Loading pkgs/by-name/wo/wolfssl/package.nixdeleted 100644 → 0 +0 −135 Original line number Diff line number Diff line { lib, stdenv, fetchFromGitHub, autoreconfHook, util-linux, openssl, cacert, # The primary --enable-XXX variant. 'all' enables most features, but causes build-errors for some software, # requiring to build a special variant for that software. Example: 'haproxy' variant ? "all", extraConfigureFlags ? [ ], enableJni ? false, enableARMCryptoExtensions ? stdenv.hostPlatform.isAarch64 && ((builtins.match "^.*\\+crypto.*$" stdenv.hostPlatform.gcc.arch) != null), enableLto ? !(stdenv.hostPlatform.isStatic || stdenv.cc.isClang), }: stdenv.mkDerivation (finalAttrs: { pname = "wolfssl-${variant}"; version = "5.9.1"; src = fetchFromGitHub { owner = "wolfSSL"; repo = "wolfssl"; tag = "v${finalAttrs.version}-stable"; hash = "sha256-FyEb94hsO2BaTEi1CJRfCsUiT1xyWCzu7Uys81g2CBE="; }; postPatch = '' patchShebangs ./scripts # ensure test detects musl-based systems too substituteInPlace scripts/ocsp-stapling2.test \ --replace '"linux-gnu"' '"linux-"' '' + lib.optionalString enableJni '' # Some tests fail when JNI is enabled sed -i '/TEST_DECL(test_wolfSSL_Tls13_ECH)/d; /TEST_DECL(test_wolfSSL_Tls13_ECH_HRR)/d; /TEST_DECL(test_TLSX_CA_NAMES_bad_extension)/d' tests/api.c sed -i '/quic/d' tests/include.am sed -i '/WOLFSSL_QUIC/,/#endif/d' tests/unit.c ''; configureFlags = [ "--enable-${variant}" "--enable-reproducible-build" ] ++ lib.optionals (variant == "all") [ # Extra feature flags to add while building the 'all' variant. # Since they conflict while building other variants, only specify them for this one. "--enable-pkcs11" "--enable-writedup" "--enable-base64encode" ] ++ [ # We're not on tiny embedded machines. # Increase TLS session cache from 33 sessions to 20k. "--enable-bigcache" # Use WolfSSL's Single Precision Math with timing-resistant cryptography. "--enable-sp=yes${ lib.optionalString (stdenv.hostPlatform.isx86_64 || stdenv.hostPlatform.isAarch) ",asm" }" "--enable-sp-math-all" "--enable-harden" ] ++ lib.optionals (stdenv.hostPlatform.isx86_64) [ # Enable AVX/AVX2/AES-NI instructions, gated by runtime detection via CPUID. "--enable-intelasm" "--enable-aesni" ] ++ lib.optionals (stdenv.hostPlatform.isAarch64) [ # No runtime detection under ARM and no platform function checks like for X86. (if enableARMCryptoExtensions then "--enable-armasm=inline" else "--disable-armasm") ] ++ lib.optionals enableJni [ "--enable-jni" ] ++ extraConfigureFlags; # Breaks tls13 tests on aarch64-darwin. hardeningDisable = lib.optionals (stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isAarch64) [ "zerocallusedregs" ]; # LTO should help with the C implementations. env.NIX_CFLAGS_COMPILE = lib.optionalString enableLto "-flto"; env.NIX_LDFLAGS_COMPILE = lib.optionalString enableLto "-flto"; # Don't attempt connections to external services in the test suite. env.WOLFSSL_EXTERNAL_TEST = "0"; outputs = [ "dev" "doc" "lib" "out" ]; nativeBuildInputs = [ autoreconfHook util-linux ]; # FAILURES: # 497: test_wolfSSL_EVP_PBE_scrypt doCheck = !stdenv.hostPlatform.isLoongArch64; nativeCheckInputs = [ openssl cacert ]; postInstall = '' # fix recursive cycle: # wolfssl-config points to dev, dev propagates bin moveToOutput bin/wolfssl-config "$dev" # moveToOutput also removes "$out" so recreate it mkdir -p "$out" ''; meta = { description = "Small, fast, portable implementation of TLS/SSL for embedded devices"; mainProgram = "wolfssl-config"; homepage = "https://www.wolfssl.com/"; changelog = "https://github.com/wolfSSL/wolfssl/releases/tag/v${finalAttrs.version}-stable"; platforms = lib.platforms.all; license = lib.licenses.gpl3Plus; maintainers = with lib.maintainers; [ fab vifino ]; }; }) pkgs/top-level/aliases.nix +1 −0 Original line number Diff line number Diff line Loading @@ -2132,6 +2132,7 @@ mapAliases { wlroots_0_17 = throw "'wlroots_0_17' has been removed in favor of newer versions"; # Added 2026-03-07 wlx-overlay-s = throw "'wlx-overlay-s' and 'wayvr-dashboard' have been merged into a single application. Please switch to 'wayvr'"; # Added 2026-01-09 wmii_hg = throw "'wmii_hg' has been renamed to/replaced by 'wmii'"; # Converted to throw 2025-10-27 wolfssl = throw "'wolfssl' has been removed because it has an unclear licensing situation and no remaining users in Nixpkgs"; # Added 2026-04-03 woof = throw "'woof' has been removed as it is broken and unmaintained upstream"; # Added 2025-09-04 worldengine-cli = throw "'worldengine-cli' has been removed because it has been marked as broken since at least November 2024."; # Added 2025-10-04 wpa_supplicant_ro_ssids = throw "'wpa_supplicant_ro_ssids' has been renamed to/replaced by 'wpa_supplicant'"; # Converted to throw 2025-10-27 Loading Loading
pkgs/by-name/wo/wolfssl/package.nixdeleted 100644 → 0 +0 −135 Original line number Diff line number Diff line { lib, stdenv, fetchFromGitHub, autoreconfHook, util-linux, openssl, cacert, # The primary --enable-XXX variant. 'all' enables most features, but causes build-errors for some software, # requiring to build a special variant for that software. Example: 'haproxy' variant ? "all", extraConfigureFlags ? [ ], enableJni ? false, enableARMCryptoExtensions ? stdenv.hostPlatform.isAarch64 && ((builtins.match "^.*\\+crypto.*$" stdenv.hostPlatform.gcc.arch) != null), enableLto ? !(stdenv.hostPlatform.isStatic || stdenv.cc.isClang), }: stdenv.mkDerivation (finalAttrs: { pname = "wolfssl-${variant}"; version = "5.9.1"; src = fetchFromGitHub { owner = "wolfSSL"; repo = "wolfssl"; tag = "v${finalAttrs.version}-stable"; hash = "sha256-FyEb94hsO2BaTEi1CJRfCsUiT1xyWCzu7Uys81g2CBE="; }; postPatch = '' patchShebangs ./scripts # ensure test detects musl-based systems too substituteInPlace scripts/ocsp-stapling2.test \ --replace '"linux-gnu"' '"linux-"' '' + lib.optionalString enableJni '' # Some tests fail when JNI is enabled sed -i '/TEST_DECL(test_wolfSSL_Tls13_ECH)/d; /TEST_DECL(test_wolfSSL_Tls13_ECH_HRR)/d; /TEST_DECL(test_TLSX_CA_NAMES_bad_extension)/d' tests/api.c sed -i '/quic/d' tests/include.am sed -i '/WOLFSSL_QUIC/,/#endif/d' tests/unit.c ''; configureFlags = [ "--enable-${variant}" "--enable-reproducible-build" ] ++ lib.optionals (variant == "all") [ # Extra feature flags to add while building the 'all' variant. # Since they conflict while building other variants, only specify them for this one. "--enable-pkcs11" "--enable-writedup" "--enable-base64encode" ] ++ [ # We're not on tiny embedded machines. # Increase TLS session cache from 33 sessions to 20k. "--enable-bigcache" # Use WolfSSL's Single Precision Math with timing-resistant cryptography. "--enable-sp=yes${ lib.optionalString (stdenv.hostPlatform.isx86_64 || stdenv.hostPlatform.isAarch) ",asm" }" "--enable-sp-math-all" "--enable-harden" ] ++ lib.optionals (stdenv.hostPlatform.isx86_64) [ # Enable AVX/AVX2/AES-NI instructions, gated by runtime detection via CPUID. "--enable-intelasm" "--enable-aesni" ] ++ lib.optionals (stdenv.hostPlatform.isAarch64) [ # No runtime detection under ARM and no platform function checks like for X86. (if enableARMCryptoExtensions then "--enable-armasm=inline" else "--disable-armasm") ] ++ lib.optionals enableJni [ "--enable-jni" ] ++ extraConfigureFlags; # Breaks tls13 tests on aarch64-darwin. hardeningDisable = lib.optionals (stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isAarch64) [ "zerocallusedregs" ]; # LTO should help with the C implementations. env.NIX_CFLAGS_COMPILE = lib.optionalString enableLto "-flto"; env.NIX_LDFLAGS_COMPILE = lib.optionalString enableLto "-flto"; # Don't attempt connections to external services in the test suite. env.WOLFSSL_EXTERNAL_TEST = "0"; outputs = [ "dev" "doc" "lib" "out" ]; nativeBuildInputs = [ autoreconfHook util-linux ]; # FAILURES: # 497: test_wolfSSL_EVP_PBE_scrypt doCheck = !stdenv.hostPlatform.isLoongArch64; nativeCheckInputs = [ openssl cacert ]; postInstall = '' # fix recursive cycle: # wolfssl-config points to dev, dev propagates bin moveToOutput bin/wolfssl-config "$dev" # moveToOutput also removes "$out" so recreate it mkdir -p "$out" ''; meta = { description = "Small, fast, portable implementation of TLS/SSL for embedded devices"; mainProgram = "wolfssl-config"; homepage = "https://www.wolfssl.com/"; changelog = "https://github.com/wolfSSL/wolfssl/releases/tag/v${finalAttrs.version}-stable"; platforms = lib.platforms.all; license = lib.licenses.gpl3Plus; maintainers = with lib.maintainers; [ fab vifino ]; }; })
pkgs/top-level/aliases.nix +1 −0 Original line number Diff line number Diff line Loading @@ -2132,6 +2132,7 @@ mapAliases { wlroots_0_17 = throw "'wlroots_0_17' has been removed in favor of newer versions"; # Added 2026-03-07 wlx-overlay-s = throw "'wlx-overlay-s' and 'wayvr-dashboard' have been merged into a single application. Please switch to 'wayvr'"; # Added 2026-01-09 wmii_hg = throw "'wmii_hg' has been renamed to/replaced by 'wmii'"; # Converted to throw 2025-10-27 wolfssl = throw "'wolfssl' has been removed because it has an unclear licensing situation and no remaining users in Nixpkgs"; # Added 2026-04-03 woof = throw "'woof' has been removed as it is broken and unmaintained upstream"; # Added 2025-09-04 worldengine-cli = throw "'worldengine-cli' has been removed because it has been marked as broken since at least November 2024."; # Added 2025-10-04 wpa_supplicant_ro_ssids = throw "'wpa_supplicant_ro_ssids' has been renamed to/replaced by 'wpa_supplicant'"; # Converted to throw 2025-10-27 Loading
