_389-ds-base: 1.3.9.1 -> 2.0.5

2021-06-11 20:40:02 -07:00 · 2021-06-11 20:40:02 -07:00 · c97b3d8502
commit c97b3d8502
parent eceb128a26
1 changed files with 120 additions and 32 deletions
--- a/pkgs/servers/ldap/389/default.nix
+++ b/pkgs/servers/ldap/389/default.nix
@ -1,32 +1,107 @@
-{ lib, stdenv, fetchurl, fetchpatch, autoreconfHook, pkg-config, doxygen, perl, pam, nspr, nss, openldap
+{ stdenv
-, db, cyrus_sasl, svrcore, icu, net-snmp, libkrb5, pcre, perlPackages, libevent, openssl, python3
+, autoreconfHook
 , fetchFromGitHub
 , lib
 , bzip2
 , cmocka
 , cracklib
 , cyrus_sasl
 , db
 , doxygen
 , icu
 , libevent
 , libkrb5
 , lm_sensors
 , net-snmp
 , nspr
 , nss
 , openldap
 , openssl
 , pcre
 , perl
 , perlPackages
 , pkg-config
 , python3
 , svrcore
 , zlib
 , enablePamPassthru ? true
 , pam
 , enableCockpit ? true
 , rsync
 , enableDna ? true
 , enableLdapi ? true
 , enableAutobind ? false
 , enableAutoDnSuffix ? false
 , enableBitwise ? true
 , enableAcctPolicy ? true
 , enablePosixWinsync ? true
 }:
 stdenv.mkDerivation rec {
  pname = "389-ds-base";
-  version = "1.3.9.1";
+  version = "2.0.5";
-  src = fetchurl {
+  src = fetchFromGitHub {
-    url = "https://releases.pagure.org/${pname}/${pname}-${version}.tar.bz2";
+    owner = "389ds";
-    sha256 = "141iv1phgk1lw74sfjj3v7wy6qs0q56lvclwv2p0hqn1wg8ic4q6";
+    repo = pname;
    rev = "${pname}-${version}";
    sha256 = "sha256-H0G8py4sB+2CSZKyCIb2TCIXOpnPx7udWUEK4Tg5TD8=";
  };
  nativeBuildInputs = [ autoreconfHook pkg-config doxygen ];
  buildInputs = [
    perl pam nspr nss openldap db cyrus_sasl svrcore icu
    net-snmp libkrb5 pcre libevent openssl python3
  ] ++ (with perlPackages; [ MozillaLdap NetAddrIP DBFile ]);
-  patches = [
+  buildInputs = [
-    (fetchpatch {
+    bzip2
-      name = "389-ds-nss.patch";
+    cracklib
-      url = "https://aur.archlinux.org/cgit/aur.git/plain/nss.patch?h=389-ds-base&id=b80ed52cc65ff9b1d72f8ebc54dbd462b12f6be9";
+    cyrus_sasl
-      sha256 = "07z7jl9z4gzhk3k6qyfn558xl76js8041llyr5n99h20ckkbwagk";
+    db
-    })
+    icu
-  ];
+    libevent
    libkrb5
    lm_sensors
    net-snmp
    nspr
    nss
    openldap
    openssl
    pcre
    perl
    python3
    svrcore
    zlib
    # tests
    cmocka
    libevent
    # lib389
    (python3.withPackages (ps: with ps; [
      setuptools
      ldap
      six
      pyasn1
      pyasn1-modules
      dateutil
      argcomplete
      libselinux
    ]))
    # logconv.pl
    perlPackages.DBFile
    perlPackages.ArchiveTar
  ]
  ++ lib.optional enableCockpit rsync
  ++ lib.optional enablePamPassthru pam;
  postPatch = ''
    substituteInPlace Makefile.am \
      --replace 's,@perlpath\@,$(perldir),g' 's,@perlpath\@,$(perldir) $(PERLPATH),g'
    patchShebangs ./buildnum.py ./ldap/servers/slapd/mkDBErrStrs.py
  '';
  preConfigure = ''
@ -38,21 +113,37 @@ stdenv.mkDerivation rec {
    export PERLPATH
  '';
-  configureFlags = [
+  configureFlags =
-    "--sysconfdir=/etc"
+    let
-    "--localstatedir=/var"
+      mkEnable = cond: name: if cond then "--enable-${name}" else "--disable-${name}";
-    "--with-openldap"
+    in
-    "--with-db"
+    [
-    "--with-db-inc=${db.dev}/include"
+      "--enable-cmocka"
-    "--with-db-lib=${db.out}/lib"
+      "--localstatedir=/var"
-    "--with-sasl=${cyrus_sasl.dev}"
+      "--sysconfdir=/etc"
-    "--with-netsnmp=yes"
+      "--with-db-inc=${db.dev}/include"
-    "--with-netsnmp-inc=${lib.getDev net-snmp}/include"
+      "--with-db-lib=${db.out}/lib"
-    "--with-netsnmp-lib=${lib.getLib net-snmp}/lib"
+      "--with-db=yes"
-  ];
+      "--with-netsnmp-inc=${lib.getDev net-snmp}/include"
      "--with-netsnmp-lib=${lib.getLib net-snmp}/lib"
      "--with-netsnmp=yes"
      "--with-openldap"
      "${mkEnable enableCockpit "cockpit"}"
      "${mkEnable enablePamPassthru "pam-passthru"}"
      "${mkEnable enableDna "dna"}"
      "${mkEnable enableLdapi "ldapi"}"
      "${mkEnable enableAutobind "autobind"}"
      "${mkEnable enableAutoDnSuffix "auto-dn-suffix"}"
      "${mkEnable enableBitwise "bitwise"}"
      "${mkEnable enableAcctPolicy "acctpolicy"}"
      "${mkEnable enablePosixWinsync "posix-winsync"}"
    ];
  enableParallelBuilding = true;
  doCheck = true;
  installFlags = [
    "sysconfdir=${placeholder "out"}/etc"
    "localstatedir=${placeholder "TMPDIR"}"
@ -65,8 +156,5 @@ stdenv.mkDerivation rec {
    description = "Enterprise-class Open Source LDAP server for Linux";
    license = licenses.gpl3Plus;
    platforms = platforms.linux;
    knownVulnerabilities = [
      "CVE-2021-3514" # https://nvd.nist.gov/vuln/detail/CVE-2021-3514
    ];
  };
 }