2017-10-12 06:41:05 +02:00
|
|
|
{ stdenv, fetchFromGitHub
|
|
|
|
, cmake, pkgconfig, coreutils
|
|
|
|
, boost, cryptopp, curl, fuse, openssl, python, spdlog
|
|
|
|
}:
|
|
|
|
|
|
|
|
stdenv.mkDerivation rec {
|
2019-08-15 14:41:18 +02:00
|
|
|
pname = "cryfs";
|
2019-02-24 00:53:11 +01:00
|
|
|
version = "0.9.10";
|
2017-10-12 06:41:05 +02:00
|
|
|
|
|
|
|
src = fetchFromGitHub {
|
|
|
|
owner = "cryfs";
|
|
|
|
repo = "cryfs";
|
|
|
|
rev = "${version}";
|
2019-02-24 00:53:11 +01:00
|
|
|
sha256 = "04yqpad8x0hiiwpykcn3swi0py6sg9xid6g15ny2qs4j3llin5ry";
|
2017-10-12 06:41:05 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
prePatch = ''
|
|
|
|
patchShebangs src
|
|
|
|
|
|
|
|
substituteInPlace vendor/scrypt/CMakeLists.txt \
|
|
|
|
--replace /usr/bin/ ""
|
|
|
|
|
|
|
|
# scrypt in nixpkgs only produces a binary so we lift the patching from that so allow
|
|
|
|
# building the vendored version. This is very much NOT DRY.
|
|
|
|
# The proper solution is to have scrypt generate a dev output with the required files and just symlink
|
|
|
|
# into vendor/scrypt
|
|
|
|
for f in Makefile.in autocrap/Makefile.am libcperciva/cpusupport/Build/cpusupport.sh ; do
|
|
|
|
substituteInPlace vendor/scrypt/scrypt-*/scrypt/$f --replace "command -p " ""
|
|
|
|
done
|
|
|
|
|
|
|
|
# cryfs is vendoring an old version of spdlog
|
|
|
|
rm -rf vendor/spdlog/spdlog
|
|
|
|
ln -s ${spdlog} vendor/spdlog/spdlog
|
|
|
|
'';
|
|
|
|
|
|
|
|
buildInputs = [ boost cryptopp curl fuse openssl python spdlog ];
|
|
|
|
|
2017-10-13 17:29:20 +02:00
|
|
|
patches = [
|
|
|
|
./test-no-network.patch # Disable tests using external networking
|
|
|
|
./skip-failing-test-large-malloc.patch
|
|
|
|
];
|
|
|
|
|
2017-10-12 06:41:05 +02:00
|
|
|
# coreutils is needed for the vendored scrypt
|
|
|
|
nativeBuildInputs = [ cmake coreutils pkgconfig ];
|
|
|
|
|
|
|
|
enableParallelBuilding = true;
|
|
|
|
|
|
|
|
cmakeFlags = [
|
|
|
|
"-DCRYFS_UPDATE_CHECKS=OFF"
|
|
|
|
"-DBoost_USE_STATIC_LIBS=OFF" # this option is case sensitive
|
|
|
|
];
|
|
|
|
|
2017-10-13 17:29:20 +02:00
|
|
|
doCheck = true;
|
|
|
|
|
|
|
|
# Cryfs tests are broken on darwin
|
|
|
|
checkPhase = stdenv.lib.optionalString (!stdenv.isDarwin) ''
|
|
|
|
# Skip CMakeFiles directory and tests depending on fuse (does not work well with sandboxing)
|
|
|
|
SKIP_IMPURE_TESTS="CMakeFiles|fspp|cryfs-cli"
|
|
|
|
|
|
|
|
for test in `ls -d test/*/ | egrep -v "$SKIP_IMPURE_TESTS"`; do
|
|
|
|
"./$test`basename $test`-test"
|
|
|
|
done
|
|
|
|
'';
|
|
|
|
|
|
|
|
installPhase = ''
|
|
|
|
# Building with BUILD_TESTING=ON is missing the install target
|
|
|
|
mkdir -p $out/bin
|
|
|
|
install -m 755 ./src/cryfs-cli/cryfs $out/bin/cryfs
|
|
|
|
'';
|
|
|
|
|
2017-10-12 06:41:05 +02:00
|
|
|
meta = with stdenv.lib; {
|
|
|
|
description = "Cryptographic filesystem for the cloud";
|
|
|
|
homepage = https://www.cryfs.org;
|
|
|
|
license = licenses.lgpl3;
|
|
|
|
maintainers = with maintainers; [ peterhoeg ];
|
|
|
|
platforms = with platforms; linux;
|
|
|
|
};
|
|
|
|
}
|