commit df7337ebb4be987e10635d81485e06f6d2843946

pyrox.dev / nixpkgs

lol

fork atom

Merge pull request #166456 from mweinelt/isc-dhcp

dhcp: 4.4.2-P1 -> 4.4.3 and make client & relay support optional

authored by

Lassulus and committed by

GitHub 3 years ago df7337eb adc7fbbc

+18 -24

4 changed files

expand all

unified split

nixos

modules

services

networking

networkmanager.nix

pkgs

os-specific

linux

pipework

default.nix

tools

networking

dhcp

default.nix

networkmanager

default.nix

+1 -2

nixos/modules/services/networking/networkmanager.nix

··· 250 250 }; 251 251 252 252 dhcp = mkOption { 253 - type = types.enum [ "dhclient" "dhcpcd" "internal" ]; 253 + type = types.enum [ "dhcpcd" "internal" ]; 254 254 default = "internal"; 255 255 description = '' 256 256 Which program (or internal library) should be used for DHCP. ··· 489 489 "d /etc/ipsec.d 0700 root root -" 490 490 "d /var/lib/NetworkManager-fortisslvpn 0700 root root -" 491 491 492 - "d /var/lib/dhclient 0755 root root -" 493 492 "d /var/lib/misc 0755 root root -" # for dnsmasq.leases 494 493 ]; 495 494

+2 -2

pkgs/os-specific/linux/pipework/default.nix

··· 1 1 { stdenv, lib, fetchFromGitHub, makeWrapper 2 - , bridge-utils, iproute2, lxc, openvswitch, docker, busybox, dhcpcd, dhcp 2 + , bridge-utils, iproute2, lxc, openvswitch, docker, busybox, dhcpcd 3 3 }: 4 4 5 5 stdenv.mkDerivation { ··· 15 15 installPhase = '' 16 16 install -D pipework $out/bin/pipework 17 17 wrapProgram $out/bin/pipework --prefix PATH : \ 18 - ${lib.makeBinPath [ bridge-utils iproute2 lxc openvswitch docker busybox dhcpcd dhcp ]}; 18 + ${lib.makeBinPath [ bridge-utils iproute2 lxc openvswitch docker busybox dhcpcd ]}; 19 19 ''; 20 20 meta = with lib; { 21 21 description = "Software-Defined Networking tools for LXC";

+11 -16

pkgs/tools/networking/dhcp/default.nix

··· 1 1 { stdenv, fetchurl, fetchpatch, perl, file, nettools, iputils, iproute2, makeWrapper 2 2 , coreutils, gnused, openldap ? null 3 3 , buildPackages, lib 4 + 5 + # client and relay are end of life, remove after 4.4.3 6 + , withClient ? false 7 + , withRelay ? false 4 8 }: 5 9 6 10 stdenv.mkDerivation rec { 7 11 pname = "dhcp"; 8 - version = "4.4.2-P1"; 12 + version = "4.4.3"; 9 13 10 14 src = fetchurl { 11 15 url = "https://ftp.isc.org/isc/dhcp/${version}/${pname}-${version}.tar.gz"; 12 - sha256 = "06jsr0cg5rsmyibshrpcb9za0qgwvqccashdma7mlm1rflrh8pmh"; 16 + sha256 = "sha256-Dj7GtMKgXsAUiHS82ZmmbQVRg3jXdCH2B/sLydATWBg="; 13 17 }; 14 18 15 19 patches = ··· 18 22 # patch, the hostname doesn't get set properly if the old 19 23 # hostname (i.e. before reboot) is equal to the new hostname. 20 24 ./set-hostname.patch 21 - 22 - (fetchpatch { 23 - # upstream build fix against -fno-common compilers like >=gcc-10 24 - url = "https://gitlab.isc.org/isc-projects/dhcp/-/commit/6c7e61578b1b449272dbb40dd8b98d03dad8a57a.patch"; 25 - sha256 = "1g37ix0yf9zza8ri8bg438ygcjviniblfyb20y4gzc8lysy28m8b"; 26 - }) 27 - 28 - # Fix parallel build failure, the patch is pending upstream inclusion: 29 - # https://gitlab.isc.org/isc-projects/dhcp/-/merge_requests/76 30 - (fetchpatch { 31 - name = "parallel-make.patch"; 32 - url = "https://gitlab.isc.org/isc-projects/dhcp/-/commit/46d101b97c5a3b19a3f63f7b60e5f88994a64e22.patch"; 33 - sha256 = "1y3nsmqjzcg4bhp1xmqp47v7rkl3bpcildkx6mlrg255yvxapmdp"; 34 - }) 35 25 ]; 36 26 37 27 nativeBuildInputs = [ perl makeWrapper ]; ··· 77 67 --replace /sbin/ip ${iproute2}/sbin/ip 78 68 wrapProgram "$out/sbin/dhclient-script" --prefix PATH : \ 79 69 "${nettools}/bin:${nettools}/sbin:${iputils}/bin:${coreutils}/bin:${gnused}/bin" 70 + '' + lib.optionalString (!withClient) '' 71 + rm $out/sbin/{dhclient,dhclient-script,.dhclient-script-wrapped} 72 + '' + lib.optionalString (!withRelay) '' 73 + rm $out/sbin/dhcrelay 80 74 ''; 81 75 82 76 preConfigure = ··· 103 97 homepage = "https://www.isc.org/dhcp/"; 104 98 license = licenses.mpl20; 105 99 platforms = platforms.unix; 100 + knownVulnerabilities = lib.optional (withClient || withRelay) "The client and relay component of the dhcp package have reached their end of life"; 106 101 }; 107 102 }

+4 -4

pkgs/tools/networking/networkmanager/default.nix

··· 12 12 , polkit 13 13 , gnutls 14 14 , ppp 15 - , dhcp 15 + , dhcpcd 16 16 , iptables 17 17 , nftables 18 18 , python3 ··· 96 96 "-Dresolvconf=${openresolv}/bin/resolvconf" 97 97 98 98 # DHCP clients 99 - "-Ddhclient=${dhcp}/bin/dhclient" 100 - # Upstream prefers dhclient, so don't add dhcpcd to the closure 101 - "-Ddhcpcd=no" 99 + # ISC DHCP client has reached it's end of life, so stop using it 100 + "-Ddhclient=no" 101 + "-Ddhcpcd=${dhcpcd}/bin/dhcpcd" 102 102 "-Ddhcpcanon=no" 103 103 104 104 # Miscellaneous