pyrox.dev
Merge #297657: gnutls: 3.8.3 -> 3.8.4 (medium security)
...into staging
+14
-5
pkgs/development/libraries/gnutls/default.nix
+14
-5
pkgs/development/libraries/gnutls/default.nix
···
1
-
{ config
2
-
, lib
1
+
{ lib
3
2
, stdenv
4
3
, fetchurl
4
+
, fetchpatch2
5
5
, zlib
6
6
, lzo
7
7
, libtasn1
···
57
57
58
58
stdenv.mkDerivation rec {
59
59
pname = "gnutls";
60
-
version = "3.8.3";
60
+
version = "3.8.4";
61
61
62
62
src = fetchurl {
63
63
url = "mirror://gnupg/gnutls/v${lib.versions.majorMinor version}/gnutls-${version}.tar.xz";
64
-
hash = "sha256-90/FlUsn1Oxt+7Ed6ph4iLWxJCiaNwOvytoO5SD0Fz4=";
64
+
hash = "sha256-K+pOFUeU8/ABgPoqXFH+iwBax6Mc1YvUTN+n8268Ops=";
65
65
};
66
66
67
67
outputs = [ "bin" "dev" "out" ]
···
73
73
74
74
patches = [
75
75
./nix-ssl-cert-file.patch
76
+
# Revert https://gitlab.com/gnutls/gnutls/-/merge_requests/1800
77
+
# dlopen isn't as easy in NixPkgs, as noticed in tests broken by this.
78
+
# Without getting the libs into RPATH they won't be found.
79
+
(fetchpatch2 {
80
+
name = "revert-dlopen-compression.patch";
81
+
url = "https://gitlab.com/gnutls/gnutls/-/commit/8584908d6b679cd4e7676de437117a793e18347c.diff";
82
+
revert = true;
83
+
hash = "sha256-r/+Gmwqy0Yc1LHL/PdPLXlErUBC5JxquLzCBAN3LuRM=";
84
+
})
76
85
];
77
86
78
87
# Skip some tests:
···
112
121
++ lib.optional (withP11-kit) p11-kit
113
122
++ lib.optional (tpmSupport && stdenv.isLinux) trousers;
114
123
115
-
nativeBuildInputs = [ perl pkg-config texinfo ]
124
+
nativeBuildInputs = [ perl pkg-config texinfo ] ++ [ autoconf automake ]
116
125
++ lib.optionals doCheck [ which nettools util-linux ];
117
126
118
127
propagatedBuildInputs = [ nettle ]