nixpkgs-suyu/pkgs/tools/networking/stunnel/default.nix
Thomas Gerbet 99f895fa25 stunnel: 5.56 -> 5.58
Fixes CVE-2021-20230.
2021-03-06 20:25:25 +01:00

38 lines
1,007 B
Nix

{ lib, stdenv, fetchurl, openssl }:
stdenv.mkDerivation rec {
pname = "stunnel";
version = "5.58";
src = fetchurl {
url = "https://www.stunnel.org/downloads/${pname}-${version}.tar.gz";
sha256 = "d4c14cc096577edca3f6a2a59c2f51869e35350b3988018ddf808c88e5973b79";
# please use the contents of "https://www.stunnel.org/downloads/${name}.tar.gz.sha256",
# not the output of `nix-prefetch-url`
};
buildInputs = [ openssl ];
configureFlags = [
"--with-ssl=${openssl.dev}"
"--sysconfdir=/etc"
"--localstatedir=/var"
];
postInstall = ''
# remove legacy compatibility-wrapper that would require perl
rm $out/bin/stunnel3
'';
installFlags = [
"sysconfdir=\${out}/etc"
"localstatedir=\${TMPDIR}"
];
meta = {
description = "Universal tls/ssl wrapper";
homepage = "https://www.stunnel.org/";
license = lib.licenses.gpl2Plus;
platforms = lib.platforms.unix;
maintainers = [ lib.maintainers.thoughtpolice ];
};
}