99f895fa25
Fixes CVE-2021-20230.
38 lines
1,007 B
Nix
38 lines
1,007 B
Nix
{ lib, stdenv, fetchurl, openssl }:
|
|
|
|
stdenv.mkDerivation rec {
|
|
pname = "stunnel";
|
|
version = "5.58";
|
|
|
|
src = fetchurl {
|
|
url = "https://www.stunnel.org/downloads/${pname}-${version}.tar.gz";
|
|
sha256 = "d4c14cc096577edca3f6a2a59c2f51869e35350b3988018ddf808c88e5973b79";
|
|
# please use the contents of "https://www.stunnel.org/downloads/${name}.tar.gz.sha256",
|
|
# not the output of `nix-prefetch-url`
|
|
};
|
|
|
|
buildInputs = [ openssl ];
|
|
configureFlags = [
|
|
"--with-ssl=${openssl.dev}"
|
|
"--sysconfdir=/etc"
|
|
"--localstatedir=/var"
|
|
];
|
|
|
|
postInstall = ''
|
|
# remove legacy compatibility-wrapper that would require perl
|
|
rm $out/bin/stunnel3
|
|
'';
|
|
|
|
installFlags = [
|
|
"sysconfdir=\${out}/etc"
|
|
"localstatedir=\${TMPDIR}"
|
|
];
|
|
|
|
meta = {
|
|
description = "Universal tls/ssl wrapper";
|
|
homepage = "https://www.stunnel.org/";
|
|
license = lib.licenses.gpl2Plus;
|
|
platforms = lib.platforms.unix;
|
|
maintainers = [ lib.maintainers.thoughtpolice ];
|
|
};
|
|
}
|