diff options
Diffstat (limited to 'pkgs/os-specific/linux/pam_ssh_agent_auth/default.nix')
| -rw-r--r-- | pkgs/os-specific/linux/pam_ssh_agent_auth/default.nix | 73 |
1 files changed, 40 insertions, 33 deletions
diff --git a/pkgs/os-specific/linux/pam_ssh_agent_auth/default.nix b/pkgs/os-specific/linux/pam_ssh_agent_auth/default.nix index 3ab1ae28a7b..f28cb28ef37 100644 --- a/pkgs/os-specific/linux/pam_ssh_agent_auth/default.nix +++ b/pkgs/os-specific/linux/pam_ssh_agent_auth/default.nix @@ -1,48 +1,55 @@ -{ stdenv, fetchpatch, fetchurl, pam, openssl, perl }: +{ lib, stdenv, fetchpatch, fetchFromGitHub, pam, openssl, perl }: stdenv.mkDerivation rec { - name = "pam_ssh_agent_auth-0.10.3"; + pname = "pam_ssh_agent_auth"; + version = "0.10.4"; - src = fetchurl { - url = "mirror://sourceforge/pamsshagentauth/${name}.tar.bz2"; - sha256 = "0qx78x7nvqdscyp04hfijl4rgyf64xy03prr28hipvgasrcd6lrw"; + src = fetchFromGitHub { + owner = "jbeverly"; + repo = "pam_ssh_agent_auth"; + rev = "pam_ssh_agent_auth-${version}"; + sha256 = "YD1R8Cox0UoNiuWleKGzWSzxJ5lhDRCB2mZPp9OM6Cs="; }; - patches = - [ # Allow multiple colon-separated authorized keys files to be - # specified in the file= option. - ./multiple-key-files.patch - (fetchpatch { - name = "openssl-1.1.1-1.patch"; - url = "https://sources.debian.org/data/main/p/pam-ssh-agent-auth/0.10.3-3/debian/patches/openssl-1.1.1-1.patch"; - sha256 = "1ndp5j4xfhzshhnl345gb4mkldx6vjfa7284xgng6ikhzpc6y7pf"; - }) - (fetchpatch { - name = "openssl-1.1.1-2.patch"; - url = "https://sources.debian.org/data/main/p/pam-ssh-agent-auth/0.10.3-3/debian/patches/openssl-1.1.1-2.patch"; - sha256 = "0ksrs4xr417by8klf7862n3dircvnw30an1akq4pnsd3ichscmww"; - }) - ]; + ed25519-donna = fetchFromGitHub { + owner = "floodyberry"; + repo = "ed25519-donna"; + rev = "8757bd4cd209cb032853ece0ce413f122eef212c"; + sha256 = "ETFpIaWQnlYG8ZuDG2dNjUJddlvibB4ukHquTFn3NZM="; + }; buildInputs = [ pam openssl perl ]; - # It's not clear to me why this is necessary, but without it, you see: - # - # checking OpenSSL header version... 1010104f (OpenSSL 1.1.1d 10 Sep 2019) - # checking OpenSSL library version... 1010104f (OpenSSL 1.1.1d 10 Sep 2019) - # checking whether OpenSSL's headers match the library... no - # configure: WARNING: Your OpenSSL headers do not match your - # library. Check config.log for details. - # - # ...despite the fact that clearly the values match - configureFlags = [ "--without-openssl-header-check" ]; + patches = [ + # Allow multiple colon-separated authorized keys files to be + # specified in the file= option. + ./multiple-key-files.patch + ./edcsa-crash-fix.patch + ]; + + configureFlags = [ + # It's not clear to me why this is necessary, but without it, you see: + # + # checking OpenSSL header version... 1010108f (OpenSSL 1.1.1h 22 Sep 2020) + # checking OpenSSL library version... 1010108f (OpenSSL 1.1.1h 22 Sep 2020) + # checking whether OpenSSL's headers match the library... no + # configure: WARNING: Your OpenSSL headers do not match your + # library. Check config.log for details. + # + # ...despite the fact that clearly the values match + "--without-openssl-header-check" + # Make sure it can find ed25519-donna + "--with-cflags=-I$PWD" + ]; + + prePatch = "cp -r ${ed25519-donna}/. ed25519-donna/."; enableParallelBuilding = true; meta = { - homepage = "http://pamsshagentauth.sourceforge.net/"; + homepage = "https://github.com/jbeverly/pam_ssh_agent_auth"; description = "PAM module for authentication through the SSH agent"; - maintainers = [ stdenv.lib.maintainers.eelco ]; - platforms = stdenv.lib.platforms.linux; + maintainers = [ lib.maintainers.eelco ]; + platforms = lib.platforms.linux; }; } |