Merge branch 'master' into core-updates
This commit is contained in:
commit
d123f2f991
@ -595,7 +595,6 @@ dist_patch_DATA = \
|
||||
%D%/packages/patches/gmp-faulty-test.patch \
|
||||
%D%/packages/patches/gnome-tweak-tool-search-paths.patch \
|
||||
%D%/packages/patches/gnucash-price-quotes-perl.patch \
|
||||
%D%/packages/patches/gnupg-test-segfault-on-32bit-arch.patch \
|
||||
%D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \
|
||||
%D%/packages/patches/gobject-introspection-cc.patch \
|
||||
%D%/packages/patches/gobject-introspection-girepository.patch \
|
||||
@ -647,7 +646,6 @@ dist_patch_DATA = \
|
||||
%D%/packages/patches/jbig2dec-ignore-testtest.patch \
|
||||
%D%/packages/patches/jq-CVE-2015-8863.patch \
|
||||
%D%/packages/patches/kdbusaddons-kinit-file-name.patch \
|
||||
%D%/packages/patches/khal-disable-failing-tests.patch \
|
||||
%D%/packages/patches/khmer-use-libraries.patch \
|
||||
%D%/packages/patches/kmod-module-directory.patch \
|
||||
%D%/packages/patches/kobodeluxe-paths.patch \
|
||||
@ -701,8 +699,6 @@ dist_patch_DATA = \
|
||||
%D%/packages/patches/libtiff-tiffcp-underflow.patch \
|
||||
%D%/packages/patches/libtool-skip-tests2.patch \
|
||||
%D%/packages/patches/libunwind-CVE-2015-3239.patch \
|
||||
%D%/packages/patches/libupnp-CVE-2016-6255.patch \
|
||||
%D%/packages/patches/libupnp-CVE-2016-8863.patch \
|
||||
%D%/packages/patches/libvpx-CVE-2016-2818.patch \
|
||||
%D%/packages/patches/libwebp-CVE-2016-9085.patch \
|
||||
%D%/packages/patches/libwmf-CAN-2004-0941.patch \
|
||||
@ -782,6 +778,7 @@ dist_patch_DATA = \
|
||||
%D%/packages/patches/openjpeg-CVE-2016-5157.patch \
|
||||
%D%/packages/patches/openjpeg-CVE-2016-7163.patch \
|
||||
%D%/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch \
|
||||
%D%/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch \
|
||||
%D%/packages/patches/openjpeg-use-after-free-fix.patch \
|
||||
%D%/packages/patches/openocd-nrf52.patch \
|
||||
%D%/packages/patches/openssl-runpath.patch \
|
||||
|
@ -84,14 +84,13 @@ data units.")
|
||||
(define-public khal
|
||||
(package
|
||||
(name "khal")
|
||||
(version "0.8.4")
|
||||
(version "0.9.0")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "khal" version))
|
||||
(patches (search-patches "khal-disable-failing-tests.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"03vy4dp9n43w51mwqjjy08dr5nj7wxqnb085visz3j43vzm42p1f"))))
|
||||
"138gxynw7zavwqqaw5nzmj8sbpkymmb95xzgxqbdi9fiiqm9kamr"))))
|
||||
(build-system python-build-system)
|
||||
(arguments
|
||||
`(#:phases (modify-phases %standard-phases
|
||||
|
@ -3,6 +3,7 @@
|
||||
;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
|
||||
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
|
||||
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -190,43 +191,30 @@ COCOMO model or user-provided parameters.")
|
||||
(define-public the-silver-searcher
|
||||
(package
|
||||
(name "the-silver-searcher")
|
||||
(version "0.32.0")
|
||||
(version "1.0.2")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
"https://github.com/ggreer/the_silver_searcher/archive/"
|
||||
"http://geoff.greer.fm/ag/releases/the_silver_searcher-"
|
||||
version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1k543cjpignwvy8avhchz8pkqrqcgcryps36ycy8mz2w5rbhicn5"))
|
||||
(file-name (string-append name "-" version ".tar.gz"))))
|
||||
"0v54himv65w294l0k4lhdyc6kvpgijn8b9g5356479fzy7hphjkg"))))
|
||||
(build-system gnu-build-system)
|
||||
(native-inputs
|
||||
`(("autoconf" ,autoconf)
|
||||
("automake" ,automake)
|
||||
("libtool" ,libtool)
|
||||
("pkg-config" ,pkg-config)))
|
||||
`(("pkg-config" ,pkg-config)))
|
||||
(inputs
|
||||
`(("pcre" ,pcre)
|
||||
("xz" ,xz)
|
||||
("zlib" ,zlib)))
|
||||
(arguments
|
||||
`(#:phases
|
||||
;; There is no configure yet, so let's create it, but let configure and
|
||||
;; make do the work in later phases.
|
||||
(alist-cons-before 'configure 'autoconf
|
||||
(lambda _
|
||||
(substitute* "build.sh"
|
||||
(("./configure") "true")
|
||||
(("make -j4") "true"))
|
||||
(zero? (system* "sh" "build.sh")))
|
||||
%standard-phases)))
|
||||
(home-page "http://geoff.greer.fm/ag/")
|
||||
(synopsis "Fast code searching tool")
|
||||
(description
|
||||
"The silver searcher, or 'ag', is tool for quickly searching through
|
||||
files, but compared to grep is much faster and respects files like .gitignore,
|
||||
.hgignore, etc.")
|
||||
"The Silver Searcher (@command{ag}) is a tool for quickly searching large
|
||||
numbers of files. It's intended primarily for source code repositories, and
|
||||
respects files like @file{.gitignore} and @file{.hgignore}. It's also an order
|
||||
of magnitude faster than its inspiration, @command{ack}, and less specialised
|
||||
tools such as @command{grep}.")
|
||||
(license license:asl2.0)))
|
||||
|
||||
(define-public trio
|
||||
|
@ -14,6 +14,7 @@
|
||||
;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
|
||||
;;; Copyright © 2016 Andy Patterson <ajpatter@uwaterloo.ca>
|
||||
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
|
||||
;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -425,6 +426,33 @@ TIMESTAMP. It also supports storage of binary large objects, including
|
||||
pictures, sounds, or video.")
|
||||
(license (x11-style "file://COPYRIGHT"))))
|
||||
|
||||
(define-public qdbm
|
||||
(package
|
||||
(name "qdbm")
|
||||
(version "1.8.78")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "http://fallabs.com/" name "/"
|
||||
name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0gmpvhn02pkq280ffmn4da1g4mdr1xxz7l80b7y4n7km1mrzwrml"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
`( #:configure-flags (list (string-append "LDFLAGS=-Wl,-rpath="
|
||||
(assoc-ref %outputs "out")
|
||||
"/lib"))))
|
||||
(home-page "http://fallabs.com/qdbm")
|
||||
(synopsis "Key-value database")
|
||||
(description "QDBM is a library of routines for managing a
|
||||
database. The database is a simple data file containing key-value
|
||||
pairs. Every key and value is serial bytes with variable length.
|
||||
Binary data as well as character strings can be used as a key or a
|
||||
value. There is no concept of data tables or data types. Records are
|
||||
organized in a hash table or B+ tree.")
|
||||
(license license:lgpl2.1+)))
|
||||
|
||||
(define-public recutils
|
||||
(package
|
||||
(name "recutils")
|
||||
@ -1050,7 +1078,7 @@ database and supports many programming languages. It is a NoSQL database.")
|
||||
(define-public wiredtiger
|
||||
(package
|
||||
(name "wiredtiger")
|
||||
(version "2.8.0")
|
||||
(version "2.9.1")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
@ -1058,7 +1086,7 @@ database and supports many programming languages. It is a NoSQL database.")
|
||||
version ".tar.bz2"))
|
||||
(sha256
|
||||
(base32
|
||||
"1qh7y5paisdxq19jgg81ld7i32lz920n5k30hdpxnr8ll9c4hgjr"))))
|
||||
"0krwnb2zfbhvjaskwl875qzd3y626s84zcciq2mxr5c5riw3yh6s"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
'(#:configure-flags '("--enable-lz4" "--enable-zlib")
|
||||
|
@ -1130,7 +1130,7 @@ as a library for other Emacs packages.")
|
||||
(define-public emacs-auctex
|
||||
(package
|
||||
(name "emacs-auctex")
|
||||
(version "11.88.6")
|
||||
(version "11.90.0")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
@ -1140,7 +1140,7 @@ as a library for other Emacs packages.")
|
||||
".tar"))
|
||||
(sha256
|
||||
(base32
|
||||
"1pmki8hdjjikxlvip3pzi350bln3gcimr27yjf0xfwjvnp5hh9nc"))))
|
||||
"04nsndwcf0dimgc2p1yzzrymc36amzdnjg0158nxplmjkzdp28gy"))))
|
||||
(build-system emacs-build-system)
|
||||
;; We use 'emacs' because AUCTeX requires dbus at compile time
|
||||
;; ('emacs-minimal' does not provide dbus).
|
||||
@ -2807,14 +2807,14 @@ be removed from the front. This type of data structure is sometimes called an
|
||||
(define-public emacs-spinner
|
||||
(package
|
||||
(name "emacs-spinner")
|
||||
(version "1.7.1")
|
||||
(version "1.7.3")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://elpa.gnu.org/packages/spinner-"
|
||||
version ".el"))
|
||||
(sha256
|
||||
(base32
|
||||
"1fmwzdih0kbyvs8bn38mpm4sbs2mikqy2vdykfy9g20wpa8vb681"))))
|
||||
"19kp1mmndbmw11sgvv2ggfjl4pyf5zrsbh3871f0965pw9z8vahd"))))
|
||||
(build-system emacs-build-system)
|
||||
(home-page "https://github.com/Malabarba/spinner.el")
|
||||
(synopsis "Emacs mode-line spinner for operations in progress")
|
||||
@ -2826,14 +2826,14 @@ ongoing operations.")
|
||||
(define-public emacs-seq
|
||||
(package
|
||||
(name "emacs-seq")
|
||||
(version "2.15")
|
||||
(version "2.19")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://elpa.gnu.org/packages/seq-"
|
||||
version ".tar"))
|
||||
(sha256
|
||||
(base32
|
||||
"09wi1765bmn7i8fg6ajjfaxgs4ipc42d58zx2fdqpidrdg9c7q73"))))
|
||||
"11hb7is6a4h1lscjcfrzh576j0g3m5yjydn16s6x5bxp5gsr6zha"))))
|
||||
(build-system emacs-build-system)
|
||||
(home-page "https://elpa.gnu.org/packages/seq.html")
|
||||
(synopsis "Sequence manipulation functions for Emacs")
|
||||
|
@ -3,6 +3,7 @@
|
||||
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
|
||||
;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
|
||||
;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -26,6 +27,7 @@
|
||||
#:use-module (guix build utils)
|
||||
#:use-module (guix build-system gnu)
|
||||
#:use-module (guix build-system cmake)
|
||||
#:use-module (guix build-system python)
|
||||
#:use-module (gnu packages base)
|
||||
#:use-module (gnu packages boost)
|
||||
#:use-module (gnu packages databases)
|
||||
@ -240,3 +242,52 @@ allow to do that off the ERiC library (which is proprietary however).
|
||||
It's not clear at the moment whether one day it will be possible to
|
||||
do so.")
|
||||
(license license:agpl3+)))
|
||||
|
||||
(define-public electrum
|
||||
(package
|
||||
(name "electrum")
|
||||
(version "2.7.12")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://download.electrum.org/"
|
||||
version "/Electrum-"
|
||||
version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0vxdfl208if7mdsnva1jg37bnay2dsz3ww157aqwcv1j6512fi1n"))
|
||||
(modules '((guix build utils)))
|
||||
(snippet
|
||||
'(begin
|
||||
;; Delete the bundled dependencies.
|
||||
(delete-file-recursively "packages")
|
||||
#t))))
|
||||
(build-system python-build-system)
|
||||
(inputs
|
||||
`(("python-slowaes" ,python2-slowaes)
|
||||
("python-sip" ,python2-sip)
|
||||
("python-pyqt" ,python2-pyqt-4)
|
||||
("python-ecdsa" ,python2-ecdsa)
|
||||
("python-pbkdf2" ,python2-pbkdf2)
|
||||
("python-requests" ,python2-requests)
|
||||
("python-qrcode" ,python2-qrcode)
|
||||
("python-protobuf" ,python2-protobuf)
|
||||
("python-dnspython" ,python2-dnspython)
|
||||
("python-jsonrpclib" ,python2-jsonrpclib)))
|
||||
(arguments
|
||||
`(#:python ,python-2
|
||||
#:phases
|
||||
(modify-phases %standard-phases
|
||||
(add-before 'build 'patch-home
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
(substitute* "setup.py"
|
||||
(("~/.local/share")
|
||||
(string-append (assoc-ref outputs "out") "/local/share"))))))))
|
||||
(home-page "https://electrum.org/")
|
||||
(synopsis "Bitcoin wallet")
|
||||
(description
|
||||
"Electrum is a lightweight Bitcoin client, based on a client-server
|
||||
protocol. It supports Simple Payment Verification (SPV) and deterministic key
|
||||
generation from a seed. Your secret keys are encrypted and are never sent to
|
||||
other machines/servers. Electrum does not download the Bitcoin blockchain.")
|
||||
(license license:expat)))
|
||||
|
@ -101,7 +101,7 @@ provided as well as the framework to add new color models and data types.")
|
||||
(("g_object_unref \\(buffer.\\);") ""))
|
||||
|
||||
(substitute* "tests/compositions/Makefile"
|
||||
(("/bin/sh") (which "bash"))))
|
||||
(("/bin/sh") (which "sh"))))
|
||||
%standard-phases)))
|
||||
(inputs
|
||||
`(("babl" ,babl)
|
||||
|
@ -217,18 +217,14 @@ compatible to GNU Pth.")
|
||||
(define-public gnupg
|
||||
(package
|
||||
(name "gnupg")
|
||||
(version "2.1.17")
|
||||
(version "2.1.18")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://gnupg/gnupg/gnupg-" version
|
||||
".tar.bz2"))
|
||||
(sha256
|
||||
(base32
|
||||
"1js308b46ifx1gim0c9nivr5yxhans7iq1yvkf7zl2928gdm9p65"))
|
||||
(patches
|
||||
;; This fixes a test failure on 32bit. Remove for next version.
|
||||
;; https://lists.gnu.org/archive/html/guix-devel/2016-12/msg00869.html
|
||||
(search-patches "gnupg-test-segfault-on-32bit-arch.patch"))))
|
||||
"157rrv3ly9j2k0acz43nhiba5hfl6h7048jvj55wwqjmgsmnyk6h"))))
|
||||
(build-system gnu-build-system)
|
||||
(native-inputs
|
||||
`(("pkg-config" ,pkg-config)))
|
||||
@ -310,7 +306,7 @@ libskba (working with X.509 certificates and CMS data).")
|
||||
(add-before 'configure 'patch-config-files
|
||||
(lambda _
|
||||
(substitute* "tests/openpgp/Makefile.in"
|
||||
(("/bin/sh") (which "bash")))
|
||||
(("/bin/sh") (which "sh")))
|
||||
#t))
|
||||
(add-after 'install 'rename-v2-commands
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
@ -349,7 +345,7 @@ libskba (working with X.509 certificates and CMS data).")
|
||||
(add-after 'unpack 'patch-check-sh
|
||||
(lambda _
|
||||
(substitute* "checks/Makefile.in"
|
||||
(("/bin/sh") (which "bash"))))))))))
|
||||
(("/bin/sh") (which "sh"))))))))))
|
||||
|
||||
(define-public gpgme
|
||||
(package
|
||||
@ -573,7 +569,7 @@ PGP keysigning parties.")
|
||||
(substitute* "keyanalyze/Makefile"
|
||||
(("./configure") (string-append "./configure --prefix=" out)))
|
||||
(substitute* "keyanalyze/pgpring/configure"
|
||||
(("/bin/sh") (which "bash")))
|
||||
(("/bin/sh") (which "sh")))
|
||||
(substitute* "gpgwrap/Makefile"
|
||||
(("\\} clean")
|
||||
(string-append "} clean\ninstall:\n\tinstall -D bin/gpgwrap "
|
||||
|
@ -342,28 +342,38 @@ standards.")
|
||||
(mozilla-patch "icecat-CVE-2016-9893-pt7.patch" "9b78ab1e6d07" "19ib6bp96xk000ll40b8qxvizkncyzclz2rsb9w5fa42qs9978ff")
|
||||
(mozilla-patch "icecat-CVE-2016-9893-pt8.patch" "78ebf9c9dfb0" "1shgr4rk6r2zxr1qqk1j3qnnqzqxnbi093qhlrfh8q5q1ivqf6k1")
|
||||
(mozilla-patch "icecat-CVE-2016-9893-pt9.patch" "a46a9f16823c" "0dwkyz3kcqnfcbhbfh2lss7s0yh87rgzb871qxx3x4ynyqph9mnz")
|
||||
(mozilla-patch "icecat-bug-1311687.patch" "6bc7cc7a33a6" "1wggcqv84n8mp7xps7hy4rwy61fkh45imfqzc0b46s3w5hyhypn2")
|
||||
(mozilla-patch "icecat-CVE-2017-5376.patch" "6bc7cc7a33a6" "1wggcqv84n8mp7xps7hy4rwy61fkh45imfqzc0b46s3w5hyhypn2")
|
||||
(mozilla-patch "icecat-CVE-2016-9893-pt10.patch" "778f65148b40" "0j2a153sk0654vv2lnxjib4lwml3mlqn6vs46c2pp82iba8nyfrm")
|
||||
(mozilla-patch "icecat-CVE-2016-9895.patch" "94bd2b43c766" "10h0qpr6m9cqyqxxnkbb6mzb3cagavzlynkxgd7a4izyq1bv28rk")
|
||||
(mozilla-patch "icecat-CVE-2016-9893-pt11.patch" "893de7431d51" "11gyik8mwipl6ipypkvdq519pw7ccbg0g0bnvxb7271n44cqqcq5")
|
||||
(mozilla-patch "icecat-bug-1323338.patch" "b21dee058b2c" "005khpimffqzas7slajid4dd2c15nyk7rjk6fsps87bgnx0gx0s4")
|
||||
(mozilla-patch "icecat-CVE-2017-5383-pt1.patch" "b21dee058b2c" "005khpimffqzas7slajid4dd2c15nyk7rjk6fsps87bgnx0gx0s4")
|
||||
(mozilla-patch "icecat-bug-1258410-pt1.patch" "cd23c5d74be8" "1myzkpzg6pmjacjz8az06m9kz84in1mwsiaw5sgx47pm02598wm5")
|
||||
(mozilla-patch "icecat-bug-1258410-pt2.patch" "b83594617d15" "171cqflc9jh47az96im1whwhyq4ayicspqsczsmn2x5ll9lqw5fq")
|
||||
(mozilla-patch "icecat-bug-1322107.patch" "d6c6f5e4e641" "10x9f46ylm2q3i669hj1csd6agdm8w7xa0iln691z8ayg2hcrxdz")
|
||||
(mozilla-patch "icecat-bug-1285833.patch" "122f5fbfc563" "05pp2f4pg4j8a8pdgjhfrc8g2chhkhsarn9n8sbyag0fy3ig1cvd")
|
||||
(mozilla-patch "icecat-bug-1297361.patch" "297c675ddadc" "1jc1b5i69vq1fvz3qfnnv52c9cj17bjbmfyzmqlw5ywna0wfvabz")
|
||||
(mozilla-patch "icecat-bug-1325877.patch" "3cff736e3bb6" "1nxqwnl9zksvkfkmis7zica4xrhwfndjyy2sxc1dvrh9rshk1swq")
|
||||
(mozilla-patch "icecat-bug-1285960.patch" "2732280adabc" "0zrpq3aybaw2yy38vs6883a4nw01x4kxn3lfqn9yhcgjvngmmyia")
|
||||
(mozilla-patch "icecat-bug-1325938.patch" "81c9fdbd96e8" "0scv1zyi4vbsjdsyj4w70n5jd50baq0dzw3qpxqf1n69nfb9k214")
|
||||
(mozilla-patch "icecat-bug-1322420.patch" "a386ca6a3013" "1m1scz2pxzmg9wya8is5dcr3mgvkx3g1xlykgigmw2mqs5zcdg9s")
|
||||
(mozilla-patch "icecat-bug-1328834.patch" "0521b0e4707c" "1mv057p4hcvapibpbd9apryag19aiqdzafc6df2angl97m4mcbjx")
|
||||
(mozilla-patch "icecat-CVE-2017-5380.patch" "d6c6f5e4e641" "10x9f46ylm2q3i669hj1csd6agdm8w7xa0iln691z8ayg2hcrxdz")
|
||||
(mozilla-patch "icecat-CVE-2017-5373-pt1.patch" "122f5fbfc563" "05pp2f4pg4j8a8pdgjhfrc8g2chhkhsarn9n8sbyag0fy3ig1cvd")
|
||||
(mozilla-patch "icecat-CVE-2017-5390.patch" "297c675ddadc" "1jc1b5i69vq1fvz3qfnnv52c9cj17bjbmfyzmqlw5ywna0wfvabz")
|
||||
(mozilla-patch "icecat-CVE-2017-5373-pt2.patch" "3cff736e3bb6" "1nxqwnl9zksvkfkmis7zica4xrhwfndjyy2sxc1dvrh9rshk1swq")
|
||||
(mozilla-patch "icecat-CVE-2017-5373-pt3.patch" "2732280adabc" "0zrpq3aybaw2yy38vs6883a4nw01x4kxn3lfqn9yhcgjvngmmyia")
|
||||
(mozilla-patch "icecat-CVE-2017-5373-pt4.patch" "81c9fdbd96e8" "0scv1zyi4vbsjdsyj4w70n5jd50baq0dzw3qpxqf1n69nfb9k214")
|
||||
(mozilla-patch "icecat-CVE-2017-5373-pt5.patch" "a386ca6a3013" "1m1scz2pxzmg9wya8is5dcr3mgvkx3g1xlykgigmw2mqs5zcdg9s")
|
||||
(mozilla-patch "icecat-CVE-2017-5373-pt6.patch" "0521b0e4707c" "1mv057p4hcvapibpbd9apryag19aiqdzafc6df2angl97m4mcbjx")
|
||||
(mozilla-patch "icecat-bug-1290037.patch" "bf0dd9ae6807" "02iw5ngsvvij95arnn69a744d6si27g1x41ixg16l51dbn900b3r")
|
||||
(mozilla-patch "icecat-bug-1322666.patch" "576f03e362c5" "0m88xs0jwhzx2lg12cvimxjknp7rpsvvhxxblhiqqjwnqip0pyc0")
|
||||
(mozilla-patch "icecat-bug-1304266.patch" "4d82e7314a72" "1rrrw4rw0xv7c2myiypcqh1fk47rk3fvic79zh6m04bl3knclr1r")
|
||||
(mozilla-patch "icecat-bug-1322315.patch" "0617dd4b444d" "1ipags2cl2p521pm0qx110h5di2mgif6h1r3g8l9b0rc5m9b1y2j")
|
||||
(mozilla-patch "icecat-bug-1325200.patch" "ead08c2a6c57" "1nnnwdr7411xpz6n9j869g6sz447cq6xsmds9cw6d24iprcinp5m")
|
||||
(mozilla-patch "icecat-bug-1312001.patch" "c5e67d41bdd0" "05kwn5zv381lsiw9vbzm8fh6s1lddx47l8f4pwg487h9dj7vbdfq")
|
||||
(mozilla-patch "icecat-bug-1331058.patch" "2ce94f2ea797" "1yrnjqpafjns68z99s1m6jins3agid7c1z3v9qgk5xzfcddl31pn")))
|
||||
(mozilla-patch "icecat-CVE-2017-5373-pt7.patch" "0617dd4b444d" "1ipags2cl2p521pm0qx110h5di2mgif6h1r3g8l9b0rc5m9b1y2j")
|
||||
(mozilla-patch "icecat-CVE-2017-5375.patch" "ead08c2a6c57" "1nnnwdr7411xpz6n9j869g6sz447cq6xsmds9cw6d24iprcinp5m")
|
||||
(mozilla-patch "icecat-CVE-2017-5378-pt1.patch" "c5e67d41bdd0" "05kwn5zv381lsiw9vbzm8fh6s1lddx47l8f4pwg487h9dj7vbdfq")
|
||||
(mozilla-patch "icecat-CVE-2017-5373-pt8.patch" "2ce94f2ea797" "1yrnjqpafjns68z99s1m6jins3agid7c1z3v9qgk5xzfcddl31pn")
|
||||
(mozilla-patch "icecat-CVE-2017-5373-pt9.patch" "e4ac8a66d3db" "1ggbh6nk005plm7kvp7qznbnlpidqkipxc5hlaqbjc3m0z9mypzl")
|
||||
(mozilla-patch "icecat-CVE-2017-5386.patch" "8c171b75a0c6" "1cplkgwkhqvb62q7s8cya2drjdswnlicv5d9a60fxvnp6m7a3z02")
|
||||
(mozilla-patch "icecat-CVE-2017-5383-pt2.patch" "79a31d8153bf" "0dzwk2hc741c0jr8xya4y8q59lk8mcgnvfdrdk0vzq1gby16b9zi")
|
||||
(mozilla-patch "icecat-CVE-2017-5378-pt2.patch" "747085a1cd93" "0rpc8hl0jka4akdjnlwya4x9v4pqa1r5vc4pkmxsgvqpp2vkq4m2")
|
||||
(mozilla-patch "icecat-bug-1331606.patch" "f0329536734b" "1br5shyfwp009y623wgjq60vhcp5k5zpzkgy4r3s5yrm5xyfcprf")
|
||||
(mozilla-patch "icecat-bug-1328642.patch" "237c1ca6e035" "0808g5j17var6wv6ivj08i43fwkga9abmmgmz5w3hb8mhajkjw58")
|
||||
(mozilla-patch "icecat-CVE-2017-5396.patch" "910ad552cbf5" "1qss3gc6n4myzwvwanc09xvyiq3hwhixn2xvpbk9xkfz2apdlfa6")
|
||||
(mozilla-patch "icecat-bug-1312827.patch" "5c894801eb1e" "03xyjwx9rfx5w7q6wq9if83fcfgrlvvbyxpsawzxxgybnizyy7g8")
|
||||
(mozilla-patch "icecat-bug-1191841.patch" "83ee87b301bd" "1kd9z4py372a2f1jg7jwvwri43vipf0k7lcvsg7b0cqr5p70zwcg")
|
||||
(mozilla-patch "icecat-bug-1234317.patch" "eb6f18dbfe8d" "1dh3263fvg3dxav09g6fn41ax4q1jmwp5fk6pl6shn16mrfha1qq")))
|
||||
(modules '((guix build utils)))
|
||||
(snippet
|
||||
'(begin
|
||||
|
@ -925,14 +925,14 @@ Guile's foreign function interface.")
|
||||
(define-public haunt
|
||||
(package
|
||||
(name "haunt")
|
||||
(version "0.2")
|
||||
(version "0.2.1")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://files.dthompson.us/haunt/haunt-"
|
||||
version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1id83n8fs7jxys1d8jy70vylg8gzcvlw1y7hb41y3qxv5zi4671m"))))
|
||||
"1fpaf1vm6s7j13fs35barjh5yajcc2rc3pi8r7278wpgp4i2vs3w"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
`(#:modules ((ice-9 match) (ice-9 ftw)
|
||||
@ -962,7 +962,8 @@ Guile's foreign function interface.")
|
||||
(inputs
|
||||
`(("guile" ,guile-2.0)))
|
||||
(propagated-inputs
|
||||
`(("guile-reader" ,guile-reader)))
|
||||
`(("guile-reader" ,guile-reader)
|
||||
("guile-commonmark" ,guile-commonmark)))
|
||||
(synopsis "Functional static site generator")
|
||||
(description "Haunt is a static site generator written in Guile
|
||||
Scheme. Haunt features a functional build system and an extensible
|
||||
|
@ -498,7 +498,8 @@ error-resilience, a Java-viewer for j2k-images, ...")
|
||||
(base32
|
||||
"19yz4g0c45sm8y1z01j9djsrl1mkz3pmw7fykc6hkvrqymp7prsc"))
|
||||
(patches
|
||||
(search-patches "openjpeg-CVE-2016-9850-CVE-2016-9851.patch"))))))
|
||||
(search-patches "openjpeg-CVE-2016-9850-CVE-2016-9851.patch"
|
||||
"openjpeg-CVE-2016-9572-CVE-2016-9573.patch"))))))
|
||||
|
||||
(define-public openjpeg-1
|
||||
(package (inherit openjpeg)
|
||||
|
@ -337,7 +337,7 @@ build process and its dependencies, whereas Make uses Makefile format.")
|
||||
(define-public icedtea-6
|
||||
(package
|
||||
(name "icedtea")
|
||||
(version "1.13.12")
|
||||
(version "1.13.13")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
@ -345,7 +345,7 @@ build process and its dependencies, whereas Make uses Makefile format.")
|
||||
version ".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1q5iqm3dzqj8w3dwj6qqhczkkrslrfhmn3110klfwq9kyi2nimj8"))
|
||||
"0bg9sb4f7qbq77c0zf9m17p47ga0kf0r9622g9p12ysg26jd1ksg"))
|
||||
(modules '((guix build utils)))
|
||||
(snippet
|
||||
'(substitute* "Makefile.in"
|
||||
@ -764,10 +764,10 @@ build process and its dependencies, whereas Make uses Makefile format.")
|
||||
("openjdk6-src"
|
||||
,(origin
|
||||
(method url-fetch)
|
||||
(uri "https://java.net/downloads/openjdk6/openjdk-6-src-b40-22_aug_2016.tar.gz")
|
||||
(uri "https://java.net/downloads/openjdk6/openjdk-6-src-b41-04_jan_2017.tar.xz")
|
||||
(sha256
|
||||
(base32
|
||||
"01v4q7g9pa6w7m6yxply5yrin08jgv12fck665xnmp09bpxy8sa5"))))
|
||||
"058szix0j280g14jzajvsixx1j2dxmc10r848f5swpy6rr8x8d4f"))))
|
||||
("lcms" ,lcms)
|
||||
("zlib" ,zlib)
|
||||
("gtk" ,gtk+-2)
|
||||
|
@ -26,17 +26,15 @@
|
||||
(define-public libupnp
|
||||
(package
|
||||
(name "libupnp")
|
||||
(version "1.6.20")
|
||||
(version "1.6.21")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://sourceforge/pupnp/pupnp/libUPnP%20"
|
||||
version "/" name "-" version ".tar.bz2"))
|
||||
(patches (search-patches "libupnp-CVE-2016-6255.patch"
|
||||
"libupnp-CVE-2016-8863.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"0qrsdsb1qm85hc4jy04qph895613d148f0x1mmk6z99y3q43fdgf"))))
|
||||
"16x3z6jg1krwyydmbd0z59z5c9x4pniaajmfmnp5pmx18q43qgxg"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
;; The tests require a network device capable of multicasting which is
|
||||
|
@ -90,7 +90,7 @@
|
||||
#:select (gpl2 gpl2+ gpl3 gpl3+ lgpl2.1 lgpl2.1+ lgpl3+
|
||||
non-copyleft (expat . license:expat) bsd-3
|
||||
public-domain bsd-4 isc (openssl . license:openssl)
|
||||
bsd-2))
|
||||
bsd-2 x11-style))
|
||||
#:use-module (guix packages)
|
||||
#:use-module (guix download)
|
||||
#:use-module (guix git-download)
|
||||
@ -733,6 +733,27 @@ provides an API for C language. It's the low-level API used by MailCore and
|
||||
MailCore 2.")
|
||||
(license (non-copyleft "file://COPYING"))))
|
||||
|
||||
(define-public compface
|
||||
(package
|
||||
(name "compface")
|
||||
(version "1.5.2")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://ftp.heanet.ie/mirrors/"
|
||||
"ftp.xemacs.org/aux/"
|
||||
name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"09b89wg63hg502hsz592cd2h87wdprb1dq1k1y07n89hym2q56d6"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
`(#:tests? #f))
|
||||
(synopsis "Portrait image compressor")
|
||||
(description "This packages takes your 48x48x1 portrait image and
|
||||
compresses it.")
|
||||
(home-page "http://www.cs.indiana.edu/pub/faces/")
|
||||
(license (x11-style "file://README"))))
|
||||
|
||||
(define-public claws-mail
|
||||
(package
|
||||
(name "claws-mail")
|
||||
@ -1536,10 +1557,10 @@ powerful user customization features.")
|
||||
"contrib/mmuegel" "devtools/bin/configure.sh")
|
||||
(find-files "." ".*\\.m4")
|
||||
(find-files "." ".*\\.cf"))
|
||||
(("/bin/sh") (which "bash")))
|
||||
(("/bin/sh") (which "sh")))
|
||||
|
||||
(substitute* "devtools/bin/Build"
|
||||
(("SHELL=/bin/sh") (string-append "SHELL=" (which "bash"))))
|
||||
(("SHELL=/bin/sh") (string-append "SHELL=" (which "sh"))))
|
||||
#t))
|
||||
(replace 'configure
|
||||
(lambda _
|
||||
|
@ -825,7 +825,7 @@ connect with friends and family without anyone else listening in.")
|
||||
(("mkdir -p \\$\\{DESTDIR\\}/usr") "")
|
||||
(("/usr/local") "")
|
||||
(("/usr") "")
|
||||
(("#!/bin/sh") (string-append "#!" (which "bash")))
|
||||
(("#!/bin/sh") (string-append "#!" (which "sh")))
|
||||
(("python2") (which "python"))
|
||||
(("/opt/openssl-compat-bitcoin/lib/")
|
||||
(string-append (assoc-ref inputs "openssl") "/lib/")))
|
||||
|
@ -64,7 +64,7 @@
|
||||
"lib/internal/v8_prof_polyfill.js"
|
||||
"test/parallel/test-stdio-closed.js")
|
||||
(("'/bin/sh'")
|
||||
(string-append "'" (which "bash") "'")))
|
||||
(string-append "'" (which "sh") "'")))
|
||||
|
||||
;; Fix hardcoded /usr/bin/env references.
|
||||
(substitute* '("test/parallel/test-child-process-default-options.js"
|
||||
|
@ -90,7 +90,7 @@
|
||||
(substitute* '("src/mp3track.cc"
|
||||
"src/streamtrack.cc"
|
||||
"src/oggtrack.cc")
|
||||
(("/bin/sh") (which "bash")))
|
||||
(("/bin/sh") (which "sh")))
|
||||
#t)))))
|
||||
(home-page "http://thekonst.net/en/orpheus")
|
||||
(synopsis "Text-mode audio player")
|
||||
|
@ -1,40 +0,0 @@
|
||||
This fixes a segfault on 32-bit architectures. Upstream discussion:
|
||||
|
||||
https://lists.gnupg.org/pipermail/gnupg-devel/2016-December/032364.html
|
||||
|
||||
Guix thread: https://lists.gnu.org/archive/html/guix-devel/2016-12/msg00631.html
|
||||
|
||||
Patch copied from upstream source repository:
|
||||
|
||||
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=6e96cdd41a0e55b672309431062f37c4a4a9f485
|
||||
|
||||
From 6e96cdd41a0e55b672309431062f37c4a4a9f485 Mon Sep 17 00:00:00 2001
|
||||
From: Justus Winter <justus@g10code.com>
|
||||
Date: Wed, 21 Dec 2016 16:14:45 +0100
|
||||
Subject: [PATCH] gpgscm: Guard use of union member.
|
||||
|
||||
* tests/gpgscm/scheme.c (opexe_5): Check that we have a file port
|
||||
before accessing filename. Fixes a crash on 32-bit architectures.
|
||||
|
||||
Fixes-commit: e7429b1ced0c69fa7901f888f8dc25f00fc346a4
|
||||
Signed-off-by: Justus Winter <justus@g10code.com>
|
||||
---
|
||||
tests/gpgscm/scheme.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/tests/gpgscm/scheme.c b/tests/gpgscm/scheme.c
|
||||
index a5b7691..2844545 100644
|
||||
--- a/tests/gpgscm/scheme.c
|
||||
+++ b/tests/gpgscm/scheme.c
|
||||
@@ -4838,7 +4838,7 @@ static pointer opexe_5(scheme *sc, enum scheme_opcodes op) {
|
||||
} else {
|
||||
sc->nesting_stack[sc->file_i]++;
|
||||
#if USE_TAGS && SHOW_ERROR_LINE
|
||||
- {
|
||||
+ if (sc->load_stack[sc->file_i].kind & port_file) {
|
||||
const char *filename =
|
||||
sc->load_stack[sc->file_i].rep.stdio.filename;
|
||||
int lineno =
|
||||
--
|
||||
2.8.0.rc3
|
||||
|
@ -1,33 +0,0 @@
|
||||
Disable some tests that are known to fail:
|
||||
|
||||
https://github.com/pimutils/khal/issues/546
|
||||
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844081
|
||||
|
||||
diff --git a/tests/khalendar_test.py b/tests/khalendar_test.py
|
||||
index fd8dcc6..17732bf 100644
|
||||
--- a/tests/khalendar_test.py
|
||||
+++ b/tests/khalendar_test.py
|
||||
@@ -65,6 +65,7 @@ class TestCalendar(object):
|
||||
else:
|
||||
mtimes[cal] = mtime
|
||||
|
||||
+ @pytest.mark.xfail
|
||||
def test_db_needs_update(self, coll_vdirs):
|
||||
coll, vdirs = coll_vdirs
|
||||
|
||||
@@ -321,6 +322,7 @@ class TestDbCreation(object):
|
||||
CalendarCollection(calendars, dbpath=dbpath, locale=aux.locale)
|
||||
|
||||
|
||||
+@pytest.mark.xfail
|
||||
def test_default_calendar(coll_vdirs):
|
||||
"""test if an update to the vdir is detected by the CalendarCollection"""
|
||||
coll, vdirs = coll_vdirs
|
||||
@@ -341,6 +343,7 @@ def test_default_calendar(coll_vdirs):
|
||||
assert len(list(coll.get_events_on(today))) == 0
|
||||
|
||||
|
||||
+@pytest.mark.xfail
|
||||
def test_only_update_old_event(coll_vdirs, monkeypatch):
|
||||
coll, vdirs = coll_vdirs
|
||||
|
@ -1,50 +0,0 @@
|
||||
Fix CVE-2016-6255:
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6255
|
||||
http://www.openwall.com/lists/oss-security/2016/07/18/13
|
||||
|
||||
Patch adapted from upstream commit:
|
||||
|
||||
https://github.com/mrjimenez/pupnp/commit/d64d6a44906b5aa5306bdf1708531d698654dda5
|
||||
|
||||
The upstream change is simplified to unconditionally disable the HTTP
|
||||
POST feature.
|
||||
|
||||
From d64d6a44906b5aa5306bdf1708531d698654dda5 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@srcf.ucam.org>
|
||||
Date: Tue, 23 Feb 2016 13:53:20 -0800
|
||||
Subject: [PATCH] Don't allow unhandled POSTs to write to the filesystem by
|
||||
default
|
||||
|
||||
If there's no registered handler for a POST request, the default behaviour
|
||||
is to write it to the filesystem. Several million deployed devices appear
|
||||
to have this behaviour, making it possible to (at least) store arbitrary
|
||||
data on them. Add a configure option that enables this behaviour, and change
|
||||
the default to just drop POSTs that aren't directly handled.
|
||||
|
||||
Signed-off-by: Marcelo Roberto Jimenez <mroberto@users.sourceforge.net>
|
||||
(cherry picked from commit c91a8a3903367e1163765b73eb4d43be7d7927fa)
|
||||
---
|
||||
configure.ac | 9 +++++++++
|
||||
upnp/inc/upnpconfig.h.in | 9 +++++++++
|
||||
upnp/src/genlib/net/http/webserver.c | 4 ++++
|
||||
3 files changed, 22 insertions(+)
|
||||
|
||||
diff --git a/upnp/src/genlib/net/http/webserver.c b/upnp/src/genlib/net/http/webserver.c
|
||||
index 26bf0f7..7ae8c1e 100644
|
||||
--- a/upnp/src/genlib/net/http/webserver.c
|
||||
+++ b/upnp/src/genlib/net/http/webserver.c
|
||||
@@ -1367,9 +1367,13 @@ static int http_RecvPostMessage(
|
||||
if (Fp == NULL)
|
||||
return HTTP_INTERNAL_SERVER_ERROR;
|
||||
} else {
|
||||
+#if 0
|
||||
Fp = fopen(filename, "wb");
|
||||
if (Fp == NULL)
|
||||
return HTTP_UNAUTHORIZED;
|
||||
+#else
|
||||
+ return HTTP_NOT_FOUND;
|
||||
+#endif
|
||||
}
|
||||
parser->position = POS_ENTITY;
|
||||
do {
|
@ -1,72 +0,0 @@
|
||||
Fix CVE-2016-8863:
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8863
|
||||
https://sourceforge.net/p/pupnp/bugs/133/
|
||||
|
||||
Patch copied from upstream source repository:
|
||||
|
||||
https://sourceforge.net/p/pupnp/code/ci/9c099c2923ab4d98530ab5204af1738be5bddba7/
|
||||
|
||||
From 9c099c2923ab4d98530ab5204af1738be5bddba7 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Uwe=20Kleine-K=C3=B6nig?= <ukleinek@debian.org>
|
||||
Date: Thu, 8 Dec 2016 17:11:53 +0100
|
||||
Subject: [PATCH] Fix out-of-bound access in create_url_list() (CVE-2016-8863)
|
||||
|
||||
If there is an invalid URL in URLS->buf after a valid one, uri_parse is
|
||||
called with out pointing after the allocated memory. As uri_parse writes
|
||||
to *out before returning an error the loop in create_url_list must be
|
||||
stopped early to prevent an out-of-bound access
|
||||
|
||||
Bug: https://sourceforge.net/p/pupnp/bugs/133/
|
||||
Bug-CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8863
|
||||
Bug-Debian: https://bugs.debian.org/842093
|
||||
Bug-Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=1388771
|
||||
(cherry picked from commit a0f6e719bc03c4d2fe6a4a42ef6b8761446f520b)
|
||||
---
|
||||
upnp/src/gena/gena_device.c | 17 ++++++++++++-----
|
||||
1 file changed, 12 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/upnp/src/gena/gena_device.c b/upnp/src/gena/gena_device.c
|
||||
index fb04a29..245c56b 100644
|
||||
--- a/upnp/src/gena/gena_device.c
|
||||
+++ b/upnp/src/gena/gena_device.c
|
||||
@@ -1113,7 +1113,7 @@ static int create_url_list(
|
||||
/*! [out] . */
|
||||
URL_list *out)
|
||||
{
|
||||
- size_t URLcount = 0;
|
||||
+ size_t URLcount = 0, URLcount2 = 0;
|
||||
size_t i;
|
||||
int return_code = 0;
|
||||
uri_type temp;
|
||||
@@ -1155,16 +1155,23 @@ static int create_url_list(
|
||||
}
|
||||
memcpy( out->URLs, URLS->buff, URLS->size );
|
||||
out->URLs[URLS->size] = 0;
|
||||
- URLcount = 0;
|
||||
for( i = 0; i < URLS->size; i++ ) {
|
||||
if( ( URLS->buff[i] == '<' ) && ( i + 1 < URLS->size ) ) {
|
||||
if( ( ( return_code =
|
||||
parse_uri( &out->URLs[i + 1], URLS->size - i + 1,
|
||||
- &out->parsedURLs[URLcount] ) ) ==
|
||||
+ &out->parsedURLs[URLcount2] ) ) ==
|
||||
HTTP_SUCCESS )
|
||||
- && ( out->parsedURLs[URLcount].hostport.text.size !=
|
||||
+ && ( out->parsedURLs[URLcount2].hostport.text.size !=
|
||||
0 ) ) {
|
||||
- URLcount++;
|
||||
+ URLcount2++;
|
||||
+ if (URLcount2 >= URLcount)
|
||||
+ /*
|
||||
+ * break early here in case there is a bogus URL that
|
||||
+ * was skipped above. This prevents to access
|
||||
+ * out->parsedURLs[URLcount] which is beyond the
|
||||
+ * allocation.
|
||||
+ */
|
||||
+ break;
|
||||
} else {
|
||||
if( return_code == UPNP_E_OUTOF_MEMORY ) {
|
||||
free( out->URLs );
|
||||
--
|
||||
2.11.0
|
||||
|
233
gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch
Normal file
233
gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch
Normal file
@ -0,0 +1,233 @@
|
||||
Fix CVE-2016-9572 and CVE-2016-9573:
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9572
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9573
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9572
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9573
|
||||
|
||||
Patch copied from 3rd-party repository:
|
||||
|
||||
https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d
|
||||
|
||||
From 7b28bd2b723df6be09fe7791eba33147c1c47d0d Mon Sep 17 00:00:00 2001
|
||||
From: szukw000 <szukw000@arcor.de>
|
||||
Date: Mon, 28 Nov 2016 21:57:20 +0100
|
||||
Subject: [PATCH] Changes for issues #863 and #862
|
||||
|
||||
---
|
||||
src/bin/jp2/convert.c | 59 +++++++++++++++++++++++++++++++++++++++-----
|
||||
src/bin/jp2/convertbmp.c | 29 +++++++++++++++++++++-
|
||||
src/bin/jp2/opj_decompress.c | 2 +-
|
||||
src/lib/openjp2/j2k.c | 11 ++++++---
|
||||
4 files changed, 90 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/src/bin/jp2/convert.c b/src/bin/jp2/convert.c
|
||||
index deee4f6..6a3f65b 100644
|
||||
--- a/src/bin/jp2/convert.c
|
||||
+++ b/src/bin/jp2/convert.c
|
||||
@@ -906,7 +906,8 @@ int imagetotga(opj_image_t * image, const char *outfile) {
|
||||
for (i = 0; i < image->numcomps-1; i++) {
|
||||
if ((image->comps[0].dx != image->comps[i+1].dx)
|
||||
||(image->comps[0].dy != image->comps[i+1].dy)
|
||||
- ||(image->comps[0].prec != image->comps[i+1].prec)) {
|
||||
+ ||(image->comps[0].prec != image->comps[i+1].prec)
|
||||
+ ||(image->comps[0].sgnd != image->comps[i+1].sgnd)) {
|
||||
fclose(fdest);
|
||||
fprintf(stderr, "Unable to create a tga file with such J2K image charateristics.");
|
||||
return 1;
|
||||
@@ -1743,7 +1744,7 @@ int imagetopnm(opj_image_t * image, const char *outfile, int force_split)
|
||||
int *red, *green, *blue, *alpha;
|
||||
int wr, hr, max;
|
||||
int i;
|
||||
- unsigned int compno, ncomp;
|
||||
+ unsigned int compno, ncomp, ui;
|
||||
int adjustR, adjustG, adjustB, adjustA;
|
||||
int fails, two, want_gray, has_alpha, triple;
|
||||
int prec, v;
|
||||
@@ -1768,6 +1769,27 @@ int imagetopnm(opj_image_t * image, const char *outfile, int force_split)
|
||||
|
||||
if(want_gray) ncomp = 1;
|
||||
|
||||
+ for (ui = 1; ui < ncomp; ++ui) {
|
||||
+ if (image->comps[0].dx != image->comps[ui].dx) {
|
||||
+ break;
|
||||
+ }
|
||||
+ if (image->comps[0].dy != image->comps[ui].dy) {
|
||||
+ break;
|
||||
+ }
|
||||
+ if (image->comps[0].prec != image->comps[ui].prec) {
|
||||
+ break;
|
||||
+ }
|
||||
+ if (image->comps[0].sgnd != image->comps[ui].sgnd) {
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+ if (ui != ncomp) {
|
||||
+ fprintf(stderr,"imagetopnm: All components\n shall have "
|
||||
+ "the same subsampling, same bit depth, same sign.\n"
|
||||
+ " Aborting\n");
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
if ((force_split == 0) &&
|
||||
(ncomp == 2 /* GRAYA */
|
||||
|| (ncomp > 2 /* RGB, RGBA */
|
||||
@@ -2126,7 +2148,7 @@ static int imagetoraw_common(opj_image_t * image, const char *outfile, OPJ_BOOL
|
||||
{
|
||||
FILE *rawFile = NULL;
|
||||
size_t res;
|
||||
- unsigned int compno;
|
||||
+ unsigned int compno, numcomps;
|
||||
int w, h, fails;
|
||||
int line, row, curr, mask;
|
||||
int *ptr;
|
||||
@@ -2139,6 +2161,31 @@ static int imagetoraw_common(opj_image_t * image, const char *outfile, OPJ_BOOL
|
||||
return 1;
|
||||
}
|
||||
|
||||
+ numcomps = image->numcomps;
|
||||
+
|
||||
+ if (numcomps > 4) {
|
||||
+ numcomps = 4;
|
||||
+ }
|
||||
+ for (compno = 1; compno < numcomps; ++compno) {
|
||||
+ if (image->comps[0].dx != image->comps[compno].dx) {
|
||||
+ break;
|
||||
+ }
|
||||
+ if (image->comps[0].dy != image->comps[compno].dy) {
|
||||
+ break;
|
||||
+ }
|
||||
+ if (image->comps[0].prec != image->comps[compno].prec) {
|
||||
+ break;
|
||||
+ }
|
||||
+ if (image->comps[0].sgnd != image->comps[compno].sgnd) {
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+ if (compno != numcomps) {
|
||||
+ fprintf(stderr,"imagetoraw_common: All components shall have the same subsampling, same bit depth, same sign.\n");
|
||||
+ fprintf(stderr,"\tAborting\n");
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
rawFile = fopen(outfile, "wb");
|
||||
if (!rawFile) {
|
||||
fprintf(stderr, "Failed to open %s for writing !!\n", outfile);
|
||||
@@ -2146,9 +2193,9 @@ static int imagetoraw_common(opj_image_t * image, const char *outfile, OPJ_BOOL
|
||||
}
|
||||
|
||||
fails = 1;
|
||||
- fprintf(stdout,"Raw image characteristics: %d components\n", image->numcomps);
|
||||
+ fprintf(stdout,"Raw image characteristics: %d components\n", numcomps);
|
||||
|
||||
- for(compno = 0; compno < image->numcomps; compno++)
|
||||
+ for(compno = 0; compno < numcomps; compno++)
|
||||
{
|
||||
fprintf(stdout,"Component %u characteristics: %dx%dx%d %s\n", compno, image->comps[compno].w,
|
||||
image->comps[compno].h, image->comps[compno].prec, image->comps[compno].sgnd==1 ? "signed": "unsigned");
|
||||
@@ -2238,7 +2285,7 @@ static int imagetoraw_common(opj_image_t * image, const char *outfile, OPJ_BOOL
|
||||
}
|
||||
else if (image->comps[compno].prec <= 32)
|
||||
{
|
||||
- fprintf(stderr,"More than 16 bits per component no handled yet\n");
|
||||
+ fprintf(stderr,"More than 16 bits per component not handled yet\n");
|
||||
goto fin;
|
||||
}
|
||||
else
|
||||
diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
|
||||
index ae83077..8017ba8 100644
|
||||
--- a/src/bin/jp2/convertbmp.c
|
||||
+++ b/src/bin/jp2/convertbmp.c
|
||||
@@ -806,8 +806,35 @@ int imagetobmp(opj_image_t * image, const char *outfile) {
|
||||
FILE *fdest = NULL;
|
||||
int adjustR, adjustG, adjustB;
|
||||
|
||||
+ {
|
||||
+ unsigned int ui, ncomp = image->numcomps;
|
||||
+
|
||||
+ if (ncomp > 4) { /* RGBA in bmpmask32toimage */
|
||||
+ ncomp = 4;
|
||||
+ }
|
||||
+ for (ui = 1; ui < ncomp; ++ui) {
|
||||
+ if (image->comps[0].dx != image->comps[ui].dx) {
|
||||
+ break;
|
||||
+ }
|
||||
+ if (image->comps[0].dy != image->comps[ui].dy) {
|
||||
+ break;
|
||||
+ }
|
||||
+ if (image->comps[0].prec != image->comps[ui].prec) {
|
||||
+ break;
|
||||
+ }
|
||||
+ if (image->comps[0].sgnd != image->comps[ui].sgnd) {
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+ if (ui != ncomp) {
|
||||
+ fprintf(stderr,"imagetobmp: All components shall have the same subsampling, same bit depth, same sign.\n");
|
||||
+ fprintf(stderr,"\tAborting\n");
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ }
|
||||
if (image->comps[0].prec < 8) {
|
||||
- fprintf(stderr, "Unsupported number of components: %d\n", image->comps[0].prec);
|
||||
+ fprintf(stderr, "imagetobmp: Unsupported precision: %d\n", image->comps[0].prec);
|
||||
return 1;
|
||||
}
|
||||
if (image->numcomps >= 3 && image->comps[0].dx == image->comps[1].dx
|
||||
diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
|
||||
index 83160c3..c30079b 100644
|
||||
--- a/src/bin/jp2/opj_decompress.c
|
||||
+++ b/src/bin/jp2/opj_decompress.c
|
||||
@@ -1607,7 +1607,7 @@ int main(int argc, char **argv)
|
||||
if(dirptr->filename_buf) free(dirptr->filename_buf);
|
||||
free(dirptr);
|
||||
}
|
||||
- if (numDecompressedImages) {
|
||||
+ if (numDecompressedImages && !failed) {
|
||||
fprintf(stdout, "decode time: %d ms\n", (int)( (tCumulative * 1000.0) / (OPJ_FLOAT64)numDecompressedImages));
|
||||
}
|
||||
return failed ? EXIT_FAILURE : EXIT_SUCCESS;
|
||||
diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
|
||||
index 66802bb..b6daa32 100644
|
||||
--- a/src/lib/openjp2/j2k.c
|
||||
+++ b/src/lib/openjp2/j2k.c
|
||||
@@ -2158,7 +2158,7 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k,
|
||||
i, l_img_comp->dx, l_img_comp->dy);
|
||||
return OPJ_FALSE;
|
||||
}
|
||||
- if( l_img_comp->prec > 38) { /* TODO openjpeg won't handle more than ? */
|
||||
+ if( l_img_comp->prec < 1 || l_img_comp->prec > 38) { /* TODO openjpeg won't handle more than ? */
|
||||
opj_event_msg(p_manager, EVT_ERROR,
|
||||
"Invalid values for comp = %d : prec=%u (should be between 1 and 38 according to the JPEG2000 norm)\n",
|
||||
i, l_img_comp->prec);
|
||||
@@ -10029,7 +10029,11 @@ OPJ_BOOL opj_j2k_decode(opj_j2k_t * p_j2k,
|
||||
/* Move data and copy one information from codec to output image*/
|
||||
for (compno = 0; compno < p_image->numcomps; compno++) {
|
||||
p_image->comps[compno].resno_decoded = p_j2k->m_output_image->comps[compno].resno_decoded;
|
||||
- p_image->comps[compno].data = p_j2k->m_output_image->comps[compno].data;
|
||||
+ p_image->comps[compno].data = p_j2k->m_output_image->comps[compno].data;
|
||||
+
|
||||
+ if(p_image->comps[compno].data == NULL) return OPJ_FALSE;
|
||||
+
|
||||
+ p_j2k->m_output_image->comps[compno].data = NULL;
|
||||
#if 0
|
||||
char fn[256];
|
||||
sprintf( fn, "/tmp/%d.raw", compno );
|
||||
@@ -10037,7 +10041,6 @@ OPJ_BOOL opj_j2k_decode(opj_j2k_t * p_j2k,
|
||||
fwrite( p_image->comps[compno].data, sizeof(OPJ_INT32), p_image->comps[compno].w * p_image->comps[compno].h, debug );
|
||||
fclose( debug );
|
||||
#endif
|
||||
- p_j2k->m_output_image->comps[compno].data = NULL;
|
||||
}
|
||||
|
||||
return OPJ_TRUE;
|
||||
@@ -10131,6 +10134,8 @@ OPJ_BOOL opj_j2k_get_tile( opj_j2k_t *p_j2k,
|
||||
|
||||
p_image->comps[compno].data = p_j2k->m_output_image->comps[compno].data;
|
||||
|
||||
+ if (p_image->comps[compno].data == NULL) return OPJ_FALSE;
|
||||
+
|
||||
p_j2k->m_output_image->comps[compno].data = NULL;
|
||||
}
|
||||
|
@ -1194,14 +1194,14 @@ under several distributions that's hard or impossible to figure out.")
|
||||
(define-public python2-pysqlite
|
||||
(package
|
||||
(name "python2-pysqlite")
|
||||
(version "2.8.1")
|
||||
(version "2.8.3")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "pysqlite" version))
|
||||
(sha256
|
||||
(base32
|
||||
"0rm0zqyb363y6wljhfmbxs16jjv7p8nk1d8zgq9sdwj6js7y3jkm"))))
|
||||
"1424gwq9sil2ffmnizk60q36vydkv8rxs6m7xs987kz8cdc37lqp"))))
|
||||
(build-system python-build-system)
|
||||
(inputs
|
||||
`(("sqlite" ,sqlite)))
|
||||
@ -2242,10 +2242,11 @@ executed.")
|
||||
(propagated-inputs
|
||||
`(("python-coverage" ,python-coverage)))
|
||||
(home-page "https://github.com/schlamar/cov-core")
|
||||
(synopsis "plugin core for use by pytest-cov, nose-cov and nose2-cov")
|
||||
(synopsis "Coverage plugin core for pytest-cov, nose-cov and nose2-cov")
|
||||
(description
|
||||
"This is a library package for use by pytest-cov, nose-cov and nose2-cov.
|
||||
It is useful for developing coverage plugins for these testing frameworks.")
|
||||
"This is a library package for use by @code{pytest-cov}, @code{nose-cov}
|
||||
and @code{nose2-cov}. It is useful for developing coverage plugins for these
|
||||
testing frameworks.")
|
||||
(license license:expat)))
|
||||
|
||||
(define-public python2-cov-core
|
||||
@ -2568,13 +2569,13 @@ cutting and pasting that code over and over.")
|
||||
(define-public python-unidecode
|
||||
(package
|
||||
(name "python-unidecode")
|
||||
(version "0.04.18")
|
||||
(version "0.04.20")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "Unidecode" version))
|
||||
(sha256
|
||||
(base32
|
||||
"12hhblqy1ajvidm38im4171x4arg83pfmziyn53nizp29p3m14gi"))))
|
||||
"1q00i8gpsq3d9r0q8wk4b290fxl0kqlsdk7iadvli45in6s1hi7d"))))
|
||||
(build-system python-build-system)
|
||||
(home-page "https://pypi.python.org/pypi/Unidecode")
|
||||
(synopsis "ASCII transliterations of Unicode text")
|
||||
@ -4004,14 +4005,14 @@ Python code against some of the style conventions in
|
||||
(define-public python-orderedmultidict
|
||||
(package
|
||||
(name "python-orderedmultidict")
|
||||
(version "0.7.10")
|
||||
(version "0.7.11")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "orderedmultidict" version))
|
||||
(sha256
|
||||
(base32
|
||||
"1gvqk0jd432wsn88kq4svad68xz3r012jfpnhh9in7bqrkyxidky"))))
|
||||
"0dls862ibm7qbq4fnvwx0xn1v9hwyzywbff8xjjdr42dd75208yw"))))
|
||||
(build-system python-build-system)
|
||||
(arguments
|
||||
`(#:phases
|
||||
@ -4132,14 +4133,14 @@ You might also want to install the following optional dependencies:
|
||||
(define-public python-alembic
|
||||
(package
|
||||
(name "python-alembic")
|
||||
(version "0.8.7")
|
||||
(version "0.8.10")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "alembic" version))
|
||||
(sha256
|
||||
(base32
|
||||
"0ias6fdzwr2s220fnjspkdgm9510bd0cnap0hx5y4zy4srba9f3z"))))
|
||||
"06br9sfqypnjlal6fsbnky3zb0askwcn3diz8k3kwa0qcblm0fqf"))))
|
||||
(build-system python-build-system)
|
||||
(native-inputs
|
||||
`(("python-mock" ,python-mock)
|
||||
@ -5535,13 +5536,13 @@ Python style, together with a fast and comfortable execution environment.")
|
||||
(define-public python-seaborn
|
||||
(package
|
||||
(name "python-seaborn")
|
||||
(version "0.7.0")
|
||||
(version "0.7.1")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "seaborn" version))
|
||||
(sha256
|
||||
(base32 "0ibi3xsfm2kysph61mnfy0pf8d5rkgxgrdb0z9nbizgcgdsb5a0m"))))
|
||||
(base32 "0pawrqc3mxpwd5g9pvi9gba02637bh5c8ldpp8izfwpfn52469zs"))))
|
||||
(build-system python-build-system)
|
||||
(propagated-inputs
|
||||
`(("python-pandas" ,python-pandas)
|
||||
@ -5998,7 +5999,7 @@ complexity of Python source code.")
|
||||
(define-public python-mistune
|
||||
(package
|
||||
(name "python-mistune")
|
||||
(version "0.7")
|
||||
(version "0.7.3")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
@ -6008,7 +6009,7 @@ complexity of Python source code.")
|
||||
".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"17zqjp9m4d1w3jf2rbbq5xshcw24q1vlcv24gkgfqqyyymajxahx"))))
|
||||
"04xpk1zvslhq3xpnf01g3ag0dy9wfv4z28p093r8k49vvxlyil11"))))
|
||||
(build-system python-build-system)
|
||||
(native-inputs
|
||||
`(("python-nose" ,python-nose)
|
||||
@ -7022,16 +7023,14 @@ serve the same purpose: provide Python bindings for libmagic.")))
|
||||
(define-public python-debian
|
||||
(package
|
||||
(name "python-debian")
|
||||
(version "0.1.23")
|
||||
(version "0.1.28")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
"https://pypi.python.org/packages/source/p/python-debian/python-debian-"
|
||||
version ".tar.gz"))
|
||||
(uri (pypi-uri name version))
|
||||
(sha256
|
||||
(base32
|
||||
"193faznwnjc3n5991wyzim6h9gyq1zxifmfrnpm3avgkh7ahyynh"))))
|
||||
"0i15f0xzx679sd0ldq2sls9pnnps9fv6vhqvnv9dzf4qhma42i0y"))))
|
||||
(build-system python-build-system)
|
||||
(propagated-inputs
|
||||
`(("python-six" ,python-six)))
|
||||
@ -8612,16 +8611,16 @@ supports url redirection and retries, and also gzip and deflate decoding.")
|
||||
(define-public python-colorama
|
||||
(package
|
||||
(name "python-colorama")
|
||||
(version "0.3.3")
|
||||
(version "0.3.7")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "colorama" version))
|
||||
(sha256
|
||||
(base32
|
||||
"1716z9pq1r5ys3nkg7wdrb3h2f9rmd0zdxpxzmx3bgwgf6xg48gb"))))
|
||||
"0avqkn6362v7k2kg3afb35g4sfdvixjgy890clip4q174p9whhz0"))))
|
||||
(build-system python-build-system)
|
||||
(synopsis "colored terminal text rendering for Python")
|
||||
(synopsis "Colored terminal text rendering for Python")
|
||||
(description "Colorama is a Python library for rendering colored terminal
|
||||
text.")
|
||||
(home-page "https://pypi.python.org/pypi/colorama")
|
||||
@ -9027,14 +9026,14 @@ file.")
|
||||
(define-public python-paste
|
||||
(package
|
||||
(name "python-paste")
|
||||
(version "2.0.2")
|
||||
(version "2.0.3")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "Paste" version))
|
||||
(sha256
|
||||
(base32
|
||||
"16dsv9qi0r4qsrsb6dilpq2rx0fnglvh36flzywcdnm2jg43mb5d"))
|
||||
"062jk0nlxf6lb2wwj6zc20rlvrwsnikpkh90y0dn8cjch93s6ii3"))
|
||||
(patches (search-patches "python-paste-remove-website-test.patch"
|
||||
"python-paste-remove-timing-test.patch"))))
|
||||
(build-system python-build-system)
|
||||
@ -9042,12 +9041,6 @@ file.")
|
||||
`(("python-nose" ,python-nose)))
|
||||
(propagated-inputs
|
||||
`(("python-six" ,python-six)))
|
||||
(arguments
|
||||
'(;; Tests don't pass on Python 3, but work fine on Python 2.
|
||||
;; (As of 2.0.2, Python 3 support in Paste is presently a bit broken,
|
||||
;; but is usable enough for the minimal amount it's used in MediaGoblin
|
||||
;; still... things should be better by the next Paste release.)
|
||||
#:tests? #f))
|
||||
(home-page "http://pythonpaste.org")
|
||||
(synopsis
|
||||
"Python web development tools, focusing on WSGI")
|
||||
@ -9055,18 +9048,10 @@ file.")
|
||||
"Paste provides a variety of web development tools and middleware which
|
||||
can be nested together to build web applications. Paste's design closely
|
||||
follows ideas flowing from WSGI (Web Standard Gateway Interface).")
|
||||
(license license:expat)
|
||||
(properties `((python2-variant . ,(delay python2-paste))))))
|
||||
(license license:expat)))
|
||||
|
||||
(define-public python2-paste
|
||||
(let ((paste (package-with-python2
|
||||
(strip-python2-variant python-paste))))
|
||||
(package
|
||||
(inherit paste)
|
||||
(arguments
|
||||
;; Tests are back for Python 2!
|
||||
`(#:tests? #t
|
||||
,@(package-arguments paste))))))
|
||||
(package-with-python2 python-paste))
|
||||
|
||||
(define-public python-pastescript
|
||||
(package
|
||||
@ -10414,13 +10399,13 @@ It uses LR parsing and does extensive error checking.")
|
||||
(define-public python-tabulate
|
||||
(package
|
||||
(name "python-tabulate")
|
||||
(version "0.7.5")
|
||||
(version "0.7.7")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "tabulate" version))
|
||||
(sha256
|
||||
(base32
|
||||
"03l1r7ddd1a0j2snv1yd0hlnghjad3fg1an1jr8936ksv75slwch"))
|
||||
"1inqhspd4frxnp08c32yndr0lc4px1xfkqah184i5w09gkhvi843"))
|
||||
;; Fix tests
|
||||
(modules '((guix build utils)))
|
||||
(snippet '(substitute* '("test/test_cli.py"
|
||||
@ -10720,13 +10705,13 @@ It supports TSIG authenticated messages and EDNS0.")
|
||||
(define-public python-email-validator
|
||||
(package
|
||||
(name "python-email-validator")
|
||||
(version "1.0.1")
|
||||
(version "1.0.2")
|
||||
(source
|
||||
(origin (method url-fetch)
|
||||
(uri (pypi-uri "email_validator" version))
|
||||
(sha256
|
||||
(base32
|
||||
"0mn8jg5h8ifl8w6a6m0hq8kbk0mzw9vm054qfamkn89b3npz52qw"))))
|
||||
"1ja9149l9ck5n45a72h3is7v476hjny5ybxbcamx1nw6iplsm7k6"))))
|
||||
(build-system python-build-system)
|
||||
(arguments
|
||||
'(#:phases
|
||||
|
@ -1,6 +1,7 @@
|
||||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
|
||||
;;; Copyright © 2015, 2016 Eric Bavier <bavier@member.fsf.org>
|
||||
;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -19,7 +20,7 @@
|
||||
|
||||
(define-module (gnu packages search)
|
||||
#:use-module ((guix licenses)
|
||||
#:select (gpl2 gpl2+ gpl3+ bsd-3 x11))
|
||||
#:select (gpl2 gpl2+ gpl3+ lgpl2.1+ bsd-3 x11))
|
||||
#:use-module (guix packages)
|
||||
#:use-module (guix download)
|
||||
#:use-module (guix build-system gnu)
|
||||
@ -160,6 +161,33 @@ accounting for new lines and paragraph changes. It also has robust support
|
||||
for parsing HTML files.")
|
||||
(license gpl3+)))
|
||||
|
||||
(define-public hyperestraier
|
||||
(package
|
||||
(name "hyperestraier")
|
||||
(version "1.4.13")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "http://fallabs.com/" name "/"
|
||||
name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1qk3pxgzyrpcz5qfyd5xs2hw9q1cbb7j5zd4kp1diq501wcj2vs9"))))
|
||||
(inputs
|
||||
`(("qdbm" ,qdbm)
|
||||
("zlib" ,zlib)))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
`(#:configure-flags (list (string-append "LDFLAGS=-Wl,-rpath="
|
||||
(assoc-ref %outputs "out")
|
||||
"/lib"))))
|
||||
(home-page "http://fallabs.com/hyperestraier")
|
||||
(synopsis "Full-text search system")
|
||||
(description "Hyper Estraier can be used to integrate full-text
|
||||
search into applications, using either the provided command line and CGI
|
||||
interfaces, or a C API.")
|
||||
(license lgpl2.1+)))
|
||||
|
||||
(define-public mlocate
|
||||
(package
|
||||
(name "mlocate")
|
||||
|
@ -58,14 +58,14 @@ between various shells or commands.")
|
||||
(define-public trash-cli
|
||||
(package
|
||||
(name "trash-cli")
|
||||
(version "0.17.1.1")
|
||||
(version "0.17.1.14")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "trash-cli" version))
|
||||
(sha256
|
||||
(base32
|
||||
"019sjab29jkps8zkf8icihhf3ng4lx9y4p1lxjd3wbnnynphc4is"))))
|
||||
"01q0cl04ljf214z6s3g256gsxx3pqsgaf6ac1zh0vrq5bnhnr85h"))))
|
||||
(build-system python-build-system)
|
||||
(arguments
|
||||
`(#:python ,python-2
|
||||
|
@ -1,5 +1,6 @@
|
||||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -25,6 +26,7 @@
|
||||
#:use-module (gnu packages compression)
|
||||
#:use-module (gnu packages databases)
|
||||
#:use-module (gnu packages linux)
|
||||
#:use-module (gnu packages lua)
|
||||
#:use-module (gnu packages perl)
|
||||
#:use-module (gnu packages pkg-config)
|
||||
#:use-module (gnu packages qt)
|
||||
@ -158,3 +160,49 @@ their folder.
|
||||
@item Toggle for monochrome icon.
|
||||
@end enumerate\n")
|
||||
(license license:lgpl3+)))
|
||||
|
||||
(define-public lsyncd
|
||||
(package
|
||||
(name "lsyncd")
|
||||
(version "2.2.1")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://github.com/axkibe/lsyncd/archive/release-"
|
||||
version ".tar.gz"))
|
||||
(file-name (string-append name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0da7mrq2c578v2dd5x9v75l1fqrm28jvn28qkcd49y8p992nj6gl"))))
|
||||
(build-system cmake-build-system)
|
||||
(arguments
|
||||
`(;; The "tests" target is broken and assumes that tests are run in the
|
||||
;; root directory.
|
||||
#:tests? #f
|
||||
#:test-target "tests"
|
||||
#:phases
|
||||
(modify-phases %standard-phases
|
||||
;; No install target.
|
||||
(replace 'install
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
(let* ((out (assoc-ref outputs "out"))
|
||||
(bin (string-append out "/bin"))
|
||||
(man (string-append out "/share/man/man1")))
|
||||
(install-file "lsyncd" bin)
|
||||
(install-file (string-append "../lsyncd-release-"
|
||||
,version
|
||||
"/doc/manpage/lsyncd.1")
|
||||
man)
|
||||
#t))))))
|
||||
(native-inputs
|
||||
`(("lua" ,lua-5.2)))
|
||||
(home-page "https://github.com/axkibe/lsyncd")
|
||||
(synopsis "Synchronize local directories with remote targets")
|
||||
(description "Lsyncd watches a local directory trees event monitor
|
||||
interface (inotify or fsevents). It aggregates and combines events for a few
|
||||
seconds and then spawns one (or more) process(es) to synchronize the changes.
|
||||
By default this is rsync, which must be installed on all source and target
|
||||
machines. Lsyncd is thus a light-weight live mirror solution that is
|
||||
comparatively easy to install not requiring new filesystems or block devices
|
||||
and does not hamper local filesystem performance.")
|
||||
(license license:gpl2+)))
|
||||
|
@ -6,6 +6,7 @@
|
||||
;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2016, 2017 José Miguel Sánchez García <jmi2k@openmailbox.org>
|
||||
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
|
||||
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -362,3 +363,70 @@ scripts, notifying the user when something interesting occurs. Of course, it
|
||||
has no notion of what's interesing, but it's very good at that notifying part.")
|
||||
(home-page "http://www.johnath.com/beep")
|
||||
(license license:gpl2+)))
|
||||
|
||||
(define-public unibilium
|
||||
(package
|
||||
(name "unibilium")
|
||||
(version "1.2.0")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://github.com/mauke/unibilium/"
|
||||
"archive/v" version ".tar.gz"))
|
||||
(file-name (string-append name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1n7a0jrlwhn9nnkna76sbnjrr808m0pmzbiwznmp7rhmjl4z2fk2"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
`(#:make-flags
|
||||
(list "CC=gcc"
|
||||
(string-append "PREFIX=" (assoc-ref %outputs "out")))
|
||||
#:test-target "test"
|
||||
;; FIXME: tests require "prove"
|
||||
#:tests? #f
|
||||
#:phases
|
||||
(modify-phases %standard-phases
|
||||
(delete 'configure))))
|
||||
(native-inputs
|
||||
`(("libtool" ,libtool)))
|
||||
(home-page "https://github.com/mauke/unibilium")
|
||||
(synopsis "Terminfo parsing library")
|
||||
(description "Unibilium is a basic C terminfo library. It doesn't depend
|
||||
on curses or any other library. It also doesn't use global variables, so it
|
||||
should be thread-safe.")
|
||||
(license license:lgpl3+)))
|
||||
|
||||
(define-public libvterm
|
||||
(package
|
||||
(name "libvterm")
|
||||
(version "0+bzr681")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "http://www.leonerd.org.uk/code/libvterm/"
|
||||
"libvterm-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1s56c8p1qz6frkcri0hg4qyydv2wcccj6n2xmz1dwcdqn38ldsmb"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
`(#:make-flags
|
||||
(list "CC=gcc"
|
||||
(string-append "PREFIX=" (assoc-ref %outputs "out")))
|
||||
#:test-target "test"
|
||||
#:phases
|
||||
(modify-phases %standard-phases
|
||||
(delete 'configure))))
|
||||
(native-inputs
|
||||
`(("libtool" ,libtool)
|
||||
("perl" ,perl)))
|
||||
(home-page "http://www.leonerd.org.uk/code/libvterm/")
|
||||
(synopsis "VT220/xterm/ECMA-48 terminal emulator library")
|
||||
(description "Libvterm is an abstract C99 library which implements a VT220
|
||||
or xterm-like terminal emulator. It doesn't use any particular graphics
|
||||
toolkit or output system, instead it invokes callback function pointers that
|
||||
its embedding program should provide it to draw on its behalf. It avoids
|
||||
calling @code{malloc} during normal running state, allowing it to be used in
|
||||
embedded kernel situations.")
|
||||
(license license:expat)))
|
||||
|
@ -2,7 +2,7 @@
|
||||
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
|
||||
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
|
||||
;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -39,14 +39,14 @@
|
||||
(define-public tor
|
||||
(package
|
||||
(name "tor")
|
||||
(version "0.2.9.8")
|
||||
(version "0.2.9.9")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://dist.torproject.org/tor-"
|
||||
version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0sklgmx4nikcfhqd606kvpwy1l8840w24ikli1xjjx25739k7pgv"))))
|
||||
"0hqdk5p6dw4bpn7c8gmhyi8jjkhc37112pfw5nx4gl0g4lmmscik"))))
|
||||
(build-system gnu-build-system)
|
||||
(native-inputs
|
||||
`(("python" ,python-2))) ; for tests
|
||||
|
@ -580,7 +580,7 @@ standards (MPEG-2, MPEG-4 ASP/H.263, MPEG-4 AVC/H.264, and VC-1/VMW3).")
|
||||
(lambda* (#:key outputs configure-flags #:allow-other-keys)
|
||||
(let ((out (assoc-ref outputs "out")))
|
||||
(substitute* "configure"
|
||||
(("#! /bin/sh") (string-append "#!" (which "bash"))))
|
||||
(("#! /bin/sh") (string-append "#!" (which "sh"))))
|
||||
(setenv "SHELL" (which "bash"))
|
||||
(setenv "CONFIG_SHELL" (which "bash"))
|
||||
(zero? (apply system*
|
||||
@ -796,7 +796,7 @@ treaming protocols.")
|
||||
(let ((out (assoc-ref outputs "out"))
|
||||
(libx11 (assoc-ref inputs "libx11")))
|
||||
(substitute* "configure"
|
||||
(("#! /bin/sh") (string-append "#!" (which "bash"))))
|
||||
(("#! /bin/sh") (string-append "#!" (which "sh"))))
|
||||
(setenv "SHELL" (which "bash"))
|
||||
(setenv "CONFIG_SHELL" (which "bash"))
|
||||
(zero? (system*
|
||||
@ -970,7 +970,7 @@ access to mpv's powerful playback capabilities.")
|
||||
(define-public youtube-dl
|
||||
(package
|
||||
(name "youtube-dl")
|
||||
(version "2017.01.14")
|
||||
(version "2017.01.24")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://yt-dl.org/downloads/"
|
||||
@ -978,7 +978,7 @@ access to mpv's powerful playback capabilities.")
|
||||
version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1jlwz6p7ryj9ygmwqm4r3pykd9qw21rsiqpifbx0p0kcvdvvvj3n"))))
|
||||
"1n74s6kfs4v1lfg7xls9ymk6yrq09hxwd18sz3lziv5qd1pj14b6"))))
|
||||
(build-system python-build-system)
|
||||
(arguments
|
||||
;; The problem here is that the directory for the man page and completion
|
||||
@ -1228,7 +1228,7 @@ for use with HTML5 video.")
|
||||
(lambda _
|
||||
(with-directory-excursion "avidemux_core/ffmpeg_package"
|
||||
(substitute* "ffmpeg-2.7.6/configure"
|
||||
(("#! /bin/sh") (string-append "#!" (which "bash"))))
|
||||
(("#! /bin/sh") (string-append "#!" (which "sh"))))
|
||||
(system* "tar" "cjf" "ffmpeg-2.7.6.tar.bz2" "ffmpeg-2.7.6"
|
||||
;; avoid non-determinism in the archive
|
||||
"--sort=name" "--mtime=@0"
|
||||
|
@ -17,6 +17,7 @@
|
||||
;;; Copyright © 2016 Arun Isaac <arunisaac@systemreboot.net>
|
||||
;;; Copyright © 2016 Tobias Geerinckx-Rice <me@tobias.gr>
|
||||
;;; Copyright © 2016 Bake Timmons <b3timmons@speedymail.org>
|
||||
;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -3968,3 +3969,29 @@ useful for users behind restrictive firewalls. As long as Web traffic is
|
||||
allowed, even through a HTTP-only proxy, httptunnel can be combined with other
|
||||
tools like SSH (Secure Shell) to reach the outside world.")
|
||||
(license l:gpl2+)))
|
||||
|
||||
(define-public stunnel
|
||||
(package
|
||||
(name "stunnel")
|
||||
(version "5.39")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://www.stunnel.org/downloads/stunnel-"
|
||||
version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1vjdn32iw11zqsygwxbjmqgs4644dk3ql1h8ap890ls6a1x0i318"))))
|
||||
(build-system gnu-build-system)
|
||||
(inputs `(("openssl" ,openssl)))
|
||||
(arguments
|
||||
`(#:configure-flags
|
||||
(list (string-append "--with-ssl=" (assoc-ref %build-inputs "openssl")))))
|
||||
(home-page "https://www.stunnel.org")
|
||||
(synopsis "TLS proxy for clients or servers")
|
||||
(description "Stunnel is a proxy designed to add TLS encryption
|
||||
functionality to existing clients and servers without any changes in the
|
||||
programs' code. Its architecture is optimized for security, portability, and
|
||||
scalability (including load-balancing), making it suitable for large
|
||||
deployments.")
|
||||
(license l:gpl2+)))
|
||||
|
@ -3,7 +3,7 @@
|
||||
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
|
||||
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
|
||||
;;; Copyright © 2014, 2015, 2016 Alex Kost <alezost@gmail.com>
|
||||
;;; Copyright © 2013, 2015 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2013, 2015, 2017 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2015, 2016 Mathieu Lirzin <mthl@gnu.org>
|
||||
;;; Copyright © 2015 Alexander I.Grafov <grafov@gmail.com>
|
||||
;;; Copyright © 2015 Andy Wingo <wingo@igalia.com>
|
||||
@ -75,7 +75,14 @@
|
||||
"/files/" name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1i3f1agixxbfy4kxikb2b241p7c2lg73cl9wqfvlwz3q6zf5faxv"))))
|
||||
"1i3f1agixxbfy4kxikb2b241p7c2lg73cl9wqfvlwz3q6zf5faxv"))
|
||||
(modules '((guix build utils)))
|
||||
(snippet
|
||||
;; Do not record a timestamp and file name in gzipped man
|
||||
;; pages (this is equivalent to 'gzip --no-name'.)
|
||||
'(substitute* "setup.py"
|
||||
(("gzip\\.open\\(gzfile, 'w', 9\\)")
|
||||
"gzip.GzipFile('', 'wb', 9, open(gzfile, 'wb'), 0.)")))))
|
||||
(build-system python-build-system)
|
||||
(arguments
|
||||
`(#:python ,python-2 ;incompatible with python 3
|
||||
|
@ -300,7 +300,7 @@ ogginfo, to obtain information (tags, bitrate, length, etc.) about
|
||||
(define opus
|
||||
(package
|
||||
(name "opus")
|
||||
(version "1.1.3")
|
||||
(version "1.1.4")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
@ -308,7 +308,7 @@ ogginfo, to obtain information (tags, bitrate, length, etc.) about
|
||||
".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0cxnd7pjxbgh6l3cbzsw29phpr5cq28fikfhjlp1hc3y5s0gxdjq"))))
|
||||
"14l6kpapmcnvl7p9hrmbqcnzj13zfzyppyc9a5kd4788h2rvc8li"))))
|
||||
(build-system gnu-build-system)
|
||||
(synopsis "Versatile audio codec")
|
||||
(description
|
||||
|
@ -345,6 +345,10 @@ ACTIVATION-SCRIPT-TYPE."
|
||||
;; thus there is no accounting at all.
|
||||
(close-port (open-file "/var/run/utmpx" "a0"))
|
||||
|
||||
;; Same for 'wtmp', which is populated by mingetty et
|
||||
;; al.
|
||||
(close-port (open-file "/var/log/wtmp" "a0"))
|
||||
|
||||
;; Set up /run/current-system. Among other things this
|
||||
;; sets up locales, which the activation snippets
|
||||
;; executed below may expect.
|
||||
|
@ -1,5 +1,6 @@
|
||||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2016 Andy Wingo <wingo@pobox.com>
|
||||
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -811,6 +812,7 @@ IPP specifications.")
|
||||
;; Activation gexp.
|
||||
(with-imported-modules '((guix build utils))
|
||||
#~(begin
|
||||
(use-modules (guix build utils))
|
||||
(define (mkdir-p/perms directory owner perms)
|
||||
(mkdir-p directory)
|
||||
(chown "/var/run/cups" (passwd:uid owner) (passwd:gid owner))
|
||||
|
@ -1,5 +1,6 @@
|
||||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2015 Andy Wingo <wingo@igalia.com>
|
||||
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -1601,6 +1602,7 @@ accept from local for any relay
|
||||
(($ <opensmtpd-configuration> package config-file)
|
||||
(let ((smtpd (file-append package "/sbin/smtpd")))
|
||||
#~(begin
|
||||
(use-modules (guix build utils))
|
||||
;; Create mbox and spool directories.
|
||||
(mkdir-p "/var/mail")
|
||||
(mkdir-p "/var/spool/smtpd")
|
||||
|
@ -3,6 +3,7 @@
|
||||
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
|
||||
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2016 John Darrington <jmd@gnu.org>
|
||||
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -332,6 +333,7 @@ restrict -6 ::1\n"))
|
||||
"Return the activation gexp for CONFIG."
|
||||
(with-imported-modules '((guix build utils))
|
||||
#~(begin
|
||||
(use-modules (guix build utils))
|
||||
(define %user
|
||||
(getpw "ntpd"))
|
||||
|
||||
|
@ -1,5 +1,6 @@
|
||||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2016 David Craven <david@craven.ch>
|
||||
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -35,7 +36,9 @@
|
||||
|
||||
(define (spice-vdagent-activation config)
|
||||
"Return the activation gexp for CONFIG."
|
||||
#~(mkdir-p "/var/run/spice-vdagentd"))
|
||||
#~(begin
|
||||
(use-modules (guix build utils))
|
||||
(mkdir-p "/var/run/spice-vdagentd")))
|
||||
|
||||
(define (spice-vdagent-shepherd-service config)
|
||||
"Return a <shepherd-service> for spice-vdagentd with CONFIG."
|
||||
|
@ -2,6 +2,7 @@
|
||||
;;; Copyright © 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2016 David Craven <david@craven.ch>
|
||||
;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu>
|
||||
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -292,6 +293,7 @@ The other options should be self-descriptive."
|
||||
(define (openssh-activation config)
|
||||
"Return the activation GEXP for CONFIG."
|
||||
#~(begin
|
||||
(use-modules (guix build utils))
|
||||
(mkdir-p "/etc/ssh")
|
||||
(mkdir-p (dirname #$(openssh-configuration-pid-file config)))
|
||||
|
||||
@ -388,6 +390,7 @@ The other options should be self-descriptive."
|
||||
(define (dropbear-activation config)
|
||||
"Return the activation gexp for CONFIG."
|
||||
#~(begin
|
||||
(use-modules (guix build utils))
|
||||
(mkdir-p "/etc/dropbear")))
|
||||
|
||||
(define (dropbear-shepherd-service config)
|
||||
|
@ -1,5 +1,6 @@
|
||||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu>
|
||||
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -444,7 +445,9 @@ is trunkated and rewritten every minute.")
|
||||
(shell (file-append shadow "/sbin/nologin")))))
|
||||
|
||||
(define %openvpn-activation
|
||||
#~(mkdir-p "/var/run/openvpn"))
|
||||
#~(begin
|
||||
(use-modules (guix build utils))
|
||||
(mkdir-p "/var/run/openvpn")))
|
||||
|
||||
(define openvpn-server-service-type
|
||||
(service-type (name 'openvpn-server)
|
||||
|
@ -54,7 +54,7 @@
|
||||
(define-record-type* <mapped-device> mapped-device
|
||||
make-mapped-device
|
||||
mapped-device?
|
||||
(source mapped-device-source) ;string
|
||||
(source mapped-device-source) ;string | list of strings
|
||||
(target mapped-device-target) ;string
|
||||
(type mapped-device-type)) ;<mapped-device-kind>
|
||||
|
||||
|
@ -194,6 +194,29 @@ info --version")
|
||||
(utmpx-entries)))
|
||||
marionette))
|
||||
|
||||
;; Likewise for /var/log/wtmp (used by 'last').
|
||||
(test-assert "wtmp entry"
|
||||
(match (marionette-eval
|
||||
'(begin
|
||||
(use-modules (guix build syscalls)
|
||||
(srfi srfi-1))
|
||||
|
||||
(define (entry->list entry)
|
||||
(list (utmpx-user entry) (utmpx-line entry)
|
||||
(utmpx-host entry) (utmpx-login-type entry)))
|
||||
|
||||
(call-with-input-file "/var/log/wtmp"
|
||||
(lambda (port)
|
||||
(let loop ((result '()))
|
||||
(if (eof-object? (peek-char port))
|
||||
(map entry->list (reverse result))
|
||||
(loop (cons (read-utmpx port) result)))))))
|
||||
marionette)
|
||||
(((users lines hosts types) ..1)
|
||||
(every (lambda (type)
|
||||
(eqv? type (login-type LOGIN_PROCESS)))
|
||||
types))))
|
||||
|
||||
(test-assert "host name resolution"
|
||||
(match (marionette-eval
|
||||
'(begin
|
||||
|
@ -21,6 +21,7 @@
|
||||
(define-module (guix build syscalls)
|
||||
#:use-module (system foreign)
|
||||
#:use-module (rnrs bytevectors)
|
||||
#:autoload (ice-9 binary-ports) (get-bytevector-n)
|
||||
#:use-module (srfi srfi-1)
|
||||
#:use-module (srfi srfi-9)
|
||||
#:use-module (srfi srfi-9 gnu)
|
||||
@ -142,7 +143,8 @@
|
||||
utmpx-time
|
||||
utmpx-address
|
||||
login-type
|
||||
utmpx-entries))
|
||||
utmpx-entries
|
||||
(read-utmpx-from-port . read-utmpx)))
|
||||
|
||||
;;; Commentary:
|
||||
;;;
|
||||
@ -1598,4 +1600,13 @@ always a positive integer."
|
||||
((? utmpx? entry)
|
||||
(loop (cons entry entries))))))
|
||||
|
||||
(define (read-utmpx-from-port port)
|
||||
"Read a utmpx entry from PORT. Return either the EOF object or a utmpx
|
||||
entry."
|
||||
(match (get-bytevector-n port sizeof-utmpx)
|
||||
((? eof-object? eof)
|
||||
eof)
|
||||
((? bytevector? bv)
|
||||
(read-utmpx bv))))
|
||||
|
||||
;;; syscalls.scm ends here
|
||||
|
@ -78,11 +78,12 @@
|
||||
(define* (graft-derivation/shallow store drv grafts
|
||||
#:key
|
||||
(name (derivation-name drv))
|
||||
(outputs (derivation-output-names drv))
|
||||
(guile (%guile-for-build))
|
||||
(system (%current-system)))
|
||||
"Return a derivation called NAME, based on DRV but with all the GRAFTS
|
||||
applied. This procedure performs \"shallow\" grafting in that GRAFTS are not
|
||||
recursively applied to dependencies of DRV."
|
||||
"Return a derivation called NAME, which applies GRAFTS to the specified
|
||||
OUTPUTS of DRV. This procedure performs \"shallow\" grafting in that GRAFTS
|
||||
are not recursively applied to dependencies of DRV."
|
||||
;; XXX: Someday rewrite using gexps.
|
||||
(define mapping
|
||||
;; List of store item pairs.
|
||||
@ -96,14 +97,12 @@ recursively applied to dependencies of DRV."
|
||||
target))))
|
||||
grafts))
|
||||
|
||||
(define outputs
|
||||
(map (match-lambda
|
||||
((name . output)
|
||||
(cons name (derivation-output-path output))))
|
||||
(derivation-outputs drv)))
|
||||
|
||||
(define output-names
|
||||
(derivation-output-names drv))
|
||||
(define output-pairs
|
||||
(map (lambda (output)
|
||||
(cons output
|
||||
(derivation-output-path
|
||||
(assoc-ref (derivation-outputs drv) output))))
|
||||
outputs))
|
||||
|
||||
(define build
|
||||
`(begin
|
||||
@ -111,7 +110,7 @@ recursively applied to dependencies of DRV."
|
||||
(guix build utils)
|
||||
(ice-9 match))
|
||||
|
||||
(let* ((old-outputs ',outputs)
|
||||
(let* ((old-outputs ',output-pairs)
|
||||
(mapping (append ',mapping
|
||||
(map (match-lambda
|
||||
((name . file)
|
||||
@ -143,10 +142,10 @@ recursively applied to dependencies of DRV."
|
||||
(guix build utils))
|
||||
#:inputs `(,@(map (lambda (out)
|
||||
`("x" ,drv ,out))
|
||||
output-names)
|
||||
outputs)
|
||||
,@(append (map add-label sources)
|
||||
(map add-label targets)))
|
||||
#:outputs output-names
|
||||
#:outputs outputs
|
||||
#:local-build? #t)))))
|
||||
(define (item->deriver store item)
|
||||
"Return two values: the derivation that led to ITEM (a store item), and the
|
||||
@ -217,14 +216,14 @@ available."
|
||||
(define-syntax-rule (with-cache key exp ...)
|
||||
"Cache the value of monadic expression EXP under KEY."
|
||||
(mlet %state-monad ((cache (current-state)))
|
||||
(match (vhash-assq key cache)
|
||||
(match (vhash-assoc key cache)
|
||||
((_ . result) ;cache hit
|
||||
(return result))
|
||||
(#f ;cache miss
|
||||
(mlet %state-monad ((result (begin exp ...))
|
||||
(cache (current-state)))
|
||||
(mbegin %state-monad
|
||||
(set-current-state (vhash-consq key result cache))
|
||||
(set-current-state (vhash-cons key result cache))
|
||||
(return result)))))))
|
||||
|
||||
(define* (cumulative-grafts store drv grafts
|
||||
@ -265,7 +264,7 @@ derivations to the corresponding set of grafts."
|
||||
#:system system))
|
||||
(state-return grafts))))
|
||||
|
||||
(with-cache drv
|
||||
(with-cache (cons (derivation-file-name drv) outputs)
|
||||
(match (non-self-references references drv outputs)
|
||||
(() ;no dependencies
|
||||
(return grafts))
|
||||
@ -282,29 +281,27 @@ derivations to the corresponding set of grafts."
|
||||
;; applicable to DRV, to avoid creating several identical
|
||||
;; grafted variants of DRV.
|
||||
(let* ((new (graft-derivation/shallow store drv applicable
|
||||
#:outputs outputs
|
||||
#:guile guile
|
||||
#:system system))
|
||||
|
||||
;; Replace references to any of the outputs of DRV,
|
||||
;; even if that's more than needed. This is so that
|
||||
;; the result refers only to the outputs of NEW and
|
||||
;; not to those of DRV.
|
||||
(grafts (append (map (lambda (output)
|
||||
(graft
|
||||
(origin drv)
|
||||
(origin-output output)
|
||||
(replacement new)
|
||||
(replacement-output output)))
|
||||
(derivation-output-names drv))
|
||||
outputs)
|
||||
grafts)))
|
||||
(return grafts))))))))))
|
||||
|
||||
(define* (graft-derivation store drv grafts
|
||||
#:key (guile (%guile-for-build))
|
||||
#:key
|
||||
(guile (%guile-for-build))
|
||||
(outputs (derivation-output-names drv))
|
||||
(system (%current-system)))
|
||||
"Applied GRAFTS to DRV and all its dependencies, recursively. That is, if
|
||||
GRAFTS apply only indirectly to DRV, graft the dependencies of DRV, and graft
|
||||
DRV itself to refer to those grafted dependencies."
|
||||
"Apply GRAFTS to the OUTPUTS of DRV and all their dependencies, recursively.
|
||||
That is, if GRAFTS apply only indirectly to DRV, graft the dependencies of
|
||||
DRV, and graft DRV itself to refer to those grafted dependencies."
|
||||
|
||||
;; First, pre-compute the dependency tree of the outputs of DRV. Do this
|
||||
;; upfront to have as much parallelism as possible when querying substitute
|
||||
@ -314,6 +311,7 @@ DRV itself to refer to those grafted dependencies."
|
||||
|
||||
(match (run-with-state
|
||||
(cumulative-grafts store drv grafts references
|
||||
#:outputs outputs
|
||||
#:guile guile #:system system)
|
||||
vlist-null) ;the initial cache
|
||||
((first . rest)
|
||||
|
@ -74,7 +74,14 @@ and the other containing arguments for the command to be executed."
|
||||
(let* ((opts (parse-command-line args %options '(())
|
||||
#:argument-handler
|
||||
handle-argument))
|
||||
(pid (assoc-ref opts 'pid)))
|
||||
(pid (assoc-ref opts 'pid))
|
||||
(environment (filter-map (lambda (name)
|
||||
(let ((value (getenv name)))
|
||||
(and value (cons name value))))
|
||||
;; Pass through the TERM environment
|
||||
;; variable to inform processes about
|
||||
;; the capabilities of the terminal.
|
||||
'("TERM"))))
|
||||
|
||||
(unless pid
|
||||
(leave (_ "no pid specified~%")))
|
||||
@ -89,6 +96,10 @@ and the other containing arguments for the command to be executed."
|
||||
(lambda ()
|
||||
(match command
|
||||
((program . program-args)
|
||||
(for-each (match-lambda
|
||||
((name . value)
|
||||
(setenv name value)))
|
||||
environment)
|
||||
(apply execlp program program program-args)))))))
|
||||
(unless (zero? result)
|
||||
(leave (_ "exec failed with status ~d~%") result)))))))
|
||||
|
118
tests/grafts.scm
118
tests/grafts.scm
@ -1,5 +1,5 @@
|
||||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -43,6 +43,9 @@
|
||||
(define %mkdir
|
||||
(bootstrap-binary "mkdir"))
|
||||
|
||||
(define make-derivation-input
|
||||
(@@ (guix derivations) make-derivation-input))
|
||||
|
||||
|
||||
(test-begin "grafts")
|
||||
|
||||
@ -241,7 +244,18 @@
|
||||
(replacement p1r)
|
||||
(replacement-output "ONE")))
|
||||
(p3d (graft-derivation %store p3 (list p1g))))
|
||||
(and (build-derivations %store (list p3d))
|
||||
|
||||
(and (not (find (lambda (input)
|
||||
;; INPUT should not be P2:zzz since the result of P3
|
||||
;; does not depend on it. See
|
||||
;; <http://bugs.gnu.org/24886>.
|
||||
(and (string=? (derivation-input-path input)
|
||||
(derivation-file-name p2))
|
||||
(member "zzz"
|
||||
(derivation-input-sub-derivations input))))
|
||||
(derivation-inputs p3d)))
|
||||
|
||||
(build-derivations %store (list p3d))
|
||||
(let ((out (derivation->output-path (pk 'p2d p3d))))
|
||||
(and (not (string=? (readlink out)
|
||||
(derivation->output-path p2 "aaa")))
|
||||
@ -249,6 +263,106 @@
|
||||
(readlink (string-append out "/two")))
|
||||
(file-exists? (string-append out "/one/replacement")))))))
|
||||
|
||||
(test-assert "graft-derivation with #:outputs"
|
||||
;; Call 'graft-derivation' with a narrowed set of outputs passed as
|
||||
;; #:outputs.
|
||||
(let* ((p1 (build-expression->derivation
|
||||
%store "p1"
|
||||
`(let ((one (assoc-ref %outputs "one"))
|
||||
(two (assoc-ref %outputs "two")))
|
||||
(mkdir one)
|
||||
(mkdir two))
|
||||
#:outputs '("one" "two")))
|
||||
(p1r (build-expression->derivation
|
||||
%store "P1"
|
||||
`(let ((other (assoc-ref %outputs "ONE")))
|
||||
(mkdir other)
|
||||
(call-with-output-file (string-append other "/replacement")
|
||||
(const #t)))
|
||||
#:outputs '("ONE")))
|
||||
(p2 (build-expression->derivation
|
||||
%store "p2"
|
||||
`(let ((aaa (assoc-ref %outputs "aaa"))
|
||||
(zzz (assoc-ref %outputs "zzz")))
|
||||
(mkdir zzz) (chdir zzz)
|
||||
(mkdir aaa) (chdir aaa)
|
||||
(symlink (assoc-ref %build-inputs "p1:two") "two"))
|
||||
#:outputs '("aaa" "zzz")
|
||||
#:inputs `(("p1:one" ,p1 "one")
|
||||
("p1:two" ,p1 "two"))))
|
||||
(p1g (graft
|
||||
(origin p1)
|
||||
(origin-output "one")
|
||||
(replacement p1r)
|
||||
(replacement-output "ONE")))
|
||||
(p2g (graft-derivation %store p2 (list p1g)
|
||||
#:outputs '("aaa"))))
|
||||
;; P2:aaa depends on P1:two, but not on P1:one, so nothing to graft.
|
||||
(eq? p2g p2)))
|
||||
|
||||
(test-equal "graft-derivation, unused outputs not depended on"
|
||||
'("aaa")
|
||||
|
||||
;; Make sure that the result of 'graft-derivation' does not pull outputs
|
||||
;; that are irrelevant to the grafting process. See
|
||||
;; <http://bugs.gnu.org/24886>.
|
||||
(let* ((p1 (build-expression->derivation
|
||||
%store "p1"
|
||||
`(let ((one (assoc-ref %outputs "one"))
|
||||
(two (assoc-ref %outputs "two")))
|
||||
(mkdir one)
|
||||
(mkdir two))
|
||||
#:outputs '("one" "two")))
|
||||
(p1r (build-expression->derivation
|
||||
%store "P1"
|
||||
`(let ((other (assoc-ref %outputs "ONE")))
|
||||
(mkdir other)
|
||||
(call-with-output-file (string-append other "/replacement")
|
||||
(const #t)))
|
||||
#:outputs '("ONE")))
|
||||
(p2 (build-expression->derivation
|
||||
%store "p2"
|
||||
`(let ((aaa (assoc-ref %outputs "aaa"))
|
||||
(zzz (assoc-ref %outputs "zzz")))
|
||||
(mkdir zzz) (chdir zzz)
|
||||
(symlink (assoc-ref %build-inputs "p1:two") "two")
|
||||
(mkdir aaa) (chdir aaa)
|
||||
(symlink (assoc-ref %build-inputs "p1:one") "one"))
|
||||
#:outputs '("aaa" "zzz")
|
||||
#:inputs `(("p1:one" ,p1 "one")
|
||||
("p1:two" ,p1 "two"))))
|
||||
(p1g (graft
|
||||
(origin p1)
|
||||
(origin-output "one")
|
||||
(replacement p1r)
|
||||
(replacement-output "ONE")))
|
||||
(p2g (graft-derivation %store p2 (list p1g)
|
||||
#:outputs '("aaa"))))
|
||||
|
||||
;; Here P2G should only depend on P1:one and P1R:one; it must not depend
|
||||
;; on P1:two or P1R:two since these are unused in the grafting process.
|
||||
(and (not (eq? p2g p2))
|
||||
(let* ((inputs (derivation-inputs p2g))
|
||||
(match-input (lambda (drv)
|
||||
(lambda (input)
|
||||
(string=? (derivation-input-path input)
|
||||
(derivation-file-name drv)))))
|
||||
(p1-inputs (filter (match-input p1) inputs))
|
||||
(p1r-inputs (filter (match-input p1r) inputs))
|
||||
(p2-inputs (filter (match-input p2) inputs)))
|
||||
(and (equal? p1-inputs
|
||||
(list (make-derivation-input (derivation-file-name p1)
|
||||
'("one"))))
|
||||
(equal? p1r-inputs
|
||||
(list
|
||||
(make-derivation-input (derivation-file-name p1r)
|
||||
'("ONE"))))
|
||||
(equal? p2-inputs
|
||||
(list
|
||||
(make-derivation-input (derivation-file-name p2)
|
||||
'("aaa"))))
|
||||
(derivation-output-names p2g))))))
|
||||
|
||||
(test-assert "graft-derivation, renaming" ;<http://bugs.gnu.org/23132>
|
||||
(let* ((build `(begin
|
||||
(use-modules (guix build utils))
|
||||
|
@ -452,6 +452,15 @@
|
||||
#t)))
|
||||
entries))))
|
||||
|
||||
(test-assert "read-utmpx, EOF"
|
||||
(eof-object? (read-utmpx (%make-void-port "r"))))
|
||||
|
||||
(unless (access? "/var/run/utmpx" O_RDONLY)
|
||||
(tes-skip 1))
|
||||
(test-assert "read-utmpx"
|
||||
(let ((result (call-with-input-file "/var/run/utmpx" read-utmpx)))
|
||||
(or (utmpx? result) (eof-object? result))))
|
||||
|
||||
(test-end)
|
||||
|
||||
(false-if-exception (delete-file temp-file))
|
||||
|
Loading…
Reference in New Issue
Block a user