pkgsStatic.openssh: fix build (#278079)

This commit is contained in:
Aleksana 2024-10-29 20:13:39 +08:00 committed by GitHub
commit b1669786f1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -30,13 +30,17 @@
, libxcrypt
, hostname
, nixosTests
, withFIDO ? stdenv.hostPlatform.isUnix && !stdenv.hostPlatform.isMusl
, withSecurityKey ? !stdenv.hostPlatform.isStatic
, withFIDO ? stdenv.hostPlatform.isUnix && !stdenv.hostPlatform.isMusl && withSecurityKey
, withPAM ? stdenv.hostPlatform.isLinux
, dsaKeysSupport ? false
, linkOpenssl ? true
, isNixos ? stdenv.hostPlatform.isLinux
}:
# FIDO support requires SK support
assert withFIDO -> withSecurityKey;
stdenv.mkDerivation (finalAttrs: {
inherit pname version src;
@ -103,6 +107,7 @@ stdenv.mkDerivation (finalAttrs: {
(lib.withFeature withPAM "pam")
(lib.enableFeature dsaKeysSupport "dsa-keys")
] ++ lib.optional (etcDir != null) "--sysconfdir=${etcDir}"
++ lib.optional (!withSecurityKey) "--disable-security-key"
++ lib.optional withFIDO "--with-security-key-builtin=yes"
++ lib.optional withKerberos (assert krb5 != null; "--with-kerberos5=${lib.getDev krb5}")
++ lib.optional stdenv.hostPlatform.isDarwin "--disable-libutil"
@ -110,7 +115,9 @@ stdenv.mkDerivation (finalAttrs: {
++ lib.optional withLdns "--with-ldns"
++ extraConfigureFlags;
${if stdenv.hostPlatform.isStatic then "NIX_LDFLAGS" else null}= [ "-laudit" ] ++ lib.optionals withKerberos [ "-lkeyutils" ];
${if stdenv.hostPlatform.isStatic then "NIX_LDFLAGS" else null} = [ "-laudit" ]
++ lib.optional withKerberos "-lkeyutils"
++ lib.optional withLdns "-lcrypto";
buildFlags = [ "SSH_KEYSIGN=ssh-keysign" ];