diff options
Diffstat (limited to 'pkgs/tools/security/ghidra/build.nix')
-rw-r--r-- | pkgs/tools/security/ghidra/build.nix | 101 |
1 files changed, 18 insertions, 83 deletions
diff --git a/pkgs/tools/security/ghidra/build.nix b/pkgs/tools/security/ghidra/build.nix index 3c739602514c8..b9a756dd597ce 100644 --- a/pkgs/tools/security/ghidra/build.nix +++ b/pkgs/tools/security/ghidra/build.nix @@ -3,10 +3,9 @@ fetchFromGitHub, lib, callPackage, - gradle_7, - perl, + gradle, makeBinaryWrapper, - openjdk17, + openjdk21, unzip, makeDesktopItem, copyDesktopItems, @@ -21,7 +20,7 @@ let pkg_path = "$out/lib/ghidra"; pname = "ghidra"; - version = "11.1.1"; + version = "11.2"; releaseName = "NIX"; distroPrefix = "ghidra_${version}_${releaseName}"; @@ -29,7 +28,7 @@ let owner = "NationalSecurityAgency"; repo = "Ghidra"; rev = "Ghidra_${version}_build"; - hash = "sha256-t96FcAK3JwO66dOf4OhpOfU8CQfAczfF61Cg7m+B3fA="; + hash = "sha256-iO6g3t8JNdc/wAC+JG+6Y7aZCq7T9zYQC3KKZcr+wzc="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -44,8 +43,6 @@ let ''; }; - gradle = gradle_7; - patches = [ # Use our own protoc binary instead of the prebuilt one ./0001-Use-protobuf-gradle-plugin.patch @@ -76,69 +73,6 @@ let HERE ''; - # Adds a gradle step that downloads all the dependencies to the gradle cache. - addResolveStep = '' - cat >>build.gradle <<HERE - task resolveDependencies { - doLast { - project.rootProject.allprojects.each { subProject -> - subProject.buildscript.configurations.each { configuration -> - resolveConfiguration(subProject, configuration, "buildscript config \''${configuration.name}") - } - subProject.configurations.each { configuration -> - resolveConfiguration(subProject, configuration, "config \''${configuration.name}") - } - } - } - } - void resolveConfiguration(subProject, configuration, name) { - if (configuration.canBeResolved) { - logger.info("Resolving project {} {}", subProject.name, name) - configuration.resolve() - } - } - HERE - ''; - - # fake build to pre-download deps into fixed-output derivation - # Taken from mindustry derivation. - deps = stdenv.mkDerivation { - pname = "${pname}-deps"; - inherit version src patches; - - postPatch = addResolveStep; - - nativeBuildInputs = [ - gradle - perl - ] ++ lib.optional stdenv.isDarwin xcbuild; - buildPhase = '' - runHook preBuild - export HOME="$NIX_BUILD_TOP/home" - mkdir -p "$HOME" - export JAVA_TOOL_OPTIONS="-Duser.home='$HOME'" - export GRADLE_USER_HOME="$HOME/.gradle" - - # First, fetch the static dependencies. - gradle --no-daemon --info -Dorg.gradle.java.home=${openjdk17} -I gradle/support/fetchDependencies.gradle init - - # Then, fetch the maven dependencies. - gradle --no-daemon --info -Dorg.gradle.java.home=${openjdk17} resolveDependencies - runHook postBuild - ''; - # perl code mavenizes pathes (com.squareup.okio/okio/1.13.0/a9283170b7305c8d92d25aff02a6ab7e45d06cbe/okio-1.13.0.jar -> com/squareup/okio/okio/1.13.0/okio-1.13.0.jar) - installPhase = '' - runHook preInstall - find $GRADLE_USER_HOME/caches/modules-2 -type f -regex '.*\.\(jar\|pom\)' \ - | perl -pe 's#(.*/([^/]+)/([^/]+)/([^/]+)/[0-9a-f]{30,40}/([^/\s]+))$# ($x = $2) =~ tr|\.|/|; "install -Dm444 $1 \$out/maven/$x/$3/$4/$5" #e' \ - | sh - cp -r dependencies $out/dependencies - runHook postInstall - ''; - outputHashAlgo = "sha256"; - outputHashMode = "recursive"; - outputHash = "sha256-66gL4UFlBUo2JIEOXoF6tFvXtBdEX4b2MeSrV1b6Vg4="; - }; in stdenv.mkDerivation (finalAttrs: { inherit @@ -178,7 +112,7 @@ stdenv.mkDerivation (finalAttrs: { python3 python3Packages.pip ] - ++ lib.optionals stdenv.isDarwin [ + ++ lib.optionals stdenv.hostPlatform.isDarwin [ xcbuild desktopToDarwinBundle ]; @@ -187,20 +121,20 @@ stdenv.mkDerivation (finalAttrs: { __darwinAllowLocalNetworking = true; - buildPhase = '' - runHook preBuild - export HOME="$NIX_BUILD_TOP/home" - mkdir -p "$HOME" - export JAVA_TOOL_OPTIONS="-Duser.home='$HOME'" - - ln -s ${deps}/dependencies dependencies + mitmCache = gradle.fetchDeps { + inherit pname; + data = ./deps.json; + }; - sed -i "s#mavenLocal()#mavenLocal(); maven { url '${deps}/maven' }#g" build.gradle + gradleFlags = [ "-Dorg.gradle.java.home=${openjdk21}" ]; - gradle --offline --no-daemon --info -Dorg.gradle.java.home=${openjdk17} buildGhidra - runHook postBuild + preBuild = '' + export JAVA_TOOL_OPTIONS="-Duser.home=$NIX_BUILD_TOP/home" + gradle -I gradle/support/fetchDependencies.gradle ''; + gradleBuildTask = "buildGhidra"; + installPhase = '' runHook preInstall @@ -226,9 +160,10 @@ stdenv.mkDerivation (finalAttrs: { postFixup = '' mkdir -p "$out/bin" ln -s "${pkg_path}/ghidraRun" "$out/bin/ghidra" + ln -s "${pkg_path}/support/analyzeHeadless" "$out/bin/ghidra-analyzeHeadless" wrapProgram "${pkg_path}/support/launch.sh" \ --set-default NIX_GHIDRAHOME "${pkg_path}/Ghidra" \ - --prefix PATH : ${lib.makeBinPath [ openjdk17 ]} + --prefix PATH : ${lib.makeBinPath [ openjdk21 ]} ''; passthru = { @@ -261,6 +196,6 @@ stdenv.mkDerivation (finalAttrs: { roblabla vringar ]; - broken = stdenv.isDarwin && stdenv.isx86_64; + broken = stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isx86_64; }; }) |