From 36d4934c3950b5620df654a7d5731ecb7f7486ce Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sun, 28 Mar 2021 11:42:46 +0200 Subject: [PATCH 1/4] python3Packages.yara-python: init at 4.0.5 --- .../python-modules/yara-python/default.nix | 41 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 + 2 files changed, 43 insertions(+) create mode 100644 pkgs/development/python-modules/yara-python/default.nix diff --git a/pkgs/development/python-modules/yara-python/default.nix b/pkgs/development/python-modules/yara-python/default.nix new file mode 100644 index 000000000000..569bf0ef80df --- /dev/null +++ b/pkgs/development/python-modules/yara-python/default.nix @@ -0,0 +1,41 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, pytestCheckHook +, yara +}: + +buildPythonPackage rec { + pname = "yara-python"; + version = "4.0.5"; + + src = fetchFromGitHub { + owner = "VirusTotal"; + repo = "yara-python"; + rev = "v${version}"; + sha256 = "1qd0aw5p48ay77hgj0hgzpvbmq1933mknk134aqdb32036rlc5sq"; + }; + + buildInputs = [ + yara + ]; + + checkInputs = [ + pytestCheckHook + ]; + + setupPyBuildFlags = [ + "--dynamic-linking" + ]; + + pytestFlagsArray = [ "tests.py" ]; + + pythonImportsCheck = [ "yara" ]; + + meta = with lib; { + description = "Python interface for YARA"; + homepage = "https://github.com/VirusTotal/yara-python"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 68832d87e9bf..ff7099344751 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -9107,6 +9107,8 @@ in { Yapsy = callPackage ../development/python-modules/yapsy { }; + yara-python = callPackage ../development/python-modules/yara-python { }; + yarg = callPackage ../development/python-modules/yarg { }; yarl = callPackage ../development/python-modules/yarl { }; From 06514288d613a9f769618b278a811e03a9420997 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sun, 28 Mar 2021 13:15:33 +0200 Subject: [PATCH 2/4] yara: enable additional features --- pkgs/tools/security/yara/default.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/yara/default.nix b/pkgs/tools/security/yara/default.nix index 844004c3b9e5..2e34d9b333bc 100644 --- a/pkgs/tools/security/yara/default.nix +++ b/pkgs/tools/security/yara/default.nix @@ -6,8 +6,11 @@ , pkg-config , protobufc , withCrypto ? true, openssl -, enableMagic ? true, file , enableCuckoo ? true, jansson +, enableDex ? true +, enableDotNet ? true +, enableMacho ? true +, enableMagic ? true, file }: stdenv.mkDerivation rec { @@ -46,8 +49,11 @@ stdenv.mkDerivation rec { configureFlags = [ (lib.withFeature withCrypto "crypto") - (lib.enableFeature enableMagic "magic") (lib.enableFeature enableCuckoo "cuckoo") + (lib.enableFeature enableDex "dex") + (lib.enableFeature enableDotNet "dotnet") + (lib.enableFeature enableMacho "macho") + (lib.enableFeature enableMagic "magic") ]; meta = with lib; { From 1a3dce63c3599eafc0bd60f1a4be2b8f1141cff9 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sun, 11 Apr 2021 01:37:23 +0200 Subject: [PATCH 3/4] apkid: init at 2.1.1 --- pkgs/development/tools/apkid/default.nix | 44 ++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 46 insertions(+) create mode 100644 pkgs/development/tools/apkid/default.nix diff --git a/pkgs/development/tools/apkid/default.nix b/pkgs/development/tools/apkid/default.nix new file mode 100644 index 000000000000..2cb1c4e8d00d --- /dev/null +++ b/pkgs/development/tools/apkid/default.nix @@ -0,0 +1,44 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "apkid"; + version = "2.1.1"; + + src = fetchFromGitHub { + owner = "rednaga"; + repo = "APKiD"; + rev = "v${version}"; + sha256 = "1p6kdjjw2jhwr875445w43k46n6zwpz0l0phkl8d3y1v4gi5l6dx"; + }; + + propagatedBuildInputs = with python3.pkgs; [ + yara-python + ]; + + checkInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + preBuild = '' + # Prepare the YARA rules + ${python3.interpreter} prep-release.py + ''; + + postPatch = '' + # The next release will have support for later yara-python releases + substituteInPlace setup.py \ + --replace "yara-python==3.11.0" "yara-python" + ''; + + pythonImportsCheck = [ "apkid" ]; + + meta = with lib; { + description = "Android Application Identifier"; + homepage = "https://github.com/rednaga/APKiD"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 32c6eb4ee80b..6d7b461d7ea8 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -959,6 +959,8 @@ in lua = lua5_3; }; + apkid = callPackage ../development/tools/apkid { }; + apktool = callPackage ../development/tools/apktool { inherit (androidenv.androidPkgs_9_0) build-tools; }; From d549dc310c83c7397d4619f923d38fa0b5baf506 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Mon, 12 Apr 2021 19:53:11 +0200 Subject: [PATCH 4/4] yara: add maintainer --- pkgs/tools/security/yara/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/tools/security/yara/default.nix b/pkgs/tools/security/yara/default.nix index 2e34d9b333bc..506bf0f719d7 100644 --- a/pkgs/tools/security/yara/default.nix +++ b/pkgs/tools/security/yara/default.nix @@ -60,6 +60,7 @@ stdenv.mkDerivation rec { description = "The pattern matching swiss knife for malware researchers"; homepage = "http://Virustotal.github.io/yara/"; license = licenses.asl20; + maintainers = with maintainers; [ fab ]; platforms = platforms.all; }; }