nixpkgs/pkgs/development/libraries/cyrus-sasl/default.nix

63 lines
2.1 KiB
Nix

{ lib, stdenv, fetchurl, openssl, openldap, kerberos, db, gettext,
pam, fixDarwinDylibNames, autoreconfHook, fetchpatch, enableLdap ? false }:
with stdenv.lib;
stdenv.mkDerivation rec {
name = "cyrus-sasl-${version}${optionalString (kerberos == null) "-without-kerberos"}";
version = "2.1.26";
src = fetchurl {
url = "ftp://ftp.cyrusimap.org/cyrus-sasl/${name}.tar.gz";
sha256 = "1hvvbcsg21nlncbgs0cgn3iwlnb3vannzwsp6rwvnn9ba4v53g4g";
};
outputs = [ "bin" "dev" "out" "man" "devdoc" ];
buildInputs =
[ openssl db gettext kerberos ]
++ lib.optional enableLdap openldap
++ lib.optional stdenv.isFreeBSD autoreconfHook
++ lib.optional stdenv.isLinux pam
++ lib.optional stdenv.isDarwin fixDarwinDylibNames;
patches = [
./missing-size_t.patch # https://bugzilla.redhat.com/show_bug.cgi?id=906519
(fetchpatch {
name = "CVE-2013-4122.patch";
url = "http://sourceforge.net/projects/miscellaneouspa/files/glibc217/cyrus-sasl-2.1.26-glibc217-crypt.diff";
sha256 = "05l7dh1w9d5fvzg0pjwzqh0fy4ah8y5cv6v67s4ssbq8xwd4pkf2";
})
] ++ lib.optional stdenv.isFreeBSD (
fetchurl {
url = "http://www.linuxfromscratch.org/patches/blfs/svn/cyrus-sasl-2.1.26-fixes-3.patch";
sha256 = "1vh4pc2rxxm6yvykx0b7kg09jbcwcxwv5rs6yq2ag3y8p6a9x86w";
}
);
configureFlags = [
"--with-openssl=${openssl.dev}"
] ++ lib.optional enableLdap "--with-ldap=${openldap.dev}";
# Set this variable at build-time to make sure $out can be evaluated.
preConfigure = ''
configureFlagsArray=( --with-plugindir=$out/lib/sasl2
--with-saslauthd=/run/saslauthd
--enable-login
)
'';
installFlags = lib.optional stdenv.isDarwin [ "framedir=$(out)/Library/Frameworks/SASL2.framework" ];
postInstall = ''
for f in $out/lib/*.la $out/lib/sasl2/*.la; do
substituteInPlace $f --replace "${openssl.dev}/lib" "${openssl.out}/lib"
done
'';
meta = {
homepage = http://cyrusimap.web.cmu.edu/;
description = "Library for adding authentication support to connection-based protocols";
platforms = platforms.unix;
};
}