dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

rng-tools: 6.7 -> 6.8 (#73007)

Browse Source 
+ run tests
+ enable jitterentropy by default
+ add c0bw3b to maintainers
This commit is contained in:
Renaud 2019-11-13 00:05:28 +01:00 committed by GitHub
parent fbfc258f1e
commit 810abebba2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
pkgs/tools/security/rng-tools/default.nix
View File

@ -1,13 +1,12 @@
{ stdenv, fetchFromGitHub, libtool, autoreconfHook, pkgconfig { stdenv, fetchFromGitHub, libtool, autoreconfHook, pkgconfig
, sysfsutils , sysfsutils
, argp-standalone
# WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS # WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS
# https://www.nist.gov/programs-projects/nist-randomness-beacon # https://www.nist.gov/programs-projects/nist-randomness-beacon
, curl ? null, libxml2 ? null, openssl ? null, withNistBeacon ? false , curl ? null, libxml2 ? null, openssl ? null, withNistBeacon ? false
# Systems that support RDRAND but not AES-NI require libgcrypt to use RDRAND as an entropy source # Systems that support RDRAND but not AES-NI require libgcrypt to use RDRAND as an entropy source
, libgcrypt ? null, withGcrypt ? true , libgcrypt ? null, withGcrypt ? true
# Not sure if jitterentropy is safe to use for cryptography , jitterentropy ? null, withJitterEntropy ? true
# and thus a default entropy source
, jitterentropy ? null, withJitterEntropy ? false
, libp11 ? null, opensc ? null, withPkcs11 ? true , libp11 ? null, opensc ? null, withPkcs11 ? true
}: }:
@ -15,18 +14,16 @@ with stdenv.lib;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "rng-tools"; pname = "rng-tools";
version = "6.7"; version = "6.8";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "nhorman"; owner = "nhorman";
repo = "rng-tools"; repo = "rng-tools";
rev = "v${version}"; rev = "v${version}";
sha256 = "19f75m6mzg8h7b4snzg7d6ypvkz6nq32lrpi9ja95gqz4wsd18a5"; sha256 = "1clm9i9xg3j79q0d6vinn6dx0nwh1fvzcmkqpcbay7mwsgkknvw2";
}; };
postPatch = '' postPatch = ''
cp README.md README
${optionalString withPkcs11 '' ${optionalString withPkcs11 ''
substituteInPlace rngd.c \ substituteInPlace rngd.c \
--replace /usr/lib64/opensc-pkcs11.so ${opensc}/lib/opensc-pkcs11.so --replace /usr/lib64/opensc-pkcs11.so ${opensc}/lib/opensc-pkcs11.so
@ -42,25 +39,27 @@ stdenv.mkDerivation rec {
(withFeature withPkcs11 "pkcs11") (withFeature withPkcs11 "pkcs11")
]; ];
# argp-standalone is only used when libc lacks argp parsing (musl)
buildInputs = [ sysfsutils ] buildInputs = [ sysfsutils ]
++ optionals stdenv.hostPlatform.isx86_64 [ argp-standalone ]
++ optionals withGcrypt [ libgcrypt ] ++ optionals withGcrypt [ libgcrypt ]
++ optionals withJitterEntropy [ jitterentropy ] ++ optionals withJitterEntropy [ jitterentropy ]
++ optionals withNistBeacon [ curl libxml2 openssl ] ++ optionals withNistBeacon [ curl libxml2 openssl ]
++ optionals withPkcs11 [ libp11 openssl ]; ++ optionals withPkcs11 [ libp11 openssl ];
# This shouldn't be necessary but is as of 6.7
NIX_LDFLAGS = optionalString withPkcs11 "-lcrypto";
enableParallelBuilding = true; enableParallelBuilding = true;
# For cross-compilation # For cross-compilation
makeFlags = [ "AR:=$(AR)" ]; makeFlags = [ "AR:=$(AR)" ];
doCheck = true;
preCheck = "patchShebangs tests/*.sh";
meta = { meta = {
description = "A random number generator daemon"; description = "A random number generator daemon";
homepage = https://github.com/nhorman/rng-tools; homepage = https://github.com/nhorman/rng-tools;
license = licenses.gpl2Plus; license = licenses.gpl2Plus;
platforms = platforms.linux; platforms = platforms.linux;
maintainers = with maintainers; [ johnazoidberg ]; maintainers = with maintainers; [ johnazoidberg c0bw3b ];
}; };
} }