nixpkgs/pkgs/servers/ftp/vsftpd/default.nix

47 lines
1.3 KiB
Nix
Raw Normal View History

{ stdenv, fetchurl, openssl, sslEnable ? false, libcap, pam }:
2013-11-07 16:14:59 +01:00
stdenv.mkDerivation rec {
name = "vsftpd-3.0.2";
2013-11-07 16:14:59 +01:00
src = fetchurl {
url = "https://security.appspot.com/downloads/${name}.tar.gz";
sha256 = "0mjy345wszskz1vnk83360c1y37arwgap3gwz8hy13sjqpig0imy";
};
patches = [ ./CVE-2015-1419.patch ];
2013-11-07 16:14:59 +01:00
preConfigure = stdenv.lib.optionalString sslEnable ''
echo "Will enable SSL"
sed -i "/VSF_BUILD_SSL/s/^#undef/#define/" builddefs.h
'';
# The gcc-wrappers use -idirafter for glibc, and vsftpd also, and
# their dummyinc come before those of glibc, then the build works bad.
prePatch = ''
sed -i -e 's/-idirafter.*//' Makefile
'';
2013-11-07 16:14:59 +01:00
preBuild =
let
sslLibs = if sslEnable then "-lcrypt -lssl -lcrypto" else "";
in ''
2013-11-07 16:14:59 +01:00
makeFlagsArray=( "LIBS=${sslLibs} -lpam -lcap -fstack-protector" )
'';
# It won't link without this flag, used in CFLAGS
buildInputs = [ openssl libcap pam ];
installPhase = ''
mkdir -pv $out/sbin
install -v -m 755 vsftpd $out/sbin/vsftpd
mkdir -pv $out/share/man/man{5,8}
install -v -m 644 vsftpd.8 $out/share/man/man8/vsftpd.8
install -v -m 644 vsftpd.conf.5 $out/share/man/man5/vsftpd.conf.5
mkdir -pv $out/etc/xinetd.d
install -v -m 644 xinetd.d/vsftpd $out/etc/xinetd.d/vsftpd
'';
2013-11-07 16:14:59 +01:00
}