Commit graph

1279 commits

Author SHA1 Message Date
Joachim Fasting
3cd189c3bc
tor: 0.3.0.6 -> 0.3.0.7
Contains a fix for TROVE-2017-002, a remotely triggered crashing bug
affecting tor relays (clients & releases pre 0.3.0 unaffected).
2017-05-16 11:14:14 +02:00
Jörg Thalheim
cf726bc31a
metasploit: 3.3.1 -> 4.14.17
use bundler env now

fixes #8870
2017-05-15 21:44:00 +01:00
Tuomas Tynkkynen
e1805301af afl: 2.35b -> 2.41b 2017-05-14 04:15:24 +03:00
Ronny Pfannschmidt
9587d3591e remove myself from maintainers/enpass (#25625)
as i am no longer using nixos
2017-05-08 22:03:23 +01:00
Frederik Rietdijk
ef4442e827 Python: replace requests2 with requests tree-wide
See f63eb58573

The `requests2` attribute now throws an error informing that `requests`
should be used instead.
2017-05-07 12:56:09 +02:00
Victor Calvert
9bc0b12c68 pass: 1.7 -> 1.7.1 2017-05-05 16:09:03 -04:00
Aneesh Agrawal
ded7953478 treewide: meta.platform -> meta.platforms 2017-05-02 19:32:02 -04:00
Michael Raskin
4d2f7b63e0 Merge pull request #24803 from pajowu/master
browserpass: init at 1.0.2
2017-05-01 11:27:17 +02:00
Michael Raskin
1a380c094f Remove empty longDescription 2017-05-01 11:27:03 +02:00
Michael Raskin
d5ec7bc748 Merge pull request #23697 from sargon/master
sshguard + service: init at 2.0.0
2017-04-30 21:43:12 +02:00
Michael Raskin
b3d1050cf2 Merge pull request #22438 from rnhmjoj/masscan
masscan: init at 2016-11-03
2017-04-30 18:40:58 +02:00
Joachim Fasting
7301bf8581
tor: 0.2.9.10 -> 0.3.0.6
First stable release in the 0.3 series.

https://blog.torproject.org/blog/tor-0306-released-new-series-stable
2017-04-27 19:26:59 +02:00
pajowu
b4caf7a11e browserpass: add support for firefox 2017-04-22 15:13:02 +02:00
obadz
c4fecfb1ec ecryptfs-helper: fix makeWrapper use after 7ff6eec5 2017-04-21 21:25:30 +01:00
Kai
91d2dc00bb nitrokey-app: 0.5.1 -> 0.6.3 (#24219)
* nitrokey-app: 0.5.1 -> 0.6.3

* Fix (native)buildInputs and refactor
2017-04-14 15:34:36 -05:00
Daiderd Jordan
4a913ecfd3 Merge pull request #24797 from nixy/pass/coreutils-sb-patch
pass: fix clipboard functionality for darwin
2017-04-13 19:26:50 +02:00
Daniel Peebles
f21a6940da Merge pull request #24838 from matthewbauer/ibtool
pinentry_mac: use xcbuild
2017-04-12 22:20:57 -04:00
Matthew Bauer
4672fe6998
pinentry_mac: use precompiled .nib's
sadly, xib2nib hasn't been working like i though. I've just
precompiled into our modified pinentry_mac. Eventually we can get this
fixed but it's not as easy as first thought.
2017-04-12 20:03:29 -05:00
Matthew Bauer
457570f61a
pinentry_mac: switch to pure version
Fixes #24734
2017-04-12 02:59:54 -05:00
pajowu
11913f2ce1 browserpass: change naming scheme 2017-04-11 17:32:33 +02:00
pajowu
b70077f551 browserpass: switch build source to git HEAD
Precompiled version only supports linux64, git version should also support darwin
2017-04-10 23:45:41 +02:00
pajowu
857a3b872c browserpass: init at 1.0.2 2017-04-10 20:06:53 +02:00
Andrew R. M
785f6ce5d6 pass: Fix clipboard functionality
Add the patch that was removed that allows pass's clip() function to
work with single binary coreutils. This version of the patch is also
applied to darwin.sh, so this should fix the clipboard functionality in
darwin as well.
2017-04-10 10:31:00 -04:00
Matthew Bauer
38fa991064
pinentry_mac: use xcbuild 2017-04-09 04:24:16 -05:00
Lancelot SIX
637770f699 gnupg21: 2.1.19 -> 2.1.20
See http://lists.gnu.org/archive/html/info-gnu/2017-04/msg00002.html
for release information
2017-04-05 15:24:05 +02:00
Eelco Dolstra
e410c78cd5
gnupg: Give the 1compat package a higher priority
This resolves collision warnings with the regular gnupg packages.
2017-04-04 16:40:06 +02:00
rnhmjoj
2e1ccaa319
masscan: init at 2017-02-04 2017-04-01 19:05:10 +02:00
Michael Weiss
c9ecc70880 gnupg*: Improve the meta set
And use version from gnupg21 for gnupg1compat.
2017-03-28 22:19:12 +02:00
Michael Weiss
02e469fa04 signing-party: Add 4 missing man pages + dep fix
The manual pages for the following 4 tools where still missing:
- gpgsigs
- keyanalyze
- pgpring
- process_keys

The gpgdir script needs the gpg binary.

The 19 tools are licensed under various licenses.
2017-03-28 22:09:55 +02:00
Vladimír Čunát
96d41e393d
treewide: purge maintainers.urkud
It's sad, but he's been inactive for the last five years.
Keeping such people in meta.maintainers is counter-productive.
2017-03-27 19:52:29 +02:00
Michael Weiss
ef8c0d1388 signing-party: Fix deps and include all tools
Additional tools:
- gpg-key2latex
- gpgdir
- gpgwrap

This module is really hacky and the dependencies are very messy... :o

However I tried my best at testing all 19 individual tools and they
should (hopefully) all work now (apart from sendmail which can be
provided by multiple packages) :)

The code is very redundant (sorry) but imho it's easier to read and
maintain it that way.

TODO: There are some additional manual pages that could be included (I'm
too exhausted for that atm...). And there might be a lot of stuff that
could be improved in the future.
2017-03-26 21:12:45 +02:00
Daniel Ehlers
20a5b5bead sshguard: new package 2017-03-26 14:46:22 +02:00
Joachim Fasting
ecd0e1a2c7
torbrowser: reduce risk of stale Nix store references
This patch restructures the expression and wrapper to minimize Nix store
references captured by the user's state directory.

The previous version would write lots of references to the Nix store into
the user's state directory, resulting in synchronization issues between
the Store and the local state directory.  At best, this would cause TBB to
stop working when the version used to instantiate the local state was
garbage collected; at worst, a user would continue to use the old version
even after an upgrade.

To solve the issue, hard-code as much as possible at the Store side and
minimize the amount of stuff being copied into the local state dir.
Currently, only a few files generated at firefox startup and fontconfig
cache files end up capturing store paths; these files are simply removed
upon every startup.  Otherwise, no capture should occur and the user
should always be using the TBB associated with the tor-browser wrapper
script.

To check for stale Store paths, do
   `grep -Ero '/nix/store/[^/]+' ~/.local/share/tor-browser`
This command should *never* return any other store path than the one
associated with the current tor-browser wrapper script, even after an
update (assuming you've run tor-browser at least once after updating).
Deviations from this general rule are considered bugs from now on.

Note that no attempt has been made to support pluggable transports; they
are still broken with this patch (to be fixed in a follow-up patch).

User visible changes:
- Wrapper retains only environment variables required for TBB to work
- pulseaudioSupport can be toggled independently of mediaSupport (the
  latter weakly implies the former).
- Store local state under $TBB_HOME.  Defaults to $XDG_DATA_HOME/tor-browser
- Stop obnoxious first-run stuff (NoScript redirect, in particular)
- Set desktop item GenericName to Web Browser

Some minor enhancements:
- Disable Hydra builds
- Specify system -> source mapping to make it easier to
  extend supported platforms.
2017-03-25 15:59:18 +01:00
Frederik Rietdijk
f4a1eab239 Merge pull request #23863 from plumps/add-vulnix
vulnix: init at 1.2.2
2017-03-24 11:12:50 +01:00
Jörg Thalheim
70322d8b87 pythonPackages.BTrees: 4.1.4 -> 4.3.1 2017-03-24 10:44:34 +01:00
Michael Weiss
4e29638323 Revert "gpgme: Drop multiple outputs (dev and info)"
This reverts commit 872770286d.

This will fix fwknop as well (should have done it like this in the first
place, where was my mind...).

Conclusion: Did something stupid... :o - I am *so incredibly sorry*,
will be way more careful (was already careful, but apparently not
enought...) next time and use nox.

Sorry @everyone and thanks @calvertvl for noticing this.
2017-03-21 23:57:57 +01:00
Michael Weiss
b27652148a fwknop: init at 2.6.9
fwknop stands for the "FireWall KNock OPerator", and implements an
authorization scheme called Single Packet Authorization (SPA).
2017-03-21 22:43:00 +01:00
Michael Raskin
89f62be345 Merge pull request #23715 from risicle/moz-sops
Add Mozilla sops package
2017-03-18 19:18:06 +01:00
Vladimír Čunát
742b120ddc
Merge branch 'master' into staging
Nontrivial rebuilds from master, again :-/
2017-03-18 11:00:31 +01:00
Peter Hoeg
bf5dc90f30 keybase: 20170209 -> 1.0.20 2017-03-16 10:01:57 +08:00
Maksim Bronsky
97f26ee39a initial release: vulnix 2017-03-15 15:09:19 +01:00
Tuomas Tynkkynen
aba0b45b86 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
      pkgs/development/libraries/qt-5/5.7/qtbase/default.nix
2017-03-14 00:49:22 +02:00
Daiderd Jordan
798623fd2b Merge pull request #23653 from LnL7/darwin-crunch
crunch: enable darwin build
2017-03-10 22:01:41 +01:00
Robert Scott
b3fadc9085 sops: init at version 2.0.8 2017-03-10 15:41:57 +00:00
Tuomas Tynkkynen
e7ce27f9ce john: Disable parallel build
http://hydra.nixos.org/build/49940032/nixlog/1/raw
2017-03-10 01:48:53 +02:00
Vladimír Čunát
ed4a79c65e
Merge branch 'master' into staging
... to fix an evaluation problem in dogecoin.
2017-03-09 23:14:19 +01:00
Jörg Thalheim
a1d6e74ef4 Merge pull request #23351 from ndowens/tpm-quote-tools
tpm-quote-tools: 1.0.2 -> 1.0.3
2017-03-09 10:34:01 +01:00
Daiderd Jordan
d5ef0daf7c
crunch: enable darwin build 2017-03-09 00:46:13 +01:00
Joachim Fasting
74f8e0fd7a
torbrowser: 6.5 -> 6.5.1 2017-03-08 20:08:46 +01:00
Vladimír Čunát
b86b7c04a3
Merge branch 'master' into staging 2017-03-07 21:59:32 +01:00
Michiel Leenaars
1522496288 softhsm: 2.1.0 -> 2.2.0 2017-03-07 11:43:46 +01:00
Graham Christensen
33b738be44 Merge pull request #23386 from lsix/update_gnupg21
gnupg21: 2.1.18 -> 2.1.19
2017-03-06 09:03:18 -05:00
Benno Fünfstück
c0bfcdf3a6 opensc: remove obsolete DESTDIR patch
This patch was actively causing harm, because it lead to a "double prefix"
issue where the etc files were installed into $out/$out/etc instead of just
$out/etc.
2017-03-05 23:36:35 +01:00
Michiel Leenaars
b5bb83b273
sha1collisiondetection: init at 1.0.1
Closes https://github.com/NixOS/nixpkgs/pull/23114
2017-03-05 18:59:28 +01:00
ndowens
40fb61392c tpm-quote-tools: 1.0.2 -> 1.0.3
tpm-quote-tools: Fixed library issue
2017-03-02 17:53:26 -06:00
Joachim Fasting
c44a41c73f
tor: split out geoip data
Saves about 5.2 MiB.

To use geoip, add something like
```
GeoIPFile ${tor.geoip}/share/tor/geoip
GeoIPv6File ${tor.geoip}/share/tor/geoip6
```
to torrc
2017-03-02 12:40:33 +01:00
Lancelot SIX
ade2357c65
gnupg21: 2.1.18 -> 2.1.19
See http://lists.gnu.org/archive/html/info-gnu/2017-03/msg00000.html
for release information
2017-03-02 10:10:02 +01:00
Joachim Fasting
05054e34c0
tor: 0.2.9.9 -> 0.2.9.10
The 0.2.9 series is now a long-term support release, which will
receive backported security fixes until at least 2020.

tor should now build against libressl, as in
```nix
tor.override { openssl = libressl; }
```

Also re-enable the test-suite; works fine on my end.
2017-03-01 23:56:34 +01:00
Joachim Fasting
56ae1e25af
rhash: sha1 -> sha256 2017-03-01 00:28:25 +01:00
Jörg Thalheim
be23e983ae
haka: replace sha1 with sha256 2017-02-28 18:03:23 +01:00
Thomas Tuegel
b31a63d2e5
pinentry_qt5: build with C++11 for Qt 5.7 2017-02-28 05:59:45 -06:00
Bjørn Forsman
3d104ab2b3 gst-plugins-base: align attrname with pkgname 2017-02-27 12:16:26 +01:00
Bjørn Forsman
0591cd607b gst-plugins-good: align attrname with pkgname 2017-02-27 12:16:26 +01:00
Bjørn Forsman
4b2c7fe3d1 gst-ffmpeg: align attrname with pkgname 2017-02-27 12:16:26 +01:00
Franz Pletz
9dbeca2240
pass: refactor, fix completions install
cc #23223
2017-02-26 20:54:58 +01:00
Franz Pletz
edcbb6da11
pass: 1.6.5 -> 1.7 2017-02-26 19:36:51 +01:00
Thomas Tuegel
dab94220fa
Remove kde4.polkit_kde_agent
- Already updated to KDE 5 in Nixpkgs
- Not useful without the KDE 4 desktop
2017-02-24 16:49:01 -06:00
Thomas Tuegel
2d7f558661
Remove kde4.ksshaskpass
- Already updated to KDE 5 in Nixpkgs
- Not useful without the KDE 4 desktop
2017-02-24 16:49:00 -06:00
Daniel Fullmer
a8c738713b gnupg21: Fix scdaemon for usb smartcards (#22891)
The use of smartcard functionality for yubikeys (and presumably other
usb smartcards) was broken in gnupg 2.1.18.  This has apparently already
been fixed in gnupg master, and debian backports the included patches
for 2.1.18.

See also:
https://bugs.gnupg.org/gnupg/issue2933
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852702
https://github.com/NixOS/nixpkgs/pull/21991
2017-02-20 04:30:01 +01:00
Peter Hoeg
68f01b3b8c Merge pull request #23010 from peterhoeg/f/gpg
gnupg: include systemd user units in output
2017-02-20 08:16:15 +08:00
Peter Hoeg
9ca3caeb09 gnupg: include systemd user units in output 2017-02-20 08:09:44 +08:00
Vladimír Čunát
432dba859e
Merge branch 'staging'
A security update of libxml2 is within.
2017-02-18 08:59:29 +01:00
Bjørn Forsman
73112a6e78 pcsctools: unbreak 'gscriptor' by adding cairo
Fixes this:

  $ gscriptor
  Can't load '/nix/store/17w6hdwbli924v7d43xxxp66qhgqpc24-perl-Pango-1.227/lib/perl5/site_perl/5.22.2/x86_64-linux-thread-multi/auto/Pango/Pango.so' for module Pango: /nix/store/17w6hdwbli924v7d43xxxp66qhgqpc24-perl-Pango-1.227/lib/perl5/site_perl/5.22.2/x86_64-linux-thread-multi/auto/Pango/Pango.so: undefined symbol: cairo_font_type_to_sv at /nix/store/5z1wn7knhckr3a0asb8lzp99sdai09f2-perl-5.22.2/lib/perl5/5.22.2/x86_64-linux-thread-multi/DynaLoader.pm line 193.
   at /nix/store/srdac7af3nz6fb74haa8l8ls9wd9pas0-perl-Gtk2-1.2498/lib/perl5/site_perl/5.22.2/x86_64-linux-thread-multi/Gtk2.pm line 31.
  Compilation failed in require at /nix/store/srdac7af3nz6fb74haa8l8ls9wd9pas0-perl-Gtk2-1.2498/lib/perl5/site_perl/5.22.2/x86_64-linux-thread-multi/Gtk2.pm line 31.
  BEGIN failed--compilation aborted at /nix/store/srdac7af3nz6fb74haa8l8ls9wd9pas0-perl-Gtk2-1.2498/lib/perl5/site_perl/5.22.2/x86_64-linux-thread-multi/Gtk2.pm line 31.
  Compilation failed in require at /nix/store/sgy2xsyvmam09pl25x8gb507gyiz9ybn-pcsc-tools-1.4.25/bin/.gscriptor-wrapped line 28.
  BEGIN failed--compilation aborted at /nix/store/sgy2xsyvmam09pl25x8gb507gyiz9ybn-pcsc-tools-1.4.25/bin/.gscriptor-wrapped line 28.
2017-02-17 17:01:29 +01:00
Brian McKenna
17f566d1e1 keybase-gui: init at 20170209.17b641d
The GUI requires the keybase and kbfs packages to be installed and
running with /keybase as the mount.
2017-02-17 02:44:06 +01:00
Bjarki Ágúst Guðmundsson
8561af2db9 kbfs: 1.0.2 -> 20170209.d1db463 2017-02-17 02:43:52 +01:00
Bjarki Ágúst Guðmundsson
c1fb4ec041 keybase: 1.0.18 -> 20170209.17b641d 2017-02-17 02:43:30 +01:00
Robin Gloster
c505564fc5
yara: 3.4.0 -> 3.5.0 2017-02-17 00:13:15 +01:00
Robin Gloster
395ca86018
tcpcrypt: 0.4 -> 0.5 2017-02-17 00:12:43 +01:00
Robin Gloster
bee26ba6b2
lastpass-cli: 1.0.0 -> 1.1.1 2017-02-17 00:11:49 +01:00
Pradeep Chhetri
3f971d9863 vault: 0.6.4 -> 0.6.5 2017-02-17 01:17:30 +05:30
Robin Gloster
790e5bf4d8
ecryptfs: fix after security wrapper change
The replacements matched to much due to wrapperDir having `/bin` in its
path now.

cc #16654
2017-02-16 11:35:41 +01:00
Eelco Dolstra
314dd9215b Merge pull request #16654 from awakenetworks/parnell/setcap-wrappers
Adding setcap-wrapper functionality to Nix
2017-02-14 16:25:06 +01:00
Bjørn Forsman
30e8d577f1 ccid: 1.4.23 -> 1.4.26 2017-02-14 12:29:25 +01:00
Parnell Springmeyer
9e36a58649
Merging against upstream master 2017-02-13 17:16:28 -06:00
mimadrid
2aad8590d7 sudo: 1.8.19p1 -> 1.8.19p2 2017-02-13 23:43:32 +01:00
Joachim Fasting
2c21f742b2
minisign: 0.6 -> 0.7 2017-02-05 22:57:24 +01:00
Robin Gloster
e3d9f438c3
nmap: 7.31 -> 7.40 2017-02-02 19:33:21 +01:00
Robin Gloster
209d453bfb
fail2ban: 0.9.4 -> 0.9.6 2017-02-02 19:19:28 +01:00
Robin Gloster
51f4e1829c
sslscan: 1.11.7 -> 1.11.8 2017-02-02 18:59:08 +01:00
Daniel Peebles
ff8a21e03c Merge pull request #22348 from nand0p/hologram-module
hologram: 8d86e3f -> d20d1c3
2017-02-02 17:42:07 +01:00
Fernando J Pando
1d85e0bbab hologram: 8d86e3f -> d20d1c3
- Updates dependencies
- Adds configuration module
- Tested on Nixos Unstable
2017-02-02 11:31:42 -05:00
Bjørn Forsman
2bf0fd0f29 Revert "nmap: use python infra's .withPackages"
This reverts commit 278d3050ae because it
breaks zenmap:

$ zenmap
Could not import the zenmapGUI.App module: 'No module named zenmapGUI.App'.
I checked in these directories:
    /nix/store/2hiz11plgjdrk2mziwc2jcxqalqh9hii-nmap-graphical-7.12/bin
    /home/bfo/forks/nixpkgs
    /nix/store/0l4lriqf07qah8c0kh9kcyc8l5iyij16-python-2.7.12/lib/python27.zip
    /nix/store/0l4lriqf07qah8c0kh9kcyc8l5iyij16-python-2.7.12/lib/python2.7
    /nix/store/0l4lriqf07qah8c0kh9kcyc8l5iyij16-python-2.7.12/lib/python2.7/plat-linux2
    /nix/store/0l4lriqf07qah8c0kh9kcyc8l5iyij16-python-2.7.12/lib/python2.7/lib-tk
    /nix/store/0l4lriqf07qah8c0kh9kcyc8l5iyij16-python-2.7.12/lib/python2.7/lib-old
    /nix/store/0l4lriqf07qah8c0kh9kcyc8l5iyij16-python-2.7.12/lib/python2.7/lib-dynload
    /nix/store/0l4lriqf07qah8c0kh9kcyc8l5iyij16-python-2.7.12/lib/python2.7/site-packages
If you installed Zenmap in another directory, you may have to add the
modules directory to the PYTHONPATH environment variable.
2017-02-01 20:39:11 +01:00
Parnell Springmeyer
6777e6f812
Merging with upstream 2017-01-29 05:54:01 -06:00
Parnell Springmeyer
4aa0923009
Getting rid of the var indirection and using a bin path instead 2017-01-29 04:11:01 -06:00
Parnell Springmeyer
e92b8402b0
Addressing PR feedback 2017-01-28 20:48:03 -08:00
Pradeep Chhetri
c0fd124f60 vault: 0.6.3 -> 0.6.4 2017-01-29 01:38:50 +05:30
Joachim Fasting
b18ff7ab82
torbrowser: make additional media playback support optional
This feature might not be appropriate for all users, leave it off by
default.

See 96be6a11a8
2017-01-28 12:27:24 +01:00
Joachim Fasting
4a4bc14260
torbrowser: fix url typo
I used nix-prefetch-url to generate the hashes, so of course this
mistake slipped by ...

Ref: 5bbe54272d
2017-01-26 14:44:33 +01:00
Joachim Fasting
5bbe54272d
torbrowser: 6.0.8 -> 6.5
Updates to firefox-esr 45.7, which fixes several critical
vulnerabilities [1]

[1]: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/
2017-01-26 14:03:50 +01:00
Parnell Springmeyer
a26a796d5c
Merging against master - updating smokingpig, rebase was going to be messy 2017-01-26 02:00:04 -08:00