From 558c8a280fe7cec13c728c44fdbc3c92861fa9db Mon Sep 17 00:00:00 2001 From: Bernard Fortz Date: Sat, 5 May 2018 15:26:44 +0200 Subject: [PATCH 1/3] eid-mw: 4.1.19 -> 4.3.7 Urgent version bump as tax season is coming and 4.1.19 is not compatible with firefox anymore. --- pkgs/tools/security/eid-mw/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/security/eid-mw/default.nix b/pkgs/tools/security/eid-mw/default.nix index a11b70917c8..02e5e77c33e 100644 --- a/pkgs/tools/security/eid-mw/default.nix +++ b/pkgs/tools/security/eid-mw/default.nix @@ -4,7 +4,7 @@ stdenv.mkDerivation rec { name = "eid-mw-${version}"; - version = "4.1.19"; + version = "4.3.7"; src = fetchFromGitHub { sha256 = "191c74kxfrfb894v8y4vi2iygyffjy9jjq5fj7cnnddgwai5n3c5"; @@ -58,5 +58,6 @@ stdenv.mkDerivation rec { and remove all ~/.pki and/or /etc/pki directories no longer needed. ''; platforms = platforms.linux; + maintainers = with maintainers; [ bfortz ]; }; } From 0c4f72c377ff0042aafe9d083692c8b15bdde70a Mon Sep 17 00:00:00 2001 From: Bernard Fortz Date: Sat, 5 May 2018 17:48:36 +0200 Subject: [PATCH 2/3] eid-mw: 4.1.19 -> 4.4.1 Urgent version bump as tax season is coming and 4.1.19 is not compatible with firefox anymore. eid-viewer was merged upstream with eid-mw, so it is included here now. --- pkgs/tools/security/eid-mw/default.nix | 17 ++++++--- pkgs/tools/security/eid-viewer/default.nix | 42 ---------------------- pkgs/top-level/all-packages.nix | 2 -- 3 files changed, 13 insertions(+), 48 deletions(-) delete mode 100644 pkgs/tools/security/eid-viewer/default.nix diff --git a/pkgs/tools/security/eid-mw/default.nix b/pkgs/tools/security/eid-mw/default.nix index 02e5e77c33e..39090a19582 100644 --- a/pkgs/tools/security/eid-mw/default.nix +++ b/pkgs/tools/security/eid-mw/default.nix @@ -1,20 +1,29 @@ { stdenv, fetchFromGitHub , autoreconfHook, pkgconfig -, gtk3, nssTools, pcsclite }: +, gtk3, nssTools, pcsclite +, libxml2, libproxy +, openssl, curl }: stdenv.mkDerivation rec { name = "eid-mw-${version}"; - version = "4.3.7"; + version = "4.4.1"; src = fetchFromGitHub { - sha256 = "191c74kxfrfb894v8y4vi2iygyffjy9jjq5fj7cnnddgwai5n3c5"; + sha256 = "0an7xgj5rzl75kq6qfrmm886v639hhlh7c9yfs8iihc47wghpma8"; rev = "v${version}"; repo = "eid-mw"; owner = "Fedict"; }; nativeBuildInputs = [ autoreconfHook pkgconfig ]; - buildInputs = [ gtk3 pcsclite ]; + buildInputs = [ gtk3 pcsclite libxml2 libproxy curl openssl ]; + preConfigure = '' + mkdir openssl + ln -s ${openssl.out}/lib openssl + ln -s ${openssl.bin}/bin openssl + ln -s ${openssl.dev}/include openssl + export SSL_PREFIX=$(realpath openssl) + ''; postPatch = '' sed 's@m4_esyscmd_s(.*,@[${version}],@' -i configure.ac diff --git a/pkgs/tools/security/eid-viewer/default.nix b/pkgs/tools/security/eid-viewer/default.nix deleted file mode 100644 index 10cc314fe1d..00000000000 --- a/pkgs/tools/security/eid-viewer/default.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ stdenv, fetchurl, makeWrapper, jre, pcsclite }: - -stdenv.mkDerivation rec { - name = "eid-viewer-${version}"; - version = "4.1.9"; - - src = fetchurl { - url = "https://downloads.services.belgium.be/eid/eid-viewer-${version}-v${version}.src.tar.gz"; - sha256 = "0bq9jl4kl97j0dfhz4crcb1wqhn420z5vpg510zadvrmqjhy1x4g"; - }; - - buildInputs = [ jre pcsclite ]; - nativeBuildInputs = [ makeWrapper ]; - - unpackPhase = "tar -xzf ${src} --strip-components=1"; - - preConfigure = '' - substituteInPlace eid-viewer.sh.in --replace "exec java" "exec ${jre}/bin/java" - ''; - - postInstall = '' - wrapProgram $out/bin/eid-viewer --suffix LD_LIBRARY_PATH : ${pcsclite}/lib - cat >> $out/share/applications/eid-viewer.desktop << EOF - # eid-viewer creates XML without a header, making it "plain text": - MimeType=application/xml;text/xml;text/plain - EOF - ''; - - doCheck = true; - - meta = with stdenv.lib; { - description = "Belgian electronic identity card (eID) viewer"; - homepage = http://eid.belgium.be/en/using_your_eid/installing_the_eid_software/linux/; - license = licenses.lgpl3; - longDescription = '' - A simple, graphical Java application to view, print and save data from - Belgian electronic identity cards. Independent of the eid-mw package, - which is required to actually use your eID for authentication or signing. - ''; - platforms = platforms.linux; - }; -} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 849a90cd6f9..608f6097a2b 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2108,8 +2108,6 @@ with pkgs; eid-mw = callPackage ../tools/security/eid-mw { }; - eid-viewer = callPackage ../tools/security/eid-viewer { }; - mcrcon = callPackage ../tools/networking/mcrcon {}; tealdeer = callPackage ../tools/misc/tealdeer/default.nix { }; From d84a06feca9b6d43df669610523665067a26d41d Mon Sep 17 00:00:00 2001 From: Bernard Fortz Date: Sat, 5 May 2018 21:00:06 +0200 Subject: [PATCH 3/3] eid-mw: 4.1.19 -> 4.4.1 Urgent version bump as tax season is coming and 4.1.19 is not compatible with firefox anymore. eid-viewer was merged upstream with eid-mw, so it is included here now. --- pkgs/tools/security/eid-mw/default.nix | 35 +++++++++++++++----------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/pkgs/tools/security/eid-mw/default.nix b/pkgs/tools/security/eid-mw/default.nix index 39090a19582..eb886148674 100644 --- a/pkgs/tools/security/eid-mw/default.nix +++ b/pkgs/tools/security/eid-mw/default.nix @@ -2,7 +2,8 @@ , autoreconfHook, pkgconfig , gtk3, nssTools, pcsclite , libxml2, libproxy -, openssl, curl }: +, openssl, curl +, makeWrapper }: stdenv.mkDerivation rec { name = "eid-mw-${version}"; @@ -15,7 +16,7 @@ stdenv.mkDerivation rec { owner = "Fedict"; }; - nativeBuildInputs = [ autoreconfHook pkgconfig ]; + nativeBuildInputs = [ autoreconfHook pkgconfig makeWrapper ]; buildInputs = [ gtk3 pcsclite libxml2 libproxy curl openssl ]; preConfigure = '' mkdir openssl @@ -31,39 +32,45 @@ stdenv.mkDerivation rec { configureFlags = [ "--enable-dialogs=yes" ]; - enableParallelBuilding = true; - - doCheck = true; - postInstall = '' install -D ${./eid-nssdb.in} $out/bin/eid-nssdb substituteInPlace $out/bin/eid-nssdb \ --replace "modutil" "${nssTools}/bin/modutil" - # Only provides a useless "about-eid-mw.desktop" that segfaults anyway: - rm -r $out/share/applications $out/bin/about-eid-mw + rm $out/bin/about-eid-mw + wrapProgram $out/bin/eid-viewer --prefix XDG_DATA_DIRS : "$out/share/gsettings-schemas/$name" ''; + enableParallelBuilding = true; + + doCheck = true; + meta = with stdenv.lib; { description = "Belgian electronic identity card (eID) middleware"; homepage = http://eid.belgium.be/en/using_your_eid/installing_the_eid_software/linux/; license = licenses.lgpl3; longDescription = '' Allows user authentication and digital signatures with Belgian ID cards. - Also requires a running pcscd service and compatible card reader. + Also requires a running pcscd service and compatible card reader. + eid-viewer is also installed. + + **TO FIX:** + The procedure below did not work for me, I had to install the .so directly in firefox as instructed at + https://eid.belgium.be/en/log-eid#7507 + and specify + /run/current-system/sw/lib/libbeidpkcs11.so + as the path to the module. + + This package only installs the libraries. To use eIDs in Firefox or + Chromium, the eID Belgium add-on must be installed. This package only installs the libraries. To use eIDs in NSS-compatible browsers like Chrom{e,ium} or Firefox, each user must first execute: - ~$ eid-nssdb add - (Running the script once as root with the --system option enables eID support for all users, but will *not* work when using Chrom{e,ium}!) - Before uninstalling this package, it is a very good idea to run - ~$ eid-nssdb [--system] remove - and remove all ~/.pki and/or /etc/pki directories no longer needed. ''; platforms = platforms.linux;