uboot: (firmwareOdroidC2/C4) don't invoke patch tool, use patches = [] instead

https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/setup.sh#L948 this can do it nicely. Signed-off-by: Anton Arapov <anton@deadbeef.mx>
2021-04-03 12:58:10 +02:00 · 2021-04-03 12:58:10 +02:00 · 56de2bcd43
commit 56de2bcd43
30691 changed files with 3076956 additions and 0 deletions
--- a/pkgs/development/python-modules/signify/certificate-expiration-date.patch
+++ b/pkgs/development/python-modules/signify/certificate-expiration-date.patch
@ -0,0 +1,18 @@
+diff --git a/tests/test_authenticode.py b/tests/test_authenticode.py
+index 7e2c709..2f27e09 100644
+--- a/tests/test_authenticode.py
+++ b/tests/test_authenticode.py
+@@ -153,10 +153,12 @@ class AuthenticodeParserTestCase(unittest.TestCase):
+         """this certificate is revoked"""
+         with open(str(root_dir / "test_data" / "jameslth"), "rb") as f:
+             pefile = SignedPEFile(f)
+-            pefile.verify()
+            pefile.verify(verification_context_kwargs=
+                          {'timestamp': datetime.datetime(2021, 1, 1, tzinfo=datetime.timezone.utc)})
+
+     def test_jameslth_revoked(self):
+         """this certificate is revoked"""
+        # TODO: this certificate is now expired, so it will not show up as valid anyway
+         with open(str(root_dir / "test_data" / "jameslth"), "rb") as f:
+             pefile = SignedPEFile(f)
+             with self.assertRaises(VerificationError):
--- a/pkgs/development/python-modules/signify/default.nix
+++ b/pkgs/development/python-modules/signify/default.nix
@ -0,0 +1,54 @@
+{ lib
+, buildPythonPackage
+, pythonOlder
+, fetchFromGitHub
+, asn1crypto
+, certvalidator
+, oscrypto
+, pyasn1
+, pyasn1-modules
+, pytestCheckHook
+}:
+
+buildPythonPackage rec {
+  pname = "signify";
+  version = "0.4.0";
+  disabled = pythonOlder "3.6";
+  format = "setuptools";
+
+  src = fetchFromGitHub {
+    owner = "ralphje";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "sha256-YJc9RIqkEL7dd1ahE4IbxyyZgsZWBDqbXZAvI/nK24M=";
+  };
+
+  propagatedBuildInputs = [
+    asn1crypto
+    certvalidator
+    oscrypto
+    pyasn1
+    pyasn1-modules
+  ];
+
+  pythonImportsCheck = [
+    "signify"
+  ];
+
+  checkInputs = [
+    pytestCheckHook
+  ];
+
+  disabledTests = [
+    # chain doesn't validate because end-entitys certificate expired
+    # https://github.com/ralphje/signify/issues/27
+    "test_revoked_certificate"
+  ];
+
+  meta = with lib; {
+    homepage = "https://github.com/ralphje/signify";
+    description = "library that verifies PE Authenticode-signed binaries";
+    license = licenses.mit;
+    maintainers = with maintainers; [ baloo ];
+  };
+}