blob: aed051c4e0678ee4696f9b7a8d0eecf6b92d4b63 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
# OpenLDAP by default uses a simple shalted SHA1-hash for passwords,
# which is less than ideal.
#
# It does however include a contrib module which adds support for the
# Argon2 password hashing scheme. This overrides then OpenLDAP build
# derivation to include this module.
{ pkgs, ... }:
pkgs.openldap.overrideAttrs(old: {
buildInputs = old.buildInputs ++ [ pkgs.libsodium ];
postBuild = ''
${old.postBuild}
make $makeFlags -C contrib/slapd-modules/passwd/argon2
'';
# This is required because the Makefile for this module hardcodes
# /usr/bin/install, which is not a valid path - we want it to be
# looked up from $PATH because it is included in stdenv.
installFlags = old.installFlags ++ [ "INSTALL=install" ];
postInstall = ''
${old.postInstall}
make $installFlags install-lib -C contrib/slapd-modules/passwd/argon2
'';
})
|
