pkgs/development/libraries/xmlsec/default.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

{ stdenv, fetchurl, libxml2, gnutls, libxslt, pkg-config, libgcrypt, libtool
# nss_3_53 is used instead of the latest due to a number of issues:
# https://github.com/lsh123/xmlsec/issues?q=is%3Aissue+is%3Aopen+nss
, openssl, nss_3_53, lib, runCommandCC, writeText }:

lib.fix (self:
stdenv.mkDerivation rec {
  pname = "xmlsec";
  version = "1.2.31";

  src = fetchurl {
    url = "https://www.aleksey.com/xmlsec/download/xmlsec1-${version}.tar.gz";
    sha256 = "mxC8Uswx5PdhYuOXXlDbJrcatJxXHYELMRymJr5aCyY=";
  };

  patches = [
    ./lt_dladdsearchdir.patch
  ] ++ lib.optionals stdenv.isDarwin [ ./remove_bsd_base64_decode_flag.patch ];
  postPatch = ''
    substituteAllInPlace src/dl.c
  '';

  outputs = [ "out" "dev" ];

  nativeBuildInputs = [ pkg-config ];

  buildInputs = [ libxml2 gnutls libxslt libgcrypt libtool openssl nss_3_53 ];

  enableParallelBuilding = true;
  doCheck = true;
  checkInputs = [ nss_3_53.tools ];
  preCheck = ''
  substituteInPlace tests/testrun.sh \
    --replace 'timestamp=`date +%Y%m%d_%H%M%S`' 'timestamp=19700101_000000' \
    --replace 'TMPFOLDER=/tmp' '$(mktemp -d)'
  '';

  # enable deprecated soap headers required by lasso
  # https://dev.entrouvert.org/issues/18771
  configureFlags = [ "--enable-soap" ];

  # otherwise libxmlsec1-gnutls.so won't find libgcrypt.so, after #909
  NIX_LDFLAGS = "-lgcrypt";

  postInstall = ''
    moveToOutput "bin/xmlsec1-config" "$dev"
    moveToOutput "lib/xmlsec1Conf.sh" "$dev"
  '';

  passthru.tests.libxmlsec1-crypto = runCommandCC "libxmlsec1-crypto-test"
    {
      nativeBuildInputs = [ pkg-config ];
      buildInputs = [ self libxml2 libxslt libtool ];
    } ''
    $CC $(pkg-config --cflags --libs xmlsec1) -o crypto-test ${writeText "crypto-test.c" ''
      #include <xmlsec/xmlsec.h>
      #include <xmlsec/crypto.h>

      int main(int argc, char **argv) {
        return xmlSecInit() ||
          xmlSecCryptoDLLoadLibrary(argc > 1 ? argv[1] : 0) ||
          xmlSecCryptoInit();
      }
    ''}

    for crypto in "" gcrypt gnutls nss openssl; do
      ./crypto-test $crypto
    done
    touch $out
  '';

  meta = {
    homepage = "http://www.aleksey.com/xmlsec";
    downloadPage = "https://www.aleksey.com/xmlsec/download.html";
    description = "XML Security Library in C based on libxml2";
    license = lib.licenses.mit;
    platforms = with lib.platforms; linux ++ darwin;
    updateWalker = true;
  };
}
)