diff --git a/pkgs/tools/security/eid-mw/default.nix b/pkgs/tools/security/eid-mw/default.nix index cbe56694da14..e07ea1a33379 100644 --- a/pkgs/tools/security/eid-mw/default.nix +++ b/pkgs/tools/security/eid-mw/default.nix @@ -1,24 +1,37 @@ -{ lib, stdenv, fetchFromGitHub -, autoreconfHook, pkg-config -, gtk3, nssTools, pcsclite -, libxml2, libproxy -, openssl, curl +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, autoconf-archive +, pkg-config , makeWrapper -, substituteAll }: +, curl +, gtk3 +, libassuan +, libbsd +, libproxy +, libxml2 +, openssl +, p11-kit +, pcsclite +, nssTools +, substituteAll +}: stdenv.mkDerivation rec { pname = "eid-mw"; - version = "4.4.27"; + # NOTE: Don't just blindly update to the latest version/tag. Releases are always for a specific OS. + version = "5.0.21"; src = fetchFromGitHub { rev = "v${version}"; - sha256 = "17lw8iwp7h5cs3db80sysr84ffi333cf2vrhncs9l6hy6glfl2v1"; + sha256 = "1sz7996q6gd6vbdxqgyx1jwjznpki1k9zbgaj1j1a51y6w0g0kdh"; repo = "eid-mw"; owner = "Fedict"; }; - nativeBuildInputs = [ autoreconfHook pkg-config makeWrapper ]; - buildInputs = [ gtk3 pcsclite libxml2 libproxy curl openssl ]; + nativeBuildInputs = [ autoreconfHook autoconf-archive pkg-config makeWrapper ]; + buildInputs = [ curl gtk3 libassuan libbsd libproxy libxml2 openssl p11-kit pcsclite ]; preConfigure = '' mkdir openssl ln -s ${openssl.out}/lib openssl @@ -27,30 +40,30 @@ stdenv.mkDerivation rec { export SSL_PREFIX=$(realpath openssl) substituteInPlace plugins_tools/eid-viewer/Makefile.in \ --replace "c_rehash" "openssl rehash" - ''; + ''; + # pinentry uses hardcoded `/usr/bin/pinentry`, so use the built-in (uglier) dialogs for pinentry. + configureFlags = [ "--disable-pinentry" ]; postPatch = '' sed 's@m4_esyscmd_s(.*,@[${version}],@' -i configure.ac ''; - configureFlags = [ "--enable-dialogs=yes" ]; - postInstall = - let - eid-nssdb-in = substituteAll { - inherit (stdenv) shell; - isExecutable = true; - src = ./eid-nssdb.in; - }; - in - '' - install -D ${eid-nssdb-in} $out/bin/eid-nssdb - substituteInPlace $out/bin/eid-nssdb \ - --replace "modutil" "${nssTools}/bin/modutil" + let + eid-nssdb-in = substituteAll { + inherit (stdenv) shell; + isExecutable = true; + src = ./eid-nssdb.in; + }; + in + '' + install -D ${eid-nssdb-in} $out/bin/eid-nssdb + substituteInPlace $out/bin/eid-nssdb \ + --replace "modutil" "${nssTools}/bin/modutil" - rm $out/bin/about-eid-mw - wrapProgram $out/bin/eid-viewer --prefix XDG_DATA_DIRS : "$out/share/gsettings-schemas/$name" - ''; + rm $out/bin/about-eid-mw + wrapProgram $out/bin/eid-viewer --prefix XDG_DATA_DIRS : "$out/share/gsettings-schemas/$name" + ''; enableParallelBuilding = true; @@ -83,6 +96,6 @@ stdenv.mkDerivation rec { firefox.override { pkcs11Modules = [ pkgs.eid-mw ]; } ''; platforms = platforms.linux; - maintainers = with maintainers; [ bfortz ]; + maintainers = with maintainers; [ bfortz chvp ]; }; }