diff options
99 files changed, 3593 insertions, 2881 deletions
@@ -43,6 +43,7 @@ Mathieu Lirzin <mthl@gnu.org> <mathieu.lirzin@openmailbox.org> Mathieu Othacehe <m.othacehe@gmail.com> Nikita Karetnikov <nikita@karetnikov.org> <nikita.karetnikov@gmail.com> ng0 <ng0@no-reply.pragmatique.xyz> +ng0 <ng0@no-reply.pragmatique.xyz> <ng0@pragmatique.xyz> ng0 <ng0@no-reply.pragmatique.xyz> <contact.ng0@cryptolab.net> ng0 <ng0@no-reply.pragmatique.xyz> <ng0@we.make.ritual.n0.is> ng0 <ng0@no-reply.pragmatique.xyz> <ngillmann@runbox.com> diff --git a/Makefile.am b/Makefile.am index c2fc2642a7..3925f3e2dc 100644 --- a/Makefile.am +++ b/Makefile.am @@ -76,6 +76,7 @@ MODULES = \ guix/build-system/cmake.scm \ guix/build-system/dub.scm \ guix/build-system/emacs.scm \ + guix/build-system/font.scm \ guix/build-system/asdf.scm \ guix/build-system/glib-or-gtk.scm \ guix/build-system/gnu.scm \ @@ -101,6 +102,7 @@ MODULES = \ guix/build/cmake-build-system.scm \ guix/build/dub-build-system.scm \ guix/build/emacs-build-system.scm \ + guix/build/font-build-system.scm \ guix/build/asdf-build-system.scm \ guix/build/git.scm \ guix/build/hg.scm \ diff --git a/doc/guix.texi b/doc/guix.texi index aa8b705be6..aabb99039a 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -218,6 +218,7 @@ Services * Messaging Services:: Messaging services. * Kerberos Services:: Kerberos services. * Web Services:: Web servers. +* DNS Services:: DNS daemons. * VPN Services:: VPN daemons. * Network File System:: NFS related services. * Continuous Integration:: The Cuirass service. @@ -3626,6 +3627,14 @@ package is installed in its own directory under @file{share/emacs/site-lisp/guix.d}. @end defvr +@defvr {Scheme Variable} font-build-system +This variable is exported by @code{(guix build-system font)}. It +implements an installation procedure for font packages where upstream +provides pre-compiled TrueType, OpenType, etc. font files that merely +need to be copied into place. It copies font files to standard +locations in the output directory. +@end defvr + Lastly, for packages that do not need anything as sophisticated, a ``trivial'' build system is provided. It is trivial in the sense that it provides basically no support: it does not pull any implicit inputs, @@ -7322,7 +7331,7 @@ Access to @file{/dev/sdX} usually requires root privileges. @end enumerate Once this is done, you should be able to reboot the system and boot from -the USB stick. The latter usually requires you to get in the BIOS' or +the USB stick. The latter usually requires you to get in the BIOS or UEFI boot menu, where you can choose to boot from the USB stick. @xref{Installing GuixSD in a VM}, if, instead, you would like to install @@ -7687,10 +7696,12 @@ Boot the USB installation image in an VM: @example qemu-system-x86_64 -m 1024 -smp 1 \ -net user -net nic,model=virtio -boot menu=on \ - -drive file=guixsd.img \ - -drive file=guixsd-usb-install-@value{VERSION}.@var{system} + -drive file=guixsd-usb-install-@value{VERSION}.@var{system} \ + -drive file=guixsd.img @end example +The ordering of the drives matters. + In the VM console, quickly press the @kbd{F12} key to enter the boot menu. Then press the @kbd{2} key and the @kbd{RET} key to validate your selection. @@ -8737,6 +8748,7 @@ declaration. * Messaging Services:: Messaging services. * Kerberos Services:: Kerberos services. * Web Services:: Web servers. +* DNS Services:: DNS daemons. * VPN Services:: VPN daemons. * Network File System:: NFS related services. * Continuous Integration:: The Cuirass service. @@ -13520,6 +13532,472 @@ Whether the server should add its configuration to response. @end table @end deftp +@deftp {Data Type} nginx-upstream-configuration +Data type representing the configuration of an nginx @code{upstream} +block. This type has the following parameters: + +@table @asis +@item @code{name} +Name for this group of servers. + +@item @code{servers} +Specify the addresses of the servers in the group. The address can be +specified as a IP address (e.g. @samp{127.0.0.1}), domain name +(e.g. @samp{backend1.example.com}) or a path to a UNIX socket using the +prefix @samp{unix:}. For addresses using an IP address or domain name, +the default port is 80, and a different port can be specified +explicitly. + +@end table +@end deftp + +@deftp {Data Type} nginx-location-configuration +Data type representing the configuration of an nginx @code{location} +block. This type has the following parameters: + +@table @asis +@item @code{uri} +URI which this location block matches. + +@anchor{nginx-location-configuration body} +@item @code{body} +Body of the location block, specified as a string. This can contain many +configuration directives. For example, to pass requests to a upstream +server group defined using an @code{nginx-upstream-configuration} block, +the following directive would be specified in the body @samp{proxy_pass +http://upstream-name;}. + +@end table +@end deftp + +@deftp {Data Type} nginx-named-location-configuration +Data type representing the configuration of an nginx named location +block. Named location blocks are used for request redirection, and not +used for regular request processing. This type has the following +parameters: + +@table @asis +@item @code{name} +Name to identify this location block. + +@item @code{body} +@xref{nginx-location-configuration body}, as the body for named location +blocks can be used in a similar way to the +@code{nginx-location-configuration body}. One restriction is that the +body of a named location block cannot contain location blocks. + +@end table +@end deftp + + +@node DNS Services +@subsubsection DNS Services +@cindex DNS (domain name system) +@cindex domain name system (DNS) + +The @code{(gnu services dns)} module provides services related to the +@dfn{domain name system} (DNS). It provides a server service for hosting +an @emph{authoritative} DNS server for multiple zones, slave or master. +This service uses @uref{https://www.knot-dns.cz/, Knot DNS}. + +An example configuration of an authoritative server for two zones, one master +and one slave, is: + +@lisp +(define-zone-entries example.org.zone +;; Name TTL Class Type Data + ("@@" "" "IN" "A" "127.0.0.1") + ("@@" "" "IN" "NS" "ns") + ("ns" "" "IN" "A" "127.0.0.1")) + +(define master-zone + (knot-zone-configuration + (domain "example.org") + (zone (zone-file + (origin "example.org") + (entries example.org.zone))))) + +(define slave-zone + (knot-zone-configuration + (domain "plop.org") + (dnssec-policy "default") + (master (list "plop-master")))) + +(define plop-master + (knot-remote-configuration + (id "plop-master") + (address (list "208.76.58.171")))) + +(operating-system + ;; ... + (services (cons* (service knot-service-type + (knot-confifguration + (remotes (list plop-master)) + (zones (list master-zone slave-zone)))) + ;; ... + %base-services))) +@end lisp + +@deffn {Scheme Variable} knot-service-type +This is the type for the Knot DNS server. + +Knot DNS is an authoritative DNS server, meaning that it can serve multiple +zones, that is to say domain names you would buy from a registrar. This server +is not a resolver, meaning that it can only resolve names for which it is +authoritative. This server can be configured to serve zones as a master server +or a slave server as a per-zone basis. Slave zones will get their data from +masters, and will serve it as an authoritative server. From the point of view +of a resolver, there is no difference between master and slave. + +The following data types are used to configure the Knot DNS server: +@end deffn + +@deftp {Data Type} knot-key-configuration +Data type representing a key. +This type has the following parameters: + +@table @asis +@item @code{id} (default: @code{""}) +An identifier for other configuration fields to refer to this key. IDs must +be unique and must not be empty. + +@item @code{algorithm} (default: @code{#f}) +The algorithm to use. Choose between @code{#f}, @code{'hmac-md5}, +@code{'hmac-sha1}, @code{'hmac-sha224}, @code{'hmac-sha256}, @code{'hmac-sha384} +and @code{'hmac-sha512}. + +@item @code{secret} (default: @code{""}) +The secret key itself. + +@end table +@end deftp + +@deftp {Data Type} knot-acl-configuration +Data type representing an Access Control List (ACL) configuration. +This type has the following parameters: + +@table @asis +@item @code{id} (default: @code{""}) +An identifier for ether configuration fields to refer to this key. IDs must be +unique and must not be empty. + +@item @code{address} (default: @code{'()}) +An ordered list of IP addresses, network subnets, or network ranges represented +with strings. The query must match one of them. Empty value means that +address match is not required. + +@item @code{key} (default: @code{'()}) +An ordered list of references to keys represented with strings. The string +must match a key ID defined in a @code{knot-key-configuration}. No key means +that a key is not require to match that ACL. + +@item @code{action} (default: @code{'()}) +An ordered list of actions that are permitted or forbidden by this ACL. Possible +values are lists of zero or more elements from @code{'transfer}, @code{'notify} +and @code{'update}. + +@item @code{deny?} (default: @code{#f}) +When true, the ACL defines restrictions. Listed actions are forbidden. When +false, listed actions are allowed. + +@end table +@end deftp + +@deftp {Data Type} zone-entry +Data type represnting a record entry in a zone file. +This type has the following parameters: + +@table @asis +@item @code{name} (default: @code{"@@"}) +The name of the record. @code{"@@"} refers to the origin of the zone. Names +are relative to the origin of the zone. For example, in the @code{example.org} +zone, @code{"ns.example.org"} actually refers to @code{ns.example.org.example.org}. +Names ending with a dot are absolute, which means that @code{"ns.example.org."} +refers to @code{ns.example.org}. + +@item @code{ttl} (default: @code{""}) +The Time-To-Live (TTL) of this record. If not set, the default TTL is used. + +@item @code{class} (default: @code{"IN"}) +The class of the record. Knot currently supports only @code{"IN"} and +partially @code{"CH"}. + +@item @code{type} (default: @code{"A"}) +The type of the record. Common types include A (IPv4 address), AAAA (IPv6 +address), NS (Name Server) and MX (Mail eXchange). Many other types are +defined. + +@item @code{data} (default: @code{""}) +The data contained in the record. For instance an IP address associated with +an A record, or a domain name associated with an NS record. Remember that +domain names are relative to the origin unless they end with a dot. + +@end table +@end deftp + +@deftp {Data Type} zone-file +Data type representing the content of a zone file. +This type has the following parameters: + +@table @asis +@item @code{entries} (default: @code{'()}) +The list of entries. The SOA record is taken care of, so you don't need to +put it in the list of entries. This list should probably contain an entry +for your primary authoritative DNS server. Other than using a list of entries +directly, you can use @code{define-zone-entries} to define a object containing +the list of entries more easily, that you can later pass to the @code{entries} +field of the @code{zone-file}. + +@item @code{origin} (default: @code{""}) +The name of your zone. This parameter cannot be empty. + +@item @code{ns} (default: @code{"ns"}) +The domain of your primary authoritative DNS server. The name is relative to +the origin, unless it ends with a dot. It is mandatory that this primary +DNS server corresponds to an NS record in the zone and that it is associated +to an IP address in the list of entries. + +@item @code{mail} (default: @code{"hostmaster"}) +An email address people can contact you at, as the owner of the zone. This +is translated as @code{<mail>@@<origin>}. + +@item @code{serial} (default: @code{1}) +The serial number of the zone. As this is used to keep track of changes by +both slaves and resolvers, it is mandatory that it @emph{never} decreases. +Always increment it when you make a change in your zone. + +@item @code{refresh} (default: @code{"2d"}) +The frequency at which slaves will do a zone transfer. This value can be +a number of seconds or a number of some unit between: +@itemize +@item m: minute +@item h: hour +@item d: day +@item w: week +@end itemize + +@item @code{retry} (default: @code{"15m"}) +The period after which a slave will retry to contact its master when it fails +to do so a first time. + +@item @code{expiry} (default: @code{"2w"}) +Default TTL of records. Existing records are considered correct for at most +this amount of time. After this period, resolvers will invalidate their cache +and check again that it still exists. + +@item @code{nx} (default: @code{"1h"}) +Default TTL of inexistant records. This delay is usually short because you want +your new domains to reach everyone quickly. + +@end table +@end deftp + +@deftp {Data Type} knot-remote-configuration +Data type representing a remote configuration. +This type has the following parameters: + +@table @asis +@item @code{id} (default: @code{""}) +An identifier for other configuration fields to refer to this remote. IDs must +be unique and must not be empty. + +@item @code{address} (default: @code{'()}) +An ordered list of destination IP addresses. Addresses are tried in sequence. +An optional port can be given with the @@ separator. For instance: +@code{(list "1.2.3.4" "2.3.4.5@@53")}. Default port is 53. + +@item @code{via} (default: @code{'()}) +An ordered list of source IP addresses. An empty list will have Knot choose +an appropriate source IP. An optional port can be given with the @@ separator. +The default is to choose at random. + +@item @code{key} (default: @code{#f}) +A reference to a key, that is a string containing the identifier of a key +defined in a @code{knot-key-configuration} field. + +@end table +@end deftp + +@deftp {Data Type} knot-keystore-configuration +Data type representing a keystore to hold dnssec keys. +This type has the following parameters: + +@table @asis +@item @code{id} (default: @code{""}) +The id of the keystore. It must not be empty. + +@item @code{backend} (default: @code{'pem}) +The backend to store the keys in. Can be @code{'pem} or @code{'pkcs11}. + +@item @code{config} (default: @code{"/var/lib/knot/keys/keys"}) +The configuration string of the backend. An example for the PKCS#11 is: +@code{"pkcs11:token=knot;pin-value=1234 /gnu/store/.../lib/pkcs11/libsofthsm2.so"}. +For the pem backend, the string reprensents a path in the filesystem. + +@end table +@end deftp + +@deftp {Data Type} knot-policy-configuration +Data type representing a dnssec policy. Knot DNS is able to automatically +sign your zones. It can either generate and manage your keys automatically or +use keys that you generate. + +Dnssec is usually implemented using two keys: a Key Signing Key (KSK) that is +used to sign the second, and a Zone Signing Key (ZSK) that is used to sign the +zone. In order to be trusted, the KSK needs to be present in the parent zone +(usually a top-level domain). If your registrar supports dnssec, you will +have to send them your KSK's hash so they can add a DS record in their zone. +This is not automated and need to be done each time you change your KSK. + +The policy also defines the lifetime of keys. Usually, ZSK can be changed +easily and use weaker cryptographic functions (they use lower parameters) in +order to sign records quickly, so they are changed often. The KSK however +requires manual interaction with the registrar, so they are changed less often +and use stronger parameters because they sign only one record. + +This type has the following parameters: + +@table @asis +@item @code{id} (default: @code{""}) +The id of the policy. It must not be empty. + +@item @code{keystore} (default: @code{"default"}) +A reference to a keystore, that is a string containing the identifier of a +keystore defined in a @code{knot-keystore-configuration} field. The +@code{"default"} identifier means the default keystore (a kasp database that +was setup by this service). + +@item @code{manual?} (default: @code{#f}) +Whether the key management is manual or automatic. + +@item @code{single-type-signing?} (default: @code{#f}) +When @code{#t}, use the Single-Type Signing Scheme. + +@item @code{algorithm} (default: @code{"ecdsap256sha256"}) +An algorithm of signing keys and issued signatures. + +@item @code{ksk-size} (default: @code{256}) +The length of the KSK. Note that this value is correct for the default +algorithm, but would be unsecure for other algorithms. + +@item @code{zsk-size} (default: @code{256}) +The length of the ZSK. Note that this value is correct for the default +algorithm, but would be unsecure for other algorithms. + +@item @code{dnskey-ttl} (default: @code{'default}) +The TTL value for DNSKEY records added into zone apex. The special +@code{'default} value means same as the zone SOA TTL. + +@item @code{zsk-lifetime} (default: @code{"30d"}) +The period between ZSK publication and the next rollover initiation. + +@item @code{propagation-delay} (default: @code{"1d"}) +An extra delay added for each key rollover step. This value should be high +enough to cover propagation of data from the master server to all slaves. + +@item @code{rrsig-lifetime} (default: @code{"14d"}) +A validity period of newly issued signatures. + +@item @code{rrsig-refresh} (default: @code{"7d"}) +A period how long before a signature expiration the signature will be refreshed. + +@item @code{nsec3?} (default: @code{#f}) +When @code{#t}, NSEC3 will be used instead of NSEC. + +@item @code{nsec3-iterations} (default: @code{5}) +The number of additional times the hashing is performed. + +@item @code{nsec3-salt-length} (default: @code{8}) +The length of a salt field in octets, which is appended to the original owner +name before hashing. + +@item @code{nsec3-salt-lifetime} (default: @code{"30d"}) +The validity period of newly issued salt field. + +@end table +@end deftp + +@deftp {Data Type} knot-zone-configuration +Data type representing a zone served by Knot. +This type has the following parameters: + +@table @asis +@item @code{domain} (default: @code{""}) +The domain served by this configuration. It must not be empty. + +@item @code{file} (default: @code{""}) +The file where this zone is saved. This parameter is ignored by master zones. +Empty means default location that depends on the domain name. + +@item @code{zone} (default: @code{(zone-file)}) +The content of the zone file. This parameter is ignored by slave zones. It +must contain a zone-file record. + +@item @code{master} (default: @code{'()}) +A list of master remotes. When empty, this zone is a master. When set, this +zone is a slave. This is a list of remotes identifiers. + +@item @code{ddns-master} (default: @code{#f}) +The main master. When empty, it defaults to the first master in the list of +masters. + +@item @code{notify} (default: @code{'()}) +A list of slave remote identifiers. + +@item @code{acl} (default: @code{'()}) +A list of acl identifiers. + +@item @code{semantic-checks?} (default: @code{#f}) +When set, this adds more semantic checks to the zone. + +@item @code{disable-any?} (default: @code{#f}) +When set, this forbids queries of the ANY type. + +@item @code{zonefile-sync} (default: @code{0}) +The delay between a modification in memory and on disk. 0 means immediate +synchronization. + +@item @code{serial-policy} (default: @code{'increment}) +A policy between @code{'increment} and @code{'unixtime}. + +@end table +@end deftp + +@deftp {Data Type} knot-configuration +Data type representing the Knot configuration. +This type has the following parameters: + +@table @asis +@item @code{knot} (default: @code{knot}) +The Knot package. + +@item @code{run-directory} (default: @code{"/var/run/knot"}) +The run directory. This directory will be used for pid file and sockets. + +@item @code{listen-v4} (default: @code{"0.0.0.0"}) +An ip address on which to listen. + +@item @code{listen-v6} (default: @code{"::"}) +An ip address on which to listen. + +@item @code{listen-port} (default: @code{53}) +A port on which to listen. + +@item @code{keys} (default: @code{'()}) +The list of knot-key-configuration used by this configuration. + +@item @code{acls} (default: @code{'()}) +The list of knot-acl-configuration used by this configuration. + +@item @code{remotes} (default: @code{'()}) +The list of knot-remote-configuration used by this configuration. + +@item @code{zones} (default: @code{'()}) +The list of knot-zone-configuration used by this configuration. + +@end table +@end deftp + @node VPN Services @subsubsection VPN Services @cindex VPN (virtual private network) @@ -13878,63 +14356,6 @@ Defaults to @samp{#f}. @c %end of automatic openvpn-server documentation -@deftp {Data Type} nginx-upstream-configuration -Data type representing the configuration of an nginx @code{upstream} -block. This type has the following parameters: - -@table @asis -@item @code{name} -Name for this group of servers. - -@item @code{servers} -Specify the addresses of the servers in the group. The address can be -specified as a IP address (e.g. @samp{127.0.0.1}), domain name -(e.g. @samp{backend1.example.com}) or a path to a UNIX socket using the -prefix @samp{unix:}. For addresses using an IP address or domain name, -the default port is 80, and a different port can be specified -explicitly. - -@end table -@end deftp - -@deftp {Data Type} nginx-location-configuration -Data type representing the configuration of an nginx @code{location} -block. This type has the following parameters: - -@table @asis -@item @code{uri} -URI which this location block matches. - -@anchor{nginx-location-configuration body} -@item @code{body} -Body of the location block, specified as a string. This can contain many -configuration directives. For example, to pass requests to a upstream -server group defined using an @code{nginx-upstream-configuration} block, -the following directive would be specified in the body @samp{proxy_pass -http://upstream-name;}. - -@end table -@end deftp - -@deftp {Data Type} nginx-named-location-configuration -Data type representing the configuration of an nginx named location -block. Named location blocks are used for request redirection, and not -used for regular request processing. This type has the following -parameters: - -@table @asis -@item @code{name} -Name to identify this location block. - -@item @code{body} -@xref{nginx-location-configuration body}, as the body for named location -blocks can be used in a similar way to the -@code{nginx-location-configuration body}. One restriction is that the -body of a named location block cannot contain location blocks. - -@end table -@end deftp - @node Network File System @subsubsection Network File System @cindex NFS diff --git a/doc/htmlxref.cnf b/doc/htmlxref.cnf index 78f427bd07..c1ce636495 100644 --- a/doc/htmlxref.cnf +++ b/doc/htmlxref.cnf @@ -221,7 +221,7 @@ easejs node ${GS}/easejs/manual/ EMACS_GUIX = https://alezost.github.io/guix.el/manual/latest emacs-guix mono ${EMACS_GUIX}/emacs-guix.html -emacs-guix node ${EMACS_GUIX}/html_node/index.html +emacs-guix node ${EMACS_GUIX}/html_node/ emacs-muse node ${GS}/emacs-muse/manual/muse.html emacs-muse node ${GS}/emacs-muse/manual/html_node/ diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm index a1d2a9cc7d..299c0728cb 100644 --- a/gnu/build/activation.scm +++ b/gnu/build/activation.scm @@ -130,14 +130,15 @@ properties. Return #t on success." ;; 'useradd' fails with "Cannot determine your user name" if the root ;; account doesn't exist. Thus, for bootstrapping purposes, create that ;; one manually. - (begin + (let ((home (or home "/root"))) (call-with-output-file "/etc/shadow" (cut format <> "~a::::::::~%" name)) (call-with-output-file "/etc/passwd" (cut format <> "~a:x:~a:~a:~a:~a:~a~%" name "0" "0" comment home shell)) (chmod "/etc/shadow" #o600) - (copy-account-skeletons (or home "/root")) + (copy-account-skeletons home) + (chmod home #o700) #t) ;; Use 'useradd' from the Shadow package. diff --git a/gnu/build/file-systems.scm b/gnu/build/file-systems.scm index 47aa77dd3e..3e0873377a 100644 --- a/gnu/build/file-systems.scm +++ b/gnu/build/file-systems.scm @@ -236,7 +236,7 @@ Trailing spaces are trimmed." ;; <http://www.ecma-international.org/publications/files/ECMA-ST/Ecma-119.pdf>. (define (iso9660-superblock? sblock) - "Return #t when SBLOCK is a iso9660 superblock." + "Return #t when SBLOCK is an iso9660 volume descriptor." (bytevector=? (sub-bytevector sblock 1 6) ;; Note: "\x01" is the volume descriptor format version (string->utf8 "CD001\x01"))) @@ -245,20 +245,26 @@ Trailing spaces are trimmed." "Find and read the first primary volume descriptor, starting at OFFSET. Return #f if not found." (let* ((sblock (read-superblock device offset 2048 iso9660-superblock?)) - (type-code (if sblock (array-ref sblock 0) 255))) + (type-code (if sblock + (bytevector-u8-ref sblock 0) + (error (format #f + "Could not read ISO9660 primary +volume descriptor from ~s" + device))))) (match type-code (255 #f) ; Volume Descriptor Set Terminator. (1 sblock) ; Primary Volume Descriptor (_ (read-iso9660-primary-volume-descriptor device (+ offset 2048)))))) (define (read-iso9660-superblock device) - "Return the raw contents of DEVICE's iso9660 superblock as a bytevector, or -#f if DEVICE does not contain a iso9660 file system." + "Return the raw contents of DEVICE's iso9660 primary volume descriptor +as a bytevector, or #f if DEVICE does not contain an iso9660 file system." ;; Start reading at sector 16. (read-iso9660-primary-volume-descriptor device (* 2048 16))) (define (iso9660-superblock-uuid sblock) - "Return the modification time of a iso9660 superblock SBLOCK as a bytevector." + "Return the modification time of an iso9660 primary volume descriptor +SBLOCK as a bytevector." ;; Drops GMT offset for compatibility with Grub, blkid and /dev/disk/by-uuid. ;; Compare Grub: "2014-12-02-19-30-23-00". ;; Compare blkid result: "2014-12-02-19-30-23-00". @@ -282,6 +288,7 @@ Trailing spaces are trimmed." (define (iso9660-superblock-volume-name sblock) "Return the volume name of SBLOCK as a string. The volume name is an ASCII string. Trailing spaces are trimmed." + ;; Note: Valid characters are of the set "[0-9][A-Z]_" (ECMA-119 Appendix A) (string-trim-right (latin1->string (sub-bytevector sblock 40 32) (lambda (c) #f)) #\space)) diff --git a/gnu/local.mk b/gnu/local.mk index 95efe60ed6..8b73f7e64c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -42,6 +42,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages.scm \ %D%/packages/abduco.scm \ %D%/packages/abiword.scm \ + %D%/packages/accessibility.scm \ %D%/packages/acct.scm \ %D%/packages/acl.scm \ %D%/packages/admin.scm \ @@ -94,6 +95,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/connman.scm \ %D%/packages/cook.scm \ %D%/packages/cpio.scm \ + %D%/packages/cpp.scm \ %D%/packages/cppi.scm \ %D%/packages/cross-base.scm \ %D%/packages/crypto.scm \ @@ -321,6 +323,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/protobuf.scm \ %D%/packages/pv.scm \ %D%/packages/python.scm \ + %D%/packages/tryton.scm \ %D%/packages/qemu.scm \ %D%/packages/qt.scm \ %D%/packages/ragel.scm \ @@ -392,7 +395,6 @@ GNU_SYSTEM_MODULES = \ %D%/packages/video.scm \ %D%/packages/vim.scm \ %D%/packages/vpn.scm \ - %D%/packages/vtk.scm \ %D%/packages/w3m.scm \ %D%/packages/wdiff.scm \ %D%/packages/web.scm \ @@ -426,6 +428,7 @@ GNU_SYSTEM_MODULES = \ %D%/services/dbus.scm \ %D%/services/desktop.scm \ %D%/services/dict.scm \ + %D%/services/dns.scm \ %D%/services/kerberos.scm \ %D%/services/lirc.scm \ %D%/services/mail.scm \ @@ -592,6 +595,7 @@ dist_patch_DATA = \ %D%/packages/patches/freeimage-CVE-2016-5684.patch \ %D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \ %D%/packages/patches/fuse-overlapping-headers.patch \ + %D%/packages/patches/gajim-CVE-2016-10376.patch \ %D%/packages/patches/gawk-shell.patch \ %D%/packages/patches/gcc-arm-bug-71399.patch \ %D%/packages/patches/gcc-arm-link-spec-fix.patch \ @@ -675,7 +679,6 @@ dist_patch_DATA = \ %D%/packages/patches/id3lib-CVE-2007-4460.patch \ %D%/packages/patches/ilmbase-fix-tests.patch \ %D%/packages/patches/isl-0.11.1-aarch64-support.patch \ - %D%/packages/patches/jasper-CVE-2017-6850.patch \ %D%/packages/patches/jbig2dec-ignore-testtest.patch \ %D%/packages/patches/jbig2dec-CVE-2016-9601.patch \ %D%/packages/patches/jbig2dec-CVE-2017-7885.patch \ @@ -737,25 +740,6 @@ dist_patch_DATA = \ %D%/packages/patches/libssh2-fix-build-failure-with-gcrypt.patch \ %D%/packages/patches/libtar-CVE-2013-4420.patch \ %D%/packages/patches/libtheora-config-guess.patch \ - %D%/packages/patches/libtiff-CVE-2016-10092.patch \ - %D%/packages/patches/libtiff-CVE-2016-10093.patch \ - %D%/packages/patches/libtiff-CVE-2016-10094.patch \ - %D%/packages/patches/libtiff-CVE-2017-5225.patch \ - %D%/packages/patches/libtiff-CVE-2017-7593.patch \ - %D%/packages/patches/libtiff-CVE-2017-7594.patch \ - %D%/packages/patches/libtiff-multiple-UBSAN-crashes.patch \ - %D%/packages/patches/libtiff-assertion-failure.patch \ - %D%/packages/patches/libtiff-divide-by-zero-ojpeg.patch \ - %D%/packages/patches/libtiff-divide-by-zero-tiffcp.patch \ - %D%/packages/patches/libtiff-divide-by-zero-tiffcrop.patch \ - %D%/packages/patches/libtiff-divide-by-zero.patch \ - %D%/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch \ - %D%/packages/patches/libtiff-heap-overflow-tif-dirread.patch \ - %D%/packages/patches/libtiff-heap-overflow-tiffcp.patch \ - %D%/packages/patches/libtiff-heap-overflow-tiffcrop.patch \ - %D%/packages/patches/libtiff-invalid-read.patch \ - %D%/packages/patches/libtiff-null-dereference.patch \ - %D%/packages/patches/libtiff-tiffcp-underflow.patch \ %D%/packages/patches/libtirpc-CVE-2017-8779.patch \ %D%/packages/patches/libtorrent-rasterbar-boost-compat.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ @@ -858,6 +842,7 @@ dist_patch_DATA = \ %D%/packages/patches/openexr-missing-samples.patch \ %D%/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch \ %D%/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch \ + %D%/packages/patches/openldap-CVE-2017-9287.patch \ %D%/packages/patches/openocd-nrf52.patch \ %D%/packages/patches/openssl-runpath.patch \ %D%/packages/patches/openssl-1.1.0-c-rehash-in.patch \ @@ -922,6 +907,12 @@ dist_patch_DATA = \ %D%/packages/patches/python-3.5-getentropy-on-old-kernels.patch \ %D%/packages/patches/python-dendropy-fix-tests.patch \ %D%/packages/patches/python-fix-tests.patch \ + %D%/packages/patches/python-genshi-add-support-for-python-3.4-AST.patch \ + %D%/packages/patches/python-genshi-buildable-on-python-2.7.patch \ + %D%/packages/patches/python-genshi-disable-speedups-on-python-3.3.patch \ + %D%/packages/patches/python-genshi-fix-tests-on-python-3.5.patch \ + %D%/packages/patches/python-genshi-isstring-helper.patch \ + %D%/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch \ %D%/packages/patches/python-parse-too-many-fields.patch \ %D%/packages/patches/python2-rdflib-drop-sparqlwrapper.patch \ %D%/packages/patches/python-statsmodels-fix-tests.patch \ @@ -959,6 +950,7 @@ dist_patch_DATA = \ %D%/packages/patches/ruby-puma-ignore-broken-test.patch \ %D%/packages/patches/ruby-rack-ignore-failing-test.patch \ %D%/packages/patches/ruby-tzinfo-data-ignore-broken-test.patch\ + %D%/packages/patches/rxvt-unicode-escape-sequences.patch \ %D%/packages/patches/scheme48-tests.patch \ %D%/packages/patches/scotch-test-threading.patch \ %D%/packages/patches/screen-fix-info-syntax-error.patch \ @@ -977,7 +969,7 @@ dist_patch_DATA = \ %D%/packages/patches/superlu-dist-scotchmetis.patch \ %D%/packages/patches/swish-e-search.patch \ %D%/packages/patches/swish-e-format-security.patch \ - %D%/packages/patches/synfig-build-fix.patch \ + %D%/packages/patches/synfigstudio-fix-ui-with-gtk3.patch \ %D%/packages/patches/t1lib-CVE-2010-2642.patch \ %D%/packages/patches/t1lib-CVE-2011-0764.patch \ %D%/packages/patches/t1lib-CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch \ diff --git a/gnu/packages/accessibility.scm b/gnu/packages/accessibility.scm new file mode 100644 index 0000000000..0795808768 --- /dev/null +++ b/gnu/packages/accessibility.scm @@ -0,0 +1,78 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 ng0 <ng0@no-reply.pragmatique.xyz> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu packages accessibility) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix build-system glib-or-gtk) + #:use-module (gnu packages) + #:use-module (gnu packages xml) + #:use-module (gnu packages gnome) + #:use-module (gnu packages gstreamer) + #:use-module (gnu packages gtk) + #:use-module (gnu packages xorg) + #:use-module (gnu packages gettext) + #:use-module (gnu packages glib) + #:use-module (gnu packages pkg-config)) + +(define-public florence + (package + (name "florence") + (version "0.6.3") + (source + (origin + (method url-fetch) + (uri (string-append "mirror://sourceforge/florence/florence/" version + "/" name "-" version ".tar.bz2")) + (sha256 + (base32 + "07h9qm22krlwayhzvc391lr23vicw81s48g7rirvx1fj0zyr4aa2")))) + (build-system glib-or-gtk-build-system) + (arguments + `(#:configure-flags (list "--with-xtst" + "--without-docs" + "--with-notification"))) + (inputs + `(("libxml2" ,libxml2) + ("libglade" ,libglade) + ("librsvg" ,librsvg) + ("gstreamer" ,gstreamer) + ("cairo" ,cairo) + ("gtk+" ,gtk+) + ("libxtst" ,libxtst) + ("libxcomposite" ,libxcomposite) + ("libnotify" ,libnotify))) + (native-inputs + `(("gettext-minimal" ,gettext-minimal) + ("intltool" ,intltool) + ("pkg-config" ,pkg-config))) + (home-page "http://florence.sourceforge.net/") + (synopsis "Extensible, scalable virtual keyboard for X11") + (description + "Florence is an extensible scalable virtual keyboard for X11. +It is useful for people who can't use a real hardware keyboard (for +example for people with disabilities), but you must be able to use +a pointing device (as a mouse, a trackball, a touchscreen or opengazer). + +Florence stays out of your way when you don't need it: it appears on the +screen only when you need it. A timer-based auto-click input method is +available to help to click.") + ;; The documentation is under FDL1.2, but we do not install the + ;; documentation. + (license license:gpl2+))) diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index e80dc5867d..730fe052cd 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -802,7 +802,7 @@ system administrator.") (define-public sudo (package (name "sudo") - (version "1.8.19p1") + (version "1.8.20p2") (source (origin (method url-fetch) (uri @@ -812,7 +812,10 @@ system administrator.") version ".tar.gz"))) (sha256 (base32 - "14pwdwl03kdbbyjkvxrfx409x3c1fjqz8aqz2wgwddinhz7v3bxq")))) + "1na5likm1srnd1g5sjx7b0543sczw0yppacyqsazfdg9b48awhmx")) + (modules '((guix build utils))) + (snippet + '(delete-file-recursively "lib/zlib")))) (build-system gnu-build-system) (arguments `(#:configure-flags @@ -860,6 +863,7 @@ system administrator.") (inputs `(("groff" ,groff) ("linux-pam" ,linux-pam) + ("zlib" ,zlib) ("coreutils" ,coreutils))) (home-page "https://www.sudo.ws/") (synopsis "Run commands as root") diff --git a/gnu/packages/algebra.scm b/gnu/packages/algebra.scm index 9abff040bb..a6960ae79b 100644 --- a/gnu/packages/algebra.scm +++ b/gnu/packages/algebra.scm @@ -133,7 +133,7 @@ solve the shortest vector problem.") (define-public pari-gp (package (name "pari-gp") - (version "2.9.1") + (version "2.9.2") (source (origin (method url-fetch) (uri (string-append @@ -141,7 +141,7 @@ solve the shortest vector problem.") version ".tar.gz")) (sha256 (base32 - "0rq7wz9df1xs4acdzzb5dapx8vs6m5py39n2wynw2qv4d2b0ylfw")))) + "0zi08qz9nk17wwdna4xb2vp3i3mh5sgv1y8wqbf0j2sfryxlr8ls")))) (build-system gnu-build-system) (native-inputs `(("texlive" ,texlive-minimal))) (inputs `(("gmp" ,gmp) diff --git a/gnu/packages/animation.scm b/gnu/packages/animation.scm index 8de1fbfaa8..3c590950fd 100644 --- a/gnu/packages/animation.scm +++ b/gnu/packages/animation.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net> +;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net> ;;; ;;; This file is part of GNU Guix. ;;; @@ -23,6 +23,7 @@ #:use-module ((guix licenses) #:prefix license:) #:use-module (guix build-system gnu) #:use-module (gnu packages) + #:use-module (gnu packages algebra) #:use-module (gnu packages boost) #:use-module (gnu packages compression) #:use-module (gnu packages fontutils) @@ -38,15 +39,15 @@ (define-public etl (package (name "etl") - (version "0.04.19") + (version "0.04.22") (source (origin (method url-fetch) ;; Keep this synchronized with the synfig release version. (uri (string-append "mirror://sourceforge/synfig/releases/" - "1.0.2/source/ETL-" version ".tar.gz")) + "1.2.0/source/ETL-" version ".tar.gz")) (sha256 (base32 - "070c70slizrklq1gbgja8m49xfmq65wlcd6hz6418cpx0wd4r55s")))) + "0ii73nsd3xzkhz6w1rnxwphl637j9w82xiy6apa9vin2isdynnmc")))) (build-system gnu-build-system) (home-page "http://www.synfig.org") (synopsis "Extended C++ template library") @@ -59,7 +60,7 @@ C++ @dfn{Standard Template Library} (STL).") (define-public synfig (package (name "synfig") - (version "1.0.2") + (version "1.2.0") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/synfig/releases/" @@ -67,8 +68,7 @@ C++ @dfn{Standard Template Library} (STL).") ".tar.gz")) (sha256 (base32 - "1d3z2r78j3rkff47q3wl0ami69y3l4nyi5r9zclymb8ar7mgkk9l")) - (patches (search-patches "synfig-build-fix.patch")))) + "1gqx4gn4c73rqwhsgzx0a460gr9hadmi28csp75rx30qavqsj7k1")))) (build-system gnu-build-system) (arguments `(#:configure-flags @@ -90,16 +90,6 @@ C++ @dfn{Standard Template Library} (STL).") (("remove_child\\(") "remove_node(")) (substitute* "src/modules/mod_svg/svg_parser.cpp" (("xmlpp::Node::NodeList") "xmlpp::Node::const_NodeList")) - #t)) - (add-after 'unpack 'fix-isnan-error - (lambda _ - (substitute* "src/synfig/time.cpp" - (("return !::isnan") "return !std::isnan")) - #t)) - (add-before 'configure 'set-flags - (lambda _ - ;; Compile with C++11, required by libsigc++. - (setenv "CXXFLAGS" "-D__STDC_CONSTANT_MACROS -std=gnu++11") #t))))) (inputs `(("boost" ,boost) @@ -110,11 +100,12 @@ C++ @dfn{Standard Template Library} (STL).") ("libmng" ,libmng) ("zlib" ,zlib))) ;; synfig.pc lists the following as required: Magick++ freetype2 - ;; fontconfig OpenEXR ETL glibmm-2.4 giomm-2.4 libxml++-3.0 sigc++-2.0 + ;; fontconfig fftw OpenEXR ETL glibmm-2.4 giomm-2.4 libxml++-3.0 sigc++-2.0 ;; cairo pango pangocairo mlt++ (propagated-inputs `(("cairo" ,cairo) ("etl" ,etl) + ("fftw" ,fftw) ("fontconfig" ,fontconfig) ("freetype" ,freetype) ("glibmm" ,glibmm) @@ -137,7 +128,7 @@ for tweening, preventing the need to hand-draw each frame.") (define-public synfigstudio (package (name "synfigstudio") - (version "1.0.2") + (version "1.2.0") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/synfig/releases/" @@ -145,29 +136,32 @@ for tweening, preventing the need to hand-draw each frame.") ".tar.gz")) (sha256 (base32 - "1xa74dlgkpjn0gzdcs0x25z7wg0806v2wygvvi73f7sn1fm88ig4")) + "0fbckfbw8dzf0m2wv7vlmw492k1dqa3zf510z019d0as3zpnp6qm")) (modules '((guix build utils))) (snippet '(begin (substitute* "src/synfigapp/pluginmanager.cpp" (("xmlpp::Node\\* n =") "const xmlpp::Node* n =") (("xmlpp::Node::NodeList") "xmlpp::Node::const_NodeList")) - ;; Some files are ISO-8859-1 encoded. - (with-fluids ((%default-port-encoding #f)) - (substitute* (find-files "src/" "\\.(cpp|h)$") - (("#include <sigc\\+\\+/retype\\.h>") - "#include <sigc++/adaptors/retype.h>") - (("#include <sigc\\+\\+/hide\\.h>") - "#include <sigc++/adaptors/hide.h>") - (("#include <sigc\\+\\+/object\\.h>") - "#include <sigc++/trackable.h>"))) - #t)))) + #t)) + (patches + (search-patches "synfigstudio-fix-ui-with-gtk3.patch")))) (build-system gnu-build-system) (arguments - `(#:configure-flags - (list "CXXFLAGS=-std=gnu++11"))) + `(#:phases + (modify-phases %standard-phases + ;; This fixes the file chooser crash that happens with GTK 3. + (add-after 'install 'wrap-program + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (gtk (assoc-ref inputs "gtk+")) + (gtk-share (string-append gtk "/share"))) + (wrap-program (string-append out "/bin/synfigstudio") + `("XDG_DATA_DIRS" ":" prefix (,gtk-share))) + #t)))))) (inputs `(("gtkmm" ,gtkmm) + ("gtk+" ,gtk+) ("libsigc++" ,libsigc++) ("synfig" ,synfig))) (native-inputs diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm index f66967f790..b62438e4f1 100644 --- a/gnu/packages/backup.scm +++ b/gnu/packages/backup.scm @@ -118,7 +118,7 @@ spying and/or modification by the server.") (define-public par2cmdline (package (name "par2cmdline") - (version "0.7.0") + (version "0.7.1") (source (origin (method url-fetch) (uri (string-append "https://github.com/Parchive/par2cmdline/archive/v" @@ -126,14 +126,13 @@ spying and/or modification by the server.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1m9vnv3pg0nds47raq2rd2kfpaad1sc10hv40hll5byksqlbfxyq")))) + "0b2m90jmxm37zpvwcmhshdznnh3l5g5ahdx459a9ckgsxy77jkl9")))) (native-inputs `(("automake" ,automake) ("autoconf" ,autoconf))) (build-system gnu-build-system) (arguments - `(#:parallel-tests? #f - #:phases + `(#:phases (modify-phases %standard-phases (add-after 'unpack 'autoreconf (lambda _ (zero? (system* "autoreconf" "-vfi"))))))) diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index e4cc520868..a5c28afc6e 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -2093,7 +2093,7 @@ identify enrichments with functional annotations of the genome.") (define-public diamond (package (name "diamond") - (version "0.9.1") + (version "0.9.3") (source (origin (method url-fetch) (uri (string-append @@ -2102,7 +2102,7 @@ identify enrichments with functional annotations of the genome.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "062943yk3mp23jpcawamkh1zawx9br95l7w178v0kyr863v4p5a1")))) + "1fs5ilvda50vfdg9wll35w8hcpq3jlkp8q2kim4llkwljkj8bls3")))) (build-system cmake-build-system) (arguments '(#:tests? #f ; no "check" target @@ -3214,6 +3214,44 @@ data.") (supported-systems '("x86_64-linux")) (license license:bsd-3))) +(define-public kaiju + (package + (name "kaiju") + (version "1.5.0") + (source (origin + (method url-fetch) + (uri (string-append + "https://github.com/bioinformatics-centre/kaiju/archive/v" + version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "0afbfalfw9y39bkwnqjrh9bghs118ws1pzj5h8l0nblgn3mbjdks")))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; There are no tests. + #:phases + (modify-phases %standard-phases + (delete 'configure) + (add-before 'build 'move-to-src-dir + (lambda _ (chdir "src") #t)) + (replace 'install + (lambda* (#:key inputs outputs #:allow-other-keys) + (let ((bin (string-append (assoc-ref outputs "out") "/bin"))) + (mkdir-p bin) + (chdir "..") + (copy-recursively "bin" bin) + (copy-recursively "util" bin)) + #t))))) + (inputs + `(("perl" ,perl))) + (home-page "http://kaiju.binf.ku.dk/") + (synopsis "Fast and sensitive taxonomic classification for metagenomics") + (description "Kaiju is a program for sensitive taxonomic classification +of high-throughput sequencing reads from metagenomic whole genome sequencing +experiments.") + (license license:gpl3+))) + (define-public macs (package (name "macs") diff --git a/gnu/packages/bootloaders.scm b/gnu/packages/bootloaders.scm index 396368379f..c4be211f1a 100644 --- a/gnu/packages/bootloaders.scm +++ b/gnu/packages/bootloaders.scm @@ -91,7 +91,11 @@ ;; Make the font visible. (copy-file (assoc-ref inputs "unifont") "unifont.bdf.gz") (system* "gunzip" "unifont.bdf.gz") - #t))))) + #t))) + + ;; We suspect there are race conditions when running tests in parallel: + ;; <https://bugs.gnu.org/26936>. + #:parallel-tests? #f)) (inputs `(("gettext" ,gettext-minimal) diff --git a/gnu/packages/cpp.scm b/gnu/packages/cpp.scm new file mode 100644 index 0000000000..da192553a5 --- /dev/null +++ b/gnu/packages/cpp.scm @@ -0,0 +1,59 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Ethan R. Jones <doubleplusgood23@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu packages cpp) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix build-system gnu) + #:use-module (gnu packages) + #:use-module (gnu packages autotools)) + +(define-public libzen + (package + (name "libzen") + (version "0.4.35") + (source (origin + (method url-fetch) + (uri (string-append "https://mediaarea.net/download/source/" + name "/" version "/" + name "_" version ".tar.bz2")) + (sha256 + (base32 + "12a1icgcffgv503ii2k1453kxg5hfly09mf4zjcc80aq8a6rf8by")))) + (native-inputs + `(("autoconf" ,autoconf) + ("automake" ,automake) + ("libtool" ,libtool))) + (build-system gnu-build-system) + (arguments + '(#:phases + ;; build scripts not in root of archive + (modify-phases %standard-phases + (add-before 'configure 'pre-configure + (lambda _ + (chdir "Project/GNU/Library"))) + (add-before 'configure 'autogen + (lambda _ + (zero? (system* "./autogen.sh"))))))) + (home-page "https://github.com/MediaArea/ZenLib") + (synopsis "C++ utility library") + (description "ZenLib is a C++ utility library. It includes classes for handling +strings, configuration, bit streams, threading, translation, and cross-platform +operating system functions.") + (license license:zlib))) diff --git a/gnu/packages/cross-base.scm b/gnu/packages/cross-base.scm index d5ca9b8da0..abc3a2821c 100644 --- a/gnu/packages/cross-base.scm +++ b/gnu/packages/cross-base.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org> ;;; Copyright © 2016 Manolis Fragkiskos Ragkousis <manolis837@gmail.com> @@ -40,10 +40,13 @@ cross-gcc cross-newlib?)) -(define %xgcc +(define-syntax %xgcc ;; GCC package used as the basis for cross-compilation. It doesn't have to ;; be 'gcc' and can be a specific variant such as 'gcc-4.8'. - gcc) + ;; + ;; Note: This is a macro so that we do not refer to 'gcc' from the top + ;; level, which would lead to circular-dependency issues. + (identifier-syntax gcc)) (define %gcc-include-paths ;; Environment variables for header search paths. diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 894785b3a9..cd5f53daa3 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -372,7 +372,7 @@ Language.") (define-public mariadb (package (name "mariadb") - (version "10.1.23") + (version "10.1.24") (source (origin (method url-fetch) (uri (string-append "https://downloads.mariadb.org/f/" @@ -380,7 +380,7 @@ Language.") name "-" version ".tar.gz")) (sha256 (base32 - "1gq08dj9skr0gli1nj7a8wl92w8lmmqy0sbxvkmy79dz4i713n2l")))) + "07jm9m7d5x4zdpasdjs98m36dkjl7ypc9jz4xmnczj0ybfp9kpxk")))) (build-system cmake-build-system) (arguments '(#:configure-flags diff --git a/gnu/packages/dictionaries.scm b/gnu/packages/dictionaries.scm index 1e766d73bd..df12bf8a32 100644 --- a/gnu/packages/dictionaries.scm +++ b/gnu/packages/dictionaries.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org> -;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com> ;;; ;;; This file is part of GNU Guix. @@ -25,6 +25,11 @@ #:use-module (guix build-system gnu) #:use-module (guix build-system trivial) #:use-module (gnu packages base) + #:use-module (gnu packages curl) + #:use-module (gnu packages emacs) + #:use-module (gnu packages fribidi) + #:use-module (gnu packages linux) + #:use-module (gnu packages readline) #:use-module (gnu packages texinfo) #:use-module (gnu packages compression) #:use-module (gnu packages tcl)) @@ -200,3 +205,50 @@ work, such as sentence length and other readability measures.") It comes with a German-English dictionary with approximately 270,000 entries.") (home-page "http://www-user.tu-chemnitz.de/~fri/ding/") (license gpl2+))) + +(define-public translate-shell + (package + (name "translate-shell") + (version "0.9.6.3") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/soimort/" name "/archive/v" + version ".tar.gz")) + (sha256 + (base32 + "13rjq9v3ykk5c0i5daybpnqnyg09cbcgjzykx49h2h5hvspixvi5")) + (file-name (string-append name "-" version ".tar.gz")))) + (build-system gnu-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (delete 'configure) ; no configure phase + (add-after 'install 'emacs-install + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (dest (string-append out "/share/emacs/site-lisp")) + (emacs (string-append (assoc-ref inputs "emacs") "/bin/emacs"))) + (install-file "google-translate-mode.el" dest) + (emacs-generate-autoloads ,name dest))))) + #:make-flags (list (string-append "PREFIX=" %output)) + #:imported-modules (,@%gnu-build-system-modules (guix build emacs-utils)) + #:modules ((guix build gnu-build-system) + (guix build emacs-utils) + (guix build utils)) + #:test-target "test")) + (propagated-inputs + `(("curl" ,curl) + ("fribidi" ,fribidi) + ("rlwrap" ,rlwrap))) + (native-inputs + `(("emacs" ,emacs-minimal) + ("util-linux" ,util-linux))) ; hexdump, for the test + (home-page "https://www.soimort.org/translate-shell") + (synopsis "Translations from the command line") + (description + "Translate Shell (formerly Google Translate CLI) is a command-line +translator powered by Google Translate (default), Bing Translator, +Yandex.Translate and Apertium. It gives you easy access to one of these +translation engines from your terminal.") + (license public-domain))) diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index a85177d814..81a74d1fb5 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -335,28 +335,7 @@ metadata.") (sha256 (base32 "0pp3n8q6kc70blqsaw0zlzp6bc327dpgdrjr0cnh7hqg1lras7ka")))) - (build-system trivial-build-system) - (native-inputs `(("emacs" ,emacs-minimal))) - (arguments - `(#:modules ((guix build utils) - (guix build emacs-utils)) - #:builder - (begin - (use-modules (guix build utils)) - (use-modules (guix build emacs-utils)) - - (let* ((emacs (string-append (assoc-ref %build-inputs "emacs") - "/bin/emacs")) - (source (assoc-ref %build-inputs "source")) - (lisp-dir (string-append %output - "/share/emacs/site-lisp")) - (target (string-append lisp-dir "/paredit.el"))) - (mkdir-p lisp-dir) - (copy-file source target) - (with-directory-excursion lisp-dir - (parameterize ((%emacs emacs)) - (emacs-generate-autoloads ,name lisp-dir) - (emacs-batch-eval '(byte-compile-file "paredit.el")))))))) + (build-system emacs-build-system) (home-page "http://mumble.net/~campbell/emacs/paredit/") (synopsis "Emacs minor mode for editing parentheses") (description @@ -386,31 +365,7 @@ when typing parentheses directly or commenting out code line by line.") (sha256 (base32 "0xxrmf0jnyljxvllc22qa0v8lgi4k1ldnayjm5hf68m25jsr378l")))) - (build-system gnu-build-system) - (arguments - `(#:modules ((guix build gnu-build-system) - (guix build emacs-utils) - (guix build utils)) - #:imported-modules (,@%gnu-build-system-modules - (guix build emacs-utils)) - - #:make-flags (list (string-append "PREFIX=" - (assoc-ref %outputs "out")) - ;; Don't put .el files in a 'git-modes' - ;; sub-directory. - (string-append "LISPDIR=" - (assoc-ref %outputs "out") - "/share/emacs/site-lisp")) - #:tests? #f ; no check target - #:phases (modify-phases %standard-phases - (delete 'configure) - (add-after 'install 'emacs-autoloads - (lambda* (#:key outputs #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (lisp (string-append - out "/share/emacs/site-lisp/"))) - (emacs-generate-autoloads ,name lisp))))))) - (native-inputs `(("emacs" ,emacs-minimal))) + (build-system emacs-build-system) (home-page "https://github.com/magit/git-modes") (synopsis "Emacs major modes for Git configuration files") (description @@ -694,30 +649,7 @@ programs.") (sha256 (base32 "07312bvvyz86lf64vdkxg2l1wgfjl25ljdjwlf1bdzj01c4hm88x")))) - (build-system trivial-build-system) - (arguments - `(#:modules ((guix build utils) - (guix build emacs-utils)) - - #:builder (begin - (use-modules (guix build emacs-utils) - (guix build utils)) - - (let* ((out (assoc-ref %outputs "out")) - (lispdir (string-append out - "/share/emacs/site-lisp/" - "guix.d/let-alist-" - ,version)) - (emacs (assoc-ref %build-inputs "emacs"))) - - (mkdir-p lispdir) - (copy-file (assoc-ref %build-inputs "source") - (string-append lispdir "/let-alist.el")) - - (setenv "PATH" (string-append emacs "/bin")) - (emacs-byte-compile-directory lispdir) - #t)))) - (native-inputs `(("emacs" ,emacs-minimal))) + (build-system emacs-build-system) (home-page "https://elpa.gnu.org/packages/let-alist.html") (synopsis "Easily let-bind values of an assoc-list by their names") (description @@ -1228,6 +1160,37 @@ or XEmacs.") the Emacs buffer.") (license license:gpl3+))) +(define-public emacs-direnv + (package + (name "emacs-direnv") + (version "1.2.0") + (source + (origin + (method url-fetch) + (uri (string-append + "https://github.com/wbolster/emacs-direnv/archive/" + version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "0m9nxawklhiiysyibzzhh2zkxgq1fskqvaqb06f7r8dnhabfy9fr")))) + (build-system emacs-build-system) + (propagated-inputs + `(("dash" ,emacs-dash) + ("with-editor" ,emacs-with-editor))) + (home-page "https://github.com/wbolster/emacs-direnv") + (synopsis "Direnv integration for Emacs") + (description + "This package provides support for invoking direnv to get the environment +for the current file and updating the environment within Emacs to match. + +Direnv can be invoked manually, and a global minor mode is included that will +update the environment when the active buffer changes. + +Using emacs-direnv means that programs started from Emacs will use the +environment set through Direnv.") + (license license:gpl3+))) + (define-public emacs-google-maps (package (name "emacs-google-maps") @@ -2053,6 +2016,7 @@ source code using IPython.") (base32 "07wgcvg038l88gxvjr0gjpjhyk743w22x1rqghz3gkmif0g70say")))) (build-system emacs-build-system) + (arguments '(#:include '("\\.el$" "\\.wsdl$" "\\.info$"))) (propagated-inputs `(("emacs-async" ,emacs-async))) (home-page "https://elpa.gnu.org/packages/debbugs.html") @@ -4587,9 +4551,12 @@ It should enable you to implement low-level X11 applications.") TryExec=~@*~a~@ Type=Application~%" ,name ,synopsis exwm-executable))) ;; Add a shell wrapper to bin + ;; Set DISPLAY variable to work around + ;; https://github.com/ch11ng/exwm/issues/213 (with-output-to-file exwm-executable (lambda _ (format #t "#!~a ~@ + export DISPLAY=:0 ~@ ~a +SI:localuser:$USER ~@ exec ~a --exit-with-session ~a \"$@\" --eval '~s' ~%" (string-append (assoc-ref inputs "bash") "/bin/sh") @@ -4877,3 +4844,31 @@ running tests easier.") pair of minor modes which suppress all mouse events by intercepting them and running a customisable handler command (@code{ignore} by default). ") (license license:gpl3+))) + +(define-public emacs-restclient + (let ((commit "07a3888bb36d0e29608142ebe743b4362b800f40") + (revision "1")) ;Guix package revision, + ;upstream doesn't have official releases + (package + (name "emacs-restclient") + (version (string-append revision "." + (string-take commit 7))) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/pashky/restclient.el.git") + (commit commit))) + (sha256 + (base32 + "00lmjhb5im1kgrp54yipf1h9pshxzgjlg71yf2rq5n973gvb0w0q")) + (file-name (git-file-name name version)))) + (build-system emacs-build-system) + (propagated-inputs + `(("emacs-helm" ,emacs-helm))) + (home-page "https://github.com/pashky/restclient.el") + (synopsis "Explore and test HTTP REST webservices") + (description + "This tool allows for testing and exploration of HTTP REST Web services +from within Emacs. Restclient runs queries from a plan-text query sheet, +displays results pretty-printed in XML or JSON with @code{restclient-mode}") + (license license:public-domain)))) diff --git a/gnu/packages/fonts.scm b/gnu/packages/fonts.scm index 03a1f6f796..73d76a461f 100644 --- a/gnu/packages/fonts.scm +++ b/gnu/packages/fonts.scm @@ -7,7 +7,7 @@ ;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr> ;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name> -;;; Copyright © 2016, 2017 ng0 <ng0@libertad.pw> +;;; Copyright © 2016, 2017 ng0 <ng0@no-reply.pragmatique.xyz> ;;; Copyright © 2016 Jookia <166291@gmail.com> ;;; Copyright © 2016 Eric Bavier <bavier@member.fsf.org> ;;; Copyright © 2016 Dmitry Nikolaev <cameltheman@gmail.com> @@ -42,6 +42,7 @@ #:use-module (guix packages) #:use-module (guix download) #:use-module (guix git-download) + #:use-module (guix build-system font) #:use-module (guix build-system gnu) #:use-module (guix build-system trivial) #:use-module (gnu packages base) @@ -64,18 +65,7 @@ (sha256 (base32 "06js6znbcf7swn8y3b8ki416bz96ay7d3yvddqnvi88lqhbfcq8m")))) - (build-system trivial-build-system) - (arguments - `(#:modules ((guix build utils)) - #:builder (begin - (use-modules (guix build utils)) - (let ((font-dir (string-append %output - "/share/fonts/opentype")) - (source (assoc-ref %build-inputs "source"))) - (mkdir-p font-dir) - (copy-file source - (string-append font-dir "/" "inconsolata.otf")))))) - (native-inputs `(("source" ,source))) + (build-system font-build-system) (home-page "http://levien.com/type/myfonts/inconsolata.html") (synopsis "Monospace font") (description "A monospace font, designed for code listings and the like, @@ -94,34 +84,7 @@ in print. With attention to detail for high resolution rendering.") (sha256 (base32 "0hjvq2x758dx0sfwqhzflns0ns035qm7h6ygskbx1svzg517sva5")))) - (build-system trivial-build-system) - (arguments - `(#:modules ((guix build utils)) - #:builder (begin - (use-modules (guix build utils) - (srfi srfi-26)) - - (let ((PATH (string-append (assoc-ref %build-inputs - "unzip") - "/bin")) - (font-dir (string-append %output - "/share/fonts/truetype")) - (doc-dir (string-append %output "/share/doc/" - ,name "-" ,version))) - (setenv "PATH" PATH) - (system* "unzip" (assoc-ref %build-inputs "source")) - - (mkdir-p font-dir) - (mkdir-p doc-dir) - (chdir (string-append "ubuntu-font-family-" ,version)) - (for-each (lambda (ttf) - (install-file ttf font-dir)) - (find-files "." "\\.ttf$")) - (for-each (lambda (doc) - (install-file doc doc-dir)) - (find-files "." "\\.txt$")))))) - (native-inputs `(("source" ,source) - ("unzip" ,unzip))) + (build-system font-build-system) (home-page "http://font.ubuntu.com/") (synopsis "The Ubuntu Font Family") (description "The Ubuntu Font Family is a unique, custom designed font @@ -144,43 +107,15 @@ TrueType (TTF) files.") (sha256 (base32 "1mqpds24wfs5cmfhj57fsfs07mji2z8812i5c4pi5pbi738s977s")))) - (build-system trivial-build-system) + (build-system font-build-system) (arguments - `(#:modules ((guix build utils)) - #:builder (begin - (use-modules (guix build utils)) - - (let ((tar (string-append (assoc-ref %build-inputs - "tar") - "/bin/tar")) - (PATH (string-append (assoc-ref %build-inputs - "bzip2") - "/bin")) - (font-dir (string-append - %output "/share/fonts/truetype")) - (conf-dir (string-append - %output "/share/fontconfig/conf.avail")) - (doc-dir (string-append - %output "/share/doc/" ,name "-" ,version))) - (setenv "PATH" PATH) - (system* tar "xvf" (assoc-ref %build-inputs "source")) - - (mkdir-p font-dir) - (mkdir-p conf-dir) - (mkdir-p doc-dir) - (chdir (string-append "dejavu-fonts-ttf-" ,version)) - (for-each (lambda (ttf) - (install-file ttf font-dir)) - (find-files "ttf" "\\.ttf$")) - (for-each (lambda (conf) - (install-file conf conf-dir)) - (find-files "fontconfig" "\\.conf$")) - (for-each (lambda (doc) - (install-file doc doc-dir)) - (find-files "." "\\.txt$|^[A-Z][A-Z]*$")))))) - (native-inputs `(("source" ,source) - ("tar" ,tar) - ("bzip2" ,bzip2))) + `(#:phases + (modify-phases %standard-phases + (add-after 'install 'install-conf + (lambda* (#:key outputs #:allow-other-keys) + (let ((conf-dir (string-append (assoc-ref outputs "out") + "/share/fontconfig/conf.avail"))) + (copy-recursively "fontconfig" conf-dir))))))) (home-page "http://dejavu-fonts.org/") (synopsis "Vera font family derivate with additional characters") (description "DejaVu provides an expanded version of the Vera font family @@ -204,38 +139,7 @@ provide serif, sans and monospaced variants.") (sha256 (base32 "1p3qs51x5327gnk71yq8cvmxc6wgx79sqxfvxcv80cdvgggjfnyv")))) - (build-system trivial-build-system) - (arguments - `(#:modules ((guix build utils)) - #:builder (begin - (use-modules (guix build utils) - (srfi srfi-26)) - - (let ((tar (string-append (assoc-ref %build-inputs - "tar") - "/bin/tar")) - (PATH (string-append (assoc-ref %build-inputs - "bzip2") - "/bin")) - (font-dir (string-append %output - "/share/fonts/truetype")) - (doc-dir (string-append %output "/share/doc/" - ,name "-" ,version))) - (setenv "PATH" PATH) - (system* tar "xvf" (assoc-ref %build-inputs "source")) - - (mkdir-p font-dir) - (mkdir-p doc-dir) - (chdir (string-append "ttf-bitstream-vera-" ,version)) - (for-each (lambda (ttf) - (install-file ttf font-dir)) - (find-files "." "\\.ttf$")) - (for-each (lambda (doc) - (install-file doc doc-dir)) - (find-files "." "\\.TXT$")))))) - (native-inputs `(("source" ,source) - ("tar" ,tar) - ("bzip2" ,bzip2))) + (build-system font-build-system) (home-page "http://www.gnome.org/fonts/") (synopsis "Bitstream Vera sans-serif typeface") (description "Vera is a sans-serif typeface from Bitstream, Inc. This @@ -327,34 +231,7 @@ sans-serif designed for on-screen reading. It is used by GNOME@tie{}3.") (sha256 (base32 "010m4zfqan4w04b6bs9pm3gapn9hsb18bmwwgp2p6y6idj52g43q")))) - (build-system trivial-build-system) - (arguments - `(#:modules ((guix build utils)) - #:builder - (begin - (use-modules (guix build utils)) - - (let ((tar (string-append (assoc-ref %build-inputs "tar") - "/bin/tar")) - (PATH (string-append (assoc-ref %build-inputs "gzip") - "/bin")) - (font-dir (string-append %output "/share/fonts/truetype")) - (doc-dir (string-append %output "/share/doc/" ,name))) - (setenv "PATH" PATH) - (system* tar "xvf" (assoc-ref %build-inputs "source")) - (mkdir-p font-dir) - (mkdir-p doc-dir) - (chdir (string-append "liberation-fonts-ttf-" ,version)) - (for-each (lambda (ttf) - (install-file ttf font-dir)) - (find-files "." "\\.ttf$")) - (for-each (lambda (doc) - (install-file doc doc-dir)) - '("AUTHORS" "ChangeLog" "LICENSE" "README" "TODO")))))) - (native-inputs - `(("source" ,source) - ("tar" ,tar) - ("gzip" ,gzip))) + (build-system font-build-system) (home-page "https://pagure.io/liberation-fonts/") (synopsis "Fonts compatible with Arial, Times New Roman, and Courier New") @@ -526,42 +403,14 @@ text in Simplified Chinese, Traditional Chinese, Japanese, and Korean.") (define-public font-cns11643 (package (name "font-cns11643") - (version "98.1.20170405") + (version "98.1.20170524") (source (origin (method url-fetch) (uri "http://www.cns11643.gov.tw/AIDB/Open_Data.zip") (sha256 (base32 - "02kb3bwjrra0k2hlr2p8xswd2y0xs6j8d9vm6yrby734h02a40qf")))) - (outputs '("out" "tw-kai" "tw-sung")) - (build-system trivial-build-system) - (native-inputs - `(("unzip" ,unzip))) - (arguments - `(#:modules ((guix build utils)) - #:builder - (begin - (use-modules (guix build utils)) - (let* ((font-dir "/share/fonts/truetype/cns11643") - (out (string-append - (assoc-ref %outputs "out") font-dir)) - (tw-kai (string-append - (assoc-ref %outputs "tw-kai") font-dir)) - (tw-sung (string-append - (assoc-ref %outputs "tw-sung") font-dir)) - (unzip (string-append - (assoc-ref %build-inputs "unzip") "/bin/unzip"))) - (system* unzip (assoc-ref %build-inputs "source")) - (chdir "Open_Data/Fonts/") - (install-file "TW-Kai-98_1.ttf" tw-kai) - (install-file "TW-Sung-98_1.ttf" tw-sung) - (install-file "TW-Kai-98_1.ttf" out) - (install-file "TW-Kai-Ext-B-98_1.ttf" out) - (install-file "TW-Kai-Plus-98_1.ttf" out) - (install-file "TW-Sung-98_1.ttf" out) - (install-file "TW-Sung-Ext-B-98_1.ttf" out) - (install-file "TW-Sung-Plus-98_1.ttf" out) - #t)))) + "1iad6rklxkx03ji1fav9faq7cmqkci3i6pcyg2ilvh984j5qzhq3")))) + (build-system font-build-system) (home-page "http://www.cns11643.gov.tw/AIDB/welcome.do") (synopsis "CJK TrueType fonts, TW-Kai and TW-Sung") (description @@ -594,19 +443,7 @@ encoded in the user defined area of the Big-5 code. (sha256 (base32 "1qkljldbmb53zp1rcmpsb8rzy67rnsqcjxi549m9743ifk4isl78")))) - (build-system trivial-build-system) - (arguments - `(#:modules ((guix build utils)) - #:builder - (begin - (use-modules (guix build utils)) - (let ((font-dir (string-append %output - "/share/fonts/truetype/cns11643")) - (source (assoc-ref %build-inputs "source"))) - (mkdir-p font-dir) - (copy-file source - (string-append font-dir "/" "ebas927.ttf")) - #t)))) + (build-system font-build-system) (home-page (string-append "http://www.cns11643.gov.tw/AIDB/download.do" "?name=%E5%AD%97%E5%9E%8B%E4%B8%8B%E8%BC%89")) @@ -1168,26 +1005,8 @@ designed to work well in user interface environments.") name "-" version ".zip")) (sha256 (base32 - "1frhmw41lnnm9rda2zs202pvfi5vzlrsw4xfp4mswl0qgws61mcd")))) - (build-system trivial-build-system) - (native-inputs - `(("unzip" ,unzip))) - (arguments - `(#:modules ((guix build utils)) - #:builder (begin - (use-modules (guix build utils)) - (let* ((font-dir (string-append %output - "/share/fonts/opentype")) - (source (assoc-ref %build-inputs "source")) - (src-otf-file (string-append "font-awesome-" - ,version - "/fonts/FontAwesome.otf")) - (dest-otf-file (string-append font-dir "/FontAwesome.otf")) - (unzip (assoc-ref %build-inputs "unzip"))) - (setenv "PATH" (string-append unzip "/bin")) - (mkdir-p font-dir) - (system* "unzip" source "-d" ".") - (copy-file src-otf-file dest-otf-file))))) + "1m1rfwm4sjkv10j3xd2dhwk286a5912b2zgvc692cmxi5gxs68jf")))) + (build-system font-build-system) (home-page "http://fontawesome.io") (synopsis "Font that contains a rich iconset") (description @@ -1261,111 +1080,105 @@ later hand-tweaked with the gbdfed(1) editor: (define-public font-comic-neue (package - (name "font-comic-neue") - (version "2.3") - (source (origin - (method url-fetch) - (uri (string-append - "http://www.comicneue.com/comic-neue-" version ".zip")) - (sha256 - (base32 - "1695hkpd8kqnr2a88p8xs496slgzxjjkzpa9aa33ml3pnh7519zk")))) - (build-system trivial-build-system) - (arguments - `(#:modules ((guix build utils)) - #:builder (begin - (use-modules (guix build utils)) - (let ((font-dir (string-append %output - "/share/fonts/truetype")) - (source (assoc-ref %build-inputs "source")) - (unzip (string-append (assoc-ref %build-inputs "unzip") - "/bin/unzip"))) - (mkdir-p font-dir) - (system* unzip source) - (with-directory-excursion - (string-append "Web") - (for-each (lambda (ttf) - (install-file ttf font-dir)) - (find-files "." "\\.ttf$"))))))) - (native-inputs `(("unzip" ,unzip))) - (home-page "http://www.comicneue.com/") - (synopsis "Font that fixes the shortcomings of Comic Sans") - (description - "Comic Neue is a font that attempts to create a respectable casual + (name "font-comic-neue") + (version "2.3") + (source (origin + (method url-fetch/zipbomb) + (uri (string-append + "http://www.comicneue.com/comic-neue-" version ".zip")) + (sha256 + (base32 + "1695hkpd8kqnr2a88p8xs496slgzxjjkzpa9aa33ml3pnh7519zk")))) + (build-system font-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + ;; Delete Mac OS X specific files. If not deleted, these cause + ;; several hidden files to be installed. + (add-before 'install 'delete-macosx-files + (lambda _ + (delete-file-recursively "__MACOSX") + #t)) + (add-after 'install 'install-conf + (lambda* (#:key outputs #:allow-other-keys) + (let ((conf-dir (string-append (assoc-ref outputs "out") + "/share/fontconfig/conf.avail"))) + (mkdir-p conf-dir) + (call-with-output-file + (string-append conf-dir "/30-comic-neue.conf") + (lambda (port) + (format port "<?xml version=\"1.0\"?> +<!DOCTYPE fontconfig SYSTEM \"fonts.dtd\"> +<fontconfig> + <!-- If Comic Sans is missing, use Comic Neue instead. --> + <alias> + <family>Comic Sans MS</family> + <prefer> + <family>Comic Neue</family> + </prefer> + </alias> +</fontconfig>\n")))) + #t))))) + (home-page "http://www.comicneue.com/") + (synopsis "Font that fixes the shortcomings of Comic Sans") + (description + "Comic Neue is a font that attempts to create a respectable casual typeface, by mimicking Comic Sans while fixing its most obvious shortcomings.") - (license license:silofl1.1))) + (license license:silofl1.1))) (define-public font-iosevka (package - (name "font-iosevka") - (version "1.11.0") - (source (origin - (method url-fetch) - (uri (string-append - "https://github.com/be5invis/Iosevka/releases/download/v" - version "/iosevka-pack-" version ".zip")) - (sha256 - (base32 - "0d8prdk7s5z94sdfd0y92cvqq531yqrlg7hnadbnhd7fs9jqr5hj")))) - (build-system trivial-build-system) - (arguments - `(#:modules ((guix build utils)) - #:builder (begin - (use-modules (guix build utils)) - (let ((font-dir (string-append %output - "/share/fonts/truetype")) - (source (assoc-ref %build-inputs "source")) - (unzip (string-append (assoc-ref %build-inputs "unzip") - "/bin/unzip"))) - (mkdir-p font-dir) - (system* unzip "-d" font-dir source))))) - (native-inputs `(("unzip" ,unzip))) - (home-page "https://be5invis.github.io/Iosevka/") - (synopsis "Coders' typeface, built from code") - (description - "Iosevka is a slender monospace sans-serif or slab-serif typeface inspired + (name "font-iosevka") + (version "1.12.5") + (source (origin + (method url-fetch/zipbomb) + (uri (string-append + "https://github.com/be5invis/Iosevka/releases/download/v" + version "/iosevka-pack-" version ".zip")) + (sha256 + (base32 + "0s3g6mk0ngwsrw9h9dqinb50cd9i8zhqdcmmh93fhyf4d87yfwyi")))) + (build-system font-build-system) + (home-page "https://be5invis.github.io/Iosevka/") + (synopsis "Coders' typeface, built from code") + (description + "Iosevka is a slender monospace sans-serif or slab-serif typeface inspired by Pragmata Pro, M+, and PF DIN Mono, designed to be the ideal font for programming. Iosevka is completely generated from its source code.") - (license (list license:silofl1.1 ; build artifacts (i.e. the fonts) - license:bsd-3)))) ; supporting code + (license (list license:silofl1.1 ; build artifacts (i.e. the fonts) + license:bsd-3)))) ; supporting code (define-public font-go - (let ((commit "b7f8df6bc082334698d4505fb85fa05e99156b72") + (let ((commit "f03a046406d4d7fbfd4ed29f554da8f6114049fc") (revision "1")) (package - (name "font-go") - (version (string-append "20161115-" revision "." (string-take commit 7))) - (source (origin - (file-name (string-append "go-image-" version "-checkout")) - (method git-fetch) - (uri (git-reference - (url "https://go.googlesource.com/image") - (commit commit))) - (sha256 - (base32 - "1ywxs6dmcyzwwsmnan3qqza7znprnbvmdi260x6sjmydz6dyq2zs")))) - (build-system trivial-build-system) - (arguments - `(#:modules ((guix build utils)) - #:builder (begin - (use-modules (guix build utils)) - (let ((font-dir (string-append %output - "/share/fonts/truetype")) - (source (assoc-ref %build-inputs "source"))) - (mkdir-p font-dir) - (with-directory-excursion - (string-append source "/font/gofont/ttfs") - (for-each (lambda (ttf) - (install-file ttf font-dir)) - (find-files "." "\\.ttf$"))))))) - (home-page "https://blog.golang.org/go-fonts") - (synopsis "The Go font family") - (description - "The Go font family is a set of WGL4 TrueType fonts from the Bigelow & + (name "font-go") + (version (string-append "20170330-" revision "." (string-take commit 7))) + (source (origin + (file-name (string-append "go-image-" version "-checkout")) + (method git-fetch) + (uri (git-reference + (url "https://go.googlesource.com/image") + (commit commit))) + (sha256 + (base32 + "1aq6mnjayks55gd9ahavk6jfydlq5lm4xm0xk4pd5sqa74p5p74d")))) + (build-system font-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-before 'install 'chdir + (lambda _ + (chdir "font/gofont/ttfs") + #t))))) + (home-page "https://blog.golang.org/go-fonts") + (synopsis "The Go font family") + (description + "The Go font family is a set of WGL4 TrueType fonts from the Bigelow & Holmes type foundry, released under the same license as the Go programming language. It includes a set of proportional, sans-serif fonts, and a set of monospace, slab-serif fonts.") - (license (package-license go-1.4))))) + (license (package-license go-1.4))))) (define-public font-google-material-design-icons (package diff --git a/gnu/packages/game-development.scm b/gnu/packages/game-development.scm index b7bcdee94c..d7f9d2456c 100644 --- a/gnu/packages/game-development.scm +++ b/gnu/packages/game-development.scm @@ -249,6 +249,47 @@ levels.") `(("python2-pathlib" ,python2-pathlib) ,@(package-propagated-inputs python2-tmx)))))) +(define-public python-xsge + (package + (name "python-xsge") + (version "2017.04.10") + (source (origin + (method url-fetch) + (uri (string-append "mirror://savannah/xsge/xsge-" + version ".tar.gz")) + (sha256 + (base32 + "04il5yx0py6kchxxw6ydbbx0wpiyjf9dgkwsdynirpkczlnid3am")))) + (build-system python-build-system) + (arguments + '(#:phases + (modify-phases %standard-phases + ;; xSGE's setup.py script does not support one of the Python build + ;; system's default flags, "--single-version-externally-managed". + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (zero? + (system* "python" "setup.py" "install" + (string-append "--prefix=" (assoc-ref outputs "out")) + "--root=/"))))) + #:tests? #f)) ; no check target + (propagated-inputs + `(("python-sge-pygame" ,python-sge-pygame) + ("python-pygame" ,python-pygame) + ("python-six" ,python-six) + ("python-tmx" ,python-tmx))) + (home-page "http://xsge.nongnu.org") + (synopsis "Extensions for the SGE Game Engine") + (description + "xSGE is a collection of modules that make doing certain tasks with the SGE +Game Engine easier. In addition to SGE's conveniences, the user has access to a +GUI toolkit, lighting and physics frameworks and @code{Tiled} TMX format +support.") + (license license:gpl3+))) + +(define-public python2-xsge + (package-with-python2 python-xsge)) + (define-public tiled (package (name "tiled") diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm index 60d885500c..c1993485bc 100644 --- a/gnu/packages/games.scm +++ b/gnu/packages/games.scm @@ -17,7 +17,7 @@ ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com> ;;; Copyright © 2016, 2017 Rodger Fox <thylakoid@openmailbox.org> ;;; Copyright © 2016 Manolis Fragkiskos Ragkousis <manolis837@gmail.com> -;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net> +;;; Copyright © 2016, 2017 ng0 <ng0@no-reply.pragmatique.xyz> ;;; Copyright © 2016 Albin Söderqvist <albin@fripost.org> ;;; Copyright © 2016, 2017 Kei Kebreau <kei@openmailbox.org> ;;; Copyright © 2016 Alex Griffin <a@ajgrf.com> @@ -30,6 +30,7 @@ ;;; Copyright © 2017 nee <nee-git@hidamari.blue> ;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org> ;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com> +;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -66,6 +67,7 @@ #:use-module (gnu packages avahi) #:use-module (gnu packages boost) #:use-module (gnu packages documentation) + #:use-module (gnu packages docbook) #:use-module (gnu packages fltk) #:use-module (gnu packages fribidi) #:use-module (gnu packages game-development) @@ -1097,7 +1099,7 @@ either by Infocom or created using the Inform compiler.") (define-public retroarch (package (name "retroarch") - (version "1.5.0") + (version "1.6.0") (source (origin (method url-fetch) @@ -1105,7 +1107,7 @@ either by Infocom or created using the Inform compiler.") version ".tar.gz")) (file-name (string-append name "-" version ".tar.gz")) (sha256 - (base32 "1rbdax3i33myg1v938pxy28117ihff2lml1ky6g70c8099fkirjx")))) + (base32 "01h9mswlfjk3zpdxwk1ciy5qkq6xq925gvk6wrh8k066b2wx8f8k")))) (build-system gnu-build-system) (arguments '(#:tests? #f ; no tests @@ -4272,3 +4274,58 @@ at their peak of economic growth and military prowess. license:lgpl3 license:mpl2.0 license:zlib)))) + +;; There have been no official releases. +(define-public open-adventure + (let* ((commit "2483a23690d205f01ecb66165cf4522b541cd991") + (revision "1")) + (package + (name "open-adventure") + (version (string-append "2.5-" revision "." (string-take commit 7))) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://gitlab.com/esr/open-adventure") + (commit commit))) + (file-name (string-append name "-" version "-checkout")) + (sha256 + (base32 + "1gkvkwbq5cl3llfc7nl41van8awn4myx782pg33bxpbx5l9scwb4")))) + (build-system gnu-build-system) + (arguments + `(#:make-flags (list "CC=gcc") + #:parallel-build? #f ; not supported + #:phases + (modify-phases %standard-phases + (delete 'configure) + (add-before 'build 'use-echo + (lambda _ + (substitute* "tests/Makefile" + (("/bin/echo") (which "echo"))) + #t)) + (add-after 'build 'build-manpage + (lambda _ + ;; This target is missing a dependency + (substitute* "Makefile" + ((".asc.6:" line) + (string-append line " advent.txt"))) + (zero? (system* "make" ".asc.6")))) + ;; There is no install target + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin")) + (man (string-append out "/share/man/man6"))) + (install-file "advent" bin) + (install-file "advent.6" man)) + #t))))) + (native-inputs + `(("asciidoc" ,asciidoc))) + (home-page "https://gitlab.com/esr/open-adventure") + (synopsis "Colossal Cave Adventure") + (description "The original Colossal Cave Adventure from 1976 was the +origin of all text adventures, dungeon-crawl (computer) games, and +computer-hosted roleplaying games. This is the last version released by +Crowther & Woods, its original authors, in 1995. It has been known as +\"adventure 2.5\" and \"430-point adventure\".") + (license license:bsd-2)))) diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 45aa80176c..7f7880429a 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -11,7 +11,7 @@ ;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2015, 2016, 2017 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2015 David Thompson <davet@gnu.org> -;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016, 2017 Rene Saavedra <rennes@openmailbox.org> ;;; Copyright © 2016 Jochem Raat <jchmrt@riseup.net> ;;; Copyright © 2016 Kei Kebreau <kei@openmailbox.org> @@ -5437,6 +5437,7 @@ documents and diagrams, playing media, scanning, and much more.") (uri (git-reference (url "git://git.gnome.org/byzanz") (commit commit))) + (file-name (string-append name "-" version "-checkout")) (sha256 (base32 "1l60myzxf9cav27v5v3nsijlslz9r7ip6d5kiirfpkf9k0w26hz3")))) diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm index e901dba2c2..5c04745ff5 100644 --- a/gnu/packages/gnupg.scm +++ b/gnu/packages/gnupg.scm @@ -410,7 +410,7 @@ and every application benefits from this.") (define-public python-gpg (package (name "python-gpg") - (version (package-version gpgme)) + (version "1.8.0") (source (origin (method url-fetch) (uri (pypi-uri "gpg" version)) diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm index 13c5529f9d..70cae6d871 100644 --- a/gnu/packages/golang.scm +++ b/gnu/packages/golang.scm @@ -203,7 +203,7 @@ sequential processes (CSP) concurrent programming features added.") (package (inherit go-1.4) (name "go") - (version "1.8.1") + (version "1.8.3") (source (origin (method url-fetch) @@ -211,7 +211,7 @@ sequential processes (CSP) concurrent programming features added.") name version ".src.tar.gz")) (sha256 (base32 - "0mqf8ydxdx1pwmrs8p8wl5y1qrplzxmxzgb6vkghy4l67z0g9nik")))) + "19lzv4lqixj3v2gjaff0fdbbmgsq5r8lrfd61z2zvp778wjflpaz")))) (arguments (substitute-keyword-arguments (package-arguments go-1.4) ((#:phases phases) @@ -257,8 +257,8 @@ sequential processes (CSP) concurrent programming features added.") "\"-Wl,-rpath=" gcclib "\", \"-lgcc_s\", "))) ;; Disable failing tests: these tests attempt to access - ;; commands or network resources which are neither available or - ;; necessary for the build to succeed. + ;; commands or network resources which are neither available + ;; nor necessary for the build to succeed. (for-each (match-lambda ((file regex) diff --git a/gnu/packages/gsasl.scm b/gnu/packages/gsasl.scm index 17b44d9f4f..727d0f0d52 100644 --- a/gnu/packages/gsasl.scm +++ b/gnu/packages/gsasl.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2012 Andreas Enge <andreas@enge.fr> +;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net> ;;; ;;; This file is part of GNU Guix. ;;; @@ -30,20 +31,21 @@ (define-public libntlm (package - (name "libntlm") - (version "1.3") - (source (origin - (method url-fetch) - (uri (string-append "http://www.nongnu.org/libntlm/releases/libntlm-" version - ".tar.gz")) - (sha256 (base32 - "101pr110ardcj2di940g6vaqifsaxc44h6hjn81l63dvmkj5a6ga")))) - (build-system gnu-build-system) - (synopsis "Library that implements NTLM authentication") - (description - "Libntlm is a library that implements NTLM authentication.") - (license license:lgpl2.1+) - (home-page "http://www.nongnu.org/libntlm/"))) + (name "libntlm") + (version "1.4") + (source (origin + (method url-fetch) + (uri (string-append "http://www.nongnu.org/libntlm/releases/" + "libntlm-" version ".tar.gz")) + (sha256 + (base32 + "129532iiip2cjr5h03bgz184v64v27sfm1r70v3ms4yk65gdf5c4")))) + (build-system gnu-build-system) + (synopsis "Library that implements NTLM authentication") + (description + "Libntlm is a library that implements NTLM authentication.") + (license license:lgpl2.1+) + (home-page "http://www.nongnu.org/libntlm/"))) (define-public gss (package diff --git a/gnu/packages/image-processing.scm b/gnu/packages/image-processing.scm index 1753b926c6..3d34eb2c34 100644 --- a/gnu/packages/image-processing.scm +++ b/gnu/packages/image-processing.scm @@ -1,6 +1,9 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2017 John Darrington <jmd@gnu.org> ;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net> +;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> +;;; Copyright © 2016 Eric Bavier <bavier@member.fsf.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -29,6 +32,8 @@ #:use-module (gnu packages boost) #:use-module (gnu packages compression) #:use-module (gnu packages documentation) + #:use-module (gnu packages fontutils) + #:use-module (gnu packages gl) #:use-module (gnu packages gnome) #:use-module (gnu packages graphics) #:use-module (gnu packages graphviz) @@ -37,7 +42,10 @@ #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) #:use-module (gnu packages python) + #:use-module (gnu packages serialization) + #:use-module (gnu packages xiph) #:use-module (gnu packages xml) + #:use-module (gnu packages xorg) #:use-module (gnu packages vtk)) ;; We use the latest snapshot of this package because the latest release is @@ -128,3 +136,60 @@ is built around a plug-in structure that makes it easy to add functionality without compromising the original code base and it makes use of a wide variety of external libraries that provide additional functionality.") (license license:gpl3+))) + +(define-public vtk + (package + (name "vtk") + (version "7.1.0") + (source (origin + (method url-fetch) + (uri (string-append "http://www.vtk.org/files/release/" + (version-major+minor version) + "/VTK-" version ".tar.gz")) + (sha256 + (base32 + "0yj96z58haan77gzilnqp7xpf8hg5jk11a3jx55p2ksd400s0gjz")))) + (build-system cmake-build-system) + (arguments + '(#:build-type "Release" ;Build without '-g' to save space. + ;; -DVTK_USE_SYSTEM_NETCDF:BOOL=TRUE requires netcdf_cxx + #:configure-flags '("-DVTK_USE_SYSTEM_EXPAT:BOOL=TRUE" + "-DVTK_USE_SYSTEM_FREETYPE:BOOL=TRUE" + "-DVTK_USE_SYSTEM_HDF5:BOOL=TRUE" + "-DVTK_USE_SYSTEM_JPEG:BOOL=TRUE" + "-DVTK_USE_SYSTEM_JSONCPP:BOOL=TRUE" + "-DVTK_USE_SYSTEM_LIBXML2:BOOL=TRUE" + "-DVTK_USE_SYSTEM_OGGTHEORA:BOOL=TRUE" + "-DVTK_USE_SYSTEM_PNG:BOOL=TRUE" + "-DVTK_USE_SYSTEM_TIFF:BOOL=TRUE" + "-DVTK_USE_SYSTEM_ZLIB:BOOL=TRUE") + #:tests? #f)) ;XXX: no "test" target + (inputs + `(("libXt" ,libxt) + ("xproto" ,xproto) + ("libX11" ,libx11) + ("libxml2" ,libxml2) + ("mesa" ,mesa) + ("glu" ,glu) + ("expat" ,expat) + ("freetype" ,freetype) + ("hdf5" ,hdf5) + ("jpeg" ,libjpeg) + ("jsoncpp" ,jsoncpp) + ("libogg" ,libogg) + ("libtheora" ,libtheora) + ("png" ,libpng) + ("tiff" ,libtiff) + ("zlib" ,zlib))) + (home-page "http://www.vtk.org/") + (synopsis "Libraries for 3D computer graphics") + (description + "The Visualization Toolkit (VTK) is a C++ library for 3D computer graphics, +image processing and visualization. It supports a wide variety of +visualization algorithms including: scalar, vector, tensor, texture, and +volumetric methods; and advanced modeling techniques such as: implicit +modeling, polygon reduction, mesh smoothing, cutting, contouring, and Delaunay +triangulation. VTK has an extensive information visualization framework, has +a suite of 3D interaction widgets, supports parallel processing, and +integrates with various databases on GUI toolkits such as Qt and Tk.") + (license license:bsd-3))) diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 326834907d..da05c64545 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2013, 2017 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2013, 2015, 2016 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2014, 2015 Alex Kost <alezost@gmail.com> @@ -336,33 +336,14 @@ extracting icontainer icon files.") (define-public libtiff (package (name "libtiff") - (version "4.0.7") + (version "4.0.8") (source (origin (method url-fetch) (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-" version ".tar.gz")) - (patches (search-patches "libtiff-heap-overflow-tiffcp.patch" - "libtiff-null-dereference.patch" - "libtiff-heap-overflow-tif-dirread.patch" - "libtiff-heap-overflow-pixarlog-luv.patch" - "libtiff-divide-by-zero.patch" - "libtiff-divide-by-zero-ojpeg.patch" - "libtiff-tiffcp-underflow.patch" - "libtiff-invalid-read.patch" - "libtiff-CVE-2016-10092.patch" - "libtiff-heap-overflow-tiffcrop.patch" - "libtiff-divide-by-zero-tiffcrop.patch" - "libtiff-CVE-2016-10093.patch" - "libtiff-divide-by-zero-tiffcp.patch" - "libtiff-assertion-failure.patch" - "libtiff-CVE-2016-10094.patch" - "libtiff-CVE-2017-5225.patch" - "libtiff-CVE-2017-7593.patch" - "libtiff-CVE-2017-7594.patch" - "libtiff-multiple-UBSAN-crashes.patch")) (sha256 (base32 - "06ghqhr4db1ssq0acyyz49gr8k41gzw6pqb6mbn5r7jqp77s4hwz")))) + "0419mh6kkhz5fkyl77gv0in8x4d2jpdpfs147y8mj86rrjlabmsr")))) (build-system gnu-build-system) (outputs '("out" "doc")) ;1.3 MiB of HTML documentation @@ -941,15 +922,15 @@ convert, manipulate, filter and display a wide variety of image formats.") (define-public jasper (package (name "jasper") - (version "2.0.12") + (version "2.0.13") (source (origin (method url-fetch) - (uri (string-append "https://www.ece.uvic.ca/~frodo/jasper" - "/software/jasper-" version ".tar.gz")) + (uri (string-append "https://github.com/mdadams/jasper/archive/" + "version-" version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1njdbxv7d4anzrd476wjww2qsi96dd8vfnp4hri0srrqxpszl92v")) - (patches (search-patches "jasper-CVE-2017-6850.patch")))) + "090cyqcvqp4y12nc57gvcbrk3ap1rnnixd4qj90sx0pw3fs1615m")))) (build-system cmake-build-system) (inputs `(("libjpeg" ,libjpeg))) (synopsis "JPEG-2000 library") diff --git a/gnu/packages/imagemagick.scm b/gnu/packages/imagemagick.scm index bde3ebe402..5928b30e00 100644 --- a/gnu/packages/imagemagick.scm +++ b/gnu/packages/imagemagick.scm @@ -163,7 +163,7 @@ script.") (define-public graphicsmagick (let ((changeset "6156b4c2992d855ece6079653b3b93c3229fc4b8") ; fix CVE-2017-6335 - (revision "2")) + (revision "3")) (package (name "graphicsmagick") (version (string-append "1.3.25-" revision "." @@ -180,7 +180,19 @@ script.") ;; "/GraphicsMagick-" version ".tar.xz")) (sha256 (base32 - "08yfsn8mrqkwpax43vv1crfr55rcf004wwpzsinr5c6m0asqr08b")))) + "08yfsn8mrqkwpax43vv1crfr55rcf004wwpzsinr5c6m0asqr08b")) + (modules '((guix build utils))) + (snippet + ;; Remove bundled software. This reduces the size of the built + ;; source checkout from 177 MiB to 49 MiB. This should not be + ;; necessary when using the GraphicsMagick release tarball, + ;; because these files are not distributed there. + '(for-each delete-file-recursively '("bzlib" "dcraw" "hp2xx" + "jbig" "jp2" "jpeg" + "lcms" "libxml" "png" + "ralcgm" "tiff" "ttf" + "webp" "wmf" "xlib" + "zlib"))))) (build-system gnu-build-system) (arguments `(#:configure-flags diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm index b422a1effe..9a129b8d91 100644 --- a/gnu/packages/java.scm +++ b/gnu/packages/java.scm @@ -640,11 +640,16 @@ the standard javac executable. The tool runs on JamVM instead of SableVM."))) (base32 "1v2rww76ww322mpg3s12a1kkc6gkp31bm9gcxs532h0wq285fiw4")))) (arguments - `(#:configure-flags + `(#:make-flags + ;; Ensure that the initial heap size is smaller than the maximum + ;; size. By default only Xmx is set, which can lead to invalid + ;; memory settings on some machines with a lot of memory. + '("JAVAC_MEM_OPT=-J-Xms512M -J-Xmx768M") + #:configure-flags (list (string-append "--with-ecj-jar=" (assoc-ref %build-inputs "ecj-bootstrap") "/share/java/ecj-bootstrap.jar") - (string-append "JAVAC=" + (string-append "--with-javac=" (assoc-ref %build-inputs "ecj-javac-wrapper") "/bin/javac") (string-append "JAVA=" diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index e3b7a8c5e1..5a3490fdf1 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -24,6 +24,7 @@ ;;; Copyright © 2017 Gábor Boskovits <boskovits@gmail.com> ;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com> ;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org> +;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -47,6 +48,7 @@ #:use-module (gnu packages algebra) #:use-module (gnu packages attr) #:use-module (gnu packages autotools) + #:use-module (gnu packages backup) #:use-module (gnu packages base) #:use-module (gnu packages bash) #:use-module (gnu packages bison) @@ -377,8 +379,8 @@ It has been modified to remove all non-free binary blobs.") #:configuration-file kernel-config)) (define-public linux-libre-4.1 - (make-linux-libre "4.1.39" - "06pb3zpkfkc7pb7yh537vvzn8i9nhqyx58kqxv0wq23b4hhpza7d" + (make-linux-libre "4.1.40" + "0ygc5qaxwd4yxyzyq6qya9w111q24xqzxd33x73pmg3hr7asvy4x" %intel-compatible-systems #:configuration-file kernel-config #:patches @@ -1605,6 +1607,31 @@ up: on the server side there's nothing to do; on the client side mounting the file system is as easy as logging into the server with an SSH client.") (license license:gpl2+))) +(define-public archivemount + (package + (name "archivemount") + (version "0.8.7") + (source + (origin + (method url-fetch) + (uri (string-append "http://www.cybernoia.de/software/archivemount/" + "archivemount-" version ".tar.gz")) + (sha256 + (base32 + "1diiw6pnlnrnikn6l5ld92dx59lhrxjlqms8885vwbynsjl5q127")))) + (build-system gnu-build-system) + (inputs `(("fuse", fuse) + ("libarchive", libarchive))) + (native-inputs `(("pkg-config", pkg-config))) + (home-page "http://www.cybernoia.de/software/archivemount") + (synopsis "Tool for mounting archive files with FUSE") + (description "archivemount is a FUSE-based file system for Unix variants, +including Linux. Its purpose is to mount archives (i.e. tar, tar.gz, etc.) to a +mount point where it can be read from or written to as with any other file +system. This makes accessing the contents of the archive, which may be +compressed, transparent to other programs, without decompressing them.") + (license license:lgpl2.0+))) + (define-public numactl (package (name "numactl") @@ -3362,14 +3389,14 @@ the default @code{nsswitch} and the experimental @code{umich_ldap}.") (define-public mcelog (package (name "mcelog") - (version "151") + (version "152") (source (origin (method url-fetch) (uri (string-append "https://git.kernel.org/cgit/utils/cpu/mce/" "mcelog.git/snapshot/v" version ".tar.gz")) (sha256 (base32 - "1cgfdlz51hv2zbph00ylzm8z94gv8wakx7dva1pa4jcl3hnq0dh5")) + "0df1kbiw1pl84l6b9g515lpk5a81hmy8r27yakr4hrmi2vwzdfh6")) (file-name (string-append name "-" version ".tar.gz")) (modules '((guix build utils))) (snippet diff --git a/gnu/packages/lisp.scm b/gnu/packages/lisp.scm index 64acc75e59..e92ae2ebfe 100644 --- a/gnu/packages/lisp.scm +++ b/gnu/packages/lisp.scm @@ -881,6 +881,16 @@ from other CLXes around the net.") (define-public ecl-clx (sbcl-package->ecl-package sbcl-clx)) +(define-public sbcl-cl-ppcre-unicode + (package (inherit sbcl-cl-ppcre) + (name "sbcl-cl-ppcre-unicode") + (arguments + `(#:tests? #f ; tests fail with "Component :CL-PPCRE-TEST not found" + #:asd-file "cl-ppcre-unicode.asd")) + (inputs + `(("sbcl-cl-ppcre" ,sbcl-cl-ppcre) + ("sbcl-cl-unicode" ,sbcl-cl-unicode))))) + (define-public sbcl-stumpwm (package (name "sbcl-stumpwm") @@ -1216,3 +1226,165 @@ multiple inspectors with independent history.") (delete 'create-asd-file) (delete 'cleanup) (delete 'create-symlinks))))))) + +(define-public sbcl-parse-js + (let ((commit "fbadc6029bec7039602abfc06c73bb52970998f6") + (revision "1")) + (package + (name "sbcl-parse-js") + (version (string-append "0.0.0-" revision "." (string-take commit 9))) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "http://marijn.haverbeke.nl/git/parse-js") + (commit commit))) + (file-name (string-append name "-" commit "-checkout")) + (sha256 + (base32 + "1wddrnr5kiya5s3gp4cdq6crbfy9fqcz7fr44p81502sj3bvdv39")))) + (build-system asdf-build-system/sbcl) + (home-page "http://marijnhaverbeke.nl/parse-js/") + (synopsis "Parse JavaScript") + (description "Parse-js is a Common Lisp package for parsing +JavaScript (ECMAScript 3). It has basic support for ECMAScript 5.") + (license license:zlib)))) + +(define-public sbcl-parse-number + (package + (name "sbcl-parse-number") + (version "1.5") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/sharplispers/parse-number/" + "archive/v" version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "1k6s4v65ksc1j5i0dprvzfvj213v6nah7i0rgd0726ngfjisj9ir")))) + (build-system asdf-build-system/sbcl) + (home-page "http://www.cliki.net/PARSE-NUMBER") + (synopsis "Parse numbers") + (description "@code{parse-number} is a library of functions for parsing +strings into one of the standard Common Lisp number types without using the +reader. @code{parse-number} accepts an arbitrary string and attempts to parse +the string into one of the standard Common Lisp number types, if possible, or +else @code{parse-number} signals an error of type @code{invalid-number}.") + (license license:bsd-3))) + +(define-public sbcl-iterate + (package + (name "sbcl-iterate") + ;; The latest official release (1.4.3) fails to build so we have to take + ;; the current darcs tarball from quicklisp. + (version "20160825") + (source + (origin + (method url-fetch) + (uri (string-append "http://beta.quicklisp.org/archive/iterate/" + "2016-08-25/iterate-" + version "-darcs.tgz")) + (sha256 + (base32 + "0kvz16gnxnkdz0fy1x8y5yr28nfm7i2qpvix7mgwccdpjmsb4pgm")))) + (build-system asdf-build-system/sbcl) + (home-page "https://common-lisp.net/project/iterate/") + (synopsis "Iteration construct for Common Lisp") + (description "@code{iterate} is an iteration construct for Common Lisp. +It is similar to the @code{CL:LOOP} macro, with these distinguishing marks: + +@itemize +@item it is extensible, +@item it helps editors like Emacs indent iterate forms by having a more + lisp-like syntax, and +@item it isn't part of the ANSI standard for Common Lisp. +@end itemize\n") + (license license:expat))) + +(define-public sbcl-cl-uglify-js + ;; There have been many bug fixes since the 2010 release. + (let ((commit "429c5e1d844e2f96b44db8fccc92d6e8e28afdd5") + (revision "1")) + (package + (name "sbcl-cl-uglify-js") + (version (string-append "0.1-" revision "." (string-take commit 9))) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/mishoo/cl-uglify-js.git") + (commit commit))) + (sha256 + (base32 + "0k39y3c93jgxpr7gwz7w0d8yknn1fdnxrjhd03057lvk5w8js27a")))) + (build-system asdf-build-system/sbcl) + (inputs + `(("sbcl-parse-js" ,sbcl-parse-js) + ("sbcl-cl-ppcre" ,sbcl-cl-ppcre) + ("sbcl-cl-ppcre-unicode" ,sbcl-cl-ppcre-unicode) + ("sbcl-parse-number" ,sbcl-parse-number) + ("sbcl-iterate" ,sbcl-iterate))) + (home-page "https://github.com/mishoo/cl-uglify-js") + (synopsis "JavaScript compressor library for Common Lisp") + (description "This is a Common Lisp version of UglifyJS, a JavaScript +compressor. It works on data produced by @code{parse-js} to generate a +@dfn{minified} version of the code. Currently it can: + +@itemize +@item reduce variable names (usually to single letters) +@item join consecutive @code{var} statements +@item resolve simple binary expressions +@item group most consecutive statements using the ``sequence'' operator (comma) +@item remove unnecessary blocks +@item convert @code{IF} expressions in various ways that result in smaller code +@item remove some unreachable code +@end itemize\n") + (license license:zlib)))) + +(define-public uglify-js + (package + (inherit sbcl-cl-uglify-js) + (name "uglify-js") + (build-system trivial-build-system) + (arguments + `(#:modules ((guix build utils)) + #:builder + (let* ((bin (string-append (assoc-ref %outputs "out") "/bin/")) + (script (string-append bin "uglify-js"))) + (use-modules (guix build utils)) + (mkdir-p bin) + (with-output-to-file script + (lambda _ + (format #t "#!~a/bin/sbcl --script + (require :asdf) + (push (truename \"~a/lib/sbcl\") asdf:*central-registry*)" + (assoc-ref %build-inputs "sbcl") + (assoc-ref %build-inputs "sbcl-cl-uglify-js")) + ;; FIXME: cannot use progn here because otherwise it fails to + ;; find cl-uglify-js. + (for-each + write + '(;; Quiet, please! + (let ((*standard-output* (make-broadcast-stream)) + (*error-output* (make-broadcast-stream))) + (asdf:load-system :cl-uglify-js)) + (let ((file (cadr *posix-argv*))) + (if file + (format t "~a" + (cl-uglify-js:ast-gen-code + (cl-uglify-js:ast-mangle + (cl-uglify-js:ast-squeeze + (with-open-file (in file) + (parse-js:parse-js in)))) + :beautify nil)) + (progn + (format *error-output* + "Please provide a JavaScript file.~%") + (sb-ext:exit :code 1)))))))) + (chmod script #o755) + #t))) + (inputs + `(("sbcl" ,sbcl) + ("sbcl-cl-uglify-js" ,sbcl-cl-uglify-js))) + (synopsis "JavaScript compressor"))) diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index b4dfef6ec0..9cb88fdee0 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -225,14 +225,14 @@ aliasing facilities to work just as they would on normal mail.") (define-public mutt (package (name "mutt") - (version "1.8.2") + (version "1.8.3") (source (origin (method url-fetch) (uri (string-append "https://bitbucket.org/mutt/mutt/downloads/" "mutt-" version ".tar.gz")) (sha256 (base32 - "0dgjjryp1ggbc6ivy9cfz5jl3gnbahb6d6hcwn7c7wk5npqpn18x")) + "0hpd896mw630sd6ps60hpka8cg691nvr627n8kmabv7zcxnp90cv")) (patches (search-patches "mutt-store-references.patch")))) (build-system gnu-build-system) (inputs @@ -265,7 +265,7 @@ operating systems.") (package (inherit mutt) (name "neomutt") - (version "20170428") + (version "20170602") (source (origin (method url-fetch) @@ -273,7 +273,7 @@ operating systems.") "/archive/" name "-" version ".tar.gz")) (sha256 (base32 - "01nkq0lyxcs0pk2i3rvzplg8bi1ga7kcm6hfh6r6w2qjzdm0q466")))) + "1kzhkz8bdqbdh5b6pzqb6ikp8d3nsic906b5pkmi6qlaga32yxjk")))) (inputs `(("cyrus-sasl" ,cyrus-sasl) ("gdbm" ,gdbm) @@ -421,7 +421,7 @@ and corrections. It is based on a Bayesian filter.") (define-public offlineimap (package (name "offlineimap") - (version "7.1.0") + (version "7.1.1") (source (origin (method url-fetch) (uri (string-append "https://github.com/OfflineIMAP/offlineimap/" @@ -429,7 +429,7 @@ and corrections. It is based on a Bayesian filter.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1r0sbgwyirpbks82ri9g88raf3mp8shq9rg0r92gkr7h6888v6fw")))) + "00xpxh0pxcvv3mjgb3vq3x51v498dhqcaixyb3a4srmfgskzh956")))) (build-system python-build-system) (native-inputs `(("asciidoc" ,asciidoc))) @@ -672,14 +672,14 @@ invoking @command{notifymuch} from the post-new hook.") (define-public notmuch (package (name "notmuch") - (version "0.24.1") + (version "0.24.2") (source (origin (method url-fetch) (uri (string-append "https://notmuchmail.org/releases/notmuch-" version ".tar.gz")) (sha256 (base32 - "18rw0rim6zxhnr2nggial029x4raaxqcgf9klfbdhv89qvi7s4gs")))) + "0lfchvapk11qazdgsxj42igp9mpp83zbd0h1jj6r3ifmhikajxma")))) (build-system gnu-build-system) (arguments '(#:make-flags (list "V=1") ; Verbose test output. @@ -1089,7 +1089,7 @@ facilities for checking incoming mail.") (define-public dovecot (package (name "dovecot") - (version "2.2.29.1") + (version "2.2.30.1") (source (origin (method url-fetch) @@ -1097,7 +1097,7 @@ facilities for checking incoming mail.") (version-major+minor version) "/" name "-" version ".tar.gz")) (sha256 (base32 - "127kn3fgmahw9fvgz2w3zaghq98ip4j8640wqa3rw7mrgvxrzync")))) + "1943n0b9zcwvymslai9qmdmnfy47zdnqjwkql586imycyx4xnjch")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) diff --git a/gnu/packages/messaging.scm b/gnu/packages/messaging.scm index c22d3d4dc8..425a7c4c23 100644 --- a/gnu/packages/messaging.scm +++ b/gnu/packages/messaging.scm @@ -490,6 +490,8 @@ was initially a fork of xmpppy, but uses non-blocking sockets.") (uri (string-append "https://gajim.org/downloads/" (version-major+minor version) "/gajim-" version ".tar.bz2")) + (patches + (search-patches "gajim-CVE-2016-10376.patch")) (sha256 (base32 "13sxz0hpvyj2yvcbsfqq9yn0hp1d1zsxsj40r0v16jlibha5da9n")))) diff --git a/gnu/packages/openldap.scm b/gnu/packages/openldap.scm index 987719492f..24bf603c44 100644 --- a/gnu/packages/openldap.scm +++ b/gnu/packages/openldap.scm @@ -31,6 +31,7 @@ #:use-module (gnu packages linux) #:use-module (gnu packages python) #:use-module (gnu packages tls) + #:use-module (gnu packages) #:use-module ((guix licenses) #:select (openldap2.8 lgpl2.1+)) #:use-module (guix packages) #:use-module (guix download) @@ -39,6 +40,7 @@ (define-public openldap (package (name "openldap") + (replacement openldap/fixed) (version "2.4.44") (source (origin (method url-fetch) @@ -79,6 +81,14 @@ (license openldap2.8) (home-page "http://www.openldap.org/"))) +(define openldap/fixed + (package + (inherit openldap) + (source + (origin + (inherit (package-source openldap)) + (patches (search-patches "openldap-CVE-2017-9287.patch")))))) + (define-public nss-pam-ldapd (package (name "nss-pam-ldapd") diff --git a/gnu/packages/parallel.scm b/gnu/packages/parallel.scm index 66b67eac6d..c1f962a4b6 100644 --- a/gnu/packages/parallel.scm +++ b/gnu/packages/parallel.scm @@ -45,7 +45,7 @@ (define-public parallel (package (name "parallel") - (version "20170422") + (version "20170522") (source (origin (method url-fetch) @@ -53,7 +53,7 @@ version ".tar.bz2")) (sha256 (base32 - "0afk1q8mqzz02h6imyykgi9gwk5gj08hzs6lwgd65ilj4slkh93s")))) + "1k5wlcc0dr2fxna0vi48s0l6pvbyl4pbclbih4103f1155im23ca")))) (build-system gnu-build-system) (arguments `(#:phases diff --git a/gnu/packages/patches/gajim-CVE-2016-10376.patch b/gnu/packages/patches/gajim-CVE-2016-10376.patch new file mode 100644 index 0000000000..591dd1af21 --- /dev/null +++ b/gnu/packages/patches/gajim-CVE-2016-10376.patch @@ -0,0 +1,57 @@ +Fix CVE-2016-10376. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10376 +http://seclists.org/oss-sec/2017/q2/341 +https://dev.gajim.org/gajim/gajim/issues/8378 + +Patch copied from upstream source repository: + +https://dev.gajim.org/gajim/gajim/commit/cb65cfc5aed9efe05208ebbb7fb2d41fcf7253cc + +(adapted for context in config.py) + +From cb65cfc5aed9efe05208ebbb7fb2d41fcf7253cc Mon Sep 17 00:00:00 2001 +From: Philipp Hörist <forenjunkie@chello.at> +Date: Fri, 26 May 2017 23:10:05 +0200 +Subject: [PATCH] Add config option to activate XEP-0146 commands + +Some of the Commands have security implications, thats why we disable them per default +Fixes #8378 +--- + src/common/commands.py | 7 ++++--- + src/common/config.py | 1 + + 2 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/src/common/commands.py b/src/common/commands.py +index 19d8c13..0eeb57c 100644 +--- a/src/common/commands.py ++++ b/src/common/commands.py +@@ -345,9 +345,10 @@ class ConnectionCommands: + def __init__(self): + # a list of all commands exposed: node -> command class + self.__commands = {} +- for cmdobj in (ChangeStatusCommand, ForwardMessagesCommand, +- LeaveGroupchatsCommand, FwdMsgThenDisconnectCommand): +- self.__commands[cmdobj.commandnode] = cmdobj ++ if gajim.config.get('remote_commands'): ++ for cmdobj in (ChangeStatusCommand, ForwardMessagesCommand, ++ LeaveGroupchatsCommand, FwdMsgThenDisconnectCommand): ++ self.__commands[cmdobj.commandnode] = cmdobj + + # a list of sessions; keys are tuples (jid, sessionid, node) + self.__sessions = {} +diff --git a/src/common/config.py b/src/common/config.py +index cde1f81..fe25455 100644 +--- a/src/common/config.py ++++ b/src/common/config.py +@@ -314,6 +314,7 @@ class Config: + 'ignore_incoming_attention': [opt_bool, False, _('If True, Gajim will ignore incoming attention requestd ("wizz").')], + 'remember_opened_chat_controls': [ opt_bool, True, _('If enabled, Gajim will reopen chat windows that were opened last time Gajim was closed.')], + 'positive_184_ack': [ opt_bool, False, _('If enabled, Gajim will show an icon to show that sent message has been received by your contact')], ++ 'remote_commands': [opt_bool, False, _('If True, Gajim will execute XEP-0146 Commands.')], + }, {}) + + __options_per_key = { +-- +libgit2 0.24.0 + diff --git a/gnu/packages/patches/jasper-CVE-2017-6850.patch b/gnu/packages/patches/jasper-CVE-2017-6850.patch deleted file mode 100644 index 07672762a1..0000000000 --- a/gnu/packages/patches/jasper-CVE-2017-6850.patch +++ /dev/null @@ -1,284 +0,0 @@ -This patch is from upstream and should be fixed included in the next release - -From e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d Mon Sep 17 00:00:00 2001 -From: Michael Adams <mdadams@ece.uvic.ca> -Date: Sat, 4 Mar 2017 14:43:24 -0800 -Subject: [PATCH] Fixed bugs due to uninitialized data in the JP2 decoder. - Also, added some comments marking I/O stream interfaces that probably need to - be changed (in the long term) to fix integer overflow problems. - ---- - src/libjasper/base/jas_stream.c | 18 +++++++++++++++++ - src/libjasper/jp2/jp2_cod.c | 44 ++++++++++++++++++++++++++++------------- - 2 files changed, 48 insertions(+), 14 deletions(-) - -diff --git a/src/libjasper/base/jas_stream.c b/src/libjasper/base/jas_stream.c -index 327ee57..d70408f 100644 ---- a/src/libjasper/base/jas_stream.c -+++ b/src/libjasper/base/jas_stream.c -@@ -664,6 +664,7 @@ int jas_stream_ungetc(jas_stream_t *stream, int c) - return 0; - } - -+/* FIXME integral type */ - int jas_stream_read(jas_stream_t *stream, void *buf, int cnt) - { - int n; -@@ -690,6 +691,7 @@ int jas_stream_read(jas_stream_t *stream, void *buf, int cnt) - return n; - } - -+/* FIXME integral type */ - int jas_stream_write(jas_stream_t *stream, const void *buf, int cnt) - { - int n; -@@ -742,6 +744,7 @@ int jas_stream_puts(jas_stream_t *stream, const char *s) - return 0; - } - -+/* FIXME integral type */ - char *jas_stream_gets(jas_stream_t *stream, char *buf, int bufsize) - { - int c; -@@ -765,6 +768,7 @@ char *jas_stream_gets(jas_stream_t *stream, char *buf, int bufsize) - return buf; - } - -+/* FIXME integral type */ - int jas_stream_gobble(jas_stream_t *stream, int n) - { - int m; -@@ -783,6 +787,7 @@ int jas_stream_gobble(jas_stream_t *stream, int n) - return n; - } - -+/* FIXME integral type */ - int jas_stream_pad(jas_stream_t *stream, int n, int c) - { - int m; -@@ -885,6 +890,7 @@ long jas_stream_tell(jas_stream_t *stream) - * Buffer initialization code. - \******************************************************************************/ - -+/* FIXME integral type */ - static void jas_stream_initbuf(jas_stream_t *stream, int bufmode, char *buf, - int bufsize) - { -@@ -1060,6 +1066,7 @@ static int jas_strtoopenmode(const char *s) - return openmode; - } - -+/* FIXME integral type */ - int jas_stream_copy(jas_stream_t *out, jas_stream_t *in, int n) - { - int all; -@@ -1085,6 +1092,7 @@ int jas_stream_copy(jas_stream_t *out, jas_stream_t *in, int n) - return 0; - } - -+/* FIXME integral type */ - long jas_stream_setrwcount(jas_stream_t *stream, long rwcnt) - { - int old; -@@ -1094,6 +1102,7 @@ long jas_stream_setrwcount(jas_stream_t *stream, long rwcnt) - return old; - } - -+/* FIXME integral type */ - int jas_stream_display(jas_stream_t *stream, FILE *fp, int n) - { - unsigned char buf[16]; -@@ -1168,6 +1177,7 @@ long jas_stream_length(jas_stream_t *stream) - * Memory stream object. - \******************************************************************************/ - -+/* FIXME integral type */ - static int mem_read(jas_stream_obj_t *obj, char *buf, int cnt) - { - ssize_t n; -@@ -1209,6 +1219,7 @@ static int mem_resize(jas_stream_memobj_t *m, size_t bufsize) - return 0; - } - -+/* FIXME integral type */ - static int mem_write(jas_stream_obj_t *obj, char *buf, int cnt) - { - size_t n; -@@ -1264,6 +1275,7 @@ static int mem_write(jas_stream_obj_t *obj, char *buf, int cnt) - return ret; - } - -+/* FIXME integral type */ - static long mem_seek(jas_stream_obj_t *obj, long offset, int origin) - { - jas_stream_memobj_t *m = (jas_stream_memobj_t *)obj; -@@ -1310,6 +1322,7 @@ static int mem_close(jas_stream_obj_t *obj) - * File stream object. - \******************************************************************************/ - -+/* FIXME integral type */ - static int file_read(jas_stream_obj_t *obj, char *buf, int cnt) - { - jas_stream_fileobj_t *fileobj; -@@ -1318,6 +1331,7 @@ static int file_read(jas_stream_obj_t *obj, char *buf, int cnt) - return read(fileobj->fd, buf, cnt); - } - -+/* FIXME integral type */ - static int file_write(jas_stream_obj_t *obj, char *buf, int cnt) - { - jas_stream_fileobj_t *fileobj; -@@ -1326,6 +1340,7 @@ static int file_write(jas_stream_obj_t *obj, char *buf, int cnt) - return write(fileobj->fd, buf, cnt); - } - -+/* FIXME integral type */ - static long file_seek(jas_stream_obj_t *obj, long offset, int origin) - { - jas_stream_fileobj_t *fileobj; -@@ -1352,6 +1367,7 @@ static int file_close(jas_stream_obj_t *obj) - * Stdio file stream object. - \******************************************************************************/ - -+/* FIXME integral type */ - static int sfile_read(jas_stream_obj_t *obj, char *buf, int cnt) - { - FILE *fp; -@@ -1367,6 +1383,7 @@ static int sfile_read(jas_stream_obj_t *obj, char *buf, int cnt) - return result; - } - -+/* FIXME integral type */ - static int sfile_write(jas_stream_obj_t *obj, char *buf, int cnt) - { - FILE *fp; -@@ -1377,6 +1394,7 @@ static int sfile_write(jas_stream_obj_t *obj, char *buf, int cnt) - return (n != JAS_CAST(size_t, cnt)) ? (-1) : cnt; - } - -+/* FIXME integral type */ - static long sfile_seek(jas_stream_obj_t *obj, long offset, int origin) - { - FILE *fp; -diff --git a/src/libjasper/jp2/jp2_cod.c b/src/libjasper/jp2/jp2_cod.c -index 7f3608a..8d98a2c 100644 ---- a/src/libjasper/jp2/jp2_cod.c -+++ b/src/libjasper/jp2/jp2_cod.c -@@ -183,15 +183,28 @@ jp2_boxinfo_t jp2_boxinfo_unk = { - * Box constructor. - \******************************************************************************/ - --jp2_box_t *jp2_box_create(int type) -+jp2_box_t *jp2_box_create0() - { - jp2_box_t *box; -- jp2_boxinfo_t *boxinfo; -- - if (!(box = jas_malloc(sizeof(jp2_box_t)))) { - return 0; - } - memset(box, 0, sizeof(jp2_box_t)); -+ box->type = 0; -+ box->len = 0; -+ // Mark the box data as never having been constructed -+ // so that we will not errantly attempt to destroy it later. -+ box->ops = &jp2_boxinfo_unk.ops; -+ return box; -+} -+ -+jp2_box_t *jp2_box_create(int type) -+{ -+ jp2_box_t *box; -+ jp2_boxinfo_t *boxinfo; -+ if (!(box = jp2_box_create0())) { -+ return 0; -+ } - box->type = type; - box->len = 0; - if (!(boxinfo = jp2_boxinfolookup(type))) { -@@ -248,14 +261,9 @@ jp2_box_t *jp2_box_get(jas_stream_t *in) - box = 0; - tmpstream = 0; - -- if (!(box = jas_malloc(sizeof(jp2_box_t)))) { -+ if (!(box = jp2_box_create0())) { - goto error; - } -- -- // Mark the box data as never having been constructed -- // so that we will not errantly attempt to destroy it later. -- box->ops = &jp2_boxinfo_unk.ops; -- - if (jp2_getuint32(in, &len) || jp2_getuint32(in, &box->type)) { - goto error; - } -@@ -263,10 +271,12 @@ jp2_box_t *jp2_box_get(jas_stream_t *in) - box->info = boxinfo; - box->len = len; - JAS_DBGLOG(10, ( -- "preliminary processing of JP2 box: type=%c%s%c (0x%08x); length=%d\n", -+ "preliminary processing of JP2 box: " -+ "type=%c%s%c (0x%08x); length=%"PRIuFAST32"\n", - '"', boxinfo->name, '"', box->type, box->len - )); - if (box->len == 1) { -+ JAS_DBGLOG(10, ("big length\n")); - if (jp2_getuint64(in, &extlen)) { - goto error; - } -@@ -382,6 +392,7 @@ static int jp2_bpcc_getdata(jp2_box_t *box, jas_stream_t *in) - { - jp2_bpcc_t *bpcc = &box->data.bpcc; - unsigned int i; -+ bpcc->bpcs = 0; - bpcc->numcmpts = box->datalen; - if (!(bpcc->bpcs = jas_alloc2(bpcc->numcmpts, sizeof(uint_fast8_t)))) { - return -1; -@@ -462,6 +473,7 @@ static int jp2_cdef_getdata(jp2_box_t *box, jas_stream_t *in) - jp2_cdef_t *cdef = &box->data.cdef; - jp2_cdefchan_t *chan; - unsigned int channo; -+ cdef->ents = 0; - if (jp2_getuint16(in, &cdef->numchans)) { - return -1; - } -@@ -518,7 +530,9 @@ int jp2_box_put(jp2_box_t *box, jas_stream_t *out) - } - - if (dataflag) { -- if (jas_stream_copy(out, tmpstream, box->len - JP2_BOX_HDRLEN(false))) { -+ if (jas_stream_copy(out, tmpstream, box->len - -+ JP2_BOX_HDRLEN(false))) { -+ jas_eprintf("cannot copy box data\n"); - goto error; - } - jas_stream_close(tmpstream); -@@ -777,6 +791,7 @@ static int jp2_cmap_getdata(jp2_box_t *box, jas_stream_t *in) - jp2_cmap_t *cmap = &box->data.cmap; - jp2_cmapent_t *ent; - unsigned int i; -+ cmap->ents = 0; - - cmap->numchans = (box->datalen) / 4; - if (!(cmap->ents = jas_alloc2(cmap->numchans, sizeof(jp2_cmapent_t)))) { -@@ -835,6 +850,7 @@ static int jp2_pclr_getdata(jp2_box_t *box, jas_stream_t *in) - int_fast32_t x; - - pclr->lutdata = 0; -+ pclr->bpc = 0; - - if (jp2_getuint16(in, &pclr->numlutents) || - jp2_getuint8(in, &pclr->numchans)) { -@@ -869,9 +885,9 @@ static int jp2_pclr_putdata(jp2_box_t *box, jas_stream_t *out) - #if 0 - jp2_pclr_t *pclr = &box->data.pclr; - #endif --/* Eliminate warning about unused variable. */ --box = 0; --out = 0; -+ /* Eliminate warning about unused variable. */ -+ box = 0; -+ out = 0; - return -1; - } - diff --git a/gnu/packages/patches/libtiff-CVE-2016-10092.patch b/gnu/packages/patches/libtiff-CVE-2016-10092.patch deleted file mode 100644 index d5fd796169..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-10092.patch +++ /dev/null @@ -1,42 +0,0 @@ -Fix CVE-2016-10092: - -http://bugzilla.maptools.org/show_bug.cgi?id=2620 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092 -https://security-tracker.debian.org/tracker/CVE-2016-10092 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcrop.c: fix readContigStripsIntoBuffer() in -i (ignore) - mode so that the output buffer is correctly incremented to avoid write - outside bounds. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2620 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1178; previous revision: 1.1177 -/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c -new revision: 1.47; previous revision: 1.46 - -Index: libtiff/tools/tiffcrop.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v -retrieving revision 1.46 -retrieving revision 1.47 -diff -u -r1.46 -r1.47 ---- libtiff/tools/tiffcrop.c 18 Nov 2016 14:58:46 -0000 1.46 -+++ libtiff/tools/tiffcrop.c 3 Dec 2016 11:35:56 -0000 1.47 -@@ -1,4 +1,4 @@ --/* $Id: tiffcrop.c,v 1.46 2016-11-18 14:58:46 erouault Exp $ */ -+/* $Id: tiffcrop.c,v 1.47 2016-12-03 11:35:56 erouault Exp $ */ - - /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of - * the image data through additional options listed below -@@ -3698,7 +3698,7 @@ - (unsigned long) strip, (unsigned long)rows); - return 0; - } -- bufp += bytes_read; -+ bufp += stripsize; - } - - return 1; diff --git a/gnu/packages/patches/libtiff-CVE-2016-10093.patch b/gnu/packages/patches/libtiff-CVE-2016-10093.patch deleted file mode 100644 index 5897ec1029..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-10093.patch +++ /dev/null @@ -1,53 +0,0 @@ -Fix CVE-2016-10093: - -http://bugzilla.maptools.org/show_bug.cgi?id=2610 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093 -https://security-tracker.debian.org/tracker/CVE-2016-10093 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: fix uint32 underflow/overflow that can cause - heap-based buffer overflow. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2610 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1187; previous revision: 1.1186 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.59; previous revision: 1.58 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.58 -retrieving revision 1.59 -diff -u -r1.58 -r1.59 ---- libtiff/tools/tiffcp.c 3 Dec 2016 15:44:15 -0000 1.58 -+++ libtiff/tools/tiffcp.c 3 Dec 2016 16:40:01 -0000 1.59 -@@ -1163,7 +1163,7 @@ - - static void - cpStripToTile(uint8* out, uint8* in, -- uint32 rows, uint32 cols, int outskew, int inskew) -+ uint32 rows, uint32 cols, int outskew, int64 inskew) - { - while (rows-- > 0) { - uint32 j = cols; -@@ -1320,7 +1320,7 @@ - tdata_t tilebuf; - uint32 imagew = TIFFScanlineSize(in); - uint32 tilew = TIFFTileRowSize(in); -- int iskew = imagew - tilew; -+ int64 iskew = (int64)imagew - (int64)tilew; - uint8* bufp = (uint8*) buf; - uint32 tw, tl; - uint32 row; -@@ -1348,7 +1348,7 @@ - status = 0; - goto done; - } -- if (colb + tilew > imagew) { -+ if (colb > iskew) { - uint32 width = imagew - colb; - uint32 oskew = tilew - width; - cpStripToTile(bufp + colb, diff --git a/gnu/packages/patches/libtiff-CVE-2016-10094.patch b/gnu/packages/patches/libtiff-CVE-2016-10094.patch deleted file mode 100644 index 9018773565..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-10094.patch +++ /dev/null @@ -1,34 +0,0 @@ -Fix CVE-2016-10094: - -http://bugzilla.maptools.org/show_bug.cgi?id=2640 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094 -https://security-tracker.debian.org/tracker/CVE-2016-10094 - -2016-12-20 Even Rouault <even.rouault at spatialys.com> - - * tools/tiff2pdf.c: avoid potential heap-based overflow in - t2p_readwrite_pdf_image_tile(). - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2640 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1199; previous revision: 1.1198 -/cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v <-- tools/tiff2pdf.c -new revision: 1.101; previous revision: 1.100 - -Index: libtiff/tools/tiff2pdf.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v -retrieving revision 1.100 -retrieving revision 1.101 -diff -u -r1.100 -r1.101 ---- libtiff/tools/tiff2pdf.c 20 Dec 2016 17:24:35 -0000 1.100 -+++ libtiff/tools/tiff2pdf.c 20 Dec 2016 17:28:17 -0000 1.101 -@@ -2895,7 +2895,7 @@ - return(0); - } - if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) { -- if (count >= 4) { -+ if (count > 4) { - int retTIFFReadRawTile; - /* Ignore EOI marker of JpegTables */ - _TIFFmemcpy(buffer, jpt, count - 2); diff --git a/gnu/packages/patches/libtiff-CVE-2017-5225.patch b/gnu/packages/patches/libtiff-CVE-2017-5225.patch deleted file mode 100644 index 3158b49360..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2017-5225.patch +++ /dev/null @@ -1,86 +0,0 @@ -Fix CVE-2017-5225 (Heap based buffer overflow in tools/tiffcp): - -http://bugzilla.maptools.org/show_bug.cgi?id=2656 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225 -https://security-tracker.debian.org/tracker/CVE-2017-5225 - -2017-01-11 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: error out cleanly in cpContig2SeparateByRow and - cpSeparate2ContigByRow if BitsPerSample != 8 to avoid heap based -overflow. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2656 and - http://bugzilla.maptools.org/show_bug.cgi?id=2657 - - -less C/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1210; previous revision: 1.1209 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.61; previous revision: 1.60 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.60 -retrieving revision 1.61 -diff -u -r1.60 -r1.61 ---- libtiff/tools/tiffcp.c 3 Dec 2016 16:50:02 -0000 1.60 -+++ libtiff/tools/tiffcp.c 11 Jan 2017 19:26:14 -0000 1.61 -#@@ -1,4 +1,4 @@ -#-/* $Id: tiffcp.c,v 1.60 2016-12-03 16:50:02 erouault Exp $ */ -#+/* $Id: tiffcp.c,v 1.61 2017-01-11 19:26:14 erouault Exp $ */ -# -# /* -# * Copyright (c) 1988-1997 Sam Leffler -@@ -591,7 +591,7 @@ - static int - tiffcp(TIFF* in, TIFF* out) - { -- uint16 bitspersample, samplesperpixel = 1; -+ uint16 bitspersample = 1, samplesperpixel = 1; - uint16 input_compression, input_photometric = PHOTOMETRIC_MINISBLACK; - copyFunc cf; - uint32 width, length; -@@ -1067,6 +1067,16 @@ - register uint32 n; - uint32 row; - tsample_t s; -+ uint16 bps = 0; -+ -+ (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps); -+ if( bps != 8 ) -+ { -+ TIFFError(TIFFFileName(in), -+ "Error, can only handle BitsPerSample=8 in %s", -+ "cpContig2SeparateByRow"); -+ return 0; -+ } - - inbuf = _TIFFmalloc(scanlinesizein); - outbuf = _TIFFmalloc(scanlinesizeout); -@@ -1120,6 +1130,16 @@ - register uint32 n; - uint32 row; - tsample_t s; -+ uint16 bps = 0; -+ -+ (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps); -+ if( bps != 8 ) -+ { -+ TIFFError(TIFFFileName(in), -+ "Error, can only handle BitsPerSample=8 in %s", -+ "cpSeparate2ContigByRow"); -+ return 0; -+ } - - inbuf = _TIFFmalloc(scanlinesizein); - outbuf = _TIFFmalloc(scanlinesizeout); -@@ -1784,7 +1804,7 @@ - uint32 w, l, tw, tl; - int bychunk; - -- (void) TIFFGetField(in, TIFFTAG_PLANARCONFIG, &shortv); -+ (void) TIFFGetFieldDefaulted(in, TIFFTAG_PLANARCONFIG, &shortv); - if (shortv != config && bitspersample != 8 && samplesperpixel > 1) { - fprintf(stderr, - "%s: Cannot handle different planar configuration w/ bits/sample != 8\n", diff --git a/gnu/packages/patches/libtiff-CVE-2017-7593.patch b/gnu/packages/patches/libtiff-CVE-2017-7593.patch deleted file mode 100644 index 496efb73b9..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2017-7593.patch +++ /dev/null @@ -1,113 +0,0 @@ -Fixes CVE-2017-7593 (Potential uninitialized-memory access from tif_rawdata): - -http://bugzilla.maptools.org/show_bug.cgi?id=2651 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593 -https://security-tracker.debian.org/tracker/CVE-2017-7593 - -2017-01-11 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tiffio.h, tif_unix.c, tif_win32.c, tif_vms.c: add - _TIFFcalloc() - - * libtiff/tif_read.c: TIFFReadBufferSetup(): use _TIFFcalloc() to zero - initialize tif_rawdata. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2651 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1208; previous revision: 1.1207 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v <-- libtiff/tif_read.c -new revision: 1.53; previous revision: 1.52 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_unix.c,v <-- libtiff/tif_unix.c -new revision: 1.28; previous revision: 1.27 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_vms.c,v <-- libtiff/tif_vms.c -new revision: 1.14; previous revision: 1.13 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_win32.c,v <-- libtiff/tif_win32.c -new revision: 1.42; previous revision: 1.41 -/cvs/maptools/cvsroot/libtiff/libtiff/tiffio.h,v <-- libtiff/tiffio.h -new revision: 1.94; previous revision: 1.93 - -diff -ru tiff-4.0.7/libtiff/tiffio.h tiff-4.0.7.new/libtiff/tiffio.h ---- tiff-4.0.7/libtiff/tiffio.h 1969-12-31 19:00:00.000000000 -0500 -+++ tiff-4.0.7.new/libtiff/tiffio.h 2017-05-05 19:08:03.772999790 -0400 -@@ -1,4 +1,4 @@ --/* $Id: tiffio.h,v 1.92 2016-01-23 21:20:34 erouault Exp $ */ -+/* $Id: tiffio.h,v 1.94 2017-01-11 19:02:49 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -293,6 +293,7 @@ - */ - - extern void* _TIFFmalloc(tmsize_t s); -+extern void* _TIFFcalloc(tmsize_t nmemb, tmsize_t siz); - extern void* _TIFFrealloc(void* p, tmsize_t s); - extern void _TIFFmemset(void* p, int v, tmsize_t c); - extern void _TIFFmemcpy(void* d, const void* s, tmsize_t c); -diff -ru tiff-4.0.7/libtiff/tif_read.c tiff-4.0.7.new/libtiff/tif_read.c ---- tiff-4.0.7/libtiff/tif_read.c 2017-05-05 19:04:09.740966642 -0400 -+++ tiff-4.0.7.new/libtiff/tif_read.c 2017-05-05 18:59:11.070709441 -0400 -@@ -1,4 +1,4 @@ --/* $Id: tif_read.c,v 1.50 2016-12-02 21:56:56 erouault Exp $ */ -+/* $Id: tif_read.c,v 1.53 2017-01-11 19:02:49 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -976,7 +976,9 @@ - "Invalid buffer size"); - return (0); - } -- tif->tif_rawdata = (uint8*) _TIFFmalloc(tif->tif_rawdatasize); -+ /* Initialize to zero to avoid uninitialized buffers in case of */ -+ /* short reads (http://bugzilla.maptools.org/show_bug.cgi?id=2651) */ -+ tif->tif_rawdata = (uint8*) _TIFFcalloc(1, tif->tif_rawdatasize); - tif->tif_flags |= TIFF_MYBUFFER; - } - if (tif->tif_rawdata == NULL) { -diff -ru tiff-4.0.7/libtiff/tif_unix.c tiff-4.0.7.new/libtiff/tif_unix.c ---- tiff-4.0.7/libtiff/tif_unix.c 1969-12-31 19:00:00.000000000 -0500 -+++ tiff-4.0.7.new/libtiff/tif_unix.c 2017-05-05 19:10:48.302645187 -0400 -@@ -1,4 +1,4 @@ --/* $Id: tif_unix.c,v 1.27 2015-08-19 02:31:04 bfriesen Exp $ */ -+/* $Id: tif_unix.c,v 1.28 2017-01-11 19:02:49 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -316,6 +316,14 @@ - return (malloc((size_t) s)); - } - -+void* _TIFFcalloc(tmsize_t nmemb, tmsize_t siz) -+{ -+ if( nmemb == 0 || siz == 0 ) -+ return ((void *) NULL); -+ -+ return calloc((size_t) nmemb, (size_t)siz); -+} -+ - void - _TIFFfree(void* p) - { -diff -ru tiff-4.0.7/libtiff/tif_win32.c tiff-4.0.7.new/libtiff/tif_win32.c ---- tiff-4.0.7/libtiff/tif_win32.c 1969-12-31 19:00:00.000000000 -0500 -+++ tiff-4.0.7.new/libtiff/tif_win32.c 2017-05-05 19:13:06.903399627 -0400 -@@ -1,4 +1,4 @@ --/* $Id: tif_win32.c,v 1.41 2015-08-23 20:12:44 bfriesen Exp $ */ -+/* $Id: tif_win32.c,v 1.42 2017-01-11 19:02:49 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -360,6 +360,14 @@ - return (malloc((size_t) s)); - } - -+void* _TIFFcalloc(tmsize_t nmemb, tmsize_t siz) -+{ -+ if( nmemb == 0 || siz == 0 ) -+ return ((void *) NULL); -+ -+ return calloc((size_t) nmemb, (size_t)siz); -+} -+ - void - _TIFFfree(void* p) - { diff --git a/gnu/packages/patches/libtiff-CVE-2017-7594.patch b/gnu/packages/patches/libtiff-CVE-2017-7594.patch deleted file mode 100644 index d17997d447..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2017-7594.patch +++ /dev/null @@ -1,54 +0,0 @@ -Fixes CVE-2017-7594 (Direct leak in tif_ojpeg.c): - -http://bugzilla.maptools.org/show_bug.cgi?id=2659 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594 -https://security-tracker.debian.org/tracker/CVE-2017-7594 - -2017-01-12 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_ojpeg.c: fix leak in OJPEGReadHeaderInfoSecTablesAcTable - when read fails. - Patch by Nicolás Peña. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2659 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1212; previous revision: 1.1211 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v <-- libtiff/tif_ojpeg.c -new revision: 1.67; previous revision: 1.66 - -Index: libtiff/libtiff/tif_ojpeg.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v -retrieving revision 1.67 -retrieving revision 1.68 -diff -u -r1.67 -r1.68 ---- libtiff/libtiff/tif_ojpeg.c 12 Jan 2017 17:43:26 -0000 1.67 -+++ libtiff/libtiff/tif_ojpeg.c 12 Jan 2017 19:23:20 -0000 1.68 -@@ -1,4 +1,4 @@ --/* $Id: tif_ojpeg.c,v 1.66 2016-12-03 11:15:18 erouault Exp $ */ -+/* $Id: tif_ojpeg.c,v 1.68 2017-01-12 19:23:20 erouault Exp $ */ - - /* WARNING: The type of JPEG encapsulation defined by the TIFF Version 6.0 - specification is now totally obsolete and deprecated for new applications and -@@ -1790,7 +1790,10 @@ - TIFFSeekFile(tif,sp->qtable_offset[m],SEEK_SET); - p=(uint32)TIFFReadFile(tif,&ob[sizeof(uint32)+5],64); - if (p!=64) -+ { -+ _TIFFfree(ob); - return(0); -+ } - sp->qtable[m]=ob; - sp->sof_tq[m]=m; - } -@@ -1854,7 +1857,10 @@ - rb[sizeof(uint32)+5+n]=o[n]; - p=(uint32)TIFFReadFile(tif,&(rb[sizeof(uint32)+21]),q); - if (p!=q) -+ { -+ _TIFFfree(rb); - return(0); -+ } - sp->dctable[m]=rb; - sp->sos_tda[m]=(m<<4); - } diff --git a/gnu/packages/patches/libtiff-assertion-failure.patch b/gnu/packages/patches/libtiff-assertion-failure.patch deleted file mode 100644 index ef747fbdd7..0000000000 --- a/gnu/packages/patches/libtiff-assertion-failure.patch +++ /dev/null @@ -1,60 +0,0 @@ -Fix assertion failure in readSeparateTilesIntoBuffer(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2605 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: replace assert( (bps % 8) == 0 ) by a non assert -check. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2605 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1188; previous revision: 1.1187 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.60; previous revision: 1.59 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.59 -retrieving revision 1.60 -diff -u -r1.59 -r1.60 ---- libtiff/tools/tiffcp.c 3 Dec 2016 16:40:01 -0000 1.59 -+++ libtiff/tools/tiffcp.c 3 Dec 2016 16:50:02 -0000 1.60 -@@ -45,7 +45,6 @@ - #include <string.h> - - #include <ctype.h> --#include <assert.h> - - #ifdef HAVE_UNISTD_H - # include <unistd.h> -@@ -1393,7 +1392,12 @@ - status = 0; - goto done; - } -- assert( bps % 8 == 0 ); -+ if( (bps % 8) != 0 ) -+ { -+ TIFFError(TIFFFileName(in), "Error, cannot handle BitsPerSample that is not a multiple of 8"); -+ status = 0; -+ goto done; -+ } - bytes_per_sample = bps/8; - - for (row = 0; row < imagelength; row += tl) { -@@ -1584,7 +1588,12 @@ - _TIFFfree(obuf); - return 0; - } -- assert( bps % 8 == 0 ); -+ if( (bps % 8) != 0 ) -+ { -+ TIFFError(TIFFFileName(out), "Error, cannot handle BitsPerSample that is not a multiple of 8"); -+ _TIFFfree(obuf); -+ return 0; -+ } - bytes_per_sample = bps/8; - - for (row = 0; row < imagelength; row += tl) { diff --git a/gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch b/gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch deleted file mode 100644 index 2a96b68521..0000000000 --- a/gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch +++ /dev/null @@ -1,63 +0,0 @@ -Fix divide-by-zero in OJPEGDecodeRaw(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2611 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_ojpeg.c: make OJPEGDecode() early exit in case of failure -in - OJPEGPreDecode(). This will avoid a divide by zero, and potential other -issues. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2611 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1177; previous revision: 1.1176 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v <-- libtiff/tif_ojpeg.c -new revision: 1.66; previous revision: 1.65 - -Index: libtiff/libtiff/tif_ojpeg.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v -retrieving revision 1.65 -retrieving revision 1.66 -diff -u -r1.65 -r1.66 ---- libtiff/libtiff/tif_ojpeg.c 4 Sep 2016 21:32:56 -0000 1.65 -+++ libtiff/libtiff/tif_ojpeg.c 3 Dec 2016 11:15:18 -0000 1.66 -@@ -1,4 +1,4 @@ --/* $Id: tif_ojpeg.c,v 1.65 2016-09-04 21:32:56 erouault Exp $ */ -+/* $Id: tif_ojpeg.c,v 1.66 2016-12-03 11:15:18 erouault Exp $ */ - - /* WARNING: The type of JPEG encapsulation defined by the TIFF Version 6.0 - specification is now totally obsolete and deprecated for new applications and -@@ -244,6 +244,7 @@ - - typedef struct { - TIFF* tif; -+ int decoder_ok; - #ifndef LIBJPEG_ENCAP_EXTERNAL - JMP_BUF exit_jmpbuf; - #endif -@@ -722,6 +723,7 @@ - } - sp->write_curstrile++; - } -+ sp->decoder_ok = 1; - return(1); - } - -@@ -784,8 +786,14 @@ - static int - OJPEGDecode(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s) - { -+ static const char module[]="OJPEGDecode"; - OJPEGState* sp=(OJPEGState*)tif->tif_data; - (void)s; -+ if( !sp->decoder_ok ) -+ { -+ TIFFErrorExt(tif->tif_clientdata,module,"Cannot decode: decoder not correctly initialized"); -+ return 0; -+ } - if (sp->libjpeg_jpeg_query_style==0) - { - if (OJPEGDecodeRaw(tif,buf,cc)==0) diff --git a/gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch b/gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch deleted file mode 100644 index d3f1c2b60e..0000000000 --- a/gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch +++ /dev/null @@ -1,104 +0,0 @@ -Fix two divide-by-zero bugs in readSeparateTilesIntoBuffer(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2597 -http://bugzilla.maptools.org/show_bug.cgi?id=2607 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: avoid potential division by zero is BitsPerSamples -tag is - missing. - Reported by Agostino sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2597 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1183; previous revision: 1.1182 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.57; previous revision: 1.56 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.56 -retrieving revision 1.57 -diff -u -r1.56 -r1.57 ---- libtiff/tools/tiffcp.c 2 Dec 2016 22:13:32 -0000 1.56 -+++ libtiff/tools/tiffcp.c 3 Dec 2016 14:42:40 -0000 1.57 -@@ -1,4 +1,4 @@ --/* $Id: tiffcp.c,v 1.56 2016-12-02 22:13:32 erouault Exp $ */ -+/* $Id: tiffcp.c,v 1.57 2016-12-03 14:42:40 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -1378,7 +1378,7 @@ - uint8* bufp = (uint8*) buf; - uint32 tw, tl; - uint32 row; -- uint16 bps, bytes_per_sample; -+ uint16 bps = 0, bytes_per_sample; - - tilebuf = _TIFFmalloc(tilesize); - if (tilebuf == 0) -@@ -1387,6 +1387,12 @@ - (void) TIFFGetField(in, TIFFTAG_TILEWIDTH, &tw); - (void) TIFFGetField(in, TIFFTAG_TILELENGTH, &tl); - (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps); -+ if( bps == 0 ) -+ { -+ TIFFError(TIFFFileName(in), "Error, cannot read BitsPerSample"); -+ status = 0; -+ goto done; -+ } - assert( bps % 8 == 0 ); - bytes_per_sample = bps/8; - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: avoid potential division by zero is BitsPerSamples -tag is - missing. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2607 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1186; previous revision: 1.1185 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.58; previous revision: 1.57 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.57 -retrieving revision 1.58 -diff -u -r1.57 -r1.58 ---- libtiff/tools/tiffcp.c 3 Dec 2016 14:42:40 -0000 1.57 -+++ libtiff/tools/tiffcp.c 3 Dec 2016 15:44:15 -0000 1.58 -@@ -1,4 +1,4 @@ --/* $Id: tiffcp.c,v 1.57 2016-12-03 14:42:40 erouault Exp $ */ -+/* $Id: tiffcp.c,v 1.58 2016-12-03 15:44:15 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -1569,7 +1569,7 @@ - uint8* bufp = (uint8*) buf; - uint32 tl, tw; - uint32 row; -- uint16 bps, bytes_per_sample; -+ uint16 bps = 0, bytes_per_sample; - - obuf = _TIFFmalloc(TIFFTileSize(out)); - if (obuf == NULL) -@@ -1578,6 +1578,12 @@ - (void) TIFFGetField(out, TIFFTAG_TILELENGTH, &tl); - (void) TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw); - (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); -+ if( bps == 0 ) -+ { -+ TIFFError(TIFFFileName(out), "Error, cannot read BitsPerSample"); -+ _TIFFfree(obuf); -+ return 0; -+ } - assert( bps % 8 == 0 ); - bytes_per_sample = bps/8; - diff --git a/gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch b/gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch deleted file mode 100644 index 823293f1cf..0000000000 --- a/gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch +++ /dev/null @@ -1,57 +0,0 @@ -Fix divide-by-zero in readSeparateStripsIntoBuffer(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2619 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcrop.c: fix integer division by zero when BitsPerSample is -missing. - Reported by Agostina Sarubo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2619 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1180; previous revision: 1.1179 -/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c -new revision: 1.49; previous revision: 1.48 - -Index: libtiff/tools/tiffcrop.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v -retrieving revision 1.48 -retrieving revision 1.49 -diff -u -r1.48 -r1.49 ---- libtiff/tools/tiffcrop.c 3 Dec 2016 12:19:32 -0000 1.48 -+++ libtiff/tools/tiffcrop.c 3 Dec 2016 13:00:04 -0000 1.49 -@@ -1,4 +1,4 @@ --/* $Id: tiffcrop.c,v 1.48 2016-12-03 12:19:32 erouault Exp $ */ -+/* $Id: tiffcrop.c,v 1.49 2016-12-03 13:00:04 erouault Exp $ */ - - /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of - * the image data through additional options listed below -@@ -1164,7 +1164,7 @@ - tdata_t obuf; - - (void) TIFFGetFieldDefaulted(out, TIFFTAG_ROWSPERSTRIP, &rowsperstrip); -- (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); -+ (void) TIFFGetFieldDefaulted(out, TIFFTAG_BITSPERSAMPLE, &bps); - bytes_per_sample = (bps + 7) / 8; - if( width == 0 || - (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / width || -@@ -4760,7 +4760,7 @@ - int i, bytes_per_sample, bytes_per_pixel, shift_width, result = 1; - uint32 j; - int32 bytes_read = 0; -- uint16 bps, planar; -+ uint16 bps = 0, planar; - uint32 nstrips; - uint32 strips_per_sample; - uint32 src_rowsize, dst_rowsize, rows_processed, rps; -@@ -4780,7 +4780,7 @@ - } - - memset (srcbuffs, '\0', sizeof(srcbuffs)); -- TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps); -+ TIFFGetFieldDefaulted(in, TIFFTAG_BITSPERSAMPLE, &bps); - TIFFGetFieldDefaulted(in, TIFFTAG_PLANARCONFIG, &planar); - TIFFGetFieldDefaulted(in, TIFFTAG_ROWSPERSTRIP, &rps); - if (rps > length) diff --git a/gnu/packages/patches/libtiff-divide-by-zero.patch b/gnu/packages/patches/libtiff-divide-by-zero.patch deleted file mode 100644 index 6dbd4666cd..0000000000 --- a/gnu/packages/patches/libtiff-divide-by-zero.patch +++ /dev/null @@ -1,67 +0,0 @@ -Fix an integer overflow in TIFFReadEncodedStrip() that led to division-by-zero: - -http://bugzilla.maptools.org/show_bug.cgi?id=2596 - -2016-12-02 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_read.c, libtiff/tiffiop.h: fix uint32 overflow in - TIFFReadEncodedStrip() that caused an integer division by zero. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2596 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1173; previous revision: 1.1172 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v <-- libtiff/tif_read.c -new revision: 1.50; previous revision: 1.49 -/cvs/maptools/cvsroot/libtiff/libtiff/tiffiop.h,v <-- libtiff/tiffiop.h -new revision: 1.90; previous revision: 1.89 - -Index: libtiff/libtiff/tif_read.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v -retrieving revision 1.49 -retrieving revision 1.50 -diff -u -r1.49 -r1.50 ---- libtiff/libtiff/tif_read.c 10 Jul 2016 18:00:21 -0000 1.49 -+++ libtiff/libtiff/tif_read.c 2 Dec 2016 21:56:56 -0000 1.50 -@@ -1,4 +1,4 @@ --/* $Id: tif_read.c,v 1.49 2016-07-10 18:00:21 erouault Exp $ */ -+/* $Id: tif_read.c,v 1.50 2016-12-02 21:56:56 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -346,7 +346,7 @@ - rowsperstrip=td->td_rowsperstrip; - if (rowsperstrip>td->td_imagelength) - rowsperstrip=td->td_imagelength; -- stripsperplane=((td->td_imagelength+rowsperstrip-1)/rowsperstrip); -+ stripsperplane= TIFFhowmany_32_maxuint_compat(td->td_imagelength, rowsperstrip); - stripinplane=(strip%stripsperplane); - plane=(uint16)(strip/stripsperplane); - rows=td->td_imagelength-stripinplane*rowsperstrip; -Index: libtiff/libtiff/tiffiop.h -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tiffiop.h,v -retrieving revision 1.89 -retrieving revision 1.90 -diff -u -r1.89 -r1.90 ---- libtiff/libtiff/tiffiop.h 23 Jan 2016 21:20:34 -0000 1.89 -+++ libtiff/libtiff/tiffiop.h 2 Dec 2016 21:56:56 -0000 1.90 -@@ -1,4 +1,4 @@ --/* $Id: tiffiop.h,v 1.89 2016-01-23 21:20:34 erouault Exp $ */ -+/* $Id: tiffiop.h,v 1.90 2016-12-02 21:56:56 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -250,6 +250,10 @@ - #define TIFFhowmany_32(x, y) (((uint32)x < (0xffffffff - (uint32)(y-1))) ? \ - ((((uint32)(x))+(((uint32)(y))-1))/((uint32)(y))) : \ - 0U) -+/* Variant of TIFFhowmany_32() that doesn't return 0 if x close to MAXUINT. */ -+/* Caution: TIFFhowmany_32_maxuint_compat(x,y)*y might overflow */ -+#define TIFFhowmany_32_maxuint_compat(x, y) \ -+ (((uint32)(x) / (uint32)(y)) + ((((uint32)(x) % (uint32)(y)) != 0) ? 1 : 0)) - #define TIFFhowmany8_32(x) (((x)&0x07)?((uint32)(x)>>3)+1:(uint32)(x)>>3) - #define TIFFroundup_32(x, y) (TIFFhowmany_32(x,y)*(y)) - #define TIFFhowmany_64(x, y) ((((uint64)(x))+(((uint64)(y))-1))/((uint64)(y))) diff --git a/gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch b/gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch deleted file mode 100644 index 2d5e23586d..0000000000 --- a/gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch +++ /dev/null @@ -1,131 +0,0 @@ -Fix heap-based buffer overflow in _TIFFmemcpy(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2604 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_pixarlog.c, libtiff/tif_luv.c: fix heap-based buffer - overflow on generation of PixarLog / LUV compressed files, with - ColorMap, TransferFunction attached and nasty plays with bitspersample. - The fix for LUV has not been tested, but suffers from the same kind - of issue of PixarLog. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2604 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1175; previous revision: 1.1174 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_luv.c,v <-- libtiff/tif_luv.c -new revision: 1.44; previous revision: 1.43 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v <-- -libtiff/tif_pixarlog.c -new revision: 1.49; previous revision: 1.48 - -Index: libtiff/libtiff/tif_luv.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_luv.c,v -retrieving revision 1.43 -retrieving revision 1.44 -diff -u -r1.43 -r1.44 ---- libtiff/libtiff/tif_luv.c 4 Sep 2016 21:32:56 -0000 1.43 -+++ libtiff/libtiff/tif_luv.c 2 Dec 2016 23:05:51 -0000 1.44 -@@ -1,4 +1,4 @@ --/* $Id: tif_luv.c,v 1.43 2016-09-04 21:32:56 erouault Exp $ */ -+/* $Id: tif_luv.c,v 1.44 2016-12-02 23:05:51 erouault Exp $ */ - - /* - * Copyright (c) 1997 Greg Ward Larson -@@ -158,6 +158,7 @@ - typedef struct logLuvState LogLuvState; - - struct logLuvState { -+ int encoder_state; /* 1 if encoder correctly initialized */ - int user_datafmt; /* user data format */ - int encode_meth; /* encoding method */ - int pixel_size; /* bytes per pixel */ -@@ -1552,6 +1553,7 @@ - td->td_photometric, "must be either LogLUV or LogL"); - break; - } -+ sp->encoder_state = 1; - return (1); - notsupported: - TIFFErrorExt(tif->tif_clientdata, module, -@@ -1563,19 +1565,27 @@ - static void - LogLuvClose(TIFF* tif) - { -+ LogLuvState* sp = (LogLuvState*) tif->tif_data; - TIFFDirectory *td = &tif->tif_dir; - -+ assert(sp != 0); - /* - * For consistency, we always want to write out the same - * bitspersample and sampleformat for our TIFF file, - * regardless of the data format being used by the application. - * Since this routine is called after tags have been set but - * before they have been recorded in the file, we reset them here. -+ * Note: this is really a nasty approach. See PixarLogClose - */ -- td->td_samplesperpixel = -- (td->td_photometric == PHOTOMETRIC_LOGL) ? 1 : 3; -- td->td_bitspersample = 16; -- td->td_sampleformat = SAMPLEFORMAT_INT; -+ if( sp->encoder_state ) -+ { -+ /* See PixarLogClose. Might avoid issues with tags whose size depends -+ * on those below, but not completely sure this is enough. */ -+ td->td_samplesperpixel = -+ (td->td_photometric == PHOTOMETRIC_LOGL) ? 1 : 3; -+ td->td_bitspersample = 16; -+ td->td_sampleformat = SAMPLEFORMAT_INT; -+ } - } - - static void -Index: libtiff/libtiff/tif_pixarlog.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v -retrieving revision 1.48 -retrieving revision 1.49 -diff -u -r1.48 -r1.49 ---- libtiff/libtiff/tif_pixarlog.c 23 Sep 2016 22:12:18 -0000 1.48 -+++ libtiff/libtiff/tif_pixarlog.c 2 Dec 2016 23:05:51 -0000 1.49 -@@ -1,4 +1,4 @@ --/* $Id: tif_pixarlog.c,v 1.48 2016-09-23 22:12:18 erouault Exp $ */ -+/* $Id: tif_pixarlog.c,v 1.49 2016-12-02 23:05:51 erouault Exp $ */ - - /* - * Copyright (c) 1996-1997 Sam Leffler -@@ -1233,8 +1233,10 @@ - static void - PixarLogClose(TIFF* tif) - { -+ PixarLogState* sp = (PixarLogState*) tif->tif_data; - TIFFDirectory *td = &tif->tif_dir; - -+ assert(sp != 0); - /* In a really sneaky (and really incorrect, and untruthful, and - * troublesome, and error-prone) maneuver that completely goes against - * the spirit of TIFF, and breaks TIFF, on close, we covertly -@@ -1243,8 +1245,19 @@ - * readers that don't know about PixarLog, or how to set - * the PIXARLOGDATFMT pseudo-tag. - */ -- td->td_bitspersample = 8; -- td->td_sampleformat = SAMPLEFORMAT_UINT; -+ -+ if (sp->state&PLSTATE_INIT) { -+ /* We test the state to avoid an issue such as in -+ * http://bugzilla.maptools.org/show_bug.cgi?id=2604 -+ * What appends in that case is that the bitspersample is 1 and -+ * a TransferFunction is set. The size of the TransferFunction -+ * depends on 1<<bitspersample. So if we increase it, an access -+ * out of the buffer will happen at directory flushing. -+ * Another option would be to clear those targs. -+ */ -+ td->td_bitspersample = 8; -+ td->td_sampleformat = SAMPLEFORMAT_UINT; -+ } - } - - static void diff --git a/gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch b/gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch deleted file mode 100644 index 68889b121b..0000000000 --- a/gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch +++ /dev/null @@ -1,132 +0,0 @@ -Fix heap-based buffer overflow in TIFFFillStrip(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2608 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_dirread.c: modify ChopUpSingleUncompressedStrip() to - instanciate compute ntrips as TIFFhowmany_32(td->td_imagelength, -rowsperstrip), - instead of a logic based on the total size of data. Which is faulty is - the total size of data is not sufficient to fill the whole image, and -thus - results in reading outside of the StripByCounts/StripOffsets arrays -when - using TIFFReadScanline(). - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2608. - - * libtiff/tif_strip.c: revert the change in TIFFNumberOfStrips() done - for http://bugzilla.maptools.org/show_bug.cgi?id=2587 / CVE-2016-9273 -since - the above change is a better fix that makes it unnecessary. - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1176; previous revision: 1.1175 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- -libtiff/tif_dirread.c -new revision: 1.205; previous revision: 1.204 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v <-- libtiff/tif_strip.c -new revision: 1.38; previous revision: 1.37 - -Index: libtiff/libtiff/tif_dirread.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v -retrieving revision 1.204 -retrieving revision 1.205 -diff -u -r1.204 -r1.205 ---- libtiff/libtiff/tif_dirread.c 16 Nov 2016 15:14:15 -0000 1.204 -+++ libtiff/libtiff/tif_dirread.c 3 Dec 2016 11:02:15 -0000 1.205 -@@ -1,4 +1,4 @@ --/* $Id: tif_dirread.c,v 1.204 2016-11-16 15:14:15 erouault Exp $ */ -+/* $Id: tif_dirread.c,v 1.205 2016-12-03 11:02:15 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -5502,8 +5502,7 @@ - uint64 rowblockbytes; - uint64 stripbytes; - uint32 strip; -- uint64 nstrips64; -- uint32 nstrips32; -+ uint32 nstrips; - uint32 rowsperstrip; - uint64* newcounts; - uint64* newoffsets; -@@ -5534,18 +5533,17 @@ - return; - - /* -- * never increase the number of strips in an image -+ * never increase the number of rows per strip - */ - if (rowsperstrip >= td->td_rowsperstrip) - return; -- nstrips64 = TIFFhowmany_64(bytecount, stripbytes); -- if ((nstrips64==0)||(nstrips64>0xFFFFFFFF)) /* something is wonky, do nothing. */ -- return; -- nstrips32 = (uint32)nstrips64; -+ nstrips = TIFFhowmany_32(td->td_imagelength, rowsperstrip); -+ if( nstrips == 0 ) -+ return; - -- newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64), -+ newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), - "for chopped \"StripByteCounts\" array"); -- newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64), -+ newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), - "for chopped \"StripOffsets\" array"); - if (newcounts == NULL || newoffsets == NULL) { - /* -@@ -5562,18 +5560,18 @@ - * Fill the strip information arrays with new bytecounts and offsets - * that reflect the broken-up format. - */ -- for (strip = 0; strip < nstrips32; strip++) { -+ for (strip = 0; strip < nstrips; strip++) { - if (stripbytes > bytecount) - stripbytes = bytecount; - newcounts[strip] = stripbytes; -- newoffsets[strip] = offset; -+ newoffsets[strip] = stripbytes ? offset : 0; - offset += stripbytes; - bytecount -= stripbytes; - } - /* - * Replace old single strip info with multi-strip info. - */ -- td->td_stripsperimage = td->td_nstrips = nstrips32; -+ td->td_stripsperimage = td->td_nstrips = nstrips; - TIFFSetField(tif, TIFFTAG_ROWSPERSTRIP, rowsperstrip); - - _TIFFfree(td->td_stripbytecount); -Index: libtiff/libtiff/tif_strip.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v -retrieving revision 1.37 -retrieving revision 1.38 -diff -u -r1.37 -r1.38 ---- libtiff/libtiff/tif_strip.c 9 Nov 2016 23:00:49 -0000 1.37 -+++ libtiff/libtiff/tif_strip.c 3 Dec 2016 11:02:15 -0000 1.38 -@@ -1,4 +1,4 @@ --/* $Id: tif_strip.c,v 1.37 2016-11-09 23:00:49 erouault Exp $ */ -+/* $Id: tif_strip.c,v 1.38 2016-12-03 11:02:15 erouault Exp $ */ - - /* - * Copyright (c) 1991-1997 Sam Leffler -@@ -63,15 +63,6 @@ - TIFFDirectory *td = &tif->tif_dir; - uint32 nstrips; - -- /* If the value was already computed and store in td_nstrips, then return it, -- since ChopUpSingleUncompressedStrip might have altered and resized the -- since the td_stripbytecount and td_stripoffset arrays to the new value -- after the initial affectation of td_nstrips = TIFFNumberOfStrips() in -- tif_dirread.c ~line 3612. -- See http://bugzilla.maptools.org/show_bug.cgi?id=2587 */ -- if( td->td_nstrips ) -- return td->td_nstrips; -- - nstrips = (td->td_rowsperstrip == (uint32) -1 ? 1 : - TIFFhowmany_32(td->td_imagelength, td->td_rowsperstrip)); - if (td->td_planarconfig == PLANARCONFIG_SEPARATE) diff --git a/gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch b/gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch deleted file mode 100644 index f0fef08bf3..0000000000 --- a/gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch +++ /dev/null @@ -1,67 +0,0 @@ -Fix heap buffer overflow in tiffcp when parsing number of inks: - -http://bugzilla.maptools.org/show_bug.cgi?id=2599 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tif_dir.c: when TIFFGetField(, TIFFTAG_NUMBEROFINKS, ) is -called, - limit the return number of inks to SamplesPerPixel, so that code that -parses - ink names doesn't go past the end of the buffer. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1184; previous revision: 1.1183 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v <-- libtiff/tif_dir.c -new revision: 1.128; previous revision: 1.127 - -Index: libtiff/libtiff/tif_dir.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v -retrieving revision 1.127 -retrieving revision 1.128 -diff -u -r1.127 -r1.128 ---- libtiff/libtiff/tif_dir.c 25 Oct 2016 21:35:15 -0000 1.127 -+++ libtiff/libtiff/tif_dir.c 3 Dec 2016 15:30:31 -0000 1.128 -@@ -1,4 +1,4 @@ --/* $Id: tif_dir.c,v 1.127 2016-10-25 21:35:15 erouault Exp $ */ -+/* $Id: tif_dir.c,v 1.128 2016-12-03 15:30:31 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -854,6 +854,32 @@ - if( fip == NULL ) /* cannot happen since TIFFGetField() already checks it */ - return 0; - -+ if( tag == TIFFTAG_NUMBEROFINKS ) -+ { -+ int i; -+ for (i = 0; i < td->td_customValueCount; i++) { -+ uint16 val; -+ TIFFTagValue *tv = td->td_customValues + i; -+ if (tv->info->field_tag != tag) -+ continue; -+ val = *(uint16 *)tv->value; -+ /* Truncate to SamplesPerPixel, since the */ -+ /* setting code for INKNAMES assume that there are SamplesPerPixel */ -+ /* inknames. */ -+ /* Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599 */ -+ if( val > td->td_samplesperpixel ) -+ { -+ TIFFWarningExt(tif->tif_clientdata,"_TIFFVGetField", -+ "Truncating NumberOfInks from %u to %u", -+ val, td->td_samplesperpixel); -+ val = td->td_samplesperpixel; -+ } -+ *va_arg(ap, uint16*) = val; -+ return 1; -+ } -+ return 0; -+ } -+ - /* - * We want to force the custom code to be used for custom - * fields even if the tag happens to match a well known diff --git a/gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch b/gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch deleted file mode 100644 index 8166c55758..0000000000 --- a/gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch +++ /dev/null @@ -1,60 +0,0 @@ -Fix heap-based buffer overflow in combineSeparateSamples16bits(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2621 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcrop.c: add 3 extra bytes at end of strip buffer in - readSeparateStripsIntoBuffer() to avoid read outside of heap allocated -buffer. - Reported by Agostina Sarubo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2621 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1179; previous revision: 1.1178 -/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c -new revision: 1.48; previous revision: 1.47 - -Index: libtiff/tools/tiffcrop.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v -retrieving revision 1.47 -retrieving revision 1.48 -diff -u -r1.47 -r1.48 ---- libtiff/tools/tiffcrop.c 3 Dec 2016 11:35:56 -0000 1.47 -+++ libtiff/tools/tiffcrop.c 3 Dec 2016 12:19:32 -0000 1.48 -@@ -1,4 +1,4 @@ --/* $Id: tiffcrop.c,v 1.47 2016-12-03 11:35:56 erouault Exp $ */ -+/* $Id: tiffcrop.c,v 1.48 2016-12-03 12:19:32 erouault Exp $ */ - - /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of - * the image data through additional options listed below -@@ -4815,10 +4815,17 @@ - nstrips = TIFFNumberOfStrips(in); - strips_per_sample = nstrips /spp; - -+ /* Add 3 padding bytes for combineSeparateSamples32bits */ -+ if( (size_t) stripsize > 0xFFFFFFFFU - 3U ) -+ { -+ TIFFError("readSeparateStripsIntoBuffer", "Integer overflow when calculating buffer size."); -+ exit(-1); -+ } -+ - for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) - { - srcbuffs[s] = NULL; -- buff = _TIFFmalloc(stripsize); -+ buff = _TIFFmalloc(stripsize + 3); - if (!buff) - { - TIFFError ("readSeparateStripsIntoBuffer", -@@ -4827,6 +4834,9 @@ - _TIFFfree (srcbuffs[i]); - return 0; - } -+ buff[stripsize] = 0; -+ buff[stripsize+1] = 0; -+ buff[stripsize+2] = 0; - srcbuffs[s] = buff; - } - diff --git a/gnu/packages/patches/libtiff-invalid-read.patch b/gnu/packages/patches/libtiff-invalid-read.patch deleted file mode 100644 index 92742d8757..0000000000 --- a/gnu/packages/patches/libtiff-invalid-read.patch +++ /dev/null @@ -1,64 +0,0 @@ -Fix invalid read in t2p_writeproc(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2639 - -2016-12-20 Even Rouault <even.rouault at spatialys.com> - - * tools/tiff2pdf.c: avoid potential invalid memory read in - t2p_writeproc. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2639 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1198; previous revision: 1.1197 -/cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v <-- tools/tiff2pdf.c -new revision: 1.100; previous revision: 1.99 - -Index: libtiff/tools/tiff2pdf.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v -retrieving revision 1.99 -retrieving revision 1.100 -diff -u -r1.99 -r1.100 ---- libtiff/tools/tiff2pdf.c 20 Dec 2016 17:13:26 -0000 1.99 -+++ libtiff/tools/tiff2pdf.c 20 Dec 2016 17:24:35 -0000 1.100 -@@ -2896,6 +2896,7 @@ - } - if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) { - if (count >= 4) { -+ int retTIFFReadRawTile; - /* Ignore EOI marker of JpegTables */ - _TIFFmemcpy(buffer, jpt, count - 2); - bufferoffset += count - 2; -@@ -2903,22 +2904,23 @@ - table_end[0] = buffer[bufferoffset-2]; - table_end[1] = buffer[bufferoffset-1]; - xuint32 = bufferoffset; -- bufferoffset -= 2; -- bufferoffset += TIFFReadRawTile( -+ bufferoffset -= 2; -+ retTIFFReadRawTile= TIFFReadRawTile( - input, - tile, - (tdata_t) &(((unsigned char*)buffer)[bufferoffset]), - -1); -+ if( retTIFFReadRawTile < 0 ) -+ { -+ _TIFFfree(buffer); -+ t2p->t2p_error = T2P_ERR_ERROR; -+ return(0); -+ } -+ bufferoffset += retTIFFReadRawTile; - /* Overwrite SOI marker of image scan with previously */ - /* saved end of JpegTables */ - buffer[xuint32-2]=table_end[0]; - buffer[xuint32-1]=table_end[1]; -- } else { -- bufferoffset += TIFFReadRawTile( -- input, -- tile, -- (tdata_t) &(((unsigned char*)buffer)[bufferoffset]), -- -1); - } - } - t2pWriteFile(output, (tdata_t) buffer, bufferoffset); diff --git a/gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch b/gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch deleted file mode 100644 index 2f4509f386..0000000000 --- a/gnu/packages/patches/libtiff-multiple-UBSAN-crashes.patch +++ /dev/null @@ -1,449 +0,0 @@ -Fixes CVE-2017-{7595,7596,7597,7598,7599,7600,7601,7602}: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602 - -2017-01-11 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_dir.c, tif_dirread.c, tif_dirwrite.c: implement various - clampings - of double to other data types to avoid undefined behaviour if the - output range - isn't big enough to hold the input value. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2643 - http://bugzilla.maptools.org/show_bug.cgi?id=2642 - http://bugzilla.maptools.org/show_bug.cgi?id=2646 - http://bugzilla.maptools.org/show_bug.cgi?id=2647 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1204; previous revision: 1.1203 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v <-- libtiff/tif_dir.c -new revision: 1.129; previous revision: 1.128 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- libtiff/tif_dirread.c -new revision: 1.207; previous revision: 1.206 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirwrite.c,v <-- libtiff/tif_dirwrite.c -new revision: 1.85; previous revision: 1.84 - -2017-01-11 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_dirread.c: avoid division by floating point 0 in - TIFFReadDirEntryCheckedRational() and - TIFFReadDirEntryCheckedSrational(), - and return 0 in that case (instead of infinity as before presumably) - Apparently some sanitizers do not like those divisions by zero. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2644 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1203; previous revision: 1.1202 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- libtiff/tif_dirread.c -new revision: 1.206; previous revision: 1.205 - -2017-01-11 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_jpeg.c: validate BitsPerSample in JPEGSetupEncode() to - avoid undefined behaviour caused by invalid shift exponent. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2648 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1205; previous revision: 1.1204 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_jpeg.c,v <-- libtiff/tif_jpeg.c -new revision: 1.126; previous revision: 1.125 - -2017-01-11 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_read.c: avoid potential undefined behaviour on signed - integer addition in TIFFReadRawStrip1() in isMapped() case. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2650 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1206; previous revision: 1.1205 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v <-- libtiff/tif_read.c -new revision: 1.51; previous revision: 1.50 - -Index: libtiff/libtiff/tif_dir.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v -retrieving revision 1.128 -retrieving revision 1.129 -diff -u -r1.128 -r1.129 ---- libtiff/libtiff/tif_dir.c 3 Dec 2016 15:30:31 -0000 1.128 -+++ libtiff/libtiff/tif_dir.c 11 Jan 2017 16:09:02 -0000 1.129 -@@ -1,4 +1,4 @@ --/* $Id: tif_dir.c,v 1.128 2016-12-03 15:30:31 erouault Exp $ */ -+/* $Id: tif_dir.c,v 1.129 2017-01-11 16:09:02 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -31,6 +31,7 @@ - * (and also some miscellaneous stuff) - */ - #include "tiffiop.h" -+#include <float.h> - - /* - * These are used in the backwards compatibility code... -@@ -154,6 +155,15 @@ - return (0); - } - -+static float TIFFClampDoubleToFloat( double val ) -+{ -+ if( val > FLT_MAX ) -+ return FLT_MAX; -+ if( val < -FLT_MAX ) -+ return -FLT_MAX; -+ return (float)val; -+} -+ - static int - _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) - { -@@ -312,13 +322,13 @@ - dblval = va_arg(ap, double); - if( dblval < 0 ) - goto badvaluedouble; -- td->td_xresolution = (float) dblval; -+ td->td_xresolution = TIFFClampDoubleToFloat( dblval ); - break; - case TIFFTAG_YRESOLUTION: - dblval = va_arg(ap, double); - if( dblval < 0 ) - goto badvaluedouble; -- td->td_yresolution = (float) dblval; -+ td->td_yresolution = TIFFClampDoubleToFloat( dblval ); - break; - case TIFFTAG_PLANARCONFIG: - v = (uint16) va_arg(ap, uint16_vap); -@@ -327,10 +337,10 @@ - td->td_planarconfig = (uint16) v; - break; - case TIFFTAG_XPOSITION: -- td->td_xposition = (float) va_arg(ap, double); -+ td->td_xposition = TIFFClampDoubleToFloat( va_arg(ap, double) ); - break; - case TIFFTAG_YPOSITION: -- td->td_yposition = (float) va_arg(ap, double); -+ td->td_yposition = TIFFClampDoubleToFloat( va_arg(ap, double) ); - break; - case TIFFTAG_RESOLUTIONUNIT: - v = (uint16) va_arg(ap, uint16_vap); -Index: libtiff/libtiff/tif_dirread.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v -retrieving revision 1.206 -retrieving revision 1.207 -diff -u -r1.206 -r1.207 ---- libtiff/libtiff/tif_dirread.c 11 Jan 2017 13:28:01 -0000 1.206 -+++ libtiff/libtiff/tif_dirread.c 11 Jan 2017 16:09:02 -0000 1.207 -@@ -1,4 +1,4 @@ --/* $Id: tif_dirread.c,v 1.205 2016-12-03 11:02:15 erouault Exp $ */ -+/* $Id: tif_dirread.c,v 1.207 2017-01-11 16:09:02 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -40,6 +40,7 @@ - */ - - #include "tiffiop.h" -+#include <float.h> - - #define IGNORE 0 /* tag placeholder used below */ - #define FAILED_FII ((uint32) -1) -@@ -2406,7 +2407,14 @@ - ma=(double*)origdata; - mb=data; - for (n=0; n<count; n++) -- *mb++=(float)(*ma++); -+ { -+ double val = *ma++; -+ if( val > FLT_MAX ) -+ val = FLT_MAX; -+ else if( val < -FLT_MAX ) -+ val = -FLT_MAX; -+ *mb++=(float)val; -+ } - } - break; - } -Index: libtiff/libtiff/tif_dirwrite.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirwrite.c,v -retrieving revision 1.84 -retrieving revision 1.85 -diff -u -r1.84 -r1.85 ---- libtiff/libtiff/tif_dirwrite.c 11 Jan 2017 12:51:59 -0000 1.84 -+++ libtiff/libtiff/tif_dirwrite.c 11 Jan 2017 16:09:02 -0000 1.85 -@@ -1,4 +1,4 @@ --/* $Id: tif_dirwrite.c,v 1.83 2016-10-25 21:35:15 erouault Exp $ */ -+/* $Id: tif_dirwrite.c,v 1.85 2017-01-11 16:09:02 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -30,6 +30,7 @@ - * Directory Write Support Routines. - */ - #include "tiffiop.h" -+#include <float.h> - - #ifdef HAVE_IEEEFP - #define TIFFCvtNativeToIEEEFloat(tif, n, fp) -@@ -939,6 +940,69 @@ - return(0); - } - -+static float TIFFClampDoubleToFloat( double val ) -+{ -+ if( val > FLT_MAX ) -+ return FLT_MAX; -+ if( val < -FLT_MAX ) -+ return -FLT_MAX; -+ return (float)val; -+} -+ -+static int8 TIFFClampDoubleToInt8( double val ) -+{ -+ if( val > 127 ) -+ return 127; -+ if( val < -128 || val != val ) -+ return -128; -+ return (int8)val; -+} -+ -+static int16 TIFFClampDoubleToInt16( double val ) -+{ -+ if( val > 32767 ) -+ return 32767; -+ if( val < -32768 || val != val ) -+ return -32768; -+ return (int16)val; -+} -+ -+static int32 TIFFClampDoubleToInt32( double val ) -+{ -+ if( val > 0x7FFFFFFF ) -+ return 0x7FFFFFFF; -+ if( val < -0x7FFFFFFF-1 || val != val ) -+ return -0x7FFFFFFF-1; -+ return (int32)val; -+} -+ -+static uint8 TIFFClampDoubleToUInt8( double val ) -+{ -+ if( val < 0 ) -+ return 0; -+ if( val > 255 || val != val ) -+ return 255; -+ return (uint8)val; -+} -+ -+static uint16 TIFFClampDoubleToUInt16( double val ) -+{ -+ if( val < 0 ) -+ return 0; -+ if( val > 65535 || val != val ) -+ return 65535; -+ return (uint16)val; -+} -+ -+static uint32 TIFFClampDoubleToUInt32( double val ) -+{ -+ if( val < 0 ) -+ return 0; -+ if( val > 0xFFFFFFFFU || val != val ) -+ return 0xFFFFFFFFU; -+ return (uint32)val; -+} -+ - static int - TIFFWriteDirectoryTagSampleformatArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, double* value) - { -@@ -959,7 +1023,7 @@ - if (tif->tif_dir.td_bitspersample<=32) - { - for (i = 0; i < count; ++i) -- ((float*)conv)[i] = (float)value[i]; -+ ((float*)conv)[i] = TIFFClampDoubleToFloat(value[i]); - ok = TIFFWriteDirectoryTagFloatArray(tif,ndir,dir,tag,count,(float*)conv); - } - else -@@ -971,19 +1035,19 @@ - if (tif->tif_dir.td_bitspersample<=8) - { - for (i = 0; i < count; ++i) -- ((int8*)conv)[i] = (int8)value[i]; -+ ((int8*)conv)[i] = TIFFClampDoubleToInt8(value[i]); - ok = TIFFWriteDirectoryTagSbyteArray(tif,ndir,dir,tag,count,(int8*)conv); - } - else if (tif->tif_dir.td_bitspersample<=16) - { - for (i = 0; i < count; ++i) -- ((int16*)conv)[i] = (int16)value[i]; -+ ((int16*)conv)[i] = TIFFClampDoubleToInt16(value[i]); - ok = TIFFWriteDirectoryTagSshortArray(tif,ndir,dir,tag,count,(int16*)conv); - } - else - { - for (i = 0; i < count; ++i) -- ((int32*)conv)[i] = (int32)value[i]; -+ ((int32*)conv)[i] = TIFFClampDoubleToInt32(value[i]); - ok = TIFFWriteDirectoryTagSlongArray(tif,ndir,dir,tag,count,(int32*)conv); - } - break; -@@ -991,19 +1055,19 @@ - if (tif->tif_dir.td_bitspersample<=8) - { - for (i = 0; i < count; ++i) -- ((uint8*)conv)[i] = (uint8)value[i]; -+ ((uint8*)conv)[i] = TIFFClampDoubleToUInt8(value[i]); - ok = TIFFWriteDirectoryTagByteArray(tif,ndir,dir,tag,count,(uint8*)conv); - } - else if (tif->tif_dir.td_bitspersample<=16) - { - for (i = 0; i < count; ++i) -- ((uint16*)conv)[i] = (uint16)value[i]; -+ ((uint16*)conv)[i] = TIFFClampDoubleToUInt16(value[i]); - ok = TIFFWriteDirectoryTagShortArray(tif,ndir,dir,tag,count,(uint16*)conv); - } - else - { - for (i = 0; i < count; ++i) -- ((uint32*)conv)[i] = (uint32)value[i]; -+ ((uint32*)conv)[i] = TIFFClampDoubleToUInt32(value[i]); - ok = TIFFWriteDirectoryTagLongArray(tif,ndir,dir,tag,count,(uint32*)conv); - } - break; -@@ -2102,7 +2102,7 @@ - m[0]=0; - m[1]=1; - } -- else if (value==(double)(uint32)value) -+ else if (value <= 0xFFFFFFFFU && value==(double)(uint32)value) - { - m[0]=(uint32)value; - m[1]=1; -@@ -2148,12 +2217,13 @@ - } - for (na=value, nb=m, nc=0; nc<count; na++, nb+=2, nc++) - { -- if (*na<=0.0) -+ if (*na<=0.0 || *na != *na) - { - nb[0]=0; - nb[1]=1; - } -- else if (*na==(float)(uint32)(*na)) -+ else if (*na >= 0 && *na <= (float)0xFFFFFFFFU && -+ *na==(float)(uint32)(*na)) - { - nb[0]=(uint32)(*na); - nb[1]=1; -Index: libtiff/libtiff/tif_dirread.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v -retrieving revision 1.205 -retrieving revision 1.206 -diff -u -r1.205 -r1.206 ---- libtiff/libtiff/tif_dirread.c 3 Dec 2016 11:02:15 -0000 1.205 -+++ libtiff/libtiff/tif_dirread.c 11 Jan 2017 13:28:01 -0000 1.206 -@@ -2872,7 +2872,10 @@ - m.l = direntry->tdir_offset.toff_long8; - if (tif->tif_flags&TIFF_SWAB) - TIFFSwabArrayOfLong(m.i,2); -- if (m.i[0]==0) -+ /* Not completely sure what we should do when m.i[1]==0, but some */ -+ /* sanitizers do not like division by 0.0: */ -+ /* http://bugzilla.maptools.org/show_bug.cgi?id=2644 */ -+ if (m.i[0]==0 || m.i[1]==0) - *value=0.0; - else - *value=(double)m.i[0]/(double)m.i[1]; -@@ -2900,7 +2903,10 @@ - m.l=direntry->tdir_offset.toff_long8; - if (tif->tif_flags&TIFF_SWAB) - TIFFSwabArrayOfLong(m.i,2); -- if ((int32)m.i[0]==0) -+ /* Not completely sure what we should do when m.i[1]==0, but some */ -+ /* sanitizers do not like division by 0.0: */ -+ /* http://bugzilla.maptools.org/show_bug.cgi?id=2644 */ -+ if ((int32)m.i[0]==0 || m.i[1]==0) - *value=0.0; - else - *value=(double)((int32)m.i[0])/(double)m.i[1]; -Index: libtiff/libtiff/tif_jpeg.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_jpeg.c,v -retrieving revision 1.125 -retrieving revision 1.126 -diff -u -r1.125 -r1.126 ---- libtiff/libtiff/tif_jpeg.c 11 Jan 2017 12:15:01 -0000 1.125 -+++ libtiff/libtiff/tif_jpeg.c 11 Jan 2017 16:13:50 -0000 1.126 -@@ -1,4 +1,4 @@ --/* $Id: tif_jpeg.c,v 1.123 2016-01-23 21:20:34 erouault Exp $ */ -+/* $Id: tif_jpeg.c,v 1.126 2017-01-11 16:13:50 erouault Exp $ */ - - /* - * Copyright (c) 1994-1997 Sam Leffler -@@ -1632,6 +1632,13 @@ - "Invalig horizontal/vertical sampling value"); - return (0); - } -+ if( td->td_bitspersample > 16 ) -+ { -+ TIFFErrorExt(tif->tif_clientdata, module, -+ "BitsPerSample %d not allowed for JPEG", -+ td->td_bitspersample); -+ return (0); -+ } - - /* - * A ReferenceBlackWhite field *must* be present since the -Index: libtiff/libtiff/tif_read.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v -retrieving revision 1.50 -retrieving revision 1.51 -diff -u -r1.50 -r1.51 ---- libtiff/libtiff/tif_read.c 2 Dec 2016 21:56:56 -0000 1.50 -+++ libtiff/libtiff/tif_read.c 11 Jan 2017 16:33:34 -0000 1.51 -@@ -420,16 +420,25 @@ - return ((tmsize_t)(-1)); - } - } else { -- tmsize_t ma,mb; -+ tmsize_t ma; - tmsize_t n; -- ma=(tmsize_t)td->td_stripoffset[strip]; -- mb=ma+size; -- if ((td->td_stripoffset[strip] > (uint64)TIFF_TMSIZE_T_MAX)||(ma>tif->tif_size)) -- n=0; -- else if ((mb<ma)||(mb<size)||(mb>tif->tif_size)) -- n=tif->tif_size-ma; -- else -- n=size; -+ if ((td->td_stripoffset[strip] > (uint64)TIFF_TMSIZE_T_MAX)|| -+ ((ma=(tmsize_t)td->td_stripoffset[strip])>tif->tif_size)) -+ { -+ n=0; -+ } -+ else if( ma > TIFF_TMSIZE_T_MAX - size ) -+ { -+ n=0; -+ } -+ else -+ { -+ tmsize_t mb=ma+size; -+ if (mb>tif->tif_size) -+ n=tif->tif_size-ma; -+ else -+ n=size; -+ } - if (n!=size) { - #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) - TIFFErrorExt(tif->tif_clientdata, module, diff --git a/gnu/packages/patches/libtiff-null-dereference.patch b/gnu/packages/patches/libtiff-null-dereference.patch deleted file mode 100644 index 8c6345b804..0000000000 --- a/gnu/packages/patches/libtiff-null-dereference.patch +++ /dev/null @@ -1,42 +0,0 @@ -Fix NULL pointer dereference in TIFFReadRawData(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2594 - - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffinfo.c: fix null pointer dereference in -r mode when - * the -image has - no StripByteCount tag. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2594 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1182; previous revision: 1.1181 -/cvs/maptools/cvsroot/libtiff/tools/tiffinfo.c,v <-- tools/tiffinfo.c -new revision: 1.26; previous revision: 1.25 - -Index: libtiff/tools/tiffinfo.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffinfo.c,v -retrieving revision 1.25 -retrieving revision 1.26 -diff -u -r1.25 -r1.26 ---- libtiff/tools/tiffinfo.c 12 Nov 2016 20:06:05 -0000 1.25 -+++ libtiff/tools/tiffinfo.c 3 Dec 2016 14:18:49 -0000 1.26 -@@ -1,4 +1,4 @@ --/* $Id: tiffinfo.c,v 1.25 2016-11-12 20:06:05 bfriesen Exp $ */ -+/* $Id: tiffinfo.c,v 1.26 2016-12-03 14:18:49 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -417,7 +417,7 @@ - uint64* stripbc=NULL; - - TIFFGetField(tif, TIFFTAG_STRIPBYTECOUNTS, &stripbc); -- if (nstrips > 0) { -+ if (stripbc != NULL && nstrips > 0) { - uint32 bufsize = (uint32) stripbc[0]; - tdata_t buf = _TIFFmalloc(bufsize); - tstrip_t s; diff --git a/gnu/packages/patches/libtiff-tiffcp-underflow.patch b/gnu/packages/patches/libtiff-tiffcp-underflow.patch deleted file mode 100644 index 5615cbb3e1..0000000000 --- a/gnu/packages/patches/libtiff-tiffcp-underflow.patch +++ /dev/null @@ -1,41 +0,0 @@ -Fix a integer underflow in tiffcp that led to heap overflows in -TIFFReverseBits(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2598 - -2016-12-02 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: avoid uint32 underflow in cpDecodedStrips that - can cause various issues, such as buffer overflows in the library. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2598 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1174; previous revision: 1.1173 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.56; previous revision: 1.55 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.55 -retrieving revision 1.56 -diff -u -r1.55 -r1.56 ---- libtiff/tools/tiffcp.c 8 Oct 2016 15:54:57 -0000 1.55 -+++ libtiff/tools/tiffcp.c 2 Dec 2016 22:13:32 -0000 1.56 -@@ -1,4 +1,4 @@ --/* $Id: tiffcp.c,v 1.55 2016-10-08 15:54:57 erouault Exp $ */ -+/* $Id: tiffcp.c,v 1.56 2016-12-02 22:13:32 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -985,7 +985,7 @@ - tstrip_t s, ns = TIFFNumberOfStrips(in); - uint32 row = 0; - _TIFFmemset(buf, 0, stripsize); -- for (s = 0; s < ns; s++) { -+ for (s = 0; s < ns && row < imagelength; s++) { - tsize_t cc = (row + rowsperstrip > imagelength) ? - TIFFVStripSize(in, imagelength - row) : stripsize; - if (TIFFReadEncodedStrip(in, s, buf, cc) < 0 diff --git a/gnu/packages/patches/openldap-CVE-2017-9287.patch b/gnu/packages/patches/openldap-CVE-2017-9287.patch new file mode 100644 index 0000000000..5ca2a60c60 --- /dev/null +++ b/gnu/packages/patches/openldap-CVE-2017-9287.patch @@ -0,0 +1,37 @@ +Fix CVE-2017-9287: + +https://www.openldap.org/its/?findid=8655 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9287 + +Patch copied from upstream source repository: + +https://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e + +From 0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e Mon Sep 17 00:00:00 2001 +From: Ryan Tandy <ryan@nardis.ca> +Date: Wed, 17 May 2017 20:07:39 -0700 +Subject: [PATCH] ITS#8655 fix double free on paged search with pagesize 0 + +Fixes a double free when a search includes the Paged Results control +with a page size of 0 and the search base matches the filter. +--- + servers/slapd/back-mdb/search.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/servers/slapd/back-mdb/search.c b/servers/slapd/back-mdb/search.c +index 301d1a498c..43442aa242 100644 +--- a/servers/slapd/back-mdb/search.c ++++ b/servers/slapd/back-mdb/search.c +@@ -1066,7 +1066,8 @@ notfound: + /* check size limit */ + if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) { + if ( rs->sr_nentries >= ((PagedResultsState *)op->o_pagedresults_state)->ps_size ) { +- mdb_entry_return( op, e ); ++ if (e != base) ++ mdb_entry_return( op, e ); + e = NULL; + send_paged_response( op, rs, &lastid, tentries ); + goto done; +-- +2.13.0 + diff --git a/gnu/packages/patches/python-genshi-add-support-for-python-3.4-AST.patch b/gnu/packages/patches/python-genshi-add-support-for-python-3.4-AST.patch new file mode 100644 index 0000000000..4e40c1daa1 --- /dev/null +++ b/gnu/packages/patches/python-genshi-add-support-for-python-3.4-AST.patch @@ -0,0 +1,151 @@ +From 86b98a11559da7d1b21dc9b4c6b10511b9095bc4 Mon Sep 17 00:00:00 2001 +From: Simon Cross <hodgestar@gmail.com> +Date: Sun, 16 Feb 2014 18:46:15 +0000 +Subject: [PATCH 05/16] Add support for Python 3.4 AST (support for + NameConstants and changes to existing to arguments node attributes). + +--- + genshi/template/astutil.py | 31 ++++++++++++++++++++++++++++--- + genshi/template/eval.py | 34 +++++++++++++++++++--------------- + 2 files changed, 47 insertions(+), 18 deletions(-) + +diff --git a/genshi/template/astutil.py b/genshi/template/astutil.py +index a4c21c8..a3946b4 100644 +--- a/genshi/template/astutil.py ++++ b/genshi/template/astutil.py +@@ -21,7 +21,7 @@ else: + def parse(source, mode): + return compile(source, '', mode, _ast.PyCF_ONLY_AST) + +-from genshi.compat import IS_PYTHON2 ++from genshi.compat import IS_PYTHON2, isstring + + __docformat__ = 'restructuredtext en' + +@@ -103,8 +103,13 @@ class ASTCodeGenerator(object): + self._new_line() + return self.visit(node.body) + ++ # Python < 3.4 + # arguments = (expr* args, identifier? vararg, + # identifier? kwarg, expr* defaults) ++ # ++ # Python >= 3.4 ++ # arguments = (arg* args, arg? vararg, arg* kwonlyargs, expr* kw_defaults, ++ # arg? kwarg, expr* defaults) + def visit_arguments(self, node): + first = True + no_default_count = len(node.args) - len(node.defaults) +@@ -122,13 +127,21 @@ class ASTCodeGenerator(object): + self._write(', ') + else: + first = False +- self._write('*' + node.vararg) ++ self._write('*') ++ if isstring(node.vararg): ++ self._write(node.vararg) ++ else: ++ self.visit(node.vararg) + if getattr(node, 'kwarg', None): + if not first: + self._write(', ') + else: + first = False +- self._write('**' + node.kwarg) ++ self._write('**') ++ if isstring(node.kwarg): ++ self._write(node.kwarg) ++ else: ++ self.visit(node.kwarg) + + if not IS_PYTHON2: + # In Python 3 arguments get a special node +@@ -724,6 +737,17 @@ class ASTCodeGenerator(object): + def visit_Name(self, node): + self._write(node.id) + ++ # NameConstant(singleton value) ++ def visit_NameConstant(self, node): ++ if node.value is None: ++ self._write('None') ++ elif node.value is True: ++ self._write('True') ++ elif node.value is False: ++ self._write('False') ++ else: ++ raise Exception("Unknown NameConstant %r" % (node.value,)) ++ + # List(expr* elts, expr_context ctx) + def visit_List(self, node): + self._write('[') +@@ -829,6 +853,7 @@ class ASTTransformer(object): + visit_Attribute = _clone + visit_Subscript = _clone + visit_Name = _clone ++ visit_NameConstant = _clone + visit_List = _clone + visit_Tuple = _clone + +diff --git a/genshi/template/eval.py b/genshi/template/eval.py +index 89aec49..de4bc86 100644 +--- a/genshi/template/eval.py ++++ b/genshi/template/eval.py +@@ -24,7 +24,8 @@ from genshi.template.astutil import ASTTransformer, ASTCodeGenerator, \ + from genshi.template.base import TemplateRuntimeError + from genshi.util import flatten + +-from genshi.compat import get_code_params, build_code_chunk, IS_PYTHON2 ++from genshi.compat import get_code_params, build_code_chunk, isstring, \ ++ IS_PYTHON2 + + __all__ = ['Code', 'Expression', 'Suite', 'LenientLookup', 'StrictLookup', + 'Undefined', 'UndefinedError'] +@@ -495,28 +496,31 @@ class TemplateASTTransformer(ASTTransformer): + def __init__(self): + self.locals = [CONSTANTS] + ++ def _process(self, names, node): ++ if not IS_PYTHON2 and isinstance(node, _ast.arg): ++ names.add(node.arg) ++ elif isstring(node): ++ names.add(node) ++ elif isinstance(node, _ast.Name): ++ names.add(node.id) ++ elif isinstance(node, _ast.alias): ++ names.add(node.asname or node.name) ++ elif isinstance(node, _ast.Tuple): ++ for elt in node.elts: ++ self._process(names, elt) ++ + def _extract_names(self, node): + names = set() +- def _process(node): +- if not IS_PYTHON2 and isinstance(node, _ast.arg): +- names.add(node.arg) +- if isinstance(node, _ast.Name): +- names.add(node.id) +- elif isinstance(node, _ast.alias): +- names.add(node.asname or node.name) +- elif isinstance(node, _ast.Tuple): +- for elt in node.elts: +- _process(elt) + if hasattr(node, 'args'): + for arg in node.args: +- _process(arg) ++ self._process(names, arg) + if hasattr(node, 'vararg'): +- names.add(node.vararg) ++ self._process(names, node.vararg) + if hasattr(node, 'kwarg'): +- names.add(node.kwarg) ++ self._process(names, node.kwarg) + elif hasattr(node, 'names'): + for elt in node.names: +- _process(elt) ++ self._process(names, elt) + return names + + def visit_Str(self, node): +-- +2.12.0 + diff --git a/gnu/packages/patches/python-genshi-buildable-on-python-2.7.patch b/gnu/packages/patches/python-genshi-buildable-on-python-2.7.patch new file mode 100644 index 0000000000..2bc516c697 --- /dev/null +++ b/gnu/packages/patches/python-genshi-buildable-on-python-2.7.patch @@ -0,0 +1,25 @@ +From 32bfaa7cc1c736fd62fcbb6414de9498dc20ed07 Mon Sep 17 00:00:00 2001 +From: Adriano Peluso <catonano@gmail.com> +Date: Wed, 5 Apr 2017 15:13:06 +0200 +Subject: [PATCH 2/2] buildable on python27 too + +--- + genshi/template/directives.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/genshi/template/directives.py b/genshi/template/directives.py +index 6fd0f28..1f70ef6 100644 +--- a/genshi/template/directives.py ++++ b/genshi/template/directives.py +@@ -266,7 +266,7 @@ class DefDirective(Directive): + if isinstance(ast, _ast.Call): + self.name = ast.func.id + for arg in ast.args: +- if isinstance(arg, _ast.Starred): ++ if hasattr(_ast, 'Starred') and isinstance(arg, _ast.Starred): + # Python 3.5+ + self.star_args = arg.value.id + else: +-- +2.12.0 + diff --git a/gnu/packages/patches/python-genshi-disable-speedups-on-python-3.3.patch b/gnu/packages/patches/python-genshi-disable-speedups-on-python-3.3.patch new file mode 100644 index 0000000000..c25c3bd7a9 --- /dev/null +++ b/gnu/packages/patches/python-genshi-disable-speedups-on-python-3.3.patch @@ -0,0 +1,32 @@ +From cef2c8df44166195e1705638f9f17033a4943bb7 Mon Sep 17 00:00:00 2001 +From: Simon Cross <hodgestar@gmail.com> +Date: Sun, 16 Feb 2014 18:32:21 +0000 +Subject: [PATCH 02/15] Disable the speedups C extension on CPython >= 3.3 + since Genshi doesn't support the new Unicode C API yet. + +--- + setup.py | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/setup.py b/setup.py +index 123a2cb..a3d748c 100755 +--- a/setup.py ++++ b/setup.py +@@ -65,9 +65,13 @@ available.""") + + + if Feature: ++ # Optional C extension module for speeding up Genshi: ++ # Not activated by default on: ++ # - PyPy (where it harms performance) ++ # - CPython >= 3.3 (the new Unicode C API is not supported yet) + speedups = Feature( + "optional C speed-enhancements", +- standard = not is_pypy, ++ standard = not is_pypy and sys.version_info < (3, 3), + ext_modules = [ + Extension('genshi._speedups', ['genshi/_speedups.c']), + ], +-- +2.12.0 + diff --git a/gnu/packages/patches/python-genshi-fix-tests-on-python-3.5.patch b/gnu/packages/patches/python-genshi-fix-tests-on-python-3.5.patch new file mode 100644 index 0000000000..05be080cdf --- /dev/null +++ b/gnu/packages/patches/python-genshi-fix-tests-on-python-3.5.patch @@ -0,0 +1,112 @@ +From ce796ad4bae5c47011876778674ad036357febdf Mon Sep 17 00:00:00 2001 +From: Adriano Peluso <catonano@gmail.com> +Date: Wed, 5 Apr 2017 15:10:06 +0200 +Subject: [PATCH 1/2] fixing the tests on python35 + +--- + genshi/filters/i18n.py | 6 ++++-- + genshi/template/astutil.py | 14 +++++++++++--- + genshi/template/directives.py | 20 ++++++++++++++------ + genshi/template/eval.py | 5 +++++ + 4 files changed, 34 insertions(+), 11 deletions(-) + +diff --git a/genshi/filters/i18n.py b/genshi/filters/i18n.py +index 526fda4..5387fcf 100644 +--- a/genshi/filters/i18n.py ++++ b/genshi/filters/i18n.py +@@ -1194,8 +1194,10 @@ def extract_from_code(code, gettext_functions): + elif arg: + strings.append(None) + [_add(arg) for arg in node.args] +- _add(node.starargs) +- _add(node.kwargs) ++ if hasattr(node, 'starargs'): ++ _add(node.starargs) ++ if hasattr(node, 'kwargs'): ++ _add(node.kwargs) + if len(strings) == 1: + strings = strings[0] + else: +diff --git a/genshi/template/astutil.py b/genshi/template/astutil.py +index f4e1edd..e561846 100644 +--- a/genshi/template/astutil.py ++++ b/genshi/template/astutil.py +@@ -151,6 +151,10 @@ class ASTCodeGenerator(object): + def visit_arg(self, node): + self._write(node.arg) + ++ def visit_Starred(self, node): ++ self._write('*') ++ self.visit(node.value) ++ + # FunctionDef(identifier name, arguments args, + # stmt* body, expr* decorator_list) + def visit_FunctionDef(self, node): +@@ -664,9 +668,13 @@ class ASTCodeGenerator(object): + if not first: + self._write(', ') + first = False +- # keyword = (identifier arg, expr value) +- self._write(keyword.arg) +- self._write('=') ++ if not keyword.arg: ++ # Python 3.5+ star-star args ++ self._write('**') ++ else: ++ # keyword = (identifier arg, expr value) ++ self._write(keyword.arg) ++ self._write('=') + self.visit(keyword.value) + if getattr(node, 'starargs', None): + if not first: +diff --git a/genshi/template/directives.py b/genshi/template/directives.py +index 7301c2d..6fd0f28 100644 +--- a/genshi/template/directives.py ++++ b/genshi/template/directives.py +@@ -266,13 +266,21 @@ class DefDirective(Directive): + if isinstance(ast, _ast.Call): + self.name = ast.func.id + for arg in ast.args: +- # only names +- self.args.append(arg.id) ++ if isinstance(arg, _ast.Starred): ++ # Python 3.5+ ++ self.star_args = arg.value.id ++ else: ++ # only names ++ self.args.append(arg.id) + for kwd in ast.keywords: +- self.args.append(kwd.arg) +- exp = Expression(kwd.value, template.filepath, +- lineno, lookup=template.lookup) +- self.defaults[kwd.arg] = exp ++ if kwd.arg is None: ++ # Python 3.5+ ++ self.dstar_args = kwd.value.id ++ else: ++ self.args.append(kwd.arg) ++ exp = Expression(kwd.value, template.filepath, ++ lineno, lookup=template.lookup) ++ self.defaults[kwd.arg] = exp + if getattr(ast, 'starargs', None): + self.star_args = ast.starargs.id + if getattr(ast, 'kwargs', None): +diff --git a/genshi/template/eval.py b/genshi/template/eval.py +index d378419..81644a7 100644 +--- a/genshi/template/eval.py ++++ b/genshi/template/eval.py +@@ -600,6 +600,11 @@ class TemplateASTTransformer(ASTTransformer): + finally: + self.locals.pop() + ++ # Only used in Python 3.5+ ++ def visit_Starred(self, node): ++ node.value = self.visit(node.value) ++ return node ++ + def visit_Name(self, node): + # If the name refers to a local inside a lambda, list comprehension, or + # generator expression, leave it alone +-- +2.12.0 + diff --git a/gnu/packages/patches/python-genshi-isstring-helper.patch b/gnu/packages/patches/python-genshi-isstring-helper.patch new file mode 100644 index 0000000000..4f6c19bba9 --- /dev/null +++ b/gnu/packages/patches/python-genshi-isstring-helper.patch @@ -0,0 +1,37 @@ +From cc5e07284f44cdd9beec178c69070a53f55d1323 Mon Sep 17 00:00:00 2001 +From: Simon Cross <hodgestar@gmail.com> +Date: Sun, 16 Feb 2014 18:43:20 +0000 +Subject: [PATCH 03/15] Add isstring helper. + +--- + genshi/compat.py | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/genshi/compat.py b/genshi/compat.py +index 9787325..6574e39 100644 +--- a/genshi/compat.py ++++ b/genshi/compat.py +@@ -35,6 +35,15 @@ else: + 'Python 2 compatibility function. Not usable in Python 3.') + + ++# We need to test if an object is an instance of a string type in places ++ ++if IS_PYTHON2: ++ def isstring(obj): ++ return isinstance(obj, basestring) ++else: ++ def isstring(obj): ++ return isinstance(obj, str) ++ + # We need to differentiate between StringIO and BytesIO in places + + if IS_PYTHON2: +@@ -112,4 +121,3 @@ except NameError: + if not x: + return False + return True +- +-- +2.12.0 + diff --git a/gnu/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch b/gnu/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch new file mode 100644 index 0000000000..29951a6149 --- /dev/null +++ b/gnu/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch @@ -0,0 +1,51 @@ +From 0769be04c3891ae5c724c6779ba13d1d0f53b4ae Mon Sep 17 00:00:00 2001 +From: Simon Cross <hodgestar@gmail.com> +Date: Sun, 16 Feb 2014 18:25:17 +0000 +Subject: [PATCH 01/15] Also allow stripping of unsafe script tags (Python 3.4 + parses the second example as a tag whose name is script&xyz). + +--- + genshi/filters/tests/test_html.py | 14 ++++++++++---- + 1 file changed, 10 insertions(+), 4 deletions(-) + +diff --git a/genshi/filters/tests/test_html.py b/genshi/filters/tests/test_html.py +index 0c6cfe1..45ec0da 100644 +--- a/genshi/filters/tests/test_html.py ++++ b/genshi/filters/tests/test_html.py +@@ -368,12 +368,16 @@ def StyleSanitizer(): + + class HTMLSanitizerTestCase(unittest.TestCase): + +- def assert_parse_error_or_equal(self, expected, exploit): ++ def assert_parse_error_or_equal(self, expected, exploit, ++ allow_strip=False): + try: + html = HTML(exploit) + except ParseError: + return +- self.assertEquals(expected, (html | HTMLSanitizer()).render()) ++ sanitized_html = (html | HTMLSanitizer()).render() ++ if not sanitized_html and allow_strip: ++ return ++ self.assertEquals(expected, sanitized_html) + + def test_sanitize_unchanged(self): + html = HTML(u'<a href="#">fo<br />o</a>') +@@ -416,10 +420,12 @@ class HTMLSanitizerTestCase(unittest.TestCase): + html = HTML(u'<SCRIPT SRC="http://example.com/"></SCRIPT>') + self.assertEquals('', (html | HTMLSanitizer()).render()) + src = u'<SCR\0IPT>alert("foo")</SCR\0IPT>' +- self.assert_parse_error_or_equal('<SCR\x00IPT>alert("foo")', src) ++ self.assert_parse_error_or_equal('<SCR\x00IPT>alert("foo")', src, ++ allow_strip=True) + src = u'<SCRIPT&XYZ SRC="http://example.com/"></SCRIPT>' + self.assert_parse_error_or_equal('<SCRIPT&XYZ; ' +- 'SRC="http://example.com/">', src) ++ 'SRC="http://example.com/">', src, ++ allow_strip=True) + + def test_sanitize_remove_onclick_attr(self): + html = HTML(u'<div onclick=\'alert("foo")\' />') +-- +2.12.0 + diff --git a/gnu/packages/patches/rxvt-unicode-escape-sequences.patch b/gnu/packages/patches/rxvt-unicode-escape-sequences.patch new file mode 100644 index 0000000000..064dd51e2d --- /dev/null +++ b/gnu/packages/patches/rxvt-unicode-escape-sequences.patch @@ -0,0 +1,35 @@ +This patch prevents a code execution vector involving terminal escape +sequences when rxvt-unicode is in "secure mode". + +This change was spurred by the following conversation on the +oss-security mailing list: + +Problem description and proof of concept: +http://seclists.org/oss-sec/2017/q2/190 + +Upstream response: +http://seclists.org/oss-sec/2017/q2/291 + +Patch copied from upstream source repository: +http://cvs.schmorp.de/rxvt-unicode/src/command.C?r1=1.582&r2=1.583 + +--- rxvt-unicode/src/command.C 2016/07/14 05:33:26 1.582 ++++ rxvt-unicode/src/command.C 2017/05/18 02:43:18 1.583 +@@ -2695,7 +2695,7 @@ + /* kidnapped escape sequence: Should be 8.3.48 */ + case C1_ESA: /* ESC G */ + // used by original rxvt for rob nations own graphics mode +- if (cmd_getc () == 'Q') ++ if (cmd_getc () == 'Q' && option (Opt_insecure)) + tt_printf ("\033G0\012"); /* query graphics - no graphics */ + break; + +@@ -2914,7 +2914,7 @@ + break; + + case CSI_CUB: /* 8.3.18: (1) CURSOR LEFT */ +- case CSI_HPB: /* 8.3.59: (1) CHARACTER POSITION BACKWARD */ ++ case CSI_HPB: /* 8.3.59: (1) CHARACTER POSITION BACKWARD */ + #ifdef ISO6429 + arg[0] = -arg[0]; + #else /* emulate common DEC VTs */ diff --git a/gnu/packages/patches/synfig-build-fix.patch b/gnu/packages/patches/synfig-build-fix.patch deleted file mode 100644 index 3f6168e0fb..0000000000 --- a/gnu/packages/patches/synfig-build-fix.patch +++ /dev/null @@ -1,61 +0,0 @@ -Allow Synfig to build in C++11 mode. - -Taken from here: -https://projects.archlinux.org/svntogit/community.git/plain/trunk/build-fix.patch?h=packages/synfig - -diff -wbBur synfig-1.0-RC5/src/modules/mod_libavcodec/mptr.cpp synfig-1.0-RC5.my/src/modules/mod_libavcodec/mptr.cpp ---- synfig-1.0-RC5/src/modules/mod_libavcodec/mptr.cpp 2015-03-28 13:15:00.000000000 +0300 -+++ synfig-1.0-RC5.my/src/modules/mod_libavcodec/mptr.cpp 2015-04-28 16:56:11.568749053 +0300 -@@ -56,8 +56,8 @@ - /* === M E T H O D S ======================================================= */ - - --Importer_LibAVCodec::Importer_LibAVCodec(const char *file): -- filename(file) -+Importer_LibAVCodec::Importer_LibAVCodec(const synfig::FileSystem::Identifier &identifier): -+ Importer(identifier) - { - } - -diff -wbBur synfig-1.0-RC5/src/modules/mod_libavcodec/mptr.h synfig-1.0-RC5.my/src/modules/mod_libavcodec/mptr.h ---- synfig-1.0-RC5/src/modules/mod_libavcodec/mptr.h 2015-03-28 13:15:00.000000000 +0300 -+++ synfig-1.0-RC5.my/src/modules/mod_libavcodec/mptr.h 2015-04-28 16:55:18.699192946 +0300 -@@ -46,7 +46,7 @@ - synfig::String filename; - - public: -- Importer_LibAVCodec(const char *filename); -+ Importer_LibAVCodec(const synfig::FileSystem::Identifier &identifier); - ~Importer_LibAVCodec(); - - virtual bool get_frame(synfig::Surface &surface, const synfig::RendDesc &renddesc, synfig::Time time, synfig::ProgressCallback *callback); -diff -wbBur synfig-1.0-RC5/src/modules/mod_libavcodec/trgt_av.cpp synfig-1.0-RC5.my/src/modules/mod_libavcodec/trgt_av.cpp ---- synfig-1.0-RC5/src/modules/mod_libavcodec/trgt_av.cpp 2015-03-28 13:15:00.000000000 +0300 -+++ synfig-1.0-RC5.my/src/modules/mod_libavcodec/trgt_av.cpp 2015-04-28 16:46:54.720091106 +0300 -@@ -121,14 +121,14 @@ - picture = avcodec_alloc_frame(); - if (!picture) - return NULL; -- size = avpicture_get_size(pix_fmt, width, height); -+ size = avpicture_get_size((::PixelFormat)pix_fmt, width, height); - picture_buf = (uint8_t *)malloc(size); - if (!picture_buf) { - av_free(picture); - return NULL; - } - avpicture_fill((AVPicture *)picture, picture_buf, -- pix_fmt, width, height); -+ (::PixelFormat)pix_fmt, width, height); - return picture; - } - -diff -wbBur synfig-1.0.2/src/synfig/time.cpp synfig-1.0.2.my/src/synfig/time.cpp ---- synfig-1.0.2/src/synfig/time.cpp 2015-07-09 10:33:03.000000000 +0300 -+++ synfig-1.0.2.my/src/synfig/time.cpp 2015-10-12 13:54:58.382313903 +0300 -@@ -319,5 +319,5 @@ - bool - Time::is_valid()const - { -- return !isnan(value_); -+ return !::isnan(value_); - } diff --git a/gnu/packages/patches/synfigstudio-fix-ui-with-gtk3.patch b/gnu/packages/patches/synfigstudio-fix-ui-with-gtk3.patch new file mode 100644 index 0000000000..d7b3e92507 --- /dev/null +++ b/gnu/packages/patches/synfigstudio-fix-ui-with-gtk3.patch @@ -0,0 +1,55 @@ +Downloaded from +https://github.com/synfig/synfig/commit/b9c3b73ee35b83c4d9183c800809040cef98b2f2.patch + +Without this patch the UI of Synfig Studio (when built with the latest version +of GTK) displays very large buttons in the header of every frame. + +This patch can be removed with the next release. + + +From b9c3b73ee35b83c4d9183c800809040cef98b2f2 Mon Sep 17 00:00:00 2001 +From: caryoscelus <caryoscelus@gmx.com> +Date: Wed, 25 Jan 2017 18:34:39 +0300 +Subject: [PATCH] Fix dock drop area size + +Fixes #227 + +By using Frame instead of Button we avoid intrusive Gtk themes +from forcing huge drop area size. +--- + synfig-studio/src/gui/docks/dockdroparea.cpp | 15 ++++++++++----- + 1 file changed, 10 insertions(+), 5 deletions(-) + +diff --git a/src/gui/docks/dockdroparea.cpp b/synfig-studio/src/gui/docks/dockdroparea.cpp +index 0f8936fdb..e012282f0 100644 +--- a/src/gui/docks/dockdroparea.cpp ++++ b/src/gui/docks/dockdroparea.cpp +@@ -35,7 +35,7 @@ + #include "app.h" + #include "docks/dockdroparea.h" + #include "docks/dockmanager.h" +-#include <gtkmm/button.h> ++#include <gtkmm/frame.h> + + #endif + +@@ -61,10 +61,15 @@ DockDropArea::DockDropArea(Gtk::Widget *target): + std::vector<Gtk::TargetEntry> listTargets; + listTargets.push_back( Gtk::TargetEntry("SYNFIG_DOCK") ); + +- Gtk::Button *button_left = manage(new Gtk::Button()); +- Gtk::Button *button_right = manage(new Gtk::Button()); +- Gtk::Button *button_top = manage(new Gtk::Button()); +- Gtk::Button *button_bottom = manage(new Gtk::Button()); ++ Gtk::Frame *button_left = manage(new Gtk::Frame()); ++ Gtk::Frame *button_right = manage(new Gtk::Frame()); ++ Gtk::Frame *button_top = manage(new Gtk::Frame()); ++ Gtk::Frame *button_bottom = manage(new Gtk::Frame()); ++ ++ button_left->set_size_request(20, 10); ++ button_right->set_size_request(20, 10); ++ button_top->set_size_request(20, 10); ++ button_bottom->set_size_request(20, 10); + + button_left->drag_dest_set(listTargets); + button_right->drag_dest_set(listTargets); diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index aaa69075ef..1017c31dad 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -1574,14 +1574,14 @@ existing ones.") (define-public scons (package (name "scons") - (version "2.3.4") + (version "2.5.1") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/scons/scons/" version "/scons-" version ".tar.gz")) (sha256 (base32 - "0hdlci43wjz8maryj83mz04ir6rwcdrrzpd7cpzvdlzycqhdfmsb")))) + "1wji1z9jdkhnmm99apx6fhld9cs52rr56aigniyrcsmlwy52298b")))) (build-system python-build-system) (arguments ;; With Python 3.x, fails to build with a syntax error. @@ -14800,3 +14800,125 @@ information.") (define-public python2-packaging (package-with-python2 python-packaging)) + +(define-public python-sql + (package + (name "python-sql") + (version "0.9") + (source + (origin + (method url-fetch) + (uri (pypi-uri "python-sql" version)) + (sha256 + (base32 + "0p6kaqj02vz0habmdx37zjk6hjxdfm8aw737zs059vvpr70ird87")))) + (build-system python-build-system) + (home-page "https://python-sql.tryton.org/") + (synopsis "Library to write SQL queries in a pythonic way") + (description "@code{python-sql} is a library to write SQL queries, that +transforms idiomatic python function calls to well-formed SQL queries.") + (license license:bsd-3))) + +(define-public python2-sql + (package-with-python2 python-sql)) + +(define-public python-genshi + (package + (name "python-genshi") + (version "0.7") + (source + (origin + (method url-fetch) + (uri (string-append + "https://ftp.edgewall.org/pub/genshi/Genshi-" + version ".tar.gz")) + (patches + (search-patches + ;; The first 4 patches are in the master branch upstream. + ;; See this as a reference https://genshi.edgewall.org/ticket/582 + ;; The last 2 are NOT in any branch. + ;; They were sent as attachments to a ticket opened at + ;; https://genshi.edgewall.org/ticket/602#no1 + "python-genshi-stripping-of-unsafe-script-tags.patch" + "python-genshi-disable-speedups-on-python-3.3.patch" + "python-genshi-isstring-helper.patch" + "python-genshi-add-support-for-python-3.4-AST.patch" + "python-genshi-fix-tests-on-python-3.5.patch" + "python-genshi-buildable-on-python-2.7.patch")) + (sha256 + (base32 + "0lkkbp6fbwzv0zda5iqc21rr7rdldkwh3hfabfjl9i4bwq14858x")))) + (build-system python-build-system) + (home-page "https://genshi.edgewall.org/") + (synopsis "Toolkit for generation of output for the web") + (description "Genshi is a Python library that provides an integrated set +of components for parsing, generating, and processing HTML, XML or other +textual content for output generation on the web.") + (license license:bsd-3))) + +;; The linter here claims that patch file names should start with the package +;; name. But, in this case the patches are inherited from python-genshi with +;; the "python-genshi-" prefix instead of "python2-genshi-". +(define-public python2-genshi + (package-with-python2 python-genshi)) + +(define-public python-relatorio + (package + (name "python-relatorio") + (version "0.6.4") + (source + (origin + (method url-fetch) + (uri (pypi-uri "relatorio" version)) + (sha256 + (base32 + "0lincq79mzgazwd9gh41dybjh9c3n87r83pl8nk3j79aihyfk84z")))) + (build-system python-build-system) + (propagated-inputs + `(("python-lxml" ,python-lxml) + ("python-genshi" ,python-genshi))) + (home-page "https://relatorio.tryton.org/") + (synopsis "Templating library able to output ODT and PDF files") + (description "Relatorio is a templating library which provides a way to +easily output ODT, ODS, PNG, SVG and several other kinds of files. Support +for more filetypes can be easily added by creating plugins for them.") + (license license:gpl3+))) + +(define-public python2-relatorio + (package-with-python2 python-relatorio)) + +(define-public python-radon + (package + (name "python-radon") + (version "1.5.0") + (source + (origin + (method url-fetch) + (uri (pypi-uri "radon" version)) + (sha256 + (base32 + "1h6jv36am0i827182a04ki6291lyx4kp957xfr5njgprj4nd0qsl")))) + (build-system python-build-system) + (propagated-inputs + `(("python-colorama" ,python-colorama) + ("python-flake8-polyfill" ,python-flake8-polyfill) + ("python-mando" ,python-mando-0.3.1))) + (native-inputs + `(("python-flake8" ,python-flake8) + ("python-tox" ,python-tox) + ("python-pytest" ,python-pytest) + ("python-paramunittest" ,python-paramunittest))) + (home-page "https://radon.readthedocs.org/") + (synopsis "Code Metrics in Python") + (description "Radon is a Python tool which computes various code metrics. +Supported metrics are: +@itemize @bullet +@item raw metrics: SLOC, comment lines, blank lines, &c. +@item Cyclomatic Complexity (i.e. McCabe’s Complexity) +@item Halstead metrics (all of them) +@item the Maintainability Index (a Visual Studio metric) +@end itemize") + (license license:expat))) + +(define-public python2-radon + (package-with-python2 python-radon)) diff --git a/gnu/packages/qt.scm b/gnu/packages/qt.scm index d94c652ab2..e9cc4ce87e 100644 --- a/gnu/packages/qt.scm +++ b/gnu/packages/qt.scm @@ -349,7 +349,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtbase (package (name "qtbase") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -358,16 +358,18 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "01f07yjly7y24njl2h4hyknmi7pf8yd9gky23szcfkd40ap12wf1")) + "0v19spxa4sfq0a35nab9n8n2s3jd0443px0k45zhhg103apv4zi6")) (modules '((guix build utils))) (snippet + ;; corelib uses bundled harfbuzz, md4, md5, sha3 '(begin - ;; Remove one of the two bundled harfbuzz copies in addition - ;; to passing "-system-harfbuzz". - (delete-file-recursively "src/3rdparty/harfbuzz-ng") - ;; Remove the bundled sqlite copy in addition to - ;; passing "-system-sqlite". - (delete-file-recursively "src/3rdparty/sqlite"))))) + (for-each + (lambda (dir) + (delete-file-recursively (string-append "src/3rdparty/" dir))) + (list "double-conversion" "freetype" "harfbuzz-ng" + "libpng" "libjpeg" "pcre2" "sqlite" "xcb" + "xkbcommon" "zlib")) + #t)))) (build-system gnu-build-system) (propagated-inputs `(("mesa" ,mesa))) @@ -403,7 +405,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") ("mysql" ,mysql) ("nss" ,nss) ("openssl" ,openssl) - ("pcre" ,pcre) + ("pcre2" ,pcre2) ("postgresql" ,postgresql) ("pulseaudio" ,pulseaudio) ("sqlite" ,sqlite) @@ -459,11 +461,12 @@ developers using C++ or QML, a CSS & JavaScript like language.") ;; Do not build examples; if desired, these could go ;; into a separate output, but for the time being, we ;; prefer to save the space and build time. - "-nomake" "examples" + "-no-compile-examples" ;; Most "-system-..." are automatic, but some use ;; the bundled copy by default. "-system-sqlite" "-system-harfbuzz" + "-system-pcre" ;; explicitly link with openssl instead of dlopening it "-openssl-linked" ;; explicitly link with dbus instead of dlopening it @@ -529,7 +532,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtsvg (package (inherit qtbase) (name "qtsvg") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -538,7 +541,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "12fwzbp28szqw1sk3flb8i6xnxgl94siwyy41ffdmd0s44f1jwwq")))) + "0zpy53vb0ckaj71ffl450qv9kipl8gwwcbbras8kbg6bpl8srl8g")))) (propagated-inputs `()) (native-inputs `(("perl" ,perl))) (inputs @@ -572,7 +575,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtimageformats (package (inherit qtsvg) (name "qtimageformats") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -581,7 +584,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "0vv0wh5q5sih294x661djzwvgdwy7r6xpnxsc111k5hwq7m5w13m")) + "10alm3kz3md835hf5hx7322bak9pp9igi2knvymxsjqr8x87jq94")) (modules '((guix build utils))) (snippet '(delete-file-recursively "src/3rdparty")))) @@ -598,7 +601,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtx11extras (package (inherit qtsvg) (name "qtx11extras") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -607,7 +610,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "03i8lk9qcdf8h2k4f3rkqqkzbrlnyaspv9mgjkn4k61s2asz5mxy")))) + "0smzs29zqi77s1038ddkj3wzcchajqrjymwa5jgva7n2dn2x40wy")))) (arguments (substitute-keyword-arguments (package-arguments qtsvg) ((#:tests? _ #f) #f))) ; TODO: Enable the tests @@ -619,7 +622,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtxmlpatterns (package (inherit qtsvg) (name "qtxmlpatterns") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -628,7 +631,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "016s75j2cml7kc8scdm9a6pmxm8jhs424lml2h9znm1flmgadzvv")))) + "1f2mly7ddw4hpr3x0lpdahcikivwhiwa3238yrg4gz2c3lxj5y21")))) (arguments (substitute-keyword-arguments (package-arguments qtsvg) ((#:phases phases) @@ -644,7 +647,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtdeclarative (package (inherit qtsvg) (name "qtdeclarative") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -653,7 +656,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "0ilaf2sprpk9fg2j3905hxnhm0xbnm88ppk4zifp7n0jmnwix51j")))) + "1g9yz7q2laqs80m4i6zngxrq3pd7z5khr2f48glma8cmiw4p56rw")))) (arguments (substitute-keyword-arguments (package-arguments qtsvg) ((#:tests? _ #f) #f))) ; TODO: Enable the tests @@ -670,7 +673,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtconnectivity (package (inherit qtsvg) (name "qtconnectivity") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -679,7 +682,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "1w97na5s420y08dcydqinbqb0rd9h4pfdnjbwslr0qvzsvlh2bbv")))) + "0k52acsywr849nw86dfjqcv1lqgnq01akqrm0qjs7ysm1ayg8mcp")))) (arguments (substitute-keyword-arguments (package-arguments qtsvg) ((#:phases phases) @@ -702,7 +705,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtwebsockets (package (inherit qtsvg) (name "qtwebsockets") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -711,7 +714,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "1xa5p36grqxz3fa08amn7r3dy6k28g6y0gkc6jgj7lyhjzr0l4da")))) + "1ml60p50hr3f68l0fiyqg2pf6n37flzxafzasis42jm4m757m5v2")))) (arguments (substitute-keyword-arguments (package-arguments qtsvg) ((#:tests? _ #f) #f))) ; TODO: Enable the tests @@ -723,7 +726,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtsensors (package (inherit qtsvg) (name "qtsensors") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -732,7 +735,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "15p7bp21yj4cdl5yfc9qnn4lhhiwiwx3b71lrb431kgqxhwhcp9s")))) + "0jdaw0i6rirs66x4cjh8l24fsyp020x1mv1psyf3ffbkdq1pngjx")))) (native-inputs `(("perl" ,perl) ("qtdeclarative" ,qtdeclarative))) @@ -741,7 +744,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtmultimedia (package (inherit qtsvg) (name "qtmultimedia") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -750,7 +753,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "01sakngvsqr90qhrxyghfqdpddpxwbjyzzhm34k0hlpr6i409g58")) + "1vk0vlp9wapj1pip5v0v0sxynlig38m3a1qbjhid3rm27f971cqb")) (modules '((guix build utils))) (snippet '(begin @@ -776,7 +779,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtwayland (package (inherit qtsvg) (name "qtwayland") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -785,7 +788,11 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "06ilh55vaxbkyv7irw0n11gxgc34ypx2qhqawxzy7kllzg9zcl7z")))) + "0zlxlxrc15x69jwhcc6h0xi4mfchbb3pf27y3zy22yi3ynv2p04v")) + (modules '((guix build utils))) + (snippet + ;; The examples try to build and cause the build to fail + '(delete-file-recursively "examples")))) (native-inputs `(("glib" ,glib) ("perl" ,perl) @@ -807,7 +814,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtserialport (package (inherit qtsvg) (name "qtserialport") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -816,7 +823,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "1b86al3zn1pxyk0n59vh8bqxrpz2m0j33ygclaqbxl1sszg7ycaj")))) + "0zwxfbyn5rg6vyrgpi5c3n852vd32m37ghzyj4l50ljndlz2w0l0")))) (native-inputs `(("perl" ,perl))) (inputs `(("qtbase" ,qtbase) @@ -825,7 +832,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtserialbus (package (inherit qtsvg) (name "qtserialbus") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -834,7 +841,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "02n1b1wrvfg6c7z15c5c5gv9r5gd4pp58jrd1a8d8fg3ybcksd2q")))) + "1zw32ha5hz7zsdp8m2dk58kivxd66vkzijbnhi8jvzjp4nf0pm1f")))) (inputs `(("qtbase" ,qtbase) ("qtserialport" ,qtserialport))))) @@ -842,7 +849,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtwebchannel (package (inherit qtsvg) (name "qtwebchannel") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -851,7 +858,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "0jhbgp9rdp5lpwjrykxmg4lb60wk7gm3dldz5kp3b8ms2dab3xav")))) + "1fg1g2h9s9v6lg10ix59pzws35fyh3hh5x2005pyp84xdg47mvqj")))) (native-inputs `(("perl" ,perl) ("qtdeclarative" ,qtdeclarative) @@ -861,7 +868,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtlocation (package (inherit qtsvg) (name "qtlocation") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -870,7 +877,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "1fqssa8rhq83lnxjcdh4ijqck3lmqglpk8yax8x17w49v6gf78a8")))) + "1xia1y1pjill9m880rgmsl2zshcg1nvwkyfdb2lz8g8x9fj0pvp3")))) (arguments (substitute-keyword-arguments (package-arguments qtsvg) ((#:tests? _ #f) #f))) ; TODO: Enable the tests @@ -879,12 +886,16 @@ developers using C++ or QML, a CSS & JavaScript like language.") ("qtdeclarative" ,qtdeclarative) ("qtquickcontrols" ,qtquickcontrols) ("qtserialport" ,qtserialport))) - (inputs `(("qtbase" ,qtbase))))) + (inputs + `(("icu4c" ,icu4c) + ("openssl" ,openssl) + ("qtbase" ,qtbase) + ("zlib" ,zlib))))) (define-public qttools (package (inherit qtsvg) (name "qttools") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -893,7 +904,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "10wx4vydj91yag30457c7azx4ihrwky42l7zzwkbmdlksdv8xv4m")))) + "1vl5lapnbaam51pfw89pshh6rxqwfrbpj0j8gdhzdngr6n79dzk4")))) (arguments (substitute-keyword-arguments (package-arguments qtsvg) ((#:tests? _ #f) #f))) ; TODO: Enable the tests @@ -907,7 +918,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtscript (package (inherit qtsvg) (name "qtscript") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -916,7 +927,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "1lssbsjf2p2ag02fjq6k6vk7vywhj4jsl286r2fqi78q5lfvjfi9")) + "0r697ap324l8lnbqbhrrqzsl9k4nmk6lcijxlaqn3ksxgfzbcciw")) (patches (search-patches "qtscript-disable-tests.patch")))) (native-inputs `(("perl" ,perl) @@ -927,7 +938,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtquickcontrols (package (inherit qtsvg) (name "qtquickcontrols") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -936,7 +947,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "09mkswxw7wa2l8xz9fbblxr1pbi86hggis55j4k8ifnrrw60vrq4")))) + "1zjl2wp5407y8iabwi30j4jpxh2j4y0ijb5jvvpdq583nbzgyg8p")))) (arguments (substitute-keyword-arguments (package-arguments qtsvg) ((#:tests? _ #f) #f))) ; TODO: Enable the tests @@ -947,7 +958,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtquickcontrols2 (package (inherit qtsvg) (name "qtquickcontrols2") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -956,7 +967,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "06yy98x4vic2yrlpp83gf4kvl7kd93q62k178w0cy4sgqxp8d6dh")))) + "170xgk4jw1b1rpq8838dc5sb0dyv1jap3yfgg5hymrjzrk0nzaq9")))) (arguments (substitute-keyword-arguments (package-arguments qtsvg) ((#:tests? _ #f) #f))) ; TODO: Enable the tests @@ -967,7 +978,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtgraphicaleffects (package (inherit qtsvg) (name "qtgraphicaleffects") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -976,7 +987,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "06frknb7m8bgg55rs7jjm61iziisy2ykzrrc5dy3vj0aad89najz")))) + "1cz4ykwlm1c0hbv4d8y07bwyz87nkz5l9ss3f65vadm8zcabqw55")))) (arguments (substitute-keyword-arguments (package-arguments qtsvg) ((#:tests? _ #f) #f))) ; TODO: Enable the tests @@ -1010,7 +1021,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtgamepad (package (inherit qtsvg) (name "qtgamepad") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -1019,7 +1030,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "0dwcrq60h802z694h4108figlr3yvp8fpzhwjzbjm503v8yaxw5j")))) + "0lpj2qspidx6s2568m5v40j2zdnrl8zwjdp40zg4y2q6hy2gg597")))) (native-inputs `(("perl" ,perl) ("pkg-config" ,pkg-config))) @@ -1034,7 +1045,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtscxml (package (inherit qtsvg) (name "qtscxml") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -1043,7 +1054,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "1i4xl24q4i32mbhyndrwaz0xj79d9n84s320gmkf5rwnfcwrvfxn")) + "0f2jnhl30ij6y4wzlvgjsqgpaywq4g0wc4yjw8s888vcfl062nb4")) (modules '((guix build utils))) (snippet '(begin @@ -1058,7 +1069,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtpurchasing (package (inherit qtsvg) (name "qtpurchasing") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -1067,7 +1078,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "0mdkw73yx1csz9mf3wl0w1x1b8cv9j5px4nvakrknkjzaa9qgzdk")))) + "0xcka24qjdydqhf7fhn2i2ycn3zsi4vzqv9s77wzmaksrazwb13q")))) (inputs `(("qtbase" ,qtbase) ("qtdeclarative" ,qtdeclarative))))) @@ -1075,7 +1086,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtcanvas3d (package (inherit qtsvg) (name "qtcanvas3d") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -1084,7 +1095,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "18yaikbwk4d7sh09psi3kjn1mxjp4d2f3qchfzgq5x96yn8gfijl")) + "1jrv79rhpqyp4ip5fnf40plqcq9byl1fy8287ghq4jfhpm9bq5yq")) (modules '((guix build utils))) (snippet '(delete-file-recursively "examples/canvas3d/3rdparty")))) @@ -1109,7 +1120,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtcharts (package (inherit qtsvg) (name "qtcharts") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -1118,7 +1129,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "11m5g1fxip6z2xk1z6g6h4rq7v282qbkxflan8hs87hadnzars03")))) + "17m86csjymvcnprk8m4y6hx1qhlk9811rhqwwkqdymyyswx6xs3l")))) (arguments (substitute-keyword-arguments (package-arguments qtsvg) ((#:tests? _ #f) #f))) ; TODO: Enable the tests @@ -1129,7 +1140,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") (define-public qtdatavis3d (package (inherit qtsvg) (name "qtdatavis3d") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) (uri (string-append "https://download.qt.io/official_releases/qt/" @@ -1138,7 +1149,7 @@ developers using C++ or QML, a CSS & JavaScript like language.") version ".tar.xz")) (sha256 (base32 - "1n2vdf6n7pr9xrjwbvbar899q74shx6cy19x32adxfn2iilygwbp")))) + "1wvilla48jlw6zv2hc32ra0bs8p13s68sqbgr91bzbn7h7qaysv9")))) (arguments (substitute-keyword-arguments (package-arguments qtsvg) ((#:tests? _ #f) #f))) ; TODO: Enable the tests @@ -1441,7 +1452,7 @@ different kinds of sliders, and much more.") (define-public qtwebkit (package (name "qtwebkit") - (version "5.8.0") + (version "5.9.0") (source (origin (method url-fetch) @@ -1453,7 +1464,7 @@ different kinds of sliders, and much more.") ;; <http://lists.qt-project.org/pipermail/development/2016-May/025923.html>. (sha256 (base32 - "1v0vj6slyh19mjrrpbqdzb47fr0f4xk7bc8803xjzybb11h8dbkr")))) + "012fd8khiasfn8wx5ci310y94ap3y90a011f66cajm80fhxikbcd")))) (build-system gnu-build-system) (native-inputs `(("perl" ,perl) diff --git a/gnu/packages/regex.scm b/gnu/packages/regex.scm index 2b32aa3381..18b7a7ed79 100644 --- a/gnu/packages/regex.scm +++ b/gnu/packages/regex.scm @@ -28,7 +28,7 @@ (define-public re2 (package (name "re2") - (version "2017-05-01") + (version "2017-06-01") (source (origin (method url-fetch) (uri @@ -38,7 +38,7 @@ (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "19glvic4ipd122yhcavf7ifg7ms5k61398vq7gyb90wggf2w0z9k")))) + "0bjhmmcx17mc8gfbf3cc4bwjcyf415mas3026v3c35g5fsaxyq5v")))) (build-system gnu-build-system) (arguments `(#:modules ((guix build gnu-build-system) diff --git a/gnu/packages/scheme.scm b/gnu/packages/scheme.scm index f6aee005c4..eacfd733db 100644 --- a/gnu/packages/scheme.scm +++ b/gnu/packages/scheme.scm @@ -7,6 +7,7 @@ ;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org> ;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net> ;;; Copyright © 2017 John Darrington <jmd@gnu.org> +;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -780,7 +781,9 @@ engineering.") (let ((gzip (assoc-ref %build-inputs "gzip")) (source (assoc-ref %build-inputs "source")) (texinfo (assoc-ref %build-inputs "texinfo")) + (html-dir (string-append %output "/share/doc/" ,name "/html")) (info-dir (string-append %output "/share/info"))) + (copy-recursively (string-append source "/html") html-dir) (setenv "PATH" (string-append gzip "/bin" ":" texinfo "/bin")) (mkdir-p info-dir) diff --git a/gnu/packages/terminals.scm b/gnu/packages/terminals.scm index a8007586c9..028cc99bfd 100644 --- a/gnu/packages/terminals.scm +++ b/gnu/packages/terminals.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016 Mckinley Olsen <mck.olsen@gmail.com> -;;; Copyright © 2016 Alex Griffin <a@ajgrf.com> +;;; Copyright © 2016, 2017 Alex Griffin <a@ajgrf.com> ;;; Copyright © 2016 David Craven <david@craven.ch> ;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2016, 2017 José Miguel Sánchez García <jmi2k@openmailbox.org> @@ -146,17 +146,14 @@ insert mode and command mode where keybindings have different functions.") (define-public asciinema (package (name "asciinema") - (version "1.3.0") + (version "1.4.0") (source (origin (method url-fetch) - (uri (string-append - "https://pypi.python.org/packages/06/96/93947d9be78aebb7985014fdf" - "4d84896dd0f62514d922ee03f5bb55a21fb/asciinema-" version - ".tar.gz")) + (uri (pypi-uri "asciinema" version)) (sha256 (base32 - "1crdm9zfdbjflvz1gsqvy5zsbgwdfkj34z69kg6h5by70rrs1hdc")))) + "1jrf8c8711gkdilmvyv3d37kp8xfvdc5cqighw5k92a6g9z4acgv")))) (build-system python-build-system) (arguments `(#:phases diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index e9882bc6e6..23b04bad29 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -478,13 +478,13 @@ security, and applying best practice development processes.") (package (name "python-acme") ;; Remember to update the hash of certbot when updating python-acme. - (version "0.14.1") + (version "0.14.2") (source (origin (method url-fetch) (uri (pypi-uri "acme" version)) (sha256 (base32 - "0asmkfkzbswnkrvbj5m01xgy4f6g1fjbj2nir1hhrn3ipcdrsv8f")))) + "1kbgpjabbly7r757vyr1050ixnm9hyvrbf9n6aq49cgmb147ysqn")))) (build-system python-build-system) (arguments `(#:phases @@ -543,7 +543,7 @@ security, and applying best practice development processes.") (uri (pypi-uri name version)) (sha256 (base32 - "0rdby57hw35qdrbl7kigscphnz4kqb608bqzrcb73nb99092i6si")))) + "1b39hybswzm8mkarg1mwpx47wffqg57jcgi52mz5iz60rxym9j2v")))) (build-system python-build-system) (arguments `(#:python ,python-2 diff --git a/gnu/packages/tryton.scm b/gnu/packages/tryton.scm new file mode 100644 index 0000000000..c9e9e50f84 --- /dev/null +++ b/gnu/packages/tryton.scm @@ -0,0 +1,93 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Adriano Peluso <catonano@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu packages tryton) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (gnu packages) + #:use-module (gnu packages gtk) + #:use-module (gnu packages python) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix build-system python)) + +(define-public trytond + (package + (name "trytond") + (version "4.4.1") + (source + (origin + (method url-fetch) + (uri (string-append + "https://downloads.tryton.org/4.4/trytond-" + version ".tar.gz")) + (sha256 + (base32 + "15gm34qwj5fpnkqvrxzndl8653zbczhsa76dm1gi4cqj1r29bbpr")))) + (build-system python-build-system) + (inputs + `(("python-dateutil" ,python-dateutil) + ("python-genshi" ,python-genshi) + ("python-polib" ,python-polib) + ;; there's no python-mysql in Guix right now + ;; so python-psycopg2 (postgresql) only for now + ("python-psycopg2" ,python-psycopg2) + ("python-relatorio" ,python-relatorio) + ("python-lxml" ,python-lxml) + ("python-sql" ,python-sql) + ("python-werkzeug" ,python-werkzeug) + ("python-wrapt" ,python-wrapt))) + (native-inputs + `(("python-mock" ,python-mock))) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-before 'check 'preparations + (lambda _ + (setenv "DB_NAME" ":memory:")))))) + (home-page "https://www.tryton.org/") + (synopsis "Server component of Tryton") + (description "Tryton is a three-tier high-level general purpose +application platform using PostgreSQL as its main database engine. It is the +core base of a complete business solution providing modularity, scalability +and security.") + (license license:gpl3+))) + +(define-public tryton + (package + (name "tryton") + (version "4.4.0") + (source + (origin + (method url-fetch) + (uri (string-append + "https://downloads.tryton.org/4.4/tryton-" + version ".tar.gz")) + (sha256 + (base32 + "1lklcz5fs6rkrd7z2m2f5gz4fdwzkgnhg2hyvzp20kdsvi33bq2j")))) + (build-system python-build-system) + (inputs + `(("python2-chardet" ,python2-chardet) + ("python2-dateutil" ,python2-dateutil) + ("python2-pygtk" ,python2-pygtk))) + (arguments + `(#:python ,python-2)) + (home-page "https://www.tryton.org/") + (synopsis "Client component of Tryton") + (description "This package is the client component of Tryton.") + (license license:gpl3+))) diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm index cd684c04e7..12fc2c6cc3 100644 --- a/gnu/packages/version-control.scm +++ b/gnu/packages/version-control.scm @@ -14,6 +14,7 @@ ;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2017 Vasile Dumitrascu <va511e@yahoo.com> ;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org> +;;; Copyright © 2017 André <eu@euandre.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -423,6 +424,49 @@ as keys or passwords) in the same repository as your code, without requiring you to lock down your entire repository.") (license license:gpl3+))) +(define-public git-remote-gcrypt + (package + (name "git-remote-gcrypt") + (version "1.0.1") + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://git.spwhitton.name/git-remote-gcrypt") + (commit version))) + (file-name (string-append name "-" version "-checkout")) + (sha256 + (base32 + "0znrx77vpm4a8l7yiybsxk5vrawijqqfxmp1p2yhaaw8cbgrj7az")))) + (build-system trivial-build-system) + (arguments + `(#:modules ((guix build utils)) + #:builder (begin + (use-modules (guix build utils)) + (let* ((source (assoc-ref %build-inputs "source")) + (output (assoc-ref %outputs "out")) + (bindir (string-append output "/bin"))) + (install-file (string-append source "/git-remote-gcrypt") + bindir) + #t)))) + (home-page "https://spwhitton.name/tech/code/git-remote-gcrypt/") + (synopsis "Whole remote repository encryption") + (description "git-remote-gcrypt is a Git remote helper to push and pull from +repositories encrypted with GnuPG. It works with the standard Git transports, +including repository hosting services like GitLab. + +Remote helper programs are invoked by Git to handle network transport. This +helper handles @code{gcrypt:} URLs that access a remote repository encrypted +with GPG, using our custom format. + +Supported locations are local, @code{rsync://} and @code{sftp://}, where the +repository is stored as a set of files, or instead any Git URL where gcrypt +will store the same representation in a Git repository, bridged over arbitrary +Git transport. + +The aim is to provide confidential, authenticated Git storage and +collaboration using typical untrusted file hosts or services.") + (license license:gpl3+))) + (define-public cgit (package (name "cgit") diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 5399334f2e..ac2eec5f94 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -18,6 +18,7 @@ ;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2017 Chris Marusich <cmmarusich@gmail.com> ;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be> +;;; Copyright © 2017 Ethan R. Jones <doubleplusgood23@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -58,6 +59,7 @@ #:use-module (gnu packages cdrom) #:use-module (gnu packages cmake) #:use-module (gnu packages compression) + #:use-module (gnu packages cpp) #:use-module (gnu packages curl) #:use-module (gnu packages databases) #:use-module (gnu packages dejagnu) @@ -2052,3 +2054,102 @@ file format that has been used as a multimedia file format in a variety of platf applications. It is a very powerful and extensible format that can accommodate practically any type of media.") (license license:mpl1.1))) + +(define-public libmediainfo + (package + (name "libmediainfo") + (version "0.7.95") + (source (origin + (method url-fetch) + (uri (string-append "https://mediaarea.net/download/source/" + name "/" version"/" + name "_" version ".tar.bz2")) + (sha256 + (base32 + "1kchh6285b07z5nixv619hc9gml2ysdayicdiv30frrlqiyxqw4b")))) + ;; TODO add a Big Buck Bunny webm for tests. + (native-inputs + `(("autoconf" ,autoconf) + ("automake" ,automake) + ("libtool" ,libtool) + ("pkg-config" ,pkg-config) + ("zlib" ,zlib) + ("tinyxml2" ,tinyxml2) + ("curl" ,curl) + ("libzen" ,libzen))) + (build-system gnu-build-system) + (arguments + '(#:tests? #f ; see above TODO + #:phases + ;; build scripts not in root of archive + (modify-phases %standard-phases + (add-before 'configure 'pre-configure + (lambda _ + (chdir "Project/GNU/Library"))) + (add-before 'configure 'autogen + (lambda _ + (zero? (system* "./autogen.sh"))))))) + (home-page "https://mediaarea.net/en/MediaInfo") + (synopsis "Library for retrieving media metadata") + (description "MediaInfo is a library used for retrieving technical +information and other metadata about audio or video files. A non-exhaustive +list of the information MediaInfo can retrieve from media files include: + +@itemize +@item General: title, author, director, album, track number, date, duration... +@item Video: codec, aspect, fps, bitrate... +@item Audio: codec, sample rate, channels, language, bitrate... +@item Text: language of subtitle +@item Chapters: number of chapters, list of chapters +@end itemize + +MediaInfo supports the following formats: + +@itemize +@item Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1, +MPEG-2, MPEG-4, DVD (VOB)... +@item Video Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...) +@item Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF... +@item Subtitles: SRT, SSA, ASS, SAMI... +@end itemize\n") + (license license:bsd-2))) + +;; TODO also have a GUI version available +(define-public mediainfo + (package + (name "mediainfo") + (version "0.7.95") + (source (origin + (method url-fetch) + (uri (string-append "https://mediaarea.net/download/source/" + name "/" version "/" + name "_" version ".tar.bz2")) + (sha256 + (base32 + "0dy51a3i79jppmg1gi4f6h7jx4hcgnkmfim4d7d3gmnlbkjh8anv")))) + (native-inputs + `(("autoconf" ,autoconf) + ("automake" ,automake) + ("libtool" ,libtool) + ("pkg-config" ,pkg-config) + ("zlib" ,zlib) + ("libmediainfo", libmediainfo) + ("libzen" ,libzen))) + (build-system gnu-build-system) + (arguments + '(#:tests? #f ; lacks tests + #:phases + ;; build scripts not in root of archive + (modify-phases %standard-phases + (add-before 'configure 'pre-configure + (lambda _ + (chdir "Project/GNU/CLI"))) + (add-before 'configure 'autogen + (lambda _ + (zero? (system* "./autogen.sh"))))))) + (home-page "https://mediaarea.net/en/MediaInfo") + (synopsis "Utility for reading media metadata") + (description "MediaInfo is a utility used for retrieving technical +information and other metadata about audio or video files. It supports the +many codecs and formats supported by libmediainfo.") + (license license:bsd-2))) diff --git a/gnu/packages/vtk.scm b/gnu/packages/vtk.scm deleted file mode 100644 index 5a5c941270..0000000000 --- a/gnu/packages/vtk.scm +++ /dev/null @@ -1,93 +0,0 @@ -;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org> -;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> -;;; Copyright © 2016 Eric Bavier <bavier@member.fsf.org> -;;; -;;; This file is part of GNU Guix. -;;; -;;; GNU Guix is free software; you can redistribute it and/or modify it -;;; under the terms of the GNU General Public License as published by -;;; the Free Software Foundation; either version 3 of the License, or (at -;;; your option) any later version. -;;; -;;; GNU Guix is distributed in the hope that it will be useful, but -;;; WITHOUT ANY WARRANTY; without even the implied warranty of -;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -;;; GNU General Public License for more details. -;;; -;;; You should have received a copy of the GNU General Public License -;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. - -(define-module (gnu packages vtk) - #:use-module (guix packages) - #:use-module (guix download) - #:use-module ((guix licenses) #:select (bsd-3)) - #:use-module (guix utils) - #:use-module (guix build-system cmake) - #:use-module (gnu packages) - #:use-module (gnu packages compression) - #:use-module (gnu packages fontutils) - #:use-module (gnu packages gl) - #:use-module (gnu packages image) - #:use-module (gnu packages maths) - #:use-module (gnu packages serialization) - #:use-module (gnu packages xiph) - #:use-module (gnu packages xml) - #:use-module (gnu packages xorg)) - -(define-public vtk - (package - (name "vtk") - (version "7.1.0") - (source (origin - (method url-fetch) - (uri (string-append "http://www.vtk.org/files/release/" - (version-major+minor version) - "/VTK-" version ".tar.gz")) - (sha256 - (base32 - "0yj96z58haan77gzilnqp7xpf8hg5jk11a3jx55p2ksd400s0gjz")))) - (build-system cmake-build-system) - (arguments - '(#:build-type "Release" ;Build without '-g' to save space. - ;; -DVTK_USE_SYSTEM_NETCDF:BOOL=TRUE requires netcdf_cxx - #:configure-flags '("-DVTK_USE_SYSTEM_EXPAT:BOOL=TRUE" - "-DVTK_USE_SYSTEM_FREETYPE:BOOL=TRUE" - "-DVTK_USE_SYSTEM_HDF5:BOOL=TRUE" - "-DVTK_USE_SYSTEM_JPEG:BOOL=TRUE" - "-DVTK_USE_SYSTEM_JSONCPP:BOOL=TRUE" - "-DVTK_USE_SYSTEM_LIBXML2:BOOL=TRUE" - "-DVTK_USE_SYSTEM_OGGTHEORA:BOOL=TRUE" - "-DVTK_USE_SYSTEM_PNG:BOOL=TRUE" - "-DVTK_USE_SYSTEM_TIFF:BOOL=TRUE" - "-DVTK_USE_SYSTEM_ZLIB:BOOL=TRUE") - #:tests? #f)) ;XXX: no "test" target - (inputs - `(("libXt" ,libxt) - ("xproto" ,xproto) - ("libX11" ,libx11) - ("libxml2" ,libxml2) - ("mesa" ,mesa) - ("glu" ,glu) - ("expat" ,expat) - ("freetype" ,freetype) - ("hdf5" ,hdf5) - ("jpeg" ,libjpeg) - ("jsoncpp" ,jsoncpp) - ("libogg" ,libogg) - ("libtheora" ,libtheora) - ("png" ,libpng) - ("tiff" ,libtiff) - ("zlib" ,zlib))) - (home-page "http://www.vtk.org/") - (synopsis "Libraries for 3D computer graphics") - (description - "The Visualization Toolkit (VTK) is a C++ library for 3D computer graphics, -image processing and visualization. It supports a wide variety of -visualization algorithms including: scalar, vector, tensor, texture, and -volumetric methods; and advanced modeling techniques such as: implicit -modeling, polygon reduction, mesh smoothing, cutting, contouring, and Delaunay -triangulation. VTK has an extensive information visualization framework, has -a suite of 3D interaction widgets, supports parallel processing, and -integrates with various databases on GUI toolkits such as Qt and Tk.") - (license bsd-3))) diff --git a/gnu/packages/wm.scm b/gnu/packages/wm.scm index 607ef2b0e7..cd53091ced 100644 --- a/gnu/packages/wm.scm +++ b/gnu/packages/wm.scm @@ -9,7 +9,7 @@ ;;; Copyright © 2016 Al McElrath <hello@yrns.org> ;;; Copyright © 2016 Carlo Zancanaro <carlo@zancanaro.id.au> ;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org> -;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net> +;;; Copyright © 2016, 2017 ng0 <ng0@no-reply.pramatique.xyz> ;;; Copyright © 2016 doncatnip <gnopap@gmail.com> ;;; Copyright © 2016 Ivan Vilata i Balaguer <ivan@selidor.net> ;;; Copyright © 2017 Mekeor Melire <mekeor.melire@gmail.com> @@ -675,3 +675,80 @@ all of them. Currently supported window managers include: Keybinder works with GTK-based applications using the X Window System.") (home-page "https://github.com/engla/keybinder") (license license:gpl2+))) + +(define-public spectrwm + (package + (name "spectrwm") + (version "3.0.2") + (source + (origin + (method url-fetch) + (uri (let ((version-with-underscores + (string-join (string-split version #\.) "_"))) + (string-append "https://github.com/conformal/spectrwm/archive/" + "SPECTRWM_" version-with-underscores ".tar.gz"))) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "065b7j8s0lxw3p58fyf3c1mr5203pdm0kww42v245rlx0f005kl2")))) + (build-system gnu-build-system) + (arguments + `(#:make-flags (let ((pkg-config (lambda (flag) + (string-append + "$(shell pkg-config " flag " " + "xft fontconfig x11 libpng)")))) + (list + "CC=gcc" + (string-append "PREFIX=" %output) + (string-append "INCS=-I. " (pkg-config "--cflags")) + (string-append "LIBS=" (pkg-config "--libs") " -lm"))) + #:tests? #f ;No test suite + #:phases + (modify-phases %standard-phases + (add-before 'build 'change-dir + (lambda _ + (chdir "linux") #t)) + (add-after 'change-dir 'patch-makefile + (lambda _ + (substitute* "Makefile" + (("-g") "")))) + (add-after 'change-dir 'fix-freetype-include + (lambda _ + (substitute* "Makefile" + (("/usr/include/freetype2") + (string-append (assoc-ref %build-inputs "freetype") + "/include/freetype2"))))) + (delete 'configure)))) ;no 'configure' exists + (inputs + `(("freetype" ,freetype) + ("fontconfig" ,fontconfig) + ("libx11" ,libx11) + ("libxcursor" ,libxcursor) + ("libxrandr" ,libxrandr) + ("libxtst" ,libxtst) + ("libxft" ,libxft) + ("xcb-util" ,xcb-util) + ("xcb-util-wm" ,xcb-util-wm) + ("xcb-util-keysyms" ,xcb-util-keysyms))) + (native-inputs + `(("libxt" ,libxt) + ("pkg-config" ,pkg-config))) + (synopsis "Minimalistic automatic tiling window manager") + (description + "Spectrwm is a small dynamic tiling and reparenting window manager for X11. +It is inspired by Xmonad and dwm. Its major features include: + +@itemize +@item Navigation anywhere on all screens with either the keyboard or mouse +@item Customizable status bar +@item Restartable without losing state +@item Quick launch menu +@item Many screen layouts possible with a few simple key strokes +@item Move/resize floating windows +@item Extended Window Manager Hints (EWMH) support +@item Configureable tiling +@item Adjustable tile gap allows for a true one pixel border +@item Customizable colors and border width +@end itemize\n") + (home-page "https://github.com/conformal/spectrwm") + (license license:isc))) diff --git a/gnu/packages/xdisorg.scm b/gnu/packages/xdisorg.scm index 64907d8b5a..d9cee8a257 100644 --- a/gnu/packages/xdisorg.scm +++ b/gnu/packages/xdisorg.scm @@ -441,7 +441,7 @@ of the screen selected by mouse.") (define-public slop (package (name "slop") - (version "6.3.38") + (version "6.3.41") (source (origin (method url-fetch) (uri (string-append @@ -450,7 +450,7 @@ of the screen selected by mouse.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1jh08k7nqx6hr4rmb5damzqhnqiac439i6i51fmzymzw3fqykas8")))) + "1yiv0ak1z7zbmcdw0dwx2gpblrh7l7s3l7y7sgpx071dy8s4rqpb")))) (build-system cmake-build-system) (arguments '(#:tests? #f)) ; no "check" target @@ -472,7 +472,7 @@ selection's dimensions to stdout.") (define-public maim (package (name "maim") - (version "5.4.62") + (version "5.4.63") (source (origin (method url-fetch) (uri (string-append @@ -481,7 +481,7 @@ selection's dimensions to stdout.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "084czvwcicl8apjlv729inxx8rpycra76ignfjmcbaq0hhn6ip6w")))) + "0ncly3mmg9pihda3jfwmvfa4sd3xanrm8hpvfq7lr2rl8rqknx80")))) (build-system cmake-build-system) (arguments '(#:tests? #f)) ; no "check" target @@ -682,6 +682,7 @@ compact configuration syntax.") (method url-fetch) (uri (string-append "http://dist.schmorp.de/rxvt-unicode/Attic/" name "-" version ".tar.bz2")) + (patches (search-patches "rxvt-unicode-escape-sequences.patch")) (sha256 (base32 "1pddjn5ynblwfrdmskylrsxb9vfnk3w4jdnq2l8xn2pspkljhip9")))) @@ -957,6 +958,32 @@ demos. It also acts as a nice screen locker.") "http://metadata.ftp-master.debian.org/changelogs/" "/main/x/xscreensaver/xscreensaver_5.36-1_copyright"))))) +(define-public xsel + (package + (name "xsel") + (version "1.2.0") + (source (origin + (method url-fetch) + (uri (string-append "http://www.vergenet.net/~conrad/software" + "/xsel/download/xsel-" version ".tar.gz")) + (sha256 + (base32 + "070lbcpw77j143jrbkh0y1v10ppn1jwmjf92800w7x42vh4cw9xr")))) + (build-system gnu-build-system) + (inputs + `(("libxt" ,libxt))) + (home-page "http://www.vergenet.net/~conrad/software/xsel/") + (synopsis "Manipulate X selection") + (description + "XSel is a command-line program for getting and setting the contents of +the X selection. Normally this is only accessible by manually highlighting +information and pasting it with the middle mouse button. + +XSel reads from standard input and writes to standard output by default, +but can also follow a growing file, display contents, delete entries and more.") + (license (license:x11-style "file://COPYING" + "See COPYING in the distribution.")))) + (define-public xdpyprobe (package (name "xdpyprobe") diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm new file mode 100644 index 0000000000..2ed7b9e22f --- /dev/null +++ b/gnu/services/dns.scm @@ -0,0 +1,593 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu services dns) + #:use-module (gnu services) + #:use-module (gnu services configuration) + #:use-module (gnu services shepherd) + #:use-module (gnu system shadow) + #:use-module (gnu packages admin) + #:use-module (gnu packages dns) + #:use-module (guix packages) + #:use-module (guix records) + #:use-module (guix gexp) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-34) + #:use-module (srfi srfi-35) + #:use-module (ice-9 match) + #:use-module (ice-9 regex) + #:export (knot-service-type + knot-acl-configuration + knot-key-configuration + knot-keystore-configuration + knot-zone-configuration + knot-remote-configuration + knot-policy-configuration + knot-configuration + define-zone-entries + zone-file + zone-entry)) + +;;; +;;; Knot DNS. +;;; + +(define-record-type* <knot-key-configuration> + knot-key-configuration make-knot-key-configuration + knot-key-configuration? + (id knot-key-configuration-id + (default "")) + (algorithm knot-key-configuration-algorithm + (default #f)); one of #f, or an algorithm name + (secret knot-key-configuration-secret + (default ""))) + +(define-record-type* <knot-acl-configuration> + knot-acl-configuration make-knot-acl-configuration + knot-acl-configuration? + (id knot-acl-configuration-id + (default "")) + (address knot-acl-configuration-address + (default '())) + (key knot-acl-configuration-key + (default '())) + (action knot-acl-configuration-action + (default '())) + (deny? knot-acl-configuration-deny? + (default #f))) + +(define-record-type* <zone-entry> + zone-entry make-zone-entry + zone-entry? + (name zone-entry-name + (default "@")) + (ttl zone-entry-ttl + (default "")) + (class zone-entry-class + (default "IN")) + (type zone-entry-type + (default "A")) + (data zone-entry-data + (default ""))) + +(define-record-type* <zone-file> + zone-file make-zone-file + zone-file? + (entries zone-file-entries + (default '())) + (origin zone-file-origin + (default "")) + (ns zone-file-ns + (default "ns")) + (mail zone-file-mail + (default "hostmaster")) + (serial zone-file-serial + (default 1)) + (refresh zone-file-refresh + (default "2d")) + (retry zone-file-retry + (default "15m")) + (expiry zone-file-expiry + (default "2w")) + (nx zone-file-nx + (default "1h"))) +(define-record-type* <knot-keystore-configuration> + knot-keystore-configuration make-knot-keystore-configuration + knot-keystore-configuration? + (id knot-keystore-configuration-id + (default "")) + (backend knot-keystore-configuration-backend + (default 'pem)) + (config knot-keystore-configuration-config + (default "/var/lib/knot/keys/keys"))) + +(define-record-type* <knot-policy-configuration> + knot-policy-configuration make-knot-policy-configuration + knot-policy-configuration? + (id knot-policy-configuration-id + (default "")) + (keystore knot-policy-configuration-keystore + (default "default")) + (manual? knot-policy-configuration-manual? + (default #f)) + (single-type-signing? knot-policy-configuration-single-type-signing? + (default #f)) + (algorithm knot-policy-configuration-algorithm + (default "ecdsap256sha256")) + (ksk-size knot-policy-configuration-ksk-size + (default 256)) + (zsk-size knot-policy-configuration-zsk-size + (default 256)) + (dnskey-ttl knot-policy-configuration-dnskey-ttl + (default 'default)) + (zsk-lifetime knot-policy-configuration-zsk-lifetime + (default "30d")) + (propagation-delay knot-policy-configuration-propagation-delay + (default "1d")) + (rrsig-lifetime knot-policy-configuration-rrsig-lifetime + (default "14d")) + (rrsig-refresh knot-policy-configuration-rrsig-refresh + (default "7d")) + (nsec3? knot-policy-configuration-nsec3? + (default #f)) + (nsec3-iterations knot-policy-configuration-nsec3-iterations + (default 5)) + (nsec3-salt-length knot-policy-configuration-nsec3-salt-length + (default 8)) + (nsec3-salt-lifetime knot-policy-configuration-nsec3-salt-lifetime + (default "30d"))) + +(define-record-type* <knot-zone-configuration> + knot-zone-configuration make-knot-zone-configuration + knot-zone-configuration? + (domain knot-zone-configuration-domain + (default "")) + (file knot-zone-configuration-file + (default "")) ; the file where this zone is saved. + (zone knot-zone-configuration-zone + (default (zone-file))) ; initial content of the zone file + (master knot-zone-configuration-master + (default '())) + (ddns-master knot-zone-configuration-ddns-master + (default #f)) + (notify knot-zone-configuration-notify + (default '())) + (acl knot-zone-configuration-acl + (default '())) + (semantic-checks? knot-zone-configuration-semantic-checks? + (default #f)) + (disable-any? knot-zone-configuration-disable-any? + (default #f)) + (zonefile-sync knot-zone-configuration-zonefile-sync + (default 0)) + (dnssec-policy knot-zone-configuration-dnssec-policy + (default #f)) + (serial-policy knot-zone-configuration-serial-policy + (default 'increment))) + +(define-record-type* <knot-remote-configuration> + knot-remote-configuration make-knot-remote-configuration + knot-remote-configuration? + (id knot-remote-configuration-id + (default "")) + (address knot-remote-configuration-address + (default '())) + (via knot-remote-configuration-via + (default '())) + (key knot-remote-configuration-key + (default #f))) + +(define-record-type* <knot-configuration> + knot-configuration make-knot-configuration + knot-configuration? + (knot knot-configuration-knot + (default knot)) + (run-directory knot-configuration-run-directory + (default "/var/run/knot")) + (listen-v4 knot-configuration-listen-v4 + (default "0.0.0.0")) + (listen-v6 knot-configuration-listen-v6 + (default "::")) + (listen-port knot-configuration-listen-port + (default 53)) + (keys knot-configuration-keys + (default '())) + (keystores knot-configuration-keystores + (default '())) + (acls knot-configuration-acls + (default '())) + (remotes knot-configuration-remotes + (default '())) + (policies knot-configuration-policies + (default '())) + (zones knot-configuration-zones + (default '()))) + +(define-syntax define-zone-entries + (syntax-rules () + ((_ id (name ttl class type data) ...) + (define id (list (make-zone-entry name ttl class type data) ...))))) + +(define (error-out msg) + (raise (condition (&message (message msg))))) + +(define (verify-knot-key-configuration key) + (unless (knot-key-configuration? key) + (error-out "keys must be a list of only knot-key-configuration.")) + (let ((id (knot-key-configuration-id key))) + (unless (and (string? id) (not (equal? id ""))) + (error-out "key id must be a non empty string."))) + (unless (memq '(#f hmac-md5 hmac-sha1 hmac-sha224 hmac-sha256 hmac-sha384 hmac-sha512) + (knot-key-configuration-algorithm key)) + (error-out "algorithm must be one of: #f, 'hmac-md5, 'hmac-sha1, +'hmac-sha224, 'hmac-sha256, 'hmac-sha384 or 'hmac-sha512"))) + +(define (verify-knot-keystore-configuration keystore) + (unless (knot-keystore-configuration? keystore) + (error-out "keystores must be a list of only knot-keystore-configuration.")) + (let ((id (knot-keystore-configuration-id keystore))) + (unless (and (string? id) (not (equal? id ""))) + (error-out "keystore id must be a non empty string."))) + (unless (memq '(pem pkcs11) + (knot-keystore-configuration-backend keystore)) + (error-out "backend must be one of: 'pem or 'pkcs11"))) + +(define (verify-knot-policy-configuration policy) + (unless (knot-keystore-configuration? policy) + (error-out "policies must be a list of only knot-policy-configuration.")) + (let ((id (knot-policy-configuration-id policy))) + (unless (and (string? id) (not (equal? id ""))) + (error-out "policy id must be a non empty string.")))) + +(define (verify-knot-acl-configuration acl) + (unless (knot-acl-configuration? acl) + (error-out "acls must be a list of only knot-acl-configuration.")) + (let ((id (knot-acl-configuration-id acl)) + (address (knot-acl-configuration-address acl)) + (key (knot-acl-configuration-key acl)) + (action (knot-acl-configuration-action acl))) + (unless (and (string? id) (not (equal? id ""))) + (error-out "acl id must be a non empty string.")) + (unless (and (list? address) + (fold (lambda (x1 x2) (and (string? x1) (string? x2))) "" address)) + (error-out "acl address must be a list of strings."))) + (unless (boolean? (knot-acl-configuration-deny? acl)) + (error-out "deny? must be #t or #f."))) + +(define (verify-knot-zone-configuration zone) + (unless (knot-zone-configuration? zone) + (error-out "zones must be a list of only knot-zone-configuration.")) + (let ((domain (knot-zone-configuration-domain zone))) + (unless (and (string? domain) (not (equal? domain ""))) + (error-out "zone domain must be a non empty string.")))) + +(define (verify-knot-remote-configuration remote) + (unless (knot-remote-configuration? remote) + (error-out "remotes must be a list of only knot-remote-configuration.")) + (let ((id (knot-remote-configuration-id remote))) + (unless (and (string? id) (not (equal? id ""))) + (error-out "remote id must be a non empty string.")))) + +(define (verify-knot-configuration config) + (unless (package? (knot-configuration-knot config)) + (error-out "knot configuration field must be a package.")) + (unless (string? (knot-configuration-run-directory config)) + (error-out "run-directory must be a string.")) + (unless (list? (knot-configuration-keys config)) + (error-out "keys must be a list of knot-key-configuration.")) + (for-each (lambda (key) (verify-knot-key-configuration key)) + (knot-configuration-keys config)) + (unless (list? (knot-configuration-keystores config)) + (error-out "keystores must be a list of knot-keystore-configuration.")) + (for-each (lambda (keystore) (verify-knot-keystore-configuration keystore)) + (knot-configuration-keystores config)) + (unless (list? (knot-configuration-acls config)) + (error-out "acls must be a list of knot-acl-configuration.")) + (for-each (lambda (acl) (verify-knot-acl-configuration acl)) + (knot-configuration-acls config)) + (unless (list? (knot-configuration-zones config)) + (error-out "zones must be a list of knot-zone-configuration.")) + (for-each (lambda (zone) (verify-knot-zone-configuration zone)) + (knot-configuration-zones config)) + (unless (list? (knot-configuration-policies config)) + (error-out "policies must be a list of knot-policy-configuration.")) + (for-each (lambda (policy) (verify-knot-policy-configuration policy)) + (knot-configuration-policies config)) + (unless (list? (knot-configuration-remotes config)) + (error-out "remotes must be a list of knot-remote-configuration.")) + (for-each (lambda (remote) (verify-knot-remote-configuration remote)) + (knot-configuration-remotes config)) + #t) + +(define (format-string-list l) + "Formats a list of string in YAML" + (if (eq? l '()) + "" + (let ((l (reverse l))) + (string-append + "[" + (fold (lambda (x1 x2) + (string-append (if (symbol? x1) (symbol->string x1) x1) ", " + (if (symbol? x2) (symbol->string x2) x2))) + (car l) (cdr l)) + "]")))) + +(define (knot-acl-config acls) + (with-output-to-string + (lambda () + (for-each + (lambda (acl-config) + (let ((id (knot-acl-configuration-id acl-config)) + (address (knot-acl-configuration-address acl-config)) + (key (knot-acl-configuration-key acl-config)) + (action (knot-acl-configuration-action acl-config)) + (deny? (knot-acl-configuration-deny? acl-config))) + (format #t " - id: ~a\n" id) + (unless (eq? address '()) + (format #t " address: ~a\n" (format-string-list address))) + (unless (eq? key '()) + (format #t " key: ~a\n" (format-string-list key))) + (unless (eq? action '()) + (format #t " action: ~a\n" (format-string-list action))) + (format #t " deny: ~a\n" (if deny? "on" "off")))) + acls)))) + +(define (knot-key-config keys) + (with-output-to-string + (lambda () + (for-each + (lambda (key-config) + (let ((id (knot-key-configuration-id key-config)) + (algorithm (knot-key-configuration-algorithm key-config)) + (secret (knot-key-configuration-secret key-config))) + (format #t " - id: ~a\n" id) + (if algorithm + (format #t " algorithm: ~a\n" (symbol->string algorithm))) + (format #t " secret: ~a\n" secret))) + keys)))) + +(define (knot-keystore-config keystores) + (with-output-to-string + (lambda () + (for-each + (lambda (keystore-config) + (let ((id (knot-keystore-configuration-id keystore-config)) + (backend (knot-keystore-configuration-backend keystore-config)) + (config (knot-keystore-configuration-config keystore-config))) + (format #t " - id: ~a\n" id) + (format #t " backend: ~a\n" (symbol->string backend)) + (format #t " config: \"~a\"\n" config))) + keystores)))) + +(define (knot-policy-config policies) + (with-output-to-string + (lambda () + (for-each + (lambda (policy-config) + (let ((id (knot-policy-configuration-id policy-config)) + (keystore (knot-policy-configuration-keystore policy-config)) + (manual? (knot-policy-configuration-manual? policy-config)) + (single-type-signing? (knot-policy-configuration-single-type-signing? + policy-config)) + (algorithm (knot-policy-configuration-algorithm policy-config)) + (ksk-size (knot-policy-configuration-ksk-size policy-config)) + (zsk-size (knot-policy-configuration-zsk-size policy-config)) + (dnskey-ttl (knot-policy-configuration-dnskey-ttl policy-config)) + (zsk-lifetime (knot-policy-configuration-zsk-lifetime policy-config)) + (propagation-delay (knot-policy-configuration-propagation-delay + policy-config)) + (rrsig-lifetime (knot-policy-configuration-rrsig-lifetime + policy-config)) + (nsec3? (knot-policy-configuration-nsec3? policy-config)) + (nsec3-iterations (knot-policy-configuration-nsec3-iterations + policy-config)) + (nsec3-salt-length (knot-policy-configuration-nsec3-salt-length + policy-config)) + (nsec3-salt-lifetime (knot-policy-configuration-nsec3-salt-lifetime + policy-config))) + (format #t " - id: ~a\n" id) + (format #t " keystore: ~a\n" keystore) + (format #t " manual: ~a\n" (if manual? "on" "off")) + (format #t " single-type-signing: ~a\n" (if single-type-signing? + "on" "off")) + (format #t " algorithm: ~a\n" algorithm) + (format #t " ksk-size: ~a\n" (number->string ksk-size)) + (format #t " zsk-size: ~a\n" (number->string zsk-size)) + (unless (eq? dnskey-ttl 'default) + (format #t " dnskey-ttl: ~a\n" dnskey-ttl)) + (format #t " zsk-lifetime: ~a\n" zsk-lifetime) + (format #t " propagation-delay: ~a\n" propagation-delay) + (format #t " rrsig-lifetime: ~a\n" rrsig-lifetime) + (format #t " nsec3: ~a\n" (if nsec3? "on" "off")) + (format #t " nsec3-iterations: ~a\n" + (number->string nsec3-iterations)) + (format #t " nsec3-salt-length: ~a\n" + (number->string nsec3-salt-length)) + (format #t " nsec3-salt-lifetime: ~a\n" nsec3-salt-lifetime))) + policies)))) + +(define (knot-remote-config remotes) + (with-output-to-string + (lambda () + (for-each + (lambda (remote-config) + (let ((id (knot-remote-configuration-id remote-config)) + (address (knot-remote-configuration-address remote-config)) + (via (knot-remote-configuration-via remote-config)) + (key (knot-remote-configuration-key remote-config))) + (format #t " - id: ~a\n" id) + (unless (eq? address '()) + (format #t " address: ~a\n" (format-string-list address))) + (unless (eq? via '()) + (format #t " via: ~a\n" (format-string-list via))) + (if key + (format #t " key: ~a\n" key)))) + remotes)))) + +(define (serialize-zone-entries entries) + (with-output-to-string + (lambda () + (for-each + (lambda (entry) + (let ((name (zone-entry-name entry)) + (ttl (zone-entry-ttl entry)) + (class (zone-entry-class entry)) + (type (zone-entry-type entry)) + (data (zone-entry-data entry))) + (format #t "~a ~a ~a ~a ~a\n" name ttl class type data))) + entries)))) + +(define (serialize-zone-file zone domain) + (computed-file (string-append domain ".zone") + #~(begin + (call-with-output-file #$output + (lambda (port) + (format port "$ORIGIN ~a.\n" + #$(zone-file-origin zone)) + (format port "@ IN SOA ~a ~a (~a ~a ~a ~a ~a)\n" + #$(zone-file-ns zone) + #$(zone-file-mail zone) + #$(zone-file-serial zone) + #$(zone-file-refresh zone) + #$(zone-file-retry zone) + #$(zone-file-expiry zone) + #$(zone-file-nx zone)) + (format port "~a\n" + #$(serialize-zone-entries (zone-file-entries zone)))))))) + +(define (knot-zone-config zone) + (let ((content (knot-zone-configuration-zone zone))) + #~(with-output-to-string + (lambda () + (let ((domain #$(knot-zone-configuration-domain zone)) + (file #$(knot-zone-configuration-file zone)) + (master (list #$@(knot-zone-configuration-master zone))) + (ddns-master #$(knot-zone-configuration-ddns-master zone)) + (notify (list #$@(knot-zone-configuration-notify zone))) + (acl (list #$@(knot-zone-configuration-acl zone))) + (semantic-checks? #$(knot-zone-configuration-semantic-checks? zone)) + (disable-any? #$(knot-zone-configuration-disable-any? zone)) + (dnssec-policy #$(knot-zone-configuration-dnssec-policy zone)) + (serial-policy '#$(knot-zone-configuration-serial-policy zone))) + (format #t " - domain: ~a\n" domain) + (if (eq? master '()) + ;; This server is a master + (if (equal? file "") + (format #t " file: ~a\n" + #$(serialize-zone-file content + (knot-zone-configuration-domain zone))) + (format #t " file: ~a\n" file)) + ;; This server is a slave (has masters) + (begin + (format #t " master: ~a\n" + #$(format-string-list + (knot-zone-configuration-master zone))) + (if ddns-master (format #t " ddns-master ~a\n" ddns-master)))) + (unless (eq? notify '()) + (format #t " notify: ~a\n" + #$(format-string-list + (knot-zone-configuration-notify zone)))) + (unless (eq? acl '()) + (format #t " acl: ~a\n" + #$(format-string-list + (knot-zone-configuration-acl zone)))) + (format #t " semantic-checks: ~a\n" (if semantic-checks? "on" "off")) + (format #t " disable-any: ~a\n" (if disable-any? "on" "off")) + (if dnssec-policy + (begin + (format #t " dnssec-signing: on\n") + (format #t " dnssec-policy: ~a\n" dnssec-policy))) + (format #t " serial-policy: ~a\n" + (symbol->string serial-policy))))))) + +(define (knot-config-file config) + (verify-knot-configuration config) + (computed-file "knot.conf" + #~(begin + (call-with-output-file #$output + (lambda (port) + (format port "server:\n") + (format port " rundir: ~a\n" #$(knot-configuration-run-directory config)) + (format port " user: knot\n") + (format port " listen: ~a@~a\n" + #$(knot-configuration-listen-v4 config) + #$(knot-configuration-listen-port config)) + (format port " listen: ~a@~a\n" + #$(knot-configuration-listen-v6 config) + #$(knot-configuration-listen-port config)) + (format port "\nkey:\n") + (format port #$(knot-key-config (knot-configuration-keys config))) + (format port "\nkeystore:\n") + (format port #$(knot-keystore-config (knot-configuration-keystores config))) + (format port "\nacl:\n") + (format port #$(knot-acl-config (knot-configuration-acls config))) + (format port "\nremote:\n") + (format port #$(knot-remote-config (knot-configuration-remotes config))) + (format port "\npolicy:\n") + (format port #$(knot-policy-config (knot-configuration-policies config))) + (unless #$(eq? (knot-configuration-zones config) '()) + (format port "\nzone:\n") + (format port "~a\n" + (string-concatenate + (list #$@(map knot-zone-config + (knot-configuration-zones config))))))))))) + +(define %knot-accounts + (list (user-group (name "knot") (system? #t)) + (user-account + (name "knot") + (group "knot") + (system? #t) + (comment "knot dns server user") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))) + +(define (knot-activation config) + #~(begin + (use-modules (guix build utils)) + (define (mkdir-p/perms directory owner perms) + (mkdir-p directory) + (chown directory (passwd:uid owner) (passwd:gid owner)) + (chmod directory perms)) + (mkdir-p/perms #$(knot-configuration-run-directory config) + (getpwnam "knot") #o755) + (mkdir-p/perms "/var/lib/knot" (getpwnam "knot") #o755) + (mkdir-p/perms "/var/lib/knot/keys" (getpwnam "knot") #o755) + (mkdir-p/perms "/var/lib/knot/keys/keys" (getpwnam "knot") #o755))) + +(define (knot-shepherd-service config) + (let* ((config-file (knot-config-file config)) + (knot (knot-configuration-knot config))) + (list (shepherd-service + (documentation "Run the Knot DNS daemon.") + (provision '(knot dns)) + (requirement '(networking)) + (start #~(make-forkexec-constructor + (list (string-append #$knot "/sbin/knotd") + "-c" #$config-file))) + (stop #~(make-kill-destructor)))))) + +(define knot-service-type + (service-type (name 'knot) + (extensions + (list (service-extension shepherd-root-service-type + knot-shepherd-service) + (service-extension activation-service-type + knot-activation) + (service-extension account-service-type + (const %knot-accounts)))))) diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm index e5ac320b74..f5bbfafee3 100644 --- a/gnu/tests/base.scm +++ b/gnu/tests/base.scm @@ -199,6 +199,15 @@ info --version") ',users+homes)) marionette))) + (test-equal "permissions on /root" + #o700 + (let ((root-home #$(any (lambda (account) + (and (zero? (user-account-uid account)) + (user-account-home-directory + account))) + (operating-system-user-accounts os)))) + (stat:perms (marionette-eval `(stat ,root-home) marionette)))) + (test-equal "no extra home directories" '() diff --git a/guix/build-system/font.scm b/guix/build-system/font.scm new file mode 100644 index 0000000000..f448c302c2 --- /dev/null +++ b/guix/build-system/font.scm @@ -0,0 +1,130 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Arun Isaac <arunisaac@systemreboot.net> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (guix build-system font) + #:use-module (guix utils) + #:use-module (guix packages) + #:use-module (guix derivations) + #:use-module (guix search-paths) + #:use-module (guix build-system) + #:use-module (guix build-system gnu) + #:use-module (ice-9 match) + #:export (%font-build-system-modules + font-build + font-build-system)) + +;; Commentary: +;; +;; Standard build procedure for fonts. This is implemented as an extension of +;; 'gnu-build-system'. +;; +;; Code: + +(define %font-build-system-modules + ;; Build-side modules imported by default. + `((guix build font-build-system) + ,@%gnu-build-system-modules)) + +(define* (lower name + #:key source inputs native-inputs outputs system target + #:allow-other-keys + #:rest arguments) + "Return a bag for NAME." + (define private-keywords + '(#:target #:inputs #:native-inputs)) + + (bag + (name name) + (system system) + (host-inputs `(,@(if source + `(("source" ,source)) + '()) + ,@inputs + ,(list "tar" (module-ref (resolve-interface '(gnu packages base)) 'tar)) + ,(list "unzip" (module-ref (resolve-interface '(gnu packages zip)) 'unzip)) + ,@(let ((compression (resolve-interface '(gnu packages compression)))) + (map (match-lambda + ((name package) + (list name (module-ref compression package)))) + `(("gzip" gzip) + ("bzip2" bzip2) + ("xz" xz)))))) + (build-inputs native-inputs) + (outputs outputs) + (build font-build) + (arguments (strip-keyword-arguments private-keywords arguments)))) + +(define* (font-build store name inputs + #:key source + (tests? #t) + (test-target "test") + (configure-flags ''()) + (phases '(@ (guix build font-build-system) + %standard-phases)) + (outputs '("out")) + (search-paths '()) + (system (%current-system)) + (guile #f) + (imported-modules %font-build-system-modules) + (modules '((guix build font-build-system) + (guix build utils)))) + "Build SOURCE with INPUTS." + (define builder + `(begin + (use-modules ,@modules) + (font-build #:name ,name + #:source ,(match (assoc-ref inputs "source") + (((? derivation? source)) + (derivation->output-path source)) + ((source) + source) + (source + source)) + #:configure-flags ,configure-flags + #:system ,system + #:test-target ,test-target + #:tests? ,tests? + #:phases ,phases + #:outputs %outputs + #:search-paths ',(map search-path-specification->sexp + search-paths) + #:inputs %build-inputs))) + + (define guile-for-build + (match guile + ((? package?) + (package-derivation store guile system #:graft? #f)) + (#f ; the default + (let* ((distro (resolve-interface '(gnu packages commencement))) + (guile (module-ref distro 'guile-final))) + (package-derivation store guile system #:graft? #f))))) + + (build-expression->derivation store name builder + #:inputs inputs + #:system system + #:modules imported-modules + #:outputs outputs + #:guile-for-build guile-for-build)) + +(define font-build-system + (build-system + (name 'font) + (description "The build system for font packages") + (lower lower))) + +;;; font.scm ends here diff --git a/guix/build/download.scm b/guix/build/download.scm index ce4708a873..6ef6233346 100644 --- a/guix/build/download.scm +++ b/guix/build/download.scm @@ -296,6 +296,13 @@ session record port using PORT as its underlying communication port." (make-parameter (or (getenv "GUIX_TLS_CERTIFICATE_DIRECTORY") (getenv "SSL_CERT_DIR")))) ;like OpenSSL +(define (set-certificate-credentials-x509-trust-file!* cred file format) + "Like 'set-certificate-credentials-x509-trust-file!', but without the file +name decoding bug described at +<https://debbugs.gnu.org/cgi/bugreport.cgi?bug=26948#17>." + (let ((data (call-with-input-file file get-bytevector-all))) + (set-certificate-credentials-x509-trust-data! cred data format))) + (define (make-credendials-with-ca-trust-files directory) "Return certificate credentials with X.509 authority certificates read from DIRECTORY. Those authority certificates are checked when @@ -309,7 +316,7 @@ DIRECTORY. Those authority certificates are checked when (let ((file (string-append directory "/" file))) ;; Protect against dangling symlinks. (when (file-exists? file) - (set-certificate-credentials-x509-trust-file! + (set-certificate-credentials-x509-trust-file!* cred file x509-certificate-format/pem)))) (or files '())) diff --git a/guix/build/font-build-system.scm b/guix/build/font-build-system.scm new file mode 100644 index 0000000000..f2a646f6f4 --- /dev/null +++ b/guix/build/font-build-system.scm @@ -0,0 +1,72 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Arun Isaac <arunisaac@systemreboot.net> +;;; Copyright © 2017 Alex Griffin <a@ajgrf.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (guix build font-build-system) + #:use-module ((guix build gnu-build-system) #:prefix gnu:) + #:use-module (guix build utils) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26) + #:export (%standard-phases + font-build)) + +;; Commentary: +;; +;; Builder-side code of the build procedure for font packages. +;; +;; Code: + +(define gnu:unpack (assoc-ref gnu:%standard-phases 'unpack)) + +(define* (unpack #:key source #:allow-other-keys) + "Unpack SOURCE into the build directory. SOURCE may be a compressed +archive, or a font file." + (if (any (cut string-suffix? <> source) + (list ".ttf" ".otf")) + (begin + (mkdir "source") + (chdir "source") + (copy-file source (strip-store-file-name source)) + #t) + (gnu:unpack #:source source))) + +(define* (install #:key outputs #:allow-other-keys) + "Install the package contents." + (let* ((out (assoc-ref outputs "out")) + (source (getcwd)) + (fonts (string-append out "/share/fonts"))) + (for-each (cut install-file <> (string-append fonts "/truetype")) + (find-files source "\\.(ttf|ttc)$")) + (for-each (cut install-file <> (string-append fonts "/opentype")) + (find-files source "\\.(otf|otc)$")) + #t)) + +(define %standard-phases + (modify-phases gnu:%standard-phases + (replace 'unpack unpack) + (delete 'configure) + (delete 'check) + (delete 'build) + (replace 'install install))) + +(define* (font-build #:key inputs (phases %standard-phases) + #:allow-other-keys #:rest args) + "Build the given font package, applying all of PHASES in order." + (apply gnu:gnu-build #:inputs inputs #:phases phases args)) + +;;; font-build-system.scm ends here diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm index 0529c228a5..2def2a108f 100644 --- a/guix/build/syscalls.scm +++ b/guix/build/syscalls.scm @@ -62,6 +62,7 @@ file-system-fragment-size file-system-mount-flags statfs + free-disk-space processes mkdtemp! @@ -69,6 +70,9 @@ pivot-root fcntl-flock + set-thread-name + thread-name + CLONE_CHILD_CLEARTID CLONE_CHILD_SETTID CLONE_NEWNS @@ -694,6 +698,12 @@ mounted at FILE." (list file (strerror err)) (list err))))))) +(define (free-disk-space file) + "Return the free disk space, in bytes, on the file system that hosts FILE." + (let ((fs (statfs file))) + (* (file-system-block-size fs) + (file-system-blocks-available fs)))) + ;;; ;;; Containers. @@ -884,6 +894,52 @@ exception if it's already taken." ;;; +;;; Miscellaneous, aka. 'prctl'. +;;; + +(define %prctl + ;; Should it win the API contest against 'ioctl'? You tell us! + (syscall->procedure int "prctl" + (list int unsigned-long unsigned-long + unsigned-long unsigned-long))) + +(define PR_SET_NAME 15) ;<linux/prctl.h> +(define PR_GET_NAME 16) + +(define %max-thread-name-length + ;; Maximum length in bytes of the process name, including the terminating + ;; zero. + 16) + +(define (set-thread-name name) + "Set the name of the calling thread to NAME. NAME is truncated to 15 +bytes." + (let ((ptr (string->pointer name))) + (let-values (((ret err) + (%prctl PR_SET_NAME + (pointer-address ptr) 0 0 0))) + (unless (zero? ret) + (throw 'set-process-name "set-process-name" + "set-process-name: ~A" + (list (strerror err)) + (list err)))))) + +(define (thread-name) + "Return the name of the calling thread as a string." + (let ((buf (make-bytevector %max-thread-name-length))) + (let-values (((ret err) + (%prctl PR_GET_NAME + (pointer-address (bytevector->pointer buf)) + 0 0 0))) + (if (zero? ret) + (bytes->string (bytevector->u8-list buf)) + (throw 'process-name "process-name" + "process-name: ~A" + (list (strerror err)) + (list err)))))) + + +;;; ;;; Network interfaces. ;;; diff --git a/guix/derivations.scm b/guix/derivations.scm index 9aaab05ecb..b9ad9c9e8c 100644 --- a/guix/derivations.scm +++ b/guix/derivations.scm @@ -271,13 +271,14 @@ result is the set of prerequisites of DRV not already in valid." (define* (substitution-oracle store drv #:key (mode (build-mode normal))) "Return a one-argument procedure that, when passed a store file name, -returns #t if it's substitutable and #f otherwise. The returned procedure +returns a 'substitutable?' if it's substitutable and #f otherwise. +The returned procedure knows about all substitutes for all the derivations listed in DRV, *except* those that are already valid (that is, it won't bother checking whether an item is substitutable if it's already on disk); it also knows about their prerequisites, unless they are themselves substitutable. -Creating a single oracle (thus making a single 'substitutable-paths' call) and +Creating a single oracle (thus making a single 'substitutable-path-info' call) and reusing it is much more efficient than calling 'has-substitutes?' or similar repeatedly, because it avoids the costs associated with launching the substituter many times." @@ -318,21 +319,28 @@ substituter many times." (cons* self (dependencies drv) result))))) '() drv)))) - (subst (list->set (substitutable-paths store paths)))) - (cut set-contains? subst <>))) + (subst (fold (lambda (subst vhash) + (vhash-cons (substitutable-path subst) subst + vhash)) + vlist-null + (substitutable-path-info store paths)))) + (lambda (item) + (match (vhash-assoc item subst) + (#f #f) + ((key . value) value))))) (define* (derivation-prerequisites-to-build store drv #:key (mode (build-mode normal)) (outputs (derivation-output-names drv)) - (substitutable? + (substitutable-info (substitution-oracle store (list drv) #:mode mode))) "Return two values: the list of derivation-inputs required to build the OUTPUTS of DRV and not already available in STORE, recursively, and the list -of required store paths that can be substituted. SUBSTITUTABLE? must be a +of required store paths that can be substituted. SUBSTITUTABLE-INFO must be a one-argument procedure similar to that returned by 'substitution-oracle'." (define built? (cut valid-path? store <>)) @@ -343,7 +351,7 @@ one-argument procedure similar to that returned by 'substitution-oracle'." (define input-substitutable? ;; Return true if and only if all of SUB-DRVS are subsitutable. If at ;; least one is missing, then everything must be rebuilt. - (compose (cut every substitutable? <>) derivation-input-output-paths)) + (compose (cut every substitutable-info <>) derivation-input-output-paths)) (define (derivation-built? drv* sub-drvs) ;; In 'check' mode, assume that DRV is not built. @@ -351,20 +359,24 @@ one-argument procedure similar to that returned by 'substitution-oracle'." (eq? drv* drv))) (every built? (derivation-output-paths drv* sub-drvs)))) - (define (derivation-substitutable? drv sub-drvs) + (define (derivation-substitutable-info drv sub-drvs) (and (substitutable-derivation? drv) - (every substitutable? (derivation-output-paths drv sub-drvs)))) + (let ((info (filter-map substitutable-info + (derivation-output-paths drv sub-drvs)))) + (and (= (length info) (length sub-drvs)) + info)))) (let loop ((drv drv) (sub-drvs outputs) - (build '()) - (substitute '())) + (build '()) ;list of <derivation-input> + (substitute '())) ;list of <substitutable> (cond ((derivation-built? drv sub-drvs) (values build substitute)) - ((derivation-substitutable? drv sub-drvs) - (values build - (append (derivation-output-paths drv sub-drvs) - substitute))) + ((derivation-substitutable-info drv sub-drvs) + => + (lambda (substitutables) + (values build + (append substitutables substitute)))) (else (let ((build (if (substitutable-derivation? drv) build @@ -381,8 +393,9 @@ one-argument procedure similar to that returned by 'substitution-oracle'." (append (append-map (lambda (input) (if (and (not (input-built? input)) (input-substitutable? input)) - (derivation-input-output-paths - input) + (map substitutable-info + (derivation-input-output-paths + input)) '())) (derivation-inputs drv)) substitute) diff --git a/guix/git-download.scm b/guix/git-download.scm index 9f6d20ee38..316835502c 100644 --- a/guix/git-download.scm +++ b/guix/git-download.scm @@ -146,7 +146,8 @@ absolute file name and STAT is the result of 'lstat'." (line (loop (cons line lines)))))) (inodes (map (lambda (file) - (let ((stat (lstat file))) + (let ((stat (lstat + (string-append directory "/" file)))) (cons (stat:dev stat) (stat:ino stat)))) files)) (status (close-pipe pipe))) diff --git a/guix/licenses.scm b/guix/licenses.scm index 8396b1a3c6..6845b89d90 100644 --- a/guix/licenses.scm +++ b/guix/licenses.scm @@ -11,6 +11,7 @@ ;;; Copyright © 2016, 2017 ng0 <ng0@libertad.pw> ;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org> ;;; Copyright © 2017 Petter <petter@mykolab.ch> +;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -37,7 +38,8 @@ non-copyleft bsd-style ;deprecated! cc0 - cc-by2.0 cc-by3.0 cc-by-sa2.0 cc-by-sa3.0 cc-by-sa4.0 + cc-by2.0 cc-by3.0 cc-by4.0 + cc-by-sa2.0 cc-by-sa3.0 cc-by-sa4.0 cddl1.0 cecill cecill-b cecill-c artistic2.0 clarified-artistic @@ -181,6 +183,11 @@ at URI, which may be a file:// URI pointing the package's tree." "http://creativecommons.org/licenses/by-sa/2.0/" "Creative Commons Attribution-ShareAlike 2.0 Generic")) +(define cc-by4.0 + (license "CC-BY 4.0" + "http://creativecommons.org/licenses/by/4.0/" + "Creative Commons Attribution 4.0 Unported")) + (define cc-by3.0 (license "CC-BY 3.0" "http://creativecommons.org/licenses/by/3.0/" diff --git a/guix/scripts/gc.scm b/guix/scripts/gc.scm index 221467a108..0a9719d259 100644 --- a/guix/scripts/gc.scm +++ b/guix/scripts/gc.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2015, 2016 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2012, 2013, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -20,7 +20,7 @@ #:use-module (guix ui) #:use-module (guix scripts) #:use-module (guix store) - #:autoload (guix build syscalls) (statfs) + #:autoload (guix build syscalls) (free-disk-space) #:use-module (ice-9 match) #:use-module (ice-9 regex) #:use-module (srfi srfi-1) @@ -184,9 +184,7 @@ Invoke the garbage collector.\n")) (define (ensure-free-space store space) ;; Attempt to have at least SPACE bytes available in STORE. - (let* ((fs (statfs (%store-prefix))) - (free (* (file-system-block-size fs) - (file-system-blocks-available fs)))) + (let ((free (free-disk-space (%store-prefix)))) (if (> free space) (info (G_ "already ~h bytes available on ~a, nothing to do~%") free (%store-prefix)) diff --git a/guix/scripts/offload.scm b/guix/scripts/offload.scm index 74c0c5484c..77b340cff6 100644 --- a/guix/scripts/offload.scm +++ b/guix/scripts/offload.scm @@ -34,7 +34,8 @@ #:select (nar-error? nar-error-file)) #:use-module (guix nar) #:use-module (guix utils) - #:use-module ((guix build syscalls) #:select (fcntl-flock)) + #:use-module ((guix build syscalls) + #:select (fcntl-flock set-thread-name)) #:use-module ((guix build utils) #:select (which mkdir-p)) #:use-module (guix ui) #:use-module (srfi srfi-1) @@ -641,6 +642,7 @@ machine." (let ((max-silent-time (string->number max-silent-time)) (build-timeout (string->number build-timeout)) (print-build-trace? (string=? print-build-trace? "1"))) + (set-thread-name "guix offload") (parameterize ((%current-system system)) (let loop ((line (read-line))) (unless (eof-object? line) diff --git a/guix/scripts/publish.scm b/guix/scripts/publish.scm index c306b809a7..c49c0c3e20 100644 --- a/guix/scripts/publish.scm +++ b/guix/scripts/publish.scm @@ -58,6 +58,7 @@ #:select (with-atomic-file-output compressed-file?)) #:use-module ((guix build utils) #:select (dump-port mkdir-p find-files)) + #:use-module ((guix build syscalls) #:select (set-thread-name)) #:export (%public-key %private-key @@ -649,6 +650,7 @@ blocking." ;; thread so that the main thread can keep working in the meantime. (call-with-new-thread (lambda () + (set-thread-name "publish nar") (let* ((response (write-response (sans-content-length response) client)) (port (begin @@ -670,6 +672,7 @@ blocking." ;; Send a raw file in a separate thread. (call-with-new-thread (lambda () + (set-thread-name "publish file") (catch 'system-error (lambda () (call-with-input-file (utf8->string body) @@ -858,10 +861,16 @@ consider using the '--user' option!~%"))) (sockaddr:port address)) (when repl-port (repl:spawn-server (repl:make-tcp-server-socket #:port repl-port))) + + ;; Set the name of the main thread. + (set-thread-name "guix publish") + (with-store store (run-publish-server socket store #:cache cache - #:pool (and cache (make-pool workers)) + #:pool (and cache (make-pool workers + #:thread-name + "publish worker")) #:nar-path nar-path #:compression compression #:narinfo-ttl ttl)))))) diff --git a/guix/scripts/substitute.scm b/guix/scripts/substitute.scm index 73d4f6e2eb..71f30030b6 100755 --- a/guix/scripts/substitute.scm +++ b/guix/scripts/substitute.scm @@ -39,6 +39,8 @@ . guix:open-connection-for-uri) close-connection store-path-abbreviation byte-count->string)) + #:use-module ((guix build syscalls) + #:select (set-thread-name)) #:use-module (ice-9 rdelim) #:use-module (ice-9 regex) #:use-module (ice-9 match) @@ -872,15 +874,7 @@ DESTINATION as a nar file. Verify the substitute against ACL." (format #t "~a~%" (narinfo-hash narinfo)) (format (current-error-port) - ;; TRANSLATORS: The second part of this message looks like - ;; "(4.1MiB installed)"; it shows the size of the package once - ;; installed. - (G_ "Downloading ~a~:[~*~; (~a installed)~]...~%") - (uri->string uri) - ;; Use the Nar size as an estimate of the installed size. - (narinfo-size narinfo) - (and=> (narinfo-size narinfo) - (cute byte-count->string <>))) + (G_ "Downloading ~a...~%") (uri->string uri)) (let*-values (((raw download-size) ;; Note that Hydra currently generates Nars on the fly ;; and doesn't specify a Content-Length, so @@ -1015,6 +1009,8 @@ default value." (#f #f) (locale (false-if-exception (setlocale LC_ALL locale)))) + (set-thread-name "guix substitute") + (with-networking (with-error-handling ; for signature errors (match args diff --git a/guix/ui.scm b/guix/ui.scm index 9e0fa26d19..5060fd6dc7 100644 --- a/guix/ui.scm +++ b/guix/ui.scm @@ -38,7 +38,8 @@ #:use-module (guix serialization) #:use-module ((guix build utils) #:select (mkdir-p)) #:use-module ((guix licenses) #:select (license? license-name)) - #:use-module ((guix build syscalls) #:select (terminal-columns)) + #:use-module ((guix build syscalls) + #:select (free-disk-space terminal-columns)) #:use-module (srfi srfi-1) #:use-module (srfi srfi-11) #:use-module (srfi srfi-19) @@ -581,6 +582,17 @@ error." (derivation->output-path derivation out-name))) (derivation-outputs derivation)))) +(define (check-available-space need) + "Make sure at least NEED bytes are available in the store. Otherwise emit a +warning." + (let ((free (catch 'system-error + (lambda () + (free-disk-space (%store-prefix))) + (const #f)))) + (when (and free (>= need free)) + (warning (G_ "at least ~,1h MB needed but only ~,1h MB available in ~a~%") + (/ need 1e6) (/ free 1e6) (%store-prefix))))) + (define* (show-what-to-build store drv #:key dry-run? (use-substitutes? #t) (mode (build-mode normal))) @@ -588,7 +600,7 @@ error." derivations listed in DRV using MODE, a 'build-mode' value. Return #t if there's something to build, #f otherwise. When USE-SUBSTITUTES?, check and report what is prerequisites are available for download." - (define substitutable? + (define substitutable-info ;; Call 'substitutation-oracle' upfront so we don't end up launching the ;; substituter many times. This makes a big difference, especially when ;; DRV is a long list as is the case with 'guix environment'. @@ -600,7 +612,7 @@ report what is prerequisites are available for download." (or (null? (derivation-outputs drv)) (let ((out (derivation->output-path drv))) ;XXX: assume "out" exists (or (valid-path? store out) - (substitutable? out))))) + (substitutable-info out))))) (let*-values (((build download) (fold2 (lambda (drv build download) @@ -608,7 +620,8 @@ report what is prerequisites are available for download." (derivation-prerequisites-to-build store drv #:mode mode - #:substitutable? substitutable?))) + #:substitutable-info + substitutable-info))) (values (append b build) (append d download)))) '() '() @@ -622,13 +635,26 @@ report what is prerequisites are available for download." (if use-substitutes? (delete-duplicates (append download - (remove (cut valid-path? store <>) - (append-map - substitutable-references - (substitutable-path-info store - download))))) + (filter-map (lambda (item) + (if (valid-path? store item) + #f + (substitutable-info item))) + (append-map + substitutable-references + download)))) download))) - ;; TODO: Show the installed size of DOWNLOAD. + (define installed-size + (reduce + 0 (map substitutable-nar-size download))) + + (define download-size + (/ (reduce + 0 (map substitutable-download-size download)) + 1e6)) + + (define display-download-size? + ;; Sometimes narinfos lack information about the download size. Only + ;; display when we have information for all of DOWNLOAD. + (not (any (compose zero? substitutable-download-size) download))) + (if dry-run? (begin (format (current-error-port) @@ -636,22 +662,43 @@ report what is prerequisites are available for download." "~:[The following derivations would be built:~%~{ ~a~%~}~;~]" (length build)) (null? build) build) - (format (current-error-port) - (N_ "~:[The following file would be downloaded:~%~{ ~a~%~}~;~]" - "~:[The following files would be downloaded:~%~{ ~a~%~}~;~]" - (length download)) - (null? download) download)) + (if display-download-size? + (format (current-error-port) + ;; TRANSLATORS: "MB" is for "megabyte"; it should be + ;; translated to the corresponding abbreviation. + (G_ "~:[~,1h MB would be downloaded:~%~{ ~a~%~}~;~]") + (null? download) + download-size + (map substitutable-path download)) + (format (current-error-port) + (N_ "~:[The following file would be downloaded:~%~{ ~a~%~}~;~]" + "~:[The following files would be downloaded:~%~{ ~a~%~}~;~]" + (length download)) + (null? download) + (map substitutable-path download)))) (begin (format (current-error-port) (N_ "~:[The following derivation will be built:~%~{ ~a~%~}~;~]" "~:[The following derivations will be built:~%~{ ~a~%~}~;~]" (length build)) (null? build) build) - (format (current-error-port) - (N_ "~:[The following file will be downloaded:~%~{ ~a~%~}~;~]" - "~:[The following files will be downloaded:~%~{ ~a~%~}~;~]" - (length download)) - (null? download) download))) + (if display-download-size? + (format (current-error-port) + ;; TRANSLATORS: "MB" is for "megabyte"; it should be + ;; translated to the corresponding abbreviation. + (G_ "~:[~,1h MB will be downloaded:~%~{ ~a~%~}~;~]") + (null? download) + download-size + (map substitutable-path download)) + (format (current-error-port) + (N_ "~:[The following file will be downloaded:~%~{ ~a~%~}~;~]" + "~:[The following files will be downloaded:~%~{ ~a~%~}~;~]" + (length download)) + (null? download) + (map substitutable-path download))))) + + (check-available-space installed-size) + (pair? build))) (define show-what-to-build* diff --git a/guix/workers.scm b/guix/workers.scm index e3452d249a..846f5e50a9 100644 --- a/guix/workers.scm +++ b/guix/workers.scm @@ -23,6 +23,7 @@ #:use-module (srfi srfi-1) #:use-module (srfi srfi-9) #:use-module (srfi srfi-26) + #:use-module ((guix build syscalls) #:select (set-thread-name)) #:export (pool? make-pool pool-enqueue! @@ -60,7 +61,8 @@ (lambda () (lock-mutex mutex)))) -(define (worker-thunk mutex condvar pop-queue) +(define* (worker-thunk mutex condvar pop-queue + #:key (thread-name "guix worker")) "Return the thunk executed by worker threads." (define (loop) (match (pop-queue) @@ -80,11 +82,18 @@ (loop)) (lambda () + (catch 'system-error + (lambda () + (set-thread-name thread-name)) + (const #f)) + (with-mutex mutex (loop)))) -(define* (make-pool #:optional (count (current-processor-count))) - "Return a pool of COUNT workers." +(define* (make-pool #:optional (count (current-processor-count)) + #:key (thread-name "guix worker")) + "Return a pool of COUNT workers. Use THREAD-NAME as the name of these +threads as reported by the operating system." (let* ((mutex (make-mutex)) (condvar (make-condition-variable)) (queue (make-q)) @@ -93,7 +102,8 @@ (worker-thunk mutex condvar (lambda () (and (not (q-empty? queue)) - (q-pop! queue))))) + (q-pop! queue))) + #:thread-name thread-name)) 1+ 0)) (threads (map (lambda (proc) diff --git a/nix/libstore/build.cc b/nix/libstore/build.cc index 9b7bb5391c..a93095dd1e 100644 --- a/nix/libstore/build.cc +++ b/nix/libstore/build.cc @@ -2449,8 +2449,11 @@ void DerivationGoal::registerOutputs() Hash h2 = recursive ? hashPath(ht, actualPath).first : hashFile(ht, actualPath); if (h != h2) throw BuildError( - format("output path `%1%' should have %2% hash `%3%', instead has `%4%'") - % path % i->second.hashAlgo % printHash16or32(h) % printHash16or32(h2)); + format("%1% hash mismatch for output path `%2%'\n" + " expected: %3%\n" + " actual: %4%") + % i->second.hashAlgo % path + % printHash16or32(h) % printHash16or32(h2)); } /* Get rid of all weird permissions. This also checks that @@ -3096,7 +3099,9 @@ void SubstitutionGoal::finished() Hash expectedHash = parseHash16or32(hashType, string(expectedHashStr, n + 1)); Hash actualHash = hashType == htSHA256 ? hash.first : hashPath(hashType, destPath).first; if (expectedHash != actualHash) - throw SubstError(format("hash mismatch in downloaded path `%1%': expected %2%, got %3%") + throw SubstError(format("hash mismatch in downloaded path `%1%'\n" + " expected: %2%\n" + " actual: %3%") % storePath % printHash(expectedHash) % printHash(actualHash)); } diff --git a/tests/containers.scm b/tests/containers.scm index 0b3a4be12b..5323e5037d 100644 --- a/tests/containers.scm +++ b/tests/containers.scm @@ -194,11 +194,12 @@ %namespaces 1 (lambda () (sleep 100)))) + (expected (namespaces pid)) (result (container-excursion* pid (lambda () (namespaces 1))))) (kill pid SIGKILL) - (equal? result (namespaces pid)))))) + (equal? result expected))))) (skip-if-unsupported) (test-equal "container-excursion*, same namespaces" diff --git a/tests/derivations.scm b/tests/derivations.scm index cabbf7b951..f3aad1b906 100644 --- a/tests/derivations.scm +++ b/tests/derivations.scm @@ -831,10 +831,10 @@ (derivation-prerequisites-to-build store drv)) ((build* download*) (derivation-prerequisites-to-build store drv - #:substitutable? + #:substitutable-info (const #f)))) (and (null? build) - (equal? download (list output)) + (equal? (map substitutable-path download) (list output)) (null? download*) (null? build*)))))) @@ -879,7 +879,7 @@ ;; See <http://bugs.gnu.org/18747>. (and (null? build) (match download - (((? string? item)) + (((= substitutable-path item)) (string=? item (derivation->output-path drv)))))))))) (test-assert "derivation-prerequisites-to-build in 'check' mode" @@ -919,7 +919,7 @@ (set! query paths) '()) - (mock ((guix store) substitutable-paths + (mock ((guix store) substitutable-path-info record-substitutable-path-query) (let ((pred (substitution-oracle store (list drv)))) diff --git a/tests/guix-package-net.sh b/tests/guix-package-net.sh index 1eff6abba3..927c856b23 100644 --- a/tests/guix-package-net.sh +++ b/tests/guix-package-net.sh @@ -49,7 +49,7 @@ profile="t-profile-$$" profile_alt="t-profile-alt-$$" rm -f "$profile" -trap 'rm -f "$profile" "$profile_alt" "$profile-"[0-9]* ; rm -rf t-home-'"$$" EXIT +trap 'rm -f "$profile" "$profile_alt" "$profile-"[0-9]* "$profile_alt-"[0-9]* ; rm -rf t-home-'"$$" EXIT guix package --bootstrap -p "$profile" -i guile-bootstrap diff --git a/tests/syscalls.scm b/tests/syscalls.scm index 8db45b41b6..e20f0600bc 100644 --- a/tests/syscalls.scm +++ b/tests/syscalls.scm @@ -266,6 +266,14 @@ (close-port file) result))))))))) +(test-equal "set-thread-name" + "Syscall Test" + (let ((name (thread-name))) + (set-thread-name "Syscall Test") + (let ((new-name (thread-name))) + (set-thread-name name) + new-name))) + (test-assert "all-network-interface-names" (match (all-network-interface-names) (((? string? names) ..1) |