depot/third_party/nixpkgs/pkgs/tools/security/apg/default.nix

75 lines
2.6 KiB
Nix
Raw Normal View History

{ lib, stdenv, fetchurl, openssl }:
stdenv.mkDerivation rec {
pname = "apg";
version = "2.3.0b";
src = fetchurl {
url = "http://www.adel.nursat.kz/apg/download/apg-${version}.tar.gz";
sha256 = "14lbq81xrcsmpk1b9qmqyz7n6ypf08zcxvcvp6f7ybcyf0lj1rfi";
};
configurePhase = ''
substituteInPlace Makefile --replace /usr/local "$out"
'';
makeFlags = ["CC=${stdenv.cc.targetPrefix}cc"];
patches = [
./apg.patch
./phony-install-target.patch
];
postPatch = lib.optionalString stdenv.isDarwin ''
sed -i -e 's|APG_CLIBS += -lcrypt|APG_CLIBS += -L${openssl.out}/lib -lcrypto|' Makefile
'';
meta = {
description = "Tools for random password generation";
longDescription = ''
APG (Automated Password Generator) is the tool set for random
password generation.
Standalone version
Generates some random words of required type and prints them
to standard output.
Network version
APG server: When client's request is arrived generates some
random words of predefined type and send them to client over
the network (according to RFC0972).
APG client: Sends the password generation request to the APG
server, wait for generated Passwords arrival and then prints
them to the standard output.
Advantages
* Built-in ANSI X9.17 RNG (Random Number Generator) (CAST/SHA1)
* Built-in password quality checking system (it has support for
Bloom filter for faster access)
* Two Password Generation Algorithms:
1. Pronounceable Password Generation Algorithm (according to
NIST FIPS 181)
2. Random Character Password Generation Algorithm with 35
configurable modes of operation
* Configurable password length parameters
* Configurable amount of generated passwords
* Ability to initialize RNG with user string
* Support for /dev/random
* Ability to crypt() generated passwords and print them as
additional output
* Special parameters to use APG in script
* Ability to log password generation requests for network version
* Ability to control APG service access using tcpd
* Ability to use password generation service from any type of box
(Mac, WinXX, etc.) that connected to network
* Ability to enforce remote users to use only allowed type of
password generation
'';
homepage = "http://www.adel.nursat.kz/apg/";
license = lib.licenses.bsd3;
maintainers = with lib.maintainers; [ astsmtl ];
platforms = lib.platforms.unix;
};
}