diff options
Diffstat (limited to 'pkgs/tools/security/rng-tools/default.nix')
-rw-r--r-- | pkgs/tools/security/rng-tools/default.nix | 62 |
1 files changed, 41 insertions, 21 deletions
diff --git a/pkgs/tools/security/rng-tools/default.nix b/pkgs/tools/security/rng-tools/default.nix index 47bf2c8297f..f77417aaaa4 100644 --- a/pkgs/tools/security/rng-tools/default.nix +++ b/pkgs/tools/security/rng-tools/default.nix @@ -1,44 +1,54 @@ -{ lib, stdenv, fetchFromGitHub, libtool, autoreconfHook, pkg-config -, sysfsutils -, argp-standalone +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, libtool +, pkg-config +, psmisc +, argp-standalone ? null +, openssl +, jitterentropy ? null, withJitterEntropy ? true # WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS # https://www.nist.gov/programs-projects/nist-randomness-beacon -, curl ? null, libxml2 ? null, openssl ? null, withNistBeacon ? false - # Systems that support RDRAND but not AES-NI require libgcrypt to use RDRAND as an entropy source -, libgcrypt ? null, withGcrypt ? true -, jitterentropy ? null, withJitterEntropy ? true +, curl ? null, jansson ? null, libxml2 ? null, withNistBeacon ? false , libp11 ? null, opensc ? null, withPkcs11 ? true +, librtlsdr ? null, withRtlsdr ? true }: +assert (stdenv.hostPlatform.isMusl) -> argp-standalone != null; +assert (withJitterEntropy) -> jitterentropy != null; +assert (withNistBeacon) -> curl != null && jansson != null && libxml2 != null; +assert (withPkcs11) -> libp11 != null && opensc != null; +assert (withRtlsdr) -> librtlsdr != null; + with lib; stdenv.mkDerivation rec { pname = "rng-tools"; - version = "6.11"; + version = "6.15"; src = fetchFromGitHub { owner = "nhorman"; - repo = "rng-tools"; + repo = pname; rev = "v${version}"; - sha256 = "sha256-qheJaeVX2zuv0mvKEd6wcbSHFjiJE0t5hVCJiRSKm3M="; + hash = "sha256-km+MEng3VWZF07sdvGLbAG/vf8/A1DxhA/Xa2Y+LAEQ="; }; nativeBuildInputs = [ autoreconfHook libtool pkg-config ]; configureFlags = [ - (withFeature withGcrypt "libgcrypt") - (enableFeature withJitterEntropy "jitterentropy") - (withFeature withNistBeacon "nistbeacon") - (withFeature withPkcs11 "pkcs11") + (enableFeature (withJitterEntropy) "jitterentropy") + (withFeature (withNistBeacon) "nistbeacon") + (withFeature (withPkcs11) "pkcs11") + (withFeature (withRtlsdr) "rtlsdr") ]; - # argp-standalone is only used when libc lacks argp parsing (musl) - buildInputs = [ sysfsutils ] - ++ optionals stdenv.hostPlatform.isx86_64 [ argp-standalone ] - ++ optionals withGcrypt [ libgcrypt ] - ++ optionals withJitterEntropy [ jitterentropy ] - ++ optionals withNistBeacon [ curl libxml2 openssl ] - ++ optionals withPkcs11 [ libp11 openssl ]; + buildInputs = [ openssl ] + ++ optionals (stdenv.hostPlatform.isMusl) [ argp-standalone ] + ++ optionals (withJitterEntropy) [ jitterentropy ] + ++ optionals (withNistBeacon) [ curl jansson libxml2 ] + ++ optionals (withPkcs11) [ libp11 openssl ] + ++ optionals (withRtlsdr) [ librtlsdr ]; enableParallelBuilding = true; @@ -50,10 +60,20 @@ stdenv.mkDerivation rec { doCheck = true; preCheck = "patchShebangs tests/*.sh"; + checkInputs = [ psmisc ]; # rngtestjitter.sh needs killall + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + set -o pipefail + $out/bin/rngtest --version | grep $version + runHook postInstallCheck + ''; meta = { description = "A random number generator daemon"; homepage = "https://github.com/nhorman/rng-tools"; + changelog = "https://github.com/nhorman/rng-tools/releases/tag/v${version}"; license = licenses.gpl2Plus; platforms = platforms.linux; maintainers = with maintainers; [ johnazoidberg c0bw3b ]; |