nixpkgs/pkgs/os-specific/linux/pam_ssh_agent_auth/default.nix

{ lib, stdenv, fetchpatch, fetchFromGitHub, pam, openssl, perl }:

stdenv.mkDerivation rec {
  pname = "pam_ssh_agent_auth";
  version = "0.10.4";

  src = fetchFromGitHub {
    owner = "jbeverly";
    repo = "pam_ssh_agent_auth";
    rev = "pam_ssh_agent_auth-${version}";
    sha256 = "YD1R8Cox0UoNiuWleKGzWSzxJ5lhDRCB2mZPp9OM6Cs=";
  };

  ed25519-donna = fetchFromGitHub {
    owner = "floodyberry";
    repo = "ed25519-donna";
    rev = "8757bd4cd209cb032853ece0ce413f122eef212c";
    sha256 = "ETFpIaWQnlYG8ZuDG2dNjUJddlvibB4ukHquTFn3NZM=";
  };

  buildInputs = [ pam openssl perl ];

  patches = [
    # Allow multiple colon-separated authorized keys files to be
    # specified in the file= option.
    ./multiple-key-files.patch
    ./edcsa-crash-fix.patch
  ];

  configureFlags = [
    # It's not clear to me why this is necessary, but without it, you see:
    #
    # checking OpenSSL header version... 1010108f (OpenSSL 1.1.1h  22 Sep 2020)
    # checking OpenSSL library version... 1010108f (OpenSSL 1.1.1h  22 Sep 2020)
    # checking whether OpenSSL's headers match the library... no
    # configure: WARNING: Your OpenSSL headers do not match your
    # library. Check config.log for details.
    #
    # ...despite the fact that clearly the values match
    "--without-openssl-header-check"
    # Make sure it can find ed25519-donna
    "--with-cflags=-I$PWD"
  ];

  prePatch = "cp -r ${ed25519-donna}/. ed25519-donna/.";

  enableParallelBuilding = true;

  meta = {
    homepage = "https://github.com/jbeverly/pam_ssh_agent_auth";
    description = "PAM module for authentication through the SSH agent";
    maintainers = [ lib.maintainers.eelco ];
    platforms = lib.platforms.linux;
  };
}
pkgs/os-specific: stdenv.lib -> lib 2021-01-15 14:45:37 +00:00			`{ lib, stdenv, fetchpatch, fetchFromGitHub, pam, openssl, perl }:`
* Added pam_ssh_agent_auth, a PAM module for authentication through the SSH agent. svn path=/nixpkgs/trunk/; revision=34462 2012-06-11 17:45:54 +01:00
			`stdenv.mkDerivation rec {`
pam_ssh_agent_auth: 0.10.3 -> 0.10.4 2020-12-16 12:11:55 +00:00			`pname = "pam_ssh_agent_auth";`
			`version = "0.10.4";`
* Added pam_ssh_agent_auth, a PAM module for authentication through the SSH agent. svn path=/nixpkgs/trunk/; revision=34462 2012-06-11 17:45:54 +01:00
pam_ssh_agent_auth: 0.10.3 -> 0.10.4 2020-12-16 12:11:55 +00:00			`src = fetchFromGitHub {`
			`owner = "jbeverly";`
			`repo = "pam_ssh_agent_auth";`
			`rev = "pam_ssh_agent_auth-${version}";`
			`sha256 = "YD1R8Cox0UoNiuWleKGzWSzxJ5lhDRCB2mZPp9OM6Cs=";`
* Added pam_ssh_agent_auth, a PAM module for authentication through the SSH agent. svn path=/nixpkgs/trunk/; revision=34462 2012-06-11 17:45:54 +01:00			`};`

pam_ssh_agent_auth: 0.10.3 -> 0.10.4 2020-12-16 12:11:55 +00:00			`ed25519-donna = fetchFromGitHub {`
			`owner = "floodyberry";`
			`repo = "ed25519-donna";`
			`rev = "8757bd4cd209cb032853ece0ce413f122eef212c";`
			`sha256 = "ETFpIaWQnlYG8ZuDG2dNjUJddlvibB4ukHquTFn3NZM=";`
			`};`
pam_ssh_agent_auth: Re-allow multiple authorized keys files This functionality was initially introduced in 3644f9124aaf35f2ad7b17cd05df19226d4e4d1c to fix https://github.com/NixOS/nixos/pull/52, but was broken in the update from 0.9.5 to 0.10.3. The original patch does not cleanly apply due to reformatting and parameter changes upstream, but the adaptations of the patch to the new version are not too severe. 2017-03-03 08:17:01 +00:00
* Added pam_ssh_agent_auth, a PAM module for authentication through the SSH agent. svn path=/nixpkgs/trunk/; revision=34462 2012-06-11 17:45:54 +01:00			`buildInputs = [ pam openssl perl ];`

pam_ssh_agent_auth: 0.10.3 -> 0.10.4 2020-12-16 12:11:55 +00:00			`patches = [`
			`# Allow multiple colon-separated authorized keys files to be`
			`# specified in the file= option.`
			`./multiple-key-files.patch`
pam-ssh-agent: fix EDCSA crash 2020-12-30 15:38:10 +00:00			`./edcsa-crash-fix.patch`
pam_ssh_agent_auth: 0.10.3 -> 0.10.4 2020-12-16 12:11:55 +00:00			`];`

			`configureFlags = [`
			`# It's not clear to me why this is necessary, but without it, you see:`
			`#`
			`# checking OpenSSL header version... 1010108f (OpenSSL 1.1.1h 22 Sep 2020)`
			`# checking OpenSSL library version... 1010108f (OpenSSL 1.1.1h 22 Sep 2020)`
			`# checking whether OpenSSL's headers match the library... no`
			`# configure: WARNING: Your OpenSSL headers do not match your`
			`# library. Check config.log for details.`
			`#`
			`# ...despite the fact that clearly the values match`
			`"--without-openssl-header-check"`
			`# Make sure it can find ed25519-donna`
			`"--with-cflags=-I$PWD"`
			`];`

			`prePatch = "cp -r ${ed25519-donna}/. ed25519-donna/.";`
pam_ssh_agent_auth: fix dependency on insecure openssl There have been a couple of patches floating around for about the last 18 months. While they originated with FreeBSD, but they've been adopted by Gentoo and Debian as well---and the most straightforward way to get access to them was from the Debian repository. 2020-02-28 20:19:51 +00:00
pam_ssh_agent_auth: Update to 0.9.4 2012-12-17 19:36:07 +00:00			`enableParallelBuilding = true;`

* Added pam_ssh_agent_auth, a PAM module for authentication through the SSH agent. svn path=/nixpkgs/trunk/; revision=34462 2012-06-11 17:45:54 +01:00			`meta = {`
pam_ssh_agent_auth: 0.10.3 -> 0.10.4 2020-12-16 12:11:55 +00:00			`homepage = "https://github.com/jbeverly/pam_ssh_agent_auth";`
* Added pam_ssh_agent_auth, a PAM module for authentication through the SSH agent. svn path=/nixpkgs/trunk/; revision=34462 2012-06-11 17:45:54 +01:00			`description = "PAM module for authentication through the SSH agent";`
pkgs/os-specific: stdenv.lib -> lib 2021-01-15 14:45:37 +00:00			`maintainers = [ lib.maintainers.eelco ];`
			`platforms = lib.platforms.linux;`
* Added pam_ssh_agent_auth, a PAM module for authentication through the SSH agent. svn path=/nixpkgs/trunk/; revision=34462 2012-06-11 17:45:54 +01:00			`};`
			`}`