pkgs.ucspi-tcp: init

current stable of this pkg is broken, so we vendor it in nixpkgs. We removed the setuid bit from the build binaries
2017-07-04 17:39:43 +02:00 · 2017-07-04 17:39:43 +02:00 · e86202da34
commit e86202da34
parent aa63b803a0
2 changed files with 101 additions and 0 deletions
--- a/krebs/5pkgs/simple/ucspi-tcp/chmod.patch
+++ b/krebs/5pkgs/simple/ucspi-tcp/chmod.patch
@ -0,0 +1,15 @@
+diff --git a/hier.c b/hier.c
+index 5663ada..1d73b84 100644
+--- a/hier.c
+++ b/hier.c
+@@ -2,8 +2,8 @@
+ 
+ void hier()
+ {
+-  h(auto_home,-1,-1,02755);
+-  d(auto_home,"bin",-1,-1,02755);
+  h(auto_home,-1,-1,0755);
+  d(auto_home,"bin",-1,-1,0755);
+ 
+   c(auto_home,"bin","tcpserver",-1,-1,0755);
+   c(auto_home,"bin","tcprules",-1,-1,0755);
--- a/krebs/5pkgs/simple/ucspi-tcp/default.nix
+++ b/krebs/5pkgs/simple/ucspi-tcp/default.nix
@ -0,0 +1,86 @@
+{ stdenv, fetchurl }:
+
+stdenv.mkDerivation rec {
+  name = "ucspi-tcp-0.88";
+
+  src = fetchurl {
+    url = "http://cr.yp.to/ucspi-tcp/${name}.tar.gz";
+    sha256 = "171yl9kfm8w7l17dfxild99mbf877a9k5zg8yysgb1j8nz51a1ja";
+  };
+
+  # Plain upstream tarball doesn't build, get patches from Debian
+  patches = [
+    (fetchurl {
+      url = "http://ftp.de.debian.org/debian/pool/main/u/ucspi-tcp/ucspi-tcp_0.88-3.diff.gz";
+      sha256 = "0mzmhz8hjkrs0khmkzs5i0s1kgmgaqz07h493bd5jj5fm5njxln6";
+    })
+    ./chmod.patch
+  ];
+
+  # Apply Debian patches
+  postPatch = ''
+    for fname in debian/diff/*.diff; do
+        echo "Applying patch $fname"
+        patch < "$fname"
+    done
+  '';
+
+  # The build system is weird; 'make install' doesn't install anything, instead
+  # it builds an executable called ./install (from C code) which installs
+  # binaries to the directory given on line 1 in ./conf-home.
+  #
+  # Also, assume getgroups and setgroups work, instead of doing a build time
+  # test that breaks on NixOS (I think because nixbld users lack CAP_SETGID
+  # capability).
+  preBuild = ''
+    echo "$out" > conf-home
+
+    echo "main() { return 0; }" > chkshsgr.c
+  '';
+
+  installPhase = ''
+    mkdir -p "$out/bin"
+    mkdir -p "$out/share/man/man1"
+
+    # run the newly built installer
+    ./install
+
+    # Install Debian man pages (upstream has none)
+    cp debian/ucspi-tcp-man/*.1 "$out/share/man/man1"
+  '';
+
+  meta = with stdenv.lib; {
+    description = "Command-line tools for building TCP client-server applications";
+    longDescription = ''
+      tcpserver waits for incoming connections and, for each connection, runs a
+      program of your choice. Your program receives environment variables
+      showing the local and remote host names, IP addresses, and port numbers.
+
+      tcpserver offers a concurrency limit to protect you from running out of
+      processes and memory. When you are handling 40 (by default) simultaneous
+      connections, tcpserver smoothly defers acceptance of new connections.
+
+      tcpserver also provides TCP access control features, similar to
+      tcp-wrappers/tcpd's hosts.allow but much faster. Its access control rules
+      are compiled into a hashed format with cdb, so it can easily deal with
+      thousands of different hosts.
+
+      This package includes a recordio tool that monitors all the input and
+      output of a server.
+
+      tcpclient makes a TCP connection and runs a program of your choice. It
+      sets up the same environment variables as tcpserver.
+
+      This package includes several sample clients built on top of tcpclient:
+      who@, date@, finger@, http@, tcpcat, and mconnect.
+
+      tcpserver and tcpclient conform to UCSPI, the UNIX Client-Server Program
+      Interface, using the TCP protocol. UCSPI tools are available for several
+      different networks.
+    '';
+    homepage = http://cr.yp.to/ucspi-tcp.html;
+    license = licenses.publicDomain;
+    platforms = platforms.linux;
+    maintainers = [ maintainers.bjornfor ];
+  };
+}