diff --git a/pkgs/servers/shishi/default.nix b/pkgs/servers/shishi/default.nix index 6779ac9e0c3a..db6f94d38266 100644 --- a/pkgs/servers/shishi/default.nix +++ b/pkgs/servers/shishi/default.nix @@ -8,6 +8,8 @@ stdenv.mkDerivation rec { sha256 = "13c6w9rpaqb3am65nrn86byvmll5r78pld2vb0i68491vww4fzlx"; }; + patches = [ ./no-gets.patch ]; + buildInputs = [ libtasn1 libgcrypt gnutls ] ; doCheck = true; @@ -17,14 +19,14 @@ stdenv.mkDerivation rec { longDescription = '' GNU Shishi is an implementation of the Kerberos 5 network - authentication system, as specified in RFC 4120. Shishi can be - used to authenticate users in distributed systems. + authentication system, as specified in RFC 4120. Shishi can be + used to authenticate users in distributed systems. - Shishi contains a library (`libshishi') that can be used by - application developers to add support for Kerberos 5. Shishi - contains a command line utility (1shishi') that is used by - users to acquire and manage tickets (and more). The server - side, a Key Distribution Center, is implemented by `shishid'. + Shishi contains a library (`libshishi') that can be used by + application developers to add support for Kerberos 5. Shishi + contains a command line utility (1shishi') that is used by + users to acquire and manage tickets (and more). The server + side, a Key Distribution Center, is implemented by `shishid'. ''; homepage = http://www.gnu.org/software/shishi/; diff --git a/pkgs/servers/shishi/no-gets.patch b/pkgs/servers/shishi/no-gets.patch new file mode 100644 index 000000000000..12137204f455 --- /dev/null +++ b/pkgs/servers/shishi/no-gets.patch @@ -0,0 +1,20 @@ +diff --git a/gl/stdio.in.h b/gl/stdio.in.h +index 06d9780..fa04a10 100644 +--- a/gl/stdio.in.h ++++ b/gl/stdio.in.h +@@ -713,10 +713,13 @@ _GL_CXXALIAS_SYS (gets, char *, (char *s)); + # endif + _GL_CXXALIASWARN (gets); + /* It is very rare that the developer ever has full control of stdin, +- so any use of gets warrants an unconditional warning. Assume it is +- always declared, since it is required by C89. */ ++ so any use of gets warrants an unconditional warning; besides C11 ++ removed it. */ ++#ifdef gets ++#undef gets + _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead"); + #endif ++#endif + + + #if @GNULIB_OBSTACK_PRINTF@ || @GNULIB_OBSTACK_PRINTF_POSIX@