Merge branch 'master' into staging

This commit is contained in:
Leo Famulari 2017-04-22 18:27:12 -04:00
commit 1524851f58
No known key found for this signature in database
GPG Key ID: 2646FA30BACA7F08
121 changed files with 5830 additions and 2192 deletions

View File

@ -68,6 +68,7 @@
(eval . (put 'call-with-container 'scheme-indent-function 1))
(eval . (put 'container-excursion 'scheme-indent-function 1))
(eval . (put 'eventually 'scheme-indent-function 1))
;; Recognize '~', '+', and '$', as used for gexps, as quotation symbols.
;; This notably allows '(' in Paredit to not insert a space when the

View File

@ -40,12 +40,13 @@ Marius Bakke <mbakke@fastmail.com> <m.bakke@warwick.ac.uk>
Mathieu Lirzin <mthl@gnu.org> <mthl@openmailbox.org>
Mathieu Lirzin <mthl@gnu.org> <mathieu.lirzin@openmailbox.org>
Nikita Karetnikov <nikita@karetnikov.org> <nikita.karetnikov@gmail.com>
ng0 <contact.ng0@cryptolab.net>
ng0 <contact.ng0@cryptolab.net> <ng0@we.make.ritual.n0.is>
ng0 <contact.ng0@cryptolab.net> <ngillmann@runbox.com>
ng0 <contact.ng0@cryptolab.net> <niasterisk@grrlz.net>
ng0 <contact.ng0@cryptolab.net> <ng@niasterisk.space>
ng0 <contact.ng0@cryptolab.net> <ng0@libertad.pw>
ng0 <ng0@no-reply.pragmatique.xyz>
ng0 <ng0@no-reply.pragmatique.xyz> <contact.ng0@cryptolab.net>
ng0 <ng0@no-reply.pragmatique.xyz> <ng0@we.make.ritual.n0.is>
ng0 <ng0@no-reply.pragmatique.xyz> <ngillmann@runbox.com>
ng0 <ng0@no-reply.pragmatique.xyz> <niasterisk@grrlz.net>
ng0 <ng0@no-reply.pragmatique.xyz> <ng@niasterisk.space>
ng0 <ng0@no-reply.pragmatique.xyz> <ng0@libertad.pw>
Pjotr Prins <pjotr.guix@thebird.nl> <pjotr.public01@thebird.nl>
Pjotr Prins <pjotr.guix@thebird.nl> <pjotr.public12@thebird.nl>
Pjotr Prins <pjotr.guix@thebird.nl> <pjotr.public12@email>

View File

@ -60,7 +60,9 @@ MODULES = \
guix/upstream.scm \
guix/licenses.scm \
guix/graph.scm \
guix/cache.scm \
guix/cve.scm \
guix/workers.scm \
guix/zlib.scm \
guix/build-system.scm \
guix/build-system/ant.scm \
@ -185,7 +187,8 @@ if HAVE_GUILE_SSH
MODULES += \
guix/ssh.scm \
guix/scripts/copy.scm
guix/scripts/copy.scm \
guix/store/ssh.scm
endif HAVE_GUILE_SSH
@ -295,7 +298,9 @@ SCM_TESTS = \
tests/size.scm \
tests/graph.scm \
tests/challenge.scm \
tests/cache.scm \
tests/cve.scm \
tests/workers.scm \
tests/zlib.scm \
tests/file-systems.scm \
tests/system.scm \

View File

@ -3666,10 +3666,64 @@ accidental modifications.
@end quotation
The @code{(guix store)} module provides procedures to connect to the
daemon, and to perform RPCs. These are described below.
daemon, and to perform RPCs. These are described below. By default,
@code{open-connection}, and thus all the @command{guix} commands,
connect to the local daemon or to the URI specified by the
@code{GUIX_DAEMON_SOCKET} environment variable.
@deffn {Scheme Procedure} open-connection [@var{file}] [#:reserve-space? #t]
Connect to the daemon over the Unix-domain socket at @var{file}. When
@defvr {Environment Variable} GUIX_DAEMON_SOCKET
When set, the value of this variable should be a file name or a URI
designating the daemon endpoint. When it is a file name, it denotes a
Unix-domain socket to connect to. In addition to file names, the
supported URI schemes are:
@table @code
@item file
@itemx unix
These are for Unix-domain sockets.
@code{file:///var/guix/daemon-socket/socket} is equivalent to
@file{/var/guix/daemon-socket/socket}.
@item guix
These URIs denote connections over TCP/IP, without encryption nor
authentication of the remote host. The URI must always specify both the
host name and port number:
@example
guix://master.guix.example.org:1234
@end example
This setup is suitable on local networks, such as clusters, where only
trusted nodes may connect to the build daemon at
@code{master.guix.example.org}.
@item ssh
@cindex SSH access to build daemons
These URIs allow you to connect to a remote daemon over
SSH@footnote{This feature requires Guile-SSH (@pxref{Requirements}).}.
A typical URL might look like this:
@example
ssh://charlie@@guix.example.org:22
@end example
As for @command{guix copy}, the usual OpenSSH client configuration files
are honored (@pxref{Invoking guix copy}).
@end table
Additional URI schemes may be supported in the future.
@c XXX: Remove this note when the protocol incurs fewer round trips
@c and when (guix derivations) no longer relies on file system access.
@quotation Note
The ability to connect to remote build daemons is considered
experimental as of @value{VERSION}. Please get in touch with us to
share any problems or suggestions you may have (@pxref{Contributing}).
@end quotation
@end defvr
@deffn {Scheme Procedure} open-connection [@var{uri}] [#:reserve-space? #t]
Connect to the daemon over the Unix-domain socket at @var{uri} (a string). When
@var{reserve-space?} is true, instruct it to reserve a little bit of
extra space on the file system so that the garbage collector can still
operate should the disk become full. Return a server object.
@ -6522,6 +6576,13 @@ archive}), the daemon may download substitutes from it:
guix-daemon --substitute-urls=http://example.org:8080
@end example
By default, @command{guix publish} compresses archives on the fly as it
serves them. This ``on-the-fly'' mode is convenient in that it requires
no setup and is immediately available. However, when serving lots of
clients, we recommend using the @option{--cache} option, which enables
caching of the archives before they are sent to clients---see below for
details.
As a bonus, @command{guix publish} also serves as a content-addressed
mirror for source files referenced in @code{origin} records
(@pxref{origin Reference}). For instance, assuming @command{guix
@ -6559,10 +6620,46 @@ disable compression. The range 1 to 9 corresponds to different gzip
compression levels: 1 is the fastest, and 9 is the best (CPU-intensive).
The default is 3.
Compression occurs on the fly and the compressed streams are not
Unless @option{--cache} is used, compression occurs on the fly and
the compressed streams are not
cached. Thus, to reduce load on the machine that runs @command{guix
publish}, it may be a good idea to choose a low compression level, or to
run @command{guix publish} behind a caching proxy.
publish}, it may be a good idea to choose a low compression level, to
run @command{guix publish} behind a caching proxy, or to use
@option{--cache}. Using @option{--cache} has the advantage that it
allows @command{guix publish} to add @code{Content-Length} HTTP header
to its responses.
@item --cache=@var{directory}
@itemx -c @var{directory}
Cache archives and meta-data (@code{.narinfo} URLs) to @var{directory}
and only serve archives that are in cache.
When this option is omitted, archives and meta-data are created
on-the-fly. This can reduce the available bandwidth, especially when
compression is enabled, since this may become CPU-bound. Another
drawback of the default mode is that the length of archives is not known
in advance, so @command{guix publish} does not add a
@code{Content-Length} HTTP header to its responses, which in turn
prevents clients from knowing the amount of data being downloaded.
Conversely, when @option{--cache} is used, the first request for a store
item (@i{via} a @code{.narinfo} URL) returns 404 and triggers a
background process to @dfn{bake} the archive---computing its
@code{.narinfo} and compressing the archive, if needed. Once the
archive is cached in @var{directory}, subsequent requests succeed and
are served directly from the cache, which guarantees that clients get
the best possible bandwidth.
The ``baking'' process is performed by worker threads. By default, one
thread per CPU core is created, but this can be customized. See
@option{--workers} below.
When @option{--ttl} is used, cached entries are automatically deleted
when they have expired.
@item --workers=@var{N}
When @option{--cache} is used, request the allocation of @var{N} worker
threads to ``bake'' archives.
@item --ttl=@var{ttl}
Produce @code{Cache-Control} HTTP headers that advertise a time-to-live
@ -6574,6 +6671,9 @@ This allows the user's Guix to keep substitute information in cache for
guarantee that the store items it provides will indeed remain available
for as long as @var{ttl}.
Additionally, when @option{--cache} is used, cached entries that have
not been accessed for @var{ttl} may be deleted.
@item --nar-path=@var{path}
Use @var{path} as the prefix for the URLs of ``nar'' files
(@pxref{Invoking guix archive, normalized archives}).
@ -9099,6 +9199,23 @@ compression ratio at the expense of increased CPU usage.
@item @code{nar-path} (default: @code{"nar"})
The URL path at which ``nars'' can be fetched. @xref{Invoking guix
publish, @code{--nar-path}}, for details.
@item @code{cache} (default: @code{#f})
When it is @code{#f}, disable caching and instead generate archives on
demand. Otherwise, this should be the name of a directory---e.g.,
@code{"/var/cache/guix/publish"}---where @command{guix publish} caches
archives and meta-data ready to be sent. @xref{Invoking guix publish,
@option{--cache}}, for more information on the tradeoffs involved.
@item @code{workers} (default: @code{#f})
When it is an integer, this is the number of worker threads used for
caching; when @code{#f}, the number of processors is used.
@xref{Invoking guix publish, @option{--workers}}, for more information.
@item @code{ttl} (default: @code{#f})
When it is an integer, this denotes the @dfn{time-to-live} of the
published archives. @xref{Invoking guix publish, @option{--ttl}}, for
more information.
@end table
@end deftp
@ -12591,19 +12708,26 @@ remote servers. Run @command{man smtpd.conf} for more information.
@subsubheading Exim Service
@cindex mail transfer agent (MTA)
@cindex MTA (mail transfer agent)
@cindex SMTP
@deffn {Scheme Variable} exim-service-type
This is the type of the @uref{https://exim.org, Exim} service, whose value
should be an @code{exim-configuration} object as in this example:
This is the type of the @uref{https://exim.org, Exim} mail transfer
agent (MTA), whose value should be an @code{exim-configuration} object
as in this example:
@example
(service exim-service-type
(exim-configuration
(config-file (local-file "./my-exim.conf"))
(aliases '(("postmaster" "bob")
("bob" "bob@@example.com" "bob@@example2.com")))))
(config-file (local-file "./my-exim.conf"))))
@end example
@end deffn
In order to use an @code{exim-service-type} service you must also have a
@code{mail-aliases-service-type} service present in your
@code{operating-system} (even if it has no aliases).
@deftp {Data Type} exim-configuration
Data type representing the configuration of exim.
@ -12618,16 +12742,37 @@ provided in @code{package}. The resulting configuration file is loaded
after setting the @code{exim_user} and @code{exim_group} configuration
variables.
@item @code{aliases} (default: @code{'()})
List of aliases to use when delivering mail on this system. The
@code{car} of each list is used to match incoming mail, with the
@code{cdr} of each list designating how to deliver it. There may be many
delivery methods provided, in which case the mail is delivered to them
all.
@end table
@end deftp
@subsubheading Mail Aliases Service
@cindex email aliases
@cindex aliases, for email addresses
@deffn {Scheme Variable} mail-aliases-service-type
This is the type of the service which provides @code{/etc/aliases},
specifying how to deliver mail to users on this system.
@example
(service mail-aliases-service-type
'(("postmaster" "bob")
("bob" "bob@@example.com" "bob@@example2.com")))
@end example
@end deffn
The configuration for a @code{mail-aliases-service-type} service is an
association list denoting how to deliver mail that comes to this
system. Each entry is of the form @code{(alias addresses ...)}, with
@code{alias} specifying the local alias and @code{addresses} specifying
where to deliver this user's mail.
The aliases aren't required to exist as users on the local system. In
the above example, there doesn't need to be a @code{postmaster} entry in
the @code{operating-system}'s @code{user-accounts} in order to deliver
the @code{postmaster} mail to @code{bob} (which subsequently would
deliver mail to @code{bob@@example.com} and @code{bob@@example2.com}).
@node Messaging Services
@subsubsection Messaging Services

View File

@ -45,6 +45,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/adns.scm \
%D%/packages/algebra.scm \
%D%/packages/aidc.scm \
%D%/packages/android.scm \
%D%/packages/animation.scm \
%D%/packages/anthy.scm \
%D%/packages/apl.scm \
@ -342,6 +343,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/sdl.scm \
%D%/packages/search.scm \
%D%/packages/security-token.scm \
%D%/packages/selinux.scm \
%D%/packages/serialization.scm \
%D%/packages/serveez.scm \
%D%/packages/shells.scm \
@ -552,6 +554,7 @@ dist_patch_DATA = \
%D%/packages/patches/eudev-conflicting-declaration.patch \
%D%/packages/patches/evilwm-lost-focus-bug.patch \
%D%/packages/patches/expat-CVE-2016-0718-fix-regression.patch \
%D%/packages/patches/fabric-tests.patch \
%D%/packages/patches/fastcap-mulGlobal.patch \
%D%/packages/patches/fastcap-mulSetup.patch \
%D%/packages/patches/fasthenry-spAllocate.patch \
@ -576,7 +579,6 @@ dist_patch_DATA = \
%D%/packages/patches/gcc-arm-bug-71399.patch \
%D%/packages/patches/gcc-arm-link-spec-fix.patch \
%D%/packages/patches/gcc-cross-environment-variables.patch \
%D%/packages/patches/gcc-libiberty-printf-decl.patch \
%D%/packages/patches/gcc-libvtv-runpath.patch \
%D%/packages/patches/gcc-strmov-store-file-names.patch \
%D%/packages/patches/gcc-4.9.3-mingw-gthr-default.patch \
@ -616,14 +618,14 @@ dist_patch_DATA = \
%D%/packages/patches/gobject-introspection-absolute-shlib-path.patch \
%D%/packages/patches/gobject-introspection-cc.patch \
%D%/packages/patches/gobject-introspection-girepository.patch \
%D%/packages/patches/graphite2-CVE-2017-5436.patch \
%D%/packages/patches/graphite2-check-code-point-limit.patch \
%D%/packages/patches/graphite2-ffloat-store.patch \
%D%/packages/patches/graphite2-fix-32-bit-wrap-arounds.patch \
%D%/packages/patches/graphite2-non-linear-classes-even-number.patch \
%D%/packages/patches/grep-timing-sensitive-test.patch \
%D%/packages/patches/grub-CVE-2015-8370.patch \
%D%/packages/patches/grub-gets-undeclared.patch \
%D%/packages/patches/grub-freetype.patch \
%D%/packages/patches/gsl-test-i686.patch \
%D%/packages/patches/guile-1.8-cpp-4.5.patch \
%D%/packages/patches/guile-arm-fixes.patch \
%D%/packages/patches/guile-default-utf8.patch \
%D%/packages/patches/guile-linux-syscalls.patch \
%D%/packages/patches/guile-present-coding.patch \
@ -650,14 +652,11 @@ dist_patch_DATA = \
%D%/packages/patches/higan-remove-march-native-flag.patch \
%D%/packages/patches/hop-linker-flags.patch \
%D%/packages/patches/hubbub-sort-entities.patch \
%D%/packages/patches/hurd-fix-eth-multiplexer-dependency.patch \
%D%/packages/patches/hydra-disable-darcs-test.patch \
%D%/packages/patches/hypre-doc-tables.patch \
%D%/packages/patches/hypre-ldflags.patch \
%D%/packages/patches/icecat-avoid-bundled-libraries.patch \
%D%/packages/patches/icecat-binutils.patch \
%D%/packages/patches/icu4c-CVE-2014-6585.patch \
%D%/packages/patches/icu4c-CVE-2015-1270.patch \
%D%/packages/patches/icu4c-CVE-2015-4760.patch \
%D%/packages/patches/icecat-bug-1299500-pt10.patch \
%D%/packages/patches/icu4c-CVE-2017-7867-CVE-2017-7868.patch \
%D%/packages/patches/icu4c-reset-keyword-list-iterator.patch \
%D%/packages/patches/id3lib-CVE-2007-4460.patch \
%D%/packages/patches/ilmbase-fix-tests.patch \
@ -688,6 +687,8 @@ dist_patch_DATA = \
%D%/packages/patches/liba52-link-with-libm.patch \
%D%/packages/patches/liba52-set-soname.patch \
%D%/packages/patches/liba52-use-mtune-not-mcpu.patch \
%D%/packages/patches/libbase-fix-includes.patch \
%D%/packages/patches/libbase-use-own-logging.patch \
%D%/packages/patches/libbonobo-activation-test-race.patch \
%D%/packages/patches/libcanberra-sound-theme-freedesktop.patch \
%D%/packages/patches/libdrm-symbol-check.patch \
@ -783,7 +784,6 @@ dist_patch_DATA = \
%D%/packages/patches/mhash-keygen-test-segfault.patch \
%D%/packages/patches/mingw-w64-5.0rc2-gcc-4.9.3.patch \
%D%/packages/patches/mpc123-initialize-ao.patch \
%D%/packages/patches/mplayer2-theora-fix.patch \
%D%/packages/patches/module-init-tools-moduledir.patch \
%D%/packages/patches/mozjs17-aarch64-support.patch \
%D%/packages/patches/mozjs24-aarch64-support.patch \
@ -804,6 +804,7 @@ dist_patch_DATA = \
%D%/packages/patches/ngircd-handle-zombies.patch \
%D%/packages/patches/ninja-zero-mtime.patch \
%D%/packages/patches/node-9077.patch \
%D%/packages/patches/nss-disable-long-b64-tests.patch \
%D%/packages/patches/nss-increase-test-timeout.patch \
%D%/packages/patches/nss-pkgconfig.patch \
%D%/packages/patches/ntfs-3g-CVE-2017-0358.patch \
@ -858,6 +859,7 @@ dist_patch_DATA = \
%D%/packages/patches/plink-endian-detection.patch \
%D%/packages/patches/plotutils-libpng-jmpbuf.patch \
%D%/packages/patches/polkit-drop-test.patch \
%D%/packages/patches/policycoreutils-make-sepolicy-use-python3.patch \
%D%/packages/patches/portaudio-audacity-compat.patch \
%D%/packages/patches/portmidi-modular-build.patch \
%D%/packages/patches/procmail-ambiguous-getline-debian.patch \
@ -899,14 +901,6 @@ dist_patch_DATA = \
%D%/packages/patches/python2-pygobject-2-gi-info-type-error-domain.patch \
%D%/packages/patches/python-pygpgme-fix-pinentry-tests.patch \
%D%/packages/patches/python2-subprocess32-disable-input-test.patch \
%D%/packages/patches/qemu-CVE-2016-10155.patch \
%D%/packages/patches/qemu-CVE-2017-5525.patch \
%D%/packages/patches/qemu-CVE-2017-5526.patch \
%D%/packages/patches/qemu-CVE-2017-5552.patch \
%D%/packages/patches/qemu-CVE-2017-5578.patch \
%D%/packages/patches/qemu-CVE-2017-5579.patch \
%D%/packages/patches/qemu-CVE-2017-5856.patch \
%D%/packages/patches/qemu-CVE-2017-5898.patch \
%D%/packages/patches/qt4-ldflags.patch \
%D%/packages/patches/quickswitch-fix-dmenu-check.patch \
%D%/packages/patches/rapicorn-isnan.patch \
@ -938,7 +932,6 @@ dist_patch_DATA = \
%D%/packages/patches/slim-reset.patch \
%D%/packages/patches/slim-login.patch \
%D%/packages/patches/slurm-configure-remove-nonfree-contribs.patch \
%D%/packages/patches/soprano-find-clucene.patch \
%D%/packages/patches/spice-CVE-2016-9577.patch \
%D%/packages/patches/spice-CVE-2016-9578-1.patch \
%D%/packages/patches/spice-CVE-2016-9578-2.patch \
@ -987,7 +980,6 @@ dist_patch_DATA = \
%D%/packages/patches/unzip-remove-build-date.patch \
%D%/packages/patches/ustr-fix-build-with-gcc-5.patch \
%D%/packages/patches/util-linux-tests.patch \
%D%/packages/patches/util-linux-CVE-2017-2616.patch \
%D%/packages/patches/upower-builddir.patch \
%D%/packages/patches/valgrind-enable-arm.patch \
%D%/packages/patches/virglrenderer-CVE-2017-6386.patch \
@ -1018,8 +1010,6 @@ dist_patch_DATA = \
%D%/packages/patches/xf86-video-ast-remove-mibstore.patch \
%D%/packages/patches/xf86-video-geode-glibc-2.20.patch \
%D%/packages/patches/xf86-video-i128-remove-mibstore.patch \
%D%/packages/patches/xf86-video-intel-compat-api.patch \
%D%/packages/patches/xf86-video-intel-glibc-2.20.patch \
%D%/packages/patches/xf86-video-mach64-glibc-2.20.patch \
%D%/packages/patches/xf86-video-tga-remove-mibstore.patch \
%D%/packages/patches/xfce4-panel-plugins.patch \

View File

@ -12,10 +12,10 @@
;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Peter Feigl <peter.feigl@nexoid.at>
;;; Copyright © 2016 John J. Foerch <jjfoerch@earthlink.net>
;;; Coypright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Coypright © 2016 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Coypright © 2016 John Darrington <jmd@gnu.org>
;;; Coypright © 2017 Ben Sturmfels <ben@sturm.com.au>
;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2016 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2016 John Darrington <jmd@gnu.org>
;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au>
;;;
;;; This file is part of GNU Guix.
;;;
@ -2060,11 +2060,15 @@ Intel DRM Driver.")
(uri (pypi-uri "Fabric" version))
(sha256
(base32
"1z17hw0yiqp1blq217zxkg2jzkv8qd79saqhscgsw14mwlcqpwd0"))))
"1z17hw0yiqp1blq217zxkg2jzkv8qd79saqhscgsw14mwlcqpwd0"))
(patches (search-patches "fabric-tests.patch"))))
(build-system python-build-system)
(arguments
`(#:tests? #f ;XXX: Tests attempt to download Python "fudge" package.
#:python ,python-2)) ;Python 2 only
`(#:python ,python-2)) ;Python 2 only
(native-inputs
`(("python2-fudge" ,python2-fudge) ; Requires < 1.0
("python2-jinja2" ,python2-jinja2) ; Requires < 3.0
("python2-nose" ,python2-nose))) ; Requires < 2.0
(propagated-inputs
;; Required upgrading python-paramiko 1.17.4 to fix an incompatibility
;; between python-paramiko and newer python-pycrypto. Without this, the

300
gnu/packages/android.scm Normal file
View File

@ -0,0 +1,300 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012 Stefan Handschuh <handschuh.stefan@googlemail.com>
;;; Copyright © 2015 Kai-Chung Yan <seamlikok@gmail.com>
;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages android)
#:use-module (guix packages)
#:use-module (guix git-download)
#:use-module (guix build-system gnu)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (gnu packages)
#:use-module (gnu packages tls))
;; The Makefiles that we add are largely based on the Debian
;; packages. They are licensed under GPL-2 and have copyright:
;; 2012, Stefan Handschuh <handschuh.stefan@googlemail.com>
;; 2015, Kai-Chung Yan <seamlikok@gmail.com>
;; Big thanks to them for laying the groundwork.
;; The version tag is consistent between all repositories.
(define (android-platform-version) "7.1.2_r6")
(define (android-platform-system-core version)
(origin
(method git-fetch)
(uri (git-reference
(url "https://android.googlesource.com/platform/system/core")
(commit (string-append "android-" version))))
(file-name (string-append "android-platform-system-core-"
version "-checkout"))
(sha256
(base32
"0xc2n7jxrf1iw9cc278pijdfjix2fkiig5ws27f6rwp40zg5mrgg"))))
(define liblog
(package
(name "liblog")
(version (android-platform-version))
(source (android-platform-system-core version))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; TODO.
#:make-flags '("CC=gcc")
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'enter-source
(lambda _ (chdir "liblog") #t))
(add-after 'enter-source 'create-Makefile
(lambda _
;; No useful makefile is shipped, so we create one.
(with-output-to-file "Makefile"
(lambda _
(display
(string-append
"NAME = liblog\n"
"SOURCES = log_event_list.c log_event_write.c"
" logger_write.c config_write.c logger_name.c"
" logger_lock.c fake_log_device.c fake_writer.c"
" event_tag_map.c\n"
"CFLAGS += -fvisibility=hidden -fPIC\n"
"CPPFLAGS += -I../include -DFAKE_LOG_DEVICE=1"
;; Keep these two in sync with "liblog/Android.bp".
" -DLIBLOG_LOG_TAG=1005"
" -DSNET_EVENT_LOG_TAG=1397638484\n"
"LDFLAGS += -shared -Wl,-soname,$(NAME).so.0 -lpthread\n"
"build: $(SOURCES)\n"
" $(CC) $^ -o $(NAME).so.0 $(CFLAGS) $(CPPFLAGS) $(LDFLAGS)\n"))
#t))))
(delete 'configure)
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(lib (string-append out "/lib")))
(install-file "liblog.so.0" lib)
(with-directory-excursion lib
(symlink "liblog.so.0" "liblog.so"))
#t))))))
(home-page "https://developer.android.com/")
(synopsis "Logging library from the Android platform.")
(description "@code{liblog} represents an interface to the volatile Android
Logging system for NDK (Native) applications and libraries and contain
interfaces for either writing or reading logs. The log buffers are divided up
in Main, System, Radio and Events sub-logs.")
(license license:asl2.0)))
(define libbase
(package
(name "libbase")
(version (android-platform-version))
(source (origin
(inherit (android-platform-system-core version))
(patches
(search-patches "libbase-use-own-logging.patch"
"libbase-fix-includes.patch"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; TODO.
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'enter-source
(lambda _ (chdir "base") #t))
(add-after 'enter-source 'create-Makefile
(lambda _
;; No useful makefile is shipped, so we create one.
(with-output-to-file "Makefile"
(lambda _
(display
(string-append
"NAME = libbase\n"
"SOURCES = file.cpp logging.cpp parsenetaddress.cpp"
" stringprintf.cpp strings.cpp errors_unix.cpp\n"
"CXXFLAGS += -std=gnu++11 -fPIC\n"
"CPPFLAGS += -Iinclude -I../include\n"
"LDFLAGS += -shared -Wl,-soname,$(NAME).so.0"
" -L.. -llog\n"
"build: $(SOURCES)\n"
" $(CXX) $^ -o $(NAME).so.0 $(CXXFLAGS) $(CPPFLAGS)"
" $(LDFLAGS)\n"))
#t))))
(delete 'configure)
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(lib (string-append out "/lib")))
(install-file "libbase.so.0" lib)
(with-directory-excursion lib
(symlink "libbase.so.0" "libbase.so"))
(copy-recursively "include" out)
#t))))))
(inputs `(("liblog" ,liblog)))
(home-page "https://developer.android.com/")
(synopsis "Android platform base library")
(description "@code{libbase} is a library in common use by the
various Android core host applications.")
(license license:asl2.0)))
(define libcutils
(package
(name "libcutils")
(version (android-platform-version))
(source (android-platform-system-core version))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; TODO.
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'enter-source
(lambda _ (chdir "libcutils") #t))
(add-after 'enter-source 'create-Makefile
(lambda _
;; No useful makefile is shipped, so we create one.
(with-output-to-file "Makefile"
(lambda _
(display
(string-append
"NAME = libcutils\n"
"SOURCES = load_file.o socket_local_client_unix.o"
" socket_loopback_client_unix.o socket_network_client_unix.o"
" socket_loopback_server_unix.o socket_local_server_unix.o"
" sockets_unix.o socket_inaddr_any_server_unix.o"
" sockets.o\n"
"CC = gcc\n"
"CFLAGS += -fPIC\n"
"CXXFLAGS += -std=gnu++11 -fPIC\n"
"CPPFLAGS += -Iinclude -I../include\n"
"LDFLAGS += -shared -Wl,-soname,$(NAME).so.0\n"
"build: $(SOURCES)\n"
" $(CXX) $^ -o $(NAME).so.0 $(CXXFLAGS) $(CPPFLAGS)"
" $(LDFLAGS)\n"))
#t))))
(delete 'configure)
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(lib (string-append out "/lib")))
(install-file "libcutils.so.0" lib)
(with-directory-excursion lib
(symlink "libcutils.so.0" "libcutils.so"))
#t))))))
(home-page "https://developer.android.com/")
(synopsis "Android platform c utils library")
(description "@code{libcutils} is a library in common use by the
various Android core host applications.")
(license license:asl2.0)))
(define-public adb
(package
(name "adb")
(version (android-platform-version))
(source (origin
(inherit (android-platform-system-core version))
(patches
(search-patches "libbase-use-own-logging.patch"
"libbase-fix-includes.patch"))))
(build-system gnu-build-system)
(arguments
`(#:phases
(modify-phases %standard-phases
(add-after 'unpack 'enter-source
(lambda _ (chdir "adb") #t))
(add-before 'build 'fix-clang
(lambda _
;; adb_client.h contains _Nonnull and _Nullable attributes, that
;; are not understood by gcc.
(substitute* "adb_client.h"
(("_Nonnull") "")
(("_Nullable") ""))
#t))
(add-before 'build 'fix-main
(lambda _
;; main.cpp used to be adb_main.cpp in the current directory
;; rather than in its own subdirectory, but it was not fixed.
;; This leads to some header files not being found anymore.
(copy-file "client/main.cpp" "adb_main.cpp")
#t))
(add-after 'enter-source 'create-Makefile
(lambda* (#:key outputs #:allow-other-keys)
;; No useful makefile is shipped, so we create one.
(with-output-to-file "Makefile"
(lambda _
(display
(string-append
;; Common for all components.
"CXXFLAGS += -std=gnu++14 -fpermissive\n"
"CPPFLAGS += -I../include -I../base/include -I. -DADB_HOST=1 "
"-DADB_REVISION='\"" ,version "\"' -fPIC\n"
"LDFLAGS += -lcrypto -lpthread -lbase -lcutils -L. -ladb\n"
;; Libadb specifics.
"LIBADB_SOURCES = adb.cpp adb_auth.cpp adb_io.cpp "
"adb_listeners.cpp adb_trace.cpp adb_utils.cpp fdevent.cpp "
"sockets.cpp transport.cpp transport_local.cpp transport_usb.cpp "
"get_my_path_linux.cpp sysdeps_unix.cpp usb_linux.cpp "
"adb_auth_host.cpp diagnose_usb.cpp services.cpp "
"shell_service_protocol.cpp bugreport.cpp line_printer.cpp\n"
"LIBADB_LDFLAGS += -shared -Wl,-soname,libadb.so.0 "
"-lcrypto -lpthread -lbase\n"
;; Adb specifics.
"ADB_SOURCES = adb_main.cpp console.cpp commandline.cpp "
"adb_client.cpp file_sync_client.cpp\n"
"ADB_LDFLAGS += -Wl,-rpath=" (assoc-ref outputs "out") "/lib\n"
"build: libadb $(ADB_SOURCES)\n"
" $(CXX) $(ADB_SOURCES) -o adb $(CXXFLAGS) $(CPPFLAGS) "
"$(ADB_LDFLAGS) $(LDFLAGS)\n"
"libadb: $(LIBADB_SOURCES)\n"
" $(CXX) $^ -o libadb.so.0 $(CXXFLAGS) $(CPPFLAGS) "
"$(LIBADB_LDFLAGS)\n"
" ln -sv libadb.so.0 libadb.so\n"))
#t))))
(delete 'configure)
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(lib (string-append out "/lib"))
(bin (string-append out "/bin")))
(install-file "libadb.so.0" lib)
(install-file "adb" bin)
(with-directory-excursion lib
(symlink "libadb.so.0" "libadb.so"))
#t))))
;; Test suite must be run with attached devices
#:tests? #f))
(inputs
`(("libbase" ,libbase)
("libcutils" ,libcutils)
("openssl" ,openssl)))
(home-page "https://developer.android.com/studio/command-line/adb.html")
(synopsis "Android Debug Bridge")
(description
"@command{adb} is a versatile command line tool that lets you communicate
with an emulator instance or connected Android device. It facilitates a variety
of device actions, such as installing and debugging apps, and it provides access
to a Unix shell that can run commands on the connected device or emulator.")
(license license:asl2.0)))

View File

@ -2379,7 +2379,7 @@ can play and record audio files.")
(define-public soxr
(package
(name "soxr")
(version "0.1.1")
(version "0.1.2")
(source
(origin
(method url-fetch)
@ -2387,7 +2387,7 @@ can play and record audio files.")
(string-append "mirror://sourceforge/soxr/soxr-" version
"-Source.tar.xz"))
(sha256
(base32 "1hmadwqfpg15vhwq9pa1sl5xslibrjpk6hpq2s9hfmx1s5l6ihfw"))))
(base32 "0xf2w3piwz9gfr1xqyrj4k685q5dy53kq3igv663i4f4y4sg9rjl"))))
(build-system cmake-build-system)
(arguments '(#:tests? #f)) ;no 'check' target
(home-page "https://sourceforge.net/p/soxr/wiki/Home/")
@ -2433,7 +2433,7 @@ portions of LAME.")
(define-public portaudio
(package
(name "portaudio")
(version "19.20140130")
(version "190600.20161030")
(source
(origin
(method url-fetch)
@ -2442,7 +2442,7 @@ portions of LAME.")
(string-map (lambda (c) (if (char=? c #\.) #\_ c)) version)
".tgz"))
(sha256
(base32 "0mwddk4qzybaf85wqfhxqlf0c5im9il8z03rd4n127k8y2jj9q4g"))
(base32 "04qmin6nj144b8qb9kkd9a52xfvm0qdgm8bg8jbl7s3frmyiv8pm"))
(patches (search-patches "portaudio-audacity-compat.patch"))))
(build-system gnu-build-system)
(inputs

View File

@ -3,7 +3,7 @@
;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015 Mathieu Lirzin <mthl@openmailbox.org>
;;; Copyright © 2014 Manolis Fragkiskos Ragkousis <manolis837@gmail.com>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015, 2017 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 David Thompson <davet@gnu.org>
;;; Copyright © 2017 ng0 <ng0@libertad.pw>
;;;
@ -92,6 +92,35 @@ know anything about Autoconf or M4.")
(base32
"0j3jdjpf5ly39dlp0bg70h72nzqr059k0x8iqxvaxf106chpgn9j"))))))
(define-public autoconf-2.13
;; GNU IceCat 52.x requires autoconf-2.13 to build!
(package (inherit autoconf)
(version "2.13")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://gnu/autoconf/autoconf-"
version ".tar.gz"))
(sha256
(base32
"07krzl4czczdsgzrrw9fiqx35xcf32naf751khg821g5pqv12qgh"))))
(arguments
`(#:tests? #f
#:phases
;; The 'configure' script in autoconf-2.13 can't cope with "SHELL=" and
;; "CONFIG_SHELL=" arguments, so we set them as environment variables
;; and pass a simplified set of arguments.
(modify-phases %standard-phases
(replace 'configure
(lambda* (#:key build inputs outputs #:allow-other-keys)
(let ((bash (which "bash"))
(out (assoc-ref outputs "out")))
(setenv "CONFIG_SHELL" bash)
(setenv "SHELL" bash)
(zero? (system* bash "./configure"
(string-append "--prefix=" out)
(string-append "--build=" build)))))))))))
(define* (autoconf-wrapper #:optional (autoconf autoconf))
"Return an wrapper around AUTOCONF that generates `configure' scripts that

View File

@ -7,6 +7,7 @@
;;; Copyright © 2014, 2015 Manolis Fragkiskos Ragkousis <manolis837@gmail.com>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -361,6 +362,22 @@ functionality beyond that which is outlined in the POSIX standard.")
(license gpl3+)
(home-page "https://www.gnu.org/software/coreutils/")))
;; We add version 8.27 here for use in (gnu system) due to a time
;; zone bug in `date' versions 8.25 - 8.26.
;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=23035
;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=26238
(define-public coreutils-8.27
(package
(inherit coreutils)
(version "8.27")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/coreutils/coreutils-"
version ".tar.xz"))
(sha256
(base32
"0sv547572iq8ayy8klir4hnngnx92a9nsazmf1wgzfc7xr4x74c8"))))))
(define-public coreutils-minimal
;; Coreutils without its optional dependencies.
(package

View File

@ -2084,7 +2084,7 @@ identify enrichments with functional annotations of the genome.")
(define-public diamond
(package
(name "diamond")
(version "0.8.37")
(version "0.8.38")
(source (origin
(method url-fetch)
(uri (string-append
@ -2093,7 +2093,7 @@ identify enrichments with functional annotations of the genome.")
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"1zn7q8m41ayfnjvf9snrsnq00mm68alf9rhdadx5q1sk23lyvp2l"))))
"0q2z6z5f7c0kbbzpjamkcyqg0rc6h5rxfp97qbmb0wxaycr7jajq"))))
(build-system cmake-build-system)
(arguments
'(#:tests? #f ; no "check" target
@ -3805,7 +3805,7 @@ predicts the locations of structural units in the sequences.")
(define-public proteinortho
(package
(name "proteinortho")
(version "5.15")
(version "5.16")
(source
(origin
(method url-fetch)
@ -3815,7 +3815,7 @@ predicts the locations of structural units in the sequences.")
version "_src.tar.gz"))
(sha256
(base32
"05wacnnbx56avpcwhzlcf6b7s77swcpv3qnwz5sh1z54i51gg2ki"))))
"0z4f5cg0cs8ai62hfvp4q6w66q2phcc55nhs4xj5cyhxxivjv2ai"))))
(build-system gnu-build-system)
(arguments
`(#:test-target "test"
@ -8275,14 +8275,14 @@ unmodeled, or latent sources of noise.")
(define-public r-seqminer
(package
(name "r-seqminer")
(version "5.7")
(version "5.9")
(source
(origin
(method url-fetch)
(uri (cran-uri "seqminer" version))
(sha256
(base32
"0p75wyl70cvp36mwg5y74nv573j1gdqi15ac2a7xf61jmsq7ycpy"))))
"0sfkxrc9gy5a8fadzyzfzh7l5grasm8cj6cd2nnpv85ws6mqr6qd"))))
(build-system r-build-system)
(inputs
`(("zlib" ,zlib)))

View File

@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2017 Corentin Bocquillon <corentin@nybble.fr>
;;;
;;; This file is part of GNU Guix.
;;;
@ -23,7 +24,9 @@
#:use-module (guix download)
#:use-module (gnu packages)
#:use-module (gnu packages python)
#:use-module (guix build-system gnu))
#:use-module (gnu packages ninja)
#:use-module (guix build-system gnu)
#:use-module (guix build-system python))
(define-public bam
(package
@ -62,3 +65,28 @@ describe the build process. It takes its inspiration for the script files
from scons. While scons focuses on being 100% correct when building, bam
makes a few sacrifices to acquire fast full and incremental build times.")
(license license:bsd-3)))
(define-public meson
(package
(name "meson")
(version "0.39.1")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/mesonbuild/meson/"
"archive/" version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"1jwgd6sl7zl7h16id3405gwk6vlkk86ggwrp0k47njwkxmryq8d4"))))
(build-system python-build-system)
(inputs `(("ninja", ninja)))
(home-page "https://mesonbuild.com/")
(synopsis "Build system designed to be fast and user-friendly")
(description
"The Meson build system is focused on user-friendliness and speed.
It can compile code written in C, C++, Fortran, Java, Rust, and other
languages. Meson provides features comparable to those of the
Autoconf/Automake/make combo. Build specifications, also known as @dfn{Meson
files}, are written in a custom domain-specific language (DSL) that resembles
Python.")
(license license:asl2.0)))

View File

@ -74,7 +74,7 @@
(define-public nss-certs
(package
(name "nss-certs")
(version "3.30")
(version "3.30.2")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@ -85,7 +85,7 @@
"nss-" version ".tar.gz")))
(sha256
(base32
"1agkkwb51si4raw46p44vl3d0l7wzvdjcblpcdjjz6aymq6h1h58"))))
"096frzvyp3z257x84rxknscfgsbavzh2a0gyibx7kvmw4vzpfjhd"))))
(build-system gnu-build-system)
(outputs '("out"))
(native-inputs

View File

@ -56,7 +56,7 @@
(define-public libsodium
(package
(name "libsodium")
(version "1.0.11")
(version "1.0.12")
(source (origin
(method url-fetch)
(uri (list (string-append
@ -67,7 +67,7 @@
"releases/old/libsodium-" version ".tar.gz")))
(sha256
(base32
"0rf7z6bgpnf8lyz8sph4h43fbb28pmj4dgybf0hsxxj97kdljid1"))))
"159givfh5jgli3cifxgssivkklfyfq6lzyjgrx8h4jx5ncdqyr5q"))))
(build-system gnu-build-system)
(synopsis "Portable NaCl-based crypto library")
(description

View File

@ -40,6 +40,7 @@
(define-public curl
(package
(name "curl")
(replacement curl-7.54.0)
(version "7.53.0")
(source (origin
(method url-fetch)
@ -119,3 +120,16 @@ tunneling, and so on.")
(license (license:non-copyleft "file://COPYING"
"See COPYING in the distribution."))
(home-page "https://curl.haxx.se/")))
(define curl-7.54.0
(package
(inherit curl)
(version "7.54.0")
(source
(origin
(method url-fetch)
(uri (string-append "https://curl.haxx.se/download/curl-"
version ".tar.lzma"))
(sha256
(base32
"02h7qhl8ynp75g1vcaw18ks0gp7nahvvkqck19pb1q0kkw1scsnd"))))))

View File

@ -97,14 +97,14 @@
(define-public emacs
(package
(name "emacs")
(version "25.1")
(version "25.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/emacs/emacs-"
version ".tar.xz"))
(sha256
(base32
"0cwgyiyymnx4xdg99dm2drfxcyhy2jmyf0rkr9fwj9mwwf77kwhr"))
"1ykkq0xl28ljdg61bm6gzy04ww86ajms98gix72qg6cpr6a53dar"))
(patches (search-patches "emacs-exec-path.patch"
"emacs-fix-scheme-indent-function.patch"
"emacs-source-date-epoch.patch"))
@ -1406,7 +1406,13 @@ type, for example: packages, buffers, files, etc.")
(magit-popup (assoc-ref %build-inputs "magit-popup"))
(site-lisp "/share/emacs/site-lisp"))
(list (string-append "--with-guix-site-dir="
guix "/share/guile/site/2.0")
(car (find-files (string-append guix
"/share/guile/site")
(lambda (file stat)
(string-prefix?
"2."
(basename file)))
#:directories? #t)))
(string-append "--with-geiser-lispdir=" geiser site-lisp)
(string-append "--with-dash-lispdir="
dash site-lisp "/guix.d/dash-"
@ -4475,7 +4481,7 @@ It should enable you to implement low-level X11 applications.")
(format #t "#!~a ~@
export DISPLAY=:0 ~@
~a +SI:localuser:$USER ~@
exec ~a --exit-with-session ~a --eval '~s' ~%"
exec ~a --exit-with-session ~a \"$@\" --eval '~s' ~%"
(string-append (assoc-ref inputs "bash") "/bin/sh")
(string-append (assoc-ref inputs "xhost") "/bin/xhost")
(string-append (assoc-ref inputs "dbus") "/bin/dbus-launch")

View File

@ -376,6 +376,7 @@ applications should be.")
(package
(name "graphite2")
(version "1.3.9")
(replacement graphite2/fixed)
(source
(origin
(method url-fetch)
@ -400,6 +401,27 @@ and returns a sequence of positioned glyphids from the font.")
(license license:lgpl2.1+)
(home-page "https://github.com/silnrsi/graphite")))
(define graphite2/fixed
(package
(inherit graphite2)
(name "graphite2")
(version "1.3.9")
(replacement #f)
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/silnrsi/graphite/releases/"
"download/" version "/" name "-" version ".tgz"))
(patches (search-patches
"graphite2-ffloat-store.patch"
"graphite2-check-code-point-limit.patch"
"graphite2-CVE-2017-5436.patch"
"graphite2-fix-32-bit-wrap-arounds.patch"
"graphite2-non-linear-classes-even-number.patch"))
(sha256
(base32
"0rs5h7m340z75kygx8d72cps0q6yvvqa9i788vym7585cfv8a0gc"))))))
(define-public potrace
(package
(name "potrace")

View File

@ -8,6 +8,7 @@
;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Kei Kebreau <kei@openmailbox.org>
;;; Copyright © 2017 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -55,6 +56,7 @@
#:use-module (gnu packages polkit)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
#:use-module (gnu packages w3m)
#:use-module (gnu packages xml)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages xorg))
@ -62,23 +64,61 @@
(define-public xdg-utils
(package
(name "xdg-utils")
(version "1.0.2")
(version "1.1.1")
(source
(origin
(method url-fetch)
(uri (string-append
"https://portland.freedesktop.org/download/xdg-utils-"
version ".tgz"))
version ".tar.gz"))
(sha256
(base32
"1b019d3r1379b60p33d6z44kx589xjgga62ijz9vha95dg8vgbi1"))))
"09a1pk3ifsndc5qz2kcd1557i137gpgnv3d739pv22vfayi67pdh"))))
(build-system gnu-build-system)
(native-inputs
`(("docbook-xsl" ,docbook-xsl)
("docbook-xml" ,docbook-xml-4.1.2)
("libxslt" ,libxslt)
("w3m" ,w3m)
("xmlto" ,xmlto)))
(propagated-inputs
`(("xprop" ,xprop) ; for Xfce detecting
("xset" ,xset))) ; for xdg-screensaver
(arguments
`(#:tests? #f)) ; no check target
(home-page "http://portland.freedesktop.org/")
`(#:tests? #f ; no check target
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'patch-hardcoded-paths
(lambda _
(substitute* "scripts/xdg-mime.in"
(("/usr/bin/file") (which "file")))
(substitute* "scripts/xdg-open.in"
(("/usr/bin/printf") (which "printf")))
#t))
(add-before 'build 'locate-catalog-files
(lambda* (#:key inputs #:allow-other-keys)
(let ((xmldoc (string-append (assoc-ref inputs "docbook-xml")
"/xml/dtd/docbook"))
(xsldoc (string-append (assoc-ref inputs "docbook-xsl")
"/xml/xsl/docbook-xsl-"
,(package-version docbook-xsl))))
(for-each (lambda (file)
(substitute* file
(("http://.*/docbookx\\.dtd")
(string-append xmldoc "/docbookx.dtd"))))
(find-files "scripts/desc" "\\.xml$"))
(substitute* "scripts/Makefile"
;; Apparently `xmlto' does not bother to looks up the stylesheets
;; specified in the XML, unlike the above substitition. Instead it
;; uses a hard-coded URL. Work around it here, but if this is
;; common perhaps we should hardcode this path in xmlto itself.
(("\\$\\(XMLTO\\) man")
(string-append "$(XMLTO) -x " xsldoc
"/manpages/docbook.xsl man")))
(setenv "STYLESHEET"
(string-append xsldoc "/html/docbook.xsl"))
#t))))))
(home-page "https://www.freedesktop.org/wiki/Software/xdg-utils/")
(synopsis "Freedesktop.org scripts for desktop integration")
(description "The xdg-utils package is a set of simple scripts that
provide basic desktop integration functions in the framework of the

View File

@ -27,6 +27,7 @@
;;; Copyright © 2017 Adonay "adfeno" Felipe Nogueira <https://libreplanet.org/wiki/User:Adfeno> <adfeno@openmailbox.org>
;;; Copyright © 2017 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 nee <nee-git@hidamari.blue>
;;;
;;; This file is part of GNU Guix.
;;;
@ -116,6 +117,8 @@
#:use-module (gnu packages messaging)
#:use-module (gnu packages upnp)
#:use-module (gnu packages wxwidgets)
#:use-module (gnu packages bison)
#:use-module (gnu packages flex)
#:use-module (guix build-system gnu)
#:use-module (guix build-system haskell)
#:use-module (guix build-system python)
@ -2849,6 +2852,7 @@ safety of the Chromium vessel.")
,(string-append "PREFIX=" %output)
"GNOME_PREFIX=$(PREFIX)"
"COMPLETIONDIR=$(PREFIX)/etc/bash_completion.d")
#:parallel-build? #f ;fails on some systems
#:tests? #f ;No tests
#:phases (modify-phases %standard-phases
(delete 'configure) ;no configure phase
@ -3169,7 +3173,7 @@ throwing people around in pseudo-randomly generated buildings.")
(define-public hyperrogue
(package
(name "hyperrogue")
(version "9.4c")
(version "9.4g")
;; When updating this package, be sure to update the "hyperrogue-data"
;; origin in native-inputs.
(source (origin
@ -3180,7 +3184,7 @@ throwing people around in pseudo-randomly generated buildings.")
"-src.tgz"))
(sha256
(base32
"1ri5fllnhqjm3dlnl1xbb9mlv79iigc940vbvcnk0v5k6p58pavq"))))
"09j9gnx701x28zfkrv3rjqlr56p89hyxk78gkpmmdfjgcq076pc2"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; no check target
@ -3235,14 +3239,14 @@ throwing people around in pseudo-randomly generated buildings.")
(string-append
"hyperrogue"
(string-join (string-split ,version #\.) "")
"-win/sounds/credits.txt") "-d" sounds))
"/sounds/credits.txt") "-d" sounds))
;; Extract sounds and music into sounds directory.
(zero?
(system* "unzip" "-j" data
(string-append
"hyperrogue"
(string-join (string-split ,version #\.) "")
"-win/*.ogg") "-d" sounds)))))))))
"/*.ogg") "-d" sounds)))))))))
(native-inputs
`(("hyperrogue-data"
,(origin
@ -3254,7 +3258,7 @@ throwing people around in pseudo-randomly generated buildings.")
"-win.zip"))
(sha256
(base32
"1cyyrsnrixygg3zyz97hpsm6jzwbhydiwk3kl0lm7qjnw2nzkhhh"))))
"1r57db4hm7fjcd27p8b6cdsnq2cgkym2kp9lrw7ha2asdf8w6gkb"))))
("unzip" ,unzip)))
(inputs
`(("font-dejavu" ,font-dejavu)
@ -3807,3 +3811,73 @@ utter witty remarks about their surroundings, the various inhabitants of their
underwater realm quarrel among themselves or comment on the efforts of your
fish. The whole game is accompanied by quiet, comforting music.")
(license license:gpl2+)))
(define-public crawl
(package
(name "crawl")
(version "0.19.5")
(source
(origin
(method url-fetch)
(uri (list
;; Older releases get moved into a versioned directory
(string-append "http://crawl.develz.org/release/"
(version-major+minor version) "/stone_soup-"
version "-nodeps.tar.xz")
;; Only the latest release is in this directory
(string-append "http://crawl.develz.org/release/stone_soup-"
version "-nodeps.tar.xz")))
(sha256
(base32
"00yl2lb2shglxlxzpyk99zvglfx4amjybqwnzdcasvbiggb4cj18"))))
(build-system gnu-build-system)
(inputs
`(("lua51" ,lua-5.1)
("ncurses" ,ncurses)
("sqlite" ,sqlite)
("zlib" ,zlib)))
(native-inputs
`(("bison" ,bison)
("flex" ,flex)
("perl" ,perl)
("pkg-config" ,pkg-config)))
(arguments
'(#:make-flags
(let* ((sqlite (assoc-ref %build-inputs "sqlite"))
(out (assoc-ref %outputs "out")))
(list (string-append "SQLITE_INCLUDE_DIR=" sqlite "/include")
(string-append "prefix=" out)
"SAVEDIR=~/.crawl"
;; TODO: build graphical client
"TILES="
;; don't build any bundled dependencies
"BUILD_LUA="
"BUILD_SQLITE="
"BUILD_ZLIB="
"-Csource"))
#:phases
(modify-phases %standard-phases
(delete 'configure)
(delete 'check)
;; Test cases require the source to be rebuild with the -DDEBUG define.
;; Do 'check before 'build to avoid a 3rd build on make install.
(add-before 'build 'check
(lambda* (#:key inputs outputs make-flags #:allow-other-keys)
(setenv "HOME" (getcwd))
;; Fake a terminal for the test cases.
(setenv "TERM" "xterm-256color")
(zero? (apply system* "make" "debug" "test"
(format #f "-j~d" (parallel-job-count))
make-flags)))))))
(synopsis "Roguelike dungeon crawler game")
(description "Dungeon Crawl Stone Soup is a roguelike adventure through
dungeons filled with dangerous monsters in a quest to find the mystifyingly
fabulous Orb of Zot.")
(home-page "https://crawl.develz.org")
(license (list license:gpl2+
license:bsd-2
license:bsd-3
license:cc0
license:expat
license:zlib
license:asl2.0))))

View File

@ -714,7 +714,7 @@ update-desktop-database: updates the database containing a cache of MIME types
(define-public adwaita-icon-theme
(package (inherit gnome-icon-theme)
(name "adwaita-icon-theme")
(version "3.22.0")
(version "3.24.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/" name "/"
@ -722,7 +722,7 @@ update-desktop-database: updates the database containing a cache of MIME types
name "-" version ".tar.xz"))
(sha256
(base32
"1dyw8mm72wfpkn83vdqr0ifv5yhy565jhxrcjsd83nc7c3igd2y1"))))
"0ai73gs44yyw276xag6db0rlpvncy23qplp4girm80ilpprrzxyc"))))
(native-inputs
`(("gtk-encode-symbolic-svg" ,gtk+ "bin")))))
@ -1848,7 +1848,7 @@ libraries written in C.")
(define-public vte
(package
(name "vte")
(version "0.46.1")
(version "0.48.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/" name "/"
@ -1856,22 +1856,15 @@ libraries written in C.")
name "-" version ".tar.xz"))
(sha256
(base32
"1ipmnfazvhzjp5pjw90mmxbkizivnh7gnlqqml94lw2rqa5wy048"))))
"14060d5rmjjmxaknrabhnsjwxni5wa3crg61mqxv8f7yxl0v6y62"))))
(build-system gnu-build-system)
(arguments
;; XXX: fails to compile tests with the default flags.
;; vteconv.cc:774:40:
;; error: missing sentinel in function call [-Werror=format=]
;; g_test_init (&argc, &argv, NULL);
;;
;; cc1plus: some warnings being treated as errors
'(#:configure-flags '("CXXFLAGS=-Wformat=0")))
(native-inputs
`(("pkg-config" ,pkg-config)
("intltool" ,intltool)
("vala" ,vala)
("gobject-introspection" ,gobject-introspection)
("glib" ,glib "bin") ; for glib-genmarshal, etc.
("gperf" ,gperf)
("xmllint" ,libxml2)))
(propagated-inputs
`(("gtk+" ,gtk+) ;required by vte-2.91.pc
@ -2440,7 +2433,7 @@ more fun.")
(define-public gnome-terminal
(package
(name "gnome-terminal")
(version "3.22.1")
(version "3.24.1")
(source
(origin
(method url-fetch)
@ -2449,7 +2442,7 @@ more fun.")
name "-" version ".tar.xz"))
(sha256
(base32
"1m5h3ck7wcvq1kfap05jwhnbpp3kmikc2qy822gnsbdjdqrm41xh"))))
"1q303bljcr06w3ra737kq1hpjda45wk16kmrixxwldf3zkk2dgx7"))))
(build-system glib-or-gtk-build-system)
(arguments
'(#:configure-flags
@ -5243,7 +5236,7 @@ files.")
(define-public baobab
(package
(name "baobab")
(version "3.22.1")
(version "3.24.0")
(source (origin
(method url-fetch)
(uri (string-append
@ -5252,7 +5245,7 @@ files.")
name "-" version ".tar.xz"))
(sha256
(base32
"1zwpzj6hbvcyw1ymqzn3zw8w4h29ad7411crbkbh71c8jwbwpssv"))))
"0gzwzn8p0agidjq3wnkxcsny6jhqph3yqscqjqd7blgkz5nyk02r"))))
(build-system glib-or-gtk-build-system)
(native-inputs
`(("intltool" ,intltool)

View File

@ -5,7 +5,7 @@
;;; Copyright © 2015 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2016, 2017 ng0 <ng0@no-reply.pragmatique.xyz>
;;;
;;; This file is part of GNU Guix.
;;;
@ -184,14 +184,14 @@ and support for SSL3 and TLS.")
(define-public gnurl
(package
(name "gnurl")
(version "7.53.1")
(version "7.54.0")
(source (origin
(method url-fetch)
(uri (string-append "https://gnunet.org/sites/default/files/"
name "-" version ".tar.bz2"))
(sha256
(base32
"1ah2304cm6y7d201vdph170mrwxmg6r72v2zsxzjn0jk68d8kb6d"))))
"1ww346cdsxln6iq158a4wm38bmicg5wspd2c83gnqf1glx22hza0"))))
(build-system gnu-build-system)
(outputs '("out"
"doc")) ; 1.5 MiB of man3 pages

View File

@ -31,10 +31,10 @@
#:use-module (guix download)
#:use-module (guix utils)
#:use-module (guix build-system gnu)
#:use-module (gnu packages autotools)
#:use-module (gnu packages base)
#:use-module (gnu packages databases)
#:use-module (gnu packages glib)
#:use-module (gnu packages gstreamer)
#:use-module (gnu packages gtk)
#:use-module (gnu packages gnome)
#:use-module (gnu packages libcanberra)
@ -194,7 +194,7 @@ in the Mozilla clients.")
(define-public nss
(package
(name "nss")
(version "3.30")
(version "3.30.2")
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@ -205,9 +205,10 @@ in the Mozilla clients.")
"nss-" version ".tar.gz")))
(sha256
(base32
"1agkkwb51si4raw46p44vl3d0l7wzvdjcblpcdjjz6aymq6h1h58"))
"096frzvyp3z257x84rxknscfgsbavzh2a0gyibx7kvmw4vzpfjhd"))
;; Create nss.pc and nss-config.
(patches (search-patches "nss-pkgconfig.patch"
"nss-disable-long-b64-tests.patch"
"nss-increase-test-timeout.patch"))))
(build-system gnu-build-system)
(outputs '("out" "bin"))
@ -301,10 +302,10 @@ standards.")
(license license:mpl2.0)))
(define (mozilla-patch file-name changeset hash)
"Return an origin for CHANGESET from the mozilla-esr45 repository."
"Return an origin for CHANGESET from the mozilla-esr52 repository."
(origin
(method url-fetch)
(uri (string-append "https://hg.mozilla.org/releases/mozilla-esr45/raw-rev/"
(uri (string-append "https://hg.mozilla.org/releases/mozilla-esr52/raw-rev/"
changeset))
(sha256 (base32 hash))
(file-name file-name)))
@ -312,7 +313,7 @@ standards.")
(define-public icecat
(package
(name "icecat")
(version "45.7.0-gnu1")
(version "52.0.2-gnu1")
(source
(origin
(method url-fetch)
@ -321,77 +322,162 @@ standards.")
"/" name "-" version ".tar.bz2"))
(sha256
(base32
"1mn73liylqzxk441f28wk326yglqs8zcwqs4zz51s8i2id2jsnv3"))
"0asaba04y6rwc7nx898p89jdxkbnsb3dxjvpdi8xb1rbgyms80c9"))
(patches
(list
(search-patch "icecat-avoid-bundled-libraries.patch")
(search-patch "icecat-binutils.patch")
(mozilla-patch "icecat-CVE-2017-5398-pt01.patch" "1a39a54b5fea" "0k3sbf2w2yng2rpv6wl9zrm5cbsgq3pslr19xwrk8sk753as79fp")
(mozilla-patch "icecat-CVE-2017-5402.patch" "9828c3bb7b73" "0zgks0v9sqhwwkmry4daswvjwk6aqln6abx0iac1vwqqpg6swff6")
(mozilla-patch "icecat-CVE-2017-5398-pt02.patch" "fa3268a1147e" "1jyd1hvp42pz5l15agmb1jhw74b38x8xnj9ih5v4pskv41bgmyg5")
(mozilla-patch "icecat-CVE-2017-5400.patch" "347c10e4d6d1" "1w6yrm97l477q4ripbj0nimc87p4jscabvihpncxqbq9xzc4km7p")
(mozilla-patch "icecat-CVE-2017-5410.patch" "fe4a2cda54ad" "0spcs93hpz13d8670jgvww80f0ynrbhwbh62fkv27lpr6wmqwqh1")
(mozilla-patch "icecat-CVE-2017-5401.patch" "c38f8546be5f" "1sa22w9kzgynsn4c6zh4d66byskk5kffzbvlzrhyzvqjddypf9p8")
(mozilla-patch "icecat-CVE-2017-5398-pt03.patch" "41c80ecafa99" "0r33arr5wcgl00zgncasiyl65bmm6jy45clxnbb75nzjmsd1zx1s")
(mozilla-patch "icecat-CVE-2017-5405.patch" "381552c888b4" "1sjhh390cx1jqx74lxk6qd8f8ccppqgagqfhc9pnbm2m67hxvkj9")
(mozilla-patch "icecat-CVE-2017-5407.patch" "4ba337cdb998" "0vyknizid2z9nvl31m08c7fknizhv8dh8m54apm39k8lx77vf70p")
(mozilla-patch "icecat-CVE-2017-5398-pt04.patch" "886650fac531" "18fsr5dmav96ja0dah7mj34n8mjpckp0bbc32zjyaj5qx0m4h5cw")
(mozilla-patch "icecat-CVE-2017-5409.patch" "0a22becb23cd" "19fshrq4qkj5s0mjrads6by84gy7rsq3k57gha6sw6rvx8chjaz6")
(mozilla-patch "icecat-CVE-2017-5398-pt05.patch" "a0ead6ef09eb" "1hpsq81hhhq2a2dcq2dfndiwx93vvp5rfq0cgv6kwk2bsrq77wqq")
(mozilla-patch "icecat-CVE-2017-5398-pt06.patch" "d3fede027d06" "1aw02p367cm0ayijdiiawlb7qhab6jwqwkakj317yd1cjnmkalwr")
(mozilla-patch "icecat-CVE-2017-5398-pt07.patch" "ffca0f060bb4" "0qwisfp7idjj5nc1vp1afrf5lj66l2gp7rllkjmrqpz6cyfc708v")
(mozilla-patch "icecat-CVE-2017-5398-pt08.patch" "4aa65b44dcb9" "07j6dz2b7hp1bkfvkxwgpn2wc3hqrgjgwpaz96fcpz8yadg2fssw")
(mozilla-patch "icecat-bug-1318914.patch" "30e2382d800f" "0w8zky5i7zc5q943x37rdvi4wbcing0q7w9fcgvnnh5li2sbrsy8")
(mozilla-patch "icecat-CVE-2017-5408.patch" "403d2300adc2" "06r4j48rc1fd9gvmvqy68mlqah5xfxpkvwmxk0gnqc364kpq9slk")
(mozilla-patch "icecat-CVE-2017-5398-pt09.patch" "546ab5e99568" "05rdb9bm3n4lj0zq5a95xnwsb0vzirb9mbc2wf9xbi4xlamsgvvw")
(mozilla-patch "icecat-bug-1311380.patch" "ef6eeb7f8846" "1w19is5blbrwf3wlmy6wzgabih8sxp2kmkffqcj2g4jypfwyqn73")
(mozilla-patch "icecat-CVE-2017-5398-pt10.patch" "eec69810d80e" "1r20abhw7b38igsrdpkhcfwx9i9gmcxikv4y3sjr4wkbp684f7av")
(mozilla-patch "icecat-CVE-2017-5398-pt11.patch" "fec35ce6e68b" "1imdfrs8dxz44rhsmvydh29w5j64cij6g5ggrmhvz3386xvlil2v")
(mozilla-patch "icecat-CVE-2017-5398-pt12.patch" "725e2a217722" "06gfhi2ich279rjnxi15fb4igimsxnv5w6bx4g91js8wbvp2r3v0")
(mozilla-patch "icecat-CVE-2017-5398-pt13.patch" "d905a2e3a4d9" "1ibxi2s0czj47b739zmmjzbln8lpn27hdg4b17w58vhbhzkq31cx")
(mozilla-patch "icecat-CVE-2017-5398-pt14.patch" "0032560ae945" "0md3p5cix6nzbj5m199awc9gk52pygy5s9lx3a38vh3xvd92lsbj")
(mozilla-patch "icecat-CVE-2017-5398-pt15.patch" "91dda1e79ad8" "0b5h8fhagczfqkdgby982w6qgkw9y11zxxpdbn89rwmjpyp9nghx")
(mozilla-patch "icecat-CVE-2017-5404.patch" "556dd9e4a9e3" "0mbdx4xn1xs67n47ys9m42lc5ny96rz21ala848yajpdlxsz680g")
(mozilla-patch "icecat-bug-1341137-pt1.patch" "e86e0423dad1" "0dk1v7lcs61nx76qxcibha3ygqri15ldcvwwsrsayff9fq6k0v4y")
(mozilla-patch "icecat-bug-1341137-pt2.patch" "9aebee8b8cb9" "0m7p5iprhhwdv89aqqg7fla5szw6v7x2sll4ns0zg60pk4vm6izq")
(mozilla-patch "icecat-bug-1341137-pt3.patch" "69f3d44bdb48" "1ad7rw6nmg3c49ylqxlqqkb6cm2f0ygfzrigs6b60a2zkjqhbl0h")
(mozilla-patch "icecat-bug-1341137-pt4.patch" "22546e2cee64" "0gbwxa3p7qkq53hwnvxcqhx8h34qmnjdxy0h3ajik4mw76vrna9s")
(mozilla-patch "icecat-bug-1341137-pt5.patch" "e5083d8a855a" "1247vbpqzf007nigbxxqd6nwgr1dxd4p8cd0dr45afqh19vhlapj")
(mozilla-patch "icecat-bug-1339122.patch" "b0d156c7445e" "026jp5bb565yvhkmmicgygcn1lmak85p0466yl1vnjlx1rc8n724")
(mozilla-patch "icecat-bug-1319087.patch" "9cd44507fd65" "0mcfvby53r2150libazgrgaqrdyvl0g6cr1f01dsya3cgmc9mkcn")
(mozilla-patch "icecat-bug-1342661.patch" "d449995ef7d9" "1kz8k2jxvhqpjgrsj7r0kqq79036lrkfnx5pvdnsl59np9128j81")
(mozilla-patch "icecat-bug-1343261.patch" "9b5374019b58" "0v5w50r5ys4jjy1lpks280cq8paw7wdy9mrk7szzq7nlcxz90is7")
(mozilla-patch "icecat-bug-1343552-pt1.patch" "08bc7a3330e4" "1hsvffscqc4zflni866ilylgi3a13wz0n882z85xplbhwhc9lcfj")
(mozilla-patch "icecat-bug-1343552-pt2.patch" "8c61ebe37f1b" "1fjsr6bzfyd1zqzz2pglwh2ckys95h21wy3j4rlwkz66057z53qq")
(mozilla-patch "icecat-bug-1340718.patch" "bfa75fc20c2b" "08gksd06lwbb5ykdrk9gh2cb9bximwxhbxl3rprz64jj2bnmd3dq")
(mozilla-patch "icecat-bug-1345461.patch" "bcd5e51251dd" "1ms2ad8j04lz761cvdwi9rj5qv3qbjmg0zwyp3fykcf01a323ygd")
(mozilla-patch "icecat-bug-1343505.patch" "290f10412f92" "1dsj22fkz60zfa6isnxj54clg32dwzapwh5f1vz6jsin9r67ik2p")
(mozilla-patch "icecat-bug-1346648.patch" "9369ede30cc1" "1wrdn2aixbzifz7wyqnfi65gaiva8i746pi53z6w62lmn1hwd3ji")
(mozilla-patch "icecat-bug-1347979.patch" "4ae2261bfab0" "1yi3jicwjy7w8f0sv5di4rx05bfpkhcwj3r6dhl5315yz4ifqy30")
(mozilla-patch "icecat-bug-1343795.patch" "dcf468969700" "0syfq35s2r86ajmnqsxlfanvxd9ax57qkfmxpkvmk447s3mxsk08")
(mozilla-patch "icecat-bug-1347168.patch" "5a6390274b64" "1lg5px4sncalh82y61ni9rlg50d83jmmrrvn0944x4zfrzlfaz8x")
(mozilla-patch "icecat-bug-1341096.patch" "64158495e5ae" "1lyh8m159hhzrxj5hr0yib2sb8rkd20qxpykrf398v18s3yc08cx")
(mozilla-patch "icecat-bug-1346654.patch" "f359ec604627" "0j6rzbnzlz8x9sj2r79d1zr4p89c5zq7y49xa4kn6am5ay3ws0ri")
(mozilla-patch "icecat-bug-1344461.patch" "6f14d2ef7981" "0n24hqvjj7vxqdvxhk38swnmvcv7h7vvn5invbidhv22m0qqzs2c")
(mozilla-patch "icecat-bug-1292534.patch" "c709d4b36145" "18cdck3fr4a1ygszb6qk07g6fi3kv6i697pjfcipvqrk358qb0hq")
(mozilla-patch "icecat-bug-1336830.patch" "18e355831dd5" "042487xhq9zkky3pxiqy1rpy69z0j20w0jnl7kwg2j1bzfbnniip")
(mozilla-patch "icecat-bug-1336832.patch" "ebeb0b45a84b" "17ch2aqsrnkiwbnkf6x7a1cpi8jgfjhwr6wp0bsa89s8v1dax6w4")
(mozilla-patch "icecat-bug-1349946.patch" "ccbecbe17a45" "19vwmhvqarpzai8mcq6i7szkrp1h9m8v5lyimkmmdlmagrivjw7f")
(mozilla-patch "icecat-bug-1350683.patch" "00ed655efad1" "0nfk9345lshim8xl29qka5man73jgxcppv3pzfrgjhk97z7h6ifq")
(mozilla-patch "icecat-bug-1342823.patch" "609145968cfe" "1y5kw8khzxnx5cbrv4zmdd1nzha85r3cmxn3inami9fx8vikxjq8")
(mozilla-patch "icecat-bug-1336828.patch" "982cfe33c513" "0amj3qx5399mrdcqakvfn5pabp562i1s87a8zd65jyqs4mwgcjap")
(mozilla-patch "icecat-bug-1348894.patch" "eed8086d0af7" "18p567nhj7nvh740fhh3l0mqx0b7370b45005j43ll08rf2nhygl")
(mozilla-patch "icecat-bug-1344467.patch" "38664f88d8f5" "0zdkmiqjr6h1bfs4qw74p5bnw74kcx9fxr4mcnshpavv2gvc6dn4")
(mozilla-patch "icecat-bug-1350844.patch" "c071fab59d05" "16hf5c4appca8vwxl5yvl5ig5bw8cb8hl8apvknsn5rdsjwjlrpr")
(mozilla-patch "icecat-bug-1352926.patch" "8fade3eebca2" "165v18545g4br1j6nbbhq2h9098iqvqpbd54zmgwwk9c973qhp3c")
(mozilla-patch "icecat-bug-1343642.patch" "6172686bf59c" "0iwihvx11am28cbmgg68llf3mr4ghrclimr51vms1nq9ji767wdb")
(mozilla-patch "icecat-bug-1349340.patch" "260b50fb6d39" "0lq08bkj1ihhwmf0yhxcnvngzym222q3n66ql9fbda4n7prlfhzl")
(mozilla-patch "icecat-bug-1353088.patch" "44a90ca714b9" "1rb27bnrm9a5nnwrsxx7z36yhhz8x6lv0df98jv1128zvd373blp")
(mozilla-patch "icecat-bug-1347617.patch" "e40b00161221" "0nm6jqbkb6rdahzd39gnhmy1gwawa5jbd7i80c7g1igj3x8ab50y")
(mozilla-patch "icecat-bug-1278157.patch" "a7803c36d797" "10l8jbqlmfkvi4jj0vhkl0a9vdsh3niy5rjr26br3633nyyr4747")
(mozilla-patch "icecat-bug-1348941.patch" "4fe9b979b84d" "069rzn60vn90gcck2wakr6m83q0cy32x5r54ccia9nc26a01p6p5")
(mozilla-patch "icecat-bug-1347075.patch" "a017569d3535" "1j7q02q2ybpfx9cr6dn9x27jva1d6dzs4pdxx2a1xmk5va03lrmq")
(mozilla-patch "icecat-bug-1333858.patch" "413dc18f25c8" "0g1q1y22m5gds8p07nq5c8f84jc152x4sac40b17gawj1005n5v9")))
(mozilla-patch "icecat-CVE-2017-5443.patch" "6daaaff9f1f6" "0jvb6y5fiwr13fyx58k49n81kv6h03vcch502g57y6nsx2wsqng6")
(mozilla-patch "icecat-bug-1319087.patch" "82297fcc6f19" "02qcbg2r2smswgnwj7fs5bcrr3rlqbpsh2nmcbsjyblp5fk1ag36")
(mozilla-patch "icecat-CVE-2017-5429-pt01.patch" "dd526ebe7e58" "1rj0pz6iql59zrynz48njcfg8i0v55bjdndplss9wl37lfydl7ca")
(mozilla-patch "icecat-CVE-2017-5447-pt1.patch" "3bc981f85a17" "0am9k3mii2r05lp6xpizxp356mb8xrbqs9kmx0wx5wyy08wjzmks")
(mozilla-patch "icecat-CVE-2017-5447-pt2.patch" "4f752b0e5920" "183s5dwzd57b299grvyvn139fsp9am0smd3yb4shw8g0iwzz61nf")
(mozilla-patch "icecat-CVE-2017-5449.patch" "1714eda3de9b" "0ncngdpzvffvpw4c1mi0dda5l02lwyil4rnq3i6salnwlrq9x32z")
(mozilla-patch "icecat-CVE-2017-5455.patch" "b10922304d81" "0rglbavb8rx7hl53ksgypazz27263b1yn97gznpdsq89zhirfw3m")
(mozilla-patch "icecat-CVE-2017-5446.patch" "d98de46f8f27" "040agykr4w4wsbi0xm3rrrjxk48iwz8l1hn11vfv45nzsx2f1hzq")
;; The next patch is for CVE-2017-5436 in the bundled graphite2.
;; TODO: apply additional fixes from our system graphite2 to the
;; bundled copy, or upgrade it in place.
(mozilla-patch "icecat-CVE-2017-5436.patch" "e6132f638311" "07w9pijx42psgmkj2i6i87lf30gl0yyb5caz6wz7fm8phi8wwy9p")
(mozilla-patch "icecat-bug-1342395.patch" "0e0e8abe2153" "1xlnq2fd50kf0rz9dibz5vlaa9zj2pifjvky2fdykcan62xz75hy")
(mozilla-patch "icecat-bug-1342841.patch" "623afac083f8" "1pv86j0dxdmi7g3rx4zqplz4gxq5lfyzpdssq83naypcxic6zafb")
(mozilla-patch "icecat-bug-1344644.patch" "cac0735c228f" "0695f0hvxnzgcirgxx3axn5nhkywqxjcvnrlhg7jwfann4mnbsfn")
(mozilla-patch "icecat-bug-1322660.patch" "9d6d60e64255" "0ds74ilhyc9qkkjgkm0xk7ay3926971rzwfh2avhhkfargn7idib")
(mozilla-patch "icecat-bug-1343330.patch" "6f23bd449bc7" "1igz6yhx803hygf7cii8bchx7bfw1niq8s0nc5l9i5rb8ml2b7f0")
(mozilla-patch "icecat-bug-1346961.patch" "3a2dc54cf986" "0dfp3s7d43zx3svajbkhvi73b71hhr7vrc9yz0iz37pykg40c4hn")
(mozilla-patch "icecat-bug-1318070.patch" "a68d6d9b87d0" "1yqgkgv7i0xy5dm0pgg1cbav4qglsdk8brzcjcpfz65bmn1pqrhh")
(mozilla-patch "icecat-CVE-2017-5448.patch" "6684a3c7f834" "0agyynvcjk28d7l2l4cqz67ddg9xw7ymiirb0npabd1si9zj27xb")
(mozilla-patch "icecat-bug-1336345.patch" "590416f46ec8" "1q2svqjd735rickr9i3kdkd0la6ikdphhmzr19h1r84nrl6a87ia")
(mozilla-patch "icecat-bug-1336356.patch" "00ba83ac39be" "1h6qsfv4r9mlc2ihjm9kmzi76aijdnnyx1g2r30ia87xha106pnk")
(mozilla-patch "icecat-bug-1342363.patch" "10285b4a6b71" "0l2ww19y6qbarcp9brjgbpf4vi3k38r6ak8is5736vqz0c17dim0")
(mozilla-patch "icecat-bug-1343787.patch" "28287b7f0938" "1w85s9rqh0dyfx6qn5plypbypz9casig03b6yiy9bpiq7ckrxz56")
(mozilla-patch "icecat-bug-1292803.patch" "adbf7b59a405" "1l1p0b5rc05czk6kr3k3k99m1fkwphj2jrd092gdbib8q4m4cvzv")
(mozilla-patch "icecat-bug-1313869.patch" "eba25396310b" "1ws0dr0kwclzbc2m0sihd3aqvbbg57ycia0fg6y294k6qipcxv38")
(mozilla-patch "icecat-bug-1141756-pt1.patch" "f7c262517722" "0r1zzbxf47q5w8vcy402yin105ngam3csb2q7h7n8axm97307ykp")
(mozilla-patch "icecat-bug-1141756-pt2.patch" "420396d5e26d" "0yv1pmpydzkirfwrxrgbw98dm4a9a4s0izha0wabrp4lb3655jv5")
(mozilla-patch "icecat-bug-1343210.patch" "ed9521749d6f" "1j2zzi00qyqjgh15ingvl6f88zlk4imp31m5jmf7w5f9jqi5ly3k")
(mozilla-patch "icecat-bug-1342442.patch" "775b6f85ef81" "00h9dgds7jv9n4cznj5qhh8liaf1b3wvnlqc2z7a3kj07ijllwzb")
(mozilla-patch "icecat-bug-1344527.patch" "d4612b14c907" "1n3a0mp351a7xgvshm6688gh89hg0xci3y621zs2pyqsfm114366")
(mozilla-patch "icecat-CVE-2017-5442.patch" "5f1aa2336998" "1y2marhrglc66vchd6z0jdmhg0pmkxp1cwim63bp9l6pj7lxyjma")
(mozilla-patch "icecat-CVE-2017-5430-pt01.patch" "512604631b23" "171nzxr4av4818d0fyg9hcsdxkai61sghl45xnsr2al34l28wsw3")
(mozilla-patch "icecat-CVE-2017-5430-pt02.patch" "16772200ad6f" "087j16rcbs5kgvpa096kd6jarwwwfrhwph54wzjn671wr1vnsvvd")
(mozilla-patch "icecat-CVE-2017-5441.patch" "c744e9d57250" "0m70157lczf17hxb2pabsl3grhcjqallbdfpsd58q8q6fk99k6x3")
(mozilla-patch "icecat-CVE-2017-5433.patch" "b4fc7a4cb5e0" "12q6mr5prpgqg5xnrww09qjm3jx2amb8zig62cd46ba8n9z2j9ab")
(mozilla-patch "icecat-CVE-2017-5429-pt02.patch" "21eac0b4fd2f" "1a6v0hwcc26gnlxygplc11dfzc8bykhh44j4gsz88kl5c5jqhlk9")
(mozilla-patch "icecat-CVE-2017-5432.patch" "62df7046e959" "1qvxbpkf87g4vnl8hxqvwb1ydrpkqq3rbkivr8q4029rvgalf4rf")
(mozilla-patch "icecat-bug-1350599.patch" "f6a978b2fcec" "0rkbbmw52mxgrmn1xny4jkn3slwb5jsqs4yr07ffhz7r801jy9iz")
(mozilla-patch "icecat-bug-1332839.patch" "2ad0f87f5dba" "04458jidri521hgf3r63pl736zz4gmgv6b8spa32anfb7gryj8fy")
(mozilla-patch "icecat-bug-1337548.patch" "29a1ad09a6ec" "0pld81bpc34w6g2ara54sx30msas55kwzr537pvxxc002lpvzs57")
(mozilla-patch "icecat-CVE-2017-5430-pt03.patch" "5dec7534760f" "1xh0y7srl7nznb6szpfiykd6r1ibyxrdvasc36w0chqjdmq7xr32")
(mozilla-patch "icecat-bug-1343851.patch" "e104d53316d7" "1yhv3qvzzi3kr881ji1dnm8ydnr3snh2vzl3c4vdzmvrjx8q5rcb")
(mozilla-patch "icecat-bug-1345222.patch" "864644fadcb0" "0qpplxyfn87bigzdkwlrhj9isd5gfafhjgqfckb239a09wwrblf3")
(mozilla-patch "icecat-bug-1348584.patch" "7cee9ad555af" "0856bpa3n71a3y5m4gilcdb9ghb60p545xkv9zbr245r20mj32ds")
(mozilla-patch "icecat-bug-1346720.patch" "6a597a9cd494" "091a5sanw3w3gl0jcmf8d60m59vwbh5v36vnar20m0hl7xrv4v7p")
(mozilla-patch "icecat-CVE-2017-5430-pt04.patch" "09693629803f" "18fhmsghq0232mhh8j10cy0a4979nmkbh43jlcyrg3l63l7795k4")
(mozilla-patch "icecat-CVE-2017-5430-pt05.patch" "2b8268ea97a9" "0l0f54krxdmqbgldikwjncxvn6irihcljldd3z039himrvplisjg")
(mozilla-patch "icecat-bug-1347700-pt1.patch" "ee706896916c" "0m85x80y98c154hyis08kcy81kbw3v34na1v862vxzs939d3mc0n")
(mozilla-patch "icecat-bug-1347700-pt2.patch" "08ecc2d92f81" "1s6411ccifw9l22hhmf32nhm8r5hbclnhy7jm2n228sqfr4h971g")
(mozilla-patch "icecat-bug-1337682.patch" "15af6a323161" "1nxbwd0574gscnkxfyhzv3yqvxiccb2d0rmba9vi6i62646l2pd5")
(mozilla-patch "icecat-CVE-2017-5451.patch" "d91260f0069a" "15w4rzz51hps2fr8djf5z1rzdwxshclk936mxv5anx1skkwms0y8")
(mozilla-patch "icecat-CVE-2017-5444.patch" "7740cf7e121b" "1706mx4zmnib336p2wmfp9ncyl66lk2da82f28xvcw262mg1c8lw")
(mozilla-patch "icecat-bug-1347164-pt1.patch" "b35a6d6dcdca" "077r0pns58fw3xd3qnbhib4q21vvw0aynpa8iyn1pycg8mppmd0f")
(mozilla-patch "icecat-bug-1347164-pt2.patch" "a42fc05969b9" "1ijq8ccsk5k56h77sv5kqv48w7csj3vbakzq98awgbvypzfdyhss")
(mozilla-patch "icecat-bug-1347164-pt3.patch" "f78ac1ac0a37" "0kj6jq482cqwyngy1kmb69zpq35xah8h33kml8i4l7andiyaq3zm")
(mozilla-patch "icecat-bug-1347164-pt4.patch" "795a3d48a775" "18lw99hmrr93k95hk6v6bx5rcf22aa902x2yf5p6wxdqg56nc0zp")
(mozilla-patch "icecat-bug-1338699.patch" "94ce63191069" "0rdivablincah3gbgl4wzjmqlraazivmr8bhqxdpy8dk0a6fvv4s")
(mozilla-patch "icecat-bug-1342301.patch" "e640e758a7cd" "17f36vvf82n6shlaip7ji8qsy9861f9a5r79h000p3wb3bb7lbfs")
(mozilla-patch "icecat-bug-1342170.patch" "df7ed78b7c0a" "1kq256i66hcm2k9d37i5ws354ksv3bbglmscdjv2v5f7wg3y967v")
(mozilla-patch "icecat-bug-1342634.patch" "d72e56823bbb" "0c186d77lyyg0hjxw15d44rybw6yr5aw8g9m3311xfdn5wiygijb")
(mozilla-patch "icecat-bug-1348796-pt1.patch" "cef01720769e" "0h57372lxanjs5zw9b3vwr2x36yz9gj73swyg50aqp13j4rcbpmy")
(mozilla-patch "icecat-bug-1348796-pt2.patch" "7d3584b75f20" "1a4hvpsvn39832g54hsxhqs24cq8v4nd69jqskkgc1ybs09ncmr3")
(mozilla-patch "icecat-bug-1192800.patch" "e56b0938ea0f" "1hlbxhjzj65s6p2v6f66zdfb3gw5yx77msgq5idsv9jip2w88mpq")
(mozilla-patch "icecat-bug-1309438.patch" "1f30d97563c8" "0rvq729fg9j959ha9qvw5wv7r6vw70qvpy7ynifgqhgrpa749n70")
(mozilla-patch "icecat-bug-1315332.patch" "66495c8d9459" "0vzlx8i0cidpymm6ar07h3yk63fxf64f0b2vb0pihd72h0jzd5s9")
(mozilla-patch "icecat-bug-1346439.patch" "a9fcc2dc324a" "13991jijwa84yczkmc212s23w269r8b1a4yiygqgwaily29l1dc5")
(mozilla-patch "icecat-CVE-2017-5469.patch" "3dcc5f5c2df4" "0b36m6rgxc05h39l6wkzi6dlmq9brcigk7xjrifs4786f0z564hz")
(mozilla-patch "icecat-CVE-2017-5430-pt06.patch" "ac0ca89b5a6b" "1646y9y2wmq8pxb081x3076dq9ana7hh5fxwbsnn17v5wqhi8gfb")
(mozilla-patch "icecat-CVE-2017-5467.patch" "6ed26e6c1a09" "0r1n1dwb4l8xwlns0aifyka6mldb6cy2crhh2qkap64cpj3bzl9s")
(mozilla-patch "icecat-CVE-2017-5439.patch" "2fde528ca7b6" "0iv0sjhnh7br0z3pcpk346wbj162ynacfk3p9309hg6kr1cd92fp")
(mozilla-patch "icecat-CVE-2017-5440.patch" "d88bd03d1234" "1pls63djh4w5023ag3fwjk79cpx816ilgajl5l1qlqyacl8c0v4p")
(mozilla-patch "icecat-bug-1349987.patch" "3282e8f6a121" "1dyc84h7v0l9gndmbiwfqk33f703zr3fv96mwbn58msdf20ma9l2")
(mozilla-patch "icecat-CVE-2017-5434.patch" "ee0a7b55e470" "01vs4p56p0ii0fvmg0kn7gaz6gwf2kwmv6v4pa6v68hwxx1phaag")
(mozilla-patch "icecat-CVE-2017-5430-pt07.patch" "a4e1e04c88ee" "0q07qwzxf2iisrhknjbn1zksv2rr6qzzh6w8ibzlj1sqbdg3h852")
(mozilla-patch "icecat-bug-1335043.patch" "a49419f75b9c" "0pkh5yimnj3p1sd2g9vndgcn11zdx6yhpa88s8vk7fqbs8gf1fz3")
(mozilla-patch "icecat-bug-1299500-pt01.patch" "5fdd36b4400a" "1gdrsbf03wf9v90f1bd2sp9ac38a9lzpzfrv8l8f7gvy70acjxmb")
(mozilla-patch "icecat-bug-1299500-pt02.patch" "34776df5ce44" "15mlf59ii0rk97j8mlf3wz1q0w28ma5mll47dvci6cv3dziai9f1")
(mozilla-patch "icecat-bug-1299500-pt03.patch" "26189af0f504" "1wh1s2xd1w03zi5jdaagk6j5i8v9xsm9360xmv446wdraygkqbci")
(mozilla-patch "icecat-bug-1299500-pt04.patch" "798a8fe17e7b" "0vlalanffq3paa7zab003v1d377x5pvcsy8nc8fr5pdlvi622jll")
(mozilla-patch "icecat-bug-1299500-pt05.patch" "daf2e4f2bd5c" "1rxbjbyr1a6dxjb0qj6900g3kqjphir40pis4qcfl8q811y18jwk")
(mozilla-patch "icecat-bug-1299500-pt06.patch" "1187091c3134" "0r8zz4zbglxg6sl0ybz9lyq1c5w2nqp0xcn2d3rz9bvyj8byqc7m")
(mozilla-patch "icecat-bug-1299500-pt07.patch" "a908f2c2fe30" "1fvwy3fxfrdi9y8hmf4f9aa72i0g6s55s8cp0w22gllsl1f6gvyf")
(mozilla-patch "icecat-bug-1299500-pt08.patch" "e95a26cf7a42" "0pd0kcn7dqd1gy1si85as5zzc96v7vq0v8n3g3gjzms5rdnk085l")
(mozilla-patch "icecat-bug-1299500-pt09.patch" "d63f3b14e571" "0cqd7dal6prsrj7bn2d699idbq4fzjry9vqlbmm9dkyn5683sdy1")
(search-patch "icecat-bug-1299500-pt10.patch") ; Adapted for GNU IceCat, based on:
;"08f2bc167ae8" "07d1i23ffvi74a5558bb0645vbrap6qlrpcwfyb7dm3llbfnfycy")
(mozilla-patch "icecat-bug-1299500-pt11.patch" "263f27805689" "0nczkvyvlpdjif3xfvj7g2mfz6j06w99x2sblqfmqq6mwrlavpq0")
(mozilla-patch "icecat-CVE-2017-5456.patch" "538e0b382cc2" "0wq2ywn4a7i4ypcx03hl23a4xx3lavz7y505m9kw43fx15r4070r")
(mozilla-patch "icecat-bug-1280079.patch" "6fbcb6a4b91e" "0qcwz9js1bwlnwyv3vhkm0hvahd043lm2bijqsmm0jy20dbslga4")
(mozilla-patch "icecat-CVE-2017-5435.patch" "a362e1205ba4" "127i4ybfb4dk5axp4dxcl7ag7zyx7b517myvs6q4yd8981d1jjd3")
(mozilla-patch "icecat-bug-1341960.patch" "b24ce30e8cfa" "0a521wn8hbaliawmxs21b8wc1gkha8iih62j4zyrfg5rm7ff6p6s")
(mozilla-patch "icecat-CVE-2017-5454.patch" "ac40d4a4e414" "0dnzz95vpq32bsh6hajk4hrcrxwd4w6m7kayl2iziryny86jgak2")
(mozilla-patch "icecat-CVE-2017-5429-pt03.patch" "e469af8e9ccc" "0yn8zqakr9yw0jvysxyc8if09kqf4fr5rq4p9qdkb1p81p4dpmp5")
(mozilla-patch "icecat-bug-1351094.patch" "4c1383e76adc" "0wdldx88qabyhrwnnii44pggmfgqylzxy6ckwzgq86r2yipi4rsq")
(mozilla-patch "icecat-bug-1336527.patch" "b9f53baeabb3" "0y1l641ffbr4i85p0wc1ir6bcsy6h94bchbfc7ppxfijva4fjgvd")
(mozilla-patch "icecat-bug-1345716.patch" "2569af645a98" "1d6lx85ij90j6q6ixwp0h3w7y424yvkz0njsi0my727akbli5rsn")
(mozilla-patch "icecat-bug-1208957.patch" "2b68880d8f6b" "1pl0vkv7clyjchi9kg4995z82sr8xv7cbz1kvsg1v66md6pmp4s4")
(mozilla-patch "icecat-bug-1208957.patch" "bc646835442b" "0f29r5yvlb5w84nvvn6j9r9dq5314jgygjmsna3grzigpkb88gyj")
(mozilla-patch "icecat-bug-1347944.patch" "47cb652ddc25" "0n7871958zwndwz53xvzwjv41v5ar1vxaam8kzr5dkbqmprddimx")
(mozilla-patch "icecat-bug-1347632.patch" "7d8f7a52a108" "0gkbkzkz989j7pk3ia1rfvyjg3si8hnnadwkb2rw13qjxdzhx2zn")
(mozilla-patch "icecat-CVE-2017-5438.patch" "154c93b9435b" "00f8lr5s8h68392bb45zi0xfgqrgfkdxbzwdypp10d89784fvjvd")
(mozilla-patch "icecat-bug-1347486.patch" "15dbaf157058" "1mwgfnx1zsvhp0pgmc8577yw6lnf7g3ikdfj0r21fgffrn76bp69")
(mozilla-patch "icecat-bug-1218437.patch" "e13692bfd5f5" "10jrbs26m8l1vchw6svssrb5h8p82acrcmkx92ybvv4qbaq2bcl0")
(mozilla-patch "icecat-bug-1345853.patch" "5fa27dc4c4a3" "1sqqa4hir2bsnnwnlr34has62kpncmw6l9mylwprd09fxmzzgrd7")
(mozilla-patch "icecat-CVE-2017-5429-pt04.patch" "00c051cd38c7" "1d4aa4nqyjc01mg3jvdjjp7z05c2qhdjj85dhdrd9c18gfiyv4fi")
(mozilla-patch "icecat-bug-1349921.patch" "c6897adc4037" "0acvcdy8awdmpz84243jzf82agrm73wqa198fjbns1p1v3s425z2")
(mozilla-patch "icecat-bug-1338623.patch" "edcafd42dd52" "1xqgjy7a62jsyz1b5mibrcnd7zpb4gdaas0a6z5dwfvz52j4xa16")
(mozilla-patch "icecat-bug-1294799.patch" "0617b074ec3d" "19h7dj44shvdzzj87svpv5q97cikxyxhiwfzf9rnqj1b7fw0xrdh")
(mozilla-patch "icecat-bug-1345049.patch" "88466b911357" "16pgd13mw9a0snyhq6vxmjc7kr9mikvhazkgbc6vpykwi0i0z85b")
(mozilla-patch "icecat-bug-1339999.patch" "b7cb8f8b0877" "0zv1kxcva699ahb9s36l4d9mlrkm0b7hmh6g1422j6iijn136vxb")
(mozilla-patch "icecat-bug-1350868.patch" "ddd6c44790c0" "182ii4wsz2vdd1q4dszd5hka8i2n0ghmqk7l39bd02d3zfibhhvc")
(mozilla-patch "icecat-bug-1342360.patch" "416681a239ef" "0ngs8xgmdhz9ag4dlrqhr0vmanqxr9q2vf16jpm3cimyc06zjxz4")
(mozilla-patch "icecat-CVE-2017-5429-pt05.patch" "a76e626ae6db" "0zn2j8fmhp7502kx1jhrvh85vsys5x6x6gw3v4gl0h8px354v6yw")
(mozilla-patch "icecat-CVE-2017-5429-pt06.patch" "0ce4196ab86e" "0isczy8261qz2zsdxax4j51gypz0gi39q7nfwxg88sl81kc5vym8")
(mozilla-patch "icecat-CVE-2017-5429-pt07.patch" "39da731d80ed" "0vswnv1hqa7r8iz6y5ja7i6w3cyq5xrcd66c1q29ac6n4gn7x338")
(mozilla-patch "icecat-CVE-2017-5430-pt08.patch" "1b148cf9c545" "0ilrib0c2c7mfycpz2hq3vrfdf6sf8lcdbfjk6r4xyxv54vh3lwk")
(mozilla-patch "icecat-bug-1325841.patch" "74e9f13c554f" "0glzcgjsy71y78zaccn33w8djs96i6dd3gafyzkihnkpfddd5cij")
(mozilla-patch "icecat-CVE-2017-5445.patch" "d7d87adfe186" "02p705si2j69ya8n5a916x58nycs07ja0sfpxrwl16f4n2plc91h")
(mozilla-patch "icecat-bug-1346424.patch" "5ede402f494f" "0kbx8yn8ppv7099ic6nhw32f7h42pnwk6dpvb179ilw90ah902q7")
(mozilla-patch "icecat-CVE-2017-5430-pt09.patch" "da44c5cfab2e" "16i4dz5sfkhh3a0khrcf8zn5w20rkf4aqwygjj3cp4qhdh7wnr75")
(mozilla-patch "icecat-CVE-2017-5430-pt10.patch" "0f966927bd55" "07pkhc6l6ylwrzgfm7i1galrvjawqqrhvhk6jcw4b30sfhi0bxq1")
(mozilla-patch "icecat-CVE-2017-5429-pt08.patch" "f0f591f82cc0" "18p091503vpfpp4l3d7hkqj78zavv6qj1lynhlfx67zdp3xqcf8r")
(mozilla-patch "icecat-CVE-2017-5464.patch" "1852dc0beba4" "1zdnkrsqjfv1q2jhj4829ypiwyg78n4jv54yn3b74vwcf5zvzx8m")
(mozilla-patch "icecat-bug-1083140.patch" "6913f0537208" "0vaf61ryp0bzkz6l1w73alhglibbgm0jcgccxvvm43ni67pcxqbq")
;; The patch commented out below updates the bundled tzdata,
;; but we can't use it because it contains a GIT binary patch.
;; TODO: Consider updating the bundled tzdata, or unbundling it.
;; (mozilla-patch "icecat-bug-1343493.patch" "35496444b380" "1wa79az7121xw078cgpczxavrqy0fsp4ib2nb69giha6acxcaqas")
(mozilla-patch "icecat-CVE-2017-5430-pt11.patch" "64495dfa29db" "0m7vklnwnaf7sw97m87bm4lb9pjmlh1vvrbaf1931db8nhd6m737")
(mozilla-patch "icecat-bug-1350783.patch" "26cd34db3c14" "15vq3lrilg3n9j80cdjmk7xib2iq5gcx9ypq8xs7f5ya9ibasqlx")
(mozilla-patch "icecat-CVE-2017-5429-pt09.patch" "6cd77a0d7ac0" "0kxlbl5m3gffxqrv7ky3swsbyg1ykj0wjhlfl9amsb4g8gra3zkj")
(mozilla-patch "icecat-CVE-2017-5460-pt1.patch" "a803be74843c" "1ywwakzjkfr714i9pfn152n86c6rp427chzdys8phdkcvp5d5p45")
(mozilla-patch "icecat-CVE-2017-5460-pt2.patch" "73762c1392ae" "18jy9ccqvn6l6hznvq5xsqm1pc7i81svc2grgv21wfwg9sd6zwwh")
(mozilla-patch "icecat-bug-1337392-pt1.patch" "4ab6d5c43036" "07pygzngssra9wnmqqrs24d6gc5kfh20fkzvpcasxh4f2hi21z9b")
(mozilla-patch "icecat-bug-1337392-pt2.patch" "13f2d85da9a7" "1iwfz7dp5i93bhjspy4kyz0vqrl8x8ndg5kxdyzwb1b339xim9qy")
(mozilla-patch "icecat-CVE-2017-5429-pt10.patch" "7a30cddfcd54" "1773pijh6gi086l930cn1a0k7kvy7f3cnirfblw98sq7h9qfyy33")
(mozilla-patch "icecat-bug-1345873-pt1.patch" "75cea353ad78" "14cig2y7d3p033hx3096gxzlqwgddq8d0ig0g3l8p1b0xwvvyryl")
(mozilla-patch "icecat-bug-1345873-pt2.patch" "b08ef5a82f89" "0afz01jv850x09df85d7ycqkcdlafi4w2xi5k155lk2b92w8lhpj")
(mozilla-patch "icecat-bug-1340163.patch" "f3f2a995a239" "1ydsj4ja475jscalkw6ggdxgbsp5l2mam5109k0y7c98abzqraxk")
(mozilla-patch "icecat-bug-1348174-pt1.patch" "330904d6f0dc" "19wnp4d8481w86xkk78n7c7wrr99rq6cq3v09hd8am4n0mzwzaja")
(mozilla-patch "icecat-bug-1348174-pt2.patch" "c61b99483c4b" "0mjsahi8ly24415ri2sylas6g0kb8wawi095idqiq019c3r7q9cq")
(mozilla-patch "icecat-bug-1348601.patch" "1848bd238064" "1f5kadhn6w1rs26sdrcc3mq0zzlmmsm6ymqhshkzn57nrj6akm7b")
(mozilla-patch "icecat-bug-1345991.patch" "2008a4b89d9a" "07fkg9r2rxbk362ckv2h8inhd2dadvzigshm6zsjfjs2fyzp95hp")
(mozilla-patch "icecat-bug-1344498-pt1.patch" "9acd0103d67f" "1f0j667g05h9ydmc924cs8mzif1n7s56wixsgnyqc3s231dswhml")
(mozilla-patch "icecat-bug-1344498-pt2.patch" "49aadb25b1ec" "0s618m802b1x5pyqh5mj1azaxch7ggxq9503b7mwhg90vz8qw7ki")
(mozilla-patch "icecat-bug-1344205.patch" "34b453085dc0" "02h1bh24f9i5sm3my07m2q58cpzqfhagwwv11l9fidxcm9dmzmrd")
(mozilla-patch "icecat-bug-1349862.patch" "864ff0c36b6b" "1i3wmigv982x9hzkfg25jhyvkynmar69x6cj6r4g9zkk5f5ypdh5")
(mozilla-patch "icecat-CVE-2017-5459.patch" "5ec6fbedb420" "07flhha4rkjbry5590yr5by36ypb1k33qm3rzkbmw0vk5gyak8dp")
(mozilla-patch "icecat-CVE-2017-5465.patch" "2b95de78a92c" "0vvq1fz84yyw7za929x6ki25paivlwd4ng1ddkcb2bw6da6yp12k")
(mozilla-patch "icecat-CVE-2017-5466.patch" "a5ec5e70abf1" "1jjviyk6db8iccd7997mwmgs188fsyrzivap3ffjf8m6j4mf9cra")
(mozilla-patch "icecat-bug-1347646.patch" "1b50711a46ce" "1i3505zzgf0mvg2405y2gzq36xc8ic2ga8w6d3n9kqryxj0mc7bh")))
(modules '((guix build utils)))
(snippet
'(begin
@ -423,6 +509,7 @@ standards.")
;;
;; TODO: Use system graphite2.
;;
"dom/devicestorage" ; Removed in ESR 52.1, awkward to patch out
"modules/freetype2"
"modules/zlib"
"modules/libbz2"
@ -449,9 +536,8 @@ standards.")
("dbus-glib" ,dbus-glib)
("gdk-pixbuf" ,gdk-pixbuf)
("glib" ,glib)
("gstreamer" ,gstreamer)
("gst-plugins-base" ,gst-plugins-base)
("gtk+" ,gtk+-2)
("gtk+" ,gtk+)
("gtk+-2" ,gtk+-2)
("pango" ,pango)
("freetype" ,freetype)
("hunspell" ,hunspell)
@ -465,6 +551,7 @@ standards.")
("libxcomposite" ,libxcomposite)
("libxt" ,libxt)
("libffi" ,libffi)
("ffmpeg" ,ffmpeg)
("libvpx" ,libvpx)
("icu4c" ,icu4c)
("pixman" ,pixman)
@ -476,14 +563,15 @@ standards.")
("sqlite" ,sqlite)
("startup-notification" ,startup-notification)
("unzip" ,unzip)
("yasm" ,yasm)
("zip" ,zip)
("zlib" ,zlib)))
(native-inputs
`(("perl" ,perl)
("python" ,python-2) ; Python 3 not supported
("python2-pysqlite" ,python2-pysqlite)
("yasm" ,yasm)
("pkg-config" ,pkg-config)
("autoconf" ,autoconf-2.13)
("which" ,which)))
(arguments
`(#:tests? #f ; no check target
@ -495,17 +583,11 @@ standards.")
;; practice somehow. See <http://hydra.gnu.org/build/378133>.
#:validate-runpath? #f
#:configure-flags '("--enable-default-toolkit=cairo-gtk2"
"--enable-pango"
#:configure-flags '("--enable-default-toolkit=cairo-gtk3"
"--enable-gio"
"--enable-svg"
"--enable-canvas"
"--enable-mathml"
"--enable-startup-notification"
"--enable-pulseaudio"
"--enable-gstreamer=1.0"
"--disable-gnomevfs"
"--disable-gconf"
"--disable-gnomeui"
@ -562,16 +644,6 @@ standards.")
(utime file early-1980 early-1980))
#t))
#t)))
(add-after
'unpack 'remove-h264parse-from-blacklist
(lambda _
;; Remove h264parse from gstreamer format helper blacklist. It
;; was put there to work around a bug in a pre-1.0 version of
;; gstreamer. See:
;; https://www.mozilla.org/en-US/security/advisories/mfsa2015-47/
(substitute* "dom/media/gstreamer/GStreamerFormatHelper.cpp"
(("^ \"h264parse\",\n") ""))
#t))
(add-after
'unpack 'use-skia-by-default
(lambda _
@ -595,10 +667,11 @@ standards.")
;; calls to dlopen or PR_LoadLibrary, but that didn't seem to
;; work. More investigation is needed.
(substitute* "toolkit/library/moz.build"
(("^# This needs to be last")
"OS_LIBS += [
(("^# This library needs to be last" all)
(string-append "OS_LIBS += [
'GL', 'gnome-2', 'canberra', 'Xss', 'cups', 'gssapi_krb5',
'gstreamer-1.0', 'gstapp-1.0', 'gstvideo-1.0' ]\n\n"))
'avcodec', 'avutil', 'pulse' ]\n\n"
all)))
#t))
(replace
'configure
@ -615,6 +688,7 @@ standards.")
,@configure-flags)))
(setenv "SHELL" bash)
(setenv "CONFIG_SHELL" bash)
(setenv "AUTOCONF" (which "autoconf")) ; must be autoconf-2.13
(mkdir "../build")
(chdir "../build")
(format #t "build directory: ~s~%" (getcwd))
@ -676,7 +750,16 @@ standards.")
(copy-file file (string-append icons "/icecat.png"))))
'("default16.png" "default22.png" "default24.png"
"default32.png" "default48.png" "content/icon64.png"
"mozicon128.png" "default256.png")))))))))
"mozicon128.png" "default256.png"))))))
;; This fixes the file chooser crash that happens with GTK 3.
(add-after 'install 'wrap-program
(lambda* (#:key inputs outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(lib (string-append out "/lib"))
(gtk (assoc-ref inputs "gtk+"))
(gtk-share (string-append gtk "/share")))
(wrap-program (car (find-files lib "^icecat$"))
`("XDG_DATA_DIRS" ":" prefix (,gtk-share)))))))))
(home-page "https://www.gnu.org/software/gnuzilla/")
(synopsis "Entirely free browser derived from Mozilla Firefox")
(description

View File

@ -154,11 +154,7 @@ This package provides the core library and elements.")
name "-" version ".tar.xz"))
(sha256
(base32
"1dsyjf6rncsbg4rfj40cvf1wwpjj9h3j3c7bh4zp7jylnfv4blpn"))
; (patches
; (search-patches "gst-plugins-base-fix-test-on-32bit.patch"))
))
"1dsyjf6rncsbg4rfj40cvf1wwpjj9h3j3c7bh4zp7jylnfv4blpn"))))
(build-system gnu-build-system)
(outputs '("out" "doc"))
(propagated-inputs

View File

@ -221,7 +221,7 @@ without requiring the source code to be rewritten.")
(define-public guile-2.2
(package (inherit guile-2.0)
(name "guile")
(version "2.2.0")
(version "2.2.2")
(replacement #f)
(source (origin
(method url-fetch)
@ -229,7 +229,7 @@ without requiring the source code to be rewritten.")
".tar.lz"))
(sha256
(base32
"083vp6754dp4d5pvcy4bqvxq60cayf92v5slf5cgij8bnvixgyvr"))
"1dnh75h4rkx1zflpsngznkwcd6afn6zrc5x3xq7n946pm5bnx5bq"))
(modules '((guix build utils)))
;; Remove the pre-built object files. Instead, build everything

View File

@ -39,6 +39,10 @@
(string-append "mirror://gnu/gnumach/gnumach-"
version ".tar.gz"))
(define (hurd-source-url version)
(string-append "mirror://gnu/hurd/hurd-"
version ".tar.gz"))
(define-public gnumach-headers
(package
(name "gnumach-headers")
@ -113,8 +117,7 @@ communication.")
(version "0.9")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/hurd/hurd-"
version ".tar.gz"))
(uri (hurd-source-url version))
(sha256
(base32
"1nw9gly0n7pyv3cpfm4mmxy4yccrx4g0lyrvd3vk2vil26jpbggw"))))
@ -242,3 +245,44 @@ Hurd-minimal package which are needed for both glibc and GCC.")
(description
"GNU Mach is the microkernel upon which a GNU Hurd system is based.")
(license gpl2+)))
(define-public hurd
(package
(name "hurd")
(version "0.9")
(source (origin
(method url-fetch)
(uri (hurd-source-url version))
(sha256
(base32
"1nw9gly0n7pyv3cpfm4mmxy4yccrx4g0lyrvd3vk2vil26jpbggw"))
(patches (search-patches "hurd-fix-eth-multiplexer-dependency.patch"))))
(arguments
`(#:phases
(modify-phases %standard-phases
(add-before 'build 'pre-build
(lambda _
;; Don't change the ownership of any file at this time.
(substitute* '("daemons/Makefile" "utils/Makefile")
(("-o root -m 4755") ""))
#t)))
#:configure-flags (list (string-append "LDFLAGS=-Wl,-rpath="
%output "/lib")
"--disable-ncursesw"
"--without-libbz2"
"--without-libz"
"--without-parted")))
(build-system gnu-build-system)
(inputs `(("glibc-hurd-headers" ,glibc/hurd-headers)))
(native-inputs
`(("mig" ,mig)
("perl" ,perl)))
(supported-systems %hurd-systems)
(home-page "https://www.gnu.org/software/hurd/hurd.html")
(synopsis "The kernel servers for the GNU operating system")
(description
"The Hurd is the kernel for the GNU system, a replacement and
augmentation of standard Unix kernels. It is a collection of protocols for
system interaction (file systems, networks, authentication), and servers
implementing them.")
(license gpl2+)))

View File

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2016 Chris Marusich <cmmarusich@gmail.com>
;;;
@ -135,7 +135,7 @@ may also simplify input method development.")
(define-public ibus-libpinyin
(package
(name "ibus-libpinyin")
(version "1.7.2")
(version "1.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/libpinyin/"
@ -143,7 +143,7 @@ may also simplify input method development.")
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"080ixx5lih9lr78b061y67dqmiyc7ij87jl1sa26hhs1dr28ihka"))))
"0gly314z6zn2fv52jw0764k66ry97llk009bk1q1iwf6rr829v68"))))
(build-system glib-or-gtk-build-system)
(arguments
`(#:phases
@ -190,7 +190,7 @@ ZhuYin (Bopomofo) input method based on libpinyin for IBus.")
(define-public libpinyin
(package
(name "libpinyin")
(version "1.2.0")
(version "2.0.0")
(source (origin
(method url-fetch)
(uri (string-append
@ -199,18 +199,18 @@ ZhuYin (Bopomofo) input method based on libpinyin for IBus.")
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"04didxd39vlry6nqy7xqynwc68ndajnhw334wahfmp7zjbbscs7p"))))
"17fibx9psrxfiznm4yw8klgbnh3ksyisx0pm1n59kxkrq61v8y0b"))))
(build-system gnu-build-system)
(arguments
`(#:phases
(modify-phases %standard-phases
(add-before 'configure 'autogen
(lambda _ (zero? (system* "autoreconf" "-vif"))))
(lambda _ (zero? (system* "autoreconf" "-vif"))))
(add-after 'unpack 'unpack-model
(lambda* (#:key inputs #:allow-other-keys)
(zero? (system* "tar" "-xvf"
(assoc-ref inputs "model")
"-C" "data")))))))
(lambda* (#:key inputs #:allow-other-keys)
(zero? (system* "tar" "-xvf"
(assoc-ref inputs "model")
"-C" "data")))))))
(inputs
`(("glib" ,glib)
("bdb" ,bdb)
@ -218,10 +218,10 @@ ZhuYin (Bopomofo) input method based on libpinyin for IBus.")
,(origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/libpinyin/"
"models/model10.text.tar.gz"))
"models/model14.text.tar.gz"))
(sha256
(base32
"0g489wqcfklxphhxpkh8i4qf9y8scmnmdbfrzdbrgf3rignbwyiw"))))))
"0qqk30nflj07zjhs231c95ln4yj4ipzwxxiwrxazrg4hb8bhypqq"))))))
(native-inputs
`(("pkg-config" ,pkg-config)
("autoconf" ,autoconf)

View File

@ -73,4 +73,5 @@ C/C++ part.")
(source (origin
(inherit (package-source icu4c))
(patches
(search-patches "icu4c-reset-keyword-list-iterator.patch"))))))
(search-patches "icu4c-CVE-2017-7867-CVE-2017-7868.patch"
"icu4c-reset-keyword-list-iterator.patch"))))))

View File

@ -6,6 +6,7 @@
;;; Copyright © 2017 Alex Griffin <a@ajgrf.com>
;;; Copyright © 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
;;; Copyright © 2017 nee <nee-git@hidamari.blue>
;;;
;;; This file is part of GNU Guix.
;;;
@ -28,6 +29,7 @@
#:use-module (guix packages)
#:use-module (guix build-system gnu)
#:use-module (guix build-system cmake)
#:use-module (guix build-system python)
#:use-module (gnu packages autotools)
#:use-module (gnu packages algebra)
#:use-module (gnu packages base)
@ -44,6 +46,7 @@
#:use-module (gnu packages maths)
#:use-module (gnu packages photo)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
#:use-module (gnu packages qt)
#:use-module (gnu packages xorg)
#:use-module (gnu packages))
@ -360,3 +363,42 @@ imaging. It supports several HDR and LDR image formats, and it can:
@item Copy EXIF data between sets of images.
@end itemize\n")
(license license:gpl2+)))
;; CBR and RAR are currently unsupported, due to non-free dependencies.
;; For optional PDF support, you can install the mupdf package.
(define-public mcomix
(package
(name "mcomix")
(version "1.2.1")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/mcomix/MComix-" version
"/mcomix-" version ".tar.bz2"))
(sha256
(base32
"0fzsf9pklhfs1rzwzj64c0v30b74nk94p93h371rpg45qnfiahvy"))))
(build-system python-build-system)
(inputs
`(("p7zip" ,p7zip)
("python2-pillow" ,python2-pillow)
("python2-pygtk" ,python2-pygtk)))
(arguments
;; Python 2.5 or newer (Python 3 and up is not supported)
`(#:python ,python-2
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'configure
(lambda* (#:key inputs #:allow-other-keys)
(let ((p7zip (assoc-ref inputs "p7zip")))
;; insert absolute path to 7z executable
(substitute* "mcomix/archive/sevenzip_external.py"
(("_7z_executable = -1")
(string-append "_7z_executable = u'" p7zip "/bin/7z'"))))
#t)))))
(home-page "https://sourceforge.net/p/mcomix/wiki/Home/")
(synopsis "Image viewer for comics")
(description "MComix is a customizable image viewer that specializes as
a comic and manga reader. It supports a variety of container formats
including CBZ, CB7, CBT, LHA.")
(license license:gpl2+)))

View File

@ -598,7 +598,7 @@ compose, and analyze GIF images.")
(define-public imlib2
(package
(name "imlib2")
(version "1.4.9")
(version "1.4.10")
(source (origin
(method url-fetch)
(uri (string-append
@ -606,7 +606,7 @@ compose, and analyze GIF images.")
"/imlib2-" version ".tar.bz2"))
(sha256
(base32
"08809xxk2555yj6glixzw9a0x3x8cx55imd89kj3r0h152bn8a3x"))))
"0wm2q2xlkbm71k7mw2jyzbxgzylrkcj5yh6nq58w5gybhp98qs9z"))))
(build-system gnu-build-system)
(native-inputs
`(("pkgconfig" ,pkg-config)))

View File

@ -5,6 +5,7 @@
;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 ng0 <ng0@libertad.pw>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
;;;
;;; This file is part of GNU Guix.
;;;
@ -141,14 +142,14 @@ SILC and ICB protocols via plugins.")
(define-public weechat
(package
(name "weechat")
(version "1.7")
(version "1.7.1")
(source (origin
(method url-fetch)
(uri (string-append "http://weechat.org/files/src/weechat-"
(uri (string-append "https://weechat.org/files/src/weechat-"
version ".tar.xz"))
(sha256
(base32
"1crdwlxj5liik32svflfac0s87vm6p8xm208yndigzsbg8rli4sr"))
"0c0waxrxq2v0r7981y1ajh9k78jfl223smwrj4v9c5z27iwh8ziz"))
(patches (search-patches "weechat-python.patch"))))
(build-system gnu-build-system)
(native-inputs `(("autoconf" ,autoconf)
@ -190,12 +191,13 @@ SILC and ICB protocols via plugins.")
#t))))))
(synopsis "Extensible chat client")
(description "WeeChat (Wee Enhanced Environment for Chat) is an
Internet Relay Chat client, which is designed to be light and fast.
The client uses a curses frontend, and there are remote interfaces
for Web, Qt, Android and Emacs. In WeeChat everything can be done
with a keyboard, though it also supports mouse. It is customizable
and extensible with plugins and scripts.")
(home-page "http://www.weechat.org/")
@dfn{Internet Relay Chat} (IRC) client, which is designed to be light and fast.
The client uses a curses frontend, and there are remote interfaces for Web,
Qt, Android, and Emacs.
Everything in WeeChat can be done with the keyboard, though it also supports
using a mouse. It is customizable and extensible with plugins and scripts.")
(home-page "https://www.weechat.org/")
(license license:gpl3)))
(define-public ircii

View File

@ -353,8 +353,8 @@ It has been modified to remove all non-free binary blobs.")
(define %intel-compatible-systems '("x86_64-linux" "i686-linux"))
(define %linux-libre-version "4.10.10")
(define %linux-libre-hash "1py6hzv39hbyafkvz69pmcidwxbd7psp9jzmnm4dg4jj7j92m6b7")
(define %linux-libre-version "4.10.12")
(define %linux-libre-hash "10k86blssyhhv2xvdqygyg3h43qppkffi09mg6ckxjsfv7crrf8j")
(define-public linux-libre
(make-linux-libre %linux-libre-version
@ -363,14 +363,14 @@ It has been modified to remove all non-free binary blobs.")
#:configuration-file kernel-config))
(define-public linux-libre-4.9
(make-linux-libre "4.9.22"
"1dvsbqkw7wvg40nmzdyiyvb0i54j5w6d9dvsvv7z87d2id56lqm0"
(make-linux-libre "4.9.24"
"0554b5899wvzf3w6wxxxsniriq3mw31h23kb2xp9g815yhnw6acd"
%intel-compatible-systems
#:configuration-file kernel-config))
(define-public linux-libre-4.4
(make-linux-libre "4.4.61"
"12555h3yxymxgfgq3g33sy78g7rj6l8dpqr29z98kr9ybs93q7vj"
(make-linux-libre "4.4.63"
"1ipzjrrgjd1cdfpj1110zav3wkq60xxagc2hvb50yni8wrxfbf40"
%intel-compatible-systems
#:configuration-file kernel-config))

View File

@ -15,7 +15,7 @@
;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox.org>
;;; Copyright © 2016 Alex Kost <alezost@gmail.com>
;;; Copyright © 2016 Troy Sankey <sankeytms@gmail.com>
;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2016, 2017 ng0 <ng0@no-reply.pragmatique.xyz>
;;; Copyright © 2016 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2016, 2017 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2016 John Darrington <jmd@gnu.org>
@ -23,6 +23,7 @@
;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
;;; Copyright © 2017 Kyle Meyer <kyle@kyleam.com>
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Rene Saavedra <rennes@openmailbox.org>
;;;
;;; This file is part of GNU Guix.
;;;
@ -58,6 +59,7 @@
#:use-module (gnu packages emacs)
#:use-module (gnu packages enchant)
#:use-module (gnu packages ghostscript)
#:use-module (gnu packages gettext)
#:use-module (gnu packages glib)
#:use-module (gnu packages gnome)
#:use-module (gnu packages gnupg)
@ -94,6 +96,7 @@
#:use-module (gnu packages tls)
#:use-module (gnu packages networking)
#:use-module (gnu packages web)
#:use-module (gnu packages webkit)
#:use-module (gnu packages xml)
#:use-module (gnu packages xorg)
#:use-module (gnu packages docbook)
@ -222,14 +225,14 @@ aliasing facilities to work just as they would on normal mail.")
(define-public mutt
(package
(name "mutt")
(version "1.8.1")
(version "1.8.2")
(source (origin
(method url-fetch)
(uri (string-append "https://bitbucket.org/mutt/mutt/downloads/"
"mutt-" version ".tar.gz"))
(sha256
(base32
"1b8dggq5x1b77a9i9250b3jhv2iddfzhr9rix1yfzckdms65mr8b"))
"0dgjjryp1ggbc6ivy9cfz5jl3gnbahb6d6hcwn7c7wk5npqpn18x"))
(patches (search-patches "mutt-store-references.patch"))))
(build-system gnu-build-system)
(inputs
@ -262,16 +265,15 @@ operating systems.")
(package
(inherit mutt)
(name "neomutt")
(version "20170306")
(version "20170421")
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/" name "/" name
"/archive/" name "-" version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"0qwcbjm9j1hgzmybw15w53pvfbqcdf47d4sw21s6r2yaj8kx1hag"))))
"09f1abad0vdn08x80hadjccjpnzcbn5fjpj749gb819biyqkl0y2"))))
(inputs
`(("cyrus-sasl" ,cyrus-sasl)
("gdbm" ,gdbm)
@ -290,6 +292,7 @@ operating systems.")
(native-inputs
`(("autoconf" ,autoconf)
("automake" ,automake)
("gettext-minimal" ,gettext-minimal)
("pkg-config" ,pkg-config)))
(arguments
`(#:configure-flags
@ -336,8 +339,7 @@ operating systems.")
(synopsis "Command-line mail reader based on Mutt")
(description
"NeoMutt is a command-line mail reader which is based on mutt.
It adds a large amount of features to mutt, and they all find their way
into mutt, so it is not a fork but a large set of feature patches.")))
It adds a large amount of new and improved features to mutt.")))
(define-public gmime
(package
@ -2284,3 +2286,58 @@ tools and applications:
@item pilot, the standalone file system navigator
@end enumerate\n")
(license asl2.0)))
(define-public balsa
(package
(name "balsa")
(version "2.5.3")
(source
(origin
(method url-fetch)
(uri (string-append "https://pawsa.fedorapeople.org/balsa/balsa-"
version ".tar.bz2"))
(sha256
(base32
"15jkwp3ylbwd8iha4dr37z1xb6mkk31ym90vv3h2a5xk2rmym5mq"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
'(;; Balsa tries to install additional MIME icons
;; under gtk+ directory.
"--enable-extra-mimeicons=no"
"--with-gtksourceview"
"--with-canberra"
"--with-spell-checker=gtkspell"
"--with-gpgme"
"--with-sqlite"
"--with-compface"
"--with-ldap")))
(inputs
`(("cyrus-sasl" ,cyrus-sasl)
("enchant" ,enchant)
("gdk-pixbuf" ,gdk-pixbuf)
("gmime" ,gmime)
("gnutls" ,gnutls)
("gpgme" ,gpgme)
("gtk+" ,gtk+)
("gtksourceview" ,gtksourceview)
("gtkspell3" ,gtkspell3)
("libcanberra" ,libcanberra)
("libesmtp" ,libesmtp)
("libnotify" ,libnotify)
("openldap" ,openldap)
("sqlite" ,sqlite)
("webkitgtk" ,webkitgtk)))
(native-inputs
`(("compface" ,compface)
("glib" ,glib "bin")
("intltool" ,intltool)
("pkg-config" ,pkg-config)
("yelp-tools" ,yelp-tools)))
(home-page "https://pawsa.fedorapeople.org/balsa")
(synopsis "E-mail client for GNOME")
(description "Balsa is a highly configurable and robust mail client for
the GNOME desktop. It supports both POP3 and IMAP servers as well as the
mbox, maildir and mh local mailbox formats. Balsa also supports SMTP and/or
the use of a local MTA such as Sendemail.")
(license gpl3+)))

View File

@ -489,7 +489,7 @@ singular value problems.")
(define-public gnuplot
(package
(name "gnuplot")
(version "5.0.5")
(version "5.0.6")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/gnuplot/gnuplot/"
@ -497,7 +497,7 @@ singular value problems.")
version ".tar.gz"))
(sha256
(base32
"0lr065qdlgss8lmy31l7hkmnk9fp4lvqq9qgb1f1209f36zy1wr5"))))
"0q5lr6nala3ln6f3yp6g17ziymb9r9gx9zylnw1y3hjmwl9lggjv"))))
(build-system gnu-build-system)
(inputs `(("readline" ,readline)
("cairo" ,cairo)

View File

@ -434,24 +434,23 @@ simultaneously and therefore appear under the same nickname on IRC.")
(define-public python-nbxmpp
(package
(name "python-nbxmpp")
(version "0.5.3")
(version "0.5.5")
(source
(origin
(method url-fetch)
(uri (string-append "https://pypi.python.org/packages/source/n/nbxmpp/"
"nbxmpp-" version ".tar.gz"))
(uri (pypi-uri "nbxmpp" version))
(sha256
(base32
"0dcr786dyips1fdvgsn8yvpgcz5j7217fi05c29cfypdl8jnp6mp"))))
"1gnzrzrdl4nii1sc5x8p5iw2ya5sl70j3nn34abqsny51p2pzmv6"))))
(build-system python-build-system)
;; No tests included
(arguments `(#:tests? #f))
(home-page "http://python-nbxmpp.gajim.org")
(arguments
`(#:tests? #f)) ; no tests
(home-page "https://dev.gajim.org/gajim/python-nbxmpp")
(synopsis "Non-blocking Jabber/XMPP module")
(description
"The goal of this python library is to provide a way for Python
applications to use Jabber/XMPP networks in a non-blocking way. This library
was initially a fork of xmpppy, but is using non-blocking sockets.")
was initially a fork of xmpppy, but uses non-blocking sockets.")
(license license:gpl3+)))
(define-public python2-nbxmpp

View File

@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Tobias Geerinckx-Rice <me@tobias.gr>
;;;
;;; This file is part of GNU Guix.
@ -30,21 +30,21 @@
(define-public moreutils
(package
(name "moreutils")
(version "0.59")
(version "0.60")
(source
(origin
(method url-fetch)
(uri (list
(string-append
"mirror://debian/pool/main/m/moreutils/moreutils_"
version ".orig.tar.gz")
version ".orig.tar.xz")
;; The main Debian mirrors only hold the current packages.
(string-append
"http://snapshot.debian.org/archive/debian/20161223T212806Z"
"/pool/main/m/moreutils/moreutils_0.59.orig.tar.gz")))
"http://snapshot.debian.org/archive/debian-debug/20170109T210531Z"
"/pool/main/m/moreutils/moreutils_0.60.orig.tar.xz")))
(sha256
(base32
"1d6ik3j4lwp90vb93p7yv60k6vk2chz448d1z9xrmxvv371i33m4"))))
"1i8pphg5i5y4x1s1hz73gqhispgspr13bysmk9vh7l6jrfx1hbg4"))))
(build-system gnu-build-system)
;; For building the manual pages.
(native-inputs

View File

@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2014, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015, 2016 Stefan Reichör <stefan@xsteve.at>
;;; Copyright © 2016 Raimon Grau <raimonster@gmail.com>
@ -1122,6 +1122,24 @@ IPFIX, RSPAN, CLI, LACP, 802.1ag).")
license:bsd-2 license:bsd-3
license:asl2.0)))) ; all other
(define-public python-ipy
(package
(name "python-ipy")
(version "0.83")
(source (origin
(method url-fetch)
(uri (pypi-uri "IPy" version))
(sha256
(base32
"1f6sdrxclifky4gvkf4gvyv5hx3fjh8vzspnfrqki6qm5d9mmnk1"))))
(build-system python-build-system)
(home-page "https://github.com/autocracy/python-ipy/")
(synopsis "Python class and tools for handling IP addresses and networks")
(description "The @code{IP} class allows a comfortable parsing and
handling for most notations in use for IPv4 and IPv6 addresses and
networks.")
(license license:bsd-3)))
(define-public speedtest-cli
(package
(name "speedtest-cli")

View File

@ -2,6 +2,7 @@
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;;
;;; This file is part of GNU Guix.
;;;
@ -26,8 +27,10 @@
#:use-module (gnu packages gnupg)
#:use-module (gnu packages groff)
#:use-module (gnu packages icu4c)
#:use-module (gnu packages linux)
#:use-module (gnu packages python)
#:use-module (gnu packages tls)
#:use-module ((guix licenses) #:select (openldap2.8))
#:use-module ((guix licenses) #:select (openldap2.8 lgpl2.1+))
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu))
@ -74,3 +77,35 @@
"OpenLDAP is a free implementation of the Lightweight Directory Access Protocol.")
(license openldap2.8)
(home-page "http://www.openldap.org/")))
(define-public nss-pam-ldapd
(package
(name "nss-pam-ldapd")
(version "0.9.7")
(source (origin
(method url-fetch)
(uri (string-append "https://arthurdejong.org/nss-pam-ldapd/"
"nss-pam-ldapd-" version ".tar.gz"))
(sha256
(base32
"1sw36w6zkzvabvjckqick032j5p5xi0qi3sgnh0znzxz31jqvf0d"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
(list (string-append "--with-pam-seclib-dir="
(assoc-ref %outputs "out") "/lib/security/")
(string-append "--with-ldap-conf-file="
(assoc-ref %outputs "out") "/etc/nslcd.conf"))))
(inputs
`(("linux-pam" ,linux-pam)
("openldap" ,openldap)
("python" ,python-2)))
(home-page "https://arthurdejong.org/nss-pam-ldapd")
(synopsis "NSS and PAM modules for LDAP")
(description "nss-pam-ldapd provides a @dfn{Name Service Switch} (NSS)
module that allows your LDAP server to provide user account, group, host name,
alias, netgroup, and basically any other information that you would normally
get from @file{/etc} flat files or NIS. It also provides a @dfn{Pluggable
Authentication Module} (PAM) to do identity and authentication management with
an LDAP server.")
(license lgpl2.1+)))

View File

@ -91,6 +91,12 @@
(assoc-ref %build-inputs
"libgcrypt")))
#:parallel-tests? #f ;work around <http://bugs.gnu.org/21097>
#:modules ((guix build gnu-build-system)
(guix build utils)
(ice-9 popen)
(ice-9 rdelim))
#:phases (modify-phases %standard-phases
(add-before
'configure 'copy-bootstrap-guile
@ -139,19 +145,24 @@
;; correct value, so set it.
(setenv "SHELL" (which "sh"))
#t))
(add-after
'install 'wrap-program
(add-after 'install 'wrap-program
(lambda* (#:key inputs outputs #:allow-other-keys)
;; Make sure the 'guix' command finds GnuTLS and
;; Guile-JSON automatically.
(let* ((out (assoc-ref outputs "out"))
(guile (assoc-ref inputs "guile"))
(json (assoc-ref inputs "guile-json"))
(ssh (assoc-ref inputs "guile-ssh"))
(gnutls (assoc-ref inputs "gnutls"))
(effective
(read-line
(open-pipe* OPEN_READ
(string-append guile "/bin/guile")
"-c" "(display (effective-version))")))
(path (string-append
json "/share/guile/site/2.0:"
ssh "/share/guile/site/2.0:"
gnutls "/share/guile/site/2.0")))
json "/share/guile/site/" effective ":"
ssh "/share/guile/site/" effective ":"
gnutls "/share/guile/site/" effective)))
(wrap-program (string-append out "/bin/guix")
`("GUILE_LOAD_PATH" ":" prefix (,path))
@ -224,9 +235,9 @@ the Nix package manager.")
;;
;; Note: use a very short commit id; with a longer one, the limit on
;; hash-bang lines would be exceeded while running the tests.
(let ((commit "aabece2ef8f87c35ceb3678f39fcfd244b15bb0f"))
(let ((commit "25a49294caf2386e65fc1b12a2508324be0b1cc2"))
(package (inherit guix-0.12.0)
(version (string-append "0.12.0-7." (string-take commit 4)))
(version (string-append "0.12.0-9." (string-take commit 4)))
(source (origin
(method git-fetch)
(uri (git-reference
@ -236,7 +247,7 @@ the Nix package manager.")
(commit commit)))
(sha256
(base32
"0n8rrwwax9g6i38vq4y2xwb30irkv4c53mqcm5hqv78rb33x8z1l"))
"0p4rh0629j89v4ka5dsp70a1xrfhg7sxjjq54p68vw7x5dkann4a"))
(file-name (string-append "guix-" version "-checkout"))))
(arguments
(substitute-keyword-arguments (package-arguments guix-0.12.0)

View File

@ -1,12 +1,13 @@
Disable CPU optimizations not supported by the vast majority of
x86_64 systems. Also don't add anything for i686.
Disable CPU optimizations not supported by all x86_64 systems. Also
don't add anything for i686.
--- a/cmake/modules/SIMDExt.cmake 2017-03-23 22:22:58.254071694 +0100
+++ b/cmake/modules/SIMDExt.cmake 2017-03-23 22:23:22.446848845 +0100
@@ -6,10 +6,6 @@
@@ -5,11 +5,6 @@
# HAVE_ARM_NEON
# HAVE_INTEL_SSE
# HAVE_INTEL_SSE2
# HAVE_INTEL_SSE3
-# HAVE_INTEL_SSE3
-# HAVE_INTEL_SSSE3
-# HAVE_INTEL_PCLMUL
-# HAVE_INTEL_SSE4_1
@ -14,7 +15,7 @@ x86_64 systems. Also don't add anything for i686.
#
# SIMD_COMPILE_FLAGS
#
@@ -56,7 +53,7 @@
@@ -56,7 +51,7 @@
if(HAVE_ARM_NEON)
set(SIMD_COMPILE_FLAGS "${SIMD_COMPILE_FLAGS} -mfpu=neon")
endif()
@ -23,10 +24,14 @@ x86_64 systems. Also don't add anything for i686.
set(HAVE_INTEL 1)
CHECK_C_COMPILER_FLAG(-msse HAVE_INTEL_SSE)
if(HAVE_INTEL_SSE)
@@ -70,20 +67,4 @@
if(HAVE_INTEL_SSE3)
set(SIMD_COMPILE_FLAGS "${SIMD_COMPILE_FLAGS} -msse3")
@@ -66,24 +61,4 @@
if(HAVE_INTEL_SSE2)
set(SIMD_COMPILE_FLAGS "${SIMD_COMPILE_FLAGS} -msse2")
endif()
- CHECK_C_COMPILER_FLAG(-msse3 HAVE_INTEL_SSE3)
- if(HAVE_INTEL_SSE3)
- set(SIMD_COMPILE_FLAGS "${SIMD_COMPILE_FLAGS} -msse3")
- endif()
- CHECK_C_COMPILER_FLAG(-mssse3 HAVE_INTEL_SSSE3)
- if(HAVE_INTEL_SSSE3)
- set(SIMD_COMPILE_FLAGS "${SIMD_COMPILE_FLAGS} -mssse3")

View File

@ -0,0 +1,15 @@
The `fab` excecutable doesn't exist during the test phase as it is created
dynamically during installation. Refer to the equivalent Python module
directly.
--- a/tests/test_utils.py
+++ b/tests/test_utils.py
@@ -93,7 +93,7 @@
# perform when they are allowed to bubble all the way to the top. So, we
# invoke a subprocess and look at its stderr instead.
with quiet():
- result = local("fab -f tests/support/aborts.py kaboom", capture=True)
+ result = local("python -m fabric -f tests/support/aborts.py kaboom", capture=True)
# When error in #1318 is present, this has an extra "It burns!" at end of
# stderr string.
eq_(result.stderr, "Fatal error: It burns!\n\nAborting.")

View File

@ -1,28 +0,0 @@
This patch makes the exeception specifier of libiberty's 'asprintf'
and 'vasprintf' declarations match those of glibc to work around the
problem described at <https://gcc.gnu.org/ml/gcc-help/2016-04/msg00039.html>.
The problem in part stems from the fact that libiberty is configured
without _GNU_SOURCE (thus, it sets HAVE_DECL_ASPRINTF to 0), whereas libcc1
is configured and built with _GNU_SOURCE, hence the conflicting declarations.
--- gcc-5.3.0/include/libiberty.h 2016-04-23 22:45:46.262709079 +0200
+++ gcc-5.3.0/include/libiberty.h 2016-04-23 22:45:37.110635439 +0200
@@ -625,7 +625,7 @@ extern int pwait (int, int *, int);
/* Like sprintf but provides a pointer to malloc'd storage, which must
be freed by the caller. */
-extern int asprintf (char **, const char *, ...) ATTRIBUTE_PRINTF_2;
+extern int asprintf (char **, const char *, ...) __THROWNL ATTRIBUTE_PRINTF_2;
#endif
/* Like asprintf but allocates memory without fail. This works like
@@ -637,7 +637,7 @@ extern char *xasprintf (const char *, ..
/* Like vsprintf but provides a pointer to malloc'd storage, which
must be freed by the caller. */
-extern int vasprintf (char **, const char *, va_list) ATTRIBUTE_PRINTF(2,0);
+extern int vasprintf (char **, const char *, va_list) __THROWNL ATTRIBUTE_PRINTF(2,0);
#endif
/* Like vasprintf but allocates memory without fail. This works like

View File

@ -0,0 +1,25 @@
From 1ce331d5548b98ed8b818532b2556d6f2c7a3b83 Mon Sep 17 00:00:00 2001
From: Martin Hosken <martin_hosken@sil.org>
Date: Thu, 9 Mar 2017 22:04:04 +0000
Subject: [PATCH] Ensure features have enough space. Fix from Mozilla
---
src/FeatureMap.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/FeatureMap.cpp b/src/FeatureMap.cpp
index b8c8405..83bd5f6 100644
--- a/src/FeatureMap.cpp
+++ b/src/FeatureMap.cpp
@@ -275,7 +275,7 @@ bool FeatureRef::applyValToFeature(uint32 val, Features & pDest) const
else
if (pDest.m_pMap!=&m_pFace->theSill().theFeatureMap())
return false; //incompatible
- pDest.reserve(m_index);
+ pDest.reserve(m_index+1);
pDest[m_index] &= ~m_mask;
pDest[m_index] |= (uint32(val) << m_bits);
return true;
--
2.12.2

View File

@ -0,0 +1,50 @@
From 348c11e4571b534efdbd58a575bbea979c880b2f Mon Sep 17 00:00:00 2001
From: Tim Eves <tim_eves@sil.org>
Date: Wed, 1 Mar 2017 14:23:46 +0700
Subject: [PATCH] Fix decoding of USV greater than U+110000
Add test cases too
---
src/inc/UtfCodec.h | 4 ++--
tests/utftest/utftest.cpp | 3 +++
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/inc/UtfCodec.h b/src/inc/UtfCodec.h
index 3417bac..9dc760f 100644
--- a/src/inc/UtfCodec.h
+++ b/src/inc/UtfCodec.h
@@ -124,7 +124,7 @@ struct _utf_codec<8>
private:
static const int8 sz_lut[16];
static const byte mask_lut[5];
-
+ static const uchar_t limit = 0x110000;
public:
typedef uint8 codeunit_t;
@@ -157,7 +157,7 @@ public:
case 0: l = -1; return 0xFFFD;
}
- if (l != seq_sz || toolong)
+ if (l != seq_sz || toolong || u >= limit)
{
l = -l;
return 0xFFFD;
diff --git a/tests/utftest/utftest.cpp b/tests/utftest/utftest.cpp
index 21cb188..a23553a 100644
--- a/tests/utftest/utftest.cpp
+++ b/tests/utftest/utftest.cpp
@@ -8,6 +8,9 @@ struct test8
unsigned char str[12];
};
struct test8 tests8[] = {
+ { 0, 0, {0xF4, 0x90, 0x80, 0x80, 0, 0, 0, 0, 0, 0, 0, 0} }, // bad(4) [U+110000]
+ { 0, 0, {0xC0, 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, // bad(4) [U+110000]
+ { 0, 0, {0xA0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, // bad(4) [U+110000]
{ 4, -1, {0x7F, 0xDF, 0xBF, 0xEF, 0xBF, 0xBF, 0xF4, 0x8F, 0xBF, 0xBF, 0, 0} }, // U+7F, U+7FF, U+FFFF, U+10FFF
{ 2, 3, {0x7F, 0xDF, 0xBF, 0xF0, 0x8F, 0xBF, 0xBF, 0xF4, 0x8F, 0xBF, 0xBF, 0} }, // U+7F, U+7FF, long(U+FFFF), U+10FFF
{ 1, 1, {0x7F, 0xE0, 0x9F, 0xBF, 0xEF, 0xBF, 0xBF, 0xF4, 0x8F, 0xBF, 0xBF, 0} }, // U+7F, long(U+7FF), U+FFFF, U+10FFF
--
2.12.2

View File

@ -0,0 +1,93 @@
This patch incorporates the following 6 consecutive commits from the upstream
graphite2 repository:
75b83cd..: Martin Hosken 2017-03-28 Fix 32-bit wrap arounds
1f97e36..: Martin Hosken 2017-03-28 balance comparisons in decompressor
9493785..: Martin Hosken 2017-03-29 Speculative rounding fix
09af043..: Tim Eves 2017-03-31 Move a MINMATCH to rhs of a comparisio
28cc60d..: Tim Eves 2017-03-31 Deal with similar wrap around in literal_len
8afc7d0..: Martin Hosken 2017-04-03 Fix 32-bit rollover in decompressor, again
This diff was generated by the following command:
git diff 1ce331d5548b98ed..8afc7d0081959866
diff --git a/src/Decompressor.cpp b/src/Decompressor.cpp
index 084570f..56d531f 100644
--- a/src/Decompressor.cpp
+++ b/src/Decompressor.cpp
@@ -51,7 +51,7 @@ bool read_sequence(u8 const * &src, u8 const * const end, u8 const * &literal, u
literal = src;
src += literal_len;
- if (src > end - 2)
+ if (src > end - 2 || src < literal)
return false;
match_dist = *src++;
@@ -85,7 +85,7 @@ int lz4::decompress(void const *in, size_t in_size, void *out, size_t out_size)
{
// Copy in literal. At this point the last full sequence must be at
// least MINMATCH + 5 from the end of the output buffer.
- if (dst + align(literal_len) > dst_end - (MINMATCH+5))
+ if (align(literal_len) > unsigned(dst_end - dst - (MINMATCH+5)) || dst_end - dst < MINMATCH + 5)
return -1;
dst = overrun_copy(dst, literal, literal_len);
}
@@ -94,7 +94,8 @@ int lz4::decompress(void const *in, size_t in_size, void *out, size_t out_size)
// decoded output.
u8 const * const pcpy = dst - match_dist;
if (pcpy < static_cast<u8*>(out)
- || dst + match_len + MINMATCH > dst_end - 5)
+ || match_len > unsigned(dst_end - dst - (MINMATCH+5))
+ || dst_end - dst < MINMATCH + 5)
return -1;
if (dst > pcpy+sizeof(unsigned long)
&& dst + align(match_len + MINMATCH) <= dst_end)
@@ -103,8 +104,8 @@ int lz4::decompress(void const *in, size_t in_size, void *out, size_t out_size)
dst = safe_copy(dst, pcpy, match_len + MINMATCH);
}
- if (literal + literal_len > src_end
- || dst + literal_len > dst_end)
+ if (literal_len > src_end - literal
+ || literal_len > dst_end - dst)
return -1;
dst = fast_copy(dst, literal, literal_len);
diff --git a/src/Pass.cpp b/src/Pass.cpp
index a4bac2e..683143c 100644
--- a/src/Pass.cpp
+++ b/src/Pass.cpp
@@ -171,7 +171,7 @@ bool Pass::readPass(const byte * const pass_start, size_t pass_length, size_t su
const uint16 * const o_actions = reinterpret_cast<const uint16 *>(p);
be::skip<uint16>(p, m_numRules + 1);
const byte * const states = p;
- if (e.test(p + 2u*m_numTransition*m_numColumns >= pass_end, E_BADPASSLENGTH)) return face.error(e);
+ if (e.test(2u*m_numTransition*m_numColumns >= (unsigned)(pass_end - p), E_BADPASSLENGTH)) return face.error(e);
be::skip<int16>(p, m_numTransition*m_numColumns);
be::skip<uint8>(p);
if (e.test(p != pcCode, E_BADPASSCCODEPTR)) return face.error(e);
@@ -192,7 +192,7 @@ bool Pass::readPass(const byte * const pass_start, size_t pass_length, size_t su
m_cPConstraint = vm::Machine::Code(true, pcCode, pcCode + pass_constraint_len,
precontext[0], be::peek<uint16>(sort_keys), *m_silf, face, PASS_TYPE_UNKNOWN);
if (e.test(!m_cPConstraint, E_OUTOFMEM)
- || e.test(!m_cPConstraint, m_cPConstraint.status() + E_CODEFAILURE))
+ || e.test(m_cPConstraint.status() != Code::loaded, m_cPConstraint.status() + E_CODEFAILURE))
return face.error(e);
face.error_context(face.error_context() - 1);
}
diff --git a/src/Silf.cpp b/src/Silf.cpp
index 72a22cd..d661992 100644
--- a/src/Silf.cpp
+++ b/src/Silf.cpp
@@ -191,7 +191,7 @@ bool Silf::readGraphite(const byte * const silf_start, size_t lSilf, Face& face,
const size_t clen = readClassMap(p, passes_start - p, version, e);
m_passes = new Pass[m_numPasses];
- if (e || e.test(p + clen > passes_start, E_BADPASSESSTART)
+ if (e || e.test(clen > unsigned(passes_start - p), E_BADPASSESSTART)
|| e.test(!m_passes, E_OUTOFMEM))
{ releaseBuffers(); return face.error(e); }

View File

@ -0,0 +1,26 @@
From 0646e4ee471183994f78a759269f0505617711f3 Mon Sep 17 00:00:00 2001
From: Martin Hosken <martin_hosken@sil.org>
Date: Tue, 18 Apr 2017 13:17:14 +0100
Subject: [PATCH] Ensure non linear classes have even number of elements
---
src/Silf.cpp | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/Silf.cpp b/src/Silf.cpp
index d661992..9f2f954 100644
--- a/src/Silf.cpp
+++ b/src/Silf.cpp
@@ -293,7 +293,8 @@ size_t Silf::readClassMap(const byte *p, size_t data_len, uint32 version, Error
if (e.test(*o + 4 > max_off, E_HIGHCLASSOFFSET) // LookupClass doesn't stretch over max_off
|| e.test(lookup[0] == 0 // A LookupClass with no looks is a suspicious thing ...
|| lookup[0] * 2 + *o + 4 > max_off // numIDs lookup pairs fits within (start of LookupClass' lookups array, max_off]
- || lookup[3] + lookup[1] != lookup[0], E_BADCLASSLOOKUPINFO)) // rangeShift: numIDs - searchRange
+ || lookup[3] + lookup[1] != lookup[0], E_BADCLASSLOOKUPINFO) // rangeShift: numIDs - searchRange
+ || e.test(((o[1] - *o) & 1) != 0, ERROROFFSET)) // glyphs are in pairs so difference must be even.
return ERROROFFSET;
}
--
2.12.2

View File

@ -1,45 +0,0 @@
From 88c9657960a6c5d3673a25c266781e876c181add Mon Sep 17 00:00:00 2001
From: Hector Marco-Gisbert <hecmargi@upv.es>
Date: Fri, 13 Nov 2015 16:21:09 +0100
Subject: [PATCH] Fix security issue when reading username and password
This patch fixes two integer underflows at:
* grub-core/lib/crypto.c
* grub-core/normal/auth.c
Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
---
grub-core/lib/crypto.c | 2 +-
grub-core/normal/auth.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
index 010e550..524a3d8 100644
--- a/grub-core/lib/crypto.c
+++ b/grub-core/lib/crypto.c
@@ -468,7 +468,7 @@ grub_password_get (char buf[], unsigned buf_size)
break;
}
- if (key == '\b')
+ if (key == '\b' && cur_len)
{
cur_len--;
continue;
diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c
index c6bd96e..5782ec5 100644
--- a/grub-core/normal/auth.c
+++ b/grub-core/normal/auth.c
@@ -172,7 +172,7 @@ grub_username_get (char buf[], unsigned buf_size)
break;
}
- if (key == '\b')
+ if (key == '\b' && cur_len)
{
cur_len--;
grub_printf ("\b");
--
1.9.1

View File

@ -1,24 +0,0 @@
commit fd0df6d098b1e6a4f60275c48a3ec88d15ba1fbb
Author: Colin Watson <cjwatson@ubuntu.com>
Date: Fri Nov 29 12:19:36 2013 +0000
Fix build with FreeType 2.5.1
* util/grub-gen-asciih.c: Include FT_SYNTHESIS_H rather than
<freetype/ftsynth.h>, fixing build with FreeType 2.5.1.
* util/grub-gen-widthspec.c: Likewise.
* util/grub-mkfont.c: Likewise.
diff --git a/util/grub-mkfont.c b/util/grub-mkfont.c
index 0d8eb78..242dd01 100644
--- a/util/grub-mkfont.c
+++ b/util/grub-mkfont.c
@@ -43,7 +43,7 @@
#include FT_FREETYPE_H
#include FT_TRUETYPE_TAGS_H
#include FT_TRUETYPE_TABLES_H
-#include <freetype/ftsynth.h>
+#include FT_SYNTHESIS_H
#undef __FTERRORS_H__
#define FT_ERROR_START_LIST const char *ft_errmsgs[] = {

View File

@ -1,42 +0,0 @@
This patch is needed to allow builds with newer versions of
the GNU libc (2.16+).
commit 66712c23388e93e5c518ebc8515140fa0c807348
Author: Eric Blake <eblake@redhat.com>
Date: Thu Mar 29 13:30:41 2012 -0600
stdio: don't assume gets any more
Gnulib intentionally does not have a gets module, and now that C11
and glibc have dropped it, we should be more proactive about warning
any user on a platform that still has a declaration of this dangerous
interface.
* m4/stdio_h.m4 (gl_STDIO_H, gl_STDIO_H_DEFAULTS): Drop gets
support.
* modules/stdio (Makefile.am): Likewise.
* lib/stdio-read.c (gets): Likewise.
* tests/test-stdio-c++.cc: Likewise.
* m4/warn-on-use.m4 (gl_WARN_ON_USE_PREPARE): Fix comment.
* lib/stdio.in.h (gets): Make warning occur in more places.
* doc/posix-functions/gets.texi (gets): Update documentation.
Reported by Christer Solskogen.
Signed-off-by: Eric Blake <eblake@redhat.com>
--- grub-2.00/grub-core/gnulib/stdio.in.h 2013-02-10 16:17:09.000000000 +0100
+++ grub-2.00/grub-core/gnulib/stdio.in.h 2013-02-10 16:17:11.000000000 +0100
@@ -137,12 +137,6 @@ _GL_WARN_ON_USE (fflush, "fflush is not
"use gnulib module fflush for portable POSIX compliance");
#endif
-/* It is very rare that the developer ever has full control of stdin,
- so any use of gets warrants an unconditional warning. Assume it is
- always declared, since it is required by C89. */
-#undef gets
-_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
-
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
# if !(defined __cplusplus && defined GNULIB_NAMESPACE)

View File

@ -1,203 +0,0 @@
Apply fixes for ARM to Guile.
From df8c52e93dfa3965e4714275f4b8cea2c8e0170b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
Date: Fri, 4 Jul 2014 15:35:06 +0200
Subject: [PATCH] Recognize arm-* target triplets.
Reported by Sylvain Beucler <beuc@beuc.net>.
* module/system/base/target.scm (cpu-endianness): Add case where CPU is
"arm".
* test-suite/tests/asm-to-bytecode.test ("cross-compilation")["arm-unknown-linux-androideabi"]:
New test.
---
module/system/base/target.scm | 4 +++-
test-suite/tests/asm-to-bytecode.test | 5 ++++-
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/module/system/base/target.scm b/module/system/base/target.scm
index c74ae67..cefa951 100644
--- a/module/system/base/target.scm
+++ b/module/system/base/target.scm
@@ -1,6 +1,6 @@
;;; Compilation targets
-;; Copyright (C) 2011, 2012, 2013 Free Software Foundation, Inc.
+;; Copyright (C) 2011, 2012, 2013, 2014 Free Software Foundation, Inc.
;; This library is free software; you can redistribute it and/or
;; modify it under the terms of the GNU Lesser General Public
@@ -72,6 +72,8 @@
(endianness big))
((string-match "^arm.*el" cpu)
(endianness little))
+ ((string=? "arm" cpu) ;ARMs are LE by default
+ (endianness little))
(else
(error "unknown CPU endianness" cpu)))))
diff --git a/test-suite/tests/asm-to-bytecode.test b/test-suite/tests/asm-to-bytecode.test
index 6d2f20e..62ea0ed 100644
--- a/test-suite/tests/asm-to-bytecode.test
+++ b/test-suite/tests/asm-to-bytecode.test
@@ -1,6 +1,6 @@
;;;; Assembly to bytecode compilation -*- mode: scheme; coding: utf-8; -*-
;;;;
-;;;; Copyright (C) 2010, 2011, 2012, 2013 Free Software Foundation, Inc.
+;;;; Copyright (C) 2010, 2011, 2012, 2013, 2014 Free Software Foundation, Inc.
;;;;
;;;; This library is free software; you can redistribute it and/or
;;;; modify it under the terms of the GNU Lesser General Public
@@ -205,6 +205,9 @@
(test-target "x86_64-unknown-linux-gnux32" ; x32 ABI (Debian tuplet)
(endianness little) 4)
+ (test-target "arm-unknown-linux-androideabi"
+ (endianness little) 4)
+
(pass-if-exception "unknown target"
exception:miscellaneous-error
(call-with-values (lambda ()
--
2.1.2
From ffd3e55cfd12a3559621e3130d613d319243512d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
Date: Fri, 4 Jul 2014 17:26:41 +0200
Subject: [PATCH] Recognize more ARM targets.
Suggested by Dale P. Smith.
* module/system/base/target.scm (cpu-endianness): Add cases for
"arm.*eb", "^aarch64.*be", and "aarch64". Change "arm" case to
"arm.*".
(triplet-pointer-size): Allow underscore as in 'aarch64_be'.
* test-suite/tests/asm-to-bytecode.test ("cross-compilation")["armeb-unknown-linux-gnu",
"aarch64-linux-gnu", "aarch64_be-linux-gnu"]: New tests.
---
module/system/base/target.scm | 10 ++++++++--
test-suite/tests/asm-to-bytecode.test | 6 ++++++
2 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/module/system/base/target.scm b/module/system/base/target.scm
index cefa951..31e3fea 100644
--- a/module/system/base/target.scm
+++ b/module/system/base/target.scm
@@ -72,7 +72,13 @@
(endianness big))
((string-match "^arm.*el" cpu)
(endianness little))
- ((string=? "arm" cpu) ;ARMs are LE by default
+ ((string-match "^arm.*eb" cpu)
+ (endianness big))
+ ((string-prefix? "arm" cpu) ;ARMs are LE by default
+ (endianness little))
+ ((string-match "^aarch64.*be" cpu)
+ (endianness big))
+ ((string=? "aarch64" cpu)
(endianness little))
(else
(error "unknown CPU endianness" cpu)))))
@@ -97,7 +103,7 @@
((string-match "^x86_64-.*-gnux32" triplet) 4) ; x32
((string-match "64$" cpu) 8)
- ((string-match "64[lbe][lbe]$" cpu) 8)
+ ((string-match "64_?[lbe][lbe]$" cpu) 8)
((member cpu '("sparc" "powerpc" "mips" "mipsel")) 4)
((string-match "^arm.*" cpu) 4)
(else (error "unknown CPU word size" cpu)))))
diff --git a/test-suite/tests/asm-to-bytecode.test b/test-suite/tests/asm-to-bytecode.test
index 62ea0ed..8aeba84 100644
--- a/test-suite/tests/asm-to-bytecode.test
+++ b/test-suite/tests/asm-to-bytecode.test
@@ -207,6 +207,12 @@
(test-target "arm-unknown-linux-androideabi"
(endianness little) 4)
+ (test-target "armeb-unknown-linux-gnu"
+ (endianness big) 4)
+ (test-target "aarch64-linux-gnu"
+ (endianness little) 8)
+ (test-target "aarch64_be-linux-gnu"
+ (endianness big) 8)
(pass-if-exception "unknown target"
exception:miscellaneous-error
--
2.1.2
From a85c78ea1393985fdb6e6678dea19135c553d341 Mon Sep 17 00:00:00 2001
From: Mark H Weaver <mhw@netris.org>
Date: Fri, 19 Sep 2014 21:18:09 -0400
Subject: [PATCH] VM: ASM_MUL for ARM: Add earlyclobber constraint to the SMULL
outputs.
Reported by Rob Browning <rlb@defaultvalue.org>.
* libguile/vm-i-scheme.c (ASM_MUL)[ARM]: Add earlyclobber (&) constraint
to the SMULL output registers.
---
libguile/vm-i-scheme.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/libguile/vm-i-scheme.c b/libguile/vm-i-scheme.c
index 587aa95..162efab 100644
--- a/libguile/vm-i-scheme.c
+++ b/libguile/vm-i-scheme.c
@@ -1,5 +1,4 @@
-/* Copyright (C) 2001, 2009, 2010, 2011, 2012, 2013,
- * 2014 Free Software Foundation, Inc.
+/* Copyright (C) 2001, 2009-2014 Free Software Foundation, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License
@@ -363,7 +362,7 @@ VM_DEFINE_FUNCTION (149, ge, "ge?", 2)
{ \
scm_t_signed_bits rlo, rhi; \
asm ("smull %0, %1, %2, %3\n" \
- : "=r" (rlo), "=r" (rhi) \
+ : "=&r" (rlo), "=&r" (rhi) \
: "r" (SCM_UNPACK (x) - scm_tc2_int), \
"r" (SCM_I_INUM (y))); \
if (SCM_LIKELY (SCM_SRS (rlo, 31) == rhi)) \
--
2.1.2
From bed025bd2569b1c033f24d7d9e660e39ebf65cac Mon Sep 17 00:00:00 2001
From: Mark H Weaver <mhw@netris.org>
Date: Sat, 20 Sep 2014 03:59:51 -0400
Subject: [PATCH] VM: Allow the C compiler to choose FP_REG on ARM.
Reported by Rob Browning <rlb@defaultvalue.org>.
* libguile/vm-engine.h (IP_REG)[__arm__]: Remove explicit register
choice ("r7") for FP_REG, which was reported to cause compilation
failures on ARM.
---
libguile/vm-engine.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libguile/vm-engine.h b/libguile/vm-engine.h
index 46d4cff..e618be7 100644
--- a/libguile/vm-engine.h
+++ b/libguile/vm-engine.h
@@ -1,4 +1,4 @@
-/* Copyright (C) 2001, 2009, 2010, 2011, 2012 Free Software Foundation, Inc.
+/* Copyright (C) 2001, 2009-2012, 2014 Free Software Foundation, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License
@@ -81,7 +81,7 @@
#ifdef __arm__
#define IP_REG asm("r9")
#define SP_REG asm("r8")
-#define FP_REG asm("r7")
+#define FP_REG
#endif
#endif
--
2.1.2

View File

@ -0,0 +1,26 @@
From ef0399bad41e60cb30d5073129abeb206076394a Mon Sep 17 00:00:00 2001
From: Manolis Ragkousis <manolis837@gmail.com>
Date: Sat, 8 Apr 2017 16:44:52 +0300
Subject: [PATCH] eth-multiplexer: Fix iohelp missing dependency.
* eth-multiplexer/Makefile (HURDLIBS): Add iohelp.
---
eth-multiplexer/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/eth-multiplexer/Makefile b/eth-multiplexer/Makefile
index 07f909e7..cefa0abd 100644
--- a/eth-multiplexer/Makefile
+++ b/eth-multiplexer/Makefile
@@ -26,7 +26,7 @@ MIGSFLAGS = -imacros $(srcdir)/mig-mutate.h
device-MIGSFLAGS="-DMACH_PAYLOAD_TO_PORT=ports_payload_get_name"
OBJS = $(SRCS:.c=.o) $(MIGSTUBS)
LCLHDRS = ethernet.h util.h vdev.h netfs_impl.h
-HURDLIBS = ports ihash fshelp shouldbeinlibc netfs bpf
+HURDLIBS = ports ihash iohelp fshelp shouldbeinlibc netfs bpf
LDLIBS = -lpthread
CFLAGS += -I$(top_srcdir)/libbpf
--
2.12.2

View File

@ -1,25 +0,0 @@
Fixes doc++'s treatment of tabular within a parameter block.
From commit 883925f8a at http://github.com/LLNL/hypre
--- hypre-2.10.1/src/parcsr_ls/HYPRE_parcsr_ls.h 2015-12-04 22:12:19.000000000 -0600
+++ hypre-2.10.1/src/parcsr_ls/HYPRE_parcsr_ls.h 2016-03-16 09:02:58.547501336 -0500
@@ -1154,8 +1154,6 @@
* Set the symmetry parameter for the
* ParaSails preconditioner.
*
- * @param solver [IN] Preconditioner object for which to set symmetry parameter.
- * @param sym [IN] Value of the symmetry parameter:
* \begin{tabular}{|c|l|} \hline
* value & meaning \\ \hline
* 0 & nonsymmetric and/or indefinite problem, and nonsymmetric preconditioner\\
@@ -1163,6 +1161,9 @@
* 2 & nonsymmetric, definite problem, and SPD (factored) preconditioner \\
* \hline
* \end{tabular}
+ *
+ * @param solver [IN] Preconditioner object for which to set symmetry parameter.
+ * @param sym [IN] Value of the symmetry parameter:
**/
HYPRE_Int HYPRE_ParaSailsSetSym(HYPRE_Solver solver,
HYPRE_Int sym);

View File

@ -1,9 +0,0 @@
--- hypre-2.10.1/src/lib/Makefile.orig 2016-03-11 16:04:03.740259228 -0600
+++ hypre-2.10.1/src/lib/Makefile 2016-03-11 16:04:57.296260190 -0600
@@ -107,5 +107,5 @@
libHYPRE.so: ${FILES_HYPRE}
@echo "Building $@ ... "
- ${BUILD_CC_SHARED} -o ${SONAME} ${FILES_HYPRE} ${SOLIBS} ${SHARED_SET_SONAME}${SONAME} ${SHARED_OPTIONS}
+ ${BUILD_CC_SHARED} ${LDFLAGS} -o ${SONAME} ${FILES_HYPRE} ${SOLIBS} ${SHARED_SET_SONAME}${SONAME} ${SHARED_OPTIONS}
ln -s ${SONAME} $@

View File

@ -1,8 +1,8 @@
Fixes needed when avoiding bundled libraries.
--- icecat-45.3.0/xpcom/build/moz.build.orig
+++ icecat-45.3.0/xpcom/build/moz.build
@@ -92,10 +92,5 @@
--- icecat-52.0.2/xpcom/build/moz.build.orig
+++ icecat-52.0.2/xpcom/build/moz.build
@@ -93,10 +93,5 @@
'/docshell/base',
]
@ -13,38 +13,23 @@ Fixes needed when avoiding bundled libraries.
-
if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa':
CXXFLAGS += CONFIG['TK_CFLAGS']
--- icecat-45.3.0/storage/moz.build.orig
+++ icecat-45.3.0/storage/moz.build
@@ -108,7 +108,6 @@
DEFINES['SQLITE_MAX_LIKE_PATTERN_LENGTH'] = 50000
--- icecat-52.0.2/storage/moz.build.orig
+++ icecat-52.0.2/storage/moz.build
@@ -114,7 +114,6 @@
DEFINES['MOZ_MEMORY_TEMP_STORE_PRAGMA'] = True
LOCAL_INCLUDES += [
- '/db/sqlite3/src',
'/dom/base',
]
--- icecat-45.3.0/dom/indexedDB/moz.build.orig
+++ icecat-45.3.0/dom/indexedDB/moz.build
@@ -96,7 +96,6 @@
SOURCES['Key.cpp'].flags += ['-Wno-error=type-limits']
--- icecat-52.0.2/dom/indexedDB/moz.build.orig
+++ icecat-52.0.2/dom/indexedDB/moz.build
@@ -101,7 +101,6 @@
CXXFLAGS += ['-Wno-error=shadow']
LOCAL_INCLUDES += [
- '/db/sqlite3/src',
'/dom/base',
'/dom/storage',
'/dom/workers',
--- icecat-45.3.0/modules/libmar/tests/Makefile.in.orig
+++ icecat-45.3.0/modules/libmar/tests/Makefile.in
@@ -10,12 +10,5 @@
ifndef MOZ_PROFILE_GENERATE
libs::
$(INSTALL) ../tool/signmar$(BIN_SUFFIX) $(TESTROOT)/unit
- $(INSTALL) $(DEPTH)/dist/bin/$(DLL_PREFIX)nss3$(DLL_SUFFIX) $(TESTROOT)/unit
-ifndef MOZ_FOLD_LIBS
- $(INSTALL) $(DEPTH)/dist/bin/$(DLL_PREFIX)nssutil3$(DLL_SUFFIX) $(TESTROOT)/unit
- $(INSTALL) $(DEPTH)/dist/bin/$(DLL_PREFIX)plc4$(DLL_SUFFIX) $(TESTROOT)/unit
- $(INSTALL) $(DEPTH)/dist/bin/$(DLL_PREFIX)nspr4$(DLL_SUFFIX) $(TESTROOT)/unit
- $(INSTALL) $(DEPTH)/dist/bin/$(DLL_PREFIX)plds4$(DLL_SUFFIX) $(TESTROOT)/unit
-endif
endif
endif # Not Android

View File

@ -1,40 +0,0 @@
# HG changeset patch
# User J. Brown <jb999@gmx.de>
# Date 1476951900 14400
# Node ID cca249d09ef600650e6127c18be438a37e9d4587
# Parent d8bbf1a3957fd25ff24bfee51331c150b154cc39
Bug 1242901 - Fix linking libxul.so with binutils/GNU ld >= 2.26. r=glandium
The build fails with:
/usr/bin/ld: ../../xpcom/components/nsComponentManager.o: relocation R_386_GOTOFF against protected data `start_kPStaticModules_NSModule' can not be used when making a shared object
/usr/bin/ld: final link failed: Bad value
collect2: error: ld returned 1 exit status
This is a patch from 2016/04/27 16:36:50 ryoon found on
http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/www/firefox45/patches/#dirlist.
diff --git a/xpcom/components/Module.h b/xpcom/components/Module.h
--- a/xpcom/components/Module.h
+++ b/xpcom/components/Module.h
@@ -133,17 +133,17 @@ struct Module
#if defined(MOZILLA_INTERNAL_API)
# define NSMODULE_NAME(_name) _name##_NSModule
# if defined(_MSC_VER)
# pragma section(".kPStaticModules$M", read)
# pragma comment(linker, "/merge:.kPStaticModules=.rdata")
# define NSMODULE_SECTION __declspec(allocate(".kPStaticModules$M"), dllexport)
# elif defined(__GNUC__)
# if defined(__ELF__)
-# define NSMODULE_SECTION __attribute__((section(".kPStaticModules"), visibility("protected")))
+# define NSMODULE_SECTION __attribute__((section(".kPStaticModules"), visibility("default")))
# elif defined(__MACH__)
# define NSMODULE_SECTION __attribute__((section("__DATA, .kPStaticModules"), visibility("default")))
# elif defined (_WIN32)
# define NSMODULE_SECTION __attribute__((section(".kPStaticModules"), dllexport))
# endif
# endif
# if !defined(NSMODULE_SECTION)
# error Do not know how to define sections.

File diff suppressed because it is too large Load Diff

View File

@ -1,21 +0,0 @@
Copied from Debian.
description: out-of-bounds read
origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6585
--- a/source/layout/LETableReference.h
+++ b/source/layout/LETableReference.h
@@ -322,7 +322,12 @@ LE_TRACE_TR("INFO: new RTAO")
}
const T& operator()(le_uint32 i, LEErrorCode &success) const {
- return *getAlias(i,success);
+ const T *ret = getAlias(i,success);
+ if (LE_FAILURE(success) || ret==NULL) {
+ return *(new T());
+ } else {
+ return *ret;
+ }
}
size_t getOffsetFor(le_uint32 i, LEErrorCode &success) const {

View File

@ -1,15 +0,0 @@
Copied from Debian.
diff --git a/source/common/ucnv_io.cpp b/source/common/ucnv_io.cpp
index 5dd35d8..4424664 100644
--- a/source/common/ucnv_io.cpp
+++ b/source/common/ucnv_io.cpp
@@ -744,7 +744,7 @@ ucnv_io_getConverterName(const char *alias, UBool *containsOption, UErrorCode *p
* the name begins with 'x-'. If it does, strip it off and try
* again. This behaviour is similar to how ICU4J does it.
*/
- if (aliasTmp[0] == 'x' || aliasTmp[1] == '-') {
+ if (aliasTmp[0] == 'x' && aliasTmp[1] == '-') {
aliasTmp = aliasTmp+2;
} else {
break;

View File

@ -1,189 +0,0 @@
Copied from Debian.
Description: missing boundary checks in layout engine
It was discovered that ICU Layout Engine was missing multiple boundary checks.
These could lead to buffer overflows and memory corruption. A specially
crafted file could cause an application using ICU to parse untrusted font
files to crash and, possibly, execute arbitrary code.
Author: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Origin: upstream, http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/3f9845510b47
Reviewed-By: srl, bae, mschoene
Forwarded: not-needed
Last-Update: 2015-07-30
---
--- icu-52.1.orig/source/layout/ContextualGlyphInsertionProc2.cpp
+++ icu-52.1/source/layout/ContextualGlyphInsertionProc2.cpp
@@ -82,6 +82,10 @@ le_uint16 ContextualGlyphInsertionProces
le_int16 markIndex = SWAPW(entry->markedInsertionListIndex);
if (markIndex > 0) {
+ if (markGlyph < 0 || markGlyph >= glyphStorage.getGlyphCount()) {
+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR;
+ return 0;
+ }
le_int16 count = (flags & cgiMarkedInsertCountMask) >> 5;
le_bool isKashidaLike = (flags & cgiMarkedIsKashidaLike);
le_bool isBefore = (flags & cgiMarkInsertBefore);
@@ -90,6 +94,10 @@ le_uint16 ContextualGlyphInsertionProces
le_int16 currIndex = SWAPW(entry->currentInsertionListIndex);
if (currIndex > 0) {
+ if (currGlyph < 0 || currGlyph >= glyphStorage.getGlyphCount()) {
+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR;
+ return 0;
+ }
le_int16 count = flags & cgiCurrentInsertCountMask;
le_bool isKashidaLike = (flags & cgiCurrentIsKashidaLike);
le_bool isBefore = (flags & cgiCurrentInsertBefore);
--- icu-52.1.orig/source/layout/ContextualGlyphSubstProc.cpp
+++ icu-52.1/source/layout/ContextualGlyphSubstProc.cpp
@@ -51,6 +51,10 @@ ByteOffset ContextualGlyphSubstitutionPr
WordOffset currOffset = SWAPW(entry->currOffset);
if (markOffset != 0 && LE_SUCCESS(success)) {
+ if (markGlyph < 0 || markGlyph >= glyphStorage.getGlyphCount()) {
+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR;
+ return 0;
+ }
LEGlyphID mGlyph = glyphStorage[markGlyph];
TTGlyphID newGlyph = SWAPW(int16Table.getObject(markOffset + LE_GET_GLYPH(mGlyph), success)); // whew.
@@ -58,6 +62,10 @@ ByteOffset ContextualGlyphSubstitutionPr
}
if (currOffset != 0) {
+ if (currGlyph < 0 || currGlyph >= glyphStorage.getGlyphCount()) {
+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR;
+ return 0;
+ }
LEGlyphID thisGlyph = glyphStorage[currGlyph];
TTGlyphID newGlyph = SWAPW(int16Table.getObject(currOffset + LE_GET_GLYPH(thisGlyph), success)); // whew.
--- icu-52.1.orig/source/layout/ContextualGlyphSubstProc2.cpp
+++ icu-52.1/source/layout/ContextualGlyphSubstProc2.cpp
@@ -45,17 +45,25 @@ le_uint16 ContextualGlyphSubstitutionPro
if(LE_FAILURE(success)) return 0;
le_uint16 newState = SWAPW(entry->newStateIndex);
le_uint16 flags = SWAPW(entry->flags);
- le_int16 markIndex = SWAPW(entry->markIndex);
- le_int16 currIndex = SWAPW(entry->currIndex);
+ le_uint16 markIndex = SWAPW(entry->markIndex);
+ le_uint16 currIndex = SWAPW(entry->currIndex);
- if (markIndex != -1) {
+ if (markIndex != 0x0FFFF) {
+ if (markGlyph < 0 || markGlyph >= glyphStorage.getGlyphCount()) {
+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR;
+ return 0;
+ }
le_uint32 offset = SWAPL(perGlyphTable(markIndex, success));
LEGlyphID mGlyph = glyphStorage[markGlyph];
TTGlyphID newGlyph = lookup(offset, mGlyph, success);
glyphStorage[markGlyph] = LE_SET_GLYPH(mGlyph, newGlyph);
}
- if (currIndex != -1) {
+ if (currIndex != 0x0FFFF) {
+ if (currGlyph < 0 || currGlyph >= glyphStorage.getGlyphCount()) {
+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR;
+ return 0;
+ }
le_uint32 offset = SWAPL(perGlyphTable(currIndex, success));
LEGlyphID thisGlyph = glyphStorage[currGlyph];
TTGlyphID newGlyph = lookup(offset, thisGlyph, success);
--- icu-52.1.orig/source/layout/IndicRearrangementProcessor.cpp
+++ icu-52.1/source/layout/IndicRearrangementProcessor.cpp
@@ -45,6 +45,11 @@ ByteOffset IndicRearrangementProcessor::
ByteOffset newState = SWAPW(entry->newStateOffset);
IndicRearrangementFlags flags = (IndicRearrangementFlags) SWAPW(entry->flags);
+ if (currGlyph < 0 || currGlyph >= glyphStorage.getGlyphCount()) {
+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR;
+ return 0;
+ }
+
if (flags & irfMarkFirst) {
firstGlyph = currGlyph;
}
--- icu-52.1.orig/source/layout/IndicRearrangementProcessor2.cpp
+++ icu-52.1/source/layout/IndicRearrangementProcessor2.cpp
@@ -43,6 +43,11 @@ le_uint16 IndicRearrangementProcessor2::
le_uint16 newState = SWAPW(entry->newStateIndex); // index to the new state
IndicRearrangementFlags flags = (IndicRearrangementFlags) SWAPW(entry->flags);
+ if (currGlyph < 0 || currGlyph >= glyphStorage.getGlyphCount()) {
+ success = LE_INDEX_OUT_OF_BOUNDS_ERROR;
+ return 0;
+ }
+
if (flags & irfMarkFirst) {
firstGlyph = currGlyph;
}
--- icu-52.1.orig/source/layout/LigatureSubstProc.cpp
+++ icu-52.1/source/layout/LigatureSubstProc.cpp
@@ -48,7 +48,7 @@ ByteOffset LigatureSubstitutionProcessor
const LigatureSubstitutionStateEntry *entry = entryTable.getAlias(index, success);
ByteOffset newState = SWAPW(entry->newStateOffset);
- le_int16 flags = SWAPW(entry->flags);
+ le_uint16 flags = SWAPW(entry->flags);
if (flags & lsfSetComponent) {
if (++m >= nComponents) {
--- icu-52.1.orig/source/layout/StateTableProcessor.cpp
+++ icu-52.1/source/layout/StateTableProcessor.cpp
@@ -60,6 +60,7 @@ void StateTableProcessor::process(LEGlyp
if (currGlyph == glyphCount) {
// XXX: How do we handle EOT vs. EOL?
classCode = classCodeEOT;
+ break;
} else {
TTGlyphID glyphCode = (TTGlyphID) LE_GET_GLYPH(glyphStorage[currGlyph]);
--- icu-52.1.orig/source/layout/StateTableProcessor2.cpp
+++ icu-52.1/source/layout/StateTableProcessor2.cpp
@@ -78,6 +78,7 @@ void StateTableProcessor2::process(LEGly
if (currGlyph == glyphCount || currGlyph == -1) {
// XXX: How do we handle EOT vs. EOL?
classCode = classCodeEOT;
+ break;
} else {
LEGlyphID gid = glyphStorage[currGlyph];
TTGlyphID glyphCode = (TTGlyphID) LE_GET_GLYPH(gid);
@@ -109,6 +110,7 @@ void StateTableProcessor2::process(LEGly
if (currGlyph == glyphCount || currGlyph == -1) {
// XXX: How do we handle EOT vs. EOL?
classCode = classCodeEOT;
+ break;
} else {
LEGlyphID gid = glyphStorage[currGlyph];
TTGlyphID glyphCode = (TTGlyphID) LE_GET_GLYPH(gid);
@@ -146,6 +148,7 @@ void StateTableProcessor2::process(LEGly
if (currGlyph == glyphCount || currGlyph == -1) {
// XXX: How do we handle EOT vs. EOL?
classCode = classCodeEOT;
+ break;
} else if(currGlyph > glyphCount) {
// note if > glyphCount, we've run off the end (bad font)
currGlyph = glyphCount;
@@ -186,6 +189,7 @@ void StateTableProcessor2::process(LEGly
if (currGlyph == glyphCount || currGlyph == -1) {
// XXX: How do we handle EOT vs. EOL?
classCode = classCodeEOT;
+ break;
} else {
TTGlyphID glyphCode = (TTGlyphID) LE_GET_GLYPH(glyphStorage[currGlyph]);
if (glyphCode == 0xFFFF) {
--- icu-52.1.orig/source/layout/StateTables.h
+++ icu-52.1/source/layout/StateTables.h
@@ -101,7 +101,7 @@ typedef le_uint8 EntryTableIndex;
struct StateEntry
{
ByteOffset newStateOffset;
- le_int16 flags;
+ le_uint16 flags;
};
typedef le_uint16 EntryTableIndex2;

View File

@ -0,0 +1,164 @@
Fix CVE-2017-7867 and CVE-2017-7868:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868
Patch copied from upstream source repository:
http://bugs.icu-project.org/trac/changeset/39671
Index: icu/source/common/utext.cpp
===================================================================
--- icu/source/common/utext.cpp (revision 39670)
+++ icu/source/common/utext.cpp (revision 39671)
@@ -848,7 +848,13 @@
// Chunk size.
-// Must be less than 85, because of byte mapping from UChar indexes to native indexes.
-// Worst case is three native bytes to one UChar. (Supplemenaries are 4 native bytes
-// to two UChars.)
+// Must be less than 42 (256/6), because of byte mapping from UChar indexes to native indexes.
+// Worst case there are six UTF-8 bytes per UChar.
+// obsolete 6 byte form fd + 5 trails maps to fffd
+// obsolete 5 byte form fc + 4 trails maps to fffd
+// non-shortest 4 byte forms maps to fffd
+// normal supplementaries map to a pair of utf-16, two utf8 bytes per utf-16 unit
+// mapToUChars array size must allow for the worst case, 6.
+// This could be brought down to 4, by treating fd and fc as pure illegal,
+// rather than obsolete lead bytes. But that is not compatible with the utf-8 access macros.
//
enum { UTF8_TEXT_CHUNK_SIZE=32 };
@@ -890,5 +896,5 @@
// one for a supplementary starting in the last normal position,
// and one for an entry for the buffer limit position.
- uint8_t mapToUChars[UTF8_TEXT_CHUNK_SIZE*3+6]; // Map native offset from bufNativeStart to
+ uint8_t mapToUChars[UTF8_TEXT_CHUNK_SIZE*6+6]; // Map native offset from bufNativeStart to
// correspoding offset in filled part of buf.
int32_t align;
@@ -1033,4 +1039,5 @@
u8b = (UTF8Buf *)ut->p; // the current buffer
mapIndex = ix - u8b->toUCharsMapStart;
+ U_ASSERT(mapIndex < (int32_t)sizeof(UTF8Buf::mapToUChars));
ut->chunkOffset = u8b->mapToUChars[mapIndex] - u8b->bufStartIdx;
return TRUE;
@@ -1299,4 +1306,8 @@
// If index is at the end, there is no character there to look at.
if (ix != ut->b) {
+ // Note: this function will only move the index back if it is on a trail byte
+ // and there is a preceding lead byte and the sequence from the lead
+ // through this trail could be part of a valid UTF-8 sequence
+ // Otherwise the index remains unchanged.
U8_SET_CP_START(s8, 0, ix);
}
@@ -1312,5 +1323,8 @@
uint8_t *mapToNative = u8b->mapToNative;
uint8_t *mapToUChars = u8b->mapToUChars;
- int32_t toUCharsMapStart = ix - (UTF8_TEXT_CHUNK_SIZE*3 + 1);
+ int32_t toUCharsMapStart = ix - sizeof(UTF8Buf::mapToUChars) + 1;
+ // Note that toUCharsMapStart can be negative. Happens when the remaining
+ // text from current position to the beginning is less than the buffer size.
+ // + 1 because mapToUChars must have a slot at the end for the bufNativeLimit entry.
int32_t destIx = UTF8_TEXT_CHUNK_SIZE+2; // Start in the overflow region
// at end of buffer to leave room
@@ -1339,4 +1353,5 @@
// Special case ASCII range for speed.
buf[destIx] = (UChar)c;
+ U_ASSERT(toUCharsMapStart <= srcIx);
mapToUChars[srcIx - toUCharsMapStart] = (uint8_t)destIx;
mapToNative[destIx] = (uint8_t)(srcIx - toUCharsMapStart);
@@ -1368,4 +1383,5 @@
mapToUChars[sIx-- - toUCharsMapStart] = (uint8_t)destIx;
} while (sIx >= srcIx);
+ U_ASSERT(toUCharsMapStart <= (srcIx+1));
// Set native indexing limit to be the current position.
@@ -1542,4 +1558,5 @@
U_ASSERT(index<=ut->chunkNativeLimit);
int32_t mapIndex = index - u8b->toUCharsMapStart;
+ U_ASSERT(mapIndex < (int32_t)sizeof(UTF8Buf::mapToUChars));
int32_t offset = u8b->mapToUChars[mapIndex] - u8b->bufStartIdx;
U_ASSERT(offset>=0 && offset<=ut->chunkLength);
Index: icu/source/test/intltest/utxttest.cpp
===================================================================
--- icu/source/test/intltest/utxttest.cpp (revision 39670)
+++ icu/source/test/intltest/utxttest.cpp (revision 39671)
@@ -68,4 +68,6 @@
case 7: name = "Ticket12130";
if (exec) Ticket12130(); break;
+ case 8: name = "Ticket12888";
+ if (exec) Ticket12888(); break;
default: name = ""; break;
}
@@ -1584,2 +1586,62 @@
utext_close(&ut);
}
+
+// Ticket 12888: bad handling of illegal utf-8 containing many instances of the archaic, now illegal,
+// six byte utf-8 forms. Original implementation had an assumption that
+// there would be at most three utf-8 bytes per UTF-16 code unit.
+// The five and six byte sequences map to a single replacement character.
+
+void UTextTest::Ticket12888() {
+ const char *badString =
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
+ "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80";
+
+ UErrorCode status = U_ZERO_ERROR;
+ LocalUTextPointer ut(utext_openUTF8(NULL, badString, -1, &status));
+ TEST_SUCCESS(status);
+ for (;;) {
+ UChar32 c = utext_next32(ut.getAlias());
+ if (c == U_SENTINEL) {
+ break;
+ }
+ }
+ int32_t endIdx = utext_getNativeIndex(ut.getAlias());
+ if (endIdx != (int32_t)strlen(badString)) {
+ errln("%s:%d expected=%d, actual=%d", __FILE__, __LINE__, strlen(badString), endIdx);
+ return;
+ }
+
+ for (int32_t prevIndex = endIdx; prevIndex>0;) {
+ UChar32 c = utext_previous32(ut.getAlias());
+ int32_t currentIndex = utext_getNativeIndex(ut.getAlias());
+ if (c != 0xfffd) {
+ errln("%s:%d (expected, actual, index) = (%d, %d, %d)\n",
+ __FILE__, __LINE__, 0xfffd, c, currentIndex);
+ break;
+ }
+ if (currentIndex != prevIndex - 6) {
+ errln("%s:%d: wrong index. Expected, actual = %d, %d",
+ __FILE__, __LINE__, prevIndex - 6, currentIndex);
+ break;
+ }
+ prevIndex = currentIndex;
+ }
+}
Index: icu/source/test/intltest/utxttest.h
===================================================================
--- icu/source/test/intltest/utxttest.h (revision 39670)
+++ icu/source/test/intltest/utxttest.h (revision 39671)
@@ -39,4 +39,5 @@
void Ticket10983();
void Ticket12130();
+ void Ticket12888();
private:

View File

@ -0,0 +1,71 @@
This patch fixes the build of adb on linux.
Copied from archlinux repository:
https://git.archlinux.org/svntogit/community.git/tree/trunk/fix_build.patch?h=packages/android-tools
diff --git a/adb/sysdeps.h b/adb/sysdeps.h
index 75dcc86..867f3ec 100644
--- a/adb/sysdeps.h
+++ b/adb/sysdeps.h
@@ -25,6 +25,7 @@
#endif
#include <errno.h>
+#include <sys/syscall.h>
#include <string>
#include <vector>
@@ -831,7 +832,16 @@ static __inline__ int adb_is_absolute_host_path(const char* path) {
static __inline__ unsigned long adb_thread_id()
{
- return (unsigned long)gettid();
+ // TODO: this function should be merged with GetThreadId
+#if defined(__BIONIC__)
+ return gettid();
+#elif defined(__APPLE__)
+ return syscall(SYS_thread_selfid);
+#elif defined(__linux__)
+ return syscall(__NR_gettid);
+#elif defined(_WIN32)
+ return GetCurrentThreadId();
+#endif
}
#endif /* !_WIN32 */
diff --git a/base/errors_unix.cpp b/base/errors_unix.cpp
index 296995e..48269b6 100644
--- a/base/errors_unix.cpp
+++ b/base/errors_unix.cpp
@@ -17,6 +17,7 @@
#include "android-base/errors.h"
#include <errno.h>
+#include <string.h>
namespace android {
namespace base {
diff --git a/base/file.cpp b/base/file.cpp
index da1adba..91a3901 100644
--- a/base/file.cpp
+++ b/base/file.cpp
@@ -20,6 +20,7 @@
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>
+#include <string.h>
#include <string>
diff --git a/base/logging.cpp b/base/logging.cpp
index 1741871..e97c7f1 100644
--- a/base/logging.cpp
+++ b/base/logging.cpp
@@ -21,6 +21,7 @@
#include "android-base/logging.h"
#include <libgen.h>
+#include <string.h>
// For getprogname(3) or program_invocation_short_name.
#if defined(__ANDROID__) || defined(__APPLE__)

View File

@ -0,0 +1,80 @@
Patch copied from:
https://android.googlesource.com/platform/system/core/+/e5dd71a290f664d3f3bf0dd8a4bad411dc7ad416
From e5dd71a290f664d3f3bf0dd8a4bad411dc7ad416 Mon Sep 17 00:00:00 2001
From: Elliott Hughes <enh@google.com>
Date: Thu, 28 Jul 2016 15:15:28 -0700
Subject: [PATCH] libbase should use its own logging!
Not doing so led to us using a bogus log tag.
Bug: http://b/30281203
Change-Id: I3ac91758a1a043146c65f2ae0f36fcfbe372c30f
---
base/file.cpp | 11 +++++------
base/logging.cpp | 3 +--
2 files changed, 6 insertions(+), 8 deletions(-)
diff --git a/base/file.cpp b/base/file.cpp
index da1adba19..4e7ac82d1 100644
--- a/base/file.cpp
+++ b/base/file.cpp
@@ -24,9 +24,8 @@
#include <string>
#include "android-base/macros.h" // For TEMP_FAILURE_RETRY on Darwin.
+#include "android-base/logging.h"
#include "android-base/utf8.h"
-#define LOG_TAG "base.file"
-#include "cutils/log.h"
#include "utils/Compat.h"
namespace android {
@@ -86,22 +85,22 @@ bool WriteStringToFile(const std::string& content, const std::string& path,
int flags = O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC | O_NOFOLLOW | O_BINARY;
int fd = TEMP_FAILURE_RETRY(open(path.c_str(), flags, mode));
if (fd == -1) {
- ALOGE("android::WriteStringToFile open failed: %s", strerror(errno));
+ PLOG(ERROR) << "android::WriteStringToFile open failed";
return false;
}
// We do an explicit fchmod here because we assume that the caller really
// meant what they said and doesn't want the umask-influenced mode.
if (fchmod(fd, mode) == -1) {
- ALOGE("android::WriteStringToFile fchmod failed: %s", strerror(errno));
+ PLOG(ERROR) << "android::WriteStringToFile fchmod failed";
return CleanUpAfterFailedWrite(path);
}
if (fchown(fd, owner, group) == -1) {
- ALOGE("android::WriteStringToFile fchown failed: %s", strerror(errno));
+ PLOG(ERROR) << "android::WriteStringToFile fchown failed";
return CleanUpAfterFailedWrite(path);
}
if (!WriteStringToFd(content, fd)) {
- ALOGE("android::WriteStringToFile write failed: %s", strerror(errno));
+ PLOG(ERROR) << "android::WriteStringToFile write failed";
return CleanUpAfterFailedWrite(path);
}
close(fd);
diff --git a/base/logging.cpp b/base/logging.cpp
index 769c266c9..959bb8b05 100644
--- a/base/logging.cpp
+++ b/base/logging.cpp
@@ -43,12 +43,11 @@
#include "android-base/macros.h"
#include "android-base/strings.h"
-#include "cutils/threads.h"
// Headers for LogMessage::LogLine.
#ifdef __ANDROID__
#include <android/set_abort_message.h>
-#include "cutils/log.h"
+#include "log/log.h"
#else
#include <sys/types.h>
#include <unistd.h>
--
2.11.0

View File

@ -1,286 +0,0 @@
Fix libtheora linking issue with modern theora versions.
Adapted from:
http://git.buildroot.net/buildroot/commit/?id=46b71cb0be27c0e6b7c93afb49fc80779bf310e3
--- a/libmpcodecs/vd_theora.c
+++ b/libmpcodecs/vd_theora.c
@@ -39,22 +39,23 @@
LIBVD_EXTERN(theora)
-#include <theora/theora.h>
+#include <theora/theoradec.h>
#define THEORA_NUM_HEADER_PACKETS 3
typedef struct theora_struct_st {
- theora_state st;
- theora_comment cc;
- theora_info inf;
+ th_setup_info *tsi;
+ th_dec_ctx *tctx;
+ th_comment tc;
+ th_info ti;
} theora_struct_t;
/** Convert Theora pixelformat to the corresponding IMGFMT_ */
-static uint32_t theora_pixelformat2imgfmt(theora_pixelformat fmt){
+static uint32_t theora_pixelformat2imgfmt(th_pixel_fmt fmt){
switch(fmt) {
- case OC_PF_420: return IMGFMT_YV12;
- case OC_PF_422: return IMGFMT_422P;
- case OC_PF_444: return IMGFMT_444P;
+ case TH_PF_420: return IMGFMT_YV12;
+ case TH_PF_422: return IMGFMT_422P;
+ case TH_PF_444: return IMGFMT_444P;
}
return 0;
}
@@ -64,7 +65,7 @@
theora_struct_t *context = sh->context;
switch(cmd) {
case VDCTRL_QUERY_FORMAT:
- if (*(int*)arg == theora_pixelformat2imgfmt(context->inf.pixelformat))
+ if (*(int*)arg == theora_pixelformat2imgfmt(context->ti.pixel_fmt))
return CONTROL_TRUE;
return CONTROL_FALSE;
}
@@ -88,8 +89,9 @@
if (!context)
goto err_out;
- theora_info_init(&context->inf);
- theora_comment_init(&context->cc);
+ th_info_init(&context->ti);
+ th_comment_init(&context->tc);
+ context->tsi = NULL;
/* Read all header packets, pass them to theora_decode_header. */
for (i = 0; i < THEORA_NUM_HEADER_PACKETS; i++)
@@ -109,7 +111,7 @@
op.b_o_s = 1;
}
- if ( (errorCode = theora_decode_header (&context->inf, &context->cc, &op)) )
+ if ( (errorCode = th_decode_headerin (&context->ti, &context->tc, &context->tsi, &op)) < 0)
{
mp_msg(MSGT_DECVIDEO, MSGL_ERR, "Broken Theora header; errorCode=%i!\n", errorCode);
goto err_out;
@@ -117,23 +119,25 @@
}
/* now init codec */
- errorCode = theora_decode_init (&context->st, &context->inf);
- if (errorCode)
+ context->tctx = th_decode_alloc (&context->ti, context->tsi);
+ if (!context->tctx)
{
- mp_msg(MSGT_DECVIDEO,MSGL_ERR,"Theora decode init failed: %i \n", errorCode);
+ mp_msg(MSGT_DECVIDEO,MSGL_ERR,"Theora decode init failed\n");
goto err_out;
}
+ /* free memory used for decoder setup information */
+ th_setup_free(context->tsi);
- if(sh->aspect==0.0 && context->inf.aspect_denominator!=0)
+ if(sh->aspect==0.0 && context->ti.aspect_denominator!=0)
{
- sh->aspect = ((double)context->inf.aspect_numerator * context->inf.width)/
- ((double)context->inf.aspect_denominator * context->inf.height);
+ sh->aspect = ((double)context->ti.aspect_numerator * context->ti.frame_width)/
+ ((double)context->ti.aspect_denominator * context->ti.frame_height);
}
mp_msg(MSGT_DECVIDEO,MSGL_V,"INFO: Theora video init ok!\n");
- mp_msg(MSGT_DECVIDEO,MSGL_INFO,"Frame: %dx%d, Picture %dx%d, Offset [%d,%d]\n", context->inf.width, context->inf.height, context->inf.frame_width, context->inf.frame_height, context->inf.offset_x, context->inf.offset_y);
+ mp_msg(MSGT_DECVIDEO,MSGL_INFO,"Frame: %dx%d, Picture %dx%d, Offset [%d,%d]\n", context->ti.frame_width, context->ti.frame_height, context->ti.pic_width, context->ti.pic_height, context->ti.pic_x, context->ti.pic_y);
- return mpcodecs_config_vo (sh,context->inf.width,context->inf.height,theora_pixelformat2imgfmt(context->inf.pixelformat));
+ return mpcodecs_config_vo (sh,context->ti.frame_width,context->ti.frame_height,theora_pixelformat2imgfmt(context->ti.pixel_fmt));
err_out:
free(context);
@@ -150,9 +154,9 @@
if (context)
{
- theora_info_clear(&context->inf);
- theora_comment_clear(&context->cc);
- theora_clear (&context->st);
+ th_info_clear(&context->ti);
+ th_comment_clear(&context->tc);
+ th_decode_free (context->tctx);
free (context);
}
}
@@ -165,7 +169,7 @@
theora_struct_t *context = sh->context;
int errorCode = 0;
ogg_packet op;
- yuv_buffer yuv;
+ th_ycbcr_buffer ycbcrbuf;
mp_image_t* mpi;
// no delayed frames
@@ -177,31 +181,31 @@
op.packet = data;
op.granulepos = -1;
- errorCode = theora_decode_packetin (&context->st, &op);
- if (errorCode)
+ errorCode = th_decode_packetin (context->tctx, &op, NULL);
+ if (errorCode < 0)
{
mp_msg(MSGT_DECVIDEO,MSGL_ERR,"Theora decode packetin failed: %i \n",
errorCode);
return NULL;
}
- errorCode = theora_decode_YUVout (&context->st, &yuv);
- if (errorCode)
+ errorCode = th_decode_ycbcr_out (context->tctx, ycbcrbuf);
+ if (errorCode < 0)
{
mp_msg(MSGT_DECVIDEO,MSGL_ERR,"Theora decode YUVout failed: %i \n",
errorCode);
return NULL;
}
- mpi = mpcodecs_get_image(sh, MP_IMGTYPE_EXPORT, 0, yuv.y_width, yuv.y_height);
+ mpi = mpcodecs_get_image(sh, MP_IMGTYPE_EXPORT, 0, ycbcrbuf[0].width, ycbcrbuf[0].height);
if(!mpi) return NULL;
- mpi->planes[0]=yuv.y;
- mpi->stride[0]=yuv.y_stride;
- mpi->planes[1]=yuv.u;
- mpi->stride[1]=yuv.uv_stride;
- mpi->planes[2]=yuv.v;
- mpi->stride[2]=yuv.uv_stride;
+ mpi->planes[0]=ycbcrbuf[0].data;
+ mpi->stride[0]=ycbcrbuf[0].stride;
+ mpi->planes[1]=ycbcrbuf[1].data;
+ mpi->stride[1]=ycbcrbuf[1].stride;
+ mpi->planes[2]=ycbcrbuf[2].data;
+ mpi->stride[2]=ycbcrbuf[2].stride;
return mpi;
}
--- a/libmpdemux/demux_ogg.c
+++ b/libmpdemux/demux_ogg.c
@@ -49,21 +49,21 @@
#endif
#ifdef CONFIG_OGGTHEORA
-#include <theora/theora.h>
-int _ilog (unsigned int); /* defined in many places in theora/lib/ */
+#include <theora/theoradec.h>
#endif
#define BLOCK_SIZE 4096
/* Theora decoder context : we won't be able to interpret granule positions
- * without using theora_granule_time with the theora_state of the stream.
+ * without using th_granule_time with the th_dec_ctx of the stream.
* This is duplicated in `vd_theora.c'; put this in a common header?
*/
#ifdef CONFIG_OGGTHEORA
typedef struct theora_struct_st {
- theora_state st;
- theora_comment cc;
- theora_info inf;
+ th_setup_info *tsi;
+ th_dec_ctx *tctx;
+ th_comment tc;
+ th_info ti;
} theora_struct_t;
#endif
@@ -116,7 +116,7 @@
float samplerate; /// granulpos 2 time
int64_t lastpos;
int32_t lastsize;
- int keyframe_frequency_force;
+ int keyframe_granule_shift;
// Logical stream state
ogg_stream_state stream;
@@ -299,11 +299,10 @@
have theora_state st, until all header packets were passed to the
decoder. */
if (!pack->bytes || !(*data&0x80)) {
- int keyframe_granule_shift = _ilog(os->keyframe_frequency_force - 1);
- int64_t iframemask = (1 << keyframe_granule_shift) - 1;
+ int64_t iframemask = (1 << os->keyframe_granule_shift) - 1;
if (pack->granulepos >= 0) {
- os->lastpos = pack->granulepos >> keyframe_granule_shift;
+ os->lastpos = pack->granulepos >> os->keyframe_granule_shift;
os->lastpos += pack->granulepos & iframemask;
*flags = (pack->granulepos & iframemask) == 0;
} else {
@@ -892,14 +891,15 @@
#ifdef CONFIG_OGGTHEORA
} else if (pack.bytes >= 7 && !strncmp (&pack.packet[1], "theora", 6)) {
int errorCode = 0;
- theora_info inf;
- theora_comment cc;
+ th_info ti;
+ th_comment tc;
+ th_setup_info *tsi = NULL;
- theora_info_init (&inf);
- theora_comment_init (&cc);
+ th_info_init (&ti);
+ th_comment_init (&tc);
- errorCode = theora_decode_header (&inf, &cc, &pack);
- if (errorCode) {
+ errorCode = th_decode_headerin(&ti, &tc, &tsi, &pack);
+ if (errorCode < 0) {
mp_msg(MSGT_DEMUX, MSGL_ERR,
"Theora header parsing failed: %i \n", errorCode);
} else {
@@ -908,30 +908,32 @@
sh_v->bih = calloc(1, sizeof(*sh_v->bih));
sh_v->bih->biSize = sizeof(*sh_v->bih);
sh_v->bih->biCompression = sh_v->format = FOURCC_THEORA;
- sh_v->fps = ((double)inf.fps_numerator) / (double)inf.fps_denominator;
- sh_v->frametime = ((double)inf.fps_denominator) / (double)inf.fps_numerator;
- sh_v->disp_w = sh_v->bih->biWidth = inf.frame_width;
- sh_v->disp_h = sh_v->bih->biHeight = inf.frame_height;
+ sh_v->fps = ((double)ti.fps_numerator) / (double)ti.fps_denominator;
+ sh_v->frametime = ((double)ti.fps_denominator) / (double)ti.fps_numerator;
+ sh_v->i_bps = ti.target_bitrate / 8;
+ sh_v->disp_w = sh_v->bih->biWidth = ti.frame_width;
+ sh_v->disp_h = sh_v->bih->biHeight = ti.frame_height;
sh_v->bih->biBitCount = 24;
sh_v->bih->biPlanes = 3;
sh_v->bih->biSizeImage = ((sh_v->bih->biBitCount / 8) * sh_v->bih->biWidth * sh_v->bih->biHeight);
ogg_d->subs[ogg_d->num_sub].samplerate = sh_v->fps;
ogg_d->subs[ogg_d->num_sub].theora = 1;
- ogg_d->subs[ogg_d->num_sub].keyframe_frequency_force = inf.keyframe_frequency_force;
+ ogg_d->subs[ogg_d->num_sub].keyframe_granule_shift = ti.keyframe_granule_shift;
ogg_d->subs[ogg_d->num_sub].id = n_video;
n_video++;
mp_msg(MSGT_DEMUX, MSGL_INFO,
"[Ogg] stream %d: video (Theora v%d.%d.%d), -vid %d\n",
ogg_d->num_sub,
- (int)inf.version_major,
- (int)inf.version_minor,
- (int)inf.version_subminor,
+ (int)ti.version_major,
+ (int)ti.version_minor,
+ (int)ti.version_subminor,
n_video - 1);
if (mp_msg_test(MSGT_HEADER, MSGL_V))
print_video_header(sh_v->bih, MSGL_V);
}
- theora_comment_clear(&cc);
- theora_info_clear(&inf);
+ th_comment_clear(&tc);
+ th_info_clear(&ti);
+ th_setup_free(tsi);
#endif /* CONFIG_OGGTHEORA */
} else if (pack.bytes >= 4 && !strncmp (&pack.packet[0], "fLaC", 4)) {
sh_a = new_sh_audio_aid(demuxer, ogg_d->num_sub, n_audio, NULL);

View File

@ -0,0 +1,34 @@
Disable long b64 tests, which consistently fail on armhf.
This is based on an excerpt of the following upstream patch:
https://hg.mozilla.org/projects/nss/rev/00b2cc2b33c7
(we exclude the part of the upstream patch that reverts
an earlier failed attempt, and adapt the file names)
diff --git a/gtests/util_gtest/util_b64_unittest.cc b/gtests/util_gtest/util_b64_unittest.cc
--- a/nss/gtests/util_gtest/util_b64_unittest.cc
+++ b/nss/gtests/util_gtest/util_b64_unittest.cc
@@ -63,17 +63,19 @@ TEST_F(B64EncodeDecodeTest, EncDecTest)
TEST_F(B64EncodeDecodeTest, FakeDecTest) { EXPECT_TRUE(TestFakeDecode(100)); }
TEST_F(B64EncodeDecodeTest, FakeEncDecTest) {
EXPECT_TRUE(TestFakeEncode(100));
}
// These takes a while ...
-TEST_F(B64EncodeDecodeTest, LongFakeDecTest1) {
+TEST_F(B64EncodeDecodeTest, DISABLED_LongFakeDecTest1) {
EXPECT_TRUE(TestFakeDecode(0x66666666));
}
-TEST_F(B64EncodeDecodeTest, LongFakeEncDecTest1) { TestFakeEncode(0x3fffffff); }
-TEST_F(B64EncodeDecodeTest, LongFakeEncDecTest2) {
+TEST_F(B64EncodeDecodeTest, DISABLED_LongFakeEncDecTest1) {
+ TestFakeEncode(0x3fffffff);
+}
+TEST_F(B64EncodeDecodeTest, DISABLED_LongFakeEncDecTest2) {
EXPECT_FALSE(TestFakeEncode(0x40000000));
}
} // namespace nss_test

View File

@ -0,0 +1,335 @@
Downloaded from https://anonscm.debian.org/cgit/selinux/policycoreutils.git/plain/debian/patches/policycoreutils-Make-sepolicy-work-with-python3.patch
From 2d7ca0b862a35196d562f59bd098df011fd7f0e6 Mon Sep 17 00:00:00 2001
From: Laurent Bigonville <bigon@bigon.be>
Date: Mon, 7 Nov 2016 10:51:08 +0100
Subject: [PATCH] policycoreutils: Make sepolicy work with python3
Add python3 support for sepolicy
Signed-off-by: Laurent Bigonville <bigon@bigon.be>
---
policycoreutils/sepolicy/selinux_client.py | 6 ++--
policycoreutils/sepolicy/sepolicy.py | 38 ++++++++++++------------
policycoreutils/sepolicy/sepolicy/__init__.py | 16 ++++++----
policycoreutils/sepolicy/sepolicy/communicate.py | 4 +--
policycoreutils/sepolicy/sepolicy/generate.py | 30 +++++++++----------
policycoreutils/sepolicy/sepolicy/interface.py | 14 ++++++---
policycoreutils/sepolicy/sepolicy/manpage.py | 7 +++--
7 files changed, 65 insertions(+), 50 deletions(-)
diff --git a/policycoreutils/sepolicy/selinux_client.py b/policycoreutils/sepolicy/selinux_client.py
index 7f4a91c..dc29f28 100644
--- a/sepolicy/selinux_client.py
+++ b/sepolicy/selinux_client.py
@@ -39,6 +39,6 @@ if __name__ == "__main__":
try:
dbus_proxy = SELinuxDBus()
resp = dbus_proxy.customized()
- print convert_customization(resp)
- except dbus.DBusException, e:
- print e
+ print(convert_customization(resp))
+ except dbus.DBusException as e:
+ print(e)
diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py
index 3e502a7..5bf9b52 100755
--- a/sepolicy/sepolicy.py
+++ b/sepolicy/sepolicy.py
@@ -262,7 +262,7 @@ def _print_net(src, protocol, perm):
if len(portdict) > 0:
bold_start = "\033[1m"
bold_end = "\033[0;0m"
- print "\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end
+ print("\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end)
port_strings = []
boolean_text = ""
for p in portdict:
@@ -275,7 +275,7 @@ def _print_net(src, protocol, perm):
port_strings.append("%s (%s)" % (", ".join(recs), t))
port_strings.sort(numcmp)
for p in port_strings:
- print "\t" + p
+ print("\t" + p)
def network(args):
@@ -286,7 +286,7 @@ def network(args):
if i[0] not in all_ports:
all_ports.append(i[0])
all_ports.sort()
- print "\n".join(all_ports)
+ print("\n".join(all_ports))
for port in args.port:
found = False
@@ -297,18 +297,18 @@ def network(args):
else:
range = "%s-%s" % (i[0], i[1])
found = True
- print "%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range)
+ print("%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range))
if not found:
if port < 500:
- print "Undefined reserved port type"
+ print("Undefined reserved port type")
else:
- print "Undefined port type"
+ print("Undefined port type")
for t in args.type:
if (t, 'tcp') in portrecs.keys():
- print "%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp']))
+ print("%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp'])))
if (t, 'udp') in portrecs.keys():
- print "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp']))
+ print( "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp'])))
for a in args.applications:
d = sepolicy.get_init_transtype(a)
@@ -357,7 +357,7 @@ def manpage(args):
for domain in test_domains:
m = ManPage(domain, path, args.root, args.source_files, args.web)
- print m.get_man_page_path()
+ print(m.get_man_page_path())
if args.web:
HTMLManPages(manpage_roles, manpage_domains, path, args.os)
@@ -418,7 +418,7 @@ def communicate(args):
out = list(set(writable) & set(readable))
for t in out:
- print t
+ print(t)
def gen_communicate_args(parser):
@@ -445,7 +445,7 @@ def booleans(args):
args.booleans.sort()
for b in args.booleans:
- print "%s=_(\"%s\")" % (b, boolean_desc(b))
+ print("%s=_(\"%s\")" % (b, boolean_desc(b)))
def gen_booleans_args(parser):
@@ -484,16 +484,16 @@ def print_interfaces(interfaces, args, append=""):
for i in interfaces:
if args.verbose:
try:
- print get_interface_format_text(i + append)
+ print(get_interface_format_text(i + append))
except KeyError:
- print i
+ print(i)
if args.compile:
try:
interface_compile_test(i)
except KeyError:
- print i
+ print(i)
else:
- print i
+ print(i)
def interface(args):
@@ -565,7 +565,7 @@ def generate(args):
if args.policytype in APPLICATIONS:
mypolicy.gen_writeable()
mypolicy.gen_symbols()
- print mypolicy.generate(args.path)
+ print(mypolicy.generate(args.path))
def gen_interface_args(parser):
@@ -698,12 +698,12 @@ if __name__ == '__main__':
args = parser.parse_args(args=parser_args)
args.func(args)
sys.exit(0)
- except ValueError, e:
+ except ValueError as e:
sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
sys.exit(1)
- except IOError, e:
+ except IOError as e:
sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
sys.exit(1)
except KeyboardInterrupt:
- print "Out"
+ print("Out")
sys.exit(0)
diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py
index 8fbd5b4..fee6438 100644
--- a/sepolicy/sepolicy/__init__.py
+++ b/sepolicy/sepolicy/__init__.py
@@ -695,7 +695,7 @@ def get_methods():
# List of per_role_template interfaces
ifs = interfaces.InterfaceSet()
ifs.from_file(fd)
- methods = ifs.interfaces.keys()
+ methods = list(ifs.interfaces.keys())
fd.close()
except:
sys.stderr.write("could not open interface info [%s]\n" % fn)
@@ -752,7 +752,10 @@ def get_all_entrypoint_domains():
def gen_interfaces():
- import commands
+ try:
+ from commands import getstatusoutput
+ except ImportError:
+ from subprocess import getstatusoutput
ifile = defaults.interface_info()
headers = defaults.headers()
try:
@@ -763,7 +766,7 @@ def gen_interfaces():
if os.getuid() != 0:
raise ValueError(_("You must regenerate interface info by running /usr/bin/sepolgen-ifgen"))
- print(commands.getstatusoutput("/usr/bin/sepolgen-ifgen")[1])
+ print(getstatusoutput("/usr/bin/sepolgen-ifgen")[1])
def gen_port_dict():
@@ -1085,8 +1088,11 @@ def get_os_version():
os_version = ""
pkg_name = "selinux-policy"
try:
- import commands
- rc, output = commands.getstatusoutput("rpm -q '%s'" % pkg_name)
+ try:
+ from commands import getstatusoutput
+ except ImportError:
+ from subprocess import getstatusoutput
+ rc, output = getstatusoutput("rpm -q '%s'" % pkg_name)
if rc == 0:
os_version = output.split(".")[-2]
except:
diff --git a/policycoreutils/sepolicy/sepolicy/communicate.py b/policycoreutils/sepolicy/sepolicy/communicate.py
index b96c4b9..299316e 100755
--- a/sepolicy/sepolicy/communicate.py
+++ b/sepolicy/sepolicy/communicate.py
@@ -34,8 +34,8 @@ def usage(parser, msg):
def expand_attribute(attribute):
try:
- return sepolicy.info(sepolicy.ATTRIBUTE, attribute)[0]["types"]
- except RuntimeError:
+ return list(next(sepolicy.info(sepolicy.ATTRIBUTE, attribute))["types"])
+ except StopIteration:
return [attribute]
diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py
index 65b33b6..5696110 100644
--- a/sepolicy/sepolicy/generate.py
+++ b/sepolicy/sepolicy/generate.py
@@ -31,21 +31,21 @@ import time
import types
import platform
-from templates import executable
-from templates import boolean
-from templates import etc_rw
-from templates import unit_file
-from templates import var_cache
-from templates import var_spool
-from templates import var_lib
-from templates import var_log
-from templates import var_run
-from templates import tmp
-from templates import rw
-from templates import network
-from templates import script
-from templates import spec
-from templates import user
+from .templates import executable
+from .templates import boolean
+from .templates import etc_rw
+from .templates import unit_file
+from .templates import var_cache
+from .templates import var_spool
+from .templates import var_lib
+from .templates import var_log
+from .templates import var_run
+from .templates import tmp
+from .templates import rw
+from .templates import network
+from .templates import script
+from .templates import spec
+from .templates import user
import sepolgen.interfaces as interfaces
import sepolgen.defaults as defaults
diff --git a/policycoreutils/sepolicy/sepolicy/interface.py b/policycoreutils/sepolicy/sepolicy/interface.py
index c2cb971..8956f39 100644
--- a/sepolicy/sepolicy/interface.py
+++ b/sepolicy/sepolicy/interface.py
@@ -192,10 +192,13 @@ def generate_compile_te(interface, idict, name="compiletest"):
def get_xml_file(if_file):
""" Returns xml format of interfaces for given .if policy file"""
import os
- import commands
+ try:
+ from commands import getstatusoutput
+ except ImportError:
+ from subprocess import getstatusoutput
basedir = os.path.dirname(if_file) + "/"
filename = os.path.basename(if_file).split(".")[0]
- rc, output = commands.getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename)
+ rc, output = getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename)
if rc != 0:
sys.stderr.write("\n Could not proceed selected interface file.\n")
sys.stderr.write("\n%s" % output)
@@ -208,7 +211,10 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml"
exclude_interfaces = ["userdom", "kernel", "corenet", "files", "dev"]
exclude_interface_type = ["template"]
- import commands
+ try:
+ from commands import getstatusoutput
+ except ImportError:
+ from subprocess import getstatusoutput
import os
policy_files = {'pp': "compiletest.pp", 'te': "compiletest.te", 'fc': "compiletest.fc", 'if': "compiletest.if"}
idict = get_interface_dict(path)
@@ -219,7 +225,7 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml"
fd = open(policy_files['te'], "w")
fd.write(generate_compile_te(interface, idict))
fd.close()
- rc, output = commands.getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp'])
+ rc, output = getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp'])
if rc != 0:
sys.stderr.write(output)
sys.stderr.write(_("\nCompile test for %s failed.\n") % interface)
diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py
index 7365f93..773a9ab 100755
--- a/sepolicy/sepolicy/manpage.py
+++ b/sepolicy/sepolicy/manpage.py
@@ -27,7 +27,6 @@ __all__ = ['ManPage', 'HTMLManPages', 'manpage_domains', 'manpage_roles', 'gen_d
import string
import selinux
import sepolicy
-import commands
import os
import time
@@ -162,7 +161,11 @@ def get_alphabet_manpages(manpage_list):
def convert_manpage_to_html(html_manpage, manpage):
- rc, output = commands.getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage)
+ try:
+ from commands import getstatusoutput
+ except ImportError:
+ from subprocess import getstatusoutput
+ rc, output = getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage)
if rc == 0:
print(html_manpage, "has been created")
fd = open(html_manpage, 'w')
--
2.10.2

View File

@ -7,27 +7,27 @@ See <http://music.columbia.edu/pipermail/portaudio/2015-March/016611.html>.
--- a/include/pa_win_ds.h
+++ b/include/pa_win_ds.h
@@ -89,6 +89,21 @@
}PaWinDirectSoundStreamInfo;
+/** Retrieve the GUID of the input device.
+
+ @param stream The stream to query.
+
+ @return A pointer to the GUID, or NULL if none.
+*/
+LPGUID PaWinDS_GetStreamInputGUID( PaStream* s );
+
+/** Retrieve the GUID of the output device.
+
+ @param stream The stream to query.
+
+ @return A pointer to the GUID, or NULL if none.
+*/
+LPGUID PaWinDS_GetStreamOutputGUID( PaStream* s );
#ifdef __cplusplus
}PaWinDirectSoundStreamInfo;
+/** Retrieve the GUID of the input device.
+
+ @param stream The stream to query.
+
+ @return A pointer to the GUID, or NULL if none.
+*/
+LPGUID PaWinDS_GetStreamInputGUID( PaStream* s );
+
+/** Retrieve the GUID of the output device.
+
+ @param stream The stream to query.
+
+ @return A pointer to the GUID, or NULL if none.
+*/
+LPGUID PaWinDS_GetStreamOutputGUID( PaStream* s );
#ifdef __cplusplus
--- a/include/portaudio.h
+++ b/include/portaudio.h
@@ -1146,6 +1146,15 @@
@ -224,15 +224,15 @@ See <http://music.columbia.edu/pipermail/portaudio/2015-March/016611.html>.
--- a/src/hostapi/coreaudio/pa_mac_core_blocking.c
+++ b/src/hostapi/coreaudio/pa_mac_core_blocking.c
@@ -66,6 +66,9 @@
#ifdef MOSX_USE_NON_ATOMIC_FLAG_BITS
# define OSAtomicOr32( a, b ) ( (*(b)) |= (a) )
# define OSAtomicAnd32( a, b ) ( (*(b)) &= (a) )
+#elif MAC_OS_X_VERSION_MAX_ALLOWED <= MAC_OS_X_VERSION_10_3
+# define OSAtomicOr32( a, b ) BitOrAtomic( a, (UInt32 *) b )
+# define OSAtomicAnd32( a, b ) BitAndAtomic( a, (UInt32 *) b )
#else
# include <libkern/OSAtomic.h>
#endif
#ifdef MOSX_USE_NON_ATOMIC_FLAG_BITS
# define OSAtomicOr32( a, b ) ( (*(b)) |= (a) )
# define OSAtomicAnd32( a, b ) ( (*(b)) &= (a) )
+#elif MAC_OS_X_VERSION_MAX_ALLOWED <= MAC_OS_X_VERSION_10_3
+# define OSAtomicOr32( a, b ) BitOrAtomic( a, (UInt32 *) b )
+# define OSAtomicAnd32( a, b ) BitAndAtomic( a, (UInt32 *) b )
#else
# include <libkern/OSAtomic.h>
#endif
--- a/src/hostapi/alsa/pa_linux_alsa.c
+++ b/src/hostapi/alsa/pa_linux_alsa.c
@@ -611,6 +611,7 @@

View File

@ -7,20 +7,14 @@ diff --git a/tests/test_ssl.py b/tests/test_ssl.py
index ee849fd..60048b8 100644
--- a/tests/test_ssl.py
+++ b/tests/test_ssl.py
@@ -1180,40 +1180,6 @@ class ContextTests(TestCase, _LoopbackMixin):
TypeError, context.load_verify_locations, None, None, None
)
- @pytest.mark.skipif(
- platform == "win32",
- reason="set_default_verify_paths appears not to work on Windows. "
- "See LP#404343 and LP#404344."
- )
@@ -1113,33 +1113,6 @@ class TestContext(object):
reason="set_default_verify_paths appears not to work on Windows. "
"See LP#404343 and LP#404344."
)
- def test_set_default_verify_paths(self):
- """
- :py:obj:`Context.set_default_verify_paths` causes the
- platform-specific CA certificate locations to be used for
- verification purposes.
- `Context.set_default_verify_paths` causes the platform-specific CA
- certificate locations to be used for verification purposes.
- """
- # Testing this requires a server with a certificate signed by one
- # of the CAs in the platform CA location. Getting one of those
@ -43,8 +37,7 @@ index ee849fd..60048b8 100644
- clientSSL.set_connect_state()
- clientSSL.do_handshake()
- clientSSL.send(b"GET / HTTP/1.0\r\n\r\n")
- self.assertTrue(clientSSL.recv(1024))
-
def test_set_default_verify_paths_signature(self):
- assert clientSSL.recv(1024)
def test_add_extra_chain_cert_invalid_cert(self):
"""
:py:obj:`Context.set_default_verify_paths` takes no arguments and

View File

@ -1,49 +0,0 @@
From eb7a20a3616085d46aa6b4b4224e15587ec67e6e Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Mon, 28 Nov 2016 17:49:04 -0800
Subject: [PATCH] watchdog: 6300esb: add exit function
When the Intel 6300ESB watchdog is hot unplug. The timer allocated
in realize isn't freed thus leaking memory leak. This patch avoid
this through adding the exit function.
http://git.qemu.org/?p=qemu.git;a=patch;h=eb7a20a3616085d46aa6b4b4224e15587ec67e6e
this patch is from qemu-git.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Message-Id: <583cde9c.3223ed0a.7f0c2.886e@mx.google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
hw/watchdog/wdt_i6300esb.c | 9 +++++++++
1 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/hw/watchdog/wdt_i6300esb.c b/hw/watchdog/wdt_i6300esb.c
index a83d951..49b3cd1 100644
--- a/hw/watchdog/wdt_i6300esb.c
+++ b/hw/watchdog/wdt_i6300esb.c
@@ -428,6 +428,14 @@ static void i6300esb_realize(PCIDevice *dev, Error **errp)
/* qemu_register_coalesced_mmio (addr, 0x10); ? */
}
+static void i6300esb_exit(PCIDevice *dev)
+{
+ I6300State *d = WATCHDOG_I6300ESB_DEVICE(dev);
+
+ timer_del(d->timer);
+ timer_free(d->timer);
+}
+
static WatchdogTimerModel model = {
.wdt_name = "i6300esb",
.wdt_description = "Intel 6300ESB",
@@ -441,6 +449,7 @@ static void i6300esb_class_init(ObjectClass *klass, void *data)
k->config_read = i6300esb_config_read;
k->config_write = i6300esb_config_write;
k->realize = i6300esb_realize;
+ k->exit = i6300esb_exit;
k->vendor_id = PCI_VENDOR_ID_INTEL;
k->device_id = PCI_DEVICE_ID_INTEL_ESB_9;
k->class_id = PCI_CLASS_SYSTEM_OTHER;
--
1.7.0.4

View File

@ -1,55 +0,0 @@
From 12351a91da97b414eec8cdb09f1d9f41e535a401 Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Wed, 14 Dec 2016 18:30:21 -0800
Subject: [PATCH] audio: ac97: add exit function
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit
http://git.qemu.org/?p=qemu.git;a=patch;h=12351a91da97b414eec8cdb09f1d9f41e535a401
this patch is from qemu-git
Currently the ac97 device emulation doesn't have a exit function,
hot unplug this device will leak some memory. Add a exit function to
avoid this.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 58520052.4825ed0a.27a71.6cae@mx.google.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/audio/ac97.c | 11 +++++++++++
1 files changed, 11 insertions(+), 0 deletions(-)
diff --git a/hw/audio/ac97.c b/hw/audio/ac97.c
index cbd959e..c306575 100644
--- a/hw/audio/ac97.c
+++ b/hw/audio/ac97.c
@@ -1387,6 +1387,16 @@ static void ac97_realize(PCIDevice *dev, Error **errp)
ac97_on_reset (&s->dev.qdev);
}
+static void ac97_exit(PCIDevice *dev)
+{
+ AC97LinkState *s = DO_UPCAST(AC97LinkState, dev, dev);
+
+ AUD_close_in(&s->card, s->voice_pi);
+ AUD_close_out(&s->card, s->voice_po);
+ AUD_close_in(&s->card, s->voice_mc);
+ AUD_remove_card(&s->card);
+}
+
static int ac97_init (PCIBus *bus)
{
pci_create_simple (bus, -1, "AC97");
@@ -1404,6 +1414,7 @@ static void ac97_class_init (ObjectClass *klass, void *data)
PCIDeviceClass *k = PCI_DEVICE_CLASS (klass);
k->realize = ac97_realize;
+ k->exit = ac97_exit;
k->vendor_id = PCI_VENDOR_ID_INTEL;
k->device_id = PCI_DEVICE_ID_INTEL_82801AA_5;
k->revision = 0x01;
--
1.7.0.4

View File

@ -1,58 +0,0 @@
From 069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Wed, 14 Dec 2016 18:32:22 -0800
Subject: [PATCH] audio: es1370: add exit function
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit
http://git.qemu.org/?p=qemu.git;a=patch;h=069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da
this patch is from qemu-git.
Currently the es1370 device emulation doesn't have a exit function,
hot unplug this device will leak some memory. Add a exit function to
avoid this.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 585200c9.a968ca0a.1ab80.4c98@mx.google.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/audio/es1370.c | 14 ++++++++++++++
1 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/hw/audio/es1370.c b/hw/audio/es1370.c
index 8449b5f..883ec69 100644
--- a/hw/audio/es1370.c
+++ b/hw/audio/es1370.c
@@ -1041,6 +1041,19 @@ static void es1370_realize(PCIDevice *dev, Error **errp)
es1370_reset (s);
}
+static void es1370_exit(PCIDevice *dev)
+{
+ ES1370State *s = ES1370(dev);
+ int i;
+
+ for (i = 0; i < 2; ++i) {
+ AUD_close_out(&s->card, s->dac_voice[i]);
+ }
+
+ AUD_close_in(&s->card, s->adc_voice);
+ AUD_remove_card(&s->card);
+}
+
static int es1370_init (PCIBus *bus)
{
pci_create_simple (bus, -1, TYPE_ES1370);
@@ -1053,6 +1066,7 @@ static void es1370_class_init (ObjectClass *klass, void *data)
PCIDeviceClass *k = PCI_DEVICE_CLASS (klass);
k->realize = es1370_realize;
+ k->exit = es1370_exit;
k->vendor_id = PCI_VENDOR_ID_ENSONIQ;
k->device_id = PCI_DEVICE_ID_ENSONIQ_ES1370;
k->class_id = PCI_CLASS_MULTIMEDIA_AUDIO;
--
1.7.0.4

View File

@ -1,44 +0,0 @@
From 33243031dad02d161225ba99d782616da133f689 Mon Sep 17 00:00:00 2001
From: Li Qiang <liq3ea@gmail.com>
Date: Thu, 29 Dec 2016 03:11:26 -0500
Subject: [PATCH] virtio-gpu-3d: fix memory leak in resource attach backing
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit
If the virgl_renderer_resource_attach_iov function fails the
'res_iovs' will be leaked. Add check of the return value to
free the 'res_iovs' when failing.
http://git.qemu.org/?p=qemu.git;a=patch;h=33243031dad02d161225ba99d782616da133f689
this patch is from qemu-git.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 1482999086-59795-1-git-send-email-liq3ea@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/display/virtio-gpu-3d.c | 7 +++++--
1 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
index e29f099..b13ced3 100644
--- a/hw/display/virtio-gpu-3d.c
+++ b/hw/display/virtio-gpu-3d.c
@@ -291,8 +291,11 @@ static void virgl_resource_attach_backing(VirtIOGPU *g,
return;
}
- virgl_renderer_resource_attach_iov(att_rb.resource_id,
- res_iovs, att_rb.nr_entries);
+ ret = virgl_renderer_resource_attach_iov(att_rb.resource_id,
+ res_iovs, att_rb.nr_entries);
+
+ if (ret != 0)
+ virtio_gpu_cleanup_mapping_iov(res_iovs, att_rb.nr_entries);
}
static void virgl_resource_detach_backing(VirtIOGPU *g,
--
1.7.0.4

View File

@ -1,39 +0,0 @@
http://git.qemu.org/?p=qemu.git;a=patch;h=204f01b30975923c64006f8067f0937b91eea68b
this patch is from qemu-git.
From 204f01b30975923c64006f8067f0937b91eea68b Mon Sep 17 00:00:00 2001
From: Li Qiang <liq3ea@gmail.com>
Date: Thu, 29 Dec 2016 04:28:41 -0500
Subject: [PATCH] virtio-gpu: fix memory leak in resource attach backing
In the resource attach backing function, everytime it will
allocate 'res->iov' thus can leading a memory leak. This
patch avoid this.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Message-id: 1483003721-65360-1-git-send-email-liq3ea@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/display/virtio-gpu.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
index 6a26258cac..ca88cf478d 100644
--- a/hw/display/virtio-gpu.c
+++ b/hw/display/virtio-gpu.c
@@ -714,6 +714,11 @@ virtio_gpu_resource_attach_backing(VirtIOGPU *g,
return;
}
+ if (res->iov) {
+ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
+ return;
+ }
+
ret = virtio_gpu_create_mapping_iov(&ab, cmd, &res->addrs, &res->iov);
if (ret != 0) {
cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
--
2.11.0

View File

@ -1,44 +0,0 @@
http://git.qemu.org/?p=qemu.git;a=patch;h=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b
this patch is from qemu-git.
From 8409dc884a201bf74b30a9d232b6bbdd00cb7e2b Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Wed, 4 Jan 2017 00:43:16 -0800
Subject: [PATCH] serial: fix memory leak in serial exit
The serial_exit_core function doesn't free some resources.
This can lead memory leak when hotplug and unplug. This
patch avoid this.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Message-Id: <586cb5ab.f31d9d0a.38ac3.acf2@mx.google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
hw/char/serial.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/hw/char/serial.c b/hw/char/serial.c
index ffbacd8227..67b18eda12 100644
--- a/hw/char/serial.c
+++ b/hw/char/serial.c
@@ -906,6 +906,16 @@ void serial_realize_core(SerialState *s, Error **errp)
void serial_exit_core(SerialState *s)
{
qemu_chr_fe_deinit(&s->chr);
+
+ timer_del(s->modem_status_poll);
+ timer_free(s->modem_status_poll);
+
+ timer_del(s->fifo_timeout_timer);
+ timer_free(s->fifo_timeout_timer);
+
+ fifo8_destroy(&s->recv_fifo);
+ fifo8_destroy(&s->xmit_fifo);
+
qemu_unregister_reset(serial_reset, s);
}
--
2.11.0

View File

@ -1,68 +0,0 @@
http://git.qemu.org/?p=qemu.git;a=patch;h=765a707000e838c30b18d712fe6cb3dd8e0435f3
this patch is from qemu-git.
From 765a707000e838c30b18d712fe6cb3dd8e0435f3 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 2 Jan 2017 11:03:33 +0100
Subject: [PATCH] megasas: fix guest-triggered memory leak
If the guest sets the sglist size to a value >=2GB, megasas_handle_dcmd
will return MFI_STAT_MEMORY_NOT_AVAILABLE without freeing the memory.
Avoid this by returning only the status from map_dcmd, and loading
cmd->iov_size in the caller.
Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
hw/scsi/megasas.c | 11 ++++++-----
1 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 67fc1e7..6233865 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -683,14 +683,14 @@ static int megasas_map_dcmd(MegasasState *s, MegasasCmd *cmd)
trace_megasas_dcmd_invalid_sge(cmd->index,
cmd->frame->header.sge_count);
cmd->iov_size = 0;
- return -1;
+ return -EINVAL;
}
iov_pa = megasas_sgl_get_addr(cmd, &cmd->frame->dcmd.sgl);
iov_size = megasas_sgl_get_len(cmd, &cmd->frame->dcmd.sgl);
pci_dma_sglist_init(&cmd->qsg, PCI_DEVICE(s), 1);
qemu_sglist_add(&cmd->qsg, iov_pa, iov_size);
cmd->iov_size = iov_size;
- return cmd->iov_size;
+ return 0;
}
static void megasas_finish_dcmd(MegasasCmd *cmd, uint32_t iov_size)
@@ -1559,19 +1559,20 @@ static const struct dcmd_cmd_tbl_t {
static int megasas_handle_dcmd(MegasasState *s, MegasasCmd *cmd)
{
- int opcode, len;
+ int opcode;
int retval = 0;
+ size_t len;
const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl;
opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
trace_megasas_handle_dcmd(cmd->index, opcode);
- len = megasas_map_dcmd(s, cmd);
- if (len < 0) {
+ if (megasas_map_dcmd(s, cmd) < 0) {
return MFI_STAT_MEMORY_NOT_AVAILABLE;
}
while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) {
cmdptr++;
}
+ len = cmd->iov_size;
if (cmdptr->opcode == -1) {
trace_megasas_dcmd_unhandled(cmd->index, opcode, len);
retval = megasas_dcmd_dummy(s, cmd);
--
1.7.0.4

View File

@ -1,44 +0,0 @@
Fix CVE-2017-5898 (integer overflow in emulated_apdu_from_guest):
http://seclists.org/oss-sec/2017/q1/328
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5898
Patch copied from upstream source repository:
http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=c7dfbf322595ded4e70b626bf83158a9f3807c6a
From c7dfbf322595ded4e70b626bf83158a9f3807c6a Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Fri, 3 Feb 2017 00:52:28 +0530
Subject: [PATCH] usb: ccid: check ccid apdu length
CCID device emulator uses Application Protocol Data Units(APDU)
to exchange command and responses to and from the host.
The length in these units couldn't be greater than 65536. Add
check to ensure the same. It'd also avoid potential integer
overflow in emulated_apdu_from_guest.
Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 20170202192228.10847-1-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/usb/dev-smartcard-reader.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/usb/dev-smartcard-reader.c b/hw/usb/dev-smartcard-reader.c
index 89e11b68c4..1325ea1659 100644
--- a/hw/usb/dev-smartcard-reader.c
+++ b/hw/usb/dev-smartcard-reader.c
@@ -967,7 +967,7 @@ static void ccid_on_apdu_from_guest(USBCCIDState *s, CCID_XferBlock *recv)
DPRINTF(s, 1, "%s: seq %d, len %d\n", __func__,
recv->hdr.bSeq, len);
ccid_add_pending_answer(s, (CCID_Header *)recv);
- if (s->card) {
+ if (s->card && len <= BULK_OUT_DATA_SIZE) {
ccid_card_apdu_from_guest(s->card, recv->abData, len);
} else {
DPRINTF(s, D_WARN, "warning: discarded apdu\n");
--
2.11.1

View File

@ -1,15 +0,0 @@
Search for clucene include file in the clucene include directory.
diff -u -r soprano-2.9.4.orig/cmake/modules/FindCLucene.cmake soprano-2.9.4/cmake/modules/FindCLucene.cmake
--- soprano-2.9.4.orig/cmake/modules/FindCLucene.cmake 2013-10-09 19:22:28.000000000 +0200
+++ soprano-2.9.4/cmake/modules/FindCLucene.cmake 2014-04-28 20:08:11.000000000 +0200
@@ -77,7 +77,8 @@
get_filename_component(TRIAL_LIBRARY_DIR ${CLUCENE_LIBRARY} PATH)
find_path(CLUCENE_LIBRARY_DIR
- NAMES CLucene/clucene-config.h PATHS ${TRIAL_LIBRARY_DIR} ${TRIAL_LIBRARY_PATHS} ${TRIAL_INCLUDE_PATHS} NO_DEFAULT_PATH)
+ NAMES CLucene/clucene-config.h PATHS ${TRIAL_LIBRARY_DIR} ${TRIAL_LIBRARY_PATHS} ${TRIAL_INCLUDE_PATHS} ${CLUCENE_INCLUDE_DIR} NO_DEFAULT_PATH)
+message (STATUS "XXX ${CLUCENE_LIBRARY_DIR}")
if(CLUCENE_LIBRARY_DIR)
message(STATUS "Found CLucene library dir: ${CLUCENE_LIBRARY_DIR}")
file(READ ${CLUCENE_LIBRARY_DIR}/CLucene/clucene-config.h CLCONTENT)

View File

@ -1,65 +0,0 @@
Fix CVE-2017-2616:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
http://seclists.org/oss-sec/2017/q1/474
Patch copied from upstream source repository:
https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=dffab154d29a288aa171ff50263ecc8f2e14a891
From b018571132cb8c9fece3d75ed240cc74cdb5f0f7 Mon Sep 17 00:00:00 2001
From: Karel Zak <kzak@redhat.com>
Date: Wed, 1 Feb 2017 11:58:09 +0100
Subject: [PATCH] su: properly clear child PID
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Reported-by: Tobias Stöckmann <tobias@stoeckmann.org>
Signed-off-by: Karel Zak <kzak@redhat.com>
---
login-utils/su-common.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/login-utils/su-common.c b/login-utils/su-common.c
index 0ea4e40bd..b1720f037 100644
--- a/login-utils/su-common.c
+++ b/login-utils/su-common.c
@@ -376,6 +376,9 @@ create_watching_parent (void)
}
else
status = WEXITSTATUS (status);
+
+ /* child is gone, don't use the PID anymore */
+ child = (pid_t) -1;
}
else if (caught_signal)
status = caught_signal + 128;
@@ -385,7 +388,7 @@ create_watching_parent (void)
else
status = 1;
- if (caught_signal)
+ if (caught_signal && child != (pid_t)-1)
{
fprintf (stderr, _("\nSession terminated, killing shell..."));
kill (child, SIGTERM);
@@ -395,9 +398,12 @@ create_watching_parent (void)
if (caught_signal)
{
- sleep (2);
- kill (child, SIGKILL);
- fprintf (stderr, _(" ...killed.\n"));
+ if (child != (pid_t)-1)
+ {
+ sleep (2);
+ kill (child, SIGKILL);
+ fprintf (stderr, _(" ...killed.\n"));
+ }
/* Let's terminate itself with the received signal.
*
--
2.11.1

View File

@ -1,13 +0,0 @@
This patch was copied from Debian.
--- xserver-xorg-video-intel-2.21.15.orig/src/compat-api.h
+++ xserver-xorg-video-intel-2.21.15/src/compat-api.h
@@ -158,4 +158,8 @@
if ((d)->pScreen->SourceValidate) (d)->pScreen->SourceValidate(d, x, y, w, h)
#endif
+#if XORG_VERSION_CURRENT >= XORG_VERSION_NUMERIC(1,14,99,2,0)
+#define DamageUnregister(d, dd) DamageUnregister(dd)
+#endif
+
#endif

View File

@ -1,15 +0,0 @@
Allow builds with glibc 2.20.
Based on a patch by Peter Hutterer <peter.hutterer@who-t.net>.
See <https://raw.githubusercontent.com/openembedded/oe-core/master/meta/recipes-graphics/xorg-driver/xf86-input-synaptics/always_include_xorg_server.h.patch>.
--- xf86-video-intel-2.21.15/src/intel_device.c.~1~ 2013-08-09 16:58:48.000000000 -0400
+++ xf86-video-intel-2.21.15/src/intel_device.c 2014-12-18 00:03:54.700759577 -0500
@@ -33,6 +33,8 @@
#include <sys/ioctl.h>
+#include <xorg-server.h>
+
#include <pciaccess.h>
#include <xf86.h>
#include <xf86drm.h>

View File

@ -37,6 +37,7 @@
;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au>
;;; Copyright © 2017 Frederick M. Muriithi <fredmanglis@gmail.com>
;;; Copyright © 2017 humanitiesNerd <catonano@gmail.com>
;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au>
;;;
;;; This file is part of GNU Guix.
;;;
@ -7322,14 +7323,14 @@ message digests and key derivation functions.")
(define-public python-pyopenssl
(package
(name "python-pyopenssl")
(version "16.2.0")
(version "17.0.0")
(source
(origin
(method url-fetch)
(uri (pypi-uri "pyOpenSSL" version))
(sha256
(base32
"0vji4yrfshs15xpczbhzhasnjrwcarsqg87n98ixnyafnyxs6ybp"))
"1pdg1gpmkzj8yasg6cmkhcivxcdp4c12nif88y4qvsxq5ffzxas8"))
(patches
(search-patches "python-pyopenssl-skip-network-test.patch"))))
(build-system python-build-system)
@ -7347,7 +7348,7 @@ message digests and key derivation functions.")
(inputs
`(("openssl" ,openssl)))
(native-inputs
`(("python-pytest" ,python-pytest)))
`(("python-pytest" ,python-pytest-3.0)))
(home-page "https://github.com/pyca/pyopenssl")
(synopsis "Python wrapper module around the OpenSSL library")
(description
@ -13965,3 +13966,36 @@ recognize TestCases.")
(sha256
(base32
"17jlkdpqw22z1nyml5ybslilqkzmnk0dxxjml8bfghav1l5hbwd2"))))))
(define-public python-fudge
(package
(name "python-fudge")
;; 0.9.6 is the latest version suitable for testing the "fabric" Python 2
;; package, which is currently the only use of this package.
(version "0.9.6")
(source
(origin
(method url-fetch)
(uri (pypi-uri "fudge" version))
(sha256
(base32
"185ia3vr3qk4f2s1a9hdxb8ci4qc0x0xidrad96pywg8j930qs9l"))))
(build-system python-build-system)
(arguments
`(#:tests? #f)) ;XXX: Tests require the NoseJS Python package.
(home-page "https://github.com/fudge-py/fudge")
(synopsis "Replace real objects with fakes/mocks/stubs while testing")
(description
"Fudge is a Python module for using fake objects (mocks and stubs) to
test real ones.
In readable Python code, you declare the methods available on your fake object
and how they should be called. Then you inject that into your application and
start testing. This declarative approach means you dont have to record and
playback actions and you dont have to inspect your fakes after running code.
If the fake object was used incorrectly then youll see an informative
exception message with a traceback that points to the culprit.")
(license license:expat)))
(define-public python2-fudge
(package-with-python2 python-fudge))

View File

@ -69,23 +69,14 @@
(define-public qemu
(package
(name "qemu")
(version "2.8.1")
(version "2.9.0")
(source (origin
(method url-fetch)
(uri (string-append "http://wiki.qemu-project.org/download/qemu-"
version ".tar.xz"))
(sha256
(base32
"0h342v4n44kh89yyfas4iazvhhsy5m5qk94vsjqpz5zpq1i2ykad"))
(patches (search-patches "qemu-CVE-2016-10155.patch"
"qemu-CVE-2017-5525.patch"
"qemu-CVE-2017-5526.patch"
"qemu-CVE-2017-5552.patch"
"qemu-CVE-2017-5578.patch"
"qemu-CVE-2017-5579.patch"
"qemu-CVE-2017-5856.patch"
"qemu-CVE-2017-5898.patch"
))))
"08mhfs0ndbkyqgw7fjaa9vjxf4dinrly656f6hjzvmaz7hzc677h"))))
(build-system gnu-build-system)
(arguments
'(;; Running tests in parallel can occasionally lead to failures, like:

View File

@ -301,6 +301,8 @@ safety and thread safety guarantees.")
;; Dual licensed.
(license (list license:asl2.0 license:expat))))
;; This tries very hard not to get into a cyclic dependency like this:
;; cargo <- cargo-build-system <- cargo.
(define-public cargo
(package
(name "cargo")
@ -825,6 +827,11 @@ safety and thread safety guarantees.")
(arguments
`(#:cargo ,cargo-bootstrap
#:tests? #f ; FIXME
#:modules
((ice-9 match)
(srfi srfi-1) ; 'every
(guix build utils)
(guix build cargo-build-system))
#:phases
(modify-phases %standard-phases
;; Avoid cargo complaining about missmatched checksums.
@ -833,30 +840,36 @@ safety and thread safety guarantees.")
(delete 'patch-usr-bin-file)
(add-after 'unpack 'unpack-submodule-sources
(lambda* (#:key inputs #:allow-other-keys)
(let ((unpack (lambda (source target)
(mkdir-p target)
(with-directory-excursion target
(zero? (system* "tar" "xf"
source
"--strip-components=1"))))))
(define (unpack source target)
(mkdir-p target)
(with-directory-excursion target
(zero? (system* "tar" "xf"
source
"--strip-components=1"))))
(define (touch file-name)
(call-with-output-file file-name (const #t)))
(define (install-rust-library entry)
(match entry
((name . src)
(if (string-prefix? "rust-" name)
(let* ((rust-length (string-length "rust-"))
(rust-name (string-drop name
rust-length))
(rsrc (string-append "vendor/"
rust-name))
(unpack-status (unpack src rsrc)))
(touch (string-append rsrc "/.cargo-ok"))
(generate-checksums rsrc src)
unpack-status)))
(_ #t)))
(mkdir "vendor")
(for-each (lambda (p)
(let ((name (car p)))
(if (string-prefix? "rust-" name)
(let ((rsrc (string-append "vendor/"
(string-drop name
(string-length "rust-")))))
(unpack (assoc-ref inputs name) rsrc)
(system* "touch" (string-append rsrc "/.cargo-ok"))
(generate-checksums rsrc (assoc-ref inputs name)))))) inputs))))
;; Set CARGO_HOME to use the vendored dependencies.
(add-after 'unpack 'set-cargo-home
(every install-rust-library inputs)))
(add-after 'unpack 'set-environment-up
(lambda* (#:key inputs #:allow-other-keys)
(let* ((gcc (assoc-ref inputs "gcc"))
(cc (string-append gcc "/bin/gcc")))
(mkdir "cargohome")
(setenv "CARGO_HOME" (string-append (getcwd) "/cargohome"))
(call-with-output-file "cargohome/config"
(mkdir ".cargo")
(call-with-output-file ".cargo/config"
(lambda (p)
(format p "
[source.crates-io]
@ -868,7 +881,8 @@ directory = 'vendor'
")))
(setenv "CMAKE_C_COMPILER" cc)
(setenv "CC" cc))
#t)))))
#t))
(delete 'configure))))
(home-page "https://github.com/rust-lang/cargo")
(synopsis "Build tool and package manager for Rust")
(description "Cargo is a tool that allows Rust projects to declare their

View File

@ -140,7 +140,7 @@ system, such as sound redirection over the network.")
(define-public sdl-gfx
(package
(name "sdl-gfx")
(version "2.0.24")
(version "2.0.26")
(source (origin
(method url-fetch)
(uri
@ -148,7 +148,7 @@ system, such as sound redirection over the network.")
version ".tar.gz"))
(sha256
(base32
"064islldm4r42lgj9fr4kbk66r7jmmakk9745hhyb1kmw71kib9h"))))
"0ijljhs0v99dj6y27hc10z6qchyp8gdp4199y6jzngy6dzxlzsvw"))))
(build-system gnu-build-system)
(propagated-inputs `(("sdl" ,sdl)))
(synopsis "SDL graphics primitives library")

481
gnu/packages/selinux.scm Normal file
View File

@ -0,0 +1,481 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages selinux)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix utils)
#:use-module (guix build-system gnu)
#:use-module (guix build-system python)
#:use-module (gnu packages)
#:use-module (gnu packages admin)
#:use-module (gnu packages bison)
#:use-module (gnu packages docbook)
#:use-module (gnu packages flex)
#:use-module (gnu packages gettext)
#:use-module (gnu packages glib)
#:use-module (gnu packages linux)
#:use-module (gnu packages networking)
#:use-module (gnu packages pcre)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
#:use-module (gnu packages swig)
#:use-module (gnu packages textutils)
#:use-module (gnu packages xml))
;; Update the SELinux packages together!
(define-public libsepol
(package
(name "libsepol")
(version "2.6")
(source (let ((release "20161014"))
(origin
(method url-fetch)
(uri (string-append "https://github.com/SELinuxProject/selinux/"
"archive/" release ".tar.gz"))
(file-name (string-append "selinux-" release ".tar.gz"))
(sha256
(base32
"1dpwynfb6n31928343blac4159g4jbrwxdp61q5yffmxpy3c3czi")))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; tests require checkpolicy, which requires libsepol
#:test-target "test"
#:make-flags
(let ((out (assoc-ref %outputs "out")))
(list (string-append "PREFIX=" out)
(string-append "DESTDIR=" out)
(string-append "MAN3DIR=" out "/share/man/man3")
(string-append "MAN5DIR=" out "/share/man/man5")
(string-append "MAN8DIR=" out "/share/man/man8")
(string-append "LDFLAGS=-Wl,-rpath=" out "/lib")
"CC=gcc"))
#:phases
(modify-phases %standard-phases
(delete 'configure)
(add-after 'unpack 'enter-dir
(lambda _ (chdir ,name) #t)))))
(native-inputs
`(("flex" ,flex)))
(home-page "https://selinuxproject.org/")
(synopsis "Library for manipulating SELinux policies")
(description
"The libsepol library provides an API for the manipulation of SELinux
binary policies. It is used by @code{checkpolicy} (the policy compiler) and
similar tools, and programs such as @code{load_policy}, which must perform
specific transformations on binary policies (for example, customizing policy
boolean settings).")
(license license:lgpl2.1+)))
(define-public checkpolicy
(package (inherit libsepol)
(name "checkpolicy")
(arguments
`(#:tests? #f ; there is no check target
#:make-flags
(let ((out (assoc-ref %outputs "out")))
(list (string-append "PREFIX=" out)
(string-append "LDLIBS="
(assoc-ref %build-inputs "libsepol")
"/lib/libsepol.a "
(assoc-ref %build-inputs "flex")
"/lib/libfl.a")
"CC=gcc"))
#:phases
(modify-phases %standard-phases
(delete 'configure)
(add-after 'unpack 'enter-dir
(lambda _ (chdir ,name) #t)))))
(inputs
`(("libsepol" ,libsepol)))
(native-inputs
`(("bison" ,bison)
("flex" ,flex)))
(synopsis "Check SELinux security policy configurations and modules")
(description
"This package provides the tools \"checkpolicy\" and \"checkmodule\".
Checkpolicy is a program that checks and compiles a SELinux security policy
configuration into a binary representation that can be loaded into the kernel.
Checkmodule is a program that checks and compiles a SELinux security policy
module into a binary representation.")
;; GPLv2 only
(license license:gpl2)))
(define-public libselinux
(package (inherit libsepol)
(name "libselinux")
(arguments
(substitute-keyword-arguments (package-arguments libsepol)
((#:make-flags flags)
`(cons* "PYTHON=python3"
(string-append "PYSITEDIR="
(assoc-ref %outputs "out")
"/lib/python"
,(version-major+minor (package-version python))
"/site-packages/")
,flags))
((#:phases phases)
`(modify-phases ,phases
(replace 'enter-dir
(lambda _ (chdir ,name) #t))
;; libsepol.a is not located in this package's LIBDIR.
(add-after 'enter-dir 'patch-libsepol-path
(lambda* (#:key inputs #:allow-other-keys)
(substitute* "src/Makefile"
(("\\$\\(LIBDIR\\)/libsepol.a")
(string-append (assoc-ref inputs "libsepol")
"/lib/libsepol.a")))
#t))
(add-after 'enter-dir 'remove-Werror
(lambda _
;; GCC complains about the fact that the output does not (yet)
;; have an "include" directory, even though it is referenced.
(substitute* '("src/Makefile"
"utils/Makefile")
(("-Werror ") ""))
#t))
(add-after 'build 'pywrap
(lambda* (#:key make-flags #:allow-other-keys)
(zero? (apply system* "make" "pywrap" make-flags))))
(add-after 'install 'install-pywrap
(lambda* (#:key make-flags #:allow-other-keys)
(zero? (apply system* "make" "install-pywrap" make-flags))))))))
(inputs
`(("libsepol" ,libsepol)
("pcre" ,pcre)
;; For pywrap phase
("python" ,python-wrapper)))
;; These inputs are only needed for the pywrap phase.
(native-inputs
`(("swig" ,swig)
("pkg-config" ,pkg-config)))
(synopsis "SELinux core libraries and utilities")
(description
"The libselinux library provides an API for SELinux applications to get
and set process and file security contexts, and to obtain security policy
decisions. It is required for any applications that use the SELinux API, and
used by all applications that are SELinux-aware. This package also includes
the core SELinux management utilities.")
(license license:public-domain)))
(define-public libsemanage
(package (inherit libsepol)
(name "libsemanage")
(arguments
(substitute-keyword-arguments (package-arguments libsepol)
((#:make-flags flags)
`(cons* "PYTHON=python3"
(string-append "PYSITEDIR="
(assoc-ref %outputs "out")
"/lib/python"
,(version-major+minor (package-version python))
"/site-packages/")
,flags))
((#:phases phases)
`(modify-phases ,phases
(replace 'enter-dir
(lambda _ (chdir ,name) #t))
(add-after 'build 'pywrap
(lambda* (#:key make-flags #:allow-other-keys)
(zero? (apply system* "make" "pywrap" make-flags))))
(add-after 'install 'install-pywrap
(lambda* (#:key make-flags #:allow-other-keys)
(zero? (apply system* "make" "install-pywrap" make-flags))))))))
(inputs
`(("libsepol" ,libsepol)
("libselinux" ,libselinux)
("audit" ,audit)
("ustr" ,ustr)
;; For pywrap phase
("python" ,python-wrapper)))
(native-inputs
`(("bison" ,bison)
("flex" ,flex)
;; For pywrap phase
("swig" ,swig)
("pkg-config" ,pkg-config)))
(synopsis "SELinux policy management libraries")
(description
"The libsemanage library provides an API for the manipulation of SELinux
binary policies.")
(license license:lgpl2.1+)))
(define-public secilc
(package (inherit libsepol)
(name "secilc")
(arguments
(substitute-keyword-arguments (package-arguments libsepol)
((#:make-flags flags)
`(let ((docbook (assoc-ref %build-inputs "docbook-xsl")))
(cons (string-append "XMLTO=xmlto --skip-validation -x "
docbook "/xml/xsl/docbook-xsl-"
,(package-version docbook-xsl)
"/manpages/docbook.xsl")
,flags)))
((#:phases phases)
`(modify-phases ,phases
(replace 'enter-dir
(lambda _ (chdir ,name) #t))))))
(inputs
`(("libsepol" ,libsepol)))
(native-inputs
`(("xmlto" ,xmlto)
("docbook-xsl" ,docbook-xsl)))
(synopsis "SELinux common intermediate language (CIL) compiler")
(description "The SELinux CIL compiler is a compiler that converts the
@dfn{common intermediate language} (CIL) into a kernel binary policy file.")
(license license:bsd-2)))
(define-public python-sepolgen
(package (inherit libsepol)
(name "python-sepolgen")
(arguments
`(#:modules ((srfi srfi-1)
(guix build gnu-build-system)
(guix build utils))
,@(substitute-keyword-arguments (package-arguments libsepol)
((#:phases phases)
`(modify-phases ,phases
(replace 'enter-dir
(lambda _ (chdir "sepolgen") #t))
;; By default all Python files would be installed to
;; $out/gnu/store/...-python-.../, so we override the
;; PACKAGEDIR to fix this.
(add-after 'enter-dir 'fix-target-path
(lambda* (#:key inputs outputs #:allow-other-keys)
(let ((get-python-version
;; FIXME: copied from python-build-system
(lambda (python)
(let* ((version (last (string-split python #\-)))
(components (string-split version #\.))
(major+minor (take components 2)))
(string-join major+minor ".")))))
(substitute* "src/sepolgen/Makefile"
(("^PACKAGEDIR.*")
(string-append "PACKAGEDIR="
(assoc-ref outputs "out")
"/lib/python"
(get-python-version
(assoc-ref inputs "python"))
"/site-packages/sepolgen")))
(substitute* "src/share/Makefile"
(("\\$\\(DESTDIR\\)") (assoc-ref outputs "out"))))
#t)))))))
(inputs
`(("python" ,python-wrapper)))
(native-inputs '())
(synopsis "Python module for generating SELinux policies")
(description
"This package contains a Python module that forms the core of
@code{audit2allow}, a part of the package @code{policycoreutils}. The
sepolgen library contains: Reference Policy Representation, which are Objects
for representing policies and the reference policy interfaces. It has objects
and algorithms for representing access and sets of access in an abstract way
and searching that access. It also has a parser for reference policy
\"headers\". It contains infrastructure for parsing SELinux related messages
as produced by the audit system. It has facilities for generating policy
based on required access.")
;; GPLv2 only
(license license:gpl2)))
;; The latest 4.1.x version does not work with the latest 2.6 release of
;; policycoreutils, so we use the last 4.0.x release.
(define-public python-setools
(package
(name "python-setools")
(version "4.0.1")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/TresysTechnology/"
"setools/archive/" version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"1zndpl4ck5c23p7s4sci06db89q1w87jig3jbd4f8s1ggy3lj82c"))))
(build-system python-build-system)
(arguments
`(#:tests? #f ; the test target causes a rebuild
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'set-SEPOL-variable
(lambda* (#:key inputs #:allow-other-keys)
(setenv "SEPOL"
(string-append (assoc-ref inputs "libsepol")
"/lib/libsepol.a"))))
(add-after 'unpack 'remove-Werror
(lambda _
(substitute* "setup.py"
(("'-Werror',") ""))
#t))
(add-after 'unpack 'fix-target-paths
(lambda* (#:key outputs #:allow-other-keys)
(substitute* "setup.py"
(("join\\(sys.prefix")
(string-append "join(\"" (assoc-ref outputs "out") "/\"")))
#t)))))
(propagated-inputs
`(("python-networkx" ,python-networkx)))
(inputs
`(("libsepol" ,libsepol)
("libselinux" ,libselinux)))
(native-inputs
`(("bison" ,bison)
("flex" ,flex)
("swig" ,swig)))
(home-page "https://github.com/TresysTechnology/setools")
(synopsis "Tools for SELinux policy analysis")
(description "SETools is a collection of graphical tools, command-line
tools, and libraries designed to facilitate SELinux policy analysis.")
;; Some programs are under GPL, all libraries under LGPL.
(license (list license:lgpl2.1+
license:gpl2+))))
(define-public policycoreutils
(package (inherit libsepol)
(name "policycoreutils")
(source
(origin (inherit (package-source libsepol))
(patches (search-patches "policycoreutils-make-sepolicy-use-python3.patch"))
(patch-flags '("-p1" "-d" "policycoreutils"))))
(arguments
`(#:test-target "test"
#:make-flags
(let ((out (assoc-ref %outputs "out")))
(list "CC=gcc"
(string-append "PREFIX=" out)
(string-append "LOCALEDIR=" out "/share/locale")
(string-append "BASHCOMPLETIONDIR=" out
"/share/bash-completion/completions")
"INSTALL=install -c -p"
"INSTALL_DIR=install -d"
;; These ones are needed because some Makefiles define the
;; directories relative to DESTDIR, not relative to PREFIX.
(string-append "SBINDIR=" out "/sbin")
(string-append "ETCDIR=" out "/etc")
(string-append "SYSCONFDIR=" out "/etc/sysconfig")
(string-append "MAN5DIR=" out "/share/man/man5")
(string-append "INSTALL_NLS_DIR=" out "/share/locale")
(string-append "AUTOSTARTDIR=" out "/etc/xdg/autostart")
(string-append "DBUSSERVICEDIR=" out "/share/dbus-1/services")
(string-append "SYSTEMDDIR=" out "/lib/systemd")
(string-append "INITDIR=" out "/etc/rc.d/init.d")
(string-append "SELINUXDIR=" out "/etc/selinux")))
#:phases
(modify-phases %standard-phases
(delete 'configure)
(add-after 'unpack 'enter-dir
(lambda _ (chdir ,name) #t))
(add-after 'enter-dir 'ignore-/usr-tests
(lambda* (#:key inputs #:allow-other-keys)
;; The Makefile decides to build restorecond only if it finds the
;; inotify header somewhere under /usr.
(substitute* "Makefile"
(("ifeq.*") "")
(("endif.*") ""))
;; Rewrite lookup paths for header files.
(substitute* '("newrole/Makefile"
"setfiles/Makefile"
"run_init/Makefile")
(("/usr(/include/security/pam_appl.h)" _ file)
(string-append (assoc-ref inputs "pam") file))
(("/usr(/include/libaudit.h)" _ file)
(string-append (assoc-ref inputs "audit") file)))
#t))
(add-after 'enter-dir 'fix-glib-cflags
(lambda* (#:key inputs #:allow-other-keys)
(substitute* "restorecond/Makefile"
(("/usr(/include/glib-2.0|/lib/glib-2.0/include)" _ path)
(string-append (assoc-ref inputs "glib") path))
(("/usr(/include/dbus-1.0|/lib/dbus-1.0/include)" _ path)
(string-append (assoc-ref inputs "dbus") path
" -I"
(assoc-ref inputs "dbus-glib") path)))
#t))
(add-after 'enter-dir 'fix-linkage-with-libsepol
(lambda* (#:key inputs #:allow-other-keys)
(substitute* '("semodule_deps/Makefile"
"sepolgen-ifgen/Makefile")
(("\\$\\(LIBDIR\\)")
(string-append (assoc-ref inputs "libsepol") "/lib/")))))
(add-after 'enter-dir 'fix-target-paths
(lambda* (#:key outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out")))
(substitute* "audit2allow/sepolgen-ifgen"
(("ATTR_HELPER = \"/usr/bin/sepolgen-ifgen-attr-helper\"")
(string-append "ATTR_HELPER = \"" out
"/bin/sepolgen-ifgen-attr-helper\"")))
(substitute* "sepolicy/sepolicy/__init__.py"
(("/usr/bin/sepolgen-ifgen")
(string-append out "/bin/sepolgen-ifgen")))
(substitute* "sepolicy/Makefile"
;; By default all Python files would be installed to
;; $out/gnu/store/...-python-.../.
(("setup.py install.*$")
(string-append "setup.py install --prefix=" out "\n"))
(("\\$\\(DESTDIR\\)/etc")
(string-append out "/etc"))
(("\\$\\(DESTDIR\\)/usr") out)))
#t))
(add-after 'install 'wrap-python-tools
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(var (string-append out "/lib/python"
,(version-major+minor (package-version python))
"/site-packages:"
(getenv "PYTHONPATH"))))
;; The scripts' shebangs tell Python to ignore the PYTHONPATH,
;; so we need to patch them before wrapping.
(for-each (lambda (file)
(let ((path (string-append out "/" file)))
(substitute* path
(("bin/python -Es") "bin/python -s"))
(wrap-program path
`("PYTHONPATH" ":" prefix (,var)))))
'("bin/audit2allow"
"bin/chcat"
"bin/sandbox"
"bin/sepolgen-ifgen"
"bin/sepolicy"
"sbin/semanage")))
#t)))))
(inputs
`(("python" ,python-wrapper)
("audit" ,audit)
("pam" ,linux-pam)
("libsepol" ,libsepol)
("libselinux" ,libselinux)
("libsemanage" ,libsemanage)
("python-sepolgen" ,python-sepolgen)
("python-setools" ,python-setools)
("python-ipy" ,python-ipy)
("libcap-ng" ,libcap-ng)
("pcre" ,pcre)
("dbus" ,dbus)
("dbus-glib" ,dbus-glib)
("glib" ,glib)))
(native-inputs
`(("gettext" ,gettext-minimal)))
(synopsis "SELinux core utilities")
(description "The policycoreutils package contains the core utilities that
are required for the basic operation of an SELinux-enabled GNU system and its
policies. These utilities include @code{load_policy} to load policies,
@code{setfiles} to label file systems, @code{newrole} to switch roles, and
@code{run_init} to run service scripts in their proper context.")
(license license:gpl2+)))

View File

@ -4,6 +4,7 @@
;;; Copyright © 2016 David Craven <david@craven.ch>
;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2017 Corentin Bocquillon <corentin@nybble.fr>
;;;
;;; This file is part of GNU Guix.
;;;
@ -35,7 +36,8 @@
#:use-module (gnu packages documentation)
#:use-module (gnu packages lua)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python))
#:use-module (gnu packages python)
#:use-module (gnu packages perl))
(define-public cereal
(package
@ -287,3 +289,24 @@ it a convenient format to store user input files.")
"Cap'n Proto is a very fast data interchange format and capability-based
RPC system. Think JSON, except binary. Or think Protocol Buffers, except faster.")
(license license:expat)))
(define-public libbson
(package
(name "libbson")
(version "1.6.2")
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/mongodb/libbson/releases/"
"download/" version "/libbson-" version ".tar.gz"))
(sha256
(base32
"1fj4554msq0rrz14snbj908dzqj46gh7jg9w9j0akn2b7q911m5a"))))
(build-system gnu-build-system)
(native-inputs `(("perl" ,perl)))
(home-page "http://mongoc.org/libbson/current/index.html")
(synopsis "C BSON library")
(description "Libbson can create and parse BSON documents. It can also
convert JSON documents to BSON and the opposite. BSON stands for Binary JSON,
it is comparable to protobuf.")
(license license:asl2.0)))

View File

@ -52,7 +52,8 @@
#:use-module (guix download)
#:use-module (guix git-download)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages))
#:use-module (guix packages)
#:use-module (srfi srfi-1))
(define-public libssh
(package
@ -265,6 +266,27 @@ programs written in GNU Guile interpreter. It is a wrapper to the underlying
libssh library.")
(license license:gpl3+)))
(define-public guile2.2-ssh
;; This is a snapshot of a unofficial copy of Guile-SSH, which hopefully
;; reflects the upcoming release well enough.
(let ((commit "926a0843626f89e3db02d01a6b01cc1f0d9cefcf")
(revision "0"))
(package
(inherit guile-ssh)
(name "guile2.2-ssh")
(version (string-append "0.10.2." revision "." (string-take commit 7)))
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://notabug.org/civodul/guile-ssh/")
(commit commit)))
(file-name (git-file-name name version))
(sha256
(base32
"0hf28macq8d1w05g0xy2lw1s5vzmcrixh7m43x7qvvdd31c998ip"))))
(inputs `(("guile" ,guile-2.2)
,@(alist-delete "guile" (package-inputs guile-ssh)))))))
(define-public corkscrew
(package
(name "corkscrew")

View File

@ -262,14 +262,14 @@ available, greatly increasing its breadth and scope.")
(define-public r-boot
(package
(name "r-boot")
(version "1.3-18")
(version "1.3-19")
(source
(origin
(method url-fetch)
(uri (cran-uri "boot" version))
(sha256
(base32
"0pi348vvgzn1ny54yxhw6kq6nl7rx9bpr9ji1a6wqs8ah5zj7z8j"))))
"16hsw4bw9pkfc2lqxfwycm1sbvbrm4linvm0ci71n8sxc7srvkis"))))
(build-system r-build-system)
(home-page "http://cran.r-project.org/web/packages/boot")
(synopsis "Bootstrap functions for R")
@ -283,14 +283,14 @@ D.V. Hinkley (1997, CUP), originally written by Angelo Canty for S.")
(define-public r-mass
(package
(name "r-mass")
(version "7.3-45")
(version "7.3-47")
(source
(origin
(method url-fetch)
(uri (cran-uri "MASS" version))
(sha256
(base32
"13lp5919h2bnpmf8rbmkar8a41yx62fnx66pkvljvqf60wa29qsx"))))
"1gy6z7ly9wn86rfn9xrmqiqq1ijw3pkasrr2299kbzsgx2mwsi7d"))))
(properties `((upstream-name . "MASS")))
(build-system r-build-system)
(home-page "http://www.stats.ox.ac.uk/pub/MASS4/")
@ -514,14 +514,14 @@ single hidden layer, and for multinomial log-linear models.")
(define-public r-rpart
(package
(name "r-rpart")
(version "4.1-10")
(version "4.1-11")
(source
(origin
(method url-fetch)
(uri (cran-uri "rpart" version))
(sha256
(base32
"119dvh2cpab4vq9blvbkil5hgq6w018amiwlda3ii0fki39axpf5"))))
"165djqj7lk81jr7z5fwccq3h7ayys26hx1kj9hndvg2rkyaq1arq"))))
(build-system r-build-system)
(home-page "http://cran.r-project.org/web/packages/rpart")
(synopsis "Recursive partitioning and regression trees")
@ -1124,13 +1124,13 @@ considerably faster, produces smaller files, and leaves text as is.")
(define-public r-assertthat
(package
(name "r-assertthat")
(version "0.1")
(version "0.2.0")
(source (origin
(method url-fetch)
(uri (cran-uri "assertthat" version))
(sha256
(base32
"0dwsqajyglfscqilj843qfqn1ndbqpswa7b4l1d633qjk9d68qqk"))))
"1wp5znk3xy338x6hknppk702jn596yr735d9i7c3wabm3sdzfgnp"))))
(build-system r-build-system)
(home-page "https://github.com/hadley/assertthat")
(synopsis "Easy pre and post assertions")
@ -1279,13 +1279,13 @@ data derived from /etc/mime.types in UNIX-type systems.")
(define-public r-markdown
(package
(name "r-markdown")
(version "0.7.7")
(version "0.8")
(source (origin
(method url-fetch)
(uri (cran-uri "markdown" version))
(sha256
(base32
"00j1hlib3il50azs2vlcyhi0bjpx1r50mxr9w9dl5g1bwjjc71hb"))))
"1vcgsh2m2f5kfgappgg71nbf04ff0j1sbk668krjs3r2n89dk3sk"))))
(build-system r-build-system)
;; Skip check phase because the tests require the r-knitr package to be
;; installed. This prevents installation failures. Knitr normally
@ -1417,13 +1417,13 @@ understand the language at a deeper level.")
(define-public r-memoise
(package
(name "r-memoise")
(version "1.0.0")
(version "1.1.0")
(source (origin
(method url-fetch)
(uri (cran-uri "memoise" version))
(sha256
(base32
"0sq2dhpvxy17v1baj256r0jnygdy3m5a8x4zh6vhv29957qnq6zx"))))
"034qfc2xlh30x1q2vya239w34a3ir3y2fwnx2agbgbi6592zjxmj"))))
(build-system r-build-system)
(propagated-inputs
`(("r-digest" ,r-digest)))
@ -2443,13 +2443,13 @@ well as additional utilities such as panel and axis annotation functions.")
(define-public r-rcpparmadillo
(package
(name "r-rcpparmadillo")
(version "0.7.700.0.0")
(version "0.7.800.2.0")
(source (origin
(method url-fetch)
(uri (cran-uri "RcppArmadillo" version))
(sha256
(base32
"03cvl2xgmvh4sylw7ff7s020y7k2wzyj34l0zngm09qs44pa9q0m"))))
"025lh504nw7ir1f2xsqnvfkq9rg0rb2xzfn3a2s0b2a9snqdzzwr"))))
(properties `((upstream-name . "RcppArmadillo")))
(build-system r-build-system)
(propagated-inputs
@ -3151,14 +3151,14 @@ the way current RNG settings can be changed.")
(define-public r-rtsne
(package
(name "r-rtsne")
(version "0.11")
(version "0.13")
(source
(origin
(method url-fetch)
(uri (cran-uri "Rtsne" version))
(sha256
(base32
"0zi4nxgpiv1gpdmcnqdhz5kymzp8m5xj02zpf290p1yyydl76bhy"))))
"17crbdi80q4g2pwp9v7j3bdaznk96qlrqx01zvj3wwqippizyfqw"))))
(properties `((upstream-name . "Rtsne")))
(build-system r-build-system)
(propagated-inputs
@ -3431,13 +3431,13 @@ persistent (on the file system).")
(define-public r-r-rsp
(package
(name "r-r-rsp")
(version "0.40.0")
(version "0.41.0")
(source (origin
(method url-fetch)
(uri (cran-uri "R.rsp" version))
(sha256
(base32
"1hz5fnxz30m3cc7x7ha1swx4pn8c2244z6ka6v9m3l5lpdgc1367"))))
"01l430avj5ggmdsla2kiriix72g0dlzx9klniq321bs0za808v3c"))))
(properties `((upstream-name . "R.rsp")))
(build-system r-build-system)
(propagated-inputs
@ -3481,13 +3481,13 @@ t-probabilities, quantiles, random deviates and densities.")
(define-public r-matrixstats
(package
(name "r-matrixstats")
(version "0.52.1")
(version "0.52.2")
(source (origin
(method url-fetch)
(uri (cran-uri "matrixStats" version))
(sha256
(base32
"0ihxnbbc1czfbccm8mrh7hjwdik3y90964xhbjday6fci0xjcsi5"))))
"19fjf19cr0p3j9pj17myz39zpi5bh7ci72db3la9my09n6k6mnir"))))
(properties `((upstream-name . "matrixStats")))
(build-system r-build-system)
(native-inputs
@ -4150,13 +4150,13 @@ estimation) corresponding to the book: Wand, M.P. and Jones, M.C. (1995)
(define-public r-zoo
(package
(name "r-zoo")
(version "1.7-14")
(version "1.8-0")
(source (origin
(method url-fetch)
(uri (cran-uri "zoo" version))
(sha256
(base32
"167m142rwwfy8b9hnfc3fi28dcsdjk61g1crqhll6sh5xmgnfn28"))))
"0mqklbx92ifwa0awm7gpm4r9dvwa09p55zjxjnypiqsxy532r4h9"))))
(build-system r-build-system)
(propagated-inputs
`(("r-lattice" ,r-lattice)))
@ -4371,14 +4371,14 @@ published by the statistics blog FiveThirtyEight.")
(define-public r-compquadform
(package
(name "r-compquadform")
(version "1.4.2")
(version "1.4.3")
(source
(origin
(method url-fetch)
(uri (cran-uri "CompQuadForm" version))
(sha256
(base32
"0bsgbdblxpv57mbwnf51xyiydp2bqyxkg4zzwqki85cv5xqlrq1n"))))
"1i30hrqdk64q17vsn918c3q79brchgx2wzh1gbsgbn0dh1ncabq4"))))
(properties `((upstream-name . "CompQuadForm")))
(build-system r-build-system)
(home-page "http://cran.r-project.org/web/packages/CompQuadForm")
@ -4879,19 +4879,20 @@ using modular prediction and response module classes.")
(define-public r-quantreg
(package
(name "r-quantreg")
(version "5.29")
(version "5.33")
(source
(origin
(method url-fetch)
(uri (cran-uri "quantreg" version))
(sha256
(base32
"098gy8xv9kcl5y0cm93b8chr5sm6crrdxi20bkx9lmwmybl3himv"))))
"1dirmxa4cd05nb0yv0ga6ivw5hkr2zr2cb2lixl1nb6amqn024is"))))
(build-system r-build-system)
(native-inputs
`(("gfortran" ,gfortran)))
(propagated-inputs
`(("r-matrixmodels" ,r-matrixmodels)
`(("r-matrix" ,r-matrix)
("r-matrixmodels" ,r-matrixmodels)
("r-sparsem" ,r-sparsem)))
(home-page "http://www.r-project.org")
(synopsis "Quantile regression")
@ -4932,20 +4933,22 @@ algorithms.")
(define-public r-lme4
(package
(name "r-lme4")
(version "1.1-12")
(version "1.1-13")
(source
(origin
(method url-fetch)
(uri (cran-uri "lme4" version))
(sha256
(base32
"0j60l5kgx1wvw2wm3jwfqwi63hammaq8gfcxzwa4h552likvaxi9"))))
"13j4a721rx0272pdxrz6nabjv56xb6srklq5w4z1abc82lyvda2z"))))
(build-system r-build-system)
(native-inputs
`(("r-rcpp" ,r-rcpp)
("r-rcppeigen" ,r-rcppeigen)))
(propagated-inputs
`(("r-minqa" ,r-minqa)
`(("r-lattice" ,r-lattice)
("r-matrix" ,r-matrix)
("r-minqa" ,r-minqa)
("r-nloptr" ,r-nloptr)
("r-mass" ,r-mass)
("r-nlme" ,r-nlme)))
@ -5010,20 +5013,22 @@ to Applied regression, Second Edition, Sage, 2011.")
(define-public r-caret
(package
(name "r-caret")
(version "6.0-73")
(version "6.0-76")
(source
(origin
(method url-fetch)
(uri (cran-uri "caret" version))
(sha256
(base32
"1jzaqwv4glyqqnfbpalgajd0ag866247vvdh5i83ffqs1yhs984h"))))
"1w31xzpmj8p6r6s7s1vwnjxainq54bbh4cqm177ba0myv69hh8cc"))))
(build-system r-build-system)
(propagated-inputs
`(("r-car" ,r-car)
("r-foreach" ,r-foreach)
("r-ggplot2" ,r-ggplot2)
("r-lattice" ,r-lattice)
("r-modelmetrics" ,r-modelmetrics)
("r-nlme" ,r-nlme)
("r-plyr" ,r-plyr)
("r-reshape2" ,r-reshape2)))
(home-page "https://github.com/topepo/caret")

View File

@ -174,7 +174,7 @@ numbers of user-defined menu items efficiently.")
(source
(origin
(method url-fetch)
(uri (string-append "http://dl.2f30.org/releases/"
(uri (string-append "https://dl.2f30.org/releases/"
name "-" version ".tar.gz"))
(sha256
(base32
@ -189,7 +189,7 @@ numbers of user-defined menu items efficiently.")
("libxkbfile" ,libxkbfile)
("alsa-lib" ,alsa-lib)
("libmpdclient" ,libmpdclient)))
(home-page "http://git.2f30.org/spoon/")
(home-page "https://git.2f30.org/spoon/")
(synopsis "Set dwm status")
(description
"Spoon can be used to set the dwm status.")
@ -355,7 +355,7 @@ few minutes.")
(source
(origin
(method url-fetch)
(uri (string-append "http://dl.2f30.org/releases/"
(uri (string-append "https://dl.2f30.org/releases/"
name "-" version ".tar.gz"))
(sha256
(base32
@ -367,7 +367,7 @@ few minutes.")
(string-append "PREFIX=" %output))))
(inputs
`(("libx11" ,libx11)))
(home-page "http://git.2f30.org/xbattmon/")
(home-page "https://git.2f30.org/xbattmon/")
(synopsis "Simple battery monitor for X")
(description
"Xbattmon is a simple battery monitor for X.")
@ -380,7 +380,7 @@ few minutes.")
(source
(origin
(method url-fetch)
(uri (string-append "http://dl.2f30.org/releases/"
(uri (string-append "https://dl.2f30.org/releases/"
name "-" version ".tar.gz"))
(sha256
(base32
@ -393,7 +393,7 @@ few minutes.")
#:phases
(modify-phases %standard-phases
(delete 'configure)))) ; No configure script
(home-page "http://git.2f30.org/wificurse/")
(home-page "https://git.2f30.org/wificurse/")
(synopsis "Wifi DoS attack tool")
(description
"Wificurses listens for beacons sent from wireless access points
@ -413,7 +413,7 @@ drivers capable of injecting packets in wireless networks.")
(source
(origin
(method url-fetch)
(uri (string-append "http://dl.2f30.org/releases/"
(uri (string-append "https://dl.2f30.org/releases/"
name "-" version ".tar.gz"))
(sha256
(base32
@ -426,7 +426,7 @@ drivers capable of injecting packets in wireless networks.")
#:phases
(modify-phases %standard-phases
(delete 'configure)))) ; No configure script
(home-page "http://2f30.org")
(home-page "https://2f30.org/")
(synopsis "Commandline utility which scrolls text")
(description
"Skroll is a small utility that you can use to make a text scroll.
@ -441,7 +441,7 @@ left.")
(source
(origin
(method url-fetch)
(uri (string-append "http://dl.2f30.org/releases/"
(uri (string-append "https://dl.2f30.org/releases/"
name "-" version ".tar.gz"))
(sha256
(base32
@ -454,7 +454,7 @@ left.")
#:phases
(modify-phases %standard-phases
(delete 'configure)))) ; No configure script
(home-page "http://git.2f30.org/sbm/")
(home-page "https://git.2f30.org/sbm/")
(synopsis "Simple bandwidth monitor")
(description
"Sbm is a simple bandwidth monitor.")
@ -467,7 +467,7 @@ left.")
(source
(origin
(method url-fetch)
(uri (string-append "http://dl.2f30.org/releases/"
(uri (string-append "https://dl.2f30.org/releases/"
name "-" version ".tar.gz"))
(sha256
(base32
@ -483,7 +483,7 @@ left.")
(inputs
`(("cups-minimal" ,cups-minimal)
("zlib" ,zlib)))
(home-page "http://git.2f30.org/prout/")
(home-page "https://git.2f30.org/prout/")
(synopsis "Smaller lp command")
(description
"Prout (PRint OUT) is a small utility one can use to send
@ -500,7 +500,7 @@ cups server to be installed.")
(source
(origin
(method url-fetch)
(uri (string-append "http://dl.2f30.org/releases/"
(uri (string-append "https://dl.2f30.org/releases/"
name "-" version ".tar.gz"))
(sha256
(base32
@ -519,7 +519,7 @@ cups server to be installed.")
(("lcurses") "lncurses")))))))
(inputs
`(("ncurses" ,ncurses)))
(home-page "http://git.2f30.org/noice/")
(home-page "https://git.2f30.org/noice/")
(synopsis "Small file browser")
(description
"Noice is a small curses-based file browser.")
@ -550,7 +550,7 @@ cups server to be installed.")
#:phases
(modify-phases %standard-phases
(delete 'configure)))) ; No configure script
(home-page "http://git.2f30.org/human/")
(home-page "https://git.2f30.org/human/")
(synopsis "Convert bytes to human readable formats")
(description
"Human is a small program which translate numbers into a
@ -567,7 +567,7 @@ environment variable.")
(source
(origin
(method url-fetch)
(uri (string-append "http://dl.2f30.org/releases/"
(uri (string-append "https://dl.2f30.org/releases/"
name "-" version ".tar.gz"))
(sha256
(base32
@ -580,22 +580,22 @@ environment variable.")
#:phases
(modify-phases %standard-phases
(delete 'configure)))) ; No configure script
(home-page "http://git.2f30.org/fortify-headers/")
(home-page "https://git.2f30.org/fortify-headers/")
(synopsis "Standalone fortify-source implementation")
(description
"This is a standalone implementation of fortify source. It provides
compile time buffer checks. It is libc-agnostic and simply overlays the
system headers by using the @code{#include_next} extension found in GCC. It was
initially intended to be used on musl based Linux distributions.
initially intended to be used on musl-based Linux distributions.
@itemize
@item It is portable, works on *BSD, Linux, Solaris and possibly others.
@item It will only trap non-conformant programs. This means that fortify
level 2 is treated in the same way as level 1.
@item Avoids making function calls when undefined behaviour has already been
invoked. This is handled by using __builtin_trap().
@item Support for out-of-bounds read interfaces, such as send(), write(),
fwrite() etc.
invoked. This is handled by using @code{__builtin_trap()}.
@item Support for out-of-bounds read interfaces, such as @code{send()},
@code{write()}, @code{fwrite()}, etc.
@item No ABI is enforced. All of the fortify check functions are inlined
into the resulting binary.
@end itemize\n")
@ -608,7 +608,7 @@ initially intended to be used on musl based Linux distributions.
(source
(origin
(method url-fetch)
(uri (string-append "http://dl.2f30.org/releases/"
(uri (string-append "https://dl.2f30.org/releases/"
name "-" version ".tar.gz"))
(sha256
(base32
@ -623,7 +623,7 @@ initially intended to be used on musl based Linux distributions.
(delete 'configure)))) ; No configure script
(inputs
`(("libpng" ,libpng)))
(home-page "http://git.2f30.org/colors/")
(home-page "https://git.2f30.org/colors/")
(synopsis "Extract colors from pictures")
(description
"Extract colors from PNG files. It is similar to

View File

@ -442,6 +442,11 @@ required structures.")
(base32
"0c4awq45cl757fv7f7f75i5i0ibc6v7ns13n7xvfak7chv2lrqql"))))
(build-system gnu-build-system)
(arguments
;; Do as if 'getentropy' was missing since older Linux kernels lack it
;; and libc would return ENOSYS, which is not properly handled.
;; See <https://lists.gnu.org/archive/html/guix-devel/2017-04/msg00235.html>.
'(#:configure-flags '("ac_cv_func_getentropy=no")))
(native-search-paths
;; FIXME: These two variables must designate a single file or directory
;; and are not actually "search paths." In practice it works OK in

View File

@ -2,6 +2,7 @@
;;; Copyright © 2013 Cyril Roelandt <tipecaml@gmail.com>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Matthew Jordan <matthewjordandevops@yandex.com>
;;; Copyright © 2017 Vasile Dumitrascu <va511e@yahoo.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -32,7 +33,7 @@
(define-public tmux
(package
(name "tmux")
(version "2.3")
(version "2.4")
(source (origin
(method url-fetch)
(uri (string-append
@ -40,7 +41,7 @@
version "/tmux-" version ".tar.gz"))
(sha256
(base32
"0aw5fcav8pa70ym391n4g6mh5vir34x35xhb09zdwhhg5w9kwcam"))))
"0jdkk7vncwabrp85lw3msh2y02dc2k0qz5h4hka9s38x4c9nnzbm"))))
(build-system gnu-build-system)
(inputs
`(("libevent" ,libevent)

View File

@ -28,14 +28,14 @@
(define-public miniupnpc
(package
(name "miniupnpc")
(version "2.0.20161216")
(version "2.0.20170421")
(source
(origin
(method url-fetch)
(uri (string-append "https://miniupnp.tuxfamily.org/files/"
name "-" version ".tar.gz"))
(sha256
(base32 "0gpxva9jkjvqwawff5y51r6bmsmdhixl3i5bmzlqsqpwsq449q81"))))
(base32 "0n11m2wq812zms5b21h8ihw1kbyaihj9nqjiida0hskf4dmw4m13"))))
(build-system gnu-build-system)
(native-inputs
`(("python" ,python-2)))
@ -45,8 +45,7 @@
;; the configure phase.
'(#:make-flags
(list
(string-append
"SH=" (assoc-ref %build-inputs "bash") "/bin/sh")
(string-append "SH=" (assoc-ref %build-inputs "bash") "/bin/sh")
(string-append "INSTALLPREFIX=" (assoc-ref %outputs "out"))
"CC=gcc"
@ -65,11 +64,12 @@
(synopsis "UPnP protocol client library")
(description
"The MiniUPnPc client library facilitates access to the services provided
by any Universal Plug and Play (UPnP) Internet Gateway Device (IGD) present on
the network. In UPnP terminology, MiniUPnPc is a UPnP Control Point. It is
useful whenever an application needs to listen for incoming connections while
running behind a UPnP-enabled router or firewall. Such applications include
peer-to-peer applications, active-mode FTP clients, DCC file transfers over
IRC, instant messaging, network games, and most server software.")
by any @dfn{Universal Plug and Play} (UPnP) @dfn{Internet Gateway Device} (IGD)
present on the network. In UPnP terminology, MiniUPnPc is a UPnP Control Point.
It is useful whenever an application needs to listen for incoming connections
while running behind a UPnP-enabled router or firewall. Such applications
include peer-to-peer applications, active-mode FTP clients, DCC file transfers
over IRC, instant messaging, network games, and most server software.")
(license
(x11-style "file://LICENSE" "See 'LICENSE' file in the distribution"))))

View File

@ -11,6 +11,8 @@
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Vasile Dumitrascu <va511e@yahoo.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -167,7 +169,7 @@ as well as the classic centralized workflow.")
;; By default 'make install' creates hard links for
;; things in 'libexec/git-core', which leads to huge
;; nars; see <http://bugs.gnu.org/21949>.
;; nars; see <https://bugs.gnu.org/21949>.
"NO_INSTALL_HARDLINKS=indeed")
#:test-target "test"
#:tests? #f ; FIXME: Many tests are failing
@ -305,21 +307,21 @@ as well as the classic centralized workflow.")
"Git is a free distributed version control system designed to handle
everything from small to very large projects with speed and efficiency.")
(license license:gpl2)
(home-page "http://git-scm.com/")))
(home-page "https://git-scm.com/")))
;; Some dependent packages directly access internal interfaces which
;; have changed in 2.10
(define-public git@2.9
;; have changed in 2.12
(define-public git@2.10
(package
(inherit git)
(version "2.9.3")
(version "2.10.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://kernel.org/software/scm/git/git-"
version ".tar.xz"))
(sha256
(base32
"0qzs681a64k3shh5p0rg41l1z16fbk5sj0xga45k34hp1hsp654z"))))))
"0wc64dzcxrzgi6kwcljz6y3cwm3ajdgf6aws7g58azbhvl1jk04l"))))))
(define-public libgit2
(package
@ -411,11 +413,11 @@ write native speed custom Git applications in any language with bindings.")
(home-page "https://www.agwa.name/projects/git-crypt")
(synopsis "Transparent encryption of files in a git repository")
(description "git-crypt enables transparent encryption and decryption of
files in a git repository. Files which you choose to protect are encrypted when
committed, and decrypted when checked out. git-crypt lets you freely share a
repository containing a mix of public and private content. git-crypt gracefully
files in a git repository. Files which you choose to protect are encrypted when
committed, and decrypted when checked out. git-crypt lets you freely share a
repository containing a mix of public and private content. git-crypt gracefully
degrades, so developers without the secret key can still clone and commit to a
repository with encrypted files. This lets you store your secret material (such
repository with encrypted files. This lets you store your secret material (such
as keys or passwords) in the same repository as your code, without requiring you
to lock down your entire repository.")
(license license:gpl3+)))
@ -423,7 +425,7 @@ to lock down your entire repository.")
(define-public cgit
(package
(name "cgit")
(version "1.0")
(version "1.1")
(source (origin
(method url-fetch)
(uri (string-append
@ -431,7 +433,7 @@ to lock down your entire repository.")
version ".tar.xz"))
(sha256
(base32
"0kbh835p7dl4h88qv55fyfh1za09cgnqh63rii325w9215hm95x8"))))
"142qcgs8dwnzhymn0a7xx47p9fc2z5wrb86ah4a9iz0mpqlsz288"))))
(build-system gnu-build-system)
(arguments
'(#:tests? #f ; XXX: fail to build the in-source git.
@ -467,7 +469,7 @@ to lock down your entire repository.")
;; For building manpage.
`(("asciidoc" ,asciidoc)))
(inputs
`(("git:src" ,(package-source git@2.9))
`(("git:src" ,(package-source git@2.10))
("openssl" ,openssl)
("zlib" ,zlib)))
(home-page "https://git.zx2c4.com/cgit/")
@ -685,14 +687,14 @@ and offers an easy and intuitive interface.")
(define-public neon
(package
(name "neon")
(version "0.30.1")
(version "0.30.2")
(source (origin
(method url-fetch)
(uri (string-append "http://www.webdav.org/neon/neon-"
version ".tar.gz"))
(sha256
(base32
"1pawhk02x728xn396a1kcivy9gqm94srmgad6ymr9l0qvk02dih0"))))
"1jpvczcx658vimqm7c8my2q41fnmjaf1j03g7bsli6rjxk6xh2yv"))))
(build-system gnu-build-system)
(native-inputs
`(("perl" ,perl)
@ -712,22 +714,25 @@ and offers an easy and intuitive interface.")
"--with-ssl=openssl")))
(home-page "http://www.webdav.org/neon/")
(synopsis "HTTP and WebDAV client library")
(description "Neon is an HTTP and WebDAV client library, with a
C interface. Features:
High-level wrappers for common HTTP and WebDAV operations (GET, MOVE,
DELETE, etc.);
low-level interface to the HTTP request/response engine, allowing the use
of arbitrary HTTP methods, headers, etc.;
authentication support including Basic and Digest support, along with
GSSAPI-based Negotiate on Unix, and SSPI-based Negotiate/NTLM on Win32;
SSL/TLS support using OpenSSL or GnuTLS, exposing an abstraction layer for
verifying server certificates, handling client certificates, and examining
certificate properties, smartcard-based client certificates are also
supported via a PKCS#11 wrapper interface;
abstract interface to parsing XML using libxml2 or expat, and wrappers for
simplifying handling XML HTTP response bodies;
WebDAV metadata support, wrappers for PROPFIND and PROPPATCH to simplify
property manipulation.")
(description
"Neon is an HTTP and WebDAV client library, with a C interface and the
following features:
@enumerate
@item High-level wrappers for common HTTP and WebDAV operations (GET, MOVE,
DELETE, etc.);
@item low-level interface to the HTTP request/response engine, allowing the use
of arbitrary HTTP methods, headers, etc.;
@item authentication support including Basic and Digest support, along with
GSSAPI-based Negotiate on Unix, and SSPI-based Negotiate/NTLM on Win32;
@item SSL/TLS support using OpenSSL or GnuTLS, exposing an abstraction layer for
verifying server certificates, handling client certificates, and examining
certificate properties, smartcard-based client certificates are also
supported via a PKCS#11 wrapper interface;
@item abstract interface to parsing XML using libxml2 or expat, and wrappers for
simplifying handling XML HTTP response bodies;
@item WebDAV metadata support, wrappers for PROPFIND and PROPPATCH to simplify
property manipulation.
@end enumerate\n")
(license license:gpl2+))) ; for documentation and tests; source under lgpl2.0+
(define-public subversion
@ -829,7 +834,7 @@ machine.")
(source (origin
(method url-fetch)
(uri (string-append
"http://ftp.gnu.org/non-gnu/cvs/source/feature/"
"https://ftp.gnu.org/non-gnu/cvs/source/feature/"
version "/cvs-" version ".tar.bz2"))
(sha256
(base32
@ -914,22 +919,25 @@ standards-compliant ChangeLog entries based on the changes that it detects.")
(define-public diffstat
(package
(name "diffstat")
(version "1.58")
(version "1.61")
(source (origin
(method url-fetch)
(uri (string-append
"ftp://invisible-island.net/diffstat/diffstat-"
version ".tgz"))
(uri
(list
(string-append "ftp://invisible-island.net/diffstat/"
name "-" version ".tgz")
(string-append "http://invisible-mirror.net/archives/diffstat/"
name "-" version ".tgz")))
(sha256
(base32
"14rpf5c05ff30f6vn6pn6pzy0k4g4is5im656ahsxff3k58i7mgs"))))
"1vjmda2zfjxg0qkaj8hfqa8g6bfwnn1ja8696rxrjgqq4w69wd95"))))
(build-system gnu-build-system)
(home-page "http://invisible-island.net/diffstat/")
(synopsis "Make histograms from the output of 'diff'")
(synopsis "Make histograms from the output of @command{diff}")
(description
"Diffstat reads the output of 'diff' and displays a histogram of the
insertions, deletions, and modifications per-file. It is useful for reviewing
large, complex patch files.")
"Diffstat reads the output of @command{diff} and displays a histogram of
the insertions, deletions, and modifications per file. It is useful for
reviewing large, complex patch files.")
(license (license:x11-style "file://COPYING"))))
(define-public cssc
@ -1289,7 +1297,7 @@ a built-in wiki, built-in file browsing, built-in tickets system, etc.")
(version "0.5")
(source (origin
(method url-fetch)
(uri (string-append "http://dl.2f30.org/releases/"
(uri (string-append "https://dl.2f30.org/releases/"
name "-" version ".tar.gz"))
(sha256
(base32
@ -1304,7 +1312,7 @@ a built-in wiki, built-in file browsing, built-in tickets system, etc.")
(delete 'configure)))) ; No configure script
(inputs
`(("libgit2" ,libgit2)))
(home-page "http://2f30.org")
(home-page "https://2f30.org/")
(synopsis "Static git page generator")
(description "Stagit creates static pages for git repositories, the results can
be served with a HTTP file server of your choice.")

View File

@ -457,14 +457,14 @@ standards (MPEG-2, MPEG-4 ASP/H.263, MPEG-4 AVC/H.264, and VC-1/VMW3).")
(define-public ffmpeg
(package
(name "ffmpeg")
(version "3.2.4")
(version "3.3")
(source (origin
(method url-fetch)
(uri (string-append "https://ffmpeg.org/releases/ffmpeg-"
version ".tar.xz"))
(sha256
(base32
"0ymg1mkg1n0770gmjfqp79p5ijxq04smfrsrrxc8pjc0y0agyf3f"))))
"17anx7rnbi63if1ndr61836lf76dpn47n0y424hc48bj05y7z7jr"))))
(build-system gnu-build-system)
(inputs
`(("fontconfig" ,fontconfig)
@ -577,7 +577,6 @@ standards (MPEG-2, MPEG-4 ASP/H.263, MPEG-4 AVC/H.264, and VC-1/VMW3).")
"--enable-libx265"
"--enable-openal"
"--enable-opengl"
"--enable-x11grab"
"--enable-runtime-cpudetect"

View File

@ -3453,13 +3453,13 @@ LaTeX.")
(define-public r-curl
(package
(name "r-curl")
(version "2.4")
(version "2.5")
(source (origin
(method url-fetch)
(uri (cran-uri "curl" version))
(sha256
(base32
"0j1i24irpn4hvpcs61rzq0n19rmgmn29v48qc36csjk3r661l4pm"))))
"09p86i5f88gx1i7cidm1ka56g0jjkghqfam96p1jhwlh2fv6nrks"))))
(build-system r-build-system)
(arguments
`(#:phases

View File

@ -2995,7 +2995,7 @@ supported, and the RENDER extension is not accelerated by this driver.")
(define-public xf86-video-nouveau
(package
(name "xf86-video-nouveau")
(version "1.0.14")
(version "1.0.15")
(source
(origin
(method url-fetch)
@ -3005,11 +3005,11 @@ supported, and the RENDER extension is not accelerated by this driver.")
".tar.bz2"))
(sha256
(base32
"1h9izq510m2pvg77d0y9krc0cvvbhp2y3xlrrz6id7y47jdzkpsd"))))
"0k0xah72ryjwak4dc4crszxrlkmi9x1s7p3sd4la642n77yi1pmf"))))
(build-system gnu-build-system)
(inputs `(("xorg-server" ,xorg-server)))
(native-inputs `(("pkg-config" ,pkg-config)))
(home-page "http://nouveau.freedesktop.org")
(home-page "https://nouveau.freedesktop.org")
(synopsis "NVIDIA video driver for X server")
(description
"This package provides modern, high-quality Xorg drivers for NVIDIA
@ -5105,13 +5105,16 @@ communicates with the user via graphical controls such as buttons and
draggable titlebars and borders.")
(license license:x11)))
;;; This package is intended to be used when building GTK+.
;; This package is intended to be used when building GTK+.
;; Note: It's currently marked as "hidden" to avoid having two non-eq?
;; packages with the same name and version.
(define-public xorg-server-1.19.3
(package
(inherit xorg-server)
(name "xorg-server")
(version "1.19.3")
(source
(hidden-package
(package
(inherit xorg-server)
(name "xorg-server")
(version "1.19.3")
(source
(origin
(method url-fetch)
(uri (string-append
@ -5119,7 +5122,7 @@ draggable titlebars and borders.")
name "-" version ".tar.bz2"))
(sha256
(base32
"162s1v901djr57gxmmk4airk8hiwcz79dqyz72972x1lw1k82yk7"))))))
"1fw4b2lf75nsqkiyhn95b1c2if1l3cw5a188a1szx1d8l7sbk2jg")))))))
(define-public xorg-server-xwayland
(package

View File

@ -129,6 +129,8 @@
guix-publish-configuration-host
guix-publish-configuration-compression-level
guix-publish-configuration-nar-path
guix-publish-configuration-cache
guix-publish-configuration-ttl
guix-publish-service
guix-publish-service-type
@ -1442,14 +1444,21 @@ failed to register hydra.gnu.org public key: ~a~%" status))))))))
(default 80))
(host guix-publish-configuration-host ;string
(default "localhost"))
(compression-level guix-publish-compression-level ;integer
(compression-level guix-publish-configuration-compression-level ;integer
(default 3))
(nar-path guix-publish-nar-path ;string
(default "nar")))
(nar-path guix-publish-configuration-nar-path ;string
(default "nar"))
(cache guix-publish-configuration-cache ;#f | string
(default #f))
(workers guix-publish-configuration-workers ;#f | integer
(default #f))
(ttl guix-publish-configuration-ttl ;#f | integer
(default #f)))
(define guix-publish-shepherd-service
(match-lambda
(($ <guix-publish-configuration> guix port host compression nar-path)
(($ <guix-publish-configuration> guix port host compression
nar-path cache workers ttl)
(list (shepherd-service
(provision '(guix-publish))
(requirement '(guix-daemon))
@ -1459,7 +1468,20 @@ failed to register hydra.gnu.org public key: ~a~%" status))))))))
"-p" #$(number->string port)
"-C" #$(number->string compression)
(string-append "--nar-path=" #$nar-path)
(string-append "--listen=" #$host))))
(string-append "--listen=" #$host)
#$@(if workers
#~((string-append "--workers="
#$(number->string
workers)))
#~())
#$@(if ttl
#~((string-append "--ttl="
#$(number->string ttl)
"s"))
#~())
#$@(if cache
#~((string-append "--cache=" #$cache))
#~()))))
(stop #~(make-kill-destructor)))))))
(define %guix-publish-accounts
@ -1472,13 +1494,29 @@ failed to register hydra.gnu.org public key: ~a~%" status))))))))
(home-directory "/var/empty")
(shell (file-append shadow "/sbin/nologin")))))
(define (guix-publish-activation config)
(let ((cache (guix-publish-configuration-cache config)))
(if cache
(with-imported-modules '((guix build utils))
#~(begin
(use-modules (guix build utils))
(mkdir-p #$cache)
(let* ((pw (getpw "guix-publish"))
(uid (passwd:uid pw))
(gid (passwd:gid pw)))
(chown #$cache uid gid))))
#t)))
(define guix-publish-service-type
(service-type (name 'guix-publish)
(extensions
(list (service-extension shepherd-root-service-type
guix-publish-shepherd-service)
(service-extension account-service-type
(const %guix-publish-accounts))))
(const %guix-publish-accounts))
(service-extension activation-service-type
guix-publish-activation)))
(default-value (guix-publish-configuration))))
(define* (guix-publish-service #:key (guix guix) (port 80) (host "localhost"))

View File

@ -35,6 +35,7 @@
#:use-module (guix gexp)
#:use-module (ice-9 match)
#:use-module (ice-9 format)
#:use-module (srfi srfi-1)
#:export (dovecot-service
dovecot-service-type
dovecot-configuration
@ -57,6 +58,8 @@
opensmtpd-service-type
%default-opensmtpd-config-file
mail-aliases-service-type
exim-configuration
exim-configuration?
exim-service-type
@ -1660,6 +1663,31 @@ accept from local for any relay
(service-extension shepherd-root-service-type
opensmtpd-shepherd-service)))))
;;;
;;; mail aliases.
;;;
(define (mail-aliases-etc aliases)
`(("aliases" ,(plain-file "aliases"
;; Ideally we'd use a format string like
;; "~:{~a: ~{~a~^,~}\n~}", but it gives a
;; warning that I can't figure out how to fix,
;; so we'll just use string-join below instead.
(format #f "~:{~a: ~a\n~}"
(map (match-lambda
((alias addresses ...)
(list alias (string-join addresses ","))))
aliases))))))
(define mail-aliases-service-type
(service-type
(name 'mail-aliases)
(extensions
(list (service-extension etc-service-type mail-aliases-etc)))
(compose concatenate)
(extend append)))
;;;
;;; Exim.
@ -1671,9 +1699,7 @@ accept from local for any relay
(package exim-configuration-package ;<package>
(default exim))
(config-file exim-configuration-config-file ;file-like
(default #f))
(aliases exim-configuration-aliases ;; list of lists
(default '())))
(default #f)))
(define %exim-accounts
(list (user-group
@ -1700,7 +1726,7 @@ exim_group = exim
(define exim-shepherd-service
(match-lambda
(($ <exim-configuration> package config-file aliases)
(($ <exim-configuration> package config-file)
(list (shepherd-service
(provision '(exim mta))
(documentation "Run the exim daemon.")
@ -1713,7 +1739,7 @@ exim_group = exim
(define exim-activation
(match-lambda
(($ <exim-configuration> package config-file aliases)
(($ <exim-configuration> package config-file)
(with-imported-modules '((guix build utils))
#~(begin
(use-modules (guix build utils))
@ -1726,20 +1752,6 @@ exim_group = exim
(zero? (system* #$(file-append package "/bin/exim")
"-bV" "-C" #$(exim-computed-config-file package config-file))))))))
(define exim-etc
(match-lambda
(($ <exim-configuration> package config-file aliases)
`(("aliases" ,(plain-file "aliases"
;; Ideally we'd use a format string like
;; "~:{~a: ~{~a~^,~}\n~}", but it gives a
;; warning that I can't figure out how to fix,
;; so we'll just use string-join below instead.
(format #f "~:{~a: ~a\n~}"
(map (lambda (entry)
(list (car entry)
(string-join (cdr entry) ",")))
aliases))))))))
(define exim-profile
(compose list exim-configuration-package))
@ -1751,4 +1763,4 @@ exim_group = exim
(service-extension account-service-type (const %exim-accounts))
(service-extension activation-service-type exim-activation)
(service-extension profile-service-type exim-profile)
(service-extension etc-service-type exim-etc)))))
(service-extension mail-aliases-service-type (const '()))))))

View File

@ -180,7 +180,7 @@ of index files."
(nginx-upstream-configuration-servers upstream)))
" }\n"))
(define (default-nginx-config log-directory run-directory server-list upstream-list)
(define (default-nginx-config nginx log-directory run-directory server-list upstream-list)
(mixed-text-file "nginx.conf"
"user nginx nginx;\n"
"pid " run-directory "/pid;\n"
@ -192,6 +192,7 @@ of index files."
" uwsgi_temp_path " run-directory "/uwsgi_temp;\n"
" scgi_temp_path " run-directory "/scgi_temp;\n"
" access_log " log-directory "/access.log;\n"
" include " nginx "/share/nginx/conf/mime.types;\n"
"\n"
(string-join
(filter (lambda (section) (not (null? section)))
@ -235,7 +236,7 @@ of index files."
;; Check configuration file syntax.
(system* (string-append #$nginx "/sbin/nginx")
"-c" #$(or config-file
(default-nginx-config log-directory
(default-nginx-config nginx log-directory
run-directory server-blocks upstream-blocks))
"-t")))))
@ -250,7 +251,7 @@ of index files."
(zero?
(system* #$nginx-binary "-c"
#$(or config-file
(default-nginx-config log-directory
(default-nginx-config nginx log-directory
run-directory server-blocks upstream-blocks))
#$@args))))))

View File

@ -73,7 +73,7 @@
operating-system-hosts-file
operating-system-kernel
operating-system-kernel-file
operating-system-kernel-arguments
operating-system-user-kernel-arguments
operating-system-initrd
operating-system-users
operating-system-groups
@ -129,7 +129,7 @@
operating-system?
(kernel operating-system-kernel ; package
(default linux-libre))
(kernel-arguments operating-system-kernel-arguments
(kernel-arguments operating-system-user-kernel-arguments
(default '())) ; list of gexps/strings
(bootloader operating-system-bootloader) ; <grub-configuration>
@ -278,7 +278,7 @@ value of the SYSTEM-SERVICE-TYPE service."
(mlet %store-monad
((kernel -> (operating-system-kernel os))
(initrd (operating-system-initrd-file os))
(params (operating-system-parameters-file os)))
(params (operating-system-boot-parameters-file os)))
(return `(("kernel" ,kernel)
("parameters" ,params)
("initrd" ,initrd)
@ -385,7 +385,7 @@ explicitly appear in OS."
;; The packages below are also in %FINAL-INPUTS, so take them from
;; there to avoid duplication.
(map canonical-package
(list guile-2.0 bash coreutils findutils grep sed
(list guile-2.0 bash coreutils-8.27 findutils grep sed
diffutils patch gawk tar gzip bzip2 xz lzip))))
(define %default-issue
@ -756,7 +756,7 @@ populate the \"old entries\" menu."
#~(string-append "--system=" #$system)
#~(string-append "--load=" #$system
"/boot")
(operating-system-kernel-arguments os)))
(operating-system-user-kernel-arguments os)))
(initrd initrd)))))
(grub-configuration-file (operating-system-bootloader os) entries
#:old-entries old-entries)))
@ -769,7 +769,7 @@ device in a <menu-entry>."
((label) (file-system-device fs))
(else #f)))
(define (operating-system-parameters-file os)
(define (operating-system-boot-parameters-file os)
"Return a file that describes the boot parameters of OS. The primary use of
this file is the reconstruction of GRUB menu entries for old configurations."
(mlet %store-monad ((initrd (operating-system-initrd-file os))
@ -784,7 +784,7 @@ this file is the reconstruction of GRUB menu entries for old configurations."
(root-device #$(file-system-device root))
(kernel #$(operating-system-kernel-file os))
(kernel-arguments
#$(operating-system-kernel-arguments os))
#$(operating-system-user-kernel-arguments os))
(initrd #$initrd)
(store
(device #$(fs->boot-device store))

View File

@ -494,7 +494,7 @@ it is mostly useful when FULL-BOOT? is true."
(string-append "--system=" #$os-drv)
(string-append "--load=" #$os-drv "/boot")
#$@(if graphic? #~() #~("console=ttyS0"))
#+@(operating-system-kernel-arguments os)))
#+@(operating-system-user-kernel-arguments os)))
(define qemu-exec
#~(list (string-append #$qemu "/bin/" #$(qemu-command (%current-system)))

View File

@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016 Sou Bunnbu <iyzsong@member.fsf.org>
;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au>
;;;
;;; This file is part of GNU Guix.
;;;
@ -26,7 +27,9 @@
#:use-module (guix gexp)
#:use-module (guix monads)
#:use-module (guix store)
#:export (%test-opensmtpd))
#:use-module (ice-9 ftw)
#:export (%test-opensmtpd
%test-exim))
(define %opensmtpd-os
(simple-operating-system
@ -146,3 +149,133 @@ accept from any for local deliver to mbox
(name "opensmtpd")
(description "Send an email to a running OpenSMTPD server.")
(value (run-opensmtpd-test))))
(define %exim-os
(simple-operating-system
(dhcp-client-service)
(service mail-aliases-service-type '())
(service exim-service-type
(exim-configuration
(config-file
(plain-file "exim.conf" "
primary_hostname = komputilo
domainlist local_domains = @
domainlist relay_to_domains =
hostlist relay_from_hosts = localhost
never_users =
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
begin acl
acl_check_rcpt:
accept
acl_check_data:
accept
"))))))
(define (run-exim-test)
"Return a test of an OS running an Exim service."
(mlet* %store-monad ((command (system-qemu-image/shared-store-script
(marionette-operating-system
%exim-os
#:imported-modules '((gnu services herd)))
#:graphic? #f)))
(define test
(with-imported-modules '((gnu build marionette)
(ice-9 ftw))
#~(begin
(use-modules (rnrs base)
(srfi srfi-64)
(ice-9 ftw)
(ice-9 rdelim)
(ice-9 regex)
(gnu build marionette))
(define marionette
(make-marionette
;; Enable TCP forwarding of the guest's port 25.
'(#$command "-net" "user,hostfwd=tcp::1025-:25")))
(define (read-reply-code port)
"Read a SMTP reply from PORT and return its reply code."
(let* ((line (read-line port))
(mo (string-match "([0-9]+)([ -]).*" line))
(code (string->number (match:substring mo 1)))
(finished? (string= " " (match:substring mo 2))))
(if finished?
code
(read-reply-code port))))
(define smtp (socket AF_INET SOCK_STREAM 0))
(define addr (make-socket-address AF_INET INADDR_LOOPBACK 1025))
(mkdir #$output)
(chdir #$output)
(test-begin "exim")
(test-assert "service is running"
(marionette-eval
'(begin
(use-modules (gnu services herd))
(start-service 'exim)
#t)
marionette))
(sleep 1) ;; give the service time to start talking
(connect smtp addr)
;; Be greeted.
(test-eq "greeting received"
220 (read-reply-code smtp))
;; Greet the server.
(write-line "EHLO somehost" smtp)
(test-eq "greeting successful"
250 (read-reply-code smtp))
;; Set sender email.
(write-line "MAIL FROM: test@example.com" smtp)
(test-eq "sender set"
250 (read-reply-code smtp)) ;250
;; Set recipient email.
(write-line "RCPT TO: root@komputilo" smtp)
(test-eq "recipient set"
250 (read-reply-code smtp)) ;250
;; Send message.
(write-line "DATA" smtp)
(test-eq "data begun"
354 (read-reply-code smtp)) ;354
(write-line "Subject: Hello" smtp)
(newline smtp)
(write-line "Nice to meet you!" smtp)
(write-line "." smtp)
(test-eq "message sent"
250 (read-reply-code smtp)) ;250
;; Say goodbye.
(write-line "QUIT" smtp)
(test-eq "quit successful"
221 (read-reply-code smtp)) ;221
(close smtp)
(test-eq "the email is received"
1
(marionette-eval
'(begin
(use-modules (ice-9 ftw))
(length (scandir "/var/spool/exim/msglog"
(lambda (x) (not (string-prefix? "." x))))))
marionette))
(test-end)
(exit (= (test-runner-fail-count (test-runner-current)) 0)))))
(gexp->derivation "exim-test" test)))
(define %test-exim
(system-test
(name "exim")
(description "Send an email to a running an Exim server.")
(value (run-exim-test))))

Some files were not shown because too many files have changed in this diff Show More