Skip to content

Commit

Permalink
Merge staging at '256ba86' into master
Browse files Browse the repository at this point in the history
  • Loading branch information
@FRidh
FRidh committed Feb 11, 2018
2 parents 773aca9 + 256ba86 commit 9d69ebe
Show file tree
Hide file tree
Showing 8 changed files with 49 additions and 97 deletions.
12 changes: 2 additions & 10 deletions pkgs/development/libraries/libtasn1/default.nix
View file
@@ -1,21 +1,13 @@
{ stdenv, fetchurl, perl, texinfo }:

stdenv.mkDerivation rec {
name = "libtasn1-4.12";
name = "libtasn1-4.13";

src = fetchurl {
url = "mirror://gnu/libtasn1/${name}.tar.gz";
sha256 = "0ls7jdq3y5fnrwg0pzhq11m21r8pshac2705bczz6mqjc8pdllv7";
sha256 = "1jlc1iahj8k3haz28j55nzg7sgni5h41vqy461i1bpbx6668wlky";
};

patches = [
(fetchurl {
name = "CVE-2017-10790.patch";
url = "https://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=patch;h=d8d805e1f2e6799bb2dff4871a8598dc83088a39";
sha256 = "1v5w0dazp9qc2v7pc8b6g7s4dz5ak10hzrn35hx66q76yzrrzp7i";
})
];

outputs = [ "out" "dev" "devdoc" ];
outputBin = "dev";

Expand Down
5 changes: 2 additions & 3 deletions pkgs/development/python-modules/pytz/default.nix
View file
Expand Up @@ -2,12 +2,11 @@

buildPythonPackage rec {
pname = "pytz";
version = "2017.3";
version = "2018.3";

src = fetchPypi {
inherit pname version;
extension = "zip";
sha256 = "fae4cffc040921b8a2d60c6cf0b5d662c1190fe54d718271db4eb17d44a185b7";
sha256 = "410bcd1d6409026fbaa65d9ed33bf6dd8b1e94a499e32168acfc7b332e4095c0";
};

checkPhase = ''
Expand Down
26 changes: 26 additions & 0 deletions pkgs/os-specific/linux/busybox/sandbox-shell.nix
View file
@@ -0,0 +1,26 @@
{ busybox }:

# Minimal shell for use as basic /bin/sh in sandbox builds
busybox.override {
useMusl = true;
enableStatic = true;
enableMinimal = true;
extraConfig = ''
CONFIG_FEATURE_FANCY_ECHO y
CONFIG_FEATURE_SH_MATH y
CONFIG_FEATURE_SH_MATH_64 y
CONFIG_ASH y
CONFIG_ASH_OPTIMIZE_FOR_SIZE y
CONFIG_ASH_ALIAS y
CONFIG_ASH_BASH_COMPAT y
CONFIG_ASH_CMDCMD y
CONFIG_ASH_ECHO y
CONFIG_ASH_GETOPTS y
CONFIG_ASH_INTERNAL_GLOB y
CONFIG_ASH_JOB_CONTROL y
CONFIG_ASH_PRINTF y
CONFIG_ASH_TEST y
'';
}
5 changes: 4 additions & 1 deletion pkgs/tools/graphics/graphviz/base.nix
View file
Expand Up @@ -31,7 +31,10 @@ stdenv.mkDerivation rec {
CPPFLAGS = stdenv.lib.optionalString (xorg != null && stdenv.isDarwin)
"-I${cairo.dev}/include/cairo";

configureFlags = optional (xorg == null) "--without-x";
configureFlags = [
"--with-ltdl-lib=${libtool.lib}/lib"
"--with-ltdl-include=${libtool}/include"
] ++ stdenv.lib.optional (xorg == null) [ "--without-x" ];

postPatch = ''
for f in $(find . -name Makefile.in); do
Expand Down
26 changes: 2 additions & 24 deletions pkgs/tools/package-management/nix/default.nix
View file
@@ -1,7 +1,7 @@
{ lib, stdenv, fetchurl, fetchFromGitHub, perl, curl, bzip2, sqlite, openssl ? null, xz
, pkgconfig, boehmgc, perlPackages, libsodium, aws-sdk-cpp, brotli
, autoreconfHook, autoconf-archive, bison, flex, libxml2, libxslt, docbook5, docbook5_xsl
, libseccomp, busybox
, libseccomp, busybox-sandbox-shell
, hostPlatform
, storeDir ? "/nix/store"
, stateDir ? "/nix/var"
Expand All @@ -10,29 +10,7 @@

let

sh = busybox.override {
useMusl = true;
enableStatic = true;
enableMinimal = true;
extraConfig = ''
CONFIG_FEATURE_FANCY_ECHO y
CONFIG_FEATURE_SH_MATH y
CONFIG_FEATURE_SH_MATH_64 y
CONFIG_ASH y
CONFIG_ASH_OPTIMIZE_FOR_SIZE y
CONFIG_ASH_ALIAS y
CONFIG_ASH_BASH_COMPAT y
CONFIG_ASH_CMDCMD y
CONFIG_ASH_ECHO y
CONFIG_ASH_GETOPTS y
CONFIG_ASH_INTERNAL_GLOB y
CONFIG_ASH_JOB_CONTROL y
CONFIG_ASH_PRINTF y
CONFIG_ASH_TEST y
'';
};
sh = busybox-sandbox-shell;

common = { name, suffix ? "", src, fromGit ? false }: stdenv.mkDerivation rec {
inherit name src;
Expand Down
38 changes: 0 additions & 38 deletions pkgs/tools/security/rhash/darwin.patch
View file

This file was deleted.

33 changes: 12 additions & 21 deletions pkgs/tools/security/rhash/default.nix
View file
@@ -1,32 +1,23 @@
{ stdenv, fetchurl }:
{ stdenv, fetchFromGitHub, which }:

stdenv.mkDerivation rec {
version = "1.3.3";
version = "2018-02-05";
name = "rhash-${version}";

src = fetchurl {
url = "mirror://sourceforge/rhash/${name}-src.tar.gz";
sha1 = "0981bdc98ba7ef923b1a6cd7fd8bb0374cff632e";
sha256 = "0nii6p4m2x8rkaf8r6smgfwb1q4hpf117kkg64yr6gyqgdchnljv";
src = fetchFromGitHub {
owner = "rhash";
repo = "RHash";
rev = "cc26d54ff5df0f692907a5e3132a5eeca559ed61";
sha256 = "1ldagp931lmxxpyvsb9rrar4iqwmv94m6lfjzkbkshpmk3p5ng7h";
};

patches = stdenv.lib.optional stdenv.isDarwin ./darwin.patch;
nativeBuildInputs = [ which ];

installFlags = [ "DESTDIR=$(out)" "PREFIX=/" ];
# configure script is not autotools-based, doesn't support these options
configurePlatforms = [ ];

# we build the static library because of two makefile bugs
# * .h files installed for static library target only
# * .so.0 -> .so link only created in the static library install target
buildPhase = ''
make lib-shared lib-static build-shared CC=$CC AR=$AR PREFIX=$out
'';

# we don't actually want the static library, so we remove it after it
# gets installed
installPhase = ''
make DESTDIR="$out" PREFIX="/" install-shared install-lib-shared install-lib-static
rm $out/lib/librhash.a
'';
installTargets = [ "install" "install-lib-shared" "install-lib-so-link" ];
postInstall = "make -C librhash install-headers";

meta = with stdenv.lib; {
homepage = http://rhash.anz.ru;
Expand Down
1 change: 1 addition & 0 deletions pkgs/top-level/all-packages.nix
View file
Expand Up @@ -12638,6 +12638,7 @@ with pkgs;
bridge-utils = callPackage ../os-specific/linux/bridge-utils { };

busybox = callPackage ../os-specific/linux/busybox { };
busybox-sandbox-shell = callPackage ../os-specific/linux/busybox/sandbox-shell.nix { };

cachefilesd = callPackage ../os-specific/linux/cachefilesd { };

Expand Down

0 comments on commit 9d69ebe

Please sign in to comment.