diff options
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r-- | pkgs/tools/security/b3sum/default.nix | 2 | ||||
-rw-r--r-- | pkgs/tools/security/bitwarden_rs/default.nix | 2 | ||||
-rw-r--r-- | pkgs/tools/security/eid-mw/default.nix | 69 | ||||
-rw-r--r-- | pkgs/tools/security/fido2luks/default.nix | 2 | ||||
-rw-r--r-- | pkgs/tools/security/genpass/default.nix | 2 | ||||
-rw-r--r-- | pkgs/tools/security/jwt-cli/default.nix | 2 | ||||
-rw-r--r-- | pkgs/tools/security/ripasso/cursive.nix | 2 | ||||
-rw-r--r-- | pkgs/tools/security/rustscan/default.nix | 2 | ||||
-rw-r--r-- | pkgs/tools/security/sn0int/default.nix | 2 | ||||
-rw-r--r-- | pkgs/tools/security/vault/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/vault/vault-bin.nix | 10 |
11 files changed, 56 insertions, 43 deletions
diff --git a/pkgs/tools/security/b3sum/default.nix b/pkgs/tools/security/b3sum/default.nix index d36dfc8e18cbb..9cfc68146f952 100644 --- a/pkgs/tools/security/b3sum/default.nix +++ b/pkgs/tools/security/b3sum/default.nix @@ -13,7 +13,7 @@ rustPlatform.buildRustPackage rec { sourceRoot = "source/b3sum"; - cargoSha256 = "0n8hp83hw7g260vmf4qcicpca75faam7k0zmb0k4cdzsar96gdrr"; + cargoSha256 = "18l6j756s6qfmiy3z2cai7i62wskf04xi7y4dlcv4aiv4sv3nx9r"; cargoPatches = [ ./cargo-lock.patch ]; diff --git a/pkgs/tools/security/bitwarden_rs/default.nix b/pkgs/tools/security/bitwarden_rs/default.nix index e3d43374558d6..2790a64349990 100644 --- a/pkgs/tools/security/bitwarden_rs/default.nix +++ b/pkgs/tools/security/bitwarden_rs/default.nix @@ -25,7 +25,7 @@ in rustPlatform.buildRustPackage rec { RUSTC_BOOTSTRAP = 1; - cargoSha256 = "139by5y2ma3v52nabzr5man1qy395rchs2dlivkj9xi829kg4mcr"; + cargoSha256 = "0vdi792bzqxj8g215r9r5anzs4qhqsm6sjzwpj1l9861bn7j4xsz"; cargoBuildFlags = [ featuresFlag ]; checkPhase = '' diff --git a/pkgs/tools/security/eid-mw/default.nix b/pkgs/tools/security/eid-mw/default.nix index cbe56694da142..e07ea1a333799 100644 --- a/pkgs/tools/security/eid-mw/default.nix +++ b/pkgs/tools/security/eid-mw/default.nix @@ -1,24 +1,37 @@ -{ lib, stdenv, fetchFromGitHub -, autoreconfHook, pkg-config -, gtk3, nssTools, pcsclite -, libxml2, libproxy -, openssl, curl +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, autoconf-archive +, pkg-config , makeWrapper -, substituteAll }: +, curl +, gtk3 +, libassuan +, libbsd +, libproxy +, libxml2 +, openssl +, p11-kit +, pcsclite +, nssTools +, substituteAll +}: stdenv.mkDerivation rec { pname = "eid-mw"; - version = "4.4.27"; + # NOTE: Don't just blindly update to the latest version/tag. Releases are always for a specific OS. + version = "5.0.21"; src = fetchFromGitHub { rev = "v${version}"; - sha256 = "17lw8iwp7h5cs3db80sysr84ffi333cf2vrhncs9l6hy6glfl2v1"; + sha256 = "1sz7996q6gd6vbdxqgyx1jwjznpki1k9zbgaj1j1a51y6w0g0kdh"; repo = "eid-mw"; owner = "Fedict"; }; - nativeBuildInputs = [ autoreconfHook pkg-config makeWrapper ]; - buildInputs = [ gtk3 pcsclite libxml2 libproxy curl openssl ]; + nativeBuildInputs = [ autoreconfHook autoconf-archive pkg-config makeWrapper ]; + buildInputs = [ curl gtk3 libassuan libbsd libproxy libxml2 openssl p11-kit pcsclite ]; preConfigure = '' mkdir openssl ln -s ${openssl.out}/lib openssl @@ -27,30 +40,30 @@ stdenv.mkDerivation rec { export SSL_PREFIX=$(realpath openssl) substituteInPlace plugins_tools/eid-viewer/Makefile.in \ --replace "c_rehash" "openssl rehash" - ''; + ''; + # pinentry uses hardcoded `/usr/bin/pinentry`, so use the built-in (uglier) dialogs for pinentry. + configureFlags = [ "--disable-pinentry" ]; postPatch = '' sed 's@m4_esyscmd_s(.*,@[${version}],@' -i configure.ac ''; - configureFlags = [ "--enable-dialogs=yes" ]; - postInstall = - let - eid-nssdb-in = substituteAll { - inherit (stdenv) shell; - isExecutable = true; - src = ./eid-nssdb.in; - }; - in - '' - install -D ${eid-nssdb-in} $out/bin/eid-nssdb - substituteInPlace $out/bin/eid-nssdb \ - --replace "modutil" "${nssTools}/bin/modutil" + let + eid-nssdb-in = substituteAll { + inherit (stdenv) shell; + isExecutable = true; + src = ./eid-nssdb.in; + }; + in + '' + install -D ${eid-nssdb-in} $out/bin/eid-nssdb + substituteInPlace $out/bin/eid-nssdb \ + --replace "modutil" "${nssTools}/bin/modutil" - rm $out/bin/about-eid-mw - wrapProgram $out/bin/eid-viewer --prefix XDG_DATA_DIRS : "$out/share/gsettings-schemas/$name" - ''; + rm $out/bin/about-eid-mw + wrapProgram $out/bin/eid-viewer --prefix XDG_DATA_DIRS : "$out/share/gsettings-schemas/$name" + ''; enableParallelBuilding = true; @@ -83,6 +96,6 @@ stdenv.mkDerivation rec { firefox.override { pkcs11Modules = [ pkgs.eid-mw ]; } ''; platforms = platforms.linux; - maintainers = with maintainers; [ bfortz ]; + maintainers = with maintainers; [ bfortz chvp ]; }; } diff --git a/pkgs/tools/security/fido2luks/default.nix b/pkgs/tools/security/fido2luks/default.nix index 26922c35f2d14..1bc0d77878c80 100644 --- a/pkgs/tools/security/fido2luks/default.nix +++ b/pkgs/tools/security/fido2luks/default.nix @@ -25,7 +25,7 @@ rustPlatform.buildRustPackage rec { export LIBCLANG_PATH="${llvmPackages.libclang.lib}/lib" ''; - cargoSha256 = "sha256-4VuM1bPkl9XCI9XsZIJvw3kHSKgT4P7x6I83F2KCFD0="; + cargoSha256 = "sha256-d6t/bvHpnH4lKv78tp/8DC/VrQBnaiZhnf8GrlcYhJw="; meta = with lib; { description = "Decrypt your LUKS partition using a FIDO2 compatible authenticator"; diff --git a/pkgs/tools/security/genpass/default.nix b/pkgs/tools/security/genpass/default.nix index b358507bbae23..e726da3403160 100644 --- a/pkgs/tools/security/genpass/default.nix +++ b/pkgs/tools/security/genpass/default.nix @@ -15,7 +15,7 @@ rustPlatform.buildRustPackage rec { sha256 = "154kprbqc59f06ciz60il4ax299zapwa0hz8vjn25rl4gr5gzn4l"; }; - cargoSha256 = "1nc699n7f732lhzfhsfknay6z3igyiqy5jymm5x815mv9y1vwaj1"; + cargoSha256 = "1b9jqkg11d0ih46km063inqqjwfy1nrwb2xb3dagg3hi8hahpqpb"; buildInputs = lib.optionals stdenv.isDarwin [ CoreFoundation libiconv Security ]; diff --git a/pkgs/tools/security/jwt-cli/default.nix b/pkgs/tools/security/jwt-cli/default.nix index 0b3a94d816bbe..e1cd9ec359f1a 100644 --- a/pkgs/tools/security/jwt-cli/default.nix +++ b/pkgs/tools/security/jwt-cli/default.nix @@ -11,7 +11,7 @@ rustPlatform.buildRustPackage rec { sha256 = "sha256-82Le0kdt/fnSQwsRRYHy4Jv9rsCPGf5dIWmoZE2cPxY="; }; - cargoSha256 = "sha256-nk4nrsePiUirVPoOPehCOf5ZoGVj3jy7PnSZENnpcaM="; + cargoSha256 = "sha256-sCauVxc6JPJ4dBi5LOt+v9bdlRW+oF4cd/sfG5Xdv70="; buildInputs = lib.optional stdenv.isDarwin Security; diff --git a/pkgs/tools/security/ripasso/cursive.nix b/pkgs/tools/security/ripasso/cursive.nix index 4cdc3f6d89e23..cc2765bd70754 100644 --- a/pkgs/tools/security/ripasso/cursive.nix +++ b/pkgs/tools/security/ripasso/cursive.nix @@ -14,7 +14,7 @@ buildRustPackage rec { patches = [ ./fix-tests.patch ]; - cargoSha256 = "1wpn67v0xmxhn1dgzhh1pwz1yc3cizmfxhpb7qv9b27ynx4486ji"; + cargoSha256 = "1sv5czhrafk15yj5xyd1x9jdqn1dz6aqpxxnyz49icx53qlg9f8g"; cargoBuildFlags = [ "-p ripasso-cursive -p ripasso-man" ]; diff --git a/pkgs/tools/security/rustscan/default.nix b/pkgs/tools/security/rustscan/default.nix index 80cc8c8cc1fb9..adf514006b153 100644 --- a/pkgs/tools/security/rustscan/default.nix +++ b/pkgs/tools/security/rustscan/default.nix @@ -11,7 +11,7 @@ rustPlatform.buildRustPackage rec { sha256 = "0fdbsz1v7bb5dm3zqjs1qf73lb1m4qzkqyb3h3hbyrp9vklgxsgw"; }; - cargoSha256 = "039xarscwqndpyrr3sgzkhqna3c908zh06id8x2qaykm8l248zs9"; + cargoSha256 = "0658jbx59qrsgpfczzlfrbp2qm7kh0c5561bsxzmgiri7fcz9w0n"; postPatch = '' substituteInPlace src/main.rs \ diff --git a/pkgs/tools/security/sn0int/default.nix b/pkgs/tools/security/sn0int/default.nix index 1577b4764012c..93b7eb0ecbe42 100644 --- a/pkgs/tools/security/sn0int/default.nix +++ b/pkgs/tools/security/sn0int/default.nix @@ -12,7 +12,7 @@ rustPlatform.buildRustPackage rec { sha256 = "sha256-vnSpItch9RDUyYxERKRwYPmRLwRG9gAI7iIY+7iRs1w="; }; - cargoSha256 = "sha256-1QqNI7rdH5wb1Zge8gkJtzg2Hgd/Vk9DAU9ULk/5wiw="; + cargoSha256 = "sha256-qgOZxuzAeDgT93TccfnVTj3OQzalHfude0ETTVMM2Pk="; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/tools/security/vault/default.nix b/pkgs/tools/security/vault/default.nix index e04ab9df08c8f..eb5ac31d300be 100644 --- a/pkgs/tools/security/vault/default.nix +++ b/pkgs/tools/security/vault/default.nix @@ -2,13 +2,13 @@ buildGoPackage rec { pname = "vault"; - version = "1.7.1"; + version = "1.7.2"; src = fetchFromGitHub { owner = "hashicorp"; repo = "vault"; rev = "v${version}"; - sha256 = "0ncy99gw2pp5v2qbbgvri7qlirjj8qsvgjmjqyx3gddlpzpyiz3q"; + sha256 = "0nd77lfccl71qn98cq1yz85aiafplxbr58nafbbflijs1fz1771q"; }; goPackagePath = "github.com/hashicorp/vault"; diff --git a/pkgs/tools/security/vault/vault-bin.nix b/pkgs/tools/security/vault/vault-bin.nix index 44755db2d33fa..b283a40888bd4 100644 --- a/pkgs/tools/security/vault/vault-bin.nix +++ b/pkgs/tools/security/vault/vault-bin.nix @@ -1,26 +1,26 @@ { lib, stdenv, fetchurl, unzip }: let - version = "1.7.1"; + version = "1.7.2"; sources = let base = "https://releases.hashicorp.com/vault/${version}"; in { x86_64-linux = fetchurl { url = "${base}/vault_${version}_linux_amd64.zip"; - sha256 = "021qa8jcqwy27q83lvamvv5zqnkwk5y0jsb8al5yxpgzxqnmsyb1"; + sha256 = "1g37pgj7hbi6vfpwq9rrh6is980lfwbq5jb4736jfp5m360vprjy"; }; i686-linux = fetchurl { url = "${base}/vault_${version}_linux_386.zip"; - sha256 = "02hhxpa8craa91nfgvwziswisfdnqw4gbwrxyxr753v1y00y1sz8"; + sha256 = "0777xkkfiy0s3nyygcfpw0nbfsm6yz1n5hxcvfafhzcdyr58fpb7"; }; x86_64-darwin = fetchurl { url = "${base}/vault_${version}_darwin_amd64.zip"; - sha256 = "141zzfwrjdjv8ymrdc4mxs2f4cphdir4xjaa40s571ri38in33zh"; + sha256 = "0wzmah542bhyvrm9brhrx7drjyzan8vxhqnm0gjak5wlrcnf2dvx"; }; aarch64-linux = fetchurl { url = "${base}/vault_${version}_linux_arm64.zip"; - sha256 = "1plrmmy86zb2ij49dk2mwn364i2n83ch4gjz5pln2d4wjx21gpaq"; + sha256 = "0cs56ircad2z2msqgb0l5h53cwmwybi5rs4y2jigz4rq4ndx9f9b"; }; }; |