commit 08dd527cc7bfeed76e2ed991e445ad615843a119

+11

pkgs/applications/networking/browsers/w3m/RAND_egd.libressl.patch

···

··· 1 + --- a/url.c 2014-07-14 12:31:30.476563116 +0200 2 + +++ b/url.c 2014-07-14 12:32:16.364918248 +0200 3 + @@ -268,7 +268,7 @@ init_PRNG() 4 + if (RAND_status()) 5 + return; 6 + if ((file = RAND_file_name(buffer, sizeof(buffer)))) { 7 + -#ifdef USE_EGD 8 + +#if defined(USE_EGD) && defined(HAVE_SSL_RAND_EGD) 9 + if (RAND_egd(file) > 0) 10 + return; 11 + #endif

+50 -10

pkgs/applications/networking/browsers/w3m/default.nix

··· 1 - { stdenv, fetchurl 2 , ncurses, boehmgc, gettext, zlib 3 , sslSupport ? true, openssl ? null 4 , graphicsSupport ? true, imlib2 ? null 5 , x11Support ? graphicsSupport, libX11 ? null 6 , mouseSupport ? !stdenv.isDarwin, gpm-ncurses ? null 7 }: 8 9 assert sslSupport -> openssl != null; ··· 21 sha256 = "1qx9f0kprf92r1wxl3sacykla0g04qsi0idypzz24b7xy9ix5579"; 22 }; 23 24 - NIX_LDFLAGS = stdenv.lib.optionalString stdenv.isSunOS "-lsocket -lnsl"; 25 26 - patches = [ ./glibc214.patch ] 27 - # Patch for the newer unstable boehm-gc 7.2alpha. Not all platforms use that 28 - # alpha. At the time of writing this, boehm-gc-7.1 is the last stable. 29 - ++ optional (boehmgc.name != "boehm-gc-7.1") [ ./newgc.patch ] 30 - ++ optional stdenv.isCygwin ./cygwin.patch 31 - # for frame buffer only version 32 - ++ optional (graphicsSupport && !x11Support) [ ./no-x11.patch ]; 33 34 buildInputs = [ncurses boehmgc gettext zlib] 35 ++ optional sslSupport openssl ··· 37 ++ optional graphicsSupport imlib2 38 ++ optional x11Support libX11; 39 40 configureFlags = "--with-ssl=${openssl} --with-gc=${boehmgc}" 41 + optionalString graphicsSupport " --enable-image=${optionalString x11Support "x11,"}fb"; 42 ··· 48 enableParallelBuilding = false; 49 50 # for w3mimgdisplay 51 LIBS = optionalString x11Support "-lX11"; 52 53 meta = { 54 homepage = http://w3m.sourceforge.net/; 55 description = "A text-mode web browser"; 56 - maintainers = [ maintainers.mornfall ]; 57 }; 58 }

··· 1 + { stdenv, fetchurl, fetchpatch 2 , ncurses, boehmgc, gettext, zlib 3 , sslSupport ? true, openssl ? null 4 , graphicsSupport ? true, imlib2 ? null 5 , x11Support ? graphicsSupport, libX11 ? null 6 , mouseSupport ? !stdenv.isDarwin, gpm-ncurses ? null 7 + , perl, man 8 }: 9 10 assert sslSupport -> openssl != null; ··· 22 sha256 = "1qx9f0kprf92r1wxl3sacykla0g04qsi0idypzz24b7xy9ix5579"; 23 }; 24 25 + NIX_LDFLAGS = optionalString stdenv.isSunOS "-lsocket -lnsl"; 26 27 + # we must set these so that the generated files (e.g. w3mhelp.cgi) contain 28 + # the correct paths. 29 + PERL = "${perl}/bin/perl"; 30 + MAN = "${man}/bin/man"; 31 + 32 + # the Arch patches were pulled from: 33 + # https://aur.archlinux.org/cgit/aur.git/?h=w3m-mouse 34 + patches = [ 35 + ./RAND_egd.libressl.patch 36 + (fetchpatch { 37 + name = "file_handle.patch"; 38 + url = "https://aur.archlinux.org/cgit/aur.git/plain/file_handle.patch?h=w3m-mouse&id=5b5f0fbb59f674575e87dd368fed834641c35f03"; 39 + sha256 = "0kkqm68ig9d658kf1iwa1dwcf651f6dy2j98gplcks1mn3bdlak4"; 40 + }) 41 + (fetchpatch { 42 + name = "form_unknown.patch"; 43 + url = "https://aur.archlinux.org/cgit/aur.git/plain/form_unknown.patch?h=w3m-mouse&id=5b5f0fbb59f674575e87dd368fed834641c35f03"; 44 + sha256 = "1mbfclid3bihb1xv7sxcahprn3slzd6ga8rjzlq4rbq80bl053fw"; 45 + }) 46 + (fetchpatch { 47 + name = "gc72.patch"; 48 + url = "https://aur.archlinux.org/cgit/aur.git/plain/gc72.patch?h=w3m-mouse&id=5b5f0fbb59f674575e87dd368fed834641c35f03"; 49 + sha256 = "1n6anaw17by0s6rn25bwkgj2mck7ffspizpwbijvx1ynk451459a"; 50 + }) 51 + (fetchpatch { 52 + name = "https.patch"; 53 + url = "https://aur.archlinux.org/cgit/aur.git/plain/https.patch?h=w3m-mouse&id=5b5f0fbb59f674575e87dd368fed834641c35f03"; 54 + sha256 = "08skvaha1hjyapsh8zw5dgfy433mw2hk7qy9yy9avn8rjqj7kjxk"; 55 + }) 56 + (fetchpatch { 57 + name = "perl.patch"; 58 + url = "https://aur.archlinux.org/cgit/aur.git/plain/perl.patch?h=w3m-mouse&id=5b5f0fbb59f674575e87dd368fed834641c35f03"; 59 + sha256 = "15cq7cwh0d2v64i8by44rgxw48156sgh872921hxrqdakr95p3gy"; 60 + }) 61 + (fetchpatch { 62 + name = "w3m_rgba.patch"; 63 + url = "https://aur.archlinux.org/cgit/aur.git/plain/w3m_rgba.patch?h=w3m-mouse&id=5b5f0fbb59f674575e87dd368fed834641c35f03"; 64 + sha256 = "1dhp1p6z621ayyl9zip9w35x2cxyhhj72jv5dvf0zp4rk6cjm781"; 65 + }) 66 + ] ++ optional (graphicsSupport && !x11Support) [ ./no-x11.patch ] 67 + ++ optional stdenv.isCygwin ./cygwin.patch; 68 69 buildInputs = [ncurses boehmgc gettext zlib] 70 ++ optional sslSupport openssl ··· 72 ++ optional graphicsSupport imlib2 73 ++ optional x11Support libX11; 74 75 + postInstall = optionalString graphicsSupport '' 76 + ln -s $out/libexec/w3m/w3mimgdisplay $out/bin 77 + ''; 78 + 79 configureFlags = "--with-ssl=${openssl} --with-gc=${boehmgc}" 80 + optionalString graphicsSupport " --enable-image=${optionalString x11Support "x11,"}fb"; 81 ··· 87 enableParallelBuilding = false; 88 89 # for w3mimgdisplay 90 + # see: https://bbs.archlinux.org/viewtopic.php?id=196093 91 LIBS = optionalString x11Support "-lX11"; 92 93 meta = { 94 homepage = http://w3m.sourceforge.net/; 95 description = "A text-mode web browser"; 96 + maintainers = [ maintainers.mornfall maintainers.cstrahan ]; 97 }; 98 }

-60

pkgs/applications/networking/browsers/w3m/glibc214.patch

··· 1 - http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/www-client/w3m/files/w3m-0.5.3-glibc214.patch?revision=1.1 2 - 3 - --- a/istream.c.~1.27.~ 2011-01-04 18:22:22.000000000 +0900 4 - +++ b/istream.c 2011-06-24 08:15:23.522990618 +0900 5 - @@ -22,8 +22,8 @@ 6 - static void basic_close(int *handle); 7 - static int basic_read(int *handle, char *buf, int len); 8 - 9 - -static void file_close(struct file_handle *handle); 10 - -static int file_read(struct file_handle *handle, char *buf, int len); 11 - +static void file_close(struct afile_handle *handle); 12 - +static int file_read(struct afile_handle *handle, char *buf, int len); 13 - 14 - static int str_read(Str handle, char *buf, int len); 15 - 16 - @@ -114,7 +114,7 @@ 17 - stream = New(union input_stream); 18 - init_base_stream(&stream->base, STREAM_BUF_SIZE); 19 - stream->file.type = IST_FILE; 20 - - stream->file.handle = New(struct file_handle); 21 - + stream->file.handle = New(struct afile_handle); 22 - stream->file.handle->f = f; 23 - if (closep) 24 - stream->file.handle->close = closep; 25 - @@ -658,13 +658,13 @@ 26 - } 27 - 28 - static void 29 - -file_close(struct file_handle *handle) 30 - +file_close(struct afile_handle *handle) 31 - { 32 - handle->close(handle->f); 33 - } 34 - 35 - static int 36 - -file_read(struct file_handle *handle, char *buf, int len) 37 - +file_read(struct afile_handle *handle, char *buf, int len) 38 - { 39 - return fread(buf, 1, len, handle->f); 40 - } 41 - --- a/istream.h.~1.12.~ 2003-10-21 01:41:56.000000000 +0900 42 - +++ b/istream.h 2011-06-24 08:15:54.392991144 +0900 43 - @@ -20,7 +20,7 @@ 44 - 45 - typedef struct stream_buffer *StreamBuffer; 46 - 47 - -struct file_handle { 48 - +struct afile_handle { 49 - FILE *f; 50 - void (*close) (); 51 - }; 52 - @@ -53,7 +53,7 @@ 53 - 54 - struct file_stream { 55 - struct stream_buffer stream; 56 - - struct file_handle *handle; 57 - + struct afile_handle *handle; 58 - char type; 59 - char iseos; 60 - int (*read) ();

···

-15

pkgs/applications/networking/browsers/w3m/newgc.patch

··· 1 - https://bugzilla.redhat.com/show_bug.cgi?id=555467 2 - 3 - --- a/main.c.old 2007-05-31 06:49:50.000000000 +0530 4 - +++ b/main.c 2010-02-16 16:16:24.000000000 +0530 5 - @@ -842,7 +842,9 @@ 6 - mySignal(SIGPIPE, SigPipe); 7 - #endif 8 - 9 - - orig_GC_warn_proc = GC_set_warn_proc(wrap_GC_warn_proc); 10 - + orig_GC_warn_proc = GC_get_warn_proc(); 11 - + GC_set_warn_proc(wrap_GC_warn_proc); 12 - + 13 - err_msg = Strnew(); 14 - if (load_argc == 0) { 15 - /* no URL specified */

···

+5 -4

pkgs/development/interpreters/perl/5.20/default.nix

··· 21 with stdenv.lib; 22 23 stdenv.mkDerivation rec { 24 - name = "perl-5.20.2"; 25 26 src = fetchurl { 27 url = "mirror://cpan/authors/id/S/SH/SHAY/${name}.tar.gz"; 28 - sha256 = "17cvplgpxbm1hshxlkra2fldn4da1iap1lsnb04hdm8ply93k95i"; 29 }; 30 31 outputs = [ "out" "man" ]; ··· 33 patches = 34 [ # Do not look in /usr etc. for dependencies. 35 ./no-sys-dirs.patch 36 - # Remove in 5.20.3 37 - ./perl-5.20.2-gcc5_fixes-1.patch 38 ] 39 ++ optional stdenv.isSunOS ./ld-shared.patch 40 ++ stdenv.lib.optional stdenv.isDarwin [ ./cpp-precomp.patch ./no-libutil.patch ] ; ··· 84 ''} 85 '' + optionalString stdenv.isDarwin '' 86 substituteInPlace hints/darwin.sh --replace "env MACOSX_DEPLOYMENT_TARGET=10.3" "" 87 ''; 88 89 preBuild = optionalString (!(stdenv ? cc && stdenv.cc.nativeTools))

··· 21 with stdenv.lib; 22 23 stdenv.mkDerivation rec { 24 + name = "perl-5.20.3"; 25 26 src = fetchurl { 27 url = "mirror://cpan/authors/id/S/SH/SHAY/${name}.tar.gz"; 28 + sha256 = "0jlvpd5l5nk7lzfd4akdg1sw6vinbkj6izclyyr0lrbidfky691m"; 29 }; 30 31 outputs = [ "out" "man" ]; ··· 33 patches = 34 [ # Do not look in /usr etc. for dependencies. 35 ./no-sys-dirs.patch 36 ] 37 ++ optional stdenv.isSunOS ./ld-shared.patch 38 ++ stdenv.lib.optional stdenv.isDarwin [ ./cpp-precomp.patch ./no-libutil.patch ] ; ··· 82 ''} 83 '' + optionalString stdenv.isDarwin '' 84 substituteInPlace hints/darwin.sh --replace "env MACOSX_DEPLOYMENT_TARGET=10.3" "" 85 + '' + optionalString (!enableThreading) '' 86 + # We need to do this because the bootstrap doesn't have a static libpthread 87 + sed -i 's,$libswanted.*$pthread,\1,g' Configure 88 ''; 89 90 preBuild = optionalString (!(stdenv ? cc && stdenv.cc.nativeTools))

-127

pkgs/development/interpreters/perl/5.20/perl-5.20.2-gcc5_fixes-1.patch

··· 1 - Submitted By: Ken Moffat <ken at linuxfromscratch dot org> 2 - Date: 2015-04-17 3 - Initial Package Version: 5.20.2 4 - Upstream Status: Committed 5 - Origin: Petr Pisař and Tony Cook 6 - Description: Fixes Errno.pm and h2ph with gcc-5. 7 - 8 - 1. cherry-picked because the change to $version will not apply, from 9 - commit 816b056ffb99ae54642320e20dc30a59fd1effef 10 - Author: Petr Písař <ppisar@redhat.com> 11 - Date: Wed Feb 11 15:46:37 2015 +0100 12 - 13 - Fix Errno.pm generation for gcc-5.0 14 - 15 - gcc-5.0 -E interleaves now line numbers with expended macros, so that 16 - the generated errno.c will be preprocessed to 17 - 18 - EBFONT => [[ 19 - 59 20 - ]] 21 - 22 - which is hard to parse in in line-based reader. 23 - 24 - So use -P option with gcc >= 5.0. Global -P usage would break makedepend, 25 - global -ftrack-macro-expansion=0 would break lib/h2ph.t. 26 - 27 - RT#123784 28 - 29 - diff --git a/ext/Errno/Errno_pm.PL b/ext/Errno/Errno_pm.PL 30 - index 3dadfce..c6bfa06 100644 31 - --- a/ext/Errno/Errno_pm.PL 32 - +++ b/ext/Errno/Errno_pm.PL 33 - @@ -215,20 +215,31 @@ sub write_errno_pm { 34 - { # BeOS (support now removed) did not enter this block 35 - # invoke CPP and read the output 36 - 37 - + my $inhibit_linemarkers = ''; 38 - + if ($Config{gccversion} =~ /\A(\d+)\./ and $1 >= 5) { 39 - + # GCC 5.0 interleaves expanded macros with line numbers breaking 40 - + # each line into multiple lines. RT#123784 41 - + $inhibit_linemarkers = ' -P'; 42 - + } 43 - + 44 - if ($^O eq 'VMS') { 45 - - my $cpp = "$Config{cppstdin} $Config{cppflags} $Config{cppminus}"; 46 - + my $cpp = "$Config{cppstdin} $Config{cppflags}" . 47 - + $inhibit_linemarkers . " $Config{cppminus}"; 48 - $cpp =~ s/sys\$input//i; 49 - open(CPPO,"$cpp errno.c |") or 50 - die "Cannot exec $Config{cppstdin}"; 51 - } elsif ($IsMSWin32 || $^O eq 'NetWare') { 52 - - open(CPPO,"$Config{cpprun} $Config{cppflags} errno.c |") or 53 - - die "Cannot run '$Config{cpprun} $Config{cppflags} errno.c'"; 54 - + my $cpp = "$Config{cpprun} $Config{cppflags}" . 55 - + $inhibit_linemarkers; 56 - + open(CPPO,"$cpp errno.c |") or 57 - + die "Cannot run '$cpp errno.c'"; 58 - } elsif ($IsSymbian) { 59 - - my $cpp = "gcc -E -I$ENV{SDK}\\epoc32\\include\\libc -"; 60 - + my $cpp = "gcc -E -I$ENV{SDK}\\epoc32\\include\\libc" . 61 - + $inhibit_linemarkers ." -"; 62 - open(CPPO,"$cpp < errno.c |") 63 - or die "Cannot exec $cpp"; 64 - } else { 65 - - my $cpp = default_cpp(); 66 - + my $cpp = default_cpp() . $inhibit_linemarkers; 67 - open(CPPO,"$cpp < errno.c |") 68 - or die "Cannot exec $cpp"; 69 - } 70 - 71 - commit 3bea78d24634e630b610f59957e7a019205a67b2 72 - Author: Tony Cook <tony@develop-help.com> 73 - Date: Mon Feb 16 15:57:00 2015 +1100 74 - 75 - h2ph: correct handling of hex constants for the preamble 76 - 77 - Previously they were treated as identifiers resulting in code 78 - generated like C< &0xFFF >. 79 - 80 - We also try to prevent compile-time warnings from large hex integers, 81 - the user isn't responsible for the generated code, so we delay those 82 - warnings to run-time. 83 - 84 - diff --git a/utils/h2ph.PL b/utils/h2ph.PL 85 - index 9a8b14d..d082f22 100644 86 - --- a/utils/h2ph.PL 87 - +++ b/utils/h2ph.PL 88 - @@ -769,7 +769,7 @@ sub inc_dirs 89 - sub build_preamble_if_necessary 90 - { 91 - # Increment $VERSION every time this function is modified: 92 - - my $VERSION = 3; 93 - + my $VERSION = 4; 94 - my $preamble = "$Dest_dir/_h2ph_pre.ph"; 95 - 96 - # Can we skip building the preamble file? 97 - @@ -788,6 +788,11 @@ sub build_preamble_if_necessary 98 - 99 - open PREAMBLE, ">$preamble" or die "Cannot open $preamble: $!"; 100 - print PREAMBLE "# This file was created by h2ph version $VERSION\n"; 101 - + # Prevent non-portable hex constants from warning. 102 - + # 103 - + # We still produce an overflow warning if we can't represent 104 - + # a hex constant as an integer. 105 - + print PREAMBLE "no warnings qw(portable);\n"; 106 - 107 - foreach (sort keys %define) { 108 - if ($opt_D) { 109 - @@ -814,6 +819,18 @@ DEFINE 110 - # integer: 111 - print PREAMBLE 112 - "unless (defined &$_) { sub $_() { $1 } }\n\n"; 113 - + } elsif ($define{$_} =~ /^([+-]?0x[\da-f]+)U?L{0,2}$/i) { 114 - + # hex integer 115 - + # Special cased, since perl warns on hex integers 116 - + # that can't be represented in a UV. 117 - + # 118 - + # This way we get the warning at time of use, so the user 119 - + # only gets the warning if they happen to use this 120 - + # platform-specific definition. 121 - + my $code = $1; 122 - + $code = "hex('$code')" if length $code > 10; 123 - + print PREAMBLE 124 - + "unless (defined &$_) { sub $_() { $code } }\n\n"; 125 - } elsif ($define{$_} =~ /^\w+$/) { 126 - my $def = $define{$_}; 127 - if ($isatype{$def}) {

···

+33 -12

pkgs/development/interpreters/ruby/patchsets.nix

··· 1 { patchSet, useRailsExpress, ops, patchLevel }: 2 3 - let self = rec { 4 "1.9.3" = [ 5 ./ruby19-parallel-install.patch 6 ./bitperfect-rdoc.patch 7 ] ++ ops useRailsExpress [ ··· 25 "${patchSet}/patches/ruby/1.9.3/p${patchLevel}/railsexpress/18-fix-missing-c-return-event.patch" 26 "${patchSet}/patches/ruby/1.9.3/p${patchLevel}/railsexpress/19-fix-process-daemon-call.patch" 27 ]; 28 - "2.0.0" = ops useRailsExpress [ 29 "${patchSet}/patches/ruby/2.0.0/p${patchLevel}/railsexpress/01-zero-broken-tests.patch" 30 "${patchSet}/patches/ruby/2.0.0/p${patchLevel}/railsexpress/02-railsexpress-gc.patch" 31 "${patchSet}/patches/ruby/2.0.0/p${patchLevel}/railsexpress/03-display-more-detailed-stack-trace.patch" 32 "${patchSet}/patches/ruby/2.0.0/p${patchLevel}/railsexpress/04-show-full-backtrace-on-stack-overflow.patch" 33 ]; 34 - "2.1.0" = ops useRailsExpress [ 35 "${patchSet}/patches/ruby/2.1.0/railsexpress/01-current-2.1.1-fixes.patch" 36 "${patchSet}/patches/ruby/2.1.0/railsexpress/02-zero-broken-tests.patch" 37 "${patchSet}/patches/ruby/2.1.0/railsexpress/03-improve-gc-stats.patch" ··· 45 "${patchSet}/patches/ruby/2.1.0/railsexpress/11-funny-falcon-method-cache.patch" 46 "${patchSet}/patches/ruby/2.1.0/railsexpress/12-backport-r44370.patch" 47 ]; 48 - "2.1.1" = ops useRailsExpress [ 49 "${patchSet}/patches/ruby/2.1.0/railsexpress/01-zero-broken-tests.patch" 50 "${patchSet}/patches/ruby/2.1.0/railsexpress/02-improve-gc-stats.patch" 51 "${patchSet}/patches/ruby/2.1.0/railsexpress/03-display-more-detailed-stack-trace.patch" ··· 58 "${patchSet}/patches/ruby/2.1.0/railsexpress/11-funny-falcon-method-cache.patch" 59 "${patchSet}/patches/ruby/2.1.0/railsexpress/12-backport-r44370.patch" 60 ]; 61 - "2.1.2" = ops useRailsExpress [ 62 "${patchSet}/patches/ruby/2.1.2/railsexpress/01-zero-broken-tests.patch" 63 "${patchSet}/patches/ruby/2.1.2/railsexpress/02-improve-gc-stats.patch" 64 "${patchSet}/patches/ruby/2.1.2/railsexpress/03-display-more-detailed-stack-trace.patch" ··· 70 "${patchSet}/patches/ruby/2.1.2/railsexpress/09-aman-opt-aset-aref-str.patch" 71 "${patchSet}/patches/ruby/2.1.2/railsexpress/10-funny-falcon-method-cache.patch" 72 ]; 73 - "2.1.3" = ops useRailsExpress [ 74 "${patchSet}/patches/ruby/2.1.3/railsexpress/01-zero-broken-tests.patch" 75 "${patchSet}/patches/ruby/2.1.3/railsexpress/02-improve-gc-stats.patch" 76 "${patchSet}/patches/ruby/2.1.3/railsexpress/03-display-more-detailed-stack-trace.patch" ··· 80 "${patchSet}/patches/ruby/2.1.3/railsexpress/07-aman-opt-aset-aref-str.patch" 81 "${patchSet}/patches/ruby/2.1.3/railsexpress/08-funny-falcon-method-cache.patch" 82 ]; 83 - "2.1.6" = ops useRailsExpress [ 84 "${patchSet}/patches/ruby/2.1.6/railsexpress/01-zero-broken-tests.patch" 85 "${patchSet}/patches/ruby/2.1.6/railsexpress/02-improve-gc-stats.patch" 86 "${patchSet}/patches/ruby/2.1.6/railsexpress/03-display-more-detailed-stack-trace.patch" ··· 91 "${patchSet}/patches/ruby/2.1.6/railsexpress/08-funny-falcon-method-cache.patch" 92 "${patchSet}/patches/ruby/2.1.6/railsexpress/09-heap-dump-support.patch" 93 ]; 94 - "2.1.7" = ops useRailsExpress [ 95 "${patchSet}/patches/ruby/2.1.7/railsexpress/01-zero-broken-tests.patch" 96 "${patchSet}/patches/ruby/2.1.7/railsexpress/02-improve-gc-stats.patch" 97 "${patchSet}/patches/ruby/2.1.7/railsexpress/03-display-more-detailed-stack-trace.patch" ··· 102 "${patchSet}/patches/ruby/2.1.7/railsexpress/08-funny-falcon-method-cache.patch" 103 "${patchSet}/patches/ruby/2.1.7/railsexpress/09-heap-dump-support.patch" 104 ]; 105 - "2.2.0" = ops useRailsExpress [ 106 "${patchSet}/patches/ruby/2.2.0/railsexpress/01-zero-broken-tests.patch" 107 "${patchSet}/patches/ruby/2.2.0/railsexpress/02-improve-gc-stats.patch" 108 "${patchSet}/patches/ruby/2.2.0/railsexpress/03-display-more-detailed-stack-trace.patch" 109 "${patchSet}/patches/ruby/2.2.0/railsexpress/04-backport-401c8bb.patch" 110 "${patchSet}/patches/ruby/2.2.0/railsexpress/05-fix-packed-bitfield-compat-warning-for-older-gccs.patch" 111 ]; 112 - "2.2.2" = ops useRailsExpress [ 113 "${patchSet}/patches/ruby/2.2.2/railsexpress/01-zero-broken-tests.patch" 114 "${patchSet}/patches/ruby/2.2.2/railsexpress/02-improve-gc-stats.patch" 115 "${patchSet}/patches/ruby/2.2.2/railsexpress/03-display-more-detailed-stack-trace.patch" 116 "${patchSet}/patches/ruby/2.2.2/railsexpress/04-backported-bugfixes-222.patch" 117 ]; 118 - "2.2.3" = ops useRailsExpress [ 119 "${patchSet}/patches/ruby/2.2.3/railsexpress/01-zero-broken-tests.patch" 120 "${patchSet}/patches/ruby/2.2.3/railsexpress/02-improve-gc-stats.patch" 121 "${patchSet}/patches/ruby/2.2.3/railsexpress/03-display-more-detailed-stack-trace.patch" 122 ]; 123 - }; in self

··· 1 { patchSet, useRailsExpress, ops, patchLevel }: 2 3 + rec { 4 "1.9.3" = [ 5 + ./ssl_v3.patch 6 ./ruby19-parallel-install.patch 7 ./bitperfect-rdoc.patch 8 ] ++ ops useRailsExpress [ ··· 26 "${patchSet}/patches/ruby/1.9.3/p${patchLevel}/railsexpress/18-fix-missing-c-return-event.patch" 27 "${patchSet}/patches/ruby/1.9.3/p${patchLevel}/railsexpress/19-fix-process-daemon-call.patch" 28 ]; 29 + "2.0.0" = [ 30 + ./ssl_v3.patch 31 + ] ++ ops useRailsExpress [ 32 "${patchSet}/patches/ruby/2.0.0/p${patchLevel}/railsexpress/01-zero-broken-tests.patch" 33 "${patchSet}/patches/ruby/2.0.0/p${patchLevel}/railsexpress/02-railsexpress-gc.patch" 34 "${patchSet}/patches/ruby/2.0.0/p${patchLevel}/railsexpress/03-display-more-detailed-stack-trace.patch" 35 "${patchSet}/patches/ruby/2.0.0/p${patchLevel}/railsexpress/04-show-full-backtrace-on-stack-overflow.patch" 36 ]; 37 + "2.1.0" = [ 38 + ./ssl_v3.patch 39 + ] ++ ops useRailsExpress [ 40 "${patchSet}/patches/ruby/2.1.0/railsexpress/01-current-2.1.1-fixes.patch" 41 "${patchSet}/patches/ruby/2.1.0/railsexpress/02-zero-broken-tests.patch" 42 "${patchSet}/patches/ruby/2.1.0/railsexpress/03-improve-gc-stats.patch" ··· 50 "${patchSet}/patches/ruby/2.1.0/railsexpress/11-funny-falcon-method-cache.patch" 51 "${patchSet}/patches/ruby/2.1.0/railsexpress/12-backport-r44370.patch" 52 ]; 53 + "2.1.1" = [ 54 + ./ssl_v3.patch 55 + ] ++ ops useRailsExpress [ 56 "${patchSet}/patches/ruby/2.1.0/railsexpress/01-zero-broken-tests.patch" 57 "${patchSet}/patches/ruby/2.1.0/railsexpress/02-improve-gc-stats.patch" 58 "${patchSet}/patches/ruby/2.1.0/railsexpress/03-display-more-detailed-stack-trace.patch" ··· 65 "${patchSet}/patches/ruby/2.1.0/railsexpress/11-funny-falcon-method-cache.patch" 66 "${patchSet}/patches/ruby/2.1.0/railsexpress/12-backport-r44370.patch" 67 ]; 68 + "2.1.2" = [ 69 + ./ssl_v3.patch 70 + ] ++ ops useRailsExpress [ 71 "${patchSet}/patches/ruby/2.1.2/railsexpress/01-zero-broken-tests.patch" 72 "${patchSet}/patches/ruby/2.1.2/railsexpress/02-improve-gc-stats.patch" 73 "${patchSet}/patches/ruby/2.1.2/railsexpress/03-display-more-detailed-stack-trace.patch" ··· 79 "${patchSet}/patches/ruby/2.1.2/railsexpress/09-aman-opt-aset-aref-str.patch" 80 "${patchSet}/patches/ruby/2.1.2/railsexpress/10-funny-falcon-method-cache.patch" 81 ]; 82 + "2.1.3" = [ 83 + ./ssl_v3.patch 84 + ] ++ ops useRailsExpress [ 85 "${patchSet}/patches/ruby/2.1.3/railsexpress/01-zero-broken-tests.patch" 86 "${patchSet}/patches/ruby/2.1.3/railsexpress/02-improve-gc-stats.patch" 87 "${patchSet}/patches/ruby/2.1.3/railsexpress/03-display-more-detailed-stack-trace.patch" ··· 91 "${patchSet}/patches/ruby/2.1.3/railsexpress/07-aman-opt-aset-aref-str.patch" 92 "${patchSet}/patches/ruby/2.1.3/railsexpress/08-funny-falcon-method-cache.patch" 93 ]; 94 + "2.1.6" = [ 95 + ./ssl_v3.patch 96 + ] ++ ops useRailsExpress [ 97 "${patchSet}/patches/ruby/2.1.6/railsexpress/01-zero-broken-tests.patch" 98 "${patchSet}/patches/ruby/2.1.6/railsexpress/02-improve-gc-stats.patch" 99 "${patchSet}/patches/ruby/2.1.6/railsexpress/03-display-more-detailed-stack-trace.patch" ··· 104 "${patchSet}/patches/ruby/2.1.6/railsexpress/08-funny-falcon-method-cache.patch" 105 "${patchSet}/patches/ruby/2.1.6/railsexpress/09-heap-dump-support.patch" 106 ]; 107 + "2.1.7" = [ 108 + ./ssl_v3.patch 109 + ] ++ ops useRailsExpress [ 110 "${patchSet}/patches/ruby/2.1.7/railsexpress/01-zero-broken-tests.patch" 111 "${patchSet}/patches/ruby/2.1.7/railsexpress/02-improve-gc-stats.patch" 112 "${patchSet}/patches/ruby/2.1.7/railsexpress/03-display-more-detailed-stack-trace.patch" ··· 117 "${patchSet}/patches/ruby/2.1.7/railsexpress/08-funny-falcon-method-cache.patch" 118 "${patchSet}/patches/ruby/2.1.7/railsexpress/09-heap-dump-support.patch" 119 ]; 120 + "2.2.0" = [ 121 + ./ssl_v3.patch 122 + ] ++ ops useRailsExpress [ 123 "${patchSet}/patches/ruby/2.2.0/railsexpress/01-zero-broken-tests.patch" 124 "${patchSet}/patches/ruby/2.2.0/railsexpress/02-improve-gc-stats.patch" 125 "${patchSet}/patches/ruby/2.2.0/railsexpress/03-display-more-detailed-stack-trace.patch" 126 "${patchSet}/patches/ruby/2.2.0/railsexpress/04-backport-401c8bb.patch" 127 "${patchSet}/patches/ruby/2.2.0/railsexpress/05-fix-packed-bitfield-compat-warning-for-older-gccs.patch" 128 ]; 129 + "2.2.2" = [ 130 + ./ssl_v3.patch 131 + ] ++ ops useRailsExpress [ 132 "${patchSet}/patches/ruby/2.2.2/railsexpress/01-zero-broken-tests.patch" 133 "${patchSet}/patches/ruby/2.2.2/railsexpress/02-improve-gc-stats.patch" 134 "${patchSet}/patches/ruby/2.2.2/railsexpress/03-display-more-detailed-stack-trace.patch" 135 "${patchSet}/patches/ruby/2.2.2/railsexpress/04-backported-bugfixes-222.patch" 136 ]; 137 + "2.2.3" = [ 138 + ./ssl_v3.patch 139 + ] ++ ops useRailsExpress [ 140 "${patchSet}/patches/ruby/2.2.3/railsexpress/01-zero-broken-tests.patch" 141 "${patchSet}/patches/ruby/2.2.3/railsexpress/02-improve-gc-stats.patch" 142 "${patchSet}/patches/ruby/2.2.3/railsexpress/03-display-more-detailed-stack-trace.patch" 143 ]; 144 + }

+16

pkgs/development/interpreters/ruby/ssl_v3.patch

···

··· 1 + --- a/ext/openssl/ossl_ssl.c 2015-11-26 16:41:03.775058140 +0000 2 + +++ b/ext/openssl/ossl_ssl.c 2015-11-26 16:40:56.191907346 +0000 3 + @@ -138,9 +138,12 @@ 4 + OSSL_SSL_METHOD_ENTRY(SSLv2_server), 5 + OSSL_SSL_METHOD_ENTRY(SSLv2_client), 6 + #endif 7 + +#if defined(HAVE_SSLV3_METHOD) && defined(HAVE_SSLV3_SERVER_METHOD) && \ 8 + + defined(HAVE_SSLV3_CLIENT_METHOD) 9 + OSSL_SSL_METHOD_ENTRY(SSLv3), 10 + OSSL_SSL_METHOD_ENTRY(SSLv3_server), 11 + OSSL_SSL_METHOD_ENTRY(SSLv3_client), 12 + +#endif 13 + OSSL_SSL_METHOD_ENTRY(SSLv23), 14 + OSSL_SSL_METHOD_ENTRY(SSLv23_server), 15 + OSSL_SSL_METHOD_ENTRY(SSLv23_client), 16 +

+8 -2

pkgs/development/libraries/gettext/default.nix

··· 28 "gt_cv_func_CFLocaleCopyCurrent=no" 29 ]); 30 31 # On cross building, gettext supposes that the wchar.h from libc 32 # does not fulfill gettext needs, so it tries to work with its 33 # own wchar.h file, which does not cope well with the system's ··· 90 # Make sure `error.c' gets compiled and is part of `libgettextlib.la'. 91 # This fixes: 92 # gettext-0.18.1.1/gettext-tools/src/msgcmp.c:371: undefined reference to `_error_message_count' 93 - 94 - '' sed -i gettext-tools/gnulib-lib/Makefile.in \ 95 -e 's/am_libgettextlib_la_OBJECTS =/am_libgettextlib_la_OBJECTS = error.lo/g' 96 ''; 97 })

··· 28 "gt_cv_func_CFLocaleCopyCurrent=no" 29 ]); 30 31 + patchPhase = '' 32 + substituteInPlace gettext-tools/projects/KDE/trigger --replace "/bin/pwd" pwd 33 + substituteInPlace gettext-tools/projects/GNOME/trigger --replace "/bin/pwd" pwd 34 + substituteInPlace gettext-tools/src/project-id --replace "/bin/pwd" pwd 35 + ''; 36 + 37 # On cross building, gettext supposes that the wchar.h from libc 38 # does not fulfill gettext needs, so it tries to work with its 39 # own wchar.h file, which does not cope well with the system's ··· 96 # Make sure `error.c' gets compiled and is part of `libgettextlib.la'. 97 # This fixes: 98 # gettext-0.18.1.1/gettext-tools/src/msgcmp.c:371: undefined reference to `_error_message_count' 99 + '' 100 + sed -i gettext-tools/gnulib-lib/Makefile.in \ 101 -e 's/am_libgettextlib_la_OBJECTS =/am_libgettextlib_la_OBJECTS = error.lo/g' 102 ''; 103 })

+2

pkgs/development/libraries/glibc/common.nix

··· 61 ./security-bdf1ff05.patch 62 ./cve-2014-8121.patch 63 ./cve-2015-1781.patch 64 ]; 65 66 postPatch =

··· 61 ./security-bdf1ff05.patch 62 ./cve-2014-8121.patch 63 ./cve-2015-1781.patch 64 + 65 + ./glibc-locale-incompatibility.patch 66 ]; 67 68 postPatch =

+25

pkgs/development/libraries/glibc/glibc-locale-incompatibility.patch

···

··· 1 + http://git.savannah.gnu.org/cgit/guix.git/plain/gnu/packages/patches/glibc-locale-incompatibility.patch 2 + 3 + This patch avoids an assertion failure when incompatible locale data 4 + is encountered: 5 + 6 + https://sourceware.org/ml/libc-alpha/2015-09/msg00575.html 7 + 8 + --- glibc-2.22/locale/loadlocale.c 2015-09-22 17:16:02.321981548 +0200 9 + +++ glibc-2.22/locale/loadlocale.c 2015-09-22 17:17:34.814659064 +0200 10 + @@ -120,10 +120,11 @@ 11 + _nl_value_type_LC_XYZ array. There are all pointers. */ 12 + switch (category) 13 + { 14 + -#define CATTEST(cat) \ 15 + - case LC_##cat: \ 16 + - assert (cnt < (sizeof (_nl_value_type_LC_##cat) \ 17 + - / sizeof (_nl_value_type_LC_##cat[0]))); \ 18 + +#define CATTEST(cat) \ 19 + + case LC_##cat: \ 20 + + if (cnt >= (sizeof (_nl_value_type_LC_##cat) \ 21 + + / sizeof (_nl_value_type_LC_##cat[0]))) \ 22 + + goto puntdata; \ 23 + break 24 + CATTEST (NUMERIC); 25 + CATTEST (TIME);

+8 -4

pkgs/development/libraries/libffi/default.nix

··· 1 - { fetchurl, stdenv }: 2 3 stdenv.mkDerivation rec { 4 name = "libffi-3.2.1"; ··· 10 11 patches = if stdenv.isCygwin then [ ./3.2.1-cygwin.patch ] else null; 12 13 configureFlags = [ 14 "--with-gcc-arch=generic" # no detection of -march= or -mtune= 15 "--enable-pax_emutramp" 16 ]; 17 18 dontStrip = stdenv ? cross; # Don't run the native `strip' when cross-compiling. 19 ··· 22 ln -s${if (stdenv.isFreeBSD || stdenv.isOpenBSD || stdenv.isDarwin) then "" else "r"}v "$out/lib/"libffi*/include "$out/include" 23 ''; 24 25 - meta = { 26 description = "A foreign function call interface library"; 27 longDescription = '' 28 The libffi library provides a portable, high level programming ··· 40 ''; 41 homepage = http://sourceware.org/libffi/; 42 # See http://github.com/atgreen/libffi/blob/master/LICENSE . 43 - license = stdenv.lib.licenses.free; 44 maintainers = [ ]; 45 - platforms = stdenv.lib.platforms.all; 46 }; 47 }

··· 1 + { fetchurl, stdenv, dejagnu, doCheck ? false }: 2 3 stdenv.mkDerivation rec { 4 name = "libffi-3.2.1"; ··· 10 11 patches = if stdenv.isCygwin then [ ./3.2.1-cygwin.patch ] else null; 12 13 + buildInputs = stdenv.lib.optional doCheck dejagnu; 14 + 15 configureFlags = [ 16 "--with-gcc-arch=generic" # no detection of -march= or -mtune= 17 "--enable-pax_emutramp" 18 ]; 19 + 20 + inherit doCheck; 21 22 dontStrip = stdenv ? cross; # Don't run the native `strip' when cross-compiling. 23 ··· 26 ln -s${if (stdenv.isFreeBSD || stdenv.isOpenBSD || stdenv.isDarwin) then "" else "r"}v "$out/lib/"libffi*/include "$out/include" 27 ''; 28 29 + meta = with stdenv.lib; { 30 description = "A foreign function call interface library"; 31 longDescription = '' 32 The libffi library provides a portable, high level programming ··· 44 ''; 45 homepage = http://sourceware.org/libffi/; 46 # See http://github.com/atgreen/libffi/blob/master/LICENSE . 47 + license = licenses.free; 48 maintainers = [ ]; 49 + platforms = platforms.all; 50 }; 51 }

+3 -3

pkgs/development/libraries/libpng/default.nix

··· 3 assert zlib != null; 4 5 let 6 - version = "1.6.19"; 7 - sha256 = "1s1mmkl79ghiczi2x2rbnp6y70v4c5pr8g3icxn9h5imymbmc71i"; 8 patch_src = fetchurl { 9 url = "mirror://sourceforge/libpng-apng/libpng-${version}-apng.patch.gz"; 10 - sha256 = "0bgqkac16yhl0zwjzq2zwkixg2l2x3a6blbk3k0wqz0lza2a6jrh"; 11 }; 12 whenPatched = stdenv.lib.optionalString apngSupport; 13

··· 3 assert zlib != null; 4 5 let 6 + version = "1.6.20"; 7 + sha256 = "12wis4rlisfnw79pj2778m42m94xpi9nq8m385hxk11lkyg9biam"; 8 patch_src = fetchurl { 9 url = "mirror://sourceforge/libpng-apng/libpng-${version}-apng.patch.gz"; 10 + sha256 = "11xgal9qk6fmqdgcb37xg55f2y58wizszw54p1pyq855d2xpwfz6"; 11 }; 12 whenPatched = stdenv.lib.optionalString apngSupport; 13

+2 -2

pkgs/development/libraries/mesa/default.nix

··· 22 */ 23 24 let 25 - version = "11.0.5"; 26 # this is the default search path for DRI drivers 27 driverLink = "/run/opengl-driver" + stdenv.lib.optionalString stdenv.isi686 "-32"; 28 in ··· 38 + head (splitString "." version) + ''.x/${version}/mesa-${version}.tar.xz'') 39 "https://launchpad.net/mesa/trunk/${version}/+download/mesa-${version}.tar.xz" 40 ]; 41 - sha256 = "9c255a2a6695fcc6ef4a279e1df0aeaf417dc142f39ee59dfb533d80494bb67a"; 42 }; 43 44 prePatch = "patchShebangs .";

··· 22 */ 23 24 let 25 + version = "11.0.8"; 26 # this is the default search path for DRI drivers 27 driverLink = "/run/opengl-driver" + stdenv.lib.optionalString stdenv.isi686 "-32"; 28 in ··· 38 + head (splitString "." version) + ''.x/${version}/mesa-${version}.tar.xz'') 39 "https://launchpad.net/mesa/trunk/${version}/+download/mesa-${version}.tar.xz" 40 ]; 41 + sha256 = "5696e4730518b6805d2ed5def393c4293f425a2c2c01bd5ed4bdd7ad62f7ad75"; 42 }; 43 44 prePatch = "patchShebangs .";

+2

pkgs/development/libraries/qca2/default.nix

··· 13 14 enableParallelBuilding = true; 15 16 meta = with stdenv.lib; { 17 description = "Qt Cryptographic Architecture"; 18 license = "LGPL";

··· 13 14 enableParallelBuilding = true; 15 16 + patches = [ ./libressl.patch ]; 17 + 18 meta = with stdenv.lib; { 19 description = "Qt Cryptographic Architecture"; 20 license = "LGPL";

+28

pkgs/development/libraries/qca2/libressl.patch

···

··· 1 + --- a/plugins/qca-ossl/qca-ossl.cpp 2015-12-02 09:34:25.810682094 +0000 2 + +++ b/plugins/qca-ossl/qca-ossl.cpp 2015-12-02 09:29:51.720392423 +0000 3 + @@ -5403,11 +5403,13 @@ 4 + ctx = SSL_CTX_new(SSLv2_client_method()); 5 + break; 6 + #endif 7 + +#ifndef OPENSSL_NO_SSL3 8 + case TLS::SSL_v3: 9 + ctx = SSL_CTX_new(SSLv3_client_method()); 10 + break; 11 + +#endif 12 + case TLS::TLS_v1: 13 + + ctx = SSL_CTX_new(SSLv23_client_method()); 14 + - ctx = SSL_CTX_new(TLSv1_client_method()); 15 + break; 16 + case TLS::DTLS_v1: 17 + default: 18 + @@ -7133,8 +7135,10 @@ 19 + return new opensslInfoContext(this); 20 + else if ( type == "sha1" ) 21 + return new opensslHashContext( EVP_sha1(), this, type); 22 + +#ifndef OPENSSL_NO_SHA0 23 + else if ( type == "sha0" ) 24 + return new opensslHashContext( EVP_sha(), this, type); 25 + +#endif 26 + else if ( type == "ripemd160" ) 27 + return new opensslHashContext( EVP_ripemd160(), this, type); 28 + #ifdef HAVE_OPENSSL_MD2

+1

pkgs/development/libraries/qt-4.x/4.8/default.nix

··· 50 51 patches = 52 [ ./glib-2.32.patch 53 (substituteAll { 54 src = ./dlopen-absolute-paths.diff; 55 inherit cups icu libXfixes;

··· 50 51 patches = 52 [ ./glib-2.32.patch 53 + ./libressl.patch 54 (substituteAll { 55 src = ./dlopen-absolute-paths.diff; 56 inherit cups icu libXfixes;

+64

pkgs/development/libraries/qt-4.x/4.8/libressl.patch

···

··· 1 + $OpenBSD: patch-src_network_ssl_qsslsocket_openssl_symbols_cpp,v 1.3 2015/09/17 12:24:42 dcoppa Exp $ 2 + --- a/src/network/ssl/qsslsocket_openssl_symbols.cpp Wed Sep 16 13:27:39 2015 3 + +++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp Wed Sep 16 13:33:06 2015 4 + @@ -228,13 +228,17 @@ DEFINEFUNC(int, SSL_shutdown, SSL *a, a, return -1, re 5 + #ifndef OPENSSL_NO_SSL2 6 + DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return) 7 + #endif 8 + +#ifndef OPENSSL_NO_SSL3 9 + DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return) 10 + +#endif 11 + DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return) 12 + DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return) 13 + #ifndef OPENSSL_NO_SSL2 14 + DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return) 15 + #endif 16 + +#ifndef OPENSSL_NO_SSL3 17 + DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return) 18 + +#endif 19 + DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return) 20 + DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return) 21 + #else 22 + @@ -822,13 +826,17 @@ bool q_resolveOpenSslSymbols() 23 + #ifndef OPENSSL_NO_SSL2 24 + RESOLVEFUNC(SSLv2_client_method) 25 + #endif 26 + +#ifndef OPENSSL_NO_SSL3 27 + RESOLVEFUNC(SSLv3_client_method) 28 + +#endif 29 + RESOLVEFUNC(SSLv23_client_method) 30 + RESOLVEFUNC(TLSv1_client_method) 31 + #ifndef OPENSSL_NO_SSL2 32 + RESOLVEFUNC(SSLv2_server_method) 33 + #endif 34 + +#ifndef OPENSSL_NO_SSL3 35 + RESOLVEFUNC(SSLv3_server_method) 36 + +#endif 37 + RESOLVEFUNC(SSLv23_server_method) 38 + RESOLVEFUNC(TLSv1_server_method) 39 + RESOLVEFUNC(X509_NAME_entry_count) 40 + --- a/src/network/ssl/qsslsocket_openssl.cpp Thu May 7 16:14:44 2015 41 + +++ b/src/network/ssl/qsslsocket_openssl.cpp Wed Sep 16 13:30:03 2015 42 + @@ -267,15 +267,19 @@ init_context: 43 + #endif 44 + break; 45 + case QSsl::SslV3: 46 + +#ifndef OPENSSL_NO_SSL3 47 + ctx = q_SSL_CTX_new(client ? q_SSLv3_client_method() : q_SSLv3_server_method()); 48 + +#else 49 + + ctx = 0; // SSL 3 not supported by the system, but chosen deliberately -> error 50 + +#endif 51 + break; 52 + - case QSsl::SecureProtocols: // SslV2 will be disabled below 53 + - case QSsl::TlsV1SslV3: // SslV2 will be disabled below 54 + case QSsl::AnyProtocol: 55 + - default: 56 + ctx = q_SSL_CTX_new(client ? q_SSLv23_client_method() : q_SSLv23_server_method()); 57 + break; 58 + case QSsl::TlsV1: 59 + + case QSsl::SecureProtocols: 60 + + case QSsl::TlsV1SslV3: 61 + + default: 62 + ctx = q_SSL_CTX_new(client ? q_TLSv1_client_method() : q_TLSv1_server_method()); 63 + break; 64 + }

+36

pkgs/development/libraries/qt-5/5.5/qtbase/libressl.patch

···

··· 1 + From 81494e67eccba04fc3fe554d76a9ca6fe7f2250e Mon Sep 17 00:00:00 2001 2 + From: hasufell <hasufell@gentoo.org> 3 + Date: Sat, 10 Oct 2015 01:15:01 +0200 4 + Subject: [PATCH] Fix compilation with libressl 5 + 6 + By additionally checking for defined(SSL_CTRL_SET_CURVES), which 7 + is defined in openssl, but not in libressl. 8 + --- 9 + src/network/ssl/qsslcontext_openssl.cpp | 4 ++-- 10 + 1 file changed, 2 insertions(+), 2 deletions(-) 11 + 12 + diff --git a/qtbase/src/network/ssl/qsslcontext_openssl.cpp b/qtbase/src/network/ssl/qsslcontext_openssl.cpp 13 + index b88ab54..cfc4f6d 100644 14 + --- a/qtbase/src/network/ssl/qsslcontext_openssl.cpp 15 + +++ b/qtbase/src/network/ssl/qsslcontext_openssl.cpp 16 + @@ -338,7 +338,7 @@ init_context: 17 + 18 + const QVector<QSslEllipticCurve> qcurves = sslContext->sslConfiguration.ellipticCurves(); 19 + if (!qcurves.isEmpty()) { 20 + -#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC) 21 + +#if OPENSSL_VERSION_NUMBER >= 0x10002000L && defined(SSL_CTRL_SET_CURVES) && !defined(OPENSSL_NO_EC) 22 + // Set the curves to be used 23 + if (q_SSLeay() >= 0x10002000L) { 24 + // SSL_CTX_ctrl wants a non-const pointer as last argument, 25 + @@ -352,7 +352,7 @@ init_context: 26 + return sslContext; 27 + } 28 + } else 29 + -#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC) 30 + +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L && defined(SSL_CTRL_SET_CURVES) && !defined(OPENSSL_NO_EC) 31 + { 32 + // specific curves requested, but not possible to set -> error 33 + sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocket::tr("OpenSSL version too old, need at least v1.0.2")); 34 + -- 35 + 2.6.0 36 +

+1

pkgs/development/libraries/qt-5/5.5/qtbase/series

··· 6 xdg-config-dirs.patch 7 nix-profiles-library-paths.patch 8 compose-search-path.patch

··· 6 xdg-config-dirs.patch 7 nix-profiles-library-paths.patch 8 compose-search-path.patch 9 + libressl.patch

+7 -4

pkgs/development/tools/misc/texinfo/5.2.nix

··· 1 - { stdenv, fetchurl, ncurses, perl, xz, interactive ? false }: 2 3 stdenv.mkDerivation rec { 4 name = "texinfo-5.2"; ··· 9 }; 10 11 buildInputs = [ perl xz ] 12 - ++ stdenv.lib.optional interactive ncurses; 13 14 preInstall = '' 15 installFlags="TEXMF=$out/texmf-dist"; ··· 21 meta = { 22 homepage = "http://www.gnu.org/software/texinfo/"; 23 description = "The GNU documentation system"; 24 - license = stdenv.lib.licenses.gpl3Plus; 25 - platforms = stdenv.lib.platforms.all; 26 27 longDescription = '' 28 Texinfo is the official documentation format of the GNU project.

··· 1 + { stdenv, fetchurl, ncurses, perl, xz, procps, interactive ? false }: 2 + 3 + with stdenv.lib; 4 5 stdenv.mkDerivation rec { 6 name = "texinfo-5.2"; ··· 11 }; 12 13 buildInputs = [ perl xz ] 14 + ++ optional interactive ncurses 15 + ++ optional doCheck procps; # for tests 16 17 preInstall = '' 18 installFlags="TEXMF=$out/texmf-dist"; ··· 24 meta = { 25 homepage = "http://www.gnu.org/software/texinfo/"; 26 description = "The GNU documentation system"; 27 + license = licenses.gpl3Plus; 28 + platforms = platforms.all; 29 30 longDescription = '' 31 Texinfo is the official documentation format of the GNU project.

+9 -5

pkgs/development/tools/misc/texinfo/6.0.nix

··· 1 - { stdenv, fetchurl, ncurses, perl, xz, libiconv, gawk, interactive ? false }: 2 3 stdenv.mkDerivation rec { 4 name = "texinfo-6.0"; ··· 9 }; 10 11 buildInputs = [ perl xz ] 12 - ++ stdenv.lib.optionals stdenv.isSunOS [ libiconv gawk ] 13 - ++ stdenv.lib.optional interactive ncurses; 14 15 - configureFlags = stdenv.lib.optionalString stdenv.isSunOS "AWK=${gawk}/bin/awk"; 16 17 preInstall = '' 18 installFlags="TEXMF=$out/texmf-dist"; 19 installTargets="install install-tex"; 20 ''; 21 22 - doCheck = !stdenv.isDarwin && !interactive && !stdenv.isSunOS/*flaky*/; 23 24 meta = with stdenv.lib; { 25 homepage = "http://www.gnu.org/software/texinfo/";

··· 1 + { stdenv, fetchurl, ncurses, perl, xz, libiconv, gawk, procps, interactive ? false }: 2 + 3 + with stdenv.lib; 4 5 stdenv.mkDerivation rec { 6 name = "texinfo-6.0"; ··· 11 }; 12 13 buildInputs = [ perl xz ] 14 + ++ optionals stdenv.isSunOS [ libiconv gawk ] 15 + ++ optional interactive ncurses 16 + ++ optional doCheck procps; # for tests 17 18 + configureFlags = stdenv.lib.optional stdenv.isSunOS "AWK=${gawk}/bin/awk"; 19 20 preInstall = '' 21 installFlags="TEXMF=$out/texmf-dist"; 22 installTargets="install install-tex"; 23 ''; 24 25 + doCheck = interactive # simplify bootstrapping 26 + && !stdenv.isDarwin && !stdenv.isSunOS/*flaky*/; 27 28 meta = with stdenv.lib; { 29 homepage = "http://www.gnu.org/software/texinfo/";

+1

pkgs/os-specific/linux/wpa_supplicant/default.nix

··· 79 80 patches = [ 81 ./build-fix.patch 82 ]; 83 84 postInstall = ''

··· 79 80 patches = [ 81 ./build-fix.patch 82 + ./libressl.patch 83 ]; 84 85 postInstall = ''

+69

pkgs/os-specific/linux/wpa_supplicant/libressl.patch

···

··· 1 + $OpenBSD: patch-src_crypto_tls_openssl_c,v 1.3 2015/09/29 11:57:54 dcoppa Exp $ 2 + 3 + Compatibility fixes for LibreSSL 4 + 5 + --- a/src/crypto/tls_openssl.c Sun Sep 27 21:02:05 2015 6 + +++ b/src/crypto/tls_openssl.c Mon Sep 28 13:43:46 2015 7 + @@ -2229,7 +2229,7 @@ static int tls_parse_pkcs12(struct tls_data *data, SSL 8 + } 9 + 10 + if (certs) { 11 + -#if OPENSSL_VERSION_NUMBER >= 0x10002000L 12 + +#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) 13 + SSL_clear_chain_certs(ssl); 14 + while ((cert = sk_X509_pop(certs)) != NULL) { 15 + X509_NAME_oneline(X509_get_subject_name(cert), buf, 16 + @@ -2247,7 +2247,7 @@ static int tls_parse_pkcs12(struct tls_data *data, SSL 17 + /* Try to continue anyway */ 18 + } 19 + sk_X509_free(certs); 20 + -#ifndef OPENSSL_IS_BORINGSSL 21 + +#if !defined(OPENSSL_IS_BORINGSSL) && !defined(LIBRESSL_VERSION_NUMBER) 22 + res = SSL_build_cert_chain(ssl, 23 + SSL_BUILD_CHAIN_FLAG_CHECK | 24 + SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR); 25 + @@ -2812,7 +2812,7 @@ int tls_connection_get_random(void *ssl_ctx, struct tl 26 + if (conn == NULL || keys == NULL) 27 + return -1; 28 + ssl = conn->ssl; 29 + -#if OPENSSL_VERSION_NUMBER < 0x10100000L 30 + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 31 + if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL) 32 + return -1; 33 + 34 + @@ -2841,7 +2841,7 @@ int tls_connection_get_random(void *ssl_ctx, struct tl 35 + #ifndef CONFIG_FIPS 36 + static int openssl_get_keyblock_size(SSL *ssl) 37 + { 38 + -#if OPENSSL_VERSION_NUMBER < 0x10100000L 39 + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 40 + const EVP_CIPHER *c; 41 + const EVP_MD *h; 42 + int md_size; 43 + @@ -2911,7 +2911,7 @@ static int openssl_tls_prf(struct tls_connection *conn 44 + "mode"); 45 + return -1; 46 + #else /* CONFIG_FIPS */ 47 + -#if OPENSSL_VERSION_NUMBER < 0x10100000L 48 + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 49 + SSL *ssl; 50 + u8 *rnd; 51 + int ret = -1; 52 + @@ -3394,7 +3394,7 @@ int tls_connection_set_cipher_list(void *tls_ctx, stru 53 + 54 + wpa_printf(MSG_DEBUG, "OpenSSL: cipher suites: %s", buf + 1); 55 + 56 + -#if OPENSSL_VERSION_NUMBER >= 0x10100000L 57 + +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) 58 + #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) 59 + if (os_strstr(buf, ":ADH-")) { 60 + /* 61 + @@ -3977,7 +3977,7 @@ static int tls_sess_sec_cb(SSL *s, void *secret, int * 62 + struct tls_connection *conn = arg; 63 + int ret; 64 + 65 + -#if OPENSSL_VERSION_NUMBER < 0x10100000L 66 + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 67 + if (conn == NULL || conn->session_ticket_cb == NULL) 68 + return 0; 69 +

+1 -3

pkgs/servers/dns/bind/default.nix

··· 10 sha256 = "1w4gp4hdkb452nmz91l413d1rx89isl2l6wv8kpbdd2afpc3phws"; 11 }; 12 13 - patchPhase = '' 14 - sed -i 's/^\t.*run/\t/' Makefile.in 15 - ''; 16 17 buildInputs = [ openssl libtool perl libxml2 ]; 18

··· 10 sha256 = "1w4gp4hdkb452nmz91l413d1rx89isl2l6wv8kpbdd2afpc3phws"; 11 }; 12 13 + patches = [ ./libressl.patch ./remove-mkdir-var.patch ]; 14 15 buildInputs = [ openssl libtool perl libxml2 ]; 16

+102

pkgs/servers/dns/bind/libressl.patch

···

··· 1 + $OpenBSD: patch-lib_dns_openssl_link_c,v 1.1 2015/09/16 15:28:16 sthen Exp $ 2 + --- a/lib/dns/openssl_link.c Wed Sep 16 14:01:23 2015 3 + +++ b/lib/dns/openssl_link.c Wed Sep 16 14:01:46 2015 4 + @@ -88,7 +88,7 @@ entropy_getpseudo(unsigned char *buf, int num) { 5 + return (result == ISC_R_SUCCESS ? 1 : -1); 6 + } 7 + 8 + -#if OPENSSL_VERSION_NUMBER < 0x10100000L 9 + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 10 + static void 11 + entropy_add(const void *buf, int num, double entropy) { 12 + /* 13 + @@ -121,7 +121,7 @@ lock_callback(int mode, int type, const char *file, in 14 + UNLOCK(&locks[type]); 15 + } 16 + 17 + -#if OPENSSL_VERSION_NUMBER < 0x10100000L 18 + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 19 + static unsigned long 20 + id_callback(void) { 21 + return ((unsigned long)isc_thread_self()); 22 + @@ -187,7 +187,7 @@ dst__openssl_init(const char *engine) { 23 + if (result != ISC_R_SUCCESS) 24 + goto cleanup_mutexalloc; 25 + CRYPTO_set_locking_callback(lock_callback); 26 + -#if OPENSSL_VERSION_NUMBER < 0x10100000L 27 + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 28 + CRYPTO_set_id_callback(id_callback); 29 + #endif 30 + 31 + @@ -287,7 +287,7 @@ dst__openssl_destroy(void) { 32 + CRYPTO_cleanup_all_ex_data(); 33 + #endif 34 + ERR_clear_error(); 35 + -#if OPENSSL_VERSION_NUMBER < 0x10100000L 36 + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 37 + ERR_remove_state(0); 38 + #endif 39 + ERR_free_strings(); 40 + --- a/lib/dns/dst_openssl.h Wed Sep 16 14:00:47 2015 41 + +++ b/lib/dns/dst_openssl.h Wed Sep 16 14:02:42 2015 42 + @@ -36,7 +36,7 @@ 43 + #define USE_ENGINE 1 44 + #endif 45 + 46 + -#if OPENSSL_VERSION_NUMBER < 0x10100000L 47 + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 48 + /* 49 + * These are new in OpenSSL 1.1.0. BN_GENCB _cb needs to be declared in 50 + * the function like this before the BN_GENCB_new call: 51 + --- a/lib/dns/openssldh_link.c Wed Sep 16 14:01:23 2015 52 + +++ b/lib/dns/openssldh_link.c Wed Sep 16 14:02:06 2015 53 + @@ -173,7 +173,7 @@ openssldh_generate(dst_key_t *key, int generator, void 54 + DH *dh = NULL; 55 + #if OPENSSL_VERSION_NUMBER > 0x00908000L 56 + BN_GENCB *cb; 57 + -#if OPENSSL_VERSION_NUMBER < 0x10100000L 58 + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 59 + BN_GENCB _cb; 60 + #endif 61 + union { 62 + @@ -210,7 +210,7 @@ openssldh_generate(dst_key_t *key, int generator, void 63 + if (dh == NULL) 64 + return (dst__openssl_toresult(ISC_R_NOMEMORY)); 65 + cb = BN_GENCB_new(); 66 + -#if OPENSSL_VERSION_NUMBER >= 0x10100000L 67 + +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) 68 + if (cb == NULL) { 69 + DH_free(dh); 70 + return (dst__openssl_toresult(ISC_R_NOMEMORY)); 71 + --- a/lib/dns/openssldsa_link.c Wed Sep 16 14:01:23 2015 72 + +++ b/lib/dns/openssldsa_link.c Wed Sep 16 14:02:22 2015 73 + @@ -359,7 +359,7 @@ openssldsa_generate(dst_key_t *key, int unused, void ( 74 + isc_result_t result; 75 + #if OPENSSL_VERSION_NUMBER > 0x00908000L 76 + BN_GENCB *cb; 77 + -#if OPENSSL_VERSION_NUMBER < 0x10100000L 78 + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 79 + BN_GENCB _cb; 80 + #endif 81 + union { 82 + @@ -383,7 +383,7 @@ openssldsa_generate(dst_key_t *key, int unused, void ( 83 + if (dsa == NULL) 84 + return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); 85 + cb = BN_GENCB_new(); 86 + -#if OPENSSL_VERSION_NUMBER >= 0x10100000L 87 + +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) 88 + if (cb == NULL) { 89 + DSA_free(dsa); 90 + return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); 91 + $OpenBSD: patch-lib_dns_opensslrsa_link_c,v 1.1 2015/09/16 15:28:16 sthen Exp $ 92 + --- a/lib/dns/opensslrsa_link.c Wed Sep 16 14:01:23 2015 93 + +++ b/lib/dns/opensslrsa_link.c Wed Sep 16 14:02:31 2015 94 + @@ -771,7 +771,7 @@ opensslrsa_generate(dst_key_t *key, int exp, void (*ca 95 + } u; 96 + RSA *rsa = RSA_new(); 97 + BIGNUM *e = BN_new(); 98 + -#if OPENSSL_VERSION_NUMBER < 0x10100000L 99 + +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) 100 + BN_GENCB _cb; 101 + #endif 102 + BN_GENCB *cb = BN_GENCB_new();

+12

pkgs/servers/dns/bind/remove-mkdir-var.patch

···

··· 1 + --- a/Makefile.in 2 + +++ b/Makefile.in 3 + @@ -53,8 +53,7 @@ docclean manclean maintainer-clean:: 4 + doc man:: ${MANOBJS} 5 + 6 + installdirs: 7 + - $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${bindir} \ 8 + - ${DESTDIR}${localstatedir}/run ${DESTDIR}${sysconfdir} 9 + + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${bindir} ${DESTDIR}${sysconfdir} 10 + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man1 11 + 12 + install:: isc-config.sh installdirs

+1 -1

pkgs/shells/bash/bash-4.3-patches.nix

··· 42 (patch "039" "1v3l3vkc3g2b6fjycqwlakr8xhiw6bmw6q0zd6bi0m0m4bnxr55b") 43 (patch "040" "0sypv66vsldmc95gwvf7ylz1k7y37vnvdsjg8ajjr6b2j9mkkfw4") 44 (patch "041" "06ic2gdpbi1afik3wqf9d4vh95if4bz8bmhcgr555621dsb35i2f") 45 - (patch "042" "1bwhssay66n75fy0pxcrwbm032s6fvfg7dblzbrzzn5k38a56nmp") 46 ]

··· 42 (patch "039" "1v3l3vkc3g2b6fjycqwlakr8xhiw6bmw6q0zd6bi0m0m4bnxr55b") 43 (patch "040" "0sypv66vsldmc95gwvf7ylz1k7y37vnvdsjg8ajjr6b2j9mkkfw4") 44 (patch "041" "06ic2gdpbi1afik3wqf9d4vh95if4bz8bmhcgr555621dsb35i2f") 45 + (patch "042" "06a90k0p6bqc4wk2dsmapna69124an76xvlnlj3xm497vci968dc") 46 ]

+6 -4

pkgs/tools/networking/socat/2.x.nix

··· 12 13 configureFlags = stdenv.lib.optionalString stdenv.isDarwin "--disable-ip6"; 14 15 - meta = { 16 description = "A utility for bidirectional data transfer between two independent data channels"; 17 homepage = http://www.dest-unreach.org/socat/; 18 repositories.git = git://repo.or.cz/socat.git; 19 - platforms = stdenv.lib.platforms.unix; 20 - license = stdenv.lib.licenses.gpl2; 21 - maintainers = [ stdenv.lib.maintainers.eelco ]; 22 }; 23 }

··· 12 13 configureFlags = stdenv.lib.optionalString stdenv.isDarwin "--disable-ip6"; 14 15 + patches = stdenv.lib.singleton ./libressl-fixes.patch ; 16 + 17 + meta = with stdenv.lib; { 18 description = "A utility for bidirectional data transfer between two independent data channels"; 19 homepage = http://www.dest-unreach.org/socat/; 20 repositories.git = git://repo.or.cz/socat.git; 21 + platforms = platforms.unix; 22 + license = licenses.gpl2; 23 + maintainers = [ maintainers.eelco ]; 24 }; 25 }

+1 -1

pkgs/tools/networking/socat/default.nix

··· 10 11 buildInputs = [ openssl ]; 12 13 - patches = [ ./enable-ecdhe.patch ]; 14 15 meta = { 16 description = "A utility for bidirectional data transfer between two independent data channels";

··· 10 11 buildInputs = [ openssl ]; 12 13 + patches = [ ./enable-ecdhe.patch ./libressl-fixes.patch ]; 14 15 meta = { 16 description = "A utility for bidirectional data transfer between two independent data channels";

+173

pkgs/tools/networking/socat/libressl-fixes.patch

···

··· 1 + Patch from OpenBSD 2 + --- a/sslcls.c Sat Jan 24 03:15:22 2015 3 + +++ b/sslcls.c Sat Jul 18 20:01:59 2015 4 + @@ -55,6 +55,7 @@ const SSL_METHOD *sycSSLv2_server_method(void) { 5 + } 6 + #endif 7 + 8 + +#ifdef HAVE_SSLv3_client_method 9 + const SSL_METHOD *sycSSLv3_client_method(void) { 10 + const SSL_METHOD *result; 11 + Debug("SSLv3_client_method()"); 12 + @@ -62,7 +63,9 @@ const SSL_METHOD *sycSSLv3_client_method(void) { 13 + Debug1("SSLv3_client_method() -> %p", result); 14 + return result; 15 + } 16 + +#endif 17 + 18 + +#ifdef HAVE_SSLv3_server_method 19 + const SSL_METHOD *sycSSLv3_server_method(void) { 20 + const SSL_METHOD *result; 21 + Debug("SSLv3_server_method()"); 22 + @@ -70,6 +73,7 @@ const SSL_METHOD *sycSSLv3_server_method(void) { 23 + Debug1("SSLv3_server_method() -> %p", result); 24 + return result; 25 + } 26 + +#endif 27 + 28 + const SSL_METHOD *sycSSLv23_client_method(void) { 29 + const SSL_METHOD *result; 30 + @@ -331,14 +335,6 @@ void sycSSL_free(SSL *ssl) { 31 + return; 32 + } 33 + 34 + -int sycRAND_egd(const char *path) { 35 + - int result; 36 + - Debug1("RAND_egd(\"%s\")", path); 37 + - result = RAND_egd(path); 38 + - Debug1("RAND_egd() -> %d", result); 39 + - return result; 40 + -} 41 + - 42 + DH *sycPEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u) { 43 + DH *result; 44 + Debug4("PEM_read_bio_DHparams(%p, %p, %p, %p)", 45 + @@ -375,7 +371,7 @@ int sycFIPS_mode_set(int onoff) { 46 + } 47 + #endif /* WITH_FIPS */ 48 + 49 + -#if OPENSSL_VERSION_NUMBER >= 0x00908000L 50 + +#if (OPENSSL_VERSION_NUMBER >= 0x00908000L) && !defined(OPENSSL_NO_COMP) 51 + const COMP_METHOD *sycSSL_get_current_compression(SSL *ssl) { 52 + const COMP_METHOD *result; 53 + Debug1("SSL_get_current_compression(%p)", ssl); 54 + --- a/sslcls.h Sat Jan 24 11:15:22 2015 55 + +++ b/sslcls.h Mon Apr 13 15:06:25 2015 56 + @@ -47,7 +47,6 @@ X509 *sycSSL_get_peer_certificate(SSL *ssl); 57 + int sycSSL_shutdown(SSL *ssl); 58 + void sycSSL_CTX_free(SSL_CTX *ctx); 59 + void sycSSL_free(SSL *ssl); 60 + -int sycRAND_egd(const char *path); 61 + 62 + DH *sycPEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u); 63 + 64 + @@ -55,7 +54,7 @@ BIO *sycBIO_new_file(const char *filename, const char 65 + 66 + int sycFIPS_mode_set(int onoff); 67 + 68 + -#if OPENSSL_VERSION_NUMBER >= 0x00908000L 69 + +#if (OPENSSL_VERSION_NUMBER >= 0x00908000L) && !defined(OPENSSL_NO_COMP) 70 + const COMP_METHOD *sycSSL_get_current_compression(SSL *ssl); 71 + const COMP_METHOD *sycSSL_get_current_expansion(SSL *ssl); 72 + const char *sycSSL_COMP_get_name(const COMP_METHOD *comp); 73 + @@ -98,7 +97,6 @@ const char *sycSSL_COMP_get_name(const COMP_METHOD *co 74 + #define sycSSL_shutdown(s) SSL_shutdown(s) 75 + #define sycSSL_CTX_free(c) SSL_CTX_free(c) 76 + #define sycSSL_free(s) SSL_free(s) 77 + -#define sycRAND_egd(p) RAND_egd(p) 78 + 79 + #define sycPEM_read_bio_DHparams(b,x,p,u) PEM_read_bio_DHparams(b,x,p,u) 80 + 81 + --- a/xio-openssl.c Sat Jan 24 15:33:42 2015 82 + +++ b/xio-openssl.c Mon Apr 13 14:59:12 2015 83 + @@ -108,7 +108,6 @@ const struct optdesc opt_openssl_key = { "open 84 + const struct optdesc opt_openssl_dhparam = { "openssl-dhparam", "dh", OPT_OPENSSL_DHPARAM, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC }; 85 + const struct optdesc opt_openssl_cafile = { "openssl-cafile", "cafile", OPT_OPENSSL_CAFILE, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC }; 86 + const struct optdesc opt_openssl_capath = { "openssl-capath", "capath", OPT_OPENSSL_CAPATH, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC }; 87 + -const struct optdesc opt_openssl_egd = { "openssl-egd", "egd", OPT_OPENSSL_EGD, GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC }; 88 + const struct optdesc opt_openssl_pseudo = { "openssl-pseudo", "pseudo", OPT_OPENSSL_PSEUDO, GROUP_OPENSSL, PH_SPEC, TYPE_BOOL, OFUNC_SPEC }; 89 + #if OPENSSL_VERSION_NUMBER >= 0x00908000L 90 + const struct optdesc opt_openssl_compress = { "openssl-compress", "compress", OPT_OPENSSL_COMPRESS, GROUP_OPENSSL, PH_SPEC, TYPE_STRING, OFUNC_SPEC }; 91 + @@ -147,7 +146,7 @@ int xio_reset_fips_mode(void) { 92 + static void openssl_conn_loginfo(SSL *ssl) { 93 + Notice1("SSL connection using %s", SSL_get_cipher(ssl)); 94 + 95 + -#if OPENSSL_VERSION_NUMBER >= 0x00908000L 96 + +#if (OPENSSL_VERSION_NUMBER >= 0x00908000L) && !defined(OPENSSL_NO_COMP) 97 + { 98 + const COMP_METHOD *comp, *expansion; 99 + 100 + @@ -722,7 +721,6 @@ int 101 + char *opt_dhparam = NULL; /* file name of DH params */ 102 + char *opt_cafile = NULL; /* certificate authority file */ 103 + char *opt_capath = NULL; /* certificate authority directory */ 104 + - char *opt_egd = NULL; /* entropy gathering daemon socket path */ 105 + #if OPENSSL_VERSION_NUMBER >= 0x00908000L 106 + char *opt_compress = NULL; /* compression method */ 107 + #endif 108 + @@ -741,7 +739,6 @@ int 109 + retropt_string(opts, OPT_OPENSSL_CAPATH, &opt_capath); 110 + retropt_string(opts, OPT_OPENSSL_KEY, &opt_key); 111 + retropt_string(opts, OPT_OPENSSL_DHPARAM, &opt_dhparam); 112 + - retropt_string(opts, OPT_OPENSSL_EGD, &opt_egd); 113 + retropt_bool(opts,OPT_OPENSSL_PSEUDO, &opt_pseudo); 114 + #if OPENSSL_VERSION_NUMBER >= 0x00908000L 115 + retropt_string(opts, OPT_OPENSSL_COMPRESS, &opt_compress); 116 + @@ -877,10 +874,6 @@ int 117 + } 118 + } 119 + 120 + - if (opt_egd) { 121 + - sycRAND_egd(opt_egd); 122 + - } 123 + - 124 + if (opt_pseudo) { 125 + long int randdata; 126 + /* initialize libc random from actual microseconds */ 127 + @@ -1098,7 +1091,7 @@ static int openssl_SSL_ERROR_SSL(int level, const char 128 + if (e == ((ERR_LIB_RAND<<24)| 129 + (RAND_F_SSLEAY_RAND_BYTES<<12)| 130 + (RAND_R_PRNG_NOT_SEEDED)) /*0x24064064*/) { 131 + - Error("too few entropy; use options \"egd\" or \"pseudo\""); 132 + + Error("too few entropy; use option \"pseudo\""); 133 + stat = STAT_NORETRY; 134 + } else { 135 + Msg2(level, "%s(): %s", funcname, ERR_error_string(e, buf)); 136 + --- a/xio-openssl.h Sun Jun 23 07:16:48 2013 137 + +++ b/xio-openssl.h Sat Apr 19 15:58:21 2014 138 + @@ -21,7 +21,6 @@ extern const struct optdesc opt_openssl_key; 139 + extern const struct optdesc opt_openssl_dhparam; 140 + extern const struct optdesc opt_openssl_cafile; 141 + extern const struct optdesc opt_openssl_capath; 142 + -extern const struct optdesc opt_openssl_egd; 143 + extern const struct optdesc opt_openssl_pseudo; 144 + #if OPENSSL_VERSION_NUMBER >= 0x00908000L 145 + extern const struct optdesc opt_openssl_compress; 146 + --- a/xioopts.c Sat Jan 24 11:15:22 2015 147 + +++ b/xioopts.c Mon Apr 13 15:06:25 2015 148 + @@ -412,7 +412,6 @@ const struct optname optionnames[] = { 149 + #ifdef ECHOPRT 150 + IF_TERMIOS("echoprt", &opt_echoprt) 151 + #endif 152 + - IF_OPENSSL("egd", &opt_openssl_egd) 153 + IF_ANY ("end-close", &opt_end_close) 154 + IF_TERMIOS("eof", &opt_veof) 155 + IF_TERMIOS("eol", &opt_veol) 156 + @@ -1102,7 +1101,6 @@ const struct optname optionnames[] = { 157 + IF_OPENSSL("openssl-compress", &opt_openssl_compress) 158 + #endif 159 + IF_OPENSSL("openssl-dhparam", &opt_openssl_dhparam) 160 + - IF_OPENSSL("openssl-egd", &opt_openssl_egd) 161 + #if WITH_FIPS 162 + IF_OPENSSL("openssl-fips", &opt_openssl_fips) 163 + #endif 164 + --- a/xioopts.h Sat Jan 24 11:15:22 2015 165 + +++ b/xioopts.h Mon Apr 13 15:06:25 2015 166 + @@ -478,7 +478,6 @@ enum e_optcode { 167 + OPT_OPENSSL_COMPRESS, 168 + #endif 169 + OPT_OPENSSL_DHPARAM, 170 + - OPT_OPENSSL_EGD, 171 + OPT_OPENSSL_FIPS, 172 + OPT_OPENSSL_KEY, 173 + OPT_OPENSSL_METHOD,

+4 -1

pkgs/top-level/all-packages.nix

··· 6672 }; 6673 6674 glib = callPackage ../development/libraries/glib { }; 6675 - glib-tested = glib.override { doCheck = true; }; # checked version separate to break cycles 6676 glibmm = callPackage ../development/libraries/glibmm { }; 6677 6678 glib_networking = callPackage ../development/libraries/glib-networking {};

··· 6672 }; 6673 6674 glib = callPackage ../development/libraries/glib { }; 6675 + glib-tested = glib.override { # checked version separate to break cycles 6676 + doCheck = true; 6677 + libffi = libffi.override { doCheck = true; }; 6678 + }; 6679 glibmm = callPackage ../development/libraries/glibmm { }; 6680 6681 glib_networking = callPackage ../development/libraries/glib-networking {};