nixpkgs/pkgs/development/libraries/libssh/default.nix

{ stdenv, fetchurl, pkgconfig, cmake

# Optional Dependencies
, heimdal ? null, zlib ? null, libsodium ? null

# Crypto Dependencies
, openssl ? null, libgcrypt ? null
}:

let
  shouldUsePkg = pkg: if pkg != null && stdenv.lib.any (x: x == stdenv.system) pkg.meta.platforms then pkg else null;

  # Prefer openssl
  cryptoStr = if shouldUsePkg openssl != null then "openssl"
    else if shouldUsePkg libgcrypt != null then "libgcrypt"
      else "none";
  crypto = {
    openssl = openssl;
    libgcrypt = libgcrypt;
    none = null;
  }.${cryptoStr};

  optHeimdal = shouldUsePkg heimdal;
  optZlib = shouldUsePkg zlib;
  optLibsodium = shouldUsePkg libsodium;
in

assert crypto != null;

stdenv.mkDerivation rec {
  name = "libssh-0.7.0";

  src = fetchurl {
    url = "https://git.libssh.org/projects/libssh.git/snapshot/libssh-0.7.0.tar.gz";
    sha256 = "1wfrdqhv97f4ycd9bcpgb6gw47kr7b2iq8cz5knk8a6n9c6870k0";
  };

  patches = [ ./0001-Reintroduce-ssh_forward_listen-Fixes-194.patch ];

  postPatch = ''
    # Fix headers to use libsodium instead of NaCl
    sed -i 's,nacl/,sodium/,g' ./include/libssh/curve25519.h src/curve25519.c
  '';

  cmakeFlags = [
    "-DWITH_GSSAPI=${if optHeimdal != null then "ON" else "OFF"}"
    "-DWITH_ZLIB=${if optZlib != null then "ON" else "OFF"}"
    "-DWITH_SSH1=OFF"
    "-DWITH_SFTP=ON"
    "-DWITH_SERVER=ON"
    "-DWITH_STATIC_LIB=OFF"
    "-DWITH_DEBUG_CRYPTO=OFF"
    "-DWITH_DEBUG_CALLTRACE=OFF"
    "-DWITH_GCRYPT=${if cryptoStr == "libgcrypt" then "ON" else "OFF"}"
    "-DWITH_PCAP=ON"
    "-DWITH_INTERNAL_DOC=OFF"
    "-DWITH_TESTING=OFF"
    "-DWITH_CLIENT_TESTING=OFF"
    "-DWITH_BENCHMARKS=OFF"
    "-DWITH_EXAMPLES=OFF"
    "-DWITH_NACL=${if optLibsodium != null then "ON" else "OFF"}"
  ] ++ stdenv.lib.optionals (optLibsodium != null) [
    "-DNACL_LIBRARY=${optLibsodium}/lib/libsodium.so"
    "-DNACL_INCLUDE_DIR=${optLibsodium}/include"
  ];

  nativeBuildInputs = [ pkgconfig cmake ];
  buildInputs = [ optHeimdal optZlib optLibsodium crypto ];

  meta = with stdenv.lib; {
    description = "SSH client library";
    license = licenses.lgpl2Plus;
    maintainers = with maintainers; [ sander urkud wkennington ];
    platforms = platforms.all;
  };
}
libssh: 0.6.4 -> 0.7.0 2015-05-20 07:30:51 +01:00			`{ stdenv, fetchurl, pkgconfig, cmake`

			`# Optional Dependencies`
			`, heimdal ? null, zlib ? null, libsodium ? null`

			`# Crypto Dependencies`
			`, openssl ? null, libgcrypt ? null`
			`}:`

			`let`
Revert "Refactor mkFlag / shouldUsePkg into the nixpkgs libraries" This reverts commit 25a148fa196b944b3f134527da87e43d88c066f9. 2015-06-01 19:52:03 +01:00			`shouldUsePkg = pkg: if pkg != null && stdenv.lib.any (x: x == stdenv.system) pkg.meta.platforms then pkg else null;`

libssh: 0.6.4 -> 0.7.0 2015-05-20 07:30:51 +01:00			`# Prefer openssl`
			`cryptoStr = if shouldUsePkg openssl != null then "openssl"`
			`else if shouldUsePkg libgcrypt != null then "libgcrypt"`
			`else "none";`
			`crypto = {`
			`openssl = openssl;`
			`libgcrypt = libgcrypt;`
			`none = null;`
			`}.${cryptoStr};`

			`optHeimdal = shouldUsePkg heimdal;`
			`optZlib = shouldUsePkg zlib;`
			`optLibsodium = shouldUsePkg libsodium;`
			`in`

			`assert crypto != null;`
- Added libssh (used by kdebase-runtime) - Completed kdebase-runtime 4.4.0 svn path=/nixpkgs/trunk/; revision=19994 2010-02-14 21:56:35 +00:00
libssh-0.4.8 svn path=/nixpkgs/trunk/; revision=27378 2011-06-07 22:49:42 +01:00			`stdenv.mkDerivation rec {`
libssh: 0.6.4 -> 0.7.0 2015-05-20 07:30:51 +01:00			`name = "libssh-0.7.0";`
libssh: Update to 0.5.3 Fixes CVE-2012-4559, CVE-2012-4560, CVE-2012-4561 and CVE-2012-4562. 2012-11-29 15:21:01 +00:00
- Added libssh (used by kdebase-runtime) - Completed kdebase-runtime 4.4.0 svn path=/nixpkgs/trunk/; revision=19994 2010-02-14 21:56:35 +00:00			`src = fetchurl {`
switch to working libssh 0.7 download 2015-05-24 21:20:49 +01:00			`url = "https://git.libssh.org/projects/libssh.git/snapshot/libssh-0.7.0.tar.gz";`
			`sha256 = "1wfrdqhv97f4ycd9bcpgb6gw47kr7b2iq8cz5knk8a6n9c6870k0";`
- Added libssh (used by kdebase-runtime) - Completed kdebase-runtime 4.4.0 svn path=/nixpkgs/trunk/; revision=19994 2010-02-14 21:56:35 +00:00			`};`
libssh: Update to 0.5.3 Fixes CVE-2012-4559, CVE-2012-4560, CVE-2012-4561 and CVE-2012-4562. 2012-11-29 15:21:01 +00:00
libssh: temporarily patch to fix x2goclient See <https://red.libssh.org/issues/194>: "In libssh 0.7.0, ssh_forward_listen() is present in the headers as a deprecated function, but it is not actually present in the code. This appears to have been introduced in commit 5229253f." 2015-05-26 22:13:16 +01:00			`patches = [ ./0001-Reintroduce-ssh_forward_listen-Fixes-194.patch ];`

libssh: fix libsodium linking resolves pkg-config errors for anything linking against libssh 2015-05-22 00:13:52 +01:00			`postPatch = ''`
			`# Fix headers to use libsodium instead of NaCl`
			`sed -i 's,nacl/,sodium/,g' ./include/libssh/curve25519.h src/curve25519.c`
			`'';`
libssh: 0.6.4 -> 0.7.0 2015-05-20 07:30:51 +01:00
			`cmakeFlags = [`
			`"-DWITH_GSSAPI=${if optHeimdal != null then "ON" else "OFF"}"`
			`"-DWITH_ZLIB=${if optZlib != null then "ON" else "OFF"}"`
			`"-DWITH_SSH1=OFF"`
			`"-DWITH_SFTP=ON"`
			`"-DWITH_SERVER=ON"`
			`"-DWITH_STATIC_LIB=OFF"`
			`"-DWITH_DEBUG_CRYPTO=OFF"`
			`"-DWITH_DEBUG_CALLTRACE=OFF"`
			`"-DWITH_GCRYPT=${if cryptoStr == "libgcrypt" then "ON" else "OFF"}"`
			`"-DWITH_PCAP=ON"`
			`"-DWITH_INTERNAL_DOC=OFF"`
			`"-DWITH_TESTING=OFF"`
			`"-DWITH_CLIENT_TESTING=OFF"`
			`"-DWITH_BENCHMARKS=OFF"`
			`"-DWITH_EXAMPLES=OFF"`
			`"-DWITH_NACL=${if optLibsodium != null then "ON" else "OFF"}"`
			`] ++ stdenv.lib.optionals (optLibsodium != null) [`
libssh: fix libsodium linking resolves pkg-config errors for anything linking against libssh 2015-05-22 00:13:52 +01:00			`"-DNACL_LIBRARY=${optLibsodium}/lib/libsodium.so"`
libssh: 0.6.4 -> 0.7.0 2015-05-20 07:30:51 +01:00			`"-DNACL_INCLUDE_DIR=${optLibsodium}/include"`
			`];`
libssh: Update to 0.5.3 Fixes CVE-2012-4559, CVE-2012-4560, CVE-2012-4561 and CVE-2012-4562. 2012-11-29 15:21:01 +00:00
libssh: fix libsodium linking resolves pkg-config errors for anything linking against libssh 2015-05-22 00:13:52 +01:00			`nativeBuildInputs = [ pkgconfig cmake ];`
			`buildInputs = [ optHeimdal optZlib optLibsodium crypto ];`
libssh: Update to 0.5.3 Fixes CVE-2012-4559, CVE-2012-4560, CVE-2012-4561 and CVE-2012-4562. 2012-11-29 15:21:01 +00:00
libssh: security+maintenance to fix CVE-2014-8132 Also switched to openssl instead of libgcrypt (wouldn't compile otherwise), and fixed meta.license. 2014-12-20 13:35:20 +00:00			`meta = with stdenv.lib; {`
- Added libssh (used by kdebase-runtime) - Completed kdebase-runtime 4.4.0 svn path=/nixpkgs/trunk/; revision=19994 2010-02-14 21:56:35 +00:00			`description = "SSH client library";`
libssh: security+maintenance to fix CVE-2014-8132 Also switched to openssl instead of libgcrypt (wouldn't compile otherwise), and fixed meta.license. 2014-12-20 13:35:20 +00:00			`license = licenses.lgpl2Plus;`
libssh: 0.6.4 -> 0.7.0 2015-05-20 07:30:51 +01:00			`maintainers = with maintainers; [ sander urkud wkennington ];`
libssh: security+maintenance to fix CVE-2014-8132 Also switched to openssl instead of libgcrypt (wouldn't compile otherwise), and fixed meta.license. 2014-12-20 13:35:20 +00:00			`platforms = platforms.all;`
- Added libssh (used by kdebase-runtime) - Completed kdebase-runtime 4.4.0 svn path=/nixpkgs/trunk/; revision=19994 2010-02-14 21:56:35 +00:00			`};`
			`}`