1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
{ fetchurl, mkDerivation, fetchpatch, stdenv, lib, pkg-config, autoreconfHook, wrapGAppsHook
, libgpg-error, libassuan, qtbase, wrapQtAppsHook
, ncurses, gtk2, gcr, libcap, libsecret
, enabledFlavors ? [ "curses" "tty" "gtk2" "emacs" ]
++ lib.optionals stdenv.isLinux [ "gnome3" ]
++ lib.optionals (stdenv.hostPlatform.system != "aarch64-darwin") [ "qt" ]
}:
with lib;
assert isList enabledFlavors && enabledFlavors != [];
let
pinentryMkDerivation =
if (builtins.elem "qt" enabledFlavors)
then mkDerivation
else stdenv.mkDerivation;
mkFlag = pfxTrue: pfxFalse: cond: name:
"--${if cond then pfxTrue else pfxFalse}-${name}";
mkEnable = mkFlag "enable" "disable";
mkWith = mkFlag "with" "without";
mkEnablePinentry = f:
let
info = flavorInfo.${f};
flag = flavorInfo.${f}.flag or null;
in
optionalString (flag != null)
(mkEnable (elem f enabledFlavors) ("pinentry-" + flag));
flavorInfo = {
curses = { bin = "curses"; flag = "curses"; buildInputs = [ ncurses ]; };
tty = { bin = "tty"; flag = "tty"; };
gtk2 = { bin = "gtk-2"; flag = "gtk2"; buildInputs = [ gtk2 ]; };
gnome3 = { bin = "gnome3"; flag = "gnome3"; buildInputs = [ gcr ]; nativeBuildInputs = [ wrapGAppsHook ]; };
qt = { bin = "qt"; flag = "qt"; buildInputs = [ qtbase ]; nativeBuildInputs = [ wrapQtAppsHook ]; };
emacs = { bin = "emacs"; flag = "emacs"; buildInputs = []; };
};
in
pinentryMkDerivation rec {
pname = "pinentry";
version = "1.2.0";
src = fetchurl {
url = "mirror://gnupg/pinentry/${pname}-${version}.tar.bz2";
sha256 = "sha256-EAcgRaPgQ9BYH5HNVnb8rH/+6VehZjat7apPWDphZHA=";
};
nativeBuildInputs = [ pkg-config autoreconfHook ]
++ concatMap(f: flavorInfo.${f}.nativeBuildInputs or []) enabledFlavors;
buildInputs = [ libgpg-error libassuan libsecret ]
++ lib.optional (!stdenv.isDarwin) libcap
++ concatMap(f: flavorInfo.${f}.buildInputs or []) enabledFlavors;
dontWrapGApps = true;
dontWrapQtApps = true;
patches = [
./autoconf-ar.patch
# Fix floating behaviour of Qt windows.
(fetchpatch {
url = "https://dev.gnupg.org/D549?download=true";
sha256 = "sha256-je1ee1LcNrDeQ04wMt33cQqucxhlb1B1SCtmnd8wYSU=";
extraPrefix = "";
})
] ++ optionals (elem "gtk2" enabledFlavors) [
(fetchpatch {
url = "https://salsa.debian.org/debian/pinentry/raw/debian/1.1.0-1/debian/patches/0007-gtk2-When-X11-input-grabbing-fails-try-again-over-0..patch";
sha256 = "15r1axby3fdlzz9wg5zx7miv7gqx2jy4immaw4xmmw5skiifnhfd";
})
];
configureFlags = [
(mkWith (libcap != null) "libcap")
(mkEnable (libsecret != null) "libsecret")
] ++ (map mkEnablePinentry (attrNames flavorInfo));
postInstall =
concatStrings (flip map enabledFlavors (f:
let
binary = "pinentry-" + flavorInfo.${f}.bin;
in ''
moveToOutput bin/${binary} ${placeholder f}
ln -sf ${placeholder f}/bin/${binary} ${placeholder f}/bin/pinentry
'' + optionalString (f == "gnome3") ''
wrapGApp ${placeholder f}/bin/${binary}
'' + optionalString (f == "qt") ''
wrapQtApp ${placeholder f}/bin/${binary}
'')) + ''
ln -sf ${placeholder (head enabledFlavors)}/bin/pinentry-${flavorInfo.${head enabledFlavors}.bin} $out/bin/pinentry
'';
outputs = [ "out" ] ++ enabledFlavors;
passthru = { flavors = enabledFlavors; };
meta = with lib; {
homepage = "http://gnupg.org/aegypten2/";
description = "GnuPG’s interface to passphrase input";
license = licenses.gpl2Plus;
platforms = platforms.all;
longDescription = ''
Pinentry provides a console and (optional) GTK and Qt GUIs allowing users
to enter a passphrase when `gpg' or `gpg2' is run and needs it.
'';
maintainers = with maintainers; [ ttuegel fpletz ];
};
}
|