diff --git a/pkgs/tools/networking/openssh/common.nix b/pkgs/tools/networking/openssh/common.nix index 229edd37eeef..bd127b9092cc 100644 --- a/pkgs/tools/networking/openssh/common.nix +++ b/pkgs/tools/networking/openssh/common.nix @@ -63,22 +63,6 @@ stdenv.mkDerivation rec { # Setting LD causes `configure' and `make' to disagree about which linker # to use: `configure' wants `gcc', but `make' wants `ld'. unset LD - '' - # Upstream build system does not support static build, so we fall back - # on fragile patching of configure script. - # - # libedit is found by pkg-config, but without --static flag, required - # to get also transitive dependencies for static linkage, hence sed - # expression. - # - # Kerberos can be found either by krb5-config or by fall-back shell - # code in openssh's configure.ac. Neither of them support static - # build, but patching code for krb5-config is simpler, so to get it - # into PATH, libkrb5.dev is added into buildInputs. - + optionalString stdenv.hostPlatform.isStatic '' - sed -i "s,PKGCONFIG --libs,PKGCONFIG --libs --static,g" configure - sed -i 's#KRB5CONF --libs`#KRB5CONF --libs` -lkrb5support -lkeyutils#g' configure - sed -i 's#KRB5CONF --libs gssapi`#KRB5CONF --libs gssapi` -lkrb5support -lkeyutils#g' configure ''; # I set --disable-strip because later we strip anyway. And it fails to strip @@ -98,6 +82,8 @@ stdenv.mkDerivation rec { ++ optional (!linkOpenssl) "--without-openssl" ++ extraConfigureFlags; + ${if stdenv.hostPlatform.isStatic then "NIX_LDFLAGS" else null}= [ "-laudit" ] ++ lib.optionals withKerberos [ "-lkeyutils" ]; + buildFlags = [ "SSH_KEYSIGN=ssh-keysign" ]; enableParallelBuilding = true; @@ -107,7 +93,7 @@ stdenv.mkDerivation rec { doCheck = true; enableParallelChecking = false; checkInputs = optional (!stdenv.isDarwin) hostname; - preCheck = '' + preCheck = lib.optionalString (stdenv.hostPlatform == stdenv.buildPlatform) '' # construct a dummy HOME export HOME=$(realpath ../dummy-home) mkdir -p ~/.ssh