New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Set of redwax modules (modular/federated PKI Tooling) #75620
Closed
Closed
Changes from 13 commits
Commits
Show all changes
532 commits
Select commit
Hold shift + click to select a range
18571d6
Merge pull request #75681 from lovesegfault/nixos-fix-nat
worldofpeace 6842813
aegisub: slight clean up
jtojnar 950230b
chromium: remove enableNaCl option
ivan 3d71db8
chromium: explain enable_widevine = true
ivan af006f9
chromium: fix enableWideVine for v79 which needs the manifest.json in…
ivan abe3475
treewide: remove bash snippets in flags
worldofpeace be13df6
Merge pull request #75465 from worldofpeace/gnome-args
worldofpeace 1d8ef85
aesop: fix build
worldofpeace 171ceb3
beets.externalPlugins.check: init at 0.12.0
lovesegfault 8047512
Merge pull request #75136 from lovesegfault/beets-check
worldofpeace 788148f
ocaml-top: 1.1.5 → 1.2.0-rc
vbgl 2b298a3
quake3e: 2019-09-09 -> 2019-11-29 (#75511)
ed5c044
ocamlPackages.lua-ml: init at 0.9
vbgl 608c65b
subfinder: 2.2.2 -> 2.2.4
Br1ght0ne 1f7ee3e
python3Packages.ipython: 7.8.0 -> 7.10.1
jonringer 221dc9f
Fixing whitespace of (just the) redwax packages.
dirkx 86ed15d
Merge pull request #75678 from marsam/fix-vdirsyncer-darwin
gebner 1915711
mutt: 1.13.0 -> 1.13.1
matthiasbeyer 2387dee
postgresql-backup: Use saner defaults for pg_dump
kampka 6e71ffb
tio: expand platforms to "unix" to include darwin
thefloweringash b29e358
chromium: add thefloweringash (myself) as maintainer
thefloweringash 3772d04
xplanet: 1.3.0 -> 1.3.1
Lassulus 2a1a4ca
Merge pull request #75388 from Lassulus/xplanet
c0bw3b 0380ed2
Merge pull request #75657 from flokli/gtkwave-gtk3
flokli 74877f8
Merge pull request #75690 from thefloweringash/tio-platforms
marsam ad3c49d
Merge pull request #75686 from matthiasbeyer/update-mutt
marsam 6e87213
spamassassin: enable IPv6 support with Socket6
plutotulp c20cd71
Merge master into staging-next
FRidh 3ccb0be
kdeFrameworks.kcalendarcore: init
nyanloutre 2abd0a5
treewide: replace kcalcore dependencies with kcalendarcore
nyanloutre 7eaaf72
Merge pull request #75679 from marsam/fix-loki-darwin
WilliButz 08eaac6
Merge pull request #75452 from NixOS/staging-next
FRidh 9696d79
Merge pull request #75691 from thefloweringash/chromium-maintainer
roberth d206f23
nixos containers: disable NixOS manual in container config. (#75659)
danbst 5425557
tectonic: 0.1.11 -> 0.1.12 (#75396)
malbarbo 69b1b0c
nixosTests.systemd-timesyncd: Port tests to python
kampka aeeabe0
nixosTests.switch-test: Port tests to python
kampka bcf6aa5
nixosTests.sonarr: Port tests to python
kampka 2978ca2
aircrack-ng: fixed missing dependency for airmon-ng
scaredmushroom e1e3df4
allowInsecureDefaultPredicate: fix to use getName
risicle e96802c
nixosTests.quagga: Port tests to python
kampka d029e28
nixosTests.postgis: Port tests to python
kampka 1bf1ec3
nixosTests.php-pcre: Port tests to python
kampka a20683a
nixosTests.pgmanage: Port tests to python
kampka d58814a
nixosTests.peerflix: Port tests to python
kampka d76ab64
nixosTests.pdns-recursor: Port tests not python
kampka 229a0af
nixosTests.paperless: Port tests to python
kampka cd39434
dovecot: 2.3.8 -> 2.3.9.2
andir e1699e3
thunderbird-bin: 68.2.2 -> 68.3.0
andir eb2d272
Merge pull request #75671 from clayrat/tparsec-update
marsam aa4a1b0
Merge pull request #75516 from ivan/chromium-79.0.3945.79
grahamc 5d3607b
spamassassin: 3.4.2 -> 3.4.3
andir 38294e3
gpxlab: init at 0.7.0
sikmir 22a8e0e
Merge pull request #75398 from r-ryantm/auto-update/tpm2-tools
marsam 6b3720b
Merge pull request #75675 from marsam/update-git-gone
marsam 64e2791
ansible_2_7: 2.7.11 -> 2.7.15
andir 71cde97
ansible_2_8: 2.8.4 -> 2.8.7
andir b21b929
ansible_2_6: 2.6.17 -> 2.6.20
andir 80af1ff
Merge pull request #75368 from r-ryantm/auto-update/python3.8-sasmodels
marsam 169fb13
Merge pull request #75331 from r-ryantm/auto-update/python3.8-mysqlcl…
marsam c8c30fa
Merge pull request #75692 from kampka/postgresql-backup-default
danbst 52e9024
pango: fix build on darwin
marsam 4b1c34c
gtk-server: 2.3.1 -> 2.4.5
jonringer 4a73fbc
wire-desktop: fix desktop icon
Kiwi ce549dd
Merge pull request #75682 from Kiwi/wire-desktop-icon
worldofpeace bbee883
Merge pull request #75704 from andir/dovecot
fpletz fda130a
Merge pull request #75474 from chkno/xsecurelock-no-longer-needs-xset…
fpletz ded56b2
Merge pull request #75234 from filalex77/subfinder-2.2.2
fpletz d7125bf
xmr-stak: 2.10.7 -> 2.10.8
r-ryantm 0f783bc
Merge pull request #75193 from Ma27/optional-networkd-gateway
fpletz f23627c
advancecomp: fix CVE-2019-9210
andir 5073aab
xilinx-bootgen: init at unstable-2019-10-23
flokli d62b991
errbot: 5.2.0 -> 6.1.1
jonringer b973f7b
Merge pull request #67781 from jonringer/bump-errbot
fpletz f98af3b
Merge pull request #75708 from andir/thunderbird-bin
fpletz 05c6009
Merge pull request #75715 from andir/ansible
fpletz 5f21b4b
Merge pull request #75723 from andir/advancecomp
7c6f434c 39b20f0
Merge pull request #75722 from flokli/xilinx-bootgen
flokli debca54
dolt: init at 0.12.0 (#75693)
danbst 7eee92e
Merge pull request #75694 from plutotulp/spamassassin-ipv6-master
fpletz a991de4
Merge pull request #75698 from scaredmushroom/aircrack-ng_master
fpletz 51eff7a
python3packages.arrayqueues: init at 1.2.0b0
tbenst f82997f
python3packages.colorspacious: init at 1.1.2
tbenst a7166ae
python3packages.flammkuchen: init at 0.9.1
tbenst 70d788c
python3packages.lightparam: init at 0.3.7
tbenst af59611
python3packages.qimage2ndarray: init at 1.8
tbenst 60829ec
python3packages.stytra: init at 0.8.26
tbenst dfc9845
texlive: provide a working pygmentex executable
veprbl 95b0bc0
herwig: 7.1.6 -> 7.2.0
veprbl 0d3570c
elogind: 241.3 -> 241.4
nh2 5ec40c8
Merge pull request #75677 from nh2/glog-patch-for-musl
nh2 a1c8ec7
amazon-ecs-cli: enable on darwin
70d014e
pythonPackages.etelemetry: init at 0.1.2
jonringer a5097e9
python3Packages.nipype: fix build, add missing dependencies
jonringer 739d9f4
Merge pull request #75737 from nh2/elogind-241.4
nh2 303c944
Merge pull request #75588 from gege251/darwin-amazon-ecs-cli
marsam 0431f59
pythonPackages.pdfminer: 20181108 -> 20191020
marsam 5f4f2a7
pythonPackages.pdfminer: add marsam to maintainers
marsam 6746087
pikepdf: 1.8.0 -> 1.8.1
marsam 1581bc6
tqdm: 4.36.1 -> 4.40.2
marsam 01956b5
ocrmypdf: 9.0.3 -> 9.2.0
marsam 7aba727
conmon: v2.0.7 -> v2.0.8
saschagrunert 16bca78
cri-tools: 1.16.1 -> v1.17.0
saschagrunert 56622fa
lorri: add git to daemon path
curiousleo 0dfc60a
Merge pull request #75710 from andir/spamassassin
andir cc92da0
Merge pull request #75720 from sikmir/gpxlab
markuskowa 83c5184
Merge pull request #75734 from veprbl/pr/herwig_7_2_0
veprbl 51d28dc
Merge pull request #75727 from marsam/fix-pango-darwin
marsam 61ba5db
Merge pull request #75751 from saschagrunert/conmon
marsam 7139b12
gcc7: 7.4.0 -> 7.5.0
vcunat 435b929
gebaar-libinput: init at 0.0.5
lovesegfault 229b2b5
python3Packages.streamz: disable kafka tests
jonringer c2be9fe
Merge pull request #74896 from lovesegfault/geebar-libinput
marsam 23d164e
nixosTests.wireguard.namespaces: Port test to python
kampka 1f2030f
nixosTests.mailcatcher: Port tests to python
kampka 40ed689
nixosTests.lidarr: Port tests to python
kampka 0de0b6a
nixosTests.leaps: Port tests to python
kampka 9fbb427
nixosTests.haproxy: Port tests to python
kampka a6ac3fd
nixosTests.initrd-network: Port tests to python
kampka 03987ea
cargo-license: 0.2.0 -> 0.3.0
Ma27 836e0db
cargo-tree: 0.26.0 -> 0.27.0
Ma27 03aa4ac
coredns: 1.3.1 -> 1.6.6
Br1ght0ne 75f8327
cargo-geiger: 0.7.3 -> 0.9.0
Ma27 785af8a
insomnia: 7.0.3 -> 7.0.5
Br1ght0ne ea324b3
Merge pull request #75752 from saschagrunert/cri-tools
markuskowa a506532
buildSkawarePackage: pass through extra args
alyssais fd762d1
Merge pull request #75753 from curiousleo/patch-1
grahamc 8636580
kakoune: 2019.07.01 -> 2019.12.10
Luflosi 7591046
Merge pull request #75616 from romildo/upd.mate
romildo cbffa52
sierra-gtk-theme: 2019-05-07 -> 2019-12-16
romildo 90cd659
sonata: fix runtime error
eonpatapon ac9d0cb
pythonPackages.weboob: add futures dependency
jonringer 47ceb13
python3Packages.odo: disable due to dask incompatibility
jonringer a8cfa9b
Merge pull request #75542 from aca-labs/ameba
marsam ea0b237
whipper: 0.9.0 -> 0.9.1.dev7+g9e95f06
emilazy 09c0b6a
zoom-us: 3.5.330166.1202 -> 3.5.336627.1216
NeQuissimus 2318f7f
hydroxide: init at 0.2.11
Br1ght0ne 821ff38
linux-testing: 5.5-rc1 -> 5.5-rc2
NeQuissimus 80a823e
linux/update.sh: update linux-libre too
alyssais 2d3e408
linux-libre: set update-libre.sh as update script
alyssais 987a59e
linux-libre_latest: 16794 -> 17112
alyssais 2b84260
Merge pull request #75758 from filalex77/insomnia-7.0.5
marsam d770ae1
linux-libre.updateScript: fix attr in commit msg
alyssais aea972a
python3Packages.mesa: 0.8.6 -> unstable-2019-12-09
jonringer bccadf3
Update existing pluging
softinio 9ec0c1b
Add smartpairs vim plugin
softinio 7ff19f9
Add gen_tags vim plugin
softinio f48fb5c
Add vim-slash vim plugin
softinio ce2adeb
Add split-term vim plugin
softinio 93a51b8
croc: 6.4.6 -> 6.4.7
equirosa e1c6965
cargo-raze: 0.2.8 -> 0.2.10
Ma27 f6d75f5
dockerTools.buildLayeredImage: tweak formatting on contentsEnv
grahamc aec80dd
dockerTools.buildLayeredImage: pass a list of closures to mkManyPureL…
grahamc 7af84af
R: 3.6.1 -> 3.6.2
jabranham b9a558a
R: Update CRAN and bioconductor packages
jabranham 700f4c5
dockerTools.buildLayeredImage: prepare to exclude some paths
grahamc 12e2416
dockerTools.buildLayeredImage: Exclude top level implementation detai…
grahamc 7745274
docker examples: Drop unneeded contents list
grahamc 9c02760
dockerTools.buildLayeredImage: update maxlayers from 24 to 100 to mat…
grahamc 310a028
dockerTools: the API has basically never changed
grahamc 7891f3d
Merge pull request #75730 from veprbl/pr/texlive_bin_pygmentex
veprbl c318634
Merge pull request #75778 from grahamc/dockertools/example-drop-unnee…
grahamc 2c4dff6
Merge pull request #75780 from grahamc/dockertools/mark-api-stable
grahamc 75b8f38
Merge pull request #75779 from grahamc/dockertools/fixup-max-layers
grahamc 9af73d9
pick-colour-picker: init at unstable-2019-10-11
mkg20001 3ad650a
rasm: init at 0.116
bignaux 6f942e7
cups-dymo: fix build
puckipedia c68dad1
python3Packages.aiokafka: init at 0.5.2
costrouc b443abf
python3Packages.starfish: disable due to incompatible dependencies
jonringer 00c3761
ecl: fix build with libffi 3.3
timokau 21770f8
python3Packages.aiorun: init at 2019.11.1
costrouc db59e94
Merge pull request #75801 from timokau/ecl-libffi-abi
timokau ab9bdca
cocoapods-beta: 1.8.4 -> 1.9.0.beta.1
c3f09c3
strelka: fix broken build
jbedo 62e680c
ruby-modules: parse build_flags correctly:
burke 56a206e
gauche: 0.9.8 -> 0.9.9
marsam 9b372dc
pythonPackages.casbin: init at 0.8.3
costrouc ef3756f
Revert "python: gym: 0.15.3 -> 0.15.4"
jonringer 535eba7
Merge pull request #75806 from lilyball/cocoapods-beta
marsam 4419653
Merge pull request #75775 from equirosa/croc
marsam df10128
Merge pull request #75756 from filalex77/coredns-1.6.6
marsam f95f587
Merge pull request #75768 from filalex77/hydroxide-0.2.11
marsam 26eecab
Merge pull request #75404 from filalex77/fusuma-1.3.0
marsam c1ec8ba
Merge pull request #75809 from marsam/update-gauche
marsam 5e5ce79
Merge pull request #75807 from jbedo/strelka
marsam 586df03
remmina: 1.3.4 -> 1.3.7
worldofpeace b343447
Merge pull request #75377 from pacien/riot-v1.5.6
worldofpeace 77d0815
Merge pull request #75123 from chkno/workspace-grid-is-now-workspace-…
worldofpeace 6ea98c1
Merge pull request #75555 from worldofpeace/libgpod-python2-byehun
worldofpeace 67d1525
pantheon.granite: 5.2.5 -> 5.3.0
worldofpeace f061413
Merge pull request #74722 from gnidorah/mame
Lassulus 563eea4
nixosTests.hadoop.hdfs: Port tests to python
kampka 5cb7b2c
nixosTests.hadoop.yarn: Port tests to python
kampka 05587ab
nixosTests.hitch: Port tests to python
kampka 6eff44f
Merge pull request #75578 from WilliButz/oxidized-pidfile
lheckemann 18b2ad6
Merge pull request #75402 from r-ryantm/auto-update/usb-modeswitch
marsam 52a6991
Merge pull request #75403 from r-ryantm/auto-update/usb-modeswitch-data
marsam d6cf138
Merge pull request #75390 from eraserhd/dogfood
marsam 0753690
Merge pull request #75391 from bcdarwin/update-libminc
marsam a5e98ed
Merge pull request #75379 from r-ryantm/auto-update/randomX
marsam 352f030
Merge pull request #75385 from pacien/gscan2pdf-v2.6.2
marsam e726201
Merge pull request #52352 from hyperfekt/init_crosvm
7c6f434c 26df2f4
Merge pull request #74862 from alyssais/fetchgittiles
7c6f434c a5dd19d
sundials: replace liblapack by openblas
smaret 7e92939
slack: add xdg_utils to the PATH
grahamc 401e101
Merge pull request #75519 from WilliButz/update-wt
WilliButz bc3fade
python3Packages.jaraco_text: 3.1 -> 3.2.0
jonringer a90d3d9
Merge pull request #75621 from gabibbo97/helm-completion
matthewbauer 2afbe7d
Merge pull request #75788 from puckipedia/cups-dymo-fix
matthewbauer b39bc29
Merge pull request #74860 from alyssais/minijail
matthewbauer 64453c8
Merge pull request #75781 from grahamc/dockertools/remove-implementat…
grahamc 529cd90
Merge pull request #75825 from grahamc/slack
grahamc a3b15e5
Merge pull request #75702 from risicle/ris-allow-insecure-predicate-n…
matthewbauer a77524e
dovecot_pigeonhole: 0.5.8 -> 0.5.9
8d5f5e7
signal-desktop: 1.29.0 -> 1.29.1
primeos 705cc53
fsv: fix build with gettext 0.20
rnhmjoj 8748967
kpat: init at 19.12.0
rnhmjoj 28a057a
bedtools: 2.29.1 -> 2.29.2
jbedo 5b08ec4
Merge pull request #75845 from rnhmjoj/fsv
veprbl 5d01945
Merge pull request #75839 from petabyteboy/feature/dovecot-pigeonhole
fpletz 2b3026f
maintainers: adding pashashocky
pashashocky 8211687
sentencepiece: init at 0.1.84
pashashocky 0b68e44
pythonPackages.sentencepiece: init at 0.1.84
pashashocky 16d9c2a
sacremoses: init at 0.0.35
pashashocky dae6544
transformers: init at 2.2.1
pashashocky 797b706
barrier: add openssl runtime dependency (#75490)
f7b6824
Merge pull request #75795 from kampka/port-tests-4
nh2 fc47ec6
Merge pull request #75695 from kampka/port-tests
veprbl 9faa37c
Merge pull request #75701 from kampka/port-tests-2
veprbl 2597ef6
Merge pull request #75764 from romildo/upd.sierra-gtk-theme
c0bw3b 2e3d505
Merge pull request #75848 from jbedo/bedtools
lsix c551f2d
Merge pull request #75846 from rnhmjoj/kpatience
7c6f434c 96d73ed
release: remove metrics from unstable channel (temporarily)
vcunat cad12ae
gubbi-font: init at 1.3
ehmry c8c7398
Merge pull request #75823 from smaret/sundials-openblas
flokli 05aa59a
franz: fix `Exec` substitution in `franz.desktop`
davidtwco d942688
remmina: 1.3.4 -> 1.3.7 (#75811)
gebner 4cccc3c
androidStudioPackages.beta: 3.6.0.17 -> 3.6.0.18
primeos 38e3b0e
linux: 4.14.158 -> 4.14.159
NeQuissimus 819a164
linux: 4.19.89 -> 4.19.90
NeQuissimus 0ea28ae
linux: 5.3.16 -> 5.3.18
NeQuissimus ae163fb
linux: 5.4.3 -> 5.4.5
NeQuissimus a80cdb8
linux_latest-libre: 17112 -> 17117
NeQuissimus 52ed475
oh-my-zsh: 2019-12-07 -> 2019-12-18
NeQuissimus aed6f88
gleam: init at 0.5.0
Br1ght0ne 0c3cfd5
python3Packages.mypy: 0.740 -> 0.750
jonringer 503ca8f
python3Packages.ics: fix build
jonringer fb1bc1b
Merge pull request #75761 from ehmry/gubbi
c0bw3b 896e3df
Merge github.com:dirkx/nixpkgs
dirkx 818f63b
Also fix the second out for the @jtojnar advised placeholder contruct.
dirkx File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
{ stdenv, fetchurl, pkgconfig, apacheHttpd, openssl, openldap }: | ||
|
||
stdenv.mkDerivation rec { | ||
pname = "mod_ca"; | ||
version = "0.2.1"; | ||
|
||
src = fetchurl { | ||
url = "https://redwax.eu/dist/rs/${pname}-${version}.tar.gz"; | ||
sha256 = "1pxapjrzdsk2s25vhgvf56fkakdqcbn9hjncwmqh0asl1pa25iic"; | ||
}; | ||
|
||
nativeBuildInputs = [ pkgconfig ]; | ||
buildInputs = [ apacheHttpd openssl openldap ]; | ||
|
||
# Note that configureFlags and installFlags are inherited by | ||
# the various submodules. | ||
# | ||
configureFlags = [ | ||
"--with-apxs=${apacheHttpd.dev}/bin/apxs" | ||
]; | ||
|
||
installFlags = [ | ||
"INCLUDEDIR=${placeholder ''out''}/include" | ||
"LIBEXECDIR=$(out)/modules" | ||
]; | ||
|
||
meta = with stdenv.lib; { | ||
description = "RedWax CA service module"; | ||
|
||
homepage = "https://redwax.eu"; | ||
license = licenses.asl20; | ||
platforms = platforms.unix; | ||
maintainers = with maintainers; [ dirkx ]; | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
{ stdenv, fetchurl, pkgconfig, mod_ca, apr, aprutil }: | ||
|
||
stdenv.mkDerivation rec { | ||
pname = "mod_crl"; | ||
version = "0.2.1"; | ||
|
||
src = fetchurl { | ||
url = "https://redwax.eu/dist/rs/${pname}-${version}.tar.gz"; | ||
sha256 = "0k6iqn5a4bqdz3yx6d53f1r75c21jnwhxmmcq071zq0361xjzzj6"; | ||
}; | ||
|
||
nativeBuildInputs = [ pkgconfig ]; | ||
buildInputs = [ mod_ca apr aprutil ]; | ||
inherit (mod_ca) configureFlags installFlags; | ||
|
||
meta = with stdenv.lib; { | ||
description = "RedWax module for Certificate Revocation Lists"; | ||
|
||
homepage = "https://redwax.eu"; | ||
license = licenses.asl20; | ||
platforms = platforms.unix; | ||
maintainers = with maintainers; [ dirkx ]; | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
{ stdenv, fetchurl, pkgconfig, mod_ca, apr, aprutil }: | ||
|
||
stdenv.mkDerivation rec { | ||
pname = "mod_csr"; | ||
version = "0.2.1"; | ||
|
||
src = fetchurl { | ||
url = "https://redwax.eu/dist/rs/${pname}-${version}.tar.gz"; | ||
sha256 = "01sdvv07kchdd6ssrmd2cbhj50qh2ibp5g5h6jy1jqbzp0b3j9ja"; | ||
}; | ||
|
||
nativeBuildInputs = [ pkgconfig ]; | ||
buildInputs = [ mod_ca apr aprutil ]; | ||
inherit (mod_ca) configureFlags installFlags; | ||
|
||
# After openssl-1.0.2t, starting in openssl-1.1.0l | ||
# parts of the OpenSSL struct API was replaced by | ||
# getters - but some setters where forgotten. | ||
# | ||
# It is expected that these are back/retrofitted in version | ||
# openssl-1.1.1d -- but while fixing this it was found | ||
# that there were quite a few other setters missing and | ||
# that some of the memory management needed was at odds | ||
# with the principles used sofar. | ||
# | ||
# See https://github.com/openssl/openssl/pull/10563 | ||
# | ||
# So as a stopgap - use a minimalist compat. layer | ||
# https://source.redwax.eu/projects/RS/repos/mod_csr/browse/openssl_setter_compat.h | ||
# | ||
preBuild = "cp ${./openssl_setter_compat.h} openssl_setter_compat.h"; | ||
|
||
meta = with stdenv.lib; { | ||
description = "RedWax CA service module to handle Certificate Signing Requests"; | ||
|
||
homepage = "https://redwax.eu"; | ||
license = licenses.asl20; | ||
platforms = platforms.unix; | ||
maintainers = with maintainers; [ dirkx ]; | ||
}; | ||
} |
66 changes: 66 additions & 0 deletions
66
pkgs/servers/http/apache-modules/mod_csr/openssl_setter_compat.h
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
/* Licensed to Stichting The Commons Conservancy (TCC) under one or more | ||
* contributor license agreements. See the AUTHORS file distributed with | ||
* this work for additional information regarding copyright ownership. | ||
* TCC licenses this file to You under the Apache License, Version 2.0 | ||
* (the "License"); you may not use this file except in compliance with | ||
* the License. You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
// These routines are copies from OpenSSL/1.1.1 its x509/x509_req.c | ||
// and the private header files for that. They are needed as | ||
// starting with OpenSSL 1.1.0 the X509_req structure became | ||
// private; and got some get0 functions to access its internals. | ||
// But no getter's until post 1.1.1 (PR#10563). So this is a | ||
// stopgap for these lacking releases. | ||
// | ||
// Testest against: | ||
// openssl-1.0.2t 0x01000214fL (does not need it, privates still accessile) | ||
// openssl-1.1.0l 0x0101000cfL (needs it) | ||
// openssl-1.1.1d 0x01010104fL (last version that needs it) | ||
// openssl-1.1.1-dev (should not need it - post PR#10563). | ||
// | ||
/* #if OPENSSL_VERSION_NUMBER >= 0x010100000L && OPENSSL_VERSION_NUMBER <= 0x01010104fL */ | ||
#if OPENSSL_VERSION_NUMBER >= 0x010100000L | ||
#include "openssl/x509.h" | ||
|
||
#define HAS_OPENSSL_PR10563_WORK_AROUND | ||
|
||
struct X509_req_info_st { | ||
ASN1_ENCODING enc; | ||
ASN1_INTEGER *version; | ||
X509_NAME *subject; | ||
X509_PUBKEY *pubkey; | ||
STACK_OF(X509_ATTRIBUTE) *attributes; | ||
}; | ||
|
||
typedef _Atomic int CRYPTO_REF_COUNT; | ||
|
||
struct X509_req_st { | ||
X509_REQ_INFO req_info; | ||
X509_ALGOR sig_alg; | ||
ASN1_BIT_STRING *signature; /* signature */ | ||
CRYPTO_REF_COUNT references; | ||
CRYPTO_RWLOCK *lock; | ||
# ifndef OPENSSL_NO_SM2 | ||
ASN1_OCTET_STRING *sm2_id; | ||
# endif | ||
}; | ||
|
||
|
||
static void _X509_REQ_set1_signature(X509_REQ *req, X509_ALGOR *palg) | ||
{ | ||
if (req->sig_alg.algorithm) | ||
ASN1_OBJECT_free(req->sig_alg.algorithm); | ||
if (req->sig_alg.parameter) | ||
ASN1_TYPE_free(req->sig_alg.parameter); | ||
req->sig_alg = *palg; | ||
} | ||
#endif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
{ stdenv, fetchurl, pkgconfig, mod_ca, apr, aprutil }: | ||
|
||
stdenv.mkDerivation rec { | ||
pname = "mod_ocsp"; | ||
version = "0.2.1"; | ||
|
||
src = fetchurl { | ||
url = "https://redwax.eu/dist/rs/${pname}-${version}.tar.gz"; | ||
sha256 = "1vwgai56krdf8knb0mgy07ni9mqxk82bcb4gibwpnxvl6qwgv2i0"; | ||
}; | ||
|
||
nativeBuildInputs = [ pkgconfig ]; | ||
buildInputs = [ mod_ca apr aprutil ]; | ||
inherit (mod_ca) configureFlags installFlags; | ||
|
||
meta = with stdenv.lib; { | ||
description = "RedWax CA service modules of OCSP Online Certificate Validation"; | ||
|
||
homepage = "https://redwax.eu"; | ||
license = licenses.asl20; | ||
platforms = platforms.unix; | ||
maintainers = with maintainers; [ dirkx ]; | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
{ stdenv, fetchurl, pkgconfig, mod_ca, apr, aprutil }: | ||
|
||
stdenv.mkDerivation rec { | ||
pname = "mod_pkcs12"; | ||
version = "0.2.1"; | ||
|
||
src = fetchurl { | ||
url = "https://redwax.eu/dist/rs/${pname}-${version}.tar.gz"; | ||
sha256 = "0by4qfjs3a8q0amzwazfq8ii6ydv36v2mjga0jzc9i6xyl4rs6ai"; | ||
}; | ||
|
||
nativeBuildInputs = [ pkgconfig ]; | ||
buildInputs = [ mod_ca apr aprutil ]; | ||
inherit (mod_ca) configureFlags installFlags; | ||
|
||
meta = with stdenv.lib; { | ||
description = "RedWax CA service modules for PKCS#12 format files"; | ||
|
||
homepage = "https://redwax.eu"; | ||
license = licenses.asl20; | ||
platforms = platforms.unix; | ||
maintainers = with maintainers; [ dirkx ]; | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
{ stdenv, fetchurl, pkgconfig, mod_ca, apr, aprutil }: | ||
|
||
stdenv.mkDerivation rec { | ||
pname = "mod_scep"; | ||
version = "0.2.1"; | ||
|
||
src = fetchurl { | ||
url = "https://redwax.eu/dist/rs/${pname}-${version}.tar.gz"; | ||
sha256 = "14l8v6y6kx5dg8avb5ny95qdcgrw40ss80nqrgmw615mk7zcj81f"; | ||
}; | ||
|
||
nativeBuildInputs = [ pkgconfig ]; | ||
buildInputs = [ mod_ca apr aprutil ]; | ||
inherit (mod_ca) configureFlags installFlags; | ||
|
||
# After openssl-1.0.2t, starting in openssl-1.1.0l | ||
# parts of the OpenSSL struct API was replaced by | ||
# getters - but some setters where forgotten. | ||
# | ||
# It is expected that these are back/retrofitted in version | ||
# openssl-1.1.1d -- but while fixing this it was found | ||
# that there were quite a few other setters missing and | ||
# that some of the memory management needed was at odds | ||
# with the principles used sofar. | ||
# | ||
# See https://github.com/openssl/openssl/pull/10563 | ||
# | ||
# So as a stopgap - use a minimalist compat. layer | ||
# https://source.redwax.eu/projects/RS/repos/mod_csr/browse/openssl_setter_compat.h | ||
# | ||
preBuild = "cp ${./openssl_setter_compat.h} openssl_setter_compat.h"; | ||
|
||
meta = with stdenv.lib; { | ||
description = "RedWax CA service modules for SCEP (Automatic ceritifcate issue/renewal)"; | ||
|
||
homepage = "https://redwax.eu"; | ||
license = licenses.asl20; | ||
platforms = platforms.unix; | ||
maintainers = with maintainers; [ dirkx ]; | ||
}; | ||
} |
66 changes: 66 additions & 0 deletions
66
pkgs/servers/http/apache-modules/mod_scep/openssl_setter_compat.h
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
/* Licensed to Stichting The Commons Conservancy (TCC) under one or more | ||
* contributor license agreements. See the AUTHORS file distributed with | ||
* this work for additional information regarding copyright ownership. | ||
* TCC licenses this file to You under the Apache License, Version 2.0 | ||
* (the "License"); you may not use this file except in compliance with | ||
* the License. You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
// These routines are copies from OpenSSL/1.1.1 its x509/x509_req.c | ||
// and the private header files for that. They are needed as | ||
// starting with OpenSSL 1.1.0 the X509_req structure became | ||
// private; and got some get0 functions to access its internals. | ||
// But no getter's until post 1.1.1 (PR#10563). So this is a | ||
// stopgap for these lacking releases. | ||
// | ||
// Testest against: | ||
// openssl-1.0.2t 0x01000214fL (does not need it, privates still accessile) | ||
// openssl-1.1.0l 0x0101000cfL (needs it) | ||
// openssl-1.1.1d 0x01010104fL (last version that needs it) | ||
// openssl-1.1.1-dev (should not need it - post PR#10563). | ||
// | ||
/* #if OPENSSL_VERSION_NUMBER >= 0x010100000L && OPENSSL_VERSION_NUMBER <= 0x01010104fL */ | ||
#if OPENSSL_VERSION_NUMBER >= 0x010100000L | ||
#include "openssl/x509.h" | ||
|
||
#define HAS_OPENSSL_PR10563_WORK_AROUND | ||
|
||
struct X509_req_info_st { | ||
ASN1_ENCODING enc; | ||
ASN1_INTEGER *version; | ||
X509_NAME *subject; | ||
X509_PUBKEY *pubkey; | ||
STACK_OF(X509_ATTRIBUTE) *attributes; | ||
}; | ||
|
||
typedef _Atomic int CRYPTO_REF_COUNT; | ||
|
||
struct X509_req_st { | ||
X509_REQ_INFO req_info; | ||
X509_ALGOR sig_alg; | ||
ASN1_BIT_STRING *signature; /* signature */ | ||
CRYPTO_REF_COUNT references; | ||
CRYPTO_RWLOCK *lock; | ||
# ifndef OPENSSL_NO_SM2 | ||
ASN1_OCTET_STRING *sm2_id; | ||
# endif | ||
}; | ||
|
||
|
||
static void _X509_REQ_set1_signature(X509_REQ *req, X509_ALGOR *palg) | ||
{ | ||
if (req->sig_alg.algorithm) | ||
ASN1_OBJECT_free(req->sig_alg.algorithm); | ||
if (req->sig_alg.parameter) | ||
ASN1_TYPE_free(req->sig_alg.parameter); | ||
req->sig_alg = *palg; | ||
} | ||
#endif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
{ stdenv, fetchurl, pkgconfig, mod_ca, apr, aprutil }: | ||
|
||
stdenv.mkDerivation rec { | ||
pname = "mod_spkac"; | ||
version = "0.2.1"; | ||
|
||
src = fetchurl { | ||
url = "https://redwax.eu/dist/rs/${pname}-${version}.tar.gz"; | ||
sha256 = "0x6ia9qcr7lx2awpv9cr4ndic5f4g8yqzmp2hz66zpzkmk2b2pyz"; | ||
}; | ||
|
||
nativeBuildInputs = [ pkgconfig ]; | ||
buildInputs = [ mod_ca apr aprutil ]; | ||
inherit (mod_ca) configureFlags installFlags; | ||
|
||
meta = with stdenv.lib; { | ||
description = "RedWax CA service module for handling the Netscape keygen requests. "; | ||
|
||
homepage = "https://redwax.eu"; | ||
license = licenses.asl20; | ||
platforms = platforms.unix; | ||
maintainers = with maintainers; [ dirkx ]; | ||
}; | ||
} |
24 changes: 24 additions & 0 deletions
24
pkgs/servers/http/apache-modules/mod_timestamp/default.nix
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
{ stdenv, fetchurl, pkgconfig, mod_ca, apr, aprutil }: | ||
|
||
stdenv.mkDerivation rec { | ||
pname = "mod_timestamp"; | ||
version = "0.2.1"; | ||
|
||
src = fetchurl { | ||
url = "https://redwax.eu/dist/rs/${pname}-${version}.tar.gz"; | ||
sha256 = "0j4b04dbdwn9aff3da9m0lnqi0qbw6c6hhi81skl15kyc3vzp67f"; | ||
}; | ||
|
||
nativeBuildInputs = [ pkgconfig ]; | ||
buildInputs = [ mod_ca apr aprutil ]; | ||
inherit (mod_ca) configureFlags installFlags; | ||
|
||
meta = with stdenv.lib; { | ||
description = "RedWax CA service module for issuing signed timestamps"; | ||
|
||
homepage = "https://redwax.eu"; | ||
license = licenses.asl20; | ||
platforms = platforms.unix; | ||
maintainers = with maintainers; [ dirkx ]; | ||
}; | ||
} |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe @jtojnar wanted you to replace
$(out)
with${placeholder ''out''}
here as well.