-module-1.0.1" = { + name = "parent-module"; + packageName = "parent-module"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz"; + sha512 = "GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g=="; + }; + }; + "parse-filepath-1.0.2" = { + name = "parse-filepath"; + packageName = "parse-filepath"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/parse-filepath/-/parse-filepath-1.0.2.tgz"; + sha512 = "FwdRXKCohSVeXqwtYonZTXtbGJKrn+HNyWDYVcp5yuJlesTwNH4rsmRZ+GrKAPJ5bLpRxESMeS+Rl0VCHRvB2Q=="; + }; + }; + "parse-glob-3.0.4" = { + name = "parse-glob"; + packageName = "parse-glob"; + version = "3.0.4"; + src = fetchurl { + url = "https://registry.npmjs.org/parse-glob/-/parse-glob-3.0.4.tgz"; + sha512 = "FC5TeK0AwXzq3tUBFtH74naWkPQCEWs4K+xMxWZBlKDWu0bVHXGZa+KKqxKidd7xwhdZ19ZNuF2uO1M/r196HA=="; + }; + }; + "parse-json-2.2.0" = { + name = "parse-json"; + packageName = "parse-json"; + version = "2.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz"; + sha512 = "QR/GGaKCkhwk1ePQNYDRKYZ3mwU9ypsKhB0XyFnLQdomyEqk3e8wpW3V5Jp88zbxK4n5ST1nqo+g9juTpownhQ=="; + }; + }; + "parse-node-version-1.0.1" = { + name = "parse-node-version"; + packageName = "parse-node-version"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/parse-node-version/-/parse-node-version-1.0.1.tgz"; + sha512 = "3YHlOa/JgH6Mnpr05jP9eDG254US9ek25LyIxZlDItp2iJtwyaXQb57lBYLdT3MowkUFYEV2XXNAYIPlESvJlA=="; + }; + }; + "parse-passwd-1.0.0" = { + name = "parse-passwd"; + packageName = "parse-passwd"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/parse-passwd/-/parse-passwd-1.0.0.tgz"; + sha512 = "1Y1A//QUXEZK7YKz+rD9WydcE1+EuPr6ZBgKecAB8tmoW6UFv0NREVJe1p+jRxtThkcbbKkfwIbWJe/IeE6m2Q=="; + }; + }; + "pascalcase-0.1.1" = { + name = "pascalcase"; + packageName = "pascalcase"; + version = "0.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/pascalcase/-/pascalcase-0.1.1.tgz"; + sha512 = "XHXfu/yOQRy9vYOtUDVMN60OEJjW013GoObG1o+xwQTpB9eYJX/BjXMsdW13ZDPruFhYYn0AG22w0xgQMwl3Nw=="; + }; + }; + "path-dirname-1.0.2" = { + name = "path-dirname"; + packageName = "path-dirname"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/path-dirname/-/path-dirname-1.0.2.tgz"; + sha512 = "ALzNPpyNq9AqXMBjeymIjFDAkAFH06mHJH/cSBHAgU0s4vfpBn6b2nf8tiRLvagKD8RbTpq2FKTBg7cl9l3c7Q=="; + }; + }; + "path-exists-2.1.0" = { + name = "path-exists"; + packageName = "path-exists"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz"; + sha512 = "yTltuKuhtNeFJKa1PiRzfLAU5182q1y4Eb4XCJ3PBqyzEDkAZRzBrKKBct682ls9reBVHf9udYLN5Nd+K1B9BQ=="; + }; + }; + "path-exists-4.0.0" = { + name = "path-exists"; + packageName = "path-exists"; + version = "4.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz"; + sha512 = "ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w=="; + }; + }; + "path-is-absolute-1.0.1" = { + name = "path-is-absolute"; + packageName = "path-is-absolute"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz"; + sha512 = "AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg=="; + }; + }; + "path-key-3.1.1" = { + name = "path-key"; + packageName = "path-key"; + version = "3.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz"; + sha512 = "ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q=="; + }; + }; + "path-parse-1.0.7" = { + name = "path-parse"; + packageName = "path-parse"; + version = "1.0.7"; + src = fetchurl { + url = "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz"; + sha512 = "LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw=="; + }; + }; + "path-root-0.1.1" = { + name = "path-root"; + packageName = "path-root"; + version = "0.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/path-root/-/path-root-0.1.1.tgz"; + sha512 = "QLcPegTHF11axjfojBIoDygmS2E3Lf+8+jI6wOVmNVenrKSo3mFdSGiIgdSHenczw3wPtlVMQaFVwGmM7BJdtg=="; + }; + }; + "path-root-regex-0.1.2" = { + name = "path-root-regex"; + packageName = "path-root-regex"; + version = "0.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/path-root-regex/-/path-root-regex-0.1.2.tgz"; + sha512 = "4GlJ6rZDhQZFE0DPVKh0e9jmZ5egZfxTkp7bcRDuPlJXbAwhxcl2dINPUAsjLdejqaLsCeg8axcLjIbvBjN4pQ=="; + }; + }; + "path-type-1.1.0" = { + name = "path-type"; + packageName = "path-type"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz"; + sha512 = "S4eENJz1pkiQn9Znv33Q+deTOKmbl+jj1Fl+qiP/vYezj+S8x+J3Uo0ISrx/QoEvIlOaDWJhPaRd1flJ9HXZqg=="; + }; + }; + "pathval-1.1.1" = { + name = "pathval"; + packageName = "pathval"; + version = "1.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/pathval/-/pathval-1.1.1.tgz"; + sha512 = "Dp6zGqpTdETdR63lehJYPeIOqpiNBNtc7BpWSLrOje7UaIsE5aY92r/AunQA7rsXvet3lrJ3JnZX29UPTKXyKQ=="; + }; + }; + "pend-1.2.0" = { + name = "pend"; + packageName = "pend"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz"; + sha512 = "F3asv42UuXchdzt+xXqfW1OGlVBe+mxa2mqI0pg5yAHZPvFmY3Y6drSf/GQ1A86WgWEN9Kzh/WrgKa6iGcHXLg=="; + }; + }; + "performance-now-2.1.0" = { + name = "performance-now"; + packageName = "performance-now"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz"; + sha512 = "7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow=="; + }; + }; + "picocolors-0.2.1" = { + name = "picocolors"; + packageName = "picocolors"; + version = "0.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/picocolors/-/picocolors-0.2.1.tgz"; + sha512 = "cMlDqaLEqfSaW8Z7N5Jw+lyIW869EzT73/F5lhtY9cLGoVxSXznfgfXMO0Z5K0o0Q2TkTXq+0KFsdnSe3jDViA=="; + }; + }; + "picomatch-2.3.1" = { + name = "picomatch"; + packageName = "picomatch"; + version = "2.3.1"; + src = fetchurl { + url = "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz"; + sha512 = "JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA=="; + }; + }; + "pify-2.3.0" = { + name = "pify"; + packageName = "pify"; + version = "2.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz"; + sha512 = "udgsAY+fTnvv7kI7aaxbqwWNb0AHiB0qBO89PZKPkoTmGOgdbrHDKD+0B2X4uTfJ/FT1R09r9gTsjUjNJotuog=="; + }; + }; + "pify-3.0.0" = { + name = "pify"; + packageName = "pify"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz"; + sha512 = "C3FsVNH1udSEX48gGX1xfvwTWfsYWj5U+8/uK15BGzIGrKoUpghX8hWZwa/OFnakBiiVNmBvemTJR5mcy7iPcg=="; + }; + }; + "pinkie-2.0.4" = { + name = "pinkie"; + packageName = "pinkie"; + version = "2.0.4"; + src = fetchurl { + url = "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz"; + sha512 = "MnUuEycAemtSaeFSjXKW/aroV7akBbY+Sv+RkyqFjgAe73F+MR0TBWKBRDkmfWq/HiFmdavfZ1G7h4SPZXaCSg=="; + }; + }; + "pinkie-promise-2.0.1" = { + name = "pinkie-promise"; + packageName = "pinkie-promise"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.1.tgz"; + sha512 = "0Gni6D4UcLTbv9c57DfxDGdr41XfgUjqWZu492f0cIGr16zDU06BWP/RAEvOuo7CQ0CNjHaLlM59YJJFm3NWlw=="; + }; + }; + "posix-character-classes-0.1.1" = { + name = "posix-character-classes"; + packageName = "posix-character-classes"; + version = "0.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/posix-character-classes/-/posix-character-classes-0.1.1.tgz"; + sha512 = "xTgYBc3fuo7Yt7JbiuFxSYGToMoz8fLoE6TC9Wx1P/u+LfeThMOAqmuyECnlBaaJb+u1m9hHiXUEtwW4OzfUJg=="; + }; + }; + "postcss-7.0.39" = { + name = "postcss"; + packageName = "postcss"; + version = "7.0.39"; + src = fetchurl { + url = "https://registry.npmjs.org/postcss/-/postcss-7.0.39.tgz"; + sha512 = "yioayjNbHn6z1/Bywyb2Y4s3yvDAeXGOyxqD+LnVOinq6Mdmd++SW2wUNVzavyyHxd6+DxzWGIuosg6P1Rj8uA=="; + }; + }; + "prelude-ls-1.2.1" = { + name = "prelude-ls"; + packageName = "prelude-ls"; + version = "1.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz"; + sha512 = "vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g=="; + }; + }; + "prepend-http-1.0.4" = { + name = "prepend-http"; + packageName = "prepend-http"; + version = "1.0.4"; + src = fetchurl { + url = "https://registry.npmjs.org/prepend-http/-/prepend-http-1.0.4.tgz"; + sha512 = "PhmXi5XmoyKw1Un4E+opM2KcsJInDvKyuOumcjjw3waw86ZNjHwVUOOWLc4bCzLdcKNaWBH9e99sbWzDQsVaYg=="; + }; + }; + "preserve-0.2.0" = { + name = "preserve"; + packageName = "preserve"; + version = "0.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/preserve/-/preserve-0.2.0.tgz"; + sha512 = "s/46sYeylUfHNjI+sA/78FAHlmIuKqI9wNnzEOGehAlUUYeObv5C2mOinXBjyUyWmJ2SfcS2/ydApH4hTF4WXQ=="; + }; + }; + "pretty-hrtime-1.0.3" = { + name = "pretty-hrtime"; + packageName = "pretty-hrtime"; + version = "1.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/pretty-hrtime/-/pretty-hrtime-1.0.3.tgz"; + sha512 = "66hKPCr+72mlfiSjlEB1+45IjXSqvVAIy6mocupoww4tBFE9R9IhwwUGoI4G++Tc9Aq+2rxOt0RFU6gPcrte0A=="; + }; + }; + "process-nextick-args-2.0.1" = { + name = "process-nextick-args"; + packageName = "process-nextick-args"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz"; + sha512 = "3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag=="; + }; + }; + "progress-2.0.3" = { + name = "progress"; + packageName = "progress"; + version = "2.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz"; + sha512 = "7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA=="; + }; + }; + "proto-list-1.2.4" = { + name = "proto-list"; + packageName = "proto-list"; + version = "1.2.4"; + src = fetchurl { + url = "https://registry.npmjs.org/proto-list/-/proto-list-1.2.4.tgz"; + sha512 = "vtK/94akxsTMhe0/cbfpR+syPuszcuwhqVjJq26CuNDgFGj682oRBXOP5MJpv2r7JtE8MsiepGIqvvOTBwn2vA=="; + }; + }; + "psl-1.9.0" = { + name = "psl"; + packageName = "psl"; + version = "1.9.0"; + src = fetchurl { + url = "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz"; + sha512 = "E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag=="; + }; + }; + "pump-2.0.1" = { + name = "pump"; + packageName = "pump"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/pump/-/pump-2.0.1.tgz"; + sha512 = "ruPMNRkN3MHP1cWJc9OWr+T/xDP0jhXYCLfJcBuX54hhfIBnaQmAUMfDcG4DM5UMWByBbJY69QSphm3jtDKIkA=="; + }; + }; + "pumpify-1.5.1" = { + name = "pumpify"; + packageName = "pumpify"; + version = "1.5.1"; + src = fetchurl { + url = "https://registry.npmjs.org/pumpify/-/pumpify-1.5.1.tgz"; + sha512 = "oClZI37HvuUJJxSKKrC17bZ9Cu0ZYhEAGPsPUy9KlMUmv9dKX2o77RUmq7f3XjIxbwyGwYzbzQ1L2Ks8sIradQ=="; + }; + }; + "punycode-2.3.0" = { + name = "punycode"; + packageName = "punycode"; + version = "2.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz"; + sha512 = "rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA=="; + }; + }; + "q-1.5.1" = { + name = "q"; + packageName = "q"; + version = "1.5.1"; + src = fetchurl { + url = "https://registry.npmjs.org/q/-/q-1.5.1.tgz"; + sha512 = "kV/CThkXo6xyFEZUugw/+pIOywXcDbFYgSct5cT3gqlbkBE1SJdwy6UQoZvodiWF/ckQLZyDE/Bu1M6gVu5lVw=="; + }; + }; + "qs-6.5.3" = { + name = "qs"; + packageName = "qs"; + version = "6.5.3"; + src = fetchurl { + url = "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz"; + sha512 = "qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA=="; + }; + }; + "queue-microtask-1.2.3" = { + name = "queue-microtask"; + packageName = "queue-microtask"; + version = "1.2.3"; + src = fetchurl { + url = "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz"; + sha512 = "NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A=="; + }; + }; + "randomatic-3.1.1" = { + name = "randomatic"; + packageName = "randomatic"; + version = "3.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/randomatic/-/randomatic-3.1.1.tgz"; + sha512 = "TuDE5KxZ0J461RVjrJZCJc+J+zCkTb1MbH9AQUq68sMhOMcy9jLcb3BrZKgp9q9Ncltdg4QVqWrH02W2EFFVYw=="; + }; + }; + "randombytes-2.1.0" = { + name = "randombytes"; + packageName = "randombytes"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz"; + sha512 = "vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ=="; + }; + }; + "read-pkg-1.1.0" = { + name = "read-pkg"; + packageName = "read-pkg"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz"; + sha512 = "7BGwRHqt4s/uVbuyoeejRn4YmFnYZiFl4AuaeXHlgZf3sONF0SOGlxs2Pw8g6hCKupo08RafIO5YXFNOKTfwsQ=="; + }; + }; + "read-pkg-up-1.0.1" = { + name = "read-pkg-up"; + packageName = "read-pkg-up"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz"; + sha512 = "WD9MTlNtI55IwYUS27iHh9tK3YoIVhxis8yKhLpTqWtml739uXc9NWTpxoHkfZf3+DkCCsXox94/VWZniuZm6A=="; + }; + }; + "readable-stream-1.1.14" = { + name = "readable-stream"; + packageName = "readable-stream"; + version = "1.1.14"; + src = fetchurl { + url = "https://registry.npmjs.org/readable-stream/-/readable-stream-1.1.14.tgz"; + sha512 = "+MeVjFf4L44XUkhM1eYbD8fyEsxcV81pqMSR5gblfcLCHfZvbrqy4/qYHE+/R5HoBUT11WV5O08Cr1n3YXkWVQ=="; + }; + }; + "readable-stream-2.3.8" = { + name = "readable-stream"; + packageName = "readable-stream"; + version = "2.3.8"; + src = fetchurl { + url = "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz"; + sha512 = "8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA=="; + }; + }; + "readdirp-2.2.1" = { + name = "readdirp"; + packageName = "readdirp"; + version = "2.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/readdirp/-/readdirp-2.2.1.tgz"; + sha512 = "1JU/8q+VgFZyxwrJ+SVIOsh+KywWGpds3NTqikiKpDMZWScmAYyKIgqkO+ARvNWJfXeXR1zxz7aHF4u4CyH6vQ=="; + }; + }; + "readdirp-3.6.0" = { + name = "readdirp"; + packageName = "readdirp"; + version = "3.6.0"; + src = fetchurl { + url = "https://registry.npmjs.org/readdirp/-/readdirp-3.6.0.tgz"; + sha512 = "hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA=="; + }; + }; + "rechoir-0.6.2" = { + name = "rechoir"; + packageName = "rechoir"; + version = "0.6.2"; + src = fetchurl { + url = "https://registry.npmjs.org/rechoir/-/rechoir-0.6.2.tgz"; + sha512 = "HFM8rkZ+i3zrV+4LQjwQ0W+ez98pApMGM3HUrN04j3CqzPOzl9nmP15Y8YXNm8QHGv/eacOVEjqhmWpkRV0NAw=="; + }; + }; + "regex-cache-0.4.4" = { + name = "regex-cache"; + packageName = "regex-cache"; + version = "0.4.4"; + src = fetchurl { + url = "https://registry.npmjs.org/regex-cache/-/regex-cache-0.4.4.tgz"; + sha512 = "nVIZwtCjkC9YgvWkpM55B5rBhBYRZhAaJbgcFYXXsHnbZ9UZI9nnVWYZpBlCqv9ho2eZryPnWrZGsOdPwVWXWQ=="; + }; + }; + "regex-not-1.0.2" = { + name = "regex-not"; + packageName = "regex-not"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/regex-not/-/regex-not-1.0.2.tgz"; + sha512 = "J6SDjUgDxQj5NusnOtdFxDwN/+HWykR8GELwctJ7mdqhcyy1xEc4SRFHUXvxTp661YaVKAjfRLZ9cCqS6tn32A=="; + }; + }; + "remove-bom-buffer-3.0.0" = { + name = "remove-bom-buffer"; + packageName = "remove-bom-buffer"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/remove-bom-buffer/-/remove-bom-buffer-3.0.0.tgz"; + sha512 = "8v2rWhaakv18qcvNeli2mZ/TMTL2nEyAKRvzo1WtnZBl15SHyEhrCu2/xKlJyUFKHiHgfXIyuY6g2dObJJycXQ=="; + }; + }; + "remove-bom-stream-1.2.0" = { + name = "remove-bom-stream"; + packageName = "remove-bom-stream"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/remove-bom-stream/-/remove-bom-stream-1.2.0.tgz"; + sha512 = "wigO8/O08XHb8YPzpDDT+QmRANfW6vLqxfaXm1YXhnFf3AkSLyjfG3GEFg4McZkmgL7KvCj5u2KczkvSP6NfHA=="; + }; + }; + "remove-trailing-separator-1.1.0" = { + name = "remove-trailing-separator"; + packageName = "remove-trailing-separator"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz"; + sha512 = "/hS+Y0u3aOfIETiaiirUFwDBDzmXPvO+jAfKTitUngIPzdKc6Z0LoFjM/CK5PL4C+eKwHohlHAb6H0VFfmmUsw=="; + }; + }; + "repeat-element-1.1.4" = { + name = "repeat-element"; + packageName = "repeat-element"; + version = "1.1.4"; + src = fetchurl { + url = "https://registry.npmjs.org/repeat-element/-/repeat-element-1.1.4.tgz"; + sha512 = "LFiNfRcSu7KK3evMyYOuCzv3L10TW7yC1G2/+StMjK8Y6Vqd2MG7r/Qjw4ghtuCOjFvlnms/iMmLqpvW/ES/WQ=="; + }; + }; + "repeat-string-1.6.1" = { + name = "repeat-string"; + packageName = "repeat-string"; + version = "1.6.1"; + src = fetchurl { + url = "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz"; + sha512 = "PV0dzCYDNfRi1jCDbJzpW7jNNDRuCOG/jI5ctQcGKt/clZD+YcPS3yIlWuTJMmESC8aevCFmWJy5wjAFgNqN6w=="; + }; + }; + "replace-ext-1.0.1" = { + name = "replace-ext"; + packageName = "replace-ext"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/replace-ext/-/replace-ext-1.0.1.tgz"; + sha512 = "yD5BHCe7quCgBph4rMQ+0KkIRKwWCrHDOX1p1Gp6HwjPM5kVoCdKGNhN7ydqqsX6lJEnQDKZ/tFMiEdQ1dvPEw=="; + }; + }; + "replace-homedir-1.0.0" = { + name = "replace-homedir"; + packageName = "replace-homedir"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/replace-homedir/-/replace-homedir-1.0.0.tgz"; + sha512 = "CHPV/GAglbIB1tnQgaiysb8H2yCy8WQ7lcEwQ/eT+kLj0QHV8LnJW0zpqpE7RSkrMSRoa+EBoag86clf7WAgSg=="; + }; + }; + "request-2.88.2" = { + name = "request"; + packageName = "request"; + version = "2.88.2"; + src = fetchurl { + url = "https://registry.npmjs.org/request/-/request-2.88.2.tgz"; + sha512 = "MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw=="; + }; + }; + "require-directory-2.1.1" = { + name = "require-directory"; + packageName = "require-directory"; + version = "2.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz"; + sha512 = "fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q=="; + }; + }; + "require-main-filename-1.0.1" = { + name = "require-main-filename"; + packageName = "require-main-filename"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz"; + sha512 = "IqSUtOVP4ksd1C/ej5zeEh/BIP2ajqpn8c5x+q99gvcIG/Qf0cud5raVnE/Dwd0ua9TXYDoDc0RE5hBSdz22Ug=="; + }; + }; + "resolve-1.22.3" = { + name = "resolve"; + packageName = "resolve"; + version = "1.22.3"; + src = fetchurl { + url = "https://registry.npmjs.org/resolve/-/resolve-1.22.3.tgz"; + sha512 = "P8ur/gp/AmbEzjr729bZnLjXK5Z+4P0zhIJgBgzqRih7hL7BOukHGtSTA3ACMY467GRFz3duQsi0bDZdR7DKdw=="; + }; + }; + "resolve-dir-1.0.1" = { + name = "resolve-dir"; + packageName = "resolve-dir"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/resolve-dir/-/resolve-dir-1.0.1.tgz"; + sha512 = "R7uiTjECzvOsWSfdM0QKFNBVFcK27aHOUwdvK53BcW8zqnGdYp0Fbj82cy54+2A4P2tFM22J5kRfe1R+lM/1yg=="; + }; + }; + "resolve-from-4.0.0" = { + name = "resolve-from"; + packageName = "resolve-from"; + version = "4.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz"; + sha512 = "pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g=="; + }; + }; + "resolve-options-1.1.0" = { + name = "resolve-options"; + packageName = "resolve-options"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/resolve-options/-/resolve-options-1.1.0.tgz"; + sha512 = "NYDgziiroVeDC29xq7bp/CacZERYsA9bXYd1ZmcJlF3BcrZv5pTb4NG7SjdyKDnXZ84aC4vo2u6sNKIA1LCu/A=="; + }; + }; + "resolve-url-0.2.1" = { + name = "resolve-url"; + packageName = "resolve-url"; + version = "0.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/resolve-url/-/resolve-url-0.2.1.tgz"; + sha512 = "ZuF55hVUQaaczgOIwqWzkEcEidmlD/xl44x1UZnhOXcYuFN2S6+rcxpG+C1N3So0wvNI3DmJICUFfu2SxhBmvg=="; + }; + }; + "ret-0.1.15" = { + name = "ret"; + packageName = "ret"; + version = "0.1.15"; + src = fetchurl { + url = "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz"; + sha512 = "TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg=="; + }; + }; + "reusify-1.0.4" = { + name = "reusify"; + packageName = "reusify"; + version = "1.0.4"; + src = fetchurl { + url = "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz"; + sha512 = "U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw=="; + }; + }; + "rimraf-2.7.1" = { + name = "rimraf"; + packageName = "rimraf"; + version = "2.7.1"; + src = fetchurl { + url = "https://registry.npmjs.org/rimraf/-/rimraf-2.7.1.tgz"; + sha512 = "uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w=="; + }; + }; + "rimraf-3.0.2" = { + name = "rimraf"; + packageName = "rimraf"; + version = "3.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz"; + sha512 = "JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA=="; + }; + }; + "run-parallel-1.2.0" = { + name = "run-parallel"; + packageName = "run-parallel"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz"; + sha512 = "5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA=="; + }; + }; + "safe-buffer-5.1.2" = { + name = "safe-buffer"; + packageName = "safe-buffer"; + version = "5.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz"; + sha512 = "Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="; + }; + }; + "safe-buffer-5.2.1" = { + name = "safe-buffer"; + packageName = "safe-buffer"; + version = "5.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz"; + sha512 = "rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ=="; + }; + }; + "safe-regex-1.1.0" = { + name = "safe-regex"; + packageName = "safe-regex"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/safe-regex/-/safe-regex-1.1.0.tgz"; + sha512 = "aJXcif4xnaNUzvUuC5gcb46oTS7zvg4jpMTnuqtrEPlR3vFr4pxtdTwaF1Qs3Enjn9HK+ZlwQui+a7z0SywIzg=="; + }; + }; + "safer-buffer-2.1.2" = { + name = "safer-buffer"; + packageName = "safer-buffer"; + version = "2.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz"; + sha512 = "YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="; + }; + }; + "seek-bzip-1.0.6" = { + name = "seek-bzip"; + packageName = "seek-bzip"; + version = "1.0.6"; + src = fetchurl { + url = "https://registry.npmjs.org/seek-bzip/-/seek-bzip-1.0.6.tgz"; + sha512 = "e1QtP3YL5tWww8uKaOCQ18UxIT2laNBXHjV/S2WYCiK4udiv8lkG89KRIoCjUagnAmCBurjF4zEVX2ByBbnCjQ=="; + }; + }; + "selenium-webdriver-4.9.2" = { + name = "selenium-webdriver"; + packageName = "selenium-webdriver"; + version = "4.9.2"; + src = fetchurl { + url = "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.9.2.tgz"; + sha512 = "0gDswAgVn6qbCYckZetQQvQK9tWW1r7LaumhiqY1/Wl/7JEWG0JANsTbZKnmGc3+cUU76zAi5/p0P8LUweXlig=="; + }; + }; + "semver-5.7.1" = { + name = "semver"; + packageName = "semver"; + version = "5.7.1"; + src = fetchurl { + url = "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz"; + sha512 = "sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ=="; + }; + }; + "semver-greatest-satisfied-range-1.1.0" = { + name = "semver-greatest-satisfied-range"; + packageName = "semver-greatest-satisfied-range"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/semver-greatest-satisfied-range/-/semver-greatest-satisfied-range-1.1.0.tgz"; + sha512 = "Ny/iyOzSSa8M5ML46IAx3iXc6tfOsYU2R4AXi2UpHk60Zrgyq6eqPj/xiOfS0rRl/iiQ/rdJkVjw/5cdUyCntQ=="; + }; + }; + "serialize-javascript-6.0.0" = { + name = "serialize-javascript"; + packageName = "serialize-javascript"; + version = "6.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.0.tgz"; + sha512 = "Qr3TosvguFt8ePWqsvRfrKyQXIiW+nGbYpy8XK24NQHE83caxWt+mIymTT19DGFbNWNLfEwsrkSmN64lVWB9ag=="; + }; + }; + "set-blocking-2.0.0" = { + name = "set-blocking"; + packageName = "set-blocking"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz"; + sha512 = "KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw=="; + }; + }; + "set-value-2.0.1" = { + name = "set-value"; + packageName = "set-value"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/set-value/-/set-value-2.0.1.tgz"; + sha512 = "JxHc1weCN68wRY0fhCoXpyK55m/XPHafOmK4UWD7m2CI14GMcFypt4w/0+NV5f/ZMby2F6S2wwA7fgynh9gWSw=="; + }; + }; + "setimmediate-1.0.5" = { + name = "setimmediate"; + packageName = "setimmediate"; + version = "1.0.5"; + src = fetchurl { + url = "https://registry.npmjs.org/setimmediate/-/setimmediate-1.0.5.tgz"; + sha512 = "MATJdZp8sLqDl/68LfQmbP8zKPLQNV6BIZoIgrscFDQ+RsvK/BxeDQOgyxKKoh0y/8h3BqVFnCqQ/gd+reiIXA=="; + }; + }; + "shebang-command-2.0.0" = { + name = "shebang-command"; + packageName = "shebang-command"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz"; + sha512 = "kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA=="; + }; + }; + "shebang-regex-3.0.0" = { + name = "shebang-regex"; + packageName = "shebang-regex"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz"; + sha512 = "7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A=="; + }; + }; + "snapdragon-0.8.2" = { + name = "snapdragon"; + packageName = "snapdragon"; + version = "0.8.2"; + src = fetchurl { + url = "https://registry.npmjs.org/snapdragon/-/snapdragon-0.8.2.tgz"; + sha512 = "FtyOnWN/wCHTVXOMwvSv26d+ko5vWlIDD6zoUJ7LW8vh+ZBC8QdljveRP+crNrtBwioEUWy/4dMtbBjA4ioNlg=="; + }; + }; + "snapdragon-node-2.1.1" = { + name = "snapdragon-node"; + packageName = "snapdragon-node"; + version = "2.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/snapdragon-node/-/snapdragon-node-2.1.1.tgz"; + sha512 = "O27l4xaMYt/RSQ5TR3vpWCAB5Kb/czIcqUFOM/C4fYcLnbZUc1PkjTAMjof2pBWaSTwOUd6qUHcFGVGj7aIwnw=="; + }; + }; + "snapdragon-util-3.0.1" = { + name = "snapdragon-util"; + packageName = "snapdragon-util"; + version = "3.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/snapdragon-util/-/snapdragon-util-3.0.1.tgz"; + sha512 = "mbKkMdQKsjX4BAL4bRYTj21edOf8cN7XHdYUJEe+Zn99hVEYcMvKPct1IqNe7+AZPirn8BCDOQBHQZknqmKlZQ=="; + }; + }; + "source-map-0.5.7" = { + name = "source-map"; + packageName = "source-map"; + version = "0.5.7"; + src = fetchurl { + url = "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz"; + sha512 = "LbrmJOMUSdEVxIKvdcJzQC+nQhe8FUZQTXQy6+I75skNgn3OoQ0DZA8YnFa7gp8tqtL3KPf1kmo0R5DoApeSGQ=="; + }; + }; + "source-map-0.6.1" = { + name = "source-map"; + packageName = "source-map"; + version = "0.6.1"; + src = fetchurl { + url = "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz"; + sha512 = "UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g=="; + }; + }; + "source-map-resolve-0.5.3" = { + name = "source-map-resolve"; + packageName = "source-map-resolve"; + version = "0.5.3"; + src = fetchurl { + url = "https://registry.npmjs.org/source-map-resolve/-/source-map-resolve-0.5.3.tgz"; + sha512 = "Htz+RnsXWk5+P2slx5Jh3Q66vhQj1Cllm0zvnaY98+NFx+Dv2CF/f5O/t8x+KaNdrdIAsruNzoh/KpialbqAnw=="; + }; + }; + "source-map-resolve-0.6.0" = { + name = "source-map-resolve"; + packageName = "source-map-resolve"; + version = "0.6.0"; + src = fetchurl { + url = "https://registry.npmjs.org/source-map-resolve/-/source-map-resolve-0.6.0.tgz"; + sha512 = "KXBr9d/fO/bWo97NXsPIAW1bFSBOuCnjbNTBMO7N59hsv5i9yzRDfcYwwt0l04+VqnKC+EwzvJZIP/qkuMgR/w=="; + }; + }; + "source-map-url-0.4.1" = { + name = "source-map-url"; + packageName = "source-map-url"; + version = "0.4.1"; + src = fetchurl { + url = "https://registry.npmjs.org/source-map-url/-/source-map-url-0.4.1.tgz"; + sha512 = "cPiFOTLUKvJFIg4SKVScy4ilPPW6rFgMgfuZJPNoDuMs3nC1HbMUycBoJw77xFIp6z1UJQJOfx6C9GMH80DiTw=="; + }; + }; + "sparkles-1.0.1" = { + name = "sparkles"; + packageName = "sparkles"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/sparkles/-/sparkles-1.0.1.tgz"; + sha512 = "dSO0DDYUahUt/0/pD/Is3VIm5TGJjludZ0HVymmhYF6eNA53PVLhnUk0znSYbH8IYBuJdCE+1luR22jNLMaQdw=="; + }; + }; + "spdx-correct-3.2.0" = { + name = "spdx-correct"; + packageName = "spdx-correct"; + version = "3.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.2.0.tgz"; + sha512 = "kN9dJbvnySHULIluDHy32WHRUu3Og7B9sbY7tsFLctQkIqnMh3hErYgdMjTYuqmcXX+lK5T1lnUt3G7zNswmZA=="; + }; + }; + "spdx-exceptions-2.3.0" = { + name = "spdx-exceptions"; + packageName = "spdx-exceptions"; + version = "2.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz"; + sha512 = "/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A=="; + }; + }; + "spdx-expression-parse-3.0.1" = { + name = "spdx-expression-parse"; + packageName = "spdx-expression-parse"; + version = "3.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz"; + sha512 = "cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q=="; + }; + }; + "spdx-license-ids-3.0.13" = { + name = "spdx-license-ids"; + packageName = "spdx-license-ids"; + version = "3.0.13"; + src = fetchurl { + url = "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.13.tgz"; + sha512 = "XkD+zwiqXHikFZm4AX/7JSCXA98U5Db4AFd5XUg/+9UNtnH75+Z9KxtpYiJZx36mUDVOwH83pl7yvCer6ewM3w=="; + }; + }; + "split-string-3.1.0" = { + name = "split-string"; + packageName = "split-string"; + version = "3.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/split-string/-/split-string-3.1.0.tgz"; + sha512 = "NzNVhJDYpwceVVii8/Hu6DKfD2G+NrQHlS/V/qgv763EYudVwEcMQNxd2lh+0VrUByXN/oJkl5grOhYWvQUYiw=="; + }; + }; + "sshpk-1.17.0" = { + name = "sshpk"; + packageName = "sshpk"; + version = "1.17.0"; + src = fetchurl { + url = "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz"; + sha512 = "/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ=="; + }; + }; + "stack-trace-0.0.10" = { + name = "stack-trace"; + packageName = "stack-trace"; + version = "0.0.10"; + src = fetchurl { + url = "https://registry.npmjs.org/stack-trace/-/stack-trace-0.0.10.tgz"; + sha512 = "KGzahc7puUKkzyMt+IqAep+TVNbKP+k2Lmwhub39m1AsTSkaDutx56aDCo+HLDzf/D26BIHTJWNiTG1KAJiQCg=="; + }; + }; + "static-extend-0.1.2" = { + name = "static-extend"; + packageName = "static-extend"; + version = "0.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/static-extend/-/static-extend-0.1.2.tgz"; + sha512 = "72E9+uLc27Mt718pMHt9VMNiAL4LMsmDbBva8mxWUCkT07fSzEGMYUCk0XWY6lp0j6RBAG4cJ3mWuZv2OE3s0g=="; + }; + }; + "stream-exhaust-1.0.2" = { + name = "stream-exhaust"; + packageName = "stream-exhaust"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/stream-exhaust/-/stream-exhaust-1.0.2.tgz"; + sha512 = "b/qaq/GlBK5xaq1yrK9/zFcyRSTNxmcZwFLGSTG0mXgZl/4Z6GgiyYOXOvY7N3eEvFRAG1bkDRz5EPGSvPYQlw=="; + }; + }; + "stream-shift-1.0.1" = { + name = "stream-shift"; + packageName = "stream-shift"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.1.tgz"; + sha512 = "AiisoFqQ0vbGcZgQPY1cdP2I76glaVA/RauYR4G4thNFgkTqr90yXTo4LYX60Jl+sIlPNHHdGSwo01AvbKUSVQ=="; + }; + }; + "string-width-1.0.2" = { + name = "string-width"; + packageName = "string-width"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz"; + sha512 = "0XsVpQLnVCXHJfyEs8tC0zpTVIr5PKKsQtkT29IwupnPTjtPmQ3xT/4yCREF9hYkV/3M3kzcUTSAZT6a6h81tw=="; + }; + }; + "string-width-4.2.3" = { + name = "string-width"; + packageName = "string-width"; + version = "4.2.3"; + src = fetchurl { + url = "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz"; + sha512 = "wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g=="; + }; + }; + "string_decoder-0.10.31" = { + name = "string_decoder"; + packageName = "string_decoder"; + version = "0.10.31"; + src = fetchurl { + url = "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz"; + sha512 = "ev2QzSzWPYmy9GuqfIVildA4OdcGLeFZQrq5ys6RtiuF+RQQiZWr8TZNyAcuVXyQRYfEO+MsoB/1BuQVhOJuoQ=="; + }; + }; + "string_decoder-1.1.1" = { + name = "string_decoder"; + packageName = "string_decoder"; + version = "1.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz"; + sha512 = "n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg=="; + }; + }; + "strip-ansi-3.0.1" = { + name = "strip-ansi"; + packageName = "strip-ansi"; + version = "3.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz"; + sha512 = "VhumSSbBqDTP8p2ZLKj40UjBCV4+v8bUSEpUb4KjRgWk9pbqGF4REFj6KEagidb2f/M6AzC0EmFyDNGaw9OCzg=="; + }; + }; + "strip-ansi-6.0.1" = { + name = "strip-ansi"; + packageName = "strip-ansi"; + version = "6.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz"; + sha512 = "Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A=="; + }; + }; + "strip-bom-2.0.0" = { + name = "strip-bom"; + packageName = "strip-bom"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz"; + sha512 = "kwrX1y7czp1E69n2ajbG65mIo9dqvJ+8aBQXOGVxqwvNbsXdFM6Lq37dLAY3mknUwru8CfcCbfOLL/gMo+fi3g=="; + }; + }; + "strip-bom-string-1.0.0" = { + name = "strip-bom-string"; + packageName = "strip-bom-string"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/strip-bom-string/-/strip-bom-string-1.0.0.tgz"; + sha512 = "uCC2VHvQRYu+lMh4My/sFNmF2klFymLX1wHJeXnbEJERpV/ZsVuonzerjfrGpIGF7LBVa1O7i9kjiWvJiFck8g=="; + }; + }; + "strip-dirs-2.1.0" = { + name = "strip-dirs"; + packageName = "strip-dirs"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/strip-dirs/-/strip-dirs-2.1.0.tgz"; + sha512 = "JOCxOeKLm2CAS73y/U4ZeZPTkE+gNVCzKt7Eox84Iej1LT/2pTWYpZKJuxwQpvX1LiZb1xokNR7RLfuBAa7T3g=="; + }; + }; + "strip-json-comments-3.1.1" = { + name = "strip-json-comments"; + packageName = "strip-json-comments"; + version = "3.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz"; + sha512 = "6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig=="; + }; + }; + "strip-outer-1.0.1" = { + name = "strip-outer"; + packageName = "strip-outer"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/strip-outer/-/strip-outer-1.0.1.tgz"; + sha512 = "k55yxKHwaXnpYGsOzg4Vl8+tDrWylxDEpknGjhTiZB8dFRU5rTo9CAzeycivxV3s+zlTKwrs6WxMxR95n26kwg=="; + }; + }; + "supports-color-2.0.0" = { + name = "supports-color"; + packageName = "supports-color"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz"; + sha512 = "KKNVtd6pCYgPIKU4cp2733HWYCpplQhddZLBUryaAHou723x+FRzQ5Df824Fj+IyyuiQTRoub4SnIFfIcrp70g=="; + }; + }; + "supports-color-7.2.0" = { + name = "supports-color"; + packageName = "supports-color"; + version = "7.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz"; + sha512 = "qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw=="; + }; + }; + "supports-color-8.1.1" = { + name = "supports-color"; + packageName = "supports-color"; + version = "8.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz"; + sha512 = "MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q=="; + }; + }; + "supports-preserve-symlinks-flag-1.0.0" = { + name = "supports-preserve-symlinks-flag"; + packageName = "supports-preserve-symlinks-flag"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz"; + sha512 = "ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w=="; + }; + }; + "sver-compat-1.5.0" = { + name = "sver-compat"; + packageName = "sver-compat"; + version = "1.5.0"; + src = fetchurl { + url = "https://registry.npmjs.org/sver-compat/-/sver-compat-1.5.0.tgz"; + sha512 = "aFTHfmjwizMNlNE6dsGmoAM4lHjL0CyiobWaFiXWSlD7cIxshW422Nb8KbXCmR6z+0ZEPY+daXJrDyh/vuwTyg=="; + }; + }; + "tar-stream-1.6.2" = { + name = "tar-stream"; + packageName = "tar-stream"; + version = "1.6.2"; + src = fetchurl { + url = "https://registry.npmjs.org/tar-stream/-/tar-stream-1.6.2.tgz"; + sha512 = "rzS0heiNf8Xn7/mpdSVVSMAWAoy9bfb1WOTYC78Z0UQKeKa/CWS8FOq0lKGNa8DWKAn9gxjCvMLYc5PGXYlK2A=="; + }; + }; + "text-table-0.2.0" = { + name = "text-table"; + packageName = "text-table"; + version = "0.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz"; + sha512 = "N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw=="; + }; + }; + "through-2.3.8" = { + name = "through"; + packageName = "through"; + version = "2.3.8"; + src = fetchurl { + url = "https://registry.npmjs.org/through/-/through-2.3.8.tgz"; + sha512 = "w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg=="; + }; + }; + "through2-2.0.5" = { + name = "through2"; + packageName = "through2"; + version = "2.0.5"; + src = fetchurl { + url = "https://registry.npmjs.org/through2/-/through2-2.0.5.tgz"; + sha512 = "/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ=="; + }; + }; + "through2-3.0.2" = { + name = "through2"; + packageName = "through2"; + version = "3.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/through2/-/through2-3.0.2.tgz"; + sha512 = "enaDQ4MUyP2W6ZyT6EsMzqBPZaM/avg8iuo+l2d3QCs0J+6RaqkHV/2/lOwDTueBHeJ/2LG9lrLW3d5rWPucuQ=="; + }; + }; + "through2-filter-3.0.0" = { + name = "through2-filter"; + packageName = "through2-filter"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/through2-filter/-/through2-filter-3.0.0.tgz"; + sha512 = "jaRjI2WxN3W1V8/FMZ9HKIBXixtiqs3SQSX4/YGIiP3gL6djW48VoZq9tDqeCWs3MT8YY5wb/zli8VW8snY1CA=="; + }; + }; + "time-stamp-1.1.0" = { + name = "time-stamp"; + packageName = "time-stamp"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/time-stamp/-/time-stamp-1.1.0.tgz"; + sha512 = "gLCeArryy2yNTRzTGKbZbloctj64jkZ57hj5zdraXue6aFgd6PmvVtEyiUU+hvU0v7q08oVv8r8ev0tRo6bvgw=="; + }; + }; + "timed-out-4.0.1" = { + name = "timed-out"; + packageName = "timed-out"; + version = "4.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/timed-out/-/timed-out-4.0.1.tgz"; + sha512 = "G7r3AhovYtr5YKOWQkta8RKAPb+J9IsO4uVmzjl8AZwfhs8UcUwTiD6gcJYSgOtzyjvQKrKYn41syHbUWMkafA=="; + }; + }; + "timers-ext-0.1.7" = { + name = "timers-ext"; + packageName = "timers-ext"; + version = "0.1.7"; + src = fetchurl { + url = "https://registry.npmjs.org/timers-ext/-/timers-ext-0.1.7.tgz"; + sha512 = "b85NUNzTSdodShTIbky6ZF02e8STtVVfD+fu4aXXShEELpozH+bCpJLYMPZbsABN2wDH7fJpqIoXxJpzbf0NqQ=="; + }; + }; + "tmp-0.2.1" = { + name = "tmp"; + packageName = "tmp"; + version = "0.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/tmp/-/tmp-0.2.1.tgz"; + sha512 = "76SUhtfqR2Ijn+xllcI5P1oyannHNHByD80W1q447gU3mp9G9PSpGdWmjUOHRDPiHYacIk66W7ubDTuPF3BEtQ=="; + }; + }; + "to-absolute-glob-2.0.2" = { + name = "to-absolute-glob"; + packageName = "to-absolute-glob"; + version = "2.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/to-absolute-glob/-/to-absolute-glob-2.0.2.tgz"; + sha512 = "rtwLUQEwT8ZeKQbyFJyomBRYXyE16U5VKuy0ftxLMK/PZb2fkOsg5r9kHdauuVDbsNdIBoC/HCthpidamQFXYA=="; + }; + }; + "to-buffer-1.1.1" = { + name = "to-buffer"; + packageName = "to-buffer"; + version = "1.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/to-buffer/-/to-buffer-1.1.1.tgz"; + sha512 = "lx9B5iv7msuFYE3dytT+KE5tap+rNYw+K4jVkb9R/asAb+pbBSM17jtunHplhBe6RRJdZx3Pn2Jph24O32mOVg=="; + }; + }; + "to-object-path-0.3.0" = { + name = "to-object-path"; + packageName = "to-object-path"; + version = "0.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/to-object-path/-/to-object-path-0.3.0.tgz"; + sha512 = "9mWHdnGRuh3onocaHzukyvCZhzvr6tiflAy/JRFXcJX0TjgfWA9pk9t8CMbzmBE4Jfw58pXbkngtBtqYxzNEyg=="; + }; + }; + "to-regex-3.0.2" = { + name = "to-regex"; + packageName = "to-regex"; + version = "3.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/to-regex/-/to-regex-3.0.2.tgz"; + sha512 = "FWtleNAtZ/Ki2qtqej2CXTOayOH9bHDQF+Q48VpWyDXjbYxA4Yz8iDB31zXOBUlOHHKidDbqGVrTUvQMPmBGBw=="; + }; + }; + "to-regex-range-2.1.1" = { + name = "to-regex-range"; + packageName = "to-regex-range"; + version = "2.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/to-regex-range/-/to-regex-range-2.1.1.tgz"; + sha512 = "ZZWNfCjUokXXDGXFpZehJIkZqq91BcULFq/Pi7M5i4JnxXdhMKAK682z8bCW3o8Hj1wuuzoKcW3DfVzaP6VuNg=="; + }; + }; + "to-regex-range-5.0.1" = { + name = "to-regex-range"; + packageName = "to-regex-range"; + version = "5.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz"; + sha512 = "65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ=="; + }; + }; + "to-through-2.0.0" = { + name = "to-through"; + packageName = "to-through"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/to-through/-/to-through-2.0.0.tgz"; + sha512 = "+QIz37Ly7acM4EMdw2PRN389OneM5+d844tirkGp4dPKzI5OE72V9OsbFp+CIYJDahZ41ZV05hNtcPAQUAm9/Q=="; + }; + }; + "touch-0.0.3" = { + name = "touch"; + packageName = "touch"; + version = "0.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/touch/-/touch-0.0.3.tgz"; + sha512 = "/LQ54KM9rPf3rGXGo2UPQWx3ol242Zg6Whq27H5DEmZhCJo+pm9N5BzRGepO9vTVhYxpXJdcc1+3uaYt9NyeKg=="; + }; + }; + "tough-cookie-2.5.0" = { + name = "tough-cookie"; + packageName = "tough-cookie"; + version = "2.5.0"; + src = fetchurl { + url = "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz"; + sha512 = "nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g=="; + }; + }; + "traverse-0.3.9" = { + name = "traverse"; + packageName = "traverse"; + version = "0.3.9"; + src = fetchurl { + url = "https://registry.npmjs.org/traverse/-/traverse-0.3.9.tgz"; + sha512 = "iawgk0hLP3SxGKDfnDJf8wTz4p2qImnyihM5Hh/sGvQ3K37dPi/w8sRhdNIxYA1TwFwc5mDhIJq+O0RsvXBKdQ=="; + }; + }; + "tree-kill-1.2.2" = { + name = "tree-kill"; + packageName = "tree-kill"; + version = "1.2.2"; + src = fetchurl { + url = "https://registry.npmjs.org/tree-kill/-/tree-kill-1.2.2.tgz"; + sha512 = "L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A=="; + }; + }; + "trim-repeated-1.0.0" = { + name = "trim-repeated"; + packageName = "trim-repeated"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/trim-repeated/-/trim-repeated-1.0.0.tgz"; + sha512 = "pkonvlKk8/ZuR0D5tLW8ljt5I8kmxp2XKymhepUeOdCEfKpZaktSArkLHZt76OB1ZvO9bssUsDty4SWhLvZpLg=="; + }; + }; + "tunnel-agent-0.6.0" = { + name = "tunnel-agent"; + packageName = "tunnel-agent"; + version = "0.6.0"; + src = fetchurl { + url = "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz"; + sha512 = "McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w=="; + }; + }; + "tweetnacl-0.14.5" = { + name = "tweetnacl"; + packageName = "tweetnacl"; + version = "0.14.5"; + src = fetchurl { + url = "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz"; + sha512 = "KXXFFdAbFXY4geFIwoyNK+f5Z1b7swfXABfL7HXCmoIWMKU3dmS26672A4EeQtDzLKy7SXmfBu51JolvEKwtGA=="; + }; + }; + "type-1.2.0" = { + name = "type"; + packageName = "type"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/type/-/type-1.2.0.tgz"; + sha512 = "+5nt5AAniqsCnu2cEQQdpzCAh33kVx8n0VoFidKpB1dVVLAN/F+bgVOqOJqOnEnrhp222clB5p3vUlD+1QAnfg=="; + }; + }; + "type-2.7.2" = { + name = "type"; + packageName = "type"; + version = "2.7.2"; + src = fetchurl { + url = "https://registry.npmjs.org/type/-/type-2.7.2.tgz"; + sha512 = "dzlvlNlt6AXU7EBSfpAscydQ7gXB+pPGsPnfJnZpiNJBDj7IaJzQlBZYGdEi4R9HmPdBv2XmWJ6YUtoTa7lmCw=="; + }; + }; + "type-check-0.4.0" = { + name = "type-check"; + packageName = "type-check"; + version = "0.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz"; + sha512 = "XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew=="; + }; + }; + "type-detect-4.0.8" = { + name = "type-detect"; + packageName = "type-detect"; + version = "4.0.8"; + src = fetchurl { + url = "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz"; + sha512 = "0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g=="; + }; + }; + "type-fest-0.20.2" = { + name = "type-fest"; + packageName = "type-fest"; + version = "0.20.2"; + src = fetchurl { + url = "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz"; + sha512 = "Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ=="; + }; + }; + "typedarray-0.0.6" = { + name = "typedarray"; + packageName = "typedarray"; + version = "0.0.6"; + src = fetchurl { + url = "https://registry.npmjs.org/typedarray/-/typedarray-0.0.6.tgz"; + sha512 = "/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA=="; + }; + }; + "unbzip2-stream-1.4.3" = { + name = "unbzip2-stream"; + packageName = "unbzip2-stream"; + version = "1.4.3"; + src = fetchurl { + url = "https://registry.npmjs.org/unbzip2-stream/-/unbzip2-stream-1.4.3.tgz"; + sha512 = "mlExGW4w71ebDJviH16lQLtZS32VKqsSfk80GCfUlwT/4/hNRFsoscrF/c++9xinkMzECL1uL9DDwXqFWkruPg=="; + }; + }; + "unc-path-regex-0.1.2" = { + name = "unc-path-regex"; + packageName = "unc-path-regex"; + version = "0.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/unc-path-regex/-/unc-path-regex-0.1.2.tgz"; + sha512 = "eXL4nmJT7oCpkZsHZUOJo8hcX3GbsiDOa0Qu9F646fi8dT3XuSVopVqAcEiVzSKKH7UoDti23wNX3qGFxcW5Qg=="; + }; + }; + "undertaker-1.3.0" = { + name = "undertaker"; + packageName = "undertaker"; + version = "1.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/undertaker/-/undertaker-1.3.0.tgz"; + sha512 = "/RXwi5m/Mu3H6IHQGww3GNt1PNXlbeCuclF2QYR14L/2CHPz3DFZkvB5hZ0N/QUkiXWCACML2jXViIQEQc2MLg=="; + }; + }; + "undertaker-registry-1.0.1" = { + name = "undertaker-registry"; + packageName = "undertaker-registry"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/undertaker-registry/-/undertaker-registry-1.0.1.tgz"; + sha512 = "UR1khWeAjugW3548EfQmL9Z7pGMlBgXteQpr1IZeZBtnkCJQJIJ1Scj0mb9wQaPvUZ9Q17XqW6TIaPchJkyfqw=="; + }; + }; + "union-value-1.0.1" = { + name = "union-value"; + packageName = "union-value"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/union-value/-/union-value-1.0.1.tgz"; + sha512 = "tJfXmxMeWYnczCVs7XAEvIV7ieppALdyepWMkHkwciRpZraG/xwT+s2JN8+pr1+8jCRf80FFzvr+MpQeeoF4Xg=="; + }; + }; + "unique-stream-2.3.1" = { + name = "unique-stream"; + packageName = "unique-stream"; + version = "2.3.1"; + src = fetchurl { + url = "https://registry.npmjs.org/unique-stream/-/unique-stream-2.3.1.tgz"; + sha512 = "2nY4TnBE70yoxHkDli7DMazpWiP7xMdCYqU2nBRO0UB+ZpEkGsSija7MvmvnZFUeC+mrgiUfcHSr3LmRFIg4+A=="; + }; + }; + "universalify-0.1.2" = { + name = "universalify"; + packageName = "universalify"; + version = "0.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz"; + sha512 = "rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg=="; + }; + }; + "unset-value-1.0.0" = { + name = "unset-value"; + packageName = "unset-value"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/unset-value/-/unset-value-1.0.0.tgz"; + sha512 = "PcA2tsuGSF9cnySLHTLSh2qrQiJ70mn+r+Glzxv2TWZblxsxCC52BDlZoPCsz7STd9pN7EZetkWZBAvk4cgZdQ=="; + }; + }; + "untildify-3.0.3" = { + name = "untildify"; + packageName = "untildify"; + version = "3.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/untildify/-/untildify-3.0.3.tgz"; + sha512 = "iSk/J8efr8uPT/Z4eSUywnqyrQU7DSdMfdqK4iWEaUVVmcP5JcnpRqmVMwcwcnmI1ATFNgC5V90u09tBynNFKA=="; + }; + }; + "unzip-response-2.0.1" = { + name = "unzip-response"; + packageName = "unzip-response"; + version = "2.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/unzip-response/-/unzip-response-2.0.1.tgz"; + sha512 = "N0XH6lqDtFH84JxptQoZYmloF4nzrQqqrAymNj+/gW60AO2AZgOcf4O/nUXJcYfyQkqvMo9lSupBZmmgvuVXlw=="; + }; + }; + "upath-1.2.0" = { + name = "upath"; + packageName = "upath"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/upath/-/upath-1.2.0.tgz"; + sha512 = "aZwGpamFO61g3OlfT7OQCHqhGnW43ieH9WZeP7QxN/G/jS4jfqUkZxoryvJgVPEcrl5NL/ggHsSmLMHuH64Lhg=="; + }; + }; + "uri-js-4.4.1" = { + name = "uri-js"; + packageName = "uri-js"; + version = "4.4.1"; + src = fetchurl { + url = "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz"; + sha512 = "7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg=="; + }; + }; + "urix-0.1.0" = { + name = "urix"; + packageName = "urix"; + version = "0.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/urix/-/urix-0.1.0.tgz"; + sha512 = "Am1ousAhSLBeB9cG/7k7r2R0zj50uDRlZHPGbazid5s9rlF1F/QKYObEKSIunSjIOkJZqwRRLpvewjEkM7pSqg=="; + }; + }; + "url-parse-lax-1.0.0" = { + name = "url-parse-lax"; + packageName = "url-parse-lax"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/url-parse-lax/-/url-parse-lax-1.0.0.tgz"; + sha512 = "BVA4lR5PIviy2PMseNd2jbFQ+jwSwQGdJejf5ctd1rEXt0Ypd7yanUK9+lYechVlN5VaTJGsu2U/3MDDu6KgBA=="; + }; + }; + "url-to-options-1.0.1" = { + name = "url-to-options"; + packageName = "url-to-options"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/url-to-options/-/url-to-options-1.0.1.tgz"; + sha512 = "0kQLIzG4fdk/G5NONku64rSH/x32NOA39LVQqlK8Le6lvTF6GGRJpqaQFGgU+CLwySIqBSMdwYM0sYcW9f6P4A=="; + }; + }; + "use-3.1.1" = { + name = "use"; + packageName = "use"; + version = "3.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/use/-/use-3.1.1.tgz"; + sha512 = "cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ=="; + }; + }; + "utf-8-validate-6.0.3" = { + name = "utf-8-validate"; + packageName = "utf-8-validate"; + version = "6.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/utf-8-validate/-/utf-8-validate-6.0.3.tgz"; + sha512 = "uIuGf9TWQ/y+0Lp+KGZCMuJWc3N9BHA+l/UmHd/oUHwJJDeysyTRxNQVkbzsIWfGFbRe3OcgML/i0mvVRPOyDA=="; + }; + }; + "util-deprecate-1.0.2" = { + name = "util-deprecate"; + packageName = "util-deprecate"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz"; + sha512 = "EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw=="; + }; + }; + "uuid-3.4.0" = { + name = "uuid"; + packageName = "uuid"; + version = "3.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz"; + sha512 = "HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A=="; + }; + }; + "v8flags-3.2.0" = { + name = "v8flags"; + packageName = "v8flags"; + version = "3.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/v8flags/-/v8flags-3.2.0.tgz"; + sha512 = "mH8etigqMfiGWdeXpaaqGfs6BndypxusHHcv2qSHyZkGEznCd/qAXCWWRzeowtL54147cktFOC4P5y+kl8d8Jg=="; + }; + }; + "validate-npm-package-license-3.0.4" = { + name = "validate-npm-package-license"; + packageName = "validate-npm-package-license"; + version = "3.0.4"; + src = fetchurl { + url = "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz"; + sha512 = "DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew=="; + }; + }; + "value-or-function-3.0.0" = { + name = "value-or-function"; + packageName = "value-or-function"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/value-or-function/-/value-or-function-3.0.0.tgz"; + sha512 = "jdBB2FrWvQC/pnPtIqcLsMaQgjhdb6B7tk1MMyTKapox+tQZbdRP4uLxu/JY0t7fbfDCUMnuelzEYv5GsxHhdg=="; + }; + }; + "verror-1.10.0" = { + name = "verror"; + packageName = "verror"; + version = "1.10.0"; + src = fetchurl { + url = "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz"; + sha512 = "ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw=="; + }; + }; + "vinyl-2.2.1" = { + name = "vinyl"; + packageName = "vinyl"; + version = "2.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/vinyl/-/vinyl-2.2.1.tgz"; + sha512 = "LII3bXRFBZLlezoG5FfZVcXflZgWP/4dCwKtxd5ky9+LOtM4CS3bIRQsmR1KMnMW07jpE8fqR2lcxPZ+8sJIcw=="; + }; + }; + "vinyl-fs-3.0.3" = { + name = "vinyl-fs"; + packageName = "vinyl-fs"; + version = "3.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/vinyl-fs/-/vinyl-fs-3.0.3.tgz"; + sha512 = "vIu34EkyNyJxmP0jscNzWBSygh7VWhqun6RmqVfXePrOwi9lhvRs//dOaGOTRUQr4tx7/zd26Tk5WeSVZitgng=="; + }; + }; + "vinyl-sourcemap-1.1.0" = { + name = "vinyl-sourcemap"; + packageName = "vinyl-sourcemap"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/vinyl-sourcemap/-/vinyl-sourcemap-1.1.0.tgz"; + sha512 = "NiibMgt6VJGJmyw7vtzhctDcfKch4e4n9TBeoWlirb7FMg9/1Ov9k+A5ZRAtywBpRPiyECvQRQllYM8dECegVA=="; + }; + }; + "which-1.3.1" = { + name = "which"; + packageName = "which"; + version = "1.3.1"; + src = fetchurl { + url = "https://registry.npmjs.org/which/-/which-1.3.1.tgz"; + sha512 = "HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ=="; + }; + }; + "which-2.0.2" = { + name = "which"; + packageName = "which"; + version = "2.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/which/-/which-2.0.2.tgz"; + sha512 = "BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA=="; + }; + }; + "which-module-1.0.0" = { + name = "which-module"; + packageName = "which-module"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/which-module/-/which-module-1.0.0.tgz"; + sha512 = "F6+WgncZi/mJDrammbTuHe1q0R5hOXv/mBaiNA2TCNT/LTHusX0V+CJnj9XT8ki5ln2UZyyddDgHfCzyrOH7MQ=="; + }; + }; + "window-size-0.1.4" = { + name = "window-size"; + packageName = "window-size"; + version = "0.1.4"; + src = fetchurl { + url = "https://registry.npmjs.org/window-size/-/window-size-0.1.4.tgz"; + sha512 = "2thx4pB0cV3h+Bw7QmMXcEbdmOzv9t0HFplJH/Lz6yu60hXYy5RT8rUu+wlIreVxWsGN20mo+MHeCSfUpQBwPw=="; + }; + }; + "winreg-1.2.4" = { + name = "winreg"; + packageName = "winreg"; + version = "1.2.4"; + src = fetchurl { + url = "https://registry.npmjs.org/winreg/-/winreg-1.2.4.tgz"; + sha512 = "IHpzORub7kYlb8A43Iig3reOvlcBJGX9gZ0WycHhghHtA65X0LYnMRuJs+aH1abVnMJztQkvQNlltnbPi5aGIA=="; + }; + }; + "word-wrap-1.2.3" = { + name = "word-wrap"; + packageName = "word-wrap"; + version = "1.2.3"; + src = fetchurl { + url = "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz"; + sha512 = "Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ=="; + }; + }; + "workerpool-6.2.1" = { + name = "workerpool"; + packageName = "workerpool"; + version = "6.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/workerpool/-/workerpool-6.2.1.tgz"; + sha512 = "ILEIE97kDZvF9Wb9f6h5aXK4swSlKGUcOEGiIYb2OOu/IrDU9iwj0fD//SsA6E5ibwJxpEvhullJY4Sl4GcpAw=="; + }; + }; + "wrap-ansi-2.1.0" = { + name = "wrap-ansi"; + packageName = "wrap-ansi"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-2.1.0.tgz"; + sha512 = "vAaEaDM946gbNpH5pLVNR+vX2ht6n0Bt3GXwVB1AuAqZosOvHNF3P7wDnh8KLkSqgUh0uh77le7Owgoz+Z9XBw=="; + }; + }; + "wrap-ansi-7.0.0" = { + name = "wrap-ansi"; + packageName = "wrap-ansi"; + version = "7.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz"; + sha512 = "YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q=="; + }; + }; + "wrappy-1.0.2" = { + name = "wrappy"; + packageName = "wrappy"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz"; + sha512 = "l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ=="; + }; + }; + "ws-8.13.0" = { + name = "ws"; + packageName = "ws"; + version = "8.13.0"; + src = fetchurl { + url = "https://registry.npmjs.org/ws/-/ws-8.13.0.tgz"; + sha512 = "x9vcZYTrFPC7aSIbj7sRCYo7L/Xb8Iy+pW0ng0wt2vCJv7M9HOMy0UoN3rr+IFC7hb7vXoqS+P9ktyLLLhO+LA=="; + }; + }; + "xtend-4.0.2" = { + name = "xtend"; + packageName = "xtend"; + version = "4.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz"; + sha512 = "LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ=="; + }; + }; + "y18n-3.2.2" = { + name = "y18n"; + packageName = "y18n"; + version = "3.2.2"; + src = fetchurl { + url = "https://registry.npmjs.org/y18n/-/y18n-3.2.2.tgz"; + sha512 = "uGZHXkHnhF0XeeAPgnKfPv1bgKAYyVvmNL1xlKsPYZPaIHxGti2hHqvOCQv71XMsLxu1QjergkqogUnms5D3YQ=="; + }; + }; + "y18n-5.0.8" = { + name = "y18n"; + packageName = "y18n"; + version = "5.0.8"; + src = fetchurl { + url = "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz"; + sha512 = "0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA=="; + }; + }; + "yargs-16.2.0" = { + name = "yargs"; + packageName = "yargs"; + version = "16.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz"; + sha512 = "D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw=="; + }; + }; + "yargs-17.7.2" = { + name = "yargs"; + packageName = "yargs"; + version = "17.7.2"; + src = fetchurl { + url = "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz"; + sha512 = "7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w=="; + }; + }; + "yargs-3.32.0" = { + name = "yargs"; + packageName = "yargs"; + version = "3.32.0"; + src = fetchurl { + url = "https://registry.npmjs.org/yargs/-/yargs-3.32.0.tgz"; + sha512 = "ONJZiimStfZzhKamYvR/xvmgW3uEkAUFSP91y2caTEPhzF6uP2JfPiVZcq66b/YR0C3uitxSV7+T1x8p5bkmMg=="; + }; + }; + "yargs-7.1.2" = { + name = "yargs"; + packageName = "yargs"; + version = "7.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/yargs/-/yargs-7.1.2.tgz"; + sha512 = "ZEjj/dQYQy0Zx0lgLMLR8QuaqTihnxirir7EwUHp1Axq4e3+k8jXU5K0VLbNvedv1f4EWtBonDIZm0NUr+jCcA=="; + }; + }; + "yargs-parser-20.2.4" = { + name = "yargs-parser"; + packageName = "yargs-parser"; + version = "20.2.4"; + src = fetchurl { + url = "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.4.tgz"; + sha512 = "WOkpgNhPTlE73h4VFAFsOnomJVaovO8VqLDzy5saChRBFQFBoMYirowyW+Q9HB4HFF4Z7VZTiG3iSzJJA29yRA=="; + }; + }; + "yargs-parser-21.1.1" = { + name = "yargs-parser"; + packageName = "yargs-parser"; + version = "21.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz"; + sha512 = "tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw=="; + }; + }; + "yargs-parser-5.0.1" = { + name = "yargs-parser"; + packageName = "yargs-parser"; + version = "5.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/yargs-parser/-/yargs-parser-5.0.1.tgz"; + sha512 = "wpav5XYiddjXxirPoCTUPbqM0PXvJ9hiBMvuJgInvo4/lAOTZzUprArw17q2O1P2+GHhbBr18/iQwjL5Z9BqfA=="; + }; + }; + "yargs-unparser-2.0.0" = { + name = "yargs-unparser"; + packageName = "yargs-unparser"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/yargs-unparser/-/yargs-unparser-2.0.0.tgz"; + sha512 = "7pRTIA9Qc1caZ0bZ6RYRGbHJthJWuakf+WmHK0rVeLkNrrGhfoabBNdue6kdINI6r4if7ocq9aD/n7xwKOdzOA=="; + }; + }; + "yauzl-2.10.0" = { + name = "yauzl"; + packageName = "yauzl"; + version = "2.10.0"; + src = fetchurl { + url = "https://registry.npmjs.org/yauzl/-/yauzl-2.10.0.tgz"; + sha512 = "p4a9I6X6nu6IhoGmBqAcbJy1mlC4j27vEPZX9F4L4/vZT3Lyq1VkFHw/V/PUcB9Buo+DG3iHkT0x3Qya58zc3g=="; + }; + }; + "yocto-queue-0.1.0" = { + name = "yocto-queue"; + packageName = "yocto-queue"; + version = "0.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz"; + sha512 = "rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q=="; + }; + }; + }; +in +{ + "onlykey-git+https://github.com/trustcrypto/OnlyKey-App.git#v5.5.0" = nodeEnv.buildNodePackage { + name = "OnlyKey"; + packageName = "OnlyKey"; + version = "5.5.0"; + src = fetchgit { + url = "https://github.com/trustcrypto/OnlyKey-App.git"; + rev = "5401c2966638d04c19035fff85e95bfd3bce5511"; + sha256 = "f0c49dafe8210813de1a9eb7622d53fa0c84c17384516defaa2f42ac29a8cebc"; + }; + dependencies = [ + sources."@eslint-community/eslint-utils-4.4.0" + sources."@eslint-community/regexpp-4.5.1" + sources."@eslint/eslintrc-2.0.3" + sources."@eslint/js-8.42.0" + (sources."@gulp-sourcemaps/identity-map-2.0.1" // { + dependencies = [ + sources."acorn-6.4.2" + sources."source-map-0.6.1" + sources."through2-3.0.2" + ]; + }) + (sources."@gulp-sourcemaps/map-sources-1.0.0" // { + dependencies = [ + sources."normalize-path-2.1.1" + ]; + }) + sources."@humanwhocodes/config-array-0.11.10" + sources."@humanwhocodes/module-importer-1.0.1" + sources."@humanwhocodes/object-schema-1.2.1" + sources."@nodelib/fs.scandir-2.1.5" + sources."@nodelib/fs.stat-2.0.5" + sources."@nodelib/fs.walk-1.2.8" + sources."abbrev-1.1.1" + sources."acorn-8.8.2" + sources."acorn-jsx-5.3.2" + sources."ajv-6.12.6" + sources."ansi-colors-1.1.0" + sources."ansi-gray-0.1.1" + sources."ansi-regex-2.1.1" + sources."ansi-styles-2.2.1" + sources."ansi-wrap-0.1.0" + (sources."anymatch-2.0.0" // { + dependencies = [ + sources."normalize-path-2.1.1" + ]; + }) + sources."append-buffer-1.0.2" + sources."applescript-1.0.0" + sources."archy-1.0.0" + sources."argparse-2.0.1" + sources."arr-diff-4.0.0" + sources."arr-filter-1.1.2" + sources."arr-flatten-1.1.0" + sources."arr-map-2.0.2" + sources."arr-union-3.1.0" + sources."array-each-1.0.1" + (sources."array-initial-1.1.0" // { + dependencies = [ + sources."is-number-4.0.0" + ]; + }) + (sources."array-last-1.3.0" // { + dependencies = [ + sources."is-number-4.0.0" + ]; + }) + sources."array-slice-1.1.0" + (sources."array-sort-1.0.0" // { + dependencies = [ + sources."kind-of-5.1.0" + ]; + }) + sources."array-unique-0.3.2" + sources."asn1-0.2.6" + sources."assert-plus-1.0.0" + sources."assertion-error-1.1.0" + sources."assign-symbols-1.0.0" + sources."async-done-1.3.2" + sources."async-each-1.0.6" + sources."async-settle-1.0.0" + sources."asynckit-0.4.0" + sources."atob-2.1.2" + sources."auto-launch-5.0.6" + sources."aws-sign2-0.7.0" + sources."aws4-1.12.0" + sources."bach-1.2.0" + sources."balanced-match-1.0.2" + (sources."base-0.11.2" // { + dependencies = [ + sources."define-property-1.0.0" + ]; + }) + sources."base64-js-1.5.1" + sources."bcrypt-pbkdf-1.0.2" + sources."binary-0.3.0" + sources."binary-extensions-1.13.1" + sources."bindings-1.5.0" + sources."bl-1.2.3" + sources."brace-expansion-1.1.11" + (sources."braces-2.3.2" // { + dependencies = [ + sources."extend-shallow-2.0.1" + ]; + }) + sources."browser-stdout-1.3.1" + sources."buffer-5.7.1" + sources."buffer-alloc-1.2.0" + sources."buffer-alloc-unsafe-1.1.0" + sources."buffer-crc32-0.2.13" + sources."buffer-equal-1.0.1" + sources."buffer-fill-1.0.0" + sources."buffer-from-1.1.2" + sources."buffers-0.1.1" + sources."bufferutil-4.0.7" + sources."cache-base-1.0.1" + sources."call-bind-1.0.2" + sources."callsites-3.1.0" + sources."camelcase-2.1.1" + sources."capture-stack-trace-1.0.2" + sources."caseless-0.12.0" + sources."caw-2.0.1" + sources."chai-4.3.7" + sources."chai-as-promised-7.1.1" + sources."chainsaw-0.1.0" + sources."chalk-1.1.3" + sources."check-error-1.0.2" + (sources."chokidar-2.1.8" // { + dependencies = [ + (sources."glob-parent-3.1.0" // { + dependencies = [ + sources."is-glob-3.1.0" + ]; + }) + ]; + }) + (sources."class-utils-0.3.6" // { + dependencies = [ + sources."define-property-0.2.5" + (sources."is-accessor-descriptor-0.1.6" // { + dependencies = [ + sources."kind-of-3.2.2" + ]; + }) + (sources."is-data-descriptor-0.1.4" // { + dependencies = [ + sources."kind-of-3.2.2" + ]; + }) + sources."is-descriptor-0.1.6" + sources."kind-of-5.1.0" + ]; + }) + sources."cliui-3.2.0" + sources."clone-2.1.2" + sources."clone-buffer-1.0.0" + sources."clone-stats-1.0.0" + sources."cloneable-readable-1.1.3" + sources."code-point-at-1.1.0" + sources."collection-map-1.0.0" + sources."collection-visit-1.0.0" + sources."color-convert-2.0.1" + sources."color-name-1.1.4" + sources."color-support-1.1.3" + sources."combined-stream-1.0.8" + sources."commander-2.20.3" + sources."component-emitter-1.3.0" + sources."concat-map-0.0.1" + sources."concat-stream-1.6.2" + sources."config-chain-1.1.13" + sources."convert-source-map-1.9.0" + sources."copy-descriptor-0.1.1" + (sources."copy-props-2.0.5" // { + dependencies = [ + sources."is-plain-object-5.0.0" + ]; + }) + sources."core-util-is-1.0.3" + sources."create-error-class-3.0.2" + sources."cross-spawn-7.0.3" + (sources."css-3.0.0" // { + dependencies = [ + sources."source-map-0.6.1" + sources."source-map-resolve-0.6.0" + ]; + }) + sources."d-1.0.1" + sources."dashdash-1.14.1" + sources."debounce-1.2.1" + sources."debug-4.3.4" + (sources."debug-fabulous-1.1.0" // { + dependencies = [ + sources."debug-3.2.7" + ]; + }) + sources."decamelize-1.2.0" + sources."decode-uri-component-0.2.2" + sources."decompress-4.2.1" + sources."decompress-tar-4.1.1" + (sources."decompress-tarbz2-4.1.1" // { + dependencies = [ + sources."file-type-6.2.0" + ]; + }) + sources."decompress-targz-4.1.1" + (sources."decompress-unzip-4.0.1" // { + dependencies = [ + sources."file-type-3.9.0" + ]; + }) + (sources."decompress-zip-0.3.3" // { + dependencies = [ + sources."isarray-0.0.1" + sources."readable-stream-1.1.14" + sources."string_decoder-0.10.31" + ]; + }) + sources."deep-eql-4.1.3" + sources."deep-is-0.1.4" + (sources."default-compare-1.0.0" // { + dependencies = [ + sources."kind-of-5.1.0" + ]; + }) + sources."default-resolution-2.0.0" + sources."define-properties-1.2.0" + sources."define-property-2.0.2" + sources."delayed-stream-1.0.0" + sources."detect-file-1.0.0" + sources."detect-newline-2.1.0" + sources."diff-5.0.0" + sources."doctrine-3.0.0" + (sources."download-5.0.3" // { + dependencies = [ + sources."get-stream-3.0.0" + ]; + }) + sources."duplexer3-0.1.5" + sources."duplexify-3.7.1" + sources."each-props-1.3.2" + sources."ecc-jsbn-0.1.2" + sources."emoji-regex-8.0.0" + sources."end-of-stream-1.4.4" + sources."error-ex-1.3.2" + sources."es5-ext-0.10.62" + sources."es6-iterator-2.0.3" + sources."es6-symbol-3.1.3" + sources."es6-weak-map-2.0.3" + sources."escalade-3.1.1" + sources."escape-string-regexp-1.0.5" + (sources."eslint-8.42.0" // { + dependencies = [ + sources."ansi-regex-5.0.1" + sources."ansi-styles-4.3.0" + sources."chalk-4.1.2" + sources."escape-string-regexp-4.0.0" + sources."strip-ansi-6.0.1" + sources."supports-color-7.2.0" + ]; + }) + sources."eslint-scope-7.2.0" + sources."eslint-visitor-keys-3.4.1" + sources."espree-9.5.2" + sources."esquery-1.5.0" + sources."esrecurse-4.3.0" + sources."estraverse-5.3.0" + sources."esutils-2.0.3" + sources."event-emitter-0.3.5" + (sources."expand-brackets-2.1.4" // { + dependencies = [ + sources."debug-2.6.9" + sources."define-property-0.2.5" + sources."extend-shallow-2.0.1" + (sources."is-accessor-descriptor-0.1.6" // { + dependencies = [ + sources."kind-of-3.2.2" + ]; + }) + (sources."is-data-descriptor-0.1.4" // { + dependencies = [ + sources."kind-of-3.2.2" + ]; + }) + sources."is-descriptor-0.1.6" + sources."kind-of-5.1.0" + sources."ms-2.0.0" + ]; + }) + (sources."expand-range-1.8.2" // { + dependencies = [ + sources."fill-range-2.2.4" + sources."is-number-2.1.0" + sources."isobject-2.1.0" + sources."kind-of-3.2.2" + ]; + }) + sources."expand-tilde-2.0.2" + (sources."ext-1.7.0" // { + dependencies = [ + sources."type-2.7.2" + ]; + }) + sources."extend-3.0.2" + (sources."extend-shallow-3.0.2" // { + dependencies = [ + sources."is-extendable-1.0.1" + ]; + }) + (sources."extglob-2.0.4" // { + dependencies = [ + sources."define-property-1.0.0" + sources."extend-shallow-2.0.1" + ]; + }) + sources."extsprintf-1.3.0" + sources."fancy-log-1.3.3" + sources."fast-deep-equal-3.1.3" + sources."fast-json-stable-stringify-2.1.0" + sources."fast-levenshtein-2.0.6" + sources."fastq-1.15.0" + sources."fd-slicer-1.1.0" + sources."file-entry-cache-6.0.1" + sources."file-exists-2.0.0" + sources."file-type-5.2.0" + sources."file-uri-to-path-1.0.0" + sources."filename-regex-2.0.1" + sources."filename-reserved-regex-2.0.0" + sources."filenamify-2.1.0" + (sources."fill-range-4.0.0" // { + dependencies = [ + sources."extend-shallow-2.0.1" + ]; + }) + sources."find-up-5.0.0" + sources."findup-sync-3.0.0" + sources."fined-1.2.0" + sources."flagged-respawn-1.0.1" + sources."flat-5.0.2" + (sources."flat-cache-3.0.4" // { + dependencies = [ + sources."rimraf-3.0.2" + ]; + }) + sources."flatted-3.2.7" + sources."flush-write-stream-1.1.1" + sources."for-in-1.0.2" + sources."for-own-1.0.0" + sources."forever-agent-0.6.1" + sources."form-data-2.3.3" + sources."fragment-cache-0.2.1" + sources."fs-constants-1.0.0" + sources."fs-extra-7.0.1" + (sources."fs-jetpack-5.1.0" // { + dependencies = [ + sources."brace-expansion-2.0.1" + sources."minimatch-5.1.6" + ]; + }) + sources."fs-mkdirp-stream-1.0.0" + sources."fs.realpath-1.0.0" + sources."fsevents-1.2.13" + sources."function-bind-1.1.1" + sources."get-caller-file-1.0.3" + sources."get-func-name-2.0.0" + sources."get-intrinsic-1.2.1" + sources."get-proxy-2.1.0" + sources."get-stream-2.3.1" + sources."get-value-2.0.6" + sources."getpass-0.1.7" + sources."glob-7.2.3" + (sources."glob-base-0.3.0" // { + dependencies = [ + sources."glob-parent-2.0.0" + sources."is-extglob-1.0.0" + sources."is-glob-2.0.1" + ]; + }) + sources."glob-parent-6.0.2" + (sources."glob-stream-6.1.0" // { + dependencies = [ + sources."glob-parent-3.1.0" + sources."is-glob-3.1.0" + ]; + }) + sources."glob-watcher-5.0.5" + sources."global-modules-1.0.0" + (sources."global-prefix-1.0.2" // { + dependencies = [ + sources."which-1.3.1" + ]; + }) + sources."globals-13.20.0" + sources."glogg-1.0.2" + (sources."got-6.7.1" // { + dependencies = [ + sources."get-stream-3.0.0" + ]; + }) + sources."graceful-fs-4.2.11" + sources."graphemer-1.4.0" + sources."gulp-4.0.2" + (sources."gulp-cli-2.3.0" // { + dependencies = [ + sources."camelcase-3.0.0" + sources."yargs-7.1.2" + ]; + }) + (sources."gulp-sourcemaps-3.0.0" // { + dependencies = [ + sources."acorn-6.4.2" + sources."source-map-0.6.1" + ]; + }) + sources."gulplog-1.0.0" + sources."har-schema-2.0.0" + sources."har-validator-5.1.5" + sources."has-1.0.3" + sources."has-ansi-2.0.0" + sources."has-flag-4.0.0" + sources."has-property-descriptors-1.0.0" + sources."has-proto-1.0.1" + sources."has-symbol-support-x-1.4.2" + sources."has-symbols-1.0.3" + sources."has-to-string-tag-x-1.4.1" + sources."has-value-1.0.0" + (sources."has-values-1.0.0" // { + dependencies = [ + sources."kind-of-4.0.0" + ]; + }) + sources."he-1.2.0" + sources."homedir-polyfill-1.0.3" + sources."hosted-git-info-2.8.9" + sources."http-signature-1.2.0" + sources."ieee754-1.2.1" + sources."ignore-5.2.4" + sources."immediate-3.0.6" + sources."import-fresh-3.3.0" + sources."imurmurhash-0.1.4" + sources."inflight-1.0.6" + sources."inherits-2.0.4" + sources."ini-1.3.8" + sources."interpret-1.4.0" + sources."invert-kv-1.0.0" + sources."is-absolute-1.0.0" + sources."is-accessor-descriptor-1.0.0" + sources."is-arrayish-0.2.1" + sources."is-binary-path-1.0.1" + sources."is-buffer-1.1.6" + sources."is-core-module-2.12.1" + sources."is-data-descriptor-1.0.0" + sources."is-descriptor-1.0.2" + sources."is-dotfile-1.0.3" + sources."is-equal-shallow-0.1.3" + sources."is-extendable-0.1.1" + sources."is-extglob-2.1.1" + sources."is-fullwidth-code-point-1.0.0" + sources."is-glob-4.0.3" + sources."is-natural-number-4.0.1" + sources."is-negated-glob-1.0.0" + (sources."is-number-3.0.0" // { + dependencies = [ + sources."kind-of-3.2.2" + ]; + }) + sources."is-object-1.0.2" + sources."is-path-inside-3.0.3" + sources."is-plain-obj-2.1.0" + sources."is-plain-object-2.0.4" + sources."is-posix-bracket-0.1.1" + sources."is-primitive-2.0.0" + sources."is-promise-2.2.2" + sources."is-redirect-1.0.0" + sources."is-relative-1.0.0" + sources."is-retry-allowed-1.2.0" + sources."is-stream-1.1.0" + sources."is-typedarray-1.0.0" + sources."is-unc-path-1.0.0" + sources."is-unicode-supported-0.1.0" + sources."is-utf8-0.2.1" + sources."is-valid-glob-1.0.0" + sources."is-windows-1.0.2" + sources."isarray-1.0.0" + sources."isexe-2.0.0" + sources."isobject-3.0.1" + sources."isstream-0.1.2" + sources."isurl-1.0.0" + sources."js-sha256-0.9.0" + sources."js-yaml-4.1.0" + sources."jsbn-0.1.1" + sources."json-11.0.0" + sources."json-schema-0.4.0" + sources."json-schema-traverse-0.4.1" + sources."json-stable-stringify-without-jsonify-1.0.1" + sources."json-stringify-safe-5.0.1" + sources."jsonfile-4.0.0" + sources."jsprim-1.4.2" + sources."jszip-3.10.1" + sources."just-debounce-1.1.0" + sources."kind-of-6.0.3" + sources."last-run-1.1.1" + sources."lazystream-1.0.1" + sources."lcid-1.0.0" + sources."lead-1.0.0" + sources."levn-0.4.1" + sources."lie-3.3.0" + sources."liftoff-3.1.0" + sources."load-json-file-1.1.0" + sources."locate-path-6.0.0" + sources."lodash.merge-4.6.2" + (sources."log-symbols-4.1.0" // { + dependencies = [ + sources."ansi-styles-4.3.0" + sources."chalk-4.1.2" + sources."supports-color-7.2.0" + ]; + }) + sources."loupe-2.3.6" + sources."lowercase-keys-1.0.1" + sources."lru-queue-0.1.0" + (sources."make-dir-1.3.0" // { + dependencies = [ + sources."pify-3.0.0" + ]; + }) + sources."make-iterator-1.0.1" + sources."map-cache-0.2.2" + sources."map-visit-1.0.0" + (sources."matchdep-2.0.0" // { + dependencies = [ + sources."findup-sync-2.0.0" + sources."is-glob-3.1.0" + ]; + }) + sources."math-random-1.0.4" + sources."memoizee-0.4.15" + sources."merge-1.2.1" + sources."micromatch-3.1.10" + sources."mime-db-1.52.0" + sources."mime-types-2.1.35" + sources."minimatch-3.1.2" + sources."minimist-1.2.8" + (sources."mixin-deep-1.3.2" // { + dependencies = [ + sources."is-extendable-1.0.1" + ]; + }) + sources."mkdirp-0.5.6" + sources."mkpath-0.1.0" + (sources."mocha-10.2.0" // { + dependencies = [ + sources."ansi-colors-4.1.1" + sources."ansi-regex-5.0.1" + sources."ansi-styles-4.3.0" + sources."anymatch-3.1.3" + sources."binary-extensions-2.2.0" + sources."brace-expansion-2.0.1" + sources."braces-3.0.2" + sources."chokidar-3.5.3" + sources."cliui-7.0.4" + sources."escape-string-regexp-4.0.0" + sources."fill-range-7.0.1" + sources."fsevents-2.3.2" + sources."get-caller-file-2.0.5" + (sources."glob-7.2.0" // { + dependencies = [ + sources."minimatch-3.1.2" + ]; + }) + sources."glob-parent-5.1.2" + sources."is-binary-path-2.1.0" + sources."is-fullwidth-code-point-3.0.0" + sources."is-number-7.0.0" + sources."minimatch-5.0.1" + sources."ms-2.1.3" + sources."readdirp-3.6.0" + sources."string-width-4.2.3" + sources."strip-ansi-6.0.1" + sources."supports-color-8.1.1" + sources."to-regex-range-5.0.1" + sources."wrap-ansi-7.0.0" + sources."y18n-5.0.8" + sources."yargs-16.2.0" + sources."yargs-parser-20.2.4" + ]; + }) + sources."ms-2.1.2" + sources."mute-stdout-1.0.1" + sources."nan-2.17.0" + sources."nanoid-3.3.3" + sources."nanomatch-1.2.13" + sources."natural-compare-1.4.0" + sources."next-tick-1.1.0" + sources."node-gyp-build-4.6.0" + sources."nopt-3.0.6" + sources."normalize-package-data-2.5.0" + sources."normalize-path-3.0.0" + sources."now-and-later-2.0.1" + (sources."npm-conf-1.1.3" // { + dependencies = [ + sources."pify-3.0.0" + ]; + }) + sources."number-is-nan-1.0.1" + (sources."nw-0.71.1" // { + dependencies = [ + sources."yargs-3.32.0" + ]; + }) + sources."nw-autoupdater-1.1.11" + (sources."nw-dev-3.0.1" // { + dependencies = [ + sources."anymatch-1.3.2" + sources."arr-diff-2.0.0" + sources."array-unique-0.2.1" + sources."braces-1.8.5" + sources."chokidar-1.7.0" + sources."expand-brackets-0.1.5" + sources."extglob-0.3.2" + sources."glob-parent-2.0.0" + sources."is-extglob-1.0.0" + sources."is-glob-2.0.1" + sources."kind-of-3.2.2" + sources."micromatch-2.3.11" + sources."normalize-path-2.1.1" + ]; + }) + sources."oauth-sign-0.9.0" + sources."object-assign-4.1.1" + (sources."object-copy-0.1.0" // { + dependencies = [ + sources."define-property-0.2.5" + sources."is-accessor-descriptor-0.1.6" + sources."is-data-descriptor-0.1.4" + (sources."is-descriptor-0.1.6" // { + dependencies = [ + sources."kind-of-5.1.0" + ]; + }) + sources."kind-of-3.2.2" + ]; + }) + sources."object-keys-1.1.1" + sources."object-visit-1.0.1" + sources."object.assign-4.1.4" + sources."object.defaults-1.1.0" + sources."object.map-1.0.1" + (sources."object.omit-2.0.1" // { + dependencies = [ + sources."for-own-0.1.5" + ]; + }) + sources."object.pick-1.3.0" + sources."object.reduce-1.0.1" + sources."once-1.4.0" + sources."optionator-0.9.1" + sources."ordered-read-streams-1.0.1" + sources."os-locale-1.4.0" + sources."p-limit-3.1.0" + sources."p-locate-5.0.0" + sources."pako-1.0.11" + sources."parent-module-1.0.1" + sources."parse-filepath-1.0.2" + (sources."parse-glob-3.0.4" // { + dependencies = [ + sources."is-extglob-1.0.0" + sources."is-glob-2.0.1" + ]; + }) + sources."parse-json-2.2.0" + sources."parse-node-version-1.0.1" + sources."parse-passwd-1.0.0" + sources."pascalcase-0.1.1" + sources."path-dirname-1.0.2" + sources."path-exists-4.0.0" + sources."path-is-absolute-1.0.1" + sources."path-key-3.1.1" + sources."path-parse-1.0.7" + sources."path-root-0.1.1" + sources."path-root-regex-0.1.2" + sources."path-type-1.1.0" + sources."pathval-1.1.1" + sources."pend-1.2.0" + sources."performance-now-2.1.0" + sources."picocolors-0.2.1" + sources."picomatch-2.3.1" + sources."pify-2.3.0" + sources."pinkie-2.0.4" + sources."pinkie-promise-2.0.1" + sources."posix-character-classes-0.1.1" + (sources."postcss-7.0.39" // { + dependencies = [ + sources."source-map-0.6.1" + ]; + }) + sources."prelude-ls-1.2.1" + sources."prepend-http-1.0.4" + sources."preserve-0.2.0" + sources."pretty-hrtime-1.0.3" + sources."process-nextick-args-2.0.1" + sources."progress-2.0.3" + sources."proto-list-1.2.4" + sources."psl-1.9.0" + sources."pump-2.0.1" + sources."pumpify-1.5.1" + sources."punycode-2.3.0" + sources."q-1.5.1" + sources."qs-6.5.3" + sources."queue-microtask-1.2.3" + (sources."randomatic-3.1.1" // { + dependencies = [ + sources."is-number-4.0.0" + ]; + }) + sources."randombytes-2.1.0" + sources."read-pkg-1.1.0" + (sources."read-pkg-up-1.0.1" // { + dependencies = [ + sources."find-up-1.1.2" + sources."path-exists-2.1.0" + ]; + }) + (sources."readable-stream-2.3.8" // { + dependencies = [ + sources."safe-buffer-5.1.2" + ]; + }) + sources."readdirp-2.2.1" + sources."rechoir-0.6.2" + sources."regex-cache-0.4.4" + sources."regex-not-1.0.2" + sources."remove-bom-buffer-3.0.0" + sources."remove-bom-stream-1.2.0" + sources."remove-trailing-separator-1.1.0" + sources."repeat-element-1.1.4" + sources."repeat-string-1.6.1" + sources."replace-ext-1.0.1" + sources."replace-homedir-1.0.0" + sources."request-2.88.2" + sources."require-directory-2.1.1" + sources."require-main-filename-1.0.1" + sources."resolve-1.22.3" + sources."resolve-dir-1.0.1" + sources."resolve-from-4.0.0" + sources."resolve-options-1.1.0" + sources."resolve-url-0.2.1" + sources."ret-0.1.15" + sources."reusify-1.0.4" + sources."rimraf-2.7.1" + sources."run-parallel-1.2.0" + sources."safe-buffer-5.2.1" + sources."safe-regex-1.1.0" + sources."safer-buffer-2.1.2" + sources."seek-bzip-1.0.6" + sources."selenium-webdriver-4.9.2" + sources."semver-5.7.1" + sources."semver-greatest-satisfied-range-1.1.0" + sources."serialize-javascript-6.0.0" + sources."set-blocking-2.0.0" + (sources."set-value-2.0.1" // { + dependencies = [ + sources."extend-shallow-2.0.1" + ]; + }) + sources."setimmediate-1.0.5" + sources."shebang-command-2.0.0" + sources."shebang-regex-3.0.0" + (sources."snapdragon-0.8.2" // { + dependencies = [ + sources."debug-2.6.9" + sources."define-property-0.2.5" + sources."extend-shallow-2.0.1" + (sources."is-accessor-descriptor-0.1.6" // { + dependencies = [ + sources."kind-of-3.2.2" + ]; + }) + (sources."is-data-descriptor-0.1.4" // { + dependencies = [ + sources."kind-of-3.2.2" + ]; + }) + sources."is-descriptor-0.1.6" + sources."kind-of-5.1.0" + sources."ms-2.0.0" + ]; + }) + (sources."snapdragon-node-2.1.1" // { + dependencies = [ + sources."define-property-1.0.0" + ]; + }) + (sources."snapdragon-util-3.0.1" // { + dependencies = [ + sources."kind-of-3.2.2" + ]; + }) + sources."source-map-0.5.7" + sources."source-map-resolve-0.5.3" + sources."source-map-url-0.4.1" + sources."sparkles-1.0.1" + sources."spdx-correct-3.2.0" + sources."spdx-exceptions-2.3.0" + sources."spdx-expression-parse-3.0.1" + sources."spdx-license-ids-3.0.13" + sources."split-string-3.1.0" + sources."sshpk-1.17.0" + sources."stack-trace-0.0.10" + (sources."static-extend-0.1.2" // { + dependencies = [ + sources."define-property-0.2.5" + (sources."is-accessor-descriptor-0.1.6" // { + dependencies = [ + sources."kind-of-3.2.2" + ]; + }) + (sources."is-data-descriptor-0.1.4" // { + dependencies = [ + sources."kind-of-3.2.2" + ]; + }) + sources."is-descriptor-0.1.6" + sources."kind-of-5.1.0" + ]; + }) + sources."stream-exhaust-1.0.2" + sources."stream-shift-1.0.1" + sources."string-width-1.0.2" + (sources."string_decoder-1.1.1" // { + dependencies = [ + sources."safe-buffer-5.1.2" + ]; + }) + sources."strip-ansi-3.0.1" + sources."strip-bom-2.0.0" + sources."strip-bom-string-1.0.0" + sources."strip-dirs-2.1.0" + sources."strip-json-comments-3.1.1" + sources."strip-outer-1.0.1" + sources."supports-color-2.0.0" + sources."supports-preserve-symlinks-flag-1.0.0" + sources."sver-compat-1.5.0" + sources."tar-stream-1.6.2" + sources."text-table-0.2.0" + sources."through-2.3.8" + sources."through2-2.0.5" + sources."through2-filter-3.0.0" + sources."time-stamp-1.1.0" + sources."timed-out-4.0.1" + sources."timers-ext-0.1.7" + (sources."tmp-0.2.1" // { + dependencies = [ + sources."rimraf-3.0.2" + ]; + }) + sources."to-absolute-glob-2.0.2" + sources."to-buffer-1.1.1" + (sources."to-object-path-0.3.0" // { + dependencies = [ + sources."kind-of-3.2.2" + ]; + }) + sources."to-regex-3.0.2" + sources."to-regex-range-2.1.1" + sources."to-through-2.0.0" + (sources."touch-0.0.3" // { + dependencies = [ + sources."nopt-1.0.10" + ]; + }) + sources."tough-cookie-2.5.0" + sources."traverse-0.3.9" + sources."tree-kill-1.2.2" + sources."trim-repeated-1.0.0" + sources."tunnel-agent-0.6.0" + sources."tweetnacl-0.14.5" + sources."type-1.2.0" + sources."type-check-0.4.0" + sources."type-detect-4.0.8" + sources."type-fest-0.20.2" + sources."typedarray-0.0.6" + sources."unbzip2-stream-1.4.3" + sources."unc-path-regex-0.1.2" + (sources."undertaker-1.3.0" // { + dependencies = [ + sources."fast-levenshtein-1.1.4" + ]; + }) + sources."undertaker-registry-1.0.1" + sources."union-value-1.0.1" + sources."unique-stream-2.3.1" + sources."universalify-0.1.2" + (sources."unset-value-1.0.0" // { + dependencies = [ + (sources."has-value-0.3.1" // { + dependencies = [ + sources."isobject-2.1.0" + ]; + }) + sources."has-values-0.1.4" + ]; + }) + sources."untildify-3.0.3" + sources."unzip-response-2.0.1" + sources."upath-1.2.0" + sources."uri-js-4.4.1" + sources."urix-0.1.0" + sources."url-parse-lax-1.0.0" + sources."url-to-options-1.0.1" + sources."use-3.1.1" + sources."utf-8-validate-6.0.3" + sources."util-deprecate-1.0.2" + sources."uuid-3.4.0" + sources."v8flags-3.2.0" + sources."validate-npm-package-license-3.0.4" + sources."value-or-function-3.0.0" + (sources."verror-1.10.0" // { + dependencies = [ + sources."core-util-is-1.0.2" + ]; + }) + sources."vinyl-2.2.1" + sources."vinyl-fs-3.0.3" + (sources."vinyl-sourcemap-1.1.0" // { + dependencies = [ + sources."normalize-path-2.1.1" + ]; + }) + sources."which-2.0.2" + sources."which-module-1.0.0" + sources."window-size-0.1.4" + sources."winreg-1.2.4" + sources."word-wrap-1.2.3" + sources."workerpool-6.2.1" + sources."wrap-ansi-2.1.0" + sources."wrappy-1.0.2" + sources."ws-8.13.0" + sources."xtend-4.0.2" + sources."y18n-3.2.2" + (sources."yargs-17.7.2" // { + dependencies = [ + sources."ansi-regex-5.0.1" + sources."ansi-styles-4.3.0" + sources."cliui-8.0.1" + sources."get-caller-file-2.0.5" + sources."is-fullwidth-code-point-3.0.0" + sources."string-width-4.2.3" + sources."strip-ansi-6.0.1" + sources."wrap-ansi-7.0.0" + sources."y18n-5.0.8" + sources."yargs-parser-21.1.1" + ]; + }) + (sources."yargs-parser-5.0.1" // { + dependencies = [ + sources."camelcase-3.0.0" + ]; + }) + (sources."yargs-unparser-2.0.0" // { + dependencies = [ + sources."camelcase-6.3.0" + sources."decamelize-4.0.0" + ]; + }) + sources."yauzl-2.10.0" + sources."yocto-queue-0.1.0" + ]; + buildInputs = globalBuildInputs; + meta = { + description = "Setup and configure OnlyKey"; + homepage = "https://github.com/trustcrypto/OnlyKey-App#readme"; + license = "Apache-2.0"; + }; + production = false; + bypassCache = true; + reconstructLock = true; + }; +} diff --git a/nixpkgs/pkgs/tools/security/onlykey/onlykey.nix b/nixpkgs/pkgs/tools/security/onlykey/onlykey.nix new file mode 100644 index 000000000000..22e8b6260737 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/onlykey/onlykey.nix @@ -0,0 +1,17 @@ +# This file has been generated by node2nix 1.11.1. Do not edit! + +{pkgs ? import <nixpkgs> { + inherit system; + }, system ? builtins.currentSystem, nodejs ? pkgs.nodejs_18}: + +let + nodeEnv = import ../../../development/node-packages/node-env.nix { + inherit (pkgs) stdenv lib python2 runCommand writeTextFile writeShellScript; + inherit pkgs nodejs; + libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null; + }; +in +import ./node-packages.nix { + inherit (pkgs) fetchurl nix-gitignore stdenv lib fetchgit; + inherit nodeEnv; +} diff --git a/nixpkgs/pkgs/tools/security/onlykey/package.json b/nixpkgs/pkgs/tools/security/onlykey/package.json new file mode 100644 index 000000000000..a629a4d7d495 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/onlykey/package.json @@ -0,0 +1,3 @@ +[ + {"onlykey": "git+https://github.com/trustcrypto/OnlyKey-App.git#v5.5.0"} +] diff --git a/nixpkgs/pkgs/tools/security/open-ecard/default.nix b/nixpkgs/pkgs/tools/security/open-ecard/default.nix new file mode 100644 index 000000000000..e8afdf6bf8c0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/open-ecard/default.nix @@ -0,0 +1,64 @@ +{ lib, stdenv, fetchurl, jre, pcsclite, makeDesktopItem, makeWrapper }: + +let + version = "1.2.4"; + srcs = { + richclient = fetchurl { + url = "https://jnlp.openecard.org/richclient-${version}-20171212-0958.jar"; + sha256 = "1ckhyhszp4zhfb5mn67lz603b55z814jh0sz0q5hriqzx017j7nr"; + }; + cifs = fetchurl { + url = "https://jnlp.openecard.org/cifs-${version}-20171212-0958.jar"; + sha256 = "0rc862lx3y6sw87r1v5xjmqqpysyr1x6yqhycqmcdrwz0j3wykrr"; + }; + logo = fetchurl { + url = "https://raw.githubusercontent.com/ecsec/open-ecard/1.2.3/gui/graphics/src/main/ext/oec_logo_bg-transparent.svg"; + sha256 = "0rpmyv10vjx2yfpm03mqliygcww8af2wnrnrppmsazdplksaxkhs"; + }; + }; +in stdenv.mkDerivation rec { + pname = "open-ecard"; + inherit version; + + src = srcs.richclient; + + dontUnpack = true; + + nativeBuildInputs = [ makeWrapper ]; + + desktopItem = makeDesktopItem { + name = pname; + desktopName = "Open eCard App"; + genericName = "eCard App"; + comment = "Client side implementation of the eCard-API-Framework"; + icon = "oec_logo_bg-transparent.svg"; + exec = pname; + categories = [ "Utility" "Security" ]; + }; + + installPhase = '' + mkdir -p $out/share/java + cp ${srcs.richclient} $out/share/java/richclient-${version}.jar + cp ${srcs.cifs} $out/share/java/cifs-${version}.jar + + mkdir -p $out/share/applications $out/share/pixmaps + cp $desktopItem/share/applications/* $out/share/applications + cp ${srcs.logo} $out/share/pixmaps/oec_logo_bg-transparent.svg + + mkdir -p $out/bin + makeWrapper ${jre}/bin/java $out/bin/${pname} \ + --add-flags "-cp $out/share/java/cifs-${version}.jar" \ + --add-flags "-jar $out/share/java/richclient-${version}.jar" \ + --suffix LD_LIBRARY_PATH ':' ${lib.getLib pcsclite}/lib + ''; + + meta = with lib; { + description = "Client side implementation of the eCard-API-Framework (BSI + TR-03112) and related international standards, such as ISO/IEC 24727"; + homepage = "https://www.openecard.org/"; + sourceProvenance = with sourceTypes; [ binaryBytecode ]; + license = licenses.gpl3; + maintainers = with maintainers; [ sephalon ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/opencryptoki/default.nix b/nixpkgs/pkgs/tools/security/opencryptoki/default.nix new file mode 100644 index 000000000000..056c379ac68f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/opencryptoki/default.nix @@ -0,0 +1,63 @@ +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, bison +, flex +, openldap +, openssl +, trousers +}: + +stdenv.mkDerivation rec { + pname = "opencryptoki"; + version = "3.20.0"; + + src = fetchFromGitHub { + owner = "opencryptoki"; + repo = "opencryptoki"; + rev = "v${version}"; + hash = "sha256-Z11CDw9ykmJ7MI7I0H4Y/i+8/I+hRgC2frklYPP1di0="; + }; + + nativeBuildInputs = [ + autoreconfHook + bison + flex + ]; + + buildInputs = [ + openldap + openssl + trousers + ]; + + postPatch = '' + substituteInPlace configure.ac \ + --replace "usermod" "true" \ + --replace "groupadd" "true" \ + --replace "chmod" "true" \ + --replace "chgrp" "true" + ''; + + configureFlags = [ + "--prefix=" + "--disable-ccatok" + "--disable-icatok" + ]; + + enableParallelBuilding = true; + + installFlags = [ + "DESTDIR=${placeholder "out"}" + ]; + + meta = with lib; { + changelog = "https://github.com/opencryptoki/opencryptoki/blob/${src.rev}/ChangeLog"; + description = "PKCS#11 implementation for Linux"; + homepage = "https://github.com/opencryptoki/opencryptoki"; + license = licenses.cpl10; + maintainers = [ ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/openpgp-card-tools/default.nix b/nixpkgs/pkgs/tools/security/openpgp-card-tools/default.nix new file mode 100644 index 000000000000..38f814bbd2e2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/openpgp-card-tools/default.nix @@ -0,0 +1,43 @@ +{ lib +, stdenv +, rustPlatform +, fetchFromGitea +, pkg-config +, pcsclite +, nettle +, PCSC +, testers +, openpgp-card-tools +}: + +rustPlatform.buildRustPackage rec { + pname = "openpgp-card-tools"; + version = "0.9.5"; + + src = fetchFromGitea { + domain = "codeberg.org"; + owner = "openpgp-card"; + repo = "openpgp-card-tools"; + rev = "v${version}"; + hash = "sha256-VD0eDq+lfeAu2gY9VZfz2ola3+CJCWerTEaGivpILyo="; + }; + + cargoHash = "sha256-tfawWfwsdWUOimd97b059HXt83ew6KBouI2MdGN8Knc="; + + nativeBuildInputs = [ pkg-config rustPlatform.bindgenHook ]; + buildInputs = [ pcsclite nettle ] ++ lib.optionals stdenv.isDarwin [ PCSC ]; + + passthru = { + tests.version = testers.testVersion { + package = openpgp-card-tools; + }; + }; + + meta = with lib; { + description = "CLI tools for OpenPGP cards"; + homepage = "https://gitlab.com/openpgp-card/openpgp-card"; + license = with licenses ;[ asl20 /* OR */ mit ]; + maintainers = with maintainers; [ nickcao ]; + mainProgram = "opgpcard"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/openrisk/default.nix b/nixpkgs/pkgs/tools/security/openrisk/default.nix new file mode 100644 index 000000000000..fc8475ca71a2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/openrisk/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "openrisk"; + version = "0.0.1"; + + src = fetchFromGitHub { + owner = "projectdiscovery"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-8DGwNoucLpdazf9r4PZrN4DEOMpTr5U7tal2Rab92pA="; + }; + + vendorHash = "sha256-BLowqqlMLDtsthS4uKeycmtG7vASG25CARGpUcuibcw="; + + meta = with lib; { + description = "Tool that generates an AI-based risk score"; + homepage = "https://github.com/projectdiscovery/openrisk"; + changelog = "https://github.com/projectdiscovery/openrisk/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/opensc/default.nix b/nixpkgs/pkgs/tools/security/opensc/default.nix new file mode 100644 index 000000000000..9b5b6fba8b24 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/opensc/default.nix @@ -0,0 +1,74 @@ +{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, zlib, readline, openssl +, libiconv, pcsclite, libassuan, libXt +, fetchpatch +, docbook_xsl, libxslt, docbook_xml_dtd_412 +, Carbon, PCSC, buildPackages +, withApplePCSC ? stdenv.isDarwin +}: + +stdenv.mkDerivation rec { + pname = "opensc"; + version = "0.23.0"; + + src = fetchFromGitHub { + owner = "OpenSC"; + repo = "OpenSC"; + rev = version; + sha256 = "sha256-Yo8dwk7+d6q+hi7DmJ0GJM6/pmiDOiyEm/tEBSbCU8k="; + }; + + patches = [ + (fetchpatch { + name = "CVE-2023-2977.patch"; + url = "https://github.com/OpenSC/OpenSC/commit/81944d1529202bd28359bede57c0a15deb65ba8a.patch"; + hash = "sha256-rCeYYKPtv3pii5zgDP5x9Kl2r98p3uxyBSCYlPJZR/s="; + }) + ]; + + nativeBuildInputs = [ pkg-config autoreconfHook ]; + buildInputs = [ + zlib readline openssl libassuan + libXt libxslt libiconv docbook_xml_dtd_412 + ] + ++ lib.optional stdenv.isDarwin Carbon + ++ (if withApplePCSC then [ PCSC ] else [ pcsclite ]); + + env.NIX_CFLAGS_COMPILE = "-Wno-error"; + + configureFlags = [ + "--enable-zlib" + "--enable-readline" + "--enable-openssl" + "--enable-pcsc" + "--enable-sm" + "--enable-man" + "--enable-doc" + "--localstatedir=/var" + "--sysconfdir=/etc" + "--with-xsl-stylesheetsdir=${docbook_xsl}/xml/xsl/docbook" + "--with-pcsc-provider=${ + if withApplePCSC then + "${PCSC}/Library/Frameworks/PCSC.framework/PCSC" + else + "${lib.getLib pcsclite}/lib/libpcsclite${stdenv.hostPlatform.extensions.sharedLibrary}" + }" + (lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) + "XSLTPROC=${buildPackages.libxslt}/bin/xsltproc") + ]; + + PCSC_CFLAGS = lib.optionalString withApplePCSC + "-I${PCSC}/Library/Frameworks/PCSC.framework/Headers"; + + installFlags = [ + "sysconfdir=$(out)/etc" + "completiondir=$(out)/etc" + ]; + + meta = with lib; { + description = "Set of libraries and utilities to access smart cards"; + homepage = "https://github.com/OpenSC/OpenSC/wiki"; + license = licenses.lgpl21Plus; + platforms = platforms.all; + maintainers = [ maintainers.michaeladler ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/orjail/default.nix b/nixpkgs/pkgs/tools/security/orjail/default.nix new file mode 100644 index 000000000000..adcbf5ae4f9f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/orjail/default.nix @@ -0,0 +1,55 @@ +{ lib +, stdenv +, fetchFromGitHub +, tor +, firejail +, iptables +, makeWrapper +}: + +stdenv.mkDerivation rec { + pname = "orjail"; + version = "1.1"; + + src = fetchFromGitHub { + owner = pname; + repo = pname; + rev = "v${version}"; + sha256 = "06bwqb3l7syy4c1d8xynxwakmdxvm3qfm8r834nidsknvpdckd9z"; + }; + + nativeBuildInputs = [ makeWrapper ]; + + postPatch = '' + patchShebangs make-helper.bsh + mkdir bin + mv usr/sbin/orjail bin/orjail + rm -r usr + ''; + + makeFlags = [ + "DESTDIR=${placeholder "out"}" + ]; + + postInstall = '' + # Specify binary paths: tor, firejail, iptables + # mktemp fails with /tmp path prefix, will work without it anyway + # https://github.com/orjail/orjail/issues/78 + # firejail will fail reading /etc/hosts, therefore remove --hostname arg + # https://github.com/netblue30/firejail/issues/2758 + substituteInPlace $out/bin/orjail \ + --replace ''$'TORBIN=\n' ''$'TORBIN=${tor}/bin/tor\n' \ + --replace ''$'FIREJAILBIN=\n' ''$'FIREJAILBIN=${firejail}/bin/firejail\n' \ + --replace 'iptables -' '${iptables}/bin/iptables -' \ + --replace 'mktemp /tmp/' 'mktemp ' \ + --replace '--hostname=host ' "" + ''; + + meta = with lib; { + description = "Force programs to exclusively use tor network"; + homepage = "https://github.com/orjail/orjail"; + license = licenses.wtfpl; + maintainers = with maintainers; [ onny ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ospd-openvas/default.nix b/nixpkgs/pkgs/tools/security/ospd-openvas/default.nix new file mode 100644 index 000000000000..68c6a7dba953 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ospd-openvas/default.nix @@ -0,0 +1,55 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "ospd-openvas"; + version = "22.6.1"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "greenbone"; + repo = "ospd-openvas"; + rev = "refs/tags/v${version}"; + hash = "sha256-Qm6TTS9yLqQHXsz19yJR3Ccyc+syxkrTJ7upSTXdXSE="; + }; + + pythonRelaxDeps = [ + "packaging" + "python-gnupg" + ]; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + pythonRelaxDepsHook + ]; + + propagatedBuildInputs = with python3.pkgs; [ + defusedxml + deprecated + lxml + packaging + paho-mqtt + psutil + python-gnupg + redis + sentry-sdk + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "ospd_openvas" + ]; + + meta = with lib; { + description = "OSP server implementation to allow GVM to remotely control an OpenVAS Scanner"; + homepage = "https://github.com/greenbone/ospd-openvas"; + changelog = "https://github.com/greenbone/ospd-openvas/releases/tag/v${version}"; + license = licenses.agpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ossec/default.nix b/nixpkgs/pkgs/tools/security/ossec/default.nix new file mode 100644 index 000000000000..1aa606f59274 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ossec/default.nix @@ -0,0 +1,45 @@ +{ lib, stdenv, fetchurl, which }: + +stdenv.mkDerivation rec { + pname = "ossec-client"; + version = "2.6"; + + src = fetchurl { + url = "https://www.ossec.net/files/ossec-hids-${version}.tar.gz"; + sha256 = "0k1b59wdv9h50gbyy88qw3cnpdm8hv0nrl0znm92h9a11i5b39ip"; + }; + + buildInputs = [ which ]; + + patches = [ ./no-root.patch ]; + + # Workaround build failure on -fno-common toolchains like upstream + # gcc-10. Otherwise build fails as: + # ld: src/common/mgmt/pint-worker-external.po:(.data.rel.local+0x0): multiple definition of + # `PINT_worker_external_impl'; src/common/mgmt/pint-mgmt.po:(.bss+0x20): first defined here + env.NIX_CFLAGS_COMPILE = "-fcommon"; + + buildPhase = '' + echo "en + +agent +$out +no +127.0.0.1 +yes +yes +yes + + +" | ./install.sh + ''; + + meta = with lib; { + description = "Open source host-based instrusion detection system"; + homepage = "https://www.ossec.net"; + license = licenses.gpl2; + maintainers = with maintainers; [ ]; + platforms = platforms.linux; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/ossec/no-root.patch b/nixpkgs/pkgs/tools/security/ossec/no-root.patch new file mode 100644 index 000000000000..ea6e9c54a9ae --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ossec/no-root.patch @@ -0,0 +1,176 @@ +diff -Naur ossec-hids-2.6-orig/install.sh ossec-hids-2.6/install.sh +--- ossec-hids-2.6-orig/install.sh 2011-07-11 15:36:58.000000000 -0400 ++++ ossec-hids-2.6/install.sh 2012-07-09 09:58:57.970692818 -0400 +@@ -119,14 +119,14 @@ + # Generate the /etc/ossec-init.conf + VERSION_FILE="./src/VERSION" + VERSION=`cat ${VERSION_FILE}` +- chmod 700 ${OSSEC_INIT} > /dev/null 2>&1 +- echo "DIRECTORY=\"${INSTALLDIR}\"" > ${OSSEC_INIT} +- echo "VERSION=\"${VERSION}\"" >> ${OSSEC_INIT} +- echo "DATE=\"`date`\"" >> ${OSSEC_INIT} +- echo "TYPE=\"${INSTYPE}\"" >> ${OSSEC_INIT} +- chmod 600 ${OSSEC_INIT} +- cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT} +- chmod 644 ${INSTALLDIR}${OSSEC_INIT} ++ echo chmod 700 ${OSSEC_INIT} > /dev/null 2>&1 ++ echo "DIRECTORY=\"${INSTALLDIR}\"" > ${INSTALLDIR}${OSSEC_INIT} ++ echo "VERSION=\"${VERSION}\"" >> ${INSTALLDIR}${OSSEC_INIT} ++ echo "DATE=\"`date`\"" >> ${INSTALLDIR}${OSSEC_INIT} ++ echo "TYPE=\"${INSTYPE}\"" >> ${INSTALLDIR}${OSSEC_INIT} ++ echo chmod 600 ${OSSEC_INIT} ++ echo cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT} ++ echo chmod 644 ${INSTALLDIR}${OSSEC_INIT} + + + # If update_rules is set, we need to tweak +@@ -926,11 +926,6 @@ + catError "0x1-location"; + fi + +- # Must be root +- if [ ! "X$ME" = "Xroot" ]; then +- catError "0x2-beroot"; +- fi +- + # Checking dependencies + checkDependencies + +diff -Naur ossec-hids-2.6-orig/src/InstallAgent.sh ossec-hids-2.6/src/InstallAgent.sh +--- ossec-hids-2.6-orig/src/InstallAgent.sh 2011-07-11 15:36:58.000000000 -0400 ++++ ossec-hids-2.6/src/InstallAgent.sh 2012-07-09 09:56:12.061870552 -0400 +@@ -80,7 +80,7 @@ + else + grep "^${USER}" /etc/passwd > /dev/null 2>&1 + if [ ! $? = 0 ]; then +- /usr/sbin/groupadd ${GROUP} ++ echo /usr/sbin/groupadd ${GROUP} + + # We first check if /sbin/nologin is present. If it is not, + # we look for bin/false. If none of them is present, we +@@ -93,7 +93,7 @@ + OSMYSHELL="/bin/false" + fi + fi +- /usr/sbin/useradd -d ${DIR} -s ${OSMYSHELL} -g ${GROUP} ${USER} ++ echo /usr/sbin/useradd -d ${DIR} -s ${OSMYSHELL} -g ${GROUP} ${USER} + fi + fi + +@@ -105,31 +105,31 @@ + done + + # Default for all directories +-chmod -R 550 ${DIR} +-chown -R root:${GROUP} ${DIR} ++echo chmod -R 550 ${DIR} ++echo chown -R root:${GROUP} ${DIR} + + # To the ossec queue (default for agentd to read) +-chown -R ${USER}:${GROUP} ${DIR}/queue/ossec +-chmod -R 770 ${DIR}/queue/ossec ++echo chown -R ${USER}:${GROUP} ${DIR}/queue/ossec ++echo chmod -R 770 ${DIR}/queue/ossec + + # For the logging user +-chown -R ${USER}:${GROUP} ${DIR}/logs +-chmod -R 750 ${DIR}/logs +-chmod -R 775 ${DIR}/queue/rids +-touch ${DIR}/logs/ossec.log +-chown ${USER}:${GROUP} ${DIR}/logs/ossec.log +-chmod 664 ${DIR}/logs/ossec.log +- +-chown -R ${USER}:${GROUP} ${DIR}/queue/diff +-chmod -R 750 ${DIR}/queue/diff +-chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 ++echo chown -R ${USER}:${GROUP} ${DIR}/logs ++echo chmod -R 750 ${DIR}/logs ++echo chmod -R 775 ${DIR}/queue/rids ++echo touch ${DIR}/logs/ossec.log ++echo chown ${USER}:${GROUP} ${DIR}/logs/ossec.log ++echo chmod 664 ${DIR}/logs/ossec.log ++ ++echo chown -R ${USER}:${GROUP} ${DIR}/queue/diff ++echo chmod -R 750 ${DIR}/queue/diff ++echo chmod 740 ${DIR}/queue/diff/* "> /dev/null 2>&1" + + + + + # For the etc dir +-chmod 550 ${DIR}/etc +-chown -R root:${GROUP} ${DIR}/etc ++echo chmod 550 ${DIR}/etc ++echo chown -R root:${GROUP} ${DIR}/etc + + ls /etc/localtime > /dev/null 2>&1 + if [ $? = 0 ]; then +@@ -167,25 +167,25 @@ + cp -pr ../etc/client.keys ${DIR}/etc/ > /dev/null 2>&1 + cp -pr agentlessd/scripts/* ${DIR}/agentless/ + +-chown root:${GROUP} ${DIR}/etc/internal_options.conf +-chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 +-chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1 +-chown root:${GROUP} ${DIR}/agentless/* +-chown ${USER}:${GROUP} ${DIR}/.ssh +-chown -R root:${GROUP} ${DIR}/etc/shared +- +-chmod 550 ${DIR}/etc +-chmod 440 ${DIR}/etc/internal_options.conf +-chmod 440 ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 +-chmod 440 ${DIR}/etc/client.keys > /dev/null 2>&1 +-chmod -R 770 ${DIR}/etc/shared # ossec must be able to write to it +-chmod 550 ${DIR}/agentless/* +-chmod 700 ${DIR}/.ssh ++echo chown root:${GROUP} ${DIR}/etc/internal_options.conf ++echo chown root:${GROUP} ${DIR}/etc/local_internal_options.conf "> /dev/null 2>&1" ++echo chown root:${GROUP} ${DIR}/etc/client.keys "> /dev/null 2>&1" ++echo chown root:${GROUP} ${DIR}/agentless/* ++echo chown ${USER}:${GROUP} ${DIR}/.ssh ++echo chown -R root:${GROUP} ${DIR}/etc/shared ++ ++echo chmod 550 ${DIR}/etc ++echo chmod 440 ${DIR}/etc/internal_options.conf ++echo chmod 440 ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 ++echo chmod 440 ${DIR}/etc/client.keys > /dev/null 2>&1 ++echo chmod -R 770 ${DIR}/etc/shared # ossec must be able to write to it ++echo chmod 550 ${DIR}/agentless/* ++echo chmod 700 ${DIR}/.ssh + + + # For the /var/run +-chmod 770 ${DIR}/var/run +-chown root:${GROUP} ${DIR}/var/run ++echo chmod 770 ${DIR}/var/run ++echo chown root:${GROUP} ${DIR}/var/run + + + # Moving the binary files +@@ -201,11 +201,11 @@ + sh ./init/fw-check.sh execute > /dev/null + cp -pr ../active-response/*.sh ${DIR}/active-response/bin/ + cp -pr ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ +-chmod 755 ${DIR}/active-response/bin/* +-chown root:${GROUP} ${DIR}/active-response/bin/* ++echo chmod 755 ${DIR}/active-response/bin/* ++echo chown root:${GROUP} ${DIR}/active-response/bin/* + +-chown root:${GROUP} ${DIR}/bin/* +-chmod 550 ${DIR}/bin/* ++echo chown root:${GROUP} ${DIR}/bin/* ++echo chmod 550 ${DIR}/bin/* + + + # Moving the config file +@@ -221,8 +221,8 @@ + else + cp -pr ../etc/ossec-agent.conf ${DIR}/etc/ossec.conf + fi +-chown root:${GROUP} ${DIR}/etc/ossec.conf +-chmod 440 ${DIR}/etc/ossec.conf ++echo chown root:${GROUP} ${DIR}/etc/ossec.conf ++echo chmod 440 ${DIR}/etc/ossec.conf + + + diff --git a/nixpkgs/pkgs/tools/security/osv-detector/default.nix b/nixpkgs/pkgs/tools/security/osv-detector/default.nix new file mode 100644 index 000000000000..58db4504d23d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/osv-detector/default.nix @@ -0,0 +1,56 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, osv-detector +, testers +}: + +buildGoModule rec { + pname = "osv-detector"; + version = "0.11.1"; + + src = fetchFromGitHub { + owner = "G-Rath"; + repo = pname; + rev = "v${version}"; + hash = "sha256-vIkLrKyDeMfRe/0EPhlKlHAO6XB0/OFY5mTUHeZbcg8="; + }; + + vendorHash = "sha256-Rrosye8foVntoFDvDmyNuXgnEgjzcOXenOKBMZVCRio="; + + ldflags = [ + "-w" + "-s" + "-X main.version=${version}" + ]; + + checkFlags = + let + skippedTests = [ + # Disable tests requiring network access + "TestRun_ParseAs_CsvFile" + "TestRun_ParseAs_CsvRow" + "TestRun_DBs" + "TestRun_Lockfile" + "TestRun_ParseAsGlobal" + "TestRun_Ignores" + "TestRun_ParseAsSpecific" + "TestRun_Configs" + ]; + in + [ "-skip" "${builtins.concatStringsSep "|" skippedTests}" ]; + + passthru.tests.version = testers.testVersion { + package = osv-detector; + command = "osv-detector -version"; + version = "osv-detector ${version} (unknown, commit none)"; + }; + + meta = with lib; { + description = "Auditing tool for detecting vulnerabilities"; + homepage = "https://github.com/G-Rath/osv-detector"; + changelog = "https://github.com/G-Rath/osv-detector/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/osv-scanner/default.nix b/nixpkgs/pkgs/tools/security/osv-scanner/default.nix new file mode 100644 index 000000000000..be8fbb2489f6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/osv-scanner/default.nix @@ -0,0 +1,46 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, testers +, osv-scanner +}: +buildGoModule rec { + pname = "osv-scanner"; + version = "1.4.1"; + + src = fetchFromGitHub { + owner = "google"; + repo = pname; + rev = "v${version}"; + hash = "sha256-xc9qdzdJYg12twjLAGw1GEkfkFsk8UBgzSyOSg/FB20="; + }; + + vendorHash = "sha256-e1XG3DZGDBKKcEpMBi0vqKo3f9TnXdFKOUzZ7KZhPAw="; + + subPackages = [ + "cmd/osv-scanner" + ]; + + ldflags = [ + "-s" + "-w" + "-X main.version=${version}" + "-X main.commit=n/a" + "-X main.date=1970-01-01T00:00:00Z" + ]; + + # Tests require network connectivity to query https://api.osv.dev. + doCheck = false; + + passthru.tests.version = testers.testVersion { + package = osv-scanner; + }; + + meta = with lib; { + description = "Vulnerability scanner written in Go which uses the data provided by https://osv.dev"; + homepage = "https://github.com/google/osv-scanner"; + changelog = "https://github.com/google/osv-scanner/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ stehessel urandom ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/otpauth/default.nix b/nixpkgs/pkgs/tools/security/otpauth/default.nix new file mode 100644 index 000000000000..032372d87e92 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/otpauth/default.nix @@ -0,0 +1,26 @@ +{ lib +, fetchFromGitHub +, buildGoModule +}: + +buildGoModule rec { + pname = "otpauth"; + version = "0.5.1"; + + src = fetchFromGitHub { + owner = "dim13"; + repo = "otpauth"; + rev = "v${version}"; + sha256 = "sha256-jeKxCuE3cA/oTEKwdrCGPchsrtaMyirTzv8oLl9gxtA="; + }; + + vendorHash = "sha256-jnIq7Zc2MauJReJ9a8TeqXXsvHixsBB+znmXAxcpqUQ="; + doCheck = true; + + meta = with lib; { + description = "Google Authenticator migration decoder"; + homepage = "https://github.com/dim13/otpauth"; + license = licenses.isc; + maintainers = with maintainers; [ ereslibre ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ots/default.nix b/nixpkgs/pkgs/tools/security/ots/default.nix new file mode 100644 index 000000000000..bba9e8e6fb89 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ots/default.nix @@ -0,0 +1,25 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "ots"; + version = "0.2.0"; + + src = fetchFromGitHub { + owner = "sniptt-official"; + repo = pname; + rev = "v${version}"; + hash = "sha256-Oxs2ytf0rY9QYzVaLUkqyX15oWjas3ukSkq9D1TYbDE="; + }; + + vendorHash = "sha256-qYk8T0sYIO0wJ0R0j+0VetCy11w8usIRRdBm/Z6grJE="; + + ldflags = [ "-X main.version=${version}" "-X main.buildSource=nix" ]; + + meta = with lib; { + description = "Share end-to-end encrypted secrets with others via a one-time URL"; + homepage = "https://ots.sniptt.com"; + changelog = "https://github.com/sniptt-official/ots/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ elliot ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/p0f/default.nix b/nixpkgs/pkgs/tools/security/p0f/default.nix new file mode 100644 index 000000000000..84221fbd566c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/p0f/default.nix @@ -0,0 +1,41 @@ +{ lib, stdenv, fetchurl, libpcap, bash }: + +stdenv.mkDerivation rec { + pname = "p0f"; + version = "3.09b"; + + src = fetchurl { + url = "http://lcamtuf.coredump.cx/p0f3/releases/${pname}-${version}.tgz"; + sha256 = "0zqfq3gdnha29ckvlqmyp36c0jhj7f69bhqqx31yb6vkirinhfsl"; + }; + + buildInputs = [ libpcap ]; + + buildPhase = '' + substituteInPlace config.h --replace "p0f.fp" "$out/etc/p0f.fp" + substituteInPlace build.sh --replace "/bin/bash" "${bash}/bin/bash" + ./build.sh + cd tools && make && cd .. + ''; + + installPhase = '' + mkdir -p $out/sbin $out/etc + + cp ./p0f $out/sbin + cp ./p0f.fp $out/etc + + cp ./tools/p0f-client $out/sbin + cp ./tools/p0f-sendsyn $out/sbin + cp ./tools/p0f-sendsyn6 $out/sbin + ''; + + hardeningDisable = [ "format" ]; + + meta = { + description = "Passive network reconnaissance and fingerprinting tool"; + homepage = "https://lcamtuf.coredump.cx/p0f3/"; + license = lib.licenses.lgpl21; + platforms = lib.platforms.linux; + maintainers = [ lib.maintainers.thoughtpolice ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/padbuster/default.nix b/nixpkgs/pkgs/tools/security/padbuster/default.nix new file mode 100644 index 000000000000..de71010ccba5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/padbuster/default.nix @@ -0,0 +1,34 @@ +{ lib, stdenv, fetchFromGitHub, perl }: + +stdenv.mkDerivation rec { + pname = "padbuster"; + version = "0.3.3"; + + src = fetchFromGitHub { + owner = "AonCyberLabs"; + repo = pname; + rev = "50e4a3e2bf5dfff5699440b3ebc61ed1b5c49bbe"; + sha256 = "VIvZ28MVnTSQru6l8flLVVqIIpxxXD8lCqzH81sPe/U="; + }; + + buildInputs = [ + (perl.withPackages (ps: with ps; [ LWP LWPProtocolHttps CryptSSLeay ])) + ]; + + installPhase = '' + runHook preInstall + + install -Dm755 padBuster.pl $out/bin/padBuster.pl + + runHook postInstall + ''; + + meta = with lib; { + description = "Automated script for performing Padding Oracle attacks"; + homepage = "https://www.gdssecurity.com/l/t.php"; + mainProgram = "padBuster.pl"; + maintainers = with maintainers; [ emilytrau ]; + license = licenses.asl20; + platforms = platforms.all; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pamtester/default.nix b/nixpkgs/pkgs/tools/security/pamtester/default.nix new file mode 100644 index 000000000000..d9e59290d676 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pamtester/default.nix @@ -0,0 +1,21 @@ +{ lib, stdenv, fetchurl, pam }: + +stdenv.mkDerivation rec { + pname = "pamtester"; + version = "0.1.2"; + + src = fetchurl { + url = "mirror://sourceforge/pamtester/pamtester-${version}.tar.gz"; + sha256 = "1mdj1wj0adcnx354fs17928yn2xfr1hj5mfraq282dagi873sqw3"; + }; + + buildInputs = [ pam ]; + + meta = with lib; { + description = "Utility program to test the PAM facility"; + homepage = "https://pamtester.sourceforge.net/"; + license = licenses.bsd3; + platforms = platforms.linux; + maintainers = with maintainers; [ abbradar ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/paperkey/default.nix b/nixpkgs/pkgs/tools/security/paperkey/default.nix new file mode 100644 index 000000000000..766b570a074e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/paperkey/default.nix @@ -0,0 +1,34 @@ +{ fetchurl, lib, stdenv }: + +stdenv.mkDerivation rec { + pname = "paperkey"; + version = "1.6"; + + src = fetchurl { + url = "https://www.jabberwocky.com/software/paperkey/${pname}-${version}.tar.gz"; + sha256 = "1xq5gni6gksjkd5avg0zpd73vsr97appksfx0gx2m38s4w9zsid2"; + }; + + postPatch = '' + for a in checks/*.sh ; do + substituteInPlace $a \ + --replace /bin/echo echo + done + ''; + + enableParallelBuilding = true; + + meta = with lib; { + description = "Store OpenPGP or GnuPG on paper"; + longDescription = '' + A reasonable way to achieve a long term backup of OpenPGP (GnuPG, PGP, etc) + keys is to print them out on paper. Paper and ink have amazingly long + retention qualities - far longer than the magnetic or optical means that + are generally used to back up computer data. + ''; + homepage = "https://www.jabberwocky.com/software/paperkey/"; + license = licenses.gpl2; + platforms = platforms.unix; + maintainers = with maintainers; [ skeidel ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/parsero/default.nix b/nixpkgs/pkgs/tools/security/parsero/default.nix new file mode 100644 index 000000000000..a8cd9c39eb13 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/parsero/default.nix @@ -0,0 +1,28 @@ +{ lib, python3Packages, fetchFromGitHub }: + +python3Packages.buildPythonApplication rec { + pname = "parsero"; + version = "0.81"; + + src = fetchFromGitHub { + owner = "behindthefirewalls"; + repo = pname; + rev = "e5b585a19b79426975a825cafa4cc8a353cd267e"; + sha256 = "rqupeJxslL3AfQ+CzBWRb4ZS32VoYd8hlA+eACMKGPY="; + }; + + propagatedBuildInputs = with python3Packages; [ + beautifulsoup4 + urllib3 + ]; + + # Project has no tests + doCheck = false; + + meta = with lib; { + description = "Robots.txt audit tool"; + homepage = "https://github.com/behindthefirewalls/Parsero"; + license = licenses.gpl2Only; + maintainers = with maintainers; [ emilytrau fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pass/default.nix b/nixpkgs/pkgs/tools/security/pass/default.nix new file mode 100644 index 000000000000..735d025e2ea6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/default.nix @@ -0,0 +1,165 @@ +{ stdenv, lib, pkgs, fetchurl, buildEnv +, coreutils, findutils, gnugrep, gnused, getopt, git, tree, gnupg, openssl +, which, openssh, procps, qrencode, makeWrapper, pass + +, xclip ? null, xdotool ? null, dmenu ? null +, x11Support ? !stdenv.isDarwin , dmenuSupport ? (x11Support || waylandSupport) +, waylandSupport ? false, wl-clipboard ? null +, ydotool ? null, dmenu-wayland ? null + +# For backwards-compatibility +, tombPluginSupport ? false +}: + +assert x11Support -> xclip != null; +assert waylandSupport -> wl-clipboard != null; + +assert dmenuSupport -> x11Support || waylandSupport; +assert dmenuSupport && x11Support + -> dmenu != null && xdotool != null; +assert dmenuSupport && waylandSupport + -> dmenu-wayland != null && ydotool != null; + + +let + passExtensions = import ./extensions { inherit pkgs; }; + + env = extensions: + let + selected = [ pass ] ++ extensions passExtensions + ++ lib.optional tombPluginSupport passExtensions.tomb; + in buildEnv { + name = "pass-env"; + paths = selected; + nativeBuildInputs = [ makeWrapper ]; + buildInputs = lib.concatMap (x: x.buildInputs) selected; + + postBuild = '' + files=$(find $out/bin/ -type f -exec readlink -f {} \;) + if [ -L $out/bin ]; then + rm $out/bin + mkdir $out/bin + fi + + for i in $files; do + if ! [ "$(readlink -f "$out/bin/$(basename $i)")" = "$i" ]; then + ln -sf $i $out/bin/$(basename $i) + fi + done + + wrapProgram $out/bin/pass \ + --set SYSTEM_EXTENSION_DIR "$out/lib/password-store/extensions" + ''; + meta.mainProgram = "pass"; + }; +in + +stdenv.mkDerivation rec { + version = "1.7.4"; + pname = "password-store"; + + src = fetchurl { + url = "https://git.zx2c4.com/password-store/snapshot/${pname}-${version}.tar.xz"; + sha256 = "1h4k6w7g8pr169p5w9n6mkdhxl3pw51zphx7www6pvgjb7vgmafg"; + }; + + patches = [ + ./set-correct-program-name-for-sleep.patch + ./extension-dir.patch + ] ++ lib.optional stdenv.isDarwin ./no-darwin-getopt.patch; + + nativeBuildInputs = [ makeWrapper ]; + + installFlags = [ "PREFIX=$(out)" "WITH_ALLCOMP=yes" ]; + + postInstall = lib.optionalString dmenuSupport '' + cp "contrib/dmenu/passmenu" "$out/bin/" + ''; + + wrapperPath = with lib; makeBinPath ([ + coreutils + findutils + getopt + git + gnugrep + gnupg + gnused + tree + which + openssh + procps + qrencode + ] ++ optional stdenv.isDarwin openssl + ++ optional x11Support xclip + ++ optional waylandSupport wl-clipboard + ++ optionals (waylandSupport && dmenuSupport) [ ydotool dmenu-wayland ] + ++ optionals (x11Support && dmenuSupport) [ xdotool dmenu ] + ); + + postFixup = '' + # Fix program name in --help + substituteInPlace $out/bin/pass \ + --replace 'PROGRAM="''${0##*/}"' "PROGRAM=pass" + + # Ensure all dependencies are in PATH + wrapProgram $out/bin/pass \ + --prefix PATH : "${wrapperPath}" + '' + lib.optionalString dmenuSupport '' + # We just wrap passmenu with the same PATH as pass. It doesn't + # need all the tools in there but it doesn't hurt either. + wrapProgram $out/bin/passmenu \ + --prefix PATH : "$out/bin:${wrapperPath}" + ''; + + # Turn "check" into "installcheck", since we want to test our pass, + # not the one before the fixup. + postPatch = '' + patchShebangs tests + + substituteInPlace src/password-store.sh \ + --replace "@out@" "$out" + + # the turning + sed -i -e 's@^PASS=.*''$@PASS=$out/bin/pass@' \ + -e 's@^GPGS=.*''$@GPG=${gnupg}/bin/gpg2@' \ + -e '/which gpg/ d' \ + tests/setup.sh + '' + lib.optionalString stdenv.isDarwin '' + # 'pass edit' uses hdid, which is not available from the sandbox. + rm -f tests/t0200-edit-tests.sh + rm -f tests/t0010-generate-tests.sh + rm -f tests/t0020-show-tests.sh + rm -f tests/t0050-mv-tests.sh + rm -f tests/t0100-insert-tests.sh + rm -f tests/t0300-reencryption.sh + rm -f tests/t0400-grep.sh + ''; + + doCheck = false; + + doInstallCheck = true; + nativeInstallCheckInputs = [ git ]; + installCheckTarget = "test"; + + passthru = { + extensions = passExtensions; + withExtensions = env; + }; + + meta = with lib; { + description = "Stores, retrieves, generates, and synchronizes passwords securely"; + homepage = "https://www.passwordstore.org/"; + license = licenses.gpl2Plus; + mainProgram = "pass"; + maintainers = with maintainers; [ lovek323 fpletz tadfisher globin ma27 ]; + platforms = platforms.unix; + + longDescription = '' + pass is a very simple password store that keeps passwords inside gpg2 + encrypted files inside a simple directory tree residing at + ~/.password-store. The pass utility provides a series of commands for + manipulating the password store, allowing the user to add, remove, edit, + synchronize, generate, and manipulate passwords. + ''; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pass/extension-dir.patch b/nixpkgs/pkgs/tools/security/pass/extension-dir.patch new file mode 100644 index 000000000000..028da31c4617 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/extension-dir.patch @@ -0,0 +1,32 @@ +diff --git a/Makefile b/Makefile +index eac2291..1b1df0a 100644 +--- a/Makefile ++++ b/Makefile +@@ -46,12 +46,12 @@ install: install-common + @install -v -d "$(DESTDIR)$(LIBDIR)/password-store" && install -m 0644 -v "$(PLATFORMFILE)" "$(DESTDIR)$(LIBDIR)/password-store/platform.sh" + @install -v -d "$(DESTDIR)$(LIBDIR)/password-store/extensions" + @install -v -d "$(DESTDIR)$(BINDIR)/" +- @trap 'rm -f src/.pass' EXIT; sed 's:.*PLATFORM_FUNCTION_FILE.*:source "$(LIBDIR)/password-store/platform.sh":;s:^SYSTEM_EXTENSION_DIR=.*:SYSTEM_EXTENSION_DIR="$(LIBDIR)/password-store/extensions":' src/password-store.sh > src/.pass && \ ++ @trap 'rm -f src/.pass' EXIT; sed 's:.*PLATFORM_FUNCTION_FILE.*:source "$(LIBDIR)/password-store/platform.sh":;' src/password-store.sh > src/.pass && \ + install -v -d "$(DESTDIR)$(BINDIR)/" && install -m 0755 -v src/.pass "$(DESTDIR)$(BINDIR)/pass" + else + install: install-common + @install -v -d "$(DESTDIR)$(LIBDIR)/password-store/extensions" +- @trap 'rm -f src/.pass' EXIT; sed '/PLATFORM_FUNCTION_FILE/d;s:^SYSTEM_EXTENSION_DIR=.*:SYSTEM_EXTENSION_DIR="$(LIBDIR)/password-store/extensions":' src/password-store.sh > src/.pass && \ ++ @trap 'rm -f src/.pass' EXIT; sed '/PLATFORM_FUNCTION_FILE/d;' src/password-store.sh > src/.pass && \ + install -v -d "$(DESTDIR)$(BINDIR)/" && install -m 0755 -v src/.pass "$(DESTDIR)$(BINDIR)/pass" + endif + +diff --git a/src/password-store.sh b/src/password-store.sh +index 68551a4..2f3b5b7 100755 +--- a/src/password-store.sh ++++ b/src/password-store.sh +@@ -656,7 +656,7 @@ cmd_extension_or_show() { + fi + } + +-SYSTEM_EXTENSION_DIR="" ++SYSTEM_EXTENSION_DIR="${SYSTEM_EXTENSION_DIR:-@out@/lib/password-store/extensions}" + cmd_extension() { + check_sneaky_paths "$1" + local user_extension system_extension extension diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/audit/0001-Set-base-to-an-empty-value.patch b/nixpkgs/pkgs/tools/security/pass/extensions/audit/0001-Set-base-to-an-empty-value.patch new file mode 100644 index 000000000000..ce6849d677f8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/extensions/audit/0001-Set-base-to-an-empty-value.patch @@ -0,0 +1,43 @@ +From a2d5d973f53efb11bdcaecbd0099df9714bc287f Mon Sep 17 00:00:00 2001 +From: Maximilian Bosch <maximilian@mbosch.me> +Date: Tue, 8 Feb 2022 19:35:35 +0100 +Subject: [PATCH] Set `base` to an empty value + +`DESTDIR` ensures that everything lands in the correct location (i.e. +the target store-path on Nix), within this path, everything should be +moved into `/lib` and `/share`. +--- + setup.py | 17 ++--------------- + 1 file changed, 2 insertions(+), 15 deletions(-) + +diff --git a/setup.py b/setup.py +index 1f0a58b..f7baa41 100644 +--- a/setup.py ++++ b/setup.py +@@ -8,21 +8,8 @@ from pathlib import Path + + from setuptools import setup + +-share = Path(sys.prefix, 'share') +-base = '/usr' +-if os.uname().sysname == 'Darwin': +- base = '/usr/local' +-lib = Path(base, 'lib', 'password-store', 'extensions') +- +-if '--user' in sys.argv: +- if 'PASSWORD_STORE_EXTENSIONS_DIR' in os.environ: +- lib = Path(os.environ['PASSWORD_STORE_EXTENSIONS_DIR']) +- else: +- lib = Path.home() / '.password-store' / '.extensions' +- if 'XDG_DATA_HOME' in os.environ: +- share = Path(os.environ['XDG_DATA_HOME']) +- else: +- share = Path.home() / '.local' / 'share' ++share = Path('share') ++lib = Path('lib', 'password-store', 'extensions') + + setup( + data_files=[ +-- +2.33.1 + diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/audit/0002-Fix-audit.bash-setup.patch b/nixpkgs/pkgs/tools/security/pass/extensions/audit/0002-Fix-audit.bash-setup.patch new file mode 100644 index 000000000000..5703f3c1f652 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/extensions/audit/0002-Fix-audit.bash-setup.patch @@ -0,0 +1,28 @@ +From 8f76b32946430737f97f2702afd828b09536afd2 Mon Sep 17 00:00:00 2001 +From: Maximilian Bosch <maximilian@mbosch.me> +Date: Sun, 15 Mar 2020 20:10:11 +0100 +Subject: [PATCH 2/2] Fix audit.bash setup + +This sets PASSWORD_STORE_DIR (needed by the python-code) to +PASSWORD_STORE_DIR and properly falls back to `~/.password-store` if +it's not set. +--- + audit.bash | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/audit.bash b/audit.bash +index 7a973dc..c40ff76 100755 +--- a/audit.bash ++++ b/audit.bash +@@ -17,7 +17,7 @@ + # + + cmd_audit() { +- export PASSWORD_STORE_DIR=$PREFIX GIT_DIR PASSWORD_STORE_GPG_OPTS ++ export PASSWORD_STORE_DIR=${PASSWORD_STORE_DIR:-$HOME/.password-store} GIT_DIR PASSWORD_STORE_GPG_OPTS + export X_SELECTION CLIP_TIME PASSWORD_STORE_UMASK GENERATED_LENGTH + export CHARACTER_SET CHARACTER_SET_NO_SYMBOLS EXTENSIONS PASSWORD_STORE_KEY + export PASSWORD_STORE_ENABLE_EXTENSIONS PASSWORD_STORE_SIGNING_KEY +-- +2.25.0 + diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/audit/default.nix b/nixpkgs/pkgs/tools/security/pass/extensions/audit/default.nix new file mode 100644 index 000000000000..c9bbabd5fb2f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/extensions/audit/default.nix @@ -0,0 +1,55 @@ +{ lib, stdenv, pass, fetchFromGitHub, pythonPackages, makeWrapper, gnupg }: + +let + pythonEnv = pythonPackages.python.withPackages (p: [ p.requests p.setuptools p.zxcvbn ]); + +in stdenv.mkDerivation rec { + pname = "pass-audit"; + version = "1.2"; + + src = fetchFromGitHub { + owner = "roddhjav"; + repo = "pass-audit"; + rev = "v${version}"; + sha256 = "sha256-xigP8LxRXITLF3X21zhWx6ooFNSTKGv46yFSt1dd4vs="; + }; + + patches = [ + ./0001-Set-base-to-an-empty-value.patch + ./0002-Fix-audit.bash-setup.patch + ]; + + postPatch = '' + substituteInPlace audit.bash \ + --replace 'python3' "${pythonEnv}/bin/python3" + substituteInPlace Makefile \ + --replace "install --root" "install --prefix ''' --root" + ''; + + outputs = [ "out" "man" ]; + + buildInputs = [ pythonEnv ]; + nativeBuildInputs = [ makeWrapper ]; + + # Tests freeze on darwin with: pass-audit-1.1 (checkPhase): EOFError + doCheck = !stdenv.isDarwin; + nativeCheckInputs = [ pythonPackages.green pass gnupg ]; + checkPhase = '' + ${pythonEnv}/bin/python3 setup.py green -q + ''; + + installFlags = [ "DESTDIR=${placeholder "out"}" "PREFIX=" ]; + postInstall = '' + wrapProgram $out/lib/password-store/extensions/audit.bash \ + --prefix PYTHONPATH : "$out/lib/${pythonEnv.libPrefix}/site-packages" \ + --run "export COMMAND" + ''; + + meta = with lib; { + description = "Pass extension for auditing your password repository."; + homepage = "https://github.com/roddhjav/pass-audit"; + license = licenses.gpl3Plus; + platforms = platforms.unix; + maintainers = with maintainers; [ ma27 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix b/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix new file mode 100644 index 000000000000..b1cff6a20724 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix @@ -0,0 +1,42 @@ +{ lib, stdenv, fetchFromGitHub +, curl, findutils, gnugrep, gnused, shellcheck }: + +let + pname = "pass-checkup"; + version = "0.2.2"; +in stdenv.mkDerivation { + inherit pname version; + + src = fetchFromGitHub { + owner = "etu"; + repo = pname; + rev = version; + sha256 = "1p65yxr00k35g4bnagszp8i03pmhnrcmipgrdsawps2ba8faqp6r"; + }; + + nativeBuildInputs = [ shellcheck ]; + + postPatch = '' + substituteInPlace checkup.bash \ + --replace curl ${curl}/bin/curl \ + --replace find ${findutils}/bin/find \ + --replace grep ${gnugrep}/bin/grep \ + --replace sed ${gnused}/bin/sed + ''; + + installPhase = '' + runHook preInstall + + install -D -m755 checkup.bash $out/lib/password-store/extensions/checkup.bash + + runHook postInstall + ''; + + meta = with lib; { + description = "A pass extension to check against the Have I been pwned API to see if your passwords are publicly leaked or not"; + homepage = "https://github.com/etu/pass-checkup"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ etu ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/default.nix b/nixpkgs/pkgs/tools/security/pass/extensions/default.nix new file mode 100644 index 000000000000..96c252156de8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/extensions/default.nix @@ -0,0 +1,15 @@ +{ pkgs, ... }: + +with pkgs; + +{ + pass-audit = callPackage ./audit { + pythonPackages = python3Packages; + }; + pass-checkup = callPackage ./checkup.nix {}; + pass-import = callPackage ./import.nix {}; + pass-otp = callPackage ./otp.nix {}; + pass-tomb = callPackage ./tomb.nix {}; + pass-update = callPackage ./update.nix {}; + pass-genphrase = callPackage ./genphrase.nix {}; +} diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/genphrase.nix b/nixpkgs/pkgs/tools/security/pass/extensions/genphrase.nix new file mode 100644 index 000000000000..c8a1f730e049 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/extensions/genphrase.nix @@ -0,0 +1,34 @@ +{ lib, stdenv, fetchFromGitHub, python3 }: + +stdenv.mkDerivation rec { + pname = "pass-genphrase"; + version = "0.3"; + + src = fetchFromGitHub { + owner = "congma"; + repo = "pass-genphrase"; + rev = version; + sha256 = "01dff2jlp111y7vlmp1wbgijzphhlzc19m02fs8nzmn5vxyffanx"; + }; + + dontBuild = true; + + buildInputs = [ python3 ]; + + installTargets = [ "globalinstall" ]; + + installFlags = [ "PREFIX=$(out)" ]; + + postFixup = '' + substituteInPlace $out/lib/password-store/extensions/genphrase.bash \ + --replace '$EXTENSIONS' "$out/lib/password-store/extensions/" + ''; + + meta = with lib; { + description = "Pass extension that generates memorable passwords"; + homepage = "https://github.com/congma/pass-genphrase"; + license = licenses.gpl3; + maintainers = with maintainers; [ seqizz ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/import.nix b/nixpkgs/pkgs/tools/security/pass/extensions/import.nix new file mode 100644 index 000000000000..8c51356e184b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/extensions/import.nix @@ -0,0 +1,69 @@ +{ lib +, fetchFromGitHub +, fetchpatch +, python3Packages +, gnupg +, pass +}: + +python3Packages.buildPythonApplication rec { + pname = "pass-import"; + version = "3.2"; + + src = fetchFromGitHub { + owner = "roddhjav"; + repo = "pass-import"; + rev = "v${version}"; + sha256 = "0hrpg7yiv50xmbajfy0zdilsyhbj5iv0qnlrgkfv99q1dvd5qy56"; + }; + + patches = [ + (fetchpatch { + name = "support-for-pykeepass-4.0.3.patch"; + url = "https://github.com/roddhjav/pass-import/commit/f1b167578916d971ee4f99be99ba0e86ef49015e.patch"; + hash = "sha256-u6bJbV3/QTfRaPauKSyCWNodpy6CKsreMXUZWKRbee0="; + }) + ]; + + propagatedBuildInputs = with python3Packages; [ + cryptography + defusedxml + pyaml + pykeepass + python-magic # similar API to "file-magic", but already in nixpkgs. + secretstorage + ]; + + nativeCheckInputs = [ + gnupg + pass + python3Packages.pytestCheckHook + ]; + + disabledTests = [ + "test_import_gnome_keyring" # requires dbus, which pytest doesn't support + ]; + + postInstall = '' + mkdir -p $out/lib/password-store/extensions + cp ${src}/import.bash $out/lib/password-store/extensions/import.bash + wrapProgram $out/lib/password-store/extensions/import.bash \ + --prefix PATH : "${python3Packages.python.withPackages (_: propagatedBuildInputs)}/bin" \ + --prefix PYTHONPATH : "$out/${python3Packages.python.sitePackages}" \ + --run "export PREFIX" + cp -r ${src}/share $out/ + ''; + + postCheck = '' + $out/bin/pimport --list-exporters --list-importers + ''; + + meta = with lib; { + description = "Pass extension for importing data from existing password managers"; + homepage = "https://github.com/roddhjav/pass-import"; + changelog = "https://github.com/roddhjav/pass-import/blob/v${version}/CHANGELOG.rst"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ lovek323 fpletz tadfisher ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix b/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix new file mode 100644 index 000000000000..15f075ccec40 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix @@ -0,0 +1,33 @@ +{ lib, stdenv, fetchFromGitHub, oath-toolkit }: + +stdenv.mkDerivation rec { + pname = "pass-otp"; + version = "1.2.0"; + + src = fetchFromGitHub { + owner = "tadfisher"; + repo = "pass-otp"; + rev = "v${version}"; + sha256 = "0cpqrf3939hcvwg7sd8055ghc8x964ilimlri16czzx188a9jx9v"; + }; + + buildInputs = [ oath-toolkit ]; + + dontBuild = true; + + patchPhase = '' + sed -i -e 's|OATH=\$(which oathtool)|OATH=${oath-toolkit}/bin/oathtool|' otp.bash + ''; + + installFlags = [ "PREFIX=$(out)" + "BASHCOMPDIR=$(out)/share/bash-completion/completions" + ]; + + meta = with lib; { + description = "A pass extension for managing one-time-password (OTP) tokens"; + homepage = "https://github.com/tadfisher/pass-otp"; + license = licenses.gpl3; + maintainers = with maintainers; [ jwiegley tadfisher toonn ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/tomb.nix b/nixpkgs/pkgs/tools/security/pass/extensions/tomb.nix new file mode 100644 index 000000000000..58630c4ec9f3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/extensions/tomb.nix @@ -0,0 +1,32 @@ +{ lib, stdenv, fetchFromGitHub, tomb }: + +stdenv.mkDerivation rec { + pname = "pass-tomb"; + version = "1.3"; + + src = fetchFromGitHub { + owner = "roddhjav"; + repo = "pass-tomb"; + rev = "v${version}"; + sha256 = "sha256-kbbMHmYmeyt7HM8YiNhknePm1vUaXWWXPWePKGpbU+o="; + }; + + buildInputs = [ tomb ]; + + dontBuild = true; + + installFlags = [ "PREFIX=$(out)" ]; + + postFixup = '' + substituteInPlace $out/lib/password-store/extensions/tomb.bash \ + --replace 'TOMB="''${PASSWORD_STORE_TOMB:-tomb}"' 'TOMB="''${PASSWORD_STORE_TOMB:-${tomb}/bin/tomb}"' + ''; + + meta = with lib; { + description = "Pass extension that keeps the password store encrypted inside a tomb"; + homepage = "https://github.com/roddhjav/pass-tomb"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ lovek323 fpletz tadfisher ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/update.nix b/nixpkgs/pkgs/tools/security/pass/extensions/update.nix new file mode 100644 index 000000000000..50a4c49b90d1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/extensions/update.nix @@ -0,0 +1,30 @@ +{ lib, stdenv, fetchFromGitHub }: + +stdenv.mkDerivation rec { + pname = "pass-update"; + version = "2.1"; + + src = fetchFromGitHub { + owner = "roddhjav"; + repo = "pass-update"; + rev = "v${version}"; + sha256 = "0yx8w97jcp6lv7ad5jxqnj04csbrn2hhc4pskssxknw2sbvg4g6c"; + }; + + postPatch = '' + substituteInPlace Makefile \ + --replace "BASHCOMPDIR ?= /etc/bash_completion.d" "BASHCOMPDIR ?= $out/share/bash-completion/completions" + ''; + + dontBuild = true; + + installFlags = [ "PREFIX=$(out)" ]; + + meta = with lib; { + description = "Pass extension that provides an easy flow for updating passwords"; + homepage = "https://github.com/roddhjav/pass-update"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ lovek323 fpletz tadfisher ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pass/no-darwin-getopt.patch b/nixpkgs/pkgs/tools/security/pass/no-darwin-getopt.patch new file mode 100644 index 000000000000..7e8b66dd7f1a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/no-darwin-getopt.patch @@ -0,0 +1,11 @@ +diff --git a/src/platform/darwin.sh b/src/platform/darwin.sh +index f6cc471..e2e8bba 100644 +--- a/src/platform/darwin.sh ++++ b/src/platform/darwin.sh +@@ -39,6 +39,5 @@ qrcode() { + fi + } + +-GETOPT="$({ test -x /usr/local/opt/gnu-getopt/bin/getopt && echo /usr/local/opt/gnu-getopt; } || brew --prefix gnu-getopt 2>/dev/null || { which port &>/dev/null && echo /opt/local; } || echo /usr/local)/bin/getopt" + SHRED="srm -f -z" + BASE64="openssl base64" diff --git a/nixpkgs/pkgs/tools/security/pass/rofi-pass.nix b/nixpkgs/pkgs/tools/security/pass/rofi-pass.nix new file mode 100644 index 000000000000..f23d27314eef --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/rofi-pass.nix @@ -0,0 +1,92 @@ +{ lib +, stdenv +, fetchFromGitHub +, makeWrapper +, unstableGitUpdater +, coreutils +, util-linux +, gnugrep +, libnotify +, pwgen +, findutils +, gawk +, gnused +# wayland-only deps +, rofi-wayland +, pass-wayland +, wl-clipboard +, wtype +# x11-only deps +, rofi +, pass +, xclip +, xdotool +# backend selector +, backend ? "x11" +}: + +assert lib.assertOneOf "backend" backend [ "x11" "wayland" ]; + +stdenv.mkDerivation { + pname = "rofi-pass"; + version = "unstable-2023-07-07"; + + src = fetchFromGitHub { + owner = "carnager"; + repo = "rofi-pass"; + rev = "e77cbdbe0e885f0b1daba3a0b6bae793cc2b1ba3"; + hash = "sha256-zmNuFE+++tf4pKTXSTc7s8R9rvI+XwgWl8mCEPaaIRM="; + }; + + nativeBuildInputs = [ makeWrapper ]; + + dontBuild = true; + + installPhase = '' + mkdir -p $out/bin + cp -a rofi-pass $out/bin/rofi-pass + + mkdir -p $out/share/doc/rofi-pass/ + cp -a config.example $out/share/doc/rofi-pass/config.example + ''; + + wrapperPath = lib.makeBinPath ([ + coreutils + findutils + gawk + gnugrep + gnused + libnotify + pwgen + util-linux + ] ++ lib.optionals (backend == "x11") [ + rofi + (pass.withExtensions (ext: [ ext.pass-otp ])) + xclip + xdotool + ] ++ lib.optionals (backend == "wayland") [ + rofi-wayland + (pass-wayland.withExtensions (ext: [ ext.pass-otp ])) + wl-clipboard + wtype + ]); + + fixupPhase = '' + patchShebangs $out/bin + + wrapProgram $out/bin/rofi-pass \ + --prefix PATH : "$wrapperPath" \ + --set-default ROFI_PASS_BACKEND ${if backend == "wayland" then "wtype" else "xdotool"} \ + --set-default ROFI_PASS_CLIPBOARD_BACKEND ${if backend == "wayland" then "wl-clipboard" else "xclip"} + ''; + + passthru.updateScript = unstableGitUpdater { }; + + meta = { + description = "A script to make rofi work with password-store"; + homepage = "https://github.com/carnager/rofi-pass"; + license = lib.licenses.gpl3; + platforms = with lib.platforms; linux; + maintainers = with lib.maintainers; [ lilyinstarlight ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pass/set-correct-program-name-for-sleep.patch b/nixpkgs/pkgs/tools/security/pass/set-correct-program-name-for-sleep.patch new file mode 100644 index 000000000000..a71a279c1ef7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass/set-correct-program-name-for-sleep.patch @@ -0,0 +1,50 @@ +From d11261c2ad184daf6e9edd777bc8a3372c277b4b Mon Sep 17 00:00:00 2001 +From: Johannes Frankenau <johannes@frankenau.net> +Date: Fri, 10 Aug 2018 09:49:57 +0200 +Subject: [PATCH] Patch the clip() function to work even when using + single-binary coreutils + +--- + src/platform/cygwin.sh | 4 ++-- + src/platform/darwin.sh | 4 ++-- + 3 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/platform/cygwin.sh b/src/platform/cygwin.sh +index 5a8d5ea..423e0ce 100644 +--- a/src/platform/cygwin.sh ++++ b/src/platform/cygwin.sh +@@ -3,11 +3,11 @@ + + clip() { + local sleep_argv0="password store sleep on display $DISPLAY" +- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5 ++ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5 + local before="$($BASE64 < /dev/clipboard)" + echo -n "$1" > /dev/clipboard + ( +- ( exec -a "$sleep_argv0" sleep "$CLIP_TIME" ) ++ ( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") ) + local now="$($BASE64 < /dev/clipboard)" + [[ $now != $(echo -n "$1" | $BASE64) ]] && before="$now" + echo "$before" | $BASE64 -d > /dev/clipboard +diff --git a/src/platform/darwin.sh b/src/platform/darwin.sh +index 342ecce..9e12837 100644 +--- a/src/platform/darwin.sh ++++ b/src/platform/darwin.sh +@@ -3,11 +3,11 @@ + + clip() { + local sleep_argv0="password store sleep for user $(id -u)" +- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5 ++ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5 + local before="$(pbpaste | $BASE64)" + echo -n "$1" | pbcopy + ( +- ( exec -a "$sleep_argv0" sleep "$CLIP_TIME" ) ++ ( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") ) + local now="$(pbpaste | $BASE64)" + [[ $now != $(echo -n "$1" | $BASE64) ]] && before="$now" + echo "$before" | $BASE64 -d | pbcopy +-- +2.16.4 + diff --git a/nixpkgs/pkgs/tools/security/pass2csv/default.nix b/nixpkgs/pkgs/tools/security/pass2csv/default.nix new file mode 100644 index 000000000000..95649695bfff --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pass2csv/default.nix @@ -0,0 +1,35 @@ +{ buildPythonApplication +, fetchPypi +, lib +, python-gnupg +, setuptools +}: + +buildPythonApplication rec { + pname = "pass2csv"; + version = "1.0.0"; + format = "pyproject"; + + src = fetchPypi { + inherit pname version; + sha256 = "sha256-a/PQl/nqdj9xOM2hfAIiLuGy5F4KmEWFJihZ4gilaJw="; + }; + + nativeBuildInputs = [ + setuptools + ]; + + propagatedBuildInputs = [ + python-gnupg + ]; + + # Project has no tests. + doCheck = false; + + meta = with lib; { + description = "Export pass(1), \"the standard unix password manager\", to CSV"; + homepage = "https://github.com/reinefjord/pass2csv"; + license = licenses.mit; + maintainers = with maintainers; [ wolfangaukang ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/passage/darwin-getopt-path.patch b/nixpkgs/pkgs/tools/security/passage/darwin-getopt-path.patch new file mode 100644 index 000000000000..0225f05c19d0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/passage/darwin-getopt-path.patch @@ -0,0 +1,12 @@ +diff --git a/src/platform/darwin.sh b/src/platform/darwin.sh +index 9a1fda8..4f7ce3d 100644 +--- a/src/platform/darwin.sh ++++ b/src/platform/darwin.sh +@@ -39,6 +39,6 @@ qrcode() { + fi + } + +-GETOPT="$({ test -x /usr/local/opt/gnu-getopt/bin/getopt && echo /usr/local/opt/gnu-getopt; } || brew --prefix gnu-getopt 2>/dev/null || { command -v port &>/dev/null && echo /opt/local; } || echo /usr/local)/bin/getopt" ++GETOPT="@getopt@/bin/getopt" + SHRED="srm -f -z" + BASE64="openssl base64" diff --git a/nixpkgs/pkgs/tools/security/passage/default.nix b/nixpkgs/pkgs/tools/security/passage/default.nix new file mode 100644 index 000000000000..e2570c2adf4b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/passage/default.nix @@ -0,0 +1,62 @@ +{ lib +, stdenv +, fetchFromGitHub +, makeBinaryWrapper +, substituteAll +, age +, getopt +, git ? null +, xclip ? null +# Used to pretty-print list of all stored passwords, but is not needed to fetch +# or store password by its name. Most users would want this dependency. +, tree ? null +}: + +stdenv.mkDerivation { + pname = "passage"; + version = "unstable-2022-05-01"; + + src = fetchFromGitHub { + owner = "FiloSottile"; + repo = "passage"; + rev = "1262d308f09db9b243513a428ab4b8fb1c30d31d"; + sha256 = "1val8wl9kzlxj4i1rrh2iiyf97w9akffvr0idvbkdb09hfzz4lz8"; + }; + + patches = [ + (substituteAll { + src = ./darwin-getopt-path.patch; + inherit getopt; + }) + ]; + + nativeBuildInputs = [ makeBinaryWrapper ]; + + extraPath = lib.makeBinPath [ age git xclip tree ]; + + # Using $0 is bad, it causes --help to mention ".passage-wrapped". + postInstall = '' + substituteInPlace $out/bin/passage --replace 'PROGRAM="''${0##*/}"' 'PROGRAM=passage' + wrapProgram $out/bin/passage --prefix PATH : $extraPath --argv0 $pname + ''; + + installFlags = [ "PREFIX=$(out)" "WITH_ALLCOMP=yes" ]; + + meta = with lib; { + description = "Stores, retrieves, generates, and synchronizes passwords securely"; + homepage = "https://github.com/FiloSottile/passage"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ kaction ]; + platforms = platforms.unix; + + longDescription = '' + passage is a fork of password-store (https://www.passwordstore.org) that uses + age (https://age-encryption.org) as a backend instead of GnuPG. + + It keeps passwords inside age(1) encrypted files inside a simple + directory tree and provides a series of commands for manipulating the + password store, allowing the user to add, remove, edit and synchronize + passwords. + ''; + }; +} diff --git a/nixpkgs/pkgs/tools/security/passff-host/default.nix b/nixpkgs/pkgs/tools/security/passff-host/default.nix new file mode 100644 index 000000000000..4eb615b79032 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/passff-host/default.nix @@ -0,0 +1,48 @@ +{ lib, stdenv, fetchFromGitHub, python3, pass }: + +stdenv.mkDerivation rec { + pname = "passff-host"; + version = "1.2.3"; + + src = fetchFromGitHub { + owner = "passff"; + repo = pname; + rev = version; + sha256 = "sha256-1JPToJF/ruu69TEZAAvV3Zl0qcTpEyMb2qQDAWWgKNw="; + }; + + buildInputs = [ python3 ]; + makeFlags = [ "VERSION=${version}" ]; + + patchPhase = '' + sed -i 's#COMMAND = "pass"#COMMAND = "${pass}/bin/pass"#' src/passff.py + ''; + + installPhase = '' + substituteInPlace bin/${version}/passff.json \ + --replace PLACEHOLDER $out/share/passff-host/passff.py + + install -Dt $out/share/passff-host \ + bin/${version}/passff.{py,json} + + nativeMessagingPaths=( + /lib/mozilla/native-messaging-hosts + /etc/opt/chrome/native-messaging-hosts + /etc/chromium/native-messaging-hosts + /etc/vivaldi/native-messaging-hosts + /lib/librewolf/native-messaging-hosts + ) + + for manifestDir in "''${nativeMessagingPaths[@]}"; do + install -d $out$manifestDir + ln -s $out/share/passff-host/passff.json $out$manifestDir/ + done + ''; + + meta = with lib; { + description = "Host app for the WebExtension PassFF"; + homepage = "https://github.com/passff/passff-host"; + license = licenses.gpl2; + maintainers = with maintainers; [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/passphrase2pgp/default.nix b/nixpkgs/pkgs/tools/security/passphrase2pgp/default.nix new file mode 100644 index 000000000000..0ccbcca06c20 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/passphrase2pgp/default.nix @@ -0,0 +1,37 @@ +{ lib, buildGoModule, fetchFromGitHub, nix-update-script }: + +buildGoModule rec { + pname = "passphrase2pgp"; + version = "1.3.0"; + + src = fetchFromGitHub { + owner = "skeeto"; + repo = pname; + rev = "v${version}"; + hash = "sha256-it1XYzLiteL0oq4SZp5E3s6oSkFKi3ZY0Lt+P0gmNag="; + }; + + vendorHash = "sha256-2H9YRVCaari47ppSkcQYg/P4Dzb4k5PLjKAtfp39NR8="; + + postInstall = '' + mkdir -p $out/share/doc/$name + cp README.md $out/share/doc/$name + ''; + + checkPhase = '' + output=$(echo NONE | ../go/bin/passphrase2pgp -a -u NONE -i /dev/stdin | sha256sum) + if [[ "$output" != "23f59f4346f35e2feca6ef703ea64973524dec365ea672f23e7afe79be1049dd -" ]] ; then + echo "passphrase2pgp introduced backward-incompatible change" + exit 1 + fi + ''; + + passthru.updateScript = nix-update-script { }; + + meta = with lib; { + description = "Predictable, passphrase-based PGP key generator"; + homepage = "https://github.com/skeeto/passphrase2pgp"; + license = licenses.unlicense; + maintainers = with maintainers; [ kaction ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pcsc-cyberjack/default.nix b/nixpkgs/pkgs/tools/security/pcsc-cyberjack/default.nix new file mode 100644 index 000000000000..04aad0b27739 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pcsc-cyberjack/default.nix @@ -0,0 +1,43 @@ +{ lib, stdenv, fetchurl, autoreconfHook, pkg-config, libusb1, pcsclite }: + +let + version = "3.99.5"; + suffix = "SP15"; + tarBall = "${version}final.${suffix}"; + +in +stdenv.mkDerivation rec { + pname = "pcsc-cyberjack"; + inherit version; + + src = fetchurl { + url = + "https://support.reiner-sct.de/downloads/LINUX/V${version}_${suffix}/${pname}_${tarBall}.tar.bz2"; + sha256 = "sha256-rLfCgyRQcYdWcTdnxLPvUAgy1lLtUbNRELkQsR69Rno="; + }; + + outputs = [ "out" "tools" ]; + + nativeBuildInputs = [ autoreconfHook pkg-config ]; + + buildInputs = [ libusb1 pcsclite ]; + + enableParallelBuilding = true; + + env.NIX_CFLAGS_COMPILE = "-Wno-error=narrowing"; + + configureFlags = [ + "--with-usbdropdir=${placeholder "out"}/pcsc/drivers" + "--bindir=${placeholder "tools"}/bin" + ]; + + postInstall = "make -C tools/cjflash install"; + + meta = with lib; { + description = "REINER SCT cyberJack USB chipcard reader user space driver"; + homepage = "https://www.reiner-sct.com/"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ aszlig flokli ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pcsc-safenet/default.nix b/nixpkgs/pkgs/tools/security/pcsc-safenet/default.nix new file mode 100644 index 000000000000..27d3c639ac8e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pcsc-safenet/default.nix @@ -0,0 +1,103 @@ +{ stdenv +, lib +, fetchzip +, autoPatchelfHook +, dpkg +, gtk3 +, openssl_1_1 +, pcsclite +}: + +stdenv.mkDerivation rec { + pname = "pcsc-safenet"; + version = "10.8.28"; + + debName = "Installation/Standard/Ubuntu-2004/safenetauthenticationclient_${version}_amd64.deb"; + + # extract debian package from larger zip file + src = + let + versionWithUnderscores = builtins.replaceStrings ["."] ["_"] version; + in fetchzip { + url = "https://www.digicert.com/StaticFiles/SAC_${versionWithUnderscores}_GA_Build.zip"; + hash = "sha256-7XWj3T9/KnmgQ05urOJV6dqgkAS/A2G7efnqjQO2ing="; + }; + + dontBuild = true; + dontConfigure = true; + + unpackPhase = '' + dpkg-deb -x "$src/$debName" . + ''; + + buildInputs = [ + gtk3 + openssl_1_1 + pcsclite + ]; + + runtimeDependencies = [ + openssl_1_1 + ]; + + nativeBuildInputs = [ + autoPatchelfHook + dpkg + ]; + + installPhase = '' + mv usr/* . + + mkdir -p pcsc/drivers + mv -- lib/pkcs11/* pcsc/drivers/ + rmdir lib/pkcs11 + + mkdir "$out" + cp -r ./* "$out/" + + # for each library like libfoo.so.1.2.3, create symlinks to it from libfoo.so, libfoo.so.1, libfoo.so.1.2 + ( + cd "$out/lib/" || exit + for f in *.so.*.*.*; do # find library names with three-layer suffixes + ln -sf "$f" "''${f%.*}" || exit # strip only one suffix layer + ln -sf "$f" "''${f%.*.*}" || exit # strip two suffix layers + ln -sf "$f" "''${f%.*.*.*}" || exit # strip all three suffix layers + done + ) || exit + + # when library links are missing in pcsc/drivers, create them + ( + cd "$out/pcsc/drivers" || exit + for f in *; do + if [[ ! -e $f && -e ../../lib/$f ]]; then + ln -sf ../../lib/"$f" "$f" || exit + fi + done + ) || exit + + ln -sf ${lib.getLib openssl_1_1}/lib/libcrypto.so $out/lib/libcrypto.so.1.1.0 + ''; + + dontAutoPatchelf = true; + + # Patch DYN shared libraries (autoPatchElfHook only patches EXEC | INTERP). + postFixup = '' + autoPatchelf "$out" + + runtime_rpath="${lib.makeLibraryPath runtimeDependencies}" + + for mod in $(find "$out" -type f -name '*.so.*'); do + mod_rpath="$(patchelf --print-rpath "$mod")" + patchelf --set-rpath "$runtime_rpath:$mod_rpath" "$mod" + done; + ''; + + meta = with lib; { + homepage = "https://safenet.gemalto.com/multi-factor-authentication/security-applications/authentication-client-token-management"; + description = "Safenet Authentication Client"; + platforms = [ "x86_64-linux" ]; + sourceProvenance = with sourceTypes; [ binaryNativeCode ]; + license = licenses.unfree; + maintainers = with maintainers; [ wldhx ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pcsc-scm-scl011/default.nix b/nixpkgs/pkgs/tools/security/pcsc-scm-scl011/default.nix new file mode 100644 index 000000000000..af3a95f0a2aa --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pcsc-scm-scl011/default.nix @@ -0,0 +1,49 @@ +{ lib, stdenv, fetchurl, unzip, libusb-compat-0_1 }: + +let + arch = if stdenv.hostPlatform.system == "i686-linux" then "32" + else if stdenv.hostPlatform.system == "x86_64-linux" then "64" + else throw "Unsupported system: ${stdenv.hostPlatform.system}"; +in +stdenv.mkDerivation rec { + pname = "pcsc-scm-scl"; + version = "2.09"; + + src = fetchurl { + url = "http://files.identiv.com/products/smart-card-readers/contactless/scl010-011/Linux_Driver_Ver${version}.zip"; + sha256 = "0ik26sxgqgsqplksl87z61vwmx51k7plaqmrkdid7xidgfhfxr42"; + }; + + nativeBuildInputs = [ unzip ]; + + unpackPhase = '' + unzip $src + tar xf "Linux Driver Ver${version}/sclgeneric_${version}_linux_${arch}bit.tar.gz" + export sourceRoot=$(readlink -e sclgeneric_${version}_linux_${arch}bit) + ''; + + # Add support for SCL011 nPA (subsidized model for German eID) + patches = [ ./eid.patch ]; + + installPhase = '' + mkdir -p $out/pcsc/drivers + cp -r proprietary/*.bundle $out/pcsc/drivers + ''; + + libPath = lib.makeLibraryPath [ libusb-compat-0_1 ]; + + fixupPhase = '' + patchelf --set-rpath $libPath \ + $out/pcsc/drivers/SCLGENERIC.bundle/Contents/Linux/libSCLGENERIC.so.${version}; + ''; + + meta = with lib; { + description = "SCM Microsystems SCL011 chipcard reader user space driver"; + homepage = "https://www.scm-pc-card.de/index.php?lang=en&page=product&function=show_product&product_id=630"; + downloadPage = "https://support.identiv.com/scl010-scl011/"; + sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ]; + license = licenses.unfreeRedistributable; + maintainers = with maintainers; [ sephalon ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pcsc-scm-scl011/eid.patch b/nixpkgs/pkgs/tools/security/pcsc-scm-scl011/eid.patch new file mode 100644 index 000000000000..6e7ffd60f72f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pcsc-scm-scl011/eid.patch @@ -0,0 +1,28 @@ +diff --git a/proprietary/SCLGENERIC.bundle/Contents/Info.plist b/proprietary/SCLGENERIC.bundle/Contents/Info.plist +index 412d6b9..5d1c6cc 100755 +--- a/proprietary/SCLGENERIC.bundle/Contents/Info.plist ++++ b/proprietary/SCLGENERIC.bundle/Contents/Info.plist +@@ -34,6 +34,7 @@ + <string>0x04E6</string> + <string>0x04E6</string> + <string>0x04E6</string> ++ <string>0x04E6</string> + </array> + + <key>ifdProductID</key> +@@ -42,6 +43,7 @@ + <string>0x5291</string> + <string>0x5290</string> + <string>0x5293</string> ++ <string>0x5292</string> + </array> + + <key>ifdFriendlyName</key> +@@ -50,6 +52,7 @@ + <string>SCL010 Contactless Reader</string> + <string>SCR331CL-NTTCom</string> + <string>SCL011G Contactless Reader</string> ++ <string>SCM Microsystems, Inc. SCL011 RFID reader</string> + </array> + + </dict> diff --git a/nixpkgs/pkgs/tools/security/pcsclite/default.nix b/nixpkgs/pkgs/tools/security/pcsclite/default.nix new file mode 100644 index 000000000000..478cca8be0e2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pcsclite/default.nix @@ -0,0 +1,72 @@ +{ stdenv +, lib +, fetchurl +, autoreconfHook +, autoconf-archive +, pkg-config +, perl +, python3 +, dbus +, polkit +, systemdMinimal +, IOKit +, pname ? "pcsclite" +, polkitSupport ? false +}: + +stdenv.mkDerivation rec { + inherit pname; + version = "1.9.5"; + + outputs = [ "bin" "out" "dev" "doc" "man" ]; + + src = fetchurl { + url = "https://pcsclite.apdu.fr/files/pcsc-lite-${version}.tar.bz2"; + hash = "sha256-nuP5szNTdWIXeJNVmtT3uNXCPr6Cju9TBWwC2xQEnQg="; + }; + + patches = [ ./no-dropdir-literals.patch ]; + + postPatch = '' + sed -i configure.ac \ + -e "s@polkit_policy_dir=.*@polkit_policy_dir=$bin/share/polkit-1/actions@" + ''; + + configureFlags = [ + "--enable-confdir=/etc" + # The OS should care on preparing the drivers into this location + "--enable-usbdropdir=/var/lib/pcsc/drivers" + (lib.enableFeature stdenv.isLinux "libsystemd") + (lib.enableFeature polkitSupport "polkit") + ] ++ lib.optionals stdenv.isLinux [ + "--enable-ipcdir=/run/pcscd" + "--with-systemdsystemunitdir=${placeholder "bin"}/lib/systemd/system" + ]; + + postConfigure = '' + sed -i -re '/^#define *PCSCLITE_HP_DROPDIR */ { + s/(DROPDIR *)(.*)/\1(getenv("PCSCLITE_HP_DROPDIR") ? : \2)/ + }' config.h + ''; + + postInstall = '' + # pcsc-spy is a debugging utility and it drags python into the closure + moveToOutput bin/pcsc-spy "$dev" + ''; + + enableParallelBuilding = true; + + nativeBuildInputs = [ autoreconfHook autoconf-archive pkg-config perl ]; + + buildInputs = [ python3 ] + ++ lib.optionals stdenv.isLinux [ systemdMinimal ] + ++ lib.optionals stdenv.isDarwin [ IOKit ] + ++ lib.optionals polkitSupport [ dbus polkit ]; + + meta = with lib; { + description = "Middleware to access a smart card using SCard API (PC/SC)"; + homepage = "https://pcsclite.apdu.fr/"; + license = licenses.bsd3; + platforms = with platforms; unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pcsclite/no-dropdir-literals.patch b/nixpkgs/pkgs/tools/security/pcsclite/no-dropdir-literals.patch new file mode 100644 index 000000000000..4c6d5554d77a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pcsclite/no-dropdir-literals.patch @@ -0,0 +1,47 @@ +diff --git a/src/hotplug_libudev.c b/src/hotplug_libudev.c +index 51bd95f..84f959b 100644 +--- a/src/hotplug_libudev.c ++++ b/src/hotplug_libudev.c +@@ -120,7 +120,8 @@ static LONG HPReadBundleValues(void) + + if (NULL == hpDir) + { +- Log1(PCSC_LOG_ERROR, "Cannot open PC/SC drivers directory: " PCSCLITE_HP_DROPDIR); ++ Log2(PCSC_LOG_ERROR, "Cannot open PC/SC drivers directory: %s", ++ PCSCLITE_HP_DROPDIR); + Log1(PCSC_LOG_ERROR, "Disabling USB support for pcscd."); + return -1; + } +@@ -741,7 +742,7 @@ ULONG HPRegisterForHotplugEvents(void) + + if (driverSize <= 0) + { +- Log1(PCSC_LOG_INFO, "No bundle files in pcsc drivers directory: " ++ Log2(PCSC_LOG_INFO, "No bundle files in pcsc drivers directory: %s", + PCSCLITE_HP_DROPDIR); + Log1(PCSC_LOG_INFO, "Disabling USB support for pcscd"); + return 0; +diff --git a/src/hotplug_libusb.c b/src/hotplug_libusb.c +index 0ada9f5..d49a407 100644 +--- a/src/hotplug_libusb.c ++++ b/src/hotplug_libusb.c +@@ -142,7 +142,8 @@ static LONG HPReadBundleValues(void) + + if (hpDir == NULL) + { +- Log1(PCSC_LOG_ERROR, "Cannot open PC/SC drivers directory: " PCSCLITE_HP_DROPDIR); ++ Log2(PCSC_LOG_ERROR, "Cannot open PC/SC drivers directory: %s", ++ PCSCLITE_HP_DROPDIR); + Log1(PCSC_LOG_ERROR, "Disabling USB support for pcscd."); + return -1; + } +@@ -282,7 +283,8 @@ static LONG HPReadBundleValues(void) + + if (driverSize == 0) + { +- Log1(PCSC_LOG_INFO, "No bundle files in pcsc drivers directory: " PCSCLITE_HP_DROPDIR); ++ Log2(PCSC_LOG_INFO, "No bundle files in pcsc drivers directory: %s", ++ PCSCLITE_HP_DROPDIR); + Log1(PCSC_LOG_INFO, "Disabling USB support for pcscd"); + } + #ifdef DEBUG_HOTPLUG diff --git a/nixpkgs/pkgs/tools/security/pcsctools/default.nix b/nixpkgs/pkgs/tools/security/pcsctools/default.nix new file mode 100644 index 000000000000..ec2a5f3fb305 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pcsctools/default.nix @@ -0,0 +1,57 @@ +{ stdenv +, lib +, fetchFromGitHub +, autoreconfHook +, makeWrapper +, pkg-config +, systemd +, dbus +, pcsclite +, wget +, coreutils +, perlPackages +}: + +stdenv.mkDerivation rec { + pname = "pcsc-tools"; + version = "1.6.2"; + + src = fetchFromGitHub { + owner = "LudovicRousseau"; + repo = pname; + rev = version; + sha256 = "sha256-c7md8m1llvz0EQqA0qY4aGb3guGFoj+8uS4hUTzie5o="; + }; + + postPatch = '' + substituteInPlace ATR_analysis \ + --replace /usr/local/pcsc /etc/pcsc \ + --replace /usr/share/pcsc $out/share/pcsc + ''; + + buildInputs = [ dbus perlPackages.perl pcsclite ] + ++ lib.optional stdenv.isLinux systemd; + + nativeBuildInputs = [ autoreconfHook makeWrapper pkg-config ]; + + postInstall = '' + wrapProgram $out/bin/scriptor \ + --set PERL5LIB "${with perlPackages; makePerlPath [ pcscperl ]}" + wrapProgram $out/bin/gscriptor \ + --set PERL5LIB "${with perlPackages; makePerlPath [ pcscperl GlibObjectIntrospection Glib Gtk3 Pango Cairo CairoGObject ]}" + wrapProgram $out/bin/ATR_analysis \ + --set PERL5LIB "${with perlPackages; makePerlPath [ pcscperl ]}" + wrapProgram $out/bin/pcsc_scan \ + --prefix PATH : "$out/bin:${lib.makeBinPath [ coreutils wget ]}" + + install -Dm444 -t $out/share/pcsc smartcard_list.txt + ''; + + meta = with lib; { + description = "Tools used to test a PC/SC driver, card or reader"; + homepage = "https://pcsc-tools.apdu.fr/"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ peterhoeg ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pdfcrack/default.nix b/nixpkgs/pkgs/tools/security/pdfcrack/default.nix new file mode 100644 index 000000000000..d4930b023b6f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pdfcrack/default.nix @@ -0,0 +1,26 @@ +{ lib +, stdenv +, fetchurl +}: + +stdenv.mkDerivation rec { + pname = "pdfcrack"; + version = "0.20"; + + src = fetchurl { + url = "mirror://sourceforge/pdfcrack/pdfcrack/pdfcrack-${version}.tar.gz"; + hash = "sha256-e4spsY/NXLmErrZA7gbt8J/t5HCbWcMv7k8thoYN5bQ="; + }; + + installPhase = '' + install -Dt $out/bin pdfcrack + ''; + + meta = with lib; { + homepage = "https://pdfcrack.sourceforge.net/"; + description = "Small command line driven tool for recovering passwords and content from PDF files"; + license = with licenses; [ gpl2Plus ]; + platforms = platforms.all; + maintainers = with maintainers; [ qoelet ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pentestgpt/default.nix b/nixpkgs/pkgs/tools/security/pentestgpt/default.nix new file mode 100644 index 000000000000..328ba0ca9a8f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pentestgpt/default.nix @@ -0,0 +1,57 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "pentestgpt"; + version = "unstable-2023-06-27"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "GreyDGL"; + repo = "PentestGPT"; + rev = "e63a91f466a035e036827e8f492bc47c5c1135af"; + hash = "sha256-m0R/kMmbr5Ixuqvw6ZRoaAGCnI3j86Iwk4+TYqv0WbU="; + }; + + postPatch = '' + substituteInPlace requirements.txt \ + --replace "playwright==1.28.0" "playwright" \ + --replace "beautifulsoup4~=4.11.2" "" \ + --replace "black" "" \ + --replace "pytest" "" + ''; + + propagatedBuildInputs = with python3.pkgs; [ + beautifulsoup4 + colorama + google + langchain + loguru + openai + playwright + prompt-toolkit + pycookiecheat + pyyaml + requests + rich + sqlmap + tiktoken + ]; + + # Tests require network access + doCheck = false; + + pythonImportsCheck = [ + "pentestgpt" + ]; + + meta = with lib; { + description = "GPT-empowered penetration testing tool"; + homepage = "https://github.com/GreyDGL/PentestGPT"; + changelog = "https://github.com/GreyDGL/PentestGPT/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pgpdump/default.nix b/nixpkgs/pkgs/tools/security/pgpdump/default.nix new file mode 100644 index 000000000000..60dc724d5aa9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pgpdump/default.nix @@ -0,0 +1,29 @@ +{ lib, stdenv, fetchFromGitHub +, supportCompressedPackets ? true, zlib, bzip2 +}: + +stdenv.mkDerivation rec { + pname = "pgpdump"; + version = "0.35"; + + src = fetchFromGitHub { + owner = "kazu-yamamoto"; + repo = "pgpdump"; + rev = "v${version}"; + sha256 = "sha256-GjPy/feF437WtDqbEn1lGwWayWtvKhqsyJFMuH3IFl4="; + }; + + buildInputs = lib.optionals supportCompressedPackets [ zlib bzip2 ]; + + meta = with lib; { + description = "A PGP packet visualizer"; + longDescription = '' + pgpdump is a PGP packet visualizer which displays the packet format of + OpenPGP (RFC 4880) and PGP version 2 (RFC 1991). + ''; + homepage = "http://www.mew.org/~kazu/proj/pgpdump/en/"; + license = licenses.bsd3; + platforms = platforms.unix; + maintainers = with maintainers; [ primeos ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/phrasendrescher/default.nix b/nixpkgs/pkgs/tools/security/phrasendrescher/default.nix new file mode 100644 index 000000000000..d4f7242b2896 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/phrasendrescher/default.nix @@ -0,0 +1,29 @@ +{ lib, stdenv, fetchurl, openssl, libssh2, gpgme }: + +stdenv.mkDerivation rec { + pname = "phrasendrescher"; + version = "1.2.2c"; + + src = fetchurl { + url = "http://leidecker.info/projects/${pname}/${pname}-${version}.tar.gz"; + sha256 = "18vg6h294219v14x5zqm8ddmq5amxlbz7pw81lcmpz8v678kwyph"; + }; + + postPatch = '' + substituteInPlace configure \ + --replace 'SSL_LIB="ssl"' 'SSL_LIB="crypto"' + ''; + + buildInputs = [ openssl libssh2 gpgme ]; + + configureFlags = [ "--with-plugins" ]; + + meta = with lib; { + description = "A modular and multi processing pass phrase cracking tool"; + homepage = "https://leidecker.info/projects/phrasendrescher/index.shtml"; + license = licenses.gpl2Plus; + platforms = platforms.all; + maintainers = with maintainers; [ bjornfor ]; + mainProgram = "pd"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pinentry-bemenu/default.nix b/nixpkgs/pkgs/tools/security/pinentry-bemenu/default.nix new file mode 100644 index 000000000000..aec655d0b559 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pinentry-bemenu/default.nix @@ -0,0 +1,25 @@ +{ lib, stdenv, fetchFromGitHub, meson, ninja, pkg-config, libassuan +, libgpg-error, popt, bemenu }: + +stdenv.mkDerivation rec { + pname = "pinentry-bemenu"; + version = "0.12.0"; + + src = fetchFromGitHub { + owner = "t-8ch"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-5ll4a/1Ughx0s2l/mcIsp1g4oNoNhm0RWvY/tXDvPGE="; + }; + + nativeBuildInputs = [ meson ninja pkg-config ]; + buildInputs = [ libassuan libgpg-error popt bemenu ]; + + meta = with lib; { + description = "Pinentry implementation based on bemenu"; + homepage = "https://github.com/t-8ch/pinentry-bemenu"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ jc ]; + platforms = with platforms; linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pinentry-rofi/default.nix b/nixpkgs/pkgs/tools/security/pinentry-rofi/default.nix new file mode 100644 index 000000000000..67b23697525c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pinentry-rofi/default.nix @@ -0,0 +1,41 @@ +{ stdenv +, lib +, fetchFromGitHub +, pkg-config +, autoreconfHook +, autoconf-archive +, guile +, texinfo +, rofi +}: + +stdenv.mkDerivation rec { + pname = "pinentry-rofi"; + version = "2.0.4"; + + src = fetchFromGitHub { + owner = "plattfot"; + repo = pname; + rev = version; + sha256 = "sha256-H9Y7oPLpDuKtIy80HLS8/iXpOq8ZKiy8ZIH2NwguetY="; + }; + + nativeBuildInputs = [ + autoconf-archive + autoreconfHook + pkg-config + texinfo + ]; + + buildInputs = [ guile ]; + + propagatedBuildInputs = [ rofi ]; + + meta = with lib; { + description = "Rofi frontend to pinentry"; + homepage = "https://github.com/plattfot/pinentry-rofi"; + license = licenses.gpl3Plus; + platforms = platforms.unix; + maintainers = with maintainers; [ seqizz ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pinentry/autoconf-ar.patch b/nixpkgs/pkgs/tools/security/pinentry/autoconf-ar.patch new file mode 100644 index 000000000000..6f531cfce325 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pinentry/autoconf-ar.patch @@ -0,0 +1,35 @@ +diff -ur a/configure.ac b/configure.ac +--- a/configure.ac 2019-09-14 11:30:11.584847746 +0000 ++++ b/configure.ac 2019-09-14 11:31:26.692355265 +0000 +@@ -81,6 +81,7 @@ + AC_PROG_CPP + AC_PROG_INSTALL + AC_PROG_RANLIB ++AC_CHECK_TOOL(AR, ar) + # We need to check for cplusplus here because we may not do the test + # for Qt and autoconf does does not allow that. + AC_PROG_CXX +diff -ur a/pinentry/Makefile.in b/pinentry/Makefile.in +--- a/pinentry/Makefile.in 2017-12-03 17:43:23.000000000 +0000 ++++ b/pinentry/Makefile.in 2019-09-14 11:32:02.532000236 +0000 +@@ -113,7 +113,7 @@ + CONFIG_CLEAN_FILES = + CONFIG_CLEAN_VPATH_FILES = + LIBRARIES = $(noinst_LIBRARIES) +-AR = ar ++AR = @AR@ + ARFLAGS = cru + AM_V_AR = $(am__v_AR_@AM_V@) + am__v_AR_ = $(am__v_AR_@AM_DEFAULT_V@) +diff -ur a/secmem/Makefile.in b/secmem/Makefile.in +--- a/secmem/Makefile.in 2017-12-03 17:43:23.000000000 +0000 ++++ b/secmem/Makefile.in 2019-09-14 11:31:58.764934552 +0000 +@@ -113,7 +113,7 @@ + CONFIG_CLEAN_FILES = + CONFIG_CLEAN_VPATH_FILES = + LIBRARIES = $(noinst_LIBRARIES) +-AR = ar ++AR = @AR@ + ARFLAGS = cru + AM_V_AR = $(am__v_AR_@AM_V@) + am__v_AR_ = $(am__v_AR_@AM_DEFAULT_V@) diff --git a/nixpkgs/pkgs/tools/security/pinentry/default.nix b/nixpkgs/pkgs/tools/security/pinentry/default.nix new file mode 100644 index 000000000000..baa78521f345 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pinentry/default.nix @@ -0,0 +1,100 @@ +{ fetchurl, mkDerivation, fetchpatch, stdenv, lib, pkg-config, autoreconfHook, wrapGAppsHook +, libgpg-error, libassuan, qtbase, wrapQtAppsHook +, ncurses, gtk2, gcr +, withLibsecret ? true, libsecret +, enabledFlavors ? [ "curses" "tty" "gtk2" "emacs" ] + ++ lib.optionals stdenv.isLinux [ "gnome3" ] + ++ lib.optionals (!stdenv.isDarwin) [ "qt" ] +}: + +assert lib.isList enabledFlavors && enabledFlavors != []; + +let + pinentryMkDerivation = + if (builtins.elem "qt" enabledFlavors) + then mkDerivation + else stdenv.mkDerivation; + + enableFeaturePinentry = f: + let + flag = flavorInfo.${f}.flag or null; + in + lib.optionalString (flag != null) + (lib.enableFeature (lib.elem f enabledFlavors) ("pinentry-" + flag)); + + flavorInfo = { + curses = { bin = "curses"; flag = "curses"; buildInputs = [ ncurses ]; }; + tty = { bin = "tty"; flag = "tty"; }; + gtk2 = { bin = "gtk-2"; flag = "gtk2"; buildInputs = [ gtk2 ]; }; + gnome3 = { bin = "gnome3"; flag = "gnome3"; buildInputs = [ gcr ]; nativeBuildInputs = [ wrapGAppsHook ]; }; + qt = { bin = "qt"; flag = "qt"; buildInputs = [ qtbase ]; nativeBuildInputs = [ wrapQtAppsHook ]; }; + emacs = { bin = "emacs"; flag = "emacs"; buildInputs = []; }; + }; + +in + +pinentryMkDerivation rec { + pname = "pinentry"; + version = "1.2.1"; + + src = fetchurl { + url = "mirror://gnupg/pinentry/${pname}-${version}.tar.bz2"; + sha256 = "sha256-RXoYXlqFI4+5RalV3GNSq5YtyLSHILYvyfpIx1QKQGc="; + }; + + nativeBuildInputs = [ pkg-config autoreconfHook ] + ++ lib.concatMap(f: flavorInfo.${f}.nativeBuildInputs or []) enabledFlavors; + + buildInputs = [ libgpg-error libassuan ] + ++ lib.optional withLibsecret libsecret + ++ lib.concatMap(f: flavorInfo.${f}.buildInputs or []) enabledFlavors; + + dontWrapGApps = true; + dontWrapQtApps = true; + + patches = [ + ./autoconf-ar.patch + ] ++ lib.optionals (lib.elem "gtk2" enabledFlavors) [ + (fetchpatch { + url = "https://salsa.debian.org/debian/pinentry/raw/debian/1.1.0-1/debian/patches/0007-gtk2-When-X11-input-grabbing-fails-try-again-over-0..patch"; + sha256 = "15r1axby3fdlzz9wg5zx7miv7gqx2jy4immaw4xmmw5skiifnhfd"; + }) + ]; + + configureFlags = [ + "--with-libgpg-error-prefix=${libgpg-error.dev}" + "--with-libassuan-prefix=${libassuan.dev}" + (lib.enableFeature withLibsecret "libsecret") + ] ++ (map enableFeaturePinentry (lib.attrNames flavorInfo)); + + postInstall = + lib.concatStrings (lib.flip map enabledFlavors (f: + let + binary = "pinentry-" + flavorInfo.${f}.bin; + in '' + moveToOutput bin/${binary} ${placeholder f} + ln -sf ${placeholder f}/bin/${binary} ${placeholder f}/bin/pinentry + '' + lib.optionalString (f == "gnome3") '' + wrapGApp ${placeholder f}/bin/${binary} + '' + lib.optionalString (f == "qt") '' + wrapQtApp ${placeholder f}/bin/${binary} + '')) + '' + ln -sf ${placeholder (lib.head enabledFlavors)}/bin/pinentry-${flavorInfo.${lib.head enabledFlavors}.bin} $out/bin/pinentry + ''; + + outputs = [ "out" ] ++ enabledFlavors; + + passthru = { flavors = enabledFlavors; }; + + meta = with lib; { + homepage = "http://gnupg.org/aegypten2/"; + description = "GnuPG’s interface to passphrase input"; + license = licenses.gpl2Plus; + platforms = platforms.all; + longDescription = '' + Pinentry provides a console and (optional) GTK and Qt GUIs allowing users + to enter a passphrase when `gpg' or `gpg2' is run and needs it. + ''; + maintainers = with maintainers; [ ttuegel fpletz ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pinentry/mac.nix b/nixpkgs/pkgs/tools/security/pinentry/mac.nix new file mode 100644 index 000000000000..d824a816dc90 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pinentry/mac.nix @@ -0,0 +1,89 @@ +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, libassuan +, libgpg-error +, libiconv +, texinfo +, common-updater-scripts +, writers +, Cocoa +}: + +stdenv.mkDerivation rec { + pname = "pinentry-mac"; + + # NOTE: Don't update manually. Use passthru.updateScript on a Mac with XCode + # installed. + version = "1.1.1.1"; + + src = fetchFromGitHub { + owner = "GPGTools"; + repo = "pinentry"; + rev = "v${version}"; + sha256 = "sha256-QnDuqFrI/U7aZ5WcOCp5vLE+w59LVvDGOFNQy9fSy70="; + }; + + # use pregenerated nib files because generating them requires XCode + postPatch = '' + cp -r ${./mac/Main.nib} macosx/Main.nib + cp -r ${./mac/Pinentry.nib} macosx/Pinentry.nib + chmod -R u+w macosx/*.nib + ''; + + # Unfortunately, PlistBuddy from xcbuild is not compatible enough pinentry-mac’s build process. + sandboxProfile = '' + (allow process-exec (literal "/usr/libexec/PlistBuddy")) + ''; + + nativeBuildInputs = [ autoreconfHook texinfo ]; + buildInputs = [ libassuan libgpg-error libiconv Cocoa ]; + + configureFlags = [ "--enable-maintainer-mode" "--disable-ncurses" ]; + + installPhase = '' + mkdir -p $out/Applications + mv macosx/pinentry-mac.app $out/Applications + ''; + + enableParallelBuilding = true; + + passthru = { + binaryPath = "Applications/pinentry-mac.app/Contents/MacOS/pinentry-mac"; + updateScript = writers.writeBash "update-pinentry-mac" '' + set -euxo pipefail + + main() { + tag="$(queryLatestTag)" + ver="$(expr "$tag" : 'v\(.*\)')" + + ${common-updater-scripts}/bin/update-source-version pinentry_mac "$ver" + + cd ${lib.escapeShellArg ./.} + rm -rf mac + mkdir mac + + srcDir="$(nix-build ../../../.. --no-out-link -A pinentry_mac.src)" + for path in "$srcDir"/macosx/*.xib; do + filename="''${path##*/}" + /usr/bin/ibtool --compile "mac/''${filename%.*}.nib" "$path" + done + } + + queryLatestTag() { + curl -sS https://api.github.com/repos/GPGTools/pinentry/tags \ + | jq -r '.[] | .name' | sort --version-sort | tail -1 + } + + main + ''; + }; + + meta = { + description = "Pinentry for GPG on Mac"; + license = lib.licenses.gpl2Plus; + homepage = "https://github.com/GPGTools/pinentry-mac"; + platforms = lib.platforms.darwin; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pinentry/mac/Main.nib/keyedobjects-101300.nib b/nixpkgs/pkgs/tools/security/pinentry/mac/Main.nib/keyedobjects-101300.nib new file mode 100644 index 000000000000..18cc1c8b46f5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pinentry/mac/Main.nib/keyedobjects-101300.nib Binary files differdiff --git a/nixpkgs/pkgs/tools/security/pinentry/mac/Main.nib/keyedobjects.nib b/nixpkgs/pkgs/tools/security/pinentry/mac/Main.nib/keyedobjects.nib new file mode 100644 index 000000000000..90635122ffdc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pinentry/mac/Main.nib/keyedobjects.nib Binary files differdiff --git a/nixpkgs/pkgs/tools/security/pinentry/mac/Pinentry.nib/keyedobjects-101300.nib b/nixpkgs/pkgs/tools/security/pinentry/mac/Pinentry.nib/keyedobjects-101300.nib new file mode 100644 index 000000000000..6df3d5f46227 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pinentry/mac/Pinentry.nib/keyedobjects-101300.nib Binary files differdiff --git a/nixpkgs/pkgs/tools/security/pinentry/mac/Pinentry.nib/keyedobjects.nib b/nixpkgs/pkgs/tools/security/pinentry/mac/Pinentry.nib/keyedobjects.nib new file mode 100644 index 000000000000..aa8bca0d085e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pinentry/mac/Pinentry.nib/keyedobjects.nib Binary files differdiff --git a/nixpkgs/pkgs/tools/security/pius/default.nix b/nixpkgs/pkgs/tools/security/pius/default.nix new file mode 100644 index 000000000000..3612caa196c2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pius/default.nix @@ -0,0 +1,41 @@ +{ fetchFromGitHub, lib, python3Packages, gnupg, perl }: + +let version = "3.0.0"; in +python3Packages.buildPythonApplication { + pname = "pius"; + namePrefix = ""; + inherit version; + + src = fetchFromGitHub { + owner = "jaymzh"; + repo = "pius"; + rev = "v${version}"; + sha256 = "0l87dx7n6iwy8alxnhvval8h1kl4da6a59hsilbi65c6bpj4dh3y"; + }; + + patchPhase = '' + for file in libpius/constants.py pius-keyring-mgr; do + sed -i "$file" -E -e's|/usr/bin/gpg2?|${gnupg}/bin/gpg|g' + done + ''; + + buildInputs = [ perl ]; + + meta = { + homepage = "https://www.phildev.net/pius/"; + + description = "PGP Individual UID Signer (PIUS), quickly and easily sign UIDs on a set of PGP keys"; + + longDescription = + '' This software will allow you to quickly and easily sign each UID on + a set of PGP keys. It is designed to take the pain out of the + sign-all-the-keys part of PGP Keysigning Party while adding security + to the process. + ''; + + license = lib.licenses.gpl2; + + platforms = lib.platforms.gnu ++ lib.platforms.linux; + maintainers = with lib.maintainers; [ kierdavis ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/plasma-pass/default.nix b/nixpkgs/pkgs/tools/security/plasma-pass/default.nix new file mode 100644 index 000000000000..da276aef50da --- /dev/null +++ b/nixpkgs/pkgs/tools/security/plasma-pass/default.nix @@ -0,0 +1,41 @@ +{ mkDerivation, lib, fetchFromGitLab, cmake, extra-cmake-modules +, ki18n +, kitemmodels +, oath-toolkit +, qgpgme +, plasma-framework +, qt5 }: + +mkDerivation rec { + pname = "plasma-pass"; + version = "1.2.1"; + + src = fetchFromGitLab { + domain = "invent.kde.org"; + owner = "plasma"; + repo = "plasma-pass"; + sha256 = "sha256-lCNskOXkSIcMPcMnTWE37sDCXfmtP0FhyMzxeF6L0iU="; + rev = "v${version}"; + }; + + buildInputs = [ + ki18n + kitemmodels + oath-toolkit + qgpgme + plasma-framework + qt5.qtbase + qt5.qtdeclarative + ]; + + nativeBuildInputs = [ cmake extra-cmake-modules ]; + + meta = with lib; { + description = "A Plasma applet to access passwords from pass, the standard UNIX password manager"; + homepage = "https://invent.kde.org/plasma/plasma-pass"; + license = licenses.lgpl21Plus; + maintainers = with maintainers; [ matthiasbeyer ]; + platforms = platforms.unix; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/please/default.nix b/nixpkgs/pkgs/tools/security/please/default.nix new file mode 100644 index 000000000000..2ecbc9ab3035 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/please/default.nix @@ -0,0 +1,53 @@ +{ lib +, rustPlatform +, fetchFromGitLab +, installShellFiles +, pam +, nixosTests +}: + +rustPlatform.buildRustPackage rec { + pname = "please"; + version = "0.5.4"; + + src = fetchFromGitLab { + owner = "edneville"; + repo = "please"; + rev = "v${version}"; + hash = "sha256-GW2t3pTX06mqEwFTpiLe3mlzFTmb5Fep5R0yHooRmig="; + }; + + cargoHash = "sha256-bd3Pc8QPyPjE+xVcwASDILTXvMCioId/n6dXSr/KDOQ="; + + nativeBuildInputs = [ installShellFiles ]; + + buildInputs = [ pam ]; + + patches = [ ./nixos-specific.patch ]; + + postInstall = '' + installManPage man/* + ''; + + # Unit tests are broken on NixOS. + doCheck = false; + + passthru.tests = { inherit (nixosTests) please; }; + + meta = with lib; { + description = "A polite regex-first sudo alternative"; + longDescription = '' + Delegate accurate least privilege access with ease. Express easily with a + regex and expose only what is needed and nothing more. Or validate file + edits with pleaseedit. + + Please is written with memory safe rust. Traditional C memory unsafety is + avoided, logic problems may exist but this codebase is relatively small. + ''; + homepage = "https://www.usenix.org.uk/content/please.html"; + changelog = "https://github.com/edneville/please/blob/${src.rev}/CHANGELOG.md"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ azahi ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/please/nixos-specific.patch b/nixpkgs/pkgs/tools/security/please/nixos-specific.patch new file mode 100644 index 000000000000..890434532a5b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/please/nixos-specific.patch @@ -0,0 +1,13 @@ +diff --git i/src/lib.rs w/src/lib.rs +index 5e98cfa..539434f 100644 +--- i/src/lib.rs ++++ w/src/lib.rs +@@ -1755,7 +1755,7 @@ pub fn search_path(ro: &mut RunOptions, item: &EnvOptions) -> Option<String> { + let dirs = if item.search_path.is_some() { + item.search_path.as_ref().unwrap() + } else { +- "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ++ "/run/wrappers/bin:/run/current-system/sw/sbin:/run/current-system/sw/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + }; + + for dir in dirs.split(':') { diff --git a/nixpkgs/pkgs/tools/security/plecost/default.nix b/nixpkgs/pkgs/tools/security/plecost/default.nix new file mode 100644 index 000000000000..23dd8c220cac --- /dev/null +++ b/nixpkgs/pkgs/tools/security/plecost/default.nix @@ -0,0 +1,40 @@ +{ lib, python3Packages, fetchFromGitHub, fetchpatch }: + +python3Packages.buildPythonApplication rec { + pname = "plecost"; + version = "1.1.4"; + + src = fetchFromGitHub { + owner = "iniqua"; + repo = pname; + # Release is untagged + rev = "aa40e504bee95cf731f0cc9f228bcf5fdfbe6194"; + sha256 = "K8ESI2EOqH9zBDfSKgVcTKjCMdRhBiwltIbXDt1vF+M="; + }; + + patches = [ + # Fix compatibility with aiohttp 3.x + # Merged - pending next release + (fetchpatch { + url = "https://github.com/iniqua/plecost/pull/34/commits/c09e7fab934f136f8fbc5f219592cf5fec151cf9.patch"; + sha256 = "sha256-G7Poo3+d+PQTrg8PCrmsG6nMHt8CXgiuAu+ZNvK8oiw="; + }) + ]; + + propagatedBuildInputs = with python3Packages; [ + aiohttp + async-timeout + termcolor + lxml + ]; + + # Project has no tests + doCheck = false; + + meta = with lib; { + description = "Vulnerability fingerprinting and vulnerability finder for Wordpress blog engine"; + homepage = "https://github.com/iniqua/plecost"; + license = licenses.bsd3; + maintainers = with maintainers; [ emilytrau ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/polkit-gnome/default.nix b/nixpkgs/pkgs/tools/security/polkit-gnome/default.nix new file mode 100644 index 000000000000..e0d57d9bde23 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/polkit-gnome/default.nix @@ -0,0 +1,29 @@ +{ lib, stdenv, fetchurl, polkit, gtk3, pkg-config, intltool }: +stdenv.mkDerivation rec { + pname = "polkit-gnome"; + version = "0.105"; + + src = fetchurl { + url = "mirror://gnome/sources/polkit-gnome/${version}/${pname}-${version}.tar.xz"; + sha256 = "0sckmcbxyj6sbrnfc5p5lnw27ccghsid6v6wxq09mgxqcd4lk10p"; + }; + + buildInputs = [ polkit gtk3 ]; + nativeBuildInputs = [ pkg-config intltool ]; + + configureFlags = [ "--disable-introspection" ]; + + # Desktop file from Debian + postInstall = '' + mkdir -p $out/etc/xdg/autostart + substituteAll ${./polkit-gnome-authentication-agent-1.desktop} $out/etc/xdg/autostart/polkit-gnome-authentication-agent-1.desktop + ''; + + meta = { + homepage = "https://gitlab.gnome.org/Archive/policykit-gnome"; + description = "A dbus session bus service that is used to bring up authentication dialogs"; + license = lib.licenses.lgpl2Plus; + maintainers = with lib.maintainers; [ ]; + platforms = lib.platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/polkit-gnome/polkit-gnome-authentication-agent-1.desktop b/nixpkgs/pkgs/tools/security/polkit-gnome/polkit-gnome-authentication-agent-1.desktop new file mode 100644 index 000000000000..5ddda50cb015 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/polkit-gnome/polkit-gnome-authentication-agent-1.desktop @@ -0,0 +1,88 @@ +[Desktop Entry] +Name=PolicyKit Authentication Agent +Name[ar]=مدير الاستيثاق PolicyKit +Name[be]=PolicyKit - аґент аўтÑнтыфікацыі +Name[bn_IN]=PolicyKit অনà§à¦®à§‹à¦¦à¦¨à§‡à¦° à¦à¦œà§‡à¦¨à§à¦Ÿ +Name[ca]=Agent d'autenticació del PolicyKit +Name[cs]=Ověřovacà agent PolicyKit +Name[da]=Godkendelsesprogrammet PolicyKit +Name[de]=Legitimationsdienst von PolicyKit +Name[el]=Î ÏάκτοÏας πιστοποίησης PolicyKit +Name[en_GB]=PolicyKit Authentication Agent +Name[es]=Agente de autenticación de PolicyKit +Name[eu]=PolicyKit autentifikatzeko agentea +Name[fi]=PolicytKit-tunnistautumisohjelma +Name[fr]=Agent d'authentification de PolicyKit +Name[gl]=Axente de autenticación PolicyKit +Name[gu]=PolicyKit સતà«àª¤àª¾àª§àª¿àª•àª°àª£ àªàªœàª¨à«àªŸ +Name[hi]=PolicyKit पà¥à¤°à¤®à¤¾à¤£à¥€à¤•à¤°à¤£ पà¥à¤°à¤¤à¤¿à¤¨à¤¿à¤§à¤¿ +Name[hu]=PolicyKit hitelesÃtési ügynök +Name[it]=Agente di autenticazione per PolicyKit +Name[ja]=PolicyKit èªè¨¼ã‚¨ãƒ¼ã‚¸ã‚§ãƒ³ãƒˆ +Name[kn]=PolicyKit ದೃಢೀಕರಣ ಮಧà³à²¯à²µà²°à³à²¤à²¿ +Name[lt]=PolicyKit tapatybÄ—s nustatymo agentas +Name[ml]=പോളിസികàµà´•à´¿à´±àµà´±àµ ഓഥനàµà´±à´¿à´•àµà´•àµ‡à´·à´¨àµâ€ à´à´œà´¨àµà´±àµ +Name[mr]=PolicyKit ऑथेंटीकेशन à¤à¤œà¥‡à¤‚ट +Name[or]=PolicyKit ବàˆà¬§à¬¿à¬•à¬°à¬£ ସଦସààŸ +Name[pa]=ਪਾਲਸੀਕਿੱਟ ਪਰਮਾਣਕਿਤਾ à¨à¨œà©°à¨Ÿ +Name[pl]=Agent uwierzytelniania PolicyKit +Name[pt]=Agente de Autenticação PolicyKit +Name[pt_BR]=Agente de autenticação PolicyKit +Name[ro]=Agent de autentificare PolicyKit +Name[sk]=Agent PolicyKit na overovanie totožnosti +Name[sl]=PolicyKit program overjanja +Name[sv]=Autentiseringsagent för PolicyKit +Name[ta]=PolicyKit à®…à®™à¯à®•à¯€à®•à®¾à®° à®®à¯à®•à®µà®°à¯ +Name[te]=పాలసీకిటౠధృవీకరణ à°ªà±à°°à°¤à°¿à°¨à°¿à°§à°¿ +Name[th]=ตัวà¸à¸¥à¸²à¸‡à¸ªà¸³à¸«à¸£à¸±à¸šà¸¢à¸·à¸™à¸¢à¸±à¸™à¸•à¸±à¸§à¸šà¸¸à¸„คล PolicyKit +Name[uk]=Ðгент автентифікації PolicyKit +Name[zh_CN]=PolicyKit 认è¯ä»£ç† +Name[zh_HK]=PolicyKit é©—è‰ä»£ç†ç¨‹å¼ +Name[zh_TW]=PolicyKit é©—è‰ä»£ç†ç¨‹å¼ +Comment=PolicyKit Authentication Agent +Comment[ar]=مدير الاستيثاق PolicyKit +Comment[be]=PolicyKit - аґент аўтÑнтыфікацыі +Comment[bn_IN]=PolicyKit অনà§à¦®à§‹à¦¦à¦¨à§‡à¦° à¦à¦œà§‡à¦¨à§à¦Ÿ +Comment[ca]=Agent d'autenticació del PolicyKit +Comment[cs]=Ověřovacà agent PolicyKit +Comment[da]=Godkendelsesprogrammet PolicyKit +Comment[de]=Legitimationsdienst von PolicyKit +Comment[el]=Î ÏάκτοÏας πιστοποίησης PolicyKit +Comment[en_GB]=PolicyKit Authentication Agent +Comment[es]=Agente de autenticación de PolicyKit +Comment[eu]=PolicyKit autentifikatzeko agentea +Comment[fi]=PolicytKit-tunnistautumisohjelma +Comment[fr]=Agent d'authentification de PolicyKit +Comment[gl]=Axente de autenticación PolicyKit +Comment[gu]=PolicyKit સતà«àª¤àª¾àª§àª¿àª•àª°àª£ àªàªœàª¨à«àªŸ +Comment[hi]=PolicyKit पà¥à¤°à¤®à¤¾à¤£à¥€à¤•à¤°à¤£ पà¥à¤°à¤¤à¤¿à¤¨à¤¿à¤§à¤¿ +Comment[hu]=PolicyKit hitelesÃtési ügynök +Comment[it]=Agente di autenticazione per PolicyKit +Comment[ja]=PolicyKit èªè¨¼ã‚¨ãƒ¼ã‚¸ã‚§ãƒ³ãƒˆ +Comment[kn]=PolicyKit ದೃಢೀಕರಣ ಮಧà³à²¯à²µà²°à³à²¤à²¿ +Comment[lt]=PolicyKit tapatybÄ—s nustatymo agentas +Comment[ml]=പോളിസികàµà´•à´¿à´±àµà´±àµ ഓഥനàµà´±à´¿à´•àµà´•àµ‡à´·à´¨àµâ€ à´à´œà´¨àµà´±àµ +Comment[mr]=PolicyKit ऑथेंटीकेशन à¤à¤œà¥‡à¤‚ट +Comment[or]=PolicyKit ବàˆà¬§à¬¿à¬•à¬°à¬£ ସଦସààŸ +Comment[pa]=ਪਾਲਸੀਕਿੱਟ ਪਰਮਾਣਕਿਤਾ à¨à¨œà©°à¨Ÿ +Comment[pl]=Agent uwierzytelniania PolicyKit +Comment[pt]=Agente de Autenticação PolicyKit +Comment[pt_BR]=Agente de autenticação PolicyKit +Comment[ro]=Agent de autentificare PolicyKit +Comment[sk]=Agent PolicyKit na overovanie totožnosti +Comment[sl]=PolicyKit program overjanja +Comment[sv]=Autentiseringsagent för PolicyKit +Comment[ta]=PolicyKit à®…à®™à¯à®•à¯€à®•à®¾à®° à®®à¯à®•à®µà®°à¯ +Comment[te]=పాలసీకిటౠధృవీకరణ à°ªà±à°°à°¤à°¿à°¨à°¿à°§à°¿ +Comment[th]=ตัวà¸à¸¥à¸²à¸‡à¸ªà¸³à¸«à¸£à¸±à¸šà¸¢à¸·à¸™à¸¢à¸±à¸™à¸•à¸±à¸§à¸šà¸¸à¸„คล PolicyKit +Comment[uk]=Ðгент автентифікації PolicyKit +Comment[zh_CN]=PolicyKit 认è¯ä»£ç† +Comment[zh_HK]=PolicyKit é©—è‰ä»£ç†ç¨‹å¼ +Comment[zh_TW]=PolicyKit é©—è‰ä»£ç†ç¨‹å¼ +Exec=@out@/libexec/polkit-gnome-authentication-agent-1 +Terminal=false +Type=Application +Categories= +NoDisplay=true +OnlyShowIn=GNOME;XFCE;Unity; +AutostartCondition=GNOME3 unless-session gnome diff --git a/nixpkgs/pkgs/tools/security/pomerium-cli/default.nix b/nixpkgs/pkgs/tools/security/pomerium-cli/default.nix new file mode 100644 index 000000000000..67c44930f0da --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pomerium-cli/default.nix @@ -0,0 +1,63 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +let + inherit (lib) concatStringsSep concatMap id mapAttrsToList; +in +buildGoModule rec { + pname = "pomerium-cli"; + version = "0.22.0"; + + src = fetchFromGitHub { + owner = "pomerium"; + repo = "cli"; + rev = "v${version}"; + sha256 = "sha256-0vRLjmzW/U/Kssu4VQO6mFqVH4UovmTGEEfxeWI8Nqo="; + }; + + vendorHash = "sha256-dnfJnndYXR6LQKDruLSsDav4DtyaGu5/rNnk69oMhPU="; + + subPackages = [ + "cmd/pomerium-cli" + ]; + + ldflags = let + # Set a variety of useful meta variables for stamping the build with. + setVars = { + "github.com/pomerium/cli/version" = { + Version = "v${version}"; + BuildMeta = "nixpkgs"; + ProjectName = "pomerium-cli"; + ProjectURL = "github.com/pomerium/cli"; + }; + }; + concatStringsSpace = list: concatStringsSep " " list; + mapAttrsToFlatList = fn: list: concatMap id (mapAttrsToList fn list); + varFlags = concatStringsSpace ( + mapAttrsToFlatList (package: packageVars: + mapAttrsToList (variable: value: + "-X ${package}.${variable}=${value}" + ) packageVars + ) setVars); + in [ + "${varFlags}" + ]; + + installPhase = '' + runHook preInstall + + install -Dm0755 $GOPATH/bin/pomerium-cli $out/bin/pomerium-cli + + runHook postInstall + ''; + + meta = with lib; { + homepage = "https://pomerium.io"; + description = "Client-side helper for Pomerium authenticating reverse proxy"; + license = licenses.asl20; + maintainers = with maintainers; [ lukegb ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/posteid-seed-extractor/default.nix b/nixpkgs/pkgs/tools/security/posteid-seed-extractor/default.nix new file mode 100644 index 000000000000..176b210b3779 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/posteid-seed-extractor/default.nix @@ -0,0 +1,47 @@ +{ lib +, python3Packages +, fetchFromGitHub +}: + +python3Packages.buildPythonApplication { + pname = "posteid-seed-extractor"; + version = "unstable-2022-02-23"; + + src = fetchFromGitHub { + owner = "simone36050"; + repo = "PosteID-seed-extractor"; + rev = "667e2997a98aa3273a6bf6b4b34ca77715120e7f"; + hash = "sha256-smNwp67HYbZuMrl0uf2X2yox2JqeEV6WzIBp4dALwgw="; + }; + + format = "other"; + + pythonPath = with python3Packages; [ + certifi + cffi + charset-normalizer + cryptography + idna + jwcrypto + pycparser + pycryptodome + pyotp + qrcode + requests + urllib3 + wrapt + ]; + + installPhase = '' + runHook preInstall + install -Dm755 extractor.py $out/bin/posteid-seed-extractor + runHook postInstall + ''; + + meta = with lib; { + homepage = "https://github.com/simone36050/PosteID-seed-extractor"; + description = "Extract OTP seed instead of using PosteID app"; + license = licenses.mit; + maintainers = with maintainers; [ aciceri ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pretender/default.nix b/nixpkgs/pkgs/tools/security/pretender/default.nix new file mode 100644 index 000000000000..91452f34d62b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pretender/default.nix @@ -0,0 +1,29 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "pretender"; + version = "1.2.0"; + + src = fetchFromGitHub { + owner = "RedTeamPentesting"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-adWdUlsReRptSgRAjNH9bWy9dpwpuAWtVxlbDL2pMmk="; + }; + + vendorHash = "sha256-kDHRjd3Y90ocBGSJ0B2jAM9tO+iDSXoUOzLEWX2G0J4="; + + # Tests require network access + doCheck = false; + + meta = with lib; { + description = "Tool for handling machine-in-the-middle tasks"; + homepage = "https://github.com/RedTeamPentesting/pretender"; + changelog = "https://github.com/RedTeamPentesting/pretender/releases/tag/v${version}"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/proxmark3/darwin-always-gui.patch b/nixpkgs/pkgs/tools/security/proxmark3/darwin-always-gui.patch new file mode 100644 index 000000000000..99c4495e9661 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/proxmark3/darwin-always-gui.patch @@ -0,0 +1,13 @@ +diff --git a/client/src/proxmark3.c b/client/src/proxmark3.c +index 6c77bfad3..0d41a2d6b 100644 +--- a/client/src/proxmark3.c ++++ b/client/src/proxmark3.c +@@ -1098,7 +1098,7 @@ int main(int argc, char *argv[]) { + + #ifdef HAVE_GUI + +-# if defined(_WIN32) ++# if defined(_WIN32) || (defined(__MACH__) && defined(__APPLE__)) + InitGraphics(argc, argv, script_cmds_file, script_cmd, stayInCommandLoop); + MainGraphics(); + # else diff --git a/nixpkgs/pkgs/tools/security/proxmark3/default.nix b/nixpkgs/pkgs/tools/security/proxmark3/default.nix new file mode 100644 index 000000000000..a6c59919e28f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/proxmark3/default.nix @@ -0,0 +1,88 @@ +{ lib +, stdenv +, fetchFromGitHub +, pkg-config +, gcc-arm-embedded +, readline +, bzip2 +, openssl +, jansson +, whereami +, lua +, lz4 +, Foundation +, AppKit +, withGui ? true, wrapQtAppsHook, qtbase +, withPython ? true, python3 +, withBlueshark ? false, bluez5 +, withGeneric ? false +, withSmall ? false +, withoutFunctions ? [] +, hardwarePlatform ? if withGeneric then "PM3GENERIC" else "PM3RDV4" +, hardwarePlatformExtras ? lib.optionalString withBlueshark "BTADDON" +, standalone ? "LF_SAMYRUN" +}: +assert withBlueshark -> stdenv.hostPlatform.isLinux; +stdenv.mkDerivation rec { + pname = "proxmark3"; + version = "4.17140"; + + src = fetchFromGitHub { + owner = "RfidResearchGroup"; + repo = "proxmark3"; + rev = "v${version}"; + hash = "sha256-l66syIpTM4P0733eJKEjnEYHvQlIc7KKxXLcc7XBnHE="; + }; + + patches = [ + # Don't check for DISPLAY env variable on Darwin. pm3 uses this to test if + # XQuartz is installed, however it is not actually required for GUI features + ./darwin-always-gui.patch + ]; + + postPatch = '' + # Remove hardcoded paths on Darwin + substituteInPlace Makefile.defs \ + --replace "/usr/bin/ar" "ar" \ + --replace "/usr/bin/ranlib" "ranlib" + # Replace hardcoded path to libwhereami + substituteInPlace client/Makefile \ + --replace "/usr/include/whereami.h" "${whereami}/include/whereami.h" + ''; + + nativeBuildInputs = [ + pkg-config + gcc-arm-embedded + ] ++ lib.optional withGui wrapQtAppsHook; + buildInputs = [ + readline + bzip2 + openssl + jansson + lz4 + whereami + lua + ] ++ lib.optional withGui qtbase + ++ lib.optional withPython python3 + ++ lib.optional withBlueshark bluez5 + ++ lib.optionals stdenv.hostPlatform.isDarwin [ Foundation AppKit ]; + + makeFlags = [ + "PREFIX=${placeholder "out"}" + "UDEV_PREFIX=${placeholder "out"}/etc/udev/rules.d" + "PLATFORM=${hardwarePlatform}" + "PLATFORM_EXTRAS=${hardwarePlatformExtras}" + "STANDALONE=${standalone}" + "USE_BREW=0" + ] ++ lib.optional withSmall "PLATFORM_SIZE=256" + ++ map (x: "SKIP_${x}=1") withoutFunctions; + enableParallelBuilding = true; + + meta = with lib; { + description = "Client for proxmark3, powerful general purpose RFID tool"; + homepage = "https://github.com/RfidResearchGroup/proxmark3"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ nyanotech emilytrau ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/prs/default.nix b/nixpkgs/pkgs/tools/security/prs/default.nix new file mode 100644 index 000000000000..33df7e7948ce --- /dev/null +++ b/nixpkgs/pkgs/tools/security/prs/default.nix @@ -0,0 +1,63 @@ +{ lib +, rustPlatform +, fetchFromGitLab +, installShellFiles +, pkg-config +, python3 +, dbus +, glib +, gpgme +, gtk3 +, libxcb +, libxkbcommon +}: + +rustPlatform.buildRustPackage rec { + pname = "prs"; + version = "0.5.0"; + + src = fetchFromGitLab { + owner = "timvisee"; + repo = "prs"; + rev = "refs/tags/v${version}"; + hash = "sha256-9/XKz+yOCFEB1VI2EK0xF5ecyBPeGztpGPo/aXQ6v5E="; + }; + + cargoHash = "sha256-kxIgToqhJhUgJcxnGRGG6I+YqM2diFgQDyn1jBxWAw8="; + + postPatch = '' + # The GPGME backend is recommended + for f in "gtk3/Cargo.toml" "cli/Cargo.toml"; do + substituteInPlace "$f" --replace \ + 'default = ["backend-gnupg-bin"' 'default = ["backend-gpgme"' + done + ''; + + nativeBuildInputs = [ gpgme installShellFiles pkg-config python3 ]; + + buildInputs = [ + dbus + glib + gpgme + gtk3 + libxcb + libxkbcommon + ]; + + postInstall = '' + for shell in bash fish zsh; do + installShellCompletion --cmd prs --$shell <($out/bin/prs internal completions $shell --stdout) + done + ''; + + meta = with lib; { + description = "Secure, fast & convenient password manager CLI using GPG and git to sync"; + homepage = "https://gitlab.com/timvisee/prs"; + changelog = "https://gitlab.com/timvisee/prs/-/blob/v${version}/CHANGELOG.md"; + license = with licenses; [ + lgpl3Only # lib + gpl3Only # everything else + ]; + maintainers = with maintainers; [ dotlambda ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/psudohash/default.nix b/nixpkgs/pkgs/tools/security/psudohash/default.nix new file mode 100644 index 000000000000..d5be9f9a772b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/psudohash/default.nix @@ -0,0 +1,40 @@ +{ + lib, + fetchFromGitHub, + stdenv, + python3 +}: + +stdenv.mkDerivation rec { + pname = "psudohash"; + version = "unstable-2023-05-15"; + + src = fetchFromGitHub { + owner = "t3l3machus"; + repo = "psudohash"; + rev = "2d586dec8b5836546ae54b924eb59952a7ee393c"; + hash = "sha256-l/Rp9405Wf6vh85PFrRTtTLJE7GPODowseNqEw42J18="; + }; + + buildInputs = [ python3 ]; + + installPhase = '' + runHook preInstall + + install -Dm555 psudohash.py $out/bin/psudohash + + install -Dm444 common_padding_values.txt $out/share/psudohash/common_padding_values.txt + + substituteInPlace $out/bin/psudohash \ + --replace "common_padding_values.txt" "$out/share/${pname}/common_padding_values.txt" + + runHook postInstall + ''; + + meta = with lib; { + description = "Password list generator for orchestrating brute force attacks and cracking hashes"; + homepage = "https://github.com/t3l3machus/psudohash"; + license = licenses.mit; + maintainers = with maintainers; [ exploitoverload ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pwdsafety/default.nix b/nixpkgs/pkgs/tools/security/pwdsafety/default.nix new file mode 100644 index 000000000000..12785154a177 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pwdsafety/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "pwdsafety"; + version = "0.3"; + + src = fetchFromGitHub { + owner = "edoardottt"; + repo = pname; + rev = "v${version}"; + hash = "sha256-ryMLiehJVZhQ3ZQf4/g7ILeJri78A6z5jfell0pD9E8="; + }; + + vendorHash = "sha256-b+tWTQUyYDzY2O28hwy5vI6b6S889TCiVh7hQhw/KAc="; + + meta = with lib; { + description = "Command line tool checking password safety"; + homepage = "https://github.com/edoardottt/pwdsafety"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pwgen-secure/default.nix b/nixpkgs/pkgs/tools/security/pwgen-secure/default.nix new file mode 100644 index 000000000000..44ccd79fd39b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pwgen-secure/default.nix @@ -0,0 +1,47 @@ +{ lib, python3Packages, fetchFromGitHub }: + +let + inherit (python3Packages) buildPythonApplication pythonOlder; + +in +buildPythonApplication rec { + pname = "pwgen-secure"; + version = "0.9.1"; + + # it needs `secrets` which was introduced in 3.6 + disabled = pythonOlder "3.6"; + + # GH is newer than Pypi and contains both library *and* the actual program + # whereas Pypi only has the library + src = fetchFromGitHub { + owner = "mjmunger"; + repo = "pwgen_secure"; + rev = "v${version}"; + sha256 = "15md5606hzy1xfhj2lxmc0nvynyrcs4vxa5jdi34kfm31rdklj28"; + }; + + postPatch = '' + shareDir=$out/share/${pname} + + substituteInPlace pwgen_secure/rpg.py \ + --replace "os.path.join(path, 'words.txt')" "os.path.join('$shareDir', 'words.txt')" + ''; + + propagatedBuildInputs = with python3Packages; [ docopt ]; + + postInstall = '' + install -Dm555 spwgen.py $out/bin/spwgen + install -Dm444 pwgen_secure/words.txt -t $shareDir + ''; + + # there are no checks + doCheck = false; + + meta = with lib; { + description = "Secure password generation library to replace pwgen"; + homepage = "https://github.com/mjmunger/pwgen_secure/"; + license = licenses.mit; + maintainers = with maintainers; [ peterhoeg ]; + mainProgram = "spwgen"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pwgen/default.nix b/nixpkgs/pkgs/tools/security/pwgen/default.nix new file mode 100644 index 000000000000..3c0ce6b21d50 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pwgen/default.nix @@ -0,0 +1,30 @@ +{ lib +, stdenv +, autoreconfHook +, fetchFromGitHub +}: + +stdenv.mkDerivation rec { + pname = "pwgen"; + version = "2.08"; + + src = fetchFromGitHub { + owner = "tytso"; + repo = pname; + rev = "v${version}"; + sha256 = "1j6c6m9fcy24jn8mk989x49yk765xb26lpr8yhpiaqk206wlss2z"; + }; + + nativeBuildInputs = [ + autoreconfHook + ]; + + meta = with lib; { + description = "Password generator which creates passwords which can be easily memorized by a human"; + homepage = "https://github.com/tytso/pwgen"; + license = licenses.gpl2Only; + maintainers = with maintainers; [ fab ]; + mainProgram = "pwgen"; + platforms = platforms.all; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pwncat/default.nix b/nixpkgs/pkgs/tools/security/pwncat/default.nix new file mode 100644 index 000000000000..398132c4cee7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pwncat/default.nix @@ -0,0 +1,24 @@ +{ lib +, buildPythonApplication +, fetchPypi +}: + +buildPythonApplication rec { + pname = "pwncat"; + version = "0.1.2"; + + src = fetchPypi { + inherit pname version; + sha256 = "1230fdn5mx3wwr3a3nn6z2vwh973n248m11hnx9y3fjq7bgpky67"; + }; + + # Tests requires to start containers + doCheck = false; + + meta = with lib; { + description = "TCP/UDP communication suite"; + homepage = "https://pwncat.org/"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/pynitrokey/default.nix b/nixpkgs/pkgs/tools/security/pynitrokey/default.nix new file mode 100644 index 000000000000..690d566c476d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/pynitrokey/default.nix @@ -0,0 +1,82 @@ +{ lib +, python3Packages +, fetchPypi +, nrfutil +, libnitrokey +, nix-update-script +}: + +with python3Packages; + +buildPythonApplication rec { + pname = "pynitrokey"; + version = "0.4.40"; + format = "pyproject"; + + src = fetchPypi { + inherit pname version; + hash = "sha256-Hu+8UooDzv4GhkWt0sCckQQyHjWn4V/zt2ADlVCoHmk="; + }; + + propagatedBuildInputs = [ + certifi + cffi + click + click-aliases + cryptography + ecdsa + frozendict + fido2 + intelhex + nkdfu + nrfutil + python-dateutil + pyusb + requests + semver + spsdk + tqdm + urllib3 + tlv8 + typing-extensions + importlib-metadata + ]; + + nativeBuildInputs = [ + flit-core + pythonRelaxDepsHook + ]; + + # FIXME: does pythonRelaxDepsHook not work for pypaBuildHook + flit-core? + pypaBuildFlags = [ "--skip-dependency-check" ]; + + pythonRelaxDeps = [ + "click" + "cryptography" + "protobuf" + "python-dateutil" + "spsdk" + "typing_extensions" + ]; + + # libnitrokey is not propagated to users of the pynitrokey Python package. + # It is only usable from the wrapped bin/nitropy + makeWrapperArgs = [ + "--set LIBNK_PATH ${lib.makeLibraryPath [ libnitrokey ]}" + ]; + + # no tests + doCheck = false; + + pythonImportsCheck = [ "pynitrokey" ]; + + passthru.updateScript = nix-update-script { }; + + meta = with lib; { + description = "Python client for Nitrokey devices"; + homepage = "https://github.com/Nitrokey/pynitrokey"; + license = with licenses; [ asl20 mit ]; + maintainers = with maintainers; [ frogamic ]; + mainProgram = "nitropy"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/qdigidoc/default.nix b/nixpkgs/pkgs/tools/security/qdigidoc/default.nix new file mode 100644 index 000000000000..8a8fa4496c38 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/qdigidoc/default.nix @@ -0,0 +1,66 @@ +{ lib +, mkDerivation +, fetchurl +, cmake +, gettext +, pkg-config +, libdigidocpp +, opensc +, openldap +, openssl +, pcsclite +, qtbase +, qtsvg +, qttools +}: + +mkDerivation rec { + pname = "qdigidoc"; + version = "4.2.12"; + + src = fetchurl { + url = + "https://github.com/open-eid/DigiDoc4-Client/releases/download/v${version}/qdigidoc4-${version}.tar.gz"; + hash = "sha256-6bso1qvhVhbBfrcTq4S+aHtHli7X2A926N4r45ztq4E="; + }; + + tsl = fetchurl { + url = "https://ec.europa.eu/tools/lotl/eu-lotl-pivot-300.xml"; + sha256 = "1cikz36w9phgczcqnwk4k3mx3kk919wy2327jksmfa4cjfjq4a8d"; + }; + + nativeBuildInputs = [ cmake gettext pkg-config qttools ]; + + postPatch = '' + substituteInPlace client/CMakeLists.txt \ + --replace $\{TSL_URL} file://${tsl} + ''; + + buildInputs = [ + libdigidocpp + opensc + openldap + openssl + pcsclite + qtbase + qtsvg + ]; + + # qdigidoc4's `QPKCS11::reload()` dlopen()s "opensc-pkcs11.so" in QLibrary, + # i.e. OpenSC's module is searched for in libQt5Core's DT_RUNPATH and fixing + # qdigidoc4's DT_RUNPATH has no effect on Linux (at least OpenBSD's ld.so(1) + # searches the program's runtime path as well). + # LD_LIBRARY_PATH takes precedence for all calling objects, see dlopen(3). + # https://github.com/open-eid/cmake/pull/35 might be an alternative. + qtWrapperArgs = [ + "--prefix LD_LIBRARY_PATH : ${opensc}/lib/pkcs11/" + ]; + + meta = with lib; { + description = "Qt-based UI for signing and verifying DigiDoc documents"; + homepage = "https://www.id.ee/"; + license = licenses.lgpl21Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ mmahut yana ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/quark-engine/default.nix b/nixpkgs/pkgs/tools/security/quark-engine/default.nix new file mode 100644 index 000000000000..e67dd3f8b944 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/quark-engine/default.nix @@ -0,0 +1,47 @@ +{ lib +, fetchFromGitHub +, gitMinimal +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "quark-engine"; + version = "23.9.1"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = pname; + repo = pname; + rev = "refs/tags/v${version}"; + sha256 = "sha256-E9efhgMGN9lvMlFeZqo6xco75TtQsXULOzKX00pjqMM="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + androguard + click + colorama + gitMinimal + graphviz + pandas + plotly + prettytable + prompt-toolkit + rzpipe + tqdm + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "quark" + ]; + + meta = with lib; { + description = "Android malware (analysis and scoring) system"; + homepage = "https://quark-engine.readthedocs.io/"; + changelog = "https://github.com/quark-engine/quark-engine/releases/tag/v${version}"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/quill-qr/default.nix b/nixpkgs/pkgs/tools/security/quill-qr/default.nix new file mode 100644 index 000000000000..55c2f45cc683 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/quill-qr/default.nix @@ -0,0 +1,45 @@ +{ coreutils +, fetchFromGitHub +, gzip +, jq +, lib +, makeWrapper +, qrencode +, stdenvNoCC +}: + +stdenvNoCC.mkDerivation rec { + pname = "quill-qr"; + version = "0.1.0"; + + src = fetchFromGitHub { + owner = "IvanMalison"; + repo = "quill-qr"; + rev = "v${version}"; + sha256 = "1kdsq6csmxfvs2wy31bc9r92l5pkmzlzkyqrangvrf4pbk3sk0r6"; + }; + + nativeBuildInputs = [ makeWrapper ]; + + dontBuild = true; + + installPhase = '' + mkdir -p $out/bin + cp -a quill-qr.sh $out/bin/quill-qr.sh + patchShebangs $out/bin + + wrapProgram $out/bin/quill-qr.sh --prefix PATH : "${lib.makeBinPath [ + qrencode + coreutils + jq + gzip + ]}" + ''; + + meta = with lib; { + description = "Print QR codes for use with https://p5deo-6aaaa-aaaab-aaaxq-cai.raw.ic0.app/"; + homepage = "https://github.com/IvanMalison/quill-qr"; + maintainers = with maintainers; [ imalison ]; + platforms = with platforms; linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/quill/Cargo.lock b/nixpkgs/pkgs/tools/security/quill/Cargo.lock new file mode 100644 index 000000000000..948c1fd45102 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/quill/Cargo.lock @@ -0,0 +1,3661 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "adler" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" + +[[package]] +name = "aho-corasick" +version = "0.7.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e37cfd5e7657ada45f742d6e99ca5788580b5c529dc78faf11ece6dc702656f" +dependencies = [ + "memchr", +] + +[[package]] +name = "anyhow" +version = "1.0.57" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08f9b8508dccb7687a1d6c4ce66b2b0ecef467c94667de27d8d7fe1f8d2a9cdc" + +[[package]] +name = "arrayref" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4c527152e37cf757a3f78aae5a06fbeefdb07ccc535c980a3208ee3060dd544" + +[[package]] +name = "arrayvec" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23b62fc65de8e4e7f52534fb52b0f3ed04746ae267519eef2a83941e8085068b" + +[[package]] +name = "ascii-canvas" +version = "3.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8824ecca2e851cec16968d54a01dd372ef8f95b244fb84b84e70128be347c3c6" +dependencies = [ + "term", +] + +[[package]] +name = "async-trait" +version = "0.1.53" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed6aa3524a2dfcf9fe180c51eae2b58738348d819517ceadf95789c51fff7600" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "atty" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" +dependencies = [ + "hermit-abi", + "libc", + "winapi", +] + +[[package]] +name = "autocfg" +version = "0.1.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0dde43e75fd43e8a1bf86103336bc699aa8d17ad1be60c76c0bdfd4828e19b78" +dependencies = [ + "autocfg 1.1.0", +] + +[[package]] +name = "autocfg" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" + +[[package]] +name = "base16ct" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "349a06037c7bf932dd7e7d1f653678b2038b9ad46a74102f1fc7bd7872678cce" + +[[package]] +name = "base32" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23ce669cd6c8588f79e15cf450314f9638f967fc5770ff1c7c1deb0925ea7cfa" + +[[package]] +name = "base58" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5024ee8015f02155eee35c711107ddd9a9bf3cb689cf2a9089c97e79b6e1ae83" + +[[package]] +name = "base64" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b41b7ea54a0c9d92199de89e20e58d49f02f8e699814ef3fdf266f6f748d15c7" + +[[package]] +name = "base64" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" + +[[package]] +name = "base64ct" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dea908e7347a8c64e378c17e30ef880ad73e3b4498346b055c2c00ea342f3179" + +[[package]] +name = "beef" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3a8241f3ebb85c056b509d4327ad0358fbbba6ffb340bf388f26350aeda225b1" + +[[package]] +name = "bincode" +version = "1.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1f45e9417d87227c7a56d22e471c6206462cba514c7590c09aff4cf6d1ddcad" +dependencies = [ + "serde", +] + +[[package]] +name = "binread" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "16598dfc8e6578e9b597d9910ba2e73618385dc9f4b1d43dd92c349d6be6418f" +dependencies = [ + "binread_derive", + "lazy_static", + "rustversion", +] + +[[package]] +name = "binread_derive" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d9672209df1714ee804b1f4d4f68c8eb2a90b1f7a07acf472f88ce198ef1fed" +dependencies = [ + "either", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "bip39" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9e89470017230c38e52b82b3ee3f530db1856ba1d434e3a67a3456a8a8dec5f" +dependencies = [ + "bitcoin_hashes", + "rand_core 0.4.2", + "serde", + "unicode-normalization", +] + +[[package]] +name = "bit-set" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e11e16035ea35e4e5997b393eacbf6f63983188f7a2ad25bfb13465f5ad59de" +dependencies = [ + "bit-vec", +] + +[[package]] +name = "bit-vec" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "349f9b6a179ed607305526ca489b34ad0a41aed5f7980fa90eb03160b69598fb" + +[[package]] +name = "bitcoin_hashes" +version = "0.9.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ce18265ec2324ad075345d5814fbeed4f41f0a660055dc78840b74d19b874b1" + +[[package]] +name = "bitflags" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "block-buffer" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0940dc441f31689269e10ac70eb1002a3a1d3ad1390e030043662eb7fe4688b" +dependencies = [ + "block-padding", + "byte-tools", + "byteorder", + "generic-array 0.12.4", +] + +[[package]] +name = "block-buffer" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" +dependencies = [ + "generic-array 0.14.5", +] + +[[package]] +name = "block-buffer" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0bf7fe51849ea569fd452f37822f606a5cabb684dc918707a0193fd4664ff324" +dependencies = [ + "generic-array 0.14.5", +] + +[[package]] +name = "block-padding" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa79dedbb091f449f1f39e53edf88d5dbe95f895dae6135a8d7b881fb5af73f5" +dependencies = [ + "byte-tools", +] + +[[package]] +name = "bumpalo" +version = "3.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37ccbd214614c6783386c1af30caf03192f17891059cecc394b4fb119e363de3" + +[[package]] +name = "byte-tools" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3b5ca7a04898ad4bcd41c90c5285445ff5b791899bb1b0abdd2a2aa791211d7" + +[[package]] +name = "byte-unit" +version = "3.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "415301c9de11005d4b92193c0eb7ac7adc37e5a49e0ac9bed0a42343512744b8" + +[[package]] +name = "byteorder" +version = "1.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" + +[[package]] +name = "bytes" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c4872d67bab6358e59559027aa3b9157c53d9358c51423c17554809a8858e0f8" + +[[package]] +name = "candid" +version = "0.7.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba9e536514a3c655568e23e36e68cbef20ee6595f641719ade03a849a13ed0ac" +dependencies = [ + "anyhow", + "binread", + "byteorder", + "candid_derive", + "codespan-reporting", + "hex", + "ic-types 0.3.0", + "lalrpop", + "lalrpop-util", + "leb128", + "logos", + "num-bigint 0.4.3", + "num-traits", + "num_enum", + "paste", + "pretty", + "serde", + "serde_bytes", + "thiserror", +] + +[[package]] +name = "candid_derive" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e02c03c4d547674a3f3f3109538fb49871fbe636216daa019f06a62faca9061" +dependencies = [ + "lazy_static", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "cc" +version = "1.0.73" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" + +[[package]] +name = "cfg-if" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "chrono" +version = "0.4.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "670ad68c9088c2a963aaa298cb369688cf3f9465ce5e2d4ca10e6e0098a1ce73" +dependencies = [ + "libc", + "num-integer", + "num-traits", + "time 0.1.43", + "winapi", +] + +[[package]] +name = "clap" +version = "3.1.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2dbdf4bdacb33466e854ce889eee8dfd5729abf7ccd7664d0a2d60cd384440b" +dependencies = [ + "atty", + "bitflags", + "clap_derive", + "clap_lex", + "indexmap", + "lazy_static", + "strsim", + "termcolor", + "textwrap", +] + +[[package]] +name = "clap_derive" +version = "3.1.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25320346e922cffe59c0bbc5410c8d8784509efb321488971081313cb1e1a33c" +dependencies = [ + "heck 0.4.0", + "proc-macro-error", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "clap_lex" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a37c35f1112dad5e6e0b1adaff798507497a18fceeb30cceb3bae7d1427b9213" +dependencies = [ + "os_str_bytes", +] + +[[package]] +name = "cloudabi" +version = "0.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ddfc5b9aa5d4507acaf872de71051dfd0e309860e88966e1051e462a077aac4f" +dependencies = [ + "bitflags", +] + +[[package]] +name = "codespan-reporting" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3538270d33cc669650c4b093848450d380def10c331d38c768e34cac80576e6e" +dependencies = [ + "termcolor", + "unicode-width", +] + +[[package]] +name = "const-oid" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "722e23542a15cea1f65d4a1419c4cfd7a26706c70871a13a04238ca3f40f1661" + +[[package]] +name = "core-foundation" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "194a7a9e6de53fa55116934067c844d9d749312f75c6f6d0980e8c252f8c2146" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "core-foundation-sys" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" + +[[package]] +name = "cpufeatures" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59a6001667ab124aebae2a495118e11d30984c3a653e99d86d58971708cf5e4b" +dependencies = [ + "libc", +] + +[[package]] +name = "crc32fast" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b540bd8bc810d3885c6ea91e2018302f68baba2129ab3e88f32389ee9370880d" +dependencies = [ + "cfg-if 1.0.0", +] + +[[package]] +name = "crunchy" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7" + +[[package]] +name = "crypto-bigint" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78a4e0fb04deabeb711eb20bd1179f1524c06f7e6975ebccc495f678a635887b" +dependencies = [ + "generic-array 0.14.5", + "rand_core 0.6.3", + "subtle 2.4.1", + "zeroize", +] + +[[package]] +name = "crypto-common" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57952ca27b5e3606ff4dd79b0020231aaf9d6aa76dc05fd30137538c50bd3ce8" +dependencies = [ + "generic-array 0.14.5", + "typenum", +] + +[[package]] +name = "crypto-mac" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4434400df11d95d556bac068ddfedd482915eb18fe8bea89bc80b6e4b1c179e5" +dependencies = [ + "generic-array 0.12.4", + "subtle 1.0.0", +] + +[[package]] +name = "crypto-mac" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b584a330336237c1eecd3e94266efb216c56ed91225d634cb2991c5f3fd1aeab" +dependencies = [ + "generic-array 0.14.5", + "subtle 2.4.1", +] + +[[package]] +name = "curve25519-dalek" +version = "3.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61" +dependencies = [ + "byteorder", + "digest 0.9.0", + "rand_core 0.5.1", + "subtle 2.4.1", + "zeroize", +] + +[[package]] +name = "cvt" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34ac344c7efccb80cd25bc61b2170aec26f2f693fd40e765a539a1243db48c71" +dependencies = [ + "cfg-if 0.1.10", +] + +[[package]] +name = "darling" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a01d95850c592940db9b8194bc39f4bc0e89dee5c4265e4b1807c34a9aba453c" +dependencies = [ + "darling_core", + "darling_macro", +] + +[[package]] +name = "darling_core" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "859d65a907b6852c9361e3185c862aae7fafd2887876799fa55f5f99dc40d610" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim", + "syn", +] + +[[package]] +name = "darling_macro" +version = "0.13.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c972679f83bdf9c42bd905396b6c3588a843a17f0f16dfcfa3e2c5d57441835" +dependencies = [ + "darling_core", + "quote", + "syn", +] + +[[package]] +name = "der" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "13dd2ae565c0a381dde7fade45fce95984c568bdcb4700a4fdbe3175e0380b2f" +dependencies = [ + "const-oid", + "pem-rfc7468", + "zeroize", +] + +[[package]] +name = "derive_more" +version = "0.99.8-alpha.0" +source = "git+https://github.com/dfinity-lab/derive_more?branch=master#9f1b894e6fde640da4e9ea71a8fc0e4dd98d01da" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "dfn_candid" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "candid", + "dfn_core", + "ic-base-types", + "on_wire", + "serde", +] + +[[package]] +name = "dfn_core" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "byteorder", + "cfg-if 0.1.10", + "futures", + "hex", + "ic-base-types", + "on_wire", + "rustversion", +] + +[[package]] +name = "dfn_http" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "candid", + "dfn_candid", + "dfn_core", + "serde", + "serde_bytes", +] + +[[package]] +name = "dfn_protobuf" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "dfn_core", + "ic-base-types", + "on_wire", + "prost", + "prost-types", +] + +[[package]] +name = "diff" +version = "0.1.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0e25ea47919b1560c4e3b7fe0aaab9becf5b84a10325ddf7db0f0ba5e1026499" + +[[package]] +name = "digest" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f3d0c8c8752312f9713efd397ff63acb9f85585afbf179282e720e7704954dd5" +dependencies = [ + "generic-array 0.12.4", +] + +[[package]] +name = "digest" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" +dependencies = [ + "generic-array 0.14.5", +] + +[[package]] +name = "digest" +version = "0.10.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2fb860ca6fafa5552fb6d0e816a69c8e49f0908bf524e30a90d97c85892d506" +dependencies = [ + "block-buffer 0.10.2", + "crypto-common", + "subtle 2.4.1", +] + +[[package]] +name = "dirs-next" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b98cf8ebf19c3d1b223e151f99a4f9f0690dca41414773390fc824184ac833e1" +dependencies = [ + "cfg-if 1.0.0", + "dirs-sys-next", +] + +[[package]] +name = "dirs-sys-next" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ebda144c4fe02d1f7ea1a7d9641b6fc6b580adcfa024ae48797ecdeb6825b4d" +dependencies = [ + "libc", + "redox_users", + "winapi", +] + +[[package]] +name = "ecdsa" +version = "0.14.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e1e737f9eebb44576f3ee654141a789464071eb369d02c4397b32b6a79790112" +dependencies = [ + "der", + "elliptic-curve", + "rfc6979", + "signature", +] + +[[package]] +name = "ed25519" +version = "1.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e9c280362032ea4203659fc489832d0204ef09f247a0506f170dafcac08c369" +dependencies = [ + "signature", +] + +[[package]] +name = "ed25519-dalek" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" +dependencies = [ + "curve25519-dalek", + "ed25519", + "rand 0.7.3", + "serde", + "sha2 0.9.9", + "zeroize", +] + +[[package]] +name = "either" +version = "1.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e78d4f1cc4ae33bbfc157ed5d5a5ef3bc29227303d595861deb238fcec4e9457" + +[[package]] +name = "elliptic-curve" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bdd8c93ccd534d6a9790f4455cd71e7adb53a12e9af7dd54d1e258473f100cea" +dependencies = [ + "base16ct", + "crypto-bigint", + "der", + "digest 0.10.3", + "ff", + "generic-array 0.14.5", + "group", + "pem-rfc7468", + "pkcs8", + "rand_core 0.6.3", + "sec1", + "subtle 2.4.1", + "zeroize", +] + +[[package]] +name = "ena" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d7402b94a93c24e742487327a7cd839dc9d36fec9de9fb25b09f2dae459f36c3" +dependencies = [ + "log", +] + +[[package]] +name = "encoding_rs" +version = "0.8.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9852635589dc9f9ea1b6fe9f05b50ef208c85c834a562f0c6abb1c475736ec2b" +dependencies = [ + "cfg-if 1.0.0", +] + +[[package]] +name = "erased-serde" +version = "0.3.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ad132dd8d0d0b546348d7d86cb3191aad14b34e5f979781fc005c80d4ac67ffd" +dependencies = [ + "serde", +] + +[[package]] +name = "fake-simd" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e88a8acf291dafb59c2d96e8f59828f3838bb1a70398823ade51a84de6a6deed" + +[[package]] +name = "fastrand" +version = "1.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3fcf0cee53519c866c09b5de1f6c56ff9d647101f81c1964fa632e148896cdf" +dependencies = [ + "instant", +] + +[[package]] +name = "features" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83072b3c84e55f9d0c0ff36a4575d0fd2e543ae4a56e04e7f5a9222188d574e3" +dependencies = [ + "bitflags", +] + +[[package]] +name = "ff" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df689201f395c6b90dfe87127685f8dbfc083a5e779e613575d8bd7314300c3e" +dependencies = [ + "rand_core 0.6.3", + "subtle 2.4.1", +] + +[[package]] +name = "fixedbitset" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37ab347416e802de484e4d03c7316c48f1ecb56574dfd4a46a80f173ce1de04d" + +[[package]] +name = "fixedbitset" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "279fb028e20b3c4c320317955b77c5e0c9701f05a1d309905d6fc702cdc5053e" + +[[package]] +name = "flate2" +version = "1.0.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f82b0f4c27ad9f8bfd1f3208d882da2b09c301bc1c828fd3a00d0216d2fbbff6" +dependencies = [ + "crc32fast", + "miniz_oxide", +] + +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "foreign-types" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" +dependencies = [ + "foreign-types-shared", +] + +[[package]] +name = "foreign-types-shared" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" + +[[package]] +name = "form_urlencoded" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5fc25a87fa4fd2094bffb06925852034d90a17f0d1e05197d4956d3555752191" +dependencies = [ + "matches", + "percent-encoding", +] + +[[package]] +name = "fuchsia-cprng" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a06f77d526c1a601b7c4cdd98f54b5eaabffc14d5f2f0296febdc7f357c6d3ba" + +[[package]] +name = "futures" +version = "0.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f73fe65f54d1e12b726f517d3e2135ca3125a437b6d998caf1962961f7172d9e" +dependencies = [ + "futures-channel", + "futures-core", + "futures-executor", + "futures-io", + "futures-sink", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-channel" +version = "0.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3083ce4b914124575708913bca19bfe887522d6e2e6d0952943f5eac4a74010" +dependencies = [ + "futures-core", + "futures-sink", +] + +[[package]] +name = "futures-core" +version = "0.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c09fd04b7e4073ac7156a9539b57a484a8ea920f79c7c675d05d289ab6110d3" + +[[package]] +name = "futures-executor" +version = "0.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9420b90cfa29e327d0429f19be13e7ddb68fa1cccb09d65e5706b8c7a749b8a6" +dependencies = [ + "futures-core", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-io" +version = "0.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fc4045962a5a5e935ee2fdedaa4e08284547402885ab326734432bed5d12966b" + +[[package]] +name = "futures-macro" +version = "0.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "33c1e13800337f4d4d7a316bf45a567dbcb6ffe087f16424852d97e97a91f512" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "futures-sink" +version = "0.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "21163e139fa306126e6eedaf49ecdb4588f939600f0b1e770f4205ee4b7fa868" + +[[package]] +name = "futures-task" +version = "0.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57c66a976bf5909d801bbef33416c41372779507e7a6b3a5e25e4749c58f776a" + +[[package]] +name = "futures-util" +version = "0.3.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d8b7abd5d659d9b90c8cba917f6ec750a74e2dc23902ef9cd4cc8c8b22e6036a" +dependencies = [ + "futures-channel", + "futures-core", + "futures-io", + "futures-macro", + "futures-sink", + "futures-task", + "memchr", + "pin-project-lite", + "pin-utils", + "slab", +] + +[[package]] +name = "garcon" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e83fb8961dcd3c26123863998521ae4d07e5e5aa8fb50b503380448f2e0ea069" +dependencies = [ + "futures-util", +] + +[[package]] +name = "generic-array" +version = "0.12.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffdf9f34f1447443d37393cc6c2b8313aebddcd96906caf34e54c68d8e57d7bd" +dependencies = [ + "typenum", +] + +[[package]] +name = "generic-array" +version = "0.14.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd48d33ec7f05fbfa152300fdad764757cbded343c1aa1cff2fbaf4134851803" +dependencies = [ + "typenum", + "version_check", +] + +[[package]] +name = "getrandom" +version = "0.1.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" +dependencies = [ + "cfg-if 1.0.0", + "libc", + "wasi 0.9.0+wasi-snapshot-preview1", +] + +[[package]] +name = "getrandom" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9be70c98951c83b8d2f8f60d7065fa6d5146873094452a1008da8c2f1e4205ad" +dependencies = [ + "cfg-if 1.0.0", + "libc", + "wasi 0.10.2+wasi-snapshot-preview1", +] + +[[package]] +name = "group" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7391856def869c1c81063a03457c676fbcd419709c3dfb33d8d319de484b154d" +dependencies = [ + "ff", + "rand_core 0.6.3", + "subtle 2.4.1", +] + +[[package]] +name = "h2" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37a82c6d637fc9515a4694bbf1cb2457b79d81ce52b3108bdeea58b07dd34a57" +dependencies = [ + "bytes", + "fnv", + "futures-core", + "futures-sink", + "futures-util", + "http", + "indexmap", + "slab", + "tokio", + "tokio-util", + "tracing", +] + +[[package]] +name = "half" +version = "1.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eabb4a44450da02c90444cf74558da904edde8fb4e9035a9a6a4e15445af0bd7" + +[[package]] +name = "hashbrown" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ab5ef0d4909ef3724cc8cce6ccc8572c5c817592e9285f5464f8e86f8bd3726e" + +[[package]] +name = "heck" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d621efb26863f0e9924c6ac577e8275e5e6b77455db64ffa6c65c904e9e132c" +dependencies = [ + "unicode-segmentation", +] + +[[package]] +name = "heck" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2540771e65fc8cb83cd6e8a237f70c319bd5c29f78ed1084ba5d50eeac86f7f9" + +[[package]] +name = "hermit-abi" +version = "0.1.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33" +dependencies = [ + "libc", +] + +[[package]] +name = "hex" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" +dependencies = [ + "serde", +] + +[[package]] +name = "hmac" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5dcb5e64cda4c23119ab41ba960d1e170a774c8e4b9d9e6a9bc18aabf5e59695" +dependencies = [ + "crypto-mac 0.7.0", + "digest 0.8.1", +] + +[[package]] +name = "hmac" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "126888268dcc288495a26bf004b38c5fdbb31682f992c84ceb046a1f0fe38840" +dependencies = [ + "crypto-mac 0.8.0", + "digest 0.9.0", +] + +[[package]] +name = "hmac" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" +dependencies = [ + "digest 0.10.3", +] + +[[package]] +name = "hmac-drbg" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c6e570451493f10f6581b48cdd530413b63ea9e780f544bfd3bdcaa0d89d1a7b" +dependencies = [ + "digest 0.8.1", + "generic-array 0.12.4", + "hmac 0.7.1", +] + +[[package]] +name = "hmac-drbg" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17ea0a1394df5b6574da6e0c1ade9e78868c9fb0a4e5ef4428e32da4676b85b1" +dependencies = [ + "digest 0.9.0", + "generic-array 0.14.5", + "hmac 0.8.1", +] + +[[package]] +name = "http" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff8670570af52249509a86f5e3e18a08c60b177071826898fde8997cf5f6bfbb" +dependencies = [ + "bytes", + "fnv", + "itoa", +] + +[[package]] +name = "http-body" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5f38f16d184e36f2408a55281cd658ecbd3ca05cce6d6510a176eca393e26d1" +dependencies = [ + "bytes", + "http", + "pin-project-lite", +] + +[[package]] +name = "httparse" +version = "1.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "496ce29bb5a52785b44e0f7ca2847ae0bb839c9bd28f69acac9b99d461c0c04c" + +[[package]] +name = "httpdate" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c4a1e36c821dbe04574f602848a19f742f4fb3c98d40449f11bcad18d6b17421" + +[[package]] +name = "hyper" +version = "0.14.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42dc3c131584288d375f2d07f822b0cb012d8c6fb899a5b9fdb3cb7eb9b6004f" +dependencies = [ + "bytes", + "futures-channel", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "httparse", + "httpdate", + "itoa", + "pin-project-lite", + "socket2", + "tokio", + "tower-service", + "tracing", + "want", +] + +[[package]] +name = "hyper-rustls" +version = "0.23.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d87c48c02e0dc5e3b849a2041db3029fd066650f8f717c07bf8ed78ccb895cac" +dependencies = [ + "http", + "hyper", + "log", + "rustls", + "rustls-native-certs", + "tokio", + "tokio-rustls", + "webpki-roots", +] + +[[package]] +name = "hyper-tls" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905" +dependencies = [ + "bytes", + "hyper", + "native-tls", + "tokio", + "tokio-native-tls", +] + +[[package]] +name = "ic-agent" +version = "0.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a0cabf758d04a2389ffba0700bd7099de9b5cd47a04255063de1b0f9aac1f6e" +dependencies = [ + "async-trait", + "base32", + "base64 0.13.0", + "byteorder", + "garcon", + "hex", + "http", + "hyper-rustls", + "ic-types 0.3.0", + "k256", + "leb128", + "mime", + "pem", + "pkcs8", + "rand 0.8.5", + "reqwest", + "ring", + "rustls", + "sec1", + "serde", + "serde_bytes", + "serde_cbor", + "sha2 0.10.2", + "simple_asn1", + "thiserror", + "url", +] + +[[package]] +name = "ic-base-types" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "base32", + "byte-unit", + "bytes", + "candid", + "crc32fast", + "ic-crypto-sha", + "ic-protobuf", + "phantom_newtype", + "prost", + "prost-build", + "serde", + "strum 0.18.0", + "strum_macros 0.18.0", +] + +[[package]] +name = "ic-crypto-internal-sha2" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "openssl", + "sha2 0.9.9", +] + +[[package]] +name = "ic-crypto-internal-types" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "arrayvec", + "base64 0.11.0", + "hex", + "ic-protobuf", + "phantom_newtype", + "serde", + "serde_cbor", + "strum 0.18.0", + "strum_macros 0.18.0", + "thiserror", + "zeroize", +] + +[[package]] +name = "ic-crypto-sha" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "ic-crypto-internal-sha2", +] + +[[package]] +name = "ic-crypto-tree-hash" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "ic-crypto-internal-types", + "ic-crypto-sha", + "ic-protobuf", + "serde", + "serde_bytes", +] + +[[package]] +name = "ic-error-types" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "candid", + "ic-protobuf", + "serde", + "strum 0.20.0", + "strum_macros 0.20.1", +] + +[[package]] +name = "ic-ic00-types" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "candid", + "ic-base-types", + "ic-error-types", + "ic-protobuf", + "num-traits", + "serde", + "serde_bytes", + "serde_cbor", + "strum 0.18.0", + "strum_macros 0.18.0", +] + +[[package]] +name = "ic-identity-hsm" +version = "0.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4f23185559fafa2c475db99df789191c7494627184425726080788bd8ff1e6b1" +dependencies = [ + "hex", + "ic-agent", + "num-bigint 0.4.3", + "pkcs11", + "sha2 0.10.2", + "simple_asn1", + "thiserror", +] + +[[package]] +name = "ic-nns-common" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "candid", + "dfn_core", + "ic-base-types", + "ic-crypto-sha", + "ic-nns-constants", + "ic-protobuf", + "ic-registry-keys", + "ic-registry-transport", + "ic-types 0.8.0", + "lazy_static", + "on_wire", + "prost", + "prost-build", + "prost-types", + "serde", + "sha2 0.9.9", +] + +[[package]] +name = "ic-nns-constants" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "ed25519-dalek", + "ic-base-types", + "ic-types 0.8.0", + "lazy_static", + "rand_chacha 0.2.2", + "rand_core 0.5.1", +] + +[[package]] +name = "ic-protobuf" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "bincode", + "erased-serde", + "prost", + "prost-build", + "serde", + "serde_json", + "slog", +] + +[[package]] +name = "ic-registry-keys" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "ic-base-types", + "ic-types 0.8.0", +] + +[[package]] +name = "ic-registry-transport" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "bytes", + "candid", + "ic-protobuf", + "prost", + "prost-build", + "prost-types", + "serde", +] + +[[package]] +name = "ic-types" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0e78ec6f58886cdc252d6f912dc794211bd6bbc39ddc9dcda434b2dc16c335b3" +dependencies = [ + "base32", + "crc32fast", + "hex", + "serde", + "serde_bytes", + "sha2 0.9.9", + "thiserror", +] + +[[package]] +name = "ic-types" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "base32", + "base64 0.11.0", + "bincode", + "byte-unit", + "candid", + "chrono", + "derive_more", + "hex", + "ic-base-types", + "ic-crypto-internal-types", + "ic-crypto-sha", + "ic-crypto-tree-hash", + "ic-error-types", + "ic-ic00-types", + "ic-protobuf", + "ic-registry-transport", + "ic-utils", + "maplit", + "num-traits", + "once_cell 1.4.0-alpha.0", + "phantom_newtype", + "prost", + "serde", + "serde_bytes", + "serde_cbor", + "serde_json", + "serde_with", + "strum 0.18.0", + "strum_macros 0.18.0", + "thiserror", + "url", +] + +[[package]] +name = "ic-utils" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "bitflags", + "cvt", + "features", + "hex", + "libc", + "prost", + "rand 0.8.5", +] + +[[package]] +name = "ident_case" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" + +[[package]] +name = "idna" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de910d521f7cc3135c4de8db1cb910e0b5ed1dc6f57c381cd07e8e661ce10094" +dependencies = [ + "matches", + "unicode-bidi", + "unicode-normalization", +] + +[[package]] +name = "indexmap" +version = "1.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6012d540c5baa3589337a98ce73408de9b5a25ec9fc2c6fd6be8f0d39e0ca5a" +dependencies = [ + "autocfg 1.1.0", + "hashbrown", +] + +[[package]] +name = "instant" +version = "0.1.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" +dependencies = [ + "cfg-if 1.0.0", +] + +[[package]] +name = "intmap" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae52f28f45ac2bc96edb7714de995cffc174a395fb0abf5bff453587c980d7b9" + +[[package]] +name = "ipnet" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "879d54834c8c76457ef4293a689b2a8c59b076067ad77b15efafbb05f92a592b" + +[[package]] +name = "itertools" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "284f18f85651fe11e8a991b2adb42cb078325c996ed026d994719efcfca1d54b" +dependencies = [ + "either", +] + +[[package]] +name = "itertools" +version = "0.10.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9a9d19fa1e79b6215ff29b9d6880b706147f16e9b1dbb1e4e5947b5b02bc5e3" +dependencies = [ + "either", +] + +[[package]] +name = "itoa" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "112c678d4050afce233f4f2852bb2eb519230b3cf12f33585275537d7e41578d" + +[[package]] +name = "js-sys" +version = "0.3.57" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "671a26f820db17c2a2750743f1dd03bafd15b98c9f30c7c2628c024c05d73397" +dependencies = [ + "wasm-bindgen", +] + +[[package]] +name = "k256" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b953594f084668b4138b8b2fa63ed9776b476c58aa507d575c5206e8bfe5dc4a" +dependencies = [ + "cfg-if 1.0.0", + "ecdsa", + "elliptic-curve", + "sha2 0.10.2", +] + +[[package]] +name = "lalrpop" +version = "0.19.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b30455341b0e18f276fa64540aff54deafb54c589de6aca68659c63dd2d5d823" +dependencies = [ + "ascii-canvas", + "atty", + "bit-set", + "diff", + "ena", + "itertools 0.10.3", + "lalrpop-util", + "petgraph 0.6.2", + "pico-args", + "regex", + "regex-syntax", + "string_cache", + "term", + "tiny-keccak", + "unicode-xid", +] + +[[package]] +name = "lalrpop-util" +version = "0.19.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bcf796c978e9b4d983414f4caedc9273aa33ee214c5b887bd55fde84c85d2dc4" +dependencies = [ + "regex", +] + +[[package]] +name = "lazy_static" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" + +[[package]] +name = "leb128" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "884e2677b40cc8c339eaefcb701c32ef1fd2493d71118dc0ca4b6a736c93bd67" + +[[package]] +name = "ledger-canister" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "byteorder", + "candid", + "crc32fast", + "dfn_candid", + "dfn_core", + "dfn_http", + "dfn_protobuf", + "digest 0.9.0", + "hex", + "ic-base-types", + "ic-crypto-sha", + "ic-nns-constants", + "ic-types 0.8.0", + "intmap", + "lazy_static", + "on_wire", + "phantom_newtype", + "prost", + "prost-build", + "prost-derive", + "serde", + "serde_bytes", + "serde_cbor", + "yansi", +] + +[[package]] +name = "libc" +version = "0.2.126" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "349d5a591cd28b49e1d1037471617a32ddcda5731b99419008085f72d5a53836" + +[[package]] +name = "libloading" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2b111a074963af1d37a139918ac6d49ad1d0d5e47f72fd55388619691a7d753" +dependencies = [ + "cc", + "winapi", +] + +[[package]] +name = "libsecp256k1" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fc1e2c808481a63dc6da2074752fdd4336a3c8fcc68b83db6f1fd5224ae7962" +dependencies = [ + "arrayref", + "crunchy", + "digest 0.8.1", + "hmac-drbg 0.2.0", + "rand 0.7.3", + "sha2 0.8.2", + "subtle 2.4.1", + "typenum", +] + +[[package]] +name = "libsecp256k1" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0452aac8bab02242429380e9b2f94ea20cea2b37e2c1777a1358799bbe97f37" +dependencies = [ + "arrayref", + "base64 0.13.0", + "digest 0.9.0", + "hmac-drbg 0.3.0", + "libsecp256k1-core", + "libsecp256k1-gen-ecmult", + "libsecp256k1-gen-genmult", + "rand 0.8.5", + "serde", + "sha2 0.9.9", + "typenum", +] + +[[package]] +name = "libsecp256k1-core" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5be9b9bb642d8522a44d533eab56c16c738301965504753b03ad1de3425d5451" +dependencies = [ + "crunchy", + "digest 0.9.0", + "subtle 2.4.1", +] + +[[package]] +name = "libsecp256k1-gen-ecmult" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3038c808c55c87e8a172643a7d87187fc6c4174468159cb3090659d55bcb4809" +dependencies = [ + "libsecp256k1-core", +] + +[[package]] +name = "libsecp256k1-gen-genmult" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3db8d6ba2cec9eacc40e6e8ccc98931840301f1006e95647ceb2dd5c3aa06f7c" +dependencies = [ + "libsecp256k1-core", +] + +[[package]] +name = "lock_api" +version = "0.4.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "327fa5b6a6940e4699ec49a9beae1ea4845c6bab9314e4f84ac68742139d8c53" +dependencies = [ + "autocfg 1.1.0", + "scopeguard", +] + +[[package]] +name = "log" +version = "0.4.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" +dependencies = [ + "cfg-if 1.0.0", +] + +[[package]] +name = "logos" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "427e2abca5be13136da9afdbf874e6b34ad9001dd70f2b103b083a85daa7b345" +dependencies = [ + "logos-derive", +] + +[[package]] +name = "logos-derive" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56a7d287fd2ac3f75b11f19a1c8a874a7d55744bd91f7a1b3e7cf87d4343c36d" +dependencies = [ + "beef", + "fnv", + "proc-macro2", + "quote", + "regex-syntax", + "syn", + "utf8-ranges", +] + +[[package]] +name = "maplit" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3e2e65a1a2e43cfcb47a895c4c8b10d1f4a61097f9f254f183aee60cad9c651d" + +[[package]] +name = "matches" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a3e378b66a060d48947b590737b30a1be76706c8dd7b8ba0f2fe3989c68a853f" + +[[package]] +name = "maybe-uninit" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "60302e4db3a61da70c0cb7991976248362f30319e88850c487b9b95bbf059e00" + +[[package]] +name = "memchr" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" + +[[package]] +name = "memzero" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93c0d11ac30a033511ae414355d80f70d9f29a44a49140face477117a1ee90db" + +[[package]] +name = "mime" +version = "0.3.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a60c7ce501c71e03a9c9c0d35b861413ae925bd979cc7a4e30d060069aaac8d" + +[[package]] +name = "miniz_oxide" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f5c75688da582b8ffc1f1799e9db273f32133c49e048f614d22ec3256773ccc" +dependencies = [ + "adler", +] + +[[package]] +name = "mio" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "713d550d9b44d89174e066b7a6217ae06234c10cb47819a88290d2b353c31799" +dependencies = [ + "libc", + "log", + "wasi 0.11.0+wasi-snapshot-preview1", + "windows-sys", +] + +[[package]] +name = "multimap" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e5ce46fe64a9d73be07dcbe690a38ce1b293be448fd8ce1e6c1b8062c9f72c6a" + +[[package]] +name = "native-tls" +version = "0.2.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd7e2f3618557f980e0b17e8856252eee3c97fa12c54dff0ca290fb6266ca4a9" +dependencies = [ + "lazy_static", + "libc", + "log", + "openssl", + "openssl-probe", + "openssl-sys", + "schannel", + "security-framework", + "security-framework-sys", + "tempfile", +] + +[[package]] +name = "new_debug_unreachable" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e4a24736216ec316047a1fc4252e27dabb04218aa4a3f37c6e7ddbf1f9782b54" + +[[package]] +name = "num-bigint" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "090c7f9998ee0ff65aa5b723e4009f7b217707f1fb5ea551329cc4d6231fb304" +dependencies = [ + "autocfg 1.1.0", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-bigint" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f93ab6289c7b344a8a9f60f88d80aa20032336fe78da341afc91c8a2341fc75f" +dependencies = [ + "autocfg 1.1.0", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-integer" +version = "0.1.45" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" +dependencies = [ + "autocfg 1.1.0", + "num-traits", +] + +[[package]] +name = "num-traits" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" +dependencies = [ + "autocfg 1.1.0", +] + +[[package]] +name = "num_cpus" +version = "1.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19e64526ebdee182341572e50e9ad03965aa510cd94427a4549448f285e957a1" +dependencies = [ + "hermit-abi", + "libc", +] + +[[package]] +name = "num_enum" +version = "0.5.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf5395665662ef45796a4ff5486c5d41d29e0c09640af4c5f17fd94ee2c119c9" +dependencies = [ + "num_enum_derive", +] + +[[package]] +name = "num_enum_derive" +version = "0.5.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b0498641e53dd6ac1a4f22547548caa6864cc4933784319cd1775271c5a46ce" +dependencies = [ + "proc-macro-crate", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "num_threads" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44" +dependencies = [ + "libc", +] + +[[package]] +name = "on_wire" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" + +[[package]] +name = "once_cell" +version = "1.4.0-alpha.0" +source = "git+https://github.com/dfinity-lab/once_cell?branch=master#854095347d356e006ea29b7750637a14a20a6dae" + +[[package]] +name = "once_cell" +version = "1.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7709cef83f0c1f58f666e746a08b21e0085f7440fa6a29cc194d68aac97a4225" + +[[package]] +name = "opaque-debug" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2839e79665f131bdb5782e51f2c6c9599c133c6098982a54c794358bf432529c" + +[[package]] +name = "opaque-debug" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" + +[[package]] +name = "openssl" +version = "0.10.40" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fb81a6430ac911acb25fe5ac8f1d2af1b4ea8a4fdfda0f1ee4292af2e2d8eb0e" +dependencies = [ + "bitflags", + "cfg-if 1.0.0", + "foreign-types", + "libc", + "once_cell 1.12.0", + "openssl-macros", + "openssl-sys", +] + +[[package]] +name = "openssl-macros" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b501e44f11665960c7e7fcf062c7d96a14ade4aa98116c004b2e37b5be7d736c" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "openssl-probe" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" + +[[package]] +name = "openssl-src" +version = "111.22.0+1.1.1q" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f31f0d509d1c1ae9cada2f9539ff8f37933831fd5098879e482aa687d659853" +dependencies = [ + "cc", +] + +[[package]] +name = "openssl-sys" +version = "0.9.74" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "835363342df5fba8354c5b453325b110ffd54044e588c539cf2f20a8014e4cb1" +dependencies = [ + "autocfg 1.1.0", + "cc", + "libc", + "openssl-src", + "pkg-config", + "vcpkg", +] + +[[package]] +name = "os_str_bytes" +version = "6.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "21326818e99cfe6ce1e524c2a805c189a99b5ae555a35d19f9a284b427d86afa" + +[[package]] +name = "parking_lot" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" +dependencies = [ + "lock_api", + "parking_lot_core", +] + +[[package]] +name = "parking_lot_core" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09a279cbf25cb0757810394fbc1e359949b59e348145c643a939a525692e6929" +dependencies = [ + "cfg-if 1.0.0", + "libc", + "redox_syscall", + "smallvec 1.8.0", + "windows-sys", +] + +[[package]] +name = "paste" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c520e05135d6e763148b6426a837e239041653ba7becd2e538c076c738025fc" + +[[package]] +name = "pem" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e9a3b09a20e374558580a4914d3b7d89bd61b954a5a5e1dcbea98753addb1947" +dependencies = [ + "base64 0.13.0", +] + +[[package]] +name = "pem-rfc7468" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24d159833a9105500e0398934e205e0773f0b27529557134ecfc51c27646adac" +dependencies = [ + "base64ct", +] + +[[package]] +name = "percent-encoding" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e" + +[[package]] +name = "petgraph" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "467d164a6de56270bd7c4d070df81d07beace25012d5103ced4e9ff08d6afdb7" +dependencies = [ + "fixedbitset 0.2.0", + "indexmap", +] + +[[package]] +name = "petgraph" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6d5014253a1331579ce62aa67443b4a658c5e7dd03d4bc6d302b94474888143" +dependencies = [ + "fixedbitset 0.4.1", + "indexmap", +] + +[[package]] +name = "phantom_newtype" +version = "0.8.0" +source = "git+https://github.com/dfinity/ic?rev=bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab#bd3b73e075aea1cc81b23b38ccfb138ca4ab17ab" +dependencies = [ + "candid", + "proptest", + "serde", + "slog", +] + +[[package]] +name = "phf_shared" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6796ad771acdc0123d2a88dc428b5e38ef24456743ddb1744ed628f9815c096" +dependencies = [ + "siphasher", +] + +[[package]] +name = "pico-args" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db8bcd96cb740d03149cbad5518db9fd87126a10ab519c011893b1754134c468" + +[[package]] +name = "pin-project-lite" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e0a7ae3ac2f1173085d398531c705756c94a4c56843785df85a60c1a0afac116" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "pkcs11" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3aca6d67e4c8613bfe455599d0233d00735f85df2001f6bfd9bb7ac0496b10af" +dependencies = [ + "libloading", + "num-bigint 0.2.6", +] + +[[package]] +name = "pkcs8" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9eca2c590a5f85da82668fa685c09ce2888b9430e83299debf1f34b65fd4a4ba" +dependencies = [ + "der", + "spki", +] + +[[package]] +name = "pkg-config" +version = "0.3.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1df8c4ec4b0627e53bdf214615ad287367e482558cf84b109250b37464dc03ae" + +[[package]] +name = "ppv-lite86" +version = "0.2.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eb9f9e6e233e5c4a35559a617bf40a4ec447db2e84c20b55a6f83167b7e57872" + +[[package]] +name = "precomputed-hash" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "925383efa346730478fb4838dbe9137d2a47675ad789c546d150a6e1dd4ab31c" + +[[package]] +name = "pretty" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ad9940b913ee56ddd94aec2d3cd179dd47068236f42a1a6415ccf9d880ce2a61" +dependencies = [ + "arrayvec", + "typed-arena", +] + +[[package]] +name = "proc-macro-crate" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e17d47ce914bf4de440332250b0edd23ce48c005f59fab39d3335866b114f11a" +dependencies = [ + "thiserror", + "toml", +] + +[[package]] +name = "proc-macro-error" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" +dependencies = [ + "proc-macro-error-attr", + "proc-macro2", + "quote", + "syn", + "version_check", +] + +[[package]] +name = "proc-macro-error-attr" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" +dependencies = [ + "proc-macro2", + "quote", + "version_check", +] + +[[package]] +name = "proc-macro2" +version = "1.0.39" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c54b25569025b7fc9651de43004ae593a75ad88543b17178aa5e1b9c4f15f56f" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "proptest" +version = "0.9.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01c477819b845fe023d33583ebf10c9f62518c8d79a0960ba5c36d6ac8a55a5b" +dependencies = [ + "bit-set", + "bitflags", + "byteorder", + "lazy_static", + "num-traits", + "quick-error", + "rand 0.6.5", + "rand_chacha 0.1.1", + "rand_xorshift", + "regex-syntax", + "rusty-fork", + "tempfile", +] + +[[package]] +name = "prost" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e6984d2f1a23009bd270b8bb56d0926810a3d483f59c987d77969e9d8e840b2" +dependencies = [ + "bytes", + "prost-derive", +] + +[[package]] +name = "prost-build" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32d3ebd75ac2679c2af3a92246639f9fcc8a442ee420719cc4fe195b98dd5fa3" +dependencies = [ + "bytes", + "heck 0.3.3", + "itertools 0.9.0", + "log", + "multimap", + "petgraph 0.5.1", + "prost", + "prost-types", + "tempfile", + "which", +] + +[[package]] +name = "prost-derive" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "169a15f3008ecb5160cba7d37bcd690a7601b6d30cfb87a117d45e59d52af5d4" +dependencies = [ + "anyhow", + "itertools 0.9.0", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "prost-types" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b518d7cdd93dab1d1122cf07fa9a60771836c668dde9d9e2a139f957f0d9f1bb" +dependencies = [ + "bytes", + "prost", +] + +[[package]] +name = "qrcodegen" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4339fc7a1021c9c1621d87f5e3505f2805c8c105420ba2f2a4df86814590c142" + +[[package]] +name = "quick-error" +version = "1.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0" + +[[package]] +name = "quickcheck" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "588f6378e4dd99458b60ec275b4477add41ce4fa9f64dcba6f15adccb19b50d6" +dependencies = [ + "rand 0.8.5", +] + +[[package]] +name = "quill" +version = "0.2.17" +dependencies = [ + "anyhow", + "base64 0.13.0", + "bip39", + "candid", + "clap", + "flate2", + "hex", + "ic-agent", + "ic-base-types", + "ic-identity-hsm", + "ic-nns-common", + "ic-nns-constants", + "ic-types 0.3.0", + "ledger-canister", + "libsecp256k1 0.7.0", + "num-bigint 0.4.3", + "openssl", + "pem", + "qrcodegen", + "rand 0.8.5", + "reqwest", + "rpassword", + "serde", + "serde_bytes", + "serde_cbor", + "serde_json", + "simple_asn1", + "tempfile", + "tiny-hderive", + "tokio", +] + +[[package]] +name = "quote" +version = "1.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1feb54ed693b93a84e14094943b84b7c4eae204c512b7ccb95ab0c66d278ad1" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "rand" +version = "0.6.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d71dacdc3c88c1fde3885a3be3fbab9f35724e6ce99467f7d9c5026132184ca" +dependencies = [ + "autocfg 0.1.8", + "libc", + "rand_chacha 0.1.1", + "rand_core 0.4.2", + "rand_hc 0.1.0", + "rand_isaac", + "rand_jitter", + "rand_os", + "rand_pcg", + "rand_xorshift", + "winapi", +] + +[[package]] +name = "rand" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" +dependencies = [ + "getrandom 0.1.16", + "libc", + "rand_chacha 0.2.2", + "rand_core 0.5.1", + "rand_hc 0.2.0", +] + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha 0.3.1", + "rand_core 0.6.3", +] + +[[package]] +name = "rand_chacha" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "556d3a1ca6600bfcbab7c7c91ccb085ac7fbbcd70e008a98742e7847f4f7bcef" +dependencies = [ + "autocfg 0.1.8", + "rand_core 0.3.1", +] + +[[package]] +name = "rand_chacha" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" +dependencies = [ + "ppv-lite86", + "rand_core 0.5.1", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core 0.6.3", +] + +[[package]] +name = "rand_core" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a6fdeb83b075e8266dcc8762c22776f6877a63111121f5f8c7411e5be7eed4b" +dependencies = [ + "rand_core 0.4.2", +] + +[[package]] +name = "rand_core" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c33a3c44ca05fa6f1807d8e6743f3824e8509beca625669633be0acbdf509dc" + +[[package]] +name = "rand_core" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" +dependencies = [ + "getrandom 0.1.16", +] + +[[package]] +name = "rand_core" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" +dependencies = [ + "getrandom 0.2.6", +] + +[[package]] +name = "rand_hc" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7b40677c7be09ae76218dc623efbf7b18e34bced3f38883af07bb75630a21bc4" +dependencies = [ + "rand_core 0.3.1", +] + +[[package]] +name = "rand_hc" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" +dependencies = [ + "rand_core 0.5.1", +] + +[[package]] +name = "rand_isaac" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ded997c9d5f13925be2a6fd7e66bf1872597f759fd9dd93513dd7e92e5a5ee08" +dependencies = [ + "rand_core 0.3.1", +] + +[[package]] +name = "rand_jitter" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1166d5c91dc97b88d1decc3285bb0a99ed84b05cfd0bc2341bdf2d43fc41e39b" +dependencies = [ + "libc", + "rand_core 0.4.2", + "winapi", +] + +[[package]] +name = "rand_os" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7b75f676a1e053fc562eafbb47838d67c84801e38fc1ba459e8f180deabd5071" +dependencies = [ + "cloudabi", + "fuchsia-cprng", + "libc", + "rand_core 0.4.2", + "rdrand", + "winapi", +] + +[[package]] +name = "rand_pcg" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "abf9b09b01790cfe0364f52bf32995ea3c39f4d2dd011eac241d2914146d0b44" +dependencies = [ + "autocfg 0.1.8", + "rand_core 0.4.2", +] + +[[package]] +name = "rand_xorshift" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cbf7e9e623549b0e21f6e97cf8ecf247c1a8fd2e8a992ae265314300b2455d5c" +dependencies = [ + "rand_core 0.3.1", +] + +[[package]] +name = "rdrand" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "678054eb77286b51581ba43620cc911abf02758c91f93f479767aed0f90458b2" +dependencies = [ + "rand_core 0.3.1", +] + +[[package]] +name = "redox_syscall" +version = "0.2.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62f25bc4c7e55e0b0b7a1d43fb893f4fa1361d0abe38b9ce4f323c2adfe6ef42" +dependencies = [ + "bitflags", +] + +[[package]] +name = "redox_users" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b033d837a7cf162d7993aded9304e30a83213c648b6e389db233191f891e5c2b" +dependencies = [ + "getrandom 0.2.6", + "redox_syscall", + "thiserror", +] + +[[package]] +name = "regex" +version = "1.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d83f127d94bdbcda4c8cc2e50f6f84f4b611f69c902699ca385a39c3a75f9ff1" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.6.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49b3de9ec5dc0a3417da371aab17d729997c15010e7fd24ff707773a33bddb64" + +[[package]] +name = "remove_dir_all" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3acd125665422973a33ac9d3dd2df85edad0f4ae9b00dafb1a05e43a9f5ef8e7" +dependencies = [ + "winapi", +] + +[[package]] +name = "reqwest" +version = "0.11.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46a1f7aa4f35e5e8b4160449f51afc758f0ce6454315a9fa7d0d113e958c41eb" +dependencies = [ + "base64 0.13.0", + "bytes", + "encoding_rs", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "hyper", + "hyper-rustls", + "hyper-tls", + "ipnet", + "js-sys", + "lazy_static", + "log", + "mime", + "native-tls", + "percent-encoding", + "pin-project-lite", + "rustls", + "rustls-pemfile 0.3.0", + "serde", + "serde_json", + "serde_urlencoded", + "tokio", + "tokio-native-tls", + "tokio-rustls", + "url", + "wasm-bindgen", + "wasm-bindgen-futures", + "web-sys", + "webpki-roots", + "winreg", +] + +[[package]] +name = "rfc6979" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c0788437d5ee113c49af91d3594ebc4fcdcc962f8b6df5aa1c3eeafd8ad95de" +dependencies = [ + "crypto-bigint", + "hmac 0.12.1", + "zeroize", +] + +[[package]] +name = "ring" +version = "0.16.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc" +dependencies = [ + "cc", + "libc", + "once_cell 1.12.0", + "spin", + "untrusted", + "web-sys", + "winapi", +] + +[[package]] +name = "rpassword" +version = "6.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2bf099a1888612545b683d2661a1940089f6c2e5a8e38979b2159da876bfd956" +dependencies = [ + "libc", + "serde", + "serde_json", + "winapi", +] + +[[package]] +name = "rustls" +version = "0.20.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5aab8ee6c7097ed6057f43c187a62418d0c05a4bd5f18b3571db50ee0f9ce033" +dependencies = [ + "log", + "ring", + "sct", + "webpki", +] + +[[package]] +name = "rustls-native-certs" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0167bac7a9f490495f3c33013e7722b53cb087ecbe082fb0c6387c96f634ea50" +dependencies = [ + "openssl-probe", + "rustls-pemfile 1.0.0", + "schannel", + "security-framework", +] + +[[package]] +name = "rustls-pemfile" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ee86d63972a7c661d1536fefe8c3c8407321c3df668891286de28abcd087360" +dependencies = [ + "base64 0.13.0", +] + +[[package]] +name = "rustls-pemfile" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7522c9de787ff061458fe9a829dc790a3f5b22dc571694fc5883f448b94d9a9" +dependencies = [ + "base64 0.13.0", +] + +[[package]] +name = "rustversion" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2cc38e8fa666e2de3c4aba7edeb5ffc5246c1c2ed0e3d17e560aeeba736b23f" + +[[package]] +name = "rusty-fork" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3dd93264e10c577503e926bd1430193eeb5d21b059148910082245309b424fae" +dependencies = [ + "fnv", + "quick-error", + "tempfile", + "wait-timeout", +] + +[[package]] +name = "ryu" +version = "1.0.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f3f6f92acf49d1b98f7a81226834412ada05458b7364277387724a237f062695" + +[[package]] +name = "schannel" +version = "0.1.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "88d6731146462ea25d9244b2ed5fd1d716d25c52e4d54aa4fb0f3c4e9854dbe2" +dependencies = [ + "lazy_static", + "windows-sys", +] + +[[package]] +name = "scopeguard" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" + +[[package]] +name = "sct" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d53dcdb7c9f8158937a7981b48accfd39a43af418591a5d008c7b22b5e1b7ca4" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] +name = "sec1" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3be24c1842290c45df0a7bf069e0c268a747ad05a192f2fd7dcfdbc1cba40928" +dependencies = [ + "base16ct", + "der", + "generic-array 0.14.5", + "pkcs8", + "subtle 2.4.1", + "zeroize", +] + +[[package]] +name = "security-framework" +version = "2.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2dc14f172faf8a0194a3aded622712b0de276821addc574fa54fc0a1167e10dc" +dependencies = [ + "bitflags", + "core-foundation", + "core-foundation-sys", + "libc", + "security-framework-sys", +] + +[[package]] +name = "security-framework-sys" +version = "2.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0160a13a177a45bfb43ce71c01580998474f556ad854dcbca936dd2841a5c556" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "serde" +version = "1.0.137" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61ea8d54c77f8315140a05f4c7237403bf38b72704d031543aa1d16abbf517d1" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_bytes" +version = "0.11.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "212e73464ebcde48d723aa02eb270ba62eff38a9b732df31f33f1b4e145f3a54" +dependencies = [ + "serde", +] + +[[package]] +name = "serde_cbor" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2bef2ebfde456fb76bbcf9f59315333decc4fda0b2b44b420243c11e0f5ec1f5" +dependencies = [ + "half", + "serde", +] + +[[package]] +name = "serde_derive" +version = "1.0.137" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f26faba0c3959972377d3b2d306ee9f71faee9714294e41bb777f83f88578be" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "serde_json" +version = "1.0.81" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b7ce2b32a1aed03c558dc61a5cd328f15aff2dbc17daad8fb8af04d2100e15c" +dependencies = [ + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "serde_urlencoded" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd" +dependencies = [ + "form_urlencoded", + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "serde_with" +version = "1.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "678b5a069e50bf00ecd22d0cd8ddf7c236f68581b03db652061ed5eb13a312ff" +dependencies = [ + "serde", + "serde_with_macros", +] + +[[package]] +name = "serde_with_macros" +version = "1.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e182d6ec6f05393cc0e5ed1bf81ad6db3a8feedf8ee515ecdd369809bcce8082" +dependencies = [ + "darling", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "sha2" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a256f46ea78a0c0d9ff00077504903ac881a1dafdc20da66545699e7776b3e69" +dependencies = [ + "block-buffer 0.7.3", + "digest 0.8.1", + "fake-simd", + "opaque-debug 0.2.3", +] + +[[package]] +name = "sha2" +version = "0.9.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" +dependencies = [ + "block-buffer 0.9.0", + "cfg-if 1.0.0", + "cpufeatures", + "digest 0.9.0", + "opaque-debug 0.3.0", +] + +[[package]] +name = "sha2" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "55deaec60f81eefe3cce0dc50bda92d6d8e88f2a27df7c5033b42afeb1ed2676" +dependencies = [ + "cfg-if 1.0.0", + "cpufeatures", + "digest 0.10.3", +] + +[[package]] +name = "signature" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f054c6c1a6e95179d6f23ed974060dcefb2d9388bb7256900badad682c499de4" +dependencies = [ + "digest 0.10.3", + "rand_core 0.6.3", +] + +[[package]] +name = "simple_asn1" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a762b1c38b9b990c694b9c2f8abe3372ce6a9ceaae6bca39cfc46e054f45745" +dependencies = [ + "num-bigint 0.4.3", + "num-traits", + "thiserror", + "time 0.3.9", +] + +[[package]] +name = "siphasher" +version = "0.3.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7bd3e3206899af3f8b12af284fafc038cc1dc2b41d1b89dd17297221c5d225de" + +[[package]] +name = "slab" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eb703cfe953bccee95685111adeedb76fabe4e97549a58d16f03ea7b9367bb32" + +[[package]] +name = "slog" +version = "2.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8347046d4ebd943127157b94d63abb990fcf729dc4e9978927fdf4ac3c998d06" +dependencies = [ + "erased-serde", +] + +[[package]] +name = "smallvec" +version = "0.6.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b97fcaeba89edba30f044a10c6a3cc39df9c3f17d7cd829dd1446cab35f890e0" +dependencies = [ + "maybe-uninit", +] + +[[package]] +name = "smallvec" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2dd574626839106c320a323308629dcb1acfc96e32a8cba364ddc61ac23ee83" + +[[package]] +name = "socket2" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "66d72b759436ae32898a2af0a14218dbf55efde3feeb170eb623637db85ee1e0" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "spin" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" + +[[package]] +name = "spki" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "67cf02bbac7a337dc36e4f5a693db6c21e7863f45070f7064577eb4367a3212b" +dependencies = [ + "base64ct", + "der", +] + +[[package]] +name = "string_cache" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "213494b7a2b503146286049378ce02b482200519accc31872ee8be91fa820a08" +dependencies = [ + "new_debug_unreachable", + "once_cell 1.12.0", + "parking_lot", + "phf_shared", + "precomputed-hash", +] + +[[package]] +name = "strsim" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" + +[[package]] +name = "strum" +version = "0.18.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57bd81eb48f4c437cadc685403cad539345bf703d78e63707418431cecd4522b" + +[[package]] +name = "strum" +version = "0.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7318c509b5ba57f18533982607f24070a55d353e90d4cae30c467cdb2ad5ac5c" + +[[package]] +name = "strum_macros" +version = "0.18.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87c85aa3f8ea653bfd3ddf25f7ee357ee4d204731f6aa9ad04002306f6e2774c" +dependencies = [ + "heck 0.3.3", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "strum_macros" +version = "0.20.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee8bc6b87a5112aeeab1f4a9f7ab634fe6cbefc4850006df31267f4cfb9e3149" +dependencies = [ + "heck 0.3.3", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "subtle" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2d67a5a62ba6e01cb2192ff309324cb4875d0c451d55fe2319433abe7a05a8ee" + +[[package]] +name = "subtle" +version = "2.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" + +[[package]] +name = "syn" +version = "1.0.95" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fbaf6116ab8924f39d52792136fb74fd60a80194cf1b1c6ffa6453eef1c3f942" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "synstructure" +version = "0.12.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f36bdaa60a83aca3921b5259d5400cbf5e90fc51931376a9bd4a0eb79aa7210f" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "unicode-xid", +] + +[[package]] +name = "tempfile" +version = "3.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5cdb1ef4eaeeaddc8fbd371e5017057064af0911902ef36b39801f67cc6d79e4" +dependencies = [ + "cfg-if 1.0.0", + "fastrand", + "libc", + "redox_syscall", + "remove_dir_all", + "winapi", +] + +[[package]] +name = "term" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c59df8ac95d96ff9bede18eb7300b0fda5e5d8d90960e76f8e14ae765eedbf1f" +dependencies = [ + "dirs-next", + "rustversion", + "winapi", +] + +[[package]] +name = "termcolor" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bab24d30b911b2376f3a13cc2cd443142f0c81dda04c118693e35b3835757755" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "textwrap" +version = "0.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1141d4d61095b28419e22cb0bbf02755f5e54e0526f97f1e3d1d160e60885fb" + +[[package]] +name = "thiserror" +version = "1.0.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd829fe32373d27f76265620b5309d0340cb8550f523c1dda251d6298069069a" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0396bc89e626244658bef819e22d0cc459e795a5ebe878e6ec336d1674a8d79a" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "time" +version = "0.1.43" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca8a50ef2360fbd1eeb0ecd46795a87a19024eb4b53c5dc916ca1fd95fe62438" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "time" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2702e08a7a860f005826c6815dcac101b19b5eb330c27fe4a5928fec1d20ddd" +dependencies = [ + "itoa", + "libc", + "num_threads", + "quickcheck", + "time-macros", +] + +[[package]] +name = "time-macros" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42657b1a6f4d817cda8e7a0ace261fe0cc946cf3a80314390b22cc61ae080792" + +[[package]] +name = "tiny-hderive" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01b874a4992538d4b2f4fbbac11b9419d685f4b39bdc3fed95b04e07bfd76040" +dependencies = [ + "base58", + "hmac 0.7.1", + "libsecp256k1 0.3.5", + "memzero", + "sha2 0.8.2", +] + +[[package]] +name = "tiny-keccak" +version = "2.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c9d3793400a45f954c52e73d068316d76b6f4e36977e3fcebb13a2721e80237" +dependencies = [ + "crunchy", +] + +[[package]] +name = "tokio" +version = "1.18.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4903bf0427cf68dddd5aa6a93220756f8be0c34fcfa9f5e6191e103e15a31395" +dependencies = [ + "bytes", + "libc", + "memchr", + "mio", + "num_cpus", + "once_cell 1.12.0", + "pin-project-lite", + "socket2", + "winapi", +] + +[[package]] +name = "tokio-native-tls" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f7d995660bd2b7f8c1568414c1126076c13fbb725c40112dc0120b78eb9b717b" +dependencies = [ + "native-tls", + "tokio", +] + +[[package]] +name = "tokio-rustls" +version = "0.23.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c43ee83903113e03984cb9e5cebe6c04a5116269e900e3ddba8f068a62adda59" +dependencies = [ + "rustls", + "tokio", + "webpki", +] + +[[package]] +name = "tokio-util" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f988a1a1adc2fb21f9c12aa96441da33a1728193ae0b95d2be22dbd17fcb4e5c" +dependencies = [ + "bytes", + "futures-core", + "futures-sink", + "pin-project-lite", + "tokio", + "tracing", +] + +[[package]] +name = "toml" +version = "0.5.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d82e1a7758622a465f8cee077614c73484dac5b836c02ff6a40d5d1010324d7" +dependencies = [ + "serde", +] + +[[package]] +name = "tower-service" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "360dfd1d6d30e05fda32ace2c8c70e9c0a9da713275777f5a4dbb8a1893930c6" + +[[package]] +name = "tracing" +version = "0.1.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5d0ecdcb44a79f0fe9844f0c4f33a342cbcbb5117de8001e6ba0dc2351327d09" +dependencies = [ + "cfg-if 1.0.0", + "pin-project-lite", + "tracing-attributes", + "tracing-core", +] + +[[package]] +name = "tracing-attributes" +version = "0.1.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cc6b8ad3567499f98a1db7a752b07a7c8c7c7c34c332ec00effb2b0027974b7c" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tracing-core" +version = "0.1.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f54c8ca710e81886d498c2fd3331b56c93aa248d49de2222ad2742247c60072f" +dependencies = [ + "lazy_static", +] + +[[package]] +name = "try-lock" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59547bce71d9c38b83d9c0e92b6066c4253371f15005def0c30d9657f50c7642" + +[[package]] +name = "typed-arena" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0685c84d5d54d1c26f7d3eb96cd41550adb97baed141a761cf335d3d33bcd0ae" + +[[package]] +name = "typenum" +version = "1.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987" + +[[package]] +name = "unicode-bidi" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "099b7128301d285f79ddd55b9a83d5e6b9e97c92e0ea0daebee7263e932de992" + +[[package]] +name = "unicode-ident" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d22af068fba1eb5edcb4aea19d382b2a3deb4c8f9d475c589b6ada9e0fd493ee" + +[[package]] +name = "unicode-normalization" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09c8070a9942f5e7cfccd93f490fdebd230ee3c3c9f107cb25bad5351ef671cf" +dependencies = [ + "smallvec 0.6.14", +] + +[[package]] +name = "unicode-segmentation" +version = "1.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7e8820f5d777f6224dc4be3632222971ac30164d4a258d595640799554ebfd99" + +[[package]] +name = "unicode-width" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ed742d4ea2bd1176e236172c8429aaf54486e7ac098db29ffe6529e0ce50973" + +[[package]] +name = "unicode-xid" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "957e51f3646910546462e67d5f7599b9e4fb8acdd304b087a6494730f9eebf04" + +[[package]] +name = "untrusted" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" + +[[package]] +name = "url" +version = "2.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a507c383b2d33b5fc35d1861e77e6b383d158b2da5e14fe51b83dfedf6fd578c" +dependencies = [ + "form_urlencoded", + "idna", + "matches", + "percent-encoding", + "serde", +] + +[[package]] +name = "utf8-ranges" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7fcfc827f90e53a02eaef5e535ee14266c1d569214c6aa70133a624d8a3164ba" + +[[package]] +name = "vcpkg" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" + +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" + +[[package]] +name = "wait-timeout" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9f200f5b12eb75f8c1ed65abd4b2db8a6e1b138a20de009dacee265a2498f3f6" +dependencies = [ + "libc", +] + +[[package]] +name = "want" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ce8a968cb1cd110d136ff8b819a556d6fb6d919363c61534f6860c7eb172ba0" +dependencies = [ + "log", + "try-lock", +] + +[[package]] +name = "wasi" +version = "0.9.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" + +[[package]] +name = "wasi" +version = "0.10.2+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd6fbd9a79829dd1ad0cc20627bf1ed606756a7f77edff7b66b7064f9cb327c6" + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "wasm-bindgen" +version = "0.2.80" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "27370197c907c55e3f1a9fbe26f44e937fe6451368324e009cba39e139dc08ad" +dependencies = [ + "cfg-if 1.0.0", + "wasm-bindgen-macro", +] + +[[package]] +name = "wasm-bindgen-backend" +version = "0.2.80" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "53e04185bfa3a779273da532f5025e33398409573f348985af9a1cbf3774d3f4" +dependencies = [ + "bumpalo", + "lazy_static", + "log", + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-futures" +version = "0.4.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f741de44b75e14c35df886aff5f1eb73aa114fa5d4d00dcd37b5e01259bf3b2" +dependencies = [ + "cfg-if 1.0.0", + "js-sys", + "wasm-bindgen", + "web-sys", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.80" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17cae7ff784d7e83a2fe7611cfe766ecf034111b49deb850a3dc7699c08251f5" +dependencies = [ + "quote", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.80" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "99ec0dc7a4756fffc231aab1b9f2f578d23cd391390ab27f952ae0c9b3ece20b" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-backend", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.80" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d554b7f530dee5964d9a9468d95c1f8b8acae4f282807e7d27d4b03099a46744" + +[[package]] +name = "web-sys" +version = "0.3.57" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7b17e741662c70c8bd24ac5c5b18de314a2c26c32bf8346ee1e6f53de919c283" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "webpki" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f095d78192e208183081cc07bc5515ef55216397af48b873e5edcd72637fa1bd" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] +name = "webpki-roots" +version = "0.22.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44d8de8415c823c8abd270ad483c6feeac771fad964890779f9a8cb24fbbc1bf" +dependencies = [ + "webpki", +] + +[[package]] +name = "which" +version = "4.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c4fb54e6113b6a8772ee41c3404fb0301ac79604489467e0a9ce1f3e97c24ae" +dependencies = [ + "either", + "lazy_static", + "libc", +] + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-util" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178" +dependencies = [ + "winapi", +] + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows-sys" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2" +dependencies = [ + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_msvc", +] + +[[package]] +name = "windows_aarch64_msvc" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47" + +[[package]] +name = "windows_i686_gnu" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6" + +[[package]] +name = "windows_i686_msvc" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" + +[[package]] +name = "winreg" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "80d0f4e272c85def139476380b12f9ac60926689dd2e01d4923222f40580869d" +dependencies = [ + "winapi", +] + +[[package]] +name = "yansi" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09041cd90cf85f7f8b2df60c646f853b7f535ce68f85244eb6731cf89fa498ec" + +[[package]] +name = "zeroize" +version = "1.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94693807d016b2f2d2e14420eb3bfcca689311ff775dcf113d74ea624b7cdf07" +dependencies = [ + "zeroize_derive", +] + +[[package]] +name = "zeroize_derive" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f8f187641dad4f680d25c4bfc4225b418165984179f26ca76ec4fb6441d3a17" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "synstructure", +] diff --git a/nixpkgs/pkgs/tools/security/quill/default.nix b/nixpkgs/pkgs/tools/security/quill/default.nix new file mode 100644 index 000000000000..b2a4f3528d56 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/quill/default.nix @@ -0,0 +1,53 @@ +{ lib, stdenv, rustPlatform, fetchFromGitHub, openssl, Security, libiconv, pkg-config, protobuf, buildPackages }: + +rustPlatform.buildRustPackage rec { + pname = "quill"; + version = "0.2.17"; + + src = fetchFromGitHub { + owner = "dfinity"; + repo = "quill"; + rev = "v${version}"; + sha256 = "sha256-0DHTtnQU26l4DXUVDeHF+hkavlVY7rQykXxgWGSUc/k="; + }; + + ic = fetchFromGitHub { + owner = "dfinity"; + repo = "ic"; + rev = "779549eccfcf61ac702dfc2ee6d76ffdc2db1f7f"; + sha256 = "1r31d5hab7k1n60a7y8fw79fjgfq04cgj9krwa6r9z4isi3919v6"; + }; + + registry = "file://local-registry"; + + preBuild = '' + export REGISTRY_TRANSPORT_PROTO_INCLUDES=${ic}/rs/registry/transport/proto + export IC_BASE_TYPES_PROTO_INCLUDES=${ic}/rs/types/base_types/proto + export IC_PROTOBUF_PROTO_INCLUDES=${ic}/rs/protobuf/def + export IC_NNS_COMMON_PROTO_INCLUDES=${ic}/rs/nns/common/proto + export PROTOC=${buildPackages.protobuf}/bin/protoc + export OPENSSL_DIR=${openssl.dev} + export OPENSSL_LIB_DIR=${lib.getLib openssl}/lib + ''; + + cargoLock = { + lockFile = ./Cargo.lock; + outputHashes = { + "derive_more-0.99.8-alpha.0" = "sha256-tEsfYC9oCAsDjinCsUDgRg3q6ruvayuA1lRmsEP9cys="; + "dfn_candid-0.8.0" = "sha256-7LXTwxSA9pTjFynMRzNRXie4x5u8BSLpFaOzpRsgrKA="; + "once_cell-1.4.0-alpha.0" = "sha256-5g26ZizSY5egH/4yU5glzBxpWzdvgKtDsckBpAUBatw="; + }; + }; + + nativeBuildInputs = [ pkg-config protobuf ]; + buildInputs = [ openssl ] + ++ lib.optionals stdenv.isDarwin [ Security libiconv ]; + + meta = with lib; { + homepage = "https://github.com/dfinity/quill"; + changelog = "https://github.com/dfinity/quill/releases/tag/v${version}"; + description = "Minimalistic ledger and governance toolkit for cold wallets on the Internet Computer."; + license = licenses.asl20; + maintainers = with maintainers; [ imalison ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/radamsa/default.nix b/nixpkgs/pkgs/tools/security/radamsa/default.nix new file mode 100644 index 000000000000..ebcd2a42191d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/radamsa/default.nix @@ -0,0 +1,43 @@ +{ lib, stdenv, fetchurl, fetchFromGitLab, bash }: + +let + # Fetch explicitly, otherwise build will try to do so + owl = fetchurl { + name = "ol.c.gz"; + url = "https://gitlab.com/owl-lisp/owl/uploads/0d0730b500976348d1e66b4a1756cdc3/ol-0.1.19.c.gz"; + sha256 = "0kdmzf60nbpvdn8j3l51i9lhcwfi4aw1zj4lhbp4adyg8n8pp4c6"; + }; +in +stdenv.mkDerivation rec { + pname = "radamsa"; + version = "0.6"; + + src = fetchFromGitLab { + owner = "akihe"; + repo = pname; + rev = "v${version}"; + sha256 = "0mi1mwvfnlpblrbmp0rcyf5p74m771z6nrbsly6cajyn4mlpmbaq"; + }; + + patchPhase = '' + substituteInPlace ./tests/bd.sh \ + --replace "/bin/echo" echo + + ln -s ${owl} ol.c.gz + + patchShebangs tests + ''; + + makeFlags = [ "PREFIX=${placeholder "out"}" "BINDIR=" ]; + + nativeCheckInputs = [ bash ]; + doCheck = true; + + meta = { + description = "A general purpose fuzzer"; + longDescription = "Radamsa is a general purpose data fuzzer. It reads data from given sample files, or standard input if none are given, and outputs modified data. It is usually used to generate malformed data for testing programs."; + homepage = "https://gitlab.com/akihe/radamsa"; + maintainers = [ ]; + platforms = lib.platforms.all; + }; +} diff --git a/nixpkgs/pkgs/tools/security/rage/default.nix b/nixpkgs/pkgs/tools/security/rage/default.nix new file mode 100644 index 000000000000..44b67e96a1e0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rage/default.nix @@ -0,0 +1,51 @@ +{ lib +, stdenv +, rustPlatform +, fetchFromGitHub +, installShellFiles +, Foundation +}: + +rustPlatform.buildRustPackage rec { + pname = "rage"; + version = "0.9.2"; + + src = fetchFromGitHub { + owner = "str4d"; + repo = pname; + rev = "v${version}"; + hash = "sha256-hFuuwmwe0ti4Y8mSJyNqUIhZjFC6qtv6W5cwtNjPUFQ="; + }; + + cargoHash = "sha256-1gtLWU6uiWzUfYy9y3pb2vcnUC3H+Mf9rglmqNd989M="; + + nativeBuildInputs = [ + installShellFiles + ]; + + buildInputs = lib.optionals stdenv.isDarwin [ + Foundation + ]; + + # cargo test has an x86-only dependency + doCheck = stdenv.hostPlatform.isx86; + + postBuild = '' + cargo run --example generate-docs + cargo run --example generate-completions + ''; + + postInstall = '' + installManPage target/manpages/* + installShellCompletion target/completions/*.{bash,fish,zsh} + ''; + + meta = with lib; { + description = "A simple, secure and modern encryption tool with small explicit keys, no config options, and UNIX-style composability"; + homepage = "https://github.com/str4d/rage"; + changelog = "https://github.com/str4d/rage/raw/v${version}/rage/CHANGELOG.md"; + license = with licenses; [ asl20 mit ]; # either at your option + maintainers = with maintainers; [ marsam ryantm ]; + mainProgram = "rage"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/rarcrack/default.nix b/nixpkgs/pkgs/tools/security/rarcrack/default.nix new file mode 100644 index 000000000000..3745a9520f1c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rarcrack/default.nix @@ -0,0 +1,40 @@ +{lib, stdenv, fetchFromGitHub, libxml2, file, p7zip, unrar, unzip}: + +stdenv.mkDerivation { + pname = "rarcrack"; + version = "0.2"; + + src = fetchFromGitHub { + owner = "jaredsburrows"; + repo = "Rarcrack"; + rev = "35ead64cd2b967eec3e3e3a4c328b89b11ff32a0"; + sha256 = "134fq84896w5vp8vg4qg0ybpb466njibigyd7bqqm1xydr07qrgn"; + }; + + nativeBuildInputs = [ unzip ]; + buildInputs = [ libxml2 file p7zip unrar ]; + buildFlags = lib.optional stdenv.cc.isClang "CC=clang"; + installFlags = [ "PREFIX=\${out}" ]; + + patchPhase = '' + substituteInPlace rarcrack.c --replace "file -i" "${file}/bin/file -i" + ''; + + preInstall = '' + mkdir -p $out/bin + ''; + + meta = with lib; { + description = "This program can crack zip,7z and rar file passwords"; + longDescription = '' + If you forget your password for compressed archive (rar, 7z, zip), this program is the solution. + This program uses bruteforce algorithm to find correct password. You can specify wich characters will be used in password generations. + Warning: Please don't use this program for any illegal things! + ''; + homepage = "https://github.com/jaredsburrows/Rarcrack"; + license = licenses.gpl2; + maintainers = with maintainers; [ davidak ]; + platforms = with platforms; unix; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/rblake2sum/default.nix b/nixpkgs/pkgs/tools/security/rblake2sum/default.nix new file mode 100644 index 000000000000..a5a4a1bce76c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rblake2sum/default.nix @@ -0,0 +1,28 @@ +{ lib +, stdenv +, rustPlatform +, fetchFromGitHub +, Security +}: +rustPlatform.buildRustPackage { + pname = "rblake2sum"; + version = "0.3.1"; + + src = fetchFromGitHub { + owner = "crev-dev"; + repo = "rblake2sum"; + rev = "cdbaba9f198bd28bfad2fbc17011ce5c8c7ad957"; + hash = "sha256-bzOjJ+/M0YWY4/r8cNARPVqbuLBeTllqFyVXhJz6ZMI="; + }; + + cargoHash = "sha256-egwL3z7uB4AcRwPT0uPrenyh4FSxhbZKMdkPhRztMbs="; + + buildInputs = lib.optionals stdenv.isDarwin [ Security ]; + + meta = with lib; { + description = "A recursive blake2 digest (hash) of a file-system path"; + homepage = "https://github.com/crev-dev/rblake2sum"; + license = [ licenses.mit ]; + maintainers = with maintainers; [ dpc ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/rbw/default.nix b/nixpkgs/pkgs/tools/security/rbw/default.nix new file mode 100644 index 000000000000..25c8af82c950 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rbw/default.nix @@ -0,0 +1,79 @@ +{ lib +, stdenv +, rustPlatform +, fetchzip +, openssl +, pkg-config +, installShellFiles +, darwin + + # rbw-fzf +, withFzf ? false +, fzf +, perl + + # rbw-rofi +, withRofi ? false +, rofi +, xclip + + # pass-import +, withPass ? false +, pass +}: + +rustPlatform.buildRustPackage rec { + pname = "rbw"; + version = "1.8.3"; + + src = fetchzip { + url = "https://git.tozt.net/rbw/snapshot/rbw-${version}.tar.gz"; + sha256 = "sha256-dC/x+ihH1POIFN/8pbk967wATXKU4YVBGI0QCo8d+SY="; + }; + + cargoHash = "sha256-nI1Pf7gREbAk+JVF3Gn2j8OqprexCQ5fVvECtq2aBPM="; + + nativeBuildInputs = [ + installShellFiles + ] ++ lib.optionals stdenv.isLinux [ pkg-config ]; + + buildInputs = lib.optionals stdenv.isDarwin [ + darwin.apple_sdk.frameworks.Security + darwin.apple_sdk.frameworks.AppKit + ]; + + preConfigure = lib.optionalString stdenv.isLinux '' + export OPENSSL_INCLUDE_DIR="${openssl.dev}/include" + export OPENSSL_LIB_DIR="${lib.getLib openssl}/lib" + ''; + + postInstall = '' + install -Dm755 -t $out/bin bin/git-credential-rbw + installShellCompletion --cmd rbw \ + --bash <($out/bin/rbw gen-completions bash) \ + --fish <($out/bin/rbw gen-completions fish) \ + --zsh <($out/bin/rbw gen-completions zsh) + '' + lib.optionalString withFzf '' + install -Dm755 -t $out/bin bin/rbw-fzf + substituteInPlace $out/bin/rbw-fzf \ + --replace fzf ${fzf}/bin/fzf \ + --replace perl ${perl}/bin/perl + '' + lib.optionalString withRofi '' + install -Dm755 -t $out/bin bin/rbw-rofi + substituteInPlace $out/bin/rbw-rofi \ + --replace rofi ${rofi}/bin/rofi \ + --replace xclip ${xclip}/bin/xclip + '' + lib.optionalString withPass '' + install -Dm755 -t $out/bin bin/pass-import + substituteInPlace $out/bin/pass-import \ + --replace pass ${pass}/bin/pass + ''; + + meta = with lib; { + description = "Unofficial command line client for Bitwarden"; + homepage = "https://crates.io/crates/rbw"; + changelog = "https://git.tozt.net/rbw/plain/CHANGELOG.md?id=${version}"; + license = licenses.mit; + maintainers = with maintainers; [ albakham luc65r marsam ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/redwax-tool/default.nix b/nixpkgs/pkgs/tools/security/redwax-tool/default.nix new file mode 100644 index 000000000000..af327cba948b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/redwax-tool/default.nix @@ -0,0 +1,29 @@ +{ lib, stdenv, fetchsvn +, autoreconfHook, pkg-config, txt2man, which +, openssl, apr, aprutil +}: + +stdenv.mkDerivation rec { + pname = "redwax-tool"; + version = "0.9.1"; + + src = fetchsvn { + url = "https://source.redwax.eu/svn/redwax/rt/redwax-tool/tags/redwax-tool-${version}/"; + sha256 = "sha256-MWSB1AkkRS18UUHGq8EWv3OIXPSVHpmrdD5Eq1VdbkA="; + }; + + nativeBuildInputs = [ autoreconfHook pkg-config txt2man which ]; + buildInputs = [ openssl apr aprutil ]; + + meta = with lib; { + homepage = "https://redwax.eu/rt/"; + description = "Universal certificate conversion tool"; + longDescription = '' + Read certificates and keys from your chosen sources, filter the + certificates and keys you're interested in, write those + certificates and keys to the destinations of your choice. + ''; + license = licenses.asl20; + maintainers = with maintainers; [ astro ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/regexploit/default.nix b/nixpkgs/pkgs/tools/security/regexploit/default.nix new file mode 100644 index 000000000000..b921cbcc3b3c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/regexploit/default.nix @@ -0,0 +1,35 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "regexploit"; + version = "1.0.0"; + + disabled = python3.pythonOlder "3.8"; + + src = fetchFromGitHub { + owner = "doyensec"; + repo = pname; + rev = "v${version}"; + sha256 = "0z3fghsyw0ll36in7ihc0qi3gy7mqi6cw1mi8m8c8xb1nlwpfr0y"; + }; + + propagatedBuildInputs = with python3.pkgs; [ + pyyaml + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + pythonImportsCheck = [ "regexploit" ]; + + meta = with lib; { + description = "Tool to find regular expressions which are vulnerable to ReDoS"; + homepage = "https://github.com/doyensec/regexploit"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/regpg/default.nix b/nixpkgs/pkgs/tools/security/regpg/default.nix new file mode 100644 index 000000000000..aaefbef227b8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/regpg/default.nix @@ -0,0 +1,52 @@ +{ lib +, stdenv +, fetchFromGitHub +, makeWrapper +, gnupg +, perl +}: + +let + perlEnv = perl.withPackages (p: with p; [ TextMarkdown ]); +in +stdenv.mkDerivation rec { + pname = "regpg"; + version = "1.11"; + + src = fetchFromGitHub { + owner = "fanf2"; + repo = "regpg"; + rev = "regpg-${version}"; + sha256 = "2ea99950804078190e1cc2a76d4740e3fdd5395a9043db3f3fe86bf2477d3a7d"; + }; + + nativeBuildInputs = [ makeWrapper perlEnv ]; + + postPatch = '' + patchShebangs ./util/insert-here.pl ./util/markdown.pl + substituteInPlace ./Makefile \ + --replace 'util/insert-here.pl' 'perl util/insert-here.pl' + substituteInPlace ./Makefile \ + --replace 'util/markdown.pl' 'perl util/markdown.pl' + substituteInPlace util/insert-here.pl \ + --replace 'qx(git describe)' '"regpg-${version}"' + ''; + + dontConfigure = true; + + makeFlags = [ "prefix=$(out)" ]; + + postFixup = '' + patchShebangs $out/bin/regpg + wrapProgram $out/bin/regpg --prefix PATH ":" \ + "${lib.makeBinPath [ gnupg ]}" + ''; + + meta = with lib; { + description = "GPG wrapper utility for storing secrets in VCS"; + homepage = "https://dotat.at/prog/regpg"; + license = licenses.gpl3; + platforms = platforms.all; + maintainers = with maintainers; [ _0xC45 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/rekor/default.nix b/nixpkgs/pkgs/tools/security/rekor/default.nix new file mode 100644 index 000000000000..c27416e29d2e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rekor/default.nix @@ -0,0 +1,71 @@ +{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: + +let + generic = { pname, packageToBuild, description }: + buildGoModule rec { + inherit pname; + version = "1.3.2"; + + src = fetchFromGitHub { + owner = "sigstore"; + repo = "rekor"; + rev = "v${version}"; + hash = "sha256-QiK+ixVURf5Fsx9YPgzYCuCy1wYjxTUXGVr4FIn41Xc="; + # populate values that require us to use git. By doing this in postFetch we + # can delete .git afterwards and maintain better reproducibility of the src. + leaveDotGit = true; + postFetch = '' + cd "$out" + git rev-parse HEAD > $out/COMMIT + # '0000-00-00T00:00:00Z' + date -u -d "@$(git log -1 --pretty=%ct)" "+'%Y-%m-%dT%H:%M:%SZ'" > $out/SOURCE_DATE_EPOCH + find "$out" -name .git -print0 | xargs -0 rm -rf + ''; + }; + + vendorHash = "sha256-0379IX5W51Z48CffK1F2ZCPGLUq0g8lZXIQqaupC5io="; + + nativeBuildInputs = [ installShellFiles ]; + + subPackages = [ packageToBuild ]; + + ldflags = [ + "-s" + "-w" + "-X sigs.k8s.io/release-utils/version.gitVersion=v${version}" + "-X sigs.k8s.io/release-utils/version.gitTreeState=clean" + ]; + + # ldflags based on metadata from git and source + preBuild = '' + ldflags+=" -X sigs.k8s.io/release-utils/version.gitCommit=$(cat COMMIT)" + ldflags+=" -X sigs.k8s.io/release-utils/version.buildDate=$(cat SOURCE_DATE_EPOCH)" + ''; + + postInstall = '' + installShellCompletion --cmd ${pname} \ + --bash <($out/bin/${pname} completion bash) \ + --fish <($out/bin/${pname} completion fish) \ + --zsh <($out/bin/${pname} completion zsh) + ''; + + meta = with lib; { + inherit description; + homepage = "https://github.com/sigstore/rekor"; + changelog = "https://github.com/sigstore/rekor/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ lesuisse jk developer-guy ]; + }; + }; +in { + rekor-cli = generic { + pname = "rekor-cli"; + packageToBuild = "cmd/rekor-cli"; + description = "CLI client for Sigstore, the Signature Transparency Log"; + }; + rekor-server = generic { + pname = "rekor-server"; + packageToBuild = "cmd/rekor-server"; + description = "Sigstore server, the Signature Transparency Log"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/responder/default.nix b/nixpkgs/pkgs/tools/security/responder/default.nix new file mode 100644 index 000000000000..51120e8a575d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/responder/default.nix @@ -0,0 +1,55 @@ +{ lib +, fetchFromGitHub +, makeWrapper +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "responder"; + version = "3.1.3.0"; + format = "other"; + + src = fetchFromGitHub { + owner = "lgandx"; + repo = "Responder"; + rev = "refs/tags/v${version}"; + hash = "sha256-ZnWUkV+9fn08Ze4468wSUtldABrmn+88N2Axc+Mip2A="; + }; + + nativeBuildInputs = [ + makeWrapper + ]; + + propagatedBuildInputs = with python3.pkgs; [ + netifaces + ]; + + installPhase = '' + runHook preInstall + + mkdir -p $out/bin $out/share $out/share/Responder + cp -R . $out/share/Responder + + makeWrapper ${python3.interpreter} $out/bin/responder \ + --set PYTHONPATH "$PYTHONPATH:$out/bin/Responder.py" \ + --add-flags "$out/share/Responder/Responder.py" \ + --run "mkdir -p /tmp/Responder" + + substituteInPlace $out/share/Responder/Responder.conf \ + --replace "Responder-Session.log" "/tmp/Responder/Responder-Session.log" \ + --replace "Poisoners-Session.log" "/tmp/Responder/Poisoners-Session.log" \ + --replace "Analyzer-Session.log" "/tmp/Responder/Analyzer-Session" \ + --replace "Config-Responder.log" "/tmp/Responder/Config-Responder.log" \ + --replace "Responder.db" "/tmp/Responder/Responder.db" + + runHook postInstall + ''; + + meta = with lib; { + description = "LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server"; + homepage = "https://github.com/lgandx/Responder"; + changelog = "https://github.com/lgandx/Responder/blob/master/CHANGELOG.md"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/rhash/default.nix b/nixpkgs/pkgs/tools/security/rhash/default.nix new file mode 100644 index 000000000000..e789eeba0539 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rhash/default.nix @@ -0,0 +1,51 @@ +{ lib +, stdenv +, fetchFromGitHub +, which +, enableStatic ? stdenv.hostPlatform.isStatic +}: + +stdenv.mkDerivation rec { + version = "1.4.4"; + pname = "rhash"; + + src = fetchFromGitHub { + owner = "rhash"; + repo = "RHash"; + rev = "v${version}"; + sha256 = "sha256-3CW41ULdXoID4cOgrcG2j85tgIJ/sz5hU7A83qpuxf4="; + }; + + nativeBuildInputs = [ which ]; + + # configure script is not autotools-based, doesn't support these options + dontAddStaticConfigureFlags = true; + + configurePlatforms = [ ]; + + configureFlags = [ + "--ar=${stdenv.cc.targetPrefix}ar" + "--target=${stdenv.hostPlatform.config}" + (lib.enableFeature enableStatic "static") + (lib.enableFeature enableStatic "lib-static") + ]; + + doCheck = true; + + checkTarget = "test-full"; + + installTargets = [ + "install" + "install-lib-headers" + ] ++ lib.optionals (!enableStatic) [ + "install-lib-so-link" + ]; + + meta = with lib; { + homepage = "https://rhash.sourceforge.net/"; + description = "Console utility and library for computing and verifying hash sums of files"; + license = licenses.bsd0; + platforms = platforms.all; + maintainers = with maintainers; [ andrewrk ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ripasso/Cargo.lock b/nixpkgs/pkgs/tools/security/ripasso/Cargo.lock new file mode 100644 index 000000000000..659e66c0f9d0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ripasso/Cargo.lock @@ -0,0 +1,3989 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "adler" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" + +[[package]] +name = "ahash" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c99f64d1e06488f620f932677e24bc6e2897582980441ae90a671415bd7ec2f" +dependencies = [ + "cfg-if", + "getrandom 0.2.8", + "once_cell", + "version_check", +] + +[[package]] +name = "aho-corasick" +version = "0.7.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac" +dependencies = [ + "memchr", +] + +[[package]] +name = "android_system_properties" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" +dependencies = [ + "libc", +] + +[[package]] +name = "anyhow" +version = "1.0.69" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "224afbd727c3d6e4b90103ece64b8d1b67fbb1973b1046c2281eed3f3803f800" + +[[package]] +name = "arrayvec" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23b62fc65de8e4e7f52534fb52b0f3ed04746ae267519eef2a83941e8085068b" + +[[package]] +name = "ascii-canvas" +version = "3.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8824ecca2e851cec16968d54a01dd372ef8f95b244fb84b84e70128be347c3c6" +dependencies = [ + "term", +] + +[[package]] +name = "atk" +version = "0.15.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c3d816ce6f0e2909a96830d6911c2aff044370b1ef92d7f267b43bae5addedd" +dependencies = [ + "atk-sys", + "bitflags", + "glib", + "libc", +] + +[[package]] +name = "atk-sys" +version = "0.15.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "58aeb089fb698e06db8089971c7ee317ab9644bade33383f63631437b03aafb6" +dependencies = [ + "glib-sys", + "gobject-sys", + "libc", + "system-deps", +] + +[[package]] +name = "atty" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" +dependencies = [ + "hermit-abi 0.1.19", + "libc", + "winapi", +] + +[[package]] +name = "autocfg" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" + +[[package]] +name = "base32" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23ce669cd6c8588f79e15cf450314f9638f967fc5770ff1c7c1deb0925ea7cfa" + +[[package]] +name = "base64" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" + +[[package]] +name = "base64" +version = "0.21.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4a4ddaa51a5bc52a6948f74c06d20aaaddb71924eab79b8c97a8c556e942d6a" + +[[package]] +name = "bindgen" +version = "0.63.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "36d860121800b2a9a94f9b5604b332d5cffb234ce17609ea479d723dbc9d3885" +dependencies = [ + "bitflags", + "cexpr", + "clang-sys", + "lazy_static 1.4.0", + "lazycell", + "peeking_take_while", + "proc-macro2", + "quote", + "regex", + "rustc-hash", + "shlex", + "syn", +] + +[[package]] +name = "bit-set" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0700ddab506f33b20a03b13996eccd309a48e5ff77d0d95926aa0210fb4e95f1" +dependencies = [ + "bit-vec", +] + +[[package]] +name = "bit-vec" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "349f9b6a179ed607305526ca489b34ad0a41aed5f7980fa90eb03160b69598fb" + +[[package]] +name = "bitflags" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "block" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d8c1fef690941d3e7788d328517591fecc684c084084702d6ff1641e993699a" + +[[package]] +name = "block-buffer" +version = "0.10.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "69cce20737498f97b993470a6e536b8523f0af7892a4f928cceb1ac5e52ebe7e" +dependencies = [ + "generic-array", +] + +[[package]] +name = "buffered-reader" +version = "1.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d0dd286184b392a1ce6b3deecd073f0330df194bf935b87f852147d50d0d2d18" +dependencies = [ + "bzip2", + "flate2", + "lazy_static 1.4.0", + "libc", +] + +[[package]] +name = "build-rs" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b00b8763668c99f8d9101b8a0dd82106f58265464531a79b2cef0d9a30c17dd2" + +[[package]] +name = "bumpalo" +version = "3.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d261e256854913907f67ed06efbc3338dfe6179796deefc1ff763fc1aee5535" + +[[package]] +name = "bytecount" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c676a478f63e9fa2dd5368a42f28bba0d6c560b775f38583c8bbaa7fcd67c9c" + +[[package]] +name = "byteorder" +version = "1.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" + +[[package]] +name = "bytes" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "89b2fd2a0dcf38d7971e2194b6b6eebab45ae01067456a7fd93d5547a61b70be" + +[[package]] +name = "bzip2" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bdb116a6ef3f6c3698828873ad02c3014b3c85cadb88496095628e3ef1e347f8" +dependencies = [ + "bzip2-sys", + "libc", +] + +[[package]] +name = "bzip2-sys" +version = "0.1.11+1.0.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "736a955f3fa7875102d57c82b8cac37ec45224a07fd32d58f9f7a186b6cd4cdc" +dependencies = [ + "cc", + "libc", + "pkg-config", +] + +[[package]] +name = "cairo-rs" +version = "0.15.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c76ee391b03d35510d9fa917357c7f1855bd9a6659c95a1b392e33f49b3369bc" +dependencies = [ + "bitflags", + "cairo-sys-rs", + "glib", + "libc", + "thiserror", +] + +[[package]] +name = "cairo-sys-rs" +version = "0.15.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c55d429bef56ac9172d25fecb85dc8068307d17acd74b377866b7a1ef25d3c8" +dependencies = [ + "glib-sys", + "libc", + "system-deps", +] + +[[package]] +name = "capnp" +version = "0.13.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "458fe65c8ae2c09ebe6658d3b98a1dd672efda0d7ad73ebd69c4a351abd96ef6" + +[[package]] +name = "capnp-futures" +version = "0.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc7bd6f6a6240f4f0a39b89c731916b15eefa26d31f90dffc1d232b7981d09a3" +dependencies = [ + "capnp", + "futures", +] + +[[package]] +name = "capnp-rpc" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37998522d42bbe4a1d266f418b1a053b679a338e904e55afd5ff22333df0e09e" +dependencies = [ + "capnp", + "capnp-futures", + "futures", +] + +[[package]] +name = "cast" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37b2a672a2cb129a2e41c10b1224bb368f9f37a2b16b612598138befd7b37eb5" + +[[package]] +name = "cc" +version = "1.0.79" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50d30906286121d95be3d479533b458f87493b30a4b5f79a607db8f5d11aa91f" +dependencies = [ + "jobserver", +] + +[[package]] +name = "cexpr" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6fac387a98bb7c37292057cffc56d62ecb629900026402633ae9160df93a8766" +dependencies = [ + "nom 7.1.3", +] + +[[package]] +name = "cfg-expr" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0357a6402b295ca3a86bc148e84df46c02e41f41fef186bda662557ef6328aa" +dependencies = [ + "smallvec", +] + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "chrono" +version = "0.4.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "16b0a3d9ed01224b22057780a37bb8c5dbfe1be8ba48678e7bf57ec4b385411f" +dependencies = [ + "iana-time-zone", + "js-sys", + "num-integer", + "num-traits", + "time 0.1.45", + "wasm-bindgen", + "winapi", +] + +[[package]] +name = "clang-sys" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77ed9a53e5d4d9c573ae844bfac6872b159cb1d1585a83b29e7a64b7eef7332a" +dependencies = [ + "glob", + "libc", + "libloading", +] + +[[package]] +name = "clap" +version = "2.34.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c" +dependencies = [ + "bitflags", + "textwrap", + "unicode-width", +] + +[[package]] +name = "cli-clipboard" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04087c1d4a2aa259784a563932aee09cbb0869d490775e051096174b070f3e3d" +dependencies = [ + "clipboard-win 4.5.0", + "objc", + "objc-foundation", + "objc_id", + "wl-clipboard-rs", + "x11-clipboard 0.7.0", +] + +[[package]] +name = "clipboard" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25a904646c0340239dcf7c51677b33928bf24fdf424b79a57909c0109075b2e7" +dependencies = [ + "clipboard-win 2.2.0", + "objc", + "objc-foundation", + "objc_id", + "x11-clipboard 0.3.3", +] + +[[package]] +name = "clipboard-win" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3a093d6fed558e5fe24c3dfc85a68bb68f1c824f440d3ba5aca189e2998786b" +dependencies = [ + "winapi", +] + +[[package]] +name = "clipboard-win" +version = "4.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7191c27c2357d9b7ef96baac1773290d4ca63b24205b82a3fd8a0637afcf0362" +dependencies = [ + "error-code", + "str-buf", + "winapi", +] + +[[package]] +name = "cmake" +version = "0.1.49" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db34956e100b30725f2eb215f90d4871051239535632f84fea3bc92722c66b7c" +dependencies = [ + "cc", +] + +[[package]] +name = "codespan-reporting" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3538270d33cc669650c4b093848450d380def10c331d38c768e34cac80576e6e" +dependencies = [ + "termcolor", + "unicode-width", +] + +[[package]] +name = "config" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b1b9d958c2b1368a663f05538fc1b5975adce1e19f435acceae987aceeeb369" +dependencies = [ + "lazy_static 1.4.0", + "nom 5.1.2", + "serde", + "toml", +] + +[[package]] +name = "constant_time_eq" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f3ad85c1f65dc7b37604eb0e89748faf0b9653065f2a8ef69f96a687ec1e9279" + +[[package]] +name = "conv" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78ff10625fd0ac447827aa30ea8b861fead473bb60aeb73af6c1c58caf0d1299" +dependencies = [ + "custom_derive", +] + +[[package]] +name = "core-foundation" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "194a7a9e6de53fa55116934067c844d9d749312f75c6f6d0980e8c252f8c2146" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "core-foundation-sys" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" + +[[package]] +name = "cpufeatures" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320" +dependencies = [ + "libc", +] + +[[package]] +name = "crc32fast" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b540bd8bc810d3885c6ea91e2018302f68baba2129ab3e88f32389ee9370880d" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "criterion" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b01d6de93b2b6c65e17c634a26653a29d107b3c98c607c765bf38d041531cd8f" +dependencies = [ + "atty", + "cast", + "clap", + "criterion-plot", + "csv", + "itertools", + "lazy_static 1.4.0", + "num-traits", + "oorandom", + "plotters", + "rayon", + "regex", + "serde", + "serde_cbor", + "serde_derive", + "serde_json", + "tinytemplate", + "walkdir", +] + +[[package]] +name = "criterion-plot" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2673cc8207403546f45f5fd319a974b1e6983ad1a3ee7e6041650013be041876" +dependencies = [ + "cast", + "itertools", +] + +[[package]] +name = "crossbeam-channel" +version = "0.5.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf2b3e8478797446514c91ef04bafcb59faba183e621ad488df88983cc14128c" +dependencies = [ + "cfg-if", + "crossbeam-utils", +] + +[[package]] +name = "crossbeam-deque" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce6fd6f855243022dcecf8702fef0c297d4338e226845fe067f6341ad9fa0cef" +dependencies = [ + "cfg-if", + "crossbeam-epoch", + "crossbeam-utils", +] + +[[package]] +name = "crossbeam-epoch" +version = "0.9.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46bd5f3f85273295a9d14aedfb86f6aadbff6d8f5295c4a9edb08e819dcf5695" +dependencies = [ + "autocfg", + "cfg-if", + "crossbeam-utils", + "memoffset 0.8.0", + "scopeguard", +] + +[[package]] +name = "crossbeam-utils" +version = "0.8.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c063cd8cc95f5c377ed0d4b49a4b21f632396ff690e8470c29b3359b346984b" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "crossterm" +version = "0.25.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e64e6c0fbe2c17357405f7c758c1ef960fce08bdfb2c03d88d2a18d7e09c4b67" +dependencies = [ + "bitflags", + "crossterm_winapi", + "libc", + "mio", + "parking_lot", + "signal-hook", + "signal-hook-mio", + "winapi", +] + +[[package]] +name = "crossterm_winapi" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2ae1b35a484aa10e07fe0638d02301c5ad24de82d310ccbd2f3693da5f09bf1c" +dependencies = [ + "winapi", +] + +[[package]] +name = "crunchy" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7" + +[[package]] +name = "crypto-common" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +dependencies = [ + "generic-array", + "typenum", +] + +[[package]] +name = "cstr-argument" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6bd9c8e659a473bce955ae5c35b116af38af11a7acb0b480e01f3ed348aeb40" +dependencies = [ + "cfg-if", + "memchr", +] + +[[package]] +name = "csv" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af91f40b7355f82b0a891f50e70399475945bb0b0da4f1700ce60761c9d3e359" +dependencies = [ + "csv-core", + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "csv-core" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b2466559f260f48ad25fe6317b3c8dac77b5bdb5763ac7d9d6103530663bc90" +dependencies = [ + "memchr", +] + +[[package]] +name = "ctor" +version = "0.1.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d2301688392eb071b0bf1a37be05c469d3cc4dbbd95df672fe28ab021e6a096" +dependencies = [ + "quote", + "syn", +] + +[[package]] +name = "cursive" +version = "0.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5438eb16bdd8af51b31e74764fef5d0a9260227a5ec82ba75c9d11ce46595839" +dependencies = [ + "ahash", + "cfg-if", + "crossbeam-channel", + "crossterm", + "cursive_core", + "lazy_static 1.4.0", + "libc", + "log", + "signal-hook", + "unicode-segmentation", + "unicode-width", +] + +[[package]] +name = "cursive_core" +version = "0.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4db3b58161228d0dcb45c7968c5e74c3f03ad39e8983e58ad7d57061aa2cd94d" +dependencies = [ + "ahash", + "crossbeam-channel", + "enum-map", + "enumset", + "lazy_static 1.4.0", + "log", + "num", + "owning_ref", + "time 0.3.20", + "toml", + "unicode-segmentation", + "unicode-width", + "xi-unicode", +] + +[[package]] +name = "custom_derive" +version = "0.1.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ef8ae57c4978a2acd8b869ce6b9ca1dfe817bff704c220209fdef2c0b75a01b9" + +[[package]] +name = "cxx" +version = "1.0.91" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86d3488e7665a7a483b57e25bdd90d0aeb2bc7608c8d0346acf2ad3f1caf1d62" +dependencies = [ + "cc", + "cxxbridge-flags", + "cxxbridge-macro", + "link-cplusplus", +] + +[[package]] +name = "cxx-build" +version = "1.0.91" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48fcaf066a053a41a81dfb14d57d99738b767febb8b735c3016e469fac5da690" +dependencies = [ + "cc", + "codespan-reporting", + "once_cell", + "proc-macro2", + "quote", + "scratch", + "syn", +] + +[[package]] +name = "cxxbridge-flags" +version = "1.0.91" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a2ef98b8b717a829ca5603af80e1f9e2e48013ab227b68ef37872ef84ee479bf" + +[[package]] +name = "cxxbridge-macro" +version = "1.0.91" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "086c685979a698443656e5cf7856c95c642295a38599f12fb1ff76fb28d19892" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "darling" +version = "0.14.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0808e1bd8671fb44a113a14e13497557533369847788fa2ae912b6ebfce9fa8" +dependencies = [ + "darling_core", + "darling_macro", +] + +[[package]] +name = "darling_core" +version = "0.14.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "001d80444f28e193f30c2f293455da62dcf9a6b29918a4253152ae2b1de592cb" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "darling_macro" +version = "0.14.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b36230598a2d5de7ec1c6f51f72d8a99a9208daff41de2084d06e3fd3ea56685" +dependencies = [ + "darling_core", + "quote", + "syn", +] + +[[package]] +name = "derive-new" +version = "0.5.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3418329ca0ad70234b9735dc4ceed10af4df60eff9c8e7b06cb5e520d92c3535" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "diff" +version = "0.1.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56254986775e3233ffa9c4d7d3faaf6d36a2c09d30b20687e9f88bc8bafc16c8" + +[[package]] +name = "digest" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" +dependencies = [ + "generic-array", +] + +[[package]] +name = "digest" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f" +dependencies = [ + "block-buffer", + "crypto-common", + "subtle", +] + +[[package]] +name = "dirs" +version = "4.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca3aa72a6f96ea37bbc5aa912f6788242832f75369bdfdadcb0e38423f100059" +dependencies = [ + "dirs-sys", +] + +[[package]] +name = "dirs-next" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b98cf8ebf19c3d1b223e151f99a4f9f0690dca41414773390fc824184ac833e1" +dependencies = [ + "cfg-if", + "dirs-sys-next", +] + +[[package]] +name = "dirs-sys" +version = "0.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b1d1d91c932ef41c0f2663aa8b0ca0342d444d842c06914aa0a7e352d0bada6" +dependencies = [ + "libc", + "redox_users", + "winapi", +] + +[[package]] +name = "dirs-sys-next" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ebda144c4fe02d1f7ea1a7d9641b6fc6b580adcfa024ae48797ecdeb6825b4d" +dependencies = [ + "libc", + "redox_users", + "winapi", +] + +[[package]] +name = "displaydoc" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3bf95dc3f046b9da4f2d51833c0d3547d8564ef6910f5c1ed130306a75b92886" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "downcast-rs" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ea835d29036a4087793836fa931b08837ad5e957da9e23886b29586fb9b6650" + +[[package]] +name = "dyn-clone" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68b0cf012f1230e43cd00ebb729c6bb58707ecfa8ad08b52ef3a4ccd2697fc30" + +[[package]] +name = "either" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7fcaabb2fef8c910e7f4c7ce9f67a1283a1715879a7c230ca9d6d1ae31f16d91" + +[[package]] +name = "ena" +version = "0.14.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2e5d13ca2353ab7d0230988629def93914a8c4015f621f9b13ed2955614731d" +dependencies = [ + "log", +] + +[[package]] +name = "encoding" +version = "0.2.33" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b0d943856b990d12d3b55b359144ff341533e516d94098b1d3fc1ac666d36ec" +dependencies = [ + "encoding-index-japanese", + "encoding-index-korean", + "encoding-index-simpchinese", + "encoding-index-singlebyte", + "encoding-index-tradchinese", +] + +[[package]] +name = "encoding-index-japanese" +version = "1.20141219.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04e8b2ff42e9a05335dbf8b5c6f7567e5591d0d916ccef4e0b1710d32a0d0c91" +dependencies = [ + "encoding_index_tests", +] + +[[package]] +name = "encoding-index-korean" +version = "1.20141219.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4dc33fb8e6bcba213fe2f14275f0963fd16f0a02c878e3095ecfdf5bee529d81" +dependencies = [ + "encoding_index_tests", +] + +[[package]] +name = "encoding-index-simpchinese" +version = "1.20141219.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d87a7194909b9118fc707194baa434a4e3b0fb6a5a757c73c3adb07aa25031f7" +dependencies = [ + "encoding_index_tests", +] + +[[package]] +name = "encoding-index-singlebyte" +version = "1.20141219.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3351d5acffb224af9ca265f435b859c7c01537c0849754d3db3fdf2bfe2ae84a" +dependencies = [ + "encoding_index_tests", +] + +[[package]] +name = "encoding-index-tradchinese" +version = "1.20141219.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd0e20d5688ce3cab59eb3ef3a2083a5c77bf496cb798dc6fcdb75f323890c18" +dependencies = [ + "encoding_index_tests", +] + +[[package]] +name = "encoding_index_tests" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a246d82be1c9d791c5dfde9a2bd045fc3cbba3fa2b11ad558f27d01712f00569" + +[[package]] +name = "encoding_rs" +version = "0.8.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "071a31f4ee85403370b58aca746f01041ede6f0da2730960ad001edc2b71b394" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "enum-map" +version = "2.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50c25992259941eb7e57b936157961b217a4fc8597829ddef0596d6c3cd86e1a" +dependencies = [ + "enum-map-derive", +] + +[[package]] +name = "enum-map-derive" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a4da76b3b6116d758c7ba93f7ec6a35d2e2cf24feda76c6e38a375f4d5c59f2" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "enumset" +version = "1.0.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19be8061a06ab6f3a6cf21106c873578bf01bd42ad15e0311a9c76161cb1c753" +dependencies = [ + "enumset_derive", +] + +[[package]] +name = "enumset_derive" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "03e7b551eba279bf0fa88b83a46330168c1560a52a94f5126f892f0b364ab3e0" +dependencies = [ + "darling", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "errno" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f639046355ee4f37944e44f60642c6f3a7efa3cf6b78c78a0d989a8ce6c396a1" +dependencies = [ + "errno-dragonfly", + "libc", + "winapi", +] + +[[package]] +name = "errno-dragonfly" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" +dependencies = [ + "cc", + "libc", +] + +[[package]] +name = "error-code" +version = "2.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64f18991e7bf11e7ffee451b5318b5c1a73c52d0d0ada6e5a3017c8c1ced6a21" +dependencies = [ + "libc", + "str-buf", +] + +[[package]] +name = "fastrand" +version = "1.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e51093e27b0797c359783294ca4f0a911c270184cb10f85783b118614a1501be" +dependencies = [ + "instant", +] + +[[package]] +name = "field-offset" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e1c54951450cbd39f3dbcf1005ac413b49487dabf18a720ad2383eccfeffb92" +dependencies = [ + "memoffset 0.6.5", + "rustc_version", +] + +[[package]] +name = "filetime" +version = "0.2.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a3de6e8d11b22ff9edc6d916f890800597d60f8b2da1caf2955c274638d6412" +dependencies = [ + "cfg-if", + "libc", + "redox_syscall", + "windows-sys 0.45.0", +] + +[[package]] +name = "fixedbitset" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80" + +[[package]] +name = "flate2" +version = "1.0.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8a2db397cb1c8772f31494cb8917e48cd1e64f0fa7efac59fbd741a0a8ce841" +dependencies = [ + "crc32fast", + "miniz_oxide", +] + +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "foreign-types" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" +dependencies = [ + "foreign-types-shared", +] + +[[package]] +name = "foreign-types-shared" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" + +[[package]] +name = "form_urlencoded" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9c384f161156f5260c24a097c56119f9be8c798586aecc13afbcbe7b7e26bf8" +dependencies = [ + "percent-encoding", +] + +[[package]] +name = "fs2" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9564fc758e15025b46aa6643b1b77d047d1a56a1aea6e01002ac0c7026876213" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "futures" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "13e2792b0ff0340399d58445b88fd9770e3489eff258a4cbc1523418f12abf84" +dependencies = [ + "futures-channel", + "futures-core", + "futures-executor", + "futures-io", + "futures-sink", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-channel" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e5317663a9089767a1ec00a487df42e0ca174b61b4483213ac24448e4664df5" +dependencies = [ + "futures-core", + "futures-sink", +] + +[[package]] +name = "futures-core" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec90ff4d0fe1f57d600049061dc6bb68ed03c7d2fbd697274c41805dcb3f8608" + +[[package]] +name = "futures-executor" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8de0a35a6ab97ec8869e32a2473f4b1324459e14c29275d14b10cb1fd19b50e" +dependencies = [ + "futures-core", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-io" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfb8371b6fb2aeb2d280374607aeabfc99d95c72edfe51692e42d3d7f0d08531" + +[[package]] +name = "futures-macro" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95a73af87da33b5acf53acfebdc339fe592ecf5357ac7c0a7734ab9d8c876a70" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "futures-sink" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f310820bb3e8cfd46c80db4d7fb8353e15dfff853a127158425f31e0be6c8364" + +[[package]] +name = "futures-task" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dcf79a1bf610b10f42aea489289c5a2c478a786509693b80cd39c44ccd936366" + +[[package]] +name = "futures-util" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c1d6de3acfef38d2be4b1f543f553131788603495be83da675e180c8d6b7bd1" +dependencies = [ + "futures-channel", + "futures-core", + "futures-io", + "futures-macro", + "futures-sink", + "futures-task", + "memchr", + "pin-project-lite", + "pin-utils", + "slab", +] + +[[package]] +name = "gdk" +version = "0.15.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a6e05c1f572ab0e1f15be94217f0dc29088c248b14f792a5ff0af0d84bcda9e8" +dependencies = [ + "bitflags", + "cairo-rs", + "gdk-pixbuf", + "gdk-sys", + "gio", + "glib", + "libc", + "pango", +] + +[[package]] +name = "gdk-pixbuf" +version = "0.15.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ad38dd9cc8b099cceecdf41375bb6d481b1b5a7cd5cd603e10a69a9383f8619a" +dependencies = [ + "bitflags", + "gdk-pixbuf-sys", + "gio", + "glib", + "libc", +] + +[[package]] +name = "gdk-pixbuf-sys" +version = "0.15.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "140b2f5378256527150350a8346dbdb08fadc13453a7a2d73aecd5fab3c402a7" +dependencies = [ + "gio-sys", + "glib-sys", + "gobject-sys", + "libc", + "system-deps", +] + +[[package]] +name = "gdk-sys" +version = "0.15.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32e7a08c1e8f06f4177fb7e51a777b8c1689f743a7bc11ea91d44d2226073a88" +dependencies = [ + "cairo-sys-rs", + "gdk-pixbuf-sys", + "gio-sys", + "glib-sys", + "gobject-sys", + "libc", + "pango-sys", + "pkg-config", + "system-deps", +] + +[[package]] +name = "generic-array" +version = "0.14.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" +dependencies = [ + "typenum", + "version_check", +] + +[[package]] +name = "gethostname" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1ebd34e35c46e00bb73e81363248d627782724609fe1b6396f553f68fe3862e" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "getrandom" +version = "0.1.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" +dependencies = [ + "cfg-if", + "js-sys", + "libc", + "wasi 0.9.0+wasi-snapshot-preview1", + "wasm-bindgen", +] + +[[package]] +name = "getrandom" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c05aeb6a22b8f62540c194aac980f2115af067bfe15a0734d7277a768d396b31" +dependencies = [ + "cfg-if", + "js-sys", + "libc", + "wasi 0.11.0+wasi-snapshot-preview1", + "wasm-bindgen", +] + +[[package]] +name = "gettext" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ebb594e753d5997e4be036e5a8cf048ab9414352870fb45c779557bbc9ba971" +dependencies = [ + "byteorder", + "encoding", +] + +[[package]] +name = "gio" +version = "0.15.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68fdbc90312d462781a395f7a16d96a2b379bb6ef8cd6310a2df272771c4283b" +dependencies = [ + "bitflags", + "futures-channel", + "futures-core", + "futures-io", + "gio-sys", + "glib", + "libc", + "once_cell", + "thiserror", +] + +[[package]] +name = "gio-sys" +version = "0.15.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32157a475271e2c4a023382e9cab31c4584ee30a97da41d3c4e9fdd605abcf8d" +dependencies = [ + "glib-sys", + "gobject-sys", + "libc", + "system-deps", + "winapi", +] + +[[package]] +name = "git2" +version = "0.16.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ccf7f68c2995f392c49fffb4f95ae2c873297830eb25c6bc4c114ce8f4562acc" +dependencies = [ + "bitflags", + "libc", + "libgit2-sys", + "log", + "openssl-probe", + "openssl-sys", + "url", +] + +[[package]] +name = "glib" +version = "0.15.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "edb0306fbad0ab5428b0ca674a23893db909a98582969c9b537be4ced78c505d" +dependencies = [ + "bitflags", + "futures-channel", + "futures-core", + "futures-executor", + "futures-task", + "glib-macros", + "glib-sys", + "gobject-sys", + "libc", + "once_cell", + "smallvec", + "thiserror", +] + +[[package]] +name = "glib-macros" +version = "0.15.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25a68131a662b04931e71891fb14aaf65ee4b44d08e8abc10f49e77418c86c64" +dependencies = [ + "anyhow", + "heck", + "proc-macro-crate", + "proc-macro-error", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "glib-sys" +version = "0.15.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ef4b192f8e65e9cf76cbf4ea71fa8e3be4a0e18ffe3d68b8da6836974cc5bad4" +dependencies = [ + "libc", + "system-deps", +] + +[[package]] +name = "glob" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" + +[[package]] +name = "gobject-sys" +version = "0.15.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d57ce44246becd17153bd035ab4d32cfee096a657fc01f2231c9278378d1e0a" +dependencies = [ + "glib-sys", + "libc", + "system-deps", +] + +[[package]] +name = "gpg-error" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d89aaeddbfb92313378c58e98abadaaa34082b3855f1d455576eeeda08bd592c" +dependencies = [ + "libgpg-error-sys", +] + +[[package]] +name = "gpgme" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57539732fbe58eacdb984734b72b470ed0bca3ab7a49813271878567025ac44f" +dependencies = [ + "bitflags", + "cfg-if", + "conv", + "cstr-argument", + "gpg-error", + "gpgme-sys", + "libc", + "memoffset 0.7.1", + "once_cell", + "smallvec", + "static_assertions", +] + +[[package]] +name = "gpgme-sys" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "509223d659c06e4a26229437d6ac917723f02d31917c86c6ecd50e8369741cf7" +dependencies = [ + "build-rs", + "libc", + "libgpg-error-sys", + "system-deps", + "winreg", +] + +[[package]] +name = "gtk" +version = "0.15.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "92e3004a2d5d6d8b5057d2b57b3712c9529b62e82c77f25c1fecde1fd5c23bd0" +dependencies = [ + "atk", + "bitflags", + "cairo-rs", + "field-offset", + "futures-channel", + "gdk", + "gdk-pixbuf", + "gio", + "glib", + "gtk-sys", + "gtk3-macros", + "libc", + "once_cell", + "pango", + "pkg-config", +] + +[[package]] +name = "gtk-sys" +version = "0.15.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5bc2f0587cba247f60246a0ca11fe25fb733eabc3de12d1965fc07efab87c84" +dependencies = [ + "atk-sys", + "cairo-sys-rs", + "gdk-pixbuf-sys", + "gdk-sys", + "gio-sys", + "glib-sys", + "gobject-sys", + "libc", + "pango-sys", + "system-deps", +] + +[[package]] +name = "gtk3-macros" +version = "0.15.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24f518afe90c23fba585b2d7697856f9e6a7bbc62f65588035e66f6afb01a2e9" +dependencies = [ + "anyhow", + "proc-macro-crate", + "proc-macro-error", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "h2" +version = "0.3.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5be7b54589b581f624f566bf5d8eb2bab1db736c51528720b6bd36b96b55924d" +dependencies = [ + "bytes", + "fnv", + "futures-core", + "futures-sink", + "futures-util", + "http", + "indexmap", + "slab", + "tokio", + "tokio-util 0.7.7", + "tracing", +] + +[[package]] +name = "half" +version = "1.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eabb4a44450da02c90444cf74558da904edde8fb4e9035a9a6a4e15445af0bd7" + +[[package]] +name = "hashbrown" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" + +[[package]] +name = "heck" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" + +[[package]] +name = "hermit-abi" +version = "0.1.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33" +dependencies = [ + "libc", +] + +[[package]] +name = "hermit-abi" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee512640fe35acbfb4bb779db6f0d80704c2cacfa2e39b601ef3e3f47d1ae4c7" +dependencies = [ + "libc", +] + +[[package]] +name = "hex" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" + +[[package]] +name = "hmac" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" +dependencies = [ + "digest 0.10.6", +] + +[[package]] +name = "http" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd6effc99afb63425aff9b05836f029929e345a6148a14b7ecd5ab67af944482" +dependencies = [ + "bytes", + "fnv", + "itoa", +] + +[[package]] +name = "http-body" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5f38f16d184e36f2408a55281cd658ecbd3ca05cce6d6510a176eca393e26d1" +dependencies = [ + "bytes", + "http", + "pin-project-lite", +] + +[[package]] +name = "httparse" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d897f394bad6a705d5f4104762e116a75639e470d80901eed05a860a95cb1904" + +[[package]] +name = "httpdate" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c4a1e36c821dbe04574f602848a19f742f4fb3c98d40449f11bcad18d6b17421" + +[[package]] +name = "hyper" +version = "0.14.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e011372fa0b68db8350aa7a248930ecc7839bf46d8485577d69f117a75f164c" +dependencies = [ + "bytes", + "futures-channel", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "httparse", + "httpdate", + "itoa", + "pin-project-lite", + "socket2", + "tokio", + "tower-service", + "tracing", + "want", +] + +[[package]] +name = "hyper-tls" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905" +dependencies = [ + "bytes", + "hyper", + "native-tls", + "tokio", + "tokio-native-tls", +] + +[[package]] +name = "iana-time-zone" +version = "0.1.53" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64c122667b287044802d6ce17ee2ddf13207ed924c712de9a66a5814d5b64765" +dependencies = [ + "android_system_properties", + "core-foundation-sys", + "iana-time-zone-haiku", + "js-sys", + "wasm-bindgen", + "winapi", +] + +[[package]] +name = "iana-time-zone-haiku" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0703ae284fc167426161c2e3f1da3ea71d94b21bedbcc9494e92b28e334e3dca" +dependencies = [ + "cxx", + "cxx-build", +] + +[[package]] +name = "ident_case" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" + +[[package]] +name = "idna" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e14ddfc70884202db2244c223200c204c2bda1bc6e0998d11b5e024d657209e6" +dependencies = [ + "unicode-bidi", + "unicode-normalization", +] + +[[package]] +name = "indexmap" +version = "1.9.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1885e79c1fc4b10f0e172c475f458b7f7b93061064d98c3293e98c5ba0c8b399" +dependencies = [ + "autocfg", + "hashbrown", +] + +[[package]] +name = "instant" +version = "0.1.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "io-lifetimes" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1abeb7a0dd0f8181267ff8adc397075586500b81b28a73e8a0208b00fc170fb3" +dependencies = [ + "libc", + "windows-sys 0.45.0", +] + +[[package]] +name = "ipnet" +version = "2.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30e22bd8629359895450b59ea7a776c850561b96a3b1d31321c1949d9e6c9146" + +[[package]] +name = "itertools" +version = "0.10.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473" +dependencies = [ + "either", +] + +[[package]] +name = "itoa" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "453ad9f582a441959e5f0d088b02ce04cfe8d51a8eaf077f12ac6d3e94164ca6" + +[[package]] +name = "jobserver" +version = "0.1.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "936cfd212a0155903bcbc060e316fb6cc7cbf2e1907329391ebadc1fe0ce77c2" +dependencies = [ + "libc", +] + +[[package]] +name = "js-sys" +version = "0.3.61" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "445dde2150c55e483f3d8416706b97ec8e8237c307e5b7b4b8dd15e6af2a0730" +dependencies = [ + "wasm-bindgen", +] + +[[package]] +name = "lalrpop" +version = "0.19.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b30455341b0e18f276fa64540aff54deafb54c589de6aca68659c63dd2d5d823" +dependencies = [ + "ascii-canvas", + "atty", + "bit-set", + "diff", + "ena", + "itertools", + "lalrpop-util", + "petgraph", + "pico-args", + "regex", + "regex-syntax", + "string_cache", + "term", + "tiny-keccak", + "unicode-xid", +] + +[[package]] +name = "lalrpop-util" +version = "0.19.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bcf796c978e9b4d983414f4caedc9273aa33ee214c5b887bd55fde84c85d2dc4" +dependencies = [ + "regex", +] + +[[package]] +name = "lazy_static" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "76f033c7ad61445c5b347c7382dd1237847eb1bce590fe50365dcb33d546be73" + +[[package]] +name = "lazy_static" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" + +[[package]] +name = "lazycell" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" + +[[package]] +name = "lexical-core" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6607c62aa161d23d17a9072cc5da0be67cdfc89d3afb1e8d9c842bebc2525ffe" +dependencies = [ + "arrayvec", + "bitflags", + "cfg-if", + "ryu", + "static_assertions", +] + +[[package]] +name = "libc" +version = "0.2.139" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" + +[[package]] +name = "libgit2-sys" +version = "0.14.2+1.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f3d95f6b51075fe9810a7ae22c7095f12b98005ab364d8544797a825ce946a4" +dependencies = [ + "cc", + "libc", + "libssh2-sys", + "libz-sys", + "openssl-sys", + "pkg-config", +] + +[[package]] +name = "libgpg-error-sys" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c97079310f39c835d3bd73578379d040f779614bb331c7ffbb6630fee6420290" +dependencies = [ + "build-rs", + "system-deps", + "winreg", +] + +[[package]] +name = "libloading" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b67380fd3b2fbe7527a606e18729d21c6f3951633d0500574c4dc22d2d638b9f" +dependencies = [ + "cfg-if", + "winapi", +] + +[[package]] +name = "libssh2-sys" +version = "0.2.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b094a36eb4b8b8c8a7b4b8ae43b2944502be3e59cd87687595cf6b0a71b3f4ca" +dependencies = [ + "cc", + "libc", + "libz-sys", + "openssl-sys", + "pkg-config", + "vcpkg", +] + +[[package]] +name = "libz-sys" +version = "1.1.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9702761c3935f8cc2f101793272e202c72b99da8f4224a19ddcf1279a6450bbf" +dependencies = [ + "cc", + "libc", + "pkg-config", + "vcpkg", +] + +[[package]] +name = "link-cplusplus" +version = "1.0.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ecd207c9c713c34f95a097a5b029ac2ce6010530c7b49d7fea24d977dede04f5" +dependencies = [ + "cc", +] + +[[package]] +name = "linux-raw-sys" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f051f77a7c8e6957c0696eac88f26b0117e54f52d3fc682ab19397a8812846a4" + +[[package]] +name = "locale_config" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08d2c35b16f4483f6c26f0e4e9550717a2f6575bcd6f12a53ff0c490a94a6934" +dependencies = [ + "lazy_static 1.4.0", + "objc", + "objc-foundation", + "regex", + "winapi", +] + +[[package]] +name = "lock_api" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df" +dependencies = [ + "autocfg", + "scopeguard", +] + +[[package]] +name = "log" +version = "0.4.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "malloc_buf" +version = "0.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62bb907fe88d54d8d9ce32a3cceab4218ed2f6b7d35617cafe9adf84e43919cb" +dependencies = [ + "libc", +] + +[[package]] +name = "man" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebf5fa795187a80147b1ac10aaedcf5ffd3bbeb1838bda61801a1c9ad700a1c9" +dependencies = [ + "roff", +] + +[[package]] +name = "memchr" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" + +[[package]] +name = "memoffset" +version = "0.6.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5aa361d4faea93603064a027415f07bd8e1d5c88c9fbf68bf56a285428fd79ce" +dependencies = [ + "autocfg", +] + +[[package]] +name = "memoffset" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5de893c32cde5f383baa4c04c5d6dbdd735cfd4a794b0debdb2bb1b421da5ff4" +dependencies = [ + "autocfg", +] + +[[package]] +name = "memoffset" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d61c719bcfbcf5d62b3a09efa6088de8c54bc0bfcd3ea7ae39fcc186108b8de1" +dependencies = [ + "autocfg", +] + +[[package]] +name = "memsec" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fa0916b001582d253822171bd23f4a0229d32b9507fae236f5da8cad515ba7c" + +[[package]] +name = "mime" +version = "0.3.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a60c7ce501c71e03a9c9c0d35b861413ae925bd979cc7a4e30d060069aaac8d" + +[[package]] +name = "minimal-lexical" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" + +[[package]] +name = "miniz_oxide" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b275950c28b37e794e8c55d88aeb5e139d0ce23fdbbeda68f8d7174abdf9e8fa" +dependencies = [ + "adler", +] + +[[package]] +name = "mio" +version = "0.8.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b9d9a46eff5b4ff64b45a9e316a6d1e0bc719ef429cbec4dc630684212bfdf9" +dependencies = [ + "libc", + "log", + "wasi 0.11.0+wasi-snapshot-preview1", + "windows-sys 0.45.0", +] + +[[package]] +name = "native-tls" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "07226173c32f2926027b63cce4bcd8076c3552846cbe7925f3aaffeac0a3b92e" +dependencies = [ + "lazy_static 1.4.0", + "libc", + "log", + "openssl", + "openssl-probe", + "openssl-sys", + "schannel", + "security-framework", + "security-framework-sys", + "tempfile", +] + +[[package]] +name = "nettle" +version = "7.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f5d193a809310369c5d16e45bc0a88cb27935edd5d3375bcfc2371b167694035" +dependencies = [ + "getrandom 0.2.8", + "libc", + "nettle-sys", + "thiserror", +] + +[[package]] +name = "nettle-sys" +version = "2.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5df7cd7e8d5d2997055f31318d1ec648c84886e662bbef7b4a60e3cbc899522b" +dependencies = [ + "bindgen", + "cc", + "libc", + "pkg-config", + "tempfile", + "vcpkg", +] + +[[package]] +name = "new_debug_unreachable" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e4a24736216ec316047a1fc4252e27dabb04218aa4a3f37c6e7ddbf1f9782b54" + +[[package]] +name = "nix" +version = "0.24.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa52e972a9a719cecb6864fb88568781eb706bac2cd1d4f04a648542dbf78069" +dependencies = [ + "bitflags", + "cfg-if", + "libc", + "memoffset 0.6.5", +] + +[[package]] +name = "nom" +version = "5.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffb4262d26ed83a1c0a33a38fe2bb15797329c85770da05e6b828ddb782627af" +dependencies = [ + "lexical-core", + "memchr", + "version_check", +] + +[[package]] +name = "nom" +version = "7.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a" +dependencies = [ + "memchr", + "minimal-lexical", +] + +[[package]] +name = "num" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43db66d1170d347f9a065114077f7dccb00c1b9478c89384490a3425279a4606" +dependencies = [ + "num-complex", + "num-integer", + "num-iter", + "num-rational", + "num-traits", +] + +[[package]] +name = "num-complex" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "02e0d21255c828d6f128a1e41534206671e8c3ea0c62f32291e808dc82cff17d" +dependencies = [ + "num-traits", +] + +[[package]] +name = "num-integer" +version = "0.1.45" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" +dependencies = [ + "autocfg", + "num-traits", +] + +[[package]] +name = "num-iter" +version = "0.1.43" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d03e6c028c5dc5cac6e2dec0efda81fc887605bb3d884578bb6d6bf7514e252" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-rational" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0638a1c9d0a3c0914158145bc76cff373a75a627e6ecbfb71cbe6f453a5a19b0" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-traits" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" +dependencies = [ + "autocfg", +] + +[[package]] +name = "num_cpus" +version = "1.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fac9e2da13b5eb447a6ce3d392f23a29d8694bff781bf03a16cd9ac8697593b" +dependencies = [ + "hermit-abi 0.2.6", + "libc", +] + +[[package]] +name = "num_threads" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44" +dependencies = [ + "libc", +] + +[[package]] +name = "objc" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "915b1b472bc21c53464d6c8461c9d3af805ba1ef837e1cac254428f4a77177b1" +dependencies = [ + "malloc_buf", +] + +[[package]] +name = "objc-foundation" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1add1b659e36c9607c7aab864a76c7a4c2760cd0cd2e120f3fb8b952c7e22bf9" +dependencies = [ + "block", + "objc", + "objc_id", +] + +[[package]] +name = "objc_id" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c92d4ddb4bd7b50d730c215ff871754d0da6b2178849f8a2a2ab69712d0c073b" +dependencies = [ + "objc", +] + +[[package]] +name = "once_cell" +version = "1.17.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b7e5500299e16ebb147ae15a00a942af264cf3688f47923b8fc2cd5858f23ad3" + +[[package]] +name = "oorandom" +version = "11.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ab1bc2a289d34bd04a330323ac98a1b4bc82c9d9fcb1e66b63caa84da26b575" + +[[package]] +name = "openssl" +version = "0.10.45" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b102428fd03bc5edf97f62620f7298614c45cedf287c271e7ed450bbaf83f2e1" +dependencies = [ + "bitflags", + "cfg-if", + "foreign-types", + "libc", + "once_cell", + "openssl-macros", + "openssl-sys", +] + +[[package]] +name = "openssl-macros" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b501e44f11665960c7e7fcf062c7d96a14ade4aa98116c004b2e37b5be7d736c" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "openssl-probe" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" + +[[package]] +name = "openssl-sys" +version = "0.9.80" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23bbbf7854cd45b83958ebe919f0e8e516793727652e27fda10a8384cfc790b7" +dependencies = [ + "autocfg", + "cc", + "libc", + "pkg-config", + "vcpkg", +] + +[[package]] +name = "os_pipe" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a53dbb20faf34b16087a931834cba2d7a73cc74af2b7ef345a4c8324e2409a12" +dependencies = [ + "libc", + "windows-sys 0.45.0", +] + +[[package]] +name = "owning_ref" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ff55baddef9e4ad00f88b6c743a2a8062d4c6ade126c2a528644b8e444d52ce" +dependencies = [ + "stable_deref_trait", +] + +[[package]] +name = "pango" +version = "0.15.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "22e4045548659aee5313bde6c582b0d83a627b7904dd20dc2d9ef0895d414e4f" +dependencies = [ + "bitflags", + "glib", + "libc", + "once_cell", + "pango-sys", +] + +[[package]] +name = "pango-sys" +version = "0.15.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2a00081cde4661982ed91d80ef437c20eacaf6aa1a5962c0279ae194662c3aa" +dependencies = [ + "glib-sys", + "gobject-sys", + "libc", + "system-deps", +] + +[[package]] +name = "parking_lot" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" +dependencies = [ + "lock_api", + "parking_lot_core", +] + +[[package]] +name = "parking_lot_core" +version = "0.9.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9069cbb9f99e3a5083476ccb29ceb1de18b9118cafa53e90c9551235de2b9521" +dependencies = [ + "cfg-if", + "libc", + "redox_syscall", + "smallvec", + "windows-sys 0.45.0", +] + +[[package]] +name = "peeking_take_while" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" + +[[package]] +name = "percent-encoding" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e" + +[[package]] +name = "pest" +version = "2.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "028accff104c4e513bad663bbcd2ad7cfd5304144404c31ed0a77ac103d00660" +dependencies = [ + "thiserror", + "ucd-trie", +] + +[[package]] +name = "petgraph" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4dd7d28ee937e54fe3080c91faa1c3a46c06de6252988a7f4592ba2310ef22a4" +dependencies = [ + "fixedbitset", + "indexmap", +] + +[[package]] +name = "phf_shared" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6796ad771acdc0123d2a88dc428b5e38ef24456743ddb1744ed628f9815c096" +dependencies = [ + "siphasher", +] + +[[package]] +name = "pico-args" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db8bcd96cb740d03149cbad5518db9fd87126a10ab519c011893b1754134c468" + +[[package]] +name = "pin-project-lite" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e0a7ae3ac2f1173085d398531c705756c94a4c56843785df85a60c1a0afac116" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "pkg-config" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ac9a59f73473f1b8d852421e59e64809f025994837ef743615c6d0c5b305160" + +[[package]] +name = "plotters" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2538b639e642295546c50fcd545198c9d64ee2a38620a628724a3b266d5fbf97" +dependencies = [ + "num-traits", + "plotters-backend", + "plotters-svg", + "wasm-bindgen", + "web-sys", +] + +[[package]] +name = "plotters-backend" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "193228616381fecdc1224c62e96946dfbc73ff4384fba576e052ff8c1bea8142" + +[[package]] +name = "plotters-svg" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f9a81d2759aae1dae668f783c308bc5c8ebd191ff4184aaa1b37f65a6ae5a56f" +dependencies = [ + "plotters-backend", +] + +[[package]] +name = "ppv-lite86" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" + +[[package]] +name = "precomputed-hash" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "925383efa346730478fb4838dbe9137d2a47675ad789c546d150a6e1dd4ab31c" + +[[package]] +name = "proc-macro-crate" +version = "1.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f4c021e1093a56626774e81216a4ce732a735e5bad4868a03f3ed65ca0c3919" +dependencies = [ + "once_cell", + "toml_edit", +] + +[[package]] +name = "proc-macro-error" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" +dependencies = [ + "proc-macro-error-attr", + "proc-macro2", + "quote", + "syn", + "version_check", +] + +[[package]] +name = "proc-macro-error-attr" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" +dependencies = [ + "proc-macro2", + "quote", + "version_check", +] + +[[package]] +name = "proc-macro2" +version = "1.0.51" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5d727cae5b39d21da60fa540906919ad737832fe0b1c165da3a34d6548c849d6" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "qml" +version = "0.0.9" +source = "git+https://github.com/White-Oak/qml-rust#3316f54e29331ac951b5cf083179bb71add002e2" +dependencies = [ + "cmake", + "lazy_static 0.2.11", + "libc", + "pkg-config", +] + +[[package]] +name = "quote" +version = "1.0.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8856d8364d252a14d474036ea1358d63c9e6965c8e5c1885c18f73d70bff9c7b" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "rand" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" +dependencies = [ + "getrandom 0.1.16", + "libc", + "rand_chacha 0.2.2", + "rand_core 0.5.1", + "rand_hc", +] + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha 0.3.1", + "rand_core 0.6.4", +] + +[[package]] +name = "rand_chacha" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" +dependencies = [ + "ppv-lite86", + "rand_core 0.5.1", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core 0.6.4", +] + +[[package]] +name = "rand_core" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" +dependencies = [ + "getrandom 0.1.16", +] + +[[package]] +name = "rand_core" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom 0.2.8", +] + +[[package]] +name = "rand_hc" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" +dependencies = [ + "rand_core 0.5.1", +] + +[[package]] +name = "rayon" +version = "1.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d2df5196e37bcc87abebc0053e20787d73847bb33134a69841207dd0a47f03b" +dependencies = [ + "either", + "rayon-core", +] + +[[package]] +name = "rayon-core" +version = "1.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b8f95bd6966f5c87776639160a66bd8ab9895d9d4ab01ddba9fc60661aebe8d" +dependencies = [ + "crossbeam-channel", + "crossbeam-deque", + "crossbeam-utils", + "num_cpus", +] + +[[package]] +name = "redox_syscall" +version = "0.2.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a" +dependencies = [ + "bitflags", +] + +[[package]] +name = "redox_users" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b033d837a7cf162d7993aded9304e30a83213c648b6e389db233191f891e5c2b" +dependencies = [ + "getrandom 0.2.8", + "redox_syscall", + "thiserror", +] + +[[package]] +name = "regex" +version = "1.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48aaa5748ba571fb95cd2c85c09f629215d3a6ece942baa100950af03a34f733" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.6.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "456c603be3e8d448b072f410900c09faf164fbce2d480456f50eea6e25f9c848" + +[[package]] +name = "reqwest" +version = "0.11.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "21eed90ec8570952d53b772ecf8f206aa1ec9a3d76b2521c56c42973f2d91ee9" +dependencies = [ + "base64 0.21.0", + "bytes", + "encoding_rs", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "hyper", + "hyper-tls", + "ipnet", + "js-sys", + "log", + "mime", + "native-tls", + "once_cell", + "percent-encoding", + "pin-project-lite", + "serde", + "serde_json", + "serde_urlencoded", + "tokio", + "tokio-native-tls", + "tower-service", + "url", + "wasm-bindgen", + "wasm-bindgen-futures", + "web-sys", + "winreg", +] + +[[package]] +name = "ripasso" +version = "0.6.4" +dependencies = [ + "anyhow", + "base64 0.21.0", + "chrono", + "config", + "criterion", + "flate2", + "git2", + "glob", + "gpgme", + "hex", + "hmac", + "rand 0.8.5", + "reqwest", + "sequoia-ipc", + "sequoia-openpgp", + "sha1", + "sha2", + "tar", + "tempfile", + "toml", + "totp-rs", + "whoami", +] + +[[package]] +name = "ripasso-cursive" +version = "0.6.4" +dependencies = [ + "chrono", + "cli-clipboard", + "clipboard", + "config", + "cursive", + "gettext", + "glob", + "hex", + "lazy_static 1.4.0", + "locale_config", + "man", + "ripasso", + "tempfile", + "term_size", + "toml", + "unic-langid", + "wl-clipboard-rs", +] + +[[package]] +name = "ripasso-gtk" +version = "0.6.4" +dependencies = [ + "clipboard", + "gdk", + "glib", + "gtk", + "lazy_static 1.4.0", + "ripasso", +] + +[[package]] +name = "ripasso-qt" +version = "0.6.4" +dependencies = [ + "clipboard", + "qml", + "ripasso", +] + +[[package]] +name = "roff" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e33e4fb37ba46888052c763e4ec2acfedd8f00f62897b630cadb6298b833675e" + +[[package]] +name = "rustc-hash" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" + +[[package]] +name = "rustc_version" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0dfe2087c51c460008730de8b57e6a320782fbfb312e1f4d520e6c6fae155ee" +dependencies = [ + "semver", +] + +[[package]] +name = "rustix" +version = "0.36.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd5c6ff11fecd55b40746d1995a02f2eb375bf8c00d192d521ee09f42bef37bc" +dependencies = [ + "bitflags", + "errno", + "io-lifetimes", + "libc", + "linux-raw-sys", + "windows-sys 0.45.0", +] + +[[package]] +name = "rustversion" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5583e89e108996506031660fe09baa5011b9dd0341b89029313006d1fb508d70" + +[[package]] +name = "ryu" +version = "1.0.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f91339c0467de62360649f8d3e185ca8de4224ff281f66000de5eb2a77a79041" + +[[package]] +name = "same-file" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "schannel" +version = "0.1.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "713cfb06c7059f3588fb8044c0fad1d09e3c01d225e25b9220dbfdcf16dbb1b3" +dependencies = [ + "windows-sys 0.42.0", +] + +[[package]] +name = "scopeguard" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" + +[[package]] +name = "scratch" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5d5e082f6ea090deaf0e6dd04b68360fd5cddb152af6ce8927c9d25db299f98c" + +[[package]] +name = "security-framework" +version = "2.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a332be01508d814fed64bf28f798a146d73792121129962fdf335bb3c49a4254" +dependencies = [ + "bitflags", + "core-foundation", + "core-foundation-sys", + "libc", + "security-framework-sys", +] + +[[package]] +name = "security-framework-sys" +version = "2.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "31c9bb296072e961fcbd8853511dd39c2d8be2deb1e17c6860b1d30732b323b4" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "semver" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f301af10236f6df4160f7c3f04eec6dbc70ace82d23326abad5edee88801c6b6" +dependencies = [ + "semver-parser", +] + +[[package]] +name = "semver-parser" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0bef5b7f9e0df16536d3961cfb6e84331c065b4066afb39768d0e319411f7" +dependencies = [ + "pest", +] + +[[package]] +name = "sequoia-ipc" +version = "0.28.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0d77ed9e61ea15856bc379246be754c149d40920983a2ca87a8fced24cc9328" +dependencies = [ + "anyhow", + "buffered-reader", + "capnp-rpc", + "ctor", + "dirs", + "fs2", + "futures", + "lalrpop", + "lalrpop-util", + "lazy_static 1.4.0", + "libc", + "memsec", + "rand 0.8.5", + "sequoia-openpgp", + "socket2", + "tempfile", + "thiserror", + "tokio", + "tokio-util 0.6.10", + "winapi", +] + +[[package]] +name = "sequoia-openpgp" +version = "1.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70af2f594bf5261eb87be5060db1e40d6445686d2bb3ec41c014cf53701130a2" +dependencies = [ + "anyhow", + "base64 0.13.1", + "buffered-reader", + "bzip2", + "chrono", + "dyn-clone", + "flate2", + "getrandom 0.2.8", + "idna", + "lalrpop", + "lalrpop-util", + "lazy_static 1.4.0", + "libc", + "memsec", + "nettle", + "rand 0.7.3", + "regex", + "regex-syntax", + "sha1collisiondetection", + "thiserror", + "xxhash-rust", +] + +[[package]] +name = "serde" +version = "1.0.152" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bb7d1f0d3021d347a83e556fc4683dea2ea09d87bccdf88ff5c12545d89d5efb" + +[[package]] +name = "serde_cbor" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2bef2ebfde456fb76bbcf9f59315333decc4fda0b2b44b420243c11e0f5ec1f5" +dependencies = [ + "half", + "serde", +] + +[[package]] +name = "serde_derive" +version = "1.0.152" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af487d118eecd09402d70a5d72551860e788df87b464af30e5ea6a38c75c541e" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "serde_json" +version = "1.0.93" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cad406b69c91885b5107daf2c29572f6c8cdb3c66826821e286c533490c0bc76" +dependencies = [ + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "serde_urlencoded" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd" +dependencies = [ + "form_urlencoded", + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "sha1" +version = "0.10.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f04293dc80c3993519f2d7f6f511707ee7094fe0c6d3406feb330cdb3540eba3" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest 0.10.6", +] + +[[package]] +name = "sha1collisiondetection" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c66558a774ef5044cb4a834db5f5c7f95e139d2341d7f502fe6034afa7082461" +dependencies = [ + "digest 0.9.0", + "generic-array", +] + +[[package]] +name = "sha2" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest 0.10.6", +] + +[[package]] +name = "shlex" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43b2853a4d09f215c24cc5489c992ce46052d359b5109343cbafbf26bc62f8a3" + +[[package]] +name = "signal-hook" +version = "0.3.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "732768f1176d21d09e076c23a93123d40bba92d50c4058da34d45c8de8e682b9" +dependencies = [ + "libc", + "signal-hook-registry", +] + +[[package]] +name = "signal-hook-mio" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "29ad2e15f37ec9a6cc544097b78a1ec90001e9f71b81338ca39f430adaca99af" +dependencies = [ + "libc", + "mio", + "signal-hook", +] + +[[package]] +name = "signal-hook-registry" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d8229b473baa5980ac72ef434c4415e70c4b5e71b423043adb4ba059f89c99a1" +dependencies = [ + "libc", +] + +[[package]] +name = "siphasher" +version = "0.3.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7bd3e3206899af3f8b12af284fafc038cc1dc2b41d1b89dd17297221c5d225de" + +[[package]] +name = "slab" +version = "0.4.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6528351c9bc8ab22353f9d776db39a20288e8d6c37ef8cfe3317cf875eecfc2d" +dependencies = [ + "autocfg", +] + +[[package]] +name = "smallvec" +version = "1.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" + +[[package]] +name = "socket2" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64a4a911eed85daf18834cfaa86a79b7d266ff93ff5ba14005426219480ed662" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "stable_deref_trait" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" + +[[package]] +name = "static_assertions" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" + +[[package]] +name = "str-buf" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e08d8363704e6c71fc928674353e6b7c23dcea9d82d7012c8faf2a3a025f8d0" + +[[package]] +name = "string_cache" +version = "0.8.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d69e88b23f23030bf4d0e9ca7b07434f70e1c1f4d3ca7e93ce958b373654d9f" +dependencies = [ + "new_debug_unreachable", + "once_cell", + "parking_lot", + "phf_shared", + "precomputed-hash", +] + +[[package]] +name = "subtle" +version = "2.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" + +[[package]] +name = "syn" +version = "1.0.109" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "system-deps" +version = "6.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2955b1fe31e1fa2fbd1976b71cc69a606d7d4da16f6de3333d0c92d51419aeff" +dependencies = [ + "cfg-expr", + "heck", + "pkg-config", + "toml", + "version-compare", +] + +[[package]] +name = "tar" +version = "0.4.38" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b55807c0344e1e6c04d7c965f5289c39a8d94ae23ed5c0b57aabac549f871c6" +dependencies = [ + "filetime", + "libc", + "xattr", +] + +[[package]] +name = "tempfile" +version = "3.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af18f7ae1acd354b992402e9ec5864359d693cd8a79dcbef59f76891701c1e95" +dependencies = [ + "cfg-if", + "fastrand", + "redox_syscall", + "rustix", + "windows-sys 0.42.0", +] + +[[package]] +name = "term" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c59df8ac95d96ff9bede18eb7300b0fda5e5d8d90960e76f8e14ae765eedbf1f" +dependencies = [ + "dirs-next", + "rustversion", + "winapi", +] + +[[package]] +name = "term_size" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e4129646ca0ed8f45d09b929036bafad5377103edd06e50bf574b353d2b08d9" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "termcolor" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be55cf8942feac5c765c2c993422806843c9a9a45d4d5c407ad6dd2ea95eb9b6" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "textwrap" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060" +dependencies = [ + "unicode-width", +] + +[[package]] +name = "thiserror" +version = "1.0.38" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a9cd18aa97d5c45c6603caea1da6628790b37f7a34b6ca89522331c5180fed0" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.38" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fb327af4685e4d03fa8cbcf1716380da910eeb2bb8be417e7f9fd3fb164f36f" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "time" +version = "0.1.45" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b797afad3f312d1c66a56d11d0316f916356d11bd158fbc6ca6389ff6bf805a" +dependencies = [ + "libc", + "wasi 0.10.0+wasi-snapshot-preview1", + "winapi", +] + +[[package]] +name = "time" +version = "0.3.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cd0cbfecb4d19b5ea75bb31ad904eb5b9fa13f21079c3b92017ebdf4999a5890" +dependencies = [ + "itoa", + "libc", + "num_threads", + "serde", + "time-core", + "time-macros", +] + +[[package]] +name = "time-core" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e153e1f1acaef8acc537e68b44906d2db6436e2b35ac2c6b42640fff91f00fd" + +[[package]] +name = "time-macros" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd80a657e71da814b8e5d60d3374fc6d35045062245d80224748ae522dd76f36" +dependencies = [ + "time-core", +] + +[[package]] +name = "tiny-keccak" +version = "2.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c9d3793400a45f954c52e73d068316d76b6f4e36977e3fcebb13a2721e80237" +dependencies = [ + "crunchy", +] + +[[package]] +name = "tinystr" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ac3f5b6856e931e15e07b478e98c8045239829a65f9156d4fa7e7788197a5ef" +dependencies = [ + "displaydoc", +] + +[[package]] +name = "tinytemplate" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be4d6b5f19ff7664e8c98d03e2139cb510db9b0a60b55f8e8709b689d939b6bc" +dependencies = [ + "serde", + "serde_json", +] + +[[package]] +name = "tinyvec" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87cc5ceb3875bb20c2890005a4e226a4651264a5c75edb2421b52861a0a0cb50" +dependencies = [ + "tinyvec_macros", +] + +[[package]] +name = "tinyvec_macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" + +[[package]] +name = "tokio" +version = "1.26.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "03201d01c3c27a29c8a5cee5b55a93ddae1ccf6f08f65365c2c918f8c1b76f64" +dependencies = [ + "autocfg", + "bytes", + "libc", + "memchr", + "mio", + "num_cpus", + "pin-project-lite", + "socket2", + "windows-sys 0.45.0", +] + +[[package]] +name = "tokio-native-tls" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2" +dependencies = [ + "native-tls", + "tokio", +] + +[[package]] +name = "tokio-util" +version = "0.6.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "36943ee01a6d67977dd3f84a5a1d2efeb4ada3a1ae771cadfaa535d9d9fc6507" +dependencies = [ + "bytes", + "futures-core", + "futures-io", + "futures-sink", + "log", + "pin-project-lite", + "tokio", +] + +[[package]] +name = "tokio-util" +version = "0.7.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5427d89453009325de0d8f342c9490009f76e999cb7672d77e46267448f7e6b2" +dependencies = [ + "bytes", + "futures-core", + "futures-sink", + "pin-project-lite", + "tokio", + "tracing", +] + +[[package]] +name = "toml" +version = "0.5.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4f7f0dd8d50a853a531c426359045b1998f04219d88799810762cd4ad314234" +dependencies = [ + "serde", +] + +[[package]] +name = "toml_datetime" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ab8ed2edee10b50132aed5f331333428b011c99402b5a534154ed15746f9622" + +[[package]] +name = "toml_edit" +version = "0.19.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a1eb0622d28f4b9c90adc4ea4b2b46b47663fde9ac5fafcb14a1369d5508825" +dependencies = [ + "indexmap", + "toml_datetime", + "winnow", +] + +[[package]] +name = "totp-rs" +version = "3.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "942a8cf27d3bf8ac090ed75d3887cead18da1c6f3b0d4502edbf639ebbd37057" +dependencies = [ + "base32", + "constant_time_eq", + "hmac", + "sha1", + "sha2", + "url", + "urlencoding", +] + +[[package]] +name = "tower-service" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52" + +[[package]] +name = "tracing" +version = "0.1.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ce8c33a8d48bd45d624a6e523445fd21ec13d3653cd51f681abf67418f54eb8" +dependencies = [ + "cfg-if", + "pin-project-lite", + "tracing-core", +] + +[[package]] +name = "tracing-core" +version = "0.1.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24eb03ba0eab1fd845050058ce5e616558e8f8d8fca633e6b163fe25c797213a" +dependencies = [ + "once_cell", +] + +[[package]] +name = "tree_magic_mini" +version = "3.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "91adfd0607cacf6e4babdb870e9bec4037c1c4b151cfd279ccefc5e0c7feaa6d" +dependencies = [ + "bytecount", + "fnv", + "lazy_static 1.4.0", + "nom 7.1.3", + "once_cell", + "petgraph", +] + +[[package]] +name = "try-lock" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3528ecfd12c466c6f163363caf2d02a71161dd5e1cc6ae7b34207ea2d42d81ed" + +[[package]] +name = "typenum" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" + +[[package]] +name = "ucd-trie" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e79c4d996edb816c91e4308506774452e55e95c3c9de07b6729e17e15a5ef81" + +[[package]] +name = "unic-langid" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "398f9ad7239db44fd0f80fe068d12ff22d78354080332a5077dc6f52f14dcf2f" +dependencies = [ + "unic-langid-impl", +] + +[[package]] +name = "unic-langid-impl" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e35bfd2f2b8796545b55d7d3fd3e89a0613f68a0d1c8bc28cb7ff96b411a35ff" +dependencies = [ + "tinystr", +] + +[[package]] +name = "unicode-bidi" +version = "0.3.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d54675592c1dbefd78cbd98db9bacd89886e1ca50692a0692baefffdeb92dd58" + +[[package]] +name = "unicode-ident" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "775c11906edafc97bc378816b94585fbd9a054eabaf86fdd0ced94af449efab7" + +[[package]] +name = "unicode-normalization" +version = "0.1.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c5713f0fc4b5db668a2ac63cdb7bb4469d8c9fed047b1d0292cc7b0ce2ba921" +dependencies = [ + "tinyvec", +] + +[[package]] +name = "unicode-segmentation" +version = "1.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1dd624098567895118886609431a7c3b8f516e41d30e0643f03d94592a147e36" + +[[package]] +name = "unicode-width" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0edd1e5b14653f783770bce4a4dabb4a5108a5370a5f5d8cfe8710c361f6c8b" + +[[package]] +name = "unicode-xid" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" + +[[package]] +name = "url" +version = "2.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d68c799ae75762b8c3fe375feb6600ef5602c883c5d21eb51c09f22b83c4643" +dependencies = [ + "form_urlencoded", + "idna", + "percent-encoding", +] + +[[package]] +name = "urlencoding" +version = "2.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8db7427f936968176eaa7cdf81b7f98b980b18495ec28f1b5791ac3bfe3eea9" + +[[package]] +name = "vcpkg" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" + +[[package]] +name = "version-compare" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "579a42fc0b8e0c63b76519a339be31bed574929511fa53c1a3acae26eb258f29" + +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" + +[[package]] +name = "walkdir" +version = "2.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "808cf2735cd4b6866113f648b791c6adc5714537bc222d9347bb203386ffda56" +dependencies = [ + "same-file", + "winapi", + "winapi-util", +] + +[[package]] +name = "want" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ce8a968cb1cd110d136ff8b819a556d6fb6d919363c61534f6860c7eb172ba0" +dependencies = [ + "log", + "try-lock", +] + +[[package]] +name = "wasi" +version = "0.9.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" + +[[package]] +name = "wasi" +version = "0.10.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f" + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "wasm-bindgen" +version = "0.2.84" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "31f8dcbc21f30d9b8f2ea926ecb58f6b91192c17e9d33594b3df58b2007ca53b" +dependencies = [ + "cfg-if", + "wasm-bindgen-macro", +] + +[[package]] +name = "wasm-bindgen-backend" +version = "0.2.84" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95ce90fd5bcc06af55a641a86428ee4229e44e07033963a2290a8e241607ccb9" +dependencies = [ + "bumpalo", + "log", + "once_cell", + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-futures" +version = "0.4.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f219e0d211ba40266969f6dbdd90636da12f75bee4fc9d6c23d1260dadb51454" +dependencies = [ + "cfg-if", + "js-sys", + "wasm-bindgen", + "web-sys", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.84" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c21f77c0bedc37fd5dc21f897894a5ca01e7bb159884559461862ae90c0b4c5" +dependencies = [ + "quote", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.84" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2aff81306fcac3c7515ad4e177f521b5c9a15f2b08f4e32d823066102f35a5f6" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-backend", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.84" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0046fef7e28c3804e5e38bfa31ea2a0f73905319b677e57ebe37e49358989b5d" + +[[package]] +name = "wayland-client" +version = "0.29.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f3b068c05a039c9f755f881dc50f01732214f5685e379829759088967c46715" +dependencies = [ + "bitflags", + "downcast-rs", + "libc", + "nix", + "wayland-commons", + "wayland-scanner", + "wayland-sys", +] + +[[package]] +name = "wayland-commons" +version = "0.29.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8691f134d584a33a6606d9d717b95c4fa20065605f798a3f350d78dced02a902" +dependencies = [ + "nix", + "once_cell", + "smallvec", + "wayland-sys", +] + +[[package]] +name = "wayland-protocols" +version = "0.29.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b950621f9354b322ee817a23474e479b34be96c2e909c14f7bc0100e9a970bc6" +dependencies = [ + "bitflags", + "wayland-client", + "wayland-commons", + "wayland-scanner", +] + +[[package]] +name = "wayland-scanner" +version = "0.29.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f4303d8fa22ab852f789e75a967f0a2cdc430a607751c0499bada3e451cbd53" +dependencies = [ + "proc-macro2", + "quote", + "xml-rs", +] + +[[package]] +name = "wayland-sys" +version = "0.29.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be12ce1a3c39ec7dba25594b97b42cb3195d54953ddb9d3d95a7c3902bc6e9d4" +dependencies = [ + "pkg-config", +] + +[[package]] +name = "web-sys" +version = "0.3.61" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e33b99f4b23ba3eec1a53ac264e35a755f00e966e0065077d6027c0f575b0b97" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "whoami" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "45dbc71f0cdca27dc261a9bd37ddec174e4a0af2b900b890f378460f745426e3" +dependencies = [ + "wasm-bindgen", + "web-sys", +] + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-util" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178" +dependencies = [ + "winapi", +] + +[[package]] +name = "winapi-wsapoll" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44c17110f57155602a80dca10be03852116403c9ff3cd25b079d666f2aa3df6e" +dependencies = [ + "winapi", +] + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows-sys" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a3e1820f08b8513f676f7ab6c1f99ff312fb97b553d30ff4dd86f9f15728aa7" +dependencies = [ + "windows_aarch64_gnullvm", + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_gnullvm", + "windows_x86_64_msvc", +] + +[[package]] +name = "windows-sys" +version = "0.45.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75283be5efb2831d37ea142365f009c02ec203cd29a3ebecbc093d52315b66d0" +dependencies = [ + "windows-targets", +] + +[[package]] +name = "windows-targets" +version = "0.42.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e2522491fbfcd58cc84d47aeb2958948c4b8982e9a2d8a2a35bbaed431390e7" +dependencies = [ + "windows_aarch64_gnullvm", + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_gnullvm", + "windows_x86_64_msvc", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.42.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c9864e83243fdec7fc9c5444389dcbbfd258f745e7853198f365e3c4968a608" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.42.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c8b1b673ffc16c47a9ff48570a9d85e25d265735c503681332589af6253c6c7" + +[[package]] +name = "windows_i686_gnu" +version = "0.42.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de3887528ad530ba7bdbb1faa8275ec7a1155a45ffa57c37993960277145d640" + +[[package]] +name = "windows_i686_msvc" +version = "0.42.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf4d1122317eddd6ff351aa852118a2418ad4214e6613a50e0191f7004372605" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.42.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1040f221285e17ebccbc2591ffdc2d44ee1f9186324dd3e84e99ac68d699c45" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.42.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "628bfdf232daa22b0d64fdb62b09fcc36bb01f05a3939e20ab73aaf9470d0463" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.42.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "447660ad36a13288b1db4d4248e857b510e8c3a225c822ba4fb748c0aafecffd" + +[[package]] +name = "winnow" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "faf09497b8f8b5ac5d3bb4d05c0a99be20f26fd3d5f2db7b0716e946d5103658" +dependencies = [ + "memchr", +] + +[[package]] +name = "winreg" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "80d0f4e272c85def139476380b12f9ac60926689dd2e01d4923222f40580869d" +dependencies = [ + "winapi", +] + +[[package]] +name = "wl-clipboard-rs" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "981a303dfbb75d659f6612d05a14b2e363c103d24f676a2d44a00d18507a1ad9" +dependencies = [ + "derive-new", + "libc", + "log", + "nix", + "os_pipe", + "tempfile", + "thiserror", + "tree_magic_mini", + "wayland-client", + "wayland-protocols", +] + +[[package]] +name = "x11-clipboard" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "89bd49c06c9eb5d98e6ba6536cf64ac9f7ee3a009b2f53996d405b3944f6bcea" +dependencies = [ + "xcb", +] + +[[package]] +name = "x11-clipboard" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0827f86aa910c4e73329a4f619deabe88ebb4b042370bf023c2d5d8b4eb54695" +dependencies = [ + "x11rb", +] + +[[package]] +name = "x11rb" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "592b4883219f345e712b3209c62654ebda0bb50887f330cbd018d0f654bfd507" +dependencies = [ + "gethostname", + "nix", + "winapi", + "winapi-wsapoll", + "x11rb-protocol", +] + +[[package]] +name = "x11rb-protocol" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56b245751c0ac9db0e006dc812031482784e434630205a93c73cfefcaabeac67" +dependencies = [ + "nix", +] + +[[package]] +name = "xattr" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d1526bbe5aaeb5eb06885f4d987bcdfa5e23187055de9b83fe00156a821fabc" +dependencies = [ + "libc", +] + +[[package]] +name = "xcb" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e917a3f24142e9ff8be2414e36c649d47d6cc2ba81f16201cdef96e533e02de" +dependencies = [ + "libc", + "log", +] + +[[package]] +name = "xi-unicode" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a67300977d3dc3f8034dae89778f502b6ba20b269527b3223ba59c0cf393bb8a" + +[[package]] +name = "xml-rs" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2d7d3948613f75c98fd9328cfdcc45acc4d360655289d0a7d4ec931392200a3" + +[[package]] +name = "xxhash-rust" +version = "0.8.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "735a71d46c4d68d71d4b24d03fdc2b98e38cea81730595801db779c04fe80d70" diff --git a/nixpkgs/pkgs/tools/security/ripasso/cursive.nix b/nixpkgs/pkgs/tools/security/ripasso/cursive.nix new file mode 100644 index 000000000000..b3e8274b450c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ripasso/cursive.nix @@ -0,0 +1,81 @@ +{ stdenv +, lib +, rustPlatform +, fetchFromGitHub +, pkg-config +, python3 +, openssl +, libgpg-error +, gpgme +, xorg +, nettle +, clang +, AppKit +, Security +, installShellFiles +}: + +rustPlatform.buildRustPackage rec { + version = "0.6.4"; + pname = "ripasso-cursive"; + + src = fetchFromGitHub { + owner = "cortex"; + repo = "ripasso"; + rev = "release-${version}"; + hash = "sha256-9wBaFq2KVfLTd1j8ZPoUlmZJDW2UhvGBAaCGX+qg92s="; + }; + + patches = [ + ./fix-tests.patch + ]; + + cargoPatches = [ + ./fix-build.patch + ]; + + cargoLock = { + lockFile = ./Cargo.lock; + outputHashes = { + "qml-0.0.9" = "sha256-ILqvUaH7nSu2JtEs8ox7KroOzYnU5ai44k1HE4Bz5gg="; + }; + }; + + cargoBuildFlags = [ "-p ripasso-cursive" ]; + + nativeBuildInputs = [ + pkg-config + gpgme + python3 + installShellFiles + clang + rustPlatform.bindgenHook + ]; + + buildInputs = [ + openssl + libgpg-error + gpgme + xorg.libxcb + nettle + ] ++ lib.optionals stdenv.isDarwin [ + AppKit + Security + ]; + + preCheck = '' + export HOME=$TMPDIR + ''; + + postInstall = '' + installManPage target/man-page/cursive/ripasso-cursive.1 + ''; + + meta = with lib; { + description = "A simple password manager written in Rust"; + homepage = "https://github.com/cortex/ripasso"; + license = licenses.gpl3; + maintainers = with maintainers; [ sgo ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ripasso/fix-build.patch b/nixpkgs/pkgs/tools/security/ripasso/fix-build.patch new file mode 100644 index 000000000000..eeaebd58dae6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ripasso/fix-build.patch @@ -0,0 +1,40 @@ +diff --git a/Cargo.lock b/Cargo.lock +index 8464bf70..659e66c0 100644 +--- a/Cargo.lock ++++ b/Cargo.lock +@@ -2702,7 +2702,7 @@ dependencies = [ + + [[package]] + name = "ripasso" +-version = "0.6.3" ++version = "0.6.4" + dependencies = [ + "anyhow", + "base64 0.21.0", +@@ -2730,7 +2730,7 @@ dependencies = [ + + [[package]] + name = "ripasso-cursive" +-version = "0.6.3" ++version = "0.6.4" + dependencies = [ + "chrono", + "cli-clipboard", +@@ -2753,7 +2753,7 @@ dependencies = [ + + [[package]] + name = "ripasso-gtk" +-version = "0.6.3" ++version = "0.6.4" + dependencies = [ + "clipboard", + "gdk", +@@ -2765,7 +2765,7 @@ dependencies = [ + + [[package]] + name = "ripasso-qt" +-version = "0.6.3" ++version = "0.6.4" + dependencies = [ + "clipboard", + "qml", diff --git a/nixpkgs/pkgs/tools/security/ripasso/fix-tests.patch b/nixpkgs/pkgs/tools/security/ripasso/fix-tests.patch new file mode 100644 index 000000000000..dbb4b2dfd318 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ripasso/fix-tests.patch @@ -0,0 +1,12 @@ +diff --git a/src/tests/test_helpers.rs b/src/tests/test_helpers.rs +index 73e4175..d2ed70b 100644 +--- a/src/tests/test_helpers.rs ++++ b/src/tests/test_helpers.rs +@@ -53,6 +53,7 @@ fn get_testres_path() -> PathBuf { + base_path.pop(); + base_path.pop(); + base_path.pop(); ++ base_path.pop(); + base_path.push("testres"); + + base_path diff --git a/nixpkgs/pkgs/tools/security/rng-tools/default.nix b/nixpkgs/pkgs/tools/security/rng-tools/default.nix new file mode 100644 index 000000000000..a5470f05613b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rng-tools/default.nix @@ -0,0 +1,87 @@ +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, libtool +, pkg-config +, psmisc +, argp-standalone +, openssl +, libcap +, jitterentropy, withJitterEntropy ? true + # WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS + # https://www.nist.gov/programs-projects/nist-randomness-beacon +, curl, jansson, libxml2, withNistBeacon ? false +, libp11, opensc, withPkcs11 ? true +, rtl-sdr, withRtlsdr ? true +, withQrypt ? false +}: + +stdenv.mkDerivation rec { + pname = "rng-tools"; + version = "6.16"; + + src = fetchFromGitHub { + owner = "nhorman"; + repo = pname; + rev = "v${version}"; + hash = "sha256-9pXQhG2nbu6bq4BnBgEOyyUBNkQTI5RhWmJIoLtFU+c="; + }; + + nativeBuildInputs = [ autoreconfHook libtool pkg-config ]; + + configureFlags = [ + (lib.enableFeature (withJitterEntropy) "jitterentropy") + (lib.withFeature (withNistBeacon) "nistbeacon") + (lib.withFeature (withPkcs11) "pkcs11") + (lib.withFeature (withRtlsdr) "rtlsdr") + (lib.withFeature (withQrypt) "qrypt") + ]; + + buildInputs = [ openssl libcap ] + ++ lib.optionals stdenv.hostPlatform.isMusl [ argp-standalone ] + ++ lib.optionals withJitterEntropy [ jitterentropy ] + ++ lib.optionals withNistBeacon [ curl jansson libxml2 ] + ++ lib.optionals withPkcs11 [ libp11 libp11.passthru.openssl ] + ++ lib.optionals withRtlsdr [ rtl-sdr ] + ++ lib.optionals withQrypt [ curl jansson ]; + + enableParallelBuilding = true; + + makeFlags = [ + "AR:=$(AR)" # For cross-compilation + ] ++ lib.optionals withPkcs11 [ + "PKCS11_ENGINE=${opensc}/lib/opensc-pkcs11.so" # Overrides configure script paths + ]; + + doCheck = true; + preCheck = '' + patchShebangs tests/*.sh + export RNGD_JITTER_TIMEOUT=10 + ''; + # After updating to jitterentropy 3.4.1 jitterentropy initialization seams + # to have increased. On some system rng-tools fail therefore to initialize the + # jitterentropy entropy source. You can increase the init timeout with a command-line + # option (-O jitter:timeout:SECONDS). The environment variable above only has effect + # for the test cases. + # Patching the timeout to a larger value was declined upstream, + # see (https://github.com/nhorman/rng-tools/pull/178). + nativeCheckInputs = [ psmisc ]; # rngtestjitter.sh needs killall + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + set -o pipefail + $out/bin/rngtest --version | grep $version + runHook postInstallCheck + ''; + + meta = with lib; { + description = "A random number generator daemon"; + homepage = "https://github.com/nhorman/rng-tools"; + changelog = "https://github.com/nhorman/rng-tools/releases/tag/v${version}"; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ johnazoidberg c0bw3b ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/rnp/default.nix b/nixpkgs/pkgs/tools/security/rnp/default.nix new file mode 100644 index 000000000000..9a3796aeb42e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rnp/default.nix @@ -0,0 +1,62 @@ +{ lib +, stdenv +, asciidoctor +, botan2 +, bzip2 +, cmake +, fetchFromGitHub +, gnupg +, gtest +, json_c +, pkg-config +, python3 +, sexpp +, zlib +}: + +stdenv.mkDerivation (finalAttrs: { + pname = "rnp"; + version = "0.17.0"; + + src = fetchFromGitHub { + owner = "rnpgp"; + repo = "rnp"; + rev = "v${finalAttrs.version}"; + hash = "sha256-4fB7Sl9+ATrJTRnhbNG5BoW3XLxR7IP167RK96+gxj0="; + }; + + buildInputs = [ zlib bzip2 json_c botan2 sexpp ]; + + patches = [ + ./unbundle-sexpp.patch + ./sexp_sexpp_rename.patch + ]; + + cmakeFlags = [ + "-DCMAKE_INSTALL_PREFIX=${placeholder "out"}" + "-DBUILD_SHARED_LIBS=on" + "-DBUILD_TESTING=on" + "-DDOWNLOAD_GTEST=off" + "-DDOWNLOAD_RUBYRNP=off" + ]; + + nativeBuildInputs = [ asciidoctor cmake gnupg gtest pkg-config python3 ]; + + # NOTE: check-only inputs should ideally be moved to nativeCheckInputs, but it + # would fail during buildPhase. + # nativeCheckInputs = [ gtest python3 ]; + + outputs = [ "out" "lib" "dev" ]; + + preConfigure = '' + echo "v${finalAttrs.version}" > version.txt + ''; + + meta = with lib; { + homepage = "https://github.com/rnpgp/rnp"; + description = "High performance C++ OpenPGP library, fully compliant to RFC 4880"; + license = licenses.bsd2; + platforms = platforms.all; + maintainers = with maintainers; [ ribose-jeffreylau ]; + }; +}) diff --git a/nixpkgs/pkgs/tools/security/rnp/sexp_sexpp_rename.patch b/nixpkgs/pkgs/tools/security/rnp/sexp_sexpp_rename.patch new file mode 100644 index 000000000000..a86d205139f7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rnp/sexp_sexpp_rename.patch @@ -0,0 +1,50 @@ +diff --git i/src/lib/CMakeLists.txt w/src/lib/CMakeLists.txt +index 086ac57d..2ce59ca1 100755 +--- i/src/lib/CMakeLists.txt ++++ w/src/lib/CMakeLists.txt +@@ -328,7 +328,7 @@ elseif (CRYPTO_BACKEND_OPENSSL) + target_link_libraries(librnp-obj PRIVATE OpenSSL::Crypto) + endif() + +-target_link_libraries(librnp-obj PRIVATE sexp) ++target_link_libraries(librnp-obj PRIVATE sexpp) + + set_target_properties(librnp-obj PROPERTIES CXX_VISIBILITY_PRESET hidden) + if (TARGET BZip2::BZip2) +@@ -384,7 +384,7 @@ foreach (prop LINK_LIBRARIES INTERFACE_LINK_LIBRARIES INCLUDE_DIRECTORIES INTERF + get_target_property(val librnp-obj ${prop}) + if (BUILD_SHARED_LIBS) + set_property(TARGET librnp-static PROPERTY ${prop} ${val}) +- list(REMOVE_ITEM val "$<LINK_ONLY:sexp>") ++ list(REMOVE_ITEM val "$<LINK_ONLY:sexpp>") + set_property(TARGET librnp PROPERTY ${prop} ${val}) + else() + set_property(TARGET librnp PROPERTY ${prop} ${val}) +diff --git i/src/librekey/g23_sexp.hpp w/src/librekey/g23_sexp.hpp +index b888680f..b062c52f 100644 +--- i/src/librekey/g23_sexp.hpp ++++ w/src/librekey/g23_sexp.hpp +@@ -27,8 +27,8 @@ + #ifndef RNP_G23_SEXP_HPP + #define RNP_G23_SEXP_HPP + +-#include "sexp/sexp.h" +-#include "sexp/ext-key-format.h" ++#include "sexpp/sexp.h" ++#include "sexpp/ext-key-format.h" + + #define SXP_MAX_DEPTH 30 + +diff --git i/src/tests/CMakeLists.txt w/src/tests/CMakeLists.txt +index 7d2a6b0c..88aeaf9f 100644 +--- i/src/tests/CMakeLists.txt ++++ w/src/tests/CMakeLists.txt +@@ -176,7 +176,7 @@ target_link_libraries(rnp_tests + PRIVATE + librnp-static + JSON-C::JSON-C +- sexp ++ sexpp + ${GTestMain} + ) + if (CRYPTO_BACKEND_LOWERCASE STREQUAL "openssl") diff --git a/nixpkgs/pkgs/tools/security/rnp/unbundle-sexpp.patch b/nixpkgs/pkgs/tools/security/rnp/unbundle-sexpp.patch new file mode 100644 index 000000000000..dcbf92948a28 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rnp/unbundle-sexpp.patch @@ -0,0 +1,38 @@ +diff --git i/CMakeLists.txt w/CMakeLists.txt +index bb6d40cb..30171e7c 100644 +--- i/CMakeLists.txt ++++ w/CMakeLists.txt +@@ -176,11 +176,6 @@ if (ENABLE_FUZZERS) + endif() + add_subdirectory(src/common) + +-set(WITH_SEXP_CLI OFF) +-set(WITH_SEXP_TESTS OFF) +-set(CMAKE_INSTALL_DEFAULT_COMPONENT_NAME development) +-add_subdirectory(src/libsexp EXCLUDE_FROM_ALL) +- + add_subdirectory(src/lib) + add_subdirectory(src/rnp) + add_subdirectory(src/rnpkeys) +diff --git i/src/lib/CMakeLists.txt w/src/lib/CMakeLists.txt +index 086ac57d..b219ef06 100755 +--- i/src/lib/CMakeLists.txt ++++ w/src/lib/CMakeLists.txt +@@ -433,7 +433,7 @@ install(TARGETS librnp + COMPONENT development + ) + +- install(TARGETS librnp-static sexp ++ install(TARGETS librnp-static + EXPORT rnp-targets + ARCHIVE + DESTINATION "${CMAKE_INSTALL_LIBDIR}" +@@ -441,7 +441,7 @@ install(TARGETS librnp + ) + else(BUILD_SHARED_LIBS) + # static libraries only +-install(TARGETS librnp sexp ++install(TARGETS librnp + EXPORT rnp-targets + ARCHIVE + DESTINATION "${CMAKE_INSTALL_LIBDIR}" diff --git a/nixpkgs/pkgs/tools/security/ronin/Gemfile b/nixpkgs/pkgs/tools/security/ronin/Gemfile new file mode 100644 index 000000000000..94dd203e9e08 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ronin/Gemfile @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +source "https://rubygems.org" + +gem "net-ftp" +gem "net-imap" +gem "net-pop" +gem "net-smtp" +gem "ronin" diff --git a/nixpkgs/pkgs/tools/security/ronin/Gemfile.lock b/nixpkgs/pkgs/tools/security/ronin/Gemfile.lock new file mode 100644 index 000000000000..4157e5994130 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ronin/Gemfile.lock @@ -0,0 +1,245 @@ +GEM + remote: https://rubygems.org/ + specs: + activemodel (7.1.0) + activesupport (= 7.1.0) + activerecord (7.1.0) + activemodel (= 7.1.0) + activesupport (= 7.1.0) + timeout (>= 0.4.0) + activesupport (7.1.0) + base64 + bigdecimal + concurrent-ruby (~> 1.0, >= 1.0.2) + connection_pool (>= 2.2.5) + drb + i18n (>= 1.6, < 2) + minitest (>= 5.1) + mutex_m + tzinfo (~> 2.0) + addressable (2.8.5) + public_suffix (>= 2.0.2, < 6.0) + async (2.6.4) + console (~> 1.10) + fiber-annotation + io-event (~> 1.1) + timers (~> 4.1) + async-io (1.36.0) + async + base64 (0.1.1) + bigdecimal (3.1.4) + chars (0.3.2) + combinatorics (0.4.4) + command_kit (0.4.0) + command_mapper (0.3.1) + concurrent-ruby (1.2.2) + connection_pool (2.4.1) + console (1.23.2) + fiber-annotation + fiber-local + date (3.3.3) + domain_name (0.5.20190701) + unf (>= 0.0.5, < 1.0.0) + drb (2.1.1) + ruby2_keywords + fake_io (0.1.0) + fiber-annotation (0.2.0) + fiber-local (1.0.0) + hexdump (1.0.0) + http-cookie (1.0.5) + domain_name (~> 0.5) + i18n (1.14.1) + concurrent-ruby (~> 1.0) + io-console (0.6.0) + io-event (1.3.2) + irb (1.8.1) + rdoc + reline (>= 0.3.8) + mechanize (2.9.1) + addressable (~> 2.8) + domain_name (~> 0.5, >= 0.5.20190701) + http-cookie (~> 1.0, >= 1.0.3) + mime-types (~> 3.0) + net-http-digest_auth (~> 1.4, >= 1.4.1) + net-http-persistent (>= 2.5.2, < 5.0.dev) + nokogiri (~> 1.11, >= 1.11.2) + rubyntlm (~> 0.6, >= 0.6.3) + webrick (~> 1.7) + webrobots (~> 0.1.2) + mime-types (3.5.1) + mime-types-data (~> 3.2015) + mime-types-data (3.2023.1003) + mini_portile2 (2.8.4) + minitest (5.20.0) + mustermann (3.0.0) + ruby2_keywords (~> 0.0.1) + mutex_m (0.1.2) + net-ftp (0.2.0) + net-protocol + time + net-http-digest_auth (1.4.1) + net-http-persistent (4.0.2) + connection_pool (~> 2.2) + net-imap (0.4.1) + date + net-protocol + net-pop (0.1.2) + net-protocol + net-protocol (0.2.1) + timeout + net-smtp (0.4.0) + net-protocol + nokogiri (1.15.4) + mini_portile2 (~> 2.8.2) + racc (~> 1.4) + nokogiri-diff (0.2.0) + nokogiri (~> 1.5) + tdiff (~> 0.3, >= 0.3.2) + nokogiri-ext (0.1.0) + nokogiri (~> 1.0) + open_namespace (0.4.1) + psych (5.1.0) + stringio + public_suffix (5.0.3) + racc (1.7.1) + rack (2.2.8) + rack-protection (3.1.0) + rack (~> 2.2, >= 2.2.4) + rack-user_agent (0.5.3) + rack (>= 1.5) + woothee (>= 1.0.0) + rdoc (6.5.0) + psych (>= 4.0.0) + reline (0.3.9) + io-console (~> 0.5) + ronin (2.0.5) + async-io (~> 1.0) + open_namespace (~> 0.4) + ronin-code-asm (~> 1.0) + ronin-code-sql (~> 2.0) + ronin-core (~> 0.1, >= 0.1.2) + ronin-db (~> 0.1) + ronin-exploits (~> 1.0, >= 1.0.1) + ronin-fuzzer (~> 0.1) + ronin-payloads (~> 0.1, >= 0.1.1) + ronin-repos (~> 0.1) + ronin-support (~> 1.0, >= 1.0.3) + ronin-vulns (~> 0.1, >= 0.1.2) + ronin-web (~> 1.0, >= 1.0.1) + rouge (~> 3.0) + wordlist (~> 1.0, >= 1.0.3) + ronin-code-asm (1.0.0) + ruby-yasm (~> 0.3) + ronin-code-sql (2.1.0) + ronin-support (~> 1.0) + ronin-core (0.1.2) + command_kit (~> 0.4) + irb (~> 1.0) + reline (~> 0.1) + ronin-db (0.1.2) + ronin-core (~> 0.1) + ronin-db-activerecord (~> 0.1) + ronin-support (~> 1.0) + sqlite3 (~> 1.0) + ronin-db-activerecord (0.1.2) + activerecord (~> 7.0) + uri-query_params (~> 0.6) + ronin-exploits (1.0.3) + ronin-code-sql (~> 2.0) + ronin-core (~> 0.1) + ronin-payloads (~> 0.1, >= 0.1.1) + ronin-post_ex (~> 0.1) + ronin-repos (~> 0.1) + ronin-support (~> 1.0, >= 1.0.1) + ronin-vulns (~> 0.1, >= 0.1.1) + uri-query_params (~> 0.6) + ronin-fuzzer (0.1.0) + combinatorics (~> 0.4) + ronin-core (~> 0.1) + ronin-support (~> 1.0) + ronin-payloads (0.1.4) + ronin-code-asm (~> 1.0) + ronin-core (~> 0.1) + ronin-post_ex (~> 0.1) + ronin-repos (~> 0.1) + ronin-support (~> 1.0) + ronin-post_ex (0.1.0) + fake_io (~> 0.1) + hexdump (~> 1.0) + ronin-core (~> 0.1) + ronin-repos (0.1.1) + ronin-core (~> 0.1) + ronin-support (1.0.3) + addressable (~> 2.0) + chars (~> 0.3, >= 0.3.2) + combinatorics (~> 0.4) + hexdump (~> 1.0) + uri-query_params (~> 0.8) + ronin-vulns (0.1.4) + ronin-core (~> 0.1) + ronin-support (~> 1.0, >= 1.0.1) + ronin-web (1.0.2) + mechanize (~> 2.0) + nokogiri (~> 1.4) + nokogiri-diff (~> 0.2) + nokogiri-ext (~> 0.1) + open_namespace (~> 0.4) + ronin-core (~> 0.1) + ronin-support (~> 1.0) + ronin-web-server (~> 0.1, >= 0.1.1) + ronin-web-spider (~> 0.1) + ronin-web-user_agents (~> 0.1) + ronin-web-server (0.1.1) + rack (~> 2.2) + rack-user_agent (~> 0.5) + ronin-support (~> 1.0) + sinatra (~> 3.0) + webrick (~> 1.0) + ronin-web-spider (0.1.0) + ronin-support (~> 1.0) + spidr (~> 0.7) + ronin-web-user_agents (0.1.0) + rouge (3.30.0) + ruby-yasm (0.3.0) + command_mapper (~> 0.1) + ruby2_keywords (0.0.5) + rubyntlm (0.6.3) + sinatra (3.1.0) + mustermann (~> 3.0) + rack (~> 2.2, >= 2.2.4) + rack-protection (= 3.1.0) + tilt (~> 2.0) + spidr (0.7.0) + nokogiri (~> 1.3) + sqlite3 (1.6.6) + mini_portile2 (~> 2.8.0) + stringio (3.0.8) + tdiff (0.3.4) + tilt (2.3.0) + time (0.2.2) + date + timeout (0.4.0) + timers (4.3.5) + tzinfo (2.0.6) + concurrent-ruby (~> 1.0) + unf (0.1.4) + unf_ext + unf_ext (0.0.8.2) + uri-query_params (0.8.1) + webrick (1.8.1) + webrobots (0.1.2) + woothee (1.13.0) + wordlist (1.1.0) + +PLATFORMS + ruby + +DEPENDENCIES + net-ftp + net-imap + net-pop + net-smtp + ronin + +BUNDLED WITH + 2.3.26 diff --git a/nixpkgs/pkgs/tools/security/ronin/default.nix b/nixpkgs/pkgs/tools/security/ronin/default.nix new file mode 100644 index 000000000000..1bf98ae9eafc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ronin/default.nix @@ -0,0 +1,31 @@ +{ lib, bundlerEnv, bundlerUpdateScript, defaultGemConfig, yasm }: + +bundlerEnv { + name = "ronin"; + gemdir = ./.; + + gemConfig = defaultGemConfig // { + ronin-code-asm = attrs: { + dontBuild = false; + postPatch = '' + substituteInPlace lib/ronin/code/asm/program.rb \ + --replace "YASM::Command.run(" "YASM::Command.run( + command_path: '${yasm}/bin/yasm'," + ''; + }; + }; + + postBuild = '' + shopt -s extglob + rm $out/bin/!(ronin*) + ''; + + passthru.updateScript = bundlerUpdateScript "ronin"; + + meta = with lib; { + description = "A free and Open Source Ruby toolkit for security research and development"; + homepage = "https://ronin-rb.dev"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ Ch1keen ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ronin/gemset.nix b/nixpkgs/pkgs/tools/security/ronin/gemset.nix new file mode 100644 index 000000000000..fdb3c9225d0e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ronin/gemset.nix @@ -0,0 +1,964 @@ +{ + activemodel = { + dependencies = ["activesupport"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "01jrk2i6vp8jcll65d03mqmp1ibxa0ip7bdg5157fkm5syblzsqw"; + type = "gem"; + }; + version = "7.1.0"; + }; + activerecord = { + dependencies = ["activemodel" "activesupport" "timeout"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1lpcbgqbrb3yfk3i66mnxa5i36r0ig9dwzksjbm15i30rndr27p5"; + type = "gem"; + }; + version = "7.1.0"; + }; + activesupport = { + dependencies = ["base64" "bigdecimal" "concurrent-ruby" "connection_pool" "drb" "i18n" "minitest" "mutex_m" "tzinfo"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1xpwx7hw7mgmjk3w3g8bkz5jfapixhgn3ihly0xkpyvgp1shp8h1"; + type = "gem"; + }; + version = "7.1.0"; + }; + addressable = { + dependencies = ["public_suffix"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "05r1fwy487klqkya7vzia8hnklcxy4vr92m9dmni3prfwk6zpw33"; + type = "gem"; + }; + version = "2.8.5"; + }; + async = { + dependencies = ["console" "fiber-annotation" "io-event" "timers"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "02ng89h9s4wwpncyqbkm9n26swp4q45dkvqsb2fpmkan32zn48ji"; + type = "gem"; + }; + version = "2.6.4"; + }; + async-io = { + dependencies = ["async"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "11lgd7276rgy651zwbzvbsz8q0k09ljgngyhsppy7kvkjzj25n58"; + type = "gem"; + }; + version = "1.36.0"; + }; + base64 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0cydk9p2cv25qysm0sn2pb97fcpz1isa7n3c8xm1gd99li8x6x8c"; + type = "gem"; + }; + version = "0.1.1"; + }; + bigdecimal = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "07y615s8yldk3k13lmkhpk1k190lcqvmxmnjwgh4bzjan9xrc36y"; + type = "gem"; + }; + version = "3.1.4"; + }; + chars = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "18lgsszrrh3xnaym2jdz7g5gm7c8hv5faj7zyrm1ws9l107jrhr5"; + type = "gem"; + }; + version = "0.3.2"; + }; + combinatorics = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1sf0pj29xzriwsqv607iwzs76piac6kygqxpg0i59qwx029100fw"; + type = "gem"; + }; + version = "0.4.4"; + }; + command_kit = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "179mlrnzj56ghviyvvwk0kdfyvr050yk4jj4nwb78izlbxw1wl1m"; + type = "gem"; + }; + version = "0.4.0"; + }; + command_mapper = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1v363y9g7zxfx2y7p50hdvxj6c0a8mfh30wac2rm3ibldspcjmn1"; + type = "gem"; + }; + version = "0.3.1"; + }; + concurrent-ruby = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0krcwb6mn0iklajwngwsg850nk8k9b35dhmc2qkbdqvmifdi2y9q"; + type = "gem"; + }; + version = "1.2.2"; + }; + connection_pool = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1x32mcpm2cl5492kd6lbjbaf17qsssmpx9kdyr7z1wcif2cwyh0g"; + type = "gem"; + }; + version = "2.4.1"; + }; + console = { + dependencies = ["fiber-annotation" "fiber-local"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "150wdj94qg8c95b9v1g7ak5a9g159wxfanclpihrz9p9qbv1ga0w"; + type = "gem"; + }; + version = "1.23.2"; + }; + date = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "03skfikihpx37rc27vr3hwrb057gxnmdzxhmzd4bf4jpkl0r55w1"; + type = "gem"; + }; + version = "3.3.3"; + }; + domain_name = { + dependencies = ["unf"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0lcqjsmixjp52bnlgzh4lg9ppsk52x9hpwdjd53k8jnbah2602h0"; + type = "gem"; + }; + version = "0.5.20190701"; + }; + drb = { + dependencies = ["ruby2_keywords"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0h9c2qiam82y3caapa2x157j1lkk9954hrjg3p22hxcsk8fli3vb"; + type = "gem"; + }; + version = "2.1.1"; + }; + fake_io = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "10559cnd2cqllql8ibd0zx0rvq8xk0qll5sqa4khb5963596ldmn"; + type = "gem"; + }; + version = "0.1.0"; + }; + fiber-annotation = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "00vcmynyvhny8n4p799rrhcx0m033hivy0s1gn30ix8rs7qsvgvs"; + type = "gem"; + }; + version = "0.2.0"; + }; + fiber-local = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1vrxxb09fc7aicb9zb0pmn5akggjy21dmxkdl3w949y4q05rldr9"; + type = "gem"; + }; + version = "1.0.0"; + }; + hexdump = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1787w456yzmy4c13ray228n89a5wz6p6k3ibssjvy955qlr44b7g"; + type = "gem"; + }; + version = "1.0.0"; + }; + http-cookie = { + dependencies = ["domain_name"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13rilvlv8kwbzqfb644qp6hrbsj82cbqmnzcvqip1p6vqx36sxbk"; + type = "gem"; + }; + version = "1.0.5"; + }; + i18n = { + dependencies = ["concurrent-ruby"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0qaamqsh5f3szhcakkak8ikxlzxqnv49n2p7504hcz2l0f4nj0wx"; + type = "gem"; + }; + version = "1.14.1"; + }; + io-console = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dikardh14c72gd9ypwh8dim41wvqmzfzf35mincaj5yals9m7ff"; + type = "gem"; + }; + version = "0.6.0"; + }; + io-event = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1m2x5m2m8fa83p5890byf46qb4s1073vn3z6gan9jmbq2a5w0iy8"; + type = "gem"; + }; + version = "1.3.2"; + }; + irb = { + dependencies = ["rdoc" "reline"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "17p6arsklbzh2hvwwr8i4cfrpa7vhk8q88fhickhwmn7m80lxdw7"; + type = "gem"; + }; + version = "1.8.1"; + }; + mechanize = { + dependencies = ["addressable" "domain_name" "http-cookie" "mime-types" "net-http-digest_auth" "net-http-persistent" "nokogiri" "rubyntlm" "webrick" "webrobots"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08lcl3qwgi8r3q0hm5ysmj7j5xqb289kqrd15w09anirj36jc80z"; + type = "gem"; + }; + version = "2.9.1"; + }; + mime-types = { + dependencies = ["mime-types-data"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0q8d881k1b3rbsfcdi3fx0b5vpdr5wcrhn88r2d9j7zjdkxp5mw5"; + type = "gem"; + }; + version = "3.5.1"; + }; + mime-types-data = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0yjv0apysnrhbc70ralinfpcqn9382lxr643swp7a5sdwpa9cyqg"; + type = "gem"; + }; + version = "3.2023.1003"; + }; + mini_portile2 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "02mj8mpd6ck5gpcnsimx5brzggw5h5mmmpq2djdypfq16wcw82qq"; + type = "gem"; + }; + version = "2.8.4"; + }; + minitest = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bkmfi9mb49m0fkdhl2g38i3xxa02d411gg0m8x0gvbwfmmg5ym3"; + type = "gem"; + }; + version = "5.20.0"; + }; + mustermann = { + dependencies = ["ruby2_keywords"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rwbq20s2gdh8dljjsgj5s6wqqfmnbclhvv2c2608brv7jm6jdbd"; + type = "gem"; + }; + version = "3.0.0"; + }; + mutex_m = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1pkxnp7p44kvs460bbbgjarr7xy1j8kjjmhwkg1kypj9wgmwb6qa"; + type = "gem"; + }; + version = "0.1.2"; + }; + net-ftp = { + dependencies = ["net-protocol" "time"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bqy9xg5225x102873j1qqq1bvnwfbi8lnf4357mpq6wimnw9pf9"; + type = "gem"; + }; + version = "0.2.0"; + }; + net-http-digest_auth = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1nq859b0gh2vjhvl1qh1zrk09pc7p54r9i6nnn6sb06iv07db2jb"; + type = "gem"; + }; + version = "1.4.1"; + }; + net-http-persistent = { + dependencies = ["connection_pool"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0i1as2lgnw7b4jid0gw5glv5hnxz36nmfsbr9rmxbcap72ijgy03"; + type = "gem"; + }; + version = "4.0.2"; + }; + net-imap = { + dependencies = ["date" "net-protocol"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0d0r31b79appz95dd63wmasly1qjz3hn58ffxw6ix4mqk49jcbq2"; + type = "gem"; + }; + version = "0.4.1"; + }; + net-pop = { + dependencies = ["net-protocol"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1wyz41jd4zpjn0v1xsf9j778qx1vfrl24yc20cpmph8k42c4x2w4"; + type = "gem"; + }; + version = "0.1.2"; + }; + net-protocol = { + dependencies = ["timeout"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dxckrlw4q1lcn3qg4mimmjazmg9bma5gllv72f8js3p36fb3b91"; + type = "gem"; + }; + version = "0.2.1"; + }; + net-smtp = { + dependencies = ["net-protocol"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1rx3758w0bmbr21s2nsc6llflsrnp50fwdnly3ixra4v53gbhzid"; + type = "gem"; + }; + version = "0.4.0"; + }; + nokogiri = { + dependencies = ["mini_portile2" "racc"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0k9w2z0953mnjrsji74cshqqp08q7m1r6zhadw1w0g34xzjh3a74"; + type = "gem"; + }; + version = "1.15.4"; + }; + nokogiri-diff = { + dependencies = ["nokogiri" "tdiff"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0njr1s42war0bj1axb2psjvk49l74a8wzr799wckqqdcb6n51lc1"; + type = "gem"; + }; + version = "0.2.0"; + }; + nokogiri-ext = { + dependencies = ["nokogiri"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0y1yflr1989vfy46lxhvs5njlskwiv08akkjybnh8n0cdqms4lhs"; + type = "gem"; + }; + version = "0.1.0"; + }; + open_namespace = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "11j392gl62ibhkidjrjfnb3sygmqmvsc7zd5bhmnigd65x5gs310"; + type = "gem"; + }; + version = "0.4.1"; + }; + psych = { + dependencies = ["stringio"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1msambb54r3d1sg6smyj4k2pj9h9lz8jq4jamip7ivcyv32a85vz"; + type = "gem"; + }; + version = "5.1.0"; + }; + public_suffix = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0n9j7mczl15r3kwqrah09cxj8hxdfawiqxa60kga2bmxl9flfz9k"; + type = "gem"; + }; + version = "5.0.3"; + }; + racc = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "11v3l46mwnlzlc371wr3x6yylpgafgwdf0q7hc7c1lzx6r414r5g"; + type = "gem"; + }; + version = "1.7.1"; + }; + rack = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15rdwbyk71c9nxvd527bvb8jxkcys8r3dj3vqra5b3sa63qs30vv"; + type = "gem"; + }; + version = "2.2.8"; + }; + rack-protection = { + dependencies = ["rack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xsz78hccgza144n37bfisdkzpr2c8m0xl6rnlzgxdbsm1zrkg7r"; + type = "gem"; + }; + version = "3.1.0"; + }; + rack-user_agent = { + dependencies = ["rack" "woothee"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1l1gw8xx1g04kdxc89hsy4aawdz8r2an4b78yzk9cc3y8qmw16v7"; + type = "gem"; + }; + version = "0.5.3"; + }; + rdoc = { + dependencies = ["psych"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "05r2cxscapr9saqjw8dlp89as7jvc2mlz1h5kssrmkbz105qmfcm"; + type = "gem"; + }; + version = "6.5.0"; + }; + reline = { + dependencies = ["io-console"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0187pj9k7d8kdvzjk6r6mf7z7wy18saxxhn7x7pqc840w6h4s0ja"; + type = "gem"; + }; + version = "0.3.9"; + }; + ronin = { + dependencies = ["async-io" "open_namespace" "ronin-code-asm" "ronin-code-sql" "ronin-core" "ronin-db" "ronin-exploits" "ronin-fuzzer" "ronin-payloads" "ronin-repos" "ronin-support" "ronin-vulns" "ronin-web" "rouge" "wordlist"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0v1v1xb2brgajhh1w38qs4lhnmgygymh1q0q63xpwq32w7a5k7s3"; + type = "gem"; + }; + version = "2.0.5"; + }; + ronin-code-asm = { + dependencies = ["ruby-yasm"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0faic3m95nhr7wrh7visdj45qaah7dvnl0afl4a5gmy6ybij16zl"; + type = "gem"; + }; + version = "1.0.0"; + }; + ronin-code-sql = { + dependencies = ["ronin-support"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1z6ynbrbzlkab1fbhccghr2xm6dak9xb2djqjlc6nai3fdhid1v8"; + type = "gem"; + }; + version = "2.1.0"; + }; + ronin-core = { + dependencies = ["command_kit" "irb" "reline"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1s2hndkdh4pw6xppq4jqn30fk2b26gk08yym5gavlzkcg5k17vvd"; + type = "gem"; + }; + version = "0.1.2"; + }; + ronin-db = { + dependencies = ["ronin-core" "ronin-db-activerecord" "ronin-support" "sqlite3"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0fiqdk1rnqk86icx27z531yc1qjs2n41nw9p361980wg0j8b4hsj"; + type = "gem"; + }; + version = "0.1.2"; + }; + ronin-db-activerecord = { + dependencies = ["activerecord" "uri-query_params"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0igw9syk4psdmijji0cx1dhrv76r1abji8fzdndnrn5h819b2fm3"; + type = "gem"; + }; + version = "0.1.2"; + }; + ronin-exploits = { + dependencies = ["ronin-code-sql" "ronin-core" "ronin-payloads" "ronin-post_ex" "ronin-repos" "ronin-support" "ronin-vulns" "uri-query_params"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1g2ilmmn6vccjn1i72wyakvjlh0b1qrgnw2nshl9f50j7yj93xpn"; + type = "gem"; + }; + version = "1.0.3"; + }; + ronin-fuzzer = { + dependencies = ["combinatorics" "ronin-core" "ronin-support"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "19sc4kk6lwpq6fd23dmji0vf4mjkf1z5pjq4wp0xs2cby2fzld5p"; + type = "gem"; + }; + version = "0.1.0"; + }; + ronin-payloads = { + dependencies = ["ronin-code-asm" "ronin-core" "ronin-post_ex" "ronin-repos" "ronin-support"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1gsgbw90xmwwnpc8i873wwgia56hcjkhlyjpxl7s4yvd7ml7pj0f"; + type = "gem"; + }; + version = "0.1.4"; + }; + ronin-post_ex = { + dependencies = ["fake_io" "hexdump" "ronin-core"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dcpnlz8niqjjm5d9z8khg53acl7xn5dgliv70svsncc3h0hx0w7"; + type = "gem"; + }; + version = "0.1.0"; + }; + ronin-repos = { + dependencies = ["ronin-core"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0c453qw7xr4vsq2y5dlnihfmzy95q3xjbfl5cm1y0xwzdm7ibbzx"; + type = "gem"; + }; + version = "0.1.1"; + }; + ronin-support = { + dependencies = ["addressable" "chars" "combinatorics" "hexdump" "uri-query_params"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0k2vs6mkcyx0h7k3rjs2bwqimhkfa2m50ll8rgm7zygxz3f6gny3"; + type = "gem"; + }; + version = "1.0.3"; + }; + ronin-vulns = { + dependencies = ["ronin-core" "ronin-support"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1p00xrj71436g301b0wnq23ps89x4g9mmzvkghw9sqyfazgc829f"; + type = "gem"; + }; + version = "0.1.4"; + }; + ronin-web = { + dependencies = ["mechanize" "nokogiri" "nokogiri-diff" "nokogiri-ext" "open_namespace" "ronin-core" "ronin-support" "ronin-web-server" "ronin-web-spider" "ronin-web-user_agents"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "06rh7hrkj4yl6pn1m3isfim2sk5vb3ap3rba91bw7drcqsra7fmw"; + type = "gem"; + }; + version = "1.0.2"; + }; + ronin-web-server = { + dependencies = ["rack" "rack-user_agent" "ronin-support" "sinatra" "webrick"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "14p1z2s20dkipb6rp2wyjc91dz6bjn5v8nv68m54my7p1vac05zk"; + type = "gem"; + }; + version = "0.1.1"; + }; + ronin-web-spider = { + dependencies = ["ronin-support" "spidr"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0592llhzm8miy0lj4xsb4h0ppy18wmwqi54rjzzsm7h3d2py7iv9"; + type = "gem"; + }; + version = "0.1.0"; + }; + ronin-web-user_agents = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1shca7bsc09hag7ax3js9xszw71mnf1ywrf0l0pk40hfqmnnaxcl"; + type = "gem"; + }; + version = "0.1.0"; + }; + rouge = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1dnfkrk8xx2m8r3r9m2p5xcq57viznyc09k7r3i4jbm758i57lx3"; + type = "gem"; + }; + version = "3.30.0"; + }; + ruby-yasm = { + dependencies = ["command_mapper"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1vf0kdaaysx9kr7v8rl0hl0j73zkfkg7zqvg0b41sgfg3zfib0ap"; + type = "gem"; + }; + version = "0.3.0"; + }; + ruby2_keywords = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1vz322p8n39hz3b4a9gkmz9y7a5jaz41zrm2ywf31dvkqm03glgz"; + type = "gem"; + }; + version = "0.0.5"; + }; + rubyntlm = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0b8hczk8hysv53ncsqzx4q6kma5gy5lqc7s5yx8h64x3vdb18cjv"; + type = "gem"; + }; + version = "0.6.3"; + }; + sinatra = { + dependencies = ["mustermann" "rack" "rack-protection" "tilt"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "00541cnypsh1mnilfxxqlz6va9afrixf9m1asn4wzjp5m59777p8"; + type = "gem"; + }; + version = "3.1.0"; + }; + spidr = { + dependencies = ["nokogiri"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15gjqry61z93f4p84x5b1bi6f65xd4djax0563ljngmsckyg7xg5"; + type = "gem"; + }; + version = "0.7.0"; + }; + sqlite3 = { + dependencies = ["mini_portile2"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15415lmz69jbzl6nch4q5l2jxv054676nk6y0vgy0g3iklmjrxvc"; + type = "gem"; + }; + version = "1.6.6"; + }; + stringio = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ix96dxbjqlpymdigb4diwrifr0bq7qhsrng95fkkp18av326nqk"; + type = "gem"; + }; + version = "3.0.8"; + }; + tdiff = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rjvqyyxrybzhaqmgh4zjcdrvmqyqcqqbq4vda39idhrqcd2gy67"; + type = "gem"; + }; + version = "0.3.4"; + }; + tilt = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0p3l7v619hwfi781l3r7ypyv1l8hivp09r18kmkn6g11c4yr1pc2"; + type = "gem"; + }; + version = "2.3.0"; + }; + time = { + dependencies = ["date"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13pzdsgf3v06mymzipcpa7p80shyw328ybn775nzpnhc6n8y9g30"; + type = "gem"; + }; + version = "0.2.2"; + }; + timeout = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1d9cvm0f4zdpwa795v3zv4973y5zk59j7s1x3yn90jjrhcz1yvfd"; + type = "gem"; + }; + version = "0.4.0"; + }; + timers = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0pjzipnmzfywvgsr3gxwj6nmg47lz4700g0q71jgcy1z6rb7dn7p"; + type = "gem"; + }; + version = "4.3.5"; + }; + tzinfo = { + dependencies = ["concurrent-ruby"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "16w2g84dzaf3z13gxyzlzbf748kylk5bdgg3n1ipvkvvqy685bwd"; + type = "gem"; + }; + version = "2.0.6"; + }; + unf = { + dependencies = ["unf_ext"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bh2cf73i2ffh4fcpdn9ir4mhq8zi50ik0zqa1braahzadx536a9"; + type = "gem"; + }; + version = "0.1.4"; + }; + unf_ext = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1yj2nz2l101vr1x9w2k83a0fag1xgnmjwp8w8rw4ik2rwcz65fch"; + type = "gem"; + }; + version = "0.0.8.2"; + }; + uri-query_params = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08i91q1q2fvjq7n21p4f4pryi8b9msknrgwz132spvhm4l55n6l6"; + type = "gem"; + }; + version = "0.8.1"; + }; + webrick = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13qm7s0gr2pmfcl7dxrmq38asaza4w0i2n9my4yzs499j731wh8r"; + type = "gem"; + }; + version = "1.8.1"; + }; + webrobots = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "19ndcbba8s8m62hhxxfwn83nax34rg2k5x066awa23wknhnamg7b"; + type = "gem"; + }; + version = "0.1.2"; + }; + woothee = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xg31qi09swgsf46b9ba38z2jav2516bg3kg7xf1wfbzw8mpd3fc"; + type = "gem"; + }; + version = "1.13.0"; + }; + wordlist = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "06d4nj2nd172sn5yjw9qmpz7zqnymadbsxph741yx2h9va8q0qgd"; + type = "gem"; + }; + version = "1.1.0"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/routersploit/default.nix b/nixpkgs/pkgs/tools/security/routersploit/default.nix new file mode 100644 index 000000000000..e147e8feac0b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/routersploit/default.nix @@ -0,0 +1,56 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "routersploit"; + version = "unstable-2021-02-06"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "threat9"; + repo = pname; + rev = "3fd394637f5566c4cf6369eecae08c4d27f93cda"; + hash = "sha256-IET0vL0VVP9ZNn75hKdTCiEmOZRHHYICykhzW2g3LEg="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + future + paramiko + pycryptodome + pysnmp + requests + setuptools + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytest-xdist + pytestCheckHook + threat9-test-bed + ]; + + postInstall = '' + mv $out/bin/rsf.py $out/bin/rsf + ''; + + pythonImportsCheck = [ + "routersploit" + ]; + + pytestFlagsArray = [ + "-n" + "$NIX_BUILD_CORES" + # Run the same tests as upstream does in the first round + "tests/core/" + "tests/test_exploit_scenarios.py" + "tests/test_module_info.py" + ]; + + meta = with lib; { + description = "Exploitation Framework for Embedded Devices"; + homepage = "https://github.com/threat9/routersploit"; + license = with licenses; [ bsd3 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/rsign2/default.nix b/nixpkgs/pkgs/tools/security/rsign2/default.nix new file mode 100644 index 000000000000..86f2d6d84338 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rsign2/default.nix @@ -0,0 +1,24 @@ +{ lib +, rustPlatform +, fetchCrate +}: + +rustPlatform.buildRustPackage rec { + pname = "rsign2"; + version = "0.6.3"; + + src = fetchCrate { + inherit pname version; + hash = "sha256-bJeM1HTzmC8QZ488PpqQ0qqdFg1/rjPWuTtqo1GXyHM="; + }; + + cargoHash = "sha256-xqNFJFNV9mIVxzyQvhv5QwHVcXLuH76VYFAsgp5hW+w="; + + meta = with lib; { + description = "A command-line tool to sign files and verify signatures"; + homepage = "https://github.com/jedisct1/rsign2"; + license = licenses.mit; + maintainers = with maintainers; [ figsoda ]; + mainProgram = "rsign"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/rucredstash/default.nix b/nixpkgs/pkgs/tools/security/rucredstash/default.nix new file mode 100644 index 000000000000..3a6fcfbf5325 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rucredstash/default.nix @@ -0,0 +1,28 @@ +{ lib, rustPlatform, fetchFromGitHub, stdenv, Security }: + +rustPlatform.buildRustPackage rec { + pname = "rucredstash"; + version = "0.9.2"; + + src = fetchFromGitHub { + owner = "psibi"; + repo = "rucredstash"; + rev = "v${version}"; + hash = "sha256-trupBiinULzD8TAy3eh1MYXhQilO08xu2a4yN7wwhwk="; + }; + + cargoHash = "sha256-TYobVjjzrK3gprZcYyY98EvdASkq4urB+WiLlbJbwmk="; + + buildInputs = lib.optional stdenv.isDarwin Security; + + # Disable tests since it requires network access and relies on the + # presence of certain AWS infrastructure + doCheck = false; + + meta = with lib; { + description = "Utility for managing credentials securely in AWS cloud"; + homepage = "https://github.com/psibi/rucredstash"; + license = licenses.mit; + maintainers = with maintainers; [ psibi ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ruler/default.nix b/nixpkgs/pkgs/tools/security/ruler/default.nix new file mode 100644 index 000000000000..6389c0eac041 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ruler/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "ruler"; + version = "2.4.1"; + + src = fetchFromGitHub { + owner = "sensepost"; + repo = pname; + rev = version; + hash = "sha256-cEYpK1LB9b65xr6MCMax1vUtSWefjJdXNs4sPgx65d0="; + }; + + vendorHash = "sha256-ITd3cvZmRBWK3922dDRvNHNH8KzHoVfIQI6S318ibxA="; + + meta = with lib; { + description = "Tool to abuse Exchange services"; + homepage = "https://github.com/sensepost/ruler"; + license = with licenses; [ cc-by-nc-40 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/rustscan/default.nix b/nixpkgs/pkgs/tools/security/rustscan/default.nix new file mode 100644 index 000000000000..099e685fec03 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rustscan/default.nix @@ -0,0 +1,36 @@ +{ lib, rustPlatform, fetchCrate, nmap, stdenv, Security, perl, python3 }: + +rustPlatform.buildRustPackage rec { + pname = "rustscan"; + version = "2.1.1"; + + src = fetchCrate { + inherit pname version; + sha256 = "sha256-yGVhbI1LivTIQEgqOK59T1+8SiTJBPIdftiXkwE4lZM="; + }; + + cargoSha256 = "sha256-UR3ktV80QU0N3f7qmqdhYpc5uwoPq4UvN40zEuMbp+Q="; + + postPatch = '' + substituteInPlace src/scripts/mod.rs \ + --replace 'call_format = "nmap' 'call_format = "${nmap}/bin/nmap' + patchShebangs fixtures/.rustscan_scripts/* + ''; + + buildInputs = lib.optional stdenv.isDarwin Security; + + nativeCheckInputs = [ perl python3 ]; + + # these tests require network access + checkFlags = [ + "--skip=parse_correct_host_addresses" + "--skip=parse_hosts_file_and_incorrect_hosts" + ]; + + meta = with lib; { + description = "Faster Nmap Scanning with Rust"; + homepage = "https://github.com/RustScan/RustScan"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ figsoda ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/s5/default.nix b/nixpkgs/pkgs/tools/security/s5/default.nix new file mode 100644 index 000000000000..7d63c4cb8a67 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/s5/default.nix @@ -0,0 +1,31 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "s5"; + version = "0.1.12"; + + src = fetchFromGitHub { + owner = "mvisonneau"; + repo = pname; + rev = "v${version}"; + hash = "sha256-lTbTD5t80+R9hQeytNE2/Cs8dofdiYEP3zkc084mdAA="; + }; + + vendorHash = "sha256-TrCIUeY0B+BsWNaUkDTEgrEaWfJKnID2mafj3ink+i8="; + + subPackages = [ "cmd/${pname}" ]; + + ldflags = [ + "-X main.version=v${version}" + ]; + + doCheck = true; + + meta = with lib; { + description = "cipher/decipher text within a file"; + homepage = "https://github.com/mvisonneau/s5"; + license = licenses.asl20; + platforms = platforms.unix ++ platforms.darwin; + maintainers = with maintainers; [ mvisonneau ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/safe/default.nix b/nixpkgs/pkgs/tools/security/safe/default.nix new file mode 100644 index 000000000000..2024cd8ff27b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/safe/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "safe"; + version = "1.8.0"; + + src = fetchFromGitHub { + owner = "starkandwayne"; + repo = "safe"; + rev = "v${version}"; + sha256 = "sha256-sg0RyZ5HpYu7M11bNy17Sjxm7C3pkQX3I17edbALuvU="; + }; + + vendorHash = "sha256-w8gHCqOfmZg4JZgg1nZBtTJ553Rbp0a0JsoQVDFjehM="; + + subPackages = [ "." ]; + + ldflags = [ + "-X main.Version=${version}" + ]; + + meta = with lib; { + description = "A Vault CLI"; + homepage = "https://github.com/starkandwayne/safe"; + license = licenses.mit; + maintainers = with maintainers; [ eonpatapon ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/saml2aws/default.nix b/nixpkgs/pkgs/tools/security/saml2aws/default.nix new file mode 100644 index 000000000000..4fa160962993 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/saml2aws/default.nix @@ -0,0 +1,30 @@ +{ lib, stdenv, buildGoModule, fetchFromGitHub, AppKit }: + +buildGoModule rec { + pname = "saml2aws"; + version = "2.36.11"; + + src = fetchFromGitHub { + owner = "Versent"; + repo = "saml2aws"; + rev = "v${version}"; + sha256 = "sha256-Sx/MAgjPcUzg4sX0O3CobAXCZQi2msZu6dKZ9q7/K+k="; + }; + + vendorHash = "sha256-T5x8C1cKyJaHVJbf2xNabD3XXwde2lOOCa8GHjdFlh0="; + + buildInputs = lib.optionals stdenv.isDarwin [ AppKit ]; + + subPackages = [ "." "cmd/saml2aws" ]; + + ldflags = [ + "-X main.Version=${version}" + ]; + + meta = with lib; { + description = "CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP"; + homepage = "https://github.com/Versent/saml2aws"; + license = licenses.mit; + maintainers = [ lib.maintainers.pmyjavec ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sammler/default.nix b/nixpkgs/pkgs/tools/security/sammler/default.nix new file mode 100644 index 000000000000..edc04d86371e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sammler/default.nix @@ -0,0 +1,28 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "sammler"; + version = "20210523-${lib.strings.substring 0 7 rev}"; + rev = "259b9fc6155f40758e5fa480683467c35df746e7"; + + src = fetchFromGitHub { + owner = "redcode-labs"; + repo = "Sammler"; + inherit rev; + sha256 = "1gsv83sbqc9prkigbjvkhh547w12l3ynbajpnbqyf8sz4bd1nj5c"; + }; + + vendorHash = "sha256-0ZBPLONUZyazZ22oLO097hdX5xuHx2G6rZCAsCwqq4s="; + + subPackages = [ "." ]; + + meta = with lib; { + description = "Tool to extract useful data from documents"; + homepage = "https://github.com/redcode-labs/Sammler"; + license = licenses.mit; + maintainers = with maintainers; [ fab ] ++ teams.redcodelabs.members; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sbctl/default.nix b/nixpkgs/pkgs/tools/security/sbctl/default.nix new file mode 100644 index 000000000000..0778406b40cb --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sbctl/default.nix @@ -0,0 +1,48 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles +, asciidoc +, databasePath ? "/etc/secureboot" +}: + +buildGoModule rec { + pname = "sbctl"; + version = "0.12"; + + src = fetchFromGitHub { + owner = "Foxboron"; + repo = pname; + rev = version; + hash = "sha256-1dA+a8GS4teaLmclatJNKt+OjhabLO4j/+p4Q95yG/s="; + }; + + vendorHash = "sha256-kVXzHTONPCE1UeAnUiULjubJeZFD0DAxIk+w8/Dqs6c="; + + ldflags = [ "-s" "-w" "-X github.com/foxboron/sbctl.DatabasePath=${databasePath}" ]; + + nativeBuildInputs = [ installShellFiles asciidoc ]; + + postBuild = '' + make docs/sbctl.8 + ''; + + postInstall = '' + installManPage docs/sbctl.8 + + installShellCompletion --cmd sbctl \ + --bash <($out/bin/sbctl completion bash) \ + --fish <($out/bin/sbctl completion fish) \ + --zsh <($out/bin/sbctl completion zsh) + ''; + + meta = with lib; { + description = "Secure Boot key manager"; + homepage = "https://github.com/Foxboron/sbctl"; + license = licenses.mit; + maintainers = with maintainers; [ raitobezarius ]; + # go-uefi do not support darwin at the moment: + # see upstream on https://github.com/Foxboron/go-uefi/issues/13 + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sbomnix/default.nix b/nixpkgs/pkgs/tools/security/sbomnix/default.nix new file mode 100644 index 000000000000..2449573c080a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sbomnix/default.nix @@ -0,0 +1,55 @@ +{ lib +, fetchFromGitHub +, coreutils +, curl +, gnugrep +, gnused +, gzip +, nix +, python + # python libs +, colorlog +, graphviz +, numpy +, packageurl-python +, pandas +, requests +, reuse +, tabulate +}: + +python.pkgs.buildPythonApplication rec { + pname = "sbomnix"; + version = "1.4.5"; + + src = fetchFromGitHub { + owner = "tiiuae"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-RxDFxVGivVBw2uhtzf231Q2HHTBFKSqGrknr2Es/ygM="; + }; + + makeWrapperArgs = [ + "--prefix PATH : ${lib.makeBinPath [ coreutils curl gnugrep gnused gzip graphviz nix ]}" + ]; + + propagatedBuildInputs = [ + colorlog + graphviz + numpy + packageurl-python + pandas + requests + reuse + tabulate + ]; + + pythonImportsCheck = [ "sbomnix" ]; + + meta = with lib; { + description = "Generate SBOMs for nix targets"; + homepage = "https://github.com/tiiuae/sbomnix"; + license = with licenses; [ asl20 bsd3 cc-by-30 ]; + maintainers = with maintainers; [ henrirosten jk ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sbsigntool/autoconf.patch b/nixpkgs/pkgs/tools/security/sbsigntool/autoconf.patch new file mode 100644 index 000000000000..0f41b4327e6a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sbsigntool/autoconf.patch @@ -0,0 +1,31 @@ +diff --git a/configure.ac b/configure.ac +index 4ffb68f..d8a8265 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -71,15 +71,16 @@ AM_CONDITIONAL(TEST_BINARY_FORMAT, [ test "$EFI_ARCH" = "arm" -o "$EFI_ARCH" = " + # no consistent view of where gnu-efi should dump the efi stuff, so find it + ## + for path in /lib /lib64 /usr/lib /usr/lib64 /usr/lib32 /lib/efi /lib64/efi /usr/lib/efi /usr/lib64/efi /usr/lib/gnuefi /usr/lib64/gnuefi ; do +- if test -e $path/crt0-efi-$EFI_ARCH.o; then +- CRTPATH=$path ++ if test -e @@NIX_GNUEFI@@/$path/crt0-efi-$EFI_ARCH.o; then ++ CRTPATH=@@NIX_GNUEFI@@/$path ++ break + fi + done + if test -z "$CRTPATH"; then + AC_MSG_ERROR([cannot find the gnu-efi crt path]) + fi + +-EFI_CPPFLAGS="-I/usr/include/efi -I/usr/include/efi/$EFI_ARCH \ ++EFI_CPPFLAGS="-I@@NIX_GNUEFI@@/include/efi -I@@NIX_GNUEFI@@/include/efi/$EFI_ARCH \ + -DEFI_FUNCTION_WRAPPER" + CPPFLAGS_save="$CPPFLAGS" + CPPFLAGS="$CPPFLAGS $EFI_CPPFLAGS" +@@ -90,5 +91,5 @@ AC_SUBST(EFI_ARCH, $EFI_ARCH) + AC_SUBST(CRTPATH, $CRTPATH) + + AC_CONFIG_FILES([Makefile src/Makefile lib/ccan/Makefile] +- [docs/Makefile tests/Makefile]) ++ [docs/Makefile]) + AC_OUTPUT diff --git a/nixpkgs/pkgs/tools/security/sbsigntool/default.nix b/nixpkgs/pkgs/tools/security/sbsigntool/default.nix new file mode 100644 index 000000000000..4422dd16b474 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sbsigntool/default.nix @@ -0,0 +1,47 @@ +{ lib, stdenv +, fetchgit, autoconf, automake, pkg-config, help2man +, openssl, libuuid, gnu-efi, libbfd +}: + +stdenv.mkDerivation rec { + pname = "sbsigntool"; + version = "0.9.5"; + + src = fetchgit { + url = "https://git.kernel.org/pub/scm/linux/kernel/git/jejb/sbsigntools.git"; + rev = "v${version}"; + hash = "sha256-5DInWgl1gThjjfGOsts1H1s1GbMCkd0gjbmG3gA3Fhg="; + }; + + patches = [ ./autoconf.patch ]; + + prePatch = "patchShebangs ."; + + nativeBuildInputs = [ autoconf automake pkg-config help2man ]; + buildInputs = [ openssl libuuid libbfd gnu-efi ]; + + configurePhase = '' + substituteInPlace configure.ac --replace "@@NIX_GNUEFI@@" "${gnu-efi}" + + lib/ccan.git/tools/create-ccan-tree --build-type=automake lib/ccan "talloc read_write_all build_assert array_size endian" + touch AUTHORS + touch ChangeLog + + echo "SUBDIRS = lib/ccan src docs" >> Makefile.am + + aclocal + autoheader + autoconf + automake --add-missing -Wno-portability + + ./configure --prefix=$out + ''; + + meta = with lib; { + description = "Tools for maintaining UEFI signature databases"; + homepage = "http://jk.ozlabs.org/docs/sbkeysync-maintaing-uefi-key-databases"; + maintainers = with maintainers; [ hmenke raitobezarius ]; + platforms = [ "x86_64-linux" "aarch64-linux" ]; # Broken on i686 + license = licenses.gpl3; + }; +} diff --git a/nixpkgs/pkgs/tools/security/schleuder/Gemfile b/nixpkgs/pkgs/tools/security/schleuder/Gemfile new file mode 100644 index 000000000000..687c293bac91 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/schleuder/Gemfile @@ -0,0 +1,3 @@ +source 'https://rubygems.org' do + gem 'schleuder' +end diff --git a/nixpkgs/pkgs/tools/security/schleuder/Gemfile.lock b/nixpkgs/pkgs/tools/security/schleuder/Gemfile.lock new file mode 100644 index 000000000000..7f15bb7bd717 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/schleuder/Gemfile.lock @@ -0,0 +1,86 @@ +GEM + specs: + +GEM + remote: https://rubygems.org/ + specs: + activemodel (6.1.6) + activesupport (= 6.1.6) + activerecord (6.1.6) + activemodel (= 6.1.6) + activesupport (= 6.1.6) + activesupport (6.1.6) + concurrent-ruby (~> 1.0, >= 1.0.2) + i18n (>= 1.6, < 2) + minitest (>= 5.1) + tzinfo (~> 2.0) + zeitwerk (~> 2.3) + bcrypt (3.1.18) + charlock_holmes (0.7.7) + concurrent-ruby (1.1.10) + daemons (1.4.1) + eventmachine (1.2.7) + gpgme (2.0.20) + mini_portile2 (~> 2.3) + i18n (1.10.0) + concurrent-ruby (~> 1.0) + mail (2.7.1) + mini_mime (>= 0.1.1) + mail-gpg (0.4.4) + gpgme (~> 2.0, >= 2.0.2) + mail (~> 2.5, >= 2.5.3) + mini_mime (1.1.2) + mini_portile2 (2.8.0) + minitest (5.16.1) + multi_json (1.15.0) + mustermann (1.1.1) + ruby2_keywords (~> 0.0.1) + rack (2.2.3.1) + rack-protection (2.2.0) + rack + rake (13.0.6) + ruby2_keywords (0.0.5) + schleuder (4.0.3) + activerecord (~> 6.1.3) + bcrypt (~> 3.1.2) + charlock_holmes (~> 0.7.6) + gpgme (~> 2.0, >= 2.0.19) + mail (~> 2.7.1) + mail-gpg (~> 0.3) + rake (>= 10.5.0) + sinatra (~> 2) + sinatra-contrib (~> 2) + sqlite3 (~> 1.4.2) + thin (~> 1) + thor (~> 0) + sinatra (2.2.0) + mustermann (~> 1.0) + rack (~> 2.2) + rack-protection (= 2.2.0) + tilt (~> 2.0) + sinatra-contrib (2.2.0) + multi_json + mustermann (~> 1.0) + rack-protection (= 2.2.0) + sinatra (= 2.2.0) + tilt (~> 2.0) + sqlite3 (1.4.4) + thin (1.8.1) + daemons (~> 1.0, >= 1.0.9) + eventmachine (~> 1.0, >= 1.0.4) + rack (>= 1, < 3) + thor (0.20.3) + tilt (2.0.10) + tzinfo (2.0.4) + concurrent-ruby (~> 1.0) + zeitwerk (2.6.0) + +PLATFORMS + aarch64-linux + x86_64-linux + +DEPENDENCIES + schleuder! + +BUNDLED WITH + 2.3.9 diff --git a/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile b/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile new file mode 100644 index 000000000000..428e856aecc6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile @@ -0,0 +1,4 @@ +source "https://rubygems.org" + +gem "schleuder-cli", git: "https://0xacab.org/schleuder/schleuder-cli", tag: "schleuder-cli-0.1.0" + diff --git a/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile.lock b/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile.lock new file mode 100644 index 000000000000..3eead9459e05 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile.lock @@ -0,0 +1,22 @@ +GIT + remote: https://0xacab.org/schleuder/schleuder-cli + revision: 1de2548695d9a74f47b7868954561b48cbc966f9 + tag: schleuder-cli-0.1.0 + specs: + schleuder-cli (0.1.0) + thor (~> 0) + +GEM + remote: https://rubygems.org/ + specs: + thor (0.20.3) + +PLATFORMS + aarch64-linux + x86_64-linux + +DEPENDENCIES + schleuder-cli! + +BUNDLED WITH + 2.3.9 diff --git a/nixpkgs/pkgs/tools/security/schleuder/cli/default.nix b/nixpkgs/pkgs/tools/security/schleuder/cli/default.nix new file mode 100644 index 000000000000..e34afa699f04 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/schleuder/cli/default.nix @@ -0,0 +1,34 @@ +{ lib +, bundlerApp +, ruby +, bundlerUpdateScript +}: + +bundlerApp { + inherit ruby; + + pname = "schleuder-cli"; + + gemdir = ./.; + + installManpages = false; + + exes = [ + "schleuder-cli" + ]; + + passthru.updateScript = bundlerUpdateScript "schleuder-cli"; + + meta = with lib; { + description = "A command line tool to create and manage schleuder-lists"; + longDescription = '' + Schleuder-cli enables creating, configuring, and deleting lists, + subscriptions, keys, etc. It uses the Schleuder API, provided by + schleuder-api-daemon (part of Schleuder). + ''; + homepage = "https://schleuder.org"; + changelog = "https://0xacab.org/schleuder/schleuder-cli/-/blob/main/CHANGELOG.md"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ hexa ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/schleuder/cli/gemset.nix b/nixpkgs/pkgs/tools/security/schleuder/cli/gemset.nix new file mode 100644 index 000000000000..45ff62f89137 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/schleuder/cli/gemset.nix @@ -0,0 +1,25 @@ +{ + schleuder-cli = { + dependencies = ["thor"]; + groups = ["default"]; + platforms = []; + source = { + fetchSubmodules = false; + rev = "1de2548695d9a74f47b7868954561b48cbc966f9"; + sha256 = "0k4i33w9a0bscw4wbs301vxca367g7pa89y6cr24i0014pbmhs9z"; + type = "git"; + url = "https://0xacab.org/schleuder/schleuder-cli"; + }; + version = "0.1.0"; + }; + thor = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1yhrnp9x8qcy5vc7g438amd5j9sw83ih7c30dr6g6slgw9zj3g29"; + type = "gem"; + }; + version = "0.20.3"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/schleuder/default.nix b/nixpkgs/pkgs/tools/security/schleuder/default.nix new file mode 100644 index 000000000000..97173fdc3e19 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/schleuder/default.nix @@ -0,0 +1,37 @@ +{ lib +, bundlerApp +, ruby +, bundlerUpdateScript +, nixosTests +}: + +bundlerApp { + inherit ruby; + + pname = "schleuder"; + + gemdir = ./.; + + exes = [ + "schleuder" + "schleuder-api-daemon" + ]; + + passthru.updateScript = bundlerUpdateScript "schleuder"; + passthru.tests = { + inherit (nixosTests) schleuder; + }; + + meta = with lib; { + description = "Schleuder is an encrypting mailing list manager with remailing-capabilities"; + longDescription = '' + Schleuder is a group's email-gateway: subscribers can exchange + encrypted emails among themselves, receive emails from + non-subscribers and send emails to non-subscribers via the list. + ''; + homepage = "https://schleuder.org"; + changelog = "https://0xacab.org/schleuder/schleuder/blob/main/CHANGELOG.md"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ hexa lheckemann ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/schleuder/gemset.nix b/nixpkgs/pkgs/tools/security/schleuder/gemset.nix new file mode 100644 index 000000000000..63cd6a5db81f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/schleuder/gemset.nix @@ -0,0 +1,316 @@ +{ + activemodel = { + dependencies = ["activesupport"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1f0ai51icvvx5q0jd1l89k0dlwzpsrkqlj6x43f8qc4bd1ya9glx"; + type = "gem"; + }; + version = "6.1.6"; + }; + activerecord = { + dependencies = ["activemodel" "activesupport"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0khjnkvmiyap1g3rvw9hp16mzai4smqcg5hxhq28pll25ljzxdbp"; + type = "gem"; + }; + version = "6.1.6"; + }; + activesupport = { + dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08wzpwgdm03vzb8gqr8bvfdarb89g5ah0skvwqk6qv87p55xqkyw"; + type = "gem"; + }; + version = "6.1.6"; + }; + bcrypt = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "048z3fvcknqx7ikkhrcrykxlqmf9bzc7l0y5h1cnvrc9n2qf0k8m"; + type = "gem"; + }; + version = "3.1.18"; + }; + charlock_holmes = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0hybw8jw9ryvz5zrki3gc9r88jqy373m6v46ynxsdzv1ysiyr40p"; + type = "gem"; + }; + version = "0.7.7"; + }; + concurrent-ruby = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0s4fpn3mqiizpmpy2a24k4v365pv75y50292r8ajrv4i1p5b2k14"; + type = "gem"; + }; + version = "1.1.10"; + }; + daemons = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "07cszb0zl8mqmwhc8a2yfg36vi6lbgrp4pa5bvmryrpcz9v6viwg"; + type = "gem"; + }; + version = "1.4.1"; + }; + eventmachine = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0wh9aqb0skz80fhfn66lbpr4f86ya2z5rx6gm5xlfhd05bj1ch4r"; + type = "gem"; + }; + version = "1.2.7"; + }; + gpgme = { + dependencies = ["mini_portile2"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xbgh9d8nbvsvyzqnd0mzhz0nr9hx4qn025kmz6d837lry4lc6gw"; + type = "gem"; + }; + version = "2.0.20"; + }; + i18n = { + dependencies = ["concurrent-ruby"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0b2qyvnk4yynlg17ymkq4g5xgr275637fhl1mjh0valw3cb1fhhg"; + type = "gem"; + }; + version = "1.10.0"; + }; + mail = { + dependencies = ["mini_mime"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "00wwz6ys0502dpk8xprwcqfwyf3hmnx6lgxaiq6vj43mkx43sapc"; + type = "gem"; + }; + version = "2.7.1"; + }; + mail-gpg = { + dependencies = ["gpgme" "mail"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1rz936m8nacy7agksvpvkf6b37d1h5qvh5xkrjqvv5wbdqs3cyfj"; + type = "gem"; + }; + version = "0.4.4"; + }; + mini_mime = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0lbim375gw2dk6383qirz13hgdmxlan0vc5da2l072j3qw6fqjm5"; + type = "gem"; + }; + version = "1.1.2"; + }; + mini_portile2 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rapl1sfmfi3bfr68da4ca16yhc0pp93vjwkj7y3rdqrzy3b41hy"; + type = "gem"; + }; + version = "2.8.0"; + }; + minitest = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08z6rgs1jgbc032843mwg3fayvzn4hihz8bl2gp87pf7z02kw5f3"; + type = "gem"; + }; + version = "5.16.1"; + }; + multi_json = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0pb1g1y3dsiahavspyzkdy39j4q377009f6ix0bh1ag4nqw43l0z"; + type = "gem"; + }; + version = "1.15.0"; + }; + mustermann = { + dependencies = ["ruby2_keywords"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ccm54qgshr1lq3pr1dfh7gphkilc19dp63rw6fcx7460pjwy88a"; + type = "gem"; + }; + version = "1.1.1"; + }; + rack = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1b1qsg0yfargdhmpapp2d3mlxj82wyygs9nj74w0r03diyi8swlc"; + type = "gem"; + }; + version = "2.2.3.1"; + }; + rack-protection = { + dependencies = ["rack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1hz6h6d67r217qi202qmxq2xkn3643ay3iybhl3dq3qd6j8nm3b2"; + type = "gem"; + }; + version = "2.2.0"; + }; + rake = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15whn7p9nrkxangbs9hh75q585yfn66lv0v2mhj6q6dl6x8bzr2w"; + type = "gem"; + }; + version = "13.0.6"; + }; + ruby2_keywords = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1vz322p8n39hz3b4a9gkmz9y7a5jaz41zrm2ywf31dvkqm03glgz"; + type = "gem"; + }; + version = "0.0.5"; + }; + schleuder = { + dependencies = ["activerecord" "bcrypt" "charlock_holmes" "gpgme" "mail" "mail-gpg" "rake" "sinatra" "sinatra-contrib" "sqlite3" "thin" "thor"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0lxmi7402v5qkajx3j5bydarxf3lbm1kzpwgy7zsmc7l28mcv8wx"; + type = "gem"; + }; + version = "4.0.3"; + }; + sinatra = { + dependencies = ["mustermann" "rack" "rack-protection" "tilt"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1x3rci7k30g96y307hvglpdgm3f7nga3k3n4i8n1v2xxx290800y"; + type = "gem"; + }; + version = "2.2.0"; + }; + sinatra-contrib = { + dependencies = ["multi_json" "mustermann" "rack-protection" "sinatra" "tilt"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0zzckl2n7r18fk3929hgcv8pby6hxwva0rbxw66yq6r96lnwzryb"; + type = "gem"; + }; + version = "2.2.0"; + }; + sqlite3 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1z1wa639c278bsipczn6kv8b13fj85pi8gk7x462chqx6k0wm0ax"; + type = "gem"; + }; + version = "1.4.4"; + }; + thin = { + dependencies = ["daemons" "eventmachine" "rack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "123bh7qlv6shk8bg8cjc84ix8bhlfcilwnn3iy6zq3l57yaplm9l"; + type = "gem"; + }; + version = "1.8.1"; + }; + thor = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1yhrnp9x8qcy5vc7g438amd5j9sw83ih7c30dr6g6slgw9zj3g29"; + type = "gem"; + }; + version = "0.20.3"; + }; + tilt = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rn8z8hda4h41a64l0zhkiwz2vxw9b1nb70gl37h1dg2k874yrlv"; + type = "gem"; + }; + version = "2.0.10"; + }; + tzinfo = { + dependencies = ["concurrent-ruby"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "10qp5x7f9hvlc0psv9gsfbxg4a7s0485wsbq1kljkxq94in91l4z"; + type = "gem"; + }; + version = "2.0.4"; + }; + zeitwerk = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xjdr2szxvn3zb1sb5l8nfd6k9jr3b4qqbbg1mj9grf68m3fxckc"; + type = "gem"; + }; + version = "2.6.0"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/scilla/default.nix b/nixpkgs/pkgs/tools/security/scilla/default.nix new file mode 100644 index 000000000000..79f743ea0ce8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/scilla/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "scilla"; + version = "1.2.7"; + + src = fetchFromGitHub { + owner = "edoardottt"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-gZuNXQaxHJYLsEaOpNYo7ybg3f0GhkpiaLrex5lkDu4="; + }; + + vendorHash = "sha256-bVGmleuOJzi/Sz7MJlnQuJsDgRWuwieLUx8hcyKkWXI="; + + checkFlags = [ + # requires network access + "-skip=TestIPToHostname" + ]; + + meta = with lib; { + description = "Information gathering tool for DNS, ports and more"; + homepage = "https://github.com/edoardottt/scilla"; + changelog = "https://github.com/edoardottt/scilla/releases/tag/v${version}"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/scorecard/default.nix b/nixpkgs/pkgs/tools/security/scorecard/default.nix new file mode 100644 index 000000000000..b460f52aa292 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/scorecard/default.nix @@ -0,0 +1,89 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles +, testers +, scorecard +}: + +buildGoModule rec { + pname = "scorecard"; + version = "4.12.0"; + + src = fetchFromGitHub { + owner = "ossf"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-Ys7uO+xMSlcD8OGw7fV+aR0+Q1UXrxPKVLQbphV4rKk="; + # populate values otherwise taken care of by goreleaser, + # unfortunately these require us to use git. By doing + # this in postFetch we can delete .git afterwards and + # maintain better reproducibility of the src. + leaveDotGit = true; + postFetch = '' + cd "$out" + git rev-parse HEAD > $out/COMMIT + # 0000-00-00T00:00:00Z + date -u -d "@$(git log -1 --pretty=%ct)" "+%Y-%m-%dT%H:%M:%SZ" > $out/SOURCE_DATE_EPOCH + find "$out" -name .git -print0 | xargs -0 rm -rf + ''; + }; + vendorHash = "sha256-L6HFZryniy3Gp8NKdjM4SK82ZG5eQPM7blkSE3YFhOw="; + + nativeBuildInputs = [ installShellFiles ]; + + subPackages = [ "." ]; + + ldflags = [ + "-s" + "-w" + "-X sigs.k8s.io/release-utils/version.gitVersion=v${version}" + "-X sigs.k8s.io/release-utils/version.gitTreeState=clean" + ]; + + # ldflags based on metadata from git and source + preBuild = '' + ldflags+=" -X sigs.k8s.io/release-utils/version.gitCommit=$(cat COMMIT)" + ldflags+=" -X sigs.k8s.io/release-utils/version.buildDate=$(cat SOURCE_DATE_EPOCH)" + ''; + + preCheck = '' + # Feed in all but the e2e tests for testing + # This is because subPackages above limits what is built to just what we + # want but also limits the tests + getGoDirs() { + go list ./... | grep -v e2e + } + # Ensure other e2e tests that have escaped the e2e dir dont run + export SKIP_GINKGO=1 + ''; + + postInstall = '' + installShellCompletion --cmd scorecard \ + --bash <($out/bin/scorecard completion bash) \ + --fish <($out/bin/scorecard completion fish) \ + --zsh <($out/bin/scorecard completion zsh) + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + $out/bin/scorecard --help + # $out/bin/scorecard version 2>&1 | grep "v${version}" + runHook postInstallCheck + ''; + + passthru.tests.version = testers.testVersion { + package = scorecard; + command = "scorecard version"; + version = "v${version}"; + }; + + meta = with lib; { + homepage = "https://github.com/ossf/scorecard"; + changelog = "https://github.com/ossf/scorecard/releases/tag/v${version}"; + description = "Security health metrics for Open Source"; + license = licenses.asl20; + maintainers = with maintainers; [ jk developer-guy ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/scrypt/default.nix b/nixpkgs/pkgs/tools/security/scrypt/default.nix new file mode 100644 index 000000000000..d2b8228f6511 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/scrypt/default.nix @@ -0,0 +1,45 @@ +{ lib +, stdenv +, fetchurl +, openssl +, getconf +, util-linux +}: + +stdenv.mkDerivation rec { + pname = "scrypt"; + version = "1.3.2"; + + src = fetchurl { + url = "https://www.tarsnap.com/scrypt/${pname}-${version}.tgz"; + sha256 = "sha256-1jLBGTQgrG+uv5SC5l4z06VmTszWQ7CaUJ0h0cHym+I="; + }; + + outputs = [ "out" "lib" "dev" ]; + + configureFlags = [ "--enable-libscrypt-kdf" ]; + + buildInputs = [ openssl ]; + + nativeBuildInputs = [ getconf ]; + + patchPhase = '' + for f in Makefile.in autotools/Makefile.am libcperciva/cpusupport/Build/cpusupport.sh configure ; do + substituteInPlace $f --replace "command -p " "" + done + + patchShebangs tests/test_scrypt.sh + ''; + + doCheck = true; + checkTarget = "test"; + nativeCheckInputs = lib.optionals stdenv.isLinux [ util-linux ]; + + meta = with lib; { + description = "Encryption utility"; + homepage = "https://www.tarsnap.com/scrypt.html"; + license = licenses.bsd2; + platforms = platforms.all; + maintainers = with maintainers; [ thoughtpolice ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sdlookup/default.nix b/nixpkgs/pkgs/tools/security/sdlookup/default.nix new file mode 100644 index 000000000000..62d6dffdaa2b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sdlookup/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "sdlookup"; + version = "unstable-2022-03-10"; + + src = fetchFromGitHub { + owner = "j3ssie"; + repo = pname; + rev = "8554bfa27284c4764401dbd8da23800d4ae968a2"; + hash = "sha256-c6xAgOxle51waiFsSWvwO9eyt1KXuM0dEeepVsRQHkk="; + }; + + vendorHash = "sha256-j0UzucZ6kDwM+6U0ZyIW9u8XG/Bn+VUCO2vV1BbnQo0="; + + meta = with lib; { + description = "IP lookups for open ports and vulnerabilities from internetdb.shodan.io"; + homepage = "https://github.com/j3ssie/sdlookup"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/seccure/default.nix b/nixpkgs/pkgs/tools/security/seccure/default.nix new file mode 100644 index 000000000000..07c8d0382ca5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/seccure/default.nix @@ -0,0 +1,26 @@ +{ lib, stdenv, fetchurl, libgcrypt }: + +stdenv.mkDerivation rec { + pname = "seccure"; + version = "0.5"; + + src = fetchurl { + url = "http://point-at-infinity.org/seccure/${pname}-${version}.tar.gz"; + sha256 = "0nwnk3hfhgvf5xr0xipbh6smfnya22wphc5rj0vgi5d0zr5cwrk5"; + }; + + buildInputs = [ libgcrypt ]; + + preConfigure = '' + sed -e s@/usr/@$out/@g -i Makefile + sed -e 's@ln -f@ln -sf@g' -i Makefile + mkdir -p $out/bin $out/share/man/man1 + ''; + + meta = { + homepage = "http://point-at-infinity.org/seccure/"; + description = "Zero-configuration elliptic curve cryptography utility"; + platforms = lib.platforms.unix; + license = lib.licenses.lgpl3; + }; +} diff --git a/nixpkgs/pkgs/tools/security/secp256k1/default.nix b/nixpkgs/pkgs/tools/security/secp256k1/default.nix new file mode 100644 index 000000000000..1af6812cfc99 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/secp256k1/default.nix @@ -0,0 +1,40 @@ +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +}: + +stdenv.mkDerivation rec { + pname = "secp256k1"; + + version = "0.4.0"; + + src = fetchFromGitHub { + owner = "bitcoin-core"; + repo = "secp256k1"; + rev = "refs/tags/v${version}"; + sha256 = "sha256-KNEOEwxeCQybFdUFfItEF5KoZ/fZ/mahFU1LSlRyHZE="; + }; + + nativeBuildInputs = [ autoreconfHook ]; + + configureFlags = [ + "--enable-benchmark=no" + "--enable-module-recovery" + ]; + + doCheck = true; + + meta = with lib; { + description = "Optimized C library for EC operations on curve secp256k1"; + longDescription = '' + Optimized C library for EC operations on curve secp256k1. Part of + Bitcoin Core. This library is a work in progress and is being used + to research best practices. Use at your own risk. + ''; + homepage = "https://github.com/bitcoin-core/secp256k1"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ ]; + platforms = with platforms; all; + }; +} diff --git a/nixpkgs/pkgs/tools/security/secrets-extractor/default.nix b/nixpkgs/pkgs/tools/security/secrets-extractor/default.nix new file mode 100644 index 000000000000..b8118e6cf95c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/secrets-extractor/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, libpcap +}: + +buildGoModule rec { + pname = "secrets-extractor"; + version = "1.0.1"; + + src = fetchFromGitHub { + owner = "Xenios91"; + repo = "Secrets-Extractor"; + rev = "v${version}"; + hash = "sha256-cwEG0cXlyhrUSQAuZ/5KVqJtez13GvZghabsooXCM/U="; + }; + + vendorHash = "sha256-KhAaBNSpFu7LAWiHCWD1OssexW9N96ArDb7Oo1AaiWI="; + + buildInputs = [ + libpcap + ]; + + meta = with lib; { + description = "Tool to check packets for secrets"; + homepage = "https://github.com/Xenios91/Secrets-Extractor"; + # https://github.com/Xenios91/Secrets-Extractor/issues/1 + license = with licenses; [ unfree ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/secretscanner/default.nix b/nixpkgs/pkgs/tools/security/secretscanner/default.nix new file mode 100644 index 000000000000..794597707994 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/secretscanner/default.nix @@ -0,0 +1,58 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, hyperscan +, pkg-config +, protobuf +, protoc-gen-go +, protoc-gen-go-grpc +}: + +buildGoModule rec { + pname = "secretscanner"; + version = "1.2.0"; + + src = fetchFromGitHub { + owner = "deepfence"; + repo = "SecretScanner"; + rev = "refs/tags/v${version}"; + fetchSubmodules = true; + hash = "sha256-lTUZLuEiC9xpHYWn3uv4ZtbvHX6ETsjxacjd/O0kU8I="; + }; + + vendorHash = "sha256-lB+fiSdflIYGw0hMN0a9IOtRcJwYEUPQqaeU7mAfSQs="; + + excludedPackages = [ + "./agent-plugins-grpc/proto" # No need to build submodules + ]; + + nativeBuildInputs = [ + pkg-config + protobuf + protoc-gen-go + protoc-gen-go-grpc + ]; + + buildInputs = [ + hyperscan + ]; + + preBuild = '' + # Compile proto files + make -C agent-plugins-grpc go + ''; + + postInstall = '' + mv $out/bin/SecretScanner $out/bin/$pname + ''; + + meta = with lib; { + description = "Tool to find secrets and passwords in container images and file systems"; + homepage = "https://github.com/deepfence/SecretScanner"; + changelog = "https://github.com/deepfence/SecretScanner/releases/tag/v${version}"; + platforms = [ "x86_64-linux" ]; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/sedutil/default.nix b/nixpkgs/pkgs/tools/security/sedutil/default.nix new file mode 100644 index 000000000000..cb0e367fa2cc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sedutil/default.nix @@ -0,0 +1,34 @@ +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +}: + +stdenv.mkDerivation rec { + pname = "sedutil"; + version = "1.20.0"; + + src = fetchFromGitHub { + owner = "Drive-Trust-Alliance"; + repo = "sedutil"; + rev = version; + sha256 = "sha256-NG/7aqe48ShHWW5hW8axYWV4+zX0dBE7Wy9q58l0S3E="; + }; + + postPatch = '' + patchShebangs . + ''; + + nativeBuildInputs = [ + autoreconfHook + ]; + + enableParallelBuilding = true; + + meta = with lib; { + description = "DTA sedutil Self encrypting drive software"; + homepage = "https://www.drivetrust.com"; + license = licenses.gpl3Plus; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/semgrep/common.nix b/nixpkgs/pkgs/tools/security/semgrep/common.nix new file mode 100644 index 000000000000..da646461a20f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/semgrep/common.nix @@ -0,0 +1,55 @@ +{ lib }: + +rec { + version = "1.37.0"; + + srcHash = "sha256-oFJ43dq3DAhux0UEFDKFZnxruoRdOfCndKY6XgG3d5I="; + + # submodule dependencies + # these are fetched so we: + # 1. don't fetch the many submodules we don't need + # 2. avoid fetchSubmodules since it's prone to impurities + submodules = { + "cli/src/semgrep/semgrep_interfaces" = { + owner = "returntocorp"; + repo = "semgrep-interfaces"; + rev = "331603197022625f50a64dd5e3029a96a5f03ada"; + hash = "sha256-UAcWbTSCIdBGvgGSbdQ+miFOEuBvQ6m42MkU3VeErKY="; + }; + }; + + # fetch pre-built semgrep-core since the ocaml build is complex and relies on + # the opam package manager at some point + # pulling it out of the python wheel as r2c no longer release a built binary + # on github releases + core = { + x86_64-linux = { + platform = "any"; + hash = "sha256-Sj/6tzZMyRQAJL09X/3zgvdGTIhNibqO8usKsus9Xss="; + }; + x86_64-darwin = { + platform = "macosx_10_14_x86_64"; + hash = "sha256-hC04VknZG6aYYNX7lqvkcOoVslewNqlYax+o1nV2TcM="; + }; + aarch64-darwin = { + platform = "macosx_11_0_arm64"; + hash = "sha256-0F+ndM4+0dnxf9acwWvGdIy9iYWSqixS9IzOxa95/yM="; + }; + }; + + meta = with lib; { + homepage = "https://semgrep.dev/"; + downloadPage = "https://github.com/returntocorp/semgrep/"; + changelog = "https://github.com/returntocorp/semgrep/blob/v${version}/CHANGELOG.md"; + description = "Lightweight static analysis for many languages"; + longDescription = '' + Semgrep is a fast, open-source, static analysis tool for finding bugs and + enforcing code standards at editor, commit, and CI time. Semgrep analyzes + code locally on your computer or in your build environment: code is never + uploaded. Its rules look like the code you already write; no abstract + syntax trees, regex wrestling, or painful DSLs. + ''; + license = licenses.lgpl21Plus; + maintainers = with maintainers; [ jk ambroisie ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/semgrep/default.nix b/nixpkgs/pkgs/tools/security/semgrep/default.nix new file mode 100644 index 000000000000..ff41daacac30 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/semgrep/default.nix @@ -0,0 +1,119 @@ +{ lib +, fetchFromGitHub +, semgrep-core +, buildPythonApplication +, pythonPackages +, pythonRelaxDepsHook + +, pytestCheckHook +, git +}: + +let + common = import ./common.nix { inherit lib; }; +in +buildPythonApplication rec { + pname = "semgrep"; + inherit (common) version; + src = fetchFromGitHub { + owner = "returntocorp"; + repo = "semgrep"; + rev = "v${version}"; + hash = common.srcHash; + }; + + # prepare a subset of the submodules as we only need a handful + # and there are many many submodules total + postPatch = (lib.concatStringsSep "\n" (lib.mapAttrsToList + ( + path: submodule: '' + # substitute ${path} + # remove git submodule placeholder + rm -r ${path} + # link submodule + ln -s ${submodule}/ ${path} + '' + ) + passthru.submodulesSubset)) + '' + cd cli + ''; + + nativeBuildInputs = [ pythonRelaxDepsHook ]; + # tell cli/setup.py to not copy semgrep-core into the result + # this means we can share a copy of semgrep-core and avoid an issue where it + # copies the binary but doesn't retain the executable bit + SEMGREP_SKIP_BIN = true; + + pythonRelaxDeps = [ + "boltons" + "glom" + ]; + + propagatedBuildInputs = with pythonPackages; [ + attrs + boltons + colorama + click + click-option-group + glom + requests + rich + ruamel-yaml + tqdm + packaging + jsonschema + wcmatch + peewee + defusedxml + urllib3 + typing-extensions + python-lsp-jsonrpc + tomli + ]; + + doCheck = true; + nativeCheckInputs = [ git pytestCheckHook ] ++ (with pythonPackages; [ + pytest-snapshot + pytest-mock + pytest-freezegun + types-freezegun + ]); + disabledTests = [ + # requires networking + "test_send" + # requires networking + "test_parse_exclude_rules_auto" + ]; + preCheck = '' + # tests need a home directory + export HOME="$(mktemp -d)" + + # disabledTestPaths doesn't manage to avoid the e2e tests + # remove them from pyproject.toml + # and remove need for pytest-split + substituteInPlace pyproject.toml \ + --replace '"tests/e2e",' "" \ + --replace 'addopts = "--splitting-algorithm=least_duration"' "" + ''; + + # since we stop cli/setup.py from finding semgrep-core and copying it into + # the result we need to provide it on the PATH + preFixup = '' + makeWrapperArgs+=(--prefix PATH : ${lib.makeBinPath [ semgrep-core ]}) + ''; + + postInstall = '' + chmod +x $out/bin/{,py}semgrep + ''; + + passthru = { + inherit common; + submodulesSubset = lib.mapAttrs (k: args: fetchFromGitHub args) common.submodules; + updateScript = ./update.sh; + }; + + meta = common.meta // { + description = common.meta.description + " - cli"; + inherit (semgrep-core.meta) platforms; + }; +} diff --git a/nixpkgs/pkgs/tools/security/semgrep/semgrep-core.nix b/nixpkgs/pkgs/tools/security/semgrep/semgrep-core.nix new file mode 100644 index 000000000000..b924dd16579f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/semgrep/semgrep-core.nix @@ -0,0 +1,52 @@ +{ lib, stdenvNoCC, fetchPypi, unzip }: + +let + common = import ./common.nix { inherit lib; }; +in +stdenvNoCC.mkDerivation rec { + pname = "semgrep-core"; + inherit (common) version; + # fetch pre-built semgrep-core since the ocaml build is complex and relies on + # the opam package manager at some point + # pulling it out of the python wheel as r2c no longer release a built binary + # on github releases + src = + let + inherit (stdenvNoCC.hostPlatform) system; + data = common.core.${system} or (throw "Unsupported system: ${system}"); + in + fetchPypi rec { + pname = "semgrep"; + inherit version; + format = "wheel"; + dist = python; + python = "cp37.cp38.cp39.cp310.cp311.py37.py38.py39.py310.py311"; + inherit (data) platform hash; + }; + + nativeBuildInputs = [ unzip ]; + + # _tryUnzip from unzip's setup-hook doesn't recognise .whl + # "do not know how to unpack source archive" + # perform unpack by hand + unpackPhase = '' + runHook preUnpack + LANG=en_US.UTF-8 unzip -qq "$src" + runHook postUnpack + ''; + + dontConfigure = true; + dontBuild = true; + + installPhase = '' + runHook preInstall + install -Dm 755 -t $out/bin semgrep-${version}.data/purelib/semgrep/bin/semgrep-core + runHook postInstall + ''; + + meta = common.meta // { + description = common.meta.description + " - core binary"; + sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ]; + platforms = lib.attrNames common.core; + }; +} diff --git a/nixpkgs/pkgs/tools/security/semgrep/update.sh b/nixpkgs/pkgs/tools/security/semgrep/update.sh new file mode 100755 index 000000000000..c66180cf8f2b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/semgrep/update.sh @@ -0,0 +1,146 @@ +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p curl gnused jq nix-prefetch + +set -euxo pipefail + +# provide a github token so you don't get rate limited +# if you use gh cli you can use: +# `export GITHUB_TOKEN="$(cat ~/.config/gh/config.yml | yq '.hosts."github.com".oauth_token' -r)"` +# or just set your token by hand: +# `read -s -p "Enter your token: " GITHUB_TOKEN; export GITHUB_TOKEN` +# (we use read so it doesn't show in our shell history and in secret mode so the token you paste isn't visible) +if [ -z "${GITHUB_TOKEN:-}" ]; then + echo "no GITHUB_TOKEN provided - you could meet API request limiting" >&2 +fi + +ROOT="$(dirname "$(readlink -f "$0")")" +NIXPKGS_ROOT="$ROOT/../../../.." + +COMMON_FILE="$ROOT/common.nix" + +instantiateClean() { + nix-instantiate -A "$1" --eval --strict | cut -d\" -f2 +} + +# get latest version +NEW_VERSION=$( + curl -s -H \ + "Accept: application/vnd.github.v3+json" \ + ${GITHUB_TOKEN:+ -H "Authorization: bearer $GITHUB_TOKEN"} \ + https://api.github.com/repos/returntocorp/semgrep/releases/latest \ + | jq -r '.tag_name' +) +# trim v prefix +NEW_VERSION="${NEW_VERSION:1}" +OLD_VERSION="$(instantiateClean semgrep.passthru.common.version)" + +if [[ "$OLD_VERSION" == "$NEW_VERSION" ]]; then + echo "Already up to date" + exit +fi + +replace() { + sed -i "s@$1@$2@g" "$3" +} + +fetchgithub() { + set +eo pipefail + nix-build -A "$1" 2>&1 >/dev/null | grep "got:" | cut -d':' -f2 | sed 's| ||g' + set -eo pipefail +} + +fetch_arch() { + VERSION=$1 + PLATFORM=$2 + nix-prefetch "{ fetchPypi }: +fetchPypi rec { + pname = \"semgrep\"; + version = \"$VERSION\"; + format = \"wheel\"; + dist = python; + python = \"cp37.cp38.cp39.cp310.cp311.py37.py38.py39.py310.py311\"; + platform = \"$PLATFORM\"; +} +" +} + +replace "$OLD_VERSION" "$NEW_VERSION" "$COMMON_FILE" + +echo "Updating src" + +OLD_HASH="$(instantiateClean semgrep.passthru.common.srcHash)" +echo "Old hash $OLD_HASH" +TMP_HASH="sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" +replace "$OLD_HASH" "$TMP_HASH" "$COMMON_FILE" +NEW_HASH="$(fetchgithub semgrep.src)" +echo "New hash $NEW_HASH" +replace "$TMP_HASH" "$NEW_HASH" "$COMMON_FILE" + +echo "Updated src" + + +update_core_platform() { + SYSTEM=$1 + echo "Updating core src $SYSTEM" + + PLATFORM="$(instantiateClean "semgrep.passthru.common.core.$SYSTEM.platform")" + + OLD_HASH="$(instantiateClean "semgrep.passthru.common.core.$SYSTEM.hash")" + echo "Old core hash $OLD_HASH" + NEW_HASH="$(fetch_arch "$NEW_VERSION" "$PLATFORM")" + echo "New core hash $NEW_HASH" + replace "$OLD_HASH" "$NEW_HASH" "$COMMON_FILE" + + echo "Updated core src $SYSTEM" +} + +update_core_platform "x86_64-linux" +update_core_platform "x86_64-darwin" +update_core_platform "aarch64-darwin" + +OLD_PWD=$PWD +TMPDIR="$(mktemp -d)" +# shallow clone to check submodule commits, don't actually need the submodules +git clone https://github.com/returntocorp/semgrep "$TMPDIR/semgrep" --depth 1 --branch "v$NEW_VERSION" + +get_submodule_commit() { + OLD_PWD=$PWD + ( + cd "$TMPDIR/semgrep" + git ls-tree --object-only HEAD "$1" + cd "$OLD_PWD" + ) +} + +# loop through submodules +nix-instantiate -E "with import $NIXPKGS_ROOT {}; builtins.attrNames semgrep.passthru.common.submodules" --eval --strict --json \ +| jq '.[]' -r \ +| while read -r SUBMODULE; do + echo "Updating $SUBMODULE" + OLD_REV=$(instantiateClean semgrep.passthru.common.submodules."$SUBMODULE".rev) + echo "Old commit $OLD_REV" + OLD_HASH=$(instantiateClean semgrep.passthru.common.submodules."$SUBMODULE".hash) + echo "Old hash $OLD_HASH" + + NEW_REV=$(get_submodule_commit "$SUBMODULE") + echo "New commit $NEW_REV" + + if [[ "$OLD_REV" == "$NEW_REV" ]]; then + echo "$SUBMODULE already up to date" + continue + fi + + TMP_HASH="sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" + replace "$OLD_REV" "$NEW_REV" "$COMMON_FILE" + replace "$OLD_HASH" "$TMP_HASH" "$COMMON_FILE" + NEW_HASH="$(fetchgithub semgrep.passthru.submodulesSubset."$SUBMODULE")" + echo "New hash $NEW_HASH" + replace "$TMP_HASH" "$NEW_HASH" "$COMMON_FILE" + + echo "Updated $SUBMODULE" +done + +rm -rf "$TMPDIR" + +echo "Finished" + diff --git a/nixpkgs/pkgs/tools/security/sequoia-chameleon-gnupg/default.nix b/nixpkgs/pkgs/tools/security/sequoia-chameleon-gnupg/default.nix new file mode 100644 index 000000000000..95d0426729e0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sequoia-chameleon-gnupg/default.nix @@ -0,0 +1,47 @@ +{ lib +, stdenv +, rustPlatform +, fetchFromGitLab +, pkg-config +, nettle +, openssl +, sqlite +, darwin +}: + +rustPlatform.buildRustPackage rec { + pname = "sequoia-chameleon-gnupg"; + version = "0.3.2"; + + src = fetchFromGitLab { + owner = "sequoia-pgp"; + repo = pname; + rev = "v${version}"; + hash = "sha256-Qe9KKZh0Zim/BdPn2aMxkH6FBOBB6zijkp5ft9YfzzU="; + }; + + cargoHash = "sha256-KuVSpbAfLVIy5YJ/8qb+Rfw1TgZkWfR+Ai9gDcf4EQ4="; + + nativeBuildInputs = [ + rustPlatform.bindgenHook + pkg-config + ]; + + buildInputs = [ + nettle + openssl + sqlite + ] ++ lib.optionals stdenv.isDarwin [ + darwin.apple_sdk.frameworks.Security + ]; + + # gpgconf: error creating socket directory + doCheck = false; + + meta = with lib; { + description = "Sequoia's reimplementation of the GnuPG interface"; + homepage = "https://gitlab.com/sequoia-pgp/sequoia-chameleon-gnupg"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ nickcao ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sequoia-sq/default.nix b/nixpkgs/pkgs/tools/security/sequoia-sq/default.nix new file mode 100644 index 000000000000..d8bac3e70725 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sequoia-sq/default.nix @@ -0,0 +1,62 @@ +{ stdenv +, fetchFromGitLab +, lib +, darwin +, nettle +, nix-update-script +, rustPlatform +, pkg-config +, openssl +, sqlite +}: + +rustPlatform.buildRustPackage rec { + pname = "sequoia-sq"; + version = "0.31.0"; + + src = fetchFromGitLab { + owner = "sequoia-pgp"; + repo = "sequoia-sq"; + rev = "v${version}"; + hash = "sha256-rrNN52tDM3CEGyNvsT3x4GmfWIpU8yoT2XsgOhPyLjo="; + }; + + cargoHash = "sha256-B+gtUzUB99At+kusupsN/v6sCbpXs36/EbpTL3gUxnc="; + + nativeBuildInputs = [ + pkg-config + rustPlatform.bindgenHook + ]; + + buildInputs = [ + openssl + sqlite + nettle + ] ++ lib.optionals stdenv.isDarwin [ darwin.apple_sdk.frameworks.Security ]; + + # Sometimes, tests fail on CI (ofborg) & hydra without this + checkFlags = [ + # doctest for sequoia-ipc fail for some reason + "--skip=macros::assert_send_and_sync" + "--skip=macros::time_it" + ]; + + # Install manual pages, see https://gitlab.com/sequoia-pgp/sequoia-sq#building + postInstall = '' + mkdir -p $out/share/man + SQ_MAN=$out/share/man/man1 cargo run + ''; + + doCheck = true; + + passthru.updateScript = nix-update-script { }; + + meta = with lib; { + description = "A cool new OpenPGP implementation"; + homepage = "https://sequoia-pgp.org/"; + changelog = "https://gitlab.com/sequoia-pgp/sequoia-sq/-/blob/v${version}/NEWS"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ minijackson doronbehar ]; + mainProgram = "sq"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sequoia-sqop/default.nix b/nixpkgs/pkgs/tools/security/sequoia-sqop/default.nix new file mode 100644 index 000000000000..fdefbdea9e50 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sequoia-sqop/default.nix @@ -0,0 +1,58 @@ +{ lib +, fetchFromGitLab +, nettle +, nix-update-script +, installShellFiles +, rustPlatform +, pkg-config +}: + +rustPlatform.buildRustPackage rec { + pname = "sequoia-sqop"; + version = "0.30.0"; + + src = fetchFromGitLab { + owner = "sequoia-pgp"; + # From some reason the repository is not sequoia-sqop - like the command + # generated etc + repo = "sequoia-sop"; + rev = "v${version}"; + hash = "sha256-2fRlHkT2jhUp1dIqKe8r7ktSbgudCmzuiiyF0WcbYIE="; + }; + + cargoHash = "sha256-/LLW0AHCgqi2pAOkhZXNGlmNF/+u0TmSstd/B6mDr6M="; + + nativeBuildInputs = [ + pkg-config + rustPlatform.bindgenHook + installShellFiles + ]; + + buildInputs = [ + nettle + ]; + buildFeatures = [ "cli" ]; + + # Install manual pages + postInstall = '' + mkdir -p $out/share/man + cp -r man-sqop $out/share/man/man1 + installShellCompletion --cmd sqop \ + --bash target/*/release/build/sequoia-sop*/out/sqop.bash \ + --fish target/*/release/build/sequoia-sop*/out/sqop.fish \ + --zsh target/*/release/build/sequoia-sop*/out/_sqop + # Also elv and powershell are generated there + ''; + + doCheck = true; + + passthru.updateScript = nix-update-script { }; + + meta = with lib; { + description = "An implementation of the Stateless OpenPGP Command Line Interface using Sequoia"; + homepage = "https://docs.sequoia-pgp.org/sqop/"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ doronbehar ]; + mainProgram = "sqop"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sequoia-sqv/default.nix b/nixpkgs/pkgs/tools/security/sequoia-sqv/default.nix new file mode 100644 index 000000000000..b85c5d2cfb18 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sequoia-sqv/default.nix @@ -0,0 +1,59 @@ +{ lib +, fetchFromGitLab +, nettle +, nix-update-script +, rustPlatform +, pkg-config +, installShellFiles +}: + +rustPlatform.buildRustPackage rec { + pname = "sequoia-sqv"; + version = "1.1.0"; + + src = fetchFromGitLab { + owner = "sequoia-pgp"; + repo = "sequoia-sqv"; + rev = "v${version}"; + hash = "sha256-KoB9YnPNE2aB5MW5G9r6Bk+1QnANVSKA2dp3ufSJ44M="; + }; + + cargoHash = "sha256-uwOU/yyh3eoD10El7Oe9E97F3dvPuXMHQhpnWEJ1gnI="; + + nativeBuildInputs = [ + pkg-config + rustPlatform.bindgenHook + installShellFiles + ]; + + buildInputs = [ + nettle + ]; + # Otherwise, the shell completion files are not built + cargoBuildFlags = [ + "--package" "sequoia-sqv" + ]; + # Use a predictable target directory, to access it when installing shell + # completion files. + preBuild = '' + export CARGO_TARGET_DIR="$(pwd)/target" + ''; + postInstall = '' + installShellCompletion --cmd sqv \ + --zsh target/_sqv \ + --bash target/sqv.bash \ + --fish target/sqv.fish + ''; + + doCheck = true; + + passthru.updateScript = nix-update-script { }; + + meta = with lib; { + description = "A command-line OpenPGP signature verification tool"; + homepage = "https://docs.sequoia-pgp.org/sqv/"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ doronbehar ]; + mainProgram = "sqv"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sha1collisiondetection/default.nix b/nixpkgs/pkgs/tools/security/sha1collisiondetection/default.nix new file mode 100644 index 000000000000..07c9ed9b2408 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sha1collisiondetection/default.nix @@ -0,0 +1,34 @@ +{ lib, stdenv, fetchFromGitHub, libtool, which }: + +stdenv.mkDerivation rec { + pname = "sha1collisiondetection"; + version = "1.0.3"; + + src = fetchFromGitHub { + owner = "cr-marcstevens"; + repo = "sha1collisiondetection"; + rev = "stable-v${version}"; + sha256 = "0xn31hkkqs0kj9203rzx6w4nr0lq8fnrlm5i76g0px3q4v2dzw1s"; + }; + + makeFlags = [ "PREFIX=$(out)" ]; + + doCheck = true; + + nativeBuildInputs = [ libtool which ]; + + meta = with lib; { + description = "Library and command line tool to detect SHA-1 collision"; + longDescription = '' + This library and command line tool were designed as near drop-in + replacements for common SHA-1 libraries and sha1sum. They will + compute the SHA-1 hash of any given file and additionally will + detect cryptanalytic collision attacks against SHA-1 present in + each file. It is very fast and takes less than twice the amount + of time as regular SHA-1. + ''; + platforms = platforms.all; + maintainers = with maintainers; [ leenaars ]; + license = licenses.mit; + }; +} diff --git a/nixpkgs/pkgs/tools/security/shc/default.nix b/nixpkgs/pkgs/tools/security/shc/default.nix new file mode 100644 index 000000000000..0c1bf93ed1c6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/shc/default.nix @@ -0,0 +1,21 @@ +{ lib, stdenv, fetchFromGitHub }: + +stdenv.mkDerivation rec { + pname = "shc"; + version = "4.0.3"; + rev = version; + + src = fetchFromGitHub { + inherit rev; + owner = "neurobin"; + repo = "shc"; + sha256 = "0bfn404plsssa14q89k9l3s5lxq3df0sny5lis4j2w75qrkqx694"; + }; + + meta = with lib; { + homepage = "https://neurobin.org/projects/softwares/unix/shc/"; + description = "Shell Script Compiler"; + platforms = lib.platforms.all; + license = licenses.gpl3; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sheesy-cli/default.nix b/nixpkgs/pkgs/tools/security/sheesy-cli/default.nix new file mode 100644 index 000000000000..c47e5a212858 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sheesy-cli/default.nix @@ -0,0 +1,42 @@ +{ lib, stdenv, rustPlatform, fetchCrate, installShellFiles +, libgpg-error, gpgme, gettext, openssl, Security +}: + +rustPlatform.buildRustPackage rec { + pname = "sheesy-cli"; + version = "4.0.11"; + + src = fetchCrate { + inherit version pname; + sha256 = "1l21ji9zqy8x1g2gvqwdhya505max07ibx1hh88s36k0jbvdb7xc"; + }; + + cargoSha256 = "159a5ph1gxwcgahyr8885lq3c1w76nxzfrfdpyqixqrr7jzx2rd3"; + cargoDepsName = pname; + + nativeBuildInputs = [ libgpg-error gpgme gettext installShellFiles ]; + + buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ Security ]; + + buildFeatures = [ "vault" "extract" "completions" "substitute" "process" ]; + + checkFeatures = [ ]; + + cargoBuildFlags = [ "--bin" "sy" ]; + + postInstall = '' + installShellCompletion --cmd sy \ + --bash <($out/bin/sy completions bash) \ + --fish <($out/bin/sy completions fish) \ + --zsh <($out/bin/sy completions zsh) + ''; + + meta = with lib; { + description = "The 'share-secrets-safely' CLI to interact with GPG/pass-like vaults"; + homepage = "https://share-secrets-safely.github.io/cli/"; + changelog = "https://github.com/share-secrets-safely/cli/releases/tag/${version}"; + license = with licenses; [ lgpl21Only ]; + maintainers = with maintainers; [ devhell ]; + mainProgram = "sy"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/shellclear/default.nix b/nixpkgs/pkgs/tools/security/shellclear/default.nix new file mode 100644 index 000000000000..32be52bae267 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/shellclear/default.nix @@ -0,0 +1,26 @@ +{ lib +, rustPlatform +, fetchFromGitHub +}: + +rustPlatform.buildRustPackage rec { + pname = "shellclear"; + version = "0.4.8"; + + src = fetchFromGitHub { + owner = "rusty-ferris-club"; + repo = "shellclear"; + rev = "refs/tags/v${version}"; + hash = "sha256-/0pqegVxrqqxaQ2JiUfkkFK9hp+Vuq7eTap052HEcJs="; + }; + + cargoHash = "sha256-vPd1cFfoSkOnXH3zKQUB0zWDzEtao50AUrUzhpZIkgI="; + + meta = with lib; { + description = "Secure shell history commands by finding sensitive data"; + homepage = "https://github.com/rusty-ferris-club/shellclear"; + changelog = "https://github.com/rusty-ferris-club/shellclear/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/shellnoob/default.nix b/nixpkgs/pkgs/tools/security/shellnoob/default.nix new file mode 100644 index 000000000000..f7814b24384b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/shellnoob/default.nix @@ -0,0 +1,33 @@ +{ lib, stdenvNoCC, fetchFromGitHub, python3 }: + +stdenvNoCC.mkDerivation rec { + pname = "shellnoob"; + version = "unstable-2022-03-16"; + + src = fetchFromGitHub { + owner = "reyammer"; + repo = pname; + rev = "72cf49804d8ea3de1faa7fae5794449301987bff"; + sha256 = "xF9OTFFe8godW4+z9MFaFEkjE9FB42bKWwdl9xRcmEo="; + }; + + buildInputs = [ + python3 + ]; + + installPhase = '' + runHook preInstall + + install -Dm755 shellnoob.py $out/bin/snoob + + runHook postInstall + ''; + + meta = with lib; { + description = "A shellcode writing toolkit"; + homepage = "https://github.com/reyammer/shellnoob"; + mainProgram = "snoob"; + license = licenses.mit; + maintainers = with maintainers; [ emilytrau ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/shellz/default.nix b/nixpkgs/pkgs/tools/security/shellz/default.nix new file mode 100644 index 000000000000..f1b226c32137 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/shellz/default.nix @@ -0,0 +1,30 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "shellz"; + version = "1.6.0"; + + src = fetchFromGitHub { + owner = "evilsocket"; + repo = pname; + rev = "v${version}"; + hash = "sha256-sUYDopSxaUPyrHev8XXobRoX6uxbdf5goJ75KYEPFNY="; + }; + + vendorHash = "sha256-9uQMimttsNCA//DgDMuukXUROlIz3bJfr04XfVpPLZM="; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "Utility to manage your SSH, telnet, kubernetes, winrm, web or any custom shell"; + homepage = "https://github.com/evilsocket/shellz"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sherlock/default.nix b/nixpkgs/pkgs/tools/security/sherlock/default.nix new file mode 100644 index 000000000000..05954db51629 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sherlock/default.nix @@ -0,0 +1,57 @@ +{ stdenv, lib, fetchFromGitHub, python3, makeWrapper }: +let + pyenv = python3.withPackages (pp: with pp; [ + beautifulsoup4 + certifi + colorama + lxml + pandas + pysocks + requests + requests-futures + soupsieve + stem + torrequest + ]); +in +stdenv.mkDerivation rec { + pname = "sherlock"; + version = "0.14.3"; + + src = fetchFromGitHub { + owner = "sherlock-project"; + repo = pname; + rev = "ab2f6788340903df797d8c336a97fa6e742daf77"; + hash = "sha256-AbWZa33DNrDM0FdjoFSVMnz4Ph7mUiUe/erhI3w7GQQ"; + }; + + nativeBuildInputs = [ makeWrapper ]; + + postPatch = '' + substituteInPlace sherlock/sherlock.py \ + --replace "os.path.dirname(__file__)" "\"$out/share\"" + ''; + + installPhase = '' + runHook preInstall + mkdir -p $out/bin $out/share + cp ./sherlock/*.py $out/bin/ + cp --recursive ./sherlock/resources/ $out/share + makeWrapper ${pyenv.interpreter} $out/bin/sherlock --add-flags "$out/bin/sherlock.py" + runHook postInstall + ''; + + checkPhase = '' + runHook preCheck + cd $srcRoot/sherlock + ${pyenv.interpreter} -m unittest tests.all.SherlockSiteCoverageTests --verbose + runHook postCheck + ''; + + meta = with lib; { + homepage = "https://sherlock-project.github.io/"; + description = "Hunt down social media accounts by username across social networks"; + license = licenses.mit; + maintainers = with maintainers; [ applePrincess ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/shisho/default.nix b/nixpkgs/pkgs/tools/security/shisho/default.nix new file mode 100644 index 000000000000..5a5995f5da3b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/shisho/default.nix @@ -0,0 +1,59 @@ +{ lib +, fetchFromGitHub +, rustPlatform +, installShellFiles +, rustfmt +}: + +rustPlatform.buildRustPackage rec { + pname = "shisho"; + version = "0.5.2"; + + src = fetchFromGitHub { + owner = "flatt-security"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-G7sHaDq+F5lXNaF1sSLUecdjZbCejJE79P4AQifKdFY="; + fetchSubmodules = true; + }; + cargoSha256 = "sha256-xd4andytmDMOIT+3DkmUC9fkxxGJ6yRY2WSdnGB6ZwY="; + + nativeBuildInputs = [ + installShellFiles + # required to build serde-sarif dependency + rustfmt + ]; + + postInstall = '' + installShellCompletion --cmd shisho \ + --bash <($out/bin/shisho completion bash) \ + --fish <($out/bin/shisho completion fish) \ + --zsh <($out/bin/shisho completion zsh) + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + + $out/bin/shisho --help + $out/bin/shisho --version | grep "${version}" + + runHook postInstallCheck + ''; + + meta = with lib; { + homepage = "https://docs.shisho.dev/shisho/"; + changelog = "https://docs.shisho.dev/changelog/"; + description = "Lightweight static analyzer for several programming languages"; + longDescription = '' + Shisho is a lightweight static code analyzer designed for developers and + is the core engine for Shisho products. It is, so to speak, like a + pluggable and configurable linter; it gives developers a way to codify + your domain knowledge over your code as rules. With powerful automation + and integration capabilities, the rules will help you find and fix issues + semiautomatically. + ''; + license = licenses.agpl3Only; + maintainers = with maintainers; [ jk ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sigma-cli/default.nix b/nixpkgs/pkgs/tools/security/sigma-cli/default.nix new file mode 100644 index 000000000000..bbed9910f251 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sigma-cli/default.nix @@ -0,0 +1,66 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "sigma-cli"; + version = "0.7.7"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "SigmaHQ"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-Qqe9nJZfCb7xh93ERrV3XpqdtfeRECt7RDca9eQU3eQ="; + }; + + postPatch = '' + substituteInPlace pyproject.toml \ + --replace '= "^' '= ">=' + ''; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + click + colorama + prettytable + pysigma + pysigma-backend-elasticsearch + pysigma-backend-insightidr + pysigma-backend-opensearch + pysigma-backend-qradar + pysigma-backend-splunk + pysigma-pipeline-crowdstrike + pysigma-pipeline-sysmon + pysigma-pipeline-windows + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + disabledTests = [ + "test_plugin_list" + "test_plugin_list_filtered" + "test_plugin_list_search" + "test_plugin_install_notexisting" + "test_plugin_install" + "test_plugin_uninstall" + ]; + + pythonImportsCheck = [ + "sigma.cli" + ]; + + meta = with lib; { + description = "Sigma command line interface"; + homepage = "https://github.com/SigmaHQ/sigma-cli"; + license = with licenses; [ lgpl21Plus ]; + maintainers = with maintainers; [ fab ]; + mainProgram = "sigma"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/signify/default.nix b/nixpkgs/pkgs/tools/security/signify/default.nix new file mode 100644 index 000000000000..645cb010bdf3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/signify/default.nix @@ -0,0 +1,36 @@ +{ lib, stdenv, fetchFromGitHub, libbsd, pkg-config }: + +stdenv.mkDerivation rec { + pname = "signify"; + version = "31"; + + src = fetchFromGitHub { + owner = "aperezdc"; + repo = "signify"; + rev = "v${version}"; + sha256 = "sha256-y9jWG1JJhYCn6e5E2qjVqK8nmZpktiB7d9e9uP+3DLo="; + }; + + doCheck = true; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ libbsd ]; + + postPatch = '' + substituteInPlace Makefile --replace "shell pkg-config" "shell $PKG_CONFIG" + ''; + + installFlags = [ "PREFIX=$(out)" ]; + + meta = with lib; { + description = "OpenBSD signing tool"; + longDescription = '' + OpenBSDs signing tool, which uses the Ed25519 public key signature system + for fast signing and verification of messages using small public keys. + ''; + homepage = "https://www.tedunangst.com/flak/post/signify"; + license = licenses.isc; + maintainers = [ maintainers.rlupton20 ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/signing-party/default.nix b/nixpkgs/pkgs/tools/security/signing-party/default.nix new file mode 100644 index 000000000000..e08632154385 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/signing-party/default.nix @@ -0,0 +1,226 @@ +{ lib, stdenv, fetchFromGitLab, autoconf, automake, makeWrapper +, python3, perl, perlPackages +, libmd, gnupg, which, getopt, libpaper, nettools, qprint +, sendmailPath ? "/run/wrappers/bin/sendmail" }: + +let + # All runtime dependencies from the CPAN graph: + # https://widgets.stratopan.com/wheel?q=GnuPG-Interface-0.52&runtime=1&fs=1 + GnuPGInterfaceRuntimeDependencies = with perlPackages; [ + strictures ClassMethodModifiers DataPerl DevelGlobalDestruction ExporterTiny + GnuPGInterface ListMoreUtils ModuleRuntime Moo MooXHandlesVia MooXlate + RoleTiny SubExporterProgressive SubQuote TypeTiny + ]; +in stdenv.mkDerivation rec { + pname = "signing-party"; + version = "2.11"; + + src = fetchFromGitLab { + domain = "salsa.debian.org"; + owner = "signing-party-team"; + repo = "signing-party"; + rev = "v${version}"; + sha256 = "1aig5ssabzbk4mih7xd04vgr931bw0flbi8dz902wlr610gyv5s5"; + }; + + # TODO: Get this patch upstream... + patches = [ ./gpgwrap_makefile.patch ]; + + postPatch = '' + substituteInPlace gpg-mailkeys/gpg-mailkeys --replace \ + "/usr/sbin/sendmail" "${sendmailPath}" + ''; + + # One can use the following command to find all relevant Makefiles: + # grep -R '$(DESTDIR)/usr' | cut -d: -f1 | sort -u | grep -v 'debian/rules' + preBuild = '' + substituteInPlace gpgsigs/Makefile --replace '$(DESTDIR)/usr' "$out" + substituteInPlace keyanalyze/Makefile --replace '$(DESTDIR)/usr' "$out" + substituteInPlace keylookup/Makefile --replace '$(DESTDIR)/usr' "$out" + substituteInPlace sig2dot/Makefile --replace '$(DESTDIR)/usr' "$out" + substituteInPlace springgraph/Makefile --replace '$(DESTDIR)/usr' "$out" + ''; + + # Perl is required for it's pod2man. + # Python and Perl are required for patching the script interpreter paths. + nativeBuildInputs = [ autoconf automake makeWrapper ]; + buildInputs = [ python3 perl perlPackages.GnuPGInterface libmd gnupg ]; + + postInstall = '' + # Install all tools which aren't handled by 'make install'. + # TODO: Fix upstream...! + + # caff: CA - Fire and Forget signs and mails a key + install -D -m555 caff/caff $out/bin/caff; + install -D -m444 caff/caff.1 $out/share/man/man1/caff.1; + + # pgp-clean: removes all non-self signatures from key + install -D -m555 caff/pgp-clean $out/bin/pgp-clean; + install -D -m444 caff/pgp-clean.1 $out/share/man/man1/pgp-clean.1; + + # pgp-fixkey: removes broken packets from keys + install -D -m555 caff/pgp-fixkey $out/bin/pgp-fixkey; + install -D -m444 caff/pgp-fixkey.1 $out/share/man/man1/pgp-fixkey.1; + + # gpg-mailkeys: simply mail out a signed key to its owner + install -D -m555 gpg-mailkeys/gpg-mailkeys $out/bin/gpg-mailkeys; + install -D -m444 gpg-mailkeys/gpg-mailkeys.1 $out/share/man/man1/gpg-mailkeys.1; + + # gpg-key2ps: generate PostScript file with fingerprint paper slips + install -D -m555 gpg-key2ps/gpg-key2ps $out/bin/gpg-key2ps; + install -D -m444 gpg-key2ps/gpg-key2ps.1 $out/share/man/man1/gpg-key2ps.1; + + # gpgdir: recursive directory encryption tool + install -D -m555 gpgdir/gpgdir $out/bin/gpgdir; + install -D -m444 gpgdir/gpgdir.1 $out/share/man/man1/gpgdir.1; + + # gpglist: show who signed which of your UIDs + install -D -m555 gpglist/gpglist $out/bin/gpglist; + install -D -m444 gpglist/gpglist.1 $out/share/man/man1/gpglist.1; + + # gpgsigs: annotates list of GnuPG keys with already done signatures + # The manual page is not handled by 'make install' + install -D -m444 gpgsigs/gpgsigs.1 $out/share/man/man1/gpgsigs.1; + + # gpgparticipants: create list of party participants for the organiser + install -D -m555 gpgparticipants/gpgparticipants $out/bin/gpgparticipants; + install -D -m444 gpgparticipants/gpgparticipants.1 $out/share/man/man1/gpgparticipants.1; + install -D -m555 gpgparticipants/gpgparticipants-prefill $out/bin/gpgparticipants-prefill; + install -D -m444 gpgparticipants/gpgparticipants-prefill.1 $out/share/man/man1/gpgparticipants-prefill.1; + install -D -m555 gpgparticipants/gpgparticipants-filter $out/bin/gpgparticipants-filter; + install -D -m444 gpgparticipants/gpgparticipants-filter.1 $out/share/man/man1/gpgparticipants-filter.1; + + # gpgwrap: a passphrase wrapper + install -D -m555 gpgwrap/bin/gpgwrap $out/bin/gpgwrap; + install -D -m444 gpgwrap/doc/gpgwrap.1 $out/share/man/man1/gpgwrap.1; + + # keyanalyze: minimum signing distance (MSD) analysis on keyrings + # Only the binaries are handled by 'make install' + install -D -m444 keyanalyze/keyanalyze.1 $out/share/man/man1/keyanalyze.1; + install -D -m444 keyanalyze/pgpring/pgpring.1 $out/share/man/man1/pgpring.1; + install -D -m444 keyanalyze/process_keys.1 $out/share/man/man1/process_keys.1; + + # keylookup: ncurses wrapper around gpg --search + # Handled by 'make install' + + # sig2dot: converts a list of GnuPG signatures to a .dot file + # Handled by 'make install' + + # springgraph: creates a graph from a .dot file + # Handled by 'make install' + + # keyart: creates a random ASCII art of a PGP key file + install -D -m555 keyart/keyart $out/bin/keyart; + install -D -m444 keyart/doc/keyart.1 $out/share/man/man1/keyart.1; + + # gpg-key2latex: generate LaTeX file with fingerprint paper slips + install -D -m555 gpg-key2latex/gpg-key2latex $out/bin/gpg-key2latex; + install -D -m444 gpg-key2latex/gpg-key2latex.1 $out/share/man/man1/gpg-key2latex.1; + ''; + + postFixup = '' + # Add the runtime dependencies for all programs (but mainly for the Perl + # scripts) + + wrapProgram $out/bin/caff --set PERL5LIB \ + ${with perlPackages; makePerlPath ([ + TextTemplate MIMETools MailTools TimeDate NetIDNEncode ] + ++ GnuPGInterfaceRuntimeDependencies)} \ + --prefix PATH ":" \ + "${lib.makeBinPath [ nettools gnupg ]}" + + wrapProgram $out/bin/gpg-key2latex --set PERL5LIB \ + ${perlPackages.makePerlPath GnuPGInterfaceRuntimeDependencies} \ + --prefix PATH ":" \ + "${lib.makeBinPath [ gnupg libpaper ]}" + + wrapProgram $out/bin/gpg-key2ps --prefix PATH ":" \ + "${lib.makeBinPath [ which gnupg libpaper ]}" + + wrapProgram $out/bin/gpg-mailkeys --prefix PATH ":" \ + "${lib.makeBinPath [ gnupg qprint ]}" + + wrapProgram $out/bin/gpgdir --set PERL5LIB \ + ${with perlPackages; makePerlPath ([ + TermReadKey ] + ++ GnuPGInterfaceRuntimeDependencies)} \ + --prefix PATH ":" \ + "${lib.makeBinPath [ gnupg ]}" + + wrapProgram $out/bin/gpglist --prefix PATH ":" \ + "${lib.makeBinPath [ gnupg ]}" + + wrapProgram $out/bin/gpgparticipants --prefix PATH ":" \ + "${lib.makeBinPath [ getopt gnupg ]}" + +# wrapProgram $out/bin/gpgparticipants-prefill + + wrapProgram $out/bin/gpgparticipants-filter --prefix PATH ":" \ + "${lib.makeBinPath [ gnupg ]}" + + wrapProgram $out/bin/gpgsigs --set PERL5LIB \ + ${perlPackages.makePerlPath GnuPGInterfaceRuntimeDependencies} \ + --prefix PATH ":" \ + "${lib.makeBinPath [ gnupg ]}" + + wrapProgram $out/bin/gpgwrap --prefix PATH ":" \ + "${lib.makeBinPath [ gnupg ]}" + +# wrapProgram $out/bin/keyanalyze --set PERL5LIB \ + + wrapProgram $out/bin/keyart --prefix PATH ":" \ + "${lib.makeBinPath [ gnupg ]}" + + wrapProgram $out/bin/keylookup --prefix PATH ":" \ + "${lib.makeBinPath [ gnupg ]}" + + wrapProgram $out/bin/pgp-clean --set PERL5LIB \ + ${perlPackages.makePerlPath GnuPGInterfaceRuntimeDependencies} \ + --prefix PATH ":" \ + "${lib.makeBinPath [ gnupg ]}" + + wrapProgram $out/bin/pgp-fixkey --set PERL5LIB \ + ${perlPackages.makePerlPath GnuPGInterfaceRuntimeDependencies} \ + --prefix PATH ":" \ + "${lib.makeBinPath [ gnupg ]}" + +# wrapProgram $out/bin/pgpring + +# wrapProgram $out/bin/process_keys + + # Upstream-Bug: Seems like sig2dot doesn't work with 2.1 (modern) anymore, + # please use 2.0 (stable) instead. +# wrapProgram $out/bin/sig2dot + + wrapProgram $out/bin/springgraph --set PERL5LIB \ + ${with perlPackages; makePerlPath [ GD ]} + ''; + + meta = with lib; { + homepage = "https://salsa.debian.org/signing-party-team/signing-party"; + description = "A collection of several projects relating to OpenPGP"; + longDescription = '' + This is a collection of several projects relating to OpenPGP. + + * caff: CA - Fire and Forget signs and mails a key + * pgp-clean: removes all non-self signatures from key + * pgp-fixkey: removes broken packets from keys + * gpg-mailkeys: simply mail out a signed key to its owner + * gpg-key2ps: generate PostScript file with fingerprint paper slips + * gpgdir: recursive directory encryption tool + * gpglist: show who signed which of your UIDs + * gpgsigs: annotates list of GnuPG keys with already done signatures + * gpgparticipants: create list of party participants for the organiser + * gpgwrap: a passphrase wrapper + * keyanalyze: minimum signing distance (MSD) analysis on keyrings + * keylookup: ncurses wrapper around gpg --search + * sig2dot: converts a list of GnuPG signatures to a .dot file + * springgraph: creates a graph from a .dot file + * keyart: creates a random ASCII art of a PGP key file + * gpg-key2latex: generate LaTeX file with fingerprint paper slips + ''; + license = with licenses; [ bsd2 bsd3 gpl2 gpl2Plus gpl3Plus ]; + maintainers = with maintainers; [ primeos ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/signing-party/gpgwrap_makefile.patch b/nixpkgs/pkgs/tools/security/signing-party/gpgwrap_makefile.patch new file mode 100644 index 000000000000..4beaf5b80887 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/signing-party/gpgwrap_makefile.patch @@ -0,0 +1,16 @@ +--- a/gpgwrap/Makefile 2015-06-03 16:24:48.723129144 +0200 ++++ b/gpgwrap/Makefile 2015-06-03 16:24:11.639744346 +0200 +@@ -1,9 +1,12 @@ + MAKE=make + +-.PHONY: all clean ++.PHONY: all clean install + + all: + cd src && ${MAKE} all DIET="${DIET}" + ++install: ++ ++ + clean: + cd src && ${MAKE} clean diff --git a/nixpkgs/pkgs/tools/security/silenthound/default.nix b/nixpkgs/pkgs/tools/security/silenthound/default.nix new file mode 100644 index 000000000000..92b651bc9a83 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/silenthound/default.nix @@ -0,0 +1,43 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "silenthound"; + version = "unstable-2022-09-02"; + format = "other"; + + src = fetchFromGitHub { + owner = "layer8secure"; + repo = "SilentHound"; + rev = "44d361f6c95b79bd848603c8050af86db3d072b0"; + hash = "sha256-6JcU6FIE+9fsMawI1RSNQyx9ubjxmchEKmeg6/kmI4s="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + colorama + python-ldap + ]; + + dontBuild = true; + + installPhase = '' + runHook preInstall + + install -vD $pname.py $out/bin/$pname + + runHook postInstall + ''; + + # Only script available + doCheck = false; + + meta = with lib; { + description = "Tool to enumerate an Active Directory Domain"; + homepage = "https://github.com/layer8secure/SilentHound"; + # Unknown license, https://github.com/layer8secure/SilentHound/issues/1 + license = licenses.unfree; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/simple-tpm-pk11/default.nix b/nixpkgs/pkgs/tools/security/simple-tpm-pk11/default.nix new file mode 100644 index 000000000000..7d879aa497de --- /dev/null +++ b/nixpkgs/pkgs/tools/security/simple-tpm-pk11/default.nix @@ -0,0 +1,29 @@ +{ lib, stdenv, fetchFromGitHub, trousers, openssl, opencryptoki, autoreconfHook, libtool }: + +stdenv.mkDerivation rec { + pname = "simple-tpm-pk11"; + version = "0.06"; + + src = fetchFromGitHub { + owner = "ThomasHabets"; + repo = "simple-tpm-pk11"; + rev = version; + sha256 = "0vpbaklr4r1a2am0pqcm6m41ph22mkcrq33y8ab5h8qkhkvhd6a6"; + }; + + nativeBuildInputs = [ autoreconfHook libtool ]; + buildInputs = [ trousers openssl opencryptoki ]; + + enableParallelBuilding = true; + + meta = with lib; { + description = "Simple PKCS11 provider for TPM chips"; + longDescription = '' + A simple library for using the TPM chip to secure SSH keys. + ''; + homepage = "https://github.com/ThomasHabets/simple-tpm-pk11"; + license = licenses.asl20; + maintainers = with maintainers; [ ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sipvicious/default.nix b/nixpkgs/pkgs/tools/security/sipvicious/default.nix new file mode 100644 index 000000000000..1167d40e4327 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sipvicious/default.nix @@ -0,0 +1,27 @@ +{ lib +, buildPythonApplication +, fetchFromGitHub +}: + +buildPythonApplication rec { + pname = "sipvicious"; + version = "0.3.4"; + + src = fetchFromGitHub { + owner = "EnableSecurity"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-O8/9Vz/u8BoF1dfGceOJdzPPYLfkdBp2DkwA5WQ3dgo="; + }; + + # Project has no tests + doCheck = false; + pythonImportsCheck = [ "sipvicious" ]; + + meta = with lib; { + description = " Set of tools to audit SIP based VoIP systems"; + homepage = "https://github.com/EnableSecurity/sipvicious"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sirikali/default.nix b/nixpkgs/pkgs/tools/security/sirikali/default.nix new file mode 100644 index 000000000000..6ae689d95fd4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sirikali/default.nix @@ -0,0 +1,87 @@ +{ lib +, stdenv +, qtbase +, libpwquality +, hicolor-icon-theme +, fetchFromGitHub +, wrapQtAppsHook +, cmake +, pkg-config +, libgcrypt +, cryfs +, encfs +, fscrypt-experimental +, gocryptfs +, securefs +, sshfs +, libsecret +, kwallet +, withKWallet ? true +, withLibsecret ? true +}: + +stdenv.mkDerivation rec { + pname = "sirikali"; + version = "1.5.1"; + + src = fetchFromGitHub { + owner = "mhogomchungu"; + repo = "sirikali"; + rev = version; + hash = "sha256-1bY8cCMMK4Jie4+9c7eUEBrPEYDaOqFHZ5252TPSotA="; + }; + + buildInputs = [ + qtbase + libpwquality + hicolor-icon-theme + libgcrypt + cryfs + encfs + fscrypt-experimental + gocryptfs + securefs + sshfs + ] + ++ lib.optionals withKWallet [ libsecret ] + ++ lib.optionals withLibsecret [ kwallet ] + ; + + nativeBuildInputs = [ + wrapQtAppsHook + cmake + pkg-config + ]; + + qtWrapperArgs = [ + ''--prefix PATH : ${lib.makeBinPath [ + cryfs + encfs + fscrypt-experimental + gocryptfs + securefs + sshfs + ]}'' + ]; + + postPatch = '' + substituteInPlace "src/engines.cpp" --replace "/sbin/" "/run/wrappers/bin/" + ''; + + doCheck = true; + + cmakeFlags = [ + "-DINTERNAL_LXQT_WALLET=false" + "-DNOKDESUPPORT=${if withKWallet then "false" else "true"}" + "-DNOSECRETSUPPORT=${if withLibsecret then "false" else "true"}" + "-DQT5=true" + ]; + + meta = with lib; { + description = "A Qt/C++ GUI front end to sshfs, ecryptfs-simple, cryfs, gocryptfs, securefs, fscrypt and encfs"; + homepage = "https://github.com/mhogomchungu/sirikali"; + changelog = "https://github.com/mhogomchungu/sirikali/blob/${src.rev}/changelog"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ linuxissuper ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/slowhttptest/default.nix b/nixpkgs/pkgs/tools/security/slowhttptest/default.nix new file mode 100644 index 000000000000..b4c2b0efeec3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/slowhttptest/default.nix @@ -0,0 +1,26 @@ +{ lib +, stdenv +, fetchFromGitHub +, openssl +}: + +stdenv.mkDerivation rec { + pname = "slowhttptest"; + version = "1.9.0"; + + src = fetchFromGitHub { + owner = "shekyan"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-rIvd3LykVAbDXtFWZ1EQ+QKeALzqwK6pq7In0BsCOFo="; + }; + + buildInputs = [ openssl ]; + + meta = with lib; { + description = "Application Layer DoS attack simulator"; + homepage = "https://github.com/shekyan/slowhttptest"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/slsa-verifier/default.nix b/nixpkgs/pkgs/tools/security/slsa-verifier/default.nix new file mode 100644 index 000000000000..6e4d70787d84 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/slsa-verifier/default.nix @@ -0,0 +1,43 @@ +{ lib +, fetchFromGitHub +, buildGoModule +}: + +buildGoModule rec { + pname = "slsa-verifier"; + version = "2.4.0"; + + src = fetchFromGitHub { + owner = "slsa-framework"; + repo = "slsa-verifier"; + rev = "v${version}"; + hash = "sha256-2/4ExhMWXIKpkYQIodEsajA7q9zb4tOT9QUGunAutl0="; + }; + + vendorHash = "sha256-TwPbxoNu9PYAFEbUT5htyUY1RbkGow712ARJW6y496E="; + + CGO_ENABLED = 0; + GO111MODULE = "on"; + GOFLAGS = "-trimpath"; + + subPackages = [ "cli/slsa-verifier" ]; + + tags = [ "netgo" ]; + + ldflags = [ + "-s" + "-w" + "-buildid=" + "-X sigs.k8s.io/release-utils/version.gitVersion=${version}" + ]; + + doCheck = false; + + meta = { + homepage = "https://github.com/slsa-framework/slsa-verifier"; + changelog = "https://github.com/slsa-framework/slsa-verifier/releases/tag/v${version}"; + description = "Verify provenance from SLSA compliant builders"; + license = lib.licenses.asl20; + maintainers = with lib.maintainers; [ developer-guy mlieberman85 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/smbmap/default.nix b/nixpkgs/pkgs/tools/security/smbmap/default.nix new file mode 100644 index 000000000000..f4236ef2fcd3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/smbmap/default.nix @@ -0,0 +1,40 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "smbmap"; + version = "1.9.2"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "ShawnDEvans"; + repo = "smbmap"; + rev = "refs/tags/v${version}"; + hash = "sha256-n0cLj1K9Xt/1TlHOh9Kp/xIXYaUhmGSxrHL/yxDbfk4="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + impacket + pyasn1 + pycrypto + configparser + termcolor + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "smbmap" + ]; + + meta = with lib; { + description = "SMB enumeration tool"; + homepage = "https://github.com/ShawnDEvans/smbmap"; + changelog = "https://github.com/ShawnDEvans/smbmap/releases/tag/v${version}"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/smbscan/default.nix b/nixpkgs/pkgs/tools/security/smbscan/default.nix new file mode 100644 index 000000000000..f807704005e1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/smbscan/default.nix @@ -0,0 +1,41 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "smbscan"; + version = "unstable-2022-05-26"; + format = "other"; + + src = fetchFromGitHub { + owner = "jeffhacks"; + repo = pname; + rev = "1b19d6040cab279b97bf002934bf6f8b34d6a8b4"; + hash = "sha256-cL1mnyzIbHB/X4c7sZKVv295LNnjqwR8TZBMe9s/peg="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + impacket + python-slugify + ]; + + installPhase = '' + runHook preInstall + + install -vD smbscan.py $out/bin/smbscan + install -vd $out/${python3.sitePackages}/ + cp {scan_internals,scan,setup,local_logging,arg_parser}.py $out/${python3.sitePackages} + install -vd $out/${python3.sitePackages}/wordlists/ + cp wordlists/pattern* $out/${python3.sitePackages}/wordlists + + runHook postInstall + ''; + + meta = with lib; { + description = "Tool to enumerate file shares"; + homepage = "https://github.com/jeffhacks/smbscan"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sn0int/default.nix b/nixpkgs/pkgs/tools/security/sn0int/default.nix new file mode 100644 index 000000000000..397f7eb832e7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sn0int/default.nix @@ -0,0 +1,45 @@ +{ lib +, fetchFromGitHub +, rustPlatform +, libsodium +, libseccomp +, sqlite +, pkg-config +}: + +rustPlatform.buildRustPackage rec { + pname = "sn0int"; + version = "0.26.0"; + + src = fetchFromGitHub { + owner = "kpcyrd"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-ze4OFKUuc/t6tXgmoWFFDjpAQraSY6RIekkcDBctPJo="; + }; + + cargoHash = "sha256-PAKmoifqB1YC02fVF2SRbXAAGrMcB+Wlvr3FwuqmPVU="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + libsodium + libseccomp + sqlite + ]; + + # One of the dependencies (chrootable-https) tries to read "/etc/resolv.conf" + # in "checkPhase", hence fails in sandbox of "nix". + doCheck = false; + + meta = with lib; { + description = "Semi-automatic OSINT framework and package manager"; + homepage = "https://github.com/kpcyrd/sn0int"; + changelog = "https://github.com/kpcyrd/sn0int/releases/tag/v${version}"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab xrelkd ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/snallygaster/default.nix b/nixpkgs/pkgs/tools/security/snallygaster/default.nix new file mode 100644 index 000000000000..2f7f5d12192a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/snallygaster/default.nix @@ -0,0 +1,38 @@ +{ lib +, python3Packages +, fetchFromGitHub +}: + +python3Packages.buildPythonApplication rec { + pname = "snallygaster"; + version = "0.0.12"; + + src = fetchFromGitHub { + owner = "hannob"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-JXuRCUWpoGhBbU38XMEQovCiVfbyBMJ+SIrt3iqFuAo="; + }; + + propagatedBuildInputs = with python3Packages; [ + urllib3 + beautifulsoup4 + dnspython + ]; + + nativeCheckInputs = with python3Packages; [ + pytestCheckHook + ]; + + pytestFlagsArray = [ + # we are not interested in linting the project + "--ignore=tests/test_codingstyle.py" + ]; + + meta = with lib; { + description = "Tool to scan for secret files on HTTP servers"; + homepage = "https://github.com/hannob/snallygaster"; + license = licenses.cc0; + maintainers = with maintainers; [ hexa ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/snow/default.nix b/nixpkgs/pkgs/tools/security/snow/default.nix new file mode 100644 index 000000000000..6dce95f8cf0f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/snow/default.nix @@ -0,0 +1,25 @@ +{ lib, stdenv, fetchurl }: + +stdenv.mkDerivation rec { + pname = "snow"; + version = "20130616"; + + src = fetchurl { + url = "https://web.archive.org/web/20200304125913if_/http://darkside.com.au/snow/snow-${version}.tar.gz"; + sha256 = "0r9q45y55z4i0askkxmxrx0jr1620ypd870vz0hx2a6n9skimdy0"; + }; + + makeFlags = [ "CFLAGS=-O2" ]; + + installPhase = '' + install -Dm755 snow -t $out/bin + ''; + + meta = with lib; { + description = "Conceal messages in ASCII text by appending whitespace to the end of lines"; + homepage = "http://www.darkside.com.au/snow/"; + license = licenses.asl20; + maintainers = with maintainers; [ siraben ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/snowcat/default.nix b/nixpkgs/pkgs/tools/security/snowcat/default.nix new file mode 100644 index 000000000000..429564f91f1e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/snowcat/default.nix @@ -0,0 +1,33 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "snowcat"; + version = "0.1.3"; + + src = fetchFromGitHub { + owner = "praetorian-inc"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-EulQYGOMIh952e4Xp13hT/HMW3qP1QXYtt5PEej1VTY="; + }; + vendorHash = "sha256-D6ipwGMxT0B3uYUzg6Oo2TYnsOVBY0mYO5lC7vtVPc0="; + + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + homepage = "https://github.com/praetorian-inc/snowcat"; + changelog = "https://github.com/praetorian-inc/snowcat/releases/tag/v${version}"; + description = "A tool to audit the istio service mesh"; + longDescription = '' + Snowcat gathers and analyzes the configuration of an Istio cluster and + audits it for potential violations of security best practices. + + There are two main modes of operation for Snowcat. With no positional + argument, Snowcat will assume it is running inside of a cluster enabled + with Istio, and begin to enumerate the required data. Optionally, you can + point snowcat at a directory containing Kubernets YAML files. + ''; + license = licenses.asl20; + maintainers = with maintainers; [ jk ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/snowcrash/default.nix b/nixpkgs/pkgs/tools/security/snowcrash/default.nix new file mode 100644 index 000000000000..69d310afb9f9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/snowcrash/default.nix @@ -0,0 +1,33 @@ +{ lib +, stdenv +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "snowcrash"; + version = "unstable-2022-08-15"; + + src = fetchFromGitHub { + owner = "redcode-labs"; + repo = "SNOWCRASH"; + rev = "32e62f9ff7d3dda9fac8acfc56176f1f2a70d066"; + hash = "sha256-mURF/VUqygd5bLJdmbwnZq003IXJKn+k8HtS+CxoQJQ="; + }; + + vendorHash = "sha256-WTDE+MYL8CjeNvGHRNiMgBFrydDJWIcG8TYvbQTH/6o="; + + subPackages = [ "." ]; + + postFixup = lib.optionals (!stdenv.isDarwin) '' + mv $out/bin/SNOWCRASH $out/bin/${pname} + ''; + + meta = with lib; { + description = "Polyglot payload generator"; + homepage = "https://github.com/redcode-labs/SNOWCRASH"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ] ++ teams.redcodelabs.members; + mainProgram = "SNOWCRASH"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/social-engineer-toolkit/default.nix b/nixpkgs/pkgs/tools/security/social-engineer-toolkit/default.nix new file mode 100644 index 000000000000..4f2d5895cc78 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/social-engineer-toolkit/default.nix @@ -0,0 +1,70 @@ +{ lib, fetchFromGitHub, python3Packages, makeWrapper, metasploit }: + +python3Packages.buildPythonApplication rec { + pname = "social-engineer-toolkit"; + version = "8.0.3"; + format = "other"; + + src = fetchFromGitHub { + owner = "trustedsec"; + repo = pname; + rev = version; + sha256 = "ePbmUvnzLO0Wfuhym3bNSPV1x8rcCPqKMeWSRcbJGAo="; + }; + + postPatch = '' + substituteInPlace setoolkit \ + --replace "src/core/config.baseline" "$out/share/social-engineer-toolkit/src/core/config.baseline" + substituteInPlace src/core/setcore.py \ + --replace '"src/core/set.version"' "\"$out/share/social-engineer-toolkit/src/core/set.version\"" \ + --replace "/opt/metasploit-framework" "${metasploit}/bin" + ''; + + nativeBuildInputs = [ + makeWrapper + ]; + + propagatedBuildInputs = with python3Packages; [ + pexpect + pycrypto + requests + pyopenssl + pefile + impacket + qrcode + pillow + # Has been abandoned upstream. Features using this library are broken + # pymssql + ]; + + installPhase = '' + runHook preInstall + + install -Dt $out/bin setoolkit seautomate seproxy + mkdir -p $out/share/social-engineer-toolkit + cp -r modules readme src $out/share/social-engineer-toolkit/ + + runHook postInstall + ''; + + makeWrapperArgs = [ + "--chdir ${placeholder "out"}/share/social-engineer-toolkit" + "--prefix PYTHONPATH : \"${placeholder "out"}/share/social-engineer-toolkit\"" + ]; + + # Project has no tests + doCheck = false; + + meta = with lib; { + description = "Open-source penetration testing framework designed for social engineering"; + longDescription = '' + The Social-Engineer Toolkit is an open-source penetration testing framework + designed for social engineering. SET has a number of custom attack vectors + that allow you to make a believable attack quickly. + ''; + homepage = "https://github.com/trustedsec/social-engineer-toolkit"; + mainProgram = "setoolkit"; + license = licenses.bsd3; + maintainers = with maintainers; [ emilytrau ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/softhsm/default.nix b/nixpkgs/pkgs/tools/security/softhsm/default.nix new file mode 100644 index 000000000000..648a4bc6515b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/softhsm/default.nix @@ -0,0 +1,45 @@ +{ lib, stdenv, fetchurl, botan2, libobjc, Security }: + +stdenv.mkDerivation rec { + + pname = "softhsm"; + version = "2.6.1"; + + src = fetchurl { + url = "https://dist.opendnssec.org/source/${pname}-${version}.tar.gz"; + hash = "sha256-YSSUcwVLzRgRUZ75qYmogKe9zDbTF8nCVFf8YU30dfI="; + }; + + configureFlags = [ + "--with-crypto-backend=botan" + "--with-botan=${lib.getDev botan2}" + "--sysconfdir=$out/etc" + "--localstatedir=$out/var" + ]; + + propagatedBuildInputs = + lib.optionals stdenv.isDarwin [ libobjc Security ]; + + buildInputs = [ botan2 ]; + + postInstall = "rm -rf $out/var"; + + meta = with lib; { + homepage = "https://www.opendnssec.org/softhsm"; + description = "Cryptographic store accessible through a PKCS #11 interface"; + longDescription = " + SoftHSM provides a software implementation of a generic + cryptographic device with a PKCS#11 interface, which is of + course especially useful in environments where a dedicated hardware + implementation of such a device - for instance a Hardware + Security Module (HSM) or smartcard - is not available. + + SoftHSM follows the OASIS PKCS#11 standard, meaning it should be + able to work with many cryptographic products. SoftHSM is a + programme of The Commons Conservancy. + "; + license = licenses.bsd2; + maintainers = [ maintainers.leenaars ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/solo2-cli/default.nix b/nixpkgs/pkgs/tools/security/solo2-cli/default.nix new file mode 100644 index 000000000000..1580b946e71e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/solo2-cli/default.nix @@ -0,0 +1,51 @@ +{ lib +, stdenv +, rustPlatform +, fetchFromGitHub +, installShellFiles +, pkg-config +, pcsclite +, udev +, PCSC +, IOKit +, CoreFoundation +, AppKit +}: + +rustPlatform.buildRustPackage rec { + pname = "solo2-cli"; + version = "0.2.2"; + + src = fetchFromGitHub { + owner = "solokeys"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-7tpO5ir42mIKJXD0NJzEPXi/Xe6LdyEeBQWNfOdgX5I="; + }; + + cargoHash = "sha256-X+IEeztSL312Yq9Loi3cNJuVfSGk/tRRBCsy0Juji7Y="; + + nativeBuildInputs = [ installShellFiles pkg-config ]; + + buildInputs = [ ] + ++ lib.optionals stdenv.isLinux [ pcsclite udev ] + ++ lib.optionals stdenv.isDarwin [ PCSC IOKit CoreFoundation AppKit ]; + + postInstall = '' + install -D 70-solo2.rules $out/lib/udev/rules.d/70-solo2.rules + installShellCompletion target/*/release/solo2.{bash,fish} + installShellCompletion --zsh target/*/release/_solo2 + ''; + + doCheck = true; + + buildFeatures = [ "cli" ]; + + meta = with lib; { + description = "A CLI tool for managing SoloKeys' Solo2 USB security keys."; + homepage = "https://github.com/solokeys/solo2-cli"; + license = with licenses; [ asl20 mit ]; # either at your option + maintainers = with maintainers; [ lukegb ]; + mainProgram = "solo2"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sonar-scanner-cli/default.nix b/nixpkgs/pkgs/tools/security/sonar-scanner-cli/default.nix new file mode 100644 index 000000000000..553019299ba7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sonar-scanner-cli/default.nix @@ -0,0 +1,47 @@ +{ stdenv, lib, fetchurl, unzip, jre }: + +let + + version = "4.7.0.2747"; + + sonarScannerArchPackage = { + "x86_64-linux" = { + url = "https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${version}-linux.zip"; + sha256 = "0qy97lcn9nfwg0x32v9x5kh5jswnjyw3wpvxj45z7cddlj2is4iy"; + }; + "x86_64-darwin" = { + url = "https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${version}-macosx.zip"; + sha256 = "0f8km7wqkw09g01l03kcrjgvq7b6xclzpvb5r64ymsmrc39p0ylp"; + }; + }; + +in stdenv.mkDerivation rec { + inherit version; + pname = "sonar-scanner-cli"; + + src = fetchurl sonarScannerArchPackage.${stdenv.hostPlatform.system}; + + nativeBuildInputs = [ unzip ]; + + installPhase = '' + mkdir -p $out/lib + cp -r lib/* $out/lib/ + mkdir -p $out/bin + cp bin/* $out/bin/ + mkdir -p $out/conf + cp conf/* $out/conf/ + ''; + + fixupPhase = '' + substituteInPlace $out/bin/sonar-scanner \ + --replace "\$sonar_scanner_home/jre" "${lib.getBin jre}" + ''; + + meta = with lib; { + homepage = "https://github.com/SonarSource/sonar-scanner-cli"; + description = "SonarQube Scanner used to start code analysis"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ peterromfeldhk ]; + platforms = builtins.attrNames sonarScannerArchPackage; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sops/default.nix b/nixpkgs/pkgs/tools/security/sops/default.nix new file mode 100644 index 000000000000..6a1dc84fe11f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sops/default.nix @@ -0,0 +1,27 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "sops"; + version = "3.8.1"; + + src = fetchFromGitHub { + owner = "getsops"; + repo = pname; + rev = "v${version}"; + hash = "sha256-4K09wLV1+TvYTtvha6YyGhjlhEldWL1eVazNwcEhi3Q="; + }; + + vendorHash = "sha256-iRgLspYhwSVuL0yarPdjXCKfjK7TGDZeQCOcIYtNvzA="; + + subPackages = [ "cmd/sops" ]; + + ldflags = [ "-s" "-w" "-X github.com/getsops/sops/v3/version.Version=${version}" ]; + + meta = with lib; { + homepage = "https://github.com/getsops/sops"; + description = "Simple and flexible tool for managing secrets"; + changelog = "https://github.com/getsops/sops/blob/v${version}/CHANGELOG.rst"; + maintainers = [ maintainers.marsam ]; + license = licenses.mpl20; + }; +} diff --git a/nixpkgs/pkgs/tools/security/spectre-cli/default.nix b/nixpkgs/pkgs/tools/security/spectre-cli/default.nix new file mode 100644 index 000000000000..f06365de90b5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/spectre-cli/default.nix @@ -0,0 +1,73 @@ +{ lib +, stdenv +, fetchFromGitLab +, cmake +, libsodium +, json_c +, ncurses +, libxml2 +, jq +}: + +stdenv.mkDerivation rec { + pname = "spectre-cli"; + version = "unstable-2022-02-05"; + + src = fetchFromGitLab { + owner = "spectre.app"; + repo = "cli"; + rev = "a5e7aab28f44b90e5bd1204126339a81f64942d2"; + sha256 = "1hp4l1rhg7bzgx0hcai08rvcy6l9645sfngy2cr96l1bpypcld5i"; + fetchSubmodules = true; + }; + + nativeBuildInputs = [ + cmake + libxml2 + jq + ]; + + buildInputs = [ + libsodium + json_c + ncurses + ]; + + cmakeFlags = [ + "-DBUILD_SPECTRE_TESTS=ON" + ]; + + preConfigure = '' + echo "${version}" > VERSION + + # The default buildPhase wants to create a ´build´ dir so we rename the build script to stop conflicts. + mv build build.sh + ''; + + # Some tests are expected to fail on ARM64 + # See: https://gitlab.com/spectre.app/cli/-/issues/27#note_962950844 + doCheck = !(stdenv.isLinux && stdenv.isAarch64); + + checkPhase = '' + mv ../spectre-cli-tests ../spectre_tests.xml ./ + patchShebangs spectre-cli-tests + export HOME=$(mktemp -d) + + ./spectre-tests + ./spectre-cli-tests + ''; + + installPhase = '' + mkdir -p $out/bin + mv spectre $out/bin + ''; + + meta = with lib; { + description = "A stateless cryptographic identity algorithm"; + homepage = "https://spectre.app"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ emmabastas ]; + mainProgram = "spectre"; + platforms = platforms.all; + }; +} diff --git a/nixpkgs/pkgs/tools/security/spectre-meltdown-checker/default.nix b/nixpkgs/pkgs/tools/security/spectre-meltdown-checker/default.nix new file mode 100644 index 000000000000..529da4557915 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/spectre-meltdown-checker/default.nix @@ -0,0 +1,44 @@ +{ lib +, stdenv +, fetchFromGitHub +, makeBinaryWrapper +, coreutils +, binutils-unwrapped +}: + +stdenv.mkDerivation (finalAttrs: { + pname = "spectre-meltdown-checker"; + version = "0.46"; + + src = fetchFromGitHub { + owner = "speed47"; + repo = "spectre-meltdown-checker"; + rev = "v${finalAttrs.version}"; + hash = "sha256-M4ngdtp2esZ+CSqZAiAeOnKtaK8Ra+TmQfMsr5q5gkg="; + }; + + prePatch = '' + substituteInPlace spectre-meltdown-checker.sh \ + --replace /bin/echo ${coreutils}/bin/echo + ''; + + nativeBuildInputs = [ makeBinaryWrapper ]; + + installPhase = '' + runHook preInstall + + install -Dm755 spectre-meltdown-checker.sh $out/bin/spectre-meltdown-checker + wrapProgram $out/bin/spectre-meltdown-checker \ + --prefix PATH : ${lib.makeBinPath [ binutils-unwrapped ]} + + runHook postInstall + ''; + + meta = { + description = "Spectre & Meltdown vulnerability/mitigation checker for Linux"; + homepage = "https://github.com/speed47/spectre-meltdown-checker"; + license = lib.licenses.gpl3; + maintainers = [ lib.maintainers.dotlambda ]; + platforms = lib.platforms.linux; + }; +}) diff --git a/nixpkgs/pkgs/tools/security/spire/default.nix b/nixpkgs/pkgs/tools/security/spire/default.nix new file mode 100644 index 000000000000..13e42efa7888 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/spire/default.nix @@ -0,0 +1,37 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "spire"; + version = "1.7.2"; + + outputs = [ "out" "agent" "server" ]; + + src = fetchFromGitHub { + owner = "spiffe"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-3D7TlL4SulLAqpVIMJ4Yl2OWnNsMYMLVJqgGhOYMiio="; + }; + + vendorHash = "sha256-Vct++sjkkosBOY0Uho58MHSQoL5121kYbQTf1j+HFUk="; + + subPackages = [ "cmd/spire-agent" "cmd/spire-server" ]; + + # Usually either the agent or server is needed for a given use case, but not both + postInstall = '' + mkdir -vp $agent/bin $server/bin + mv -v $out/bin/spire-agent $agent/bin/ + mv -v $out/bin/spire-server $server/bin/ + + ln -vs $agent/bin/spire-agent $out/bin/spire-agent + ln -vs $server/bin/spire-server $out/bin/spire-server + ''; + + meta = with lib; { + description = "The SPIFFE Runtime Environment"; + homepage = "https://github.com/spiffe/spire"; + changelog = "https://github.com/spiffe/spire/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ jonringer fkautz ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/spyre/default.nix b/nixpkgs/pkgs/tools/security/spyre/default.nix new file mode 100644 index 000000000000..3ec659373c7b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/spyre/default.nix @@ -0,0 +1,51 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, fetchpatch +, pkg-config +, yara +}: + +buildGoModule rec { + pname = "spyre"; + version = "1.2.5"; + + src = fetchFromGitHub { + owner = "spyre-project"; + repo = pname; + rev = "v${version}"; + hash = "sha256-wlGZTMCJE6Ki5/6R6J9EJP06/S125BNNd/jNPYGwKNw="; + }; + + patches = [ + # The following two patches come from https://github.com/spyre-project/spyre/pull/75 + # and improve Darwin support. + (fetchpatch { + name = "syscall-to-x-sys-unix.patch"; + url = "https://github.com/spyre-project/spyre/commit/8f08daf030c847de453613eb2eb1befdb7300921.patch"; + hash = "sha256-oy8Y85IubJVQrt0kmGA1hidZapgCw2aB6F/gT7uQ6KA="; + }) + (fetchpatch { + name = "darwin-skip-dir.patch"; + url = "https://github.com/spyre-project/spyre/commit/12dea550bc4f3275f8f406c19216ad140733a6af.patch"; + hash = "sha256-BXLGOshyGnllbkvsbbmdnqvRHwycrjI52oGWBoXXgL0="; + }) + ]; + + vendorHash = "sha256-aoeAnyFotKWWaRZQsgQPwwmhih/1zfL9eBV/2r1VPBM="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + yara + ]; + + meta = with lib; { + description = "YARA-based IOC scanner"; + homepage = "https://github.com/spyre-project/spyre"; + license = with licenses; [ lgpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/srm/default.nix b/nixpkgs/pkgs/tools/security/srm/default.nix new file mode 100644 index 000000000000..ba776b8af3e3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/srm/default.nix @@ -0,0 +1,26 @@ +{ lib, stdenv, fetchurl }: + +stdenv.mkDerivation rec { + pname = "srm"; + version = "1.2.15"; + + src = fetchurl { + url = "mirror://sourceforge/project/srm/${version}/srm-${version}.tar.gz"; + sha256 = "10sjarhprs6s4zandndg720528rcnd4xk8dl48pjj7li1q9c30vm"; + }; + + meta = with lib; { + description = "Delete files securely"; + longDescription = '' + srm (secure rm) is a command-line compatible rm(1) which + overwrites file contents before unlinking. The goal is to + provide drop in security for users who wish to prevent recovery + of deleted information, even if the machine is compromised. + ''; + homepage = "https://srm.sourceforge.net"; + license = licenses.mit; + maintainers = with maintainers; [ edwtjo ]; + platforms = platforms.unix; + }; + +} diff --git a/nixpkgs/pkgs/tools/security/ssb/default.nix b/nixpkgs/pkgs/tools/security/ssb/default.nix new file mode 100644 index 000000000000..725f72e6c7cf --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ssb/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "ssb"; + version = "0.1.1"; + + src = fetchFromGitHub { + owner = "kitabisa"; + repo = pname; + rev = "v${version}"; + sha256 = "0dkd02l30461cwn5hsssnjyb9s8ww179wll3l7z5hy1hv3x6h9g1"; + }; + + vendorHash = null; + + meta = with lib; { + description = "Tool to bruteforce SSH server"; + homepage = "https://github.com/kitabisa/ssb"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + broken = true; # vendor isn't reproducible with go > 1.17: nix-build -A $name.goModules --check + }; +} diff --git a/nixpkgs/pkgs/tools/security/ssdeep/default.nix b/nixpkgs/pkgs/tools/security/ssdeep/default.nix new file mode 100644 index 000000000000..7647246369ff --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ssdeep/default.nix @@ -0,0 +1,28 @@ +{ lib, stdenv, fetchFromGitHub, autoreconfHook }: + +stdenv.mkDerivation rec { + pname = "ssdeep"; + version = "2.14.1"; + + src = fetchFromGitHub { + owner = "ssdeep-project"; + repo = "ssdeep"; + rev = "release-${version}"; + sha256 = "1yx6yjkggshw5yl89m4kvyzarjdg2l3hs0bbjbrfzwp1lkfd8i0c"; + }; + + nativeBuildInputs = [ autoreconfHook ]; + + # remove forbidden references to $TMPDIR + preFixup = lib.optionalString stdenv.isLinux '' + patchelf --shrink-rpath --allowed-rpath-prefixes "$NIX_STORE" "$out"/bin/* + ''; + + meta = { + description = "A program for calculating fuzzy hashes"; + homepage = "http://www.ssdeep.sf.net"; + license = lib.licenses.gpl2; + platforms = lib.platforms.unix; + maintainers = [ lib.maintainers.thoughtpolice ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ssh-audit/default.nix b/nixpkgs/pkgs/tools/security/ssh-audit/default.nix new file mode 100644 index 000000000000..2a4abc11ea7b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ssh-audit/default.nix @@ -0,0 +1,30 @@ +{ lib +, fetchFromGitHub +, python3Packages +}: + +python3Packages.buildPythonApplication rec { + pname = "ssh-audit"; + version = "3.0.0"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "jtesta"; + repo = pname; + rev = "refs/tags/v${version}"; + sha256 = "sha256-+v+DLZPDC5uffTIJPzMvY/nLoy7BGiAsTddjNZZhTpo="; + }; + + nativeCheckInputs = with python3Packages; [ + pytestCheckHook + ]; + + meta = with lib; { + description = "Tool for ssh server auditing"; + homepage = "https://github.com/jtesta/ssh-audit"; + changelog = "https://github.com/jtesta/ssh-audit/releases/tag/v${version}"; + license = licenses.mit; + platforms = platforms.all; + maintainers = with maintainers; [ tv SuperSandro2000 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ssh-mitm/default.nix b/nixpkgs/pkgs/tools/security/ssh-mitm/default.nix new file mode 100644 index 000000000000..9d40f86354b5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ssh-mitm/default.nix @@ -0,0 +1,61 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +let + py = python3.override { + packageOverrides = self: super: { + paramiko = super.paramiko.overridePythonAttrs (oldAttrs: rec { + version = "3.1.0"; + src = oldAttrs.src.override { + inherit version; + hash = "sha256-aVD6ymgZrNMhnUrmlKI8eofuONCE9wwXJLDA27i3V2k="; + }; + patches = [ ]; + propagatedBuildInputs = oldAttrs.propagatedBuildInputs ++ [ python3.pkgs.icecream ]; + }); + }; + }; +in +with py.pkgs; + +buildPythonApplication rec { + pname = "ssh-mitm"; + version = "3.0.2"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = pname; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-koV7g6ZmrrXk60rrDP8BwrDZk3shiyJigQgNcb4BASE="; + }; + + propagatedBuildInputs = [ + argcomplete + colored + packaging + paramiko + pytz + pyyaml + rich + setuptools + sshpubkeys + ]; + + # Module has no tests + doCheck = false; + + pythonImportsCheck = [ + "sshmitm" + ]; + + meta = with lib; { + description = "Tool for SSH security audits"; + homepage = "https://github.com/ssh-mitm/ssh-mitm"; + changelog = "https://github.com/ssh-mitm/ssh-mitm/blob/${version}/CHANGELOG.md"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ssh-to-age/default.nix b/nixpkgs/pkgs/tools/security/ssh-to-age/default.nix new file mode 100644 index 000000000000..90ea4c9b7eb5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ssh-to-age/default.nix @@ -0,0 +1,31 @@ +{ lib, fetchFromGitHub, buildGoModule }: + +buildGoModule rec { + pname = "ssh-to-age"; + version = "1.1.6"; + + src = fetchFromGitHub { + owner = "Mic92"; + repo = "ssh-to-age"; + rev = version; + sha256 = "sha256-cYSrosDFdueEJPQdDYCMObMPwQTvuXUBHXPO0rhehxk="; + }; + + vendorHash = "sha256-dmxFkoz/2qyUv2/I8bLFTYAfUcYdHjVYQgmg8xleIxA="; + + checkPhase = '' + runHook preCheck + go test ./... + runHook postCheck + ''; + + doCheck = true; + + meta = with lib; { + description = "Convert ssh private keys in ed25519 format to age keys"; + homepage = "https://github.com/Mic92/ssh-to-age"; + license = licenses.mit; + maintainers = with maintainers; [ mic92 ]; + mainProgram = "ssh-to-age"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ssh-to-pgp/default.nix b/nixpkgs/pkgs/tools/security/ssh-to-pgp/default.nix new file mode 100644 index 000000000000..29d3c82ac209 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ssh-to-pgp/default.nix @@ -0,0 +1,29 @@ +{ lib, fetchFromGitHub, buildGoModule, gnupg }: + +buildGoModule rec { + pname = "ssh-to-pgp"; + version = "1.1.0"; + + src = fetchFromGitHub { + owner = "Mic92"; + repo = "ssh-to-pgp"; + rev = version; + sha256 = "sha256-3R/3YPYLdirK3QtiRNO2tpJRO2DKgN+K4txb9xwnQvQ="; + }; + + vendorHash = "sha256-RCz2+IZdgmPnEakKxn/C3zFfRyWnMLB51Nm8VGOxBkc="; + + nativeCheckInputs = [ gnupg ]; + checkPhase = '' + HOME=$TMPDIR go test . + ''; + + doCheck = true; + + meta = with lib; { + description = "Convert ssh private keys to PGP"; + homepage = "https://github.com/Mic92/ssh-to-pgp"; + license = licenses.mit; + maintainers = with maintainers; [ mic92 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sshchecker/default.nix b/nixpkgs/pkgs/tools/security/sshchecker/default.nix new file mode 100644 index 000000000000..6ed76d0dd4e2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sshchecker/default.nix @@ -0,0 +1,29 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "sshchecker"; + version = "1.0"; + + src = fetchFromGitHub { + owner = "lazytools"; + repo = pname; + rev = "v${version}"; + hash = "sha256-QMc64ynPLHQGsmDOsoChgmqmpRDyMYmmSAPwAEFBK40="; + }; + + vendorHash = "sha256-U5nZbo2iSKP3BnxT4lkR75QutcxZB5YLzXxT045TDaY="; + + meta = with lib; { + description = "Dedicated SSH brute-forcing tool"; + longDescription = '' + sshchecker is a fast dedicated SSH brute-forcing tool to check + SSH login on the giving IP list. + ''; + homepage = "https://github.com/lazytools/sshchecker"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sshguard/default.nix b/nixpkgs/pkgs/tools/security/sshguard/default.nix new file mode 100644 index 000000000000..18e93023d779 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sshguard/default.nix @@ -0,0 +1,29 @@ +{ lib, stdenv, fetchurl, autoreconfHook, bison, flex}: + +stdenv.mkDerivation rec { + version = "2.4.3"; + pname = "sshguard"; + + src = fetchurl { + url = "mirror://sourceforge/sshguard/${pname}-${version}.tar.gz"; + sha256 = "sha256-ZAKd7/bekP3u+x9JfUFPDkBFB2aTqR2hpw63WV6X7+s="; + }; + + doCheck = true; + + nativeBuildInputs = [ autoreconfHook bison flex ]; + + configureFlags = [ "--sysconfdir=/etc" ]; + + meta = with lib; { + description = "Protects hosts from brute-force attacks"; + longDescription = '' + SSHGuard can read log messages from various input sources. Log messages are parsed, line-by-line, for recognized patterns. + If an attack, such as several login failures within a few seconds, is detected, the offending IP is blocked. + ''; + homepage = "https://sshguard.net"; + license = licenses.bsd3; + maintainers = with maintainers; [ sargon ]; + platforms = with platforms; linux ++ darwin ++ freebsd ++ netbsd ++ openbsd; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sshocker/default.nix b/nixpkgs/pkgs/tools/security/sshocker/default.nix new file mode 100644 index 000000000000..bb8177ea3878 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sshocker/default.nix @@ -0,0 +1,32 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "sshocker"; + version = "0.3.4"; + + src = fetchFromGitHub { + owner = "lima-vm"; + repo = "sshocker"; + rev = "refs/tags/v${version}"; + hash = "sha256-IDbGRQSLQlT4lt2bextGYB4fJfbpLhPx3JF1eYDJ6gw="; + }; + + vendorHash = "sha256-kee5D80RjCVosts/Jd6WuvtiK/J5+79HsM5ITHs15xc="; + + ldflags = [ + "-s" + "-w" + "-X=github.com/lima-vm/sshocker/pkg/version.Version=${version}" + ]; + + meta = with lib; { + description = "Tool for SSH, reverse sshfs and port forwarder"; + homepage = "https://github.com/lima-vm/sshocker"; + changelog = "https://github.com/lima-vm/sshocker/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sshuttle/default.nix b/nixpkgs/pkgs/tools/security/sshuttle/default.nix new file mode 100644 index 000000000000..8a92dbceb184 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sshuttle/default.nix @@ -0,0 +1,63 @@ +{ lib +, stdenv +, python3Packages +, fetchPypi +, installShellFiles +, makeWrapper +, sphinx +, coreutils +, iptables +, nettools +, openssh +, procps +}: + +python3Packages.buildPythonApplication rec { + pname = "sshuttle"; + version = "1.1.1"; + + src = fetchPypi { + inherit pname version; + sha256 = "sha256-9aPtHlqxITx6bfhgr0HxqQOrLK+/73Hzcazc/yHmnuY="; + }; + + patches = [ ./sudo.patch ]; + + postPatch = '' + substituteInPlace setup.cfg \ + --replace '--cov=sshuttle --cov-branch --cov-report=term-missing' "" + ''; + + nativeBuildInputs = [ + installShellFiles + makeWrapper + python3Packages.setuptools-scm + sphinx + ]; + + nativeCheckInputs = with python3Packages; [ pytestCheckHook ]; + + postBuild = '' + make man -C docs + ''; + + postInstall = '' + installManPage docs/_build/man/* + + wrapProgram $out/bin/sshuttle \ + --prefix PATH : "${lib.makeBinPath ([ coreutils openssh procps ] ++ lib.optionals stdenv.isLinux [ iptables nettools ])}" \ + ''; + + meta = with lib; { + description = "Transparent proxy server that works as a poor man's VPN"; + longDescription = '' + Forward connections over SSH, without requiring administrator access to the + target network (though it does require Python 2.7, Python 3.5 or later at both ends). + Works with Linux and Mac OS and supports DNS tunneling. + ''; + homepage = "https://github.com/sshuttle/sshuttle"; + changelog = "https://github.com/sshuttle/sshuttle/blob/v${version}/CHANGES.rst"; + license = licenses.lgpl21Plus; + maintainers = with maintainers; [ domenkozar carlosdagos ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sshuttle/sudo.patch b/nixpkgs/pkgs/tools/security/sshuttle/sudo.patch new file mode 100644 index 000000000000..d00aab087948 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sshuttle/sudo.patch @@ -0,0 +1,13 @@ +diff --git a/sshuttle/client.py b/sshuttle/client.py +index cab5b1c..e89f8a6 100644 +--- a/sshuttle/client.py ++++ b/sshuttle/client.py +@@ -192,7 +192,7 @@ class FirewallClient: + + self.auto_nets = [] + +- argvbase = ([sys.executable, sys.argv[0]] + ++ argvbase = ([sys.argv[0]] + + ['-v'] * (helpers.verbose or 0) + + ['--method', method_name] + + ['--firewall']) diff --git a/nixpkgs/pkgs/tools/security/sslscan/default.nix b/nixpkgs/pkgs/tools/security/sslscan/default.nix new file mode 100644 index 000000000000..55207b1231f4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sslscan/default.nix @@ -0,0 +1,29 @@ +{ lib +, stdenv +, fetchFromGitHub +, openssl +}: + +stdenv.mkDerivation rec { + pname = "sslscan"; + version = "2.1.1"; + + src = fetchFromGitHub { + owner = "rbsec"; + repo = "sslscan"; + rev = "refs/tags/${version}"; + hash = "sha256-AsOuNJ5adI7/8A6siK4MzLtpBstsU7JxX1d6WWVJHAY="; + }; + + buildInputs = [ openssl ]; + + makeFlags = [ "PREFIX=$(out)" "CC=${stdenv.cc.targetPrefix}cc" ]; + + meta = with lib; { + description = "Tests SSL/TLS services and discover supported cipher suites"; + homepage = "https://github.com/rbsec/sslscan"; + changelog = "https://github.com/rbsec/sslscan/blob/${version}/Changelog"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fpletz globin ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ssss/default.nix b/nixpkgs/pkgs/tools/security/ssss/default.nix new file mode 100644 index 000000000000..61d10111120e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ssss/default.nix @@ -0,0 +1,45 @@ +{ lib +, stdenv +, fetchFromGitHub +, gmp +, installShellFiles +}: + +stdenv.mkDerivation rec { + pname = "ssss"; + version = "0.5.7"; + + src = fetchFromGitHub { + owner = "MrJoy"; + repo = pname; + rev = "releases%2Fv${version}"; + sha256 = "18r1hwch6nq6gjijavr4pvrxz2plrlrvdx8ssqhdj2vmqvlqwbvd"; + }; + + nativeBuildInputs = [ + installShellFiles + ]; + + buildInputs = [ + gmp + ]; + + preBuild = '' + sed -e s@/usr/@$out/@g -i Makefile + cp ssss.manpage.xml ssss.1 + mkdir -p $out/bin + echo -e 'install:\n\tcp ssss-combine ssss-split '"$out"'/bin' >>Makefile + ''; + + postInstall = '' + installManPage ssss.1 + ''; + + meta = with lib; { + description = "Shamir Secret Sharing Scheme"; + homepage = "http://point-at-infinity.org/ssss/"; + license = licenses.gpl2Plus; + platforms = platforms.unix; + maintainers = with maintainers; [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/stacs/default.nix b/nixpkgs/pkgs/tools/security/stacs/default.nix new file mode 100644 index 000000000000..672cd082849c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/stacs/default.nix @@ -0,0 +1,42 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "stacs"; + version = "0.2.0"; + + src = fetchFromGitHub { + owner = "stacscan"; + repo = pname; + rev = version; + sha256 = "00ZYdpJktqUXdzPcouHyZcOQyFm7jdFNVuDqsufOviE="; + }; + + nativeBuildInputs = with python3.pkgs; [ + setupmeta + ]; + + propagatedBuildInputs = with python3.pkgs; [ + click + pydantic + typing-extensions + yara-python + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "stacs" + ]; + + meta = with lib; { + description = "Static token and credential scanner"; + homepage = "https://github.com/stacscan/stacs"; + license = with licenses; [ bsd3 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/stegseek/default.nix b/nixpkgs/pkgs/tools/security/stegseek/default.nix new file mode 100644 index 000000000000..f898b5eab0e6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/stegseek/default.nix @@ -0,0 +1,44 @@ +{ lib, stdenv +, cmake +, fetchFromGitHub +, libjpeg +, libmcrypt +, libmhash +, libtool +, zlib +}: + +stdenv.mkDerivation rec { + pname = "stegseek"; + version = "0.6"; + + src = fetchFromGitHub { + owner = "RickdeJager"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-B5oJffYOYfsH0YRq/Bq0ciIlCsCONyScFBjP7a1lIzo="; + }; + + nativeBuildInputs = [ cmake ]; + + buildInputs = [ + libjpeg + libmcrypt + libmhash + libtool + zlib + ]; + + doCheck = true; + + meta = with lib; { + description = "Tool to crack steganography"; + longDescription = '' + Stegseek is a lightning fast steghide cracker that can be + used to extract hidden data from files. + ''; + homepage = "https://github.com/RickdeJager/stegseek"; + license = with licenses; [ gpl2Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/step-ca/default.nix b/nixpkgs/pkgs/tools/security/step-ca/default.nix new file mode 100644 index 000000000000..7e149ad143bf --- /dev/null +++ b/nixpkgs/pkgs/tools/security/step-ca/default.nix @@ -0,0 +1,62 @@ +{ stdenv +, lib +, fetchFromGitHub +, buildGoModule +, coreutils +, pcsclite +, PCSC +, pkg-config +, hsmSupport ? true +, nixosTests +}: + +buildGoModule rec { + pname = "step-ca"; + version = "0.25.0"; + + src = fetchFromGitHub { + owner = "smallstep"; + repo = "certificates"; + rev = "refs/tags/v${version}"; + hash = "sha256-CO9Qjx4D6qNGjOdva88KRCJOQq85r5U5nwmXC1G94dY="; + }; + + vendorHash = "sha256-Weq8sS+8gsfdoVSBDm8E2DCrngfNsolqQR2/yd9etPo="; + + ldflags = [ "-buildid=" ]; + + nativeBuildInputs = lib.optionals hsmSupport [ pkg-config ]; + + buildInputs = + lib.optionals (hsmSupport && stdenv.isLinux) [ pcsclite ] + ++ lib.optionals (hsmSupport && stdenv.isDarwin) [ PCSC ]; + + postPatch = '' + substituteInPlace systemd/step-ca.service --replace "/bin/kill" "${coreutils}/bin/kill" + ''; + + preBuild = '' + ${lib.optionalString (!hsmSupport) "export CGO_ENABLED=0"} + ''; + + postInstall = '' + install -Dm444 -t $out/lib/systemd/system systemd/step-ca.service + ''; + + # Tests start http servers which need to bind to local addresses: + # panic: httptest: failed to listen on a port: listen tcp6 [::1]:0: bind: operation not permitted + __darwinAllowLocalNetworking = true; + # Tests need to run in a reproducible order, otherwise they run unreliably on + # (at least) x86_64-linux. + checkFlags = [ "-p 1" ]; + + passthru.tests.step-ca = nixosTests.step-ca; + + meta = with lib; { + description = "A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH"; + homepage = "https://smallstep.com/certificates/"; + changelog = "https://github.com/smallstep/certificates/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ cmcdragonkai mohe2015 techknowlogick ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/step-cli/default.nix b/nixpkgs/pkgs/tools/security/step-cli/default.nix new file mode 100644 index 000000000000..040c25b65c3f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/step-cli/default.nix @@ -0,0 +1,39 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "step-cli"; + version = "0.25.0"; + + src = fetchFromGitHub { + owner = "smallstep"; + repo = "cli"; + rev = "refs/tags/v${version}"; + hash = "sha256-8sMF7KSrHyApdXZ3Oy4KogEqd6R8KlQVkqIcvYQBPJY="; + }; + + ldflags = [ + "-w" + "-s" + "-X main.Version=${version}" + ]; + + preCheck = '' + # Tries to connect to smallstep.com + rm command/certificate/remote_test.go + ''; + + vendorHash = "sha256-c+2mOAMdGcqeL7zAURso3XVcnb93HNS/i6c63kiIHKU="; + + meta = with lib; { + description = "A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc"; + homepage = "https://smallstep.com/cli/"; + changelog = "https://github.com/smallstep/cli/blob/v${version}/CHANGELOG.md"; + license = licenses.asl20; + maintainers = with maintainers; [ xfix ]; + platforms = platforms.linux ++ platforms.darwin; + mainProgram = "step"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/step-kms-plugin/default.nix b/nixpkgs/pkgs/tools/security/step-kms-plugin/default.nix new file mode 100644 index 000000000000..66413b1798ac --- /dev/null +++ b/nixpkgs/pkgs/tools/security/step-kms-plugin/default.nix @@ -0,0 +1,53 @@ +{ stdenv +, lib +, buildGoModule +, fetchFromGitHub +, pkg-config +, pcsclite +, softhsm +, opensc +, yubihsm-shell +}: + +buildGoModule rec { + pname = "step-kms-plugin"; + version = "0.9.1"; + + src = fetchFromGitHub { + owner = "smallstep"; + repo = pname; + rev = "v${version}"; + hash = "sha256-pbSv3qTQkeYWtg5HKu9kUIWYw6t6yKKA4GQuiwGEPD8="; + }; + + vendorHash = "sha256-hb1Nn/+PVhhBByQ8I9MuUEd5di5jEZVMtSpm0+qBXQk="; + + proxyVendor = true; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + opensc + pcsclite + softhsm + yubihsm-shell + ]; + + ldflags = [ + "-w" + "-s" + "-X github.com/smallstep/step-kms-plugin/cmd.Version=${version}" + ]; + + meta = with lib; { + description = "step plugin to manage keys and certificates on cloud KMSs and HSMs"; + homepage = "https://smallstep.com/cli/"; + license = licenses.asl20; + maintainers = with maintainers; [ qbit ]; + mainProgram = "step-kms-plugin"; + # can't find pcsclite header files + broken = stdenv.isDarwin; + }; +} diff --git a/nixpkgs/pkgs/tools/security/stoken/default.nix b/nixpkgs/pkgs/tools/security/stoken/default.nix new file mode 100644 index 000000000000..526caf44d679 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/stoken/default.nix @@ -0,0 +1,44 @@ +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, pkg-config +, libxml2 +, nettle +, withGTK3 ? true +, gtk3 +}: + +stdenv.mkDerivation rec { + pname = "stoken"; + version = "0.93"; + + src = fetchFromGitHub { + owner = "cernekee"; + repo = "stoken"; + rev = "v${version}"; + hash = "sha256-8N7TXdBu37eXWIKCBdaXVW0pvN094oRWrdlcy9raddI="; + }; + + strictDeps = true; + + nativeBuildInputs = [ + autoreconfHook + pkg-config + ]; + + buildInputs = [ + libxml2 + nettle + ] ++ lib.optionals withGTK3 [ + gtk3 + ]; + + meta = with lib; { + description = "Software Token for Linux/UNIX"; + homepage = "https://github.com/cernekee/stoken"; + license = licenses.lgpl21Plus; + maintainers = [ ]; + platforms = platforms.all; + }; +} diff --git a/nixpkgs/pkgs/tools/security/stricat/default.nix b/nixpkgs/pkgs/tools/security/stricat/default.nix new file mode 100644 index 000000000000..bdd7d18923f1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/stricat/default.nix @@ -0,0 +1,26 @@ +{ lib, stdenv, fetchurl }: + +stdenv.mkDerivation rec { + pname = "stricat"; + version = "20140609100300"; + + src = fetchurl { + url = "http://www.stribob.com/dist/${pname}-${version}.tgz"; + sha256 = "1axg8r4g5n5kdqj5013pgck80nni3z172xkg506vz4zx1zcmrm4r"; + }; + + buildFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ]; + + installPhase = '' + mkdir -p $out/bin + mv stricat $out/bin + ''; + + meta = { + description = "Multi-use cryptographic tool based on the STRIBOB algorithm"; + homepage = "https://www.stribob.com/stricat/"; + license = lib.licenses.bsd3; + platforms = lib.platforms.unix; + maintainers = [ lib.maintainers.thoughtpolice ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/su-exec/default.nix b/nixpkgs/pkgs/tools/security/su-exec/default.nix new file mode 100644 index 000000000000..0e26d2430cb1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/su-exec/default.nix @@ -0,0 +1,26 @@ +{ lib, stdenv, fetchFromGitHub }: + +stdenv.mkDerivation rec { + pname = "su-exec"; + version = "0.2"; + + src = fetchFromGitHub { + owner = "ncopa"; + repo = "su-exec"; + rev = "v${version}"; + sha256 = "12vqlnpv48cjfh25sn98k1myc7h2wiv5qw2y2awgp6sipzv88abv"; + }; + + installPhase = '' + mkdir -p $out/bin + cp -a su-exec $out/bin/su-exec + ''; + + meta = with lib; { + description = "switch user and group id and exec"; + homepage = "https://github.com/ncopa/su-exec"; + license = licenses.mit; + maintainers = with maintainers; [ zimbatm ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/subjs/default.nix b/nixpkgs/pkgs/tools/security/subjs/default.nix new file mode 100644 index 000000000000..60ed306145a7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/subjs/default.nix @@ -0,0 +1,32 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "subjs"; + version = "1.0.1"; + + src = fetchFromGitHub { + owner = "lc"; + repo = pname; + rev = "v${version}"; + hash = "sha256-csxFn3YUnuYjZ5/4jIi7DfuujB/gFjHogLaV4XK5kQU="; + }; + + vendorHash = "sha256-Ibsgi2MYvs12E1NJgshAD/S5GTJgLl7C+smfvS+aAfg="; + + ldflags = [ "-s" "-w" "-X main.AppVersion=${version}" ]; + + meta = with lib; { + description = "Fetcher for Javascript files"; + longDescription = '' + subjs fetches Javascript files from a list of URLs or subdomains. + Analyzing Javascript files can help you find undocumented endpoints, + secrets and more. + ''; + homepage = "https://github.com/lc/subjs"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sudo-rs/default.nix b/nixpkgs/pkgs/tools/security/sudo-rs/default.nix new file mode 100644 index 000000000000..0be60c5025b7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sudo-rs/default.nix @@ -0,0 +1,80 @@ +{ lib +, bash +, fetchFromGitHub +, installShellFiles +, nix-update-script +, nixosTests +, pam +, pandoc +, rustPlatform +}: + +rustPlatform.buildRustPackage rec { + pname = "sudo-rs"; + version = "0.2.1"; + + src = fetchFromGitHub { + owner = "memorysafety"; + repo = "sudo-rs"; + rev = "v${version}"; + hash = "sha256-EQEdNDUXEMMiFZKuu9LR9ywjvKWyM5bWcRHHUB9+gp4="; + }; + cargoHash = "sha256-Zs9/A7u4yMLKY4cAUCnsqRHgkxI8R3w1JwkAd2lw0eo="; + + nativeBuildInputs = [ installShellFiles pandoc ]; + + buildInputs = [ pam ]; + + # Don't attempt to generate the docs in a (pan)Docker container + postPatch = '' + substituteInPlace util/generate-docs.sh \ + --replace "/usr/bin/env bash" ${lib.getExe bash} \ + --replace util/pandoc.sh pandoc + ''; + + postInstall = '' + ./util/generate-docs.sh + installManPage target/docs/man/* + ''; + + checkFlags = map (t: "--skip=${t}") [ + # Those tests make path assumptions + "common::command::test::test_build_command_and_args" + "common::context::tests::test_build_context" + "common::resolve::test::canonicalization" + "common::resolve::tests::test_resolve_path" + "system::tests::kill_test" + + # Assumes $SHELL is an actual shell + "su::context::tests::su_to_root" + + # Attempts to access /etc files from the build sandbox + "system::audit::test::secure_open_is_predictable" + + # Assume there is a `daemon` user and group + "system::interface::test::test_unix_group" + "system::interface::test::test_unix_user" + "system::tests::test_get_user_and_group_by_id" + + # This expects some PATH_TZINFO environment var + "env::environment::tests::test_tzinfo" + + # Unsure why those are failing + "env::tests::test_environment_variable_filtering" + "su::context::tests::invalid_shell" + ]; + + passthru = { + updateScript = nix-update-script { }; + tests = nixosTests.sudo-rs; + }; + + meta = with lib; { + description = "A memory safe implementation of sudo and su."; + homepage = "https://github.com/memorysafety/sudo-rs"; + changelog = "${meta.homepage}/blob/v${version}/CHANGELOG.md"; + license = with licenses; [ asl20 mit ]; + maintainers = with maintainers; [ nicoo ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sudo/default.nix b/nixpkgs/pkgs/tools/security/sudo/default.nix new file mode 100644 index 000000000000..24c1212d607c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sudo/default.nix @@ -0,0 +1,109 @@ +{ lib +, stdenv +, fetchurl +, fetchpatch +, buildPackages +, coreutils +, pam +, groff +, sssd +, nixosTests +, sendmailPath ? "/run/wrappers/bin/sendmail" +, withInsults ? false +, withSssd ? false +}: + +stdenv.mkDerivation rec { + pname = "sudo"; + version = "1.9.14p3"; + + src = fetchurl { + url = "https://www.sudo.ws/dist/${pname}-${version}.tar.gz"; + hash = "sha256-oIMYscS8hYLABNTNmuKQOrxUnn5GuoFeQf6B0cB4K2I="; + }; + + patches = [ + # Extra bugfix not included in 1.9.14p3 to address a bug that impacts the + # NixOS test suite for sudo. + (fetchpatch { + url = "https://github.com/sudo-project/sudo/commit/760c9c11074cb921ecc0da9fbb5f0a12afd46233.patch"; + hash = "sha256-smwyoYEkaqfQYz9C4VVz59YMtKabOPpwhS+RBwXbWuE="; + }) + # Fix for the patch above: + # https://bugzilla.sudo.ws/show_bug.cgi?id=1057 + (fetchpatch { + url = "https://github.com/sudo-project/sudo/commit/d148e7d8f9a98726dd4fde6f187c7d614e1258c7.patch"; + hash = "sha256-3I3PnuAHlBs3JOn0Ul900aFxuUkDGV4sM3S5DNtW7bE="; + }) + ]; + + prePatch = '' + # do not set sticky bit in nix store + substituteInPlace src/Makefile.in --replace 04755 0755 + ''; + + configureFlags = [ + "--with-env-editor" + "--with-editor=/run/current-system/sw/bin/nano" + "--with-rundir=/run/sudo" + "--with-vardir=/var/db/sudo" + "--with-logpath=/var/log/sudo.log" + "--with-iologdir=/var/log/sudo-io" + "--with-sendmail=${sendmailPath}" + "--enable-tmpfiles.d=no" + ] ++ lib.optionals withInsults [ + "--with-insults" + "--with-all-insults" + ] ++ lib.optionals withSssd [ + "--with-sssd" + "--with-sssd-lib=${sssd}/lib" + ]; + + configureFlagsArray = [ + "--with-passprompt=[sudo] password for %p: " # intentional trailing space + ]; + + postConfigure = + '' + cat >> pathnames.h <<'EOF' + #undef _PATH_MV + #define _PATH_MV "${coreutils}/bin/mv" + EOF + makeFlags="install_uid=$(id -u) install_gid=$(id -g)" + installFlags="sudoers_uid=$(id -u) sudoers_gid=$(id -g) sysconfdir=$out/etc rundir=$TMPDIR/dummy vardir=$TMPDIR/dummy DESTDIR=/" + ''; + + depsBuildBuild = [ buildPackages.stdenv.cc ]; + nativeBuildInputs = [ groff ]; + buildInputs = [ pam ]; + + enableParallelBuilding = true; + + doCheck = false; # needs root + + postInstall = '' + rm $out/share/doc/sudo/ChangeLog + ''; + + passthru.tests = { inherit (nixosTests) sudo; }; + + meta = { + description = "A command to run commands as root"; + + longDescription = + '' + Sudo (su "do") allows a system administrator to delegate + authority to give certain users (or groups of users) the ability + to run some (or all) commands as root or another user while + providing an audit trail of the commands and their arguments. + ''; + + homepage = "https://www.sudo.ws/"; + + license = "https://www.sudo.ws/sudo/license.html"; + + maintainers = with lib.maintainers; [ delroth ]; + + platforms = lib.platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/swaggerhole/default.nix b/nixpkgs/pkgs/tools/security/swaggerhole/default.nix new file mode 100644 index 000000000000..8455867b4be2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/swaggerhole/default.nix @@ -0,0 +1,37 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "swaggerhole"; + version = "1.1"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "Liodeus"; + repo = pname; + # Source is not tagged at the moment, https://github.com/Liodeus/swaggerHole/issues/2 + rev = "14846406fbd0f145d71ad51c3b87f383e4afbc3b"; + hash = "sha256-3HmIpn1A86PXZRL+SqMdr84O16hW1mCUWHKnOVolmx8="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + requests + whispers + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "swaggerhole" + ]; + + meta = with lib; { + description = "Tool to searching for secret on swaggerhub"; + homepage = "https://github.com/Liodeus/swaggerHole"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/swtpm/default.nix b/nixpkgs/pkgs/tools/security/swtpm/default.nix new file mode 100644 index 000000000000..d132e27a8059 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/swtpm/default.nix @@ -0,0 +1,104 @@ +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, pkg-config +, libtasn1, openssl, fuse, glib, libseccomp, json-glib +, libtpms +, unixtools, expect, socat +, gnutls +, perl + +# Tests +, python3, which +, nixosTests +}: + +stdenv.mkDerivation rec { + pname = "swtpm"; + version = "0.8.1"; + + src = fetchFromGitHub { + owner = "stefanberger"; + repo = "swtpm"; + rev = "v${version}"; + sha256 = "sha256-QKR5S7FlMFDw4+VpyRdqixMWyzLpQkf3QCUceQvsliU="; + }; + + nativeBuildInputs = [ + pkg-config unixtools.netstat expect socat + perl # for pod2man + python3 + autoreconfHook + ]; + + nativeCheckInputs = [ + which + ]; + + buildInputs = [ + libtpms + openssl libtasn1 + glib json-glib + gnutls + ] ++ lib.optionals stdenv.isLinux [ + fuse + libseccomp + ]; + + configureFlags = [ + "--localstatedir=/var" + ] ++ lib.optionals stdenv.isLinux [ + "--with-cuse" + ]; + + postPatch = '' + patchShebangs tests/* + + # Makefile tries to create the directory /var/lib/swtpm-localca, which fails + substituteInPlace samples/Makefile.am \ + --replace 'install-data-local:' 'do-not-execute:' + + # Use the correct path to the certtool binary + # instead of relying on it being in the environment + substituteInPlace src/swtpm_localca/swtpm_localca.c \ + --replace \ + '# define CERTTOOL_NAME "gnutls-certtool"' \ + '# define CERTTOOL_NAME "${gnutls}/bin/certtool"' \ + --replace \ + '# define CERTTOOL_NAME "certtool"' \ + '# define CERTTOOL_NAME "${gnutls}/bin/certtool"' + + substituteInPlace tests/common --replace \ + 'CERTTOOL=gnutls-certtool;;' \ + 'CERTTOOL=certtool;;' + + # Fix error on macOS: + # stat: invalid option -- '%' + # This is caused by the stat program not being the BSD version, + # as is expected by the test + substituteInPlace tests/common --replace \ + 'if [[ "$(uname -s)" =~ (Linux|CYGWIN_NT-) ]]; then' \ + 'if [[ "$(uname -s)" =~ (Linux|Darwin|CYGWIN_NT-) ]]; then' + + # Otherwise certtool seems to pick up the system language on macOS, + # which might cause a test to fail + substituteInPlace tests/test_swtpm_setup_create_cert --replace \ + '$CERTTOOL' \ + 'LC_ALL=C.UTF-8 $CERTTOOL' + ''; + + doCheck = true; + enableParallelBuilding = true; + + outputs = [ "out" "man" ]; + + passthru.tests = { inherit (nixosTests) systemd-cryptenroll; }; + + meta = with lib; { + description = "Libtpms-based TPM emulator"; + homepage = "https://github.com/stefanberger/swtpm"; + license = licenses.bsd3; + maintainers = [ maintainers.baloo ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/sx-go/default.nix b/nixpkgs/pkgs/tools/security/sx-go/default.nix new file mode 100644 index 000000000000..11a9b497fdf0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/sx-go/default.nix @@ -0,0 +1,45 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, fetchpatch +, libpcap +}: + +buildGoModule rec { + pname = "sx-go"; + version = "0.5.0"; + + src = fetchFromGitHub { + owner = "v-byte-cpu"; + repo = "sx"; + rev = "v${version}"; + sha256 = "sha256-HTIzA1QOVn3V/hGUu7wLIYUNYmcJ/FXi2yr6BGRizZA="; + }; + + vendorHash = "sha256-TWRMNt6x8zuvhP1nz4R6IVCX+9HityvVpzxRhDiMyO4="; + + patches = [ + # Fix darwin builds: https://github.com/v-byte-cpu/sx/pull/120 + (fetchpatch { + name = "non-linux-method-signature.patch"; + url = "https://github.com/v-byte-cpu/sx/commit/56457bfaa49eb6fbb7a33d7092d9c636b9c85895.patch"; + hash = "sha256-0lCu3tZ0fEiC7qWfk1APLVwwrK9eovbVa/yG7OuXEWQ="; + }) + ]; + + buildInputs = [ + libpcap + ]; + + postFixup = '' + # Rename binary to avoid conflict with sx + mv $out/bin/sx $out/bin/${pname} + ''; + + meta = with lib; { + description = "Command-line network scanner"; + homepage = "https://github.com/v-byte-cpu/sx"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tboot/default.nix b/nixpkgs/pkgs/tools/security/tboot/default.nix new file mode 100644 index 000000000000..e88c8e9aa742 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tboot/default.nix @@ -0,0 +1,35 @@ +{ lib, stdenv, fetchurl, openssl, perl, trousers, zlib }: + +stdenv.mkDerivation rec { + pname = "tboot"; + version = "1.11.1"; + + src = fetchurl { + url = "mirror://sourceforge/tboot/${pname}-${version}.tar.gz"; + sha256 = "sha256-1sPCbF/e5tWOEfBHM67lnK/QFyHRFZjRjAKxXAfw6nc="; + }; + + buildInputs = [ openssl trousers zlib ]; + + enableParallelBuilding = true; + + preConfigure = '' + substituteInPlace tboot/Makefile --replace /usr/bin/perl ${perl}/bin/perl + + for a in lcptools-v2 tb_polgen utils; do + substituteInPlace "$a/Makefile" --replace /usr/sbin /sbin + done + substituteInPlace docs/Makefile --replace /usr/share /share + ''; + + installFlags = [ "DESTDIR=$(out)" ]; + + meta = with lib; { + description = "A pre-kernel/VMM module that uses Intel(R) TXT to perform a measured and verified launch of an OS kernel/VMM"; + homepage = "https://sourceforge.net/projects/tboot/"; + changelog = "https://sourceforge.net/p/tboot/code/ci/v${version}/tree/CHANGELOG"; + license = licenses.bsd3; + maintainers = with maintainers; [ ak ]; + platforms = [ "x86_64-linux" "i686-linux" ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tcb/default.nix b/nixpkgs/pkgs/tools/security/tcb/default.nix new file mode 100644 index 000000000000..6a1f5b5eb5f2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tcb/default.nix @@ -0,0 +1,54 @@ +{ lib, stdenv, fetchFromGitHub, pkg-config +, linux-pam, libxcrypt +}: + +stdenv.mkDerivation rec { + pname = "tcb"; + version = "1.2"; + + src = fetchFromGitHub { + owner = "openwall"; + repo = pname; + rev = "070cf4aa784de13c52788ac22ff611d7cbca0854"; + sha256 = "sha256-Sp5u7iTEZZnAqKQXoPO8eWpSkZeBzQqZI82wRQmgU9A="; + }; + + outputs = [ "out" "bin" "dev" "man" ]; + + nativeBuildInputs = [ pkg-config ]; + + buildInputs = [ linux-pam libxcrypt ]; + + patches = [ ./fix-makefiles.patch ]; + + postPatch = '' + substituteInPlace Make.defs \ + --replace "PREFIX = /usr" "PREFIX = $out" \ + --replace "SBINDIR = /sbin" "SBINDIR = $bin/bin" \ + --replace "INCLUDEDIR = \$(PREFIX)/include" "INCLUDEDIR = $dev/include" + + # Override default 'CC=gcc' + makeFlagsArray+=("CC=$CC") + ''; + + meta = with lib; { + description = "Alternative password shadowing scheme"; + longDescription = '' + The tcb package contains core components of our tcb suite implementing the alternative + password shadowing scheme on Openwall GNU Linux (Owl). It is being made available + separately from Owl primarily for use by other distributions. + + The package consists of three components: pam_tcb, libnss_tcb, and libtcb. + + pam_tcb is a PAM module which supersedes pam_unix. It also implements the tcb password + shadowing scheme. The tcb scheme allows many core system utilities (passwd(1) being + the primary example) to operate with little privilege. libnss_tcb is the accompanying + NSS module. libtcb contains code shared by the PAM and NSS modules and is also used + by user management tools on Owl due to our shadow suite patches. + ''; + homepage = "https://www.openwall.com/tcb/"; + license = licenses.bsd3; + platforms = systems.inspect.patterns.isGnu; + maintainers = with maintainers; [ izorkin ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tcb/fix-makefiles.patch b/nixpkgs/pkgs/tools/security/tcb/fix-makefiles.patch new file mode 100644 index 000000000000..9ea82605d557 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tcb/fix-makefiles.patch @@ -0,0 +1,52 @@ +diff --git a/Make.defs b/Make.defs +index a961f7d..9e8d59b 100644 +--- a/Make.defs ++++ b/Make.defs +@@ -19,7 +19,7 @@ LDFLAGS += $(DBGFLAG) -L../libs + + PREFIX = /usr + SBINDIR = /sbin +-SLIBDIR = /lib ++SLIBDIR = $(PREFIX)/lib + INCLUDEDIR = $(PREFIX)/include + LIBDIR = $(PREFIX)/lib + LIBEXECDIR = $(PREFIX)/libexec +diff --git a/libs/Makefile b/libs/Makefile +index 0083b13..27238f6 100644 +--- a/libs/Makefile ++++ b/libs/Makefile +@@ -7,7 +7,7 @@ LIBTCB_A = libtcb.a + LIB_MAP = libtcb.map + NSS_MAP = libnss_tcb.map + +-all: $(LIBTCB_LONG) $(LIBNSS) $(LIBTCB_A) ++all: $(LIBTCB_LONG) $(LIBNSS) + + $(LIBTCB_A): libtcb_a.o + ar -cr $@ $< +@@ -36,9 +36,8 @@ install: + $(MKDIR) -p -m 755 $(DESTDIR)$(LIBDIR) + $(INSTALL) -m $(SHLIBMODE) $(LIBTCB_LONG) $(DESTDIR)$(SLIBDIR)/ + ln -sf $(LIBTCB_LONG) $(DESTDIR)$(SLIBDIR)/$(LIBTCB) +- ln -sf ../..$(SLIBDIR)/$(LIBTCB) $(DESTDIR)$(LIBDIR)/libtcb.so ++ ln -sf $(LIBTCB) $(DESTDIR)$(LIBDIR)/libtcb.so + $(INSTALL) -m $(SHLIBMODE) $(LIBNSS) $(DESTDIR)$(SLIBDIR)/ +- $(INSTALL) -m 644 $(LIBTCB_A) $(DESTDIR)$(LIBDIR)/ + + clean: + rm -f *.o *~ $(LIBTCB)* libtcb.so $(LIBNSS) *.a +diff --git a/progs/Makefile b/progs/Makefile +index c3a6879..e24f74b 100644 +--- a/progs/Makefile ++++ b/progs/Makefile +@@ -23,8 +23,8 @@ install-non-root: install-common + $(INSTALL) -m 700 $(CHKPWD) $(DESTDIR)$(LIBEXECDIR)/chkpwd/ + + install: install-common +- $(INSTALL) -d -o root -g chkpwd -m 710 $(DESTDIR)$(LIBEXECDIR)/chkpwd +- $(INSTALL) -m 2711 -o root -g shadow $(CHKPWD) \ ++ $(INSTALL) -d $(DESTDIR)$(LIBEXECDIR)/chkpwd ++ $(INSTALL) $(CHKPWD) \ + $(DESTDIR)$(LIBEXECDIR)/chkpwd/ + + install-common: diff --git a/nixpkgs/pkgs/tools/security/tcpcrypt/default.nix b/nixpkgs/pkgs/tools/security/tcpcrypt/default.nix new file mode 100644 index 000000000000..8b00431b6cbe --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tcpcrypt/default.nix @@ -0,0 +1,33 @@ +{ lib, stdenv, fetchFromGitHub, autoreconfHook +, openssl +, libcap, libpcap, libnfnetlink, libnetfilter_conntrack, libnetfilter_queue +}: + +stdenv.mkDerivation rec { + pname = "tcpcrypt"; + version = "0.5"; + + src = fetchFromGitHub { + repo = "tcpcrypt"; + owner = "scslab"; + rev = "v${version}"; + sha256 = "0a015rlyvagz714pgwr85f8gjq1fkc0il7d7l39qcgxrsp15b96w"; + }; + + postUnpack = "mkdir -vp $sourceRoot/m4"; + + outputs = [ "bin" "dev" "out" ]; + nativeBuildInputs = [ autoreconfHook ]; + buildInputs = [ openssl libpcap ] + ++ lib.optionals stdenv.isLinux [ libcap libnfnetlink libnetfilter_conntrack libnetfilter_queue ]; + + enableParallelBuilding = true; + + meta = with lib; { + broken = stdenv.isDarwin; + homepage = "http://tcpcrypt.org/"; + description = "Fast TCP encryption"; + platforms = platforms.all; + license = licenses.bsd2; + }; +} diff --git a/nixpkgs/pkgs/tools/security/teler/default.nix b/nixpkgs/pkgs/tools/security/teler/default.nix new file mode 100644 index 000000000000..989743fda894 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/teler/default.nix @@ -0,0 +1,40 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "teler"; + version = "2.0.0-dev.3"; + + src = fetchFromGitHub { + owner = "kitabisa"; + repo = "teler"; + rev = "v${version}"; + hash = "sha256-2QrHxToHxHTjSl76q9A8fXCkOZkCwh1fu1h+HDUGsGA="; + }; + + vendorHash = "sha256-gV/PJFcANeYTYUJG3PYNsApYaeBLx76+vVBvcuKDYO4="; + + ldflags = [ + "-s" + "-w" + "-X ktbs.dev/teler/common.Version=${version}" + ]; + + # test require internet access + doCheck = false; + + meta = with lib; { + description = "Real-time HTTP Intrusion Detection"; + longDescription = '' + teler is an real-time intrusion detection and threat alert + based on web log that runs in a terminal with resources that + we collect and provide by the community. + ''; + homepage = "https://github.com/kitabisa/teler"; + changelog = "https://github.com/kitabisa/teler/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tell-me-your-secrets/default.nix b/nixpkgs/pkgs/tools/security/tell-me-your-secrets/default.nix new file mode 100644 index 000000000000..c01308e0de6e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tell-me-your-secrets/default.nix @@ -0,0 +1,49 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "tell-me-your-secrets"; + version = "2.4.2"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "valayDave"; + repo = "tell-me-your-secrets"; + rev = "refs/tags/v${version}"; + hash = "sha256-3ZJyL/V1dsW6F+PiEhnWpv/Pz2H9/UKSJWDgw68M/Z8="; + }; + + pythonRelaxDeps = [ + "gitignore-parser" + ]; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + pythonRelaxDepsHook + ]; + + propagatedBuildInputs = with python3.pkgs; [ + gitignore-parser + pandas + pyyaml + single-source + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "tell_me_your_secrets" + ]; + + meta = with lib; { + description = "Tools to find secrets from various signatures"; + homepage = "https://github.com/valayDave/tell-me-your-secrets"; + changelog = "https://github.com/valayDave/tell-me-your-secrets/blob/${version}/CHANGELOG.md"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/terrascan/default.nix b/nixpkgs/pkgs/tools/security/terrascan/default.nix new file mode 100644 index 000000000000..fd8c512837ff --- /dev/null +++ b/nixpkgs/pkgs/tools/security/terrascan/default.nix @@ -0,0 +1,34 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "terrascan"; + version = "1.18.3"; + + src = fetchFromGitHub { + owner = "accurics"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-2jIdKBNn3Ajvq+fQ1OuQ0VB8+S0QYwLZnJMlGqZ7WtE="; + }; + + vendorHash = "sha256-PH94le8IwVuinlRsk84HGSxhBSJTTJDrou7nfD1J1JM="; + + # Tests want to download a vulnerable Terraform project + doCheck = false; + + meta = with lib; { + description = "Detect compliance and security violations across Infrastructure"; + longDescription = '' + Detect compliance and security violations across Infrastructure as Code to + mitigate risk before provisioning cloud native infrastructure. It contains + 500+ polices and support for Terraform and Kubernetes. + ''; + homepage = "https://github.com/accurics/terrascan"; + changelog = "https://github.com/tenable/terrascan/blob/v${version}/CHANGELOG.md"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tessen/default.nix b/nixpkgs/pkgs/tools/security/tessen/default.nix new file mode 100644 index 000000000000..1113134a1451 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tessen/default.nix @@ -0,0 +1,52 @@ +{ lib +, stdenvNoCC +, fetchFromSourcehut +, makeWrapper +, installShellFiles +, wtype +, wl-clipboard +, pass +, bemenu +, scdoc +}: + +stdenvNoCC.mkDerivation rec { + pname = "tessen"; + version = "2.2.1"; + + src = fetchFromSourcehut { + owner = "~ayushnix"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-8hhYOd5h55kl7ChqdyRzsaxzWLpX41aqG8LfznmbFWw="; + }; + + nativeBuildInputs = [ makeWrapper installShellFiles scdoc ]; + + dontBuild = true; + + installPhase = '' + runHook preInstall + install -D tessen $out/bin/tessen + wrapProgram $out/bin/tessen --prefix PATH : ${ lib.makeBinPath [ bemenu pass wtype wl-clipboard ] } + runHook postInstall + ''; + + postInstall = '' + scdoc < man/tessen.1.scd > man/tessen.1 + scdoc < man/tessen.5.scd > man/tessen.5 + installManPage man/*.{1,5} + installShellCompletion --cmd tessen \ + --bash completion/tessen.bash-completion \ + --fish completion/tessen.fish-completion + install -Dm644 config $out/share/tessen/config + ''; + + meta = with lib; { + homepage = "https://sr.ht/~ayushnix/tessen"; + description = "An interactive menu to autotype and copy Pass and GoPass data"; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ monaaraj ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/thc-hydra/default.nix b/nixpkgs/pkgs/tools/security/thc-hydra/default.nix new file mode 100644 index 000000000000..7222cc81780e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/thc-hydra/default.nix @@ -0,0 +1,51 @@ +{ stdenv, lib, fetchFromGitHub, zlib, openssl, ncurses, libidn, pcre, libssh, libmysqlclient, postgresql +, withGUI ? false, makeWrapper, pkg-config, gtk2 }: + +stdenv.mkDerivation rec { + pname = "thc-hydra"; + version = "9.5"; + + src = fetchFromGitHub { + owner = "vanhauser-thc"; + repo = "thc-hydra"; + rev = "v${version}"; + sha256 = "sha256-gdMxdFrBGVHA1ZBNFW89PBXwACnXTGJ/e/Z5+xVV5F0="; + }; + + postPatch = let + makeDirs = output: subDir: lib.concatStringsSep " " (map (path: lib.getOutput output path + "/" + subDir) buildInputs); + in '' + substituteInPlace configure \ + --replace '$LIBDIRS' "${makeDirs "lib" "lib"}" \ + --replace '$INCDIRS' "${makeDirs "dev" "include"}" \ + --replace "/usr/include/math.h" "${lib.getDev stdenv.cc.libc}/include/math.h" \ + --replace "libcurses.so" "libncurses.so" \ + --replace "-lcurses" "-lncurses" + ''; + + env.NIX_CFLAGS_COMPILE = lib.optionalString stdenv.isDarwin "-Wno-undef-prefix"; + + nativeBuildInputs = lib.optionals withGUI [ pkg-config makeWrapper ]; + + buildInputs = [ + zlib openssl ncurses libidn pcre libssh libmysqlclient postgresql + ] ++ lib.optional withGUI gtk2; + + enableParallelBuilding = true; + + DATADIR = "/share/${pname}"; + + postInstall = lib.optionalString withGUI '' + wrapProgram $out/bin/xhydra \ + --add-flags --hydra-path --add-flags "$out/bin/hydra" + ''; + + meta = with lib; { + description = "A very fast network logon cracker which support many different services"; + homepage = "https://github.com/vanhauser-thc/thc-hydra"; # https://www.thc.org/ + changelog = "https://github.com/vanhauser-thc/thc-hydra/raw/v${version}/CHANGES"; + license = licenses.agpl3Plus; + maintainers = with maintainers; [ offline ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/thc-ipv6/default.nix b/nixpkgs/pkgs/tools/security/thc-ipv6/default.nix new file mode 100644 index 000000000000..6e7f4fb2891a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/thc-ipv6/default.nix @@ -0,0 +1,31 @@ +{ lib, stdenv, fetchFromGitHub, libpcap, openssl, libnetfilter_queue, libnfnetlink }: +stdenv.mkDerivation rec { + pname = "thc-ipv6"; + version = "3.8"; + + src = fetchFromGitHub { + owner = "vanhauser-thc"; + repo = pname; + rev = "v${version}"; + sha256 = "07kwika1zdq62s5p5z94xznm77dxjxdg8k0hrg7wygz50151nzmx"; + }; + + buildInputs = [ + libpcap + openssl + libnetfilter_queue + libnfnetlink + ]; + + makeFlags = [ + "PREFIX=$(out)" + ]; + + meta = with lib; { + description = "IPv6 attack toolkit"; + homepage = "https://github.com/vanhauser-thc/thc-ipv6"; + maintainers = with maintainers; [ ajs124 ]; + platforms = platforms.linux; + license = licenses.agpl3Only; + }; +} diff --git a/nixpkgs/pkgs/tools/security/theharvester/default.nix b/nixpkgs/pkgs/tools/security/theharvester/default.nix new file mode 100644 index 000000000000..528003664697 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/theharvester/default.nix @@ -0,0 +1,70 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "theharvester"; + version = "4.4.4"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "laramies"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-L0WbPZE2alregOvWc+0nuMvsD17ayCw3JtahGhf4B1o="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + aiodns + aiofiles + aiohttp + aiomultiprocess + aiosqlite + beautifulsoup4 + censys + certifi + dnspython + fastapi + lxml + netaddr + orjson + plotly + pyppeteer + python-dateutil + pyyaml + requests + retrying + shodan + slowapi + starlette + uvicorn + uvloop + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytest + pytest-asyncio + ]; + + # We don't run other tests (discovery modules) because they require network access + checkPhase = '' + runHook preCheck + pytest tests/test_myparser.py + runHook postCheck + ''; + + meta = with lib; { + description = "Gather E-mails, subdomains and names from different public sources"; + longDescription = '' + theHarvester is a very simple, yet effective tool designed to be used in the early + stages of a penetration test. Use it for open source intelligence gathering and + helping to determine an entity's external threat landscape on the internet. The tool + gathers emails, names, subdomains, IPs, and URLs using multiple public data sources. + ''; + homepage = "https://github.com/laramies/theHarvester"; + changelog = "https://github.com/laramies/theHarvester/releases/tag/${version}"; + maintainers = with maintainers; [ c0bw3b fab treemo ]; + license = licenses.gpl2Only; + }; +} diff --git a/nixpkgs/pkgs/tools/security/threatest/default.nix b/nixpkgs/pkgs/tools/security/threatest/default.nix new file mode 100644 index 000000000000..cfae26aaa034 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/threatest/default.nix @@ -0,0 +1,39 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles +}: + +buildGoModule rec { + pname = "threatest"; + version = "1.2.4"; + + src = fetchFromGitHub { + owner = "DataDog"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-pCSSAEeVxi3/yK7B2g9ZZRU5TjdNd8qp+52Yc1HmxT8="; + }; + + proxyVendor = true; + vendorHash = "sha256-nHA+UJP6gYWdbTKFcxw1gI6X2ueTUIsHVBIlaprPwsQ="; + + nativeBuildInputs = [ + installShellFiles + ]; + + postInstall = '' + installShellCompletion --cmd threatest \ + --bash <($out/bin/threatest completion bash) \ + --fish <($out/bin/threatest completion fish) \ + --zsh <($out/bin/threatest completion zsh) + ''; + + meta = with lib; { + description = "Framework for end-to-end testing threat detection rules"; + homepage = "https://github.com/DataDog/threatest"; + changelog = "https://github.com/DataDog/threatest/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tlsx/default.nix b/nixpkgs/pkgs/tools/security/tlsx/default.nix new file mode 100644 index 000000000000..10915cad9ecd --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tlsx/default.nix @@ -0,0 +1,33 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "tlsx"; + version = "1.1.5"; + + src = fetchFromGitHub { + owner = "projectdiscovery"; + repo = pname; + rev = "v${version}"; + hash = "sha256-lS/D3p8Q6Zu3/XxwkC77fPS9cXVrUTkDPGd46Y+krbo="; + }; + + vendorHash = "sha256-aEsq9LwU/ZWvuZGGzZ4NEvMWFk1m/Sr9LOXiCA/X388="; + + # Tests require network access + doCheck = false; + + meta = with lib; { + description = "TLS grabber focused on TLS based data collection"; + longDescription = '' + A fast and configurable TLS grabber focused on TLS based data + collection and analysis. + ''; + homepage = "https://github.com/projectdiscovery/tlsx"; + changelog = "https://github.com/projectdiscovery/tlsx/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tor/default.nix b/nixpkgs/pkgs/tools/security/tor/default.nix new file mode 100644 index 000000000000..a4c0fc51b644 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tor/default.nix @@ -0,0 +1,122 @@ +{ lib, stdenv, fetchurl, pkg-config, libevent, openssl, zlib, torsocks +, libseccomp, systemd, libcap, xz, zstd, scrypt, nixosTests +, writeShellScript + +# for update.nix +, writeScript +, common-updater-scripts +, bash +, coreutils +, curl +, gnugrep +, gnupg +, gnused +, nix +}: +let + tor-client-auth-gen = writeShellScript "tor-client-auth-gen" '' + PATH="${lib.makeBinPath [coreutils gnugrep openssl]}" + pem="$(openssl genpkey -algorithm x25519)" + + printf private_key=descriptor:x25519: + echo "$pem" | grep -v " PRIVATE KEY" | + base64 -d | tail --bytes=32 | base32 | tr -d = + + printf public_key=descriptor:x25519: + echo "$pem" | openssl pkey -in /dev/stdin -pubout | + grep -v " PUBLIC KEY" | + base64 -d | tail --bytes=32 | base32 | tr -d = + ''; +in +stdenv.mkDerivation rec { + pname = "tor"; + version = "0.4.8.7"; + + src = fetchurl { + url = "https://dist.torproject.org/${pname}-${version}.tar.gz"; + sha256 = "sha256-sg0rnHTbKKAMB/CQ7lsCQbK2hPOv3szMa4AIkxxVdJE="; + }; + + outputs = [ "out" "geoip" ]; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ libevent openssl zlib xz zstd scrypt ] ++ + lib.optionals stdenv.isLinux [ libseccomp systemd libcap ]; + + patches = [ ./disable-monotonic-timer-tests.patch ]; + + configureFlags = + # cross compiles correctly but needs the following + lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ "--disable-tool-name-check" ] + ++ + # sandbox is broken on aarch64-linux https://gitlab.torproject.org/tpo/core/tor/-/issues/40599 + lib.optionals (stdenv.isLinux && stdenv.isAarch64) [ "--disable-seccomp" ] + ; + + NIX_CFLAGS_LINK = lib.optionalString stdenv.cc.isGNU "-lgcc_s"; + + postPatch = '' + substituteInPlace contrib/client-tools/torify \ + --replace 'pathfind torsocks' true \ + --replace 'exec torsocks' 'exec ${torsocks}/bin/torsocks' + + patchShebangs ./scripts/maint/checkShellScripts.sh + ''; + + enableParallelBuilding = true; + + # disable tests on aarch64-darwin, the following tests fail there: + # oom/circbuf: [forking] + # FAIL src/test/test_oom.c:187: assert(c1->marked_for_close) + # [circbuf FAILED] + # oom/streambuf: [forking] + # FAIL src/test/test_oom.c:287: assert(x_ OP_GE 500 - 5): 0 vs 495 + # [streambuf FAILED] + doCheck = !(stdenv.isDarwin && stdenv.isAarch64); + + postInstall = '' + mkdir -p $geoip/share/tor + mv $out/share/tor/geoip{,6} $geoip/share/tor + rm -rf $out/share/tor + ln -s ${tor-client-auth-gen} $out/bin/tor-client-auth-gen + ''; + + passthru = { + tests.tor = nixosTests.tor; + updateScript = import ./update.nix { + inherit lib; + inherit + writeScript + common-updater-scripts + bash + coreutils + curl + gnupg + gnugrep + gnused + nix + ; + }; + }; + + meta = with lib; { + homepage = "https://www.torproject.org/"; + description = "Anonymizing overlay network"; + + longDescription = '' + Tor helps improve your privacy by bouncing your communications around a + network of relays run by volunteers all around the world: it makes it + harder for somebody watching your Internet connection to learn what sites + you visit, and makes it harder for the sites you visit to track you. Tor + works with many of your existing applications, including web browsers, + instant messaging clients, remote login, and other applications based on + the TCP protocol. + ''; + + license = licenses.bsd3; + + maintainers = with maintainers; + [ thoughtpolice joachifm prusnak ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tor/disable-monotonic-timer-tests.patch b/nixpkgs/pkgs/tools/security/tor/disable-monotonic-timer-tests.patch new file mode 100644 index 000000000000..bb124c394f25 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tor/disable-monotonic-timer-tests.patch @@ -0,0 +1,48 @@ +diff --git a/src/test/test_util.c b/src/test/test_util.c +index 0d86a5ab5..e93c6ba89 100644 +--- a/src/test/test_util.c ++++ b/src/test/test_util.c +@@ -6490,13 +6490,9 @@ test_util_monotonic_time(void *arg) + /* We need to be a little careful here since we don't know the system load. + */ + tt_i64_op(monotime_diff_msec(&mt1, &mt2), OP_GE, 175); +- tt_i64_op(monotime_diff_msec(&mt1, &mt2), OP_LT, 1000); + tt_i64_op(monotime_coarse_diff_msec(&mtc1, &mtc2), OP_GE, 125); +- tt_i64_op(monotime_coarse_diff_msec(&mtc1, &mtc2), OP_LT, 1000); + tt_u64_op(nsec2-nsec1, OP_GE, 175000000); +- tt_u64_op(nsec2-nsec1, OP_LT, 1000000000); + tt_u64_op(nsecc2-nsecc1, OP_GE, 125000000); +- tt_u64_op(nsecc2-nsecc1, OP_LT, 1000000000); + + tt_u64_op(msec1, OP_GE, nsec1 / 1000000); + tt_u64_op(usec1, OP_GE, nsec1 / 1000); +@@ -6509,8 +6509,6 @@ test_util_monotonic_time(void *arg) + + uint64_t coarse_stamp_diff = + monotime_coarse_stamp_units_to_approx_msec(stamp2-stamp1); +- tt_u64_op(coarse_stamp_diff, OP_GE, 120); +- tt_u64_op(coarse_stamp_diff, OP_LE, 1200); + + { + uint64_t units = monotime_msec_to_approx_coarse_stamp_units(5000); +@@ -6515,8 +6515,8 @@ test_util_monotonic_time(void *arg) + { + uint64_t units = monotime_msec_to_approx_coarse_stamp_units(5000); + uint64_t ms = monotime_coarse_stamp_units_to_approx_msec(units); +- tt_u64_op(ms, OP_GE, 4950); +- tt_u64_op(ms, OP_LT, 5050); ++ tt_u64_op(ms, OP_GE, 4000); ++ tt_u64_op(ms, OP_LT, 6000); + } + + done: +@@ -6640,9 +6640,6 @@ test_util_monotonic_time_add_msec(void *arg) + monotime_coarse_add_msec(&ct2, &ct1, 1337); + tt_i64_op(monotime_diff_msec(&t1, &t2), OP_EQ, 1337); + tt_i64_op(monotime_coarse_diff_msec(&ct1, &ct2), OP_EQ, 1337); +- // The 32-bit variant must be within 1% of the regular one. +- tt_int_op(monotime_coarse_diff_msec32_(&ct1, &ct2), OP_GT, 1323); +- tt_int_op(monotime_coarse_diff_msec32_(&ct1, &ct2), OP_LT, 1350); + + /* Add 1337 msec twice more; make sure that any second rollover issues + * worked. */ diff --git a/nixpkgs/pkgs/tools/security/tor/torsocks.nix b/nixpkgs/pkgs/tools/security/tor/torsocks.nix new file mode 100644 index 000000000000..16eeca0ffad7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tor/torsocks.nix @@ -0,0 +1,42 @@ +{ lib, stdenv, fetchgit, fetchurl, autoreconfHook, libcap }: + +stdenv.mkDerivation rec { + pname = "torsocks"; + version = "2.3.0"; + + src = fetchgit { + url = "https://git.torproject.org/torsocks.git"; + rev = "refs/tags/v${version}"; + sha256 = "0x0wpcigf22sjxg7bm0xzqihmsrz51hl4v8xf91qi4qnmr4ny1hb"; + }; + + nativeBuildInputs = [ autoreconfHook ]; + + patches = lib.optional stdenv.isDarwin + (fetchurl { + url = "https://trac.torproject.org/projects/tor/raw-attachment/ticket/28538/0001-Fix-macros-for-accept4-2.patch"; + sha256 = "97881f0b59b3512acc4acb58a0d6dfc840d7633ead2f400fad70dda9b2ba30b0"; + }); + + postPatch = '' + # Patch torify_app() + sed -i \ + -e 's,\(local app_path\)=`which $1`,\1=`type -P $1`,' \ + src/bin/torsocks.in + '' + lib.optionalString stdenv.isLinux '' + sed -i \ + -e 's,\(local getcap\)=.*,\1=${libcap}/bin/getcap,' \ + src/bin/torsocks.in + ''; + + doInstallCheck = true; + installCheckTarget = "check-recursive"; + + meta = { + description = "Wrapper to safely torify applications"; + homepage = "https://github.com/dgoulet/torsocks"; + license = lib.licenses.gpl2; + platforms = lib.platforms.unix; + maintainers = with lib.maintainers; [ thoughtpolice ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tor/update.nix b/nixpkgs/pkgs/tools/security/tor/update.nix new file mode 100644 index 000000000000..f0106aa26ea9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tor/update.nix @@ -0,0 +1,70 @@ +{ lib +, writeScript +, common-updater-scripts +, bash +, coreutils +, curl +, gnugrep +, gnupg +, gnused +, nix +}: + +let + downloadPageUrl = "https://dist.torproject.org"; + + # See https://support.torproject.org/little-t-tor/#fetching-the-tor-developers-key + signingKeys = [ + "514102454D0A87DB0767A1EBBE6A0531C18A9179" # Alexander Færøy + "B74417EDDF22AC9F9E90F49142E86A2A11F48D36" # David Goulet + "2133BC600AB133E1D826D173FE43009C4607B1FB" # Nick Mathewson + ]; +in + +writeScript "update-tor" '' +#! ${bash}/bin/bash + +set -eu -o pipefail + +export PATH=${lib.makeBinPath [ + common-updater-scripts + coreutils + curl + gnugrep + gnupg + gnused + nix +]} + +srcBase=$(curl -L --list-only -- "${downloadPageUrl}" \ + | grep -Eo 'tor-([[:digit:]]+\.?)+\.tar\.gz' \ + | sort -Vu \ + | tail -n1) +srcFile=$srcBase +srcUrl=${downloadPageUrl}/$srcBase + +srcName=''${srcBase/.tar.gz/} +srcVers=(''${srcName//-/ }) +version=''${srcVers[1]} + +checksumUrl=$srcUrl.sha256sum +checksumFile=''${checksumUrl##*/} + +sigUrl=$checksumUrl.asc +sigFile=''${sigUrl##*/} + +# upstream does not support byte ranges ... +[[ -e "$srcFile" ]] || curl -L -o "$srcFile" -- "$srcUrl" +[[ -e "$checksumFile" ]] || curl -L -o "$checksumFile" -- "$checksumUrl" +[[ -e "$sigFile" ]] || curl -L -o "$sigFile" -- "$sigUrl" + +export GNUPGHOME=$PWD/gnupg +mkdir -m 700 -p "$GNUPGHOME" + +gpg --batch --recv-keys ${lib.concatStringsSep " " (map (x: "'${x}'") signingKeys)} +gpg --batch --verify "$sigFile" "$checksumFile" + +sha256sum -c "$checksumFile" + +update-source-version tor "$version" "$(cut -d ' ' "$checksumFile")" +'' diff --git a/nixpkgs/pkgs/tools/security/tpm-luks/default.nix b/nixpkgs/pkgs/tools/security/tpm-luks/default.nix new file mode 100644 index 000000000000..16d88c9196b8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tpm-luks/default.nix @@ -0,0 +1,37 @@ +{ lib, stdenv, fetchFromGitHub, autoreconfHook, gawk, trousers, cryptsetup, openssl }: + +stdenv.mkDerivation { + pname = "tpm-luks"; + version = "unstable-2015-07-11"; + + src = fetchFromGitHub { + owner = "momiji"; + repo = "tpm-luks"; + rev = "c9c5b7fdddbcdac1cd4d2ea6baddd0617cc88ffa"; + sha256 = "sha256-HHyZLZAXfmuimpHV8fOWldZmi4I5uV1NnSmP4E7ZQtc="; + }; + + patches = [ + ./openssl-1.1.patch + ./signed-ptr.patch + ]; + + nativeBuildInputs = [ autoreconfHook ]; + buildInputs = [ gawk trousers cryptsetup openssl ]; + + installPhase = '' + mkdir -p $out + make install DESTDIR=$out + mv $out/$out/sbin $out/bin + rm -r $out/nix + ''; + + meta = with lib; { + description = "LUKS key storage in TPM NVRAM"; + homepage = "https://github.com/shpedoikal/tpm-luks/"; + maintainers = [ ]; + license = with licenses; [ gpl2Only ]; + platforms = platforms.linux; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/tpm-luks/openssl-1.1.patch b/nixpkgs/pkgs/tools/security/tpm-luks/openssl-1.1.patch new file mode 100644 index 000000000000..10132242b345 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tpm-luks/openssl-1.1.patch @@ -0,0 +1,63 @@ +diff --git a/swtpm-utils/lib/hmac.c b/swtpm-utils/lib/hmac.c +index 5545375..f9bedea 100644 +--- a/swtpm-utils/lib/hmac.c ++++ b/swtpm-utils/lib/hmac.c +@@ -381,15 +381,19 @@ uint32_t TSS_authhmac(unsigned char *digest, unsigned char *key, unsigned int ke + /****************************************************************************/ + uint32_t TSS_rawhmac(unsigned char *digest, const unsigned char *key, unsigned int keylen, ...) + { +- HMAC_CTX hmac; ++ HMAC_CTX* hmac; + unsigned int dlen; + unsigned char *data; + va_list argp; +- +-#ifdef HAVE_HMAC_CTX_CLEANUP +- HMAC_CTX_init(&hmac); +-#endif +- HMAC_Init(&hmac,key,keylen,EVP_sha1()); ++ ++ hmac = HMAC_CTX_new(); ++ ++ if (hmac == NULL) ++ { ++ return ERR_MEM_ERR; ++ } ++ ++ HMAC_Init_ex(hmac,key,keylen,EVP_sha1(),NULL); + + va_start(argp,keylen); + for (;;) +@@ -398,15 +402,11 @@ uint32_t TSS_rawhmac(unsigned char *digest, const unsigned char *key, unsigned i + if (dlen == 0) break; + data = (unsigned char *)va_arg(argp,unsigned char *); + if (data == NULL) return ERR_NULL_ARG; +- HMAC_Update(&hmac,data,dlen); ++ HMAC_Update(hmac,data,dlen); + } +- HMAC_Final(&hmac,digest,&dlen); ++ HMAC_Final(hmac,digest,&dlen); + +-#ifdef HAVE_HMAC_CTX_CLEANUP +- HMAC_CTX_cleanup(&hmac); +-#else +- HMAC_cleanup(&hmac); +-#endif ++ HMAC_CTX_free(hmac); + va_end(argp); + return 0; + } +diff --git a/swtpm-utils/lib/keys.c b/swtpm-utils/lib/keys.c +index 99691b6..6627a1f 100644 +--- a/swtpm-utils/lib/keys.c ++++ b/swtpm-utils/lib/keys.c +@@ -1249,8 +1249,7 @@ RSA *TSS_convpubkey(pubkeydata *k) + exp); + } + /* set up the RSA public key structure */ +- rsa->n = mod; +- rsa->e = exp; ++ RSA_set0_key(rsa, mod, exp, NULL); + return rsa; + } + diff --git a/nixpkgs/pkgs/tools/security/tpm-luks/signed-ptr.patch b/nixpkgs/pkgs/tools/security/tpm-luks/signed-ptr.patch new file mode 100644 index 000000000000..83e356a4ef9e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tpm-luks/signed-ptr.patch @@ -0,0 +1,15 @@ +diff --git a/swtpm-utils/getcapability.c b/swtpm-utils/getcapability.c +index 7359ba3..17b4324 100644 +--- a/swtpm-utils/getcapability.c ++++ b/swtpm-utils/getcapability.c +@@ -480,7 +480,8 @@ int main(int argc, char *argv[]) + } + + if (c) { +- char pcrmap[4], *pf; ++ char pcrmap[4]; ++ unsigned char *pf; + + memcpy(pcrmap, ndp.pcrInfoRead.pcrSelection.pcrSelect, + ndp.pcrInfoRead.pcrSelection.sizeOfSelect); + diff --git a/nixpkgs/pkgs/tools/security/tpm-quote-tools/default.nix b/nixpkgs/pkgs/tools/security/tpm-quote-tools/default.nix new file mode 100644 index 000000000000..938d0a6f2946 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tpm-quote-tools/default.nix @@ -0,0 +1,32 @@ +{ lib, stdenv, fetchurl, trousers, openssl }: + +stdenv.mkDerivation rec { + pname = "tpm-quote-tools"; + version = "1.0.4"; + + src = fetchurl { + url = "mirror://sourceforge/project/tpmquotetools/${version}/${pname}-${version}.tar.gz"; + sha256 = "1qjs83xb4np4yn1bhbjfhvkiika410v8icwnjix5ad96w2nlxp0h"; + }; + + buildInputs = [ trousers openssl ]; + + postFixup = '' + patchelf \ + --set-rpath "${lib.makeLibraryPath [ openssl ]}:$(patchelf --print-rpath $out/bin/tpm_mkaik)" \ + $out/bin/tpm_mkaik + ''; + + meta = with lib; { + description = "A collection of programs that provide support for TPM based attestation using the TPM quote mechanism"; + longDescription = '' + The TPM Quote Tools is a collection of programs that provide support + for TPM based attestation using the TPM quote mechanism. The manual + page for tpm_quote_tools provides a usage overview. + ''; + homepage = "http://tpmquotetools.sourceforge.net/"; + license = licenses.bsd3; + maintainers = with maintainers; [ ak ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tpm-tools/default.nix b/nixpkgs/pkgs/tools/security/tpm-tools/default.nix new file mode 100644 index 000000000000..c0e2941323a6 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tpm-tools/default.nix @@ -0,0 +1,40 @@ +{ lib, stdenv, fetchurl, trousers, openssl, opencryptoki, perl }: + +let + version = "1.3.9.1"; +in +stdenv.mkDerivation rec { + pname = "tpm-tools"; + inherit version; + + src = fetchurl { + url = "mirror://sourceforge/trousers/tpm-tools/${version}/${pname}-${version}.tar.gz"; + sha256 = "0s7srgghykxnlb1g4izabzf2gfb1knxc0nzn6bly49h8cpi19dww"; + }; + + sourceRoot = "."; + + patches = [ + (fetchurl { + url = "https://sources.debian.org/data/main/t/tpm-tools/1.3.9.1-0.1/debian/patches/05-openssl1.1_fix_data_mgmt.patch"; + sha256 = "161yysw4wgy3spsz6p1d0ib0h5pnrqm8bdh1l71c4hz6a6wpcyxj"; + }) + ]; + + nativeBuildInputs = [ perl ]; + buildInputs = [ trousers openssl opencryptoki ]; + + meta = with lib; { + description = "Management tools for TPM hardware"; + longDescription = '' + tpm-tools is an open-source package designed to enable user and + application enablement of Trusted Computing using a Trusted Platform + Module (TPM), similar to a smart card environment. + ''; + homepage = "https://sourceforge.net/projects/trousers/files/tpm-tools/"; + license = licenses.cpl10; + maintainers = [ maintainers.ak ]; + platforms = platforms.unix; + }; +} + diff --git a/nixpkgs/pkgs/tools/security/tpm2-abrmd/default.nix b/nixpkgs/pkgs/tools/security/tpm2-abrmd/default.nix new file mode 100644 index 000000000000..718355998794 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tpm2-abrmd/default.nix @@ -0,0 +1,56 @@ +{ stdenv, lib, fetchFromGitHub +, autoreconfHook, pkg-config, autoconf-archive, makeWrapper, which +, tpm2-tss, glib, dbus +, cmocka +}: + +stdenv.mkDerivation rec { + pname = "tpm2-abrmd"; + version = "3.0.0"; + + src = fetchFromGitHub { + owner = "tpm2-software"; + repo = pname; + rev = version; + sha256 = "sha256-l0ncCMsStaeFACRU3Bt6F1zyiOTGY6wOHewA4AD58Ww="; + }; + + nativeBuildInputs = [ + autoconf-archive + autoreconfHook + glib + makeWrapper + pkg-config + which + ]; + buildInputs = [ tpm2-tss glib dbus ]; + nativeCheckInputs = [ cmocka ]; + + enableParallelBuilding = true; + + # Emulate the required behavior of ./bootstrap in the original + # package + preAutoreconf = '' + echo "${version}" > VERSION + ''; + + # Unit tests are currently broken as the check phase attempts to start a dbus daemon etc. + #configureFlags = [ "--enable-unit" ]; + doCheck = false; + + # Even though tpm2-tss is in the RUNPATH, starting from 2.3.0 abrmd + # seems to require the path to the device TCTI (used for accessing + # /dev/tpm0) in it's LD_LIBRARY_PATH + postFixup = '' + wrapProgram $out/bin/tpm2-abrmd \ + --suffix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ tpm2-tss ]}" + ''; + + meta = with lib; { + description = "TPM2 resource manager, accessible via D-Bus"; + homepage = "https://github.com/tpm2-software/tpm2-tools"; + license = licenses.bsd3; + platforms = platforms.linux; + maintainers = with maintainers; [ matthiasbeyer ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tpm2-tools/default.nix b/nixpkgs/pkgs/tools/security/tpm2-tools/default.nix new file mode 100644 index 000000000000..4e8fd919f9ae --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tpm2-tools/default.nix @@ -0,0 +1,48 @@ +{ stdenv, fetchurl, lib, fetchpatch +, pandoc, pkg-config, makeWrapper, curl, openssl, tpm2-tss, libuuid +, abrmdSupport ? true, tpm2-abrmd ? null }: + +stdenv.mkDerivation rec { + pname = "tpm2-tools"; + version = "5.5"; + + src = fetchurl { + url = "https://github.com/tpm2-software/${pname}/releases/download/${version}/${pname}-${version}.tar.gz"; + sha256 = "sha256-H9tJxzBTe/2u0IiISIGmHjv9Eh6VfsC9zu7AJhI2wSM="; + }; + + patches = [ + # https://github.com/tpm2-software/tpm2-tools/pull/3271 + (fetchpatch { + url = "https://github.com/tpm2-software/tpm2-tools/commit/b98be08f6f88b0cca9e0667760c4e1e5eb417fbd.patch"; + sha256 = "sha256-2sEam9i4gwscJhLwraX2EAjVM8Dh1vmNnG3zYsOF0fc="; + }) + ]; + + nativeBuildInputs = [ pandoc pkg-config makeWrapper ]; + buildInputs = [ + curl openssl tpm2-tss libuuid + ]; + + preFixup = let + ldLibraryPath = lib.makeLibraryPath ([ + tpm2-tss + ] ++ (lib.optional abrmdSupport tpm2-abrmd)); + in '' + wrapProgram $out/bin/tpm2 --suffix LD_LIBRARY_PATH : "${ldLibraryPath}" + wrapProgram $out/bin/tss2 --suffix LD_LIBRARY_PATH : "${ldLibraryPath}" + ''; + + + # Unit tests disabled, as they rely on a dbus session + #configureFlags = [ "--enable-unit" ]; + doCheck = false; + + meta = with lib; { + description = "Command line tools that provide access to a TPM 2.0 compatible device"; + homepage = "https://github.com/tpm2-software/tpm2-tools"; + license = licenses.bsd3; + platforms = platforms.linux; + maintainers = with maintainers; [ delroth ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tracee/default.nix b/nixpkgs/pkgs/tools/security/tracee/default.nix new file mode 100644 index 000000000000..eb1e8090b286 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tracee/default.nix @@ -0,0 +1,113 @@ +{ lib +, buildGoModule +, fetchFromGitHub + +, clang +, pkg-config + +, zlib +, elfutils +, libbpf + +, nixosTests +, testers +, tracee +}: + +buildGoModule rec { + pname = "tracee"; + version = "0.13.1"; + + src = fetchFromGitHub { + owner = "aquasecurity"; + repo = pname; + rev = "v${version}"; + hash = "sha256-YO5u/hE5enoqh8niV4Zi+NFUsU+UXCCxdqvxolZImGk="; + }; + vendorHash = "sha256-swMvJe+Dz/kwPIStPlQ7d6U/UwXSMcJ3eONxjzebXCc="; + + patches = [ + ./use-our-libbpf.patch + ]; + + enableParallelBuilding = true; + # needed to build bpf libs + hardeningDisable = [ "stackprotector" ]; + + nativeBuildInputs = [ pkg-config clang ]; + buildInputs = [ elfutils libbpf zlib ]; + + makeFlags = [ + "VERSION=v${version}" + "GO_DEBUG_FLAG=-s -w" + # don't actually need git but the Makefile checks for it + "CMD_GIT=echo" + ]; + + buildPhase = '' + runHook preBuild + mkdir -p ./dist + make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES} bpf-core all + runHook postBuild + ''; + + # tests require a separate go module + # integration tests are ran within a nixos vm + # see passthru.tests.integration + doCheck = false; + + outputs = [ "out" "lib" "share" ]; + + installPhase = '' + runHook preInstall + + mkdir -p $out/bin $lib/lib/tracee $share/share/tracee + + mv ./dist/tracee $out/bin/ + mv ./dist/tracee.bpf.core.o $lib/lib/tracee/ + mv ./cmd/tracee-rules/templates $share/share/tracee/ + + runHook postInstall + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + + $out/bin/tracee --help + $out/bin/tracee --version | grep "v${version}" + + runHook postInstallCheck + ''; + + passthru.tests = { + integration = nixosTests.tracee; + version = testers.testVersion { + package = tracee; + version = "v${version}"; + command = "tracee --version"; + }; + }; + + meta = with lib; { + homepage = "https://aquasecurity.github.io/tracee/latest/"; + changelog = "https://github.com/aquasecurity/tracee/releases/tag/v${version}"; + description = "Linux Runtime Security and Forensics using eBPF"; + longDescription = '' + Tracee is a Runtime Security and forensics tool for Linux. It is using + Linux eBPF technology to trace your system and applications at runtime, + and analyze collected events to detect suspicious behavioral patterns. It + is delivered as a Docker image that monitors the OS and detects suspicious + behavior based on a pre-defined set of behavioral patterns. + ''; + license = with licenses; [ + # general license + asl20 + # pkg/ebpf/c/* + gpl2Plus + ]; + maintainers = with maintainers; [ jk ]; + platforms = [ "x86_64-linux" "aarch64-linux" ]; + outputsToInstall = [ "out" "share" ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/tracee/use-our-libbpf.patch b/nixpkgs/pkgs/tools/security/tracee/use-our-libbpf.patch new file mode 100644 index 000000000000..00d91ca6e3b3 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/tracee/use-our-libbpf.patch @@ -0,0 +1,48 @@ +diff --git a/Makefile b/Makefile +index d7596a1a..dd7b97b6 100644 +--- a/Makefile ++++ b/Makefile +@@ -50,6 +50,7 @@ CMD_STATICCHECK ?= staticcheck + # libs + # + ++LIB_BPF ?= libbpf + LIB_ELF ?= libelf + LIB_ZLIB ?= zlib + +@@ -279,8 +280,6 @@ OUTPUT_DIR = ./dist + $(OUTPUT_DIR): + # + @$(CMD_MKDIR) -p $@ +- @$(CMD_MKDIR) -p $@/libbpf +- @$(CMD_MKDIR) -p $@/libbpf/obj + + # + # embedded btfhub +@@ -418,7 +417,6 @@ TRACEE_EBPF_OBJ_CORE_HEADERS = $(shell find pkg/ebpf/c -name *.h) + bpf-core: $(OUTPUT_DIR)/tracee.bpf.core.o + + $(OUTPUT_DIR)/tracee.bpf.core.o: \ +- $(OUTPUT_DIR)/libbpf/libbpf.a \ + $(TRACEE_EBPF_OBJ_SRC) \ + $(TRACEE_EBPF_OBJ_CORE_HEADERS) + # +@@ -453,8 +451,8 @@ ifeq ($(STATIC), 1) + GO_TAGS_EBPF := $(GO_TAGS_EBPF),netgo + endif + +-CUSTOM_CGO_CFLAGS = "-I$(abspath $(OUTPUT_DIR)/libbpf)" +-CUSTOM_CGO_LDFLAGS = "$(shell $(call pkg_config, $(LIB_ELF))) $(shell $(call pkg_config, $(LIB_ZLIB))) $(abspath $(OUTPUT_DIR)/libbpf/libbpf.a)" ++CUSTOM_CGO_CFLAGS = "" ++CUSTOM_CGO_LDFLAGS = "$(shell $(call pkg_config, $(LIB_BPF))) $(shell $(call pkg_config, $(LIB_ELF))) $(shell $(call pkg_config, $(LIB_ZLIB)))" + + GO_ENV_EBPF = + GO_ENV_EBPF += GOOS=linux +@@ -474,6 +472,7 @@ $(OUTPUT_DIR)/tracee-ebpf: \ + $(TRACEE_EBPF_SRC) \ + ./embedded-ebpf.go \ + | .checkver_$(CMD_GO) \ ++ .checklib_$(LIB_BPF) \ + .checklib_$(LIB_ELF) \ + .checklib_$(LIB_ZLIB) \ + btfhub diff --git a/nixpkgs/pkgs/tools/security/traitor/default.nix b/nixpkgs/pkgs/tools/security/traitor/default.nix new file mode 100644 index 000000000000..26efa6d68a70 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/traitor/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "traitor"; + version = "0.0.14"; + + src = fetchFromGitHub { + owner = "liamg"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-LQfKdjZaTm5z8DUt6He/RJHbOUCUwP3CV3Fyt5rJIfU="; + }; + + vendorHash = null; + + meta = with lib; { + description = "Automatic Linux privilege escalation"; + longDescription = '' + Automatically exploit low-hanging fruit to pop a root shell. Traitor packages + up a bunch of methods to exploit local misconfigurations and vulnerabilities + (including most of GTFOBins) in order to pop a root shell. + ''; + homepage = "https://github.com/liamg/traitor"; + platforms = platforms.linux; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/trousers/allow-non-tss-config-file-owner.patch b/nixpkgs/pkgs/tools/security/trousers/allow-non-tss-config-file-owner.patch new file mode 100644 index 000000000000..391eb1ad589d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/trousers/allow-non-tss-config-file-owner.patch @@ -0,0 +1,19 @@ +diff -ur trousers-0.3.11.2.orig/src/tcsd/tcsd_conf.c trousers-0.3.11.2/src/tcsd/tcsd_conf.c +--- trousers-0.3.11.2.orig/src/tcsd/tcsd_conf.c 2013-07-12 18:27:37.000000000 +0200 ++++ trousers-0.3.11.2/src/tcsd/tcsd_conf.c 2013-08-21 14:29:42.917231648 +0200 +@@ -763,6 +763,7 @@ + return TCSERR(TSS_E_INTERNAL_ERROR); + } + ++#ifndef ALLOW_NON_TSS_CONFIG_FILE + /* make sure user/group TSS owns the conf file */ + if (stat_buf.st_uid != 0 || grp->gr_gid != stat_buf.st_gid) { + LogError("TCSD config file (%s) must be user/group %s/%s", tcsd_config_file, +@@ -775,6 +776,7 @@ + LogError("TCSD config file (%s) must be mode 0640", tcsd_config_file); + return TCSERR(TSS_E_INTERNAL_ERROR); + } ++#endif + #endif /* SOLARIS */ + + if ((f = fopen(tcsd_config_file, "r")) == NULL) { diff --git a/nixpkgs/pkgs/tools/security/trousers/default.nix b/nixpkgs/pkgs/tools/security/trousers/default.nix new file mode 100644 index 000000000000..5502de2d6272 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/trousers/default.nix @@ -0,0 +1,29 @@ +{ lib, stdenv, fetchurl, openssl, pkg-config, autoreconfHook }: + +stdenv.mkDerivation rec { + pname = "trousers"; + version = "0.3.15"; + + src = fetchurl { + url = "mirror://sourceforge/trousers/trousers/${version}/${pname}-${version}.tar.gz"; + sha256 = "0zy7r9cnr2gvwr2fb1q4fc5xnvx405ymcbrdv7qsqwl3a4zfjnqy"; + }; + + nativeBuildInputs = [ pkg-config autoreconfHook ]; + buildInputs = [ openssl ]; + + patches = [ ./allow-non-tss-config-file-owner.patch ]; + + configureFlags = [ "--disable-usercheck" ]; + + env.NIX_CFLAGS_COMPILE = toString [ "-DALLOW_NON_TSS_CONFIG_FILE" ]; + enableParallelBuilding = true; + + meta = with lib; { + description = "Trusted computing software stack"; + homepage = "https://trousers.sourceforge.net/"; + license = licenses.bsd3; + maintainers = [ maintainers.ak ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/truecrack/default.nix b/nixpkgs/pkgs/tools/security/truecrack/default.nix new file mode 100644 index 000000000000..c58ce4ae57b1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/truecrack/default.nix @@ -0,0 +1,50 @@ +{ lib, gccStdenv, fetchFromGitLab, cudatoolkit +, config +, cudaSupport ? config.cudaSupport +, pkg-config }: + +gccStdenv.mkDerivation rec { + pname = "truecrack"; + version = "3.6"; + + src = fetchFromGitLab { + owner = "kalilinux"; + repo = "packages/truecrack"; + rev = "debian/${version}+git20150326-0kali1"; + sha256 = "+Rw9SfaQtO1AJO6UVVDMCo8DT0dYEbv7zX8SI+pHCRQ="; + }; + + configureFlags = (if cudaSupport then [ + "--with-cuda=${cudatoolkit}" + ] else [ + "--enable-cpu" + ]); + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = lib.optionals cudaSupport [ + cudatoolkit + ]; + + # Workaround build failure on -fno-common toolchains like upstream + # gcc-10. Otherwise build fails as: + # ld: CpuAes.o:/build/source/src/Crypto/CpuAes.h:1233: multiple definition of + # `t_rc'; CpuCore.o:/build/source/src/Crypto/CpuAes.h:1237: first defined here + # TODO: remove on upstream fixes it: + # https://gitlab.com/kalilinux/packages/truecrack/-/issues/1 + env.NIX_CFLAGS_COMPILE = "-fcommon"; + + installFlags = [ "prefix=$(out)" ]; + enableParallelBuilding = true; + + meta = with lib; { + description = "TrueCrack is a brute-force password cracker for TrueCrypt volumes. It works on Linux and it is optimized for Nvidia Cuda technology."; + homepage = "https://gitlab.com/kalilinux/packages/truecrack"; + broken = cudaSupport; + license = licenses.gpl3Plus; + platforms = platforms.unix; + maintainers = with maintainers; [ ethancedwards8 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/trueseeing/default.nix b/nixpkgs/pkgs/tools/security/trueseeing/default.nix new file mode 100644 index 000000000000..a9c4f300141f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/trueseeing/default.nix @@ -0,0 +1,52 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "trueseeing"; + version = "2.1.7"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "alterakey"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-pnIn+Rqun5J3F9cgeBUBX4e9WP5fgbm+vwN3Wqh/yEc="; + }; + + nativeBuildInputs = with python3.pkgs; [ + flit-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + attrs + ipython + jinja2 + lxml + pypubsub + pyyaml + docker + ]; + + postPatch = '' + substituteInPlace pyproject.toml \ + --replace "attrs~=21.4" "attrs>=21.4" \ + --replace "docker~=5.0.3" "docker" + ''; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "trueseeing" + ]; + + meta = with lib; { + description = "Non-decompiling Android vulnerability scanner"; + homepage = "https://github.com/alterakey/trueseeing"; + changelog = "https://github.com/alterakey/trueseeing/releases/tag/v${version}"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/trufflehog/default.nix b/nixpkgs/pkgs/tools/security/trufflehog/default.nix new file mode 100644 index 000000000000..de2ec7dfb05a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/trufflehog/default.nix @@ -0,0 +1,47 @@ +{ lib +, fetchFromGitHub +, buildGoModule +, testers +, trufflehog +}: + +buildGoModule rec { + pname = "trufflehog"; + version = "3.60.3"; + + src = fetchFromGitHub { + owner = "trufflesecurity"; + repo = "trufflehog"; + rev = "refs/tags/v${version}"; + hash = "sha256-864bq0LK2lRWmbQ7JTGc9gtMsTnoKMLkjyEdTNUBFRg="; + }; + + vendorHash = "sha256-TNxZatI9l+dX2WI7SnTH975yrgyuB4VjTJOkaSr5mxc="; + + ldflags = [ + "-s" + "-w" + "-X=github.com/trufflesecurity/trufflehog/v3/pkg/version.BuildVersion=${version}" + ]; + + # Test cases run git clone and require network access + doCheck = false; + + postInstall = '' + rm $out/bin/{generate,snifftest} + ''; + + passthru = { + tests.version = testers.testVersion { + package = trufflehog; + }; + }; + + meta = with lib; { + description = "Find credentials all over the place"; + homepage = "https://github.com/trufflesecurity/trufflehog"; + changelog = "https://github.com/trufflesecurity/trufflehog/releases/tag/v${version}"; + license = with licenses; [ agpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/trustymail/default.nix b/nixpkgs/pkgs/tools/security/trustymail/default.nix new file mode 100644 index 000000000000..eb384ce16253 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/trustymail/default.nix @@ -0,0 +1,47 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "trustymail"; + version = "0.8.1"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "cisagov"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-hKiQWAOzUjmoCcEH9OTgkgU7s1V+Vv3+93OLkqDRDoU="; + }; + + postPatch = '' + substituteInPlace pytest.ini \ + --replace " --cov" "" + ''; + + propagatedBuildInputs = with python3.pkgs; [ + dnspython + docopt + publicsuffixlist + pydns + pyspf + requests + ] ++ publicsuffixlist.optional-dependencies.update; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "trustymail" + ]; + + meta = with lib; { + description = "Tool to scan domains and return data based on trustworthy email best practices"; + homepage = "https://github.com/cisagov/trustymail"; + changelog = "https://github.com/cisagov/trustymail/releases/tag/v${version}"; + license = with licenses; [ cc0 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/uddup/default.nix b/nixpkgs/pkgs/tools/security/uddup/default.nix new file mode 100644 index 000000000000..3516b4dcff8d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/uddup/default.nix @@ -0,0 +1,36 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "uddup"; + version = "0.9.3"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "rotemreiss"; + repo = pname; + rev = "v${version}"; + sha256 = "1f5dm3772hiik9irnyvbs7wygcafbwi7czw3b47cwhb90b8fi5hg"; + }; + + propagatedBuildInputs = with python3.pkgs; [ + colorama + ]; + + nativeCheckInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "uddup" + ]; + + meta = with lib; { + description = "Tool for de-duplication URLs"; + homepage = "https://github.com/rotemreiss/uddup"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/udpx/default.nix b/nixpkgs/pkgs/tools/security/udpx/default.nix new file mode 100644 index 000000000000..081c002a09e5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/udpx/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "udpx"; + version = "1.0.7"; + + src = fetchFromGitHub { + owner = "nullt3r"; + repo = "udpx"; + rev = "refs/tags/v${version}"; + hash = "sha256-IRnGi3TmCyxmJKAd8ZVRoSHDao+3Xt4F5QfHvNahvGo="; + }; + + vendorHash = null; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "Single-packet UDP scanner"; + homepage = "https://github.com/nullt3r/udpx"; + changelog = "https://github.com/nullt3r/udpx/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/uncover/default.nix b/nixpkgs/pkgs/tools/security/uncover/default.nix new file mode 100644 index 000000000000..f0ee8aa23757 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/uncover/default.nix @@ -0,0 +1,32 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "uncover"; + version = "1.0.7"; + + src = fetchFromGitHub { + owner = "projectdiscovery"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-CJA+rDLubghaQT+yb0zQY3y8hF0/5ISH9YFvIQHwH2Y="; + }; + + vendorHash = "sha256-A7XPsl27Q5CaQXQUEvNB05B2M3mFGz/yZ4sOnOHxhw8="; + + meta = with lib; { + description = "API wrapper to search for exposed hosts"; + longDescription = '' + uncover is a go wrapper using APIs of well known search engines to quickly + discover exposed hosts on the internet. It is built with automation in mind, + so you can query it and utilize the results with your current pipeline tools. + Currently, it supports shodan,shodan-internetdb, censys, and fofa search API. + ''; + homepage = "https://github.com/projectdiscovery/uncover"; + changelog = "https://github.com/projectdiscovery/uncover/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/urlhunter/default.nix b/nixpkgs/pkgs/tools/security/urlhunter/default.nix new file mode 100644 index 000000000000..c70c43027a25 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/urlhunter/default.nix @@ -0,0 +1,29 @@ +{ buildGoModule +, fetchFromGitHub +, lib +}: + +buildGoModule rec { + pname = "urlhunter"; + version = "0.1.2"; + + src = fetchFromGitHub { + owner = "utkusen"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-lX5zh+fYVSyWPUOnfRNMGZPsiuxjKBSpluPUMN9mZ+k="; + }; + + vendorHash = "sha256-JDDxarFROBhdi76mY6udn++lReKLdju/JBpj3JhGdQA="; + + meta = with lib; { + description = "Recon tool that allows searching shortened URLs"; + longDescription = '' + urlhunter is a recon tool that allows searching on URLs that are + exposed via shortener services such as bit.ly and goo.gl. + ''; + homepage = "https://github.com/utkusen/urlhunter"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/usbrip/default.nix b/nixpkgs/pkgs/tools/security/usbrip/default.nix new file mode 100644 index 000000000000..aa09d759b8e4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/usbrip/default.nix @@ -0,0 +1,45 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "usbrip"; + version = "unstable-2021-07-02"; + + disabled = python3.pythonOlder "3.6"; + + src = fetchFromGitHub { + owner = "snovvcrash"; + repo = pname; + rev = "0f3701607ba13212ebefb4bbd9e68ec0e22d76ac"; + sha256 = "1vws8ybhv7szpqvlbmv0hrkys2fhhaa5bj9dywv3q2y1xmljl0py"; + }; + + propagatedBuildInputs = with python3.pkgs; [ + termcolor + terminaltables + tqdm + ]; + + postPatch = '' + # Remove install helpers which we don't need + substituteInPlace setup.py \ + --replace "parse_requirements('requirements.txt')," "[]," \ + --replace "resolve('wheel')" "" \ + --replace "'install': LocalInstallCommand," "" + ''; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ "usbrip" ]; + + meta = with lib; { + description = "Tool to track the history of USB events"; + homepage = "https://github.com/snovvcrash/usbrip"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/vals/default.nix b/nixpkgs/pkgs/tools/security/vals/default.nix new file mode 100644 index 000000000000..9282bf7bb9ce --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vals/default.nix @@ -0,0 +1,37 @@ +{ lib, buildGoModule, fetchFromGitHub, testers, vals }: + +buildGoModule rec { + pname = "vals"; + version = "0.28.0"; + + src = fetchFromGitHub { + rev = "v${version}"; + owner = "variantdev"; + repo = pname; + sha256 = "sha256-6sKwRYbWaKrnMLU+G4/s3CTjUYeovsWttAvk1MnIFPI="; + }; + + vendorHash = "sha256-CwRhtC+Ome/oyTSd8rPpQ3TgBkFb9CM3XRc0k2g2lHU="; + + ldflags = [ + "-s" + "-w" + "-X main.version=${version}" + ]; + + # Tests require connectivity to various backends. + doCheck = false; + + passthru.tests.version = testers.testVersion { + package = vals; + command = "vals version"; + }; + + meta = with lib; { + description = "Helm-like configuration values loader with support for various sources"; + license = licenses.asl20; + homepage = "https://github.com/variantdev/vals"; + changelog = "https://github.com/variantdev/vals/releases/v${version}"; + maintainers = with maintainers; [ stehessel ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/vault-medusa/default.nix b/nixpkgs/pkgs/tools/security/vault-medusa/default.nix new file mode 100644 index 000000000000..9cd6bd1fd46e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vault-medusa/default.nix @@ -0,0 +1,22 @@ +{ lib, fetchFromGitHub, buildGoModule }: + +buildGoModule rec { + pname = "vault-medusa"; + version = "0.4.1"; + + src = fetchFromGitHub { + owner = "jonasvinther"; + repo = "medusa"; + rev = "v${version}"; + sha256 = "sha256-VL22p723LDHpn+WhKoPm3u1uSTMofJpy3tZNlgcWQSk="; + }; + + vendorHash = "sha256-pptAtzw9vRguQJK73kjfM/wnTJDekXBWV3Yeb8p8LOY="; + + meta = with lib; { + description = "A cli tool for importing and exporting Hashicorp Vault secrets"; + homepage = "https://github.com/jonasvinther/medusa"; + license = licenses.mit; + maintainers = with maintainers; [ onny ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/vault-ssh-plus/default.nix b/nixpkgs/pkgs/tools/security/vault-ssh-plus/default.nix new file mode 100644 index 000000000000..a1c77e5d0a29 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vault-ssh-plus/default.nix @@ -0,0 +1,48 @@ +{ buildGoModule +, fetchFromGitHub +, makeWrapper +, lib +, openssh +, testers +, vault-ssh-plus +}: +buildGoModule rec { + pname = "vault-ssh-plus"; + version = "0.7.3"; + + src = fetchFromGitHub { + owner = "isometry"; + repo = pname; + rev = "v${version}"; + hash = "sha256-IRmFC5WsLmHfPjS/jW5V7dNF5rNvmsh3YKwW7rGII24="; + }; + + vendorHash = "sha256-cuU7rEpJrwrbiXLajdv4h6GePbpZclweyB9qZ3SIjP0="; + + nativeBuildInputs = [ makeWrapper ]; + + ldflags = [ + "-s" + "-w" + "-X main.version=${version}" + ]; + + postInstall = '' + mv $out/bin/vault-ssh-plus $out/bin/vssh + wrapProgram $out/bin/vssh --prefix PATH : ${lib.makeBinPath [ openssh ]}; + ''; + + passthru.tests.version = testers.testVersion { + package = vault-ssh-plus; + command = "vssh --version"; + version = "v${version}"; + }; + + meta = with lib; { + homepage = "https://github.com/isometry/vault-ssh-plus"; + changelog = "https://github.com/isometry/vault-ssh-plus/releases/tag/v${version}"; + description = "Automatically use HashiCorp Vault SSH Client Key Signing with ssh(1)"; + license = licenses.mit; + maintainers = with maintainers; [ lesuisse ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/vault/default.nix b/nixpkgs/pkgs/tools/security/vault/default.nix new file mode 100644 index 000000000000..fb9ce6fd6d5a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vault/default.nix @@ -0,0 +1,53 @@ +{ stdenv, lib, fetchFromGitHub, buildGoModule, installShellFiles, nixosTests +, makeWrapper +, gawk +, glibc +}: + +buildGoModule rec { + pname = "vault"; + version = "1.14.4"; + + src = fetchFromGitHub { + owner = "hashicorp"; + repo = "vault"; + rev = "v${version}"; + sha256 = "sha256-E7lEKsbl2L6KhLgAZbemCaTIjbsvl3wg3oCURn/Judc="; + }; + + vendorHash = "sha256-8ytAT7qVXAIfoeMyTBMJ6DiWn74sRM1WrrOYaKTlKMo="; + + proxyVendor = true; + + subPackages = [ "." ]; + + nativeBuildInputs = [ installShellFiles makeWrapper ]; + + tags = [ "vault" ]; + + ldflags = [ + "-s" "-w" + "-X github.com/hashicorp/vault/sdk/version.GitCommit=${src.rev}" + "-X github.com/hashicorp/vault/sdk/version.Version=${version}" + "-X github.com/hashicorp/vault/sdk/version.VersionPrerelease=" + ]; + + postInstall = '' + echo "complete -C $out/bin/vault vault" > vault.bash + installShellCompletion vault.bash + '' + lib.optionalString stdenv.isLinux '' + wrapProgram $out/bin/vault \ + --prefix PATH ${lib.makeBinPath [ gawk glibc ]} + ''; + + passthru.tests = { inherit (nixosTests) vault vault-postgresql vault-dev vault-agent; }; + + meta = with lib; { + homepage = "https://www.vaultproject.io/"; + description = "A tool for managing secrets"; + changelog = "https://github.com/hashicorp/vault/blob/v${version}/CHANGELOG.md"; + license = licenses.mpl20; + mainProgram = "vault"; + maintainers = with maintainers; [ rushmorem lnl7 offline pradeepchhetri Chili-Man techknowlogick ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/vault/update-bin.sh b/nixpkgs/pkgs/tools/security/vault/update-bin.sh new file mode 100755 index 000000000000..25f41e2aad12 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vault/update-bin.sh @@ -0,0 +1,43 @@ +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p curl gnused gawk nix-prefetch + +set -euo pipefail + +ROOT="$(dirname "$(readlink -f "$0")")" +NIX_DRV="$ROOT/vault-bin.nix" +if [ ! -f "$NIX_DRV" ]; then + echo "ERROR: cannot find vault-bin in $ROOT" + exit 1 +fi + +fetch_arch() { + VER="$1"; ARCH="$2" + URL="https://releases.hashicorp.com/vault/${VER}/vault_${VER}_${ARCH}.zip" + nix-prefetch "{ stdenv, fetchzip }: +stdenv.mkDerivation rec { + pname = \"vault-bin\"; version = \"${VER}\"; + src = fetchzip { url = \"$URL\"; }; +} +" +} + +replace_sha() { + sed -i "s#$1 = \"sha256-.\{44\}\"#$1 = \"$2\"#" "$NIX_DRV" +} + +# https://releases.hashicorp.com/vault/1.9.4/vault_1.9.4_linux_arm64.zip +VAULT_VER=$(curl -Ls -w "%{url_effective}" -o /dev/null https://github.com/hashicorp/vault/releases/latest | awk -F'/' '{print $NF}' | sed 's/v//') + +VAULT_LINUX_X86_SHA256=$(fetch_arch "$VAULT_VER" "linux_386") +VAULT_LINUX_X64_SHA256=$(fetch_arch "$VAULT_VER" "linux_amd64") +VAULT_DARWIN_X64_SHA256=$(fetch_arch "$VAULT_VER" "darwin_amd64") +VAULT_LINUX_AARCH64_SHA256=$(fetch_arch "$VAULT_VER" "linux_arm64") +VAULT_DARWIN_AARCH64_SHA256=$(fetch_arch "$VAULT_VER" "darwin_arm64") + +sed -i "s/version = \".*\"/version = \"$VAULT_VER\"/" "$NIX_DRV" + +replace_sha "i686-linux" "$VAULT_LINUX_X86_SHA256" +replace_sha "x86_64-linux" "$VAULT_LINUX_X64_SHA256" +replace_sha "x86_64-darwin" "$VAULT_DARWIN_X64_SHA256" +replace_sha "aarch64-linux" "$VAULT_LINUX_AARCH64_SHA256" +replace_sha "aarch64-darwin" "$VAULT_DARWIN_AARCH64_SHA256" diff --git a/nixpkgs/pkgs/tools/security/vault/vault-bin.nix b/nixpkgs/pkgs/tools/security/vault/vault-bin.nix new file mode 100644 index 000000000000..f9d1dd74e126 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vault/vault-bin.nix @@ -0,0 +1,63 @@ +{ lib, stdenv, fetchzip }: + +stdenv.mkDerivation rec { + pname = "vault-bin"; + version = "1.15.0"; + + src = + let + inherit (stdenv.hostPlatform) system; + selectSystem = attrs: attrs.${system} or (throw "Unsupported system: ${system}"); + suffix = selectSystem { + x86_64-linux = "linux_amd64"; + aarch64-linux = "linux_arm64"; + i686-linux = "linux_386"; + x86_64-darwin = "darwin_amd64"; + aarch64-darwin = "darwin_arm64"; + }; + sha256 = selectSystem { + x86_64-linux = "sha256-TLpH6s9odZFh9LFnLiZjpcx0+W+6XrdDhja/xcixx7s="; + aarch64-linux = "sha256-QQejEfJrCB+68SXhQm7Ub763ZL72Cy+HB1be+4p4XrM="; + i686-linux = "sha256-1dFPAIBNyDQheIdszmoiHU6AmLZ1TtbT+If7n8ZQQAY="; + x86_64-darwin = "sha256-51A12pOMaJGYacgiIIW3sqUytApDXrSWBkNl7fWqFgk="; + aarch64-darwin = "sha256-PacsdP9n7mdK/wKJW63Ajbt5G+PFPwa+XB4OEz3YUno="; + }; + in + fetchzip { + url = "https://releases.hashicorp.com/vault/${version}/vault_${version}_${suffix}.zip"; + inherit sha256; + }; + + dontConfigure = true; + dontBuild = true; + dontStrip = stdenv.isDarwin; + + installPhase = '' + runHook preInstall + install -D vault $out/bin/vault + runHook postInstall + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + $out/bin/vault --help + $out/bin/vault version + runHook postInstallCheck + ''; + + dontPatchELF = true; + dontPatchShebangs = true; + + passthru.updateScript = ./update-bin.sh; + + meta = with lib; { + description = "A tool for managing secrets, this binary includes the UI"; + homepage = "https://www.vaultproject.io"; + sourceProvenance = with sourceTypes; [ binaryNativeCode ]; + license = licenses.mpl20; + maintainers = with maintainers; teams.serokell.members ++ [ offline psyanticy Chili-Man techknowlogick mkaito ]; + mainProgram = "vault"; + platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-darwin" "aarch64-linux" ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/vaultwarden/Cargo.lock b/nixpkgs/pkgs/tools/security/vaultwarden/Cargo.lock new file mode 100644 index 000000000000..cf74b7f88648 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vaultwarden/Cargo.lock @@ -0,0 +1,3832 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "addr2line" +version = "0.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4fa78e18c64fce05e902adecd7a5eed15a5e0a3439f7b0e169f0252214865e3" +dependencies = [ + "gimli", +] + +[[package]] +name = "adler" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" + +[[package]] +name = "aho-corasick" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86b8f9420f797f2d9e935edf629310eb938a0d839f984e25327f3c7eed22300c" +dependencies = [ + "memchr", +] + +[[package]] +name = "alloc-no-stdlib" +version = "2.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cc7bb162ec39d46ab1ca8c77bf72e890535becd1751bb45f64c597edb4c8c6b3" + +[[package]] +name = "alloc-stdlib" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94fb8275041c72129eb51b7d0322c29b8387a0386127718b096429201a5d6ece" +dependencies = [ + "alloc-no-stdlib", +] + +[[package]] +name = "android-tzdata" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e999941b234f3131b00bc13c22d06e8c5ff726d1b6318ac7eb276997bbb4fef0" + +[[package]] +name = "android_system_properties" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" +dependencies = [ + "libc", +] + +[[package]] +name = "argon2" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2e554a8638bdc1e4eae9984845306cc95f8a9208ba8d49c3859fd958b46774d" +dependencies = [ + "base64ct", + "blake2", + "cpufeatures", + "password-hash", +] + +[[package]] +name = "async-channel" +version = "1.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "81953c529336010edd6d8e358f886d9581267795c61b19475b71314bffa46d35" +dependencies = [ + "concurrent-queue", + "event-listener", + "futures-core", +] + +[[package]] +name = "async-compression" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62b74f44609f0f91493e3082d3734d98497e094777144380ea4db9f9905dd5b6" +dependencies = [ + "brotli", + "flate2", + "futures-core", + "memchr", + "pin-project-lite", + "tokio", +] + +[[package]] +name = "async-executor" +version = "1.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6fa3dc5f2a8564f07759c008b9109dc0d39de92a88d5588b8a5036d286383afb" +dependencies = [ + "async-lock", + "async-task", + "concurrent-queue", + "fastrand 1.9.0", + "futures-lite", + "slab", +] + +[[package]] +name = "async-global-executor" +version = "2.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1b6f5d7df27bd294849f8eec66ecfc63d11814df7a4f5d74168a2394467b776" +dependencies = [ + "async-channel", + "async-executor", + "async-io", + "async-lock", + "blocking", + "futures-lite", + "once_cell", +] + +[[package]] +name = "async-io" +version = "1.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fc5b45d93ef0529756f812ca52e44c221b35341892d3dcc34132ac02f3dd2af" +dependencies = [ + "async-lock", + "autocfg", + "cfg-if", + "concurrent-queue", + "futures-lite", + "log", + "parking", + "polling", + "rustix 0.37.23", + "slab", + "socket2 0.4.9", + "waker-fn", +] + +[[package]] +name = "async-lock" +version = "2.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "287272293e9d8c41773cec55e365490fe034813a2f172f502d6ddcf75b2f582b" +dependencies = [ + "event-listener", +] + +[[package]] +name = "async-process" +version = "1.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a9d28b1d97e08915212e2e45310d47854eafa69600756fc735fb788f75199c9" +dependencies = [ + "async-io", + "async-lock", + "autocfg", + "blocking", + "cfg-if", + "event-listener", + "futures-lite", + "rustix 0.37.23", + "signal-hook", + "windows-sys", +] + +[[package]] +name = "async-std" +version = "1.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62565bb4402e926b29953c785397c6dc0391b7b446e45008b0049eb43cec6f5d" +dependencies = [ + "async-channel", + "async-global-executor", + "async-io", + "async-lock", + "async-process", + "crossbeam-utils", + "futures-channel", + "futures-core", + "futures-io", + "futures-lite", + "gloo-timers", + "kv-log-macro", + "log", + "memchr", + "once_cell", + "pin-project-lite", + "pin-utils", + "slab", + "wasm-bindgen-futures", +] + +[[package]] +name = "async-stream" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cd56dd203fef61ac097dd65721a419ddccb106b2d2b70ba60a6b529f03961a51" +dependencies = [ + "async-stream-impl", + "futures-core", + "pin-project-lite", +] + +[[package]] +name = "async-stream-impl" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "async-task" +version = "4.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ecc7ab41815b3c653ccd2978ec3255c81349336702dfdf62ee6f7069b12a3aae" + +[[package]] +name = "async-trait" +version = "0.1.73" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bc00ceb34980c03614e35a3a4e218276a0a824e911d07651cd0d858a51e8c0f0" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "atomic" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c59bdb34bc650a32731b31bd8f0829cc15d24a708ee31559e0bb34f2bc320cba" + +[[package]] +name = "atomic-waker" +version = "1.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1181e1e0d1fce796a03db1ae795d67167da795f9cf4a39c37589e85ef57f26d3" + +[[package]] +name = "autocfg" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" + +[[package]] +name = "backtrace" +version = "0.3.68" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4319208da049c43661739c5fade2ba182f09d1dc2299b32298d3a31692b17e12" +dependencies = [ + "addr2line", + "cc", + "cfg-if", + "libc", + "miniz_oxide", + "object", + "rustc-demangle", +] + +[[package]] +name = "base64" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" + +[[package]] +name = "base64" +version = "0.21.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "604178f6c5c21f02dc555784810edfb88d34ac2c73b2eae109655649ee73ce3d" + +[[package]] +name = "base64ct" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" + +[[package]] +name = "binascii" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "383d29d513d8764dcdc42ea295d979eb99c3c9f00607b3692cf68a431f7dca72" + +[[package]] +name = "bitflags" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "bitflags" +version = "2.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4682ae6287fcf752ecaabbfcc7b6f9b72aa33933dc23a554d853aea8eea8635" + +[[package]] +name = "blake2" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe" +dependencies = [ + "digest", +] + +[[package]] +name = "block-buffer" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" +dependencies = [ + "generic-array", +] + +[[package]] +name = "blocking" +version = "1.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77231a1c8f801696fc0123ec6150ce92cffb8e164a02afb9c8ddee0e9b65ad65" +dependencies = [ + "async-channel", + "async-lock", + "async-task", + "atomic-waker", + "fastrand 1.9.0", + "futures-lite", + "log", +] + +[[package]] +name = "brotli" +version = "3.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1a0b1dbcc8ae29329621f8d4f0d835787c1c38bb1401979b49d13b0b305ff68" +dependencies = [ + "alloc-no-stdlib", + "alloc-stdlib", + "brotli-decompressor", +] + +[[package]] +name = "brotli-decompressor" +version = "2.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b6561fd3f895a11e8f72af2cb7d22e08366bebc2b6b57f7744c4bda27034744" +dependencies = [ + "alloc-no-stdlib", + "alloc-stdlib", +] + +[[package]] +name = "bumpalo" +version = "3.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a3e2c3daef883ecc1b5d58c15adae93470a91d425f3532ba1695849656af3fc1" + +[[package]] +name = "byteorder" +version = "1.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" + +[[package]] +name = "bytes" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "89b2fd2a0dcf38d7971e2194b6b6eebab45ae01067456a7fd93d5547a61b70be" + +[[package]] +name = "cached" +version = "0.44.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b195e4fbc4b6862bbd065b991a34750399c119797efff72492f28a5864de8700" +dependencies = [ + "async-trait", + "cached_proc_macro", + "cached_proc_macro_types", + "futures", + "hashbrown 0.13.2", + "instant", + "once_cell", + "thiserror", + "tokio", +] + +[[package]] +name = "cached_proc_macro" +version = "0.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b48814962d2fd604c50d2b9433c2a41a0ab567779ee2c02f7fba6eca1221f082" +dependencies = [ + "cached_proc_macro_types", + "darling", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "cached_proc_macro_types" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3a4f925191b4367301851c6d99b09890311d74b0d43f274c0b34c86d308a3663" + +[[package]] +name = "cc" +version = "1.0.82" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "305fe645edc1442a0fa8b6726ba61d422798d37a52e12eaecf4b022ebbb88f01" +dependencies = [ + "libc", +] + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "chrono" +version = "0.4.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec837a71355b28f6556dbd569b37b3f363091c0bd4b2e735674521b4c5fd9bc5" +dependencies = [ + "android-tzdata", + "iana-time-zone", + "num-traits", + "serde", + "winapi", +] + +[[package]] +name = "chrono-tz" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1369bc6b9e9a7dfdae2055f6ec151fe9c554a9d23d357c0237cee2e25eaabb7" +dependencies = [ + "chrono", + "chrono-tz-build", + "phf", +] + +[[package]] +name = "chrono-tz-build" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2f5ebdc942f57ed96d560a6d1a459bae5851102a25d5bf89dc04ae453e31ecf" +dependencies = [ + "parse-zoneinfo", + "phf", + "phf_codegen", +] + +[[package]] +name = "concurrent-queue" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62ec6771ecfa0762d24683ee5a32ad78487a3d3afdc0fb8cae19d2c5deb50b7c" +dependencies = [ + "crossbeam-utils", +] + +[[package]] +name = "cookie" +version = "0.16.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e859cd57d0710d9e06c381b550c06e76992472a8c6d527aecd2fc673dcc231fb" +dependencies = [ + "percent-encoding", + "time", + "version_check", +] + +[[package]] +name = "cookie" +version = "0.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7efb37c3e1ccb1ff97164ad95ac1606e8ccd35b3fa0a7d99a304c7f4a428cc24" +dependencies = [ + "percent-encoding", + "time", + "version_check", +] + +[[package]] +name = "cookie_store" +version = "0.16.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d606d0fba62e13cf04db20536c05cb7f13673c161cb47a47a82b9b9e7d3f1daa" +dependencies = [ + "cookie 0.16.2", + "idna 0.2.3", + "log", + "publicsuffix", + "serde", + "serde_derive", + "serde_json", + "time", + "url", +] + +[[package]] +name = "cookie_store" +version = "0.19.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5a18f35792056f8c7c2de9c002e7e4fe44c7b5f66e7d99f46468dbb730a7ea7" +dependencies = [ + "cookie 0.16.2", + "idna 0.3.0", + "log", + "publicsuffix", + "serde", + "serde_derive", + "serde_json", + "time", + "url", +] + +[[package]] +name = "core-foundation" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "194a7a9e6de53fa55116934067c844d9d749312f75c6f6d0980e8c252f8c2146" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "core-foundation-sys" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e496a50fda8aacccc86d7529e2c1e0892dbd0f898a6b5645b5561b89c3210efa" + +[[package]] +name = "cpufeatures" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a17b76ff3a4162b0b27f354a0c87015ddad39d35f9c0c36607a3bdd175dde1f1" +dependencies = [ + "libc", +] + +[[package]] +name = "crc32fast" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b540bd8bc810d3885c6ea91e2018302f68baba2129ab3e88f32389ee9370880d" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "cron" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ff76b51e4c068c52bfd2866e1567bee7c567ae8f24ada09fd4307019e25eab7" +dependencies = [ + "chrono", + "nom", + "once_cell", +] + +[[package]] +name = "crossbeam-utils" +version = "0.8.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a22b2d63d4d1dc0b7f1b6b2747dd0088008a9be28b6ddf0b1e7d335e3037294" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "crypto-common" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +dependencies = [ + "generic-array", + "typenum", +] + +[[package]] +name = "darling" +version = "0.14.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7b750cb3417fd1b327431a470f388520309479ab0bf5e323505daf0290cd3850" +dependencies = [ + "darling_core", + "darling_macro", +] + +[[package]] +name = "darling_core" +version = "0.14.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "109c1ca6e6b7f82cc233a97004ea8ed7ca123a9af07a8230878fcfda9b158bf0" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim", + "syn 1.0.109", +] + +[[package]] +name = "darling_macro" +version = "0.14.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4aab4dbc9f7611d8b55048a3a16d2d010c2c8334e46304b40ac1cc14bf3b48e" +dependencies = [ + "darling_core", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "dashmap" +version = "5.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6943ae99c34386c84a470c499d3414f66502a41340aa895406e0d2e4a207b91d" +dependencies = [ + "cfg-if", + "hashbrown 0.14.0", + "lock_api", + "once_cell", + "parking_lot_core", +] + +[[package]] +name = "data-encoding" +version = "2.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2e66c9d817f1720209181c316d28635c050fa304f9c79e47a520882661b7308" + +[[package]] +name = "data-url" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41b319d1b62ffbd002e057f36bebd1f42b9f97927c9577461d855f3513c4289f" + +[[package]] +name = "deranged" +version = "0.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7684a49fb1af197853ef7b2ee694bc1f5b4179556f1e5710e1760c5db6f5e929" + +[[package]] +name = "devise" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6eacefd3f541c66fc61433d65e54e0e46e0a029a819a7dbbc7a7b489e8a85f8" +dependencies = [ + "devise_codegen", + "devise_core", +] + +[[package]] +name = "devise_codegen" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8cf4b8dd484ede80fd5c547592c46c3745a617c8af278e2b72bea86b2dfed6" +dependencies = [ + "devise_core", + "quote", +] + +[[package]] +name = "devise_core" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "35b50dba0afdca80b187392b24f2499a88c336d5a8493e4b4ccfb608708be56a" +dependencies = [ + "bitflags 2.4.0", + "proc-macro2", + "proc-macro2-diagnostics", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "diesel" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f7a532c1f99a0f596f6960a60d1e119e91582b24b39e2d83a190e61262c3ef0c" +dependencies = [ + "bitflags 2.4.0", + "byteorder", + "chrono", + "diesel_derives", + "itoa", + "libsqlite3-sys", + "mysqlclient-sys", + "percent-encoding", + "pq-sys", + "r2d2", + "time", + "url", +] + +[[package]] +name = "diesel_derives" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "74398b79d81e52e130d991afeed9c86034bb1b7735f46d2f5bf7deb261d80303" +dependencies = [ + "diesel_table_macro_syntax", + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "diesel_logger" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23010b507517129dc9b11fb35f36d76fd2d3dd4c85232733697622e345375f2f" +dependencies = [ + "diesel", + "log", +] + +[[package]] +name = "diesel_migrations" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6036b3f0120c5961381b570ee20a02432d7e2d27ea60de9578799cf9156914ac" +dependencies = [ + "diesel", + "migrations_internals", + "migrations_macros", +] + +[[package]] +name = "diesel_table_macro_syntax" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fc5557efc453706fed5e4fa85006fe9817c224c3f480a34c7e5959fd700921c5" +dependencies = [ + "syn 2.0.28", +] + +[[package]] +name = "digest" +version = "0.10.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" +dependencies = [ + "block-buffer", + "crypto-common", + "subtle", +] + +[[package]] +name = "dotenvy" +version = "0.15.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1aaf95b3e5c8f23aa320147307562d361db0ae0d51242340f558153b4eb2439b" + +[[package]] +name = "either" +version = "1.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a26ae43d7bcc3b814de94796a5e736d4029efb0ee900c12e2d54c993ad1a1e07" + +[[package]] +name = "email-encoding" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dbfb21b9878cf7a348dcb8559109aabc0ec40d69924bd706fa5149846c4fef75" +dependencies = [ + "base64 0.21.2", + "memchr", +] + +[[package]] +name = "email_address" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2153bd83ebc09db15bcbdc3e2194d901804952e3dc96967e1cd3b0c5c32d112" +dependencies = [ + "serde", +] + +[[package]] +name = "encoding_rs" +version = "0.8.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "071a31f4ee85403370b58aca746f01041ede6f0da2730960ad001edc2b71b394" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "enum-as-inner" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c9720bba047d567ffc8a3cba48bf19126600e249ab7f128e9233e6376976a116" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "equivalent" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" + +[[package]] +name = "errno" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b30f669a7961ef1631673d2766cc92f52d64f7ef354d4fe0ddfd30ed52f0f4f" +dependencies = [ + "errno-dragonfly", + "libc", + "windows-sys", +] + +[[package]] +name = "errno-dragonfly" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" +dependencies = [ + "cc", + "libc", +] + +[[package]] +name = "error-chain" +version = "0.12.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2d2f06b9cac1506ece98fe3231e3cc9c4410ec3d5b1f24ae1c8946f0742cdefc" +dependencies = [ + "version_check", +] + +[[package]] +name = "event-listener" +version = "2.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0206175f82b8d6bf6652ff7d71a1e27fd2e4efde587fd368662814d6ec1d9ce0" + +[[package]] +name = "fastrand" +version = "1.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e51093e27b0797c359783294ca4f0a911c270184cb10f85783b118614a1501be" +dependencies = [ + "instant", +] + +[[package]] +name = "fastrand" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6999dc1837253364c2ebb0704ba97994bd874e8f195d665c50b7548f6ea92764" + +[[package]] +name = "fern" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9f0c14694cbd524c8720dd69b0e3179344f04ebb5f90f2e4a440c6ea3b2f1ee" +dependencies = [ + "log", + "syslog", +] + +[[package]] +name = "figment" +version = "0.10.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4547e226f4c9ab860571e070a9034192b3175580ecea38da34fcdb53a018c9a5" +dependencies = [ + "atomic", + "pear", + "serde", + "toml", + "uncased", + "version_check", +] + +[[package]] +name = "flate2" +version = "1.0.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b9429470923de8e8cbd4d2dc513535400b4b3fef0319fb5c4e1f520a7bef743" +dependencies = [ + "crc32fast", + "miniz_oxide", +] + +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "foreign-types" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" +dependencies = [ + "foreign-types-shared", +] + +[[package]] +name = "foreign-types-shared" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" + +[[package]] +name = "form_urlencoded" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a62bc1cf6f830c2ec14a513a9fb124d0a213a629668a4186f329db21fe045652" +dependencies = [ + "percent-encoding", +] + +[[package]] +name = "futures" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23342abe12aba583913b2e62f22225ff9c950774065e4bfb61a19cd9770fec40" +dependencies = [ + "futures-channel", + "futures-core", + "futures-executor", + "futures-io", + "futures-sink", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-channel" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "955518d47e09b25bbebc7a18df10b81f0c766eaf4c4f1cccef2fca5f2a4fb5f2" +dependencies = [ + "futures-core", + "futures-sink", +] + +[[package]] +name = "futures-core" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4bca583b7e26f571124fe5b7561d49cb2868d79116cfa0eefce955557c6fee8c" + +[[package]] +name = "futures-executor" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ccecee823288125bd88b4d7f565c9e58e41858e47ab72e8ea2d64e93624386e0" +dependencies = [ + "futures-core", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-io" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4fff74096e71ed47f8e023204cfd0aa1289cd54ae5430a9523be060cdb849964" + +[[package]] +name = "futures-lite" +version = "1.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49a9d51ce47660b1e808d3c990b4709f2f415d928835a17dfd16991515c46bce" +dependencies = [ + "fastrand 1.9.0", + "futures-core", + "futures-io", + "memchr", + "parking", + "pin-project-lite", + "waker-fn", +] + +[[package]] +name = "futures-macro" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "89ca545a94061b6365f2c7355b4b32bd20df3ff95f02da9329b34ccc3bd6ee72" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "futures-sink" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f43be4fe21a13b9781a69afa4985b0f6ee0e1afab2c6f454a8cf30e2b2237b6e" + +[[package]] +name = "futures-task" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "76d3d132be6c0e6aa1534069c705a74a5997a356c0dc2f86a47765e5617c5b65" + +[[package]] +name = "futures-timer" +version = "3.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e64b03909df88034c26dc1547e8970b91f98bdb65165d6a4e9110d94263dbb2c" + +[[package]] +name = "futures-util" +version = "0.3.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26b01e40b772d54cf6c6d721c1d1abd0647a0106a12ecaa1c186273392a69533" +dependencies = [ + "futures-channel", + "futures-core", + "futures-io", + "futures-macro", + "futures-sink", + "futures-task", + "memchr", + "pin-project-lite", + "pin-utils", + "slab", +] + +[[package]] +name = "generator" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5cc16584ff22b460a382b7feec54b23d2908d858152e5739a120b949293bd74e" +dependencies = [ + "cc", + "libc", + "log", + "rustversion", + "windows", +] + +[[package]] +name = "generic-array" +version = "0.14.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" +dependencies = [ + "typenum", + "version_check", +] + +[[package]] +name = "getrandom" +version = "0.2.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427" +dependencies = [ + "cfg-if", + "libc", + "wasi", +] + +[[package]] +name = "gimli" +version = "0.27.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6c80984affa11d98d1b88b66ac8853f143217b399d3c74116778ff8fdb4ed2e" + +[[package]] +name = "glob" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" + +[[package]] +name = "gloo-timers" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b995a66bb87bebce9a0f4a95aed01daca4872c050bfcb21653361c03bc35e5c" +dependencies = [ + "futures-channel", + "futures-core", + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "governor" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "821239e5672ff23e2a7060901fa622950bbd80b649cdaadd78d1c1767ed14eb4" +dependencies = [ + "cfg-if", + "dashmap", + "futures", + "futures-timer", + "no-std-compat", + "nonzero_ext", + "parking_lot", + "quanta", + "rand", + "smallvec", +] + +[[package]] +name = "h2" +version = "0.3.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97ec8491ebaf99c8eaa73058b045fe58073cd6be7f596ac993ced0b0a0c01049" +dependencies = [ + "bytes", + "fnv", + "futures-core", + "futures-sink", + "futures-util", + "http", + "indexmap 1.9.3", + "slab", + "tokio", + "tokio-util", + "tracing", +] + +[[package]] +name = "half" +version = "1.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eabb4a44450da02c90444cf74558da904edde8fb4e9035a9a6a4e15445af0bd7" + +[[package]] +name = "handlebars" +version = "4.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83c3372087601b532857d332f5957cbae686da52bb7810bf038c3e3c3cc2fa0d" +dependencies = [ + "log", + "pest", + "pest_derive", + "serde", + "serde_json", + "thiserror", + "walkdir", +] + +[[package]] +name = "hashbrown" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" + +[[package]] +name = "hashbrown" +version = "0.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43a3c133739dddd0d2990f9a4bdf8eb4b21ef50e4851ca85ab661199821d510e" + +[[package]] +name = "hashbrown" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c6201b9ff9fd90a5a3bac2e56a830d0caa509576f0e503818ee82c181b3437a" + +[[package]] +name = "heck" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" + +[[package]] +name = "hermit-abi" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "443144c8cdadd93ebf52ddb4056d257f5b52c04d3c804e657d19eb73fc33668b" + +[[package]] +name = "hmac" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" +dependencies = [ + "digest", +] + +[[package]] +name = "hostname" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c731c3e10504cc8ed35cfe2f1db4c9274c3d35fa486e3b31df46f068ef3e867" +dependencies = [ + "libc", + "match_cfg", + "winapi", +] + +[[package]] +name = "html5gum" +version = "0.5.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c4e556171a058ba117bbe88b059fb37b6289023e007d2903ea6dca3a3cbff14" +dependencies = [ + "jetscii", +] + +[[package]] +name = "http" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd6effc99afb63425aff9b05836f029929e345a6148a14b7ecd5ab67af944482" +dependencies = [ + "bytes", + "fnv", + "itoa", +] + +[[package]] +name = "http-body" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5f38f16d184e36f2408a55281cd658ecbd3ca05cce6d6510a176eca393e26d1" +dependencies = [ + "bytes", + "http", + "pin-project-lite", +] + +[[package]] +name = "httparse" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d897f394bad6a705d5f4104762e116a75639e470d80901eed05a860a95cb1904" + +[[package]] +name = "httpdate" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" + +[[package]] +name = "hyper" +version = "0.14.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffb1cfd654a8219eaef89881fdb3bb3b1cdc5fa75ded05d6933b2b382e395468" +dependencies = [ + "bytes", + "futures-channel", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "httparse", + "httpdate", + "itoa", + "pin-project-lite", + "socket2 0.4.9", + "tokio", + "tower-service", + "tracing", + "want", +] + +[[package]] +name = "hyper-tls" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905" +dependencies = [ + "bytes", + "hyper", + "native-tls", + "tokio", + "tokio-native-tls", +] + +[[package]] +name = "iana-time-zone" +version = "0.1.57" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2fad5b825842d2b38bd206f3e81d6957625fd7f0a361e345c30e01a0ae2dd613" +dependencies = [ + "android_system_properties", + "core-foundation-sys", + "iana-time-zone-haiku", + "js-sys", + "wasm-bindgen", + "windows", +] + +[[package]] +name = "iana-time-zone-haiku" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f" +dependencies = [ + "cc", +] + +[[package]] +name = "ident_case" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" + +[[package]] +name = "idna" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "418a0a6fab821475f634efe3ccc45c013f742efe03d853e8d3355d5cb850ecf8" +dependencies = [ + "matches", + "unicode-bidi", + "unicode-normalization", +] + +[[package]] +name = "idna" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e14ddfc70884202db2244c223200c204c2bda1bc6e0998d11b5e024d657209e6" +dependencies = [ + "unicode-bidi", + "unicode-normalization", +] + +[[package]] +name = "idna" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d20d6b07bfbc108882d88ed8e37d39636dcc260e15e30c45e6ba089610b917c" +dependencies = [ + "unicode-bidi", + "unicode-normalization", +] + +[[package]] +name = "indexmap" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" +dependencies = [ + "autocfg", + "hashbrown 0.12.3", + "serde", +] + +[[package]] +name = "indexmap" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5477fe2230a79769d8dc68e0eabf5437907c0457a5614a9e8dddb67f65eb65d" +dependencies = [ + "equivalent", + "hashbrown 0.14.0", +] + +[[package]] +name = "inlinable_string" +version = "0.1.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8fae54786f62fb2918dcfae3d568594e50eb9b5c25bf04371af6fe7516452fb" + +[[package]] +name = "instant" +version = "0.1.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "io-lifetimes" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2" +dependencies = [ + "hermit-abi", + "libc", + "windows-sys", +] + +[[package]] +name = "ipconfig" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b58db92f96b720de98181bbbe63c831e87005ab460c1bf306eb2622b4707997f" +dependencies = [ + "socket2 0.5.3", + "widestring", + "windows-sys", + "winreg 0.50.0", +] + +[[package]] +name = "ipnet" +version = "2.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28b29a3cd74f0f4598934efe3aeba42bae0eb4680554128851ebbecb02af14e6" + +[[package]] +name = "is-terminal" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb0889898416213fab133e1d33a0e5858a48177452750691bde3666d0fdbaf8b" +dependencies = [ + "hermit-abi", + "rustix 0.38.8", + "windows-sys", +] + +[[package]] +name = "itoa" +version = "1.0.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af150ab688ff2122fcef229be89cb50dd66af9e01a4ff320cc137eecc9bacc38" + +[[package]] +name = "jetscii" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "47f142fe24a9c9944451e8349de0a56af5f3e7226dc46f3ed4d4ecc0b85af75e" + +[[package]] +name = "job_scheduler_ng" +version = "2.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "10bbdf445513bbe53f4666218b7057d265c76fa0b30475e121a6bf05dbaacaae" +dependencies = [ + "chrono", + "cron", + "uuid", +] + +[[package]] +name = "js-sys" +version = "0.3.64" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c5f195fe497f702db0f318b07fdd68edb16955aed830df8363d837542f8f935a" +dependencies = [ + "wasm-bindgen", +] + +[[package]] +name = "jsonwebtoken" +version = "8.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6971da4d9c3aa03c3d8f3ff0f4155b534aad021292003895a469716b2a230378" +dependencies = [ + "base64 0.21.2", + "pem", + "ring", + "serde", + "serde_json", + "simple_asn1", +] + +[[package]] +name = "kv-log-macro" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0de8b303297635ad57c9f5059fd9cee7a47f8e8daa09df0fcd07dd39fb22977f" +dependencies = [ + "log", +] + +[[package]] +name = "lazy_static" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" + +[[package]] +name = "lettre" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "76bd09637ae3ec7bd605b8e135e757980b3968430ff2b1a4a94fb7769e50166d" +dependencies = [ + "async-std", + "async-trait", + "base64 0.21.2", + "email-encoding", + "email_address", + "fastrand 1.9.0", + "futures-io", + "futures-util", + "hostname", + "httpdate", + "idna 0.3.0", + "mime", + "native-tls", + "nom", + "once_cell", + "quoted_printable", + "serde", + "socket2 0.4.9", + "tokio", + "tokio-native-tls", + "tracing", +] + +[[package]] +name = "libc" +version = "0.2.147" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" + +[[package]] +name = "libmimalloc-sys" +version = "0.1.33" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4ac0e912c8ef1b735e92369695618dc5b1819f5a7bf3f167301a3ba1cea515e" +dependencies = [ + "cc", + "libc", +] + +[[package]] +name = "libsqlite3-sys" +version = "0.26.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "afc22eff61b133b115c6e8c74e818c628d6d5e7a502afea6f64dee076dd94326" +dependencies = [ + "cc", + "pkg-config", + "vcpkg", +] + +[[package]] +name = "linked-hash-map" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" + +[[package]] +name = "linux-raw-sys" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" + +[[package]] +name = "linux-raw-sys" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57bcfdad1b858c2db7c38303a6d2ad4dfaf5eb53dfeb0910128b2c26d6158503" + +[[package]] +name = "lock_api" +version = "0.4.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1cc9717a20b1bb222f333e6a92fd32f7d8a18ddc5a3191a11af45dcbf4dcd16" +dependencies = [ + "autocfg", + "scopeguard", +] + +[[package]] +name = "log" +version = "0.4.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f" +dependencies = [ + "value-bag", +] + +[[package]] +name = "loom" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff50ecb28bb86013e935fb6683ab1f6d3a20016f123c76fd4c27470076ac30f5" +dependencies = [ + "cfg-if", + "generator", + "scoped-tls", + "serde", + "serde_json", + "tracing", + "tracing-subscriber", +] + +[[package]] +name = "lru-cache" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "31e24f1ad8321ca0e8a1e0ac13f23cb668e6f5466c2c57319f6a5cf1cc8e3b1c" +dependencies = [ + "linked-hash-map", +] + +[[package]] +name = "mach2" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d0d1830bcd151a6fc4aea1369af235b36c1528fe976b8ff678683c9995eade8" +dependencies = [ + "libc", +] + +[[package]] +name = "match_cfg" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffbee8634e0d45d258acb448e7eaab3fce7a0a467395d4d9f228e3c1f01fb2e4" + +[[package]] +name = "matchers" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8263075bb86c5a1b1427b5ae862e8889656f126e9f77c484496e8b47cf5c5558" +dependencies = [ + "regex-automata 0.1.10", +] + +[[package]] +name = "matches" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2532096657941c2fea9c289d370a250971c689d4f143798ff67113ec042024a5" + +[[package]] +name = "memchr" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" + +[[package]] +name = "migrations_internals" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0f23f71580015254b020e856feac3df5878c2c7a8812297edd6c0a485ac9dada" +dependencies = [ + "serde", + "toml", +] + +[[package]] +name = "migrations_macros" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cce3325ac70e67bbab5bd837a31cae01f1a6db64e0e744a33cb03a543469ef08" +dependencies = [ + "migrations_internals", + "proc-macro2", + "quote", +] + +[[package]] +name = "mimalloc" +version = "0.1.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e2894987a3459f3ffb755608bd82188f8ed00d0ae077f1edea29c068d639d98" +dependencies = [ + "libmimalloc-sys", +] + +[[package]] +name = "mime" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" + +[[package]] +name = "minimal-lexical" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" + +[[package]] +name = "miniz_oxide" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7810e0be55b428ada41041c41f32c9f1a42817901b4ccf45fa3d4b6561e74c7" +dependencies = [ + "adler", +] + +[[package]] +name = "mio" +version = "0.8.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "927a765cd3fc26206e66b296465fa9d3e5ab003e651c1b3c060e7956d96b19d2" +dependencies = [ + "libc", + "wasi", + "windows-sys", +] + +[[package]] +name = "multer" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01acbdc23469fd8fe07ab135923371d5f5a422fbf9c522158677c8eb15bc51c2" +dependencies = [ + "bytes", + "encoding_rs", + "futures-util", + "http", + "httparse", + "log", + "memchr", + "mime", + "spin 0.9.8", + "tokio", + "tokio-util", + "version_check", +] + +[[package]] +name = "mysqlclient-sys" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f61b381528ba293005c42a409dd73d034508e273bf90481f17ec2e964a6e969b" +dependencies = [ + "pkg-config", + "vcpkg", +] + +[[package]] +name = "native-tls" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "07226173c32f2926027b63cce4bcd8076c3552846cbe7925f3aaffeac0a3b92e" +dependencies = [ + "lazy_static", + "libc", + "log", + "openssl", + "openssl-probe", + "openssl-sys", + "schannel", + "security-framework", + "security-framework-sys", + "tempfile", +] + +[[package]] +name = "no-std-compat" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b93853da6d84c2e3c7d730d6473e8817692dd89be387eb01b94d7f108ecb5b8c" + +[[package]] +name = "nom" +version = "7.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a" +dependencies = [ + "memchr", + "minimal-lexical", +] + +[[package]] +name = "nonzero_ext" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38bf9645c8b145698bb0b18a4637dcacbc421ea49bef2317e4fd8065a387cf21" + +[[package]] +name = "nu-ansi-term" +version = "0.46.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77a8165726e8236064dbb45459242600304b42a5ea24ee2948e18e023bf7ba84" +dependencies = [ + "overload", + "winapi", +] + +[[package]] +name = "num-bigint" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f93ab6289c7b344a8a9f60f88d80aa20032336fe78da341afc91c8a2341fc75f" +dependencies = [ + "autocfg", + "num-integer", + "num-traits", +] + +[[package]] +name = "num-derive" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e6a0fd4f737c707bd9086cc16c925f294943eb62eb71499e9fd4cf71f8b9f4e" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "num-integer" +version = "0.1.45" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" +dependencies = [ + "autocfg", + "num-traits", +] + +[[package]] +name = "num-traits" +version = "0.2.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f30b0abd723be7e2ffca1272140fac1a2f084c77ec3e123c192b66af1ee9e6c2" +dependencies = [ + "autocfg", +] + +[[package]] +name = "num_cpus" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" +dependencies = [ + "hermit-abi", + "libc", +] + +[[package]] +name = "num_threads" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44" +dependencies = [ + "libc", +] + +[[package]] +name = "object" +version = "0.31.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8bda667d9f2b5051b8833f59f3bf748b28ef54f850f4fcb389a252aa383866d1" +dependencies = [ + "memchr", +] + +[[package]] +name = "once_cell" +version = "1.18.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" + +[[package]] +name = "openssl" +version = "0.10.56" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "729b745ad4a5575dd06a3e1af1414bd330ee561c01b3899eb584baeaa8def17e" +dependencies = [ + "bitflags 1.3.2", + "cfg-if", + "foreign-types", + "libc", + "once_cell", + "openssl-macros", + "openssl-sys", +] + +[[package]] +name = "openssl-macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "openssl-probe" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" + +[[package]] +name = "openssl-src" +version = "111.27.0+1.1.1v" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06e8f197c82d7511c5b014030c9b1efeda40d7d5f99d23b4ceed3524a5e63f02" +dependencies = [ + "cc", +] + +[[package]] +name = "openssl-sys" +version = "0.9.91" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "866b5f16f90776b9bb8dc1e1802ac6f0513de3a7a7465867bfbc563dc737faac" +dependencies = [ + "cc", + "libc", + "openssl-src", + "pkg-config", + "vcpkg", +] + +[[package]] +name = "overload" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39" + +[[package]] +name = "parking" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14f2252c834a40ed9bb5422029649578e63aa341ac401f74e719dd1afda8394e" + +[[package]] +name = "parking_lot" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" +dependencies = [ + "lock_api", + "parking_lot_core", +] + +[[package]] +name = "parking_lot_core" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93f00c865fe7cabf650081affecd3871070f26767e7b2070a3ffae14c654b447" +dependencies = [ + "cfg-if", + "libc", + "redox_syscall", + "smallvec", + "windows-targets", +] + +[[package]] +name = "parse-zoneinfo" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c705f256449c60da65e11ff6626e0c16a0a0b96aaa348de61376b249bc340f41" +dependencies = [ + "regex", +] + +[[package]] +name = "password-hash" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "346f04948ba92c43e8469c1ee6736c7563d71012b17d40745260fe106aac2166" +dependencies = [ + "base64ct", + "rand_core", + "subtle", +] + +[[package]] +name = "paste" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c" + +[[package]] +name = "pear" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61a386cd715229d399604b50d1361683fe687066f42d56f54be995bc6868f71c" +dependencies = [ + "inlinable_string", + "pear_codegen", + "yansi 1.0.0-rc.1", +] + +[[package]] +name = "pear_codegen" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da9f0f13dac8069c139e8300a6510e3f4143ecf5259c60b116a9b271b4ca0d54" +dependencies = [ + "proc-macro2", + "proc-macro2-diagnostics", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "pem" +version = "1.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8835c273a76a90455d7344889b0964598e3316e2a79ede8e36f16bdcf2228b8" +dependencies = [ + "base64 0.13.1", +] + +[[package]] +name = "percent-encoding" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b2a4787296e9989611394c33f193f676704af1686e70b8f8033ab5ba9a35a94" + +[[package]] +name = "pest" +version = "2.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1acb4a4365a13f749a93f1a094a7805e5cfa0955373a9de860d962eaa3a5fe5a" +dependencies = [ + "thiserror", + "ucd-trie", +] + +[[package]] +name = "pest_derive" +version = "2.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "666d00490d4ac815001da55838c500eafb0320019bbaa44444137c48b443a853" +dependencies = [ + "pest", + "pest_generator", +] + +[[package]] +name = "pest_generator" +version = "2.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68ca01446f50dbda87c1786af8770d535423fa8a53aec03b8f4e3d7eb10e0929" +dependencies = [ + "pest", + "pest_meta", + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "pest_meta" +version = "2.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56af0a30af74d0445c0bf6d9d051c979b516a1a5af790d251daee76005420a48" +dependencies = [ + "once_cell", + "pest", + "sha2", +] + +[[package]] +name = "phf" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ade2d8b8f33c7333b51bcf0428d37e217e9f32192ae4772156f65063b8ce03dc" +dependencies = [ + "phf_shared", +] + +[[package]] +name = "phf_codegen" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8d39688d359e6b34654d328e262234662d16cc0f60ec8dcbe5e718709342a5a" +dependencies = [ + "phf_generator", + "phf_shared", +] + +[[package]] +name = "phf_generator" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48e4cc64c2ad9ebe670cb8fd69dd50ae301650392e81c05f9bfcb2d5bdbc24b0" +dependencies = [ + "phf_shared", + "rand", +] + +[[package]] +name = "phf_shared" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "90fcb95eef784c2ac79119d1dd819e162b5da872ce6f3c3abe1e8ca1c082f72b" +dependencies = [ + "siphasher", +] + +[[package]] +name = "pico-args" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5be167a7af36ee22fe3115051bc51f6e6c7054c9348e28deb4f49bd6f705a315" + +[[package]] +name = "pin-project-lite" +version = "0.2.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "12cc1b0bf1727a77a54b6654e7b5f1af8604923edc8b81885f8ec92f9e3f0a05" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "pkg-config" +version = "0.3.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" + +[[package]] +name = "polling" +version = "2.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b2d323e8ca7996b3e23126511a523f7e62924d93ecd5ae73b333815b0eb3dce" +dependencies = [ + "autocfg", + "bitflags 1.3.2", + "cfg-if", + "concurrent-queue", + "libc", + "log", + "pin-project-lite", + "windows-sys", +] + +[[package]] +name = "ppv-lite86" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" + +[[package]] +name = "pq-sys" +version = "0.4.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "31c0052426df997c0cbd30789eb44ca097e3541717a7b8fa36b1c464ee7edebd" +dependencies = [ + "vcpkg", +] + +[[package]] +name = "proc-macro2" +version = "1.0.66" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "proc-macro2-diagnostics" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af066a9c399a26e020ada66a034357a868728e72cd426f3adcd35f80d88d88c8" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", + "version_check", + "yansi 1.0.0-rc.1", +] + +[[package]] +name = "psl-types" +version = "2.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "33cb294fe86a74cbcf50d4445b37da762029549ebeea341421c7c70370f86cac" + +[[package]] +name = "publicsuffix" +version = "2.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96a8c1bda5ae1af7f99a2962e49df150414a43d62404644d98dd5c3a93d07457" +dependencies = [ + "idna 0.3.0", + "psl-types", +] + +[[package]] +name = "quanta" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a17e662a7a8291a865152364c20c7abc5e60486ab2001e8ec10b24862de0b9ab" +dependencies = [ + "crossbeam-utils", + "libc", + "mach2", + "once_cell", + "raw-cpuid", + "wasi", + "web-sys", + "winapi", +] + +[[package]] +name = "quick-error" +version = "1.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0" + +[[package]] +name = "quote" +version = "1.0.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50f3b39ccfb720540debaa0164757101c08ecb8d326b15358ce76a62c7e85965" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "quoted_printable" +version = "0.4.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a3866219251662ec3b26fc217e3e05bf9c4f84325234dfb96bf0bf840889e49" + +[[package]] +name = "r2d2" +version = "0.8.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "51de85fb3fb6524929c8a2eb85e6b6d363de4e8c48f9e2c2eac4944abc181c93" +dependencies = [ + "log", + "parking_lot", + "scheduled-thread-pool", +] + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha", + "rand_core", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] + +[[package]] +name = "raw-cpuid" +version = "10.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c297679cb867470fa8c9f67dbba74a78d78e3e98d7cf2b08d6d71540f797332" +dependencies = [ + "bitflags 1.3.2", +] + +[[package]] +name = "redox_syscall" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29" +dependencies = [ + "bitflags 1.3.2", +] + +[[package]] +name = "ref-cast" +version = "1.0.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61ef7e18e8841942ddb1cf845054f8008410030a3997875d9e49b7a363063df1" +dependencies = [ + "ref-cast-impl", +] + +[[package]] +name = "ref-cast-impl" +version = "1.0.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2dfaf0c85b766276c797f3791f5bc6d5bd116b41d53049af2789666b0c0bc9fa" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "regex" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "81bc1d4caf89fac26a70747fe603c130093b53c773888797a6329091246d651a" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata 0.3.6", + "regex-syntax 0.7.4", +] + +[[package]] +name = "regex-automata" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132" +dependencies = [ + "regex-syntax 0.6.29", +] + +[[package]] +name = "regex-automata" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fed1ceff11a1dddaee50c9dc8e4938bd106e9d89ae372f192311e7da498e3b69" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax 0.7.4", +] + +[[package]] +name = "regex-syntax" +version = "0.6.29" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" + +[[package]] +name = "regex-syntax" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e5ea92a5b6195c6ef2a0295ea818b312502c6fc94dde986c5553242e18fd4ce2" + +[[package]] +name = "reqwest" +version = "0.11.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cde824a14b7c14f85caff81225f411faacc04a2013f41670f41443742b1c1c55" +dependencies = [ + "async-compression", + "base64 0.21.2", + "bytes", + "cookie 0.16.2", + "cookie_store 0.16.2", + "encoding_rs", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "hyper", + "hyper-tls", + "ipnet", + "js-sys", + "log", + "mime", + "native-tls", + "once_cell", + "percent-encoding", + "pin-project-lite", + "serde", + "serde_json", + "serde_urlencoded", + "tokio", + "tokio-native-tls", + "tokio-socks", + "tokio-util", + "tower-service", + "trust-dns-resolver", + "url", + "wasm-bindgen", + "wasm-bindgen-futures", + "wasm-streams", + "web-sys", + "winreg 0.10.1", +] + +[[package]] +name = "resolv-conf" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "52e44394d2086d010551b14b53b1f24e31647570cd1deb0379e2c21b329aba00" +dependencies = [ + "hostname", + "quick-error", +] + +[[package]] +name = "ring" +version = "0.16.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc" +dependencies = [ + "cc", + "libc", + "once_cell", + "spin 0.5.2", + "untrusted", + "web-sys", + "winapi", +] + +[[package]] +name = "rmp" +version = "0.8.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f9860a6cc38ed1da53456442089b4dfa35e7cedaa326df63017af88385e6b20" +dependencies = [ + "byteorder", + "num-traits", + "paste", +] + +[[package]] +name = "rmpv" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e0e0214a4a2b444ecce41a4025792fc31f77c7bb89c46d253953ea8c65701ec" +dependencies = [ + "num-traits", + "rmp", +] + +[[package]] +name = "rocket" +version = "0.5.0-rc.3" +source = "git+https://github.com/SergioBenitez/Rocket?rev=ce441b5f46fdf5cd99cb32b8b8638835e4c2a5fa#ce441b5f46fdf5cd99cb32b8b8638835e4c2a5fa" +dependencies = [ + "async-stream", + "async-trait", + "atomic", + "binascii", + "bytes", + "either", + "figment", + "futures", + "indexmap 1.9.3", + "is-terminal", + "log", + "memchr", + "multer", + "num_cpus", + "parking_lot", + "pin-project-lite", + "rand", + "ref-cast", + "rocket_codegen", + "rocket_http", + "serde", + "serde_json", + "state", + "tempfile", + "time", + "tokio", + "tokio-stream", + "tokio-util", + "ubyte", + "version_check", + "yansi 0.5.1", +] + +[[package]] +name = "rocket_codegen" +version = "0.5.0-rc.3" +source = "git+https://github.com/SergioBenitez/Rocket?rev=ce441b5f46fdf5cd99cb32b8b8638835e4c2a5fa#ce441b5f46fdf5cd99cb32b8b8638835e4c2a5fa" +dependencies = [ + "devise", + "glob", + "indexmap 1.9.3", + "proc-macro2", + "quote", + "rocket_http", + "syn 2.0.28", + "unicode-xid", +] + +[[package]] +name = "rocket_http" +version = "0.5.0-rc.3" +source = "git+https://github.com/SergioBenitez/Rocket?rev=ce441b5f46fdf5cd99cb32b8b8638835e4c2a5fa#ce441b5f46fdf5cd99cb32b8b8638835e4c2a5fa" +dependencies = [ + "cookie 0.17.0", + "either", + "futures", + "http", + "hyper", + "indexmap 1.9.3", + "log", + "memchr", + "pear", + "percent-encoding", + "pin-project-lite", + "ref-cast", + "rustls", + "rustls-pemfile", + "serde", + "smallvec", + "stable-pattern", + "state", + "time", + "tokio", + "tokio-rustls", + "uncased", +] + +[[package]] +name = "rocket_ws" +version = "0.1.0-rc.3" +source = "git+https://github.com/SergioBenitez/Rocket?rev=ce441b5f46fdf5cd99cb32b8b8638835e4c2a5fa#ce441b5f46fdf5cd99cb32b8b8638835e4c2a5fa" +dependencies = [ + "rocket", + "tokio-tungstenite", +] + +[[package]] +name = "rpassword" +version = "7.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6678cf63ab3491898c0d021b493c94c9b221d91295294a2a5746eacbe5928322" +dependencies = [ + "libc", + "rtoolbox", + "winapi", +] + +[[package]] +name = "rtoolbox" +version = "0.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "034e22c514f5c0cb8a10ff341b9b048b5ceb21591f31c8f44c43b960f9b3524a" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "rustc-demangle" +version = "0.1.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76" + +[[package]] +name = "rustix" +version = "0.37.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4d69718bf81c6127a49dc64e44a742e8bb9213c0ff8869a22c308f84c1d4ab06" +dependencies = [ + "bitflags 1.3.2", + "errno", + "io-lifetimes", + "libc", + "linux-raw-sys 0.3.8", + "windows-sys", +] + +[[package]] +name = "rustix" +version = "0.38.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19ed4fa021d81c8392ce04db050a3da9a60299050b7ae1cf482d862b54a7218f" +dependencies = [ + "bitflags 2.4.0", + "errno", + "libc", + "linux-raw-sys 0.4.5", + "windows-sys", +] + +[[package]] +name = "rustls" +version = "0.21.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d1feddffcfcc0b33f5c6ce9a29e341e4cd59c3f78e7ee45f4a40c038b1d6cbb" +dependencies = [ + "log", + "ring", + "rustls-webpki", + "sct", +] + +[[package]] +name = "rustls-pemfile" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2d3987094b1d07b653b7dfdc3f70ce9a1da9c51ac18c1b06b662e4f9a0e9f4b2" +dependencies = [ + "base64 0.21.2", +] + +[[package]] +name = "rustls-webpki" +version = "0.101.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "261e9e0888cba427c3316e6322805653c9425240b6fd96cee7cb671ab70ab8d0" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] +name = "rustversion" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ffc183a10b4478d04cbbbfc96d0873219d962dd5accaff2ffbd4ceb7df837f4" + +[[package]] +name = "ryu" +version = "1.0.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ad4cc8da4ef723ed60bced201181d83791ad433213d8c24efffda1eec85d741" + +[[package]] +name = "same-file" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "schannel" +version = "0.1.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c3733bf4cf7ea0880754e19cb5a462007c4a8c1914bff372ccc95b464f1df88" +dependencies = [ + "windows-sys", +] + +[[package]] +name = "scheduled-thread-pool" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3cbc66816425a074528352f5789333ecff06ca41b36b0b0efdfbb29edc391a19" +dependencies = [ + "parking_lot", +] + +[[package]] +name = "scoped-tls" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e1cf6437eb19a8f4a6cc0f7dca544973b0b78843adbfeb3683d1a94a0024a294" + +[[package]] +name = "scopeguard" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" + +[[package]] +name = "sct" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d53dcdb7c9f8158937a7981b48accfd39a43af418591a5d008c7b22b5e1b7ca4" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] +name = "security-framework" +version = "2.9.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05b64fb303737d99b81884b2c63433e9ae28abebe5eb5045dcdd175dc2ecf4de" +dependencies = [ + "bitflags 1.3.2", + "core-foundation", + "core-foundation-sys", + "libc", + "security-framework-sys", +] + +[[package]] +name = "security-framework-sys" +version = "2.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e932934257d3b408ed8f30db49d85ea163bfe74961f017f405b025af298f0c7a" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "semver" +version = "1.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0293b4b29daaf487284529cc2f5675b8e57c61f70167ba415a463651fd6a918" + +[[package]] +name = "serde" +version = "1.0.183" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32ac8da02677876d532745a130fc9d8e6edfa81a269b107c5b00829b91d8eb3c" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_cbor" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2bef2ebfde456fb76bbcf9f59315333decc4fda0b2b44b420243c11e0f5ec1f5" +dependencies = [ + "half", + "serde", +] + +[[package]] +name = "serde_derive" +version = "1.0.183" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aafe972d60b0b9bee71a91b92fee2d4fb3c9d7e8f6b179aa99f27203d99a4816" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "serde_json" +version = "1.0.104" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "076066c5f1078eac5b722a31827a8832fe108bed65dfa75e233c89f8206e976c" +dependencies = [ + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "serde_spanned" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96426c9936fd7a0124915f9185ea1d20aa9445cc9821142f0a73bc9207a2e186" +dependencies = [ + "serde", +] + +[[package]] +name = "serde_urlencoded" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd" +dependencies = [ + "form_urlencoded", + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "sha-1" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f5058ada175748e33390e40e872bd0fe59a19f265d0158daa551c5a88a76009c" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest", +] + +[[package]] +name = "sha1" +version = "0.10.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f04293dc80c3993519f2d7f6f511707ee7094fe0c6d3406feb330cdb3540eba3" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest", +] + +[[package]] +name = "sha2" +version = "0.10.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "479fb9d862239e610720565ca91403019f2f00410f1864c5aa7479b950a76ed8" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest", +] + +[[package]] +name = "sharded-slab" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "900fba806f70c630b0a382d0d825e17a0f19fcd059a2ade1ff237bcddf446b31" +dependencies = [ + "lazy_static", +] + +[[package]] +name = "signal-hook" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8621587d4798caf8eb44879d42e56b9a93ea5dcd315a6487c357130095b62801" +dependencies = [ + "libc", + "signal-hook-registry", +] + +[[package]] +name = "signal-hook-registry" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d8229b473baa5980ac72ef434c4415e70c4b5e71b423043adb4ba059f89c99a1" +dependencies = [ + "libc", +] + +[[package]] +name = "simple_asn1" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "adc4e5204eb1910f40f9cfa375f6f05b68c3abac4b6fd879c8ff5e7ae8a0a085" +dependencies = [ + "num-bigint", + "num-traits", + "thiserror", + "time", +] + +[[package]] +name = "siphasher" +version = "0.3.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7bd3e3206899af3f8b12af284fafc038cc1dc2b41d1b89dd17297221c5d225de" + +[[package]] +name = "slab" +version = "0.4.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6528351c9bc8ab22353f9d776db39a20288e8d6c37ef8cfe3317cf875eecfc2d" +dependencies = [ + "autocfg", +] + +[[package]] +name = "smallvec" +version = "1.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62bb4feee49fdd9f707ef802e22365a35de4b7b299de4763d44bfea899442ff9" + +[[package]] +name = "socket2" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64a4a911eed85daf18834cfaa86a79b7d266ff93ff5ba14005426219480ed662" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "socket2" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2538b18701741680e0322a2302176d3253a35388e2e62f172f64f4f16605f877" +dependencies = [ + "libc", + "windows-sys", +] + +[[package]] +name = "spin" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" + +[[package]] +name = "spin" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" + +[[package]] +name = "stable-pattern" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4564168c00635f88eaed410d5efa8131afa8d8699a612c80c455a0ba05c21045" +dependencies = [ + "memchr", +] + +[[package]] +name = "state" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b8c4a4445d81357df8b1a650d0d0d6fbbbfe99d064aa5e02f3e4022061476d8" +dependencies = [ + "loom", +] + +[[package]] +name = "strsim" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" + +[[package]] +name = "subtle" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc" + +[[package]] +name = "syn" +version = "1.0.109" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "syn" +version = "2.0.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04361975b3f5e348b2189d8dc55bc942f278b2d482a6a0365de5bdd62d351567" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "syslog" +version = "6.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7434e95bcccce1215d30f4bf84fe8c00e8de1b9be4fb736d747ca53d36e7f96f" +dependencies = [ + "error-chain", + "hostname", + "libc", + "log", + "time", +] + +[[package]] +name = "tempfile" +version = "3.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc02fddf48964c42031a0b3fe0428320ecf3a73c401040fc0096f97794310651" +dependencies = [ + "cfg-if", + "fastrand 2.0.0", + "redox_syscall", + "rustix 0.38.8", + "windows-sys", +] + +[[package]] +name = "thiserror" +version = "1.0.44" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "611040a08a0439f8248d1990b111c95baa9c704c805fa1f62104b39655fd7f90" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.44" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "090198534930841fab3a5d1bb637cde49e339654e606195f8d9c76eeb081dc96" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "thread_local" +version = "1.1.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3fdd6f064ccff2d6567adcb3873ca630700f00b5ad3f060c25b5dcfd9a4ce152" +dependencies = [ + "cfg-if", + "once_cell", +] + +[[package]] +name = "threadpool" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d050e60b33d41c19108b32cea32164033a9013fe3b46cbd4457559bfbf77afaa" +dependencies = [ + "num_cpus", +] + +[[package]] +name = "time" +version = "0.3.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0fdd63d58b18d663fbdf70e049f00a22c8e42be082203be7f26589213cd75ea" +dependencies = [ + "deranged", + "itoa", + "libc", + "num_threads", + "serde", + "time-core", + "time-macros", +] + +[[package]] +name = "time-core" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb" + +[[package]] +name = "time-macros" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eb71511c991639bb078fd5bf97757e03914361c48100d52878b8e52b46fb92cd" +dependencies = [ + "time-core", +] + +[[package]] +name = "tinyvec" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87cc5ceb3875bb20c2890005a4e226a4651264a5c75edb2421b52861a0a0cb50" +dependencies = [ + "tinyvec_macros", +] + +[[package]] +name = "tinyvec_macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" + +[[package]] +name = "tokio" +version = "1.31.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "40de3a2ba249dcb097e01be5e67a5ff53cf250397715a071a81543e8a832a920" +dependencies = [ + "backtrace", + "bytes", + "libc", + "mio", + "num_cpus", + "parking_lot", + "pin-project-lite", + "signal-hook-registry", + "socket2 0.5.3", + "tokio-macros", + "windows-sys", +] + +[[package]] +name = "tokio-macros" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "tokio-native-tls" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2" +dependencies = [ + "native-tls", + "tokio", +] + +[[package]] +name = "tokio-rustls" +version = "0.24.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c28327cf380ac148141087fbfb9de9d7bd4e84ab5d2c28fbc911d753de8a7081" +dependencies = [ + "rustls", + "tokio", +] + +[[package]] +name = "tokio-socks" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "51165dfa029d2a65969413a6cc96f354b86b464498702f174a4efa13608fd8c0" +dependencies = [ + "either", + "futures-util", + "thiserror", + "tokio", +] + +[[package]] +name = "tokio-stream" +version = "0.1.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "397c988d37662c7dda6d2208364a706264bf3d6138b11d436cbac0ad38832842" +dependencies = [ + "futures-core", + "pin-project-lite", + "tokio", +] + +[[package]] +name = "tokio-tungstenite" +version = "0.19.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec509ac96e9a0c43427c74f003127d953a265737636129424288d27cb5c4b12c" +dependencies = [ + "futures-util", + "log", + "tokio", + "tungstenite", +] + +[[package]] +name = "tokio-util" +version = "0.7.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "806fe8c2c87eccc8b3267cbae29ed3ab2d0bd37fca70ab622e46aaa9375ddb7d" +dependencies = [ + "bytes", + "futures-core", + "futures-sink", + "pin-project-lite", + "tokio", + "tracing", +] + +[[package]] +name = "toml" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c17e963a819c331dcacd7ab957d80bc2b9a9c1e71c804826d2f283dd65306542" +dependencies = [ + "serde", + "serde_spanned", + "toml_datetime", + "toml_edit", +] + +[[package]] +name = "toml_datetime" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7cda73e2f1397b1262d6dfdcef8aafae14d1de7748d66822d3bfeeb6d03e5e4b" +dependencies = [ + "serde", +] + +[[package]] +name = "toml_edit" +version = "0.19.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8123f27e969974a3dfba720fdb560be359f57b44302d280ba72e76a74480e8a" +dependencies = [ + "indexmap 2.0.0", + "serde", + "serde_spanned", + "toml_datetime", + "winnow", +] + +[[package]] +name = "totp-lite" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5cc496875d9c8fe9a0ce19e3ee8e8808c60376831a439543f0aac71c9dd129fa" +dependencies = [ + "digest", + "hmac", + "sha-1", + "sha2", +] + +[[package]] +name = "tower-service" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52" + +[[package]] +name = "tracing" +version = "0.1.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ce8c33a8d48bd45d624a6e523445fd21ec13d3653cd51f681abf67418f54eb8" +dependencies = [ + "cfg-if", + "log", + "pin-project-lite", + "tracing-attributes", + "tracing-core", +] + +[[package]] +name = "tracing-attributes" +version = "0.1.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f4f31f56159e98206da9efd823404b79b6ef3143b4a7ab76e67b1751b25a4ab" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", +] + +[[package]] +name = "tracing-core" +version = "0.1.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0955b8137a1df6f1a2e9a37d8a6656291ff0297c1a97c24e0d8425fe2312f79a" +dependencies = [ + "once_cell", + "valuable", +] + +[[package]] +name = "tracing-log" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78ddad33d2d10b1ed7eb9d1f518a5674713876e97e5bb9b7345a7984fbb4f922" +dependencies = [ + "lazy_static", + "log", + "tracing-core", +] + +[[package]] +name = "tracing-subscriber" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30a651bc37f915e81f087d86e62a18eec5f79550c7faff886f7090b4ea757c77" +dependencies = [ + "matchers", + "nu-ansi-term", + "once_cell", + "regex", + "sharded-slab", + "smallvec", + "thread_local", + "tracing", + "tracing-core", + "tracing-log", +] + +[[package]] +name = "trust-dns-proto" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4f7f83d1e4a0e4358ac54c5c3681e5d7da5efc5a7a632c90bb6d6669ddd9bc26" +dependencies = [ + "async-trait", + "cfg-if", + "data-encoding", + "enum-as-inner", + "futures-channel", + "futures-io", + "futures-util", + "idna 0.2.3", + "ipnet", + "lazy_static", + "rand", + "smallvec", + "thiserror", + "tinyvec", + "tokio", + "tracing", + "url", +] + +[[package]] +name = "trust-dns-resolver" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aff21aa4dcefb0a1afbfac26deb0adc93888c7d295fb63ab273ef276ba2b7cfe" +dependencies = [ + "cfg-if", + "futures-util", + "ipconfig", + "lazy_static", + "lru-cache", + "parking_lot", + "resolv-conf", + "smallvec", + "thiserror", + "tokio", + "tracing", + "trust-dns-proto", +] + +[[package]] +name = "try-lock" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3528ecfd12c466c6f163363caf2d02a71161dd5e1cc6ae7b34207ea2d42d81ed" + +[[package]] +name = "tungstenite" +version = "0.19.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "15fba1a6d6bb030745759a9a2a588bfe8490fc8b4751a277db3a0be1c9ebbf67" +dependencies = [ + "byteorder", + "bytes", + "data-encoding", + "http", + "httparse", + "log", + "rand", + "sha1", + "thiserror", + "url", + "utf-8", +] + +[[package]] +name = "typenum" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" + +[[package]] +name = "ubyte" +version = "0.10.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c81f0dae7d286ad0d9366d7679a77934cfc3cf3a8d67e82669794412b2368fe6" +dependencies = [ + "serde", +] + +[[package]] +name = "ucd-trie" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed646292ffc8188ef8ea4d1e0e0150fb15a5c2e12ad9b8fc191ae7a8a7f3c4b9" + +[[package]] +name = "uncased" +version = "0.9.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b9bc53168a4be7402ab86c3aad243a84dd7381d09be0eddc81280c1da95ca68" +dependencies = [ + "serde", + "version_check", +] + +[[package]] +name = "unicode-bidi" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "92888ba5573ff080736b3648696b70cafad7d250551175acbaa4e0385b3e1460" + +[[package]] +name = "unicode-ident" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "301abaae475aa91687eb82514b328ab47a211a533026cb25fc3e519b86adfc3c" + +[[package]] +name = "unicode-normalization" +version = "0.1.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c5713f0fc4b5db668a2ac63cdb7bb4469d8c9fed047b1d0292cc7b0ce2ba921" +dependencies = [ + "tinyvec", +] + +[[package]] +name = "unicode-xid" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" + +[[package]] +name = "untrusted" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" + +[[package]] +name = "url" +version = "2.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50bff7831e19200a85b17131d085c25d7811bc4e186efdaf54bbd132994a88cb" +dependencies = [ + "form_urlencoded", + "idna 0.4.0", + "percent-encoding", + "serde", +] + +[[package]] +name = "utf-8" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09cc8ee72d2a9becf2f2febe0205bbed8fc6615b7cb429ad062dc7b7ddd036a9" + +[[package]] +name = "uuid" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79daa5ed5740825c40b389c5e50312b9c86df53fccd33f281df655642b43869d" +dependencies = [ + "getrandom", +] + +[[package]] +name = "valuable" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "830b7e5d4d90034032940e4ace0d9a9a057e7a45cd94e6c007832e39edb82f6d" + +[[package]] +name = "value-bag" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d92ccd67fb88503048c01b59152a04effd0782d035a83a6d256ce6085f08f4a3" + +[[package]] +name = "vaultwarden" +version = "1.0.0" +dependencies = [ + "argon2", + "bytes", + "cached", + "chrono", + "chrono-tz", + "cookie 0.16.2", + "cookie_store 0.19.1", + "dashmap", + "data-encoding", + "data-url", + "diesel", + "diesel_logger", + "diesel_migrations", + "dotenvy", + "email_address", + "fern", + "futures", + "governor", + "handlebars", + "html5gum", + "job_scheduler_ng", + "jsonwebtoken", + "lettre", + "libsqlite3-sys", + "log", + "mimalloc", + "num-derive", + "num-traits", + "once_cell", + "openssl", + "paste", + "percent-encoding", + "pico-args", + "rand", + "regex", + "reqwest", + "ring", + "rmpv", + "rocket", + "rocket_ws", + "rpassword", + "semver", + "serde", + "serde_json", + "syslog", + "time", + "tokio", + "tokio-tungstenite", + "totp-lite", + "tracing", + "url", + "uuid", + "webauthn-rs", + "which", + "yubico", +] + +[[package]] +name = "vcpkg" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" + +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" + +[[package]] +name = "waker-fn" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9d5b2c62b4012a3e1eca5a7e077d13b3bf498c4073e33ccd58626607748ceeca" + +[[package]] +name = "walkdir" +version = "2.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "36df944cda56c7d8d8b7496af378e6b16de9284591917d307c9b4d313c44e698" +dependencies = [ + "same-file", + "winapi-util", +] + +[[package]] +name = "want" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfa7760aed19e106de2c7c0b581b509f2f25d3dacaf737cb82ac61bc6d760b0e" +dependencies = [ + "try-lock", +] + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "wasm-bindgen" +version = "0.2.87" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7706a72ab36d8cb1f80ffbf0e071533974a60d0a308d01a5d0375bf60499a342" +dependencies = [ + "cfg-if", + "wasm-bindgen-macro", +] + +[[package]] +name = "wasm-bindgen-backend" +version = "0.2.87" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5ef2b6d3c510e9625e5fe6f509ab07d66a760f0885d858736483c32ed7809abd" +dependencies = [ + "bumpalo", + "log", + "once_cell", + "proc-macro2", + "quote", + "syn 2.0.28", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-futures" +version = "0.4.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c02dbc21516f9f1f04f187958890d7e6026df8d16540b7ad9492bc34a67cea03" +dependencies = [ + "cfg-if", + "js-sys", + "wasm-bindgen", + "web-sys", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.87" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dee495e55982a3bd48105a7b947fd2a9b4a8ae3010041b9e0faab3f9cd028f1d" +dependencies = [ + "quote", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.87" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "54681b18a46765f095758388f2d0cf16eb8d4169b639ab575a8f5693af210c7b" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.28", + "wasm-bindgen-backend", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.87" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca6ad05a4870b2bf5fe995117d3728437bd27d7cd5f06f13c17443ef369775a1" + +[[package]] +name = "wasm-streams" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6bbae3363c08332cadccd13b67db371814cd214c2524020932f0804b8cf7c078" +dependencies = [ + "futures-util", + "js-sys", + "wasm-bindgen", + "wasm-bindgen-futures", + "web-sys", +] + +[[package]] +name = "web-sys" +version = "0.3.64" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b85cbef8c220a6abc02aefd892dfc0fc23afb1c6a426316ec33253a3877249b" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "webauthn-rs" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "90b266eccb4b32595876f5c73ea443b0516da0b1df72ca07bc08ed9ba7f96ec1" +dependencies = [ + "base64 0.13.1", + "nom", + "openssl", + "rand", + "serde", + "serde_cbor", + "serde_derive", + "serde_json", + "thiserror", + "tracing", + "url", +] + +[[package]] +name = "which" +version = "4.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2441c784c52b289a054b7201fc93253e288f094e2f4be9058343127c4226a269" +dependencies = [ + "either", + "libc", + "once_cell", +] + +[[package]] +name = "widestring" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "653f141f39ec16bba3c5abe400a0c60da7468261cc2cbf36805022876bc721a8" + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-util" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178" +dependencies = [ + "winapi", +] + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e686886bc078bc1b0b600cac0147aadb815089b6e4da64016cbd754b6342700f" +dependencies = [ + "windows-targets", +] + +[[package]] +name = "windows-sys" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" +dependencies = [ + "windows-targets", +] + +[[package]] +name = "windows-targets" +version = "0.48.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05d4b17490f70499f20b9e791dcf6a299785ce8af4d709018206dc5b4953e95f" +dependencies = [ + "windows_aarch64_gnullvm", + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_gnullvm", + "windows_x86_64_msvc", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "91ae572e1b79dba883e0d315474df7305d12f569b400fcf90581b06062f7e1bc" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2ef27e0d7bdfcfc7b868b317c1d32c641a6fe4629c171b8928c7b08d98d7cf3" + +[[package]] +name = "windows_i686_gnu" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "622a1962a7db830d6fd0a69683c80a18fda201879f0f447f065a3b7467daa241" + +[[package]] +name = "windows_i686_msvc" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4542c6e364ce21bf45d69fdd2a8e455fa38d316158cfd43b3ac1c5b1b19f8e00" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca2b8a661f7628cbd23440e50b05d705db3686f894fc9580820623656af974b1" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7896dbc1f41e08872e9d5e8f8baa8fdd2677f29468c4e156210174edc7f7b953" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" + +[[package]] +name = "winnow" +version = "0.5.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5504cc7644f4b593cbc05c4a55bf9bd4e94b867c3c0bd440934174d50482427d" +dependencies = [ + "memchr", +] + +[[package]] +name = "winreg" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "80d0f4e272c85def139476380b12f9ac60926689dd2e01d4923222f40580869d" +dependencies = [ + "winapi", +] + +[[package]] +name = "winreg" +version = "0.50.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1" +dependencies = [ + "cfg-if", + "windows-sys", +] + +[[package]] +name = "yansi" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09041cd90cf85f7f8b2df60c646f853b7f535ce68f85244eb6731cf89fa498ec" + +[[package]] +name = "yansi" +version = "1.0.0-rc.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1367295b8f788d371ce2dbc842c7b709c73ee1364d30351dd300ec2203b12377" + +[[package]] +name = "yubico" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "173f75d2c4010429a2d74ae3a114a69930c59e2b1a4c97b1c75d259a4960d5fb" +dependencies = [ + "base64 0.13.1", + "form_urlencoded", + "futures", + "hmac", + "rand", + "reqwest", + "sha1", + "threadpool", +] diff --git a/nixpkgs/pkgs/tools/security/vaultwarden/default.nix b/nixpkgs/pkgs/tools/security/vaultwarden/default.nix new file mode 100644 index 000000000000..e7d620a1bc20 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vaultwarden/default.nix @@ -0,0 +1,48 @@ +{ lib, stdenv, callPackage, rustPlatform, fetchFromGitHub, nixosTests +, pkg-config, openssl +, libiconv, Security, CoreServices +, dbBackend ? "sqlite", libmysqlclient, postgresql }: + +let + webvault = callPackage ./webvault.nix {}; +in + +rustPlatform.buildRustPackage rec { + pname = "vaultwarden"; + version = "1.29.2"; + + src = fetchFromGitHub { + owner = "dani-garcia"; + repo = pname; + rev = version; + hash = "sha256-ByMPS68GBOvjB/RpoLAvgE+NcbbIa1qfU1TQ4yhbH+I="; + }; + + cargoLock = { + lockFile = ./Cargo.lock; + outputHashes = { + "rocket-0.5.0-rc.3" = "sha256-E71cktkHCbmQyjkjWWJ20KfCm3B/h3jQ2TMluYhvCQw="; + }; + }; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = with lib; [ openssl ] + ++ optionals stdenv.isDarwin [ libiconv Security CoreServices ] + ++ optional (dbBackend == "mysql") libmysqlclient + ++ optional (dbBackend == "postgresql") postgresql; + + buildFeatures = dbBackend; + + passthru = { + inherit webvault; + tests = nixosTests.vaultwarden; + updateScript = callPackage ./update.nix {}; + }; + + meta = with lib; { + description = "Unofficial Bitwarden compatible server written in Rust"; + homepage = "https://github.com/dani-garcia/vaultwarden"; + license = licenses.agpl3Only; + maintainers = with maintainers; [ msteen ivan ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/vaultwarden/update.nix b/nixpkgs/pkgs/tools/security/vaultwarden/update.nix new file mode 100644 index 000000000000..c2c03413cc43 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vaultwarden/update.nix @@ -0,0 +1,27 @@ +{ writeShellScript +, lib +, nix +, nix-prefetch-git +, nix-update +, curl +, git +, gnugrep +, gnused +, jq +}: + +writeShellScript "update-vaultwarden" '' + PATH=${lib.makeBinPath [ curl git gnugrep gnused jq nix nix-prefetch-git nix-update ]} + + set -euxo pipefail + + VAULTWARDEN_VERSION=$(curl --silent https://api.github.com/repos/dani-garcia/vaultwarden/releases/latest | jq -r '.tag_name') + nix-update "vaultwarden" --version "$VAULTWARDEN_VERSION" + + URL="https://raw.githubusercontent.com/dani-garcia/vaultwarden/''${VAULTWARDEN_VERSION}/docker/Dockerfile.j2" + WEBVAULT_VERSION=$(curl --silent "$URL" | grep "set vault_version" | sed -E "s/.*\"v([^\"]+)\".*/\\1/") + old_hash=$(nix --extra-experimental-features nix-command eval -f default.nix --raw vaultwarden.webvault.bw_web_builds.outputHash) + new_hash=$(nix --extra-experimental-features nix-command hash to-sri --type sha256 $(nix-prefetch-git https://github.com/dani-garcia/bw_web_builds.git --rev "v$WEBVAULT_VERSION" | jq --raw-output ".sha256")) + sed -e "s#$old_hash#$new_hash#" -i pkgs/tools/security/vaultwarden/webvault.nix + nix-update "vaultwarden.webvault" --version "$WEBVAULT_VERSION" +'' diff --git a/nixpkgs/pkgs/tools/security/vaultwarden/webvault.nix b/nixpkgs/pkgs/tools/security/vaultwarden/webvault.nix new file mode 100644 index 000000000000..585c1b5c5162 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vaultwarden/webvault.nix @@ -0,0 +1,70 @@ +{ lib +, buildNpmPackage +, fetchFromGitHub +, git +, nixosTests +, python3 +}: + +let + version = "2023.7.1"; + + bw_web_builds = fetchFromGitHub { + owner = "dani-garcia"; + repo = "bw_web_builds"; + rev = "v${version}"; + hash = "sha256-B7FGLKuwxldlHnIIzQbDjZT9cs5+lixo/fBtlexNLQc="; + }; +in buildNpmPackage rec { + pname = "vaultwarden-webvault"; + inherit version; + + src = fetchFromGitHub { + owner = "bitwarden"; + repo = "clients"; + rev = "web-v${lib.removeSuffix "b" version}"; + hash = "sha256-HEEUboaIY/Zi/wUhp9y7oIOuQl6csjo97eygTLPNfNo="; + }; + + npmDepsHash = "sha256-8Epkvjzllt//kdrKT4jUDOhj47Fnb0qSFU1qJthL2Mo="; + + postPatch = '' + ln -s ${bw_web_builds}/{patches,resources} .. + PATH="${git}/bin:$PATH" VAULT_VERSION="${lib.removePrefix "web-" src.rev}" \ + bash ${bw_web_builds}/scripts/apply_patches.sh + ''; + + nativeBuildInputs = [ + python3 + ]; + + makeCacheWritable = true; + + ELECTRON_SKIP_BINARY_DOWNLOAD = "1"; + + npmBuildScript = "dist:oss:selfhost"; + + npmBuildFlags = [ + "--workspace" "apps/web" + ]; + + installPhase = '' + runHook preInstall + mkdir -p $out/share/vaultwarden + mv apps/web/build $out/share/vaultwarden/vault + runHook postInstall + ''; + + passthru = { + inherit bw_web_builds; + tests = nixosTests.vaultwarden; + }; + + meta = with lib; { + description = "Integrates the web vault into vaultwarden"; + homepage = "https://github.com/dani-garcia/bw_web_builds"; + platforms = platforms.all; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ dotlambda msteen mic92 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/verifpal/default.nix b/nixpkgs/pkgs/tools/security/verifpal/default.nix new file mode 100644 index 000000000000..3d47dfa3abc5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/verifpal/default.nix @@ -0,0 +1,35 @@ +{ lib +, fetchgit +, buildGoModule +, pigeon +}: + +buildGoModule rec { + pname = "verifpal"; + version = "0.27.0"; + + src = fetchgit { + url = "https://source.symbolic.software/verifpal/verifpal.git"; + rev = "v${version}"; + hash = "sha256-rihY5p6nJ1PKjI+gn3NNXy+uzeBG2UNyRYy3UjScf2Q="; + }; + + vendorHash = "sha256-XOCRwh2nEIC+GjGwqd7nhGWQD7vBMLEZZ2FNxs0NX+E="; + + nativeBuildInputs = [ pigeon ]; + + subPackages = [ "cmd/verifpal" ]; + + # goversioninfo is for Windows only and can be skipped during go generate + preBuild = '' + substituteInPlace cmd/verifpal/main.go --replace "go:generate goversioninfo" "(disabled goversioninfo)" + go generate verifpal.com/cmd/verifpal + ''; + + meta = { + homepage = "https://verifpal.com/"; + description = "Cryptographic protocol analysis for students and engineers"; + maintainers = with lib.maintainers; [ zimbatm ]; + license = with lib.licenses; [ gpl3 ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/vexctl/default.nix b/nixpkgs/pkgs/tools/security/vexctl/default.nix new file mode 100644 index 000000000000..335da7f93acf --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vexctl/default.nix @@ -0,0 +1,69 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles +}: + +buildGoModule rec { + pname = "vexctl"; + version = "0.1.0"; + + src = fetchFromGitHub { + owner = "chainguard-dev"; + repo = "vex"; + rev = "v${version}"; + sha256 = "sha256-f5UVX6x4DwjlcgMAv0GuKBH9UUzFhQ8pW8l+9pc7RQ4="; + # populate values that require us to use git. By doing this in postFetch we + # can delete .git afterwards and maintain better reproducibility of the src. + leaveDotGit = true; + postFetch = '' + cd "$out" + git rev-parse HEAD > $out/COMMIT + # '0000-00-00T00:00:00Z' + date -u -d "@$(git log -1 --pretty=%ct)" "+'%Y-%m-%dT%H:%M:%SZ'" > $out/SOURCE_DATE_EPOCH + find "$out" -name .git -print0 | xargs -0 rm -rf + ''; + }; + vendorHash = "sha256-GZIssLLPg2dF7xsvsYn2MKYunMCpGbNA+6qCYBW++vk="; + + nativeBuildInputs = [ installShellFiles ]; + + ldflags = [ + "-s" + "-w" + "-X sigs.k8s.io/release-utils/version.gitVersion=v${version}" + "-X sigs.k8s.io/release-utils/version.gitTreeState=clean" + ]; + + # ldflags based on metadata from git and source + preBuild = '' + ldflags+=" -X sigs.k8s.io/release-utils/version.gitCommit=$(cat COMMIT)" + ldflags+=" -X sigs.k8s.io/release-utils/version.buildDate=$(cat SOURCE_DATE_EPOCH)" + ''; + + postBuild = '' + mv $GOPATH/bin/vex{,ctl} + ''; + + postInstall = '' + installShellCompletion --cmd vexctl \ + --bash <($out/bin/vexctl completion bash) \ + --fish <($out/bin/vexctl completion fish) \ + --zsh <($out/bin/vexctl completion zsh) + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + $out/bin/vexctl --help + $out/bin/vexctl version 2>&1 | grep "v${version}" + runHook postInstallCheck + ''; + + meta = with lib; { + homepage = "https://github.com/chainguard-dev/vex/"; + description = "A tool to attest VEX impact statements"; + license = licenses.asl20; + maintainers = with maintainers; [ jk ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/volatility/default.nix b/nixpkgs/pkgs/tools/security/volatility/default.nix new file mode 100644 index 000000000000..9a4f27a0debc --- /dev/null +++ b/nixpkgs/pkgs/tools/security/volatility/default.nix @@ -0,0 +1,25 @@ +{ lib, fetchFromGitHub, python2Packages }: + +python2Packages.buildPythonApplication rec { + pname = "volatility"; + version = "2.6.1"; + + src = fetchFromGitHub { + owner = "volatilityfoundation"; + repo = pname; + rev = version; + sha256 = "1v92allp3cv3akk71kljcwxr27h1k067dsq7j9h8jnlwk9jxh6rf"; + }; + + doCheck = false; + + propagatedBuildInputs = with python2Packages; [ pycrypto distorm3 pillow ]; + + meta = with lib; { + homepage = "https://www.volatilityfoundation.org/"; + description = "Advanced memory forensics framework"; + maintainers = with maintainers; [ bosu ]; + license = licenses.gpl2Plus; + broken = true; + }; +} diff --git a/nixpkgs/pkgs/tools/security/volatility3/default.nix b/nixpkgs/pkgs/tools/security/volatility3/default.nix new file mode 100644 index 000000000000..221ed6ae639d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/volatility3/default.nix @@ -0,0 +1,47 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "volatility3"; + version = "2.5.0"; + + src = fetchFromGitHub { + owner = "volatilityfoundation"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-yutQbrWmJGDsTccQcR+HtC8JvgmsXfCxbxxcMLDx5vk="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + capstone + jsonschema + pefile + pycryptodome + yara-python + ]; + + preBuild = '' + export HOME=$(mktemp -d); + ''; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "volatility3" + ]; + + meta = with lib; { + description = "Volatile memory extraction frameworks"; + homepage = "https://www.volatilityfoundation.org/"; + changelog = "https://github.com/volatilityfoundation/volatility3/releases/tag/v${version}"; + license = { + # Volatility Software License 1.0 + free = false; + url = "https://www.volatilityfoundation.org/license/vsl-v1.0"; + }; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/vt-cli/default.nix b/nixpkgs/pkgs/tools/security/vt-cli/default.nix new file mode 100644 index 000000000000..3a549d7e6f1a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vt-cli/default.nix @@ -0,0 +1,33 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "vt-cli"; + version = "0.10.2"; + + src = fetchFromGitHub { + owner = "VirusTotal"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-qwfrNm6XfoOtlpAI2aAaoivkp3Xsw9LnVtwnZ1wXGUs="; + }; + + vendorHash = "sha256-XN6dJpoJe9nJn+Tr9SYD64LE0XFiO2vlpdyI9SrZZjQ="; + + ldflags = [ + "-X github.com/VirusTotal/vt-cli/cmd.Version=${version}" + ]; + + subPackages = [ "vt" ]; + + meta = with lib; { + description = "VirusTotal Command Line Interface"; + homepage = "https://github.com/VirusTotal/vt-cli"; + changelog = "https://github.com/VirusTotal/vt-cli/releases/tag/${version}"; + license = licenses.asl20; + mainProgram = "vt"; + maintainers = with maintainers; [ dit7ya ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/vulnix/default.nix b/nixpkgs/pkgs/tools/security/vulnix/default.nix new file mode 100644 index 000000000000..7f6d29891f0c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/vulnix/default.nix @@ -0,0 +1,62 @@ +{ lib +, python3Packages +, fetchPypi +, nix +, ronn +}: + +python3Packages.buildPythonApplication rec { + pname = "vulnix"; + version = "1.10.1"; + + src = fetchPypi { + inherit pname version; + sha256 = "07v3ddvvhi3bslwrlin45kz48i3va2lzd6ny0blj5i2z8z40qcfm"; + }; + + postPatch = '' + substituteInPlace setup.cfg \ + --replace "--flake8" "" + ''; + + outputs = [ "out" "doc" "man" ]; + nativeBuildInputs = [ ronn ]; + + nativeCheckInputs = with python3Packages; [ + freezegun + pytest + pytest-cov + ]; + + propagatedBuildInputs = [ + nix + ] ++ (with python3Packages; [ + click + colorama + pyyaml + requests + setuptools + toml + zodb + ]); + + postBuild = "make -C doc"; + + checkPhase = "py.test src/vulnix"; + + postInstall = '' + install -D -t $doc/share/doc/vulnix README.rst CHANGES.rst + gzip $doc/share/doc/vulnix/*.rst + install -D -t $man/share/man/man1 doc/vulnix.1 + install -D -t $man/share/man/man5 doc/vulnix-whitelist.5 + ''; + + dontStrip = true; + + meta = with lib; { + description = "NixOS vulnerability scanner"; + homepage = "https://github.com/flyingcircusio/vulnix"; + license = licenses.bsd3; + maintainers = with maintainers; [ ckauhaus ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/wad/default.nix b/nixpkgs/pkgs/tools/security/wad/default.nix new file mode 100644 index 000000000000..5dc81a7f56df --- /dev/null +++ b/nixpkgs/pkgs/tools/security/wad/default.nix @@ -0,0 +1,44 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "wad"; + version = "0.4.6"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "CERN-CERT"; + repo = "WAD"; + rev = "v${version}"; + hash = "sha256-/mlmOzFkyKpmK/uk4813Wk0cf/+ynX3Qxafnd1mGR5k="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + six + ]; + + nativeCheckInputs = with python3.pkgs; [ + mock + pytestCheckHook + ]; + + pythonImportsCheck = [ + "wad" + ]; + + meta = with lib; { + description = "Tool for detecting technologies used by web applications"; + longDescription = '' + WAD lets you analyze given URL(s) and detect technologies used by web + application behind that URL, from the OS and web server level, to the + programming platform and frameworks, as well as server- and client-side + applications, tools and libraries. + ''; + homepage = "https://github.com/CERN-CERT/WAD"; + # wad is GPLv3+, wappalyzer source is MIT + license = with licenses; [ gpl3Plus mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/waf-tester/default.nix b/nixpkgs/pkgs/tools/security/waf-tester/default.nix new file mode 100644 index 000000000000..b8dd01ed19b8 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/waf-tester/default.nix @@ -0,0 +1,40 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, testers +, waf-tester +}: + +buildGoModule rec { + pname = "waf-tester"; + version = "0.6.13"; + + src = fetchFromGitHub { + owner = "jreisinger"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-UPviooQNGRVwf/bTz9ApedJDAGeCvh9iD1HXFOQXPcw="; + }; + + vendorHash = "sha256-HOYHrR1LtVcXMKFHPaA7PYH4Fp9nhqal2oxYTq/i4/8="; + + ldflags = [ + "-s" + "-w" + "-X main.version=${version}" + ]; + + passthru.tests.version = testers.testVersion { + package = waf-tester; + command = "waf-tester -version"; + version = "waf-tester ${version}, commit none, built at unknown by unknown"; + }; + + meta = with lib; { + description = "Tool to test Web Application Firewalls (WAFs)"; + homepage = "https://github.com/jreisinger/waf-tester"; + changelog = "https://github.com/jreisinger/waf-tester/releases/tag/v${version}"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/wafw00f/default.nix b/nixpkgs/pkgs/tools/security/wafw00f/default.nix new file mode 100644 index 000000000000..55d4b7591e38 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/wafw00f/default.nix @@ -0,0 +1,36 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "wafw00f"; + version = "2.2.0"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "EnableSecurity"; + repo = pname; + rev = "refs/tags/v${version}"; + sha256 = "sha256-wJZ1/aRMFpE6Q5YAtGxXwxe2G9H/de+l3l0C5rwEWA8="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + requests + pluginbase + ]; + + # Project has no tests + doCheck = false; + + pythonImportsCheck = [ + "wafw00f" + ]; + + meta = with lib; { + description = "Tool to identify and fingerprint Web Application Firewalls (WAF)"; + homepage = "https://github.com/EnableSecurity/wafw00f"; + license = with licenses; [ bsd3 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/wapiti/default.nix b/nixpkgs/pkgs/tools/security/wapiti/default.nix new file mode 100644 index 000000000000..13a7e55cc3ec --- /dev/null +++ b/nixpkgs/pkgs/tools/security/wapiti/default.nix @@ -0,0 +1,160 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "wapiti"; + version = "3.1.8"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "wapiti-scanner"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-2ssbczUa4pTA5Fai+sK1hES8skJMIHxa/R2hNIiEVLs="; + }; + + postPatch = '' + # Ignore pinned versions + sed -i -e "s/==[0-9.]*//;s/>=[0-9.]*//" pyproject.toml + + # Remove code coverage checking + substituteInPlace pyproject.toml \ + --replace "--cov --cov-report=xml" "" + ''; + + nativeBuildInputs = with python3.pkgs; [ + setuptools + wheel + ]; + + propagatedBuildInputs = with python3.pkgs; [ + aiocache + aiohttp + aiosqlite + arsenic + beautifulsoup4 + browser-cookie3 + dnspython + h11 + httpcore + httpx + httpx-ntlm + loguru + mako + markupsafe + mitmproxy + pyasn1 + six + sqlalchemy + tld + yaswfp + ] ++ httpx.optional-dependencies.brotli + ++ httpx.optional-dependencies.socks; + + __darwinAllowLocalNetworking = true; + + nativeCheckInputs = with python3.pkgs; [ + respx + pytest-asyncio + pytestCheckHook + ]; + + preCheck = '' + export HOME=$(mktemp -d); + ''; + + disabledTests = [ + # Tests requires network access + "test_attr" + "test_bad_separator_used" + "test_blind" + "test_chunked_timeout" + "test_cookies_detection" + "test_cookies" + "test_csrf_cases" + "test_detection" + "test_direct" + "test_dom_detection" + "test_drop_cookies" + "test_escape_with_style" + "test_explorer_extract_links" + "test_explorer_filtering" + "test_false" + "test_frame" + "test_headers_detection" + "test_html_detection" + "test_implies_detection" + "test_inclusion_detection" + "test_merge_with_and_without_redirection" + "test_meta_detection" + "test_multi_detection" + "test_no_crash" + "test_options" + "test_out_of_band" + "test_partial_tag_name_escape" + "test_prefix_and_suffix_detection" + "test_qs_limit" + "test_rare_tag_and_event" + "test_redirect_detection" + "test_request_object" + "test_save_and_restore_state" + "test_script" + "test_ssrf" + "test_tag_name_escape" + "test_timeout" + "test_title_false_positive" + "test_title_positive" + "test_true_positive_request_count" + "test_unregistered_cname" + "test_url_detection" + "test_verify_dns" + "test_vulnerabilities" + "test_warning" + "test_whole" + "test_xss_inside_tag_input" + "test_xss_inside_tag_link" + "test_xss_uppercase_no_script" + "test_xss_with_strong_csp" + "test_xss_with_weak_csp" + "test_xxe" + # Requires a PHP installation + "test_cookies" + "test_fallback_to_html_injection" + "test_loknop_lfi_to_rce" + "test_redirect" + "test_timesql" + "test_xss_inside_href_link" + "test_xss_inside_src_iframe" + # TypeError: Expected bytes or bytes-like object got: <class 'str'> + "test_persister_upload" + # Requires creating a socket to an external URL + "test_attack_unifi" + ]; + + disabledTestPaths = [ + # Requires sslyze which is obsolete and was removed + "tests/attack/test_mod_ssl.py" + ]; + + pythonImportsCheck = [ + "wapitiCore" + ]; + + meta = with lib; { + description = "Web application vulnerability scanner"; + longDescription = '' + Wapiti allows you to audit the security of your websites or web applications. + It performs "black-box" scans (it does not study the source code) of the web + application by crawling the webpages of the deployed webapp, looking for + scripts and forms where it can inject data. Once it gets the list of URLs, + forms and their inputs, Wapiti acts like a fuzzer, injecting payloads to see + if a script is vulnerable. + ''; + homepage = "https://wapiti-scanner.github.io/"; + changelog = "https://github.com/wapiti-scanner/wapiti/blob/${version}/doc/ChangeLog_Wapiti"; + license = with licenses; [ gpl2Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/web-eid-app/default.nix b/nixpkgs/pkgs/tools/security/web-eid-app/default.nix new file mode 100644 index 000000000000..fd9c4cc319e7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/web-eid-app/default.nix @@ -0,0 +1,48 @@ +{ lib +, mkDerivation +, fetchFromGitHub +, cmake +, gtest +, pcsclite +, pkg-config +, qttools +}: + +mkDerivation rec { + pname = "web-eid-app"; + version = "2.4.0"; + + src = fetchFromGitHub { + owner = "web-eid"; + repo = "web-eid-app"; + rev = "v${version}"; + sha256 = "sha256-xWwguxs/121BFF1zhb/HxS9b1vTwQRemhPKOfHEXVZQ="; + fetchSubmodules = true; + }; + + nativeBuildInputs = [ + cmake + pkg-config + qttools + ]; + + buildInputs = [ + gtest # required during build of lib/libelectronic-id/lib/libpcsc-cpp + pcsclite + ]; + + meta = with lib; { + description = "signing and authentication operations with smart cards for the Web eID browser extension"; + longDescription = '' + The Web eID application performs cryptographic digital signing and + authentication operations with electronic ID smart cards for the Web eID + browser extension (it is the [native messaging host](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Native_messaging) + for the extension). Also works standalone without the extension in command-line + mode. + ''; + homepage = "https://github.com/web-eid/web-eid-app"; + license = licenses.mit; + maintainers = [ maintainers.flokli ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/webanalyze/default.nix b/nixpkgs/pkgs/tools/security/webanalyze/default.nix new file mode 100644 index 000000000000..3b49b496f62e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/webanalyze/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "webanalyze"; + version = "0.3.9"; + + src = fetchFromGitHub { + owner = "rverton"; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-uDf0p4zw23+AVftMmrKfno+FbMZfGC1B5zvutj8qnPg="; + }; + + vendorHash = "sha256-XPOsC+HoLytgv1fhAaO5HYSvuOP6OhjLyOYTfiD64QI="; + + meta = with lib; { + description = "Tool to uncover technologies used on websites"; + homepage = "https://github.com/rverton/webanalyze"; + changelog = "https://github.com/rverton/webanalyze/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/websploit/default.nix b/nixpkgs/pkgs/tools/security/websploit/default.nix new file mode 100644 index 000000000000..b8db06427f86 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/websploit/default.nix @@ -0,0 +1,29 @@ +{ lib, buildPythonApplication, fetchFromGitHub +, requests, scapy }: + +buildPythonApplication rec { + pname = "websploit"; + version = "4.0.4"; + + src = fetchFromGitHub { + owner = "f4rih"; + repo = pname; + rev = version; + sha256 = "LpDfJmH2FbL37Fk86CAC/bxFqM035DBN6c6FPfGpaIw="; + }; + + propagatedBuildInputs = [ + requests + scapy + ]; + + # Project has no tests + doCheck = false; + + meta = with lib; { + description = "A high level MITM framework"; + homepage = "https://github.com/f4rih/websploit"; + license = licenses.mit; + maintainers = with maintainers; [ emilytrau ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/weggli/default.nix b/nixpkgs/pkgs/tools/security/weggli/default.nix new file mode 100644 index 000000000000..85083e2cf22b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/weggli/default.nix @@ -0,0 +1,35 @@ +{ lib +, rustPlatform +, fetchFromGitHub +, testers +, weggli +}: + +rustPlatform.buildRustPackage rec { + pname = "weggli"; + version = "0.2.4"; + + src = fetchFromGitHub { + owner = "weggli-rs"; + repo = "weggli"; + rev = "v${version}"; + hash = "sha256-6XSedsTUjcZzFXaNitsXlUBpxC6TYVMCB+AfH3x7c5E="; + }; + + cargoSha256 = "sha256-Cj/m4GRaqI/lHYFruj047B7FdGoVl/wC8I2o1dzhOTs="; + + passthru.tests.version = testers.testVersion { + package = weggli; + command = "weggli -V"; + version = "weggli ${version}"; + }; + + meta = with lib; { + description = "Weggli is a fast and robust semantic search tool for C and C++ codebases"; + homepage = "https://github.com/weggli-rs/weggli"; + changelog = "https://github.com/weggli-rs/weggli/releases/tag/v${version}"; + mainProgram = "weggli"; + license = licenses.asl20; + maintainers = with maintainers; [ arturcygan mfrw ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/whatweb/Gemfile b/nixpkgs/pkgs/tools/security/whatweb/Gemfile new file mode 100644 index 000000000000..a376a3baae36 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/whatweb/Gemfile @@ -0,0 +1,6 @@ +source 'https://rubygems.org' +gem 'ipaddr' +gem 'addressable' +gem 'json' +gem 'mongo' +gem 'rchardet' diff --git a/nixpkgs/pkgs/tools/security/whatweb/Gemfile.lock b/nixpkgs/pkgs/tools/security/whatweb/Gemfile.lock new file mode 100644 index 000000000000..7bfd24112b1a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/whatweb/Gemfile.lock @@ -0,0 +1,25 @@ +GEM + remote: https://rubygems.org/ + specs: + addressable (2.8.0) + public_suffix (>= 2.0.2, < 5.0) + bson (4.14.1) + ipaddr (1.2.4) + json (2.6.1) + mongo (2.17.1) + bson (>= 4.8.2, < 5.0.0) + public_suffix (4.0.6) + rchardet (1.8.0) + +PLATFORMS + ruby + +DEPENDENCIES + addressable + ipaddr + json + mongo + rchardet + +BUNDLED WITH + 2.1.4 diff --git a/nixpkgs/pkgs/tools/security/whatweb/default.nix b/nixpkgs/pkgs/tools/security/whatweb/default.nix new file mode 100644 index 000000000000..30d866da869a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/whatweb/default.nix @@ -0,0 +1,50 @@ +{ lib, stdenv, fetchFromGitHub, bundlerEnv, ruby }: + +let + gems = bundlerEnv { + name = "whatweb-env"; + inherit ruby; + gemdir = ./.; + }; + +in stdenv.mkDerivation rec { + pname = "whatweb"; + version = "0.5.5"; + + src = fetchFromGitHub { + owner = "urbanadventurer"; + repo = "whatweb"; + rev = "v${version}"; + sha256 = "sha256-HLF55x4C8n8aPO4SI0d6Z9wZe80krtUaGUFmMaYRBIE="; + }; + + prePatch = '' + substituteInPlace Makefile \ + --replace "/usr/local" "$out" \ + --replace "/usr" "$out" + ''; + + buildInputs = [ gems ]; + + installPhase = '' + runHook preInstall + + raw=$out/share/whatweb/whatweb + rm $out/bin/whatweb + cat << EOF >> $out/bin/whatweb + #!/bin/sh -e + exec ${gems}/bin/bundle exec ${ruby}/bin/ruby "$raw" "\$@" + EOF + chmod +x $out/bin/whatweb + + runHook postInstall + ''; + + meta = with lib; { + description = "Next generation web scanner"; + homepage = "https://github.com/urbanadventurer/whatweb"; + license = licenses.gpl2Only; + maintainers = with maintainers; [ wolfangaukang ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/whatweb/gemset.nix b/nixpkgs/pkgs/tools/security/whatweb/gemset.nix new file mode 100644 index 000000000000..22d469b53e27 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/whatweb/gemset.nix @@ -0,0 +1,74 @@ +{ + addressable = { + dependencies = ["public_suffix"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "022r3m9wdxljpbya69y2i3h9g3dhhfaqzidf95m6qjzms792jvgp"; + type = "gem"; + }; + version = "2.8.0"; + }; + bson = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "03n3w96vpblaxvk1qk8hq7sbsmg4nv7qdkdr8f7nfvalgpakp5i5"; + type = "gem"; + }; + version = "4.14.1"; + }; + ipaddr = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13qd34nzpgp3fxfjbvaqg3dcnfr0cgl5vjvcqy0hfllbvfcklnbq"; + type = "gem"; + }; + version = "1.2.4"; + }; + json = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1z9grvjyfz16ag55hg522d3q4dh07hf391sf9s96npc0vfi85xkz"; + type = "gem"; + }; + version = "2.6.1"; + }; + mongo = { + dependencies = ["bson"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "19sihy8ihi3hmdg3gxbf4qvzmjnzx8xygg9534012j9z0wmhs7h1"; + type = "gem"; + }; + version = "2.17.1"; + }; + public_suffix = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1xqcgkl7bwws1qrlnmxgh8g4g9m10vg60bhlw40fplninb3ng6d9"; + type = "gem"; + }; + version = "4.0.6"; + }; + rchardet = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1isj1b3ywgg2m1vdlnr41lpvpm3dbyarf1lla4dfibfmad9csfk9"; + type = "gem"; + }; + version = "1.8.0"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/wipe/default.nix b/nixpkgs/pkgs/tools/security/wipe/default.nix new file mode 100644 index 000000000000..5ced99060fb7 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/wipe/default.nix @@ -0,0 +1,21 @@ +{ lib, stdenv, fetchurl }: + +stdenv.mkDerivation rec { + pname = "wipe"; + version = "2.3.1"; + + src = fetchurl { + url = "mirror://sourceforge/wipe/${version}/${pname}-${version}.tar.bz2"; + sha256 = "180snqvh6k6il6prb19fncflf2jcvkihlb4w84sbndcv1wvicfa6"; + }; + + patches = [ ./fix-install.patch ]; + + meta = with lib; { + description = "Secure file wiping utility"; + homepage = "https://wipe.sourceforge.net/"; + license = licenses.gpl2; + platforms = platforms.all; + maintainers = [ maintainers.abbradar ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/wipe/fix-install.patch b/nixpkgs/pkgs/tools/security/wipe/fix-install.patch new file mode 100644 index 000000000000..2df3a1eec6a0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/wipe/fix-install.patch @@ -0,0 +1,18 @@ +diff -ru3 wipe-2.3.1/Makefile.in wipe-2.3.1-new/Makefile.in +--- wipe-2.3.1/Makefile.in 2009-11-02 00:11:30.000000000 +0300 ++++ wipe-2.3.1-new/Makefile.in 2014-10-18 02:51:10.088966232 +0400 +@@ -60,12 +60,12 @@ + $(INSTALL_BIN) -d $(bindir) + $(INSTALL_BIN) -s $(BIN_OUT) $(bindir) + $(INSTALL) -d $(mandir)/man1 +- $(INSTALL) -o root -m 0644 wipe.1 $(mandir)/man1/ ++ $(INSTALL) -m 0644 wipe.1 $(mandir)/man1/ + rm -rf $(datadir)/doc/wipe* + $(INSTALL) -d $(datadir)/doc/wipe + + for file in $(DOCS); do \ +- $(INSTALL) -o root -m 0644 $$file $(datadir)/doc/wipe/; \ ++ $(INSTALL) -m 0644 $$file $(datadir)/doc/wipe/; \ + done + + install_home: $(BIN_OUT) diff --git a/nixpkgs/pkgs/tools/security/witness/default.nix b/nixpkgs/pkgs/tools/security/witness/default.nix new file mode 100644 index 000000000000..d16f74940d3b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/witness/default.nix @@ -0,0 +1,65 @@ +{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: + +buildGoModule rec { + pname = "witness"; + version = "0.1.14"; + + src = fetchFromGitHub { + owner = "testifysec"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-TUEbFkrS0OztTiY0OXiZsqraq3TINtC/DQEyCGPNXpE="; + }; + proxyVendor = true; + vendorHash = "sha256-L2NaEt64mgFZVta/F8/uUQ4djlra59JPcHJLGbFCQJs="; + + nativeBuildInputs = [ installShellFiles ]; + + # We only want the witness binary, not the helper utilities for generating docs. + subPackages = [ "." ]; + + ldflags = [ + "-s" + "-w" + "-X github.com/testifysec/witness/cmd.Version=v${version}" + ]; + + # Feed in all tests for testing + # This is because subPackages above limits what is built to just what we + # want but also limits the tests + preCheck = '' + unset subPackages + ''; + + postInstall = '' + installShellCompletion --cmd witness \ + --bash <($out/bin/witness completion bash) \ + --fish <($out/bin/witness completion fish) \ + --zsh <($out/bin/witness completion zsh) + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + $out/bin/witness --help + $out/bin/witness version | grep "v${version}" + runHook postInstallCheck + ''; + + meta = with lib; { + description = "A pluggable framework for software supply chain security. Witness prevents tampering of build materials and verifies the integrity of the build process from source to target"; + longDescription = '' + Witness prevents tampering of build materials and verifies the integrity + of the build process from source to target. It works by wrapping commands + executed in a continuous integration process. Its attestation system is + pluggable and offers support out of the box for most major CI and + infrastructure providers. Verification of Witness metadata and a secure + PKI distribution system will mitigate against many software supply chain + attack vectors and can be used as a framework for automated governance. + ''; + homepage = "https://github.com/testifysec/witness"; + changelog = "https://github.com/testifysec/witness/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ fkautz jk ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/wprecon/default.nix b/nixpkgs/pkgs/tools/security/wprecon/default.nix new file mode 100644 index 000000000000..3cb301d34d30 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/wprecon/default.nix @@ -0,0 +1,32 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "wprecon"; + version = "2.4.5"; + + src = fetchFromGitHub { + owner = "blackbinn"; + repo = pname; + rev = version; + hash = "sha256-23zJD3Nnkeko+J2FjPq5RA5dIjORMXvwt3wtAYiVlQs="; + }; + + vendorHash = "sha256-FYdsLcW6FYxSgixZ5US9cBPABOAVwidC3ejUNbs1lbA="; + + postFixup = '' + # Rename binary + mv $out/bin/cli $out/bin/${pname} + ''; + + meta = with lib; { + description = "WordPress vulnerability recognition tool"; + homepage = "https://github.com/blackbinn/wprecon"; + # License Zero Noncommercial Public License 2.0.1 + # https://github.com/blackbinn/wprecon/blob/master/LICENSE + license = with licenses; [ unfree ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/wpscan/Gemfile b/nixpkgs/pkgs/tools/security/wpscan/Gemfile new file mode 100644 index 000000000000..5d76cd24f3ea --- /dev/null +++ b/nixpkgs/pkgs/tools/security/wpscan/Gemfile @@ -0,0 +1,2 @@ +source 'https://rubygems.org' +gem 'wpscan' diff --git a/nixpkgs/pkgs/tools/security/wpscan/Gemfile.lock b/nixpkgs/pkgs/tools/security/wpscan/Gemfile.lock new file mode 100644 index 000000000000..b233f57a5817 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/wpscan/Gemfile.lock @@ -0,0 +1,63 @@ +GEM + remote: https://rubygems.org/ + specs: + activesupport (6.1.7.4) + concurrent-ruby (~> 1.0, >= 1.0.2) + i18n (>= 1.6, < 2) + minitest (>= 5.1) + tzinfo (~> 2.0) + zeitwerk (~> 2.3) + addressable (2.8.4) + public_suffix (>= 2.0.2, < 6.0) + cms_scanner (0.13.8) + ethon (>= 0.14, < 0.16) + get_process_mem (~> 0.2.5) + nokogiri (>= 1.11.4, < 1.14.0) + opt_parse_validator (~> 1.9.5) + public_suffix (~> 4.0.3) + ruby-progressbar (>= 1.10, < 1.12) + sys-proctable (~> 1.2.2) + typhoeus (>= 1.3, < 1.5) + xmlrpc (~> 0.3) + yajl-ruby (~> 1.4.1) + concurrent-ruby (1.2.2) + ethon (0.15.0) + ffi (>= 1.15.0) + ffi (1.15.5) + get_process_mem (0.2.7) + ffi (~> 1.0) + i18n (1.14.1) + concurrent-ruby (~> 1.0) + mini_portile2 (2.8.2) + minitest (5.18.1) + nokogiri (1.13.10) + mini_portile2 (~> 2.8.0) + racc (~> 1.4) + opt_parse_validator (1.9.5) + activesupport (>= 5.2, < 6.2.0) + addressable (>= 2.5, < 2.9) + public_suffix (4.0.7) + racc (1.7.1) + ruby-progressbar (1.11.0) + sys-proctable (1.2.7) + ffi (~> 1.1) + typhoeus (1.4.0) + ethon (>= 0.9.0) + tzinfo (2.0.6) + concurrent-ruby (~> 1.0) + webrick (1.8.1) + wpscan (3.8.24) + cms_scanner (~> 0.13.8) + xmlrpc (0.3.2) + webrick + yajl-ruby (1.4.3) + zeitwerk (2.6.8) + +PLATFORMS + ruby + +DEPENDENCIES + wpscan + +BUNDLED WITH + 2.4.13 diff --git a/nixpkgs/pkgs/tools/security/wpscan/default.nix b/nixpkgs/pkgs/tools/security/wpscan/default.nix new file mode 100644 index 000000000000..4b3757ae7673 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/wpscan/default.nix @@ -0,0 +1,28 @@ +{ lib +, bundlerApp +, makeWrapper +, curl +}: + +bundlerApp { + pname = "wpscan"; + gemdir = ./.; + exes = [ "wpscan" ]; + + nativeBuildInputs = [ makeWrapper ]; + + postBuild = '' + wrapProgram "$out/bin/wpscan" \ + --prefix PATH : ${lib.makeBinPath [ curl ]} + ''; + + passthru.updateScript = ./update.sh; + + meta = with lib; { + description = "Black box WordPress vulnerability scanner"; + homepage = "https://wpscan.org/"; + license = licenses.unfreeRedistributable; + maintainers = with maintainers; [ nyanloutre manveru ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/tools/security/wpscan/gemset.nix b/nixpkgs/pkgs/tools/security/wpscan/gemset.nix new file mode 100644 index 000000000000..5cae455dd014 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/wpscan/gemset.nix @@ -0,0 +1,245 @@ +{ + activesupport = { + dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0s465919p6fcgcsqin8w8hay2m598dvnzks490hbsb0p68sdz69m"; + type = "gem"; + }; + version = "6.1.7.4"; + }; + addressable = { + dependencies = ["public_suffix"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15s8van7r2ad3dq6i03l3z4hqnvxcq75a3h72kxvf9an53sqma20"; + type = "gem"; + }; + version = "2.8.4"; + }; + cms_scanner = { + dependencies = ["ethon" "get_process_mem" "nokogiri" "opt_parse_validator" "public_suffix" "ruby-progressbar" "sys-proctable" "typhoeus" "xmlrpc" "yajl-ruby"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15d7djrrkrcwznglgkr4y80jbsbxaf071qhjnn4i1c4n7nszwwfj"; + type = "gem"; + }; + version = "0.13.8"; + }; + concurrent-ruby = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0krcwb6mn0iklajwngwsg850nk8k9b35dhmc2qkbdqvmifdi2y9q"; + type = "gem"; + }; + version = "1.2.2"; + }; + ethon = { + dependencies = ["ffi"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0kd7c61f28f810fgxg480j7457nlvqarza9c2ra0zhav0dd80288"; + type = "gem"; + }; + version = "0.15.0"; + }; + ffi = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1862ydmclzy1a0cjbvm8dz7847d9rch495ib0zb64y84d3xd4bkg"; + type = "gem"; + }; + version = "1.15.5"; + }; + get_process_mem = { + dependencies = ["ffi"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1fkyyyxjcx4iigm8vhraa629k2lxa1npsv4015y82snx84v3rzaa"; + type = "gem"; + }; + version = "0.2.7"; + }; + i18n = { + dependencies = ["concurrent-ruby"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0qaamqsh5f3szhcakkak8ikxlzxqnv49n2p7504hcz2l0f4nj0wx"; + type = "gem"; + }; + version = "1.14.1"; + }; + mini_portile2 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0z7f38iq37h376n9xbl4gajdrnwzq284c9v1py4imw3gri2d5cj6"; + type = "gem"; + }; + version = "2.8.2"; + }; + minitest = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1kg9wh7jlc9zsr3hkhpzkbn0ynf4np5ap9m2d8xdrb8shy0y6pmb"; + type = "gem"; + }; + version = "5.18.1"; + }; + nokogiri = { + dependencies = ["mini_portile2" "racc"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0n79k78c5vdcyl0m3y3l5x9kxl6xf5lgriwi2vd665qmdkr01vnk"; + type = "gem"; + }; + version = "1.13.10"; + }; + opt_parse_validator = { + dependencies = ["activesupport" "addressable"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1jzmn3h9sr7bhjj1fdfvh4yzvqx7d3vsbwbqrf718dh427ifqs9c"; + type = "gem"; + }; + version = "1.9.5"; + }; + public_suffix = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1f3knlwfwm05sfbaihrxm4g772b79032q14c16q4b38z8bi63qcb"; + type = "gem"; + }; + version = "4.0.7"; + }; + racc = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "11v3l46mwnlzlc371wr3x6yylpgafgwdf0q7hc7c1lzx6r414r5g"; + type = "gem"; + }; + version = "1.7.1"; + }; + ruby-progressbar = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "02nmaw7yx9kl7rbaan5pl8x5nn0y4j5954mzrkzi9i3dhsrps4nc"; + type = "gem"; + }; + version = "1.11.0"; + }; + sys-proctable = { + dependencies = ["ffi"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "121ix0bl19pawhljs17sfgddkd0hgxlhchsz9kxw14ipmskjq9ah"; + type = "gem"; + }; + version = "1.2.7"; + }; + typhoeus = { + dependencies = ["ethon"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1m22yrkmbj81rzhlny81j427qdvz57yk5wbcf3km0nf3bl6qiygz"; + type = "gem"; + }; + version = "1.4.0"; + }; + tzinfo = { + dependencies = ["concurrent-ruby"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "16w2g84dzaf3z13gxyzlzbf748kylk5bdgg3n1ipvkvvqy685bwd"; + type = "gem"; + }; + version = "2.0.6"; + }; + webrick = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13qm7s0gr2pmfcl7dxrmq38asaza4w0i2n9my4yzs499j731wh8r"; + type = "gem"; + }; + version = "1.8.1"; + }; + wpscan = { + dependencies = ["cms_scanner"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0qh7x5sjx1i9h8zrp86qz126brxbqx0c3wxc8vn7fpln0y78nw9q"; + type = "gem"; + }; + version = "3.8.24"; + }; + xmlrpc = { + dependencies = ["webrick"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1xa79ry3976ylap38cr5g6q3m81plm611flqd3dwgnmgbkycb6jp"; + type = "gem"; + }; + version = "0.3.2"; + }; + yajl-ruby = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1lni4jbyrlph7sz8y49q84pb0sbj82lgwvnjnsiv01xf26f4v5wc"; + type = "gem"; + }; + version = "1.4.3"; + }; + zeitwerk = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ck6bj7wa73dkdh13735jl06k6cfny98glxjkas82aivlmyzqqbk"; + type = "gem"; + }; + version = "2.6.8"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/wpscan/update.sh b/nixpkgs/pkgs/tools/security/wpscan/update.sh new file mode 100755 index 000000000000..c30cc62e5296 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/wpscan/update.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env nix-shell +#! nix-shell -i bash -p bash bundix bundler + +set -e + +cd "$(dirname "${BASH_SOURCE[0]}")" + +rm -f Gemfile.lock Gemfile.lock + +# Otherwise nokogiri will fail to build. +# https://github.com/nix-community/bundix/issues/88 +bundler config set --local force_ruby_platform true + +bundler lock +BUNDLE_GEMFILE=Gemfile bundler lock --lockfile=Gemfile.lock +bundix --gemfile=Gemfile --lockfile=Gemfile.lock --gemset=gemset.nix diff --git a/nixpkgs/pkgs/tools/security/xcat/default.nix b/nixpkgs/pkgs/tools/security/xcat/default.nix new file mode 100644 index 000000000000..ea3390b38c74 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/xcat/default.nix @@ -0,0 +1,50 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "xcat"; + version = "1.2.0"; + disabled = python3.pythonOlder "3.7"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "orf"; + repo = pname; + rev = "v${version}"; + sha256 = "01r5998gdvqjdrahpk0ci27lx9yghbddlanqcspr3qp5y5930i0s"; + }; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + + propagatedBuildInputs = with python3.pkgs; [ + aiodns + aiohttp + appdirs + click + colorama + faust-cchardet + prompt-toolkit + xpath-expressions + ]; + + # Project has no tests + doCheck = false; + pythonImportsCheck = [ "xcat" ]; + + meta = with lib; { + description = "XPath injection tool"; + longDescription = '' + xcat is an advanced tool for exploiting XPath injection vulnerabilities, + featuring a comprehensive set of features to read the entire file being + queried as well as other files on the filesystem, environment variables + and directories. + ''; + homepage = "https://github.com/orf/xcat"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/xcrawl3r/default.nix b/nixpkgs/pkgs/tools/security/xcrawl3r/default.nix new file mode 100644 index 000000000000..c7b63c238be1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/xcrawl3r/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "xcrawl3r"; + version = "0.1.0"; + + src = fetchFromGitHub { + owner = "hueristiq"; + repo = "xcrawl3r"; + rev = "refs/tags/${version}"; + hash = "sha256-K7UuWsteI8mEAGOF/g/EbT/Ch6sbmKhiiYB3npdDmFk="; + }; + + vendorHash = "sha256-/yBSrZdlVMZgcKcONBSq7C5IFC30TJL0z6FZRXm+HUs="; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "A CLI utility to recursively crawl webpages"; + homepage = "https://github.com/hueristiq/xcrawl3r"; + changelog = "https://github.com/hueristiq/xcrawl3r/releases/tag/${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/xorex/default.nix b/nixpkgs/pkgs/tools/security/xorex/default.nix new file mode 100644 index 000000000000..a1a6e655996a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/xorex/default.nix @@ -0,0 +1,38 @@ +{ lib +, python3 +, fetchFromGitHub +}: +python3.pkgs.buildPythonApplication rec { + pname = "xorex"; + version = "0.3.0"; + format = "other"; + + src = fetchFromGitHub { + owner = "Neo23x0"; + repo = "xorex"; + rev = version; + sha256 = "rBsOSXWnHRhpLmq20XBuGx8gGBM8ouMyOISkbzUcvE4="; + }; + + installPhase = '' + runHook preInstall + + mkdir -p $out/bin + chmod +x xorex.py + mv xorex.py $out/bin/xorex + + runHook postInstall + ''; + + propagatedBuildInputs = with python3.pkgs; [ + colorama + pefile + ]; + + meta = with lib; { + description = "XOR Key Extractor"; + homepage = "https://github.com/Neo23x0/xorex"; + license = licenses.asl20; + maintainers = [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/xortool/default.nix b/nixpkgs/pkgs/tools/security/xortool/default.nix new file mode 100644 index 000000000000..1e8b6aee5d37 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/xortool/default.nix @@ -0,0 +1,35 @@ +{ lib +, buildPythonApplication +, docopt +, fetchFromGitHub +, importlib-metadata +, poetry-core +}: + +buildPythonApplication rec { + pname = "xortool"; + version = "1.0.0"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "hellman"; + repo = pname; + rev = "v${version}"; + sha256 = "19lfadi28r89bl5q8fhrxgjgs3nx3kgjd4rdg7wbvzi1cn29c5n7"; + }; + + nativeBuildInputs = [ poetry-core ]; + + propagatedBuildInputs = [ docopt importlib-metadata ]; + + # Project has no tests + doCheck = false; + pythonImportsCheck = [ "xortool" ]; + + meta = with lib; { + description = "Tool to analyze multi-byte XOR cipher"; + homepage = "https://github.com/hellman/xortool"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/xsser/default.nix b/nixpkgs/pkgs/tools/security/xsser/default.nix new file mode 100644 index 000000000000..6c75f2e733f2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/xsser/default.nix @@ -0,0 +1,60 @@ +{ lib, buildPythonApplication, fetchFromGitHub, wrapGAppsHook, gobject-introspection, gtk3, pango +, pillow, pycurl, beautifulsoup4, pygeoip, pygobject3, cairocffi, selenium }: + +buildPythonApplication rec { + pname = "xsser"; + version = "1.8.4"; + + src = fetchFromGitHub { + owner = "epsylon"; + repo = pname; + rev = "478242e6d8e1ca921e0ba8fa59b50106fa2f7312"; + sha256 = "MsQu/r1C6uXawpuVTuBGhWNqCSZ9S2DIx15Lpo7L4RI="; + }; + + postPatch = '' + # Replace relative path with absolute store path + find . -type f -exec sed -i "s|core/fuzzing/user-agents.txt|$out/share/xsser/fuzzing/user-agents.txt|g" {} + + + # Replace absolute path references with store paths + substituteInPlace core/main.py --replace /usr $out + substituteInPlace gtk/xsser.desktop --replace /usr $out + substituteInPlace setup.py --replace /usr/share share + ''; + + nativeBuildInputs = [ wrapGAppsHook gobject-introspection ]; + + buildInputs = [ + gtk3 + pango + ]; + + propagatedBuildInputs = [ + pillow + pycurl + beautifulsoup4 + pygeoip + pygobject3 + cairocffi + selenium + ]; + + # Project has no tests + doCheck = false; + + dontWrapGApps = true; + preFixup = '' + makeWrapperArgs+=("''${gappsWrapperArgs[@]}") + ''; + + postInstall = '' + install -D core/fuzzing/user-agents.txt $out/share/xsser/fuzzing/user-agents.txt + ''; + + meta = with lib; { + description = "Automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications"; + homepage = "https://xsser.03c8.net/"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ emilytrau ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/xsubfind3r/default.nix b/nixpkgs/pkgs/tools/security/xsubfind3r/default.nix new file mode 100644 index 000000000000..9ca2d3457a05 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/xsubfind3r/default.nix @@ -0,0 +1,31 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "xsubfind3r"; + version = "0.3.0"; + + src = fetchFromGitHub { + owner = "hueristiq"; + repo = "xsubfind3r"; + rev = "refs/tags/${version}"; + hash = "sha256-DY9/qcE8Ryue6NEWglM1F+xd669DPBIgt743ta+O//4="; + }; + + vendorHash = "sha256-dFjyeIiDGdGTlZoZvsW9cwb+urS0NRxBMFf3+Y+rsAE="; + + ldflags = [ + "-s" + "-w" + ]; + + meta = with lib; { + description = "CLI utility to find subdomains from curated passive online sources"; + homepage = "https://github.com/hueristiq/xsubfind3r"; + changelog = "https://github.com/hueristiq/xsubfind3r/releases/tag/${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/yarGen/default.nix b/nixpkgs/pkgs/tools/security/yarGen/default.nix new file mode 100644 index 000000000000..4003c7e996ec --- /dev/null +++ b/nixpkgs/pkgs/tools/security/yarGen/default.nix @@ -0,0 +1,58 @@ +{ lib +, python3 +, fetchFromGitHub +, fetchpatch +}: +python3.pkgs.buildPythonApplication rec { + pname = "yarGen"; + version = "0.23.4"; + format = "other"; + + src = fetchFromGitHub { + owner = "Neo23x0"; + repo = "yarGen"; + rev = version; + sha256 = "6PJNAeeLAyUlZcIi0g57sO1Ex6atn7JhbK9kDbNrZ6A="; + }; + + patches = [ + # https://github.com/Neo23x0/yarGen/pull/33 + (fetchpatch { + name = "use-built-in-scandir.patch"; + url = "https://github.com/Neo23x0/yarGen/commit/cae14ac8efeb5536885792cae99d1d0f7fb6fde3.patch"; + sha256 = "0z6925r7n1iysld5c8li5nkm1dbxg8j7pn0626a4vic525vf8ndl"; + }) + # https://github.com/Neo23x0/yarGen/pull/34 + (fetchpatch { + name = "use-cwd-for-abspath.patch"; + url = "https://github.com/Neo23x0/yarGen/commit/441dafb702149f5728c2c6736fc08741a46deb26.patch"; + sha256 = "lNp3oC2BM7tBzN4AetvPr+xJLz6KkZxQmsldeZaxJQU="; + }) + ]; + + postPatch = '' + substituteInPlace yarGen.py \ + --replace "./3rdparty/strings.xml" "$out/share/yarGen/3rdparty/strings.xml" + ''; + + installPhase = '' + runHook preInstall + + install -Dt "$out/bin" yarGen.py + install -Dt "$out/share/yarGen/3rdparty" 3rdparty/strings.xml + + runHook postInstall + ''; + + propagatedBuildInputs = with python3.pkgs; [ + pefile + lxml + ]; + + meta = with lib; { + description = "A generator for YARA rules"; + homepage = "https://github.com/Neo23x0/yarGen"; + license = licenses.bsd3; + maintainers = [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/yara/default.nix b/nixpkgs/pkgs/tools/security/yara/default.nix new file mode 100644 index 000000000000..83f772d48410 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/yara/default.nix @@ -0,0 +1,64 @@ +{ lib, stdenv +, fetchFromGitHub +, autoreconfHook +, pcre +, pkg-config +, protobufc +, withCrypto ? true, openssl +, enableCuckoo ? true, jansson +, enableDex ? true +, enableDotNet ? true +, enableMacho ? true +, enableMagic ? true, file +, enableStatic ? false +}: + +stdenv.mkDerivation rec { + pname = "yara"; + version = "4.4.0"; + + src = fetchFromGitHub { + owner = "VirusTotal"; + repo = pname; + rev = "v${version}"; + hash = "sha256-axHFy7YwLhhww+lh+ORyW6YG+T385msysIHK5SMyhMk="; + }; + + nativeBuildInputs = [ + autoreconfHook + pkg-config + ]; + + buildInputs = [ + pcre + protobufc + ] ++ lib.optionals withCrypto [ + openssl + ] ++ lib.optionals enableMagic [ + file + ] ++ lib.optionals enableCuckoo [ + jansson + ]; + + preConfigure = "./bootstrap.sh"; + + configureFlags = [ + (lib.withFeature withCrypto "crypto") + (lib.enableFeature enableCuckoo "cuckoo") + (lib.enableFeature enableDex "dex") + (lib.enableFeature enableDotNet "dotnet") + (lib.enableFeature enableMacho "macho") + (lib.enableFeature enableMagic "magic") + (lib.enableFeature enableStatic "static") + ]; + + doCheck = enableStatic; + + meta = with lib; { + description = "The pattern matching swiss knife for malware researchers"; + homepage = "http://Virustotal.github.io/yara/"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + platforms = platforms.all; + }; +} diff --git a/nixpkgs/pkgs/tools/security/yaralyzer/default.nix b/nixpkgs/pkgs/tools/security/yaralyzer/default.nix new file mode 100644 index 000000000000..4379bbc5c63c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/yaralyzer/default.nix @@ -0,0 +1,47 @@ +{ lib +, python3 +, fetchFromGitHub +}: + +python3.pkgs.buildPythonApplication rec { + pname = "yaralyzer"; + version = "0.9.0"; + format = "pyproject"; + + src = fetchFromGitHub { + owner = "michelcrypt4d4mus"; + repo = "yaralyzer"; + rev = "refs/tags/v${version}"; + hash = "sha256-QsMO/fnHy4puuToUHSS05fWnXHdAVnWFFBVq3cb0Zj4="; + }; + + pythonRelaxDeps = [ + "python-dotenv" + "rich" + ]; + + nativeBuildInputs = with python3.pkgs; [ + poetry-core + pythonRelaxDepsHook + ]; + + propagatedBuildInputs = with python3.pkgs; [ + chardet + python-dotenv + rich + rich-argparse-plus + yara-python + ]; + + pythonImportsCheck = [ + "yaralyzer" + ]; + + meta = with lib; { + description = "Tool to visually inspect and force decode YARA and regex matches"; + homepage = "https://github.com/michelcrypt4d4mus/yaralyzer"; + changelog = "https://github.com/michelcrypt4d4mus/yaralyzer/blob/${version}/CHANGELOG.md"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/yatas/default.nix b/nixpkgs/pkgs/tools/security/yatas/default.nix new file mode 100644 index 000000000000..057f0c7b18b4 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/yatas/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "yatas"; + version = "1.5.1"; + + src = fetchFromGitHub { + owner = "padok-team"; + repo = "YATAS"; + rev = "refs/tags/v${version}"; + hash = "sha256-gw4aZ7SLUz5WLUb1z4zDtI6Ca0tEWhE5wobp5NRvjkg="; + }; + + vendorHash = "sha256-zp5EVJe5Q6o6C0CZ8u+oEFEOy0NU5SgVN+cSc6A/jZ4="; + + meta = with lib; { + description = "Tool to audit AWS infrastructure for misconfiguration or potential security issues"; + homepage = "https://github.com/padok-team/YATAS"; + changelog = "https://github.com/padok-team/YATAS/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/yersinia/default.nix b/nixpkgs/pkgs/tools/security/yersinia/default.nix new file mode 100644 index 000000000000..cc8b7752e62a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/yersinia/default.nix @@ -0,0 +1,64 @@ +{ stdenv, lib, fetchFromGitHub, autoreconfHook, pkg-config, fetchpatch +, ncurses, libpcap, libnet +# alpha version of GTK interface +, withGtk ? false, gtk2 +# enable remote admin interface +, enableAdmin ? false +}: + +stdenv.mkDerivation rec { + pname = "yersinia"; + version = "0.8.2"; + + src = fetchFromGitHub { + owner = "tomac"; + repo = pname; + rev = "v${version}"; + sha256 = "06yfpf9iyi525rly1ychsihzvw3sas8kp0nxxr99xkwiqp5dc78b"; + }; + + patches = [ + # ncurses-6.3 support, included in next release + (fetchpatch { + name = "ncurses-6.3.patch"; + url = "https://github.com/tomac/yersinia/commit/d91bbf6f475e7ea39f131b77ce91b2de9646d5ca.patch"; + sha256 = "fl1pZKWA+nLtBm9+3FBFqaeuVZjszQCNkNl6Cf++BAI="; + }) + + # Pull upstream fix for -fno-common toolchain support: + # https://github.com/tomac/yersinia/pull/66 + (fetchpatch { + name = "fno-common.patch"; + url = "https://github.com/tomac/yersinia/commit/36247225dc7a6f38c4ba70537e20351f04762749.patch"; + sha256 = "KHaN8gfgNROEico27gWnYiP9ZVhpWz0KjFYy2t5tPBo="; + }) + ]; + + nativeBuildInputs = [ autoreconfHook pkg-config ]; + buildInputs = [ libpcap libnet ncurses ] + ++ lib.optional withGtk gtk2; + + autoreconfPhase = "./autogen.sh"; + + configureFlags = [ + "--with-pcap-includes=${libpcap}/include" + "--with-libnet-includes=${libnet}/include" + ] + ++ lib.optional (!enableAdmin) "--disable-admin" + ++ lib.optional (!withGtk) "--disable-gtk"; + + makeFlags = [ "LDFLAGS=-lncurses" ]; + + meta = with lib; { + description = "A framework for layer 2 attacks"; + homepage = "https://github.com/tomac/yersinia"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ vdot0x23 ]; + # INSTALL and FAQ in this package seem a little outdated + # so not sure, but it could work on openbsd, illumos, and freebsd + # if you have a machine to test with, feel free to add these + platforms = with platforms; linux; + # never built on aarch64-linux since first introduction in nixpkgs + broken = stdenv.isLinux && stdenv.isAarch64; + }; +} diff --git a/nixpkgs/pkgs/tools/security/yubihsm-connector/default.nix b/nixpkgs/pkgs/tools/security/yubihsm-connector/default.nix new file mode 100644 index 000000000000..8e56cc6a227e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/yubihsm-connector/default.nix @@ -0,0 +1,36 @@ +{ lib, libusb1, buildGoModule, fetchFromGitHub, pkg-config }: + +buildGoModule rec { + pname = "yubihsm-connector"; + version = "3.0.4"; + + src = fetchFromGitHub { + owner = "Yubico"; + repo = "yubihsm-connector"; + rev = version; + hash = "sha256-snoQZsmKQPcsB5EpZc4yon02QbxNU5B5TAwRPjs1O5I="; + }; + + vendorHash = "sha256-XW7rEHY3S+M3b6QjmINgrCak+BqCEV3PJP90jz7J47A="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + libusb1 + ]; + + ldflags = [ "-s" "-w" ]; + + preBuild = '' + go generate + ''; + + meta = with lib; { + description = "yubihsm-connector performs the communication between the YubiHSM 2 and applications that use it"; + homepage = "https://developers.yubico.com/yubihsm-connector/"; + maintainers = with maintainers; [ matthewcroughan ]; + license = licenses.asl20; + }; +} diff --git a/nixpkgs/pkgs/tools/security/yubihsm-shell/default.nix b/nixpkgs/pkgs/tools/security/yubihsm-shell/default.nix new file mode 100644 index 000000000000..650224dd03b1 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/yubihsm-shell/default.nix @@ -0,0 +1,70 @@ +{ lib +, stdenv +, fetchFromGitHub +, cmake +, openssl +, libusb1 +, libedit +, curl +, gengetopt +, pkg-config +, pcsclite +, help2man +, darwin +, libiconv +}: + +stdenv.mkDerivation rec { + pname = "yubihsm-shell"; + version = "2.4.0"; + + src = fetchFromGitHub { + owner = "Yubico"; + repo = "yubihsm-shell"; + rev = version; + hash = "sha256-zWhvECPdZnrbSAVPDVZk54SWHVkd/HEQxS3FgXoqXHY="; + }; + + postPatch = '' + # Can't find libyubihsm at runtime because of dlopen() in C code + substituteInPlace lib/yubihsm.c \ + --replace "libyubihsm_usb.so" "$out/lib/libyubihsm_usb.so" \ + --replace "libyubihsm_http.so" "$out/lib/libyubihsm_http.so" + # ld: unknown option: -z + substituteInPlace CMakeLists.txt cmake/SecurityFlags.cmake \ + --replace "AppleClang" "Clang" + ''; + + nativeBuildInputs = [ + pkg-config + cmake + help2man + gengetopt + ]; + + buildInputs = [ + libusb1 + libedit + curl + openssl + ] ++ lib.optionals stdenv.isLinux [ + pcsclite + ] ++ lib.optionals stdenv.isDarwin [ + darwin.apple_sdk.frameworks.PCSC + libiconv + ]; + + cmakeFlags = lib.optionals stdenv.isDarwin [ + "-DDISABLE_LTO=ON" + ]; + + # causes redefinition of _FORTIFY_SOURCE + hardeningDisable = [ "fortify3" ]; + + meta = with lib; { + description = "yubihsm-shell and libyubihsm"; + homepage = "https://github.com/Yubico/yubihsm-shell"; + maintainers = with maintainers; [ matthewcroughan ]; + license = licenses.asl20; + }; +} diff --git a/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix b/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix new file mode 100644 index 000000000000..01e512e49bdd --- /dev/null +++ b/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix @@ -0,0 +1,45 @@ +{ stdenv, lib, fetchFromGitHub, buildGoModule, libnotify, pcsclite, pkg-config, darwin }: + +buildGoModule rec { + pname = "yubikey-agent"; + + version = "0.1.6"; + src = fetchFromGitHub { + owner = "FiloSottile"; + repo = "yubikey-agent"; + rev = "v${version}"; + sha256 = "sha256-Knk1ipBOzjmjrS2OFUMuxi1TkyDcSYlVKezDWT//ERY="; + }; + + buildInputs = + lib.optional stdenv.isLinux (lib.getDev pcsclite) + ++ lib.optional stdenv.isDarwin (darwin.apple_sdk.frameworks.PCSC); + + nativeBuildInputs = lib.optionals stdenv.isLinux [ pkg-config ]; + + postPatch = lib.optionalString stdenv.isLinux '' + substituteInPlace main.go --replace 'notify-send' ${libnotify}/bin/notify-send + ''; + + vendorHash = "sha256-+IRPs3wm3EvIgfQRpzcVpo2JBaFQlyY/RI1G7XfVS84="; + + doCheck = false; + + subPackages = [ "." ]; + + ldflags = [ "-s" "-w" "-X main.Version=${version}" ]; + + postInstall = lib.optionalString stdenv.isLinux '' + mkdir -p $out/lib/systemd/user + substitute contrib/systemd/user/yubikey-agent.service $out/lib/systemd/user/yubikey-agent.service \ + --replace 'ExecStart=yubikey-agent' "ExecStart=$out/bin/yubikey-agent" + ''; + + meta = with lib; { + description = "A seamless ssh-agent for YubiKeys"; + license = licenses.bsd3; + homepage = "https://filippo.io/yubikey-agent"; + maintainers = with lib.maintainers; [ philandstuff rawkode ]; + platforms = platforms.darwin ++ platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/tools/security/yubikey-touch-detector/default.nix b/nixpkgs/pkgs/tools/security/yubikey-touch-detector/default.nix new file mode 100644 index 000000000000..26402caa812b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/yubikey-touch-detector/default.nix @@ -0,0 +1,54 @@ +{ lib, libnotify, buildGoModule, fetchFromGitHub, fetchurl, pkg-config, iconColor ? "#84bd00" }: + +buildGoModule rec { + pname = "yubikey-touch-detector"; + version = "1.10.1"; + + src = fetchFromGitHub { + owner = "maximbaz"; + repo = "yubikey-touch-detector"; + rev = version; + sha256 = "sha256-y/iDmxlhu2Q6Zas0jsv07HQPkNdMrOQaXWy/cuWvpMk="; + }; + vendorHash = "sha256-OitI9Yp4/mRMrNH4yrWSL785+3mykPkvzarrc6ipOeg="; + + iconSrc = fetchurl { + url = "https://github.com/Yubico/yubioath-flutter/raw/yubioath-desktop-5.0.0/images/touch.svg"; + hash = "sha256-+jC9RKjl1uMBaNqLX5WXN+E4CuOcIEx5IGXWxgxzA/k="; + }; + + nativeBuildInputs = [ pkg-config ]; + + buildInputs = [ libnotify ]; + + postPatch = '' + cp $iconSrc yubikey-touch-detector.svg + substituteInPlace yubikey-touch-detector.svg \ + --replace '#284c61' ${lib.escapeShellArg iconColor} + + substituteInPlace notifier/libnotify.go \ + --replace \ + 'AppIcon: "yubikey-touch-detector"' \ + "AppIcon: \"$out/share/icons/yubikey-touch-detector.svg\"" + ''; + + postInstall = '' + install -Dm444 -t $out/share/doc/${pname} *.md + + install -Dm444 -t $out/share/icons yubikey-touch-detector.svg + + install -Dm444 -t $out/lib/systemd/user *.{service,socket} + + substituteInPlace $out/lib/systemd/user/*.service \ + --replace /usr/bin/yubikey-touch-detector "$out/bin/yubikey-touch-detector --libnotify" + ''; + + meta = with lib; { + description = "A tool to detect when your YubiKey is waiting for a touch (to send notification or display a visual indicator on the screen)."; + homepage = "https://github.com/maximbaz/yubikey-touch-detector"; + maintainers = with maintainers; [ sumnerevans ]; + license = with licenses; [ bsd2 isc ]; + platforms = platforms.linux; + mainProgram = "yubikey-touch-detector"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/zdns/default.nix b/nixpkgs/pkgs/tools/security/zdns/default.nix new file mode 100644 index 000000000000..9b0c33f2802e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/zdns/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "zdns"; + version = "2023-04-09-unstable"; + + src = fetchFromGitHub { + owner = "zmap"; + repo = pname; + rev = "ac6c7f30a7f5e11f87779f5275adeed117227cd6"; + hash = "sha256-que2uzIH8GybU6Ekumg/MjgBHSmFCF+T7PWye+25kaY="; + }; + + vendorHash = "sha256-daMPk1TKrUXXqCb4WVkrUIJsBL7uzXLJnxWNbHQ/Im4="; + + meta = with lib; { + description = "CLI DNS lookup tool"; + homepage = "https://github.com/zmap/zdns"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/zeekscript/default.nix b/nixpkgs/pkgs/tools/security/zeekscript/default.nix new file mode 100644 index 000000000000..c1ab0cb4a190 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/zeekscript/default.nix @@ -0,0 +1,40 @@ +{ lib +, python3 +, fetchPypi +}: + +python3.pkgs.buildPythonApplication rec { + pname = "zeekscript"; + version = "1.2.1"; + format = "pyproject"; + + src = fetchPypi { + inherit pname version; + hash = "sha256-LogI9sJHvLN5WHJGdW47D09XZInKln/I2hNmG62d1JU="; + }; + + postPatch = '' + sed -i '/name = "zeekscript"/a version = "${version}"' pyproject.toml + ''; + + nativeBuildInputs = with python3.pkgs; [ + setuptools + wheel + ]; + + propagatedBuildInputs = with python3.pkgs; [ + tree-sitter + ]; + + pythonImportsCheck = [ + "zeekscript" + ]; + + meta = with lib; { + description = "A Zeek script formatter and analyzer"; + homepage = "https://github.com/zeek/zeekscript"; + changelog = "https://github.com/zeek/zeekscript/blob/v${version}/CHANGES"; + license = licenses.bsd3; + maintainers = with maintainers; [ fab tobim ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/zgrab2/default.nix b/nixpkgs/pkgs/tools/security/zgrab2/default.nix new file mode 100644 index 000000000000..c91c1b876099 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/zgrab2/default.nix @@ -0,0 +1,36 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "zgrab2"; + version = "unstable-2023-03-23"; + + src = fetchFromGitHub { + owner = "zmap"; + repo = pname; + rev = "911c86f13080ceae98f8d63d1ae0e85c4a8f7f61"; + hash = "sha256-VOWkBM/SziY3jiIaYYWq+LRzG4vKitiscqdIDfRUkYY="; + }; + + vendorHash = "sha256-Q3FCqvh4vn64QXqcePhVWTyIHJarI6I4YonH3X/7RhI="; + + patches = [ + # Without this, we get error messages like: + # vendor/golang.org/x/sys/unix/syscall.go:83:16: unsafe.Slice requires go1.17 or later (-lang was set to go1.16; check go.mod) + # The patch was generated by changing "go 1.12" to "go 1.17" and executing `go mod tidy -compat=1.17`. + ./fix-go-version-error.patch + ]; + + subPackages = [ + "cmd/zgrab2" + ]; + + meta = with lib; { + description = "Web application scanner"; + homepage = "https://github.com/zmap/zgrab2"; + license = with licenses; [ asl20 isc ]; + maintainers = with maintainers; [ fab juliusrickert ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/zgrab2/fix-go-version-error.patch b/nixpkgs/pkgs/tools/security/zgrab2/fix-go-version-error.patch new file mode 100644 index 000000000000..797bd542be80 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/zgrab2/fix-go-version-error.patch @@ -0,0 +1,46 @@ +diff --git a/go.mod b/go.mod +index 888f10e..5463ef5 100644 +--- a/go.mod ++++ b/go.mod +@@ -1,25 +1,33 @@ + module github.com/zmap/zgrab2 + +-go 1.12 ++go 1.17 + + require ( +- github.com/cespare/xxhash/v2 v2.2.0 // indirect +- github.com/go-kit/kit v0.10.0 // indirect +- github.com/golang/protobuf v1.5.3 // indirect + github.com/hdm/jarm-go v0.0.7 + github.com/prometheus/client_golang v1.14.0 +- github.com/prometheus/common v0.42.0 // indirect +- github.com/prometheus/procfs v0.9.0 // indirect + github.com/sirupsen/logrus v1.9.0 +- github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 // indirect + github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300 + github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6 + golang.org/x/crypto v0.7.0 + golang.org/x/net v0.8.0 + golang.org/x/sys v0.6.0 + golang.org/x/text v0.8.0 +- google.golang.org/protobuf v1.30.0 // indirect + gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c + gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 + gopkg.in/yaml.v2 v2.4.0 + ) ++ ++require ( ++ github.com/beorn7/perks v1.0.1 // indirect ++ github.com/cespare/xxhash/v2 v2.2.0 // indirect ++ github.com/golang/protobuf v1.5.3 // indirect ++ github.com/kr/pretty v0.2.1 // indirect ++ github.com/kr/text v0.1.0 // indirect ++ github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect ++ github.com/prometheus/client_model v0.3.0 // indirect ++ github.com/prometheus/common v0.42.0 // indirect ++ github.com/prometheus/procfs v0.9.0 // indirect ++ github.com/weppos/publicsuffix-go v0.30.0 // indirect ++ github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 // indirect ++ google.golang.org/protobuf v1.30.0 // indirect ++) diff --git a/nixpkgs/pkgs/tools/security/zkar/default.nix b/nixpkgs/pkgs/tools/security/zkar/default.nix new file mode 100644 index 000000000000..85bed59a1fa2 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/zkar/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "zkar"; + version = "1.3.0"; + + src = fetchFromGitHub { + owner = "phith0n"; + repo = pname; + rev = "v${version}"; + hash = "sha256-TGqsiYZLbXvCc30OtvNbX4INlzw3ZfjvXal47rP7NDw="; + }; + + vendorHash = "sha256-HQ9qclaaDj0H8PL0oQG1WsH19wVQpynijHNcal4gWBE="; + + meta = with lib; { + description = "Java serialization protocol analysis tool"; + homepage = "https://github.com/phith0n/zkar"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/zlint/default.nix b/nixpkgs/pkgs/tools/security/zlint/default.nix new file mode 100644 index 000000000000..68db5038c6f0 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/zlint/default.nix @@ -0,0 +1,55 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, testers +, zlint +}: + +buildGoModule rec { + pname = "zlint"; + version = "3.5.0"; + + src = fetchFromGitHub { + owner = "zmap"; + repo = "zlint"; + rev = "v${version}"; + hash = "sha256-PpCA7BeamXWWRIXcoIGg2gufpqrzI6goXxQhJaH04cA="; + }; + + modRoot = "v3"; + + vendorHash = "sha256-MDg09cjJ/vSLjXm4l5S4v/r2YQPV4enH8V3ByBtDVfM="; + + postPatch = '' + # Remove a package which is not declared in go.mod. + rm -rf v3/cmd/genTestCerts + ''; + + excludedPackages = [ + "lints" + ]; + + ldflags = [ + "-s" + "-w" + "-X main.version=${version}" + ]; + + passthru.tests.version = testers.testVersion { + package = zlint; + command = "zlint -version"; + }; + + meta = with lib; { + description = "X.509 Certificate Linter focused on Web PKI standards and requirements"; + longDescription = '' + ZLint is a X.509 certificate linter written in Go that checks for + consistency with standards (e.g. RFC 5280) and other relevant PKI + requirements (e.g. CA/Browser Forum Baseline Requirements). + ''; + homepage = "https://github.com/zmap/zlint"; + changelog = "https://github.com/zmap/zlint/releases/tag/${src.rev}"; + license = licenses.asl20; + maintainers = with maintainers; [ baloo ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/zmap/default.nix b/nixpkgs/pkgs/tools/security/zmap/default.nix new file mode 100644 index 000000000000..de1bc354cf62 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/zmap/default.nix @@ -0,0 +1,31 @@ +{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, libjson, json_c, gengetopt, flex, byacc, gmp +, libpcap, libunistring +}: + +stdenv.mkDerivation rec { + pname = "zmap"; + version = "3.0.0"; + + src = fetchFromGitHub { + owner = "zmap"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-OJZKcnsuBi3z/AI05RMBitgn01bhVTqx2jFYJLuIJk4="; + }; + + cmakeFlags = [ "-DRESPECT_INSTALL_PREFIX_CONFIG=ON" ]; + + nativeBuildInputs = [ cmake pkg-config gengetopt flex byacc ]; + buildInputs = [ libjson json_c gmp libpcap libunistring ]; + + outputs = [ "out" "man" ]; + + meta = with lib; { + homepage = "https://zmap.io/"; + license = licenses.asl20; + description = "Fast single packet network scanner designed for Internet-wide network surveys"; + maintainers = with maintainers; [ ma27 ]; + platforms = platforms.unix; + broken = stdenv.isDarwin; + }; +} diff --git a/nixpkgs/pkgs/tools/security/zsteg/Gemfile b/nixpkgs/pkgs/tools/security/zsteg/Gemfile new file mode 100644 index 000000000000..814e5fe8ad4e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/zsteg/Gemfile @@ -0,0 +1,2 @@ +source 'https://rubygems.org' +gem 'zsteg' diff --git a/nixpkgs/pkgs/tools/security/zsteg/Gemfile.lock b/nixpkgs/pkgs/tools/security/zsteg/Gemfile.lock new file mode 100644 index 000000000000..b611fb93f5a9 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/zsteg/Gemfile.lock @@ -0,0 +1,19 @@ +GEM + remote: https://rubygems.org/ + specs: + iostruct (0.0.4) + rainbow (3.0.0) + zpng (0.3.1) + rainbow + zsteg (0.2.2) + iostruct + zpng (>= 0.3.1) + +PLATFORMS + ruby + +DEPENDENCIES + zsteg + +BUNDLED WITH + 2.1.4 diff --git a/nixpkgs/pkgs/tools/security/zsteg/default.nix b/nixpkgs/pkgs/tools/security/zsteg/default.nix new file mode 100644 index 000000000000..e47f285de70a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/zsteg/default.nix @@ -0,0 +1,16 @@ +{ lib, bundlerApp }: + +bundlerApp { + pname = "zsteg"; + + gemdir = ./.; + + exes = [ "zsteg" ]; + + meta = with lib; { + description = "Detect stegano-hidden data in PNG & BMP."; + homepage = "http://zed.0xff.me/"; + license = licenses.mit; + maintainers = with maintainers; [ applePrincess ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/zsteg/gemset.nix b/nixpkgs/pkgs/tools/security/zsteg/gemset.nix new file mode 100644 index 000000000000..4f5bd79ce44c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/zsteg/gemset.nix @@ -0,0 +1,44 @@ +{ + iostruct = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0kwp6ryis32j3z7myw8g7v1yszwrwyl04g2c7flr42pwxga1afxc"; + type = "gem"; + }; + version = "0.0.4"; + }; + rainbow = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bb2fpjspydr6x0s8pn1pqkzmxszvkfapv0p4627mywl7ky4zkhk"; + type = "gem"; + }; + version = "3.0.0"; + }; + zpng = { + dependencies = ["rainbow"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ciyab7qxqsxjhfvr6rbpdzg655fi1zygqg9sd9m6wmgc037dj74"; + type = "gem"; + }; + version = "0.3.1"; + }; + zsteg = { + dependencies = ["iostruct" "zpng"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1mwajlsgs27449n2yf2f9hz8g46qv9bz9f58i9cz1jg58spvpxpk"; + type = "gem"; + }; + version = "0.2.2"; + }; +} diff --git a/nixpkgs/pkgs/tools/security/zzuf/default.nix b/nixpkgs/pkgs/tools/security/zzuf/default.nix new file mode 100644 index 000000000000..edf5e846801b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/zzuf/default.nix @@ -0,0 +1,23 @@ +{ lib, stdenv, fetchFromGitHub, pkg-config, autoreconfHook }: + +stdenv.mkDerivation rec { + pname = "zzuf"; + version = "0.15"; + + src = fetchFromGitHub { + owner = "samhocevar"; + repo = "zzuf"; + rev = "v${version}"; + sha256 = "0li1s11xf32dafxq1jbnc8c63313hy9ry09dja2rymk9mza4x2n9"; + }; + + nativeBuildInputs = [ pkg-config autoreconfHook ]; + + meta = with lib; { + description = "Transparent application input fuzzer"; + homepage = "http://caca.zoy.org/wiki/zzuf"; + license = licenses.wtfpl; + platforms = platforms.linux; + maintainers = with maintainers; [ lihop ]; + }; +} |