diff --git a/pkgs/development/haskell-modules/configuration-common.nix b/pkgs/development/haskell-modules/configuration-common.nix
index c70fb5c0bc7..3586fd0a232 100644
--- a/pkgs/development/haskell-modules/configuration-common.nix
+++ b/pkgs/development/haskell-modules/configuration-common.nix
@@ -208,13 +208,17 @@ self: super: {
# Prevents needing to add security_tool as a build tool to all of x509-system's
# dependencies.
- # TODO: use pkgs.darwin.security_tool once we can build it
- x509-system = let security_tool = "/usr";
- in overrideCabal super.x509-system (drv: {
- patchPhase = (drv.patchPhase or "") + pkgs.stdenv.lib.optionalString pkgs.stdenv.isDarwin ''
- substituteInPlace System/X509/MacOS.hs --replace security ${security_tool}/bin/security
- '';
- });
+ x509-system = if pkgs.stdenv.isDarwin && !pkgs.stdenv.cc.nativeLibc
+ then let inherit (pkgs.darwin) security_tool;
+ in pkgs.lib.overrideDerivation (addBuildDepend super.x509-system security_tool) (drv: {
+ patchPhase = (drv.patchPhase or "") + ''
+ substituteInPlace System/X509/MacOS.hs --replace security ${security_tool}/bin/security
+ '';
+ __propagatedImpureHostDeps = drv.__propagatedImpureHostDeps ++ [
+ "/System/Library/Keychains"
+ ];
+ })
+ else super.x509-system;
double-conversion = if !pkgs.stdenv.isDarwin
then super.double-conversion
diff --git a/pkgs/development/tools/build-managers/gnustep/make/default.nix b/pkgs/development/tools/build-managers/gnustep/make/default.nix
new file mode 100644
index 00000000000..7fa9aad72db
--- /dev/null
+++ b/pkgs/development/tools/build-managers/gnustep/make/default.nix
@@ -0,0 +1,31 @@
+{ stdenv, fetchurl }:
+
+stdenv.mkDerivation rec {
+ name = "make-${version}";
+ version = "1.0";
+
+ src = fetchurl {
+ url = "http://ftpmain.gnustep.org/pub/gnustep/core/gnustep-make-2.6.6.tar.gz";
+ sha256 = "07cqr8x17bia9w6clbmiv7ay6r9nplrjz2cyzinv4w7zfpc19vxw";
+ };
+
+ patchPhase = ''
+ substituteInPlace GNUmakefile.in \
+ --replace which type \
+ --replace 'tooldir = $(DESTDIR)' 'tooldir = ' \
+ --replace 'makedir = $(DESTDIR)' 'makedir = ' \
+ --replace 'mandir = $(DESTDIR)' 'mandir = '
+
+ substituteInPlace FilesystemLayouts/apple \
+ --replace /usr/local ""
+ '';
+
+ installFlags = "DESTDIR=$(out)";
+
+ postInstall = ''
+ mkdir -p $out/nix-support
+ cat >$out/nix-support/setup-hook <<EOF
+ . $out/Library/GNUstep/Makefiles/GNUstep.sh
+ EOF
+ '';
+}
diff --git a/pkgs/development/tools/build-managers/gnustep/xcode/default.nix b/pkgs/development/tools/build-managers/gnustep/xcode/default.nix
new file mode 100644
index 00000000000..4f31c6df6d8
--- /dev/null
+++ b/pkgs/development/tools/build-managers/gnustep/xcode/default.nix
@@ -0,0 +1,23 @@
+{ stdenv, fetchgit, gnustep-make, Foundation, libobjc }:
+
+stdenv.mkDerivation rec {
+ name = "xcode-${version}";
+ version = "1.0";
+
+ makeFlags = "messages=yes";
+
+ installFlags = "DESTDIR=$(out)";
+
+ __impureHostDeps = [
+ "/System/Library/PrivateFrameworks/UIFoundation.framework/Versions/A/UIFoundation"
+ "/usr/lib/libextension.dylib"
+ ];
+
+ buildInputs = [ gnustep-make Foundation libobjc ];
+
+ src = fetchgit {
+ url = "https://github.com/gnustep/xcode";
+ rev = "cc5016794e44f9998674120a5e4625aa09ca455a";
+ sha256 = "85420f3f61091b2e4548cf5e99d886cb9c72cf07b8b9fae3eebc87e7b6b7e54a";
+ };
+}
diff --git a/pkgs/os-specific/darwin/apple-sdk/default.nix b/pkgs/os-specific/darwin/apple-sdk/default.nix
index 61cc84ca2be..33d0e5eb385 100644
--- a/pkgs/os-specific/darwin/apple-sdk/default.nix
+++ b/pkgs/os-specific/darwin/apple-sdk/default.nix
@@ -1,9 +1,7 @@
{ stdenv, fetchurl, xar, gzip, cpio, CF }:
let
- # I'd rather not "export" this, since they're somewhat monolithic and encourage bad habits.
- # Also, the include directory inside here should be captured (almost?) entirely by our more
- # precise Apple package structure, so with any luck it's unnecessary.
+ # sadly needs to be exported because security_tool needs it
sdk = stdenv.mkDerivation rec {
version = "10.9";
name = "MacOS_SDK-${version}";
diff --git a/pkgs/os-specific/darwin/apple-sdk/frameworks.nix b/pkgs/os-specific/darwin/apple-sdk/frameworks.nix
index ca700a9be7e..222168d39da 100644
--- a/pkgs/os-specific/darwin/apple-sdk/frameworks.nix
+++ b/pkgs/os-specific/darwin/apple-sdk/frameworks.nix
@@ -76,7 +76,7 @@ with frameworks; with libs; {
OpenAL = [];
OpenCL = [ IOSurface OpenGL ];
OpenGL = [];
- PCSC = [];
+ PCSC = [ CoreData ];
PreferencePanes = [];
PubSub = [];
Python = [ ApplicationServices ];
diff --git a/pkgs/os-specific/darwin/apple-sdk/impure-deps.nix b/pkgs/os-specific/darwin/apple-sdk/impure-deps.nix
index 0d2f2728406..54a6dcfaeaf 100644
--- a/pkgs/os-specific/darwin/apple-sdk/impure-deps.nix
+++ b/pkgs/os-specific/darwin/apple-sdk/impure-deps.nix
@@ -16,6 +16,12 @@ rec {
"/usr/lib/libpam.2.dylib"
"/usr/lib/libxar.1.dylib"
];
+ GSS = [
+ "/System/Library/Frameworks/GSS.framework"
+ ];
+ Kerberos = [
+ "/System/Library/Frameworks/Kerberos.framework"
+ ];
CoreServices = [
"/System/Library/Frameworks/CoreServices.framework"
"/System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/DataDetectorsCore"
@@ -76,6 +82,8 @@ rec {
"/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv"
"/System/Library/PrivateFrameworks/FaceCore.framework/Versions/A/FaceCore"
"/System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/GenerationalStorage"
+ "/System/Library/PrivateFrameworks/Heimdal.framework/Heimdal"
+ "/System/Library/PrivateFrameworks/Heimdal.framework/Versions/Current"
"/System/Library/PrivateFrameworks/Heimdal.framework/Versions/A/Heimdal"
"/System/Library/PrivateFrameworks/IconServices.framework/Versions/A/IconServices"
"/System/Library/PrivateFrameworks/LanguageModeling.framework/Versions/A/LanguageModeling"
diff --git a/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix b/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix
index 3427081bfaa..8687f3fe532 100644
--- a/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix
+++ b/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix
@@ -1,6 +1,8 @@
{ stdenv, appleDerivation, launchd, bootstrap_cmds, xnu, ppp, IOKit, eap8021x, Security }:
appleDerivation {
+ meta.broken = stdenv.cc.nativeLibc;
+
buildInputs = [ launchd bootstrap_cmds xnu ppp IOKit eap8021x ];
propagatedBuildInputs = [ Security ];
diff --git a/pkgs/os-specific/darwin/apple-source-releases/default.nix b/pkgs/os-specific/darwin/apple-source-releases/default.nix
index 1d89577012c..f29a2b5b911 100644
--- a/pkgs/os-specific/darwin/apple-source-releases/default.nix
+++ b/pkgs/os-specific/darwin/apple-source-releases/default.nix
@@ -6,19 +6,24 @@ let
inherit sha256;
};
+ appleDerivation_ = name: version: sha256: attrs: stdenv.mkDerivation ({
+ inherit version;
+ name = "${name}-${version}";
+ } // (if attrs ? srcs then {} else {
+ src = fetchApple version sha256 name;
+ }) // attrs);
+
applePackage = namePath: version: sha256:
let
name = builtins.elemAt (stdenv.lib.splitString "/" namePath) 0;
-
- appleDerivation = attrs: stdenv.mkDerivation ({
- inherit version;
- name = "${name}-${version}";
- } // (if attrs ? srcs then {} else {
- src = fetchApple version sha256 name;
- }) // attrs);
+ appleDerivation = appleDerivation_ name version sha256;
callPackage = pkgs.newScope (packages // pkgs.darwin // { inherit appleDerivation name version; });
in callPackage (./. + builtins.toPath "/${namePath}");
+ libsecPackage = pkgs.callPackage ./libsecurity_generic {
+ inherit applePackage appleDerivation_;
+ };
+
IOKitSpecs = {
IOAudioFamily = fetchApple "197.4.2" "1dmrczdmbdkvnhjbv233wx4xczgpf5wjrhr83aizrwpks5avkxbr";
IOFireWireFamily = fetchApple "455.4.0" "034n2v6z7lf1cx3sp3309z4sn8mkchjcrsf177iag46yzlzcjgfl";
@@ -66,11 +71,12 @@ let
libdispatch = applePackage "libdispatch" "339.92.1" "1lc5033cmkwxy3r26gh9plimxshxfcbgw6i0j7mgjlnpk86iy5bk" {};
libiconv = applePackage "libiconv" "41" "0sni1gx6i2h7r4r4hhwbxdir45cp039m4wi74izh4l0pfw7gywad" {};
Libinfo = applePackage "Libinfo" "449.1.3" "1ix6f7xwjnq9bqgv8w27k4j64bqn1mfhh91nc7ciiv55axpdb9hq" {};
- Libm = applePackage "Libm" "2026" "02sd82ig2jvvyyfschmb4gpz6psnizri8sh6i982v341x6y4ysl7" {};
+ Libm = applePackage "Libm" "2026" "02sd82ig2jvvyyfschmb4gpz6psnizri8sh6i982v341x6y4ysl7" {}; # This is from 10.7 !! :(
Libnotify = applePackage "Libnotify" "121.20.1" "164rx4za5z74s0mk9x0m1815r1m9kfal8dz3bfaw7figyjd6nqad" {};
libpthread = applePackage "libpthread" "105.1.4" "09vwwahcvmxvx2xl0890gkp91n61dld29j73y2pa597bqkag2qpg" {};
libresolv = applePackage "libresolv" "54" "028mp2smd744ryxwl8cqz4njv8h540sdw3an1yl7yxqcs04r0p4b" {};
Libsystem = applePackage "Libsystem" "1197.1.1" "1yfj2qdrf9vrzs7p9m4wlb7zzxcrim1gw43x4lvz4qydpp5kg2rh" {};
+ libutil = applePackage "libutil" "38" "12gsvmj342n5d81kqwba68bmz3zf2757442g1sz2y5xmcapa3g5f" {};
libunwind = applePackage "libunwind" "35.3" "0miffaa41cv0lzf8az5k1j1ng8jvqvxcr4qrlkf3xyj479arbk1b" {};
mDNSResponder = applePackage "mDNSResponder" "522.92.1" "1cp87qda1s7brriv413i71yggm8yqfwv64vknrnqv24fcb8hzbmy" {};
objc4 = applePackage "objc4" "551.1" "1jrdb6yyb5jwwj27c1r0nr2y2ihqjln8ynj61mpkvp144c1cm5bg" {};
@@ -79,5 +85,27 @@ let
removefile = applePackage "removefile" "33" "0ycvp7cnv40952a1jyhm258p6gg5xzh30x86z5gb204x80knw30y" {};
Security = applePackage "Security" "55471.14.18" "1nv0dczf67dhk17hscx52izgdcyacgyy12ag0jh6nl5hmfzsn8yy" {};
xnu = applePackage "xnu" "2422.115.4" "1ssw5fzvgix20bw6y13c39ib0zs7ykpig3irlwbaccpjpci5jl0s" {};
+
+ libsecurity_apple_csp = libsecPackage "libsecurity_apple_csp" "55003" "1ngyn1ik27n4x981px3kfd1z1n8zx7r5w812b6qfjpy5nw4h746w" {};
+ libsecurity_apple_cspdl = libsecPackage "libsecurity_apple_cspdl" "55000" "1svqa5fhw7p7njzf8bzg7zgc5776aqjhdbnlhpwmr5hmz5i0x8r7" {};
+ libsecurity_apple_file_dl = libsecPackage "libsecurity_apple_file_dl" "55000" "1dfqani3n135i3iqmafc1k9awmz6s0a78zifhk15rx5a8ps870bl" {};
+ libsecurity_apple_x509_cl = libsecPackage "libsecurity_apple_x509_cl" "55004" "1gji2i080560s08k1nigsla1zdmi6slyv97xaj5vqxjpxb0g1xf5" {};
+ libsecurity_apple_x509_tp = libsecPackage "libsecurity_apple_x509_tp" "55009.3" "1bsms3nvi62wbvjviwjhjhzhylad8g6vmvlj3ngd0wyd0ywxrs46" {};
+ libsecurity_asn1 = libsecPackage "libsecurity_asn1" "55000.2" "0i8aakjxdfj0lqcgqmbip32g7r4h57xhs8w0sxfvfl45q22s782w" {};
+ libsecurity_cdsa_client = libsecPackage "libsecurity_cdsa_client" "55000" "127jxnypkycy8zqwicfv333h11318m00gd37jnswbrpg44xd1wdy" {};
+ libsecurity_cdsa_plugin = libsecPackage "libsecurity_cdsa_plugin" "55001" "0ifmx85rs51i7zjm015s8kc2dqyrlvbr39lw9xzxgd2ds33i4lfj" {};
+ libsecurity_cdsa_utilities = libsecPackage "libsecurity_cdsa_utilities" "55006" "1kzsl0prvfa8a0m3j3pcxq06aix1csgayd3lzx27iqg84c8mhzan" {};
+ libsecurity_cdsa_utils = libsecPackage "libsecurity_cdsa_utils" "55000" "0q55jizav6n0lkj7lcmcr2mjdhnbnnn525fa9ipwgvzbspihw0g6" {};
+ libsecurity_codesigning = libsecPackage "libsecurity_codesigning" "55037.15" "0vf5nj2g383b4hknlp51qll5pm8z4qbf56dnc16n3wm8gj82iasy" {};
+ libsecurity_cssm = libsecPackage "libsecurity_cssm" "55005.5" "0l6ia533bhr8kqp2wa712bnzzzisif3kbn7h3bzzf4nps4wmwzn4" {};
+ libsecurity_filedb = libsecPackage "libsecurity_filedb" "55016.1" "1r0ik95xapdl6l2lhd079vpq41jjgshz2hqb8490gpy5wyc49cxb" {};
+ libsecurity_keychain = libsecPackage "libsecurity_keychain" "55050.9" "15wf2slcgyns61kk7jndgm9h22vidyphh9x15x8viyprra9bkhja" {};
+ libsecurity_mds = libsecPackage "libsecurity_mds" "55000" "0vin5hnzvkx2rdzaaj2gxmx38amxlyh6j24a8gc22y09d74p5lzs" {};
+ libsecurity_ocspd = libsecPackage "libsecurity_ocspd" "55010" "1bxzpihc6w0ji4x8810a4lfkq83787yhjl60xm24bv1prhqcm73b" {};
+ libsecurity_pkcs12 = libsecPackage "libsecurity_pkcs12" "55000" "1yq8p2sp39q40fxshb256b7jn9lvmpymgpm8yz9kqrf980xddgsg" {};
+ libsecurity_sd_cspdl = libsecPackage "libsecurity_sd_cspdl" "55003" "10v76xycfnvz1n0zqfbwn3yh4w880lbssqhkn23iim3ihxgm5pbd" {};
+ libsecurity_utilities = libsecPackage "libsecurity_utilities" "55030.3" "0ayycfy9jm0n0c7ih9f3m69ynh8hs80v8yicq47aa1h9wclbxg8r" {};
+ libsecurityd = libsecPackage "libsecurityd" "55004" "1ywm2qj8l7rhaxy5biwxsyavd0d09d4bzchm03nlvwl313p2747x" {};
+ security_dotmac_tp = libsecPackage "security_dotmac_tp" "55107.1" "1l4fi9qhrghj0pkvywi8da22bh06c5bv3l40a621b5g258na50pl" {};
};
in packages
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libauto/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libauto/default.nix
index 1c61297c7d5..2003bb6e55e 100644
--- a/pkgs/os-specific/darwin/apple-source-releases/libauto/default.nix
+++ b/pkgs/os-specific/darwin/apple-source-releases/libauto/default.nix
@@ -1,9 +1,14 @@
-{ stdenv, appleDerivation }:
+{ stdenv, appleDerivation, libdispatch, Libsystem }:
appleDerivation {
+ # these are included in the pure libc
+ buildInputs = stdenv.lib.optionals stdenv.cc.nativeLibc [ libdispatch Libsystem ];
+
buildPhase = ''
cp ${./auto_dtrace.h} ./auto_dtrace.h
+ substituteInPlace ThreadLocalCollector.h --replace SubZone.h Subzone.h
+
substituteInPlace auto_zone.cpp \
--replace "#include <msgtracer_client.h>" ''$'#include <asl.h>\nstatic void msgtracer_log_with_keys(...) { };'
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_csp/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_csp/GNUmakefile
new file mode 100644
index 00000000000..ca263228fde
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_csp/GNUmakefile
@@ -0,0 +1,11 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_apple_csp
+
+security_apple_csp_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_apple_csp_HEADER_FILES_DIR = lib
+
+security_apple_csp_CC_FILES = $(wildcard lib/*.cpp)
+security_apple_csp_C_FILES = $(wildcard lib/*.c)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_csp/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_csp/default.nix
new file mode 100644
index 00000000000..add46454cbe
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_csp/default.nix
@@ -0,0 +1,31 @@
+{ appleDerivation, apple_sdk, libsecurity_asn1, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_cdsa_utils, libsecurity_utilities, osx_private_sdk, stdenv }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_cdsa_utilities
+ libsecurity_utilities
+ libsecurity_cdsa_plugin
+ libsecurity_asn1
+ libsecurity_cdsa_utils
+ ];
+ NIX_CFLAGS_COMPILE = "-Iopen_ssl";
+ patchPhase = ''
+ for file in lib/BlockCryptor.h lib/RSA_DSA_signature.h lib/castContext.h \
+ lib/RawSigner.h lib/MD2Object.h lib/HMACSHA1.h lib/bfContext.h lib/rc4Context.h; do
+ substituteInPlace ''$file --replace \
+ '"CoreServices/../Frameworks/CarbonCore.framework/Headers/MacTypes.h"' \
+ '"${apple_sdk.sdk}/include/MacTypes.h"'
+ done
+
+ for file in lib/castContext.h lib/gladmanContext.h lib/desContext.h lib/rc4Context.h; do
+ substituteInPlace ''$file --replace \
+ '/usr/local/include/CommonCrypto/CommonCryptorSPI.h' \
+ '${osx_private_sdk}/usr/include/CommonCrypto/CommonCryptorSPI.h'
+ done
+
+ substituteInPlace lib/opensshWrap.cpp --replace RSA_DSA_Keys.h RSA_DSA_keys.h
+ '' + stdenv.lib.optionalString (!stdenv.cc.nativeLibc) ''
+ substituteInPlace lib/pbkdf2.c --replace \
+ '<CoreServices/../Frameworks/CarbonCore.framework/Headers/ConditionalMacros.h>' \
+ '"${stdenv.libc}/include/ConditionalMacros.h"'
+ '';
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_cspdl/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_cspdl/GNUmakefile
new file mode 100644
index 00000000000..a0d48cf4965
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_cspdl/GNUmakefile
@@ -0,0 +1,10 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_apple_cspdl
+
+security_apple_cspdl_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_apple_cspdl_HEADER_FILES_DIR = lib
+
+security_apple_cspdl_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_cspdl/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_cspdl/default.nix
new file mode 100644
index 00000000000..b80d4c8aad2
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_cspdl/default.nix
@@ -0,0 +1,16 @@
+{ appleDerivation, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_keychain, libsecurity_utilities, libsecurityd }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_cdsa_plugin
+ libsecurity_cdsa_utilities
+ libsecurity_utilities
+ libsecurityd
+ libsecurity_cdsa_client
+ libsecurity_keychain
+ ];
+ patchPhase = ''
+ for file in lib/*; do
+ sed -i 's/#include <\(.*\)>/#include "\1"/' ''$file
+ done
+ '';
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_file_dl/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_file_dl/GNUmakefile
new file mode 100644
index 00000000000..f52829c644d
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_file_dl/GNUmakefile
@@ -0,0 +1,10 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_apple_file_dl
+
+security_apple_file_dl_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_apple_file_dl_HEADER_FILES_DIR = lib
+
+security_apple_file_dl_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_file_dl/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_file_dl/default.nix
new file mode 100644
index 00000000000..0eb2ee10fd8
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_file_dl/default.nix
@@ -0,0 +1,17 @@
+{ appleDerivation, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_filedb, libsecurity_keychain, libsecurity_utilities, libsecurityd }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_cdsa_plugin
+ libsecurity_cdsa_utilities
+ libsecurity_utilities
+ libsecurityd
+ libsecurity_cdsa_client
+ libsecurity_keychain
+ libsecurity_filedb
+ ];
+ patchPhase = ''
+ for file in lib/*; do
+ sed -i 's/#include <\(.*\)>/#include "\1"/' ''$file
+ done
+ '';
+}
\ No newline at end of file
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_cl/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_cl/GNUmakefile
new file mode 100644
index 00000000000..c7c9c3d4e79
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_cl/GNUmakefile
@@ -0,0 +1,10 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_apple_x509_cl
+
+security_apple_x509_cl_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_apple_x509_cl_HEADER_FILES_DIR = lib
+
+security_apple_x509_cl_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_cl/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_cl/default.nix
new file mode 100644
index 00000000000..d2f15e19ccf
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_cl/default.nix
@@ -0,0 +1,18 @@
+{ appleDerivation, libsecurity_asn1, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_filedb, libsecurity_keychain, libsecurity_utilities, libsecurityd, osx_private_sdk }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_cdsa_plugin
+ libsecurity_cdsa_utilities
+ libsecurity_utilities
+ libsecurityd
+ libsecurity_cdsa_client
+ libsecurity_keychain
+ libsecurity_filedb
+ libsecurity_asn1
+ ];
+ patchPhase = ''
+ for file in lib/*; do
+ sed -i 's/#include <\(.*\)>/#include "\1"/' ''$file
+ done
+ '';
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/GNUmakefile
new file mode 100644
index 00000000000..083a8a85d17
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/GNUmakefile
@@ -0,0 +1,10 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_apple_x509_tp
+
+security_apple_x509_tp_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_apple_x509_tp_HEADER_FILES_DIR = lib
+
+security_apple_x509_tp_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/default.nix
new file mode 100644
index 00000000000..6410c134f89
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/default.nix
@@ -0,0 +1,19 @@
+{ appleDerivation, libsecurity_asn1, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_filedb, libsecurity_keychain, libsecurity_ocspd, libsecurity_utilities, libsecurityd }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_cdsa_plugin
+ libsecurity_cdsa_utilities
+ libsecurity_utilities
+ libsecurityd
+ libsecurity_cdsa_client
+ libsecurity_keychain
+ libsecurity_filedb
+ libsecurity_asn1
+ libsecurity_ocspd
+ ];
+ patchPhase = ''
+ for file in lib/*; do
+ sed -i 's/#include <\(.*\)>/#include "\1"/' ''$file
+ done
+ '';
+}
\ No newline at end of file
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_asn1/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_asn1/GNUmakefile
new file mode 100644
index 00000000000..1c3c4f0b25b
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_asn1/GNUmakefile
@@ -0,0 +1,11 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_asn1
+
+security_asn1_C_FILES = $(wildcard lib/*.c)
+security_asn1_CC_FILES = $(wildcard lib/*.cpp)
+
+security_asn1_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_asn1_HEADER_FILES_DIR = lib
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_asn1/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_asn1/default.nix
new file mode 100644
index 00000000000..ab11d893d19
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_asn1/default.nix
@@ -0,0 +1,14 @@
+{ appleDerivation, libsecurity_cdsa_utilities, libsecurity_utilities, osx_private_sdk }:
+appleDerivation {
+ __propagatedImpureHostDeps = [
+ "/System/Library/Frameworks/Security.framework/Security"
+ "/System/Library/Frameworks/Security.framework/Resources"
+ "/System/Library/Frameworks/Security.framework/PlugIns"
+ "/System/Library/Frameworks/Security.framework/XPCServices"
+ "/System/Library/Frameworks/Security.framework/Versions"
+ ];
+ propagatedBuildInputs = [
+ libsecurity_utilities
+ libsecurity_cdsa_utilities
+ ];
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/GNUmakefile
new file mode 100644
index 00000000000..91fb6bb679e
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/GNUmakefile
@@ -0,0 +1,10 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_cdsa_client
+
+security_cdsa_client_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_cdsa_client_HEADER_FILES_DIR = lib
+
+security_cdsa_client_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/default.nix
new file mode 100644
index 00000000000..2ecad568bf7
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/default.nix
@@ -0,0 +1,8 @@
+{ appleDerivation, libsecurity_cdsa_utilities, libsecurity_utilities, libsecurityd }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_utilities
+ libsecurity_cdsa_utilities
+ libsecurityd
+ ];
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/GNUmakefile
new file mode 100644
index 00000000000..9e1260f9b9c
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/GNUmakefile
@@ -0,0 +1,10 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_cdsa_plugin
+
+security_cdsa_plugin_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_cdsa_plugin_HEADER_FILES_DIR = lib
+
+security_cdsa_plugin_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/default.nix
new file mode 100644
index 00000000000..b0c35f0e30c
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/default.nix
@@ -0,0 +1,15 @@
+{ appleDerivation, libsecurity_cdsa_utilities, libsecurity_cssm, libsecurity_utilities, osx_private_sdk, perl }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_cdsa_utilities
+ libsecurity_utilities
+ perl
+ ];
+ patchPhase = ''
+ unpackFile ${libsecurity_cssm.src}
+ cp libsecurity_cssm*/lib/cssm{dli,aci,cli,cspi,tpi}.h lib
+ '';
+ preBuild = ''
+ perl lib/generator.pl lib lib/generator.cfg lib lib || exit 1
+ '';
+}
\ No newline at end of file
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/GNUmakefile
new file mode 100644
index 00000000000..24bc1fe7e3a
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/GNUmakefile
@@ -0,0 +1,13 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_cdsa_utilities
+
+security_cdsa_utilities_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_cdsa_utilities_HEADER_FILES_DIR = lib
+
+security_cdsa_utilities_CC_FILES = $(wildcard lib/*.cpp) lib/Schema.cpp lib/KeySchema.cpp
+
+lib/%.cpp: lib/%.m4
+ m4 $< > $@
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/default.nix
new file mode 100644
index 00000000000..6f2436f2149
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/default.nix
@@ -0,0 +1,13 @@
+{ CommonCrypto, appleDerivation, libsecurity_codesigning, libsecurity_utilities, m4, osx_private_sdk }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_utilities
+ m4
+ ];
+ patchPhase = ''
+ patch -p1 < ${./handletemplates.patch}
+ unpackFile ${libsecurity_codesigning.src}
+ mv libsecurity_codesigning*/lib security_codesigning
+ '';
+ NIX_CFLAGS_COMPILE = "-I${CommonCrypto}/include/CommonCrypto";
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/handletemplates.patch b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/handletemplates.patch
new file mode 100644
index 00000000000..e5a703b2a08
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/handletemplates.patch
@@ -0,0 +1,19 @@
+--- a/lib/handletemplates.h 1969-12-31 16:00:01.000000000 -0800
++++ b/lib/handletemplates.h 1969-12-31 16:00:01.000000000 -0800
+@@ -32,6 +32,7 @@
+ #include <security_utilities/threading.h>
+ #include <security_utilities/globalizer.h>
+ #include <security_cdsa_utilities/cssmerrors.h>
++#include <vector>
+
+ #if __GNUC__ > 2
+ #include <ext/hash_map>
+@@ -129,7 +130,7 @@
+ // @@@ Remove when 4003540 is fixed
+ template <class Subtype>
+ static void findAllRefs(std::vector<_Handle> &refs) {
+- state().findAllRefs<Subtype>(refs);
++ state().template findAllRefs<Subtype>(refs);
+ }
+
+ protected:
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utils/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utils/GNUmakefile
new file mode 100644
index 00000000000..7b5b7dc186a
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utils/GNUmakefile
@@ -0,0 +1,13 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_cdsa_utils
+
+security_cdsa_utils_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_cdsa_utils_HEADER_FILES_DIR = lib
+
+security_cdsa_utils_CC_FILES = $(wildcard lib/*.cpp)
+
+lib/%.cpp: lib/%.m4
+ m4 $< > $@
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utils/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utils/default.nix
new file mode 100644
index 00000000000..d9b594bc47c
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utils/default.nix
@@ -0,0 +1,8 @@
+{ Security, appleDerivation, apple_sdk, cppcheck, libsecurity_cdsa_utilities, libsecurity_utilities, m4, osx_private_sdk }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_utilities
+ libsecurity_cdsa_utilities
+ m4
+ ];
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/GNUmakefile
new file mode 100644
index 00000000000..e923b962c26
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/GNUmakefile
@@ -0,0 +1,10 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_codesigning
+
+security_codesigning_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_codesigning_HEADER_FILES_DIR = lib
+
+security_codesigning_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix
new file mode 100644
index 00000000000..c5ba9cc8d7e
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix
@@ -0,0 +1,7 @@
+{ appleDerivation, libsecurity_cdsa_utilities, libsecurity_utilities }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_utilities
+ libsecurity_cdsa_utilities
+ ];
+}
\ No newline at end of file
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/GNUmakefile
new file mode 100644
index 00000000000..c7835aaa9b0
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/GNUmakefile
@@ -0,0 +1,11 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_cssm
+
+security_cssm_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_cssm_HEADER_FILES_DIR = lib
+
+security_cssm_CC_FILES = $(wildcard lib/*.cpp)
+security_cssm_C_FILES = $(wildcard lib/*.c)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/default.nix
new file mode 100644
index 00000000000..053dea134c7
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/default.nix
@@ -0,0 +1,14 @@
+{ appleDerivation, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_codesigning, libsecurity_utilities, perl }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_utilities
+ libsecurity_cdsa_utilities
+ libsecurity_cdsa_client
+ perl
+ libsecurity_cdsa_plugin
+ ];
+ preBuild = ''
+ mkdir derived_src
+ perl lib/generator.pl lib lib/generator.cfg derived_src
+ '';
+}
\ No newline at end of file
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_filedb/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_filedb/GNUmakefile
new file mode 100644
index 00000000000..4359810c56b
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_filedb/GNUmakefile
@@ -0,0 +1,10 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_filedb
+
+security_filedb_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_filedb_HEADER_FILES_DIR = lib
+
+security_filedb_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_filedb/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_filedb/default.nix
new file mode 100644
index 00000000000..86cc2a390db
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_filedb/default.nix
@@ -0,0 +1,13 @@
+{ appleDerivation, apple_sdk, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_utilities, osx_private_sdk }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_utilities
+ libsecurity_cdsa_utilities
+ libsecurity_cdsa_plugin
+ ];
+ patchPhase = ''
+ cp ${osx_private_sdk}/usr/local/include/sandbox_private.h .
+ substituteInPlace sandbox_private.h --replace '<sandbox.h>' '"${apple_sdk.sdk}/include/sandbox.h"'
+ substituteInPlace lib/AtomicFile.cpp --replace '<sandbox.h>' '"sandbox_private.h"'
+ '';
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/default.nix
new file mode 100644
index 00000000000..a94b9b455ef
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/default.nix
@@ -0,0 +1,58 @@
+{ appleDerivation_, applePackage, pkgs, stdenv }:
+name: version: sha256: args: let
+ n = stdenv.lib.removePrefix "lib" name;
+ makeFile = ../. + builtins.toPath "/${name}/GNUmakefile";
+ appleDerivation = appleDerivation_ name version sha256;
+ in applePackage name version sha256 (args // {
+ appleDerivation = a:
+ appleDerivation (stdenv.lib.mergeAttrsConcatenateValues {
+ __impureHostDeps = import ./impure_deps.nix;
+
+ patchPhase = ''
+ # allows including <Security/some-private-header.h>
+ ln -s ${pkgs.darwin.osx_private_sdk}/System/Library/Frameworks/Security.framework/Versions/A/PrivateHeaders Security
+
+ grep -Rl MacErrors.h . | while read file; do
+ substituteInPlace "''$file" --replace \
+ '<CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>' \
+ '"${pkgs.darwin.apple_sdk.sdk}/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Headers/MacErrors.h"'
+ done || true # grep returns 1 if it can't find the string
+
+ grep -Rl MacTypes.h . | while read file; do
+ substituteInPlace "''$file" --replace \
+ '<CoreServices/../Frameworks/CarbonCore.framework/Headers/MacTypes.h>' \
+ '"${pkgs.darwin.apple_sdk.sdk}/include/MacTypes.h"'
+ done || true # grep returns 1 if it can't find the string
+ '';
+ preBuild = ''
+ ln -s lib ${n}
+ makeFlagsArray=(-j''$NIX_BUILD_CORES)
+ '';
+ buildInputs = [
+ pkgs.gnustep-make
+ ];
+ makeFlags = [
+ "-f${makeFile}"
+ "MAKEFILE_NAME=${makeFile}"
+ "GNUSTEP_ABSOLUTE_INSTALL_PATHS=yes"
+ "LIB_LINK_INSTALL_DIR=\$(out)/lib"
+ ];
+ installFlags = [
+ "${n}_INSTALL_DIR=\$(out)/lib"
+ "${n}_HEADER_FILES_INSTALL_DIR=\$(out)/include/${n}"
+ "GNUSTEP_HEADERS="
+ ];
+ NIX_CFLAGS_COMPILE = [
+ "-isystem lib"
+ "-iframework ${pkgs.darwin.Security}/Library/Frameworks"
+ "-I."
+ "-Wno-deprecated-declarations"
+ ];
+ NIX_LDFLAGS = with pkgs.darwin; with apple_sdk.frameworks; [
+ "-L${libobjc}/lib"
+ "-F${Foundation}/Library/Frameworks"
+ "-F${AppKit}/Library/Frameworks"
+ "-no_dtrace_dof"
+ ];
+ } a);
+ })
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/impure_deps.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/impure_deps.nix
new file mode 100644
index 00000000000..7725b9f3d1a
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/impure_deps.nix
@@ -0,0 +1,129 @@
+# generated using a ruby script
+[
+ "/System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate"
+ "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage"
+ "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib"
+ "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib"
+ "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLinearAlgebra.dylib"
+ "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib"
+ "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib"
+ "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib"
+ "/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit"
+ "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices"
+ "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS"
+ "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Resources/libFontParser.dylib"
+ "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Resources/libFontRegistry.dylib"
+ "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync"
+ "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices"
+ "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis"
+ "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore"
+ "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD"
+ "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis"
+ "/System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox"
+ "/System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit"
+ "/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork"
+ "/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound"
+ "/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox"
+ "/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink"
+ "/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition"
+ "/System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio"
+ "/System/Library/Frameworks/CoreBluetooth.framework/Versions/A/CoreBluetooth"
+ "/System/Library/Frameworks/CoreData.framework/Versions/A/CoreData"
+ "/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation"
+ "/System/Library/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics"
+ "/System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices"
+ "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE"
+ "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore"
+ "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/DictionaryServices.framework/Versions/A/DictionaryServices"
+ "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/FSEvents.framework/Versions/A/FSEvents"
+ "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices"
+ "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata"
+ "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices"
+ "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit"
+ "/System/Library/Frameworks/CoreText.framework/Versions/A/CoreText"
+ "/System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo"
+ "/System/Library/Frameworks/CoreWLAN.framework/Versions/A/CoreWLAN"
+ "/System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration"
+ "/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation"
+ "/System/Library/Frameworks/GSS.framework/Versions/A/GSS"
+ "/System/Library/Frameworks/IOBluetooth.framework/Versions/A/IOBluetooth"
+ "/System/Library/Frameworks/IOKit.framework/Versions/A/IOKit"
+ "/System/Library/Frameworks/IOSurface.framework/Versions/A/IOSurface"
+ "/System/Library/Frameworks/ImageIO.framework/Versions/A/ImageIO"
+ "/System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib"
+ "/System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libJP2.dylib"
+ "/System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib"
+ "/System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib"
+ "/System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib"
+ "/System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib"
+ "/System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos"
+ "/System/Library/Frameworks/NetFS.framework/Versions/A/NetFS"
+ "/System/Library/Frameworks/OpenCL.framework/Versions/A/OpenCL"
+ "/System/Library/Frameworks/OpenDirectory.framework/Versions/A/Frameworks/CFOpenDirectory.framework/Versions/A/CFOpenDirectory"
+ "/System/Library/Frameworks/OpenDirectory.framework/Versions/A/OpenDirectory"
+ "/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libCVMSPluginSupport.dylib"
+ "/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libCoreVMClient.dylib"
+ "/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGFXShared.dylib"
+ "/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib"
+ "/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib"
+ "/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib"
+ "/System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL"
+ "/System/Library/Frameworks/QuartzCore.framework/Versions/A/Frameworks/CoreImage.framework/Versions/A/CoreImage"
+ "/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore"
+ "/System/Library/Frameworks/Security.framework/Versions/A/Security"
+ "/System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation"
+ "/System/Library/Frameworks/ServiceManagement.framework/Versions/A/ServiceManagement"
+ "/System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration"
+ "/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Apple80211"
+ "/System/Library/PrivateFrameworks/AppleJPEG.framework/Versions/A/AppleJPEG"
+ "/System/Library/PrivateFrameworks/AppleVPA.framework/Versions/A/AppleVPA"
+ "/System/Library/PrivateFrameworks/Backup.framework/Versions/A/Backup"
+ "/System/Library/PrivateFrameworks/ChunkingLibrary.framework/Versions/A/ChunkingLibrary"
+ "/System/Library/PrivateFrameworks/CommonAuth.framework/Versions/A/CommonAuth"
+ "/System/Library/PrivateFrameworks/CoreSymbolication.framework/Versions/A/CoreSymbolication"
+ "/System/Library/PrivateFrameworks/CoreUI.framework/Versions/A/CoreUI"
+ "/System/Library/PrivateFrameworks/CoreWiFi.framework/Versions/A/CoreWiFi"
+ "/System/Library/PrivateFrameworks/CrashReporterSupport.framework/Versions/A/CrashReporterSupport"
+ "/System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/DataDetectorsCore"
+ "/System/Library/PrivateFrameworks/DebugSymbols.framework/Versions/A/DebugSymbols"
+ "/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv"
+ "/System/Library/PrivateFrameworks/FaceCore.framework/Versions/A/FaceCore"
+ "/System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/GenerationalStorage"
+ "/System/Library/PrivateFrameworks/Heimdal.framework/Versions/A/Heimdal"
+ "/System/Library/PrivateFrameworks/IconServices.framework/Versions/A/IconServices"
+ "/System/Library/PrivateFrameworks/LanguageModeling.framework/Versions/A/LanguageModeling"
+ "/System/Library/PrivateFrameworks/MultitouchSupport.framework/Versions/A/MultitouchSupport"
+ "/System/Library/PrivateFrameworks/NetAuth.framework/Versions/A/NetAuth"
+ "/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/PerformanceAnalysis"
+ "/System/Library/PrivateFrameworks/RemoteViewServices.framework/Versions/A/RemoteViewServices"
+ "/System/Library/PrivateFrameworks/Sharing.framework/Versions/A/Sharing"
+ "/System/Library/PrivateFrameworks/SpeechRecognitionCore.framework/Versions/A/SpeechRecognitionCore"
+ "/System/Library/PrivateFrameworks/Symbolication.framework/Versions/A/Symbolication"
+ "/System/Library/PrivateFrameworks/TCC.framework/Versions/A/TCC"
+ "/System/Library/PrivateFrameworks/UIFoundation.framework/Versions/A/UIFoundation"
+ "/System/Library/PrivateFrameworks/Ubiquity.framework/Versions/A/Ubiquity"
+ "/System/Library/PrivateFrameworks/login.framework/Versions/A/Frameworks/loginsupport.framework/Versions/A/loginsupport"
+ "/usr/lib/libCRFSuite.dylib"
+ "/usr/lib/libOpenScriptingUtil.dylib"
+ "/usr/lib/libarchive.2.dylib"
+ "/usr/lib/libbsm.0.dylib"
+ "/usr/lib/libbz2.1.0.dylib"
+ "/usr/lib/libc++.1.dylib"
+ "/usr/lib/libc++abi.dylib"
+ "/usr/lib/libcmph.dylib"
+ "/usr/lib/libcups.2.dylib"
+ "/usr/lib/libextension.dylib"
+ "/usr/lib/libheimdal-asn1.dylib"
+ "/usr/lib/libiconv.2.dylib"
+ "/usr/lib/libicucore.A.dylib"
+ "/usr/lib/liblangid.dylib"
+ "/usr/lib/liblzma.5.dylib"
+ "/usr/lib/libmecabra.dylib"
+ "/usr/lib/libpam.2.dylib"
+ "/usr/lib/libresolv.9.dylib"
+ "/usr/lib/libsqlite3.dylib"
+ "/usr/lib/libxar.1.dylib"
+ "/usr/lib/libxml2.2.dylib"
+ "/usr/lib/libxslt.1.dylib"
+ "/usr/lib/libz.1.dylib"
+]
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/GNUmakefile
new file mode 100644
index 00000000000..8830006f00e
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/GNUmakefile
@@ -0,0 +1,10 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_keychain
+
+security_keychain_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_keychain_HEADER_FILES_DIR = lib
+
+security_keychain_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/default.nix
new file mode 100644
index 00000000000..de97950b765
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/default.nix
@@ -0,0 +1,47 @@
+{ CF, Security, appleDerivation, apple_sdk, libsecurity_asn1, libsecurity_cdsa_client, libsecurity_cdsa_utilities, libsecurity_cdsa_utils, libsecurity_ocspd, libsecurity_pkcs12, libsecurity_utilities, libsecurityd, openssl, osx_private_sdk, security_dotmac_tp }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_utilities
+ libsecurity_cdsa_client
+ libsecurity_cdsa_utilities
+ libsecurityd
+ CF
+ libsecurity_asn1
+ libsecurity_pkcs12
+ libsecurity_cdsa_utils
+ openssl
+ libsecurity_ocspd
+ security_dotmac_tp
+ ];
+ patchPhase = ''
+ substituteInPlace lib/Keychains.cpp --replace DLDbListCFPref.h DLDBListCFPref.h
+
+ substituteInPlace lib/SecCertificate.cpp --replace '#include <Security/SecCertificatePriv.h>' ""
+
+ cp ${osx_private_sdk}/usr/include/xpc/private.h xpc
+ cp ${apple_sdk.sdk}/include/xpc/*.h xpc
+ cp ${osx_private_sdk}/usr/local/include/sandbox_private.h lib/sandbox.h
+
+ substituteInPlace lib/SecItemPriv.h \
+ --replace "extern CFTypeRef kSecAttrAccessGroup" "extern const CFTypeRef kSecAttrAccessGroup" \
+ --replace "extern CFTypeRef kSecAttrIsSensitive" "extern const CFTypeRef kSecAttrIsSensitive" \
+ --replace "extern CFTypeRef kSecAttrIsExtractable" "extern const CFTypeRef kSecAttrIsExtractable"
+
+ substituteInPlace lib/Keychains.cpp --replace \
+ '<CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>' \
+ '"${apple_sdk.sdk}/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Headers/MacErrors.h"'
+
+ substituteInPlace lib/CertificateValues.cpp --replace \
+ '#include <Security/SecCertificatePriv.h>' ""
+
+ substituteInPlace lib/DLDBListCFPref.cpp --replace \
+ 'dispatch_once_t AppSandboxChecked;' ''$'namespace Security {\ndispatch_once_t AppSandboxChecked;' \
+ --replace 'return mLoginDLDbIdentifier;' 'return mLoginDLDbIdentifier; }' \
+ --replace '_xpc_runtime_is_app_sandboxed()' 'false'
+ # hope that doesn't hurt anything
+
+ substituteInPlace lib/KCEventNotifier.h --replace \
+ 'CoreFoundation/CFNotificationCenter.h' \
+ '${apple_sdk.sdk}/Library/Frameworks/CoreFoundation.framework/Versions/A/Headers/CFNotificationCenter.h'
+ '';
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/GNUmakefile
new file mode 100644
index 00000000000..119a43621fb
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/GNUmakefile
@@ -0,0 +1,10 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_mds
+
+security_mds_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_mds_HEADER_FILES_DIR = lib
+
+security_mds_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/default.nix
new file mode 100644
index 00000000000..cd691f71e95
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/default.nix
@@ -0,0 +1,11 @@
+{ appleDerivation, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_filedb, libsecurity_utilities, libsecurityd }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_cdsa_plugin
+ libsecurity_cdsa_utilities
+ libsecurity_filedb
+ libsecurity_utilities
+ libsecurity_cdsa_client
+ libsecurityd
+ ];
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ocspd/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ocspd/GNUmakefile
new file mode 100644
index 00000000000..140c5a909a6
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ocspd/GNUmakefile
@@ -0,0 +1,10 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_ocspd
+
+security_ocspd_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_ocspd_HEADER_FILES_DIR = lib
+
+security_ocspd_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ocspd/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ocspd/default.nix
new file mode 100644
index 00000000000..25701442d2b
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ocspd/default.nix
@@ -0,0 +1,20 @@
+{ appleDerivation, bootstrap_cmds, libsecurity_cdsa_utilities, libsecurity_utilities, osx_private_sdk }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_utilities
+ libsecurity_cdsa_utilities
+ bootstrap_cmds
+ ];
+ postUnpack = ''
+ pushd libsecurity*
+ ls -lah
+ mkdir -p lib
+ cp common/* lib
+ cp client/* lib
+ popd
+ '';
+ preBuild = ''
+ make -f mig/mig.mk SRCROOT=. BUILT_PRODUCTS_DIR=. || exit 1
+ cp derived_src/* lib
+ '';
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_pkcs12/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_pkcs12/GNUmakefile
new file mode 100644
index 00000000000..b2af7e72c41
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_pkcs12/GNUmakefile
@@ -0,0 +1,11 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_pkcs12
+
+security_pkcs12_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_pkcs12_HEADER_FILES_DIR = lib
+
+security_pkcs12_CC_FILES = $(wildcard lib/*.cpp)
+security_pkcs12_C_FILES = $(wildcard lib/*.c)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_pkcs12/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_pkcs12/default.nix
new file mode 100644
index 00000000000..f84c2d8963f
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_pkcs12/default.nix
@@ -0,0 +1,15 @@
+{ appleDerivation, libsecurity_asn1, libsecurity_cdsa_client, libsecurity_cdsa_utils, libsecurity_keychain, osx_private_sdk }:
+appleDerivation {
+ patchPhase = ''
+ substituteInPlace lib/pkcsoids.h --replace '#error' '#warning'
+ '';
+ preBuild = ''
+ unpackFile ${libsecurity_keychain.src}
+ mv libsecurity_keychain*/lib security_keychain
+ '';
+ buildInputs = [
+ libsecurity_asn1
+ libsecurity_cdsa_utils
+ libsecurity_cdsa_client
+ ];
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_sd_cspdl/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_sd_cspdl/GNUmakefile
new file mode 100644
index 00000000000..47a1c609d06
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_sd_cspdl/GNUmakefile
@@ -0,0 +1,10 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_sd_cspdl
+
+security_sd_cspdl_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_sd_cspdl_HEADER_FILES_DIR = lib
+
+security_sd_cspdl_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_sd_cspdl/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_sd_cspdl/default.nix
new file mode 100644
index 00000000000..22491091661
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_sd_cspdl/default.nix
@@ -0,0 +1,10 @@
+{ appleDerivation, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_utilities, libsecurityd }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_cdsa_plugin
+ libsecurity_utilities
+ libsecurity_cdsa_utilities
+ libsecurityd
+ libsecurity_cdsa_client
+ ];
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/GNUmakefile
new file mode 100644
index 00000000000..d3ba09142c9
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/GNUmakefile
@@ -0,0 +1,11 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_utilities
+
+security_utilities_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_utilities_HEADER_FILES_DIR = lib
+
+security_utilities_C_FILES = $(wildcard lib/*.c)
+security_utilities_CC_FILES = $(wildcard lib/*.cpp)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix
new file mode 100644
index 00000000000..8cc74e2210f
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix
@@ -0,0 +1,23 @@
+{ IOKit, appleDerivation, apple_sdk, libauto, libobjc, libsecurity_codesigning, osx_private_sdk, sqlite, stdenv }:
+appleDerivation {
+ buildInputs = [
+ libauto
+ libobjc
+ IOKit
+ sqlite
+ apple_sdk.frameworks.PCSC
+ ];
+ patchPhase = ''
+ substituteInPlace lib/errors.h --replace \
+ '<CoreServices/../Frameworks/CarbonCore.framework/Headers/MacTypes.h>' \
+ '"MacTypes.h"'
+ substituteInPlace lib/debugging.cpp --replace PATH_MAX 1024
+ substituteInPlace lib/superblob.h --replace 'result->at' 'result->template at'
+ substituteInPlace lib/ccaudit.cpp --replace '<bsm/libbsm.h>' '"bsm/libbsm.h"'
+
+ cp ${osx_private_sdk}/usr/include/security_utilities/utilities_dtrace.h lib
+ cp -R ${osx_private_sdk}/usr/local/include/bsm lib
+ '' + stdenv.lib.optionalString (!stdenv.cc.nativeLibc) ''
+ substituteInPlace lib/vproc++.cpp --replace /usr/local/include/vproc_priv.h ${stdenv.libc}/include/vproc_priv.h
+ '';
+}
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/GNUmakefile
new file mode 100644
index 00000000000..6058043e79f
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/GNUmakefile
@@ -0,0 +1,11 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = securityd
+
+securityd_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+securityd_HEADER_FILES_DIR = lib
+
+securityd_CC_FILES = $(wildcard lib/*.cpp)
+securityd_C_FILES = $(wildcard lib/*.c)
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/default.nix
new file mode 100644
index 00000000000..d311f678337
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/default.nix
@@ -0,0 +1,23 @@
+{ appleDerivation, bootstrap_cmds, libsecurity_cdsa_client, libsecurity_cdsa_utilities, libsecurity_utilities, osx_private_sdk }:
+appleDerivation {
+ buildInputs = [
+ libsecurity_cdsa_utilities
+ libsecurity_utilities
+ bootstrap_cmds
+ ];
+ patchPhase = ''
+ unpackFile ${libsecurity_cdsa_client.src}
+ mv libsecurity_cdsa_client*/lib security_cdsa_client
+ ln -s lib securityd_client
+
+ patch -p1 < ${./xdr-arity.patch}
+ '';
+ preBuild = ''
+ make -f mig/mig.mk SRCROOT=. BUILT_PRODUCTS_DIR=.
+ cp derived_src/* lib
+ rm lib/ucspClientC.c
+ '';
+ postInstall = ''
+ ln -s ''$out/include/securityd ''$out/include/securityd_client
+ '';
+}
\ No newline at end of file
diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/xdr-arity.patch b/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/xdr-arity.patch
new file mode 100644
index 00000000000..5d0328629f1
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/xdr-arity.patch
@@ -0,0 +1,79 @@
+diff --git a/lib/sec_xdr.c b/lib/sec_xdr.c
+index fe5f038..6239b6c 100644
+--- a/lib/sec_xdr.c
++++ b/lib/sec_xdr.c
+@@ -223,7 +223,7 @@ bool_t copyin(void *data, xdrproc_t proc, void** copy, u_int *size)
+ sec_xdrmem_create(&xdr, (char *)xdr_data, length, XDR_ENCODE);
+
+ // cast to void* - function can go both ways (xdr->x_op)
+- if (proc(&xdr, data)) {
++ if (proc(&xdr, data, 0)) {
+ *copy = xdr_data;
+ if (size) *size = length;
+ return (TRUE);
+@@ -261,7 +261,7 @@ bool_t copyout(const void *copy, u_int size, xdrproc_t proc, void **data, u_int
+ if (!sec_xdr_arena_init(&arena, &xdr, length_out ? length_out : length_required, length_out ? *data : NULL))
+ return (FALSE);
+
+- if (proc(&xdr, data))
++ if (proc(&xdr, data, 0))
+ {
+ *length = length_required;
+ return (TRUE);
+@@ -284,7 +284,7 @@ bool_t copyout_chunked(const void *copy, u_int size, xdrproc_t proc, void **data
+
+ void *data_out = NULL;
+
+- if (proc(&xdr, &data_out))
++ if (proc(&xdr, &data_out, 0))
+ {
+ *data = data_out;
+ return (TRUE);
+diff --git a/lib/sec_xdr_array.c b/lib/sec_xdr_array.c
+index 152a71b..e5ec1ad 100644
+--- a/lib/sec_xdr_array.c
++++ b/lib/sec_xdr_array.c
+@@ -147,7 +147,7 @@ sec_xdr_array(XDR *xdrs, uint8_t **addrp, u_int *sizep, u_int maxsize, u_int els
+ for (i = 0; (i < c) && stat; i++) {
+ if ((xdrs->x_op == XDR_DECODE) && sizeof_alloc)
+ memset(obj, 0, elsize);
+- stat = (*elproc)(xdrs, target);
++ stat = (*elproc)(xdrs, target, 0);
+ if ((xdrs->x_op == XDR_ENCODE) || !sizeof_alloc)
+ target += elsize;
+ }
+diff --git a/lib/sec_xdr_reference.c b/lib/sec_xdr_reference.c
+index a66fb37..ab5b4c4 100644
+--- a/lib/sec_xdr_reference.c
++++ b/lib/sec_xdr_reference.c
+@@ -121,7 +121,7 @@ sec_xdr_reference(XDR *xdrs, uint8_t **pp, u_int size, xdrproc_t proc)
+ break;
+ }
+
+- stat = (*proc)(xdrs, loc);
++ stat = (*proc)(xdrs, loc, 0);
+
+ if (xdrs->x_op == XDR_FREE) {
+ sec_mem_free(xdrs, loc, size);
+diff --git a/lib/sec_xdr_sizeof.c b/lib/sec_xdr_sizeof.c
+index a18bcd0..8c33dbc 100644
+--- a/lib/sec_xdr_sizeof.c
++++ b/lib/sec_xdr_sizeof.c
+@@ -190,7 +190,7 @@ sec_xdr_sizeof_in(func, data)
+
+ sec_xdr_arena_allocator_t size_alloc;
+ sec_xdr_arena_init_size_alloc(&size_alloc, &x);
+- stat = func(&x, data);
++ stat = func(&x, data, 0);
+ if (x.x_private)
+ free(x.x_private);
+ return (stat == TRUE ? (unsigned) x.x_handy: 0);
+@@ -210,7 +210,7 @@ sec_xdr_sizeof_out(copy, size, func, data)
+
+ sec_xdr_arena_allocator_t size_alloc;
+ sec_xdr_arena_init_size_alloc(&size_alloc, &x);
+- stat = func(&x, data);
++ stat = func(&x, data, 0);
+ if (size_alloc.data)
+ free(size_alloc.data);
+ return (stat == TRUE ? (unsigned long)size_alloc.offset : 0);
diff --git a/pkgs/os-specific/darwin/apple-source-releases/security_dotmac_tp/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/security_dotmac_tp/GNUmakefile
new file mode 100644
index 00000000000..6f6a50bd57a
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/security_dotmac_tp/GNUmakefile
@@ -0,0 +1,8 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+LIBRARY_NAME = security_dotmac_tp
+
+security_dotmac_tp_HEADER_FILES = $(notdir $(wildcard lib/*.h))
+security_dotmac_tp_HEADER_FILES_DIR = lib
+
+include $(GNUSTEP_MAKEFILES)/library.make
diff --git a/pkgs/os-specific/darwin/apple-source-releases/security_dotmac_tp/default.nix b/pkgs/os-specific/darwin/apple-source-releases/security_dotmac_tp/default.nix
new file mode 100644
index 00000000000..bfbfb945957
--- /dev/null
+++ b/pkgs/os-specific/darwin/apple-source-releases/security_dotmac_tp/default.nix
@@ -0,0 +1,4 @@
+{ appleDerivation }:
+
+appleDerivation {
+}
diff --git a/pkgs/os-specific/darwin/osx-private-sdk/default.nix b/pkgs/os-specific/darwin/osx-private-sdk/default.nix
index 85e1dc50f35..febcb6b5d0c 100644
--- a/pkgs/os-specific/darwin/osx-private-sdk/default.nix
+++ b/pkgs/os-specific/darwin/osx-private-sdk/default.nix
@@ -1,34 +1,16 @@
-{ stdenv, fetchFromGitHub, python, osx_sdk }:
+{ stdenv, fetchzip }:
-let
- sdkVersion = "10.9";
-in stdenv.mkDerivation {
- name = "PrivateMacOSX${sdkVersion}.sdk";
-
- src = fetchFromGitHub {
- owner = "copumpkin";
- repo = "OSXPrivateSDK";
- rev = "bde9cba13e6ae62a8e4e0f405008ea719526e7ad";
- sha256 = "1vj3fxwp32irxjk987p7a223sm5bl5rrlajcvgy69k0wb0fp0krc";
- };
-
- buildInputs = [ python ];
-
- configurePhase = "true";
-
- buildPhase = ''
- python PrivateSDK.py -i ${osx_sdk}/Developer/SDKs/MacOSX${sdkVersion}.sdk -o PrivateMacOSX${sdkVersion}.sdk
- '';
-
- installPhase = ''
- mkdir -p $out/Developer/SDKs/
- mv PrivateMacOSX${sdkVersion}.sdk $out/Developer/SDKs
- '';
-
- meta = with stdenv.lib; {
- description = "A private Mac OS ${sdkVersion} SDK, suitable for building many of Apple's open source releases";
- maintainers = with maintainers; [ copumpkin ];
- platforms = platforms.darwin;
- license = licenses.unfree;
- };
+let full = stdenv.lib.overrideDerivation (fetchzip {
+ url = "https://github.com/samdmarshall/OSXPrivateSDK/tarball/69bf3c7f7140ed6ab2b6684b427bd457209858fe";
+ name = "osx-private-sdk-10.9";
+ sha256 = "1agl4kyry6m7yz3sql5mrbvmd1xkmb4nbq976phcpk19inans1zm";
+}) (drv: {
+ postFetch = ''
+ unpackFile() {
+ tar xzf "$1"
+ }
+ '' + drv.postFetch;
+}); in {
+ outPath = "${full}/PrivateSDK10.9";
+ passthru.sdk10 = "${full}/PrivateSDK10.10";
}
diff --git a/pkgs/os-specific/darwin/osx-sdk/default.nix b/pkgs/os-specific/darwin/osx-sdk/default.nix
index 612bf003743..875479b4f29 100644
--- a/pkgs/os-specific/darwin/osx-sdk/default.nix
+++ b/pkgs/os-specific/darwin/osx-sdk/default.nix
@@ -2,7 +2,7 @@
let
version = "10.9";
-in stdenv.mkDerivation {
+in stdenv.mkDerivation rec {
name = "MacOSX10.9.sdk";
src = "/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk";
@@ -23,4 +23,4 @@ in stdenv.mkDerivation {
platforms = platforms.darwin;
license = licenses.unfree;
};
-}
\ No newline at end of file
+}
diff --git a/pkgs/os-specific/darwin/security-tool/GNUmakefile b/pkgs/os-specific/darwin/security-tool/GNUmakefile
new file mode 100644
index 00000000000..ae25f6a67c0
--- /dev/null
+++ b/pkgs/os-specific/darwin/security-tool/GNUmakefile
@@ -0,0 +1,14 @@
+include $(GNUSTEP_MAKEFILES)/common.make
+
+TOOL_NAME = security
+security_C_FILES = $(wildcard *.c)
+security_CC_FILES = $(wildcard *.cpp)
+
+security_LDFLAGS = \
+ -lsecurity_cdsa_utilities -lsecurity_cdsa_utils -lsecurity_keychain -lsecurity_cssm \
+ -lsecurity_cdsa_client -lsecurity_utilities -lsecurity_asn1 -lsecurity_mds \
+ -lsecurity_cdsa_plugin -lsecurity_pkcs12 -lsecurity_apple_csp -lsecurity_apple_cspdl \
+ -lsecurity_apple_file_dl -lsecurity_apple_x509_cl -lsecurity_apple_x509_tp \
+ -lsecurity_sd_cspdl -lsecurity_filedb -lsecurityd -framework Security -framework PCSC
+
+include $(GNUSTEP_MAKEFILES)/tool.make
diff --git a/pkgs/os-specific/darwin/security-tool/default.nix b/pkgs/os-specific/darwin/security-tool/default.nix
index 49d61f392c5..866d006238d 100644
--- a/pkgs/os-specific/darwin/security-tool/default.nix
+++ b/pkgs/os-specific/darwin/security-tool/default.nix
@@ -1,30 +1,88 @@
-{ stdenv, fetchurl, osx_private_sdk }:
+{ CoreServices, Foundation, PCSC, Security, GSS, Kerberos, makeWrapper, apple_sdk, fetchurl, gnustep-make, libobjc, libsecurity_apple_csp, libsecurity_apple_cspdl, libsecurity_apple_file_dl, libsecurity_apple_x509_cl, libsecurity_apple_x509_tp, libsecurity_asn1, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_cdsa_utils, libsecurity_cssm, libsecurity_filedb, libsecurity_keychain, libsecurity_mds, libsecurity_pkcs12, libsecurity_sd_cspdl, libsecurity_utilities, libsecurityd, osx_private_sdk, stdenv }:
stdenv.mkDerivation rec {
- version = "55115";
- name = "SecurityTool-${version}";
+ version = "55115";
+ name = "SecurityTool-${version}";
src = fetchurl {
url = "http://opensource.apple.com/tarballs/SecurityTool/SecurityTool-${version}.tar.gz";
sha256 = "0apcz4vy2z5645jhrs60wj3w27mncjjqv42h5lln36g6qs2n9113";
};
- configurePhase = "";
+ patchPhase = ''
+ # copied from libsecurity_generic
+ ln -s ${osx_private_sdk}/System/Library/Frameworks/Security.framework/Versions/A/PrivateHeaders Security
- # Someday we shall purge this impurity!
- buildPhase = ''
- /usr/bin/xcodebuild SDKROOT=${osx_private_sdk}/Developer/SDKs/PrivateMacOSX10.9.sdk/
+ substituteInPlace cmsutil.c --replace \
+ '<CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>' \
+ '"${apple_sdk.sdk}/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Headers/MacErrors.h"'
+ substituteInPlace createFVMaster.c --replace \
+ '<CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>' \
+ '"${apple_sdk.sdk}/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Headers/MacErrors.h"'
'';
- installPhase = ''
- mkdir -p $out/bin/
- cp build/Release/security $out/bin
+ postUnpack = ''
+ unpackFile ${Security.src}
+ cp Security-*/utilities/src/fileIo.c SecurityTool*
+ cp Security-*/utilities/src/fileIo.h SecurityTool*
+ '';
+
+ preBuild = ''
+ makeFlagsArray=(-j''$NIX_BUILD_CORES)
+ '';
+
+ NIX_LDFLAGS = "-no_dtrace_dof";
+
+ makeFlags = "-f ${./GNUmakefile} MAKEFILE_NAME=${./GNUmakefile}";
+
+ installFlags = [
+ "security_INSTALL_DIR=\$(out)/bin"
+ ];
+
+ propagatedBuildInputs = [ GSS Kerberos Security PCSC Foundation ];
+
+ buildInputs = [
+ gnustep-make
+ libsecurity_asn1
+ libsecurity_utilities
+ libsecurity_cdsa_utilities
+ libobjc
+ libsecurity_cdsa_client
+ libsecurity_keychain
+ libsecurity_cssm
+ libsecurity_cdsa_utils
+ libsecurity_mds
+ libsecurity_cdsa_plugin
+ libsecurity_apple_csp
+ libsecurity_apple_cspdl
+ libsecurity_apple_file_dl
+ libsecurity_apple_x509_cl
+ libsecurity_apple_x509_tp
+ libsecurity_pkcs12
+ libsecurity_sd_cspdl
+ libsecurity_filedb
+ libsecurityd
+ makeWrapper
+ ];
+
+ NIX_CFLAGS_COMPILE = [
+ "-F${Security}/Library/Frameworks"
+ "-F${PCSC}/Library/Frameworks"
+ "-Wno-deprecated-declarations"
+ ];
+
+ postInstall = ''
+ wrapProgram $out/bin/security --set DYLD_INSERT_LIBRARIES /usr/lib/libsqlite3.dylib
'';
meta = with stdenv.lib; {
description = "Command line interface to Mac OS X keychains and Security framework";
- maintainers = with maintainers; [ copumpkin ];
- platforms = platforms.darwin;
- license = licenses.apsl20;
+ maintainers = with maintainers; [
+ copumpkin
+ joelteon
+ ];
+ platforms = platforms.darwin;
+ license = licenses.apsl20;
};
-}
\ No newline at end of file
+}
+
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 4e35870192f..d2b0f884a87 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -9350,9 +9350,9 @@ let
xcode = callPackage ../os-specific/darwin/xcode {};
osx_sdk = callPackage ../os-specific/darwin/osx-sdk {};
- osx_private_sdk = callPackage ../os-specific/darwin/osx-private-sdk { inherit osx_sdk; };
+ osx_private_sdk = callPackage ../os-specific/darwin/osx-private-sdk {};
- security_tool = callPackage ../os-specific/darwin/security-tool { inherit osx_private_sdk; };
+ security_tool = (newScope (darwin.apple_sdk.frameworks // darwin)) ../os-specific/darwin/security-tool { };
binutils = callPackage ../os-specific/darwin/binutils { inherit cctools; };
@@ -9366,6 +9366,12 @@ let
libobjc = apple-source-releases.objc4;
};
+ gnustep-make = callPackage ../development/tools/build-managers/gnustep/make {};
+ gnustep-xcode = callPackage ../development/tools/build-managers/gnustep/xcode {
+ inherit (darwin.apple_sdk.frameworks) Foundation;
+ inherit (darwin) libobjc;
+ };
+
devicemapper = lvm2;
disk_indicator = callPackage ../os-specific/linux/disk-indicator { };