diff options
Diffstat (limited to 'pkgs/tools/security')
| -rw-r--r-- | pkgs/tools/security/eid-mw/default.nix | 10 | ||||
| -rw-r--r-- | pkgs/tools/security/gnupg/21.nix | 6 | ||||
| -rw-r--r-- | pkgs/tools/security/mbox/default.nix | 2 | ||||
| -rw-r--r-- | pkgs/tools/security/pass/rofi-pass.nix | 51 | ||||
| -rw-r--r-- | pkgs/tools/security/pcsclite/default.nix | 8 | ||||
| -rw-r--r-- | pkgs/tools/security/pinentry/default.nix | 4 | ||||
| -rw-r--r-- | pkgs/tools/security/pinentry/qt5.nix | 47 | ||||
| -rw-r--r-- | pkgs/tools/security/sudo/default.nix | 4 | ||||
| -rw-r--r-- | pkgs/tools/security/tor/default.nix | 4 |
9 files changed, 118 insertions, 18 deletions
diff --git a/pkgs/tools/security/eid-mw/default.nix b/pkgs/tools/security/eid-mw/default.nix index 5e06d2f32e29..7823a9e0307a 100644 --- a/pkgs/tools/security/eid-mw/default.nix +++ b/pkgs/tools/security/eid-mw/default.nix @@ -1,24 +1,26 @@ -{ stdenv, fetchFromGitHub, autoreconfHook, gtk2, nssTools, pcsclite +{ stdenv, fetchFromGitHub, autoreconfHook, gtk3, nssTools, pcsclite , pkgconfig }: -let version = "4.1.8"; in +let version = "4.1.9"; in stdenv.mkDerivation { name = "eid-mw-${version}"; src = fetchFromGitHub { - sha256 = "1nmw4c2gvbpkrgjxyd2g0lbh85lb2czbgqplqrv69fr6azaddyyk"; + sha256 = "03hf3bkawhr4kpjcv71xhja3d947qvxmjf0lkyjmv7i3fw3j8jqs"; rev = "v${version}"; repo = "eid-mw"; owner = "Fedict"; }; - buildInputs = [ gtk2 pcsclite ]; + buildInputs = [ gtk3 pcsclite ]; nativeBuildInputs = [ autoreconfHook pkgconfig ]; postPatch = '' sed 's@m4_esyscmd_s(.*,@[${version}],@' -i configure.ac ''; + configureFlags = [ "--enable-dialogs=yes" ]; + enableParallelBuilding = true; doCheck = true; diff --git a/pkgs/tools/security/gnupg/21.nix b/pkgs/tools/security/gnupg/21.nix index 5fbd6e83970c..9390207e14ad 100644 --- a/pkgs/tools/security/gnupg/21.nix +++ b/pkgs/tools/security/gnupg/21.nix @@ -13,16 +13,16 @@ with stdenv.lib; assert x11Support -> pinentry != null; stdenv.mkDerivation rec { - name = "gnupg-2.1.9"; + name = "gnupg-2.1.10"; src = fetchurl { url = "mirror://gnupg/gnupg/${name}.tar.bz2"; - sha256 = "1dpp555glln6fldk72ad7lkrn8h3cr2bg714z5kfn2qrawx67dqw"; + sha256 = "1ybcsazjm21i2ys1wh49cz4azmqz7ghx5rb6hm4gm93i2zc5igck"; }; postPatch = stdenv.lib.optionalString stdenv.isLinux '' sed -i 's,"libpcsclite\.so[^"]*","${pcsclite}/lib/libpcsclite.so",g' scd/scdaemon.c - ''; + ''; #" fix Emacs syntax highlighting :-( buildInputs = [ pkgconfig libgcrypt libassuan libksba libiconv npth diff --git a/pkgs/tools/security/mbox/default.nix b/pkgs/tools/security/mbox/default.nix index 732cf7046610..24a7ea51a82c 100644 --- a/pkgs/tools/security/mbox/default.nix +++ b/pkgs/tools/security/mbox/default.nix @@ -30,7 +30,7 @@ stdenv.mkDerivation { meta = with stdenv.lib; { description = "Lightweight sandboxing mechanism that any user can use without special privileges"; homepage = http://pdos.csail.mit.edu/mbox/; - maintainers = with maintainers; [ emery ]; + maintainers = with maintainers; [ ehmry ]; license = licenses.bsd3; platforms = [ "x86_64-linux" ]; }; diff --git a/pkgs/tools/security/pass/rofi-pass.nix b/pkgs/tools/security/pass/rofi-pass.nix new file mode 100644 index 000000000000..94dca5dca680 --- /dev/null +++ b/pkgs/tools/security/pass/rofi-pass.nix @@ -0,0 +1,51 @@ +{ stdenv, fetchgit +, pass, rofi, coreutils, utillinux, xdotool, gnugrep, pwgen, findutils +, makeWrapper }: + +stdenv.mkDerivation rec { + name = "rofi-pass-${version}"; + version = "1.3.1"; + + src = fetchgit { + url = "https://github.com/carnager/rofi-pass"; + rev = "refs/tags/${version}"; + sha256 = "1r206fq96avhlgkf2fzf8j2a25dav0s945qv66hwvqwhxq74frrv"; + }; + + buildInputs = [ makeWrapper ]; + + dontBuild = true; + + installPhase = '' + mkdir -p $out/bin + cp -a $src/rofi-pass $out/bin/rofi-pass + + mkdir -p $out/share/doc/rofi-pass/ + cp -a $src/config.example $out/share/doc/rofi-pass/config.example + ''; + + wrapperPath = with stdenv.lib; makeSearchPath "bin/" [ + coreutils + findutils + gnugrep + pass + pwgen + rofi + utillinux + xdotool + ]; + + fixupPhase = '' + patchShebangs $out/bin + + wrapProgram $out/bin/rofi-pass \ + --prefix PATH : "${wrapperPath}" + ''; + + meta = { + description = "A script to make rofi work with password-store"; + homepage = https://github.com/carnager/rofi-pass; + maintainers = with stdenv.lib.maintainers; [ hiberno the-kenny ]; + license = stdenv.lib.licenses.gpl3; + }; +} diff --git a/pkgs/tools/security/pcsclite/default.nix b/pkgs/tools/security/pcsclite/default.nix index 4c96c947f57a..41c106854351 100644 --- a/pkgs/tools/security/pcsclite/default.nix +++ b/pkgs/tools/security/pcsclite/default.nix @@ -11,18 +11,18 @@ stdenv.mkDerivation rec { configureFlags = [ # The OS should care on preparing the drivers into this location "--enable-usbdropdir=/var/lib/pcsc/drivers" - "--with-systemdsystemunitdir=\${out}/etc/systemd/system" "--enable-confdir=/etc" - ]; + ] ++ stdenv.lib.optional stdenv.isLinux + "--with-systemdsystemunitdir=\${out}/etc/systemd/system"; nativeBuildInputs = [ pkgconfig perl python2 ]; - buildInputs = [ udev dbus_libs ]; + buildInputs = stdenv.lib.optionals stdenv.isLinux [ udev dbus_libs ]; meta = with stdenv.lib; { description = "Middleware to access a smart card using SCard API (PC/SC)"; homepage = http://pcsclite.alioth.debian.org/; license = licenses.bsd3; maintainers = with maintainers; [ viric wkennington ]; - platforms = platforms.linux; + platforms = with platforms; unix; }; } diff --git a/pkgs/tools/security/pinentry/default.nix b/pkgs/tools/security/pinentry/default.nix index 30d717c7bc11..8ccf1ba7ccd1 100644 --- a/pkgs/tools/security/pinentry/default.nix +++ b/pkgs/tools/security/pinentry/default.nix @@ -10,11 +10,11 @@ let in with stdenv.lib; stdenv.mkDerivation rec { - name = "pinentry-0.9.5"; + name = "pinentry-0.9.6"; src = fetchurl { url = "mirror://gnupg/pinentry/${name}.tar.bz2"; - sha256 = "1338hj1h3sh34897120y30x12b64wyj3xjzzk5asm2hdzhxgsmva"; + sha256 = "0rhyw1vk28kgasjp22myf7m2q8kycw82d65pr9kgh93z17lj849a"; }; buildInputs = [ libgpgerror libassuan libcap gtk2 ncurses qt4 ]; diff --git a/pkgs/tools/security/pinentry/qt5.nix b/pkgs/tools/security/pinentry/qt5.nix new file mode 100644 index 000000000000..d0811cdd11af --- /dev/null +++ b/pkgs/tools/security/pinentry/qt5.nix @@ -0,0 +1,47 @@ +{ fetchurl, stdenv, pkgconfig +, libgpgerror, libassuan +, qtbase +, libcap ? null +}: + +let + mkFlag = pfxTrue: pfxFalse: cond: name: "--${if cond then pfxTrue else pfxFalse}-${name}"; + mkEnable = mkFlag "enable" "disable"; + mkWith = mkFlag "with" "without"; +in +with stdenv.lib; +stdenv.mkDerivation rec { + name = "pinentry-0.9.6"; + + src = fetchurl { + url = "mirror://gnupg/pinentry/${name}.tar.bz2"; + sha256 = "0rhyw1vk28kgasjp22myf7m2q8kycw82d65pr9kgh93z17lj849a"; + }; + + buildInputs = [ libgpgerror libassuan libcap qtbase ]; + + # configure cannot find moc on its own + preConfigure = '' + export QTDIR="${qtbase}" + export MOC="${qtbase}/bin/moc" + ''; + + configureFlags = [ + (mkWith (libcap != null) "libcap") + (mkEnable true "pinentry-qt") + ]; + + nativeBuildInputs = [ pkgconfig ]; + + meta = { + homepage = "http://gnupg.org/aegypten2/"; + description = "GnuPG's interface to passphrase input"; + license = stdenv.lib.licenses.gpl2Plus; + platforms = stdenv.lib.platforms.all; + longDescription = '' + Pinentry provides a console and (optional) GTK+ and Qt GUIs allowing users + to enter a passphrase when `gpg' or `gpg2' is run and needs it. + ''; + maintainers = [ stdenv.lib.maintainers.ttuegel ]; + }; +} diff --git a/pkgs/tools/security/sudo/default.nix b/pkgs/tools/security/sudo/default.nix index 34e1731778f5..6720c7378662 100644 --- a/pkgs/tools/security/sudo/default.nix +++ b/pkgs/tools/security/sudo/default.nix @@ -4,14 +4,14 @@ }: stdenv.mkDerivation rec { - name = "sudo-1.8.14p3"; + name = "sudo-1.8.15"; src = fetchurl { urls = [ "ftp://ftp.sudo.ws/pub/sudo/${name}.tar.gz" "ftp://ftp.sudo.ws/pub/sudo/OLD/${name}.tar.gz" ]; - sha256 = "0dqj1bq2jr4jxqfrd5yg0i42a6268scd0l28jic9118kn75rg9m8"; + sha256 = "0263gi6i19fyzzc488n0qw3m518i39f6a7qmrfvahk9j10bkh5j3"; }; configureFlags = [ diff --git a/pkgs/tools/security/tor/default.nix b/pkgs/tools/security/tor/default.nix index 525259bdb029..9e73c7d4053f 100644 --- a/pkgs/tools/security/tor/default.nix +++ b/pkgs/tools/security/tor/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, libevent, openssl, zlib, torsocks, libseccomp }: stdenv.mkDerivation rec { - name = "tor-0.2.6.10"; + name = "tor-0.2.7.5"; src = fetchurl { url = "https://archive.torproject.org/tor-package-archive/${name}.tar.gz"; - sha256 = "0542c0efe43b86619337862fa7eb02c7a74cb23a79d587090628a5f0f1224b8d"; + sha256 = "0pxayvcab4cb107ynbpzx4g0qyr1mjfba2an76wdx6dxn56rwakx"; }; # Note: torsocks is specified as a dependency, as the distributed |