From e51405db3e5d5e89e1a9dd8251ef00df0f771913 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 00:23:54 -0500 Subject: [PATCH 01/21] antlr: supports darwin --- pkgs/development/tools/parsing/antlr/2.7.7.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/tools/parsing/antlr/2.7.7.nix b/pkgs/development/tools/parsing/antlr/2.7.7.nix index 23141185f68e1..017ef20e81c66 100644 --- a/pkgs/development/tools/parsing/antlr/2.7.7.nix +++ b/pkgs/development/tools/parsing/antlr/2.7.7.nix @@ -19,6 +19,6 @@ stdenv.mkDerivation { walk parse trees. ''; homepage = http://www.antlr.org/; - platforms = platforms.linux; + platforms = platforms.unix; }; } From a77de9552942bded66c2dcfce61512b72c52651c Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 00:24:21 -0500 Subject: [PATCH 02/21] xcbuild: add framework product --- pkgs/development/tools/xcbuild/platform.nix | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/pkgs/development/tools/xcbuild/platform.nix b/pkgs/development/tools/xcbuild/platform.nix index d0836daf61357..a36c4f4bf8064 100644 --- a/pkgs/development/tools/xcbuild/platform.nix +++ b/pkgs/development/tools/xcbuild/platform.nix @@ -258,6 +258,27 @@ let }; PackageTypes = [ "com.apple.package-type.wrapper.application" ]; } + { + Type = "ProductType"; + Identifier = "com.apple.product-type.framework"; + Name = "Bundle"; + DefaultBuildProperties = { + FULL_PRODUCT_NAME = "$(WRAPPER_NAME)"; + MACH_O_TYPE = "mh_bundle"; + WRAPPER_PREFIX = ""; + WRAPPER_SUFFIX = ".$(WRAPPER_EXTENSION)"; + WRAPPER_EXTENSION = "bundle"; + WRAPPER_NAME = "$(WRAPPER_PREFIX)$(PRODUCT_NAME)$(WRAPPER_SUFFIX)"; + FRAMEWORK_FLAG_PREFIX = "-framework"; + LIBRARY_FLAG_PREFIX = "-l"; + LIBRARY_FLAG_NOSPACE = "YES"; + STRIP_STYLE = "non-global"; + }; + PackageTypes = [ "com.apple.package-type.wrapper" ]; + IsWrapper = "YES"; + HasInfoPlist = "YES"; + HasInfoPlistStrings = "YES"; + } ]; in From 7c1e39746d2570005877142908a10d693018ad56 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 00:24:50 -0500 Subject: [PATCH 03/21] xcbuild: set SYMROOT and OBJROOT --- pkgs/development/tools/xcbuild/setup-hook.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/tools/xcbuild/setup-hook.sh b/pkgs/development/tools/xcbuild/setup-hook.sh index c3b26a6ac7964..70100c196973e 100644 --- a/pkgs/development/tools/xcbuild/setup-hook.sh +++ b/pkgs/development/tools/xcbuild/setup-hook.sh @@ -5,7 +5,7 @@ xcbuildBuildPhase() { echo "running xcodebuild" - xcodebuild OTHER_CFLAGS="$NIX_CFLAGS_COMPILE" OTHER_CPLUSPLUSFLAGS="$NIX_CFLAGS_COMPILE" OTHER_LDFLAGS="$NIX_LDFLAGS" build + xcodebuild SYMROOT=$PWD/Products OBJROOT=$PWD/Intermediates $xcbuildFlags build runHook postBuild } From 65562e4cddab2c28511d81bf5dd56a4bf767a8f9 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 00:27:14 -0500 Subject: [PATCH 04/21] treewide: change install references for xcbuild now build directory is "Products/Release/" --- .../darwin/apple-source-releases/adv_cmds/xcode.nix | 2 +- .../darwin/apple-source-releases/basic_cmds/default.nix | 2 +- .../darwin/apple-source-releases/developer_cmds/default.nix | 2 +- .../darwin/apple-source-releases/file_cmds/default.nix | 2 +- pkgs/os-specific/darwin/apple-source-releases/libutil/new.nix | 4 ++-- .../darwin/apple-source-releases/network_cmds/default.nix | 2 +- .../darwin/apple-source-releases/shell_cmds/default.nix | 2 +- pkgs/tools/misc/contacts/default.nix | 2 +- pkgs/tools/security/pinentry-mac/default.nix | 2 +- 9 files changed, 10 insertions(+), 10 deletions(-) diff --git a/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/xcode.nix b/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/xcode.nix index a3d4099399b31..1d5c0defcbfd4 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/xcode.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/xcode.nix @@ -34,7 +34,7 @@ appleDerivation { # temporary install phase until xcodebuild has "install" support installPhase = '' mkdir -p $out/bin/ - install adv_cmds-*/Build/Products/Release/* $out/bin/ + install Products/Release/* $out/bin/ for n in 1 8; do mkdir -p $out/share/man/man$n diff --git a/pkgs/os-specific/darwin/apple-source-releases/basic_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/basic_cmds/default.nix index 9e8b78e57d6c8..b52ec3306dc42 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/basic_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/basic_cmds/default.nix @@ -14,7 +14,7 @@ appleDerivation rec { # temporary install phase until xcodebuild has "install" support installPhase = '' mkdir -p $out/bin/ - install basic_cmds-*/Build/Products/Release/* $out/bin/ + install Products/Release/* $out/bin/ for n in 1; do mkdir -p $out/share/man/man$n diff --git a/pkgs/os-specific/darwin/apple-source-releases/developer_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/developer_cmds/default.nix index 67fbf83496ed6..1f35e3008b3b1 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/developer_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/developer_cmds/default.nix @@ -11,7 +11,7 @@ appleDerivation rec { # temporary install phase until xcodebuild has "install" support installPhase = '' mkdir -p $out/bin/ - install developer_cmds-*/Build/Products/Release/* $out/bin/ + install Products/Release/* $out/bin/ for n in 1; do mkdir -p $out/share/man/man$n diff --git a/pkgs/os-specific/darwin/apple-source-releases/file_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/file_cmds/default.nix index 8346ca7a9a765..47a587966b44d 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/file_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/file_cmds/default.nix @@ -19,7 +19,7 @@ appleDerivation rec { # temporary install phase until xcodebuild has "install" support installPhase = '' mkdir -p $out/bin/ - install file_cmds-*/Build/Products/Release/* $out/bin + install Products/Release/* $out/bin for n in 1; do mkdir -p $out/share/man/man$n diff --git a/pkgs/os-specific/darwin/apple-source-releases/libutil/new.nix b/pkgs/os-specific/darwin/apple-source-releases/libutil/new.nix index 860a74f61f7f7..2c75f3966dbf8 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libutil/new.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libutil/new.nix @@ -18,8 +18,8 @@ appleDerivation { installPhase = '' mkdir -p $out/lib $out/include - cp libutil-*/Build/Products/Release/*.dylib $out/lib - cp libutil-*/Build/Products/Release/*.h $out/include + cp Products/Release/*.dylib $out/lib + cp Products/Release/*.h $out/include # TODO: figure out how to get this to be right the first time around install_name_tool -id $out/lib/libutil.dylib $out/lib/libutil.dylib diff --git a/pkgs/os-specific/darwin/apple-source-releases/network_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/network_cmds/default.nix index dc7edface9a03..23777c9415768 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/network_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/network_cmds/default.nix @@ -19,7 +19,7 @@ appleDerivation rec { # temporary install phase until xcodebuild has "install" support installPhase = '' mkdir -p $out/bin/ - install network_cmds-*/Build/Products/Release/* $out/bin/ + install Products/Release/* $out/bin/ for n in 1 5; do mkdir -p $out/share/man/man$n diff --git a/pkgs/os-specific/darwin/apple-source-releases/shell_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/shell_cmds/default.nix index 4f527acc950c8..8ce916feb38ad 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/shell_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/shell_cmds/default.nix @@ -29,7 +29,7 @@ appleDerivation rec { # temporary install phase until xcodebuild has "install" support installPhase = '' mkdir -p $out/usr/bin - install shell_cmds-*/Build/Products/Release/* $out/usr/bin + install Products/Release/* $out/usr/bin export DSTROOT=$out export SRCROOT=$PWD diff --git a/pkgs/tools/misc/contacts/default.nix b/pkgs/tools/misc/contacts/default.nix index d146cd93343e2..47a74e84b55a2 100644 --- a/pkgs/tools/misc/contacts/default.nix +++ b/pkgs/tools/misc/contacts/default.nix @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { installPhase = '' mkdir -p $out/bin - cp ./contacts-*/Build/Products/Default/contacts $out/bin + cp Products/Default/contacts $out/bin ''; ## FIXME: the framework setup hook isn't adding these correctly diff --git a/pkgs/tools/security/pinentry-mac/default.nix b/pkgs/tools/security/pinentry-mac/default.nix index 074d71c08308f..2be8550fb4cc4 100644 --- a/pkgs/tools/security/pinentry-mac/default.nix +++ b/pkgs/tools/security/pinentry-mac/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { installPhase = '' mkdir -p $out/Applications - mv pinentry-mac-*/Build/Products/Release/pinentry-mac.app $out/Applications + mv Products/Release/pinentry-mac.app $out/Applications ''; passthru = { From c3ce4ee7232ceb81e810d016b4fd8279aeb79bf9 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 00:28:06 -0500 Subject: [PATCH 05/21] pbzx: init at 1.0.2 --- pkgs/tools/compression/pbzx/default.nix | 27 +++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 29 insertions(+) create mode 100644 pkgs/tools/compression/pbzx/default.nix diff --git a/pkgs/tools/compression/pbzx/default.nix b/pkgs/tools/compression/pbzx/default.nix new file mode 100644 index 0000000000000..bbba21f2b34d8 --- /dev/null +++ b/pkgs/tools/compression/pbzx/default.nix @@ -0,0 +1,27 @@ +{stdenv, lib, fetchFromGitHub, lzma, xar}: + +stdenv.mkDerivation rec { + pname = "pbzx"; + version = "1.0.2"; + name = "${pname}-${version}"; + src = fetchFromGitHub { + owner = "NiklasRosenstein"; + repo = "pbzx"; + rev = "v${version}"; + sha256 = "0bwd7wmnhpz1n5p39mh6asfyccj4cm06hwigslcwbb3pdwmvxc90"; + }; + buildInputs = [ lzma xar ]; + buildPhase = '' + cc pbzx.c -llzma -lxar -o pbzx + ''; + installPhase = '' + mkdir -p $out/bin + cp pbzx $out/bin + ''; + meta = with lib; { + description = "Stream parser of Apple's pbzx compression format."; + platforms = platforms.unix; + license = licenses.gpl3; + maintainers = [ maintainers.matthewbauer ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 03018649317b6..83e282d1002ab 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1344,6 +1344,8 @@ with pkgs; patdiff = callPackage ../tools/misc/patdiff { }; + pbzx = callPackage ../tools/compression/pbzx { }; + playerctl = callPackage ../tools/audio/playerctl { }; ps_mem = callPackage ../tools/system/ps_mem { }; From 72f8df946578a531de480bd353cba8260049a2c2 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 00:29:08 -0500 Subject: [PATCH 06/21] swift-corelibs: init moves swift-corelibs-corefoundation to own dir also adds libdispatch --- .../corefoundation.nix} | 0 pkgs/os-specific/darwin/swift-corelibs/default.nix | 8 ++++++++ .../darwin/swift-corelibs/libdispatch.nix | 12 ++++++++++++ pkgs/top-level/darwin-packages.nix | 4 ++-- 4 files changed, 22 insertions(+), 2 deletions(-) rename pkgs/os-specific/darwin/{swift-corefoundation/default.nix => swift-corelibs/corefoundation.nix} (100%) create mode 100644 pkgs/os-specific/darwin/swift-corelibs/default.nix create mode 100644 pkgs/os-specific/darwin/swift-corelibs/libdispatch.nix diff --git a/pkgs/os-specific/darwin/swift-corefoundation/default.nix b/pkgs/os-specific/darwin/swift-corelibs/corefoundation.nix similarity index 100% rename from pkgs/os-specific/darwin/swift-corefoundation/default.nix rename to pkgs/os-specific/darwin/swift-corelibs/corefoundation.nix diff --git a/pkgs/os-specific/darwin/swift-corelibs/default.nix b/pkgs/os-specific/darwin/swift-corelibs/default.nix new file mode 100644 index 0000000000000..fdc97304528df --- /dev/null +++ b/pkgs/os-specific/darwin/swift-corelibs/default.nix @@ -0,0 +1,8 @@ +{callPackage, stdenv, darwin, xcbuild}: + +rec { + corefoundation = callPackage ./corefoundation.nix {}; + libdispatch = callPackage ./libdispatch.nix { + inherit (darwin) apple_sdk_sierra xnu; + }; +} diff --git a/pkgs/os-specific/darwin/swift-corelibs/libdispatch.nix b/pkgs/os-specific/darwin/swift-corelibs/libdispatch.nix new file mode 100644 index 0000000000000..bd143b6071ba6 --- /dev/null +++ b/pkgs/os-specific/darwin/swift-corelibs/libdispatch.nix @@ -0,0 +1,12 @@ +{ stdenv, fetchFromGitHub, cmake, apple_sdk_sierra, xnu-new }: + +stdenv.mkDerivation rec { + name = "swift-corelibs-libdispatch"; + src = fetchFromGitHub { + owner = "apple"; + repo = name; + rev = "f83b5a498bad8e9ff8916183cf6e8ccf677c346b"; + sha256 = "1czkyyc9llq2mnqfp19mzcfsxzas0y8zrk0gr5hg60acna6jkz2l"; + }; + buildInputs = [ cmake apple_sdk_sierra.sdk xnu-new ]; +} diff --git a/pkgs/top-level/darwin-packages.nix b/pkgs/top-level/darwin-packages.nix index 1f8039010d7b8..f1854bf60eaed 100644 --- a/pkgs/top-level/darwin-packages.nix +++ b/pkgs/top-level/darwin-packages.nix @@ -57,12 +57,12 @@ in stubs = callPackages ../os-specific/darwin/stubs { }; - swift-corefoundation = callPackage ../os-specific/darwin/swift-corefoundation { }; - trash = callPackage ../os-specific/darwin/trash { inherit (darwin.apple_sdk) frameworks; }; usr-include = callPackage ../os-specific/darwin/usr-include { }; xcode = callPackage ../os-specific/darwin/xcode { }; + swift-corelibs = callPackages ../os-specific/darwin/swift-corelibs { }; + }) From d625fece188feb5c58dc857af1cb64d5be24d03e Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 00:40:24 -0500 Subject: [PATCH 07/21] CoreSymbolication: init --- .../darwin/CoreSymbolication/default.nix | 19 +++++++++++++++++++ pkgs/top-level/darwin-packages.nix | 2 ++ 2 files changed, 21 insertions(+) create mode 100644 pkgs/os-specific/darwin/CoreSymbolication/default.nix diff --git a/pkgs/os-specific/darwin/CoreSymbolication/default.nix b/pkgs/os-specific/darwin/CoreSymbolication/default.nix new file mode 100644 index 0000000000000..aa73c7f86c405 --- /dev/null +++ b/pkgs/os-specific/darwin/CoreSymbolication/default.nix @@ -0,0 +1,19 @@ +{ fetchFromGitHub, stdenv }: + +# Reverse engineered CoreSymbolication to make dtrace buildable + +stdenv.mkDerivation rec { + name = "CoreSymbolication"; + + src = fetchFromGitHub { + repo = name; + owner = "matthewbauer"; + rev = "671fcb66c82eac1827f3f53dc4cc4e9b1b94da0a"; + sha256 = "0qpw46gwgjxiwqqjxksb8yghp2q8dwad6hzaf4zl82xpvk9n5ahj"; + }; + + installPhase = '' + mkdir -p $out/include + cp -r CoreSymbolication $out/include + ''; +} diff --git a/pkgs/top-level/darwin-packages.nix b/pkgs/top-level/darwin-packages.nix index f1854bf60eaed..55b8fc9238bea 100644 --- a/pkgs/top-level/darwin-packages.nix +++ b/pkgs/top-level/darwin-packages.nix @@ -63,6 +63,8 @@ in xcode = callPackage ../os-specific/darwin/xcode { }; + CoreSymbolication = callPackage ../os-specific/darwin/CoreSymbolication { }; + swift-corelibs = callPackages ../os-specific/darwin/swift-corelibs { }; }) From 0b833261727ff8c36e3c51eab8f522747198429a Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 00:41:15 -0500 Subject: [PATCH 08/21] darling: init --- pkgs/os-specific/darwin/darling/default.nix | 34 +++++++++++++++++++++ pkgs/top-level/darwin-packages.nix | 2 ++ 2 files changed, 36 insertions(+) create mode 100644 pkgs/os-specific/darwin/darling/default.nix diff --git a/pkgs/os-specific/darwin/darling/default.nix b/pkgs/os-specific/darwin/darling/default.nix new file mode 100644 index 0000000000000..8c94b2d878dd9 --- /dev/null +++ b/pkgs/os-specific/darwin/darling/default.nix @@ -0,0 +1,34 @@ +{stdenv, lib, fetchFromGitHub, cmake, bison, flex}: + +stdenv.mkDerivation rec { + pname = "darling"; + name = pname; + + src = fetchFromGitHub { + repo = pname; + owner = "darlinghq"; + rev = "d2cc5fa748003aaa70ad4180fff0a9a85dc65e9b"; + sha256 = "1mkcnzy1cfpwghgvb9pszhy9jy6534y8krw8inwl9fqfd0w019wz"; + }; + + # only packaging sandbox for now + buildPhase = '' + cc -c src/sandbox/sandbox.c -o src/sandbox/sandbox.o + cc -dynamiclib -flat_namespace src/sandbox/sandbox.o -o libsystem_sandbox.dylib + ''; + + installPhase = '' + mkdir -p $out/lib + cp -rL src/sandbox/include/ $out/ + cp libsystem_sandbox.dylib $out/lib/ + ''; + + # buildInputs = [ cmake bison flex ]; + + meta = with lib; { + maintainers = with maintainers; [ matthewbauer ]; + license = licenses.gpl3; + description = "Darwin/macOS emulation layer for Linux"; + platforms = platforms.unix; + }; +} diff --git a/pkgs/top-level/darwin-packages.nix b/pkgs/top-level/darwin-packages.nix index 55b8fc9238bea..d1d5aa470bca5 100644 --- a/pkgs/top-level/darwin-packages.nix +++ b/pkgs/top-level/darwin-packages.nix @@ -67,4 +67,6 @@ in swift-corelibs = callPackages ../os-specific/darwin/swift-corelibs { }; + darling = callPackage ../os-specific/darwin/darling/default.nix { }; + }) From 4a515ed306c24de0ec32acbfeb2c9882601f2a1c Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 00:43:07 -0500 Subject: [PATCH 09/21] dtrace: add xcode drv darwin.dtrace-xcode contains the dtrace bin --- .../darwin/apple-source-releases/default.nix | 3 +- .../apple-source-releases/dtrace/xcode.nix | 35 +++++++++++++++++++ 2 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 pkgs/os-specific/darwin/apple-source-releases/dtrace/xcode.nix diff --git a/pkgs/os-specific/darwin/apple-source-releases/default.nix b/pkgs/os-specific/darwin/apple-source-releases/default.nix index cca729016c25b..c796ca05105cc 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/default.nix @@ -201,7 +201,8 @@ let configd = applePackage "configd" "osx-10.8.5" "1gxakahk8gallf16xmhxhprdxkh3prrmzxnmxfvj0slr0939mmr2" {}; copyfile = applePackage "copyfile" "osx-10.11.6" "1rkf3iaxmjz5ycgrmf0g971kh90jb2z1zqxg5vlqz001s4y457gs" {}; Csu = applePackage "Csu" "osx-10.11.6" "0yh5mslyx28xzpv8qww14infkylvc1ssi57imhi471fs91sisagj" {}; - dtrace = applePackage "dtrace" "osx-10.11.6" "0pp5x8dgvzmg9vvg32hpy2brm17dpmbwrcr4prsmdmfvd4767wc0" {}; + dtrace = applePackage "dtrace" "osx-10.11.6" "04mi0jy8gy0w59rk9i9dqznysv6fzz1v5mq779s41cp308yi0h1c" {}; + dtrace-xcode = applePackage "dtrace/xcode.nix" "osx-10.11.6" "04mi0jy8gy0w59rk9i9dqznysv6fzz1v5mq779s41cp308yi0h1c" {}; dyld = applePackage "dyld" "osx-10.11.6" "0qkjmjazm2zpgvwqizhandybr9cm3gz9pckx8rmf0py03faafc08" {}; eap8021x = applePackage "eap8021x" "osx-10.11.6" "0iw0qdib59hihyx2275rwq507bq2a06gaj8db4a8z1rkaj1frskh" {}; ICU = applePackage "ICU" "osx-10.10.5" "1qihlp42n5g4dl0sn0f9pc0bkxy1452dxzf0vr6y5gqpshlzy03p" {}; diff --git a/pkgs/os-specific/darwin/apple-source-releases/dtrace/xcode.nix b/pkgs/os-specific/darwin/apple-source-releases/dtrace/xcode.nix new file mode 100644 index 0000000000000..3fb31fda166e0 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/dtrace/xcode.nix @@ -0,0 +1,35 @@ +{ appleDerivation, xcbuild, CoreSymbolication, xnu, bison, flex, darling }: + +appleDerivation { + buildInputs = [ xcbuild CoreSymbolication xnu bison flex darling ]; + NIX_CFLAGS_COMPILE = "-DCTF_OLD_VERSIONS -DPRIVATE -DYYDEBUG=1 -I${xnu}/Library/Frameworks/System.framework/Headers"; + NIX_LDFLAGS = "-L./Products/Release"; + xcbuildFlags = "-target dtrace"; + + # hack to handle xcbuild's broken lex handling + preBuild = '' + cd libdtrace + yacc -d dt_grammar.y + flex -l -d dt_lex.l + cd .. + + substituteInPlace dtrace.xcodeproj/project.pbxproj \ + --replace '6EBC9800099BFBBF0001019C /* dt_grammar.y */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.yacc; name = dt_grammar.y; path = libdtrace/dt_grammar.y; sourceTree = ""; };' '6EBC9800099BFBBF0001019C /* y.tab.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = y.tab.c; path = libdtrace/y.tab.c; sourceTree = ""; };' \ + --replace '6EBC9808099BFBBF0001019C /* dt_lex.l */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.lex; name = dt_lex.l; path = libdtrace/dt_lex.l; sourceTree = ""; };' '6EBC9808099BFBBF0001019C /* lex.yy.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = lex.yy.c; path = libdtrace/lex.yy.c; sourceTree = ""; };' + ''; + + # xcbuild doesn't support install + installPhase = '' + mkdir -p $out + + cp -r Products/Release/usr $out + mv $out/usr/* $out + rmdir $out/usr + + mkdir $out/lib + cp Products/Release/*.dylib $out/lib + + mkdir $out/bin + cp Products/Release/dtrace $out/bin + ''; +} From c468b30ede20dae73cd4add7b1503eea6dae51cc Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 22:40:59 -0500 Subject: [PATCH 10/21] libsecurity_utilities: fixup --- .../apple-source-releases/libsecurity_utilities/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix index bb55fd48d8b23..e811c4c11a82e 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix @@ -4,9 +4,12 @@ appleDerivation { libauto libobjc IOKit + ]; + propagatedBuildInputs = [ sqlite apple_sdk.frameworks.PCSC ]; + NIX_LDFLAGS = "-framework PCSC"; patchPhase = '' substituteInPlace lib/errors.h --replace \ '' \ From 71b53c0cfe6aa3ddd9bf0cb2c7124cf0f1243c32 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 22:42:03 -0500 Subject: [PATCH 11/21] libsecurity_codesigning: init --- .../libsecurity_codesigning/default.nix | 38 ++++++++++++++++--- 1 file changed, 32 insertions(+), 6 deletions(-) diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix index c5ba9cc8d7ef6..2a05855bd5214 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix @@ -1,7 +1,33 @@ -{ appleDerivation, libsecurity_cdsa_utilities, libsecurity_utilities }: +{ appleDerivation, libsecurity_cdsa_utilities, libsecurity_utilities +, Security, xnu, xar, antlr, libsecurityd, apple_sdk +, dtrace-xcode, osx_private_sdk }: appleDerivation { - buildInputs = [ - libsecurity_utilities - libsecurity_cdsa_utilities - ]; -} \ No newline at end of file + buildInputs = [ libsecurity_utilities libsecurity_cdsa_utilities dtrace-xcode + Security xar antlr libsecurityd ]; + NIX_CFLAGS_COMPILE = "-Iinclude -I${xnu}/Library/Frameworks/System.framework/Headers"; + patchPhase = '' + substituteInPlace lib/policydb.cpp \ + --replace "new MutableDictionary::MutableDictionary()" NULL + substituteInPlace lib/xpcengine.h \ + --replace "#include " "" + substituteInPlace lib/policyengine.cpp \ + --replace "#include " "" + + rm lib/policyengine.cpp lib/quarantine++.cpp lib/codedirectory.cpp lib/xpcengine.cpp + ''; + preBuild = '' + mkdir -p include + cp ${osx_private_sdk.src}/PrivateSDK10.10.sparse.sdk/usr/include/quarantine.h include + mkdir -p include/CoreServices/ + cp ${osx_private_sdk.src}/PrivateSDK10.10.sparse.sdk/System/Library/Frameworks/CoreServices.framework/PrivateHeaders/*.h include/CoreServices/ + + unpackFile ${Security.src} + mkdir -p include/securityd_client + cp Security-*/libsecurityd/lib/*.h include/securityd_client + mkdir -p include/xpc + cp ${apple_sdk.sdk}/include/xpc/*.h include/xpc + + sed -i '1i #define bool int' lib/security_codesigning.d + dtrace -h -C -s lib/security_codesigning.d -o codesigning_dtrace.h + ''; +} From 77ac9c50dce15b681d368b508d88b8b6c8440d15 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 22:42:50 -0500 Subject: [PATCH 12/21] security_systemkeychain: init Fixes #37838 --- .../darwin/apple-source-releases/default.nix | 3 ++ .../security_systemkeychain/default.nix | 31 +++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 pkgs/os-specific/darwin/apple-source-releases/security_systemkeychain/default.nix diff --git a/pkgs/os-specific/darwin/apple-source-releases/default.nix b/pkgs/os-specific/darwin/apple-source-releases/default.nix index c796ca05105cc..7ceeab9526ce7 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/default.nix @@ -53,6 +53,7 @@ let ICU = "531.48"; libdispatch = "442.1.4"; Security = "57031.40.6"; + security_systemkeychain = "55202"; IOAudioFamily = "203.3"; IOFireWireFamily = "458"; @@ -244,6 +245,8 @@ let shell_cmds = applePackage "shell_cmds" "osx-10.11.6" "0084k271v66h4jqp7q7rmjvv7w4mvhx3aq860qs8jbd30canm86n" {}; system_cmds = applePackage "system_cmds" "osx-10.11.6" "1h46j2c5v02pkv5d9fyv6cpgyg0lczvwicrx6r9s210cl03l77jl" {}; + security_systemkeychain = applePackage "security_systemkeychain" "osx-10.10.5" "0xviskdgxsail15npi0billyiysvljlmg38mmhnr7qi4ymnnjr90" {}; + libsecurity_apple_csp = libsecPackage "libsecurity_apple_csp" "osx-10.7.5" "1ngyn1ik27n4x981px3kfd1z1n8zx7r5w812b6qfjpy5nw4h746w" {}; libsecurity_apple_cspdl = libsecPackage "libsecurity_apple_cspdl" "osx-10.7.5" "1svqa5fhw7p7njzf8bzg7zgc5776aqjhdbnlhpwmr5hmz5i0x8r7" {}; libsecurity_apple_file_dl = libsecPackage "libsecurity_apple_file_dl" "osx-10.7.5" "1dfqani3n135i3iqmafc1k9awmz6s0a78zifhk15rx5a8ps870bl" {}; diff --git a/pkgs/os-specific/darwin/apple-source-releases/security_systemkeychain/default.nix b/pkgs/os-specific/darwin/apple-source-releases/security_systemkeychain/default.nix new file mode 100644 index 0000000000000..1a0208ef3a082 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/security_systemkeychain/default.nix @@ -0,0 +1,31 @@ +{ appleDerivation, xcbuild, Security +, libsecurity_codesigning, libsecurity_utilities, libsecurity_cdsa_utilities +, xnu, osx_private_sdk, pcsclite}: + +appleDerivation { + buildInputs = [ xcbuild Security libsecurity_utilities + libsecurity_cdsa_utilities libsecurity_codesigning + pcsclite ]; + + NIX_LDFLAGS = "-lpcsclite"; + + # can't build the whole thing + xcbuildFlags = "-target codesign"; + + preBuild = '' + mkdir -p include/Security + cp ${osx_private_sdk.src}/PrivateSDK10.10.sparse.sdk/System/Library/Frameworks/Security.framework/PrivateHeaders/*.h include/Security + cp ${osx_private_sdk.src}/PrivateSDK10.10.sparse.sdk/System/Library/Frameworks/Security.framework/Headers/*.h include/Security + + unpackFile ${xnu.src} + mkdir -p include/sys + cp -r xnu-*/bsd/sys/codesign.h include/sys/codesign.h + ''; + + NIX_CFLAGS_COMPILE = "-Iinclude"; + + installPhase = '' + mkdir -p $out/bin + cp Products/Release/codesign $out/bin/codesign + ''; +} From ca788ecac4ce5d147c4d1ae146d1aadf43128952 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 22:44:15 -0500 Subject: [PATCH 13/21] gdb, lldb: codesign it! This gives us the codesigned derivation darwin.gdb, darwin.lldb, and darwin.dtrace. Fixes #18420 Fixes #17406 --- pkgs/top-level/darwin-packages.nix | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/pkgs/top-level/darwin-packages.nix b/pkgs/top-level/darwin-packages.nix index d1d5aa470bca5..164c981da040c 100644 --- a/pkgs/top-level/darwin-packages.nix +++ b/pkgs/top-level/darwin-packages.nix @@ -1,7 +1,20 @@ -{ pkgs, darwin, stdenv, callPackage, callPackages, newScope }: +{ pkgs, darwin, stdenv, callPackage, callPackages, newScope, runCommand, config }: let apple-source-releases = callPackage ../os-specific/darwin/apple-source-releases { }; + + + codesign = drv: runCommand "codesign" { + nativeBuildInputs = [apple-source-releases.security_systemkeychain]; + } '' + mkdir -p $out/bin + for bin in ${drv}/bin/*; do + cp $bin $out/bin + done + for bin in $out/bin/*; do + codesign -s ${config.codesign_identity or "nixpkgs"} $bin + done + ''; in (apple-source-releases // { @@ -69,4 +82,8 @@ in darling = callPackage ../os-specific/darwin/darling/default.nix { }; + # sign some things that need signatures to work + gdb = codesign pkgs.gdb; + lldb = codesign pkgs.lldb; + dtrace = codesign pkgs.dtrace-xcode; }) From 4f2c868a31daea725a44f47bfc5a3837050d6b87 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 22:45:24 -0500 Subject: [PATCH 14/21] xcbuild: fix wrapper need $wrapper/usr/bin to exist for some SDK stuff --- pkgs/development/tools/xcbuild/wrapper.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkgs/development/tools/xcbuild/wrapper.nix b/pkgs/development/tools/xcbuild/wrapper.nix index 3a1547440fd6c..06c48ec0a73f9 100644 --- a/pkgs/development/tools/xcbuild/wrapper.nix +++ b/pkgs/development/tools/xcbuild/wrapper.nix @@ -46,6 +46,9 @@ stdenv.mkDerivation { ln -s $file done + mkdir $out/usr + ln -s $out/bin $out/usr/bin + mkdir -p $out/Library/Xcode/ ln -s ${xcbuild}/Library/Xcode/Specifications $out/Library/Xcode/Specifications From a025bd38768a4b539ff585e813e5cdfc0fe29af1 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 22:45:58 -0500 Subject: [PATCH 15/21] SmartCardServices: init --- .../SmartCardServices/default.nix | 41 +++++++++++++++++++ .../darwin/apple-source-releases/default.nix | 3 ++ 2 files changed, 44 insertions(+) create mode 100644 pkgs/os-specific/darwin/apple-source-releases/SmartCardServices/default.nix diff --git a/pkgs/os-specific/darwin/apple-source-releases/SmartCardServices/default.nix b/pkgs/os-specific/darwin/apple-source-releases/SmartCardServices/default.nix new file mode 100644 index 0000000000000..1cb85b1e98849 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/SmartCardServices/default.nix @@ -0,0 +1,41 @@ +{ stdenv, appleDerivation, xcbuild, gnumake, Security +, libsecurity_utilities, libsecurity_cdsa_utilities }: + +appleDerivation { + buildInputs = [ xcbuild libsecurity_utilities libsecurity_cdsa_utilities ]; + + DSTROOT = "$out"; + + NIX_CFLAGS_COMPILE = "-I."; + preBuild = '' + mkdir -p Security + cp ${Security}/Library/Frameworks/Security.framework/Headers/*.h Security + ''; + + patchPhase = '' + substituteInPlace SmartCardServices.xcodeproj/project.pbxproj \ + --replace "/usr/bin/gnumake" "${gnumake}/bin/make" + substituteInPlace src/PCSC/PCSC.exp \ + --replace _PCSCVersionString "" \ + --replace _PCSCVersionNumber "" + substituteInPlace Makefile.installPhase \ + --replace chown "# chown" \ + --replace /usr/bin/ "" + ''; + + installPhase = '' + make -f Makefile.installPhase install + make -f Makefile-exec.installPhase install + mv $out/usr/* $out + rmdir $out/usr + + mkdir -p $out/Library/Frameworks + cp -r Products/Release/PCSC.bundle $out/Library/Frameworks/PCSC.framework + ''; + + meta = with stdenv.lib; { + maintainers = with maintainers; [ matthewbauer ]; + platforms = platforms.darwin; + license = licenses.apsl20; + }; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/default.nix b/pkgs/os-specific/darwin/apple-source-releases/default.nix index 7ceeab9526ce7..6019c20dd4096 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/default.nix @@ -7,6 +7,7 @@ let # now it's staying here. versions = { "osx-10.11.6" = { + SmartCardServices = "55111"; dtrace = "168"; xnu = "3248.60.10"; libpthread = "138.10.4"; @@ -192,6 +193,8 @@ let adv_cmds = applePackage "adv_cmds" "osx-10.5.8" "102ssayxbg9wb35mdmhswbnw0bg7js3pfd8fcbic83c5q3bqa6c6" {}; packages = { + SmartCardServices = applePackage "SmartCardServices" "osx-10.11.6" "1qqjlbi6j37mw9p3qpfnwf14xh9ff8h5786bmvzwc4kblfglabkm" {}; + inherit (adv_cmds) ps locale; architecture = applePackage "architecture" "osx-10.11.6" "1pbpjcd7is69hn8y29i98ci0byik826if8gnp824ha92h90w0fq3" {}; bootstrap_cmds = applePackage "bootstrap_cmds" "dev-tools-7.0" "1v5dv2q3af1xwj5kz0a5g54fd5dm6j4c9dd2g66n4kc44ixyrhp3" {}; From 1371f23061cea01de4d8159c477644ed0f3966e3 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 8 Apr 2018 22:53:37 -0500 Subject: [PATCH 16/21] darwin: fixup eval --- pkgs/top-level/darwin-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/top-level/darwin-packages.nix b/pkgs/top-level/darwin-packages.nix index 164c981da040c..721619448f6bc 100644 --- a/pkgs/top-level/darwin-packages.nix +++ b/pkgs/top-level/darwin-packages.nix @@ -85,5 +85,5 @@ in # sign some things that need signatures to work gdb = codesign pkgs.gdb; lldb = codesign pkgs.lldb; - dtrace = codesign pkgs.dtrace-xcode; + dtrace = codesign apple-source-releases.dtrace-xcode; }) From 4cfb96350703acaea45571e06d54abef118ec6fc Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Mon, 9 Apr 2018 16:59:19 -0500 Subject: [PATCH 17/21] dtrace: patch impurities --- .../darwin/apple-source-releases/dtrace/xcode.nix | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/pkgs/os-specific/darwin/apple-source-releases/dtrace/xcode.nix b/pkgs/os-specific/darwin/apple-source-releases/dtrace/xcode.nix index 3fb31fda166e0..dd193f2c07dc6 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/dtrace/xcode.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/dtrace/xcode.nix @@ -1,4 +1,4 @@ -{ appleDerivation, xcbuild, CoreSymbolication, xnu, bison, flex, darling }: +{ appleDerivation, xcbuild, CoreSymbolication, xnu, bison, flex, darling, stdenv }: appleDerivation { buildInputs = [ xcbuild CoreSymbolication xnu bison flex darling ]; @@ -6,6 +6,14 @@ appleDerivation { NIX_LDFLAGS = "-L./Products/Release"; xcbuildFlags = "-target dtrace"; + patchPhase = '' + substituteInPlace dtrace.xcodeproj/project.pbxproj --replace "/usr/sbin" "" + substituteInPlace libdtrace/dt_open.c \ + --replace "/usr/bin/clang" "${stdenv.cc}/bin/cpp" \ + --replace "/usr/bin/ld" "${stdenv.cc}/bin/ld" \ + --replace "/usr/bin/dtrace" $out/lib/dtrace + ''; + # hack to handle xcbuild's broken lex handling preBuild = '' cd libdtrace @@ -31,5 +39,7 @@ appleDerivation { mkdir $out/bin cp Products/Release/dtrace $out/bin + + mkdir -p $out/lib/dtrace ''; } From 461317a8c91d5acdec5c8b1576a6c5cbb00b6074 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Mon, 9 Apr 2018 16:59:54 -0500 Subject: [PATCH 18/21] all-packages: add codesigning! --- pkgs/top-level/all-packages.nix | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 83e282d1002ab..c2b5345889ef5 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -111,6 +111,9 @@ with pkgs; buildMaven = callPackage ../build-support/build-maven.nix {}; + codesign = drv: if stdenv.isDarwin then darwin.codesign drv + else drv; + castxml = callPackage ../development/tools/castxml { }; cmark = callPackage ../development/libraries/cmark { }; @@ -6551,10 +6554,10 @@ with pkgs; lld_5 = llvmPackages_5.lld; lld_6 = llvmPackages_6.lld; - lldb = llvmPackages.lldb; - lldb_4 = llvmPackages_4.lldb; - lldb_5 = llvmPackages_5.lldb; - lldb_6 = llvmPackages_6.lldb; + lldb = codesign llvmPackages.lldb; + lldb_4 = codesign llvmPackages_4.lldb; + lldb_5 = codesign llvmPackages_5.lldb; + lldb_6 = codesign llvmPackages_6.lldb; llvm = llvmPackages.llvm; @@ -8291,11 +8294,11 @@ with pkgs; bashdb = callPackage ../development/tools/misc/bashdb { }; - gdb = callPackage ../development/tools/misc/gdb { + gdb = codesign (callPackage ../development/tools/misc/gdb { guile = null; hurd = gnu.hurdCross; inherit (gnu) mig; - }; + }); jhiccup = callPackage ../development/tools/java/jhiccup { }; From 9961c6ec59d49cae4ff6dcea2e5db6ce3782eba2 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Mon, 9 Apr 2018 17:00:45 -0500 Subject: [PATCH 19/21] darwin.codesign: cleanup --- pkgs/top-level/darwin-packages.nix | 47 +++++++++++++++++++----------- 1 file changed, 30 insertions(+), 17 deletions(-) diff --git a/pkgs/top-level/darwin-packages.nix b/pkgs/top-level/darwin-packages.nix index 721619448f6bc..2ac6328369cd8 100644 --- a/pkgs/top-level/darwin-packages.nix +++ b/pkgs/top-level/darwin-packages.nix @@ -2,19 +2,6 @@ let apple-source-releases = callPackage ../os-specific/darwin/apple-source-releases { }; - - - codesign = drv: runCommand "codesign" { - nativeBuildInputs = [apple-source-releases.security_systemkeychain]; - } '' - mkdir -p $out/bin - for bin in ${drv}/bin/*; do - cp $bin $out/bin - done - for bin in $out/bin/*; do - codesign -s ${config.codesign_identity or "nixpkgs"} $bin - done - ''; in (apple-source-releases // { @@ -82,8 +69,34 @@ in darling = callPackage ../os-specific/darwin/darling/default.nix { }; - # sign some things that need signatures to work - gdb = codesign pkgs.gdb; - lldb = codesign pkgs.lldb; - dtrace = codesign apple-source-releases.dtrace-xcode; + codesign = drv: if builtins.hasAttr "keychain" config then + (runCommand "codesign" { + nativeBuildInputs = [ + apple-source-releases.security_systemkeychain + darwin.cctools + darwin.security_tool + ]; + } '' + IDENTITY=${config.keychain.identity} + PASS=${config.keychain.password} + export HOME=$PWD + mkdir -p $PWD/Library/Keychains + cp ${config.keychain.file} $PWD/Library/Keychains + KEYCHAIN=$(basename $PWD/Library/Keychains/*) + security unlock-keychain -p $PASS $KEYCHAIN + security set-keychain-settings -u $PWD/Library/Keychains/$KEYCHAIN + security find-identity -s codesigning $KEYCHAIN + + mkdir -p $out/bin + for bin in ${drv}/bin/*; do + cp $bin $out/bin + done + for bin in $out/bin/*; do + codesign --sign $IDENTITY \ + --keychain $KEYCHAIN \ + $bin + done + + security lock-keychain $KEYCHAIN + '') else drv; }) From 7fced4f3e6f11bf026dae7931aedfcd4560c94e5 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Mon, 9 Apr 2018 18:05:38 -0500 Subject: [PATCH 20/21] libsecurity_apple_x509: add more symbols --- .../apple-source-releases/libsecurity_apple_x509_tp/GNUmakefile | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/GNUmakefile index 083a8a85d17d5..166b4e631c84c 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/GNUmakefile +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/GNUmakefile @@ -5,6 +5,7 @@ LIBRARY_NAME = security_apple_x509_tp security_apple_x509_tp_HEADER_FILES = $(notdir $(wildcard lib/*.h)) security_apple_x509_tp_HEADER_FILES_DIR = lib +security_apple_x509_tp_C_FILES = $(wildcard lib/*.c) security_apple_x509_tp_CC_FILES = $(wildcard lib/*.cpp) include $(GNUSTEP_MAKEFILES)/library.make From 16ccc784d58e606af807dea70a2b84885d78ef60 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Sun, 15 Apr 2018 23:52:10 -0500 Subject: [PATCH 21/21] wip --- .../CarbonHeaders/full.nix | 15 ++++++ .../Security/libsecurity_authorization.nix | 26 +++++++++ .../Security/libsecurity_comcryption.nix | 11 ++++ .../Security/libsecurity_cryptkit.nix | 15 ++++++ .../Security/libsecurity_transform.nix | 24 +++++++++ .../darwin/apple-source-releases/default.nix | 16 +++++- .../libsecurity_cdsa_client/default.nix | 6 ++- .../libsecurity_cdsa_plugin/default.nix | 4 ++ .../libsecurity_cms/default.nix | 34 ++++++++++++ .../libsecurity_codesigning/default.nix | 6 ++- .../libsecurity_comcryption/default.nix | 5 ++ .../libsecurity_cssm/GNUmakefile | 11 ---- .../libsecurity_cssm/default.nix | 26 +++++++-- .../libsecurity_keychain/default.nix | 13 ++++- .../libsecurity_mds/default.nix | 3 ++ .../libsecurity_smime/default.nix | 28 ++++++++++ .../libsecurity_ssl/default.nix | 19 +++++++ .../os-specific/darwin/darling/corecrypto.nix | 37 +++++++++++++ .../darwin/security-tool/GNUmakefile | 14 ----- .../darwin/security-tool/default.nix | 53 +++++++------------ pkgs/top-level/darwin-packages.nix | 29 ++++++++-- 21 files changed, 322 insertions(+), 73 deletions(-) create mode 100644 pkgs/os-specific/darwin/apple-source-releases/CarbonHeaders/full.nix create mode 100644 pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_authorization.nix create mode 100644 pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_comcryption.nix create mode 100644 pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_cryptkit.nix create mode 100644 pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_transform.nix create mode 100644 pkgs/os-specific/darwin/apple-source-releases/libsecurity_cms/default.nix create mode 100644 pkgs/os-specific/darwin/apple-source-releases/libsecurity_comcryption/default.nix delete mode 100644 pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/GNUmakefile create mode 100644 pkgs/os-specific/darwin/apple-source-releases/libsecurity_smime/default.nix create mode 100644 pkgs/os-specific/darwin/apple-source-releases/libsecurity_ssl/default.nix create mode 100644 pkgs/os-specific/darwin/darling/corecrypto.nix delete mode 100644 pkgs/os-specific/darwin/security-tool/GNUmakefile diff --git a/pkgs/os-specific/darwin/apple-source-releases/CarbonHeaders/full.nix b/pkgs/os-specific/darwin/apple-source-releases/CarbonHeaders/full.nix new file mode 100644 index 0000000000000..6d3e13dbd575b --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/CarbonHeaders/full.nix @@ -0,0 +1,15 @@ +{ stdenv, appleDerivation }: + +appleDerivation { + phases = [ "unpackPhase" "installPhase" ]; + + installPhase = '' + mkdir -p $out/include + cp MacTypes.h $out/include + cp ConditionalMacros.h $out/include + cp MacErrors.h $out/include + + substituteInPlace $out/include/MacTypes.h \ + --replace "CarbonCore/" "" + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_authorization.nix b/pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_authorization.nix new file mode 100644 index 0000000000000..790715f33090f --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_authorization.nix @@ -0,0 +1,26 @@ +{appleDerivation, xcbuild, osx_private_sdk, apple_sdk, libsecurity_cssm}: +appleDerivation { + name = "libsecurity_authorization"; + buildInputs = [xcbuild libsecurity_cssm]; + postUnpack = "sourceRoot=\${sourceRoot}/libsecurity_authorization"; + NIX_CFLAGS_COMPILE = "-I../sec -Iinclude"; + patchPhase = '' + cp lib/*.h ../sec/Security + + # private headers + mkdir -p include/CoreFoundation + cp ${osx_private_sdk.src}/PrivateSDK10.10.sparse.sdk/System/Library/Frameworks/CoreFoundation.framework/PrivateHeaders/CFXPCBridge.h include/CoreFoundation + mkdir -p include/xpc + cp ${apple_sdk.sdk}/include/xpc/* include/xpc + cp ${osx_private_sdk}/include/xpc/private.h include/xpc + ''; + installPhase = '' + # have no idea why it's called libsecurityd + install -D Products/Release/libsecurityd.a $out/lib/libsecurity_utilities.a + + mkdir -p $out/include/security_utilities + cp -r Products/Release/derived_src/security_utilities $out/include/security_utilities + cp lib/*.h $out/include/security_utilities + ln -s $out/include/security_utilities $out/include/Security + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_comcryption.nix b/pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_comcryption.nix new file mode 100644 index 0000000000000..fbbb817550c96 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_comcryption.nix @@ -0,0 +1,11 @@ +{appleDerivation, xcbuild}: +appleDerivation { + name = "libsecurity_comcryption"; + buildInputs = [xcbuild]; + postUnpack = "sourceRoot=\${sourceRoot}/libsecurity_comcryption"; + installPhase = '' + mkdir -p $out/lib $out/include/security_comcryption + cp Products/Release/ComCryption.a $out/lib/libComCryption.a + cp lib/*.h $out/include/security_comcryption + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_cryptkit.nix b/pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_cryptkit.nix new file mode 100644 index 0000000000000..beb1d5e92a2e8 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_cryptkit.nix @@ -0,0 +1,15 @@ +{appleDerivation, xcbuild, libsecurity_cssm, libsecurity_asn1}: +appleDerivation { + name = "libsecurity_cryptkit"; + buildInputs = [xcbuild libsecurity_cssm libsecurity_asn1]; + postUnpack = "sourceRoot=\${sourceRoot}/libsecurity_cryptkit"; + patchPhase = '' + rm ../include/security_asn1 + ''; + NIX_CFLAGS_COMPILE = "-I../sec"; + installPhase = '' + mkdir -p $out/lib $out/include/security_cryptkit + cp Products/Release/CryptKit.a $out/lib/libCryptKit.a + cp lib/*.h $out/include/security_cryptkit + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_transform.nix b/pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_transform.nix new file mode 100644 index 0000000000000..3561f1c8e7d30 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/Security/libsecurity_transform.nix @@ -0,0 +1,24 @@ +{ appleDerivation, xcbuild, apple_sdk, osx_private_sdk, libsecurity_keychain +, xnu, libsecurity_cssm, corecrypto, zlib }: +appleDerivation { + name = "libsecurity_transform"; + buildInputs = [ xcbuild libsecurity_keychain libsecurity_cssm + corecrypto apple_sdk.frameworks.CoreServices + zlib ]; + postUnpack = "sourceRoot=\${sourceRoot}/libsecurity_transform"; + NIX_CFLAGS_COMPILE = "-Iinclude -Wno-error -framework CoreServices"; + NIX_LDFLAGS = "-framework CoreServices"; + preBuild = '' + mkdir -p include/xpc + cp ${apple_sdk.sdk}/include/xpc/* include/xpc + cp ${osx_private_sdk}/include/xpc/private.h include/xpc + mkdir -p include/Security + cp lib/*.h include/Security + ''; + patchPhase = '' + substituteInPlace libsecurity_transform.xcodeproj/project.pbxproj \ + --replace \ + "{isa = PBXFileReference; explicitFileType = archive.ar; path = libsecurity_transform.a; sourceTree = BUILT_PRODUCTS_DIR; };" \ + "{isa = PBXFileReference; explicitFileType = compiled.mach-o.dylib; path = libsecurity_transform.dylib; sourceTree = BUILT_PRODUCTS_DIR; };" + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/default.nix b/pkgs/os-specific/darwin/apple-source-releases/default.nix index 6019c20dd4096..3de5ebe0e6f04 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/default.nix @@ -101,6 +101,7 @@ let libsecurity_cdsa_plugin = "55001"; libsecurity_cdsa_utilities = "55006"; libsecurity_cdsa_utils = "55000"; + libsecurity_cms = "55002.2"; libsecurity_codesigning = "55037.15"; libsecurity_cssm = "55005.5"; libsecurity_filedb = "55016.1"; @@ -109,7 +110,9 @@ let libsecurity_ocspd = "55010"; libsecurity_pkcs12 = "55000"; libsecurity_sd_cspdl = "55003"; + libsecurity_smime = "55004.3"; libsecurity_utilities = "55030.3"; + libsecurity_ssl = "55003"; libsecurityd = "55004"; }; "osx-10.7.4" = { @@ -200,6 +203,7 @@ let bootstrap_cmds = applePackage "bootstrap_cmds" "dev-tools-7.0" "1v5dv2q3af1xwj5kz0a5g54fd5dm6j4c9dd2g66n4kc44ixyrhp3" {}; bsdmake = applePackage "bsdmake" "dev-tools-3.2.6" "11a9kkhz5bfgi1i8kpdkis78lhc6b5vxmhd598fcdgra1jw4iac2" {}; CarbonHeaders = applePackage "CarbonHeaders" "osx-10.6.2" "1zam29847cxr6y9rnl76zqmkbac53nx0szmqm9w5p469a6wzjqar" {}; + CarbonHeaders-full = applePackage "CarbonHeaders/full.nix" "osx-10.6.2" "1zam29847cxr6y9rnl76zqmkbac53nx0szmqm9w5p469a6wzjqar" {}; CF = applePackage "CF" "osx-10.10.5" "07f5psjxi7wyd13ci4x83ya5hy6p69sjfqcpp2mmxdlhd8yzkf74" {}; CommonCrypto = applePackage "CommonCrypto" "osx-10.11.6" "0vllfpb8f4f97wj2vpdd7w5k9ibnsbr6ff1zslpp6q323h01n25y" {}; configd = applePackage "configd" "osx-10.8.5" "1gxakahk8gallf16xmhxhprdxkh3prrmzxnmxfvj0slr0939mmr2" {}; @@ -237,7 +241,6 @@ let objc4 = applePackage "objc4" "osx-10.11.6" "00b7vbgxni8frrqyi69b4njjihlwydzjd9zj9x4z5dbx8jabkvrj" {}; ppp = applePackage "ppp" "osx-10.11.6" "1dql6r1v0vbcs04958nn2i6p31yfsxyy51jca63bm5mf0gxalk3f" {}; removefile = applePackage "removefile" "osx-10.11.6" "1b6r74ry3k01kypvlaclf33fha15pcm0kzx9zrymlg66wg0s0i3r" {}; - Security = applePackage "Security" "osx-10.9.5" "1nv0dczf67dhk17hscx52izgdcyacgyy12ag0jh6nl5hmfzsn8yy" {}; xnu = applePackage "xnu" "osx-10.11.6" "0yhziq4dqqcbjpf6vyqn8xhwva2zb525gndkx8cp8alzwp76jnr9" {}; Librpcsvc = applePackage "Librpcsvc" "osx-10.11.6" "1zwfwcl9irxl1dlnf2b4v30vdybp0p0r6n6g1pd14zbdci1jcg2k" {}; adv_cmds = applePackage "adv_cmds/xcode.nix" "osx-10.11.6" "12gbv35i09aij9g90p6b3x2f3ramw43qcb2gjrg8lzkzmwvcyw9q" {}; @@ -248,7 +251,14 @@ let shell_cmds = applePackage "shell_cmds" "osx-10.11.6" "0084k271v66h4jqp7q7rmjvv7w4mvhx3aq860qs8jbd30canm86n" {}; system_cmds = applePackage "system_cmds" "osx-10.11.6" "1h46j2c5v02pkv5d9fyv6cpgyg0lczvwicrx6r9s210cl03l77jl" {}; + Security = applePackage "Security" "osx-10.9.5" "1nv0dczf67dhk17hscx52izgdcyacgyy12ag0jh6nl5hmfzsn8yy" {}; + libsecurity_authorization = applePackage "Security/libsecurity_authorization.nix" "osx-10.9.5" "1nv0dczf67dhk17hscx52izgdcyacgyy12ag0jh6nl5hmfzsn8yy" {}; + libsecurity_comcryption = applePackage "Security/libsecurity_comcryption.nix" "osx-10.9.5" "1nv0dczf67dhk17hscx52izgdcyacgyy12ag0jh6nl5hmfzsn8yy" {}; + libsecurity_cryptkit = applePackage "Security/libsecurity_cryptkit.nix" "osx-10.9.5" "1nv0dczf67dhk17hscx52izgdcyacgyy12ag0jh6nl5hmfzsn8yy" {}; + libsecurity_transform = applePackage "Security/libsecurity_transform.nix" "osx-10.9.5" "1nv0dczf67dhk17hscx52izgdcyacgyy12ag0jh6nl5hmfzsn8yy" {}; + security_systemkeychain = applePackage "security_systemkeychain" "osx-10.10.5" "0xviskdgxsail15npi0billyiysvljlmg38mmhnr7qi4ymnnjr90" {}; + libsecurity_smime = applePackage "libsecurity_smime" "osx-10.7.5" "05kf2yy995nsw0iwhm5p03jw6d0lvlpfpv2dfb1qpp1hd4kx6vay" {}; libsecurity_apple_csp = libsecPackage "libsecurity_apple_csp" "osx-10.7.5" "1ngyn1ik27n4x981px3kfd1z1n8zx7r5w812b6qfjpy5nw4h746w" {}; libsecurity_apple_cspdl = libsecPackage "libsecurity_apple_cspdl" "osx-10.7.5" "1svqa5fhw7p7njzf8bzg7zgc5776aqjhdbnlhpwmr5hmz5i0x8r7" {}; @@ -260,8 +270,9 @@ let libsecurity_cdsa_plugin = libsecPackage "libsecurity_cdsa_plugin" "osx-10.7.5" "0ifmx85rs51i7zjm015s8kc2dqyrlvbr39lw9xzxgd2ds33i4lfj" {}; libsecurity_cdsa_utilities = libsecPackage "libsecurity_cdsa_utilities" "osx-10.7.5" "1kzsl0prvfa8a0m3j3pcxq06aix1csgayd3lzx27iqg84c8mhzan" {}; libsecurity_cdsa_utils = libsecPackage "libsecurity_cdsa_utils" "osx-10.7.5" "0q55jizav6n0lkj7lcmcr2mjdhnbnnn525fa9ipwgvzbspihw0g6" {}; + libsecurity_cms = applePackage "libsecurity_cms" "osx-10.7.5" "0gjy3hh8i7rwi3hraa35k7sd7ik7qrdg433cd3gddjmvhmbqpqfx" {}; libsecurity_codesigning = libsecPackage "libsecurity_codesigning" "osx-10.7.5" "0vf5nj2g383b4hknlp51qll5pm8z4qbf56dnc16n3wm8gj82iasy" {}; - libsecurity_cssm = libsecPackage "libsecurity_cssm" "osx-10.7.5" "0l6ia533bhr8kqp2wa712bnzzzisif3kbn7h3bzzf4nps4wmwzn4" {}; + libsecurity_cssm = applePackage "libsecurity_cssm" "osx-10.7.5" "0l6ia533bhr8kqp2wa712bnzzzisif3kbn7h3bzzf4nps4wmwzn4" {}; libsecurity_filedb = libsecPackage "libsecurity_filedb" "osx-10.7.5" "1r0ik95xapdl6l2lhd079vpq41jjgshz2hqb8490gpy5wyc49cxb" {}; libsecurity_keychain = libsecPackage "libsecurity_keychain" "osx-10.7.5" "15wf2slcgyns61kk7jndgm9h22vidyphh9x15x8viyprra9bkhja" {}; libsecurity_mds = libsecPackage "libsecurity_mds" "osx-10.7.5" "0vin5hnzvkx2rdzaaj2gxmx38amxlyh6j24a8gc22y09d74p5lzs" {}; @@ -269,6 +280,7 @@ let libsecurity_pkcs12 = libsecPackage "libsecurity_pkcs12" "osx-10.7.5" "1yq8p2sp39q40fxshb256b7jn9lvmpymgpm8yz9kqrf980xddgsg" {}; libsecurity_sd_cspdl = libsecPackage "libsecurity_sd_cspdl" "osx-10.7.5" "10v76xycfnvz1n0zqfbwn3yh4w880lbssqhkn23iim3ihxgm5pbd" {}; libsecurity_utilities = libsecPackage "libsecurity_utilities" "osx-10.7.5" "0ayycfy9jm0n0c7ih9f3m69ynh8hs80v8yicq47aa1h9wclbxg8r" {}; + libsecurity_ssl = applePackage "libsecurity_ssl" "osx-10.7.5" "1fd6l4aj9bmkn463dcsxyf4s90rxd0qs013gj2hhxs5si0b104pk" {}; libsecurityd = libsecPackage "libsecurityd" "osx-10.7.5" "1ywm2qj8l7rhaxy5biwxsyavd0d09d4bzchm03nlvwl313p2747x" {}; security_dotmac_tp = libsecPackage "security_dotmac_tp" "osx-10.9.5" "1l4fi9qhrghj0pkvywi8da22bh06c5bv3l40a621b5g258na50pl" {}; }; diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/default.nix index 2ecad568bf7e7..980bb0ed20ce6 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/default.nix @@ -1,8 +1,12 @@ -{ appleDerivation, libsecurity_cdsa_utilities, libsecurity_utilities, libsecurityd }: +{ appleDerivation, libsecurity_cdsa_utilities, libsecurity_utilities, libsecurityd, osx_private_sdk }: appleDerivation { buildInputs = [ libsecurity_utilities libsecurity_cdsa_utilities libsecurityd ]; + postInstall = '' + mkdir -p $out/include/Security + cp -Lf ${osx_private_sdk.src}/PrivateSDK10.10.sparse.sdk/System/Library/Frameworks/Security.framework/PrivateHeaders/mdspriv.h $out/include/Security + ''; } diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/default.nix index b2dbb75f29712..88d16205be769 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/default.nix @@ -8,6 +8,10 @@ appleDerivation { patchPhase = '' unpackFile ${libsecurity_cssm.src} cp libsecurity_cssm*/lib/cssm{dli,aci,cli,cspi,tpi}.h lib + # cp libsecurity_cssm*/lib/*.h lib + substituteInPlace lib/cssmconfig.h --replace \ + '' \ + '"ConditionalMacros.h"' ''; preBuild = '' perl lib/generator.pl lib lib/generator.cfg lib lib || exit 1 diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cms/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cms/default.nix new file mode 100644 index 0000000000000..bdd98d58ccb6c --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cms/default.nix @@ -0,0 +1,34 @@ +{ appleDerivation, libsecurity_cssm, libsecurity_smime, libsecurity_asn1 +, libsecurity_keychain, xcbuild, Security, CarbonHeaders-full }: +appleDerivation { + buildInputs = [ xcbuild libsecurity_cssm libsecurity_asn1 libsecurity_keychain ]; + NIX_CFLAGS_COMPILE = "-I."; + preBuild = '' + # break recursive issue + # libsecurity_cms needs libsecurity_smime but libsecurity_smime needs libsecurity_cms + mkdir Security + unpackFile ${libsecurity_smime.src} + cp -f libsecurity_smime-*/lib/*.h Security + ln -s Security security_smime + ''; + patchPhase = '' + for f in lib/CMSUtils.cpp lib/CMSDecoder.cpp lib/CMSEncoder.cpp + do substituteInPlace $f \ + --replace \ + 'CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h' \ + '${CarbonHeaders-full}/include/MacErrors.h' + done + ''; + installPhase = '' + mkdir -p $out/Library/Frameworks + cp -r Products/security_cms.framework $out/Library/Frameworks + mkdir -p $out/Library/Frameworks/security_cms.framework/Versions/Current + cp Products/security_cms $out/Library/Frameworks/security_cms.framework/Versions/Current + cp Products/security_cms_debug_debug $out/Library/Frameworks/security_cms.framework/Versions/Current/security_cms_debug + mkdir -p $out/Library/Frameworks/security_cms.framework/Headers + cp lib/*.h $out/Library/Frameworks/security_cms.framework/Headers + mkdir -p $out/include + ln -s $out/Library/Frameworks/security_cms.framework/Headers $out/include/security_cms + ln -s $out/include/security_cms $out/include/Security + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix index 2a05855bd5214..0f5a199b8602e 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix @@ -7,7 +7,7 @@ appleDerivation { NIX_CFLAGS_COMPILE = "-Iinclude -I${xnu}/Library/Frameworks/System.framework/Headers"; patchPhase = '' substituteInPlace lib/policydb.cpp \ - --replace "new MutableDictionary::MutableDictionary()" NULL + --replace "new MutableDictionary::MutableDictionary()" "new MutableDictionary()" substituteInPlace lib/xpcengine.h \ --replace "#include " "" substituteInPlace lib/policyengine.cpp \ @@ -30,4 +30,8 @@ appleDerivation { sed -i '1i #define bool int' lib/security_codesigning.d dtrace -h -C -s lib/security_codesigning.d -o codesigning_dtrace.h ''; + + postInstall = '' + ln -s $out/include/security_codesigning $out/include/Security + ''; } diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_comcryption/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_comcryption/default.nix new file mode 100644 index 0000000000000..30e0b08c68306 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_comcryption/default.nix @@ -0,0 +1,5 @@ +{appleDerivation}: + +appleDerivation { + buildInputs = +} \ No newline at end of file diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/GNUmakefile deleted file mode 100644 index c7835aaa9b025..0000000000000 --- a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/GNUmakefile +++ /dev/null @@ -1,11 +0,0 @@ -include $(GNUSTEP_MAKEFILES)/common.make - -LIBRARY_NAME = security_cssm - -security_cssm_HEADER_FILES = $(notdir $(wildcard lib/*.h)) -security_cssm_HEADER_FILES_DIR = lib - -security_cssm_CC_FILES = $(wildcard lib/*.cpp) -security_cssm_C_FILES = $(wildcard lib/*.c) - -include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/default.nix index 053dea134c725..0637ba1734bba 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/default.nix @@ -1,4 +1,7 @@ -{ appleDerivation, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_codesigning, libsecurity_utilities, perl }: +{ appleDerivation, libsecurity_cdsa_client, libsecurity_cdsa_plugin +, libsecurity_cdsa_utilities, libsecurity_codesigning +, libsecurity_utilities, perl, libsecurity_apple_csp +, xcbuild, Security}: appleDerivation { buildInputs = [ libsecurity_utilities @@ -6,9 +9,24 @@ appleDerivation { libsecurity_cdsa_client perl libsecurity_cdsa_plugin + xcbuild + libsecurity_codesigning ]; + NIX_CFLAGS_COMPILE = "-I."; preBuild = '' - mkdir derived_src - perl lib/generator.pl lib lib/generator.cfg derived_src + ln -s ${Security}/Library/Frameworks/Security.framework/Headers Security ''; -} \ No newline at end of file + patchPhase = '' + substituteInPlace lib/cssmconfig.h \ + --replace CoreServices/../Frameworks/CarbonCore.framework/Headers/ConditionalMacros.h ConditionalMacros.h + ''; + installPhase = '' + mkdir -p $out/Library/Frameworks + cp -r Products/security_cssm.framework $out/Library/Frameworks + mkdir -p $out/Library/Frameworks/security_cssm.framework/Versions/Current + cp Products/security_cssm $out/Library/Frameworks/security_cssm.framework/Versions/Current + cp Products/security_cssm_debug_debug $out/Library/Frameworks/security_cssm.framework/Versions/Current/security_cssm_debug + mkdir -p $out/include/Security + cp lib/*.h $out/include/Security + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/default.nix index 06137879410d6..f3d17855bb7f7 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/default.nix @@ -1,4 +1,8 @@ -{ CF, Security, appleDerivation, apple_sdk, libsecurity_asn1, libsecurity_cdsa_client, libsecurity_cdsa_utilities, libsecurity_cdsa_utils, libsecurity_ocspd, libsecurity_pkcs12, libsecurity_utilities, libsecurityd, openssl, osx_private_sdk, security_dotmac_tp }: +{ CF, Security, appleDerivation, apple_sdk, libsecurity_asn1 +, libsecurity_cdsa_client, libsecurity_cdsa_utilities +, libsecurity_cdsa_utils, libsecurity_ocspd, libsecurity_pkcs12 +, libsecurity_utilities, libsecurityd, openssl, libsecurity_mds +, osx_private_sdk, security_dotmac_tp, CarbonHeaders-full }: appleDerivation { buildInputs = [ libsecurity_utilities @@ -13,6 +17,7 @@ appleDerivation { libsecurity_ocspd security_dotmac_tp ]; + propagatedBuildInputs = [ libsecurity_mds ]; patchPhase = '' substituteInPlace lib/Keychains.cpp --replace DLDbListCFPref.h DLDBListCFPref.h @@ -29,7 +34,7 @@ appleDerivation { substituteInPlace lib/Keychains.cpp --replace \ '' \ - '"${apple_sdk.sdk}/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Headers/MacErrors.h"' + '"${CarbonHeaders-full}/include/MacErrors.h"' substituteInPlace lib/CertificateValues.cpp --replace \ '#include ' "" @@ -44,4 +49,8 @@ appleDerivation { 'CoreFoundation/CFNotificationCenter.h' \ '${apple_sdk.sdk}/Library/Frameworks/CoreFoundation.framework/Versions/A/Headers/CFNotificationCenter.h' ''; + + postInstall = '' + ln -s $out/include/security_keychain $out/include/Security + ''; } diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/default.nix index cd691f71e95fd..00d75ed38751e 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/default.nix @@ -8,4 +8,7 @@ appleDerivation { libsecurity_cdsa_client libsecurityd ]; + postInstall = '' + ln -s $out/include/security_mds $out/include/Security + ''; } diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_smime/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_smime/default.nix new file mode 100644 index 0000000000000..43459d46aec51 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_smime/default.nix @@ -0,0 +1,28 @@ +{ appleDerivation, xcbuild, libsecurity_keychain, libsecurity_asn1 +, libsecurity_cssm, apple_sdk, osx_private_sdk, libsecurity_mds +, xnu, libsecurity_codesigning, libsecurity_authorization, libsecurity_cms +, libsecurity_ssl, CarbonHeaders-full, corecrypto }: + +appleDerivation { + buildInputs = [ xcbuild libsecurity_keychain libsecurity_asn1 + libsecurity_cssm libsecurity_mds libsecurity_codesigning + libsecurity_authorization libsecurity_cms libsecurity_ssl + corecrypto ]; + NIX_CFLAGS_COMPILE = "-Iinclude"; + patchPhase = '' + mkdir -p include/xpc + cp ${apple_sdk.sdk}/include/xpc/* include/xpc + cp ${osx_private_sdk}/include/xpc/private.h include/xpc + + substituteInPlace lib/cmssigdata.c \ + --replace "CCRandomRef kCCRandomDevRandom" "const CCRandomRef kCCRandomDevRandom" + + for f in lib/tsaSupport.c lib/cmsutil.c lib/cmssiginfo.c lib/cmsencode.c \ + lib/cmscinfo.c lib/cert.c + do substituteInPlace $f \ + --replace \ + 'CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h' \ + '${CarbonHeaders-full}/include/MacErrors.h' + done + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ssl/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ssl/default.nix new file mode 100644 index 0000000000000..ea0c44147055c --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ssl/default.nix @@ -0,0 +1,19 @@ +{ appleDerivation, xcbuild, libsecurity_keychain, libsecurity_cssm, apple_sdk +, CarbonHeaders-full, libsecurity_utilities, libsecurity_asn1 +, libsecurity_mds, libsecurity_codesigning, libsecurity_authorization +, libsecurity_cms }: +appleDerivation { + buildInputs = [ xcbuild libsecurity_keychain libsecurity_cssm + libsecurity_utilities libsecurity_asn1 + libsecurity_mds libsecurity_codesigning + libsecurity_authorization libsecurity_cms ]; + patchPhase = '' + for f in lib/ssl.h lib/tls_hmac.c lib/sslTransport.c lib/symCipher.c \ + lib/sslKeychain.c lib/sslMemory.c lib/sslContext.c + do substituteInPlace $f \ + --replace \ + 'CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h' \ + '${CarbonHeaders-full}/include/MacErrors.h' + done + ''; +} diff --git a/pkgs/os-specific/darwin/darling/corecrypto.nix b/pkgs/os-specific/darwin/darling/corecrypto.nix new file mode 100644 index 0000000000000..a7e0af259397f --- /dev/null +++ b/pkgs/os-specific/darwin/darling/corecrypto.nix @@ -0,0 +1,37 @@ +{stdenv, lib, fetchFromGitHub, cmake, bison, flex}: + +stdenv.mkDerivation rec { + pname = "darling-corecrypto"; + name = pname; + + src = fetchFromGitHub { + repo = pname; + owner = "darlinghq"; + rev = "4dd1c763a651ad63a0e5365fbc6687e843221049"; + sha256 = "0f88xi8494zd0p3s6nkjl22ycinvcsr0chbcmlbdnpwwilhgxdq1"; + }; + + # buildInputs = [ cmake ]; + + buildPhase = '' + for f in src/*.c; do + cc -c $f -Iinclude -o ''${f%.c}.o + done + cc -dynamiclib -flat_namespace src/*.o -o libcorecrypto.dylib + ar -cvq libcorecrypto.a src/*.o + ''; + + installPhase = '' + mkdir -p $out + cp -r include $out + mkdir -p $out/lib + cp libcorecrypto.* $out/lib + ''; + + meta = with lib; { + maintainers = with maintainers; [ matthewbauer ]; + license = licenses.gpl3; + description = "CoreCrypto reimplementation under GPL-3"; + platforms = platforms.unix; + }; +} diff --git a/pkgs/os-specific/darwin/security-tool/GNUmakefile b/pkgs/os-specific/darwin/security-tool/GNUmakefile deleted file mode 100644 index ae25f6a67c025..0000000000000 --- a/pkgs/os-specific/darwin/security-tool/GNUmakefile +++ /dev/null @@ -1,14 +0,0 @@ -include $(GNUSTEP_MAKEFILES)/common.make - -TOOL_NAME = security -security_C_FILES = $(wildcard *.c) -security_CC_FILES = $(wildcard *.cpp) - -security_LDFLAGS = \ - -lsecurity_cdsa_utilities -lsecurity_cdsa_utils -lsecurity_keychain -lsecurity_cssm \ - -lsecurity_cdsa_client -lsecurity_utilities -lsecurity_asn1 -lsecurity_mds \ - -lsecurity_cdsa_plugin -lsecurity_pkcs12 -lsecurity_apple_csp -lsecurity_apple_cspdl \ - -lsecurity_apple_file_dl -lsecurity_apple_x509_cl -lsecurity_apple_x509_tp \ - -lsecurity_sd_cspdl -lsecurity_filedb -lsecurityd -framework Security -framework PCSC - -include $(GNUSTEP_MAKEFILES)/tool.make diff --git a/pkgs/os-specific/darwin/security-tool/default.nix b/pkgs/os-specific/darwin/security-tool/default.nix index 2b8c7718aee8a..13b17bfe1c5fa 100644 --- a/pkgs/os-specific/darwin/security-tool/default.nix +++ b/pkgs/os-specific/darwin/security-tool/default.nix @@ -1,10 +1,14 @@ -{ CoreServices, Foundation, PCSC, Security, GSS, Kerberos, makeWrapper, apple_sdk, -fetchurl, gnustep, libobjc, libsecurity_apple_csp, libsecurity_apple_cspdl, -libsecurity_apple_file_dl, libsecurity_apple_x509_cl, libsecurity_apple_x509_tp, -libsecurity_asn1, libsecurity_cdsa_client, libsecurity_cdsa_plugin, -libsecurity_cdsa_utilities, libsecurity_cdsa_utils, libsecurity_cssm, libsecurity_filedb, -libsecurity_keychain, libsecurity_mds, libsecurity_pkcs12, libsecurity_sd_cspdl, -libsecurity_utilities, libsecurityd, osx_private_sdk, Security-framework, stdenv }: +{ CoreServices, Foundation, PCSC, Security, GSS, Kerberos, makeWrapper +, fetchurl, libsecurity_apple_csp +, libsecurity_apple_cspdl, libsecurity_apple_file_dl, libsecurity_apple_x509_cl +, libsecurity_apple_x509_tp, libsecurity_asn1, libsecurity_cdsa_client +, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities +, libsecurity_cdsa_utils, libsecurity_cssm, libsecurity_filedb +, libsecurity_keychain, libsecurity_mds, libsecurity_pkcs12 +, libsecurity_sd_cspdl, libsecurity_utilities, libsecurityd +, osx_private_sdk, Security-framework, stdenv, libsecurity_comcryption +, libsecurity_codesigning, libsecurity_cryptkit, libsecurity_smime +, xcbuild, CarbonHeaders-full}: stdenv.mkDerivation rec { version = "55115"; @@ -21,10 +25,12 @@ stdenv.mkDerivation rec { substituteInPlace cmsutil.c --replace \ '' \ - '"${apple_sdk.sdk}/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Headers/MacErrors.h"' + '"${CarbonHeaders-full}/include/MacErrors.h"' substituteInPlace createFVMaster.c --replace \ '' \ - '"${apple_sdk.sdk}/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Headers/MacErrors.h"' + '"${CarbonHeaders-full}/include/MacErrors.h"' + substituteInPlace authz.c \ + --replace '' '"Security/AuthorizationPriv.h"' ''; postUnpack = '' @@ -39,26 +45,14 @@ stdenv.mkDerivation rec { NIX_LDFLAGS = "-no_dtrace_dof"; - makeFlags = [ - "-f ${./GNUmakefile}" - "MAKEFILE_NAME=${./GNUmakefile}" - "GNUSTEP_MAKEFILES=${gnustep.make}/share/GNUstep/Makefiles" - ]; - - installFlags = [ - "security_INSTALL_DIR=\$(out)/bin" - ]; - propagatedBuildInputs = [ GSS Kerberos Security-framework PCSC Foundation ]; __propagatedImpureHostDeps = [ "/System/Library/Keychains" ]; buildInputs = [ - gnustep.make libsecurity_asn1 libsecurity_utilities libsecurity_cdsa_utilities - libobjc libsecurity_cdsa_client libsecurity_keychain libsecurity_cssm @@ -74,19 +68,13 @@ stdenv.mkDerivation rec { libsecurity_sd_cspdl libsecurity_filedb libsecurityd - makeWrapper + libsecurity_comcryption + libsecurity_cryptkit + xcbuild + libsecurity_codesigning + libsecurity_smime ]; - NIX_CFLAGS_COMPILE = [ - "-F${Security}/Library/Frameworks" - "-F${PCSC}/Library/Frameworks" - "-Wno-deprecated-declarations" - ]; - - postInstall = '' - wrapProgram $out/bin/security --set DYLD_INSERT_LIBRARIES /usr/lib/libsqlite3.dylib - ''; - meta = with stdenv.lib; { description = "Command line interface to macOS keychains and Security framework"; maintainers = with maintainers; [ @@ -97,4 +85,3 @@ stdenv.mkDerivation rec { license = licenses.apsl20; }; } - diff --git a/pkgs/top-level/darwin-packages.nix b/pkgs/top-level/darwin-packages.nix index 2ac6328369cd8..d39dd5bc4eb77 100644 --- a/pkgs/top-level/darwin-packages.nix +++ b/pkgs/top-level/darwin-packages.nix @@ -44,7 +44,7 @@ in }; libobjc = apple-source-releases.objc4; - + lsusb = callPackage ../os-specific/darwin/lsusb { }; opencflite = callPackage ../os-specific/darwin/opencflite { }; @@ -69,6 +69,8 @@ in darling = callPackage ../os-specific/darwin/darling/default.nix { }; + corecrypto = callPackage ../os-specific/darwin/darling/corecrypto.nix { }; + codesign = drv: if builtins.hasAttr "keychain" config then (runCommand "codesign" { nativeBuildInputs = [ @@ -80,12 +82,29 @@ in IDENTITY=${config.keychain.identity} PASS=${config.keychain.password} export HOME=$PWD - mkdir -p $PWD/Library/Keychains - cp ${config.keychain.file} $PWD/Library/Keychains - KEYCHAIN=$(basename $PWD/Library/Keychains/*) + mkdir -p $PWD/Library/Keychains $PWD/Library/Preferences + KEYCHAIN=nixpkgs.keychain + cp ${config.keychain.file} $PWD/Library/Keychains/$KEYCHAIN + cat > $PWD/Library/Preferences/com.apple.security.plist < + + + + DLDBSearchList + + + DbName + ~/Library/Keychains/nixpkgs.keychain + SubserviceType + 6 + + + + +EOF security unlock-keychain -p $PASS $KEYCHAIN security set-keychain-settings -u $PWD/Library/Keychains/$KEYCHAIN - security find-identity -s codesigning $KEYCHAIN + # security find-identity -s codesigning $KEYCHAIN mkdir -p $out/bin for bin in ${drv}/bin/*; do