From 810abebba287e51049aff6305b87ae907f5a2615 Mon Sep 17 00:00:00 2001
From: Renaud <c0bw3b@users.noreply.github.com>
Date: Wed, 13 Nov 2019 00:05:28 +0100
Subject: [PATCH] rng-tools: 6.7 -> 6.8 (#73007)

+ run tests
+ enable jitterentropy by default
+ add c0bw3b to maintainers
---
 pkgs/tools/security/rng-tools/default.nix | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/pkgs/tools/security/rng-tools/default.nix b/pkgs/tools/security/rng-tools/default.nix
index 41faa375f83d..4238fc5be334 100644
--- a/pkgs/tools/security/rng-tools/default.nix
+++ b/pkgs/tools/security/rng-tools/default.nix
@@ -1,13 +1,12 @@
 { stdenv, fetchFromGitHub, libtool, autoreconfHook, pkgconfig
 , sysfsutils
+, argp-standalone
   # WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS
   # https://www.nist.gov/programs-projects/nist-randomness-beacon
 , curl ? null, libxml2 ? null, openssl ? null, withNistBeacon ? false
   # Systems that support RDRAND but not AES-NI require libgcrypt to use RDRAND as an entropy source
 , libgcrypt ? null, withGcrypt ? true
-  # Not sure if jitterentropy is safe to use for cryptography
-  # and thus a default entropy source
-, jitterentropy ? null, withJitterEntropy ? false
+, jitterentropy ? null, withJitterEntropy ? true
 , libp11 ? null, opensc ? null, withPkcs11 ? true
 }:
 
@@ -15,18 +14,16 @@ with stdenv.lib;
 
 stdenv.mkDerivation rec {
   pname = "rng-tools";
-  version = "6.7";
+  version = "6.8";
 
   src = fetchFromGitHub {
     owner = "nhorman";
     repo = "rng-tools";
     rev = "v${version}";
-    sha256 = "19f75m6mzg8h7b4snzg7d6ypvkz6nq32lrpi9ja95gqz4wsd18a5";
+    sha256 = "1clm9i9xg3j79q0d6vinn6dx0nwh1fvzcmkqpcbay7mwsgkknvw2";
   };
 
   postPatch = ''
-    cp README.md README
-
     ${optionalString withPkcs11 ''
       substituteInPlace rngd.c \
         --replace /usr/lib64/opensc-pkcs11.so ${opensc}/lib/opensc-pkcs11.so
@@ -42,25 +39,27 @@ stdenv.mkDerivation rec {
     (withFeature   withPkcs11        "pkcs11")
   ];
 
+  # argp-standalone is only used when libc lacks argp parsing (musl)
   buildInputs = [ sysfsutils ]
+    ++ optionals stdenv.hostPlatform.isx86_64 [ argp-standalone ]
     ++ optionals withGcrypt        [ libgcrypt ]
     ++ optionals withJitterEntropy [ jitterentropy ]
     ++ optionals withNistBeacon    [ curl libxml2 openssl ]
     ++ optionals withPkcs11        [ libp11 openssl ];
 
-  # This shouldn't be necessary but is as of 6.7
-  NIX_LDFLAGS = optionalString withPkcs11 "-lcrypto";
-
   enableParallelBuilding = true;
 
   # For cross-compilation
   makeFlags = [ "AR:=$(AR)" ];
 
+  doCheck = true;
+  preCheck = "patchShebangs tests/*.sh";
+
   meta = {
     description = "A random number generator daemon";
     homepage = https://github.com/nhorman/rng-tools;
     license = licenses.gpl2Plus;
     platforms = platforms.linux;
-    maintainers = with maintainers; [ johnazoidberg ];
+    maintainers = with maintainers; [ johnazoidberg c0bw3b ];
   };
 }