diff options
-rw-r--r-- | nixos/modules/misc/nixpkgs.nix | 1 | ||||
-rw-r--r-- | pkgs/tools/networking/openssh/default.nix | 14 | ||||
-rw-r--r-- | pkgs/top-level/aliases.nix | 1 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 3 |
4 files changed, 13 insertions, 6 deletions
diff --git a/nixos/modules/misc/nixpkgs.nix b/nixos/modules/misc/nixpkgs.nix index 6eb42494124..1793c1447d6 100644 --- a/nixos/modules/misc/nixpkgs.nix +++ b/nixos/modules/misc/nixpkgs.nix @@ -69,6 +69,7 @@ in [ (self: super: { openssh = super.openssh.override { hpnSupport = true; + withKerberos = true; kerberos = self.libkrb5; }; }; diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix index 1c135cd36f4..663e7be7e5f 100644 --- a/pkgs/tools/networking/openssh/default.nix +++ b/pkgs/tools/networking/openssh/default.nix @@ -1,12 +1,15 @@ { stdenv, fetchurl, fetchpatch, zlib, openssl, perl, libedit, pkgconfig, pam, autoreconfHook , etcDir ? null , hpnSupport ? false -, withKerberos ? true +, withKerberos ? false , withGssapiPatches ? false , kerberos , linkOpenssl? true }: +assert withKerberos -> kerberos != null; +assert withGssapiPatches -> withKerberos; + let # **please** update this patch when you update to a new openssh release. @@ -20,6 +23,8 @@ let in with stdenv.lib; stdenv.mkDerivation rec { + # Please ensure that openssh_with_kerberos still builds when + # bumping the version here! name = "openssh-${version}"; version = if hpnSupport then "7.5p1" else "7.6p1"; @@ -42,7 +47,7 @@ stdenv.mkDerivation rec { # See discussion in https://github.com/NixOS/nixpkgs/pull/16966 ./dont_create_privsep_path.patch ] - ++ optional withGssapiPatches (assert withKerberos; gssapiPatch); + ++ optional withGssapiPatches gssapiPatch; postPatch = # On Hydra this makes installation fail (sometimes?), @@ -54,8 +59,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig ]; buildInputs = [ zlib openssl libedit pam ] ++ optional withKerberos kerberos - ++ optional hpnSupport autoreconfHook - ; + ++ optional hpnSupport autoreconfHook; preConfigure = '' # Setting LD causes `configure' and `make' to disagree about which linker @@ -74,7 +78,7 @@ stdenv.mkDerivation rec { "--disable-strip" (if pam != null then "--with-pam" else "--without-pam") ] ++ optional (etcDir != null) "--sysconfdir=${etcDir}" - ++ optional withKerberos (assert kerberos != null; "--with-kerberos5=${kerberos}") + ++ optional withKerberos "--with-kerberos5=${kerberos}" ++ optional stdenv.isDarwin "--disable-libutil" ++ optional (!linkOpenssl) "--without-openssl"; diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 7d371881f94..ef49fceab72 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -142,7 +142,6 @@ mapAliases (rec { rdmd = dtools; # added 2017-08-19 robomongo = robo3t; #added 2017-09-28 rssglx = rss-glx; #added 2015-03-25 - openssh_with_kerberos = openssh; # added 2018-01-28 rubygems = throw "deprecated 2016-03-02: rubygems is now bundled with ruby"; rxvt_unicode_with-plugins = rxvt_unicode-with-plugins; # added 2015-04-02 samsungUnifiedLinuxDriver = samsung-unified-linux-driver; # added 2016-01-25 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index e3f51436b33..bd1855b0015 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3882,12 +3882,15 @@ with pkgs; openssh = callPackage ../tools/networking/openssh { hpnSupport = false; + withKerberos = stdenv.isDarwin; etcDir = "/etc/ssh"; pam = if stdenv.isLinux then pam else null; }; openssh_hpn = pkgs.appendToName "with-hpn" (openssh.override { hpnSupport = true; }); + openssh_with_kerberos = pkgs.appendToName "with-kerberos" (openssh.override { withKerberos = true; }); + opensp = callPackage ../tools/text/sgml/opensp { }; opentracker = callPackage ../applications/networking/p2p/opentracker { }; |