nixpkgs/pkgs/development/libraries/gnutls/2.12.nix
2014-02-06 20:34:55 +01:00

62 lines
1.9 KiB
Nix

{ fetchurl, stdenv, zlib, lzo, libtasn1, nettle
, guileBindings, guile, pkgconfig }:
assert guileBindings -> guile != null;
stdenv.mkDerivation rec {
name = "gnutls-2.12.23";
src = fetchurl { # missing on standard mirrors
url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v2.12/${name}.tar.bz2";
sha256 = "1lkys703z4yxfgzarmgas5ccvn6m254w9wvm7s8v0zkj81z7m9nz";
};
patches = [(fetchurl {
url = "http://anonscm.debian.org/viewvc/pkg-gnutls/packages/gnutls26/trunk/"
+ "debian/patches/21_sanitycheck.diff?revision=1777&view=co";
sha256 = "0k18a7q6irmgjzp647bd18zccjpsr82n2s9arpamnkakgnny4ks9";
name = "CVE-2013-2116.patch";
})];
configurePhase = ''
./configure --prefix="$out" \
--disable-dependency-tracking --enable-fast-install \
--with-lzo --with-libtasn1-prefix="${libtasn1}" \
--without-p11-kit \
${if guileBindings
then "--enable-guile --with-guile-site-dir=\"$out/share/guile/site\""
else ""}
'';
buildInputs = [ zlib lzo libtasn1 pkgconfig ]
++ stdenv.lib.optional guileBindings guile;
propagatedBuildInputs = [ nettle ];
doCheck = true;
meta = {
description = "The GNU Transport Layer Security Library";
longDescription = ''
GnuTLS is a project that aims to develop a library which
provides a secure layer, over a reliable transport
layer. Currently the GnuTLS library implements the proposed
standards by the IETF's TLS working group.
Quoting from the TLS protocol specification:
"The TLS protocol provides communications privacy over the
Internet. The protocol allows client/server applications to
communicate in a way that is designed to prevent eavesdropping,
tampering, or message forgery."
'';
homepage = http://www.gnu.org/software/gnutls/;
license = "LGPLv2.1+";
maintainers = [ ];
};
}