diff options
author | Frederik Rietdijk <fridh@fridh.nl> | 2019-04-30 15:52:19 +0200 |
---|---|---|
committer | Frederik Rietdijk <fridh@fridh.nl> | 2019-04-30 15:52:19 +0200 |
commit | 3462fe27d9232c6e7e3472dc7fcc4c1561f9166d (patch) | |
tree | 5de7964838367fd02aef2b55ac7cb3e67ab7ddf9 /pkgs/tools/security | |
parent | 84a15876a3a9f92b6ba53a7ac18a7fd96f405bf9 (diff) | |
parent | 2e7c7dad92f4967c90c37a59894a301e2d073daf (diff) | |
download | nixpkgs-3462fe27d9232c6e7e3472dc7fcc4c1561f9166d.tar nixpkgs-3462fe27d9232c6e7e3472dc7fcc4c1561f9166d.tar.gz nixpkgs-3462fe27d9232c6e7e3472dc7fcc4c1561f9166d.tar.bz2 nixpkgs-3462fe27d9232c6e7e3472dc7fcc4c1561f9166d.tar.lz nixpkgs-3462fe27d9232c6e7e3472dc7fcc4c1561f9166d.tar.xz nixpkgs-3462fe27d9232c6e7e3472dc7fcc4c1561f9166d.tar.zst nixpkgs-3462fe27d9232c6e7e3472dc7fcc4c1561f9166d.zip |
Merge staging-next into staging
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r-- | pkgs/tools/security/browserpass/2.nix | 43 | ||||
-rw-r--r-- | pkgs/tools/security/browserpass/2deps.nix | 39 | ||||
-rw-r--r-- | pkgs/tools/security/browserpass/default.nix | 27 | ||||
-rw-r--r-- | pkgs/tools/security/browserpass/deps.nix | 93 | ||||
-rw-r--r-- | pkgs/tools/security/kwalletcli/default.nix | 50 | ||||
-rw-r--r-- | pkgs/tools/security/mfoc/default.nix | 27 | ||||
-rw-r--r-- | pkgs/tools/security/mfoc/mf_mini.patch | 96 |
7 files changed, 51 insertions, 324 deletions
diff --git a/pkgs/tools/security/browserpass/2.nix b/pkgs/tools/security/browserpass/2.nix deleted file mode 100644 index fdbd757449a..00000000000 --- a/pkgs/tools/security/browserpass/2.nix +++ /dev/null @@ -1,43 +0,0 @@ -# This file was generated by https://github.com/kamilchm/go2nix v1.2.1 -{ stdenv, buildGoPackage, fetchFromGitHub, gnupg }: - -buildGoPackage rec { - name = "browserpass-${version}"; - version = "2.0.22"; - - goPackagePath = "github.com/dannyvankooten/browserpass"; - - goDeps = ./2deps.nix; - - src = fetchFromGitHub { - repo = "browserpass"; - owner = "dannyvankooten"; - rev = version; - sha256 = "05cacrx08k99c5zra7ksdik9xxn3vih3x6in7536zs5gm55mkbfx"; - }; - - postPatch = '' - substituteInPlace browserpass.go \ - --replace /usr/local/bin/gpg ${gnupg}/bin/gpg - ''; - - postInstall = '' - host_file="$bin/bin/browserpass" - mkdir -p "$bin/etc" - - sed -e "s!%%replace%%!$host_file!" go/src/${goPackagePath}/chrome/host.json > chrome-host.json - sed -e "s!%%replace%%!$host_file!" go/src/${goPackagePath}/firefox/host.json > firefox-host.json - - install chrome-host.json $bin/etc/ - install -D firefox-host.json $bin/lib/mozilla/native-messaging-hosts/com.dannyvankooten.browserpass.json - install go/src/${goPackagePath}/chrome/policy.json $bin/etc/chrome-policy.json - ''; - - meta = with stdenv.lib; { - description = "A Chrome & Firefox extension for zx2c4's pass"; - homepage = https://github.com/dannyvankooten/browserpass; - license = licenses.mit; - platforms = with platforms; linux ++ darwin ++ openbsd; - maintainers = with maintainers; [ rvolosatovs ]; - }; -} diff --git a/pkgs/tools/security/browserpass/2deps.nix b/pkgs/tools/security/browserpass/2deps.nix deleted file mode 100644 index 631463a69d1..00000000000 --- a/pkgs/tools/security/browserpass/2deps.nix +++ /dev/null @@ -1,39 +0,0 @@ -# This file was generated by https://github.com/kamilchm/go2nix v1.2.1 -[ - { - goPackagePath = "github.com/gokyle/twofactor"; - fetch = { - type = "git"; - url = "https://github.com/gokyle/twofactor"; - rev = "eaad1884d40f9cabff98a57a524c17afd00c9fe7"; - sha256 = "07kvga6f2b56kpy52a3xk16garvlqz950s350dax97x7cayba95g"; - }; - } - { - goPackagePath = "github.com/mattn/go-zglob"; - fetch = { - type = "git"; - url = "https://github.com/mattn/go-zglob"; - rev = "4959821b481786922ac53e7ef25c61ae19fb7c36"; - sha256 = "0rwkdw143kphpmingsrw1zp030zf3p08f64h347jpdm4lz8z5449"; - }; - } - { - goPackagePath = "github.com/sahilm/fuzzy"; - fetch = { - type = "git"; - url = "https://github.com/sahilm/fuzzy"; - rev = "a154b19bb758dcdd6ede58dc11ea53c2950527b2"; - sha256 = "0jkw6474d5ik2fq2zznqxj4y3p42z47r7mbg856ln5wyara2sg0l"; - }; - } - { - goPackagePath = "rsc.io/qr"; - fetch = { - type = "git"; - url = "https://github.com/rsc/qr"; - rev = "48b2ede4844e13f1a2b7ce4d2529c9af7e359fc5"; - sha256 = "1npxy32glnkvsp0871972jzjzgkwaqmbv6jsj9wgqsa1s2jr004p"; - }; - } -] diff --git a/pkgs/tools/security/browserpass/default.nix b/pkgs/tools/security/browserpass/default.nix index 055444d5566..4e602804405 100644 --- a/pkgs/tools/security/browserpass/default.nix +++ b/pkgs/tools/security/browserpass/default.nix @@ -1,12 +1,5 @@ -{ lib, callPackage, buildGoPackage, fetchFromGitHub, makeWrapper, gnupg }: -let - # For backwards compatibility with v2 of the browser extension, we embed v2 - # of the native host in v3. Because the extension will auto-update when it - # is released, this code can be removed from that point on. - # Don't forget to remove v2 references down below and the v2 files in this - # folder - v2 = callPackage ./2.nix {}; -in buildGoPackage rec { +{ lib, callPackage, buildGoModule, fetchFromGitHub, makeWrapper, gnupg }: +buildGoModule rec { pname = "browserpass"; version = "3.0.6"; @@ -19,8 +12,7 @@ in buildGoPackage rec { nativeBuildInputs = [ makeWrapper ]; - goPackagePath = "github.com/browserpass/browserpass-native"; - goDeps = ./deps.nix; + modSha256 = "13yw7idgw8l48yvm4jjha0kbx6q22m2zp13y006mikavynqsr5kj"; postPatch = '' # Because this Makefile will be installed to be used by the user, patch @@ -31,10 +23,9 @@ in buildGoPackage rec { sed -i -e 's/INSTALL :=.*/INSTALL := install/' Makefile ''; - DESTDIR = placeholder "bin"; + DESTDIR = placeholder "out"; postConfigure = '' - cd "go/src/$goPackagePath" make configure ''; @@ -45,16 +36,12 @@ in buildGoPackage rec { installPhase = '' make install - wrapProgram $bin/bin/browserpass \ + wrapProgram $out/bin/browserpass \ --suffix PATH : ${lib.makeBinPath [ gnupg ]} # This path is used by our firefox wrapper for finding native messaging hosts - mkdir -p $bin/lib/mozilla/native-messaging-hosts - ln -s $bin/lib/browserpass/hosts/firefox/*.json $bin/lib/mozilla/native-messaging-hosts - - # These can be removed too, see comment up top - ln -s ${lib.getBin v2}/etc $bin/etc - ln -s ${lib.getBin v2}/lib/mozilla/native-messaging-hosts/* $bin/lib/mozilla/native-messaging-hosts + mkdir -p $out/lib/mozilla/native-messaging-hosts + ln -s $out/lib/browserpass/hosts/firefox/*.json $out/lib/mozilla/native-messaging-hosts ''; meta = with lib; { diff --git a/pkgs/tools/security/browserpass/deps.nix b/pkgs/tools/security/browserpass/deps.nix deleted file mode 100644 index 334a189ad40..00000000000 --- a/pkgs/tools/security/browserpass/deps.nix +++ /dev/null @@ -1,93 +0,0 @@ -# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix) -[ - { - goPackagePath = "github.com/davecgh/go-spew"; - fetch = { - type = "git"; - url = "https://github.com/davecgh/go-spew"; - rev = "v1.1.1"; - sha256 = "0hka6hmyvp701adzag2g26cxdj47g21x6jz4sc6jjz1mn59d474y"; - }; - } - { - goPackagePath = "github.com/konsorten/go-windows-terminal-sequences"; - fetch = { - type = "git"; - url = "https://github.com/konsorten/go-windows-terminal-sequences"; - rev = "v1.0.2"; - sha256 = "09mn209ika7ciy87xf2x31dq5fnqw39jidgaljvmqxwk7ff1hnx7"; - }; - } - { - goPackagePath = "github.com/mattn/go-zglob"; - fetch = { - type = "git"; - url = "https://github.com/mattn/go-zglob"; - rev = "v0.0.1"; - sha256 = "1sncdyq5fbd42al4amyy91h7vlzm3wm6c9vl8za2pjgfgsd581fz"; - }; - } - { - goPackagePath = "github.com/pmezard/go-difflib"; - fetch = { - type = "git"; - url = "https://github.com/pmezard/go-difflib"; - rev = "v1.0.0"; - sha256 = "0c1cn55m4rypmscgf0rrb88pn58j3ysvc2d0432dp3c6fqg6cnzw"; - }; - } - { - goPackagePath = "github.com/rifflock/lfshook"; - fetch = { - type = "git"; - url = "https://github.com/rifflock/lfshook"; - rev = "b9218ef580f5"; - sha256 = "0wxqjcjfg8c0klmdgmbw3ckagby3wg9rkga9ihd4fsf05x5scxrc"; - }; - } - { - goPackagePath = "github.com/sirupsen/logrus"; - fetch = { - type = "git"; - url = "https://github.com/sirupsen/logrus"; - rev = "v1.4.0"; - sha256 = "1y1qjcg19z7q9sy32rhc148kdql2aw7xkcm9d6r1blrl0mdgpx0w"; - }; - } - { - goPackagePath = "github.com/stretchr/objx"; - fetch = { - type = "git"; - url = "https://github.com/stretchr/objx"; - rev = "v0.1.1"; - sha256 = "0iph0qmpyqg4kwv8jsx6a56a7hhqq8swrazv40ycxk9rzr0s8yls"; - }; - } - { - goPackagePath = "github.com/stretchr/testify"; - fetch = { - type = "git"; - url = "https://github.com/stretchr/testify"; - rev = "v1.3.0"; - sha256 = "0wjchp2c8xbgcbbq32w3kvblk6q6yn533g78nxl6iskq6y95lxsy"; - }; - } - { - goPackagePath = "golang.org/x/crypto"; - fetch = { - type = "git"; - url = "https://go.googlesource.com/crypto"; - rev = "c2843e01d9a2"; - sha256 = "01xgxbj5r79nmisdvpq48zfy8pzaaj90bn6ngd4nf33j9ar1dp8r"; - }; - } - { - goPackagePath = "golang.org/x/sys"; - fetch = { - type = "git"; - url = "https://go.googlesource.com/sys"; - rev = "fead79001313"; - sha256 = "12vwl6sv6w7q0dyvynjhbp67242rhh77d6nlsb22ajr8rf17c63i"; - }; - } -] diff --git a/pkgs/tools/security/kwalletcli/default.nix b/pkgs/tools/security/kwalletcli/default.nix index 52e8ab8cf57..fedf3421fb1 100644 --- a/pkgs/tools/security/kwalletcli/default.nix +++ b/pkgs/tools/security/kwalletcli/default.nix @@ -1,48 +1,48 @@ -{ - mkDerivation, fetchurl, lib, - pkgconfig, - kcoreaddons, ki18n, kwallet, - mksh -}: - -let +{ mkDerivation, fetchFromGitHub, lib, makeWrapper, pkgconfig +, kcoreaddons, ki18n, kwallet, mksh, pinentry_qt5 }: + +mkDerivation rec { pname = "kwalletcli"; version = "3.02"; -in -mkDerivation rec { - name = "${pname}-${version}"; - src = fetchurl { - url = "https://www.mirbsd.org/MirOS/dist/hosted/kwalletcli/${name}.tar.gz"; - sha256 = "05njayi07996ljfl8a6frlk2s60grk5w27f0f445nmvd5n0bzgpn"; + src = fetchFromGitHub { + owner = "MirBSD"; + repo = pname; + rev = "${pname}-${lib.replaceStrings [ "." ] [ "_" ] version}"; + sha256 = "1gq45afb5nmmjfqxglv7wvcxcjd9822pc7nysq0350jmmmqwb474"; }; postPatch = '' substituteInPlace GNUmakefile \ - --replace '-I/usr/include/KF5/KCoreAddons' '-I${kcoreaddons.dev}/include/KF5/KCoreAddons' \ - --replace '-I/usr/include/KF5/KI18n' '-I${ki18n.dev}/include/KF5/KI18n' \ - --replace '-I/usr/include/KF5/KWallet' '-I${kwallet.dev}/include/KF5/KWallet' \ - --replace /usr/bin $out/bin \ - --replace /usr/share/man $out/share/man + --replace -I/usr/include/KF5/KCoreAddons -I${kcoreaddons.dev}/include/KF5/KCoreAddons \ + --replace -I/usr/include/KF5/KI18n -I${ki18n.dev}/include/KF5/KI18n \ + --replace -I/usr/include/KF5/KWallet -I${kwallet.dev}/include/KF5/KWallet \ + --replace /usr/bin $out/bin \ + --replace /usr/share/man $out/share/man + + substituteInPlace pinentry-kwallet \ + --replace '/usr/bin/env mksh' ${mksh}/bin/mksh ''; makeFlags = [ "KDE_VER=5" ]; - # we need this when building against qt 5.8+ - NIX_CFLAGS_COMPILE = [ "-std=c++11" ]; - - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ makeWrapper pkgconfig ]; # if using just kwallet, cmake will be added as a buildInput and fail the build propagatedBuildInputs = [ kcoreaddons ki18n (lib.getLib kwallet) ]; - propagatedUserEnvPkgs = [ mksh ]; preInstall = '' mkdir -p $out/bin $out/share/man/man1 ''; + postInstall = '' + wrapProgram $out/bin/pinentry-kwallet \ + --prefix PATH : $out/bin:${lib.makeBinPath [ pinentry_qt5 ]} \ + --set-default PINENTRY pinentry-qt + ''; + meta = with lib; { description = "Command-Line Interface to the KDE Wallet"; - homepage = http://www.mirbsd.org/kwalletcli.htm; + homepage = https://www.mirbsd.org/kwalletcli.htm; license = licenses.miros; maintainers = with maintainers; [ peterhoeg ]; }; diff --git a/pkgs/tools/security/mfoc/default.nix b/pkgs/tools/security/mfoc/default.nix index 278818e88b5..1ae18e34353 100644 --- a/pkgs/tools/security/mfoc/default.nix +++ b/pkgs/tools/security/mfoc/default.nix @@ -1,17 +1,28 @@ -{ stdenv, fetchurl, pkgconfig, libnfc }: +{ stdenv, fetchFromGitHub, fetchpatch, autoreconfHook, pkgconfig, libnfc }: stdenv.mkDerivation rec { - name = "mfoc-${version}"; - version = "0.10.6"; + pname = "mfoc"; + version = "0.10.7"; - src = fetchurl { - url = "https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/mfoc/${name}.tar.gz"; - sha1 = "3adce3029dce9124ff3bc7d0fad86fa0c374a9e3"; + src = fetchFromGitHub { + owner = "nfc-tools"; + repo = pname; + rev = "${pname}-${version}"; + sha256 = "0hbg1fn4000qdg1cfc7y8l0vh1mxlxcz7gapkcq54xp2l6kk1z65"; }; - patches = [./mf_mini.patch]; + patches = [ + (fetchpatch { + url = "https://github.com/nfc-tools/mfoc/commit/f13efb0a6deb1d97ba945d555a6a5d6be89b593f.patch"; + sha256 = "109gqzp8rdsjvj0nra686vy0dpd2bl6q5v9m4v98cpxkbz496450"; + }) + (fetchpatch { + url = "https://github.com/nfc-tools/mfoc/commit/00eae36f891bc4580103e3b54f0bb5228af2cdef.patch"; + sha256 = "1w56aj96g776f37j53jmf3hk21x4mqik3l2bmghrdp8drixc8bzk"; + }) + ]; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ autoreconfHook pkgconfig ]; buildInputs = [ libnfc ]; meta = with stdenv.lib; { diff --git a/pkgs/tools/security/mfoc/mf_mini.patch b/pkgs/tools/security/mfoc/mf_mini.patch deleted file mode 100644 index 02bd656d602..00000000000 --- a/pkgs/tools/security/mfoc/mf_mini.patch +++ /dev/null @@ -1,96 +0,0 @@ -diff --git a/src/mfoc.c b/src/mfoc.c -index 0cb917d..195de68 100644 ---- a/src/mfoc.c -+++ b/src/mfoc.c -@@ -93,8 +93,8 @@ int main(int argc, char *const argv[]) - {0x58, 0x7e, 0xe5, 0xf9, 0x35, 0x0f}, - {0xa0, 0x47, 0x8c, 0xc3, 0x90, 0x91}, - {0x53, 0x3c, 0xb6, 0xc7, 0x23, 0xf6}, -- {0x8f, 0xd0, 0xa4, 0xf2, 0x56, 0xe9} -- -+ {0x8f, 0xd0, 0xa4, 0xf2, 0x56, 0xe9}, -+ {0xb4, 0xc1, 0x32, 0x43, 0x9e, 0xef} - }; - - mftag t; -@@ -219,12 +219,31 @@ int main(int argc, char *const argv[]) - goto error; - } - -- // Save tag's block size (b4K) -- t.b4K = (t.nt.nti.nai.abtAtqa[1] == 0x02); - t.authuid = (uint32_t) bytes_to_num(t.nt.nti.nai.abtUid + t.nt.nti.nai.szUidLen - 4, 4); - -- t.num_blocks = (t.b4K) ? 0xff : 0x3f; -- t.num_sectors = t.b4K ? NR_TRAILERS_4k : NR_TRAILERS_1k; -+ // Get Mifare Classic type from SAK -+ // see http://www.nxp.com/documents/application_note/AN10833.pdf Section 3.2 -+ switch (t.nt.nti.nai.btSak) -+ { -+ case 0x08: -+ printf("Found Mifare Classic 1k tag\n"); -+ t.num_sectors = NR_TRAILERS_1k; -+ t.num_blocks = NR_BLOCKS_1k; -+ break; -+ case 0x09: -+ printf("Found Mifare Classic Mini tag\n"); -+ t.num_sectors = NR_TRAILERS_MINI; -+ t.num_blocks = NR_BLOCKS_MINI; -+ break; -+ case 0x18: -+ printf("Found Mifare Classic 4k tag\n"); -+ t.num_sectors = NR_TRAILERS_4k; -+ t.num_blocks = NR_BLOCKS_4k; -+ break; -+ defaul: -+ ERR("Cannot determine card type from SAK"); -+ goto error; -+ } - - t.sectors = (void *) calloc(t.num_sectors, sizeof(sector)); - if (t.sectors == NULL) { -@@ -564,7 +583,7 @@ void usage(FILE *stream, int errno) - fprintf(stream, " k try the specified key in addition to the default keys\n"); - // fprintf(stream, " D number of distance probes, default is 20\n"); - // fprintf(stream, " S number of sets with keystreams, default is 5\n"); -- fprintf(stream, " P number of probes per sector, instead of default of 20\n"); -+ fprintf(stream, " P number of probes per sector, instead of default of 150\n"); - fprintf(stream, " T nonce tolerance half-range, instead of default of 20\n (i.e., 40 for the total range, in both directions)\n"); - // fprintf(stream, " s specify the list of sectors to crack, for example -s 0,1,3,5\n"); - fprintf(stream, " O file in which the card contents will be written (REQUIRED)\n"); -diff --git a/src/mfoc.h b/src/mfoc.h -index b411670..532e834 100644 ---- a/src/mfoc.h -+++ b/src/mfoc.h -@@ -2,11 +2,21 @@ - #define TRY_KEYS 50 - - // Number of trailers == number of sectors --// 16x64b = 16 -+// Mifare Classic 1k 16x64b = 16 - #define NR_TRAILERS_1k (16) --// 32x64b + 8*256b = 40 -+// Mifare Classic Mini -+#define NR_TRAILERS_MINI (5) -+// Mifare Classic 4k 32x64b + 8*256b = 40 - #define NR_TRAILERS_4k (40) - -+// Number of blocks -+// Mifare Classic 1k -+#define NR_BLOCKS_1k 0x3f -+// Mifare Classic Mini -+#define NR_BLOCKS_MINI 0x13 -+// Mifare Classic 4k -+#define NR_BLOCKS_4k 0xff -+ - #define MAX_FRAME_LEN 264 - - // Used for counting nonce distances, explore [nd-value, nd+value] -@@ -46,7 +56,6 @@ typedef struct { - uint8_t num_sectors; - uint8_t num_blocks; - uint32_t authuid; -- bool b4K; - } mftag; - - typedef struct { |