blob: b87d11809b11a8f2624017dc91dafd4ed7601f44 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
{ lib, stdenv, fetchurl, libcap, openssl, pam }:
stdenv.mkDerivation rec {
name = "vsftpd-3.0.3";
src = fetchurl {
url = "https://security.appspot.com/downloads/${name}.tar.gz";
sha256 = "1xsyjn68k3fgm2incpb3lz2nikffl9by2safp994i272wvv2nkcx";
};
buildInputs = [ libcap openssl pam ];
patches = [ ./CVE-2015-1419.patch ];
postPatch = ''
sed -i "/VSF_BUILD_SSL/s/^#undef/#define/" builddefs.h
substituteInPlace Makefile \
--replace -dirafter "" \
--replace /usr $out \
--replace /etc $out/etc
mkdir -p $out/sbin $out/man/man{5,8}
'';
NIX_LDFLAGS = "-lcrypt -lssl -lcrypto -lpam -lcap";
# On gcc9, this would produce
# error: '-Werror=enum-conversion': no option -Wenum-conversion
NIX_CFLAGS_COMPILE = lib.optionalString (lib.versionAtLeast stdenv.cc.version "10")
"-Wno-error=enum-conversion";
enableParallelBuilding = true;
meta = with lib; {
description = "A very secure FTP daemon";
license = licenses.gpl2;
maintainers = with maintainers; [ peterhoeg ];
platforms = platforms.linux;
};
}
|