pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #157035 from c0bw3b/pkg/rng

Update jitterentropy lib and rng-tools

Renaud 177d2970 16658b7f

options
unified split
Changed files
+52 -53
pkgs
development
libraries
jitterentropy
default.nix
reproducible-manpages.patch
librtlsdr
default.nix
tools
security
rng-tools
default.nix
+12 -18
pkgs/development/libraries/jitterentropy/default.nix 
···

       
1

       
1

       
 

       
{ lib, stdenv, fetchFromGitHub }:


     

       

       
2

       
+

       



     

       
2

       
3

       
 

       
stdenv.mkDerivation rec {


     

       
3

       
4

       
 

       
  pname = "jitterentropy";


     

       
4

       

       
-

       
  version = "2.2.0";


     

       

       
5

       
+

       
  version = "3.3.1";


     

       
5

       
6

       
 

       



     

       
6

       
7

       
 

       
  src = fetchFromGitHub {


     

       
7

       
8

       
 

       
    owner = "smuellerDD";


     

       
8

       
9

       
 

       
    repo = "jitterentropy-library";


     

       
9

       
10

       
 

       
    rev = "v${version}";


     

       
10

       

       
-

       
    sha256 = "0n2l1fxr7bynnarpwdjifb2fvlsq8w5wmfh31yk5nrc756cjlgyw";


     

       

       
11

       
+

       
    hash = "sha256-go7eGwBoZ58LkgKL7t8oZSc1cFlE6fPOT/ML3Aa8+CM=";


     

       
11

       
12

       
 

       
  };


     

       
12

       

       
-

       
  patches = [


     

       
13

       

       
-

       
    # Can be removed when upgrading beyond 2.2.0


     

       
14

       

       
-

       
    ./reproducible-manpages.patch


     

       
15

       

       
-

       
  ];


     

       
16

       
13

       
 

       



     

       
17

       

       
-

       
  enableParallelBuilding = true;


     

       

       
14

       
+

       
  outputs = [ "out" "dev" ];


     

       
18

       
15

       
 

       



     

       
19

       

       
-

       
  preInstall = ''


     

       
20

       

       
-

       
    mkdir -p $out/include


     

       
21

       

       
-

       
    substituteInPlace Makefile \


     

       
22

       

       
-

       
      --replace "install -m 0755 -s" \


     

       
23

       

       
-

       
                'install -m 0755 -s --strip-program $(STRIP)'


     

       
24

       

       
-

       
  '';


     

       

       
16

       
+

       
  enableParallelBuilding = true;


     

       

       
17

       
+

       
  hardeningDisable = [ "fortify" ]; # avoid warnings


     

       
25

       
18

       
 

       



     

       
26

       
19

       
 

       
  installFlags = [


     

       
27

       

       
-

       
    "PREFIX=$(out)"


     

       

       
20

       
+

       
    "PREFIX=${placeholder "out"}"


     

       
28

       
21

       
 

       
  ];


     

       
29

       
22

       
 

       



     

       
30

       

       
-

       
  meta = {


     

       

       
23

       
+

       
  meta = with lib; {


     

       
31

       
24

       
 

       
    description = "Provides a noise source using the CPU execution timing jitter";


     

       
32

       
25

       
 

       
    homepage = "https://github.com/smuellerDD/jitterentropy-library";


     

       
33

       

       
-

       
    license = with lib.licenses; [ gpl2 bsd3 ];


     

       
34

       

       
-

       
    platforms = lib.platforms.linux;


     

       
35

       

       
-

       
    maintainers = with lib.maintainers; [ johnazoidberg ];


     

       

       
26

       
+

       
    changelog = "https://github.com/smuellerDD/jitterentropy-library/raw/v${version}/CHANGES.md";


     

       

       
27

       
+

       
    license = with licenses; [ bsd3 /* OR */ gpl2Only ];


     

       

       
28

       
+

       
    platforms = platforms.linux;


     

       

       
29

       
+

       
    maintainers = with maintainers; [ johnazoidberg c0bw3b ];


     

       
36

       
30

       
 

       
  };


     

       
37

       
31

       
 

       
}
-13
pkgs/development/libraries/jitterentropy/reproducible-manpages.patch 
···

       
1

       

       
-

       
diff --git a/Makefile b/Makefile


     

       
2

       

       
-

       
index 4ff069b..3b8714a 100644


     

       
3

       

       
-

       
--- a/Makefile


     

       
4

       

       
-

       
+++ b/Makefile


     

       
5

       

       
-

       
@@ -58,7 +58,7 @@ cppcheck:


     

       
6

       

       
-

       
 install:


     

       
7

       

       
-

       
 	install -d -m 0755 $(DESTDIR)$(PREFIX)/share/man/man3


     

       
8

       

       
-

       
 	install -m 644 doc/$(NAME).3 $(DESTDIR)$(PREFIX)/share/man/man3/


     

       
9

       

       
-

       
-	gzip -9 $(DESTDIR)$(PREFIX)/share/man/man3/$(NAME).3


     

       
10

       

       
-

       
+	gzip -n -9 $(DESTDIR)$(PREFIX)/share/man/man3/$(NAME).3


     

       
11

       

       
-

       
 	install -d -m 0755 $(DESTDIR)$(PREFIX)/$(LIBDIR)


     

       
12

       

       
-

       
 	install -m 0755 -s lib$(NAME).so.$(LIBVERSION) $(DESTDIR)$(PREFIX)/$(LIBDIR)/


     

       
13

       

       
-

       
 	install -d -m 0755 $(DESTDIR)$(PREFIX)/$(INCDIR)
+1 -1
pkgs/development/libraries/librtlsdr/default.nix 
···

       
27

       
27

       
 

       



     

       
28

       
28

       
 

       
  nativeBuildInputs = [ pkg-config cmake ];


     

       
29

       
29

       
 

       



     

       
30

       

       
-

       
  buildInputs = [ libusb1 ];


     

       

       
30

       
+

       
  propagatedBuildInputs = [ libusb1 ];


     

       
31

       
31

       
 

       



     

       
32

       
32

       
 

       
  meta = with lib; {


     

       
33

       
33

       
 

       
    description = "Turns your Realtek RTL2832 based DVB dongle into a SDR receiver";
+39 -21
pkgs/tools/security/rng-tools/default.nix 
···

       
1

       

       
-

       
{ lib, stdenv, fetchFromGitHub, libtool, autoreconfHook, pkg-config


     

       
2

       

       
-

       
, sysfsutils


     

       
3

       

       
-

       
, argp-standalone


     

       

       
1

       
+

       
{ lib


     

       

       
2

       
+

       
, stdenv


     

       

       
3

       
+

       
, fetchFromGitHub


     

       

       
4

       
+

       
, autoreconfHook


     

       

       
5

       
+

       
, libtool


     

       

       
6

       
+

       
, pkg-config


     

       

       
7

       
+

       
, argp-standalone ? null


     

       

       
8

       
+

       
, openssl


     

       

       
9

       
+

       
, jitterentropy ? null, withJitterEntropy ? true


     

       
4

       
10

       
 

       
  # WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS


     

       
5

       
11

       
 

       
  # https://www.nist.gov/programs-projects/nist-randomness-beacon


     

       
6

       

       
-

       
, curl ? null, libxml2 ? null, openssl ? null, withNistBeacon ? false


     

       
7

       

       
-

       
  # Systems that support RDRAND but not AES-NI require libgcrypt to use RDRAND as an entropy source


     

       
8

       

       
-

       
, libgcrypt ? null, withGcrypt ? true


     

       
9

       

       
-

       
, jitterentropy ? null, withJitterEntropy ? true


     

       

       
12

       
+

       
, curl ? null, jansson ? null, libxml2 ? null, withNistBeacon ? false


     

       
10

       
13

       
 

       
, libp11 ? null, opensc ? null, withPkcs11 ? true


     

       

       
14

       
+

       
, librtlsdr ? null, withRtlsdr ? true


     

       
11

       
15

       
 

       
}:


     

       
12

       
16

       
 

       



     

       

       
17

       
+

       
assert (stdenv.hostPlatform.isMusl) -> argp-standalone != null;


     

       

       
18

       
+

       
assert (withJitterEntropy) -> jitterentropy != null;


     

       

       
19

       
+

       
assert (withNistBeacon) -> curl != null && jansson != null && libxml2 != null;


     

       

       
20

       
+

       
assert (withPkcs11) -> libp11 != null && opensc != null;


     

       

       
21

       
+

       
assert (withRtlsdr) -> librtlsdr != null;


     

       

       
22

       
+

       



     

       
13

       
23

       
 

       
with lib;


     

       
14

       
24

       
 

       



     

       
15

       
25

       
 

       
stdenv.mkDerivation rec {


     

       
16

       
26

       
 

       
  pname = "rng-tools";


     

       
17

       

       
-

       
  version = "6.11";


     

       

       
27

       
+

       
  version = "6.14";


     

       
18

       
28

       
 

       



     

       
19

       
29

       
 

       
  src = fetchFromGitHub {


     

       
20

       
30

       
 

       
    owner = "nhorman";


     

       
21

       

       
-

       
    repo = "rng-tools";


     

       

       
31

       
+

       
    repo = pname;


     

       
22

       
32

       
 

       
    rev = "v${version}";


     

       
23

       

       
-

       
    sha256 = "sha256-qheJaeVX2zuv0mvKEd6wcbSHFjiJE0t5hVCJiRSKm3M=";


     

       

       
33

       
+

       
    hash = "sha256-NTXp2l5gVxKhO4Gqcy4VzomYU5B3HydkefMvdzypK8M=";


     

       
24

       
34

       
 

       
  };


     

       
25

       
35

       
 

       



     

       
26

       
36

       
 

       
  nativeBuildInputs = [ autoreconfHook libtool pkg-config ];


     

       
27

       
37

       
 

       



     

       
28

       
38

       
 

       
  configureFlags = [


     

       
29

       

       
-

       
    (withFeature   withGcrypt        "libgcrypt")


     

       
30

       

       
-

       
    (enableFeature withJitterEntropy "jitterentropy")


     

       
31

       

       
-

       
    (withFeature   withNistBeacon    "nistbeacon")


     

       
32

       

       
-

       
    (withFeature   withPkcs11        "pkcs11")


     

       

       
39

       
+

       
    (enableFeature (withJitterEntropy) "jitterentropy")


     

       

       
40

       
+

       
    (withFeature   (withNistBeacon)    "nistbeacon")


     

       

       
41

       
+

       
    (withFeature   (withPkcs11)        "pkcs11")


     

       

       
42

       
+

       
    (withFeature   (withRtlsdr)        "rtlsdr")


     

       
33

       
43

       
 

       
  ];


     

       
34

       
44

       
 

       



     

       
35

       

       
-

       
  # argp-standalone is only used when libc lacks argp parsing (musl)


     

       
36

       

       
-

       
  buildInputs = [ sysfsutils ]


     

       
37

       

       
-

       
    ++ optionals stdenv.hostPlatform.isx86_64 [ argp-standalone ]


     

       
38

       

       
-

       
    ++ optionals withGcrypt        [ libgcrypt ]


     

       
39

       

       
-

       
    ++ optionals withJitterEntropy [ jitterentropy ]


     

       
40

       

       
-

       
    ++ optionals withNistBeacon    [ curl libxml2 openssl ]


     

       
41

       

       
-

       
    ++ optionals withPkcs11        [ libp11 openssl ];


     

       

       
45

       
+

       
  buildInputs = [ openssl ]


     

       

       
46

       
+

       
    ++ optionals (stdenv.hostPlatform.isMusl) [ argp-standalone ]


     

       

       
47

       
+

       
    ++ optionals (withJitterEntropy) [ jitterentropy ]


     

       

       
48

       
+

       
    ++ optionals (withNistBeacon)    [ curl jansson libxml2 ]


     

       

       
49

       
+

       
    ++ optionals (withPkcs11)        [ libp11 openssl ]


     

       

       
50

       
+

       
    ++ optionals (withRtlsdr)        [ librtlsdr ];


     

       
42

       
51

       
 

       



     

       
43

       
52

       
 

       
  enableParallelBuilding = true;


     

       
44

       
53

       
 

       



     
···

       
51

       
60

       
 

       
  doCheck = true;


     

       
52

       
61

       
 

       
  preCheck = "patchShebangs tests/*.sh";


     

       
53

       
62

       
 

       



     

       

       
63

       
+

       
  doInstallCheck = true;


     

       

       
64

       
+

       
  installCheckPhase = ''


     

       

       
65

       
+

       
    runHook preInstallCheck


     

       

       
66

       
+

       
    set -o pipefail


     

       

       
67

       
+

       
    $out/bin/rngtest --version | grep $version


     

       

       
68

       
+

       
    runHook postInstallCheck


     

       

       
69

       
+

       
  '';


     

       

       
70

       
+

       



     

       
54

       
71

       
 

       
  meta = {


     

       
55

       
72

       
 

       
    description = "A random number generator daemon";


     

       
56

       
73

       
 

       
    homepage = "https://github.com/nhorman/rng-tools";


     

       

       
74

       
+

       
    changelog = "https://github.com/nhorman/rng-tools/releases/tag/v${version}";


     

       
57

       
75

       
 

       
    license = licenses.gpl2Plus;


     

       
58

       
76

       
 

       
    platforms = platforms.linux;


     

       
59

       
77

       
 

       
    maintainers = with maintainers; [ johnazoidberg c0bw3b ];