nixpkgs/pkgs/development/python-modules/sslyze/default.nix

114 lines
3.0 KiB
Nix
Raw Normal View History

2020-05-21 10:33:16 +00:00
{ lib
, fetchFromGitHub
, buildPythonPackage
2020-12-04 19:28:18 +00:00
, pytestCheckHook
2021-05-08 09:00:24 +00:00
, pythonOlder
2021-12-13 16:47:13 +00:00
# deps
, cryptography
, nassl
, pydantic
, tls-parser
# check deps
, faker
, openssl_1_0_2
, openssl_1_1
2020-05-21 10:33:16 +00:00
}:
buildPythonPackage rec {
pname = "sslyze";
2022-01-14 00:59:01 +00:00
version = "5.0.2";
2021-05-08 09:00:24 +00:00
disabled = pythonOlder "3.7";
2020-05-21 10:33:16 +00:00
src = fetchFromGitHub {
owner = "nabla-c0d3";
repo = pname;
rev = version;
2022-01-14 00:59:01 +00:00
hash = "sha256-8xtnE5oFxH3wo2Smt65/xGDHxivexN6ggUpyUg42Cjk=";
2020-05-21 10:33:16 +00:00
};
patchPhase = ''
substituteInPlace setup.py \
2021-12-13 16:47:13 +00:00
--replace "cryptography>=2.6,<36.0.0" "cryptography>=2.6"
2020-05-21 10:33:16 +00:00
'';
2021-12-13 16:47:13 +00:00
checkInputs = [
pytestCheckHook
faker
];
2020-05-21 10:33:16 +00:00
2021-05-08 09:00:24 +00:00
# Most of the tests are online; hence, applicable tests are listed
# explicitly here
pytestFlagsArray = [
"tests/cli_tests/test_console_output.py"
"tests/cli_tests/test_server_string_parser.py"
2021-12-13 16:47:13 +00:00
"tests/json_tests/test_json_output.py"
"tests/plugins_tests/certificate_info/test_certificate_algorithms.py"
2021-05-08 09:00:24 +00:00
"tests/plugins_tests/certificate_info/test_certificate_utils.py"
2021-12-13 16:47:13 +00:00
"tests/plugins_tests/certificate_info/test_symantec.py"
"tests/plugins_tests/certificate_info/test_trust_store_repository.py"
"tests/plugins_tests/openssl_cipher_suites/test_cipher_suites.py"
"tests/plugins_tests/test_early_data_plugin.py"
"tests/plugins_tests/test_http_headers_plugin.py"
"tests/plugins_tests/test_robot_plugin.py"
"tests/plugins_tests/test_scan_commands.py"
"tests/plugins_tests/test_session_renegotiation_plugin.py"
"tests/scanner_tests/test_jobs_worker_thread.py"
"tests/scanner_tests/test_mass_scanner.py"
"tests/scanner_tests/test_models.py"
"tests/scanner_tests/test_scanner.py"
"tests/server_connectivity_tests/test_client_authentication.py"
2021-05-08 09:00:24 +00:00
];
disabledTests = [
2021-12-13 16:47:13 +00:00
# TestEllipticCurvesPluginWithOnlineServer
"test_supported_curves"
# TestRobotPluginPlugin
"test_robot_attack_good"
# TestHttpHeadersPlugin
"test_all_headers_disabled"
"test_expect_ct_enabled"
"test_hsts_enabled"
# TestSessionRenegotiationPlugin
"test_renegotiation_good"
# TestCertificateAlgorithms
"test_ecdsa_certificate"
"test_invalid_certificate_bad_name"
# TestEarlyDataPlugin
"test_early_data_enabled"
# TestTrustStoresRepository
"test_update_default"
# TestClientAuthentication
"test_optional_client_authentication"
2021-05-08 09:00:24 +00:00
];
2021-12-13 16:47:13 +00:00
# Some tests require OpenSSL
preCheck = ''
pushd $TMPDIR/$sourceRoot/tests/openssl_server/
rm openssl-1-1-1-linux64
ln -s ${openssl_1_1.bin}/bin/openssl openssl-1-1-1-linux64
rm openssl-1-0-0e-linux64
ln -s ${openssl_1_0_2.bin}/bin/openssl openssl-1-0-0e-linux64
popd
'';
pythonImportsCheck = [ "sslyze" ];
2020-05-21 10:33:16 +00:00
2021-12-13 16:47:13 +00:00
propagatedBuildInputs = [
cryptography
nassl
pydantic
tls-parser
];
2020-05-21 10:33:16 +00:00
meta = with lib; {
homepage = "https://github.com/nabla-c0d3/sslyze";
description = "Fast and powerful SSL/TLS scanning library";
platforms = platforms.linux ++ platforms.darwin;
2021-05-08 09:00:24 +00:00
license = licenses.agpl3Only;
2020-05-21 10:33:16 +00:00
maintainers = with maintainers; [ veehaitch ];
};
}