nixpkgs/pkgs/os-specific/linux/cryptsetup/default.nix
William A. Kennington III fd588f939c cryptsetup: Use openssl instead of libgcrypt
When libgcrypt added support for libcap, it started dropping
capabilities of the cryptsetup process. This meant that cryptsetup was
unable to communicate with device mapper. This patch fixes that issue by
removing the dependency on libgcrypt and instead uses openssl for the
implementation of low-level cryptographic functions.

Fixes #7859.
2015-05-18 13:12:27 -07:00

28 lines
920 B
Nix

{ stdenv, fetchurl, devicemapper, openssl, libuuid, pkgconfig, popt
, enablePython ? false, python ? null
}:
assert enablePython -> python != null;
stdenv.mkDerivation rec {
name = "cryptsetup-1.6.7";
src = fetchurl {
url = "mirror://kernel/linux/utils/cryptsetup/v1.6/${name}.tar.xz";
sha256 = "0878vwblazms1dac2ds7vyz8pgi1aac8870ccnl2s0v2sv428g62";
};
configureFlags = [ "--enable-cryptsetup-reencrypt" "--with-crypto_backend=openssl" ]
++ stdenv.lib.optional enablePython "--enable-python";
buildInputs = [ devicemapper openssl libuuid pkgconfig popt ]
++ stdenv.lib.optional enablePython python;
meta = {
homepage = http://code.google.com/p/cryptsetup/;
description = "LUKS for dm-crypt";
license = stdenv.lib.licenses.gpl2;
maintainers = with stdenv.lib.maintainers; [ viric chaoflow ];
platforms = with stdenv.lib.platforms; linux;
};
}