From 0ec12d53e653718eda3668e586a9747b0a3d04c7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Domen=20Ko=C5=BEar?= <domen@dev.si>
Date: Wed, 10 Dec 2014 10:23:11 +0100
Subject: [PATCH] tcpcrypt: 2011.07.22 -> 0.3rc1, fix nixos service

---
 .../modules/services/networking/tcpcrypt.nix  |  2 ++
 ...cpcryptd-under-uid-93-instead-of-666.patch | 25 -------------------
 pkgs/tools/security/tcpcrypt/default.nix      | 19 ++++++--------
 3 files changed, 10 insertions(+), 36 deletions(-)
 delete mode 100644 pkgs/tools/security/tcpcrypt/0001-Run-tcpcryptd-under-uid-93-instead-of-666.patch

diff --git a/nixos/modules/services/networking/tcpcrypt.nix b/nixos/modules/services/networking/tcpcrypt.nix
index 1359006aef4e..fbd581cc4b4c 100644
--- a/nixos/modules/services/networking/tcpcrypt.nix
+++ b/nixos/modules/services/networking/tcpcrypt.nix
@@ -44,6 +44,8 @@ in
       path = [ pkgs.iptables pkgs.tcpcrypt pkgs.procps ];
 
       preStart = ''
+        mkdir -p /var/run/tcpcryptd
+        chown tcpcryptd /var/run/tcpcryptd
         sysctl -n net.ipv4.tcp_ecn >/run/pre-tcpcrypt-ecn-state
         sysctl -w net.ipv4.tcp_ecn=0
 
diff --git a/pkgs/tools/security/tcpcrypt/0001-Run-tcpcryptd-under-uid-93-instead-of-666.patch b/pkgs/tools/security/tcpcrypt/0001-Run-tcpcryptd-under-uid-93-instead-of-666.patch
deleted file mode 100644
index addf00796a8a..000000000000
--- a/pkgs/tools/security/tcpcrypt/0001-Run-tcpcryptd-under-uid-93-instead-of-666.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 4ef50d76a2da61be60fea448690e24f35bc37299 Mon Sep 17 00:00:00 2001
-From: Peter Simons <simons@cryp.to>
-Date: Wed, 11 Sep 2013 17:19:29 +0200
-Subject: [PATCH] Run tcpcryptd under uid 93 instead of 666.
-
----
- user/src/linux.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/user/src/linux.c b/user/src/linux.c
-index b51e6b2..8199193 100644
---- a/user/src/linux.c
-+++ b/user/src/linux.c
-@@ -198,7 +198,7 @@ void linux_drop_privs(void)
- 
- 	cap_free(caps);
- 
--	if (setuid(666) == -1)
-+	if (setuid(93) == -1)
- 		err(1, "setuid()");
- 
- 	caps = cap_init();
--- 
-1.8.3.4
-
diff --git a/pkgs/tools/security/tcpcrypt/default.nix b/pkgs/tools/security/tcpcrypt/default.nix
index 17c6993826d8..be21f92cd760 100644
--- a/pkgs/tools/security/tcpcrypt/default.nix
+++ b/pkgs/tools/security/tcpcrypt/default.nix
@@ -1,26 +1,23 @@
-{ fetchurl, stdenv, autoconf, automake, libtool
+{ fetchurl, stdenv, autoconf, automake, libtool, autoreconfHook
 , openssl, libcap, libnfnetlink, libnetfilter_queue
 }:
 
-let
-  rev = "0e07772316061ad67b8770e7d98d5dd099c9c7c7";
-in
 stdenv.mkDerivation rec {
-  name = "tcpcrypt-2011.07.22";
+  name = "tcpcrypt-0.3-rc1";
 
   src = fetchurl {
-    url = "https://github.com/sorbo/tcpcrypt/archive/${rev}.tar.gz";
-    sha256 = "1f1f1iawlvipnccwh31fxnb8yam1fgh36m0qcbc29qk1ggwrfnkk";
+    url = "https://github.com/scslab/tcpcrypt/archive/v0.3-rc1.tar.gz";
+    sha256 = "1k79xfip95kyy91b6rnmsgl66g52zrnm92ln4jms133nm2k9s4sa";
     name = "${name}.tar.gz";
   };
 
   dontStrip = true;
 
-  buildInputs = [ autoconf automake libtool openssl libcap libnfnetlink libnetfilter_queue ];
+  buildInputs = [ autoreconfHook autoconf automake libtool openssl libcap libnfnetlink libnetfilter_queue ];
 
-  patches = [ ./0001-Run-tcpcryptd-under-uid-93-instead-of-666.patch ];
-
-  preConfigure = "cd user; autoreconf -i";
+  postUnpack = ''
+    mkdir $sourceRoot/m4
+  '';
 
   meta = {
     homepage = "http://tcpcrypt.org/";