tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / os-specific / linux / pam_ssh_agent_auth / default.nix
at fix-function-merge 57 lines 1.8 kB view raw
1{ lib, stdenv, nixosTests, fetchFromGitHub, pam, openssl, perl }: 2 3stdenv.mkDerivation rec { 4 pname = "pam_ssh_agent_auth"; 5 version = "0.10.4"; 6 7 src = fetchFromGitHub { 8 owner = "jbeverly"; 9 repo = "pam_ssh_agent_auth"; 10 rev = "pam_ssh_agent_auth-${version}"; 11 sha256 = "YD1R8Cox0UoNiuWleKGzWSzxJ5lhDRCB2mZPp9OM6Cs="; 12 }; 13 14 ed25519-donna = fetchFromGitHub { 15 owner = "floodyberry"; 16 repo = "ed25519-donna"; 17 rev = "8757bd4cd209cb032853ece0ce413f122eef212c"; 18 sha256 = "ETFpIaWQnlYG8ZuDG2dNjUJddlvibB4ukHquTFn3NZM="; 19 }; 20 21 buildInputs = [ pam openssl perl ]; 22 23 patches = [ 24 # Allow multiple colon-separated authorized keys files to be 25 # specified in the file= option. 26 ./multiple-key-files.patch 27 ./edcsa-crash-fix.patch 28 ]; 29 30 configureFlags = [ 31 # It's not clear to me why this is necessary, but without it, you see: 32 # 33 # checking OpenSSL header version... 1010108f (OpenSSL 1.1.1h 22 Sep 2020) 34 # checking OpenSSL library version... 1010108f (OpenSSL 1.1.1h 22 Sep 2020) 35 # checking whether OpenSSL's headers match the library... no 36 # configure: WARNING: Your OpenSSL headers do not match your 37 # library. Check config.log for details. 38 # 39 # ...despite the fact that clearly the values match 40 "--without-openssl-header-check" 41 # Make sure it can find ed25519-donna 42 "--with-cflags=-I$PWD" 43 ]; 44 45 prePatch = "cp -r ${ed25519-donna}/. ed25519-donna/."; 46 47 enableParallelBuilding = true; 48 49 passthru.tests.sudo = nixosTests.ssh-agent-auth; 50 51 meta = { 52 homepage = "https://github.com/jbeverly/pam_ssh_agent_auth"; 53 description = "PAM module for authentication through the SSH agent"; 54 maintainers = [ lib.maintainers.eelco ]; 55 platforms = lib.platforms.linux; 56 }; 57}