pkgs/by-name/pa/pam_ssh_agent_auth/package.nix at devShellTools-shell

tjh.dev / nixpkgs
fork
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork
nixpkgs / pkgs / by-name / pa / pam_ssh_agent_auth / package.nix
at devShellTools-shell 103 lines 2.8 kB view raw
wrap content
  1{
  2  lib,
  3  stdenv,
  4  nixosTests,
  5  fetchFromGitHub,
  6  fetchDebianPatch,
  7  pam,
  8  openssl,
  9  perl,
 10  autoreconfHook,
 11}:
 12
 13stdenv.mkDerivation rec {
 14  pname = "pam_ssh_agent_auth";
 15  version = "0.10.4";
 16
 17  src = fetchFromGitHub {
 18    owner = "jbeverly";
 19    repo = "pam_ssh_agent_auth";
 20    rev = "pam_ssh_agent_auth-${version}";
 21    sha256 = "YD1R8Cox0UoNiuWleKGzWSzxJ5lhDRCB2mZPp9OM6Cs=";
 22  };
 23
 24  ed25519-donna = fetchFromGitHub {
 25    owner = "floodyberry";
 26    repo = "ed25519-donna";
 27    rev = "8757bd4cd209cb032853ece0ce413f122eef212c";
 28    sha256 = "ETFpIaWQnlYG8ZuDG2dNjUJddlvibB4ukHquTFn3NZM=";
 29  };
 30
 31  # Required because of fix-configure.patch
 32  nativeBuildInputs = [
 33    autoreconfHook
 34  ];
 35
 36  buildInputs = [
 37    pam
 38    openssl
 39    perl
 40  ];
 41
 42  patches =
 43    let
 44      fetchDebianPatch' =
 45        args:
 46        fetchDebianPatch (
 47          {
 48            pname = "pam-ssh-agent-auth";
 49            version = "0.10.3";
 50            debianRevision = "11";
 51          }
 52          // args
 53        );
 54    in
 55    [
 56      # Allow multiple colon-separated authorized keys files to be
 57      # specified in the file= option.
 58      ./multiple-key-files.patch
 59      ./edcsa-crash-fix.patch
 60
 61      # Patch configure to remove implicit function declaration errors under gcc14
 62      # Requires autoreconfHook
 63      (fetchDebianPatch' {
 64        patch = "fix-configure.patch";
 65        hash = "sha256-ymXv2o/NpFeVQ6r0hvJEeMpvs5Ht9jq4RSw8ssv43FY=";
 66      })
 67
 68      # Avoided incompatible pointer passing to fix GCC 14 build errors. Add missing 'const', cast to expected pointer type (DSA_SIG) and avoid
 69      # pointer to pointer when pointer is required.
 70      (fetchDebianPatch' {
 71        patch = "1000-gcc-14.patch";
 72        hash = "sha256-EvdaIhrfKZ1mB7qvNiGx/hYdthStgnhK7xvJEhhAFDQ=";
 73      })
 74    ];
 75
 76  configureFlags = [
 77    # It's not clear to me why this is necessary, but without it, you see:
 78    #
 79    # checking OpenSSL header version... 1010108f (OpenSSL 1.1.1h  22 Sep 2020)
 80    # checking OpenSSL library version... 1010108f (OpenSSL 1.1.1h  22 Sep 2020)
 81    # checking whether OpenSSL's headers match the library... no
 82    # configure: WARNING: Your OpenSSL headers do not match your
 83    # library. Check config.log for details.
 84    #
 85    # ...despite the fact that clearly the values match
 86    "--without-openssl-header-check"
 87    # Make sure it can find ed25519-donna
 88    "--with-cflags=-I$PWD"
 89  ];
 90
 91  prePatch = "cp -r ${ed25519-donna}/. ed25519-donna/.";
 92
 93  enableParallelBuilding = true;
 94
 95  passthru.tests.sudo = nixosTests.ssh-agent-auth;
 96
 97  meta = {
 98    homepage = "https://github.com/jbeverly/pam_ssh_agent_auth";
 99    description = "PAM module for authentication through the SSH agent";
100    maintainers = [ ];
101    platforms = lib.platforms.linux;
102  };
103}
Configure Feed

Configure Feed
