diff options
Diffstat (limited to 'pkgs/tools/security')
31 files changed, 546 insertions, 211 deletions
diff --git a/pkgs/tools/security/afl/libdislocator.nix b/pkgs/tools/security/afl/libdislocator.nix index 47e74573b81f..415fa82f2ec6 100644 --- a/pkgs/tools/security/afl/libdislocator.nix +++ b/pkgs/tools/security/afl/libdislocator.nix @@ -1,7 +1,7 @@ { stdenv, afl}: stdenv.mkDerivation { - version = (builtins.parseDrvName afl.name).version; + version = stdenv.lib.getVersion afl; pname = "libdislocator"; src = afl.src; diff --git a/pkgs/tools/security/bettercap/default.nix b/pkgs/tools/security/bettercap/default.nix index c72bc6d8b9e8..d0cda57e2d06 100644 --- a/pkgs/tools/security/bettercap/default.nix +++ b/pkgs/tools/security/bettercap/default.nix @@ -2,7 +2,7 @@ buildGoPackage rec { pname = "bettercap"; - version = "2.24"; + version = "2.26.1"; goPackagePath = "github.com/bettercap/bettercap"; @@ -10,7 +10,7 @@ buildGoPackage rec { owner = pname; repo = pname; rev = "v${version}"; - sha256 = "1f8bzxbcyf0bpyqj6hz4l8dp5xknnb537xy9y5skcznp03i44h55"; + sha256 = "10qsknyzfpzfpm4gp98jwvw6qmkmx23nw88sbnpl2rlr725l560c"; }; nativeBuildInputs = [ pkgconfig ]; diff --git a/pkgs/tools/security/bettercap/deps.nix b/pkgs/tools/security/bettercap/deps.nix index ef09a821317e..12aeb1918c6e 100644 --- a/pkgs/tools/security/bettercap/deps.nix +++ b/pkgs/tools/security/bettercap/deps.nix @@ -1,336 +1,534 @@ -# file generated from Gopkg.lock using dep2nix (https://github.com/nixcloud/dep2nix) +# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix) [ { - goPackagePath = "github.com/adrianmo/go-nmea"; + goPackagePath = "github.com/BurntSushi/toml"; + fetch = { + type = "git"; + url = "https://github.com/BurntSushi/toml"; + rev = "v0.3.1"; + sha256 = "1fjdwwfzyzllgiwydknf1pwjvy49qxfsczqx5gz3y0izs7as99j6"; + }; + } + { + goPackagePath = "github.com/adrianmo/go-nmea"; fetch = { type = "git"; url = "https://github.com/adrianmo/go-nmea"; - rev = "a32116e4989e2b0e17c057ee378b4d5246add74e"; + rev = "v1.1.0"; sha256 = "167iwpwdwfbyghqfrzdfvfpvsmj92x7qqy6sx6yngdw21wd0m44f"; }; } { - goPackagePath = "github.com/antchfx/jsonquery"; + goPackagePath = "github.com/antchfx/jsonquery"; fetch = { type = "git"; url = "https://github.com/antchfx/jsonquery"; - rev = "a2896be8c82bb2229d1cf26204863180e34b2b31"; - sha256 = "0mh6v21i3v3sxqjln7vph6wx3sm79p99010in9am1wh7k30rrjl5"; + rev = "v1.0.0"; + sha256 = "04xk7ib059xzl1y87ah41q7vzl3xp99mq8nyccx8hlsng1nc0haw"; }; } { - goPackagePath = "github.com/antchfx/xpath"; + goPackagePath = "github.com/antchfx/xpath"; fetch = { type = "git"; url = "https://github.com/antchfx/xpath"; - rev = "ce1d48779e67a1ddfb380995fe532b2e0015919c"; - sha256 = "0brd75mhd5ix7rz1ijhbggyp53v6g8kz9bc2n7g6zwavzxarfj5p"; + rev = "v1.1.0"; + sha256 = "0bgin15841q009yxbyqfqk5b2yk2f4a1mswjkgiqxgarmql0mpsy"; }; } { - goPackagePath = "github.com/bettercap/gatt"; + goPackagePath = "github.com/bettercap/gatt"; fetch = { type = "git"; url = "https://github.com/bettercap/gatt"; - rev = "fac16c0ad797bbccae1fe4acf49761b98f7516e7"; - sha256 = "08pyg4caw7lzb230l3k4rwgvn68zz6kmrlsdapaf3wa216pphyd9"; + rev = "569d3d9372bb"; + sha256 = "0ncg6wd4wkr12l4bs7vyyrd08imyd5y1vdyp7f9shjq9nzv3rzcz"; }; } { - goPackagePath = "github.com/bettercap/nrf24"; + goPackagePath = "github.com/bettercap/nrf24"; fetch = { type = "git"; url = "https://github.com/bettercap/nrf24"; - rev = "aa37e6d0e0eb125cee9ec71ed694db2ad58b509a"; + rev = "aa37e6d0e0eb"; sha256 = "1y6ffcj94hk7slajqw3lqpdxzx6iqpj2i2zpsvggg6kfaa1iklnj"; }; } { - goPackagePath = "github.com/bettercap/readline"; + goPackagePath = "github.com/bettercap/readline"; fetch = { type = "git"; url = "https://github.com/bettercap/readline"; - rev = "62c6fe6193755f722b8b8788aa7357be55a50ff1"; - sha256 = "1qd2qhjps26x4pin2614w732giy89p22b2qww4wg15zz5g2365nk"; + rev = "9cec905dd291"; + sha256 = "1lsnyckg2l78hz4la8dhwvjsyff706khw10nxds5afzl4mrih3vn"; }; } { - goPackagePath = "github.com/bettercap/recording"; + goPackagePath = "github.com/bettercap/recording"; fetch = { type = "git"; url = "https://github.com/bettercap/recording"; - rev = "3ce1dcf032e391eb321311b34cdf31c6fc9523f5"; + rev = "3ce1dcf032e3"; sha256 = "1arh12iz15anyrqr4q496lpd0gx5nf2cwyr5rv17rawqqz8ydg23"; }; } { - goPackagePath = "github.com/chifflier/nfqueue-go"; + goPackagePath = "github.com/chifflier/nfqueue-go"; fetch = { type = "git"; url = "https://github.com/chifflier/nfqueue-go"; - rev = "61ca646babef3bd4dea1deb610bfb0005c0a1298"; + rev = "61ca646babef"; sha256 = "1i1q2xl86f3s9x3j2ffxprwqhcrkh4w23hh4ib7jksxvaq36v33l"; }; } { - goPackagePath = "github.com/dustin/go-humanize"; + goPackagePath = "github.com/chzyer/logex"; + fetch = { + type = "git"; + url = "https://github.com/chzyer/logex"; + rev = "v1.1.10"; + sha256 = "08pbjj3wx9acavlwyr055isa8a5hnmllgdv5k6ra60l5y1brmlq4"; + }; + } + { + goPackagePath = "github.com/chzyer/test"; + fetch = { + type = "git"; + url = "https://github.com/chzyer/test"; + rev = "a1ea475d72b1"; + sha256 = "0rns2aqk22i9xsgyap0pq8wi4cfaxsri4d9q6xxhhyma8jjsnj2k"; + }; + } + { + goPackagePath = "github.com/davecgh/go-spew"; + fetch = { + type = "git"; + url = "https://github.com/davecgh/go-spew"; + rev = "v1.1.1"; + sha256 = "0hka6hmyvp701adzag2g26cxdj47g21x6jz4sc6jjz1mn59d474y"; + }; + } + { + goPackagePath = "github.com/dustin/go-humanize"; fetch = { type = "git"; url = "https://github.com/dustin/go-humanize"; - rev = "9f541cc9db5d55bce703bd99987c9d5cb8eea45e"; + rev = "v1.0.0"; sha256 = "1kqf1kavdyvjk7f8kx62pnm7fbypn9z1vbf8v2qdh3y7z7a0cbl3"; }; } { - goPackagePath = "github.com/elazarl/goproxy"; + goPackagePath = "github.com/elazarl/goproxy"; fetch = { type = "git"; url = "https://github.com/elazarl/goproxy"; - rev = "9d40249d3c2f14d1a9d75e070a738362adeb5a83"; - sha256 = "0hpzna9dvs2ff0bj8baz3sc5gg49vqmb0cbi6p061lmwl09cd00i"; + rev = "473e67f1d7d2"; + sha256 = "1xsrdlcgl088phanm81pskym2ry8z1nizvq3lsq0c7cvzb6mrw4p"; }; } { - goPackagePath = "github.com/evilsocket/islazy"; + goPackagePath = "github.com/evilsocket/islazy"; fetch = { type = "git"; url = "https://github.com/evilsocket/islazy"; - rev = "c5c7a41bb1c20e6df409825ed24af8de5fb7fb70"; + rev = "v1.10.4"; sha256 = "1ayc4di6584yajybh724mcmng069q38j1dpljgi8fhsyhb4sila3"; }; } { - goPackagePath = "github.com/gobwas/glob"; + goPackagePath = "github.com/gobwas/glob"; fetch = { type = "git"; url = "https://github.com/gobwas/glob"; - rev = "e7a84e9525fe90abcda167b604e483cc959ad4aa"; + rev = "e7a84e9525fe"; sha256 = "1v6vjklq06wqddv46ihajahaj1slv0imgaivlxr8bsx59i90js5q"; }; } { - goPackagePath = "github.com/google/go-github"; + goPackagePath = "github.com/google/go-github"; fetch = { type = "git"; url = "https://github.com/google/go-github"; - rev = "e48060a28fac52d0f1cb758bc8b87c07bac4a87d"; - sha256 = "0a15gsqpshcipd4vmm0dzxgi99pfk0c5b60n3czfw2px864mg7x9"; + rev = "v17.0.0"; + sha256 = "1kvw95l77a5n5rgal9n1xjh58zxb3a40ij1j722b1h4z8yg9jhg4"; }; } { - goPackagePath = "github.com/google/go-querystring"; + goPackagePath = "github.com/google/go-querystring"; fetch = { type = "git"; url = "https://github.com/google/go-querystring"; - rev = "44c6ddd0a2342c386950e880b658017258da92fc"; + rev = "v1.0.0"; sha256 = "0xl12bqyvmn4xcnf8p9ksj9rmnr7s40pvppsdmy8n9bzw1db0iwz"; }; } { - goPackagePath = "github.com/google/gopacket"; + goPackagePath = "github.com/google/gopacket"; fetch = { type = "git"; url = "https://github.com/google/gopacket"; - rev = "v1.1.16"; - sha256 = "1vnjgjz52l1bzrhx70qpvmwandf8v13zhiaj3rdljsphdp5cgadi"; + rev = "v1.1.17"; + sha256 = "192af5z18nnafn35gdy4wahlx6ggbhlnxzlm1yvxjxawfwnilidn"; }; } { - goPackagePath = "github.com/google/gousb"; + goPackagePath = "github.com/google/gousb"; fetch = { type = "git"; url = "https://github.com/google/gousb"; - rev = "64d82086770b8b671e1e7f162372dd37f1f5efba"; - sha256 = "1kjgg8cdp8wz9rck4nh48pcia741p7a8w2nikhzxsscn0ld33109"; + rev = "18f4c1d8a750"; + sha256 = "1i7ffkq395x0v1186j9bhfgy67wlq6s840xkyx8wn87w55yd05rh"; }; } { - goPackagePath = "github.com/gorilla/mux"; + goPackagePath = "github.com/google/renameio"; + fetch = { + type = "git"; + url = "https://github.com/google/renameio"; + rev = "v0.1.0"; + sha256 = "1ki2x5a9nrj17sn092d6n4zr29lfg5ydv4xz5cp58z6cw8ip43jx"; + }; + } + { + goPackagePath = "github.com/gorilla/mux"; fetch = { type = "git"; url = "https://github.com/gorilla/mux"; - rev = "c5c6c98bc25355028a63748a498942a6398ccd22"; - sha256 = "0im4da3hqxb6zr8g3m640qz234f5gs0a8hqhcz35mkvfqlv48f62"; + rev = "v1.7.3"; + sha256 = "0vr38zdad3zgg7q7nn24knl8axngj7cgmlwa93m17yhsnlvqi531"; }; } { - goPackagePath = "github.com/gorilla/websocket"; + goPackagePath = "github.com/gorilla/websocket"; fetch = { type = "git"; url = "https://github.com/gorilla/websocket"; - rev = "66b9c49e59c6c48f0ffce28c2d8b8a5678502c6d"; - sha256 = "00i4vb31nsfkzzk7swvx3i75r2d960js3dri1875vypk3v2s0pzk"; + rev = "v1.4.1"; + sha256 = "03n1n0nwz3k9qshmriycqznnnvd3dkzsfwpnfjzzvafjxk9kyapv"; }; } { - goPackagePath = "github.com/hashicorp/mdns"; + goPackagePath = "github.com/hashicorp/mdns"; fetch = { type = "git"; url = "https://github.com/hashicorp/mdns"; - rev = "06dd1a31b32c42d4d6c2cf8dbce70597d1118f54"; + rev = "v1.0.1"; sha256 = "185zpyj1jf1jm7hihg73gqnspr0a359aqwv11v4a6mwd5bkdh19j"; }; } { - goPackagePath = "github.com/inconshreveable/go-vhost"; + goPackagePath = "github.com/inconshreveable/go-vhost"; fetch = { type = "git"; url = "https://github.com/inconshreveable/go-vhost"; - rev = "06d84117953b22058c096b49a429ebd4f3d3d97b"; + rev = "06d84117953b"; sha256 = "0wliilsybm7xf5h685a23rsm8bnlhkr332pkdkhf32q16sr1a9rk"; }; } { - goPackagePath = "github.com/jpillora/go-tld"; + goPackagePath = "github.com/jpillora/go-tld"; fetch = { type = "git"; url = "https://github.com/jpillora/go-tld"; - rev = "f16ca3b7b383d3f0373109cac19147de3e8ae2d1"; + rev = "f16ca3b7b383"; sha256 = "19v8bj14w0lcvysaw84klf5dg6ka351ixz9r6cd9mksdd80nvzcq"; }; } { - goPackagePath = "github.com/kr/binarydist"; + goPackagePath = "github.com/kisielk/gotool"; + fetch = { + type = "git"; + url = "https://github.com/kisielk/gotool"; + rev = "v1.0.0"; + sha256 = "14af2pa0ssyp8bp2mvdw184s5wcysk6akil3wzxmr05wwy951iwn"; + }; + } + { + goPackagePath = "github.com/kr/binarydist"; fetch = { type = "git"; url = "https://github.com/kr/binarydist"; - rev = "88f551ae580780cc79d12ab4c218ba1ca346b83a"; + rev = "v0.1.0"; sha256 = "0hz1yqlxmkdib8xsdkkvn4ian4i69jmfapadim9fhj632d6jpi7w"; }; } { - goPackagePath = "github.com/malfunkt/iprange"; + goPackagePath = "github.com/kr/pretty"; + fetch = { + type = "git"; + url = "https://github.com/kr/pretty"; + rev = "v0.1.0"; + sha256 = "18m4pwg2abd0j9cn5v3k2ksk9ig4vlwxmlw9rrglanziv9l967qp"; + }; + } + { + goPackagePath = "github.com/kr/pty"; + fetch = { + type = "git"; + url = "https://github.com/kr/pty"; + rev = "v1.1.1"; + sha256 = "0383f0mb9kqjvncqrfpidsf8y6ns5zlrc91c6a74xpyxjwvzl2y6"; + }; + } + { + goPackagePath = "github.com/kr/text"; + fetch = { + type = "git"; + url = "https://github.com/kr/text"; + rev = "v0.1.0"; + sha256 = "1gm5bsl01apvc84bw06hasawyqm4q84vx1pm32wr9jnd7a8vjgj1"; + }; + } + { + goPackagePath = "github.com/malfunkt/iprange"; fetch = { type = "git"; url = "https://github.com/malfunkt/iprange"; - rev = "3a31f5ed42d2d8a1fc46f1be91fd693bdef2dd52"; + rev = "v0.9.0"; sha256 = "0gv5w678r74jval675xp0y1hzpf7mm5m9apa1rz9krxc9zd0ycr8"; }; } { - goPackagePath = "github.com/mattn/go-colorable"; + goPackagePath = "github.com/mattn/go-colorable"; fetch = { type = "git"; url = "https://github.com/mattn/go-colorable"; - rev = "3a70a971f94a22f2fa562ffcc7a0eb45f5daf045"; - sha256 = "0l640974j804c1yyjfgyxqlsivz0yrzmbql4mhcw2azryigkp08p"; + rev = "v0.1.4"; + sha256 = "1yxcz08kminqr1221zxpibnbzfcgs3fafin0z9zqb3gqvf74jywz"; }; } { - goPackagePath = "github.com/mattn/go-isatty"; + goPackagePath = "github.com/mattn/go-isatty"; fetch = { type = "git"; url = "https://github.com/mattn/go-isatty"; - rev = "c2a7a6ca930a4cd0bc33a3f298eb71960732a3a7"; - sha256 = "1i77aq4gf9as03m8fpfh8fq49n4z9j7548blrcsidm1xhslzk5xd"; + rev = "v0.0.10"; + sha256 = "0jf4hwfwd2cpxrlyv0jzcia809q2bjw7y1m3ciaj2s8lj2jqyf6r"; }; } { - goPackagePath = "github.com/mdlayher/dhcp6"; + goPackagePath = "github.com/mdlayher/dhcp6"; fetch = { type = "git"; url = "https://github.com/mdlayher/dhcp6"; - rev = "2a67805d7d0b0bad6c1103058981afdea583b459"; + rev = "2a67805d7d0b"; sha256 = "0xn7canpik3lrz73dcz4jzapq1bfxpnashvjvnvshcpa2n1lh8yw"; }; } { - goPackagePath = "github.com/mdlayher/raw"; - fetch = { - type = "git"; - url = "https://github.com/mdlayher/raw"; - rev = "480b93709cce56651807d3fdeb260a5a7c4e2d5f"; - sha256 = "0a0zlznk67nhpmgp21hxsbhyl5lvlkmwy5xvm3d3q0yaq0rqnh2x"; - }; - } - { - goPackagePath = "github.com/mgutz/ansi"; + goPackagePath = "github.com/mgutz/ansi"; fetch = { type = "git"; url = "https://github.com/mgutz/ansi"; - rev = "9520e82c474b0a04dd04f8a40959027271bab992"; + rev = "9520e82c474b"; sha256 = "00bz22314j26736w1f0q4jy9d9dfaml17vn890n5zqy3cmvmww1j"; }; } { - goPackagePath = "github.com/mgutz/logxi"; + goPackagePath = "github.com/mgutz/logxi"; fetch = { type = "git"; url = "https://github.com/mgutz/logxi"; - rev = "aebf8a7d67ab4625e0fd4a665766fef9a709161b"; + rev = "aebf8a7d67ab"; sha256 = "1f8sqibkzz9wfplvvblz9s0xvvmhkd2af8ghcsmjw8818gcrzsqx"; }; } { - goPackagePath = "github.com/miekg/dns"; + goPackagePath = "github.com/miekg/dns"; fetch = { type = "git"; url = "https://github.com/miekg/dns"; - rev = "8aa92d4e02c501ba21e26fb92cf2fb9f23f56917"; - sha256 = "1niymj11xv82ghif3p7i60bgj0lqskwm7fmrzfjchd8wxwbk4bbi"; + rev = "v1.1.22"; + sha256 = "1iv9jznakz8f5swiir0z4zilr9ypavnsc0g4zi1r0vad6npy7zfl"; }; } { - goPackagePath = "github.com/pkg/errors"; + goPackagePath = "github.com/mitchellh/go-homedir"; + fetch = { + type = "git"; + url = "https://github.com/mitchellh/go-homedir"; + rev = "v1.1.0"; + sha256 = "0ydzkipf28hwj2bfxqmwlww47khyk6d152xax4bnyh60f4lq3nx1"; + }; + } + { + goPackagePath = "github.com/pkg/errors"; fetch = { type = "git"; url = "https://github.com/pkg/errors"; - rev = "ba968bfe8b2f7e042a574c888954fccecfa385b4"; + rev = "v0.8.1"; sha256 = "0g5qcb4d4fd96midz0zdk8b9kz8xkzwfa8kr1cliqbg8sxsy5vd1"; }; } { - goPackagePath = "github.com/robertkrimen/otto"; + goPackagePath = "github.com/pmezard/go-difflib"; + fetch = { + type = "git"; + url = "https://github.com/pmezard/go-difflib"; + rev = "v1.0.0"; + sha256 = "0c1cn55m4rypmscgf0rrb88pn58j3ysvc2d0432dp3c6fqg6cnzw"; + }; + } + { + goPackagePath = "github.com/robertkrimen/otto"; fetch = { type = "git"; url = "https://github.com/robertkrimen/otto"; - rev = "15f95af6e78dcd2030d8195a138bd88d4f403546"; + rev = "15f95af6e78d"; sha256 = "07j7l340lmqwpfscwyb8llk3k37flvs20a4a8vzc85f16xyd9npf"; }; } { - goPackagePath = "github.com/tarm/serial"; + goPackagePath = "github.com/rogpeppe/go-charset"; + fetch = { + type = "git"; + url = "https://github.com/rogpeppe/go-charset"; + rev = "2471d30d28b4"; + sha256 = "1cmkhwkqx1smnsvrr9ah2x5qav0i6vdiq8x4j8j812xspfl69zwx"; + }; + } + { + goPackagePath = "github.com/rogpeppe/go-internal"; + fetch = { + type = "git"; + url = "https://github.com/rogpeppe/go-internal"; + rev = "v1.3.0"; + sha256 = "0mcdh1licgnnahwml9y2iq6xy5x9xmjw5frcnds2s3wpjyqrl216"; + }; + } + { + goPackagePath = "github.com/stretchr/objx"; + fetch = { + type = "git"; + url = "https://github.com/stretchr/objx"; + rev = "v0.1.0"; + sha256 = "19ynspzjdynbi85xw06mh8ad5j0qa1vryvxjgvbnyrr8rbm4vd8w"; + }; + } + { + goPackagePath = "github.com/stretchr/testify"; + fetch = { + type = "git"; + url = "https://github.com/stretchr/testify"; + rev = "v1.3.0"; + sha256 = "0wjchp2c8xbgcbbq32w3kvblk6q6yn533g78nxl6iskq6y95lxsy"; + }; + } + { + goPackagePath = "github.com/tarm/serial"; fetch = { type = "git"; url = "https://github.com/tarm/serial"; - rev = "98f6abe2eb07edd42f6dfa2a934aea469acc29b7"; + rev = "98f6abe2eb07"; sha256 = "1yj4jiv2f3x3iawxdflrlmdan0k9xsbnccgc9yz658rmif1ag3pb"; }; } { - goPackagePath = "golang.org/x/crypto"; + goPackagePath = "golang.org/x/crypto"; fetch = { type = "git"; url = "https://go.googlesource.com/crypto"; - rev = "a29dc8fdc73485234dbef99ebedb95d2eced08de"; - sha256 = "07f0jj4haqs0ywc1akk1qjwn5msl2j0pry1rxjkkbfcq4r6ihc1p"; + rev = "87dc89f01550"; + sha256 = "0z4i1m2yn3f31ci7wvcm2rxkx2yiv7a78mfzklncmsz2k97rlh2g"; }; } { - goPackagePath = "golang.org/x/net"; + goPackagePath = "golang.org/x/mod"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/mod"; + rev = "4bf6d317e70e"; + sha256 = "19lg1ly3j31anx92p0hynic1gjk417wwxphfdrb2cq1c19kj3r17"; + }; + } + { + goPackagePath = "golang.org/x/net"; fetch = { type = "git"; url = "https://go.googlesource.com/net"; - rev = "9ce7a6920f093fc0b908c4a5f66ae049110f417e"; - sha256 = "1kbs85jsqbv4v89ii2zam4b8dhmllhsrf46njmi09x0w6s0b9cbk"; + rev = "da9a3fd4c582"; + sha256 = "0iavs400534jn7drmdphx0f18vgg060p2r59xw5d85ji1l5rin1l"; + }; + } + { + goPackagePath = "golang.org/x/sync"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/sync"; + rev = "112230192c58"; + sha256 = "05i2k43j2d0llq768hg5pf3hb2yhfzp9la1w5wp0rsnnzblr0lfn"; }; } { - goPackagePath = "golang.org/x/sys"; + goPackagePath = "golang.org/x/sys"; fetch = { type = "git"; url = "https://go.googlesource.com/sys"; - rev = "d89cdac9e8725f2aefce25fcbfef41134c9ad412"; - sha256 = "0iazr13ir6i267nb2w81lc3pr740wdjs86nsliwpf90kkgzn853f"; + rev = "727590c5006e"; + sha256 = "0891pfmc73hyr6hrsq1mkk3lasxa8fz4vlnljnzz6yihmhz9ab6a"; }; } { - goPackagePath = "gopkg.in/sourcemap.v1"; + goPackagePath = "golang.org/x/text"; fetch = { type = "git"; - url = "https://github.com/go-sourcemap/sourcemap"; - rev = "6e83acea0053641eff084973fee085f0c193c61a"; + url = "https://go.googlesource.com/text"; + rev = "v0.3.2"; + sha256 = "0flv9idw0jm5nm8lx25xqanbkqgfiym6619w575p7nrdh0riqwqh"; + }; + } + { + goPackagePath = "golang.org/x/tools"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/tools"; + rev = "2ca718005c18"; + sha256 = "1nl4cw8vrfigab0hij86vl2mmhfmyim69r7vy5qk2v60g8frvgxg"; + }; + } + { + goPackagePath = "golang.org/x/xerrors"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/xerrors"; + rev = "a985d3407aa7"; + sha256 = "00wzr5w8aadipgc3rkk8f11i41znskfj9ix5nhhaxyg7isrslgcj"; + }; + } + { + goPackagePath = "gopkg.in/check.v1"; + fetch = { + type = "git"; + url = "https://gopkg.in/check.v1"; + rev = "788fd7840127"; + sha256 = "0v3bim0j375z81zrpr5qv42knqs0y2qv2vkjiqi5axvb78slki1a"; + }; + } + { + goPackagePath = "gopkg.in/errgo.v2"; + fetch = { + type = "git"; + url = "https://gopkg.in/errgo.v2"; + rev = "v2.1.0"; + sha256 = "065mbihiy7q67wnql0bzl9y1kkvck5ivra68254zbih52jxwrgr2"; + }; + } + { + goPackagePath = "gopkg.in/sourcemap.v1"; + fetch = { + type = "git"; + url = "https://gopkg.in/sourcemap.v1"; + rev = "v1.0.5"; sha256 = "08rf2dl13hbnm3fq2cm0nnsspy9fhf922ln23cz5463cv7h62as4"; }; } -] \ No newline at end of file + { + goPackagePath = "honnef.co/go/tools"; + fetch = { + type = "git"; + url = "https://github.com/dominikh/go-tools"; + rev = "v0.0.0-2019.2.1"; + sha256 = "1frpy4pl9yp6j00mjj2yss3k8hip0cc7b5i5mz61n3dlw0kga9z1"; + }; + } +] diff --git a/pkgs/tools/security/clamav/default.nix b/pkgs/tools/security/clamav/default.nix index de275b6c09a3..43f56352ceb3 100644 --- a/pkgs/tools/security/clamav/default.nix +++ b/pkgs/tools/security/clamav/default.nix @@ -5,11 +5,11 @@ stdenv.mkDerivation rec { pname = "clamav"; - version = "0.102.0"; + version = "0.102.1"; src = fetchurl { url = "https://www.clamav.net/downloads/production/${pname}-${version}.tar.gz"; - sha256 = "1qdyj4r39266bmbsd2nwyspm20k9wh3c30awrg8c54y78s61izj8"; + sha256 = "1mpdgn3isz26hd1j6p8lcb76v8hjs54k1wb655rnil4hv78aig8d"; }; # don't install sample config files into the absolute sysconfdir folder diff --git a/pkgs/tools/security/efitools/default.nix b/pkgs/tools/security/efitools/default.nix index 8a64a019fef0..33b6c3b672da 100644 --- a/pkgs/tools/security/efitools/default.nix +++ b/pkgs/tools/security/efitools/default.nix @@ -26,6 +26,7 @@ stdenv.mkDerivation rec { sed -i -e 's#/usr/include/efi#${gnu-efi}/include/efi/#g' Make.rules sed -i -e 's#/usr/lib64/gnuefi#${gnu-efi}/lib/#g' Make.rules sed -i -e 's#$(DESTDIR)/usr#$(out)#g' Make.rules + substituteInPlace lib/console.c --replace "EFI_WARN_UNKOWN_GLYPH" "EFI_WARN_UNKNOWN_GLYPH" patchShebangs . ''; diff --git a/pkgs/tools/security/enpass/default.nix b/pkgs/tools/security/enpass/default.nix index 89e09a47858d..6e61f0541225 100644 --- a/pkgs/tools/security/enpass/default.nix +++ b/pkgs/tools/security/enpass/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl, dpkg, xorg -, glib, libGLU_combined, libpulseaudio, zlib, dbus, fontconfig, freetype +, glib, libGLU, libGL, libpulseaudio, zlib, dbus, fontconfig, freetype , gtk3, pango -, makeWrapper , python, pythonPackages, lib +, makeWrapper , python2Packages, lib , lsof, curl, libuuid, cups, mesa }: @@ -19,7 +19,7 @@ let # used of both wrappers and libpath libPath = lib.makeLibraryPath (with xorg; [ mesa.drivers - libGLU_combined + libGLU libGL fontconfig freetype libpulseaudio @@ -84,9 +84,9 @@ let name = "enpass-update-script"; SCRIPT =./update_script.py; - buildInputs = with pythonPackages; [python requests pathlib2 six attrs ]; + buildInputs = with python2Packages; [python requests pathlib2 six attrs ]; shellHook = '' - exec python $SCRIPT --target pkgs/tools/security/enpass/data.json --repo ${baseUrl} + exec python $SCRIPT --target pkgs/tools/security/enpass/data.json --repo ${baseUrl} ''; }; diff --git a/pkgs/tools/security/fierce/default.nix b/pkgs/tools/security/fierce/default.nix index 809d8e29ea35..5d12a0008158 100644 --- a/pkgs/tools/security/fierce/default.nix +++ b/pkgs/tools/security/fierce/default.nix @@ -2,13 +2,13 @@ python3.pkgs.buildPythonApplication rec { pname = "fierce"; - version = "1.3.0"; + version = "1.4.0"; src = fetchFromGitHub { owner = "mschwager"; repo = pname; rev = version; - sha256 = "0cdp9rpabazyfnks30rsf3qfdi40z1bkspxk4ds9bm82kpq33jxy"; + sha256 = "11yaz8ap9swx95j3wpqh0b6jhw6spqgfnsyn1liw9zqi4jwgiax7"; }; propagatedBuildInputs = [ python3.pkgs.dns ]; diff --git a/pkgs/tools/security/fprintd/default.nix b/pkgs/tools/security/fprintd/default.nix index 41a00306f695..13e6c0be391a 100644 --- a/pkgs/tools/security/fprintd/default.nix +++ b/pkgs/tools/security/fprintd/default.nix @@ -1,11 +1,9 @@ -{ thinkpad ? false -, stdenv +{ stdenv , fetchurl , fetchpatch , pkgconfig , intltool -, libfprint-thinkpad ? null -, libfprint ? null +, libfprint , glib , dbus-glib , polkit @@ -17,7 +15,7 @@ }: stdenv.mkDerivation rec { - pname = "fprintd" + stdenv.lib.optionalString thinkpad "-thinkpad"; + pname = "fprintd"; version = "0.9.0"; src = fetchurl { @@ -46,10 +44,8 @@ stdenv.mkDerivation rec { nss pam systemd - ] - ++ stdenv.lib.optional thinkpad libfprint-thinkpad - ++ stdenv.lib.optional (!thinkpad) libfprint - ; + libfprint + ]; configureFlags = [ # is hardcoded to /var/lib/fprint, this is for the StateDirectory install target diff --git a/pkgs/tools/security/gnome-keysign/default.nix b/pkgs/tools/security/gnome-keysign/default.nix index 04fa923ce2cc..a559039d95ac 100644 --- a/pkgs/tools/security/gnome-keysign/default.nix +++ b/pkgs/tools/security/gnome-keysign/default.nix @@ -1,5 +1,6 @@ { stdenv , fetchFromGitLab +, fetchpatch , python3 , wrapGAppsHook , gobject-introspection @@ -11,22 +12,38 @@ python3.pkgs.buildPythonApplication rec { pname = "gnome-keysign"; - version = "1.0.1"; + version = "1.2.0"; src = fetchFromGitLab { domain = "gitlab.gnome.org"; owner = "GNOME"; repo = pname; rev = version; - sha256 = "0iy70dskd7wly37lpb2ypd9phhyml5j3c7rzajii4f2s7zgb3abg"; + sha256 = "1sjphi1lsivg9jmc8khbcqa9w6608pkrccz4nz3rlcc54hn0k0sj"; }; + patches = [ + # fix build failure due to missing import + (fetchpatch { + url = "https://gitlab.gnome.org/GNOME/gnome-keysign/commit/216c3677e68960afc517edc00529323e85909323.patch"; + sha256 = "1w410gvcridbq26sry7fxn49v59ss2lc0w5ab7csva8rzs1nc990"; + }) + + # stop requiring lxml (no longer used) + # https://gitlab.gnome.org/GNOME/gnome-keysign/merge_requests/23 + (fetchpatch { + url = "https://gitlab.gnome.org/GNOME/gnome-keysign/commit/ffc6f40584d7564951e1c8b6d18d4f8a6a3fa09d.patch"; + sha256 = "1hs6mmhi2f21kvy26llzvp37yf0i0dr69d18r641139nr6qg6kwy"; + includes = [ "setup.py" ]; + }) + ]; + nativeBuildInputs = [ wrapGAppsHook gobject-introspection ] ++ (with python3.pkgs; [ Babel - lxml + babelgladeextractor ]); buildInputs = [ diff --git a/pkgs/tools/security/gnupg/22.nix b/pkgs/tools/security/gnupg/22.nix index f62f10c8cf9d..0be7b936bb7a 100644 --- a/pkgs/tools/security/gnupg/22.nix +++ b/pkgs/tools/security/gnupg/22.nix @@ -1,26 +1,26 @@ { fetchurl, fetchpatch, stdenv, pkgconfig, libgcrypt, libassuan, libksba -, libgpgerror, libiconv, npth, gettext, texinfo, pcsclite, sqlite -, buildPackages +, libgpgerror, libiconv, npth, gettext, texinfo, buildPackages # Each of the dependencies below are optional. # Gnupg can be built without them at the cost of reduced functionality. -, pinentry ? null, guiSupport ? false -, adns ? null, gnutls ? null, libusb ? null, openldap ? null -, readline ? null, zlib ? null, bzip2 ? null +, guiSupport ? true, enableMinimal ? false +, adns ? null , bzip2 ? null , gnutls ? null , libusb ? null , openldap ? null +, pcsclite ? null , pinentry ? null , readline ? null , sqlite ? null , zlib ? +null }: with stdenv.lib; -assert guiSupport -> pinentry != null; +assert guiSupport -> pinentry != null && enableMinimal == false; stdenv.mkDerivation rec { pname = "gnupg"; - version = "2.2.17"; + version = "2.2.18"; src = fetchurl { url = "mirror://gnupg/gnupg/${pname}-${version}.tar.bz2"; - sha256 = "056mgy09lvsi03531a437qj58la1j2x1y1scvfi53diris3658mg"; + sha256 = "02pcdmb9p4a8hil88gyd86mnc85jldss3cl02jvbkcjmrbi7rlrh"; }; depsBuildBuild = [ buildPackages.stdenv.cc ]; @@ -37,7 +37,7 @@ stdenv.mkDerivation rec { postPatch = '' sed -i 's,hkps://hkps.pool.sks-keyservers.net,hkps://keys.openpgp.org,g' \ configure doc/dirmngr.texi doc/gnupg.info-1 - '' + stdenv.lib.optionalString stdenv.isLinux '' + '' + stdenv.lib.optionalString ( stdenv.isLinux && pcsclite != null) '' sed -i 's,"libpcsclite\.so[^"]*","${stdenv.lib.getLib pcsclite}/lib/libpcsclite.so",g' scd/scdaemon.c ''; #" fix Emacs syntax highlighting :-( @@ -50,7 +50,14 @@ stdenv.mkDerivation rec { "--with-npth-prefix=${npth}" ] ++ optional guiSupport "--with-pinentry-pgm=${pinentry}/${pinentryBinaryPath}"; - postInstall = '' + postInstall = if enableMinimal + then '' + rm -r $out/{libexec,sbin,share} + for f in `find $out/bin -type f -not -name gpg` + do + rm $f + done + '' else '' mkdir -p $out/lib/systemd/user for f in doc/examples/systemd-user/*.{service,socket} ; do substitute $f $out/lib/systemd/user/$(basename $f) \ diff --git a/pkgs/tools/security/haka/default.nix b/pkgs/tools/security/haka/default.nix index bd7d356c1a0e..bfac54d2d860 100644 --- a/pkgs/tools/security/haka/default.nix +++ b/pkgs/tools/security/haka/default.nix @@ -30,6 +30,6 @@ stdenv.mkDerivation { homepage = http://www.haka-security.org/; license = stdenv.lib.licenses.mpl20; maintainers = [ stdenv.lib.maintainers.tvestelind ]; - platforms = stdenv.lib.platforms.linux; + platforms = [ "x86_64-linux" "i686-linux" ]; # fails on aarch64 }; } diff --git a/pkgs/tools/security/ipscan/default.nix b/pkgs/tools/security/ipscan/default.nix new file mode 100644 index 000000000000..40546b6f1c33 --- /dev/null +++ b/pkgs/tools/security/ipscan/default.nix @@ -0,0 +1,40 @@ +{ stdenv, fetchurl, jdk, jre, swt, makeWrapper, xorg, dpkg }: + +stdenv.mkDerivation rec { + pname = "ipscan"; + version = "3.6.2"; + + src = fetchurl { + url = "https://github.com/angryip/ipscan/releases/download/${version}/ipscan_${version}_amd64.deb"; + sha256 = "0wnnnabpj0dsxdijvss5sl9kd4i6rmcq55zbas33xs3c5g305ssk"; + }; + + sourceRoot = "."; + unpackCmd = "${dpkg}/bin/dpkg-deb -x $src ."; + + buildInputs = [ makeWrapper jdk ]; + + installPhase = '' + mkdir -p $out/share + cp usr/lib/ipscan/ipscan-linux64-${version}.jar $out/share/${pname}-${version}.jar + + makeWrapper ${jre}/bin/java $out/bin/ipscan \ + --prefix LD_LIBRARY_PATH : "$out/lib/:${stdenv.lib.makeLibraryPath [ swt xorg.libXtst ]}" \ + --add-flags "-Xmx256m -cp $out/share/${pname}-${version}.jar:${swt}/jars/swt.jar net.azib.ipscan.Main" + + mkdir -p $out/share/applications + cp usr/share/applications/ipscan.desktop $out/share/applications/ipscan.desktop + substituteInPlace $out/share/applications/ipscan.desktop --replace "/usr/bin" "$out/bin" + + mkdir -p $out/share/pixmaps + cp usr/share/pixmaps/ipscan.png $out/share/pixmaps/ipscan.png + ''; + + meta = with stdenv.lib; { + description = "Fast and friendly network scanner"; + homepage = https://angryip.org; + license = licenses.gpl2; + platforms = [ "x86_64-linux" ]; + maintainers = with maintainers; [ kylesferrazza ]; + }; +} diff --git a/pkgs/tools/security/john/default.nix b/pkgs/tools/security/john/default.nix index 841a23814910..17e02e736dc4 100644 --- a/pkgs/tools/security/john/default.nix +++ b/pkgs/tools/security/john/default.nix @@ -48,11 +48,12 @@ stdenv.mkDerivation rec { enableParallelBuilding = false; postInstall = '' - mkdir -p "$out/bin" "$out/etc/john" "$out/share/john" "$out/share/doc/john" + mkdir -p "$out/bin" "$out/etc/john" "$out/share/john" "$out/share/doc/john" "$out/share/john/rules" find -L ../run -mindepth 1 -maxdepth 1 -type f -executable \ -exec cp -d {} "$out/bin" \; cp -vt "$out/etc/john" ../run/*.conf cp -vt "$out/share/john" ../run/*.chr ../run/password.lst + cp -vt "$out/share/john/rules" ../run/rules/*.rule cp -vrt "$out/share/doc/john" ../doc/* ''; diff --git a/pkgs/tools/security/keybase/default.nix b/pkgs/tools/security/keybase/default.nix index 653858d36961..1edf86675c31 100644 --- a/pkgs/tools/security/keybase/default.nix +++ b/pkgs/tools/security/keybase/default.nix @@ -6,10 +6,10 @@ buildGoPackage rec { pname = "keybase"; - version = "4.7.2"; + version = "5.0.0"; goPackagePath = "github.com/keybase/client"; - subPackages = [ "go/keybase" ]; + subPackages = [ "go/kbnm" "go/keybase" ]; dontRenameImports = true; @@ -17,7 +17,7 @@ buildGoPackage rec { owner = "keybase"; repo = "client"; rev = "v${version}"; - sha256 = "1ixfq9qv71misg04fvf4892z956w5aydq0r1wk6qk5jjqp6gf4lv"; + sha256 = "0cxxqmgp82qi2b1fljyfa38is94y8ghb2pd31nbyh8y4wnmi0x1s"; }; patches = [ @@ -36,5 +36,6 @@ buildGoPackage rec { description = "The Keybase official command-line utility and service."; platforms = platforms.linux ++ platforms.darwin; maintainers = with maintainers; [ carlsverre np rvolosatovs ]; + license = licenses.bsd3; }; } diff --git a/pkgs/tools/security/keybase/gui.nix b/pkgs/tools/security/keybase/gui.nix index 1d32f1cc8819..2ec97f882367 100644 --- a/pkgs/tools/security/keybase/gui.nix +++ b/pkgs/tools/security/keybase/gui.nix @@ -1,19 +1,19 @@ { stdenv, fetchurl, alsaLib, atk, cairo, cups, udev -, dbus, expat, fontconfig, freetype, gdk-pixbuf, glib, gtk3 +, dbus, expat, fontconfig, freetype, gdk-pixbuf, glib, gtk3, libappindicator-gtk3 , libnotify, nspr, nss, pango, systemd, xorg, autoPatchelfHook, wrapGAppsHook , runtimeShell, gsettings-desktop-schemas }: let - versionSuffix = "20191028173732.6fc2e969b4"; + versionSuffix = "20191114203213.f73f97dac6"; in stdenv.mkDerivation rec { pname = "keybase-gui"; - version = "4.7.2"; # Find latest version from https://prerelease.keybase.io/deb/dists/stable/main/binary-amd64/Packages + version = "5.0.0"; # Find latest version from https://prerelease.keybase.io/deb/dists/stable/main/binary-amd64/Packages src = fetchurl { url = "https://s3.amazonaws.com/prerelease.keybase.io/linux_binaries/deb/keybase_${version + "-" + versionSuffix}_amd64.deb"; - sha256 = "01slhdxcjs1543rz1khxhzn25g26vm9fd9mcyd5ahp2v4g37b8sd"; + sha256 = "e175e52a6355d8359d66ef4b445981b572c513754329d5c7f75ad7bb14ec348f"; }; nativeBuildInputs = [ @@ -34,6 +34,7 @@ stdenv.mkDerivation rec { glib gsettings-desktop-schemas gtk3 + libappindicator-gtk3 libnotify nspr nss @@ -55,6 +56,7 @@ stdenv.mkDerivation rec { runtimeDependencies = [ udev.lib + libappindicator-gtk3 ]; dontBuild = true; diff --git a/pkgs/tools/security/ossec/default.nix b/pkgs/tools/security/ossec/default.nix index 7231f6821daf..2b52099e70b3 100644 --- a/pkgs/tools/security/ossec/default.nix +++ b/pkgs/tools/security/ossec/default.nix @@ -31,8 +31,8 @@ yes ''; meta = { - description = "Open soruce host-based instrusion detection system"; - homepage = http://www.ossec.net; + description = "Open source host-based instrusion detection system"; + homepage = https://www.ossec.net; license = stdenv.lib.licenses.gpl2; platforms = stdenv.lib.platforms.linux; }; diff --git a/pkgs/tools/security/pass/extensions/genphrase.nix b/pkgs/tools/security/pass/extensions/genphrase.nix index c031c59e3f63..187852e8b55a 100644 --- a/pkgs/tools/security/pass/extensions/genphrase.nix +++ b/pkgs/tools/security/pass/extensions/genphrase.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "pass-genphrase"; - version = "0.1"; + version = "0.2"; src = fetchFromGitHub { owner = "congma"; repo = "pass-genphrase"; rev = version; - sha256 = "0vcg3b79n1r949qfn8ns85bq2mfsmbf4jw2dlzif8425n8ppfsgd"; + sha256 = "1sdkmz5s6wdx4vdlgqf5kmyrm17zwzy3n52s13qpx32bnnajap1h"; }; dontBuild = true; diff --git a/pkgs/tools/security/pbis/default.nix b/pkgs/tools/security/pbis/default.nix new file mode 100644 index 000000000000..ee1282e9a135 --- /dev/null +++ b/pkgs/tools/security/pbis/default.nix @@ -0,0 +1,70 @@ +{ stdenv, fetchFromGitHub, autoconf, automake, libtool, perl, flex, bison, curl, + pam, popt, libiconv, libuuid, openssl_1_0_2, cyrus_sasl, sqlite, tdb, libxml2 }: + +stdenv.mkDerivation rec { + pname = "pbis-open"; + version = "9.1.0"; + + src = fetchFromGitHub { + owner = "BeyondTrust"; + repo = pname; + rev = version; + sha256 = "081jm34sf488nwz5wzs55d6rxx3sv566x6p4h1yqcjaw36174m8v"; + }; + + nativeBuildInputs = [ + autoconf automake libtool perl flex bison + ]; + + # curl must be placed after openssl_1_0_2, because it pulls openssl 1.1 dependency. + buildInputs = [ + pam popt libiconv libuuid openssl_1_0_2 cyrus_sasl + curl sqlite popt tdb libxml2 /*libglade2 for gtk*/ + ]; + + postPatch = '' + patchShebangs . + sed -i -e 's/legacy//g' lwupgrade/MakeKitBuild # disable /opt/ symlinks + sed -i -e 's/tdb.h//g' samba-interop/MakeKitBuild #include <tdb.h> fails but it won't affect the build + ''; + preConfigure = '' + mkdir release + cd release + if [ $CC = gcc ]; then + NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -Wno-error=format-overflow" + fi + NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -isystem ${stdenv.lib.getDev libxml2}/include/libxml2 -Wno-error=array-bounds -Wno-error=pointer-sign -Wno-error=deprecated-declarations -Wno-error=unused-variable" + ''; + configureScript = ''../configure''; + configureFlags = [ + "CFLAGS=-O" + "--docdir=${placeholder "prefix"}/share/doc" + "--mandir=${placeholder "prefix"}/share/doc/man" + "--datadir=${placeholder "prefix"}/share" + "--lw-initdir=${placeholder "prefix"}/etc/init.d" + "--selinux=no" # NixOS does not support SELinux + "--build-isas=x86_64" # [lwbase] endianness (host/x86_32): [lwbase] ERROR: could not determine endianness + "--fail-on-warn=no" + # "--debug=yes" + ]; # ^ See https://github.com/BeyondTrust/pbis-open/issues/124 + configureFlagsArray = [ "--lw-bundled-libs=linenoise-mob tomlc99 opensoap krb5 cyrus-sasl curl openldap ${ if libuuid == null then "libuuid" else "" }" ]; + # ^ it depends on old krb5 version 1.9 (issue #228) + # linenoise-mod, tomlc99, opensoap is not in nixpkgs. + # krb5 must be old one, and cyrus-sasl and openldap have dependency to newer libkrb5 that cause runtime error + enableParallelBuilding = true; + makeFlags = "SHELL="; + hardeningDisable = [ "format" ]; # -Werror=format-security + installPhase = '' + mkdir $sys + mv stage/{lib,var} $sys + mv stage$out $out + ''; + outputs = [ "out" "sys" ]; + + meta = with stdenv.lib; { + description = "BeyondTrust AD Bridge Open simplifies the process of joining non-Microsoft hosts to Active Directory domains"; + homepage = "https://github.com/BeyondTrust/pbis-open"; + license = with licenses; [ gpl2 lgpl21 ]; + platforms = [ "x86_64-linux" ]; + }; +} diff --git a/pkgs/tools/security/pcsclite/default.nix b/pkgs/tools/security/pcsclite/default.nix index eed462ef0d04..263c308fc3d6 100644 --- a/pkgs/tools/security/pcsclite/default.nix +++ b/pkgs/tools/security/pcsclite/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, udev, dbus, perl, python2 +{ stdenv, fetchurl, pkgconfig, udev, dbus, perl, python3 , IOKit ? null }: stdenv.mkDerivation rec { @@ -35,8 +35,8 @@ stdenv.mkDerivation rec { moveToOutput bin/pcsc-spy "$dev" ''; - nativeBuildInputs = [ pkgconfig perl python2 ]; - buildInputs = stdenv.lib.optionals stdenv.isLinux [ udev dbus ] + nativeBuildInputs = [ pkgconfig perl ]; + buildInputs = [ python3 ] ++ stdenv.lib.optionals stdenv.isLinux [ udev dbus ] ++ stdenv.lib.optionals stdenv.isDarwin [ IOKit ]; meta = with stdenv.lib; { diff --git a/pkgs/tools/security/pius/default.nix b/pkgs/tools/security/pius/default.nix index 5aa4ad47d42b..6d2b5569a0d4 100644 --- a/pkgs/tools/security/pius/default.nix +++ b/pkgs/tools/security/pius/default.nix @@ -36,6 +36,6 @@ python3Packages.buildPythonApplication { license = stdenv.lib.licenses.gpl2; platforms = stdenv.lib.platforms.gnu ++ stdenv.lib.platforms.linux; - maintainers = with stdenv.lib.maintainers; [ fuuzetsu kierdavis ]; + maintainers = with stdenv.lib.maintainers; [ kierdavis ]; }; } diff --git a/pkgs/tools/security/rng-tools/default.nix b/pkgs/tools/security/rng-tools/default.nix index 41faa375f83d..4238fc5be334 100644 --- a/pkgs/tools/security/rng-tools/default.nix +++ b/pkgs/tools/security/rng-tools/default.nix @@ -1,13 +1,12 @@ { stdenv, fetchFromGitHub, libtool, autoreconfHook, pkgconfig , sysfsutils +, argp-standalone # WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS # https://www.nist.gov/programs-projects/nist-randomness-beacon , curl ? null, libxml2 ? null, openssl ? null, withNistBeacon ? false # Systems that support RDRAND but not AES-NI require libgcrypt to use RDRAND as an entropy source , libgcrypt ? null, withGcrypt ? true - # Not sure if jitterentropy is safe to use for cryptography - # and thus a default entropy source -, jitterentropy ? null, withJitterEntropy ? false +, jitterentropy ? null, withJitterEntropy ? true , libp11 ? null, opensc ? null, withPkcs11 ? true }: @@ -15,18 +14,16 @@ with stdenv.lib; stdenv.mkDerivation rec { pname = "rng-tools"; - version = "6.7"; + version = "6.8"; src = fetchFromGitHub { owner = "nhorman"; repo = "rng-tools"; rev = "v${version}"; - sha256 = "19f75m6mzg8h7b4snzg7d6ypvkz6nq32lrpi9ja95gqz4wsd18a5"; + sha256 = "1clm9i9xg3j79q0d6vinn6dx0nwh1fvzcmkqpcbay7mwsgkknvw2"; }; postPatch = '' - cp README.md README - ${optionalString withPkcs11 '' substituteInPlace rngd.c \ --replace /usr/lib64/opensc-pkcs11.so ${opensc}/lib/opensc-pkcs11.so @@ -42,25 +39,27 @@ stdenv.mkDerivation rec { (withFeature withPkcs11 "pkcs11") ]; + # argp-standalone is only used when libc lacks argp parsing (musl) buildInputs = [ sysfsutils ] + ++ optionals stdenv.hostPlatform.isx86_64 [ argp-standalone ] ++ optionals withGcrypt [ libgcrypt ] ++ optionals withJitterEntropy [ jitterentropy ] ++ optionals withNistBeacon [ curl libxml2 openssl ] ++ optionals withPkcs11 [ libp11 openssl ]; - # This shouldn't be necessary but is as of 6.7 - NIX_LDFLAGS = optionalString withPkcs11 "-lcrypto"; - enableParallelBuilding = true; # For cross-compilation makeFlags = [ "AR:=$(AR)" ]; + doCheck = true; + preCheck = "patchShebangs tests/*.sh"; + meta = { description = "A random number generator daemon"; homepage = https://github.com/nhorman/rng-tools; license = licenses.gpl2Plus; platforms = platforms.linux; - maintainers = with maintainers; [ johnazoidberg ]; + maintainers = with maintainers; [ johnazoidberg c0bw3b ]; }; } diff --git a/pkgs/tools/security/sequoia/default.nix b/pkgs/tools/security/sequoia/default.nix index 554ed93f0934..21403225aad2 100644 --- a/pkgs/tools/security/sequoia/default.nix +++ b/pkgs/tools/security/sequoia/default.nix @@ -9,16 +9,16 @@ assert pythonSupport -> pythonPackages != null; rustPlatform.buildRustPackage rec { pname = "sequoia"; - version = "0.10.0"; + version = "0.11.0"; src = fetchFromGitLab { owner = "sequoia-pgp"; repo = pname; rev = "v${version}"; - sha256 = "0gvczghyik56jlnb8cz7jg2l3nbm519gf19g7l5blxci3009v23d"; + sha256 = "1k0pr3vn77fpfzyvbg7xb4jwm6srsiws9bsd8q7i3hl6j56a880i"; }; - cargoSha256 = "0dk9sjcbmygbdpwqnah5krli1p9j5hahgiqrca9c0kfpfiwgx62q"; + cargoSha256 = "15bhg7b88rq8p0bn6y5wwv2l42kqb1qyx2s3kw0r0v0wadf823q3"; nativeBuildInputs = [ pkgconfig @@ -87,6 +87,6 @@ rustPlatform.buildRustPackage rec { license = licenses.gpl3; maintainers = with maintainers; [ minijackson doronbehar ]; platforms = platforms.all; - broken = true; + broken = stdenv.targetPlatform.isDarwin; }; } diff --git a/pkgs/tools/security/sops/default.nix b/pkgs/tools/security/sops/default.nix index b132066fee52..8aa2e219e7df 100644 --- a/pkgs/tools/security/sops/default.nix +++ b/pkgs/tools/security/sops/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "sops"; - version = "3.4.0"; + version = "3.5.0"; src = fetchFromGitHub { - rev = version; + rev = "v${version}"; owner = "mozilla"; repo = pname; - sha256 = "1mrqf9xgv88v919x7gz9l1x70xwvp6cfz3zp9ip1nj2pzn6ixz3d"; + sha256 = "1515bk0fl0pvdkp402l51gdg63bmqlh89sglss6prc1qqvv5v2xy"; }; - modSha256 = "13ja8nxycmdjnrnsxdd1qs06x408aqr4im127a6y433pkx2dg7gc"; + modSha256 = "0vhxd3dschj5i9sig6vpxzbl59cas1qa843akzmjnfjrrafb916y"; meta = with stdenv.lib; { homepage = "https://github.com/mozilla/sops"; diff --git a/pkgs/tools/security/stoken/default.nix b/pkgs/tools/security/stoken/default.nix index 38fc884de487..d6375bee6495 100644 --- a/pkgs/tools/security/stoken/default.nix +++ b/pkgs/tools/security/stoken/default.nix @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { description = "Software Token for Linux/UNIX"; homepage = https://github.com/cernekee/stoken; license = licenses.lgpl21Plus; - maintainers = [ maintainers.fuuzetsu ]; + maintainers = [ ]; platforms = platforms.all; }; } diff --git a/pkgs/tools/security/sudo/default.nix b/pkgs/tools/security/sudo/default.nix index c3e464da5169..a0922f4df738 100644 --- a/pkgs/tools/security/sudo/default.nix +++ b/pkgs/tools/security/sudo/default.nix @@ -5,14 +5,14 @@ }: stdenv.mkDerivation rec { - name = "sudo-1.8.28"; + name = "sudo-1.8.29"; src = fetchurl { urls = [ "ftp://ftp.sudo.ws/pub/sudo/${name}.tar.gz" "ftp://ftp.sudo.ws/pub/sudo/OLD/${name}.tar.gz" ]; - sha256 = "188k3w67aflbmi4b5z23pxrvzfcfndi22b84w86gzjh8b9sglaci"; + sha256 = "0z4wyadh9cks17gdpfgx4kvbrlnyb6nai2sd6chk7qh4jsngylyf"; }; prePatch = '' @@ -48,7 +48,7 @@ stdenv.mkDerivation rec { #define _PATH_MV "${coreutils}/bin/mv" EOF makeFlags="install_uid=$(id -u) install_gid=$(id -g)" - installFlags="sudoers_uid=$(id -u) sudoers_gid=$(id -g) sysconfdir=$out/etc rundir=$TMPDIR/dummy vardir=$TMPDIR/dummy" + installFlags="sudoers_uid=$(id -u) sudoers_gid=$(id -g) sysconfdir=$out/etc rundir=$TMPDIR/dummy vardir=$TMPDIR/dummy DESTDIR=/" ''; nativeBuildInputs = [ groff ]; diff --git a/pkgs/tools/security/tpm2-tools/default.nix b/pkgs/tools/security/tpm2-tools/default.nix index e2bbf1037d8b..03347f5f7874 100644 --- a/pkgs/tools/security/tpm2-tools/default.nix +++ b/pkgs/tools/security/tpm2-tools/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { pname = "tpm2-tools"; - version = "4.0"; + version = "4.0.1"; src = fetchurl { url = "https://github.com/tpm2-software/${pname}/releases/download/${version}/${pname}-${version}.tar.gz"; - sha256 = "02p0wj87fnrpsijd2zaqcxqxicqs36q7vakp6y8and920x36jb0y"; + sha256 = "zOw/ymNwNBoQLFwu8d205c0kK/G7xsUdlp93/HjKZ9E="; }; nativeBuildInputs = [ pandoc pkgconfig makeWrapper ]; diff --git a/pkgs/tools/security/trousers/default.nix b/pkgs/tools/security/trousers/default.nix index 6f7fed20c89d..a38c011d7a49 100644 --- a/pkgs/tools/security/trousers/default.nix +++ b/pkgs/tools/security/trousers/default.nix @@ -2,13 +2,15 @@ stdenv.mkDerivation rec { pname = "trousers"; - version = "0.3.13"; + version = "0.3.14"; src = fetchurl { url = "mirror://sourceforge/trousers/trousers/${version}/${pname}-${version}.tar.gz"; - sha256 = "1lvnla1c1ig2w3xvvrqg2w9qm7a1ygzy1j2gg8j7p8c87i58x45v"; + sha256 = "0iwgsbrbb7nfqgl61x8aailwxm8akxh9gkcwxhsvf50x4qx72l6f"; }; + sourceRoot = "."; + nativeBuildInputs = [ pkgconfig ]; buildInputs = [ openssl ]; @@ -16,21 +18,14 @@ stdenv.mkDerivation rec { configureFlags = [ "--disable-usercheck" ]; - # Attempt to remove -std=gnu89 when updating if using gcc5 - NIX_CFLAGS_COMPILE = "-std=gnu89 -DALLOW_NON_TSS_CONFIG_FILE"; - NIX_LDFLAGS = "-lgcc_s"; - - # Fix broken libtool file - preFixup = stdenv.lib.optionalString (!stdenv.isDarwin) '' - sed 's,-lcrypto,-L${openssl.out}/lib -lcrypto,' -i $out/lib/libtspi.la - ''; + NIX_CFLAGS_COMPILE = [ "-DALLOW_NON_TSS_CONFIG_FILE" ]; + enableParallelBuilding = true; meta = with stdenv.lib; { description = "Trusted computing software stack"; homepage = http://trousers.sourceforge.net/; - license = licenses.cpl10; + license = licenses.bsd3; maintainers = [ maintainers.ak ]; platforms = platforms.linux; }; } - diff --git a/pkgs/tools/security/vault/default.nix b/pkgs/tools/security/vault/default.nix index 4d47e5d4134f..1e5a16e19582 100644 --- a/pkgs/tools/security/vault/default.nix +++ b/pkgs/tools/security/vault/default.nix @@ -2,13 +2,13 @@ buildGoPackage rec { pname = "vault"; - version = "1.2.3"; + version = "1.3.0"; src = fetchFromGitHub { owner = "hashicorp"; repo = "vault"; rev = "v${version}"; - sha256 = "11zi12j09vi6j112a1n8f7sxwp15pbh0801bzh27ihcy01hlzdf8"; + sha256 = "0ayvmqg4fj9cliwbl4pb12mailq7062j3f9v8arpv6x5r4hydlpy"; }; goPackagePath = "github.com/hashicorp/vault"; diff --git a/pkgs/tools/security/vault/vault-bin.nix b/pkgs/tools/security/vault/vault-bin.nix index 87f2e922ff74..6e2ab221c42f 100644 --- a/pkgs/tools/security/vault/vault-bin.nix +++ b/pkgs/tools/security/vault/vault-bin.nix @@ -1,30 +1,30 @@ { stdenv, fetchurl, unzip }: let - version = "1.1.3"; + version = "1.3.0"; sources = let base = "https://releases.hashicorp.com/vault/${version}"; in { x86_64-linux = fetchurl { url = "${base}/vault_${version}_linux_amd64.zip"; - sha256 = "293b88f4d31f6bcdcc8b508eccb7b856a0423270adebfa0f52f04144c5a22ae0"; + sha256 = "1crfj4gd1qwwa2xidd0pjffv0n6hf5hbhv6568m6zc1ig0qqm6yq"; }; i686-linux = fetchurl { url = "${base}/vault_${version}_linux_386.zip"; - sha256 = "9f2fb99e08fa3d25af1497516d08b5d2d8a73bcacd5354ddec024e9628795867"; + sha256 = "0pyf0kyvxpmx3fwfvin1r0x30r9byx9lyi81894q06xrhiwbqc0l"; }; x86_64-darwin = fetchurl { url = "${base}/vault_${version}_darwin_amd64.zip"; - sha256 = "a0a7a242f8299ac4a00af8aa10ccedaf63013c8a068f56eadfb9d730b87155ea"; + sha256 = "113vnpz9n6y7z2k9jqpfpxqxqbrmd9bhny79yaxqzkfdqw8vyv3g"; }; i686-darwin = fetchurl { url = "${base}/vault_${version}_darwin_386.zip"; - sha256 = "50542cfb37abb06e8bb6b8ba41f5ca7d72a4d6a4396d4e3f4a8391bed14f63be"; + sha256 = "0d191qai0bpl7cyivca26wqgycsj2dz08809z147d1vnrz321v6w"; }; aarch64-linux = fetchurl { url = "${base}/vault_${version}_linux_arm64.zip"; - sha256 = "c243dce14b2e48e3667c2aa5b7fb37009dd7043b56032d6ebe50dd456715fd3f"; + sha256 = "1bk5y3knc42mh07gnnn6p109qz908014620h1s0348wp4qfdy49w"; }; }; @@ -49,6 +49,6 @@ in stdenv.mkDerivation { description = "A tool for managing secrets, this binary includes the UI"; platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" "i686-darwin" ]; license = licenses.mpl20; - maintainers = with maintainers; [ offline psyanticy ]; + maintainers = with maintainers; [ offline psyanticy mkaito ]; }; } diff --git a/pkgs/tools/security/vulnix/default.nix b/pkgs/tools/security/vulnix/default.nix index 25d3e8d105b9..809787508f6f 100644 --- a/pkgs/tools/security/vulnix/default.nix +++ b/pkgs/tools/security/vulnix/default.nix @@ -1,18 +1,18 @@ -{ stdenv, pythonPackages, nix, ronn }: +{ stdenv, python3Packages, nix, ronn }: -pythonPackages.buildPythonApplication rec { +python3Packages.buildPythonApplication rec { pname = "vulnix"; - version = "1.8.2"; + version = "1.9.2"; - src = pythonPackages.fetchPypi { + src = python3Packages.fetchPypi { inherit pname version; - sha256 = "0zn21j15vd1z7s40s45zr5wri3r770yvazxqmm60fqpzc5sg552y"; + sha256 = "06mi4a80g6nzvqxj51c7lc0q0dpdr603ly2r77ksf5m3k4glb6dm"; }; outputs = [ "out" "doc" "man" ]; nativeBuildInputs = [ ronn ]; - checkInputs = with pythonPackages; [ + checkInputs = with python3Packages; [ freezegun pytest pytestcov @@ -21,10 +21,9 @@ pythonPackages.buildPythonApplication rec { propagatedBuildInputs = [ nix - ] ++ (with pythonPackages; [ + ] ++ (with python3Packages; [ click colorama - lxml pyyaml requests setuptools @@ -47,8 +46,8 @@ pythonPackages.buildPythonApplication rec { meta = with stdenv.lib; { description = "NixOS vulnerability scanner"; - homepage = https://github.com/flyingcircusio/vulnix; + homepage = "https://github.com/flyingcircusio/vulnix"; license = licenses.bsd3; - maintainers = with maintainers; [ ckauhaus plumps ]; + maintainers = with maintainers; [ ckauhaus ]; }; } diff --git a/pkgs/tools/security/yara/default.nix b/pkgs/tools/security/yara/default.nix index ccebb2dbab42..e09e1e694083 100644 --- a/pkgs/tools/security/yara/default.nix +++ b/pkgs/tools/security/yara/default.nix @@ -1,21 +1,30 @@ -{ stdenv, fetchFromGitHub, autoconf, automake, libtool, pcre +{ stdenv, fetchFromGitHub, fetchpatch, autoconf, automake, libtool, pcre , withCrypto ? true, openssl , enableMagic ? true, file , enableCuckoo ? true, jansson }: stdenv.mkDerivation rec { - version = "3.10.0"; + version = "3.11.0"; pname = "yara"; src = fetchFromGitHub { owner = "VirusTotal"; repo = "yara"; rev = "v${version}"; - sha256 = "1qxqk324cyvi4n09s79786ciig1gdyhs9dnsm07hf95a3kh6w5z2"; + sha256 = "0mx3xm2a70fx8vlynkavq8gfd9w5yjcix5rx85444i2s1h6kcd0j"; }; - buildInputs = [ autoconf automake libtool pcre] + # See: https://github.com/VirusTotal/yara/issues/1036 + # TODO: This patch should not be necessary in the next release + patches = [ + (fetchpatch { + url = "https://github.com/VirusTotal/yara/commit/04df811fa61fa54390b274bfcf56d7403c184404.patch"; + sha256 = "0hsbc2k7nmk2kskll971draz0an4rmcs5v0iql47mz596vqvkzmb"; + }) + ]; + + buildInputs = [ autoconf automake libtool pcre ] ++ stdenv.lib.optionals withCrypto [ openssl ] ++ stdenv.lib.optionals enableMagic [ file ] ++ stdenv.lib.optionals enableCuckoo [ jansson ] |