From 16869cecf60f540ecc812f372dd2e317016fe049 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 16 Jan 2017 15:45:57 +0100 Subject: gnu: libpsl: Update to 0.17.0. * gnu/packages/web.scm (libpsl): Update to 0.17.0. --- gnu/packages/web.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/web.scm') diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 5901e0ef6d..b94c6c0c83 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -527,7 +527,7 @@ (define-public libwebsockets (define-public libpsl (package (name "libpsl") - (version "0.16.1") + (version "0.17.0") (source (origin (method url-fetch) (uri (string-append "https://github.com/rockdaboot/libpsl/" @@ -535,7 +535,7 @@ (define-public libpsl "/libpsl-" version ".tar.gz")) (sha256 (base32 - "1srrd0iyz9p5xgl8q0hrzqg7p8cl9ar0cdb8f54hls4kllf3f80l")))) + "0jyxwc6bcvkcahkwcq237a0x209cysb63n5lak5m7zbglbb2jmq2")))) (build-system gnu-build-system) (inputs `(("icu4c" ,icu4c) -- cgit v1.2.3 From 89e34644d94860fafc053b759961ba8b55a6c77c Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Wed, 18 Jan 2017 09:57:43 +0100 Subject: gnu: Move Kerberos implemetations to (gnu packages kerberos). * gnu/packages/mit-krb5.scm: Remove. * gnu/packages/shishi.scm: Remove. * gnu/packages/kerberos.scm: New file, from the concatenation of these two. * gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly. * gnu/packages/admin.scm, gnu/packages/cyrus-sasl.scm, gnu/packages/gnome.scm, gnu/packages/gnuzilla.scm, gnu/packages/gsasl.scm, gnu/packages/java.scm, gnu/packages/networking.scm, gnu/packages/nfs.scm, gnu/packages/onc-rpc.scm, gnu/packages/ssh.scm, gnu/packages/web.scm: Adjust accordingly. --- gnu/local.mk | 5 +- gnu/packages/admin.scm | 4 +- gnu/packages/cyrus-sasl.scm | 4 +- gnu/packages/gnome.scm | 4 +- gnu/packages/gnuzilla.scm | 4 +- gnu/packages/gsasl.scm | 2 +- gnu/packages/java.scm | 2 +- gnu/packages/kerberos.scm | 131 ++++++++++++++++++++++++++++++++++++++++++++ gnu/packages/mit-krb5.scm | 86 ----------------------------- gnu/packages/networking.scm | 4 +- gnu/packages/nfs.scm | 2 +- gnu/packages/onc-rpc.scm | 4 +- gnu/packages/shishi.scm | 70 ----------------------- gnu/packages/ssh.scm | 4 +- gnu/packages/web.scm | 4 +- 15 files changed, 152 insertions(+), 178 deletions(-) create mode 100644 gnu/packages/kerberos.scm delete mode 100644 gnu/packages/mit-krb5.scm delete mode 100644 gnu/packages/shishi.scm (limited to 'gnu/packages/web.scm') diff --git a/gnu/local.mk b/gnu/local.mk index 79031882fb..217d31712d 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1,5 +1,5 @@ # GNU Guix --- Functional package management for GNU -# Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès +# Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès # Copyright © 2013, 2014, 2015, 2016 Andreas Enge # Copyright © 2016 Mathieu Lirzin # Copyright © 2013, 2014, 2015, 2016 Mark H Weaver @@ -199,6 +199,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/julia.scm \ %D%/packages/kde.scm \ %D%/packages/kde-frameworks.scm \ + %D%/packages/kerberos.scm \ %D%/packages/key-mon.scm \ %D%/packages/kodi.scm \ %D%/packages/language.scm \ @@ -252,7 +253,6 @@ GNU_SYSTEM_MODULES = \ %D%/packages/mingw.scm \ %D%/packages/mg.scm \ %D%/packages/microcom.scm \ - %D%/packages/mit-krb5.scm \ %D%/packages/moe.scm \ %D%/packages/monitoring.scm \ %D%/packages/mono.scm \ @@ -339,7 +339,6 @@ GNU_SYSTEM_MODULES = \ %D%/packages/serveez.scm \ %D%/packages/shells.scm \ %D%/packages/shellutils.scm \ - %D%/packages/shishi.scm \ %D%/packages/skarnet.scm \ %D%/packages/skribilo.scm \ %D%/packages/slang.scm \ diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index def9a6fbf3..b4695dc1e7 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès +;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès ;;; Copyright © 2013 Cyril Roelandt ;;; Copyright © 2014, 2015, 2016 Mark H Weaver ;;; Copyright © 2014, 2015, 2016 Eric Bavier @@ -75,7 +75,7 @@ (define-module (gnu packages admin) #:use-module (gnu packages man) #:use-module (gnu packages autotools) #:use-module (gnu packages gnome) - #:use-module (gnu packages mit-krb5) + #:use-module (gnu packages kerberos) #:use-module (gnu packages gtk)) (define-public aide diff --git a/gnu/packages/cyrus-sasl.scm b/gnu/packages/cyrus-sasl.scm index 89a4a49797..62bd718ab9 100644 --- a/gnu/packages/cyrus-sasl.scm +++ b/gnu/packages/cyrus-sasl.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014, 2015 Ludovic Courtès +;;; Copyright © 2013, 2014, 2015, 2017 Ludovic Courtès ;;; Copyright © 2013 Andreas Enge ;;; Copyright © 2016 Leo Famulari ;;; @@ -21,7 +21,7 @@ (define-module (gnu packages cyrus-sasl) #:use-module (gnu packages) #:use-module (gnu packages databases) - #:use-module (gnu packages mit-krb5) + #:use-module (gnu packages kerberos) #:use-module (gnu packages tls) #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages) diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index e279ef7ed6..f6f7aae696 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2015 Andreas Enge -;;; Copyright © 2014, 2015, 2016 Ludovic Courtès +;;; Copyright © 2014, 2015, 2016, 2017 Ludovic Courtès ;;; Copyright © 2014 Ian Denhardt ;;; Copyright © 2014, 2016 Eric Bavier ;;; Copyright © 2014, 2015 Federico Beffa @@ -110,7 +110,7 @@ (define-module (gnu packages gnome) #:use-module (gnu packages xdisorg) #:use-module (gnu packages freedesktop) #:use-module (gnu packages mail) - #:use-module (gnu packages mit-krb5) + #:use-module (gnu packages kerberos) #:use-module (gnu packages multiprecision) #:use-module (gnu packages backup) #:use-module (gnu packages nettle) diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index e5388b42a3..678dc4e27f 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2015 Andreas Enge -;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès +;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès ;;; Copyright © 2014, 2015, 2016, 2017 Mark H Weaver ;;; Copyright © 2015 Sou Bunnbu ;;; Copyright © 2016 Efraim Flashner @@ -36,7 +36,7 @@ (define-module (gnu packages gnuzilla) #:use-module (gnu packages gnome) #:use-module (gnu packages libcanberra) #:use-module (gnu packages cups) - #:use-module (gnu packages mit-krb5) + #:use-module (gnu packages kerberos) #:use-module (gnu packages linux) #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) diff --git a/gnu/packages/gsasl.scm b/gnu/packages/gsasl.scm index ce39aed655..4c8f818f91 100644 --- a/gnu/packages/gsasl.scm +++ b/gnu/packages/gsasl.scm @@ -21,7 +21,7 @@ (define-module (gnu packages gsasl) #:use-module (gnu packages compression) #:use-module (gnu packages libidn) #:use-module (gnu packages nettle) - #:use-module (gnu packages shishi) + #:use-module (gnu packages kerberos) #:use-module (gnu packages tls) #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages) diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm index 3a08fd83a8..d7df4f6bad 100644 --- a/gnu/packages/java.scm +++ b/gnu/packages/java.scm @@ -47,7 +47,7 @@ (define-module (gnu packages java) #:use-module (gnu packages wget) #:use-module (gnu packages pkg-config) #:use-module (gnu packages perl) - #:use-module (gnu packages mit-krb5) + #:use-module (gnu packages kerberos) #:use-module (gnu packages xml) #:use-module (gnu packages xorg) #:use-module (gnu packages zip) diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm new file mode 100644 index 0000000000..3178784f92 --- /dev/null +++ b/gnu/packages/kerberos.scm @@ -0,0 +1,131 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2012, 2013 Andreas Enge +;;; Copyright © 2014, 2015, 2016 Mark H Weaver +;;; Copyright © 2016 Leo Famulari +;;; Copyright © 2016 Efraim Flashner +;;; Copyright © 2012, 2013 Nikita Karetnikov +;;; Copyright © 2012 Ludovic Courtès +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages kerberos) + #:use-module (gnu packages) + #:use-module (gnu packages bison) + #:use-module (gnu packages perl) + #:use-module (gnu packages gnupg) + #:use-module (gnu packages libidn) + #:use-module (gnu packages linux) + #:use-module (gnu packages pkg-config) + #:use-module (gnu packages compression) + #:use-module (gnu packages tls) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix utils) + #:use-module (guix build-system gnu)) + +(define-public mit-krb5 + (package + (name "mit-krb5") + (version "1.14.3") + (source (origin + (method url-fetch) + (uri (string-append "http://web.mit.edu/kerberos/dist/krb5/" + (version-major+minor version) + "/krb5-" version ".tar.gz")) + (sha256 + (base32 + "1jgjiyh1sp72lkxvk437lz5hzcibvw99jc4ihzfz03fg43aj0ind")))) + (build-system gnu-build-system) + (native-inputs + `(("bison" ,bison) + ("perl" ,perl))) + (arguments + `(;; Work around "No rule to make target '../../include/gssapi/gssapi.h', + ;; needed by 'authgss_prot.so'." + #:parallel-build? #f + + ;; Likewise with tests. + #:parallel-tests? #f + + ;; XXX: On 32-bit systems, 'kdb5_util' hangs on an fcntl/F_SETLKW call + ;; while running the tests in 'src/tests'. + #:tests? ,(string=? (%current-system) "x86_64-linux") + + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'enter-source-directory + (lambda _ + (chdir "src") + #t)) + (add-before 'check 'pre-check + (lambda* (#:key inputs #:allow-other-keys) + (let ((perl (assoc-ref inputs "perl"))) + (substitute* "plugins/kdb/db2/libdb2/test/run.test" + (("/bin/cat") (string-append perl "/bin/perl")) + (("D/bin/sh") (string-append "D" (which "bash"))) + (("bindir=/bin/.") (string-append "bindir=" perl "/bin")))) + + ;; avoid service names since /etc/services is unavailable + (substitute* "tests/resolve/Makefile" + (("-p telnet") "-p 23")) + #t))))) + (synopsis "MIT Kerberos 5") + (description + "Massachusetts Institute of Technology implementation of Kerberos. +Kerberos is a network authentication protocol designed to provide strong +authentication for client/server applications by using secret-key +cryptography.") + (license (license:non-copyleft "file://NOTICE" + "See NOTICE in the distribution.")) + (home-page "http://web.mit.edu/kerberos/"))) + +(define-public shishi + (package + (name "shishi") + (version "1.0.2") + (source + (origin + (method url-fetch) + (uri (string-append "mirror://gnu/shishi/shishi-" + version ".tar.gz")) + (sha256 + (base32 + "032qf72cpjdfffq1yq54gz3ahgqf2ijca4vl31sfabmjzq9q370d")))) + (build-system gnu-build-system) + (native-inputs `(("pkg-config" ,pkg-config))) + (inputs + `(("gnutls" ,gnutls) + ("libidn" ,libidn) + ("linux-pam" ,linux-pam-1.2) + ("zlib" ,zlib) + ;; libgcrypt 1.6 fails because of the following test: + ;; #include + ;; /* GCRY_MODULE_ID_USER was added in 1.4.4 and gc-libgcrypt.c + ;; will fail on startup if we don't have 1.4.4 or later, so + ;; test for it early. */ + ;; #if !defined GCRY_MODULE_ID_USER + ;; error too old libgcrypt + ;; #endif + ("libgcrypt" ,libgcrypt-1.5) + ("libtasn1" ,libtasn1))) + (home-page "http://www.gnu.org/software/shishi/") + (synopsis "Implementation of the Kerberos 5 network security system") + (description + "GNU Shishi is a free implementation of the Kerberos 5 network security +system. It is used to allow non-secure network nodes to communicate in a +secure manner through client-server mutual authentication via tickets.") + (license license:gpl3+))) diff --git a/gnu/packages/mit-krb5.scm b/gnu/packages/mit-krb5.scm deleted file mode 100644 index 3299c7b5c4..0000000000 --- a/gnu/packages/mit-krb5.scm +++ /dev/null @@ -1,86 +0,0 @@ -;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013 Andreas Enge -;;; Copyright © 2015, 2016 Mark H Weaver -;;; Copyright © 2016 Leo Famulari -;;; Copyright © 2016 Efraim Flashner -;;; -;;; This file is part of GNU Guix. -;;; -;;; GNU Guix is free software; you can redistribute it and/or modify it -;;; under the terms of the GNU General Public License as published by -;;; the Free Software Foundation; either version 3 of the License, or (at -;;; your option) any later version. -;;; -;;; GNU Guix is distributed in the hope that it will be useful, but -;;; WITHOUT ANY WARRANTY; without even the implied warranty of -;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -;;; GNU General Public License for more details. -;;; -;;; You should have received a copy of the GNU General Public License -;;; along with GNU Guix. If not, see . - -(define-module (gnu packages mit-krb5) - #:use-module (gnu packages) - #:use-module (gnu packages bison) - #:use-module (gnu packages perl) - #:use-module (guix licenses) - #:use-module (guix packages) - #:use-module (guix download) - #:use-module (guix utils) - #:use-module (guix build-system gnu)) - -(define-public mit-krb5 - (package - (name "mit-krb5") - (version "1.14.3") - (source (origin - (method url-fetch) - (uri (string-append "http://web.mit.edu/kerberos/dist/krb5/" - (version-major+minor version) - "/krb5-" version ".tar.gz")) - (sha256 - (base32 - "1jgjiyh1sp72lkxvk437lz5hzcibvw99jc4ihzfz03fg43aj0ind")))) - (build-system gnu-build-system) - (native-inputs - `(("bison" ,bison) - ("perl" ,perl))) - (arguments - `(;; Work around "No rule to make target '../../include/gssapi/gssapi.h', - ;; needed by 'authgss_prot.so'." - #:parallel-build? #f - - ;; Likewise with tests. - #:parallel-tests? #f - - ;; XXX: On 32-bit systems, 'kdb5_util' hangs on an fcntl/F_SETLKW call - ;; while running the tests in 'src/tests'. - #:tests? ,(string=? (%current-system) "x86_64-linux") - - #:phases - (modify-phases %standard-phases - (add-after 'unpack 'enter-source-directory - (lambda _ - (chdir "src") - #t)) - (add-before 'check 'pre-check - (lambda* (#:key inputs #:allow-other-keys) - (let ((perl (assoc-ref inputs "perl"))) - (substitute* "plugins/kdb/db2/libdb2/test/run.test" - (("/bin/cat") (string-append perl "/bin/perl")) - (("D/bin/sh") (string-append "D" (which "bash"))) - (("bindir=/bin/.") (string-append "bindir=" perl "/bin")))) - - ;; avoid service names since /etc/services is unavailable - (substitute* "tests/resolve/Makefile" - (("-p telnet") "-p 23")) - #t))))) - (synopsis "MIT Kerberos 5") - (description - "Massachusetts Institute of Technology implementation of Kerberos. -Kerberos is a network authentication protocol designed to provide strong -authentication for client/server applications by using secret-key -cryptography.") - (license (non-copyleft "file://NOTICE" - "See NOTICE in the distribution.")) - (home-page "http://web.mit.edu/kerberos/"))) diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm index 982ae0a655..87ee0a1d8e 100644 --- a/gnu/packages/networking.scm +++ b/gnu/packages/networking.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014 Ludovic Courtès +;;; Copyright © 2014, 2017 Ludovic Courtès ;;; Copyright © 2015, 2016 Ricardo Wurmus ;;; Copyright © 2015 Mark H Weaver ;;; Copyright © 2015, 2016 Stefan Reichör @@ -53,7 +53,7 @@ (define-module (gnu packages networking) #:use-module (gnu packages libidn) #:use-module (gnu packages linux) #:use-module (gnu packages lua) - #:use-module (gnu packages mit-krb5) + #:use-module (gnu packages kerberos) #:use-module (gnu packages ncurses) #:use-module (gnu packages pcre) #:use-module (gnu packages perl) diff --git a/gnu/packages/nfs.scm b/gnu/packages/nfs.scm index 650a2af0d6..f18fe6cb51 100644 --- a/gnu/packages/nfs.scm +++ b/gnu/packages/nfs.scm @@ -22,7 +22,7 @@ (define-module (gnu packages nfs) #:use-module (gnu packages databases) #:use-module (gnu packages gsasl) #:use-module (gnu packages libevent) - #:use-module (gnu packages mit-krb5) + #:use-module (gnu packages kerberos) #:use-module (gnu packages onc-rpc) #:use-module (gnu packages pkg-config) #:use-module (guix build-system cmake) diff --git a/gnu/packages/onc-rpc.scm b/gnu/packages/onc-rpc.scm index 5353846ece..5f67823a40 100644 --- a/gnu/packages/onc-rpc.scm +++ b/gnu/packages/onc-rpc.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014 Ludovic Courtès +;;; Copyright © 2014, 2017 Ludovic Courtès ;;; Copyright © 2016 John Darrington ;;; ;;; This file is part of GNU Guix. @@ -21,7 +21,7 @@ (define-module (gnu packages onc-rpc) #:use-module (guix licenses) #:use-module (guix packages) #:use-module (guix download) - #:use-module (gnu packages mit-krb5) + #:use-module (gnu packages kerberos) #:use-module (gnu packages pkg-config) #:use-module (guix build-system gnu)) diff --git a/gnu/packages/shishi.scm b/gnu/packages/shishi.scm deleted file mode 100644 index 7e02843d38..0000000000 --- a/gnu/packages/shishi.scm +++ /dev/null @@ -1,70 +0,0 @@ -;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013 Nikita Karetnikov -;;; Copyright © 2012 Ludovic Courtès -;;; Copyright © 2014 Mark H Weaver -;;; Copyright © 2016 Efraim Flashner -;;; -;;; This file is part of GNU Guix. -;;; -;;; GNU Guix is free software; you can redistribute it and/or modify it -;;; under the terms of the GNU General Public License as published by -;;; the Free Software Foundation; either version 3 of the License, or (at -;;; your option) any later version. -;;; -;;; GNU Guix is distributed in the hope that it will be useful, but -;;; WITHOUT ANY WARRANTY; without even the implied warranty of -;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -;;; GNU General Public License for more details. -;;; -;;; You should have received a copy of the GNU General Public License -;;; along with GNU Guix. If not, see . - -(define-module (gnu packages shishi) - #:use-module ((guix licenses) #:select (gpl3+)) - #:use-module (gnu packages) - #:use-module (gnu packages gnupg) - #:use-module (gnu packages libidn) - #:use-module (gnu packages linux) - #:use-module (gnu packages pkg-config) - #:use-module (gnu packages compression) - #:use-module (gnu packages tls) - #:use-module (guix packages) - #:use-module (guix download) - #:use-module (guix build-system gnu)) - -(define-public shishi - (package - (name "shishi") - (version "1.0.2") - (source - (origin - (method url-fetch) - (uri (string-append "mirror://gnu/shishi/shishi-" - version ".tar.gz")) - (sha256 - (base32 - "032qf72cpjdfffq1yq54gz3ahgqf2ijca4vl31sfabmjzq9q370d")))) - (build-system gnu-build-system) - (native-inputs `(("pkg-config" ,pkg-config))) - (inputs - `(("gnutls" ,gnutls) - ("libidn" ,libidn) - ("linux-pam" ,linux-pam-1.2) - ("zlib" ,zlib) - ;; libgcrypt 1.6 fails because of the following test: - ;; #include - ;; /* GCRY_MODULE_ID_USER was added in 1.4.4 and gc-libgcrypt.c - ;; will fail on startup if we don't have 1.4.4 or later, so - ;; test for it early. */ - ;; #if !defined GCRY_MODULE_ID_USER - ;; error too old libgcrypt - ;; #endif - ("libgcrypt" ,libgcrypt-1.5) - ("libtasn1" ,libtasn1))) - (home-page "http://www.gnu.org/software/shishi/") - (synopsis "Implementation of the Kerberos 5 network security system") - (description - "GNU Shishi is a free implementation of the Kerberos 5 network security -system. It is used to allow non-secure network nodes to communicate in a -secure manner through client-server mutual authentication via tickets.") - (license gpl3+))) diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 0fe6598bb2..9d1d9cc0a9 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès +;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès ;;; Copyright © 2013, 2014 Andreas Enge ;;; Copyright © 2014, 2015, 2016 Mark H Weaver ;;; Copyright © 2015, 2016 Efraim Flashner @@ -38,7 +38,7 @@ (define-module (gnu packages ssh) #:use-module (gnu packages multiprecision) #:use-module (gnu packages ncurses) #:use-module (gnu packages nettle) - #:use-module (gnu packages mit-krb5) + #:use-module (gnu packages kerberos) #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) #:autoload (gnu packages protobuf) (protobuf) diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index b94c6c0c83..c62acbd5b3 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2015 Andreas Enge ;;; Copyright © 2013 Aljosha Papsch -;;; Copyright © 2014, 2015, 2016 Ludovic Courtès +;;; Copyright © 2014, 2015, 2016, 2017 Ludovic Courtès ;;; Copyright © 2014, 2015, 2016 Mark H Weaver ;;; Copyright © 2015, 2016 Ricardo Wurmus ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer @@ -58,7 +58,7 @@ (define-module (gnu packages web) #:use-module (gnu packages databases) #:use-module (gnu packages bison) #:use-module (gnu packages flex) - #:use-module (gnu packages mit-krb5) + #:use-module (gnu packages kerberos) #:use-module (gnu packages gd) #:use-module (gnu packages gettext) #:use-module (gnu packages glib) -- cgit v1.2.3 From bb2f8bbc5a3db0a3e1e16f6a68422ceb270ace0b Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Mon, 23 Jan 2017 17:48:47 +0100 Subject: gnu: nginx: Don't replace 'sh' reference with 'bash'. * gnu/packages/web.scm (nginx)[arguments]: Substitute /bin/sh with "which sh" instead of "which bash" in 'patch-/bin/sh' phase. --- gnu/packages/web.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'gnu/packages/web.scm') diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index c62acbd5b3..c8f8c63ecf 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -146,7 +146,7 @@ (define-public nginx (add-before 'configure 'patch-/bin/sh (lambda _ (substitute* "auto/feature" - (("/bin/sh") (which "bash"))) + (("/bin/sh") (which "sh"))) #t)) (replace 'configure (lambda* (#:key outputs #:allow-other-keys) -- cgit v1.2.3 From 864042c5c5f845fd3c1ae37c64dc1a672fedef28 Mon Sep 17 00:00:00 2001 From: Thomas Danckaert Date: Wed, 25 Jan 2017 08:50:30 +0100 Subject: gnu: Add stunnel. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/web.scm (stunnel): New variable. Signed-off-by: Ludovic Courtès --- gnu/packages/web.scm | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'gnu/packages/web.scm') diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index c8f8c63ecf..67b9797bbb 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -17,6 +17,7 @@ ;;; Copyright © 2016 Arun Isaac ;;; Copyright © 2016 Tobias Geerinckx-Rice ;;; Copyright © 2016 Bake Timmons +;;; Copyright © 2017 Thomas Danckaert ;;; ;;; This file is part of GNU Guix. ;;; @@ -3968,3 +3969,29 @@ (define-public httptunnel allowed, even through a HTTP-only proxy, httptunnel can be combined with other tools like SSH (Secure Shell) to reach the outside world.") (license l:gpl2+))) + +(define-public stunnel + (package + (name "stunnel") + (version "5.39") + (source + (origin + (method url-fetch) + (uri (string-append "https://www.stunnel.org/downloads/stunnel-" + version ".tar.gz")) + (sha256 + (base32 + "1vjdn32iw11zqsygwxbjmqgs4644dk3ql1h8ap890ls6a1x0i318")))) + (build-system gnu-build-system) + (inputs `(("openssl" ,openssl))) + (arguments + `(#:configure-flags + (list (string-append "--with-ssl=" (assoc-ref %build-inputs "openssl"))))) + (home-page "https://www.stunnel.org") + (synopsis "TLS proxy for clients or servers") + (description "Stunnel is a proxy designed to add TLS encryption +functionality to existing clients and servers without any changes in the +programs' code. Its architecture is optimized for security, portability, and +scalability (including load-balancing), making it suitable for large +deployments.") + (license l:gpl2+))) -- cgit v1.2.3 From 59ae241f7189252c72394fae2e2b85ca61b72755 Mon Sep 17 00:00:00 2001 From: Thomas Danckaert Date: Thu, 26 Jan 2017 11:35:50 +0100 Subject: gnu: Add xinetd. * gnu/packages/web.scm (xinetd): New variable. * gnu/packages/patches/xinetd-CVE-2013-4342.patch, gnu/packages/patches/xinetd-fix-fd-leak.patch: New files. * gnu/local.mk (dist_patch_DATA): Add patches. Signed-off-by: Leo Famulari --- gnu/local.mk | 2 ++ gnu/packages/patches/xinetd-CVE-2013-4342.patch | 36 +++++++++++++++++++++++++ gnu/packages/patches/xinetd-fix-fd-leak.patch | 26 ++++++++++++++++++ gnu/packages/web.scm | 25 +++++++++++++++++ 4 files changed, 89 insertions(+) create mode 100644 gnu/packages/patches/xinetd-CVE-2013-4342.patch create mode 100644 gnu/packages/patches/xinetd-fix-fd-leak.patch (limited to 'gnu/packages/web.scm') diff --git a/gnu/local.mk b/gnu/local.mk index 269af5fe12..ead1f2f93f 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -956,6 +956,8 @@ dist_patch_DATA = \ %D%/packages/patches/xfce4-panel-plugins.patch \ %D%/packages/patches/xfce4-session-fix-xflock4.patch \ %D%/packages/patches/xfce4-settings-defaults.patch \ + %D%/packages/patches/xinetd-fix-fd-leak.patch \ + %D%/packages/patches/xinetd-CVE-2013-4342.patch \ %D%/packages/patches/xmodmap-asprintf.patch \ %D%/packages/patches/libyaml-CVE-2014-9130.patch \ %D%/packages/patches/zathura-plugindir-environment-variable.patch diff --git a/gnu/packages/patches/xinetd-CVE-2013-4342.patch b/gnu/packages/patches/xinetd-CVE-2013-4342.patch new file mode 100644 index 0000000000..ad57bc7b0e --- /dev/null +++ b/gnu/packages/patches/xinetd-CVE-2013-4342.patch @@ -0,0 +1,36 @@ +Fix CVE-2013-4342: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4342 +https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324678 + +Patch copied from upstream source repository: + +https://github.com/xinetd-org/xinetd/commit/91e2401a219121eae15244a6b25d2e79c1af5864 + +From 91e2401a219121eae15244a6b25d2e79c1af5864 Mon Sep 17 00:00:00 2001 +From: Thomas Swan +Date: Wed, 2 Oct 2013 23:17:17 -0500 +Subject: [PATCH] CVE-2013-4342: xinetd: ignores user and group directives for + TCPMUX services + +Originally reported to Debian in 2005 and rediscovered , xinetd would execute TCPMUX services without dropping privilege to match the service configuration allowing the service to run with same privilege as the xinetd process (root). +--- + xinetd/builtins.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/xinetd/builtins.c b/xinetd/builtins.c +index 3b85579..34a5bac 100644 +--- a/xinetd/builtins.c ++++ b/xinetd/builtins.c +@@ -617,7 +617,7 @@ static void tcpmux_handler( const struct server *serp ) + if( SC_IS_INTERNAL( scp ) ) { + SC_INTERNAL(scp, nserp); + } else { +- exec_server(nserp); ++ child_process(nserp); + } + } + +-- +2.7.4 + diff --git a/gnu/packages/patches/xinetd-fix-fd-leak.patch b/gnu/packages/patches/xinetd-fix-fd-leak.patch new file mode 100644 index 0000000000..77e4600185 --- /dev/null +++ b/gnu/packages/patches/xinetd-fix-fd-leak.patch @@ -0,0 +1,26 @@ +Fix a file descriptor leak: + +https://github.com/xinetd-org/xinetd/issues/23 + +Patch copied from Debian: + +https://anonscm.debian.org/cgit/collab-maint/xinetd.git/tree/debian/patches/000012-fix_fd_leak + +Patch sent upstream at https://github.com/xinetd-org/xinetd/pull/26. + +diff --git a/xinetd/xgetloadavg.c b/xinetd/xgetloadavg.c +index 5a26214..fe0f872 100644 +--- a/xinetd/xgetloadavg.c ++++ b/xinetd/xgetloadavg.c +@@ -34,7 +34,7 @@ double xgetloadavg(void) + + if( fscanf(fd, "%lf", &ret) != 1 ) { + perror("fscanf"); +- return -1; ++ ret = -1; + } + + fclose(fd); +-- +2.7.4 + diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 67b9797bbb..cea5b2d27a 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -3995,3 +3995,28 @@ (define-public stunnel scalability (including load-balancing), making it suitable for large deployments.") (license l:gpl2+))) + +(define-public xinetd + (package + (name "xinetd") + (version "2.3.15") + (source + (origin + (method url-fetch) + (uri "https://github.com/xinetd-org/xinetd/archive/xinetd-2-3-15.tar.gz") + (patches (search-patches "xinetd-CVE-2013-4342.patch" "xinetd-fix-fd-leak.patch")) + (sha256 + (base32 + "0k59x52cbzp5fw0n8zn0y54j1ps0x9b72y8k5grzswjdmgs2a2v2")))) + (build-system gnu-build-system) + (arguments + `(#:configure-flags '("--with-loadavg") + #:tests? #f )) ; no tests + (home-page "https://github.com/xinetd-org/xinetd") + (synopsis "Internet services daemon") + (description "@code{xinetd}, a more secure replacement for @code{inetd}, +listens for incoming requests over a network and launches the appropriate +service for that request. Requests are made using port numbers as identifiers +and xinetd usually launches another daemon to handle the request. It can be +used to start services with both privileged and non-privileged port numbers.") + (license (l:fsf-free "file://COPYRIGHT")))) -- cgit v1.2.3 From 524ee6c9e5a2510f6e15ab23c75a26f61b6a0d81 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 1 Feb 2017 01:20:23 -0500 Subject: gnu: nginx: Update to 1.11.9. * gnu/packages/web.scm (nginx): Update to 1.11.9. --- gnu/packages/web.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/web.scm') diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index cea5b2d27a..108ccafd2f 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -128,14 +128,14 @@ (define-public httpd (define-public nginx (package (name "nginx") - (version "1.11.6") + (version "1.11.9") (source (origin (method url-fetch) (uri (string-append "https://nginx.org/download/nginx-" version ".tar.gz")) (sha256 (base32 - "1gc5phrzm2hbpvryaya6rlvasa00vjips4hv5q1rqbcfa6xsnlri")))) + "0j2pcara9ir2xj3m2mjzf7wz46mdy51c0kal61cp0ldm2qgvf8nw")))) (build-system gnu-build-system) (inputs `(("pcre" ,pcre) ("openssl" ,openssl) -- cgit v1.2.3 From a3df7e9f862c756684cf13d7ecb5cb6275bb7ee1 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 1 Feb 2017 01:21:14 -0500 Subject: gnu: httpd: Update to 2.4.25 [fixes CVE-2016-{0736,2161,5387,8743}]. * gnu/packages/web.scm (httpd): Update to 2.4.25. [source]: Remove obsolete patch 'httpd-CVE-2016-8740.patch'. * gnu/packages/patches/httpd-CVE-2016-8740.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/patches/httpd-CVE-2016-8740.patch | 36 -------------------------- gnu/packages/web.scm | 6 ++--- 3 files changed, 2 insertions(+), 41 deletions(-) delete mode 100644 gnu/packages/patches/httpd-CVE-2016-8740.patch (limited to 'gnu/packages/web.scm') diff --git a/gnu/local.mk b/gnu/local.mk index ac167b23fa..7377e5122f 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -630,7 +630,6 @@ dist_patch_DATA = \ %D%/packages/patches/hdf-eos5-fortrantests.patch \ %D%/packages/patches/higan-remove-march-native-flag.patch \ %D%/packages/patches/hop-linker-flags.patch \ - %D%/packages/patches/httpd-CVE-2016-8740.patch \ %D%/packages/patches/hydra-disable-darcs-test.patch \ %D%/packages/patches/hypre-doc-tables.patch \ %D%/packages/patches/hypre-ldflags.patch \ diff --git a/gnu/packages/patches/httpd-CVE-2016-8740.patch b/gnu/packages/patches/httpd-CVE-2016-8740.patch deleted file mode 100644 index 17ba323ccf..0000000000 --- a/gnu/packages/patches/httpd-CVE-2016-8740.patch +++ /dev/null @@ -1,36 +0,0 @@ -This patch applies against httpd-2.4.23 and shouldn't be needed in later releases -http://openwall.com/lists/oss-security/2016/12/05/17 -Index: modules/http2/h2_stream.c -=================================================================== ---- modules/http2/h2_stream.c (revision 1771866) -+++ modules/http2/h2_stream.c (working copy) -@@ -322,18 +322,18 @@ - HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE); - } - } -- } -- -- if (h2_stream_is_scheduled(stream)) { -- return h2_request_add_trailer(stream->request, stream->pool, -- name, nlen, value, vlen); -- } -- else { -- if (!input_open(stream)) { -- return APR_ECONNRESET; -+ -+ if (h2_stream_is_scheduled(stream)) { -+ return h2_request_add_trailer(stream->request, stream->pool, -+ name, nlen, value, vlen); - } -- return h2_request_add_header(stream->request, stream->pool, -- name, nlen, value, vlen); -+ else { -+ if (!input_open(stream)) { -+ return APR_ECONNRESET; -+ } -+ return h2_request_add_header(stream->request, stream->pool, -+ name, nlen, value, vlen); -+ } - } - } - diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 108ccafd2f..8cc80a2c45 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -88,16 +88,14 @@ (define-module (gnu packages web) (define-public httpd (package (name "httpd") - (version "2.4.23") + (version "2.4.25") (source (origin (method url-fetch) (uri (string-append "mirror://apache/httpd/httpd-" version ".tar.bz2")) (sha256 (base32 - "0n2yx3gjlpr4kgqx845fj6amnmg25r2l6a7rzab5hxnpmar985hc")) - (patches (search-patches "httpd-CVE-2016-8740.patch")) - (patch-flags '("-p0")))) + "1cl0bkqg6srb1sypga0cn8dcmdyxldavij73zmmkxvlz3kgw4zpq")))) (build-system gnu-build-system) (native-inputs `(("pcre" ,pcre "bin"))) ;for 'pcre-config' (inputs `(("apr" ,apr) -- cgit v1.2.3 From 1ad3c7f2e61dc7c284280f3f47e11cb86124ebef Mon Sep 17 00:00:00 2001 From: ng0 Date: Thu, 9 Feb 2017 13:37:01 +0000 Subject: gnu: Add tidy-html. * gnu/packages/web.scm (tidy-html): New variable. Signed-off-by: Kei Kebreau --- gnu/packages/web.scm | 50 +++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) (limited to 'gnu/packages/web.scm') diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 8cc80a2c45..4d138b79fc 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -13,7 +13,7 @@ ;;; Copyright © 2016 Rene Saavedra ;;; Copyright © 2016 Ben Woodcroft ;;; Copyright © 2016 Clément Lassieur -;;; Copyright © 2016 ng0 +;;; Copyright © 2016, 2017 ng0 ;;; Copyright © 2016 Arun Isaac ;;; Copyright © 2016 Tobias Geerinckx-Rice ;;; Copyright © 2016 Bake Timmons @@ -4018,3 +4018,51 @@ (define-public xinetd and xinetd usually launches another daemon to handle the request. It can be used to start services with both privileged and non-privileged port numbers.") (license (l:fsf-free "file://COPYRIGHT")))) + +(define-public tidy-html + (package + (name "tidy-html") + (version "5.2.0") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/htacg/tidy-html5/archive/" + version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "0kbwzh15dlapp3s3vff2qgz0yfcf8hwsnx5q4igwa6pimhak8lw0")))) + (build-system cmake-build-system) + (outputs '("out" + "static")) ; 1.0MiB of .a files + (arguments + `(#:tests? #f ; No tests available + #:configure-flags (list "-DCMAKE_BUILD_TYPE=Release") + #:phases + (modify-phases %standard-phases + (add-after 'install 'move-static-libraries + (lambda* (#:key outputs #:allow-other-keys) + ;; Move static libraries to the "static" output. + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib")) + (static (assoc-ref outputs "static")) + (slib (string-append static "/lib"))) + (mkdir-p slib) + (for-each (lambda (file) + (install-file file slib) + (delete-file file)) + (find-files lib "\\.a$")) + #t)))))) + (native-inputs + `(("libxslt" ,libxslt))) + (home-page "http://www.html-tidy.org/") + (synopsis "HTML Tidy with HTML5 support") + (description + "Tidy is a console application which corrects and cleans up +HTML and XML documents by fixing markup errors and upgrading +legacy code to modern standards. + +Tidy also provides @code{libtidy}, a C static and dynamic library that +developers can integrate into their applications to make use of the +functions of Tidy.") + (license l:bsd-3))) -- cgit v1.2.3