public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

libhsts: ini at 0.1.0

This commit is contained in:
Sandro Jäckel 2021-02-13 21:11:54 +01:00
parent 2f46ed8ef6
commit a4402edf94
No known key found for this signature in database
GPG Key ID: 3AF5A43A3EECC2E5
3 changed files with 55 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
pkgs/development/libraries/libhsts/default.nix Normal file
View File

@ -0,0 +1,40 @@
{ lib, stdenv, fetchFromGitLab, fetchurl, autoconf-archive, autoreconfHook, pkg-config, python3 }:
let
chromium_version = "90.0.4417.1";
hsts_list = fetchurl {
url = "https://raw.github.com/chromium/chromium/${chromium_version}/net/http/transport_security_state_static.json";
sha256 = "09f24n30x5dmqk8zk7k2glcilgr27832a3304wj1yp97158sqsfx";
};
in
stdenv.mkDerivation rec {
pname = "libhsts";
version = "0.1.0";
src = fetchFromGitLab {
owner = "rockdaboot";
repo = pname;
rev = "libhsts-${version}";
sha256 = "0gbchzf0f4xzb6zjc56dk74hqrmdgyirmgxvvsqp9vqn9wb5kkx4";
};
postPatch = ''
pushd tests
cp ${hsts_list} transport_security_state_static.json
sed 's/^ *\/\/.*$//g' transport_security_state_static.json >hsts.json
popd
patchShebangs src/hsts-make-dafsa
'';
nativeBuildInputs = [ autoconf-archive autoreconfHook pkg-config python3 ];
outputs = [ "out" "dev" ];
meta = with lib; {
description = "Library to easily check a domain against the Chromium HSTS Preload list";
homepage = "https://gitlab.com/rockdaboot/libhsts";
license = with licenses; [ mit bsd3 ];
maintainers = with maintainers; [ SuperSandro2000 ];
};
}

13
pkgs/development/libraries/libhsts/update.sh Executable file
View File

@ -0,0 +1,13 @@
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p curl jq
set -euo pipefail -x
cd "$(dirname "$0")"
chromium_version=$(curl -s "https://api.github.com/repos/chromium/chromium/tags" | jq -r 'map(select(.prerelease | not)) | .[1].name')
sha256=$(nix-prefetch-url "https://raw.github.com/chromium/chromium/$chromium_version/net/http/transport_security_state_static.json")
sed -e "0,/chromium_version/s/chromium_version = \".*\"/chromium_version = \"$chromium_version\"/" \
-e "0,/sha256/s/sha256 = \".*\"/sha256 = \"$sha256\"/" \
--in-place ./default.nix

2
pkgs/top-level/all-packages.nix
View File

@ -13841,6 +13841,8 @@ in
libgit2-glib = callPackage ../development/libraries/libgit2-glib { };
libhsts = callPackage ../development/libraries/libhsts { };
glbinding = callPackage ../development/libraries/glbinding { };
gle = callPackage ../development/libraries/gle { };