From 49c2665f7b3a9c93634175774f6d9475255f57e9 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 14 Nov 2016 23:20:19 +0100 Subject: [PATCH 001/161] gnu: Add pcb-rnd. * gnu/packages/engineering.scm (pcb-rnd): New variable. --- gnu/packages/engineering.scm | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/gnu/packages/engineering.scm b/gnu/packages/engineering.scm index b4d9af041a..f720906534 100644 --- a/gnu/packages/engineering.scm +++ b/gnu/packages/engineering.scm @@ -218,6 +218,33 @@ and design rule checking. It also includes an autorouter and a trace optimizer; and it can produce photorealistic and design review images.") (license license:gpl2+))) +(define-public pcb-rnd + (package (inherit pcb) + (name "pcb-rnd") + (version "1.1.3") + (source (origin + (method url-fetch) + (uri (string-append "http://repo.hu/projects/pcb-rnd/releases/" + "pcb-rnd-" version ".tar.gz")) + (sha256 + (base32 + "0pycynla60b96jkb6fh6f4sx663pqbzjwnixhw5ym8sym2absm09")))) + (arguments + `(#:tests? #f ; no check target + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'cc-is-gcc + (lambda _ (setenv "CC" "gcc") #t)) + (replace 'configure + ;; The configure script doesn't tolerate most of our configure flags. + (lambda* (#:key outputs #:allow-other-keys) + (zero? (system* "sh" "configure" + (string-append "--prefix=" + (assoc-ref outputs "out"))))))))) + (home-page "http://repo.hu/projects/pcb-rnd/") + (description "PCB RND is a fork of the GNU PCB circuit board editing tool +featuring various improvements and bug fixes."))) + (define-public fastcap (package (name "fastcap") From 84590149e6873d640b96997fb95cc57359a1aeeb Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Tue, 15 Nov 2016 19:40:06 +0100 Subject: [PATCH 002/161] gnu: hisat: Fix typo. * gnu/packages/bioinformatics.scm (hisat)[arguments]: Fix directory name in install phase. --- gnu/packages/bioinformatics.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index 5444f0a2a1..64c7bbad36 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -2739,7 +2739,7 @@ estimates transcript expression.") (alist-replace 'install (lambda* (#:key outputs #:allow-other-keys) - (let ((bin (string-append (assoc-ref outputs "out") "/bi/"))) + (let ((bin (string-append (assoc-ref outputs "out") "/bin/"))) (for-each (lambda (file) (install-file file bin)) (find-files From bb6e641588f4285c034f5610a69a239f4d5e5c1c Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Tue, 15 Nov 2016 00:08:11 +0100 Subject: [PATCH 003/161] gnu: Add httptunnel. * gnu/packages/web.scm (httptunnel): New variable. --- gnu/packages/web.scm | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 81f861a905..063a8a9a15 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -15,6 +15,7 @@ ;;; Copyright © 2016 Clément Lassieur ;;; Copyright © 2016 ng0 ;;; Copyright © 2016 Arun Isaac +;;; Copyright © 2016 Tobias Geerinckx-Rice ;;; ;;; This file is part of GNU Guix. ;;; @@ -3830,3 +3831,40 @@ runs in a terminal or through your browser. It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly.") (license l:x11))) + +(define-public httptunnel + (package + (name "httptunnel") + (version "3.3") + (source + (origin + (method url-fetch) + (uri (string-append "http://www.nocrew.org/software/httptunnel/" + name "-" version ".tar.gz")) + (sha256 + (base32 + "0mn5s6p68n32xzadz6ds5i6bp44dyxzkq68r1yljlv470jr84bql")) + (modules '((guix build utils))) + (snippet + ;; Remove non-free IETF RFC documentation. + '(delete-file-recursively "doc")))) + (build-system gnu-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + ;; The default configure phase tries to pass environment variables as + ;; command-line arguments, which confuses the ./configure script. + (replace 'configure + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out"))) + (setenv "CONFIG_SHELL" (which "bash")) + (zero? (system* "./configure" + (string-append "--prefix=" out))))))))) + (home-page "http://www.nocrew.org/software/httptunnel.html") + (synopsis "Tunnel data connections through HTTP requests") + (description "httptunnel creates a bidirectional virtual data connection +tunnelled through HTTP (HyperText Transfer Protocol) requests. This can be +useful for users behind restrictive firewalls. As long as Web traffic is +allowed, even through a HTTP-only proxy, httptunnel can be combined with other +tools like SSH (Secure Shell) to reach the outside world.") + (license l:gpl2+))) From e1b0b8f5b712ecd5353100e8734ee22896869469 Mon Sep 17 00:00:00 2001 From: ng0 Date: Tue, 15 Nov 2016 19:18:15 +0000 Subject: [PATCH 004/161] gnu: Fix name for ng0. * gnu/packages/gnupg.scm: Change name in copyright header. --- gnu/packages/gnupg.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm index 82932489de..fccaa9708f 100644 --- a/gnu/packages/gnupg.scm +++ b/gnu/packages/gnupg.scm @@ -7,7 +7,7 @@ ;;; Copyright © 2015, 2016 Efraim Flashner ;;; Copyright © 2015, 2016 Ricardo Wurmus ;;; Copyright © 2016 Christopher Allan Webber -;;; Copyright © 2016 Nils Gillmann +;;; Copyright © 2016 ng0 ;;; Copyright © 2016 Christopher Baines ;;; Copyright © 2016 Mike Gerwitz ;;; From 7d154949c9f23fb51fac0b510c0c6098dba59861 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Wed, 16 Nov 2016 00:06:46 -0500 Subject: [PATCH 005/161] gnu: linux-libre@4.4: Update to 4.4.32. * gnu/packages/linux.scm (linux-libre-4.4): Update to 4.4.32. --- gnu/packages/linux.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 37db1e9055..b1a666dbb4 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -333,8 +333,8 @@ It has been modified to remove all non-free binary blobs.") #:configuration-file kernel-config)) (define-public linux-libre-4.4 - (make-linux-libre "4.4.31" - "1s4xdllvxw02g4yqlafcacgsgdpxccf6dlqafpqffm873q1y9n4d" + (make-linux-libre "4.4.32" + "0xva00ccdx66pd25i88g4j4r7w5i3n12hq5biyapwir8izni58hv" %intel-compatible-systems #:configuration-file kernel-config)) From d55019136eb8d3df39d499e9e5c486473f140235 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Wed, 16 Nov 2016 00:07:54 -0500 Subject: [PATCH 006/161] gnu: linux-libre: Update to 4.8.8. * gnu/packages/linux.scm (%linux-libre-version, %linux-libre-hash) (linux-libre): Update to 4.8.8. --- gnu/packages/linux.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index b1a666dbb4..9518de4782 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -327,8 +327,8 @@ It has been modified to remove all non-free binary blobs.") (define %intel-compatible-systems '("x86_64-linux" "i686-linux")) (define-public linux-libre - (make-linux-libre "4.8.7" - "1jbwm131zv59iyr6qw7qcbcfz49qqb2hhx30230gb99flyc5h4hg" + (make-linux-libre "4.8.8" + "0gy3i0841yqz1c5441jcvjivy8afx2xf8m3cjbx6wymg8b1bc4c3" %intel-compatible-systems #:configuration-file kernel-config)) @@ -345,8 +345,8 @@ It has been modified to remove all non-free binary blobs.") #:configuration-file kernel-config)) ;; Avoid rebuilding kernel variants when there is a minor version bump. -(define %linux-libre-version "4.8.7") -(define %linux-libre-hash "1jbwm131zv59iyr6qw7qcbcfz49qqb2hhx30230gb99flyc5h4hg") +(define %linux-libre-version "4.8.8") +(define %linux-libre-hash "0gy3i0841yqz1c5441jcvjivy8afx2xf8m3cjbx6wymg8b1bc4c3") (define-public linux-libre-arm-generic (make-linux-libre %linux-libre-version From eb4b3e4bef412647e1c2756123b8a687996a04e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=AE=8B=E6=96=87=E6=AD=A6?= Date: Wed, 16 Nov 2016 21:00:40 +0800 Subject: [PATCH 007/161] gnu: opensmtpd: Update to 6.0.2p1. * gnu/packages/mail.scm (opensmtpd): Update to 6.0.2p1. [arguments]: Pass '--with-path-sock=/var/run' to #:configure-flags. --- gnu/packages/mail.scm | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index a485c1f5c3..5d304d5c8f 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -1605,14 +1605,14 @@ transfer protocols.") (define-public opensmtpd (package (name "opensmtpd") - (version "5.9.2p1") + (version "6.0.2p1") (source (origin (method url-fetch) (uri (string-append "https://www.opensmtpd.org/archives/" name "-" version ".tar.gz")) (sha256 (base32 - "07d7f1m5sxyz6mkk228rcm7fsf7350994ayvmhgph333q5rz48im")))) + "1b4h64w45hpmfq5721smhg4s0shs64gbcjqjpx3fbiw4hz8bdy9a")))) (build-system gnu-build-system) (inputs `(("bdb" ,bdb) @@ -1626,7 +1626,8 @@ transfer protocols.") (arguments `(#:configure-flags (list "--with-table-db" "--localstatedir=/var" "--with-user-smtpd=smtpd" "--with-user-queue=smtpq" - "--with-group-queue=smtpq") + "--with-group-queue=smtpq" + "--with-path-socket=/var/run") #:phases (modify-phases %standard-phases ;; OpenSMTPD provides a single utility smtpctl to control the daemon and From 1bcc87bb685b7985512add221f10e4cb58b5f6f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sat, 29 Oct 2016 01:16:24 +0200 Subject: [PATCH 008/161] guix download: Add '-o' option. * guix/scripts/download.scm (download-to-file, download-to-store*): New procedures. (%default-options): Add 'download-proc'. (show-help): Adjust description and document '-o'. (%options): Add '-o'. (guix-download): Remove 'store' variable. Add 'fetch' and define 'path' to as its result. * tests/guix-download.sh: Add test. --- doc/guix.texi | 4 +++ guix/scripts/download.scm | 58 ++++++++++++++++++++++++++------------- tests/guix-download.sh | 9 +++++- 3 files changed, 51 insertions(+), 20 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index a3eba5811e..1a809c340d 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -4836,6 +4836,10 @@ When using this option, you have @emph{absolutely no guarantee} that you are communicating with the authentic server responsible for the given URL, which makes you vulnerable to ``man-in-the-middle'' attacks. +@item --output=@var{file} +@itemx -o @var{file} +Save the downloaded file to @var{file} instead of adding it to the +store. @end table @node Invoking guix hash diff --git a/guix/scripts/download.scm b/guix/scripts/download.scm index ec30b05ac0..dffff79729 100644 --- a/guix/scripts/download.scm +++ b/guix/scripts/download.scm @@ -23,12 +23,15 @@ #:use-module (guix hash) #:use-module (guix utils) #:use-module (guix base32) - #:use-module (guix download) - #:use-module ((guix build download) #:select (current-terminal-columns)) - #:use-module ((guix build syscalls) #:select (terminal-columns)) + #:use-module ((guix download) #:hide (url-fetch)) + #:use-module ((guix build download) + #:select (url-fetch current-terminal-columns)) + #:use-module ((guix build syscalls) + #:select (terminal-columns)) #:use-module (web uri) #:use-module (ice-9 match) #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26) #:use-module (srfi srfi-37) #:use-module (rnrs bytevectors) #:use-module (ice-9 binary-ports) @@ -39,15 +42,31 @@ ;;; Command-line options. ;;; +(define (download-to-file url file) + "Download the file at URI to FILE. Return FILE." + (let ((uri (string->uri url))) + (match (uri-scheme uri) + ((or 'file #f) + (copy-file (uri-path uri) file)) + (_ + (url-fetch url file))) + file)) + +(define* (download-to-store* url #:key (verify-certificate? #t)) + (with-store store + (download-to-store store url + #:verify-certificate? verify-certificate?))) + (define %default-options ;; Alist of default option values. `((format . ,bytevector->nix-base32-string) - (verify-certificate? . #t))) + (verify-certificate? . #t) + (download-proc . ,download-to-store*))) (define (show-help) (display (_ "Usage: guix download [OPTION] URL -Download the file at URL, add it to the store, and print its store path -and the hash of its contents. +Download the file at URL to the store or to the given file, and print its +file name and the hash of its contents. Supported formats: 'nix-base32' (default), 'base32', and 'base16' ('hex' and 'hexadecimal' can be used as well).\n")) @@ -56,6 +75,8 @@ Supported formats: 'nix-base32' (default), 'base32', and 'base16' (format #t (_ " --no-check-certificate do not validate the certificate of HTTPS servers ")) + (format #f (_ " + -o, --output=FILE download to FILE")) (newline) (display (_ " -h, --help display this help and exit")) @@ -84,6 +105,12 @@ Supported formats: 'nix-base32' (default), 'base32', and 'base16' (option '("no-check-certificate") #f #f (lambda (opt name arg result) (alist-cons 'verify-certificate? #f result))) + (option '(#\o "output") #t #f + (lambda (opt name arg result) + (alist-cons 'download-proc + (lambda* (url #:key verify-certificate?) + (download-to-file url arg)) + (alist-delete 'download result)))) (option '(#\h "help") #f #f (lambda args @@ -113,24 +140,17 @@ Supported formats: 'nix-base32' (default), 'base32', and 'base16' (with-error-handling (let* ((opts (parse-options)) - (store (open-connection)) (arg (or (assq-ref opts 'argument) (leave (_ "no download URI was specified~%")))) (uri (or (string->uri arg) (leave (_ "~a: failed to parse URI~%") arg))) - (path (case (uri-scheme uri) - ((file) - (add-to-store store (basename (uri-path uri)) - #f "sha256" (uri-path uri))) - (else - (parameterize ((current-terminal-columns - (terminal-columns))) - (download-to-store store (uri->string uri) - (basename (uri-path uri)) - #:verify-certificate? - (assoc-ref opts - 'verify-certificate?)))))) + (fetch (assq-ref opts 'download-proc)) + (path (parameterize ((current-terminal-columns + (terminal-columns))) + (fetch arg + #:verify-certificate? + (assq-ref opts 'verify-certificate?)))) (hash (call-with-input-file (or path (leave (_ "~a: download failed~%") diff --git a/tests/guix-download.sh b/tests/guix-download.sh index 6283772c48..ebc853c7fa 100644 --- a/tests/guix-download.sh +++ b/tests/guix-download.sh @@ -1,5 +1,5 @@ # GNU Guix --- Functional package management for GNU -# Copyright © 2012, 2015 Ludovic Courtès +# Copyright © 2012, 2015, 2016 Ludovic Courtès # # This file is part of GNU Guix. # @@ -35,6 +35,13 @@ then false; else true; fi # This one should succeed. guix download "file://$abs_top_srcdir/README" +# This one too, even if it cannot talk to the daemon. +output="t-download-$$" +trap 'rm -f "$output"' EXIT +GUIX_DAEMON_SOCKET="/nowhere" guix download -o "$output" \ + "file://$abs_top_srcdir/README" +cmp "$output" "$abs_top_srcdir/README" + # This one should fail. if guix download "file:///does-not-exist" "file://$abs_top_srcdir/README" then false; else true; fi From 17ab08bcf0ae27ec6a1f07766080ebfbea8837d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 16 Nov 2016 16:34:17 +0100 Subject: [PATCH 009/161] tests: Move HTTP server to (guix tests http). * tests/lint.scm (%http-server-port, %local-url) (%http-server-socket, http-write, %http-server-lock) (%http-server-ready, http-open, stub-http-server) (call-with-http-server, with-http-server): Move to (guix tests http). Adjust tests for %HTTP-SERVER-SOCKET as a promise and %LOCAL-URL as a parameter. * guix/tests/http.scm: New file. * Makefile.am (dist_noinst_DATA): Add it. (GOBJECTS): Add .go files for all of $(dist_noinst_DATA). (make-go): Depend on $(dist_noinst_DATA). --- Makefile.am | 8 +-- guix/tests/http.scm | 120 ++++++++++++++++++++++++++++++++++++++++++++ tests/lint.scm | 114 +++++++---------------------------------- 3 files changed, 141 insertions(+), 101 deletions(-) create mode 100644 guix/tests/http.scm diff --git a/Makefile.am b/Makefile.am index 908eaf6ec0..5d3639747f 100644 --- a/Makefile.am +++ b/Makefile.am @@ -171,8 +171,8 @@ MODULES += \ endif BUILD_DAEMON_OFFLOAD -# Internal module with test suite support. -dist_noinst_DATA = guix/tests.scm +# Internal modules with test suite support. +dist_noinst_DATA = guix/tests.scm guix/tests/http.scm # Linux-Libre configurations. KCONFIGS = \ @@ -189,7 +189,7 @@ EXAMPLES = \ gnu/system/examples/desktop.tmpl \ gnu/system/examples/lightweight-desktop.tmpl -GOBJECTS = $(MODULES:%.scm=%.go) guix/config.go guix/tests.go +GOBJECTS = $(MODULES:%.scm=%.go) guix/config.go $(dist_noinst_DATA:%.scm=%.go) nobase_dist_guilemodule_DATA = \ $(MODULES) $(KCONFIGS) $(EXAMPLES) \ @@ -407,7 +407,7 @@ CLEANFILES = \ # the whole thing. Likewise, set 'XDG_CACHE_HOME' to avoid loading possibly # stale files from ~/.cache/guile/ccache. %.go: make-go ; @: -make-go: $(MODULES) guix/config.scm guix/tests.scm +make-go: $(MODULES) guix/config.scm $(dist_noinst_DATA) $(AM_V_at)echo "Compiling Scheme modules..." ; \ unset GUILE_LOAD_COMPILED_PATH ; \ XDG_CACHE_HOME=/nowhere \ diff --git a/guix/tests/http.scm b/guix/tests/http.scm new file mode 100644 index 0000000000..fe1e120c5d --- /dev/null +++ b/guix/tests/http.scm @@ -0,0 +1,120 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2014, 2015, 2016 Ludovic Courtès +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (guix tests http) + #:use-module (ice-9 threads) + #:use-module (web server) + #:use-module (web server http) + #:use-module (web response) + #:use-module (srfi srfi-39) + #:export (with-http-server + call-with-http-server + %http-server-port + %http-server-socket + %local-url)) + +;;; Commentary: +;;; +;;; Code to spawn a Web server for testing purposes. +;;; +;;; Code: + +(define %http-server-port + ;; TCP port to use for the stub HTTP server. + (make-parameter 9999)) + +(define (%local-url) + ;; URL to use for 'home-page' tests. + (string-append "http://localhost:" (number->string (%http-server-port)) + "/foo/bar")) + +(define %http-server-socket + ;; Listening socket for the web server. It is useful to export it so that + ;; tests can check whether we succeeded opening the socket and tests skip if + ;; needed. + (delay + (catch 'system-error + (lambda () + (let ((sock (socket PF_INET SOCK_STREAM 0))) + (setsockopt sock SOL_SOCKET SO_REUSEADDR 1) + (bind sock + (make-socket-address AF_INET INADDR_LOOPBACK + (%http-server-port))) + sock)) + (lambda args + (let ((err (system-error-errno args))) + (format (current-error-port) + "warning: cannot run Web server for tests: ~a~%" + (strerror err)) + #f))))) + +(define (http-write server client response body) + "Write RESPONSE." + (let* ((response (write-response response client)) + (port (response-port response))) + (cond + ((not body)) ;pass + (else + (write-response-body response body))) + (close-port port) + (quit #t) ;exit the server thread + (values))) + +;; Mutex and condition variable to synchronize with the HTTP server. +(define %http-server-lock (make-mutex)) +(define %http-server-ready (make-condition-variable)) + +(define (http-open . args) + "Start listening for HTTP requests and signal %HTTP-SERVER-READY." + (with-mutex %http-server-lock + (let ((result (apply (@@ (web server http) http-open) args))) + (signal-condition-variable %http-server-ready) + result))) + +(define-server-impl stub-http-server + ;; Stripped-down version of Guile's built-in HTTP server. + http-open + (@@ (web server http) http-read) + http-write + (@@ (web server http) http-close)) + +(define (call-with-http-server code data thunk) + "Call THUNK with an HTTP server running and returning CODE and DATA (a +string) on HTTP requests." + (define (server-body) + (define (handle request body) + (values (build-response #:code code + #:reason-phrase "Such is life") + data)) + + (catch 'quit + (lambda () + (run-server handle stub-http-server + `(#:socket ,(force %http-server-socket)))) + (const #t))) + + (with-mutex %http-server-lock + (let ((server (make-thread server-body))) + (wait-condition-variable %http-server-ready %http-server-lock) + ;; Normally SERVER exits automatically once it has received a request. + (thunk)))) + +(define-syntax-rule (with-http-server code data body ...) + (call-with-http-server code data (lambda () body ...))) + +;;; http.scm ends here diff --git a/tests/lint.scm b/tests/lint.scm index fa2d19b2a6..cf1b95ee69 100644 --- a/tests/lint.scm +++ b/tests/lint.scm @@ -24,6 +24,7 @@ (define-module (test-lint) #:use-module (guix tests) + #:use-module (guix tests http) #:use-module (guix download) #:use-module (guix git-download) #:use-module (guix build-system gnu) @@ -33,101 +34,20 @@ #:use-module (gnu packages) #:use-module (gnu packages glib) #:use-module (gnu packages pkg-config) - #:use-module (web server) - #:use-module (web server http) - #:use-module (web response) #:use-module (ice-9 match) - #:use-module (ice-9 threads) #:use-module (srfi srfi-9 gnu) #:use-module (srfi srfi-64)) ;; Test the linter. -(define %http-server-port - ;; TCP port to use for the stub HTTP server. - 9999) - -(define %local-url - ;; URL to use for 'home-page' tests. - (string-append "http://localhost:" (number->string %http-server-port) - "/foo/bar")) +;; Avoid collisions with other tests. +(%http-server-port 9999) (define %null-sha256 ;; SHA256 of the empty string. (base32 "0mdqa9w1p6cmli6976v4wi0sw9r4p5prkj7lzfd1877wk11c9c73")) -(define %http-server-socket - ;; Socket used by the Web server. - (catch 'system-error - (lambda () - (let ((sock (socket PF_INET SOCK_STREAM 0))) - (setsockopt sock SOL_SOCKET SO_REUSEADDR 1) - (bind sock - (make-socket-address AF_INET INADDR_LOOPBACK - %http-server-port)) - sock)) - (lambda args - (let ((err (system-error-errno args))) - (format (current-error-port) - "warning: cannot run Web server for tests: ~a~%" - (strerror err)) - #f)))) - -(define (http-write server client response body) - "Write RESPONSE." - (let* ((response (write-response response client)) - (port (response-port response))) - (cond - ((not body)) ;pass - (else - (write-response-body response body))) - (close-port port) - (quit #t) ;exit the server thread - (values))) - -;; Mutex and condition variable to synchronize with the HTTP server. -(define %http-server-lock (make-mutex)) -(define %http-server-ready (make-condition-variable)) - -(define (http-open . args) - "Start listening for HTTP requests and signal %HTTP-SERVER-READY." - (with-mutex %http-server-lock - (let ((result (apply (@@ (web server http) http-open) args))) - (signal-condition-variable %http-server-ready) - result))) - -(define-server-impl stub-http-server - ;; Stripped-down version of Guile's built-in HTTP server. - http-open - (@@ (web server http) http-read) - http-write - (@@ (web server http) http-close)) - -(define (call-with-http-server code data thunk) - "Call THUNK with an HTTP server running and returning CODE and DATA (a -string) on HTTP requests." - (define (server-body) - (define (handle request body) - (values (build-response #:code code - #:reason-phrase "Such is life") - data)) - - (catch 'quit - (lambda () - (run-server handle stub-http-server - `(#:socket ,%http-server-socket))) - (const #t))) - - (with-mutex %http-server-lock - (let ((server (make-thread server-body))) - (wait-condition-variable %http-server-ready %http-server-lock) - ;; Normally SERVER exits automatically once it has received a request. - (thunk)))) - -(define-syntax-rule (with-http-server code data body ...) - (call-with-http-server code data (lambda () body ...))) - (define %long-string (make-string 2000 #\a)) @@ -423,28 +343,28 @@ string) on HTTP requests." (check-home-page pkg))) "domain not found"))) -(test-skip (if %http-server-socket 0 1)) +(test-skip (if (force %http-server-socket) 0 1)) (test-assert "home-page: Connection refused" (->bool (string-contains (with-warnings (let ((pkg (package (inherit (dummy-package "x")) - (home-page %local-url)))) + (home-page (%local-url))))) (check-home-page pkg))) "Connection refused"))) -(test-skip (if %http-server-socket 0 1)) +(test-skip (if (force %http-server-socket) 0 1)) (test-equal "home-page: 200" "" (with-warnings (with-http-server 200 %long-string (let ((pkg (package (inherit (dummy-package "x")) - (home-page %local-url)))) + (home-page (%local-url))))) (check-home-page pkg))))) -(test-skip (if %http-server-socket 0 1)) +(test-skip (if (force %http-server-socket) 0 1)) (test-assert "home-page: 200 but short length" (->bool (string-contains @@ -452,11 +372,11 @@ string) on HTTP requests." (with-http-server 200 "This is too small." (let ((pkg (package (inherit (dummy-package "x")) - (home-page %local-url)))) + (home-page (%local-url))))) (check-home-page pkg)))) "suspiciously small"))) -(test-skip (if %http-server-socket 0 1)) +(test-skip (if (force %http-server-socket) 0 1)) (test-assert "home-page: 404" (->bool (string-contains @@ -464,7 +384,7 @@ string) on HTTP requests." (with-http-server 404 %long-string (let ((pkg (package (inherit (dummy-package "x")) - (home-page %local-url)))) + (home-page (%local-url))))) (check-home-page pkg)))) "not reachable: 404"))) @@ -545,7 +465,7 @@ string) on HTTP requests." (check-source-file-name pkg))) "file name should contain the package name")))) -(test-skip (if %http-server-socket 0 1)) +(test-skip (if (force %http-server-socket) 0 1)) (test-equal "source: 200" "" (with-warnings @@ -554,11 +474,11 @@ string) on HTTP requests." (inherit (dummy-package "x")) (source (origin (method url-fetch) - (uri %local-url) + (uri (%local-url)) (sha256 %null-sha256)))))) (check-source pkg))))) -(test-skip (if %http-server-socket 0 1)) +(test-skip (if (force %http-server-socket) 0 1)) (test-assert "source: 200 but short length" (->bool (string-contains @@ -568,12 +488,12 @@ string) on HTTP requests." (inherit (dummy-package "x")) (source (origin (method url-fetch) - (uri %local-url) + (uri (%local-url)) (sha256 %null-sha256)))))) (check-source pkg)))) "suspiciously small"))) -(test-skip (if %http-server-socket 0 1)) +(test-skip (if (force %http-server-socket) 0 1)) (test-assert "source: 404" (->bool (string-contains @@ -583,7 +503,7 @@ string) on HTTP requests." (inherit (dummy-package "x")) (source (origin (method url-fetch) - (uri %local-url) + (uri (%local-url)) (sha256 %null-sha256)))))) (check-source pkg)))) "not reachable: 404"))) From 94d92c7796a3dd50c27d532315f7d497ac99f08e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Mon, 20 Jul 2015 04:30:16 +0200 Subject: [PATCH 010/161] daemon: Add "builtin:download" derivation builder. This ensures that 1) the derivation doesn't change when Guix changes; 2) the derivation closure doesn't contain Guix and its dependencies; 3) we don't have to rely on ugly chroot hacks. Adapted from Nix commit 0a2bee307b20411f5b0dda0c662b1f9bb9e0e131. * nix/libstore/build.cc (DerivationGoal::runChild): Add special case for 'isBuiltin(drv)'. Disable chroot when 'isBuiltin(drv)'. * nix/libstore/builtins.cc, nix/libstore/builtins.hh, nix/scripts/download.in, guix/scripts/perform-download.scm: New files. * guix/ui.scm (show-guix-help)[internal?]: Add 'perform-download'. * nix/local.mk (libstore_a_SOURCES): Add builtins.cc. (libstore_headers): Add builtins.hh. (nodist_pkglibexec_SCRIPTS): Add 'scripts/download'. * config-daemon.ac: Emit 'scripts/download'. * Makefile.am (MODULES): Add 'guix/scripts/perform-download.scm'. * tests/derivations.scm ("unknown built-in builder") ("'download' built-in builder") ("'download' built-in builder, invalid hash") ("'download' built-in builder, not found") ("'download' built-in builder, not fixed-output"): New tests. Co-authored-by: Eelco Dolstra --- .gitignore | 1 + Makefile.am | 1 + config-daemon.ac | 2 + guix/scripts/perform-download.scm | 113 ++++++++++++++++++++++++++++++ guix/ui.scm | 3 +- nix/libstore/build.cc | 36 ++++++++-- nix/libstore/builtins.cc | 69 ++++++++++++++++++ nix/libstore/builtins.hh | 41 +++++++++++ nix/local.mk | 5 +- nix/scripts/download.in | 11 +++ tests/derivations.scm | 70 ++++++++++++++++++ 11 files changed, 343 insertions(+), 9 deletions(-) create mode 100644 guix/scripts/perform-download.scm create mode 100644 nix/libstore/builtins.cc create mode 100644 nix/libstore/builtins.hh create mode 100644 nix/scripts/download.in diff --git a/.gitignore b/.gitignore index 6e892ca687..329d489713 100644 --- a/.gitignore +++ b/.gitignore @@ -125,3 +125,4 @@ config.cache stamp-h[0-9] tmp /doc/os-config-lightweight-desktop.texi +/nix/scripts/download diff --git a/Makefile.am b/Makefile.am index 5d3639747f..9d62f48024 100644 --- a/Makefile.am +++ b/Makefile.am @@ -123,6 +123,7 @@ MODULES = \ guix/import/elpa.scm \ guix/scripts.scm \ guix/scripts/download.scm \ + guix/scripts/perform-download.scm \ guix/scripts/build.scm \ guix/scripts/archive.scm \ guix/scripts/import.scm \ diff --git a/config-daemon.ac b/config-daemon.ac index f66f31269d..8a3e6d8b60 100644 --- a/config-daemon.ac +++ b/config-daemon.ac @@ -144,6 +144,8 @@ if test "x$guix_build_daemon" = "xyes"; then AC_CONFIG_FILES([nix/scripts/list-runtime-roots], [chmod +x nix/scripts/list-runtime-roots]) + AC_CONFIG_FILES([nix/scripts/download], + [chmod +x nix/scripts/download]) AC_CONFIG_FILES([nix/scripts/substitute], [chmod +x nix/scripts/substitute]) AC_CONFIG_FILES([nix/scripts/guix-authenticate], diff --git a/guix/scripts/perform-download.scm b/guix/scripts/perform-download.scm new file mode 100644 index 0000000000..0d2e7089aa --- /dev/null +++ b/guix/scripts/perform-download.scm @@ -0,0 +1,113 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 Ludovic Courtès +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (guix scripts perform-download) + #:use-module (guix ui) + #:use-module (guix derivations) + #:use-module ((guix store) #:select (derivation-path?)) + #:use-module (guix build download) + #:use-module (ice-9 match) + #:export (guix-perform-download)) + +;; This program is a helper for the daemon's 'download' built-in builder. + +(define-syntax derivation-let + (syntax-rules () + ((_ drv ((id name) rest ...) body ...) + (let ((id (assoc-ref (derivation-builder-environment-vars drv) + name))) + (derivation-let drv (rest ...) body ...))) + ((_ drv () body ...) + (begin body ...)))) + +(define %user-module + ;; Module in which content-address mirror procedures are evaluated. + (let ((module (make-fresh-user-module))) + (module-use! module (resolve-interface '(guix base32))) + module)) + +(define (perform-download drv) + "Perform the download described by DRV, a fixed-output derivation." + (derivation-let drv ((url "url") + (output "out") + (executable "executable") + (mirrors "mirrors") + (content-addressed-mirrors "content-addressed-mirrors")) + (unless url + (leave (_ "~a: missing URL~%") (derivation-file-name drv))) + + (let* ((url (call-with-input-string url read)) + (drv-output (assoc-ref (derivation-outputs drv) "out")) + (algo (derivation-output-hash-algo drv-output)) + (hash (derivation-output-hash drv-output))) + (unless (and algo hash) + (leave (_ "~a is not a fixed-output derivation~%") + (derivation-file-name drv))) + + ;; We're invoked by the daemon, which gives us write access to OUTPUT. + (when (url-fetch url output + #:mirrors (if mirrors + (call-with-input-file mirrors read) + '()) + #:content-addressed-mirrors + (if content-addressed-mirrors + (call-with-input-file content-addressed-mirrors + (lambda (port) + (eval (read port) %user-module))) + '()) + #:hashes `((,algo . ,hash)) + + ;; Since DRV's output hash is known, X.509 certificate + ;; validation is pointless. + #:verify-certificate? #f) + (when (and executable (string=? executable "1")) + (chmod output #o755)))))) + +(define (assert-low-privileges) + (when (zero? (getuid)) + (leave (_ "refusing to run with elevated privileges (UID ~a)~%") + (getuid)))) + +(define (guix-perform-download . args) + "Perform the download described by the given fixed-output derivation. + +This is an \"out-of-band\" download in that this code is executed directly by +the daemon and not explicitly described as an input of the derivation. This +allows us to sidestep bootstrapping problems, such downloading the source code +of GnuTLS over HTTPS, before we have built GnuTLS. See +." + (with-error-handling + (match args + (((? derivation-path? drv)) + ;; This program must be invoked by guix-daemon under an unprivileged + ;; UID to prevent things downloading from 'file:///etc/shadow' or + ;; arbitrary code execution via the content-addressed mirror + ;; procedures. (That means we exclude users who did not pass + ;; '--build-users-group'.) + (assert-low-privileges) + (perform-download (call-with-input-file drv read-derivation))) + (("--version") + (show-version-and-exit)) + (x + (leave (_ "fixed-output derivation name expected~%")))))) + +;; Local Variables: +;; eval: (put 'derivation-let 'scheme-indent-function 2) +;; End: + +;; perform-download.scm ends here diff --git a/guix/ui.scm b/guix/ui.scm index 9af8648211..b9fbbfd0e3 100644 --- a/guix/ui.scm +++ b/guix/ui.scm @@ -1184,7 +1184,8 @@ optionally contain a version number and an output name, as in these examples: (define (show-guix-help) (define (internal? command) - (member command '("substitute" "authenticate" "offload"))) + (member command '("substitute" "authenticate" "offload" + "perform-download"))) (format #t (_ "Usage: guix COMMAND ARGS... Run COMMAND with ARGS.\n")) diff --git a/nix/libstore/build.cc b/nix/libstore/build.cc index ae78e65199..889ee3d2bd 100644 --- a/nix/libstore/build.cc +++ b/nix/libstore/build.cc @@ -8,6 +8,7 @@ #include "util.hh" #include "archive.hh" #include "affinity.hh" +#include "builtins.hh" #include #include @@ -2047,7 +2048,12 @@ void DerivationGoal::runChild() commonChildInit(builderOut); #if CHROOT_ENABLED - if (useChroot) { + /* Note: built-in builders are *not* running in a chroot environment + so that we can easily implement them in Guile without having it as + a derivation input (they are running under a separate build user, + though). */ + + if (useChroot && !isBuiltin(drv)) { /* Initialise the loopback interface. */ AutoCloseFD fd(socket(PF_INET, SOCK_DGRAM, IPPROTO_IP)); if (fd == -1) throw SysError("cannot open IP socket"); @@ -2255,6 +2261,28 @@ void DerivationGoal::runChild() throw SysError("setuid failed"); } + restoreSIGPIPE(); + + /* Indicate that we managed to set up the build environment. */ + writeFull(STDERR_FILENO, "\n"); + + /* Execute the program. This should not return. */ + if (isBuiltin(drv)) { + try { + logType = ltFlat; + + auto buildDrv = lookupBuiltinBuilder(drv.builder); + if (buildDrv != NULL) + buildDrv(drv, drvPath); + else + throw Error(format("unsupported builtin function '%1%'") % string(drv.builder, 8)); + _exit(0); + } catch (std::exception & e) { + writeFull(STDERR_FILENO, "error: " + string(e.what()) + "\n"); + _exit(1); + } + } + /* Fill in the arguments. */ Strings args; string builderBasename = baseNameOf(drv.builder); @@ -2262,12 +2290,6 @@ void DerivationGoal::runChild() foreach (Strings::iterator, i, drv.args) args.push_back(rewriteHashes(*i, rewritesToTmp)); - restoreSIGPIPE(); - - /* Indicate that we managed to set up the build environment. */ - writeFull(STDERR_FILENO, "\n"); - - /* Execute the program. This should not return. */ execve(drv.builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data()); throw SysError(format("executing `%1%'") % drv.builder); diff --git a/nix/libstore/builtins.cc b/nix/libstore/builtins.cc new file mode 100644 index 0000000000..605e44079a --- /dev/null +++ b/nix/libstore/builtins.cc @@ -0,0 +1,69 @@ +/* GNU Guix --- Functional package management for GNU + Copyright (C) 2016 Ludovic Courtès + + This file is part of GNU Guix. + + GNU Guix is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or (at + your option) any later version. + + GNU Guix is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with GNU Guix. If not, see . */ + +#include +#include +#include + +#include + +namespace nix { + +static void builtinDownload(const Derivation &drv, + const std::string &drvPath) +{ + /* Invoke 'guix perform-download'. */ + Strings args; + args.push_back("perform-download"); + args.push_back(drvPath); + + /* Close all other file descriptors. */ + closeMostFDs(set()); + + const char *const argv[] = { "download", drvPath.c_str(), NULL }; + + /* XXX: Hack our way to use the 'download' script from 'LIBEXECDIR/guix' + or just 'LIBEXECDIR', depending on whether we're running uninstalled or + not. */ + const string subdir = getenv("GUIX_UNINSTALLED") != NULL + ? "" : "/guix"; + + const string program = settings.nixLibexecDir + subdir + "/download"; + execv(program.c_str(), (char *const *) argv); + + throw SysError(format("failed to run download program '%1%'") % program); +} + +static const std::map builtins = +{ + { "download", builtinDownload } +}; + +derivationBuilder lookupBuiltinBuilder(const std::string & name) +{ + if (name.substr(0, 8) == "builtin:") + { + auto realName = name.substr(8); + auto builder = builtins.find(realName); + return builder == builtins.end() ? NULL : builder->second; + } + else + return NULL; +} + +} diff --git a/nix/libstore/builtins.hh b/nix/libstore/builtins.hh new file mode 100644 index 0000000000..0c6db651ab --- /dev/null +++ b/nix/libstore/builtins.hh @@ -0,0 +1,41 @@ +/* GNU Guix --- Functional package management for GNU + Copyright (C) 2016 Ludovic Courtès + + This file is part of GNU Guix. + + GNU Guix is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or (at + your option) any later version. + + GNU Guix is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with GNU Guix. If not, see . */ + +/* Interface to built-in derivation builders. */ + +#pragma once + +#include +#include +#include + +namespace nix { + + inline bool isBuiltin(const Derivation & drv) + { + return string(drv.builder, 0, 8) == "builtin:"; + } + + /* Build DRV, which lives at DRVPATH. */ + typedef void (*derivationBuilder) (const Derivation &drv, + const std::string &drvPath); + + /* Return the built-in builder called BUILDER, or NULL if none was + found. */ + derivationBuilder lookupBuiltinBuilder(const std::string &builder); +} diff --git a/nix/local.mk b/nix/local.mk index c666edd033..86ef769549 100644 --- a/nix/local.mk +++ b/nix/local.mk @@ -87,6 +87,7 @@ libstore_a_SOURCES = \ %D%/libstore/build.cc \ %D%/libstore/pathlocks.cc \ %D%/libstore/derivations.cc \ + %D%/libstore/builtins.cc \ %D%/libstore/sqlite.cc libstore_headers = \ @@ -98,6 +99,7 @@ libstore_headers = \ %D%/libstore/misc.hh \ %D%/libstore/local-store.hh \ %D%/libstore/sqlite.hh \ + %D%/libstore/builtins.hh \ %D%/libstore/store-api.hh libstore_a_CPPFLAGS = \ @@ -166,7 +168,8 @@ noinst_HEADERS = \ nodist_pkglibexec_SCRIPTS = \ %D%/scripts/list-runtime-roots \ - %D%/scripts/substitute + %D%/scripts/substitute \ + %D%/scripts/download if BUILD_DAEMON_OFFLOAD diff --git a/nix/scripts/download.in b/nix/scripts/download.in new file mode 100644 index 0000000000..4d7088a993 --- /dev/null +++ b/nix/scripts/download.in @@ -0,0 +1,11 @@ +#!@SHELL@ +# A shorthand for "guix perform-download", for use by the daemon. + +if test "x$GUIX_UNINSTALLED" = "x" +then + prefix="@prefix@" + exec_prefix="@exec_prefix@" + exec "@bindir@/guix" perform-download "$@" +else + exec guix perform-download "$@" +fi diff --git a/tests/derivations.scm b/tests/derivations.scm index d8553b223e..449fb47832 100644 --- a/tests/derivations.scm +++ b/tests/derivations.scm @@ -16,6 +16,8 @@ ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see . +(unsetenv "http_proxy") + (define-module (test-derivations) #:use-module (guix derivations) #:use-module (guix grafts) @@ -24,6 +26,7 @@ #:use-module (guix hash) #:use-module (guix base32) #:use-module (guix tests) + #:use-module (guix tests http) #:use-module ((guix packages) #:select (package-derivation base32)) #:use-module ((guix build utils) #:select (executable-file?)) #:use-module ((gnu packages) #:select (search-bootstrap-binary)) @@ -75,6 +78,9 @@ (lambda (e1 e2) (stringstring (%local-url)))) + #:hash-algo 'sha256 + #:hash (sha256 (string->utf8 text))))) + (and (build-derivations %store (list drv)) + (string=? (call-with-input-file (derivation->output-path drv) + get-string-all) + text)))))) + +(unless (force %http-server-socket) + (test-skip 1)) +(test-assert "'download' built-in builder, invalid hash" + (with-http-server 200 "hello, world!" + (let* ((drv (derivation %store "world" + "builtin:download" '() + #:env-vars `(("url" + . ,(object->string (%local-url)))) + #:hash-algo 'sha256 + #:hash (sha256 (random-bytevector 100))))) ;wrong + (guard (c ((nix-protocol-error? c) + (string-contains (nix-protocol-error-message c) "failed"))) + (build-derivations %store (list drv)) + #f)))) + +(unless (force %http-server-socket) + (test-skip 1)) +(test-assert "'download' built-in builder, not found" + (with-http-server 404 "not found" + (let* ((drv (derivation %store "will-never-be-found" + "builtin:download" '() + #:env-vars `(("url" + . ,(object->string (%local-url)))) + #:hash-algo 'sha256 + #:hash (sha256 (random-bytevector 100))))) + (guard (c ((nix-protocol-error? c) + (string-contains (nix-protocol-error-message (pk c)) "failed"))) + (build-derivations %store (list drv)) + #f)))) + +(test-assert "'download' built-in builder, not fixed-output" + (let* ((source (add-text-to-store %store "hello" "hi!")) + (url (string-append "file://" source)) + (drv (derivation %store "world" + "builtin:download" '() + #:env-vars `(("url" . ,(object->string url)))))) + (guard (c ((nix-protocol-error? c) + (string-contains (nix-protocol-error-message c) "failed"))) + (build-derivations %store (list drv)) + #f))) + (test-equal "derivation-name" "foo-0.0" (let ((drv (derivation %store "foo-0.0" %bash '()))) From f9aefa2d5fb3f6aad25a907939ee872c828b33d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 13 Nov 2016 22:59:54 +0100 Subject: [PATCH 011/161] daemon: Add 'built-in-builders' RPC. * nix/libstore/builtins.cc (builtinBuilderNames): New function. * nix/libstore/builtins.hh (builtinBuilderNames): New declaration. * nix/libstore/worker-protocol.hh (PROTOCOL_VERSION): Bump to 0x160. (WorkerOp)[wopBuiltinBuilders]: New value. * nix/nix-daemon/nix-daemon.cc (performOp): Handle it. * guix/store.scm (operation-id)[built-in-builders]: New value. * guix/store.scm (read-arg): Add 'string-list'. (built-in-builders): New procedure. * tests/derivations.scm ("built-in-builders"): New test. --- guix/store.scm | 25 +++++++++++++++++++++++-- nix/libstore/builtins.cc | 10 ++++++++++ nix/libstore/builtins.hh | 3 +++ nix/libstore/worker-protocol.hh | 5 +++-- nix/nix-daemon/nix-daemon.cc | 9 +++++++++ tests/derivations.scm | 4 ++++ 6 files changed, 52 insertions(+), 4 deletions(-) diff --git a/guix/store.scm b/guix/store.scm index 43cfda9214..3047dc39b9 100644 --- a/guix/store.scm +++ b/guix/store.scm @@ -95,6 +95,7 @@ path-info-registration-time path-info-nar-size + built-in-builders references references/substitutes requisites @@ -187,7 +188,8 @@ (query-substitutable-paths 32) (query-valid-derivers 33) (optimize-store 34) - (verify-store 35)) + (verify-store 35) + (built-in-builders 80)) (define-enumerate-type hash-algo ;; hash.hh @@ -283,7 +285,7 @@ (write-string (bytevector->base16-string arg) p)))) (define-syntax read-arg - (syntax-rules (integer boolean string store-path store-path-list + (syntax-rules (integer boolean string store-path store-path-list string-list substitutable-path-list path-info base16) ((_ integer p) (read-int p)) @@ -295,6 +297,8 @@ (read-store-path p)) ((_ store-path-list p) (read-store-path-list p)) + ((_ string-list p) + (read-string-list p)) ((_ substitutable-path-list p) (read-substitutable-path-list p)) ((_ path-info p) @@ -914,6 +918,23 @@ that there is no guarantee that the order of the resulting list matches the order of PATHS." substitutable-path-list)) +(define built-in-builders + (let ((builders (operation (built-in-builders) + "Return the built-in builders." + string-list))) + (lambda (store) + "Return the names of the supported built-in derivation builders +supported by STORE." + ;; Check whether STORE's version supports this RPC and built-in + ;; derivation builders in general, which appeared in Guix > 0.11.0. + ;; Return the empty list if it doesn't. Note that this RPC does not + ;; exist in 'nix-daemon'. + (if (or (> (nix-server-major-version store) #x100) + (and (= (nix-server-major-version store) #x100) + (>= (nix-server-minor-version store) #x60))) + (builders store) + '())))) + (define-operation (optimize-store) "Optimize the store by hard-linking identical files (\"deduplication\".) Return #t on success." diff --git a/nix/libstore/builtins.cc b/nix/libstore/builtins.cc index 605e44079a..32af767dc4 100644 --- a/nix/libstore/builtins.cc +++ b/nix/libstore/builtins.cc @@ -66,4 +66,14 @@ derivationBuilder lookupBuiltinBuilder(const std::string & name) return NULL; } +std::list builtinBuilderNames() +{ + std::list result; + for(auto&& iter: builtins) + { + result.push_back(iter.first); + } + return result; +} + } diff --git a/nix/libstore/builtins.hh b/nix/libstore/builtins.hh index 0c6db651ab..79171fcb6c 100644 --- a/nix/libstore/builtins.hh +++ b/nix/libstore/builtins.hh @@ -38,4 +38,7 @@ namespace nix { /* Return the built-in builder called BUILDER, or NULL if none was found. */ derivationBuilder lookupBuiltinBuilder(const std::string &builder); + + /* Return the list of supported built-in builder names. */ + std::list builtinBuilderNames(); } diff --git a/nix/libstore/worker-protocol.hh b/nix/libstore/worker-protocol.hh index 7b7be4a8a0..bdeaca2e3a 100644 --- a/nix/libstore/worker-protocol.hh +++ b/nix/libstore/worker-protocol.hh @@ -6,7 +6,7 @@ namespace nix { #define WORKER_MAGIC_1 0x6e697863 #define WORKER_MAGIC_2 0x6478696f -#define PROTOCOL_VERSION 0x10f +#define PROTOCOL_VERSION 0x160 #define GET_PROTOCOL_MAJOR(x) ((x) & 0xff00) #define GET_PROTOCOL_MINOR(x) ((x) & 0x00ff) @@ -43,7 +43,8 @@ typedef enum { wopQuerySubstitutablePaths = 32, wopQueryValidDerivers = 33, wopOptimiseStore = 34, - wopVerifyStore = 35 + wopVerifyStore = 35, + wopBuiltinBuilders = 80 } WorkerOp; diff --git a/nix/nix-daemon/nix-daemon.cc b/nix/nix-daemon/nix-daemon.cc index 35c284f7e1..9b29b3e91d 100644 --- a/nix/nix-daemon/nix-daemon.cc +++ b/nix/nix-daemon/nix-daemon.cc @@ -6,6 +6,7 @@ #include "archive.hh" #include "affinity.hh" #include "globals.hh" +#include "builtins.hh" #include @@ -671,6 +672,14 @@ static void performOp(bool trusted, unsigned int clientVersion, break; } + case wopBuiltinBuilders: { + startWork(); + auto names = builtinBuilderNames(); + stopWork(); + writeStrings(names, to); + break; + } + default: throw Error(format("invalid operation %1%") % op); } diff --git a/tests/derivations.scm b/tests/derivations.scm index 449fb47832..2b5aa796d4 100644 --- a/tests/derivations.scm +++ b/tests/derivations.scm @@ -211,6 +211,10 @@ (= (stat:ino (lstat file1)) (stat:ino (lstat file2)))))))) +(test-equal "built-in-builders" + '("download") + (built-in-builders %store)) + (test-assert "unknown built-in builder" (let ((drv (derivation %store "ohoh" "builtin:does-not-exist" '()))) (guard (c ((nix-protocol-error? c) From 05ceb8dcaf480a47cddf94ac979070b76df6556c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 16 Nov 2016 17:44:50 +0100 Subject: [PATCH 012/161] download: Use the built-in 'download' builder when available. Fixes . Reported by Christopher W Carpenter. * guix/download.scm (built-in-builders*, raw-derivation) (built-in-download): New procedures. (in-band-download): New procedure, with code formerly in 'url-fetch'. (url-fetch): Call 'built-in-builders*' and dispatch between 'built-in-download' and 'in-band-download'. --- guix/download.scm | 156 +++++++++++++++++++++++++++++++++------------- 1 file changed, 112 insertions(+), 44 deletions(-) diff --git a/guix/download.scm b/guix/download.scm index 0c275053c5..34ebd45370 100644 --- a/guix/download.scm +++ b/guix/download.scm @@ -309,27 +309,61 @@ (let ((module (resolve-interface '(gnu packages tls)))) (module-ref module 'gnutls))) -(define* (url-fetch url hash-algo hash - #:optional name - #:key (system (%current-system)) - (guile (default-guile))) - "Return a fixed-output derivation that fetches URL (a string, or a list of -strings denoting alternate URLs), which is expected to have hash HASH of type -HASH-ALGO (a symbol). By default, the file name is the base name of URL; -optionally, NAME can specify a different file name. +(define built-in-builders* + (let ((cache (make-weak-key-hash-table))) + (lambda () + "Return, as a monadic value, the list of built-in builders supported by +the daemon." + (lambda (store) + ;; Memoize the result to avoid repeated RPCs. + (values (or (hashq-ref cache store) + (let ((result (built-in-builders store))) + (hashq-set! cache store result) + result)) + store))))) -When one of the URL starts with mirror://, then its host part is -interpreted as the name of a mirror scheme, taken from %MIRROR-FILE. +(define raw-derivation + (store-lift derivation)) -Alternately, when URL starts with file://, return the corresponding file name -in the store." - (define file-name - (match url - ((head _ ...) - (basename head)) - (_ - (basename url)))) +(define* (built-in-download file-name url + #:key system hash-algo hash + mirrors content-addressed-mirrors + (guile 'unused)) + "Download FILE-NAME from URL using the built-in 'download' builder. +This is an \"out-of-band\" download in that the returned derivation does not +explicitly depend on Guile, GnuTLS, etc. Instead, the daemon performs the +download by itself using its own dependencies." + (mlet %store-monad ((mirrors (lower-object mirrors)) + (content-addressed-mirrors + (lower-object content-addressed-mirrors))) + (raw-derivation file-name "builtin:download" '() + #:system system + #:hash-algo hash-algo + #:hash hash + #:inputs `((,mirrors) + (,content-addressed-mirrors)) + + ;; Honor the user's proxy and locale settings. + #:leaked-env-vars '("http_proxy" "https_proxy" + "LC_ALL" "LC_MESSAGES" "LANG" + "COLUMNS") + + #:env-vars `(("url" . ,(object->string url)) + ("mirrors" . ,mirrors) + ("content-addressed-mirrors" + . ,content-addressed-mirrors))))) + +(define* (in-band-download file-name url + #:key system hash-algo hash + mirrors content-addressed-mirrors + guile) + "Download FILE-NAME from URL using a normal, \"in-band\" fixed-output +derivation. + +This is now deprecated since it has the drawback of causing bootstrapping +issues: we may need to build GnuTLS just to be able to download the source of +GnuTLS itself and its dependencies. See ." (define need-gnutls? ;; True if any of the URLs need TLS support. (let ((https? (cut string-prefix? "https://" <>))) @@ -366,47 +400,81 @@ in the store." read)))) (url-fetch (value-from-environment "guix download url") #$output - #:mirrors (call-with-input-file #$%mirror-file read) + #:mirrors (call-with-input-file #$mirrors read) ;; Content-addressed mirrors. #:hashes (value-from-environment "guix download hashes") #:content-addressed-mirrors - (primitive-load #$%content-addressed-mirror-file) + (primitive-load #$content-addressed-mirrors) ;; No need to validate certificates since we know the ;; hash of the expected result. #:verify-certificate? #f))))) + (mlet %store-monad ((guile (package->derivation guile system))) + (gexp->derivation file-name builder + #:guile-for-build guile + #:system system + #:hash-algo hash-algo + #:hash hash + + ;; Use environment variables and a fixed script + ;; name so there's only one script in store for + ;; all the downloads. + #:script-name "download" + #:env-vars + `(("guix download url" . ,(object->string url)) + ("guix download hashes" + . ,(object->string `((,hash-algo . ,hash))))) + + ;; Honor the user's proxy settings. + #:leaked-env-vars '("http_proxy" "https_proxy") + + ;; In general, offloading downloads is not a good + ;; idea. Daemons before 0.8.3 would also + ;; interpret this as "do not substitute" (see + ;; .) + #:local-build? #t))) + +(define* (url-fetch url hash-algo hash + #:optional name + #:key (system (%current-system)) + (guile (default-guile))) + "Return a fixed-output derivation that fetches URL (a string, or a list of +strings denoting alternate URLs), which is expected to have hash HASH of type +HASH-ALGO (a symbol). By default, the file name is the base name of URL; +optionally, NAME can specify a different file name. + +When one of the URL starts with mirror://, then its host part is +interpreted as the name of a mirror scheme, taken from %MIRROR-FILE. + +Alternately, when URL starts with file://, return the corresponding file name +in the store." + (define file-name + (match url + ((head _ ...) + (basename head)) + (_ + (basename url)))) + (let ((uri (and (string? url) (string->uri url)))) (if (or (and (string? url) (not uri)) (and uri (memq (uri-scheme uri) '(#f file)))) (interned-file (if uri (uri-path uri) url) (or name file-name)) - (mlet %store-monad ((guile (package->derivation guile system))) - (gexp->derivation (or name file-name) builder - #:guile-for-build guile - #:system system - #:hash-algo hash-algo - #:hash hash - - ;; Use environment variables and a fixed script - ;; name so there's only one script in store for - ;; all the downloads. - #:script-name "download" - #:env-vars - `(("guix download url" . ,(object->string url)) - ("guix download hashes" - . ,(object->string `((,hash-algo . ,hash))))) - - ;; Honor the user's proxy settings. - #:leaked-env-vars '("http_proxy" "https_proxy") - - ;; In general, offloading downloads is not a good - ;; idea. Daemons before 0.8.3 would also - ;; interpret this as "do not substitute" (see - ;; .) - #:local-build? #t))))) + (mlet* %store-monad ((builtins (built-in-builders*)) + (download -> (if (member "download" builtins) + built-in-download + in-band-download))) + (download (or name file-name) url + #:guile guile + #:system system + #:hash-algo hash-algo + #:hash hash + #:mirrors %mirror-file + #:content-addressed-mirrors + %content-addressed-mirror-file))))) (define* (url-fetch/tarbomb url hash-algo hash #:optional name From 56ac2bf442c0639f498cdea2db4f3e57cdb49140 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Wed, 16 Nov 2016 02:14:28 -0500 Subject: [PATCH 013/161] gnu: pixman: Add fix for CVE-2016-5296. * gnu/packages/patches/pixman-CVE-2016-5296.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/xdisorg.scm (pixman)[replacement]: New field. (pixman/fixed): New variable. --- gnu/local.mk | 1 + .../patches/pixman-CVE-2016-5296.patch | 19 +++++++++++++++++++ gnu/packages/xdisorg.scm | 10 +++++++++- 3 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/pixman-CVE-2016-5296.patch diff --git a/gnu/local.mk b/gnu/local.mk index 08f99c4836..8a8b7434ad 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -785,6 +785,7 @@ dist_patch_DATA = \ %D%/packages/patches/pinball-src-deps.patch \ %D%/packages/patches/pinball-system-ltdl.patch \ %D%/packages/patches/pingus-sdl-libs-config.patch \ + %D%/packages/patches/pixman-CVE-2016-5296.patch \ %D%/packages/patches/plink-1.07-unclobber-i.patch \ %D%/packages/patches/plink-endian-detection.patch \ %D%/packages/patches/plotutils-libpng-jmpbuf.patch \ diff --git a/gnu/packages/patches/pixman-CVE-2016-5296.patch b/gnu/packages/patches/pixman-CVE-2016-5296.patch new file mode 100644 index 0000000000..21942326ae --- /dev/null +++ b/gnu/packages/patches/pixman-CVE-2016-5296.patch @@ -0,0 +1,19 @@ +Fix CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 +Adapted for upstream pixman based on: + + https://hg.mozilla.org/releases/mozilla-esr45/rev/5e39c1c2fded + +--- pixman-0.34.0/pixman/pixman-edge-imp.h.orig 2015-06-30 05:48:31.000000000 -0400 ++++ pixman-0.34.0/pixman/pixman-edge-imp.h 2016-11-16 01:09:34.046335106 -0500 +@@ -55,8 +55,9 @@ + * + * (The AA case does a similar adjustment in RENDER_SAMPLES_X) + */ +- lx += X_FRAC_FIRST(1) - pixman_fixed_e; +- rx += X_FRAC_FIRST(1) - pixman_fixed_e; ++ /* we cast to unsigned to get defined behaviour for overflow */ ++ lx = (unsigned)lx + X_FRAC_FIRST(1) - pixman_fixed_e; ++ rx = (unsigned)rx + X_FRAC_FIRST(1) - pixman_fixed_e; + #endif + /* clip X */ + if (lx < 0) diff --git a/gnu/packages/xdisorg.scm b/gnu/packages/xdisorg.scm index a26c716866..53048e0607 100644 --- a/gnu/packages/xdisorg.scm +++ b/gnu/packages/xdisorg.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014 Andreas Enge -;;; Copyright © 2014, 2015 Mark H Weaver +;;; Copyright © 2014, 2015, 2016 Mark H Weaver ;;; Copyright © 2014 Eric Bavier ;;; Copyright © 2014, 2015, 2016 Alex Kost ;;; Copyright © 2013, 2015 Ludovic Courtès @@ -241,6 +241,7 @@ following the mouse.") (package (name "pixman") (version "0.34.0") + (replacement pixman/fixed) (source (origin (method url-fetch) (uri (string-append @@ -262,6 +263,13 @@ manipulation, providing features such as image compositing and trapezoid rasterisation.") (license license:x11))) +(define pixman/fixed + (package + (inherit pixman) + (source (origin + (inherit (package-source pixman)) + (patches (search-patches "pixman-CVE-2016-5296.patch")))))) + (define-public libdrm (package From 1a87aa75671ad6567cd57fce0936220862107478 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Wed, 16 Nov 2016 04:38:27 -0500 Subject: [PATCH 014/161] gnu: icecat: Add fixes from Firefox ESR 45.5.0. Includes fixes for CVE-2016-5290, CVE-2016-5291, CVE-2016-5297, CVE-2016-9064, and CVE-2016-9066. * gnu/packages/gnuzilla.scm (icecat)[source][patches]: Add fixes for aforementioned CVEs and other selected fixes from Firefox ESR 45.5.0. Note that the first six patches of CVE-2016-5290 and the patch for CVE-2016-9066 were already present, but were labeled by mozilla bug number instead of CVE. * gnu/packages/patches/icecat-CVE-2016-9064.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/gnuzilla.scm | 30 +- .../patches/icecat-CVE-2016-9064.patch | 996 ++++++++++++++++++ 3 files changed, 1020 insertions(+), 7 deletions(-) create mode 100644 gnu/packages/patches/icecat-CVE-2016-9064.patch diff --git a/gnu/local.mk b/gnu/local.mk index 8a8b7434ad..3989cb831b 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -612,6 +612,7 @@ dist_patch_DATA = \ %D%/packages/patches/hypre-ldflags.patch \ %D%/packages/patches/icecat-avoid-bundled-libraries.patch \ %D%/packages/patches/icecat-binutils.patch \ + %D%/packages/patches/icecat-CVE-2016-9064.patch \ %D%/packages/patches/icu4c-CVE-2014-6585.patch \ %D%/packages/patches/icu4c-CVE-2015-1270.patch \ %D%/packages/patches/icu4c-CVE-2015-4760.patch \ diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 6bfe90f9f5..267c621c41 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -346,13 +346,29 @@ standards.") ,(mozilla-patch "icecat-CVE-2016-5284-pt5.patch" "0799490f4e6f" "1ypv6i48nabbhcqbach8fbgz9bmnhm7q5z9dnfid44z8g54l3f33") ,(mozilla-patch "icecat-CVE-2016-5284-pt6.patch" "fc990e4ae8bc" "1s2cj505ajwwiy4xvn5zlmyzqpgahxmqqvis0a6xm6mjbjh02gm4") ,(mozilla-patch "icecat-bug-1251088.patch" "5ffa912ed83e" "0v5lpv3c89c2d4y5acn0kyijv096axdnrvaj5ya5yypzfcaqxv24") - ,(mozilla-patch "icecat-bug-1292590.patch" "d4b5b8f3e373" "0w8cxn6ryhgxryy8k8i06yw4mknv509ns9ff1avd0hmgxa83mcdp") - ,(mozilla-patch "icecat-bug-1298169.patch" "adce603ae36d" "0mgs85cwx61bk17r7npl311l4m8yn4667wyhgjmm2ajiys6nn0yl") - ,(mozilla-patch "icecat-bug-1301496.patch" "97268426bb6f" "1z7hg796cgag025gm9pp2szz7w870s7naagdri1dlsilj797v8hr") - ,(mozilla-patch "icecat-bug-1299519.patch" "fc055950b6b8" "05iml5k3rzc653jk4imd111sh18625jxfxkcj12kjdihl0gdr4x4") - ,(mozilla-patch "icecat-bug-1303710.patch" "6f845c23565b" "01dlbnmpsnwr448fajs276y62gl03r74k1hxnwsg6ihwhnfdvn5a") - ,(mozilla-patch "icecat-bug-1301343.patch" "e5d51ca7a3c0" "0hshcz24hc6pkz5pcqxhajm17ibwrlfn1s00frfnpjjy56vacfz0") - ,(mozilla-patch "icecat-bug-1299686.patch" "576f1725a57e" "1lic9d3r8r1vcniw1g3ca71390lw3dmwjsw55dp6z96hyjbcq3fd"))) + ,(mozilla-patch "icecat-CVE-2016-5290-pt1.patch" "d4b5b8f3e373" "0w8cxn6ryhgxryy8k8i06yw4mknv509ns9ff1avd0hmgxa83mcdp") + ,(mozilla-patch "icecat-CVE-2016-5290-pt2.patch" "adce603ae36d" "0mgs85cwx61bk17r7npl311l4m8yn4667wyhgjmm2ajiys6nn0yl") + ,(mozilla-patch "icecat-CVE-2016-5290-pt3.patch" "97268426bb6f" "1z7hg796cgag025gm9pp2szz7w870s7naagdri1dlsilj797v8hr") + ,(mozilla-patch "icecat-CVE-2016-5290-pt4.patch" "fc055950b6b8" "05iml5k3rzc653jk4imd111sh18625jxfxkcj12kjdihl0gdr4x4") + ,(mozilla-patch "icecat-CVE-2016-5290-pt5.patch" "6f845c23565b" "01dlbnmpsnwr448fajs276y62gl03r74k1hxnwsg6ihwhnfdvn5a") + ,(mozilla-patch "icecat-CVE-2016-5290-pt6.patch" "e5d51ca7a3c0" "0hshcz24hc6pkz5pcqxhajm17ibwrlfn1s00frfnpjjy56vacfz0") + ,(mozilla-patch "icecat-CVE-2016-5290-pt7.patch" "61d1463acd04" "1iig4a79dxmfcr6w82mdhyl88wy7d36g5n4p24632kbabgl9j9sz") + ,(mozilla-patch "icecat-CVE-2016-5290-pt8.patch" "8e0bab4216de" "1knq8h5ni8crfndi3p78b2pyj5lzchqw67vk0yx061r76mq4wp4r") + ,(mozilla-patch "icecat-CVE-2016-5290-pt9.patch" "bb10104dc89e" "1flvagckrzfk7hs2xzb5j3s5i0ck57ygyskh5494xmpa2a1nnsqj") + ,(mozilla-patch "icecat-CVE-2016-5290-pt10.patch" "7006b275b829" "0sqagm247wx94mf51fyhdkn0vf1a1qy9i829shjnhssd79srxmnn") + ,(mozilla-patch "icecat-CVE-2016-5290-pt11.patch" "32ce7be98543" "1y2r9i4p1qpqi75mlwmibr51whz5h1vj28c6mh6ik57dxkqxbclb") + ,(mozilla-patch "icecat-CVE-2016-5291.patch" "3ff0c89f3b26" "1prn74aglshaj27jfrpd2s2i4slpljw4rbzjxc1qgwjvkq4m6j6f") + ,(mozilla-patch "icecat-CVE-2016-5296.patch" "5e39c1c2fded" "0rjza37gvpzhbqfmpad33kljnpl1yfd9wm8xf7ll6bay3m8cqj6j") + ,(mozilla-patch "icecat-CVE-2016-5297.patch" "46b07bdbf8b2" "1n8y1c5l0ms81dra7jsx8mp633ak5qvx105drvlg9hn3m0fwv1lj") + ,(search-patch "icecat-CVE-2016-9064.patch") ; adapted for icecat based on: + ; "00c2b7baaa0b" "0y02yb7r62656nq9dji9dnwils2lxqasjz5byv62j1xa87r7f9hp" + ,(mozilla-patch "icecat-CVE-2016-9066.patch" "576f1725a57e" "1lic9d3r8r1vcniw1g3ca71390lw3dmwjsw55dp6z96hyjbcq3fd") + ,(mozilla-patch "icecat-bug-1212939.patch" "4a0e851f83e4" "182vx1qxrr7r2175jjf0bcixwwm1khdj4sq0c8wnsyry7p9waq5q") + ,(mozilla-patch "icecat-bug-1168743.patch" "a1e06af61ab3" "07llk1ba6axjasiv30vicz96k55ff4mybxy21vjxk6j0asgyjz23") + ,(mozilla-patch "icecat-bug-1287176.patch" "0569d5dce9db" "1d41sqbq6jc3af73dz9w19win7v7c12kw1mp7j7b1gkadq46c4y7") + ,(mozilla-patch "icecat-bug-1263665.patch" "a79cafee93f4" "0bn7hpm8mh8qmkpz5wiridr792irrs5sjxyvryazy2i0p4pjh62p") + ,(mozilla-patch "icecat-bug-1304962.patch" "f61049d5f373" "04d1na31qqq7yq4jjvhq6vzqq3f23rwac8c6fw4h5fx1pdb3l997") + ,(mozilla-patch "icecat-bug-1314574.patch" "46b2558ca469" "00q8676xg4wb7p371wgi04nl05j7idkb2kna9a0l08k6lks9wdhh"))) (modules '((guix build utils))) (snippet '(begin diff --git a/gnu/packages/patches/icecat-CVE-2016-9064.patch b/gnu/packages/patches/icecat-CVE-2016-9064.patch new file mode 100644 index 0000000000..a5393815e0 --- /dev/null +++ b/gnu/packages/patches/icecat-CVE-2016-9064.patch @@ -0,0 +1,996 @@ +Copied from + +but with one hunk omitted: the git binary patch for +toolkit/mozapps/extensions/test/addons/test_update_multi2/addon.xpi +which is not present in the IceCat sources. + +# HG changeset patch +# User Andrew Swan +# Date 1474063218 25200 +# Node ID 00c2b7baaa0b4bfb7d5f1aac31c094ea6b255e1f +# Parent 46b07bdbf8b20cf3fdc28104add57ff58a55832b +Bug 1303418 - Don't allow upgrades that change the addon ID. r=mossop, a=lizzard + +MozReview-Commit-ID: JHINo8ShmeI + +diff --git a/toolkit/mozapps/extensions/AddonManager.jsm b/toolkit/mozapps/extensions/AddonManager.jsm +--- a/toolkit/mozapps/extensions/AddonManager.jsm ++++ b/toolkit/mozapps/extensions/AddonManager.jsm +@@ -2956,16 +2956,18 @@ this.AddonManager = { + // The downloaded file seems to be corrupted in some way. + ERROR_CORRUPT_FILE: -3, + // An error occured trying to write to the filesystem. + ERROR_FILE_ACCESS: -4, + // The add-on must be signed and isn't. + ERROR_SIGNEDSTATE_REQUIRED: -5, + // The downloaded add-on had a different type than expected. + ERROR_UNEXPECTED_ADDON_TYPE: -6, ++ // The addon did not have the expected ID ++ ERROR_INCORRECT_ID: -7, + + // These must be kept in sync with AddonUpdateChecker. + // No error was encountered. + UPDATE_STATUS_NO_ERROR: 0, + // The update check timed out + UPDATE_STATUS_TIMEOUT: -1, + // There was an error while downloading the update information. + UPDATE_STATUS_DOWNLOAD_ERROR: -2, +diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm +--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm ++++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm +@@ -5473,16 +5473,37 @@ AddonInstall.prototype = { + // loadManifestFromZipReader performs the certificate verification for us + this.addon = yield loadManifestFromZipReader(zipreader, this.installLocation); + } + catch (e) { + zipreader.close(); + return Promise.reject([AddonManager.ERROR_CORRUPT_FILE, e]); + } + ++ if (this.existingAddon) { ++ // Check various conditions related to upgrades ++ if (this.addon.id != this.existingAddon.id) { ++ zipreader.close(); ++ return Promise.reject([AddonManager.ERROR_INCORRECT_ID, ++ `Refusing to upgrade addon ${this.existingAddon.id} to different ID ${this.addon.id}`]); ++ } ++ ++ if (this.addon.type == "multipackage") { ++ zipreader.close(); ++ return Promise.reject([AddonManager.ERROR_UNEXPECTED_ADDON_TYPE, ++ `Refusing to upgrade addon ${this.existingAddon.id} to a multi-package xpi`]); ++ } ++ ++ if (this.existingAddon.type == "webextension" && this.addon.type != "webextension") { ++ zipreader.close(); ++ return Promise.reject([AddonManager.ERROR_UNEXPECTED_ADDON_TYPE, ++ "Webextensions may not be updated to other extension types"]); ++ } ++ } ++ + if (mustSign(this.addon.type)) { + if (this.addon.signedState <= AddonManager.SIGNEDSTATE_MISSING) { + // This add-on isn't properly signed by a signature that chains to the + // trusted root. + let state = this.addon.signedState; + this.addon = null; + zipreader.close(); + +@@ -5510,23 +5531,16 @@ AddonInstall.prototype = { + } else { + zipreader.close(); + return Promise.reject([AddonManager.ERROR_CORRUPT_FILE, + "XPI is incorrectly signed"]); + } + } + } + +- if (this.existingAddon && this.existingAddon.type == "webextension" && +- this.addon.type != "webextension") { +- zipreader.close(); +- return Promise.reject([AddonManager.ERROR_UNEXPECTED_ADDON_TYPE, +- "WebExtensions may not be upated to other extension types"]); +- } +- + if (this.addon.type == "multipackage") + return this._loadMultipackageManifests(zipreader); + + zipreader.close(); + + this.updateAddonURIs(); + + this.addon._install = this; +@@ -5791,16 +5805,17 @@ AddonInstall.prototype = { + else { + // TODO Should we send some event here (bug 557716)? + this.state = AddonManager.STATE_CHECKING; + new UpdateChecker(this.addon, { + onUpdateFinished: aAddon => this.downloadCompleted(), + }, AddonManager.UPDATE_WHEN_ADDON_INSTALLED); + } + }, ([error, message]) => { ++ this.removeTemporaryFile(); + this.downloadFailed(error, message); + }); + } + else { + if (aRequest instanceof Ci.nsIHttpChannel) + this.downloadFailed(AddonManager.ERROR_NETWORK_FAILURE, + aRequest.responseStatus + " " + + aRequest.responseStatusText); +diff --git a/toolkit/mozapps/extensions/test/addons/test_update_multi1/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_update_multi1/bootstrap.js +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_update_multi1/bootstrap.js +@@ -0,0 +1,5 @@ ++ ++function install(data, reason) {} ++function startup(data, reason) {} ++function shutdown(data, reason) {} ++function uninstall(data, reason) {} +diff --git a/toolkit/mozapps/extensions/test/addons/test_update_multi1/install.rdf b/toolkit/mozapps/extensions/test/addons/test_update_multi1/install.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_update_multi1/install.rdf +@@ -0,0 +1,16 @@ ++ ++ ++ ++ updatemulti@tests.mozilla.org ++ 1.0 ++ http://localhost:4444/data/test_update_multi.rdf ++ true ++ Test Addon 1 ++ ++ xpcshell@tests.mozilla.org ++ 1 ++ 1 ++ ++ ++ +diff --git a/toolkit/mozapps/extensions/test/addons/test_update_multi2/install.rdf b/toolkit/mozapps/extensions/test/addons/test_update_multi2/install.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_update_multi2/install.rdf +@@ -0,0 +1,9 @@ ++ ++ ++ ++ updatemulti@tests.mozilla.org ++ 32 ++ 2.0 ++ ++ +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid1/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid1/bootstrap.js +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_updateid1/bootstrap.js +@@ -0,0 +1,5 @@ ++ ++function install(data, reason) {} ++function startup(data, reason) {} ++function shutdown(data, reason) {} ++function uninstall(data, reason) {} +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid1/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid1/install.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_updateid1/install.rdf +@@ -0,0 +1,16 @@ ++ ++ ++ ++ addon1@tests.mozilla.org ++ 1.0 ++ http://localhost:4444/data/test_updateid.rdf ++ true ++ Test Addon 1 ++ ++ xpcshell@tests.mozilla.org ++ 1 ++ 1 ++ ++ ++ +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid2/bootstrap.js +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_updateid2/bootstrap.js +@@ -0,0 +1,5 @@ ++ ++function install(data, reason) {} ++function startup(data, reason) {} ++function shutdown(data, reason) {} ++function uninstall(data, reason) {} +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid2/install.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_updateid2/install.rdf +@@ -0,0 +1,16 @@ ++ ++ ++ ++ addon1.changed@tests.mozilla.org ++ 2.0 ++ http://localhost:4444/data/test_updateid.rdf ++ true ++ Test Addon 1 ++ ++ xpcshell@tests.mozilla.org ++ 1 ++ 1 ++ ++ ++ +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2_2/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid2_2/install.rdf +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid2_2/install.rdf ++++ /dev/null +@@ -1,24 +0,0 @@ +- +- +- +- +- +- addon2@tests.mozilla.org +- 2.0 +- http://localhost:4444/data/test_updateid.rdf +- +- +- Test 2 +- Test Description +- +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- +- +- +- +- +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2_5/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid2_5/install.rdf +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid2_5/install.rdf ++++ /dev/null +@@ -1,24 +0,0 @@ +- +- +- +- +- +- addon2@tests.mozilla.org +- 5.0 +- http://localhost:4444/data/test_updateid.rdf +- +- +- Test 2 +- Test Description +- +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- +- +- +- +- +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid3_3/bootstrap.js +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/bootstrap.js ++++ /dev/null +@@ -1,21 +0,0 @@ +-Components.utils.import("resource://gre/modules/Services.jsm"); +- +-function install(data, reason) { +- Services.prefs.setIntPref("bootstraptest.installed_version", 3); +- Services.prefs.setIntPref("bootstraptest.install_reason", reason); +-} +- +-function startup(data, reason) { +- Services.prefs.setIntPref("bootstraptest.active_version", 3); +- Services.prefs.setIntPref("bootstraptest.startup_reason", reason); +-} +- +-function shutdown(data, reason) { +- Services.prefs.setIntPref("bootstraptest.active_version", 0); +- Services.prefs.setIntPref("bootstraptest.shutdown_reason", reason); +-} +- +-function uninstall(data, reason) { +- Services.prefs.setIntPref("bootstraptest.installed_version", 0); +- Services.prefs.setIntPref("bootstraptest.uninstall_reason", reason); +-} +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid3_3/install.rdf +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/install.rdf ++++ /dev/null +@@ -1,25 +0,0 @@ +- +- +- +- +- +- addon3@tests.mozilla.org +- 3.0 +- http://localhost:4444/data/test_updateid.rdf +- true +- +- +- Test 3 +- Test Description +- +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- +- +- +- +- +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid4_4/bootstrap.js +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/bootstrap.js ++++ /dev/null +@@ -1,21 +0,0 @@ +-Components.utils.import("resource://gre/modules/Services.jsm"); +- +-function install(data, reason) { +- Services.prefs.setIntPref("bootstraptest.installed_version", 4); +- Services.prefs.setIntPref("bootstraptest.install_reason", reason); +-} +- +-function startup(data, reason) { +- Services.prefs.setIntPref("bootstraptest.active_version", 4); +- Services.prefs.setIntPref("bootstraptest.startup_reason", reason); +-} +- +-function shutdown(data, reason) { +- Services.prefs.setIntPref("bootstraptest.active_version", 0); +- Services.prefs.setIntPref("bootstraptest.shutdown_reason", reason); +-} +- +-function uninstall(data, reason) { +- Services.prefs.setIntPref("bootstraptest.installed_version", 0); +- Services.prefs.setIntPref("bootstraptest.uninstall_reason", reason); +-} +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid4_4/install.rdf +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/install.rdf ++++ /dev/null +@@ -1,25 +0,0 @@ +- +- +- +- +- +- addon4@tests.mozilla.org +- 4.0 +- http://localhost:4444/data/test_updateid.rdf +- true +- +- +- Test 4 +- Test Description +- +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- +- +- +- +- +diff --git a/toolkit/mozapps/extensions/test/xpcshell/data/test_update_multi.rdf b/toolkit/mozapps/extensions/test/xpcshell/data/test_update_multi.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/xpcshell/data/test_update_multi.rdf +@@ -0,0 +1,26 @@ ++ ++ ++ ++ ++ ++ ++ ++
  • ++ ++ 2.0 ++ ++ ++ xpcshell@tests.mozilla.org ++ 1 ++ 1 ++ http://localhost:4444/addons/test_update_multi2.xpi ++ ++ ++ ++
    • ++     ++     ++     ++ ++     +diff --git a/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf b/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf +--- a/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf ++++ b/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf +@@ -9,77 +9,17 @@ +
  • + + 2.0 + + + xpcshell@tests.mozilla.org + 1 + 1 +- http://localhost:4444/addons/test_updateid2_2.xpi +- +- +- +-
    • +- +- +- +- +- +- +- +-
  • +- +- 3.0 +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- http://localhost:4444/addons/test_updateid3_3.xpi +- +- +- +-
    • +-     +-     +-     +- +- +- +- +-
  • +- +- 4.0 +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- http://localhost:4444/addons/test_updateid4_4.xpi +- +- +- +-
    • +-     +-     +-     +- +- +- +- +-
  • +- +- 5.0 +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- http://localhost:4444/addons/test_updateid2_5.xpi ++ http://localhost:4444/addons/test_updateid2.xpi + + + +
    • +     +     +     + +diff --git a/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js b/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js +--- a/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js ++++ b/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js +@@ -2,421 +2,85 @@ + * http://creativecommons.org/publicdomain/zero/1.0/ + */ + + // This verifies that updating an add-on to a new ID works + + // The test extension uses an insecure update url. + Services.prefs.setBoolPref("extensions.checkUpdateSecurity", false); + +-Components.utils.import("resource://testing-common/httpd.js"); +-var testserver; + const profileDir = gProfD.clone(); + profileDir.append("extensions"); + +-function resetPrefs() { +- Services.prefs.setIntPref("bootstraptest.active_version", -1); +- Services.prefs.setIntPref("bootstraptest.installed_version", -1); +- Services.prefs.setIntPref("bootstraptest.startup_reason", -1); +- Services.prefs.setIntPref("bootstraptest.shutdown_reason", -1); +- Services.prefs.setIntPref("bootstraptest.install_reason", -1); +- Services.prefs.setIntPref("bootstraptest.uninstall_reason", -1); +-} +- +-function getActiveVersion() { +- return Services.prefs.getIntPref("bootstraptest.active_version"); +-} +- +-function getInstalledVersion() { +- return Services.prefs.getIntPref("bootstraptest.installed_version"); +-} +- +-function run_test() { +- createAppInfo("xpcshell@tests.mozilla.org", "XPCShell", "1", "1.9.2"); +- +- // Create and configure the HTTP server. +- testserver = new HttpServer(); +- testserver.registerDirectory("/data/", do_get_file("data")); +- testserver.registerDirectory("/addons/", do_get_file("addons")); +- testserver.start(4444); +- +- do_test_pending(); +- run_test_1(); +-} +- +-function end_test() { +- testserver.stop(do_test_finished); +-} +- +-function installUpdate(aInstall, aCallback) { +- aInstall.addListener({ +- onInstallEnded: function(aInstall) { +- // give the startup time to run +- do_execute_soon(function() { +- aCallback(aInstall); +- }); +- } +- }); +- +- aInstall.install(); +-} +- +-// Verify that an update to an add-on with a new ID uninstalls the old add-on +-function run_test_1() { +- writeInstallRDFForExtension({ +- id: "addon1@tests.mozilla.org", +- version: "1.0", +- updateURL: "http://localhost:4444/data/test_updateid.rdf", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 1", +- }, profileDir); +- +- startupManager(); +- +- AddonManager.getAddonByID("addon1@tests.mozilla.org", function(a1) { +- do_check_neq(a1, null); +- do_check_eq(a1.version, "1.0"); ++function promiseInstallUpdate(install) { ++ return new Promise((resolve, reject) => { ++ install.addListener({ ++ onDownloadFailed: () => { ++ let err = new Error("download error"); ++ err.code = install.error; ++ reject(err); ++ }, ++ onInstallFailed: () => { ++ let err = new Error("install error"); ++ err.code = install.error; ++ reject(err); ++ }, ++ onInstallEnded: resolve, ++ }); + +- a1.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- do_check_eq(install.name, addon.name); +- do_check_eq(install.version, "2.0"); +- do_check_eq(install.state, AddonManager.STATE_AVAILABLE); +- do_check_eq(install.existingAddon, a1); +- +- installUpdate(install, check_test_1); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} +- +-function check_test_1(install) { +- AddonManager.getAddonByID("addon1@tests.mozilla.org", callback_soon(function(a1) { +- // Existing add-on should have a pending upgrade +- do_check_neq(a1.pendingUpgrade, null); +- do_check_eq(a1.pendingUpgrade.id, "addon2@tests.mozilla.org"); +- do_check_eq(a1.pendingUpgrade.install.existingAddon, a1); +- do_check_neq(a1.syncGUID); +- +- let a1SyncGUID = a1.syncGUID; +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], function([a1, a2]) { +- // Should have uninstalled the old and installed the new +- do_check_eq(a1, null); +- do_check_neq(a2, null); +- do_check_neq(a2.syncGUID, null); +- +- // The Sync GUID should change when the ID changes +- do_check_neq(a1SyncGUID, a2.syncGUID); +- +- a2.uninstall(); +- +- do_execute_soon(run_test_2); +- }); +- })); +-} +- +-// Test that when the new add-on already exists we just upgrade that +-function run_test_2() { +- restartManager(); +- shutdownManager(); +- +- writeInstallRDFForExtension({ +- id: "addon1@tests.mozilla.org", +- version: "1.0", +- updateURL: "http://localhost:4444/data/test_updateid.rdf", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 1", +- }, profileDir); +- writeInstallRDFForExtension({ +- id: "addon2@tests.mozilla.org", +- version: "1.0", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 2", +- }, profileDir); +- +- startupManager(); +- +- AddonManager.getAddonByID("addon1@tests.mozilla.org", function(a1) { +- do_check_neq(a1, null); +- do_check_eq(a1.version, "1.0"); +- +- a1.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_2); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); ++ install.install(); + }); + } + +-function check_test_2(install) { +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], +- callback_soon(function([a1, a2]) { +- do_check_eq(a1.pendingUpgrade, null); +- // Existing add-on should have a pending upgrade +- do_check_neq(a2.pendingUpgrade, null); +- do_check_eq(a2.pendingUpgrade.id, "addon2@tests.mozilla.org"); +- do_check_eq(a2.pendingUpgrade.install.existingAddon, a2); +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], function([a1, a2]) { +- // Should have uninstalled the old and installed the new +- do_check_neq(a1, null); +- do_check_neq(a2, null); +- +- a1.uninstall(); +- a2.uninstall(); +- +- do_execute_soon(run_test_3); +- }); +- })); +-} +- +-// Test that we rollback correctly when removing the old add-on fails +-function run_test_3() { +- restartManager(); +- shutdownManager(); +- +- // This test only works on Windows +- if (!("nsIWindowsRegKey" in AM_Ci)) { +- run_test_4(); +- return; +- } +- +- writeInstallRDFForExtension({ +- id: "addon1@tests.mozilla.org", +- version: "1.0", +- updateURL: "http://localhost:4444/data/test_updateid.rdf", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 1", +- }, profileDir); +- +- startupManager(); ++// Create and configure the HTTP server. ++let testserver = createHttpServer(4444); ++testserver.registerDirectory("/data/", do_get_file("data")); ++testserver.registerDirectory("/addons/", do_get_file("addons")); + +- AddonManager.getAddonByID("addon1@tests.mozilla.org", function(a1) { +- do_check_neq(a1, null); +- do_check_eq(a1.version, "1.0"); +- +- a1.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_3); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} +- +-function check_test_3(install) { +- AddonManager.getAddonByID("addon1@tests.mozilla.org", callback_soon(function(a1) { +- // Existing add-on should have a pending upgrade +- do_check_neq(a1.pendingUpgrade, null); +- do_check_eq(a1.pendingUpgrade.id, "addon2@tests.mozilla.org"); +- do_check_eq(a1.pendingUpgrade.install.existingAddon, a1); +- +- // Lock the old add-on open so it can't be uninstalled +- var file = profileDir.clone(); +- file.append("addon1@tests.mozilla.org"); +- if (!file.exists()) +- file.leafName += ".xpi"; +- else +- file.append("install.rdf"); +- +- var fstream = AM_Cc["@mozilla.org/network/file-output-stream;1"]. +- createInstance(AM_Ci.nsIFileOutputStream); +- fstream.init(file, FileUtils.MODE_APPEND | FileUtils.MODE_WRONLY, FileUtils.PERMS_FILE, 0); +- +- restartManager(); +- +- fstream.close(); +- +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], +- callback_soon(function([a1, a2]) { +- // Should not have installed the new add-on but it should still be +- // pending install +- do_check_neq(a1, null); +- do_check_eq(a2, null); +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], function([a1, a2]) { +- // Should have installed the new add-on +- do_check_eq(a1, null); +- do_check_neq(a2, null); +- +- a2.uninstall(); +- +- do_execute_soon(run_test_4); +- }); +- })); +- })); ++function run_test() { ++ createAppInfo("xpcshell@tests.mozilla.org", "XPCShell", "1", "1.9.2"); ++ startupManager(); ++ run_next_test(); + } + +-// Tests that upgrading to a bootstrapped add-on works but requires a restart +-function run_test_4() { +- restartManager(); +- shutdownManager(); +- +- writeInstallRDFForExtension({ +- id: "addon2@tests.mozilla.org", +- version: "2.0", +- updateURL: "http://localhost:4444/data/test_updateid.rdf", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 2", +- }, profileDir); +- +- startupManager(); +- +- resetPrefs(); +- +- AddonManager.getAddonByID("addon2@tests.mozilla.org", function(a2) { +- do_check_neq(a2, null); +- do_check_neq(a2.syncGUID, null); +- do_check_eq(a2.version, "2.0"); +- +- a2.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_4); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} +- +-function check_test_4() { +- AddonManager.getAddonsByIDs(["addon2@tests.mozilla.org", +- "addon3@tests.mozilla.org"], +- callback_soon(function([a2, a3]) { +- // Should still be pending install even though the new add-on is restartless +- do_check_neq(a2, null); +- do_check_eq(a3, null); +- +- do_check_neq(a2.pendingUpgrade, null); +- do_check_eq(a2.pendingUpgrade.id, "addon3@tests.mozilla.org"); +- +- do_check_eq(getInstalledVersion(), -1); +- do_check_eq(getActiveVersion(), -1); +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon2@tests.mozilla.org", +- "addon3@tests.mozilla.org"], function([a2, a3]) { +- // Should have updated +- do_check_eq(a2, null); +- do_check_neq(a3, null); +- +- do_check_eq(getInstalledVersion(), 3); +- do_check_eq(getActiveVersion(), 3); +- +- do_execute_soon(run_test_5); +- }); +- })); +-} +- +-// Tests that upgrading to another bootstrapped add-on works without a restart +-function run_test_5() { +- AddonManager.getAddonByID("addon3@tests.mozilla.org", function(a3) { +- do_check_neq(a3, null); +- do_check_eq(a3.version, "3.0"); ++// Verify that an update to an add-on with a new ID fails ++add_task(function* test_update_new_id() { ++ yield promiseInstallAllFiles([do_get_addon("test_updateid1")]); + +- a3.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_5); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} +- +-function check_test_5() { +- AddonManager.getAddonsByIDs(["addon3@tests.mozilla.org", +- "addon4@tests.mozilla.org"], +- callback_soon(function([a3, a4]) { +- // Should have updated +- do_check_eq(a3, null); +- do_check_neq(a4, null); +- +- do_check_eq(getInstalledVersion(), 4); +- do_check_eq(getActiveVersion(), 4); +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon3@tests.mozilla.org", +- "addon4@tests.mozilla.org"], function([a3, a4]) { +- // Should still be gone +- do_check_eq(a3, null); +- do_check_neq(a4, null); +- +- do_check_eq(getInstalledVersion(), 4); +- do_check_eq(getActiveVersion(), 4); +- +- run_test_6(); +- }); +- })); +-} ++ let addon = yield promiseAddonByID("addon1@tests.mozilla.org"); ++ do_check_neq(addon, null); ++ do_check_eq(addon.version, "1.0"); + +-// Tests that upgrading to a non-bootstrapped add-on works but requires a restart +-function run_test_6() { +- AddonManager.getAddonByID("addon4@tests.mozilla.org", function(a4) { +- do_check_neq(a4, null); +- do_check_eq(a4.version, "4.0"); +- +- a4.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_6); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} ++ let update = yield promiseFindAddonUpdates(addon, AddonManager.UPDATE_WHEN_USER_REQUESTED); ++ let install = update.updateAvailable; ++ do_check_eq(install.name, addon.name); ++ do_check_eq(install.version, "2.0"); ++ do_check_eq(install.state, AddonManager.STATE_AVAILABLE); ++ do_check_eq(install.existingAddon, addon); + +-function check_test_6() { +- AddonManager.getAddonsByIDs(["addon4@tests.mozilla.org", +- "addon2@tests.mozilla.org"], +- callback_soon(function([a4, a2]) { +- // Should still be pending install even though the old add-on is restartless +- do_check_neq(a4, null); +- do_check_eq(a2, null); +- +- do_check_neq(a4.pendingUpgrade, null); +- do_check_eq(a4.pendingUpgrade.id, "addon2@tests.mozilla.org"); +- +- do_check_eq(getInstalledVersion(), 4); +- do_check_eq(getActiveVersion(), 4); ++ yield Assert.rejects(promiseInstallUpdate(install), ++ function(err) { return err.code == AddonManager.ERROR_INCORRECT_ID }, ++ "Upgrade to a different ID fails"); + +- restartManager(); ++ addon.uninstall(); ++}); + +- AddonManager.getAddonsByIDs(["addon4@tests.mozilla.org", +- "addon2@tests.mozilla.org"], function([a4, a2]) { +- // Should have updated +- do_check_eq(a4, null); +- do_check_neq(a2, null); ++// Verify that an update to a multi-package xpi fails ++add_task(function* test_update_new_id() { ++ yield promiseInstallAllFiles([do_get_addon("test_update_multi1")]); + +- do_check_eq(getInstalledVersion(), 0); +- do_check_eq(getActiveVersion(), 0); ++ let addon = yield promiseAddonByID("updatemulti@tests.mozilla.org"); ++ do_check_neq(addon, null); ++ do_check_eq(addon.version, "1.0"); + +- end_test(); +- }); +- })); +-} ++ let update = yield promiseFindAddonUpdates(addon, AddonManager.UPDATE_WHEN_USER_REQUESTED); ++ let install = update.updateAvailable; ++ do_check_eq(install.name, addon.name); ++ do_check_eq(install.version, "2.0"); ++ do_check_eq(install.state, AddonManager.STATE_AVAILABLE); ++ do_check_eq(install.existingAddon, addon); ++ ++ yield Assert.rejects(promiseInstallUpdate(install), ++ function(err) { return err.code == AddonManager.ERROR_UNEXPECTED_ADDON_TYPE }, ++ "Upgrade to a multipackage xpi fails"); ++ ++ addon.uninstall(); ++}); + From 0ffa8b8e7b103ebff3907206a8f71346a50a4ba4 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 16 Nov 2016 05:45:04 -0500 Subject: [PATCH 015/161] gnu: shotwell: Update to 0.25.0.1. * gnu/packages/gnome.scm (shotwell): Update to 0.25.0.1. --- gnu/packages/gnome.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index ae79d625be..8c422c52fa 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -3868,7 +3868,7 @@ metadata in photo and video files of various formats.") (define-public shotwell (package (name "shotwell") - (version "0.25.0") + (version "0.25.0.1") (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/" name "/" @@ -3876,7 +3876,7 @@ metadata in photo and video files of various formats.") name "-" version ".tar.xz")) (sha256 (base32 - "0f3ly7nxy3kqwgs40avsqkxcz98bfmlhlk30n0d7j7ndk67zz57h")))) + "19h0ckrgv0c6sj85m6ankyqkmy453ph9kq6zhf7ys2k5xsrrd776")))) (build-system glib-or-gtk-build-system) (propagated-inputs `(("dconf" ,dconf))) From 1d87fdf531d891a5fe2ea934104dc367ac226b58 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 16 Nov 2016 05:45:52 -0500 Subject: [PATCH 016/161] gnu: ncmpcpp: Update to 0.7.7. * gnu/packages/mpd.scm (ncmpcpp): Update to 0.7.7. --- gnu/packages/mpd.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/mpd.scm b/gnu/packages/mpd.scm index ec0861db11..f59ef3000f 100644 --- a/gnu/packages/mpd.scm +++ b/gnu/packages/mpd.scm @@ -183,7 +183,7 @@ terminal using ncurses.") (define-public ncmpcpp (package (name "ncmpcpp") - (version "0.7.5") + (version "0.7.7") (source (origin (method url-fetch) (uri @@ -191,7 +191,7 @@ terminal using ncurses.") version ".tar.bz2")) (sha256 (base32 - "0zg084m06y7dd8ccy6aq9hx8q7qi2s5kl0br5139hrmk40q68kvy")))) + "1vq19m36608pvw1g8nbcaqqb89wsw05v35pi45xwr20z7g4bxg5p")))) (build-system gnu-build-system) (inputs `(("libmpdclient" ,libmpdclient) ("boost" ,boost) From d3e5dc0a4422aa47af184cebf7172aa9a13ea7e2 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Wed, 16 Nov 2016 18:33:57 +0000 Subject: [PATCH 017/161] gnu: perl-dbd-mysql: Update to 4.039 [Fixes CVE-2016-1249]. * gnu/packages/databases.scm (perl-dbd-mysql): Update to 4.039. [source]: Update CPAN URI. --- gnu/packages/databases.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 0323a51838..ab9c6d6ba6 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -799,15 +799,15 @@ columns, primary keys, unique constraints and relationships.") (define-public perl-dbd-mysql (package (name "perl-dbd-mysql") - (version "4.037") + (version "4.039") (source (origin (method url-fetch) - (uri (string-append "mirror://cpan/authors/id/M/MI/MICHIELB/" + (uri (string-append "mirror://cpan/authors/id/C/CA/CAPTTOFU/" "DBD-mysql-" version ".tar.gz")) (sha256 (base32 - "1z1wxnzhxfr9awjqb1d8pz9hf50shbk9ip2jmsmgdlwfyb78lmyz")))) + "0k4p3bjdbmxm2amb0qiiwmn8v83zrjkz5qp84xdjrg8k5v9aj0hn")))) (build-system perl-build-system) ;; Tests require running MySQL server (arguments `(#:tests? #f)) From 9cdb405b8124541131a341392aeb39b908f2b65d Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Wed, 16 Nov 2016 14:11:27 -0500 Subject: [PATCH 018/161] gnu: icecat: Remove unneeded patch. This is a followup to commit 1a87aa75671ad6567cd57fce0936220862107478. * gnu/packages/gnuzilla.scm (icecat)[sources][patches]: Remove patch for CVE-2016-5296, which is for a bundled copy of pixman that is subsequently deleted by a snippet. --- gnu/packages/gnuzilla.scm | 1 - 1 file changed, 1 deletion(-) diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 267c621c41..2b4db03bfe 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -358,7 +358,6 @@ standards.") ,(mozilla-patch "icecat-CVE-2016-5290-pt10.patch" "7006b275b829" "0sqagm247wx94mf51fyhdkn0vf1a1qy9i829shjnhssd79srxmnn") ,(mozilla-patch "icecat-CVE-2016-5290-pt11.patch" "32ce7be98543" "1y2r9i4p1qpqi75mlwmibr51whz5h1vj28c6mh6ik57dxkqxbclb") ,(mozilla-patch "icecat-CVE-2016-5291.patch" "3ff0c89f3b26" "1prn74aglshaj27jfrpd2s2i4slpljw4rbzjxc1qgwjvkq4m6j6f") - ,(mozilla-patch "icecat-CVE-2016-5296.patch" "5e39c1c2fded" "0rjza37gvpzhbqfmpad33kljnpl1yfd9wm8xf7ll6bay3m8cqj6j") ,(mozilla-patch "icecat-CVE-2016-5297.patch" "46b07bdbf8b2" "1n8y1c5l0ms81dra7jsx8mp633ak5qvx105drvlg9hn3m0fwv1lj") ,(search-patch "icecat-CVE-2016-9064.patch") ; adapted for icecat based on: ; "00c2b7baaa0b" "0y02yb7r62656nq9dji9dnwils2lxqasjz5byv62j1xa87r7f9hp" From d87c201f9677dd6d00ef255146fcc0652b8c41b6 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Wed, 16 Nov 2016 21:51:08 +0200 Subject: [PATCH 019/161] gnu: jasper: Update to 1.900.29. * gnu/packages/image.scm (jasper): Update to 1.900.29. [inputs]: Add libjpeg. --- gnu/packages/image.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index a40b212710..cd123b5298 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -849,15 +849,16 @@ convert, manipulate, filter and display a wide variety of image formats.") (define-public jasper (package (name "jasper") - (version "1.900.19") + (version "1.900.29") (source (origin (method url-fetch) (uri (string-append "https://www.ece.uvic.ca/~frodo/jasper" "/software/jasper-" version ".tar.gz")) (sha256 (base32 - "0dm3k0wdny3s37zxm9s9riv46p69c14bnn532fv6cv5b6l1b0pwb")))) + "1h1575wdzq1p7y2xvy1gbiypai1iils5awhy4gadr78qpb9ykrra")))) (build-system gnu-build-system) + (inputs `(("libjpeg" ,libjpeg))) (synopsis "JPEG-2000 library") (description "The JasPer Project is an initiative to provide a reference implementation of the codec specified in the JPEG-2000 Part-1 standard (i.e., From f43714e62080f8bdf1ddb02672d26527ac3819ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 16 Nov 2016 23:12:14 +0100 Subject: [PATCH 020/161] syscalls: C struct writer correctly handles pointer fields. * guix/build/syscalls.scm (write-type): Add case for '*. --- guix/build/syscalls.scm | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm index 2cee6544c4..bdc9940bb3 100644 --- a/guix/build/syscalls.scm +++ b/guix/build/syscalls.scm @@ -202,7 +202,7 @@ result is the alignment of the \"most strictly aligned component\"." types ...)))) (define-syntax write-type - (syntax-rules (~ array) + (syntax-rules (~ array *) ((_ bv offset (type ~ order) value) (bytevector-uint-set! bv offset value (endianness order) (sizeof* type))) @@ -215,6 +215,9 @@ result is the alignment of the \"most strictly aligned component\"." ((head . tail) (write-type bv o type head) (loop (+ 1 i) tail (+ o (sizeof* type)))))))) + ((_ bv offset '* value) + (bytevector-uint-set! bv offset (pointer-address value) + (native-endianness) (sizeof* '*))) ((_ bv offset type value) (bytevector-uint-set! bv offset value (native-endianness) (sizeof* type))))) From 9d9d0c9c982449b820eae98d0f2cfa115b618208 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 16 Nov 2016 23:13:12 +0100 Subject: [PATCH 021/161] syscalls: Use 'define-c-struct' for 'struct ifconf'. * guix/build/syscalls.scm (ifconf-struct): Remove. (%ifconf-struct): New C struct. (network-interface-names): Use 'make-bytevector' and 'write-ifconf!' instead of 'make-c-struct', and 'read-ifconf' instead of 'parse-c-struct'. --- guix/build/syscalls.scm | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm index bdc9940bb3..1ad6cb4618 100644 --- a/guix/build/syscalls.scm +++ b/guix/build/syscalls.scm @@ -773,10 +773,13 @@ exception if it's already taken." (define IF_NAMESIZE 16) ;maximum interface name size -(define ifconf-struct - ;; 'struct ifconf', from . - (list int ;int ifc_len - '*)) ;struct ifreq *ifc_ifcu +(define-c-struct %ifconf-struct + sizeof-ifconf + list + read-ifconf + write-ifconf! + (length int) ;int ifc_len + (request '*)) ;struct ifreq *ifc_ifcu (define ifreq-struct-size ;; 'struct ifreq' begins with an array of IF_NAMESIZE bytes containing the @@ -868,15 +871,18 @@ to interfaces that are currently up." (sock (or sock (socket SOCK_STREAM AF_INET 0))) (len (* ifreq-struct-size 10)) (reqs (make-bytevector len)) - (conf (make-c-struct ifconf-struct - (list len (bytevector->pointer reqs))))) + (conf (make-bytevector sizeof-ifconf))) + (write-ifconf! conf 0 + len (bytevector->pointer reqs)) + (let-values (((ret err) - (%ioctl (fileno sock) SIOCGIFCONF conf))) + (%ioctl (fileno sock) SIOCGIFCONF + (bytevector->pointer conf)))) (when close? (close-port sock)) (if (zero? ret) (bytevector->string-list reqs ifreq-struct-size - (match (parse-c-struct conf ifconf-struct) + (match (read-ifconf conf) ((len . _) len))) (throw 'system-error "network-interface-list" "network-interface-list: ~A" From 67e5f3b71d87d0a0e444df2e039c458629708cd4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 16 Nov 2016 23:36:29 +0100 Subject: [PATCH 022/161] syscalls: Add bindings for SIOCGIFNETMASK and SIOCSIFNETMASK. * guix/build/syscalls.scm (SIOCGIFNETMASK, SIOCSIFNETMASK): New variables. (set-network-interface-netmask, network-interface-netmask): New procedures. * tests/syscalls.scm ("network-interface-netmask lo") ("set-network-interface-netmask"): New tests. --- guix/build/syscalls.scm | 42 +++++++++++++++++++++++++++++++++++++++++ tests/syscalls.scm | 21 +++++++++++++++++++++ 2 files changed, 63 insertions(+) diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm index 1ad6cb4618..f4d4d155ec 100644 --- a/guix/build/syscalls.scm +++ b/guix/build/syscalls.scm @@ -87,10 +87,12 @@ all-network-interface-names network-interface-names network-interface-flags + network-interface-netmask loopback-network-interface? network-interface-address set-network-interface-flags set-network-interface-address + set-network-interface-netmask set-network-interface-up configure-network-interface @@ -764,6 +766,14 @@ exception if it's already taken." (if (string-contains %host-type "linux") #x8916 ;GNU/Linux -1)) ;FIXME: GNU/Hurd? +(define SIOCGIFNETMASK + (if (string-contains %host-type "linux") + #x891b ;GNU/Linux + -1)) ;FIXME: GNU/Hurd? +(define SIOCSIFNETMASK + (if (string-contains %host-type "linux") + #x891c ;GNU/Linux + -1)) ;FIXME: GNU/Hurd? ;; Flags and constants from . @@ -970,6 +980,22 @@ interface NAME." (list name (strerror err)) (list err)))))) +(define (set-network-interface-netmask socket name sockaddr) + "Set the network mask of interface NAME to SOCKADDR." + (let ((req (make-bytevector ifreq-struct-size))) + (bytevector-copy! (string->utf8 name) 0 req 0 + (min (string-length name) (- IF_NAMESIZE 1))) + ;; Set the 'ifr_addr' field. + (write-socket-address! sockaddr req IF_NAMESIZE) + (let-values (((ret err) + (%ioctl (fileno socket) SIOCSIFNETMASK + (bytevector->pointer req)))) + (unless (zero? ret) + (throw 'system-error "set-network-interface-netmask" + "set-network-interface-netmask on ~A: ~A" + (list name (strerror err)) + (list err)))))) + (define (network-interface-address socket name) "Return the address of network interface NAME. The result is an object of the same type as that returned by 'make-socket-address'." @@ -986,6 +1012,22 @@ the same type as that returned by 'make-socket-address'." (list name (strerror err)) (list err)))))) +(define (network-interface-netmask socket name) + "Return the netmask of network interface NAME. The result is an object of +the same type as that returned by 'make-socket-address'." + (let ((req (make-bytevector ifreq-struct-size))) + (bytevector-copy! (string->utf8 name) 0 req 0 + (min (string-length name) (- IF_NAMESIZE 1))) + (let-values (((ret err) + (%ioctl (fileno socket) SIOCGIFNETMASK + (bytevector->pointer req)))) + (if (zero? ret) + (read-socket-address req IF_NAMESIZE) + (throw 'system-error "network-interface-netmask" + "network-interface-netmask on ~A: ~A" + (list name (strerror err)) + (list err)))))) + (define (configure-network-interface name sockaddr flags) "Configure network interface NAME to use SOCKADDR, an address as returned by 'make-socket-address', and FLAGS, a bitwise-or of IFF_* constants." diff --git a/tests/syscalls.scm b/tests/syscalls.scm index 9eb19f9c80..fd177265f0 100644 --- a/tests/syscalls.scm +++ b/tests/syscalls.scm @@ -326,6 +326,27 @@ ;; We get EPERM with Linux 3.18ish and EACCES with 2.6.32. (memv (system-error-errno args) (list EPERM EACCES)))))) +(test-equal "network-interface-netmask lo" + (make-socket-address AF_INET (inet-pton AF_INET "255.0.0.0") 0) + (let* ((sock (socket AF_INET SOCK_STREAM 0)) + (addr (network-interface-netmask sock "lo"))) + (close-port sock) + addr)) + +(test-skip (if (zero? (getuid)) 1 0)) +(test-assert "set-network-interface-netmask" + (let ((sock (socket AF_INET SOCK_STREAM 0))) + (catch 'system-error + (lambda () + (set-network-interface-netmask sock "nonexistent" + (make-socket-address + AF_INET + (inet-pton AF_INET "255.0.0.0") + 0))) + (lambda args + (close-port sock) + (memv (system-error-errno args) (list EPERM EACCES)))))) + (test-equal "network-interfaces returns one or more interfaces" '(#t #t #t) (match (network-interfaces) From 7cea56e2ac3b0a5030cbd10783865b6985c01b22 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 15 Nov 2016 14:16:37 -0500 Subject: [PATCH 023/161] gnu: libtiff: Fix CVE-2016-9297. * gnu/packages/patches/libtiff-CVE-2016-9297.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (libtiff/fixed)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/image.scm | 3 +- .../patches/libtiff-CVE-2016-9297.patch | 52 +++++++++++++++++++ 3 files changed, 55 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/libtiff-CVE-2016-9297.patch diff --git a/gnu/local.mk b/gnu/local.mk index 3989cb831b..2087b8c701 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -668,6 +668,7 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-5323.patch \ %D%/packages/patches/libtiff-CVE-2016-5652.patch \ %D%/packages/patches/libtiff-CVE-2016-9273.patch \ + %D%/packages/patches/libtiff-CVE-2016-9297.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index cd123b5298..1f3a775c16 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -300,7 +300,8 @@ collection of tools for doing simple manipulations of TIFF images.") "libtiff-CVE-2016-5321.patch" "libtiff-CVE-2016-5323.patch" "libtiff-CVE-2016-5652.patch" - "libtiff-CVE-2016-9273.patch")))))) + "libtiff-CVE-2016-9273.patch" + "libtiff-CVE-2016-9297.patch")))))) (define-public libwmf (package diff --git a/gnu/packages/patches/libtiff-CVE-2016-9297.patch b/gnu/packages/patches/libtiff-CVE-2016-9297.patch new file mode 100644 index 0000000000..c9207bbd25 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-9297.patch @@ -0,0 +1,52 @@ +Fix CVE-2016-9297: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297 +http://bugzilla.maptools.org/show_bug.cgi?id=2590 + +Patch copied from upstream source repository. + +2016-11-11 Even Rouault + + * libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make sure that + values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII + access are null terminated, to avoid potential read outside buffer + in _TIFFPrintField(). + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2590 + + +/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog +new revision: 1.1154; previous revision: 1.1153 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- +libtiff/tif_dirread.c +new revision: 1.203; previous revision: 1.202Index: libtiff/libtiff/tif_dirread.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v +retrieving revision 1.202 +retrieving revision 1.203 +diff -u -r1.202 -r1.203 +--- libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:01:55 -0000 1.202 ++++ libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:22:01 -0000 1.203 +@@ -5000,6 +5000,11 @@ + if (err==TIFFReadDirEntryErrOk) + { + int m; ++ if( data[dp->tdir_count-1] != '\0' ) ++ { ++ TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); ++ data[dp->tdir_count-1] = '\0'; ++ } + m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data); + if (data!=0) + _TIFFfree(data); +@@ -5172,6 +5177,11 @@ + if (err==TIFFReadDirEntryErrOk) + { + int m; ++ if( data[dp->tdir_count-1] != '\0' ) ++ { ++ TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); ++ data[dp->tdir_count-1] = '\0'; ++ } + m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data); + if (data!=0) + _TIFFfree(data); From 1339a8ed1cfe2e6087b26e44a8a593d7f1a3f892 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 15 Nov 2016 15:26:53 -0500 Subject: [PATCH 024/161] gnu: libtiff: Fix some buffer overflows. * gnu/packages/patches/libtiff-uint32-overflow.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (libtiff/fixed)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/image.scm | 1 + .../patches/libtiff-uint32-overflow.patch | 102 ++++++++++++++++++ 3 files changed, 104 insertions(+) create mode 100644 gnu/packages/patches/libtiff-uint32-overflow.patch diff --git a/gnu/local.mk b/gnu/local.mk index 2087b8c701..a5b75c1891 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -671,6 +671,7 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-9297.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ + %D%/packages/patches/libtiff-uint32-overflow.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ %D%/packages/patches/libunwind-CVE-2015-3239.patch \ %D%/packages/patches/libupnp-CVE-2016-6255.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 1f3a775c16..8f08fad153 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -291,6 +291,7 @@ collection of tools for doing simple manipulations of TIFF images.") (patches (search-patches "libtiff-oob-accesses-in-decode.patch" "libtiff-oob-write-in-nextdecode.patch" + "libtiff-uint32-overflow.patch" "libtiff-CVE-2015-8665+CVE-2015-8683.patch" "libtiff-CVE-2016-3623.patch" "libtiff-CVE-2016-3945.patch" diff --git a/gnu/packages/patches/libtiff-uint32-overflow.patch b/gnu/packages/patches/libtiff-uint32-overflow.patch new file mode 100644 index 0000000000..b9b1bc27a4 --- /dev/null +++ b/gnu/packages/patches/libtiff-uint32-overflow.patch @@ -0,0 +1,102 @@ +Fix some buffer overflows: + +http://seclists.org/oss-sec/2016/q4/ +http://bugzilla.maptools.org/show_bug.cgi?id=2592 + +2016-11-11 Even Rouault + + * tools/tiffcrop.c: fix multiple uint32 overflows in + writeBufferToSeparateStrips(), writeBufferToContigTiles() and + writeBufferToSeparateTiles() that could cause heap buffer +overflows. + Reported by Henri Salo from Nixu Corporation. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2592 + + +/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog +new revision: 1.1152; previous revision: 1.1151 +/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c +new revision: 1.43; previous revision: 1.42 + +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v +retrieving revision 1.42 +retrieving revision 1.43 +diff -u -r1.42 -r1.43 +--- libtiff/tools/tiffcrop.c 14 Oct 2016 19:13:20 -0000 1.42 ++++ libtiff/tools/tiffcrop.c 11 Nov 2016 19:33:06 -0000 1.43 +@@ -148,6 +148,8 @@ + #define PATH_MAX 1024 + #endif + ++#define TIFF_UINT32_MAX 0xFFFFFFFFU ++ + #ifndef streq + #define streq(a,b) (strcmp((a),(b)) == 0) + #endif +@@ -1164,7 +1166,24 @@ + (void) TIFFGetFieldDefaulted(out, TIFFTAG_ROWSPERSTRIP, &rowsperstrip); + (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); + bytes_per_sample = (bps + 7) / 8; +- rowsize = ((bps * spp * width) + 7) / 8; /* source has interleaved samples */ ++ if( width == 0 || ++ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / width || ++ bps * spp * width > TIFF_UINT32_MAX - 7U ) ++ { ++ TIFFError(TIFFFileName(out), ++ "Error, uint32 overflow when computing (bps * spp * width) + 7"); ++ return 1; ++ } ++ rowsize = ((bps * spp * width) + 7U) / 8; /* source has interleaved samples */ ++ if( bytes_per_sample == 0 || ++ rowsperstrip > TIFF_UINT32_MAX / bytes_per_sample || ++ rowsperstrip * bytes_per_sample > TIFF_UINT32_MAX / (width + 1) ) ++ { ++ TIFFError(TIFFFileName(out), ++ "Error, uint32 overflow when computing rowsperstrip * " ++ "bytes_per_sample * (width + 1)"); ++ return 1; ++ } + rowstripsize = rowsperstrip * bytes_per_sample * (width + 1); + + obuf = _TIFFmalloc (rowstripsize); +@@ -1251,11 +1270,19 @@ + } + } + ++ if( imagewidth == 0 || ++ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / imagewidth || ++ bps * spp * imagewidth > TIFF_UINT32_MAX - 7U ) ++ { ++ TIFFError(TIFFFileName(out), ++ "Error, uint32 overflow when computing (imagewidth * bps * spp) + 7"); ++ return 1; ++ } ++ src_rowsize = ((imagewidth * spp * bps) + 7U) / 8; ++ + tilebuf = _TIFFmalloc(tile_buffsize); + if (tilebuf == 0) + return 1; +- +- src_rowsize = ((imagewidth * spp * bps) + 7) / 8; + for (row = 0; row < imagelength; row += tl) + { + nrow = (row + tl > imagelength) ? imagelength - row : tl; +@@ -1315,7 +1342,16 @@ + TIFFGetField(out, TIFFTAG_TILELENGTH, &tl); + TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw); + TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); +- src_rowsize = ((imagewidth * spp * bps) + 7) / 8; ++ ++ if( imagewidth == 0 || ++ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / imagewidth || ++ bps * spp * imagewidth > TIFF_UINT32_MAX - 7 ) ++ { ++ TIFFError(TIFFFileName(out), ++ "Error, uint32 overflow when computing (imagewidth * bps * spp) + 7"); ++ return 1; ++ } ++ src_rowsize = ((imagewidth * spp * bps) + 7U) / 8; + + for (row = 0; row < imagelength; row += tl) + { From fe047e1380e4b609a684a7cdbab3c625ca1a43d8 Mon Sep 17 00:00:00 2001 From: Eric Bavier Date: Fri, 25 Dec 2015 20:29:09 -0600 Subject: [PATCH 025/161] gnu: Add Handbrake. * gnu/packages/video.scm (handbrake): New variable. * gnu/packages/patches/handbrake-pkg-config-path.patch: New patch. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + .../patches/handbrake-pkg-config-path.patch | 24 ++++ gnu/packages/video.scm | 109 ++++++++++++++++++ 3 files changed, 134 insertions(+) create mode 100644 gnu/packages/patches/handbrake-pkg-config-path.patch diff --git a/gnu/local.mk b/gnu/local.mk index a5b75c1891..ff8586eba3 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -594,6 +594,7 @@ dist_patch_DATA = \ %D%/packages/patches/gtk3-respect-GUIX_GTK3_PATH.patch \ %D%/packages/patches/gtk3-respect-GUIX_GTK3_IM_MODULE_FILE.patch \ %D%/packages/patches/gtkglext-disable-disable-deprecated.patch \ + %D%/packages/patches/handbrake-pkg-config-path.patch \ %D%/packages/patches/hdf4-architectures.patch \ %D%/packages/patches/hdf4-reproducibility.patch \ %D%/packages/patches/hdf4-shared-fortran.patch \ diff --git a/gnu/packages/patches/handbrake-pkg-config-path.patch b/gnu/packages/patches/handbrake-pkg-config-path.patch new file mode 100644 index 0000000000..18f3953eaa --- /dev/null +++ b/gnu/packages/patches/handbrake-pkg-config-path.patch @@ -0,0 +1,24 @@ +Do not clobber PKG_CONFIG_PATH during configure. + +--- HandBrake-0.10.5/gtk/module.rules.orig 2016-02-11 14:14:05.000000000 -0600 ++++ HandBrake-0.10.5/gtk/module.rules 2016-10-29 22:27:50.550960848 -0500 +@@ -15,7 +15,7 @@ + set -e; cd $(GTK.src/); NOCONFIGURE=1 ./autogen.sh + set -e; cd $(GTK.build/); $(call fn.ABSOLUTE,$(GTK.src/))configure \ + $(GTK.CONFIGURE.extra) \ +- PKG_CONFIG_PATH=$(BUILD/)contrib/lib/pkgconfig \ ++ PKG_CONFIG_PATH=$(BUILD/)contrib/lib/pkgconfig$(if $(PKG_CONFIG_PATH),:)$(PKG_CONFIG_PATH) \ + CFLAGS="$(call fn.ARGS,GTK.GCC,.g .O *D ?extra)" \ + LDFLAGS="$(call fn.ARGS,GTK.GCC,?strip .g .O ?extra.exe)" \ + --prefix=$(PREFIX) \ +--- Handbrake-0.10.5-0.77d09e9-checkout/make/include/contrib.defs 1969-12-31 18:00:00.000000000 -0600 ++++ Handbrake-0.10.5-0.77d09e9-checkout/make/include/contrib.defs 2016-11-01 13:11:43.826144311 -0500 +@@ -119,7 +119,7 @@ + endif + $(1).CONFIGURE.env.CPPFLAGS = CPPFLAGS="-I$$(call fn.ABSOLUTE,$(CONTRIB.build/))include $$(call fn.ARGS,$(1).GCC,*archs *sysroot *minver ?extra *D)" + $(1).CONFIGURE.env.LDFLAGS = LDFLAGS="-L$$(call fn.ABSOLUTE,$(CONTRIB.build/))lib $$(call fn.ARGS,$(1).GCC,*archs *sysroot *minver ?extra.exe *D)" +- $(1).CONFIGURE.env.PKG_CONFIG_PATH = PKG_CONFIG_PATH="$$(call fn.ABSOLUTE,$$(CONTRIB.build/))lib/pkgconfig" ++ $(1).CONFIGURE.env.PKG_CONFIG_PATH = PKG_CONFIG_PATH="$$(call fn.ABSOLUTE,$$(CONTRIB.build/))lib/pkgconfig$(if $(PKG_CONFIG_PATH),:)$(PKG_CONFIG_PATH)" + + $(1).CONFIGURE.env.args = !CC !CFLAGS !CXX !CXXFLAGS !CPPFLAGS !LD !LDFLAGS !PKG_CONFIG_PATH !LOCAL_PATH !CROSS + $(1).CONFIGURE.env = $$(call fn.ARGS,$(1).CONFIGURE.env,$$($(1).CONFIGURE.env.args)) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 4329d20c2e..82ef017618 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -12,6 +12,7 @@ ;;; Copyright © 2016 Dmitry Nikolaev ;;; Copyright © 2016 Andy Patterson ;;; Copyright © 2016 ng0 +;;; Copyright © 2016 Eric Bavier ;;; ;;; This file is part of GNU Guix. ;;; @@ -51,6 +52,7 @@ #:use-module (gnu packages base) #:use-module (gnu packages bison) #:use-module (gnu packages cdrom) + #:use-module (gnu packages cmake) #:use-module (gnu packages compression) #:use-module (gnu packages curl) #:use-module (gnu packages databases) @@ -64,11 +66,14 @@ #:use-module (gnu packages gl) #:use-module (gnu packages glib) #:use-module (gnu packages guile) + #:use-module (gnu packages gnome) #:use-module (gnu packages gnupg) + #:use-module (gnu packages gstreamer) #:use-module (gnu packages gtk) #:use-module (gnu packages image) #:use-module (gnu packages linux) #:use-module (gnu packages lua) + #:use-module (gnu packages m4) #:use-module (gnu packages mp3) #:use-module (gnu packages ncurses) #:use-module (gnu packages ocr) @@ -85,6 +90,7 @@ #:use-module (gnu packages tls) #:use-module (gnu packages version-control) #:use-module (gnu packages web) + #:use-module (gnu packages webkit) #:use-module (gnu packages xdisorg) #:use-module (gnu packages xiph) #:use-module (gnu packages xml) @@ -1715,3 +1721,106 @@ It can use either mpv or mplayer for playback, and for conversion of formats ffmpeg or libav is used. Users should install one of the supported players in addition to this package.") (license license:gpl3+))) + +(define-public handbrake + (package + (name "handbrake") + (version "0.10.5") + (source (origin + (method url-fetch) + (uri (string-append "https://handbrake.fr/rotation.php?file=" + "HandBrake-" version ".tar.bz2")) + (file-name (string-append "handbrake-" version ".tar.bz2")) + (sha256 + (base32 + "1w720y3bplkz187wgvy4a4xm0vpppg45mlni55l6yi8v2bfk14pv")) + (patches (search-patches "handbrake-pkg-config-path.patch")) + (modules '((guix build utils))) + (snippet + ;; Remove bundled libraries and source not necessary for + ;; running under a GNU environment. + '(begin + (for-each delete-file-recursively '("contrib" "macosx" "win")) + #t)))) + (build-system glib-or-gtk-build-system) + (native-inputs + `(("automake" ,automake) ;gui subpackage must be bootstrapped + ("autoconf" ,autoconf) + ("curl" ,curl) ;not actually used, but tested for + ("intltool" ,intltool) + ("libtool" ,libtool) + ("pkg-config" ,pkg-config) + ("python" ,python-2))) ;for configuration + (inputs + `(("bzip2" ,bzip2) + ("dbus-glib" ,dbus-glib) + ("ffmpeg" ,ffmpeg) + ("fontconfig" ,fontconfig) + ("freetype" ,freetype) + ("glib" ,glib) + ("gstreamer" ,gstreamer) + ("gst-plugins-base" ,gst-plugins-base) + ("gtk+" ,gtk+) + ("lame" ,lame) + ("libass" ,libass) + ("libbluray" ,libbluray) + ("libdvdnav" ,libdvdnav) + ("libdvdread" ,libdvdread) + ("libgudev" ,libgudev) + ("libmpeg2" ,libmpeg2) + ("libnotify" ,libnotify) + ("libogg" ,libogg) + ("libsamplerate" ,libsamplerate) + ("libtheora" ,libtheora) + ("libvorbis" ,libvorbis) + ("libvpx" ,libvpx) + ("libxml2" ,libxml2) + ("libx264" ,libx264) + ("x265" ,x265) + ("zlib" ,zlib))) + (arguments + `(#:tests? #f ;tests require Ruby and claim to be unsupported + #:phases + (modify-phases %standard-phases + (add-before 'patch-source-shebangs 'bootstrap-gtk + ;; Run bootstrap ahead of time so that shebangs get patched. + (lambda _ + (setenv "CONFIG_SHELL" (which "sh")) + (setenv "NOCONFIGURE" "1") + ;; Patch the Makefile so that it doesn't bootstrap again. + (substitute* "gtk/module.rules" + ((".*autogen\\.sh.*") "")) + (zero? (system* "sh" "./gtk/autogen.sh")))) + (add-before 'configure 'disable-contrib + (lambda _ + (substitute* "make/include/main.defs" + ;; Disable unconditional inclusion of some "contrib" + ;; libraries (ffmpeg, libvpx, libdvdread, libdvdnav, + ;; and libbluray), which would lead to fetching and + ;; building of these libraries. Use our own instead. + (("MODULES \\+= contrib") "# MODULES += contrib")) + #t)) + (add-before 'configure 'fix-x265-linking + (lambda _ + (substitute* "test/module.defs" + ;; Fix missing library during linking error + (("TEST.GCC.l =") "TEST.GCC.l = x265")) + #t)) + (replace 'configure + (lambda* (#:key outputs configure-flags #:allow-other-keys) + ;; 'configure' is not an autoconf-generated script, and + ;; errors on unrecognized arguments, + ;; e.g. --enable-fast-install + (let ((out (assoc-ref outputs "out"))) + (zero? (apply system* "./configure" + (string-append "--prefix=" out) + (or configure-flags '())))))) + (add-after 'configure 'chdir-build + (lambda _ (chdir "./build") #t))))) + (home-page "https://handbrake.fr") + (synopsis "Video transcoder") + (description + "HandBrake is a tool for converting video from any format to a selection +of modern, widely supported codecs.") + ;; Most under GPL version 2 or later, and portions under BSD 3 Clause + (license (list license:gpl2+ license:bsd-3)))) From 2f63e087fe60790bc198bea7cb2462cba071437f Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Wed, 16 Nov 2016 22:34:11 -0500 Subject: [PATCH 026/161] Revert "gnu: icecat: Enable gtk3 support." This reverts commit eaf72e218e38c0c908ee30c914ab7d9c0c0389b8. IceCat misbehaves with gtk+3, most notably the scroll bar handles are invisible. Here we revert back to gtk+2 until these problems can be addressed. --- gnu/packages/gnuzilla.scm | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 2b4db03bfe..3b00d3c717 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -426,8 +426,7 @@ standards.") ("glib" ,glib) ("gstreamer" ,gstreamer) ("gst-plugins-base" ,gst-plugins-base) - ("gtk+" ,gtk+) - ("gtk+-2" ,gtk+-2) + ("gtk+" ,gtk+-2) ("pango" ,pango) ("freetype" ,freetype) ("hunspell" ,hunspell) @@ -471,7 +470,7 @@ standards.") ;; practice somehow. See . #:validate-runpath? #f - #:configure-flags '("--enable-default-toolkit=cairo-gtk3" + #:configure-flags '("--enable-default-toolkit=cairo-gtk2" "--enable-pango" "--enable-gio" "--enable-svg" From ca569eb89f6e424860a7b1e3e6ccc2a0380741f3 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Thu, 17 Nov 2016 07:25:31 +0200 Subject: [PATCH 027/161] gnu: aria2: Update to 1.29.0. * gnu/packages/bittorrent.scm (aria2): Update to 1.29.0. --- gnu/packages/bittorrent.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/bittorrent.scm b/gnu/packages/bittorrent.scm index 73ae70329b..ad67e02270 100644 --- a/gnu/packages/bittorrent.scm +++ b/gnu/packages/bittorrent.scm @@ -207,7 +207,7 @@ interface, for the Transmission BitTorrent daemon.") (define-public aria2 (package (name "aria2") - (version "1.28.0") + (version "1.29.0") (source (origin (method url-fetch) (uri (string-append "https://github.com/tatsuhiro-t/aria2/" @@ -215,7 +215,7 @@ interface, for the Transmission BitTorrent daemon.") name "-" version ".tar.xz")) (sha256 (base32 - "1w3jblfxqg30n3ndh2wrbhbddcg92lrgcx438qiwzamrayjjb8g0")))) + "0bn8j6yhjnsxlxr1cdxw39gphvsrk3qhvvq92rsirxjvwwix0r0s")))) (build-system gnu-build-system) (arguments `(#:configure-flags (list "--enable-libaria2" From e5294500d6d97b3e6beef0e56595851def59bafa Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Thu, 17 Nov 2016 07:26:07 +0200 Subject: [PATCH 028/161] gnu: obs: Update to 0.16.5. * gnu/packages/video.scm (obs): Update to 0.16.5. --- gnu/packages/video.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 82ef017618..8f4b9d0061 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -1484,7 +1484,7 @@ be used for realtime video capture via Linux-specific APIs.") (define-public obs (package (name "obs") - (version "0.16.2") + (version "0.16.5") (source (origin (method url-fetch) (uri (string-append "https://github.com/jp9000/obs-studio" @@ -1492,7 +1492,7 @@ be used for realtime video capture via Linux-specific APIs.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "0p2grxyaf79hb3nlja23xp7b2vc1w18llvzcyhnjn2lhwfjabcgm")))) + "0y6md0srjakih6zn0ism98123cf1wy9c8hmzl6vpqwjdw15il1rj")))) (build-system cmake-build-system) (arguments `(#:tests? #f ; no tests From 5837e69936fc9f4df4c0745b7c6e31b5642156fe Mon Sep 17 00:00:00 2001 From: Arun Isaac Date: Thu, 17 Nov 2016 13:34:42 +0530 Subject: [PATCH 029/161] gnu: mpop: Update to 1.2.6. * gnu/packages/mail.scm (mpop): Update to 1.2.6. Signed-off-by: Marius Bakke --- gnu/packages/mail.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index 5d304d5c8f..c294e20400 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -1471,7 +1471,7 @@ converts them to maildir format directories.") (define-public mpop (package (name "mpop") - (version "1.2.5") + (version "1.2.6") (source (origin (method url-fetch) @@ -1479,7 +1479,7 @@ converts them to maildir format directories.") version ".tar.xz")) (sha256 (base32 - "0n0ij258kn8lfa6nyr6l6plc4hf1wvyf1hkwicvdbjqdqrgjnq81")))) + "0p1ix63jh64dibrlccch8q7gxl9nn18wd2qpyr5z1h4gs2fpmv4z")))) (build-system gnu-build-system) (inputs `(("gnutls" ,gnutls) From 175c9103800640a2ecdc2c33094a03687270b341 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Thu, 17 Nov 2016 15:55:06 -0500 Subject: [PATCH 030/161] gnu: mpop: Use 'sourceforge' mirror. This is a followup to commit 5837e69936fc9f4df4c0745b7c6e31b5642156fe. * gnu/packages/mail.scm (mpop)[source]: Use 'sourceforge' mirror. --- gnu/packages/mail.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index c294e20400..44e1ee12b8 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -1475,8 +1475,8 @@ converts them to maildir format directories.") (source (origin (method url-fetch) - (uri (string-append "http://downloads.sourceforge.net/mpop/mpop-" - version ".tar.xz")) + (uri (string-append "mirror://sourceforge/mpop/mpop/" version + "/mpop-" version ".tar.xz")) (sha256 (base32 "0p1ix63jh64dibrlccch8q7gxl9nn18wd2qpyr5z1h4gs2fpmv4z")))) From e9ff8d9ff15db2917d7200cda2bb68a52a9b19b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 17 Nov 2016 23:09:22 +0100 Subject: [PATCH 031/161] syscalls: 'configure-network-interface' has a #:netmask parameter. * guix/build/syscalls.scm (configure-network-interface): Add #:netmask keyword parameter and honor it. --- guix/build/syscalls.scm | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm index f4d4d155ec..c3832f6d48 100644 --- a/guix/build/syscalls.scm +++ b/guix/build/syscalls.scm @@ -1028,15 +1028,19 @@ the same type as that returned by 'make-socket-address'." (list name (strerror err)) (list err)))))) -(define (configure-network-interface name sockaddr flags) +(define* (configure-network-interface name sockaddr flags + #:key netmask) "Configure network interface NAME to use SOCKADDR, an address as returned by -'make-socket-address', and FLAGS, a bitwise-or of IFF_* constants." +'make-socket-address', and FLAGS, a bitwise-or of IFF_* constants. If NETMASK +is true, it must be a socket address to use as the network mask." (let ((sock (socket (sockaddr:fam sockaddr) SOCK_STREAM 0))) (dynamic-wind (const #t) (lambda () (set-network-interface-address sock name sockaddr) - (set-network-interface-flags sock name flags)) + (set-network-interface-flags sock name flags) + (when netmask + (set-network-interface-netmask sock name netmask))) (lambda () (close-port sock))))) From 056d0b40341a1b28516a6c2e0fed820360be42b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 17 Nov 2016 23:14:58 +0100 Subject: [PATCH 032/161] tests: basic: Fix harmless thinko. * gnu/tests/base.scm (run-basic-test)["login on tty1"]: Move the file-waiting loop inside the 'marionette-eval' body. Before that, we were waiting for the file to appear on the host, which would never happen, meaning that we were always waiting for 15 seconds. --- gnu/tests/base.scm | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm index 5c2af5b6d4..9a265309c0 100644 --- a/gnu/tests/base.scm +++ b/gnu/tests/base.scm @@ -150,14 +150,20 @@ info --version") (marionette-type "root\n\nid -un > logged-in\n" marionette) ;; It can take a while before the shell commands are executed. - (let loop ((i 0)) - (unless (or (file-exists? "/root/logged-in") (> i 15)) - (sleep 1) - (loop (+ i 1)))) (marionette-eval '(use-modules (rnrs io ports)) marionette) - (marionette-eval '(call-with-input-file "/root/logged-in" - get-string-all) - marionette))) + (marionette-eval + '(let loop ((i 0)) + (catch 'system-error + (lambda () + (call-with-input-file "/root/logged-in" + get-string-all)) + (lambda args + (if (and (< i 15) (= ENOENT (system-error-errno args))) + (begin + (sleep 1) + (loop (+ i 1))) + (apply throw args))))) + marionette))) (test-assert "host name resolution" (match (marionette-eval From 1f9803c2a49e853ca5721f13888a61a816c4dc09 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 17 Nov 2016 23:19:45 +0100 Subject: [PATCH 033/161] services: static-networking: Add netmask. Reported by Mathieu Lirzin and Andreas Enge. * gnu/services/networking.scm ()[netmask]: New field. (static-networking-service-type): Honor it. * gnu/services/networking.scm (static-networking-service): Add #:netmask and honor it. * doc/guix.texi (Networking Services): Adjust accordingly. --- doc/guix.texi | 6 +++--- gnu/services/networking.scm | 22 +++++++++++++++------- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 1a809c340d..0e70830d02 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -8363,10 +8363,10 @@ Protocol (DHCP) client, on all the non-loopback network interfaces. @end deffn @deffn {Scheme Procedure} static-networking-service @var{interface} @var{ip} @ - [#:gateway #f] [#:name-servers @code{'()}] + [#:netmask #f] [#:gateway #f] [#:name-servers @code{'()}] Return a service that starts @var{interface} with address @var{ip}. If -@var{gateway} is true, it must be a string specifying the default network -gateway. +@var{netmask} is true, use it as the network mask. If @var{gateway} is true, +it must be a string specifying the default network gateway. @end deffn @cindex wicd diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 2adde23789..884c542439 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -112,6 +112,8 @@ fe80::1%lo0 apps.facebook.com\n") static-networking? (interface static-networking-interface) (ip static-networking-ip) + (netmask static-networking-netmask + (default #f)) (gateway static-networking-gateway) (provision static-networking-provision) (name-servers static-networking-name-servers) @@ -121,7 +123,7 @@ fe80::1%lo0 apps.facebook.com\n") (shepherd-service-type 'static-networking (match-lambda - (($ interface ip gateway provision + (($ interface ip netmask gateway provision name-servers net-tools) (let ((loopback? (memq 'loopback provision))) @@ -139,12 +141,18 @@ fe80::1%lo0 apps.facebook.com\n") (start #~(lambda _ ;; Return #t if successfully started. (let* ((addr (inet-pton AF_INET #$ip)) - (sockaddr (make-socket-address AF_INET addr 0))) + (sockaddr (make-socket-address AF_INET addr 0)) + (mask (and #$netmask + (inet-pton AF_INET #$netmask))) + (maskaddr (and mask + (make-socket-address AF_INET + mask 0)))) (configure-network-interface #$interface sockaddr (logior IFF_UP #$(if loopback? #~IFF_LOOPBACK - 0)))) + 0)) + #:netmask maskaddr)) #$(if gateway #~(zero? (system* (string-append #$net-tools "/sbin/route") @@ -176,16 +184,16 @@ fe80::1%lo0 apps.facebook.com\n") (define* (static-networking-service interface ip #:key - gateway + netmask gateway (provision '(networking)) (name-servers '()) (net-tools net-tools)) "Return a service that starts @var{interface} with address @var{ip}. If -@var{gateway} is true, it must be a string specifying the default network -gateway." +@var{netmask} is true, use it as the network mask. If @var{gateway} is true, +it must be a string specifying the default network gateway." (service static-networking-service-type (static-networking (interface interface) (ip ip) - (gateway gateway) + (netmask netmask) (gateway gateway) (provision provision) (name-servers name-servers) (net-tools net-tools)))) From 88bdbb2a0fd04e1fe5d390caf40697344d5de5b7 Mon Sep 17 00:00:00 2001 From: Roel Janssen Date: Thu, 17 Nov 2016 23:49:29 +0100 Subject: [PATCH 034/161] guix package: Display newline after generation diffs. * guix/ui.scm (display-profile-content-diff): Display an extra newline. --- guix/ui.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/guix/ui.scm b/guix/ui.scm index b9fbbfd0e3..cafb3c6705 100644 --- a/guix/ui.scm +++ b/guix/ui.scm @@ -1094,7 +1094,8 @@ DURATION-RELATION with the current time." (removed (lset-difference equal-entry? (list-entries old) (list-entries new)))) (for-each (cut display-entry <> "+") added) - (for-each (cut display-entry <> "-") removed))) + (for-each (cut display-entry <> "-") removed) + (newline))) (display-diff profile gen1 gen2)) From 28e36631348c18b9383ccedd027edfdc56d9ff67 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Thu, 17 Nov 2016 22:46:11 +0200 Subject: [PATCH 035/161] gnu: gstreamer: Update to 1.10.1. * gnu/packages/gstreamer.scm (gstreamer): Update to 1.10.1. --- gnu/packages/gstreamer.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 0b73fd14e2..67413007f1 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -97,7 +97,7 @@ arrays of data.") (define-public gstreamer (package (name "gstreamer") - (version "1.10.0") + (version "1.10.1") (source (origin (method url-fetch) @@ -106,7 +106,7 @@ arrays of data.") version ".tar.xz")) (sha256 (base32 - "01vjsgz58n6nrmnahs4ac7v4656yc042ymffqjzqa0a8pvx7hxqy")))) + "1npnpyrw8603ivi5g3ziglvh3hq2shypid2vjcmki6g6w2bgk3gn")))) (build-system gnu-build-system) (outputs '("out" "doc")) (arguments From de0e591a53ed3631206f7409057e93d1d1253288 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Thu, 17 Nov 2016 22:46:56 +0200 Subject: [PATCH 036/161] gnu: gst-plugins-base: Update to 1.10.1. * gnu/packages/gstreamer.scm (gst-plugins-base): Update to 1.10.1. --- gnu/packages/gstreamer.scm | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 67413007f1..64224b8c6f 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -145,7 +145,7 @@ This package provides the core library and elements.") (define-public gst-plugins-base (package (name "gst-plugins-base") - (version "1.10.0") + (version "1.10.1") (source (origin (method url-fetch) @@ -153,7 +153,7 @@ This package provides the core library and elements.") name "-" version ".tar.xz")) (sha256 (base32 - "0jp9rwv0am8qv32q3dzhdcbyygg5wjm4fg20njyhp6n6vybyzkdz")))) + "1jbnr6vbklzli493xdd8y5sflm32r90lifpacxw9vbvs9hlyxkv6")))) (build-system gnu-build-system) (outputs '("out" "doc")) (propagated-inputs @@ -187,7 +187,8 @@ This package provides the core library and elements.") (add-before 'configure 'patch (lambda _ (substitute* "tests/check/libs/pbutils.c" - (("/bin/sh") (which "sh")))))))) + (("/bin/sh") (which "sh"))) + #t))))) (home-page "https://gstreamer.freedesktop.org/") (synopsis "Plugins for the GStreamer multimedia library") From faa3c13920f5b5755ddc6ecfaf108497ea138992 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Thu, 17 Nov 2016 22:47:30 +0200 Subject: [PATCH 037/161] gnu: gst-plugins-good: Update to 1.10.1. * gnu/packages/gstreamer.scm (gst-plugins-good): Update to 1.10.1. --- gnu/packages/gstreamer.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 64224b8c6f..29fa444e15 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -200,7 +200,7 @@ for the GStreamer multimedia library.") (define-public gst-plugins-good (package (name "gst-plugins-good") - (version "1.10.0") + (version "1.10.1") (source (origin (method url-fetch) @@ -209,7 +209,7 @@ for the GStreamer multimedia library.") name "-" version ".tar.xz")) (sha256 (base32 - "1qhx6x3ax1qqbvm20zhqax3dsas4yzlx7vdjnjqllqzmcfbma0vs")))) + "1hkcap9l2603266gyi6jgvx7frbvfmb7xhfhjizbczy1wykjwr57")))) (build-system gnu-build-system) (inputs `(("aalib" ,aalib) From 95e89a4510ffa57690061357fcce631c3a980d5f Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Thu, 17 Nov 2016 22:48:37 +0200 Subject: [PATCH 038/161] gnu: gst-plugins-bad: Update to 1.10.1 (Fixes security issues). * gnu/packages/gstreamer.scm (gst-plugins-bad): Update to 1.10.1. --- gnu/packages/gstreamer.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 29fa444e15..db0161e117 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -265,14 +265,14 @@ developers consider to have good quality code and correct functionality.") (define-public gst-plugins-bad (package (name "gst-plugins-bad") - (version "1.10.0") + (version "1.10.1") (source (origin (method url-fetch) (uri (string-append "https://gstreamer.freedesktop.org/src/" name "/" name "-" version ".tar.xz")) (sha256 (base32 - "0kqwh5r4j05f2w9m353grvypn0106hxcr52409f7rvm3w4b9sprx")))) + "07cjra4fclrk6lpdm5hrsgp79aqpklx3v3l9scain091zvchwghk")))) (outputs '("out" "doc")) (build-system gnu-build-system) (arguments @@ -330,7 +330,7 @@ developers consider to have good quality code and correct functionality.") ;("qtx11extras" ,qtx11extras) ("soundtouch" ,soundtouch) ("x265" ,x265) - ;("wayland" ,wayland) ; needs wayland-protocols + ;("wayland" ,wayland) ; needs gtk+ built with wayland support )) (home-page "https://gstreamer.freedesktop.org/") (synopsis "Plugins for the GStreamer multimedia library") From 2e747a3ff69656cc29faf83b64fd87faf94e8278 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Thu, 17 Nov 2016 22:49:12 +0200 Subject: [PATCH 039/161] gnu: gst-plugins-ugly: Update to 1.10.1. * gnu/packages/gstreamer.scm (gst-plugins-ugly): Update to 1.10.1. --- gnu/packages/gstreamer.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index db0161e117..09fb960edf 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -342,7 +342,7 @@ par compared to the rest.") (define-public gst-plugins-ugly (package (name "gst-plugins-ugly") - (version "1.10.0") + (version "1.10.1") (source (origin (method url-fetch) @@ -350,7 +350,7 @@ par compared to the rest.") name "/" name "-" version ".tar.xz")) (sha256 (base32 - "1q2m3bl8kh9q3grshj55lb2mqby4r20qfsrffc2l7ddb0ccqvplp")))) + "1hl385fys7hfx5ffipavvhciq6hwm731rs4d6r9fn7h9qagxbv55")))) (build-system gnu-build-system) (inputs `(("gst-plugins-base" ,gst-plugins-base) From 950548b0f790e5eeac623681317056478e87819a Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Thu, 17 Nov 2016 22:49:46 +0200 Subject: [PATCH 040/161] gnu: gst-libav: Update to 1.10.1. * gnu/packages/gstreamer.scm (gst-libav): Update to 1.10.1. --- gnu/packages/gstreamer.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 09fb960edf..2fbc51a83e 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -381,7 +381,7 @@ distribution problems in some jurisdictions, e.g. due to patent threats.") (define-public gst-libav (package (name "gst-libav") - (version "1.10.0") + (version "1.10.1") (source (origin (method url-fetch) (uri (string-append @@ -389,7 +389,7 @@ distribution problems in some jurisdictions, e.g. due to patent threats.") name "-" version ".tar.xz")) (sha256 (base32 - "0nyqkggcxfrbflcf4jyj0h9l1rkbi3r5h61w4fcbp2n72522165g")))) + "1ivjbh5g0l5ykfpc16kq5x2jz8d4ignyha14jpiz3pz6w26qpci7")))) (build-system gnu-build-system) (arguments '(#:configure-flags '("--with-system-libav") From 4d17fe2ad339cebfbe999c758d22951d562b1e8e Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Thu, 17 Nov 2016 22:50:25 +0200 Subject: [PATCH 041/161] gnu: python-gst: Update to 1.10.1. * gnu/packages/gstreamer.scm (python-gst, python2-gst): Update to 1.10.1. --- gnu/packages/gstreamer.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 2fbc51a83e..5fe84ec2fc 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -419,7 +419,7 @@ compression formats through the use of the libav library.") (define-public python-gst (package (name "python-gst") - (version "1.10.0") + (version "1.10.1") (source (origin (method url-fetch) (uri (string-append @@ -427,7 +427,7 @@ compression formats through the use of the libav library.") "gst-python-" version ".tar.xz")) (sha256 (base32 - "0hf71m0vqnd5sdj14li935xzzmqxh606qgw744a25w3vwj9v8nfy")))) + "04xhh0z0c0s6aq7kvmfs4r6yl1pjnqz0krp05pbjy62ayx5b61ak")))) (build-system gnu-build-system) (arguments ;; XXX: Factorize python-sitedir with python-build-system. From d7da76044bd12e9eda507b5259a51d010aa8aae3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=AE=8B=E6=96=87=E6=AD=A6?= Date: Fri, 18 Nov 2016 22:16:15 +0800 Subject: [PATCH 042/161] gnu: opensmtpd: Build man pages. * gnu/packages/mail.scm (opensmtpd)[native-inputs]: Add groff. --- gnu/packages/mail.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index 44e1ee12b8..6fcb548e61 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -1622,7 +1622,8 @@ transfer protocols.") ("linux-pam" ,linux-pam) ("zlib" ,zlib))) (native-inputs - `(("bison" ,bison))) + `(("bison" ,bison) + ("groff" ,groff))) (arguments `(#:configure-flags (list "--with-table-db" "--localstatedir=/var" "--with-user-smtpd=smtpd" "--with-user-queue=smtpq" From 651049789fe84e1c4642d218aab261258fbd7834 Mon Sep 17 00:00:00 2001 From: Danny Milosavljevic Date: Fri, 18 Nov 2016 00:45:01 +0100 Subject: [PATCH 043/161] gnu: xonsh: Update to 0.4.7. * gnu/packages/shells.scm (xonsh): Update to 0.4.7. Signed-off-by: Marius Bakke --- gnu/packages/shells.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/shells.scm b/gnu/packages/shells.scm index 9b9bd6c3a5..f3350ef501 100644 --- a/gnu/packages/shells.scm +++ b/gnu/packages/shells.scm @@ -288,14 +288,14 @@ ksh, and tcsh.") (define-public xonsh (package (name "xonsh") - (version "0.4.6") + (version "0.4.7") (source (origin (method url-fetch) (uri (pypi-uri "xonsh" version)) (sha256 (base32 - "0byxd9kjl99q2pyvjh9jy18l0di1i35wr0qqgnw4i6jh6ig3zcki")) + "04b0z41mxiwsp5rl21fzrixcdmx2kndjlh4gn3582qfga9hihf20")) (modules '((guix build utils))) (snippet `(begin From 8134dc1f74c2df2d42e1510fd3ac35234a4d89df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Fri, 18 Nov 2016 10:37:46 +0100 Subject: [PATCH 044/161] gnu: guile@2.0.13: Fix non-determinism issue in REPL server test. * gnu/packages/patches/guile-repl-server-test.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/guile.scm (guile-2.0.13)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/guile.scm | 3 +- .../patches/guile-repl-server-test.patch | 48 +++++++++++++++++++ 3 files changed, 51 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/guile-repl-server-test.patch diff --git a/gnu/local.mk b/gnu/local.mk index ff8586eba3..17bfda2a77 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -587,6 +587,7 @@ dist_patch_DATA = \ %D%/packages/patches/guile-linux-syscalls.patch \ %D%/packages/patches/guile-present-coding.patch \ %D%/packages/patches/guile-relocatable.patch \ + %D%/packages/patches/guile-repl-server-test.patch \ %D%/packages/patches/guile-rsvg-pkgconfig.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch \ diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm index 3f45b29038..4572544ec3 100644 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@ -217,7 +217,8 @@ without requiring the source code to be rewritten.") ".tar.xz")) (sha256 (base32 - "12yqkr974y91ylgw6jnmci2v90i90s7h9vxa4zk0sai8vjnz4i1p")))))) + "12yqkr974y91ylgw6jnmci2v90i90s7h9vxa4zk0sai8vjnz4i1p")) + (patches (search-patches "guile-repl-server-test.patch")))))) (define-public guile-next (package (inherit guile-2.0) diff --git a/gnu/packages/patches/guile-repl-server-test.patch b/gnu/packages/patches/guile-repl-server-test.patch new file mode 100644 index 0000000000..81e724ecc4 --- /dev/null +++ b/gnu/packages/patches/guile-repl-server-test.patch @@ -0,0 +1,48 @@ +commit 8d6209ea56241bb1890c142539927c9ef3fb5a13 +Author: Ludovic Courtès +Date: Fri Nov 4 22:44:32 2016 +0100 + + tests: Throw 'unresolved when the REPL server is too slow. + +commit 2fbde7f02adb8c6585e9baf6e293ee49cd23d4c4 +Author: Ludovic Courtès +Date: Fri Nov 4 22:45:51 2016 +0100 + + tests: Avoid race condition in REPL server test. + +index ca389ba..4b5ec0c 100644 +--- a/test-suite/tests/00-repl-server.test ++++ b/test-suite/tests/00-repl-server.test +@@ -61,10 +61,11 @@ socket connected to that server." + (lambda () + (connect client-socket sockaddr)) + (lambda args +- (when (and (memv (system-error-errno args) +- (list ENOENT ECONNREFUSED)) +- (< tries 3)) +- (sleep 1) ++ (when (memv (system-error-errno args) ++ (list ENOENT ECONNREFUSED)) ++ (when (> tries 30) ++ (throw 'unresolved)) ++ (usleep 100) + (loop (+ tries 1)))))) + + (proc client-socket)) +@@ -104,8 +105,14 @@ reached." + "scheme@(repl-server)> $1 = 42\n" + (with-repl-server socket + (read-until-prompt socket %last-line-before-prompt) +- (display "(+ 40 2)\n(quit)\n" socket) +- (read-string socket))) ++ ++ ;; Wait until 'repl-reader' in boot-9 has written the prompt. ++ ;; Otherwise, if we write too quickly, 'repl-reader' checks for ++ ;; 'char-ready?' and doesn't print the prompt. ++ (match (select (list socket) '() (list socket) 3) ++ (((_) () ()) ++ (display "(+ 40 2)\n(quit)\n" socket) ++ (read-string socket))))) + + (pass-if "HTTP inter-protocol attack" ;CVE-2016-8606 + (with-repl-server socket From 4c80d4c4815218196d5bc975239cf57026f81310 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Fri, 18 Nov 2016 10:48:31 +0100 Subject: [PATCH 045/161] download: Do not offload 'builtin:download' derivations. * guix/download.scm (built-in-download): Pass #:local-build? #t. --- guix/download.scm | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/guix/download.scm b/guix/download.scm index 34ebd45370..64a1d2f084 100644 --- a/guix/download.scm +++ b/guix/download.scm @@ -352,7 +352,13 @@ download by itself using its own dependencies." #:env-vars `(("url" . ,(object->string url)) ("mirrors" . ,mirrors) ("content-addressed-mirrors" - . ,content-addressed-mirrors))))) + . ,content-addressed-mirrors)) + + ;; Do not offload this derivation because we cannot be + ;; sure that the remote daemon supports the 'download' + ;; built-in. We may remove this limitation when support + ;; for that built-in is widespread. + #:local-build? #t))) (define* (in-band-download file-name url #:key system hash-algo hash From c2662820f359be19262cdd5d564e6a0dddc43281 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Fri, 18 Nov 2016 18:25:32 +0100 Subject: [PATCH 046/161] gnu: emacs-org: Update to 20161102. * gnu/packages/emacs.scm (emacs-org)[source]: Switch to elpa.gnu.org so 'guix refresh' can pick it up. Update to 20161102. --- gnu/packages/emacs.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index a065959d25..7666e2f620 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -3197,14 +3197,14 @@ passive voice.") (define-public emacs-org (package (name "emacs-org") - (version "20160912") + (version "20161102") (source (origin (method url-fetch) - (uri (string-append "http://orgmode.org/elpa/org-" + (uri (string-append "http://elpa.gnu.org/packages/org-" version ".tar")) (sha256 (base32 - "1xawj0pdvqrgzlixxgbfa01gzajfaz47anr5m4aw035rhc6s02r7")))) + "12v9jhakdxcmlw9zrcrh1fwi3kh6z0qva90hpnr0zjqyj72i0wir")))) (build-system emacs-build-system) (home-page "http://orgmode.org/") (synopsis "Outline-based notes management and organizer") From 01278f16a9bf93125376959b05d730ea02d9ff6c Mon Sep 17 00:00:00 2001 From: Petter Date: Wed, 16 Nov 2016 01:14:36 +0100 Subject: [PATCH 047/161] gnu: Add xcalib. * gnu/packages/xdisorg (xcalib): New variable. Signed-off-by: Leo Famulari --- gnu/packages/xdisorg.scm | 41 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/gnu/packages/xdisorg.scm b/gnu/packages/xdisorg.scm index 53048e0607..86f5ad203c 100644 --- a/gnu/packages/xdisorg.scm +++ b/gnu/packages/xdisorg.scm @@ -15,6 +15,7 @@ ;;; Copyright © 2016 Leo Famulari ;;; Copyright © 2016 Alex Kost ;;; Copyright © 2016 Marius Bakke +;;; Copyright © 2016 Petter ;;; ;;; This file is part of GNU Guix. ;;; @@ -1070,3 +1071,43 @@ XCB util-xrm module provides the following libraries: - xrm: utility functions for the X resource manager.") (license license:x11))) + +(define-public xcalib + (package + (name "xcalib") + (version "0.8") + (source (origin + (method url-fetch) + (uri (string-append "mirror://sourceforge/xcalib/xcalib/" version + "/xcalib-source-" version ".tar.gz")) + (sha256 + (base32 + "1rh6xb51c5xz926dnn82a2fn643g0sr4a8z66rn6yi7523kjw4ca")))) + (build-system gnu-build-system) + (arguments + '(#:make-flags '("CC=gcc") + #:tests? #f ; No test suite + #:phases (modify-phases %standard-phases + (delete 'configure) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin"))) + (install-file "xcalib" bin)))) + (add-after 'install 'install-doc + (lambda* (#:key outputs #:allow-other-keys) + (let ((doc (string-append(assoc-ref outputs "out") + "/share/doc/xcalib"))) + (install-file "README" doc) + ;; Avoid unspecified return value. + #t)))))) + (inputs `(("libx11", libx11) + ("libxext", libxext) + ("libxxf86vm", libxxf86vm))) + (synopsis "Tiny monitor calibration loader for XFree86 (or X.org)") + (description "xcalib is a tiny tool to load the content of vcgt-Tags in ICC +profiles to the video card's gamma ramp. It does work with most video card +drivers except the generic VESA driver. Alter brightness, contrast, RGB, and +invert colors on a specific display/screen.") + (home-page "http://xcalib.sourceforge.net/") + (license license:gpl2))) From ed3fee5f7bdf6132d6af2a9e25fab76e02a267b3 Mon Sep 17 00:00:00 2001 From: ng0 Date: Wed, 16 Nov 2016 12:27:56 +0000 Subject: [PATCH 048/161] gnu: python-pafy: Disable tests. * gnu/packages/python.scm (python-pafy): Disable tests. Signed-off-by: Leo Famulari --- gnu/packages/python.scm | 2 ++ 1 file changed, 2 insertions(+) diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 18e485ab2e..7cf1e7cf38 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -1620,6 +1620,8 @@ standard library.") (base32 "1ckvrypyvb7jbqlgwdz0y337ajagjv7dgxyns326nqwypn1wpq0i")))) (build-system python-build-system) + (arguments + `(#:tests? #f)) ; Currently pafy can not find itself in the tests (propagated-inputs ;; Youtube-dl is a python package which is imported in the file ;; "backend_youtube_dl.py", therefore it needs to be propagated. From 175d626478b37b1aa6ec3d869e7c66acb8d14275 Mon Sep 17 00:00:00 2001 From: ng0 Date: Wed, 16 Nov 2016 12:27:57 +0000 Subject: [PATCH 049/161] gnu: mps-youtube: Disable tests. * gnu/packages/video.scm (mps-youtube): Disable tests. Signed-off-by: Leo Famulari --- gnu/packages/video.scm | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 8f4b9d0061..fefa672bef 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -1708,6 +1708,12 @@ Content System specification.") (base32 "1s7h35yx6f0szf8mm8612ic913w3v05m2kwphjfcxnpq0ammhyci")))) (build-system python-build-system) + (arguments + ;; Tests need to be disabled until #556 upstream is fixed. It reads as if the + ;; test suite results differ depending on the country and also introduce + ;; non-determinism in the tests. + ;; https://github.com/mps-youtube/mps-youtube/issues/556 + `(#:tests? #f)) (propagated-inputs `(("python-pafy" ,python-pafy) ("python-pygobject" ,python-pygobject))) ; For mpris2 support From 4af80275a87fceeb2dcc7cf5198bb7f12d911d0f Mon Sep 17 00:00:00 2001 From: Ben J Woodcroft Date: Fri, 18 Nov 2016 15:42:44 +1000 Subject: [PATCH 050/161] gnu: ruby-2.2: Update to 2.2.6. * gnu/packages/ruby.scm (ruby-2.2): Update to 2.2.6. --- gnu/packages/ruby.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index 42beda3d44..e4c1ef0db1 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -103,7 +103,7 @@ a focus on simplicity and productivity.") (define-public ruby-2.2 (package (inherit ruby) - (version "2.2.5") + (version "2.2.6") (source (origin (method url-fetch) @@ -112,7 +112,7 @@ a focus on simplicity and productivity.") "/ruby-" version ".tar.xz")) (sha256 (base32 - "1mw7bzw76g5w37cwhb57r6gxcl2vn9lfrlyf4h4xms3qlnhflvzq")))))) + "0fbk2pyjphynj4kxn27vb5rsq6brr3y85p784jd1rxwws30fq54l")))))) (define-public ruby-2.1 (package (inherit ruby) From 6689c636d039ce5bf160c1858b99f4329427fd15 Mon Sep 17 00:00:00 2001 From: Muriithi Frederick Muriuki Date: Thu, 17 Nov 2016 17:33:01 +1000 Subject: [PATCH 051/161] gnu: Add ruby-net-http-digest-auth. * gnu/packages/ruby.scm (ruby-net-http-digest-auth): New variable. --- gnu/packages/ruby.scm | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index e4c1ef0db1..b6cb0a243d 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -4179,3 +4179,25 @@ patterns.") libraries for compiling Ruby native extensions.") (home-page "https://github.com/ruby-gnome2/pkg-config") (license license:lgpl2.0+))) + +(define-public ruby-net-http-digest-auth + (package + (name "ruby-net-http-digest-auth") + (version "1.4") + (source + (origin + (method url-fetch) + (uri (rubygems-uri "net-http-digest_auth" version)) + (sha256 + (base32 + "14801gr34g0rmqz9pv4rkfa3crfdbyfk6r48vpg5a5407v0sixqi")))) + (build-system ruby-build-system) + (native-inputs + `(("ruby-hoe" ,ruby-hoe))) + (synopsis "RFC 2617 HTTP digest authentication library") + (description + "This library implements HTTP's digest authentication scheme based on +RFC 2617. This enables the use of the digest authentication scheme instead +of the more insecure basic authentication scheme.") + (home-page "http://github.com/drbrain/net-http-digest_auth") + (license license:expat))) From ce53f5cbf0809c4fea148177e7bc7e2a7b1291ae Mon Sep 17 00:00:00 2001 From: Nicolas Goaziou Date: Sat, 19 Nov 2016 08:32:33 +0100 Subject: [PATCH 052/161] gnu: giac-xcas: Update to 1.2.2-103 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/algebra.scm (giac-xcas): Update to 1.2.2-103. Signed-off-by: 宋文武 --- gnu/packages/algebra.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/algebra.scm b/gnu/packages/algebra.scm index 8e9695da51..76f385e340 100644 --- a/gnu/packages/algebra.scm +++ b/gnu/packages/algebra.scm @@ -202,7 +202,7 @@ GP2C, the GP to C compiler, translates GP scripts to PARI programs.") (define-public giac-xcas (package (name "giac-xcas") - (version "1.2.2-95") + (version "1.2.2-103") (source (origin (method url-fetch) ;; "~parisse/giac" is not used because the maintainer regularly @@ -214,7 +214,7 @@ GP2C, the GP to C compiler, translates GP scripts to PARI programs.") "source/giac_" version ".tar.gz")) (sha256 (base32 - "1zyaz5pgj7w6ka4qxic4kmbcqcikpn8ry3jvhi2kd72hwa0v65y2")))) + "1qrhjw2sdvyv2x8fqs9isqv8rgldn448gfxbi7zbva8m5va5b3z1")))) (build-system gnu-build-system) (arguments `(#:phases From 2c453091e499c0fc1d6d8a72bd45bf6807679239 Mon Sep 17 00:00:00 2001 From: Nicolas Goaziou Date: Sat, 19 Nov 2016 08:35:45 +0100 Subject: [PATCH 053/161] gnu: wireshark: Update to 2.2.2. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/networking.scm (wireshark): Update to 2.2.2. Signed-off-by: 宋文武 --- gnu/packages/networking.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm index f19cebeb13..d8bbc6eea2 100644 --- a/gnu/packages/networking.scm +++ b/gnu/packages/networking.scm @@ -467,7 +467,7 @@ which can be used to encrypt a password with @code{crypt(3)}.") (define-public wireshark (package (name "wireshark") - (version "2.2.1") + (version "2.2.2") (synopsis "Network traffic analyzer") (source (origin @@ -476,7 +476,7 @@ which can be used to encrypt a password with @code{crypt(3)}.") version ".tar.bz2")) (sha256 (base32 - "0jciaqz119vmznd8mi4gq5dgwz7vn453cnm2086mxcy80jpj43lh")))) + "1csm035ayfzn1xzzsmzcjk2ixx39d70aykr4nh0a88chk9gfzb7r")))) (build-system glib-or-gtk-build-system) (inputs `(("bison" ,bison) ("c-ares" ,c-ares) From f2bd238bcd3e55ea107887bdc034b42005aabcbd Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Fri, 18 Nov 2016 23:45:26 +0100 Subject: [PATCH 054/161] gnu: synthv1: Update to 0.8.0. * gnu/packages/music.scm (synthv1): Update to 0.8.0. --- gnu/packages/music.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index abcc498599..ce1458b55d 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -881,7 +881,7 @@ users to select LV2 plugins and run them with jalv.") (define-public synthv1 (package (name "synthv1") - (version "0.7.5") + (version "0.8.0") (source (origin (method url-fetch) (uri @@ -889,7 +889,7 @@ users to select LV2 plugins and run them with jalv.") "/synthv1-" version ".tar.gz")) (sha256 (base32 - "0h5zja78phf9705i9g54zh61iczb24iv7rxhljyms30sjgajig1y")))) + "155pfyhr6d35ciw95pbxlqy7751cmij8j5d849rvblqbjzyzb5qx")))) (build-system gnu-build-system) (arguments `(#:tests? #f ; There are no tests. From 4ed4bb11cb731829273e7002ddf06ec9417c9b1c Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 19 Nov 2016 01:19:16 +0100 Subject: [PATCH 055/161] gnu: qsynth: Update to 0.4.3. * gnu/packages/audio.scm (qsynth): Update to 0.4.3. --- gnu/packages/audio.scm | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/gnu/packages/audio.scm b/gnu/packages/audio.scm index 7d2e2d2a4b..77d3b538c8 100644 --- a/gnu/packages/audio.scm +++ b/gnu/packages/audio.scm @@ -2281,21 +2281,22 @@ interface.") (define-public qsynth (package (name "qsynth") - (version "0.4.1") + (version "0.4.3") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/qsynth/qsynth/" version "/qsynth-" version ".tar.gz")) (sha256 - (base32 "034p6mbwrjnxd9b6h20cidxi4ilkk3cgpjp154j0jzjs1ipf7x2h")))) + (base32 "1j5hm99fjrnaw8wbmlh4qixkv3rw5dl429mp1ag7js2ydrx0j9yy")))) (build-system gnu-build-system) (arguments `(#:tests? #f ; no "check" phase #:configure-flags '("CXXFLAGS=-std=gnu++11"))) (native-inputs - `(("qttools" ,qttools))) + `(("qttools" ,qttools) + ("pkg-config" ,pkg-config))) (inputs `(("fluidsynth" ,fluidsynth) ("qtbase" ,qtbase) From 31de5e2244961d0d37dcb9c31ce6ebb32ab27046 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 19 Nov 2016 10:52:54 +0100 Subject: [PATCH 056/161] gnu: gx-saturator-lv2: Update to 0-2.0b581ac85. * gnu/packages/music.scm (gx-saturator-lv2): Update to 0-2.0b581ac85. [arguments]: Remove "escape-shell-commands" phase. --- gnu/packages/music.scm | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index ce1458b55d..b12767a686 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -2177,8 +2177,8 @@ simulation of a push pull transistor fuzz effect with added high octave.")))) pedal.")))) (define-public gx-saturator-lv2 - (let ((commit "361399245d234b4d02f11f066d25ac15d90c6bf8") - (revision "1")) + (let ((commit "0b581ac85c515325b9f16e51937cae6e1bf81a0a") + (revision "2")) (package (inherit gx-guvnor-lv2) (name "gx-saturator-lv2") (version (string-append "0-" revision "." (string-take commit 9))) @@ -2189,19 +2189,8 @@ pedal.")))) (commit commit))) (sha256 (base32 - "13cf5gxr2wzp5954hdhbl79v98a665ll5434mb3668p4j33sv217")) + "1cl785pzq8zk55m1rnhfd6qsabci6kpf4pf002gwr91vagyq246z")) (file-name (string-append name "-" version "-checkout")))) - (arguments - (substitute-keyword-arguments (package-arguments gx-guvnor-lv2) - ((#:phases phases) - `(modify-phases ,phases - (add-after 'unpack 'escape-shell-commands - (lambda _ - (substitute* "Makefile" - (("cat ") "$(shell cat ") - (("/dev/null") "/dev/null)") - (("SSE_CFLAGS = \"\"") "SSE_CFLAGS =")) - #t)))))) (home-page "https://github.com/brummer10/GxSaturator.lv2") (synopsis "Saturation effect") (description "This package provides the LV2 plugin \"GxSaturator\", a From dad6cb50da30a3e6e788ae688cd8313148e14d8d Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 19 Nov 2016 10:54:09 +0100 Subject: [PATCH 057/161] gnu: gx-hyperion-lv2: Update to 0-2.6a096a664. * gnu/packages/music.scm (gx-hyperion-lv2): Update to 0-2.6a096a664. [arguments]: Remove "escape-shell-commands" phase. --- gnu/packages/music.scm | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index b12767a686..26c767f2a1 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -2197,8 +2197,8 @@ pedal.")))) saturation effect.")))) (define-public gx-hyperion-lv2 - (let ((commit "7d993bc77f9946b3df0e481632c61b2dcbb6549f") - (revision "1")) + (let ((commit "6a096a664e553e551e179e85cf390bd1683410fb") + (revision "2")) (package (inherit gx-guvnor-lv2) (name "gx-hyperion-lv2") (version (string-append "0-" revision "." (string-take commit 9))) @@ -2209,19 +2209,8 @@ saturation effect.")))) (commit commit))) (sha256 (base32 - "12klcyc6l9v93ii3478mqz44jzvh5np1sk8zzdmz42jp0w8qd429")) + "1ksv3wmylhwbf6kjl2lnhr14h9rfl291cfm21471gnb1r68yqfxh")) (file-name (string-append name "-" version "-checkout")))) - (arguments - (substitute-keyword-arguments (package-arguments gx-guvnor-lv2) - ((#:phases phases) - `(modify-phases ,phases - (add-after 'unpack 'escape-shell-commands - (lambda _ - (substitute* "Makefile" - (("cat ") "$(shell cat ") - (("/dev/null") "/dev/null)") - (("SSE_CFLAGS = \"\"") "SSE_CFLAGS =")) - #t)))))) (home-page "https://github.com/brummer10/GxHyperion.lv2") (synopsis "Simulation of the Hyperion Fuzz pedal") (description "This package provides the LV2 plugin \"GxHyperion\", a From c1802b0834c7d3f7611cd41ecaea5c2a98f43532 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 19 Nov 2016 10:55:01 +0100 Subject: [PATCH 058/161] gnu: gx-voodoo-fuzz-lv2: Update to 0-2.aec7889b4. * gnu/packages/music.scm (gx-voodoo-fuzz-lv2): Update to 0-2.aec7889b4. [arguments]: Remove "escape-shell-commands" phase. --- gnu/packages/music.scm | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index 26c767f2a1..83834de4e3 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -2217,8 +2217,8 @@ saturation effect.")))) simulation of the Hyperion Fuzz pedal.")))) (define-public gx-voodoo-fuzz-lv2 - (let ((commit "d2d6b27bc279f98c2fd11bbd58ffe2fb2c321ec4") - (revision "1")) + (let ((commit "aec7889b489385e8add06126e7a36ae2e26254b1") + (revision "2")) (package (inherit gx-guvnor-lv2) (name "gx-voodoo-fuzz-lv2") (version (string-append "0-" revision "." (string-take commit 9))) @@ -2229,19 +2229,8 @@ simulation of the Hyperion Fuzz pedal.")))) (commit commit))) (sha256 (base32 - "1ji915bly588a8xwvwspvsqv0nh8ljgi6rky2mk1d9d6nz96jrbk")) + "0mc41ldlv89069iaysnfiqxy5h5sr8mdi5cxm3ij5q5v4jv3viwx")) (file-name (string-append name "-" version "-checkout")))) - (arguments - (substitute-keyword-arguments (package-arguments gx-guvnor-lv2) - ((#:phases phases) - `(modify-phases ,phases - (add-after 'unpack 'escape-shell-commands - (lambda _ - (substitute* "Makefile" - (("cat ") "$(shell cat ") - (("/dev/null") "/dev/null)") - (("SSE_CFLAGS = \"\"") "SSE_CFLAGS =")) - #t)))))) (home-page "https://github.com/brummer10/GxVoodoFuzz.lv2") (synopsis "Fuzz effect modelled after the Voodoo Lab SuperFuzz") (description "This package provides the LV2 plugin \"GxVoodooFuzz\", a From 1df4d85f8b442835cb2aa8dee47cc6ad4d6a3b1e Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 19 Nov 2016 11:20:13 +0100 Subject: [PATCH 059/161] gnu: gx-super-fuzz-lv2: Update to 0-2.f40389575. * gnu/packages/music.scm (gx-super-fuzz-lv2): Update to 0-2.f40389575. [arguments]: Remove "escape-shell-commands" phase. --- gnu/packages/music.scm | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index 83834de4e3..189aa1e2b0 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -2239,8 +2239,8 @@ Bosstone circuit, followed by the tone control of the FoxToneMachine in parallel with a DarkBooster, followed by a volume control.")))) (define-public gx-super-fuzz-lv2 - (let ((commit "9800354caeb4082a64ca55b2daa9a9a1f79b8c21") - (revision "1")) + (let ((commit "f40389575812c909007d140d327ce579930b71f7") + (revision "2")) (package (inherit gx-guvnor-lv2) (name "gx-super-fuzz-lv2") (version (string-append "0-" revision "." (string-take commit 9))) @@ -2251,19 +2251,8 @@ parallel with a DarkBooster, followed by a volume control.")))) (commit commit))) (sha256 (base32 - "1jclp53p01h94cpx17wm4765r7klbr41g7bvq87l53qwlrgkc7a9")) + "174bibj8qzm8zr6f5h8bcj94iry17zravk8flpdy84n6yg7cixji")) (file-name (string-append name "-" version "-checkout")))) - (arguments - (substitute-keyword-arguments (package-arguments gx-guvnor-lv2) - ((#:phases phases) - `(modify-phases ,phases - (add-after 'unpack 'escape-shell-commands - (lambda _ - (substitute* "Makefile" - (("cat ") "$(shell cat ") - (("/dev/null") "/dev/null)") - (("SSE_CFLAGS = \"\"") "SSE_CFLAGS =")) - #t)))))) (home-page "https://github.com/brummer10/GxSuperFuzz.lv2") (synopsis "Fuzz effect modelled after the UniVox SuperFuzz") (description "This package provides the LV2 plugin \"GxVoodooFuzz\", an From a7cd2d44e10030515ae3ae499595096139903e95 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 19 Nov 2016 11:21:12 +0100 Subject: [PATCH 060/161] gnu: gx-vintage-fuzz-master-lv2: Update to 0-2.0fec0bc1e. * gnu/packages/music.scm (gx-vintage-fuzz-master-lv2): Update to 0-2.0fec0bc1e. [arguments]: Remove "escape-shell-commands" phase. --- gnu/packages/music.scm | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index 189aa1e2b0..6b8ae0fa95 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -2261,8 +2261,8 @@ pot, which is usualy in the housing, is exposed as a control parameter. It adjusts the amount of harmonics.")))) (define-public gx-vintage-fuzz-master-lv2 - (let ((commit "c3ab9a3019a8381a398718b98615940b4a225b9e") - (revision "1")) + (let ((commit "0fec0bc1e8a8ba909a68e916e036138a3425d7db") + (revision "2")) (package (inherit gx-guvnor-lv2) (name "gx-vintage-fuzz-master-lv2") (version (string-append "0-" revision "." (string-take commit 9))) @@ -2273,19 +2273,8 @@ adjusts the amount of harmonics.")))) (commit commit))) (sha256 (base32 - "0s1ghysggx6psalyhcpgjnmf38vama6jcqgbldqmxii5c2w2ybsc")) + "06szi6d2iwkygbw5azhwzhcl2as4lmk2gs9hanngsf46a1zbdcp7")) (file-name (string-append name "-" version "-checkout")))) - (arguments - (substitute-keyword-arguments (package-arguments gx-guvnor-lv2) - ((#:phases phases) - `(modify-phases ,phases - (add-after 'unpack 'escape-shell-commands - (lambda _ - (substitute* "Makefile" - (("cat ") "$(shell cat ") - (("/dev/null") "/dev/null)") - (("SSE_CFLAGS = \"\"") "SSE_CFLAGS =")) - #t)))))) (home-page "https://github.com/brummer10/GxVintageFuzzMaster.lv2") (synopsis "Fuzz effect simulation of the vintage Fuzz Master") (description "This package provides the LV2 plugin From 8e6f6503f09462d452aa0f28b05341f1b6a7728c Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 19 Nov 2016 11:22:13 +0100 Subject: [PATCH 061/161] gnu: gx-slow-gear-lv2: Update to 0-2.cb852e042. * gnu/packages/music.scm (gx-slow-gear-lv2): Update to 0-2.cb852e042. [arguments]: Remove "escape-shell-commands" phase. --- gnu/packages/music.scm | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index 6b8ae0fa95..2de6b565d8 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -2281,8 +2281,8 @@ adjusts the amount of harmonics.")))) \"GxVintageFuzzMaster\", a simulation of the vintage Fuzz Master pedal.")))) (define-public gx-slow-gear-lv2 - (let ((commit "1071c2b2936ebad859242cb578af2f3415f8900f") - (revision "1")) + (let ((commit "cb852e0426f4e6fe077e7f1ede73a4da335cfc5e") + (revision "2")) (package (inherit gx-guvnor-lv2) (name "gx-slow-gear-lv2") (version (string-append "0-" revision "." (string-take commit 9))) @@ -2293,19 +2293,8 @@ adjusts the amount of harmonics.")))) (commit commit))) (sha256 (base32 - "0c6099h5qkv7ilsvxxcrzwy1h6lkld1srh3fvbjxyw9q34kbqsyl")) + "0dp7afi1r3kzciiyn1hrkz6arsq47ys9sx5g4b7xa9k1dv92ishp")) (file-name (string-append name "-" version "-checkout")))) - (arguments - (substitute-keyword-arguments (package-arguments gx-guvnor-lv2) - ((#:phases phases) - `(modify-phases ,phases - (add-after 'unpack 'escape-shell-commands - (lambda _ - (substitute* "Makefile" - (("cat ") "$(shell cat ") - (("/dev/null") "/dev/null)") - (("SSE_CFLAGS = \"\"") "SSE_CFLAGS =")) - #t)))))) (home-page "https://github.com/brummer10/GxSlowGear.lv2") (synopsis "Slow gear audio effect") (description "This package provides the LV2 plugin \"GxSlowGear\", a From cfcef2c2ac9d87271c411c0515a928bdac312484 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 19 Nov 2016 11:23:07 +0100 Subject: [PATCH 062/161] gnu: gx-switchless-wah-lv2: Update to 0-2.7b0869120. * gnu/packages/music.scm (gx-switchless-wah-lv2): Update to 0-2.7b0869120. [arguments]: Remove "escape-shell-commands" phase. --- gnu/packages/music.scm | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index 2de6b565d8..12233bfdba 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -2301,8 +2301,8 @@ adjusts the amount of harmonics.")))) slow gear audio effect to produce volume swells.")))) (define-public gx-switchless-wah-lv2 - (let ((commit "1d466240c482b7ce9136aee39044068ab96f1c92") - (revision "1")) + (let ((commit "7b08691203314612999f0ce2328cdc1161cd6665") + (revision "2")) (package (inherit gx-guvnor-lv2) (name "gx-switchless-wah-lv2") (version (string-append "0-" revision "." (string-take commit 9))) @@ -2313,19 +2313,8 @@ slow gear audio effect to produce volume swells.")))) (commit commit))) (sha256 (base32 - "0g6njgsm8s76n6yys09a8w77z93pjjgqq9hzhhsrl73hhvyr9qmy")) + "04jqfpncmrrqn34p21w4v9m2x5a5wsqwbm4f3byxvq4vcibwxzk2")) (file-name (string-append name "-" version "-checkout")))) - (arguments - (substitute-keyword-arguments (package-arguments gx-guvnor-lv2) - ((#:phases phases) - `(modify-phases ,phases - (add-after 'unpack 'escape-shell-commands - (lambda _ - (substitute* "Makefile" - (("cat ") "$(shell cat ") - (("/dev/null") "/dev/null)") - (("SSE_CFLAGS = \"\"") "SSE_CFLAGS =")) - #t)))))) (home-page "https://github.com/brummer10/GxSwitchlessWah.lv2") (synopsis "Wah emulation with switchless activation") (description "This package provides the LV2 plugin \"GxSwitchlessWah\", From ae1e2133b9cb776f557ffcf2cb61888618c1d509 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=AE=8B=E6=96=87=E6=AD=A6?= Date: Sat, 19 Nov 2016 19:12:33 +0800 Subject: [PATCH 063/161] gnu: opensmtpd: Correct CA certificates file path. * gnu/packages/mail.scm (opensmtpd)[arguments]: Pass '--with-path-CAfile=/etc/ssl/certs/ca-certificates.crt' to #:configure-flags. --- gnu/packages/mail.scm | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index 6fcb548e61..a365e37f9b 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -1625,10 +1625,12 @@ transfer protocols.") `(("bison" ,bison) ("groff" ,groff))) (arguments - `(#:configure-flags (list "--with-table-db" "--localstatedir=/var" - "--with-user-smtpd=smtpd" "--with-user-queue=smtpq" - "--with-group-queue=smtpq" - "--with-path-socket=/var/run") + `(#:configure-flags + (list "--with-table-db" "--localstatedir=/var" + "--with-user-smtpd=smtpd" "--with-user-queue=smtpq" + "--with-group-queue=smtpq" + "--with-path-socket=/var/run" + "--with-path-CAfile=/etc/ssl/certs/ca-certificates.crt") #:phases (modify-phases %standard-phases ;; OpenSMTPD provides a single utility smtpctl to control the daemon and From e5aade794a89a742b1f9663d42bbbfd24955718b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=AE=8B=E6=96=87=E6=AD=A6?= Date: Sat, 19 Nov 2016 19:37:30 +0800 Subject: [PATCH 064/161] services: dicod-service: Honor 'dicod-configuration-dico'. * gnu/services/dict.scm (dicod-shepherd-service): Use 'dicod-configuration-dico' of config. --- gnu/services/dict.scm | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/gnu/services/dict.scm b/gnu/services/dict.scm index da5d004701..303067037f 100644 --- a/gnu/services/dict.scm +++ b/gnu/services/dict.scm @@ -105,15 +105,17 @@ database { (chown rundir (passwd:uid user) (passwd:gid user))))) (define (dicod-shepherd-service config) - (list (shepherd-service - (provision '(dicod)) - (documentation "Run the dicod daemon.") - (start #~(make-forkexec-constructor - (list (string-append #$dico "/bin/dicod") "--foreground" - (string-append - "--config=" #$(dicod-configuration-file config))) - #:user "dicod" #:group "dicod")) - (stop #~(make-kill-destructor))))) + (let ((dicod (file-append (dicod-configuration-dico config) + "/bin/dicod")) + (dicod.conf (dicod-configuration-file config))) + (list (shepherd-service + (provision '(dicod)) + (documentation "Run the dicod daemon.") + (start #~(make-forkexec-constructor + (list #$dicod "--foreground" + (string-append "--config=" #$dicod.conf)) + #:user "dicod" #:group "dicod")) + (stop #~(make-kill-destructor)))))) (define dicod-service-type (service-type From fd057b84ecb863be1db9307bf482f8b0add08fa4 Mon Sep 17 00:00:00 2001 From: Nicolas Goaziou Date: Fri, 18 Nov 2016 23:36:26 +0100 Subject: [PATCH 065/161] gnu: emacs-org: Update to 20161118. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/emacs.scm (emacs-org): Update to 20161118. Signed-off-by: 宋文武 --- gnu/packages/emacs.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index 7666e2f620..04c977f830 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -3197,14 +3197,14 @@ passive voice.") (define-public emacs-org (package (name "emacs-org") - (version "20161102") + (version "20161118") (source (origin (method url-fetch) (uri (string-append "http://elpa.gnu.org/packages/org-" version ".tar")) (sha256 (base32 - "12v9jhakdxcmlw9zrcrh1fwi3kh6z0qva90hpnr0zjqyj72i0wir")))) + "1w9g8r08kaiw9f4fjsj0hbffzq85rj734j5lxvbaafbnz7dbklk1")))) (build-system emacs-build-system) (home-page "http://orgmode.org/") (synopsis "Outline-based notes management and organizer") From 5cd41292211568fbd34babc97aeaf6ee92a27103 Mon Sep 17 00:00:00 2001 From: ng0 Date: Fri, 18 Nov 2016 17:28:45 +0000 Subject: [PATCH 066/161] gnu: emacs-cyberpunk-theme: Update to 1.18. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/emacs.scm (emacs-cyberpunk-theme): Update to 1.18. Signed-off-by: 宋文武 --- gnu/packages/emacs.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index 04c977f830..76809d3069 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -3241,7 +3241,7 @@ Flx has support for ido (interactively do things) through flx-ido.") (define-public emacs-cyberpunk-theme (package (name "emacs-cyberpunk-theme") - (version "1.17") + (version "1.18") (source (origin (method url-fetch) @@ -3249,7 +3249,7 @@ Flx has support for ido (interactively do things) through flx-ido.") "archive/" version ".tar.gz")) (sha256 (base32 - "068jcn4g1bvwgpcvyfqygzw6ahill51c1sqzyyvj2paxckbd7h51")) + "0pxzbw0qjxgkhhs3gn3k9qy41kl1a4pfzbw83dk24l4b3nxd24wg")) (file-name (string-append name "-" version ".tar.gz")))) (build-system emacs-build-system) (home-page "https://github.com/n3mo/cyberpunk-theme.el") From 8f4939506405bdde5a0db57a06e78251bb35a047 Mon Sep 17 00:00:00 2001 From: ng0 Date: Fri, 18 Nov 2016 18:59:30 +0000 Subject: [PATCH 067/161] gnu: Add emacs-danneskjold-theme. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/emacs.scm (emacs-danneskjold-theme): New variable. Signed-off-by: 宋文武 --- gnu/packages/emacs.scm | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index 76809d3069..ec672bce8c 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -3259,6 +3259,35 @@ Flx has support for ido (interactively do things) through flx-ido.") known loosely as deftheme. Many mode-specific customizations are included.") (license license:gpl3+))) +(define-public emacs-danneskjold-theme + (let* ((commit "8733d2fe8743e8a01826ea6d4430ef376c727e57") + (revision "1")) + (package + (name "emacs-danneskjold-theme") + (version (string-append "0.0.0-" revision "." (string-take commit 7))) + (home-page "https://github.com/rails-to-cosmos/danneskjold-theme") + (source + (origin + (method git-fetch) + (uri (git-reference + (url home-page) + (commit commit))) + (file-name (string-append name "-" version "-checkout")) + (sha256 + (base32 + "0s6rbsb0y8i8m5b9xm4gw1p1cxsxdqnqxqqb638pygz9f76mbir1")))) + (build-system emacs-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'delete-screenshots + (lambda _ + (delete-file-recursively "screenshots") #t))))) + (synopsis "High-contrast Emacs theme") + (description + "@code{danneskjold-theme} is a high-contrast theme for Emacs.") + (license license:gpl3+)))) + (define-public emacs-auto-complete (package (name "emacs-auto-complete") From 3446ffb57c22996074e29c5c685a309855017a57 Mon Sep 17 00:00:00 2001 From: Rene Saavedra Date: Thu, 17 Nov 2016 23:48:11 -0600 Subject: [PATCH 068/161] gnu: gnome-control-center: Add gdk-pixbuf input. * gnu/packages/gnome.scm (gnome-control-center)[inputs]: Add gdk-pixbuf. Signed-off-by: Leo Famulari --- gnu/packages/gnome.scm | 1 + 1 file changed, 1 insertion(+) diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 8c422c52fa..3aa0f567fd 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -4747,6 +4747,7 @@ devices using the GNOME desktop.") ("cups" ,cups) ("dconf" ,dconf) ("docbook-xsl" ,docbook-xsl) + ("gdk-pixbuf" ,gdk-pixbuf) ; for loading SVG files ("gnome-bluetooth" ,gnome-bluetooth) ("gnome-desktop" ,gnome-desktop) ("gnome-online-accounts" ,gnome-online-accounts) From b7e0f65b40bc069bf828e06d0390670a0ed8b4db Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 19 Nov 2016 10:42:49 -0500 Subject: [PATCH 069/161] gnu: imagemagick: Update to 6.9.6-5. * gnu/packages/imagemagick.scm (imagemagick): Update to 6.9.6-5. --- gnu/packages/imagemagick.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/imagemagick.scm b/gnu/packages/imagemagick.scm index 8dcfbc72c5..99d8b76299 100644 --- a/gnu/packages/imagemagick.scm +++ b/gnu/packages/imagemagick.scm @@ -43,14 +43,14 @@ (define-public imagemagick (package (name "imagemagick") - (version "6.9.6-4") + (version "6.9.6-5") (source (origin (method url-fetch) (uri (string-append "mirror://imagemagick/ImageMagick-" version ".tar.xz")) (sha256 (base32 - "1mv2qihr9jfagz1dds42q46zirh0dvx0rai7pkqmbzy2bp2c48ym")))) + "037lg2m0y5b17lyi34jdlkq4h03ck67j5m6wr84nvwd3jfx240cd")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--with-frozenpaths" "--without-gcc-arch") From 2fedcd1895fa8c2c378091de278815050fe79d55 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 19 Nov 2016 11:12:34 -0500 Subject: [PATCH 070/161] gnu: libtiff: Fix CVE-2016-9448. * gnu/packages/patches/libtiff-CVE-2016-9448.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (libtiff/fixed)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/image.scm | 3 +- .../patches/libtiff-CVE-2016-9448.patch | 34 +++++++++++++++++++ 3 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/libtiff-CVE-2016-9448.patch diff --git a/gnu/local.mk b/gnu/local.mk index 17bfda2a77..7112451586 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -671,6 +671,7 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-5652.patch \ %D%/packages/patches/libtiff-CVE-2016-9273.patch \ %D%/packages/patches/libtiff-CVE-2016-9297.patch \ + %D%/packages/patches/libtiff-CVE-2016-9448.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ %D%/packages/patches/libtiff-uint32-overflow.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 8f08fad153..309c336779 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -302,7 +302,8 @@ collection of tools for doing simple manipulations of TIFF images.") "libtiff-CVE-2016-5323.patch" "libtiff-CVE-2016-5652.patch" "libtiff-CVE-2016-9273.patch" - "libtiff-CVE-2016-9297.patch")))))) + "libtiff-CVE-2016-9297.patch" + "libtiff-CVE-2016-9448.patch")))))) (define-public libwmf (package diff --git a/gnu/packages/patches/libtiff-CVE-2016-9448.patch b/gnu/packages/patches/libtiff-CVE-2016-9448.patch new file mode 100644 index 0000000000..05a3af8a84 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-9448.patch @@ -0,0 +1,34 @@ +Fix CVE-2016-9448 (regression caused by fix for CVE-2016-9297). + +http://bugzilla.maptools.org/show_bug.cgi?id=2593 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448 + +Patch copied from upstream source repository with: +$ cvs diff -u -r 1.203 -r 1.204 libtiff/libtiff/tif_dirread.c + +Index: libtiff/libtiff/tif_dirread.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v +retrieving revision 1.203 +retrieving revision 1.204 +diff -u -r1.203 -r1.204 +--- libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:22:01 -0000 1.203 ++++ libtiff/libtiff/tif_dirread.c 16 Nov 2016 15:14:15 -0000 1.204 +@@ -5000,7 +5000,7 @@ + if (err==TIFFReadDirEntryErrOk) + { + int m; +- if( data[dp->tdir_count-1] != '\0' ) ++ if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' ) + { + TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); + data[dp->tdir_count-1] = '\0'; +@@ -5177,7 +5177,7 @@ + if (err==TIFFReadDirEntryErrOk) + { + int m; +- if( data[dp->tdir_count-1] != '\0' ) ++ if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' ) + { + TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); + data[dp->tdir_count-1] = '\0'; From cf9af706fbeeb464a4fd3b554db2d1119917511a Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 19 Nov 2016 00:02:47 +0100 Subject: [PATCH 071/161] gnu: Add drumkv1. * gnu/packages/music.scm (drumkv1): New variable. --- gnu/packages/music.scm | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index 12233bfdba..f2e10d52da 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -909,6 +909,40 @@ users to select LV2 plugins and run them with jalv.") oscillators and stereo effects.") (license license:gpl2+))) +(define-public drumkv1 + (package + (name "drumkv1") + (version "0.8.0") + (source (origin + (method url-fetch) + (uri + (string-append "mirror://sourceforge/drumkv1/drumkv1/" version + "/drumkv1-" version ".tar.gz")) + (sha256 + (base32 + "1n2kd468kn71yp2asmamprvblmdlvh0zd8lsh3598dwi4b7aa3ga")))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; There are no tests. + #:configure-flags + '("CXXFLAGS=-std=gnu++11"))) + (inputs + `(("jack" ,jack-1) + ("lv2" ,lv2) + ("libsndfile" ,libsndfile) + ("alsa-lib" ,alsa-lib) + ("liblo" ,liblo) + ("qtbase" ,qtbase))) + (native-inputs + `(("pkg-config" ,pkg-config) + ("qttools" ,qttools))) + (home-page "http://drumkv1.sourceforge.net") + (synopsis "Drum-kit sampler synthesizer with stereo effects") + (description + "Drumkv1 is an old-school drum-kit sampler synthesizer with stereo +effects.") + (license license:gpl2+))) + (define-public amsynth (package (name "amsynth") From 18675264c69dfc68b869d066551c444da2f47566 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 19 Nov 2016 00:16:53 +0100 Subject: [PATCH 072/161] gnu: Add samplv1. * gnu/packages/music.scm (samplv1): New variable. --- gnu/packages/music.scm | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index f2e10d52da..4ec6d6e4c2 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -943,6 +943,40 @@ oscillators and stereo effects.") effects.") (license license:gpl2+))) +(define-public samplv1 + (package + (name "samplv1") + (version "0.8.0") + (source (origin + (method url-fetch) + (uri + (string-append "mirror://sourceforge/samplv1/samplv1/" version + "/samplv1-" version ".tar.gz")) + (sha256 + (base32 + "0j3hkmd9q0bw9b7nk9cssqywlrishkd1n790a9vq6gh3pdc5sf3r")))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; There are no tests. + #:configure-flags + '("CXXFLAGS=-std=gnu++11"))) + (inputs + `(("jack" ,jack-1) + ("lv2" ,lv2) + ("libsndfile" ,libsndfile) + ("alsa-lib" ,alsa-lib) + ("liblo" ,liblo) + ("qtbase" ,qtbase))) + (native-inputs + `(("pkg-config" ,pkg-config) + ("qttools" ,qttools))) + (home-page "http://samplv1.sourceforge.net") + (synopsis "Polyphonic sampler synthesizer with stereo effects") + (description + "Samplv1 is an old-school polyphonic sampler synthesizer with stereo +effects.") + (license license:gpl2+))) + (define-public amsynth (package (name "amsynth") From 713335fa610713dc9491fc4848f5f5842423b143 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sat, 19 Nov 2016 16:56:47 +0100 Subject: [PATCH 073/161] derivations: Add 'raw-derivation'. * guix/derivations.scm (raw-derivation): New procedure. * guix/download.scm (raw-derivation): Remove. * guix/gexp.scm (raw-derivation): Remove. --- guix/derivations.scm | 4 ++++ guix/download.scm | 3 --- guix/gexp.scm | 3 --- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/guix/derivations.scm b/guix/derivations.scm index e378a7cb03..7ed9bd61d3 100644 --- a/guix/derivations.scm +++ b/guix/derivations.scm @@ -86,6 +86,7 @@ derivation-path->output-path derivation-path->output-paths derivation + raw-derivation map-derivation @@ -1306,3 +1307,6 @@ ALLOWED-REFERENCES, DISALLOWED-REFERENCES, LOCAL-BUILD?, and SUBSTITUTABLE?." (define built-derivations (store-lift build-derivations)) + +(define raw-derivation + (store-lift derivation)) diff --git a/guix/download.scm b/guix/download.scm index 64a1d2f084..e2e5cee777 100644 --- a/guix/download.scm +++ b/guix/download.scm @@ -322,9 +322,6 @@ the daemon." result)) store))))) -(define raw-derivation - (store-lift derivation)) - (define* (built-in-download file-name url #:key system hash-algo hash mirrors content-addressed-mirrors diff --git a/guix/gexp.scm b/guix/gexp.scm index 05178a5ecc..fd5dc49233 100644 --- a/guix/gexp.scm +++ b/guix/gexp.scm @@ -453,9 +453,6 @@ whether this should be considered a \"native\" input or not." '())) (gexp-references gexp))))) -(define raw-derivation - (store-lift derivation)) - (define* (lower-inputs inputs #:key system target) "Turn any package from INPUTS into a derivation for SYSTEM; return the From e74f64b9e55cbc3052698830001238d2407fed19 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sat, 19 Nov 2016 17:05:07 +0100 Subject: [PATCH 074/161] store: Add 'references*'. * guix/store.scm (references*): New procedure. * guix/profiles.scm (manifest-lookup-package)[references*]: Remove. * guix/scripts/system.scm (references*): Remove. * tests/gexp.scm ("gexp->file", "gexp->file + file-append") ("gexp->derivation", "gexp->derivation, cross-compilation") ("gexp->derivation, ungexp + ungexp-native") ("scheme-file", "text-file*", "mixed-text-file"): Remove 'references*' instead of (store-lift references). --- guix/profiles.scm | 4 --- guix/scripts/system.scm | 3 --- guix/store.scm | 4 +++ tests/gexp.scm | 59 ++++++++++++++++++++--------------------- 4 files changed, 33 insertions(+), 37 deletions(-) diff --git a/guix/profiles.scm b/guix/profiles.scm index b56b8f4c79..0b317ef51e 100644 --- a/guix/profiles.scm +++ b/guix/profiles.scm @@ -501,10 +501,6 @@ if not found." #t)))) items)) - ;; TODO: Factorize. - (define references* - (store-lift references)) - (with-monad %store-monad (match (manifest-entry-item entry) ((? package? package) diff --git a/guix/scripts/system.scm b/guix/scripts/system.scm index 71ddccfa61..bb373a6726 100644 --- a/guix/scripts/system.scm +++ b/guix/scripts/system.scm @@ -77,9 +77,6 @@ ;;; Installation. ;;; -;; TODO: Factorize. -(define references* - (store-lift references)) (define topologically-sorted* (store-lift topologically-sorted)) diff --git a/guix/store.scm b/guix/store.scm index 3047dc39b9..7f54b87db1 100644 --- a/guix/store.scm +++ b/guix/store.scm @@ -98,6 +98,7 @@ built-in-builders references references/substitutes + references* requisites referrers optimize-store @@ -1170,6 +1171,9 @@ where FILE is the entry's absolute file name and STAT is the result of (define set-build-options* (store-lift set-build-options)) +(define references* + (store-lift references)) + (define-inlinable (current-system) ;; Consult the %CURRENT-SYSTEM fluid at bind time. This is equivalent to ;; (lift0 %current-system %store-monad), but inlinable, thus avoiding diff --git a/tests/gexp.scm b/tests/gexp.scm index 214e7a5302..354d28f014 100644 --- a/tests/gexp.scm +++ b/tests/gexp.scm @@ -375,7 +375,7 @@ (drv (gexp->file "foo" exp)) (out -> (derivation->output-path drv)) (done (built-derivations (list drv))) - (refs ((store-lift references) out))) + (refs (references* out))) (return (and (equal? sexp (call-with-input-file out read)) (equal? (list guile) refs))))) @@ -386,7 +386,7 @@ (drv (gexp->file "foo" exp)) (out -> (derivation->output-path drv)) (done (built-derivations (list drv))) - (refs ((store-lift references) out))) + (refs (references* out))) (return (and (equal? (string-append guile "/bin/guile") (call-with-input-file out read)) (equal? (list guile) refs))))) @@ -407,8 +407,8 @@ (out -> (derivation->output-path drv)) (out2 -> (derivation->output-path drv "2nd")) (done (built-derivations (list drv))) - (refs ((store-lift references) out)) - (refs2 ((store-lift references) out2)) + (refs (references* out)) + (refs2 (references* out2)) (guile (package-file %bootstrap-guile "bin/guile"))) (return (and (string=? (readlink (string-append out "/foo")) guile) (string=? (readlink out2) file) @@ -481,7 +481,7 @@ (ungexp output)))) (xdrv (gexp->derivation "foo" exp #:target target)) - (refs ((store-lift references) + (refs (references* (derivation-file-name xdrv))) (xcu (package->cross-derivation coreutils target)) @@ -506,7 +506,7 @@ (ungexp output)))) (xdrv (gexp->derivation "foo" exp #:target target)) - (refs ((store-lift references) + (refs (references* (derivation-file-name xdrv))) (xglibc (package->cross-derivation glibc target)) (cu (package->derivation coreutils))) @@ -808,34 +808,33 @@ (out -> (derivation->output-path drv))) (mbegin %store-monad (built-derivations (list drv)) - (mlet %store-monad ((refs ((store-lift references) out))) + (mlet %store-monad ((refs (references* out))) (return (and (equal? refs (list text)) (equal? `(list "foo" ,text) (call-with-input-file out read))))))))) (test-assert "text-file*" - (let ((references (store-lift references))) - (run-with-store %store - (mlet* %store-monad - ((drv (package->derivation %bootstrap-guile)) - (guile -> (derivation->output-path drv)) - (file (text-file "bar" "This is bar.")) - (text (text-file* "foo" - %bootstrap-guile "/bin/guile " - (gexp-input %bootstrap-guile "out") "/bin/guile " - drv "/bin/guile " - file)) - (done (built-derivations (list text))) - (out -> (derivation->output-path text)) - (refs (references out))) - ;; Make sure we get the right references and the right content. - (return (and (lset= string=? refs (list guile file)) - (equal? (call-with-input-file out get-string-all) - (string-append guile "/bin/guile " - guile "/bin/guile " - guile "/bin/guile " - file))))) - #:guile-for-build (package-derivation %store %bootstrap-guile)))) + (run-with-store %store + (mlet* %store-monad + ((drv (package->derivation %bootstrap-guile)) + (guile -> (derivation->output-path drv)) + (file (text-file "bar" "This is bar.")) + (text (text-file* "foo" + %bootstrap-guile "/bin/guile " + (gexp-input %bootstrap-guile "out") "/bin/guile " + drv "/bin/guile " + file)) + (done (built-derivations (list text))) + (out -> (derivation->output-path text)) + (refs (references* out))) + ;; Make sure we get the right references and the right content. + (return (and (lset= string=? refs (list guile file)) + (equal? (call-with-input-file out get-string-all) + (string-append guile "/bin/guile " + guile "/bin/guile " + guile "/bin/guile " + file))))) + #:guile-for-build (package-derivation %store %bootstrap-guile))) (test-assertm "mixed-text-file" (mlet* %store-monad ((file -> (mixed-text-file "mixed" @@ -847,7 +846,7 @@ (guile -> (derivation->output-path guile-drv))) (mbegin %store-monad (built-derivations (list drv)) - (mlet %store-monad ((refs ((store-lift references) out))) + (mlet %store-monad ((refs (references* out))) (return (and (string=? (string-append "export PATH=" guile "/bin") (call-with-input-file out get-string-all)) (equal? refs (list guile)))))))) From fac46e3f5e55f9de6fa2ab8082bc418139590fc0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sat, 19 Nov 2016 18:06:46 +0100 Subject: [PATCH 075/161] lint: Add 'mirror-url' checker. * guix/scripts/lint.scm (origin-uris): New procedure. (check-source): Use it. (check-mirror-url): New procedure. (%checkers): Add 'mirror-url' checker. * tests/lint.scm ("mirror-url") ("mirror-url: one suggestion"): New tests. * doc/guix.texi (Invoking guix lint): Document it. --- doc/guix.texi | 4 +++- guix/scripts/lint.scm | 43 +++++++++++++++++++++++++++++++++++++++---- tests/lint.scm | 19 +++++++++++++++++++ 3 files changed, 61 insertions(+), 5 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 0e70830d02..7352ea973f 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -5379,9 +5379,11 @@ Identify inputs that should most likely be native inputs. @item source @itemx home-page +@itemx mirror-url @itemx source-file-name Probe @code{home-page} and @code{source} URLs and report those that are -invalid. Check that the source file name is meaningful, e.g. is not +invalid. Suggest a @code{mirror://} URL when applicable. Check that +the source file name is meaningful, e.g. is not just a version number or ``git-checkout'', without a declared @code{file-name} (@pxref{origin Reference}). diff --git a/guix/scripts/lint.scm b/guix/scripts/lint.scm index 6e6f550941..9641d3926a 100644 --- a/guix/scripts/lint.scm +++ b/guix/scripts/lint.scm @@ -65,6 +65,7 @@ check-home-page check-source check-source-file-name + check-mirror-url check-license check-vulnerabilities check-formatting @@ -567,6 +568,14 @@ descriptions maintained upstream." (location->string loc) (package-full-name package) (fill-paragraph (escape-quotes upstream) 77 7))))))) +(define (origin-uris origin) + "Return the list of URIs (strings) for ORIGIN." + (match (origin-uri origin) + ((? string? uri) + (list uri)) + ((uris ...) + uris))) + (define (check-source package) "Emit a warning if PACKAGE has an invalid 'source' field, or if that 'source' is not reachable." @@ -583,10 +592,7 @@ descriptions maintained upstream." (let ((origin (package-source package))) (when (and origin (eqv? (origin-method origin) url-fetch)) - (let* ((strings (origin-uri origin)) - (uris (if (list? strings) - (map string->uri strings) - (list (string->uri strings))))) + (let ((uris (map string->uri (origin-uris origin)))) ;; Just make sure that at least one of the URIs is valid. (call-with-values @@ -626,6 +632,31 @@ descriptions maintained upstream." (_ "the source file name should contain the package name") 'source)))) +(define (check-mirror-url package) + "Check whether PACKAGE uses source URLs that should be 'mirror://'." + (define (check-mirror-uri uri) ;XXX: could be optimized + (let loop ((mirrors %mirrors)) + (match mirrors + (() + #t) + (((mirror-id mirror-urls ...) rest ...) + (match (find (cut string-prefix? <> uri) mirror-urls) + (#f + (loop rest)) + (prefix + (emit-warning package + (format #f (_ "URL should be \ +'mirror://~a/~a'") + mirror-id + (string-drop uri (string-length prefix))) + 'source))))))) + + (let ((origin (package-source package))) + (when (and (origin? origin) + (eqv? (origin-method origin) url-fetch)) + (let ((uris (origin-uris origin))) + (for-each check-mirror-uri uris))))) + (define (check-derivation package) "Emit a warning if we fail to compile PACKAGE to a derivation." (catch #t @@ -863,6 +894,10 @@ or a list thereof") (name 'source) (description "Validate source URLs") (check check-source)) + (lint-checker + (name 'mirror-url) + (description "Suggest 'mirror://' URLs") + (check check-mirror-url)) (lint-checker (name 'source-file-name) (description "Validate file names of sources") diff --git a/tests/lint.scm b/tests/lint.scm index cf1b95ee69..0c534562a4 100644 --- a/tests/lint.scm +++ b/tests/lint.scm @@ -508,6 +508,25 @@ (check-source pkg)))) "not reachable: 404"))) +(test-assert "mirror-url" + (string-null? + (with-warnings + (let ((source (origin + (method url-fetch) + (uri "http://example.org/foo/bar.tar.gz") + (sha256 %null-sha256)))) + (check-mirror-url (dummy-package "x" (source source))))))) + +(test-assert "mirror-url: one suggestion" + (string-contains + (with-warnings + (let ((source (origin + (method url-fetch) + (uri "http://ftp.gnu.org/pub/gnu/foo/foo.tar.gz") + (sha256 %null-sha256)))) + (check-mirror-url (dummy-package "x" (source source))))) + "mirror://gnu/foo/foo.tar.gz")) + (test-assert "cve" (mock ((guix scripts lint) package-vulnerabilities (const '())) (string-null? From 6129dd8b5989f77b2976c68ecdf1f7dbfa63ec46 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sat, 19 Nov 2016 18:34:54 +0100 Subject: [PATCH 076/161] vm: Disable initrd-time QEMU networking for VM images. Fixes . Reported by dian_cecht@zoho.com. * gnu/system/vm.scm (system-qemu-image)[initrd]: Remove #:qemu-networking? #t. (virtualized-operating-system): Likewise --- gnu/system/vm.scm | 2 -- 1 file changed, 2 deletions(-) diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm index 03f7d6c913..1e680b85a2 100644 --- a/gnu/system/vm.scm +++ b/gnu/system/vm.scm @@ -317,7 +317,6 @@ of the GNU system as described by OS." (initrd (lambda (file-systems . rest) (apply base-initrd file-systems #:virtio? #t - #:qemu-networking? #t rest))) ;; Force our own root file system. @@ -386,7 +385,6 @@ environment with the store shared with the host. MAPPINGS is a list of (apply base-initrd file-systems #:volatile-root? #t #:virtio? #t - #:qemu-networking? #t rest))) ;; Disable swap. From 966a543b369bad3d35f8c1e3fa30c34687217427 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sat, 19 Nov 2016 18:42:12 +0100 Subject: [PATCH 077/161] gnu: Use 'mirror://' URLs in several places. * gnu/packages/emacs.scm (m17n-lib)[source]: Use 'mirror://'. * gnu/packages/games.scm (extremetuxracer)[source]: Likewise. * gnu/packages/gcc.scm (%gcc-infrastructure): Likewise. * gnu/packages/gtk.scm (python2-pygtk)[source]: Likewise. * gnu/packages/perl.scm (perl)[source]: Likewise. * gnu/packages/telephony.scm (exosip)[source]: Likewise. * gnu/packages/wm.scm (xmonad)[source]: Likewise. (ghc-xmonad-contrib)[source]: Likewise. --- gnu/packages/emacs.scm | 5 ++--- gnu/packages/games.scm | 2 +- gnu/packages/gcc.scm | 2 +- gnu/packages/gtk.scm | 2 +- gnu/packages/perl.scm | 2 +- gnu/packages/telephony.scm | 5 ++--- gnu/packages/wm.scm | 4 ++-- 7 files changed, 10 insertions(+), 12 deletions(-) diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index ec672bce8c..a5dd7a961f 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -3355,9 +3355,8 @@ This package contains the library database.") (source (origin (method url-fetch) - (uri (string-append - "http://download.savannah.gnu.org/releases/m17n/m17n-lib-" - version ".tar.gz")) + (uri (string-append "mirror://savannah/m17n/m17n-lib-" + version ".tar.gz")) (sha256 (base32 "10yv730i25g1rpzv6q49m6xn4p8fjm7jdwvik2h70sn8w3hm7f4f")))) (build-system gnu-build-system) diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm index e8f848a07f..e6a970a22c 100644 --- a/gnu/packages/games.scm +++ b/gnu/packages/games.scm @@ -946,7 +946,7 @@ Protocol).") (source (origin (method url-fetch) (uri (string-append - "http://downloads.sourceforge.net/project/extremetuxracer/releases/" + "mirror://sourceforge/extremetuxracer/releases/" version "/etr-" version ".tar.xz")) (sha256 (base32 diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm index e190e508a7..c26cc4f497 100644 --- a/gnu/packages/gcc.scm +++ b/gnu/packages/gcc.scm @@ -45,7 +45,7 @@ (define %gcc-infrastructure ;; Base URL for GCC's infrastructure. - "ftp://gcc.gnu.org/pub/gcc/infrastructure/") + "mirror://gcc/infrastructure/") (define (gcc-configure-flags-for-triplet target) "Return a list of additional GCC `configure' flags for TARGET, a GNU triplet. diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm index 7fa7e12b1b..6a9e7cf4d2 100644 --- a/gnu/packages/gtk.scm +++ b/gnu/packages/gtk.scm @@ -1116,7 +1116,7 @@ extensive documentation, including API reference and a tutorial.") (source (origin (method url-fetch) - (uri (string-append "http://ftp.gnome.org/pub/GNOME/sources" + (uri (string-append "mirror://gnome/sources" "/pygtk/" (version-major+minor version) "/pygtk-" version ".tar.bz2")) (sha256 diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm index a044a32b32..ab6120142d 100644 --- a/gnu/packages/perl.scm +++ b/gnu/packages/perl.scm @@ -48,7 +48,7 @@ (version "5.24.0") (source (origin (method url-fetch) - (uri (string-append "http://www.cpan.org/src/5.0/perl-" + (uri (string-append "mirror://cpan/src/5.0/perl-" version ".tar.gz")) (sha256 (base32 diff --git a/gnu/packages/telephony.scm b/gnu/packages/telephony.scm index 8f2a10f2c5..3d5e58ec2d 100644 --- a/gnu/packages/telephony.scm +++ b/gnu/packages/telephony.scm @@ -134,9 +134,8 @@ to initiate and control SIP sessions.") (version "4.1.0") (source (origin (method url-fetch) - (uri (string-append - "http://download.savannah.gnu.org/releases/exosip/libeXosip2-" - version ".tar.gz")) + (uri (string-append "mirror://savannah/exosip/libeXosip2-" + version ".tar.gz")) (sha256 (base32 "17cna8kpc8nk1si419vgr6r42k2lda0rdk50vlxrw8rzg0xp2xrw")))) (build-system gnu-build-system) diff --git a/gnu/packages/wm.scm b/gnu/packages/wm.scm index 90d1dc1e33..999f78927f 100644 --- a/gnu/packages/wm.scm +++ b/gnu/packages/wm.scm @@ -299,7 +299,7 @@ prompt.") (synopsis "Tiling window manager") (source (origin (method url-fetch) - (uri (string-append "http://hackage.haskell.org/package/xmonad/" + (uri (string-append "mirror://hackage/package/xmonad/" name "-" version ".tar.gz")) (sha256 (base32 @@ -355,7 +355,7 @@ tiled on several screens.") (source (origin (method url-fetch) - (uri (string-append "http://hackage.haskell.org/package/xmonad-contrib/" + (uri (string-append "mirror://hackage/package/xmonad-contrib/" "xmonad-contrib-" version ".tar.gz")) (sha256 (base32 From 9b62c5a8fb588aac5002b899e3b1a3b0ac1bb428 Mon Sep 17 00:00:00 2001 From: Ben Woodcroft Date: Sat, 19 Nov 2016 09:00:22 +1000 Subject: [PATCH 078/161] gnu: ruby: Replace with ruby-2.3.2 [fixes CVE-2015-3900]. * gnu/packages/ruby.scm (ruby)[replacement]: New field. (ruby-2.3.2): New variable. --- gnu/packages/ruby.scm | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index b6cb0a243d..1abea02bb5 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -47,6 +47,7 @@ (define-public ruby (package (name "ruby") + (replacement ruby-2.3.2) (version "2.3.1") (source (origin @@ -101,6 +102,25 @@ a focus on simplicity and productivity.") (home-page "https://ruby-lang.org") (license license:ruby))) +(define ruby-2.3.2 + (package + (inherit ruby) + (version "2.3.2") + (source + (origin + (method url-fetch) + (uri (string-append "http://cache.ruby-lang.org/pub/ruby/" + (version-major+minor version) + "/ruby-" version ".tar.xz")) + (sha256 + (base32 + "031g76zxb2wp6988dmrpbqd98i17xi6l8q1115h83r2w0h8z6y2w")) + (modules '((guix build utils))) + (snippet `(begin + ;; Remove bundled libffi + (delete-file-recursively "ext/fiddle/libffi-3.2.1") + #t)))))) + (define-public ruby-2.2 (package (inherit ruby) (version "2.2.6") From 13172f0d794b1503a2474bca45719b39fd26bdc4 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Sat, 19 Nov 2016 22:28:07 -0500 Subject: [PATCH 079/161] gnu: linux-libre@4.4: Update to 4.4.33. * gnu/packages/linux.scm (linux-libre-4.4): Update to 4.4.33. --- gnu/packages/linux.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 9518de4782..2cb984f933 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -333,8 +333,8 @@ It has been modified to remove all non-free binary blobs.") #:configuration-file kernel-config)) (define-public linux-libre-4.4 - (make-linux-libre "4.4.32" - "0xva00ccdx66pd25i88g4j4r7w5i3n12hq5biyapwir8izni58hv" + (make-linux-libre "4.4.33" + "0d8axxymb51wh4gdhg674z3wjx4vpcl71cn4z44lml9xbnhhppkx" %intel-compatible-systems #:configuration-file kernel-config)) From 5a1ef07d3ec3e97385cf2885b91105ce2a90c324 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Sat, 19 Nov 2016 22:29:38 -0500 Subject: [PATCH 080/161] gnu: linux-libre: Update to 4.8.9. * gnu/packages/linux.scm (%linux-libre-version, %linux-libre-hash) (linux-libre): Update to 4.8.9. --- gnu/packages/linux.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 2cb984f933..e22d3c3101 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -327,8 +327,8 @@ It has been modified to remove all non-free binary blobs.") (define %intel-compatible-systems '("x86_64-linux" "i686-linux")) (define-public linux-libre - (make-linux-libre "4.8.8" - "0gy3i0841yqz1c5441jcvjivy8afx2xf8m3cjbx6wymg8b1bc4c3" + (make-linux-libre "4.8.9" + "0b2j8zxz3z2gc302cdgsmbbnfzswpq558bmv13rbcgrknm9fgzmj" %intel-compatible-systems #:configuration-file kernel-config)) @@ -345,8 +345,8 @@ It has been modified to remove all non-free binary blobs.") #:configuration-file kernel-config)) ;; Avoid rebuilding kernel variants when there is a minor version bump. -(define %linux-libre-version "4.8.8") -(define %linux-libre-hash "0gy3i0841yqz1c5441jcvjivy8afx2xf8m3cjbx6wymg8b1bc4c3") +(define %linux-libre-version "4.8.9") +(define %linux-libre-hash "0b2j8zxz3z2gc302cdgsmbbnfzswpq558bmv13rbcgrknm9fgzmj") (define-public linux-libre-arm-generic (make-linux-libre %linux-libre-version From 9fff9e6484a1ebe5246e2811c5d74fbdab43313c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=AE=8B=E6=96=87=E6=AD=A6?= Date: Sun, 20 Nov 2016 11:59:38 +0800 Subject: [PATCH 081/161] gnu: gtk-engines: Don't propagate GTK+. * gnu/packages/gtk.scm (gtk-engines): Move gtk+ to 'inputs'. --- gnu/packages/gtk.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm index 6a9e7cf4d2..17bd9c9b00 100644 --- a/gnu/packages/gtk.scm +++ b/gnu/packages/gtk.scm @@ -1289,7 +1289,8 @@ can also be used to document application code.") (native-inputs `(("pkg-config" ,pkg-config) ("intltool" ,intltool))) - (propagated-inputs + (inputs + ;; Don't propagate GTK+ to reduce "profile pollution". `(("gtk+" ,gtk+-2))) ; required by gtk-engines-2.pc (home-page "http://live.gnome.org/GnomeArt") (synopsis "Theming engines for GTK+ 2.x") From 764c5662211793d381b6c4a85f6a1ef4ad353c3f Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 19 Nov 2016 13:28:16 -0500 Subject: [PATCH 082/161] gnu: gnupg: Update to 2.1.16. * gnu/packages/gnupg.scm (gnupg): Update to 2.1.16. [arguments]: Remove obsolete substitution from 'patch-paths' phase. Remove 'set-home' phase. Add 'set-gnupg-home' phase. --- gnu/packages/gnupg.scm | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm index fccaa9708f..0a6eba236c 100644 --- a/gnu/packages/gnupg.scm +++ b/gnu/packages/gnupg.scm @@ -213,14 +213,14 @@ compatible to GNU Pth.") (define-public gnupg (package (name "gnupg") - (version "2.1.15") + (version "2.1.16") (source (origin (method url-fetch) (uri (string-append "mirror://gnupg/gnupg/gnupg-" version ".tar.bz2")) (sha256 (base32 - "1pgz02gd84ab94w4xdg67p9z8kvkyr9d523bvcxxd2hviwh1m362")))) + "0i483m9q032a0s50f1izb213g4h5i7pcgn395m6hvl3sg2kadfa9")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) @@ -245,8 +245,6 @@ compatible to GNU Pth.") (modify-phases %standard-phases (add-before 'configure 'patch-paths (lambda* (#:key inputs #:allow-other-keys) - (substitute* "tests/openpgp/defs.inc" - (("/bin/pwd") (which "pwd"))) (substitute* "scd/scdaemon.c" (("\"(libpcsclite\\.so[^\"]*)\"" _ name) (string-append "\"" (assoc-ref inputs "pcsc-lite") @@ -256,13 +254,12 @@ compatible to GNU Pth.") (lambda _ (substitute* (find-files "tests" ".\\.scm$") (("/usr/bin/env gpgscm") - (string-append (getcwd) "/tests/gpgscm/gpgscm"))))) - (add-before 'check 'set-home - ;; Some tests require write access to $HOME, otherwise leading to - ;; 'failed to create directory /homeless-shelter/.asy' error. - ;; TODO Try removing this phase for GnuPG 2.1.16. + (string-append (getcwd) "/tests/gpgscm/gpgscm"))) + #t)) + ;; If this variable is undefined, /bin/pwd is invoked. + (add-before 'check 'set-gnupg-home (lambda _ - (setenv "HOME" "/tmp") + (setenv "GNUPGHOME" (getcwd)) #t))))) (home-page "https://gnupg.org/") (synopsis "GNU Privacy Guard") From 25291aca748b8bf42bebb67134fa12a5c5980aeb Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sun, 20 Nov 2016 11:02:02 -0500 Subject: [PATCH 083/161] gnu: python-icalendar: Update to 3.11. * gnu/packages/python.scm (python-icalendar): Update to 3.11. --- gnu/packages/python.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 7cf1e7cf38..61bb6954e3 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -8202,13 +8202,13 @@ processes across test runs.") (define-public python-icalendar (package (name "python-icalendar") - (version "3.10") + (version "3.11") (source (origin (method url-fetch) (uri (pypi-uri "icalendar" version)) (sha256 (base32 - "01amnk3621s7fagfla86npd25knbqirchg7h1jpqxqp103d02bs7")))) + "01v2f3swd5s72x65cdihw83dx1z799b4i49a6ncg7vqmcm20wapd")))) (build-system python-build-system) (propagated-inputs `(("python-dateutil-2" ,python-dateutil-2) From 43ffe220c87a8be28ec340e4a169d00f4b26905c Mon Sep 17 00:00:00 2001 From: Nicolas Goaziou Date: Sun, 20 Nov 2016 15:52:36 +0100 Subject: [PATCH 084/161] gnu: lilypond: Update to 2.19.51. * gnu/packages/music.scm (lilypond): Update to 2.19.51. Signed-off-by: Marius Bakke --- gnu/packages/music.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index 4ec6d6e4c2..b32b084533 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -504,7 +504,7 @@ interface. It is implemented as a frontend to @code{klick}.") (define-public lilypond (package (name "lilypond") - (version "2.19.33") + (version "2.19.51") (source (origin (method url-fetch) (uri (string-append @@ -513,7 +513,7 @@ interface. It is implemented as a frontend to @code{klick}.") name "-" version ".tar.gz")) (sha256 (base32 - "0s4vbbfy4xwq4da4kmlnndalmcyx2jaz7y8praah2146qbnr90xh")))) + "1b4jvc0fixbnp8x457fzk5wgb4zd03npwwivp60kc27fmv63w5l1")))) (build-system gnu-build-system) (arguments `(#:tests? #f ; out-test/collated-files.html fails From b28a33512f5762d63f76915a5b3e5dae82c1f4b8 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Thu, 17 Nov 2016 18:53:10 +0100 Subject: [PATCH 085/161] gnu: Add sqlite-3.15.1. * gnu/packages/databases.scm (sqlite-3.15.1): New variable. --- gnu/packages/databases.scm | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index ab9c6d6ba6..d6746f092f 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -558,6 +558,26 @@ widely deployed SQL database engine in the world. The source code for SQLite is in the public domain.") (license public-domain))) +(define-public sqlite-3.15.1 + (package (inherit sqlite) + (version "3.15.1") + (source (origin + (method url-fetch) + (uri (let ((numeric-version + (match (string-split version #\.) + ((first-digit other-digits ...) + (string-append first-digit + (string-pad-right + (string-concatenate + (map (cut string-pad <> 2 #\0) + other-digits)) + 6 #\0)))))) + (string-append "https://sqlite.org/2016/sqlite-autoconf-" + numeric-version ".tar.gz"))) + (sha256 + (base32 + "1ig2d9jzzixiifmgqsl6kjcvy17jwxby3s24gfnc5qvyd6vqkyjx")))))) + (define-public tdb (package (name "tdb") From 1845c2a4362c96d7feea3132f21aec34a607f855 Mon Sep 17 00:00:00 2001 From: Julien Lepiller Date: Fri, 11 Nov 2016 15:18:29 +0100 Subject: [PATCH 086/161] gnu: Add php. * gnu/packages/php.scm: New file. * gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch: New file. * gnu/packages/patches/gd-fix-truecolor-format-correction.patch: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add php. (dist_patch_DATA): Add gd patches. Co-authored-by: Marius Bakke --- gnu/local.mk | 3 + .../gd-fix-chunk-size-on-boundaries.patch | 102 ++++++ .../gd-fix-truecolor-format-correction.patch | 95 +++++ gnu/packages/php.scm | 334 ++++++++++++++++++ 4 files changed, 534 insertions(+) create mode 100644 gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch create mode 100644 gnu/packages/patches/gd-fix-truecolor-format-correction.patch create mode 100644 gnu/packages/php.scm diff --git a/gnu/local.mk b/gnu/local.mk index 7112451586..df7fb4c995 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -295,6 +295,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/pem.scm \ %D%/packages/perl.scm \ %D%/packages/photo.scm \ + %D%/packages/php.scm \ %D%/packages/pkg-config.scm \ %D%/packages/plotutils.scm \ %D%/packages/polkit.scm \ @@ -551,8 +552,10 @@ dist_patch_DATA = \ %D%/packages/patches/gcc-6-cross-environment-variables.patch \ %D%/packages/patches/gd-CVE-2016-7568.patch \ %D%/packages/patches/gd-CVE-2016-8670.patch \ + %D%/packages/patches/gd-fix-chunk-size-on-boundaries.patch \ %D%/packages/patches/gd-fix-gd2-read-test.patch \ %D%/packages/patches/gd-fix-tests-on-i686.patch \ + %D%/packages/patches/gd-fix-truecolor-format-correction.patch \ %D%/packages/patches/gegl-CVE-2012-4433.patch \ %D%/packages/patches/geoclue-config.patch \ %D%/packages/patches/ghostscript-CVE-2013-5653.patch \ diff --git a/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch b/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch new file mode 100644 index 0000000000..e395c66d89 --- /dev/null +++ b/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch @@ -0,0 +1,102 @@ +This fixes PHP bug #73155: https://bugs.php.net/bug.php?id=73155 + +Patch adapted from upstream source repository: + +https://github.com/libgd/libgd/commit/8067a8ac336dfe0acbe96ec2eb24572209a7f279 + +(.gitignore change removed) + +From 8067a8ac336dfe0acbe96ec2eb24572209a7f279 Mon Sep 17 00:00:00 2001 +From: "Christoph M. Becker" +Date: Fri, 23 Sep 2016 18:29:52 +0200 +Subject: [PATCH] Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries + +(cherry picked from commit bb1998a16e30d542ab22eba5501911a9aa066edb) +--- + src/gd_gd2.c | 4 ++-- + tests/gd2/CMakeLists.txt | 1 + + tests/gd2/Makemodule.am | 1 + + tests/gd2/bug00309.c | 37 +++++++++++++++++++++++++++++++++++++ + 4 files changed, 41 insertions(+), 2 deletions(-) + create mode 100644 tests/gd2/bug00309.c + +diff --git a/src/gd_gd2.c b/src/gd_gd2.c +index 75e5e1f..b9b2f93 100644 +--- a/src/gd_gd2.c ++++ b/src/gd_gd2.c +@@ -938,8 +938,8 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt) + }; + + /* Work out number of chunks. */ +- ncx = im->sx / cs + 1; +- ncy = im->sy / cs + 1; ++ ncx = (im->sx + cs - 1) / cs; ++ ncy = (im->sy + cs - 1) / cs; + + /* Write the standard header. */ + _gd2PutHeader (im, out, cs, fmt, ncx, ncy); +diff --git a/tests/gd2/CMakeLists.txt b/tests/gd2/CMakeLists.txt +index 3b650ad..247b466 100644 +--- a/tests/gd2/CMakeLists.txt ++++ b/tests/gd2/CMakeLists.txt +@@ -1,5 +1,6 @@ + SET(TESTS_FILES + bug_289 ++ bug00309 + gd2_empty_file + gd2_im2im + gd2_null +diff --git a/tests/gd2/Makemodule.am b/tests/gd2/Makemodule.am +index b8ee946..d69aee0 100644 +--- a/tests/gd2/Makemodule.am ++++ b/tests/gd2/Makemodule.am +@@ -1,5 +1,6 @@ + libgd_test_programs += \ + gd2/bug_289 \ ++ gd2/bug00309 \ + gd2/gd2_empty_file \ + gd2/php_bug_72339 \ + gd2/gd2_read_corrupt +diff --git a/tests/gd2/bug00309.c b/tests/gd2/bug00309.c +new file mode 100644 +index 0000000..b649cdc +--- /dev/null ++++ b/tests/gd2/bug00309.c +@@ -0,0 +1,37 @@ ++/** ++ * Regression test for . ++ * ++ * We test that an image with 64x64 pixels reports only a single chunk in the ++ * GD2 image header when the chunk size is 64. ++ */ ++ ++ ++#include "gd.h" ++#include "gdtest.h" ++ ++ ++int main() ++{ ++ gdImagePtr im; ++ unsigned char *buf; ++ int size, word; ++ ++ im = gdImageCreate(64, 64); ++ gdImageColorAllocate(im, 0, 0, 0); ++ ++ buf = gdImageGd2Ptr(im, 64, 1, &size); ++ ++ gdImageDestroy(im); ++ ++ word = buf[10] << 8 | buf[11]; ++ gdTestAssertMsg(word == 64, "chunk size is %d, but expected 64\n", word); ++ word = buf[14] << 8 | buf[15]; ++ gdTestAssertMsg(word == 1, "x chunk count is %d, but expected 1\n", word); ++ word = buf[16] << 8 | buf[17]; ++ gdTestAssertMsg(word == 1, "y chunk count is %d, but expected 1\n", word); ++ gdTestAssertMsg(size == 5145, "file size is %d, but expected 5145\n", size); ++ ++ gdFree(buf); ++ ++ return gdNumFailures(); ++} diff --git a/gnu/packages/patches/gd-fix-truecolor-format-correction.patch b/gnu/packages/patches/gd-fix-truecolor-format-correction.patch new file mode 100644 index 0000000000..be3eff9327 --- /dev/null +++ b/gnu/packages/patches/gd-fix-truecolor-format-correction.patch @@ -0,0 +1,95 @@ +This fixes PHP bug #73159: https://bugs.php.net/bug.php?id=73159 + +Patch lifted from upstream source repository: + +https://github.com/libgd/libgd/commit/e1f61a4141d2e0937a13b8bfb1992b9f29eb05f5 + +From e1f61a4141d2e0937a13b8bfb1992b9f29eb05f5 Mon Sep 17 00:00:00 2001 +From: "Christoph M. Becker" +Date: Mon, 15 Aug 2016 17:49:40 +0200 +Subject: [PATCH] Fix #289: Passing unrecognized formats to gdImageGd2 results + in corrupted files + +We must not apply the format correction twice for truecolor images. + +(cherry picked from commit 09090c125658e23a4ae2a2e002646bb7278bd89e) +--- + src/gd_gd2.c | 2 +- + tests/gd2/CMakeLists.txt | 1 + + tests/gd2/Makemodule.am | 1 + + tests/gd2/bug_289.c | 33 +++++++++++++++++++++++++++++++++ + 4 files changed, 36 insertions(+), 1 deletion(-) + create mode 100644 tests/gd2/bug_289.c + +diff --git a/src/gd_gd2.c b/src/gd_gd2.c +index 86c881e..75e5e1f 100644 +--- a/src/gd_gd2.c ++++ b/src/gd_gd2.c +@@ -918,7 +918,7 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt) + /* Force fmt to a valid value since we don't return anything. */ + /* */ + if ((fmt != GD2_FMT_RAW) && (fmt != GD2_FMT_COMPRESSED)) { +- fmt = im->trueColor ? GD2_FMT_TRUECOLOR_COMPRESSED : GD2_FMT_COMPRESSED; ++ fmt = GD2_FMT_COMPRESSED; + }; + if (im->trueColor) { + fmt += 2; +diff --git a/tests/gd2/CMakeLists.txt b/tests/gd2/CMakeLists.txt +index 8aecacc..3b650ad 100644 +--- a/tests/gd2/CMakeLists.txt ++++ b/tests/gd2/CMakeLists.txt +@@ -1,4 +1,5 @@ + SET(TESTS_FILES ++ bug_289 + gd2_empty_file + gd2_im2im + gd2_null +diff --git a/tests/gd2/Makemodule.am b/tests/gd2/Makemodule.am +index 754a284..b8ee946 100644 +--- a/tests/gd2/Makemodule.am ++++ b/tests/gd2/Makemodule.am +@@ -1,4 +1,5 @@ + libgd_test_programs += \ ++ gd2/bug_289 \ + gd2/gd2_empty_file \ + gd2/php_bug_72339 \ + gd2/gd2_read_corrupt +diff --git a/tests/gd2/bug_289.c b/tests/gd2/bug_289.c +new file mode 100644 +index 0000000..ad311e9 +--- /dev/null ++++ b/tests/gd2/bug_289.c +@@ -0,0 +1,33 @@ ++/** ++ * Passing an unrecognized format to gdImageGd2() should result in ++ * GD2_FMT_TRUECOLOR_COMPRESSED for truecolor images. ++ * ++ * See . ++ */ ++ ++#include "gd.h" ++#include "gdtest.h" ++ ++ ++#define GD2_FMT_UNRECOGNIZED 0 ++#define GD2_FMT_TRUECOLOR_COMPRESSED 4 ++ ++#define MSG "expected %s byte to be %d, but got %d\n" ++ ++ ++int main() ++{ ++ gdImagePtr im; ++ char *buffer; ++ int size; ++ ++ im = gdImageCreateTrueColor(10, 10); ++ gdTestAssert(im != NULL); ++ buffer = (char *) gdImageGd2Ptr(im, 128, GD2_FMT_UNRECOGNIZED, &size); ++ gdTestAssert(buffer != NULL); ++ gdImageDestroy(im); ++ gdTestAssertMsg(buffer[12] == 0, MSG, "1st", 0, buffer[12]); ++ gdTestAssertMsg(buffer[13] == GD2_FMT_TRUECOLOR_COMPRESSED, MSG, "2nd", GD2_FMT_TRUECOLOR_COMPRESSED, buffer[13]); ++ ++ return gdNumFailures(); ++} diff --git a/gnu/packages/php.scm b/gnu/packages/php.scm new file mode 100644 index 0000000000..9ccbede873 --- /dev/null +++ b/gnu/packages/php.scm @@ -0,0 +1,334 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 Julien Lepiller +;;; Copyright © 2016 Marius Bakke +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages php) + #:use-module (gnu packages) + #:use-module (gnu packages algebra) + #:use-module (gnu packages aspell) + #:use-module (gnu packages base) + #:use-module (gnu packages bison) + #:use-module (gnu packages compression) + #:use-module (gnu packages curl) + #:use-module (gnu packages cyrus-sasl) + #:use-module (gnu packages databases) + #:use-module (gnu packages fontutils) + #:use-module (gnu packages gd) + #:use-module (gnu packages gettext) + #:use-module (gnu packages glib) + #:use-module (gnu packages gnupg) + #:use-module (gnu packages image) + #:use-module (gnu packages linux) + #:use-module (gnu packages multiprecision) + #:use-module (gnu packages openldap) + #:use-module (gnu packages pcre) + #:use-module (gnu packages pkg-config) + #:use-module (gnu packages readline) + #:use-module (gnu packages textutils) + #:use-module (gnu packages tls) + #:use-module (gnu packages web) + #:use-module (gnu packages xml) + #:use-module (gnu packages xorg) + #:use-module (gnu packages zip) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix build-system gnu) + #:use-module ((guix licenses) #:prefix license:)) + +;; This fixes PHP bugs 73155 and 73159. Remove when gd +;; is updated to > 2.2.3. +(define gd-for-php + (package (inherit gd) + (source + (origin + (inherit (package-source gd)) + (patches (search-patches + "gd-fix-truecolor-format-correction.patch" + "gd-fix-chunk-size-on-boundaries.patch")))))) + +(define-public php + (package + (name "php") + (version "7.0.13") + (home-page "https://secure.php.net/") + (source (origin + (method url-fetch) + (uri (string-append home-page "distributions/" + name "-" version ".tar.xz")) + (sha256 + (base32 + "1gzihbpcp51jc587gs1ryn59hsnr7vf5427dmcvdimvm77wsfyrm")) + (modules '((guix build utils))) + (snippet + '(with-directory-excursion "ext" + (for-each delete-file-recursively + ;; Some of the bundled libraries have no proper upstream. + ;; Ideally we'd extract these out as separate packages: + ;;"mbstring/libmbfl" + ;;"date/lib" + ;;"bcmath/libbcmath" + ;;"fileinfo/libmagic" ; This is a patched version of libmagic. + '("gd/libgd" + "mbstring/oniguruma" + "pcre/pcrelib" + "sqlite3/libsqlite" + "xmlrpc/libxmlrpc" + "zip/lib")))))) + (build-system gnu-build-system) + (arguments + '(#:configure-flags + (let-syntax ((with (syntax-rules () + ((_ option input) + (string-append option "=" + (assoc-ref %build-inputs input)))))) + (list (with "--with-bz2" "bzip2") + (with "--with-curl" "curl") + (with "--with-freetype-dir" "freetype") + (with "--with-gd" "gd") + (with "--with-gdbm" "gdbm") + (with "--with-gettext" "glibc") ; libintl.h + (with "--with-gmp" "gmp") + (with "--with-jpeg-dir" "libjpeg") + (with "--with-ldap" "openldap") + (with "--with-ldap-sasl" "cyrus-sasl") + (with "--with-libzip" "zip") + (with "--with-libxml-dir" "libxml2") + (with "--with-onig" "oniguruma") + (with "--with-pcre-dir" "pcre") + (with "--with-pcre-regex" "pcre") + (with "--with-pdo-pgsql" "postgresql") + (with "--with-pdo-sqlite" "sqlite") + (with "--with-pgsql" "postgresql") + (with "--with-png-dir" "libpng") + ;; PHP’s Pspell extension, while retaining its current name, + ;; now uses the Aspell library. + (with "--with-pspell" "aspell") + (with "--with-readline" "readline") + (with "--with-sqlite3" "sqlite") + (with "--with-tidy" "tidy") + (with "--with-webp-dir" "libwebp") + (with "--with-xpm-dir" "libxpm") + (with "--with-xsl" "libxslt") + (with "--with-zlib-dir" "zlib") + ;; We could add "--with-snmp", but it requires netsnmp that + ;; we don't have a package for. It is used to build the snmp + ;; extension of php. + "--with-iconv" + "--with-openssl" + "--with-pdo-mysql" + "--with-zlib" + "--enable-calendar" + "--enable-dba=shared" + "--enable-exif" + "--enable-flatfile" + "--enable-fpm" + "--enable-ftp" + "--enable-inifile" + "--enable-mbstring" + "--enable-pcntl" + "--enable-sockets" + "--enable-threads")) + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'do-not-record-build-flags + (lambda _ + ;; Prevent configure flags from being stored and causing + ;; unnecessary runtime dependencies. + (substitute* "scripts/php-config.in" + (("@CONFIGURE_OPTIONS@") "") + (("@PHP_LDFLAGS@") "")) + ;; This file has ISO-8859-1 encoding. + (with-fluids ((%default-port-encoding "ISO-8859-1")) + (substitute* "main/build-defs.h.in" + (("@CONFIGURE_COMMAND@") "(omitted)"))) + #t)) + (add-before 'build 'patch-/bin/sh + (lambda _ + (substitute* '("run-tests.php" "ext/standard/proc_open.c") + (("/bin/sh") (which "sh"))) + #t)) + (add-before 'check 'prepare-tests + (lambda _ + ;; Some of these files have ISO-8859-1 encoding, whereas others + ;; use ASCII, so we can't use a "catch-all" find-files here. + (with-fluids ((%default-port-encoding "ISO-8859-1")) + (substitute* '("ext/mbstring/tests/mb_send_mail02.phpt" + "ext/mbstring/tests/mb_send_mail04.phpt" + "ext/mbstring/tests/mb_send_mail05.phpt" + "ext/mbstring/tests/mb_send_mail06.phpt") + (("/bin/cat") (which "cat")))) + (substitute* '("ext/mbstring/tests/mb_send_mail01.phpt" + "ext/mbstring/tests/mb_send_mail03.phpt" + "ext/mbstring/tests/bug52861.phpt" + "ext/standard/tests/general_functions/bug34794.phpt" + "ext/standard/tests/general_functions/bug44667.phpt" + "ext/standard/tests/general_functions/proc_open.phpt") + (("/bin/cat") (which "cat"))) + ;; The encoding of this file is not recognized, so we simply drop it. + (delete-file "ext/mbstring/tests/mb_send_mail07.phpt") + + (substitute* "ext/standard/tests/streams/bug60602.phpt" + (("'ls'") (string-append "'" (which "ls") "'"))) + + ;; Drop tests that are known to fail. + (for-each delete-file + '("ext/posix/tests/posix_getgrgid.phpt" ; Requires /etc/group. + "ext/sockets/tests/bug63000.phpt" ; Fails to detect OS. + "ext/sockets/tests/socket_shutdown.phpt" ; Requires DNS. + "ext/sockets/tests/socket_send.phpt" ; Likewise. + "ext/sockets/tests/mcast_ipv4_recv.phpt" ; Requires multicast. + ;; These needs /etc/services. + "ext/standard/tests/general_functions/getservbyname_basic.phpt" + "ext/standard/tests/general_functions/getservbyport_basic.phpt" + "ext/standard/tests/general_functions/getservbyport_variation1.phpt" + ;; And /etc/protocols. + "ext/standard/tests/network/getprotobyname_basic.phpt" + "ext/standard/tests/network/getprotobynumber_basic.phpt" + ;; And exotic locales. + "ext/standard/tests/strings/setlocale_basic1.phpt" + "ext/standard/tests/strings/setlocale_basic2.phpt" + "ext/standard/tests/strings/setlocale_basic3.phpt" + "ext/standard/tests/strings/setlocale_variation1.phpt" + + ;; XXX: These gd tests fails. Likely because our version + ;; is different from the (patched) bundled one. + ;; Here, gd quits immediately after "fatal libpng error"; while the + ;; test expects it to additionally return a "setjmp" error and warning. + "ext/gd/tests/bug39780_extern.phpt" + "ext/gd/tests/libgd00086_extern.phpt" + ;; Extra newline in gd-png output. + "ext/gd/tests/bug45799.phpt" + ;; Different error message than expected from imagecrop(). + "ext/gd/tests/bug66356.phpt" + ;; Similarly for imagecreatefromgd2(). + "ext/gd/tests/bug72339.phpt" + ;; Call to undefined function imageantialias(). They are + ;; supposed to fail anyway. + "ext/gd/tests/bug72482.phpt" + "ext/gd/tests/bug72482_2.phpt" + "ext/gd/tests/bug73213.phpt" + ;; Test expects generic "gd warning" but gets the actual function name. + "ext/gd/tests/createfromwbmp2_extern.phpt" + ;; TODO: Enable these when libgd is built with xpm support. + "ext/gd/tests/xpm2gd.phpt" + "ext/gd/tests/xpm2jpg.phpt" + "ext/gd/tests/xpm2png.phpt" + + ;; XXX: These iconv tests have the expected outcome, + ;; but with different error messages. + ;; Expects "illegal character", instead gets "unknown error (84)". + "ext/iconv/tests/bug52211.phpt" + ;; Expects "wrong charset", gets unknown error (22). + "ext/iconv/tests/iconv_mime_decode_variation3.phpt" + "ext/iconv/tests/iconv_strlen_error2.phpt" + "ext/iconv/tests/iconv_strlen_variation2.phpt" + "ext/iconv/tests/iconv_substr_error2.phpt" + ;; Expects conversion error, gets "error condition Termsig=11". + "ext/iconv/tests/iconv_strpos_error2.phpt" + "ext/iconv/tests/iconv_strrpos_error2.phpt" + ;; Similar, but iterating over multiple values. + ;; iconv breaks the loop after the first error with Termsig=11. + "ext/iconv/tests/iconv_strpos_variation4.phpt" + "ext/iconv/tests/iconv_strrpos_variation3.phpt" + + ;; XXX: These test failures appear legitimate, needs investigation. + ;; open_basedir() restriction failure. + "ext/curl/tests/bug61948.phpt" + ;; Expects a false boolean, gets empty array from glob(). + "ext/standard/tests/file/bug41655_1.phpt" + "ext/standard/tests/file/glob_variation5.phpt" + ;; Test output is correct, but in wrong order. + "ext/standard/tests/streams/proc_open_bug64438.phpt" + ;; The test expects an Array, but instead get the contents(?). + "ext/gd/tests/bug43073.phpt" + ;; imagettftext() returns wrong coordinates. + "ext/gd/tests/bug48732.phpt" + ;; Similarly for imageftbbox(). + "ext/gd/tests/bug48801.phpt" + ;; Different expected output from imagecolorallocate(). + "ext/gd/tests/bug53504.phpt" + ;; Wrong image size after scaling an image. + "ext/gd/tests/bug73272.phpt" + ;; Expects iconv to detect illegal characters, instead gets + ;; "unknown error (84)" and heap corruption(!). + "ext/iconv/tests/bug48147.phpt" + ;; Expects illegal character ".", gets "=?utf-8?Q?." + "ext/iconv/tests/bug51250.phpt" + ;; @iconv() does not return expected output. + "ext/iconv/tests/iconv003.phpt" + ;; iconv throws "buffer length exceeded" on some string checks. + "ext/iconv/tests/iconv_mime_encode.phpt" + ;; file_get_contents(): iconv stream filter + ;; ("ISO-8859-1"=>"UTF-8") unknown error. + "ext/standard/tests/file/bug43008.phpt" + ;; Table data not created in sqlite(?). + "ext/pdo_sqlite/tests/bug_42589.phpt")) + + ;; Skip tests requiring network access. + (setenv "SKIP_ONLINE_TESTS" "1") + ;; Without this variable, 'make test' passes regardless of failures. + (setenv "REPORT_EXIT_STATUS" "1") + #t))) + #:test-target "test")) + (inputs + `(("aspell" ,aspell) + ("bzip2" ,bzip2) + ("curl" ,curl) + ("cyrus-sasl" ,cyrus-sasl) + ("freetype" ,freetype) + ("gd" ,gd-for-php) + ("gdbm" ,gdbm) + ("glibc" ,glibc) + ("gmp" ,gmp) + ("libgcrypt" ,libgcrypt) + ("libjpeg" ,libjpeg) + ("libpng" ,libpng) + ("libwebp" ,libwebp) + ("libxml2" ,libxml2) + ("libxpm" ,libxpm) + ("libxslt" ,libxslt) + ("libx11" ,libx11) + ("oniguruma" ,oniguruma) + ("openldap" ,openldap) + ("openssl" ,openssl) + ("pcre" ,pcre) + ("postgresql" ,postgresql) + ("readline" ,readline) + ("sqlite" ,sqlite-3.15.1) + ("tidy" ,tidy) + ("zip" ,zip) + ("zlib" ,zlib))) + (native-inputs + `(("pkg-config" ,pkg-config) + ("bison" ,bison) + ("intltool" ,intltool) + ("procps" ,procps))) ; For tests. + (synopsis "PHP programming language") + (description + "PHP (PHP Hypertext Processor) is a server-side (CGI) scripting +language designed primarily for web development but is also used as +a general-purpose programming language. PHP code may be embedded into +HTML code, or it can be used in combination with various web template +systems, web content management systems and web frameworks." ) + (license (list + (license:non-copyleft "file://LICENSE") ; The PHP license. + (license:non-copyleft "file://Zend/LICENSE") ; The Zend license. + license:lgpl2.1 ; ext/mbstring/libmbfl + license:lgpl2.1+ ; ext/bcmath/libbcmath + license:bsd-2 ; ext/fileinfo/libmagic + license:expat)))) ; ext/date/lib From 8eb790f368be5d7beac728e55093b6a3ea22328b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 20 Nov 2016 23:34:36 +0100 Subject: [PATCH 087/161] syscalls: Add 'c-struct-field-offset'. * guix/build/syscalls.scm (define-c-struct-macro): New macro. (define-c-struct): Use it. (c-struct-field-offset): New macro. --- guix/build/syscalls.scm | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm index c3832f6d48..85de47d26e 100644 --- a/guix/build/syscalls.scm +++ b/guix/build/syscalls.scm @@ -267,6 +267,29 @@ result is the alignment of the \"most strictly aligned component\"." (align offset type0) type0)))))) +(define-syntax define-c-struct-macro + (syntax-rules () + "Define NAME as a macro that can be queried to get information about the C +struct it represents. In particular: + + (NAME field-offset FIELD) + +returns the offset in bytes of FIELD within the C struct represented by NAME." + ((_ name ((fields types) ...)) + (define-c-struct-macro name + (fields ...) 0 () + ((fields types) ...))) + ((_ name (fields ...) offset (clauses ...) ((field type) rest ...)) + (define-c-struct-macro name + (fields ...) + (+ (align offset type) (type-size type)) + (clauses ... ((_ field-offset field) (align offset type))) + (rest ...))) + ((_ name (fields ...) offset (clauses ...) ()) + (define-syntax name + (syntax-rules (field-offset fields ...) + clauses ...))))) + (define-syntax define-c-struct (syntax-rules () "Define SIZE as the size in bytes of the C structure made of FIELDS. READ @@ -274,6 +297,8 @@ as a deserializer and WRITE! as a serializer for the C structure with the given TYPES. READ uses WRAP-FIELDS to return its value." ((_ name size wrap-fields read write! (fields types) ...) (begin + (define-c-struct-macro name + ((fields types) ...)) (define size (struct-size 0 () types ...)) (define (write! bv offset fields ...) @@ -281,6 +306,12 @@ given TYPES. READ uses WRAP-FIELDS to return its value." (define* (read bv #:optional (offset 0)) (read-types wrap-fields bv offset (types ...) ())))))) +(define-syntax-rule (c-struct-field-offset type field) + "Return the offset in BYTES of FIELD within TYPE, where TYPE is a C struct +defined with 'define-c-struct' and FIELD is a field identifier. An +expansion-time error is raised if FIELD does not exist in TYPE." + (type field-offset field)) + ;;; ;;; FFI. From 9e38e3cf527d907b499f8fc909aac5d0e25a5af7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 20 Nov 2016 23:35:25 +0100 Subject: [PATCH 088/161] syscalls: Add 'add-network-route/gateway' and 'delete-network-route'. * guix/build/syscalls.scm (SIOCADDRT, SIOCDELRT): New variables. (%rtentry): New C struct. (RTF_UP, RTF_GATEWAY, %sockaddr-any): New variables. (add-network-route/gateway, delete-network-route): New procedures. * tests/syscalls.scm ("add-network-route/gateway") ("delete-network-route"): New tests. --- guix/build/syscalls.scm | 110 ++++++++++++++++++++++++++++++++++++++++ tests/syscalls.scm | 24 +++++++++ 2 files changed, 134 insertions(+) diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm index 85de47d26e..9386c0f5d0 100644 --- a/guix/build/syscalls.scm +++ b/guix/build/syscalls.scm @@ -95,6 +95,8 @@ set-network-interface-netmask set-network-interface-up configure-network-interface + add-network-route/gateway + delete-network-route interface? interface-name @@ -805,6 +807,14 @@ exception if it's already taken." (if (string-contains %host-type "linux") #x891c ;GNU/Linux -1)) ;FIXME: GNU/Hurd? +(define SIOCADDRT + (if (string-contains %host-type "linux") + #x890B ;GNU/Linux + -1)) ;FIXME: GNU/Hurd? +(define SIOCDELRT + (if (string-contains %host-type "linux") + #x890C ;GNU/Linux + -1)) ;FIXME: GNU/Hurd? ;; Flags and constants from . @@ -1088,6 +1098,106 @@ is true, it must be a socket address to use as the network mask." (lambda () (close-port sock))))) + +;;; +;;; Network routes. +;;; + +(define-c-struct %rtentry ;'struct rtentry' from + sizeof-rtentry + list + read-rtentry + write-rtentry! + (pad1 unsigned-long) + (destination (array uint8 16)) ;struct sockaddr + (gateway (array uint8 16)) ;struct sockaddr + (genmask (array uint8 16)) ;struct sockaddr + (flags unsigned-short) + (pad2 short) + (pad3 long) + (tos uint8) + (class uint8) + (pad4 (array uint8 (if (= 8 (sizeof* '*)) 3 1))) + (metric short) + (device '*) + (mtu unsigned-long) + (window unsigned-long) + (initial-rtt unsigned-short)) + +(define RTF_UP #x0001) ;'rtentry' flags from +(define RTF_GATEWAY #x0002) + +(define %sockaddr-any + (make-socket-address AF_INET INADDR_ANY 0)) + +(define add-network-route/gateway + ;; To allow field names to be matched as literals, we need to move them out + ;; of the lambda's body since the parameters have the same name. A lot of + ;; fuss for very little. + (let-syntax ((gateway-offset (identifier-syntax + (c-struct-field-offset %rtentry gateway))) + (destination-offset (identifier-syntax + (c-struct-field-offset %rtentry destination))) + (genmask-offset (identifier-syntax + (c-struct-field-offset %rtentry genmask)))) + (lambda* (socket gateway + #:key (destination %sockaddr-any) (genmask %sockaddr-any)) + "Add a network route for DESTINATION (a socket address as returned by +'make-socket-address') that goes through GATEWAY (a socket address). For +instance, the call: + + (add-network-route/gateway sock + (make-socket-address + AF_INET + (inet-pton AF_INET \"192.168.0.1\") + 0)) + +is equivalent to this 'net-tools' command: + + route add -net default gw 192.168.0.1 + +because the default value of DESTINATION is \"0.0.0.0\"." + (let ((route (make-bytevector sizeof-rtentry 0))) + (write-socket-address! gateway route gateway-offset) + (write-socket-address! destination route destination-offset) + (write-socket-address! genmask route genmask-offset) + (bytevector-u16-native-set! route + (c-struct-field-offset %rtentry flags) + (logior RTF_UP RTF_GATEWAY)) + (let-values (((ret err) + (%ioctl (fileno socket) SIOCADDRT + (bytevector->pointer route)))) + (unless (zero? ret) + (throw 'system-error "add-network-route/gateway" + "add-network-route/gateway: ~A" + (list (strerror err)) + (list err)))))))) + +(define delete-network-route + (let-syntax ((destination-offset (identifier-syntax + (c-struct-field-offset %rtentry destination)))) + (lambda* (socket destination) + "Delete the network route for DESTINATION. For instance, the call: + + (delete-network-route sock + (make-socket-address AF_INET INADDR_ANY 0)) + +is equivalent to the 'net-tools' command: + + route del -net default +" + + (let ((route (make-bytevector sizeof-rtentry 0))) + (write-socket-address! destination route destination-offset) + (let-values (((ret err) + (%ioctl (fileno socket) SIOCDELRT + (bytevector->pointer route)))) + (unless (zero? ret) + (throw 'system-error "delete-network-route" + "delete-network-route: ~A" + (list (strerror err)) + (list err)))))))) + ;;; ;;; Details about network interfaces---aka. 'getifaddrs'. diff --git a/tests/syscalls.scm b/tests/syscalls.scm index fd177265f0..e4ef32c522 100644 --- a/tests/syscalls.scm +++ b/tests/syscalls.scm @@ -374,6 +374,30 @@ (#f #f) (lo (interface-address lo))))))) +(test-skip (if (zero? (getuid)) 1 0)) +(test-assert "add-network-route/gateway" + (let ((sock (socket AF_INET SOCK_STREAM 0)) + (gateway (make-socket-address AF_INET + (inet-pton AF_INET "192.168.0.1") + 0))) + (catch 'system-error + (lambda () + (add-network-route/gateway sock gateway)) + (lambda args + (close-port sock) + (memv (system-error-errno args) (list EPERM EACCES)))))) + +(test-skip (if (zero? (getuid)) 1 0)) +(test-assert "delete-network-route" + (let ((sock (socket AF_INET SOCK_STREAM 0)) + (destination (make-socket-address AF_INET INADDR_ANY 0))) + (catch 'system-error + (lambda () + (delete-network-route sock destination)) + (lambda args + (close-port sock) + (memv (system-error-errno args) (list EPERM EACCES)))))) + (test-equal "tcgetattr ENOTTY" ENOTTY (catch 'system-error From e48fcd7b8d07f213b23e3b432b0f10db917f69fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Mon, 21 Nov 2016 00:32:21 +0100 Subject: [PATCH 089/161] services: static-networking: Avoid use of net-tools. * gnu/services/networking.scm ()[net-tools]: Remove. (static-networking-service-type): Use 'add-network-route/gateway' and 'delete-network-route' instead of NET-TOOLS. (static-networking-service): Adjust accordingly. --- gnu/services/networking.scm | 44 ++++++++++++++++++++----------------- 1 file changed, 24 insertions(+), 20 deletions(-) diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 884c542439..3a4133a153 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -62,6 +62,7 @@ bitlbee-service bitlbee-service-type + wicd-service-type wicd-service network-manager-service connman-service @@ -116,15 +117,14 @@ fe80::1%lo0 apps.facebook.com\n") (default #f)) (gateway static-networking-gateway) (provision static-networking-provision) - (name-servers static-networking-name-servers) - (net-tools static-networking-net-tools)) + (name-servers static-networking-name-servers)) (define static-networking-service-type (shepherd-service-type 'static-networking (match-lambda (($ interface ip netmask gateway provision - name-servers net-tools) + name-servers) (let ((loopback? (memq 'loopback provision))) ;; TODO: Eventually replace 'route' with bindings for the appropriate @@ -146,19 +146,23 @@ fe80::1%lo0 apps.facebook.com\n") (inet-pton AF_INET #$netmask))) (maskaddr (and mask (make-socket-address AF_INET - mask 0)))) + mask 0))) + (gateway (and #$gateway + (inet-pton AF_INET #$gateway))) + (gatewayaddr (and gateway + (make-socket-address AF_INET + gateway 0)))) (configure-network-interface #$interface sockaddr (logior IFF_UP #$(if loopback? #~IFF_LOOPBACK 0)) - #:netmask maskaddr)) - #$(if gateway - #~(zero? (system* (string-append #$net-tools - "/sbin/route") - "add" "-net" "default" - "gw" #$gateway)) - #t) + #:netmask maskaddr) + (when gateway + (let ((sock (socket AF_INET SOCK_DGRAM 0))) + (add-network-route/gateway sock gatewayaddr) + (close-port sock)))) + #$(if (pair? name-servers) #~(call-with-output-file "/etc/resolv.conf" (lambda (port) @@ -168,18 +172,19 @@ fe80::1%lo0 apps.facebook.com\n") (for-each (lambda (server) (format port "nameserver ~a~%" server)) - '#$name-servers))) + '#$name-servers) + #t)) #t))) (stop #~(lambda _ ;; Return #f is successfully stopped. (let ((sock (socket AF_INET SOCK_STREAM 0))) + (when #$gateway + (delete-network-route sock + (make-socket-address + AF_INET INADDR_ANY 0))) (set-network-interface-flags sock #$interface 0) - (close-port sock)) - (not #$(if gateway - #~(system* (string-append #$net-tools - "/sbin/route") - "del" "-net" "default") - #t)))) + (close-port sock) + #f))) (respawn? #f))))))) (define* (static-networking-service interface ip @@ -195,8 +200,7 @@ it must be a string specifying the default network gateway." (static-networking (interface interface) (ip ip) (netmask netmask) (gateway gateway) (provision provision) - (name-servers name-servers) - (net-tools net-tools)))) + (name-servers name-servers)))) (define dhcp-client-service-type (shepherd-service-type From 7ceee88c4378c2bdcc454ddd43fc5f9ee89dbb2f Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Sun, 20 Nov 2016 22:18:49 +0200 Subject: [PATCH 090/161] gnu: chez-scheme: Properly identify system architecture. * gnu/packages/chez.dcm (chez-scheme)[arguments]: Substitute `uname -m' for `uname -a' in configure, allowing proper identification of the machine architecture. --- gnu/packages/chez.scm | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/gnu/packages/chez.scm b/gnu/packages/chez.scm index c3cb7d7659..5edce56505 100644 --- a/gnu/packages/chez.scm +++ b/gnu/packages/chez.scm @@ -100,6 +100,10 @@ '()))) #:phases (modify-phases %standard-phases + (add-after 'unpack 'patch-processor-detection + (lambda _ (substitute* "configure" + (("uname -a") "uname -m")) + #t)) ;; Adapt the custom 'configure' script. (replace 'configure (lambda* (#:key inputs outputs #:allow-other-keys) From 89a30625b9fadf850b99e59e7e45210212c9034d Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 21 Nov 2016 06:54:54 +0200 Subject: [PATCH 091/161] gnu: mpv: Update to 0.22.0. * gnu/packages/video.scm (mpv): Update to 0.22.0. --- gnu/packages/video.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index fefa672bef..0816f7831b 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -833,7 +833,7 @@ SVCD, DVD, 3ivx, DivX 3/4/5, WMV and H.264 movies.") (define-public mpv (package (name "mpv") - (version "0.21.0") + (version "0.22.0") (source (origin (method url-fetch) (uri (string-append @@ -841,7 +841,7 @@ SVCD, DVD, 3ivx, DivX 3/4/5, WMV and H.264 movies.") ".tar.gz")) (sha256 (base32 - "1lwvvhldqrkp44zdm3wbi7qrsln13s8ympwwckqhwl4whp78wpyh")) + "1xl2a0nfbkcq00f41m50fmfz9hl7hzpk7cq7j38r38rp1s7sryf0")) (file-name (string-append name "-" version ".tar.gz")))) (build-system waf-build-system) (native-inputs From b1e25b08f216fa0b863a4c4552b565dc1ce06d6c Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 21 Nov 2016 07:14:05 +0200 Subject: [PATCH 092/161] gnu: obs: Update to 0.16.6. * gnu/packages/video.scm (obs): Update to 0.16.6. --- gnu/packages/video.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 0816f7831b..4eab99b5aa 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -1484,7 +1484,7 @@ be used for realtime video capture via Linux-specific APIs.") (define-public obs (package (name "obs") - (version "0.16.5") + (version "0.16.6") (source (origin (method url-fetch) (uri (string-append "https://github.com/jp9000/obs-studio" @@ -1492,7 +1492,7 @@ be used for realtime video capture via Linux-specific APIs.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "0y6md0srjakih6zn0ism98123cf1wy9c8hmzl6vpqwjdw15il1rj")))) + "00vwdnf0gnwp029sznsr0s4lcky3brxbmpy0ch7igjpk5sf6mkqp")))) (build-system cmake-build-system) (arguments `(#:tests? #f ; no tests From 83b294b6d6c390f531ee817c592ea57234af591a Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 21 Nov 2016 10:49:45 +0200 Subject: [PATCH 093/161] gnu: opusfile: Update to 0.8. * gnu/packages/xiph.scm (opusfile): Update to 0.8. --- gnu/packages/xiph.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/xiph.scm b/gnu/packages/xiph.scm index 708b31bf8e..fc5cd6ca95 100644 --- a/gnu/packages/xiph.scm +++ b/gnu/packages/xiph.scm @@ -356,7 +356,7 @@ decoding .opus files.") (define opusfile (package (name "opusfile") - (version "0.7") + (version "0.8") (source (origin (method url-fetch) (uri (string-append @@ -364,7 +364,7 @@ decoding .opus files.") ".tar.gz")) (sha256 (base32 - "00f3wwjv3hxwg05g22s6mkkxikz80ljsn70g39cmi43jph9ysawy")))) + "192mp2jgn5s9815h31ybzsfipmbppmdhwx1dymrk26xarz9iw8rc")))) (build-system gnu-build-system) (propagated-inputs `(("opus" ,opus))) From 2316078a4e64da0d6eee309e54f4b61c5b6cf30c Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Thu, 17 Nov 2016 14:02:33 +0100 Subject: [PATCH 094/161] gnu: Add emacs-emms-mode-line-cycle. * gnu/packages/emacs.scm (emacs-emms-mode-line-cycle): New variable. --- gnu/packages/emacs.scm | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index a5dd7a961f..778e818353 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -1031,6 +1031,29 @@ light user interface.") and seeking.") (license license:gpl3+))) +(define-public emacs-emms-mode-line-cycle + (package + (name "emacs-emms-mode-line-cycle") + (version "0.2.5") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/momomo5717/emms-mode-line-cycle" + "/archive/" version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "0ifszi930pnaxk1x8pcydmvnp06868gc7nfx14q17zbajbx735k6")))) + (build-system emacs-build-system) + (propagated-inputs + `(("emms" ,emms))) + (home-page "https://github.com/momomo5717/emms-mode-line-cycle") + (synopsis "Display the EMMS mode line as a ticker") + (description + "This is a minor mode for updating the EMMS mode-line string cyclically +within a specified width. It is useful for displaying long track titles.") + (license license:gpl3+))) + ;;; ;;; Miscellaneous. From e01e2c6c525f1c0ef0ab62b832435a4ece0348ec Mon Sep 17 00:00:00 2001 From: ng0 Date: Sat, 19 Nov 2016 21:49:06 +0000 Subject: [PATCH 095/161] gnu: services: Add git-service. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/services/version-control.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. * doc/guix.texi (Misellaneous Services)[Version Control]: New section. Co-authored-by: 宋文武 --- doc/guix.texi | 61 +++++++++++++ gnu/local.mk | 1 + gnu/services/version-control.scm | 141 +++++++++++++++++++++++++++++++ 3 files changed, 203 insertions(+) create mode 100644 gnu/services/version-control.scm diff --git a/doc/guix.texi b/doc/guix.texi index 7352ea973f..3a88dd4044 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -11673,6 +11673,67 @@ A @code{} object serving the GNU Collaborative International Dictonary of English using the @code{gcide} package. @end defvr +@subsubsection Version Control + +The @code{(gnu services version-control)} module provides the following services: + +@subsubheading Git daemon service + +@deffn {Scheme Procedure} git-daemon-service [#:config (git-daemon-configuration)] + +Return a service that runs @command{git daemon}, a simple TCP server to +expose repositiories over the Git protocol for annoymous access. + +The optional @var{config} argument should be a +@code{} object, by default it allows read-only +access to exported@footnote{By creating the magic file +"git-daemon-export-ok" in the repository directory.} repositories under +@file{/srv/git}. + +@end deffn + +@deftp {Data Type} git-daemon-configuration +Data type representing the configuration for @code{git-daemon-service}. + +@table @asis +@item @code{package} (default: @var{git}) +Package object of the Git distributed version control system. + +@item @code{export-all?} (default: @var{#f}) +Whether to allow access for all Git repositories, even if they do not +have the @file{git-daemon-export-ok} file. + +@item @code{base-path} (default: @file{/srv/git}) +Whether to remap all the path requests as relative to the given path. +If you run git daemon with @var{(base-path "/srv/git")} on example.com, +then if you later try to pull @code{git://example.com/hello.git}, git +daemon will interpret the path as @code{/srv/git/hello.git}. + +@item @code{user-path} (default: @var{#f}) +Whether to allow @code{~user} notation to be used in requests. When +specified with empty string, requests to @code{git://host/~alice/foo} is +taken as a request to access @code{foo} repository in the home directory +of user @code{alice}. If @var{(user-path "path")} is specified, the +same request is taken as a request to access @code{path/foo} repository +in the home directory of user @code{alice}. + +@item @code{listen} (default: @var{'()}) +Whether to listen on specific IP addresses or hostnames, defaults to +all. + +@item @code{port} (default: @var{#f}) +Whether to listen on an alternative port, which defaults to 9418. + +@item @code{whitelist} (default: @var{'()}) +If not empty, only allow access to this list of directories. + +@item @code{extra-options} (default: @var{'()}) +Extra options will be passed to @code{git daemon}, please run +@command{man git-daemon} for more information. + +@end table +@end deftp + @node Setuid Programs @subsection Setuid Programs diff --git a/gnu/local.mk b/gnu/local.mk index df7fb4c995..430d05ff3e 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -416,6 +416,7 @@ GNU_SYSTEM_MODULES = \ %D%/services/sddm.scm \ %D%/services/spice.scm \ %D%/services/ssh.scm \ + %D%/services/version-control.scm \ %D%/services/web.scm \ %D%/services/xorg.scm \ \ diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm new file mode 100644 index 0000000000..107bc8e77a --- /dev/null +++ b/gnu/services/version-control.scm @@ -0,0 +1,141 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 ng0 +;;; Copyright © 2016 Sou Bunnbu +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu services version-control) + #:use-module (gnu services) + #:use-module (gnu services base) + #:use-module (gnu services shepherd) + #:use-module (gnu system shadow) + #:use-module (gnu packages version-control) + #:use-module (gnu packages admin) + #:use-module (guix records) + #:use-module (guix gexp) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26) + #:use-module (ice-9 match) + #:export (git-daemon-service + git-daemon-service-type + git-daemon-configuration + git-daemon-configuration?)) + +;;; Commentary: +;;; +;;; Version Control related services. +;;; +;;; Code: + + +;;; +;;; Git daemon. +;;; + +(define-record-type* + git-daemon-configuration + make-git-daemon-configuration + git-daemon-configuration? + (package git-daemon-configuration-package ;package + (default git)) + (export-all? git-daemon-configuration-export-all ;boolean + (default #f)) + (base-path git-daemon-configuration-base-path ;string | #f + (default "/srv/git")) + (user-path git-daemon-configuration-user-path ;string | #f + (default #f)) + (listen git-daemon-configuration-listen ;list of string + (default '())) + (port git-daemon-configuration-port ;number | #f + (default #f)) + (whitelist git-daemon-configuration-whitelist ;list of string + (default '())) + (extra-options git-daemon-configuration-extra-options ;list of string + (default '()))) + +(define git-daemon-shepherd-service + (match-lambda + (($ + package export-all? base-path user-path + listen port whitelist extra-options) + (let* ((git (file-append package "/bin/git")) + (command `(,git + "daemon" "--syslog" "--reuseaddr" + ,@(if export-all? + '("--export-all") + '()) + ,@(if base-path + `(,(string-append "--base-path=" base-path)) + '()) + ,@(if user-path + `(,(string-append "--user-path=" user-path)) + '()) + ,@(map (cut string-append "--listen=" <>) listen) + ,@(if port + `(,(string-append + "--port=" (number->string port))) + '()) + ,@extra-options + ,@whitelist))) + (list (shepherd-service + (documentation "Run the git-daemon.") + (requirement '(networking)) + (provision '(git-daemon)) + (start #~(make-forkexec-constructor '#$command + #:user "git-daemon" + #:group "git-daemon")) + (stop #~(make-kill-destructor)))))))) + +(define %git-daemon-accounts + ;; User account and group for git-daemon. + (list (user-group + (name "git-daemon") + (system? #t)) + (user-account + (name "git-daemon") + (system? #t) + (group "git-daemon") + (comment "Git daemon user") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))) + +(define (git-daemon-activation config) + "Return the activation gexp for git-daemon using CONFIG." + (let ((base-path (git-daemon-configuration-base-path config))) + #~(begin + (use-modules (guix build utils)) + ;; Create the 'base-path' directory when it's not '#f'. + (and=> #$base-path mkdir-p)))) + +(define git-daemon-service-type + (service-type + (name 'git-daemon) + (extensions + (list (service-extension shepherd-root-service-type + git-daemon-shepherd-service) + (service-extension account-service-type + (const %git-daemon-accounts)) + (service-extension activation-service-type + git-daemon-activation))))) + +(define* (git-daemon-service #:key (config (git-daemon-configuration))) + "Return a service that runs @command{git daemon}, a simple TCP server to +expose repositories over the Git protocol for annoymous access. + +The optional @var{config} argument should be a +@code{} object, by default it allows read-only +access to exported repositories under @file{/srv/git}." + (service git-daemon-service-type config)) From b3131e23184e5f44b94bf0c953397e2d0f414a73 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Mon, 21 Nov 2016 09:41:38 +0100 Subject: [PATCH 096/161] services: static-networking: Remove unused parameter. This is a followup to e48fcd7b8d07f213b23e3b432b0f10db917f69fa. * gnu/services/networking.scm (static-networking-service): Remove #:net-tools. (static-networking-service-type): Remove outdated comment. --- gnu/services/networking.scm | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 3a4133a153..5a83240d77 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -126,9 +126,6 @@ fe80::1%lo0 apps.facebook.com\n") (($ interface ip netmask gateway provision name-servers) (let ((loopback? (memq 'loopback provision))) - - ;; TODO: Eventually replace 'route' with bindings for the appropriate - ;; ioctls. (shepherd-service ;; Unless we're providing the loopback interface, wait for udev to be up @@ -191,8 +188,7 @@ fe80::1%lo0 apps.facebook.com\n") #:key netmask gateway (provision '(networking)) - (name-servers '()) - (net-tools net-tools)) + (name-servers '())) "Return a service that starts @var{interface} with address @var{ip}. If @var{netmask} is true, use it as the network mask. If @var{gateway} is true, it must be a string specifying the default network gateway." From c9eae83ffa05beb58f01da783af5f6de2f438eec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Mon, 21 Nov 2016 15:25:09 +0100 Subject: [PATCH 097/161] gnu: dico: Update to 2.4. * gnu/packages/dico.scm (dico): Update to 2.4. [source]: Remove 'snippet'. --- gnu/packages/dico.scm | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/gnu/packages/dico.scm b/gnu/packages/dico.scm index 1a674dff4b..ec20c372f2 100644 --- a/gnu/packages/dico.scm +++ b/gnu/packages/dico.scm @@ -37,20 +37,14 @@ (define-public dico (package (name "dico") - (version "2.3") + (version "2.4") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/dico/dico-" version ".tar.xz")) (sha256 (base32 - "13by0zimx90v2j8v7n4k9y3xwmh4q9jdc2f4f8yjs3x7f5bzm2pk")) - (snippet - ;; Upstream commit 89922fc. - '(substitute* "include/dico/markup.h" - (("const char \\*dico_markup_type;") - "extern const char *dico_markup_type;"))) - (modules '((guix build utils))))) + "13m7vahfbdj7hb38bjgd4cmfswavvxrcpppj9n4m4rar3wyzg52g")))) (build-system gnu-build-system) (arguments '(#:configure-flags (list (string-append "--with-guile-site-dir=" %output From dc6d1b9609f0994bdab9907f0e673b5ba26ff56d Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Mon, 21 Nov 2016 11:15:55 -0500 Subject: [PATCH 098/161] gnu: libtiff: Fix URL in 'libtiff-uint32-overflow.patch'. * gnu/packages/patches/libtiff-uint32-overflow.patch: Fix URL. --- gnu/packages/patches/libtiff-uint32-overflow.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/patches/libtiff-uint32-overflow.patch b/gnu/packages/patches/libtiff-uint32-overflow.patch index b9b1bc27a4..c95126f9a1 100644 --- a/gnu/packages/patches/libtiff-uint32-overflow.patch +++ b/gnu/packages/patches/libtiff-uint32-overflow.patch @@ -1,6 +1,6 @@ Fix some buffer overflows: -http://seclists.org/oss-sec/2016/q4/ +http://seclists.org/oss-sec/2016/q4/408 http://bugzilla.maptools.org/show_bug.cgi?id=2592 2016-11-11 Even Rouault From 7c90d0f40e822cfd4b690329ad0452e59cb11863 Mon Sep 17 00:00:00 2001 From: Alex Kost Date: Fri, 18 Nov 2016 20:26:08 +0300 Subject: [PATCH 099/161] gnu: packages: Use gettext-minimal. * gnu/packages/crypto.scm (tomb): Use 'gettext-minimal' instead of 'gnu-gettext'. * gnu/packages/emacs.scm (m17n-db): Likewise. * gnu/packages/ftp.scm (weex): Likewise. * gnu/packages/games.scm (chromium-bsu): Likewise. * gnu/packages/image.scm (steghide): Likewise. * gnu/packages/linux.scm (radeontop): Likewise. * gnu/packages/mpd.scm (sonata): Likewise. * gnu/packages/networking.scm (whois): Likewise. * gnu/packages/package-management.scm (guix-0.11.0): Likewise. * gnu/packages/psyc.scm (psyclpc): Likewise. * gnu/packages/syndication.scm (newsbeuter): Likewise. * gnu/packages/vim.scm (vim-full): Likewise. --- gnu/packages/crypto.scm | 2 +- gnu/packages/emacs.scm | 2 +- gnu/packages/ftp.scm | 2 +- gnu/packages/games.scm | 2 +- gnu/packages/image.scm | 2 +- gnu/packages/linux.scm | 2 +- gnu/packages/mpd.scm | 2 +- gnu/packages/networking.scm | 2 +- gnu/packages/package-management.scm | 2 +- gnu/packages/psyc.scm | 2 +- gnu/packages/syndication.scm | 2 +- gnu/packages/vim.scm | 2 +- 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm index 3fcb30caab..c7445a1eba 100644 --- a/gnu/packages/crypto.scm +++ b/gnu/packages/crypto.scm @@ -329,7 +329,7 @@ no man page, refer to the home page for usage details.") ("gnupg" ,gnupg) ("cryptsetup" ,cryptsetup) ("e2fsprogs" ,e2fsprogs) ;for mkfs.ext4 - ("gettext" ,gnu-gettext) ;used at runtime + ("gettext" ,gettext-minimal) ;used at runtime ("mlocate" ,mlocate) ("pinentry" ,pinentry) ("qrencode" ,qrencode) diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index 778e818353..c1f12667a3 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -3350,7 +3350,7 @@ extensibility.") (base32 "1w08hnsbknrcjlzp42c99bgwc9hzsnf5m4apdv0dacql2s09zfm2")))) (build-system gnu-build-system) (inputs - `(("gettext" ,gnu-gettext))) + `(("gettext" ,gettext-minimal))) (arguments `(#:configure-flags (list (string-append "--with-charmaps=" diff --git a/gnu/packages/ftp.scm b/gnu/packages/ftp.scm index eb622dd17c..7d3cae626a 100644 --- a/gnu/packages/ftp.scm +++ b/gnu/packages/ftp.scm @@ -142,7 +142,7 @@ FTP browser, as well as non-interactive commands such as 'ncftpput' and (native-inputs `(("automake" ,automake) ("autoconf" ,autoconf) - ("gettext" ,gnu-gettext))) + ("gettext" ,gettext-minimal))) (arguments `(#:phases (modify-phases %standard-phases diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm index e6a970a22c..8b1d80dda7 100644 --- a/gnu/packages/games.scm +++ b/gnu/packages/games.scm @@ -2575,7 +2575,7 @@ in strikes against the evil corporation.") "0jk2w5b6s6nkzri585bbz16cif2fhqcnl5l1mq3rd98r9nil3hd1")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) - (inputs `(("gettext" ,gnu-gettext) + (inputs `(("gettext" ,gettext-minimal) ("glu" ,glu) ("quesoglc" ,quesoglc) ("sdl-union" ,(sdl-union (list sdl sdl-image sdl-mixer))))) diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 309c336779..af412b4c44 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -948,7 +948,7 @@ differences in file encoding, image quality, and other small variations.") (patches (list (search-patch "steghide-fixes.patch"))))) (build-system gnu-build-system) (native-inputs - `(("gettext" ,gnu-gettext) + `(("gettext" ,gettext-minimal) ("libtool" ,libtool) ("perl" ,perl))) ;for tests (inputs diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index e22d3c3101..94b9315085 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -3128,7 +3128,7 @@ developers.") (string-append "PREFIX=" %output)) #:tests? #f)) ; no tests (native-inputs - `(("gnu-gettext" ,gnu-gettext) + `(("gettext" ,gettext-minimal) ("pkg-config" ,pkg-config))) (inputs `(("libdrm" ,libdrm) diff --git a/gnu/packages/mpd.scm b/gnu/packages/mpd.scm index f59ef3000f..d3da5f5daa 100644 --- a/gnu/packages/mpd.scm +++ b/gnu/packages/mpd.scm @@ -301,7 +301,7 @@ interface for the Music Player Daemon.") `("GI_TYPELIB_PATH" ":" prefix (,gi-typelib-path)))) #t))))) (native-inputs - `(("gettext" ,gnu-gettext))) + `(("gettext" ,gettext-minimal))) (inputs `(("python-mpd2" ,python-mpd2) ("gtk+" ,gtk+) diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm index d8bbc6eea2..de7aaf0680 100644 --- a/gnu/packages/networking.scm +++ b/gnu/packages/networking.scm @@ -454,7 +454,7 @@ and up to 1 Mbit/s downstream.") (inputs `(("libidn" ,libidn))) (native-inputs - `(("gettext" ,gnu-gettext) + `(("gettext" ,gettext-minimal) ("perl" ,perl))) (synopsis "Improved whois client") (description "This whois client is intelligent and can diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index 8c8a267fa7..33df607ebb 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -166,7 +166,7 @@ ;; guix' always contains them. ("autoconf" ,(autoconf-wrapper)) ("automake" ,automake) - ("gettext" ,gnu-gettext) + ("gettext" ,gettext-minimal) ("texinfo" ,texinfo) ("graphviz" ,graphviz) ("help2man" ,help2man))) diff --git a/gnu/packages/psyc.scm b/gnu/packages/psyc.scm index a55f78e4c0..03df188d1d 100644 --- a/gnu/packages/psyc.scm +++ b/gnu/packages/psyc.scm @@ -212,7 +212,7 @@ including psyced.") (native-inputs `(("pkg-config" ,pkg-config) ("bison" ,bison) - ("gnu-gettext" ,gnu-gettext) + ("gettext" ,gettext-minimal) ("help2man" ,help2man) ("autoconf" ,autoconf) ("automake" ,automake))) diff --git a/gnu/packages/syndication.scm b/gnu/packages/syndication.scm index f4668de0c0..f434006656 100644 --- a/gnu/packages/syndication.scm +++ b/gnu/packages/syndication.scm @@ -53,7 +53,7 @@ #:make-flags (list (string-append "prefix=" (assoc-ref %outputs "out"))) #:test-target "test")) (native-inputs - `(("gettext" ,gnu-gettext) + `(("gettext" ,gettext-minimal) ("perl" ,perl) ("pkg-config" ,pkg-config) ("ruby" ,ruby))) ; for tests diff --git a/gnu/packages/vim.scm b/gnu/packages/vim.scm index b283e975d5..2026c8a7cd 100644 --- a/gnu/packages/vim.scm +++ b/gnu/packages/vim.scm @@ -129,7 +129,7 @@ configuration files.") ("fontconfig" ,fontconfig) ("freetype" ,freetype) ("gdk-pixbuf" ,gdk-pixbuf) - ("gettext" ,gnu-gettext) + ("gettext" ,gettext-minimal) ("glib" ,glib) ("gpm" ,gpm) ("gtk" ,gtk+-2) From daf72603ebcd7e78222d16273d4cda4e71a156de Mon Sep 17 00:00:00 2001 From: Petter Date: Mon, 21 Nov 2016 19:18:55 +0100 Subject: [PATCH 100/161] gnu: Remove redundancy where mkdir-p is followed by install-file . * gnu/packages/bioinformatics.scm (bwa)[arguments]: Remove redundant mkdir-p. (eigensoft)[arguments]: Likewise. (snap-aligner)[arguments]: Likewise. (pardre)[arguments]: Likewise. (piranha)[arguments]: Likewise. * gnu/packages/maths.scm (hypre)[arguments]: Likewise. * gnu/packages/mp3.scm (mpc123)[arguments]: Likewise. * gnu/packages/music.scm (tuxguitar)[arguments]: Likewise. * gnu/packages/pdf.scm (impressive)[arguments]: Likewise. * gnu/packages/qemu.scm (qemu)[arguments]: Likewise. Signed-off-by: Leo Famulari --- gnu/packages/bioinformatics.scm | 7 ------- gnu/packages/maths.scm | 1 - gnu/packages/mp3.scm | 1 - gnu/packages/music.scm | 1 - gnu/packages/pdf.scm | 1 - gnu/packages/qemu.scm | 1 - 6 files changed, 12 deletions(-) diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index 64c7bbad36..97d3e48cec 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -1261,9 +1261,6 @@ splice junctions between exons.") (assoc-ref outputs "out") "/share/doc/bwa")) (man (string-append (assoc-ref outputs "out") "/share/man/man1"))) - (mkdir-p bin) - (mkdir-p doc) - (mkdir-p man) (install-file "bwa" bin) (install-file "README.md" doc) (install-file "bwa.1" man))) @@ -2155,7 +2152,6 @@ of nucleic acid binding proteins.") (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (bin (string-append out "/bin"))) - (mkdir-p bin) (for-each (lambda (file) (install-file file bin)) (find-files "../bin" ".*")) @@ -4834,7 +4830,6 @@ optionally compressed by gzip.") (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (bin (string-append out "/bin"))) - (mkdir-p bin) (install-file "snap-aligner" bin) (install-file "SNAPCommand" bin) #t)))))) @@ -5694,7 +5689,6 @@ Needleman-Wunsch).") (replace 'install (lambda* (#:key outputs #:allow-other-keys) (let ((bin (string-append (assoc-ref outputs "out") "/bin"))) - (mkdir-p bin) (install-file "ParDRe" bin) #t)))))) (inputs @@ -7572,7 +7566,6 @@ intervals (e.g. genes, sequence alignments).") (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (bin (string-append out "/bin"))) - (mkdir-p bin) (for-each (lambda (file) (install-file file bin)) (find-files "bin" ".*"))) diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm index a1bd7846f8..0c51f6d54f 100644 --- a/gnu/packages/maths.scm +++ b/gnu/packages/maths.scm @@ -2723,7 +2723,6 @@ set.") ;; Custom install because docs/Makefile doesn't honor ${docdir}. (let* ((doc (assoc-ref outputs "doc")) (docdir (string-append doc "/share/doc/hypre-" ,version))) - (mkdir-p docdir) (with-directory-excursion "docs" (for-each (lambda (base) (install-file (string-append base ".pdf") docdir) diff --git a/gnu/packages/mp3.scm b/gnu/packages/mp3.scm index ceef896a13..7f0099ee6d 100644 --- a/gnu/packages/mp3.scm +++ b/gnu/packages/mp3.scm @@ -441,7 +441,6 @@ format.") (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (bin (string-append out "/bin"))) - (mkdir-p bin) (install-file "mpc123" bin))))) #:tests? #f)) (native-inputs diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index b32b084533..a19c2eb2e8 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -1216,7 +1216,6 @@ is subjective.") (lib (string-append share "/java")) (swt (assoc-ref inputs "java-swt"))) (mkdir-p bin) - (mkdir-p lib) ;; install all jars (for-each (lambda (file) (install-file file lib)) diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 9c6e9a967e..39f4d021de 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -701,7 +701,6 @@ vector formats.") (,(string-append sdl "/lib"))) `("PATH" ":" prefix ;for pdftoppm (,(string-append xpdf "/bin")))) - (mkdir-p man1) (install-file "impressive.1" man1) #t)))))) (home-page "http://impressive.sourceforge.net") diff --git a/gnu/packages/qemu.scm b/gnu/packages/qemu.scm index f6e34cace4..3c48b7a278 100644 --- a/gnu/packages/qemu.scm +++ b/gnu/packages/qemu.scm @@ -117,7 +117,6 @@ (let ((out (assoc-ref outputs "out"))) (and (zero? (system* "make" "info")) (let ((infodir (string-append out "/share/info"))) - (mkdir-p infodir) (for-each (lambda (info) (install-file info infodir)) (find-files "." "\\.info$")) From dd3f8fe660876aed7ef79f0bd840fbbbeed129aa Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 21 Nov 2016 23:52:19 +0200 Subject: [PATCH 101/161] gnu: connman: Update to 1.33. * gnu/packages/connman.scm (connman): Update to 1.33. --- gnu/packages/connman.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/connman.scm b/gnu/packages/connman.scm index 7af20c93d8..65214271b5 100644 --- a/gnu/packages/connman.scm +++ b/gnu/packages/connman.scm @@ -36,7 +36,7 @@ (define-public connman (package (name "connman") - (version "1.32") + (version "1.33") (source (origin (method url-fetch) @@ -44,7 +44,7 @@ name "-" version ".tar.xz")) (sha256 (base32 - "0k4kw2j78gwxf0rq79a099qkzl6wi4v5i7rfs4rn0si0fd68d19i")))) + "187mknq2i907gf8dz0i79359gn1qc9mryvqkcgb280d7dw1ld2dw")))) (build-system gnu-build-system) (arguments `(#:configure-flags From 1ea7969fa69c1377ccd01173f32dbf88e605b594 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Tue, 22 Nov 2016 09:44:54 +0100 Subject: [PATCH 102/161] gnu: zynaddsubfx: Update to 3.0.0. * gnu/packages/music.scm (zynaddsubfx): Update to 3.0.0. [inputs]: Add "mesa". --- gnu/packages/music.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index a19c2eb2e8..64e7455603 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -1474,7 +1474,7 @@ backends, including ALSA, OSS, Network and FluidSynth.") (define-public zynaddsubfx (package (name "zynaddsubfx") - (version "2.5.4") + (version "3.0.0") (source (origin (method url-fetch) (uri (string-append @@ -1482,7 +1482,7 @@ backends, including ALSA, OSS, Network and FluidSynth.") version "/zynaddsubfx-" version ".tar.bz2")) (sha256 (base32 - "16llaa2wg2gbgjhwp3632b2vx9jvanj4csv7d41k233ms6d1sjq1")))) + "0p640hlw28264nzrnd2lm4bi5snas4fvh80p8lpxvph2hjw3sncl")))) (build-system cmake-build-system) (arguments `(#:phases @@ -1500,6 +1500,7 @@ backends, including ALSA, OSS, Network and FluidSynth.") (inputs `(("liblo" ,liblo) ("ntk" ,ntk) + ("mesa" ,mesa) ("alsa-lib" ,alsa-lib) ("jack" ,jack-1) ("fftw" ,fftw) From 8e5f8c98e21932cc6bc58c0f976d650b2323c087 Mon Sep 17 00:00:00 2001 From: Ben Woodcroft Date: Tue, 22 Nov 2016 20:47:56 +1000 Subject: [PATCH 103/161] gnu: diamond: Update to 0.8.27. * gnu/packages/bioinformatics.scm (diamond): Update to 0.8.27. --- gnu/packages/bioinformatics.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index 97d3e48cec..773b5909b6 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -2045,7 +2045,7 @@ identify enrichments with functional annotations of the genome.") (define-public diamond (package (name "diamond") - (version "0.8.26") + (version "0.8.27") (source (origin (method url-fetch) (uri (string-append @@ -2054,7 +2054,7 @@ identify enrichments with functional annotations of the genome.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "17s38pgjih6yc2z81040pircbv60c9wr33mbcyki2rfpv8rbxlh0")))) + "0g0zdyfnri9v7nfbh8f7zqs4af1xydqkiw8m0cx4jc2ql4chpf6a")))) (build-system cmake-build-system) (arguments '(#:tests? #f ; no "check" target From ee7518a009f2595879bb7e0275fa1f7ba8740819 Mon Sep 17 00:00:00 2001 From: Ben Woodcroft Date: Tue, 22 Nov 2016 21:39:18 +1000 Subject: [PATCH 104/161] gnu: ruby: Update replacement to 2.3.3. * gnu/packages/ruby.scm (ruby)[replacement]: Update to 2.3.3. (ruby-2.3.2): Replace this ... (ruby-2.3.3): ... with this. --- gnu/packages/ruby.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index 1abea02bb5..baae553992 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -47,7 +47,7 @@ (define-public ruby (package (name "ruby") - (replacement ruby-2.3.2) + (replacement ruby-2.3.3) (version "2.3.1") (source (origin @@ -102,10 +102,10 @@ a focus on simplicity and productivity.") (home-page "https://ruby-lang.org") (license license:ruby))) -(define ruby-2.3.2 +(define ruby-2.3.3 (package (inherit ruby) - (version "2.3.2") + (version "2.3.3") (source (origin (method url-fetch) @@ -114,7 +114,7 @@ a focus on simplicity and productivity.") "/ruby-" version ".tar.xz")) (sha256 (base32 - "031g76zxb2wp6988dmrpbqd98i17xi6l8q1115h83r2w0h8z6y2w")) + "1p0rfk0blrbfjcnv0vb0ha4hxflgkfhv9zbzp4vvld2pi31ahkqs")) (modules '((guix build utils))) (snippet `(begin ;; Remove bundled libffi From 83a3e805bebe35bdb95399d22d14466a9eb85133 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Tue, 22 Nov 2016 12:33:43 +0200 Subject: [PATCH 105/161] gnu: w3m: Use 'modify-phases' syntax. * gnu/packages/w3m.scm (w3m)[arguments]: Use 'modify-phases' syntax. --- gnu/packages/w3m.scm | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/gnu/packages/w3m.scm b/gnu/packages/w3m.scm index 5f0fb56b0c..61035aba52 100644 --- a/gnu/packages/w3m.scm +++ b/gnu/packages/w3m.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2013 Nikita Karetnikov ;;; Copyright © 2016 Leo Famulari ;;; Copyright © 2016 Kei Kebreau +;;; Copyright © 2016 Efraim Flashner ;;; ;;; This file is part of GNU Guix. ;;; @@ -48,14 +49,15 @@ (base32 "142vkkmsk76wj9w6r4y2pa1hmy1kkzmc73an9zchx0ikm2z92x6s")))) (build-system gnu-build-system) - (arguments `(#:tests? #f ; no check target - #:phases (alist-cons-before - 'configure 'fix-perl - (lambda _ - (substitute* '("scripts/w3mmail.cgi.in" - "scripts/dirlist.cgi.in") - (("@PERL@") (which "perl")))) - %standard-phases))) + (arguments + '(#:tests? #f ; no check target + #:phases + (modify-phases %standard-phases + (add-before 'configure 'fix-perl + (lambda _ (substitute* '("scripts/w3mmail.cgi.in" + "scripts/dirlist.cgi.in") + (("@PERL@") (which "perl"))) + #t))))) (inputs `(("libgc" ,libgc) ("ncurses" ,ncurses) From 4a5ec78d5f66ba693328a171bc69392ac0f86151 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Tue, 22 Nov 2016 13:56:47 +0200 Subject: [PATCH 106/161] gnu: w3m: Update to 0.5.3+git20161120 [fixes security issues]. Fixes CVE-2016-9439 and others. * gnu/packages/w3m.scm (w3m): Update to 0.5.3+git20161120. --- gnu/packages/w3m.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/w3m.scm b/gnu/packages/w3m.scm index 61035aba52..12114b13b9 100644 --- a/gnu/packages/w3m.scm +++ b/gnu/packages/w3m.scm @@ -36,7 +36,7 @@ (define-public w3m (package (name "w3m") - (version "0.5.3+git20161031") + (version "0.5.3+git20161120") (source (origin (method git-fetch) ;; Debian's fork of w3m is the only one that is still @@ -47,7 +47,7 @@ (file-name (string-append "w3m-" version "-checkout")) (sha256 (base32 - "142vkkmsk76wj9w6r4y2pa1hmy1kkzmc73an9zchx0ikm2z92x6s")))) + "06n5a9jdyihkd4xdjmyci32dpqp1k2l5awia5g9ng0bn256bacdc")))) (build-system gnu-build-system) (arguments '(#:tests? #f ; no check target From e36a67c91a2a48c6a534afae767bf0758b949644 Mon Sep 17 00:00:00 2001 From: Eric Bavier Date: Thu, 12 May 2016 13:57:01 -0500 Subject: [PATCH 107/161] gnu: Add openfwwf-firmware. * gnu/packages/firmware.scm (b43-tools, openfwwf-firmware): New variables. --- gnu/packages/firmware.scm | 92 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) diff --git a/gnu/packages/firmware.scm b/gnu/packages/firmware.scm index 484896f592..443c38e944 100644 --- a/gnu/packages/firmware.scm +++ b/gnu/packages/firmware.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2014, 2015, 2016 Ludovic Courtès +;;; Copyright © 2016 Eric Bavier ;;; ;;; This file is part of GNU Guix. ;;; @@ -19,11 +20,14 @@ (define-module (gnu packages firmware) #:use-module (guix licenses) #:use-module (guix packages) + #:use-module (guix download) #:use-module (guix git-download) #:use-module (guix build-system gnu) #:use-module (gnu packages) + #:use-module (gnu packages bison) #:use-module (gnu packages cmake) #:use-module (gnu packages cross-base) + #:use-module (gnu packages flex) #:use-module (gnu packages perl)) (define-public ath9k-htc-firmware @@ -82,3 +86,91 @@ 802.11n NICs (aka Wi-Fi USB dongles). It is used by the ath9k driver of Linux-libre.") (license (non-copyleft "http://directory.fsf.org/wiki/License:ClearBSD")))) + +(define-public b43-tools + (let ((commit "8dce53297966b31b6c70a7a03c2433978dd9f288") + (rev "1")) + (package + (name "b43-tools") + (version (string-append "20140625-" rev "." (string-take commit 7))) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "http://git.bues.ch/git/b43-tools.git") + (commit commit))) + (file-name (string-append name "-" version "-checkout")) + (sha256 + (base32 + "08k7sdr9jagm43r2zv4h03j86klhkblpk73p12444a3vzg1gy1lv")))) + (build-system gnu-build-system) + (native-inputs + `(("flex" ,flex) + ("bison" ,bison))) + (arguments + `(#:modules ((srfi srfi-1) + (guix build gnu-build-system) + (guix build utils)) + #:tests? #f ;no tests + #:phases + (let ((subdirs '("assembler" "disassembler"))) + (modify-phases %standard-phases + (delete 'configure) + (add-before 'build 'patch-/bin/true + (lambda _ + (substitute* (find-files "." "Makefile") + (("/bin/true") ":")) + #t)) + (replace 'build + (lambda _ + (every (lambda (dir) + (zero? (system* "make" "-C" dir "CC=gcc"))) + subdirs))) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + (mkdir-p (string-append out "/bin")) + (every (lambda (dir) + (zero? + (system* "make" "-C" dir + (string-append "PREFIX=" out) + "install"))) + subdirs)))))))) + (home-page + "http://bues.ch/cms/hacking/misc.html#linux_b43_driver_firmware_tools") + (synopsis "Collection of tools for the b43 wireless driver") + (description + "The b43 firmware tools is a collection of firmware extractor, +assembler, disassembler, and debugging tools for the Linux kernel b43 wireless +driver.") + (license gpl2)))) + +(define-public openfwwf-firmware + (package + (name "openfwwf-firmware") + (version "5.2") + (source + (origin + (method url-fetch) + (uri (string-append "http://netweb.ing.unibs.it/~openfwwf/firmware/" + "openfwwf-" version ".tar.gz")) + (sha256 + (base32 + "1p60gdi7w88s7qw82d3g9v7mk887mhvidf4l5q5hh09j10h37q4x")))) + (build-system gnu-build-system) + (native-inputs + `(("b43-tools" ,b43-tools))) + (arguments + `(#:make-flags (list (string-append "PREFIX=" + (assoc-ref %outputs "out") + "/lib/firmware/b43-open")) + #:tests? #f ;no tests + #:phases (modify-phases %standard-phases + (delete 'configure)))) + (home-page "http://netweb.ing.unibs.it/~openfwwf/") + (synopsis "Firmware for BCM43xx devices") + (description + "This is firmware from Open FirmWare for WiFi networks (OpenFWWF) for the +Broadcom/AirForce chipset BCM43xx with Wireless-Core Revision 5. It is used +by the b43-open driver of Linux-libre.") + (license gpl2))) From 52db41aff8771518f99eb1f9b63b814b568f7a4a Mon Sep 17 00:00:00 2001 From: Eric Bavier Date: Sat, 19 Nov 2016 13:25:02 -0600 Subject: [PATCH 108/161] gnu: system: Add openfwwf-firmware to %base-firmware. * gnu/system.scm (%base-firmware): Add openfwwf-firmware. * doc/guix.texi (Hardware Considerations): Mention b43-open support. (operating-system Reference)[firmware]: Likewise. --- doc/guix.texi | 11 +++++++---- gnu/system.scm | 3 ++- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 3a88dd4044..7381c2c6ba 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -6405,7 +6405,9 @@ hardware is not supported on GuixSD. One of the main areas where free drivers or firmware are lacking is WiFi devices. WiFi devices known to work include those using Atheros chips (AR9271 and AR7010), which corresponds to the @code{ath9k} Linux-libre -driver, and for which free firmware exists and is available +driver, and those using Broadcom/AirForce chips (BCM43xx with +Wireless-Core Revision 5), which corresponds to the @code{b43-open} +Linux-libre driver. Free firmware exists for both and is available out-of-the-box on GuixSD, as part of @var{%base-firmware} (@pxref{operating-system Reference, @code{firmware}}). @@ -7079,9 +7081,10 @@ the Linux kernel. @xref{Initial RAM Disk}. @cindex firmware List of firmware packages loadable by the operating system kernel. -The default includes firmware needed for Atheros-based WiFi devices -(Linux-libre module @code{ath9k}). @xref{Hardware Considerations}, for -more info on supported hardware. +The default includes firmware needed for Atheros- and Broadcom-based +WiFi devices (Linux-libre modules @code{ath9k} and @code{b43-open}, +respectively). @xref{Hardware Considerations}, for more info on +supported hardware. @item @code{host-name} The host name. diff --git a/gnu/system.scm b/gnu/system.scm index cf220e72fd..4e57f975e6 100644 --- a/gnu/system.scm +++ b/gnu/system.scm @@ -346,7 +346,8 @@ explicitly appear in OS." (define %base-firmware ;; Firmware usable by default. - (list ath9k-htc-firmware)) + (list ath9k-htc-firmware + openfwwf-firmware)) (define %base-packages ;; Default set of packages globally visible. It should include anything From c3cc7d412a04d76b555853f6105842acadba4595 Mon Sep 17 00:00:00 2001 From: Kei Kebreau Date: Tue, 22 Nov 2016 11:23:55 -0500 Subject: [PATCH 109/161] gnu: Add espeak. * gnu/packages/audio.scm (espeak): New variable. --- gnu/packages/audio.scm | 51 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/gnu/packages/audio.scm b/gnu/packages/audio.scm index 77d3b538c8..492f716ca9 100644 --- a/gnu/packages/audio.scm +++ b/gnu/packages/audio.scm @@ -343,6 +343,57 @@ tools (analyzer, mono/stereo tools, crossovers).") ;; The plugins are released under LGPLv2.1+ (license (list license:lgpl2.1+ license:gpl2+)))) +(define-public espeak + (package + (name "espeak") + (version "1.48.04") + (source (origin + (method url-fetch) + (uri (string-append "mirror://sourceforge/espeak/espeak/" + "espeak-" (version-major+minor version) + "/espeak-" version "-source.zip")) + (sha256 + (base32 + "0n86gwh9pw0jqqpdz7mxggllfr8k0r7pc67ayy7w5z6z79kig6mz")) + (modules '((guix build utils))) + (snippet + ;; remove prebuilt binaries + '(delete-file-recursively "linux_32bit")))) + (build-system gnu-build-system) + (arguments + `(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")) + (string-append "DATADIR=" + (assoc-ref %outputs "out") + "/share/espeak-data") + (string-append "LDFLAGS=-Wl,-rpath=" + (assoc-ref %outputs "out") + "/lib") + "AUDIO=pulseaudio") + #:tests? #f ; no check target + #:phases + (modify-phases %standard-phases + (replace 'configure + (lambda _ + (chdir "src") + ;; We use version 19 of the PortAudio library, so we must copy the + ;; corresponding file to be sure that espeak compiles correctly. + (copy-file "portaudio19.h" "portaudio.h") + (substitute* "Makefile" + (("/bin/ln") "ln")) + #t))))) + (inputs + `(("portaudio" ,portaudio) + ("pulseaudio" ,pulseaudio))) + (native-inputs `(("unzip" ,unzip))) + (home-page "http://espeak.sourceforge.net/") + (synopsis "Software speech synthesizer") + (description "eSpeak is a software speech synthesizer for English and +other languages. eSpeak uses a \"formant synthesis\" method. This allows many +languages to be provided in a small size. The speech is clear, and can be used +at high speeds, but is not as natural or smooth as larger synthesizers which are +based on human speech recordings.") + (license license:gpl3+))) + (define-public infamous-plugins (package (name "infamous-plugins") From d8e3bb082d16962bd3fadca67a6d93cbcb223a50 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 22 Nov 2016 17:33:07 +0100 Subject: [PATCH 110/161] gnu: vim: Update to 8.0.0095. * gnu/packages/vim.scm (vim, vim-full): Update to 8.0.0095. --- gnu/packages/vim.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/vim.scm b/gnu/packages/vim.scm index 2026c8a7cd..678f895917 100644 --- a/gnu/packages/vim.scm +++ b/gnu/packages/vim.scm @@ -49,7 +49,7 @@ (define-public vim (package (name "vim") - (version "8.0.0073") + (version "8.0.0095") (source (origin (method url-fetch) (uri (string-append "https://github.com/vim/vim/archive/v" @@ -57,7 +57,7 @@ (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1snbzgj89scjs0v3m86p53wvpal9jgs1s6i3hv7jyknpnjvqv5q5")))) + "1whib2zzqdpgfhpr7ymqxj3das6iyiapvx0izw4147mkg9yanmp7")))) (build-system gnu-build-system) (arguments `(#:test-target "test" From be72eb98fa5767b3d28ab431656d8cac048bac10 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 22 Nov 2016 10:19:51 -0500 Subject: [PATCH 111/161] gnu: libtiff: Update replacement to 4.0.7. * gnu/packages/image.scm (libtiff)[replacement]: Update to 4.0.7. (libtiff-4.0.7): New variable. Update home-page and source URLs. (libtiff/fixed): Delete variable. * gnu/packages/patches/libtiff-CVE-2016-5652.patch, gnu/packages/patches/libtiff-CVE-2016-9273.patch, gnu/packages/patches/libtiff-CVE-2016-9297.patch, gnu/packages/patches/libtiff-CVE-2016-9448.patch, gnu/packages/patches/libtiff-uint32-overflow.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/local.mk | 5 - gnu/packages/image.scm | 29 ++--- .../patches/libtiff-CVE-2016-5652.patch | 47 -------- .../patches/libtiff-CVE-2016-9273.patch | 41 ------- .../patches/libtiff-CVE-2016-9297.patch | 52 --------- .../patches/libtiff-CVE-2016-9448.patch | 34 ------ .../patches/libtiff-uint32-overflow.patch | 102 ------------------ 7 files changed, 10 insertions(+), 300 deletions(-) delete mode 100644 gnu/packages/patches/libtiff-CVE-2016-5652.patch delete mode 100644 gnu/packages/patches/libtiff-CVE-2016-9273.patch delete mode 100644 gnu/packages/patches/libtiff-CVE-2016-9297.patch delete mode 100644 gnu/packages/patches/libtiff-CVE-2016-9448.patch delete mode 100644 gnu/packages/patches/libtiff-uint32-overflow.patch diff --git a/gnu/local.mk b/gnu/local.mk index 430d05ff3e..7c6306b5f6 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -672,13 +672,8 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-5314.patch \ %D%/packages/patches/libtiff-CVE-2016-5321.patch \ %D%/packages/patches/libtiff-CVE-2016-5323.patch \ - %D%/packages/patches/libtiff-CVE-2016-5652.patch \ - %D%/packages/patches/libtiff-CVE-2016-9273.patch \ - %D%/packages/patches/libtiff-CVE-2016-9297.patch \ - %D%/packages/patches/libtiff-CVE-2016-9448.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ - %D%/packages/patches/libtiff-uint32-overflow.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ %D%/packages/patches/libunwind-CVE-2015-3239.patch \ %D%/packages/patches/libupnp-CVE-2016-6255.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index af412b4c44..526c87cf86 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -243,7 +243,7 @@ extracting icontainer icon files.") (define-public libtiff (package (name "libtiff") - (replacement libtiff/fixed) + (replacement libtiff-4.0.7) (version "4.0.6") (source (origin (method url-fetch) @@ -283,27 +283,18 @@ collection of tools for doing simple manipulations of TIFF images.") "See COPYRIGHT in the distribution.")) (home-page "http://www.remotesensing.org/libtiff/"))) -(define libtiff/fixed +(define libtiff-4.0.7 (package (inherit libtiff) + (version "4.0.7") (source (origin - (inherit (package-source libtiff)) - (patches (search-patches - "libtiff-oob-accesses-in-decode.patch" - "libtiff-oob-write-in-nextdecode.patch" - "libtiff-uint32-overflow.patch" - "libtiff-CVE-2015-8665+CVE-2015-8683.patch" - "libtiff-CVE-2016-3623.patch" - "libtiff-CVE-2016-3945.patch" - "libtiff-CVE-2016-3990.patch" - "libtiff-CVE-2016-3991.patch" - "libtiff-CVE-2016-5314.patch" - "libtiff-CVE-2016-5321.patch" - "libtiff-CVE-2016-5323.patch" - "libtiff-CVE-2016-5652.patch" - "libtiff-CVE-2016-9273.patch" - "libtiff-CVE-2016-9297.patch" - "libtiff-CVE-2016-9448.patch")))))) + (method url-fetch) + (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-" + version ".tar.gz")) + (sha256 + (base32 + "06ghqhr4db1ssq0acyyz49gr8k41gzw6pqb6mbn5r7jqp77s4hwz")))) + (home-page "http://www.simplesystems.org/libtiff/"))) (define-public libwmf (package diff --git a/gnu/packages/patches/libtiff-CVE-2016-5652.patch b/gnu/packages/patches/libtiff-CVE-2016-5652.patch deleted file mode 100644 index 54b87d0185..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-5652.patch +++ /dev/null @@ -1,47 +0,0 @@ -Fix CVE-2016-5652 (buffer overflow in t2p_readwrite_pdf_image_tile()). - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652 - -Patches exfiltrated from upstream CVS repo with: -cvs diff -u -r 1.92 -r 1.94 tools/tiff2pdf.c - -Index: tools/tiff2pdf.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v -retrieving revision 1.92 -retrieving revision 1.94 -diff -u -r1.92 -r1.94 ---- a/tools/tiff2pdf.c 23 Sep 2016 22:12:18 -0000 1.92 -+++ b/tools/tiff2pdf.c 9 Oct 2016 11:03:36 -0000 1.94 -@@ -2887,21 +2887,24 @@ - return(0); - } - if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) { -- if (count > 0) { -- _TIFFmemcpy(buffer, jpt, count); -+ if (count >= 4) { -+ /* Ignore EOI marker of JpegTables */ -+ _TIFFmemcpy(buffer, jpt, count - 2); - bufferoffset += count - 2; -+ /* Store last 2 bytes of the JpegTables */ - table_end[0] = buffer[bufferoffset-2]; - table_end[1] = buffer[bufferoffset-1]; -- } -- if (count > 0) { - xuint32 = bufferoffset; -+ bufferoffset -= 2; - bufferoffset += TIFFReadRawTile( - input, - tile, -- (tdata_t) &(((unsigned char*)buffer)[bufferoffset-2]), -+ (tdata_t) &(((unsigned char*)buffer)[bufferoffset]), - -1); -- buffer[xuint32-2]=table_end[0]; -- buffer[xuint32-1]=table_end[1]; -+ /* Overwrite SOI marker of image scan with previously */ -+ /* saved end of JpegTables */ -+ buffer[xuint32-2]=table_end[0]; -+ buffer[xuint32-1]=table_end[1]; - } else { - bufferoffset += TIFFReadRawTile( - input, diff --git a/gnu/packages/patches/libtiff-CVE-2016-9273.patch b/gnu/packages/patches/libtiff-CVE-2016-9273.patch deleted file mode 100644 index 9cd6b3d8c5..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-9273.patch +++ /dev/null @@ -1,41 +0,0 @@ -Fix CVE-2016-9273: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273 -http://bugzilla.maptools.org/show_bug.cgi?id=2587 - -Patch extracted from upstream CVS repo: - -2016-11-10 Even Rouault - -revision 1.37 -date: 2016-11-09 18:00:49 -0500; author: erouault; state: Exp; lines: +10 -1; commitid: pzKipPxDJO2dxvtz; -* libtiff/tif_strip.c: make TIFFNumberOfStrips() return the td->td_nstrips -value when it is non-zero, instead of recomputing it. This is needed in -TIFF_STRIPCHOP mode where td_nstrips is modified. Fixes a read outsize of -array in tiffsplit (or other utilities using TIFFNumberOfStrips()). -Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2587 - -Index: libtiff/tif_strip.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v -retrieving revision 1.36 -retrieving revision 1.37 -diff -u -r1.36 -r1.37 ---- a/libtiff/tif_strip.c 7 Jun 2015 22:35:40 -0000 1.36 -+++ b/libtiff/tif_strip.c 9 Nov 2016 23:00:49 -0000 1.37 -@@ -63,6 +63,15 @@ - TIFFDirectory *td = &tif->tif_dir; - uint32 nstrips; - -+ /* If the value was already computed and store in td_nstrips, then return it, -+ since ChopUpSingleUncompressedStrip might have altered and resized the -+ since the td_stripbytecount and td_stripoffset arrays to the new value -+ after the initial affectation of td_nstrips = TIFFNumberOfStrips() in -+ tif_dirread.c ~line 3612. -+ See http://bugzilla.maptools.org/show_bug.cgi?id=2587 */ -+ if( td->td_nstrips ) -+ return td->td_nstrips; -+ - nstrips = (td->td_rowsperstrip == (uint32) -1 ? 1 : - TIFFhowmany_32(td->td_imagelength, td->td_rowsperstrip)); - if (td->td_planarconfig == PLANARCONFIG_SEPARATE) diff --git a/gnu/packages/patches/libtiff-CVE-2016-9297.patch b/gnu/packages/patches/libtiff-CVE-2016-9297.patch deleted file mode 100644 index c9207bbd25..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-9297.patch +++ /dev/null @@ -1,52 +0,0 @@ -Fix CVE-2016-9297: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297 -http://bugzilla.maptools.org/show_bug.cgi?id=2590 - -Patch copied from upstream source repository. - -2016-11-11 Even Rouault - - * libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make sure that - values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII - access are null terminated, to avoid potential read outside buffer - in _TIFFPrintField(). - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2590 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1154; previous revision: 1.1153 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- -libtiff/tif_dirread.c -new revision: 1.203; previous revision: 1.202Index: libtiff/libtiff/tif_dirread.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v -retrieving revision 1.202 -retrieving revision 1.203 -diff -u -r1.202 -r1.203 ---- libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:01:55 -0000 1.202 -+++ libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:22:01 -0000 1.203 -@@ -5000,6 +5000,11 @@ - if (err==TIFFReadDirEntryErrOk) - { - int m; -+ if( data[dp->tdir_count-1] != '\0' ) -+ { -+ TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); -+ data[dp->tdir_count-1] = '\0'; -+ } - m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data); - if (data!=0) - _TIFFfree(data); -@@ -5172,6 +5177,11 @@ - if (err==TIFFReadDirEntryErrOk) - { - int m; -+ if( data[dp->tdir_count-1] != '\0' ) -+ { -+ TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); -+ data[dp->tdir_count-1] = '\0'; -+ } - m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data); - if (data!=0) - _TIFFfree(data); diff --git a/gnu/packages/patches/libtiff-CVE-2016-9448.patch b/gnu/packages/patches/libtiff-CVE-2016-9448.patch deleted file mode 100644 index 05a3af8a84..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-9448.patch +++ /dev/null @@ -1,34 +0,0 @@ -Fix CVE-2016-9448 (regression caused by fix for CVE-2016-9297). - -http://bugzilla.maptools.org/show_bug.cgi?id=2593 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448 - -Patch copied from upstream source repository with: -$ cvs diff -u -r 1.203 -r 1.204 libtiff/libtiff/tif_dirread.c - -Index: libtiff/libtiff/tif_dirread.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v -retrieving revision 1.203 -retrieving revision 1.204 -diff -u -r1.203 -r1.204 ---- libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:22:01 -0000 1.203 -+++ libtiff/libtiff/tif_dirread.c 16 Nov 2016 15:14:15 -0000 1.204 -@@ -5000,7 +5000,7 @@ - if (err==TIFFReadDirEntryErrOk) - { - int m; -- if( data[dp->tdir_count-1] != '\0' ) -+ if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' ) - { - TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); - data[dp->tdir_count-1] = '\0'; -@@ -5177,7 +5177,7 @@ - if (err==TIFFReadDirEntryErrOk) - { - int m; -- if( data[dp->tdir_count-1] != '\0' ) -+ if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' ) - { - TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); - data[dp->tdir_count-1] = '\0'; diff --git a/gnu/packages/patches/libtiff-uint32-overflow.patch b/gnu/packages/patches/libtiff-uint32-overflow.patch deleted file mode 100644 index c95126f9a1..0000000000 --- a/gnu/packages/patches/libtiff-uint32-overflow.patch +++ /dev/null @@ -1,102 +0,0 @@ -Fix some buffer overflows: - -http://seclists.org/oss-sec/2016/q4/408 -http://bugzilla.maptools.org/show_bug.cgi?id=2592 - -2016-11-11 Even Rouault - - * tools/tiffcrop.c: fix multiple uint32 overflows in - writeBufferToSeparateStrips(), writeBufferToContigTiles() and - writeBufferToSeparateTiles() that could cause heap buffer -overflows. - Reported by Henri Salo from Nixu Corporation. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2592 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1152; previous revision: 1.1151 -/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c -new revision: 1.43; previous revision: 1.42 - -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v -retrieving revision 1.42 -retrieving revision 1.43 -diff -u -r1.42 -r1.43 ---- libtiff/tools/tiffcrop.c 14 Oct 2016 19:13:20 -0000 1.42 -+++ libtiff/tools/tiffcrop.c 11 Nov 2016 19:33:06 -0000 1.43 -@@ -148,6 +148,8 @@ - #define PATH_MAX 1024 - #endif - -+#define TIFF_UINT32_MAX 0xFFFFFFFFU -+ - #ifndef streq - #define streq(a,b) (strcmp((a),(b)) == 0) - #endif -@@ -1164,7 +1166,24 @@ - (void) TIFFGetFieldDefaulted(out, TIFFTAG_ROWSPERSTRIP, &rowsperstrip); - (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); - bytes_per_sample = (bps + 7) / 8; -- rowsize = ((bps * spp * width) + 7) / 8; /* source has interleaved samples */ -+ if( width == 0 || -+ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / width || -+ bps * spp * width > TIFF_UINT32_MAX - 7U ) -+ { -+ TIFFError(TIFFFileName(out), -+ "Error, uint32 overflow when computing (bps * spp * width) + 7"); -+ return 1; -+ } -+ rowsize = ((bps * spp * width) + 7U) / 8; /* source has interleaved samples */ -+ if( bytes_per_sample == 0 || -+ rowsperstrip > TIFF_UINT32_MAX / bytes_per_sample || -+ rowsperstrip * bytes_per_sample > TIFF_UINT32_MAX / (width + 1) ) -+ { -+ TIFFError(TIFFFileName(out), -+ "Error, uint32 overflow when computing rowsperstrip * " -+ "bytes_per_sample * (width + 1)"); -+ return 1; -+ } - rowstripsize = rowsperstrip * bytes_per_sample * (width + 1); - - obuf = _TIFFmalloc (rowstripsize); -@@ -1251,11 +1270,19 @@ - } - } - -+ if( imagewidth == 0 || -+ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / imagewidth || -+ bps * spp * imagewidth > TIFF_UINT32_MAX - 7U ) -+ { -+ TIFFError(TIFFFileName(out), -+ "Error, uint32 overflow when computing (imagewidth * bps * spp) + 7"); -+ return 1; -+ } -+ src_rowsize = ((imagewidth * spp * bps) + 7U) / 8; -+ - tilebuf = _TIFFmalloc(tile_buffsize); - if (tilebuf == 0) - return 1; -- -- src_rowsize = ((imagewidth * spp * bps) + 7) / 8; - for (row = 0; row < imagelength; row += tl) - { - nrow = (row + tl > imagelength) ? imagelength - row : tl; -@@ -1315,7 +1342,16 @@ - TIFFGetField(out, TIFFTAG_TILELENGTH, &tl); - TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw); - TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); -- src_rowsize = ((imagewidth * spp * bps) + 7) / 8; -+ -+ if( imagewidth == 0 || -+ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / imagewidth || -+ bps * spp * imagewidth > TIFF_UINT32_MAX - 7 ) -+ { -+ TIFFError(TIFFFileName(out), -+ "Error, uint32 overflow when computing (imagewidth * bps * spp) + 7"); -+ return 1; -+ } -+ src_rowsize = ((imagewidth * spp * bps) + 7U) / 8; - - for (row = 0; row < imagelength; row += tl) - { From 6317d36f3beb246f9d20e2760d4c5f0d20ee196f Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 22 Nov 2016 20:41:48 +0100 Subject: [PATCH 112/161] gnu: notmuch: Skip tests that fail with gnupg-2.1.16. * gnu/packages/mail.scm (notmuch)[arguments]: Add environment variable to skip tests that broke after gnupg-2.1.16. --- gnu/packages/mail.scm | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index a365e37f9b..05ab9db07f 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -568,6 +568,11 @@ invoking @command{notifymuch} from the post-new hook.") ;; Patch various inline shell invocations. (substitute* (find-files "test" "\\.sh$") (("/bin/sh") (which "sh"))) + ;; XXX: Some signature verification tests fail with + ;; gnupg-2.1.16, so we skip them. See this thread: + ;; https://notmuchmail.org/pipermail/notmuch/2016/023688.html + (setenv "NOTMUCH_SKIP_TESTS" + "T350-crypto.2 T350-crypto.3 T350-crypto.4 T350-crypto.15") #t))))) (native-inputs `(("bash-completion" ,bash-completion) From 1f410017ff91458feda8c5788223d17696b71e36 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 22 Nov 2016 20:25:29 +0100 Subject: [PATCH 113/161] gnu: notmuch: Update to 0.23.2. * gnu/packages/mail.scm (notmuch): Update to 0.23.2. --- gnu/packages/mail.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index 05ab9db07f..9dcaea364c 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -537,14 +537,14 @@ invoking @command{notifymuch} from the post-new hook.") (define-public notmuch (package (name "notmuch") - (version "0.23.1") + (version "0.23.2") (source (origin (method url-fetch) (uri (string-append "https://notmuchmail.org/releases/notmuch-" version ".tar.gz")) (sha256 (base32 - "106ijsnilqf8760z4cq99rqzjsvyaw86d0lgnzz7v95gm4d2l0g8")))) + "1g4p5hsrqqbqk6s2w756als60wppvjgpyq104smy3w9vshl7bzgd")))) (build-system gnu-build-system) (arguments '(#:make-flags (list "V=1") ; Verbose test output. From 2947ff6430da5d60017b0c5c8c51fd2a1d85440b Mon Sep 17 00:00:00 2001 From: John Darrington Date: Tue, 22 Nov 2016 21:16:29 +0100 Subject: [PATCH 114/161] gnu: Update mit-krb5 to version 1.14.4. * gnu/packages/mit-krb5.scm (mit-krb5): Update to 1.14.4 --- gnu/packages/mit-krb5.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/mit-krb5.scm b/gnu/packages/mit-krb5.scm index 3299c7b5c4..87fe57dc4b 100644 --- a/gnu/packages/mit-krb5.scm +++ b/gnu/packages/mit-krb5.scm @@ -32,7 +32,7 @@ (define-public mit-krb5 (package (name "mit-krb5") - (version "1.14.3") + (version "1.14.4") (source (origin (method url-fetch) (uri (string-append "http://web.mit.edu/kerberos/dist/krb5/" @@ -40,7 +40,7 @@ "/krb5-" version ".tar.gz")) (sha256 (base32 - "1jgjiyh1sp72lkxvk437lz5hzcibvw99jc4ihzfz03fg43aj0ind")))) + "158bgq9xcg5ljgzia1880ak7m9g6vf2r009rzdqif5n9h111m9h3")))) (build-system gnu-build-system) (native-inputs `(("bison" ,bison) From 8957af324be5014c433cb7d0e18fc2d35ce8cf4b Mon Sep 17 00:00:00 2001 From: Christopher Allan Webber Date: Tue, 22 Nov 2016 15:25:51 -0600 Subject: [PATCH 115/161] gnu: python-pyld: Update to 0.7.1. * gnu/packages/python.scm (python-pyld): Update to 0.7.1. --- gnu/packages/python.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 61bb6954e3..123b30800d 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -2328,13 +2328,13 @@ files.") (define-public python-pyld (package (name "python-pyld") - (version "0.6.8") + (version "0.7.1") (source (origin (method url-fetch) (uri (pypi-uri "PyLD" version)) (sha256 (base32 - "0k881ffazpf8q1z8862g4bb3pzwpnz9whrci2mf311mvn1qbyqad")))) + "1m0fs6897vxfkf7awah5i66i7b7smm5fnywf1w50fpzyfbfhr156")))) (build-system python-build-system) (inputs `(("python-setuptools" ,python-setuptools))) From 10da75dff8cac41658b6a2eaf8cfeae691242a28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Tue, 22 Nov 2016 11:26:02 +0100 Subject: [PATCH 116/161] gnu: grub: Add dependency on LVM2. * gnu/packages/grub.scm (grub)[inputs]: Add LVM2. --- gnu/packages/grub.scm | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/gnu/packages/grub.scm b/gnu/packages/grub.scm index b920be9ea2..ef7395e95e 100644 --- a/gnu/packages/grub.scm +++ b/gnu/packages/grub.scm @@ -127,9 +127,16 @@ (("set -e") "exit 77\nset -e")) #t))))) (inputs - `(;; ("lvm2" ,lvm2) - ("gettext" ,gettext-minimal) + `(("gettext" ,gettext-minimal) + + ;; Depend on LVM2 for libdevmapper, used by 'grub-probe' and + ;; 'grub-install' to recognize mapped devices (LUKS, etc.) + ("lvm2" ,lvm2) + + ;; Depend on mdadm, which is invoked by 'grub-probe' and 'grub-install' + ;; to determine whether the root file system is RAID. ("mdadm" ,mdadm) + ("freetype" ,freetype) ;; ("libusb" ,libusb) ;; ("fuse" ,fuse) From 01f94cca19ebd843d6a518530f8acc4fc61b116b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Tue, 22 Nov 2016 21:38:40 +0100 Subject: [PATCH 117/161] gnu: Add 'lvm2-static'. * gnu/packages/patches/lvm2-static-link.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/linux.scm (lvm2)[source](patches): New field. (lvm2-static): New variable. --- gnu/local.mk | 1 + gnu/packages/linux.scm | 19 ++++++++++++++++++- gnu/packages/patches/lvm2-static-link.patch | 14 ++++++++++++++ 3 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/lvm2-static-link.patch diff --git a/gnu/local.mk b/gnu/local.mk index 7c6306b5f6..49137277f1 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -705,6 +705,7 @@ dist_patch_DATA = \ %D%/packages/patches/luajit-no_ldconfig.patch \ %D%/packages/patches/luajit-symlinks.patch \ %D%/packages/patches/luit-posix.patch \ + %D%/packages/patches/lvm2-static-link.patch \ %D%/packages/patches/make-impure-dirs.patch \ %D%/packages/patches/mars-install.patch \ %D%/packages/patches/mars-sfml-2.3.patch \ diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 94b9315085..5870723baf 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -1683,7 +1683,8 @@ time.") (("confdir = .*$") "confdir = @sysconfdir@\n") (("DEFAULT_SYS_DIR = @DEFAULT_SYS_DIR@") - "DEFAULT_SYS_DIR = @sysconfdir@")))))) + "DEFAULT_SYS_DIR = @sysconfdir@")))) + (patches (search-patches "lvm2-static-link.patch")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config) @@ -1738,6 +1739,22 @@ mapper. Kernel components are part of Linux-libre.") ;; Command-line tools are GPLv2. (license (list license:gpl2 license:lgpl2.1)))) +(define-public lvm2-static + (package + (inherit lvm2) + (name "lvm2-static") + + ;; Propagate udev because libdevmapper.a depends on libudev. + (inputs (alist-delete "udev" (package-inputs lvm2))) + (propagated-inputs `(("udev" ,eudev))) + + (arguments + (substitute-keyword-arguments (package-arguments lvm2) + ((#:configure-flags flags '()) + ;; LVM2 doesn't use Libtool, hence the custom option. + `(cons "--enable-static_link" ,flags)))) + (synopsis "Logical volume management for Linux (statically linked)"))) + (define-public wireless-tools (package (name "wireless-tools") diff --git a/gnu/packages/patches/lvm2-static-link.patch b/gnu/packages/patches/lvm2-static-link.patch new file mode 100644 index 0000000000..b4b1dd92e1 --- /dev/null +++ b/gnu/packages/patches/lvm2-static-link.patch @@ -0,0 +1,14 @@ +Fix static linking of 'lvm.static', which indirectly depend on libpthread +via libdevmapper.a. + +--- LVM2.2.02.166/tools/Makefile.in 2016-11-22 21:31:15.521045149 +0100 ++++ LVM2.2.02.166/tools/Makefile.in 2016-11-22 21:31:24.085082767 +0100 +@@ -148,7 +148,7 @@ endif + + lvm.static: $(OBJECTS) lvm-static.o $(top_builddir)/lib/liblvm-internal.a $(interfacebuilddir)/libdevmapper.a + $(CC) $(CFLAGS) $(LDFLAGS) -static -L$(interfacebuilddir) -o $@ \ +- $(OBJECTS) lvm-static.o $(LVMLIBS) $(STATIC_LIBS) $(LIBS) ++ $(OBJECTS) lvm-static.o $(LVMLIBS) $(STATIC_LIBS) $(LIBS) $(PTHREAD_LIBS) + + liblvm2cmd.a: $(top_builddir)/lib/liblvm-internal.a $(OBJECTS) lvmcmdlib.o lvm2cmd.o + cat $(top_builddir)/lib/liblvm-internal.a > $@ From 106b389e525f93a56bd1d25fd33eecbd552a8c93 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Tue, 22 Nov 2016 22:40:49 +0100 Subject: [PATCH 118/161] gnu: Add 'cryptsetup-static'. * gnu/packages/cryptsetup.scm (static-library): New procedure. (cryptsetup-static): New variable. --- gnu/packages/cryptsetup.scm | 65 +++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) diff --git a/gnu/packages/cryptsetup.scm b/gnu/packages/cryptsetup.scm index 183c568fd9..da58facffb 100644 --- a/gnu/packages/cryptsetup.scm +++ b/gnu/packages/cryptsetup.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013 Andreas Enge +;;; Copyright © 2016 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; @@ -58,3 +59,67 @@ setup information in the partition header, enabling the users to transport or migrate their data seamlessly.") (license license:gpl2) (home-page "https://gitlab.com/cryptsetup/cryptsetup"))) + +(define (static-library library) + "Return a variant of package LIBRARY that provides static libraries ('.a' +files). This assumes LIBRARY uses Libtool." + (package + (inherit library) + (name (string-append (package-name library) "-static")) + (arguments + (substitute-keyword-arguments (package-arguments library) + ((#:configure-flags flags ''()) + `(append '("--disable-shared" "--enable-static") + ,flags)))))) + +(define-public cryptsetup-static + ;; Stripped-down statically-linked 'cryptsetup' command for use in initrds. + (package + (inherit cryptsetup) + (name "cryptsetup-static") + (arguments + '(#:configure-flags '("--disable-shared" + "--enable-static-cryptsetup" + + ;; 'libdevmapper.a' pulls in libpthread and libudev. + "LIBS=-ludev -pthread") + + #:allowed-references () ;this should be self-contained + + #:modules ((ice-9 ftw) + (ice-9 match) + (guix build utils) + (guix build gnu-build-system)) + + #:phases (modify-phases %standard-phases + (add-after 'install 'remove-cruft + (lambda* (#:key outputs #:allow-other-keys) + ;; Remove everything except the 'cryptsetup' command and + ;; its friend. + (let ((out (assoc-ref outputs "out"))) + (with-directory-excursion out + (let ((dirs (scandir "." + (match-lambda + ((or "." "..") #f) + (_ #t))))) + (for-each delete-file-recursively + (delete "sbin" dirs)) + (for-each (lambda (file) + (rename-file (string-append file + ".static") + file) + (remove-store-references file)) + '("sbin/cryptsetup" "sbin/veritysetup")) + #t)))))))) + (inputs + (let ((libgcrypt-static + (package + (inherit (static-library libgcrypt)) + (propagated-inputs + `(("libgpg-error-host" ,(static-library libgpg-error))))))) + `(("libgcrypt" ,libgcrypt-static) + ("lvm2" ,lvm2-static) + ("util-linux" ,util-linux "static") + ("util-linux" ,util-linux) + ("popt" ,popt)))) + (synopsis "Hard disk encryption tool (statically linked)"))) From ad17470551d3e7fdc8e91930d37716e136b1080d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Tue, 22 Nov 2016 22:57:41 +0100 Subject: [PATCH 119/161] marionette: Avoid use of SIGALRM for timeouts. * gnu/build/marionette.scm (make-marionette)[accept*]: New procedures. Remove calls to 'sigaction'. Use 'accept*' instead of 'accept'. --- gnu/build/marionette.scm | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/gnu/build/marionette.scm b/gnu/build/marionette.scm index 9399c55313..d36e1c8d09 100644 --- a/gnu/build/marionette.scm +++ b/gnu/build/marionette.scm @@ -93,6 +93,13 @@ QEMU monitor and to the guest's backdoor REPL." "-device" "virtio-serial" "-device" "virtconsole,chardev=repl")) + (define (accept* port) + (match (select (list port) '() (list port) timeout) + (((port) () ()) + (accept port)) + (_ + (error "timeout in 'accept'" port)))) + (let ((monitor (socket AF_UNIX SOCK_STREAM 0)) (repl (socket AF_UNIX SOCK_STREAM 0))) (bind monitor (file->sockaddr "monitor")) @@ -117,26 +124,20 @@ QEMU monitor and to the guest's backdoor REPL." (primitive-exit 1)))) (pid (format #t "QEMU runs as PID ~a~%" pid) - (sigaction SIGALRM - (lambda (signum) - (display "time is up!\n") ;FIXME: break - #t)) - (alarm timeout) - (match (accept monitor) + (match (accept* monitor) ((monitor-conn . _) (display "connected to QEMU's monitor\n") (close-port monitor) (wait-for-monitor-prompt monitor-conn) (display "read QEMU monitor prompt\n") - (match (accept repl) + (match (accept* repl) ((repl-conn . addr) (display "connected to guest REPL\n") (close-port repl) (match (read repl-conn) ('ready (alarm 0) - (sigaction SIGALRM SIG_DFL) (display "marionette is ready\n") (marionette (append command extra-options) pid monitor-conn repl-conn))))))))))) From 35b2f18c5f3886ac712db53d6b035943bf24bad4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 23 Nov 2016 00:02:52 +0100 Subject: [PATCH 120/161] Revert "gnu: Update mit-krb5 to version 1.14.4." This reverts commit 2947ff6430da5d60017b0c5c8c51fd2a1d85440b, which would have caused too many rebuilds for 'master'. --- gnu/packages/mit-krb5.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/mit-krb5.scm b/gnu/packages/mit-krb5.scm index 87fe57dc4b..3299c7b5c4 100644 --- a/gnu/packages/mit-krb5.scm +++ b/gnu/packages/mit-krb5.scm @@ -32,7 +32,7 @@ (define-public mit-krb5 (package (name "mit-krb5") - (version "1.14.4") + (version "1.14.3") (source (origin (method url-fetch) (uri (string-append "http://web.mit.edu/kerberos/dist/krb5/" @@ -40,7 +40,7 @@ "/krb5-" version ".tar.gz")) (sha256 (base32 - "158bgq9xcg5ljgzia1880ak7m9g6vf2r009rzdqif5n9h111m9h3")))) + "1jgjiyh1sp72lkxvk437lz5hzcibvw99jc4ihzfz03fg43aj0ind")))) (build-system gnu-build-system) (native-inputs `(("bison" ,bison) From 66ebb5bca3c072d1887eb09cfa5fb08100127720 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 23 Nov 2016 00:02:11 +0100 Subject: [PATCH 121/161] gnu: guix: Update development snapshot. * gnu/packages/package-management.scm (guix-devel): Update to 1f410017. --- gnu/packages/package-management.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index 33df607ebb..051dff34b7 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -222,9 +222,9 @@ the Nix package manager.") ;; ;; Note: use a very short commit id; with a longer one, the limit on ;; hash-bang lines would be exceeded while running the tests. - (let ((commit "7ca37da855fd921fa3925bb62f8015f770b7e784")) + (let ((commit "1f410017ff91458feda8c5788223d17696b71e36")) (package (inherit guix-0.11.0) - (version (string-append "0.11.0-3." (string-take commit 4))) + (version (string-append "0.11.0-4." (string-take commit 4))) (source (origin (method git-fetch) (uri (git-reference @@ -234,7 +234,7 @@ the Nix package manager.") (commit commit))) (sha256 (base32 - "0bw5y9rgy2jq81lrd0g5c3gqpmlrjlgv0ynn7kz8v08lxkidaw8s")) + "1mgzcbf1mry39wvvjflj76zggsshsip2pngxpaf2479yr3ri6v50")) (file-name (string-append "guix-" version "-checkout")))) (arguments (substitute-keyword-arguments (package-arguments guix-0.11.0) From 4263eb4dd0cf9948f524dceed728008607e76e47 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Tue, 22 Nov 2016 21:49:39 -0500 Subject: [PATCH 122/161] gnu: linux-libre@4.4: Update to 4.4.34. * gnu/packages/linux.scm (linux-libre-4.4): Update to 4.4.34. --- gnu/packages/linux.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 5870723baf..c75947ec25 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -333,8 +333,8 @@ It has been modified to remove all non-free binary blobs.") #:configuration-file kernel-config)) (define-public linux-libre-4.4 - (make-linux-libre "4.4.33" - "0d8axxymb51wh4gdhg674z3wjx4vpcl71cn4z44lml9xbnhhppkx" + (make-linux-libre "4.4.34" + "04ng40l2av34bcfwjs5vliv15f0m8bl0sfw08imspiplxvajd6ca" %intel-compatible-systems #:configuration-file kernel-config)) From 08b3e4a97066c9baaf39e3df7c2dd9c39e693ead Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Tue, 22 Nov 2016 21:59:54 -0500 Subject: [PATCH 123/161] gnu: linux-libre: Update to 4.8.10. * gnu/packages/linux.scm (%linux-libre-version, %linux-libre-hash) (linux-libre): Update to 4.8.10. --- gnu/packages/linux.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index c75947ec25..e562213058 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -327,8 +327,8 @@ It has been modified to remove all non-free binary blobs.") (define %intel-compatible-systems '("x86_64-linux" "i686-linux")) (define-public linux-libre - (make-linux-libre "4.8.9" - "0b2j8zxz3z2gc302cdgsmbbnfzswpq558bmv13rbcgrknm9fgzmj" + (make-linux-libre "4.8.10" + "04kwarmpz5adz64wwy0xpwzxsri7jrjkhbmjlwxsac69x9a26bkl" %intel-compatible-systems #:configuration-file kernel-config)) @@ -345,8 +345,8 @@ It has been modified to remove all non-free binary blobs.") #:configuration-file kernel-config)) ;; Avoid rebuilding kernel variants when there is a minor version bump. -(define %linux-libre-version "4.8.9") -(define %linux-libre-hash "0b2j8zxz3z2gc302cdgsmbbnfzswpq558bmv13rbcgrknm9fgzmj") +(define %linux-libre-version "4.8.10") +(define %linux-libre-hash "04kwarmpz5adz64wwy0xpwzxsri7jrjkhbmjlwxsac69x9a26bkl") (define-public linux-libre-arm-generic (make-linux-libre %linux-libre-version From 1e16648f825b76a8feb63ce51e7ada8ae9870aa0 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Wed, 23 Nov 2016 12:37:17 +0200 Subject: [PATCH 124/161] gnu: chez-scheme: Remove support for armhf. * gnu/packages/chez.scm (chez-scheme)[supported-systems]: Remove armhf-linux from the list of supported systems. --- gnu/packages/chez.scm | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/gnu/packages/chez.scm b/gnu/packages/chez.scm index 5edce56505..7f0256edcc 100644 --- a/gnu/packages/chez.scm +++ b/gnu/packages/chez.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2016 Federico Beffa +;;; Copyright © 2016 Efraim Flashner ;;; ;;; This file is part of GNU Guix. ;;; @@ -94,8 +95,7 @@ (list ,(match (or (%current-target-system) (%current-system)) ("x86_64-linux" '(list "--machine=ta6le")) ("i686-linux" '(list "--machine=ti3le")) - ;; FIXME: Some people succeeded in cross-compiling to - ;; ARM. https://github.com/cisco/ChezScheme/issues/13 + ;; Let autodetection have its attempt on other architectures. (_ '()))) #:phases @@ -191,7 +191,9 @@ (find-files lib "scheme.boot")) #t)))))) ;; According to the documentation MIPS is not supported. - (supported-systems (delete "mips64el-linux" %supported-systems)) + ;; Cross-compiling for the Raspberry Pi is supported, but not native ARM. + (supported-systems (fold delete %supported-systems + '("mips64el-linux" "armhf-linux"))) (home-page "http://www.scheme.com") (synopsis "R6RS Scheme compiler and run-time") (description From 8553fe573463d52a565cd253c131d527e5aab5b2 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 21 Nov 2016 22:08:06 +0200 Subject: [PATCH 125/161] gnu: Add aspell-dict-he. * gnu/packages/aspell.scm (aspell-dict-he): New variable. --- gnu/packages/aspell.scm | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/gnu/packages/aspell.scm b/gnu/packages/aspell.scm index b7024124bd..b3ca380533 100644 --- a/gnu/packages/aspell.scm +++ b/gnu/packages/aspell.scm @@ -1,7 +1,8 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015 Ludovic Courtès ;;; Copyright © 2015, 2016 Alex Kost -;;; Copyright ©2016 John Darrington +;;; Copyright © 2016 John Darrington +;;; Copyright © 2016 Efraim Flashner ;;; ;;; This file is part of GNU Guix. ;;; @@ -155,3 +156,10 @@ dictionaries, including personal ones.") #:sha256 (base32 "0ffb87yjsh211hllpc4b9khqqrblial4pzi1h9r3v465z1yhn3j4"))) + +(define-public aspell-dict-he + (aspell-dictionary "he" "Hebrew" + #:version "1.0-0" + #:sha256 + (base32 + "13bhbghx5b8g0119g3wxd4n8mlf707y41vlf59irxjj0kynankfn"))) From bc05caee77b30c053e6e94a3814e22eed902188f Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Wed, 23 Nov 2016 12:42:36 +0200 Subject: [PATCH 126/161] gnu: chez.scm: Add '#:use-module srfi srfi-1'. This is a follow-up to 1e16648f825b76a8feb63ce51e7ada8ae9870aa0. * gnu/packages/chez.scm: Add '#:use-module srfi srfi-1'. --- gnu/packages/chez.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gnu/packages/chez.scm b/gnu/packages/chez.scm index 7f0256edcc..6b2b70f19e 100644 --- a/gnu/packages/chez.scm +++ b/gnu/packages/chez.scm @@ -35,7 +35,8 @@ #:use-module (gnu packages compression) #:use-module (gnu packages image) #:use-module (gnu packages xorg) - #:use-module (ice-9 match)) + #:use-module (ice-9 match) + #:use-module (srfi srfi-1)) (define nanopass (let ((version "1.9")) From 8a28e717ba702bea69ec8ecfcdb512c8ded39be2 Mon Sep 17 00:00:00 2001 From: ng0 Date: Tue, 22 Nov 2016 23:57:04 +0000 Subject: [PATCH 127/161] gnu: Add perl-digest-md5. * gnu/packages/perl.scm (perl-digest-md5): New variable. Signed-off-by: Marius Bakke --- gnu/packages/perl.scm | 31 ++++++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm index ab6120142d..d332e2aa1e 100644 --- a/gnu/packages/perl.scm +++ b/gnu/packages/perl.scm @@ -7,7 +7,7 @@ ;;; Copyright © 2016 Mark H Weaver ;;; Copyright © 2016 Jochem Raat ;;; Copyright © 2016 Efraim Flashner -;;; Coypright © 2016 ng0 +;;; Coypright © 2016 ng0 ;;; Copyright © 2016 Alex Sassmannshausen ;;; Copyright © 2016 Roel Janssen ;;; Copyright © 2016 Ben Woodcroft @@ -2055,6 +2055,35 @@ each stack frame.") interface for the RFC 2104 HMAC mechanism.") (license (package-license perl)))) +(define-public perl-digest-md5 + (package + (name "perl-digest-md5") + (version "2.55") + (source + (origin + (method url-fetch) + (uri (string-append "mirror://cpan/authors/id/G/GA/GAAS/Digest-MD5-" + version ".tar.gz")) + (sha256 + (base32 + "0g0fklbrm2krswc1xhp4iwn1dhqq71fqh2p5wm8xj9a4s6i9ic83")))) + (build-system perl-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'build 'set-permissions + (lambda _ + ;; Make MD5.so read-write so it can be stripped. + (chmod "blib/arch/auto/Digest/MD5/MD5.so" #o755))))))) + (home-page "http://search.cpan.org/dist/Digest-MD5") + (synopsis "Perl interface to the MD-5 algorithm") + (description + "The @code{Digest::MD5} module allows you to use the MD5 Message Digest +algorithm from within Perl programs. The algorithm takes as +input a message of arbitrary length and produces as output a +128-bit \"fingerprint\" or \"message digest\" of the input.") + (license (package-license perl)))) + (define-public perl-digest-sha1 (package (name "perl-digest-sha1") From 262c2d33bc4d3413644ec9e65c9b5c8c83a47349 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Wed, 23 Nov 2016 18:16:53 +0200 Subject: [PATCH 128/161] gnu: perl-digest-md5: Fix typo. * gnu/packages/perl.scm (perl-digest-md5)[arguments]: Remove extra ')'. --- gnu/packages/perl.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm index d332e2aa1e..e9f3dca15a 100644 --- a/gnu/packages/perl.scm +++ b/gnu/packages/perl.scm @@ -2074,7 +2074,7 @@ interface for the RFC 2104 HMAC mechanism.") (add-after 'build 'set-permissions (lambda _ ;; Make MD5.so read-write so it can be stripped. - (chmod "blib/arch/auto/Digest/MD5/MD5.so" #o755))))))) + (chmod "blib/arch/auto/Digest/MD5/MD5.so" #o755)))))) (home-page "http://search.cpan.org/dist/Digest-MD5") (synopsis "Perl interface to the MD-5 algorithm") (description From 1c9f78eca1f7e169562abaaa882fd94d845208af Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 23 Nov 2016 14:37:32 -0500 Subject: [PATCH 129/161] gnu: python-passlib: Update to 1.7.0. * gnu/packages/python.scm (python-passlib, python2-passlib): Update to 1.7.0. --- gnu/packages/python.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 123b30800d..5e8956f946 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -453,14 +453,14 @@ pidof, tty, taskset, pmap.") (define-public python-passlib (package (name "python-passlib") - (version "1.6.5") + (version "1.7.0") (source (origin (method url-fetch) (uri (pypi-uri "passlib" version)) (sha256 (base32 - "1z27wdxs5rj5xhhqfzvzn3yg682irkxw6dcs5jj7mcf97psk8gd8")))) + "1vdbqsa1a31s98fxkinl052q8nnpvbxnb83qanxfpi2p6c2zdr0b")))) (build-system python-build-system) (native-inputs `(("python-nose" ,python-nose) From f25c9ebc805565ae517c87c6b904bde0661bee46 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 23 Nov 2016 11:04:28 +0100 Subject: [PATCH 130/161] marionette: Delay synchronization with the host's REPL. * gnu/build/marionette.scm ()[marionette-repl]: Rename to... [%marionette-repl]: ... this. (marionette-repl): New macro. (make-marionette): Wrap last 'read' call into 'delay', making the last argument to 'marionette' a promise of a port. (marionette-eval): Use 'force' in 'match' clause. --- gnu/build/marionette.scm | 35 +++++++++++++++++++++++------------ 1 file changed, 23 insertions(+), 12 deletions(-) diff --git a/gnu/build/marionette.scm b/gnu/build/marionette.scm index d36e1c8d09..70b737fc57 100644 --- a/gnu/build/marionette.scm +++ b/gnu/build/marionette.scm @@ -45,7 +45,10 @@ (command marionette-command) ;list of strings (pid marionette-pid) ;integer (monitor marionette-monitor) ;port - (repl marionette-repl)) ;port + (repl %marionette-repl)) ;promise of a port + +(define-syntax-rule (marionette-repl marionette) + (force (%marionette-repl marionette))) (define* (wait-for-monitor-prompt port #:key (quiet? #t)) "Read from PORT until we have seen all of QEMU's monitor prompt. When @@ -131,21 +134,29 @@ QEMU monitor and to the guest's backdoor REPL." (close-port monitor) (wait-for-monitor-prompt monitor-conn) (display "read QEMU monitor prompt\n") - (match (accept* repl) - ((repl-conn . addr) - (display "connected to guest REPL\n") - (close-port repl) - (match (read repl-conn) - ('ready - (alarm 0) - (display "marionette is ready\n") - (marionette (append command extra-options) pid - monitor-conn repl-conn))))))))))) + + (marionette (append command extra-options) pid + monitor-conn + + ;; The following 'accept' call connects immediately, but + ;; we don't know whether the guest has connected until + ;; we actually receive the 'ready' message. + (match (accept* repl) + ((repl-conn . addr) + (display "connected to guest REPL\n") + (close-port repl) + ;; Delay reception of the 'ready' message so that the + ;; caller can already send monitor commands. + (delay + (match (read repl-conn) + ('ready + (display "marionette is ready\n") + repl-conn)))))))))))) (define (marionette-eval exp marionette) "Evaluate EXP in MARIONETTE's backdoor REPL. Return the result." (match marionette - (($ command pid monitor repl) + (($ command pid monitor (= force repl)) (write exp repl) (newline repl) (read repl)))) From fe933833504c90eb40b0d2c71847675b31c142b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 23 Nov 2016 13:56:42 +0100 Subject: [PATCH 131/161] marionette: Add 'marionette-screen-text' using OCR. * gnu/build/marionette.scm (marionette-screen-text): New procedure. * gnu/tests/base.scm (run-basic-test)["screen text"]: New test. --- gnu/build/marionette.scm | 33 +++++++++++++++++++++++++++++++++ gnu/tests/base.scm | 16 ++++++++++++++++ 2 files changed, 49 insertions(+) diff --git a/gnu/build/marionette.scm b/gnu/build/marionette.scm index 70b737fc57..8070b6b439 100644 --- a/gnu/build/marionette.scm +++ b/gnu/build/marionette.scm @@ -21,10 +21,12 @@ #:use-module (srfi srfi-26) #:use-module (rnrs io ports) #:use-module (ice-9 match) + #:use-module (ice-9 popen) #:export (marionette? make-marionette marionette-eval marionette-control + marionette-screen-text %qwerty-us-keystrokes marionette-type)) @@ -171,6 +173,37 @@ pcsys_monitor\")." (newline monitor) (wait-for-monitor-prompt monitor)))) +(define* (marionette-screen-text marionette + #:key + (ocrad "ocrad")) + "Take a screenshot of MARIONETTE, perform optical character +recognition (OCR), and return the text read from the screen as a string. Do +this by invoking OCRAD (file name for GNU Ocrad's command)" + (define (random-file-name) + (string-append "/tmp/marionette-screenshot-" + (number->string (random (expt 2 32)) 16) + ".ppm")) + + (let ((image (random-file-name))) + (dynamic-wind + (const #t) + (lambda () + (marionette-control (string-append "screendump " image) + marionette) + + ;; Tell Ocrad to invert the image colors (make it black on white) and + ;; to scale the image up, which significantly improves the quality of + ;; the result. In spite of this, be aware that OCR confuses "y" and + ;; "V" and sometimes erroneously introduces white space. + (let* ((pipe (open-pipe* OPEN_READ ocrad + "-i" "-s" "10" image)) + (text (get-string-all pipe))) + (unless (zero? (close-pipe pipe)) + (error "'ocrad' failed" ocrad)) + text)) + (lambda () + (false-if-exception (delete-file image)))))) + (define %qwerty-us-keystrokes ;; Maps "special" characters to their keystrokes. '((#\newline . "ret") diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm index 9a265309c0..3be1c55b41 100644 --- a/gnu/tests/base.scm +++ b/gnu/tests/base.scm @@ -31,6 +31,8 @@ #:use-module (gnu services mcron) #:use-module (gnu services shepherd) #:use-module (gnu services networking) + #:use-module (gnu packages imagemagick) + #:use-module (gnu packages ocr) #:use-module (guix gexp) #:use-module (guix store) #:use-module (guix monads) @@ -241,6 +243,20 @@ info --version") marionette) (file-exists? "tty1.ppm"))) + (test-assert "screen text" + (let ((text (marionette-screen-text marionette + #:ocrad + #$(file-append ocrad + "/bin/ocrad")))) + ;; Check whether the welcome message and shell prompt are + ;; displayed. Note: OCR confuses "y" and "V" for instance, so + ;; we cannot reliably match the whole text. + (and (string-contains text "This is the GNU") + (string-contains text + (string-append + "root@" + #$(operating-system-host-name os)))))) + (test-end) (exit (= (test-runner-fail-count (test-runner-current)) 0))))) From b7d408ec1b591853b4a2fc209e577d60b147e03b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 23 Nov 2016 20:50:41 +0100 Subject: [PATCH 132/161] mapped-devices: Use 'cryptsetup-static' in 'luks-device-mapping'. * gnu/system/mapped-devices.scm (open-luks-device): Use CRYPTSETUP-STATIC instead of CRYPTSETUP. Use 'file-append'. (close-luks-device): Likewise. --- gnu/system/mapped-devices.scm | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/gnu/system/mapped-devices.scm b/gnu/system/mapped-devices.scm index e44f2693a7..8ab861bf73 100644 --- a/gnu/system/mapped-devices.scm +++ b/gnu/system/mapped-devices.scm @@ -23,7 +23,7 @@ #:use-module (guix modules) #:use-module (gnu services) #:use-module (gnu services shepherd) - #:autoload (gnu packages cryptsetup) (cryptsetup) + #:autoload (gnu packages cryptsetup) (cryptsetup-static) #:autoload (gnu packages linux) (mdadm-static) #:use-module (srfi srfi-1) #:use-module (ice-9 match) @@ -104,7 +104,9 @@ ((gnu build file-systems) #:select (find-partition-by-luks-uuid))) - (zero? (system* (string-append #$cryptsetup "/sbin/cryptsetup") + ;; Use 'cryptsetup-static', not 'cryptsetup', to avoid pulling the + ;; whole world inside the initrd (for when we're in an initrd). + (zero? (system* #$(file-append cryptsetup-static "/sbin/cryptsetup") "open" "--type" "luks" ;; Note: We cannot use the "UUID=source" syntax here @@ -120,7 +122,7 @@ (define (close-luks-device source target) "Return a gexp that closes TARGET, a LUKS device." - #~(zero? (system* (string-append #$cryptsetup "/sbin/cryptsetup") + #~(zero? (system* #$(file-append cryptsetup-static "/sbin/cryptsetup") "close" #$target))) (define luks-device-mapping From f7f292d359e0eb77617f4ecf6b3164f868ec1784 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 23 Nov 2016 20:59:13 +0100 Subject: [PATCH 133/161] install: Enable "cryptodisk" handling in GRUB. This allows 'grub-install' to do the right thing when / or /boot is a LUKS-encrypted partition. Fixes . * gnu/build/install.scm (install-grub): Add 'setenv' to set 'GRUB_ENABLE_CRYPTODISK'. (wait-for-screen-text): New test. * gnu/tests/base.scm (run-basic-test): Add #:initialization parameter and honor it. * gnu/tests/install.scm (%encrypted-root-os)[kernel-arguments]: Remove. (%encrypted-root-installation-script): Pass '--uuid' to 'cryptsetup luksFormat'. Remove 'sed' invocation. (enter-luks-passphrase): New procedure. (%test-encrypted-os)[value]: Pass #:initialization to 'run-basic-test'. --- gnu/build/install.scm | 5 +++ gnu/build/marionette.scm | 19 ++++++++++++ gnu/tests/base.scm | 13 ++++++-- gnu/tests/install.scm | 66 +++++++++++++++++++++++++++++++++------- 4 files changed, 90 insertions(+), 13 deletions(-) diff --git a/gnu/build/install.scm b/gnu/build/install.scm index 3d1594e203..5c2b35632d 100644 --- a/gnu/build/install.scm +++ b/gnu/build/install.scm @@ -46,6 +46,11 @@ Note that the caller must make sure that GRUB.CFG is registered as a GC root so that the fonts, background images, etc. referred to by GRUB.CFG are not GC'd." (install-grub-config grub.cfg mount-point) + + ;; Tell 'grub-install' that there might be a LUKS-encrypted /boot or root + ;; partition. + (setenv "GRUB_ENABLE_CRYPTODISK" "y") + (unless (zero? (system* "grub-install" "--no-floppy" "--boot-directory" (string-append mount-point "/boot") diff --git a/gnu/build/marionette.scm b/gnu/build/marionette.scm index 8070b6b439..506d6da420 100644 --- a/gnu/build/marionette.scm +++ b/gnu/build/marionette.scm @@ -27,6 +27,7 @@ marionette-eval marionette-control marionette-screen-text + wait-for-screen-text %qwerty-us-keystrokes marionette-type)) @@ -204,6 +205,24 @@ this by invoking OCRAD (file name for GNU Ocrad's command)" (lambda () (false-if-exception (delete-file image)))))) +(define* (wait-for-screen-text marionette predicate + #:key (timeout 30) (ocrad "ocrad")) + "Wait for TIMEOUT seconds or until the screen text on MARIONETTE matches +PREDICATE, whichever comes first. Raise an error when TIMEOUT is exceeded." + (define start + (car (gettimeofday))) + + (define end + (+ start timeout)) + + (let loop () + (if (> (car (gettimeofday)) end) + (error "'wait-for-screen-text' timeout" predicate) + (or (predicate (marionette-screen-text marionette #:ocrad ocrad)) + (begin + (sleep 1) + (loop)))))) + (define %qwerty-us-keystrokes ;; Maps "special" characters to their keystrokes. '((#\newline . "ret") diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm index 3be1c55b41..86242d9665 100644 --- a/gnu/tests/base.scm +++ b/gnu/tests/base.scm @@ -67,10 +67,16 @@ %base-user-accounts)))) -(define* (run-basic-test os command #:optional (name "basic")) +(define* (run-basic-test os command #:optional (name "basic") + #:key initialization) "Return a derivation called NAME that tests basic features of the OS started using COMMAND, a gexp that evaluates to a list of strings. Compare some -properties of running system to what's declared in OS, an ." +properties of running system to what's declared in OS, an . + +When INITIALIZATION is true, it must be a one-argument procedure that is +passed a gexp denoting the marionette, and it must return gexp that is +inserted before the first test. This is used to introduce an extra +initialization step, such as entering a LUKS passphrase." (define test (with-imported-modules '((gnu build marionette)) #~(begin @@ -88,6 +94,9 @@ properties of running system to what's declared in OS, an ." (test-begin "basic") + #$(and initialization + (initialization #~marionette)) + (test-assert "uname" (match (marionette-eval '(uname) marionette) (#("Linux" host-name version _ architecture) diff --git a/gnu/tests/install.scm b/gnu/tests/install.scm index 98f8649af8..ecf1ac1923 100644 --- a/gnu/tests/install.scm +++ b/gnu/tests/install.scm @@ -24,6 +24,7 @@ #:use-module (gnu system install) #:use-module (gnu system vm) #:use-module ((gnu build vm) #:select (qemu-command)) + #:use-module (gnu packages ocr) #:use-module (gnu packages qemu) #:use-module (gnu packages package-management) #:use-module (guix store) @@ -398,17 +399,20 @@ by 'mdadm'.") (locale "en_US.UTF-8") (bootloader (grub-configuration (device "/dev/vdb"))) - (kernel-arguments '("console=ttyS0")) + + ;; Note: Do not pass "console=ttyS0" so we can use our passphrase prompt + ;; detection logic in 'enter-luks-passphrase'. + + (mapped-devices (list (mapped-device + (source (uuid "12345678-1234-1234-1234-123456789abc")) + (target "the-root-device") + (type luks-device-mapping)))) (file-systems (cons (file-system (device "/dev/mapper/the-root-device") (title 'device) (mount-point "/") (type "ext4")) %base-file-systems)) - (mapped-devices (list (mapped-device - (source "REPLACE-WITH-LUKS-UUID") - (target "the-root-device") - (type luks-device-mapping)))) (users (cons (user-account (name "charlie") (group "users") @@ -435,7 +439,8 @@ parted --script /dev/vdb mklabel gpt \\ mkpart primary ext2 3M 1G \\ set 1 boot on \\ set 1 bios_grub on -echo -n thepassphrase | cryptsetup luksFormat -q /dev/vdb2 - +echo -n thepassphrase | \\ + cryptsetup luksFormat --uuid=12345678-1234-1234-1234-123456789abc -q /dev/vdb2 - echo -n thepassphrase | \\ cryptsetup open --type luks --key-file - /dev/vdb2 the-root-device mkfs.ext4 -L my-root /dev/mapper/the-root-device @@ -443,15 +448,53 @@ mount LABEL=my-root /mnt herd start cow-store /mnt mkdir /mnt/etc cp /etc/target-config.scm /mnt/etc/config.scm -cat /mnt/etc/config -luks_uuid=`cryptsetup luksUUID /dev/vdb2` -sed -i /mnt/etc/config.scm \\ - -e \"s/\\\"REPLACE-WITH-LUKS-UUID\\\"/(uuid \\\"$luks_uuid\\\")/g\" guix system build /mnt/etc/config.scm guix system init /mnt/etc/config.scm /mnt --no-substitutes sync reboot\n") +(define (enter-luks-passphrase marionette) + "Return a gexp to be inserted in the basic system test running on MARIONETTE +to enter the LUKS passphrase." + (let ((ocrad (file-append ocrad "/bin/ocrad"))) + #~(begin + (define (passphrase-prompt? text) + (string-contains (pk 'screen-text text) "Enter pass")) + + (define (bios-boot-screen? text) + ;; Return true if TEXT corresponds to the boot screen, before GRUB's + ;; menu. + (string-prefix? "SeaBIOS" text)) + + (test-assert "enter LUKS passphrase for GRUB" + (begin + ;; At this point we have no choice but to use OCR to determine + ;; when the passphrase should be entered. + (wait-for-screen-text #$marionette passphrase-prompt? + #:ocrad #$ocrad) + (marionette-type "thepassphrase\n" #$marionette) + + ;; Now wait until we leave the boot screen. This is necessary so + ;; we can then be sure we match the "Enter passphrase" prompt from + ;; 'cryptsetup', in the initrd. + (wait-for-screen-text #$marionette (negate bios-boot-screen?) + #:ocrad #$ocrad + #:timeout 20))) + + (test-assert "enter LUKS passphrase for the initrd" + (begin + ;; XXX: Here we use OCR as well but we could instead use QEMU + ;; '-serial stdio' and run it in an input pipe, + (wait-for-screen-text #$marionette passphrase-prompt? + #:ocrad #$ocrad + #:timeout 60) + (marionette-type "thepassphrase\n" #$marionette) + + ;; Take a screenshot for debugging purposes. + (marionette-control (string-append "screendump " #$output + "/post-initrd-passphrase.ppm") + #$marionette)))))) + (define %test-encrypted-os (system-test (name "encrypted-root-os") @@ -465,6 +508,7 @@ build (current-guix) and then store a couple of full system images.") #:script %encrypted-root-installation-script)) (command (qemu-command/writable-image image))) - (run-basic-test %encrypted-root-os command "encrypted-root-os"))))) + (run-basic-test %encrypted-root-os command "encrypted-root-os" + #:initialization enter-luks-passphrase))))) ;;; install.scm ends here From cc73339b97901cf1e50f07a6f0114974b34592c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 23 Nov 2016 21:10:49 +0100 Subject: [PATCH 134/161] tests: Remove 'GUIX_LOCPATH' hack that had been added for glibc@2.23. * gnu/tests/base.scm (run-basic-test)[test]("locale"): Remove 'GUIX_LOCPATH' hack, which is no longer needed since commit 9f58fe3d1c32e3f0ced065e286532a10cad1b5e3. --- gnu/tests/base.scm | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm index 86242d9665..6370d6951b 100644 --- a/gnu/tests/base.scm +++ b/gnu/tests/base.scm @@ -199,14 +199,8 @@ info --version") (test-equal "locale" "en_US.utf8" - (marionette-eval '(begin - ;; XXX: This 'setenv' call wouldn't be needed - ;; but our glibc@2.23 currently ignores - ;; /run/current-system/locale. - (setenv "GUIX_LOCPATH" - "/run/current-system/locale") - (let ((before (setlocale LC_ALL "en_US.utf8"))) - (setlocale LC_ALL before))) + (marionette-eval '(let ((before (setlocale LC_ALL "en_US.utf8"))) + (setlocale LC_ALL before)) marionette)) (test-assert "/run/current-system is a GC root" From 2df984f2787917168afc3eda92817c77dec5bddc Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 24 Nov 2016 06:29:31 +0100 Subject: [PATCH 135/161] =?UTF-8?q?gnu:=20ir:=20Use=20=E2=80=98modify-phas?= =?UTF-8?q?es=E2=80=99=20syntax.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/audio.scm (ir)[arguments]: Use ‘modify-phases’. --- gnu/packages/audio.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gnu/packages/audio.scm b/gnu/packages/audio.scm index 492f716ca9..2ecc9a570d 100644 --- a/gnu/packages/audio.scm +++ b/gnu/packages/audio.scm @@ -8,6 +8,7 @@ ;;; Copyright © 2016 Alex Griffin ;;; Copyright © 2016 ng0 ;;; Copyright © 2016 Lukas Gradl +;;; Copyright © 2016 Tobias Geerinckx-Rice ;;; ;;; This file is part of GNU Guix. ;;; @@ -1185,11 +1186,10 @@ well suited to all musical instruments and vocals.") "1jh2z01l9m4ar7yz0n911df07dygc7n4cl59p7qdjbh0nvkm747g")))) (build-system gnu-build-system) (arguments - `(#:tests? #f ;no "check" target + `(#:tests? #f ; no tests #:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))) - #:phases - ;; no configure script - (alist-delete 'configure %standard-phases))) + #:phases (modify-phases %standard-phases + (delete 'configure)))) ; no configure script (inputs `(("libsndfile" ,libsndfile) ("libsamplerate" ,libsamplerate) From c50f2af9f800ae1b24e7b245b4a2ab137b18a664 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 24 Nov 2016 06:33:46 +0100 Subject: [PATCH 136/161] gnu: ir: Use archived tarball and home page. * gnu/packages/audio.scm (ir)[source]: Use a list of archive mirrors. [home-page]: Link to an Internet Archive snapshot. --- gnu/packages/audio.scm | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/gnu/packages/audio.scm b/gnu/packages/audio.scm index 2ecc9a570d..b535448af1 100644 --- a/gnu/packages/audio.scm +++ b/gnu/packages/audio.scm @@ -1178,9 +1178,15 @@ well suited to all musical instruments and vocals.") (version "1.3.2") (source (origin (method url-fetch) - (uri (string-append - "http://factorial.hu/system/files/ir.lv2-" - version ".tar.gz")) + ;; The original home-page is gone. Download the tarball from an + ;; archive mirror instead. + (uri (list (string-append + "https://web.archive.org/web/20150803095032/" + "http://factorial.hu/system/files/ir.lv2-" + version ".tar.gz") + (string-append + "https://mirrors.kernel.org/gentoo/distfiles/ir.lv2-" + version ".tar.gz"))) (sha256 (base32 "1jh2z01l9m4ar7yz0n911df07dygc7n4cl59p7qdjbh0nvkm747g")))) @@ -1203,7 +1209,9 @@ well suited to all musical instruments and vocals.") (list (search-path-specification (variable "LV2_PATH") (files '("lib/lv2"))))) - (home-page "http://factorial.hu/plugins/lv2/ir") + ;; Link to an archived copy of the home-page since the original is gone. + (home-page (string-append "https://web.archive.org/web/20150803095032/" + "http://factorial.hu/plugins/lv2/ir")) (synopsis "LV2 convolution reverb") (description "IR is a low-latency, real-time, high performance signal convolver From b7230de54b493da5a78922b4226255763b525a98 Mon Sep 17 00:00:00 2001 From: Hartmut Goebel Date: Fri, 18 Nov 2016 00:49:09 +0100 Subject: [PATCH 137/161] doc: Symlink daemon start-up files. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This patch ensures that always the current profile's daemon will be used. The .service file contains the path to the guix-daemon within the store. Thus when copying the file, it will point to the very version of guix-daemon used at the time of copying – even after system upgrade or when this version has been garbage collected from the store. * doc/guix.texi (Binary Installation): Change example code for installing the systemd and Upstart files to use symbolic links instead of copying the files. --- doc/guix.texi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 7381c2c6ba..347361ca74 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -453,7 +453,7 @@ If your host distro uses the systemd init system, this can be achieved with these commands: @example -# cp ~root/.guix-profile/lib/systemd/system/guix-daemon.service \ +# ln -s ~root/.guix-profile/lib/systemd/system/guix-daemon.service \ /etc/systemd/system/ # systemctl start guix-daemon && systemctl enable guix-daemon @end example @@ -461,7 +461,7 @@ with these commands: If your host distro uses the Upstart init system: @example -# cp ~root/.guix-profile/lib/upstart/system/guix-daemon.conf /etc/init/ +# ln -s ~root/.guix-profile/lib/upstart/system/guix-daemon.conf /etc/init/ # start guix-daemon @end example From 332d7903f52c2bf3741b04ac2d01cd9018b70800 Mon Sep 17 00:00:00 2001 From: Hartmut Goebel Date: Thu, 24 Nov 2016 09:23:11 +0100 Subject: [PATCH 138/161] Add system start-up files for "guix publish". * .gitignore: add etc/guix-publish.conf and /etc/guix-publish.service. * etc/guix-publish.conf.in: New file. * etc/guix-publish.service.in: New file. * nix/local.mk (etc/guix-%.service, etc/guix-%.conf): Generalized former build-rules for by using patterns. (nodist_systemdservice_DATA): Add etc/guix-publish.service, update comment. (nodist_upstartjob_DATA): Add etc/guix-publish.conf, update comment. * doc/guix.texi (Invoking guix publish): Add description for enabling "guix publish" on host distros using the new files. --- .gitignore | 2 ++ doc/guix.texi | 24 ++++++++++++++++++++++++ etc/guix-publish.conf.in | 12 ++++++++++++ etc/guix-publish.service.in | 19 +++++++++++++++++++ nix/local.mk | 16 ++++++++-------- 5 files changed, 65 insertions(+), 8 deletions(-) create mode 100644 etc/guix-publish.conf.in create mode 100644 etc/guix-publish.service.in diff --git a/.gitignore b/.gitignore index 329d489713..b64f5ef4b0 100644 --- a/.gitignore +++ b/.gitignore @@ -50,6 +50,8 @@ /emacs/guix-helper.scm /etc/guix-daemon.conf /etc/guix-daemon.service +/etc/guix-publish.conf +/etc/guix-publish.service /guix-daemon /guix-register /guix/config.scm diff --git a/doc/guix.texi b/doc/guix.texi index 347361ca74..0055d094e8 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -6055,6 +6055,30 @@ add a call to @code{guix-publish-service} in the @code{services} field of the @code{operating-system} declaration (@pxref{guix-publish-service, @code{guix-publish-service}}). +If you are instead running Guix on a ``foreign distro'', follow these +instructions:” + +@itemize +@item +If your host distro uses the systemd init system: + +@example +# ln -s ~root/.guix-profile/lib/systemd/system/guix-publish.service \ + /etc/systemd/system/ +# systemctl start guix-publish && systemctl enable guix-publish +@end example + +@item +If your host distro uses the Upstart init system: + +@example +# ln -s ~root/.guix-profile/lib/upstart/system/guix-publish.conf /etc/init/ +# start guix-publish +@end example + +@item +Otherwise, proceed similarly with your distro's init system. +@end itemize @node Invoking guix challenge @section Invoking @command{guix challenge} diff --git a/etc/guix-publish.conf.in b/etc/guix-publish.conf.in new file mode 100644 index 0000000000..498fa295be --- /dev/null +++ b/etc/guix-publish.conf.in @@ -0,0 +1,12 @@ +# This is a "job" for the Upstart init system to launch 'guix-daemon'. +# Drop it in /etc/init to have 'guix-daemon' automatically started. + +description "Publish the GNU Guix store" + +start on runlevel [2345] + +stop on runlevel [016] + +task + +exec @bindir@/guix publish --user=nobody --port=8181 diff --git a/etc/guix-publish.service.in b/etc/guix-publish.service.in new file mode 100644 index 0000000000..fc4e3c21f3 --- /dev/null +++ b/etc/guix-publish.service.in @@ -0,0 +1,19 @@ +# This is a "service unit file" for the systemd init system to launch +# 'guix publish'. Drop it in /etc/systemd/system or similar to have +# 'guix publish' automatically started. + +[Unit] +Description=Publish the GNU Guix store + +[Service] +ExecStart=@bindir@/guix publish --user=nobody --port=8181 +Environment=GUIX_LOCPATH=/root/.guix-profile/lib/locale +RemainAfterExit=yes +StandardOutput=syslog +StandardError=syslog + +# See . +TasksMax=1024 + +[Install] +WantedBy=multi-user.target diff --git a/nix/local.mk b/nix/local.mk index 86ef769549..79667ed49e 100644 --- a/nix/local.mk +++ b/nix/local.mk @@ -183,26 +183,26 @@ endif BUILD_DAEMON_OFFLOAD nodist_libexec_SCRIPTS = \ %D%/scripts/guix-authenticate -# The '.service' file for systemd. +# The '.service' files for systemd. systemdservicedir = $(libdir)/systemd/system -nodist_systemdservice_DATA = etc/guix-daemon.service +nodist_systemdservice_DATA = etc/guix-daemon.service etc/guix-publish.service -etc/guix-daemon.service: etc/guix-daemon.service.in \ +etc/guix-%.service: etc/guix-%.service.in \ $(top_builddir)/config.status $(AM_V_GEN)$(MKDIR_P) "`dirname $@`"; \ $(SED) -e 's|@''bindir''@|$(bindir)|' < \ - "$(srcdir)/etc/guix-daemon.service.in" > "$@.tmp"; \ + "$(srcdir)/$<" > "$@.tmp"; \ mv "$@.tmp" "$@" -# The '.conf' job for Upstart. +# The '.conf' jobs for Upstart. upstartjobdir = $(libdir)/upstart/system -nodist_upstartjob_DATA = etc/guix-daemon.conf +nodist_upstartjob_DATA = etc/guix-daemon.conf etc/guix-publish.conf -etc/guix-daemon.conf: etc/guix-daemon.conf.in \ +etc/guix-%.conf: etc/guix-%.conf.in \ $(top_builddir)/config.status $(AM_V_GEN)$(MKDIR_P) "`dirname $@`"; \ $(SED) -e 's|@''bindir''@|$(bindir)|' < \ - "$(srcdir)/etc/guix-daemon.conf.in" > "$@.tmp"; \ + "$(srcdir)/$<" > "$@.tmp"; \ mv "$@.tmp" "$@" EXTRA_DIST += \ From 6f09c100d90590ca4914a9fe78908dbbbb0850c6 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 24 Nov 2016 16:56:46 +0100 Subject: [PATCH 139/161] gnu: vim: Update to 8.0.0096. * gnu/packages/vim.scm (vim, vim-full): Update to 8.0.0096. --- gnu/packages/vim.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/vim.scm b/gnu/packages/vim.scm index 678f895917..1161cd1bc8 100644 --- a/gnu/packages/vim.scm +++ b/gnu/packages/vim.scm @@ -49,7 +49,7 @@ (define-public vim (package (name "vim") - (version "8.0.0095") + (version "8.0.0096") (source (origin (method url-fetch) (uri (string-append "https://github.com/vim/vim/archive/v" @@ -57,7 +57,7 @@ (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1whib2zzqdpgfhpr7ymqxj3das6iyiapvx0izw4147mkg9yanmp7")))) + "03f1kdz024k5r1ag3ns8y5lnx5n8cwksiw9q5b2rjl8rnn824c6p")))) (build-system gnu-build-system) (arguments `(#:test-target "test" From 62126576fc7f6009682629b5a24d4527a9a09dfa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 24 Nov 2016 11:55:15 +0100 Subject: [PATCH 140/161] gnu: hdf5: Build the C++ interface. * gnu/packages/maths.scm (hdf5)[arguments]: Add #:configure-flags. --- gnu/packages/maths.scm | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm index 0c51f6d54f..e432ed5c05 100644 --- a/gnu/packages/maths.scm +++ b/gnu/packages/maths.scm @@ -563,7 +563,10 @@ incompatible with HDF5.") (inputs `(("zlib" ,zlib))) (arguments - `(#:phases + `(;; Some of the users, notably Flann, need the C++ interface. + #:configure-flags '("--enable-cxx") + + #:phases (modify-phases %standard-phases (add-before 'configure 'patch-configure (lambda _ From 2e328698248b4b5d7ed07af89796acd9bfadbaff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 24 Nov 2016 21:27:21 +0100 Subject: [PATCH 141/161] services: Move polkit to (gnu services dbus). * gnu/services/desktop.scm (, %polkit-accounts) (%polkit-pam-services, polkit-directory, polkit-etc-files) (polkit-setuid-programs, polkit-service-type, polkit-service): Move to... * gnu/services/dbus.scm: ... here. --- gnu/services/dbus.scm | 94 +++++++++++++++++++++++++++++++++++++++- gnu/services/desktop.scm | 93 --------------------------------------- 2 files changed, 93 insertions(+), 94 deletions(-) diff --git a/gnu/services/dbus.scm b/gnu/services/dbus.scm index 876f56d45f..26390a4acd 100644 --- a/gnu/services/dbus.scm +++ b/gnu/services/dbus.scm @@ -21,7 +21,9 @@ #:use-module (gnu services) #:use-module (gnu services shepherd) #:use-module (gnu system shadow) + #:use-module (gnu system pam) #:use-module ((gnu packages glib) #:select (dbus)) + #:use-module (gnu packages polkit) #:use-module (gnu packages admin) #:use-module (guix gexp) #:use-module (guix records) @@ -30,7 +32,10 @@ #:export (dbus-configuration dbus-configuration? dbus-root-service-type - dbus-service)) + dbus-service + + polkit-service-type + polkit-service)) ;;; ;;; D-Bus. @@ -218,4 +223,91 @@ and policy files. For example, to allow avahi-daemon to use the system bus, (dbus-configuration (dbus dbus) (services services)))) + +;;; +;;; Polkit privilege management service. +;;; + +(define-record-type* + polkit-configuration make-polkit-configuration + polkit-configuration? + (polkit polkit-configuration-polkit ; + (default polkit)) + (actions polkit-configuration-actions ;list of + (default '()))) + +(define %polkit-accounts + (list (user-group (name "polkitd") (system? #t)) + (user-account + (name "polkitd") + (group "polkitd") + (system? #t) + (comment "Polkit daemon user") + (home-directory "/var/empty") + (shell "/run/current-system/profile/sbin/nologin")))) + +(define %polkit-pam-services + (list (unix-pam-service "polkit-1"))) + +(define (polkit-directory packages) + "Return a directory containing an @file{actions} and possibly a +@file{rules.d} sub-directory, for use as @file{/etc/polkit-1}." + (with-imported-modules '((guix build union)) + (computed-file "etc-polkit-1" + #~(begin + (use-modules (guix build union) (srfi srfi-26)) + + (union-build #$output + (map (cut string-append <> + "/share/polkit-1") + (list #$@packages))))))) + +(define polkit-etc-files + (match-lambda + (($ polkit packages) + `(("polkit-1" ,(polkit-directory (cons polkit packages))))))) + +(define polkit-setuid-programs + (match-lambda + (($ polkit) + (list (file-append polkit "/lib/polkit-1/polkit-agent-helper-1") + (file-append polkit "/bin/pkexec"))))) + +(define polkit-service-type + (service-type (name 'polkit) + (extensions + (list (service-extension account-service-type + (const %polkit-accounts)) + (service-extension pam-root-service-type + (const %polkit-pam-services)) + (service-extension dbus-root-service-type + (compose + list + polkit-configuration-polkit)) + (service-extension etc-service-type + polkit-etc-files) + (service-extension setuid-program-service-type + polkit-setuid-programs))) + + ;; Extensions are lists of packages that provide polkit rules + ;; or actions under share/polkit-1/{actions,rules.d}. + (compose concatenate) + (extend (lambda (config actions) + (polkit-configuration + (inherit config) + (actions + (append (polkit-configuration-actions config) + actions))))))) + +(define* (polkit-service #:key (polkit polkit)) + "Return a service that runs the +@uref{http://www.freedesktop.org/wiki/Software/polkit/, Polkit privilege +management service}, which allows system administrators to grant access to +privileged operations in a structured way. By querying the Polkit service, a +privileged system component can know when it should grant additional +capabilities to ordinary users. For example, an ordinary user can be granted +the capability to suspend the system if the user is logged in locally." + (service polkit-service-type + (polkit-configuration (polkit polkit)))) + ;;; dbus.scm ends here diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index dfd1ea6e92..7555780ade 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -37,7 +37,6 @@ #:use-module (gnu packages gnome) #:use-module (gnu packages xfce) #:use-module (gnu packages avahi) - #:use-module (gnu packages polkit) #:use-module (gnu packages xdisorg) #:use-module (gnu packages suckless) #:use-module (gnu packages linux) @@ -68,11 +67,6 @@ bluetooth-service - polkit-configuration - polkit-configuration? - polkit-service - polkit-service-type - elogind-configuration elogind-configuration? elogind-service @@ -413,93 +407,6 @@ Users need to be in the @code{lp} group to access the D-Bus service. " (service bluetooth-service-type bluez)) - -;;; -;;; Polkit privilege management service. -;;; - -(define-record-type* - polkit-configuration make-polkit-configuration - polkit-configuration? - (polkit polkit-configuration-polkit ; - (default polkit)) - (actions polkit-configuration-actions ;list of - (default '()))) - -(define %polkit-accounts - (list (user-group (name "polkitd") (system? #t)) - (user-account - (name "polkitd") - (group "polkitd") - (system? #t) - (comment "Polkit daemon user") - (home-directory "/var/empty") - (shell "/run/current-system/profile/sbin/nologin")))) - -(define %polkit-pam-services - (list (unix-pam-service "polkit-1"))) - -(define (polkit-directory packages) - "Return a directory containing an @file{actions} and possibly a -@file{rules.d} sub-directory, for use as @file{/etc/polkit-1}." - (with-imported-modules '((guix build union)) - (computed-file "etc-polkit-1" - #~(begin - (use-modules (guix build union) (srfi srfi-26)) - - (union-build #$output - (map (cut string-append <> - "/share/polkit-1") - (list #$@packages))))))) - -(define polkit-etc-files - (match-lambda - (($ polkit packages) - `(("polkit-1" ,(polkit-directory (cons polkit packages))))))) - -(define polkit-setuid-programs - (match-lambda - (($ polkit) - (list (file-append polkit "/lib/polkit-1/polkit-agent-helper-1") - (file-append polkit "/bin/pkexec"))))) - -(define polkit-service-type - (service-type (name 'polkit) - (extensions - (list (service-extension account-service-type - (const %polkit-accounts)) - (service-extension pam-root-service-type - (const %polkit-pam-services)) - (service-extension dbus-root-service-type - (compose - list - polkit-configuration-polkit)) - (service-extension etc-service-type - polkit-etc-files) - (service-extension setuid-program-service-type - polkit-setuid-programs))) - - ;; Extensions are lists of packages that provide polkit rules - ;; or actions under share/polkit-1/{actions,rules.d}. - (compose concatenate) - (extend (lambda (config actions) - (polkit-configuration - (inherit config) - (actions - (append (polkit-configuration-actions config) - actions))))))) - -(define* (polkit-service #:key (polkit polkit)) - "Return a service that runs the -@uref{http://www.freedesktop.org/wiki/Software/polkit/, Polkit privilege -management service}, which allows system administrators to grant access to -privileged operations in a structured way. By querying the Polkit service, a -privileged system component can know when it should grant additional -capabilities to ordinary users. For example, an ordinary user can be granted -the capability to suspend the system if the user is logged in locally." - (service polkit-service-type - (polkit-configuration (polkit polkit)))) - ;;; ;;; Colord D-Bus service. From 89007a0bb76fb4e0404e0baf72b939f5d91f08f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 24 Nov 2016 21:29:13 +0100 Subject: [PATCH 142/161] services: network-manager: Install polkit actions. Reported by Chris Marusich at . * gnu/services/networking.scm (network-manager-service-type)[extensions]: Add POLKIT-SERVICE-TYPE. --- gnu/services/networking.scm | 1 + 1 file changed, 1 insertion(+) diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 5a83240d77..7d3626b935 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -695,6 +695,7 @@ and @command{wicd-curses} user interfaces." (list (service-extension shepherd-root-service-type network-manager-shepherd-service) (service-extension dbus-root-service-type list) + (service-extension polkit-service-type list) (service-extension activation-service-type (const %network-manager-activation)) ;; Add network-manager to the system profile. From 030f59fac939b4c747f3fa8037b2db6c1030f0eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 24 Nov 2016 21:35:57 +0100 Subject: [PATCH 143/161] services: network-manager: Depend on 'wpa-supplicant'. Suggested by Chris Marusich . * gnu/services/networking.scm (network-manager-shepherd-service) [requirement]: Add 'wpa-supplicant'. --- gnu/services/networking.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 7d3626b935..bbb9053008 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -682,7 +682,7 @@ and @command{wicd-curses} user interfaces." (list (shepherd-service (documentation "Run the NetworkManager.") (provision '(networking)) - (requirement '(user-processes dbus-system loopback)) + (requirement '(user-processes dbus-system wpa-supplicant loopback)) (start #~(make-forkexec-constructor (list (string-append #$network-manager "/sbin/NetworkManager") From cbf1024e9907c7402e66c0c225dba7406fbd82e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 24 Nov 2016 21:53:57 +0100 Subject: [PATCH 144/161] doc: Document 'wpa-supplicant-service-type'. Reported by Chris Marusich . * doc/guix.texi (Networking Services): Remove 'wpa-supplicant-service' procedure, which doesn't exist, and document 'wpa-supplicant-service-type'. --- doc/guix.texi | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 0055d094e8..4d9c107a9c 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -8431,13 +8431,22 @@ configure networking." @end deffn @cindex WPA Supplicant -@deffn {Scheme Procedure} wpa-supplicant-service @ - [#:wpa-supplicant @var{wpa-supplicant}] -Return a service that runs @url{https://w1.fi/wpa_supplicant/,WPA +@defvr {Scheme Variable} wpa-supplicant-service-type +This is the service type to run @url{https://w1.fi/wpa_supplicant/,WPA supplicant}, an authentication daemon required to authenticate against -encrypted WiFi or ethernet networks. Service is started to listen for +encrypted WiFi or ethernet networks. It is configured to listen for requests on D-Bus. -@end deffn + +The value of this service is the @code{wpa-supplicant} package to use. +Thus, it can be instantiated like this: + +@lisp +(use-modules (gnu services networking) + (gnu packages admin)) + +(service wpa-supplicant-type wpa-supplicant) +@end lisp +@end defvr @cindex NTP @cindex real time clock From 13fb1bd94e77ca231faaae25e8c9e3c4bde1b0f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 24 Nov 2016 23:03:04 +0100 Subject: [PATCH 145/161] doc: Document encrypted root partitions. This is a followup to f7f292d359e0eb77617f4ecf6b3164f868ec1784. * doc/guix.texi (Preparing for Installation): Give commands for encrypted root installation. (Proceeding with the Installation): Add item about mapped devices. (File Systems): Mention that 'dependencies' can list objects. * gnu/system/examples/desktop.tmpl (mapped-devices): New field. (file-systems): Add 'dependencies' field. --- doc/guix.texi | 52 ++++++++++++++++++-------------- gnu/system/examples/desktop.tmpl | 15 +++++++-- 2 files changed, 43 insertions(+), 24 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 4d9c107a9c..e488c5a553 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -6665,27 +6665,26 @@ partition lives at @file{/dev/sda1}, a file system with the label mkfs.ext4 -L my-root /dev/sda1 @end example -@c FIXME: Uncomment this once GRUB fully supports encrypted roots. -@c A typical command sequence may be: -@c -@c @example -@c # fdisk /dev/sdX -@c @dots{} Create partitions etc.@dots{} -@c # cryptsetup luksFormat /dev/sdX1 -@c # cryptsetup open --type luks /dev/sdX1 my-partition -@c # mkfs.ext4 -L my-root /dev/mapper/my-partition -@c @end example - -In addition to e2fsprogs, the suite of tools to manipulate -ext2/ext3/ext4 file systems, the installation image includes -Cryptsetup/LUKS for disk encryption. - -Once that is done, mount the target root partition under @file{/mnt} -with a command like (again, assuming @file{/dev/sda1} is the root -partition): +@cindex encrypted disk +If you are instead planning to encrypt the root partition, you can use +the Cryptsetup/LUKS utilities to do that (see @inlinefmtifelse{html, +@uref{https://linux.die.net/man/8/cryptsetup, @code{man cryptsetup}}, +@code{man cryptsetup}} for more information.) Assuming you want to +store the root partition on @file{/dev/sda1}, the command sequence would +be along these lines: @example -mount /dev/sda1 /mnt +cryptsetup luksFormat /dev/sda1 +cryptsetup open --type luks /dev/sda1 my-partition +mkfs.ext4 -L my-root /dev/mapper/my-partition +@end example + +Once that is done, mount the target root partition under @file{/mnt} +with a command like (again, assuming @code{my-root} is the label of the +root partition): + +@example +mount LABEL=my-root /mnt @end example Finally, if you plan to use one or more swap partitions (@pxref{Memory @@ -6748,6 +6747,10 @@ Be sure that your partition labels match the value of their respective @code{device} fields in your @code{file-system} configuration, assuming your @code{file-system} configuration sets the value of @code{title} to @code{'label}. + +@item +If there are encrypted or RAID partitions, make sure to add a +@code{mapped-devices} field to describe them (@pxref{Mapped Devices}). @end itemize Once you are done preparing the configuration file, the new system must @@ -6992,7 +6995,9 @@ desired configuration. In particular, notice how we use @code{inherit} to create a new configuration which has the same values as the old configuration, but with a few modifications. -The configuration for a typical ``desktop'' usage, with the X11 display +@cindex encrypted disk +The configuration for a typical ``desktop'' usage, with an encrypted +root partition, the X11 display server, GNOME and Xfce (users can choose which of these desktop environments to use at the log-in screen by pressing @kbd{F1}), network management, power management, and more, would look like this: @@ -7317,13 +7322,16 @@ errors before being mounted. When true, the mount point is created if it does not exist yet. @item @code{dependencies} (default: @code{'()}) -This is a list of @code{} objects representing file systems -that must be mounted before (and unmounted after) this one. +This is a list of @code{} or @code{} objects +representing file systems that must be mounted or mapped devices that +must be opened before (and unmounted or closed after) this one. As an example, consider a hierarchy of mounts: @file{/sys/fs/cgroup} is a dependency of @file{/sys/fs/cgroup/cpu} and @file{/sys/fs/cgroup/memory}. +Another example is a file system that depends on a mapped device, for +example for an encrypted partition (@pxref{Mapped Devices}). @end table @end deftp diff --git a/gnu/system/examples/desktop.tmpl b/gnu/system/examples/desktop.tmpl index 2fcf90f8b1..82687e740b 100644 --- a/gnu/system/examples/desktop.tmpl +++ b/gnu/system/examples/desktop.tmpl @@ -1,5 +1,6 @@ ;; This is an operating system configuration template -;; for a "desktop" setup with GNOME and Xfce. +;; for a "desktop" setup with GNOME and Xfce where the +;; root partition is encrypted with LUKS. (use-modules (gnu) (gnu system nss)) (use-service-modules desktop) @@ -13,11 +14,21 @@ ;; Assuming /dev/sdX is the target hard disk, and "my-root" ;; is the label of the target root file system. (bootloader (grub-configuration (device "/dev/sdX"))) + + ;; Specify a mapped device for the encrypted root partition. + ;; The UUID is that returned by 'cryptsetup luksUUID'. + (mapped-devices + (list (mapped-device + (source (uuid "12345678-1234-1234-1234-123456789abc")) + (target "the-root-device") + (type luks-device-mapping)))) + (file-systems (cons (file-system (device "my-root") (title 'label) (mount-point "/") - (type "ext4")) + (type "ext4") + (dependencies mapped-devices)) %base-file-systems)) (users (cons (user-account From df31e36a403ac8ff3d86813b88f02f816a936687 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 24 Nov 2016 23:21:08 +0100 Subject: [PATCH 146/161] doc: Fix typos in "Kerberos Services". * doc/guix.texi (Kerberos Services): Fix typos. --- doc/guix.texi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index e488c5a553..ebb138e15d 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -11412,13 +11412,13 @@ could instantiate a dovecot service like this: @subsubsection Kerberos Services @cindex Kerberos -The @code{(gnu services Kerberos)} module provides services relating to +The @code{(gnu services kerberos)} module provides services relating to the authentication protocol @dfn{Kerberos}. @subsubheading PAM krb5 Service @cindex pam-krb5 -The pam-krb5 service allows for login authentication and password +The @code{pam-krb5} service allows for login authentication and password management via Kerberos. You will need this service if you want PAM enabled applications to authenticate users using Kerberos. From ade584857659e207e25bbd38fb9aa3d2f9f7a8dd Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 24 Nov 2016 17:43:05 +0100 Subject: [PATCH 147/161] gnu: vim: Update to 8.0.0101. * gnu/packages/vim.scm (vim, vim-full): Update to 8.0.0101. --- gnu/packages/vim.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/vim.scm b/gnu/packages/vim.scm index 1161cd1bc8..83c21249b4 100644 --- a/gnu/packages/vim.scm +++ b/gnu/packages/vim.scm @@ -49,7 +49,7 @@ (define-public vim (package (name "vim") - (version "8.0.0096") + (version "8.0.0101") (source (origin (method url-fetch) (uri (string-append "https://github.com/vim/vim/archive/v" @@ -57,7 +57,7 @@ (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "03f1kdz024k5r1ag3ns8y5lnx5n8cwksiw9q5b2rjl8rnn824c6p")))) + "0kzk1p5vnqr8j5jwb3p745zx3dki5jwlsp7rh6nli0ci2w6vg3r8")))) (build-system gnu-build-system) (arguments `(#:test-target "test" From 2d3b0203f40ac70b2e6fdb734605515b0a4cac24 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 24 Nov 2016 18:46:27 +0100 Subject: [PATCH 148/161] gnu: miniupnpc: Update to 2.0. * gnu/packages/upnp.scm (miniupnpc): Update to 2.0. --- gnu/packages/upnp.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/upnp.scm b/gnu/packages/upnp.scm index c46e905c42..67c479a39b 100644 --- a/gnu/packages/upnp.scm +++ b/gnu/packages/upnp.scm @@ -27,7 +27,7 @@ (define-public miniupnpc (package (name "miniupnpc") - (version "1.9") + (version "2.0") (source (origin (method url-fetch) @@ -35,7 +35,7 @@ "http://miniupnp.tuxfamily.org/files/miniupnpc-" version ".tar.gz")) (sha256 - (base32 "0r24jdqcyf839n30ppimdna0hvybscyziaad7ng99fw0x19y88r9")))) + (base32 "0fzrc6fs8vzb2yvk01bd3q5jkarysl7gjlyaqncy3yvfk2wcwd6l")))) (build-system gnu-build-system) (native-inputs `(("python" ,python-2))) From cdbdaf7b6b2c232bca5f2e84af3dca097a3f5ce6 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 24 Nov 2016 18:47:09 +0100 Subject: [PATCH 149/161] =?UTF-8?q?gnu:=20miniupnpc:=20Use=20=E2=80=98modi?= =?UTF-8?q?fy-phases=E2=80=99=20syntax.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/upnp.scm (miniupnpc)[arguments]: Use ‘modify-phases’. --- gnu/packages/upnp.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gnu/packages/upnp.scm b/gnu/packages/upnp.scm index 67c479a39b..35bacc75f6 100644 --- a/gnu/packages/upnp.scm +++ b/gnu/packages/upnp.scm @@ -54,7 +54,8 @@ (string-append "LDFLAGS=-Wl,-rpath=" (assoc-ref %outputs "out") "/lib")) #:phases - (alist-delete 'configure %standard-phases))) + (modify-phases %standard-phases + (delete 'configure)))) (home-page "http://miniupnp.free.fr/") (synopsis "Library implementing the client side UPnP protocol") (description From 5af82630feb1c6b65edc3dd14bf05d025b77b209 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 24 Nov 2016 18:48:15 +0100 Subject: [PATCH 150/161] =?UTF-8?q?gnu:=20miniupnpc:=20Use=20the=20correct?= =?UTF-8?q?=20=E2=80=98upnpc=E2=80=99=20in=20=E2=80=98external-ip=E2=80=99?= =?UTF-8?q?.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/upnp.scm (miniupnpc)[arguments]: Add ‘qualify-paths’ phase. --- gnu/packages/upnp.scm | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/gnu/packages/upnp.scm b/gnu/packages/upnp.scm index 35bacc75f6..ffb671bf4c 100644 --- a/gnu/packages/upnp.scm +++ b/gnu/packages/upnp.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2014 Sree Harsha Totakura +;;; Copyright © 2016 Tobias Geerinckx-Rice ;;; ;;; This file is part of GNU Guix. ;;; @@ -55,7 +56,12 @@ (assoc-ref %outputs "out") "/lib")) #:phases (modify-phases %standard-phases - (delete 'configure)))) + (delete 'configure) + (add-before 'install 'qualify-paths + (lambda* (#:key outputs #:allow-other-keys) + (substitute* "external-ip.sh" + (("upnpc") + (string-append (assoc-ref outputs "out") "/bin/upnpc")))))))) (home-page "http://miniupnp.free.fr/") (synopsis "Library implementing the client side UPnP protocol") (description From e0f8a520eda6b86a71f99eddf2c6968a95c8de0e Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 24 Nov 2016 19:28:52 +0100 Subject: [PATCH 151/161] gnu: miniupnpc: Improve synopsis and description. * gnu/packages/upnp.scm (miniupnp)[synopsis, description]: Edit, fix typos, add some relevant (search) terms from the home page, and expand acronyms. --- gnu/packages/upnp.scm | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/gnu/packages/upnp.scm b/gnu/packages/upnp.scm index ffb671bf4c..f680a52881 100644 --- a/gnu/packages/upnp.scm +++ b/gnu/packages/upnp.scm @@ -63,12 +63,14 @@ (("upnpc") (string-append (assoc-ref outputs "out") "/bin/upnpc")))))))) (home-page "http://miniupnp.free.fr/") - (synopsis "Library implementing the client side UPnP protocol") + (synopsis "UPnP protocol client library") (description - "MiniUPnPc is a library is useful whenever an application needs to listen -for incoming connections but is run behind a UPnP enabled router or firewall. -Examples for such applications include: P2P applications, FTP clients for -active mode, IRC (for DCC) or IM applications, network games, any server -software.") + "The MiniUPnPc client library facilitates access to the services provided +by any Universal Plug and Play (UPnP) Internet Gateway Device (IGD) present on +the network. In UPnP terminology, MiniUPnPc is a UPnP Control Point. It is +useful whenever an application needs to listen for incoming connections while +running behind a UPnP-enabled router or firewall. Such applications include +peer-to-peer applications, active-mode FTP clients, DCC file transfers over +IRC, instant messaging, network games, and most server software.") (license (x11-style "file://LICENSE" "See 'LICENSE' file in the distribution")))) From 88d45b74c17377e0bf27c823f87ef3e642bcc451 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Thu, 24 Nov 2016 23:20:24 -0500 Subject: [PATCH 152/161] gnu: nginx: Update to 1.11.6. * gnu/packages/web.scm (nginx): Update to 1.11.6. [arguments]: Remove the obsolete option --with-ipv6 from #:configure-flags. --- gnu/packages/web.scm | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 063a8a9a15..753a81625c 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -123,14 +123,14 @@ and its related documentation.") (define-public nginx (package (name "nginx") - (version "1.11.4") + (version "1.11.6") (source (origin (method url-fetch) (uri (string-append "https://nginx.org/download/nginx-" version ".tar.gz")) (sha256 (base32 - "0fvb09ycxz3xnyynav6ybj6miwh9kv8jcb2vzrmvqhzn8cgiq8h6")))) + "1gc5phrzm2hbpvryaya6rlvasa00vjips4hv5q1rqbcfa6xsnlri")))) (build-system gnu-build-system) (inputs `(("pcre" ,pcre) ("openssl" ,openssl) @@ -150,7 +150,6 @@ and its related documentation.") (list (string-append "--prefix=" (assoc-ref outputs "out")) "--with-http_ssl_module" "--with-pcre-jit" - "--with-ipv6" "--with-debug" ;; Even when not cross-building, we pass the ;; --crossbuild option to avoid customizing for the From 2cd3b6fd03b987eb55b2ab9fd3817696d4f1a4d5 Mon Sep 17 00:00:00 2001 From: Theodoros Foradis Date: Tue, 15 Nov 2016 22:53:21 +0200 Subject: [PATCH 153/161] gnu: Add wxwidgets-gtk2. * gnu/packages/wxwidgets.scm (wxwidgets-gtk2): New variable. Signed-off-by: Leo Famulari --- gnu/packages/wxwidgets.scm | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/gnu/packages/wxwidgets.scm b/gnu/packages/wxwidgets.scm index 31da2a9eed..4efe7a13bc 100644 --- a/gnu/packages/wxwidgets.scm +++ b/gnu/packages/wxwidgets.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer ;;; Copyright © 2016 Ricardo Wurmus +;;; Copyright © 2016 Theodoros Foradis ;;; ;;; This file is part of GNU Guix. ;;; @@ -109,3 +110,11 @@ and many other languages.") (assoc-ref %outputs "out") "/lib")) ;; No 'check' target. #:tests? #f)))) + +(define-public wxwidgets-gtk2 + (package (inherit wxwidgets) + (inputs `(("gtk+" ,gtk+-2) + ,@(alist-delete + "gtk+" + (package-inputs wxwidgets)))) + (name "wxwidgets-gtk2"))) From b353c7d201fa964be1c5b86c8d8d6a7bbc7b5398 Mon Sep 17 00:00:00 2001 From: Theodoros Foradis Date: Tue, 15 Nov 2016 22:53:22 +0200 Subject: [PATCH 154/161] gnu: Add python2-wxpython. * gnu/packages/wxwidgets.scm (python2-wxpython): New variable. Signed-off-by: Leo Famulari --- gnu/packages/wxwidgets.scm | 72 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) diff --git a/gnu/packages/wxwidgets.scm b/gnu/packages/wxwidgets.scm index 4efe7a13bc..b72567f259 100644 --- a/gnu/packages/wxwidgets.scm +++ b/gnu/packages/wxwidgets.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer ;;; Copyright © 2016 Ricardo Wurmus ;;; Copyright © 2016 Theodoros Foradis +;;; Copyright © 2016 Danny Milosavljevic ;;; ;;; This file is part of GNU Guix. ;;; @@ -23,6 +24,7 @@ #:use-module (guix download) #:use-module ((guix licenses) #:prefix l:) #:use-module (guix build-system glib-or-gtk) + #:use-module (guix build-system python) #:use-module (guix build utils) #:use-module (gnu packages) #:use-module (gnu packages compression) @@ -32,6 +34,7 @@ #:use-module (gnu packages gtk) #:use-module (gnu packages image) #:use-module (gnu packages pkg-config) + #:use-module (gnu packages python) #:use-module (gnu packages sdl) #:use-module (gnu packages webkit) #:use-module (gnu packages xorg)) @@ -118,3 +121,72 @@ and many other languages.") "gtk+" (package-inputs wxwidgets)))) (name "wxwidgets-gtk2"))) + +(define-public python2-wxpython + (package + (name "python2-wxpython") + (version "3.0.2.0") + (source + (origin + (method url-fetch) + (uri (string-append "mirror://sourceforge/wxpython/wxPython/" + version "/wxPython-src-" version ".tar.bz2")) + (sha256 + (base32 + "0qfzx3sqx4mwxv99sfybhsij4b5pc03ricl73h4vhkzazgjjjhfm")) + (modules '((guix build utils))) + (snippet + '(begin + (lambda (folder) + (delete-file-recursively (string-append "src/" folder)) + '("expat" "jpeg" "png" "tiff" "zlib" "msw" "osx" "msdos")) + (substitute* '("wxPython/setup.py") + ;; setup.py tries to keep its own license the same as wxwidget's + ;; license (which it expects under $WXWIN/docs). + (("'preamble.txt', 'licence.txt', 'licendoc.txt', 'lgpl.txt'") + "")))))) + (build-system python-build-system) + (arguments + `(#:python ,python-2 + #:tests? #f ; tests fail + #:configure-flags (list "WXPORT=gtk2" + "UNICODE=1") + #:phases + (modify-phases %standard-phases + (add-before 'build 'chdir + (lambda _ + (chdir "wxPython") + #t)) + (add-after 'chdir 'set-wx-out-dir + (lambda* (#:key outputs #:allow-other-keys) + ;; By default, install phase tries to copy the wxPython headers in + ;; gnu/store/...-wxwidgets-3.0.2 , which it can't, so they are + ;; redirected to the output directory by setting WXPREFIX. + (substitute* "config.py" + (("= getWxConfigValue\\('--prefix'\\)") + (string-append "= '" (assoc-ref outputs "out") "'"))) + (substitute* "wx/build/config.py" + (("= getWxConfigValue\\('--prefix'\\)") + (string-append "= '" (assoc-ref outputs "out") "'"))) + #t)) + (add-after 'set-wx-out-dir 'setenv + (lambda* (#:key inputs outputs #:allow-other-keys) + (setenv "WXWIN" (assoc-ref inputs "wxwidgets")) + (use-modules (ice-9 popen) (ice-9 rdelim)) + (let ((port (open-pipe* OPEN_READ + (string-append (assoc-ref inputs "wxwidgets") + "/bin/wx-config") "--cppflags"))) + (setenv "CPPFLAGS" (read-string port)) + (close-pipe port)) + #t))))) + (native-inputs + `(("mesa" ,mesa) ; for glcanvas + ("pkg-config" ,pkg-config) + ("python2-setuptools" ,python2-setuptools))) + (inputs + `(("gtk+" ,gtk+-2) ; for wxPython/src/helpers.cpp + ("wxwidgets" ,wxwidgets-gtk2))) + (synopsis "Python 2 Bindings for wxWidgets") + (description "@code{wxpython} provides Python 2 bindings for wxWidgets.") + (home-page "http://wxpython.org/") + (license (package-license wxwidgets)))) From befc9ff64349e772fe6d1da2301e308277bbc24c Mon Sep 17 00:00:00 2001 From: Theodoros Foradis Date: Tue, 15 Nov 2016 22:53:23 +0200 Subject: [PATCH 155/161] gnu: Add kicad. * gnu/packages/engineering.scm (kicad): New variable. Signed-off-by: Leo Famulari --- gnu/packages/engineering.scm | 92 ++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) diff --git a/gnu/packages/engineering.scm b/gnu/packages/engineering.scm index f720906534..fce90055cb 100644 --- a/gnu/packages/engineering.scm +++ b/gnu/packages/engineering.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2016 Efraim Flashner ;;; Copyright © 2016 David Thompson ;;; Copyright © 2016 Ludovic Courtès +;;; Copyright © 2016 Theodoros Foradis ;;; ;;; This file is part of GNU Guix. ;;; @@ -29,6 +30,7 @@ #:use-module (guix store) #:use-module (guix utils) #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix build-system cmake) #:use-module (guix build-system gnu) #:use-module (guix build-system cmake) #:use-module (gnu packages) @@ -39,6 +41,7 @@ #:use-module (gnu packages boost) #:use-module (gnu packages check) #:use-module (gnu packages compression) + #:use-module (gnu packages curl) #:use-module (gnu packages flex) #:use-module (gnu packages fontutils) #:use-module (gnu packages gd) @@ -55,9 +58,14 @@ #:use-module (gnu packages maths) #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) + #:use-module (gnu packages python) #:use-module (gnu packages qt) + #:use-module (gnu packages swig) #:use-module (gnu packages tcl) + #:use-module (gnu packages tls) #:use-module (gnu packages tex) + #:use-module (gnu packages wxwidgets) + #:use-module (gnu packages xorg) #:use-module (srfi srfi-1)) (define-public librecad @@ -588,3 +596,87 @@ fundamental, primitive shapes are represented as code in the user-level language.") (license (list license:lgpl2.1+ ;library license:gpl2+))))) ;Guile bindings + +;; We use kicad from a git commit, because support for boost 1.61.0 has been +;; recently added. +(define-public kicad + (let ((commit "4ee344e150bfaf3a6f3f7bf935fb96ae07c423fa") + (revision "1")) + (package + (name "kicad") + (version (string-append "4.0-" revision "." + (string-take commit 7))) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://git.launchpad.net/kicad") + (commit commit))) + (sha256 + (base32 "0kf6r92nps0658i9n3p9vp5dzbssmc22lvjv5flyvnlf83l63s4n")) + (file-name (string-append name "-" version "-checkout")))) + (build-system cmake-build-system) + (arguments + `(#:out-of-source? #t + #:tests? #f ; no tests + #:configure-flags + (list "-DKICAD_STABLE_VERSION=ON" + "-DKICAD_REPO_NAME=stable" + ,(string-append "-DKICAD_BUILD_VERSION=4.0-" + (string-take commit 7)) + "-DCMAKE_BUILD_TYPE=Release" + "-DKICAD_SKIP_BOOST=ON"; Use our system's boost library. + "-DKICAD_SCRIPTING=ON" + "-DKICAD_SCRIPTING_MODULES=ON" + "-DKICAD_SCRIPTING_WXPYTHON=ON" + ;; Has to be set explicitely, as we don't have the wxPython + ;; headers in the wxwidgets store item, but in wxPython. + (string-append "-DCMAKE_CXX_FLAGS=-I" + (assoc-ref %build-inputs "wxpython") + "/include/wx-3.0") + "-DCMAKE_BUILD_WITH_INSTALL_RPATH=TRUE" + ;; TODO: Enable this when CA certs are working with curl. + "-DBUILD_GITHUB_PLUGIN=OFF") + #:phases + (modify-phases %standard-phases + (add-after 'install 'wrap-program + ;; Ensure correct Python at runtime. + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (python (assoc-ref inputs "python")) + (file (string-append out "/bin/kicad")) + (path (string-append + out + "/lib/python2.7/site-packages:" + (getenv "PYTHONPATH")))) + (wrap-program file + `("PYTHONPATH" ":" prefix (,path)) + `("PATH" ":" prefix + (,(string-append python "/bin:"))))) + #t))))) + (native-inputs + `(("boost" ,boost) + ("gettext" ,gnu-gettext) + ("pkg-config" ,pkg-config) + ("swig" ,swig) + ("zlib" ,zlib))) + (inputs + `(("cairo" ,cairo) + ("curl" ,curl) + ("desktop-file-utils" ,desktop-file-utils) + ("glew" ,glew) + ("glm" ,glm) + ("hicolor-icon-theme" ,hicolor-icon-theme) + ("libsm" ,libsm) + ("mesa" ,mesa) + ("openssl" ,openssl) + ("python" ,python-2) + ("wxwidgets" ,wxwidgets-gtk2) + ("wxpython" ,python2-wxpython))) + (home-page "http://kicad-pcb.org/") + (synopsis "Electronics Design Automation Suite") + (description "Kicad is a program for the formation of printed circuit +boards and electrical circuits. The software has a number of programs that +perform specific functions, for example, pcbnew (Editing PCB), eeschema (editing +electrical diagrams), gerbview (viewing Gerber files) and others.") + (license license:gpl3+)))) From 8f528bd4426fdb3e6e571316b185e70d30485c7e Mon Sep 17 00:00:00 2001 From: Theodoros Foradis Date: Tue, 15 Nov 2016 22:53:24 +0200 Subject: [PATCH 156/161] gnu: Add kicad-library. * gnu/packages/engineering.scm (kicad-library): New variable. Signed-off-by: Leo Famulari --- gnu/packages/engineering.scm | 62 ++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/gnu/packages/engineering.scm b/gnu/packages/engineering.scm index fce90055cb..831e63beda 100644 --- a/gnu/packages/engineering.scm +++ b/gnu/packages/engineering.scm @@ -680,3 +680,65 @@ boards and electrical circuits. The software has a number of programs that perform specific functions, for example, pcbnew (Editing PCB), eeschema (editing electrical diagrams), gerbview (viewing Gerber files) and others.") (license license:gpl3+)))) + +(define-public kicad-library + (let ((version "4.0.4")) + (package + (name "kicad-library") + (version version) + (source (origin + (method url-fetch) + (uri (string-append + "http://downloads.kicad-pcb.org/libraries/kicad-library-" + version ".tar.gz")) + (sha256 + (base32 + "1wyda58y39lhxml0xv1ngvddi0nqihx9bnlza46ajzms38ajvh12")))) + (build-system cmake-build-system) + (arguments + `(#:out-of-source? #t + #:tests? #f ; no tests + #:phases + (modify-phases %standard-phases + (add-after 'install 'install-footprints ; from footprints tarball + (lambda* (#:key inputs outputs #:allow-other-keys) + (zero? (system* "tar" "xvf" + (assoc-ref inputs "kicad-footprints") + "-C" (string-append (assoc-ref outputs "out") + "/share/kicad/modules") + "--strip-components=1")))) + ;; We change the default global footprint file, which is generated if + ;; it doesn't exist in user's home directory, from the one using the + ;; github plugin, to the one using the KISYSMOD environment path. + (add-after 'install-footprints 'use-pretty-footprint-table + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (template-dir (string-append out "/share/kicad/template")) + (fp-lib-table (string-append template-dir "/fp-lib-table"))) + (delete-file fp-lib-table) + (copy-file (string-append fp-lib-table ".for-pretty") + fp-lib-table)) + #t))))) + (native-search-paths + (list (search-path-specification + (variable "KISYSMOD") ; footprint path + (files '("share/kicad/modules"))) + (search-path-specification + (variable "KISYS3DMOD") ; 3D model path + (files '("share/kicad/modules/packages3d"))))) + ;; Kicad distributes footprints in a separate tarball + (native-inputs + `(("kicad-footprints" + ,(origin + (method url-fetch) + (uri (string-append + "http://downloads.kicad-pcb.org/libraries/kicad-footprints-" + version ".tar.gz")) + (sha256 + (base32 + "0ya4gg6clz3vp2wrb67xwg0bhwh5q8ag39jjmpcp4zjcqs1f48rb")))))) + (home-page "http://kicad-pcb.org/") + (synopsis "Libraries for kicad") + (description "This package provides Kicad component, footprint and 3D +render model libraries.") + (license license:lgpl2.0+)))) From 1e347214352ea0dc39944f809b9bb041a77c02d3 Mon Sep 17 00:00:00 2001 From: Alex Kost Date: Wed, 23 Nov 2016 23:25:27 +0300 Subject: [PATCH 157/161] gnu: qemu: Install all required info files. * gnu/packages/qemu.scm (qemu)[arguments]: Adjust 'install-info' phase to find all info files (including "*.info-N"). --- gnu/packages/qemu.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/qemu.scm b/gnu/packages/qemu.scm index 3c48b7a278..e429c04244 100644 --- a/gnu/packages/qemu.scm +++ b/gnu/packages/qemu.scm @@ -119,7 +119,7 @@ (let ((infodir (string-append out "/share/info"))) (for-each (lambda (info) (install-file info infodir)) - (find-files "." "\\.info$")) + (find-files "." "\\.info")) #t)))))) (add-before 'check 'make-gtester-verbose (lambda _ From aaaf8b384492c84f99a6e47631dee06575dbcd2e Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Thu, 24 Nov 2016 11:10:42 +0100 Subject: [PATCH 158/161] gnu: qtractor: Update to 0.8.0. * gnu/packages/music.scm (qtractor): Update to 0.8.0. --- gnu/packages/music.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index 64e7455603..14839c1b6e 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -1638,14 +1638,14 @@ computer's keyboard.") (define-public qtractor (package (name "qtractor") - (version "0.7.9") + (version "0.8.0") (source (origin (method url-fetch) (uri (string-append "http://downloads.sourceforge.net/qtractor/" "qtractor-" version ".tar.gz")) (sha256 (base32 - "0pp459kfgrnngj373gnwwl43xjz32lmyf7v62p2nnjh6c7wr1ryq")))) + "17v563liyqcvil204ry1qfp09d91944nqz2ig33f5c3pyg4z2427")))) (build-system gnu-build-system) (arguments `(#:tests? #f)) ; no "check" target (inputs From dead1067c3213429197ece3f5423230524ba9bd9 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 24 Nov 2016 20:22:25 +0100 Subject: [PATCH 159/161] gnu: hplip: Update to 3.16.11. * gnu/packages/cups.scm (hplip): Update to 3.16.11. --- gnu/packages/cups.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/cups.scm b/gnu/packages/cups.scm index 802accf6c6..0a8a10ecb4 100644 --- a/gnu/packages/cups.scm +++ b/gnu/packages/cups.scm @@ -317,14 +317,14 @@ device-specific programs to convert and print many types of files.") (define-public hplip (package (name "hplip") - (version "3.16.10") + (version "3.16.11") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/hplip/hplip/" version "/hplip-" version ".tar.gz")) (sha256 (base32 - "117f1p0splg51ljn4nn97c0mbl0jba440ahb3d8njq7p6h1lxd25")))) + "094vkyr0rjng72m13dgr824cdl7q20x23qjxzih4w7l9njn0rqpn")))) (build-system gnu-build-system) (home-page "http://hplipopensource.com/") (synopsis "HP Printer Drivers") From fc89cb691d5d56c121ee17277ee94c0d934240f0 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 24 Nov 2016 20:22:25 +0100 Subject: [PATCH 160/161] gnu: lz4: Update to 1.7.4.2. * gnu/packages/compression.scm (lz4): Update to 1.7.4.2. --- gnu/packages/compression.scm | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index b6c8604a23..bdf87562e4 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -603,24 +603,24 @@ writing of compressed data created with the zlib and bzip2 libraries.") (define-public lz4 (package (name "lz4") - (version "131") + (version "1.7.4.2") (source (origin (method url-fetch) (uri (string-append "https://github.com/Cyan4973/lz4/archive/" - "r" version ".tar.gz")) + "v" version ".tar.gz")) (sha256 - (base32 "1vfg305zvj50hwscad24wan9jar6nqj14gdk2hqyr7bb9mhh0kcx")) + (base32 "0l39bymif15rmmfz7h6wvrr853rix4wj8wbqq8z8fm49xa7gx9fb")) (file-name (string-append name "-" version ".tar.gz")))) (build-system gnu-build-system) - (native-inputs `(("valgrind" ,valgrind))) + (native-inputs `(("valgrind" ,valgrind))) ; for tests (arguments `(#:test-target "test" #:parallel-tests? #f ; tests fail if run in parallel #:make-flags (list "CC=gcc" (string-append "PREFIX=" (assoc-ref %outputs "out"))) #:phases (modify-phases %standard-phases - (delete 'configure)))) + (delete 'configure)))) ; no configure script (home-page "https://github.com/Cyan4973/lz4") (synopsis "Compression algorithm focused on speed") (description "LZ4 is a lossless compression algorithm, providing From d66cbd1adc799b08e66cd912822c6220499b4876 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Fri, 25 Nov 2016 17:00:51 +0100 Subject: [PATCH 161/161] gnu: btrfs-progs: Update to 4.8.4. * gnu/packages/linux.scm (btrfs-progs): Update to 4.8.4. --- gnu/packages/linux.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index e562213058..a4639bdd59 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -2664,7 +2664,7 @@ and copy/paste text in the console and in xterm.") (define-public btrfs-progs (package (name "btrfs-progs") - (version "4.8.3") + (version "4.8.4") (source (origin (method url-fetch) (uri (string-append "mirror://kernel.org/linux/kernel/" @@ -2672,7 +2672,7 @@ and copy/paste text in the console and in xterm.") "btrfs-progs-v" version ".tar.xz")) (sha256 (base32 - "1wlflrygnpndppil9g12pk184f75g9qx1lkr0x1gijigglqhr9n1")))) + "1ib1ybpjhcymcycjiraz1vk01qlyvpwcg7mwfhmacdy3cvbfl9mz")))) (build-system gnu-build-system) (outputs '("out" "static")) ; static versions of binaries in "out" (~16MiB!)