diff options
| author | Winter <winter@winter.cafe> | 2023-02-07 20:35:32 -0500 |
|---|---|---|
| committer | Winter <winter@winter.cafe> | 2023-02-07 23:06:11 -0500 |
| commit | b2d04c115552eea5c3b0b1e0669a3667695ae817 (patch) | |
| tree | 08a508cc21e951918707b304a0d8c975baec33d0 /pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch | |
| parent | 9d2042e4cca0048f4878ff511b3d9d87a95bafaf (diff) | |
nixos/luksroot: build pbkdf2-sha512 binary in its own derivation
Since this feature's inception, we've compiled a binary that uses OpenSSL
to perform PBKDF-SHA512 during the extra-utils build. In addition to this
being inefficient, it broke as of 6ea1a2a1be4e93f938ff084863eab1bd13292f65,
which switched the extra-utils derivation to use stdenvNoCC.
For now, I think the path of least resistence is to move the pbkdf-sha512
build to its own derivation, to fix the breakage, as well as improving
the efficiency of the extra-utils build.
(I do believe that at some point, we should revisit this binary -- perhaps
rewriting it -- as Clang even just on its default settings emits more
warnings than you'd want to see in a security-related codebase when
compiling it.)
Diffstat (limited to 'pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch')
0 files changed, 0 insertions, 0 deletions