mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-11-16 06:47:09 +03:00
e834a7c05b
Bugfix release: - Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions.
46 lines
1.3 KiB
Nix
46 lines
1.3 KiB
Nix
{ stdenv, fetchurl, zlib, enableStatic ? false,
|
|
sftpPath ? "/var/run/current-system/sw/libexec/sftp-server" }:
|
|
|
|
stdenv.mkDerivation rec {
|
|
name = "dropbear-2016.72";
|
|
|
|
src = fetchurl {
|
|
url = "http://matt.ucc.asn.au/dropbear/releases/${name}.tar.bz2";
|
|
sha256 = "10fnlaf6rm537v3rml1gnd58d42plv2q5cp7svbrysap69npc8wk";
|
|
};
|
|
|
|
dontDisableStatic = enableStatic;
|
|
|
|
configureFlags = stdenv.lib.optional enableStatic "LDFLAGS=-static";
|
|
|
|
CFLAGS = "-DSFTPSERVER_PATH=\\\"${sftpPath}\\\"";
|
|
|
|
# http://www.gnu.org/software/make/manual/html_node/Libraries_002fSearch.html
|
|
preConfigure = ''
|
|
makeFlags=VPATH=`cat $NIX_CC/nix-support/orig-libc`/lib
|
|
'';
|
|
|
|
crossAttrs = {
|
|
# This works for uclibc, at least.
|
|
preConfigure = ''
|
|
makeFlags=VPATH=`cat ${stdenv.ccCross}/nix-support/orig-libc`/lib
|
|
'';
|
|
};
|
|
|
|
patches = [
|
|
# Allow sessions to inherit the PATH from the parent dropbear.
|
|
# Otherwise they only get the usual /bin:/usr/bin kind of PATH
|
|
./pass-path.patch
|
|
];
|
|
|
|
buildInputs = [ zlib ];
|
|
|
|
meta = with stdenv.lib; {
|
|
homepage = http://matt.ucc.asn.au/dropbear/dropbear.html;
|
|
description = "A small footprint implementation of the SSH 2 protocol";
|
|
license = licenses.mit;
|
|
maintainers = with maintainers; [ abbradar ];
|
|
platforms = platforms.unix;
|
|
};
|
|
}
|