pkgs/servers/rpcbind/default.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

{ fetchurl, stdenv, pkgconfig, libnsl, libtirpc, fetchpatch
, useSystemd ? true, systemd }:

stdenv.mkDerivation rec {
  name = "rpcbind-${version}";
  version = "1.2.5";

  src = fetchurl {
    url = "mirror://sourceforge/rpcbind/${version}/${name}.tar.bz2";
    sha256 = "0ynszy5hpc7wbz8xngqwyhgbi9cay73y43izqhcmrcv375l61qrc";
  };

  patches = [
    ./sunrpc.patch
    (fetchpatch {
      name = "CVE-2017-8779.patch";
      url = "https://raw.githubusercontent.com/guidovranken/rpcbomb/e6da9e489aa8ad000b0ad5ac9abc5b4eefc3a769/rpcbind_patch.txt";
      sha256 = "0w231w8fxihgrn526np078j3vbj3ylvjvxjmfpjvqhga5zg821ab";
    })
  ];

  buildInputs = [ libnsl libtirpc ]
             ++ stdenv.lib.optional useSystemd systemd;

  configureFlags = [
    "--with-systemdsystemunitdir=${if useSystemd then "$(out)/etc/systemd/system" else "no"}"
    "--enable-warmstarts"
    "--with-rpcuser=rpc"
  ];

  nativeBuildInputs = [ pkgconfig ];

  meta = with stdenv.lib; {
    description = "ONC RPC portmapper";
    license = licenses.bsd3;
    platforms = platforms.unix;
    homepage = https://sourceforge.net/projects/rpcbind/;
    maintainers = with maintainers; [ abbradar ];
    longDescription = ''
      Universal addresses to RPC program number mapper.
    '';
  };
}