diff options
Diffstat (limited to 'pkgs/tools/security')
60 files changed, 1913 insertions, 933 deletions
diff --git a/pkgs/tools/security/acsccid/default.nix b/pkgs/tools/security/acsccid/default.nix index 5a771917311f..80fa0e2dc478 100644 --- a/pkgs/tools/security/acsccid/default.nix +++ b/pkgs/tools/security/acsccid/default.nix @@ -1,20 +1,21 @@ -{ stdenv, fetchFromGitHub, autoconf, automake, libtool, gettext, flex, perl, pkgconfig, pcsclite, libusb }: +{ stdenv, fetchFromGitHub, autoconf, automake, libtool, gettext, flex, perl, pkgconfig, pcsclite, libusb, libiconv }: stdenv.mkDerivation rec { - version = "1.1.6"; + version = "1.1.8"; pname = "acsccid"; src = fetchFromGitHub { owner = "acshk"; - repo = "acsccid"; - rev = "26bc84c738d12701e6a7289ed578671d71cbf3cb"; - sha256 = "09k7hvcay092wkyf0hjsvimg1h4qzss1nk7m5yanlib4ldhw5g5c"; + repo = pname; + rev = "v${version}"; + sha256 = "12aahrvsk21qgpjwcrr01s742ixs44nmjkvcvqyzhqb307x1rrn3"; }; doCheck = true; nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ pcsclite libusb autoconf automake libtool gettext flex perl ]; + buildInputs = [ pcsclite libusb autoconf automake libtool gettext flex perl ] + ++ stdenv.lib.optionals stdenv.isDarwin [ libiconv ]; postPatch = '' sed -e s_/bin/echo_echo_g -i src/Makefile.am diff --git a/pkgs/tools/security/aespipe/default.nix b/pkgs/tools/security/aespipe/default.nix index 69bef27258e8..e25416e55b88 100644 --- a/pkgs/tools/security/aespipe/default.nix +++ b/pkgs/tools/security/aespipe/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl }: +{ stdenv, fetchurl, sharutils, makeWrapper }: stdenv.mkDerivation rec { pname = "aespipe"; @@ -9,11 +9,19 @@ stdenv.mkDerivation rec { sha256 = "15pg9j27mjzl78mpzkdqd84kdafj0g6j72f8wgjrpp2qkxjy2ddi"; }; + nativeBuildInputs = [ makeWrapper ]; + configureFlags = [ "--enable-padlock" "--enable-intelaes" ]; + postInstall = '' + cp bz2aespipe $out/bin + wrapProgram $out/bin/bz2aespipe \ + --prefix PATH : $out/bin:${stdenv.lib.makeBinPath [ sharutils ]} + ''; + meta = with stdenv.lib; { description = "AES encrypting or decrypting pipe"; - homepage = http://loop-aes.sourceforge.net/aespipe.README; + homepage = "http://loop-aes.sourceforge.net/aespipe.README"; license = licenses.gpl2; maintainers = [ maintainers.goibhniu ]; platforms = platforms.linux; diff --git a/pkgs/tools/security/afl/qemu-patches/syscall-glibc2_30.diff b/pkgs/tools/security/afl/qemu-patches/syscall-glibc2_30.diff new file mode 100644 index 000000000000..aa2950bf157c --- /dev/null +++ b/pkgs/tools/security/afl/qemu-patches/syscall-glibc2_30.diff @@ -0,0 +1,51 @@ +--- qemu-2.10.0-clean/linux-user/syscall.c 2020-03-12 18:47:47.898592169 +0100 ++++ qemu-2.10.0/linux-user/syscall.c 2020-03-13 09:13:42.461809699 +0100 +@@ -34,6 +34,7 @@ + #include <sys/resource.h> + #include <sys/swap.h> + #include <linux/capability.h> ++#include <linux/sockios.h> // https://lkml.org/lkml/2019/6/3/988 + #include <sched.h> + #include <sys/timex.h> + #ifdef __ia64__ +@@ -256,7 +257,9 @@ static type name (type1 arg1,type2 arg2, + #endif + + #ifdef __NR_gettid +-_syscall0(int, gettid) ++// taken from https://patchwork.kernel.org/patch/10862231/ ++#define __NR_sys_gettid __NR_gettid ++_syscall0(int, sys_gettid) + #else + /* This is a replacement for the host gettid() and must return a host + errno. */ +@@ -6219,7 +6222,7 @@ static void *clone_func(void *arg) + cpu = ENV_GET_CPU(env); + thread_cpu = cpu; + ts = (TaskState *)cpu->opaque; +- info->tid = gettid(); ++ info->tid = sys_gettid(); + task_settid(ts); + if (info->child_tidptr) + put_user_u32(info->tid, info->child_tidptr); +@@ -6363,9 +6366,9 @@ static int do_fork(CPUArchState *env, un + mapping. We can't repeat the spinlock hack used above because + the child process gets its own copy of the lock. */ + if (flags & CLONE_CHILD_SETTID) +- put_user_u32(gettid(), child_tidptr); ++ put_user_u32(sys_gettid(), child_tidptr); + if (flags & CLONE_PARENT_SETTID) +- put_user_u32(gettid(), parent_tidptr); ++ put_user_u32(sys_gettid(), parent_tidptr); + ts = (TaskState *)cpu->opaque; + if (flags & CLONE_SETTLS) + cpu_set_tls (env, newtls); +@@ -11402,7 +11405,7 @@ abi_long do_syscall(void *cpu_env, int n + break; + #endif + case TARGET_NR_gettid: +- ret = get_errno(gettid()); ++ ret = get_errno(sys_gettid()); + break; + #ifdef TARGET_NR_readahead + case TARGET_NR_readahead: diff --git a/pkgs/tools/security/afl/qemu.nix b/pkgs/tools/security/afl/qemu.nix index 479de4b41850..b841ccb93d3c 100644 --- a/pkgs/tools/security/afl/qemu.nix +++ b/pkgs/tools/security/afl/qemu.nix @@ -52,6 +52,8 @@ stdenv.mkDerivation { "../${afl.src.name}/qemu_mode/patches/memfd.diff" # nix-specific patches to make installation more well-behaved ./qemu-patches/no-etc-install.patch + # patch for fixing qemu build on glibc >= 2.30 + ./qemu-patches/syscall-glibc2_30.diff ]; configureFlags = diff --git a/pkgs/tools/security/b3sum/add-cargo-lock.patch b/pkgs/tools/security/b3sum/add-cargo-lock.patch new file mode 100644 index 000000000000..309e0f147e71 --- /dev/null +++ b/pkgs/tools/security/b3sum/add-cargo-lock.patch @@ -0,0 +1,585 @@ +--- /dev/null 2020-01-18 15:11:39.204798767 +0100 ++++ b3sum/Cargo.lock 2020-01-24 14:27:29.593356345 +0100 +@@ -0,0 +1,582 @@ ++# This file is automatically @generated by Cargo. ++# It is not intended for manual editing. ++[[package]] ++name = "anyhow" ++version = "1.0.26" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "arrayref" ++version = "0.3.5" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "arrayvec" ++version = "0.5.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "assert_cmd" ++version = "0.12.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "doc-comment 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)", ++ "escargot 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "predicates 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)", ++ "predicates-core 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "predicates-tree 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "autocfg" ++version = "0.1.7" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "b3sum" ++version = "0.1.3" ++dependencies = [ ++ "anyhow 1.0.26 (registry+https://github.com/rust-lang/crates.io-index)", ++ "assert_cmd 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "blake3 0.1.3", ++ "clap 2.33.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "duct 0.13.3 (registry+https://github.com/rust-lang/crates.io-index)", ++ "hex 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "memmap 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "bitflags" ++version = "1.2.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "blake3" ++version = "0.1.3" ++dependencies = [ ++ "arrayref 0.3.5 (registry+https://github.com/rust-lang/crates.io-index)", ++ "arrayvec 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)", ++ "cc 1.0.50 (registry+https://github.com/rust-lang/crates.io-index)", ++ "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)", ++ "constant_time_eq 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", ++ "rayon 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "c2-chacha" ++version = "0.2.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "ppv-lite86 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "cc" ++version = "1.0.50" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "cfg-if" ++version = "0.1.10" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "clap" ++version = "2.33.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)", ++ "textwrap 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "unicode-width 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "constant_time_eq" ++version = "0.1.5" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "crossbeam-deque" ++version = "0.7.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "crossbeam-epoch 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "crossbeam-utils 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "crossbeam-epoch" ++version = "0.8.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)", ++ "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)", ++ "crossbeam-utils 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "memoffset 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)", ++ "scopeguard 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "crossbeam-queue" ++version = "0.2.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)", ++ "crossbeam-utils 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "crossbeam-utils" ++version = "0.7.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)", ++ "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)", ++ "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "difference" ++version = "2.0.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "doc-comment" ++version = "0.3.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "duct" ++version = "0.13.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)", ++ "once_cell 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)", ++ "os_pipe 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)", ++ "shared_child 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "either" ++version = "1.5.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "escargot" ++version = "0.5.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", ++ "serde 1.0.104 (registry+https://github.com/rust-lang/crates.io-index)", ++ "serde_json 1.0.45 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "getrandom" ++version = "0.1.14" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)", ++ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)", ++ "wasi 0.9.0+wasi-snapshot-preview1 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "hermit-abi" ++version = "0.1.6" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "hex" ++version = "0.4.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "itoa" ++version = "0.4.4" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "lazy_static" ++version = "1.4.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "libc" ++version = "0.2.66" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "log" ++version = "0.4.8" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "memmap" ++version = "0.7.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)", ++ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "memoffset" ++version = "0.5.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "rustc_version 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "num_cpus" ++version = "1.12.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "hermit-abi 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", ++ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "once_cell" ++version = "1.3.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "os_pipe" ++version = "0.9.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)", ++ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "ppv-lite86" ++version = "0.2.6" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "predicates" ++version = "1.0.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "difference 2.0.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "predicates-core 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "predicates-core" ++version = "1.0.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "predicates-tree" ++version = "1.0.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "predicates-core 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "treeline 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "proc-macro2" ++version = "1.0.8" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "unicode-xid 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "quote" ++version = "1.0.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "proc-macro2 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "rand" ++version = "0.7.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "getrandom 0.1.14 (registry+https://github.com/rust-lang/crates.io-index)", ++ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)", ++ "rand_chacha 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)", ++ "rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)", ++ "rand_hc 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "rand_chacha" ++version = "0.2.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "c2-chacha 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)", ++ "rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "rand_core" ++version = "0.5.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "getrandom 0.1.14 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "rand_hc" ++version = "0.2.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "rayon" ++version = "1.3.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "crossbeam-deque 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)", ++ "either 1.5.3 (registry+https://github.com/rust-lang/crates.io-index)", ++ "rayon-core 1.7.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "rayon-core" ++version = "1.7.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "crossbeam-deque 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)", ++ "crossbeam-queue 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)", ++ "crossbeam-utils 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "num_cpus 1.12.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "redox_syscall" ++version = "0.1.56" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "remove_dir_all" ++version = "0.5.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "rustc_version" ++version = "0.2.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "ryu" ++version = "1.0.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "scopeguard" ++version = "1.0.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "semver" ++version = "0.9.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "semver-parser 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "semver-parser" ++version = "0.7.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "serde" ++version = "1.0.104" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "serde_derive 1.0.104 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "serde_derive" ++version = "1.0.104" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "proc-macro2 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)", ++ "quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)", ++ "syn 1.0.14 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "serde_json" ++version = "1.0.45" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "itoa 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)", ++ "ryu 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)", ++ "serde 1.0.104 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "shared_child" ++version = "0.3.4" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)", ++ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "syn" ++version = "1.0.14" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "proc-macro2 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)", ++ "quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)", ++ "unicode-xid 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "tempfile" ++version = "3.1.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)", ++ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)", ++ "rand 0.7.3 (registry+https://github.com/rust-lang/crates.io-index)", ++ "redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)", ++ "remove_dir_all 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)", ++ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "textwrap" ++version = "0.11.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "unicode-width 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "treeline" ++version = "0.1.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "unicode-width" ++version = "0.1.7" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "unicode-xid" ++version = "0.2.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "wasi" ++version = "0.9.0+wasi-snapshot-preview1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "winapi" ++version = "0.3.8" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++dependencies = [ ++ "winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", ++] ++ ++[[package]] ++name = "winapi-i686-pc-windows-gnu" ++version = "0.4.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[[package]] ++name = "winapi-x86_64-pc-windows-gnu" ++version = "0.4.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++ ++[metadata] ++"checksum anyhow 1.0.26 (registry+https://github.com/rust-lang/crates.io-index)" = "7825f6833612eb2414095684fcf6c635becf3ce97fe48cf6421321e93bfbd53c" ++"checksum arrayref 0.3.5 (registry+https://github.com/rust-lang/crates.io-index)" = "0d382e583f07208808f6b1249e60848879ba3543f57c32277bf52d69c2f0f0ee" ++"checksum arrayvec 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cff77d8686867eceff3105329d4698d96c2391c176d5d03adc90c7389162b5b8" ++"checksum assert_cmd 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)" = "6283bac8dd7226470d491bc4737816fea4ca1fba7a2847f2e9097fd6bfb4624c" ++"checksum autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)" = "1d49d90015b3c36167a20fe2810c5cd875ad504b39cff3d4eae7977e6b7c1cb2" ++"checksum bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" ++"checksum c2-chacha 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "214238caa1bf3a496ec3392968969cab8549f96ff30652c9e56885329315f6bb" ++"checksum cc 1.0.50 (registry+https://github.com/rust-lang/crates.io-index)" = "95e28fa049fda1c330bcf9d723be7663a899c4679724b34c81e9f5a326aab8cd" ++"checksum cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)" = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" ++"checksum clap 2.33.0 (registry+https://github.com/rust-lang/crates.io-index)" = "5067f5bb2d80ef5d68b4c87db81601f0b75bca627bc2ef76b141d7b846a3c6d9" ++"checksum constant_time_eq 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc" ++"checksum crossbeam-deque 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)" = "c3aa945d63861bfe624b55d153a39684da1e8c0bc8fba932f7ee3a3c16cea3ca" ++"checksum crossbeam-epoch 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "5064ebdbf05ce3cb95e45c8b086f72263f4166b29b97f6baff7ef7fe047b55ac" ++"checksum crossbeam-queue 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "c695eeca1e7173472a32221542ae469b3e9aac3a4fc81f7696bcad82029493db" ++"checksum crossbeam-utils 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ce446db02cdc3165b94ae73111e570793400d0794e46125cc4056c81cbb039f4" ++"checksum difference 2.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "524cbf6897b527295dff137cec09ecf3a05f4fddffd7dfcd1585403449e74198" ++"checksum doc-comment 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "923dea538cea0aa3025e8685b20d6ee21ef99c4f77e954a30febbaac5ec73a97" ++"checksum duct 0.13.3 (registry+https://github.com/rust-lang/crates.io-index)" = "1607fa68d55be208e83bcfbcfffbc1ec65c9fbcf9eb1a5d548dc3ac0100743b0" ++"checksum either 1.5.3 (registry+https://github.com/rust-lang/crates.io-index)" = "bb1f6b1ce1c140482ea30ddd3335fc0024ac7ee112895426e0a629a6c20adfe3" ++"checksum escargot 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)" = "74cf96bec282dcdb07099f7e31d9fed323bca9435a09aba7b6d99b7617bca96d" ++"checksum getrandom 0.1.14 (registry+https://github.com/rust-lang/crates.io-index)" = "7abc8dd8451921606d809ba32e95b6111925cd2906060d2dcc29c070220503eb" ++"checksum hermit-abi 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "eff2656d88f158ce120947499e971d743c05dbcbed62e5bd2f38f1698bbc3772" ++"checksum hex 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "023b39be39e3a2da62a94feb433e91e8bcd37676fbc8bea371daf52b7a769a3e" ++"checksum itoa 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "501266b7edd0174f8530248f87f99c88fbe60ca4ef3dd486835b8d8d53136f7f" ++"checksum lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" ++"checksum libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)" = "d515b1f41455adea1313a4a2ac8a8a477634fbae63cc6100e3aebb207ce61558" ++"checksum log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)" = "14b6052be84e6b71ab17edffc2eeabf5c2c3ae1fdb464aae35ac50c67a44e1f7" ++"checksum memmap 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "6585fd95e7bb50d6cc31e20d4cf9afb4e2ba16c5846fc76793f11218da9c475b" ++"checksum memoffset 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)" = "75189eb85871ea5c2e2c15abbdd541185f63b408415e5051f5cac122d8c774b9" ++"checksum num_cpus 1.12.0 (registry+https://github.com/rust-lang/crates.io-index)" = "46203554f085ff89c235cd12f7075f3233af9b11ed7c9e16dfe2560d03313ce6" ++"checksum once_cell 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "b1c601810575c99596d4afc46f78a678c80105117c379eb3650cf99b8a21ce5b" ++"checksum os_pipe 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)" = "db4d06355a7090ce852965b2d08e11426c315438462638c6d721448d0b47aa22" ++"checksum ppv-lite86 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)" = "74490b50b9fbe561ac330df47c08f3f33073d2d00c150f719147d7c54522fa1b" ++"checksum predicates 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)" = "a9bfe52247e5cc9b2f943682a85a5549fb9662245caf094504e69a2f03fe64d4" ++"checksum predicates-core 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "06075c3a3e92559ff8929e7a280684489ea27fe44805174c3ebd9328dcb37178" ++"checksum predicates-tree 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "8e63c4859013b38a76eca2414c64911fba30def9e3202ac461a2d22831220124" ++"checksum proc-macro2 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)" = "3acb317c6ff86a4e579dfa00fc5e6cca91ecbb4e7eb2df0468805b674eb88548" ++"checksum quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)" = "053a8c8bcc71fcce321828dc897a98ab9760bef03a4fc36693c231e5b3216cfe" ++"checksum rand 0.7.3 (registry+https://github.com/rust-lang/crates.io-index)" = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" ++"checksum rand_chacha 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "03a2a90da8c7523f554344f921aa97283eadf6ac484a6d2a7d0212fa7f8d6853" ++"checksum rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" ++"checksum rand_hc 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" ++"checksum rayon 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "db6ce3297f9c85e16621bb8cca38a06779ffc31bb8184e1be4bed2be4678a098" ++"checksum rayon-core 1.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "08a89b46efaf957e52b18062fb2f4660f8b8a4dde1807ca002690868ef2c85a9" ++"checksum redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)" = "2439c63f3f6139d1b57529d16bc3b8bb855230c8efcc5d3a896c8bea7c3b1e84" ++"checksum remove_dir_all 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "4a83fa3702a688b9359eccba92d153ac33fd2e8462f9e0e3fdf155239ea7792e" ++"checksum rustc_version 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "138e3e0acb6c9fb258b19b67cb8abd63c00679d2851805ea151465464fe9030a" ++"checksum ryu 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)" = "bfa8506c1de11c9c4e4c38863ccbe02a305c8188e85a05a784c9e11e1c3910c8" ++"checksum scopeguard 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b42e15e59b18a828bbf5c58ea01debb36b9b096346de35d941dcb89009f24a0d" ++"checksum semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)" = "1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403" ++"checksum semver-parser 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" ++"checksum serde 1.0.104 (registry+https://github.com/rust-lang/crates.io-index)" = "414115f25f818d7dfccec8ee535d76949ae78584fc4f79a6f45a904bf8ab4449" ++"checksum serde_derive 1.0.104 (registry+https://github.com/rust-lang/crates.io-index)" = "128f9e303a5a29922045a830221b8f78ec74a5f544944f3d5984f8ec3895ef64" ++"checksum serde_json 1.0.45 (registry+https://github.com/rust-lang/crates.io-index)" = "eab8f15f15d6c41a154c1b128a22f2dfabe350ef53c40953d84e36155c91192b" ++"checksum shared_child 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)" = "8cebcf3a403e4deafaf34dc882c4a1b6a648b43e5670aa2e4bb985914eaeb2d2" ++"checksum syn 1.0.14 (registry+https://github.com/rust-lang/crates.io-index)" = "af6f3550d8dff9ef7dc34d384ac6f107e5d31c8f57d9f28e0081503f547ac8f5" ++"checksum tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6e24d9338a0a5be79593e2fa15a648add6138caa803e2d5bc782c371732ca9" ++"checksum textwrap 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)" = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060" ++"checksum treeline 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "a7f741b240f1a48843f9b8e0444fb55fb2a4ff67293b50a9179dfd5ea67f8d41" ++"checksum unicode-width 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)" = "caaa9d531767d1ff2150b9332433f32a24622147e5ebb1f26409d5da67afd479" ++"checksum unicode-xid 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "826e7639553986605ec5979c7dd957c7895e93eabed50ab2ffa7f6128a75097c" ++"checksum wasi 0.9.0+wasi-snapshot-preview1 (registry+https://github.com/rust-lang/crates.io-index)" = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" ++"checksum winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)" = "8093091eeb260906a183e6ae1abdba2ef5ef2257a21801128899c3fc699229c6" ++"checksum winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" ++"checksum winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" diff --git a/pkgs/tools/security/b3sum/default.nix b/pkgs/tools/security/b3sum/default.nix new file mode 100644 index 000000000000..6f783d07ced8 --- /dev/null +++ b/pkgs/tools/security/b3sum/default.nix @@ -0,0 +1,26 @@ +{ lib, fetchFromGitHub, rustPlatform }: + +rustPlatform.buildRustPackage rec { + pname = "b3sum"; + version = "0.1.3"; + + src = fetchFromGitHub { + owner = "BLAKE3-team"; + repo = "BLAKE3"; + rev = version; + sha256 = "1aigwwv576ybb3x3fppq46kbvd3k4fc4w1hh2hkzyyic6fibwbpy"; + }; + + sourceRoot = "source/b3sum"; + + cargoSha256 = "1rqhz2r60603mylazn37mkm783qb7qhjcg8cqss0iy1g752f3f2i"; + + cargoPatches = [ ./add-cargo-lock.patch ]; + + meta = { + description = "BLAKE3 cryptographic hash function"; + homepage = "https://github.com/BLAKE3-team/BLAKE3/"; + maintainers = with lib.maintainers; [ fpletz ]; + license = with lib.licenses; [ cc0 asl20 ]; + }; +} diff --git a/pkgs/tools/security/bitwarden/default.nix b/pkgs/tools/security/bitwarden/default.nix index fbef98df82d7..f2abc376cd27 100644 --- a/pkgs/tools/security/bitwarden/default.nix +++ b/pkgs/tools/security/bitwarden/default.nix @@ -16,11 +16,11 @@ let pname = "bitwarden"; version = { - x86_64-linux = "1.16.6"; + x86_64-linux = "1.17.2"; }.${system} or ""; sha256 = { - x86_64-linux = "074hqm4gjljc82nhn7h6wsd74567390018fi3v38g7jh7aph10jj"; + x86_64-linux = "0v7lrwj3sdypnqayknwg0cg9c2gfsxbjic5wswkfxljy652x8izx"; }.${system} or ""; meta = with stdenv.lib; { diff --git a/pkgs/tools/security/bitwarden_rs/cargo-lock-lettre.patch b/pkgs/tools/security/bitwarden_rs/cargo-lock-lettre.patch deleted file mode 100644 index d9f491ca290a..000000000000 --- a/pkgs/tools/security/bitwarden_rs/cargo-lock-lettre.patch +++ /dev/null @@ -1,58 +0,0 @@ -diff --git a/Cargo.lock b/Cargo.lock -index 2e0b695..6d23410 100644 ---- a/Cargo.lock -+++ b/Cargo.lock -@@ -114,8 +114,8 @@ dependencies = [ - "handlebars 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)", - "jsonwebtoken 6.0.1 (registry+https://github.com/rust-lang/crates.io-index)", - "lazy_static 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)", -- "lettre 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)", -- "lettre_email 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)", -+ "lettre 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)", -+ "lettre_email 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)", - "libsqlite3-sys 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)", - "log 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)", - "multipart 0.16.1 (registry+https://github.com/rust-lang/crates.io-index)", -@@ -1007,13 +1007,11 @@ source = "registry+https://github.com/rust-lang/crates.io-index" - - [[package]] - name = "lettre" --version = "0.9.1" -+version = "0.9.2" - source = "registry+https://github.com/rust-lang/crates.io-index" - dependencies = [ - "base64 0.10.1 (registry+https://github.com/rust-lang/crates.io-index)", - "bufstream 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)", -- "failure 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", -- "failure_derive 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", - "fast_chemail 0.9.6 (registry+https://github.com/rust-lang/crates.io-index)", - "hostname 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", - "log 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)", -@@ -1026,14 +1024,12 @@ dependencies = [ - - [[package]] - name = "lettre_email" --version = "0.9.1" -+version = "0.9.2" - source = "registry+https://github.com/rust-lang/crates.io-index" - dependencies = [ - "base64 0.10.1 (registry+https://github.com/rust-lang/crates.io-index)", - "email 0.0.20 (registry+https://github.com/rust-lang/crates.io-index)", -- "failure 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", -- "failure_derive 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", -- "lettre 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)", -+ "lettre 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)", - "mime 0.3.13 (registry+https://github.com/rust-lang/crates.io-index)", - "time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)", - "uuid 0.7.4 (registry+https://github.com/rust-lang/crates.io-index)", -@@ -2858,8 +2854,8 @@ dependencies = [ - "checksum language-tags 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "a91d884b6667cd606bb5a69aa0c99ba811a115fc68915e7056ec08a46e93199a" - "checksum lazy_static 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "bc5729f27f159ddd61f4df6228e827e86643d4d3e7c32183cb30a1c08f604a14" - "checksum lazycell 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "b294d6fa9ee409a054354afc4352b0b9ef7ca222c69b8812cbea9e7d2bf3783f" --"checksum lettre 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)" = "646aee0a55545eaffdf0df1ac19b500b51adb3095ec4dfdc704134e56ea23531" --"checksum lettre_email 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)" = "ae1b3d43e4bb7beb9974a359cbb3ea4f93dfba6c1c0c6e9c9f82e538e0f9ab9f" -+"checksum lettre 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)" = "c66afaa5dfadbb81d4e00fd1d1ab057c7cd4c799c5a44e0009386d553587e728" -+"checksum lettre_email 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)" = "bbb68ca999042d965476e47bbdbacd52db0927348b6f8062c44dd04a3b1fd43b" - "checksum libc 0.2.55 (registry+https://github.com/rust-lang/crates.io-index)" = "42914d39aad277d9e176efbdad68acb1d5443ab65afe0e0e4f0d49352a950880" - "checksum libsqlite3-sys 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)" = "fd6457c70bbff456d9fe49deaba35ec47c3e598bf8d7950ff0575ceb7a8a6ad1" - "checksum lock_api 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "62ebf1391f6acad60e5c8b43706dde4582df75c06698ab44511d15016bc2442c" diff --git a/pkgs/tools/security/bitwarden_rs/default.nix b/pkgs/tools/security/bitwarden_rs/default.nix index f04996f1b431..cd71ea99fecb 100644 --- a/pkgs/tools/security/bitwarden_rs/default.nix +++ b/pkgs/tools/security/bitwarden_rs/default.nix @@ -1,31 +1,43 @@ -{ stdenv, rustPlatform, fetchFromGitHub, pkgconfig, openssl, Security, CoreServices }: +{ stdenv, rustPlatform, fetchFromGitHub +, pkgconfig, openssl +, Security, CoreServices +, dbBackend ? "sqlite", libmysqlclient, postgresql }: -rustPlatform.buildRustPackage rec { +let + featuresFlag = "--features ${dbBackend}"; + +in rustPlatform.buildRustPackage rec { pname = "bitwarden_rs"; - version = "1.9.1"; + version = "1.14"; src = fetchFromGitHub { owner = "dani-garcia"; repo = pname; rev = version; - sha256 = "0jfb4b2lp2v01aw615lx0qj1qh73hyrbjn9kva7zqp74wcfw12gp"; + sha256 = "1ck0l0167kw1i5fjn507g4d18x2krbpk2ks0lnw9vzg0bwnzzwwd"; }; - cargoPatches = [ - # type annotations required: cannot resolve `std::string::String: std::convert::AsRef<_>` - ./cargo-lock-lettre.patch - ]; - nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ openssl ] ++ stdenv.lib.optionals stdenv.isDarwin [ Security CoreServices ]; + buildInputs = with stdenv.lib; [ openssl ] + ++ optionals stdenv.isDarwin [ Security CoreServices ] + ++ optional (dbBackend == "mysql") libmysqlclient + ++ optional (dbBackend == "postgresql") postgresql; RUSTC_BOOTSTRAP = 1; - cargoSha256 = "0p39gqrqdmgqhngp1qyh6jl0sp0ifj5n3bxfqafjbspb4zph3ls4"; + cargoSha256 = "0cgk61dmc057p82g0apd4sx6a8vhvcipxikrdb0hds4frhqsr6i8"; + cargoBuildFlags = [ featuresFlag ]; + + checkPhase = '' + runHook preCheck + echo "Running cargo cargo test ${featuresFlag} -- ''${checkFlags} ''${checkFlagsArray+''${checkFlagsArray[@]}}" + cargo test ${featuresFlag} -- ''${checkFlags} ''${checkFlagsArray+"''${checkFlagsArray[@]}"} + runHook postCheck + ''; meta = with stdenv.lib; { - description = "An unofficial lightweight implementation of the Bitwarden server API using Rust and SQLite"; - homepage = https://github.com/dani-garcia/bitwarden_rs; + description = "Unofficial Bitwarden compatible server written in Rust"; + homepage = "https://github.com/dani-garcia/bitwarden_rs"; license = licenses.gpl3; maintainers = with maintainers; [ msteen ]; platforms = platforms.all; diff --git a/pkgs/tools/security/bitwarden_rs/vault.nix b/pkgs/tools/security/bitwarden_rs/vault.nix index 51dde99bcf19..0ce9d43f967a 100644 --- a/pkgs/tools/security/bitwarden_rs/vault.nix +++ b/pkgs/tools/security/bitwarden_rs/vault.nix @@ -2,22 +2,23 @@ stdenv.mkDerivation rec { pname = "bitwarden_rs-vault"; - version = "2.12.0"; + version = "2.12.0e"; src = fetchurl { url = "https://github.com/dani-garcia/bw_web_builds/releases/download/v${version}/bw_web_v${version}.tar.gz"; - sha256 = "064dxfplqn67grpx03ryzshwmr7s00w4mll0hk0anddviwvd8r1n"; + sha256 = "1jy3c5ywlplrjsy37i90x5s8k0i5n1mn8y0fyl074s807glqaxbf"; }; buildCommand = '' - mkdir -p $out/share/bitwarden_rs/vault - cd $out/share/bitwarden_rs/vault + mkdir -p $out/share/bitwarden_rs/ + cd $out/share/bitwarden_rs/ tar xf $src + mv web-vault vault ''; meta = with stdenv.lib; { description = "Integrates the web vault into bitwarden_rs"; - homepage = https://github.com/dani-garcia/bw_web_builds; + homepage = "https://github.com/dani-garcia/bw_web_builds"; platforms = platforms.all; license = licenses.gpl3; maintainers = with maintainers; [ msteen ]; diff --git a/pkgs/tools/security/brutespray/default.nix b/pkgs/tools/security/brutespray/default.nix new file mode 100644 index 000000000000..be7c99f52527 --- /dev/null +++ b/pkgs/tools/security/brutespray/default.nix @@ -0,0 +1,40 @@ +{ stdenv, python3, fetchFromGitHub, makeWrapper, medusa }: + +stdenv.mkDerivation rec { + pname = "brutespray"; + version = "1.6.6"; + + src = fetchFromGitHub { + owner = "x90skysn3k"; + repo = pname; + rev = "brutespray-${version}"; + sha256 = "1rj8fkq1xz4ph1pmldphlsa25mg6xl7i7dranb0qjx00jhfxjxjh"; + }; + + postPatch = '' + substituteInPlace brutespray.py \ + --replace "/usr/share/brutespray" "$out/share/brutespray" + ''; + + dontBuild = true; + nativeBuildInputs = [ python3.pkgs.wrapPython makeWrapper ]; + buildInputs = [ python3 ]; + + installPhase = '' + install -Dm0755 brutespray.py $out/bin/brutespray + patchShebangs $out/bin + patchPythonScript $out/bin/brutespray + wrapProgram $out/bin/brutespray \ + --prefix PATH : ${stdenv.lib.makeBinPath [ medusa ]} + + mkdir -p $out/share/brutespray + cp -r wordlist/ $out/share/brutespray/wordlist + ''; + + meta = with stdenv.lib; { + homepage = "https://github.com/x90skysn3k/brutespray"; + description = "Brute-Forcing from Nmap output - Automatically attempts default creds on found services"; + license = licenses.mit; + maintainers = with maintainers; [ ma27 ]; + }; +} diff --git a/pkgs/tools/security/chipsec/default.nix b/pkgs/tools/security/chipsec/default.nix index 7b4c8cf68eb8..7d7456309899 100644 --- a/pkgs/tools/security/chipsec/default.nix +++ b/pkgs/tools/security/chipsec/default.nix @@ -2,13 +2,13 @@ , kernel ? null, withDriver ? false }: pythonPackages.buildPythonApplication rec { name = "chipsec-${version}"; - version = "1.4.1"; + version = "1.4.7"; src = fetchFromGitHub { owner = "chipsec"; repo = "chipsec"; rev = version; - sha256 = "043gf21zygvrzvvkwv5xxpcv3ryj5m8klkgyhq0lnh6k594qrg77"; + sha256 = "11qi4m4hqkylf1wd7f921r0p7xg5prpmfkmb7l9nn7sb95zz0sjr"; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/chrome-token-signing/default.nix b/pkgs/tools/security/chrome-token-signing/default.nix index 76c845e7a99e..09c62d4b61a1 100644 --- a/pkgs/tools/security/chrome-token-signing/default.nix +++ b/pkgs/tools/security/chrome-token-signing/default.nix @@ -1,14 +1,14 @@ -{ mkDerivation, fetchFromGitHub, qmake, pcsclite, pkgconfig, opensc }: +{ stdenv, mkDerivation, fetchFromGitHub, qmake, pcsclite, pkgconfig, opensc }: mkDerivation rec { pname = "chrome-token-signing"; - version = "1.0.7"; + version = "1.1.1"; src = fetchFromGitHub { owner = "open-eid"; repo = "chrome-token-signing"; rev = "v${version}"; - sha256 = "1icbr5gyf7qqk1qjgcrf6921ws84j5h8zrpzw5mirq4582l5gsav"; + sha256 = "1gh4gm0krz8m5vgwkjzg9al82rrrrsikzjh180jy7ha808ib2drw"; }; buildInputs = [ qmake pcsclite pkgconfig ]; @@ -27,4 +27,12 @@ mkDerivation rec { install -D -t $out/etc/chromium/native-messaging-hosts host-linux/ee.ria.esteid.json install -D -t $out/lib/mozilla/native-messaging-hosts host-linux/ff/ee.ria.esteid.json ''; + + meta = with stdenv.lib; { + description = "Chrome and Firefox extension for signing with your eID on the web"; + homepage = "https://github.com/open-eid/chrome-token-signing/wiki"; + license = licenses.lgpl21; + maintainers = [ maintainers.mmahut ]; + platforms = platforms.linux; + }; } diff --git a/pkgs/tools/security/clamav/default.nix b/pkgs/tools/security/clamav/default.nix index 43f56352ceb3..6cb2eaa7d33e 100644 --- a/pkgs/tools/security/clamav/default.nix +++ b/pkgs/tools/security/clamav/default.nix @@ -5,11 +5,11 @@ stdenv.mkDerivation rec { pname = "clamav"; - version = "0.102.1"; + version = "0.102.2"; src = fetchurl { url = "https://www.clamav.net/downloads/production/${pname}-${version}.tar.gz"; - sha256 = "1mpdgn3isz26hd1j6p8lcb76v8hjs54k1wb655rnil4hv78aig8d"; + sha256 = "1lq7r6r2yl8pp3fkn32b0bsmbbl9pg90kpvhsa2clad3xg0drz49"; }; # don't install sample config files into the absolute sysconfdir folder diff --git a/pkgs/tools/security/clevis/default.nix b/pkgs/tools/security/clevis/default.nix new file mode 100644 index 000000000000..4acec7c8a5ba --- /dev/null +++ b/pkgs/tools/security/clevis/default.nix @@ -0,0 +1,27 @@ +{ lib, stdenv, fetchFromGitHub, meson, ninja, pkgconfig, asciidoc +, jansson, jose, cryptsetup, curl, libpwquality, luksmeta +}: + +stdenv.mkDerivation rec { + pname = "clevis"; + version = "12"; + + src = fetchFromGitHub { + owner = "latchset"; + repo = pname; + rev = "v${version}"; + sha256 = "1dbyl3c21h841w9lrrq6gd5y6dhamr0z5ixd87jz86cn02lznp5m"; + }; + + nativeBuildInputs = [ meson ninja pkgconfig asciidoc ]; + buildInputs = [ jansson jose cryptsetup curl libpwquality luksmeta ]; + + outputs = [ "out" "man" ]; + + meta = { + description = "Automated Encryption Framework"; + homepage = "https://github.com/latchset/clevis"; + maintainers = with lib.maintainers; [ fpletz ]; + license = lib.licenses.gpl3Plus; + }; +} diff --git a/pkgs/tools/security/default.nix b/pkgs/tools/security/ecdsatool/default.nix index 0e57a5bab884..0e57a5bab884 100644 --- a/pkgs/tools/security/default.nix +++ b/pkgs/tools/security/ecdsatool/default.nix diff --git a/pkgs/tools/security/fail2ban/default.nix b/pkgs/tools/security/fail2ban/default.nix index 4ec84353e4ee..39017d09886e 100644 --- a/pkgs/tools/security/fail2ban/default.nix +++ b/pkgs/tools/security/fail2ban/default.nix @@ -1,6 +1,6 @@ { stdenv, fetchFromGitHub, python3, gamin }: -let version = "0.10.5"; in +let version = "0.11.1"; in python3.pkgs.buildPythonApplication { pname = "fail2ban"; @@ -10,7 +10,7 @@ python3.pkgs.buildPythonApplication { owner = "fail2ban"; repo = "fail2ban"; rev = version; - sha256 = "1s8g46vkwhqnagj69v4wvcasypzkmq7awhfbxahffrypcpad5ach"; + sha256 = "0kqvkxpb72y3kgmxf6g36w67499c6gcd2a9yyblagwx12y05f1sh"; }; pythonPath = with python3.pkgs; @@ -50,7 +50,7 @@ python3.pkgs.buildPythonApplication { ''; meta = with stdenv.lib; { - homepage = http://www.fail2ban.org/; + homepage = https://www.fail2ban.org/; description = "A program that scans log files for repeated failing login attempts and bans IP addresses"; license = licenses.gpl2Plus; maintainers = with maintainers; [ eelco lovek323 fpletz ]; diff --git a/pkgs/tools/security/fido2luks/default.nix b/pkgs/tools/security/fido2luks/default.nix index 4682a09acf5c..729a3f7297cb 100644 --- a/pkgs/tools/security/fido2luks/default.nix +++ b/pkgs/tools/security/fido2luks/default.nix @@ -19,8 +19,7 @@ rustPlatform.buildRustPackage rec { buildInputs = [ cryptsetup ]; nativeBuildInputs = [ pkg-config ]; - cargoSha256 = "1i37k4ih6118z3wip2qh4jqk7ja2z0v1w8dri1lwqwlciqw17zi9"; - verifyCargoDeps = true; + cargoSha256 = "0rp4f6xnwmvf3pv6h0qwsg01jrndf77yn67675ac39kxzmrzfy2f"; meta = with stdenv.lib; { description = "Decrypt your LUKS partition using a FIDO2 compatible authenticator"; diff --git a/pkgs/tools/security/gnupg/22.nix b/pkgs/tools/security/gnupg/22.nix index 9aa92fd6829f..203f50a9c0e9 100644 --- a/pkgs/tools/security/gnupg/22.nix +++ b/pkgs/tools/security/gnupg/22.nix @@ -33,6 +33,9 @@ stdenv.mkDerivation rec { patches = [ ./fix-libusb-include-path.patch ./0001-dirmngr-Only-use-SKS-pool-CA-for-SKS-pool.patch + ./tests-add-test-cases-for-import-without-uid.patch + ./allow-import-of-previously-known-keys-even-without-UI.patch + ./accept-subkeys-with-a-good-revocation-but-no-self-sig.patch ]; postPatch = '' sed -i 's,hkps://hkps.pool.sks-keyservers.net,hkps://keys.openpgp.org,g' \ diff --git a/pkgs/tools/security/gnupg/accept-subkeys-with-a-good-revocation-but-no-self-sig.patch b/pkgs/tools/security/gnupg/accept-subkeys-with-a-good-revocation-but-no-self-sig.patch new file mode 100644 index 000000000000..5cbec92ae683 --- /dev/null +++ b/pkgs/tools/security/gnupg/accept-subkeys-with-a-good-revocation-but-no-self-sig.patch @@ -0,0 +1,32 @@ +From: Vincent Breitmoser <look@my.amazin.horse> +Date: Thu, 13 Jun 2019 21:27:43 +0200 +Subject: gpg: accept subkeys with a good revocation but no self-sig during + import + +* g10/import.c (chk_self_sigs): Set the NODE_GOOD_SELFSIG flag when we +encounter a valid revocation signature. This allows import of subkey +revocation signatures, even in the absence of a corresponding subkey +binding signature. + +-- + +This fixes the remaining test in import-incomplete.scm. + +GnuPG-Bug-id: 4393 +Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +--- + g10/import.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/g10/import.c b/g10/import.c +index 4fdf248..ee2fed8 100644 +--- a/g10/import.c ++++ b/g10/import.c +@@ -3613,6 +3613,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self) + /* It's valid, so is it newer? */ + if (sig->timestamp >= rsdate) + { ++ knode->flag |= NODE_GOOD_SELFSIG; /* Subkey is valid. */ + if (rsnode) + { + /* Delete the last revocation sig since diff --git a/pkgs/tools/security/gnupg/allow-import-of-previously-known-keys-even-without-UI.patch b/pkgs/tools/security/gnupg/allow-import-of-previously-known-keys-even-without-UI.patch new file mode 100644 index 000000000000..723a6952044e --- /dev/null +++ b/pkgs/tools/security/gnupg/allow-import-of-previously-known-keys-even-without-UI.patch @@ -0,0 +1,106 @@ +From: Vincent Breitmoser <look@my.amazin.horse> +Date: Thu, 13 Jun 2019 21:27:42 +0200 +Subject: gpg: allow import of previously known keys, even without UIDs + +* g10/import.c (import_one): Accept an incoming OpenPGP certificate that +has no user id, as long as we already have a local variant of the cert +that matches the primary key. + +-- + +This fixes two of the three broken tests in import-incomplete.scm. + +GnuPG-Bug-id: 4393 +Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +--- + g10/import.c | 44 +++++++++++--------------------------------- + 1 file changed, 11 insertions(+), 33 deletions(-) + +diff --git a/g10/import.c b/g10/import.c +index 95d419a..4fdf248 100644 +--- a/g10/import.c ++++ b/g10/import.c +@@ -1792,7 +1792,6 @@ import_one_real (ctrl_t ctrl, + size_t an; + char pkstrbuf[PUBKEY_STRING_SIZE]; + int merge_keys_done = 0; +- int any_filter = 0; + KEYDB_HANDLE hd = NULL; + + if (r_valid) +@@ -1829,14 +1828,6 @@ import_one_real (ctrl_t ctrl, + log_printf ("\n"); + } + +- +- if (!uidnode ) +- { +- if (!silent) +- log_error( _("key %s: no user ID\n"), keystr_from_pk(pk)); +- return 0; +- } +- + if (screener && screener (keyblock, screener_arg)) + { + log_error (_("key %s: %s\n"), keystr_from_pk (pk), +@@ -1911,17 +1902,10 @@ import_one_real (ctrl_t ctrl, + } + } + +- if (!delete_inv_parts (ctrl, keyblock, keyid, options ) ) +- { +- if (!silent) +- { +- log_error( _("key %s: no valid user IDs\n"), keystr_from_pk(pk)); +- if (!opt.quiet ) +- log_info(_("this may be caused by a missing self-signature\n")); +- } +- stats->no_user_id++; +- return 0; +- } ++ /* Delete invalid parts, and note if we have any valid ones left. ++ * We will later abort import if this key is new but contains ++ * no valid uids. */ ++ delete_inv_parts (ctrl, keyblock, keyid, options); + + /* Get rid of deleted nodes. */ + commit_kbnode (&keyblock); +@@ -1931,24 +1915,11 @@ import_one_real (ctrl_t ctrl, + { + apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid); + commit_kbnode (&keyblock); +- any_filter = 1; + } + if (import_filter.drop_sig) + { + apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig); + commit_kbnode (&keyblock); +- any_filter = 1; +- } +- +- /* If we ran any filter we need to check that at least one user id +- * is left in the keyring. Note that we do not use log_error in +- * this case. */ +- if (any_filter && !any_uid_left (keyblock)) +- { +- if (!opt.quiet ) +- log_info ( _("key %s: no valid user IDs\n"), keystr_from_pk (pk)); +- stats->no_user_id++; +- return 0; + } + + /* The keyblock is valid and ready for real import. */ +@@ -2006,6 +1977,13 @@ import_one_real (ctrl_t ctrl, + err = 0; + stats->skipped_new_keys++; + } ++ else if (err && !any_uid_left (keyblock)) ++ { ++ if (!silent) ++ log_info( _("key %s: new key but contains no user ID - skipped\n"), keystr(keyid)); ++ err = 0; ++ stats->no_user_id++; ++ } + else if (err) /* Insert this key. */ + { + /* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY. */ diff --git a/pkgs/tools/security/gnupg/tests-add-test-cases-for-import-without-uid.patch b/pkgs/tools/security/gnupg/tests-add-test-cases-for-import-without-uid.patch new file mode 100644 index 000000000000..37ddeea22495 --- /dev/null +++ b/pkgs/tools/security/gnupg/tests-add-test-cases-for-import-without-uid.patch @@ -0,0 +1,201 @@ +From: Vincent Breitmoser <look@my.amazin.horse> +Date: Thu, 13 Jun 2019 21:27:41 +0200 +Subject: tests: add test cases for import without uid + +This commit adds a test case that does the following, in order: +- Import of a primary key plus user id +- Check that import of a subkey works, without a user id present in the +imported key +- Check that import of a subkey revocation works, without a user id or +subkey binding signature present in the imported key +- Check that import of a primary key revocation works, without a user id +present in the imported key + +-- + +Note that this test currently fails. The following changesets will +fix gpg so that the tests pass. + +GnuPG-Bug-id: 4393 +Signed-Off-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +--- + tests/openpgp/Makefile.am | 1 + + tests/openpgp/import-incomplete.scm | 68 ++++++++++++++++++++++ + .../import-incomplete/primary+revocation.asc | 9 +++ + .../primary+subkey+sub-revocation.asc | 10 ++++ + .../import-incomplete/primary+subkey+sub-sig.asc | 10 ++++ + .../openpgp/import-incomplete/primary+uid-sig.asc | 10 ++++ + tests/openpgp/import-incomplete/primary+uid.asc | 10 ++++ + 7 files changed, 118 insertions(+) + create mode 100755 tests/openpgp/import-incomplete.scm + create mode 100644 tests/openpgp/import-incomplete/primary+revocation.asc + create mode 100644 tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc + create mode 100644 tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc + create mode 100644 tests/openpgp/import-incomplete/primary+uid-sig.asc + create mode 100644 tests/openpgp/import-incomplete/primary+uid.asc + +diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am +index f6014c9..6423da1 100644 +--- a/tests/openpgp/Makefile.am ++++ b/tests/openpgp/Makefile.am +@@ -78,6 +78,7 @@ XTESTS = \ + gpgv-forged-keyring.scm \ + armor.scm \ + import.scm \ ++ import-incomplete.scm \ + import-revocation-certificate.scm \ + ecc.scm \ + 4gb-packet.scm \ +diff --git a/tests/openpgp/import-incomplete.scm b/tests/openpgp/import-incomplete.scm +new file mode 100755 +index 0000000..727a027 +--- /dev/null ++++ b/tests/openpgp/import-incomplete.scm +@@ -0,0 +1,68 @@ ++#!/usr/bin/env gpgscm ++ ++;; Copyright (C) 2016 g10 Code GmbH ++;; ++;; This file is part of GnuPG. ++;; ++;; GnuPG is free software; you can redistribute it and/or modify ++;; it under the terms of the GNU General Public License as published by ++;; the Free Software Foundation; either version 3 of the License, or ++;; (at your option) any later version. ++;; ++;; GnuPG is distributed in the hope that it will be useful, ++;; but WITHOUT ANY WARRANTY; without even the implied warranty of ++;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++;; GNU General Public License for more details. ++;; ++;; You should have received a copy of the GNU General Public License ++;; along with this program; if not, see <http://www.gnu.org/licenses/>. ++ ++(load (in-srcdir "tests" "openpgp" "defs.scm")) ++(setup-environment) ++ ++(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+uid.asc"))) ++ ++(info "Test import of new subkey, from a certificate without uid") ++(define keyid "573EA710367356BB") ++(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+subkey+sub-sig.asc"))) ++(tr:do ++ (tr:pipe-do ++ (pipe:gpg `(--list-keys --with-colons ,keyid))) ++ (tr:call-with-content ++ (lambda (c) ++ ;; XXX we do not have a regexp library ++ (unless (any (lambda (line) ++ (and (string-prefix? line "sub:") ++ (string-contains? line "573EA710367356BB"))) ++ (string-split-newlines c)) ++ (exit 1))))) ++ ++(info "Test import of a subkey revocation, from a certificate without uid") ++(define keyid "573EA710367356BB") ++(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+subkey+sub-revocation.asc"))) ++(tr:do ++ (tr:pipe-do ++ (pipe:gpg `(--list-keys --with-colons ,keyid))) ++ (tr:call-with-content ++ (lambda (c) ++ ;; XXX we do not have a regexp library ++ (unless (any (lambda (line) ++ (and (string-prefix? line "sub:r:") ++ (string-contains? line "573EA710367356BB"))) ++ (string-split-newlines c)) ++ (exit 1))))) ++ ++(info "Test import of revocation, from a certificate without uid") ++(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+revocation.asc"))) ++(tr:do ++ (tr:pipe-do ++ (pipe:gpg `(--list-keys --with-colons ,keyid))) ++ (tr:call-with-content ++ (lambda (c) ++ ;; XXX we do not have a regexp library ++ (unless (any (lambda (line) ++ (and (string-prefix? line "pub:r:") ++ (string-contains? line "0843DA969AA8DAFB"))) ++ (string-split-newlines c)) ++ (exit 1))))) ++ +diff --git a/tests/openpgp/import-incomplete/primary+revocation.asc b/tests/openpgp/import-incomplete/primary+revocation.asc +new file mode 100644 +index 0000000..6b7b608 +--- /dev/null ++++ b/tests/openpgp/import-incomplete/primary+revocation.asc +@@ -0,0 +1,9 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Comment: [E] primary key, revocation signature over primary (no user ID) ++ ++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ ++631VAN2IeAQgFggAIBYhBLRpj5W82H/gSMzKKQhD2paaqNr7BQJc2ZQZAh0AAAoJ ++EAhD2paaqNr7qAwA/2jBUpnN0BxwRO/4CrxvrLIsL+C9aSXJUOTv8XkP4lvtAQD3 ++XsDFfFNgEueiTfF7HtOGt5LPmRqVvUpQSMVgJJW6CQ== ++=tM90 ++-----END PGP PUBLIC KEY BLOCK----- +diff --git a/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc b/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc +new file mode 100644 +index 0000000..83a51a5 +--- /dev/null ++++ b/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc +@@ -0,0 +1,10 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Comment: [D] primary key, subkey, subkey revocation (no user ID) ++ ++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ ++631VAN24OARc2ZQhEgorBgEEAZdVAQUBAQdABsd5ha0AWXdXcSmfeiWIfrNcGqQK ++j++lwwWDAOlkVicDAQgHiHgEKBYIACAWIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC ++XNmnkAIdAgAKCRAIQ9qWmqja+ylaAQDmIKf86BJEq4OpDqU+V9D+wn2cyuxbyWVQ ++3r9LiL9qNwD/QAjyrhSN8L3Mfq+wdTHo5i0yB9ZCCpHLXSbhCqfWZwQ= ++=dwx2 ++-----END PGP PUBLIC KEY BLOCK----- +diff --git a/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc b/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc +new file mode 100644 +index 0000000..dc47a02 +--- /dev/null ++++ b/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc +@@ -0,0 +1,10 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Comment: [B] primary key, subkey, subkey binding sig (no user ID) ++ ++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ ++631VAN24OARc2ZQhEgorBgEEAZdVAQUBAQdABsd5ha0AWXdXcSmfeiWIfrNcGqQK ++j++lwwWDAOlkVicDAQgHiHgEGBYIACAWIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC ++XNmUIQIbDAAKCRAIQ9qWmqja++vFAP98G1L+1/rWTGbsnxOAV2RocBYIroAvsbkR ++Ly6FdP8YNwEA7jOgT05CoKIe37MstpOz23mM80AK369Ca3JMmKKCQgg= ++=xuDu ++-----END PGP PUBLIC KEY BLOCK----- +diff --git a/tests/openpgp/import-incomplete/primary+uid-sig.asc b/tests/openpgp/import-incomplete/primary+uid-sig.asc +new file mode 100644 +index 0000000..134607d +--- /dev/null ++++ b/tests/openpgp/import-incomplete/primary+uid-sig.asc +@@ -0,0 +1,10 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Comment: [C] primary key and self-sig expiring in 2024 (no user ID) ++ ++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ ++631VAN2IlgQTFggAPgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBLRpj5W8 ++2H/gSMzKKQhD2paaqNr7BQJc2ZR1BQkJZgHcAAoJEAhD2paaqNr79soA/0lWkUsu ++3NLwgbni6EzJxnTzgeNMpljqNpipHAwfix9hAP93AVtFdC8g7hdUZxawobl9lnSN ++9ohXOEBWvdJgVv2YAg== ++=KWIK ++-----END PGP PUBLIC KEY BLOCK----- +diff --git a/tests/openpgp/import-incomplete/primary+uid.asc b/tests/openpgp/import-incomplete/primary+uid.asc +new file mode 100644 +index 0000000..055f300 +--- /dev/null ++++ b/tests/openpgp/import-incomplete/primary+uid.asc +@@ -0,0 +1,10 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Comment: [A] primary key, user ID, and self-sig expiring in 2021 ++ ++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ ++631VAN20CHRlc3Qga2V5iJYEExYIAD4WIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC ++XNmUGQIbAwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAIQ9qWmqja +++0G1AQDdQiwhXxjXLMqoth+D4SigVHTJK8ORwifzsy3UE7mPGwD/aZ67XbAF/lgI ++kv2O1Jo0u9BL9RNNF+L0DM7rAFbfMAs= ++=1eII ++-----END PGP PUBLIC KEY BLOCK----- diff --git a/pkgs/tools/security/hashdeep/default.nix b/pkgs/tools/security/hashdeep/default.nix new file mode 100644 index 000000000000..8c8ab5b01a5d --- /dev/null +++ b/pkgs/tools/security/hashdeep/default.nix @@ -0,0 +1,23 @@ +{ stdenv, fetchFromGitHub, autoreconfHook }: + +let version = "4.4"; +in stdenv.mkDerivation { + name = "hashdeep-${version}"; + + src = fetchFromGitHub { + owner = "jessek"; + repo = "hashdeep"; + rev = "release-${version}"; + sha256 = "0m2b042ndikavmplv3qjdhfj44hl1h8car83c192xi9nv5ahi7mf"; + }; + + nativeBuildInputs = [ autoreconfHook ]; + + meta = with stdenv.lib; { + description = "A set of cross-platform tools to compute hashes."; + homepage = "https://github.com/jessek/hashdeep"; + license = licenses.gpl2; + platforms = with platforms; linux ++ freebsd ++ openbsd; + maintainers = [ stdenv.lib.maintainers.karantan ]; + }; +} diff --git a/pkgs/tools/security/ipscan/default.nix b/pkgs/tools/security/ipscan/default.nix index 40546b6f1c33..642b7d80305a 100644 --- a/pkgs/tools/security/ipscan/default.nix +++ b/pkgs/tools/security/ipscan/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "ipscan"; - version = "3.6.2"; + version = "3.7.0"; src = fetchurl { - url = "https://github.com/angryip/ipscan/releases/download/${version}/ipscan_${version}_amd64.deb"; - sha256 = "0wnnnabpj0dsxdijvss5sl9kd4i6rmcq55zbas33xs3c5g305ssk"; + url = "https://github.com/angryip/ipscan/releases/download/${version}/ipscan_${version}_all.deb"; + sha256 = "1dbralnbi5q5v6a5nbs64ihvs20fkm3cddsbakck5fbqdm5by7k7"; }; sourceRoot = "."; @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { installPhase = '' mkdir -p $out/share - cp usr/lib/ipscan/ipscan-linux64-${version}.jar $out/share/${pname}-${version}.jar + cp usr/lib/ipscan/ipscan-any-${version}.jar $out/share/${pname}-${version}.jar makeWrapper ${jre}/bin/java $out/bin/ipscan \ --prefix LD_LIBRARY_PATH : "$out/lib/:${stdenv.lib.makeLibraryPath [ swt xorg.libXtst ]}" \ @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { meta = with stdenv.lib; { description = "Fast and friendly network scanner"; - homepage = https://angryip.org; + homepage = "https://angryip.org"; license = licenses.gpl2; platforms = [ "x86_64-linux" ]; maintainers = with maintainers; [ kylesferrazza ]; diff --git a/pkgs/tools/security/jwt-cli/default.nix b/pkgs/tools/security/jwt-cli/default.nix index 83b630a4f4f6..f2314d7a0e87 100644 --- a/pkgs/tools/security/jwt-cli/default.nix +++ b/pkgs/tools/security/jwt-cli/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "jwt-cli"; - version = "2.5.1"; + version = "3.0.1"; src = fetchFromGitHub { owner = "mike-engel"; repo = pname; rev = version; - sha256 = "1p0c4398kwczwvl4krvfdhg1ixp1gj9nmvzqqv2xlmvrw1qsin8w"; + sha256 = "108pwk0h6zcbfmp0k8rhjxaa9yk8rhb78aaql22x48n11fnjl27i"; }; - cargoSha256 = "005y92acsn5j490jkp23ny7bsjd9ql1glybmbh4cyc8b15hmy618"; + cargoSha256 = "1xh2ylx5fqblhlrs8yhl3zf8kvgrqnwdwmix6yzch9bi5mv5c11w"; buildInputs = stdenv.lib.optional stdenv.isDarwin Security; diff --git a/pkgs/tools/security/keybase/default.nix b/pkgs/tools/security/keybase/default.nix index 1edf86675c31..6f2eaf577011 100644 --- a/pkgs/tools/security/keybase/default.nix +++ b/pkgs/tools/security/keybase/default.nix @@ -6,7 +6,7 @@ buildGoPackage rec { pname = "keybase"; - version = "5.0.0"; + version = "5.3.1"; goPackagePath = "github.com/keybase/client"; subPackages = [ "go/kbnm" "go/keybase" ]; @@ -17,7 +17,7 @@ buildGoPackage rec { owner = "keybase"; repo = "client"; rev = "v${version}"; - sha256 = "0cxxqmgp82qi2b1fljyfa38is94y8ghb2pd31nbyh8y4wnmi0x1s"; + sha256 = "1a1h2c8jr4r20w4gyvyrpsslmh69bl8syl3jbr0fcr2kka7vqnzg"; }; patches = [ @@ -35,7 +35,7 @@ buildGoPackage rec { homepage = https://www.keybase.io/; description = "The Keybase official command-line utility and service."; platforms = platforms.linux ++ platforms.darwin; - maintainers = with maintainers; [ carlsverre np rvolosatovs ]; + maintainers = with maintainers; [ carlsverre np rvolosatovs filalex77 ]; license = licenses.bsd3; }; } diff --git a/pkgs/tools/security/keybase/gui.nix b/pkgs/tools/security/keybase/gui.nix index 2ec97f882367..0a5855b20605 100644 --- a/pkgs/tools/security/keybase/gui.nix +++ b/pkgs/tools/security/keybase/gui.nix @@ -4,16 +4,16 @@ , runtimeShell, gsettings-desktop-schemas }: let - versionSuffix = "20191114203213.f73f97dac6"; + versionSuffix = "20200320154633.3e235215b3"; in stdenv.mkDerivation rec { pname = "keybase-gui"; - version = "5.0.0"; # Find latest version from https://prerelease.keybase.io/deb/dists/stable/main/binary-amd64/Packages + version = "5.3.1"; # Find latest version from https://prerelease.keybase.io/deb/dists/stable/main/binary-amd64/Packages src = fetchurl { url = "https://s3.amazonaws.com/prerelease.keybase.io/linux_binaries/deb/keybase_${version + "-" + versionSuffix}_amd64.deb"; - sha256 = "e175e52a6355d8359d66ef4b445981b572c513754329d5c7f75ad7bb14ec348f"; + sha256 = "00k1xg27arbqpa836c55fhkxjvjbhjgkf6jqzprjzz76zksfdcx4"; }; nativeBuildInputs = [ @@ -108,7 +108,7 @@ stdenv.mkDerivation rec { homepage = https://www.keybase.io/; description = "The Keybase official GUI"; platforms = platforms.linux; - maintainers = with maintainers; [ rvolosatovs puffnfresh np ]; + maintainers = with maintainers; [ rvolosatovs puffnfresh np filalex77 ]; license = licenses.bsd3; }; } diff --git a/pkgs/tools/security/keybase/kbfs.nix b/pkgs/tools/security/keybase/kbfs.nix index 9448182a65a7..20fadee6a40e 100644 --- a/pkgs/tools/security/keybase/kbfs.nix +++ b/pkgs/tools/security/keybase/kbfs.nix @@ -6,7 +6,7 @@ buildGoPackage { inherit (keybase) src version; goPackagePath = "github.com/keybase/client"; - subPackages = [ "go/kbfs/kbfsfuse" "go/kbfs/kbfsgit/git-remote-keybase" ]; + subPackages = [ "go/kbfs/kbfsfuse" "go/kbfs/redirector" "go/kbfs/kbfsgit/git-remote-keybase" ]; dontRenameImports = true; diff --git a/pkgs/tools/security/medusa/default.nix b/pkgs/tools/security/medusa/default.nix new file mode 100644 index 000000000000..bc18f165be73 --- /dev/null +++ b/pkgs/tools/security/medusa/default.nix @@ -0,0 +1,27 @@ +{ stdenv, fetchFromGitHub, pkg-config, freerdp, openssl, libssh2 }: + +stdenv.mkDerivation rec { + pname = "medusa-unstable"; + version = "2018-12-16"; + + src = fetchFromGitHub { + owner = "jmk-foofus"; + repo = "medusa"; + rev = "292193b3995444aede53ff873899640b08129fc7"; + sha256 = "0njlz4fqa0165wdmd5y8lfnafayf3c4la0r8pf3hixkdwsss1509"; + }; + + outputs = [ "out" "man" ]; + + configureFlags = [ "--enable-module-ssh=yes" ]; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ freerdp openssl libssh2 ]; + + meta = with stdenv.lib; { + homepage = "https://github.com/jmk-foofus/medusa"; + description = "A speedy, parallel, and modular, login brute-forcer"; + license = licenses.gpl2; + maintainers = with maintainers; [ ma27 ]; + }; +} diff --git a/pkgs/tools/security/metasploit/Gemfile b/pkgs/tools/security/metasploit/Gemfile index 2aae6fc49d96..3924e6919d37 100644 --- a/pkgs/tools/security/metasploit/Gemfile +++ b/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/5.0.45" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/5.0.74" diff --git a/pkgs/tools/security/metasploit/Gemfile.lock b/pkgs/tools/security/metasploit/Gemfile.lock index 931ea65f54a7..2eaf8aa6c715 100644 --- a/pkgs/tools/security/metasploit/Gemfile.lock +++ b/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,16 +1,15 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: 2b9e74c7a8a4423ea195e75abca1f56c354e5541 - ref: refs/tags/5.0.45 + revision: 22104a154544b3ee57d3ce98a490c4b42a4a8776 + ref: refs/tags/5.0.74 specs: - metasploit-framework (5.0.45) + metasploit-framework (5.0.74) actionpack (~> 4.2.6) activerecord (~> 4.2.6) activesupport (~> 4.2.6) aws-sdk-ec2 aws-sdk-iam aws-sdk-s3 - backports bcrypt (= 3.1.12) bcrypt_pbkdf bit-struct @@ -18,16 +17,19 @@ GIT dnsruby ed25519 em-http-request + eventmachine faker + faraday (<= 0.17.0) + faye-websocket filesize jsobfu json metasm - metasploit-concern - metasploit-credential - metasploit-model - metasploit-payloads (= 1.3.70) - metasploit_data_models (= 3.0.10) + metasploit-concern (~> 2.0.0) + metasploit-credential (~> 3.0.0) + metasploit-model (~> 2.0.4) + metasploit-payloads (= 1.3.84) + metasploit_data_models (~> 3.0.10) metasploit_payloads-mettle (= 0.5.16) mqtt msgpack @@ -61,7 +63,7 @@ GIT rex-random_identifier rex-registry rex-rop_builder - rex-socket (= 0.1.17) + rex-socket rex-sslscan rex-struct2 rex-text @@ -114,39 +116,38 @@ GEM public_suffix (>= 2.0.2, < 5.0) afm (0.2.2) arel (6.0.4) - arel-helpers (2.10.0) + arel-helpers (2.11.0) activerecord (>= 3.1.0, < 7) aws-eventstream (1.0.3) - aws-partitions (1.208.0) - aws-sdk-core (3.66.0) + aws-partitions (1.274.0) + aws-sdk-core (3.90.1) aws-eventstream (~> 1.0, >= 1.0.2) - aws-partitions (~> 1.0) + aws-partitions (~> 1, >= 1.239.0) aws-sigv4 (~> 1.1) jmespath (~> 1.0) - aws-sdk-ec2 (1.106.0) - aws-sdk-core (~> 3, >= 3.61.1) + aws-sdk-ec2 (1.144.0) + aws-sdk-core (~> 3, >= 3.71.0) aws-sigv4 (~> 1.1) - aws-sdk-iam (1.29.0) - aws-sdk-core (~> 3, >= 3.61.1) + aws-sdk-iam (1.33.0) + aws-sdk-core (~> 3, >= 3.71.0) aws-sigv4 (~> 1.1) - aws-sdk-kms (1.24.0) - aws-sdk-core (~> 3, >= 3.61.1) + aws-sdk-kms (1.29.0) + aws-sdk-core (~> 3, >= 3.71.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.48.0) - aws-sdk-core (~> 3, >= 3.61.1) + aws-sdk-s3 (1.60.2) + aws-sdk-core (~> 3, >= 3.83.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.1) aws-sigv4 (1.1.0) aws-eventstream (~> 1.0, >= 1.0.2) - backports (3.15.0) bcrypt (3.1.12) bcrypt_pbkdf (1.0.1) bindata (2.4.4) bit-struct (0.16) - builder (3.2.3) + builder (3.2.4) concurrent-ruby (1.0.5) cookiejar (0.3.3) - crass (1.0.4) + crass (1.0.6) daemons (1.3.1) dnsruby (1.61.3) addressable (~> 2.5) @@ -163,8 +164,11 @@ GEM eventmachine (1.2.7) faker (2.2.1) i18n (>= 0.8) - faraday (0.15.4) + faraday (0.17.0) multipart-post (>= 1.2, < 3) + faye-websocket (0.10.9) + eventmachine (>= 0.12.0) + websocket-driver (>= 0.5.1) filesize (0.2.0) hashery (2.1.2) http_parser.rb (0.6.0) @@ -173,8 +177,8 @@ GEM jmespath (1.4.0) jsobfu (0.4.2) rkelly-remix - json (2.2.0) - loofah (2.2.3) + json (2.3.0) + loofah (2.4.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) metasm (1.0.4) @@ -182,7 +186,7 @@ GEM activemodel (~> 4.2.6) activesupport (~> 4.2.6) railties (~> 4.2.6) - metasploit-credential (3.0.3) + metasploit-credential (3.0.4) metasploit-concern metasploit-model metasploit_data_models (>= 3.0.0) @@ -196,7 +200,7 @@ GEM activemodel (~> 4.2.6) activesupport (~> 4.2.6) railties (~> 4.2.6) - metasploit-payloads (1.3.70) + metasploit-payloads (1.3.84) metasploit_data_models (3.0.10) activerecord (~> 4.2.6) activesupport (~> 4.2.6) @@ -209,17 +213,18 @@ GEM recog (~> 2.0) metasploit_payloads-mettle (0.5.16) mini_portile2 (2.4.0) - minitest (5.11.3) + minitest (5.14.0) mqtt (0.5.0) - msgpack (1.3.1) + msgpack (1.3.3) multipart-post (2.1.1) nessus_rest (0.1.6) net-ssh (5.2.0) network_interface (0.0.2) nexpose (7.2.1) - nokogiri (1.10.4) + nokogiri (1.10.8) mini_portile2 (~> 2.4.0) - octokit (4.14.0) + octokit (4.16.0) + faraday (>= 0.9) sawyer (~> 0.8.0, >= 0.5.3) openssl-ccm (1.2.2) openvas-omp (0.0.4) @@ -227,7 +232,7 @@ GEM pcaprub patch_finder (1.0.2) pcaprub (0.13.0) - pdf-reader (2.2.1) + pdf-reader (2.4.0) Ascii85 (~> 1.0.0) afm (~> 0.2.1) hashery (~> 2.0) @@ -239,8 +244,8 @@ GEM activerecord (~> 4.0) arel (>= 4.0.1) pg_array_parser (~> 0.0.9) - public_suffix (4.0.1) - rack (1.6.11) + public_suffix (4.0.3) + rack (1.6.13) rack-protection (1.5.5) rack rack-test (0.6.3) @@ -251,16 +256,16 @@ GEM activesupport (>= 4.2.0, < 5.0) nokogiri (~> 1.6) rails-deprecated_sanitizer (>= 1.0.1) - rails-html-sanitizer (1.2.0) - loofah (~> 2.2, >= 2.2.2) + rails-html-sanitizer (1.3.0) + loofah (~> 2.3) railties (4.2.11.1) actionpack (= 4.2.11.1) activesupport (= 4.2.11.1) rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) - rake (12.3.3) + rake (13.0.1) rb-readline (0.5.5) - recog (2.3.2) + recog (2.3.6) nokogiri redcarpet (3.5.0) rex-arch (0.1.13) @@ -276,7 +281,7 @@ GEM metasm rex-arch rex-text - rex-exploitation (0.1.21) + rex-exploitation (0.1.22) jsobfu metasm rex-arch @@ -289,7 +294,7 @@ GEM rex-arch rex-ole (0.1.6) rex-text - rex-powershell (0.1.82) + rex-powershell (0.1.86) rex-random_identifier rex-text rex-random_identifier (0.1.4) @@ -299,14 +304,14 @@ GEM metasm rex-core rex-text - rex-socket (0.1.17) + rex-socket (0.1.21) rex-core rex-sslscan (0.1.5) rex-core rex-socket rex-text rex-struct2 (0.1.2) - rex-text (0.2.23) + rex-text (0.2.24) rex-zip (0.1.3) rex-text rkelly-remix (0.0.7) @@ -317,7 +322,7 @@ GEM rubyntlm windows_error rubyntlm (0.6.2) - rubyzip (1.2.3) + rubyzip (2.2.0) sawyer (0.8.2) addressable (>= 2.3.5) faraday (> 0.8, < 2.0) @@ -325,22 +330,25 @@ GEM rack (~> 1.5) rack-protection (~> 1.4) tilt (>= 1.3, < 3) - sqlite3 (1.4.1) + sqlite3 (1.4.2) sshkey (2.0.0) thin (1.7.2) daemons (~> 1.0, >= 1.0.9) eventmachine (~> 1.0, >= 1.0.4) rack (>= 1, < 3) - thor (0.20.3) + thor (1.0.1) thread_safe (0.3.6) - tilt (2.0.9) - ttfunk (1.5.1) - tzinfo (1.2.5) + tilt (2.0.10) + ttfunk (1.6.2.1) + tzinfo (1.2.6) thread_safe (~> 0.1) - tzinfo-data (1.2019.2) + tzinfo-data (1.2019.3) tzinfo (>= 1.0.0) warden (1.2.7) rack (>= 1.0) + websocket-driver (0.7.1) + websocket-extensions (>= 0.1.0) + websocket-extensions (0.1.4) windows_error (0.1.2) xdr (2.0.0) activemodel (>= 4.2.7) @@ -354,4 +362,4 @@ DEPENDENCIES metasploit-framework! BUNDLED WITH - 1.17.2 + 1.17.3 diff --git a/pkgs/tools/security/metasploit/default.nix b/pkgs/tools/security/metasploit/default.nix index 8486f10bab05..31d45c30db73 100644 --- a/pkgs/tools/security/metasploit/default.nix +++ b/pkgs/tools/security/metasploit/default.nix @@ -17,13 +17,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "5.0.45"; + version = "5.0.74"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = version; - sha256 = "16jl3fkfbwl4wwbj2zrq9yr8y8brkhj9641hplc8idv8gaqkgmm5"; + sha256 = "1ml4d6xfaxyv1mamc2qldd39db92qkic8660f8clabi9f1k0ghpp"; }; buildInputs = [ makeWrapper ]; diff --git a/pkgs/tools/security/metasploit/gemset.nix b/pkgs/tools/security/metasploit/gemset.nix index 28cc83b240f2..a35aa958a1df 100644 --- a/pkgs/tools/security/metasploit/gemset.nix +++ b/pkgs/tools/security/metasploit/gemset.nix @@ -1,6 +1,5 @@ { actionpack = { - dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; groups = ["default"]; platforms = []; source = { @@ -11,7 +10,6 @@ version = "4.2.11.1"; }; actionview = { - dependencies = ["activesupport" "builder" "erubis" "rails-dom-testing" "rails-html-sanitizer"]; groups = ["default"]; platforms = []; source = { @@ -22,7 +20,6 @@ version = "4.2.11.1"; }; activemodel = { - dependencies = ["activesupport" "builder"]; groups = ["default"]; platforms = []; source = { @@ -33,7 +30,6 @@ version = "4.2.11.1"; }; activerecord = { - dependencies = ["activemodel" "activesupport" "arel"]; groups = ["default"]; platforms = []; source = { @@ -44,7 +40,6 @@ version = "4.2.11.1"; }; activesupport = { - dependencies = ["i18n" "minitest" "thread_safe" "tzinfo"]; groups = ["default"]; platforms = []; source = { @@ -55,7 +50,6 @@ version = "4.2.11.1"; }; addressable = { - dependencies = ["public_suffix"]; groups = ["default"]; platforms = []; source = { @@ -86,15 +80,14 @@ version = "6.0.4"; }; arel-helpers = { - dependencies = ["activerecord"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0lb52rd20ix7khh70vrwd85qivir9sis62s055k3zr5h9iy3lyqi"; + sha256 = "16irs6rai9pasv36yy31glijs3p2pvgry5g1lh03vnzg8xpb1msp"; type = "gem"; }; - version = "2.10.0"; + version = "2.11.0"; }; Ascii85 = { groups = ["default"]; @@ -121,68 +114,62 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0vkjw8cxssfwplrcl593gp4jxxiajihb8gqmpgzyac8i3xigpacb"; + sha256 = "1k2dpn0xznksh5y9bq9gbvbych06pzyswsdak7bz8nlkbsgf38x3"; type = "gem"; }; - version = "1.208.0"; + version = "1.274.0"; }; aws-sdk-core = { - dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "18h35j7wp7n6zc5r6dpixjcyjshqmpkhwph9qgpv2g0db37zlxyk"; + sha256 = "1q7f9jkpmpppj31kh3wnzybkphq4piy8ays3vld0zsibfjs9iw7i"; type = "gem"; }; - version = "3.66.0"; + version = "3.90.1"; }; aws-sdk-ec2 = { - dependencies = ["aws-sdk-core" "aws-sigv4"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1sb04blmc0lgdgq909cj8cm63zl2idgc5mcysj6cg4rvm8699ahp"; + sha256 = "1wnql5rzwkn97w4l3pq6k97grqdci1qs7h132pnd6lc3bx62v4h5"; type = "gem"; }; - version = "1.106.0"; + version = "1.144.0"; }; aws-sdk-iam = { - dependencies = ["aws-sdk-core" "aws-sigv4"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ypv1cmmrc496myllqd8dqz422qm1i0bhskkvqb9b2lbagmzr3l9"; + sha256 = "0s78ssjcp974v7r1znrgk78bqz23jhws4gy1nm659z5390zsn1fz"; type = "gem"; }; - version = "1.29.0"; + version = "1.33.0"; }; aws-sdk-kms = { - dependencies = ["aws-sdk-core" "aws-sigv4"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14blvvfz67rhffi4ahby50jiip5f0hm85mcxlx6y93g0cfrnxh3m"; + sha256 = "191qnrpg9qhwj24pisha28fwqx30sqkj75ibgpqcf4q389l3a2gw"; type = "gem"; }; - version = "1.24.0"; + version = "1.29.0"; }; aws-sdk-s3 = { - dependencies = ["aws-sdk-core" "aws-sdk-kms" "aws-sigv4"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14iv2wqvvbiz0gdms21i9n6rh8390r1yg4zcf8pzzfplbqfwqw4w"; + sha256 = "1pblkq7rw465w08hs2xy6v7w10x9n004hk43yqzswqxirki68ldz"; type = "gem"; }; - version = "1.48.0"; + version = "1.60.2"; }; aws-sigv4 = { - dependencies = ["aws-eventstream"]; groups = ["default"]; platforms = []; source = { @@ -192,16 +179,6 @@ }; version = "1.1.0"; }; - backports = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0cczfi1yp7a68bg7ipzi4lvrmi4xsi36n9a19krr4yb3nfwd8fn2"; - type = "gem"; - }; - version = "3.15.0"; - }; bcrypt = { groups = ["default"]; platforms = []; @@ -247,10 +224,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0qibi5s67lpdv1wgcj66wcymcr04q6j4mzws6a479n0mlrmh5wr1"; + sha256 = "045wzckxpwcqzrjr353cxnyaxgf0qg22jh00dcx7z38cys5g1jlr"; type = "gem"; }; - version = "3.2.3"; + version = "3.2.4"; }; concurrent-ruby = { groups = ["default"]; @@ -277,10 +254,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0bpxzy6gjw9ggjynlxschbfsgmx8lv3zw1azkjvnb8b9i895dqfi"; + sha256 = "0pfl5c0pyqaparxaqxi6s4gfl21bdldwiawrc0aknyvflli60lfw"; type = "gem"; }; - version = "1.0.4"; + version = "1.0.6"; }; daemons = { groups = ["default"]; @@ -293,7 +270,6 @@ version = "1.3.1"; }; dnsruby = { - dependencies = ["addressable"]; groups = ["default"]; platforms = []; source = { @@ -314,7 +290,6 @@ version = "1.2.4"; }; em-http-request = { - dependencies = ["addressable" "cookiejar" "em-socksify" "eventmachine" "http_parser.rb"]; groups = ["default"]; platforms = []; source = { @@ -325,7 +300,6 @@ version = "1.1.5"; }; em-socksify = { - dependencies = ["eventmachine"]; groups = ["default"]; platforms = []; source = { @@ -356,7 +330,6 @@ version = "1.2.7"; }; faker = { - dependencies = ["i18n"]; groups = ["default"]; platforms = []; source = { @@ -367,15 +340,24 @@ version = "2.2.1"; }; faraday = { - dependencies = ["multipart-post"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0s72m05jvzc1pd6cw1i289chas399q0a14xrwg4rvkdwy7bgzrh0"; + sha256 = "0jk2bar4x6miq2cr73lv0lsbmw4cymiljvp29xb85jifsb3ba6az"; type = "gem"; }; - version = "0.15.4"; + version = "0.17.0"; + }; + faye-websocket = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1kbp3rjwm74zdj0wy2n1cyyvd7ak4k8i8zva6ib4vqfcv8d2j11a"; + type = "gem"; + }; + version = "0.10.9"; }; filesize = { groups = ["default"]; @@ -408,7 +390,6 @@ version = "0.6.0"; }; i18n = { - dependencies = ["concurrent-ruby"]; groups = ["default"]; platforms = []; source = { @@ -429,7 +410,6 @@ version = "1.4.0"; }; jsobfu = { - dependencies = ["rkelly-remix"]; groups = ["default"]; platforms = []; source = { @@ -444,21 +424,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0sx97bm9by389rbzv8r1f43h06xcz8vwi3h5jv074gvparql7lcx"; + sha256 = "0nrmw2r4nfxlfgprfgki3hjifgrcrs3l5zvm3ca3gb4743yr25mn"; type = "gem"; }; - version = "2.2.0"; + version = "2.3.0"; }; loofah = { - dependencies = ["crass" "nokogiri"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ccsid33xjajd0im2xv941aywi58z7ihwkvaf1w2bv89vn5bhsjg"; + sha256 = "1g7ps9m3s14cajhxrfgbzahv9i3gy47s4hqrv3mpybpj5cyr0srn"; type = "gem"; }; - version = "2.2.3"; + version = "2.4.0"; }; metasm = { groups = ["default"]; @@ -471,7 +450,6 @@ version = "1.0.4"; }; metasploit-concern = { - dependencies = ["activemodel" "activesupport" "railties"]; groups = ["default"]; platforms = []; source = { @@ -482,31 +460,28 @@ version = "2.0.5"; }; metasploit-credential = { - dependencies = ["metasploit-concern" "metasploit-model" "metasploit_data_models" "net-ssh" "pg" "railties" "rex-socket" "rubyntlm" "rubyzip"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0m6j149x502p00y2jzra65281dhhw3m8a41pwfn1sk9wv7aiclvl"; + sha256 = "1jh1mzvjpsmqamhwjqs6x2bx550mxkqjvl0f1gl1g87w5qvg3w69"; type = "gem"; }; - version = "3.0.3"; + version = "3.0.4"; }; metasploit-framework = { - dependencies = ["actionpack" "activerecord" "activesupport" "aws-sdk-ec2" "aws-sdk-iam" "aws-sdk-s3" "backports" "bcrypt" "bcrypt_pbkdf" "bit-struct" "concurrent-ruby" "dnsruby" "ed25519" "em-http-request" "faker" "filesize" "jsobfu" "json" "metasm" "metasploit-concern" "metasploit-credential" "metasploit-model" "metasploit-payloads" "metasploit_data_models" "metasploit_payloads-mettle" "mqtt" "msgpack" "nessus_rest" "net-ssh" "network_interface" "nexpose" "nokogiri" "octokit" "openssl-ccm" "openvas-omp" "packetfu" "patch_finder" "pcaprub" "pdf-reader" "pg" "railties" "rb-readline" "recog" "redcarpet" "rex-arch" "rex-bin_tools" "rex-core" "rex-encoder" "rex-exploitation" "rex-java" "rex-mime" "rex-nop" "rex-ole" "rex-powershell" "rex-random_identifier" "rex-registry" "rex-rop_builder" "rex-socket" "rex-sslscan" "rex-struct2" "rex-text" "rex-zip" "ruby-macho" "ruby_smb" "rubyntlm" "rubyzip" "sinatra" "sqlite3" "sshkey" "thin" "tzinfo" "tzinfo-data" "warden" "windows_error" "xdr" "xmlrpc"]; groups = ["default"]; platforms = []; source = { fetchSubmodules = false; - rev = "2b9e74c7a8a4423ea195e75abca1f56c354e5541"; - sha256 = "16jl3fkfbwl4wwbj2zrq9yr8y8brkhj9641hplc8idv8gaqkgmm5"; + rev = "22104a154544b3ee57d3ce98a490c4b42a4a8776"; + sha256 = "1ml4d6xfaxyv1mamc2qldd39db92qkic8660f8clabi9f1k0ghpp"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "5.0.45"; + version = "5.0.74"; }; metasploit-model = { - dependencies = ["activemodel" "activesupport" "railties"]; groups = ["default"]; platforms = []; source = { @@ -521,13 +496,12 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "01s3xmgw4fp2ic0wql8lswa86q3lgr3z687idx3xkfii3dskjpp3"; + sha256 = "1wz72w5a34r6jcgbl97ha3zhl8d28r974clcp99qj5sg71k280c0"; type = "gem"; }; - version = "1.3.70"; + version = "1.3.84"; }; metasploit_data_models = { - dependencies = ["activerecord" "activesupport" "arel-helpers" "metasploit-concern" "metasploit-model" "pg" "postgres_ext" "railties" "recog"]; groups = ["default"]; platforms = []; source = { @@ -562,10 +536,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0icglrhghgwdlnzzp4jf76b0mbc71s80njn5afyfjn4wqji8mqbq"; + sha256 = "0g73x65hmjph8dg1h3rkzfg7ys3ffxm35hj35grw75fixmq53qyz"; type = "gem"; }; - version = "5.11.3"; + version = "5.14.0"; }; mqtt = { groups = ["default"]; @@ -582,10 +556,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1qr2mkm2i3m76zarvy7qgjl9596hmvjrg7x6w42vx8cfsbf5p0y1"; + sha256 = "1lva6bkvb4mfa0m3bqn4lm4s4gi81c40jvdcsrxr6vng49q9daih"; type = "gem"; }; - version = "1.3.1"; + version = "1.3.3"; }; multipart-post = { groups = ["default"]; @@ -638,26 +612,24 @@ version = "7.2.1"; }; nokogiri = { - dependencies = ["mini_portile2"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nmdrqqz1gs0fwkgzxjl4wr554gr8dc1fkrqjc2jpsvwgm41rygv"; + sha256 = "1yi8j8hwrlc3rg5v3w52gxndmwifyk7m732q9yfbal0qajqbh1h8"; type = "gem"; }; - version = "1.10.4"; + version = "1.10.8"; }; octokit = { - dependencies = ["sawyer"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1w7agbfg39jzqk81yad9xhscg31869277ysr2iwdvpjafl5lj4ha"; + sha256 = "06kx258qa5k24q5pv8i4daaw3g57gif6p5k5h3gndj3q2jk6vhkn"; type = "gem"; }; - version = "4.14.0"; + version = "4.16.0"; }; openssl-ccm = { groups = ["default"]; @@ -680,7 +652,6 @@ version = "0.0.4"; }; packetfu = { - dependencies = ["pcaprub"]; groups = ["default"]; platforms = []; source = { @@ -711,15 +682,14 @@ version = "0.13.0"; }; pdf-reader = { - dependencies = ["Ascii85" "afm" "hashery" "ruby-rc4" "ttfunk"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14lqdbiwn2qwgbvnnzxg7haqiy026d8x37hp45c3m9jb9rym92ps"; + sha256 = "1g3gr2m46275hjv6fv4jwq3qlvdbnhf1jxir9vzgxhv45ncnhffy"; type = "gem"; }; - version = "2.2.1"; + version = "2.4.0"; }; pg = { groups = ["default"]; @@ -742,7 +712,6 @@ version = "0.0.9"; }; postgres_ext = { - dependencies = ["activerecord" "arel" "pg_array_parser"]; groups = ["default"]; platforms = []; source = { @@ -757,23 +726,22 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xnfv2j2bqgdpg2yq9i2rxby0w2sc9h5iyjkpaas2xknwrgmhdb0"; + sha256 = "1c6kq6s13idl2036b5lch8r7390f8w82cal8hcp4ml76fm2vdac7"; type = "gem"; }; - version = "4.0.1"; + version = "4.0.3"; }; rack = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1g9926ln2lw12lfxm4ylq1h6nl0rafl10za3xvjzc87qvnqic87f"; + sha256 = "0wr1f3g9rc9i8svfxa9cijajl1661d817s56b2w7rd572zwn0zi0"; type = "gem"; }; - version = "1.6.11"; + version = "1.6.13"; }; rack-protection = { - dependencies = ["rack"]; groups = ["default"]; platforms = []; source = { @@ -784,7 +752,6 @@ version = "1.5.5"; }; rack-test = { - dependencies = ["rack"]; groups = ["default"]; platforms = []; source = { @@ -795,7 +762,6 @@ version = "0.6.3"; }; rails-deprecated_sanitizer = { - dependencies = ["activesupport"]; groups = ["default"]; platforms = []; source = { @@ -806,7 +772,6 @@ version = "1.0.3"; }; rails-dom-testing = { - dependencies = ["activesupport" "nokogiri" "rails-deprecated_sanitizer"]; groups = ["default"]; platforms = []; source = { @@ -817,18 +782,16 @@ version = "1.0.9"; }; rails-html-sanitizer = { - dependencies = ["loofah"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ilwxzm3a7bql5c9q2n9g9nb1hax7vd8d65a5yp3d967ld97nvrq"; + sha256 = "1icpqmxbppl4ynzmn6dx7wdil5hhq6fz707m9ya6d86c7ys8sd4f"; type = "gem"; }; - version = "1.2.0"; + version = "1.3.0"; }; railties = { - dependencies = ["actionpack" "activesupport" "rake" "thor"]; groups = ["default"]; platforms = []; source = { @@ -843,10 +806,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1cvaqarr1m84mhc006g3l1vw7sa5qpkcw0138lsxlf769zdllsgp"; + sha256 = "0w6qza25bq1s825faaglkx1k6d59aiyjjk3yw3ip5sb463mhhai9"; type = "gem"; }; - version = "12.3.3"; + version = "13.0.1"; }; rb-readline = { groups = ["default"]; @@ -859,15 +822,14 @@ version = "0.5.5"; }; recog = { - dependencies = ["nokogiri"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0kbv0j82zf90sc9hhwna2bkb5zv0nxagk22gxyfy82kjmcz71c6k"; + sha256 = "0kw753vq5m5m8pzn1avafzz757gdzzsv7ck94y6d8n4jzqa50isv"; type = "gem"; }; - version = "2.3.2"; + version = "2.3.6"; }; redcarpet = { groups = ["default"]; @@ -880,7 +842,6 @@ version = "3.5.0"; }; rex-arch = { - dependencies = ["rex-text"]; groups = ["default"]; platforms = []; source = { @@ -891,7 +852,6 @@ version = "0.1.13"; }; rex-bin_tools = { - dependencies = ["metasm" "rex-arch" "rex-core" "rex-struct2" "rex-text"]; groups = ["default"]; platforms = []; source = { @@ -912,7 +872,6 @@ version = "0.1.13"; }; rex-encoder = { - dependencies = ["metasm" "rex-arch" "rex-text"]; groups = ["default"]; platforms = []; source = { @@ -923,15 +882,14 @@ version = "0.1.4"; }; rex-exploitation = { - dependencies = ["jsobfu" "metasm" "rex-arch" "rex-encoder" "rex-text"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0b2jg7mccwc34j9mfpndh7b387723qas38qsd906bs4s8b6hf05c"; + sha256 = "16anprj4pc4pi2yb1y6b7c8nrqgpk49g40wy1384snmii24jiwyx"; type = "gem"; }; - version = "0.1.21"; + version = "0.1.22"; }; rex-java = { groups = ["default"]; @@ -944,7 +902,6 @@ version = "0.1.5"; }; rex-mime = { - dependencies = ["rex-text"]; groups = ["default"]; platforms = []; source = { @@ -955,7 +912,6 @@ version = "0.1.5"; }; rex-nop = { - dependencies = ["rex-arch"]; groups = ["default"]; platforms = []; source = { @@ -966,7 +922,6 @@ version = "0.1.1"; }; rex-ole = { - dependencies = ["rex-text"]; groups = ["default"]; platforms = []; source = { @@ -977,18 +932,16 @@ version = "0.1.6"; }; rex-powershell = { - dependencies = ["rex-random_identifier" "rex-text"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1fcyiz8cgcv6pcn5w969ac4wwhr1cz6jk6kf6p8gyw5rjrlwfz0j"; + sha256 = "150nmpgrvpd6hyx9cghah8dxpcfb1h7inpcwmz7ijpir60zxxfdj"; type = "gem"; }; - version = "0.1.82"; + version = "0.1.86"; }; rex-random_identifier = { - dependencies = ["rex-text"]; groups = ["default"]; platforms = []; source = { @@ -1009,7 +962,6 @@ version = "0.1.3"; }; rex-rop_builder = { - dependencies = ["metasm" "rex-core" "rex-text"]; groups = ["default"]; platforms = []; source = { @@ -1020,18 +972,16 @@ version = "0.1.3"; }; rex-socket = { - dependencies = ["rex-core"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "136szyv31fcdzmcgs44vg009k3ssyawkqppkhm3xyv2ivpp1mlgv"; + sha256 = "0jkmff92ga9qd9gg13cd6s99qcdmr5n354l9br70j784mpyl9apb"; type = "gem"; }; - version = "0.1.17"; + version = "0.1.21"; }; rex-sslscan = { - dependencies = ["rex-core" "rex-socket" "rex-text"]; groups = ["default"]; platforms = []; source = { @@ -1056,13 +1006,12 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cmfwzd3r6xzhaw5l2grgiivql1yynh620drg8h39q8hiixya6xz"; + sha256 = "0wjrp4n7j2ifdgqc6z8z4jbz9gr7g5m5h35b7vx4k9cbaq9b5zxw"; type = "gem"; }; - version = "0.2.23"; + version = "0.2.24"; }; rex-zip = { - dependencies = ["rex-text"]; groups = ["default"]; platforms = []; source = { @@ -1103,7 +1052,6 @@ version = "0.1.5"; }; ruby_smb = { - dependencies = ["bindata" "rubyntlm" "windows_error"]; groups = ["default"]; platforms = []; source = { @@ -1128,13 +1076,12 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1w9gw28ly3zyqydnm8phxchf4ymyjl2r7zf7c12z8kla10cpmhlc"; + sha256 = "13b15icwx0c8zzjfzf7bmqq9ynilw0dy8ydgjb199nqzp93p6wqv"; type = "gem"; }; - version = "1.2.3"; + version = "2.2.0"; }; sawyer = { - dependencies = ["addressable" "faraday"]; groups = ["default"]; platforms = []; source = { @@ -1145,7 +1092,6 @@ version = "0.8.2"; }; sinatra = { - dependencies = ["rack" "rack-protection" "tilt"]; groups = ["default"]; platforms = []; source = { @@ -1160,10 +1106,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1v903nbcws3ifm6jnxrdfcpgl1qg2x3lbif16mhlbyfn0npzb494"; + sha256 = "0lja01cp9xd5m6vmx99zwn4r7s97r1w5cb76gqd8xhbm1wxyzf78"; type = "gem"; }; - version = "1.4.1"; + version = "1.4.2"; }; sshkey = { groups = ["default"]; @@ -1176,7 +1122,6 @@ version = "2.0.0"; }; thin = { - dependencies = ["daemons" "eventmachine" "rack"]; groups = ["default"]; platforms = []; source = { @@ -1191,10 +1136,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1yhrnp9x8qcy5vc7g438amd5j9sw83ih7c30dr6g6slgw9zj3g29"; + sha256 = "1xbhkmyhlxwzshaqa7swy2bx6vd64mm0wrr8g3jywvxy7hg0cwkm"; type = "gem"; }; - version = "0.20.3"; + version = "1.0.1"; }; thread_safe = { groups = ["default"]; @@ -1211,45 +1156,42 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ca4k0clwf0rkvy7726x4nxpjxkpv67w043i39saxgldxd97zmwz"; + sha256 = "0rn8z8hda4h41a64l0zhkiwz2vxw9b1nb70gl37h1dg2k874yrlv"; type = "gem"; }; - version = "2.0.9"; + version = "2.0.10"; }; ttfunk = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mgrnqla5n51v4ivn844albsajkck7k6lviphfqa8470r46c58cd"; + sha256 = "0w0bjn6k38xv46mr02p3038gwk5jj5hl398bv5kr625msxkdhqzn"; type = "gem"; }; - version = "1.5.1"; + version = "1.6.2.1"; }; tzinfo = { - dependencies = ["thread_safe"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1fjx9j327xpkkdlxwmkl3a8wqj7i4l4jwlrv3z13mg95z9wl253z"; + sha256 = "04f18jdv6z3zn3va50rqq35nj3izjpb72fnf21ixm7vanq6nc4fp"; type = "gem"; }; - version = "1.2.5"; + version = "1.2.6"; }; tzinfo-data = { - dependencies = ["tzinfo"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1m507in0d7vlfgasxpkz3y1a44zp532k9qlqcaz90ay939sz9h5q"; + sha256 = "17fbf05qhcxp8anmp7k5wnafw3ypy607h5ybnqg92dqgh4b1c3yi"; type = "gem"; }; - version = "1.2019.2"; + version = "1.2019.3"; }; warden = { - dependencies = ["rack"]; groups = ["default"]; platforms = []; source = { @@ -1259,6 +1201,26 @@ }; version = "1.2.7"; }; + websocket-driver = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1bxamwqldmy98hxs5pqby3andws14hl36ch78g0s81gaz9b91nj2"; + type = "gem"; + }; + version = "0.7.1"; + }; + websocket-extensions = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "00i624ng1nvkz1yckj3f8yxxp6hi7xaqf40qh9q3hj2n1l9i8g6m"; + type = "gem"; + }; + version = "0.1.4"; + }; windows_error = { groups = ["default"]; platforms = []; @@ -1270,7 +1232,6 @@ version = "0.1.2"; }; xdr = { - dependencies = ["activemodel" "activesupport"]; groups = ["default"]; platforms = []; source = { diff --git a/pkgs/tools/security/mkp224o/default.nix b/pkgs/tools/security/mkp224o/default.nix index a4aae480ae16..7585fdf22e1a 100644 --- a/pkgs/tools/security/mkp224o/default.nix +++ b/pkgs/tools/security/mkp224o/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "mkp224o"; - version = "1.3.0"; + version = "1.4.0"; src = fetchFromGitHub { owner = "cathugger"; repo = "mkp224o"; rev = "v${version}"; - sha256 = "1il12ahcs5pj52hxn4xvpjfz801xcg31zk2jnkl80frzlwq040qi"; + sha256 = "0b7xs4gnyfhdkwl8wkb6mazas88ybnlbxck59p4n2mnlndvd8kb7"; }; buildCommand = diff --git a/pkgs/tools/security/neopg/default.nix b/pkgs/tools/security/neopg/default.nix index 5e26bcf6759d..c58772346eea 100644 --- a/pkgs/tools/security/neopg/default.nix +++ b/pkgs/tools/security/neopg/default.nix @@ -31,7 +31,7 @@ stdenv.mkDerivation rec { dontUseCmakeBuildDir = true; preCheck = '' - export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$(pwd)/3rdparty/googletest/googletest:$(pwd)/neopg + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}$(pwd)/3rdparty/googletest/googletest:$(pwd)/neopg ''; meta = with stdenv.lib; { diff --git a/pkgs/tools/security/nwipe/default.nix b/pkgs/tools/security/nwipe/default.nix index 62d7fb3b34a3..c72ada867614 100644 --- a/pkgs/tools/security/nwipe/default.nix +++ b/pkgs/tools/security/nwipe/default.nix @@ -1,20 +1,20 @@ { stdenv, fetchFromGitHub, ncurses, parted, automake, autoconf, pkgconfig }: stdenv.mkDerivation rec { - version = "0.26"; + version = "0.28"; pname = "nwipe"; src = fetchFromGitHub { owner = "martijnvanbrummelen"; repo = "nwipe"; rev = "v${version}"; - sha256 = "072gg7hafq4vncpgm62yswshg6qgbi9mg2hl0p22c7if908p4vaa"; + sha256 = "1aw905lmn1vm6klqn3q7445dwmwbjhcmwnkygpq9rddacgig1gdx"; }; nativeBuildInputs = [ automake autoconf pkgconfig ]; buildInputs = [ ncurses parted ]; preConfigure = "sh init.sh || :"; meta = with stdenv.lib; { description = "Securely erase disks"; - homepage = https://github.com/martijnvanbrummelen/nwipe; + homepage = "https://github.com/martijnvanbrummelen/nwipe"; license = licenses.gpl2; maintainers = [ maintainers.woffs ]; platforms = platforms.linux; diff --git a/pkgs/tools/security/oath-toolkit/default.nix b/pkgs/tools/security/oath-toolkit/default.nix index e31d62dc8b7a..d462101e92ea 100644 --- a/pkgs/tools/security/oath-toolkit/default.nix +++ b/pkgs/tools/security/oath-toolkit/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitLab, pam, xmlsec, autoreconfHook, pkgconfig, libxml2, gtk-doc, perl, gengetopt, bison, help2man }: +{ stdenv, fetchFromGitLab, fetchpatch, pam, xmlsec, autoreconfHook, pkgconfig, libxml2, gtk-doc, perl, gengetopt, bison, help2man }: let securityDependency = @@ -15,6 +15,15 @@ in stdenv.mkDerivation { sha256 = "0n2sl444723f1k0sjmc0mzdwslx51yxac39c2cx2bl3ykacgfv74"; }; + patches = [ + # fix for glibc>=2.28 + (fetchpatch { + name = "new_glibc_check.patch"; + url = "https://sources.debian.org/data/main/o/oath-toolkit/2.6.1-1.3/debian/patches/new-glibc-check.patch"; + sha256 = "0h75xyy3xsl485v7w27yqkks6z9sgsjmrv6wiswy15fdj5wyciv3"; + }) + ]; + buildInputs = [ securityDependency libxml2 perl gengetopt bison ]; nativeBuildInputs = [ autoreconfHook gtk-doc help2man pkgconfig ]; diff --git a/pkgs/tools/security/pass/default.nix b/pkgs/tools/security/pass/default.nix index 54a8f4de7d7b..aed6a9d4012c 100644 --- a/pkgs/tools/security/pass/default.nix +++ b/pkgs/tools/security/pass/default.nix @@ -1,6 +1,6 @@ { stdenv, lib, pkgs, fetchurl, buildEnv , coreutils, gnused, getopt, git, tree, gnupg, openssl, which, procps -, qrencode , makeWrapper +, qrencode , makeWrapper, pass, symlinkJoin , xclip ? null, xdotool ? null, dmenu ? null , x11Support ? !stdenv.isDarwin @@ -23,131 +23,136 @@ let env = extensions: let - selected = extensions passExtensions + selected = [ pass ] ++ extensions passExtensions ++ stdenv.lib.optional tombPluginSupport passExtensions.tomb; in buildEnv { name = "pass-extensions-env"; paths = selected; - buildInputs = concatMap (x: x.buildInputs) selected; - }; - - generic = extensionsEnv: extraPassthru: stdenv.mkDerivation rec { - version = "1.7.3"; - pname = "password-store"; + buildInputs = [ makeWrapper ] ++ concatMap (x: x.buildInputs) selected; - src = fetchurl { - url = "https://git.zx2c4.com/password-store/snapshot/${pname}-${version}.tar.xz"; - sha256 = "1x53k5dn3cdmvy8m4fqdld4hji5n676ksl0ql4armkmsds26av1b"; - }; + postBuild = '' + files=$(find $out/bin/ -type f -exec readlink -f {} \;) + rm $out/bin + mkdir $out/bin - patches = [ ./set-correct-program-name-for-sleep.patch ] - ++ stdenv.lib.optional stdenv.isDarwin ./no-darwin-getopt.patch - # TODO (@Ma27) this patch adds support for wl-clipboard and can be removed during the next - # version bump. - ++ stdenv.lib.optional waylandSupport ./clip-wayland-support.patch; + for i in $files; do + ln -sf $i $out/bin/$(basename $i) + done - nativeBuildInputs = [ makeWrapper ]; - - buildInputs = [ extensionsEnv ]; + wrapProgram $out/bin/pass \ + --set SYSTEM_EXTENSION_DIR "$out/lib/password-store/extensions" + ''; + }; +in - installFlags = [ "PREFIX=$(out)" "WITH_ALLCOMP=yes" ]; +stdenv.mkDerivation rec { + version = "1.7.3"; + pname = "password-store"; - postInstall = '' - # Install Emacs Mode. NOTE: We can't install the necessary - # dependencies (s.el and f.el) here. The user has to do this - # himself. - mkdir -p "$out/share/emacs/site-lisp" - cp "contrib/emacs/password-store.el" "$out/share/emacs/site-lisp/" - '' + optionalString x11Support '' - cp "contrib/dmenu/passmenu" "$out/bin/" - ''; + src = fetchurl { + url = "https://git.zx2c4.com/password-store/snapshot/${pname}-${version}.tar.xz"; + sha256 = "1x53k5dn3cdmvy8m4fqdld4hji5n676ksl0ql4armkmsds26av1b"; + }; - wrapperPath = with stdenv.lib; makeBinPath ([ - coreutils - getopt - git - gnupg - gnused - tree - which - qrencode - procps - ] ++ optional stdenv.isDarwin openssl - ++ ifEnable x11Support [ dmenu xclip xdotool ] - ++ optional waylandSupport wl-clipboard); - - postFixup = '' - # Link extensions env - rmdir $out/lib/password-store/extensions - ln -s ${extensionsEnv}/lib/password-store/extensions $out/lib/password-store/. - for f in ${extensionsEnv}/share/man/man1/*.1.gz; do - ln -s $f $out/share/man/man1/ - done - - # Fix program name in --help - substituteInPlace $out/bin/pass \ - --replace 'PROGRAM="''${0##*/}"' "PROGRAM=pass" - - # Ensure all dependencies are in PATH - wrapProgram $out/bin/pass \ - --prefix PATH : "${wrapperPath}" - '' + stdenv.lib.optionalString x11Support '' - # We just wrap passmenu with the same PATH as pass. It doesn't - # need all the tools in there but it doesn't hurt either. - wrapProgram $out/bin/passmenu \ - --prefix PATH : "$out/bin:${wrapperPath}" - ''; + patches = [ + ./set-correct-program-name-for-sleep.patch + ./extension-dir.patch + ] ++ stdenv.lib.optional stdenv.isDarwin ./no-darwin-getopt.patch + # TODO (@Ma27) this patch adds support for wl-clipboard and can be removed during the next + # version bump. + ++ stdenv.lib.optional waylandSupport ./clip-wayland-support.patch; + + nativeBuildInputs = [ makeWrapper ]; + + installFlags = [ "PREFIX=$(out)" "WITH_ALLCOMP=yes" ]; + + postInstall = '' + # Install Emacs Mode. NOTE: We can't install the necessary + # dependencies (s.el and f.el) here. The user has to do this + # himself. + mkdir -p "$out/share/emacs/site-lisp" + cp "contrib/emacs/password-store.el" "$out/share/emacs/site-lisp/" + '' + optionalString x11Support '' + cp "contrib/dmenu/passmenu" "$out/bin/" + ''; + + wrapperPath = with stdenv.lib; makeBinPath ([ + coreutils + getopt + git + gnupg + gnused + tree + which + qrencode + procps + ] ++ optional stdenv.isDarwin openssl + ++ ifEnable x11Support [ dmenu xclip xdotool ] + ++ optional waylandSupport wl-clipboard); + + postFixup = '' + # Fix program name in --help + substituteInPlace $out/bin/pass \ + --replace 'PROGRAM="''${0##*/}"' "PROGRAM=pass" + + # Ensure all dependencies are in PATH + wrapProgram $out/bin/pass \ + --prefix PATH : "${wrapperPath}" + '' + stdenv.lib.optionalString x11Support '' + # We just wrap passmenu with the same PATH as pass. It doesn't + # need all the tools in there but it doesn't hurt either. + wrapProgram $out/bin/passmenu \ + --prefix PATH : "$out/bin:${wrapperPath}" + ''; + + # Turn "check" into "installcheck", since we want to test our pass, + # not the one before the fixup. + postPatch = '' + patchShebangs tests + + substituteInPlace src/password-store.sh \ + --replace "@out@" "$out" + + # the turning + sed -i -e 's@^PASS=.*''$@PASS=$out/bin/pass@' \ + -e 's@^GPGS=.*''$@GPG=${gnupg}/bin/gpg2@' \ + -e '/which gpg/ d' \ + tests/setup.sh + '' + stdenv.lib.optionalString stdenv.isDarwin '' + # 'pass edit' uses hdid, which is not available from the sandbox. + rm -f tests/t0200-edit-tests.sh + rm -f tests/t0010-generate-tests.sh + rm -f tests/t0020-show-tests.sh + rm -f tests/t0050-mv-tests.sh + rm -f tests/t0100-insert-tests.sh + rm -f tests/t0300-reencryption.sh + rm -f tests/t0400-grep.sh + ''; + + doCheck = false; + + doInstallCheck = true; + installCheckInputs = [ git ]; + installCheckTarget = "test"; + + passthru = { + extensions = passExtensions; + withExtensions = env; + }; - # Turn "check" into "installcheck", since we want to test our pass, - # not the one before the fixup. - postPatch = '' - patchShebangs tests - - # the turning - sed -i -e 's@^PASS=.*''$@PASS=$out/bin/pass@' \ - -e 's@^GPGS=.*''$@GPG=${gnupg}/bin/gpg2@' \ - -e '/which gpg/ d' \ - tests/setup.sh - '' + stdenv.lib.optionalString stdenv.isDarwin '' - # 'pass edit' uses hdid, which is not available from the sandbox. - rm -f tests/t0200-edit-tests.sh - rm -f tests/t0010-generate-tests.sh - rm -f tests/t0020-show-tests.sh - rm -f tests/t0050-mv-tests.sh - rm -f tests/t0100-insert-tests.sh - rm -f tests/t0300-reencryption.sh - rm -f tests/t0400-grep.sh + meta = with stdenv.lib; { + description = "Stores, retrieves, generates, and synchronizes passwords securely"; + homepage = https://www.passwordstore.org/; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ lovek323 the-kenny fpletz tadfisher globin ma27 ]; + platforms = platforms.unix; + + longDescription = '' + pass is a very simple password store that keeps passwords inside gpg2 + encrypted files inside a simple directory tree residing at + ~/.password-store. The pass utility provides a series of commands for + manipulating the password store, allowing the user to add, remove, edit, + synchronize, generate, and manipulate passwords. ''; - - doCheck = false; - - doInstallCheck = true; - installCheckInputs = [ git ]; - installCheckTarget = "test"; - - passthru = { - extensions = passExtensions; - } // extraPassthru; - - meta = with stdenv.lib; { - description = "Stores, retrieves, generates, and synchronizes passwords securely"; - homepage = https://www.passwordstore.org/; - license = licenses.gpl2Plus; - maintainers = with maintainers; [ lovek323 the-kenny fpletz tadfisher globin ]; - platforms = platforms.unix; - - longDescription = '' - pass is a very simple password store that keeps passwords inside gpg2 - encrypted files inside a simple directory tree residing at - ~/.password-store. The pass utility provides a series of commands for - manipulating the password store, allowing the user to add, remove, edit, - synchronize, generate, and manipulate passwords. - ''; - }; }; - -in - -generic (env (_: [])) { - withExtensions = extensions: generic (env extensions) {}; } diff --git a/pkgs/tools/security/pass/extension-dir.patch b/pkgs/tools/security/pass/extension-dir.patch new file mode 100644 index 000000000000..028da31c4617 --- /dev/null +++ b/pkgs/tools/security/pass/extension-dir.patch @@ -0,0 +1,32 @@ +diff --git a/Makefile b/Makefile +index eac2291..1b1df0a 100644 +--- a/Makefile ++++ b/Makefile +@@ -46,12 +46,12 @@ install: install-common + @install -v -d "$(DESTDIR)$(LIBDIR)/password-store" && install -m 0644 -v "$(PLATFORMFILE)" "$(DESTDIR)$(LIBDIR)/password-store/platform.sh" + @install -v -d "$(DESTDIR)$(LIBDIR)/password-store/extensions" + @install -v -d "$(DESTDIR)$(BINDIR)/" +- @trap 'rm -f src/.pass' EXIT; sed 's:.*PLATFORM_FUNCTION_FILE.*:source "$(LIBDIR)/password-store/platform.sh":;s:^SYSTEM_EXTENSION_DIR=.*:SYSTEM_EXTENSION_DIR="$(LIBDIR)/password-store/extensions":' src/password-store.sh > src/.pass && \ ++ @trap 'rm -f src/.pass' EXIT; sed 's:.*PLATFORM_FUNCTION_FILE.*:source "$(LIBDIR)/password-store/platform.sh":;' src/password-store.sh > src/.pass && \ + install -v -d "$(DESTDIR)$(BINDIR)/" && install -m 0755 -v src/.pass "$(DESTDIR)$(BINDIR)/pass" + else + install: install-common + @install -v -d "$(DESTDIR)$(LIBDIR)/password-store/extensions" +- @trap 'rm -f src/.pass' EXIT; sed '/PLATFORM_FUNCTION_FILE/d;s:^SYSTEM_EXTENSION_DIR=.*:SYSTEM_EXTENSION_DIR="$(LIBDIR)/password-store/extensions":' src/password-store.sh > src/.pass && \ ++ @trap 'rm -f src/.pass' EXIT; sed '/PLATFORM_FUNCTION_FILE/d;' src/password-store.sh > src/.pass && \ + install -v -d "$(DESTDIR)$(BINDIR)/" && install -m 0755 -v src/.pass "$(DESTDIR)$(BINDIR)/pass" + endif + +diff --git a/src/password-store.sh b/src/password-store.sh +index 68551a4..2f3b5b7 100755 +--- a/src/password-store.sh ++++ b/src/password-store.sh +@@ -656,7 +656,7 @@ cmd_extension_or_show() { + fi + } + +-SYSTEM_EXTENSION_DIR="" ++SYSTEM_EXTENSION_DIR="${SYSTEM_EXTENSION_DIR:-@out@/lib/password-store/extensions}" + cmd_extension() { + check_sneaky_paths "$1" + local user_extension system_extension extension diff --git a/pkgs/tools/security/pass/extensions/audit.nix b/pkgs/tools/security/pass/extensions/audit.nix deleted file mode 100644 index ca5ca855337f..000000000000 --- a/pkgs/tools/security/pass/extensions/audit.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ stdenv, pass, fetchFromGitHub, pythonPackages, makeWrapper }: - -let - pythonEnv = pythonPackages.python.withPackages (p: [ p.requests ]); - -in stdenv.mkDerivation rec { - pname = "pass-audit"; - version = "0.1"; - - src = fetchFromGitHub { - owner = "roddhjav"; - repo = "pass-audit"; - rev = "v${version}"; - sha256 = "0v0db8bzpcaa7zqz17syn3c78mgvw4mpg8qg1gh5rmbjsjfxw6sm"; - }; - - nativeBuildInputs = [ makeWrapper ]; - - buildInputs = [ pythonEnv ]; - - patchPhase = '' - sed -i -e "s|/usr/lib|$out/lib|" audit.bash - sed -i -e 's|$0|${pass}/bin/pass|' audit.bash - ''; - - dontBuild = true; - - installFlags = [ "PREFIX=$(out)" ]; - - postFixup = '' - wrapProgram $out/lib/password-store/extensions/audit.bash \ - --prefix PATH : "${pythonEnv}/bin" \ - --run "export PREFIX" - ''; - - meta = with stdenv.lib; { - description = "Pass extension for auditing your password repository."; - homepage = https://github.com/roddhjav/pass-audit; - license = licenses.gpl3Plus; - platforms = platforms.unix; - }; -} diff --git a/pkgs/tools/security/pass/extensions/audit/0001-Make-it-possible-to-run-the-tests-offline.patch b/pkgs/tools/security/pass/extensions/audit/0001-Make-it-possible-to-run-the-tests-offline.patch new file mode 100644 index 000000000000..36faf3140ccd --- /dev/null +++ b/pkgs/tools/security/pass/extensions/audit/0001-Make-it-possible-to-run-the-tests-offline.patch @@ -0,0 +1,175 @@ +From 37c2b4d2940476555aeec20fe1e5e3fa0492a94e Mon Sep 17 00:00:00 2001 +From: Maximilian Bosch <maximilian@mbosch.me> +Date: Sun, 15 Mar 2020 19:58:53 +0100 +Subject: [PATCH] Make it possible to run the tests offline + +Helpful when developing without network access, also makes sure that +the test actually depend on the API's data like number of breaches +(which will change in time). +--- + tests/commons.py | 25 +++++++++++++++++++++++++ + tests/test_audit.py | 8 +++++--- + tests/test_pass_audit.py | 10 +++++++++- + tests/test_pwned.py | 8 +++++--- + 4 files changed, 44 insertions(+), 7 deletions(-) + +diff --git a/tests/commons.py b/tests/commons.py +index 13c4cb1..4f1ecd8 100644 +--- a/tests/commons.py ++++ b/tests/commons.py +@@ -56,3 +56,28 @@ class TestPass(TestBase): + for path in self.store.list(root): + data[path] = self.store.show(path) + return data ++ ++ ++def mock_request(*args, **kwargs): ++ class MockResponse: ++ def __init__(self): ++ data = [ ++ "D5EE0CB1A41071812CCED2F1930E6E1A5D2:2", ++ "2DC183F740EE76F27B78EB39C8AD972A757:52579", ++ "CF164D7A51A1FD864B1BF9E1CE8A3EC171B:4", ++ "D0B910E7A3028703C0B30039795E908CEB2:7", ++ "AD6438836DBE526AA231ABDE2D0EEF74D42:3", ++ "EBAB0A7CE978E0194608B572E4F9404AA21:3", ++ "17727EAB0E800E62A776C76381DEFBC4145:120", ++ "5370372AC65308F03F6ED75EC6068C8E1BE:1386", ++ "1E4C9B93F3F0682250B6CF8331B7EE68FD8:3730471", ++ "437FAA5A7FCE15D1DDCB9EAEAEA377667B8:123422", ++ "944C22589AC652B0F47918D58CA0CDCCB63:411" ++ ] ++ ++ self.text = "\r\n".join(data) ++ ++ def raise_for_status(self): ++ pass ++ ++ return MockResponse() +diff --git a/tests/test_audit.py b/tests/test_audit.py +index d8c7a9a..5e0a9cf 100644 +--- a/tests/test_audit.py ++++ b/tests/test_audit.py +@@ -17,12 +17,13 @@ + # + + from .. import pass_audit +-from tests.commons import TestPass +- ++from tests.commons import TestPass, mock_request ++from unittest import mock + + class TestPassAudit(TestPass): + passwords_nb = 7 + ++ @mock.patch('requests.get', mock_request) + def test_password_notpwned(self): + """Testing: pass audit for password not breached with K-anonymity method.""" + data = self._getdata("Password/notpwned") +@@ -30,9 +31,10 @@ class TestPassAudit(TestPass): + breached = audit.password() + self.assertTrue(len(breached) == 0) + ++ @mock.patch('requests.get', mock_request) + def test_password_pwned(self): + """Testing: pass audit for password breached with K-anonymity method.""" +- ref_counts = [51259, 3, 114, 1352, 3645804, 78773, 396] ++ ref_counts = [52579, 3, 120, 1386, 3730471, 123422, 411] + data = self._getdata("Password/pwned") + audit = pass_audit.PassAudit(data) + breached = audit.password() +diff --git a/tests/test_pass_audit.py b/tests/test_pass_audit.py +index 4c10f87..2c949f7 100644 +--- a/tests/test_pass_audit.py ++++ b/tests/test_pass_audit.py +@@ -19,7 +19,8 @@ + import os + + from .. import pass_audit +-from tests.commons import TestPass ++from tests.commons import TestPass, mock_request ++from unittest import mock + + + class TestPassAuditCMD(TestPass): +@@ -47,6 +48,7 @@ class TestPassAuditCMD(TestPass): + cmd = ['--not-an-option', '-q'] + self._passaudit(cmd, 2) + ++ @mock.patch('requests.get', mock_request) + def test_pass_audit_StoreNotInitialized(self): + """Testing: store not initialized.""" + cmd = ['Password/', '-v'] +@@ -56,6 +58,7 @@ class TestPassAuditCMD(TestPass): + os.rename(os.path.join(self.store.prefix, 'backup.gpg-id'), + os.path.join(self.store.prefix, '.gpg-id')) + ++ @mock.patch('requests.get', mock_request) + def test_pass_audit_InvalidID(self): + """Testing: invalid user ID.""" + os.rename(os.path.join(self.store.prefix, '.gpg-id'), +@@ -66,26 +69,31 @@ class TestPassAuditCMD(TestPass): + os.rename(os.path.join(self.store.prefix, 'backup.gpg-id'), + os.path.join(self.store.prefix, '.gpg-id')) + ++ @mock.patch('requests.get', mock_request) + def test_pass_audit_NotAFile(self): + """Testing: pass audit not_a_file.""" + cmd = ['not_a_file'] + self._passaudit(cmd, 1) + ++ @mock.patch('requests.get', mock_request) + def test_pass_audit_passwords_notpwned(self): + """Testing: pass audit Password/notpwned.""" + cmd = ['Password/notpwned'] + self._passaudit(cmd) + ++ @mock.patch('requests.get', mock_request) + def test_pass_audit_passwords_pwned(self): + """Testing: pass audit Password/pwned.""" + cmd = ['Password/pwned'] + self._passaudit(cmd) + ++ @mock.patch('requests.get', mock_request) + def test_pass_audit_passwords_good(self): + """Testing: pass audit Password/good.""" + cmd = ['Password/good'] + self._passaudit(cmd) + ++ @mock.patch('requests.get', mock_request) + def test_pass_audit_passwords_all(self): + """Testing: pass audit .""" + cmd = [''] +diff --git a/tests/test_pwned.py b/tests/test_pwned.py +index 5ce6bc6..c28939a 100644 +--- a/tests/test_pwned.py ++++ b/tests/test_pwned.py +@@ -17,7 +17,8 @@ + # + + from .. import pass_audit +-from tests.commons import TestPass ++from tests.commons import TestPass, mock_request ++from unittest import mock + + + class TestPwnedAPI(TestPass): +@@ -25,12 +26,13 @@ class TestPwnedAPI(TestPass): + def setUp(self): + self.api = pass_audit.PwnedAPI() + ++ @mock.patch('requests.get', mock_request) + def test_password_range(self): + """Testing: https://api.haveibeenpwned.com/range API.""" + prefix = '21BD1' + Hash = '21BD12DC183F740EE76F27B78EB39C8AD972A757' + hashes, counts = self.api.password_range(prefix) + self.assertIn(Hash, hashes) +- self.assertTrue(counts[hashes.index(Hash)] == 51259) ++ self.assertTrue(counts[hashes.index(Hash)] == 52579) + self.assertTrue(len(hashes) == len(counts)) +- self.assertTrue(len(hashes) == 527) ++ self.assertTrue(len(hashes) == 11) +-- +2.25.0 + diff --git a/pkgs/tools/security/pass/extensions/audit/0002-Fix-audit.bash-setup.patch b/pkgs/tools/security/pass/extensions/audit/0002-Fix-audit.bash-setup.patch new file mode 100644 index 000000000000..5703f3c1f652 --- /dev/null +++ b/pkgs/tools/security/pass/extensions/audit/0002-Fix-audit.bash-setup.patch @@ -0,0 +1,28 @@ +From 8f76b32946430737f97f2702afd828b09536afd2 Mon Sep 17 00:00:00 2001 +From: Maximilian Bosch <maximilian@mbosch.me> +Date: Sun, 15 Mar 2020 20:10:11 +0100 +Subject: [PATCH 2/2] Fix audit.bash setup + +This sets PASSWORD_STORE_DIR (needed by the python-code) to +PASSWORD_STORE_DIR and properly falls back to `~/.password-store` if +it's not set. +--- + audit.bash | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/audit.bash b/audit.bash +index 7a973dc..c40ff76 100755 +--- a/audit.bash ++++ b/audit.bash +@@ -17,7 +17,7 @@ + # + + cmd_audit() { +- export PASSWORD_STORE_DIR=$PREFIX GIT_DIR PASSWORD_STORE_GPG_OPTS ++ export PASSWORD_STORE_DIR=${PASSWORD_STORE_DIR:-$HOME/.password-store} GIT_DIR PASSWORD_STORE_GPG_OPTS + export X_SELECTION CLIP_TIME PASSWORD_STORE_UMASK GENERATED_LENGTH + export CHARACTER_SET CHARACTER_SET_NO_SYMBOLS EXTENSIONS PASSWORD_STORE_KEY + export PASSWORD_STORE_ENABLE_EXTENSIONS PASSWORD_STORE_SIGNING_KEY +-- +2.25.0 + diff --git a/pkgs/tools/security/pass/extensions/audit/default.nix b/pkgs/tools/security/pass/extensions/audit/default.nix new file mode 100644 index 000000000000..bae6b9bbafdf --- /dev/null +++ b/pkgs/tools/security/pass/extensions/audit/default.nix @@ -0,0 +1,51 @@ +{ stdenv, pass, fetchFromGitHub, pythonPackages, makeWrapper, gnupg }: + +let + pythonEnv = pythonPackages.python.withPackages (p: [ p.requests p.setuptools p.zxcvbn ]); + +in stdenv.mkDerivation rec { + pname = "pass-audit"; + version = "1.0.1"; + + src = fetchFromGitHub { + owner = "roddhjav"; + repo = "pass-audit"; + rev = "v${version}"; + sha256 = "1mdckw0dwcnv8smp1za96y0zmdnykbkw2606v7mzfnzbz4zjdlwl"; + }; + + patches = [ + ./0001-Make-it-possible-to-run-the-tests-offline.patch + ./0002-Fix-audit.bash-setup.patch + ]; + + postPatch = '' + substituteInPlace audit.bash \ + --replace '/usr/bin/env python3' "${pythonEnv}/bin/python3" + ''; + + outputs = [ "out" "man" ]; + + buildInputs = [ pythonEnv ]; + nativeBuildInputs = [ makeWrapper ]; + + doCheck = true; + checkInputs = [ pythonPackages.green pass gnupg ]; + checkPhase = '' + ${pythonEnv}/bin/python3 setup.py green -q + ''; + + installFlags = [ "DESTDIR=${placeholder "out"}" "PREFIX=" ]; + postInstall = '' + wrapProgram $out/lib/password-store/extensions/audit.bash \ + --prefix PYTHONPATH : "$out/lib/${pythonEnv.libPrefix}/site-packages" + ''; + + meta = with stdenv.lib; { + description = "Pass extension for auditing your password repository."; + homepage = https://github.com/roddhjav/pass-audit; + license = licenses.gpl3Plus; + platforms = platforms.unix; + maintainers = with maintainers; [ ma27 ]; + }; +} diff --git a/pkgs/tools/security/pass/extensions/default.nix b/pkgs/tools/security/pass/extensions/default.nix index 6eb321229e00..1f41a6924821 100644 --- a/pkgs/tools/security/pass/extensions/default.nix +++ b/pkgs/tools/security/pass/extensions/default.nix @@ -3,7 +3,7 @@ with pkgs; { - pass-audit = callPackage ./audit.nix { + pass-audit = callPackage ./audit { pythonPackages = python3Packages; }; pass-checkup = callPackage ./checkup.nix {}; diff --git a/pkgs/tools/security/pass/extensions/update.nix b/pkgs/tools/security/pass/extensions/update.nix index b712557ab3eb..86563b7ff42d 100644 --- a/pkgs/tools/security/pass/extensions/update.nix +++ b/pkgs/tools/security/pass/extensions/update.nix @@ -2,15 +2,20 @@ stdenv.mkDerivation rec { pname = "pass-update"; - version = "2.0"; + version = "2.1"; src = fetchFromGitHub { owner = "roddhjav"; repo = "pass-update"; rev = "v${version}"; - sha256 = "0a81q0jfni185zmbislzbcv0qr1rdp0cgr9wf9riygis2xv6rs6k"; + sha256 = "0yx8w97jcp6lv7ad5jxqnj04csbrn2hhc4pskssxknw2sbvg4g6c"; }; + postPatch = '' + substituteInPlace Makefile \ + --replace "BASHCOMPDIR ?= /etc/bash_completion.d" "BASHCOMPDIR ?= $out/etc/bash_completion.d" + ''; + dontBuild = true; installFlags = [ "PREFIX=$(out)" ]; diff --git a/pkgs/tools/security/pcsclite/default.nix b/pkgs/tools/security/pcsclite/default.nix index 263c308fc3d6..2141f12151fa 100644 --- a/pkgs/tools/security/pcsclite/default.nix +++ b/pkgs/tools/security/pcsclite/default.nix @@ -3,13 +3,13 @@ stdenv.mkDerivation rec { pname = "pcsclite"; - version = "1.8.25"; + version = "1.8.26"; outputs = [ "bin" "out" "dev" "doc" "man" ]; src = fetchurl { url = "https://pcsclite.apdu.fr/files/pcsc-lite-${version}.tar.bz2"; - sha256 = "14l7irs1nsh8b036ag4cfy8wryyysch78scz5dw6xxqwqgnpjvfp"; + sha256 = "1ndvvz0fgqwz70pijymsxmx25mzryb0zav1i8jjc067ndryvxdry"; }; patches = [ ./no-dropdir-literals.patch ]; diff --git a/pkgs/tools/security/pcsctools/default.nix b/pkgs/tools/security/pcsctools/default.nix index fa53b91a02f1..c9c677e64c02 100644 --- a/pkgs/tools/security/pcsctools/default.nix +++ b/pkgs/tools/security/pcsctools/default.nix @@ -5,11 +5,11 @@ let deps = lib.makeBinPath [ wget coreutils ]; in stdenv.mkDerivation rec { - name = "pcsc-tools-1.5.5"; + name = "pcsc-tools-1.5.6"; src = fetchurl { url = "http://ludovic.rousseau.free.fr/softwares/pcsc-tools/${name}.tar.bz2"; - sha256 = "01251m8hf7by8rw8fayhjxmcqvi6dp150680fpf89bqycha2vgqv"; + sha256 = "1a2zd06c6s4sqlpm5801gj41gh5g62jb8srd7vhlcm70hg3l3nsy"; }; buildInputs = [ udev dbus perlPackages.perl pcsclite ]; @@ -29,7 +29,7 @@ in stdenv.mkDerivation rec { meta = with lib; { description = "Tools used to test a PC/SC driver, card or reader"; - homepage = http://ludovic.rousseau.free.fr/softwares/pcsc-tools/; + homepage = "http://ludovic.rousseau.free.fr/softwares/pcsc-tools/"; license = licenses.gpl2Plus; maintainers = with maintainers; [ ]; platforms = platforms.linux; diff --git a/pkgs/tools/security/qdigidoc/default.nix b/pkgs/tools/security/qdigidoc/default.nix index 7fc6ed209663..fcbc166689e3 100644 --- a/pkgs/tools/security/qdigidoc/default.nix +++ b/pkgs/tools/security/qdigidoc/default.nix @@ -1,14 +1,14 @@ -{ stdenv, fetchgit, fetchurl, cmake, darkhttpd, gettext, makeWrapper, pkgconfig +{ stdenv, mkDerivation, fetchgit, fetchurl, cmake, darkhttpd, gettext, makeWrapper, pkgconfig , libdigidocpp, opensc, openldap, openssl, pcsclite, qtbase, qttranslations, qtsvg }: -stdenv.mkDerivation rec { +mkDerivation rec { pname = "qdigidoc"; - version = "4.1.0"; + version = "4.2.3"; src = fetchgit { url = "https://github.com/open-eid/DigiDoc4-Client"; rev = "v${version}"; - sha256 = "1iry36h3pfnw2gqjnfhv53i2svybxj8jf18qh486djyai84hjr4d"; + sha256 = "1hj49vvg8vrayr9kpz73fafa7k298hmiamkyd8c3ipy6s51xh6q4"; fetchSubmodules = true; }; @@ -42,9 +42,9 @@ stdenv.mkDerivation rec { meta = with stdenv.lib; { description = "Qt-based UI for signing and verifying DigiDoc documents"; - homepage = https://www.id.ee/; + homepage = "https://www.id.ee/"; license = licenses.lgpl21Plus; platforms = platforms.linux; - maintainers = with maintainers; [ yegortimoshenko ]; + maintainers = with maintainers; [ yegortimoshenko mmahut ]; }; } diff --git a/pkgs/tools/security/qesteidutil/default.nix b/pkgs/tools/security/qesteidutil/default.nix deleted file mode 100644 index fac855f232a6..000000000000 --- a/pkgs/tools/security/qesteidutil/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ stdenv, fetchFromGitHub -, cmake, ccid, qttools, qttranslations -, pkgconfig, pcsclite, hicolor-icon-theme -}: - -stdenv.mkDerivation { - version = "2018-08-21"; - pname = "qesteidutil"; - - src = fetchFromGitHub { - owner = "open-eid"; - repo = "qesteidutil"; - # TODO: Switch back to this after next release. - #rev = "v${version}"; - rev = "3bb65ef345aaa0d589b37a5d0d6f5772e95b0cd7"; - sha256 = "13xsw5gh4svp9a5nxcqv72mymivr7w1cyjbv2l6yf96m45bsd9x4"; - fetchSubmodules = true; - }; - - nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ cmake ccid qttools pcsclite qttranslations - hicolor-icon-theme - ]; - - meta = with stdenv.lib; { - description = "UI application for managing smart card PIN/PUK codes and certificates"; - homepage = http://www.id.ee/; - license = licenses.lgpl2; - platforms = platforms.linux; - maintainers = with maintainers; [ jagajaga domenkozar ]; - }; -} diff --git a/pkgs/tools/security/rage/default.nix b/pkgs/tools/security/rage/default.nix index 63cc2972a58d..cdba2f2beb01 100644 --- a/pkgs/tools/security/rage/default.nix +++ b/pkgs/tools/security/rage/default.nix @@ -2,22 +2,23 @@ rustPlatform.buildRustPackage rec { pname = "rage"; - version = "0.2.0"; + version = "0.4.0"; src = fetchFromGitHub { owner = "str4d"; repo = pname; rev = "v${version}"; - sha256 = "0ri4rfhy1wl0cppi2cp97kkiz08x2f072yfahn2kv9r4v1i9f4a7"; + sha256 = "1wwndzy4xxbar9r67z8g7pp0s1xsxk5xaarh4h6hc0kh411zglrq"; }; - cargoSha256 = "02adwvcvha83zcvc5n7p88l7wmkg52j2xhznmhabc0zn328as2yd"; + cargoSha256 = "08njl8irkqkfxj54pz4sx3l9aqb40h10wxb82zza52pqd4zapgn6"; buildInputs = stdenv.lib.optionals stdenv.isDarwin [ Security ]; meta = with stdenv.lib; { description = "A simple, secure and modern encryption tool with small explicit keys, no config options, and UNIX-style composability"; homepage = "https://github.com/str4d/rage"; + changelog = "https://github.com/str4d/rage/releases/tag/v${version}"; license = licenses.asl20; maintainers = [ maintainers.marsam ]; }; diff --git a/pkgs/tools/security/ripasso/cursive.nix b/pkgs/tools/security/ripasso/cursive.nix index b273b882daf0..c8a55d3f397f 100644 --- a/pkgs/tools/security/ripasso/cursive.nix +++ b/pkgs/tools/security/ripasso/cursive.nix @@ -2,23 +2,23 @@ with rustPlatform; buildRustPackage rec { - version = "0.3.0"; + version = "0.4.0"; pname = "ripasso-cursive"; src = fetchFromGitHub { owner = "cortex"; repo = "ripasso"; rev = "release-${version}"; - sha256 = "1rkb23i9gcfmifcl31s8w86k7aza6nxrh3w33fvhv1ins1gxxk7w"; + sha256 = "164da20j727p8l7hh37j2r8pai9sj402nhswvg0nrlgj53nr6083"; }; - cargoSha256 = "1p0bsl4h2w257vfjbpqiga693gaslfq34g30dghpqb5n4kl416zp"; + cargoSha256 = "1wpn67v0xmxhn1dgzhh1pwz1yc3cizmfxhpb7qv9b27ynx4486ji"; cargoBuildFlags = [ "-p ripasso-cursive -p ripasso-man" ]; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkgconfig gpgme python3 ]; buildInputs = [ - ncurses python3 openssl libgpgerror gpgme xorg.libxcb + ncurses openssl libgpgerror gpgme xorg.libxcb ] ++ stdenv.lib.optionals stdenv.isDarwin [ AppKit Security ]; preFixup = '' diff --git a/pkgs/tools/security/safe/default.nix b/pkgs/tools/security/safe/default.nix new file mode 100644 index 000000000000..43d791e19dbe --- /dev/null +++ b/pkgs/tools/security/safe/default.nix @@ -0,0 +1,31 @@ +{ stdenv +, buildGoPackage +, fetchFromGitHub +}: + +with builtins; + +buildGoPackage rec { + pname = "safe"; + version = "1.5.1"; + + src = fetchFromGitHub { + owner = "starkandwayne"; + repo = "safe"; + rev = "v${version}"; + sha256 = "12gzxrnyl890h79z9yx23m1wwgy8ahm74q4qwi8n2nh7ydq6mn2d"; + }; + + goPackagePath = "github.com/starkandwayne/safe"; + + preBuild = '' + buildFlagsArray+=("-ldflags" "-X main.Version=${version}") + ''; + + meta = with stdenv.lib; { + description = "A Vault CLI"; + homepage = "https://github.com/starkandwayne/safe"; + license = licenses.mit; + maintainers = with maintainers; [ eonpatapon ]; + }; +} diff --git a/pkgs/tools/security/saml2aws/default.nix b/pkgs/tools/security/saml2aws/default.nix index 888d3bb4018a..4373abdb9a4b 100644 --- a/pkgs/tools/security/saml2aws/default.nix +++ b/pkgs/tools/security/saml2aws/default.nix @@ -1,27 +1,27 @@ -{ stdenv, buildGoPackage, fetchFromGitHub }: +{ stdenv, buildGoModule, fetchFromGitHub }: -buildGoPackage rec { - name = "saml2aws-${version}"; +buildGoModule rec { pname = "saml2aws"; - version = "2.15.0"; - - goPackagePath = "github.com/versent/saml2aws"; - goDeps = ./deps.nix; - - buildFlagsArray = '' - -ldflags=-X main.Version=${version} - ''; + version = "2.25.0"; src = fetchFromGitHub { - rev = "v${version}"; owner = "Versent"; repo = "saml2aws"; - sha256 = "0pn4zdzisgan7vvgi7hp8716wsb2x33gq55c7fw1aa2qwy0bq3gp"; + rev = "v${version}"; + sha256 = "12aidylamrq4rvy2cfdz669lr1p20yqrshigcc5x1hrlhh9y64xc"; }; + modSha256 = "1kcj5065yy52p1jy4fad5lsz3y4spqc40k1qsirm53qqixhrhvag"; + + subPackages = [ "." "cmd/saml2aws" ]; + + buildFlagsArray = '' + -ldflags=-X main.Version=${version} + ''; + meta = with stdenv.lib; { description = "CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP"; - homepage = https://github.com/Versent/saml2aws; + homepage = "https://github.com/Versent/saml2aws"; license = licenses.mit; platforms = stdenv.lib.platforms.unix; maintainers = [ stdenv.lib.maintainers.pmyjavec ]; diff --git a/pkgs/tools/security/saml2aws/deps.nix b/pkgs/tools/security/saml2aws/deps.nix deleted file mode 100644 index 08a26db91b10..000000000000 --- a/pkgs/tools/security/saml2aws/deps.nix +++ /dev/null @@ -1,372 +0,0 @@ -# file generated from Gopkg.lock using dep2nix (https://github.com/nixcloud/dep2nix) -[ - { - goPackagePath = "github.com/99designs/keyring"; - fetch = { - type = "git"; - url = "https://github.com/99designs/keyring"; - rev = "82da6802f65f1ac7963cfc3b7c62ae12dab8ee5d"; - sha256 = "105ddy9vkjr6cmcm85qnxxlnsmkx2svm6bd80rzr9n6zyc5hhk7b"; - }; - } - { - goPackagePath = "github.com/AlecAivazis/survey"; - fetch = { - type = "git"; - url = "https://github.com/AlecAivazis/survey"; - rev = "e752db451e07e09c7d7dc8cada807a44bdb0fd47"; - sha256 = "00fhmsaymrf86pg246cqxvfrivgfkyg3i0aixsp3sn15hg3i0vlq"; - }; - } - { - goPackagePath = "github.com/Azure/go-ntlmssp"; - fetch = { - type = "git"; - url = "https://github.com/Azure/go-ntlmssp"; - rev = "4b934ac9dad38d389d34f0b98d98b2467c422012"; - sha256 = "0pwrax8mih2jgsdifag0346vh0vivgyz45jc4kjy6dhp3qhsy34z"; - }; - } - { - goPackagePath = "github.com/PuerkitoBio/goquery"; - fetch = { - type = "git"; - url = "https://github.com/PuerkitoBio/goquery"; - rev = "dc2ec5c7ca4d9aae063b79b9f581dd3ea6afd2b2"; - sha256 = "11010z9ask21r0dskvm2pbh3z8951bnpcqg8aqa213if4h34gaa2"; - }; - } - { - goPackagePath = "github.com/alecthomas/kingpin"; - fetch = { - type = "git"; - url = "https://github.com/alecthomas/kingpin"; - rev = "947dcec5ba9c011838740e680966fd7087a71d0d"; - sha256 = "0mndnv3hdngr3bxp7yxfd47cas4prv98sqw534mx7vp38gd88n5r"; - }; - } - { - goPackagePath = "github.com/alecthomas/template"; - fetch = { - type = "git"; - url = "https://github.com/alecthomas/template"; - rev = "a0175ee3bccc567396460bf5acd36800cb10c49c"; - sha256 = "0qjgvvh26vk1cyfq9fadyhfgdj36f1iapbmr5xp6zqipldz8ffxj"; - }; - } - { - goPackagePath = "github.com/alecthomas/units"; - fetch = { - type = "git"; - url = "https://github.com/alecthomas/units"; - rev = "2efee857e7cfd4f3d0138cc3cbb1b4966962b93a"; - sha256 = "1j65b91qb9sbrml9cpabfrcf07wmgzzghrl7809hjjhrmbzri5bl"; - }; - } - { - goPackagePath = "github.com/andybalholm/cascadia"; - fetch = { - type = "git"; - url = "https://github.com/andybalholm/cascadia"; - rev = "901648c87902174f774fac311d7f176f8647bdaa"; - sha256 = "09j8cavbhqqdxjqrkwbc40g8p0i49zf3184rpjm5p2rjbprcghcc"; - }; - } - { - goPackagePath = "github.com/aulanov/go.dbus"; - fetch = { - type = "git"; - url = "https://github.com/aulanov/go.dbus"; - rev = "25c3068a42a0b50b877953fb249dbcffc6bd1bca"; - sha256 = "0jh4jyxqhsl1rkzabhln7chw1jkzhqw2nn0mw79cmn8fyafi0rgn"; - }; - } - { - goPackagePath = "github.com/aws/aws-sdk-go"; - fetch = { - type = "git"; - url = "https://github.com/aws/aws-sdk-go"; - rev = "bfc1a07cf158c30c41a3eefba8aae043d0bb5bff"; - sha256 = "0vfpygjhdikmsqn9dgmp965ji5q790gcz9mg49mcpipc9n2lzx0d"; - }; - } - { - goPackagePath = "github.com/beevik/etree"; - fetch = { - type = "git"; - url = "https://github.com/beevik/etree"; - rev = "9d7e8feddccb4ed1b8afb54e368bd323d2ff652c"; - sha256 = "0f3lj7azxd5qq29hqd32211ds7n56i3rgmfll6c1f4css1f3srxg"; - }; - } - { - goPackagePath = "github.com/briandowns/spinner"; - fetch = { - type = "git"; - url = "https://github.com/briandowns/spinner"; - rev = "48dbb65d7bd5c74ab50d53d04c949f20e3d14944"; - sha256 = "1178kn72agihs13ffgm2sz5ad61pqwdmkrh8rhggzbaagch9mc75"; - }; - } - { - goPackagePath = "github.com/danieljoos/wincred"; - fetch = { - type = "git"; - url = "https://github.com/danieljoos/wincred"; - rev = "412b574fb496839b312a75fba146bd32a89001cf"; - sha256 = "1bb1928nnikx5036aw4152p55g8xgwx42rv0n2i5zydh1031f50m"; - }; - } - { - goPackagePath = "github.com/davecgh/go-spew"; - fetch = { - type = "git"; - url = "https://github.com/davecgh/go-spew"; - rev = "346938d642f2ec3594ed81d874461961cd0faa76"; - sha256 = "0d4jfmak5p6lb7n2r6yvf5p1zcw0l8j74kn55ghvr7zr7b7axm6c"; - }; - } - { - goPackagePath = "github.com/dvsekhvalnov/jose2go"; - fetch = { - type = "git"; - url = "https://github.com/dvsekhvalnov/jose2go"; - rev = "f21a8cedbbae609f623613ec8f81125c243212e6"; - sha256 = "1nzwvk6nqi7nm2wq4mr2q6k5p0qzsl0kmwx7kgkqsg1zh53250ld"; - }; - } - { - goPackagePath = "github.com/fatih/color"; - fetch = { - type = "git"; - url = "https://github.com/fatih/color"; - rev = "5b77d2a35fb0ede96d138fc9a99f5c9b6aef11b4"; - sha256 = "0v8msvg38r8d1iiq2i5r4xyfx0invhc941kjrsg5gzwvagv55inv"; - }; - } - { - goPackagePath = "github.com/go-ini/ini"; - fetch = { - type = "git"; - url = "https://github.com/go-ini/ini"; - rev = "06f5f3d67269ccec1fe5fe4134ba6e982984f7f5"; - sha256 = "0fx123601aiqqn0yr9vj6qp1bh8gp240w4qdm76irs73q8dxlk7a"; - }; - } - { - goPackagePath = "github.com/godbus/dbus"; - fetch = { - type = "git"; - url = "https://github.com/godbus/dbus"; - rev = "2ff6f7ffd60f0f2410b3105864bdd12c7894f844"; - sha256 = "1c107893nbdfc297i9y0smljmqs167mw26i24509qd09dmvr998y"; - }; - } - { - goPackagePath = "github.com/gsterjov/go-libsecret"; - fetch = { - type = "git"; - url = "https://github.com/gsterjov/go-libsecret"; - rev = "a6f4afe4910cad8688db3e0e9b9ac92ad22d54e1"; - sha256 = "09zaiadnll83vs22ib89agg7anj0blw5fywvmckxllsgif6ak6v7"; - }; - } - { - goPackagePath = "github.com/headzoo/surf"; - fetch = { - type = "git"; - url = "https://github.com/headzoo/surf"; - rev = "a4a8c16c01dc47ef3a25326d21745806f3e6797a"; - sha256 = "1dzcp0wdh3qmm5s5hixk9vj2s2kcvkpbhjdwz7kh2crvnavdgwh6"; - }; - } - { - goPackagePath = "github.com/jmespath/go-jmespath"; - fetch = { - type = "git"; - url = "https://github.com/jmespath/go-jmespath"; - rev = "0b12d6b5"; - sha256 = "1vv6hph8j6xgv7gwl9vvhlsaaqsm22sxxqmgmldi4v11783pc1ld"; - }; - } - { - goPackagePath = "github.com/keybase/go-keychain"; - fetch = { - type = "git"; - url = "https://github.com/keybase/go-keychain"; - rev = "f1daa725cce4049b1715f1e97d6a51880e401e70"; - sha256 = "0wk2zc5f5i5mhdkbyzd60wzc64vybds6kxlmwc41k8mx6d1hxdm6"; - }; - } - { - goPackagePath = "github.com/mattn/go-colorable"; - fetch = { - type = "git"; - url = "https://github.com/mattn/go-colorable"; - rev = "167de6bfdfba052fa6b2d3664c8f5272e23c9072"; - sha256 = "1nwjmsppsjicr7anq8na6md7b1z84l9ppnlr045hhxjvbkqwalvx"; - }; - } - { - goPackagePath = "github.com/mattn/go-isatty"; - fetch = { - type = "git"; - url = "https://github.com/mattn/go-isatty"; - rev = "0360b2af4f38e8d38c7fce2a9f4e702702d73a39"; - sha256 = "06w45aqz2a6yrk25axbly2k5wmsccv8cspb94bfmz4izvw8h927n"; - }; - } - { - goPackagePath = "github.com/mgutz/ansi"; - fetch = { - type = "git"; - url = "https://github.com/mgutz/ansi"; - rev = "9520e82c474b0a04dd04f8a40959027271bab992"; - sha256 = "00bz22314j26736w1f0q4jy9d9dfaml17vn890n5zqy3cmvmww1j"; - }; - } - { - goPackagePath = "github.com/mitchellh/go-homedir"; - fetch = { - type = "git"; - url = "https://github.com/mitchellh/go-homedir"; - rev = "3864e76763d94a6df2f9960b16a20a33da9f9a66"; - sha256 = "1n8vya16l60i5jms43yb8fzdgwvqa2q926p5wkg3lbrk8pxy1nv0"; - }; - } - { - goPackagePath = "github.com/pkg/errors"; - fetch = { - type = "git"; - url = "https://github.com/pkg/errors"; - rev = "645ef00459ed84a119197bfb8d8205042c6df63d"; - sha256 = "001i6n71ghp2l6kdl3qq1v2vmghcz3kicv9a5wgcihrzigm75pp5"; - }; - } - { - goPackagePath = "github.com/pmezard/go-difflib"; - fetch = { - type = "git"; - url = "https://github.com/pmezard/go-difflib"; - rev = "792786c7400a136282c1664665ae0a8db921c6c2"; - sha256 = "0c1cn55m4rypmscgf0rrb88pn58j3ysvc2d0432dp3c6fqg6cnzw"; - }; - } - { - goPackagePath = "github.com/robertkrimen/otto"; - fetch = { - type = "git"; - url = "https://github.com/robertkrimen/otto"; - rev = "15f95af6e78dcd2030d8195a138bd88d4f403546"; - sha256 = "07j7l340lmqwpfscwyb8llk3k37flvs20a4a8vzc85f16xyd9npf"; - }; - } - { - goPackagePath = "github.com/sirupsen/logrus"; - fetch = { - type = "git"; - url = "https://github.com/sirupsen/logrus"; - rev = "c155da19408a8799da419ed3eeb0cb5db0ad5dbc"; - sha256 = "0g5z7al7kky11ai2dhac6gkp3b5pxsvx72yj3xg4wg3265gbn7yz"; - }; - } - { - goPackagePath = "github.com/stretchr/objx"; - fetch = { - type = "git"; - url = "https://github.com/stretchr/objx"; - rev = "477a77ecc69700c7cdeb1fa9e129548e1c1c393c"; - sha256 = "0iph0qmpyqg4kwv8jsx6a56a7hhqq8swrazv40ycxk9rzr0s8yls"; - }; - } - { - goPackagePath = "github.com/stretchr/testify"; - fetch = { - type = "git"; - url = "https://github.com/stretchr/testify"; - rev = "f35b8ab0b5a2cef36673838d662e249dd9c94686"; - sha256 = "0dlszlshlxbmmfxj5hlwgv3r22x0y1af45gn1vd198nvvs3pnvfs"; - }; - } - { - goPackagePath = "github.com/tidwall/gjson"; - fetch = { - type = "git"; - url = "https://github.com/tidwall/gjson"; - rev = "afaeb9562041a8018c74e006551143666aed08bf"; - sha256 = "1hysk947mrlpaqjq7mab0nnm190fwvfdifaa2cq3sbwfrzx6h1c8"; - }; - } - { - goPackagePath = "github.com/tidwall/match"; - fetch = { - type = "git"; - url = "https://github.com/tidwall/match"; - rev = "1731857f09b1f38450e2c12409748407822dc6be"; - sha256 = "14nv96h0mjki5q685qx8y331h4yga6hlfh3z9nz6acvnv284q578"; - }; - } - { - goPackagePath = "golang.org/x/crypto"; - fetch = { - type = "git"; - url = "https://go.googlesource.com/crypto"; - rev = "a8fb68e7206f8c78be19b432c58eb52a6aa34462"; - sha256 = "1svphap40hy5srcqnb0l207r6wfm9hf0f3fcaq124qp4m91s6vlf"; - }; - } - { - goPackagePath = "golang.org/x/net"; - fetch = { - type = "git"; - url = "https://go.googlesource.com/net"; - rev = "db08ff08e8622530d9ed3a0e8ac279f6d4c02196"; - sha256 = "1f6q8kbijnrfy6wjqxrzgjf38ippckc5w34lhqsjs7kq045aar9a"; - }; - } - { - goPackagePath = "golang.org/x/sys"; - fetch = { - type = "git"; - url = "https://go.googlesource.com/sys"; - rev = "8014b7b116a67fea23fbb82cd834c9ad656ea44b"; - sha256 = "1ld5nr0zqjgkny7d5biix9hbnxnlzxxa5nspnal2q2c7wnai8apa"; - }; - } - { - goPackagePath = "golang.org/x/text"; - fetch = { - type = "git"; - url = "https://go.googlesource.com/text"; - rev = "f21a4dfb5e38f5895301dc265a8def02365cc3d0"; - sha256 = "0r6x6zjzhr8ksqlpiwm5gdd7s209kwk5p4lw54xjvz10cs3qlq19"; - }; - } - { - goPackagePath = "gopkg.in/AlecAivazis/survey.v1"; - fetch = { - type = "git"; - url = "https://github.com/AlecAivazis/survey"; - rev = "e752db451e07e09c7d7dc8cada807a44bdb0fd47"; - sha256 = "00fhmsaymrf86pg246cqxvfrivgfkyg3i0aixsp3sn15hg3i0vlq"; - }; - } - { - goPackagePath = "gopkg.in/ini.v1"; - fetch = { - type = "git"; - url = "https://github.com/go-ini/ini"; - rev = "06f5f3d67269ccec1fe5fe4134ba6e982984f7f5"; - sha256 = "0fx123601aiqqn0yr9vj6qp1bh8gp240w4qdm76irs73q8dxlk7a"; - }; - } - { - goPackagePath = "gopkg.in/sourcemap.v1"; - fetch = { - type = "git"; - url = "https://github.com/go-sourcemap/sourcemap"; - rev = "6e83acea0053641eff084973fee085f0c193c61a"; - sha256 = "08rf2dl13hbnm3fq2cm0nnsspy9fhf922ln23cz5463cv7h62as4"; - }; - } -] \ No newline at end of file diff --git a/pkgs/tools/security/sequoia/default.nix b/pkgs/tools/security/sequoia/default.nix index 21403225aad2..d1a24f49d802 100644 --- a/pkgs/tools/security/sequoia/default.nix +++ b/pkgs/tools/security/sequoia/default.nix @@ -9,16 +9,16 @@ assert pythonSupport -> pythonPackages != null; rustPlatform.buildRustPackage rec { pname = "sequoia"; - version = "0.11.0"; + version = "0.15.0"; src = fetchFromGitLab { owner = "sequoia-pgp"; repo = pname; rev = "v${version}"; - sha256 = "1k0pr3vn77fpfzyvbg7xb4jwm6srsiws9bsd8q7i3hl6j56a880i"; + sha256 = "1l6isis0ddb0b306z3cv2f5qz2bhw5pmf42shnrxzg7778dnmwhw"; }; - cargoSha256 = "15bhg7b88rq8p0bn6y5wwv2l42kqb1qyx2s3kw0r0v0wadf823q3"; + cargoSha256 = "0cfi42wx93yc9yib9lpxl6ph991ra39yfhw1lr16z2qzzbzj2b1j"; nativeBuildInputs = [ pkgconfig @@ -28,6 +28,7 @@ rustPlatform.buildRustPackage rec { llvmPackages.libclang llvmPackages.clang ensureNewerSourcesForZipFilesHook + capnproto ] ++ lib.optionals pythonSupport [ pythonPackages.setuptools ] ; @@ -41,9 +42,7 @@ rustPlatform.buildRustPackage rec { openssl sqlite nettle - capnproto - ] - ++ lib.optionals pythonSupport [ pythonPackages.python pythonPackages.cffi ] + ] ++ lib.optionals pythonSupport [ pythonPackages.python pythonPackages.cffi ] ++ lib.optionals stdenv.isDarwin [ darwin.apple_sdk.frameworks.Security ] ; diff --git a/pkgs/tools/security/sudo/default.nix b/pkgs/tools/security/sudo/default.nix index 71a71be9147e..842509888b41 100644 --- a/pkgs/tools/security/sudo/default.nix +++ b/pkgs/tools/security/sudo/default.nix @@ -6,11 +6,11 @@ stdenv.mkDerivation rec { pname = "sudo"; - version = "1.8.30"; + version = "1.8.31"; src = fetchurl { url = "ftp://ftp.sudo.ws/pub/sudo/${pname}-${version}.tar.gz"; - sha256 = "1rvrqlqrrjsd06dczgj9cwjdkpkqil5zzlwh87h06ms6qzfx6nm3"; + sha256 = "0ks5mm9hda5idivncyfpiz4lrd8fv0dpmsl711788k7f7ixdka3y"; }; prePatch = '' diff --git a/pkgs/tools/security/tor/default.nix b/pkgs/tools/security/tor/default.nix index 819b96889246..0ef45bd5337e 100644 --- a/pkgs/tools/security/tor/default.nix +++ b/pkgs/tools/security/tor/default.nix @@ -15,11 +15,11 @@ stdenv.mkDerivation rec { pname = "tor"; - version = "0.4.2.5"; + version = "0.4.2.7"; src = fetchurl { url = "https://dist.torproject.org/${pname}-${version}.tar.gz"; - sha256 = "1hnqg6psf7shcmlvfk44mkpaz7v66mify3cnx7mzl23q5s37anad"; + sha256 = "0v82ngwwmmcb7i9563bgsmrjy6xp83xyhqhaljygd0pkvlsxi886"; }; outputs = [ "out" "geoip" ]; @@ -28,6 +28,8 @@ stdenv.mkDerivation rec { buildInputs = [ libevent openssl zlib lzma zstd scrypt ] ++ stdenv.lib.optionals stdenv.isLinux [ libseccomp systemd libcap ]; + patches = [ ./disable-monotonic-timer-tests.patch ]; + NIX_CFLAGS_LINK = stdenv.lib.optionalString stdenv.cc.isGNU "-lgcc_s"; postPatch = '' @@ -39,7 +41,6 @@ stdenv.mkDerivation rec { ''; enableParallelBuilding = true; - enableParallelChecking = false; # 4 tests fail randomly doCheck = true; @@ -65,7 +66,7 @@ stdenv.mkDerivation rec { }; meta = with stdenv.lib; { - homepage = https://www.torproject.org/; + homepage = "https://www.torproject.org/"; repositories.git = https://git.torproject.org/git/tor; description = "Anonymizing overlay network"; diff --git a/pkgs/tools/security/tor/disable-monotonic-timer-tests.patch b/pkgs/tools/security/tor/disable-monotonic-timer-tests.patch new file mode 100644 index 000000000000..a95a373bbb64 --- /dev/null +++ b/pkgs/tools/security/tor/disable-monotonic-timer-tests.patch @@ -0,0 +1,26 @@ +diff --git a/src/test/test_util.c b/src/test/test_util.c +index 0d86a5ab5..e93c6ba89 100644 +--- a/src/test/test_util.c ++++ b/src/test/test_util.c +@@ -5829,13 +5829,9 @@ test_util_monotonic_time(void *arg) + /* We need to be a little careful here since we don't know the system load. + */ + tt_i64_op(monotime_diff_msec(&mt1, &mt2), OP_GE, 175); +- tt_i64_op(monotime_diff_msec(&mt1, &mt2), OP_LT, 1000); + tt_i64_op(monotime_coarse_diff_msec(&mtc1, &mtc2), OP_GE, 125); +- tt_i64_op(monotime_coarse_diff_msec(&mtc1, &mtc2), OP_LT, 1000); + tt_u64_op(nsec2-nsec1, OP_GE, 175000000); +- tt_u64_op(nsec2-nsec1, OP_LT, 1000000000); + tt_u64_op(nsecc2-nsecc1, OP_GE, 125000000); +- tt_u64_op(nsecc2-nsecc1, OP_LT, 1000000000); + + tt_u64_op(msec1, OP_GE, nsec1 / 1000000); + tt_u64_op(usec1, OP_GE, nsec1 / 1000); +@@ -5849,7 +5845,6 @@ test_util_monotonic_time(void *arg) + uint64_t coarse_stamp_diff = + monotime_coarse_stamp_units_to_approx_msec(stamp2-stamp1); + tt_u64_op(coarse_stamp_diff, OP_GE, 120); +- tt_u64_op(coarse_stamp_diff, OP_LE, 1200); + + { + uint64_t units = monotime_msec_to_approx_coarse_stamp_units(5000); diff --git a/pkgs/tools/security/tpm2-tools/default.nix b/pkgs/tools/security/tpm2-tools/default.nix index b7c2141b0f7c..9600326cd557 100644 --- a/pkgs/tools/security/tpm2-tools/default.nix +++ b/pkgs/tools/security/tpm2-tools/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { pname = "tpm2-tools"; - version = "4.1"; + version = "4.1.1"; src = fetchurl { url = "https://github.com/tpm2-software/${pname}/releases/download/${version}/${pname}-${version}.tar.gz"; - sha256 = "1wnw4i2m6dkafqjjma8mxw9419py2v1knhn3zf1gaizdabskgkh7"; + sha256 = "1cd74nd57wmms2yrnzs64xki29rf4kx61kd30fyd56wlicyjdfa0"; }; nativeBuildInputs = [ pandoc pkgconfig makeWrapper ]; diff --git a/pkgs/tools/security/vault/default.nix b/pkgs/tools/security/vault/default.nix index 3b209d5c0689..ff4d6f014930 100644 --- a/pkgs/tools/security/vault/default.nix +++ b/pkgs/tools/security/vault/default.nix @@ -2,13 +2,13 @@ buildGoPackage rec { pname = "vault"; - version = "1.3.2"; + version = "1.3.3"; src = fetchFromGitHub { owner = "hashicorp"; repo = "vault"; rev = "v${version}"; - sha256 = "17zymmm1r4yxwazn2qx2l01i7g91rn40h7hzgwf0pr6pwmdxvkzg"; + sha256 = "1scwclkpb7v5pcx1afgjqrfgcp0c1bd9gqvwdmjbpfcyxv1f032d"; }; goPackagePath = "github.com/hashicorp/vault"; @@ -26,7 +26,7 @@ buildGoPackage rec { ''; meta = with stdenv.lib; { - homepage = https://www.vaultproject.io; + homepage = "https://www.vaultproject.io/"; description = "A tool for managing secrets"; platforms = platforms.linux ++ platforms.darwin; license = licenses.mpl20; |