Merge branch 'master' into core-updates

Conflicts:
	gnu/packages/image.scm
        (incorporated libtiff graft)
This commit is contained in:
Marius Bakke 2017-06-03 17:51:21 +02:00
commit d0c45d2d82
No known key found for this signature in database
GPG key ID: A2A06DF2A33A54FA
99 changed files with 3597 additions and 2885 deletions

View file

@ -43,6 +43,7 @@ Mathieu Lirzin <mthl@gnu.org> <mathieu.lirzin@openmailbox.org>
Mathieu Othacehe <m.othacehe@gmail.com>
Nikita Karetnikov <nikita@karetnikov.org> <nikita.karetnikov@gmail.com>
ng0 <ng0@no-reply.pragmatique.xyz>
ng0 <ng0@no-reply.pragmatique.xyz> <ng0@pragmatique.xyz>
ng0 <ng0@no-reply.pragmatique.xyz> <contact.ng0@cryptolab.net>
ng0 <ng0@no-reply.pragmatique.xyz> <ng0@we.make.ritual.n0.is>
ng0 <ng0@no-reply.pragmatique.xyz> <ngillmann@runbox.com>

View file

@ -76,6 +76,7 @@ MODULES = \
guix/build-system/cmake.scm \
guix/build-system/dub.scm \
guix/build-system/emacs.scm \
guix/build-system/font.scm \
guix/build-system/asdf.scm \
guix/build-system/glib-or-gtk.scm \
guix/build-system/gnu.scm \
@ -101,6 +102,7 @@ MODULES = \
guix/build/cmake-build-system.scm \
guix/build/dub-build-system.scm \
guix/build/emacs-build-system.scm \
guix/build/font-build-system.scm \
guix/build/asdf-build-system.scm \
guix/build/git.scm \
guix/build/hg.scm \

View file

@ -218,6 +218,7 @@ Services
* Messaging Services:: Messaging services.
* Kerberos Services:: Kerberos services.
* Web Services:: Web servers.
* DNS Services:: DNS daemons.
* VPN Services:: VPN daemons.
* Network File System:: NFS related services.
* Continuous Integration:: The Cuirass service.
@ -3626,6 +3627,14 @@ package is installed in its own directory under
@file{share/emacs/site-lisp/guix.d}.
@end defvr
@defvr {Scheme Variable} font-build-system
This variable is exported by @code{(guix build-system font)}. It
implements an installation procedure for font packages where upstream
provides pre-compiled TrueType, OpenType, etc. font files that merely
need to be copied into place. It copies font files to standard
locations in the output directory.
@end defvr
Lastly, for packages that do not need anything as sophisticated, a
``trivial'' build system is provided. It is trivial in the sense that
it provides basically no support: it does not pull any implicit inputs,
@ -7322,7 +7331,7 @@ Access to @file{/dev/sdX} usually requires root privileges.
@end enumerate
Once this is done, you should be able to reboot the system and boot from
the USB stick. The latter usually requires you to get in the BIOS' or
the USB stick. The latter usually requires you to get in the BIOS or
UEFI boot menu, where you can choose to boot from the USB stick.
@xref{Installing GuixSD in a VM}, if, instead, you would like to install
@ -7687,10 +7696,12 @@ Boot the USB installation image in an VM:
@example
qemu-system-x86_64 -m 1024 -smp 1 \
-net user -net nic,model=virtio -boot menu=on \
-drive file=guixsd.img \
-drive file=guixsd-usb-install-@value{VERSION}.@var{system}
-drive file=guixsd-usb-install-@value{VERSION}.@var{system} \
-drive file=guixsd.img
@end example
The ordering of the drives matters.
In the VM console, quickly press the @kbd{F12} key to enter the boot
menu. Then press the @kbd{2} key and the @kbd{RET} key to validate your
selection.
@ -8737,6 +8748,7 @@ declaration.
* Messaging Services:: Messaging services.
* Kerberos Services:: Kerberos services.
* Web Services:: Web servers.
* DNS Services:: DNS daemons.
* VPN Services:: VPN daemons.
* Network File System:: NFS related services.
* Continuous Integration:: The Cuirass service.
@ -13520,6 +13532,472 @@ Whether the server should add its configuration to response.
@end table
@end deftp
@deftp {Data Type} nginx-upstream-configuration
Data type representing the configuration of an nginx @code{upstream}
block. This type has the following parameters:
@table @asis
@item @code{name}
Name for this group of servers.
@item @code{servers}
Specify the addresses of the servers in the group. The address can be
specified as a IP address (e.g. @samp{127.0.0.1}), domain name
(e.g. @samp{backend1.example.com}) or a path to a UNIX socket using the
prefix @samp{unix:}. For addresses using an IP address or domain name,
the default port is 80, and a different port can be specified
explicitly.
@end table
@end deftp
@deftp {Data Type} nginx-location-configuration
Data type representing the configuration of an nginx @code{location}
block. This type has the following parameters:
@table @asis
@item @code{uri}
URI which this location block matches.
@anchor{nginx-location-configuration body}
@item @code{body}
Body of the location block, specified as a string. This can contain many
configuration directives. For example, to pass requests to a upstream
server group defined using an @code{nginx-upstream-configuration} block,
the following directive would be specified in the body @samp{proxy_pass
http://upstream-name;}.
@end table
@end deftp
@deftp {Data Type} nginx-named-location-configuration
Data type representing the configuration of an nginx named location
block. Named location blocks are used for request redirection, and not
used for regular request processing. This type has the following
parameters:
@table @asis
@item @code{name}
Name to identify this location block.
@item @code{body}
@xref{nginx-location-configuration body}, as the body for named location
blocks can be used in a similar way to the
@code{nginx-location-configuration body}. One restriction is that the
body of a named location block cannot contain location blocks.
@end table
@end deftp
@node DNS Services
@subsubsection DNS Services
@cindex DNS (domain name system)
@cindex domain name system (DNS)
The @code{(gnu services dns)} module provides services related to the
@dfn{domain name system} (DNS). It provides a server service for hosting
an @emph{authoritative} DNS server for multiple zones, slave or master.
This service uses @uref{https://www.knot-dns.cz/, Knot DNS}.
An example configuration of an authoritative server for two zones, one master
and one slave, is:
@lisp
(define-zone-entries example.org.zone
;; Name TTL Class Type Data
("@@" "" "IN" "A" "127.0.0.1")
("@@" "" "IN" "NS" "ns")
("ns" "" "IN" "A" "127.0.0.1"))
(define master-zone
(knot-zone-configuration
(domain "example.org")
(zone (zone-file
(origin "example.org")
(entries example.org.zone)))))
(define slave-zone
(knot-zone-configuration
(domain "plop.org")
(dnssec-policy "default")
(master (list "plop-master"))))
(define plop-master
(knot-remote-configuration
(id "plop-master")
(address (list "208.76.58.171"))))
(operating-system
;; ...
(services (cons* (service knot-service-type
(knot-confifguration
(remotes (list plop-master))
(zones (list master-zone slave-zone))))
;; ...
%base-services)))
@end lisp
@deffn {Scheme Variable} knot-service-type
This is the type for the Knot DNS server.
Knot DNS is an authoritative DNS server, meaning that it can serve multiple
zones, that is to say domain names you would buy from a registrar. This server
is not a resolver, meaning that it can only resolve names for which it is
authoritative. This server can be configured to serve zones as a master server
or a slave server as a per-zone basis. Slave zones will get their data from
masters, and will serve it as an authoritative server. From the point of view
of a resolver, there is no difference between master and slave.
The following data types are used to configure the Knot DNS server:
@end deffn
@deftp {Data Type} knot-key-configuration
Data type representing a key.
This type has the following parameters:
@table @asis
@item @code{id} (default: @code{""})
An identifier for other configuration fields to refer to this key. IDs must
be unique and must not be empty.
@item @code{algorithm} (default: @code{#f})
The algorithm to use. Choose between @code{#f}, @code{'hmac-md5},
@code{'hmac-sha1}, @code{'hmac-sha224}, @code{'hmac-sha256}, @code{'hmac-sha384}
and @code{'hmac-sha512}.
@item @code{secret} (default: @code{""})
The secret key itself.
@end table
@end deftp
@deftp {Data Type} knot-acl-configuration
Data type representing an Access Control List (ACL) configuration.
This type has the following parameters:
@table @asis
@item @code{id} (default: @code{""})
An identifier for ether configuration fields to refer to this key. IDs must be
unique and must not be empty.
@item @code{address} (default: @code{'()})
An ordered list of IP addresses, network subnets, or network ranges represented
with strings. The query must match one of them. Empty value means that
address match is not required.
@item @code{key} (default: @code{'()})
An ordered list of references to keys represented with strings. The string
must match a key ID defined in a @code{knot-key-configuration}. No key means
that a key is not require to match that ACL.
@item @code{action} (default: @code{'()})
An ordered list of actions that are permitted or forbidden by this ACL. Possible
values are lists of zero or more elements from @code{'transfer}, @code{'notify}
and @code{'update}.
@item @code{deny?} (default: @code{#f})
When true, the ACL defines restrictions. Listed actions are forbidden. When
false, listed actions are allowed.
@end table
@end deftp
@deftp {Data Type} zone-entry
Data type represnting a record entry in a zone file.
This type has the following parameters:
@table @asis
@item @code{name} (default: @code{"@@"})
The name of the record. @code{"@@"} refers to the origin of the zone. Names
are relative to the origin of the zone. For example, in the @code{example.org}
zone, @code{"ns.example.org"} actually refers to @code{ns.example.org.example.org}.
Names ending with a dot are absolute, which means that @code{"ns.example.org."}
refers to @code{ns.example.org}.
@item @code{ttl} (default: @code{""})
The Time-To-Live (TTL) of this record. If not set, the default TTL is used.
@item @code{class} (default: @code{"IN"})
The class of the record. Knot currently supports only @code{"IN"} and
partially @code{"CH"}.
@item @code{type} (default: @code{"A"})
The type of the record. Common types include A (IPv4 address), AAAA (IPv6
address), NS (Name Server) and MX (Mail eXchange). Many other types are
defined.
@item @code{data} (default: @code{""})
The data contained in the record. For instance an IP address associated with
an A record, or a domain name associated with an NS record. Remember that
domain names are relative to the origin unless they end with a dot.
@end table
@end deftp
@deftp {Data Type} zone-file
Data type representing the content of a zone file.
This type has the following parameters:
@table @asis
@item @code{entries} (default: @code{'()})
The list of entries. The SOA record is taken care of, so you don't need to
put it in the list of entries. This list should probably contain an entry
for your primary authoritative DNS server. Other than using a list of entries
directly, you can use @code{define-zone-entries} to define a object containing
the list of entries more easily, that you can later pass to the @code{entries}
field of the @code{zone-file}.
@item @code{origin} (default: @code{""})
The name of your zone. This parameter cannot be empty.
@item @code{ns} (default: @code{"ns"})
The domain of your primary authoritative DNS server. The name is relative to
the origin, unless it ends with a dot. It is mandatory that this primary
DNS server corresponds to an NS record in the zone and that it is associated
to an IP address in the list of entries.
@item @code{mail} (default: @code{"hostmaster"})
An email address people can contact you at, as the owner of the zone. This
is translated as @code{<mail>@@<origin>}.
@item @code{serial} (default: @code{1})
The serial number of the zone. As this is used to keep track of changes by
both slaves and resolvers, it is mandatory that it @emph{never} decreases.
Always increment it when you make a change in your zone.
@item @code{refresh} (default: @code{"2d"})
The frequency at which slaves will do a zone transfer. This value can be
a number of seconds or a number of some unit between:
@itemize
@item m: minute
@item h: hour
@item d: day
@item w: week
@end itemize
@item @code{retry} (default: @code{"15m"})
The period after which a slave will retry to contact its master when it fails
to do so a first time.
@item @code{expiry} (default: @code{"2w"})
Default TTL of records. Existing records are considered correct for at most
this amount of time. After this period, resolvers will invalidate their cache
and check again that it still exists.
@item @code{nx} (default: @code{"1h"})
Default TTL of inexistant records. This delay is usually short because you want
your new domains to reach everyone quickly.
@end table
@end deftp
@deftp {Data Type} knot-remote-configuration
Data type representing a remote configuration.
This type has the following parameters:
@table @asis
@item @code{id} (default: @code{""})
An identifier for other configuration fields to refer to this remote. IDs must
be unique and must not be empty.
@item @code{address} (default: @code{'()})
An ordered list of destination IP addresses. Addresses are tried in sequence.
An optional port can be given with the @@ separator. For instance:
@code{(list "1.2.3.4" "2.3.4.5@@53")}. Default port is 53.
@item @code{via} (default: @code{'()})
An ordered list of source IP addresses. An empty list will have Knot choose
an appropriate source IP. An optional port can be given with the @@ separator.
The default is to choose at random.
@item @code{key} (default: @code{#f})
A reference to a key, that is a string containing the identifier of a key
defined in a @code{knot-key-configuration} field.
@end table
@end deftp
@deftp {Data Type} knot-keystore-configuration
Data type representing a keystore to hold dnssec keys.
This type has the following parameters:
@table @asis
@item @code{id} (default: @code{""})
The id of the keystore. It must not be empty.
@item @code{backend} (default: @code{'pem})
The backend to store the keys in. Can be @code{'pem} or @code{'pkcs11}.
@item @code{config} (default: @code{"/var/lib/knot/keys/keys"})
The configuration string of the backend. An example for the PKCS#11 is:
@code{"pkcs11:token=knot;pin-value=1234 /gnu/store/.../lib/pkcs11/libsofthsm2.so"}.
For the pem backend, the string reprensents a path in the filesystem.
@end table
@end deftp
@deftp {Data Type} knot-policy-configuration
Data type representing a dnssec policy. Knot DNS is able to automatically
sign your zones. It can either generate and manage your keys automatically or
use keys that you generate.
Dnssec is usually implemented using two keys: a Key Signing Key (KSK) that is
used to sign the second, and a Zone Signing Key (ZSK) that is used to sign the
zone. In order to be trusted, the KSK needs to be present in the parent zone
(usually a top-level domain). If your registrar supports dnssec, you will
have to send them your KSK's hash so they can add a DS record in their zone.
This is not automated and need to be done each time you change your KSK.
The policy also defines the lifetime of keys. Usually, ZSK can be changed
easily and use weaker cryptographic functions (they use lower parameters) in
order to sign records quickly, so they are changed often. The KSK however
requires manual interaction with the registrar, so they are changed less often
and use stronger parameters because they sign only one record.
This type has the following parameters:
@table @asis
@item @code{id} (default: @code{""})
The id of the policy. It must not be empty.
@item @code{keystore} (default: @code{"default"})
A reference to a keystore, that is a string containing the identifier of a
keystore defined in a @code{knot-keystore-configuration} field. The
@code{"default"} identifier means the default keystore (a kasp database that
was setup by this service).
@item @code{manual?} (default: @code{#f})
Whether the key management is manual or automatic.
@item @code{single-type-signing?} (default: @code{#f})
When @code{#t}, use the Single-Type Signing Scheme.
@item @code{algorithm} (default: @code{"ecdsap256sha256"})
An algorithm of signing keys and issued signatures.
@item @code{ksk-size} (default: @code{256})
The length of the KSK. Note that this value is correct for the default
algorithm, but would be unsecure for other algorithms.
@item @code{zsk-size} (default: @code{256})
The length of the ZSK. Note that this value is correct for the default
algorithm, but would be unsecure for other algorithms.
@item @code{dnskey-ttl} (default: @code{'default})
The TTL value for DNSKEY records added into zone apex. The special
@code{'default} value means same as the zone SOA TTL.
@item @code{zsk-lifetime} (default: @code{"30d"})
The period between ZSK publication and the next rollover initiation.
@item @code{propagation-delay} (default: @code{"1d"})
An extra delay added for each key rollover step. This value should be high
enough to cover propagation of data from the master server to all slaves.
@item @code{rrsig-lifetime} (default: @code{"14d"})
A validity period of newly issued signatures.
@item @code{rrsig-refresh} (default: @code{"7d"})
A period how long before a signature expiration the signature will be refreshed.
@item @code{nsec3?} (default: @code{#f})
When @code{#t}, NSEC3 will be used instead of NSEC.
@item @code{nsec3-iterations} (default: @code{5})
The number of additional times the hashing is performed.
@item @code{nsec3-salt-length} (default: @code{8})
The length of a salt field in octets, which is appended to the original owner
name before hashing.
@item @code{nsec3-salt-lifetime} (default: @code{"30d"})
The validity period of newly issued salt field.
@end table
@end deftp
@deftp {Data Type} knot-zone-configuration
Data type representing a zone served by Knot.
This type has the following parameters:
@table @asis
@item @code{domain} (default: @code{""})
The domain served by this configuration. It must not be empty.
@item @code{file} (default: @code{""})
The file where this zone is saved. This parameter is ignored by master zones.
Empty means default location that depends on the domain name.
@item @code{zone} (default: @code{(zone-file)})
The content of the zone file. This parameter is ignored by slave zones. It
must contain a zone-file record.
@item @code{master} (default: @code{'()})
A list of master remotes. When empty, this zone is a master. When set, this
zone is a slave. This is a list of remotes identifiers.
@item @code{ddns-master} (default: @code{#f})
The main master. When empty, it defaults to the first master in the list of
masters.
@item @code{notify} (default: @code{'()})
A list of slave remote identifiers.
@item @code{acl} (default: @code{'()})
A list of acl identifiers.
@item @code{semantic-checks?} (default: @code{#f})
When set, this adds more semantic checks to the zone.
@item @code{disable-any?} (default: @code{#f})
When set, this forbids queries of the ANY type.
@item @code{zonefile-sync} (default: @code{0})
The delay between a modification in memory and on disk. 0 means immediate
synchronization.
@item @code{serial-policy} (default: @code{'increment})
A policy between @code{'increment} and @code{'unixtime}.
@end table
@end deftp
@deftp {Data Type} knot-configuration
Data type representing the Knot configuration.
This type has the following parameters:
@table @asis
@item @code{knot} (default: @code{knot})
The Knot package.
@item @code{run-directory} (default: @code{"/var/run/knot"})
The run directory. This directory will be used for pid file and sockets.
@item @code{listen-v4} (default: @code{"0.0.0.0"})
An ip address on which to listen.
@item @code{listen-v6} (default: @code{"::"})
An ip address on which to listen.
@item @code{listen-port} (default: @code{53})
A port on which to listen.
@item @code{keys} (default: @code{'()})
The list of knot-key-configuration used by this configuration.
@item @code{acls} (default: @code{'()})
The list of knot-acl-configuration used by this configuration.
@item @code{remotes} (default: @code{'()})
The list of knot-remote-configuration used by this configuration.
@item @code{zones} (default: @code{'()})
The list of knot-zone-configuration used by this configuration.
@end table
@end deftp
@node VPN Services
@subsubsection VPN Services
@cindex VPN (virtual private network)
@ -13878,63 +14356,6 @@ Defaults to @samp{#f}.
@c %end of automatic openvpn-server documentation
@deftp {Data Type} nginx-upstream-configuration
Data type representing the configuration of an nginx @code{upstream}
block. This type has the following parameters:
@table @asis
@item @code{name}
Name for this group of servers.
@item @code{servers}
Specify the addresses of the servers in the group. The address can be
specified as a IP address (e.g. @samp{127.0.0.1}), domain name
(e.g. @samp{backend1.example.com}) or a path to a UNIX socket using the
prefix @samp{unix:}. For addresses using an IP address or domain name,
the default port is 80, and a different port can be specified
explicitly.
@end table
@end deftp
@deftp {Data Type} nginx-location-configuration
Data type representing the configuration of an nginx @code{location}
block. This type has the following parameters:
@table @asis
@item @code{uri}
URI which this location block matches.
@anchor{nginx-location-configuration body}
@item @code{body}
Body of the location block, specified as a string. This can contain many
configuration directives. For example, to pass requests to a upstream
server group defined using an @code{nginx-upstream-configuration} block,
the following directive would be specified in the body @samp{proxy_pass
http://upstream-name;}.
@end table
@end deftp
@deftp {Data Type} nginx-named-location-configuration
Data type representing the configuration of an nginx named location
block. Named location blocks are used for request redirection, and not
used for regular request processing. This type has the following
parameters:
@table @asis
@item @code{name}
Name to identify this location block.
@item @code{body}
@xref{nginx-location-configuration body}, as the body for named location
blocks can be used in a similar way to the
@code{nginx-location-configuration body}. One restriction is that the
body of a named location block cannot contain location blocks.
@end table
@end deftp
@node Network File System
@subsubsection Network File System
@cindex NFS

View file

@ -221,7 +221,7 @@ easejs node ${GS}/easejs/manual/
EMACS_GUIX = https://alezost.github.io/guix.el/manual/latest
emacs-guix mono ${EMACS_GUIX}/emacs-guix.html
emacs-guix node ${EMACS_GUIX}/html_node/index.html
emacs-guix node ${EMACS_GUIX}/html_node/
emacs-muse node ${GS}/emacs-muse/manual/muse.html
emacs-muse node ${GS}/emacs-muse/manual/html_node/

View file

@ -130,14 +130,15 @@ (define* (add-user name group
;; 'useradd' fails with "Cannot determine your user name" if the root
;; account doesn't exist. Thus, for bootstrapping purposes, create that
;; one manually.
(begin
(let ((home (or home "/root")))
(call-with-output-file "/etc/shadow"
(cut format <> "~a::::::::~%" name))
(call-with-output-file "/etc/passwd"
(cut format <> "~a:x:~a:~a:~a:~a:~a~%"
name "0" "0" comment home shell))
(chmod "/etc/shadow" #o600)
(copy-account-skeletons (or home "/root"))
(copy-account-skeletons home)
(chmod home #o700)
#t)
;; Use 'useradd' from the Shadow package.

View file

@ -236,7 +236,7 @@ (define (check-fat32-file-system device)
;; <http://www.ecma-international.org/publications/files/ECMA-ST/Ecma-119.pdf>.
(define (iso9660-superblock? sblock)
"Return #t when SBLOCK is a iso9660 superblock."
"Return #t when SBLOCK is an iso9660 volume descriptor."
(bytevector=? (sub-bytevector sblock 1 6)
;; Note: "\x01" is the volume descriptor format version
(string->utf8 "CD001\x01")))
@ -245,20 +245,26 @@ (define (read-iso9660-primary-volume-descriptor device offset)
"Find and read the first primary volume descriptor, starting at OFFSET.
Return #f if not found."
(let* ((sblock (read-superblock device offset 2048 iso9660-superblock?))
(type-code (if sblock (array-ref sblock 0) 255)))
(type-code (if sblock
(bytevector-u8-ref sblock 0)
(error (format #f
"Could not read ISO9660 primary
volume descriptor from ~s"
device)))))
(match type-code
(255 #f) ; Volume Descriptor Set Terminator.
(1 sblock) ; Primary Volume Descriptor
(_ (read-iso9660-primary-volume-descriptor device (+ offset 2048))))))
(define (read-iso9660-superblock device)
"Return the raw contents of DEVICE's iso9660 superblock as a bytevector, or
#f if DEVICE does not contain a iso9660 file system."
"Return the raw contents of DEVICE's iso9660 primary volume descriptor
as a bytevector, or #f if DEVICE does not contain an iso9660 file system."
;; Start reading at sector 16.
(read-iso9660-primary-volume-descriptor device (* 2048 16)))
(define (iso9660-superblock-uuid sblock)
"Return the modification time of a iso9660 superblock SBLOCK as a bytevector."
"Return the modification time of an iso9660 primary volume descriptor
SBLOCK as a bytevector."
;; Drops GMT offset for compatibility with Grub, blkid and /dev/disk/by-uuid.
;; Compare Grub: "2014-12-02-19-30-23-00".
;; Compare blkid result: "2014-12-02-19-30-23-00".
@ -282,6 +288,7 @@ (define (digits->string bytes)
(define (iso9660-superblock-volume-name sblock)
"Return the volume name of SBLOCK as a string. The volume name is an ASCII
string. Trailing spaces are trimmed."
;; Note: Valid characters are of the set "[0-9][A-Z]_" (ECMA-119 Appendix A)
(string-trim-right (latin1->string (sub-bytevector sblock 40 32)
(lambda (c) #f)) #\space))

View file

@ -42,6 +42,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages.scm \
%D%/packages/abduco.scm \
%D%/packages/abiword.scm \
%D%/packages/accessibility.scm \
%D%/packages/acct.scm \
%D%/packages/acl.scm \
%D%/packages/admin.scm \
@ -94,6 +95,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/connman.scm \
%D%/packages/cook.scm \
%D%/packages/cpio.scm \
%D%/packages/cpp.scm \
%D%/packages/cppi.scm \
%D%/packages/cross-base.scm \
%D%/packages/crypto.scm \
@ -321,6 +323,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/protobuf.scm \
%D%/packages/pv.scm \
%D%/packages/python.scm \
%D%/packages/tryton.scm \
%D%/packages/qemu.scm \
%D%/packages/qt.scm \
%D%/packages/ragel.scm \
@ -392,7 +395,6 @@ GNU_SYSTEM_MODULES = \
%D%/packages/video.scm \
%D%/packages/vim.scm \
%D%/packages/vpn.scm \
%D%/packages/vtk.scm \
%D%/packages/w3m.scm \
%D%/packages/wdiff.scm \
%D%/packages/web.scm \
@ -426,6 +428,7 @@ GNU_SYSTEM_MODULES = \
%D%/services/dbus.scm \
%D%/services/desktop.scm \
%D%/services/dict.scm \
%D%/services/dns.scm \
%D%/services/kerberos.scm \
%D%/services/lirc.scm \
%D%/services/mail.scm \
@ -592,6 +595,7 @@ dist_patch_DATA = \
%D%/packages/patches/freeimage-CVE-2016-5684.patch \
%D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \
%D%/packages/patches/fuse-overlapping-headers.patch \
%D%/packages/patches/gajim-CVE-2016-10376.patch \
%D%/packages/patches/gawk-shell.patch \
%D%/packages/patches/gcc-arm-bug-71399.patch \
%D%/packages/patches/gcc-arm-link-spec-fix.patch \
@ -675,7 +679,6 @@ dist_patch_DATA = \
%D%/packages/patches/id3lib-CVE-2007-4460.patch \
%D%/packages/patches/ilmbase-fix-tests.patch \
%D%/packages/patches/isl-0.11.1-aarch64-support.patch \
%D%/packages/patches/jasper-CVE-2017-6850.patch \
%D%/packages/patches/jbig2dec-ignore-testtest.patch \
%D%/packages/patches/jbig2dec-CVE-2016-9601.patch \
%D%/packages/patches/jbig2dec-CVE-2017-7885.patch \
@ -737,25 +740,6 @@ dist_patch_DATA = \
%D%/packages/patches/libssh2-fix-build-failure-with-gcrypt.patch \
%D%/packages/patches/libtar-CVE-2013-4420.patch \
%D%/packages/patches/libtheora-config-guess.patch \
%D%/packages/patches/libtiff-CVE-2016-10092.patch \
%D%/packages/patches/libtiff-CVE-2016-10093.patch \
%D%/packages/patches/libtiff-CVE-2016-10094.patch \
%D%/packages/patches/libtiff-CVE-2017-5225.patch \
%D%/packages/patches/libtiff-CVE-2017-7593.patch \
%D%/packages/patches/libtiff-CVE-2017-7594.patch \
%D%/packages/patches/libtiff-multiple-UBSAN-crashes.patch \
%D%/packages/patches/libtiff-assertion-failure.patch \
%D%/packages/patches/libtiff-divide-by-zero-ojpeg.patch \
%D%/packages/patches/libtiff-divide-by-zero-tiffcp.patch \
%D%/packages/patches/libtiff-divide-by-zero-tiffcrop.patch \
%D%/packages/patches/libtiff-divide-by-zero.patch \
%D%/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch \
%D%/packages/patches/libtiff-heap-overflow-tif-dirread.patch \
%D%/packages/patches/libtiff-heap-overflow-tiffcp.patch \
%D%/packages/patches/libtiff-heap-overflow-tiffcrop.patch \
%D%/packages/patches/libtiff-invalid-read.patch \
%D%/packages/patches/libtiff-null-dereference.patch \
%D%/packages/patches/libtiff-tiffcp-underflow.patch \
%D%/packages/patches/libtirpc-CVE-2017-8779.patch \
%D%/packages/patches/libtorrent-rasterbar-boost-compat.patch \
%D%/packages/patches/libtool-skip-tests2.patch \
@ -858,6 +842,7 @@ dist_patch_DATA = \
%D%/packages/patches/openexr-missing-samples.patch \
%D%/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch \
%D%/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch \
%D%/packages/patches/openldap-CVE-2017-9287.patch \
%D%/packages/patches/openocd-nrf52.patch \
%D%/packages/patches/openssl-runpath.patch \
%D%/packages/patches/openssl-1.1.0-c-rehash-in.patch \
@ -922,6 +907,12 @@ dist_patch_DATA = \
%D%/packages/patches/python-3.5-getentropy-on-old-kernels.patch \
%D%/packages/patches/python-dendropy-fix-tests.patch \
%D%/packages/patches/python-fix-tests.patch \
%D%/packages/patches/python-genshi-add-support-for-python-3.4-AST.patch \
%D%/packages/patches/python-genshi-buildable-on-python-2.7.patch \
%D%/packages/patches/python-genshi-disable-speedups-on-python-3.3.patch \
%D%/packages/patches/python-genshi-fix-tests-on-python-3.5.patch \
%D%/packages/patches/python-genshi-isstring-helper.patch \
%D%/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch \
%D%/packages/patches/python-parse-too-many-fields.patch \
%D%/packages/patches/python2-rdflib-drop-sparqlwrapper.patch \
%D%/packages/patches/python-statsmodels-fix-tests.patch \
@ -959,6 +950,7 @@ dist_patch_DATA = \
%D%/packages/patches/ruby-puma-ignore-broken-test.patch \
%D%/packages/patches/ruby-rack-ignore-failing-test.patch \
%D%/packages/patches/ruby-tzinfo-data-ignore-broken-test.patch\
%D%/packages/patches/rxvt-unicode-escape-sequences.patch \
%D%/packages/patches/scheme48-tests.patch \
%D%/packages/patches/scotch-test-threading.patch \
%D%/packages/patches/screen-fix-info-syntax-error.patch \
@ -977,7 +969,7 @@ dist_patch_DATA = \
%D%/packages/patches/superlu-dist-scotchmetis.patch \
%D%/packages/patches/swish-e-search.patch \
%D%/packages/patches/swish-e-format-security.patch \
%D%/packages/patches/synfig-build-fix.patch \
%D%/packages/patches/synfigstudio-fix-ui-with-gtk3.patch \
%D%/packages/patches/t1lib-CVE-2010-2642.patch \
%D%/packages/patches/t1lib-CVE-2011-0764.patch \
%D%/packages/patches/t1lib-CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch \

View file

@ -0,0 +1,78 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017 ng0 <ng0@no-reply.pragmatique.xyz>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages accessibility)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system glib-or-gtk)
#:use-module (gnu packages)
#:use-module (gnu packages xml)
#:use-module (gnu packages gnome)
#:use-module (gnu packages gstreamer)
#:use-module (gnu packages gtk)
#:use-module (gnu packages xorg)
#:use-module (gnu packages gettext)
#:use-module (gnu packages glib)
#:use-module (gnu packages pkg-config))
(define-public florence
(package
(name "florence")
(version "0.6.3")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/florence/florence/" version
"/" name "-" version ".tar.bz2"))
(sha256
(base32
"07h9qm22krlwayhzvc391lr23vicw81s48g7rirvx1fj0zyr4aa2"))))
(build-system glib-or-gtk-build-system)
(arguments
`(#:configure-flags (list "--with-xtst"
"--without-docs"
"--with-notification")))
(inputs
`(("libxml2" ,libxml2)
("libglade" ,libglade)
("librsvg" ,librsvg)
("gstreamer" ,gstreamer)
("cairo" ,cairo)
("gtk+" ,gtk+)
("libxtst" ,libxtst)
("libxcomposite" ,libxcomposite)
("libnotify" ,libnotify)))
(native-inputs
`(("gettext-minimal" ,gettext-minimal)
("intltool" ,intltool)
("pkg-config" ,pkg-config)))
(home-page "http://florence.sourceforge.net/")
(synopsis "Extensible, scalable virtual keyboard for X11")
(description
"Florence is an extensible scalable virtual keyboard for X11.
It is useful for people who can't use a real hardware keyboard (for
example for people with disabilities), but you must be able to use
a pointing device (as a mouse, a trackball, a touchscreen or opengazer).
Florence stays out of your way when you don't need it: it appears on the
screen only when you need it. A timer-based auto-click input method is
available to help to click.")
;; The documentation is under FDL1.2, but we do not install the
;; documentation.
(license license:gpl2+)))

View file

@ -802,7 +802,7 @@ (define-public rottlog
(define-public sudo
(package
(name "sudo")
(version "1.8.19p1")
(version "1.8.20p2")
(source (origin
(method url-fetch)
(uri
@ -812,7 +812,10 @@ (define-public sudo
version ".tar.gz")))
(sha256
(base32
"14pwdwl03kdbbyjkvxrfx409x3c1fjqz8aqz2wgwddinhz7v3bxq"))))
"1na5likm1srnd1g5sjx7b0543sczw0yppacyqsazfdg9b48awhmx"))
(modules '((guix build utils)))
(snippet
'(delete-file-recursively "lib/zlib"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
@ -860,6 +863,7 @@ (define-public sudo
(inputs
`(("groff" ,groff)
("linux-pam" ,linux-pam)
("zlib" ,zlib)
("coreutils" ,coreutils)))
(home-page "https://www.sudo.ws/")
(synopsis "Run commands as root")

View file

@ -133,7 +133,7 @@ (define-public fplll
(define-public pari-gp
(package
(name "pari-gp")
(version "2.9.1")
(version "2.9.2")
(source (origin
(method url-fetch)
(uri (string-append
@ -141,7 +141,7 @@ (define-public pari-gp
version ".tar.gz"))
(sha256
(base32
"0rq7wz9df1xs4acdzzb5dapx8vs6m5py39n2wynw2qv4d2b0ylfw"))))
"0zi08qz9nk17wwdna4xb2vp3i3mh5sgv1y8wqbf0j2sfryxlr8ls"))))
(build-system gnu-build-system)
(native-inputs `(("texlive" ,texlive-minimal)))
(inputs `(("gmp" ,gmp)

View file

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net>
;;;
;;; This file is part of GNU Guix.
;;;
@ -23,6 +23,7 @@ (define-module (gnu packages animation)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix build-system gnu)
#:use-module (gnu packages)
#:use-module (gnu packages algebra)
#:use-module (gnu packages boost)
#:use-module (gnu packages compression)
#:use-module (gnu packages fontutils)
@ -38,15 +39,15 @@ (define-module (gnu packages animation)
(define-public etl
(package
(name "etl")
(version "0.04.19")
(version "0.04.22")
(source (origin
(method url-fetch)
;; Keep this synchronized with the synfig release version.
(uri (string-append "mirror://sourceforge/synfig/releases/"
"1.0.2/source/ETL-" version ".tar.gz"))
"1.2.0/source/ETL-" version ".tar.gz"))
(sha256
(base32
"070c70slizrklq1gbgja8m49xfmq65wlcd6hz6418cpx0wd4r55s"))))
"0ii73nsd3xzkhz6w1rnxwphl637j9w82xiy6apa9vin2isdynnmc"))))
(build-system gnu-build-system)
(home-page "http://www.synfig.org")
(synopsis "Extended C++ template library")
@ -59,7 +60,7 @@ (define-public etl
(define-public synfig
(package
(name "synfig")
(version "1.0.2")
(version "1.2.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/synfig/releases/"
@ -67,8 +68,7 @@ (define-public synfig
".tar.gz"))
(sha256
(base32
"1d3z2r78j3rkff47q3wl0ami69y3l4nyi5r9zclymb8ar7mgkk9l"))
(patches (search-patches "synfig-build-fix.patch"))))
"1gqx4gn4c73rqwhsgzx0a460gr9hadmi28csp75rx30qavqsj7k1"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
@ -90,16 +90,6 @@ (define-public synfig
(("remove_child\\(") "remove_node("))
(substitute* "src/modules/mod_svg/svg_parser.cpp"
(("xmlpp::Node::NodeList") "xmlpp::Node::const_NodeList"))
#t))
(add-after 'unpack 'fix-isnan-error
(lambda _
(substitute* "src/synfig/time.cpp"
(("return !::isnan") "return !std::isnan"))
#t))
(add-before 'configure 'set-flags
(lambda _
;; Compile with C++11, required by libsigc++.
(setenv "CXXFLAGS" "-D__STDC_CONSTANT_MACROS -std=gnu++11")
#t)))))
(inputs
`(("boost" ,boost)
@ -110,11 +100,12 @@ (define-public synfig
("libmng" ,libmng)
("zlib" ,zlib)))
;; synfig.pc lists the following as required: Magick++ freetype2
;; fontconfig OpenEXR ETL glibmm-2.4 giomm-2.4 libxml++-3.0 sigc++-2.0
;; fontconfig fftw OpenEXR ETL glibmm-2.4 giomm-2.4 libxml++-3.0 sigc++-2.0
;; cairo pango pangocairo mlt++
(propagated-inputs
`(("cairo" ,cairo)
("etl" ,etl)
("fftw" ,fftw)
("fontconfig" ,fontconfig)
("freetype" ,freetype)
("glibmm" ,glibmm)
@ -137,7 +128,7 @@ (define-public synfig
(define-public synfigstudio
(package
(name "synfigstudio")
(version "1.0.2")
(version "1.2.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/synfig/releases/"
@ -145,29 +136,32 @@ (define-public synfigstudio
".tar.gz"))
(sha256
(base32
"1xa74dlgkpjn0gzdcs0x25z7wg0806v2wygvvi73f7sn1fm88ig4"))
"0fbckfbw8dzf0m2wv7vlmw492k1dqa3zf510z019d0as3zpnp6qm"))
(modules '((guix build utils)))
(snippet
'(begin
(substitute* "src/synfigapp/pluginmanager.cpp"
(("xmlpp::Node\\* n =") "const xmlpp::Node* n =")
(("xmlpp::Node::NodeList") "xmlpp::Node::const_NodeList"))
;; Some files are ISO-8859-1 encoded.
(with-fluids ((%default-port-encoding #f))
(substitute* (find-files "src/" "\\.(cpp|h)$")
(("#include <sigc\\+\\+/retype\\.h>")
"#include <sigc++/adaptors/retype.h>")
(("#include <sigc\\+\\+/hide\\.h>")
"#include <sigc++/adaptors/hide.h>")
(("#include <sigc\\+\\+/object\\.h>")
"#include <sigc++/trackable.h>")))
#t))))
#t))
(patches
(search-patches "synfigstudio-fix-ui-with-gtk3.patch"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
(list "CXXFLAGS=-std=gnu++11")))
`(#:phases
(modify-phases %standard-phases
;; This fixes the file chooser crash that happens with GTK 3.
(add-after 'install 'wrap-program
(lambda* (#:key inputs outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(gtk (assoc-ref inputs "gtk+"))
(gtk-share (string-append gtk "/share")))
(wrap-program (string-append out "/bin/synfigstudio")
`("XDG_DATA_DIRS" ":" prefix (,gtk-share)))
#t))))))
(inputs
`(("gtkmm" ,gtkmm)
("gtk+" ,gtk+)
("libsigc++" ,libsigc++)
("synfig" ,synfig)))
(native-inputs

View file

@ -118,7 +118,7 @@ (define-public duplicity
(define-public par2cmdline
(package
(name "par2cmdline")
(version "0.7.0")
(version "0.7.1")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/Parchive/par2cmdline/archive/v"
@ -126,14 +126,13 @@ (define-public par2cmdline
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"1m9vnv3pg0nds47raq2rd2kfpaad1sc10hv40hll5byksqlbfxyq"))))
"0b2m90jmxm37zpvwcmhshdznnh3l5g5ahdx459a9ckgsxy77jkl9"))))
(native-inputs
`(("automake" ,automake)
("autoconf" ,autoconf)))
(build-system gnu-build-system)
(arguments
`(#:parallel-tests? #f
#:phases
`(#:phases
(modify-phases %standard-phases
(add-after 'unpack 'autoreconf
(lambda _ (zero? (system* "autoreconf" "-vfi")))))))

View file

@ -2093,7 +2093,7 @@ (define-public deeptools
(define-public diamond
(package
(name "diamond")
(version "0.9.1")
(version "0.9.3")
(source (origin
(method url-fetch)
(uri (string-append
@ -2102,7 +2102,7 @@ (define-public diamond
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"062943yk3mp23jpcawamkh1zawx9br95l7w178v0kyr863v4p5a1"))))
"1fs5ilvda50vfdg9wll35w8hcpq3jlkp8q2kim4llkwljkj8bls3"))))
(build-system cmake-build-system)
(arguments
'(#:tests? #f ; no "check" target
@ -3214,6 +3214,44 @@ (define-public khmer
(supported-systems '("x86_64-linux"))
(license license:bsd-3)))
(define-public kaiju
(package
(name "kaiju")
(version "1.5.0")
(source (origin
(method url-fetch)
(uri (string-append
"https://github.com/bioinformatics-centre/kaiju/archive/v"
version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"0afbfalfw9y39bkwnqjrh9bghs118ws1pzj5h8l0nblgn3mbjdks"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; There are no tests.
#:phases
(modify-phases %standard-phases
(delete 'configure)
(add-before 'build 'move-to-src-dir
(lambda _ (chdir "src") #t))
(replace 'install
(lambda* (#:key inputs outputs #:allow-other-keys)
(let ((bin (string-append (assoc-ref outputs "out") "/bin")))
(mkdir-p bin)
(chdir "..")
(copy-recursively "bin" bin)
(copy-recursively "util" bin))
#t)))))
(inputs
`(("perl" ,perl)))
(home-page "http://kaiju.binf.ku.dk/")
(synopsis "Fast and sensitive taxonomic classification for metagenomics")
(description "Kaiju is a program for sensitive taxonomic classification
of high-throughput sequencing reads from metagenomic whole genome sequencing
experiments.")
(license license:gpl3+)))
(define-public macs
(package
(name "macs")

View file

@ -91,7 +91,11 @@ (define-public grub
;; Make the font visible.
(copy-file (assoc-ref inputs "unifont") "unifont.bdf.gz")
(system* "gunzip" "unifont.bdf.gz")
#t)))))
#t)))
;; We suspect there are race conditions when running tests in parallel:
;; <https://bugs.gnu.org/26936>.
#:parallel-tests? #f))
(inputs
`(("gettext" ,gettext-minimal)

59
gnu/packages/cpp.scm Normal file
View file

@ -0,0 +1,59 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017 Ethan R. Jones <doubleplusgood23@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages cpp)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu)
#:use-module (gnu packages)
#:use-module (gnu packages autotools))
(define-public libzen
(package
(name "libzen")
(version "0.4.35")
(source (origin
(method url-fetch)
(uri (string-append "https://mediaarea.net/download/source/"
name "/" version "/"
name "_" version ".tar.bz2"))
(sha256
(base32
"12a1icgcffgv503ii2k1453kxg5hfly09mf4zjcc80aq8a6rf8by"))))
(native-inputs
`(("autoconf" ,autoconf)
("automake" ,automake)
("libtool" ,libtool)))
(build-system gnu-build-system)
(arguments
'(#:phases
;; build scripts not in root of archive
(modify-phases %standard-phases
(add-before 'configure 'pre-configure
(lambda _
(chdir "Project/GNU/Library")))
(add-before 'configure 'autogen
(lambda _
(zero? (system* "./autogen.sh")))))))
(home-page "https://github.com/MediaArea/ZenLib")
(synopsis "C++ utility library")
(description "ZenLib is a C++ utility library. It includes classes for handling
strings, configuration, bit streams, threading, translation, and cross-platform
operating system functions.")
(license license:zlib)))

View file

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
;;; Copyright © 2016 Manolis Fragkiskos Ragkousis <manolis837@gmail.com>
@ -40,10 +40,13 @@ (define-module (gnu packages cross-base)
cross-gcc
cross-newlib?))
(define %xgcc
(define-syntax %xgcc
;; GCC package used as the basis for cross-compilation. It doesn't have to
;; be 'gcc' and can be a specific variant such as 'gcc-4.8'.
gcc)
;;
;; Note: This is a macro so that we do not refer to 'gcc' from the top
;; level, which would lead to circular-dependency issues.
(identifier-syntax gcc))
(define %gcc-include-paths
;; Environment variables for header search paths.

View file

@ -372,7 +372,7 @@ (define-public mysql
(define-public mariadb
(package
(name "mariadb")
(version "10.1.23")
(version "10.1.24")
(source (origin
(method url-fetch)
(uri (string-append "https://downloads.mariadb.org/f/"
@ -380,7 +380,7 @@ (define-public mariadb
name "-" version ".tar.gz"))
(sha256
(base32
"1gq08dj9skr0gli1nj7a8wl92w8lmmqy0sbxvkmy79dz4i713n2l"))))
"07jm9m7d5x4zdpasdjs98m36dkjl7ypc9jz4xmnczj0ybfp9kpxk"))))
(build-system cmake-build-system)
(arguments
'(#:configure-flags

View file

@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com>
;;;
;;; This file is part of GNU Guix.
@ -25,6 +25,11 @@ (define-module (gnu packages dictionaries)
#:use-module (guix build-system gnu)
#:use-module (guix build-system trivial)
#:use-module (gnu packages base)
#:use-module (gnu packages curl)
#:use-module (gnu packages emacs)
#:use-module (gnu packages fribidi)
#:use-module (gnu packages linux)
#:use-module (gnu packages readline)
#:use-module (gnu packages texinfo)
#:use-module (gnu packages compression)
#:use-module (gnu packages tcl))
@ -200,3 +205,50 @@ (define-public ding
It comes with a German-English dictionary with approximately 270,000 entries.")
(home-page "http://www-user.tu-chemnitz.de/~fri/ding/")
(license gpl2+)))
(define-public translate-shell
(package
(name "translate-shell")
(version "0.9.6.3")
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/soimort/" name "/archive/v"
version ".tar.gz"))
(sha256
(base32
"13rjq9v3ykk5c0i5daybpnqnyg09cbcgjzykx49h2h5hvspixvi5"))
(file-name (string-append name "-" version ".tar.gz"))))
(build-system gnu-build-system)
(arguments
`(#:phases
(modify-phases %standard-phases
(delete 'configure) ; no configure phase
(add-after 'install 'emacs-install
(lambda* (#:key inputs outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(dest (string-append out "/share/emacs/site-lisp"))
(emacs (string-append (assoc-ref inputs "emacs") "/bin/emacs")))
(install-file "google-translate-mode.el" dest)
(emacs-generate-autoloads ,name dest)))))
#:make-flags (list (string-append "PREFIX=" %output))
#:imported-modules (,@%gnu-build-system-modules (guix build emacs-utils))
#:modules ((guix build gnu-build-system)
(guix build emacs-utils)
(guix build utils))
#:test-target "test"))
(propagated-inputs
`(("curl" ,curl)
("fribidi" ,fribidi)
("rlwrap" ,rlwrap)))
(native-inputs
`(("emacs" ,emacs-minimal)
("util-linux" ,util-linux))) ; hexdump, for the test
(home-page "https://www.soimort.org/translate-shell")
(synopsis "Translations from the command line")
(description
"Translate Shell (formerly Google Translate CLI) is a command-line
translator powered by Google Translate (default), Bing Translator,
Yandex.Translate and Apertium. It gives you easy access to one of these
translation engines from your terminal.")
(license public-domain)))

View file

@ -335,28 +335,7 @@ (define-public paredit
(sha256
(base32
"0pp3n8q6kc70blqsaw0zlzp6bc327dpgdrjr0cnh7hqg1lras7ka"))))
(build-system trivial-build-system)
(native-inputs `(("emacs" ,emacs-minimal)))
(arguments
`(#:modules ((guix build utils)
(guix build emacs-utils))
#:builder
(begin
(use-modules (guix build utils))
(use-modules (guix build emacs-utils))
(let* ((emacs (string-append (assoc-ref %build-inputs "emacs")
"/bin/emacs"))
(source (assoc-ref %build-inputs "source"))
(lisp-dir (string-append %output
"/share/emacs/site-lisp"))
(target (string-append lisp-dir "/paredit.el")))
(mkdir-p lisp-dir)
(copy-file source target)
(with-directory-excursion lisp-dir
(parameterize ((%emacs emacs))
(emacs-generate-autoloads ,name lisp-dir)
(emacs-batch-eval '(byte-compile-file "paredit.el"))))))))
(build-system emacs-build-system)
(home-page "http://mumble.net/~campbell/emacs/paredit/")
(synopsis "Emacs minor mode for editing parentheses")
(description
@ -386,31 +365,7 @@ (define-public git-modes
(sha256
(base32
"0xxrmf0jnyljxvllc22qa0v8lgi4k1ldnayjm5hf68m25jsr378l"))))
(build-system gnu-build-system)
(arguments
`(#:modules ((guix build gnu-build-system)
(guix build emacs-utils)
(guix build utils))
#:imported-modules (,@%gnu-build-system-modules
(guix build emacs-utils))
#:make-flags (list (string-append "PREFIX="
(assoc-ref %outputs "out"))
;; Don't put .el files in a 'git-modes'
;; sub-directory.
(string-append "LISPDIR="
(assoc-ref %outputs "out")
"/share/emacs/site-lisp"))
#:tests? #f ; no check target
#:phases (modify-phases %standard-phases
(delete 'configure)
(add-after 'install 'emacs-autoloads
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(lisp (string-append
out "/share/emacs/site-lisp/")))
(emacs-generate-autoloads ,name lisp)))))))
(native-inputs `(("emacs" ,emacs-minimal)))
(build-system emacs-build-system)
(home-page "https://github.com/magit/git-modes")
(synopsis "Emacs major modes for Git configuration files")
(description
@ -694,30 +649,7 @@ (define-public let-alist
(sha256
(base32
"07312bvvyz86lf64vdkxg2l1wgfjl25ljdjwlf1bdzj01c4hm88x"))))
(build-system trivial-build-system)
(arguments
`(#:modules ((guix build utils)
(guix build emacs-utils))
#:builder (begin
(use-modules (guix build emacs-utils)
(guix build utils))
(let* ((out (assoc-ref %outputs "out"))
(lispdir (string-append out
"/share/emacs/site-lisp/"
"guix.d/let-alist-"
,version))
(emacs (assoc-ref %build-inputs "emacs")))
(mkdir-p lispdir)
(copy-file (assoc-ref %build-inputs "source")
(string-append lispdir "/let-alist.el"))
(setenv "PATH" (string-append emacs "/bin"))
(emacs-byte-compile-directory lispdir)
#t))))
(native-inputs `(("emacs" ,emacs-minimal)))
(build-system emacs-build-system)
(home-page "https://elpa.gnu.org/packages/let-alist.html")
(synopsis "Easily let-bind values of an assoc-list by their names")
(description
@ -1228,6 +1160,37 @@ (define-public emacs-calfw
the Emacs buffer.")
(license license:gpl3+)))
(define-public emacs-direnv
(package
(name "emacs-direnv")
(version "1.2.0")
(source
(origin
(method url-fetch)
(uri (string-append
"https://github.com/wbolster/emacs-direnv/archive/"
version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"0m9nxawklhiiysyibzzhh2zkxgq1fskqvaqb06f7r8dnhabfy9fr"))))
(build-system emacs-build-system)
(propagated-inputs
`(("dash" ,emacs-dash)
("with-editor" ,emacs-with-editor)))
(home-page "https://github.com/wbolster/emacs-direnv")
(synopsis "Direnv integration for Emacs")
(description
"This package provides support for invoking direnv to get the environment
for the current file and updating the environment within Emacs to match.
Direnv can be invoked manually, and a global minor mode is included that will
update the environment when the active buffer changes.
Using emacs-direnv means that programs started from Emacs will use the
environment set through Direnv.")
(license license:gpl3+)))
(define-public emacs-google-maps
(package
(name "emacs-google-maps")
@ -2053,6 +2016,7 @@ (define-public emacs-debbugs
(base32
"07wgcvg038l88gxvjr0gjpjhyk743w22x1rqghz3gkmif0g70say"))))
(build-system emacs-build-system)
(arguments '(#:include '("\\.el$" "\\.wsdl$" "\\.info$")))
(propagated-inputs
`(("emacs-async" ,emacs-async)))
(home-page "https://elpa.gnu.org/packages/debbugs.html")
@ -4587,9 +4551,12 @@ (define-public emacs-exwm
TryExec=~@*~a~@
Type=Application~%" ,name ,synopsis exwm-executable)))
;; Add a shell wrapper to bin
;; Set DISPLAY variable to work around
;; https://github.com/ch11ng/exwm/issues/213
(with-output-to-file exwm-executable
(lambda _
(format #t "#!~a ~@
export DISPLAY=:0 ~@
~a +SI:localuser:$USER ~@
exec ~a --exit-with-session ~a \"$@\" --eval '~s' ~%"
(string-append (assoc-ref inputs "bash") "/bin/sh")
@ -4877,3 +4844,31 @@ (define-public emacs-disable-mouse
pair of minor modes which suppress all mouse events by intercepting them and
running a customisable handler command (@code{ignore} by default). ")
(license license:gpl3+)))
(define-public emacs-restclient
(let ((commit "07a3888bb36d0e29608142ebe743b4362b800f40")
(revision "1")) ;Guix package revision,
;upstream doesn't have official releases
(package
(name "emacs-restclient")
(version (string-append revision "."
(string-take commit 7)))
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/pashky/restclient.el.git")
(commit commit)))
(sha256
(base32
"00lmjhb5im1kgrp54yipf1h9pshxzgjlg71yf2rq5n973gvb0w0q"))
(file-name (git-file-name name version))))
(build-system emacs-build-system)
(propagated-inputs
`(("emacs-helm" ,emacs-helm)))
(home-page "https://github.com/pashky/restclient.el")
(synopsis "Explore and test HTTP REST webservices")
(description
"This tool allows for testing and exploration of HTTP REST Web services
from within Emacs. Restclient runs queries from a plan-text query sheet,
displays results pretty-printed in XML or JSON with @code{restclient-mode}")
(license license:public-domain))))

View file

@ -7,7 +7,7 @@
;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016, 2017 ng0 <ng0@libertad.pw>
;;; Copyright © 2016, 2017 ng0 <ng0@no-reply.pragmatique.xyz>
;;; Copyright © 2016 Jookia <166291@gmail.com>
;;; Copyright © 2016 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2016 Dmitry Nikolaev <cameltheman@gmail.com>
@ -42,6 +42,7 @@ (define-module (gnu packages fonts)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix git-download)
#:use-module (guix build-system font)
#:use-module (guix build-system gnu)
#:use-module (guix build-system trivial)
#:use-module (gnu packages base)
@ -64,18 +65,7 @@ (define-public font-inconsolata
(sha256
(base32
"06js6znbcf7swn8y3b8ki416bz96ay7d3yvddqnvi88lqhbfcq8m"))))
(build-system trivial-build-system)
(arguments
`(#:modules ((guix build utils))
#:builder (begin
(use-modules (guix build utils))
(let ((font-dir (string-append %output
"/share/fonts/opentype"))
(source (assoc-ref %build-inputs "source")))
(mkdir-p font-dir)
(copy-file source
(string-append font-dir "/" "inconsolata.otf"))))))
(native-inputs `(("source" ,source)))
(build-system font-build-system)
(home-page "http://levien.com/type/myfonts/inconsolata.html")
(synopsis "Monospace font")
(description "A monospace font, designed for code listings and the like,
@ -94,34 +84,7 @@ (define-public font-ubuntu
(sha256
(base32
"0hjvq2x758dx0sfwqhzflns0ns035qm7h6ygskbx1svzg517sva5"))))
(build-system trivial-build-system)
(arguments
`(#:modules ((guix build utils))
#:builder (begin
(use-modules (guix build utils)
(srfi srfi-26))
(let ((PATH (string-append (assoc-ref %build-inputs
"unzip")
"/bin"))
(font-dir (string-append %output
"/share/fonts/truetype"))
(doc-dir (string-append %output "/share/doc/"
,name "-" ,version)))
(setenv "PATH" PATH)
(system* "unzip" (assoc-ref %build-inputs "source"))
(mkdir-p font-dir)
(mkdir-p doc-dir)
(chdir (string-append "ubuntu-font-family-" ,version))
(for-each (lambda (ttf)
(install-file ttf font-dir))
(find-files "." "\\.ttf$"))
(for-each (lambda (doc)
(install-file doc doc-dir))
(find-files "." "\\.txt$"))))))
(native-inputs `(("source" ,source)
("unzip" ,unzip)))
(build-system font-build-system)
(home-page "http://font.ubuntu.com/")
(synopsis "The Ubuntu Font Family")
(description "The Ubuntu Font Family is a unique, custom designed font
@ -144,43 +107,15 @@ (define-public font-dejavu
(sha256
(base32
"1mqpds24wfs5cmfhj57fsfs07mji2z8812i5c4pi5pbi738s977s"))))
(build-system trivial-build-system)
(build-system font-build-system)
(arguments
`(#:modules ((guix build utils))
#:builder (begin
(use-modules (guix build utils))
(let ((tar (string-append (assoc-ref %build-inputs
"tar")
"/bin/tar"))
(PATH (string-append (assoc-ref %build-inputs
"bzip2")
"/bin"))
(font-dir (string-append
%output "/share/fonts/truetype"))
(conf-dir (string-append
%output "/share/fontconfig/conf.avail"))
(doc-dir (string-append
%output "/share/doc/" ,name "-" ,version)))
(setenv "PATH" PATH)
(system* tar "xvf" (assoc-ref %build-inputs "source"))
(mkdir-p font-dir)
(mkdir-p conf-dir)
(mkdir-p doc-dir)
(chdir (string-append "dejavu-fonts-ttf-" ,version))
(for-each (lambda (ttf)
(install-file ttf font-dir))
(find-files "ttf" "\\.ttf$"))
(for-each (lambda (conf)
(install-file conf conf-dir))
(find-files "fontconfig" "\\.conf$"))
(for-each (lambda (doc)
(install-file doc doc-dir))
(find-files "." "\\.txt$|^[A-Z][A-Z]*$"))))))
(native-inputs `(("source" ,source)
("tar" ,tar)
("bzip2" ,bzip2)))
`(#:phases
(modify-phases %standard-phases
(add-after 'install 'install-conf
(lambda* (#:key outputs #:allow-other-keys)
(let ((conf-dir (string-append (assoc-ref outputs "out")
"/share/fontconfig/conf.avail")))
(copy-recursively "fontconfig" conf-dir)))))))
(home-page "http://dejavu-fonts.org/")
(synopsis "Vera font family derivate with additional characters")
(description "DejaVu provides an expanded version of the Vera font family
@ -204,38 +139,7 @@ (define-public font-bitstream-vera
(sha256
(base32
"1p3qs51x5327gnk71yq8cvmxc6wgx79sqxfvxcv80cdvgggjfnyv"))))
(build-system trivial-build-system)
(arguments
`(#:modules ((guix build utils))
#:builder (begin
(use-modules (guix build utils)
(srfi srfi-26))
(let ((tar (string-append (assoc-ref %build-inputs
"tar")
"/bin/tar"))
(PATH (string-append (assoc-ref %build-inputs
"bzip2")
"/bin"))
(font-dir (string-append %output
"/share/fonts/truetype"))
(doc-dir (string-append %output "/share/doc/"
,name "-" ,version)))
(setenv "PATH" PATH)
(system* tar "xvf" (assoc-ref %build-inputs "source"))
(mkdir-p font-dir)
(mkdir-p doc-dir)
(chdir (string-append "ttf-bitstream-vera-" ,version))
(for-each (lambda (ttf)
(install-file ttf font-dir))
(find-files "." "\\.ttf$"))
(for-each (lambda (doc)
(install-file doc doc-dir))
(find-files "." "\\.TXT$"))))))
(native-inputs `(("source" ,source)
("tar" ,tar)
("bzip2" ,bzip2)))
(build-system font-build-system)
(home-page "http://www.gnome.org/fonts/")
(synopsis "Bitstream Vera sans-serif typeface")
(description "Vera is a sans-serif typeface from Bitstream, Inc. This
@ -327,34 +231,7 @@ (define-public font-liberation
(sha256
(base32
"010m4zfqan4w04b6bs9pm3gapn9hsb18bmwwgp2p6y6idj52g43q"))))
(build-system trivial-build-system)
(arguments
`(#:modules ((guix build utils))
#:builder
(begin
(use-modules (guix build utils))
(let ((tar (string-append (assoc-ref %build-inputs "tar")
"/bin/tar"))
(PATH (string-append (assoc-ref %build-inputs "gzip")
"/bin"))
(font-dir (string-append %output "/share/fonts/truetype"))
(doc-dir (string-append %output "/share/doc/" ,name)))
(setenv "PATH" PATH)
(system* tar "xvf" (assoc-ref %build-inputs "source"))
(mkdir-p font-dir)
(mkdir-p doc-dir)
(chdir (string-append "liberation-fonts-ttf-" ,version))
(for-each (lambda (ttf)
(install-file ttf font-dir))
(find-files "." "\\.ttf$"))
(for-each (lambda (doc)
(install-file doc doc-dir))
'("AUTHORS" "ChangeLog" "LICENSE" "README" "TODO"))))))
(native-inputs
`(("source" ,source)
("tar" ,tar)
("gzip" ,gzip)))
(build-system font-build-system)
(home-page "https://pagure.io/liberation-fonts/")
(synopsis
"Fonts compatible with Arial, Times New Roman, and Courier New")
@ -526,42 +403,14 @@ (define-public font-adobe-source-han-sans
(define-public font-cns11643
(package
(name "font-cns11643")
(version "98.1.20170405")
(version "98.1.20170524")
(source (origin
(method url-fetch)
(uri "http://www.cns11643.gov.tw/AIDB/Open_Data.zip")
(sha256
(base32
"02kb3bwjrra0k2hlr2p8xswd2y0xs6j8d9vm6yrby734h02a40qf"))))
(outputs '("out" "tw-kai" "tw-sung"))
(build-system trivial-build-system)
(native-inputs
`(("unzip" ,unzip)))
(arguments
`(#:modules ((guix build utils))
#:builder
(begin
(use-modules (guix build utils))
(let* ((font-dir "/share/fonts/truetype/cns11643")
(out (string-append
(assoc-ref %outputs "out") font-dir))
(tw-kai (string-append
(assoc-ref %outputs "tw-kai") font-dir))
(tw-sung (string-append
(assoc-ref %outputs "tw-sung") font-dir))
(unzip (string-append
(assoc-ref %build-inputs "unzip") "/bin/unzip")))
(system* unzip (assoc-ref %build-inputs "source"))
(chdir "Open_Data/Fonts/")
(install-file "TW-Kai-98_1.ttf" tw-kai)
(install-file "TW-Sung-98_1.ttf" tw-sung)
(install-file "TW-Kai-98_1.ttf" out)
(install-file "TW-Kai-Ext-B-98_1.ttf" out)
(install-file "TW-Kai-Plus-98_1.ttf" out)
(install-file "TW-Sung-98_1.ttf" out)
(install-file "TW-Sung-Ext-B-98_1.ttf" out)
(install-file "TW-Sung-Plus-98_1.ttf" out)
#t))))
"1iad6rklxkx03ji1fav9faq7cmqkci3i6pcyg2ilvh984j5qzhq3"))))
(build-system font-build-system)
(home-page "http://www.cns11643.gov.tw/AIDB/welcome.do")
(synopsis "CJK TrueType fonts, TW-Kai and TW-Sung")
(description
@ -594,19 +443,7 @@ (define-public font-cns11643-swjz
(sha256
(base32
"1qkljldbmb53zp1rcmpsb8rzy67rnsqcjxi549m9743ifk4isl78"))))
(build-system trivial-build-system)
(arguments
`(#:modules ((guix build utils))
#:builder
(begin
(use-modules (guix build utils))
(let ((font-dir (string-append %output
"/share/fonts/truetype/cns11643"))
(source (assoc-ref %build-inputs "source")))
(mkdir-p font-dir)
(copy-file source
(string-append font-dir "/" "ebas927.ttf"))
#t))))
(build-system font-build-system)
(home-page
(string-append "http://www.cns11643.gov.tw/AIDB/download.do"
"?name=%E5%AD%97%E5%9E%8B%E4%B8%8B%E8%BC%89"))
@ -1168,26 +1005,8 @@ (define-public font-awesome
name "-" version ".zip"))
(sha256
(base32
"1frhmw41lnnm9rda2zs202pvfi5vzlrsw4xfp4mswl0qgws61mcd"))))
(build-system trivial-build-system)
(native-inputs
`(("unzip" ,unzip)))
(arguments
`(#:modules ((guix build utils))
#:builder (begin
(use-modules (guix build utils))
(let* ((font-dir (string-append %output
"/share/fonts/opentype"))
(source (assoc-ref %build-inputs "source"))
(src-otf-file (string-append "font-awesome-"
,version
"/fonts/FontAwesome.otf"))
(dest-otf-file (string-append font-dir "/FontAwesome.otf"))
(unzip (assoc-ref %build-inputs "unzip")))
(setenv "PATH" (string-append unzip "/bin"))
(mkdir-p font-dir)
(system* "unzip" source "-d" ".")
(copy-file src-otf-file dest-otf-file)))))
"1m1rfwm4sjkv10j3xd2dhwk286a5912b2zgvc692cmxi5gxs68jf"))))
(build-system font-build-system)
(home-page "http://fontawesome.io")
(synopsis "Font that contains a rich iconset")
(description
@ -1264,30 +1083,42 @@ (define-public font-comic-neue
(name "font-comic-neue")
(version "2.3")
(source (origin
(method url-fetch)
(method url-fetch/zipbomb)
(uri (string-append
"http://www.comicneue.com/comic-neue-" version ".zip"))
(sha256
(base32
"1695hkpd8kqnr2a88p8xs496slgzxjjkzpa9aa33ml3pnh7519zk"))))
(build-system trivial-build-system)
(build-system font-build-system)
(arguments
`(#:modules ((guix build utils))
#:builder (begin
(use-modules (guix build utils))
(let ((font-dir (string-append %output
"/share/fonts/truetype"))
(source (assoc-ref %build-inputs "source"))
(unzip (string-append (assoc-ref %build-inputs "unzip")
"/bin/unzip")))
(mkdir-p font-dir)
(system* unzip source)
(with-directory-excursion
(string-append "Web")
(for-each (lambda (ttf)
(install-file ttf font-dir))
(find-files "." "\\.ttf$")))))))
(native-inputs `(("unzip" ,unzip)))
`(#:phases
(modify-phases %standard-phases
;; Delete Mac OS X specific files. If not deleted, these cause
;; several hidden files to be installed.
(add-before 'install 'delete-macosx-files
(lambda _
(delete-file-recursively "__MACOSX")
#t))
(add-after 'install 'install-conf
(lambda* (#:key outputs #:allow-other-keys)
(let ((conf-dir (string-append (assoc-ref outputs "out")
"/share/fontconfig/conf.avail")))
(mkdir-p conf-dir)
(call-with-output-file
(string-append conf-dir "/30-comic-neue.conf")
(lambda (port)
(format port "<?xml version=\"1.0\"?>
<!DOCTYPE fontconfig SYSTEM \"fonts.dtd\">
<fontconfig>
<!-- If Comic Sans is missing, use Comic Neue instead. -->
<alias>
<family>Comic Sans MS</family>
<prefer>
<family>Comic Neue</family>
</prefer>
</alias>
</fontconfig>\n"))))
#t)))))
(home-page "http://www.comicneue.com/")
(synopsis "Font that fixes the shortcomings of Comic Sans")
(description
@ -1298,28 +1129,16 @@ (define-public font-comic-neue
(define-public font-iosevka
(package
(name "font-iosevka")
(version "1.11.0")
(version "1.12.5")
(source (origin
(method url-fetch)
(method url-fetch/zipbomb)
(uri (string-append
"https://github.com/be5invis/Iosevka/releases/download/v"
version "/iosevka-pack-" version ".zip"))
(sha256
(base32
"0d8prdk7s5z94sdfd0y92cvqq531yqrlg7hnadbnhd7fs9jqr5hj"))))
(build-system trivial-build-system)
(arguments
`(#:modules ((guix build utils))
#:builder (begin
(use-modules (guix build utils))
(let ((font-dir (string-append %output
"/share/fonts/truetype"))
(source (assoc-ref %build-inputs "source"))
(unzip (string-append (assoc-ref %build-inputs "unzip")
"/bin/unzip")))
(mkdir-p font-dir)
(system* unzip "-d" font-dir source)))))
(native-inputs `(("unzip" ,unzip)))
"0s3g6mk0ngwsrw9h9dqinb50cd9i8zhqdcmmh93fhyf4d87yfwyi"))))
(build-system font-build-system)
(home-page "https://be5invis.github.io/Iosevka/")
(synopsis "Coders' typeface, built from code")
(description
@ -1330,11 +1149,11 @@ (define-public font-iosevka
license:bsd-3)))) ; supporting code
(define-public font-go
(let ((commit "b7f8df6bc082334698d4505fb85fa05e99156b72")
(let ((commit "f03a046406d4d7fbfd4ed29f554da8f6114049fc")
(revision "1"))
(package
(name "font-go")
(version (string-append "20161115-" revision "." (string-take commit 7)))
(version (string-append "20170330-" revision "." (string-take commit 7)))
(source (origin
(file-name (string-append "go-image-" version "-checkout"))
(method git-fetch)
@ -1343,21 +1162,15 @@ (define-public font-go
(commit commit)))
(sha256
(base32
"1ywxs6dmcyzwwsmnan3qqza7znprnbvmdi260x6sjmydz6dyq2zs"))))
(build-system trivial-build-system)
"1aq6mnjayks55gd9ahavk6jfydlq5lm4xm0xk4pd5sqa74p5p74d"))))
(build-system font-build-system)
(arguments
`(#:modules ((guix build utils))
#:builder (begin
(use-modules (guix build utils))
(let ((font-dir (string-append %output
"/share/fonts/truetype"))
(source (assoc-ref %build-inputs "source")))
(mkdir-p font-dir)
(with-directory-excursion
(string-append source "/font/gofont/ttfs")
(for-each (lambda (ttf)
(install-file ttf font-dir))
(find-files "." "\\.ttf$")))))))
`(#:phases
(modify-phases %standard-phases
(add-before 'install 'chdir
(lambda _
(chdir "font/gofont/ttfs")
#t)))))
(home-page "https://blog.golang.org/go-fonts")
(synopsis "The Go font family")
(description

View file

@ -249,6 +249,47 @@ (define-public python2-tmx
`(("python2-pathlib" ,python2-pathlib)
,@(package-propagated-inputs python2-tmx))))))
(define-public python-xsge
(package
(name "python-xsge")
(version "2017.04.10")
(source (origin
(method url-fetch)
(uri (string-append "mirror://savannah/xsge/xsge-"
version ".tar.gz"))
(sha256
(base32
"04il5yx0py6kchxxw6ydbbx0wpiyjf9dgkwsdynirpkczlnid3am"))))
(build-system python-build-system)
(arguments
'(#:phases
(modify-phases %standard-phases
;; xSGE's setup.py script does not support one of the Python build
;; system's default flags, "--single-version-externally-managed".
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(zero?
(system* "python" "setup.py" "install"
(string-append "--prefix=" (assoc-ref outputs "out"))
"--root=/")))))
#:tests? #f)) ; no check target
(propagated-inputs
`(("python-sge-pygame" ,python-sge-pygame)
("python-pygame" ,python-pygame)
("python-six" ,python-six)
("python-tmx" ,python-tmx)))
(home-page "http://xsge.nongnu.org")
(synopsis "Extensions for the SGE Game Engine")
(description
"xSGE is a collection of modules that make doing certain tasks with the SGE
Game Engine easier. In addition to SGE's conveniences, the user has access to a
GUI toolkit, lighting and physics frameworks and @code{Tiled} TMX format
support.")
(license license:gpl3+)))
(define-public python2-xsge
(package-with-python2 python-xsge))
(define-public tiled
(package
(name "tiled")

View file

@ -17,7 +17,7 @@
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
;;; Copyright © 2016, 2017 Rodger Fox <thylakoid@openmailbox.org>
;;; Copyright © 2016 Manolis Fragkiskos Ragkousis <manolis837@gmail.com>
;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2016, 2017 ng0 <ng0@no-reply.pragmatique.xyz>
;;; Copyright © 2016 Albin Söderqvist <albin@fripost.org>
;;; Copyright © 2016, 2017 Kei Kebreau <kei@openmailbox.org>
;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
@ -30,6 +30,7 @@
;;; Copyright © 2017 nee <nee-git@hidamari.blue>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -66,6 +67,7 @@ (define-module (gnu packages games)
#:use-module (gnu packages avahi)
#:use-module (gnu packages boost)
#:use-module (gnu packages documentation)
#:use-module (gnu packages docbook)
#:use-module (gnu packages fltk)
#:use-module (gnu packages fribidi)
#:use-module (gnu packages game-development)
@ -1097,7 +1099,7 @@ (define-public fizmo
(define-public retroarch
(package
(name "retroarch")
(version "1.5.0")
(version "1.6.0")
(source
(origin
(method url-fetch)
@ -1105,7 +1107,7 @@ (define-public retroarch
version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32 "1rbdax3i33myg1v938pxy28117ihff2lml1ky6g70c8099fkirjx"))))
(base32 "01h9mswlfjk3zpdxwk1ciy5qkq6xq925gvk6wrh8k066b2wx8f8k"))))
(build-system gnu-build-system)
(arguments
'(#:tests? #f ; no tests
@ -4272,3 +4274,58 @@ (define-public 0ad
license:lgpl3
license:mpl2.0
license:zlib))))
;; There have been no official releases.
(define-public open-adventure
(let* ((commit "2483a23690d205f01ecb66165cf4522b541cd991")
(revision "1"))
(package
(name "open-adventure")
(version (string-append "2.5-" revision "." (string-take commit 7)))
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://gitlab.com/esr/open-adventure")
(commit commit)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"1gkvkwbq5cl3llfc7nl41van8awn4myx782pg33bxpbx5l9scwb4"))))
(build-system gnu-build-system)
(arguments
`(#:make-flags (list "CC=gcc")
#:parallel-build? #f ; not supported
#:phases
(modify-phases %standard-phases
(delete 'configure)
(add-before 'build 'use-echo
(lambda _
(substitute* "tests/Makefile"
(("/bin/echo") (which "echo")))
#t))
(add-after 'build 'build-manpage
(lambda _
;; This target is missing a dependency
(substitute* "Makefile"
((".asc.6:" line)
(string-append line " advent.txt")))
(zero? (system* "make" ".asc.6"))))
;; There is no install target
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(bin (string-append out "/bin"))
(man (string-append out "/share/man/man6")))
(install-file "advent" bin)
(install-file "advent.6" man))
#t)))))
(native-inputs
`(("asciidoc" ,asciidoc)))
(home-page "https://gitlab.com/esr/open-adventure")
(synopsis "Colossal Cave Adventure")
(description "The original Colossal Cave Adventure from 1976 was the
origin of all text adventures, dungeon-crawl (computer) games, and
computer-hosted roleplaying games. This is the last version released by
Crowther & Woods, its original authors, in 1995. It has been known as
\"adventure 2.5\" and \"430-point adventure\".")
(license license:bsd-2))))

View file

@ -11,7 +11,7 @@
;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015, 2016, 2017 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016, 2017 Rene Saavedra <rennes@openmailbox.org>
;;; Copyright © 2016 Jochem Raat <jchmrt@riseup.net>
;;; Copyright © 2016 Kei Kebreau <kei@openmailbox.org>
@ -5437,6 +5437,7 @@ (define-public byzanz
(uri (git-reference
(url "git://git.gnome.org/byzanz")
(commit commit)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"1l60myzxf9cav27v5v3nsijlslz9r7ip6d5kiirfpkf9k0w26hz3"))))

View file

@ -410,7 +410,7 @@ (define-public gpgme
(define-public python-gpg
(package
(name "python-gpg")
(version (package-version gpgme))
(version "1.8.0")
(source (origin
(method url-fetch)
(uri (pypi-uri "gpg" version))

View file

@ -203,7 +203,7 @@ (define-public go-1.8
(package
(inherit go-1.4)
(name "go")
(version "1.8.1")
(version "1.8.3")
(source
(origin
(method url-fetch)
@ -211,7 +211,7 @@ (define-public go-1.8
name version ".src.tar.gz"))
(sha256
(base32
"0mqf8ydxdx1pwmrs8p8wl5y1qrplzxmxzgb6vkghy4l67z0g9nik"))))
"19lzv4lqixj3v2gjaff0fdbbmgsq5r8lrfd61z2zvp778wjflpaz"))))
(arguments
(substitute-keyword-arguments (package-arguments go-1.4)
((#:phases phases)
@ -257,8 +257,8 @@ (define-public go-1.8
"\"-Wl,-rpath=" gcclib "\", \"-lgcc_s\", ")))
;; Disable failing tests: these tests attempt to access
;; commands or network resources which are neither available or
;; necessary for the build to succeed.
;; commands or network resources which are neither available
;; nor necessary for the build to succeed.
(for-each
(match-lambda
((file regex)

View file

@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;;
;;; This file is part of GNU Guix.
;;;
@ -31,13 +32,14 @@ (define-module (gnu packages gsasl)
(define-public libntlm
(package
(name "libntlm")
(version "1.3")
(version "1.4")
(source (origin
(method url-fetch)
(uri (string-append "http://www.nongnu.org/libntlm/releases/libntlm-" version
".tar.gz"))
(sha256 (base32
"101pr110ardcj2di940g6vaqifsaxc44h6hjn81l63dvmkj5a6ga"))))
(uri (string-append "http://www.nongnu.org/libntlm/releases/"
"libntlm-" version ".tar.gz"))
(sha256
(base32
"129532iiip2cjr5h03bgz184v64v27sfm1r70v3ms4yk65gdf5c4"))))
(build-system gnu-build-system)
(synopsis "Library that implements NTLM authentication")
(description

View file

@ -1,6 +1,9 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017 John Darrington <jmd@gnu.org>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Eric Bavier <bavier@member.fsf.org>
;;;
;;; This file is part of GNU Guix.
;;;
@ -29,6 +32,8 @@ (define-module (gnu packages image-processing)
#:use-module (gnu packages boost)
#:use-module (gnu packages compression)
#:use-module (gnu packages documentation)
#:use-module (gnu packages fontutils)
#:use-module (gnu packages gl)
#:use-module (gnu packages gnome)
#:use-module (gnu packages graphics)
#:use-module (gnu packages graphviz)
@ -37,7 +42,10 @@ (define-module (gnu packages image-processing)
#:use-module (gnu packages perl)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
#:use-module (gnu packages serialization)
#:use-module (gnu packages xiph)
#:use-module (gnu packages xml)
#:use-module (gnu packages xorg)
#:use-module (gnu packages vtk))
;; We use the latest snapshot of this package because the latest release is
@ -128,3 +136,60 @@ (define-public mia
without compromising the original code base and it makes use of a wide variety
of external libraries that provide additional functionality.")
(license license:gpl3+)))
(define-public vtk
(package
(name "vtk")
(version "7.1.0")
(source (origin
(method url-fetch)
(uri (string-append "http://www.vtk.org/files/release/"
(version-major+minor version)
"/VTK-" version ".tar.gz"))
(sha256
(base32
"0yj96z58haan77gzilnqp7xpf8hg5jk11a3jx55p2ksd400s0gjz"))))
(build-system cmake-build-system)
(arguments
'(#:build-type "Release" ;Build without '-g' to save space.
;; -DVTK_USE_SYSTEM_NETCDF:BOOL=TRUE requires netcdf_cxx
#:configure-flags '("-DVTK_USE_SYSTEM_EXPAT:BOOL=TRUE"
"-DVTK_USE_SYSTEM_FREETYPE:BOOL=TRUE"
"-DVTK_USE_SYSTEM_HDF5:BOOL=TRUE"
"-DVTK_USE_SYSTEM_JPEG:BOOL=TRUE"
"-DVTK_USE_SYSTEM_JSONCPP:BOOL=TRUE"
"-DVTK_USE_SYSTEM_LIBXML2:BOOL=TRUE"
"-DVTK_USE_SYSTEM_OGGTHEORA:BOOL=TRUE"
"-DVTK_USE_SYSTEM_PNG:BOOL=TRUE"
"-DVTK_USE_SYSTEM_TIFF:BOOL=TRUE"
"-DVTK_USE_SYSTEM_ZLIB:BOOL=TRUE")
#:tests? #f)) ;XXX: no "test" target
(inputs
`(("libXt" ,libxt)
("xproto" ,xproto)
("libX11" ,libx11)
("libxml2" ,libxml2)
("mesa" ,mesa)
("glu" ,glu)
("expat" ,expat)
("freetype" ,freetype)
("hdf5" ,hdf5)
("jpeg" ,libjpeg)
("jsoncpp" ,jsoncpp)
("libogg" ,libogg)
("libtheora" ,libtheora)
("png" ,libpng)
("tiff" ,libtiff)
("zlib" ,zlib)))
(home-page "http://www.vtk.org/")
(synopsis "Libraries for 3D computer graphics")
(description
"The Visualization Toolkit (VTK) is a C++ library for 3D computer graphics,
image processing and visualization. It supports a wide variety of
visualization algorithms including: scalar, vector, tensor, texture, and
volumetric methods; and advanced modeling techniques such as: implicit
modeling, polygon reduction, mesh smoothing, cutting, contouring, and Delaunay
triangulation. VTK has an extensive information visualization framework, has
a suite of 3D interaction widgets, supports parallel processing, and
integrates with various databases on GUI toolkits such as Qt and Tk.")
(license license:bsd-3)))

View file

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2015, 2016 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014, 2015 Alex Kost <alezost@gmail.com>
@ -336,33 +336,14 @@ (define-public libicns
(define-public libtiff
(package
(name "libtiff")
(version "4.0.7")
(version "4.0.8")
(source (origin
(method url-fetch)
(uri (string-append "ftp://download.osgeo.org/libtiff/tiff-"
version ".tar.gz"))
(patches (search-patches "libtiff-heap-overflow-tiffcp.patch"
"libtiff-null-dereference.patch"
"libtiff-heap-overflow-tif-dirread.patch"
"libtiff-heap-overflow-pixarlog-luv.patch"
"libtiff-divide-by-zero.patch"
"libtiff-divide-by-zero-ojpeg.patch"
"libtiff-tiffcp-underflow.patch"
"libtiff-invalid-read.patch"
"libtiff-CVE-2016-10092.patch"
"libtiff-heap-overflow-tiffcrop.patch"
"libtiff-divide-by-zero-tiffcrop.patch"
"libtiff-CVE-2016-10093.patch"
"libtiff-divide-by-zero-tiffcp.patch"
"libtiff-assertion-failure.patch"
"libtiff-CVE-2016-10094.patch"
"libtiff-CVE-2017-5225.patch"
"libtiff-CVE-2017-7593.patch"
"libtiff-CVE-2017-7594.patch"
"libtiff-multiple-UBSAN-crashes.patch"))
(sha256
(base32
"06ghqhr4db1ssq0acyyz49gr8k41gzw6pqb6mbn5r7jqp77s4hwz"))))
"0419mh6kkhz5fkyl77gv0in8x4d2jpdpfs147y8mj86rrjlabmsr"))))
(build-system gnu-build-system)
(outputs '("out"
"doc")) ;1.3 MiB of HTML documentation
@ -941,15 +922,15 @@ (define-public devil
(define-public jasper
(package
(name "jasper")
(version "2.0.12")
(version "2.0.13")
(source (origin
(method url-fetch)
(uri (string-append "https://www.ece.uvic.ca/~frodo/jasper"
"/software/jasper-" version ".tar.gz"))
(uri (string-append "https://github.com/mdadams/jasper/archive/"
"version-" version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"1njdbxv7d4anzrd476wjww2qsi96dd8vfnp4hri0srrqxpszl92v"))
(patches (search-patches "jasper-CVE-2017-6850.patch"))))
"090cyqcvqp4y12nc57gvcbrk3ap1rnnixd4qj90sx0pw3fs1615m"))))
(build-system cmake-build-system)
(inputs `(("libjpeg" ,libjpeg)))
(synopsis "JPEG-2000 library")

View file

@ -163,7 +163,7 @@ (define-public perl-image-magick
(define-public graphicsmagick
(let ((changeset "6156b4c2992d855ece6079653b3b93c3229fc4b8") ; fix CVE-2017-6335
(revision "2"))
(revision "3"))
(package
(name "graphicsmagick")
(version (string-append "1.3.25-" revision "."
@ -180,7 +180,19 @@ (define-public graphicsmagick
;; "/GraphicsMagick-" version ".tar.xz"))
(sha256
(base32
"08yfsn8mrqkwpax43vv1crfr55rcf004wwpzsinr5c6m0asqr08b"))))
"08yfsn8mrqkwpax43vv1crfr55rcf004wwpzsinr5c6m0asqr08b"))
(modules '((guix build utils)))
(snippet
;; Remove bundled software. This reduces the size of the built
;; source checkout from 177 MiB to 49 MiB. This should not be
;; necessary when using the GraphicsMagick release tarball,
;; because these files are not distributed there.
'(for-each delete-file-recursively '("bzlib" "dcraw" "hp2xx"
"jbig" "jp2" "jpeg"
"lcms" "libxml" "png"
"ralcgm" "tiff" "ttf"
"webp" "wmf" "xlib"
"zlib")))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags

View file

@ -640,11 +640,16 @@ (define-public classpath-devel
(base32
"1v2rww76ww322mpg3s12a1kkc6gkp31bm9gcxs532h0wq285fiw4"))))
(arguments
`(#:configure-flags
`(#:make-flags
;; Ensure that the initial heap size is smaller than the maximum
;; size. By default only Xmx is set, which can lead to invalid
;; memory settings on some machines with a lot of memory.
'("JAVAC_MEM_OPT=-J-Xms512M -J-Xmx768M")
#:configure-flags
(list (string-append "--with-ecj-jar="
(assoc-ref %build-inputs "ecj-bootstrap")
"/share/java/ecj-bootstrap.jar")
(string-append "JAVAC="
(string-append "--with-javac="
(assoc-ref %build-inputs "ecj-javac-wrapper")
"/bin/javac")
(string-append "JAVA="

View file

@ -24,6 +24,7 @@
;;; Copyright © 2017 Gábor Boskovits <boskovits@gmail.com>
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -47,6 +48,7 @@ (define-module (gnu packages linux)
#:use-module (gnu packages algebra)
#:use-module (gnu packages attr)
#:use-module (gnu packages autotools)
#:use-module (gnu packages backup)
#:use-module (gnu packages base)
#:use-module (gnu packages bash)
#:use-module (gnu packages bison)
@ -377,8 +379,8 @@ (define-public linux-libre-4.4
#:configuration-file kernel-config))
(define-public linux-libre-4.1
(make-linux-libre "4.1.39"
"06pb3zpkfkc7pb7yh537vvzn8i9nhqyx58kqxv0wq23b4hhpza7d"
(make-linux-libre "4.1.40"
"0ygc5qaxwd4yxyzyq6qya9w111q24xqzxd33x73pmg3hr7asvy4x"
%intel-compatible-systems
#:configuration-file kernel-config
#:patches
@ -1605,6 +1607,31 @@ (define-public sshfs-fuse
file system is as easy as logging into the server with an SSH client.")
(license license:gpl2+)))
(define-public archivemount
(package
(name "archivemount")
(version "0.8.7")
(source
(origin
(method url-fetch)
(uri (string-append "http://www.cybernoia.de/software/archivemount/"
"archivemount-" version ".tar.gz"))
(sha256
(base32
"1diiw6pnlnrnikn6l5ld92dx59lhrxjlqms8885vwbynsjl5q127"))))
(build-system gnu-build-system)
(inputs `(("fuse", fuse)
("libarchive", libarchive)))
(native-inputs `(("pkg-config", pkg-config)))
(home-page "http://www.cybernoia.de/software/archivemount")
(synopsis "Tool for mounting archive files with FUSE")
(description "archivemount is a FUSE-based file system for Unix variants,
including Linux. Its purpose is to mount archives (i.e. tar, tar.gz, etc.) to a
mount point where it can be read from or written to as with any other file
system. This makes accessing the contents of the archive, which may be
compressed, transparent to other programs, without decompressing them.")
(license license:lgpl2.0+)))
(define-public numactl
(package
(name "numactl")
@ -3362,14 +3389,14 @@ (define-public module-init-tools
(define-public mcelog
(package
(name "mcelog")
(version "151")
(version "152")
(source (origin
(method url-fetch)
(uri (string-append "https://git.kernel.org/cgit/utils/cpu/mce/"
"mcelog.git/snapshot/v" version ".tar.gz"))
(sha256
(base32
"1cgfdlz51hv2zbph00ylzm8z94gv8wakx7dva1pa4jcl3hnq0dh5"))
"0df1kbiw1pl84l6b9g515lpk5a81hmy8r27yakr4hrmi2vwzdfh6"))
(file-name (string-append name "-" version ".tar.gz"))
(modules '((guix build utils)))
(snippet

View file

@ -881,6 +881,16 @@ (define-public cl-clx
(define-public ecl-clx
(sbcl-package->ecl-package sbcl-clx))
(define-public sbcl-cl-ppcre-unicode
(package (inherit sbcl-cl-ppcre)
(name "sbcl-cl-ppcre-unicode")
(arguments
`(#:tests? #f ; tests fail with "Component :CL-PPCRE-TEST not found"
#:asd-file "cl-ppcre-unicode.asd"))
(inputs
`(("sbcl-cl-ppcre" ,sbcl-cl-ppcre)
("sbcl-cl-unicode" ,sbcl-cl-unicode)))))
(define-public sbcl-stumpwm
(package
(name "sbcl-stumpwm")
@ -1216,3 +1226,165 @@ (define-public sbcl-stumpwm+slynk
(delete 'create-asd-file)
(delete 'cleanup)
(delete 'create-symlinks)))))))
(define-public sbcl-parse-js
(let ((commit "fbadc6029bec7039602abfc06c73bb52970998f6")
(revision "1"))
(package
(name "sbcl-parse-js")
(version (string-append "0.0.0-" revision "." (string-take commit 9)))
(source
(origin
(method git-fetch)
(uri (git-reference
(url "http://marijn.haverbeke.nl/git/parse-js")
(commit commit)))
(file-name (string-append name "-" commit "-checkout"))
(sha256
(base32
"1wddrnr5kiya5s3gp4cdq6crbfy9fqcz7fr44p81502sj3bvdv39"))))
(build-system asdf-build-system/sbcl)
(home-page "http://marijnhaverbeke.nl/parse-js/")
(synopsis "Parse JavaScript")
(description "Parse-js is a Common Lisp package for parsing
JavaScript (ECMAScript 3). It has basic support for ECMAScript 5.")
(license license:zlib))))
(define-public sbcl-parse-number
(package
(name "sbcl-parse-number")
(version "1.5")
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/sharplispers/parse-number/"
"archive/v" version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"1k6s4v65ksc1j5i0dprvzfvj213v6nah7i0rgd0726ngfjisj9ir"))))
(build-system asdf-build-system/sbcl)
(home-page "http://www.cliki.net/PARSE-NUMBER")
(synopsis "Parse numbers")
(description "@code{parse-number} is a library of functions for parsing
strings into one of the standard Common Lisp number types without using the
reader. @code{parse-number} accepts an arbitrary string and attempts to parse
the string into one of the standard Common Lisp number types, if possible, or
else @code{parse-number} signals an error of type @code{invalid-number}.")
(license license:bsd-3)))
(define-public sbcl-iterate
(package
(name "sbcl-iterate")
;; The latest official release (1.4.3) fails to build so we have to take
;; the current darcs tarball from quicklisp.
(version "20160825")
(source
(origin
(method url-fetch)
(uri (string-append "http://beta.quicklisp.org/archive/iterate/"
"2016-08-25/iterate-"
version "-darcs.tgz"))
(sha256
(base32
"0kvz16gnxnkdz0fy1x8y5yr28nfm7i2qpvix7mgwccdpjmsb4pgm"))))
(build-system asdf-build-system/sbcl)
(home-page "https://common-lisp.net/project/iterate/")
(synopsis "Iteration construct for Common Lisp")
(description "@code{iterate} is an iteration construct for Common Lisp.
It is similar to the @code{CL:LOOP} macro, with these distinguishing marks:
@itemize
@item it is extensible,
@item it helps editors like Emacs indent iterate forms by having a more
lisp-like syntax, and
@item it isn't part of the ANSI standard for Common Lisp.
@end itemize\n")
(license license:expat)))
(define-public sbcl-cl-uglify-js
;; There have been many bug fixes since the 2010 release.
(let ((commit "429c5e1d844e2f96b44db8fccc92d6e8e28afdd5")
(revision "1"))
(package
(name "sbcl-cl-uglify-js")
(version (string-append "0.1-" revision "." (string-take commit 9)))
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/mishoo/cl-uglify-js.git")
(commit commit)))
(sha256
(base32
"0k39y3c93jgxpr7gwz7w0d8yknn1fdnxrjhd03057lvk5w8js27a"))))
(build-system asdf-build-system/sbcl)
(inputs
`(("sbcl-parse-js" ,sbcl-parse-js)
("sbcl-cl-ppcre" ,sbcl-cl-ppcre)
("sbcl-cl-ppcre-unicode" ,sbcl-cl-ppcre-unicode)
("sbcl-parse-number" ,sbcl-parse-number)
("sbcl-iterate" ,sbcl-iterate)))
(home-page "https://github.com/mishoo/cl-uglify-js")
(synopsis "JavaScript compressor library for Common Lisp")
(description "This is a Common Lisp version of UglifyJS, a JavaScript
compressor. It works on data produced by @code{parse-js} to generate a
@dfn{minified} version of the code. Currently it can:
@itemize
@item reduce variable names (usually to single letters)
@item join consecutive @code{var} statements
@item resolve simple binary expressions
@item group most consecutive statements using the ``sequence'' operator (comma)
@item remove unnecessary blocks
@item convert @code{IF} expressions in various ways that result in smaller code
@item remove some unreachable code
@end itemize\n")
(license license:zlib))))
(define-public uglify-js
(package
(inherit sbcl-cl-uglify-js)
(name "uglify-js")
(build-system trivial-build-system)
(arguments
`(#:modules ((guix build utils))
#:builder
(let* ((bin (string-append (assoc-ref %outputs "out") "/bin/"))
(script (string-append bin "uglify-js")))
(use-modules (guix build utils))
(mkdir-p bin)
(with-output-to-file script
(lambda _
(format #t "#!~a/bin/sbcl --script
(require :asdf)
(push (truename \"~a/lib/sbcl\") asdf:*central-registry*)"
(assoc-ref %build-inputs "sbcl")
(assoc-ref %build-inputs "sbcl-cl-uglify-js"))
;; FIXME: cannot use progn here because otherwise it fails to
;; find cl-uglify-js.
(for-each
write
'(;; Quiet, please!
(let ((*standard-output* (make-broadcast-stream))
(*error-output* (make-broadcast-stream)))
(asdf:load-system :cl-uglify-js))
(let ((file (cadr *posix-argv*)))
(if file
(format t "~a"
(cl-uglify-js:ast-gen-code
(cl-uglify-js:ast-mangle
(cl-uglify-js:ast-squeeze
(with-open-file (in file)
(parse-js:parse-js in))))
:beautify nil))
(progn
(format *error-output*
"Please provide a JavaScript file.~%")
(sb-ext:exit :code 1))))))))
(chmod script #o755)
#t)))
(inputs
`(("sbcl" ,sbcl)
("sbcl-cl-uglify-js" ,sbcl-cl-uglify-js)))
(synopsis "JavaScript compressor")))

View file

@ -225,14 +225,14 @@ (define-public fetchmail
(define-public mutt
(package
(name "mutt")
(version "1.8.2")
(version "1.8.3")
(source (origin
(method url-fetch)
(uri (string-append "https://bitbucket.org/mutt/mutt/downloads/"
"mutt-" version ".tar.gz"))
(sha256
(base32
"0dgjjryp1ggbc6ivy9cfz5jl3gnbahb6d6hcwn7c7wk5npqpn18x"))
"0hpd896mw630sd6ps60hpka8cg691nvr627n8kmabv7zcxnp90cv"))
(patches (search-patches "mutt-store-references.patch"))))
(build-system gnu-build-system)
(inputs
@ -265,7 +265,7 @@ (define-public neomutt
(package
(inherit mutt)
(name "neomutt")
(version "20170428")
(version "20170602")
(source
(origin
(method url-fetch)
@ -273,7 +273,7 @@ (define-public neomutt
"/archive/" name "-" version ".tar.gz"))
(sha256
(base32
"01nkq0lyxcs0pk2i3rvzplg8bi1ga7kcm6hfh6r6w2qjzdm0q466"))))
"1kzhkz8bdqbdh5b6pzqb6ikp8d3nsic906b5pkmi6qlaga32yxjk"))))
(inputs
`(("cyrus-sasl" ,cyrus-sasl)
("gdbm" ,gdbm)
@ -421,7 +421,7 @@ (define-public bogofilter
(define-public offlineimap
(package
(name "offlineimap")
(version "7.1.0")
(version "7.1.1")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/OfflineIMAP/offlineimap/"
@ -429,7 +429,7 @@ (define-public offlineimap
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"1r0sbgwyirpbks82ri9g88raf3mp8shq9rg0r92gkr7h6888v6fw"))))
"00xpxh0pxcvv3mjgb3vq3x51v498dhqcaixyb3a4srmfgskzh956"))))
(build-system python-build-system)
(native-inputs
`(("asciidoc" ,asciidoc)))
@ -672,14 +672,14 @@ (define-public notifymuch
(define-public notmuch
(package
(name "notmuch")
(version "0.24.1")
(version "0.24.2")
(source (origin
(method url-fetch)
(uri (string-append "https://notmuchmail.org/releases/notmuch-"
version ".tar.gz"))
(sha256
(base32
"18rw0rim6zxhnr2nggial029x4raaxqcgf9klfbdhv89qvi7s4gs"))))
"0lfchvapk11qazdgsxj42igp9mpp83zbd0h1jj6r3ifmhikajxma"))))
(build-system gnu-build-system)
(arguments
'(#:make-flags (list "V=1") ; Verbose test output.
@ -1089,7 +1089,7 @@ (define-public exim
(define-public dovecot
(package
(name "dovecot")
(version "2.2.29.1")
(version "2.2.30.1")
(source
(origin
(method url-fetch)
@ -1097,7 +1097,7 @@ (define-public dovecot
(version-major+minor version) "/"
name "-" version ".tar.gz"))
(sha256 (base32
"127kn3fgmahw9fvgz2w3zaghq98ip4j8640wqa3rw7mrgvxrzync"))))
"1943n0b9zcwvymslai9qmdmnfy47zdnqjwkql586imycyx4xnjch"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))

View file

@ -490,6 +490,8 @@ (define-public gajim
(uri (string-append "https://gajim.org/downloads/"
(version-major+minor version)
"/gajim-" version ".tar.bz2"))
(patches
(search-patches "gajim-CVE-2016-10376.patch"))
(sha256
(base32
"13sxz0hpvyj2yvcbsfqq9yn0hp1d1zsxsj40r0v16jlibha5da9n"))))

View file

@ -31,6 +31,7 @@ (define-module (gnu packages openldap)
#:use-module (gnu packages linux)
#:use-module (gnu packages python)
#:use-module (gnu packages tls)
#:use-module (gnu packages)
#:use-module ((guix licenses) #:select (openldap2.8 lgpl2.1+))
#:use-module (guix packages)
#:use-module (guix download)
@ -39,6 +40,7 @@ (define-module (gnu packages openldap)
(define-public openldap
(package
(name "openldap")
(replacement openldap/fixed)
(version "2.4.44")
(source (origin
(method url-fetch)
@ -79,6 +81,14 @@ (define-public openldap
(license openldap2.8)
(home-page "http://www.openldap.org/")))
(define openldap/fixed
(package
(inherit openldap)
(source
(origin
(inherit (package-source openldap))
(patches (search-patches "openldap-CVE-2017-9287.patch"))))))
(define-public nss-pam-ldapd
(package
(name "nss-pam-ldapd")

View file

@ -45,7 +45,7 @@ (define-module (gnu packages parallel)
(define-public parallel
(package
(name "parallel")
(version "20170422")
(version "20170522")
(source
(origin
(method url-fetch)
@ -53,7 +53,7 @@ (define-public parallel
version ".tar.bz2"))
(sha256
(base32
"0afk1q8mqzz02h6imyykgi9gwk5gj08hzs6lwgd65ilj4slkh93s"))))
"1k5wlcc0dr2fxna0vi48s0l6pvbyl4pbclbih4103f1155im23ca"))))
(build-system gnu-build-system)
(arguments
`(#:phases

View file

@ -0,0 +1,57 @@
Fix CVE-2016-10376.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10376
http://seclists.org/oss-sec/2017/q2/341
https://dev.gajim.org/gajim/gajim/issues/8378
Patch copied from upstream source repository:
https://dev.gajim.org/gajim/gajim/commit/cb65cfc5aed9efe05208ebbb7fb2d41fcf7253cc
(adapted for context in config.py)
From cb65cfc5aed9efe05208ebbb7fb2d41fcf7253cc Mon Sep 17 00:00:00 2001
From: Philipp Hörist <forenjunkie@chello.at>
Date: Fri, 26 May 2017 23:10:05 +0200
Subject: [PATCH] Add config option to activate XEP-0146 commands
Some of the Commands have security implications, thats why we disable them per default
Fixes #8378
---
src/common/commands.py | 7 ++++---
src/common/config.py | 1 +
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/common/commands.py b/src/common/commands.py
index 19d8c13..0eeb57c 100644
--- a/src/common/commands.py
+++ b/src/common/commands.py
@@ -345,9 +345,10 @@ class ConnectionCommands:
def __init__(self):
# a list of all commands exposed: node -> command class
self.__commands = {}
- for cmdobj in (ChangeStatusCommand, ForwardMessagesCommand,
- LeaveGroupchatsCommand, FwdMsgThenDisconnectCommand):
- self.__commands[cmdobj.commandnode] = cmdobj
+ if gajim.config.get('remote_commands'):
+ for cmdobj in (ChangeStatusCommand, ForwardMessagesCommand,
+ LeaveGroupchatsCommand, FwdMsgThenDisconnectCommand):
+ self.__commands[cmdobj.commandnode] = cmdobj
# a list of sessions; keys are tuples (jid, sessionid, node)
self.__sessions = {}
diff --git a/src/common/config.py b/src/common/config.py
index cde1f81..fe25455 100644
--- a/src/common/config.py
+++ b/src/common/config.py
@@ -314,6 +314,7 @@ class Config:
'ignore_incoming_attention': [opt_bool, False, _('If True, Gajim will ignore incoming attention requestd ("wizz").')],
'remember_opened_chat_controls': [ opt_bool, True, _('If enabled, Gajim will reopen chat windows that were opened last time Gajim was closed.')],
'positive_184_ack': [ opt_bool, False, _('If enabled, Gajim will show an icon to show that sent message has been received by your contact')],
+ 'remote_commands': [opt_bool, False, _('If True, Gajim will execute XEP-0146 Commands.')],
}, {})
__options_per_key = {
--
libgit2 0.24.0

View file

@ -1,284 +0,0 @@
This patch is from upstream and should be fixed included in the next release
From e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d Mon Sep 17 00:00:00 2001
From: Michael Adams <mdadams@ece.uvic.ca>
Date: Sat, 4 Mar 2017 14:43:24 -0800
Subject: [PATCH] Fixed bugs due to uninitialized data in the JP2 decoder.
Also, added some comments marking I/O stream interfaces that probably need to
be changed (in the long term) to fix integer overflow problems.
---
src/libjasper/base/jas_stream.c | 18 +++++++++++++++++
src/libjasper/jp2/jp2_cod.c | 44 ++++++++++++++++++++++++++++-------------
2 files changed, 48 insertions(+), 14 deletions(-)
diff --git a/src/libjasper/base/jas_stream.c b/src/libjasper/base/jas_stream.c
index 327ee57..d70408f 100644
--- a/src/libjasper/base/jas_stream.c
+++ b/src/libjasper/base/jas_stream.c
@@ -664,6 +664,7 @@ int jas_stream_ungetc(jas_stream_t *stream, int c)
return 0;
}
+/* FIXME integral type */
int jas_stream_read(jas_stream_t *stream, void *buf, int cnt)
{
int n;
@@ -690,6 +691,7 @@ int jas_stream_read(jas_stream_t *stream, void *buf, int cnt)
return n;
}
+/* FIXME integral type */
int jas_stream_write(jas_stream_t *stream, const void *buf, int cnt)
{
int n;
@@ -742,6 +744,7 @@ int jas_stream_puts(jas_stream_t *stream, const char *s)
return 0;
}
+/* FIXME integral type */
char *jas_stream_gets(jas_stream_t *stream, char *buf, int bufsize)
{
int c;
@@ -765,6 +768,7 @@ char *jas_stream_gets(jas_stream_t *stream, char *buf, int bufsize)
return buf;
}
+/* FIXME integral type */
int jas_stream_gobble(jas_stream_t *stream, int n)
{
int m;
@@ -783,6 +787,7 @@ int jas_stream_gobble(jas_stream_t *stream, int n)
return n;
}
+/* FIXME integral type */
int jas_stream_pad(jas_stream_t *stream, int n, int c)
{
int m;
@@ -885,6 +890,7 @@ long jas_stream_tell(jas_stream_t *stream)
* Buffer initialization code.
\******************************************************************************/
+/* FIXME integral type */
static void jas_stream_initbuf(jas_stream_t *stream, int bufmode, char *buf,
int bufsize)
{
@@ -1060,6 +1066,7 @@ static int jas_strtoopenmode(const char *s)
return openmode;
}
+/* FIXME integral type */
int jas_stream_copy(jas_stream_t *out, jas_stream_t *in, int n)
{
int all;
@@ -1085,6 +1092,7 @@ int jas_stream_copy(jas_stream_t *out, jas_stream_t *in, int n)
return 0;
}
+/* FIXME integral type */
long jas_stream_setrwcount(jas_stream_t *stream, long rwcnt)
{
int old;
@@ -1094,6 +1102,7 @@ long jas_stream_setrwcount(jas_stream_t *stream, long rwcnt)
return old;
}
+/* FIXME integral type */
int jas_stream_display(jas_stream_t *stream, FILE *fp, int n)
{
unsigned char buf[16];
@@ -1168,6 +1177,7 @@ long jas_stream_length(jas_stream_t *stream)
* Memory stream object.
\******************************************************************************/
+/* FIXME integral type */
static int mem_read(jas_stream_obj_t *obj, char *buf, int cnt)
{
ssize_t n;
@@ -1209,6 +1219,7 @@ static int mem_resize(jas_stream_memobj_t *m, size_t bufsize)
return 0;
}
+/* FIXME integral type */
static int mem_write(jas_stream_obj_t *obj, char *buf, int cnt)
{
size_t n;
@@ -1264,6 +1275,7 @@ static int mem_write(jas_stream_obj_t *obj, char *buf, int cnt)
return ret;
}
+/* FIXME integral type */
static long mem_seek(jas_stream_obj_t *obj, long offset, int origin)
{
jas_stream_memobj_t *m = (jas_stream_memobj_t *)obj;
@@ -1310,6 +1322,7 @@ static int mem_close(jas_stream_obj_t *obj)
* File stream object.
\******************************************************************************/
+/* FIXME integral type */
static int file_read(jas_stream_obj_t *obj, char *buf, int cnt)
{
jas_stream_fileobj_t *fileobj;
@@ -1318,6 +1331,7 @@ static int file_read(jas_stream_obj_t *obj, char *buf, int cnt)
return read(fileobj->fd, buf, cnt);
}
+/* FIXME integral type */
static int file_write(jas_stream_obj_t *obj, char *buf, int cnt)
{
jas_stream_fileobj_t *fileobj;
@@ -1326,6 +1340,7 @@ static int file_write(jas_stream_obj_t *obj, char *buf, int cnt)
return write(fileobj->fd, buf, cnt);
}
+/* FIXME integral type */
static long file_seek(jas_stream_obj_t *obj, long offset, int origin)
{
jas_stream_fileobj_t *fileobj;
@@ -1352,6 +1367,7 @@ static int file_close(jas_stream_obj_t *obj)
* Stdio file stream object.
\******************************************************************************/
+/* FIXME integral type */
static int sfile_read(jas_stream_obj_t *obj, char *buf, int cnt)
{
FILE *fp;
@@ -1367,6 +1383,7 @@ static int sfile_read(jas_stream_obj_t *obj, char *buf, int cnt)
return result;
}
+/* FIXME integral type */
static int sfile_write(jas_stream_obj_t *obj, char *buf, int cnt)
{
FILE *fp;
@@ -1377,6 +1394,7 @@ static int sfile_write(jas_stream_obj_t *obj, char *buf, int cnt)
return (n != JAS_CAST(size_t, cnt)) ? (-1) : cnt;
}
+/* FIXME integral type */
static long sfile_seek(jas_stream_obj_t *obj, long offset, int origin)
{
FILE *fp;
diff --git a/src/libjasper/jp2/jp2_cod.c b/src/libjasper/jp2/jp2_cod.c
index 7f3608a..8d98a2c 100644
--- a/src/libjasper/jp2/jp2_cod.c
+++ b/src/libjasper/jp2/jp2_cod.c
@@ -183,15 +183,28 @@ jp2_boxinfo_t jp2_boxinfo_unk = {
* Box constructor.
\******************************************************************************/
-jp2_box_t *jp2_box_create(int type)
+jp2_box_t *jp2_box_create0()
{
jp2_box_t *box;
- jp2_boxinfo_t *boxinfo;
-
if (!(box = jas_malloc(sizeof(jp2_box_t)))) {
return 0;
}
memset(box, 0, sizeof(jp2_box_t));
+ box->type = 0;
+ box->len = 0;
+ // Mark the box data as never having been constructed
+ // so that we will not errantly attempt to destroy it later.
+ box->ops = &jp2_boxinfo_unk.ops;
+ return box;
+}
+
+jp2_box_t *jp2_box_create(int type)
+{
+ jp2_box_t *box;
+ jp2_boxinfo_t *boxinfo;
+ if (!(box = jp2_box_create0())) {
+ return 0;
+ }
box->type = type;
box->len = 0;
if (!(boxinfo = jp2_boxinfolookup(type))) {
@@ -248,14 +261,9 @@ jp2_box_t *jp2_box_get(jas_stream_t *in)
box = 0;
tmpstream = 0;
- if (!(box = jas_malloc(sizeof(jp2_box_t)))) {
+ if (!(box = jp2_box_create0())) {
goto error;
}
-
- // Mark the box data as never having been constructed
- // so that we will not errantly attempt to destroy it later.
- box->ops = &jp2_boxinfo_unk.ops;
-
if (jp2_getuint32(in, &len) || jp2_getuint32(in, &box->type)) {
goto error;
}
@@ -263,10 +271,12 @@ jp2_box_t *jp2_box_get(jas_stream_t *in)
box->info = boxinfo;
box->len = len;
JAS_DBGLOG(10, (
- "preliminary processing of JP2 box: type=%c%s%c (0x%08x); length=%d\n",
+ "preliminary processing of JP2 box: "
+ "type=%c%s%c (0x%08x); length=%"PRIuFAST32"\n",
'"', boxinfo->name, '"', box->type, box->len
));
if (box->len == 1) {
+ JAS_DBGLOG(10, ("big length\n"));
if (jp2_getuint64(in, &extlen)) {
goto error;
}
@@ -382,6 +392,7 @@ static int jp2_bpcc_getdata(jp2_box_t *box, jas_stream_t *in)
{
jp2_bpcc_t *bpcc = &box->data.bpcc;
unsigned int i;
+ bpcc->bpcs = 0;
bpcc->numcmpts = box->datalen;
if (!(bpcc->bpcs = jas_alloc2(bpcc->numcmpts, sizeof(uint_fast8_t)))) {
return -1;
@@ -462,6 +473,7 @@ static int jp2_cdef_getdata(jp2_box_t *box, jas_stream_t *in)
jp2_cdef_t *cdef = &box->data.cdef;
jp2_cdefchan_t *chan;
unsigned int channo;
+ cdef->ents = 0;
if (jp2_getuint16(in, &cdef->numchans)) {
return -1;
}
@@ -518,7 +530,9 @@ int jp2_box_put(jp2_box_t *box, jas_stream_t *out)
}
if (dataflag) {
- if (jas_stream_copy(out, tmpstream, box->len - JP2_BOX_HDRLEN(false))) {
+ if (jas_stream_copy(out, tmpstream, box->len -
+ JP2_BOX_HDRLEN(false))) {
+ jas_eprintf("cannot copy box data\n");
goto error;
}
jas_stream_close(tmpstream);
@@ -777,6 +791,7 @@ static int jp2_cmap_getdata(jp2_box_t *box, jas_stream_t *in)
jp2_cmap_t *cmap = &box->data.cmap;
jp2_cmapent_t *ent;
unsigned int i;
+ cmap->ents = 0;
cmap->numchans = (box->datalen) / 4;
if (!(cmap->ents = jas_alloc2(cmap->numchans, sizeof(jp2_cmapent_t)))) {
@@ -835,6 +850,7 @@ static int jp2_pclr_getdata(jp2_box_t *box, jas_stream_t *in)
int_fast32_t x;
pclr->lutdata = 0;
+ pclr->bpc = 0;
if (jp2_getuint16(in, &pclr->numlutents) ||
jp2_getuint8(in, &pclr->numchans)) {
@@ -869,9 +885,9 @@ static int jp2_pclr_putdata(jp2_box_t *box, jas_stream_t *out)
#if 0
jp2_pclr_t *pclr = &box->data.pclr;
#endif
-/* Eliminate warning about unused variable. */
-box = 0;
-out = 0;
+ /* Eliminate warning about unused variable. */
+ box = 0;
+ out = 0;
return -1;
}

View file

@ -1,42 +0,0 @@
Fix CVE-2016-10092:
http://bugzilla.maptools.org/show_bug.cgi?id=2620
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092
https://security-tracker.debian.org/tracker/CVE-2016-10092
2016-12-03 Even Rouault <even.rouault at spatialys.com>
* tools/tiffcrop.c: fix readContigStripsIntoBuffer() in -i (ignore)
mode so that the output buffer is correctly incremented to avoid write
outside bounds.
Reported by Agostino Sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2620
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1178; previous revision: 1.1177
/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c
new revision: 1.47; previous revision: 1.46
Index: libtiff/tools/tiffcrop.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -r1.46 -r1.47
--- libtiff/tools/tiffcrop.c 18 Nov 2016 14:58:46 -0000 1.46
+++ libtiff/tools/tiffcrop.c 3 Dec 2016 11:35:56 -0000 1.47
@@ -1,4 +1,4 @@
-/* $Id: tiffcrop.c,v 1.46 2016-11-18 14:58:46 erouault Exp $ */
+/* $Id: tiffcrop.c,v 1.47 2016-12-03 11:35:56 erouault Exp $ */
/* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of
* the image data through additional options listed below
@@ -3698,7 +3698,7 @@
(unsigned long) strip, (unsigned long)rows);
return 0;
}
- bufp += bytes_read;
+ bufp += stripsize;
}
return 1;

View file

@ -1,53 +0,0 @@
Fix CVE-2016-10093:
http://bugzilla.maptools.org/show_bug.cgi?id=2610
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093
https://security-tracker.debian.org/tracker/CVE-2016-10093
2016-12-03 Even Rouault <even.rouault at spatialys.com>
* tools/tiffcp.c: fix uint32 underflow/overflow that can cause
heap-based buffer overflow.
Reported by Agostino Sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2610
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1187; previous revision: 1.1186
/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c
new revision: 1.59; previous revision: 1.58
Index: libtiff/tools/tiffcp.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v
retrieving revision 1.58
retrieving revision 1.59
diff -u -r1.58 -r1.59
--- libtiff/tools/tiffcp.c 3 Dec 2016 15:44:15 -0000 1.58
+++ libtiff/tools/tiffcp.c 3 Dec 2016 16:40:01 -0000 1.59
@@ -1163,7 +1163,7 @@
static void
cpStripToTile(uint8* out, uint8* in,
- uint32 rows, uint32 cols, int outskew, int inskew)
+ uint32 rows, uint32 cols, int outskew, int64 inskew)
{
while (rows-- > 0) {
uint32 j = cols;
@@ -1320,7 +1320,7 @@
tdata_t tilebuf;
uint32 imagew = TIFFScanlineSize(in);
uint32 tilew = TIFFTileRowSize(in);
- int iskew = imagew - tilew;
+ int64 iskew = (int64)imagew - (int64)tilew;
uint8* bufp = (uint8*) buf;
uint32 tw, tl;
uint32 row;
@@ -1348,7 +1348,7 @@
status = 0;
goto done;
}
- if (colb + tilew > imagew) {
+ if (colb > iskew) {
uint32 width = imagew - colb;
uint32 oskew = tilew - width;
cpStripToTile(bufp + colb,

View file

@ -1,34 +0,0 @@
Fix CVE-2016-10094:
http://bugzilla.maptools.org/show_bug.cgi?id=2640
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094
https://security-tracker.debian.org/tracker/CVE-2016-10094
2016-12-20 Even Rouault <even.rouault at spatialys.com>
* tools/tiff2pdf.c: avoid potential heap-based overflow in
t2p_readwrite_pdf_image_tile().
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2640
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1199; previous revision: 1.1198
/cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v <-- tools/tiff2pdf.c
new revision: 1.101; previous revision: 1.100
Index: libtiff/tools/tiff2pdf.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v
retrieving revision 1.100
retrieving revision 1.101
diff -u -r1.100 -r1.101
--- libtiff/tools/tiff2pdf.c 20 Dec 2016 17:24:35 -0000 1.100
+++ libtiff/tools/tiff2pdf.c 20 Dec 2016 17:28:17 -0000 1.101
@@ -2895,7 +2895,7 @@
return(0);
}
if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) {
- if (count >= 4) {
+ if (count > 4) {
int retTIFFReadRawTile;
/* Ignore EOI marker of JpegTables */
_TIFFmemcpy(buffer, jpt, count - 2);

View file

@ -1,86 +0,0 @@
Fix CVE-2017-5225 (Heap based buffer overflow in tools/tiffcp):
http://bugzilla.maptools.org/show_bug.cgi?id=2656
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225
https://security-tracker.debian.org/tracker/CVE-2017-5225
2017-01-11 Even Rouault <even.rouault at spatialys.com>
* tools/tiffcp.c: error out cleanly in cpContig2SeparateByRow and
cpSeparate2ContigByRow if BitsPerSample != 8 to avoid heap based
overflow.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2656 and
http://bugzilla.maptools.org/show_bug.cgi?id=2657
less C/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1210; previous revision: 1.1209
/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c
new revision: 1.61; previous revision: 1.60
Index: libtiff/tools/tiffcp.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61
--- libtiff/tools/tiffcp.c 3 Dec 2016 16:50:02 -0000 1.60
+++ libtiff/tools/tiffcp.c 11 Jan 2017 19:26:14 -0000 1.61
#@@ -1,4 +1,4 @@
#-/* $Id: tiffcp.c,v 1.60 2016-12-03 16:50:02 erouault Exp $ */
#+/* $Id: tiffcp.c,v 1.61 2017-01-11 19:26:14 erouault Exp $ */
#
# /*
# * Copyright (c) 1988-1997 Sam Leffler
@@ -591,7 +591,7 @@
static int
tiffcp(TIFF* in, TIFF* out)
{
- uint16 bitspersample, samplesperpixel = 1;
+ uint16 bitspersample = 1, samplesperpixel = 1;
uint16 input_compression, input_photometric = PHOTOMETRIC_MINISBLACK;
copyFunc cf;
uint32 width, length;
@@ -1067,6 +1067,16 @@
register uint32 n;
uint32 row;
tsample_t s;
+ uint16 bps = 0;
+
+ (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps);
+ if( bps != 8 )
+ {
+ TIFFError(TIFFFileName(in),
+ "Error, can only handle BitsPerSample=8 in %s",
+ "cpContig2SeparateByRow");
+ return 0;
+ }
inbuf = _TIFFmalloc(scanlinesizein);
outbuf = _TIFFmalloc(scanlinesizeout);
@@ -1120,6 +1130,16 @@
register uint32 n;
uint32 row;
tsample_t s;
+ uint16 bps = 0;
+
+ (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps);
+ if( bps != 8 )
+ {
+ TIFFError(TIFFFileName(in),
+ "Error, can only handle BitsPerSample=8 in %s",
+ "cpSeparate2ContigByRow");
+ return 0;
+ }
inbuf = _TIFFmalloc(scanlinesizein);
outbuf = _TIFFmalloc(scanlinesizeout);
@@ -1784,7 +1804,7 @@
uint32 w, l, tw, tl;
int bychunk;
- (void) TIFFGetField(in, TIFFTAG_PLANARCONFIG, &shortv);
+ (void) TIFFGetFieldDefaulted(in, TIFFTAG_PLANARCONFIG, &shortv);
if (shortv != config && bitspersample != 8 && samplesperpixel > 1) {
fprintf(stderr,
"%s: Cannot handle different planar configuration w/ bits/sample != 8\n",

View file

@ -1,113 +0,0 @@
Fixes CVE-2017-7593 (Potential uninitialized-memory access from tif_rawdata):
http://bugzilla.maptools.org/show_bug.cgi?id=2651
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593
https://security-tracker.debian.org/tracker/CVE-2017-7593
2017-01-11 Even Rouault <even.rouault at spatialys.com>
* libtiff/tiffio.h, tif_unix.c, tif_win32.c, tif_vms.c: add
_TIFFcalloc()
* libtiff/tif_read.c: TIFFReadBufferSetup(): use _TIFFcalloc() to zero
initialize tif_rawdata.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2651
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1208; previous revision: 1.1207
/cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v <-- libtiff/tif_read.c
new revision: 1.53; previous revision: 1.52
/cvs/maptools/cvsroot/libtiff/libtiff/tif_unix.c,v <-- libtiff/tif_unix.c
new revision: 1.28; previous revision: 1.27
/cvs/maptools/cvsroot/libtiff/libtiff/tif_vms.c,v <-- libtiff/tif_vms.c
new revision: 1.14; previous revision: 1.13
/cvs/maptools/cvsroot/libtiff/libtiff/tif_win32.c,v <-- libtiff/tif_win32.c
new revision: 1.42; previous revision: 1.41
/cvs/maptools/cvsroot/libtiff/libtiff/tiffio.h,v <-- libtiff/tiffio.h
new revision: 1.94; previous revision: 1.93
diff -ru tiff-4.0.7/libtiff/tiffio.h tiff-4.0.7.new/libtiff/tiffio.h
--- tiff-4.0.7/libtiff/tiffio.h 1969-12-31 19:00:00.000000000 -0500
+++ tiff-4.0.7.new/libtiff/tiffio.h 2017-05-05 19:08:03.772999790 -0400
@@ -1,4 +1,4 @@
-/* $Id: tiffio.h,v 1.92 2016-01-23 21:20:34 erouault Exp $ */
+/* $Id: tiffio.h,v 1.94 2017-01-11 19:02:49 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -293,6 +293,7 @@
*/
extern void* _TIFFmalloc(tmsize_t s);
+extern void* _TIFFcalloc(tmsize_t nmemb, tmsize_t siz);
extern void* _TIFFrealloc(void* p, tmsize_t s);
extern void _TIFFmemset(void* p, int v, tmsize_t c);
extern void _TIFFmemcpy(void* d, const void* s, tmsize_t c);
diff -ru tiff-4.0.7/libtiff/tif_read.c tiff-4.0.7.new/libtiff/tif_read.c
--- tiff-4.0.7/libtiff/tif_read.c 2017-05-05 19:04:09.740966642 -0400
+++ tiff-4.0.7.new/libtiff/tif_read.c 2017-05-05 18:59:11.070709441 -0400
@@ -1,4 +1,4 @@
-/* $Id: tif_read.c,v 1.50 2016-12-02 21:56:56 erouault Exp $ */
+/* $Id: tif_read.c,v 1.53 2017-01-11 19:02:49 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -976,7 +976,9 @@
"Invalid buffer size");
return (0);
}
- tif->tif_rawdata = (uint8*) _TIFFmalloc(tif->tif_rawdatasize);
+ /* Initialize to zero to avoid uninitialized buffers in case of */
+ /* short reads (http://bugzilla.maptools.org/show_bug.cgi?id=2651) */
+ tif->tif_rawdata = (uint8*) _TIFFcalloc(1, tif->tif_rawdatasize);
tif->tif_flags |= TIFF_MYBUFFER;
}
if (tif->tif_rawdata == NULL) {
diff -ru tiff-4.0.7/libtiff/tif_unix.c tiff-4.0.7.new/libtiff/tif_unix.c
--- tiff-4.0.7/libtiff/tif_unix.c 1969-12-31 19:00:00.000000000 -0500
+++ tiff-4.0.7.new/libtiff/tif_unix.c 2017-05-05 19:10:48.302645187 -0400
@@ -1,4 +1,4 @@
-/* $Id: tif_unix.c,v 1.27 2015-08-19 02:31:04 bfriesen Exp $ */
+/* $Id: tif_unix.c,v 1.28 2017-01-11 19:02:49 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -316,6 +316,14 @@
return (malloc((size_t) s));
}
+void* _TIFFcalloc(tmsize_t nmemb, tmsize_t siz)
+{
+ if( nmemb == 0 || siz == 0 )
+ return ((void *) NULL);
+
+ return calloc((size_t) nmemb, (size_t)siz);
+}
+
void
_TIFFfree(void* p)
{
diff -ru tiff-4.0.7/libtiff/tif_win32.c tiff-4.0.7.new/libtiff/tif_win32.c
--- tiff-4.0.7/libtiff/tif_win32.c 1969-12-31 19:00:00.000000000 -0500
+++ tiff-4.0.7.new/libtiff/tif_win32.c 2017-05-05 19:13:06.903399627 -0400
@@ -1,4 +1,4 @@
-/* $Id: tif_win32.c,v 1.41 2015-08-23 20:12:44 bfriesen Exp $ */
+/* $Id: tif_win32.c,v 1.42 2017-01-11 19:02:49 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -360,6 +360,14 @@
return (malloc((size_t) s));
}
+void* _TIFFcalloc(tmsize_t nmemb, tmsize_t siz)
+{
+ if( nmemb == 0 || siz == 0 )
+ return ((void *) NULL);
+
+ return calloc((size_t) nmemb, (size_t)siz);
+}
+
void
_TIFFfree(void* p)
{

View file

@ -1,54 +0,0 @@
Fixes CVE-2017-7594 (Direct leak in tif_ojpeg.c):
http://bugzilla.maptools.org/show_bug.cgi?id=2659
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594
https://security-tracker.debian.org/tracker/CVE-2017-7594
2017-01-12 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_ojpeg.c: fix leak in OJPEGReadHeaderInfoSecTablesAcTable
when read fails.
Patch by Nicolás Peña.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2659
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1212; previous revision: 1.1211
/cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v <-- libtiff/tif_ojpeg.c
new revision: 1.67; previous revision: 1.66
Index: libtiff/libtiff/tif_ojpeg.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v
retrieving revision 1.67
retrieving revision 1.68
diff -u -r1.67 -r1.68
--- libtiff/libtiff/tif_ojpeg.c 12 Jan 2017 17:43:26 -0000 1.67
+++ libtiff/libtiff/tif_ojpeg.c 12 Jan 2017 19:23:20 -0000 1.68
@@ -1,4 +1,4 @@
-/* $Id: tif_ojpeg.c,v 1.66 2016-12-03 11:15:18 erouault Exp $ */
+/* $Id: tif_ojpeg.c,v 1.68 2017-01-12 19:23:20 erouault Exp $ */
/* WARNING: The type of JPEG encapsulation defined by the TIFF Version 6.0
specification is now totally obsolete and deprecated for new applications and
@@ -1790,7 +1790,10 @@
TIFFSeekFile(tif,sp->qtable_offset[m],SEEK_SET);
p=(uint32)TIFFReadFile(tif,&ob[sizeof(uint32)+5],64);
if (p!=64)
+ {
+ _TIFFfree(ob);
return(0);
+ }
sp->qtable[m]=ob;
sp->sof_tq[m]=m;
}
@@ -1854,7 +1857,10 @@
rb[sizeof(uint32)+5+n]=o[n];
p=(uint32)TIFFReadFile(tif,&(rb[sizeof(uint32)+21]),q);
if (p!=q)
+ {
+ _TIFFfree(rb);
return(0);
+ }
sp->dctable[m]=rb;
sp->sos_tda[m]=(m<<4);
}

View file

@ -1,60 +0,0 @@
Fix assertion failure in readSeparateTilesIntoBuffer():
http://bugzilla.maptools.org/show_bug.cgi?id=2605
2016-12-03 Even Rouault <even.rouault at spatialys.com>
* tools/tiffcp.c: replace assert( (bps % 8) == 0 ) by a non assert
check.
Reported by Agostino Sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2605
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1188; previous revision: 1.1187
/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c
new revision: 1.60; previous revision: 1.59
Index: libtiff/tools/tiffcp.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -r1.59 -r1.60
--- libtiff/tools/tiffcp.c 3 Dec 2016 16:40:01 -0000 1.59
+++ libtiff/tools/tiffcp.c 3 Dec 2016 16:50:02 -0000 1.60
@@ -45,7 +45,6 @@
#include <string.h>
#include <ctype.h>
-#include <assert.h>
#ifdef HAVE_UNISTD_H
# include <unistd.h>
@@ -1393,7 +1392,12 @@
status = 0;
goto done;
}
- assert( bps % 8 == 0 );
+ if( (bps % 8) != 0 )
+ {
+ TIFFError(TIFFFileName(in), "Error, cannot handle BitsPerSample that is not a multiple of 8");
+ status = 0;
+ goto done;
+ }
bytes_per_sample = bps/8;
for (row = 0; row < imagelength; row += tl) {
@@ -1584,7 +1588,12 @@
_TIFFfree(obuf);
return 0;
}
- assert( bps % 8 == 0 );
+ if( (bps % 8) != 0 )
+ {
+ TIFFError(TIFFFileName(out), "Error, cannot handle BitsPerSample that is not a multiple of 8");
+ _TIFFfree(obuf);
+ return 0;
+ }
bytes_per_sample = bps/8;
for (row = 0; row < imagelength; row += tl) {

View file

@ -1,63 +0,0 @@
Fix divide-by-zero in OJPEGDecodeRaw():
http://bugzilla.maptools.org/show_bug.cgi?id=2611
2016-12-03 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_ojpeg.c: make OJPEGDecode() early exit in case of failure
in
OJPEGPreDecode(). This will avoid a divide by zero, and potential other
issues.
Reported by Agostino Sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2611
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1177; previous revision: 1.1176
/cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v <-- libtiff/tif_ojpeg.c
new revision: 1.66; previous revision: 1.65
Index: libtiff/libtiff/tif_ojpeg.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v
retrieving revision 1.65
retrieving revision 1.66
diff -u -r1.65 -r1.66
--- libtiff/libtiff/tif_ojpeg.c 4 Sep 2016 21:32:56 -0000 1.65
+++ libtiff/libtiff/tif_ojpeg.c 3 Dec 2016 11:15:18 -0000 1.66
@@ -1,4 +1,4 @@
-/* $Id: tif_ojpeg.c,v 1.65 2016-09-04 21:32:56 erouault Exp $ */
+/* $Id: tif_ojpeg.c,v 1.66 2016-12-03 11:15:18 erouault Exp $ */
/* WARNING: The type of JPEG encapsulation defined by the TIFF Version 6.0
specification is now totally obsolete and deprecated for new applications and
@@ -244,6 +244,7 @@
typedef struct {
TIFF* tif;
+ int decoder_ok;
#ifndef LIBJPEG_ENCAP_EXTERNAL
JMP_BUF exit_jmpbuf;
#endif
@@ -722,6 +723,7 @@
}
sp->write_curstrile++;
}
+ sp->decoder_ok = 1;
return(1);
}
@@ -784,8 +786,14 @@
static int
OJPEGDecode(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s)
{
+ static const char module[]="OJPEGDecode";
OJPEGState* sp=(OJPEGState*)tif->tif_data;
(void)s;
+ if( !sp->decoder_ok )
+ {
+ TIFFErrorExt(tif->tif_clientdata,module,"Cannot decode: decoder not correctly initialized");
+ return 0;
+ }
if (sp->libjpeg_jpeg_query_style==0)
{
if (OJPEGDecodeRaw(tif,buf,cc)==0)

View file

@ -1,104 +0,0 @@
Fix two divide-by-zero bugs in readSeparateTilesIntoBuffer():
http://bugzilla.maptools.org/show_bug.cgi?id=2597
http://bugzilla.maptools.org/show_bug.cgi?id=2607
2016-12-03 Even Rouault <even.rouault at spatialys.com>
* tools/tiffcp.c: avoid potential division by zero is BitsPerSamples
tag is
missing.
Reported by Agostino sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2597
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1183; previous revision: 1.1182
/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c
new revision: 1.57; previous revision: 1.56
Index: libtiff/tools/tiffcp.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v
retrieving revision 1.56
retrieving revision 1.57
diff -u -r1.56 -r1.57
--- libtiff/tools/tiffcp.c 2 Dec 2016 22:13:32 -0000 1.56
+++ libtiff/tools/tiffcp.c 3 Dec 2016 14:42:40 -0000 1.57
@@ -1,4 +1,4 @@
-/* $Id: tiffcp.c,v 1.56 2016-12-02 22:13:32 erouault Exp $ */
+/* $Id: tiffcp.c,v 1.57 2016-12-03 14:42:40 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -1378,7 +1378,7 @@
uint8* bufp = (uint8*) buf;
uint32 tw, tl;
uint32 row;
- uint16 bps, bytes_per_sample;
+ uint16 bps = 0, bytes_per_sample;
tilebuf = _TIFFmalloc(tilesize);
if (tilebuf == 0)
@@ -1387,6 +1387,12 @@
(void) TIFFGetField(in, TIFFTAG_TILEWIDTH, &tw);
(void) TIFFGetField(in, TIFFTAG_TILELENGTH, &tl);
(void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps);
+ if( bps == 0 )
+ {
+ TIFFError(TIFFFileName(in), "Error, cannot read BitsPerSample");
+ status = 0;
+ goto done;
+ }
assert( bps % 8 == 0 );
bytes_per_sample = bps/8;
2016-12-03 Even Rouault <even.rouault at spatialys.com>
* tools/tiffcp.c: avoid potential division by zero is BitsPerSamples
tag is
missing.
Reported by Agostino Sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2607
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1186; previous revision: 1.1185
/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c
new revision: 1.58; previous revision: 1.57
Index: libtiff/tools/tiffcp.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -r1.57 -r1.58
--- libtiff/tools/tiffcp.c 3 Dec 2016 14:42:40 -0000 1.57
+++ libtiff/tools/tiffcp.c 3 Dec 2016 15:44:15 -0000 1.58
@@ -1,4 +1,4 @@
-/* $Id: tiffcp.c,v 1.57 2016-12-03 14:42:40 erouault Exp $ */
+/* $Id: tiffcp.c,v 1.58 2016-12-03 15:44:15 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -1569,7 +1569,7 @@
uint8* bufp = (uint8*) buf;
uint32 tl, tw;
uint32 row;
- uint16 bps, bytes_per_sample;
+ uint16 bps = 0, bytes_per_sample;
obuf = _TIFFmalloc(TIFFTileSize(out));
if (obuf == NULL)
@@ -1578,6 +1578,12 @@
(void) TIFFGetField(out, TIFFTAG_TILELENGTH, &tl);
(void) TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw);
(void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps);
+ if( bps == 0 )
+ {
+ TIFFError(TIFFFileName(out), "Error, cannot read BitsPerSample");
+ _TIFFfree(obuf);
+ return 0;
+ }
assert( bps % 8 == 0 );
bytes_per_sample = bps/8;

View file

@ -1,57 +0,0 @@
Fix divide-by-zero in readSeparateStripsIntoBuffer():
http://bugzilla.maptools.org/show_bug.cgi?id=2619
2016-12-03 Even Rouault <even.rouault at spatialys.com>
* tools/tiffcrop.c: fix integer division by zero when BitsPerSample is
missing.
Reported by Agostina Sarubo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2619
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1180; previous revision: 1.1179
/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c
new revision: 1.49; previous revision: 1.48
Index: libtiff/tools/tiffcrop.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -r1.48 -r1.49
--- libtiff/tools/tiffcrop.c 3 Dec 2016 12:19:32 -0000 1.48
+++ libtiff/tools/tiffcrop.c 3 Dec 2016 13:00:04 -0000 1.49
@@ -1,4 +1,4 @@
-/* $Id: tiffcrop.c,v 1.48 2016-12-03 12:19:32 erouault Exp $ */
+/* $Id: tiffcrop.c,v 1.49 2016-12-03 13:00:04 erouault Exp $ */
/* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of
* the image data through additional options listed below
@@ -1164,7 +1164,7 @@
tdata_t obuf;
(void) TIFFGetFieldDefaulted(out, TIFFTAG_ROWSPERSTRIP, &rowsperstrip);
- (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps);
+ (void) TIFFGetFieldDefaulted(out, TIFFTAG_BITSPERSAMPLE, &bps);
bytes_per_sample = (bps + 7) / 8;
if( width == 0 ||
(uint32)bps * (uint32)spp > TIFF_UINT32_MAX / width ||
@@ -4760,7 +4760,7 @@
int i, bytes_per_sample, bytes_per_pixel, shift_width, result = 1;
uint32 j;
int32 bytes_read = 0;
- uint16 bps, planar;
+ uint16 bps = 0, planar;
uint32 nstrips;
uint32 strips_per_sample;
uint32 src_rowsize, dst_rowsize, rows_processed, rps;
@@ -4780,7 +4780,7 @@
}
memset (srcbuffs, '\0', sizeof(srcbuffs));
- TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps);
+ TIFFGetFieldDefaulted(in, TIFFTAG_BITSPERSAMPLE, &bps);
TIFFGetFieldDefaulted(in, TIFFTAG_PLANARCONFIG, &planar);
TIFFGetFieldDefaulted(in, TIFFTAG_ROWSPERSTRIP, &rps);
if (rps > length)

View file

@ -1,67 +0,0 @@
Fix an integer overflow in TIFFReadEncodedStrip() that led to division-by-zero:
http://bugzilla.maptools.org/show_bug.cgi?id=2596
2016-12-02 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_read.c, libtiff/tiffiop.h: fix uint32 overflow in
TIFFReadEncodedStrip() that caused an integer division by zero.
Reported by Agostino Sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2596
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1173; previous revision: 1.1172
/cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v <-- libtiff/tif_read.c
new revision: 1.50; previous revision: 1.49
/cvs/maptools/cvsroot/libtiff/libtiff/tiffiop.h,v <-- libtiff/tiffiop.h
new revision: 1.90; previous revision: 1.89
Index: libtiff/libtiff/tif_read.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v
retrieving revision 1.49
retrieving revision 1.50
diff -u -r1.49 -r1.50
--- libtiff/libtiff/tif_read.c 10 Jul 2016 18:00:21 -0000 1.49
+++ libtiff/libtiff/tif_read.c 2 Dec 2016 21:56:56 -0000 1.50
@@ -1,4 +1,4 @@
-/* $Id: tif_read.c,v 1.49 2016-07-10 18:00:21 erouault Exp $ */
+/* $Id: tif_read.c,v 1.50 2016-12-02 21:56:56 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -346,7 +346,7 @@
rowsperstrip=td->td_rowsperstrip;
if (rowsperstrip>td->td_imagelength)
rowsperstrip=td->td_imagelength;
- stripsperplane=((td->td_imagelength+rowsperstrip-1)/rowsperstrip);
+ stripsperplane= TIFFhowmany_32_maxuint_compat(td->td_imagelength, rowsperstrip);
stripinplane=(strip%stripsperplane);
plane=(uint16)(strip/stripsperplane);
rows=td->td_imagelength-stripinplane*rowsperstrip;
Index: libtiff/libtiff/tiffiop.h
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tiffiop.h,v
retrieving revision 1.89
retrieving revision 1.90
diff -u -r1.89 -r1.90
--- libtiff/libtiff/tiffiop.h 23 Jan 2016 21:20:34 -0000 1.89
+++ libtiff/libtiff/tiffiop.h 2 Dec 2016 21:56:56 -0000 1.90
@@ -1,4 +1,4 @@
-/* $Id: tiffiop.h,v 1.89 2016-01-23 21:20:34 erouault Exp $ */
+/* $Id: tiffiop.h,v 1.90 2016-12-02 21:56:56 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -250,6 +250,10 @@
#define TIFFhowmany_32(x, y) (((uint32)x < (0xffffffff - (uint32)(y-1))) ? \
((((uint32)(x))+(((uint32)(y))-1))/((uint32)(y))) : \
0U)
+/* Variant of TIFFhowmany_32() that doesn't return 0 if x close to MAXUINT. */
+/* Caution: TIFFhowmany_32_maxuint_compat(x,y)*y might overflow */
+#define TIFFhowmany_32_maxuint_compat(x, y) \
+ (((uint32)(x) / (uint32)(y)) + ((((uint32)(x) % (uint32)(y)) != 0) ? 1 : 0))
#define TIFFhowmany8_32(x) (((x)&0x07)?((uint32)(x)>>3)+1:(uint32)(x)>>3)
#define TIFFroundup_32(x, y) (TIFFhowmany_32(x,y)*(y))
#define TIFFhowmany_64(x, y) ((((uint64)(x))+(((uint64)(y))-1))/((uint64)(y)))

View file

@ -1,131 +0,0 @@
Fix heap-based buffer overflow in _TIFFmemcpy():
http://bugzilla.maptools.org/show_bug.cgi?id=2604
2016-12-03 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_pixarlog.c, libtiff/tif_luv.c: fix heap-based buffer
overflow on generation of PixarLog / LUV compressed files, with
ColorMap, TransferFunction attached and nasty plays with bitspersample.
The fix for LUV has not been tested, but suffers from the same kind
of issue of PixarLog.
Reported by Agostino Sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2604
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1175; previous revision: 1.1174
/cvs/maptools/cvsroot/libtiff/libtiff/tif_luv.c,v <-- libtiff/tif_luv.c
new revision: 1.44; previous revision: 1.43
/cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v <--
libtiff/tif_pixarlog.c
new revision: 1.49; previous revision: 1.48
Index: libtiff/libtiff/tif_luv.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_luv.c,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -r1.43 -r1.44
--- libtiff/libtiff/tif_luv.c 4 Sep 2016 21:32:56 -0000 1.43
+++ libtiff/libtiff/tif_luv.c 2 Dec 2016 23:05:51 -0000 1.44
@@ -1,4 +1,4 @@
-/* $Id: tif_luv.c,v 1.43 2016-09-04 21:32:56 erouault Exp $ */
+/* $Id: tif_luv.c,v 1.44 2016-12-02 23:05:51 erouault Exp $ */
/*
* Copyright (c) 1997 Greg Ward Larson
@@ -158,6 +158,7 @@
typedef struct logLuvState LogLuvState;
struct logLuvState {
+ int encoder_state; /* 1 if encoder correctly initialized */
int user_datafmt; /* user data format */
int encode_meth; /* encoding method */
int pixel_size; /* bytes per pixel */
@@ -1552,6 +1553,7 @@
td->td_photometric, "must be either LogLUV or LogL");
break;
}
+ sp->encoder_state = 1;
return (1);
notsupported:
TIFFErrorExt(tif->tif_clientdata, module,
@@ -1563,19 +1565,27 @@
static void
LogLuvClose(TIFF* tif)
{
+ LogLuvState* sp = (LogLuvState*) tif->tif_data;
TIFFDirectory *td = &tif->tif_dir;
+ assert(sp != 0);
/*
* For consistency, we always want to write out the same
* bitspersample and sampleformat for our TIFF file,
* regardless of the data format being used by the application.
* Since this routine is called after tags have been set but
* before they have been recorded in the file, we reset them here.
+ * Note: this is really a nasty approach. See PixarLogClose
*/
- td->td_samplesperpixel =
- (td->td_photometric == PHOTOMETRIC_LOGL) ? 1 : 3;
- td->td_bitspersample = 16;
- td->td_sampleformat = SAMPLEFORMAT_INT;
+ if( sp->encoder_state )
+ {
+ /* See PixarLogClose. Might avoid issues with tags whose size depends
+ * on those below, but not completely sure this is enough. */
+ td->td_samplesperpixel =
+ (td->td_photometric == PHOTOMETRIC_LOGL) ? 1 : 3;
+ td->td_bitspersample = 16;
+ td->td_sampleformat = SAMPLEFORMAT_INT;
+ }
}
static void
Index: libtiff/libtiff/tif_pixarlog.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -r1.48 -r1.49
--- libtiff/libtiff/tif_pixarlog.c 23 Sep 2016 22:12:18 -0000 1.48
+++ libtiff/libtiff/tif_pixarlog.c 2 Dec 2016 23:05:51 -0000 1.49
@@ -1,4 +1,4 @@
-/* $Id: tif_pixarlog.c,v 1.48 2016-09-23 22:12:18 erouault Exp $ */
+/* $Id: tif_pixarlog.c,v 1.49 2016-12-02 23:05:51 erouault Exp $ */
/*
* Copyright (c) 1996-1997 Sam Leffler
@@ -1233,8 +1233,10 @@
static void
PixarLogClose(TIFF* tif)
{
+ PixarLogState* sp = (PixarLogState*) tif->tif_data;
TIFFDirectory *td = &tif->tif_dir;
+ assert(sp != 0);
/* In a really sneaky (and really incorrect, and untruthful, and
* troublesome, and error-prone) maneuver that completely goes against
* the spirit of TIFF, and breaks TIFF, on close, we covertly
@@ -1243,8 +1245,19 @@
* readers that don't know about PixarLog, or how to set
* the PIXARLOGDATFMT pseudo-tag.
*/
- td->td_bitspersample = 8;
- td->td_sampleformat = SAMPLEFORMAT_UINT;
+
+ if (sp->state&PLSTATE_INIT) {
+ /* We test the state to avoid an issue such as in
+ * http://bugzilla.maptools.org/show_bug.cgi?id=2604
+ * What appends in that case is that the bitspersample is 1 and
+ * a TransferFunction is set. The size of the TransferFunction
+ * depends on 1<<bitspersample. So if we increase it, an access
+ * out of the buffer will happen at directory flushing.
+ * Another option would be to clear those targs.
+ */
+ td->td_bitspersample = 8;
+ td->td_sampleformat = SAMPLEFORMAT_UINT;
+ }
}
static void

View file

@ -1,132 +0,0 @@
Fix heap-based buffer overflow in TIFFFillStrip():
http://bugzilla.maptools.org/show_bug.cgi?id=2608
2016-12-03 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_dirread.c: modify ChopUpSingleUncompressedStrip() to
instanciate compute ntrips as TIFFhowmany_32(td->td_imagelength,
rowsperstrip),
instead of a logic based on the total size of data. Which is faulty is
the total size of data is not sufficient to fill the whole image, and
thus
results in reading outside of the StripByCounts/StripOffsets arrays
when
using TIFFReadScanline().
Reported by Agostino Sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2608.
* libtiff/tif_strip.c: revert the change in TIFFNumberOfStrips() done
for http://bugzilla.maptools.org/show_bug.cgi?id=2587 / CVE-2016-9273
since
the above change is a better fix that makes it unnecessary.
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1176; previous revision: 1.1175
/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <--
libtiff/tif_dirread.c
new revision: 1.205; previous revision: 1.204
/cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v <-- libtiff/tif_strip.c
new revision: 1.38; previous revision: 1.37
Index: libtiff/libtiff/tif_dirread.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v
retrieving revision 1.204
retrieving revision 1.205
diff -u -r1.204 -r1.205
--- libtiff/libtiff/tif_dirread.c 16 Nov 2016 15:14:15 -0000 1.204
+++ libtiff/libtiff/tif_dirread.c 3 Dec 2016 11:02:15 -0000 1.205
@@ -1,4 +1,4 @@
-/* $Id: tif_dirread.c,v 1.204 2016-11-16 15:14:15 erouault Exp $ */
+/* $Id: tif_dirread.c,v 1.205 2016-12-03 11:02:15 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -5502,8 +5502,7 @@
uint64 rowblockbytes;
uint64 stripbytes;
uint32 strip;
- uint64 nstrips64;
- uint32 nstrips32;
+ uint32 nstrips;
uint32 rowsperstrip;
uint64* newcounts;
uint64* newoffsets;
@@ -5534,18 +5533,17 @@
return;
/*
- * never increase the number of strips in an image
+ * never increase the number of rows per strip
*/
if (rowsperstrip >= td->td_rowsperstrip)
return;
- nstrips64 = TIFFhowmany_64(bytecount, stripbytes);
- if ((nstrips64==0)||(nstrips64>0xFFFFFFFF)) /* something is wonky, do nothing. */
- return;
- nstrips32 = (uint32)nstrips64;
+ nstrips = TIFFhowmany_32(td->td_imagelength, rowsperstrip);
+ if( nstrips == 0 )
+ return;
- newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64),
+ newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64),
"for chopped \"StripByteCounts\" array");
- newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64),
+ newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64),
"for chopped \"StripOffsets\" array");
if (newcounts == NULL || newoffsets == NULL) {
/*
@@ -5562,18 +5560,18 @@
* Fill the strip information arrays with new bytecounts and offsets
* that reflect the broken-up format.
*/
- for (strip = 0; strip < nstrips32; strip++) {
+ for (strip = 0; strip < nstrips; strip++) {
if (stripbytes > bytecount)
stripbytes = bytecount;
newcounts[strip] = stripbytes;
- newoffsets[strip] = offset;
+ newoffsets[strip] = stripbytes ? offset : 0;
offset += stripbytes;
bytecount -= stripbytes;
}
/*
* Replace old single strip info with multi-strip info.
*/
- td->td_stripsperimage = td->td_nstrips = nstrips32;
+ td->td_stripsperimage = td->td_nstrips = nstrips;
TIFFSetField(tif, TIFFTAG_ROWSPERSTRIP, rowsperstrip);
_TIFFfree(td->td_stripbytecount);
Index: libtiff/libtiff/tif_strip.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- libtiff/libtiff/tif_strip.c 9 Nov 2016 23:00:49 -0000 1.37
+++ libtiff/libtiff/tif_strip.c 3 Dec 2016 11:02:15 -0000 1.38
@@ -1,4 +1,4 @@
-/* $Id: tif_strip.c,v 1.37 2016-11-09 23:00:49 erouault Exp $ */
+/* $Id: tif_strip.c,v 1.38 2016-12-03 11:02:15 erouault Exp $ */
/*
* Copyright (c) 1991-1997 Sam Leffler
@@ -63,15 +63,6 @@
TIFFDirectory *td = &tif->tif_dir;
uint32 nstrips;
- /* If the value was already computed and store in td_nstrips, then return it,
- since ChopUpSingleUncompressedStrip might have altered and resized the
- since the td_stripbytecount and td_stripoffset arrays to the new value
- after the initial affectation of td_nstrips = TIFFNumberOfStrips() in
- tif_dirread.c ~line 3612.
- See http://bugzilla.maptools.org/show_bug.cgi?id=2587 */
- if( td->td_nstrips )
- return td->td_nstrips;
-
nstrips = (td->td_rowsperstrip == (uint32) -1 ? 1 :
TIFFhowmany_32(td->td_imagelength, td->td_rowsperstrip));
if (td->td_planarconfig == PLANARCONFIG_SEPARATE)

View file

@ -1,67 +0,0 @@
Fix heap buffer overflow in tiffcp when parsing number of inks:
http://bugzilla.maptools.org/show_bug.cgi?id=2599
2016-12-03 Even Rouault <even.rouault at spatialys.com>
* tools/tif_dir.c: when TIFFGetField(, TIFFTAG_NUMBEROFINKS, ) is
called,
limit the return number of inks to SamplesPerPixel, so that code that
parses
ink names doesn't go past the end of the buffer.
Reported by Agostino Sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1184; previous revision: 1.1183
/cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v <-- libtiff/tif_dir.c
new revision: 1.128; previous revision: 1.127
Index: libtiff/libtiff/tif_dir.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v
retrieving revision 1.127
retrieving revision 1.128
diff -u -r1.127 -r1.128
--- libtiff/libtiff/tif_dir.c 25 Oct 2016 21:35:15 -0000 1.127
+++ libtiff/libtiff/tif_dir.c 3 Dec 2016 15:30:31 -0000 1.128
@@ -1,4 +1,4 @@
-/* $Id: tif_dir.c,v 1.127 2016-10-25 21:35:15 erouault Exp $ */
+/* $Id: tif_dir.c,v 1.128 2016-12-03 15:30:31 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -854,6 +854,32 @@
if( fip == NULL ) /* cannot happen since TIFFGetField() already checks it */
return 0;
+ if( tag == TIFFTAG_NUMBEROFINKS )
+ {
+ int i;
+ for (i = 0; i < td->td_customValueCount; i++) {
+ uint16 val;
+ TIFFTagValue *tv = td->td_customValues + i;
+ if (tv->info->field_tag != tag)
+ continue;
+ val = *(uint16 *)tv->value;
+ /* Truncate to SamplesPerPixel, since the */
+ /* setting code for INKNAMES assume that there are SamplesPerPixel */
+ /* inknames. */
+ /* Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599 */
+ if( val > td->td_samplesperpixel )
+ {
+ TIFFWarningExt(tif->tif_clientdata,"_TIFFVGetField",
+ "Truncating NumberOfInks from %u to %u",
+ val, td->td_samplesperpixel);
+ val = td->td_samplesperpixel;
+ }
+ *va_arg(ap, uint16*) = val;
+ return 1;
+ }
+ return 0;
+ }
+
/*
* We want to force the custom code to be used for custom
* fields even if the tag happens to match a well known

View file

@ -1,60 +0,0 @@
Fix heap-based buffer overflow in combineSeparateSamples16bits():
http://bugzilla.maptools.org/show_bug.cgi?id=2621
2016-12-03 Even Rouault <even.rouault at spatialys.com>
* tools/tiffcrop.c: add 3 extra bytes at end of strip buffer in
readSeparateStripsIntoBuffer() to avoid read outside of heap allocated
buffer.
Reported by Agostina Sarubo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2621
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1179; previous revision: 1.1178
/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c
new revision: 1.48; previous revision: 1.47
Index: libtiff/tools/tiffcrop.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -r1.47 -r1.48
--- libtiff/tools/tiffcrop.c 3 Dec 2016 11:35:56 -0000 1.47
+++ libtiff/tools/tiffcrop.c 3 Dec 2016 12:19:32 -0000 1.48
@@ -1,4 +1,4 @@
-/* $Id: tiffcrop.c,v 1.47 2016-12-03 11:35:56 erouault Exp $ */
+/* $Id: tiffcrop.c,v 1.48 2016-12-03 12:19:32 erouault Exp $ */
/* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of
* the image data through additional options listed below
@@ -4815,10 +4815,17 @@
nstrips = TIFFNumberOfStrips(in);
strips_per_sample = nstrips /spp;
+ /* Add 3 padding bytes for combineSeparateSamples32bits */
+ if( (size_t) stripsize > 0xFFFFFFFFU - 3U )
+ {
+ TIFFError("readSeparateStripsIntoBuffer", "Integer overflow when calculating buffer size.");
+ exit(-1);
+ }
+
for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
{
srcbuffs[s] = NULL;
- buff = _TIFFmalloc(stripsize);
+ buff = _TIFFmalloc(stripsize + 3);
if (!buff)
{
TIFFError ("readSeparateStripsIntoBuffer",
@@ -4827,6 +4834,9 @@
_TIFFfree (srcbuffs[i]);
return 0;
}
+ buff[stripsize] = 0;
+ buff[stripsize+1] = 0;
+ buff[stripsize+2] = 0;
srcbuffs[s] = buff;
}

View file

@ -1,64 +0,0 @@
Fix invalid read in t2p_writeproc():
http://bugzilla.maptools.org/show_bug.cgi?id=2639
2016-12-20 Even Rouault <even.rouault at spatialys.com>
* tools/tiff2pdf.c: avoid potential invalid memory read in
t2p_writeproc.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2639
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1198; previous revision: 1.1197
/cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v <-- tools/tiff2pdf.c
new revision: 1.100; previous revision: 1.99
Index: libtiff/tools/tiff2pdf.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v
retrieving revision 1.99
retrieving revision 1.100
diff -u -r1.99 -r1.100
--- libtiff/tools/tiff2pdf.c 20 Dec 2016 17:13:26 -0000 1.99
+++ libtiff/tools/tiff2pdf.c 20 Dec 2016 17:24:35 -0000 1.100
@@ -2896,6 +2896,7 @@
}
if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) {
if (count >= 4) {
+ int retTIFFReadRawTile;
/* Ignore EOI marker of JpegTables */
_TIFFmemcpy(buffer, jpt, count - 2);
bufferoffset += count - 2;
@@ -2903,22 +2904,23 @@
table_end[0] = buffer[bufferoffset-2];
table_end[1] = buffer[bufferoffset-1];
xuint32 = bufferoffset;
- bufferoffset -= 2;
- bufferoffset += TIFFReadRawTile(
+ bufferoffset -= 2;
+ retTIFFReadRawTile= TIFFReadRawTile(
input,
tile,
(tdata_t) &(((unsigned char*)buffer)[bufferoffset]),
-1);
+ if( retTIFFReadRawTile < 0 )
+ {
+ _TIFFfree(buffer);
+ t2p->t2p_error = T2P_ERR_ERROR;
+ return(0);
+ }
+ bufferoffset += retTIFFReadRawTile;
/* Overwrite SOI marker of image scan with previously */
/* saved end of JpegTables */
buffer[xuint32-2]=table_end[0];
buffer[xuint32-1]=table_end[1];
- } else {
- bufferoffset += TIFFReadRawTile(
- input,
- tile,
- (tdata_t) &(((unsigned char*)buffer)[bufferoffset]),
- -1);
}
}
t2pWriteFile(output, (tdata_t) buffer, bufferoffset);

View file

@ -1,449 +0,0 @@
Fixes CVE-2017-{7595,7596,7597,7598,7599,7600,7601,7602}:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602
2017-01-11 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_dir.c, tif_dirread.c, tif_dirwrite.c: implement various
clampings
of double to other data types to avoid undefined behaviour if the
output range
isn't big enough to hold the input value.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2643
http://bugzilla.maptools.org/show_bug.cgi?id=2642
http://bugzilla.maptools.org/show_bug.cgi?id=2646
http://bugzilla.maptools.org/show_bug.cgi?id=2647
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1204; previous revision: 1.1203
/cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v <-- libtiff/tif_dir.c
new revision: 1.129; previous revision: 1.128
/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- libtiff/tif_dirread.c
new revision: 1.207; previous revision: 1.206
/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirwrite.c,v <-- libtiff/tif_dirwrite.c
new revision: 1.85; previous revision: 1.84
2017-01-11 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_dirread.c: avoid division by floating point 0 in
TIFFReadDirEntryCheckedRational() and
TIFFReadDirEntryCheckedSrational(),
and return 0 in that case (instead of infinity as before presumably)
Apparently some sanitizers do not like those divisions by zero.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2644
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1203; previous revision: 1.1202
/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- libtiff/tif_dirread.c
new revision: 1.206; previous revision: 1.205
2017-01-11 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_jpeg.c: validate BitsPerSample in JPEGSetupEncode() to
avoid undefined behaviour caused by invalid shift exponent.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2648
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1205; previous revision: 1.1204
/cvs/maptools/cvsroot/libtiff/libtiff/tif_jpeg.c,v <-- libtiff/tif_jpeg.c
new revision: 1.126; previous revision: 1.125
2017-01-11 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_read.c: avoid potential undefined behaviour on signed
integer addition in TIFFReadRawStrip1() in isMapped() case.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2650
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1206; previous revision: 1.1205
/cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v <-- libtiff/tif_read.c
new revision: 1.51; previous revision: 1.50
Index: libtiff/libtiff/tif_dir.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v
retrieving revision 1.128
retrieving revision 1.129
diff -u -r1.128 -r1.129
--- libtiff/libtiff/tif_dir.c 3 Dec 2016 15:30:31 -0000 1.128
+++ libtiff/libtiff/tif_dir.c 11 Jan 2017 16:09:02 -0000 1.129
@@ -1,4 +1,4 @@
-/* $Id: tif_dir.c,v 1.128 2016-12-03 15:30:31 erouault Exp $ */
+/* $Id: tif_dir.c,v 1.129 2017-01-11 16:09:02 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -31,6 +31,7 @@
* (and also some miscellaneous stuff)
*/
#include "tiffiop.h"
+#include <float.h>
/*
* These are used in the backwards compatibility code...
@@ -154,6 +155,15 @@
return (0);
}
+static float TIFFClampDoubleToFloat( double val )
+{
+ if( val > FLT_MAX )
+ return FLT_MAX;
+ if( val < -FLT_MAX )
+ return -FLT_MAX;
+ return (float)val;
+}
+
static int
_TIFFVSetField(TIFF* tif, uint32 tag, va_list ap)
{
@@ -312,13 +322,13 @@
dblval = va_arg(ap, double);
if( dblval < 0 )
goto badvaluedouble;
- td->td_xresolution = (float) dblval;
+ td->td_xresolution = TIFFClampDoubleToFloat( dblval );
break;
case TIFFTAG_YRESOLUTION:
dblval = va_arg(ap, double);
if( dblval < 0 )
goto badvaluedouble;
- td->td_yresolution = (float) dblval;
+ td->td_yresolution = TIFFClampDoubleToFloat( dblval );
break;
case TIFFTAG_PLANARCONFIG:
v = (uint16) va_arg(ap, uint16_vap);
@@ -327,10 +337,10 @@
td->td_planarconfig = (uint16) v;
break;
case TIFFTAG_XPOSITION:
- td->td_xposition = (float) va_arg(ap, double);
+ td->td_xposition = TIFFClampDoubleToFloat( va_arg(ap, double) );
break;
case TIFFTAG_YPOSITION:
- td->td_yposition = (float) va_arg(ap, double);
+ td->td_yposition = TIFFClampDoubleToFloat( va_arg(ap, double) );
break;
case TIFFTAG_RESOLUTIONUNIT:
v = (uint16) va_arg(ap, uint16_vap);
Index: libtiff/libtiff/tif_dirread.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v
retrieving revision 1.206
retrieving revision 1.207
diff -u -r1.206 -r1.207
--- libtiff/libtiff/tif_dirread.c 11 Jan 2017 13:28:01 -0000 1.206
+++ libtiff/libtiff/tif_dirread.c 11 Jan 2017 16:09:02 -0000 1.207
@@ -1,4 +1,4 @@
-/* $Id: tif_dirread.c,v 1.205 2016-12-03 11:02:15 erouault Exp $ */
+/* $Id: tif_dirread.c,v 1.207 2017-01-11 16:09:02 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -40,6 +40,7 @@
*/
#include "tiffiop.h"
+#include <float.h>
#define IGNORE 0 /* tag placeholder used below */
#define FAILED_FII ((uint32) -1)
@@ -2406,7 +2407,14 @@
ma=(double*)origdata;
mb=data;
for (n=0; n<count; n++)
- *mb++=(float)(*ma++);
+ {
+ double val = *ma++;
+ if( val > FLT_MAX )
+ val = FLT_MAX;
+ else if( val < -FLT_MAX )
+ val = -FLT_MAX;
+ *mb++=(float)val;
+ }
}
break;
}
Index: libtiff/libtiff/tif_dirwrite.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirwrite.c,v
retrieving revision 1.84
retrieving revision 1.85
diff -u -r1.84 -r1.85
--- libtiff/libtiff/tif_dirwrite.c 11 Jan 2017 12:51:59 -0000 1.84
+++ libtiff/libtiff/tif_dirwrite.c 11 Jan 2017 16:09:02 -0000 1.85
@@ -1,4 +1,4 @@
-/* $Id: tif_dirwrite.c,v 1.83 2016-10-25 21:35:15 erouault Exp $ */
+/* $Id: tif_dirwrite.c,v 1.85 2017-01-11 16:09:02 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -30,6 +30,7 @@
* Directory Write Support Routines.
*/
#include "tiffiop.h"
+#include <float.h>
#ifdef HAVE_IEEEFP
#define TIFFCvtNativeToIEEEFloat(tif, n, fp)
@@ -939,6 +940,69 @@
return(0);
}
+static float TIFFClampDoubleToFloat( double val )
+{
+ if( val > FLT_MAX )
+ return FLT_MAX;
+ if( val < -FLT_MAX )
+ return -FLT_MAX;
+ return (float)val;
+}
+
+static int8 TIFFClampDoubleToInt8( double val )
+{
+ if( val > 127 )
+ return 127;
+ if( val < -128 || val != val )
+ return -128;
+ return (int8)val;
+}
+
+static int16 TIFFClampDoubleToInt16( double val )
+{
+ if( val > 32767 )
+ return 32767;
+ if( val < -32768 || val != val )
+ return -32768;
+ return (int16)val;
+}
+
+static int32 TIFFClampDoubleToInt32( double val )
+{
+ if( val > 0x7FFFFFFF )
+ return 0x7FFFFFFF;
+ if( val < -0x7FFFFFFF-1 || val != val )
+ return -0x7FFFFFFF-1;
+ return (int32)val;
+}
+
+static uint8 TIFFClampDoubleToUInt8( double val )
+{
+ if( val < 0 )
+ return 0;
+ if( val > 255 || val != val )
+ return 255;
+ return (uint8)val;
+}
+
+static uint16 TIFFClampDoubleToUInt16( double val )
+{
+ if( val < 0 )
+ return 0;
+ if( val > 65535 || val != val )
+ return 65535;
+ return (uint16)val;
+}
+
+static uint32 TIFFClampDoubleToUInt32( double val )
+{
+ if( val < 0 )
+ return 0;
+ if( val > 0xFFFFFFFFU || val != val )
+ return 0xFFFFFFFFU;
+ return (uint32)val;
+}
+
static int
TIFFWriteDirectoryTagSampleformatArray(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, uint16 tag, uint32 count, double* value)
{
@@ -959,7 +1023,7 @@
if (tif->tif_dir.td_bitspersample<=32)
{
for (i = 0; i < count; ++i)
- ((float*)conv)[i] = (float)value[i];
+ ((float*)conv)[i] = TIFFClampDoubleToFloat(value[i]);
ok = TIFFWriteDirectoryTagFloatArray(tif,ndir,dir,tag,count,(float*)conv);
}
else
@@ -971,19 +1035,19 @@
if (tif->tif_dir.td_bitspersample<=8)
{
for (i = 0; i < count; ++i)
- ((int8*)conv)[i] = (int8)value[i];
+ ((int8*)conv)[i] = TIFFClampDoubleToInt8(value[i]);
ok = TIFFWriteDirectoryTagSbyteArray(tif,ndir,dir,tag,count,(int8*)conv);
}
else if (tif->tif_dir.td_bitspersample<=16)
{
for (i = 0; i < count; ++i)
- ((int16*)conv)[i] = (int16)value[i];
+ ((int16*)conv)[i] = TIFFClampDoubleToInt16(value[i]);
ok = TIFFWriteDirectoryTagSshortArray(tif,ndir,dir,tag,count,(int16*)conv);
}
else
{
for (i = 0; i < count; ++i)
- ((int32*)conv)[i] = (int32)value[i];
+ ((int32*)conv)[i] = TIFFClampDoubleToInt32(value[i]);
ok = TIFFWriteDirectoryTagSlongArray(tif,ndir,dir,tag,count,(int32*)conv);
}
break;
@@ -991,19 +1055,19 @@
if (tif->tif_dir.td_bitspersample<=8)
{
for (i = 0; i < count; ++i)
- ((uint8*)conv)[i] = (uint8)value[i];
+ ((uint8*)conv)[i] = TIFFClampDoubleToUInt8(value[i]);
ok = TIFFWriteDirectoryTagByteArray(tif,ndir,dir,tag,count,(uint8*)conv);
}
else if (tif->tif_dir.td_bitspersample<=16)
{
for (i = 0; i < count; ++i)
- ((uint16*)conv)[i] = (uint16)value[i];
+ ((uint16*)conv)[i] = TIFFClampDoubleToUInt16(value[i]);
ok = TIFFWriteDirectoryTagShortArray(tif,ndir,dir,tag,count,(uint16*)conv);
}
else
{
for (i = 0; i < count; ++i)
- ((uint32*)conv)[i] = (uint32)value[i];
+ ((uint32*)conv)[i] = TIFFClampDoubleToUInt32(value[i]);
ok = TIFFWriteDirectoryTagLongArray(tif,ndir,dir,tag,count,(uint32*)conv);
}
break;
@@ -2102,7 +2102,7 @@
m[0]=0;
m[1]=1;
}
- else if (value==(double)(uint32)value)
+ else if (value <= 0xFFFFFFFFU && value==(double)(uint32)value)
{
m[0]=(uint32)value;
m[1]=1;
@@ -2148,12 +2217,13 @@
}
for (na=value, nb=m, nc=0; nc<count; na++, nb+=2, nc++)
{
- if (*na<=0.0)
+ if (*na<=0.0 || *na != *na)
{
nb[0]=0;
nb[1]=1;
}
- else if (*na==(float)(uint32)(*na))
+ else if (*na >= 0 && *na <= (float)0xFFFFFFFFU &&
+ *na==(float)(uint32)(*na))
{
nb[0]=(uint32)(*na);
nb[1]=1;
Index: libtiff/libtiff/tif_dirread.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v
retrieving revision 1.205
retrieving revision 1.206
diff -u -r1.205 -r1.206
--- libtiff/libtiff/tif_dirread.c 3 Dec 2016 11:02:15 -0000 1.205
+++ libtiff/libtiff/tif_dirread.c 11 Jan 2017 13:28:01 -0000 1.206
@@ -2872,7 +2872,10 @@
m.l = direntry->tdir_offset.toff_long8;
if (tif->tif_flags&TIFF_SWAB)
TIFFSwabArrayOfLong(m.i,2);
- if (m.i[0]==0)
+ /* Not completely sure what we should do when m.i[1]==0, but some */
+ /* sanitizers do not like division by 0.0: */
+ /* http://bugzilla.maptools.org/show_bug.cgi?id=2644 */
+ if (m.i[0]==0 || m.i[1]==0)
*value=0.0;
else
*value=(double)m.i[0]/(double)m.i[1];
@@ -2900,7 +2903,10 @@
m.l=direntry->tdir_offset.toff_long8;
if (tif->tif_flags&TIFF_SWAB)
TIFFSwabArrayOfLong(m.i,2);
- if ((int32)m.i[0]==0)
+ /* Not completely sure what we should do when m.i[1]==0, but some */
+ /* sanitizers do not like division by 0.0: */
+ /* http://bugzilla.maptools.org/show_bug.cgi?id=2644 */
+ if ((int32)m.i[0]==0 || m.i[1]==0)
*value=0.0;
else
*value=(double)((int32)m.i[0])/(double)m.i[1];
Index: libtiff/libtiff/tif_jpeg.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_jpeg.c,v
retrieving revision 1.125
retrieving revision 1.126
diff -u -r1.125 -r1.126
--- libtiff/libtiff/tif_jpeg.c 11 Jan 2017 12:15:01 -0000 1.125
+++ libtiff/libtiff/tif_jpeg.c 11 Jan 2017 16:13:50 -0000 1.126
@@ -1,4 +1,4 @@
-/* $Id: tif_jpeg.c,v 1.123 2016-01-23 21:20:34 erouault Exp $ */
+/* $Id: tif_jpeg.c,v 1.126 2017-01-11 16:13:50 erouault Exp $ */
/*
* Copyright (c) 1994-1997 Sam Leffler
@@ -1632,6 +1632,13 @@
"Invalig horizontal/vertical sampling value");
return (0);
}
+ if( td->td_bitspersample > 16 )
+ {
+ TIFFErrorExt(tif->tif_clientdata, module,
+ "BitsPerSample %d not allowed for JPEG",
+ td->td_bitspersample);
+ return (0);
+ }
/*
* A ReferenceBlackWhite field *must* be present since the
Index: libtiff/libtiff/tif_read.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v
retrieving revision 1.50
retrieving revision 1.51
diff -u -r1.50 -r1.51
--- libtiff/libtiff/tif_read.c 2 Dec 2016 21:56:56 -0000 1.50
+++ libtiff/libtiff/tif_read.c 11 Jan 2017 16:33:34 -0000 1.51
@@ -420,16 +420,25 @@
return ((tmsize_t)(-1));
}
} else {
- tmsize_t ma,mb;
+ tmsize_t ma;
tmsize_t n;
- ma=(tmsize_t)td->td_stripoffset[strip];
- mb=ma+size;
- if ((td->td_stripoffset[strip] > (uint64)TIFF_TMSIZE_T_MAX)||(ma>tif->tif_size))
- n=0;
- else if ((mb<ma)||(mb<size)||(mb>tif->tif_size))
- n=tif->tif_size-ma;
- else
- n=size;
+ if ((td->td_stripoffset[strip] > (uint64)TIFF_TMSIZE_T_MAX)||
+ ((ma=(tmsize_t)td->td_stripoffset[strip])>tif->tif_size))
+ {
+ n=0;
+ }
+ else if( ma > TIFF_TMSIZE_T_MAX - size )
+ {
+ n=0;
+ }
+ else
+ {
+ tmsize_t mb=ma+size;
+ if (mb>tif->tif_size)
+ n=tif->tif_size-ma;
+ else
+ n=size;
+ }
if (n!=size) {
#if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
TIFFErrorExt(tif->tif_clientdata, module,

View file

@ -1,42 +0,0 @@
Fix NULL pointer dereference in TIFFReadRawData():
http://bugzilla.maptools.org/show_bug.cgi?id=2594
2016-12-03 Even Rouault <even.rouault at spatialys.com>
* tools/tiffinfo.c: fix null pointer dereference in -r mode when
* the
image has
no StripByteCount tag.
Reported by Agostino Sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2594
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1182; previous revision: 1.1181
/cvs/maptools/cvsroot/libtiff/tools/tiffinfo.c,v <-- tools/tiffinfo.c
new revision: 1.26; previous revision: 1.25
Index: libtiff/tools/tiffinfo.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffinfo.c,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- libtiff/tools/tiffinfo.c 12 Nov 2016 20:06:05 -0000 1.25
+++ libtiff/tools/tiffinfo.c 3 Dec 2016 14:18:49 -0000 1.26
@@ -1,4 +1,4 @@
-/* $Id: tiffinfo.c,v 1.25 2016-11-12 20:06:05 bfriesen Exp $ */
+/* $Id: tiffinfo.c,v 1.26 2016-12-03 14:18:49 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -417,7 +417,7 @@
uint64* stripbc=NULL;
TIFFGetField(tif, TIFFTAG_STRIPBYTECOUNTS, &stripbc);
- if (nstrips > 0) {
+ if (stripbc != NULL && nstrips > 0) {
uint32 bufsize = (uint32) stripbc[0];
tdata_t buf = _TIFFmalloc(bufsize);
tstrip_t s;

View file

@ -1,41 +0,0 @@
Fix a integer underflow in tiffcp that led to heap overflows in
TIFFReverseBits():
http://bugzilla.maptools.org/show_bug.cgi?id=2598
2016-12-02 Even Rouault <even.rouault at spatialys.com>
* tools/tiffcp.c: avoid uint32 underflow in cpDecodedStrips that
can cause various issues, such as buffer overflows in the library.
Reported by Agostino Sarubbo.
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2598
/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
new revision: 1.1174; previous revision: 1.1173
/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c
new revision: 1.56; previous revision: 1.55
Index: libtiff/tools/tiffcp.c
===================================================================
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- libtiff/tools/tiffcp.c 8 Oct 2016 15:54:57 -0000 1.55
+++ libtiff/tools/tiffcp.c 2 Dec 2016 22:13:32 -0000 1.56
@@ -1,4 +1,4 @@
-/* $Id: tiffcp.c,v 1.55 2016-10-08 15:54:57 erouault Exp $ */
+/* $Id: tiffcp.c,v 1.56 2016-12-02 22:13:32 erouault Exp $ */
/*
* Copyright (c) 1988-1997 Sam Leffler
@@ -985,7 +985,7 @@
tstrip_t s, ns = TIFFNumberOfStrips(in);
uint32 row = 0;
_TIFFmemset(buf, 0, stripsize);
- for (s = 0; s < ns; s++) {
+ for (s = 0; s < ns && row < imagelength; s++) {
tsize_t cc = (row + rowsperstrip > imagelength) ?
TIFFVStripSize(in, imagelength - row) : stripsize;
if (TIFFReadEncodedStrip(in, s, buf, cc) < 0

View file

@ -0,0 +1,37 @@
Fix CVE-2017-9287:
https://www.openldap.org/its/?findid=8655
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9287
Patch copied from upstream source repository:
https://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e
From 0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e Mon Sep 17 00:00:00 2001
From: Ryan Tandy <ryan@nardis.ca>
Date: Wed, 17 May 2017 20:07:39 -0700
Subject: [PATCH] ITS#8655 fix double free on paged search with pagesize 0
Fixes a double free when a search includes the Paged Results control
with a page size of 0 and the search base matches the filter.
---
servers/slapd/back-mdb/search.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/servers/slapd/back-mdb/search.c b/servers/slapd/back-mdb/search.c
index 301d1a498c..43442aa242 100644
--- a/servers/slapd/back-mdb/search.c
+++ b/servers/slapd/back-mdb/search.c
@@ -1066,7 +1066,8 @@ notfound:
/* check size limit */
if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) {
if ( rs->sr_nentries >= ((PagedResultsState *)op->o_pagedresults_state)->ps_size ) {
- mdb_entry_return( op, e );
+ if (e != base)
+ mdb_entry_return( op, e );
e = NULL;
send_paged_response( op, rs, &lastid, tentries );
goto done;
--
2.13.0

View file

@ -0,0 +1,151 @@
From 86b98a11559da7d1b21dc9b4c6b10511b9095bc4 Mon Sep 17 00:00:00 2001
From: Simon Cross <hodgestar@gmail.com>
Date: Sun, 16 Feb 2014 18:46:15 +0000
Subject: [PATCH 05/16] Add support for Python 3.4 AST (support for
NameConstants and changes to existing to arguments node attributes).
---
genshi/template/astutil.py | 31 ++++++++++++++++++++++++++++---
genshi/template/eval.py | 34 +++++++++++++++++++---------------
2 files changed, 47 insertions(+), 18 deletions(-)
diff --git a/genshi/template/astutil.py b/genshi/template/astutil.py
index a4c21c8..a3946b4 100644
--- a/genshi/template/astutil.py
+++ b/genshi/template/astutil.py
@@ -21,7 +21,7 @@ else:
def parse(source, mode):
return compile(source, '', mode, _ast.PyCF_ONLY_AST)
-from genshi.compat import IS_PYTHON2
+from genshi.compat import IS_PYTHON2, isstring
__docformat__ = 'restructuredtext en'
@@ -103,8 +103,13 @@ class ASTCodeGenerator(object):
self._new_line()
return self.visit(node.body)
+ # Python < 3.4
# arguments = (expr* args, identifier? vararg,
# identifier? kwarg, expr* defaults)
+ #
+ # Python >= 3.4
+ # arguments = (arg* args, arg? vararg, arg* kwonlyargs, expr* kw_defaults,
+ # arg? kwarg, expr* defaults)
def visit_arguments(self, node):
first = True
no_default_count = len(node.args) - len(node.defaults)
@@ -122,13 +127,21 @@ class ASTCodeGenerator(object):
self._write(', ')
else:
first = False
- self._write('*' + node.vararg)
+ self._write('*')
+ if isstring(node.vararg):
+ self._write(node.vararg)
+ else:
+ self.visit(node.vararg)
if getattr(node, 'kwarg', None):
if not first:
self._write(', ')
else:
first = False
- self._write('**' + node.kwarg)
+ self._write('**')
+ if isstring(node.kwarg):
+ self._write(node.kwarg)
+ else:
+ self.visit(node.kwarg)
if not IS_PYTHON2:
# In Python 3 arguments get a special node
@@ -724,6 +737,17 @@ class ASTCodeGenerator(object):
def visit_Name(self, node):
self._write(node.id)
+ # NameConstant(singleton value)
+ def visit_NameConstant(self, node):
+ if node.value is None:
+ self._write('None')
+ elif node.value is True:
+ self._write('True')
+ elif node.value is False:
+ self._write('False')
+ else:
+ raise Exception("Unknown NameConstant %r" % (node.value,))
+
# List(expr* elts, expr_context ctx)
def visit_List(self, node):
self._write('[')
@@ -829,6 +853,7 @@ class ASTTransformer(object):
visit_Attribute = _clone
visit_Subscript = _clone
visit_Name = _clone
+ visit_NameConstant = _clone
visit_List = _clone
visit_Tuple = _clone
diff --git a/genshi/template/eval.py b/genshi/template/eval.py
index 89aec49..de4bc86 100644
--- a/genshi/template/eval.py
+++ b/genshi/template/eval.py
@@ -24,7 +24,8 @@ from genshi.template.astutil import ASTTransformer, ASTCodeGenerator, \
from genshi.template.base import TemplateRuntimeError
from genshi.util import flatten
-from genshi.compat import get_code_params, build_code_chunk, IS_PYTHON2
+from genshi.compat import get_code_params, build_code_chunk, isstring, \
+ IS_PYTHON2
__all__ = ['Code', 'Expression', 'Suite', 'LenientLookup', 'StrictLookup',
'Undefined', 'UndefinedError']
@@ -495,28 +496,31 @@ class TemplateASTTransformer(ASTTransformer):
def __init__(self):
self.locals = [CONSTANTS]
+ def _process(self, names, node):
+ if not IS_PYTHON2 and isinstance(node, _ast.arg):
+ names.add(node.arg)
+ elif isstring(node):
+ names.add(node)
+ elif isinstance(node, _ast.Name):
+ names.add(node.id)
+ elif isinstance(node, _ast.alias):
+ names.add(node.asname or node.name)
+ elif isinstance(node, _ast.Tuple):
+ for elt in node.elts:
+ self._process(names, elt)
+
def _extract_names(self, node):
names = set()
- def _process(node):
- if not IS_PYTHON2 and isinstance(node, _ast.arg):
- names.add(node.arg)
- if isinstance(node, _ast.Name):
- names.add(node.id)
- elif isinstance(node, _ast.alias):
- names.add(node.asname or node.name)
- elif isinstance(node, _ast.Tuple):
- for elt in node.elts:
- _process(elt)
if hasattr(node, 'args'):
for arg in node.args:
- _process(arg)
+ self._process(names, arg)
if hasattr(node, 'vararg'):
- names.add(node.vararg)
+ self._process(names, node.vararg)
if hasattr(node, 'kwarg'):
- names.add(node.kwarg)
+ self._process(names, node.kwarg)
elif hasattr(node, 'names'):
for elt in node.names:
- _process(elt)
+ self._process(names, elt)
return names
def visit_Str(self, node):
--
2.12.0

View file

@ -0,0 +1,25 @@
From 32bfaa7cc1c736fd62fcbb6414de9498dc20ed07 Mon Sep 17 00:00:00 2001
From: Adriano Peluso <catonano@gmail.com>
Date: Wed, 5 Apr 2017 15:13:06 +0200
Subject: [PATCH 2/2] buildable on python27 too
---
genshi/template/directives.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/genshi/template/directives.py b/genshi/template/directives.py
index 6fd0f28..1f70ef6 100644
--- a/genshi/template/directives.py
+++ b/genshi/template/directives.py
@@ -266,7 +266,7 @@ class DefDirective(Directive):
if isinstance(ast, _ast.Call):
self.name = ast.func.id
for arg in ast.args:
- if isinstance(arg, _ast.Starred):
+ if hasattr(_ast, 'Starred') and isinstance(arg, _ast.Starred):
# Python 3.5+
self.star_args = arg.value.id
else:
--
2.12.0

View file

@ -0,0 +1,32 @@
From cef2c8df44166195e1705638f9f17033a4943bb7 Mon Sep 17 00:00:00 2001
From: Simon Cross <hodgestar@gmail.com>
Date: Sun, 16 Feb 2014 18:32:21 +0000
Subject: [PATCH 02/15] Disable the speedups C extension on CPython >= 3.3
since Genshi doesn't support the new Unicode C API yet.
---
setup.py | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/setup.py b/setup.py
index 123a2cb..a3d748c 100755
--- a/setup.py
+++ b/setup.py
@@ -65,9 +65,13 @@ available.""")
if Feature:
+ # Optional C extension module for speeding up Genshi:
+ # Not activated by default on:
+ # - PyPy (where it harms performance)
+ # - CPython >= 3.3 (the new Unicode C API is not supported yet)
speedups = Feature(
"optional C speed-enhancements",
- standard = not is_pypy,
+ standard = not is_pypy and sys.version_info < (3, 3),
ext_modules = [
Extension('genshi._speedups', ['genshi/_speedups.c']),
],
--
2.12.0

View file

@ -0,0 +1,112 @@
From ce796ad4bae5c47011876778674ad036357febdf Mon Sep 17 00:00:00 2001
From: Adriano Peluso <catonano@gmail.com>
Date: Wed, 5 Apr 2017 15:10:06 +0200
Subject: [PATCH 1/2] fixing the tests on python35
---
genshi/filters/i18n.py | 6 ++++--
genshi/template/astutil.py | 14 +++++++++++---
genshi/template/directives.py | 20 ++++++++++++++------
genshi/template/eval.py | 5 +++++
4 files changed, 34 insertions(+), 11 deletions(-)
diff --git a/genshi/filters/i18n.py b/genshi/filters/i18n.py
index 526fda4..5387fcf 100644
--- a/genshi/filters/i18n.py
+++ b/genshi/filters/i18n.py
@@ -1194,8 +1194,10 @@ def extract_from_code(code, gettext_functions):
elif arg:
strings.append(None)
[_add(arg) for arg in node.args]
- _add(node.starargs)
- _add(node.kwargs)
+ if hasattr(node, 'starargs'):
+ _add(node.starargs)
+ if hasattr(node, 'kwargs'):
+ _add(node.kwargs)
if len(strings) == 1:
strings = strings[0]
else:
diff --git a/genshi/template/astutil.py b/genshi/template/astutil.py
index f4e1edd..e561846 100644
--- a/genshi/template/astutil.py
+++ b/genshi/template/astutil.py
@@ -151,6 +151,10 @@ class ASTCodeGenerator(object):
def visit_arg(self, node):
self._write(node.arg)
+ def visit_Starred(self, node):
+ self._write('*')
+ self.visit(node.value)
+
# FunctionDef(identifier name, arguments args,
# stmt* body, expr* decorator_list)
def visit_FunctionDef(self, node):
@@ -664,9 +668,13 @@ class ASTCodeGenerator(object):
if not first:
self._write(', ')
first = False
- # keyword = (identifier arg, expr value)
- self._write(keyword.arg)
- self._write('=')
+ if not keyword.arg:
+ # Python 3.5+ star-star args
+ self._write('**')
+ else:
+ # keyword = (identifier arg, expr value)
+ self._write(keyword.arg)
+ self._write('=')
self.visit(keyword.value)
if getattr(node, 'starargs', None):
if not first:
diff --git a/genshi/template/directives.py b/genshi/template/directives.py
index 7301c2d..6fd0f28 100644
--- a/genshi/template/directives.py
+++ b/genshi/template/directives.py
@@ -266,13 +266,21 @@ class DefDirective(Directive):
if isinstance(ast, _ast.Call):
self.name = ast.func.id
for arg in ast.args:
- # only names
- self.args.append(arg.id)
+ if isinstance(arg, _ast.Starred):
+ # Python 3.5+
+ self.star_args = arg.value.id
+ else:
+ # only names
+ self.args.append(arg.id)
for kwd in ast.keywords:
- self.args.append(kwd.arg)
- exp = Expression(kwd.value, template.filepath,
- lineno, lookup=template.lookup)
- self.defaults[kwd.arg] = exp
+ if kwd.arg is None:
+ # Python 3.5+
+ self.dstar_args = kwd.value.id
+ else:
+ self.args.append(kwd.arg)
+ exp = Expression(kwd.value, template.filepath,
+ lineno, lookup=template.lookup)
+ self.defaults[kwd.arg] = exp
if getattr(ast, 'starargs', None):
self.star_args = ast.starargs.id
if getattr(ast, 'kwargs', None):
diff --git a/genshi/template/eval.py b/genshi/template/eval.py
index d378419..81644a7 100644
--- a/genshi/template/eval.py
+++ b/genshi/template/eval.py
@@ -600,6 +600,11 @@ class TemplateASTTransformer(ASTTransformer):
finally:
self.locals.pop()
+ # Only used in Python 3.5+
+ def visit_Starred(self, node):
+ node.value = self.visit(node.value)
+ return node
+
def visit_Name(self, node):
# If the name refers to a local inside a lambda, list comprehension, or
# generator expression, leave it alone
--
2.12.0

View file

@ -0,0 +1,37 @@
From cc5e07284f44cdd9beec178c69070a53f55d1323 Mon Sep 17 00:00:00 2001
From: Simon Cross <hodgestar@gmail.com>
Date: Sun, 16 Feb 2014 18:43:20 +0000
Subject: [PATCH 03/15] Add isstring helper.
---
genshi/compat.py | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/genshi/compat.py b/genshi/compat.py
index 9787325..6574e39 100644
--- a/genshi/compat.py
+++ b/genshi/compat.py
@@ -35,6 +35,15 @@ else:
'Python 2 compatibility function. Not usable in Python 3.')
+# We need to test if an object is an instance of a string type in places
+
+if IS_PYTHON2:
+ def isstring(obj):
+ return isinstance(obj, basestring)
+else:
+ def isstring(obj):
+ return isinstance(obj, str)
+
# We need to differentiate between StringIO and BytesIO in places
if IS_PYTHON2:
@@ -112,4 +121,3 @@ except NameError:
if not x:
return False
return True
-
--
2.12.0

View file

@ -0,0 +1,51 @@
From 0769be04c3891ae5c724c6779ba13d1d0f53b4ae Mon Sep 17 00:00:00 2001
From: Simon Cross <hodgestar@gmail.com>
Date: Sun, 16 Feb 2014 18:25:17 +0000
Subject: [PATCH 01/15] Also allow stripping of unsafe script tags (Python 3.4
parses the second example as a tag whose name is script&xyz).
---
genshi/filters/tests/test_html.py | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/genshi/filters/tests/test_html.py b/genshi/filters/tests/test_html.py
index 0c6cfe1..45ec0da 100644
--- a/genshi/filters/tests/test_html.py
+++ b/genshi/filters/tests/test_html.py
@@ -368,12 +368,16 @@ def StyleSanitizer():
class HTMLSanitizerTestCase(unittest.TestCase):
- def assert_parse_error_or_equal(self, expected, exploit):
+ def assert_parse_error_or_equal(self, expected, exploit,
+ allow_strip=False):
try:
html = HTML(exploit)
except ParseError:
return
- self.assertEquals(expected, (html | HTMLSanitizer()).render())
+ sanitized_html = (html | HTMLSanitizer()).render()
+ if not sanitized_html and allow_strip:
+ return
+ self.assertEquals(expected, sanitized_html)
def test_sanitize_unchanged(self):
html = HTML(u'<a href="#">fo<br />o</a>')
@@ -416,10 +420,12 @@ class HTMLSanitizerTestCase(unittest.TestCase):
html = HTML(u'<SCRIPT SRC="http://example.com/"></SCRIPT>')
self.assertEquals('', (html | HTMLSanitizer()).render())
src = u'<SCR\0IPT>alert("foo")</SCR\0IPT>'
- self.assert_parse_error_or_equal('&lt;SCR\x00IPT&gt;alert("foo")', src)
+ self.assert_parse_error_or_equal('&lt;SCR\x00IPT&gt;alert("foo")', src,
+ allow_strip=True)
src = u'<SCRIPT&XYZ SRC="http://example.com/"></SCRIPT>'
self.assert_parse_error_or_equal('&lt;SCRIPT&amp;XYZ; '
- 'SRC="http://example.com/"&gt;', src)
+ 'SRC="http://example.com/"&gt;', src,
+ allow_strip=True)
def test_sanitize_remove_onclick_attr(self):
html = HTML(u'<div onclick=\'alert("foo")\' />')
--
2.12.0

View file

@ -0,0 +1,35 @@
This patch prevents a code execution vector involving terminal escape
sequences when rxvt-unicode is in "secure mode".
This change was spurred by the following conversation on the
oss-security mailing list:
Problem description and proof of concept:
http://seclists.org/oss-sec/2017/q2/190
Upstream response:
http://seclists.org/oss-sec/2017/q2/291
Patch copied from upstream source repository:
http://cvs.schmorp.de/rxvt-unicode/src/command.C?r1=1.582&r2=1.583
--- rxvt-unicode/src/command.C 2016/07/14 05:33:26 1.582
+++ rxvt-unicode/src/command.C 2017/05/18 02:43:18 1.583
@@ -2695,7 +2695,7 @@
/* kidnapped escape sequence: Should be 8.3.48 */
case C1_ESA: /* ESC G */
// used by original rxvt for rob nations own graphics mode
- if (cmd_getc () == 'Q')
+ if (cmd_getc () == 'Q' && option (Opt_insecure))
tt_printf ("\033G0\012"); /* query graphics - no graphics */
break;
@@ -2914,7 +2914,7 @@
break;
case CSI_CUB: /* 8.3.18: (1) CURSOR LEFT */
- case CSI_HPB: /* 8.3.59: (1) CHARACTER POSITION BACKWARD */
+ case CSI_HPB: /* 8.3.59: (1) CHARACTER POSITION BACKWARD */
#ifdef ISO6429
arg[0] = -arg[0];
#else /* emulate common DEC VTs */

View file

@ -1,61 +0,0 @@
Allow Synfig to build in C++11 mode.
Taken from here:
https://projects.archlinux.org/svntogit/community.git/plain/trunk/build-fix.patch?h=packages/synfig
diff -wbBur synfig-1.0-RC5/src/modules/mod_libavcodec/mptr.cpp synfig-1.0-RC5.my/src/modules/mod_libavcodec/mptr.cpp
--- synfig-1.0-RC5/src/modules/mod_libavcodec/mptr.cpp 2015-03-28 13:15:00.000000000 +0300
+++ synfig-1.0-RC5.my/src/modules/mod_libavcodec/mptr.cpp 2015-04-28 16:56:11.568749053 +0300
@@ -56,8 +56,8 @@
/* === M E T H O D S ======================================================= */
-Importer_LibAVCodec::Importer_LibAVCodec(const char *file):
- filename(file)
+Importer_LibAVCodec::Importer_LibAVCodec(const synfig::FileSystem::Identifier &identifier):
+ Importer(identifier)
{
}
diff -wbBur synfig-1.0-RC5/src/modules/mod_libavcodec/mptr.h synfig-1.0-RC5.my/src/modules/mod_libavcodec/mptr.h
--- synfig-1.0-RC5/src/modules/mod_libavcodec/mptr.h 2015-03-28 13:15:00.000000000 +0300
+++ synfig-1.0-RC5.my/src/modules/mod_libavcodec/mptr.h 2015-04-28 16:55:18.699192946 +0300
@@ -46,7 +46,7 @@
synfig::String filename;
public:
- Importer_LibAVCodec(const char *filename);
+ Importer_LibAVCodec(const synfig::FileSystem::Identifier &identifier);
~Importer_LibAVCodec();
virtual bool get_frame(synfig::Surface &surface, const synfig::RendDesc &renddesc, synfig::Time time, synfig::ProgressCallback *callback);
diff -wbBur synfig-1.0-RC5/src/modules/mod_libavcodec/trgt_av.cpp synfig-1.0-RC5.my/src/modules/mod_libavcodec/trgt_av.cpp
--- synfig-1.0-RC5/src/modules/mod_libavcodec/trgt_av.cpp 2015-03-28 13:15:00.000000000 +0300
+++ synfig-1.0-RC5.my/src/modules/mod_libavcodec/trgt_av.cpp 2015-04-28 16:46:54.720091106 +0300
@@ -121,14 +121,14 @@
picture = avcodec_alloc_frame();
if (!picture)
return NULL;
- size = avpicture_get_size(pix_fmt, width, height);
+ size = avpicture_get_size((::PixelFormat)pix_fmt, width, height);
picture_buf = (uint8_t *)malloc(size);
if (!picture_buf) {
av_free(picture);
return NULL;
}
avpicture_fill((AVPicture *)picture, picture_buf,
- pix_fmt, width, height);
+ (::PixelFormat)pix_fmt, width, height);
return picture;
}
diff -wbBur synfig-1.0.2/src/synfig/time.cpp synfig-1.0.2.my/src/synfig/time.cpp
--- synfig-1.0.2/src/synfig/time.cpp 2015-07-09 10:33:03.000000000 +0300
+++ synfig-1.0.2.my/src/synfig/time.cpp 2015-10-12 13:54:58.382313903 +0300
@@ -319,5 +319,5 @@
bool
Time::is_valid()const
{
- return !isnan(value_);
+ return !::isnan(value_);
}

View file

@ -0,0 +1,55 @@
Downloaded from
https://github.com/synfig/synfig/commit/b9c3b73ee35b83c4d9183c800809040cef98b2f2.patch
Without this patch the UI of Synfig Studio (when built with the latest version
of GTK) displays very large buttons in the header of every frame.
This patch can be removed with the next release.
From b9c3b73ee35b83c4d9183c800809040cef98b2f2 Mon Sep 17 00:00:00 2001
From: caryoscelus <caryoscelus@gmx.com>
Date: Wed, 25 Jan 2017 18:34:39 +0300
Subject: [PATCH] Fix dock drop area size
Fixes #227
By using Frame instead of Button we avoid intrusive Gtk themes
from forcing huge drop area size.
---
synfig-studio/src/gui/docks/dockdroparea.cpp | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/src/gui/docks/dockdroparea.cpp b/synfig-studio/src/gui/docks/dockdroparea.cpp
index 0f8936fdb..e012282f0 100644
--- a/src/gui/docks/dockdroparea.cpp
+++ b/src/gui/docks/dockdroparea.cpp
@@ -35,7 +35,7 @@
#include "app.h"
#include "docks/dockdroparea.h"
#include "docks/dockmanager.h"
-#include <gtkmm/button.h>
+#include <gtkmm/frame.h>
#endif
@@ -61,10 +61,15 @@ DockDropArea::DockDropArea(Gtk::Widget *target):
std::vector<Gtk::TargetEntry> listTargets;
listTargets.push_back( Gtk::TargetEntry("SYNFIG_DOCK") );
- Gtk::Button *button_left = manage(new Gtk::Button());
- Gtk::Button *button_right = manage(new Gtk::Button());
- Gtk::Button *button_top = manage(new Gtk::Button());
- Gtk::Button *button_bottom = manage(new Gtk::Button());
+ Gtk::Frame *button_left = manage(new Gtk::Frame());
+ Gtk::Frame *button_right = manage(new Gtk::Frame());
+ Gtk::Frame *button_top = manage(new Gtk::Frame());
+ Gtk::Frame *button_bottom = manage(new Gtk::Frame());
+
+ button_left->set_size_request(20, 10);
+ button_right->set_size_request(20, 10);
+ button_top->set_size_request(20, 10);
+ button_bottom->set_size_request(20, 10);
button_left->drag_dest_set(listTargets);
button_right->drag_dest_set(listTargets);

View file

@ -1574,14 +1574,14 @@ (define-public python2-polib
(define-public scons
(package
(name "scons")
(version "2.3.4")
(version "2.5.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/scons/scons/" version
"/scons-" version ".tar.gz"))
(sha256
(base32
"0hdlci43wjz8maryj83mz04ir6rwcdrrzpd7cpzvdlzycqhdfmsb"))))
"1wji1z9jdkhnmm99apx6fhld9cs52rr56aigniyrcsmlwy52298b"))))
(build-system python-build-system)
(arguments
;; With Python 3.x, fails to build with a syntax error.
@ -14800,3 +14800,125 @@ (define-public python-packaging
(define-public python2-packaging
(package-with-python2 python-packaging))
(define-public python-sql
(package
(name "python-sql")
(version "0.9")
(source
(origin
(method url-fetch)
(uri (pypi-uri "python-sql" version))
(sha256
(base32
"0p6kaqj02vz0habmdx37zjk6hjxdfm8aw737zs059vvpr70ird87"))))
(build-system python-build-system)
(home-page "https://python-sql.tryton.org/")
(synopsis "Library to write SQL queries in a pythonic way")
(description "@code{python-sql} is a library to write SQL queries, that
transforms idiomatic python function calls to well-formed SQL queries.")
(license license:bsd-3)))
(define-public python2-sql
(package-with-python2 python-sql))
(define-public python-genshi
(package
(name "python-genshi")
(version "0.7")
(source
(origin
(method url-fetch)
(uri (string-append
"https://ftp.edgewall.org/pub/genshi/Genshi-"
version ".tar.gz"))
(patches
(search-patches
;; The first 4 patches are in the master branch upstream.
;; See this as a reference https://genshi.edgewall.org/ticket/582
;; The last 2 are NOT in any branch.
;; They were sent as attachments to a ticket opened at
;; https://genshi.edgewall.org/ticket/602#no1
"python-genshi-stripping-of-unsafe-script-tags.patch"
"python-genshi-disable-speedups-on-python-3.3.patch"
"python-genshi-isstring-helper.patch"
"python-genshi-add-support-for-python-3.4-AST.patch"
"python-genshi-fix-tests-on-python-3.5.patch"
"python-genshi-buildable-on-python-2.7.patch"))
(sha256
(base32
"0lkkbp6fbwzv0zda5iqc21rr7rdldkwh3hfabfjl9i4bwq14858x"))))
(build-system python-build-system)
(home-page "https://genshi.edgewall.org/")
(synopsis "Toolkit for generation of output for the web")
(description "Genshi is a Python library that provides an integrated set
of components for parsing, generating, and processing HTML, XML or other
textual content for output generation on the web.")
(license license:bsd-3)))
;; The linter here claims that patch file names should start with the package
;; name. But, in this case the patches are inherited from python-genshi with
;; the "python-genshi-" prefix instead of "python2-genshi-".
(define-public python2-genshi
(package-with-python2 python-genshi))
(define-public python-relatorio
(package
(name "python-relatorio")
(version "0.6.4")
(source
(origin
(method url-fetch)
(uri (pypi-uri "relatorio" version))
(sha256
(base32
"0lincq79mzgazwd9gh41dybjh9c3n87r83pl8nk3j79aihyfk84z"))))
(build-system python-build-system)
(propagated-inputs
`(("python-lxml" ,python-lxml)
("python-genshi" ,python-genshi)))
(home-page "https://relatorio.tryton.org/")
(synopsis "Templating library able to output ODT and PDF files")
(description "Relatorio is a templating library which provides a way to
easily output ODT, ODS, PNG, SVG and several other kinds of files. Support
for more filetypes can be easily added by creating plugins for them.")
(license license:gpl3+)))
(define-public python2-relatorio
(package-with-python2 python-relatorio))
(define-public python-radon
(package
(name "python-radon")
(version "1.5.0")
(source
(origin
(method url-fetch)
(uri (pypi-uri "radon" version))
(sha256
(base32
"1h6jv36am0i827182a04ki6291lyx4kp957xfr5njgprj4nd0qsl"))))
(build-system python-build-system)
(propagated-inputs
`(("python-colorama" ,python-colorama)
("python-flake8-polyfill" ,python-flake8-polyfill)
("python-mando" ,python-mando-0.3.1)))
(native-inputs
`(("python-flake8" ,python-flake8)
("python-tox" ,python-tox)
("python-pytest" ,python-pytest)
("python-paramunittest" ,python-paramunittest)))
(home-page "https://radon.readthedocs.org/")
(synopsis "Code Metrics in Python")
(description "Radon is a Python tool which computes various code metrics.
Supported metrics are:
@itemize @bullet
@item raw metrics: SLOC, comment lines, blank lines, &c.
@item Cyclomatic Complexity (i.e. McCabes Complexity)
@item Halstead metrics (all of them)
@item the Maintainability Index (a Visual Studio metric)
@end itemize")
(license license:expat)))
(define-public python2-radon
(package-with-python2 python-radon))

View file

@ -349,7 +349,7 @@ (define-public qt-4
(define-public qtbase
(package
(name "qtbase")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -358,16 +358,18 @@ (define-public qtbase
version ".tar.xz"))
(sha256
(base32
"01f07yjly7y24njl2h4hyknmi7pf8yd9gky23szcfkd40ap12wf1"))
"0v19spxa4sfq0a35nab9n8n2s3jd0443px0k45zhhg103apv4zi6"))
(modules '((guix build utils)))
(snippet
;; corelib uses bundled harfbuzz, md4, md5, sha3
'(begin
;; Remove one of the two bundled harfbuzz copies in addition
;; to passing "-system-harfbuzz".
(delete-file-recursively "src/3rdparty/harfbuzz-ng")
;; Remove the bundled sqlite copy in addition to
;; passing "-system-sqlite".
(delete-file-recursively "src/3rdparty/sqlite")))))
(for-each
(lambda (dir)
(delete-file-recursively (string-append "src/3rdparty/" dir)))
(list "double-conversion" "freetype" "harfbuzz-ng"
"libpng" "libjpeg" "pcre2" "sqlite" "xcb"
"xkbcommon" "zlib"))
#t))))
(build-system gnu-build-system)
(propagated-inputs
`(("mesa" ,mesa)))
@ -403,7 +405,7 @@ (define-public qtbase
("mysql" ,mysql)
("nss" ,nss)
("openssl" ,openssl)
("pcre" ,pcre)
("pcre2" ,pcre2)
("postgresql" ,postgresql)
("pulseaudio" ,pulseaudio)
("sqlite" ,sqlite)
@ -459,11 +461,12 @@ (define-public qtbase
;; Do not build examples; if desired, these could go
;; into a separate output, but for the time being, we
;; prefer to save the space and build time.
"-nomake" "examples"
"-no-compile-examples"
;; Most "-system-..." are automatic, but some use
;; the bundled copy by default.
"-system-sqlite"
"-system-harfbuzz"
"-system-pcre"
;; explicitly link with openssl instead of dlopening it
"-openssl-linked"
;; explicitly link with dbus instead of dlopening it
@ -529,7 +532,7 @@ (define-public qtbase
(define-public qtsvg
(package (inherit qtbase)
(name "qtsvg")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -538,7 +541,7 @@ (define-public qtsvg
version ".tar.xz"))
(sha256
(base32
"12fwzbp28szqw1sk3flb8i6xnxgl94siwyy41ffdmd0s44f1jwwq"))))
"0zpy53vb0ckaj71ffl450qv9kipl8gwwcbbras8kbg6bpl8srl8g"))))
(propagated-inputs `())
(native-inputs `(("perl" ,perl)))
(inputs
@ -572,7 +575,7 @@ (define-public qtsvg
(define-public qtimageformats
(package (inherit qtsvg)
(name "qtimageformats")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -581,7 +584,7 @@ (define-public qtimageformats
version ".tar.xz"))
(sha256
(base32
"0vv0wh5q5sih294x661djzwvgdwy7r6xpnxsc111k5hwq7m5w13m"))
"10alm3kz3md835hf5hx7322bak9pp9igi2knvymxsjqr8x87jq94"))
(modules '((guix build utils)))
(snippet
'(delete-file-recursively "src/3rdparty"))))
@ -598,7 +601,7 @@ (define-public qtimageformats
(define-public qtx11extras
(package (inherit qtsvg)
(name "qtx11extras")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -607,7 +610,7 @@ (define-public qtx11extras
version ".tar.xz"))
(sha256
(base32
"03i8lk9qcdf8h2k4f3rkqqkzbrlnyaspv9mgjkn4k61s2asz5mxy"))))
"0smzs29zqi77s1038ddkj3wzcchajqrjymwa5jgva7n2dn2x40wy"))))
(arguments
(substitute-keyword-arguments (package-arguments qtsvg)
((#:tests? _ #f) #f))) ; TODO: Enable the tests
@ -619,7 +622,7 @@ (define-public qtx11extras
(define-public qtxmlpatterns
(package (inherit qtsvg)
(name "qtxmlpatterns")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -628,7 +631,7 @@ (define-public qtxmlpatterns
version ".tar.xz"))
(sha256
(base32
"016s75j2cml7kc8scdm9a6pmxm8jhs424lml2h9znm1flmgadzvv"))))
"1f2mly7ddw4hpr3x0lpdahcikivwhiwa3238yrg4gz2c3lxj5y21"))))
(arguments
(substitute-keyword-arguments (package-arguments qtsvg)
((#:phases phases)
@ -644,7 +647,7 @@ (define-public qtxmlpatterns
(define-public qtdeclarative
(package (inherit qtsvg)
(name "qtdeclarative")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -653,7 +656,7 @@ (define-public qtdeclarative
version ".tar.xz"))
(sha256
(base32
"0ilaf2sprpk9fg2j3905hxnhm0xbnm88ppk4zifp7n0jmnwix51j"))))
"1g9yz7q2laqs80m4i6zngxrq3pd7z5khr2f48glma8cmiw4p56rw"))))
(arguments
(substitute-keyword-arguments (package-arguments qtsvg)
((#:tests? _ #f) #f))) ; TODO: Enable the tests
@ -670,7 +673,7 @@ (define-public qtdeclarative
(define-public qtconnectivity
(package (inherit qtsvg)
(name "qtconnectivity")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -679,7 +682,7 @@ (define-public qtconnectivity
version ".tar.xz"))
(sha256
(base32
"1w97na5s420y08dcydqinbqb0rd9h4pfdnjbwslr0qvzsvlh2bbv"))))
"0k52acsywr849nw86dfjqcv1lqgnq01akqrm0qjs7ysm1ayg8mcp"))))
(arguments
(substitute-keyword-arguments (package-arguments qtsvg)
((#:phases phases)
@ -702,7 +705,7 @@ (define-public qtconnectivity
(define-public qtwebsockets
(package (inherit qtsvg)
(name "qtwebsockets")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -711,7 +714,7 @@ (define-public qtwebsockets
version ".tar.xz"))
(sha256
(base32
"1xa5p36grqxz3fa08amn7r3dy6k28g6y0gkc6jgj7lyhjzr0l4da"))))
"1ml60p50hr3f68l0fiyqg2pf6n37flzxafzasis42jm4m757m5v2"))))
(arguments
(substitute-keyword-arguments (package-arguments qtsvg)
((#:tests? _ #f) #f))) ; TODO: Enable the tests
@ -723,7 +726,7 @@ (define-public qtwebsockets
(define-public qtsensors
(package (inherit qtsvg)
(name "qtsensors")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -732,7 +735,7 @@ (define-public qtsensors
version ".tar.xz"))
(sha256
(base32
"15p7bp21yj4cdl5yfc9qnn4lhhiwiwx3b71lrb431kgqxhwhcp9s"))))
"0jdaw0i6rirs66x4cjh8l24fsyp020x1mv1psyf3ffbkdq1pngjx"))))
(native-inputs
`(("perl" ,perl)
("qtdeclarative" ,qtdeclarative)))
@ -741,7 +744,7 @@ (define-public qtsensors
(define-public qtmultimedia
(package (inherit qtsvg)
(name "qtmultimedia")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -750,7 +753,7 @@ (define-public qtmultimedia
version ".tar.xz"))
(sha256
(base32
"01sakngvsqr90qhrxyghfqdpddpxwbjyzzhm34k0hlpr6i409g58"))
"1vk0vlp9wapj1pip5v0v0sxynlig38m3a1qbjhid3rm27f971cqb"))
(modules '((guix build utils)))
(snippet
'(begin
@ -776,7 +779,7 @@ (define-public qtmultimedia
(define-public qtwayland
(package (inherit qtsvg)
(name "qtwayland")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -785,7 +788,11 @@ (define-public qtwayland
version ".tar.xz"))
(sha256
(base32
"06ilh55vaxbkyv7irw0n11gxgc34ypx2qhqawxzy7kllzg9zcl7z"))))
"0zlxlxrc15x69jwhcc6h0xi4mfchbb3pf27y3zy22yi3ynv2p04v"))
(modules '((guix build utils)))
(snippet
;; The examples try to build and cause the build to fail
'(delete-file-recursively "examples"))))
(native-inputs
`(("glib" ,glib)
("perl" ,perl)
@ -807,7 +814,7 @@ (define-public qtwayland
(define-public qtserialport
(package (inherit qtsvg)
(name "qtserialport")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -816,7 +823,7 @@ (define-public qtserialport
version ".tar.xz"))
(sha256
(base32
"1b86al3zn1pxyk0n59vh8bqxrpz2m0j33ygclaqbxl1sszg7ycaj"))))
"0zwxfbyn5rg6vyrgpi5c3n852vd32m37ghzyj4l50ljndlz2w0l0"))))
(native-inputs `(("perl" ,perl)))
(inputs
`(("qtbase" ,qtbase)
@ -825,7 +832,7 @@ (define-public qtserialport
(define-public qtserialbus
(package (inherit qtsvg)
(name "qtserialbus")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -834,7 +841,7 @@ (define-public qtserialbus
version ".tar.xz"))
(sha256
(base32
"02n1b1wrvfg6c7z15c5c5gv9r5gd4pp58jrd1a8d8fg3ybcksd2q"))))
"1zw32ha5hz7zsdp8m2dk58kivxd66vkzijbnhi8jvzjp4nf0pm1f"))))
(inputs
`(("qtbase" ,qtbase)
("qtserialport" ,qtserialport)))))
@ -842,7 +849,7 @@ (define-public qtserialbus
(define-public qtwebchannel
(package (inherit qtsvg)
(name "qtwebchannel")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -851,7 +858,7 @@ (define-public qtwebchannel
version ".tar.xz"))
(sha256
(base32
"0jhbgp9rdp5lpwjrykxmg4lb60wk7gm3dldz5kp3b8ms2dab3xav"))))
"1fg1g2h9s9v6lg10ix59pzws35fyh3hh5x2005pyp84xdg47mvqj"))))
(native-inputs
`(("perl" ,perl)
("qtdeclarative" ,qtdeclarative)
@ -861,7 +868,7 @@ (define-public qtwebchannel
(define-public qtlocation
(package (inherit qtsvg)
(name "qtlocation")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -870,7 +877,7 @@ (define-public qtlocation
version ".tar.xz"))
(sha256
(base32
"1fqssa8rhq83lnxjcdh4ijqck3lmqglpk8yax8x17w49v6gf78a8"))))
"1xia1y1pjill9m880rgmsl2zshcg1nvwkyfdb2lz8g8x9fj0pvp3"))))
(arguments
(substitute-keyword-arguments (package-arguments qtsvg)
((#:tests? _ #f) #f))) ; TODO: Enable the tests
@ -879,12 +886,16 @@ (define-public qtlocation
("qtdeclarative" ,qtdeclarative)
("qtquickcontrols" ,qtquickcontrols)
("qtserialport" ,qtserialport)))
(inputs `(("qtbase" ,qtbase)))))
(inputs
`(("icu4c" ,icu4c)
("openssl" ,openssl)
("qtbase" ,qtbase)
("zlib" ,zlib)))))
(define-public qttools
(package (inherit qtsvg)
(name "qttools")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -893,7 +904,7 @@ (define-public qttools
version ".tar.xz"))
(sha256
(base32
"10wx4vydj91yag30457c7azx4ihrwky42l7zzwkbmdlksdv8xv4m"))))
"1vl5lapnbaam51pfw89pshh6rxqwfrbpj0j8gdhzdngr6n79dzk4"))))
(arguments
(substitute-keyword-arguments (package-arguments qtsvg)
((#:tests? _ #f) #f))) ; TODO: Enable the tests
@ -907,7 +918,7 @@ (define-public qttools
(define-public qtscript
(package (inherit qtsvg)
(name "qtscript")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -916,7 +927,7 @@ (define-public qtscript
version ".tar.xz"))
(sha256
(base32
"1lssbsjf2p2ag02fjq6k6vk7vywhj4jsl286r2fqi78q5lfvjfi9"))
"0r697ap324l8lnbqbhrrqzsl9k4nmk6lcijxlaqn3ksxgfzbcciw"))
(patches (search-patches "qtscript-disable-tests.patch"))))
(native-inputs
`(("perl" ,perl)
@ -927,7 +938,7 @@ (define-public qtscript
(define-public qtquickcontrols
(package (inherit qtsvg)
(name "qtquickcontrols")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -936,7 +947,7 @@ (define-public qtquickcontrols
version ".tar.xz"))
(sha256
(base32
"09mkswxw7wa2l8xz9fbblxr1pbi86hggis55j4k8ifnrrw60vrq4"))))
"1zjl2wp5407y8iabwi30j4jpxh2j4y0ijb5jvvpdq583nbzgyg8p"))))
(arguments
(substitute-keyword-arguments (package-arguments qtsvg)
((#:tests? _ #f) #f))) ; TODO: Enable the tests
@ -947,7 +958,7 @@ (define-public qtquickcontrols
(define-public qtquickcontrols2
(package (inherit qtsvg)
(name "qtquickcontrols2")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -956,7 +967,7 @@ (define-public qtquickcontrols2
version ".tar.xz"))
(sha256
(base32
"06yy98x4vic2yrlpp83gf4kvl7kd93q62k178w0cy4sgqxp8d6dh"))))
"170xgk4jw1b1rpq8838dc5sb0dyv1jap3yfgg5hymrjzrk0nzaq9"))))
(arguments
(substitute-keyword-arguments (package-arguments qtsvg)
((#:tests? _ #f) #f))) ; TODO: Enable the tests
@ -967,7 +978,7 @@ (define-public qtquickcontrols2
(define-public qtgraphicaleffects
(package (inherit qtsvg)
(name "qtgraphicaleffects")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -976,7 +987,7 @@ (define-public qtgraphicaleffects
version ".tar.xz"))
(sha256
(base32
"06frknb7m8bgg55rs7jjm61iziisy2ykzrrc5dy3vj0aad89najz"))))
"1cz4ykwlm1c0hbv4d8y07bwyz87nkz5l9ss3f65vadm8zcabqw55"))))
(arguments
(substitute-keyword-arguments (package-arguments qtsvg)
((#:tests? _ #f) #f))) ; TODO: Enable the tests
@ -1010,7 +1021,7 @@ (define-public qtdeclarative-render2d
(define-public qtgamepad
(package (inherit qtsvg)
(name "qtgamepad")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -1019,7 +1030,7 @@ (define-public qtgamepad
version ".tar.xz"))
(sha256
(base32
"0dwcrq60h802z694h4108figlr3yvp8fpzhwjzbjm503v8yaxw5j"))))
"0lpj2qspidx6s2568m5v40j2zdnrl8zwjdp40zg4y2q6hy2gg597"))))
(native-inputs
`(("perl" ,perl)
("pkg-config" ,pkg-config)))
@ -1034,7 +1045,7 @@ (define-public qtgamepad
(define-public qtscxml
(package (inherit qtsvg)
(name "qtscxml")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -1043,7 +1054,7 @@ (define-public qtscxml
version ".tar.xz"))
(sha256
(base32
"1i4xl24q4i32mbhyndrwaz0xj79d9n84s320gmkf5rwnfcwrvfxn"))
"0f2jnhl30ij6y4wzlvgjsqgpaywq4g0wc4yjw8s888vcfl062nb4"))
(modules '((guix build utils)))
(snippet
'(begin
@ -1058,7 +1069,7 @@ (define-public qtscxml
(define-public qtpurchasing
(package (inherit qtsvg)
(name "qtpurchasing")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -1067,7 +1078,7 @@ (define-public qtpurchasing
version ".tar.xz"))
(sha256
(base32
"0mdkw73yx1csz9mf3wl0w1x1b8cv9j5px4nvakrknkjzaa9qgzdk"))))
"0xcka24qjdydqhf7fhn2i2ycn3zsi4vzqv9s77wzmaksrazwb13q"))))
(inputs
`(("qtbase" ,qtbase)
("qtdeclarative" ,qtdeclarative)))))
@ -1075,7 +1086,7 @@ (define-public qtpurchasing
(define-public qtcanvas3d
(package (inherit qtsvg)
(name "qtcanvas3d")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -1084,7 +1095,7 @@ (define-public qtcanvas3d
version ".tar.xz"))
(sha256
(base32
"18yaikbwk4d7sh09psi3kjn1mxjp4d2f3qchfzgq5x96yn8gfijl"))
"1jrv79rhpqyp4ip5fnf40plqcq9byl1fy8287ghq4jfhpm9bq5yq"))
(modules '((guix build utils)))
(snippet
'(delete-file-recursively "examples/canvas3d/3rdparty"))))
@ -1109,7 +1120,7 @@ (define-public qtcanvas3d
(define-public qtcharts
(package (inherit qtsvg)
(name "qtcharts")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -1118,7 +1129,7 @@ (define-public qtcharts
version ".tar.xz"))
(sha256
(base32
"11m5g1fxip6z2xk1z6g6h4rq7v282qbkxflan8hs87hadnzars03"))))
"17m86csjymvcnprk8m4y6hx1qhlk9811rhqwwkqdymyyswx6xs3l"))))
(arguments
(substitute-keyword-arguments (package-arguments qtsvg)
((#:tests? _ #f) #f))) ; TODO: Enable the tests
@ -1129,7 +1140,7 @@ (define-public qtcharts
(define-public qtdatavis3d
(package (inherit qtsvg)
(name "qtdatavis3d")
(version "5.8.0")
(version "5.9.0")
(source (origin
(method url-fetch)
(uri (string-append "https://download.qt.io/official_releases/qt/"
@ -1138,7 +1149,7 @@ (define-public qtdatavis3d
version ".tar.xz"))
(sha256
(base32
"1n2vdf6n7pr9xrjwbvbar899q74shx6cy19x32adxfn2iilygwbp"))))
"1wvilla48jlw6zv2hc32ra0bs8p13s68sqbgr91bzbn7h7qaysv9"))))
(arguments
(substitute-keyword-arguments (package-arguments qtsvg)
((#:tests? _ #f) #f))) ; TODO: Enable the tests
@ -1441,7 +1452,7 @@ (define-public qwt
(define-public qtwebkit
(package
(name "qtwebkit")
(version "5.8.0")
(version "5.9.0")
(source
(origin
(method url-fetch)
@ -1453,7 +1464,7 @@ (define-public qtwebkit
;; <http://lists.qt-project.org/pipermail/development/2016-May/025923.html>.
(sha256
(base32
"1v0vj6slyh19mjrrpbqdzb47fr0f4xk7bc8803xjzybb11h8dbkr"))))
"012fd8khiasfn8wx5ci310y94ap3y90a011f66cajm80fhxikbcd"))))
(build-system gnu-build-system)
(native-inputs
`(("perl" ,perl)

View file

@ -28,7 +28,7 @@ (define-module (gnu packages regex)
(define-public re2
(package
(name "re2")
(version "2017-05-01")
(version "2017-06-01")
(source (origin
(method url-fetch)
(uri
@ -38,7 +38,7 @@ (define-public re2
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"19glvic4ipd122yhcavf7ifg7ms5k61398vq7gyb90wggf2w0z9k"))))
"0bjhmmcx17mc8gfbf3cc4bwjcyf415mas3026v3c35g5fsaxyq5v"))))
(build-system gnu-build-system)
(arguments
`(#:modules ((guix build gnu-build-system)

View file

@ -7,6 +7,7 @@
;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2017 John Darrington <jmd@gnu.org>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;;
;;; This file is part of GNU Guix.
;;;
@ -780,7 +781,9 @@ (define-public sicp
(let ((gzip (assoc-ref %build-inputs "gzip"))
(source (assoc-ref %build-inputs "source"))
(texinfo (assoc-ref %build-inputs "texinfo"))
(html-dir (string-append %output "/share/doc/" ,name "/html"))
(info-dir (string-append %output "/share/info")))
(copy-recursively (string-append source "/html") html-dir)
(setenv "PATH" (string-append gzip "/bin"
":" texinfo "/bin"))
(mkdir-p info-dir)

View file

@ -1,7 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Mckinley Olsen <mck.olsen@gmail.com>
;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
;;; Copyright © 2016, 2017 Alex Griffin <a@ajgrf.com>
;;; Copyright © 2016 David Craven <david@craven.ch>
;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016, 2017 José Miguel Sánchez García <jmi2k@openmailbox.org>
@ -146,17 +146,14 @@ (define-public termite
(define-public asciinema
(package
(name "asciinema")
(version "1.3.0")
(version "1.4.0")
(source
(origin
(method url-fetch)
(uri (string-append
"https://pypi.python.org/packages/06/96/93947d9be78aebb7985014fdf"
"4d84896dd0f62514d922ee03f5bb55a21fb/asciinema-" version
".tar.gz"))
(uri (pypi-uri "asciinema" version))
(sha256
(base32
"1crdm9zfdbjflvz1gsqvy5zsbgwdfkj34z69kg6h5by70rrs1hdc"))))
"1jrf8c8711gkdilmvyv3d37kp8xfvdc5cqighw5k92a6g9z4acgv"))))
(build-system python-build-system)
(arguments
`(#:phases

View file

@ -478,13 +478,13 @@ (define-public python-acme
(package
(name "python-acme")
;; Remember to update the hash of certbot when updating python-acme.
(version "0.14.1")
(version "0.14.2")
(source (origin
(method url-fetch)
(uri (pypi-uri "acme" version))
(sha256
(base32
"0asmkfkzbswnkrvbj5m01xgy4f6g1fjbj2nir1hhrn3ipcdrsv8f"))))
"1kbgpjabbly7r757vyr1050ixnm9hyvrbf9n6aq49cgmb147ysqn"))))
(build-system python-build-system)
(arguments
`(#:phases
@ -543,7 +543,7 @@ (define-public certbot
(uri (pypi-uri name version))
(sha256
(base32
"0rdby57hw35qdrbl7kigscphnz4kqb608bqzrcb73nb99092i6si"))))
"1b39hybswzm8mkarg1mwpx47wffqg57jcgi52mz5iz60rxym9j2v"))))
(build-system python-build-system)
(arguments
`(#:python ,python-2

93
gnu/packages/tryton.scm Normal file
View file

@ -0,0 +1,93 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017 Adriano Peluso <catonano@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages tryton)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (gnu packages)
#:use-module (gnu packages gtk)
#:use-module (gnu packages python)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system python))
(define-public trytond
(package
(name "trytond")
(version "4.4.1")
(source
(origin
(method url-fetch)
(uri (string-append
"https://downloads.tryton.org/4.4/trytond-"
version ".tar.gz"))
(sha256
(base32
"15gm34qwj5fpnkqvrxzndl8653zbczhsa76dm1gi4cqj1r29bbpr"))))
(build-system python-build-system)
(inputs
`(("python-dateutil" ,python-dateutil)
("python-genshi" ,python-genshi)
("python-polib" ,python-polib)
;; there's no python-mysql in Guix right now
;; so python-psycopg2 (postgresql) only for now
("python-psycopg2" ,python-psycopg2)
("python-relatorio" ,python-relatorio)
("python-lxml" ,python-lxml)
("python-sql" ,python-sql)
("python-werkzeug" ,python-werkzeug)
("python-wrapt" ,python-wrapt)))
(native-inputs
`(("python-mock" ,python-mock)))
(arguments
`(#:phases
(modify-phases %standard-phases
(add-before 'check 'preparations
(lambda _
(setenv "DB_NAME" ":memory:"))))))
(home-page "https://www.tryton.org/")
(synopsis "Server component of Tryton")
(description "Tryton is a three-tier high-level general purpose
application platform using PostgreSQL as its main database engine. It is the
core base of a complete business solution providing modularity, scalability
and security.")
(license license:gpl3+)))
(define-public tryton
(package
(name "tryton")
(version "4.4.0")
(source
(origin
(method url-fetch)
(uri (string-append
"https://downloads.tryton.org/4.4/tryton-"
version ".tar.gz"))
(sha256
(base32
"1lklcz5fs6rkrd7z2m2f5gz4fdwzkgnhg2hyvzp20kdsvi33bq2j"))))
(build-system python-build-system)
(inputs
`(("python2-chardet" ,python2-chardet)
("python2-dateutil" ,python2-dateutil)
("python2-pygtk" ,python2-pygtk)))
(arguments
`(#:python ,python-2))
(home-page "https://www.tryton.org/")
(synopsis "Client component of Tryton")
(description "This package is the client component of Tryton.")
(license license:gpl3+)))

View file

@ -14,6 +14,7 @@
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Vasile Dumitrascu <va511e@yahoo.com>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2017 André <eu@euandre.org>
;;;
;;; This file is part of GNU Guix.
;;;
@ -423,6 +424,49 @@ (define-public git-crypt
to lock down your entire repository.")
(license license:gpl3+)))
(define-public git-remote-gcrypt
(package
(name "git-remote-gcrypt")
(version "1.0.1")
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://git.spwhitton.name/git-remote-gcrypt")
(commit version)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0znrx77vpm4a8l7yiybsxk5vrawijqqfxmp1p2yhaaw8cbgrj7az"))))
(build-system trivial-build-system)
(arguments
`(#:modules ((guix build utils))
#:builder (begin
(use-modules (guix build utils))
(let* ((source (assoc-ref %build-inputs "source"))
(output (assoc-ref %outputs "out"))
(bindir (string-append output "/bin")))
(install-file (string-append source "/git-remote-gcrypt")
bindir)
#t))))
(home-page "https://spwhitton.name/tech/code/git-remote-gcrypt/")
(synopsis "Whole remote repository encryption")
(description "git-remote-gcrypt is a Git remote helper to push and pull from
repositories encrypted with GnuPG. It works with the standard Git transports,
including repository hosting services like GitLab.
Remote helper programs are invoked by Git to handle network transport. This
helper handles @code{gcrypt:} URLs that access a remote repository encrypted
with GPG, using our custom format.
Supported locations are local, @code{rsync://} and @code{sftp://}, where the
repository is stored as a set of files, or instead any Git URL where gcrypt
will store the same representation in a Git repository, bridged over arbitrary
Git transport.
The aim is to provide confidential, authenticated Git storage and
collaboration using typical untrusted file hosts or services.")
(license license:gpl3+)))
(define-public cgit
(package
(name "cgit")

View file

@ -18,6 +18,7 @@
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Chris Marusich <cmmarusich@gmail.com>
;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
;;; Copyright © 2017 Ethan R. Jones <doubleplusgood23@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -58,6 +59,7 @@ (define-module (gnu packages video)
#:use-module (gnu packages cdrom)
#:use-module (gnu packages cmake)
#:use-module (gnu packages compression)
#:use-module (gnu packages cpp)
#:use-module (gnu packages curl)
#:use-module (gnu packages databases)
#:use-module (gnu packages dejagnu)
@ -2052,3 +2054,102 @@ (define-public libmp4v2
applications. It is a very powerful and extensible format that can accommodate
practically any type of media.")
(license license:mpl1.1)))
(define-public libmediainfo
(package
(name "libmediainfo")
(version "0.7.95")
(source (origin
(method url-fetch)
(uri (string-append "https://mediaarea.net/download/source/"
name "/" version"/"
name "_" version ".tar.bz2"))
(sha256
(base32
"1kchh6285b07z5nixv619hc9gml2ysdayicdiv30frrlqiyxqw4b"))))
;; TODO add a Big Buck Bunny webm for tests.
(native-inputs
`(("autoconf" ,autoconf)
("automake" ,automake)
("libtool" ,libtool)
("pkg-config" ,pkg-config)
("zlib" ,zlib)
("tinyxml2" ,tinyxml2)
("curl" ,curl)
("libzen" ,libzen)))
(build-system gnu-build-system)
(arguments
'(#:tests? #f ; see above TODO
#:phases
;; build scripts not in root of archive
(modify-phases %standard-phases
(add-before 'configure 'pre-configure
(lambda _
(chdir "Project/GNU/Library")))
(add-before 'configure 'autogen
(lambda _
(zero? (system* "./autogen.sh")))))))
(home-page "https://mediaarea.net/en/MediaInfo")
(synopsis "Library for retrieving media metadata")
(description "MediaInfo is a library used for retrieving technical
information and other metadata about audio or video files. A non-exhaustive
list of the information MediaInfo can retrieve from media files include:
@itemize
@item General: title, author, director, album, track number, date, duration...
@item Video: codec, aspect, fps, bitrate...
@item Audio: codec, sample rate, channels, language, bitrate...
@item Text: language of subtitle
@item Chapters: number of chapters, list of chapters
@end itemize
MediaInfo supports the following formats:
@itemize
@item Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1,
MPEG-2, MPEG-4, DVD (VOB)...
@item Video Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...)
@item Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF...
@item Subtitles: SRT, SSA, ASS, SAMI...
@end itemize\n")
(license license:bsd-2)))
;; TODO also have a GUI version available
(define-public mediainfo
(package
(name "mediainfo")
(version "0.7.95")
(source (origin
(method url-fetch)
(uri (string-append "https://mediaarea.net/download/source/"
name "/" version "/"
name "_" version ".tar.bz2"))
(sha256
(base32
"0dy51a3i79jppmg1gi4f6h7jx4hcgnkmfim4d7d3gmnlbkjh8anv"))))
(native-inputs
`(("autoconf" ,autoconf)
("automake" ,automake)
("libtool" ,libtool)
("pkg-config" ,pkg-config)
("zlib" ,zlib)
("libmediainfo", libmediainfo)
("libzen" ,libzen)))
(build-system gnu-build-system)
(arguments
'(#:tests? #f ; lacks tests
#:phases
;; build scripts not in root of archive
(modify-phases %standard-phases
(add-before 'configure 'pre-configure
(lambda _
(chdir "Project/GNU/CLI")))
(add-before 'configure 'autogen
(lambda _
(zero? (system* "./autogen.sh")))))))
(home-page "https://mediaarea.net/en/MediaInfo")
(synopsis "Utility for reading media metadata")
(description "MediaInfo is a utility used for retrieving technical
information and other metadata about audio or video files. It supports the
many codecs and formats supported by libmediainfo.")
(license license:bsd-2)))

View file

@ -1,93 +0,0 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Eric Bavier <bavier@member.fsf.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages vtk)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module ((guix licenses) #:select (bsd-3))
#:use-module (guix utils)
#:use-module (guix build-system cmake)
#:use-module (gnu packages)
#:use-module (gnu packages compression)
#:use-module (gnu packages fontutils)
#:use-module (gnu packages gl)
#:use-module (gnu packages image)
#:use-module (gnu packages maths)
#:use-module (gnu packages serialization)
#:use-module (gnu packages xiph)
#:use-module (gnu packages xml)
#:use-module (gnu packages xorg))
(define-public vtk
(package
(name "vtk")
(version "7.1.0")
(source (origin
(method url-fetch)
(uri (string-append "http://www.vtk.org/files/release/"
(version-major+minor version)
"/VTK-" version ".tar.gz"))
(sha256
(base32
"0yj96z58haan77gzilnqp7xpf8hg5jk11a3jx55p2ksd400s0gjz"))))
(build-system cmake-build-system)
(arguments
'(#:build-type "Release" ;Build without '-g' to save space.
;; -DVTK_USE_SYSTEM_NETCDF:BOOL=TRUE requires netcdf_cxx
#:configure-flags '("-DVTK_USE_SYSTEM_EXPAT:BOOL=TRUE"
"-DVTK_USE_SYSTEM_FREETYPE:BOOL=TRUE"
"-DVTK_USE_SYSTEM_HDF5:BOOL=TRUE"
"-DVTK_USE_SYSTEM_JPEG:BOOL=TRUE"
"-DVTK_USE_SYSTEM_JSONCPP:BOOL=TRUE"
"-DVTK_USE_SYSTEM_LIBXML2:BOOL=TRUE"
"-DVTK_USE_SYSTEM_OGGTHEORA:BOOL=TRUE"
"-DVTK_USE_SYSTEM_PNG:BOOL=TRUE"
"-DVTK_USE_SYSTEM_TIFF:BOOL=TRUE"
"-DVTK_USE_SYSTEM_ZLIB:BOOL=TRUE")
#:tests? #f)) ;XXX: no "test" target
(inputs
`(("libXt" ,libxt)
("xproto" ,xproto)
("libX11" ,libx11)
("libxml2" ,libxml2)
("mesa" ,mesa)
("glu" ,glu)
("expat" ,expat)
("freetype" ,freetype)
("hdf5" ,hdf5)
("jpeg" ,libjpeg)
("jsoncpp" ,jsoncpp)
("libogg" ,libogg)
("libtheora" ,libtheora)
("png" ,libpng)
("tiff" ,libtiff)
("zlib" ,zlib)))
(home-page "http://www.vtk.org/")
(synopsis "Libraries for 3D computer graphics")
(description
"The Visualization Toolkit (VTK) is a C++ library for 3D computer graphics,
image processing and visualization. It supports a wide variety of
visualization algorithms including: scalar, vector, tensor, texture, and
volumetric methods; and advanced modeling techniques such as: implicit
modeling, polygon reduction, mesh smoothing, cutting, contouring, and Delaunay
triangulation. VTK has an extensive information visualization framework, has
a suite of 3D interaction widgets, supports parallel processing, and
integrates with various databases on GUI toolkits such as Qt and Tk.")
(license bsd-3)))

View file

@ -9,7 +9,7 @@
;;; Copyright © 2016 Al McElrath <hello@yrns.org>
;;; Copyright © 2016 Carlo Zancanaro <carlo@zancanaro.id.au>
;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
;;; Copyright © 2016, 2017 ng0 <ng0@no-reply.pramatique.xyz>
;;; Copyright © 2016 doncatnip <gnopap@gmail.com>
;;; Copyright © 2016 Ivan Vilata i Balaguer <ivan@selidor.net>
;;; Copyright © 2017 Mekeor Melire <mekeor.melire@gmail.com>
@ -675,3 +675,80 @@ (define-public keybinder
Keybinder works with GTK-based applications using the X Window System.")
(home-page "https://github.com/engla/keybinder")
(license license:gpl2+)))
(define-public spectrwm
(package
(name "spectrwm")
(version "3.0.2")
(source
(origin
(method url-fetch)
(uri (let ((version-with-underscores
(string-join (string-split version #\.) "_")))
(string-append "https://github.com/conformal/spectrwm/archive/"
"SPECTRWM_" version-with-underscores ".tar.gz")))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"065b7j8s0lxw3p58fyf3c1mr5203pdm0kww42v245rlx0f005kl2"))))
(build-system gnu-build-system)
(arguments
`(#:make-flags (let ((pkg-config (lambda (flag)
(string-append
"$(shell pkg-config " flag " "
"xft fontconfig x11 libpng)"))))
(list
"CC=gcc"
(string-append "PREFIX=" %output)
(string-append "INCS=-I. " (pkg-config "--cflags"))
(string-append "LIBS=" (pkg-config "--libs") " -lm")))
#:tests? #f ;No test suite
#:phases
(modify-phases %standard-phases
(add-before 'build 'change-dir
(lambda _
(chdir "linux") #t))
(add-after 'change-dir 'patch-makefile
(lambda _
(substitute* "Makefile"
(("-g") ""))))
(add-after 'change-dir 'fix-freetype-include
(lambda _
(substitute* "Makefile"
(("/usr/include/freetype2")
(string-append (assoc-ref %build-inputs "freetype")
"/include/freetype2")))))
(delete 'configure)))) ;no 'configure' exists
(inputs
`(("freetype" ,freetype)
("fontconfig" ,fontconfig)
("libx11" ,libx11)
("libxcursor" ,libxcursor)
("libxrandr" ,libxrandr)
("libxtst" ,libxtst)
("libxft" ,libxft)
("xcb-util" ,xcb-util)
("xcb-util-wm" ,xcb-util-wm)
("xcb-util-keysyms" ,xcb-util-keysyms)))
(native-inputs
`(("libxt" ,libxt)
("pkg-config" ,pkg-config)))
(synopsis "Minimalistic automatic tiling window manager")
(description
"Spectrwm is a small dynamic tiling and reparenting window manager for X11.
It is inspired by Xmonad and dwm. Its major features include:
@itemize
@item Navigation anywhere on all screens with either the keyboard or mouse
@item Customizable status bar
@item Restartable without losing state
@item Quick launch menu
@item Many screen layouts possible with a few simple key strokes
@item Move/resize floating windows
@item Extended Window Manager Hints (EWMH) support
@item Configureable tiling
@item Adjustable tile gap allows for a true one pixel border
@item Customizable colors and border width
@end itemize\n")
(home-page "https://github.com/conformal/spectrwm")
(license license:isc)))

View file

@ -441,7 +441,7 @@ (define-public scrot
(define-public slop
(package
(name "slop")
(version "6.3.38")
(version "6.3.41")
(source (origin
(method url-fetch)
(uri (string-append
@ -450,7 +450,7 @@ (define-public slop
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"1jh08k7nqx6hr4rmb5damzqhnqiac439i6i51fmzymzw3fqykas8"))))
"1yiv0ak1z7zbmcdw0dwx2gpblrh7l7s3l7y7sgpx071dy8s4rqpb"))))
(build-system cmake-build-system)
(arguments
'(#:tests? #f)) ; no "check" target
@ -472,7 +472,7 @@ (define-public slop
(define-public maim
(package
(name "maim")
(version "5.4.62")
(version "5.4.63")
(source (origin
(method url-fetch)
(uri (string-append
@ -481,7 +481,7 @@ (define-public maim
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"084czvwcicl8apjlv729inxx8rpycra76ignfjmcbaq0hhn6ip6w"))))
"0ncly3mmg9pihda3jfwmvfa4sd3xanrm8hpvfq7lr2rl8rqknx80"))))
(build-system cmake-build-system)
(arguments
'(#:tests? #f)) ; no "check" target
@ -682,6 +682,7 @@ (define-public rxvt-unicode
(method url-fetch)
(uri (string-append "http://dist.schmorp.de/rxvt-unicode/Attic/"
name "-" version ".tar.bz2"))
(patches (search-patches "rxvt-unicode-escape-sequences.patch"))
(sha256
(base32
"1pddjn5ynblwfrdmskylrsxb9vfnk3w4jdnq2l8xn2pspkljhip9"))))
@ -957,6 +958,32 @@ (define-public xscreensaver
"http://metadata.ftp-master.debian.org/changelogs/"
"/main/x/xscreensaver/xscreensaver_5.36-1_copyright")))))
(define-public xsel
(package
(name "xsel")
(version "1.2.0")
(source (origin
(method url-fetch)
(uri (string-append "http://www.vergenet.net/~conrad/software"
"/xsel/download/xsel-" version ".tar.gz"))
(sha256
(base32
"070lbcpw77j143jrbkh0y1v10ppn1jwmjf92800w7x42vh4cw9xr"))))
(build-system gnu-build-system)
(inputs
`(("libxt" ,libxt)))
(home-page "http://www.vergenet.net/~conrad/software/xsel/")
(synopsis "Manipulate X selection")
(description
"XSel is a command-line program for getting and setting the contents of
the X selection. Normally this is only accessible by manually highlighting
information and pasting it with the middle mouse button.
XSel reads from standard input and writes to standard output by default,
but can also follow a growing file, display contents, delete entries and more.")
(license (license:x11-style "file://COPYING"
"See COPYING in the distribution."))))
(define-public xdpyprobe
(package
(name "xdpyprobe")

593
gnu/services/dns.scm Normal file
View file

@ -0,0 +1,593 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu services dns)
#:use-module (gnu services)
#:use-module (gnu services configuration)
#:use-module (gnu services shepherd)
#:use-module (gnu system shadow)
#:use-module (gnu packages admin)
#:use-module (gnu packages dns)
#:use-module (guix packages)
#:use-module (guix records)
#:use-module (guix gexp)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-34)
#:use-module (srfi srfi-35)
#:use-module (ice-9 match)
#:use-module (ice-9 regex)
#:export (knot-service-type
knot-acl-configuration
knot-key-configuration
knot-keystore-configuration
knot-zone-configuration
knot-remote-configuration
knot-policy-configuration
knot-configuration
define-zone-entries
zone-file
zone-entry))
;;;
;;; Knot DNS.
;;;
(define-record-type* <knot-key-configuration>
knot-key-configuration make-knot-key-configuration
knot-key-configuration?
(id knot-key-configuration-id
(default ""))
(algorithm knot-key-configuration-algorithm
(default #f)); one of #f, or an algorithm name
(secret knot-key-configuration-secret
(default "")))
(define-record-type* <knot-acl-configuration>
knot-acl-configuration make-knot-acl-configuration
knot-acl-configuration?
(id knot-acl-configuration-id
(default ""))
(address knot-acl-configuration-address
(default '()))
(key knot-acl-configuration-key
(default '()))
(action knot-acl-configuration-action
(default '()))
(deny? knot-acl-configuration-deny?
(default #f)))
(define-record-type* <zone-entry>
zone-entry make-zone-entry
zone-entry?
(name zone-entry-name
(default "@"))
(ttl zone-entry-ttl
(default ""))
(class zone-entry-class
(default "IN"))
(type zone-entry-type
(default "A"))
(data zone-entry-data
(default "")))
(define-record-type* <zone-file>
zone-file make-zone-file
zone-file?
(entries zone-file-entries
(default '()))
(origin zone-file-origin
(default ""))
(ns zone-file-ns
(default "ns"))
(mail zone-file-mail
(default "hostmaster"))
(serial zone-file-serial
(default 1))
(refresh zone-file-refresh
(default "2d"))
(retry zone-file-retry
(default "15m"))
(expiry zone-file-expiry
(default "2w"))
(nx zone-file-nx
(default "1h")))
(define-record-type* <knot-keystore-configuration>
knot-keystore-configuration make-knot-keystore-configuration
knot-keystore-configuration?
(id knot-keystore-configuration-id
(default ""))
(backend knot-keystore-configuration-backend
(default 'pem))
(config knot-keystore-configuration-config
(default "/var/lib/knot/keys/keys")))
(define-record-type* <knot-policy-configuration>
knot-policy-configuration make-knot-policy-configuration
knot-policy-configuration?
(id knot-policy-configuration-id
(default ""))
(keystore knot-policy-configuration-keystore
(default "default"))
(manual? knot-policy-configuration-manual?
(default #f))
(single-type-signing? knot-policy-configuration-single-type-signing?
(default #f))
(algorithm knot-policy-configuration-algorithm
(default "ecdsap256sha256"))
(ksk-size knot-policy-configuration-ksk-size
(default 256))
(zsk-size knot-policy-configuration-zsk-size
(default 256))
(dnskey-ttl knot-policy-configuration-dnskey-ttl
(default 'default))
(zsk-lifetime knot-policy-configuration-zsk-lifetime
(default "30d"))
(propagation-delay knot-policy-configuration-propagation-delay
(default "1d"))
(rrsig-lifetime knot-policy-configuration-rrsig-lifetime
(default "14d"))
(rrsig-refresh knot-policy-configuration-rrsig-refresh
(default "7d"))
(nsec3? knot-policy-configuration-nsec3?
(default #f))
(nsec3-iterations knot-policy-configuration-nsec3-iterations
(default 5))
(nsec3-salt-length knot-policy-configuration-nsec3-salt-length
(default 8))
(nsec3-salt-lifetime knot-policy-configuration-nsec3-salt-lifetime
(default "30d")))
(define-record-type* <knot-zone-configuration>
knot-zone-configuration make-knot-zone-configuration
knot-zone-configuration?
(domain knot-zone-configuration-domain
(default ""))
(file knot-zone-configuration-file
(default "")) ; the file where this zone is saved.
(zone knot-zone-configuration-zone
(default (zone-file))) ; initial content of the zone file
(master knot-zone-configuration-master
(default '()))
(ddns-master knot-zone-configuration-ddns-master
(default #f))
(notify knot-zone-configuration-notify
(default '()))
(acl knot-zone-configuration-acl
(default '()))
(semantic-checks? knot-zone-configuration-semantic-checks?
(default #f))
(disable-any? knot-zone-configuration-disable-any?
(default #f))
(zonefile-sync knot-zone-configuration-zonefile-sync
(default 0))
(dnssec-policy knot-zone-configuration-dnssec-policy
(default #f))
(serial-policy knot-zone-configuration-serial-policy
(default 'increment)))
(define-record-type* <knot-remote-configuration>
knot-remote-configuration make-knot-remote-configuration
knot-remote-configuration?
(id knot-remote-configuration-id
(default ""))
(address knot-remote-configuration-address
(default '()))
(via knot-remote-configuration-via
(default '()))
(key knot-remote-configuration-key
(default #f)))
(define-record-type* <knot-configuration>
knot-configuration make-knot-configuration
knot-configuration?
(knot knot-configuration-knot
(default knot))
(run-directory knot-configuration-run-directory
(default "/var/run/knot"))
(listen-v4 knot-configuration-listen-v4
(default "0.0.0.0"))
(listen-v6 knot-configuration-listen-v6
(default "::"))
(listen-port knot-configuration-listen-port
(default 53))
(keys knot-configuration-keys
(default '()))
(keystores knot-configuration-keystores
(default '()))
(acls knot-configuration-acls
(default '()))
(remotes knot-configuration-remotes
(default '()))
(policies knot-configuration-policies
(default '()))
(zones knot-configuration-zones
(default '())))
(define-syntax define-zone-entries
(syntax-rules ()
((_ id (name ttl class type data) ...)
(define id (list (make-zone-entry name ttl class type data) ...)))))
(define (error-out msg)
(raise (condition (&message (message msg)))))
(define (verify-knot-key-configuration key)
(unless (knot-key-configuration? key)
(error-out "keys must be a list of only knot-key-configuration."))
(let ((id (knot-key-configuration-id key)))
(unless (and (string? id) (not (equal? id "")))
(error-out "key id must be a non empty string.")))
(unless (memq '(#f hmac-md5 hmac-sha1 hmac-sha224 hmac-sha256 hmac-sha384 hmac-sha512)
(knot-key-configuration-algorithm key))
(error-out "algorithm must be one of: #f, 'hmac-md5, 'hmac-sha1,
'hmac-sha224, 'hmac-sha256, 'hmac-sha384 or 'hmac-sha512")))
(define (verify-knot-keystore-configuration keystore)
(unless (knot-keystore-configuration? keystore)
(error-out "keystores must be a list of only knot-keystore-configuration."))
(let ((id (knot-keystore-configuration-id keystore)))
(unless (and (string? id) (not (equal? id "")))
(error-out "keystore id must be a non empty string.")))
(unless (memq '(pem pkcs11)
(knot-keystore-configuration-backend keystore))
(error-out "backend must be one of: 'pem or 'pkcs11")))
(define (verify-knot-policy-configuration policy)
(unless (knot-keystore-configuration? policy)
(error-out "policies must be a list of only knot-policy-configuration."))
(let ((id (knot-policy-configuration-id policy)))
(unless (and (string? id) (not (equal? id "")))
(error-out "policy id must be a non empty string."))))
(define (verify-knot-acl-configuration acl)
(unless (knot-acl-configuration? acl)
(error-out "acls must be a list of only knot-acl-configuration."))
(let ((id (knot-acl-configuration-id acl))
(address (knot-acl-configuration-address acl))
(key (knot-acl-configuration-key acl))
(action (knot-acl-configuration-action acl)))
(unless (and (string? id) (not (equal? id "")))
(error-out "acl id must be a non empty string."))
(unless (and (list? address)
(fold (lambda (x1 x2) (and (string? x1) (string? x2))) "" address))
(error-out "acl address must be a list of strings.")))
(unless (boolean? (knot-acl-configuration-deny? acl))
(error-out "deny? must be #t or #f.")))
(define (verify-knot-zone-configuration zone)
(unless (knot-zone-configuration? zone)
(error-out "zones must be a list of only knot-zone-configuration."))
(let ((domain (knot-zone-configuration-domain zone)))
(unless (and (string? domain) (not (equal? domain "")))
(error-out "zone domain must be a non empty string."))))
(define (verify-knot-remote-configuration remote)
(unless (knot-remote-configuration? remote)
(error-out "remotes must be a list of only knot-remote-configuration."))
(let ((id (knot-remote-configuration-id remote)))
(unless (and (string? id) (not (equal? id "")))
(error-out "remote id must be a non empty string."))))
(define (verify-knot-configuration config)
(unless (package? (knot-configuration-knot config))
(error-out "knot configuration field must be a package."))
(unless (string? (knot-configuration-run-directory config))
(error-out "run-directory must be a string."))
(unless (list? (knot-configuration-keys config))
(error-out "keys must be a list of knot-key-configuration."))
(for-each (lambda (key) (verify-knot-key-configuration key))
(knot-configuration-keys config))
(unless (list? (knot-configuration-keystores config))
(error-out "keystores must be a list of knot-keystore-configuration."))
(for-each (lambda (keystore) (verify-knot-keystore-configuration keystore))
(knot-configuration-keystores config))
(unless (list? (knot-configuration-acls config))
(error-out "acls must be a list of knot-acl-configuration."))
(for-each (lambda (acl) (verify-knot-acl-configuration acl))
(knot-configuration-acls config))
(unless (list? (knot-configuration-zones config))
(error-out "zones must be a list of knot-zone-configuration."))
(for-each (lambda (zone) (verify-knot-zone-configuration zone))
(knot-configuration-zones config))
(unless (list? (knot-configuration-policies config))
(error-out "policies must be a list of knot-policy-configuration."))
(for-each (lambda (policy) (verify-knot-policy-configuration policy))
(knot-configuration-policies config))
(unless (list? (knot-configuration-remotes config))
(error-out "remotes must be a list of knot-remote-configuration."))
(for-each (lambda (remote) (verify-knot-remote-configuration remote))
(knot-configuration-remotes config))
#t)
(define (format-string-list l)
"Formats a list of string in YAML"
(if (eq? l '())
""
(let ((l (reverse l)))
(string-append
"["
(fold (lambda (x1 x2)
(string-append (if (symbol? x1) (symbol->string x1) x1) ", "
(if (symbol? x2) (symbol->string x2) x2)))
(car l) (cdr l))
"]"))))
(define (knot-acl-config acls)
(with-output-to-string
(lambda ()
(for-each
(lambda (acl-config)
(let ((id (knot-acl-configuration-id acl-config))
(address (knot-acl-configuration-address acl-config))
(key (knot-acl-configuration-key acl-config))
(action (knot-acl-configuration-action acl-config))
(deny? (knot-acl-configuration-deny? acl-config)))
(format #t " - id: ~a\n" id)
(unless (eq? address '())
(format #t " address: ~a\n" (format-string-list address)))
(unless (eq? key '())
(format #t " key: ~a\n" (format-string-list key)))
(unless (eq? action '())
(format #t " action: ~a\n" (format-string-list action)))
(format #t " deny: ~a\n" (if deny? "on" "off"))))
acls))))
(define (knot-key-config keys)
(with-output-to-string
(lambda ()
(for-each
(lambda (key-config)
(let ((id (knot-key-configuration-id key-config))
(algorithm (knot-key-configuration-algorithm key-config))
(secret (knot-key-configuration-secret key-config)))
(format #t " - id: ~a\n" id)
(if algorithm
(format #t " algorithm: ~a\n" (symbol->string algorithm)))
(format #t " secret: ~a\n" secret)))
keys))))
(define (knot-keystore-config keystores)
(with-output-to-string
(lambda ()
(for-each
(lambda (keystore-config)
(let ((id (knot-keystore-configuration-id keystore-config))
(backend (knot-keystore-configuration-backend keystore-config))
(config (knot-keystore-configuration-config keystore-config)))
(format #t " - id: ~a\n" id)
(format #t " backend: ~a\n" (symbol->string backend))
(format #t " config: \"~a\"\n" config)))
keystores))))
(define (knot-policy-config policies)
(with-output-to-string
(lambda ()
(for-each
(lambda (policy-config)
(let ((id (knot-policy-configuration-id policy-config))
(keystore (knot-policy-configuration-keystore policy-config))
(manual? (knot-policy-configuration-manual? policy-config))
(single-type-signing? (knot-policy-configuration-single-type-signing?
policy-config))
(algorithm (knot-policy-configuration-algorithm policy-config))
(ksk-size (knot-policy-configuration-ksk-size policy-config))
(zsk-size (knot-policy-configuration-zsk-size policy-config))
(dnskey-ttl (knot-policy-configuration-dnskey-ttl policy-config))
(zsk-lifetime (knot-policy-configuration-zsk-lifetime policy-config))
(propagation-delay (knot-policy-configuration-propagation-delay
policy-config))
(rrsig-lifetime (knot-policy-configuration-rrsig-lifetime
policy-config))
(nsec3? (knot-policy-configuration-nsec3? policy-config))
(nsec3-iterations (knot-policy-configuration-nsec3-iterations
policy-config))
(nsec3-salt-length (knot-policy-configuration-nsec3-salt-length
policy-config))
(nsec3-salt-lifetime (knot-policy-configuration-nsec3-salt-lifetime
policy-config)))
(format #t " - id: ~a\n" id)
(format #t " keystore: ~a\n" keystore)
(format #t " manual: ~a\n" (if manual? "on" "off"))
(format #t " single-type-signing: ~a\n" (if single-type-signing?
"on" "off"))
(format #t " algorithm: ~a\n" algorithm)
(format #t " ksk-size: ~a\n" (number->string ksk-size))
(format #t " zsk-size: ~a\n" (number->string zsk-size))
(unless (eq? dnskey-ttl 'default)
(format #t " dnskey-ttl: ~a\n" dnskey-ttl))
(format #t " zsk-lifetime: ~a\n" zsk-lifetime)
(format #t " propagation-delay: ~a\n" propagation-delay)
(format #t " rrsig-lifetime: ~a\n" rrsig-lifetime)
(format #t " nsec3: ~a\n" (if nsec3? "on" "off"))
(format #t " nsec3-iterations: ~a\n"
(number->string nsec3-iterations))
(format #t " nsec3-salt-length: ~a\n"
(number->string nsec3-salt-length))
(format #t " nsec3-salt-lifetime: ~a\n" nsec3-salt-lifetime)))
policies))))
(define (knot-remote-config remotes)
(with-output-to-string
(lambda ()
(for-each
(lambda (remote-config)
(let ((id (knot-remote-configuration-id remote-config))
(address (knot-remote-configuration-address remote-config))
(via (knot-remote-configuration-via remote-config))
(key (knot-remote-configuration-key remote-config)))
(format #t " - id: ~a\n" id)
(unless (eq? address '())
(format #t " address: ~a\n" (format-string-list address)))
(unless (eq? via '())
(format #t " via: ~a\n" (format-string-list via)))
(if key
(format #t " key: ~a\n" key))))
remotes))))
(define (serialize-zone-entries entries)
(with-output-to-string
(lambda ()
(for-each
(lambda (entry)
(let ((name (zone-entry-name entry))
(ttl (zone-entry-ttl entry))
(class (zone-entry-class entry))
(type (zone-entry-type entry))
(data (zone-entry-data entry)))
(format #t "~a ~a ~a ~a ~a\n" name ttl class type data)))
entries))))
(define (serialize-zone-file zone domain)
(computed-file (string-append domain ".zone")
#~(begin
(call-with-output-file #$output
(lambda (port)
(format port "$ORIGIN ~a.\n"
#$(zone-file-origin zone))
(format port "@ IN SOA ~a ~a (~a ~a ~a ~a ~a)\n"
#$(zone-file-ns zone)
#$(zone-file-mail zone)
#$(zone-file-serial zone)
#$(zone-file-refresh zone)
#$(zone-file-retry zone)
#$(zone-file-expiry zone)
#$(zone-file-nx zone))
(format port "~a\n"
#$(serialize-zone-entries (zone-file-entries zone))))))))
(define (knot-zone-config zone)
(let ((content (knot-zone-configuration-zone zone)))
#~(with-output-to-string
(lambda ()
(let ((domain #$(knot-zone-configuration-domain zone))
(file #$(knot-zone-configuration-file zone))
(master (list #$@(knot-zone-configuration-master zone)))
(ddns-master #$(knot-zone-configuration-ddns-master zone))
(notify (list #$@(knot-zone-configuration-notify zone)))
(acl (list #$@(knot-zone-configuration-acl zone)))
(semantic-checks? #$(knot-zone-configuration-semantic-checks? zone))
(disable-any? #$(knot-zone-configuration-disable-any? zone))
(dnssec-policy #$(knot-zone-configuration-dnssec-policy zone))
(serial-policy '#$(knot-zone-configuration-serial-policy zone)))
(format #t " - domain: ~a\n" domain)
(if (eq? master '())
;; This server is a master
(if (equal? file "")
(format #t " file: ~a\n"
#$(serialize-zone-file content
(knot-zone-configuration-domain zone)))
(format #t " file: ~a\n" file))
;; This server is a slave (has masters)
(begin
(format #t " master: ~a\n"
#$(format-string-list
(knot-zone-configuration-master zone)))
(if ddns-master (format #t " ddns-master ~a\n" ddns-master))))
(unless (eq? notify '())
(format #t " notify: ~a\n"
#$(format-string-list
(knot-zone-configuration-notify zone))))
(unless (eq? acl '())
(format #t " acl: ~a\n"
#$(format-string-list
(knot-zone-configuration-acl zone))))
(format #t " semantic-checks: ~a\n" (if semantic-checks? "on" "off"))
(format #t " disable-any: ~a\n" (if disable-any? "on" "off"))
(if dnssec-policy
(begin
(format #t " dnssec-signing: on\n")
(format #t " dnssec-policy: ~a\n" dnssec-policy)))
(format #t " serial-policy: ~a\n"
(symbol->string serial-policy)))))))
(define (knot-config-file config)
(verify-knot-configuration config)
(computed-file "knot.conf"
#~(begin
(call-with-output-file #$output
(lambda (port)
(format port "server:\n")
(format port " rundir: ~a\n" #$(knot-configuration-run-directory config))
(format port " user: knot\n")
(format port " listen: ~a@~a\n"
#$(knot-configuration-listen-v4 config)
#$(knot-configuration-listen-port config))
(format port " listen: ~a@~a\n"
#$(knot-configuration-listen-v6 config)
#$(knot-configuration-listen-port config))
(format port "\nkey:\n")
(format port #$(knot-key-config (knot-configuration-keys config)))
(format port "\nkeystore:\n")
(format port #$(knot-keystore-config (knot-configuration-keystores config)))
(format port "\nacl:\n")
(format port #$(knot-acl-config (knot-configuration-acls config)))
(format port "\nremote:\n")
(format port #$(knot-remote-config (knot-configuration-remotes config)))
(format port "\npolicy:\n")
(format port #$(knot-policy-config (knot-configuration-policies config)))
(unless #$(eq? (knot-configuration-zones config) '())
(format port "\nzone:\n")
(format port "~a\n"
(string-concatenate
(list #$@(map knot-zone-config
(knot-configuration-zones config)))))))))))
(define %knot-accounts
(list (user-group (name "knot") (system? #t))
(user-account
(name "knot")
(group "knot")
(system? #t)
(comment "knot dns server user")
(home-directory "/var/empty")
(shell (file-append shadow "/sbin/nologin")))))
(define (knot-activation config)
#~(begin
(use-modules (guix build utils))
(define (mkdir-p/perms directory owner perms)
(mkdir-p directory)
(chown directory (passwd:uid owner) (passwd:gid owner))
(chmod directory perms))
(mkdir-p/perms #$(knot-configuration-run-directory config)
(getpwnam "knot") #o755)
(mkdir-p/perms "/var/lib/knot" (getpwnam "knot") #o755)
(mkdir-p/perms "/var/lib/knot/keys" (getpwnam "knot") #o755)
(mkdir-p/perms "/var/lib/knot/keys/keys" (getpwnam "knot") #o755)))
(define (knot-shepherd-service config)
(let* ((config-file (knot-config-file config))
(knot (knot-configuration-knot config)))
(list (shepherd-service
(documentation "Run the Knot DNS daemon.")
(provision '(knot dns))
(requirement '(networking))
(start #~(make-forkexec-constructor
(list (string-append #$knot "/sbin/knotd")
"-c" #$config-file)))
(stop #~(make-kill-destructor))))))
(define knot-service-type
(service-type (name 'knot)
(extensions
(list (service-extension shepherd-root-service-type
knot-shepherd-service)
(service-extension activation-service-type
knot-activation)
(service-extension account-service-type
(const %knot-accounts))))))

View file

@ -199,6 +199,15 @@ (define (user-owned? file)
',users+homes))
marionette)))
(test-equal "permissions on /root"
#o700
(let ((root-home #$(any (lambda (account)
(and (zero? (user-account-uid account))
(user-account-home-directory
account)))
(operating-system-user-accounts os))))
(stat:perms (marionette-eval `(stat ,root-home) marionette))))
(test-equal "no extra home directories"
'()

130
guix/build-system/font.scm Normal file
View file

@ -0,0 +1,130 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017 Arun Isaac <arunisaac@systemreboot.net>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (guix build-system font)
#:use-module (guix utils)
#:use-module (guix packages)
#:use-module (guix derivations)
#:use-module (guix search-paths)
#:use-module (guix build-system)
#:use-module (guix build-system gnu)
#:use-module (ice-9 match)
#:export (%font-build-system-modules
font-build
font-build-system))
;; Commentary:
;;
;; Standard build procedure for fonts. This is implemented as an extension of
;; 'gnu-build-system'.
;;
;; Code:
(define %font-build-system-modules
;; Build-side modules imported by default.
`((guix build font-build-system)
,@%gnu-build-system-modules))
(define* (lower name
#:key source inputs native-inputs outputs system target
#:allow-other-keys
#:rest arguments)
"Return a bag for NAME."
(define private-keywords
'(#:target #:inputs #:native-inputs))
(bag
(name name)
(system system)
(host-inputs `(,@(if source
`(("source" ,source))
'())
,@inputs
,(list "tar" (module-ref (resolve-interface '(gnu packages base)) 'tar))
,(list "unzip" (module-ref (resolve-interface '(gnu packages zip)) 'unzip))
,@(let ((compression (resolve-interface '(gnu packages compression))))
(map (match-lambda
((name package)
(list name (module-ref compression package))))
`(("gzip" gzip)
("bzip2" bzip2)
("xz" xz))))))
(build-inputs native-inputs)
(outputs outputs)
(build font-build)
(arguments (strip-keyword-arguments private-keywords arguments))))
(define* (font-build store name inputs
#:key source
(tests? #t)
(test-target "test")
(configure-flags ''())
(phases '(@ (guix build font-build-system)
%standard-phases))
(outputs '("out"))
(search-paths '())
(system (%current-system))
(guile #f)
(imported-modules %font-build-system-modules)
(modules '((guix build font-build-system)
(guix build utils))))
"Build SOURCE with INPUTS."
(define builder
`(begin
(use-modules ,@modules)
(font-build #:name ,name
#:source ,(match (assoc-ref inputs "source")
(((? derivation? source))
(derivation->output-path source))
((source)
source)
(source
source))
#:configure-flags ,configure-flags
#:system ,system
#:test-target ,test-target
#:tests? ,tests?
#:phases ,phases
#:outputs %outputs
#:search-paths ',(map search-path-specification->sexp
search-paths)
#:inputs %build-inputs)))
(define guile-for-build
(match guile
((? package?)
(package-derivation store guile system #:graft? #f))
(#f ; the default
(let* ((distro (resolve-interface '(gnu packages commencement)))
(guile (module-ref distro 'guile-final)))
(package-derivation store guile system #:graft? #f)))))
(build-expression->derivation store name builder
#:inputs inputs
#:system system
#:modules imported-modules
#:outputs outputs
#:guile-for-build guile-for-build))
(define font-build-system
(build-system
(name 'font)
(description "The build system for font packages")
(lower lower)))
;;; font.scm ends here

View file

@ -296,6 +296,13 @@ (define %x509-certificate-directory
(make-parameter (or (getenv "GUIX_TLS_CERTIFICATE_DIRECTORY")
(getenv "SSL_CERT_DIR")))) ;like OpenSSL
(define (set-certificate-credentials-x509-trust-file!* cred file format)
"Like 'set-certificate-credentials-x509-trust-file!', but without the file
name decoding bug described at
<https://debbugs.gnu.org/cgi/bugreport.cgi?bug=26948#17>."
(let ((data (call-with-input-file file get-bytevector-all)))
(set-certificate-credentials-x509-trust-data! cred data format)))
(define (make-credendials-with-ca-trust-files directory)
"Return certificate credentials with X.509 authority certificates read from
DIRECTORY. Those authority certificates are checked when
@ -309,7 +316,7 @@ (define (make-credendials-with-ca-trust-files directory)
(let ((file (string-append directory "/" file)))
;; Protect against dangling symlinks.
(when (file-exists? file)
(set-certificate-credentials-x509-trust-file!
(set-certificate-credentials-x509-trust-file!*
cred file
x509-certificate-format/pem))))
(or files '()))

View file

@ -0,0 +1,72 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2017 Alex Griffin <a@ajgrf.com>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (guix build font-build-system)
#:use-module ((guix build gnu-build-system) #:prefix gnu:)
#:use-module (guix build utils)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:export (%standard-phases
font-build))
;; Commentary:
;;
;; Builder-side code of the build procedure for font packages.
;;
;; Code:
(define gnu:unpack (assoc-ref gnu:%standard-phases 'unpack))
(define* (unpack #:key source #:allow-other-keys)
"Unpack SOURCE into the build directory. SOURCE may be a compressed
archive, or a font file."
(if (any (cut string-suffix? <> source)
(list ".ttf" ".otf"))
(begin
(mkdir "source")
(chdir "source")
(copy-file source (strip-store-file-name source))
#t)
(gnu:unpack #:source source)))
(define* (install #:key outputs #:allow-other-keys)
"Install the package contents."
(let* ((out (assoc-ref outputs "out"))
(source (getcwd))
(fonts (string-append out "/share/fonts")))
(for-each (cut install-file <> (string-append fonts "/truetype"))
(find-files source "\\.(ttf|ttc)$"))
(for-each (cut install-file <> (string-append fonts "/opentype"))
(find-files source "\\.(otf|otc)$"))
#t))
(define %standard-phases
(modify-phases gnu:%standard-phases
(replace 'unpack unpack)
(delete 'configure)
(delete 'check)
(delete 'build)
(replace 'install install)))
(define* (font-build #:key inputs (phases %standard-phases)
#:allow-other-keys #:rest args)
"Build the given font package, applying all of PHASES in order."
(apply gnu:gnu-build #:inputs inputs #:phases phases args))
;;; font-build-system.scm ends here

View file

@ -62,6 +62,7 @@ (define-module (guix build syscalls)
file-system-fragment-size
file-system-mount-flags
statfs
free-disk-space
processes
mkdtemp!
@ -69,6 +70,9 @@ (define-module (guix build syscalls)
pivot-root
fcntl-flock
set-thread-name
thread-name
CLONE_CHILD_CLEARTID
CLONE_CHILD_SETTID
CLONE_NEWNS
@ -694,6 +698,12 @@ (define statfs
(list file (strerror err))
(list err)))))))
(define (free-disk-space file)
"Return the free disk space, in bytes, on the file system that hosts FILE."
(let ((fs (statfs file)))
(* (file-system-block-size fs)
(file-system-blocks-available fs))))
;;;
;;; Containers.
@ -882,6 +892,52 @@ (define bv
;; Presumably we got EAGAIN or so.
(throw 'flock-error err))))))
;;;
;;; Miscellaneous, aka. 'prctl'.
;;;
(define %prctl
;; Should it win the API contest against 'ioctl'? You tell us!
(syscall->procedure int "prctl"
(list int unsigned-long unsigned-long
unsigned-long unsigned-long)))
(define PR_SET_NAME 15) ;<linux/prctl.h>
(define PR_GET_NAME 16)
(define %max-thread-name-length
;; Maximum length in bytes of the process name, including the terminating
;; zero.
16)
(define (set-thread-name name)
"Set the name of the calling thread to NAME. NAME is truncated to 15
bytes."
(let ((ptr (string->pointer name)))
(let-values (((ret err)
(%prctl PR_SET_NAME
(pointer-address ptr) 0 0 0)))
(unless (zero? ret)
(throw 'set-process-name "set-process-name"
"set-process-name: ~A"
(list (strerror err))
(list err))))))
(define (thread-name)
"Return the name of the calling thread as a string."
(let ((buf (make-bytevector %max-thread-name-length)))
(let-values (((ret err)
(%prctl PR_GET_NAME
(pointer-address (bytevector->pointer buf))
0 0 0)))
(if (zero? ret)
(bytes->string (bytevector->u8-list buf))
(throw 'process-name "process-name"
"process-name: ~A"
(list (strerror err))
(list err))))))
;;;
;;; Network interfaces.

View file

@ -271,13 +271,14 @@ (define (derivation-output-paths drv sub-drvs)
(define* (substitution-oracle store drv
#:key (mode (build-mode normal)))
"Return a one-argument procedure that, when passed a store file name,
returns #t if it's substitutable and #f otherwise. The returned procedure
returns a 'substitutable?' if it's substitutable and #f otherwise.
The returned procedure
knows about all substitutes for all the derivations listed in DRV, *except*
those that are already valid (that is, it won't bother checking whether an
item is substitutable if it's already on disk); it also knows about their
prerequisites, unless they are themselves substitutable.
Creating a single oracle (thus making a single 'substitutable-paths' call) and
Creating a single oracle (thus making a single 'substitutable-path-info' call) and
reusing it is much more efficient than calling 'has-substitutes?' or similar
repeatedly, because it avoids the costs associated with launching the
substituter many times."
@ -318,21 +319,28 @@ (define (dependencies drv)
(cons* self (dependencies drv) result)))))
'()
drv))))
(subst (list->set (substitutable-paths store paths))))
(cut set-contains? subst <>)))
(subst (fold (lambda (subst vhash)
(vhash-cons (substitutable-path subst) subst
vhash))
vlist-null
(substitutable-path-info store paths))))
(lambda (item)
(match (vhash-assoc item subst)
(#f #f)
((key . value) value)))))
(define* (derivation-prerequisites-to-build store drv
#:key
(mode (build-mode normal))
(outputs
(derivation-output-names drv))
(substitutable?
(substitutable-info
(substitution-oracle store
(list drv)
#:mode mode)))
"Return two values: the list of derivation-inputs required to build the
OUTPUTS of DRV and not already available in STORE, recursively, and the list
of required store paths that can be substituted. SUBSTITUTABLE? must be a
of required store paths that can be substituted. SUBSTITUTABLE-INFO must be a
one-argument procedure similar to that returned by 'substitution-oracle'."
(define built?
(cut valid-path? store <>))
@ -343,7 +351,7 @@ (define input-built?
(define input-substitutable?
;; Return true if and only if all of SUB-DRVS are subsitutable. If at
;; least one is missing, then everything must be rebuilt.
(compose (cut every substitutable? <>) derivation-input-output-paths))
(compose (cut every substitutable-info <>) derivation-input-output-paths))
(define (derivation-built? drv* sub-drvs)
;; In 'check' mode, assume that DRV is not built.
@ -351,20 +359,24 @@ (define (derivation-built? drv* sub-drvs)
(eq? drv* drv)))
(every built? (derivation-output-paths drv* sub-drvs))))
(define (derivation-substitutable? drv sub-drvs)
(define (derivation-substitutable-info drv sub-drvs)
(and (substitutable-derivation? drv)
(every substitutable? (derivation-output-paths drv sub-drvs))))
(let ((info (filter-map substitutable-info
(derivation-output-paths drv sub-drvs))))
(and (= (length info) (length sub-drvs))
info))))
(let loop ((drv drv)
(sub-drvs outputs)
(build '())
(substitute '()))
(build '()) ;list of <derivation-input>
(substitute '())) ;list of <substitutable>
(cond ((derivation-built? drv sub-drvs)
(values build substitute))
((derivation-substitutable? drv sub-drvs)
((derivation-substitutable-info drv sub-drvs)
=>
(lambda (substitutables)
(values build
(append (derivation-output-paths drv sub-drvs)
substitute)))
(append substitutables substitute))))
(else
(let ((build (if (substitutable-derivation? drv)
build
@ -381,8 +393,9 @@ (define (derivation-substitutable? drv sub-drvs)
(append (append-map (lambda (input)
(if (and (not (input-built? input))
(input-substitutable? input))
(map substitutable-info
(derivation-input-output-paths
input)
input))
'()))
(derivation-inputs drv))
substitute)

View file

@ -146,7 +146,8 @@ (define (parent-directory? thing directory)
(line
(loop (cons line lines))))))
(inodes (map (lambda (file)
(let ((stat (lstat file)))
(let ((stat (lstat
(string-append directory "/" file))))
(cons (stat:dev stat) (stat:ino stat))))
files))
(status (close-pipe pipe)))

View file

@ -11,6 +11,7 @@
;;; Copyright © 2016, 2017 ng0 <ng0@libertad.pw>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2017 Petter <petter@mykolab.ch>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -37,7 +38,8 @@ (define-module (guix licenses)
non-copyleft
bsd-style ;deprecated!
cc0
cc-by2.0 cc-by3.0 cc-by-sa2.0 cc-by-sa3.0 cc-by-sa4.0
cc-by2.0 cc-by3.0 cc-by4.0
cc-by-sa2.0 cc-by-sa3.0 cc-by-sa4.0
cddl1.0
cecill cecill-b cecill-c
artistic2.0 clarified-artistic
@ -181,6 +183,11 @@ (define cc-by-sa2.0
"http://creativecommons.org/licenses/by-sa/2.0/"
"Creative Commons Attribution-ShareAlike 2.0 Generic"))
(define cc-by4.0
(license "CC-BY 4.0"
"http://creativecommons.org/licenses/by/4.0/"
"Creative Commons Attribution 4.0 Unported"))
(define cc-by3.0
(license "CC-BY 3.0"
"http://creativecommons.org/licenses/by/3.0/"

View file

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2012, 2013, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@ -20,7 +20,7 @@ (define-module (guix scripts gc)
#:use-module (guix ui)
#:use-module (guix scripts)
#:use-module (guix store)
#:autoload (guix build syscalls) (statfs)
#:autoload (guix build syscalls) (free-disk-space)
#:use-module (ice-9 match)
#:use-module (ice-9 regex)
#:use-module (srfi srfi-1)
@ -184,9 +184,7 @@ (define (store-directory file)
(define (ensure-free-space store space)
;; Attempt to have at least SPACE bytes available in STORE.
(let* ((fs (statfs (%store-prefix)))
(free (* (file-system-block-size fs)
(file-system-blocks-available fs))))
(let ((free (free-disk-space (%store-prefix))))
(if (> free space)
(info (G_ "already ~h bytes available on ~a, nothing to do~%")
free (%store-prefix))

View file

@ -34,7 +34,8 @@ (define-module (guix scripts offload)
#:select (nar-error? nar-error-file))
#:use-module (guix nar)
#:use-module (guix utils)
#:use-module ((guix build syscalls) #:select (fcntl-flock))
#:use-module ((guix build syscalls)
#:select (fcntl-flock set-thread-name))
#:use-module ((guix build utils) #:select (which mkdir-p))
#:use-module (guix ui)
#:use-module (srfi srfi-1)
@ -641,6 +642,7 @@ (define not-coma
(let ((max-silent-time (string->number max-silent-time))
(build-timeout (string->number build-timeout))
(print-build-trace? (string=? print-build-trace? "1")))
(set-thread-name "guix offload")
(parameterize ((%current-system system))
(let loop ((line (read-line)))
(unless (eof-object? line)

View file

@ -58,6 +58,7 @@ (define-module (guix scripts publish)
#:select (with-atomic-file-output compressed-file?))
#:use-module ((guix build utils)
#:select (dump-port mkdir-p find-files))
#:use-module ((guix build syscalls) #:select (set-thread-name))
#:export (%public-key
%private-key
@ -649,6 +650,7 @@ (define (http-write server client response body)
;; thread so that the main thread can keep working in the meantime.
(call-with-new-thread
(lambda ()
(set-thread-name "publish nar")
(let* ((response (write-response (sans-content-length response)
client))
(port (begin
@ -670,6 +672,7 @@ (define (http-write server client response body)
;; Send a raw file in a separate thread.
(call-with-new-thread
(lambda ()
(set-thread-name "publish file")
(catch 'system-error
(lambda ()
(call-with-input-file (utf8->string body)
@ -858,10 +861,16 @@ (define (guix-publish . args)
(sockaddr:port address))
(when repl-port
(repl:spawn-server (repl:make-tcp-server-socket #:port repl-port)))
;; Set the name of the main thread.
(set-thread-name "guix publish")
(with-store store
(run-publish-server socket store
#:cache cache
#:pool (and cache (make-pool workers))
#:pool (and cache (make-pool workers
#:thread-name
"publish worker"))
#:nar-path nar-path
#:compression compression
#:narinfo-ttl ttl))))))

View file

@ -39,6 +39,8 @@ (define-module (guix scripts substitute)
. guix:open-connection-for-uri)
close-connection
store-path-abbreviation byte-count->string))
#:use-module ((guix build syscalls)
#:select (set-thread-name))
#:use-module (ice-9 rdelim)
#:use-module (ice-9 regex)
#:use-module (ice-9 match)
@ -872,15 +874,7 @@ (define* (process-substitution store-item destination
(format #t "~a~%" (narinfo-hash narinfo))
(format (current-error-port)
;; TRANSLATORS: The second part of this message looks like
;; "(4.1MiB installed)"; it shows the size of the package once
;; installed.
(G_ "Downloading ~a~:[~*~; (~a installed)~]...~%")
(uri->string uri)
;; Use the Nar size as an estimate of the installed size.
(narinfo-size narinfo)
(and=> (narinfo-size narinfo)
(cute byte-count->string <>)))
(G_ "Downloading ~a...~%") (uri->string uri))
(let*-values (((raw download-size)
;; Note that Hydra currently generates Nars on the fly
;; and doesn't specify a Content-Length, so
@ -1015,6 +1009,8 @@ (define (guix-substitute . args)
(#f #f)
(locale (false-if-exception (setlocale LC_ALL locale))))
(set-thread-name "guix substitute")
(with-networking
(with-error-handling ; for signature errors
(match args

View file

@ -38,7 +38,8 @@ (define-module (guix ui)
#:use-module (guix serialization)
#:use-module ((guix build utils) #:select (mkdir-p))
#:use-module ((guix licenses) #:select (license? license-name))
#:use-module ((guix build syscalls) #:select (terminal-columns))
#:use-module ((guix build syscalls)
#:select (free-disk-space terminal-columns))
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-11)
#:use-module (srfi srfi-19)
@ -581,6 +582,17 @@ (define (show-derivation-outputs derivation)
(derivation->output-path derivation out-name)))
(derivation-outputs derivation))))
(define (check-available-space need)
"Make sure at least NEED bytes are available in the store. Otherwise emit a
warning."
(let ((free (catch 'system-error
(lambda ()
(free-disk-space (%store-prefix)))
(const #f))))
(when (and free (>= need free))
(warning (G_ "at least ~,1h MB needed but only ~,1h MB available in ~a~%")
(/ need 1e6) (/ free 1e6) (%store-prefix)))))
(define* (show-what-to-build store drv
#:key dry-run? (use-substitutes? #t)
(mode (build-mode normal)))
@ -588,7 +600,7 @@ (define* (show-what-to-build store drv
derivations listed in DRV using MODE, a 'build-mode' value. Return #t if
there's something to build, #f otherwise. When USE-SUBSTITUTES?, check and
report what is prerequisites are available for download."
(define substitutable?
(define substitutable-info
;; Call 'substitutation-oracle' upfront so we don't end up launching the
;; substituter many times. This makes a big difference, especially when
;; DRV is a long list as is the case with 'guix environment'.
@ -600,7 +612,7 @@ (define (built-or-substitutable? drv)
(or (null? (derivation-outputs drv))
(let ((out (derivation->output-path drv))) ;XXX: assume "out" exists
(or (valid-path? store out)
(substitutable? out)))))
(substitutable-info out)))))
(let*-values (((build download)
(fold2 (lambda (drv build download)
@ -608,7 +620,8 @@ (define (built-or-substitutable? drv)
(derivation-prerequisites-to-build
store drv
#:mode mode
#:substitutable? substitutable?)))
#:substitutable-info
substitutable-info)))
(values (append b build)
(append d download))))
'() '()
@ -622,13 +635,26 @@ (define (built-or-substitutable? drv)
(if use-substitutes?
(delete-duplicates
(append download
(remove (cut valid-path? store <>)
(filter-map (lambda (item)
(if (valid-path? store item)
#f
(substitutable-info item)))
(append-map
substitutable-references
(substitutable-path-info store
download)))))
download))))
download)))
;; TODO: Show the installed size of DOWNLOAD.
(define installed-size
(reduce + 0 (map substitutable-nar-size download)))
(define download-size
(/ (reduce + 0 (map substitutable-download-size download))
1e6))
(define display-download-size?
;; Sometimes narinfos lack information about the download size. Only
;; display when we have information for all of DOWNLOAD.
(not (any (compose zero? substitutable-download-size) download)))
(if dry-run?
(begin
(format (current-error-port)
@ -636,22 +662,43 @@ (define (built-or-substitutable? drv)
"~:[The following derivations would be built:~%~{ ~a~%~}~;~]"
(length build))
(null? build) build)
(if display-download-size?
(format (current-error-port)
;; TRANSLATORS: "MB" is for "megabyte"; it should be
;; translated to the corresponding abbreviation.
(G_ "~:[~,1h MB would be downloaded:~%~{ ~a~%~}~;~]")
(null? download)
download-size
(map substitutable-path download))
(format (current-error-port)
(N_ "~:[The following file would be downloaded:~%~{ ~a~%~}~;~]"
"~:[The following files would be downloaded:~%~{ ~a~%~}~;~]"
(length download))
(null? download) download))
(null? download)
(map substitutable-path download))))
(begin
(format (current-error-port)
(N_ "~:[The following derivation will be built:~%~{ ~a~%~}~;~]"
"~:[The following derivations will be built:~%~{ ~a~%~}~;~]"
(length build))
(null? build) build)
(if display-download-size?
(format (current-error-port)
;; TRANSLATORS: "MB" is for "megabyte"; it should be
;; translated to the corresponding abbreviation.
(G_ "~:[~,1h MB will be downloaded:~%~{ ~a~%~}~;~]")
(null? download)
download-size
(map substitutable-path download))
(format (current-error-port)
(N_ "~:[The following file will be downloaded:~%~{ ~a~%~}~;~]"
"~:[The following files will be downloaded:~%~{ ~a~%~}~;~]"
(length download))
(null? download) download)))
(null? download)
(map substitutable-path download)))))
(check-available-space installed-size)
(pair? build)))
(define show-what-to-build*

View file

@ -23,6 +23,7 @@ (define-module (guix workers)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-9)
#:use-module (srfi srfi-26)
#:use-module ((guix build syscalls) #:select (set-thread-name))
#:export (pool?
make-pool
pool-enqueue!
@ -60,7 +61,8 @@ (define-syntax-rule (without-mutex mutex exp ...)
(lambda ()
(lock-mutex mutex))))
(define (worker-thunk mutex condvar pop-queue)
(define* (worker-thunk mutex condvar pop-queue
#:key (thread-name "guix worker"))
"Return the thunk executed by worker threads."
(define (loop)
(match (pop-queue)
@ -80,11 +82,18 @@ (define (loop)
(loop))
(lambda ()
(catch 'system-error
(lambda ()
(set-thread-name thread-name))
(const #f))
(with-mutex mutex
(loop))))
(define* (make-pool #:optional (count (current-processor-count)))
"Return a pool of COUNT workers."
(define* (make-pool #:optional (count (current-processor-count))
#:key (thread-name "guix worker"))
"Return a pool of COUNT workers. Use THREAD-NAME as the name of these
threads as reported by the operating system."
(let* ((mutex (make-mutex))
(condvar (make-condition-variable))
(queue (make-q))
@ -93,7 +102,8 @@ (define* (make-pool #:optional (count (current-processor-count)))
(worker-thunk mutex condvar
(lambda ()
(and (not (q-empty? queue))
(q-pop! queue)))))
(q-pop! queue)))
#:thread-name thread-name))
1+
0))
(threads (map (lambda (proc)

View file

@ -2449,8 +2449,11 @@ void DerivationGoal::registerOutputs()
Hash h2 = recursive ? hashPath(ht, actualPath).first : hashFile(ht, actualPath);
if (h != h2)
throw BuildError(
format("output path `%1%' should have %2% hash `%3%', instead has `%4%'")
% path % i->second.hashAlgo % printHash16or32(h) % printHash16or32(h2));
format("%1% hash mismatch for output path `%2%'\n"
" expected: %3%\n"
" actual: %4%")
% i->second.hashAlgo % path
% printHash16or32(h) % printHash16or32(h2));
}
/* Get rid of all weird permissions. This also checks that
@ -3096,7 +3099,9 @@ void SubstitutionGoal::finished()
Hash expectedHash = parseHash16or32(hashType, string(expectedHashStr, n + 1));
Hash actualHash = hashType == htSHA256 ? hash.first : hashPath(hashType, destPath).first;
if (expectedHash != actualHash)
throw SubstError(format("hash mismatch in downloaded path `%1%': expected %2%, got %3%")
throw SubstError(format("hash mismatch in downloaded path `%1%'\n"
" expected: %2%\n"
" actual: %3%")
% storePath % printHash(expectedHash) % printHash(actualHash));
}

View file

@ -194,11 +194,12 @@ (define (namespaces pid)
%namespaces 1
(lambda ()
(sleep 100))))
(expected (namespaces pid))
(result (container-excursion* pid
(lambda ()
(namespaces 1)))))
(kill pid SIGKILL)
(equal? result (namespaces pid))))))
(equal? result expected)))))
(skip-if-unsupported)
(test-equal "container-excursion*, same namespaces"

View file

@ -831,10 +831,10 @@ (define %coreutils
(derivation-prerequisites-to-build store drv))
((build* download*)
(derivation-prerequisites-to-build store drv
#:substitutable?
#:substitutable-info
(const #f))))
(and (null? build)
(equal? download (list output))
(equal? (map substitutable-path download) (list output))
(null? download*)
(null? build*))))))
@ -879,7 +879,7 @@ (define %coreutils
;; See <http://bugs.gnu.org/18747>.
(and (null? build)
(match download
(((? string? item))
(((= substitutable-path item))
(string=? item (derivation->output-path drv))))))))))
(test-assert "derivation-prerequisites-to-build in 'check' mode"
@ -919,7 +919,7 @@ (define (record-substitutable-path-query store paths)
(set! query paths)
'())
(mock ((guix store) substitutable-paths
(mock ((guix store) substitutable-path-info
record-substitutable-path-query)
(let ((pred (substitution-oracle store (list drv))))

View file

@ -49,7 +49,7 @@ profile="t-profile-$$"
profile_alt="t-profile-alt-$$"
rm -f "$profile"
trap 'rm -f "$profile" "$profile_alt" "$profile-"[0-9]* ; rm -rf t-home-'"$$" EXIT
trap 'rm -f "$profile" "$profile_alt" "$profile-"[0-9]* "$profile_alt-"[0-9]* ; rm -rf t-home-'"$$" EXIT
guix package --bootstrap -p "$profile" -i guile-bootstrap

View file

@ -266,6 +266,14 @@ (define perform-container-tests?
(close-port file)
result)))))))))
(test-equal "set-thread-name"
"Syscall Test"
(let ((name (thread-name)))
(set-thread-name "Syscall Test")
(let ((new-name (thread-name)))
(set-thread-name name)
new-name)))
(test-assert "all-network-interface-names"
(match (all-network-interface-names)
(((? string? names) ..1)