⏲︎︎
This article or section is outdated. This page has not been edited for several years. Please remove this notice if the content is accurate. Further information might be found in the corresponding discussion. Please remove this notice once the information has been updated.

As of now (2017-07-01) the OTR plugin in Poezio is broken due to pythonPackages.pycrypto being replaced by pythonPackages.pycryptodome: https://github.com/NixOS/nixpkgs/issues/21671

Workaround

Provide original pycrypto under a new name pycrypto-original and provide this new pycrypto-original dependency to pythonPackags.potr instead of pycrypto: https://github.com/fadenb/nixpkgs/commit/30eb00638ff021803e9ef1afcb22f35636644599

From 30eb00638ff021803e9ef1afcb22f35636644599 Mon Sep 17 00:00:00 2001
From: Tristan Helmich <tristan.helmich@gmail.com>
Date: Mon, 27 Feb 2017 15:13:16 +0100
Subject: [PATCH] pycrypto-original: Init at 2.6.1

---
 .../python-modules/pycrypto-original/default.nix   | 37 ++++++++++++++++++++++
 pkgs/top-level/python-packages.nix                 |  4 ++-
 2 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 pkgs/development/python-modules/pycrypto-original/default.nix

diff --git a/pkgs/development/python-modules/pycrypto-original/default.nix b/pkgs/development/python-modules/pycrypto-original/default.nix
new file mode 100644
index 000000000000..b04251385a60
--- /dev/null
+++ b/pkgs/development/python-modules/pycrypto-original/default.nix
@@ -0,0 +1,37 @@
+{ stdenv, fetchurl, fetchpatch, python, buildPythonPackage, gmp }:
+
+buildPythonPackage rec {
+  name = "pycrypto-original-2.6.1";
+  namePrefix = "";
+
+  src = fetchurl {
+    url = "mirror://pypi/p/pycrypto/${name}.tar.gz";
+    sha256 = "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj";
+  };
+
+  patches = [
+    (fetchpatch {
+      name = "CVE-2013-7459.patch";
+      url = "https://anonscm.debian.org/cgit/collab-maint/python-crypto.git/plain/debian/patches/CVE-2013-7459.patch?h=debian/2.6.1-7";
+      sha256 = "01r7aghnchc1bpxgdv58qyi2085gh34bxini973xhy3ks7fq3ir9";
+    })
+  ];
+
+  preConfigure = ''
+    sed -i 's,/usr/include,/no-such-dir,' configure
+    sed -i "s!,'/usr/include/'!!" setup.py
+  '';
+
+  buildInputs = stdenv.lib.optional (!python.isPypy or false) gmp; # optional for pypy
+
+  doCheck = !(python.isPypy or stdenv.isDarwin); # error: AF_UNIX path too long
+
+  meta = {
+    homepage = "http://www.pycrypto.org/";
+    description = "Python Cryptography Toolkit";
+    platforms = stdenv.lib.platforms.unix;
+    knownVulnerabilities = [
+      "Unmaintained for several years"
+    ];
+  };
+}
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index 906f9b6b3919..d5b643d47140 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -256,6 +256,8 @@ in {
 
   pycrypto = callPackage ../development/python-modules/pycrypto { };
 
+  pycrypto-original = callPackage ../development/python-modules/pycrypto-original { };
+
   pycryptodome = callPackage ../development/python-modules/pycryptodome { };
 
   pyexiv2 = if (!isPy3k) then callPackage ../development/python-modules/pyexiv2 {} else throw "pyexiv2 not supported for interpreter ${python.executable}";
@@ -28731,7 +28733,7 @@ EOF
       sha256 = "1b3vjbv8hvynwj6amw3rg5zj8bagynbj0ipy09xwksf1mb0kz8m8";
     };
 
-    propagatedBuildInputs = with self ; [ pycrypto ];
+    propagatedBuildInputs = with self ; [ pycrypto-original ];
 
     meta = {
       description = "A pure Python OTR implementation";

With this patch you will need to whitelist pycrypto-original as it is marked as insecure. See the manual on "Installing insecure packages" for details.