qdigidoc: 4.6.0 -> 4.7.0 (#394662) (3a5d2765) · Commits · nix / nixpkgs

.editorconfig

+5 −0

Original line number	Diff line number	Diff line
		@@ -107,6 +107,11 @@ trim_trailing_whitespace = unset
		[pkgs/tools/misc/timidity/timidity.cfg]
		trim_trailing_whitespace = unset

		[pkgs/tools/security/qdigidoc/vendor/*]
		end_of_line = unset
		insert_final_newline = unset
		trim_trailing_whitespace = unset

		[pkgs/tools/virtualization/ovftool/*.ova]
		end_of_line = unset
		insert_final_newline = unset

pkgs/tools/security/qdigidoc/default.nix

+14 −15

Original line number	Diff line number	Diff line
		@@ -2,7 +2,6 @@
		lib,
		mkDerivation,
		fetchurl,
		fetchpatch,
		cmake,
		flatbuffers,
		gettext,
		@@ -19,25 +18,13 @@

		mkDerivation rec {
		pname = "qdigidoc";
		version = "4.6.0";
		version = "4.7.0";

		src = fetchurl {
		url = "https://github.com/open-eid/DigiDoc4-Client/releases/download/v${version}/qdigidoc4-${version}.tar.gz";
		hash = "sha256-szFLY9PpZMMYhfV5joueShfu92YDVmcCC3MOWIOAKVg=";
		hash = "sha256-XP7KqhIYriHQzQrw77zUp/I9nnh9EqK0m9+N+69Lh5c=";
		};

		patches = [
		(fetchpatch {
		url = "https://github.com/open-eid/DigiDoc4-Client/commit/bb324d18f0452c2ab1b360ff6c42bb7f11ea60d7.patch";
		hash = "sha256-JpaU9inupSDsZKhHk+sp5g+oUynVFxR7lshjTXoFIbU=";
		})

		# Regularly update this with what's on https://src.fedoraproject.org/rpms/qdigidoc/blob/rawhide/f/sandbox.patch
		# This prevents attempts to download TSL lists inside the build sandbox.
		# The list files are regularly updated (get new signatures), though this also happens at application runtime.
		./sandbox.patch
		];

		nativeBuildInputs = [
		cmake
		gettext
		@@ -56,6 +43,18 @@ mkDerivation rec {
		qtsvg
		];

		# qdigidoc needs a (somewhat recent) config, as well as a TSL list for signing to work.
		# To refresh, re-fetch and update what's in the vendor/ directory.
		cmakeFlags = [
		# If not provided before the build, qdigidoc tries to download a TSL list during the build.
		# We pass it in via TSL_URL, fetched from https://ec.europa.eu/tools/lotl/eu-lotl.xml.
		"-DTSL_URL=file://${./vendor/eu-lotl.xml}"
		# `config.{json,pub,rsa}`, from https://id.eesti.ee/config.{json,pub,rsa}.
		# The build system also looks for `config.{pub,rsa}` in the same directory,
		# all three files need to be present.
		"-DCONFIG_URL=file://${./vendor}/config.json"
		];

		# qdigidoc4's `QPKCS11::reload()` dlopen()s "opensc-pkcs11.so" in QLibrary,
		# i.e. OpenSC's module is searched for in libQt5Core's DT_RUNPATH and fixing
		# qdigidoc4's DT_RUNPATH has no effect on Linux (at least OpenBSD's ld.so(1)

pkgs/tools/security/qdigidoc/sandbox.patch

deleted100644 → 0

+0 −11123

File deleted.

Preview size limit exceeded, changes collapsed.

pkgs/tools/security/qdigidoc/vendor/config.json

0 → 100644

+120 −0

File added.

Preview size limit exceeded, changes collapsed.

pkgs/tools/security/qdigidoc/vendor/config.pub

0 → 100644

+8 −0

Original line number	Diff line number	Diff line
		-----BEGIN RSA PUBLIC KEY-----
		MIIBCgKCAQEAu7GeS3jgvLjKL8ZgA4DlT3n3+/IQpoSlO0ErRIVT5upbY7yDf0mj
		Cc8Xaqr91aBHjYnrEAz+nkmb12BuJCp/C3xQXnXEQchF2J+HfMbIClJ7TCl2951k
		kuKdZpNeZ/iim0uRTs1UA0ews0+CPLAAklEpC1h5+fK8Uwl9+5h+v5jj/9P06ey0
		8H3VpxX4Nu0XTU2QcXocv5BTYJKxLKQicEL+nstpBrRI2Cqgwcd2Fz2qp8M9KJvI
		TKW0TD2EKgq6nYELXPRNl/KOsVt7RGyUutd809GARfcOotvhHy2qzHoWlr3pY2ZO
		zMSpZbisPvbOJ4fIyPhkbWBr7a3ytquOmQIDAQAB
		-----END RSA PUBLIC KEY-----