diff options
author | Marius Bakke <marius@gnu.org> | 2022-08-11 22:15:22 +0200 |
---|---|---|
committer | Marius Bakke <marius@gnu.org> | 2022-08-11 22:15:22 +0200 |
commit | b50eaa67642ebc25e9c896f2e700c08610e0a5da (patch) | |
tree | e3358208e17a836c2e3cdb3125f815a2ab35c2b8 /gnu/packages/patches | |
parent | 7b69cd07408bf64fff026e4597920a90259e3205 (diff) | |
parent | 99b73f60415b282f2be39134f385cbda4840c336 (diff) | |
download | guix-b50eaa67642ebc25e9c896f2e700c08610e0a5da.tar guix-b50eaa67642ebc25e9c896f2e700c08610e0a5da.tar.gz |
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/patches')
33 files changed, 2067 insertions, 613 deletions
diff --git a/gnu/packages/patches/aoflagger-use-system-provided-pybind11.patch b/gnu/packages/patches/aoflagger-use-system-provided-pybind11.patch new file mode 100644 index 0000000000..76bc52a4ba --- /dev/null +++ b/gnu/packages/patches/aoflagger-use-system-provided-pybind11.patch @@ -0,0 +1,38 @@ +This patch was borrowed from Debian's package: +https://salsa.debian.org/debian-astro-team/aoflagger/-/blob/0484ef75a663e3e07738550cdade46f433a53dac/debian/patches/Use-system-provided-pybind11.patch +Description: Use system provided pybind11 +Author: Ole Streicher <olebole@debian.org> +Origin: Debian +Last-Update: Mon, 30 Aug 2021 11:05:37 +0200 +--- + CMakeLists.txt | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 655ea5e..824ee2a 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -62,11 +62,6 @@ foreach(ExternalSubmodule IN LISTS ExternalSubmoduleDirectories) + endif() + endforeach() + +-# Include aocommon/pybind11 headers +-include_directories("${CMAKE_SOURCE_DIR}/external/aocommon/include") +-add_subdirectory("${CMAKE_SOURCE_DIR}/external/pybind11") +-include_directories(SYSTEM ${pybind11_INCLUDE_DIR}) +- + find_package( + HDF5 + COMPONENTS C CXX +@@ -101,6 +96,11 @@ find_package(PythonInterp REQUIRED) + message(STATUS "Using python version ${PYTHON_VERSION_STRING}") + include_directories(SYSTEM ${PYTHON_INCLUDE_DIRS}) + ++# Include pybind11 headers ++find_package(pybind11 REQUIRED) ++include_directories("${CMAKE_SOURCE_DIR}/external/aocommon/include") ++include_directories(${pybind11_INCLUDE_DIR}) ++ + # boost::alignment requires Boost 1.56 + find_package(Boost 1.56.0 REQUIRED COMPONENTS date_time filesystem system + unit_test_framework) diff --git a/gnu/packages/patches/aspell-CVE-2019-25051.patch b/gnu/packages/patches/aspell-CVE-2019-25051.patch new file mode 100644 index 0000000000..a7471dacd4 --- /dev/null +++ b/gnu/packages/patches/aspell-CVE-2019-25051.patch @@ -0,0 +1,99 @@ +https://github.com/gnuaspell/aspell/commit/0718b375425aad8e54e1150313b862e4c6fd324a +https://nvd.nist.gov/vuln/detail/CVE-2019-25051 + +From 0718b375425aad8e54e1150313b862e4c6fd324a Mon Sep 17 00:00:00 2001 +From: Kevin Atkinson <kevina@gnu.org> +Date: Sat, 21 Dec 2019 20:32:47 +0000 +Subject: [PATCH] objstack: assert that the alloc size will fit within a chunk + to prevent a buffer overflow + +Bug found using OSS-Fuze. +--- + common/objstack.hpp | 18 ++++++++++++++---- + 1 file changed, 14 insertions(+), 4 deletions(-) + +diff --git a/common/objstack.hpp b/common/objstack.hpp +index 3997bf7..bd97ccd 100644 +--- a/common/objstack.hpp ++++ b/common/objstack.hpp +@@ -5,6 +5,7 @@ + #include "parm_string.hpp" + #include <stdlib.h> + #include <assert.h> ++#include <stddef.h> + + namespace acommon { + +@@ -26,6 +27,12 @@ class ObjStack + byte * temp_end; + void setup_chunk(); + void new_chunk(); ++ bool will_overflow(size_t sz) const { ++ return offsetof(Node,data) + sz > chunk_size; ++ } ++ void check_size(size_t sz) { ++ assert(!will_overflow(sz)); ++ } + + ObjStack(const ObjStack &); + void operator=(const ObjStack &); +@@ -56,7 +63,7 @@ class ObjStack + void * alloc_bottom(size_t size) { + byte * tmp = bottom; + bottom += size; +- if (bottom > top) {new_chunk(); tmp = bottom; bottom += size;} ++ if (bottom > top) {check_size(size); new_chunk(); tmp = bottom; bottom += size;} + return tmp; + } + // This alloc_bottom will insure that the object is aligned based on the +@@ -66,7 +73,7 @@ class ObjStack + align_bottom(align); + byte * tmp = bottom; + bottom += size; +- if (bottom > top) {new_chunk(); goto loop;} ++ if (bottom > top) {check_size(size); new_chunk(); goto loop;} + return tmp; + } + char * dup_bottom(ParmString str) { +@@ -79,7 +86,7 @@ class ObjStack + // always be aligned as such. + void * alloc_top(size_t size) { + top -= size; +- if (top < bottom) {new_chunk(); top -= size;} ++ if (top < bottom) {check_size(size); new_chunk(); top -= size;} + return top; + } + // This alloc_top will insure that the object is aligned based on +@@ -88,7 +95,7 @@ class ObjStack + {loop: + top -= size; + align_top(align); +- if (top < bottom) {new_chunk(); goto loop;} ++ if (top < bottom) {check_size(size); new_chunk(); goto loop;} + return top; + } + char * dup_top(ParmString str) { +@@ -117,6 +124,7 @@ class ObjStack + void * alloc_temp(size_t size) { + temp_end = bottom + size; + if (temp_end > top) { ++ check_size(size); + new_chunk(); + temp_end = bottom + size; + } +@@ -131,6 +139,7 @@ class ObjStack + } else { + size_t s = temp_end - bottom; + byte * p = bottom; ++ check_size(size); + new_chunk(); + memcpy(bottom, p, s); + temp_end = bottom + size; +@@ -150,6 +159,7 @@ class ObjStack + } else { + size_t s = temp_end - bottom; + byte * p = bottom; ++ check_size(size); + new_chunk(); + memcpy(bottom, p, s); + temp_end = bottom + size; diff --git a/gnu/packages/patches/barony-fix-textures.patch b/gnu/packages/patches/barony-fix-textures.patch new file mode 100644 index 0000000000..712f0d63c6 --- /dev/null +++ b/gnu/packages/patches/barony-fix-textures.patch @@ -0,0 +1,237 @@ +From: Sylvain <sylvain.becker@gmail.com> +Date: Sat, 10 Apr 2021 21:33:29 +0200 +Subject: [PATCH] Fixed bug 580 - Use 'userdata' instead of 'refcount' + 'refcount' is a private SDL_Surface field + +--- + src/draw.cpp | 22 +++++++++++----------- + src/files.cpp | 2 +- + src/opengl.cpp | 26 +++++++++++++------------- + src/savepng.cpp | 2 +- + 4 files changed, 26 insertions(+), 26 deletions(-) + +diff --git a/src/draw.cpp b/src/draw.cpp +index 08f95343f..4e62c751a 100644 +--- a/src/draw.cpp ++++ b/src/draw.cpp +@@ -443,7 +443,7 @@ void drawImageRotatedAlpha( SDL_Surface* image, SDL_Rect* src, SDL_Rect* pos, re + } + + // draw a textured quad +- glBindTexture(GL_TEXTURE_2D, texid[image->refcount]); ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)image->userdata]); + glColor4f(1, 1, 1, alpha / 255.1); + glBegin(GL_QUADS); + glTexCoord2f(1.0 * ((real_t)src->x / image->w), 1.0 * ((real_t)src->y / image->h)); +@@ -492,7 +492,7 @@ void drawImageColor( SDL_Surface* image, SDL_Rect* src, SDL_Rect* pos, Uint32 co + } + + // draw a textured quad +- glBindTexture(GL_TEXTURE_2D, texid[image->refcount]); ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)image->userdata]); + real_t r = ((Uint8)(color >> mainsurface->format->Rshift)) / 255.f; + real_t g = ((Uint8)(color >> mainsurface->format->Gshift)) / 255.f; + real_t b = ((Uint8)(color >> mainsurface->format->Bshift)) / 255.f; +@@ -546,7 +546,7 @@ void drawImageAlpha( SDL_Surface* image, SDL_Rect* src, SDL_Rect* pos, Uint8 alp + } + + // draw a textured quad +- glBindTexture(GL_TEXTURE_2D, texid[image->refcount]); ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)image->userdata]); + glColor4f(1, 1, 1, alpha / 255.1); + glPushMatrix(); + glBegin(GL_QUADS); +@@ -596,7 +596,7 @@ void drawImage( SDL_Surface* image, SDL_Rect* src, SDL_Rect* pos ) + } + + // draw a textured quad +- glBindTexture(GL_TEXTURE_2D, texid[image->refcount]); ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)image->userdata]); + glColor4f(1, 1, 1, 1); + glPushMatrix(); + glBegin(GL_QUADS); +@@ -646,7 +646,7 @@ void drawImageRing(SDL_Surface* image, SDL_Rect* src, int radius, int thickness, + } + + // draw a textured quad +- glBindTexture(GL_TEXTURE_2D, texid[image->refcount]); ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)image->userdata]); + glColor4f(1, 1, 1, alpha / 255.f); + glPushMatrix(); + +@@ -771,7 +771,7 @@ void drawImageScaled( SDL_Surface* image, SDL_Rect* src, SDL_Rect* pos ) + } + + // draw a textured quad +- glBindTexture(GL_TEXTURE_2D, texid[image->refcount]); ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)image->userdata]); + glColor4f(1, 1, 1, 1); + glPushMatrix(); + glBegin(GL_QUADS); +@@ -826,7 +826,7 @@ void drawImageScaledPartial(SDL_Surface* image, SDL_Rect* src, SDL_Rect* pos, fl + } + + // draw a textured quad +- glBindTexture(GL_TEXTURE_2D, texid[image->refcount]); ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)image->userdata]); + glColor4f(1, 1, 1, 1); + glPushMatrix(); + glBegin(GL_QUADS); +@@ -889,7 +889,7 @@ void drawImageScaledColor(SDL_Surface* image, SDL_Rect* src, SDL_Rect* pos, Uint + } + + // draw a textured quad +- glBindTexture(GL_TEXTURE_2D, texid[image->refcount]); ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)image->userdata]); + real_t r = ((Uint8)(color >> mainsurface->format->Rshift)) / 255.f; + real_t g = ((Uint8)(color >> mainsurface->format->Gshift)) / 255.f; + real_t b = ((Uint8)(color >> mainsurface->format->Bshift)) / 255.f; +@@ -985,7 +985,7 @@ void drawImageFancy( SDL_Surface* image, Uint32 color, real_t angle, SDL_Rect* s + } + + // draw a textured quad +- glBindTexture(GL_TEXTURE_2D, texid[image->refcount]); ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)image->userdata]); + real_t r = ((Uint8)(color >> mainsurface->format->Rshift)) / 255.f; + real_t g = ((Uint8)(color >> mainsurface->format->Gshift)) / 255.f; + real_t b = ((Uint8)(color >> mainsurface->format->Bshift)) / 255.f; +@@ -2186,7 +2186,7 @@ void drawWindowFancy(int x1, int y1, int x2, int y2) + glVertex2f(x2 - 1, yres - y1 - 1); + glEnd(); + glColor3f(.75, .75, .75); +- glBindTexture(GL_TEXTURE_2D, texid[fancyWindow_bmp->refcount]); // wood texture ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)fancyWindow_bmp->userdata]); // wood texture + glBegin(GL_QUADS); + glTexCoord2f(0, 0); + glVertex2f(x1 + 2, yres - y1 - 2); +@@ -2322,7 +2322,7 @@ SDL_Rect ttfPrintTextColor( TTF_Font* font, int x, int y, Uint32 color, bool out + SDL_BlitSurface(textSurf, NULL, surf, &pos); + // load the text outline surface as a GL texture + allsurfaces[imgref] = surf; +- allsurfaces[imgref]->refcount = imgref; ++ allsurfaces[imgref]->userdata = (void*) imgref; + glLoadTexture(allsurfaces[imgref], imgref); + imgref++; + // store the surface in the text surface cache +diff --git a/src/files.cpp b/src/files.cpp +index 2beb9a6b9..389ade6d1 100644 +--- a/src/files.cpp ++++ b/src/files.cpp +@@ -591,7 +591,7 @@ SDL_Surface* loadImage(char const * const filename) + + // load the new surface as a GL texture + allsurfaces[imgref] = newSurface; +- allsurfaces[imgref]->refcount = imgref + 1; ++ allsurfaces[imgref]->userdata = (void *)(imgref); + glLoadTexture(allsurfaces[imgref], imgref); + + // free the translated surface +diff --git a/src/opengl.cpp b/src/opengl.cpp +index f5b81e77a..3ac225825 100644 +--- a/src/opengl.cpp ++++ b/src/opengl.cpp +@@ -500,7 +500,7 @@ void glDrawSprite(view_t* camera, Entity* entity, int mode) + } + if ( mode == REALCOLORS ) + { +- glBindTexture(GL_TEXTURE_2D, texid[sprite->refcount]); ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)sprite->userdata]); + } + else + { +@@ -586,7 +586,7 @@ void glDrawSpriteFromImage(view_t* camera, Entity* entity, std::string text, int + //int x, y; + real_t s = 1; + SDL_Surface* image = sprites[0]; +- GLuint textureId = texid[sprites[0]->refcount]; ++ GLuint textureId = texid[(long int)sprites[0]->userdata]; + char textToRetrieve[128]; + + if ( text.compare("") == 0 ) +@@ -603,7 +603,7 @@ void glDrawSpriteFromImage(view_t* camera, Entity* entity, std::string text, int + textToRetrieve[std::min(static_cast<int>(strlen(text.c_str())), 22)] = '\0'; + if ( (image = ttfTextHashRetrieve(ttfTextHash, textToRetrieve, ttf12, true)) != NULL ) + { +- textureId = texid[image->refcount]; ++ textureId = texid[(long int)image->userdata]; + } + else + { +@@ -627,7 +627,7 @@ void glDrawSpriteFromImage(view_t* camera, Entity* entity, std::string text, int + SDL_BlitSurface(textSurf, NULL, image, &pos); + // load the text outline surface as a GL texture + allsurfaces[imgref] = image; +- allsurfaces[imgref]->refcount = imgref; ++ allsurfaces[imgref]->userdata = (void *)((long int)imgref); + glLoadTexture(allsurfaces[imgref], imgref); + imgref++; + // store the surface in the text surface cache +@@ -635,7 +635,7 @@ void glDrawSpriteFromImage(view_t* camera, Entity* entity, std::string text, int + { + printlog("warning: failed to store text outline surface with imgref %d\n", imgref - 1); + } +- textureId = texid[image->refcount]; ++ textureId = texid[(long int)image->userdata]; + } + // setup projection + glMatrixMode(GL_PROJECTION); +@@ -864,7 +864,7 @@ void glDrawWorld(view_t* camera, int mode) + + // first (higher) sky layer + glColor4f(1.f, 1.f, 1.f, .5); +- glBindTexture(GL_TEXTURE_2D, texid[tiles[cloudtile]->refcount]); // sky tile ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)tiles[cloudtile]->userdata]); // sky tile + glBegin( GL_QUADS ); + glTexCoord2f((real_t)(ticks % 60) / 60, (real_t)(ticks % 60) / 60); + glVertex3f(-CLIPFAR * 16, 64, -CLIPFAR * 16); +@@ -881,7 +881,7 @@ void glDrawWorld(view_t* camera, int mode) + + // second (closer) sky layer + glColor4f(1.f, 1.f, 1.f, .5); +- glBindTexture(GL_TEXTURE_2D, texid[tiles[cloudtile]->refcount]); // sky tile ++ glBindTexture(GL_TEXTURE_2D, texid[(long int)tiles[cloudtile]->userdata]); // sky tile + glBegin( GL_QUADS ); + glTexCoord2f((real_t)(ticks % 240) / 240, (real_t)(ticks % 240) / 240); + glVertex3f(-CLIPFAR * 16, 32, -CLIPFAR * 16); +@@ -954,13 +954,13 @@ void glDrawWorld(view_t* camera, int mode) + { + if ( map.tiles[index] < 0 || map.tiles[index] >= numtiles ) + { +- new_tex = texid[sprites[0]->refcount]; +- //glBindTexture(GL_TEXTURE_2D, texid[sprites[0]->refcount]); ++ new_tex = texid[(long int)sprites[0]->userdata]; ++ //glBindTexture(GL_TEXTURE_2D, texid[(long int)sprites[0]->userdata]); + } + else + { +- new_tex = texid[tiles[map.tiles[index]]->refcount]; +- //glBindTexture(GL_TEXTURE_2D, texid[tiles[map.tiles[index]]->refcount]); ++ new_tex = texid[(long int)tiles[map.tiles[index]]->userdata]; ++ //glBindTexture(GL_TEXTURE_2D, texid[(long int)tiles[map.tiles[index]]->userdata]); + } + } + else +@@ -1282,8 +1282,8 @@ void glDrawWorld(view_t* camera, int mode) + // bind texture + if ( mode == REALCOLORS ) + { +- new_tex = texid[tiles[mapceilingtile]->refcount]; +- //glBindTexture(GL_TEXTURE_2D, texid[tiles[50]->refcount]); // rock tile ++ new_tex = texid[(long int)tiles[mapceilingtile]->userdata]; ++ //glBindTexture(GL_TEXTURE_2D, texid[(long int)tiles[50]->userdata]); // rock tile + if (cur_tex!=new_tex) + { + glEnd(); +diff --git a/src/savepng.cpp b/src/savepng.cpp +index fa7a5d4e2..59e052a5c 100644 +--- a/src/savepng.cpp ++++ b/src/savepng.cpp +@@ -59,7 +59,7 @@ SDL_Surface* SDL_PNGFormatAlpha(SDL_Surface* src) + /* NO-OP for images < 32bpp and 32bpp images that already have Alpha channel */ + if (src->format->BitsPerPixel <= 24 || src->format->Amask) + { +- src->refcount++; ++ src->userdata = (void *)((long int) src->userdata + 1); + return src; + } + diff --git a/gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch b/gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch new file mode 100644 index 0000000000..d3c677918c --- /dev/null +++ b/gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch @@ -0,0 +1,155 @@ +From 410a6ce5c80dd981c22752da034f2529b5eee844 Mon Sep 17 00:00:00 2001 +From: sebres <serg.brester@sebres.de> +Date: Mon, 21 Jun 2021 17:12:53 +0200 +Subject: [PATCH] fixed possible RCE vulnerability, unset escape variable + (default tilde) stops consider "~" char after new-line as composing escape + sequence + +--- + config/action.d/complain.conf | 2 +- + config/action.d/dshield.conf | 2 +- + config/action.d/mail-buffered.conf | 8 ++++---- + config/action.d/mail-whois-lines.conf | 2 +- + config/action.d/mail-whois.conf | 6 +++--- + config/action.d/mail.conf | 6 +++--- + 6 files changed, 13 insertions(+), 13 deletions(-) + +diff --git a/config/action.d/complain.conf b/config/action.d/complain.conf +index 3a5f882c9f..4d73b05859 100644 +--- a/config/action.d/complain.conf ++++ b/config/action.d/complain.conf +@@ -102,7 +102,7 @@ logpath = /dev/null + # Notes.: Your system mail command. Is passed 2 args: subject and recipient + # Values: CMD + # +-mailcmd = mail -s ++mailcmd = mail -E 'set escape' -s + + # Option: mailargs + # Notes.: Additional arguments to mail command. e.g. for standard Unix mail: +diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf +index c128bef348..3d5a7a53a9 100644 +--- a/config/action.d/dshield.conf ++++ b/config/action.d/dshield.conf +@@ -179,7 +179,7 @@ tcpflags = + # Notes.: Your system mail command. Is passed 2 args: subject and recipient + # Values: CMD + # +-mailcmd = mail -s ++mailcmd = mail -E 'set escape' -s + + # Option: mailargs + # Notes.: Additional arguments to mail command. e.g. for standard Unix mail: +diff --git a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf +index 325f185b2f..79b841049c 100644 +--- a/config/action.d/mail-buffered.conf ++++ b/config/action.d/mail-buffered.conf +@@ -17,7 +17,7 @@ actionstart = printf %%b "Hi,\n + The jail <name> has been started successfully.\n + Output will be buffered until <lines> lines are available.\n + Regards,\n +- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest> ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest> + + # Option: actionstop + # Notes.: command executed at the stop of jail (or at the end of Fail2Ban) +@@ -28,13 +28,13 @@ actionstop = if [ -f <tmpfile> ]; then + These hosts have been banned by Fail2Ban.\n + `cat <tmpfile>` + Regards,\n +- Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest> ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest> + rm <tmpfile> + fi + printf %%b "Hi,\n + The jail <name> has been stopped.\n + Regards,\n +- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest> ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest> + + # Option: actioncheck + # Notes.: command executed once before each actionban command +@@ -55,7 +55,7 @@ actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile> + These hosts have been banned by Fail2Ban.\n + `cat <tmpfile>` + \nRegards,\n +- Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest> ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary" <dest> + rm <tmpfile> + fi + +diff --git a/config/action.d/mail-whois-lines.conf b/config/action.d/mail-whois-lines.conf +index 3a3e56b2c7..d2818cb9b9 100644 +--- a/config/action.d/mail-whois-lines.conf ++++ b/config/action.d/mail-whois-lines.conf +@@ -72,7 +72,7 @@ actionunban = + # Notes.: Your system mail command. Is passed 2 args: subject and recipient + # Values: CMD + # +-mailcmd = mail -s ++mailcmd = mail -E 'set escape' -s + + # Default name of the chain + # +diff --git a/config/action.d/mail-whois.conf b/config/action.d/mail-whois.conf +index 7fea34c40d..ab33b616dc 100644 +--- a/config/action.d/mail-whois.conf ++++ b/config/action.d/mail-whois.conf +@@ -20,7 +20,7 @@ norestored = 1 + actionstart = printf %%b "Hi,\n + The jail <name> has been started successfully.\n + Regards,\n +- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest> ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest> + + # Option: actionstop + # Notes.: command executed at the stop of jail (or at the end of Fail2Ban) +@@ -29,7 +29,7 @@ actionstart = printf %%b "Hi,\n + actionstop = printf %%b "Hi,\n + The jail <name> has been stopped.\n + Regards,\n +- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest> ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest> + + # Option: actioncheck + # Notes.: command executed once before each actionban command +@@ -49,7 +49,7 @@ actionban = printf %%b "Hi,\n + Here is more information about <ip> :\n + `%(_whois_command)s`\n + Regards,\n +- Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest> ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest> + + # Option: actionunban + # Notes.: command executed when unbanning an IP. Take care that the +diff --git a/config/action.d/mail.conf b/config/action.d/mail.conf +index 5d8c0e154c..f4838ddcb6 100644 +--- a/config/action.d/mail.conf ++++ b/config/action.d/mail.conf +@@ -16,7 +16,7 @@ norestored = 1 + actionstart = printf %%b "Hi,\n + The jail <name> has been started successfully.\n + Regards,\n +- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest> ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest> + + # Option: actionstop + # Notes.: command executed at the stop of jail (or at the end of Fail2Ban) +@@ -25,7 +25,7 @@ actionstart = printf %%b "Hi,\n + actionstop = printf %%b "Hi,\n + The jail <name> has been stopped.\n + Regards,\n +- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest> ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest> + + # Option: actioncheck + # Notes.: command executed once before each actionban command +@@ -43,7 +43,7 @@ actionban = printf %%b "Hi,\n + The IP <ip> has just been banned by Fail2Ban after + <failures> attempts against <name>.\n + Regards,\n +- Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest> ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest> + + # Option: actionunban + # Notes.: command executed when unbanning an IP. Take care that the diff --git a/gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch b/gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch new file mode 100644 index 0000000000..b0b14364b1 --- /dev/null +++ b/gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch @@ -0,0 +1,64 @@ +From 5ac303df8a171f748330d4c645ccbf1c2c7f3497 Mon Sep 17 00:00:00 2001 +From: sebres <info@sebres.de> +Date: Sun, 19 Sep 2021 18:49:18 +0200 +Subject: [PATCH] fix gh-3098: build fails with error in fail2ban setup + command: use_2to3 is invalid (setuptools 58+) + +--- + setup.py | 16 +--------------- + 1 file changed, 1 insertion(+), 15 deletions(-) + +diff --git a/setup.py b/setup.py +index f4c2550f6f..98413273c5 100755 +--- a/setup.py ++++ b/setup.py +@@ -48,7 +48,7 @@ + from glob import glob + + from fail2ban.setup import updatePyExec +- ++from fail2ban.version import version + + source_dir = os.path.realpath(os.path.dirname( + # __file__ seems to be overwritten sometimes on some python versions (e.g. bug of 2.6 by running under cProfile, etc.): +@@ -112,22 +112,12 @@ def update_scripts(self, dry_run=False): + # Wrapper to specify fail2ban own options: + class install_command_f2b(install): + user_options = install.user_options + [ +- ('disable-2to3', None, 'Specify to deactivate 2to3, e.g. if the install runs from fail2ban test-cases.'), + ('without-tests', None, 'without tests files installation'), + ] + def initialize_options(self): +- self.disable_2to3 = None + self.without_tests = not with_tests + install.initialize_options(self) + def finalize_options(self): +- global _2to3 +- ## in the test cases 2to3 should be already done (fail2ban-2to3): +- if self.disable_2to3: +- _2to3 = False +- if _2to3: +- cmdclass = self.distribution.cmdclass +- cmdclass['build_py'] = build_py_2to3 +- cmdclass['build_scripts'] = build_scripts_2to3 + if self.without_tests: + self.distribution.scripts.remove('bin/fail2ban-testcases') + +@@ -178,7 +168,6 @@ def run(self): + if setuptools: + setup_extra = { + 'test_suite': "fail2ban.tests.utils.gatherTests", +- 'use_2to3': True, + } + else: + setup_extra = {} +@@ -202,9 +191,6 @@ def run(self): + ('/usr/share/doc/fail2ban', doc_files) + ) + +-# Get version number, avoiding importing fail2ban. +-# This is due to tests not functioning for python3 as 2to3 takes place later +-exec(open(join("fail2ban", "version.py")).read()) + + setup( + name = "fail2ban", diff --git a/gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch b/gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch new file mode 100644 index 0000000000..91d973e72e --- /dev/null +++ b/gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch @@ -0,0 +1,48 @@ +From 747d4683221b5584f9663695fb48145689b42ceb Mon Sep 17 00:00:00 2001 +From: sebres <info@sebres.de> +Date: Mon, 4 Jan 2021 02:42:38 +0100 +Subject: [PATCH] fixes century selector of %ExY and %Exy in datepattern for + tests, considering interval from 2005 (alternate now) to now; + better + grouping algorithm for resulting century RE + +--- + fail2ban/server/strptime.py | 24 ++++++++++++++++++++++-- + 1 file changed, 22 insertions(+), 2 deletions(-) + +diff --git a/fail2ban/server/strptime.py b/fail2ban/server/strptime.py +index 1464a96d1f..39fc795865 100644 +--- a/fail2ban/server/strptime.py ++++ b/fail2ban/server/strptime.py +@@ -36,10 +36,30 @@ def _getYearCentRE(cent=(0,3), distance=3, now=(MyTime.now(), MyTime.alternateNo + Thereby respect possible run in the test-cases (alternate date used there) + """ + cent = lambda year, f=cent[0], t=cent[1]: str(year)[f:t] ++ def grp(exprset): ++ c = None ++ if len(exprset) > 1: ++ for i in exprset: ++ if c is None or i[0:-1] == c: ++ c = i[0:-1] ++ else: ++ c = None ++ break ++ if not c: ++ for i in exprset: ++ if c is None or i[0] == c: ++ c = i[0] ++ else: ++ c = None ++ break ++ if c: ++ return "%s%s" % (c, grp([i[len(c):] for i in exprset])) ++ return ("(?:%s)" % "|".join(exprset) if len(exprset[0]) > 1 else "[%s]" % "".join(exprset)) \ ++ if len(exprset) > 1 else "".join(exprset) + exprset = set( cent(now[0].year + i) for i in (-1, distance) ) + if len(now) and now[1]: +- exprset |= set( cent(now[1].year + i) for i in (-1, distance) ) +- return "(?:%s)" % "|".join(exprset) if len(exprset) > 1 else "".join(exprset) ++ exprset |= set( cent(now[1].year + i) for i in xrange(-1, now[0].year-now[1].year+1, distance) ) ++ return grp(sorted(list(exprset))) + + timeRE = TimeRE() + diff --git a/gnu/packages/patches/fail2ban-paths-guix-conf.patch b/gnu/packages/patches/fail2ban-paths-guix-conf.patch new file mode 100644 index 0000000000..8c2a5747ba --- /dev/null +++ b/gnu/packages/patches/fail2ban-paths-guix-conf.patch @@ -0,0 +1,32 @@ +From ef28dcf7a5bdbfd8ba586bb066d5ec53188a6bf9 Mon Sep 17 00:00:00 2001 +From: muradm <mail@muradm.net> +Date: Fri, 15 Jul 2022 20:08:14 +0300 +Subject: [PATCH] Add paths-guix.conf file. + +--- + config/paths-guix.conf | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + create mode 100644 config/paths-guix.conf + +diff --git a/config/paths-guix.conf b/config/paths-guix.conf +new file mode 100644 +index 00000000..b4a2e9f5 +--- /dev/null ++++ b/config/paths-guix.conf +@@ -0,0 +1,13 @@ ++# Guix ++ ++[INCLUDES] ++ ++before = paths-common.conf ++after = paths-overrides.local ++ ++ ++[DEFAULT] ++ ++syslog_authpriv = /var/log/secure ++syslog_mail = /var/log/maillog ++syslog_mail_warn = /var/log/maillog +-- +2.36.1 + diff --git a/gnu/packages/patches/fail2ban-python310-server-action.patch b/gnu/packages/patches/fail2ban-python310-server-action.patch new file mode 100644 index 0000000000..723d7f7aa6 --- /dev/null +++ b/gnu/packages/patches/fail2ban-python310-server-action.patch @@ -0,0 +1,27 @@ +From 2b6bb2c1bed8f7009631e8f8c306fa3160324a49 Mon Sep 17 00:00:00 2001 +From: "Sergey G. Brester" <serg.brester@sebres.de> +Date: Mon, 8 Feb 2021 17:19:24 +0100 +Subject: [PATCH] follow bpo-37324: :ref:`collections-abstract-base-classes` + moved to the :mod:`collections.abc` module + +(since 3.10-alpha.5 `MutableMapping` is missing in collections module) +--- + fail2ban/server/action.py | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/fail2ban/server/action.py b/fail2ban/server/action.py +index 3bc48fe046..f0f1e6f59a 100644 +--- a/fail2ban/server/action.py ++++ b/fail2ban/server/action.py +@@ -30,7 +30,10 @@ + import threading + import time + from abc import ABCMeta +-from collections import MutableMapping ++try: ++ from collections.abc import MutableMapping ++except ImportError: ++ from collections import MutableMapping + + from .failregex import mapTag2Opt + from .ipdns import DNSUtils diff --git a/gnu/packages/patches/fail2ban-python310-server-actions.patch b/gnu/packages/patches/fail2ban-python310-server-actions.patch new file mode 100644 index 0000000000..e31316d28b --- /dev/null +++ b/gnu/packages/patches/fail2ban-python310-server-actions.patch @@ -0,0 +1,25 @@ +From 42dee38ad2ac5c3f23bdf297d824022923270dd9 Mon Sep 17 00:00:00 2001 +From: "Sergey G. Brester" <serg.brester@sebres.de> +Date: Mon, 8 Feb 2021 17:25:45 +0100 +Subject: [PATCH] amend for `Mapping` + +--- + fail2ban/server/actions.py | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py +index b7b95b445a..897d907c1a 100644 +--- a/fail2ban/server/actions.py ++++ b/fail2ban/server/actions.py +@@ -28,7 +28,10 @@ + import os + import sys + import time +-from collections import Mapping ++try: ++ from collections.abc import Mapping ++except ImportError: ++ from collections import Mapping + try: + from collections import OrderedDict + except ImportError: diff --git a/gnu/packages/patches/fail2ban-python310-server-jails.patch b/gnu/packages/patches/fail2ban-python310-server-jails.patch new file mode 100644 index 0000000000..e5873c415e --- /dev/null +++ b/gnu/packages/patches/fail2ban-python310-server-jails.patch @@ -0,0 +1,25 @@ +From 9f1d1f4fbd0804695a976beb191f2c49a2739834 Mon Sep 17 00:00:00 2001 +From: "Sergey G. Brester" <serg.brester@sebres.de> +Date: Mon, 8 Feb 2021 17:35:59 +0100 +Subject: [PATCH] amend for `Mapping` (jails) + +--- + fail2ban/server/jails.py | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/fail2ban/server/jails.py b/fail2ban/server/jails.py +index 972a8c4bd2..27e12ddf65 100644 +--- a/fail2ban/server/jails.py ++++ b/fail2ban/server/jails.py +@@ -22,7 +22,10 @@ + __license__ = "GPL" + + from threading import Lock +-from collections import Mapping ++try: ++ from collections.abc import Mapping ++except ImportError: ++ from collections import Mapping + + from ..exceptions import DuplicateJailException, UnknownJailException + from .jail import Jail diff --git a/gnu/packages/patches/fuse-glibc-2.34.patch b/gnu/packages/patches/fuse-glibc-2.34.patch new file mode 100644 index 0000000000..5f973e2491 --- /dev/null +++ b/gnu/packages/patches/fuse-glibc-2.34.patch @@ -0,0 +1,49 @@ +Don't redefine 'closefrom' if available through glibc. + +Shamelessly stolen from Gentoo: + + https://gitweb.gentoo.org/repo/gentoo.git/tree/sys-fs/fuse/files/fuse-2.9.9-closefrom-glibc-2-34.patch + +diff --git a/configure.ac b/configure.ac +index 9946a0efa..a2d481aa9 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -55,6 +55,7 @@ fi + + AC_CHECK_FUNCS([fork setxattr fdatasync splice vmsplice utimensat]) + AC_CHECK_FUNCS([posix_fallocate]) ++AC_CHECK_FUNCS([closefrom]) + AC_CHECK_MEMBERS([struct stat.st_atim]) + AC_CHECK_MEMBERS([struct stat.st_atimespec]) + +diff --git a/util/ulockmgr_server.c b/util/ulockmgr_server.c +index 273c7d923..a04dac5c6 100644 +--- a/util/ulockmgr_server.c ++++ b/util/ulockmgr_server.c +@@ -22,6 +22,10 @@ + #include <sys/socket.h> + #include <sys/wait.h> + ++#ifdef HAVE_CONFIG_H ++ #include "config.h" ++#endif ++ + struct message { + unsigned intr : 1; + unsigned nofd : 1; +@@ -124,6 +128,7 @@ static int receive_message(int sock, void *buf, size_t buflen, int *fdp, + return res; + } + ++#if !defined(HAVE_CLOSEFROM) + static int closefrom(int minfd) + { + DIR *dir = opendir("/proc/self/fd"); +@@ -141,6 +146,7 @@ static int closefrom(int minfd) + } + return 0; + } ++#endif + + static void send_reply(int cfd, struct message *msg) + { diff --git a/gnu/packages/patches/gnupg-CVE-2022-34903.patch b/gnu/packages/patches/gnupg-CVE-2022-34903.patch new file mode 100644 index 0000000000..19c055282a --- /dev/null +++ b/gnu/packages/patches/gnupg-CVE-2022-34903.patch @@ -0,0 +1,54 @@ +https://dev.gnupg.org/T6027 +https://www.openwall.com/lists/oss-security/2022/06/30/1 +https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=34c649b3601383cd11dbc76221747ec16fd68e1b + +From 34c649b3601383cd11dbc76221747ec16fd68e1b Mon Sep 17 00:00:00 2001 +From: Werner Koch <wk@gnupg.org> +Date: Tue, 14 Jun 2022 11:33:27 +0200 +Subject: [PATCH] g10: Fix garbled status messages in NOTATION_DATA + +* g10/cpr.c (write_status_text_and_buffer): Fix off-by-one +-- + +Depending on the escaping and line wrapping the computed remaining +buffer length could be wrong. Fixed by always using a break to +terminate the escape detection loop. Might have happened for all +status lines which may wrap. + +GnuPG-bug-id: T6027 +--- + g10/cpr.c | 13 ++++--------- + 1 file changed, 4 insertions(+), 9 deletions(-) + +diff --git a/g10/cpr.c b/g10/cpr.c +index 9bfdd3c34..fa8005d6f 100644 +--- a/g10/cpr.c ++++ b/g10/cpr.c +@@ -372,20 +372,15 @@ write_status_text_and_buffer (int no, const char *string, + } + first = 0; + } +- for (esc=0, s=buffer, n=len; n && !esc; s++, n--) ++ for (esc=0, s=buffer, n=len; n; s++, n--) + { + if (*s == '%' || *(const byte*)s <= lower_limit + || *(const byte*)s == 127 ) + esc = 1; + if (wrap && ++count > wrap) +- { +- dowrap=1; +- break; +- } +- } +- if (esc) +- { +- s--; n++; ++ dowrap=1; ++ if (esc || dowrap) ++ break; + } + if (s != buffer) + es_fwrite (buffer, s-buffer, 1, statusfp); +-- +2.11.0 + diff --git a/gnu/packages/patches/jami-fix-crash-on-quit.patch b/gnu/packages/patches/jami-fix-crash-on-quit.patch deleted file mode 100644 index c25bce588a..0000000000 --- a/gnu/packages/patches/jami-fix-crash-on-quit.patch +++ /dev/null @@ -1,34 +0,0 @@ -Retrieved from: -https://git.jami.net/savoirfairelinux/jami-client-qt/-/commit/83f68573324a453a6d26e025fd6439f175a79d1b.diff. - -With the 'client-qt' prefix added to match the file hierarchy of the release tarball. - -diff --git a/client-qt/src/mainapplication.cpp b/client-qt/src/mainapplication.cpp -index 0c3209fc6fa7c528bec197f1cf9332758170441c..278f19287b86dd2c916935ab0930cbe0abb35d26 100644 ---- a/client-qt/src/mainapplication.cpp -+++ b/client-qt/src/mainapplication.cpp -@@ -155,7 +155,11 @@ MainApplication::MainApplication(int& argc, char** argv) - QObject::connect(this, &QApplication::aboutToQuit, [this] { cleanup(); }); - } - --MainApplication::~MainApplication() {} -+MainApplication::~MainApplication() -+{ -+ engine_.reset(); -+ lrcInstance_.reset(); -+} - - bool - MainApplication::init() -diff --git a/src/mainapplication.h b/src/mainapplication.h -index 51306be829478b9fbc1c61a08aeb96938be26dac..4047e3abb3cfd3e6250387a37fa5a896e9bc4161 100644 ---- a/client-qt/src/mainapplication.h -+++ b/client-qt/src/mainapplication.h -@@ -80,7 +80,6 @@ private: - private: - QScopedPointer<QFile> debugFile_; - QScopedPointer<QQmlApplicationEngine> engine_; -- - QScopedPointer<LRCInstance> lrcInstance_; - - QScopedPointer<ConnectivityMonitor> connectivityMonitor_; diff --git a/gnu/packages/patches/jami-fix-esc-bug.patch b/gnu/packages/patches/jami-fix-esc-bug.patch new file mode 100644 index 0000000000..6d78542f1e --- /dev/null +++ b/gnu/packages/patches/jami-fix-esc-bug.patch @@ -0,0 +1,24 @@ +This fixes the issue where pressing the ESC key would hide the Jami +GUI on systems lacking a notification tray. + +From 47fd4c38ddd8bd350319ce9bb750ca496826e655 Mon Sep 17 00:00:00 2001 +From: Sébastien Blin <sebastien.blin@savoirfairelinux.com> +Date: Fri, 29 Jul 2022 21:24:01 -0400 +Subject: [PATCH] layoutmanager: fix popFullScreenItem + +Change-Id: I79780d4ad570846e6f3c52734dd627bcd0e11327 +--- + +diff --git a/src/app/LayoutManager.qml b/src/app/LayoutManager.qml +index 98516ce..87f13ac 100644 +--- a/client-qt/src/app/LayoutManager.qml ++++ b/client-qt/src/app/LayoutManager.qml +@@ -176,7 +176,7 @@ + + // Only leave fullscreen mode if our window isn't in fullscreen + // mode already. +- if (priv.fullScreenItems.length === 0) { ++ if (priv.fullScreenItems.length === 0 && priv.windowedVisibility !== Window.Hidden) { + // Simply recall the last visibility state. + visibility = priv.windowedVisibility + } diff --git a/gnu/packages/patches/jami-images-loading.patch b/gnu/packages/patches/jami-images-loading.patch deleted file mode 100644 index caf9e1e198..0000000000 --- a/gnu/packages/patches/jami-images-loading.patch +++ /dev/null @@ -1,152 +0,0 @@ -From be9dd0d0d8cb4556cd930edd783c0a1699565ac0 Mon Sep 17 00:00:00 2001 -From: kkostiuk <kateryna.kostiuk@savoirfairelinux.com> -Date: Mon, 1 Nov 2021 17:39:23 -0400 -Subject: [PATCH] conversation: fix long loading time for images - -Change-Id: Id88cfbd571f4b504f258758bd13b4e4a91bf1b49 ---- - .../DataTransferMessageDelegate.qml | 52 +++++++++++++++++-- - src/messagesadapter.cpp | 20 +++++-- - src/messagesadapter.h | 2 +- - 3 files changed, 66 insertions(+), 8 deletions(-) - -diff --git a/client-qt/src/commoncomponents/DataTransferMessageDelegate.qml b/client-qt/src/commoncomponents/DataTransferMessageDelegate.qml -index 7875e01..2e7dcc0 100644 ---- a/client-qt/src/commoncomponents/DataTransferMessageDelegate.qml -+++ b/client-qt/src/commoncomponents/DataTransferMessageDelegate.qml -@@ -252,10 +252,11 @@ Loader { - Loader { - id: localMediaCompLoader - anchors.right: isOutgoing ? parent.right : undefined -+ asynchronous: true - width: sourceComponent.width - height: sourceComponent.height - sourceComponent: mediaInfo.isImage !== undefined ? -- imageComp : -+ imageComp : mediaInfo.isAnimatedImage !== undefined ? animatedImageComp : - avComp - Component { - id: avComp -@@ -302,9 +303,9 @@ Loader { - } - } - Component { -- id: imageComp -+ id: animatedImageComp - AnimatedImage { -- id: img -+ id: animatedImg - anchors.right: isOutgoing ? parent.right : undefined - property real minSize: 192 - property real maxSize: 256 -@@ -327,6 +328,51 @@ Loader { - anchors.fill: parent - } - layer.enabled: true -+ layer.effect: OpacityMask { -+ maskSource: MessageBubble { -+ out: isOutgoing -+ type: seq -+ width: animatedImg.width -+ height: animatedImg.height -+ radius: msgRadius -+ } -+ } -+ HoverHandler { -+ target : parent -+ onHoveredChanged: { -+ localMediaMsgItem.hoveredLink = hovered ? animatedImg.source : "" -+ } -+ cursorShape: Qt.PointingHandCursor -+ } -+ } -+ } -+ -+ Component { -+ id: imageComp -+ Image { -+ id: img -+ anchors.right: isOutgoing ? parent.right : undefined -+ property real minSize: 192 -+ property real maxSize: 256 -+ cache: true -+ fillMode: Image.PreserveAspectCrop -+ mipmap: true -+ antialiasing: true -+ autoTransform: false -+ asynchronous: true -+ source: "file:///" + Body -+ property real aspectRatio: implicitWidth / implicitHeight -+ property real adjustedWidth: Math.min(maxSize, -+ Math.max(minSize, -+ innerContent.width - senderMargin)) -+ width: adjustedWidth -+ height: Math.ceil(adjustedWidth / aspectRatio) -+ Rectangle { -+ color: JamiTheme.previewImageBackgroundColor -+ z: -1 -+ anchors.fill: parent -+ } -+ layer.enabled: true - layer.effect: OpacityMask { - maskSource: MessageBubble { - out: isOutgoing -diff --git a/client-qt/src/messagesadapter.cpp b/client-qt/src/messagesadapter.cpp -index 91f8eed..ba38e53 100644 ---- a/client-qt/src/messagesadapter.cpp -+++ b/client-qt/src/messagesadapter.cpp -@@ -458,13 +458,24 @@ MessagesAdapter::conversationTypersUrlToName(const QSet<QString>& typersSet) - return nameList; - } - --bool -+QVariantMap - MessagesAdapter::isLocalImage(const QString& msg) - { - QImageReader reader; - reader.setDecideFormatFromContent(true); - reader.setFileName(msg); -- return !reader.read().isNull(); -+ QByteArray fileFormat = reader.format(); -+ if (fileFormat == "gif") { -+ return {{"isAnimatedImage", true}}; -+ } -+ QList<QByteArray> supportedFormats = reader.supportedImageFormats(); -+ auto iterator = std::find_if(supportedFormats.begin(), -+ supportedFormats.end(), -+ [fileFormat](QByteArray format) { return format == fileFormat; }); -+ if (iterator != supportedFormats.end()) { -+ return {{"isImage", true}}; -+ } -+ return {{"isImage", false}}; - } - - QVariantMap -@@ -476,8 +487,9 @@ MessagesAdapter::getMediaInfo(const QString& msg) - "<%1 style='width:100%;height:%2;outline:none;background-color:#f1f3f4;" - "object-fit:cover;' " - "controls controlsList='nodownload' src='file://%3' type='%4'/></body>"; -- if (isLocalImage(msg)) { -- return {{"isImage", true}}; -+ QVariantMap fileInfo = isLocalImage(msg); -+ if (fileInfo["isImage"].toBool() || fileInfo["isAnimatedImage"].toBool()) { -+ return fileInfo; - } - QRegularExpression vPattern("[^\\s]+(.*?)\\.(avi|mov|webm|webp|rmvb)$", - QRegularExpression::CaseInsensitiveOption); -diff --git a/client-qt/src/messagesadapter.h b/client-qt/src/messagesadapter.h -index bfa4e62..1965c5e 100644 ---- a/client-qt/src/messagesadapter.h -+++ b/client-qt/src/messagesadapter.h -@@ -101,7 +101,7 @@ protected: - Q_INVOKABLE void deleteInteraction(const QString& interactionId); - Q_INVOKABLE void copyToDownloads(const QString& interactionId, const QString& displayName); - Q_INVOKABLE void userIsComposing(bool isComposing); -- Q_INVOKABLE bool isLocalImage(const QString& msg); -+ Q_INVOKABLE QVariantMap isLocalImage(const QString& msg); - Q_INVOKABLE QVariantMap getMediaInfo(const QString& msg); - Q_INVOKABLE bool isRemoteImage(const QString& msg); - Q_INVOKABLE QString getFormattedTime(const quint64 timestamp); --- -GitLab - diff --git a/gnu/packages/patches/jami-libclient-audio-managers.patch b/gnu/packages/patches/jami-libclient-audio-managers.patch deleted file mode 100644 index 1f8a5585e6..0000000000 --- a/gnu/packages/patches/jami-libclient-audio-managers.patch +++ /dev/null @@ -1,23 +0,0 @@ -From f5e4619d02526d961c14012a6cae1a091aa149d4 Mon Sep 17 00:00:00 2001 -From: Sébastien Blin <sebastien.blin@savoirfairelinux.com> -Date: Thu, 27 Jan 2022 13:48:32 -0500 -Subject: [PATCH] misc: link getSupportedAudioManagers -q -Change-Id: I897e49cd131d3cbffef9fb1d5c9be3c0bc9bcb3f -GitLab: #495 ---- - -diff --git a/lrc/src/qtwrapper/configurationmanager_wrap.h b/lrc/src/qtwrapper/configurationmanager_wrap.h -index a680138..2807f8a 100644 ---- a/lrc/src/qtwrapper/configurationmanager_wrap.h -+++ b/lrc/src/qtwrapper/configurationmanager_wrap.h -@@ -526,8 +526,7 @@ - - QStringList getSupportedAudioManagers() - { -- QStringList temp; -- return temp; -+ return convertStringList(DRing::getSupportedAudioManagers()); - } - - QStringList getSupportedTlsMethod() diff --git a/gnu/packages/patches/jami-memory-usage.patch b/gnu/packages/patches/jami-memory-usage.patch deleted file mode 100644 index 75fcde8d0a..0000000000 --- a/gnu/packages/patches/jami-memory-usage.patch +++ /dev/null @@ -1,70 +0,0 @@ -From e796b3325d95b5ddd6162b5513c8325210f41fc5 Mon Sep 17 00:00:00 2001 -From: Sébastien Blin <sebastien.blin@savoirfairelinux.com> -Date: Wed, 26 Jan 2022 11:37:07 -0500 -Subject: [PATCH] datatransferimage: improve memory usage - -+ Reduce listview caching' size by 50% -+ use sourceSize to compress images and speedup loading -+ use autoTransform: true to rotate images when needed - -Change-Id: Idf1babdc73f43aa6a79b89428c25c5d06856c0ef -GitLab: #649 ---- - -diff --git a/client-qt/src/commoncomponents/DataTransferMessageDelegate.qml b/client-qt/src/commoncomponents/DataTransferMessageDelegate.qml -index d017c03..ca5913e 100644 ---- a/client-qt/src/commoncomponents/DataTransferMessageDelegate.qml -+++ b/client-qt/src/commoncomponents/DataTransferMessageDelegate.qml -@@ -255,9 +255,13 @@ - asynchronous: true - width: sourceComponent.width - height: sourceComponent.height -- sourceComponent: mediaInfo.isImage !== undefined ? -- imageComp : mediaInfo.isAnimatedImage !== undefined ? animatedImageComp : -- avComp -+ sourceComponent: { -+ if (mediaInfo.isImage) -+ return imageComp -+ if (mediaInfo.isAnimatedImage) -+ return animatedImageComp -+ return avComp -+ } - Component { - id: avComp - WebEngineView { -@@ -316,7 +320,7 @@ - fillMode: Image.PreserveAspectCrop - mipmap: true - antialiasing: true -- autoTransform: false -+ autoTransform: true - asynchronous: true - source: "file:///" + Body - property real aspectRatio: implicitWidth / implicitHeight -@@ -361,8 +365,10 @@ - fillMode: Image.PreserveAspectCrop - mipmap: true - antialiasing: true -- autoTransform: false -+ autoTransform: true - asynchronous: true -+ sourceSize.width: width -+ sourceSize.height: height - source: "file:///" + Body - property real aspectRatio: implicitWidth / implicitHeight - property real adjustedWidth: Math.min(maxSize, -diff --git a/client-qt/src/mainview/components/MessageListView.qml b/client-qt/src/mainview/components/MessageListView.qml -index 2b7c326..f65e67b 100644 ---- a/client-qt/src/mainview/components/MessageListView.qml -+++ b/client-qt/src/mainview/components/MessageListView.qml -@@ -174,8 +174,8 @@ - width: parent.width - // this offscreen caching is pretty huge - // displayMarginEnd may be removed -- displayMarginBeginning: 4096 -- displayMarginEnd: 4096 -+ displayMarginBeginning: 2048 -+ displayMarginEnd: 2048 - maximumFlickVelocity: 2048 - verticalLayoutDirection: ListView.BottomToTop - boundsBehavior: Flickable.StopAtBounds diff --git a/gnu/packages/patches/libphonenumber-reproducible-build.patch b/gnu/packages/patches/libphonenumber-reproducible-build.patch new file mode 100644 index 0000000000..6d8cf5a628 --- /dev/null +++ b/gnu/packages/patches/libphonenumber-reproducible-build.patch @@ -0,0 +1,25 @@ +Author: Antero Mejr <antero@mailbox.org> +Upstream status: I didn't report upstream because they don't have an issue tracker and +PRs require signing the Google CLA. If someone willing to sign the CLA +wants to submit the patch, please go ahead. + +diff --git a/tools/cpp/src/cpp-build/generate_geocoding_data.cc b/tools/cpp/src/cpp-build/generate_geocoding_data.cc +index 021cf5c8..5948e140 100644 +--- a/tools/cpp/src/cpp-build/generate_geocoding_data.cc ++++ b/tools/cpp/src/cpp-build/generate_geocoding_data.cc +@@ -88,6 +88,7 @@ class DirEntry { + + const std::string& name() const { return name_; } + DirEntryKinds kind() const { return kind_; } ++ bool operator<(const DirEntry& d) { return name_ < d.name(); } + + private: + std::string name_; +@@ -115,6 +116,7 @@ bool ListDirectory(const string& path, vector<DirEntry>* entries) { + errno = 0; + entry = readdir(dir); + if (entry == NULL) { ++ std::sort(entries->begin(), entries->end()); + return errno == 0; + } + if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0) { diff --git a/gnu/packages/patches/libtirpc-CVE-2021-46828.patch b/gnu/packages/patches/libtirpc-CVE-2021-46828.patch new file mode 100644 index 0000000000..d7ecbd239d --- /dev/null +++ b/gnu/packages/patches/libtirpc-CVE-2021-46828.patch @@ -0,0 +1,567 @@ +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828 +https://nvd.nist.gov/vuln/detail/CVE-2021-46828 + +http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed + +From 86529758570cef4c73fb9b9c4104fdc510f701ed Mon Sep 17 00:00:00 2001 +From: Dai Ngo <dai.ngo@oracle.com> +Date: Sat, 21 Aug 2021 13:16:23 -0400 +Subject: [PATCH] Fix DoS vulnerability in libtirpc + +Currently svc_run does not handle poll timeout and rendezvous_request +does not handle EMFILE error returned from accept(2 as it used to. +These two missing functionality were removed by commit b2c9430f46c4. + +The effect of not handling poll timeout allows idle TCP conections +to remain ESTABLISHED indefinitely. When the number of connections +reaches the limit of the open file descriptors (ulimit -n) then +accept(2) fails with EMFILE. Since there is no handling of EMFILE +error this causes svc_run() to get in a tight loop calling accept(2). +This resulting in the RPC service of svc_run is being down, it's +no longer able to service any requests. + +RPC service rpcbind, statd and mountd are effected by this +problem. + +Fix by enhancing rendezvous_request to keep the number of +SVCXPRT conections to 4/5 of the size of the file descriptor +table. When this thresold is reached, it destroys the idle +TCP connections or destroys the least active connection if +no idle connnction was found. + +Fixes: 44bf15b8 rpcbind: don't use obsolete svc_fdset interface of libtirpc +Signed-off-by: dai.ngo@oracle.com +Signed-off-by: Steve Dickson <steved@redhat.com> +--- + INSTALL | 371 +---------------------------------------------------------- + src/svc.c | 17 ++- + src/svc_vc.c | 62 +++++++++- + 3 files changed, 78 insertions(+), 372 deletions(-) + mode change 100644 => 120000 INSTALL + +diff --git a/INSTALL b/INSTALL +deleted file mode 100644 +index 2099840..0000000 +--- a/INSTALL ++++ /dev/null +@@ -1,370 +0,0 @@ +-Installation Instructions +-************************* +- +-Copyright (C) 1994-1996, 1999-2002, 2004-2013 Free Software Foundation, +-Inc. +- +- Copying and distribution of this file, with or without modification, +-are permitted in any medium without royalty provided the copyright +-notice and this notice are preserved. This file is offered as-is, +-without warranty of any kind. +- +-Basic Installation +-================== +- +- Briefly, the shell command `./configure && make && make install' +-should configure, build, and install this package. The following +-more-detailed instructions are generic; see the `README' file for +-instructions specific to this package. Some packages provide this +-`INSTALL' file but do not implement all of the features documented +-below. The lack of an optional feature in a given package is not +-necessarily a bug. More recommendations for GNU packages can be found +-in *note Makefile Conventions: (standards)Makefile Conventions. +- +- The `configure' shell script attempts to guess correct values for +-various system-dependent variables used during compilation. It uses +-those values to create a `Makefile' in each directory of the package. +-It may also create one or more `.h' files containing system-dependent +-definitions. Finally, it creates a shell script `config.status' that +-you can run in the future to recreate the current configuration, and a +-file `config.log' containing compiler output (useful mainly for +-debugging `configure'). +- +- It can also use an optional file (typically called `config.cache' +-and enabled with `--cache-file=config.cache' or simply `-C') that saves +-the results of its tests to speed up reconfiguring. Caching is +-disabled by default to prevent problems with accidental use of stale +-cache files. +- +- If you need to do unusual things to compile the package, please try +-to figure out how `configure' could check whether to do them, and mail +-diffs or instructions to the address given in the `README' so they can +-be considered for the next release. If you are using the cache, and at +-some point `config.cache' contains results you don't want to keep, you +-may remove or edit it. +- +- The file `configure.ac' (or `configure.in') is used to create +-`configure' by a program called `autoconf'. You need `configure.ac' if +-you want to change it or regenerate `configure' using a newer version +-of `autoconf'. +- +- The simplest way to compile this package is: +- +- 1. `cd' to the directory containing the package's source code and type +- `./configure' to configure the package for your system. +- +- Running `configure' might take a while. While running, it prints +- some messages telling which features it is checking for. +- +- 2. Type `make' to compile the package. +- +- 3. Optionally, type `make check' to run any self-tests that come with +- the package, generally using the just-built uninstalled binaries. +- +- 4. Type `make install' to install the programs and any data files and +- documentation. When installing into a prefix owned by root, it is +- recommended that the package be configured and built as a regular +- user, and only the `make install' phase executed with root +- privileges. +- +- 5. Optionally, type `make installcheck' to repeat any self-tests, but +- this time using the binaries in their final installed location. +- This target does not install anything. Running this target as a +- regular user, particularly if the prior `make install' required +- root privileges, verifies that the installation completed +- correctly. +- +- 6. You can remove the program binaries and object files from the +- source code directory by typing `make clean'. To also remove the +- files that `configure' created (so you can compile the package for +- a different kind of computer), type `make distclean'. There is +- also a `make maintainer-clean' target, but that is intended mainly +- for the package's developers. If you use it, you may have to get +- all sorts of other programs in order to regenerate files that came +- with the distribution. +- +- 7. Often, you can also type `make uninstall' to remove the installed +- files again. In practice, not all packages have tested that +- uninstallation works correctly, even though it is required by the +- GNU Coding Standards. +- +- 8. Some packages, particularly those that use Automake, provide `make +- distcheck', which can by used by developers to test that all other +- targets like `make install' and `make uninstall' work correctly. +- This target is generally not run by end users. +- +-Compilers and Options +-===================== +- +- Some systems require unusual options for compilation or linking that +-the `configure' script does not know about. Run `./configure --help' +-for details on some of the pertinent environment variables. +- +- You can give `configure' initial values for configuration parameters +-by setting variables in the command line or in the environment. Here +-is an example: +- +- ./configure CC=c99 CFLAGS=-g LIBS=-lposix +- +- *Note Defining Variables::, for more details. +- +-Compiling For Multiple Architectures +-==================================== +- +- You can compile the package for more than one kind of computer at the +-same time, by placing the object files for each architecture in their +-own directory. To do this, you can use GNU `make'. `cd' to the +-directory where you want the object files and executables to go and run +-the `configure' script. `configure' automatically checks for the +-source code in the directory that `configure' is in and in `..'. This +-is known as a "VPATH" build. +- +- With a non-GNU `make', it is safer to compile the package for one +-architecture at a time in the source code directory. After you have +-installed the package for one architecture, use `make distclean' before +-reconfiguring for another architecture. +- +- On MacOS X 10.5 and later systems, you can create libraries and +-executables that work on multiple system types--known as "fat" or +-"universal" binaries--by specifying multiple `-arch' options to the +-compiler but only a single `-arch' option to the preprocessor. Like +-this: +- +- ./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \ +- CXX="g++ -arch i386 -arch x86_64 -arch ppc -arch ppc64" \ +- CPP="gcc -E" CXXCPP="g++ -E" +- +- This is not guaranteed to produce working output in all cases, you +-may have to build one architecture at a time and combine the results +-using the `lipo' tool if you have problems. +- +-Installation Names +-================== +- +- By default, `make install' installs the package's commands under +-`/usr/local/bin', include files under `/usr/local/include', etc. You +-can specify an installation prefix other than `/usr/local' by giving +-`configure' the option `--prefix=PREFIX', where PREFIX must be an +-absolute file name. +- +- You can specify separate installation prefixes for +-architecture-specific files and architecture-independent files. If you +-pass the option `--exec-prefix=PREFIX' to `configure', the package uses +-PREFIX as the prefix for installing programs and libraries. +-Documentation and other data files still use the regular prefix. +- +- In addition, if you use an unusual directory layout you can give +-options like `--bindir=DIR' to specify different values for particular +-kinds of files. Run `configure --help' for a list of the directories +-you can set and what kinds of files go in them. In general, the +-default for these options is expressed in terms of `${prefix}', so that +-specifying just `--prefix' will affect all of the other directory +-specifications that were not explicitly provided. +- +- The most portable way to affect installation locations is to pass the +-correct locations to `configure'; however, many packages provide one or +-both of the following shortcuts of passing variable assignments to the +-`make install' command line to change installation locations without +-having to reconfigure or recompile. +- +- The first method involves providing an override variable for each +-affected directory. For example, `make install +-prefix=/alternate/directory' will choose an alternate location for all +-directory configuration variables that were expressed in terms of +-`${prefix}'. Any directories that were specified during `configure', +-but not in terms of `${prefix}', must each be overridden at install +-time for the entire installation to be relocated. The approach of +-makefile variable overrides for each directory variable is required by +-the GNU Coding Standards, and ideally causes no recompilation. +-However, some platforms have known limitations with the semantics of +-shared libraries that end up requiring recompilation when using this +-method, particularly noticeable in packages that use GNU Libtool. +- +- The second method involves providing the `DESTDIR' variable. For +-example, `make install DESTDIR=/alternate/directory' will prepend +-`/alternate/directory' before all installation names. The approach of +-`DESTDIR' overrides is not required by the GNU Coding Standards, and +-does not work on platforms that have drive letters. On the other hand, +-it does better at avoiding recompilation issues, and works well even +-when some directory options were not specified in terms of `${prefix}' +-at `configure' time. +- +-Optional Features +-================= +- +- If the package supports it, you can cause programs to be installed +-with an extra prefix or suffix on their names by giving `configure' the +-option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. +- +- Some packages pay attention to `--enable-FEATURE' options to +-`configure', where FEATURE indicates an optional part of the package. +-They may also pay attention to `--with-PACKAGE' options, where PACKAGE +-is something like `gnu-as' or `x' (for the X Window System). The +-`README' should mention any `--enable-' and `--with-' options that the +-package recognizes. +- +- For packages that use the X Window System, `configure' can usually +-find the X include and library files automatically, but if it doesn't, +-you can use the `configure' options `--x-includes=DIR' and +-`--x-libraries=DIR' to specify their locations. +- +- Some packages offer the ability to configure how verbose the +-execution of `make' will be. For these packages, running `./configure +---enable-silent-rules' sets the default to minimal output, which can be +-overridden with `make V=1'; while running `./configure +---disable-silent-rules' sets the default to verbose, which can be +-overridden with `make V=0'. +- +-Particular systems +-================== +- +- On HP-UX, the default C compiler is not ANSI C compatible. If GNU +-CC is not installed, it is recommended to use the following options in +-order to use an ANSI C compiler: +- +- ./configure CC="cc -Ae -D_XOPEN_SOURCE=500" +- +-and if that doesn't work, install pre-built binaries of GCC for HP-UX. +- +- HP-UX `make' updates targets which have the same time stamps as +-their prerequisites, which makes it generally unusable when shipped +-generated files such as `configure' are involved. Use GNU `make' +-instead. +- +- On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot +-parse its `<wchar.h>' header file. The option `-nodtk' can be used as +-a workaround. If GNU CC is not installed, it is therefore recommended +-to try +- +- ./configure CC="cc" +- +-and if that doesn't work, try +- +- ./configure CC="cc -nodtk" +- +- On Solaris, don't put `/usr/ucb' early in your `PATH'. This +-directory contains several dysfunctional programs; working variants of +-these programs are available in `/usr/bin'. So, if you need `/usr/ucb' +-in your `PATH', put it _after_ `/usr/bin'. +- +- On Haiku, software installed for all users goes in `/boot/common', +-not `/usr/local'. It is recommended to use the following options: +- +- ./configure --prefix=/boot/common +- +-Specifying the System Type +-========================== +- +- There may be some features `configure' cannot figure out +-automatically, but needs to determine by the type of machine the package +-will run on. Usually, assuming the package is built to be run on the +-_same_ architectures, `configure' can figure that out, but if it prints +-a message saying it cannot guess the machine type, give it the +-`--build=TYPE' option. TYPE can either be a short name for the system +-type, such as `sun4', or a canonical name which has the form: +- +- CPU-COMPANY-SYSTEM +- +-where SYSTEM can have one of these forms: +- +- OS +- KERNEL-OS +- +- See the file `config.sub' for the possible values of each field. If +-`config.sub' isn't included in this package, then this package doesn't +-need to know the machine type. +- +- If you are _building_ compiler tools for cross-compiling, you should +-use the option `--target=TYPE' to select the type of system they will +-produce code for. +- +- If you want to _use_ a cross compiler, that generates code for a +-platform different from the build platform, you should specify the +-"host" platform (i.e., that on which the generated programs will +-eventually be run) with `--host=TYPE'. +- +-Sharing Defaults +-================ +- +- If you want to set default values for `configure' scripts to share, +-you can create a site shell script called `config.site' that gives +-default values for variables like `CC', `cache_file', and `prefix'. +-`configure' looks for `PREFIX/share/config.site' if it exists, then +-`PREFIX/etc/config.site' if it exists. Or, you can set the +-`CONFIG_SITE' environment variable to the location of the site script. +-A warning: not all `configure' scripts look for a site script. +- +-Defining Variables +-================== +- +- Variables not defined in a site shell script can be set in the +-environment passed to `configure'. However, some packages may run +-configure again during the build, and the customized values of these +-variables may be lost. In order to avoid this problem, you should set +-them in the `configure' command line, using `VAR=value'. For example: +- +- ./configure CC=/usr/local2/bin/gcc +- +-causes the specified `gcc' to be used as the C compiler (unless it is +-overridden in the site shell script). +- +-Unfortunately, this technique does not work for `CONFIG_SHELL' due to +-an Autoconf limitation. Until the limitation is lifted, you can use +-this workaround: +- +- CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash +- +-`configure' Invocation +-====================== +- +- `configure' recognizes the following options to control how it +-operates. +- +-`--help' +-`-h' +- Print a summary of all of the options to `configure', and exit. +- +-`--help=short' +-`--help=recursive' +- Print a summary of the options unique to this package's +- `configure', and exit. The `short' variant lists options used +- only in the top level, while the `recursive' variant lists options +- also present in any nested packages. +- +-`--version' +-`-V' +- Print the version of Autoconf used to generate the `configure' +- script, and exit. +- +-`--cache-file=FILE' +- Enable the cache: use and save the results of the tests in FILE, +- traditionally `config.cache'. FILE defaults to `/dev/null' to +- disable caching. +- +-`--config-cache' +-`-C' +- Alias for `--cache-file=config.cache'. +- +-`--quiet' +-`--silent' +-`-q' +- Do not print messages saying which checks are being made. To +- suppress all normal output, redirect it to `/dev/null' (any error +- messages will still be shown). +- +-`--srcdir=DIR' +- Look for the package's source code in directory DIR. Usually +- `configure' can determine that directory automatically. +- +-`--prefix=DIR' +- Use DIR as the installation prefix. *note Installation Names:: +- for more details, including other options available for fine-tuning +- the installation locations. +- +-`--no-create' +-`-n' +- Run the configure checks, but stop before creating any output +- files. +- +-`configure' also accepts some other, not widely useful, options. Run +-`configure --help' for more details. +diff --git a/INSTALL b/INSTALL +new file mode 120000 +index 0000000..e3f22c0 +--- /dev/null ++++ b/INSTALL +@@ -0,0 +1 @@ ++/usr/share/automake-1.16/INSTALL +\ No newline at end of file +diff --git a/src/svc.c b/src/svc.c +index 6db164b..3a8709f 100644 +--- a/src/svc.c ++++ b/src/svc.c +@@ -57,7 +57,7 @@ + + #define max(a, b) (a > b ? a : b) + +-static SVCXPRT **__svc_xports; ++SVCXPRT **__svc_xports; + int __svc_maxrec; + + /* +@@ -194,6 +194,21 @@ __xprt_do_unregister (xprt, dolock) + rwlock_unlock (&svc_fd_lock); + } + ++int ++svc_open_fds() ++{ ++ int ix; ++ int nfds = 0; ++ ++ rwlock_rdlock (&svc_fd_lock); ++ for (ix = 0; ix < svc_max_pollfd; ++ix) { ++ if (svc_pollfd[ix].fd != -1) ++ nfds++; ++ } ++ rwlock_unlock (&svc_fd_lock); ++ return (nfds); ++} ++ + /* + * Add a service program to the callout list. + * The dispatch routine will be called when a rpc request for this +diff --git a/src/svc_vc.c b/src/svc_vc.c +index f1d9f00..3dc8a75 100644 +--- a/src/svc_vc.c ++++ b/src/svc_vc.c +@@ -64,6 +64,8 @@ + + + extern rwlock_t svc_fd_lock; ++extern SVCXPRT **__svc_xports; ++extern int svc_open_fds(); + + static SVCXPRT *makefd_xprt(int, u_int, u_int); + static bool_t rendezvous_request(SVCXPRT *, struct rpc_msg *); +@@ -82,6 +84,7 @@ static void svc_vc_ops(SVCXPRT *); + static bool_t svc_vc_control(SVCXPRT *xprt, const u_int rq, void *in); + static bool_t svc_vc_rendezvous_control (SVCXPRT *xprt, const u_int rq, + void *in); ++static int __svc_destroy_idle(int timeout); + + struct cf_rendezvous { /* kept in xprt->xp_p1 for rendezvouser */ + u_int sendsize; +@@ -313,13 +316,14 @@ done: + return (xprt); + } + ++ + /*ARGSUSED*/ + static bool_t + rendezvous_request(xprt, msg) + SVCXPRT *xprt; + struct rpc_msg *msg; + { +- int sock, flags; ++ int sock, flags, nfds, cnt; + struct cf_rendezvous *r; + struct cf_conn *cd; + struct sockaddr_storage addr; +@@ -379,6 +383,16 @@ again: + + gettimeofday(&cd->last_recv_time, NULL); + ++ nfds = svc_open_fds(); ++ if (nfds >= (_rpc_dtablesize() / 5) * 4) { ++ /* destroy idle connections */ ++ cnt = __svc_destroy_idle(15); ++ if (cnt == 0) { ++ /* destroy least active */ ++ __svc_destroy_idle(0); ++ } ++ } ++ + return (FALSE); /* there is never an rpc msg to be processed */ + } + +@@ -820,3 +834,49 @@ __svc_clean_idle(fd_set *fds, int timeout, bool_t cleanblock) + { + return FALSE; + } ++ ++static int ++__svc_destroy_idle(int timeout) ++{ ++ int i, ncleaned = 0; ++ SVCXPRT *xprt, *least_active; ++ struct timeval tv, tdiff, tmax; ++ struct cf_conn *cd; ++ ++ gettimeofday(&tv, NULL); ++ tmax.tv_sec = tmax.tv_usec = 0; ++ least_active = NULL; ++ rwlock_wrlock(&svc_fd_lock); ++ ++ for (i = 0; i <= svc_max_pollfd; i++) { ++ if (svc_pollfd[i].fd == -1) ++ continue; ++ xprt = __svc_xports[i]; ++ if (xprt == NULL || xprt->xp_ops == NULL || ++ xprt->xp_ops->xp_recv != svc_vc_recv) ++ continue; ++ cd = (struct cf_conn *)xprt->xp_p1; ++ if (!cd->nonblock) ++ continue; ++ if (timeout == 0) { ++ timersub(&tv, &cd->last_recv_time, &tdiff); ++ if (timercmp(&tdiff, &tmax, >)) { ++ tmax = tdiff; ++ least_active = xprt; ++ } ++ continue; ++ } ++ if (tv.tv_sec - cd->last_recv_time.tv_sec > timeout) { ++ __xprt_unregister_unlocked(xprt); ++ __svc_vc_dodestroy(xprt); ++ ncleaned++; ++ } ++ } ++ if (timeout == 0 && least_active != NULL) { ++ __xprt_unregister_unlocked(least_active); ++ __svc_vc_dodestroy(least_active); ++ ncleaned++; ++ } ++ rwlock_unlock(&svc_fd_lock); ++ return (ncleaned); ++} +-- +1.8.3.1 + diff --git a/gnu/packages/patches/libvirt-add-install-prefix.patch b/gnu/packages/patches/libvirt-add-install-prefix.patch index 1331fa9b6f..9ad339d82f 100644 --- a/gnu/packages/patches/libvirt-add-install-prefix.patch +++ b/gnu/packages/patches/libvirt-add-install-prefix.patch @@ -1,7 +1,8 @@ -Patch from NixOS: -https://raw.githubusercontent.com/NixOS/nixpkgs/b98031a49c66095dd1eb9185ecdaeeb5e3cd752d/pkgs/development/libraries/libvirt/0001-meson-patch-in-an-install-prefix-for-building-on-nix.patch +Patch from NixOS: -From a896b0be849455edb83a9305dfec9b41447ef3e4 Mon Sep 17 00:00:00 2001 + https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/libraries/libvirt/0001-meson-patch-in-an-install-prefix-for-building-on-nix.patch + +From ad42041cfedcf25716429d2aad16641e0e2a012f Mon Sep 17 00:00:00 2001 From: Euan Kemp <euank@euank.com> Date: Thu, 14 Jan 2021 00:32:00 -0800 Subject: [PATCH] meson: patch in an install prefix for building on nix @@ -9,22 +10,9 @@ Subject: [PATCH] meson: patch in an install prefix for building on nix Used in the nixpkgs version of libvirt so that we can install things in the nix store, but read them from the root filesystem. --- - meson.build | 9 +++++++++ - meson_options.txt | 2 ++ - src/libxl/meson.build | 6 +++--- - src/locking/meson.build | 8 ++++---- - src/lxc/meson.build | 6 +++--- - src/meson.build | 18 +++++++++--------- - src/network/meson.build | 12 ++++++------ - src/nwfilter/xml/meson.build | 2 +- - src/qemu/meson.build | 14 +++++++------- - src/remote/meson.build | 6 +++--- - src/security/apparmor/meson.build | 8 ++++---- - tools/meson.build | 4 ++-- - 12 files changed, 53 insertions(+), 42 deletions(-) diff --git a/meson.build b/meson.build -index b5164f6..33719f1 100644 +index 9016c0458a..b26e690194 100644 --- a/meson.build +++ b/meson.build @@ -39,6 +39,8 @@ if host_machine.system() == 'windows' @@ -51,7 +39,7 @@ index b5164f6..33719f1 100644 # sysconfdir as this makes a lot of things break in testing situations if prefix == '/usr' diff --git a/meson_options.txt b/meson_options.txt -index e5d79c2..081cd32 100644 +index 5b43cdbd6b..e9dff18441 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -1,3 +1,5 @@ @@ -60,27 +48,67 @@ index e5d79c2..081cd32 100644 option('no_git', type: 'boolean', value: false, description: 'Disable git submodule update') option('packager', type: 'string', value: '', description: 'Extra packager name') option('packager_version', type: 'string', value: '', description: 'Extra packager version') +diff --git a/src/ch/meson.build b/src/ch/meson.build +index 66b77907b0..6aa9bbc548 100644 +--- a/src/ch/meson.build ++++ b/src/ch/meson.build +@@ -64,8 +64,8 @@ if conf.has('WITH_CH') + } + + virt_install_dirs += [ +- localstatedir / 'lib' / 'libvirt' / 'ch', +- localstatedir / 'log' / 'libvirt' / 'ch', +- runstatedir / 'libvirt' / 'ch', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'ch', ++ install_prefix + localstatedir / 'log' / 'libvirt' / 'ch', ++ install_prefix + runstatedir / 'libvirt' / 'ch', + ] + endif +diff --git a/src/interface/meson.build b/src/interface/meson.build +index 828f274422..2a6b1f8c5e 100644 +--- a/src/interface/meson.build ++++ b/src/interface/meson.build +@@ -56,6 +56,6 @@ if conf.has('WITH_INTERFACE') + } + + virt_install_dirs += [ +- runstatedir / 'libvirt' / 'interface', ++ install_prefix + runstatedir / 'libvirt' / 'interface', + ] + endif diff --git a/src/libxl/meson.build b/src/libxl/meson.build -index 3bb6cc5..78d7be0 100644 +index 0cc277db82..48d8c5b962 100644 --- a/src/libxl/meson.build +++ b/src/libxl/meson.build -@@ -84,8 +84,8 @@ if conf.has('WITH_LIBXL') +@@ -79,14 +79,14 @@ if conf.has('WITH_LIBXL') } virt_install_dirs += [ +- confdir / 'libxl', +- confdir / 'libxl' / 'autostart', - localstatedir / 'lib' / 'libvirt' / 'libxl', -- runstatedir / 'libvirt' / 'libxl', +- localstatedir / 'lib' / 'libvirt' / 'libxl' / 'channel', +- localstatedir / 'lib' / 'libvirt' / 'libxl' / 'channel' / 'target', +- localstatedir / 'lib' / 'libvirt' / 'libxl' / 'dump', +- localstatedir / 'lib' / 'libvirt' / 'libxl' / 'save', - localstatedir / 'log' / 'libvirt' / 'libxl', +- runstatedir / 'libvirt' / 'libxl', ++ install_prefix + confdir / 'libxl', ++ install_prefix + confdir / 'libxl' / 'autostart', + install_prefix + localstatedir / 'lib' / 'libvirt' / 'libxl', -+ install_prefix + runstatedir / 'libvirt' / 'libxl', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'libxl' / 'channel', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'libxl' / 'channel' / 'target', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'libxl' / 'dump', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'libxl' / 'save', + install_prefix + localstatedir / 'log' / 'libvirt' / 'libxl', ++ install_prefix + runstatedir / 'libvirt' / 'libxl', ] endif diff --git a/src/locking/meson.build b/src/locking/meson.build -index 8a28310..9da81cc 100644 +index 72f7780438..abe70d20d5 100644 --- a/src/locking/meson.build +++ b/src/locking/meson.build -@@ -243,14 +243,14 @@ if conf.has('WITH_LIBVIRTD') +@@ -238,14 +238,14 @@ if conf.has('WITH_LIBVIRTD') } virt_install_dirs += [ @@ -100,26 +128,39 @@ index 8a28310..9da81cc 100644 endif endif diff --git a/src/lxc/meson.build b/src/lxc/meson.build -index f8e2a88..96d6687 100644 +index 99d4a34213..aae477c1ee 100644 --- a/src/lxc/meson.build +++ b/src/lxc/meson.build -@@ -182,8 +182,8 @@ if conf.has('WITH_LXC') +@@ -176,10 +176,10 @@ if conf.has('WITH_LXC') } virt_install_dirs += [ +- confdir / 'lxc', +- confdir / 'lxc' / 'autostart', - localstatedir / 'lib' / 'libvirt' / 'lxc', -- runstatedir / 'libvirt' / 'lxc', - localstatedir / 'log' / 'libvirt' / 'lxc', +- runstatedir / 'libvirt' / 'lxc', ++ install_prefix + confdir / 'lxc', ++ install_prefix + confdir / 'lxc' / 'autostart', + install_prefix + localstatedir / 'lib' / 'libvirt' / 'lxc', -+ install_prefix + runstatedir / 'libvirt' / 'lxc', + install_prefix + localstatedir / 'log' / 'libvirt' / 'lxc', ++ install_prefix + runstatedir / 'libvirt' / 'lxc', ] endif diff --git a/src/meson.build b/src/meson.build -index 7c47821..d33d16a 100644 +index b2d951d36c..305716010f 100644 --- a/src/meson.build +++ b/src/meson.build -@@ -669,7 +669,7 @@ endforeach +@@ -210,7 +210,7 @@ openrc_init_files = [] + + # virt_install_dirs: + # list of directories to create during installation +-virt_install_dirs = [ confdir ] ++virt_install_dirs = [ install_prefix + confdir ] + + # driver_source_files: + # driver source files to check +@@ -663,7 +663,7 @@ endforeach virt_conf_files += 'libvirt.conf' @@ -128,7 +169,7 @@ index 7c47821..d33d16a 100644 install_data(virt_aug_files, install_dir: virt_aug_dir) # augeas_test_data: -@@ -729,7 +729,7 @@ foreach data : virt_daemon_confs +@@ -723,7 +723,7 @@ foreach data : virt_daemon_confs output: '@0@.conf'.format(data['name']), configuration: daemon_conf, install: true, @@ -137,15 +178,16 @@ index 7c47821..d33d16a 100644 ) if data.get('with_ip', false) -@@ -853,14 +853,14 @@ if conf.has('WITH_LIBVIRTD') +@@ -847,7 +847,7 @@ if conf.has('WITH_LIBVIRTD') install_data( init_file, - install_dir: sysconfdir / 'init.d', + install_dir: install_prefix + sysconfdir / 'init.d', + install_mode: 'rwxr-xr-x', rename: [ init['name'] ], ) - +@@ -855,7 +855,7 @@ if conf.has('WITH_LIBVIRTD') if init.has_key('confd') install_data( init['confd'], @@ -154,16 +196,7 @@ index 7c47821..d33d16a 100644 rename: [ init['name'] ], ) endif -@@ -872,7 +872,7 @@ if init_script != 'none' - foreach sysconf : sysconf_files - install_data( - sysconf['file'], -- install_dir: sysconfdir / 'sysconfig', -+ install_dir: install_prefix + sysconfdir / 'sysconfig', - rename: [ sysconf['name'] ], - ) - endforeach -@@ -897,10 +897,10 @@ endif +@@ -882,10 +882,10 @@ endif # Install empty directories virt_install_dirs += [ @@ -179,23 +212,27 @@ index 7c47821..d33d16a 100644 meson.add_install_script( diff --git a/src/network/meson.build b/src/network/meson.build -index 3ec598c..b02040b 100644 +index b5eff0c3ab..a0f26d624e 100644 --- a/src/network/meson.build +++ b/src/network/meson.build -@@ -79,9 +79,9 @@ if conf.has('WITH_NETWORK') +@@ -73,11 +73,11 @@ if conf.has('WITH_NETWORK') } virt_install_dirs += [ +- confdir / 'qemu' / 'networks', +- confdir / 'qemu' / 'networks' / 'autostart', - localstatedir / 'lib' / 'libvirt' / 'network', - localstatedir / 'lib' / 'libvirt' / 'dnsmasq', - runstatedir / 'libvirt' / 'network', ++ install_prefix + confdir / 'qemu' / 'networks', ++ install_prefix + confdir / 'qemu' / 'networks' / 'autostart', + install_prefix + localstatedir / 'lib' / 'libvirt' / 'network', + install_prefix + localstatedir / 'lib' / 'libvirt' / 'dnsmasq', + install_prefix + runstatedir / 'libvirt' / 'network', ] configure_file( -@@ -89,12 +89,12 @@ if conf.has('WITH_NETWORK') +@@ -85,12 +85,12 @@ if conf.has('WITH_NETWORK') output: '@BASENAME@', copy: true, install: true, @@ -210,8 +247,37 @@ index 3ec598c..b02040b 100644 '../default.xml', 'default.xml', ) +diff --git a/src/node_device/meson.build b/src/node_device/meson.build +index 1c95975c37..a7831242db 100644 +--- a/src/node_device/meson.build ++++ b/src/node_device/meson.build +@@ -64,6 +64,6 @@ if conf.has('WITH_NODE_DEVICES') + } + + virt_install_dirs += [ +- runstatedir / 'libvirt' / 'nodedev', ++ install_prefix + runstatedir / 'libvirt' / 'nodedev', + ] + endif +diff --git a/src/nwfilter/meson.build b/src/nwfilter/meson.build +index 55cf8fcce4..d331086f2e 100644 +--- a/src/nwfilter/meson.build ++++ b/src/nwfilter/meson.build +@@ -62,9 +62,9 @@ if conf.has('WITH_NWFILTER') + } + + virt_install_dirs += [ +- confdir / 'nwfilter', +- runstatedir / 'libvirt' / 'nwfilter-binding', +- runstatedir / 'libvirt' / 'nwfilter', ++ install_prefix + confdir / 'nwfilter', ++ install_prefix + runstatedir / 'libvirt' / 'nwfilter-binding', ++ install_prefix + runstatedir / 'libvirt' / 'nwfilter', + ] + + subdir('xml') diff --git a/src/nwfilter/xml/meson.build b/src/nwfilter/xml/meson.build -index 0d96c54..66c92a1 100644 +index 0d96c54ebe..66c92a1016 100644 --- a/src/nwfilter/xml/meson.build +++ b/src/nwfilter/xml/meson.build @@ -25,4 +25,4 @@ nwfilter_xml_files = [ @@ -221,43 +287,71 @@ index 0d96c54..66c92a1 100644 -install_data(nwfilter_xml_files, install_dir: sysconfdir / 'libvirt' / 'nwfilter') +install_data(nwfilter_xml_files, install_dir: install_prefix + sysconfdir / 'libvirt' / 'nwfilter') diff --git a/src/qemu/meson.build b/src/qemu/meson.build -index 90640b0..8802cec 100644 +index 39f0f615cc..5f6f30f82b 100644 --- a/src/qemu/meson.build +++ b/src/qemu/meson.build -@@ -171,12 +171,12 @@ if conf.has('WITH_QEMU') - } +@@ -175,24 +175,24 @@ if conf.has('WITH_QEMU') + endif virt_install_dirs += [ -- localstatedir / 'lib' / 'libvirt' / 'qemu', -- runstatedir / 'libvirt' / 'qemu', +- confdir / 'qemu', +- confdir / 'qemu' / 'autostart', - localstatedir / 'cache' / 'libvirt' / 'qemu', -- localstatedir / 'log' / 'libvirt' / 'qemu', +- localstatedir / 'lib' / 'libvirt' / 'qemu', +- localstatedir / 'lib' / 'libvirt' / 'qemu' / 'channel', +- localstatedir / 'lib' / 'libvirt' / 'qemu' / 'channel' / 'target', +- localstatedir / 'lib' / 'libvirt' / 'qemu' / 'checkpoint', +- localstatedir / 'lib' / 'libvirt' / 'qemu' / 'dump', +- localstatedir / 'lib' / 'libvirt' / 'qemu' / 'nvram', +- localstatedir / 'lib' / 'libvirt' / 'qemu' / 'ram', +- localstatedir / 'lib' / 'libvirt' / 'qemu' / 'save', +- localstatedir / 'lib' / 'libvirt' / 'qemu' / 'snapshot', - localstatedir / 'lib' / 'libvirt' / 'swtpm', -- runstatedir / 'libvirt' / 'qemu' / 'swtpm', +- localstatedir / 'log' / 'libvirt' / 'qemu', - localstatedir / 'log' / 'swtpm' / 'libvirt' / 'qemu', -+ install_prefix + localstatedir / 'lib' / 'libvirt' / 'qemu', -+ install_prefix + runstatedir / 'libvirt' / 'qemu', +- runstatedir / 'libvirt' / 'qemu', +- runstatedir / 'libvirt' / 'qemu' / 'dbus', +- runstatedir / 'libvirt' / 'qemu' / 'slirp', +- runstatedir / 'libvirt' / 'qemu' / 'swtpm', ++ install_prefix + confdir / 'qemu', ++ install_prefix + confdir / 'qemu' / 'autostart', + install_prefix + localstatedir / 'cache' / 'libvirt' / 'qemu', -+ install_prefix + localstatedir / 'log' / 'libvirt' / 'qemu', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'qemu', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'qemu' / 'channel', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'qemu' / 'channel' / 'target', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'qemu' / 'checkpoint', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'qemu' / 'dump', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'qemu' / 'nvram', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'qemu' / 'ram', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'qemu' / 'save', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'qemu' / 'snapshot', + install_prefix + localstatedir / 'lib' / 'libvirt' / 'swtpm', -+ install_prefix + runstatedir / 'libvirt' / 'qemu' / 'swtpm', ++ install_prefix + localstatedir / 'log' / 'libvirt' / 'qemu', + install_prefix + localstatedir / 'log' / 'swtpm' / 'libvirt' / 'qemu', ++ install_prefix + runstatedir / 'libvirt' / 'qemu', ++ install_prefix + runstatedir / 'libvirt' / 'qemu' / 'dbus', ++ install_prefix + runstatedir / 'libvirt' / 'qemu' / 'slirp', ++ install_prefix + runstatedir / 'libvirt' / 'qemu' / 'swtpm', ] endif diff --git a/src/remote/meson.build b/src/remote/meson.build -index 9ad2f6a..429a15b 100644 +index b2aafe6320..6972d254ca 100644 --- a/src/remote/meson.build +++ b/src/remote/meson.build -@@ -245,7 +245,7 @@ if conf.has('WITH_REMOTE') +@@ -235,9 +235,9 @@ if conf.has('WITH_REMOTE') } virt_install_dirs += [ - localstatedir / 'log' / 'libvirt', +- runstatedir / 'libvirt', +- runstatedir / 'libvirt' / 'common', + install_prefix + localstatedir / 'log' / 'libvirt', ++ install_prefix + runstatedir / 'libvirt', ++ install_prefix + runstatedir / 'libvirt' / 'common', ] logrotate_conf = configuration_data() -@@ -259,7 +259,7 @@ if conf.has('WITH_REMOTE') +@@ -251,7 +251,7 @@ if conf.has('WITH_REMOTE') ) install_data( log_file, @@ -266,7 +360,7 @@ index 9ad2f6a..429a15b 100644 rename: [ name ], ) endforeach -@@ -309,7 +309,7 @@ endif +@@ -301,7 +301,7 @@ endif if conf.has('WITH_SASL') install_data( 'libvirtd.sasl', @@ -275,11 +369,25 @@ index 9ad2f6a..429a15b 100644 rename: [ 'libvirt.conf' ], ) endif +diff --git a/src/secret/meson.build b/src/secret/meson.build +index 1bda59849b..392bc2cb2e 100644 +--- a/src/secret/meson.build ++++ b/src/secret/meson.build +@@ -45,7 +45,7 @@ if conf.has('WITH_SECRETS') + } + + virt_install_dirs += [ +- confdir / 'secrets', +- runstatedir / 'libvirt' / 'secrets', ++ install_prefix + confdir / 'secrets', ++ install_prefix + runstatedir / 'libvirt' / 'secrets', + ] + endif diff --git a/src/security/apparmor/meson.build b/src/security/apparmor/meson.build -index af43780..e2d6c81 100644 +index 990f00b4f3..e5a7a14e1d 100644 --- a/src/security/apparmor/meson.build +++ b/src/security/apparmor/meson.build -@@ -17,22 +17,22 @@ foreach name : apparmor_gen_profiles +@@ -19,22 +19,22 @@ foreach name : apparmor_gen_profiles output: name, configuration: apparmor_gen_profiles_conf, install: true, @@ -306,11 +414,28 @@ index af43780..e2d6c81 100644 + install_dir: install_prefix + apparmor_dir / 'local', rename: 'usr.lib.libvirt.virt-aa-helper', ) +diff --git a/src/storage/meson.build b/src/storage/meson.build +index 26e7ff1a1a..ad5c6eddc3 100644 +--- a/src/storage/meson.build ++++ b/src/storage/meson.build +@@ -127,9 +127,9 @@ if conf.has('WITH_STORAGE') + } + + virt_install_dirs += [ +- confdir / 'storage', +- confdir / 'storage' / 'autostart', +- runstatedir / 'libvirt' / 'storage', ++ install_prefix + confdir / 'storage', ++ install_prefix + confdir / 'storage' / 'autostart', ++ install_prefix + runstatedir / 'libvirt' / 'storage', + ] + endif + diff --git a/tools/meson.build b/tools/meson.build -index b8c6802..dacd0ff 100644 +index f4b4a16c29..059c73a955 100644 --- a/tools/meson.build +++ b/tools/meson.build -@@ -115,7 +115,7 @@ if conf.has('WITH_LOGIN_SHELL') +@@ -120,7 +120,7 @@ if conf.has('WITH_LOGIN_SHELL') install_rpath: libvirt_rpath, ) @@ -319,11 +444,6 @@ index b8c6802..dacd0ff 100644 endif if host_machine.system() == 'windows' -@@ -274,7 +274,7 @@ configure_file( - if init_script == 'systemd' - install_data( - 'libvirt-guests.sysconf', -- install_dir: sysconfdir / 'sysconfig', -+ install_dir: install_prefix + sysconfdir / 'sysconfig', - rename: 'libvirt-guests', - ) +-- +2.35.1 + diff --git a/gnu/packages/patches/mumps-build-parallelism.patch b/gnu/packages/patches/mumps-build-parallelism.patch deleted file mode 100644 index 26dd330311..0000000000 --- a/gnu/packages/patches/mumps-build-parallelism.patch +++ /dev/null @@ -1,13 +0,0 @@ -Building sublibraries in parallel can lead to race conditions on the libseq -and lipord targets. - ---- MUMPS_5.0.0/Makefile.orig 2015-06-15 10:08:54.523146562 -0500 -+++ MUMPS_5.0.0/Makefile 2015-06-15 10:19:44.074367512 -0500 -@@ -11,6 +11,7 @@ - sexamples dexamples cexamples zexamples \ - mumps_lib requiredobj libseqneeded clean - -+.NOTPARALLEL: - alllib: c z s d - all: cexamples zexamples sexamples dexamples - diff --git a/gnu/packages/patches/mumps-shared-libseq.patch b/gnu/packages/patches/mumps-shared-libseq.patch deleted file mode 100644 index eccf528f7a..0000000000 --- a/gnu/packages/patches/mumps-shared-libseq.patch +++ /dev/null @@ -1,42 +0,0 @@ -Create a shared version of the sequential library, MUST BE LAST IN SERIES - -Index: mumps/libseq/Makefile -=================================================================== ---- mumps.orig/libseq/Makefile -+++ mumps/libseq/Makefile -@@ -8,15 +8,17 @@ all: libmpiseq - - include ../Makefile.inc - --libmpiseq: libmpiseq$(PLAT)$(LIBEXT) -+libmpiseq: libmpiseq$(PLAT).a libmpiseq$(PLAT).so - --libmpiseq$(PLAT)$(LIBEXT): mpi.o mpic.o elapse.o -- $(AR)$@ mpi.o mpic.o elapse.o -+libmpiseq$(PLAT).a: mpi.o mpic.o elapse.o -+ $(AR) $@ mpi.o mpic.o elapse.o - $(RANLIB) $@ -+libmpiseq$(PLAT).so: mpi.o mpic.o elapse.o -+ $(FC) -shared $^ -Wl,-soname,libmpiseq$(PLAT)-5.2.1.so -o libmpiseq$(PLAT)-5.2.1.so -Wl,-z,defs - .f.o: -- $(FC) $(OPTF) -c $*.f $(OUTF)$*.o -+ $(FC) $(OPTF) -fPIC -c $*.f $(OUTF)$*.o - .c.o: -- $(CC) $(OPTC) $(CDEFS) -I. -c $*.c $(OUTC)$*.o -+ $(CC) $(OPTC) $(CDEFS) -I. -fPIC -c $*.c $(OUTC)$*.o - - clean: -- $(RM) *.o *$(LIBEXT) -+ $(RM) *.o *.a *.so -Index: mumps/Makefile -=================================================================== ---- mumps.orig/Makefile -+++ mumps/Makefile -@@ -60,6 +60,7 @@ requiredobj: Makefile.inc $(LIBSEQNEEDED - - libseqneeded: - (cd libseq; $(MAKE)) -+ cp libseq/lib* $(libdir) - - # Build the libpord.a library and copy it into $(topdir)/lib - $(libdir)/libpord$(PLAT).a: diff --git a/gnu/packages/patches/mumps-shared-mumps.patch b/gnu/packages/patches/mumps-shared-mumps.patch deleted file mode 100644 index d94ccf6ce9..0000000000 --- a/gnu/packages/patches/mumps-shared-mumps.patch +++ /dev/null @@ -1,63 +0,0 @@ -Create a shared version of the MUMPS library. - -Index: mumps/src/Makefile -=================================================================== ---- mumps.orig/src/Makefile -+++ mumps/src/Makefile -@@ -23,8 +23,10 @@ z: - - include $(topdir)/Makefile.inc - --mumps_lib: $(libdir)/libmumps_common$(PLAT)$(LIBEXT) \ -- $(libdir)/lib$(ARITH)mumps$(PLAT)$(LIBEXT) -+mumps_lib: $(libdir)/libmumps_common$(PLAT).a \ -+ $(libdir)/libmumps_common$(PLAT).so \ -+ $(libdir)/lib$(ARITH)mumps$(PLAT).a \ -+ $(libdir)/lib$(ARITH)mumps$(PLAT).so - - OBJS_COMMON_MOD = \ - lr_common.o \ -@@ -167,14 +169,22 @@ OBJS_OTHER = \ - $(ARITH)tools.o\ - $(ARITH)type3_root.o - --$(libdir)/libmumps_common$(PLAT)$(LIBEXT): $(OBJS_COMMON_MOD) $(OBJS_COMMON_OTHER) -- $(AR)$@ $? -+$(libdir)/libmumps_common$(PLAT).a: $(OBJS_COMMON_MOD) $(OBJS_COMMON_OTHER) -+ $(AR) $@ $? - $(RANLIB) $@ - --$(libdir)/lib$(ARITH)mumps$(PLAT)$(LIBEXT): $(OBJS_MOD) $(OBJS_OTHER) -- $(AR)$@ $? -+$(libdir)/libmumps_common$(PLAT).so: $(OBJS_COMMON_MOD) $(OBJS_COMMON_OTHER) -+ $(FC) -shared $^ -Wl,-soname,libmumps_common$(PLAT)-5.2.1.so -L$(libdir) $(LORDERINGS) -lpthread $(MPIFLIB) $(MPICLIB) $(LEXTRAS) -o $(libdir)/libmumps_common$(PLAT)-5.2.1.so -Wl,-z,defs -+ ln -s libmumps_common$(PLAT)-5.2.1.so $@ -+ -+$(libdir)/lib$(ARITH)mumps$(PLAT).a: $(OBJS_MOD) $(OBJS_OTHER) -+ $(AR) $@ $? - $(RANLIB) $@ - -+$(libdir)/lib$(ARITH)mumps$(PLAT).so: $(OBJS_MOD) $(OBJS_OTHER) -+ $(FC) -shared $^ -Wl,-soname,lib$(ARITH)mumps$(PLAT)-5.2.1.so -L$(libdir) -lmumps_common$(PLAT) $(LORDERINGS) $(MPIFLIB) $(LEXTRAS) $(LIBBLAS) $(SCALAP) $(LAPACK) -o $(libdir)/lib$(ARITH)mumps$(PLAT)-5.2.1.so -Wl,-z,defs -+ ln -s lib$(ARITH)mumps$(PLAT)-5.2.1.so $@ -+ - # Dependencies between modules: - $(ARITH)mumps_load.o: $(ARITH)mumps_comm_buffer.o \ - $(ARITH)mumps_struc_def.o \ -@@ -290,13 +300,13 @@ $(OBJS_OTHER):$(OBJS_COMMON_MOD) $(OBJS_ - - .SUFFIXES: .c .F .o - .F.o: -- $(FC) $(OPTF) $(INCS) $(IORDERINGSF) $(ORDERINGSF) -I. -I../include -c $*.F $(OUTF)$*.o -+ $(FC) $(OPTF) $(INCS) $(IORDERINGSF) $(ORDERINGSF) -I. -I../include -fPIC -c $*.F $(OUTF)$*.o - .c.o: -- $(CC) $(OPTC) $(INCS) -I../include $(CDEFS) $(IORDERINGSC) $(ORDERINGSC) -c $*.c $(OUTC)$*.o -+ $(CC) $(OPTC) $(INCS) -I../include $(CDEFS) $(IORDERINGSC) $(ORDERINGSC) -fPIC -c $*.c $(OUTC)$*.o - - $(ARITH)mumps_c.o: mumps_c.c - $(CC) $(OPTC) $(INCS) $(CDEFS) -DMUMPS_ARITH=MUMPS_ARITH_$(ARITH) \ -- $(IORDERINGSC) $(ORDERINGSC) -I../include -c mumps_c.c $(OUTC)$@ -+ $(IORDERINGSC) $(ORDERINGSC) -I../include -fPIC -c mumps_c.c $(OUTC)$@ - - - clean: diff --git a/gnu/packages/patches/mumps-shared-pord.patch b/gnu/packages/patches/mumps-shared-pord.patch deleted file mode 100644 index d3915b0ad9..0000000000 --- a/gnu/packages/patches/mumps-shared-pord.patch +++ /dev/null @@ -1,77 +0,0 @@ -Create static and shared versions of the PORD library. - -Index: mumps/PORD/lib/Makefile -=================================================================== ---- mumps.orig/PORD/lib/Makefile -+++ mumps/PORD/lib/Makefile -@@ -9,7 +9,7 @@ - - INCLUDES = -I../include - --COPTIONS = $(INCLUDES) $(CFLAGS) $(OPTFLAGS) -+COPTIONS = $(INCLUDES) $(CFLAGS) $(OPTFLAGS) -fPIC - - OBJS = graph.o gbipart.o gbisect.o ddcreate.o ddbisect.o nestdiss.o \ - multisector.o gelim.o bucket.o tree.o \ -@@ -24,12 +24,16 @@ OBJS = graph.o gbipart.o gbisect.o ddcre - .c.o: - $(CC) $(COPTIONS) -c $*.c $(OUTC)$*.o - --libpord$(LIBEXT):$(OBJS) -- $(AR)$@ $(OBJS) -+libpord$(PLAT).a:$(OBJS) -+ $(AR) $@ $(OBJS) - $(RANLIB) $@ - -+libpord$(PLAT).so: $(OBJS) -+ $(CC) -shared $(OBJS) -Wl,-soname,libpord$(PLAT)-5.2.1.so -o libpord$(PLAT)-5.2.1.so -Wl,-z,defs -+ ln -s libpord$(PLAT)-5.2.1.so $@ -+ - clean: - rm -f *.o - - realclean: -- rm -f *.o libpord.a -+ rm -f *.o libpord*.a *.so -Index: mumps/Makefile -=================================================================== ---- mumps.orig/Makefile -+++ mumps/Makefile -@@ -54,7 +54,7 @@ dexamples: d - multi_example: s d c z - (cd examples ; $(MAKE) multi) - --requiredobj: Makefile.inc $(LIBSEQNEEDED) $(libdir)/libpord$(PLAT)$(LIBEXT) -+requiredobj: Makefile.inc $(LIBSEQNEEDED) $(libdir)/libpord$(PLAT).a $(libdir)/libpord$(PLAT).so - - # dummy MPI library (sequential version) - -@@ -62,19 +62,25 @@ libseqneeded: - (cd libseq; $(MAKE)) - - # Build the libpord.a library and copy it into $(topdir)/lib --$(libdir)/libpord$(PLAT)$(LIBEXT): -+$(libdir)/libpord$(PLAT).a: - if [ "$(LPORDDIR)" != "" ] ; then \ - cd $(LPORDDIR); \ - $(MAKE) CC="$(CC)" CFLAGS="$(OPTC)" AR="$(AR)" RANLIB="$(RANLIB)" OUTC="$(OUTC)" LIBEXT=$(LIBEXT); \ - fi; - if [ "$(LPORDDIR)" != "" ] ; then \ -- cp $(LPORDDIR)/libpord$(LIBEXT) $@; \ -+ cp $(LPORDDIR)/libpord$(PLAT).a $@; \ - fi; - -+$(libdir)/libpord$(PLAT).so: -+ if [ "$(LPORDDIR)" != "" ] ; then \ -+ cd $(LPORDDIR); make CC="$(CC)" CFLAGS="$(OPTC)" AR="$(AR)" ARFUNCT= RANLIB="$(RANLIB)" libpord$(PLAT).so; fi; -+ if [ "$(LPORDDIR)" != "" ] ; then \ -+ cp -a $(LPORDDIR)/libpord*.so lib/; fi; -+ - clean: - (cd src; $(MAKE) clean) - (cd examples; $(MAKE) clean) -- (cd $(libdir); $(RM) *$(PLAT)$(LIBEXT)) -+ (cd $(libdir); $(RM) *$(PLAT).a *$(PLAT).so) - (cd libseq; $(MAKE) clean) - if [ "$(LPORDDIR)" != "" ] ; then \ - cd $(LPORDDIR); $(MAKE) realclean; \ diff --git a/gnu/packages/patches/nsis-env-passthru.patch b/gnu/packages/patches/nsis-env-passthru.patch index 36b4092230..22b186f55a 100644 --- a/gnu/packages/patches/nsis-env-passthru.patch +++ b/gnu/packages/patches/nsis-env-passthru.patch @@ -1,12 +1,11 @@ ---- nsis-3.04-src/SConstruct 2019-05-30 14:53:30.276775332 -0400 -+++ nsis-3.04-src/SConstruct 2019-05-30 14:54:17.901232914 -0400 -@@ -77,6 +77,9 @@ - if not toolset and not path: - defenv = Environment(TARGET_ARCH = arch) +--- nsis-3.08-src/SConstruct 2021-01-15 17:31:10.000000000 +0100 ++++ nsis-3.08-src/SConstruct-passthru 2022-08-02 17:11:12.414702282 +0200 +@@ -71,7 +71,7 @@ -+import os; -+defenv['ENV'] = os.environ -+ - Export('defenv') + defenv = { + 'TARGET_ARCH': ARGUMENTS.get('TARGET_ARCH', 'x86'), +- 'ENV': {} ++ 'ENV': os.environ.copy() + } ###################################################################### diff --git a/gnu/packages/patches/nsis-source-date-epoch.patch b/gnu/packages/patches/nsis-source-date-epoch.patch deleted file mode 100644 index 744c2a8011..0000000000 --- a/gnu/packages/patches/nsis-source-date-epoch.patch +++ /dev/null @@ -1,23 +0,0 @@ -Honour SOURCE_DATE_EPOCH for VERSION default - -Merged upstream as cd3f1024a37a332f1d4fa96a817ca80dfa2a478c, but not yet in a -release. GitHub PR: https://github.com/kichik/nsis/pull/13 - -Python snippet from: https://reproducible-builds.org/docs/source-date-epoch/#python - - -diff --git a/SConstruct b/SConstruct -index e8252c9..41786f2 100755 ---- a/SConstruct -+++ b/SConstruct -@@ -95,8 +95,8 @@ default_doctype = 'html' - if defenv.WhereIs('hhc', os.environ['PATH']): - default_doctype = 'chm' - --from time import strftime, gmtime --cvs_version = strftime('%d-%b-%Y.cvs', gmtime()) -+import time -+cvs_version = time.strftime('%d-%b-%Y.cvs', time.gmtime(int(os.environ.get('SOURCE_DATE_EPOCH', time.time())))) - - opts = Variables() - diff --git a/gnu/packages/patches/qtwayland-gcc-11.patch b/gnu/packages/patches/qtwayland-gcc-11.patch new file mode 100644 index 0000000000..06983ff2f3 --- /dev/null +++ b/gnu/packages/patches/qtwayland-gcc-11.patch @@ -0,0 +1,18 @@ +Add missing import for newer libstdc++. + +Taken from upstream: + + https://github.com/qt/qtwayland/commit/1aa6ec2c778504d96543f6cdc2b9199a7b066fc1 + +diff --git a/tests/auto/client/shared/corecompositor.cpp b/tests/auto/client/shared/corecompositor.cpp +index 5c6c83baa..fa9b7662a 100644 +--- a/tests/auto/client/shared/corecompositor.cpp ++++ b/tests/auto/client/shared/corecompositor.cpp +@@ -27,6 +27,7 @@ + ****************************************************************************/ + + #include "corecompositor.h" ++#include <thread> + + namespace MockCompositor { + diff --git a/gnu/packages/patches/ruby-anystyle-data-immutable-install.patch b/gnu/packages/patches/ruby-anystyle-data-immutable-install.patch new file mode 100644 index 0000000000..d5d7149a67 --- /dev/null +++ b/gnu/packages/patches/ruby-anystyle-data-immutable-install.patch @@ -0,0 +1,40 @@ +From a6f5b37cd22daa6069d8fbef8cba9dc60a6731f6 Mon Sep 17 00:00:00 2001 +From: Philip McGrath <philip@philipmcgrath.com> +Date: Sun, 24 Jul 2022 23:54:19 -0400 +Subject: [PATCH] `AnyStyle::Data.setup()`: adjust for immutable install + +Don't override the default paths for `Dictionary::Marshal`, +`Dictionary::GDBM`, and `Dictionary:LDBM` to point to this gem: we can't +populate such files without the 'anystyle' gem (which depends on this +one), and we won't be able to write to the directory where this gem is +installed later, so the files will never exist at those locations. +--- + lib/anystyle/data/setup.rb | 12 ------------ + 1 file changed, 12 deletions(-) + +diff --git a/lib/anystyle/data/setup.rb b/lib/anystyle/data/setup.rb +index 17efdf8..08246fa 100644 +--- a/lib/anystyle/data/setup.rb ++++ b/lib/anystyle/data/setup.rb +@@ -4,18 +4,6 @@ module AnyStyle + + def self.setup + Dictionary.defaults[:source] = File.join(ROOT, 'dict.txt.gz') +- +- if defined? Dictionary::Marshal +- Dictionary::Marshal.defaults[:path] = File.join(ROOT, 'dict.marshal') +- end +- +- if defined? Dictionary::GDBM +- Dictionary::GDBM.defaults[:path] = File.join(ROOT, 'dict.db') +- end +- +- if defined? Dictionary::LDBM +- Dictionary::LDBM.defaults[:path] = ROOT +- end + end + end + end +-- +2.32.0 + diff --git a/gnu/packages/patches/ruby-anystyle-fix-dictionary-populate.patch b/gnu/packages/patches/ruby-anystyle-fix-dictionary-populate.patch new file mode 100644 index 0000000000..b2e0498e8d --- /dev/null +++ b/gnu/packages/patches/ruby-anystyle-fix-dictionary-populate.patch @@ -0,0 +1,94 @@ +From fae622c8b77feebac66a538d76e4211de8bd8eb3 Mon Sep 17 00:00:00 2001 +From: Philip McGrath <philip@philipmcgrath.com> +Date: Sun, 24 Jul 2022 21:50:44 -0400 +Subject: [PATCH] fix saving `AnyStyle::Dictionary` after `populate!` + +Some of these fixes are more generally applicable. + +A more robust solution might find data files using +e.g. `Gem.find_files()`. +--- + lib/anystyle/dictionary/gdbm.rb | 6 ++++++ + lib/anystyle/dictionary/marshal.rb | 31 ++++++++++++++++++++++++------ + 2 files changed, 31 insertions(+), 6 deletions(-) + +diff --git a/lib/anystyle/dictionary/gdbm.rb b/lib/anystyle/dictionary/gdbm.rb +index 754903c..c814df2 100644 +--- a/lib/anystyle/dictionary/gdbm.rb ++++ b/lib/anystyle/dictionary/gdbm.rb +@@ -1,5 +1,6 @@ + module AnyStyle + require 'gdbm' ++ require 'fileutils' + + class Dictionary + class GDBM < Dictionary +@@ -17,8 +18,13 @@ module AnyStyle + + def open + close ++ FileUtils.mkdir_p(File.dirname(options[:path])) + @db = ::GDBM.new(*options.values_at(:path, :mode, :flags)) + self ++ rescue Errno::EACCES ++ # GDBM.new tries this if :flags is nil, but not necessarily otherwise ++ @db = ::GDBM.new(options[:path],options[:mode],::GDBM::READER) ++ self + ensure + populate! if empty? + end +diff --git a/lib/anystyle/dictionary/marshal.rb b/lib/anystyle/dictionary/marshal.rb +index 761ca36..b9529d0 100644 +--- a/lib/anystyle/dictionary/marshal.rb ++++ b/lib/anystyle/dictionary/marshal.rb +@@ -1,4 +1,6 @@ + module AnyStyle ++ require 'fileutils' ++ require 'tempfile' + class Dictionary + class Marshal < Dictionary + @defaults = { +@@ -10,17 +12,34 @@ module AnyStyle + end + + def open +- if File.exists?(options[:path]) +- @db = ::Marshal.load(File.open(options[:path])) +- else +- @db = {} ++ File.open(options[:path]) do |file| ++ @db = ::Marshal.load(file) + end + self ++ rescue Errno::ENOENT ++ @db = {} ++ self + ensure + if empty? + populate! +- if File.writable?(options[:path]) +- ::Marshal.dump(db, File.open(options[:path], 'wb')) ++ tmp = nil ++ begin ++ FileUtils.mkdir_p(File.dirname(options[:path])) ++ tmp = Tempfile.create(File.basename(options[:path]), ++ File.dirname(options[:path]), ++ mode: File::Constants::BINARY) ++ pth = tmp.path() ++ ::Marshal.dump(db, tmp) ++ tmp.close() ++ File.rename(tmp.path, options[:path]) # will overwrite if exists ++ tmp = nil ++ rescue SystemCallError => e ++ warn(e.message) ++ ensure ++ if tmp then ++ tmp.close() ++ tmp.unlink() ++ end + end + end + end +-- +2.32.0 + diff --git a/gnu/packages/patches/ruby-latex-decode-fix-test.patch b/gnu/packages/patches/ruby-latex-decode-fix-test.patch new file mode 100644 index 0000000000..58d7d16258 --- /dev/null +++ b/gnu/packages/patches/ruby-latex-decode-fix-test.patch @@ -0,0 +1,66 @@ +From 698e39a251d433e2cd2934586a2dfc5e6582c4f9 Mon Sep 17 00:00:00 2001 +From: Philip McGrath <philip@philipmcgrath.com> +Date: Sun, 24 Jul 2022 09:12:55 -0400 +Subject: [PATCH] Improve readability of whitespace tests + +This change fixes the test for `~x` in some environments in which it +was previously failing. + +Related to https://github.com/inukshuk/latex-decode/issues/13 +--- + features/step_definitions/latex.rb | 5 +++++ + features/symbols.feature | 7 ------- + features/whitespace.feature | 13 +++++++++++++ + 3 files changed, 18 insertions(+), 7 deletions(-) + create mode 100644 features/whitespace.feature + +diff --git a/features/step_definitions/latex.rb b/features/step_definitions/latex.rb +index 4b1b595..fca63c0 100644 +--- a/features/step_definitions/latex.rb ++++ b/features/step_definitions/latex.rb +@@ -5,3 +5,8 @@ end + Then /^the result should be ('|")(.*)\1$/ do |quote,value| + expect(@result).to eq(value) + end ++ ++# For whitespace or other characters that are hard to read in source code: ++Then /^I should get '([^']*)' \+ U\+(\h{4,}) \+ '([^']*)'$/ do |pre,code,post| ++ expect(@result).to eq(pre + code.hex.chr(Encoding::UTF_8) + post) ++end +diff --git a/features/symbols.feature b/features/symbols.feature +index 46d9a51..f8a5e84 100644 +--- a/features/symbols.feature ++++ b/features/symbols.feature +@@ -12,10 +12,3 @@ Feature: Decode LaTeX symbol directives + | \\uparrow | ↑ | + | \\downarrow | ↓ | + | \\rightarrow | → | +- +- Scenarios: Whitespace +- | latex | unicode | description | +- | x\\,x | x x | small space | +- | x~x | x x | non-breaking space | +- | ~x | x | non-breaking space | +- +diff --git a/features/whitespace.feature b/features/whitespace.feature +new file mode 100644 +index 0000000..fe5b208 +--- /dev/null ++++ b/features/whitespace.feature +@@ -0,0 +1,13 @@ ++Feature: Decode LaTeX whitespace directives ++ As a hacker who works with LaTeX ++ I want to be able to decode LaTeX whitespace ++ ++ Scenario Outline: LaTeX to Unicode transformation ++ When I decode the string '<latex>' ++ Then I should get <pre> + U+<code> + <post> ++ ++ Scenarios: Whitespace ++ | latex | pre | code | post | description | ++ | x~x | 'x' | 00A0 | 'x' | non-breaking space | ++ | ~y | '' | 00A0 | 'y' | leading non-breaking space | ++ | z\\,z | 'z' | 2009 | 'z' | small space | +-- +2.32.0 + diff --git a/gnu/packages/patches/shishi-fix-libgcrypt-detection.patch b/gnu/packages/patches/shishi-fix-libgcrypt-detection.patch deleted file mode 100644 index 3db42feac9..0000000000 --- a/gnu/packages/patches/shishi-fix-libgcrypt-detection.patch +++ /dev/null @@ -1,32 +0,0 @@ -Fix building of Shishi with libgcrypt 1.6 and later. - -Patch copied from Debian: - -https://anonscm.debian.org/cgit/collab-maint/shishi.git/tree/debian/patches/fix_gcrypt_detection.diff?id=948301ae648a542a408da250755aeed58a6e3542 - -Description: Fix autoconf gnutls detection to also accept gcrypt 1.6. -Author: Andreas Metzler <ametzler@debian.org> -Bug-Debian: http://bugs.debian.org/753150 -Origin: vendor -Forwarded: no -Last-Update: 2014-07-18 - ---- shishi-1.0.2.orig/gl/m4/gc.m4 -+++ shishi-1.0.2/gl/m4/gc.m4 -@@ -12,10 +12,12 @@ AC_DEFUN([gl_GC], - if test "$libgcrypt" != no; then - AC_LIB_HAVE_LINKFLAGS([gcrypt], [gpg-error], [ - #include <gcrypt.h> --/* GCRY_MODULE_ID_USER was added in 1.4.4 and gc-libgcrypt.c -- will fail on startup if we don't have 1.4.4 or later, so -- test for it early. */ --#if !defined GCRY_MODULE_ID_USER -+/* gc-libgcrypt.c will fail on startup if we don't have libgcrypt 1.4.4 or -+ later, test for it early. by checking for either -+ - GCRY_MODULE_ID_USER which was added in 1.4.4 and dropped in 1.6 or -+ - GCRYPT_VERSION_NUMBER which was added in 1.6. -+ */ -+#if !defined GCRY_MODULE_ID_USER && !defined GCRYPT_VERSION_NUMBER - error too old libgcrypt - #endif - ]) diff --git a/gnu/packages/patches/unzip-CVE-2022-0529+CVE-2022-0530.patch b/gnu/packages/patches/unzip-CVE-2022-0529+CVE-2022-0530.patch new file mode 100644 index 0000000000..e3fe2314ac --- /dev/null +++ b/gnu/packages/patches/unzip-CVE-2022-0529+CVE-2022-0530.patch @@ -0,0 +1,177 @@ +https://nvd.nist.gov/vuln/detail/CVE-2022-0529 +https://nvd.nist.gov/vuln/detail/CVE-2022-0530 +https://sources.debian.org/src/unzip/6.0-27/debian/patches/28-cve-2022-0529-and-cve-2022-0530.patch/ + +From: Steven M. Schweda <sms@antinode.info> +Subject: Fix for CVE-2022-0529 and CVE-2022-0530 +Bug-Debian: https://bugs.debian.org/1010355 +X-Debian-version: 6.0-27 + +--- a/fileio.c ++++ b/fileio.c +@@ -171,8 +171,10 @@ + static ZCONST char Far FilenameTooLongTrunc[] = + "warning: filename too long--truncating.\n"; + #ifdef UNICODE_SUPPORT ++ static ZCONST char Far UFilenameCorrupt[] = ++ "error: Unicode filename corrupt.\n"; + static ZCONST char Far UFilenameTooLongTrunc[] = +- "warning: Converted unicode filename too long--truncating.\n"; ++ "warning: Converted Unicode filename too long--truncating.\n"; + #endif + static ZCONST char Far ExtraFieldTooLong[] = + "warning: extra field too long (%d). Ignoring...\n"; +@@ -2361,16 +2363,30 @@ + /* convert UTF-8 to local character set */ + fn = utf8_to_local_string(G.unipath_filename, + G.unicode_escape_all); +- /* make sure filename is short enough */ +- if (strlen(fn) >= FILNAMSIZ) { +- fn[FILNAMSIZ - 1] = '\0'; ++ ++ /* 2022-07-22 SMS, et al. CVE-2022-0530 ++ * Detect conversion failure, emit message. ++ * Continue with unconverted name. ++ */ ++ if (fn == NULL) ++ { + Info(slide, 0x401, ((char *)slide, +- LoadFarString(UFilenameTooLongTrunc))); +- error = PK_WARN; ++ LoadFarString(UFilenameCorrupt))); ++ error = PK_ERR; ++ } ++ else ++ { ++ /* make sure filename is short enough */ ++ if (strlen(fn) >= FILNAMSIZ) { ++ fn[FILNAMSIZ - 1] = '\0'; ++ Info(slide, 0x401, ((char *)slide, ++ LoadFarString(UFilenameTooLongTrunc))); ++ error = PK_WARN; ++ } ++ /* replace filename with converted UTF-8 */ ++ strcpy(G.filename, fn); ++ free(fn); + } +- /* replace filename with converted UTF-8 */ +- strcpy(G.filename, fn); +- free(fn); + } + # endif /* UNICODE_WCHAR */ + if (G.unipath_filename != G.filename_full) +--- a/process.c ++++ b/process.c +@@ -222,6 +222,8 @@ + "\nwarning: Unicode Path version > 1\n"; + static ZCONST char Far UnicodeMismatchError[] = + "\nwarning: Unicode Path checksum invalid\n"; ++ static ZCONST char Far UFilenameTooLongTrunc[] = ++ "warning: filename too long (P1) -- truncating.\n"; + #endif + + +@@ -1915,7 +1917,7 @@ + Sets both local header and central header fields. Not terribly clever, + but it means that this procedure is only called in one place. + +- 2014-12-05 SMS. ++ 2014-12-05 SMS. (oCERT.org report.) CVE-2014-8141. + Added checks to ensure that enough data are available before calling + makeint64() or makelong(). Replaced various sizeof() values with + simple ("4" or "8") constants. (The Zip64 structures do not depend +@@ -1947,9 +1949,10 @@ + ef_len - EB_HEADSIZE)); + break; + } ++ + if (eb_id == EF_PKSZ64) + { +- int offset = EB_HEADSIZE; ++ unsigned offset = EB_HEADSIZE; + + if ((G.crec.ucsize == Z64FLGL) || (G.lrec.ucsize == Z64FLGL)) + { +@@ -2046,7 +2049,7 @@ + } + if (eb_id == EF_UNIPATH) { + +- int offset = EB_HEADSIZE; ++ unsigned offset = EB_HEADSIZE; + ush ULen = eb_len - 5; + ulg chksum = CRCVAL_INITIAL; + +@@ -2504,16 +2507,17 @@ + int state_dependent; + int wsize = 0; + int max_bytes = MB_CUR_MAX; +- char buf[9]; ++ char buf[ MB_CUR_MAX+ 1]; /* ("+1" not really needed?) */ + char *buffer = NULL; + char *local_string = NULL; ++ size_t buffer_size; /* CVE-2022-0529 */ + + for (wsize = 0; wide_string[wsize]; wsize++) ; + + if (max_bytes < MAX_ESCAPE_BYTES) + max_bytes = MAX_ESCAPE_BYTES; +- +- if ((buffer = (char *)malloc(wsize * max_bytes + 1)) == NULL) { ++ buffer_size = wsize * max_bytes + 1; /* Reused below. */ ++ if ((buffer = (char *)malloc( buffer_size)) == NULL) { + return NULL; + } + +@@ -2551,8 +2555,28 @@ + } else { + /* no MB for this wide */ + /* use escape for wide character */ +- char *escape_string = wide_to_escape_string(wide_string[i]); +- strcat(buffer, escape_string); ++ size_t buffer_len; ++ size_t escape_string_len; ++ char *escape_string; ++ int err_msg = 0; ++ ++ escape_string = wide_to_escape_string(wide_string[i]); ++ buffer_len = strlen( buffer); ++ escape_string_len = strlen( escape_string); ++ ++ /* Append escape string, as space allows. */ ++ /* 2022-07-18 SMS, et al. CVE-2022-0529 */ ++ if (escape_string_len > buffer_size- buffer_len- 1) ++ { ++ escape_string_len = buffer_size- buffer_len- 1; ++ if (err_msg == 0) ++ { ++ err_msg = 1; ++ Info(slide, 0x401, ((char *)slide, ++ LoadFarString( UFilenameTooLongTrunc))); ++ } ++ } ++ strncat( buffer, escape_string, escape_string_len); + free(escape_string); + } + } +@@ -2604,9 +2628,18 @@ + ZCONST char *utf8_string; + int escape_all; + { +- zwchar *wide = utf8_to_wide_string(utf8_string); +- char *loc = wide_to_local_string(wide, escape_all); +- free(wide); ++ zwchar *wide; ++ char *loc = NULL; ++ ++ wide = utf8_to_wide_string( utf8_string); ++ ++ /* 2022-07-25 SMS, et al. CVE-2022-0530 */ ++ if (wide != NULL) ++ { ++ loc = wide_to_local_string( wide, escape_all); ++ free( wide); ++ } ++ + return loc; + } + diff --git a/gnu/packages/patches/xygrib-fix-finding-data.patch b/gnu/packages/patches/xygrib-fix-finding-data.patch index 0b718b0eff..d1db2d8807 100644 --- a/gnu/packages/patches/xygrib-fix-finding-data.patch +++ b/gnu/packages/patches/xygrib-fix-finding-data.patch @@ -124,7 +124,7 @@ index 2c9d3ab4da03..1190cc780182 100644 +- GEN_TRANSLATION (DEFAULT: ON) +``` +Create targets to generate translation files. -+Turning this off removes the need for qt-linguist, part of qttools qt5 submodule, during build. ++Turning this off removes the need for qt-linguist, part of qttools-5 qt5 submodule, during build. +``` ### macOS |