e0464e4788
In preparation for the deprecation of `stdenv.isX`. These shorthands are not conducive to cross-compilation because they hide the platforms. Darwin might get cross-compilation for which the continued usage of `stdenv.isDarwin` will get in the way One example of why this is bad and especially affects compiler packages https://www.github.com/NixOS/nixpkgs/pull/343059 There are too many files to go through manually but a treewide should get users thinking when they see a `hostPlatform.isX` in a place where it doesn't make sense. ``` fd --type f "\.nix" | xargs sd --fixed-strings "stdenv.is" "stdenv.hostPlatform.is" fd --type f "\.nix" | xargs sd --fixed-strings "stdenv'.is" "stdenv'.hostPlatform.is" fd --type f "\.nix" | xargs sd --fixed-strings "clangStdenv.is" "clangStdenv.hostPlatform.is" fd --type f "\.nix" | xargs sd --fixed-strings "gccStdenv.is" "gccStdenv.hostPlatform.is" fd --type f "\.nix" | xargs sd --fixed-strings "stdenvNoCC.is" "stdenvNoCC.hostPlatform.is" fd --type f "\.nix" | xargs sd --fixed-strings "inherit (stdenv) is" "inherit (stdenv.hostPlatform) is" fd --type f "\.nix" | xargs sd --fixed-strings "buildStdenv.is" "buildStdenv.hostPlatform.is" fd --type f "\.nix" | xargs sd --fixed-strings "effectiveStdenv.is" "effectiveStdenv.hostPlatform.is" fd --type f "\.nix" | xargs sd --fixed-strings "originalStdenv.is" "originalStdenv.hostPlatform.is" ```
47 lines
1.4 KiB
Nix
47 lines
1.4 KiB
Nix
{ lib, stdenv, fetchurl, botan2, sqlite, libobjc, Security }:
|
|
|
|
stdenv.mkDerivation rec {
|
|
|
|
pname = "softhsm";
|
|
version = "2.6.1";
|
|
|
|
src = fetchurl {
|
|
url = "https://dist.opendnssec.org/source/${pname}-${version}.tar.gz";
|
|
hash = "sha256-YSSUcwVLzRgRUZ75qYmogKe9zDbTF8nCVFf8YU30dfI=";
|
|
};
|
|
|
|
configureFlags = [
|
|
"--with-crypto-backend=botan"
|
|
"--with-botan=${lib.getDev botan2}"
|
|
"--with-objectstore-backend-db"
|
|
"--sysconfdir=$out/etc"
|
|
"--localstatedir=$out/var"
|
|
];
|
|
|
|
propagatedBuildInputs =
|
|
lib.optionals stdenv.hostPlatform.isDarwin [ libobjc Security ];
|
|
|
|
buildInputs = [ botan2 sqlite ];
|
|
|
|
postInstall = "rm -rf $out/var";
|
|
|
|
meta = with lib; {
|
|
homepage = "https://www.opendnssec.org/softhsm";
|
|
description = "Cryptographic store accessible through a PKCS #11 interface";
|
|
longDescription = "
|
|
SoftHSM provides a software implementation of a generic
|
|
cryptographic device with a PKCS#11 interface, which is of
|
|
course especially useful in environments where a dedicated hardware
|
|
implementation of such a device - for instance a Hardware
|
|
Security Module (HSM) or smartcard - is not available.
|
|
|
|
SoftHSM follows the OASIS PKCS#11 standard, meaning it should be
|
|
able to work with many cryptographic products. SoftHSM is a
|
|
programme of The Commons Conservancy.
|
|
";
|
|
license = licenses.bsd2;
|
|
maintainers = [ maintainers.leenaars ];
|
|
platforms = platforms.unix;
|
|
};
|
|
}
|