2011-08-27 19:04:25 +02:00
|
|
|
{ fetchurl, stdenv, zlib, lzo, libtasn1, nettle
|
|
|
|
, guileBindings, guile, pkgconfig }:
|
|
|
|
|
|
|
|
assert guileBindings -> guile != null;
|
|
|
|
|
|
|
|
stdenv.mkDerivation rec {
|
|
|
|
|
2013-02-23 13:25:48 +01:00
|
|
|
name = "gnutls-2.12.23";
|
2011-08-27 19:04:25 +02:00
|
|
|
|
2013-02-23 13:25:48 +01:00
|
|
|
src = fetchurl { # missing on standard mirrors
|
|
|
|
url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v2.12/${name}.tar.bz2";
|
|
|
|
sha256 = "1lkys703z4yxfgzarmgas5ccvn6m254w9wvm7s8v0zkj81z7m9nz";
|
2011-08-27 19:04:25 +02:00
|
|
|
};
|
|
|
|
|
2014-02-06 20:34:55 +01:00
|
|
|
patches = [(fetchurl {
|
|
|
|
url = "http://anonscm.debian.org/viewvc/pkg-gnutls/packages/gnutls26/trunk/"
|
|
|
|
+ "debian/patches/21_sanitycheck.diff?revision=1777&view=co";
|
|
|
|
sha256 = "0k18a7q6irmgjzp647bd18zccjpsr82n2s9arpamnkakgnny4ks9";
|
|
|
|
name = "CVE-2013-2116.patch";
|
|
|
|
})];
|
|
|
|
|
2011-08-27 19:04:25 +02:00
|
|
|
configurePhase = ''
|
|
|
|
./configure --prefix="$out" \
|
|
|
|
--disable-dependency-tracking --enable-fast-install \
|
|
|
|
--with-lzo --with-libtasn1-prefix="${libtasn1}" \
|
|
|
|
--without-p11-kit \
|
|
|
|
${if guileBindings
|
|
|
|
then "--enable-guile --with-guile-site-dir=\"$out/share/guile/site\""
|
|
|
|
else ""}
|
|
|
|
'';
|
|
|
|
|
|
|
|
buildInputs = [ zlib lzo libtasn1 pkgconfig ]
|
|
|
|
++ stdenv.lib.optional guileBindings guile;
|
|
|
|
|
|
|
|
propagatedBuildInputs = [ nettle ];
|
|
|
|
|
|
|
|
doCheck = true;
|
|
|
|
|
|
|
|
meta = {
|
|
|
|
description = "The GNU Transport Layer Security Library";
|
|
|
|
|
|
|
|
longDescription = ''
|
|
|
|
GnuTLS is a project that aims to develop a library which
|
|
|
|
provides a secure layer, over a reliable transport
|
|
|
|
layer. Currently the GnuTLS library implements the proposed
|
|
|
|
standards by the IETF's TLS working group.
|
|
|
|
|
|
|
|
Quoting from the TLS protocol specification:
|
|
|
|
|
|
|
|
"The TLS protocol provides communications privacy over the
|
|
|
|
Internet. The protocol allows client/server applications to
|
|
|
|
communicate in a way that is designed to prevent eavesdropping,
|
|
|
|
tampering, or message forgery."
|
|
|
|
'';
|
|
|
|
|
|
|
|
homepage = http://www.gnu.org/software/gnutls/;
|
|
|
|
license = "LGPLv2.1+";
|
|
|
|
|
2013-08-16 23:44:33 +02:00
|
|
|
maintainers = [ ];
|
2011-08-27 19:04:25 +02:00
|
|
|
};
|
|
|
|
}
|