75 lines
2.3 KiB
Nix
75 lines
2.3 KiB
Nix
{ fetchurl, stdenv, libnsl }:
|
|
|
|
let
|
|
vanillaVersion = "7.6.q";
|
|
patchLevel = "26";
|
|
in stdenv.mkDerivation rec {
|
|
pname = "tcp-wrappers";
|
|
version = "${vanillaVersion}-${patchLevel}";
|
|
|
|
src = fetchurl {
|
|
url = "mirror://debian/pool/main/t/tcp-wrappers/tcp-wrappers_${vanillaVersion}.orig.tar.gz";
|
|
sha256 = "0p9ilj4v96q32klavx0phw9va21fjp8vpk11nbh6v2ppxnnxfhwm";
|
|
};
|
|
|
|
debian = fetchurl {
|
|
url = "mirror://debian/pool/main/t/tcp-wrappers/tcp-wrappers_${version}.debian.tar.xz";
|
|
sha256 = "1dcdhi9lwzv7g19ggwxms2msq9fy14rl09rjqb10hwv0jix7z8j8";
|
|
};
|
|
|
|
prePatch = ''
|
|
tar -xaf $debian
|
|
patches="$(cat debian/patches/series | sed 's,^,debian/patches/,') $patches"
|
|
|
|
substituteInPlace Makefile --replace STRINGS STRINGDEFS
|
|
substituteInPlace debian/patches/13_shlib_weaksym --replace STRINGS STRINGDEFS
|
|
'';
|
|
|
|
# Fix __BEGIN_DECLS usage (even if it wasn't non-standard, this doesn't include sys/cdefs.h)
|
|
patches = [ ./cdecls.patch ];
|
|
|
|
postPatch = stdenv.lib.optionalString stdenv.hostPlatform.isMusl ''
|
|
substituteInPlace Makefile \
|
|
--replace '-DNETGROUP' '-DUSE_GETDOMAIN'
|
|
'';
|
|
|
|
buildInputs = [ libnsl ];
|
|
|
|
makeFlags = [ "REAL_DAEMON_DIR=$(out)/bin" "linux" "AR:=$(AR)" ];
|
|
|
|
installPhase = ''
|
|
mkdir -p "$out/bin"
|
|
cp -v safe_finger tcpd tcpdchk tcpdmatch try-from "$out/bin"
|
|
|
|
mkdir -p "$out/lib"
|
|
cp -v shared/lib*.so* "$out/lib"
|
|
|
|
mkdir -p "$out/include"
|
|
cp -v *.h "$out/include"
|
|
|
|
for i in 3 5 8;
|
|
do
|
|
mkdir -p "$out/man/man$i"
|
|
cp *.$i "$out/man/man$i" ;
|
|
done
|
|
'';
|
|
|
|
meta = {
|
|
description = "TCP Wrappers, a network logger, also known as TCPD or LOG_TCP";
|
|
|
|
longDescription = ''
|
|
Wietse Venema's network logger, also known as TCPD or LOG_TCP.
|
|
These programs log the client host name of incoming telnet, ftp,
|
|
rsh, rlogin, finger etc. requests. Security options are: access
|
|
control per host, domain and/or service; detection of host name
|
|
spoofing or host address spoofing; booby traps to implement an
|
|
early-warning system. The current version supports the System
|
|
V.4 TLI network programming interface (Solaris, DG/UX) in
|
|
addition to the traditional BSD sockets.
|
|
'';
|
|
|
|
homepage = "ftp://ftp.porcupine.org/pub/security/index.html";
|
|
license = "BSD-style";
|
|
platforms = stdenv.lib.platforms.linux;
|
|
};
|
|
}
|