From 29afe5123001aee2539c8f5db930c964f941f478 Mon Sep 17 00:00:00 2001
From: Arthur Gautier <baloo@superbaloo.net>
Date: Thu, 31 Aug 2023 08:49:31 +0000
Subject: [PATCH] python3Packages.tpm2-pytss: disable hardening

Hardening got enabled in #246244 in a way that makes it difficult to disable for
projects to disable selectively. The fix used in #245139 (and provided upstream)
no longer works, and we need to disable hardening entirely to make `pycparser`
which is unable to handle fortify bits.

Fixes #252023.

Signed-off-by: Arthur Gautier <baloo@superbaloo.net>
---
 pkgs/development/python-modules/tpm2-pytss/default.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pkgs/development/python-modules/tpm2-pytss/default.nix b/pkgs/development/python-modules/tpm2-pytss/default.nix
index b468e499f52a..4b0f9adba51b 100644
--- a/pkgs/development/python-modules/tpm2-pytss/default.nix
+++ b/pkgs/development/python-modules/tpm2-pytss/default.nix
@@ -63,6 +63,14 @@ buildPythonPackage rec {
     sed -i "s#@TPM2_TSS@#${tpm2-tss.out}#" src/tpm2_pytss/FAPI.py
   '';
 
+  # Hardening has to be disabled
+  # due to pycparsing handling it poorly.
+  # See https://github.com/NixOS/nixpkgs/issues/252023
+  # for more details.
+  hardeningDisable = [
+    "fortify"
+  ];
+
   nativeBuildInputs = [
     cffi
     pkgconfig # this is the Python module