commit 078b742a018a912fa73b0ffa4e50bee7a97bd1f4

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

vsftpd: compile with OpenSSL for SSL support

SSL support was selectable via a flag, but as we are bound to have OpenSSL on
the machine anyway, it really doesn't make sense to not compile in support.

Did a bunch of cleanups too.

Peter Hoeg 7 years ago 078b742a 7c73f53d

+17 -32

1 changed file

expand all

unified split

pkgs

servers

ftp

vsftpd

default.nix

+17 -32

pkgs/servers/ftp/vsftpd/default.nix

··· 1 - { stdenv, fetchurl, openssl, sslEnable ? false, libcap, pam }: 1 + { stdenv, fetchurl, libcap, openssl, pam }: 2 2 3 3 stdenv.mkDerivation rec { 4 4 name = "vsftpd-3.0.3"; ··· 8 8 sha256 = "1xsyjn68k3fgm2incpb3lz2nikffl9by2safp994i272wvv2nkcx"; 9 9 }; 10 10 11 + buildInputs = [ libcap openssl pam ]; 12 + 11 13 patches = [ ./CVE-2015-1419.patch ]; 12 14 13 - preConfigure = stdenv.lib.optionalString sslEnable '' 14 - echo "Will enable SSL" 15 + postPatch = '' 15 16 sed -i "/VSF_BUILD_SSL/s/^#undef/#define/" builddefs.h 16 - ''; 17 + 18 + substituteInPlace Makefile \ 19 + --replace -dirafter "" \ 20 + --replace /usr $out \ 21 + --replace /etc $out/etc 17 22 18 - # The gcc-wrappers use -idirafter for glibc, and vsftpd also, and 19 - # their dummyinc come before those of glibc, then the build works bad. 20 - prePatch = '' 21 - sed -i -e 's/-idirafter.*//' Makefile 23 + mkdir -p $out/sbin $out/man/man{5,8} 22 24 ''; 23 25 24 - preBuild = 25 - let 26 - sslLibs = if sslEnable then "-lcrypt -lssl -lcrypto" else ""; 27 - in '' 28 - makeFlagsArray=( "LIBS=${sslLibs} -lpam -lcap -fstack-protector" ) 29 - ''; 26 + NIX_LDFLAGS = "-lcrypt -lssl -lcrypto -lpam -lcap"; 30 27 31 - # It won't link without this flag, used in CFLAGS 32 - 33 - buildInputs = [ openssl libcap pam ]; 34 - 35 - installPhase = '' 36 - mkdir -pv $out/sbin 37 - install -v -m 755 vsftpd $out/sbin/vsftpd 38 - 39 - mkdir -pv $out/share/man/man{5,8} 40 - install -v -m 644 vsftpd.8 $out/share/man/man8/vsftpd.8 41 - install -v -m 644 vsftpd.conf.5 $out/share/man/man5/vsftpd.conf.5 42 - 43 - mkdir -pv $out/etc/xinetd.d 44 - install -v -m 644 xinetd.d/vsftpd $out/etc/xinetd.d/vsftpd 45 - ''; 28 + enableParallelBuilding = true; 46 29 47 - meta = { 48 - platforms = stdenv.lib.platforms.linux; 49 - license = stdenv.lib.licenses.gpl2; 30 + meta = with stdenv.lib; { 31 + description = "A very secure FTP daemon"; 32 + license = licenses.gpl2; 33 + maintainers = with maintainers; [ peterhoeg ]; 34 + platforms = platforms.linux; 50 35 }; 51 36 }