diff options
Diffstat (limited to 'pkgs/tools')
-rw-r--r-- | pkgs/tools/admin/bubblewrap/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/admin/salt/0001-Fix-Jinja2-3.1.0.patch | 38 | ||||
-rw-r--r-- | pkgs/tools/admin/salt/default.nix | 52 | ||||
-rw-r--r-- | pkgs/tools/backup/zbackup/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/misc/bat/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/misc/dotter/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/misc/esptool/default.nix | 37 | ||||
-rw-r--r-- | pkgs/tools/misc/nb/default.nix | 67 | ||||
-rw-r--r-- | pkgs/tools/networking/aircrack-ng/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/networking/httpie/default.nix | 80 | ||||
-rw-r--r-- | pkgs/tools/networking/httpie/strip-venv.patch | 22 | ||||
-rw-r--r-- | pkgs/tools/security/yubihsm-connector/default.nix | 40 | ||||
-rw-r--r-- | pkgs/tools/security/yubihsm-connector/lockfile-fix.patch | 115 | ||||
-rw-r--r-- | pkgs/tools/security/yubihsm-shell/default.nix | 59 |
14 files changed, 397 insertions, 135 deletions
diff --git a/pkgs/tools/admin/bubblewrap/default.nix b/pkgs/tools/admin/bubblewrap/default.nix index fda6113b59841..92a188b0cb61b 100644 --- a/pkgs/tools/admin/bubblewrap/default.nix +++ b/pkgs/tools/admin/bubblewrap/default.nix @@ -13,13 +13,13 @@ stdenv.mkDerivation rec { pname = "bubblewrap"; - version = "0.6.1"; + version = "0.6.2"; src = fetchFromGitHub { owner = "containers"; repo = "bubblewrap"; rev = "v${version}"; - sha256 = "sha256-YmK/Tq9/JTJr5gLNKEH5t6TvvXlNSTDz5Ui7d3ewv2s="; + hash = "sha256-J+VFla3sWO+DfB2IxxrKzbiG+KWFJr9caf8sTHyWXY4="; }; postPatch = '' diff --git a/pkgs/tools/admin/salt/0001-Fix-Jinja2-3.1.0.patch b/pkgs/tools/admin/salt/0001-Fix-Jinja2-3.1.0.patch new file mode 100644 index 0000000000000..bdcc82c708dfa --- /dev/null +++ b/pkgs/tools/admin/salt/0001-Fix-Jinja2-3.1.0.patch @@ -0,0 +1,38 @@ +From 0a763a13ef55964395dff60283ececc16f957792 Mon Sep 17 00:00:00 2001 +From: Derek Kulinski <d@kulinski.us> +Date: Sun, 8 May 2022 01:30:39 -0700 +Subject: [PATCH] Fix Jinja2 3.1.0 + +--- + salt/utils/jinja.py | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/salt/utils/jinja.py b/salt/utils/jinja.py +index 0cb70bf64a..322c2f7f46 100644 +--- a/salt/utils/jinja.py ++++ b/salt/utils/jinja.py +@@ -25,10 +25,11 @@ import salt.utils.json + import salt.utils.stringutils + import salt.utils.url + import salt.utils.yaml +-from jinja2 import BaseLoader, Markup, TemplateNotFound, nodes ++from jinja2 import BaseLoader, TemplateNotFound, nodes + from jinja2.environment import TemplateModule + from jinja2.exceptions import TemplateRuntimeError + from jinja2.ext import Extension ++from markupsafe import Markup + from salt.exceptions import TemplateError + from salt.utils.decorators.jinja import jinja_filter, jinja_global, jinja_test + from salt.utils.odict import OrderedDict +@@ -706,7 +707,7 @@ def method_call(obj, f_name, *f_args, **f_kwargs): + return getattr(obj, f_name, lambda *args, **kwargs: None)(*f_args, **f_kwargs) + + +-@jinja2.contextfunction ++@jinja2.pass_context + def show_full_context(ctx): + return salt.utils.data.simple_types_filter( + {key: value for key, value in ctx.items()} +-- +2.35.1 + diff --git a/pkgs/tools/admin/salt/default.nix b/pkgs/tools/admin/salt/default.nix index 774ea6c8cfa7a..b59bc46e9c2be 100644 --- a/pkgs/tools/admin/salt/default.nix +++ b/pkgs/tools/admin/salt/default.nix @@ -6,30 +6,16 @@ , extraInputs ? [] }: -let - py = python3.override { - packageOverrides = self: super: { - # Incompatible with pyzmq 22 - pyzmq = super.pyzmq.overridePythonAttrs (oldAttrs: rec { - version = "21.0.2"; - src = oldAttrs.src.override { - inherit version; - sha256 = "CYwTxhmJE8KgaQI1+nTS5JFhdV9mtmO+rsiWUVVMx5w="; - }; - }); - }; - }; -in -py.pkgs.buildPythonApplication rec { +python3.pkgs.buildPythonApplication rec { pname = "salt"; version = "3004.1"; - src = py.pkgs.fetchPypi { + src = python3.pkgs.fetchPypi { inherit pname version; hash = "sha256-fzRKJDJkik8HjapazMaNzf/hCVzqE+wh5QQTVg8Ewpg="; }; - propagatedBuildInputs = with py.pkgs; [ + propagatedBuildInputs = with python3.pkgs; [ distro jinja2 markupsafe @@ -39,18 +25,46 @@ py.pkgs.buildPythonApplication rec { pyyaml pyzmq requests - tornado ] ++ extraInputs; - patches = [ ./fix-libcrypto-loading.patch ]; + patches = [ + ./fix-libcrypto-loading.patch + + # Bug in 3004.1: https://github.com/saltstack/salt/pull/61856 + ./0001-Fix-Jinja2-3.1.0.patch + ]; postPatch = '' substituteInPlace "salt/utils/rsax931.py" \ --subst-var-by "libcrypto" "${lib.getLib openssl}/lib/libcrypto.so" substituteInPlace requirements/base.txt \ --replace contextvars "" + + # Don't require optional dependencies on Darwin, let's use + # `extraInputs` like on any other platform + echo -n > "requirements/darwin.txt" + + # Bug in 3004.1: https://github.com/saltstack/salt/pull/61839 + substituteInPlace "salt/utils/entrypoints.py" \ + --replace 'if sys.version_info >= (3, 10):' 'if False:' + + # Bug in 3004.1: https://github.com/saltstack/salt/issues/61865 + substituteInPlace "salt/transport/tcp.py" \ + --replace 'payload = self.pack_publish(package)' 'package = self.pack_publish(package)' + + # 3004.1: requirement of pyzmq was restricted to <22.0.0; looks like that req was incorrect + # https://github.com/saltstack/salt/commit/070597e525bb7d56ffadede1aede325dfb1b73a4 + # https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259279 + # https://github.com/saltstack/salt/pull/61163 + substituteInPlace "requirements/zeromq.txt" \ + --replace 'pyzmq<=20.0.0 ; python_version < "3.6"' "" \ + --replace 'pyzmq>=17.0.0,<22.0.0 ; python_version < "3.9"' 'pyzmq>=17.0.0 ; python_version < "3.9"' \ + --replace 'pyzmq>19.0.2,<22.0.0 ; python_version >= "3.9"' 'pyzmq>19.0.2 ; python_version >= "3.9"' ''; + # Don't use fixed dependencies on Darwin + USE_STATIC_REQUIREMENTS = "0"; + # The tests fail due to socket path length limits at the very least; # possibly there are more issues but I didn't leave the test suite running # as is it rather long. diff --git a/pkgs/tools/backup/zbackup/default.nix b/pkgs/tools/backup/zbackup/default.nix index ee5cc6fd89e90..9b618ccec5051 100644 --- a/pkgs/tools/backup/zbackup/default.nix +++ b/pkgs/tools/backup/zbackup/default.nix @@ -20,6 +20,10 @@ stdenv.mkDerivation rec { ./protobuf-api-change.patch ]; + # zbackup uses dynamic exception specifications which are not + # allowed in C++17 + NIX_CFLAGS_COMPILE = [ "--std=c++14" ]; + buildInputs = [ zlib openssl protobuf lzo libunwind ]; nativeBuildInputs = [ cmake protobufc ]; diff --git a/pkgs/tools/misc/bat/default.nix b/pkgs/tools/misc/bat/default.nix index 558bd4bad3f63..e886616b70795 100644 --- a/pkgs/tools/misc/bat/default.nix +++ b/pkgs/tools/misc/bat/default.nix @@ -12,15 +12,15 @@ rustPlatform.buildRustPackage rec { pname = "bat"; - version = "0.20.0"; + version = "0.21.0"; src = fetchFromGitHub { owner = "sharkdp"; repo = pname; rev = "v${version}"; - sha256 = "sha256-U+EHOZntZsHfvLapLpbiIKXSm8Qc1BRqCTR/AFe6yfQ="; + sha256 = "sha256-eCk0oOHGZNqgqz+JJfIhjWdLgBTpBig+mggi1c3EUDk="; }; - cargoSha256 = "sha256-eSBcrKjgCz8mApLJnpNyWVC8pQVUX8dPiYJDIK470U8="; + cargoSha256 = "sha256-kYZxtiK9hnHBOMvRoHZK5kyXO9cg/gHBYuaITqKUpbE="; nativeBuildInputs = [ pkg-config installShellFiles makeWrapper ]; diff --git a/pkgs/tools/misc/dotter/default.nix b/pkgs/tools/misc/dotter/default.nix index 5ca26be420ea7..67401b4d85b8e 100644 --- a/pkgs/tools/misc/dotter/default.nix +++ b/pkgs/tools/misc/dotter/default.nix @@ -1,4 +1,4 @@ -{ lib, fetchFromGitHub, rustPlatform, which }: +{ lib, stdenv, fetchFromGitHub, rustPlatform, CoreServices, which }: rustPlatform.buildRustPackage rec { pname = "dotter"; @@ -13,6 +13,8 @@ rustPlatform.buildRustPackage rec { cargoHash = "sha256-JpMEC2HjAQLQiXHSE6L0HBDc0vLhd465wDK2+35aBXA="; + buildInputs = lib.optionals stdenv.isDarwin [ CoreServices ]; + checkInputs = [ which ]; meta = with lib; { diff --git a/pkgs/tools/misc/esptool/default.nix b/pkgs/tools/misc/esptool/default.nix index e1ec37063deaf..b4439363d4ada 100644 --- a/pkgs/tools/misc/esptool/default.nix +++ b/pkgs/tools/misc/esptool/default.nix @@ -2,19 +2,27 @@ python3.pkgs.buildPythonApplication rec { pname = "esptool"; - version = "3.3"; + version = "3.3.1"; src = fetchFromGitHub { owner = "espressif"; repo = "esptool"; rev = "v${version}"; - sha256 = "sha256-CmGie+M3AboOk8X+LkRhIxTRQZgDlklouzmz8kiIZuI="; + hash = "sha256-9WmiLji7Zoad5WIzgkpvkI9t96sfdkCtFh6zqVxF7qo="; }; - checkInputs = with python3.pkgs; - [ flake8 flake8-future-import flake8-import-order openssl ]; - propagatedBuildInputs = with python3.pkgs; - [ pyserial pyaes ecdsa reedsolo bitstring cryptography ]; + postPatch = '' + substituteInPlace test/test_imagegen.py \ + --replace "sys.executable, ESPTOOL_PY" "ESPTOOL_PY" + ''; + + propagatedBuildInputs = with python3.pkgs; [ + bitstring + cryptography + ecdsa + pyserial + reedsolo + ]; # wrapPythonPrograms will overwrite esptool.py with a bash script, # but espefuse.py tries to import it. Since we don't add any binary paths, @@ -28,6 +36,23 @@ python3.pkgs.buildPythonApplication rec { done ''; + checkInputs = with python3.pkgs; [ + pyelftools + ]; + + # tests mentioned in `.github/workflows/test_esptool.yml` + checkPhase = '' + runHook preCheck + + export ESPTOOL_PY=$out/bin/esptool.py + ${python3.interpreter} test/test_imagegen.py + ${python3.interpreter} test/test_espsecure.py + ${python3.interpreter} test/test_merge_bin.py + ${python3.interpreter} test/test_modules.py + + runHook postCheck + ''; + meta = with lib; { description = "ESP8266 and ESP32 serial bootloader utility"; homepage = "https://github.com/espressif/esptool"; diff --git a/pkgs/tools/misc/nb/default.nix b/pkgs/tools/misc/nb/default.nix new file mode 100644 index 0000000000000..422e315fc9a64 --- /dev/null +++ b/pkgs/tools/misc/nb/default.nix @@ -0,0 +1,67 @@ +{ stdenv, lib, fetchFromGitHub, installShellFiles }: + +stdenv.mkDerivation rec { + pname = "nb"; + version = "6.10.1"; + + src = fetchFromGitHub { + owner = "xwmx"; + repo = "nb"; + rev = version; + sha256 = "00c0k12yc2vqx0am1mhcjbn7fh3dab2zixslyh1smzcww275rk59"; + }; + + nativeBuildInputs = [ installShellFiles ]; + + dontBuild = true; + + installPhase = '' + mkdir -p $out/bin/ + mv nb $out/bin/ + runHook postInstall + ''; + + postInstall = '' + installShellCompletion etc/nb-completion.{bash,zsh} + ''; + + meta = with lib; { + description = "A command line note-taking, bookmarking, archiving, and knowledge base application"; + longDescription = '' + `nb` creates notes in text-based formats like Markdown, Emacs Org mode, + and LaTeX, can work with files in any format, can import and export notes + to many document formats, and can create private, password-protected + encrypted notes and bookmarks. With `nb`, you can write notes using Vim, + Emacs, VS Code, Sublime Text, and any other text editor you like. `nb` + works in any standard Linux / Unix environment, including macOS and + Windows via WSL. Optional dependencies can be installed to enhance + functionality, but `nb` works great without them. + + `nb` is also a powerful text-based CLI bookmarking system. Page + information is automatically downloaded, compiled, and saved into normal + Markdown documents made for humans, so bookmarks are easy to edit just + like any other note. + + `nb` uses Git in the background to automatically record changes and sync + notebooks with remote repositories. `nb` can also be configured to sync + notebooks using a general purpose syncing utility like Dropbox so notes + can be edited in other apps on any device. + + `nb` is designed to be portable, future-focused, and vendor independent, + providing a full-featured and intuitive experience within a highly + composable user-centric text interface. The entire program is a single + well-tested shell script that can be installed, copied, or curled almost + anywhere and just work, using progressive enhancement for various + experience improvements in more capable environments. `nb` works great + whether you have one notebook with just a few notes or dozens of + notebooks containing thousands of notes, bookmarks, and other items. `nb` + makes it easy to incorporate other tools, writing apps, and workflows. + `nb` can be used a little, a lot, once in a while, or for just a subset + of features. `nb` is flexible. + ''; + homepage = "https://xwmx.github.io/nb/"; + license = licenses.agpl3Plus; + maintainers = [ maintainers.toonn ]; + platforms = platforms.all; + }; +} diff --git a/pkgs/tools/networking/aircrack-ng/default.nix b/pkgs/tools/networking/aircrack-ng/default.nix index f836fdf052f9b..b4cab28e3ebdf 100644 --- a/pkgs/tools/networking/aircrack-ng/default.nix +++ b/pkgs/tools/networking/aircrack-ng/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { pname = "aircrack-ng"; - version = "1.6"; + version = "1.7"; src = fetchurl { url = "https://download.aircrack-ng.org/aircrack-ng-${version}.tar.gz"; - sha256 = "0ix2k64qg7x3w0bzdsbk1m50kcpq1ws59g3zkwiafvpwdr4gs2sg"; + sha256 = "1hsq1gwmafka4bahs6rc8p98yi542h9a502h64bjlygpr3ih99q5"; }; nativeBuildInputs = [ pkg-config makeWrapper autoreconfHook ]; diff --git a/pkgs/tools/networking/httpie/default.nix b/pkgs/tools/networking/httpie/default.nix deleted file mode 100644 index a6c6ddfe5bba9..0000000000000 --- a/pkgs/tools/networking/httpie/default.nix +++ /dev/null @@ -1,80 +0,0 @@ -{ lib -, fetchFromGitHub -, installShellFiles -, python3 -, pandoc -}: - -python3.pkgs.buildPythonApplication rec { - pname = "httpie"; - version = "3.1.0"; - format = "setuptools"; - - src = fetchFromGitHub { - owner = "httpie"; - repo = "httpie"; - rev = version; - hash = "sha256-x7Zucb2i8D4Xbn77eBzSxOAcc2fGg5MFKFiyJhytQ0s="; - }; - - nativeBuildInputs = [ - installShellFiles - pandoc - ]; - - propagatedBuildInputs = with python3.pkgs; [ - charset-normalizer - defusedxml - multidict - pygments - requests - requests-toolbelt - setuptools - ]; - - checkInputs = with python3.pkgs; [ - mock - pytest - pytest-httpbin - pytest-lazy-fixture - pytestCheckHook - responses - ]; - - postInstall = '' - # install completions - installShellCompletion --bash \ - --name http.bash extras/httpie-completion.bash - installShellCompletion --fish \ - --name http.fish extras/httpie-completion.fish - - # convert the docs/README.md file - pandoc --standalone -f markdown -t man docs/README.md -o docs/http.1 - installManPage docs/http.1 - ''; - - pytestFlagsArray = [ - "httpie" - "tests" - ]; - - disabledTests = [ - "test_chunked" - "test_verbose_chunked" - "test_multipart_chunked" - "test_request_body_from_file_by_path_chunked" - # Part of doctest - "httpie.encoding.detect_encoding" - ]; - - pythonImportsCheck = [ - "httpie" - ]; - - meta = with lib; { - description = "A command line HTTP client whose goal is to make CLI human-friendly"; - homepage = "https://httpie.org/"; - license = licenses.bsd3; - maintainers = with maintainers; [ antono relrod schneefux SuperSandro2000 ]; - }; -} diff --git a/pkgs/tools/networking/httpie/strip-venv.patch b/pkgs/tools/networking/httpie/strip-venv.patch deleted file mode 100644 index 9cfddbfdf78f4..0000000000000 --- a/pkgs/tools/networking/httpie/strip-venv.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff --git a/tests/test_docs.py b/tests/test_docs.py -index 340e64d..a6b4dc9 100644 ---- a/tests/test_docs.py -+++ b/tests/test_docs.py -@@ -42,15 +42,10 @@ assert filenames - # HACK: hardcoded paths, venv should be irrelevant, etc. - # TODO: simplify by using the Python API instead of a subprocess - # then we wont’t need the paths. --VENV_BIN = Path(__file__).parent.parent / 'venv/bin' --VENV_PYTHON = VENV_BIN / 'python' --VENV_RST2PSEUDOXML = VENV_BIN / 'rst2pseudoxml.py' -+VENV_PYTHON = 'python' -+VENV_RST2PSEUDOXML = 'rst2pseudoxml.py' - - --@pytest.mark.skipif( -- not VENV_RST2PSEUDOXML.exists(), -- reason='docutils not installed', --) - @pytest.mark.parametrize('filename', filenames) - def test_rst_file_syntax(filename): - p = subprocess.Popen( diff --git a/pkgs/tools/security/yubihsm-connector/default.nix b/pkgs/tools/security/yubihsm-connector/default.nix new file mode 100644 index 0000000000000..24371f8a983e3 --- /dev/null +++ b/pkgs/tools/security/yubihsm-connector/default.nix @@ -0,0 +1,40 @@ +{ lib, libusb1, buildGoModule, fetchFromGitHub, pkg-config }: + +buildGoModule rec { + pname = "yubihsm-connector"; + version = "3.0.2"; + + src = fetchFromGitHub { + owner = "Yubico"; + repo = "yubihsm-connector"; + rev = version; + sha256 = "FQ64tSZN55QpXjMZITzlWOPTKSgnoCpkRngQUQHVavc="; + }; + + vendorSha256 = "kVBzdJk/1LvjdUtLqHAw9ZxDfCo3mBWVMYG/nQXpDrk="; + + patches = [ + # Awaiting a new release to fix the upstream lockfile + # https://github.com/Yubico/yubihsm-connector/issues/36 + ./lockfile-fix.patch + ]; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + libusb1 + ]; + + preBuild = '' + go generate + ''; + + meta = with lib; { + description = "yubihsm-connector performs the communication between the YubiHSM 2 and applications that use it"; + homepage = "https://developers.yubico.com/yubihsm-connector/"; + maintainers = with maintainers; [ matthewcroughan ]; + license = licenses.asl20; + }; +} diff --git a/pkgs/tools/security/yubihsm-connector/lockfile-fix.patch b/pkgs/tools/security/yubihsm-connector/lockfile-fix.patch new file mode 100644 index 0000000000000..96fdb0ec64b8a --- /dev/null +++ b/pkgs/tools/security/yubihsm-connector/lockfile-fix.patch @@ -0,0 +1,115 @@ +diff --git a/go.mod b/go.mod +index ac22dc6..0ef56b2 100644 +--- a/go.mod ++++ b/go.mod +@@ -1,21 +1,32 @@ + module github.com/Yubico/yubihsm-connector + ++go 1.17 ++ + require ( + github.com/google/gousb v1.1.0 + github.com/google/uuid v1.1.1 + github.com/kardianos/service v1.0.0 ++ github.com/notdpate/evloghook v0.0.0-20180503050227-f202fa6c9ebb ++ github.com/sirupsen/logrus v1.4.2 ++ github.com/spf13/cobra v0.0.5 ++ github.com/spf13/viper v1.4.0 ++ gopkg.in/yaml.v2 v2.2.2 ++) ++ ++require ( ++ github.com/fsnotify/fsnotify v1.4.7 // indirect ++ github.com/hashicorp/hcl v1.0.0 // indirect ++ github.com/inconshreveable/mousetrap v1.0.0 // indirect + github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect + github.com/magiconair/properties v1.8.1 // indirect +- github.com/notdpate/evloghook v0.0.0-20180503050227-f202fa6c9ebb ++ github.com/mitchellh/mapstructure v1.1.2 // indirect + github.com/pelletier/go-toml v1.4.0 // indirect +- github.com/sirupsen/logrus v1.4.2 + github.com/spf13/afero v1.2.2 // indirect +- github.com/spf13/cobra v0.0.5 ++ github.com/spf13/cast v1.3.0 // indirect + github.com/spf13/jwalterweatherman v1.1.0 // indirect +- github.com/spf13/viper v1.4.0 ++ github.com/spf13/pflag v1.0.3 // indirect + github.com/stretchr/testify v1.4.0 // indirect + golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3 // indirect + golang.org/x/text v0.3.2 // indirect + gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect +- gopkg.in/yaml.v2 v2.2.2 + ) +diff --git a/go.sum b/go.sum +index 71df42d..8d977ff 100644 +--- a/go.sum ++++ b/go.sum +@@ -1,4 +1,5 @@ + cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= ++github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= + github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= + github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= + github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +@@ -16,6 +17,7 @@ github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7 + github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= + github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= + github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= ++github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= + github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= + github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= + github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= +@@ -45,6 +47,7 @@ github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgf + github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= + github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= + github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= ++github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= + github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= + github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= + github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= +@@ -53,10 +56,13 @@ github.com/kardianos/service v1.0.0/go.mod h1:8CzDhVuCuugtsHyZoTvsOBuvonN/UDBvl0 + github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= + github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= + github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= ++github.com/konsorten/go-windows-terminal-sequences v1.0.2 h1:DB17ag19krx9CFsz4o3enTrPXyIXCl+2iCXH/aMAp9s= + github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= + github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= ++github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= + github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= + github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= ++github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= + github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= + github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= + github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzRKO2BQ4= +@@ -66,12 +72,14 @@ github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrk + github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= + github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= + github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= ++github.com/notdpate/evloghook v0.0.0-20180503050227-f202fa6c9ebb h1:GFmMJZvdCkRfbfo07+lUKrB+jh2cJ+a2l6qD/3hxZ6M= + github.com/notdpate/evloghook v0.0.0-20180503050227-f202fa6c9ebb/go.mod h1:ukoRZyzBppMQypxM7KqEvHc4DB5uNW6NXFp1sVeXamM= + github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= + github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= + github.com/pelletier/go-toml v1.4.0 h1:u3Z1r+oOXJIkxqw34zVhyPgjBsm6X2wn21NWs/HfSeg= + github.com/pelletier/go-toml v1.4.0/go.mod h1:PN7xzY2wHTK0K9p34ErDQMlFxa51Fk0OUruD3k1mMwo= + github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= ++github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= + github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= + github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= + github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= +@@ -107,6 +115,7 @@ github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/y + github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= + github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= + github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= ++github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= + github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= + github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= + github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= +@@ -156,6 +165,7 @@ google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ij + gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= + gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= + gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= ++gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= + gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= + gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= + gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= + + diff --git a/pkgs/tools/security/yubihsm-shell/default.nix b/pkgs/tools/security/yubihsm-shell/default.nix new file mode 100644 index 0000000000000..06a1452400de5 --- /dev/null +++ b/pkgs/tools/security/yubihsm-shell/default.nix @@ -0,0 +1,59 @@ +{ lib +, stdenv +, fetchFromGitHub +, cmake +, openssl +, libusb1 +, libedit +, curl +, gengetopt +, pkg-config +, pcsclite +, help2man +}: + +stdenv.mkDerivation rec { + pname = "yubihsm-shell"; + version = "2.3.1"; + + src = fetchFromGitHub { + owner = "Yubico"; + repo = "yubihsm-shell"; + rev = version; + sha256 = "D0kXiwc+i6mKA4oHuHjgXUmLMsmY5o/VI+1aCWtNjC0="; + }; + + nativeBuildInputs = [ + pkg-config + cmake + help2man + gengetopt + ]; + + buildInputs = [ + libusb1 + libedit + curl + pcsclite + openssl + ]; + + cmakeFlags = [ + # help2man fails without this + "-DCMAKE_SKIP_BUILD_RPATH=OFF" + ]; + + postPatch = '' + # Can't find libyubihsm at runtime because of dlopen() in C code + substituteInPlace lib/yubihsm.c \ + --replace "libyubihsm_usb.so" "$out/lib/libyubihsm_usb.so" \ + --replace "libyubihsm_http.so" "$out/lib/libyubihsm_http.so" + ''; + + meta = with lib; { + description = "yubihsm-shell and libyubihsm"; + homepage = "https://github.com/Yubico/yubihsm-shell"; + maintainers = with maintainers; [ matthewcroughan ]; + license = licenses.asl20; + }; +} |