nixpkgs/pkgs/by-name/be/bearssl/package.nix
aleksana 571c71e6f7 treewide: migrate packages to pkgs/by-name, take 1
We are migrating packages that meet below requirements:

1. using `callPackage`
2. called path is a directory
3. overriding set is empty (`{ }`)
4. not containing path expressions other than relative path (to
makenixpkgs-vet happy)
5. not referenced by nix files outside of the directory, other
than`pkgs/top-level/all-packages.nix`
6. not referencing nix files outside of the directory
7. not referencing `default.nix` (since it's changed to `package.nix`)
8. `outPath` doesn't change after migration

The tool is here: https://github.com/Aleksanaa/by-name-migrate.
2024-11-09 20:04:51 +08:00

63 lines
2.0 KiB
Nix

{ lib, stdenv, fetchurl }:
stdenv.mkDerivation rec {
pname = "bearssl";
version = "0.6";
src = fetchurl {
url = "https://www.bearssl.org/bearssl-${version}.tar.gz";
sha256 = "057zhgy9w4y8z2996r0pq5k2k39lpvmmvz4df8db8qa9f6hvn1b7";
};
outputs = [ "bin" "lib" "dev" "out" ];
enableParallelBuilding = true;
makeFlags = [
"AR=${stdenv.cc.targetPrefix}ar"
"CC=${stdenv.cc.targetPrefix}cc"
"LD=${stdenv.cc.targetPrefix}cc"
"LDDLL=${stdenv.cc.targetPrefix}cc"
] ++ lib.optional stdenv.hostPlatform.isStatic "DLL=no";
installPhase = ''
runHook preInstall
install -D build/brssl $bin/brssl
install -D build/testcrypto $bin/testcrypto
install -Dm644 -t $lib/lib build/libbearssl.*
install -Dm644 -t $dev/include inc/*.h
touch $out
runHook postInstall
'';
meta = {
homepage = "https://www.bearssl.org/";
description = "Implementation of the SSL/TLS protocol written in C";
longDescription = ''
BearSSL is an implementation of the SSL/TLS protocol (RFC 5246)
written in C. It aims at offering the following features:
* Be correct and secure. In particular, insecure protocol versions and
choices of algorithms are not supported, by design; cryptographic
algorithm implementations are constant-time by default.
* Be small, both in RAM and code footprint. For instance, a minimal
server implementation may fit in about 20 kilobytes of compiled code
and 25 kilobytes of RAM.
* Be highly portable. BearSSL targets not only big operating systems
like Linux and Windows, but also small embedded systems and even
special contexts like bootstrap code.
* Be feature-rich and extensible. SSL/TLS has many defined cipher
suites and extensions; BearSSL should implement most of them, and
allow extra algorithm implementations to be added afterwards,
possibly from third parties.
'';
license = lib.licenses.mit;
platforms = lib.platforms.all;
maintainers = [ ];
};
}