tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / by-name / op / openldap / package.nix
at devShellTools-shell 166 lines 4.1 kB view raw
1{ 2 lib, 3 stdenv, 4 fetchurl, 5 6 # dependencies 7 cyrus_sasl, 8 groff, 9 libsodium, 10 libtool, 11 openssl, 12 systemdMinimal, 13 libxcrypt, 14 15 # options 16 withModules ? !stdenv.hostPlatform.isStatic, 17 withSystemd ? lib.meta.availableOn stdenv.hostPlatform systemdMinimal, 18 19 # passthru 20 nixosTests, 21}: 22 23stdenv.mkDerivation rec { 24 pname = "openldap"; 25 version = "2.6.9"; 26 27 src = fetchurl { 28 url = "https://www.openldap.org/software/download/OpenLDAP/openldap-release/${pname}-${version}.tgz"; 29 hash = "sha256-LLfcc+nINA3/DZk1f7qleKvzDMZhnwUhlyxVVoHmsv8="; 30 }; 31 32 patches = [ 33 (fetchurl { 34 name = "test069-sleep.patch"; 35 url = "https://bugs.openldap.org/attachment.cgi?id=1051"; 36 hash = "sha256-9LcFTswMQojrwHD+PRvlnSrwrISCFcboHypBwoDIZc0="; 37 }) 38 ]; 39 40 # TODO: separate "out" and "bin" 41 outputs = [ 42 "out" 43 "dev" 44 "man" 45 "devdoc" 46 ]; 47 48 __darwinAllowLocalNetworking = true; 49 50 enableParallelBuilding = true; 51 52 nativeBuildInputs = [ 53 groff 54 ]; 55 56 buildInputs = [ 57 (cyrus_sasl.override { 58 inherit openssl; 59 }) 60 libtool 61 openssl 62 ] 63 ++ lib.optionals (stdenv.hostPlatform.isLinux) [ 64 libxcrypt # causes linking issues on *-darwin 65 ] 66 ++ lib.optionals withModules [ 67 libsodium 68 ] 69 ++ lib.optionals withSystemd [ 70 systemdMinimal 71 ]; 72 73 preConfigure = lib.optionalString (lib.versionAtLeast stdenv.hostPlatform.darwinMinVersion "11") '' 74 MACOSX_DEPLOYMENT_TARGET=10.16 75 ''; 76 77 configureFlags = [ 78 "--enable-crypt" 79 "--enable-overlays" 80 (lib.enableFeature withModules "argon2") 81 (lib.enableFeature withModules "modules") 82 ] 83 ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ 84 "--with-yielding_select=yes" 85 "ac_cv_func_memcmp_working=yes" 86 ] 87 ++ lib.optional stdenv.hostPlatform.isFreeBSD "--with-pic"; 88 89 env.NIX_CFLAGS_COMPILE = toString [ "-DLDAPI_SOCK=\"/run/openldap/ldapi\"" ]; 90 91 makeFlags = [ 92 "CC=${stdenv.cc.targetPrefix}cc" 93 "STRIP=" # Disable install stripping as it breaks cross-compiling. We strip binaries anyway in fixupPhase. 94 "STRIP_OPTS=" 95 "prefix=${placeholder "out"}" 96 "sysconfdir=/etc" 97 "systemdsystemunitdir=${placeholder "out"}/lib/systemd/system" 98 # contrib modules require these 99 "moduledir=${placeholder "out"}/lib/modules" 100 "mandir=${placeholder "out"}/share/man" 101 ]; 102 103 extraContribModules = [ 104 # https://git.openldap.org/openldap/openldap/-/tree/master/contrib/slapd-modules 105 "passwd/sha2" 106 "passwd/pbkdf2" 107 "passwd/totp" 108 ]; 109 110 postBuild = '' 111 for module in $extraContribModules; do 112 make $makeFlags CC=$CC -C contrib/slapd-modules/$module 113 done 114 ''; 115 116 preCheck = '' 117 substituteInPlace tests/scripts/all \ 118 --replace "/bin/rm" "rm" 119 120 # skip flaky tests 121 # https://bugs.openldap.org/show_bug.cgi?id=8623 122 rm -f tests/scripts/test022-ppolicy 123 124 rm -f tests/scripts/test063-delta-multiprovider 125 126 # https://bugs.openldap.org/show_bug.cgi?id=10009 127 # can probably be re-added once https://github.com/cyrusimap/cyrus-sasl/pull/772 128 # has made it to a release 129 rm -f tests/scripts/test076-authid-rewrite 130 ''; 131 132 doCheck = true; 133 134 # The directory is empty and serve no purpose. 135 preFixup = '' 136 rm -r $out/var 137 ''; 138 139 installFlags = [ 140 "prefix=${placeholder "out"}" 141 "sysconfdir=${placeholder "out"}/etc" 142 "moduledir=${placeholder "out"}/lib/modules" 143 "INSTALL=install" 144 ]; 145 146 postInstall = lib.optionalString withModules '' 147 for module in $extraContribModules; do 148 make $installFlags install -C contrib/slapd-modules/$module 149 done 150 chmod +x "$out"/lib/*.{so,dylib} 151 ''; 152 153 passthru.tests = { 154 inherit (nixosTests) openldap; 155 kerberosWithLdap = nixosTests.kerberos.ldap; 156 }; 157 158 meta = with lib; { 159 homepage = "https://www.openldap.org/"; 160 description = "Open source implementation of the Lightweight Directory Access Protocol"; 161 license = licenses.openldap; 162 maintainers = with maintainers; [ hexa ]; 163 teams = [ teams.helsinki-systems ]; 164 platforms = platforms.unix; 165 }; 166}