11 files changed, 32 insertions, 86 deletions

diff --git a/pkgs/tools/security/gnupg/1compat.nix b/pkgs/tools/security/gnupg/1compat.nix
index da700fe9f227..eadfbe230b3f 100644
--- a/pkgs/tools/security/gnupg/1compat.nix
+++ b/pkgs/tools/security/gnupg/1compat.nix
@@ -12,10 +12,6 @@ stdenv.mkDerivation {
     ${coreutils}/bin/rm $out/bin
     ${coreutils}/bin/mkdir -p $out/bin
     ${coreutils}/bin/ln -s "${gnupg}/bin/"* $out/bin
-
-    # Add gpg->gpg2 and gpgv->gpgv2 symlinks
-    ${coreutils}/bin/ln -s gpg2 $out/bin/gpg
-    ${coreutils}/bin/ln -s gpgv2 $out/bin/gpgv
   '';
 
   meta = gnupg.meta // {
diff --git a/pkgs/tools/security/gnupg/21.nix b/pkgs/tools/security/gnupg/21.nix
index 2d43d3e977aa..1523f3e159ce 100644
--- a/pkgs/tools/security/gnupg/21.nix
+++ b/pkgs/tools/security/gnupg/21.nix
@@ -15,11 +15,11 @@ assert guiSupport -> pinentry != null;
 stdenv.mkDerivation rec {
   name = "gnupg-${version}";
 
-  version = "2.1.22";
+  version = "2.1.23";
 
   src = fetchurl {
     url = "mirror://gnupg/gnupg/${name}.tar.bz2";
-    sha256 = "1msazgy1q1pp7y2xr46z0il4pfzmzgzkp7v0hv5cz4hvkspnywa6";
+    sha256 = "0xqd5nm4j3w9lwk35vg57gl2i8bfkmx7d24i44gkbscm2lwpci59";
   };
 
   buildInputs = [
diff --git a/pkgs/tools/security/gnupg/gpgkey2ssh-20.patch b/pkgs/tools/security/gnupg/gpgkey2ssh-20.patch
index 4bfdc13ef598..65804bac7642 100644
--- a/pkgs/tools/security/gnupg/gpgkey2ssh-20.patch
+++ b/pkgs/tools/security/gnupg/gpgkey2ssh-20.patch
@@ -7,7 +7,7 @@ index 903fb5b..d5611dc 100644
  
    ret = asprintf (&command,
 -		  "gpg --list-keys --with-colons --with-key-data '%s'",
-+		  "@out@/bin/gpg2 --list-keys --with-colons --with-key-data '%s'",
++		  "@out@/bin/gpg --list-keys --with-colons --with-key-data '%s'",
  		  keyid);
    assert (ret > 0);
  
diff --git a/pkgs/tools/security/jd-gui/default.nix b/pkgs/tools/security/jd-gui/default.nix
index 32bc1a4d7119..72cb19aa732b 100644
--- a/pkgs/tools/security/jd-gui/default.nix
+++ b/pkgs/tools/security/jd-gui/default.nix
@@ -29,7 +29,6 @@ stdenv.mkDerivation rec {
 
   nativeBuildInputs = [ upx patchelf ];
 
-  phases = "unpackPhase installPhase";
   unpackPhase = "tar xf ${src}";
   installPhase = ''
     mkdir -p $out/bin
@@ -41,6 +40,8 @@ stdenv.mkDerivation rec {
       $out/bin/jd-gui
   '';
 
+  dontStrip = true;
+
   meta = {
     description = "Fast Java Decompiler with powerful GUI";
     homepage    = "http://jd.benow.ca/";
diff --git a/pkgs/tools/security/nmap/default.nix b/pkgs/tools/security/nmap/default.nix
index 6495634da33b..cce737af9c1e 100644
--- a/pkgs/tools/security/nmap/default.nix
+++ b/pkgs/tools/security/nmap/default.nix
@@ -19,11 +19,11 @@ let
 
 in stdenv.mkDerivation rec {
   name = "nmap${optionalString graphicalSupport "-graphical"}-${version}";
-  version = "7.50";
+  version = "7.60";
 
   src = fetchurl {
     url = "https://nmap.org/dist/nmap-${version}.tar.bz2";
-    sha256 = "1ckl2qxqxkrfa2qxdrqyaa4k1hhj273aqckrc46fijdz0a76mag9";
+    sha256 = "08bga42ipymmbxd7wy4x5sl26c0ir1fm3n9rc6nqmhx69z66wyd8";
   };
 
   patches = ./zenmap.patch;
diff --git a/pkgs/tools/security/omapd/default.nix b/pkgs/tools/security/omapd/default.nix
index ae1c2c05f147..9e01e8f0a9f3 100644
--- a/pkgs/tools/security/omapd/default.nix
+++ b/pkgs/tools/security/omapd/default.nix
@@ -1,6 +1,6 @@
-{ stdenv, fetchurl, cmake, qt4, gdb, zlib }:
-stdenv.mkDerivation rec {
+{ stdenv, fetchurl, qt4, gdb, zlib }:
 
+stdenv.mkDerivation rec {
   name = "omapd-${version}";
   version = "0.9.2";
 
@@ -11,23 +11,20 @@ stdenv.mkDerivation rec {
 
   patches = [ ./zlib.patch ];
 
-  buildInputs = [ cmake qt4 zlib gdb ];
-
-  phases = [ "unpackPhase" "patchPhase" "buildPhase" "installPhase" ];
+  buildInputs = [ qt4 zlib gdb ];
 
   buildPhase = ''
     (cd plugins/RAMHashTables; qmake; make)
     qmake
     make
-    '';
+  '';
 
   installPhase = ''
-    mkdir -p $out $out/bin $out/etc $out/usr/lib/omapd/plugins
-    cp omapd $out/bin/.
-    cp omapd.conf $out/etc/.
-    cp plugins/libRAMHashTables.so $out/usr/lib/omapd/plugins/.
+    install -vD omapd $out/bin/omapd
+    install -vD omapd.conf $out/etc/omapd.conf
+    install -vD plugins/libRAMHashTables.so $out/usr/lib/omapd/plugins/libRAMHashTables.so
     ln -s $out/usr/lib/omapd/plugins $out/bin/plugins
-    '';
+  '';
 
   meta = with stdenv.lib; {
     homepage = http://code.google.com/p/omapd;
diff --git a/pkgs/tools/security/pius/default.nix b/pkgs/tools/security/pius/default.nix
index c81a01ef8962..af27fb6cd01f 100644
--- a/pkgs/tools/security/pius/default.nix
+++ b/pkgs/tools/security/pius/default.nix
@@ -13,7 +13,7 @@ stdenv.mkDerivation {
   buildInputs = [ python ];
 
   patchPhase = ''
-    sed -i "pius" -e's|/usr/bin/gpg|${gnupg}/bin/gpg2|g'
+    sed -i "pius" -e's|/usr/bin/gpg|${gnupg}/bin/gpg|g'
   '';
 
   dontBuild = true;
diff --git a/pkgs/tools/security/tboot/default.nix b/pkgs/tools/security/tboot/default.nix
index 506b1d398d54..8530aab4e706 100644
--- a/pkgs/tools/security/tboot/default.nix
+++ b/pkgs/tools/security/tboot/default.nix
@@ -1,16 +1,19 @@
 { stdenv, fetchurl, trousers, openssl, zlib }:
 
 stdenv.mkDerivation rec {
-  name = "tboot-1.8.2";
+  name = "tboot-${version}";
+  version = "1.9.6";
 
   src = fetchurl {
     url = "mirror://sourceforge/tboot/${name}.tar.gz";
-    sha256 = "1l9ccm7ik9fs7kzg1bjc5cjh0pcf4v0k1c84dmyr51r084i7p31m";
+    sha256 = "0f9afz260xhycpd0x5zz6jn8ha14i8j98rck0fhb55l1rbbfwm8v";
   };
 
+  patches = [ ./tboot-add-well-known-secret-option-to-lcp_writepol.patch ];
+
   buildInputs = [ trousers openssl zlib ];
 
-  patches = [ ./tboot-add-well-known-secret-option-to-lcp_writepol.patch ];
+  enableParallelBuilding = true;
 
   hardeningDisable = [ "pic" "stackprotector" ];
 
@@ -27,8 +30,7 @@ stdenv.mkDerivation rec {
     description = "A pre-kernel/VMM module that uses Intel(R) TXT to perform a measured and verified launch of an OS kernel/VMM";
     homepage    = http://sourceforge.net/projects/tboot/;
     license     = licenses.bsd3;
-    maintainers = [ maintainers.ak ];
+    maintainers = with maintainers; [ ak ];
     platforms   = platforms.linux;
   };
 }
-
diff --git a/pkgs/tools/security/volatility/default.nix b/pkgs/tools/security/volatility/default.nix
index 6f1b7fe6ef47..b64124b3c54d 100644
--- a/pkgs/tools/security/volatility/default.nix
+++ b/pkgs/tools/security/volatility/default.nix
@@ -1,19 +1,20 @@
 { stdenv, fetchurl, pythonPackages }:
 
 pythonPackages.buildPythonApplication rec {
-  name = "volatility-2.4";
+  version = "2.6";
+  name = "volatility-${version}";
 
   src = fetchurl {
-    url = "http://downloads.volatilityfoundation.org/releases/2.4/${name}.tar.gz";
-    sha256 = "1wffrkvj2lrkqhwamyix9fy05y6g6w8h1sz2iqlm6i6ag7yxykv8";
+    url = "http://downloads.volatilityfoundation.org/releases/${version}/${name}.zip";
+    sha256 = "15cjrx31nnqa3bpjkv0x05j7f2sb7pq46a72zh7qg55zf86hawsv";
   };
 
   doCheck = false;
 
-  propagatedBuildInputs = [ pythonPackages.pycrypto ];
+  propagatedBuildInputs = [ pythonPackages.pycrypto pythonPackages.distorm3 ];
 
   meta = with stdenv.lib; {
-    homepage = https://code.google.com/p/volatility;
+    homepage = http://www.volatilityfoundation.org/;
     description = "Advanced memory forensics framework";
     maintainers = with maintainers; [ bosu ];
     license = stdenv.lib.licenses.gpl2Plus;
diff --git a/pkgs/tools/security/vulnix/default.nix b/pkgs/tools/security/vulnix/default.nix
index a058c2ee1a87..1beb2268fc6c 100644
--- a/pkgs/tools/security/vulnix/default.nix
+++ b/pkgs/tools/security/vulnix/default.nix
@@ -1,10 +1,6 @@
-{ stdenv, pythonPackages, fetchurl, callPackage, nix, }:
+{ stdenv, pythonPackages, fetchurl, callPackage, nix }:
 
-let
-  external = callPackage ./requirements.nix {
-    inherit pythonPackages;
-  };
-in pythonPackages.buildPythonApplication rec{
+pythonPackages.buildPythonApplication rec {
   name = "${pname}-${version}";
   pname = "vulnix";
   version = "1.2.2";
@@ -28,7 +24,7 @@ in pythonPackages.buildPythonApplication rec{
     lxml
     pyyaml
     requests
-    external.zodb
+    zodb
   ]);
 
   checkPhase = "py.test";
diff --git a/pkgs/tools/security/vulnix/requirements.nix b/pkgs/tools/security/vulnix/requirements.nix
deleted file mode 100644
index ef33c289d137..000000000000
--- a/pkgs/tools/security/vulnix/requirements.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-{ pythonPackages, fetchurl, stdenv }:
-
-rec {
-  zodb = pythonPackages.buildPythonPackage {
-    name = "ZODB-5.2.0";
-    src = fetchurl {
-      url = "https://pypi.python.org/packages/1e/47/2f17075ca94a4a537ebd8e195c458456ef49aa67355ec805e478b8ad1959/ZODB-5.2.0.tar.gz";
-      sha256 = "11l495lyym2fpvalj18yvcqwnsp8gyp18sgv5v575k4s2035lz0x";
-    };
-    doCheck = false;
-    propagatedBuildInputs = [
-      transaction
-    ] ++ (with pythonPackages; [
-      six
-      wheel
-      zope_interface
-      zodbpickle
-      zconfig
-      persistent
-      zc_lockfile
-      BTrees
-    ]);
-
-    meta = with stdenv.lib; {
-      license = licenses.zpt21;
-      description = "Zope Object Database: object database and persistence";
-    };
-  };
-
-  transaction = pythonPackages.buildPythonPackage {
-    name = "transaction-2.0.3";
-    src = fetchurl {
-      url = "https://pypi.python.org/packages/8c/af/3ffafe85bcc93ecb09459f3f2bd8fbe142e9ab34048f9e2774543b470cbd/transaction-2.0.3.tar.gz";
-      sha256 = "67bfb81309ba9717edbb2ca2e5717c325b78beec0bf19f44e5b4b9410f82df7f";
-    };
-    propagatedBuildInputs = with pythonPackages; [
-      zope_interface
-      six
-      wheel
-      mock
-    ];
-    meta = with stdenv.lib; {
-      license = licenses.zpt21;
-      description = "Transaction management for Python";
-    };
-  };
-}