From 6104fba188a084c3f7230ec39da43146d4203786 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Sun, 31 Mar 2019 23:13:44 +0200 Subject: [PATCH 1/2] browserpass: 2.0.22 -> 3.0.1 See https://github.com/browserpass/browserpass-native/issues/31 This is fully backwards compatible. --- pkgs/tools/security/browserpass/2.nix | 43 +++++++++++ pkgs/tools/security/browserpass/2deps.nix | 39 ++++++++++ pkgs/tools/security/browserpass/default.nix | 80 +++++++++++++------- pkgs/tools/security/browserpass/deps.nix | 84 +++++++++++++++++---- 4 files changed, 202 insertions(+), 44 deletions(-) create mode 100644 pkgs/tools/security/browserpass/2.nix create mode 100644 pkgs/tools/security/browserpass/2deps.nix diff --git a/pkgs/tools/security/browserpass/2.nix b/pkgs/tools/security/browserpass/2.nix new file mode 100644 index 00000000000000..fdbd757449a68d --- /dev/null +++ b/pkgs/tools/security/browserpass/2.nix @@ -0,0 +1,43 @@ +# This file was generated by https://github.com/kamilchm/go2nix v1.2.1 +{ stdenv, buildGoPackage, fetchFromGitHub, gnupg }: + +buildGoPackage rec { + name = "browserpass-${version}"; + version = "2.0.22"; + + goPackagePath = "github.com/dannyvankooten/browserpass"; + + goDeps = ./2deps.nix; + + src = fetchFromGitHub { + repo = "browserpass"; + owner = "dannyvankooten"; + rev = version; + sha256 = "05cacrx08k99c5zra7ksdik9xxn3vih3x6in7536zs5gm55mkbfx"; + }; + + postPatch = '' + substituteInPlace browserpass.go \ + --replace /usr/local/bin/gpg ${gnupg}/bin/gpg + ''; + + postInstall = '' + host_file="$bin/bin/browserpass" + mkdir -p "$bin/etc" + + sed -e "s!%%replace%%!$host_file!" go/src/${goPackagePath}/chrome/host.json > chrome-host.json + sed -e "s!%%replace%%!$host_file!" go/src/${goPackagePath}/firefox/host.json > firefox-host.json + + install chrome-host.json $bin/etc/ + install -D firefox-host.json $bin/lib/mozilla/native-messaging-hosts/com.dannyvankooten.browserpass.json + install go/src/${goPackagePath}/chrome/policy.json $bin/etc/chrome-policy.json + ''; + + meta = with stdenv.lib; { + description = "A Chrome & Firefox extension for zx2c4's pass"; + homepage = https://github.com/dannyvankooten/browserpass; + license = licenses.mit; + platforms = with platforms; linux ++ darwin ++ openbsd; + maintainers = with maintainers; [ rvolosatovs ]; + }; +} diff --git a/pkgs/tools/security/browserpass/2deps.nix b/pkgs/tools/security/browserpass/2deps.nix new file mode 100644 index 00000000000000..631463a69d110c --- /dev/null +++ b/pkgs/tools/security/browserpass/2deps.nix @@ -0,0 +1,39 @@ +# This file was generated by https://github.com/kamilchm/go2nix v1.2.1 +[ + { + goPackagePath = "github.com/gokyle/twofactor"; + fetch = { + type = "git"; + url = "https://github.com/gokyle/twofactor"; + rev = "eaad1884d40f9cabff98a57a524c17afd00c9fe7"; + sha256 = "07kvga6f2b56kpy52a3xk16garvlqz950s350dax97x7cayba95g"; + }; + } + { + goPackagePath = "github.com/mattn/go-zglob"; + fetch = { + type = "git"; + url = "https://github.com/mattn/go-zglob"; + rev = "4959821b481786922ac53e7ef25c61ae19fb7c36"; + sha256 = "0rwkdw143kphpmingsrw1zp030zf3p08f64h347jpdm4lz8z5449"; + }; + } + { + goPackagePath = "github.com/sahilm/fuzzy"; + fetch = { + type = "git"; + url = "https://github.com/sahilm/fuzzy"; + rev = "a154b19bb758dcdd6ede58dc11ea53c2950527b2"; + sha256 = "0jkw6474d5ik2fq2zznqxj4y3p42z47r7mbg856ln5wyara2sg0l"; + }; + } + { + goPackagePath = "rsc.io/qr"; + fetch = { + type = "git"; + url = "https://github.com/rsc/qr"; + rev = "48b2ede4844e13f1a2b7ce4d2529c9af7e359fc5"; + sha256 = "1npxy32glnkvsp0871972jzjzgkwaqmbv6jsj9wgqsa1s2jr004p"; + }; + } +] diff --git a/pkgs/tools/security/browserpass/default.nix b/pkgs/tools/security/browserpass/default.nix index dd797fb9348f4a..c1c9e679f22cd6 100644 --- a/pkgs/tools/security/browserpass/default.nix +++ b/pkgs/tools/security/browserpass/default.nix @@ -1,43 +1,65 @@ -# This file was generated by https://github.com/kamilchm/go2nix v1.2.1 -{ stdenv, buildGoPackage, fetchFromGitHub, gnupg }: - -buildGoPackage rec { - name = "browserpass-${version}"; - version = "2.0.22"; - - goPackagePath = "github.com/dannyvankooten/browserpass"; - - goDeps = ./deps.nix; +{ lib, callPackage, buildGoPackage, fetchFromGitHub, makeWrapper, gnupg }: +let + # For backwards compatibility with v2 of the browser extension, we embed v2 + # of the native host in v3. Because the extension will auto-update when it + # is released, this code can be removed from that point on. + # Don't forget to remove v2 references down below and the v2 files in this + # folder + v2 = callPackage ./2.nix {}; +in buildGoPackage rec { + pname = "browserpass"; + version = "3.0.1"; src = fetchFromGitHub { - repo = "browserpass"; - owner = "dannyvankooten"; + owner = "browserpass"; + repo = "browserpass-native"; rev = version; - sha256 = "05cacrx08k99c5zra7ksdik9xxn3vih3x6in7536zs5gm55mkbfx"; + sha256 = "1i3xxysiiapz9y2v0gp13inx7j0d7n0khpmcsy9k95pzn53526dx"; }; + nativeBuildInputs = [ makeWrapper ]; + + goPackagePath = "github.com/browserpass/browserpass-native"; + goDeps = ./deps.nix; + postPatch = '' - substituteInPlace browserpass.go \ - --replace /usr/local/bin/gpg ${gnupg}/bin/gpg + # Because this Makefile will be installed to be used by the user, patch + # variables to be valid by default + substituteInPlace Makefile \ + --replace "PREFIX ?= /usr" "" ''; - postInstall = '' - host_file="$bin/bin/browserpass" - mkdir -p "$bin/etc" + DESTDIR = placeholder "bin"; + + postConfigure = '' + cd "go/src/$goPackagePath" + make configure + ''; + + buildPhase = '' + make + ''; + + installPhase = '' + make install + + wrapProgram $bin/bin/browserpass \ + --suffix PATH : ${lib.makeBinPath [ gnupg ]} - sed -e "s!%%replace%%!$host_file!" go/src/${goPackagePath}/chrome/host.json > chrome-host.json - sed -e "s!%%replace%%!$host_file!" go/src/${goPackagePath}/firefox/host.json > firefox-host.json + # This path is used by our firefox wrapper for finding native messaging hosts + mkdir -p $bin/lib/mozilla/native-messaging-hosts + ln -s $bin/lib/browserpass/hosts/firefox/*.json $bin/lib/mozilla/native-messaging-hosts - install chrome-host.json $bin/etc/ - install -D firefox-host.json $bin/lib/mozilla/native-messaging-hosts/com.dannyvankooten.browserpass.json - install go/src/${goPackagePath}/chrome/policy.json $bin/etc/chrome-policy.json + # These can be removed too, see comment up top + ln -s ${lib.getBin v2}/etc $bin/etc + ln -s ${lib.getBin v2}/lib/mozilla/native-messaging-hosts/* $bin/lib/mozilla/native-messaging-hosts ''; - meta = with stdenv.lib; { - description = "A Chrome & Firefox extension for zx2c4's pass"; - homepage = https://github.com/dannyvankooten/browserpass; - license = licenses.mit; - platforms = with platforms; linux ++ darwin ++ openbsd; - maintainers = with maintainers; [ rvolosatovs ]; + meta = with lib; { + description = "Browserpass native client app"; + homepage = https://github.com/browserpass/browserpass-native; + license = licenses.isc; + platforms = platforms.all; + maintainers = with maintainers; [ rvolosatovs infinisil ]; }; } diff --git a/pkgs/tools/security/browserpass/deps.nix b/pkgs/tools/security/browserpass/deps.nix index 631463a69d110c..334a189ad404a9 100644 --- a/pkgs/tools/security/browserpass/deps.nix +++ b/pkgs/tools/security/browserpass/deps.nix @@ -1,12 +1,21 @@ -# This file was generated by https://github.com/kamilchm/go2nix v1.2.1 +# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix) [ { - goPackagePath = "github.com/gokyle/twofactor"; + goPackagePath = "github.com/davecgh/go-spew"; fetch = { type = "git"; - url = "https://github.com/gokyle/twofactor"; - rev = "eaad1884d40f9cabff98a57a524c17afd00c9fe7"; - sha256 = "07kvga6f2b56kpy52a3xk16garvlqz950s350dax97x7cayba95g"; + url = "https://github.com/davecgh/go-spew"; + rev = "v1.1.1"; + sha256 = "0hka6hmyvp701adzag2g26cxdj47g21x6jz4sc6jjz1mn59d474y"; + }; + } + { + goPackagePath = "github.com/konsorten/go-windows-terminal-sequences"; + fetch = { + type = "git"; + url = "https://github.com/konsorten/go-windows-terminal-sequences"; + rev = "v1.0.2"; + sha256 = "09mn209ika7ciy87xf2x31dq5fnqw39jidgaljvmqxwk7ff1hnx7"; }; } { @@ -14,26 +23,71 @@ fetch = { type = "git"; url = "https://github.com/mattn/go-zglob"; - rev = "4959821b481786922ac53e7ef25c61ae19fb7c36"; - sha256 = "0rwkdw143kphpmingsrw1zp030zf3p08f64h347jpdm4lz8z5449"; + rev = "v0.0.1"; + sha256 = "1sncdyq5fbd42al4amyy91h7vlzm3wm6c9vl8za2pjgfgsd581fz"; + }; + } + { + goPackagePath = "github.com/pmezard/go-difflib"; + fetch = { + type = "git"; + url = "https://github.com/pmezard/go-difflib"; + rev = "v1.0.0"; + sha256 = "0c1cn55m4rypmscgf0rrb88pn58j3ysvc2d0432dp3c6fqg6cnzw"; + }; + } + { + goPackagePath = "github.com/rifflock/lfshook"; + fetch = { + type = "git"; + url = "https://github.com/rifflock/lfshook"; + rev = "b9218ef580f5"; + sha256 = "0wxqjcjfg8c0klmdgmbw3ckagby3wg9rkga9ihd4fsf05x5scxrc"; + }; + } + { + goPackagePath = "github.com/sirupsen/logrus"; + fetch = { + type = "git"; + url = "https://github.com/sirupsen/logrus"; + rev = "v1.4.0"; + sha256 = "1y1qjcg19z7q9sy32rhc148kdql2aw7xkcm9d6r1blrl0mdgpx0w"; + }; + } + { + goPackagePath = "github.com/stretchr/objx"; + fetch = { + type = "git"; + url = "https://github.com/stretchr/objx"; + rev = "v0.1.1"; + sha256 = "0iph0qmpyqg4kwv8jsx6a56a7hhqq8swrazv40ycxk9rzr0s8yls"; + }; + } + { + goPackagePath = "github.com/stretchr/testify"; + fetch = { + type = "git"; + url = "https://github.com/stretchr/testify"; + rev = "v1.3.0"; + sha256 = "0wjchp2c8xbgcbbq32w3kvblk6q6yn533g78nxl6iskq6y95lxsy"; }; } { - goPackagePath = "github.com/sahilm/fuzzy"; + goPackagePath = "golang.org/x/crypto"; fetch = { type = "git"; - url = "https://github.com/sahilm/fuzzy"; - rev = "a154b19bb758dcdd6ede58dc11ea53c2950527b2"; - sha256 = "0jkw6474d5ik2fq2zznqxj4y3p42z47r7mbg856ln5wyara2sg0l"; + url = "https://go.googlesource.com/crypto"; + rev = "c2843e01d9a2"; + sha256 = "01xgxbj5r79nmisdvpq48zfy8pzaaj90bn6ngd4nf33j9ar1dp8r"; }; } { - goPackagePath = "rsc.io/qr"; + goPackagePath = "golang.org/x/sys"; fetch = { type = "git"; - url = "https://github.com/rsc/qr"; - rev = "48b2ede4844e13f1a2b7ce4d2529c9af7e359fc5"; - sha256 = "1npxy32glnkvsp0871972jzjzgkwaqmbv6jsj9wgqsa1s2jr004p"; + url = "https://go.googlesource.com/sys"; + rev = "fead79001313"; + sha256 = "12vwl6sv6w7q0dyvynjhbp67242rhh77d6nlsb22ajr8rf17c63i"; }; } ] From e98ee8d70c29de95682c10819ec46e2ee5eaabff Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Sun, 31 Mar 2019 23:12:07 +0200 Subject: [PATCH 2/2] nixos/browserpass: update for v3 See https://github.com/browserpass/browserpass-native/issues/31 Additionally browserpass was removed from systemPackages, because it doesn't need to be installed, browsers will get the path to the binary from the native messaging host JSON. --- nixos/modules/programs/browserpass.nix | 33 ++++++++++++++++++++------ 1 file changed, 26 insertions(+), 7 deletions(-) diff --git a/nixos/modules/programs/browserpass.nix b/nixos/modules/programs/browserpass.nix index 5f8a44a9848ece..47b9d1ccb1f698 100644 --- a/nixos/modules/programs/browserpass.nix +++ b/nixos/modules/programs/browserpass.nix @@ -4,15 +4,34 @@ with lib; { - ###### interface - options = { - programs.browserpass.enable = mkEnableOption "the NativeMessaging configuration for Chromium, Chrome, and Vivaldi."; - }; + options.programs.browserpass.enable = mkEnableOption "Browserpass native messaging host"; - ###### implementation config = mkIf config.programs.browserpass.enable { - environment.systemPackages = [ pkgs.browserpass ]; - environment.etc = { + environment.etc = let + appId = "com.github.browserpass.native.json"; + source = part: "${pkgs.browserpass}/lib/browserpass/${part}/${appId}"; + in { + # chromium + "chromium/native-messaging-hosts/${appId}".source = source "hosts/chromium"; + "chromium/policies/managed/${appId}".source = source "policies/chromium"; + + # chrome + "opt/chrome/native-messaging-hosts/${appId}".source = source "hosts/chromium"; + "opt/chrome/policies/managed/${appId}".source = source "policies/chromium"; + + # vivaldi + "opt/vivaldi/native-messaging-hosts/${appId}".source = source "hosts/chromium"; + "opt/vivaldi/policies/managed/${appId}".source = source "policies/chromium"; + + # brave + "opt/brave/native-messaging-hosts/${appId}".source = source "hosts/chromium"; + "opt/brave/policies/managed/${appId}".source = source "policies/chromium"; + } + # As with the v2 backwards compatibility in the pkgs.browserpass + # declaration, this part can be removed once the browser extension + # auto-updates to v3 (planned 2019-04-13, see + # https://github.com/browserpass/browserpass-native/issues/31) + // { "chromium/native-messaging-hosts/com.dannyvankooten.browserpass.json".source = "${pkgs.browserpass}/etc/chrome-host.json"; "chromium/policies/managed/com.dannyvankooten.browserpass.json".source = "${pkgs.browserpass}/etc/chrome-policy.json"; "opt/chrome/native-messaging-hosts/com.dannyvankooten.browserpass.json".source = "${pkgs.browserpass}/etc/chrome-host.json";