diff options
| author | Peter Hoeg <peter@hoeg.com> | 2018-12-06 17:53:53 +0800 |
|---|---|---|
| committer | Peter Hoeg <peter@hoeg.com> | 2018-12-06 17:53:53 +0800 |
| commit | 078b742a018a912fa73b0ffa4e50bee7a97bd1f4 (patch) | |
| tree | e1b38bc19b6fe3fde70b780f8d26194c0664ebb1 /pkgs/servers/ftp | |
| parent | 7c73f53d836af32624468e8de7730be1f033667c (diff) | |
| download | nixpkgs-078b742a018a912fa73b0ffa4e50bee7a97bd1f4.tar nixpkgs-078b742a018a912fa73b0ffa4e50bee7a97bd1f4.tar.gz nixpkgs-078b742a018a912fa73b0ffa4e50bee7a97bd1f4.tar.bz2 nixpkgs-078b742a018a912fa73b0ffa4e50bee7a97bd1f4.tar.lz nixpkgs-078b742a018a912fa73b0ffa4e50bee7a97bd1f4.tar.xz nixpkgs-078b742a018a912fa73b0ffa4e50bee7a97bd1f4.tar.zst nixpkgs-078b742a018a912fa73b0ffa4e50bee7a97bd1f4.zip | |
vsftpd: compile with OpenSSL for SSL support
SSL support was selectable via a flag, but as we are bound to have OpenSSL on the machine anyway, it really doesn't make sense to not compile in support. Did a bunch of cleanups too.
Diffstat (limited to 'pkgs/servers/ftp')
| -rw-r--r-- | pkgs/servers/ftp/vsftpd/default.nix | 49 |
1 files changed, 17 insertions, 32 deletions
diff --git a/pkgs/servers/ftp/vsftpd/default.nix b/pkgs/servers/ftp/vsftpd/default.nix index cc7493f9533..1ef624f2a41 100644 --- a/pkgs/servers/ftp/vsftpd/default.nix +++ b/pkgs/servers/ftp/vsftpd/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, openssl, sslEnable ? false, libcap, pam }: +{ stdenv, fetchurl, libcap, openssl, pam }: stdenv.mkDerivation rec { name = "vsftpd-3.0.3"; @@ -8,44 +8,29 @@ stdenv.mkDerivation rec { sha256 = "1xsyjn68k3fgm2incpb3lz2nikffl9by2safp994i272wvv2nkcx"; }; + buildInputs = [ libcap openssl pam ]; + patches = [ ./CVE-2015-1419.patch ]; - preConfigure = stdenv.lib.optionalString sslEnable '' - echo "Will enable SSL" + postPatch = '' sed -i "/VSF_BUILD_SSL/s/^#undef/#define/" builddefs.h - ''; - - # The gcc-wrappers use -idirafter for glibc, and vsftpd also, and - # their dummyinc come before those of glibc, then the build works bad. - prePatch = '' - sed -i -e 's/-idirafter.*//' Makefile - ''; - preBuild = - let - sslLibs = if sslEnable then "-lcrypt -lssl -lcrypto" else ""; - in '' - makeFlagsArray=( "LIBS=${sslLibs} -lpam -lcap -fstack-protector" ) - ''; + substituteInPlace Makefile \ + --replace -dirafter "" \ + --replace /usr $out \ + --replace /etc $out/etc - # It won't link without this flag, used in CFLAGS - - buildInputs = [ openssl libcap pam ]; - - installPhase = '' - mkdir -pv $out/sbin - install -v -m 755 vsftpd $out/sbin/vsftpd + mkdir -p $out/sbin $out/man/man{5,8} + ''; - mkdir -pv $out/share/man/man{5,8} - install -v -m 644 vsftpd.8 $out/share/man/man8/vsftpd.8 - install -v -m 644 vsftpd.conf.5 $out/share/man/man5/vsftpd.conf.5 + NIX_LDFLAGS = "-lcrypt -lssl -lcrypto -lpam -lcap"; - mkdir -pv $out/etc/xinetd.d - install -v -m 644 xinetd.d/vsftpd $out/etc/xinetd.d/vsftpd - ''; + enableParallelBuilding = true; - meta = { - platforms = stdenv.lib.platforms.linux; - license = stdenv.lib.licenses.gpl2; + meta = with stdenv.lib; { + description = "A very secure FTP daemon"; + license = licenses.gpl2; + maintainers = with maintainers; [ peterhoeg ]; + platforms = platforms.linux; }; } |