45 lines
1.1 KiB
Nix
45 lines
1.1 KiB
Nix
# Credit https://git.pvv.ntnu.no/oysteikt 2026
|
|
|
|
{
|
|
openssh,
|
|
fetchurl,
|
|
lib
|
|
}:
|
|
|
|
openssh.overrideAttrs (prev: rec {
|
|
# Old crypto was removed in v10.0
|
|
version = "9.9p2";
|
|
src = fetchurl {
|
|
url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz";
|
|
hash = "sha256-karbYD4IzChe3fll4RmdAlhfqU2ZTWyuW0Hhch4hVnM=";
|
|
};
|
|
|
|
configureFlags = prev.configureFlags ++ [
|
|
"--enable-dsa-keys"
|
|
];
|
|
|
|
# Broken patches, meant for 10.3p :p
|
|
patches = lib.filter (x: !(lib.any (suf: lib.hasSuffix suf (baseNameOf x)) [
|
|
"dont_create_privsep_path.patch"
|
|
"pkcs11-fix-pinentry.patch"
|
|
"pkcs11-tests-allow-module-path.patch"
|
|
"ssh-agent-tests-increase-timeout.patch"
|
|
])) prev.patches;
|
|
|
|
# We actually needed the `dont_create_privsep_path` one :3
|
|
postPatch = prev.postPatch + ''
|
|
substituteInPlace Makefile.in \
|
|
--replace-fail '$(MKDIR_P) -m 0755 $(DESTDIR)$(PRIVSEP_PATH)' '''
|
|
'';
|
|
|
|
# Tihi
|
|
doInstallCheck = false;
|
|
postFixup = ''
|
|
rm -rf $out/libexec $out/etc
|
|
rm $out/bin/ssh-* $out/bin/sshd $out/bin/sftp
|
|
cd $out/bin
|
|
for filename in *; do mv {,old}"$filename"; done;
|
|
'';
|
|
})
|
|
|