about summary refs log tree commit diff
path: root/pkgs/tools/security
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r--pkgs/tools/security/john/default.nix101
-rw-r--r--pkgs/tools/security/john/opencl.patch18
-rw-r--r--pkgs/tools/security/metasploit/Gemfile2
-rw-r--r--pkgs/tools/security/metasploit/Gemfile.lock10
-rw-r--r--pkgs/tools/security/metasploit/default.nix4
-rw-r--r--pkgs/tools/security/metasploit/gemset.nix10
-rw-r--r--pkgs/tools/security/pinentry-rofi/default.nix4
7 files changed, 117 insertions, 32 deletions
diff --git a/pkgs/tools/security/john/default.nix b/pkgs/tools/security/john/default.nix
index b06e0f3ec64ff..aeefcaa0bbefd 100644
--- a/pkgs/tools/security/john/default.nix
+++ b/pkgs/tools/security/john/default.nix
@@ -1,5 +1,25 @@
-{ lib, stdenv, fetchFromGitHub, openssl, nss, nspr, libkrb5, gmp, zlib, libpcap, re2
-, gcc, python3Packages, perl, perlPackages, makeWrapper, }:
+{
+  lib,
+  stdenv,
+  fetchFromGitHub,
+  openssl,
+  nss,
+  nspr,
+  libkrb5,
+  gmp,
+  zlib,
+  libpcap,
+  re2,
+  gcc,
+  python3Packages,
+  perl,
+  perlPackages,
+  withOpenCL ? true,
+  opencl-headers,
+  ocl-icd,
+  substituteAll,
+  makeWrapper,
+}:
 
 stdenv.mkDerivation rec {
   pname = "john";
@@ -12,6 +32,13 @@ stdenv.mkDerivation rec {
     hash = "sha256-zvoN+8Sx6qpVg2JeRLOIH1ehfl3tFTv7r5wQZ44Qsbc=";
   };
 
+  patches = lib.optionals withOpenCL [
+    (substituteAll {
+      src = ./opencl.patch;
+      ocl_icd = ocl-icd;
+    })
+  ];
+
   postPatch = ''
     sed -ri -e '
       s!^(#define\s+CFG_[A-Z]+_NAME\s+).*/!\1"'"$out"'/etc/john/!
@@ -23,25 +50,61 @@ stdenv.mkDerivation rec {
     }' run/*.conf
   '';
 
-  preConfigure = ''
-    cd src
-    # Makefile.in depends on AS and LD being set to CC, which is set by default in configure.ac.
-    # This ensures we override the environment variables set in cc-wrapper/setup-hook.sh
-    export AS=$CC
-    export LD=$CC
-  '';
+  preConfigure =
+    ''
+      cd src
+      # Makefile.in depends on AS and LD being set to CC, which is set by default in configure.ac.
+      # This ensures we override the environment variables set in cc-wrapper/setup-hook.sh
+      export AS=$CC
+      export LD=$CC
+    ''
+    + lib.optionalString withOpenCL ''
+      python ./opencl_generate_dynamic_loader.py  # Update opencl_dynamic_loader.c
+    '';
   configureFlags = [
     "--disable-native-tests"
     "--with-systemwide"
   ];
 
-  buildInputs = [ openssl nss nspr libkrb5 gmp zlib libpcap re2 ];
-  nativeBuildInputs = [ gcc python3Packages.wrapPython perl makeWrapper ];
-  propagatedBuildInputs = (with python3Packages; [ dpkt scapy lxml ]) ++ # For pcap2john.py
-                          (with perlPackages; [ DigestMD4 DigestSHA1 GetoptLong # For pass_gen.pl
-                                                CompressRawLzma # For 7z2john.pl
-                                                perlldap ]); # For sha-dump.pl
-                          # TODO: Get dependencies for radius2john.pl and lion2john-alt.pl
+  buildInputs =
+    [
+      openssl
+      nss
+      nspr
+      libkrb5
+      gmp
+      zlib
+      libpcap
+      re2
+    ]
+    ++ lib.optionals withOpenCL [
+      opencl-headers
+      ocl-icd
+    ];
+  nativeBuildInputs = [
+    gcc
+    python3Packages.wrapPython
+    perl
+    makeWrapper
+  ];
+  propagatedBuildInputs =
+    # For pcap2john.py
+    (with python3Packages; [
+      dpkt
+      scapy
+      lxml
+    ])
+    ++ (with perlPackages; [
+      # For pass_gen.pl
+      DigestMD4
+      DigestSHA1
+      GetoptLong
+      # For 7z2john.pl
+      CompressRawLzma
+      # For sha-dump.pl
+      perlldap
+    ]);
+  # TODO: Get dependencies for radius2john.pl and lion2john-alt.pl
 
   # gcc -DAC_BUILT -Wall vncpcap2john.o memdbg.o -g    -lpcap -fopenmp -o ../run/vncpcap2john
   # gcc: error: memdbg.o: No such file or directory
@@ -70,7 +133,11 @@ stdenv.mkDerivation rec {
     description = "John the Ripper password cracker";
     license = licenses.gpl2Plus;
     homepage = "https://github.com/openwall/john/";
-    maintainers = with maintainers; [ offline matthewbauer cherrykitten ];
+    maintainers = with maintainers; [
+      offline
+      matthewbauer
+      cherrykitten
+    ];
     platforms = platforms.unix;
   };
 }
diff --git a/pkgs/tools/security/john/opencl.patch b/pkgs/tools/security/john/opencl.patch
new file mode 100644
index 0000000000000..575bfa82638ba
--- /dev/null
+++ b/pkgs/tools/security/john/opencl.patch
@@ -0,0 +1,18 @@
+diff --git a/src/opencl_generate_dynamic_loader.py b/src/opencl_generate_dynamic_loader.py
+index 790705330..2acedbc56 100755
+--- a/src/opencl_generate_dynamic_loader.py
++++ b/src/opencl_generate_dynamic_loader.py
+@@ -134,12 +134,7 @@ static void load_opencl_dll(void)
+ 
+ 	/* Names to try to load */
+ 	const char * const opencl_names[] = {
+-		"libOpenCL.so",		/* Linux/others, hack via "development" sub-package's symlink */
+-		"OpenCL",		/* _WIN */
+-		"/System/Library/Frameworks/OpenCL.framework/OpenCL", /* __APPLE__ */
+-		"opencl.dll",		/* __CYGWIN__ */
+-		"cygOpenCL-1.dll",	/* __CYGWIN__ */
+-		"libOpenCL.so.1"	/* Linux/others, no "development" sub-package installed */
++		"@ocl_icd@/lib/libOpenCL.so"	/* NixOS */
+ 	};
+ 
+ 	for (i = 0; i < sizeof(opencl_names)/sizeof(opencl_names[0]); i++) {
diff --git a/pkgs/tools/security/metasploit/Gemfile b/pkgs/tools/security/metasploit/Gemfile
index 55597617ab4d7..125546793296e 100644
--- a/pkgs/tools/security/metasploit/Gemfile
+++ b/pkgs/tools/security/metasploit/Gemfile
@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 source "https://rubygems.org"
 
-gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.4.14"
+gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.4.15"
diff --git a/pkgs/tools/security/metasploit/Gemfile.lock b/pkgs/tools/security/metasploit/Gemfile.lock
index 877afc8a4f9d0..f8839316b6a1c 100644
--- a/pkgs/tools/security/metasploit/Gemfile.lock
+++ b/pkgs/tools/security/metasploit/Gemfile.lock
@@ -1,9 +1,9 @@
 GIT
   remote: https://github.com/rapid7/metasploit-framework
-  revision: 685168ecf3266361a8e7836b2a7889751b7d20b8
-  ref: refs/tags/6.4.14
+  revision: b4a408704631fd0a0a4587f1f1a0017bcec9fb45
+  ref: refs/tags/6.4.15
   specs:
-    metasploit-framework (6.4.14)
+    metasploit-framework (6.4.15)
       aarch64
       abbrev
       actionpack (~> 7.0.0)
@@ -44,7 +44,7 @@ GIT
       metasploit-model
       metasploit-payloads (= 2.0.166)
       metasploit_data_models
-      metasploit_payloads-mettle (= 1.0.26)
+      metasploit_payloads-mettle (= 1.0.28)
       mqtt
       msgpack (~> 1.6.0)
       mutex_m
@@ -280,7 +280,7 @@ GEM
       railties (~> 7.0)
       recog
       webrick
-    metasploit_payloads-mettle (1.0.26)
+    metasploit_payloads-mettle (1.0.28)
     method_source (1.1.0)
     mini_portile2 (2.8.6)
     minitest (5.23.1)
diff --git a/pkgs/tools/security/metasploit/default.nix b/pkgs/tools/security/metasploit/default.nix
index e5844a655017f..6bd3bf152e58c 100644
--- a/pkgs/tools/security/metasploit/default.nix
+++ b/pkgs/tools/security/metasploit/default.nix
@@ -15,13 +15,13 @@ let
   };
 in stdenv.mkDerivation rec {
   pname = "metasploit-framework";
-  version = "6.4.14";
+  version = "6.4.15";
 
   src = fetchFromGitHub {
     owner = "rapid7";
     repo = "metasploit-framework";
     rev = "refs/tags/${version}";
-    hash = "sha256-aUxHCeRBlE0CQuroxge9A/O1LA9DfQJwuwWZsPUKz1A=";
+    hash = "sha256-CJXti/pX2Q59fJgRbAodUDMlMHIJH0eh3kOZxrQEllY=";
   };
 
   nativeBuildInputs = [
diff --git a/pkgs/tools/security/metasploit/gemset.nix b/pkgs/tools/security/metasploit/gemset.nix
index ee76850346098..c1918985810b3 100644
--- a/pkgs/tools/security/metasploit/gemset.nix
+++ b/pkgs/tools/security/metasploit/gemset.nix
@@ -724,12 +724,12 @@
     platforms = [];
     source = {
       fetchSubmodules = false;
-      rev = "685168ecf3266361a8e7836b2a7889751b7d20b8";
-      sha256 = "0l6g1bsv1685pdq04za31wnbbwq3pl3wds7a8814v521wh4lfk39";
+      rev = "b4a408704631fd0a0a4587f1f1a0017bcec9fb45";
+      sha256 = "0mln0jscd6a3vshlf7q9f8q2acsh3l56q4cqgiyhxnapza5yv588";
       type = "git";
       url = "https://github.com/rapid7/metasploit-framework";
     };
-    version = "6.4.14";
+    version = "6.4.15";
   };
   metasploit-model = {
     groups = ["default"];
@@ -766,10 +766,10 @@
     platforms = [];
     source = {
       remotes = ["https://rubygems.org"];
-      sha256 = "1qprmbmpw4c8396m0whbp08xzdbjc0s2zd0jkxqnh3aswmx8pj3m";
+      sha256 = "0649y1zc2pncfalsa5nkszmbiz1gfg4q3bhh4p2q6vwaac5g6sfj";
       type = "gem";
     };
-    version = "1.0.26";
+    version = "1.0.28";
   };
   method_source = {
     groups = ["default"];
diff --git a/pkgs/tools/security/pinentry-rofi/default.nix b/pkgs/tools/security/pinentry-rofi/default.nix
index 45c817c697956..6d623f5816581 100644
--- a/pkgs/tools/security/pinentry-rofi/default.nix
+++ b/pkgs/tools/security/pinentry-rofi/default.nix
@@ -11,13 +11,13 @@
 
 stdenv.mkDerivation rec {
   pname = "pinentry-rofi";
-  version = "2.1.0";
+  version = "2.1.1";
 
   src = fetchFromGitHub {
     owner = "plattfot";
     repo = pname;
     rev = version;
-    sha256 = "sha256-J6aQTIFHlg21M9niBYdVih11heIPCLsGv0HOPaeguew=";
+    sha256 = "sha256-e7dpMivZrTHmRuAzBzDVRoUgvBt6NpZ43FRQtX2omHA=";
   };
 
   nativeBuildInputs = [
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-07 23:50:49 +0000