pkgs.ucspi-tcp: init

current stable of this pkg is broken, so we vendor it in nixpkgs. We
removed the setuid bit from the build binaries

2 files changed, 101 insertions, 0 deletions

diff --git a/krebs/5pkgs/simple/ucspi-tcp/chmod.patch b/krebs/5pkgs/simple/ucspi-tcp/chmod.patch
new file mode 100644
index 00000000..dd693320
--- /dev/null
+++ b/krebs/5pkgs/simple/ucspi-tcp/chmod.patch
@@ -0,0 +1,15 @@
+diff --git a/hier.c b/hier.c
+index 5663ada..1d73b84 100644
+--- a/hier.c
++++ b/hier.c
+@@ -2,8 +2,8 @@
+ 
+ void hier()
+ {
+-  h(auto_home,-1,-1,02755);
+-  d(auto_home,"bin",-1,-1,02755);
++  h(auto_home,-1,-1,0755);
++  d(auto_home,"bin",-1,-1,0755);
+ 
+   c(auto_home,"bin","tcpserver",-1,-1,0755);
+   c(auto_home,"bin","tcprules",-1,-1,0755);
diff --git a/krebs/5pkgs/simple/ucspi-tcp/default.nix b/krebs/5pkgs/simple/ucspi-tcp/default.nix
new file mode 100644
index 00000000..3b043be0
--- /dev/null
+++ b/krebs/5pkgs/simple/ucspi-tcp/default.nix
@@ -0,0 +1,86 @@
+{ stdenv, fetchurl }:
+
+stdenv.mkDerivation rec {
+  name = "ucspi-tcp-0.88";
+
+  src = fetchurl {
+    url = "http://cr.yp.to/ucspi-tcp/${name}.tar.gz";
+    sha256 = "171yl9kfm8w7l17dfxild99mbf877a9k5zg8yysgb1j8nz51a1ja";
+  };
+
+  # Plain upstream tarball doesn't build, get patches from Debian
+  patches = [
+    (fetchurl {
+      url = "http://ftp.de.debian.org/debian/pool/main/u/ucspi-tcp/ucspi-tcp_0.88-3.diff.gz";
+      sha256 = "0mzmhz8hjkrs0khmkzs5i0s1kgmgaqz07h493bd5jj5fm5njxln6";
+    })
+    ./chmod.patch
+  ];
+
+  # Apply Debian patches
+  postPatch = ''
+    for fname in debian/diff/*.diff; do
+        echo "Applying patch $fname"
+        patch < "$fname"
+    done
+  '';
+
+  # The build system is weird; 'make install' doesn't install anything, instead
+  # it builds an executable called ./install (from C code) which installs
+  # binaries to the directory given on line 1 in ./conf-home.
+  #
+  # Also, assume getgroups and setgroups work, instead of doing a build time
+  # test that breaks on NixOS (I think because nixbld users lack CAP_SETGID
+  # capability).
+  preBuild = ''
+    echo "$out" > conf-home
+
+    echo "main() { return 0; }" > chkshsgr.c
+  '';
+
+  installPhase = ''
+    mkdir -p "$out/bin"
+    mkdir -p "$out/share/man/man1"
+
+    # run the newly built installer
+    ./install
+
+    # Install Debian man pages (upstream has none)
+    cp debian/ucspi-tcp-man/*.1 "$out/share/man/man1"
+  '';
+
+  meta = with stdenv.lib; {
+    description = "Command-line tools for building TCP client-server applications";
+    longDescription = ''
+      tcpserver waits for incoming connections and, for each connection, runs a
+      program of your choice. Your program receives environment variables
+      showing the local and remote host names, IP addresses, and port numbers.
+
+      tcpserver offers a concurrency limit to protect you from running out of
+      processes and memory. When you are handling 40 (by default) simultaneous
+      connections, tcpserver smoothly defers acceptance of new connections.
+
+      tcpserver also provides TCP access control features, similar to
+      tcp-wrappers/tcpd's hosts.allow but much faster. Its access control rules
+      are compiled into a hashed format with cdb, so it can easily deal with
+      thousands of different hosts.
+
+      This package includes a recordio tool that monitors all the input and
+      output of a server.
+
+      tcpclient makes a TCP connection and runs a program of your choice. It
+      sets up the same environment variables as tcpserver.
+
+      This package includes several sample clients built on top of tcpclient:
+      who@, date@, finger@, http@, tcpcat, and mconnect.
+
+      tcpserver and tcpclient conform to UCSPI, the UNIX Client-Server Program
+      Interface, using the TCP protocol. UCSPI tools are available for several
+      different networks.
+    '';
+    homepage = http://cr.yp.to/ucspi-tcp.html;
+    license = licenses.publicDomain;
+    platforms = platforms.linux;
+    maintainers = [ maintainers.bjornfor ];
+  };
+}