libdigidoc: 3.17.1 -> 4.0.0

See https://github.com/open-eid/libdigidocpp/releases/tag/v4.0.0 for release notes. They dropped dependencies on xalan-c and xml-security-c and instead depend on libxml2 and xmlsec now. The change in the TSA_URL is now included as well, so we can stop patching it manually. It also doesn't complain about an invalid signature in the TSL list anymore.
2024-10-23 12:23:19 +02:00 · 2024-10-23 12:23:19 +02:00 · 8defa559dc
commit 8defa559dc
parent 3f6631032d
1 changed files with 34 additions and 14 deletions
--- a/pkgs/development/libraries/libdigidocpp/default.nix
+++ b/pkgs/development/libraries/libdigidocpp/default.nix
@ -1,31 +1,51 @@
-{ lib, stdenv, fetchurl, cmake, minizip, pcsclite, opensc, openssl
-, xercesc, xml-security-c, pkg-config, xsd, zlib, xalanc, xxd }:
+{ lib
+, stdenv
+, fetchurl
+, cmake
+, libtool
+, libxml2
+, minizip
+, pcsclite
+, opensc
+, openssl
+, xercesc
+, pkg-config
+, xsd
+, zlib
+, xmlsec
+, xxd
+}:

 stdenv.mkDerivation rec {
-  version = "3.17.1";
+  version = "4.0.0";
  pname = "libdigidocpp";

  src = fetchurl {
    url = "https://github.com/open-eid/libdigidocpp/releases/download/v${version}/libdigidocpp-${version}.tar.gz";
-     hash = "sha256-3qDsIAOiWMZDj2zLE+Os7BoeCPeC4JQ6p8jSBd7PdV0=";
+    hash = "sha256-0G7cjJEgLJ24SwHRznKJ18cRY0m50lr6HXstfbYq9f8=";
  };

  nativeBuildInputs = [ cmake pkg-config xxd ];

  buildInputs = [
-    minizip pcsclite opensc openssl xercesc
-    xml-security-c xsd zlib xalanc
+    libxml2
+    minizip
+    pcsclite
+    opensc
+    openssl
+    xercesc
+    xsd
+    zlib
+    xmlsec
  ];

  outputs = [ "out" "lib" "dev" "bin" ];

-  # Cherry-pick of
-  # https://github.com/open-eid/libdigidocpp/commit/2b5db855ba3ceb9bae1f11589ea1aea22bb7595a
-  # Fixes https://github.com/NixOS/nixpkgs/issues/334397
-  postPatch = ''
-    substituteInPlace CMakeLists.txt \
-      --replace-fail 'TSA_URL "http://dd-at.ria.ee/tsa"' 'TSA_URL "https://eid-dd.ria.ee/ts"'
-  '';
+  # This wants to link to ${CMAKE_DL_LIBS} (ltdl), and there doesn't seem to be
+  # a way to tell CMake where this should be pulled from.
+  # A cleaner fix would probably be to patch cmake to use
+  # `-L${libtool.lib}/lib -ltdl` for `CMAKE_DL_LIBS`, but that's a world rebuild.
+  env.NIX_LDFLAGS = "-L${libtool.lib}/lib";

  # libdigidocpp.so's `PKCS11Signer::PKCS11Signer()` dlopen()s "opensc-pkcs11.so"
  # itself, so add OpenSC to its DT_RUNPATH after the fixupPhase shrinked it.