tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / development / libraries / libsoup / default.nix
at flake-libs 146 lines 3.9 kB view raw
1{ 2 stdenv, 3 lib, 4 fetchurl, 5 fetchpatch, 6 glib, 7 libxml2, 8 meson, 9 ninja, 10 pkg-config, 11 gnome, 12 libsysprof-capture, 13 gobject-introspection, 14 vala, 15 libpsl, 16 brotli, 17 gnomeSupport ? true, 18 sqlite, 19 buildPackages, 20 withIntrospection ? 21 lib.meta.availableOn stdenv.hostPlatform gobject-introspection 22 && stdenv.hostPlatform.emulatorAvailable buildPackages, 23}: 24 25stdenv.mkDerivation rec { 26 pname = "libsoup"; 27 version = "2.74.3"; 28 29 outputs = [ 30 "out" 31 "dev" 32 ]; 33 34 src = fetchurl { 35 url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; 36 sha256 = "sha256-5Ld8Qc/EyMWgNfzcMgx7xs+3XvfFoDQVPfFBP6HZLxM="; 37 }; 38 39 patches = [ 40 (fetchpatch { 41 name = "CVE-2024-52530.patch"; 42 url = "https://gitlab.gnome.org/GNOME/libsoup/-/commit/04df03bc092ac20607f3e150936624d4f536e68b.patch"; 43 hash = "sha256-WRLiW2B/xxr3hW0nmeRNrXtZL44S0nTptPRdTqBV8Iw="; 44 }) 45 (fetchpatch { 46 name = "CVE-2024-52531_1.patch"; 47 url = "https://git.launchpad.net/ubuntu/+source/libsoup2.4/patch/?id=4ce2f2dc8ba0c458edce0f039a087fb3ac57787e"; 48 hash = "sha256-wg1qz8xHcnTiinBTF0ECMkrsD8W6M4IbiKGgbJ1gp9o="; 49 }) 50 (fetchpatch { 51 name = "CVE-2024-52531_2.patch"; 52 url = "https://git.launchpad.net/ubuntu/+source/libsoup2.4/patch/?id=5866d63aed3500700c5f1d2868ff689bb2ba8b82"; 53 hash = "sha256-e/VXtKX+agCw+ESGbgQ83NaVNbB3jLTxL7+VgNGbZ7U="; 54 }) 55 (fetchpatch { 56 name = "CVE-2024-52532_1.patch"; 57 url = "https://git.launchpad.net/ubuntu/+source/libsoup2.4/patch/?id=98e096a0d2142e3c63de2cca7d4023f9c52ed2c6"; 58 hash = "sha256-h7k+HpcKlsVYlAONxTOiupMhsMkf2v246ouxLejurcY="; 59 }) 60 (fetchpatch { 61 name = "CVE-2024-52532_2.patch"; 62 url = "https://git.launchpad.net/ubuntu/+source/libsoup2.4/patch/?id=030e72420e8271299c324273f393d92f6d4bb53e"; 63 hash = "sha256-0BEJpEKgjmKACf53lHMglxhmevKsSXR4ejEoTtr4wII="; 64 }) 65 ]; 66 67 depsBuildBuild = [ 68 pkg-config 69 ]; 70 71 nativeBuildInputs = 72 [ 73 meson 74 ninja 75 pkg-config 76 glib 77 ] 78 ++ lib.optionals withIntrospection [ 79 gobject-introspection 80 vala 81 ]; 82 83 buildInputs = 84 [ 85 sqlite 86 libpsl 87 glib.out 88 brotli 89 ] 90 ++ lib.optionals stdenv.hostPlatform.isLinux [ 91 libsysprof-capture 92 ]; 93 94 propagatedBuildInputs = [ 95 glib 96 libxml2 97 ]; 98 99 mesonFlags = 100 [ 101 "-Dtls_check=false" # glib-networking is a runtime dependency, not a compile-time dependency 102 "-Dgssapi=disabled" 103 "-Dvapi=${if withIntrospection then "enabled" else "disabled"}" 104 "-Dintrospection=${if withIntrospection then "enabled" else "disabled"}" 105 "-Dgnome=${lib.boolToString gnomeSupport}" 106 "-Dntlm=disabled" 107 ] 108 ++ lib.optionals (!stdenv.hostPlatform.isLinux) [ 109 "-Dsysprof=disabled" 110 ]; 111 112 env.NIX_CFLAGS_COMPILE = "-lpthread"; 113 114 doCheck = false; # ERROR:../tests/socket-test.c:37:do_unconnected_socket_test: assertion failed (res == SOUP_STATUS_OK): (2 == 200) 115 separateDebugInfo = true; 116 117 postPatch = '' 118 # fixes finding vapigen when cross-compiling 119 # the commit is in 3.0.6 120 # https://gitlab.gnome.org/GNOME/libsoup/-/commit/5280e936d0a76f94dbc5d8489cfbdc0a06343f65 121 substituteInPlace meson.build \ 122 --replace "required: vapi_opt)" "required: vapi_opt, native: false)" 123 124 patchShebangs libsoup/ 125 ''; 126 127 passthru = { 128 updateScript = gnome.updateScript { 129 attrPath = "libsoup_2_4"; 130 packageName = pname; 131 versionPolicy = "odd-unstable"; 132 freeze = true; 133 }; 134 }; 135 136 meta = { 137 description = "HTTP client/server library for GNOME"; 138 homepage = "https://gitlab.gnome.org/GNOME/libsoup"; 139 license = lib.licenses.lgpl2Plus; 140 inherit (glib.meta) maintainers platforms teams; 141 pkgConfigModules = [ 142 "libsoup-2.4" 143 "libsoup-gnome-2.4" 144 ]; 145 }; 146}