pkgs/development/libraries/kerberos/krb5.nix at devShellTools-shell · tjh.dev/nixpkgs

tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
nixpkgs / pkgs / development / libraries / kerberos / krb5.nix
at devShellTools-shell 4.4 kB view raw
  1{
  2  lib,
  3  stdenv,
  4  fetchurl,
  5  bootstrap_cmds,
  6  byacc, # can also use bison, but byacc has fewer dependencies
  7  keyutils,
  8  openssl,
  9  perl,
 10  pkg-config,
 11
 12  # for passthru.tests
 13  bind,
 14  curl,
 15  nixosTests,
 16  openssh,
 17  postgresql,
 18  python3,
 19
 20  # Extra Arguments
 21  withLdap ? false,
 22  openldap,
 23  withLibedit ? true,
 24  libedit,
 25  withVerto ? false,
 26  libverto,
 27
 28  # This is called "staticOnly" because krb5 does not support
 29  # builting both static and shared, see below.
 30  staticOnly ? false,
 31}:
 32
 33stdenv.mkDerivation rec {
 34  pname = "krb5";
 35  version = "1.21.3";
 36
 37  src = fetchurl {
 38    url = "https://kerberos.org/dist/krb5/${lib.versions.majorMinor version}/krb5-${version}.tar.gz";
 39    hash = "sha256-t6TNXq1n+wi5gLIavRUP9yF+heoyDJ7QxtrdMEhArTU=";
 40  };
 41
 42  outputs = [
 43    "out"
 44    "lib"
 45    "dev"
 46  ];
 47
 48  # While "out" acts as the bin output, most packages only care about the lib output.
 49  # We set prefix such that all the pkg-config configuration stays inside the dev and lib outputs.
 50  # stdenv will take care of overriding bindir, sbindir, etc. such that "out" contains the binaries.
 51  prefix = builtins.placeholder "lib";
 52
 53  env = lib.optionalAttrs stdenv.hostPlatform.isStatic {
 54    NIX_CFLAGS_COMPILE = "-fcommon";
 55  };
 56
 57  configureFlags = [
 58    "--localstatedir=/var/lib"
 59    (lib.withFeature withLdap "ldap")
 60    (lib.withFeature withLibedit "libedit")
 61    (lib.withFeature withVerto "system-verto")
 62  ]
 63  # krb5's ./configure does not allow passing --enable-shared and --enable-static at the same time.
 64  # See https://bbs.archlinux.org/viewtopic.php?pid=1576737#p1576737
 65  ++ lib.optionals staticOnly [
 66    "--enable-static"
 67    "--disable-shared"
 68  ]
 69  ++ lib.optional stdenv.hostPlatform.isFreeBSD ''WARN_CFLAGS=''
 70  ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [
 71    "krb5_cv_attr_constructor_destructor=yes,yes"
 72    "ac_cv_func_regcomp=yes"
 73    "ac_cv_printf_positional=yes"
 74  ];
 75
 76  nativeBuildInputs = [
 77    byacc
 78    perl
 79    pkg-config
 80  ]
 81  # Provides the mig command used by the build scripts
 82  ++ lib.optional stdenv.hostPlatform.isDarwin bootstrap_cmds;
 83
 84  buildInputs = [
 85    openssl
 86  ]
 87  ++ lib.optionals (
 88    stdenv.hostPlatform.isLinux
 89    && stdenv.hostPlatform.libc != "bionic"
 90    && !(stdenv.hostPlatform.useLLVM or false)
 91  ) [ keyutils ]
 92  ++ lib.optionals withLdap [ openldap ]
 93  ++ lib.optionals withLibedit [ libedit ]
 94  ++ lib.optionals withVerto [ libverto ];
 95
 96  sourceRoot = "krb5-${version}/src";
 97
 98  postPatch = ''
 99    substituteInPlace config/shlib.conf \
100      --replace "'ld " "'${stdenv.cc.targetPrefix}ld "
101  ''
102  # this could be accomplished by updateAutotoolsGnuConfigScriptsHook, but that causes infinite recursion
103  # necessary for FreeBSD code path in configure
104  + ''
105    substituteInPlace ./config/config.guess --replace-fail /usr/bin/uname uname
106  '';
107
108  libFolders = [
109    "util"
110    "include"
111    "lib"
112    "build-tools"
113  ];
114
115  # To avoid cyclic outputs, we can't let lib depend on out in any way. Unfortunately, the configure
116  # options don't give us enough granularity to specify that, so we have to override the generated
117  # Makefiles manually.
118  postConfigure = ''
119    find $libFolders -type f -name Makefile -print0 | while IFS= read -rd "" f; do
120      substituteInPlace "$f" --replace-fail "$out" "$lib"
121    done
122  '';
123
124  preInstall = ''
125    mkdir -p "$lib"/{bin,sbin,lib/pkgconfig,share/{et,man/man1}}
126  '';
127
128  # not via outputBin, due to reference from libkrb5.so
129  postInstall = ''
130    moveToOutput bin/krb5-config "$dev"
131  '';
132
133  # Disable _multioutDocs in stdenv by overriding it to be a no-op.
134  # We do this because $lib has its own docs and we don't want to squash them into $out.
135  preFixup = ''
136    _multioutDocs() {
137      echo Skipping multioutDocs
138    }
139  '';
140
141  enableParallelBuilding = true;
142  doCheck = false; # fails with "No suitable file for testing purposes"
143
144  meta = with lib; {
145    description = "MIT Kerberos 5";
146    homepage = "http://web.mit.edu/kerberos/";
147    license = licenses.mit;
148    platforms = platforms.unix ++ platforms.windows;
149  };
150
151  passthru = {
152    implementation = "krb5";
153    tests = {
154      inherit (nixosTests) kerberos;
155      inherit (python3.pkgs) requests-credssp;
156      bind = bind.override { enableGSSAPI = true; };
157      curl = curl.override { gssSupport = true; };
158      openssh = openssh.override { withKerberos = true; };
159      postgresql = postgresql.override { gssSupport = true; };
160    };
161  };
162}