{ lib, stdenv, fetchurl, openssl }: stdenv.mkDerivation rec { pname = "apg"; version = "2.3.0b"; src = fetchurl { url = "http://www.adel.nursat.kz/apg/download/apg-${version}.tar.gz"; sha256 = "14lbq81xrcsmpk1b9qmqyz7n6ypf08zcxvcvp6f7ybcyf0lj1rfi"; }; configurePhase = '' substituteInPlace Makefile --replace /usr/local "$out" ''; makeFlags = ["CC=${stdenv.cc.targetPrefix}cc"]; patches = [ ./apg.patch ./phony-install-target.patch ]; postPatch = lib.optionalString stdenv.isDarwin '' sed -i -e 's|APG_CLIBS += -lcrypt|APG_CLIBS += -L${openssl.out}/lib -lcrypto|' Makefile ''; meta = { description = "Tools for random password generation"; longDescription = '' APG (Automated Password Generator) is the tool set for random password generation. Standalone version Generates some random words of required type and prints them to standard output. Network version APG server: When client's request is arrived generates some random words of predefined type and send them to client over the network (according to RFC0972). APG client: Sends the password generation request to the APG server, wait for generated Passwords arrival and then prints them to the standard output. Advantages * Built-in ANSI X9.17 RNG (Random Number Generator) (CAST/SHA1) * Built-in password quality checking system (it has support for Bloom filter for faster access) * Two Password Generation Algorithms: 1. Pronounceable Password Generation Algorithm (according to NIST FIPS 181) 2. Random Character Password Generation Algorithm with 35 configurable modes of operation * Configurable password length parameters * Configurable amount of generated passwords * Ability to initialize RNG with user string * Support for /dev/random * Ability to crypt() generated passwords and print them as additional output * Special parameters to use APG in script * Ability to log password generation requests for network version * Ability to control APG service access using tcpd * Ability to use password generation service from any type of box (Mac, WinXX, etc.) that connected to network * Ability to enforce remote users to use only allowed type of password generation ''; homepage = "http://www.adel.nursat.kz/apg/"; license = lib.licenses.bsd3; maintainers = with lib.maintainers; [ astsmtl ]; platforms = lib.platforms.unix; }; }