diff options
Diffstat (limited to 'gnu')
28 files changed, 1537 insertions, 222 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 13519b0e64..7e816f79af 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -424,6 +424,7 @@ GNU_SYSTEM_MODULES = \ %D%/services/spice.scm \ %D%/services/ssh.scm \ %D%/services/version-control.scm \ + %D%/services/vpn.scm \ %D%/services/web.scm \ %D%/services/xorg.scm \ \ @@ -721,6 +722,7 @@ dist_patch_DATA = \ %D%/packages/patches/libxml2-CVE-2016-5131.patch \ %D%/packages/patches/libxslt-generated-ids.patch \ %D%/packages/patches/libxslt-CVE-2016-4738.patch \ + %D%/packages/patches/libxt-guix-search-paths.patch \ %D%/packages/patches/linux-pam-no-setfsuid.patch \ %D%/packages/patches/lirc-localstatedir.patch \ %D%/packages/patches/llvm-for-extempore.patch \ @@ -753,6 +755,8 @@ dist_patch_DATA = \ %D%/packages/patches/multiqc-fix-git-subprocess-error.patch \ %D%/packages/patches/mumps-build-parallelism.patch \ %D%/packages/patches/mupdf-build-with-openjpeg-2.1.patch \ + %D%/packages/patches/mupdf-mujs-CVE-2016-10132.patch \ + %D%/packages/patches/mupdf-mujs-CVE-2016-10133.patch \ %D%/packages/patches/mupen64plus-ui-console-notice.patch \ %D%/packages/patches/musl-CVE-2016-8859.patch \ %D%/packages/patches/mutt-store-references.patch \ @@ -895,6 +899,8 @@ dist_patch_DATA = \ %D%/packages/patches/texi2html-i18n.patch \ %D%/packages/patches/tidy-CVE-2015-5522+5523.patch \ %D%/packages/patches/tinyxml-use-stl.patch \ + %D%/packages/patches/tipp10-fix-compiling.patch \ + %D%/packages/patches/tipp10-remove-license-code.patch \ %D%/packages/patches/tk-find-library.patch \ %D%/packages/patches/ttf2eot-cstddef.patch \ %D%/packages/patches/ttfautohint-source-date-epoch.patch \ diff --git a/gnu/packages/astronomy.scm b/gnu/packages/astronomy.scm index c1b15e1dee..f390ce4486 100644 --- a/gnu/packages/astronomy.scm +++ b/gnu/packages/astronomy.scm @@ -58,7 +58,7 @@ in FITS files.") (define-public wcslib (package (name "wcslib") - (version "5.15") + (version "5.16") (source (origin (method url-fetch) @@ -66,7 +66,7 @@ in FITS files.") "ftp://ftp.atnf.csiro.au/pub/software/wcslib/" name "-" version ".tar.bz2")) (sha256 - (base32 "1s2nig327g4bimd9xshlk11ww09a7mrjmsbpdcd8smsmn2kl1glb")))) + (base32 "1vwrzkznpig2q40m11j12hsfqvsjz8z44l66pz5fkh6fy461w0zd")))) (inputs `(("cfitsio" ,cfitsio))) (build-system gnu-build-system) diff --git a/gnu/packages/benchmark.scm b/gnu/packages/benchmark.scm index 465c81b431..df2be86424 100644 --- a/gnu/packages/benchmark.scm +++ b/gnu/packages/benchmark.scm @@ -27,7 +27,7 @@ (define-public fio (package (name "fio") - (version "2.15") + (version "2.16") (source (origin (method url-fetch) (uri (string-append @@ -35,7 +35,7 @@ "fio-" version ".tar.bz2")) (sha256 (base32 - "1ggma9c48717z2wz8j9f7jcgb3xqk8qawjl6c9hnabxxry94y130")))) + "1v5n5hq500aidwfzmbm3k5d3mhh6ffwbgzq7nys838azga4xd3bx")))) (build-system gnu-build-system) (arguments '(#:tests? #f ; No tests. diff --git a/gnu/packages/cups.scm b/gnu/packages/cups.scm index ca16958352..39ab41c192 100644 --- a/gnu/packages/cups.scm +++ b/gnu/packages/cups.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2015, 2016 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016 Danny Milosavljevic <dannym@scratchpost.org> +;;; Copyright © 2017 Leo Famulari <leo@famulari.name> ;;; ;;; This file is part of GNU Guix. ;;; @@ -51,6 +52,7 @@ (define-public cups-filters (package (name "cups-filters") + (replacement cups-filters/fixed) (version "1.13.1") (source(origin (method url-fetch) @@ -133,6 +135,13 @@ filters for the PDF-centric printing workflow introduced by OpenPrinting.") license:lgpl2.0+ license:expat)))) +(define mupdf/fixed-instead-of-mupdf + (package-input-rewriting `((,mupdf . ,(@@ (gnu packages pdf) mupdf/fixed))))) + +;;; Fix CVE-2016-10132 and CVE-2016-10133. See mupdf/fixed for more information. +(define cups-filters/fixed + (mupdf/fixed-instead-of-mupdf cups-filters)) + ;; CUPS on non-MacOS systems requires cups-filters. Since cups-filters also ;; depends on CUPS libraries and binaries, cups-minimal has been added to ;; satisfy this dependency. diff --git a/gnu/packages/django.scm b/gnu/packages/django.scm index bbb2d71db1..9a3c66c45e 100644 --- a/gnu/packages/django.scm +++ b/gnu/packages/django.scm @@ -29,13 +29,13 @@ (define-public python-django (package (name "python-django") - (version "1.10.3") + (version "1.10.5") (source (origin (method url-fetch) (uri (pypi-uri "Django" version)) (sha256 (base32 - "0c4c8zs7kzb0bdlpy4vlzv6va26dbazr32h91rldf6waxs6z14kg")))) + "12szjsmnfhh2yr54sfynyjr8vl0q9gb6qak3ayqcifcinrs97f0d")))) (build-system python-build-system) (arguments '(#:phases diff --git a/gnu/packages/education.scm b/gnu/packages/education.scm index 3a883079fe..5444579059 100644 --- a/gnu/packages/education.scm +++ b/gnu/packages/education.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2016 Danny Milosavljevic <dannym@scratchpost.org> -;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net> +;;; Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net> +;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -138,3 +139,56 @@ of categories with some of the activities available in that category. @end enumerate ") (license license:gpl3+))) + +(define-public tipp10 + (package + (name "tipp10") + (version "2.1.0") + (source (origin + (method url-fetch) + ;; guix download is not able to handle the download links on the + ;; home-page, which use '<meta http-equiv="refresh" …>' + (uri (string-append "mirror://debian/pool/main/" + "t/tipp10/tipp10_2.1.0.orig.tar.gz")) + (sha256 + (base32 + "0d387b404j88gsv6kv0rb7wxr23v5g5vl6s5l7602x8pxf7slbbx")) + (patches (search-patches "tipp10-fix-compiling.patch" + "tipp10-remove-license-code.patch")))) + (build-system cmake-build-system) + (arguments + `(#:tests? #f ; packages has no tests + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'disable-new-version-check + (lambda _ + ;; Make new version check to default to false. + ;; TODO: Remove the checkbox from the dialog and the check itself + (substitute* '("widget/settingspages.cpp" "widget/mainwindow.cpp") + (("settings.value(\"check_new_version\", true)") + "settings.value(\"check_new_version\", false)")) + #t)) + (replace 'configure + (lambda* (#:key outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + ;; Make program honor $PREFIX + (substitute* "tipp10.pro" + (("\\.path = /usr/") (string-append ".path = " out "/"))) + (substitute* "def/defines.h" + (("\"/usr/") (string-append "\"" out "/"))) + ;; Recreate Makefile + (zero? (system* "qmake")))))))) + (inputs + `(("qt4" ,qt-4) + ("sqlite" ,sqlite))) + (home-page "https://www.tipp10.com/") + (synopsis "Touch typing tutor") + (description "Tipp10 is a touch typing tutor. The ingenious thing about +the software is its intelligence feature: characters that are mistyped are +repeated more frequently. Beginners will find their way around right away so +they can start practicing without a hitch. + +Useful support functions and an extensive progress tracker, topical lessons +and the ability to create your own practice lessons make learning to type +easy.") + (license license:gpl2))) diff --git a/gnu/packages/enlightenment.scm b/gnu/packages/enlightenment.scm index ca97104958..a34578afe7 100644 --- a/gnu/packages/enlightenment.scm +++ b/gnu/packages/enlightenment.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015 Tomáš Čech <sleep_walker@suse.cz> ;;; Copyright © 2015 Daniel Pimentel <d4n1@member.fsf.org> -;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il> ;;; ;;; This file is part of GNU Guix. ;;; @@ -146,7 +146,7 @@ removable devices or support for multimedia.") (define-public terminology (package (name "terminology") - (version "0.9.1") + (version "1.0.0") (source (origin (method url-fetch) (uri @@ -154,13 +154,13 @@ removable devices or support for multimedia.") "terminology/terminology-" version ".tar.xz")) (sha256 (base32 - "1kwv9vkhngdm5v38q93xpcykghnyawhjjcb5bgy0p89gpbk7mvpc")))) + "1x4j2q4qqj10ckbka0zaq2r2zm66ff1x791kp8slv1ff7fw45vdz")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) (inputs `(("efl" ,efl))) - (home-page "https://www.enlightenment.org") + (home-page "https://www.enlightenment.org/about-terminology") (synopsis "Powerful terminal emulator based on EFL") (description "Terminology is fast and feature rich terminal emulator. It is solely diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index a3cbe81d69..e279ef7ed6 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -8,7 +8,7 @@ ;;; Copyright © 2015 Mathieu Lirzin <mthl@openmailbox.org> ;;; Copyright © 2015 Andy Wingo <wingo@igalia.com> ;;; Copyright © 2015 David Hashe <david.hashe@dhashe.com> -;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net> +;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2015, 2016, 2017 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2015 David Thompson <davet@gnu.org> ;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il> diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index e92d78c88a..e5388b42a3 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -354,7 +354,16 @@ standards.") (mozilla-patch "icecat-bug-1297361.patch" "297c675ddadc" "1jc1b5i69vq1fvz3qfnnv52c9cj17bjbmfyzmqlw5ywna0wfvabz") (mozilla-patch "icecat-bug-1325877.patch" "3cff736e3bb6" "1nxqwnl9zksvkfkmis7zica4xrhwfndjyy2sxc1dvrh9rshk1swq") (mozilla-patch "icecat-bug-1285960.patch" "2732280adabc" "0zrpq3aybaw2yy38vs6883a4nw01x4kxn3lfqn9yhcgjvngmmyia") - (mozilla-patch "icecat-bug-1325938.patch" "81c9fdbd96e8" "0scv1zyi4vbsjdsyj4w70n5jd50baq0dzw3qpxqf1n69nfb9k214"))) + (mozilla-patch "icecat-bug-1325938.patch" "81c9fdbd96e8" "0scv1zyi4vbsjdsyj4w70n5jd50baq0dzw3qpxqf1n69nfb9k214") + (mozilla-patch "icecat-bug-1322420.patch" "a386ca6a3013" "1m1scz2pxzmg9wya8is5dcr3mgvkx3g1xlykgigmw2mqs5zcdg9s") + (mozilla-patch "icecat-bug-1328834.patch" "0521b0e4707c" "1mv057p4hcvapibpbd9apryag19aiqdzafc6df2angl97m4mcbjx") + (mozilla-patch "icecat-bug-1290037.patch" "bf0dd9ae6807" "02iw5ngsvvij95arnn69a744d6si27g1x41ixg16l51dbn900b3r") + (mozilla-patch "icecat-bug-1322666.patch" "576f03e362c5" "0m88xs0jwhzx2lg12cvimxjknp7rpsvvhxxblhiqqjwnqip0pyc0") + (mozilla-patch "icecat-bug-1304266.patch" "4d82e7314a72" "1rrrw4rw0xv7c2myiypcqh1fk47rk3fvic79zh6m04bl3knclr1r") + (mozilla-patch "icecat-bug-1322315.patch" "0617dd4b444d" "1ipags2cl2p521pm0qx110h5di2mgif6h1r3g8l9b0rc5m9b1y2j") + (mozilla-patch "icecat-bug-1325200.patch" "ead08c2a6c57" "1nnnwdr7411xpz6n9j869g6sz447cq6xsmds9cw6d24iprcinp5m") + (mozilla-patch "icecat-bug-1312001.patch" "c5e67d41bdd0" "05kwn5zv381lsiw9vbzm8fh6s1lddx47l8f4pwg487h9dj7vbdfq") + (mozilla-patch "icecat-bug-1331058.patch" "2ce94f2ea797" "1yrnjqpafjns68z99s1m6jins3agid7c1z3v9qgk5xzfcddl31pn"))) (modules '((guix build utils))) (snippet '(begin diff --git a/gnu/packages/irc.scm b/gnu/packages/irc.scm index 44e21af7d6..82eb103688 100644 --- a/gnu/packages/irc.scm +++ b/gnu/packages/irc.scm @@ -140,14 +140,14 @@ SILC and ICB protocols via plugins.") (define-public weechat (package (name "weechat") - (version "1.6") + (version "1.7") (source (origin (method url-fetch) (uri (string-append "http://weechat.org/files/src/weechat-" version ".tar.xz")) (sha256 (base32 - "1qqnb9bdi15l30378rnmhf26ndacwi5hmq5vpz4lfyihk17xnryn")) + "1crdwlxj5liik32svflfac0s87vm6p8xm208yndigzsbg8rli4sr")) (patches (search-patches "weechat-python.patch")))) (build-system gnu-build-system) (native-inputs `(("autoconf" ,autoconf) diff --git a/gnu/packages/lisp.scm b/gnu/packages/lisp.scm index e226443626..80161de01b 100644 --- a/gnu/packages/lisp.scm +++ b/gnu/packages/lisp.scm @@ -756,14 +756,14 @@ from other CLXes around the net.") (define-public sbcl-stumpwm (package (name "sbcl-stumpwm") - (version "0.9.9") + (version "1.0.0") (source (origin (method url-fetch) (uri (string-append "https://github.com/stumpwm/stumpwm/archive/" version ".tar.gz")) (sha256 - (base32 "1fqabij4zcsqg1ywgdv2irp1ys23dwc8ms9ai55lb2i47hgv7z3x")) + (base32 "1maxp98gh64az3d9vz9br6zdd6rc9fmj2imvax4by85g6kxvdz1i")) (file-name (string-append "stumpwm-" version ".tar.gz")))) (build-system asdf-build-system/sbcl) (inputs `(("sbcl-cl-ppcre" ,sbcl-cl-ppcre) diff --git a/gnu/packages/lua.scm b/gnu/packages/lua.scm index 65c335d373..721eceddf1 100644 --- a/gnu/packages/lua.scm +++ b/gnu/packages/lua.scm @@ -371,13 +371,13 @@ Notable examples are GTK+, GStreamer and Webkit.") (define-public lua-lpeg (package (name "lua-lpeg") - (version "1.0.0") + (version "1.0.1") (source (origin (method url-fetch) (uri (string-append "http://www.inf.puc-rio.br/~roberto/lpeg/lpeg-" version ".tar.gz")) (sha256 - (base32 "13mz18s359wlkwm9d9iqlyyrrwjc6iqfpa99ai0icam2b3khl68h")))) + (base32 "0sq25z3r324a324ky73izgq9mbf66j2xvjp0fxf227rwxalzgnb2")))) (build-system gnu-build-system) (arguments `(#:phases diff --git a/gnu/packages/openbox.scm b/gnu/packages/openbox.scm index 36e39d8267..2200c837ba 100644 --- a/gnu/packages/openbox.scm +++ b/gnu/packages/openbox.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2014 Julien Lepiller <julien@lepiller.eu> ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2017 ng0 <contact.ng0@cryptolab.net> ;;; ;;; This file is part of GNU Guix. ;;; @@ -23,11 +24,13 @@ #:use-module (guix download) #:use-module (guix build-system gnu) #:use-module (gnu packages freedesktop) + #:use-module (gnu packages gettext) #:use-module (gnu packages gnome) #:use-module (gnu packages gtk) #:use-module (gnu packages image) #:use-module (gnu packages pkg-config) #:use-module (gnu packages python) + #:use-module (gnu packages xdisorg) #:use-module (gnu packages xml) #:use-module (gnu packages xorg)) @@ -67,4 +70,38 @@ implementations.") (home-page "http://openbox.org/wiki/Main_Page") (license gpl2+))) +(define-public obconf + (package + (name "obconf") + (version "2.0.4") + (source + (origin + (method url-fetch) + (uri (string-append "http://openbox.org/dist/" name + "/" name "-" version ".tar.gz")) + (sha256 + (base32 + "1fanjdmd8727kk74x5404vi8v7s4kpq48l583d12fsi4xvsfb8vi")))) + (inputs + `(("gtk+-2" ,gtk+-2) + ("imlib2" ,imlib2) + ("libglade" ,libglade) + ("openbox" ,openbox) + ("startup-notification" ,startup-notification) + ("libsm" ,libsm) + ("librsvg" ,librsvg) + ("libxft" ,libxft))) + (native-inputs + `(("gettext" ,gettext-minimal) + ("pkg-config" ,pkg-config))) + (build-system gnu-build-system) + (arguments + `(#:configure-flags (list "--enable-nls"))) + (home-page "http://openbox.org/wiki/ObConf:About") + (synopsis "Openbox configuration tool") + (description + "Obconf is a tool for configuring the Openbox window manager. +You can configure its appearance, themes, and much more.") + (license gpl2+))) + ;;; openbox.scm ends here diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index 673e5f0fb2..92787d76cc 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -224,9 +224,9 @@ the Nix package manager.") ;; ;; Note: use a very short commit id; with a longer one, the limit on ;; hash-bang lines would be exceeded while running the tests. - (let ((commit "eefd042e60d9fc1d092b44bf80ecbfe65b291e46")) + (let ((commit "d9da3a757d3081403081577c4e07763c9b809043")) (package (inherit guix-0.12.0) - (version (string-append "0.12.0-3." (string-take commit 4))) + (version (string-append "0.12.0-4." (string-take commit 4))) (source (origin (method git-fetch) (uri (git-reference @@ -236,7 +236,7 @@ the Nix package manager.") (commit commit))) (sha256 (base32 - "1g0042x80q73pb9y39aqbkajl4bacls5c0im9aljmjnsb80fsh8d")) + "17w9jdzm3lvfbchx7qrlkczp2jsfsi6v8cpfqh290cip5gxgz9bn")) (file-name (string-append "guix-" version "-checkout")))) (arguments (substitute-keyword-arguments (package-arguments guix-0.12.0) diff --git a/gnu/packages/patches/mupdf-mujs-CVE-2016-10132.patch b/gnu/packages/patches/mupdf-mujs-CVE-2016-10132.patch new file mode 100644 index 0000000000..e752e57ec5 --- /dev/null +++ b/gnu/packages/patches/mupdf-mujs-CVE-2016-10132.patch @@ -0,0 +1,188 @@ +Fix CVE-2016-10132: + +https://bugs.ghostscript.com/show_bug.cgi?id=697381 +http://seclists.org/oss-sec/2017/q1/74 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10132 + +Patch lifted from upstream source repository: + +http://git.ghostscript.com/?p=mujs.git;h=fd003eceda531e13fbdd1aeb6e9c73156496e569 + +From fd003eceda531e13fbdd1aeb6e9c73156496e569 Mon Sep 17 00:00:00 2001 +From: Tor Andersson <tor@ccxvii.net> +Date: Fri, 2 Dec 2016 14:56:20 -0500 +Subject: [PATCH] Fix 697381: check allocation when compiling regular + expressions. + +Also use allocator callback function. +--- + thirdparty/mujs/jsgc.c | 2 +- + thirdparty/mujs/jsregexp.c | 2 +- + thirdparty/mujs/jsstate.c | 6 ------ + thirdparty/mujs/regexp.c | 45 +++++++++++++++++++++++++++++++++++---------- + thirdparty/mujs/regexp.h | 7 +++++++ + 5 files changed, 44 insertions(+), 18 deletions(-) + +diff --git a/thirdparty/mujs/jsgc.c b/thirdparty/mujs/jsgc.c +index 4f7e7dc..f80111e 100644 +--- a/thirdparty/mujs/jsgc.c ++++ b/thirdparty/mujs/jsgc.c +@@ -46,7 +46,7 @@ static void jsG_freeobject(js_State *J, js_Object *obj) + jsG_freeproperty(J, obj->head); + if (obj->type == JS_CREGEXP) { + js_free(J, obj->u.r.source); +- js_regfree(obj->u.r.prog); ++ js_regfreex(J->alloc, J->actx, obj->u.r.prog); + } + if (obj->type == JS_CITERATOR) + jsG_freeiterator(J, obj->u.iter.head); +diff --git a/thirdparty/mujs/jsregexp.c b/thirdparty/mujs/jsregexp.c +index a2d5156..7b09c06 100644 +--- a/thirdparty/mujs/jsregexp.c ++++ b/thirdparty/mujs/jsregexp.c +@@ -16,7 +16,7 @@ void js_newregexp(js_State *J, const char *pattern, int flags) + if (flags & JS_REGEXP_I) opts |= REG_ICASE; + if (flags & JS_REGEXP_M) opts |= REG_NEWLINE; + +- prog = js_regcomp(pattern, opts, &error); ++ prog = js_regcompx(J->alloc, J->actx, pattern, opts, &error); + if (!prog) + js_syntaxerror(J, "regular expression: %s", error); + +diff --git a/thirdparty/mujs/jsstate.c b/thirdparty/mujs/jsstate.c +index 638cab3..fd5bcf6 100644 +--- a/thirdparty/mujs/jsstate.c ++++ b/thirdparty/mujs/jsstate.c +@@ -9,12 +9,6 @@ + + static void *js_defaultalloc(void *actx, void *ptr, int size) + { +- if (size == 0) { +- free(ptr); +- return NULL; +- } +- if (!ptr) +- return malloc((size_t)size); + return realloc(ptr, (size_t)size); + } + +diff --git a/thirdparty/mujs/regexp.c b/thirdparty/mujs/regexp.c +index 9852be2..01c18a3 100644 +--- a/thirdparty/mujs/regexp.c ++++ b/thirdparty/mujs/regexp.c +@@ -807,23 +807,31 @@ static void dumpprog(Reprog *prog) + } + #endif + +-Reprog *regcomp(const char *pattern, int cflags, const char **errorp) ++Reprog *regcompx(void *(*alloc)(void *ctx, void *p, int n), void *ctx, ++ const char *pattern, int cflags, const char **errorp) + { + struct cstate g; + Renode *node; + Reinst *split, *jump; + int i; + +- g.prog = malloc(sizeof (Reprog)); +- g.pstart = g.pend = malloc(sizeof (Renode) * strlen(pattern) * 2); ++ g.pstart = NULL; ++ g.prog = NULL; + + if (setjmp(g.kaboom)) { + if (errorp) *errorp = g.error; +- free(g.pstart); +- free(g.prog); ++ alloc(ctx, g.pstart, 0); ++ alloc(ctx, g.prog, 0); + return NULL; + } + ++ g.prog = alloc(ctx, NULL, sizeof (Reprog)); ++ if (!g.prog) ++ die(&g, "cannot allocate regular expression"); ++ g.pstart = g.pend = alloc(ctx, NULL, sizeof (Renode) * strlen(pattern) * 2); ++ if (!g.pstart) ++ die(&g, "cannot allocate regular expression parse list"); ++ + g.source = pattern; + g.ncclass = 0; + g.nsub = 1; +@@ -840,7 +848,9 @@ Reprog *regcomp(const char *pattern, int cflags, const char **errorp) + die(&g, "syntax error"); + + g.prog->nsub = g.nsub; +- g.prog->start = g.prog->end = malloc((count(node) + 6) * sizeof (Reinst)); ++ g.prog->start = g.prog->end = alloc(ctx, NULL, (count(node) + 6) * sizeof (Reinst)); ++ if (!g.prog->start) ++ die(&g, "cannot allocate regular expression instruction list"); + + split = emit(g.prog, I_SPLIT); + split->x = split + 3; +@@ -859,20 +869,35 @@ Reprog *regcomp(const char *pattern, int cflags, const char **errorp) + dumpprog(g.prog); + #endif + +- free(g.pstart); ++ alloc(ctx, g.pstart, 0); + + if (errorp) *errorp = NULL; + return g.prog; + } + +-void regfree(Reprog *prog) ++void regfreex(void *(*alloc)(void *ctx, void *p, int n), void *ctx, Reprog *prog) + { + if (prog) { +- free(prog->start); +- free(prog); ++ alloc(ctx, prog->start, 0); ++ alloc(ctx, prog, 0); + } + } + ++static void *default_alloc(void *ctx, void *p, int n) ++{ ++ return realloc(p, (size_t)n); ++} ++ ++Reprog *regcomp(const char *pattern, int cflags, const char **errorp) ++{ ++ return regcompx(default_alloc, NULL, pattern, cflags, errorp); ++} ++ ++void regfree(Reprog *prog) ++{ ++ regfreex(default_alloc, NULL, prog); ++} ++ + /* Match */ + + static int isnewline(int c) +diff --git a/thirdparty/mujs/regexp.h b/thirdparty/mujs/regexp.h +index 4bb4615..6bb73e8 100644 +--- a/thirdparty/mujs/regexp.h ++++ b/thirdparty/mujs/regexp.h +@@ -1,6 +1,8 @@ + #ifndef regexp_h + #define regexp_h + ++#define regcompx js_regcompx ++#define regfreex js_regfreex + #define regcomp js_regcomp + #define regexec js_regexec + #define regfree js_regfree +@@ -8,6 +10,11 @@ + typedef struct Reprog Reprog; + typedef struct Resub Resub; + ++Reprog *regcompx(void *(*alloc)(void *ctx, void *p, int n), void *ctx, ++ const char *pattern, int cflags, const char **errorp); ++void regfreex(void *(*alloc)(void *ctx, void *p, int n), void *ctx, ++ Reprog *prog); ++ + Reprog *regcomp(const char *pattern, int cflags, const char **errorp); + int regexec(Reprog *prog, const char *string, Resub *sub, int eflags); + void regfree(Reprog *prog); +-- +2.9.1 + diff --git a/gnu/packages/patches/mupdf-mujs-CVE-2016-10133.patch b/gnu/packages/patches/mupdf-mujs-CVE-2016-10133.patch new file mode 100644 index 0000000000..d73849262c --- /dev/null +++ b/gnu/packages/patches/mupdf-mujs-CVE-2016-10133.patch @@ -0,0 +1,36 @@ +Fix CVE-2016-10133: + +https://bugs.ghostscript.com/show_bug.cgi?id=697401 +http://seclists.org/oss-sec/2017/q1/74 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10133 + +Patch lifted from upstream source repository: + +https://git.ghostscript.com/?p=mujs.git;h=77ab465f1c394bb77f00966cd950650f3f53cb24 + +From 77ab465f1c394bb77f00966cd950650f3f53cb24 Mon Sep 17 00:00:00 2001 +From: Tor Andersson <tor.andersson@gmail.com> +Date: Thu, 12 Jan 2017 14:47:01 +0100 +Subject: [PATCH] Fix 697401: Error when dropping extra arguments to + lightweight functions. + +--- + thirdparty/mujs/jsrun.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/thirdparty/mujs/jsrun.c b/thirdparty/mujs/jsrun.c +index ee80845..782a6f9 100644 +--- a/thirdparty/mujs/jsrun.c ++++ b/thirdparty/mujs/jsrun.c +@@ -937,7 +937,7 @@ static void jsR_calllwfunction(js_State *J, int n, js_Function *F, js_Environmen + jsR_savescope(J, scope); + + if (n > F->numparams) { +- js_pop(J, F->numparams - n); ++ js_pop(J, n - F->numparams); + n = F->numparams; + } + for (i = n; i < F->varlen; ++i) +-- +2.9.1 + diff --git a/gnu/packages/patches/tipp10-fix-compiling.patch b/gnu/packages/patches/tipp10-fix-compiling.patch new file mode 100644 index 0000000000..4c206d4d83 --- /dev/null +++ b/gnu/packages/patches/tipp10-fix-compiling.patch @@ -0,0 +1,213 @@ +Description: Debian patches to make tipp10 compile +Author: Christoph Martin <chrism@debian.org> +Last-Update: 2016-07-20 + +https://sources.debian.net/data/main/t/tipp10/2.1.0-2/debian/patches/0001-FixCompiling + +--- a/widget/tickerboard.cpp ++++ b/widget/tickerboard.cpp +@@ -97,7 +97,8 @@ void TickerBoard::startTicker(bool wasPa +
+ if (tickerSpeed == 50) {
+ scrollOffset = 290;
+- scroll(-290, 0, QRect::QRect(10, 15, 590, 35)); //contentsRect());
++ const QRect qr = QRect(10, 15, 590, 35);
++ scroll(-290, 0, qr); //contentsRect());
+ }
+
+ startFlag = true;
+@@ -153,7 +154,8 @@ void TickerBoard::changeChar() { + scrollOffset = 0;
+ } else {
+ scrollOffset = 290;
+- scroll(-290, 0, QRect::QRect(10, 15, 590, 35)); //contentsRect());
++ const QRect qr = QRect(10, 15, 590, 35);
++ scroll(-290, 0, qr); //contentsRect());
+ }
+ splitLesson();
+ }
+@@ -242,7 +244,8 @@ void TickerBoard::progress() { +
+ // Move ticker 1 pixel to left
+ scrollOffset++;
+- scroll(-1, 0, QRect::QRect(10, 15, 590, 35)); //contentsRect());
++ const QRect qr = QRect(10, 15, 590, 35);
++ scroll(-1, 0, qr); //contentsRect());
+
+ if ((lessonOffset - scrollOffset) <= 30) {
+ setSpeed(tickerSpeed);
+@@ -265,14 +268,16 @@ void TickerBoard::progress() { + // 160 pixels overage (because the user must see at least the next word)
+ if ((lessonOffset - scrollOffset) > 200) {
+ scrollOffset += (lessonOffset - scrollOffset) - 200;
+- scroll(-((lessonOffset - scrollOffset) - 200), 0, QRect::QRect(10, 15, 590, 35)); //contentsRect());
++ const QRect qr = QRect(10, 15, 590, 35);
++ scroll(-((lessonOffset - scrollOffset) - 200), 0, qr); //contentsRect());
+ }
+ } else {
+ // If the user types faster than the ticker, move ticker faster after
+ // 160 pixels overage (because the user must see at least the next word)
+ if ((lessonOffset - scrollOffset) > 280) {
+ scrollOffset += 570;
+- scroll(-570, 0, QRect::QRect(10, 15, 590, 35)); //contentsRect());
++ const QRect qr = QRect(10, 15, 590, 35);
++ scroll(-570, 0, qr); //contentsRect());
+ }
+
+ }
+--- a/widget/settingspages.cpp ++++ b/widget/settingspages.cpp +@@ -501,7 +501,7 @@ void DatabasePage::writeSettings() { + QSettings settings;
+ #endif
+ settings.beginGroup("database");
+- settings.setValue("pathpro", lineDatabasePath->text() + "/" + QString::QString(APP_USER_DB));
++ settings.setValue("pathpro", lineDatabasePath->text() + "/" + QString(APP_USER_DB));
+ settings.endGroup();
+ }
+
+--- a/widget/lessondialog.cpp ++++ b/widget/lessondialog.cpp +@@ -89,7 +89,7 @@ void LessonDialog::updateContent() { + *lessonData = lineLessonContent->toPlainText().split("\n", QString::SkipEmptyParts);
+ // Delete empty lines
+ for (int i = 0; i < lessonData->size(); i++) {
+- if (QString::QString(lessonData->at(i).toLocal8Bit().constData()).simplified() == "") {
++ if (QString(lessonData->at(i).toLocal8Bit().constData()).simplified() == "") {
+ lessonData->removeAt(i);
+ }
+ }
+@@ -259,7 +259,7 @@ void LessonDialog::clickSave() { + contentList = lineLessonContent->toPlainText().split("\n", QString::SkipEmptyParts);
+ // Delete empty lines
+ for (i = 0; i < contentList.size(); i++) {
+- if (QString::QString(contentList.at(i).toLocal8Bit().constData()).simplified() == "") {
++ if (QString(contentList.at(i).toLocal8Bit().constData()).simplified() == "") {
+ contentList.removeAt(i);
+ }
+ }
+--- a/sql/chartablesql.cpp ++++ b/sql/chartablesql.cpp +@@ -57,7 +57,7 @@ QVariant CharSqlModel::data(const QModel + // Read the unicode value
+ unicode = value.toInt();
+ // Convert unicode to a char
+- unicodeToChar = QString::QString(QChar(unicode)); //"\'" + QString::QString(QChar(unicode)) + "\'";
++ unicodeToChar = QString(QChar(unicode)); //"\'" + QString::QString(QChar(unicode)) + "\'";
+ return unicodeToChar;
+ } else {
+ // Last column (error weight)
+--- a/sql/startsql.cpp ++++ b/sql/startsql.cpp +@@ -344,7 +344,7 @@ bool StartSql::updateOwnLesson(QString l + for (i = 0; i < content.size(); i++) {
+ //simplifiedContent = QString::QString(
+ // content.at(i)).replace(QChar(0x27), "''", Qt::CaseSensitive).simplified();
+- simplifiedContent = trim(QString::QString(
++ simplifiedContent = trim(QString(
+ content.at(i)).replace(QChar(0x27), "''", Qt::CaseSensitive));
+
+ if (!query.exec("INSERT INTO own_content VALUES(NULL,'" +
+--- a/def/defines.h ++++ b/def/defines.h +@@ -27,9 +27,9 @@ Foundation, Inc., 51 Franklin Street, Fi + #define DEFINES_H
+
+ // OS constants
+-#define APP_WIN true
++#define APP_WIN false
+ #define APP_MAC false
+-#define APP_X11 false
++#define APP_X11 true
+ #define APP_PORTABLE false //at least one of the 3 OS must be true too!
+
+ // Languages
+@@ -47,6 +47,7 @@ Foundation, Inc., 51 Franklin Street, Fi + #define APP_URL "http://www.tipp10.com"
+ #define APP_DB "tipp10v2.template"
+ #define APP_USER_DB "tipp10v2.db"
++#define APP_SHARE_DIR "/usr/share/tipp10"
+
+ // Update constants
+ #define UPDATE_URL "www.tipp10.com"
+--- a/tipp10.pro ++++ b/tipp10.pro +@@ -88,3 +88,15 @@ SOURCES += main.cpp \ + sql/startsql.cpp \
+ games/abcrainwidget.cpp \
+ games/charball.cpp
++
++target.path = /usr/bin/
++INSTALLS += target
++share.path = /usr/share/tipp10/
++share.files = release/* *wav
++INSTALLS += share
++desktop.path = /usr/share/applications/
++desktop.files = tipp10.desktop
++INSTALLS += desktop
++pixmap.path = /usr/share/pixmaps/
++pixmap.files = tipp10.png
++INSTALLS += pixmap
+--- a/sql/connection.h ++++ b/sql/connection.h +@@ -179,11 +179,13 @@ static bool createConnection() { + CANCEL_NO, "Betroffener Pfad:\n" + dbPath);*/
+ // Try to create new databae in user path
+ // Exist a database in the program dir?
+- if (QFile::exists(QCoreApplication::applicationDirPath() + "/" + dbNameTemplate)) {
++ // if (QFile::exists(QCoreApplication::applicationDirPath() + "/" + dbNameTemplate)) {
++ if (QFile::exists(QString(APP_SHARE_DIR) + "/" + dbNameTemplate)) {
+ //if (QFile::exists(":/" + dbNameTemplate)) {
+ // A database exist in the program dir
+ // -> copy database to user home dir
+- QFile file(QCoreApplication::applicationDirPath() + "/" + dbNameTemplate);
++ // QFile file(QCoreApplication::applicationDirPath() + "/" + dbNameTemplate);
++ QFile file(QString(APP_SHARE_DIR) + "/" + dbNameTemplate);
+ //QFile file(":/" + dbNameTemplate);
+ if (file.copy(dbPath)) {
+ QFile::setPermissions(dbPath, QFile::permissions(dbPath) | QFile::WriteUser);
+@@ -229,7 +231,8 @@ static bool createConnection() { + // Exist a database in user's home dir?
+ if (!QFile::exists(dbPath)) {
+ // Exist a database template in the program dir?
+- dbPath = QCoreApplication::applicationDirPath() + "/" + dbNameTemplate;
++ // dbPath = QCoreApplication::applicationDirPath() + "/" + dbNameTemplate;
++ dbPath = QString(APP_SHARE_DIR) + "/" + dbNameTemplate;
+ //dbPath = ":/" + dbNameTemplate;
+ if (QFile::exists(dbPath)) {
+ // A database template exist in the program dir
+--- a/widget/helpbrowser.cpp ++++ b/widget/helpbrowser.cpp +@@ -52,13 +52,15 @@ HelpBrowser::HelpBrowser(QString link, Q + textBrowser->setOpenExternalLinks(true);
+
+ textBrowser->setSource(QString("file:///") +
+- QCoreApplication::applicationDirPath() +
++ // QCoreApplication::applicationDirPath() +
++ APP_SHARE_DIR +
+ QString("/help/") + language + QString("/index.html"));
+
+ if (link != "") {
+
+ textBrowser->setSource(QString("file:///") +
+- QCoreApplication::applicationDirPath() +
++ // QCoreApplication::applicationDirPath() +
++ APP_SHARE_DIR +
+ QString("/help/") + language + QString("/content/") + link);
+
+ }
+--- a/tipp10.desktop ++++ b/tipp10.desktop +@@ -1,10 +1,10 @@ + [Desktop Entry] +-Encoding=UTF-8 + Name=TIPP10 + Comment=Touch Typing Tutor + Comment[de]=10-Finger-Schreibtrainer +-Exec=tipp10 ++Exec=/usr/bin/tipp10 + Icon=tipp10.png + Terminal=false + Type=Application + Categories=Education; ++Keywords=learning;touchtyping diff --git a/gnu/packages/patches/tipp10-remove-license-code.patch b/gnu/packages/patches/tipp10-remove-license-code.patch new file mode 100644 index 0000000000..4b7487e726 --- /dev/null +++ b/gnu/packages/patches/tipp10-remove-license-code.patch @@ -0,0 +1,332 @@ +Description: Remove license dialog and license key checking + +https://sources.debian.net/data/main/t/tipp10/2.1.0-2/debian/patches/0002-RemoveLicenseCode + +--- a/main.cpp ++++ b/main.cpp +@@ -33,7 +33,6 @@ Foundation, Inc., 51 Franklin Street, Fi + #include "def/defines.h"
+ #include "sql/connection.h"
+ #include "widget/mainwindow.h"
+-#include "widget/licensedialog.h"
+ #include "widget/illustrationdialog.h"
+
+ int main(int argc, char *argv[]) {
+@@ -59,7 +58,7 @@ int main(int argc, char *argv[]) { + QSettings settings;
+ #endif
+
+- // Read/write language, license key and show illustration flag
++ // Read/write language and show illustration flag
+ settings.beginGroup("general");
+ QString languageGui = settings.value("language_gui",
+ QLocale::system().name()).toString();
+@@ -101,7 +100,6 @@ int main(int argc, char *argv[]) { + QString languageLesson = settings.value("language_lesson",
+ "").toString();
+
+- QString licenseKey = settings.value("licensekey", "").toString();
+ bool showIllustration = settings.value("check_illustration", true).toBool();
+ bool useNativeStyle = settings.value("check_native_style", false).toBool();
+ settings.endGroup();
+--- a/tipp10.pro ++++ b/tipp10.pro +@@ -43,7 +43,6 @@ HEADERS += def/defines.h \ + widget/helpbrowser.h \
+ widget/companylogo.h \
+ widget/errormessage.h \
+- widget/licensedialog.h \
+ widget/txtmessagedialog.h \
+ widget/checkversion.h \
+ sql/connection.h \
+@@ -78,7 +77,6 @@ SOURCES += main.cpp \ + widget/helpbrowser.cpp \
+ widget/companylogo.cpp \
+ widget/errormessage.cpp \
+- widget/licensedialog.cpp \
+ widget/txtmessagedialog.cpp \
+ widget/checkversion.cpp \
+ sql/lessontablesql.cpp \
+--- a/widget/licensedialog.cpp ++++ /dev/null +@@ -1,168 +0,0 @@ +-/*
+-Copyright (c) 2006-2009, Tom Thielicke IT Solutions
+-
+-This program is free software; you can redistribute it and/or
+-modify it under the terms of the GNU General Public License
+-as published by the Free Software Foundation; either version 2
+-of the License.
+-
+-This program is distributed in the hope that it will be useful,
+-but WITHOUT ANY WARRANTY; without even the implied warranty of
+-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-GNU General Public License for more details.
+-
+-You should have received a copy of the GNU General Public License
+-along with this program; if not, write to the Free Software
+-Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+-02110-1301, USA.
+-*/
+-
+-/****************************************************************
+-**
+-** Implementation of the LicenseDialog class
+-** File name: licensedialog.cpp
+-**
+-****************************************************************/
+-
+-#include <QHBoxLayout>
+-#include <QVBoxLayout>
+-#include <QMessageBox>
+-#include <QSettings>
+-#include <QCoreApplication>
+-
+-#include "licensedialog.h"
+-#include "def/defines.h"
+-
+-LicenseDialog::LicenseDialog(QWidget *parent) : QDialog(parent) {
+-
+- setWindowFlags(windowFlags() ^ Qt::WindowContextHelpButtonHint);
+-
+- setWindowTitle(tr("Lizenznummer"));
+- setWindowIcon(QIcon(":/img/" + QString(ICON_FILENAME)));
+-
+- // Create texbox
+- createLineEdit();
+-
+- // Create buttons
+- createButtons();
+-
+- // Set the layout of all widgets created above
+- createLayout();
+-
+- lineLicensing->setFocus();
+-}
+-
+-void LicenseDialog::createButtons() {
+- //Buttons
+- buttonOk = new QPushButton(this);
+- buttonDemo = new QPushButton(this);
+-
+- buttonOk->setText(tr("&Ok"));
+- buttonDemo->setText(tr("&Demo starten"));
+- buttonDemo->setToolTip(tr("Im Demo-Modus koennen pro Lektion nur\n"
+- "10 Schriftzeichen eingegeben werden"));
+-
+- buttonOk->setDefault(true);
+- // Widget connections
+- connect(buttonOk, SIGNAL(clicked()), this, SLOT(clickOk()));
+- connect(buttonDemo, SIGNAL(clicked()), this, SLOT(clickDemo()));
+-}
+-
+-void LicenseDialog::createLineEdit() {
+-
+- lineLicensing = new QLineEdit();
+- lineLicensing->setInputMask(">NNNNNNNNNNNNNN");
+-
+- labelLicensing = new QLabel(tr("Bitte geben Sie Ihre Lizenznummer "
+- "(ohne Leerzeichen) ein, "
+- "die Sie im Arbeitsbuch (Schulbuch) auf Seite 3 finden:"));
+-
+- labelLicensing->setWordWrap(true);
+-}
+-
+-void LicenseDialog::createLayout() {
+- // Button layout horizontal
+- QHBoxLayout *buttonLayoutHorizontal = new QHBoxLayout;
+- buttonLayoutHorizontal->addStretch(1);
+- buttonLayoutHorizontal->addWidget(buttonDemo);
+- buttonLayoutHorizontal->addWidget(buttonOk);
+- // Full layout of all widgets vertical
+- QVBoxLayout *mainLayout = new QVBoxLayout;
+- mainLayout->addSpacing(1);
+- mainLayout->addWidget(labelLicensing);
+- mainLayout->addSpacing(1);
+- mainLayout->addWidget(lineLicensing);
+- mainLayout->addSpacing(1);
+- mainLayout->addLayout(buttonLayoutHorizontal);
+- mainLayout->setMargin(15);
+- mainLayout->setSpacing(15);
+- // Pass layout to parent widget (this)
+- this->setLayout(mainLayout);
+-}
+-
+-void LicenseDialog::clickOk() {
+-
+- // Check license key
+- if (!checkLicenseKey(lineLicensing->text())) {
+-
+- // License key is wrong
+-
+- // Message to the user
+- QMessageBox::information(0, APP_NAME,
+- tr("Die eingegebene Lizenznummer ist leider nicht "
+- "korrekt.\nBitte ueberpruefen Sie die Schreibweise."));
+-
+- lineLicensing->setFocus();
+-
+- } else {
+-
+- // License key is ok
+- writeSettings();
+- accept();
+- }
+-}
+-
+-void LicenseDialog::clickDemo() {
+- accept();
+-}
+-
+-bool LicenseDialog::checkLicenseKey(QString licenseKey) {
+- if (licenseKey.size() == 14 &&
+- licenseKey[0].isLetter() &&
+- licenseKey[1].isLetter() &&
+- (licenseKey.mid(2, 2) == "39" ||
+- licenseKey.mid(2, 2) == "41" ||
+- licenseKey.mid(2, 2) == "43" ||
+- licenseKey.mid(2, 2) == "49" ||
+- licenseKey.mid(2, 2) == "99") &&
+- licenseKey[4].isDigit() &&
+- licenseKey[5].isDigit() &&
+- licenseKey[6].isDigit() &&
+- licenseKey[7].isLetter() &&
+- licenseKey[8].isDigit() &&
+- licenseKey[9].isDigit() &&
+- licenseKey[10].isDigit() &&
+- licenseKey[11].isDigit() &&
+- licenseKey[12].isLetter() &&
+- licenseKey[13].isLetter()) {
+-
+- return true;
+- }
+- return false;
+-}
+-
+-void LicenseDialog::writeSettings() {
+- // Saves settings of the startwiget
+- // (uses the default constructor of QSettings, passing
+- // the application and company name see main function)
+- #if APP_PORTABLE
+- QSettings settings(QCoreApplication::applicationDirPath() +
+- "/portable/settings.ini", QSettings::IniFormat);
+- #else
+- QSettings settings;
+- #endif
+-
+- settings.beginGroup("general");
+- settings.setValue("licensekey", lineLicensing->text());
+- settings.endGroup();
+-}
+--- a/widget/licensedialog.h ++++ /dev/null +@@ -1,85 +0,0 @@ +-/*
+-Copyright (c) 2006-2009, Tom Thielicke IT Solutions
+-
+-This program is free software; you can redistribute it and/or
+-modify it under the terms of the GNU General Public License
+-as published by the Free Software Foundation; either version 2
+-of the License.
+-
+-This program is distributed in the hope that it will be useful,
+-but WITHOUT ANY WARRANTY; without even the implied warranty of
+-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-GNU General Public License for more details.
+-
+-You should have received a copy of the GNU General Public License
+-along with this program; if not, write to the Free Software
+-Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+-02110-1301, USA.
+-*/
+-
+-/****************************************************************
+-**
+-** Definition of the LicenseDialog class
+-** File name: licensedialog.h
+-**
+-****************************************************************/
+-
+-#ifndef LICENSEDIALOG_H
+-#define LICENSEDIALOG_H
+-
+-#include <QDialog>
+-#include <QWidget>
+-#include <QPushButton>
+-#include <QLabel>
+-#include <QLineEdit>
+-#include <QString>
+-
+-//! The LicenseDialog class provides a license input widget.
+-/*!
+- The LicenseDialog class shows a dialog to enter a license key.
+-
+- @author Tom Thielicke, s712715
+- @version 0.0.1
+- @date 09.09.2008
+-*/
+-class LicenseDialog : public QDialog {
+- Q_OBJECT
+-
+- public:
+-
+- //! Constructor, creates two table objects and provide it in two tabs.
+- LicenseDialog(QWidget *parent = 0);
+-
+- bool checkLicenseKey(QString licenseKey);
+-
+- public slots:
+-
+- private slots:
+-
+- //! Start button pressed
+- void clickOk();
+-
+- //! Demo button pressed
+- void clickDemo();
+-
+- private:
+-
+- //! Creates a cancel and a ok button.
+- void createButtons();
+-
+- //! Creates a textbox.
+- void createLineEdit();
+-
+- //! Creates the layout of the complete class.
+- void createLayout();
+-
+- //! Writes user settings
+- void writeSettings();
+-
+- QPushButton *buttonOk;
+- QPushButton *buttonDemo;
+- QLabel *labelLicensing;
+- QLineEdit *lineLicensing;
+-};
+-
+-#endif //LICENSEDIALOG_H
+--- a/widget/mainwindow.cpp ++++ b/widget/mainwindow.cpp +@@ -116,11 +116,6 @@ void MainWindow::closeEvent(QCloseEvent + }
+ }
+
+-bool MainWindow::checkLicenseKey(QString licenseKey) {
+-
+- return false;
+-}
+-
+ void MainWindow::createMenu() {
+ //Mac-Version:
+ //-----------
+--- a/widget/mainwindow.h ++++ b/widget/mainwindow.h +@@ -39,7 +39,6 @@ Foundation, Inc., 51 Franklin Street, Fi + #include "trainingwidget.h"
+ #include "evaluationwidget.h"
+ #include "illustrationdialog.h"
+-#include "licensedialog.h"
+ #include "games/abcrainwidget.h"
+ #include "helpbrowser.h"
+
diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 9b3571e67b..5e1c0db51e 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -6,10 +6,11 @@ ;;; Copyright © 2016 Roel Janssen <roel@gnu.org> ;;; Coypright © 2016 ng0 <ng0@we.make.ritual.n0.is> ;;; Coypright © 2016 Efraim Flashner <efraim@flashner.co.il> -;;; Coypright © 2016 Marius Bakke <mbakke@fastmail.com> +;;; Coypright © 2016, 2017 Marius Bakke <mbakke@fastmail.com> ;;; Coypright © 2016 Ludovic Courtès <ludo@gnu.org> ;;; Coypright © 2016 Julien Lepiller <julien@lepiller.eu> ;;; Copyright © 2016 Arun Isaac <arunisaac@systemreboot.net> +;;; Copyright © 2017 Leo Famulari <leo@famulari.name> ;;; ;;; This file is part of GNU Guix. ;;; @@ -480,6 +481,7 @@ extracting content or merging files.") (define-public mupdf (package (name "mupdf") + (replacement mupdf/fixed) (version "1.10a") (source (origin @@ -538,6 +540,18 @@ line tools for batch rendering (pdfdraw), rewriting files (pdfclean), and examining the file structure (pdfshow).") (license license:agpl3+))) +(define mupdf/fixed + (package + (inherit mupdf) + (source + (origin + (inherit (package-source mupdf)) + (patches + (append + (origin-patches (package-source mupdf)) + (search-patches "mupdf-mujs-CVE-2016-10132.patch" + "mupdf-mujs-CVE-2016-10133.patch"))))))) + (define-public qpdf (package (name "qpdf") diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 4758606604..ddf276de09 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -8224,13 +8224,13 @@ processes across test runs.") (define-public python-icalendar (package (name "python-icalendar") - (version "3.11.1") + (version "3.11.2") (source (origin (method url-fetch) (uri (pypi-uri "icalendar" version)) (sha256 (base32 - "1bvi7rzh7scl4nmgj2n2cy7k0v3p29y15cqy2hcdnfq9mnhdr63y")))) + "17rcy6rb9kqjf4p707ivmx7phjq7ngcz3bf7zriwxrqgrjagj7ag")))) (build-system python-build-system) (propagated-inputs `(("python-dateutil-2" ,python-dateutil-2) diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index 8fb22d0060..fb89238bd9 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -5,6 +5,7 @@ ;;; Copyright © 2014, 2015 David Thompson <davet@gnu.org> ;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2015, 2016, 2017 Ben Woodcroft <donttrustben@gmail.com> +;;; Copyright © 2017 ng0 <contact.ng0@cryptolab.net> ;;; ;;; This file is part of GNU Guix. ;;; @@ -4198,3 +4199,35 @@ RFC 2617. This enables the use of the digest authentication scheme instead of the more insecure basic authentication scheme.") (home-page "http://github.com/drbrain/net-http-digest_auth") (license license:expat))) + +(define-public ruby-mail + (package + (name "ruby-mail") + (version "2.6.4") + (source + (origin + (method url-fetch) + (uri (rubygems-uri "mail" version)) + (sha256 + (base32 + "0c9vqfy0na9b5096i5i4qvrvhwamjnmajhgqi3kdsdfl8l6agmkp")))) + (build-system ruby-build-system) + (propagated-inputs + `(("ruby-mime-types" ,ruby-mime-types))) + (arguments + ;; Tests require extra gems not included in the Gemfile. + ;; XXX: Try enabling this for the next version with mini_mime. + `(#:tests? #f)) + (synopsis "Mail library for Ruby") + (description + "Mail is an internet library for Ruby that is designed to handle email +generation, parsing and sending. The purpose of this library is to provide +a single point of access to handle all email functions, including sending +and receiving emails. All network type actions are done through proxy +methods to @code{Net::SMTP}, @code{Net::POP3} etc. + +Mail has been designed with a very simple object oriented system that +really opens up the email messages you are parsing, if you know what you +are doing, you can fiddle with every last bit of your email directly.") + (home-page "https://github.com/mikel/mail") + (license license:expat))) diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 90878da933..b6a193de1b 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -5,6 +5,7 @@ ;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2015 David Thompson <davet@gnu.org> ;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name> +;;; Copyright © 2015, 2016, 2017 Leo Famulari <leo@famulari.name> ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is> ;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com> @@ -470,13 +471,13 @@ security, and applying best practice development processes.") (define-public python-acme (package (name "python-acme") - (version "0.9.3") + (version "0.10.1") (source (origin (method url-fetch) (uri (pypi-uri "acme" version)) (sha256 - (base32 - "16a02bb0apnk1bm68bcabdmmwd6rnvnjzanrmcb46bpbapwz3vx6")))) + (base32 + "04d2464klbhvrsrlmca10qxyd968qz7xizdppr53cihnlfq2y77m")))) (build-system python-build-system) (arguments `(#:phases @@ -519,13 +520,13 @@ security, and applying best practice development processes.") (define-public certbot (package (name "certbot") - (version "0.9.3") + (version "0.10.1") (source (origin (method url-fetch) (uri (pypi-uri name version)) (sha256 (base32 - "1c7k4lfq5j78d1rvrwrb9082ngwibz92cwkf4kazaa9b76w9q538")))) + "0hx71ba7w8kf8hpg1wy5zf8ggczb57g3kcsdg83kxjpqnfnrkmp0")))) (build-system python-build-system) (arguments `(#:python ,python-2 diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm index fdd75a4ecd..fa757ff794 100644 --- a/gnu/packages/version-control.scm +++ b/gnu/packages/version-control.scm @@ -6,7 +6,7 @@ ;;; Copyright © 2015, 2016 Mathieu Lirzin <mthl@gnu.org> ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2014, 2016 Eric Bavier <bavier@member.fsf.org> -;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2015 Kyle Meyer <kyle@kyleam.com> ;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2016 Leo Famulari <leo@famulari.name> @@ -842,19 +842,19 @@ masters from remote CVS hosts.") (define-public vc-dwim (package (name "vc-dwim") - (version "1.7") + (version "1.8") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/vc-dwim/vc-dwim-" version ".tar.xz")) (sha256 (base32 - "094pjwshvazlgagc254in2xvrp93vhcj0kb5ms17qs7sch99x9z2")))) + "0d5sqafc40l878m8wjr35jxmalj4kam1m6ph60v08ng4ml5g7931")))) (build-system gnu-build-system) (inputs `(("perl" ,perl) ("inetutils" ,inetutils))) ; for `hostname', used in the tests (native-inputs `(("emacs" ,emacs-minimal))) ; for `ctags' - (home-page "http://www.gnu.org/software/vc-dwim/") + (home-page "https://www.gnu.org/software/vc-dwim/") (synopsis "Version-control-agnostic ChangeLog diff and commit tool") (description "The vc-dwim package contains two tools, \"vc-dwim\" and \"vc-chlog\". diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index a5b35479a0..2cef04d89a 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -970,7 +970,7 @@ access to mpv's powerful playback capabilities.") (define-public youtube-dl (package (name "youtube-dl") - (version "2017.01.10") + (version "2017.01.14") (source (origin (method url-fetch) (uri (string-append "https://yt-dl.org/downloads/" @@ -978,7 +978,7 @@ access to mpv's powerful playback capabilities.") version ".tar.gz")) (sha256 (base32 - "0clr6vj9lg96fffc9xv2apr7an6lljnli1b8clfj4dap1i0d34v4")))) + "1jlwz6p7ryj9ygmwqm4r3pykd9qw21rsiqpifbx0p0kcvdvvvj3n")))) (build-system python-build-system) (arguments ;; The problem here is that the directory for the man page and completion diff --git a/gnu/packages/vim.scm b/gnu/packages/vim.scm index 7275b980ab..7ba4e6ac31 100644 --- a/gnu/packages/vim.scm +++ b/gnu/packages/vim.scm @@ -49,7 +49,7 @@ (define-public vim (package (name "vim") - (version "8.0.0147") + (version "8.0.0187") (source (origin (method url-fetch) (uri (string-append "https://github.com/vim/vim/archive/v" @@ -57,7 +57,7 @@ (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "0rjq77n2gj3bb22dhawmbwkknii14gy7akplrplgxl1l789isfpq")))) + "1p9wdhksckp741406hnk5yj2lzhixfxzjs102zga0w8qw72p5yc6")))) (build-system gnu-build-system) (arguments `(#:test-target "test" diff --git a/gnu/packages/xfce.scm b/gnu/packages/xfce.scm index 5639f1daa3..fce47d93ce 100644 --- a/gnu/packages/xfce.scm +++ b/gnu/packages/xfce.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2016 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2016 Florian Paul Schmidt <mista.tapas@gmx.net> ;;; Copyright © 2016 Kei Kebreau <kei@openmailbox.org> +;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net> ;;; ;;; This file is part of GNU Guix. ;;; @@ -661,7 +662,7 @@ devices and folders.") (define-public xfce4-terminal (package (name "xfce4-terminal") - (version "0.6.3") + (version "0.8.3") (source (origin (method url-fetch) (uri (string-append "http://archive.xfce.org/src/apps/" name "/" @@ -669,14 +670,14 @@ devices and folders.") name "-" version ".tar.bz2")) (sha256 (base32 - "023y0lkfijifh05yz8grimxadqpi98mrivr00sl18nirq8b4fbwi")))) + "1w8jvi9nw00aki825mm8f7wpkhxxicw4f6j9v4ka71z8p2ry9rj0")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config) ("intltool" ,intltool))) (inputs `(("libxfce4ui" ,libxfce4ui) - ("vte" ,vte/gtk+-2))) + ("vte" ,vte))) (home-page "http://www.xfce.org/") (synopsis "Xfce terminal emulator") (description diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm index a27c431ddf..b780d47c32 100644 --- a/gnu/packages/xorg.scm +++ b/gnu/packages/xorg.scm @@ -2,7 +2,7 @@ ;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2014, 2015 Eric Bavier <bavier@member.fsf.org> -;;; Copyright © 2015, 2016 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr> ;;; Copyright © 2016 Mathieu Lirzin <mthl@gnu.org> ;;; Copyright © 2015 Cyrill Schenkel <cyrill.schenkel@gmail.com> @@ -399,21 +399,31 @@ Resources file.") (description "Xorg font encoding files.") (license license:public-domain))) +(define (%xorg-font-origin font version hash) + (origin + (method url-fetch) + (uri (string-append "mirror://xorg/individual/font/" font "-" + version ".tar.bz2")) + (sha256 hash) + (modules '((guix build utils))) + (snippet + ;; Do not include timestamps in '.pcf.gz' files. + '(substitute* "Makefile.in" + (("^COMPRESS = (.*)$" _ rest) + (string-append "COMPRESS = " (string-trim-right rest) + " --no-name\n")))))) + +(define-syntax-rule (xorg-font-origin font version hash) + "Expand to the 'origin' form for the given Xorg font package." + (%xorg-font-origin font version (base32 hash))) (define-public font-adobe100dpi (package (name "font-adobe100dpi") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-adobe-100dpi-" - version - ".tar.bz2")) - (sha256 - (base32 - "0m60f5bd0caambrk8ksknb5dks7wzsg7g7xaf0j21jxmx8rq9h5j")))) + (source (xorg-font-origin + "font-adobe-100dpi" version + "0m60f5bd0caambrk8ksknb5dks7wzsg7g7xaf0j21jxmx8rq9h5j")) (build-system gnu-build-system) (inputs `(("bdftopcf" ,bdftopcf) @@ -436,16 +446,9 @@ Resources file.") (package (name "font-adobe75dpi") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-adobe-75dpi-" - version - ".tar.bz2")) - (sha256 - (base32 - "02advcv9lyxpvrjv8bjh1b797lzg6jvhipclz49z8r8y98g4l0n6")))) + (source (xorg-font-origin + "font-adobe-75dpi" version + "02advcv9lyxpvrjv8bjh1b797lzg6jvhipclz49z8r8y98g4l0n6")) (build-system gnu-build-system) (inputs `(("bdftopcf" ,bdftopcf) @@ -472,16 +475,9 @@ Resources file.") (package (name "font-alias") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-alias-" - version - ".tar.bz2")) - (sha256 - (base32 - "16ic8wfwwr3jicaml7b5a0sk6plcgc1kg84w02881yhwmqm3nicb")))) + (source (xorg-font-origin + name version + "16ic8wfwwr3jicaml7b5a0sk6plcgc1kg84w02881yhwmqm3nicb")) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) (arguments @@ -513,16 +509,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-arabic-misc") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-arabic-misc-" - version - ".tar.bz2")) - (sha256 - (base32 - "1x246dfnxnmflzf0qzy62k8jdpkb6jkgspcjgbk8jcq9lw99npah")))) + (source (xorg-font-origin + name version + "1x246dfnxnmflzf0qzy62k8jdpkb6jkgspcjgbk8jcq9lw99npah")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -550,16 +539,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-cronyx-cyrillic") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-cronyx-cyrillic-" - version - ".tar.bz2")) - (sha256 - (base32 - "0ai1v4n61k8j9x2a1knvfbl2xjxk3xxmqaq3p9vpqrspc69k31kf")))) + (source (xorg-font-origin + name version + "0ai1v4n61k8j9x2a1knvfbl2xjxk3xxmqaq3p9vpqrspc69k31kf")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -583,16 +565,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-dec-misc") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-dec-misc-" - version - ".tar.bz2")) - (sha256 - (base32 - "0yzza0l4zwyy7accr1s8ab7fjqkpwggqydbm2vc19scdby5xz7g1")))) + (source (xorg-font-origin + name version + "0yzza0l4zwyy7accr1s8ab7fjqkpwggqydbm2vc19scdby5xz7g1")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -612,16 +587,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-isas-misc") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-isas-misc-" - version - ".tar.bz2")) - (sha256 - (base32 - "0rx8q02rkx673a7skkpnvfkg28i8gmqzgf25s9yi0lar915sn92q")))) + (source (xorg-font-origin + name version + "0rx8q02rkx673a7skkpnvfkg28i8gmqzgf25s9yi0lar915sn92q")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -642,16 +610,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-micro-misc") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-micro-misc-" - version - ".tar.bz2")) - (sha256 - (base32 - "1dldxlh54zq1yzfnrh83j5vm0k4ijprrs5yl18gm3n9j1z0q2cws")))) + (source (xorg-font-origin + name version + "1dldxlh54zq1yzfnrh83j5vm0k4ijprrs5yl18gm3n9j1z0q2cws")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -668,16 +629,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-misc-cyrillic") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-misc-cyrillic-" - version - ".tar.bz2")) - (sha256 - (base32 - "0q2ybxs8wvylvw95j6x9i800rismsmx4b587alwbfqiw6biy63z4")))) + (source (xorg-font-origin + name version + "0q2ybxs8wvylvw95j6x9i800rismsmx4b587alwbfqiw6biy63z4")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -694,16 +648,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-misc-ethiopic") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-misc-ethiopic-" - version - ".tar.bz2")) - (sha256 - (base32 - "19cq7iq0pfad0nc2v28n681fdq3fcw1l1hzaq0wpkgpx7bc1zjsk")))) + (source (xorg-font-origin + name version + "19cq7iq0pfad0nc2v28n681fdq3fcw1l1hzaq0wpkgpx7bc1zjsk")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -724,16 +671,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-misc-misc") (version "1.1.2") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-misc-misc-" - version - ".tar.bz2")) - (sha256 - (base32 - "150pq6n8n984fah34n3k133kggn9v0c5k07igv29sxp1wi07krxq")))) + (source (xorg-font-origin + name version + "150pq6n8n984fah34n3k133kggn9v0c5k07igv29sxp1wi07krxq")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -754,16 +694,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-mutt-misc") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-mutt-misc-" - version - ".tar.bz2")) - (sha256 - (base32 - "13qghgr1zzpv64m0p42195k1kc77pksiv059fdvijz1n6kdplpxx")))) + (source (xorg-font-origin + name version + "13qghgr1zzpv64m0p42195k1kc77pksiv059fdvijz1n6kdplpxx")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -780,16 +713,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-schumacher-misc") (version "1.1.2") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-schumacher-misc-" - version - ".tar.bz2")) - (sha256 - (base32 - "0nkym3n48b4v36y4s927bbkjnsmicajarnf6vlp7wxp0as304i74")))) + (source (xorg-font-origin + name version + "0nkym3n48b4v36y4s927bbkjnsmicajarnf6vlp7wxp0as304i74")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -810,16 +736,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-screen-cyrillic") (version "1.0.4") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-screen-cyrillic-" - version - ".tar.bz2")) - (sha256 - (base32 - "0yayf1qlv7irf58nngddz2f1q04qkpr5jwp4aja2j5gyvzl32hl2")))) + (source (xorg-font-origin + name version + "0yayf1qlv7irf58nngddz2f1q04qkpr5jwp4aja2j5gyvzl32hl2")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -836,16 +755,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-sony-misc") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-sony-misc-" - version - ".tar.bz2")) - (sha256 - (base32 - "1xfgcx4gsgik5mkgkca31fj3w72jw9iw76qyrajrsz1lp8ka6hr0")))) + (source (xorg-font-origin + name version + "1xfgcx4gsgik5mkgkca31fj3w72jw9iw76qyrajrsz1lp8ka6hr0")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -862,16 +774,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-sun-misc") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-sun-misc-" - version - ".tar.bz2")) - (sha256 - (base32 - "1q6jcqrffg9q5f5raivzwx9ffvf7r11g6g0b125na1bhpz5ly7s8")))) + (source (xorg-font-origin + name version + "1q6jcqrffg9q5f5raivzwx9ffvf7r11g6g0b125na1bhpz5ly7s8")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -911,16 +816,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-winitzki-cyrillic") (version "1.0.3") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-winitzki-cyrillic-" - version - ".tar.bz2")) - (sha256 - (base32 - "181n1bgq8vxfxqicmy1jpm1hnr6gwn1kdhl6hr4frjigs1ikpldb")))) + (source (xorg-font-origin + name version + "181n1bgq8vxfxqicmy1jpm1hnr6gwn1kdhl6hr4frjigs1ikpldb")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) @@ -937,16 +835,9 @@ For example: '6x10', '9x15bold', etc.") (package (name "font-xfree86-type1") (version "1.0.4") - (source - (origin - (method url-fetch) - (uri (string-append - "mirror://xorg/individual/font/font-xfree86-type1-" - version - ".tar.bz2")) - (sha256 - (base32 - "0jp3zc0qfdaqfkgzrb44vi9vi0a8ygb35wp082yz7rvvxhmg9sya")))) + (source (xorg-font-origin + name version + "0jp3zc0qfdaqfkgzrb44vi9vi0a8ygb35wp082yz7rvvxhmg9sya")) (build-system gnu-build-system) (inputs `(("mkfontdir" ,mkfontdir) diff --git a/gnu/services/vpn.scm b/gnu/services/vpn.scm new file mode 100644 index 0000000000..c21995453e --- /dev/null +++ b/gnu/services/vpn.scm @@ -0,0 +1,491 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu services vpn) + #:use-module (gnu services) + #:use-module (gnu services configuration) + #:use-module (gnu services shepherd) + #:use-module (gnu system shadow) + #:use-module (gnu packages admin) + #:use-module (gnu packages vpn) + #:use-module (guix packages) + #:use-module (guix records) + #:use-module (guix gexp) + #:use-module (srfi srfi-1) + #:use-module (ice-9 match) + #:use-module (ice-9 regex) + #:export (openvpn-client-service + openvpn-server-service + openvpn-client-service-type + openvpn-server-service-type + openvpn-client-configuration + openvpn-server-configuration + openvpn-remote-configuration + openvpn-ccd-configuration + generate-openvpn-client-documentation + generate-openvpn-server-documentation)) + +;;; +;;; OpenVPN. +;;; + +(define (uglify-field-name name) + (match name + ('verbosity "verb") + (_ (let ((str (symbol->string name))) + (if (string-suffix? "?" str) + (substring str 0 (1- (string-length str))) + str))))) + +(define (serialize-field field-name val) + (if (eq? field-name 'pid-file) + (format #t "") + (format #t "~a ~a\n" (uglify-field-name field-name) val))) +(define serialize-string serialize-field) +(define (serialize-boolean field-name val) + (if val + (serialize-field field-name val) + (format #t ""))) + +(define (ip-mask? val) + (and (string? val) + (if (string-match "^([0-9]+\\.){3}[0-9]+ ([0-9]+\\.){3}[0-9]+$" val) + (let ((numbers (string-tokenize val char-set:digit))) + (all-lte numbers (list 255 255 255 255 255 255 255 255))) + #f))) +(define serialize-ip-mask serialize-string) + +(define-syntax define-enumerated-field-type + (lambda (x) + (define (id-append ctx . parts) + (datum->syntax ctx (apply symbol-append (map syntax->datum parts)))) + (syntax-case x () + ((_ name (option ...)) + #`(begin + (define (#,(id-append #'name #'name #'?) x) + (memq x '(option ...))) + (define (#,(id-append #'name #'serialize- #'name) field-name val) + (serialize-field field-name val))))))) + +(define-enumerated-field-type proto + (udp tcp udp6 tcp6)) +(define-enumerated-field-type dev + (tun tap)) + +(define key-usage? boolean?) +(define (serialize-key-usage field-name value) + (if value + (format #t "remote-cert-tls server\n") + #f)) + +(define bind? boolean?) +(define (serialize-bind field-name value) + (if value + #f + (format #t "nobind\n"))) + +(define resolv-retry? boolean?) +(define (serialize-resolv-retry field-name value) + (if value + (format #t "resolv-retry infinite\n") + #f)) + +(define (serialize-tls-auth role location) + (serialize-field 'tls-auth + (string-append location " " (match role + ('server "0") + ('client "1"))))) +(define (tls-auth? val) + (or (eq? val #f) + (string? val))) +(define (serialize-tls-auth-server field-name val) + (serialize-tls-auth 'server val)) +(define (serialize-tls-auth-client field-name val) + (serialize-tls-auth 'client val)) +(define tls-auth-server? tls-auth?) +(define tls-auth-client? tls-auth?) + +(define (serialize-number field-name val) + (serialize-field field-name (number->string val))) + +(define (all-lte left right) + (if (eq? left '()) + (eq? right '()) + (and (<= (string->number (car left)) (car right)) + (all-lte (cdr left) (cdr right))))) + +(define (cidr4? val) + (if (string? val) + (if (string-match "^([0-9]+\\.){3}[0-9]+/[0-9]+$" val) + (let ((numbers (string-tokenize val char-set:digit))) + (all-lte numbers (list 255 255 255 255 32))) + #f) + (eq? val #f))) + +(define (cidr6? val) + (if (string? val) + (string-match "^([0-9a-f]{0,4}:){0,8}/[0-9]{1,3}$" val) + (eq? val #f))) + +(define (serialize-cidr4 field-name val) + (if (eq? val #f) #f (serialize-field field-name val))) + +(define (serialize-cidr6 field-name val) + (if (eq? val #f) #f (serialize-field field-name val))) + +(define (ip? val) + (if (string? val) + (if (string-match "^([0-9]+\\.){3}[0-9]+$" val) + (let ((numbers (string-tokenize val char-set:digit))) + (all-lte numbers (list 255 255 255 255))) + #f) + (eq? val #f))) +(define (serialize-ip field-name val) + (if (eq? val #f) #f (serialize-field field-name val))) + +(define (keepalive? val) + (and (list? val) + (and (number? (car val)) + (number? (car (cdr val)))))) +(define (serialize-keepalive field-name val) + (format #t "~a ~a ~a\n" (uglify-field-name field-name) + (number->string (car val)) (number->string (car (cdr val))))) + +(define gateway? boolean?) +(define (serialize-gateway field-name val) + (and val + (format #t "push \"redirect-gateway\"\n"))) + + +(define-configuration openvpn-remote-configuration + (name + (string "my-server") + "Server name.") + (port + (number 1194) + "Port number the server listens to.")) + +(define-configuration openvpn-ccd-configuration + (name + (string "client") + "Client name.") + (iroute + (ip-mask #f) + "Client own network") + (ifconfig-push + (ip-mask #f) + "Client VPN IP.")) + +(define (openvpn-remote-list? val) + (and (list? val) + (or (eq? val '()) + (and (openvpn-remote-configuration? (car val)) + (openvpn-remote-list? (cdr val)))))) +(define (serialize-openvpn-remote-list field-name val) + (for-each (lambda (remote) + (format #t "remote ~a ~a\n" (openvpn-remote-configuration-name remote) + (number->string (openvpn-remote-configuration-port remote)))) + val)) + +(define (openvpn-ccd-list? val) + (and (list? val) + (or (eq? val '()) + (and (openvpn-ccd-configuration? (car val)) + (openvpn-ccd-list? (cdr val)))))) +(define (serialize-openvpn-ccd-list field-name val) + #f) + +(define (create-ccd-directory val) + "Create a ccd directory containing files for the ccd configuration option +of OpenVPN. Each file in this directory represents particular settings for a +client. Each file is named after the name of the client." + (let ((files (map (lambda (ccd) + (list (openvpn-ccd-configuration-name ccd) + (with-output-to-string + (lambda () + (serialize-configuration + ccd openvpn-ccd-configuration-fields))))) + val))) + (computed-file "ccd" + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (use-modules (ice-9 match)) + (mkdir-p #$output) + (for-each + (lambda (ccd) + (match ccd + ((name config-string) + (call-with-output-file + (string-append #$output "/" name) + (lambda (port) (display config-string port)))))) + '#$files)))))) + +(define-syntax define-split-configuration + (lambda (x) + (syntax-case x () + ((_ name1 name2 (common-option ...) (first-option ...) (second-option ...)) + #`(begin + (define-configuration #,#'name1 + common-option ... + first-option ...) + (define-configuration #,#'name2 + common-option ... + second-option ...)))))) + +(define-split-configuration openvpn-client-configuration + openvpn-server-configuration + ((openvpn + (package openvpn) + "The OpenVPN package.") + + (pid-file + (string "/var/run/openvpn/openvpn.pid") + "The OpenVPN pid file.") + + (proto + (proto 'udp) + "The protocol (UDP or TCP) used to open a channel between clients and +servers.") + + (dev + (dev 'tun) + "The device type used to represent the VPN connection.") + + (ca + (string "/etc/openvpn/ca.crt") + "The certificate authority to check connections against.") + + (cert + (string "/etc/openvpn/client.crt") + "The certificate of the machine the daemon is running on. It should be signed +by the authority given in @code{ca}.") + + (key + (string "/etc/openvpn/client.key") + "The key of the machine the daemon is running on. It must be the whose +certificate is @code{cert}.") + + (comp-lzo? + (boolean #t) + "Whether to use the lzo compression algorithm.") + + (persist-key? + (boolean #t) + "Don't re-read key files across SIGUSR1 or --ping-restart.") + + (persist-tun? + (boolean #t) + "Don't close and reopen TUN/TAP device or run up/down scripts across +SIGUSR1 or --ping-restart restarts.") + + (verbosity + (number 3) + "Verbosity level.")) + ;; client-specific configuration + ((tls-auth + (tls-auth-client #f) + "Add an additional layer of HMAC authentication on top of the TLS control +channel to protect against DoS attacks.") + + (verify-key-usage? + (key-usage #t) + "Whether to check the server certificate has server usage extension.") + + (bind? + (bind #f) + "Bind to a specific local port number.") + + (resolv-retry? + (resolv-retry #t) + "Retry resolving server address.") + + (remote + (openvpn-remote-list '()) + "A list of remote servers to connect to.")) + ;; server-specific configuration + ((tls-auth + (tls-auth-server #f) + "Add an additional layer of HMAC authentication on top of the TLS control +channel to protect against DoS attacks.") + + (port + (number 1194) + "Specifies the port number on which the server listens.") + + (server + (ip-mask "10.8.0.0 255.255.255.0") + "An ip and mask specifying the subnet inside the virtual network.") + + (server-ipv6 + (cidr6 #f) + "A CIDR notation specifying the IPv6 subnet inside the virtual network.") + + (dh + (string "/etc/openvpn/dh2048.pem") + "The Diffie-Hellman parameters file.") + + (ifconfig-pool-persist + (string "/etc/openvpn/ipp.txt") + "The file that records client IPs.") + + (redirect-gateway? + (gateway #f) + "When true, the server will act as a gateway for its clients.") + + (client-to-client? + (boolean #f) + "When true, clients are alowed to talk to each other inside the VPN.") + + (keepalive + (keepalive '(10 120)) + "Causes ping-like messages to be sent back and forth over the link so that +each side knows when the other side has gone down. @code{keepalive} requires +a pair. The first element is the period of the ping sending, and the second +element is the timeout before considering the other side down.") + + (max-clients + (number 100) + "The maximum number of clients.") + + (status + (string "/var/run/openvpn/status") + "The status file. This file shows a small report on current connection. It +is trunkated and rewritten every minute.") + + (client-config-dir + (openvpn-ccd-list '()) + "The list of configuration for some clients."))) + +(define (openvpn-config-file role config) + (let ((config-str + (with-output-to-string + (lambda () + (serialize-configuration config + (match role + ('server + openvpn-server-configuration-fields) + ('client + openvpn-client-configuration-fields)))))) + (ccd-dir (match role + ('server (create-ccd-directory + (openvpn-server-configuration-client-config-dir + config))) + ('client #f)))) + (computed-file "openvpn.conf" + #~(begin + (use-modules (ice-9 match)) + (call-with-output-file #$output + (lambda (port) + (match '#$role + ('server (display "" port)) + ('client (display "client\n" port))) + (display #$config-str port) + (match '#$role + ('server (display + (string-append "client-config-dir " + #$ccd-dir "\n") port)) + ('client (display "" port))))))))) + +(define (openvpn-shepherd-service role) + (lambda (config) + (let* ((config-file (openvpn-config-file role config)) + (pid-file ((match role + ('server openvpn-server-configuration-pid-file) + ('client openvpn-client-configuration-pid-file)) + config)) + (openvpn ((match role + ('server openvpn-server-configuration-openvpn) + ('client openvpn-client-configuration-openvpn)) + config)) + (log-file (match role + ('server "/var/log/openvpn-server.log") + ('client "/var/log/openvpn-client.log")))) + (list (shepherd-service + (documentation (string-append "Run the OpenVPN " + (match role + ('server "server") + ('client "client")) + " daemon.")) + (provision (match role + ('server '(vpn-server)) + ('client '(vpn-client)))) + (requirement '(networking)) + (start #~(make-forkexec-constructor + (list (string-append #$openvpn "/sbin/openvpn") + "--writepid" #$pid-file "--config" #$config-file + "--daemon") + #:pid-file #$pid-file)) + (stop #~(make-kill-destructor))))))) + +(define %openvpn-accounts + (list (user-group (name "openvpn") (system? #t)) + (user-account + (name "openvpn") + (group "openvpn") + (system? #t) + (comment "Openvpn daemon user") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))) + +(define %openvpn-activation + #~(mkdir-p "/var/run/openvpn")) + +(define openvpn-server-service-type + (service-type (name 'openvpn-server) + (extensions + (list (service-extension shepherd-root-service-type + (openvpn-shepherd-service 'server)) + (service-extension account-service-type + (const %openvpn-accounts)) + (service-extension activation-service-type + (const %openvpn-activation)))))) + +(define openvpn-client-service-type + (service-type (name 'openvpn-client) + (extensions + (list (service-extension shepherd-root-service-type + (openvpn-shepherd-service 'client)) + (service-extension account-service-type + (const %openvpn-accounts)) + (service-extension activation-service-type + (const %openvpn-activation)))))) + +(define* (openvpn-client-service #:key (config (openvpn-client-configuration))) + (validate-configuration config openvpn-client-configuration-fields) + (service openvpn-client-service-type config)) + +(define* (openvpn-server-service #:key (config (openvpn-server-configuration))) + (validate-configuration config openvpn-server-configuration-fields) + (service openvpn-server-service-type config)) + +(define (generate-openvpn-server-documentation) + (generate-documentation + `((openvpn-server-configuration + ,openvpn-server-configuration-fields + (ccd openvpn-ccd-configuration)) + (openvpn-ccd-configuration ,openvpn-ccd-configuration-fields)) + 'openvpn-server-configuration)) + +(define (generate-openvpn-client-documentation) + (generate-documentation + `((openvpn-client-configuration + ,openvpn-client-configuration-fields + (remote openvpn-remote-configuration)) + (openvpn-remote-configuration ,openvpn-remote-configuration-fields)) + 'openvpn-client-configuration)) |