Merge remote-tracking branch 'nixpkgs/master' into staging-next

Conflicts:
	pkgs/development/python-modules/libusb1/default.nix
This commit is contained in:
Alyssa Ross 2021-10-17 20:00:39 +00:00
commit a3159ef498
No known key found for this signature in database
GPG key ID: F9DBED4859B271C0
9 changed files with 141 additions and 9 deletions

View file

@ -10507,6 +10507,13 @@
githubId = 4477729;
name = "Sergey Mironov";
};
smitop = {
name = "Smitty van Bodegom";
email = "me@smitop.com";
matrix = "@smitop:kde.org";
github = "Smittyvb";
githubId = 10530973;
};
sna = {
email = "abouzahra.9@wright.edu";
github = "s-na";

View file

@ -15,15 +15,15 @@
rustPlatform.buildRustPackage rec {
pname = "meli";
version = "alpha-0.7.1";
version = "alpha-0.7.2";
src = fetchgit {
url = "https://git.meli.delivery/meli/meli.git";
rev = version;
sha256 = "00iai2z5zydx9bw0ii0n6d7zwm5rrkj03b4ymic0ybwjahqzvyfq";
sha256 = "sha256-cbigEJhX6vL+gHa40cxplmPsDhsqujkzQxe0Dr6+SK0=";
};
cargoSha256 = "1r54a51j91iv0ziasjygzw30vqqvqibcnwnkih5xv0ijbaly61n0";
cargoSha256 = "sha256-ZE653OtXyZ9454bKPApmuL2kVko/hGBWEAya1L1KIoc=";
cargoBuildFlags = lib.optional withNotmuch "--features=notmuch";

View file

@ -19,12 +19,15 @@ stdenv.mkDerivation rec {
'';
configureFlags = [
"--cc=cc"
"--cc=$CC"
"--ar=$AR"
"--crtprefix=${lib.getLib stdenv.cc.libc}/lib"
"--sysincludepaths=${lib.getDev stdenv.cc.libc}/include:{B}/include"
"--libpaths=${lib.getLib stdenv.cc.libc}/lib"
# build cross compilers
"--enable-cross"
] ++ lib.optionals stdenv.hostPlatform.isMusl [
"--config-musl"
];
preConfigure = ''

View file

@ -0,0 +1,53 @@
Based on upstream https://github.com/openbsd/src/commit/62ceddea5b1d64a1a362bbb7071d9e15adcde6b1
with paths switched to apply to libressl-portable and CVS header
hunk removed.
--- a/crypto/x509/x509_constraints.c
+++ b/crypto/x509/x509_constraints.c
@@ -339,16 +339,16 @@
if (c == '.')
goto bad;
}
- if (wi > DOMAIN_PART_MAX_LEN)
- goto bad;
if (accept) {
+ if (wi >= DOMAIN_PART_MAX_LEN)
+ goto bad;
working[wi++] = c;
accept = 0;
continue;
}
if (candidate_local != NULL) {
/* We are looking for the domain part */
- if (wi > DOMAIN_PART_MAX_LEN)
+ if (wi >= DOMAIN_PART_MAX_LEN)
goto bad;
working[wi++] = c;
if (i == len - 1) {
@@ -363,7 +363,7 @@
continue;
}
/* We are looking for the local part */
- if (wi > LOCAL_PART_MAX_LEN)
+ if (wi >= LOCAL_PART_MAX_LEN)
break;
if (quoted) {
@@ -383,6 +383,8 @@
*/
if (c == 9)
goto bad;
+ if (wi >= LOCAL_PART_MAX_LEN)
+ goto bad;
working[wi++] = c;
continue; /* all's good inside our quoted string */
}
@@ -412,6 +414,8 @@
}
if (!local_part_ok(c))
goto bad;
+ if (wi >= LOCAL_PART_MAX_LEN)
+ goto bad;
working[wi++] = c;
}
if (candidate_local == NULL || candidate_domain == NULL)

View file

@ -1,8 +1,16 @@
{ stdenv, fetchurl, lib, cmake, cacert, fetchpatch
{ stdenv
, fetchurl
, lib
, cmake
, cacert
, fetchpatch
, buildShared ? !stdenv.hostPlatform.isStatic
}:
let
ldLibPathEnvName = if stdenv.isDarwin
then "DYLD_LIBRARY_PATH"
else "LD_LIBRARY_PATH";
generic = { version, sha256, patches ? [] }: stdenv.mkDerivation rec {
pname = "libressl";
@ -42,6 +50,15 @@ let
substituteInPlace ./tls/tls_config.c --replace '"/etc/ssl/cert.pem"' '"${cacert}/etc/ssl/certs/ca-bundle.crt"'
'';
doCheck = true;
preCheck = ''
export PREVIOUS_${ldLibPathEnvName}=$${ldLibPathEnvName}
export ${ldLibPathEnvName}="$${ldLibPathEnvName}:$(realpath tls/):$(realpath ssl/):$(realpath crypto/)"
'';
postCheck = ''
export ${ldLibPathEnvName}=$PREVIOUS_${ldLibPathEnvName}
'';
outputs = [ "bin" "dev" "out" "man" "nc" ];
postFixup = ''
@ -66,5 +83,15 @@ in {
libressl_3_2 = generic {
version = "3.2.5";
sha256 = "1zkwrs3b19s1ybz4q9hrb7pqsbsi8vxcs44qanfy11fkc7ynb2kr";
patches = [
./CVE-2021-41581.patch
];
};
libressl_3_4 = generic {
version = "3.4.0";
sha256 = "1lhn76nd59p1dfd27b4636zj6wh3f5xsi8b3sxqnl820imsswbp5";
patches = [
./CVE-2021-41581.patch
];
};
}

View file

@ -0,0 +1,38 @@
{ lib
, mkDerivation
, fetchFromGitHub
, cmake
, libpthreadstubs
, qtbase
}:
mkDerivation rec {
pname = "qcoro";
version = "0.3.0";
src = fetchFromGitHub {
owner = "danvratil";
repo = "qcoro";
rev = "v${version}";
sha256 = "09543hpy590dndmlxmcm8c58m97blhaii4wbjr655qxdanhhxgzi";
};
outputs = [ "out" "dev" ];
nativeBuildInputs = [
cmake
];
buildInputs = [
qtbase
libpthreadstubs
];
meta = with lib; {
description = "Library for using C++20 coroutines in connection with certain asynchronous Qt actions";
homepage = "https://github.com/danvratil/qcoro";
license = licenses.mit;
maintainers = with maintainers; [ smitop ];
platforms = platforms.linux;
};
}

View file

@ -2,11 +2,11 @@
buildPythonPackage rec {
pname = "libusb1";
version = "1.10.1";
version = "2.0.1";
src = fetchPypi {
inherit pname version;
sha256 = "8d70e5ef11a9facf304e696cc1d571c526bd9e02a8710a045b3b2567db7a54e0";
sha256 = "d3ba82ecf7ab6a48d21dac6697e26504670cc3522b8e5941bd28fb56cf3f6c46";
};
postPatch = ''

View file

@ -18686,11 +18686,12 @@ with pkgs;
openvdb = callPackage ../development/libraries/openvdb {};
inherit (callPackages ../development/libraries/libressl { })
libressl_3_2;
libressl_3_2
libressl_3_4;
# Please keep this pointed to the latest version. See also
# https://discourse.nixos.org/t/nixpkgs-policy-regarding-libraries-available-in-multiple-versions/7026/2
libressl = libressl_3_2;
libressl = libressl_3_4;
boringssl = callPackage ../development/libraries/boringssl { };
@ -32749,6 +32750,7 @@ with pkgs;
wasm-pack = callPackage ../development/tools/wasm-pack {
inherit (darwin.apple_sdk.frameworks) Security;
libressl = libressl_3_2;
};
wavegain = callPackage ../applications/audio/wavegain { };

View file

@ -174,6 +174,8 @@ in (kdeFrameworks // plasmaMobileGear // plasma5 // plasma5.thirdParty // kdeGea
qca-qt5 = callPackage ../development/libraries/qca-qt5 { };
qcoro = callPackage ../development/libraries/qcoro { };
qcsxcad = callPackage ../development/libraries/science/electronics/qcsxcad { };
qmltermwidget = callPackage ../development/libraries/qmltermwidget {