Merge branch 'master' into staging
This commit is contained in:
commit
0106d6b40d
@ -53,7 +53,7 @@
|
||||
|
||||
(define %dependency-variables
|
||||
;; (guix config) variables corresponding to dependencies.
|
||||
'(%libgcrypt %libz %xz %gzip %bzip2 %nix-instantiate))
|
||||
'(%libgcrypt %libz %xz %gzip %bzip2))
|
||||
|
||||
(define %persona-variables
|
||||
;; (guix config) variables that define Guix's persona.
|
||||
@ -63,17 +63,14 @@
|
||||
%guix-home-page-url))
|
||||
|
||||
(define %config-variables
|
||||
;; (guix config) variables corresponding to Guix configuration (storedir,
|
||||
;; localstatedir, etc.)
|
||||
(sort (filter pair?
|
||||
(module-map (lambda (name var)
|
||||
(and (not (memq name %dependency-variables))
|
||||
(not (memq name %persona-variables))
|
||||
(cons name (variable-ref var))))
|
||||
(resolve-interface '(guix config))))
|
||||
(lambda (name+value1 name+value2)
|
||||
(string<? (symbol->string (car name+value1))
|
||||
(symbol->string (car name+value2))))))
|
||||
;; (guix config) variables corresponding to Guix configuration.
|
||||
(letrec-syntax ((variables (syntax-rules ()
|
||||
((_)
|
||||
'())
|
||||
((_ variable rest ...)
|
||||
(cons `(variable . ,variable)
|
||||
(variables rest ...))))))
|
||||
(variables %localstatedir %storedir %sysconfdir %system)))
|
||||
|
||||
(define* (make-config.scm #:key libgcrypt zlib gzip xz bzip2
|
||||
(package-name "GNU Guix")
|
||||
@ -91,12 +88,15 @@
|
||||
%guix-version
|
||||
%guix-bug-report-address
|
||||
%guix-home-page-url
|
||||
%store-directory
|
||||
%state-directory
|
||||
%store-database-directory
|
||||
%config-directory
|
||||
%libgcrypt
|
||||
%libz
|
||||
%gzip
|
||||
%bzip2
|
||||
%xz
|
||||
%nix-instantiate))
|
||||
%xz))
|
||||
|
||||
;; XXX: Work around <http://bugs.gnu.org/15602>.
|
||||
(eval-when (expand load eval)
|
||||
@ -105,6 +105,26 @@
|
||||
#~(define-public #$name #$value)))
|
||||
%config-variables)
|
||||
|
||||
(define %store-directory
|
||||
(or (and=> (getenv "NIX_STORE_DIR") canonicalize-path)
|
||||
%storedir))
|
||||
|
||||
(define %state-directory
|
||||
;; This must match `NIX_STATE_DIR' as defined in
|
||||
;; `nix/local.mk'.
|
||||
(or (getenv "NIX_STATE_DIR")
|
||||
(string-append %localstatedir "/guix")))
|
||||
|
||||
(define %store-database-directory
|
||||
(or (getenv "NIX_DB_DIR")
|
||||
(string-append %state-directory "/db")))
|
||||
|
||||
(define %config-directory
|
||||
;; This must match `GUIX_CONFIGURATION_DIRECTORY' as
|
||||
;; defined in `nix/local.mk'.
|
||||
(or (getenv "GUIX_CONFIGURATION_DIRECTORY")
|
||||
(string-append %sysconfdir "/guix")))
|
||||
|
||||
(define %guix-package-name #$package-name)
|
||||
(define %guix-version #$package-version)
|
||||
(define %guix-bug-report-address #$bug-report-address)
|
||||
@ -122,10 +142,7 @@
|
||||
(file-append libgcrypt "/lib/libgcrypt")))
|
||||
(define %libz
|
||||
#+(and zlib
|
||||
(file-append zlib "/lib/libz")))
|
||||
|
||||
(define %nix-instantiate ;for (guix import snix)
|
||||
"nix-instantiate")))))
|
||||
(file-append zlib "/lib/libz")))))))
|
||||
|
||||
|
||||
;;;
|
||||
|
@ -160,18 +160,11 @@ AC_ARG_WITH([nix-prefix],
|
||||
esac],
|
||||
[])
|
||||
|
||||
AC_PATH_PROG([NIX_INSTANTIATE], [nix-instantiate])
|
||||
AC_PATH_PROG([NIX_HASH], [nix-hash])
|
||||
if test "x$guix_build_daemon$NIX_INSTANTIATE$NIX_HASH" = "xno"; then
|
||||
if test "x$guix_build_daemon$NIX_HASH" = "xno"; then
|
||||
AC_MSG_ERROR([Nix programs not found; please install Nix or use `--with-nix-prefix'.])
|
||||
fi
|
||||
|
||||
if test "x$NIX_INSTANTIATE" = "x"; then
|
||||
# This program is an optional dependency, so we just want it to be
|
||||
# taken from $PATH if it's not available right now.
|
||||
NIX_INSTANTIATE="nix-instantiate"
|
||||
fi
|
||||
|
||||
AC_ARG_WITH([nixpkgs],
|
||||
[AS_HELP_STRING([--with-nixpkgs=DIR],
|
||||
[search for Nixpkgs in DIR (for testing purposes only)])],
|
||||
|
@ -974,6 +974,10 @@ dist_patch_DATA = \
|
||||
%D%/packages/patches/openscenegraph-ffmpeg3.patch \
|
||||
%D%/packages/patches/opensmtpd-fix-crash.patch \
|
||||
%D%/packages/patches/openssl-runpath.patch \
|
||||
%D%/packages/patches/openssl-1.0.2-CVE-2018-0495.patch \
|
||||
%D%/packages/patches/openssl-1.0.2-CVE-2018-0732.patch \
|
||||
%D%/packages/patches/openssl-1.1.0-CVE-2018-0495.patch \
|
||||
%D%/packages/patches/openssl-1.1.0-CVE-2018-0732.patch \
|
||||
%D%/packages/patches/openssl-1.1.0-c-rehash-in.patch \
|
||||
%D%/packages/patches/openssl-c-rehash-in.patch \
|
||||
%D%/packages/patches/orpheus-cast-errors-and-includes.patch \
|
||||
@ -1068,6 +1072,7 @@ dist_patch_DATA = \
|
||||
%D%/packages/patches/python-unittest2-remove-argparse.patch \
|
||||
%D%/packages/patches/python-waitress-fix-tests.patch \
|
||||
%D%/packages/patches/qemu-glibc-2.27.patch \
|
||||
%D%/packages/patches/qemu-CVE-2018-11806.patch \
|
||||
%D%/packages/patches/qt4-ldflags.patch \
|
||||
%D%/packages/patches/qtbase-use-TZDIR.patch \
|
||||
%D%/packages/patches/qtscript-disable-tests.patch \
|
||||
|
@ -1220,7 +1220,7 @@ patches that can be used with softsynths such as Timidity and WildMidi.")
|
||||
(define-public guitarix
|
||||
(package
|
||||
(name "guitarix")
|
||||
(version "0.36.1")
|
||||
(version "0.37.1")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
@ -1228,7 +1228,7 @@ patches that can be used with softsynths such as Timidity and WildMidi.")
|
||||
version ".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1g5949jwh2n755xjs3kcbdb8a1wxr5mn0m115wdnk27dxcdn93b0"))))
|
||||
"064k0jzxqgx9gwf8za6jziansabzrwzjaim3qx1743ify5g3gaai"))))
|
||||
(build-system waf-build-system)
|
||||
(arguments
|
||||
`(#:tests? #f ; no "check" target
|
||||
|
@ -826,10 +826,12 @@ is like a time machine for your data. ")
|
||||
(license (license:fsf-free "file://COPYING"
|
||||
"Open Software License 2.0"))))
|
||||
|
||||
(define-public restic ; bundled / vendored dependencies
|
||||
(define-public restic
|
||||
(package
|
||||
(name "restic")
|
||||
(version "0.9.1")
|
||||
;; TODO Try packaging the bundled / vendored dependencies in the 'vendor/'
|
||||
;; directory.
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
|
@ -1487,14 +1487,14 @@ similar to BerkeleyDB, LevelDB, etc.")
|
||||
(define-public redis
|
||||
(package
|
||||
(name "redis")
|
||||
(version "4.0.9")
|
||||
(version "4.0.10")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "http://download.redis.io/releases/redis-"
|
||||
version".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0465bv6yxnwmas3wzg07vmrprv2pxhnr56hn5pxrybwf66y76kyz"))))
|
||||
"194cydhv3hf4v95ifvjvsqrs4jn3ffrkg5lvxj5d3y04lwsp9dhx"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
'(#:tests? #f ; tests related to master/slave and replication fail
|
||||
|
@ -34,14 +34,14 @@
|
||||
(define-public elfutils
|
||||
(package
|
||||
(name "elfutils")
|
||||
(version "0.170")
|
||||
(version "0.172")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://sourceware.org/elfutils/ftp/"
|
||||
version "/elfutils-" version ".tar.bz2"))
|
||||
(sha256
|
||||
(base32
|
||||
"0rp0r54z44is49c594qy7hr211nhb00aa5y7z74vsybbaxslg10z"))
|
||||
"090fmbnvd9jblkwhb2bm3hanim63rrvd5f30mfxq4jac6kk9k73p"))
|
||||
(patches (search-patches "elfutils-tests-ptrace.patch"))))
|
||||
(build-system gnu-build-system)
|
||||
|
||||
|
@ -1430,11 +1430,11 @@ Maps directly inside Emacs.")
|
||||
(license license:gpl3+)))
|
||||
|
||||
(define-public emacs-graphviz-dot-mode
|
||||
(let ((commit "fdaabbcc95d9156e3dadc84f81a4750c5b692580")
|
||||
(let ((commit "c456a2b65c734089e6c44e87209a5a432a741b1a")
|
||||
(revision "1"))
|
||||
(package
|
||||
(name "emacs-graphviz-dot-mode")
|
||||
(version (string-append "0.3.10-" revision "."
|
||||
(version (string-append "0.3.11-" revision "."
|
||||
(string-take commit 7)))
|
||||
(source (origin
|
||||
(method git-fetch)
|
||||
@ -1444,7 +1444,7 @@ Maps directly inside Emacs.")
|
||||
(file-name (string-append name "-" version "-checkout"))
|
||||
(sha256
|
||||
(base32
|
||||
"1s1qh5r0xp6hs0rl5yz5mkmjhpg04bh449c7vgjbb1pjsl1dl714"))))
|
||||
"0j1r2rspaakw37b0mx7pwpvdsvixq9sw3xjbww5piihzpdxz58z1"))))
|
||||
(build-system emacs-build-system)
|
||||
(arguments
|
||||
`(#:phases
|
||||
@ -2662,7 +2662,7 @@ build jobs.")
|
||||
(define-public emacs-company
|
||||
(package
|
||||
(name "emacs-company")
|
||||
(version "0.9.3")
|
||||
(version "0.9.6")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
@ -2671,7 +2671,7 @@ build jobs.")
|
||||
(file-name (string-append name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1fyrpchpdmvszssy1qmsw41aqpv6q5rybvs1bw00nv9xdhiaq4vh"))))
|
||||
"0a7zvmfvxh9w67myvcj2511ayk0fvkm06cdg38y8khnsx63jrr4k"))))
|
||||
(build-system emacs-build-system)
|
||||
(arguments
|
||||
`(#:phases
|
||||
@ -7237,7 +7237,7 @@ messaging service.")
|
||||
(define-public emacs-bash-completion
|
||||
(package
|
||||
(name "emacs-bash-completion")
|
||||
(version "2.0.0")
|
||||
(version "2.1.0")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
@ -7247,7 +7247,7 @@ messaging service.")
|
||||
(file-name (string-append name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0mkci4a1fy8z4cmry8mx5vsx4f16a8r454slnh7lqzidnhfi63hj"))))
|
||||
"1z0qck3v3ra6ivacn8n04w1v33a4xn01xx860761q31qzsv3sksq"))))
|
||||
(inputs `(("bash" ,bash)))
|
||||
(build-system emacs-build-system)
|
||||
(arguments
|
||||
@ -10893,20 +10893,20 @@ try completing. See @code{fish-completion-fallback-on-bash-p}.")
|
||||
(license license:gpl3+))))
|
||||
|
||||
(define-public emacs-gif-screencast
|
||||
(let ((commit "825e606950ec842304bf75cf85baef707b853b03"))
|
||||
(let ((commit "12b25442b97b84abae74ecb5190a9d14ff7cfe5a"))
|
||||
(package
|
||||
(name "emacs-gif-screencast")
|
||||
(version (git-version "20180309" "1" commit))
|
||||
(version (git-version "20180616" "1" commit))
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
"https://github.com/Ambrevar/emacs-gif-screencast/archive/"
|
||||
commit
|
||||
".tar.gz"))
|
||||
"https://gitlab.com/Ambrevar/emacs-gif-screencast/"
|
||||
"repository/archive.tar.gz?ref="
|
||||
commit))
|
||||
(sha256
|
||||
(base32
|
||||
"1f83sdx4qj4g6byvbdq7aayissbcy5lqm43djp8h0lq455nf7jkc"))))
|
||||
"0lc457i78xjkn5idr2aaiadkh76zcsksj84z0qh80a9y775syrgh"))))
|
||||
(build-system emacs-build-system)
|
||||
(inputs
|
||||
`(("scrot" ,scrot)
|
||||
@ -10933,7 +10933,7 @@ try completing. See @code{fish-completion-fallback-on-bash-p}.")
|
||||
("gif-screencast-optimize-program"
|
||||
(string-append imagemagick "/bin/gifsicle")))))))))
|
||||
(home-page
|
||||
"https://github.com/Ambrevar/emacs-gif-screencast")
|
||||
"https://gitlab.com/Ambrevar/emacs-gif-screencast")
|
||||
(synopsis "One-frame-per-action GIF recording")
|
||||
(description
|
||||
"Call @code{gif-screencast} to start a recording.
|
||||
@ -11217,7 +11217,22 @@ provided by other Emacs packages dealing with pass:
|
||||
(base32
|
||||
"0v66wk9nh0raih4jhrzmmyi5lbysjnmbv791vm2230ffi2hmwxnd"))))
|
||||
(build-system emacs-build-system)
|
||||
(propagated-inputs `(("imagemagick" ,imagemagick)))
|
||||
(inputs `(("imagemagick" ,imagemagick)))
|
||||
(arguments
|
||||
`(#:phases
|
||||
(modify-phases %standard-phases
|
||||
(add-after 'unpack 'configure
|
||||
(lambda* (#:key inputs outputs #:allow-other-keys)
|
||||
(let ((imagemagick (assoc-ref inputs "imagemagick")))
|
||||
;; Specify the absolute file names of the various
|
||||
;; programs so that everything works out-of-the-box.
|
||||
(chmod "image+.el" #o666)
|
||||
(emacs-substitute-variables
|
||||
"image+.el"
|
||||
("imagex-convert-command"
|
||||
(string-append imagemagick "/bin/convert"))
|
||||
("imagex-identify-command"
|
||||
(string-append imagemagick "/bin/identify")))))))))
|
||||
(home-page "https://github.com/mhayashi1120/Emacs-imagex")
|
||||
(synopsis "Image manipulation extensions for Emacs")
|
||||
(description
|
||||
|
@ -1,7 +1,7 @@
|
||||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2013 Eric Bavier <bavier@member.fsf.org>
|
||||
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
|
||||
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2016, 2018 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -30,7 +30,7 @@
|
||||
(define-public gnu-pw-mgr
|
||||
(package
|
||||
(name "gnu-pw-mgr")
|
||||
(version "2.0")
|
||||
(version "2.3.1")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
@ -38,8 +38,16 @@
|
||||
version ".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"19qvg37snfa8s06q5crx25m1r1n4l0wvfpkbdxz17q7whp0plrl6"))))
|
||||
"05vv6n5sqdswhzm21cqn8m2p6avblxl3cv7b39nqx8yxf58gi2xv"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
'(#:phases
|
||||
(modify-phases %standard-phases
|
||||
(add-after 'patch-source-shebangs 'patch-more-shebangs
|
||||
(lambda _
|
||||
(substitute* "tests/dom.test"
|
||||
(("/usr/bin/printf") (which "printf")))
|
||||
#t)))))
|
||||
(native-inputs
|
||||
`(("which" ,which)
|
||||
("autogen" ,autogen)))
|
||||
|
@ -763,14 +763,14 @@ invoking @command{notifymuch} from the post-new hook.")
|
||||
(define-public notmuch
|
||||
(package
|
||||
(name "notmuch")
|
||||
(version "0.26.2")
|
||||
(version "0.27")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://notmuchmail.org/releases/notmuch-"
|
||||
version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0fqf6wwvqlccq9qdnd0mky7fx0kbkczd28blf045s0vsvdjii70h"))))
|
||||
"0xh8vq2sa7r07xb3n13drc6gdiqhcgl0pj0za5xj43qkiwpikls0"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
`(#:modules ((guix build gnu-build-system)
|
||||
|
@ -2683,7 +2683,7 @@ for improved Amiga ProTracker 2/3 compatibility.")
|
||||
(define-public schismtracker
|
||||
(package
|
||||
(name "schismtracker")
|
||||
(version "20170910")
|
||||
(version "20180513")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
@ -2692,7 +2692,7 @@ for improved Amiga ProTracker 2/3 compatibility.")
|
||||
(file-name (string-append name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"01gfcjngbpv87y9w5jln8k313hycpkb1d617hdy2cdw2hxqzlclz"))
|
||||
"1yjfd02arb51n0vyv11qgpn6imh7hcqnc3953cbvgwb4cnrswk9f"))
|
||||
(modules '((guix build utils)))
|
||||
(snippet
|
||||
;; Remove use of __DATE__ and __TIME__ for reproducibility.
|
||||
@ -2706,7 +2706,7 @@ for improved Amiga ProTracker 2/3 compatibility.")
|
||||
`(#:phases
|
||||
(modify-phases %standard-phases
|
||||
(add-after 'unpack 'autoconf
|
||||
(lambda _ (zero? (system* "autoreconf" "-vfi"))))
|
||||
(lambda _ (invoke "autoreconf" "-vfi")))
|
||||
(add-before 'configure 'link-libm
|
||||
(lambda _ (setenv "LIBS" "-lm") #t)))))
|
||||
(native-inputs
|
||||
|
@ -100,8 +100,8 @@
|
||||
;; Note: the 'update-guix-package.scm' script expects this definition to
|
||||
;; start precisely like this.
|
||||
(let ((version "0.14.0")
|
||||
(commit "77a1aac6cccc79d7c8085762f610e22e6ebfb43b")
|
||||
(revision 12))
|
||||
(commit "7af5c2a248b6c229187fc850517c84b0917c452b")
|
||||
(revision 13))
|
||||
(package
|
||||
(name "guix")
|
||||
|
||||
@ -117,7 +117,7 @@
|
||||
(commit commit)))
|
||||
(sha256
|
||||
(base32
|
||||
"0f0agvw3fizy0aaf51vc2d1rbsvxhg6vnzgjb1n1hbyym79f17j6"))
|
||||
"06kjimcln4ydirgl05qy98kxjyx3l6brxnq1ly7wb85f73s97gix"))
|
||||
(file-name (string-append "guix-" version "-checkout"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
@ -310,11 +310,18 @@ the Nix package manager.")
|
||||
(inputs
|
||||
`(("gnutls" ,gnutls)
|
||||
("guile-git" ,guile-git)
|
||||
,@(package-inputs guix)))
|
||||
,@(fold alist-delete (package-inputs guix)
|
||||
'("boot-guile" "boot-guile/i686" "util-linux"))))
|
||||
|
||||
(propagated-inputs '())
|
||||
|
||||
(arguments
|
||||
(substitute-keyword-arguments (package-arguments guix)
|
||||
((#:configure-flags flags '())
|
||||
;; Pretend we have those libraries; we don't actually need them.
|
||||
`(append ,flags
|
||||
'("guix_cv_have_recent_guile_sqlite3=yes"
|
||||
"guix_cv_have_recent_guile_ssh=yes")))
|
||||
((#:tests? #f #f)
|
||||
#f)
|
||||
((#:phases phases '%standard-phases)
|
||||
|
215
gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch
Normal file
215
gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch
Normal file
@ -0,0 +1,215 @@
|
||||
Fix CVE-2018-0495:
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495
|
||||
https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
|
||||
|
||||
Patch copied from upstream source repository:
|
||||
|
||||
https://github.com/openssl/openssl/commit/949ff36623eafc3523a9f91784992965018ffb05
|
||||
|
||||
From 949ff36623eafc3523a9f91784992965018ffb05 Mon Sep 17 00:00:00 2001
|
||||
From: Matt Caswell <matt@openssl.org>
|
||||
Date: Fri, 25 May 2018 12:10:13 +0100
|
||||
Subject: [PATCH] Add blinding to an ECDSA signature
|
||||
|
||||
Keegan Ryan (NCC Group) has demonstrated a side channel attack on an
|
||||
ECDSA signature operation. During signing the signer calculates:
|
||||
|
||||
s:= k^-1 * (m + r * priv_key) mod order
|
||||
|
||||
The addition operation above provides a sufficient signal for a
|
||||
flush+reload attack to derive the private key given sufficient signature
|
||||
operations.
|
||||
|
||||
As a mitigation (based on a suggestion from Keegan) we add blinding to
|
||||
the operation so that:
|
||||
|
||||
s := k^-1 * blind^-1 (blind * m + blind * r * priv_key) mod order
|
||||
|
||||
Since this attack is a localhost side channel only no CVE is assigned.
|
||||
|
||||
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
||||
---
|
||||
CHANGES | 4 ++
|
||||
crypto/ecdsa/ecdsatest.c | 9 ++++-
|
||||
crypto/ecdsa/ecs_ossl.c | 82 ++++++++++++++++++++++++++++++++--------
|
||||
3 files changed, 79 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c
|
||||
index 0f301f86d9..a130fc9117 100644
|
||||
--- a/crypto/ecdsa/ecdsatest.c
|
||||
+++ b/crypto/ecdsa/ecdsatest.c
|
||||
@@ -137,7 +137,7 @@ int restore_rand(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
-static int fbytes_counter = 0;
|
||||
+static int fbytes_counter = 0, use_fake = 0;
|
||||
static const char *numbers[8] = {
|
||||
"651056770906015076056810763456358567190100156695615665659",
|
||||
"6140507067065001063065065565667405560006161556565665656654",
|
||||
@@ -158,6 +158,11 @@ int fbytes(unsigned char *buf, int num)
|
||||
int ret;
|
||||
BIGNUM *tmp = NULL;
|
||||
|
||||
+ if (use_fake == 0)
|
||||
+ return old_rand->bytes(buf, num);
|
||||
+
|
||||
+ use_fake = 0;
|
||||
+
|
||||
if (fbytes_counter >= 8)
|
||||
return 0;
|
||||
tmp = BN_new();
|
||||
@@ -199,11 +204,13 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
|
||||
/* create the key */
|
||||
if ((key = EC_KEY_new_by_curve_name(nid)) == NULL)
|
||||
goto x962_int_err;
|
||||
+ use_fake = 1;
|
||||
if (!EC_KEY_generate_key(key))
|
||||
goto x962_int_err;
|
||||
BIO_printf(out, ".");
|
||||
(void)BIO_flush(out);
|
||||
/* create the signature */
|
||||
+ use_fake = 1;
|
||||
signature = ECDSA_do_sign(digest, 20, key);
|
||||
if (signature == NULL)
|
||||
goto x962_int_err;
|
||||
diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c
|
||||
index 16d4f59b9b..1d37551803 100644
|
||||
--- a/crypto/ecdsa/ecs_ossl.c
|
||||
+++ b/crypto/ecdsa/ecs_ossl.c
|
||||
@@ -252,6 +252,7 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
|
||||
{
|
||||
int ok = 0, i;
|
||||
BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL, *order = NULL;
|
||||
+ BIGNUM *blind = NULL, *blindm = NULL;
|
||||
const BIGNUM *ckinv;
|
||||
BN_CTX *ctx = NULL;
|
||||
const EC_GROUP *group;
|
||||
@@ -269,14 +270,25 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
|
||||
}
|
||||
|
||||
ret = ECDSA_SIG_new();
|
||||
- if (!ret) {
|
||||
+ if (ret == NULL) {
|
||||
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
|
||||
return NULL;
|
||||
}
|
||||
s = ret->s;
|
||||
|
||||
- if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL ||
|
||||
- (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) {
|
||||
+ ctx = BN_CTX_new();
|
||||
+ if (ctx == NULL) {
|
||||
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ BN_CTX_start(ctx);
|
||||
+ order = BN_CTX_get(ctx);
|
||||
+ tmp = BN_CTX_get(ctx);
|
||||
+ m = BN_CTX_get(ctx);
|
||||
+ blind = BN_CTX_get(ctx);
|
||||
+ blindm = BN_CTX_get(ctx);
|
||||
+ if (blindm == NULL) {
|
||||
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
@@ -315,26 +327,70 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
|
||||
}
|
||||
}
|
||||
|
||||
- if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) {
|
||||
+ /*
|
||||
+ * The normal signature calculation is:
|
||||
+ *
|
||||
+ * s := k^-1 * (m + r * priv_key) mod order
|
||||
+ *
|
||||
+ * We will blind this to protect against side channel attacks
|
||||
+ *
|
||||
+ * s := k^-1 * blind^-1 * (blind * m + blind * r * priv_key) mod order
|
||||
+ */
|
||||
+
|
||||
+ /* Generate a blinding value */
|
||||
+ do {
|
||||
+ if (!BN_rand(blind, BN_num_bits(order) - 1, -1, 0))
|
||||
+ goto err;
|
||||
+ } while (BN_is_zero(blind));
|
||||
+ BN_set_flags(blind, BN_FLG_CONSTTIME);
|
||||
+ BN_set_flags(blindm, BN_FLG_CONSTTIME);
|
||||
+ BN_set_flags(tmp, BN_FLG_CONSTTIME);
|
||||
+
|
||||
+ /* tmp := blind * priv_key * r mod order */
|
||||
+ if (!BN_mod_mul(tmp, blind, priv_key, order, ctx)) {
|
||||
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (!BN_mod_mul(tmp, tmp, ret->r, order, ctx)) {
|
||||
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ /* blindm := blind * m mod order */
|
||||
+ if (!BN_mod_mul(blindm, blind, m, order, ctx)) {
|
||||
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ /* s : = (blind * priv_key * r) + (blind * m) mod order */
|
||||
+ if (!BN_mod_add_quick(s, tmp, blindm, order)) {
|
||||
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ /* s:= s * blind^-1 mod order */
|
||||
+ if (BN_mod_inverse(blind, blind, order, ctx) == NULL) {
|
||||
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
- if (!BN_mod_add_quick(s, tmp, m, order)) {
|
||||
+ if (!BN_mod_mul(s, s, blind, order, ctx)) {
|
||||
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
+
|
||||
+ /* s := s * k^-1 mod order */
|
||||
if (!BN_mod_mul(s, s, ckinv, order, ctx)) {
|
||||
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
+
|
||||
if (BN_is_zero(s)) {
|
||||
/*
|
||||
* if kinv and r have been supplied by the caller don't to
|
||||
* generate new kinv and r values
|
||||
*/
|
||||
if (in_kinv != NULL && in_r != NULL) {
|
||||
- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
|
||||
- ECDSA_R_NEED_NEW_SETUP_VALUES);
|
||||
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_NEED_NEW_SETUP_VALUES);
|
||||
goto err;
|
||||
}
|
||||
} else
|
||||
@@ -349,15 +405,11 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
|
||||
ECDSA_SIG_free(ret);
|
||||
ret = NULL;
|
||||
}
|
||||
- if (ctx)
|
||||
+ if (ctx != NULL) {
|
||||
+ BN_CTX_end(ctx);
|
||||
BN_CTX_free(ctx);
|
||||
- if (m)
|
||||
- BN_clear_free(m);
|
||||
- if (tmp)
|
||||
- BN_clear_free(tmp);
|
||||
- if (order)
|
||||
- BN_free(order);
|
||||
- if (kinv)
|
||||
+ }
|
||||
+ if (kinv != NULL)
|
||||
BN_clear_free(kinv);
|
||||
return ret;
|
||||
}
|
||||
--
|
||||
2.17.1
|
||||
|
50
gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch
Normal file
50
gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch
Normal file
@ -0,0 +1,50 @@
|
||||
Fix CVE-2018-0732:
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732
|
||||
|
||||
Patch copied from upstream source repository:
|
||||
|
||||
https://github.com/openssl/openssl/commit/3984ef0b72831da8b3ece4745cac4f8575b19098
|
||||
|
||||
From 3984ef0b72831da8b3ece4745cac4f8575b19098 Mon Sep 17 00:00:00 2001
|
||||
From: Guido Vranken <guidovranken@gmail.com>
|
||||
Date: Mon, 11 Jun 2018 19:38:54 +0200
|
||||
Subject: [PATCH] Reject excessively large primes in DH key generation.
|
||||
|
||||
CVE-2018-0732
|
||||
|
||||
Signed-off-by: Guido Vranken <guidovranken@gmail.com>
|
||||
|
||||
(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe)
|
||||
|
||||
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
||||
Reviewed-by: Matt Caswell <matt@openssl.org>
|
||||
(Merged from https://github.com/openssl/openssl/pull/6457)
|
||||
---
|
||||
crypto/dh/dh_key.c | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
|
||||
index 387558f146..f235e0d682 100644
|
||||
--- a/crypto/dh/dh_key.c
|
||||
+++ b/crypto/dh/dh_key.c
|
||||
@@ -130,10 +130,15 @@ static int generate_key(DH *dh)
|
||||
int ok = 0;
|
||||
int generate_new_key = 0;
|
||||
unsigned l;
|
||||
- BN_CTX *ctx;
|
||||
+ BN_CTX *ctx = NULL;
|
||||
BN_MONT_CTX *mont = NULL;
|
||||
BIGNUM *pub_key = NULL, *priv_key = NULL;
|
||||
|
||||
+ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
|
||||
+ DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
ctx = BN_CTX_new();
|
||||
if (ctx == NULL)
|
||||
goto err;
|
||||
--
|
||||
2.17.1
|
||||
|
152
gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch
Normal file
152
gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch
Normal file
@ -0,0 +1,152 @@
|
||||
Fix CVE-2018-0495:
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495
|
||||
https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
|
||||
|
||||
Patch copied from upstream source repository:
|
||||
|
||||
https://github.com/openssl/openssl/commit/0c27d793745c7837b13646302b6890a556b7017a
|
||||
|
||||
From 0c27d793745c7837b13646302b6890a556b7017a Mon Sep 17 00:00:00 2001
|
||||
From: Matt Caswell <matt@openssl.org>
|
||||
Date: Fri, 25 May 2018 12:10:13 +0100
|
||||
Subject: [PATCH] Add blinding to an ECDSA signature
|
||||
|
||||
Keegan Ryan (NCC Group) has demonstrated a side channel attack on an
|
||||
ECDSA signature operation. During signing the signer calculates:
|
||||
|
||||
s:= k^-1 * (m + r * priv_key) mod order
|
||||
|
||||
The addition operation above provides a sufficient signal for a
|
||||
flush+reload attack to derive the private key given sufficient signature
|
||||
operations.
|
||||
|
||||
As a mitigation (based on a suggestion from Keegan) we add blinding to
|
||||
the operation so that:
|
||||
|
||||
s := k^-1 * blind^-1 (blind * m + blind * r * priv_key) mod order
|
||||
|
||||
Since this attack is a localhost side channel only no CVE is assigned.
|
||||
|
||||
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
||||
---
|
||||
CHANGES | 4 +++
|
||||
crypto/ec/ecdsa_ossl.c | 70 +++++++++++++++++++++++++++++++++++++-----
|
||||
2 files changed, 67 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c
|
||||
index 72e2f0f28b..449be0e92a 100644
|
||||
--- a/crypto/ec/ecdsa_ossl.c
|
||||
+++ b/crypto/ec/ecdsa_ossl.c
|
||||
@@ -210,7 +210,8 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
|
||||
EC_KEY *eckey)
|
||||
{
|
||||
int ok = 0, i;
|
||||
- BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL;
|
||||
+ BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL, *blind = NULL;
|
||||
+ BIGNUM *blindm = NULL;
|
||||
const BIGNUM *order, *ckinv;
|
||||
BN_CTX *ctx = NULL;
|
||||
const EC_GROUP *group;
|
||||
@@ -243,8 +244,18 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
|
||||
}
|
||||
s = ret->s;
|
||||
|
||||
- if ((ctx = BN_CTX_new()) == NULL ||
|
||||
- (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) {
|
||||
+ ctx = BN_CTX_secure_new();
|
||||
+ if (ctx == NULL) {
|
||||
+ ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE);
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ BN_CTX_start(ctx);
|
||||
+ tmp = BN_CTX_get(ctx);
|
||||
+ m = BN_CTX_get(ctx);
|
||||
+ blind = BN_CTX_get(ctx);
|
||||
+ blindm = BN_CTX_get(ctx);
|
||||
+ if (blindm == NULL) {
|
||||
ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
@@ -284,18 +295,64 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
|
||||
}
|
||||
}
|
||||
|
||||
- if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) {
|
||||
+ /*
|
||||
+ * The normal signature calculation is:
|
||||
+ *
|
||||
+ * s := k^-1 * (m + r * priv_key) mod order
|
||||
+ *
|
||||
+ * We will blind this to protect against side channel attacks
|
||||
+ *
|
||||
+ * s := k^-1 * blind^-1 * (blind * m + blind * r * priv_key) mod order
|
||||
+ */
|
||||
+
|
||||
+ /* Generate a blinding value */
|
||||
+ do {
|
||||
+ if (!BN_rand(blind, BN_num_bits(order) - 1, BN_RAND_TOP_ANY,
|
||||
+ BN_RAND_BOTTOM_ANY))
|
||||
+ goto err;
|
||||
+ } while (BN_is_zero(blind));
|
||||
+ BN_set_flags(blind, BN_FLG_CONSTTIME);
|
||||
+ BN_set_flags(blindm, BN_FLG_CONSTTIME);
|
||||
+ BN_set_flags(tmp, BN_FLG_CONSTTIME);
|
||||
+
|
||||
+ /* tmp := blind * priv_key * r mod order */
|
||||
+ if (!BN_mod_mul(tmp, blind, priv_key, order, ctx)) {
|
||||
ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
- if (!BN_mod_add_quick(s, tmp, m, order)) {
|
||||
+ if (!BN_mod_mul(tmp, tmp, ret->r, order, ctx)) {
|
||||
ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
+
|
||||
+ /* blindm := blind * m mod order */
|
||||
+ if (!BN_mod_mul(blindm, blind, m, order, ctx)) {
|
||||
+ ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ /* s : = (blind * priv_key * r) + (blind * m) mod order */
|
||||
+ if (!BN_mod_add_quick(s, tmp, blindm, order)) {
|
||||
+ ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ /* s:= s * blind^-1 mod order */
|
||||
+ if (BN_mod_inverse(blind, blind, order, ctx) == NULL) {
|
||||
+ ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (!BN_mod_mul(s, s, blind, order, ctx)) {
|
||||
+ ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ /* s := s * k^-1 mod order */
|
||||
if (!BN_mod_mul(s, s, ckinv, order, ctx)) {
|
||||
ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
+
|
||||
if (BN_is_zero(s)) {
|
||||
/*
|
||||
* if kinv and r have been supplied by the caller don't to
|
||||
@@ -317,9 +374,8 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
|
||||
ECDSA_SIG_free(ret);
|
||||
ret = NULL;
|
||||
}
|
||||
+ BN_CTX_end(ctx);
|
||||
BN_CTX_free(ctx);
|
||||
- BN_clear_free(m);
|
||||
- BN_clear_free(tmp);
|
||||
BN_clear_free(kinv);
|
||||
return ret;
|
||||
}
|
||||
--
|
||||
2.17.1
|
||||
|
50
gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch
Normal file
50
gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch
Normal file
@ -0,0 +1,50 @@
|
||||
Fix CVE-2018-0732:
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732
|
||||
|
||||
Patch copied from upstream source repository:
|
||||
|
||||
https://github.com/openssl/openssl/commit/ea7abeeabf92b7aca160bdd0208636d4da69f4f4
|
||||
|
||||
From ea7abeeabf92b7aca160bdd0208636d4da69f4f4 Mon Sep 17 00:00:00 2001
|
||||
From: Guido Vranken <guidovranken@gmail.com>
|
||||
Date: Mon, 11 Jun 2018 19:38:54 +0200
|
||||
Subject: [PATCH] Reject excessively large primes in DH key generation.
|
||||
|
||||
CVE-2018-0732
|
||||
|
||||
Signed-off-by: Guido Vranken <guidovranken@gmail.com>
|
||||
|
||||
(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe)
|
||||
|
||||
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
||||
Reviewed-by: Matt Caswell <matt@openssl.org>
|
||||
(Merged from https://github.com/openssl/openssl/pull/6457)
|
||||
---
|
||||
crypto/dh/dh_key.c | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
|
||||
index fce9ff47f3..58003d7087 100644
|
||||
--- a/crypto/dh/dh_key.c
|
||||
+++ b/crypto/dh/dh_key.c
|
||||
@@ -78,10 +78,15 @@ static int generate_key(DH *dh)
|
||||
int ok = 0;
|
||||
int generate_new_key = 0;
|
||||
unsigned l;
|
||||
- BN_CTX *ctx;
|
||||
+ BN_CTX *ctx = NULL;
|
||||
BN_MONT_CTX *mont = NULL;
|
||||
BIGNUM *pub_key = NULL, *priv_key = NULL;
|
||||
|
||||
+ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
|
||||
+ DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
ctx = BN_CTX_new();
|
||||
if (ctx == NULL)
|
||||
goto err;
|
||||
--
|
||||
2.17.1
|
||||
|
105
gnu/packages/patches/qemu-CVE-2018-11806.patch
Normal file
105
gnu/packages/patches/qemu-CVE-2018-11806.patch
Normal file
@ -0,0 +1,105 @@
|
||||
Fix CVE-2018-11806:
|
||||
|
||||
https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11806
|
||||
|
||||
Patch copied from upstream source repository:
|
||||
|
||||
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=864036e251f54c99d31df124aad7f34f01f5344c
|
||||
|
||||
From 864036e251f54c99d31df124aad7f34f01f5344c Mon Sep 17 00:00:00 2001
|
||||
From: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Date: Tue, 5 Jun 2018 23:38:35 +0530
|
||||
Subject: [PATCH] slirp: correct size computation while concatenating mbuf
|
||||
|
||||
While reassembling incoming fragmented datagrams, 'm_cat' routine
|
||||
extends the 'mbuf' buffer, if it has insufficient room. It computes
|
||||
a wrong buffer size, which leads to overwriting adjacent heap buffer
|
||||
area. Correct this size computation in m_cat.
|
||||
|
||||
Reported-by: ZDI Disclosures <zdi-disclosures@trendmicro.com>
|
||||
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
||||
---
|
||||
slirp/mbuf.c | 11 +++++------
|
||||
slirp/mbuf.h | 8 +++-----
|
||||
2 files changed, 8 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/slirp/mbuf.c b/slirp/mbuf.c
|
||||
index 5ff24559fd..18cbf759a7 100644
|
||||
--- a/slirp/mbuf.c
|
||||
+++ b/slirp/mbuf.c
|
||||
@@ -138,7 +138,7 @@ m_cat(struct mbuf *m, struct mbuf *n)
|
||||
* If there's no room, realloc
|
||||
*/
|
||||
if (M_FREEROOM(m) < n->m_len)
|
||||
- m_inc(m,m->m_size+MINCSIZE);
|
||||
+ m_inc(m, m->m_len + n->m_len);
|
||||
|
||||
memcpy(m->m_data+m->m_len, n->m_data, n->m_len);
|
||||
m->m_len += n->m_len;
|
||||
@@ -147,7 +147,7 @@ m_cat(struct mbuf *m, struct mbuf *n)
|
||||
}
|
||||
|
||||
|
||||
-/* make m size bytes large */
|
||||
+/* make m 'size' bytes large from m_data */
|
||||
void
|
||||
m_inc(struct mbuf *m, int size)
|
||||
{
|
||||
@@ -158,12 +158,12 @@ m_inc(struct mbuf *m, int size)
|
||||
|
||||
if (m->m_flags & M_EXT) {
|
||||
datasize = m->m_data - m->m_ext;
|
||||
- m->m_ext = g_realloc(m->m_ext, size);
|
||||
+ m->m_ext = g_realloc(m->m_ext, size + datasize);
|
||||
m->m_data = m->m_ext + datasize;
|
||||
} else {
|
||||
char *dat;
|
||||
datasize = m->m_data - m->m_dat;
|
||||
- dat = g_malloc(size);
|
||||
+ dat = g_malloc(size + datasize);
|
||||
memcpy(dat, m->m_dat, m->m_size);
|
||||
|
||||
m->m_ext = dat;
|
||||
@@ -171,8 +171,7 @@ m_inc(struct mbuf *m, int size)
|
||||
m->m_flags |= M_EXT;
|
||||
}
|
||||
|
||||
- m->m_size = size;
|
||||
-
|
||||
+ m->m_size = size + datasize;
|
||||
}
|
||||
|
||||
|
||||
diff --git a/slirp/mbuf.h b/slirp/mbuf.h
|
||||
index 893601ff9d..33b84485d6 100644
|
||||
--- a/slirp/mbuf.h
|
||||
+++ b/slirp/mbuf.h
|
||||
@@ -33,8 +33,6 @@
|
||||
#ifndef MBUF_H
|
||||
#define MBUF_H
|
||||
|
||||
-#define MINCSIZE 4096 /* Amount to increase mbuf if too small */
|
||||
-
|
||||
/*
|
||||
* Macros for type conversion
|
||||
* mtod(m,t) - convert mbuf pointer to data pointer of correct type
|
||||
@@ -72,11 +70,11 @@ struct mbuf {
|
||||
struct mbuf *m_prevpkt; /* Flags aren't used in the output queue */
|
||||
int m_flags; /* Misc flags */
|
||||
|
||||
- int m_size; /* Size of data */
|
||||
+ int m_size; /* Size of mbuf, from m_dat or m_ext */
|
||||
struct socket *m_so;
|
||||
|
||||
- caddr_t m_data; /* Location of data */
|
||||
- int m_len; /* Amount of data in this mbuf */
|
||||
+ caddr_t m_data; /* Current location of data */
|
||||
+ int m_len; /* Amount of data in this mbuf, from m_data */
|
||||
|
||||
Slirp *slirp;
|
||||
bool resolution_requested;
|
||||
--
|
||||
2.17.1
|
||||
|
@ -260,6 +260,7 @@ required structures.")
|
||||
(define-public openssl
|
||||
(package
|
||||
(name "openssl")
|
||||
(replacement openssl/fixed)
|
||||
(version "1.0.2o")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
@ -396,6 +397,15 @@ required structures.")
|
||||
(license license:openssl)
|
||||
(home-page "https://www.openssl.org/")))
|
||||
|
||||
(define openssl/fixed
|
||||
(package
|
||||
(inherit openssl)
|
||||
(source (origin
|
||||
(inherit (package-source openssl))
|
||||
(patches (append (origin-patches (package-source openssl))
|
||||
(search-patches "openssl-1.0.2-CVE-2018-0495.patch"
|
||||
"openssl-1.0.2-CVE-2018-0732.patch")))))))
|
||||
|
||||
(define-public openssl-next
|
||||
(package
|
||||
(inherit openssl)
|
||||
@ -410,7 +420,9 @@ required structures.")
|
||||
(string-append "ftp://ftp.openssl.org/source/old/"
|
||||
(string-trim-right version char-set:letter)
|
||||
"/" name "-" version ".tar.gz")))
|
||||
(patches (search-patches "openssl-1.1.0-c-rehash-in.patch"))
|
||||
(patches (search-patches "openssl-1.1.0-c-rehash-in.patch"
|
||||
"openssl-1.1.0-CVE-2018-0495.patch"
|
||||
"openssl-1.1.0-CVE-2018-0732.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"05x509lccqjscgyi935z809pwfm708islypwhmjnb6cyvrn64daq"))))
|
||||
|
@ -98,6 +98,7 @@
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://download.qemu.org/qemu-"
|
||||
version ".tar.xz"))
|
||||
(patches (search-patches "qemu-CVE-2018-11806.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"1z66spkm1prvhbq7h5mfnp0i6mmamsb938fqmdfvyrgzc7rh34z6"))))
|
||||
|
@ -42,10 +42,9 @@
|
||||
(version "0.5.3+git20180125")
|
||||
(source (origin
|
||||
(method git-fetch)
|
||||
;; Debian's fork of w3m is the only one that is still
|
||||
;; maintained.
|
||||
;; Debian's fork of w3m is the only one that is still maintained.
|
||||
(uri (git-reference
|
||||
(url "https://anonscm.debian.org/cgit/collab-maint/w3m.git")
|
||||
(url "https://salsa.debian.org/debian/w3m.git")
|
||||
(commit (string-append "v" version))))
|
||||
(file-name (git-file-name name version))
|
||||
(sha256
|
||||
|
@ -2530,7 +2530,7 @@ It is used to cotrol the pointer with a joystick device.")
|
||||
(define-public xf86-input-mouse
|
||||
(package
|
||||
(name "xf86-input-mouse")
|
||||
(version "1.9.2")
|
||||
(version "1.9.3")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
@ -2540,7 +2540,7 @@ It is used to cotrol the pointer with a joystick device.")
|
||||
".tar.bz2"))
|
||||
(sha256
|
||||
(base32
|
||||
"0bsbgww9421792zan43j60mndqprhfxhc48agsi15d3abjqda9gl"))))
|
||||
"1iawr1wyl2qch1mqszcs0s84i92mh4xxprflnycbw1adc18b7v4k"))))
|
||||
(build-system gnu-build-system)
|
||||
(inputs `(("xorg-server" ,xorg-server)))
|
||||
(native-inputs `(("pkg-config" ,pkg-config)))
|
||||
@ -5636,7 +5636,7 @@ user-friendly mechanism to start the X server.")
|
||||
(define-public libxaw3d
|
||||
(package
|
||||
(name "libxaw3d")
|
||||
(version "1.6.2")
|
||||
(version "1.6.3")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
@ -5646,7 +5646,7 @@ user-friendly mechanism to start the X server.")
|
||||
".tar.bz2"))
|
||||
(sha256
|
||||
(base32
|
||||
"0awplv1nf53ywv01yxphga3v6dcniwqnxgnb0cn4khb121l12kxp"))))
|
||||
"0i653s8g25cc0mimkwid9366bqkbyhdyjhckx7bw77j20hzrkfid"))))
|
||||
(build-system gnu-build-system)
|
||||
(propagated-inputs
|
||||
`(("libxext" ,libxext)
|
||||
|
@ -616,9 +616,6 @@ unset PATH
|
||||
GUIX_PROFILE=/run/current-system/profile ; \\
|
||||
. /run/current-system/profile/etc/profile
|
||||
|
||||
# Prepend setuid programs.
|
||||
export PATH=/run/setuid-programs:$PATH
|
||||
|
||||
# Since 'lshd' does not use pam_env, /etc/environment must be explicitly
|
||||
# loaded when someone logs in via SSH. See <http://bugs.gnu.org/22175>.
|
||||
# We need 'PATH' to be defined here, for 'cat' and 'cut'. Do this before
|
||||
@ -645,6 +642,9 @@ do
|
||||
fi
|
||||
done
|
||||
|
||||
# Prepend setuid programs.
|
||||
export PATH=/run/setuid-programs:$PATH
|
||||
|
||||
# Arrange so that ~/.config/guix/current/share/info comes first.
|
||||
export INFOPATH=\"$HOME/.config/guix/current/share/info:$INFOPATH\"
|
||||
|
||||
|
@ -196,6 +196,20 @@ files are for HOST, a GNU triplet such as \"x86_64-linux-gnu\"."
|
||||
(unless (zero? total)
|
||||
(report-compilation #f total total)))))
|
||||
|
||||
(eval-when (eval load)
|
||||
(when (and (string=? "2" (major-version))
|
||||
(or (string=? "0" (minor-version))
|
||||
(and (string=? (minor-version) "2")
|
||||
(< (string->number (micro-version)) 4))))
|
||||
;; Work around <https://bugs.gnu.org/31878> on Guile < 2.2.4.
|
||||
;; Serialize 'try-module-autoload' calls.
|
||||
(set! (@ (guile) try-module-autoload)
|
||||
(let ((mutex (make-mutex 'recursive))
|
||||
(real (@ (guile) try-module-autoload)))
|
||||
(lambda* (module #:optional version)
|
||||
(with-mutex mutex
|
||||
(real module version)))))))
|
||||
|
||||
;;; Local Variables:
|
||||
;;; eval: (put 'with-augmented-search-path 'scheme-indent-function 2)
|
||||
;;; eval: (put 'with-target 'scheme-indent-function 1)
|
||||
|
@ -1,5 +1,5 @@
|
||||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
|
||||
;;; Copyright © 2015, 2018 Ricardo Wurmus <rekado@elephly.net>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -38,7 +38,8 @@
|
||||
(begin
|
||||
(format #t "running \"python waf\" with command ~s and parameters ~s~%"
|
||||
command params)
|
||||
(zero? (apply system* "python" "waf" command params)))
|
||||
(apply invoke "python" "waf" command params)
|
||||
#t)
|
||||
(error "no waf found")))
|
||||
|
||||
(define* (configure #:key target native-inputs inputs outputs
|
||||
|
@ -35,7 +35,6 @@
|
||||
%system
|
||||
%libgcrypt
|
||||
%libz
|
||||
%nix-instantiate
|
||||
%gzip
|
||||
%bzip2
|
||||
%xz))
|
||||
@ -95,9 +94,6 @@
|
||||
(define %libz
|
||||
"@LIBZ@")
|
||||
|
||||
(define %nix-instantiate
|
||||
"@NIX_INSTANTIATE@")
|
||||
|
||||
(define %gzip
|
||||
"@GZIP@")
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -283,7 +283,7 @@ ATTRIBUTE is true, only that attribute is considered."
|
||||
platform = (import ~a/pkgs/top-level/platforms.nix).sheevaplug;
|
||||
}" nixpkgs)))
|
||||
(apply open-pipe* OPEN_READ
|
||||
%nix-instantiate "--strict" "--eval-only" "--xml"
|
||||
"nix-instantiate" "--strict" "--eval-only" "--xml"
|
||||
|
||||
;; Pass a dummy `crossSystem' argument so that `buildInputs' and
|
||||
;; `nativeBuildInputs' are not coalesced.
|
||||
|
@ -26,9 +26,8 @@
|
||||
#:use-module (guix discovery)
|
||||
#:use-module (guix packages)
|
||||
#:use-module (guix sets)
|
||||
#:use-module (guix utils)
|
||||
#:use-module (guix modules)
|
||||
#:use-module (guix build utils)
|
||||
#:use-module ((guix build utils) #:select (find-files))
|
||||
#:use-module ((guix build compile) #:select (%lightweight-optimizations))
|
||||
#:use-module (srfi srfi-1)
|
||||
#:use-module (srfi srfi-9)
|
||||
@ -656,7 +655,7 @@ assumed to be part of MODULES."
|
||||
|
||||
(define %dependency-variables
|
||||
;; (guix config) variables corresponding to dependencies.
|
||||
'(%libgcrypt %libz %xz %gzip %bzip2 %nix-instantiate))
|
||||
'(%libgcrypt %libz %xz %gzip %bzip2))
|
||||
|
||||
(define %persona-variables
|
||||
;; (guix config) variables that define Guix's persona.
|
||||
@ -666,17 +665,14 @@ assumed to be part of MODULES."
|
||||
%guix-home-page-url))
|
||||
|
||||
(define %config-variables
|
||||
;; (guix config) variables corresponding to Guix configuration (storedir,
|
||||
;; localstatedir, etc.)
|
||||
(sort (filter pair?
|
||||
(module-map (lambda (name var)
|
||||
(and (not (memq name %dependency-variables))
|
||||
(not (memq name %persona-variables))
|
||||
(cons name (variable-ref var))))
|
||||
(resolve-interface '(guix config))))
|
||||
(lambda (name+value1 name+value2)
|
||||
(string<? (symbol->string (car name+value1))
|
||||
(symbol->string (car name+value2))))))
|
||||
;; (guix config) variables corresponding to Guix configuration.
|
||||
(letrec-syntax ((variables (syntax-rules ()
|
||||
((_)
|
||||
'())
|
||||
((_ variable rest ...)
|
||||
(cons `(variable . ,variable)
|
||||
(variables rest ...))))))
|
||||
(variables %localstatedir %storedir %sysconfdir %system)))
|
||||
|
||||
(define* (make-config.scm #:key libgcrypt zlib gzip xz bzip2
|
||||
(package-name "GNU Guix")
|
||||
@ -694,18 +690,41 @@ assumed to be part of MODULES."
|
||||
%guix-version
|
||||
%guix-bug-report-address
|
||||
%guix-home-page-url
|
||||
%store-directory
|
||||
%state-directory
|
||||
%store-database-directory
|
||||
%config-directory
|
||||
%libgcrypt
|
||||
%libz
|
||||
%gzip
|
||||
%bzip2
|
||||
%xz
|
||||
%nix-instantiate))
|
||||
%xz))
|
||||
|
||||
#$@(map (match-lambda
|
||||
((name . value)
|
||||
#~(define-public #$name #$value)))
|
||||
%config-variables)
|
||||
|
||||
(define %store-directory
|
||||
(or (and=> (getenv "NIX_STORE_DIR") canonicalize-path)
|
||||
%storedir))
|
||||
|
||||
(define %state-directory
|
||||
;; This must match `NIX_STATE_DIR' as defined in
|
||||
;; `nix/local.mk'.
|
||||
(or (getenv "NIX_STATE_DIR")
|
||||
(string-append %localstatedir "/guix")))
|
||||
|
||||
(define %store-database-directory
|
||||
(or (getenv "NIX_DB_DIR")
|
||||
(string-append %state-directory "/db")))
|
||||
|
||||
(define %config-directory
|
||||
;; This must match `GUIX_CONFIGURATION_DIRECTORY' as
|
||||
;; defined in `nix/local.mk'.
|
||||
(or (getenv "GUIX_CONFIGURATION_DIRECTORY")
|
||||
(string-append %sysconfdir "/guix")))
|
||||
|
||||
(define %guix-package-name #$package-name)
|
||||
(define %guix-version #$package-version)
|
||||
(define %guix-bug-report-address #$bug-report-address)
|
||||
@ -723,13 +742,10 @@ assumed to be part of MODULES."
|
||||
(file-append libgcrypt "/lib/libgcrypt")))
|
||||
(define %libz
|
||||
#+(and zlib
|
||||
(file-append zlib "/lib/libz")))
|
||||
|
||||
(define %nix-instantiate ;for (guix import snix)
|
||||
"nix-instantiate"))
|
||||
(file-append zlib "/lib/libz"))))
|
||||
|
||||
;; Guile 2.0 *requires* the 'define-module' to be at the
|
||||
;; top-level or it 'toplevel-ref' in the resulting .go file are
|
||||
;; top-level or the 'toplevel-ref' in the resulting .go file are
|
||||
;; made relative to a nonexistent anonymous module.
|
||||
#:splice? #t))
|
||||
|
||||
|
@ -4,12 +4,16 @@
|
||||
# Joe Hansen <joedalton2@yahoo.dk>, 2015, 2016, 2017, 2018.
|
||||
#
|
||||
# build -> kompilering
|
||||
# consider -> tag i betragtning (men mon ikke tag hensyn til eller overvej
|
||||
# er bedre)
|
||||
# derivation -> derivat
|
||||
# emit -> opret
|
||||
# garbage -> affald (spild, bedre forslag?)
|
||||
# in a row -> i træk
|
||||
# item -> element
|
||||
# replacement -> erstatning
|
||||
# specify -> angiv
|
||||
# substitut -> substitut
|
||||
# unloading -> afslutter
|
||||
#
|
||||
msgid ""
|
||||
@ -17,7 +21,7 @@ msgstr ""
|
||||
"Project-Id-Version: guix 0.15.0-pre1\n"
|
||||
"Report-Msgid-Bugs-To: ludo@gnu.org\n"
|
||||
"POT-Creation-Date: 2018-04-27 19:13+0200\n"
|
||||
"PO-Revision-Date: 2018-06-05 20:58+0200\n"
|
||||
"PO-Revision-Date: 2018-06-15 20:58+0200\n"
|
||||
"Last-Translator: joe Hansen <joedalton2@yahoo.dk>\n"
|
||||
"Language-Team: Danish <dansk@dansk-gruppen.dk>\n"
|
||||
"Language: da\n"
|
||||
@ -228,7 +232,7 @@ msgid ""
|
||||
"Consider running 'guix pull' followed by\n"
|
||||
"'~a' to get up-to-date packages and security updates.\n"
|
||||
msgstr ""
|
||||
"Overvej at afvikle »guix pull« efterfulgt af\n"
|
||||
"Tag i betragtning at afvikle »guix pull« efterfulgt af\n"
|
||||
"»~a« for at få opdaterede pakker og sikkerhedsopdateringer.\n"
|
||||
|
||||
#: guix/scripts/build.scm:81
|
||||
@ -319,7 +323,7 @@ msgid ""
|
||||
" --fallback fall back to building when the substituter fails"
|
||||
msgstr ""
|
||||
"\n"
|
||||
" --fallback fald tilbage til kompilering når erstatningen fejler"
|
||||
" --fallback fald tilbage til kompilering når substituten fejler"
|
||||
|
||||
#: guix/scripts/build.scm:353
|
||||
msgid ""
|
||||
@ -1240,7 +1244,7 @@ msgid ""
|
||||
" export GUILE_LOAD_COMPILED_PATH=$HOME/.guix-profile/lib/guile/~a/site-ccache:$GUILE_LOAD_COMPILED_PATH\n"
|
||||
"\n"
|
||||
msgstr ""
|
||||
"Guile-Git mangler men er ikke krævet af »guix pull«.\n"
|
||||
"Guile-Git mangler men er nu krævet af »guix pull«.\n"
|
||||
"Installer den ved at køre:\n"
|
||||
"\n"
|
||||
" guix package -i ~a\n"
|
||||
@ -1310,7 +1314,7 @@ msgstr "kan ikke gennemtvinge brugen af Let's Encrypt-certifikater~%"
|
||||
#: guix/scripts/pull.scm:219
|
||||
#, scheme-format
|
||||
msgid "please upgrade Guile-Git~%"
|
||||
msgstr "opgrader venligst til Guile-Git~%"
|
||||
msgstr "opgrader venligst Guile-Git~%"
|
||||
|
||||
#: guix/scripts/pull.scm:227
|
||||
#, scheme-format
|
||||
@ -1656,8 +1660,8 @@ msgid ""
|
||||
"label, you need to add @code{(title 'label)} to your @code{file-system}\n"
|
||||
"definition."
|
||||
msgstr ""
|
||||
"Hvis »~a« er et filsystem\n"
|
||||
"etiket, du skal tilføje @code{(title 'label)} til din @code{file-system}-\n"
|
||||
"Hvis »~a« er en filsystemetiket,\n"
|
||||
"skal du tilføje @code{(title 'label)} til din @code{file-system}-\n"
|
||||
"definition."
|
||||
|
||||
#: guix/scripts/system.scm:637
|
||||
@ -1678,7 +1682,7 @@ msgstr "~a blev ikke fundet: »guix pull« blev aldrig kørt~%"
|
||||
#: guix/scripts/system.scm:742
|
||||
#, scheme-format
|
||||
msgid "Consider running 'guix pull' before 'reconfigure'.~%"
|
||||
msgstr "Overvej at køre »guix pull« før »reconfigure«.~%"
|
||||
msgstr "Tag i betragtning at køre »guix pull« før »reconfigure«.~%"
|
||||
|
||||
#: guix/scripts/system.scm:743
|
||||
#, scheme-format
|
||||
@ -1706,7 +1710,7 @@ msgstr "De gyldige værdier for HANDLING er:\n"
|
||||
|
||||
#: guix/scripts/system.scm:911
|
||||
msgid " search search for existing service types\n"
|
||||
msgstr " søg søg efter eksisterende tjenestetyper\n"
|
||||
msgstr " search søg efter eksisterende tjenestetyper\n"
|
||||
|
||||
#: guix/scripts/system.scm:913
|
||||
msgid " reconfigure switch to a new operating system configuration\n"
|
||||
@ -1775,8 +1779,9 @@ msgid ""
|
||||
" instead of reading FILE, when applicable"
|
||||
msgstr ""
|
||||
"\n"
|
||||
" -e, --expression=UDTRYK overvej hvad operativsystemets UDTRYK evaluerer\n"
|
||||
" til i stedet for at læse FIL, når anvendelig"
|
||||
" -e, --expression=UDTRYK tag i betragtning hvad operativsystemets UDTRYK\n"
|
||||
" evaluerer til i stedet for at læse FIL, når\n"
|
||||
" anvendelig"
|
||||
|
||||
#: guix/scripts/system.scm:946
|
||||
msgid ""
|
||||
@ -1799,7 +1804,7 @@ msgstr ""
|
||||
"\n"
|
||||
" --file-system-type=TYPE\n"
|
||||
" for »disk-image«, lav et rodfilsystem med TYPE (typen)\n"
|
||||
" (en af »ext4«, »iso9660«)"
|
||||
" (enten »ext4« eller »iso9660«)"
|
||||
|
||||
#: guix/scripts/system.scm:953
|
||||
msgid ""
|
||||
@ -1865,7 +1870,7 @@ msgstr ""
|
||||
#: guix/scripts/system.scm:1066
|
||||
#, scheme-format
|
||||
msgid "both file and expression cannot be specified~%"
|
||||
msgstr "både fil og udtryk kan ikke angives~%"
|
||||
msgstr "fil og udtryk kan ikke angives samtidigt~%"
|
||||
|
||||
#: guix/scripts/system.scm:1073
|
||||
#, scheme-format
|
||||
@ -2354,7 +2359,7 @@ msgstr "brugeren »~a« blev ikke fundet: ~a~%"
|
||||
#: guix/scripts/publish.scm:910
|
||||
#, scheme-format
|
||||
msgid "server running as root; consider using the '--user' option!~%"
|
||||
msgstr "server kører som root; overvej at bruge tilvalget »--user«!~%"
|
||||
msgstr "server kører som root; tag i betragtning at bruge tilvalget »--user«!~%"
|
||||
|
||||
#: guix/scripts/publish.scm:915
|
||||
#, scheme-format
|
||||
@ -2427,7 +2432,7 @@ msgid ""
|
||||
" -s, --system=SYSTEM consider packages for SYSTEM--e.g., \"i686-linux\""
|
||||
msgstr ""
|
||||
"\n"
|
||||
" -s, --system=SYSTEM overvej pakker for SYSTEM--f.eks., »i686-linux«"
|
||||
" -s, --system=SYSTEM tag i betragtning pakker for SYSTEM--f.eks., »i686-linux«"
|
||||
|
||||
#. TRANSLATORS: "closure" and "self" must not be translated.
|
||||
#: guix/scripts/size.scm:238
|
||||
@ -2575,7 +2580,7 @@ msgid ""
|
||||
" -e, --expression=EXPR consider the package EXPR evaluates to"
|
||||
msgstr ""
|
||||
"\n"
|
||||
" -e, --expression=UDTRYK overvej pakken UDTRYK evaluerer til"
|
||||
" -e, --expression=UDTRYK tag i betragtning pakken UDTRYK evaluerer til"
|
||||
|
||||
#: guix/scripts/challenge.scm:191
|
||||
#, scheme-format
|
||||
@ -2771,7 +2776,7 @@ msgstr "~a: ukendt pakkeformat"
|
||||
|
||||
#: guix/scripts/weather.scm:72
|
||||
msgid "computing ~h package derivations for ~a...~%"
|
||||
msgstr "beregner ~h pakkeafledninger for ~a...~%"
|
||||
msgstr "beregner ~h pakkederivater for ~a...~%"
|
||||
|
||||
#: guix/scripts/weather.scm:161
|
||||
msgid "looking for ~h store items on ~a...~%"
|
||||
@ -2779,12 +2784,12 @@ msgstr "kigger efter ~h lagerelementer på ~a...~%"
|
||||
|
||||
#: guix/scripts/weather.scm:173
|
||||
msgid " ~2,1f% substitutes available (~h out of ~h)~%"
|
||||
msgstr " ~2,1f% erstatninger tilgængelige (~h ud af ~h)~%"
|
||||
msgstr " ~2,1f% substitutter tilgængelige (~h ud af ~h)~%"
|
||||
|
||||
#: guix/scripts/weather.scm:179
|
||||
#, scheme-format
|
||||
msgid " unknown substitute sizes~%"
|
||||
msgstr " ukendte erstatningsstørrelser~%"
|
||||
msgstr " ukendte substitutstørrelser~%"
|
||||
|
||||
#: guix/scripts/weather.scm:182
|
||||
msgid " ~,1h MiB of nars (compressed)~%"
|
||||
@ -2849,7 +2854,7 @@ msgid ""
|
||||
"Report the availability of substitutes.\n"
|
||||
msgstr ""
|
||||
"Brug: guix weather [TILVALG]\n"
|
||||
"Rapporter tilgængelighed over erstatninger.\n"
|
||||
"Rapporter tilgængelighed over substitutter.\n"
|
||||
|
||||
#: guix/scripts/weather.scm:249
|
||||
msgid ""
|
||||
@ -2859,7 +2864,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"\n"
|
||||
" --substitute-urls=ADRESSER\n"
|
||||
" kontroller for tilgængelige erstatninger på URLS\n"
|
||||
" kontroller for tilgængelige substitutter på URLS\n"
|
||||
" (ADRESSER)"
|
||||
|
||||
#: guix/scripts/weather.scm:252
|
||||
@ -2870,7 +2875,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"\n"
|
||||
" -m, --manifest=MANIFEST\n"
|
||||
" slå erstatninger op for pakker angivet i MANIFEST"
|
||||
" slå substitutter op for pakker angivet i MANIFEST"
|
||||
|
||||
#: guix/scripts/weather.scm:255
|
||||
msgid ""
|
||||
@ -2878,7 +2883,8 @@ msgid ""
|
||||
" -s, --system=SYSTEM consider substitutes for SYSTEM--e.g., \"i686-linux\""
|
||||
msgstr ""
|
||||
"\n"
|
||||
" -s, --system=SYSTEM overvej erstatninger for SYSTEM--f.eks., »i686-linux«"
|
||||
" -s, --system=SYSTEM tag i betragtning substitutter for SYSTEM--f.eks.,\n"
|
||||
"»i686-linux«"
|
||||
|
||||
#: guix/scripts/weather.scm:279
|
||||
#, scheme-format
|
||||
@ -2891,7 +2897,7 @@ msgstr "Opdater for GNU-pakker"
|
||||
|
||||
#: guix/gnu-maintenance.scm:579
|
||||
msgid "Updater for GNU packages only available via FTP"
|
||||
msgstr "Opdater kun for GNU-pakker tilgængelige via FTP"
|
||||
msgstr "Opdateringsprogram for GNU-pakker er kun tilgængelig via FTP"
|
||||
|
||||
#: guix/gnu-maintenance.scm:588
|
||||
msgid "Updater for KDE packages"
|
||||
@ -3247,7 +3253,7 @@ msgstr[1] "~:[De følgende derivater ville blive kompileret:~%~{ ~a~%~}~;~]"
|
||||
#. translated to the corresponding abbreviation.
|
||||
#: guix/ui.scm:819
|
||||
msgid "~:[~,1h MB would be downloaded:~%~{ ~a~%~}~;~]"
|
||||
msgstr "~:[D,1h MB ville blive hentet:~%~{ ~a~%~}~;~]"
|
||||
msgstr "~:[~,1h MB ville blive hentet:~%~{ ~a~%~}~;~]"
|
||||
|
||||
#: guix/ui.scm:824
|
||||
#, scheme-format
|
||||
|
11653
po/packages/da.po
11653
po/packages/da.po
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user