pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #166456 from mweinelt/isc-dhcp

dhcp: 4.4.2-P1 -> 4.4.3 and make client & relay support optional

authored by

Lassulus and committed by
GitHub df7337eb adc7fbbc

+18 -24
unified split
+1 -2
nixos/modules/services/networking/networkmanager.nix
··· 250 }; 251 252 dhcp = mkOption { 253 - type = types.enum [ "dhclient" "dhcpcd" "internal" ]; 254 default = "internal"; 255 description = '' 256 Which program (or internal library) should be used for DHCP. ··· 489 "d /etc/ipsec.d 0700 root root -" 490 "d /var/lib/NetworkManager-fortisslvpn 0700 root root -" 491 492 - "d /var/lib/dhclient 0755 root root -" 493 "d /var/lib/misc 0755 root root -" # for dnsmasq.leases 494 ]; 495
··· 250 }; 251 252 dhcp = mkOption { 253 + type = types.enum [ "dhcpcd" "internal" ]; 254 default = "internal"; 255 description = '' 256 Which program (or internal library) should be used for DHCP. ··· 489 "d /etc/ipsec.d 0700 root root -" 490 "d /var/lib/NetworkManager-fortisslvpn 0700 root root -" 491 492 "d /var/lib/misc 0755 root root -" # for dnsmasq.leases 493 ]; 494
+2 -2
pkgs/os-specific/linux/pipework/default.nix
··· 1 { stdenv, lib, fetchFromGitHub, makeWrapper 2 - , bridge-utils, iproute2, lxc, openvswitch, docker, busybox, dhcpcd, dhcp 3 }: 4 5 stdenv.mkDerivation { ··· 15 installPhase = '' 16 install -D pipework $out/bin/pipework 17 wrapProgram $out/bin/pipework --prefix PATH : \ 18 - ${lib.makeBinPath [ bridge-utils iproute2 lxc openvswitch docker busybox dhcpcd dhcp ]}; 19 ''; 20 meta = with lib; { 21 description = "Software-Defined Networking tools for LXC";
··· 1 { stdenv, lib, fetchFromGitHub, makeWrapper 2 + , bridge-utils, iproute2, lxc, openvswitch, docker, busybox, dhcpcd 3 }: 4 5 stdenv.mkDerivation { ··· 15 installPhase = '' 16 install -D pipework $out/bin/pipework 17 wrapProgram $out/bin/pipework --prefix PATH : \ 18 + ${lib.makeBinPath [ bridge-utils iproute2 lxc openvswitch docker busybox dhcpcd ]}; 19 ''; 20 meta = with lib; { 21 description = "Software-Defined Networking tools for LXC";
+11 -16
pkgs/tools/networking/dhcp/default.nix
··· 1 { stdenv, fetchurl, fetchpatch, perl, file, nettools, iputils, iproute2, makeWrapper 2 , coreutils, gnused, openldap ? null 3 , buildPackages, lib 4 }: 5 6 stdenv.mkDerivation rec { 7 pname = "dhcp"; 8 - version = "4.4.2-P1"; 9 10 src = fetchurl { 11 url = "https://ftp.isc.org/isc/dhcp/${version}/${pname}-${version}.tar.gz"; 12 - sha256 = "06jsr0cg5rsmyibshrpcb9za0qgwvqccashdma7mlm1rflrh8pmh"; 13 }; 14 15 patches = ··· 18 # patch, the hostname doesn't get set properly if the old 19 # hostname (i.e. before reboot) is equal to the new hostname. 20 ./set-hostname.patch 21 - 22 - (fetchpatch { 23 - # upstream build fix against -fno-common compilers like >=gcc-10 24 - url = "https://gitlab.isc.org/isc-projects/dhcp/-/commit/6c7e61578b1b449272dbb40dd8b98d03dad8a57a.patch"; 25 - sha256 = "1g37ix0yf9zza8ri8bg438ygcjviniblfyb20y4gzc8lysy28m8b"; 26 - }) 27 - 28 - # Fix parallel build failure, the patch is pending upstream inclusion: 29 - # https://gitlab.isc.org/isc-projects/dhcp/-/merge_requests/76 30 - (fetchpatch { 31 - name = "parallel-make.patch"; 32 - url = "https://gitlab.isc.org/isc-projects/dhcp/-/commit/46d101b97c5a3b19a3f63f7b60e5f88994a64e22.patch"; 33 - sha256 = "1y3nsmqjzcg4bhp1xmqp47v7rkl3bpcildkx6mlrg255yvxapmdp"; 34 - }) 35 ]; 36 37 nativeBuildInputs = [ perl makeWrapper ]; ··· 77 --replace /sbin/ip ${iproute2}/sbin/ip 78 wrapProgram "$out/sbin/dhclient-script" --prefix PATH : \ 79 "${nettools}/bin:${nettools}/sbin:${iputils}/bin:${coreutils}/bin:${gnused}/bin" 80 ''; 81 82 preConfigure = ··· 103 homepage = "https://www.isc.org/dhcp/"; 104 license = licenses.mpl20; 105 platforms = platforms.unix; 106 }; 107 }
··· 1 { stdenv, fetchurl, fetchpatch, perl, file, nettools, iputils, iproute2, makeWrapper 2 , coreutils, gnused, openldap ? null 3 , buildPackages, lib 4 + 5 + # client and relay are end of life, remove after 4.4.3 6 + , withClient ? false 7 + , withRelay ? false 8 }: 9 10 stdenv.mkDerivation rec { 11 pname = "dhcp"; 12 + version = "4.4.3"; 13 14 src = fetchurl { 15 url = "https://ftp.isc.org/isc/dhcp/${version}/${pname}-${version}.tar.gz"; 16 + sha256 = "sha256-Dj7GtMKgXsAUiHS82ZmmbQVRg3jXdCH2B/sLydATWBg="; 17 }; 18 19 patches = ··· 22 # patch, the hostname doesn't get set properly if the old 23 # hostname (i.e. before reboot) is equal to the new hostname. 24 ./set-hostname.patch 25 ]; 26 27 nativeBuildInputs = [ perl makeWrapper ]; ··· 67 --replace /sbin/ip ${iproute2}/sbin/ip 68 wrapProgram "$out/sbin/dhclient-script" --prefix PATH : \ 69 "${nettools}/bin:${nettools}/sbin:${iputils}/bin:${coreutils}/bin:${gnused}/bin" 70 + '' + lib.optionalString (!withClient) '' 71 + rm $out/sbin/{dhclient,dhclient-script,.dhclient-script-wrapped} 72 + '' + lib.optionalString (!withRelay) '' 73 + rm $out/sbin/dhcrelay 74 ''; 75 76 preConfigure = ··· 97 homepage = "https://www.isc.org/dhcp/"; 98 license = licenses.mpl20; 99 platforms = platforms.unix; 100 + knownVulnerabilities = lib.optional (withClient || withRelay) "The client and relay component of the dhcp package have reached their end of life"; 101 }; 102 }
+4 -4
pkgs/tools/networking/networkmanager/default.nix
··· 12 , polkit 13 , gnutls 14 , ppp 15 - , dhcp 16 , iptables 17 , nftables 18 , python3 ··· 96 "-Dresolvconf=${openresolv}/bin/resolvconf" 97 98 # DHCP clients 99 - "-Ddhclient=${dhcp}/bin/dhclient" 100 - # Upstream prefers dhclient, so don't add dhcpcd to the closure 101 - "-Ddhcpcd=no" 102 "-Ddhcpcanon=no" 103 104 # Miscellaneous
··· 12 , polkit 13 , gnutls 14 , ppp 15 + , dhcpcd 16 , iptables 17 , nftables 18 , python3 ··· 96 "-Dresolvconf=${openresolv}/bin/resolvconf" 97 98 # DHCP clients 99 + # ISC DHCP client has reached it's end of life, so stop using it 100 + "-Ddhclient=no" 101 + "-Ddhcpcd=${dhcpcd}/bin/dhcpcd" 102 "-Ddhcpcanon=no" 103 104 # Miscellaneous