tox/detox are removed; they are used to test multiple python
implementations in parallel, which isn't really appropriate for a Nix
install check. Also, because these were added to the propagated build
inputs, lots of unnecessary stuff ended up in the resulting closure.
Note that removing tox does not imply tests are not run; they never were
to begin with; this is a separate issue.
This fixes https://github.com/NixOS/nixpkgs/issues/16171
Also, for "correctness" ordinary build-time dependencies are added to
`buildInputs`; only inputs that are to be added to the python path are
added to `propagatedBuildInputs`.
Strongswan fails to compile on armv7l-linux with `--enable-aesni` and `--enable-rdrand` enabled. Errors are thrown about impossible constraints in asm (`--enable-rdrand`) or about gcc getting unknown command line parameters about aes (`--enable-aesni`). The options only makes sense on X86_64 processors.
The rdrand plugin is designed for Ivy Bridge processors:
> High quality / high performance random source using the Intel rdrand instruction found on Ivy Bridge processors
The aes-ni plugin also only exists on X86 processors (which have the AES instruction set)
Tested with a local override. The change triggers a (successful) rebuild on my X86_64 system. On armv7-linux this change fixes build errors.
See:
https://wiki.strongswan.org/issues/337
This reverts commit 277080fea0.
I had tested the server on my physical machine before pushing,
but the openssh test got broken so something is clearly wrong.
http://hydra.nixos.org/build/45500080
The two removed patches were for issues that should've been fixed.
Minor vulnerabilities addressed: CVE-2016-{10009,10010,10011,10012}.
https://www.openssh.com/txt/release-7.4
`make install` was failing presumably due to an upstream cross-compilation bug:
Makefile:3440: *** Recursive variable 'INSTALL' references itself (eventually). Stop.
While at it, remove the old ugly cross buildPhase. It was seemingly
trying to work around the fact that the man pages are generated by
piping each command's --help output to help2man. That obviously doesn't
work while cross-compiling.
Instead, set PERL=missing in the environment to make the build system
think there's no perl available to run help2man. (This approach was
stolen from buildroot.)
