Merge branch 'master' into staging

This commit is contained in:
Marius Bakke 2019-03-01 17:33:00 +01:00
commit 19464173ba
No known key found for this signature in database
GPG key ID: A2A06DF2A33A54FA
70 changed files with 992 additions and 1813 deletions

View file

@ -144,6 +144,7 @@ MODULES = \
guix/build/download.scm \
guix/build/download-nar.scm \
guix/build/cargo-build-system.scm \
guix/build/cargo-utils.scm \
guix/build/cmake-build-system.scm \
guix/build/dub-build-system.scm \
guix/build/dune-build-system.scm \

View file

@ -12,7 +12,7 @@
# Copyright © 2016, 2017, 2018, 2019 Alex Vong <alexvong1995@gmail.com>
# Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
# Copyright © 2016, 2017 Jan Nieuwenhuizen <janneke@gnu.org>
# Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
# Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
# Copyright © 2017, 2018 Clément Lassieur <clement@lassieur.org>
# Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
# Copyright © 2017, 2018 Gábor Boskovits <boskovits@gmail.com>
@ -296,8 +296,9 @@ GNU_SYSTEM_MODULES = \
%D%/packages/lxqt.scm \
%D%/packages/m4.scm \
%D%/packages/machine-learning.scm \
%D%/packages/man.scm \
%D%/packages/magic-wormhole.scm \
%D%/packages/man.scm \
%D%/packages/mastodon.scm \
%D%/packages/mail.scm \
%D%/packages/make-bootstrap.scm \
%D%/packages/markup.scm \
@ -1061,11 +1062,12 @@ dist_patch_DATA = \
%D%/packages/patches/mumps-build-parallelism.patch \
%D%/packages/patches/mupen64plus-ui-console-notice.patch \
%D%/packages/patches/mupen64plus-video-z64-glew-correct-path.patch \
%D%/packages/patches/musescore-fix-use_webengine.patch \
%D%/packages/patches/mutt-store-references.patch \
%D%/packages/patches/m4-gnulib-libio.patch \
%D%/packages/patches/netcdf-date-time.patch \
%D%/packages/patches/netcdf-tst_h_par.patch \
%D%/packages/patches/netpbm-CVE-2017-2586.patch \
%D%/packages/patches/netpbm-CVE-2017-2587.patch \
%D%/packages/patches/netsurf-message-timestamp.patch \
%D%/packages/patches/netsurf-system-utf8proc.patch \
%D%/packages/patches/netsurf-y2038-tests.patch \
@ -1097,6 +1099,7 @@ dist_patch_DATA = \
%D%/packages/patches/openssl-runpath.patch \
%D%/packages/patches/openssl-1.1-c-rehash-in.patch \
%D%/packages/patches/openssl-c-rehash-in.patch \
%D%/packages/patches/openssl-CVE-2019-1559.patch \
%D%/packages/patches/orpheus-cast-errors-and-includes.patch \
%D%/packages/patches/osip-CVE-2017-7853.patch \
%D%/packages/patches/ots-no-include-missing-file.patch \
@ -1318,7 +1321,6 @@ dist_patch_DATA = \
%D%/packages/patches/wavpack-CVE-2018-7253.patch \
%D%/packages/patches/wavpack-CVE-2018-7254.patch \
%D%/packages/patches/weechat-python.patch \
%D%/packages/patches/wesnoth-newer-boost.patch \
%D%/packages/patches/wicd-bitrate-none-fix.patch \
%D%/packages/patches/wicd-get-selected-profile-fix.patch \
%D%/packages/patches/wicd-urwid-1.3.patch \
@ -1329,12 +1331,6 @@ dist_patch_DATA = \
%D%/packages/patches/wordnet-CVE-2008-2149.patch \
%D%/packages/patches/wordnet-CVE-2008-3908-pt1.patch \
%D%/packages/patches/wordnet-CVE-2008-3908-pt2.patch \
%D%/packages/patches/wpa-supplicant-CVE-2017-13082.patch \
%D%/packages/patches/wpa-supplicant-CVE-2018-14526.patch \
%D%/packages/patches/wpa-supplicant-fix-key-reuse.patch \
%D%/packages/patches/wpa-supplicant-fix-zeroed-keys.patch \
%D%/packages/patches/wpa-supplicant-fix-nonce-reuse.patch \
%D%/packages/patches/wpa-supplicant-krack-followups.patch \
%D%/packages/patches/x265-arm-flags.patch \
%D%/packages/patches/xf86-video-ark-remove-mibstore.patch \
%D%/packages/patches/xf86-video-geode-glibc-2.20.patch \

View file

@ -1070,22 +1070,16 @@ (define-public sudo
(define-public wpa-supplicant-minimal
(package
(name "wpa-supplicant-minimal")
(version "2.6")
(version "2.7")
(source (origin
(method url-fetch)
(uri (string-append
"https://w1.fi/releases/wpa_supplicant-"
version
".tar.gz"))
(patches (search-patches "wpa-supplicant-CVE-2017-13082.patch"
"wpa-supplicant-CVE-2018-14526.patch"
"wpa-supplicant-fix-key-reuse.patch"
"wpa-supplicant-fix-zeroed-keys.patch"
"wpa-supplicant-fix-nonce-reuse.patch"
"wpa-supplicant-krack-followups.patch"))
(sha256
(base32
"0l0l5gz3d5j9bqjsbjlfcv4w4jwndllp9fmyai4x9kg6qhs6v4xl"))))
"0x1hqyahq44jyla8jl6791nnwrgicrhidadikrnqxsm2nw36pskn"))))
(build-system gnu-build-system)
(arguments
'(#:phases

View file

@ -246,7 +246,7 @@ (define-public cmh
(define-public giac-xcas
(package
(name "giac-xcas")
(version "1.5.0-37")
(version "1.5.0-43")
(source (origin
(method url-fetch)
;; "~parisse/giac" is not used because the maintainer regularly
@ -258,7 +258,7 @@ (define-public giac-xcas
"source/giac_" version ".tar.gz"))
(sha256
(base32
"1c6jmswv3ay13n6mjgh9w7nbpdgm5lbwdcmva5sli3vqn4chn3vq"))))
"1j58cvpiddzxswfdh4ixyj1xsva7qwk8xjls29nqvryyykdfm4dp"))))
(build-system gnu-build-system)
(outputs '("out" "doc")) ;77MiB of documentation
(arguments

View file

@ -14,7 +14,7 @@
;;; Copyright © 2018 Maxim Cournoyer <maxim.cournoyer@gmail.com>
;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2018 Brett Gilio <brettg@posteo.net>
;;; Copyright © 2018 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2018, 2019 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2018 Thorsten Wilms <t_w_@freenet.de>
;;; Copyright © 2018 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2018 Brendan Tildesley <brendan.tildesley@openmailbox.org>
@ -624,59 +624,6 @@ (define-public caps-plugins-lv2
generators of mostly elementary and occasionally exotic nature.")
(license license:gpl3+)))
(define-public espeak
(package
(name "espeak")
(version "1.48.04")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/espeak/espeak/"
"espeak-" (version-major+minor version)
"/espeak-" version "-source.zip"))
(sha256
(base32
"0n86gwh9pw0jqqpdz7mxggllfr8k0r7pc67ayy7w5z6z79kig6mz"))
(modules '((guix build utils)))
(snippet
;; remove prebuilt binaries
'(begin
(delete-file-recursively "linux_32bit")
#t))))
(build-system gnu-build-system)
(arguments
`(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
(string-append "DATADIR="
(assoc-ref %outputs "out")
"/share/espeak-data")
(string-append "LDFLAGS=-Wl,-rpath="
(assoc-ref %outputs "out")
"/lib")
"AUDIO=pulseaudio")
#:tests? #f ; no check target
#:phases
(modify-phases %standard-phases
(replace 'configure
(lambda _
(chdir "src")
;; We use version 19 of the PortAudio library, so we must copy the
;; corresponding file to be sure that espeak compiles correctly.
(copy-file "portaudio19.h" "portaudio.h")
(substitute* "Makefile"
(("/bin/ln") "ln"))
#t)))))
(inputs
`(("portaudio" ,portaudio)
("pulseaudio" ,pulseaudio)))
(native-inputs `(("unzip" ,unzip)))
(home-page "http://espeak.sourceforge.net/")
(synopsis "Software speech synthesizer")
(description "eSpeak is a software speech synthesizer for English and
other languages. eSpeak uses a \"formant synthesis\" method. This allows many
languages to be provided in a small size. The speech is clear, and can be used
at high speeds, but is not as natural or smooth as larger synthesizers which are
based on human speech recordings.")
(license license:gpl3+)))
(define-public infamous-plugins
(package
(name "infamous-plugins")
@ -2135,6 +2082,39 @@ (define-public patchage
and ALSA.")
(license license:gpl3+)))
(define-public pcaudiolib
(package
(name "pcaudiolib")
(version "1.1")
(home-page "https://github.com/espeak-ng/pcaudiolib")
(source (origin
(method git-fetch)
(uri (git-reference (url home-page) (commit version)))
(file-name (git-file-name name version))
(sha256
(base32
"0c55hlqqh0m7bcb3nlgv1s4a22s5bgczr1cakjh3767rjb10khi0"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags '("--disable-static")))
(native-inputs
`(("autoconf" ,autoconf)
("automake" ,automake)
("libtool" ,libtool)
("pkg-config" ,pkg-config)
("which" ,which)))
(inputs
`(("alsa-lib" ,alsa-lib)
("pulseaudio" ,pulseaudio)))
(synopsis "Portable C audio library")
(description
"The Portable C Audio Library (pcaudiolib) provides a C@tie{}API to
different audio devices such as ALSA or PulseAudio.")
(license (list license:gpl3+
;; The bundled TPCircularBuffer uses a custom license.
(license:non-copyleft
"file://src/TPCircularBuffer/README.markdown")))))
(define-public qjackctl
(package
(name "qjackctl")
@ -2205,7 +2185,7 @@ (define-public qjackrcd
(define-public supercollider
(package
(name "supercollider")
(version "3.10.1")
(version "3.10.2")
(source (origin
(method url-fetch)
(uri (string-append
@ -2214,7 +2194,7 @@ (define-public supercollider
"/SuperCollider-" version "-Source-linux.tar.bz2"))
(sha256
(base32
"1yszs9j3sjk8hb8xxz30z3nd4j899ymb9mw9y1v26ikd603d1iig"))))
"0ynz1ydcpsd5h57h1n4a7avm6p1cif5a8rkmz4qpr46pr8z9p6iq"))))
(build-system cmake-build-system)
(arguments
`(#:configure-flags '("-DSYSTEM_BOOST=on" "-DSYSTEM_YAMLCPP=on"
@ -2263,26 +2243,6 @@ (define-public supercollider
(("add_subdirectory\\(sclang\\)")
""))
(delete-file "testsuite/sclang/CMakeLists.txt")
#t))
;; TODO: Remove after version 3.9.2 is released
;; (see: https://github.com/supercollider/supercollider/pull/3558).
(add-after 'disable-broken-tests 'apply-system-yaml-cpp-fix
(lambda _
;; cmake: correctly include yaml-cpp (commit f82cec5ae).
(substitute* "editors/sc-ide/CMakeLists.txt"
(("external_libraries/boost\\)$")
"external_libraries/boost)
include_directories(${YAMLCPP_INCLUDE_DIR})")
((" yaml")
" ${YAMLCPP_LIBRARY}"))
;; set YAMLCPP_LIBRARY and YAMLCPP_INCLUDE_DIR if not using
;; system (commit 031922987).
(substitute* "external_libraries/CMakeLists.txt"
(("set_property\\( TARGET yaml PROPERTY FOLDER 3rdparty \\)")
"set_property( TARGET yaml PROPERTY FOLDER 3rdparty )
set(YAMLCPP_LIBRARY yaml)
set(YAMLCPP_INCLUDE_DIR ${CMAKE_SOURCE_DIR}/\
external_libraries/yaml-cpp/include)"))
#t)))))
(native-inputs
`(("pkg-config" ,pkg-config)))

View file

@ -95,7 +95,7 @@ (define-public duplicity
`(("lockfile" ,python2-lockfile)
("urllib3" ,python2-urllib3)))
(inputs
`(("librsync" ,librsync)
`(("librsync" ,librsync-0.9)
("lftp" ,lftp)
("gnupg" ,gnupg) ; gpg executable needed
("util-linux" ,util-linux) ; for setsid
@ -362,7 +362,7 @@ (define-public btar
"0miklk4bqblpyzh1bni4x6lqn88fa8fjn15x1k1n8bxkx60nlymd"))))
(build-system gnu-build-system)
(inputs
`(("librsync" ,librsync)))
`(("librsync" ,librsync-0.9)))
(arguments
`(#:make-flags `(,(string-append "PREFIX=" (assoc-ref %outputs "out"))
"CC=gcc")
@ -395,7 +395,7 @@ (define-public rdiff-backup
(build-system python-build-system)
(inputs
`(("python" ,python-2)
("librsync" ,librsync)))
("librsync" ,librsync-0.9)))
(arguments
`(#:python ,python-2
#:tests? #f))

View file

@ -2308,6 +2308,23 @@ (define-public discrover
`(#:tests? #f ; there are no tests
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'fix-latex-errors
(lambda _
(with-fluids ((%default-port-encoding #f))
(substitute* "doc/references.bib"
(("\\{S\\}illanp[^,]+,")
"{S}illanp{\\\"a}{\\\"a},")))
;; XXX: I just can't get pdflatex to not complain about these
;; characters. They end up in the manual via the generated
;; discrover-cli-help.txt.
(substitute* "src/hmm/cli.cpp"
(("µ") "mu")
(("η") "eta")
(("≤") "<="))
;; This seems to be a syntax error.
(substitute* "doc/discrover-manual.tex"
(("theverbbox\\[t\\]") "theverbbox"))
#t))
(add-after 'unpack 'add-missing-includes
(lambda _
(substitute* "src/executioninformation.hpp"
@ -2316,28 +2333,28 @@ (define-public discrover
(substitute* "src/plasma/fasta.hpp"
(("#define FASTA_HPP" line)
(string-append line "\n#include <random>")))
#t)))))
#t))
;; FIXME: this is needed because we're using texlive-union, which
;; doesn't handle fonts correctly. It expects to be able to generate
;; fonts in the home directory.
(add-before 'build 'setenv-HOME
(lambda _ (setenv "HOME" "/tmp") #t)))))
(inputs
`(("boost" ,boost)
("cairo" ,cairo)))
("cairo" ,cairo)
("rmath-standalone" ,rmath-standalone)))
(native-inputs
`(("texlive" ,texlive)
;; TODO: Replace texlive with minimal texlive-union.
;; ("texlive" ,(texlive-union (list texlive-latex-doi
;; texlive-latex-hyperref
;; texlive-latex-oberdiek
;; texlive-generic-ifxetex
;; texlive-latex-url
;; texlive-latex-pgf
;; texlive-latex-examplep
;; texlive-latex-natbib
;; texlive-latex-verbatimbox
;; texlive-latex-ms
;; texlive-latex-xcolor
;; texlive-fonts-amsfonts
;; texlive-latex-amsfonts
;; ;; ...
;; )))
`(("texlive" ,(texlive-union (list texlive-fonts-cm
texlive-fonts-amsfonts
texlive-latex-doi
texlive-latex-examplep
texlive-latex-hyperref
texlive-latex-ms
texlive-latex-natbib
texlive-bibtex ; style files used by natbib
texlive-latex-pgf ; tikz
texlive-latex-verbatimbox)))
("imagemagick" ,imagemagick)))
(home-page "http://dorina.mdc-berlin.de/public/rajewsky/discrover/")
(synopsis "Discover discriminative nucleotide sequence motifs")
@ -2693,6 +2710,11 @@ (define-public flexbar
(arguments
`(#:phases
(modify-phases %standard-phases
(add-after 'unpack 'do-not-tune-to-CPU
(lambda _
(substitute* "src/CMakeLists.txt"
((" -march=native") ""))
#t))
(replace 'check
(lambda* (#:key outputs #:allow-other-keys)
(setenv "PATH" (string-append (getcwd) ":" (getenv "PATH")))
@ -12880,7 +12902,7 @@ (define-public pigx-rnaseq
(define-public pigx-chipseq
(package
(name "pigx-chipseq")
(version "0.0.20")
(version "0.0.21")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/BIMSBbioinfo/pigx_chipseq/"
@ -12888,7 +12910,7 @@ (define-public pigx-chipseq
"/pigx_chipseq-" version ".tar.gz"))
(sha256
(base32
"19a7dclqq0b4kqg3phiz4d4arlwfp34nm3z0rf1gkqdpsy7gghp3"))))
"0psgdzlnx5xwhlhpss5yvmnl7yv19y9742l97m04f7awd8w74gxs"))))
(build-system gnu-build-system)
;; parts of the tests rely on access to the network
(arguments '(#:tests? #f))
@ -14403,3 +14425,61 @@ (define-public python-pyfit-sne
approximate the gradient at each iteration of gradient descent. This package
is a Cython wrapper for FIt-SNE.")
(license license:bsd-4)))
(define-public velvet
(package
(name "velvet")
(version "1.2.10")
(source (origin
(method url-fetch)
(uri (string-append "https://www.ebi.ac.uk/~zerbino/velvet/"
"velvet_" version ".tgz"))
(sha256
(base32
"0h3njwy66p6bx14r3ar1byb0ccaxmxka4c65rn4iybyiqa4d8kc8"))
;; Delete bundled libraries
(modules '((guix build utils)))
(snippet
'(begin
(delete-file "Manual.pdf")
(delete-file-recursively "third-party")
#t))))
(build-system gnu-build-system)
(arguments
`(#:make-flags '("OPENMP=t")
#:test-target "test"
#:phases
(modify-phases %standard-phases
(delete 'configure)
(add-after 'unpack 'fix-zlib-include
(lambda _
(substitute* "src/binarySequences.c"
(("../third-party/zlib-1.2.3/zlib.h") "zlib.h"))
#t))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(bin (string-append out "/bin"))
(doc (string-append out "/share/doc/velvet")))
(mkdir-p bin)
(mkdir-p doc)
(install-file "velveth" bin)
(install-file "velvetg" bin)
(install-file "Manual.pdf" doc)
(install-file "Columbus_manual.pdf" doc)
#t))))))
(inputs
`(("openmpi" ,openmpi)
("zlib" ,zlib)))
(native-inputs
`(("texlive" ,(texlive-union (list texlive-latex-graphics
texlive-latex-hyperref)))))
(home-page "https://www.ebi.ac.uk/~zerbino/velvet/")
(synopsis "Nucleic acid sequence assembler for very short reads")
(description
"Velvet is a de novo genomic assembler specially designed for short read
sequencing technologies, such as Solexa or 454. Velvet currently takes in
short read sequences, removes errors then produces high quality unique
contigs. It then uses paired read information, if available, to retrieve the
repeated areas between contigs.")
(license license:gpl2+)))

View file

@ -60,14 +60,14 @@ (define-module (gnu packages code)
(define-public cflow
(package
(name "cflow")
(version "1.5")
(version "1.6")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/cflow/cflow-"
version ".tar.bz2"))
(sha256
(base32
"0yq33k5ap1zpnja64n89iai4zh018ffr72wki5a6mzczd880mr3g"))))
"1mzd3yf0dfv8h2av5vsxxlhpk21nw064h91b2kgfrdz92r0pnj1l"))))
(build-system gnu-build-system)
;; Needed to have cflow-mode.el installed.

View file

@ -1,7 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2014 David Thompson <davet@gnu.org>
;;; Copyright © 2015, 2017, 2018, 2019 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016, 2017, 2018 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016, 2017, 2018, 2019 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox>
;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2016, 2017 Nils Gillmann <ng0@n0.is>
@ -68,6 +68,7 @@ (define-module (gnu packages crypto)
#:use-module (guix build-system cmake)
#:use-module (guix build-system gnu)
#:use-module (guix build-system perl)
#:use-module (guix build utils)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26))
@ -927,3 +928,50 @@ (define-public stoken
that allows for importing token seeds, generating token codes, and various
utility/testing functions.")
(license license:lgpl2.1+)))
(define-public hpenc
(package
(name "hpenc")
(version "3.0")
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/vstakhov/hpenc")
(commit version)))
(sha256
(base32
"1fb5yi3d2k8kd4zm7liiqagpz610y168xrr1cvn7cbq314jm2my1"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; No test suite
#:make-flags
(list (string-append "PREFIX=" (assoc-ref %outputs "out"))
;; Build the program and the docs.
"SUBDIRS=src doc")
#:phases
(modify-phases %standard-phases
(delete 'configure) ; No ./configure script
(add-after 'unpack 'patch-path
(lambda _
(substitute* '("src/Makefile" "doc/Makefile")
(("/usr/bin/install")
"install"))))
(add-before 'install 'make-output-directories
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(bin (string-append out "/bin"))
(man1 (string-append out "/share/man/man1")))
(mkdir-p bin)
(mkdir-p man1)
#t))))))
(inputs
`(("libsodium" ,libsodium)
("openssl" ,openssl)))
(synopsis "High-performance command-line tool for stream encryption")
(description "Hpenc is a command-line tool for performing authenticated
encryption (AES-GCM and ChaCha20-Poly1305) of streaming data. It does not
perform an asymmetric key exchange, instead requiring the user to distribute
pre-shared keys out of band. It is designed to handle large amounts of data
quickly by using all your CPU cores and hardware acceleration.")
(home-page "https://github.com/vstakhov/hpenc")
(license license:bsd-3)))

View file

@ -1668,14 +1668,16 @@ (define-public perl-db-file
(define-public lmdb
(package
(name "lmdb")
(version "0.9.22")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/LMDB/lmdb/archive/"
"LMDB_" version ".tar.gz"))
(sha256
(base32
"0a7a8535csrvw71mrgx680m5d17bnxmmhcccij30idifi1cpi4pk"))))
(version "0.9.23")
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/LMDB/lmdb.git")
(commit (string-append "LMDB_" version))))
(file-name (git-file-name name version))
(sha256
(base32 "0ag7l5180ajvm73y59m7sn3p52xm8m972d08cshxhpwgwa4v35k6"))))
(build-system gnu-build-system)
(arguments
`(#:test-target "test"
@ -1683,8 +1685,7 @@ (define-public lmdb
(modify-phases %standard-phases
(replace 'configure
(lambda* (#:key outputs #:allow-other-keys)
(chdir (string-append
(getenv "PWD") "/lmdb-LMDB_" ,version "/libraries/liblmdb"))
(chdir "libraries/liblmdb")
(substitute* "Makefile"
(("/usr/local") (assoc-ref outputs "out")))
#t)))))

View file

@ -200,15 +200,14 @@ (define-public gptfdisk
(define-public ddrescue
(package
(name "ddrescue")
(version "1.23")
(version "1.24")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://gnu/ddrescue/ddrescue-"
version ".tar.lz"))
(sha256
(base32
"13cd6c0x91zq10vdlyl6r5rib47bmsn5sshmkin3igwj8pa2vbm9"))))
(base32 "11qh0bbzf00mfb4yq35gnv5m260k4d7q9ixklry6bqvhvvp3ypab"))))
(build-system gnu-build-system)
(home-page "https://www.gnu.org/software/ddrescue/ddrescue.html")
(synopsis "Data recovery utility")
@ -711,7 +710,7 @@ (define-public dmraid
(define-public libblockdev
(package
(name "libblockdev")
(version "2.20")
(version "2.21")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/storaged-project/"
@ -719,7 +718,7 @@ (define-public libblockdev
version "-1/libblockdev-" version ".tar.gz"))
(sha256
(base32
"092snk5jyv48na4d46v1ckiy859zwpb3r0ivnxv3km5vzsp76y7q"))))
"02p13l4194j0vyd2zs7bb9dmyclcpqq8l3qv9289vjfbsvq2awii"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)

View file

@ -42,6 +42,7 @@
;;; Copyright © 2018 Thorsten Wilms <t_w_@freenet.de>
;;; Copyright © 2018 Pierre Langlois <pierre.langlois@gmx.com>
;;; Copyright © 2018, 2019 Brett Gilio <brettg@posteo.net>
;;; Copyright © 2019 Dimakakos Dimos <bendersteed@teknik.io>
;;;
;;; This file is part of GNU Guix.
;;;
@ -110,6 +111,7 @@ (define-module (gnu packages emacs-xyz)
#:use-module (gnu packages perl)
#:use-module (gnu packages pdf)
#:use-module (gnu packages scheme)
#:use-module (gnu packages speech)
#:use-module (gnu packages xiph)
#:use-module (gnu packages mp3)
#:use-module (gnu packages gettext)
@ -4448,7 +4450,7 @@ (define-public emacs-edit-indirect
(define-public emacs-projectile
(package
(name "emacs-projectile")
(version "0.14.0")
(version "2.0.0")
(source (origin
(method url-fetch)
(uri (string-append "https://raw.githubusercontent.com/bbatsov"
@ -4456,7 +4458,7 @@ (define-public emacs-projectile
(file-name (string-append "projectile-" version ".el"))
(sha256
(base32
"1ql1wnzhblbwnv66hf2y0wq45g71hh6s9inc090lmhm1vgylbd1f"))))
"149hablms6n9b4wp78dz4pjz1rzyylfw9ayghq5p9d7k661mvyby"))))
(build-system emacs-build-system)
(propagated-inputs
`(("emacs-dash" ,emacs-dash)
@ -13139,17 +13141,18 @@ (define-public emacs-redshank
(define-public emacs-disk-usage
(package
(name "emacs-disk-usage")
(version "1.1.0")
(home-page "https://gitlab.com/ambrevar/emacs-disk-usage.git")
(source (origin
(method git-fetch)
(uri (git-reference
(url home-page)
(commit version)))
(file-name (git-file-name name version))
(sha256
(base32
"1c9jmjn8vf0v4776v79pc5w0labfs4v9aysbv2w9423rg4mangbg"))))
(version "1.2.0")
(home-page "https://gitlab.com/Ambrevar/emacs-disk-usage")
(source
(origin
(method url-fetch)
(uri (string-append
"https://elpa.gnu.org/packages/disk-usage-"
version
".el"))
(sha256
(base32
"13n6bsrz8q07fl6sd7wi5zvf01m5xw11hmrpdz7wcn49v6vs3whl"))))
(build-system emacs-build-system)
(synopsis "Sort and browse disk usage listings with Emacs")
(description "Disk Usage is a file system analyzer: it offers a tabulated
@ -13183,3 +13186,27 @@ (define-public emacs-orgit
Later you can insert it into an Org buffer using the command
@code{org-insert-link}.")
(license license:gpl3+))))
(define-public emacs-amx
(package
(name "emacs-amx")
(version "3.2")
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/DarwinAwardWinner/amx")
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
(base32
"0bb8y1dmzyqkrb4mg6zndcsxppby3glridv2aap2pv05gv8kx7mj"))))
(build-system emacs-build-system)
(propagated-inputs `(("emacs-s" ,emacs-s)))
(home-page "https://github.com/DarwinAwardWinner/amx")
(synopsis "Alternative interface for M-x")
(description "Amx is an alternative interface for M-x in Emacs. It
provides several enhancements over the ordinary
@code{execute-extended-command}, such as prioritizing your most-used commands
in the completion list and showing keyboard shortcuts, and it supports several
completion systems for selecting commands, such as ido and ivy.")
(license license:gpl3+)))

View file

@ -254,39 +254,41 @@ (define-public emacs-no-x-toolkit
(package-arguments emacs)))))
(define-public guile-emacs
(package (inherit emacs)
(name "guile-emacs")
(version "20150512.41120e0")
(source (origin
(method git-fetch)
(uri (git-reference
(url "git://git.hcoop.net/git/bpt/emacs.git")
(commit "41120e0f595b16387eebfbf731fff70481de1b4b")))
(file-name (string-append name "-" version "-checkout"))
(patches (search-patches "guile-emacs-fix-configure.patch"))
(sha256
(base32
"0lvcvsz0f4mawj04db35p1dvkffdqkz8pkhc0jzh9j9x2i63kcz6"))))
(native-inputs
`(("autoconf" ,autoconf)
("automake" ,automake)
("guile" ,guile-for-guile-emacs)
,@(package-native-inputs emacs)))
(arguments
(substitute-keyword-arguments `(;; Build fails if we allow parallel build.
#:parallel-build? #f
;; Tests aren't passing for now.
#:tests? #f
,@(package-arguments emacs))
((#:phases phases)
`(modify-phases ,phases
(add-after 'unpack 'autogen
(lambda _
(invoke "sh" "autogen.sh")))
;; Build sometimes fails: deps/dispnew.d: No such file or directory
(add-before 'build 'make-deps-dir
(lambda _
(invoke "mkdir" "-p" "src/deps")))))))))
(let ((commit "41120e0f595b16387eebfbf731fff70481de1b4b")
(revision "0"))
(package (inherit emacs)
(name "guile-emacs")
(version (git-version "0.0.0" revision commit))
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://git.hcoop.net/git/bpt/emacs.git")
(commit commit)))
(file-name (git-file-name name version))
(patches (search-patches "guile-emacs-fix-configure.patch"))
(sha256
(base32
"0lvcvsz0f4mawj04db35p1dvkffdqkz8pkhc0jzh9j9x2i63kcz6"))))
(native-inputs
`(("autoconf" ,autoconf)
("automake" ,automake)
("guile" ,guile-for-guile-emacs)
,@(package-native-inputs emacs)))
(arguments
(substitute-keyword-arguments `(;; Build fails if we allow parallel build.
#:parallel-build? #f
;; Tests aren't passing for now.
#:tests? #f
,@(package-arguments emacs))
((#:phases phases)
`(modify-phases ,phases
(add-after 'unpack 'autogen
(lambda _
(invoke "sh" "autogen.sh")))
;; Build sometimes fails: deps/dispnew.d: No such file or directory
(add-before 'build 'make-deps-dir
(lambda _
(invoke "mkdir" "-p" "src/deps"))))))))))
(define-public m17n-db
(package

View file

@ -41,6 +41,7 @@ (define-module (gnu packages emulators)
#:use-module (gnu packages backup)
#:use-module (gnu packages compression)
#:use-module (gnu packages curl)
#:use-module (gnu packages elf)
#:use-module (gnu packages fonts)
#:use-module (gnu packages fontutils)
#:use-module (gnu packages freedesktop)
@ -406,7 +407,7 @@ (define-public higan
(define-public mgba
(package
(name "mgba")
(version "0.7.0")
(version "0.7.1")
(source (origin
(method git-fetch)
(uri (git-reference
@ -415,7 +416,7 @@ (define-public mgba
(file-name (git-file-name name version))
(sha256
(base32
"0s4dl4pi8rxqahvzxnh37xdgsfax36cn5wlh1srdcmabwsrfpb3w"))
"0q0yg2zna7gjbvpaswyykbg3lr9k3c8l8fydqa407xrgq77lahq4"))
(modules '((guix build utils)))
(snippet
;; Make sure we don't use the bundled software.
@ -436,6 +437,7 @@ (define-public mgba
(inputs `(("ffmpeg" ,ffmpeg)
("imagemagick" ,imagemagick)
("libedit" ,libedit)
("libelf" ,libelf)
("libepoxy" ,libepoxy)
("libpng" ,libpng)
("mesa" ,mesa)

View file

@ -199,15 +199,15 @@ (define-public font-cantarell
(define-public font-lato
(package
(name "font-lato")
(version "2.010")
(version "2.010") ; also update description
(source (origin
(method url-fetch/zipbomb)
(uri (string-append "http://www.latofonts.com/download/Lato2OFL.zip"))
(uri (string-append "https://www.latofonts.com/download/Lato2OFL.zip"))
(sha256
(base32
"1f5540g0ja1nx3ddd3ywn77xc81ssrxpq8n3gyb9sabyq2b4xda2"))))
(build-system font-build-system)
(home-page "http://www.latofonts.com/lato-free-fonts/")
(home-page "https://www.latofonts.com/lato-free-fonts/")
(synopsis "Lato sans-serif typeface")
(description
"Lato is a sanserif typeface family. It covers over 3000 glyphs per style.
@ -824,7 +824,7 @@ (define-public font-hack
(synopsis "Typeface designed for source code")
(description
"Hack is designed to be a workhorse typeface for code. It expands upon
the Bitstream Vera & DejaVu projects, provides 1561 glyphs, and includes
the Bitstream Vera & DejaVu projects, provides over 1,500 glyphs, and includes
Powerline support.")
(license
;; See https://github.com/source-foundry/Hack/issues/271 for details.
@ -971,17 +971,19 @@ (define-public font-fira-code
(define-public font-awesome
(package
(name "font-awesome")
(version "5.7.2")
;; XXX The build scripts of version 5 are not freely licensed and
;; so we have to stick with version 4 for now:
;; <https://bugs.gnu.org/32916>
(version "4.7.0")
(source (origin
(method url-fetch)
(uri (string-append
"https://use.fontawesome.com/releases/v" version "/"
"fontawesome-free-" version "-desktop.zip"))
(uri (string-append "http://fontawesome.io/assets/"
name "-" version ".zip"))
(sha256
(base32
"0v8nfyjkzgi33i5arpjqzs16mgh2hx02sf906b8a9k1k7yfqpbgs"))))
"1m1rfwm4sjkv10j3xd2dhwk286a5912b2zgvc692cmxi5gxs68jf"))))
(build-system font-build-system)
(home-page "https://fontawesome.com")
(home-page "http://fontawesome.io")
(synopsis "Font that contains a rich iconset")
(description
"Font Awesome is a full suite of pictographic icons for easy scalable

View file

@ -764,15 +764,15 @@ (define-public libmbim
(define-public libqmi
(package
(name "libqmi")
(version "1.22.0")
(version "1.22.2")
(source (origin
(method url-fetch)
(uri (string-append
"https://www.freedesktop.org/software/" name "/"
name "-" version ".tar.xz"))
"https://www.freedesktop.org/software/libqmi/"
"libqmi-" version ".tar.xz"))
(sha256
(base32
"05xamy608mhvmw9zbnv9n8w3xpk96n10v5mixnvpnqgih6s9ih91"))))
"09w20dsgr16bgbqw5ds7r6j2s6ihwyalh9zpbjhcn7cvm0afbwgi"))))
(build-system gnu-build-system)
(inputs
`(("libgudev" ,libgudev)))

View file

@ -2098,20 +2098,19 @@ (define-public gnujump
(define-public wesnoth
(package
(name "wesnoth")
(version "1.14.5")
(version "1.14.6")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/wesnoth/wesnoth-"
(version-major+minor version) "/wesnoth-"
version "/"
name "-" version ".tar.bz2"))
(version-major+minor version)
"/wesnoth-" version "/"
"wesnoth-" version ".tar.bz2"))
(sha256
(base32
"1kgpj2f22nnx4mwd1zis3s5ny2983aasgqsmz7wnqaq7n6a7ac85"))
(patches (search-patches "wesnoth-newer-boost.patch"))))
"0aw3czw3nq8ffakhw2libhvrhnllj61xc5lxpjqv0ig1419s1lj5"))))
(build-system cmake-build-system)
(arguments
`(#:tests? #f)) ; no check target
`(#:tests? #f)) ; no check target
(native-inputs
`(("gettext" ,gettext-minimal)
("pkg-config" ,pkg-config)))
@ -5225,54 +5224,49 @@ (define-public badass
(define-public colobot
(package
(name "colobot")
(version "0.1.11.1-alpha")
(version "0.1.12-alpha")
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/colobot/colobot/archive/"
"colobot-gold-" version ".tar.gz"))
(method git-fetch)
(uri (git-reference
(url "https://github.com/colobot/colobot.git")
(commit (string-append "colobot-gold-" version))
(recursive? #t))) ;for "data/" subdir
(file-name (git-file-name name version))
(sha256
(base32
"0h6f4icarramhjkxxbzz6siv3v11z5r8ghqisgr1rscw217vhmwf"))))
"1c181cclkrnspgs07lvndg2c81cjq3smkv7qim8c470cj88rcrp2"))))
(build-system cmake-build-system)
(arguments
`(#:tests? #f ;no test
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'unpack-data
(lambda* (#:key inputs #:allow-other-keys)
(let ((data (assoc-ref inputs "colobot-data")))
(invoke "tar" "-xvf" data "-Cdata" "--strip-components=1")
#t)))
(add-after 'unpack-data 'install-music
(add-after 'unpack 'make-git-checkout-writable
(lambda _
(for-each make-file-writable (find-files "."))
#t))
(add-after 'unpack 'fix-directories
(lambda _
(substitute* "CMakeLists.txt"
(("(\\$\\{CMAKE_INSTALL_PREFIX\\})/games" _ prefix)
(string-append prefix "/bin"))
(("(\\$\\{CMAKE_INSTALL_PREFIX\\}/share)/games/colobot" _ prefix)
(string-append prefix "/colobot")))
#t))
(add-after 'fix-directories 'install-music
;; Retrieve and install music files.
(lambda* (#:key inputs #:allow-other-keys)
;; Installation process tries to download music files using
;; "wget" if not already present. Since we are going to install
;; them, skip "wget" command check.
;; "wget" if not already present. Since we are going another
;; route, skip "wget" command check.
(substitute* "data/music/CMakeLists.txt"
(("find_program\\(WGET wget\\)") ""))
;; Effectively install music.
;; Populate "music/" directory.
(let ((data (assoc-ref inputs "colobot-music")))
(invoke "tar" "-xvf" data "-Cdata/music")
#t)))
(add-after 'install 'fix-install-directory
;; Move binary from "games/" to "bin/".
(lambda* (#:key outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out")))
(rename-file (string-append out "/games")
(string-append out "/bin"))
#t))))))
(invoke "tar" "-xvf" data "-Cdata/music"))
#t)))))
(native-inputs
`(("colobot-data"
,(origin
(method url-fetch)
(uri (string-append
"https://github.com/colobot/colobot-data/archive/"
"colobot-gold-" version ".tar.gz"))
(sha256
(base32
"0riznycx2jbxmg4m9nn3mcpqws2c0s7cn2m9skz9zj1w39r5qpjy"))))
("colobot-music"
`(("colobot-music"
,(origin
(method url-fetch)
(uri (string-append "https://colobot.info/files/music/"

View file

@ -508,14 +508,14 @@ (define-public gcc-7
(define-public gcc-8
(package
(inherit gcc-7)
(version "8.2.0")
(version "8.3.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/gcc/gcc-"
version "/gcc-" version ".tar.xz"))
(sha256
(base32
"10007smilswiiv2ymazr3b6x2i933c0ycxrr529zh4r6p823qv0r"))
"0b3xv411xhlnjmin2979nxcbnidgvzqdf4nbhix99x60dkzavfk4"))
(patches (search-patches "gcc-8-strmov-store-file-names.patch"
"gcc-5.0-libvtv-runpath.patch"))))))

View file

@ -2027,15 +2027,15 @@ (define-public goffice-0.8
(define-public gnumeric
(package
(name "gnumeric")
(version "1.12.36")
(version "1.12.44")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/" name "/"
(uri (string-append "mirror://gnome/sources/gnumeric/"
(version-major+minor version) "/"
name "-" version ".tar.xz"))
"gnumeric-" version ".tar.xz"))
(sha256
(base32
"0j28qpbz9a9p80x27kcwxl5n1hf36nn2fa7dxwrbhcdx4rgy5grw"))))
"0147962c6ybdsj57rz95nla0rls7g545wc2n7pz59zmzyd5pksk0"))))
(build-system glib-or-gtk-build-system)
(arguments
`(;; The gnumeric developers don't worry much about failing tests.
@ -3544,9 +3544,9 @@ (define-public gom
(source
(origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/" name "/"
(uri (string-append "mirror://gnome/sources/gom/"
(version-major+minor version) "/"
name "-" version ".tar.xz"))
"gom-" version ".tar.xz"))
(sha256
(base32
"1zaqqwwkyiswib3v1v8wafpbifpbpak0nn2kp13pizzn9bwz1s5w"))))
@ -4006,15 +4006,15 @@ (define-public eog-plugins
;; 'XDG_DATA_DIRS' appropriately set.
(package
(name "eog-plugins")
(version "3.26.2")
(version "3.26.3")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/" name "/"
(uri (string-append "mirror://gnome/sources/eog-plugins/"
(version-major+minor version) "/"
name "-" version ".tar.xz"))
"eog-plugins-" version ".tar.xz"))
(sha256
(base32
"1w8zw7kwfvlwlyb1k1inqdvbwnzq959sqawlmnwfb8ykn98hbk8y"))))
"06fnjs2p18ad5vk07z685cx26sc7d3azywss00w9xvz794b2i1g3"))))
(build-system gnu-build-system)
(home-page "https://wiki.gnome.org/Apps/EyeOfGnome/Plugins")
(synopsis "Extensions for the Eye of GNOME image viewer")
@ -7451,17 +7451,18 @@ (define-public soundconverter
(define-public workrave
(package
(name "workrave")
(version "1.10.21")
(version "1.10.23")
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/rcaelers/workrave.git")
(commit (string-map (match-lambda (#\_ #\.) (chr chr)) version))))
(commit (string-append "v" (string-map
(match-lambda (#\. #\_) (chr chr))
version)))))
(file-name (git-file-name name version))
(sha256
(base32
"150qca8c552fakjlzkgarsxgp87l1xcwn19svqsa9d0cygqxjgia"))))
(base32 "1qhlwfhwk5agv4904d6bsf83k9k89q7bms6agg967vsca4905vcw"))))
(build-system glib-or-gtk-build-system)
(propagated-inputs `(("glib" ,glib)
("gtk+" ,gtk+)

View file

@ -261,7 +261,7 @@ (define-public gwenhywfar
("gtk+" ,gtk+)))
(native-inputs
`(("pkg-config" ,pkg-config)))
(home-page "http://www.aquamaniac.de/sites/aqbanking/index.php")
(home-page "https://www.aquamaniac.de/sites/aqbanking/index.php")
(synopsis "Utility library for networking and security applications")
(description
"This package provides a helper library for networking and security
@ -301,7 +301,7 @@ (define-public aqbanking
(native-inputs
`(("pkg-config" ,pkg-config)
("libltdl" ,libltdl)))
(home-page "http://www.aquamaniac.de/sites/aqbanking/index.php")
(home-page "https://www.aquamaniac.de/sites/aqbanking/index.php")
(synopsis "Interface for online banking tasks")
(description
"AqBanking is a modular and generic interface to online banking tasks,

View file

@ -9,6 +9,7 @@
;;; Copyright © 2017 Nils Gillmann <ng0@n0.is>
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -866,8 +867,6 @@ (define-public icecat
;; practice somehow. See <http://hydra.gnu.org/build/378133>.
#:validate-runpath? #f
#:imported-modules ,%cargo-build-system-modules ;for `generate-checksums'
#:configure-flags `("--enable-default-toolkit=cairo-gtk3"
"--with-distribution-id=org.gnu"
@ -939,6 +938,8 @@ (define-public icecat
;; "--with-system-png"
)
#:imported-modules ,%cargo-utils-modules ;for `generate-checksums'
#:modules ((ice-9 ftw)
(ice-9 rdelim)
(ice-9 match)
@ -978,7 +979,7 @@ (define-public icecat
(invoke "sh" "-c" "autoconf old-configure.in > old-configure")))
(add-after 'patch-source-shebangs 'patch-cargo-checksums
(lambda _
(use-modules (guix build cargo-build-system))
(use-modules (guix build cargo-utils))
(let ((null-file "/dev/null")
(null-hash "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"))
(substitute* '("Cargo.lock" "servo/Cargo.lock")

View file

@ -4,7 +4,7 @@
;;; Copyright © 2016-2019 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;; Copyright © 2016 David Craven <david@craven.ch>
;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net>
;;;
;;; This file is part of GNU Guix.
@ -3014,7 +3014,7 @@ (define-public ktexteditor
(uri (string-append
"mirror://kde/stable/frameworks/"
(version-major+minor version) "/"
name "-" version ".tar.xz"))
"ktexteditor-" version ".tar.xz"))
(sha256
(base32
"0b5zqhm5aw7jj7dj600xa674ik11gwyzamhyz5962xhvsg5pyjwx"))))
@ -3076,7 +3076,8 @@ (define-public ktexteditor
(let ((kst5 (string-append (assoc-ref outputs "out")
"/share/kservicetypes5/")))
(symlink (string-append kst5 "ktexteditorplugin.desktop")
(string-append kst5 "ktexteditor-plugin.desktop"))))))))
(string-append kst5 "ktexteditor-plugin.desktop"))
#t))))))
(home-page "https://community.kde.org/Frameworks")
(synopsis "Full text editor component")
(description "KTextEditor provides a powerful text editor component that you

View file

@ -2,6 +2,7 @@
;;; Copyright © 2015 Federico Beffa <beffa@fbengineering.ch>
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2019 Gábor Boskovits <boskovits@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -28,7 +29,7 @@ (define-module (gnu packages libedit)
(define-public libedit
(package
(name "libedit")
(version "20180525-3.1")
(version "20181209-3.1")
(source
(origin
(method url-fetch)
@ -36,7 +37,7 @@ (define-public libedit
"/" name "-" version ".tar.gz"))
(sha256
(base32
"05iicng4kag5hxdc7adbyj1gm3qbmvcc33m9cyx5gys0s67yl6y4"))))
"0r0hc4lg71xnn0vrrk2g7is42i0k0dra7cbw3fljq3q01c6df498"))))
(build-system gnu-build-system)
(inputs
`(("ncurses" ,ncurses)))

View file

@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;;
;;; This file is part of GNU Guix.
;;;
@ -27,14 +28,14 @@ (define-module (gnu packages libunwind)
(define-public libunwind
(package
(name "libunwind")
(version "1.2.1")
(version "1.3.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://savannah/libunwind/libunwind-"
version ".tar.gz"))
(sha256
(base32
"1jsslwkilwrsj959dc8b479qildawz67r8m4lzxm7glcwa8cngiz"))))
"1y0l08k6ak1mqbfj6accf9s5686kljwgsl4vcqpxzk5n74wpm6a3"))))
(build-system gnu-build-system)
(arguments
;; FIXME: As of glibc 2.25, we get 1 out of 34 test failures (2 are

View file

@ -413,8 +413,8 @@ (define* (make-linux-libre version hash supported-systems
It has been modified to remove all non-free binary blobs.")
(license license:gpl2)))
(define %linux-libre-version "4.20.12")
(define %linux-libre-hash "16w52g5s7qhvmmz3srai1myl8949nxv6cqybiw3wx3mwcvp95mlh")
(define %linux-libre-version "4.20.13")
(define %linux-libre-hash "00rqdsqyz0csdblcmifyhkgzvsmnqsh090i6h30146rsf3707xad")
(define %linux-libre-4.20-patches
(list %boot-logo-patch
@ -427,8 +427,8 @@ (define-public linux-libre
#:patches %linux-libre-4.20-patches
#:configuration-file kernel-config))
(define %linux-libre-4.19-version "4.19.25")
(define %linux-libre-4.19-hash "0kg8gibmyihh4lr7ksp8szrs0jx5sr2g56szm69lff1zmsywpqc6")
(define %linux-libre-4.19-version "4.19.26")
(define %linux-libre-4.19-hash "0xp1hqcwimyvzzbci741vymc8mrgk3cycv8l020zas1dfw5wn48c")
(define %linux-libre-4.19-patches
(list %boot-logo-patch
@ -441,8 +441,8 @@ (define-public linux-libre-4.19
#:patches %linux-libre-4.19-patches
#:configuration-file kernel-config))
(define %linux-libre-4.14-version "4.14.103")
(define %linux-libre-4.14-hash "05zcb7kaj6cni4v0s0qdywwrqzlr63mkqbhxkbmrjz4blxxxdszg")
(define %linux-libre-4.14-version "4.14.104")
(define %linux-libre-4.14-hash "0x7jzazl0yzdc9m1ycwcywjpj6w30mabks4qs9asdy5622282b4v")
(define-public linux-libre-4.14
(make-linux-libre %linux-libre-4.14-version
@ -451,8 +451,8 @@ (define-public linux-libre-4.14
#:configuration-file kernel-config))
(define-public linux-libre-4.9
(make-linux-libre "4.9.160"
"1j3z3kn4n9vm7fkzb63ddmxba9r2pm623kar1jn7i5xsd1vz4qr9"
(make-linux-libre "4.9.161"
"0r35qlc8yj9svryv0v91j134vr35d23sz5aj7f2h8c99iakbm6zw"
'("x86_64-linux" "i686-linux")
#:configuration-file kernel-config))
@ -1572,16 +1572,14 @@ (define-public iw
(define-public powertop
(package
(name "powertop")
(version "2.9")
(version "2.10")
(source
(origin
(method url-fetch)
(uri (string-append
"https://01.org/sites/default/files/downloads/powertop/powertop-v"
version ".tar.gz"))
(uri (string-append "https://01.org/sites/default/files/downloads/"
"powertop-v" version ".tar.gz"))
(sha256
(base32
"0l4jjlf05li2mc6g8nrss3h435wjhmnqd8m7v3kha3x0x7cbfzxa"))))
(base32 "0xaazqccyd42v2q532dxx40nqhb9sfsa6cyx8641rl57mfg4bdyk"))))
(build-system gnu-build-system)
(arguments
'(#:phases
@ -2702,14 +2700,14 @@ (define-public singularity
(define-public hdparm
(package
(name "hdparm")
(version "9.56")
(version "9.58")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/" name "/" name "/"
name "-" version ".tar.gz"))
(uri (string-append "mirror://sourceforge/hdparm/hdparm/"
"hdparm-" version ".tar.gz"))
(sha256
(base32
"1np42qyhb503khvacnjcl3hb1dqly68gj0a1xip3j5qhbxlyvybg"))))
"03z1qm8zbgpxagk3994lvp24yqsshjibkwg05v9p3q1w7y48xrws"))))
(build-system gnu-build-system)
(arguments
`(#:make-flags (let ((out (assoc-ref %outputs "out")))
@ -4130,15 +4128,15 @@ (define-public efibootmgr
(version "16")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/rhinstaller/" name
"/releases/download/" version "/" name
(uri (string-append "https://github.com/rhinstaller/efibootmgr"
"/releases/download/" version "/efibootmgr"
"-" version ".tar.bz2"))
(sha256
(base32
"0pzn67vxxaf7jna4cd0i4kqm60h04kb21hckksv9z82q9gxra1wm"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; No tests.
`(#:tests? #f ;no tests
#:make-flags (list (string-append "prefix=" %output)
(string-append "libdir=" %output "/lib")
;; EFIDIR denotes a subdirectory relative to the
@ -4146,11 +4144,7 @@ (define-public efibootmgr
;; installed (known as OS_VENDOR in the code).
;; GRUB overrides this, as such it's only used if
;; nothing else is specified on the command line.
"EFIDIR=gnu"
;; Override CFLAGS to add efivar include directory.
(string-append "CFLAGS=-O2 -g -flto -I"
(assoc-ref %build-inputs "efivar")
"/include/efivar"))
"EFIDIR=gnu")
#:phases (modify-phases %standard-phases (delete 'configure))))
(native-inputs
`(("pkg-config" ,pkg-config)))

View file

@ -318,14 +318,14 @@ (define-public clisp
(define-public sbcl
(package
(name "sbcl")
(version "1.4.13")
(version "1.4.16")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/sbcl/sbcl/" version "/sbcl-"
version "-source.tar.bz2"))
(sha256
(base32 "120rnnz8367lk7ljqlf8xidm4b0d738xqsib4kq0q5ms5r7fzgvm"))
(base32 "1myg4wkxnbfn5nz38xy62r1jhjy07x3h0b04vg858n41chdsv4wd"))
(modules '((guix build utils)))
(snippet
;; Add sbcl-bundle-systems to 'default-system-source-registry'.

View file

@ -4,7 +4,7 @@
;;; Copyright © 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2017 Nils Gillmann <ng0@n0.is>
;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2018 Meiyo Peng <meiyo.peng@gmail.com>
;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
;;;
@ -128,8 +128,9 @@ (define-public lxqt-build-tools
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/lxqt/" name "/releases/download/"
version "/" name "-" version ".tar.xz"))
(uri (string-append "https://github.com/lxqt/lxqt-build-tools/releases"
"/download/" version
"/lxqt-build-tools-" version ".tar.xz"))
(sha256
(base32 "13b5x26p6ycnwzlgg1cgvlc88wjrjmlb3snrrmzh0xgh9h6hhvd6"))))
(build-system cmake-build-system)
@ -161,8 +162,8 @@ (define-public libqtxdg
(origin
(method url-fetch)
(uri (string-append
"https://github.com/lxqt/" name "/releases/download/"
version "/" name "-" version ".tar.xz"))
"https://github.com/lxqt/libqtxdg/releases/download/"
version "/libqtxdg-" version ".tar.xz"))
(sha256
(base32 "0lq548pa69hfvnbj2ypba5ygm8n6v6g7bqqm8p5g538l1l3394cl"))))
(build-system cmake-build-system)
@ -1149,8 +1150,8 @@ (define-public screengrab
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/lxqt/" name "/releases/download/"
version "/" name "-" version ".tar.xz"))
(uri (string-append "https://github.com/lxqt/screengrab/releases/download/"
version "/screengrab-" version ".tar.xz"))
(sha256
(base32 "17y8rsx9fixvxv2byq8d6c01vry10nv07f8jy85vz7zp4f0rgzz3"))))
(build-system cmake-build-system)

View file

@ -4,7 +4,7 @@
;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015 Alex Kost <alezost@gmail.com>
;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2018, 2019 Rutger Helling <rhelling@mykolab.com>
;;; Copyright © 2018, 2019 Marius Bakke <mbakke@fastmail.com>
;;;
@ -40,7 +40,7 @@ (define-module (gnu packages man)
(define-public libpipeline
(package
(name "libpipeline")
(version "1.5.0")
(version "1.5.1")
(source (origin
(method url-fetch)
(uri (string-append
@ -48,7 +48,7 @@ (define-public libpipeline
version ".tar.gz"))
(sha256
(base32
"0avg525wvifcvjrwa6i1r6kvahmsswj0mpxrsxzzdzra9wpf2whd"))))
"0bwh5xz5f2czwb7f564jz1mp4znm8pldnvf65fs0hpw4gmmp0cyn"))))
(build-system gnu-build-system)
(home-page "http://libpipeline.nongnu.org/")
(synopsis "C library for manipulating pipelines of subprocesses")

View file

@ -114,7 +114,7 @@ (define-public discount
(method url-fetch)
(uri (string-append
"http://www.pell.portland.or.us/~orc/Code/"
name "/" name "-" version ".tar.bz2"))
"discount/discount-" version ".tar.bz2"))
(sha256
(base32
"199hwajpspqil0a4y3yxsmhdp2dm73gqkzfk4mrwzsmlq8y1xzbl"))))

66
gnu/packages/mastodon.scm Normal file
View file

@ -0,0 +1,66 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages mastodon)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system python)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (gnu packages check)
#:use-module (gnu packages python-web)
#:use-module (gnu packages python-xyz)
)
(define-public toot
(package
(name "toot")
(version "0.21.0")
(source
(origin
(method url-fetch)
(uri (pypi-uri "toot" version))
(sha256
(base32
"1dqv5jckaw3r7dnfns3iygwbfnf27x513qrw2rryzl5y79xrzs1x"))))
(build-system python-build-system)
(arguments
'(#:phases
(modify-phases %standard-phases
(delete 'check)
(add-after 'install 'check
(lambda* (#:key inputs outputs #:allow-other-keys)
(add-installed-pythonpath inputs outputs)
(invoke "py.test"))))))
(native-inputs
`(("python-pytest" ,python-pytest)))
(propagated-inputs
`(("python-beautifulsoup4" ,python-beautifulsoup4)
("python-requests" ,python-requests)
("python-wcwidth" ,python-wcwidth)))
(home-page "https://github.com/ihabunek/toot/")
(synopsis "Mastodon CLI client")
(description "Interact with Mastodon social network from the command line.
Features include:
@itemize
@item Posting, replying, deleting statuses
@item Support for media uploads, spoiler text, sensitive content
@item Search by account or hash tag
@item Following, muting and blocking accounts
@item Simple switching between authenticated in Mastodon accounts
@end itemize")
(license license:gpl3)))

View file

@ -1797,14 +1797,14 @@ (define-public petsc-complex-openmpi
(define-public python-petsc4py
(package
(name "python-petsc4py")
(version "3.10.0")
(version "3.10.1")
(source
(origin
(method url-fetch)
(uri (pypi-uri "petsc4py" version))
(sha256
(base32
"0ch3g6dsvxl7qi984fcssv7cxfbif4bw04gkvxl2l1b8wrmvrm25"))))
"094hcnran0r2z1wlvmjswsz3ski1m9kqrl5l0ax8jjhnk55x0flh"))))
(build-system python-build-system)
(arguments
`(#:phases
@ -3669,9 +3669,6 @@ (define-public hypre
("texlive" ,(texlive-union (list texlive-generic-xypic
texlive-fonts-xypic
texlive-latex-hyperref
texlive-latex-oberdiek
texlive-generic-ifxetex
texlive-latex-url
texlive-bibtex)))
("ghostscript" ,ghostscript)))
(inputs

View file

@ -2,7 +2,7 @@
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016, 2017 Nils Gillmann <ng0@n0.is>
;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;;
;;; This file is part of GNU Guix.
;;;
@ -37,15 +37,14 @@ (define-module (gnu packages mc)
(define-public mc
(package
(name "mc")
(version "4.8.20")
(version "4.8.22")
(source
(origin
(method url-fetch)
(uri (string-append "http://ftp.midnight-commander.org/mc-"
version ".tar.xz"))
(sha256
(base32
"072h7n9b3j79fqn48xaw0xhlcjavpsmfpz6nyh20lhmfz3sffzh1"))))
(base32 "060kh3dmk8fmmsibn1l815qjazzfxzbhgqggrhncz604pbbnhy7f"))))
(build-system gnu-build-system)
(native-inputs `(("pkg-config" ,pkg-config)
("perl" ,perl)))
@ -89,6 +88,11 @@ (define-public mc
(substitute* (list "rpm.custom.output"
"rpm.glib.output")
((" 0 0") "<<uid>> <<gid>>")))
;; XXX ERROR:mc_realpath.c:99:realpath_test: assertion failed
;; (resolved_path == data->expected_string): ("" == "/usr/bin")
(substitute* "tests/lib/mc_realpath.c"
(("/usr/bin") "/")
(("usr/bin") "/"))
#t)))))
(home-page "https://www.midnight-commander.org")
(synopsis "Graphical file manager")

View file

@ -683,7 +683,7 @@ (define-public gajim
(define-public gajim-omemo
(package
(name "gajim-omemo")
(version "2.6.26")
(version "2.6.27")
(source (origin
(method url-fetch/zipbomb)
(uri (string-append
@ -691,7 +691,7 @@ (define-public gajim-omemo
version ".zip"))
(sha256
(base32
"0amqlmnsijz60s0wwkp7bzix60v5p6khqcdsd6qcwawxq5pdayw0"))))
"1zy8a6pp8q9qjjxwsa4s2r9h20vs077xk59ycwy9lrfd8x79zw69"))))
(build-system trivial-build-system)
(arguments
`(#:modules ((guix build utils))

View file

@ -290,7 +290,7 @@ (define-public clementine
("sqlite" ,sqlite-with-column-metadata)
("sparsehash" ,sparsehash)
("taglib" ,taglib)))
(home-page "http://clementine-player.org")
(home-page "https://clementine-player.org")
(synopsis "Music player and library organizer")
(description "Clementine is a multiplatform music player. It is inspired
by Amarok 1.4, focusing on a fast and easy-to-use interface for searching and
@ -1955,14 +1955,14 @@ (define-public frescobaldi
(define-public drumstick
(package
(name "drumstick")
(version "1.1.1")
(version "1.1.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/drumstick/"
version "/drumstick-" version ".tar.bz2"))
(sha256
(base32
"0avwxr6n9ra7narxc5lmkhdqi8ix10gmif8rpd06wp4g9iv46xrn"))))
"0kljqyqj7s1i2z52i24x7ail1bywn6dcxxfbad5c59drm8wv94bp"))))
(build-system cmake-build-system)
(arguments
`(#:tests? #f ; no test target
@ -3637,7 +3637,7 @@ (define-public lmms
(define-public musescore
(package
(name "musescore")
(version "3.0.2")
(version "3.0.3")
(source (origin
(method git-fetch)
(uri (git-reference
@ -3646,7 +3646,7 @@ (define-public musescore
(file-name (git-file-name name version))
(sha256
(base32
"1w9il6gg0dh4yi20nbdcibx5z5z4bvzppq8wsqf1l916hnczsj3s"))
"1drgmivqs2c5xck7dy5y9xf41wfnnj7n84069h273q96b783cx3f"))
(modules '((guix build utils)))
(snippet
;; Un-bundle OpenSSL and remove unused libraries.
@ -3660,17 +3660,14 @@ (define-public musescore
'("thirdparty/freetype"
"thirdparty/openssl"
"thirdparty/portmidi"))
#t))
;; Fix compilation error due to BUILD_WEBENGINE CMake option not
;; properly handled. Applied upstream already:
;; <https://github.com/musescore/MuseScore/commit/bb0c1a9b4940f3f6b52c0df535289ec8a3bc9e03>
(patches (search-patches "musescore-fix-use_webengine.patch"))))
#t))))
(build-system cmake-build-system)
(arguments
`(#:configure-flags
`("-DUSE_SYSTEM_FREETYPE=ON"
`("-DBUILD_CRASH_REPORTER=OFF"
"-DBUILD_WEBENGINE=OFF"
"-DDOWNLOAD_SOUNDFONT=OFF")
"-DDOWNLOAD_SOUNDFONT=OFF"
"-DUSE_SYSTEM_FREETYPE=ON")
;; There are tests, but no simple target to run. The command used to
;; run them is:
;;

View file

@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;;
;;; This file is part of GNU Guix.
;;;
@ -52,6 +53,8 @@ (define-public netpbm
(sha256
(base32
"1k7as9qi1942wyjxpvbf02wg0h4braw44m3m3vvi8sm9y5z1m967"))
(patches (search-patches "netpbm-CVE-2017-2586.patch"
"netpbm-CVE-2017-2587.patch"))
(file-name (string-append name "-" version "-checkout"))
(modules '((guix build utils)))
(snippet

View file

@ -416,14 +416,14 @@ (define-public libndp
(define-public ethtool
(package
(name "ethtool")
(version "4.17")
(version "4.19")
(source (origin
(method url-fetch)
(uri (string-append "mirror://kernel.org/software/network/"
name "/" name "-" version ".tar.xz"))
"ethtool/ethtool-" version ".tar.xz"))
(sha256
(base32
"11f5503mgcwjn1q4dvhjiqwnw3zmp2gbhirjvgfr71y72ys1wsy4"))))
"1j6hyr809af2m3gqm11hdfwks5kljqy1ikspq3d9rhj29qv6r2mi"))))
(build-system gnu-build-system)
(home-page "https://www.kernel.org/pub/software/network/ethtool/")
(synopsis "Display or change Ethernet device settings")
@ -662,15 +662,14 @@ (define-public wireshark
(define-public fping
(package
(name "fping")
(version "4.1")
(version "4.2")
(source
(origin
(method url-fetch)
(uri (string-append "https://fping.org/dist/fping-"
version ".tar.gz"))
(sha256
(base32
"0wxbvm480vij8dy4v1pi8f0c7010rx6bidg3qhsvkdf2ijhy4cr7"))))
(base32 "0jmnf4vmr43aiwk3h2b5qdsb95gxar8gz1yli8fswnm9nrs9ccvx"))))
(build-system gnu-build-system)
(home-page "https://fping.org/")
(synopsis "Send ICMP ECHO_REQUEST packets to network hosts")
@ -1997,15 +1996,14 @@ (define-public can-utils
(define-public asio
(package
(name "asio")
(version "1.12.1")
(version "1.12.2")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/asio/asio/"
version " (Stable)/" name "-" version ".tar.bz2"))
version " (Stable)/asio-" version ".tar.bz2"))
(sha256
(base32
"0nln45662kg799ykvqx5m9z9qcsmadmgg6r5najryls7x16in2d9"))))
(base32 "1akray4l3hgahmb92sbvsqg128c7g7s92jrkf1sp1fjnfjrxq9sf"))))
(build-system gnu-build-system)
(inputs
`(("boost" ,boost)

View file

@ -289,6 +289,8 @@ (define-public beignet
functions required to initialize the device, create the command queues, the
kernels and the programs, and run them on the GPU. The code also contains a
back-end for the LLVM compiler framework.")
;; Beignet only supports Intel processors.
(supported-systems '("x86_64-linux" "i686-linux"))
(license license:lgpl2.1+)))
(define-public pocl

View file

@ -548,13 +548,13 @@ (define-public rpm
(define-public diffoscope
(package
(name "diffoscope")
(version "111")
(version "112")
(source (origin
(method url-fetch)
(uri (pypi-uri name version))
(sha256
(base32
"0sgqx3n0ny75bvcw10pfx61z67mdk5hx3mblw4gqnn2h9vc74qz1"))))
"00ry8iczfv85qyfxmarxpgdq2h5jfj41z8sl9005brk937a7p2fk"))))
(build-system python-build-system)
(arguments
`(#:phases (modify-phases %standard-phases

View file

@ -1,165 +0,0 @@
From bb0c1a9b4940f3f6b52c0df535289ec8a3bc9e03 Mon Sep 17 00:00:00 2001
From: Dmitri Ovodok <dmitrio95@yandex.ru>
Date: Mon, 4 Feb 2019 21:35:25 +0300
Subject: [PATCH] Fix build without USE_WEBENGINE and SCRIPT_INTERFACE
Old-style login dialog is used if USE_WEBENGINE is turned off
---
mscore/logindialog.h | 2 ++
mscore/musescore.cpp | 4 +++-
mscore/network/loginmanager.cpp | 13 +++++++++++--
mscore/network/loginmanager.h | 4 ++++
mscore/network/loginmanager_p.h | 4 ++++
5 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/mscore/logindialog.h b/mscore/logindialog.h
index 4e86ae7985..f44511d8c0 100644
--- a/mscore/logindialog.h
+++ b/mscore/logindialog.h
@@ -21,6 +21,8 @@ class LoginManager;
//---------------------------------------------------------
// LoginDialog
+// Old-style login dialog in case QtWebEngine is
+// unavailable.
//---------------------------------------------------------
class LoginDialog : public QDialog, public Ui::LoginDialog
diff --git a/mscore/musescore.cpp b/mscore/musescore.cpp
index 80c712aea9..5bb8354992 100644
--- a/mscore/musescore.cpp
+++ b/mscore/musescore.cpp
@@ -7572,12 +7572,14 @@ bool MuseScore::exportPartsPdfsToJSON(const QString& inFilePath, const QString&
}
//---------------------------------------------------------
-// getQmlEngine
+// getPluginEngine
//---------------------------------------------------------
+#ifdef SCRIPT_INTERFACE
QmlPluginEngine* MuseScore::getPluginEngine()
{
if (!_qmlEngine)
_qmlEngine = new QmlPluginEngine(this);
return _qmlEngine;
}
+#endif
diff --git a/mscore/network/loginmanager.cpp b/mscore/network/loginmanager.cpp
index a53d7fe811..664786ccc8 100644
--- a/mscore/network/loginmanager.cpp
+++ b/mscore/network/loginmanager.cpp
@@ -18,7 +18,9 @@
#include "kQOAuth/kqoauthrequest.h"
#include "kQOAuth/kqoauthrequest_xauth.h"
+#ifdef USE_WEBENGINE
#include <QWebEngineCookieStore>
+#endif
namespace Ms {
@@ -286,8 +288,11 @@ void LoginManager::onTryLoginError(const QString& error)
disconnect(this, SIGNAL(getUserError(QString)), this, SLOT(onTryLoginError(QString)));
connect(this, SIGNAL(loginSuccess()), this, SLOT(tryLogin()));
logout();
+#ifdef USE_WEBENGINE
loginInteractive();
-// mscore->showLoginDialog(); // TODO: switch depending on USE_WEBENGINE
+#else
+ mscore->showLoginDialog();
+#endif
}
/*------- END - TRY LOGIN ROUTINES ----------------------------*/
@@ -295,6 +300,7 @@ void LoginManager::onTryLoginError(const QString& error)
// loginInteractive
//---------------------------------------------------------
+#ifdef USE_WEBENGINE
void LoginManager::loginInteractive()
{
QWebEngineView* webView = new QWebEngineView;
@@ -326,6 +332,7 @@ void LoginManager::loginInteractive()
webView->load(ApiInfo::loginUrl);
webView->show();
}
+#endif
//---------------------------------------------------------
// login
@@ -346,7 +353,7 @@ void LoginManager::login(QString login, QString password)
connect(reply, &QNetworkReply::finished, this, [this, reply] {
onReplyFinished(reply, RequestType::LOGIN);
});
- }
+ }
//---------------------------------------------------------
// onLoginSuccessReply
@@ -874,6 +881,7 @@ ApiRequest ApiRequestBuilder::build() const
// musescore.com
//---------------------------------------------------------
+#ifdef USE_WEBENGINE
void ApiWebEngineRequestInterceptor::interceptRequest(QWebEngineUrlRequestInfo& request)
{
const ApiInfo& apiInfo = ApiInfo::instance();
@@ -881,4 +889,5 @@ void ApiWebEngineRequestInterceptor::interceptRequest(QWebEngineUrlRequestInfo&
request.setHttpHeader(apiInfo.clientIdHeader, apiInfo.clientId);
request.setHttpHeader(apiInfo.apiKeyHeader, apiInfo.apiKey);
}
+#endif
}
diff --git a/mscore/network/loginmanager.h b/mscore/network/loginmanager.h
index 584eeea30d..327d9fc966 100644
--- a/mscore/network/loginmanager.h
+++ b/mscore/network/loginmanager.h
@@ -13,6 +13,8 @@
#ifndef __LOGINMANAGER_H__
#define __LOGINMANAGER_H__
+#include "config.h"
+
namespace Ms {
//---------------------------------------------------------
@@ -83,7 +85,9 @@ class LoginManager : public QObject
public:
LoginManager(QAction* uploadAudioMenuAction, QObject* parent = 0);
void login(QString login, QString password);
+#ifdef USE_WEBENGINE
void loginInteractive();
+#endif
void upload(const QString& path, int nid, const QString& title, const QString& description, const QString& priv, const QString& license, const QString& tags, const QString& changes);
bool hasAccessToken();
void getUser();
diff --git a/mscore/network/loginmanager_p.h b/mscore/network/loginmanager_p.h
index 88228a3958..2848dde35a 100644
--- a/mscore/network/loginmanager_p.h
+++ b/mscore/network/loginmanager_p.h
@@ -20,6 +20,8 @@
#ifndef __LOGINMANAGER_P_H__
#define __LOGINMANAGER_P_H__
+#include "config.h"
+
namespace Ms {
//---------------------------------------------------------
@@ -102,6 +104,7 @@ class ApiRequestBuilder
// ApiWebEngineRequestInterceptor
//---------------------------------------------------------
+#ifdef USE_WEBENGINE
class ApiWebEngineRequestInterceptor : public QWebEngineUrlRequestInterceptor
{
Q_OBJECT
@@ -109,6 +112,7 @@ class ApiWebEngineRequestInterceptor : public QWebEngineUrlRequestInterceptor
ApiWebEngineRequestInterceptor(QObject* parent) : QWebEngineUrlRequestInterceptor(parent) {}
void interceptRequest(QWebEngineUrlRequestInfo& info) override;
};
+#endif
//---------------------------------------------------------
// HttpStatus

View file

@ -0,0 +1,21 @@
From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Thu, 28 Feb 2019 20:29:00 +0100
Subject: [PATCH] netpbm: Fix CVE-2017-2586.
Copied verbatim from Debian[0].
[0]: https://sources.debian.org/data/main/n/netpbm-free/2:10.78.05-0.1/debian/patches/netpbm-CVE-2017-2586.patch
---
diff -urNp old/converter/other/svgtopam.c new/converter/other/svgtopam.c
--- old/converter/other/svgtopam.c 2017-02-08 12:11:02.593690917 +0100
+++ new/converter/other/svgtopam.c 2017-02-08 12:13:05.192846469 +0100
@@ -676,7 +676,7 @@ stringToUint(const char * const string
/* TODO: move this to nstring.c */
- if (strlen(string) == 0)
+ if (string == NULL || strlen(string) == 0)
pm_asprintf(errorP, "Value is a null string");
else {
char * tailptr;

View file

@ -0,0 +1,35 @@
From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Thu, 28 Feb 2019 20:29:00 +0100
Subject: [PATCH] netpbm: Fix CVE-2017-2587.
Copied verbatim from Debian[0].
[0]: https://sources.debian.org/data/main/n/netpbm-free/2:10.78.05-0.1/debian/patches/netpbm-CVE-2017-2587.patch
---
diff -urNp old/converter/other/svgtopam.c new/converter/other/svgtopam.c
--- old/converter/other/svgtopam.c 2017-02-08 12:11:02.593690917 +0100
+++ new/converter/other/svgtopam.c 2017-02-08 13:49:38.319029371 +0100
@@ -771,12 +771,17 @@ createCanvas(unsigned int const width,
MALLOCVAR_NOFAIL(canvasP);
- canvasP->width = width;
- canvasP->height = height;
- canvasP->pixels = ppm_allocarray(width, height);
- canvasP->maxval = maxval;
+ if(canvasP != NULL){
+ canvasP->width = width;
+ canvasP->height = height;
+ canvasP->pixels = ppm_allocarray(width, height);
+ canvasP->maxval = maxval;
+
+ *canvasPP = canvasP;
+ } else {
+ pm_error("can't allocate memory for canvas");
+ }
- *canvasPP = canvasP;
}

View file

@ -0,0 +1,60 @@
From e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Fri, 14 Dec 2018 07:28:30 +0000
Subject: [PATCH] Go into the error state if a fatal alert is sent or received
If an application calls SSL_shutdown after a fatal alert has occured and
then behaves different based on error codes from that function then the
application may be vulnerable to a padding oracle.
CVE-2019-1559
Reviewed-by: Richard Levitte <levitte@openssl.org>
---
ssl/d1_pkt.c | 1 +
ssl/s3_pkt.c | 10 +++++++---
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 23aa9db..c7fe977 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -1309,6 +1309,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
ERR_add_error_data(2, "SSL alert number ", tmp);
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
SSL_CTX_remove_session(s->session_ctx, s->session);
+ s->state = SSL_ST_ERR;
return (0);
} else {
al = SSL_AD_ILLEGAL_PARAMETER;
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 6527df8..830b723 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1500,6 +1500,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
ERR_add_error_data(2, "SSL alert number ", tmp);
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
SSL_CTX_remove_session(s->session_ctx, s->session);
+ s->state = SSL_ST_ERR;
return (0);
} else {
al = SSL_AD_ILLEGAL_PARAMETER;
@@ -1719,9 +1720,12 @@ int ssl3_send_alert(SSL *s, int level, int desc)
* protocol_version alerts */
if (desc < 0)
return -1;
- /* If a fatal one, remove from cache */
- if ((level == 2) && (s->session != NULL))
- SSL_CTX_remove_session(s->session_ctx, s->session);
+ /* If a fatal one, remove from cache and go into the error state */
+ if (level == SSL3_AL_FATAL) {
+ if (s->session != NULL)
+ SSL_CTX_remove_session(s->session_ctx, s->session);
+ s->state = SSL_ST_ERR;
+ }
s->s3->alert_dispatch = 1;
s->s3->send_alert[0] = level;
--
2.7.4

View file

@ -1,46 +0,0 @@
https://github.com/wesnoth/wesnoth/commit/f6a32792d023d182d350b5a2ed9e469ad67484c8.patch
This should be able to be removed with wesnoth@1.14.6
From f6a32792d023d182d350b5a2ed9e469ad67484c8 Mon Sep 17 00:00:00 2001
From: Wedge009 <wedge009@wedge009.net>
Date: Thu, 27 Dec 2018 08:15:10 +1100
Subject: [PATCH] Use explicit casts to accommodate changes to boost's tribool
in 1.69.
(fixes #3646)
---
src/units/frame.cpp | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/units/frame.cpp b/src/units/frame.cpp
index 3215fa4fa79d..6370ad69566b 100644
--- a/src/units/frame.cpp
+++ b/src/units/frame.cpp
@@ -460,15 +460,15 @@ std::vector<std::string> frame_parsed_parameters::debug_strings() const
}
if(!boost::indeterminate(auto_vflip_)) {
- v.emplace_back("auto_vflip=" + utils::bool_string(auto_vflip_));
+ v.emplace_back("auto_vflip=" + utils::bool_string(static_cast<bool>(auto_vflip_)));
}
if(!boost::indeterminate(auto_hflip_)) {
- v.emplace_back("auto_hflip=" + utils::bool_string(auto_hflip_));
+ v.emplace_back("auto_hflip=" + utils::bool_string(static_cast<bool>(auto_hflip_)));
}
if(!boost::indeterminate(primary_frame_)) {
- v.emplace_back("primary_frame=" + utils::bool_string(primary_frame_));
+ v.emplace_back("primary_frame=" + utils::bool_string(static_cast<bool>(primary_frame_)));
}
if(!drawing_layer_.get_original().empty()) {
@@ -768,7 +768,7 @@ const frame_parameters unit_frame::merge_parameters(int current_time, const fram
}
// Convert the tribool to bool
- const bool primary = result.primary_frame == true || boost::logic::indeterminate(result.primary_frame);
+ const bool primary = static_cast<bool>(result.primary_frame) || boost::logic::indeterminate(result.primary_frame);
/** The engine provides a default image to use for the unit when none is available */
result.image = current_val.image.is_void() || current_val.image.get_filename().empty()

View file

@ -1,182 +0,0 @@
Fix CVE-2017-13082:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
Patch copied from upstream:
https://w1.fi/security/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
Date: Fri, 14 Jul 2017 15:15:35 +0200
Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
Do not reinstall TK to the driver during Reassociation Response frame
processing if the first attempt of setting the TK succeeded. This avoids
issues related to clearing the TX/RX PN that could result in reusing
same PN values for transmitted frames (e.g., due to CCM nonce reuse and
also hitting replay protection on the receiver) and accepting replayed
frames on RX side.
This issue was introduced by the commit
0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
authenticator') which allowed wpa_ft_install_ptk() to be called multiple
times with the same PTK. While the second configuration attempt is
needed with some drivers, it must be done only if the first attempt
failed.
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
---
src/ap/ieee802_11.c | 16 +++++++++++++---
src/ap/wpa_auth.c | 11 +++++++++++
src/ap/wpa_auth.h | 3 ++-
src/ap/wpa_auth_ft.c | 10 ++++++++++
src/ap/wpa_auth_i.h | 1 +
5 files changed, 37 insertions(+), 4 deletions(-)
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 4e04169..333035f 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
{
struct ieee80211_ht_capabilities ht_cap;
struct ieee80211_vht_capabilities vht_cap;
+ int set = 1;
/*
* Remove the STA entry to ensure the STA PS state gets cleared and
@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
* FT-over-the-DS, where a station re-associates back to the same AP but
* skips the authentication flow, or if working with a driver that
* does not support full AP client state.
+ *
+ * Skip this if the STA has already completed FT reassociation and the
+ * TK has been configured since the TX/RX PN must not be reset to 0 for
+ * the same key.
*/
- if (!sta->added_unassoc)
+ if (!sta->added_unassoc &&
+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
hostapd_drv_sta_remove(hapd, sta->addr);
+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
+ set = 0;
+ }
#ifdef CONFIG_IEEE80211N
if (sta->flags & WLAN_STA_HT)
@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data *hapd,
sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
sta->vht_opmode, sta->p2p_ie ? 1 : 0,
- sta->added_unassoc)) {
+ set)) {
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
"Could not %s STA to kernel driver",
- sta->added_unassoc ? "set" : "add");
+ set ? "set" : "add");
if (sta->added_unassoc) {
hostapd_drv_sta_remove(hapd, sta->addr);
diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 3587086..707971d 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -1745,6 +1745,9 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event)
#else /* CONFIG_IEEE80211R */
break;
#endif /* CONFIG_IEEE80211R */
+ case WPA_DRV_STA_REMOVED:
+ sm->tk_already_set = FALSE;
+ return 0;
}
#ifdef CONFIG_IEEE80211R
@@ -3250,6 +3253,14 @@ int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm)
}
+int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm)
+{
+ if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt))
+ return 0;
+ return sm->tk_already_set;
+}
+
+
int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
struct rsn_pmksa_cache_entry *entry)
{
diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h
index 0de8d97..97461b0 100644
--- a/src/ap/wpa_auth.h
+++ b/src/ap/wpa_auth.h
@@ -267,7 +267,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth,
u8 *data, size_t data_len);
enum wpa_event {
WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH,
- WPA_REAUTH_EAPOL, WPA_ASSOC_FT
+ WPA_REAUTH_EAPOL, WPA_ASSOC_FT, WPA_DRV_STA_REMOVED
};
void wpa_remove_ptk(struct wpa_state_machine *sm);
int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event);
@@ -280,6 +280,7 @@ int wpa_auth_pairwise_set(struct wpa_state_machine *sm);
int wpa_auth_get_pairwise(struct wpa_state_machine *sm);
int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm);
int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm);
+int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm);
int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
struct rsn_pmksa_cache_entry *entry);
struct rsn_pmksa_cache_entry *
diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
index 42242a5..e63b99a 100644
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -780,6 +780,14 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm)
return;
}
+ if (sm->tk_already_set) {
+ /* Must avoid TK reconfiguration to prevent clearing of TX/RX
+ * PN in the driver */
+ wpa_printf(MSG_DEBUG,
+ "FT: Do not re-install same PTK to the driver");
+ return;
+ }
+
/* FIX: add STA entry to kernel/driver here? The set_key will fail
* most likely without this.. At the moment, STA entry is added only
* after association has been completed. This function will be called
@@ -792,6 +800,7 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm)
/* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
sm->pairwise_set = TRUE;
+ sm->tk_already_set = TRUE;
}
@@ -898,6 +907,7 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm,
sm->pairwise = pairwise;
sm->PTK_valid = TRUE;
+ sm->tk_already_set = FALSE;
wpa_ft_install_ptk(sm);
buflen = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +
diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h
index 72b7eb3..7fd8f05 100644
--- a/src/ap/wpa_auth_i.h
+++ b/src/ap/wpa_auth_i.h
@@ -65,6 +65,7 @@ struct wpa_state_machine {
struct wpa_ptk PTK;
Boolean PTK_valid;
Boolean pairwise_set;
+ Boolean tk_already_set;
int keycount;
Boolean Pair;
struct wpa_key_replay_counter {
--
2.7.4

View file

@ -1,53 +0,0 @@
Fix CVE-2018-14526:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14526
https://w1.fi/security/2018-1/unauthenticated-eapol-key-decryption.txt
Patch downloaded from upstream:
https://w1.fi/security/2018-1/rebased-v2.6-0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch
From 3e34cfdff6b192fe337c6fb3f487f73e96582961 Mon Sep 17 00:00:00 2001
From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
Date: Sun, 15 Jul 2018 01:25:53 +0200
Subject: [PATCH] WPA: Ignore unauthenticated encrypted EAPOL-Key data
Ignore unauthenticated encrypted EAPOL-Key data in supplicant
processing. When using WPA2, these are frames that have the Encrypted
flag set, but not the MIC flag.
When using WPA2, EAPOL-Key frames that had the Encrypted flag set but
not the MIC flag, had their data field decrypted without first verifying
the MIC. In case the data field was encrypted using RC4 (i.e., when
negotiating TKIP as the pairwise cipher), this meant that
unauthenticated but decrypted data would then be processed. An adversary
could abuse this as a decryption oracle to recover sensitive information
in the data field of EAPOL-Key messages (e.g., the group key).
(CVE-2018-14526)
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
---
src/rsn_supp/wpa.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff -upr wpa_supplicant-2.6.orig/src/rsn_supp/wpa.c wpa_supplicant-2.6/src/rsn_supp/wpa.c
--- wpa_supplicant-2.6.orig/src/rsn_supp/wpa.c 2016-10-02 21:51:11.000000000 +0300
+++ wpa_supplicant-2.6/src/rsn_supp/wpa.c 2018-08-08 16:55:11.506831029 +0300
@@ -2016,6 +2016,17 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, c
if ((sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) &&
(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {
+ /*
+ * Only decrypt the Key Data field if the frame's authenticity
+ * was verified. When using AES-SIV (FILS), the MIC flag is not
+ * set, so this check should only be performed if mic_len != 0
+ * which is the case in this code branch.
+ */
+ if (!(key_info & WPA_KEY_INFO_MIC)) {
+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
+ "WPA: Ignore EAPOL-Key with encrypted but unauthenticated data");
+ goto out;
+ }
if (wpa_supplicant_decrypt_key_data(sm, key, ver, key_data,
&key_data_len))
goto out;

View file

@ -1,448 +0,0 @@
Fix CVE-2017-{13078,13079,13080,13081,13087,13088}:
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088
These two patches are copied from upstream:
https://w1.fi/security/2017-1/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
https://w1.fi/security/2017-1/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
From 927f891007c402fefd1ff384645b3f07597c3ede Mon Sep 17 00:00:00 2001
From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
Date: Wed, 12 Jul 2017 16:03:24 +0200
Subject: [PATCH 2/8] Prevent reinstallation of an already in-use group key
Track the current GTK and IGTK that is in use and when receiving a
(possibly retransmitted) Group Message 1 or WNM-Sleep Mode Response, do
not install the given key if it is already in use. This prevents an
attacker from trying to trick the client into resetting or lowering the
sequence counter associated to the group key.
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
---
src/common/wpa_common.h | 11 +++++
src/rsn_supp/wpa.c | 116 ++++++++++++++++++++++++++++++------------------
src/rsn_supp/wpa_i.h | 4 ++
3 files changed, 87 insertions(+), 44 deletions(-)
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index af1d0f0..d200285 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -217,6 +217,17 @@ struct wpa_ptk {
size_t tk_len;
};
+struct wpa_gtk {
+ u8 gtk[WPA_GTK_MAX_LEN];
+ size_t gtk_len;
+};
+
+#ifdef CONFIG_IEEE80211W
+struct wpa_igtk {
+ u8 igtk[WPA_IGTK_MAX_LEN];
+ size_t igtk_len;
+};
+#endif /* CONFIG_IEEE80211W */
/* WPA IE version 1
* 00-50-f2:1 (OUI:OUI type)
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 3c47879..95bd7be 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -714,6 +714,15 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
const u8 *_gtk = gd->gtk;
u8 gtk_buf[32];
+ /* Detect possible key reinstallation */
+ if (sm->gtk.gtk_len == (size_t) gd->gtk_len &&
+ os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) {
+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+ "WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)",
+ gd->keyidx, gd->tx, gd->gtk_len);
+ return 0;
+ }
+
wpa_hexdump_key(MSG_DEBUG, "WPA: Group Key", gd->gtk, gd->gtk_len);
wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
"WPA: Installing GTK to the driver (keyidx=%d tx=%d len=%d)",
@@ -748,6 +757,9 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
}
os_memset(gtk_buf, 0, sizeof(gtk_buf));
+ sm->gtk.gtk_len = gd->gtk_len;
+ os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
+
return 0;
}
@@ -854,6 +866,48 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
}
+#ifdef CONFIG_IEEE80211W
+static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
+ const struct wpa_igtk_kde *igtk)
+{
+ size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher);
+ u16 keyidx = WPA_GET_LE16(igtk->keyid);
+
+ /* Detect possible key reinstallation */
+ if (sm->igtk.igtk_len == len &&
+ os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) {
+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+ "WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)",
+ keyidx);
+ return 0;
+ }
+
+ wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+ "WPA: IGTK keyid %d pn %02x%02x%02x%02x%02x%02x",
+ keyidx, MAC2STR(igtk->pn));
+ wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK", igtk->igtk, len);
+ if (keyidx > 4095) {
+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
+ "WPA: Invalid IGTK KeyID %d", keyidx);
+ return -1;
+ }
+ if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
+ broadcast_ether_addr,
+ keyidx, 0, igtk->pn, sizeof(igtk->pn),
+ igtk->igtk, len) < 0) {
+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
+ "WPA: Failed to configure IGTK to the driver");
+ return -1;
+ }
+
+ sm->igtk.igtk_len = len;
+ os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
+
+ return 0;
+}
+#endif /* CONFIG_IEEE80211W */
+
+
static int ieee80211w_set_keys(struct wpa_sm *sm,
struct wpa_eapol_ie_parse *ie)
{
@@ -864,30 +918,14 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
if (ie->igtk) {
size_t len;
const struct wpa_igtk_kde *igtk;
- u16 keyidx;
+
len = wpa_cipher_key_len(sm->mgmt_group_cipher);
if (ie->igtk_len != WPA_IGTK_KDE_PREFIX_LEN + len)
return -1;
+
igtk = (const struct wpa_igtk_kde *) ie->igtk;
- keyidx = WPA_GET_LE16(igtk->keyid);
- wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: IGTK keyid %d "
- "pn %02x%02x%02x%02x%02x%02x",
- keyidx, MAC2STR(igtk->pn));
- wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK",
- igtk->igtk, len);
- if (keyidx > 4095) {
- wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
- "WPA: Invalid IGTK KeyID %d", keyidx);
- return -1;
- }
- if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
- broadcast_ether_addr,
- keyidx, 0, igtk->pn, sizeof(igtk->pn),
- igtk->igtk, len) < 0) {
- wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
- "WPA: Failed to configure IGTK to the driver");
+ if (wpa_supplicant_install_igtk(sm, igtk) < 0)
return -1;
- }
}
return 0;
@@ -2307,7 +2345,7 @@ void wpa_sm_deinit(struct wpa_sm *sm)
*/
void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
{
- int clear_ptk = 1;
+ int clear_keys = 1;
if (sm == NULL)
return;
@@ -2333,11 +2371,11 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
/* Prepare for the next transition */
wpa_ft_prepare_auth_request(sm, NULL);
- clear_ptk = 0;
+ clear_keys = 0;
}
#endif /* CONFIG_IEEE80211R */
- if (clear_ptk) {
+ if (clear_keys) {
/*
* IEEE 802.11, 8.4.10: Delete PTK SA on (re)association if
* this is not part of a Fast BSS Transition.
@@ -2347,6 +2385,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
os_memset(&sm->ptk, 0, sizeof(sm->ptk));
sm->tptk_set = 0;
os_memset(&sm->tptk, 0, sizeof(sm->tptk));
+ os_memset(&sm->gtk, 0, sizeof(sm->gtk));
+#ifdef CONFIG_IEEE80211W
+ os_memset(&sm->igtk, 0, sizeof(sm->igtk));
+#endif /* CONFIG_IEEE80211W */
}
#ifdef CONFIG_TDLS
@@ -2877,6 +2919,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
os_memset(sm->pmk, 0, sizeof(sm->pmk));
os_memset(&sm->ptk, 0, sizeof(sm->ptk));
os_memset(&sm->tptk, 0, sizeof(sm->tptk));
+ os_memset(&sm->gtk, 0, sizeof(sm->gtk));
+#ifdef CONFIG_IEEE80211W
+ os_memset(&sm->igtk, 0, sizeof(sm->igtk));
+#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R
os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
os_memset(sm->pmk_r0, 0, sizeof(sm->pmk_r0));
@@ -2949,29 +2995,11 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
os_memset(&gd, 0, sizeof(gd));
#ifdef CONFIG_IEEE80211W
} else if (subelem_id == WNM_SLEEP_SUBELEM_IGTK) {
- struct wpa_igtk_kde igd;
- u16 keyidx;
-
- os_memset(&igd, 0, sizeof(igd));
- keylen = wpa_cipher_key_len(sm->mgmt_group_cipher);
- os_memcpy(igd.keyid, buf + 2, 2);
- os_memcpy(igd.pn, buf + 4, 6);
-
- keyidx = WPA_GET_LE16(igd.keyid);
- os_memcpy(igd.igtk, buf + 10, keylen);
-
- wpa_hexdump_key(MSG_DEBUG, "Install IGTK (WNM SLEEP)",
- igd.igtk, keylen);
- if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
- broadcast_ether_addr,
- keyidx, 0, igd.pn, sizeof(igd.pn),
- igd.igtk, keylen) < 0) {
- wpa_printf(MSG_DEBUG, "Failed to install the IGTK in "
- "WNM mode");
- os_memset(&igd, 0, sizeof(igd));
+ const struct wpa_igtk_kde *igtk;
+
+ igtk = (const struct wpa_igtk_kde *) (buf + 2);
+ if (wpa_supplicant_install_igtk(sm, igtk) < 0)
return -1;
- }
- os_memset(&igd, 0, sizeof(igd));
#endif /* CONFIG_IEEE80211W */
} else {
wpa_printf(MSG_DEBUG, "Unknown element id");
diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index f653ba6..afc9e37 100644
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h
@@ -31,6 +31,10 @@ struct wpa_sm {
u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN];
int rx_replay_counter_set;
u8 request_counter[WPA_REPLAY_COUNTER_LEN];
+ struct wpa_gtk gtk;
+#ifdef CONFIG_IEEE80211W
+ struct wpa_igtk igtk;
+#endif /* CONFIG_IEEE80211W */
struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
--
2.7.4
From 8280294e74846ea342389a0cd17215050fa5afe8 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sun, 1 Oct 2017 12:12:24 +0300
Subject: [PATCH 3/8] Extend protection of GTK/IGTK reinstallation of WNM-Sleep
Mode cases
This extends the protection to track last configured GTK/IGTK value
separately from EAPOL-Key frames and WNM-Sleep Mode frames to cover a
corner case where these two different mechanisms may get used when the
GTK/IGTK has changed and tracking a single value is not sufficient to
detect a possible key reconfiguration.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/rsn_supp/wpa.c | 53 +++++++++++++++++++++++++++++++++++++---------------
src/rsn_supp/wpa_i.h | 2 ++
2 files changed, 40 insertions(+), 15 deletions(-)
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 95bd7be..7a2c68d 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -709,14 +709,17 @@ struct wpa_gtk_data {
static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
const struct wpa_gtk_data *gd,
- const u8 *key_rsc)
+ const u8 *key_rsc, int wnm_sleep)
{
const u8 *_gtk = gd->gtk;
u8 gtk_buf[32];
/* Detect possible key reinstallation */
- if (sm->gtk.gtk_len == (size_t) gd->gtk_len &&
- os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) {
+ if ((sm->gtk.gtk_len == (size_t) gd->gtk_len &&
+ os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) ||
+ (sm->gtk_wnm_sleep.gtk_len == (size_t) gd->gtk_len &&
+ os_memcmp(sm->gtk_wnm_sleep.gtk, gd->gtk,
+ sm->gtk_wnm_sleep.gtk_len) == 0)) {
wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
"WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)",
gd->keyidx, gd->tx, gd->gtk_len);
@@ -757,8 +760,14 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
}
os_memset(gtk_buf, 0, sizeof(gtk_buf));
- sm->gtk.gtk_len = gd->gtk_len;
- os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
+ if (wnm_sleep) {
+ sm->gtk_wnm_sleep.gtk_len = gd->gtk_len;
+ os_memcpy(sm->gtk_wnm_sleep.gtk, gd->gtk,
+ sm->gtk_wnm_sleep.gtk_len);
+ } else {
+ sm->gtk.gtk_len = gd->gtk_len;
+ os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
+ }
return 0;
}
@@ -852,7 +861,7 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
(wpa_supplicant_check_group_cipher(sm, sm->group_cipher,
gtk_len, gtk_len,
&gd.key_rsc_len, &gd.alg) ||
- wpa_supplicant_install_gtk(sm, &gd, key_rsc))) {
+ wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0))) {
wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
"RSN: Failed to install GTK");
os_memset(&gd, 0, sizeof(gd));
@@ -868,14 +877,18 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
#ifdef CONFIG_IEEE80211W
static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
- const struct wpa_igtk_kde *igtk)
+ const struct wpa_igtk_kde *igtk,
+ int wnm_sleep)
{
size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher);
u16 keyidx = WPA_GET_LE16(igtk->keyid);
/* Detect possible key reinstallation */
- if (sm->igtk.igtk_len == len &&
- os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) {
+ if ((sm->igtk.igtk_len == len &&
+ os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) ||
+ (sm->igtk_wnm_sleep.igtk_len == len &&
+ os_memcmp(sm->igtk_wnm_sleep.igtk, igtk->igtk,
+ sm->igtk_wnm_sleep.igtk_len) == 0)) {
wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
"WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)",
keyidx);
@@ -900,8 +913,14 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
return -1;
}
- sm->igtk.igtk_len = len;
- os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
+ if (wnm_sleep) {
+ sm->igtk_wnm_sleep.igtk_len = len;
+ os_memcpy(sm->igtk_wnm_sleep.igtk, igtk->igtk,
+ sm->igtk_wnm_sleep.igtk_len);
+ } else {
+ sm->igtk.igtk_len = len;
+ os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
+ }
return 0;
}
@@ -924,7 +943,7 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
return -1;
igtk = (const struct wpa_igtk_kde *) ie->igtk;
- if (wpa_supplicant_install_igtk(sm, igtk) < 0)
+ if (wpa_supplicant_install_igtk(sm, igtk, 0) < 0)
return -1;
}
@@ -1574,7 +1593,7 @@ static void wpa_supplicant_process_1_of_2(struct wpa_sm *sm,
if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc))
key_rsc = null_rsc;
- if (wpa_supplicant_install_gtk(sm, &gd, key_rsc) ||
+ if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0) ||
wpa_supplicant_send_2_of_2(sm, key, ver, key_info) < 0)
goto failed;
os_memset(&gd, 0, sizeof(gd));
@@ -2386,8 +2405,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
sm->tptk_set = 0;
os_memset(&sm->tptk, 0, sizeof(sm->tptk));
os_memset(&sm->gtk, 0, sizeof(sm->gtk));
+ os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
#ifdef CONFIG_IEEE80211W
os_memset(&sm->igtk, 0, sizeof(sm->igtk));
+ os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
#endif /* CONFIG_IEEE80211W */
}
@@ -2920,8 +2941,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
os_memset(&sm->ptk, 0, sizeof(sm->ptk));
os_memset(&sm->tptk, 0, sizeof(sm->tptk));
os_memset(&sm->gtk, 0, sizeof(sm->gtk));
+ os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
#ifdef CONFIG_IEEE80211W
os_memset(&sm->igtk, 0, sizeof(sm->igtk));
+ os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R
os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
@@ -2986,7 +3009,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
wpa_hexdump_key(MSG_DEBUG, "Install GTK (WNM SLEEP)",
gd.gtk, gd.gtk_len);
- if (wpa_supplicant_install_gtk(sm, &gd, key_rsc)) {
+ if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 1)) {
os_memset(&gd, 0, sizeof(gd));
wpa_printf(MSG_DEBUG, "Failed to install the GTK in "
"WNM mode");
@@ -2998,7 +3021,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
const struct wpa_igtk_kde *igtk;
igtk = (const struct wpa_igtk_kde *) (buf + 2);
- if (wpa_supplicant_install_igtk(sm, igtk) < 0)
+ if (wpa_supplicant_install_igtk(sm, igtk, 1) < 0)
return -1;
#endif /* CONFIG_IEEE80211W */
} else {
diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index afc9e37..9a54631 100644
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h
@@ -32,8 +32,10 @@ struct wpa_sm {
int rx_replay_counter_set;
u8 request_counter[WPA_REPLAY_COUNTER_LEN];
struct wpa_gtk gtk;
+ struct wpa_gtk gtk_wnm_sleep;
#ifdef CONFIG_IEEE80211W
struct wpa_igtk igtk;
+ struct wpa_igtk igtk_wnm_sleep;
#endif /* CONFIG_IEEE80211W */
struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
--
2.7.4

View file

@ -1,72 +0,0 @@
Fix a nonce re-use bug:
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
Patch copied from upstream:
https://w1.fi/security/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
From 12fac09b437a1dc8a0f253e265934a8aaf4d2f8b Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sun, 1 Oct 2017 12:32:57 +0300
Subject: [PATCH 5/8] Fix PTK rekeying to generate a new ANonce
The Authenticator state machine path for PTK rekeying ended up bypassing
the AUTHENTICATION2 state where a new ANonce is generated when going
directly to the PTKSTART state since there is no need to try to
determine the PMK again in such a case. This is far from ideal since the
new PTK would depend on a new nonce only from the supplicant.
Fix this by generating a new ANonce when moving to the PTKSTART state
for the purpose of starting new 4-way handshake to rekey PTK.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/ap/wpa_auth.c | 24 +++++++++++++++++++++---
1 file changed, 21 insertions(+), 3 deletions(-)
diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 707971d..bf10cc1 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -1901,6 +1901,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2)
}
+static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm)
+{
+ if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
+ wpa_printf(MSG_ERROR,
+ "WPA: Failed to get random data for ANonce");
+ sm->Disconnect = TRUE;
+ return -1;
+ }
+ wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce,
+ WPA_NONCE_LEN);
+ sm->TimeoutCtr = 0;
+ return 0;
+}
+
+
SM_STATE(WPA_PTK, INITPMK)
{
u8 msk[2 * PMK_LEN];
@@ -2458,9 +2473,12 @@ SM_STEP(WPA_PTK)
SM_ENTER(WPA_PTK, AUTHENTICATION);
else if (sm->ReAuthenticationRequest)
SM_ENTER(WPA_PTK, AUTHENTICATION2);
- else if (sm->PTKRequest)
- SM_ENTER(WPA_PTK, PTKSTART);
- else switch (sm->wpa_ptk_state) {
+ else if (sm->PTKRequest) {
+ if (wpa_auth_sm_ptk_update(sm) < 0)
+ SM_ENTER(WPA_PTK, DISCONNECTED);
+ else
+ SM_ENTER(WPA_PTK, PTKSTART);
+ } else switch (sm->wpa_ptk_state) {
case WPA_PTK_INITIALIZE:
break;
case WPA_PTK_DISCONNECT:
--
2.7.4

View file

@ -1,86 +0,0 @@
Don't install a zeroed encryption key:
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
Patch copied from upstream:
https://w1.fi/security/2017-1/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
From 8f82bc94e8697a9d47fa8774dfdaaede1084912c Mon Sep 17 00:00:00 2001
From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
Date: Fri, 29 Sep 2017 04:22:51 +0200
Subject: [PATCH 4/8] Prevent installation of an all-zero TK
Properly track whether a PTK has already been installed to the driver
and the TK part cleared from memory. This prevents an attacker from
trying to trick the client into installing an all-zero TK.
This fixes the earlier fix in commit
ad00d64e7d8827b3cebd665a0ceb08adabf15e1e ('Fix TK configuration to the
driver in EAPOL-Key 3/4 retry case') which did not take into account
possibility of an extra message 1/4 showing up between retries of
message 3/4.
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
---
src/common/wpa_common.h | 1 +
src/rsn_supp/wpa.c | 5 ++---
src/rsn_supp/wpa_i.h | 1 -
3 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index d200285..1021ccb 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -215,6 +215,7 @@ struct wpa_ptk {
size_t kck_len;
size_t kek_len;
size_t tk_len;
+ int installed; /* 1 if key has already been installed to driver */
};
struct wpa_gtk {
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 7a2c68d..0550a41 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -510,7 +510,6 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm,
os_memset(buf, 0, sizeof(buf));
}
sm->tptk_set = 1;
- sm->tk_to_set = 1;
kde = sm->assoc_wpa_ie;
kde_len = sm->assoc_wpa_ie_len;
@@ -615,7 +614,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
enum wpa_alg alg;
const u8 *key_rsc;
- if (!sm->tk_to_set) {
+ if (sm->ptk.installed) {
wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
"WPA: Do not re-install same PTK to the driver");
return 0;
@@ -659,7 +658,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
/* TK is not needed anymore in supplicant */
os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
- sm->tk_to_set = 0;
+ sm->ptk.installed = 1;
if (sm->wpa_ptk_rekey) {
eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index 9a54631..41f371f 100644
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h
@@ -24,7 +24,6 @@ struct wpa_sm {
struct wpa_ptk ptk, tptk;
int ptk_set, tptk_set;
unsigned int msg_3_of_4_ok:1;
- unsigned int tk_to_set:1;
u8 snonce[WPA_NONCE_LEN];
u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */
int renew_snonce;
--
2.7.4

View file

@ -1,275 +0,0 @@
These three patches are follow-ups to the bug fixes for the 'KRACK' key
re-installation attacks on Wi-Fi's WPA2 security protocol. See upstream
security announcement for more information:
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
These three patches copied from upstream:
https://w1.fi/security/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
https://w1.fi/security/2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
https://w1.fi/security/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
From 6c4bed4f47d1960ec04981a9d50e5076aea5223d Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Fri, 22 Sep 2017 11:03:15 +0300
Subject: [PATCH 6/8] TDLS: Reject TPK-TK reconfiguration
Do not try to reconfigure the same TPK-TK to the driver after it has
been successfully configured. This is an explicit check to avoid issues
related to resetting the TX/RX packet number. There was already a check
for this for TPK M2 (retries of that message are ignored completely), so
that behavior does not get modified.
For TPK M3, the TPK-TK could have been reconfigured, but that was
followed by immediate teardown of the link due to an issue in updating
the STA entry. Furthermore, for TDLS with any real security (i.e.,
ignoring open/WEP), the TPK message exchange is protected on the AP path
and simple replay attacks are not feasible.
As an additional corner case, make sure the local nonce gets updated if
the peer uses a very unlikely "random nonce" of all zeros.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/rsn_supp/tdls.c | 38 ++++++++++++++++++++++++++++++++++++--
1 file changed, 36 insertions(+), 2 deletions(-)
diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c
index e424168..9eb9738 100644
--- a/src/rsn_supp/tdls.c
+++ b/src/rsn_supp/tdls.c
@@ -112,6 +112,7 @@ struct wpa_tdls_peer {
u8 tk[16]; /* TPK-TK; assuming only CCMP will be used */
} tpk;
int tpk_set;
+ int tk_set; /* TPK-TK configured to the driver */
int tpk_success;
int tpk_in_progress;
@@ -192,6 +193,20 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
u8 rsc[6];
enum wpa_alg alg;
+ if (peer->tk_set) {
+ /*
+ * This same TPK-TK has already been configured to the driver
+ * and this new configuration attempt (likely due to an
+ * unexpected retransmitted frame) would result in clearing
+ * the TX/RX sequence number which can break security, so must
+ * not allow that to happen.
+ */
+ wpa_printf(MSG_INFO, "TDLS: TPK-TK for the peer " MACSTR
+ " has already been configured to the driver - do not reconfigure",
+ MAC2STR(peer->addr));
+ return -1;
+ }
+
os_memset(rsc, 0, 6);
switch (peer->cipher) {
@@ -209,12 +224,15 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
return -1;
}
+ wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR,
+ MAC2STR(peer->addr));
if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1,
rsc, sizeof(rsc), peer->tpk.tk, key_len) < 0) {
wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the "
"driver");
return -1;
}
+ peer->tk_set = 1;
return 0;
}
@@ -696,7 +714,7 @@ static void wpa_tdls_peer_clear(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
peer->cipher = 0;
peer->qos_info = 0;
peer->wmm_capable = 0;
- peer->tpk_set = peer->tpk_success = 0;
+ peer->tk_set = peer->tpk_set = peer->tpk_success = 0;
peer->chan_switch_enabled = 0;
os_memset(&peer->tpk, 0, sizeof(peer->tpk));
os_memset(peer->inonce, 0, WPA_NONCE_LEN);
@@ -1159,6 +1177,7 @@ skip_rsnie:
wpa_tdls_peer_free(sm, peer);
return -1;
}
+ peer->tk_set = 0; /* A new nonce results in a new TK */
wpa_hexdump(MSG_DEBUG, "TDLS: Initiator Nonce for TPK handshake",
peer->inonce, WPA_NONCE_LEN);
os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);
@@ -1751,6 +1770,19 @@ static int wpa_tdls_addset_peer(struct wpa_sm *sm, struct wpa_tdls_peer *peer,
}
+static int tdls_nonce_set(const u8 *nonce)
+{
+ int i;
+
+ for (i = 0; i < WPA_NONCE_LEN; i++) {
+ if (nonce[i])
+ return 1;
+ }
+
+ return 0;
+}
+
+
static int wpa_tdls_process_tpk_m1(struct wpa_sm *sm, const u8 *src_addr,
const u8 *buf, size_t len)
{
@@ -2004,7 +2036,8 @@ skip_rsn:
peer->rsnie_i_len = kde.rsn_ie_len;
peer->cipher = cipher;
- if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0) {
+ if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0 ||
+ !tdls_nonce_set(peer->inonce)) {
/*
* There is no point in updating the RNonce for every obtained
* TPK M1 frame (e.g., retransmission due to timeout) with the
@@ -2020,6 +2053,7 @@ skip_rsn:
"TDLS: Failed to get random data for responder nonce");
goto error;
}
+ peer->tk_set = 0; /* A new nonce results in a new TK */
}
#if 0
--
2.7.4
From 53c5eb58e95004f86e65ee9fbfccbc291b139057 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Fri, 22 Sep 2017 11:25:02 +0300
Subject: [PATCH 7/8] WNM: Ignore WNM-Sleep Mode Response without pending
request
Commit 03ed0a52393710be6bdae657d1b36efa146520e5 ('WNM: Ignore WNM-Sleep
Mode Response if WNM-Sleep Mode has not been used') started ignoring the
response when no WNM-Sleep Mode Request had been used during the
association. This can be made tighter by clearing the used flag when
successfully processing a response. This adds an additional layer of
protection against unexpected retransmissions of the response frame.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
wpa_supplicant/wnm_sta.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c
index 1b3409c..67a07ff 100644
--- a/wpa_supplicant/wnm_sta.c
+++ b/wpa_supplicant/wnm_sta.c
@@ -260,7 +260,7 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
if (!wpa_s->wnmsleep_used) {
wpa_printf(MSG_DEBUG,
- "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode has not been used in this association");
+ "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode operation has not been requested");
return;
}
@@ -299,6 +299,8 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
return;
}
+ wpa_s->wnmsleep_used = 0;
+
if (wnmsleep_ie->status == WNM_STATUS_SLEEP_ACCEPT ||
wnmsleep_ie->status == WNM_STATUS_SLEEP_EXIT_ACCEPT_GTK_UPDATE) {
wpa_printf(MSG_DEBUG, "Successfully recv WNM-Sleep Response "
--
2.7.4
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
Patch copied from upstream:
https://w1.fi/security/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
From b372ab0b7daea719749194dc554b26e6367603f2 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Fri, 22 Sep 2017 12:06:37 +0300
Subject: [PATCH 8/8] FT: Do not allow multiple Reassociation Response frames
The driver is expected to not report a second association event without
the station having explicitly request a new association. As such, this
case should not be reachable. However, since reconfiguring the same
pairwise or group keys to the driver could result in nonce reuse issues,
be extra careful here and do an additional state check to avoid this
even if the local driver ends up somehow accepting an unexpected
Reassociation Response frame.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/rsn_supp/wpa.c | 3 +++
src/rsn_supp/wpa_ft.c | 8 ++++++++
src/rsn_supp/wpa_i.h | 1 +
3 files changed, 12 insertions(+)
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 0550a41..2a53c6f 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -2440,6 +2440,9 @@ void wpa_sm_notify_disassoc(struct wpa_sm *sm)
#ifdef CONFIG_TDLS
wpa_tdls_disassoc(sm);
#endif /* CONFIG_TDLS */
+#ifdef CONFIG_IEEE80211R
+ sm->ft_reassoc_completed = 0;
+#endif /* CONFIG_IEEE80211R */
/* Keys are not needed in the WPA state machine anymore */
wpa_sm_drop_sa(sm);
diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c
index 205793e..d45bb45 100644
--- a/src/rsn_supp/wpa_ft.c
+++ b/src/rsn_supp/wpa_ft.c
@@ -153,6 +153,7 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len,
u16 capab;
sm->ft_completed = 0;
+ sm->ft_reassoc_completed = 0;
buf_len = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +
2 + sm->r0kh_id_len + ric_ies_len + 100;
@@ -681,6 +682,11 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
return -1;
}
+ if (sm->ft_reassoc_completed) {
+ wpa_printf(MSG_DEBUG, "FT: Reassociation has already been completed for this FT protocol instance - ignore unexpected retransmission");
+ return 0;
+ }
+
if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) {
wpa_printf(MSG_DEBUG, "FT: Failed to parse IEs");
return -1;
@@ -781,6 +787,8 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
return -1;
}
+ sm->ft_reassoc_completed = 1;
+
if (wpa_ft_process_gtk_subelem(sm, parse.gtk, parse.gtk_len) < 0)
return -1;
diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index 41f371f..56f88dc 100644
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h
@@ -128,6 +128,7 @@ struct wpa_sm {
size_t r0kh_id_len;
u8 r1kh_id[FT_R1KH_ID_LEN];
int ft_completed;
+ int ft_reassoc_completed;
int over_the_ds_in_progress;
u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */
int set_ptk_after_assoc;
--
2.7.4

View file

@ -188,11 +188,10 @@ (define-public asymptote
("texinfo" ,texinfo) ;For generating documentation
;; For the manual and the tests.
("texlive" ,(texlive-union (list texlive-fonts-amsfonts
texlive-generic-ifxetex
texlive-latex-amsfonts
texlive-latex-geometry
texlive-latex-graphics
texlive-latex-oberdiek
texlive-latex-oberdiek ; for ifluatex
texlive-latex-parskip
texlive-tex-texinfo)))
("emacs" ,emacs-minimal)

View file

@ -357,14 +357,14 @@ (define-public python2-certifi
(define-public python-cryptography-vectors
(package
(name "python-cryptography-vectors")
(version "2.5")
(version "2.6.1")
(source
(origin
(method url-fetch)
(uri (pypi-uri "cryptography_vectors" version))
(sha256
(base32
"15qfl3pnw2f11r0z0zhwl56f6pb60ysav8fxmpnz5p80cfwljdik"))))
"1bsqcv3h49dzqnyn29ijq8r7k1ra8ikl1y9qcpcns9nbvhaq3wq3"))))
(build-system python-build-system)
(home-page "https://github.com/pyca/cryptography")
(synopsis "Test vectors for the cryptography package")
@ -379,14 +379,14 @@ (define-public python2-cryptography-vectors
(define-public python-cryptography
(package
(name "python-cryptography")
(version "2.5")
(version "2.6.1")
(source
(origin
(method url-fetch)
(uri (pypi-uri "cryptography" version))
(sha256
(base32
"00c4d7gvsymlaw0r13zrm32dcnarmpayjyrh65yymlmr6mrbcij9"))))
"19iwz5avym5zl6jrrrkym1rdaa9h61j20ph4cswsqgv8xg5j3j16"))))
(build-system python-build-system)
(inputs
`(("openssl" ,openssl)))

View file

@ -30,7 +30,7 @@ (define-module (gnu packages regex)
(define-public re2
(package
(name "re2")
(version "2019-01-01")
(version "2019-03-01")
(home-page "https://github.com/google/re2")
(source (origin
(method git-fetch)
@ -38,7 +38,7 @@ (define-public re2
(file-name (git-file-name name version))
(sha256
(base32
"0wys8bbhj8ppgmgp3842qjmnvkynnzxrm8d7c3a3qyq3p6grqa29"))))
"032lsrb57llq79icpvrrh1fmjzy2i4bdmydfww178nc45ya5wcl4"))))
(build-system gnu-build-system)
(arguments
`(#:modules ((guix build gnu-build-system)

View file

@ -3,6 +3,7 @@
;;; Copyright © 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2019 Leo Famulari <leo@famulari.name>
;;;
;;; This file is part of GNU Guix.
;;;
@ -21,12 +22,15 @@
(define-module (gnu packages rsync)
#:use-module (gnu packages)
#:use-module (gnu packages perl)
#:use-module (gnu packages acl)
#:use-module (gnu packages base)
#:use-module (guix licenses)
#:use-module (gnu packages compression)
#:use-module (gnu packages perl)
#:use-module (gnu packages popt)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system cmake)
#:use-module (guix build-system gnu))
@ -51,25 +55,26 @@ (define-public rsync
Its delta-transfer algorithm reduces the amount of data sent over the network
by sending only the differences between the source files and the existing
files in the destination.")
(license gpl3+)
(license license:gpl3+)
(home-page "http://rsync.samba.org/")))
(define-public librsync
(package
(name "librsync")
(version "0.9.7")
(version "2.0.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/librsync/librsync/"
version "/librsync-" version ".tar.gz"))
(uri (string-append "https://github.com/librsync/librsync/archive/v"
version ".tar.gz"))
(sha256
(base32
"1mj1pj99mgf1a59q9f2mxjli2fzxpnf55233pc1klxk2arhf8cv6"))))
(build-system gnu-build-system)
"1waa581pcscc1rnvy06cj584k5dx0dc7jj79wsdj7xw4xqh9ayz6"))))
(build-system cmake-build-system)
(inputs
`(("popt" ,popt)))
(native-inputs
`(("which" ,which)
("perl" ,perl)))
(arguments '(#:configure-flags '("--enable-shared")))
(home-page "http://librsync.sourceforge.net/")
(synopsis "Implementation of the rsync remote-delta algorithm")
(description
@ -78,4 +83,19 @@ (define-public librsync
file, without requiring the old and new versions to both be present at the
sending end. The library uses a \"streaming\" design similar to that of zlib
with the aim of allowing it to be embedded into many different applications.")
(license lgpl2.1+)))
(license license:lgpl2.1+)))
(define-public librsync-0.9
(package
(inherit librsync)
(version "0.9.7")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/librsync/librsync/"
version "/librsync-" version ".tar.gz"))
(sha256
(base32
"1mj1pj99mgf1a59q9f2mxjli2fzxpnf55233pc1klxk2arhf8cv6"))))
(build-system gnu-build-system)
(arguments '(#:configure-flags '("--enable-shared")))
(inputs '())))

View file

@ -7,6 +7,7 @@
;;; Copyright © 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2018 Danny Milosavljevic <dannym+a@scratchpost.org>
;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -196,7 +197,7 @@ (define rust-1.19
(properties '((timeout . 72000) ;20 hours
(max-silent-time . 18000))) ;5 hours (for armel)
(arguments
`(#:imported-modules ,%cargo-build-system-modules ;for `generate-checksums'
`(#:imported-modules ,%cargo-utils-modules ;for `generate-checksums'
#:modules ((guix build utils) (ice-9 match) (guix build gnu-build-system))
#:phases
(modify-phases %standard-phases
@ -275,7 +276,7 @@ (define rust-1.19
(string-append name "\"" ,%cargo-reference-hash "\"")))
(for-each
(lambda (filename)
(use-modules (guix build cargo-build-system))
(use-modules (guix build cargo-utils))
(delete-file filename)
(let* ((dir (dirname filename)))
(display (string-append

View file

@ -464,6 +464,10 @@ (define-public fenics-dolfin
"${DOLFIN_SOURCE_DIR} "
"${DOLFIN_SOURCE_DIR}/dolfin "
"${DOLFIN_BINARY_DIR})\n")))
(substitute* "dolfin/nls/PETScSNESSolver.cpp"
;; Remove SNESTEST mapping. The SNESTEST symbol was removed
;; from PETSc at version 3.10.3.
((".*SNESTEST.*") "" ))
#t))))
(build-system cmake-build-system)
(inputs

View file

@ -1,8 +1,9 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016 David Thompson <davet@gnu.org>
;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2016, 2019 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2016 Kei Kebreau <kkebreau@posteo.net>
;;;
;;; This file is part of GNU Guix.
;;;
@ -23,17 +24,101 @@ (define-module (gnu packages speech)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix utils)
#:use-module (guix build-system gnu)
#:use-module (gnu packages)
#:use-module (gnu packages audio)
#:use-module (gnu packages autotools)
#:use-module (gnu packages compression)
#:use-module (gnu packages gcc)
#:use-module (gnu packages glib)
#:use-module (gnu packages linux)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages pulseaudio)
#:use-module (gnu packages python)
#:use-module (gnu packages textutils))
(define-public espeak
(package
(name "espeak")
(version "1.48.04")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/espeak/espeak/"
"espeak-" (version-major+minor version)
"/espeak-" version "-source.zip"))
(sha256
(base32
"0n86gwh9pw0jqqpdz7mxggllfr8k0r7pc67ayy7w5z6z79kig6mz"))
(modules '((guix build utils)))
(snippet
;; remove prebuilt binaries
'(begin
(delete-file-recursively "linux_32bit")
#t))))
(build-system gnu-build-system)
(arguments
`(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
(string-append "DATADIR="
(assoc-ref %outputs "out")
"/share/espeak-data")
(string-append "LDFLAGS=-Wl,-rpath="
(assoc-ref %outputs "out")
"/lib")
"AUDIO=pulseaudio")
#:tests? #f ; no check target
#:phases
(modify-phases %standard-phases
(replace 'configure
(lambda _
(chdir "src")
;; We use version 19 of the PortAudio library, so we must copy the
;; corresponding file to be sure that espeak compiles correctly.
(copy-file "portaudio19.h" "portaudio.h")
(substitute* "Makefile"
(("/bin/ln") "ln"))
#t)))))
(inputs
`(("portaudio" ,portaudio)
("pulseaudio" ,pulseaudio)))
(native-inputs `(("unzip" ,unzip)))
(home-page "http://espeak.sourceforge.net/")
(synopsis "Software speech synthesizer")
(description "eSpeak is a software speech synthesizer for English and
other languages. eSpeak uses a \"formant synthesis\" method. This allows many
languages to be provided in a small size. The speech is clear, and can be used
at high speeds, but is not as natural or smooth as larger synthesizers which are
based on human speech recordings.")
(license license:gpl3+)))
(define-public espeak-ng
(package
(name "espeak-ng")
(version "1.49.2")
(home-page "https://github.com/espeak-ng/espeak-ng")
(source (origin
(method url-fetch)
(uri (string-append home-page "/releases/download/" version
"/espeak-ng-" version ".tar.gz"))
(sha256
(base32 "1d10x9rbvqi2zwcz65fxh04k0x0scnk7732l37laz6xra1ldhzng"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags '("--disable-static")
;; Building in parallel triggers a race condition in 1.49.2.
#:parallel-build? #f
;; XXX: Some tests require an audio device.
#:tests? #f))
(inputs
`(("libcap" ,libcap)
("pcaudiolib" ,pcaudiolib)))
(synopsis "Software speech synthesizer")
(description
"eSpeak NG is a software speech synthesizer for more than 100 languages.
It is based on the eSpeak engine and supports spectral and Klatt formant
synthesis, and the ability to use MBROLA voices.")
(license license:gpl3+)))
(define-public mitlm
(package
(name "mitlm")
@ -60,22 +145,26 @@ (define-public mitlm
(define-public speech-dispatcher
(package
(name "speech-dispatcher")
(version "0.8.5")
(version "0.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://devel.freebsoft.org/pub/"
"projects/speechd/speech-dispatcher-"
(uri (string-append "https://github.com/brailcom/speechd/releases"
"/download/" version "/speech-dispatcher-"
version ".tar.gz"))
(sha256
(base32
"18jlxnhlahyi6njc6l6576hfvmzivjjgfjyd2n7vvrvx9inphjrb"))))
"1yd2rb02565picga4gh2a0bvfxbhdyaj0cv9aaj5a8fc5zs29fbk"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags '("--disable-static"
;; Disable support for proprietary TTS engines.
"--with-kali=no" "--with-baratinoo=no")))
(native-inputs
`(("intltool" ,intltool)
("pkg-config" ,pkg-config)))
(inputs
`(("dotconf" ,dotconf)
("espeak" ,espeak)
("espeak" ,espeak-ng)
("glib" ,glib)
("libltdl" ,libltdl)
("libsndfile" ,libsndfile)

View file

@ -114,22 +114,6 @@ (define-public spice-protocol
(home-page "https://www.spice-space.org")
(license (list license:bsd-3 license:lgpl2.1+))))
;; TODO: Package lookingglass doesn't build with spice-protocol 0.12.15. Remove
;; below once that is fixed.
(define-public spice-protocol-0.12.14
(package
(inherit spice-protocol)
(name "spice-protocol")
(version "0.12.14")
(source (origin
(method url-fetch)
(uri (string-append
"https://www.spice-space.org/download/releases/"
"spice-protocol-" version ".tar.bz2"))
(sha256
(base32
"170ckpgazvqv7hxy209myg67pqnd6c0gvr4ysbqgsfch6320nd90"))))))
(define-public spice-gtk
(package
(name "spice-gtk")

View file

@ -11,6 +11,7 @@
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2017 Nils Gillmann <ng0@n0.is>
;;; Copyright © 2018 Manuel Graf <graf@init.at>
;;; Copyright © 2019 Gábor Boskovits <boskovits@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -39,6 +40,7 @@ (define-module (gnu packages ssh)
#:use-module (gnu packages gperf)
#:use-module (gnu packages groff)
#:use-module (gnu packages guile)
#:use-module (gnu packages libedit)
#:use-module (gnu packages linux)
#:use-module (gnu packages logging)
#:use-module (gnu packages m4)
@ -68,7 +70,7 @@ (define-module (gnu packages ssh)
(define-public libssh
(package
(name "libssh")
(version "0.8.6")
(version "0.8.7")
(source (origin
(method git-fetch)
(uri (git-reference
@ -76,7 +78,7 @@ (define-public libssh
(commit (string-append "libssh-" version))))
(sha256
(base32
"0rq57gpmdawljx7hqya4ipzsfpcbr31yy60kl5qv66krc9wimqda"))
"1iqik1ba0g008k1mb1n85iih1azi7giy0c485jnlmsrjxik4q3j2"))
(file-name (git-file-name name version))))
(build-system cmake-build-system)
(outputs '("out" "debug"))
@ -154,8 +156,10 @@ (define-public openssh
(base32
"1b8sy6v0b8v4ggmknwcqx3y1rjcpsll0f1f8f4vyv11x4ni3njvb"))))
(build-system gnu-build-system)
(native-inputs `(("groff" ,groff)))
(inputs `(("openssl" ,openssl)
(native-inputs `(("groff" ,groff)
("pkg-config" ,pkg-config)))
(inputs `(("libedit" ,libedit)
("openssl" ,openssl)
("pam" ,linux-pam)
("mit-krb5" ,mit-krb5)
("zlib" ,zlib)
@ -175,6 +179,9 @@ (define-public openssh
(assoc-ref %build-inputs "mit-krb5")
"/bin")
;; libedit needed for sftp completion
"--with-libedit"
;; Enable PAM support in sshd.
"--with-pam")

View file

@ -234,14 +234,14 @@ (define-public perl-tk
(define-public tcllib
(package
(name "tcllib")
(version "1.18")
(version "1.19")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/" name "/" name "/"
version "/" name "-" version ".tar.gz"))
(uri (string-append "mirror://sourceforge/tcllib/tcllib/"
version "/tcllib-" version ".tar.gz"))
(sha256
(base32
"05dmrk9qsryah2n17z6z85dj9l9lfyvnsd7faw0p9bs1pp5pwrkj"))))
"173abxaazdmf210v651708ab6h7xhskvd52krxk6ifam337qgzh1"))))
(build-system gnu-build-system)
(native-inputs
`(("tcl" ,tcl)))

View file

@ -1667,6 +1667,9 @@ (define-public texlive-latex-hyperref
"1d3rmjgzh0025a1dza55zb6nzzlgd1y9snwx45wq1c1vf42m79h2"))))
(build-system texlive-build-system)
(arguments '(#:tex-directory "latex/hyperref"))
(propagated-inputs
`(("texlive-latex-oberdiek" ,texlive-latex-oberdiek) ; for ltxcmds.sty
("texlive-latex-url" ,texlive-latex-url)))
(home-page "https://www.ctan.org/pkg/hyperref")
(synopsis "Extensive support for hypertext in LaTeX")
(description
@ -1703,6 +1706,8 @@ (define-public texlive-latex-oberdiek
(substitute* "oberdiek.ins"
(("ifpdf.ins") "ifpdf.dtx"))
#t)))))
(propagated-inputs
`(("texlive-generic-ifxetex" ,texlive-generic-ifxetex)))
(home-page "https://www.ctan.org/pkg/oberdiek")
(synopsis "Bundle of packages submitted by Heiko Oberdiek")
(description
@ -5326,6 +5331,8 @@ (define-public texlive-latex-pgf
(sha256
(base32
"0xkxw26sjzr5npjpzpr28yygwdbhzpdd0hsk80gjpidhcxmz393i"))))))
(propagated-inputs
`(("texlive-latex-xcolor" ,texlive-latex-xcolor)))
(arguments
`(#:modules ((guix build utils))
#:builder

View file

@ -16,6 +16,7 @@
;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2018 Pierre Neidhardt <mail@ambrevar.xyz>
;;; Copyright © 2018 Meiyo Peng <meiyo.peng@gmail.com>
;;; Copyright © 2019 Yoshinori Arai <kumagusu08@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -794,3 +795,37 @@ (define-public opencc
phrase-level conversion, variant conversion, and regional idioms among
Mainland China, Taiwan, and Hong-Kong.")
(license license:asl2.0)))
(define-public nkf
(let ((commit "08043eadf4abdddcf277842217e3c77a24740dc2")
(revision "1"))
(package
(name "nkf")
;; The commits corresponding to specific versions are published
;; here:
;; https://ja.osdn.net/projects/nkf/scm/git/nkf/
(version "2.1.5")
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/nurse/nkf.git")
(commit commit)))
(file-name (git-file-name name version))
(sha256
(base32
"0anw0knr1iy4p9w3d3b3pbwzh1c43p1i2q4c28kw9zviw8kx2rly"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; test for perl module
#:make-flags (list "CC=gcc" "CFLAGS=-O2 -Wall -pedantic"
(string-append "prefix=" %output)
"MKDIR=mkdir -p")
#:phases
(modify-phases %standard-phases
(delete 'configure)))) ; No ./configure script
(home-page "https://ja.osdn.net/projects/nkf/")
(synopsis "Network Kanji Filter")
(description "Nkf is yet another kanji code converter among networks,
hosts and terminals. It converts input kanji code to designated kanji code
such as ISO-2022-JP, Shift_JIS, EUC-JP, UTF-8, UTF-16 or UTF-32.")
(license license:zlib))))

View file

@ -10,7 +10,7 @@
;;; Copyright © 2016 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2017, 2018 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org>
;;;
@ -271,6 +271,7 @@ (define-public gnutls/dane
(define-public openssl
(package
(name "openssl")
(replacement openssl/fixed)
(version "1.0.2p")
(source (origin
(method url-fetch)
@ -399,11 +400,20 @@ (define-public openssl
(license license:openssl)
(home-page "https://www.openssl.org/")))
(define-public openssl/fixed
(hidden-package
(package
(inherit openssl)
(source (origin
(inherit (package-source openssl))
(patches (append (origin-patches (package-source openssl))
(search-patches "openssl-CVE-2019-1559.patch"))))))))
(define-public openssl-next
(package
(inherit openssl)
(name "openssl")
(version "1.1.1a")
(version "1.1.1b")
(source (origin
(method url-fetch)
(uri (list (string-append "https://www.openssl.org/source/openssl-"
@ -416,7 +426,7 @@ (define-public openssl-next
(patches (search-patches "openssl-1.1-c-rehash-in.patch"))
(sha256
(base32
"0hcz7znzznbibpy3iyyhvlqrq44y88plxwdj32wjzgbwic7i687w"))))
"0jza8cmznnyiia43056dij1jdmz62dx17wsn0zxksh9h6817nmaw"))))
(outputs '("out"
"doc" ; 6.8 MiB of man3 pages and full HTML documentation
"static")) ; 6.4 MiB of .a files

View file

@ -22,6 +22,7 @@
;;; Copyright © 2018 Christopher Baines <mail@cbaines.net>
;;; Copyright © 2018 Timothy Sample <samplet@ngyro.com>
;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2019 Jovany Leandro G.C <bit4bit@riseup.net>
;;;
;;; This file is part of GNU Guix.
;;;
@ -1867,7 +1868,7 @@ (define-public git-annex-remote-hubic
(define-public fossil
(package
(name "fossil")
(version "2.5")
(version "2.8")
(source
(origin
(method url-fetch)
@ -1881,7 +1882,11 @@ (define-public fossil
"fossil-src-" version ".tar.gz")))
(sha256
(base32
"1lxawkhr1ki9fqw8076fxib2b1w673449yzb6vxjshqzh5h77c7r"))))
"0pbinf8d2kj1j7niblhzjd2l2khg6r2pn2xvig6gavz27p3vwcka"))
(modules '((guix build utils)))
(snippet
'(begin
(delete-file-recursively "compat") #t))))
(build-system gnu-build-system)
(native-inputs
`(("tcl" ,tcl) ;for configuration only
@ -1890,12 +1895,17 @@ (define-public fossil
(inputs
`(("openssl" ,openssl)
("zlib" ,zlib)
("sqlite" ,sqlite)))
("sqlite" ,sqlite-3.26.0)))
(arguments
`(#:configure-flags (list "--with-openssl=auto"
"--disable-internal-sqlite")
#:test-target "test"
#:phases (modify-phases %standard-phases
(add-after 'patch-source-shebangs 'patch-sh
(lambda _
(substitute* '("auto.def")
(("/bin/sh") (which "sh")))
#t))
(replace 'configure
(lambda* (#:key outputs (configure-flags '())
#:allow-other-keys)

View file

@ -32,6 +32,7 @@
;;; Copyright © 2018 Mark Meyer <mark@ofosos.org>
;;; Copyright © 2018 Gábor Boskovit <boskovits@gmail.com>
;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com>
;;; Copyright © 2019 Timo Eisenmann <eisenmann@fn.de>
;;;
;;; This file is part of GNU Guix.
;;;
@ -1999,10 +2000,10 @@ (define-public livestreamer
(deprecated-package "livestreamer" streamlink))
(define-public twitchy
(let ((commit "0c0f925b9c7ff2aed4a3b0046561cb794143c398")) ;Fixes tests.
(let ((commit "9beb36d80b16662414129693e74fa3a2fd97554e")) ; 3.4 has no tag
(package
(name "twitchy")
(version (git-version "3.2" "1" commit))
(version (git-version "3.4" "1" commit))
(source
(origin
(method git-fetch)
@ -2012,11 +2013,18 @@ (define-public twitchy
(file-name (git-file-name name version))
(sha256
(base32
"02aizvsr744sh8bdqvwwsmp2qpczlzn8fy76h5dyd3517n9nlcz9"))))
"0di03h1j9ipp2bbnxxlxz07v87icyg2hmnsr4s7184z5ql8kpzr7"))))
(build-system python-build-system)
(arguments
'(#:phases
(modify-phases %standard-phases
(add-after 'unpack 'patch-paths
(lambda* (#:key inputs #:allow-other-keys)
(substitute* "twitchy/twitchy_play.py"
(("\"streamlink ")
(string-append "\"" (assoc-ref inputs "streamlink")
"/bin/streamlink ")))
#t))
(add-before 'check 'check-setup
(lambda _
(setenv "HOME" (getcwd)) ;Needs to write to $HOME.

View file

@ -48,6 +48,7 @@ (define-module (gnu packages virtualization)
#:use-module (gnu packages firmware)
#:use-module (gnu packages flex)
#:use-module (gnu packages fontutils)
#:use-module (gnu packages freedesktop)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gl)
#:use-module (gnu packages glib)
@ -796,53 +797,55 @@ (define-public qmpbackup
(license license:gpl3+)))
(define-public lookingglass
(package
(name "lookingglass")
(version "a12")
(source
(origin
(method git-fetch)
(uri (git-reference (url "https://github.com/gnif/LookingGlass")
(commit version)))
(file-name (git-file-name name version))
(sha256
(base32
"0r6bvl9q94039r6ff4f2bg8si95axx9w8bf1h1qr5730d2kv5yxq"))))
(build-system cmake-build-system)
(inputs `(("fontconfig" ,fontconfig)
("glu" ,glu)
("mesa" ,mesa)
("openssl" ,openssl)
("sdl2" ,sdl2)
("sdl2-ttf" ,sdl2-ttf)
("spice-protocol" ,spice-protocol-0.12.14)))
(native-inputs `(("libconfig" ,libconfig)
("nettle" ,nettle)
("pkg-config" ,pkg-config)))
(arguments
`(#:tests? #f ;; No tests are available.
#:make-flags '("CC=gcc")
#:phases (modify-phases %standard-phases
(add-before 'configure 'chdir-to-client
(lambda* (#:key outputs #:allow-other-keys)
(chdir "client")
#t))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(install-file "looking-glass-client"
(string-append (assoc-ref outputs "out")
"/bin"))
#t))
)))
(home-page "https://looking-glass.hostfission.com")
(synopsis "KVM Frame Relay (KVMFR) implementation")
(description "Looking Glass allows the use of a KVM (Kernel-based Virtual
(let ((commit "41f4166aedeba65892f6db4de4de467aec9a2052"))
(package
(name "lookingglass")
(version (string-append "a12-" (string-take commit 7)))
(source
(origin
(method git-fetch)
(uri (git-reference (url "https://github.com/gnif/LookingGlass")
(commit commit)))
(file-name (git-file-name name version))
(sha256
(base32
"1sjxf4zy7h0zprla3s6dfwsxhmkrwhlhj07svf5bk5ij20bs0dc2"))))
(build-system cmake-build-system)
(inputs `(("fontconfig" ,fontconfig)
("glu" ,glu)
("mesa" ,mesa)
("openssl" ,openssl)
("sdl2" ,sdl2)
("sdl2-ttf" ,sdl2-ttf)
("spice-protocol" ,spice-protocol)
("wayland" ,wayland)))
(native-inputs `(("libconfig" ,libconfig)
("nettle" ,nettle)
("pkg-config" ,pkg-config)))
(arguments
`(#:tests? #f ;; No tests are available.
#:make-flags '("CC=gcc")
#:phases (modify-phases %standard-phases
(add-before 'configure 'chdir-to-client
(lambda* (#:key outputs #:allow-other-keys)
(chdir "client")
#t))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(install-file "looking-glass-client"
(string-append (assoc-ref outputs "out")
"/bin"))
#t))
)))
(home-page "https://looking-glass.hostfission.com")
(synopsis "KVM Frame Relay (KVMFR) implementation")
(description "Looking Glass allows the use of a KVM (Kernel-based Virtual
Machine) configured for VGA PCI Pass-through without an attached physical
monitor, keyboard or mouse. It displays the VM's rendered contents on your main
monitor/GPU.")
;; This package requires SSE instructions.
(supported-systems '("i686-linux" "x86_64-linux"))
(license license:gpl2+)))
;; This package requires SSE instructions.
(supported-systems '("i686-linux" "x86_64-linux"))
(license license:gpl2+))))
(define-public runc
(package

View file

@ -902,15 +902,15 @@ (define-public xcape
(define-public libwacom
(package
(name "libwacom")
(version "0.31")
(version "0.32")
(source (origin
(method url-fetch)
(uri (string-append
"https://github.com/linuxwacom/libwacom/releases/download/"
name "-" version "/" name "-" version ".tar.bz2"))
"libwacom-" version "/libwacom-" version ".tar.bz2"))
(sha256
(base32
"00xzkxhm0s9bvhbf27hscjbh17wa8lcgvxjqbmzm527f9cjqrm8q"))))
"102kz0q7i0bjsnl6yy83vcj2rpir12rs2d4xr0wvhw84rs5sp7bb"))))
(build-system glib-or-gtk-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))

View file

@ -306,6 +306,7 @@ (define-deprecated (upower-service #:key (upower upower)
(time-critical 300)
(time-action 120)
(critical-power-action 'hybrid-sleep))
upower-service-type
"Return a service that runs @uref{http://upower.freedesktop.org/,
@command{upowerd}}, a system-wide monitor for power consumption and battery
levels, with the given configuration settings. It implements the

View file

@ -3,6 +3,7 @@
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2013 Nikita Karetnikov <nikita@karetnikov.org>
;;; Copyright © 2016 David Craven <david@craven.ch>
;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -30,6 +31,7 @@ (define-module (guix build-system cargo)
#:use-module (ice-9 match)
#:use-module (srfi srfi-26)
#:export (%cargo-build-system-modules
%cargo-utils-modules
cargo-build-system
crate-url
crate-url?
@ -49,10 +51,15 @@ (define (default-rust)
(let ((rust (resolve-interface '(gnu packages rust))))
(module-ref rust 'rust)))
(define %cargo-utils-modules
;; Build-side modules imported by default.
`((guix build cargo-utils)
,@%gnu-build-system-modules))
(define %cargo-build-system-modules
;; Build-side modules imported by default.
`((guix build cargo-build-system)
,@%gnu-build-system-modules))
,@%cargo-utils-modules))
(define* (cargo-build store name inputs
#:key

View file

@ -20,6 +20,7 @@
(define-module (guix build cargo-build-system)
#:use-module ((guix build gnu-build-system) #:prefix gnu:)
#:use-module (guix build utils)
#:use-module (guix build cargo-utils)
#:use-module (ice-9 popen)
#:use-module (ice-9 rdelim)
#:use-module (ice-9 ftw)
@ -28,8 +29,7 @@ (define-module (guix build cargo-build-system)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:export (%standard-phases
cargo-build
generate-checksums))
cargo-build))
;; Commentary:
;;
@ -107,41 +107,6 @@ (define* (check #:key tests? #:allow-other-keys)
(zero? (system* "cargo" "test"))
#t))
(define (file-sha256 file-name)
"Calculate the hexdigest of the sha256 checksum of FILE-NAME and return it."
(let ((port (open-pipe* OPEN_READ
"sha256sum"
"--"
file-name)))
(let ((result (read-delimited " " port)))
(close-pipe port)
result)))
(define (generate-checksums dir-name src-name)
"Given DIR-NAME, a store directory, checksum all the files in it one
by one and put the result into the file \".cargo-checksum.json\" in
the same directory. Also includes the checksum of an extra file
SRC-NAME as if it was part of the directory DIR-NAME with name
\"package\"."
(let* ((file-names (find-files dir-name "."))
(dir-prefix-name (string-append dir-name "/"))
(dir-prefix-name-len (string-length dir-prefix-name))
(checksums-file-name (string-append dir-name "/.cargo-checksum.json")))
(call-with-output-file checksums-file-name
(lambda (port)
(display "{\"files\":{" port)
(let ((sep ""))
(for-each (lambda (file-name)
(let ((file-relative-name (string-drop file-name dir-prefix-name-len)))
(display sep port)
(set! sep ",")
(write file-relative-name port)
(display ":" port)
(write (file-sha256 file-name) port))) file-names))
(display "},\"package\":" port)
(write (file-sha256 src-name) port)
(display "}" port)))))
(define (touch file-name)
(call-with-output-file file-name (const #t)))

View file

@ -0,0 +1,67 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016 David Craven <david@craven.ch>
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (guix build cargo-utils)
#:use-module (guix build utils)
#:use-module (ice-9 popen)
#:use-module (ice-9 rdelim)
#:export (generate-checksums))
;; Commentary:
;;
;; Stand alone utilities for building Rust crates or the compiler itself,
;; without depending on the entire cargo build-system itself.
;;
;; Code:
(define (file-sha256 file-name)
"Calculate the hexdigest of the sha256 checksum of FILE-NAME and return it."
(let ((port (open-pipe* OPEN_READ
"sha256sum"
"--"
file-name)))
(let ((result (read-delimited " " port)))
(close-pipe port)
result)))
(define (generate-checksums dir-name src-name)
"Given DIR-NAME, a store directory, checksum all the files in it one
by one and put the result into the file \".cargo-checksum.json\" in
the same directory. Also includes the checksum of an extra file
SRC-NAME as if it was part of the directory DIR-NAME with name
\"package\"."
(let* ((file-names (find-files dir-name "."))
(dir-prefix-name (string-append dir-name "/"))
(dir-prefix-name-len (string-length dir-prefix-name))
(checksums-file-name (string-append dir-name "/.cargo-checksum.json")))
(call-with-output-file checksums-file-name
(lambda (port)
(display "{\"files\":{" port)
(let ((sep ""))
(for-each (lambda (file-name)
(let ((file-relative-name (string-drop file-name dir-prefix-name-len)))
(display sep port)
(set! sep ",")
(write file-relative-name port)
(display ":" port)
(write (file-sha256 file-name) port))) file-names))
(display "},\"package\":" port)
(write (file-sha256 src-name) port)
(display "}" port)))))