diff --git a/doc/languages-frameworks/ruby.xml b/doc/languages-frameworks/ruby.xml
index a2b4475a4a54..d81422b610ee 100644
--- a/doc/languages-frameworks/ruby.xml
+++ b/doc/languages-frameworks/ruby.xml
@@ -42,5 +42,37 @@ and scalable.";
Please check in the Gemfile, Gemfile.lock and the gemset.nix so future updates can be run easily.
+Resulting derivations also have two helpful items, env and wrapper. The first one allows one to quickly drop into
+nix-shell with the specified environment present. E.g. nix-shell -A sensu.env would give you an environment with Ruby preset
+so it has all the libraries necessary for sensu in its paths. The second one can be used to make derivations from custom Ruby scripts which have
+Gemfiles with their dependencies specified. It is a derivation with ruby wrapped so it can find all the needed dependencies.
+For example, to make a derivation my-script for a my-script.rb (which should be placed in bin) you should
+run bundix as specified above and then use bundlerEnv lile this:
+
+
+
+
+
diff --git a/nixos/doc/manual/release-notes/rl-unstable.xml b/nixos/doc/manual/release-notes/rl-unstable.xml
index a4f25cdc51f5..c2d1563e0a5d 100644
--- a/nixos/doc/manual/release-notes/rl-unstable.xml
+++ b/nixos/doc/manual/release-notes/rl-unstable.xml
@@ -169,10 +169,34 @@ fileSystems."/example" = {
options = [ "noatime" "compress=lzo" "space_cache" "autodefrag" ];
};
-
+
+ CUPS, installed by services.printing module, now
+ has its data directory in /var/lib/cups. Old
+ configurations from /etc/cups are moved there
+ automatically, but there might be problems. Also configuration options
+ services.printing.cupsdConf and
+ services.printing.cupsdFilesConf were removed
+ because they had been allowing one to override configuration variables
+ required for CUPS to work at all on NixOS. For most use cases,
+ services.printing.extraConf and new option
+ services.printing.extraFilesConf should be enough;
+ if you encounter a situation when they are not, please file a bug.
+
+ There are also Gutenprint improvements; in particular, a new option
+ services.printing.gutenprint is added to enable automatic
+ updating of Gutenprint PPMs; it's greatly recommended to enable it instead
+ of adding gutenprint to the drivers list.
+
+
+
+
+ services.xserver.vaapiDrivers has been removed. Use
+ services.hardware.opengl.extraPackages{,32} instead. You can
+ also specify VDPAU drivers there.
+
diff --git a/nixos/modules/config/fonts/fontconfig.nix b/nixos/modules/config/fonts/fontconfig.nix
index be6662decea6..e078a75b295c 100644
--- a/nixos/modules/config/fonts/fontconfig.nix
+++ b/nixos/modules/config/fonts/fontconfig.nix
@@ -129,6 +129,14 @@ with lib;
};
+ cache32Bit = mkOption {
+ default = false;
+ type = types.bool;
+ description = ''
+ Generate system fonts cache for 32-bit applications.
+ '';
+ };
+
};
};
@@ -231,12 +239,19 @@ with lib;
"${pkgs.fontconfig}/etc/fonts/fonts.conf";
environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/00-nixos.conf".text =
- ''
+ let
+ cache = fontconfig: pkgs.makeFontsCache { inherit fontconfig; fontDirectories = config.fonts.fonts; };
+ in ''
${concatStringsSep "\n" (map (font: "${font}") config.fonts.fonts)}
+
+ ${cache pkgs.fontconfig}
+ ${optionalString (pkgs.stdenv.isx86_64 && config.fonts.fontconfig.cache32Bit) ''
+ ${cache pkgs.pkgsi686Linux.fontconfig}
+ ''}
'';
diff --git a/nixos/modules/hardware/opengl.nix b/nixos/modules/hardware/opengl.nix
index 7693bd5bb453..d3b146be6b33 100644
--- a/nixos/modules/hardware/opengl.nix
+++ b/nixos/modules/hardware/opengl.nix
@@ -10,7 +10,7 @@ let
videoDrivers = config.services.xserver.videoDrivers;
- makePackage = p: p.buildEnv {
+ makePackage = p: pkgs.buildEnv {
name = "mesa-drivers+txc-${p.mesa_drivers.version}";
paths =
[ p.mesa_drivers
@@ -19,6 +19,16 @@ let
];
};
+ package = pkgs.buildEnv {
+ name = "opengl-drivers";
+ paths = [ cfg.package ] ++ cfg.extraPackages;
+ };
+
+ package32 = pkgs.buildEnv {
+ name = "opengl-drivers-32bit";
+ paths = [ cfg.package32 ] ++ cfg.extraPackages32;
+ };
+
in
{
@@ -75,11 +85,32 @@ in
internal = true;
description = ''
The package that provides the 32-bit OpenGL implementation on
- 64-bit systems. Used when is
+ 64-bit systems. Used when is
set.
'';
};
+ hardware.opengl.extraPackages = mkOption {
+ type = types.listOf types.package;
+ default = [];
+ example = literalExample "with pkgs; [ vaapiIntel libvdpau-va-gl vaapiVdpau ]";
+ description = ''
+ Additional packages to add to OpenGL drivers. This can be used
+ to add additional VA-API/VDPAU drivers.
+ '';
+ };
+
+ hardware.opengl.extraPackages32 = mkOption {
+ type = types.listOf types.package;
+ default = [];
+ example = literalExample "with pkgs; [ vaapiIntel libvdpau-va-gl vaapiVdpau ]";
+ description = ''
+ Additional packages to add to 32-bit OpenGL drivers on
+ 64-bit systems. Used when is
+ set. This can be used to add additional VA-API/VDPAU drivers.
+ '';
+ };
+
};
config = mkIf cfg.enable {
@@ -91,11 +122,11 @@ in
system.activationScripts.setup-opengl =
''
- ln -sfn ${cfg.package} /run/opengl-driver
+ ln -sfn ${package} /run/opengl-driver
${if pkgs.stdenv.isi686 then ''
ln -sfn opengl-driver /run/opengl-driver-32
'' else if cfg.driSupport32Bit then ''
- ln -sfn ${cfg.package32} /run/opengl-driver-32
+ ln -sfn ${package32} /run/opengl-driver-32
'' else ''
rm -f /run/opengl-driver-32
''}
diff --git a/nixos/modules/installer/tools/auto-upgrade.nix b/nixos/modules/installer/tools/auto-upgrade.nix
index 4ef5fa8bc1d4..2da330f9b571 100644
--- a/nixos/modules/installer/tools/auto-upgrade.nix
+++ b/nixos/modules/installer/tools/auto-upgrade.nix
@@ -74,7 +74,7 @@ let cfg = config.system.autoUpgrade; in
serviceConfig.Type = "oneshot";
environment = config.nix.envVars //
- { inherit (config.environment.sessionVariables) NIX_PATH SSL_CERT_FILE;
+ { inherit (config.environment.sessionVariables) NIX_PATH;
HOME = "/root";
};
diff --git a/nixos/modules/programs/venus.nix b/nixos/modules/programs/venus.nix
index c3756b4838c7..76827eeced6f 100644
--- a/nixos/modules/programs/venus.nix
+++ b/nixos/modules/programs/venus.nix
@@ -165,7 +165,6 @@ in
script = "exec venus-planet ${configFile}";
serviceConfig.User = "${cfg.user}";
serviceConfig.Group = "${cfg.group}";
- environment.SSL_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt";
startAt = cfg.dates;
};
diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix
index 010d44c40d19..6e10b47f03cc 100644
--- a/nixos/modules/rename.nix
+++ b/nixos/modules/rename.nix
@@ -77,6 +77,7 @@ with lib;
(mkRenamedOptionModule [ "services" "xserver" "driSupport32Bit" ] [ "hardware" "opengl" "driSupport32Bit" ])
(mkRenamedOptionModule [ "services" "xserver" "s3tcSupport" ] [ "hardware" "opengl" "s3tcSupport" ])
(mkRenamedOptionModule [ "hardware" "opengl" "videoDrivers" ] [ "services" "xserver" "videoDrivers" ])
+ (mkRenamedOptionModule [ "services" "xserver" "vaapiDrivers" ] [ "hardware" "opengl" "extraPackages" ])
(mkRenamedOptionModule [ "services" "mysql55" ] [ "services" "mysql" ])
@@ -99,6 +100,8 @@ with lib;
(mkRemovedOptionModule [ "services" "syslog-ng" "listenToJournal" ])
(mkRemovedOptionModule [ "ec2" "metadata" ])
(mkRemovedOptionModule [ "services" "openvpn" "enable" ])
+ (mkRemovedOptionModule [ "services" "printing" "cupsFilesConf" ])
+ (mkRemovedOptionModule [ "services" "printing" "cupsdConf" ])
];
}
diff --git a/nixos/modules/security/ca.nix b/nixos/modules/security/ca.nix
index 98d73ed25426..8bd634b10a51 100644
--- a/nixos/modules/security/ca.nix
+++ b/nixos/modules/security/ca.nix
@@ -64,12 +64,6 @@ in
# CentOS/Fedora compatibility.
environment.etc."pki/tls/certs/ca-bundle.crt".source = caCertificates;
- environment.sessionVariables =
- { SSL_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt";
- # FIXME: unneeded - remove eventually.
- GIT_SSL_CAINFO = "/etc/ssl/certs/ca-certificates.crt";
- };
-
};
}
diff --git a/nixos/modules/services/continuous-integration/jenkins/default.nix b/nixos/modules/services/continuous-integration/jenkins/default.nix
index d6ae4b45ceef..cfb1cd773c7f 100644
--- a/nixos/modules/services/continuous-integration/jenkins/default.nix
+++ b/nixos/modules/services/continuous-integration/jenkins/default.nix
@@ -92,11 +92,12 @@ in {
type = with types; attrsOf str;
description = ''
Additional environment variables to be passed to the jenkins process.
- As a base environment, jenkins receives NIX_PATH, SSL_CERT_FILE and
- GIT_SSL_CAINFO from ,
- NIX_REMOTE is set to "daemon" and JENKINS_HOME is set to
- the value of . This option has
- precedence and can be used to override those mentioned variables.
+ As a base environment, jenkins receives NIX_PATH from
+ , NIX_REMOTE is set to
+ "daemon" and JENKINS_HOME is set to the value of
+ .
+ This option has precedence and can be used to override those
+ mentioned variables.
'';
};
@@ -136,11 +137,7 @@ in {
environment =
let
selectedSessionVars =
- lib.filterAttrs (n: v: builtins.elem n
- [ "NIX_PATH"
- "SSL_CERT_FILE"
- "GIT_SSL_CAINFO"
- ])
+ lib.filterAttrs (n: v: builtins.elem n [ "NIX_PATH" ])
config.environment.sessionVariables;
in
selectedSessionVars //
diff --git a/nixos/modules/services/monitoring/dd-agent.nix b/nixos/modules/services/monitoring/dd-agent.nix
index ed9be73ba65b..bd8d9950f77c 100644
--- a/nixos/modules/services/monitoring/dd-agent.nix
+++ b/nixos/modules/services/monitoring/dd-agent.nix
@@ -183,7 +183,6 @@ in {
Restart = "always";
RestartSec = 2;
};
- environment.SSL_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt";
restartTriggers = [ pkgs.dd-agent ddConf diskConfig networkConfig postgresqlConfig nginxConfig mongoConfig ];
};
diff --git a/nixos/modules/services/networking/ddclient.nix b/nixos/modules/services/networking/ddclient.nix
index e60520c742bd..c5dd1e71c189 100644
--- a/nixos/modules/services/networking/ddclient.nix
+++ b/nixos/modules/services/networking/ddclient.nix
@@ -127,7 +127,6 @@ in
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
- environment.SSL_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt";
serviceConfig = {
# Uncomment this if too many problems occur:
# Type = "forking";
diff --git a/nixos/modules/services/printing/cupsd.nix b/nixos/modules/services/printing/cupsd.nix
index 0fe25b66da08..98fb33e3256c 100644
--- a/nixos/modules/services/printing/cupsd.nix
+++ b/nixos/modules/services/printing/cupsd.nix
@@ -4,10 +4,13 @@ with lib;
let
- inherit (pkgs) cups cups_filters;
+ inherit (pkgs) cups cups-pk-helper cups_filters gutenprint;
cfg = config.services.printing;
+ avahiEnabled = config.services.avahi.enable;
+ polkitEnabled = config.security.polkit.enable;
+
additionalBackends = pkgs.runCommand "additional-cups-backends" { }
''
mkdir -p $out
@@ -30,12 +33,75 @@ let
# cupsd.conf tells cupsd to use this tree.
bindir = pkgs.buildEnv {
name = "cups-progs";
- paths = cfg.drivers;
- pathsToLink = [ "/lib/cups" "/share/cups" "/bin" "/etc/cups" ];
+ paths =
+ [ cups additionalBackends cups_filters pkgs.ghostscript ]
+ ++ optional cfg.gutenprint gutenprint
+ ++ cfg.drivers;
+ pathsToLink = [ "/lib/cups" "/share/cups" "/bin" ];
postBuild = cfg.bindirCmds;
ignoreCollisions = true;
};
+ writeConf = name: text: pkgs.writeTextFile {
+ inherit name text;
+ destination = "/etc/cups/${name}";
+ };
+
+ cupsFilesFile = writeConf "cups-files.conf" ''
+ SystemGroup root wheel
+
+ ServerBin ${bindir}/lib/cups
+ DataDir ${bindir}/share/cups
+
+ AccessLog syslog
+ ErrorLog syslog
+ PageLog syslog
+
+ TempDir ${cfg.tempDir}
+
+ # User and group used to run external programs, including
+ # those that actually send the job to the printer. Note that
+ # Udev sets the group of printer devices to `lp', so we want
+ # these programs to run as `lp' as well.
+ User cups
+ Group lp
+
+ ${cfg.extraFilesConf}
+ '';
+
+ cupsdFile = writeConf "cupsd.conf" ''
+ ${concatMapStrings (addr: ''
+ Listen ${addr}
+ '') cfg.listenAddresses}
+ Listen /var/run/cups/cups.sock
+
+ SetEnv PATH ${bindir}/lib/cups/filter:${bindir}/bin
+
+ DefaultShared ${if cfg.defaultShared then "Yes" else "No"}
+
+ Browsing ${if cfg.browsing then "Yes" else "No"}
+
+ WebInterface ${if cfg.webInterface then "Yes" else "No"}
+
+ ${cfg.extraConf}
+ '';
+
+ browsedFile = writeConf "cups-browsed.conf" cfg.browsedConf;
+
+ rootdir = pkgs.buildEnv {
+ name = "cups-progs";
+ paths = [
+ cupsFilesFile
+ cupsdFile
+ (writeConf "client.conf" cfg.clientConf)
+ (writeConf "snmp.conf" cfg.snmpConf)
+ ] ++ optional avahiEnabled browsedFile
+ ++ optional cfg.gutenprint gutenprint
+ ++ cfg.drivers;
+ pathsToLink = [ "/etc/cups" ];
+ ignoreCollisions = true;
+ };
+
in
{
@@ -96,25 +162,11 @@ in
'';
};
- cupsdConf = mkOption {
- type = types.lines;
- default = "";
- example =
- ''
- BrowsePoll cups.example.com
- LogLevel debug
- '';
- description = ''
- The contents of the configuration file of the CUPS daemon
- (cupsd.conf).
- '';
- };
-
- cupsFilesConf = mkOption {
+ extraFilesConf = mkOption {
type = types.lines;
default = "";
description = ''
- The contents of the configuration file of the CUPS daemon
+ Extra contents of the configuration file of the CUPS daemon
(cups-files.conf).
'';
};
@@ -171,8 +223,18 @@ in
'';
};
+ gutenprint = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Whether to enable Gutenprint drivers for CUPS. This includes auto-updating
+ Gutenprint PPD files.
+ '';
+ };
+
drivers = mkOption {
type = types.listOf types.path;
+ default = [];
example = literalExample "[ pkgs.splix ]";
description = ''
CUPS drivers to use. Drivers provided by CUPS, cups-filters, Ghostscript
@@ -204,15 +266,10 @@ in
description = "CUPS printing services";
};
- environment.systemPackages = [ cups ];
+ environment.systemPackages = [ cups ] ++ optional polkitEnabled cups-pk-helper;
+ environment.etc."cups".source = "/var/lib/cups";
- environment.etc."cups/client.conf".text = cfg.clientConf;
- environment.etc."cups/cups-files.conf".text = cfg.cupsFilesConf;
- environment.etc."cups/cupsd.conf".text = cfg.cupsdConf;
- environment.etc."cups/cups-browsed.conf".text = cfg.browsedConf;
- environment.etc."cups/snmp.conf".text = cfg.snmpConf;
-
- services.dbus.packages = [ cups ];
+ services.dbus.packages = [ cups ] ++ optional polkitEnabled cups-pk-helper;
# Cups uses libusb to talk to printers, and does not use the
# linux kernel driver. If the driver is not in a black list, it
@@ -230,19 +287,35 @@ in
preStart =
''
- mkdir -m 0755 -p /etc/cups
mkdir -m 0700 -p /var/cache/cups
mkdir -m 0700 -p /var/spool/cups
mkdir -m 0755 -p ${cfg.tempDir}
- '';
- restartTriggers =
- [ config.environment.etc."cups/cups-files.conf".source
- config.environment.etc."cups/cupsd.conf".source
- ];
+ mkdir -m 0755 -p /var/lib/cups
+ # Backwards compatibility
+ if [ ! -L /etc/cups ]; then
+ mv /etc/cups/* /var/lib/cups
+ rmdir /etc/cups
+ ln -s /var/lib/cups /etc/cups
+ fi
+ # First, clean existing symlinks
+ if [ -n "$(ls /var/lib/cups)" ]; then
+ for i in /var/lib/cups/*; do
+ [ -L "$i" ] && rm "$i"
+ done
+ fi
+ # Then, populate it with static files
+ cd ${rootdir}/etc/cups
+ for i in *; do
+ [ ! -e "/var/lib/cups/$i" ] && ln -s "${rootdir}/etc/cups/$i" "/var/lib/cups/$i"
+ done
+ ${optionalString cfg.gutenprint ''
+ ${gutenprint}/bin/cups-genppdupdate
+ ''}
+ '';
};
- systemd.services.cups-browsed = mkIf config.services.avahi.enable
+ systemd.services.cups-browsed = mkIf avahiEnabled
{ description = "CUPS Remote Printer Discovery";
wantedBy = [ "multi-user.target" ];
@@ -255,54 +328,13 @@ in
serviceConfig.ExecStart = "${cups_filters}/bin/cups-browsed";
- restartTriggers =
- [ config.environment.etc."cups/cups-browsed.conf".source
- ];
+ restartTriggers = [ browsedFile ];
};
- services.printing.drivers =
- [ cups pkgs.ghostscript pkgs.cups_filters additionalBackends
- pkgs.perl pkgs.coreutils pkgs.gnused pkgs.bc pkgs.gawk pkgs.gnugrep
- ];
-
- services.printing.cupsFilesConf =
- ''
- SystemGroup root wheel
-
- ServerBin ${bindir}/lib/cups
- DataDir ${bindir}/share/cups
-
- AccessLog syslog
- ErrorLog syslog
- PageLog syslog
-
- TempDir ${cfg.tempDir}
-
- # User and group used to run external programs, including
- # those that actually send the job to the printer. Note that
- # Udev sets the group of printer devices to `lp', so we want
- # these programs to run as `lp' as well.
- User cups
- Group lp
- '';
-
- services.printing.cupsdConf =
+ services.printing.extraConf =
''
LogLevel info
- ${concatMapStrings (addr: ''
- Listen ${addr}
- '') cfg.listenAddresses}
- Listen /var/run/cups/cups.sock
-
- SetEnv PATH ${bindir}/lib/cups/filter:${bindir}/bin:${bindir}/sbin
-
- DefaultShared ${if cfg.defaultShared then "Yes" else "No"}
-
- Browsing ${if cfg.browsing then "Yes" else "No"}
-
- WebInterface ${if cfg.webInterface then "Yes" else "No"}
-
DefaultAuthType Basic
@@ -343,8 +375,6 @@ in
Order deny,allow
-
- ${cfg.extraConf}
'';
security.pam.services.cups = {};
diff --git a/nixos/modules/services/x11/display-managers/default.nix b/nixos/modules/services/x11/display-managers/default.nix
index 87f3a4837a69..bfe975b162b6 100644
--- a/nixos/modules/services/x11/display-managers/default.nix
+++ b/nixos/modules/services/x11/display-managers/default.nix
@@ -16,13 +16,6 @@ let
cfg = config.services.xserver;
xorg = pkgs.xorg;
- vaapiDrivers = pkgs.buildEnv {
- name = "vaapi-drivers";
- paths = cfg.vaapiDrivers;
- # We only want /lib/dri, but with a single input path, we need "/" for it to work
- pathsToLink = [ "/" ];
- };
-
fontconfig = config.fonts.fontconfig;
xresourcesXft = pkgs.writeText "Xresources-Xft" ''
${optionalString (fontconfig.dpi != 0) ''Xft.dpi: ${toString fontconfig.dpi}''}
@@ -104,8 +97,6 @@ let
${xorg.xrdb}/bin/xrdb -merge ~/.Xdefaults
fi
- export LIBVA_DRIVERS_PATH=${vaapiDrivers}/lib/dri
-
# Speed up application start by 50-150ms according to
# http://kdemonkey.blogspot.nl/2008/04/magic-trick.html
rm -rf $HOME/.compose-cache
diff --git a/nixos/modules/services/x11/xserver.nix b/nixos/modules/services/x11/xserver.nix
index 68745ba8197a..653c97d7e6fa 100644
--- a/nixos/modules/services/x11/xserver.nix
+++ b/nixos/modules/services/x11/xserver.nix
@@ -216,15 +216,6 @@ in
'';
};
- vaapiDrivers = mkOption {
- type = types.listOf types.path;
- default = [ ];
- example = literalExample "[ pkgs.vaapiIntel pkgs.vaapiVdpau ]";
- description = ''
- Packages providing libva acceleration drivers.
- '';
- };
-
startGnuPGAgent = mkOption {
type = types.bool;
default = false;
diff --git a/nixos/modules/virtualisation/azure-agent.nix b/nixos/modules/virtualisation/azure-agent.nix
index 96418d61ff85..4fbc8fd3511c 100644
--- a/nixos/modules/virtualisation/azure-agent.nix
+++ b/nixos/modules/virtualisation/azure-agent.nix
@@ -157,12 +157,6 @@ in
after = [ "ip-up.target" ];
wants = [ "ip-up.target" ];
- environment = {
- GIT_SSL_CAINFO = "/etc/ssl/certs/ca-certificates.crt";
- OPENSSL_X509_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt";
- SSL_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt";
- };
-
path = [ pkgs.e2fsprogs ];
description = "Windows Azure Agent Service";
unitConfig.ConditionPathExists = "/etc/waagent.conf";
diff --git a/pkgs/applications/graphics/gimp/2.8.nix b/pkgs/applications/graphics/gimp/2.8.nix
index 954a1d4c19c9..96d6dbd52857 100644
--- a/pkgs/applications/graphics/gimp/2.8.nix
+++ b/pkgs/applications/graphics/gimp/2.8.nix
@@ -27,6 +27,8 @@ stdenv.mkDerivation rec {
#configureFlags = [ "--disable-print" ];
+ enableParallelBuilding = true;
+
# "screenshot" needs this.
NIX_LDFLAGS = "-rpath ${xorg.libX11}/lib"
+ stdenv.lib.optionalString stdenv.isDarwin " -lintl";
diff --git a/pkgs/applications/networking/cluster/panamax/api/default.nix b/pkgs/applications/networking/cluster/panamax/api/default.nix
index 6e20f7c23038..ee74e665b0c7 100644
--- a/pkgs/applications/networking/cluster/panamax/api/default.nix
+++ b/pkgs/applications/networking/cluster/panamax/api/default.nix
@@ -62,7 +62,6 @@ stdenv.mkDerivation rec {
--prefix "PATH" : "$out/share/panamax-api/bin:${env.ruby}/bin:$PATH" \
--prefix "HOME" : "$out/share/panamax-api" \
--prefix "GEM_HOME" : "${env}/${env.ruby.gemPath}" \
- --prefix "SSL_CERT_FILE" : /etc/ssl/certs/ca-certificates.crt \
--prefix "GEM_PATH" : "$out/share/panamax-api:${bundler}/${env.ruby.gemPath}"
'';
diff --git a/pkgs/applications/networking/instant-messengers/tkabber/default.nix b/pkgs/applications/networking/instant-messengers/tkabber/default.nix
index f9209f28cf20..9c84e60601bb 100644
--- a/pkgs/applications/networking/instant-messengers/tkabber/default.nix
+++ b/pkgs/applications/networking/instant-messengers/tkabber/default.nix
@@ -40,11 +40,7 @@ let
} // removeAttrs attrs [ "name" "sha256" ]);
in mkTkabber (main // {
- postPatch = ''
- substituteInPlace login.tcl --replace \
- "custom::defvar loginconf(sslcacertstore) \"\"" \
- "custom::defvar loginconf(sslcacertstore) \$env(SSL_CERT_FILE)"
- '' + optionalString (theme != null) ''
+ postPatch = optionalString (theme != null) ''
themePath="$out/share/doc/tkabber/examples/xrdb/${theme}.xrdb"
sed -i '/^if.*load_default_xrdb/,/^}$/ {
s@option readfile \(\[fullpath [^]]*\]\)@option readfile "'"$themePath"'"@
diff --git a/pkgs/applications/version-management/git-and-tools/git/cert-path.patch b/pkgs/applications/version-management/git-and-tools/git/cert-path.patch
deleted file mode 100644
index 7d5dca9abfeb..000000000000
--- a/pkgs/applications/version-management/git-and-tools/git/cert-path.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -ru -x '*~' git-1.9.2-orig/git-send-email.perl git-1.9.2/git-send-email.perl
---- git-1.9.2-orig/git-send-email.perl 2014-04-09 21:09:34.000000000 +0200
-+++ git-1.9.2/git-send-email.perl 2014-04-16 18:35:05.861132282 +0200
-@@ -1094,6 +1094,8 @@
- return;
- }
-
-+ $smtp_ssl_cert_path //= $ENV{'SSL_CERT_FILE'};
-+
- if (!defined $smtp_ssl_cert_path) {
- # use the OpenSSL defaults
- return (SSL_verify_mode => SSL_VERIFY_PEER());
diff --git a/pkgs/applications/version-management/git-and-tools/git/default.nix b/pkgs/applications/version-management/git-and-tools/git/default.nix
index 2c07f540ecec..53c9dc84dfbf 100644
--- a/pkgs/applications/version-management/git-and-tools/git/default.nix
+++ b/pkgs/applications/version-management/git-and-tools/git/default.nix
@@ -24,8 +24,6 @@ stdenv.mkDerivation {
patches = [
./docbook2texi.patch
./symlinks-in-bin.patch
- ./cert-path.patch
- ./ssl-cert-file.patch
];
buildInputs = [curl openssl zlib expat gettext cpio makeWrapper libiconv]
diff --git a/pkgs/applications/version-management/git-and-tools/git/ssl-cert-file.patch b/pkgs/applications/version-management/git-and-tools/git/ssl-cert-file.patch
deleted file mode 100644
index dd216b7bf6f8..000000000000
--- a/pkgs/applications/version-management/git-and-tools/git/ssl-cert-file.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-This patch adds support for the OpenSSL SSL_CERT_FILE environment variable.
-GIT_SSL_CAINFO still takes precedence.
-
---- git-orig/http.c.orig 2014-11-25 23:27:56.000000000 +0100
-+++ git-orig/http.c 2014-11-25 23:28:48.000000000 +0100
-@@ -433,6 +433,7 @@
- #if LIBCURL_VERSION_NUM >= 0x070908
- set_from_env(&ssl_capath, "GIT_SSL_CAPATH");
- #endif
-+ set_from_env(&ssl_cainfo, "SSL_CERT_FILE");
- set_from_env(&ssl_cainfo, "GIT_SSL_CAINFO");
-
- set_from_env(&user_agent, "GIT_HTTP_USER_AGENT");
diff --git a/pkgs/build-support/cc-wrapper/add-flags b/pkgs/build-support/cc-wrapper/add-flags
index d48361539047..5634c82aa285 100644
--- a/pkgs/build-support/cc-wrapper/add-flags
+++ b/pkgs/build-support/cc-wrapper/add-flags
@@ -1,11 +1,11 @@
-# `-B@out@/bin' forces gcc to use ld-wrapper.sh when calling ld.
+# `-B@out@/bin' forces cc to use ld-wrapper.sh when calling ld.
export NIX_CFLAGS_COMPILE="-B@out@/bin/ $NIX_CFLAGS_COMPILE"
if [ -e @out@/nix-support/libc-cflags ]; then
export NIX_CFLAGS_COMPILE="$(cat @out@/nix-support/libc-cflags) $NIX_CFLAGS_COMPILE"
fi
-if [ -e @out@/nix-support/gcc-cflags ]; then
+if [ -e @out@/nix-support/cc-cflags ]; then
export NIX_CFLAGS_COMPILE="$(cat @out@/nix-support/cc-cflags) $NIX_CFLAGS_COMPILE"
fi
@@ -17,7 +17,7 @@ if [ -e @out@/nix-support/libc-ldflags ]; then
export NIX_LDFLAGS+=" $(cat @out@/nix-support/libc-ldflags)"
fi
-if [ -e @out@/nix-support/gcc-ldflags ]; then
+if [ -e @out@/nix-support/cc-ldflags ]; then
export NIX_LDFLAGS+=" $(cat @out@/nix-support/cc-ldflags)"
fi
diff --git a/pkgs/build-support/cc-wrapper/cc-wrapper.sh b/pkgs/build-support/cc-wrapper/cc-wrapper.sh
index 5bd59f8c5850..6e12a0d8bc8f 100644
--- a/pkgs/build-support/cc-wrapper/cc-wrapper.sh
+++ b/pkgs/build-support/cc-wrapper/cc-wrapper.sh
@@ -1,4 +1,8 @@
#! @shell@ -e
+path_backup="$PATH"
+if [ -n "@coreutils@" ]; then
+ PATH="@coreutils@/bin:@gnugrep@/bin"
+fi
if [ -n "$NIX_CC_WRAPPER_START_HOOK" ]; then
source "$NIX_CC_WRAPPER_START_HOOK"
@@ -141,4 +145,5 @@ if [ -n "$NIX_CC_WRAPPER_EXEC_HOOK" ]; then
source "$NIX_CC_WRAPPER_EXEC_HOOK"
fi
+PATH="$path_backup"
exec @prog@ ${extraBefore[@]} "${params[@]}" "${extraAfter[@]}"
diff --git a/pkgs/build-support/cc-wrapper/default.nix b/pkgs/build-support/cc-wrapper/default.nix
index bea7e07a2029..110f51891417 100644
--- a/pkgs/build-support/cc-wrapper/default.nix
+++ b/pkgs/build-support/cc-wrapper/default.nix
@@ -9,13 +9,14 @@
, cc ? null, libc ? null, binutils ? null, coreutils ? null, shell ? stdenv.shell
, zlib ? null, extraPackages ? [], extraBuildCommands ? ""
, dyld ? null # TODO: should this be a setup-hook on dyld?
-, isGNU ? false, isClang ? cc.isClang or false
+, isGNU ? false, isClang ? cc.isClang or false, gnugrep ? null
}:
with stdenv.lib;
assert nativeTools -> nativePrefix != "";
-assert !nativeTools -> cc != null && binutils != null && coreutils != null;
+assert !nativeTools ->
+ cc != null && binutils != null && coreutils != null && gnugrep != null;
assert !nativeLibc -> libc != null;
# For ghdl (the vhdl language provider to gcc) we need zlib in the wrapper.
@@ -37,9 +38,11 @@ stdenv.mkDerivation {
inherit cc shell;
libc = if nativeLibc then null else libc;
- binutils = if nativeTools then null else binutils;
- # The wrapper scripts use 'cat', so we may need coreutils.
- coreutils = if nativeTools then null else coreutils;
+ binutils = if nativeTools then "" else binutils;
+ # The wrapper scripts use 'cat' and 'grep', so we may need coreutils
+ # and gnugrep.
+ coreutils = if nativeTools then "" else coreutils;
+ gnugrep = if nativeTools then "" else gnugrep;
passthru = { inherit nativeTools nativeLibc nativePrefix isGNU isClang; };
diff --git a/pkgs/build-support/cc-wrapper/gnat-wrapper.sh b/pkgs/build-support/cc-wrapper/gnat-wrapper.sh
index 3514ccd67325..ae46b40ac631 100644
--- a/pkgs/build-support/cc-wrapper/gnat-wrapper.sh
+++ b/pkgs/build-support/cc-wrapper/gnat-wrapper.sh
@@ -1,4 +1,8 @@
#! @shell@ -e
+path_backup="$PATH"
+if [ -n "@coreutils@" ]; then
+ PATH="@coreutils@/bin"
+fi
if [ -n "$NIX_GNAT_WRAPPER_START_HOOK" ]; then
source "$NIX_GNAT_WRAPPER_START_HOOK"
@@ -100,4 +104,5 @@ if [ -n "$NIX_GNAT_WRAPPER_EXEC_HOOK" ]; then
source "$NIX_GNAT_WRAPPER_EXEC_HOOK"
fi
+PATH="$path_backup"
exec @prog@ ${extraBefore[@]} "${params[@]}" ${extraAfter[@]}
diff --git a/pkgs/build-support/cc-wrapper/ld-wrapper.sh b/pkgs/build-support/cc-wrapper/ld-wrapper.sh
index 30c531b76479..6ef06eb70348 100644
--- a/pkgs/build-support/cc-wrapper/ld-wrapper.sh
+++ b/pkgs/build-support/cc-wrapper/ld-wrapper.sh
@@ -1,4 +1,8 @@
#! @shell@ -e
+path_backup="$PATH"
+if [ -n "@coreutils@" ]; then
+ PATH="@coreutils@/bin"
+fi
if [ -n "$NIX_LD_WRAPPER_START_HOOK" ]; then
source "$NIX_LD_WRAPPER_START_HOOK"
@@ -163,4 +167,5 @@ if [ -n "$NIX_LD_WRAPPER_EXEC_HOOK" ]; then
source "$NIX_LD_WRAPPER_EXEC_HOOK"
fi
+PATH="$path_backup"
exec @prog@ ${extraBefore[@]} "${params[@]}" ${extra[@]}
diff --git a/pkgs/build-support/gcc-wrapper-old/add-flags b/pkgs/build-support/gcc-wrapper-old/add-flags
index 7714a6305739..93da917a5415 100644
--- a/pkgs/build-support/gcc-wrapper-old/add-flags
+++ b/pkgs/build-support/gcc-wrapper-old/add-flags
@@ -1,12 +1,12 @@
-# `-B@out@/bin' forces gcc to use ld-wrapper.sh when calling ld.
+# `-B@out@/bin' forces cc to use ld-wrapper.sh when calling ld.
export NIX_CFLAGS_COMPILE="-B@out@/bin/ $NIX_CFLAGS_COMPILE"
if test -e @out@/nix-support/libc-cflags; then
export NIX_CFLAGS_COMPILE="$(cat @out@/nix-support/libc-cflags) $NIX_CFLAGS_COMPILE"
fi
-if test -e @out@/nix-support/gcc-cflags; then
- export NIX_CFLAGS_COMPILE="$(cat @out@/nix-support/gcc-cflags) $NIX_CFLAGS_COMPILE"
+if test -e @out@/nix-support/cc-cflags; then
+ export NIX_CFLAGS_COMPILE="$(cat @out@/nix-support/cc-cflags) $NIX_CFLAGS_COMPILE"
fi
if test -e @out@/nix-support/gnat-cflags; then
@@ -17,8 +17,8 @@ if test -e @out@/nix-support/libc-ldflags; then
export NIX_LDFLAGS="$NIX_LDFLAGS $(cat @out@/nix-support/libc-ldflags)"
fi
-if test -e @out@/nix-support/gcc-ldflags; then
- export NIX_LDFLAGS="$NIX_LDFLAGS $(cat @out@/nix-support/gcc-ldflags)"
+if test -e @out@/nix-support/cc-ldflags; then
+ export NIX_LDFLAGS="$NIX_LDFLAGS $(cat @out@/nix-support/cc-ldflags)"
fi
if test -e @out@/nix-support/libc-ldflags-before; then
diff --git a/pkgs/build-support/gcc-wrapper-old/builder.sh b/pkgs/build-support/gcc-wrapper-old/builder.sh
index 59cdd3f84ad2..7bb487096145 100644
--- a/pkgs/build-support/gcc-wrapper-old/builder.sh
+++ b/pkgs/build-support/gcc-wrapper-old/builder.sh
@@ -45,7 +45,7 @@ else
if [ -n "$langVhdl" ]; then
gccLDFlags="$gccLDFlags -L$zlib/lib"
fi
- echo "$gccLDFlags" > $out/nix-support/gcc-ldflags
+ echo "$gccLDFlags" > $out/nix-support/cc-ldflags
# GCC shows $gcc/lib in `gcc -print-search-dirs', but not
# $gcc/lib64 (even though it does actually search there...)..
@@ -63,7 +63,7 @@ else
gnatCFlags="-aI$basePath/adainclude -aO$basePath/adalib"
echo "$gnatCFlags" > $out/nix-support/gnat-cflags
fi
- echo "$gccCFlags" > $out/nix-support/gcc-cflags
+ echo "$gccCFlags" > $out/nix-support/cc-cflags
gccPath="$gcc/bin"
# On Illumos/Solaris we might prefer native ld
diff --git a/pkgs/build-support/rust/fetchcargo.nix b/pkgs/build-support/rust/fetchcargo.nix
index 95eefbedc327..7910887ba640 100644
--- a/pkgs/build-support/rust/fetchcargo.nix
+++ b/pkgs/build-support/rust/fetchcargo.nix
@@ -16,8 +16,6 @@ stdenv.mkDerivation {
outputHashMode = "recursive";
outputHash = sha256;
- SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
-
impureEnvVars = [ "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" ];
preferLocalBuild = true;
}
diff --git a/pkgs/build-support/setup-hooks/set-source-date-epoch-to-latest.sh b/pkgs/build-support/setup-hooks/set-source-date-epoch-to-latest.sh
index 9e325106f821..fe3458cd21e8 100644
--- a/pkgs/build-support/setup-hooks/set-source-date-epoch-to-latest.sh
+++ b/pkgs/build-support/setup-hooks/set-source-date-epoch-to-latest.sh
@@ -27,5 +27,7 @@ updateSourceDateEpoch() {
postUnpackHooks+=(_updateSourceDateEpochFromSourceRoot)
_updateSourceDateEpochFromSourceRoot() {
- updateSourceDateEpoch "$sourceRoot"
+ if [ -n "$sourceRoot" ]; then
+ updateSourceDateEpoch "$sourceRoot"
+ fi
}
diff --git a/pkgs/development/compilers/gcc/4.9/default.nix b/pkgs/development/compilers/gcc/4.9/default.nix
index add9b30fb629..9e4823966cf3 100644
--- a/pkgs/development/compilers/gcc/4.9/default.nix
+++ b/pkgs/development/compilers/gcc/4.9/default.nix
@@ -71,8 +71,10 @@ let version = "4.9.3";
# The GNAT Makefiles did not pay attention to CFLAGS_FOR_TARGET for its
# target libraries and tools.
++ optional langAda ../gnat-cflags.patch
- ++ optional langFortran ../gfortran-driving.patch;
-
+ ++ optional langFortran ../gfortran-driving.patch
+ # The NXConstStr.patch can be removed at 4.9.4
+ ++ optional stdenv.isDarwin ../gfortran-darwin-NXConstStr.patch;
+
javaEcj = fetchurl {
# The `$(top_srcdir)/ecj.jar' file is automatically picked up at
# `configure' time.
diff --git a/pkgs/development/compilers/gcc/builder.sh b/pkgs/development/compilers/gcc/builder.sh
index dd77c67a023e..6d9e93138737 100644
--- a/pkgs/development/compilers/gcc/builder.sh
+++ b/pkgs/development/compilers/gcc/builder.sh
@@ -24,7 +24,7 @@ if test "$noSysDirs" = "1"; then
# Figure out what extra flags to pass to the gcc compilers
# being generated to make sure that they use our glibc.
extraFlags="$(cat $NIX_CC/nix-support/libc-cflags)"
- extraLDFlags="$(cat $NIX_CC/nix-support/libc-ldflags) $(cat $NIX_CC/nix-support/libc-ldflags-before)"
+ extraLDFlags="$(cat $NIX_CC/nix-support/libc-ldflags) $(cat $NIX_CC/nix-support/libc-ldflags-before || true)"
# Use *real* header files, otherwise a limits.h is generated
# that does not include Glibc's limits.h (notably missing
diff --git a/pkgs/development/compilers/gcc/gfortran-darwin-NXConstStr.patch b/pkgs/development/compilers/gcc/gfortran-darwin-NXConstStr.patch
new file mode 100644
index 000000000000..a7e158ca364b
--- /dev/null
+++ b/pkgs/development/compilers/gcc/gfortran-darwin-NXConstStr.patch
@@ -0,0 +1,27 @@
+From 82f81877458ea372176eabb5de36329431dce99b Mon Sep 17 00:00:00 2001
+From: Iain Sandoe
+Date: Sat, 21 Dec 2013 00:30:18 +0000
+Subject: [PATCH] don't try to mark local symbols as no-dead-strip
+
+---
+ gcc/config/darwin.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/gcc/config/darwin.c b/gcc/config/darwin.c
+index 40804b8..0080299 100644
+--- a/gcc/config/darwin.c
++++ b/gcc/config/darwin.c
+@@ -1259,6 +1259,11 @@ darwin_encode_section_info (tree decl, rtx rtl, int first ATTRIBUTE_UNUSED)
+ void
+ darwin_mark_decl_preserved (const char *name)
+ {
++ /* Actually we shouldn't mark any local symbol this way, but for now
++ this only happens with ObjC meta-data. */
++ if (darwin_label_is_anonymous_local_objc_name (name))
++ return;
++
+ fprintf (asm_out_file, "\t.no_dead_strip ");
+ assemble_name (asm_out_file, name);
+ fputc ('\n', asm_out_file);
+--
+2.2.1
diff --git a/pkgs/development/interpreters/ruby/bundler-env/default.nix b/pkgs/development/interpreters/ruby/bundler-env/default.nix
index c7570d815e3b..0c9ed40d3f82 100644
--- a/pkgs/development/interpreters/ruby/bundler-env/default.nix
+++ b/pkgs/development/interpreters/ruby/bundler-env/default.nix
@@ -65,8 +65,24 @@ let
"${bundler}/${ruby.gemPath}" \
${shellEscape (toString envPaths)}
'' + lib.optionalString (postBuild != null) postBuild;
- passthru = {
+ passthru = rec {
inherit ruby bundler meta gems;
+
+ wrappedRuby = stdenv.mkDerivation {
+ name = "wrapped-ruby-${name}";
+ nativeBuildInputs = [ makeWrapper ];
+ buildCommand = ''
+ mkdir -p $out/bin
+ for i in ${ruby}/bin/*; do
+ makeWrapper "$i" $out/bin/$(basename "$i") \
+ --set BUNDLE_GEMFILE ${confFiles}/Gemfile \
+ --set BUNDLE_PATH ${bundlerEnv}/${ruby.gemPath} \
+ --set GEM_HOME ${bundlerEnv}/${ruby.gemPath} \
+ --set GEM_PATH ${bundlerEnv}/${ruby.gemPath}
+ done
+ '';
+ };
+
env = let
irbrc = builtins.toFile "irbrc" ''
if !(ENV["OLD_IRBRC"].nil? || ENV["OLD_IRBRC"].empty?)
@@ -77,12 +93,8 @@ let
'';
in stdenv.mkDerivation {
name = "interactive-${name}-environment";
- nativeBuildInputs = [ ruby bundlerEnv ];
+ nativeBuildInputs = [ wrappedRuby bundlerEnv ];
shellHook = ''
- export BUNDLE_GEMFILE=${confFiles}/Gemfile
- export BUNDLE_PATH=${bundlerEnv}/${ruby.gemPath}
- export GEM_HOME=${bundlerEnv}/${ruby.gemPath}
- export GEM_PATH=${bundlerEnv}/${ruby.gemPath}
export OLD_IRBRC="$IRBRC"
export IRBRC=${irbrc}
'';
diff --git a/pkgs/development/libraries/SDL/default.nix b/pkgs/development/libraries/SDL/default.nix
index 1c7d13471ff6..7ca594e9bc4a 100644
--- a/pkgs/development/libraries/SDL/default.nix
+++ b/pkgs/development/libraries/SDL/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, pkgconfig, audiofile, libcap
+{ stdenv, fetchurl, fetchpatch, pkgconfig, audiofile, libcap
, openglSupport ? false, mesa ? null
, alsaSupport ? true, alsaLib ? null
, x11Support ? true, xlibsWrapper ? null, libXrandr ? null
@@ -60,34 +60,49 @@ stdenv.mkDerivation rec {
"--without-x"
] ++ stdenv.lib.optional alsaSupport "--with-alsa-prefix=${alsaLib}/lib");
- # Fix a build failure on OS X Mavericks
- # Ticket: https://bugzilla.libsdl.org/show_bug.cgi?id=2085
- patches = stdenv.lib.optional stdenv.isDarwin [ (fetchurl {
- url = "http://bugzilla-attachments.libsdl.org/attachment.cgi?id=1320";
- sha1 = "3137feb503a89a8d606405373905b92dcf7e293b";
- }) ];
+ patches = [
+ # Fix window resizing issues, e.g. for xmonad
+ # Ticket: http://bugzilla.libsdl.org/show_bug.cgi?id=1430
+ (fetchpatch {
+ name = "fix_window_resizing.diff";
+ url = "https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=10;filename=fix_window_resizing.diff;att=2;bug=665779";
+ sha256 = "1z35azc73vvi19pzi6byck31132a8w1vzrghp1x3hy4a4f9z4gc6";
+ })
+ # Fix drops of keyboard events for SDL_EnableUNICODE
+ (fetchpatch {
+ url = "http://hg.libsdl.org/SDL/raw-rev/0aade9c0203f";
+ sha256 = "1y9izncjlqvk1mkz1pkl9lrk9s452cmg2izjjlqqrhbn8279xy50";
+ })
+ # Ignore insane joystick axis events
+ (fetchpatch {
+ url = "http://hg.libsdl.org/SDL/raw-rev/95abff7adcc2";
+ sha256 = "0i8x0kx0pw12ld5bfxhyzs466y3c0n9dscw1ijhq1b96r72xyhqq";
+ })
+ # Workaround X11 bug to allow changing gamma
+ # Ticket: https://bugs.freedesktop.org/show_bug.cgi?id=27222
+ (fetchpatch {
+ url = "http://pkgs.fedoraproject.org/cgit/rpms/SDL.git/plain/SDL-1.2.15-x11-Bypass-SetGammaRamp-when-changing-gamma.patch?id=04a3a7b1bd88c2d5502292fad27e0e02d084698d";
+ sha256 = "0x52s4328kilyq43i7psqkqg7chsfwh0aawr50j566nzd7j51dlv";
+ })
+ # Fix a build failure on OS X Mavericks
+ # Ticket: https://bugzilla.libsdl.org/show_bug.cgi?id=2085
+ (fetchpatch {
+ url = "http://hg.libsdl.org/SDL/raw-rev/e9466ead70e5";
+ sha256 = "0mpwdi09h89df2wxqw87m1rdz7pr46k0w6alk691k8kwv970z6pl";
+ })
+ (fetchpatch {
+ url = "http://hg.libsdl.org/SDL/raw-rev/bbfb41c13a87";
+ sha256 = "1336g7waaf1c8yhkz11xbs500h8bmvabh4h437ax8l1xdwcppfxv";
+ })
+ ];
- crossAttrs =stdenv.lib.optionalAttrs (stdenv.cross.libc == "libSystem") {
- patches = let
- f = rev: sha256: fetchurl {
- url = "http://hg.libsdl.org/SDL/raw-rev/${rev}";
- inherit sha256;
- };
- in [
- (f "e9466ead70e5" "0ygir3k83d0vxp7s3k48jn3j8n2bnv9wm6613wpx3ybnjrxabrip")
- (f "bbfb41c13a87" "17v29ybjifvka19m8qf14rjc43nfdwk9v9inaizznarhb17amlnv")
- ];
- postPatch = ''
- sed -i -e 's/ *-fpascal-strings//' configure
- '';
- };
-
- passthru = {inherit openglSupport;};
+ passthru = { inherit openglSupport; };
meta = with stdenv.lib; {
description = "A cross-platform multimedia library";
homepage = http://www.libsdl.org/;
maintainers = with maintainers; [ lovek323 ];
platforms = platforms.unix;
+ license = licenses.lgpl21;
};
}
diff --git a/pkgs/development/libraries/fontconfig-ultimate/confd.nix b/pkgs/development/libraries/fontconfig-ultimate/confd.nix
index e522cead8220..160fef5f07e5 100644
--- a/pkgs/development/libraries/fontconfig-ultimate/confd.nix
+++ b/pkgs/development/libraries/fontconfig-ultimate/confd.nix
@@ -1,13 +1,18 @@
-{ stdenv, fetchurl }:
+{ stdenv, fetchFromGitHub }:
+let version = "2015-12-06"; in
stdenv.mkDerivation {
- name = "fontconfig-ultimate-20141123";
- src = fetchurl {
- url = "https://github.com/bohoomil/fontconfig-ultimate/archive/2014-11-23.tar.gz";
- sha256 = "0czfm3hxc41x5mscwrba7p1vhm2w62j1qg7z8kfdrf21z8fvgznw";
+ name = "fontconfig-ultimate-${version}";
+
+ src = fetchFromGitHub {
+ sha256 = "02a811szxkq4q088nxfpdzp6rv0brvgkdhwigk09qffygxd776g6";
+ rev = version;
+ repo = "fontconfig-ultimate";
+ owner = "bohoomil";
};
phases = "$prePhases unpackPhase installPhase $postPhases";
+
installPhase = ''
mkdir -p $out/etc/fonts/conf.d
cp conf.d.infinality/*.conf $out/etc/fonts/conf.d
@@ -22,8 +27,8 @@ stdenv.mkDerivation {
rm $out/etc/fonts/conf.d/83-*.conf
# Inclusion of local and user configs handled by global configuration
- rm $out/etc/fonts/conf.d/97-local.conf
- rm $out/etc/fonts/conf.d/98-user.conf
+ rm $out/etc/fonts/conf.d/29-local.conf
+ rm $out/etc/fonts/conf.d/28-user.conf
cp fontconfig_patches/fonts-settings/*.conf $out/etc/fonts/conf.d
diff --git a/pkgs/development/libraries/fontconfig/make-fonts-cache.nix b/pkgs/development/libraries/fontconfig/make-fonts-cache.nix
new file mode 100644
index 000000000000..1321948c3c81
--- /dev/null
+++ b/pkgs/development/libraries/fontconfig/make-fonts-cache.nix
@@ -0,0 +1,27 @@
+{ runCommand, lib, writeText, fontconfig, fontbhttf, fontDirectories }:
+
+runCommand "fc-cache"
+ rec {
+ buildInputs = [ fontconfig ];
+ passAsFile = [ "fontDirs" ];
+ fontDirs = ''
+
+ ${lib.concatStringsSep "\n" (map (font: "${font}") fontDirectories)}
+ '';
+ }
+ ''
+ export FONTCONFIG_FILE=$(pwd)/fonts.conf
+
+ cat > fonts.conf << EOF
+
+
+
+ ${fontconfig}/etc/fonts/fonts.conf
+ $out
+ EOF
+ cat "$fontDirsPath" >> fonts.conf
+ echo "" >> fonts.conf
+
+ mkdir -p $out
+ fc-cache -sv
+ ''
diff --git a/pkgs/development/libraries/fontconfig/make-fonts-conf.xsl b/pkgs/development/libraries/fontconfig/make-fonts-conf.xsl
index 1b79834c894e..b59fcd0187b8 100644
--- a/pkgs/development/libraries/fontconfig/make-fonts-conf.xsl
+++ b/pkgs/development/libraries/fontconfig/make-fonts-conf.xsl
@@ -23,16 +23,16 @@
-
- /etc/fonts/conf.d
-
- /etc/fonts//conf.d
-
fontconfig
/var/cache/fontconfig
+
+ /etc/fonts/conf.d
+
+ /etc/fonts//conf.d
+
fonts
diff --git a/pkgs/development/libraries/freetype/default.nix b/pkgs/development/libraries/freetype/default.nix
index e9e393075b3e..61d8cb582a01 100644
--- a/pkgs/development/libraries/freetype/default.nix
+++ b/pkgs/development/libraries/freetype/default.nix
@@ -1,16 +1,18 @@
{ stdenv, fetchurl, fetchpatch, pkgconfig, which, zlib, bzip2, libpng, gnumake
+, glib /* passthru only */
+
# FreeType supports sub-pixel rendering. This is patented by
# Microsoft, so it is disabled by default. This option allows it to
# be enabled. See http://www.freetype.org/patents.html.
-, glib/*passthru only*/
, useEncumberedCode ? true
}:
let
- version = "2.5.4";
+ version = "2.6.2";
- fetch_bohoomil = name: sha256: fetchpatch {
- url = https://raw.githubusercontent.com/bohoomil/fontconfig-ultimate/e4c99bcf5ac9595e2c64393c0661377685c0ad24/01_freetype2-iu/ + name;
+ # Don't use fetchpatch. It mangles them. That's an hour I'll never get back.
+ fetchbohoomil = name: sha256: fetchurl {
+ url = https://raw.githubusercontent.com/bohoomil/fontconfig-ultimate/254b688f96d4a37f78fb594303a43160fc15c7cd/freetype/ + name;
inherit sha256;
};
in
@@ -20,15 +22,17 @@ stdenv.mkDerivation rec {
src = fetchurl {
url = "mirror://sourceforge/freetype/${name}.tar.bz2";
- sha256 = "1fxsbk4lp6ymifldzrb86g3x6mz771jmrzphkz92mcrkddk2qkiv";
+ sha256 = "14mqrfgl18q2by1yzv6vcxi97zjy4kppcgsqf312mhfwgkpvvxms";
};
- patches = [ ./enable-validation.patch ] # from Gentoo, bohoomil has the same patch as well
- ++ [ ./fix-pcf.patch ]
+ patches = []
++ optionals useEncumberedCode [
- (fetch_bohoomil "02-ftsmooth-2.5.4.patch" "11w4wb7gwgpijc788mpkxj92d7rfdwrdv7jzrpxwv5w5cgpx9iw9")
- (fetch_bohoomil "03-upstream-2014.12.07.patch" "0gq7y63mg3gc5z69nfkv2kl7xad0bjzsvnl6j1j9q79jjbvaqdq0")
- (fetch_bohoomil "04-infinality-2.5.4-2014.12.07.patch" "1gph7z9s2221gy5dxn01v3lga0m9yib8yqsaqj5km74bqx1vlalh")
+ (fetchbohoomil "01-freetype-2.6.2-enable-valid.patch"
+ "1szq0zha7n41f4pq179wgfkam034mp2xn0xc36sdl5sjp9s9hv08")
+ (fetchbohoomil "02-upstream-2015.12.05.patch"
+ "0781r9n35kpn8db8nma0l47cpkzh0hbp84ziii5sald90dnrqdj4")
+ (fetchbohoomil "03-infinality-2.6.2-2015.12.05.patch"
+ "0wcjf9hiymplgqm3szla633i417pb57vpzzs2dyl1dnmcxgqa2y8")
];
propagatedBuildInputs = [ zlib bzip2 libpng ]; # needed when linking against freetype
@@ -46,10 +50,7 @@ stdenv.mkDerivation rec {
doCheck = true;
- # compat hacks
- postInstall = glib.flattenInclude + ''
- ln -s . "$out"/include/freetype
- '';
+ postInstall = glib.flattenInclude;
crossAttrs = {
# Somehow it calls the unwrapped gcc, "i686-pc-linux-gnu-gcc", instead
diff --git a/pkgs/development/libraries/freetype/enable-validation.patch b/pkgs/development/libraries/freetype/enable-validation.patch
deleted file mode 100644
index 44f3bf6e1c94..000000000000
--- a/pkgs/development/libraries/freetype/enable-validation.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-Enables gxvalid and otvalid modules for use with ftvalid.
-
---- freetype-2.2.1/modules.cfg.orig 2006-07-07 21:01:09.000000000 -0400
-+++ freetype-2.2.1/modules.cfg 2006-07-07 21:01:54.000000000 -0400
-@@ -110,7 +110,7 @@
- AUX_MODULES += cache
-
- # TrueType GX/AAT table validation. Needs ftgxval.c below.
--# AUX_MODULES += gxvalid
-+AUX_MODULES += gxvalid
-
- # Support for streams compressed with gzip (files with suffix .gz).
- #
-@@ -124,7 +124,7 @@
-
- # OpenType table validation. Needs ftotval.c below.
- #
--# AUX_MODULES += otvalid
-+AUX_MODULES += otvalid
-
- # Auxiliary PostScript driver component to share common code.
- #
diff --git a/pkgs/development/libraries/freetype/fix-pcf.patch b/pkgs/development/libraries/freetype/fix-pcf.patch
deleted file mode 100644
index bb301bcd9caa..000000000000
--- a/pkgs/development/libraries/freetype/fix-pcf.patch
+++ /dev/null
@@ -1,132 +0,0 @@
-Upstream fixes for pcf fonts.
-
-http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=74af85c4b62b35e55b0ce9dec55ee10cbc4962a2
-http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=06842c7b49c21f13c0ab61201daab6ff5a358fcc
-
-diff --git a/src/pcf/pcfread.c b/src/pcf/pcfread.c
-index 998cbed..e3caf82 100644
---- a/src/pcf/pcfread.c
-+++ b/src/pcf/pcfread.c
-@@ -2,7 +2,7 @@
-
- FreeType font driver for pcf fonts
-
-- Copyright 2000-2010, 2012, 2013 by
-+ Copyright 2000-2010, 2012-2014 by
- Francesco Zappa Nardelli
-
- Permission is hereby granted, free of charge, to any person obtaining a copy
-@@ -78,7 +78,7 @@ THE SOFTWARE.
- FT_FRAME_START( 16 ),
- FT_FRAME_ULONG_LE( type ),
- FT_FRAME_ULONG_LE( format ),
-- FT_FRAME_ULONG_LE( size ),
-+ FT_FRAME_ULONG_LE( size ), /* rounded up to a multiple of 4 */
- FT_FRAME_ULONG_LE( offset ),
- FT_FRAME_END
- };
-@@ -95,9 +95,11 @@ THE SOFTWARE.
- FT_Memory memory = FT_FACE( face )->memory;
- FT_UInt n;
-
-+ FT_ULong size;
-
-- if ( FT_STREAM_SEEK ( 0 ) ||
-- FT_STREAM_READ_FIELDS ( pcf_toc_header, toc ) )
-+
-+ if ( FT_STREAM_SEEK( 0 ) ||
-+ FT_STREAM_READ_FIELDS( pcf_toc_header, toc ) )
- return FT_THROW( Cannot_Open_Resource );
-
- if ( toc->version != PCF_FILE_VERSION ||
-@@ -154,14 +156,35 @@ THE SOFTWARE.
- break;
- }
-
-- /* we now check whether the `size' and `offset' values are reasonable: */
-- /* `offset' + `size' must not exceed the stream size */
-+ /*
-+ * We now check whether the `size' and `offset' values are reasonable:
-+ * `offset' + `size' must not exceed the stream size.
-+ *
-+ * Note, however, that X11's `pcfWriteFont' routine (used by the
-+ * `bdftopcf' program to create PDF font files) has two special
-+ * features.
-+ *
-+ * - It always assigns the accelerator table a size of 100 bytes in the
-+ * TOC, regardless of its real size, which can vary between 34 and 72
-+ * bytes.
-+ *
-+ * - Due to the way the routine is designed, it ships out the last font
-+ * table with its real size, ignoring the TOC's size value. Since
-+ * the TOC size values are always rounded up to a multiple of 4, the
-+ * difference can be up to three bytes for all tables except the
-+ * accelerator table, for which the difference can be as large as 66
-+ * bytes.
-+ *
-+ */
-+
- tables = face->toc.tables;
-- for ( n = 0; n < toc->count; n++ )
-+ size = stream->size;
-+
-+ for ( n = 0; n < toc->count - 1; n++ )
- {
- /* we need two checks to avoid overflow */
-- if ( ( tables->size > stream->size ) ||
-- ( tables->offset > stream->size - tables->size ) )
-+ if ( ( tables->size > size ) ||
-+ ( tables->offset > size - tables->size ) )
- {
- error = FT_THROW( Invalid_Table );
- goto Exit;
-@@ -169,6 +192,15 @@ THE SOFTWARE.
- tables++;
- }
-
-+ /* no check of `tables->size' for last table element ... */
-+ if ( ( tables->offset > size ) )
-+ {
-+ error = FT_THROW( Invalid_Table );
-+ goto Exit;
-+ }
-+ /* ... instead, we adjust `tables->size' to the real value */
-+ tables->size = size - tables->offset;
-+
- #ifdef FT_DEBUG_LEVEL_TRACE
-
- {
-@@ -733,8 +765,8 @@ THE SOFTWARE.
-
- FT_TRACE4(( " number of bitmaps: %d\n", nbitmaps ));
-
-- /* XXX: PCF_Face->nmetrics is singed FT_Long, see pcf.h */
-- if ( face->nmetrics < 0 || nbitmaps != ( FT_ULong )face->nmetrics )
-+ /* XXX: PCF_Face->nmetrics is signed FT_Long, see pcf.h */
-+ if ( face->nmetrics < 0 || nbitmaps != (FT_ULong)face->nmetrics )
- return FT_THROW( Invalid_File_Format );
-
- if ( FT_NEW_ARRAY( offsets, nbitmaps ) )
-diff --git a/src/pcf/pcfread.c b/src/pcf/pcfread.c
-index e3caf82..a29a9e3 100644
---- a/src/pcf/pcfread.c
-+++ b/src/pcf/pcfread.c
-@@ -192,14 +192,15 @@ THE SOFTWARE.
- tables++;
- }
-
-- /* no check of `tables->size' for last table element ... */
-+ /* only check `tables->offset' for last table element ... */
- if ( ( tables->offset > size ) )
- {
- error = FT_THROW( Invalid_Table );
- goto Exit;
- }
-- /* ... instead, we adjust `tables->size' to the real value */
-- tables->size = size - tables->offset;
-+ /* ... and adjust `tables->size' to the real value if necessary */
-+ if ( tables->size > size - tables->offset )
-+ tables->size = size - tables->offset;
-
- #ifdef FT_DEBUG_LEVEL_TRACE
-
diff --git a/pkgs/development/libraries/gnutls/generic.nix b/pkgs/development/libraries/gnutls/generic.nix
index ebaef47ca140..e51b77eb5b07 100644
--- a/pkgs/development/libraries/gnutls/generic.nix
+++ b/pkgs/development/libraries/gnutls/generic.nix
@@ -16,7 +16,6 @@ stdenv.mkDerivation {
outputs = [ "out" "man" ];
configureFlags =
- # FIXME: perhaps use $SSL_CERT_FILE instead
lib.optional stdenv.isLinux "--with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt"
++ [
"--disable-dependency-tracking"
diff --git a/pkgs/development/libraries/ijs/default.nix b/pkgs/development/libraries/ijs/default.nix
index fbba11c10c93..0c7d412fee65 100644
--- a/pkgs/development/libraries/ijs/default.nix
+++ b/pkgs/development/libraries/ijs/default.nix
@@ -1,16 +1,25 @@
-{ stdenv, fetchurl, autoreconfHook }:
+{ stdenv, fetchurl, fetchpatch, autoreconfHook }:
-let version = "9.16";
+let version = "9.18";
in
stdenv.mkDerivation {
name = "ijs-${version}";
src = fetchurl {
url = "http://downloads.ghostscript.com/public/ghostscript-${version}.tar.bz2";
- sha256 = "0vdqbjkickb0109lk6397bb2zjmg1s46dac5p5j4gfxa4pwl8b9y";
+ sha256 = "18ad90za28dxybajqwf3y3dld87cgkx1ljllmcnc7ysspfxzbnl3";
};
- prePatch = "cd ijs";
+ patches = [
+ # http://bugs.ghostscript.com/show_bug.cgi?id=696246
+ (fetchpatch {
+ name = "devijs-account-for-device-subclassing.patch";
+ url = "http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=b68e05c3";
+ sha256 = "1c3fzfjzvf15z533vpw3l3da8wcxw98qi3p1lc6lf13940a57c7n";
+ })
+ ];
+
+ postPatch = "cd ijs";
enableParallelBuilding = true;
diff --git a/pkgs/development/libraries/libspectre/default.nix b/pkgs/development/libraries/libspectre/default.nix
index 0e5f976c1224..5c10fff50ad3 100644
--- a/pkgs/development/libraries/libspectre/default.nix
+++ b/pkgs/development/libraries/libspectre/default.nix
@@ -8,6 +8,8 @@ stdenv.mkDerivation rec {
sha256 = "1v63lqc6bhhxwkpa43qmz8phqs8ci4dhzizyy16d3vkb20m846z8";
};
+ patches = [ ./libspectre-0.2.7-gs918.patch ];
+
buildInputs = [
# Need `libgs.so'.
pkgconfig ghostscript cairo /*for tests*/
diff --git a/pkgs/development/libraries/libspectre/libspectre-0.2.7-gs918.patch b/pkgs/development/libraries/libspectre/libspectre-0.2.7-gs918.patch
new file mode 100644
index 000000000000..e9a4eda192ba
--- /dev/null
+++ b/pkgs/development/libraries/libspectre/libspectre-0.2.7-gs918.patch
@@ -0,0 +1,42 @@
+Fixed error namespace for >=ghostscript-gpl-9.18
+
+https://bugs.gentoo.org/563540
+
+--- libspectre-0.2.7/libspectre/spectre-gs.c
++++ libspectre-0.2.7/libspectre/spectre-gs.c
+@@ -43,12 +43,12 @@
+
+ if (code <= -100) {
+ switch (code) {
+- case e_Fatal:
++ case gs_error_Fatal:
+ fprintf (stderr, "fatal internal error %d", code);
+ return TRUE;
+ break;
+
+- case e_ExecStackUnderflow:
++ case gs_error_ExecStackUnderflow:
+ fprintf (stderr, "stack overflow %d", code);
+ return TRUE;
+ break;
+@@ -109,9 +109,9 @@
+ set = _spectre_strdup_printf ("%d %d translate\n", -x, -y);
+ error = gsapi_run_string_continue (ghostscript_instance, set, strlen (set),
+ 0, &exit_code);
+- error = error == e_NeedInput ? 0 : error;
++ error = error == gs_error_NeedInput ? 0 : error;
+ free (set);
+- if (error != e_NeedInput && critic_error_code (error)) {
++ if (error != gs_error_NeedInput && critic_error_code (error)) {
+ fclose (fd);
+ return FALSE;
+ }
+@@ -126,7 +126,7 @@
+ read = fread (buf, sizeof (char), to_read, fd);
+ error = gsapi_run_string_continue (ghostscript_instance,
+ buf, read, 0, &exit_code);
+- error = error == e_NeedInput ? 0 : error;
++ error = error == gs_error_NeedInput ? 0 : error;
+ left -= read;
+ }
+
diff --git a/pkgs/development/libraries/libva/default.nix b/pkgs/development/libraries/libva/default.nix
index 12de07ced32d..557d0f591553 100644
--- a/pkgs/development/libraries/libva/default.nix
+++ b/pkgs/development/libraries/libva/default.nix
@@ -1,18 +1,25 @@
-{ stdenv, fetchurl, libX11, pkgconfig, libXext, libdrm, libXfixes, wayland, libffi
-, mesa ? null
+{ stdenv, lib, fetchurl, libX11, pkgconfig, libXext, libdrm, libXfixes, wayland, libffi
+, mesa_noglu ? null
}:
-stdenv.mkDerivation rec {
- name = "libva-1.6.1";
+let
+ withMesa = mesa_noglu != null;
+in stdenv.mkDerivation rec {
+ name = "libva-1.6.2";
src = fetchurl {
url = "http://www.freedesktop.org/software/vaapi/releases/libva/${name}.tar.bz2";
- sha256 = "0bjfb5s8dk3lql843l91ffxzlq47isqks5sj19cxh7j3nhzw58kz";
+ sha256 = "1l4bij21shqbfllbxicmqgmay4v509v9hpxyyia9wm7gvsfg05y4";
};
- buildInputs = [ libX11 libXext pkgconfig libdrm libXfixes wayland libffi mesa ];
+ buildInputs = [ libX11 libXext pkgconfig libdrm libXfixes wayland libffi mesa_noglu ];
- configureFlags = stdenv.lib.optional (mesa != null) "--enable-glx";
+ configureFlags = lib.optionals withMesa [
+ "--with-drivers-path=${mesa_noglu.driverLink}/lib/dri"
+ "--enable-glx"
+ ];
+
+ installFlags = [ "dummy_drv_video_ladir=$(out)/lib/dri" ];
meta = with stdenv.lib; {
homepage = http://www.freedesktop.org/wiki/Software/vaapi;
diff --git a/pkgs/development/libraries/libvdpau-va-gl/default.nix b/pkgs/development/libraries/libvdpau-va-gl/default.nix
new file mode 100644
index 000000000000..51fb858d8bef
--- /dev/null
+++ b/pkgs/development/libraries/libvdpau-va-gl/default.nix
@@ -0,0 +1,27 @@
+{ stdenv, fetchFromGitHub, cmake, pkgconfig, libX11, libpthreadstubs, libvdpau, glib
+, libva, ffmpeg, mesa_glu }:
+
+let
+ version = "0.3.4";
+
+in stdenv.mkDerivation rec {
+ name = "libvdpau-va-gl-${version}";
+
+ src = fetchFromGitHub {
+ owner = "i-rinat";
+ repo = "libvdpau-va-gl";
+ rev = "v${version}";
+ sha256 = "1909f3srm2iy2hv4m6jxg1nxrh9xgsnjs07wfzw3ais1fww0i2nn";
+ };
+
+ nativeBuildInputs = [ cmake pkgconfig ];
+ buildInputs = [ libX11 libpthreadstubs libvdpau glib libva ffmpeg mesa_glu ];
+
+ meta = with stdenv.lib; {
+ homepage = https://github.com/i-rinat/libvdpau-va-gl;
+ description = "VDPAU driver with OpenGL/VAAPI backend";
+ license = licenses.lgpl3;
+ platforms = platforms.linux;
+ maintainers = with maintainers; [ abbradar ];
+ };
+}
diff --git a/pkgs/development/libraries/libvdpau/default.nix b/pkgs/development/libraries/libvdpau/default.nix
index 6c5d5a91ad88..446f2917fe71 100644
--- a/pkgs/development/libraries/libvdpau/default.nix
+++ b/pkgs/development/libraries/libvdpau/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, pkgconfig, xorg }:
+{ stdenv, fetchurl, pkgconfig, xorg, mesa_noglu }:
stdenv.mkDerivation rec {
name = "libvdpau-1.1.1";
@@ -12,6 +12,11 @@ stdenv.mkDerivation rec {
propagatedBuildInputs = [ xorg.libX11 ];
+ configureFlags = stdenv.lib.optional stdenv.isLinux
+ "--with-module-dir=${mesa_noglu.driverLink}/lib/vdpau";
+
+ installFlags = [ "moduledir=$(out)/lib/vdpau" ];
+
meta = with stdenv.lib; {
homepage = http://people.freedesktop.org/~aplattner/vdpau/;
description = "Library to use the Video Decode and Presentation API for Unix (VDPAU)";
diff --git a/pkgs/development/libraries/libxslt/default.nix b/pkgs/development/libraries/libxslt/default.nix
index 3579e99ec7a8..9aa70ea04716 100644
--- a/pkgs/development/libraries/libxslt/default.nix
+++ b/pkgs/development/libraries/libxslt/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, libxml2, findXMLCatalogs }:
+{ stdenv, fetchurl, fetchpatch, libxml2, findXMLCatalogs }:
stdenv.mkDerivation rec {
name = "libxslt-1.1.28";
@@ -8,14 +8,21 @@ stdenv.mkDerivation rec {
sha256 = "13029baw9kkyjgr7q3jccw2mz38amq7mmpr5p3bh775qawd1bisz";
};
+ patches = stdenv.lib.optional stdenv.isSunOS ./patch-ah.patch
+ ++ [
+ (fetchpatch {
+ name = "CVE-2015-7995.patch";
+ url = "http://git.gnome.org/browse/libxslt/patch/?id=7ca19df892ca22";
+ sha256 = "1xzg0q94dzbih9nvqp7g9ihz0a3qb0w23l1158m360z9smbi8zbd";
+ })
+ ];
+
outputs = [ "out" "doc" ];
buildInputs = [ libxml2 ];
propagatedBuildInputs = [ findXMLCatalogs ];
- patches = stdenv.lib.optionals stdenv.isSunOS [ ./patch-ah.patch ];
-
configureFlags = [
"--with-libxml-prefix=${libxml2}"
"--without-python"
diff --git a/pkgs/development/libraries/mesa/default.nix b/pkgs/development/libraries/mesa/default.nix
index f2b53fc2e595..94eed4193c35 100644
--- a/pkgs/development/libraries/mesa/default.nix
+++ b/pkgs/development/libraries/mesa/default.nix
@@ -22,7 +22,7 @@ else
*/
let
- version = "11.0.8";
+ version = "11.1.1";
# this is the default search path for DRI drivers
driverLink = "/run/opengl-driver" + stdenv.lib.optionalString stdenv.isi686 "-32";
in
@@ -38,7 +38,7 @@ stdenv.mkDerivation {
+ head (splitString "." version) + ''.x/${version}/mesa-${version}.tar.xz'')
"https://launchpad.net/mesa/trunk/${version}/+download/mesa-${version}.tar.xz"
];
- sha256 = "5696e4730518b6805d2ed5def393c4293f425a2c2c01bd5ed4bdd7ad62f7ad75";
+ sha256 = "087xlxl8dzmhzjilpsdiy19dn106spq120c9ndgnn4qlqm7hgnv4";
};
prePatch = "patchShebangs .";
@@ -158,8 +158,6 @@ stdenv.mkDerivation {
done
'' + /* set the default search path for DRI drivers; used e.g. by X server */ ''
substituteInPlace "$out/lib/pkgconfig/dri.pc" --replace '$(drivers)' "${driverLink}"
- '' + /* move vdpau drivers to $drivers/lib, so they are found */ ''
- mv "$drivers"/lib/vdpau/* "$drivers"/lib/ && rmdir "$drivers"/lib/vdpau
'';
#ToDo: @vcunat isn't sure if drirc will be found when in $out/etc/, but it doesn't seem important ATM
diff --git a/pkgs/development/libraries/openssl/1.0.2.x.nix b/pkgs/development/libraries/openssl/1.0.2.x.nix
deleted file mode 100644
index c94033d0fefd..000000000000
--- a/pkgs/development/libraries/openssl/1.0.2.x.nix
+++ /dev/null
@@ -1,91 +0,0 @@
-{ stdenv, fetchurl, perl
-, withCryptodev ? false, cryptodevHeaders }:
-
-with stdenv.lib;
-let
- opensslCrossSystem = attrByPath [ "openssl" "system" ]
- (throw "openssl needs its platform name cross building" null)
- stdenv.cross;
-in
-stdenv.mkDerivation rec {
- name = "openssl-1.0.2f";
-
- src = fetchurl {
- urls = [
- "http://www.openssl.org/source/${name}.tar.gz"
- "http://openssl.linux-mirror.org/source/${name}.tar.gz"
- ];
- sha256 = "932b4ee4def2b434f85435d9e3e19ca8ba99ce9a065a61524b429a9d5e9b2e9c";
- };
-
- patches = optional stdenv.isCygwin ./1.0.1-cygwin64.patch;
-
- nativeBuildInputs = [ perl ];
- buildInputs = stdenv.lib.optional withCryptodev cryptodevHeaders;
-
- # On x86_64-darwin, "./config" misdetects the system as
- # "darwin-i386-cc". So specify the system type explicitly.
- configureScript =
- if stdenv.system == "x86_64-darwin" then "./Configure darwin64-x86_64-cc"
- else if stdenv.system == "x86_64-solaris" then "./Configure solaris64-x86_64-gcc"
- else "./config";
-
- configureFlags = [
- "shared"
- "--libdir=lib"
- "--openssldir=etc/ssl"
- ] ++ stdenv.lib.optionals withCryptodev [
- "-DHAVE_CRYPTODEV"
- "-DUSE_CRYPTODEV_DIGESTS"
- ];
-
- makeFlags = [
- "MANDIR=$(out)/share/man"
- ];
-
- # Parallel building is broken in OpenSSL.
- enableParallelBuilding = false;
-
- postInstall = ''
- # If we're building dynamic libraries, then don't install static
- # libraries.
- if [ -n "$(echo $out/lib/*.so $out/lib/*.dylib $out/lib/*.dll)" ]; then
- rm "$out/lib/"*.a
- fi
-
- # remove dependency on Perl at runtime
- rm -r $out/etc/ssl/misc $out/bin/c_rehash
- '';
-
- postFixup = ''
- # Check to make sure we don't depend on perl
- if grep -r '${perl}' $out; then
- echo "Found an erroneous dependency on perl ^^^" >&2
- exit 1
- fi
- '';
-
- crossAttrs = {
- # upstream patch: https://rt.openssl.org/Ticket/Display.html?id=2558
- postPatch = ''
- sed -i -e 's/[$][(]CROSS_COMPILE[)]windres/$(WINDRES)/' Makefile.shared
- '';
- preConfigure=''
- # It's configure does not like --build or --host
- export configureFlags="${concatStringsSep " " (configureFlags ++ [ opensslCrossSystem ])}"
- # WINDRES and RANLIB need to be prefixed when cross compiling;
- # the openssl configure script doesn't do that for us
- export WINDRES=${stdenv.cross.config}-windres
- export RANLIB=${stdenv.cross.config}-ranlib
- '';
- configureScript = "./Configure";
- };
-
- meta = {
- homepage = http://www.openssl.org/;
- description = "A cryptographic library that implements the SSL and TLS protocols";
- platforms = stdenv.lib.platforms.all;
- maintainers = [ stdenv.lib.maintainers.simons ];
- priority = 10; # resolves collision with ‘man-pages’
- };
-}
diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix
index 21e7706be8cb..6300068f09fe 100644
--- a/pkgs/development/libraries/openssl/default.nix
+++ b/pkgs/development/libraries/openssl/default.nix
@@ -2,93 +2,109 @@
, withCryptodev ? false, cryptodevHeaders }:
with stdenv.lib;
+
let
- opensslCrossSystem = attrByPath [ "openssl" "system" ]
- (throw "openssl needs its platform name cross building" null)
- stdenv.cross;
-in
-stdenv.mkDerivation rec {
- name = "openssl-1.0.1q";
- src = fetchurl {
- urls = [
- "http://www.openssl.org/source/${name}.tar.gz"
- "http://openssl.linux-mirror.org/source/${name}.tar.gz"
+ opensslCrossSystem = stdenv.cross.openssl.system or
+ (throw "openssl needs its platform name cross building");
+
+ common = { version, sha256 }: stdenv.mkDerivation rec {
+ name = "openssl-${version}";
+
+ src = fetchurl {
+ url = "http://www.openssl.org/source/${name}.tar.gz";
+ inherit sha256;
+ };
+
+ outputs = [ "out" "man" ];
+
+ patches =
+ [ ./use-etc-ssl-certs.patch ]
+ ++ optional stdenv.isCygwin ./1.0.1-cygwin64.patch
+ ++ optional (stdenv.isDarwin || (stdenv ? cross && stdenv.cross.libc == "libSystem")) ./darwin-arch.patch;
+
+ nativeBuildInputs = [ perl ];
+ buildInputs = stdenv.lib.optional withCryptodev cryptodevHeaders;
+
+ # On x86_64-darwin, "./config" misdetects the system as
+ # "darwin-i386-cc". So specify the system type explicitly.
+ configureScript =
+ if stdenv.system == "x86_64-darwin" then "./Configure darwin64-x86_64-cc"
+ else if stdenv.system == "x86_64-solaris" then "./Configure solaris64-x86_64-gcc"
+ else "./config";
+
+ configureFlags = [
+ "shared"
+ "--libdir=lib"
+ "--openssldir=etc/ssl"
+ ] ++ stdenv.lib.optionals withCryptodev [
+ "-DHAVE_CRYPTODEV"
+ "-DUSE_CRYPTODEV_DIGESTS"
];
- sha256 = "1dvz0hx7fjxag06b51pawy154y6d2xajm5rwxmfnlq7ax628nrdk";
- };
- outputs = [ "out" "man" ];
+ makeFlags = [
+ "MANDIR=$(out)/share/man"
+ ];
- patches = optional stdenv.isCygwin ./1.0.1-cygwin64.patch
- ++ optional (stdenv.isDarwin || (stdenv ? cross && stdenv.cross.libc == "libSystem")) ./darwin-arch.patch;
+ # Parallel building is broken in OpenSSL.
+ enableParallelBuilding = false;
- nativeBuildInputs = [ perl ];
- buildInputs = stdenv.lib.optional withCryptodev cryptodevHeaders;
+ postInstall = ''
+ # If we're building dynamic libraries, then don't install static
+ # libraries.
+ if [ -n "$(echo $out/lib/*.so $out/lib/*.dylib $out/lib/*.dll)" ]; then
+ rm "$out/lib/"*.a
+ fi
- # On x86_64-darwin, "./config" misdetects the system as
- # "darwin-i386-cc". So specify the system type explicitly.
- configureScript =
- if stdenv.system == "x86_64-darwin" then "./Configure darwin64-x86_64-cc"
- else if stdenv.system == "x86_64-solaris" then "./Configure solaris64-x86_64-gcc"
- else "./config";
+ # remove dependency on Perl at runtime
+ rm -r $out/etc/ssl/misc $out/bin/c_rehash
- configureFlags = [
- "shared"
- "--libdir=lib"
- "--openssldir=etc/ssl"
- ] ++ stdenv.lib.optionals withCryptodev [
- "-DHAVE_CRYPTODEV"
- "-DUSE_CRYPTODEV_DIGESTS"
- ];
-
- makeFlags = [
- "MANDIR=$(out)/share/man"
- ];
-
- # Parallel building is broken in OpenSSL.
- enableParallelBuilding = false;
-
- postInstall = ''
- # If we're building dynamic libraries, then don't install static
- # libraries.
- if [ -n "$(echo $out/lib/*.so $out/lib/*.dylib $out/lib/*.dll)" ]; then
- rm "$out/lib/"*.a
- fi
-
- # remove dependency on Perl at runtime
- rm -r $out/etc/ssl/misc $out/bin/c_rehash
- '';
-
- postFixup = ''
- # Check to make sure we don't depend on perl
- if grep -r '${perl}' $out; then
- echo "Found an erroneous dependency on perl ^^^" >&2
- exit 1
- fi
- '';
-
- crossAttrs = {
- # upstream patch: https://rt.openssl.org/Ticket/Display.html?id=2558
- postPatch = ''
- sed -i -e 's/[$][(]CROSS_COMPILE[)]windres/$(WINDRES)/' Makefile.shared
+ rmdir $out/etc/ssl/{certs,private}
'';
- preConfigure=''
- # It's configure does not like --build or --host
- export configureFlags="${concatStringsSep " " (configureFlags ++ [ opensslCrossSystem ])}"
- # WINDRES and RANLIB need to be prefixed when cross compiling;
- # the openssl configure script doesn't do that for us
- export WINDRES=${stdenv.cross.config}-windres
- export RANLIB=${stdenv.cross.config}-ranlib
+
+ postFixup = ''
+ # Check to make sure we don't depend on perl
+ if grep -r '${perl}' $out; then
+ echo "Found an erroneous dependency on perl ^^^" >&2
+ exit 1
+ fi
'';
- configureScript = "./Configure";
+
+ crossAttrs = {
+ # upstream patch: https://rt.openssl.org/Ticket/Display.html?id=2558
+ postPatch = ''
+ sed -i -e 's/[$][(]CROSS_COMPILE[)]windres/$(WINDRES)/' Makefile.shared
+ '';
+ preConfigure=''
+ # It's configure does not like --build or --host
+ export configureFlags="${concatStringsSep " " (configureFlags ++ [ opensslCrossSystem ])}"
+ # WINDRES and RANLIB need to be prefixed when cross compiling;
+ # the openssl configure script doesn't do that for us
+ export WINDRES=${stdenv.cross.config}-windres
+ export RANLIB=${stdenv.cross.config}-ranlib
+ '';
+ configureScript = "./Configure";
+ };
+
+ meta = {
+ homepage = http://www.openssl.org/;
+ description = "A cryptographic library that implements the SSL and TLS protocols";
+ platforms = stdenv.lib.platforms.all;
+ maintainers = [ stdenv.lib.maintainers.simons ];
+ priority = 10; # resolves collision with ‘man-pages’
+ };
};
- meta = {
- homepage = http://www.openssl.org/;
- description = "A cryptographic library that implements the SSL and TLS protocols";
- platforms = stdenv.lib.platforms.all;
- maintainers = [ stdenv.lib.maintainers.simons ];
- priority = 10; # resolves collision with ‘man-pages’
+in {
+
+ openssl_1_0_1 = common {
+ version = "1.0.1r";
+ sha256 = "0iik7a3b0mrfrxzngdf7ywfscg9inbw77y0jp2ccw0gdap9xhjvq";
};
+
+ openssl_1_0_2 = common {
+ version = "1.0.2f";
+ sha256 = "932b4ee4def2b434f85435d9e3e19ca8ba99ce9a065a61524b429a9d5e9b2e9c";
+ };
+
}
diff --git a/pkgs/development/libraries/openssl/use-etc-ssl-certs.patch b/pkgs/development/libraries/openssl/use-etc-ssl-certs.patch
new file mode 100644
index 000000000000..813c6bdf44ab
--- /dev/null
+++ b/pkgs/development/libraries/openssl/use-etc-ssl-certs.patch
@@ -0,0 +1,13 @@
+diff -ru -x '*~' openssl-1.0.1r-orig/crypto/cryptlib.h openssl-1.0.1r/crypto/cryptlib.h
+--- openssl-1.0.1r-orig/crypto/cryptlib.h 2016-01-28 14:38:30.000000000 +0100
++++ openssl-1.0.1r/crypto/cryptlib.h 2016-02-03 12:54:29.193165176 +0100
+@@ -81,8 +81,8 @@
+
+ # ifndef OPENSSL_SYS_VMS
+ # define X509_CERT_AREA OPENSSLDIR
+ # define X509_CERT_DIR OPENSSLDIR "/certs"
+-# define X509_CERT_FILE OPENSSLDIR "/cert.pem"
++# define X509_CERT_FILE "/etc/ssl/certs/ca-certificates.crt"
+ # define X509_PRIVATE_DIR OPENSSLDIR "/private"
+ # else
+ # define X509_CERT_AREA "SSLROOT:[000000]"
diff --git a/pkgs/development/libraries/pcre/cve-2015-3210.patch b/pkgs/development/libraries/pcre/cve-2015-3210.patch
deleted file mode 100644
index c97849fb70c7..000000000000
--- a/pkgs/development/libraries/pcre/cve-2015-3210.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-From 68ff1beb43bb3d4d8838f3285c97023d1e50513a Mon Sep 17 00:00:00 2001
-From: ph10
-Date: Fri, 15 May 2015 17:17:03 +0000
-Subject: [PATCH] Fix buffer overflow for named recursive back reference when
- the name is duplicated.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Upstream commit ported to pcre-8.37:
-
-commit 4b79af6b4cbeb5326ae5e4d83f3e935e00286c19
-Author: ph10
-Date: Fri May 15 17:17:03 2015 +0000
-
- Fix buffer overflow for named recursive back reference when the name is
- duplicated.
-
- git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1558 2f5784b3-3f2a-0410-8824-cb99058d5e15
-
-This fixes CVE-2015-3210.
-
-Signed-off-by: Petr Písař
----
- pcre_compile.c | 16 ++++++++++++++--
- testdata/testinput2 | 2 ++
- testdata/testoutput2 | 2 ++
- 3 files changed, 18 insertions(+), 2 deletions(-)
-
-diff --git a/pcre_compile.c b/pcre_compile.c
-index 0efad26..6f06912 100644
---- a/pcre_compile.c
-+++ b/pcre_compile.c
-@@ -7173,14 +7173,26 @@ for (;; ptr++)
- number. If the name is not found, set the value to 0 for a forward
- reference. */
-
-+ recno = 0;
- ng = cd->named_groups;
- for (i = 0; i < cd->names_found; i++, ng++)
- {
- if (namelen == ng->length &&
- STRNCMP_UC_UC(name, ng->name, namelen) == 0)
-- break;
-+ {
-+ open_capitem *oc;
-+ recno = ng->number;
-+ if (is_recurse) break;
-+ for (oc = cd->open_caps; oc != NULL; oc = oc->next)
-+ {
-+ if (oc->number == recno)
-+ {
-+ oc->flag = TRUE;
-+ break;
-+ }
-+ }
-+ }
- }
-- recno = (i < cd->names_found)? ng->number : 0;
-
- /* Count named back references. */
-
-diff --git a/testdata/testinput2 b/testdata/testinput2
-index 58fe53b..83bb471 100644
---- a/testdata/testinput2
-+++ b/testdata/testinput2
-@@ -4152,4 +4152,6 @@ backtracking verbs. --/
-
- /((?2){73}(?2))((?1))/
-
-+"(?J)(?'d'(?'d'\g{d}))"
-+
- /-- End of testinput2 --/
-diff --git a/testdata/testoutput2 b/testdata/testoutput2
-index b718df0..7dff52a 100644
---- a/testdata/testoutput2
-+++ b/testdata/testoutput2
-@@ -14423,4 +14423,6 @@ Failed: lookbehind assertion is not fixed length at offset 17
-
- /((?2){73}(?2))((?1))/
-
-+"(?J)(?'d'(?'d'\g{d}))"
-+
- /-- End of testinput2 --/
---
-2.4.3
-
diff --git a/pkgs/development/libraries/pcre/cve-2015-5073.patch b/pkgs/development/libraries/pcre/cve-2015-5073.patch
deleted file mode 100644
index 16fd45c87b1d..000000000000
--- a/pkgs/development/libraries/pcre/cve-2015-5073.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From 354e1f8e921dcb9cf2f3a5eac93cd826d01a7d8a Mon Sep 17 00:00:00 2001
-From: ph10
-Date: Tue, 23 Jun 2015 16:34:53 +0000
-Subject: [PATCH] Fix buffer overflow for forward reference within backward
- assertion with excess closing parenthesis. Bugzilla 1651.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This is upstream commit ported to 8.37:
-
-commit 764692f9aea9eab50fdba6cb537441d8b34c6c37
-Author: ph10
-Date: Tue Jun 23 16:34:53 2015 +0000
-
- Fix buffer overflow for forward reference within backward assertion with excess
- closing parenthesis. Bugzilla 1651.
-
- git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1571 2f5784b3-3f2a-0410-8824-cb99058d5e15
-
-It fixes CVE-2015-5073.
-
-Signed-off-by: Petr Písař
----
- pcre_compile.c | 2 +-
- testdata/testinput2 | 2 ++
- testdata/testoutput2 | 3 +++
- 3 files changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/pcre_compile.c b/pcre_compile.c
-index 6f06912..b66b1f6 100644
---- a/pcre_compile.c
-+++ b/pcre_compile.c
-@@ -9392,7 +9392,7 @@ OP_RECURSE that are not fixed length get a diagnosic with a useful offset. The
- exceptional ones forgo this. We scan the pattern to check that they are fixed
- length, and set their lengths. */
-
--if (cd->check_lookbehind)
-+if (errorcode == 0 && cd->check_lookbehind)
- {
- pcre_uchar *cc = (pcre_uchar *)codestart;
-
-diff --git a/testdata/testinput2 b/testdata/testinput2
-index 83bb471..5cc9ce6 100644
---- a/testdata/testinput2
-+++ b/testdata/testinput2
-@@ -4154,4 +4154,6 @@ backtracking verbs. --/
-
- "(?J)(?'d'(?'d'\g{d}))"
-
-+/(?=di(?<=(?1))|(?=(.))))/
-+
- /-- End of testinput2 --/
-diff --git a/testdata/testoutput2 b/testdata/testoutput2
-index 7dff52a..4decb8d 100644
---- a/testdata/testoutput2
-+++ b/testdata/testoutput2
-@@ -14425,4 +14425,7 @@ Failed: lookbehind assertion is not fixed length at offset 17
-
- "(?J)(?'d'(?'d'\g{d}))"
-
-+/(?=di(?<=(?1))|(?=(.))))/
-+Failed: unmatched parentheses at offset 23
-+
- /-- End of testinput2 --/
---
-2.4.3
-
diff --git a/pkgs/development/libraries/pcre/default.nix b/pkgs/development/libraries/pcre/default.nix
index 3370e910565e..92f53b067204 100644
--- a/pkgs/development/libraries/pcre/default.nix
+++ b/pkgs/development/libraries/pcre/default.nix
@@ -5,17 +5,15 @@
with stdenv.lib;
stdenv.mkDerivation rec {
- name = "pcre-8.37";
+ name = "pcre-8.38";
src = fetchurl {
url = "ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/${name}.tar.bz2";
- sha256 = "17bqykp604p7376wj3q2nmjdhrb6v1ny8q08zdwi7qvc02l9wrsi";
+ sha256 = "1pvra19ljkr5ky35y2iywjnsckrs9ch2anrf5b0dc91hw8v2vq5r";
};
patches =
- [ ./cve-2015-3210.patch
- ./cve-2015-5073.patch
- ];
+ [ ];
outputs = [ "out" "doc" "man" ];
diff --git a/pkgs/development/libraries/qpdf/default.nix b/pkgs/development/libraries/qpdf/default.nix
index 340f4558f819..8f886421d55b 100644
--- a/pkgs/development/libraries/qpdf/default.nix
+++ b/pkgs/development/libraries/qpdf/default.nix
@@ -1,13 +1,13 @@
{ stdenv, fetchurl, pcre, zlib, perl }:
-let version = "5.1.3";
+let version = "6.0.0";
in
stdenv.mkDerivation rec {
name = "qpdf-${version}";
src = fetchurl {
url = "mirror://sourceforge/qpdf/qpdf/${version}/${name}.tar.gz";
- sha256 = "1lq1v7xghvl6p4hgrwbps3a13ad6lh4ib3myimb83hxgsgd4n5nm";
+ sha256 = "0csj2p2gkxrc0rk8ykymlsdgfas96vzf1dip3y1x7z1q9plwgzd9";
};
nativeBuildInputs = [ perl ];
@@ -23,6 +23,7 @@ stdenv.mkDerivation rec {
'';
doCheck = true;
+ enableParallelBuilding = true;
meta = with stdenv.lib; {
homepage = http://qpdf.sourceforge.net/;
diff --git a/pkgs/development/perl-modules/lwp-protocol-https-cert-file.patch b/pkgs/development/perl-modules/lwp-protocol-https-cert-file.patch
deleted file mode 100644
index 4a4b49a829d2..000000000000
--- a/pkgs/development/perl-modules/lwp-protocol-https-cert-file.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-Use $SSL_CERT_FILE to get the CA certificates.
-
-diff -ru -x '*~' LWP-Protocol-https-6.02-orig/lib/LWP/Protocol/https.pm LWP-Protocol-https-6.02/lib/LWP/Protocol/https.pm
---- LWP-Protocol-https-6.02-orig/lib/LWP/Protocol/https.pm 2011-03-27 13:54:01.000000000 +0200
-+++ LWP-Protocol-https-6.02/lib/LWP/Protocol/https.pm 2011-10-07 13:23:41.398628375 +0200
-@@ -21,6 +21,11 @@
- }
- if ($ssl_opts{SSL_verify_mode}) {
- unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
-+ if (defined $ENV{'SSL_CERT_FILE'}) {
-+ $ssl_opts{SSL_ca_file} = $ENV{'SSL_CERT_FILE'};
-+ }
-+ }
-+ unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
- eval {
- require Mozilla::CA;
- };
diff --git a/pkgs/development/python-modules/generic/default.nix b/pkgs/development/python-modules/generic/default.nix
index dab20b2f7447..15f369a44f2d 100644
--- a/pkgs/development/python-modules/generic/default.nix
+++ b/pkgs/development/python-modules/generic/default.nix
@@ -3,7 +3,8 @@
(http://pypi.python.org/pypi/setuptools/), which represents a large
number of Python packages nowadays. */
-{ python, setuptools, unzip, wrapPython, lib, bootstrapped-pip }:
+{ python, setuptools, unzip, wrapPython, lib, bootstrapped-pip
+, ensureNewerSourcesHook }:
{ name
@@ -60,6 +61,7 @@ python.stdenv.mkDerivation (builtins.removeAttrs attrs ["disabled" "doCheck"] //
name = namePrefix + name;
buildInputs = [ wrapPython bootstrapped-pip ] ++ buildInputs ++ pythonPath
+ ++ [ (ensureNewerSourcesHook { year = "1980"; }) ]
++ (lib.optional (lib.hasSuffix "zip" attrs.src.name or "") unzip);
# propagate python/setuptools to active setup-hook in nix-shell
diff --git a/pkgs/development/tools/build-managers/cmake/default.nix b/pkgs/development/tools/build-managers/cmake/default.nix
index 09e54d3dfa63..c8ed91b96fb0 100644
--- a/pkgs/development/tools/build-managers/cmake/default.nix
+++ b/pkgs/development/tools/build-managers/cmake/default.nix
@@ -11,7 +11,7 @@ assert wantPS -> (ps != null);
let
os = stdenv.lib.optionalString;
majorVersion = "3.4";
- minorVersion = "0";
+ minorVersion = "3";
version = "${majorVersion}.${minorVersion}";
in
@@ -22,7 +22,7 @@ stdenv.mkDerivation rec {
src = fetchurl {
url = "${meta.homepage}files/v${majorVersion}/cmake-${version}.tar.gz";
- sha256 = "1shwim3gfdybjx9f11ykxz5l09rh58vmvz8ip76q3i76mkv2pf55";
+ sha256 = "1yl0z422gr7zfc638chifv343vx0ig5gasvrh7nzf7b15488qgxp";
};
enableParallelBuilding = true;
diff --git a/pkgs/misc/cups/default.nix b/pkgs/misc/cups/default.nix
index 8fa111ecc023..7dedf26096df 100644
--- a/pkgs/misc/cups/default.nix
+++ b/pkgs/misc/cups/default.nix
@@ -3,7 +3,7 @@
, libusb ? null, gnutls ? null, avahi ? null, libpaper ? null
}:
-let version = "2.0.4"; in
+let version = "2.1.2"; in
with stdenv.lib;
stdenv.mkDerivation {
@@ -13,7 +13,7 @@ stdenv.mkDerivation {
src = fetchurl {
url = "https://www.cups.org/software/${version}/cups-${version}-source.tar.bz2";
- sha256 = "1gaakz24k6x5nc09rmpiq0xq20j1qdjc3szag8qwmyi4ky6ydmg1";
+ sha256 = "1bc1y8fjgh54ryh520gk63i5rbagn6jijsrskcqlibhfm0xwmc5s";
};
buildInputs = [ pkgconfig zlib libjpeg libpng libtiff libusb gnutls libpaper ]
@@ -51,7 +51,6 @@ stdenv.mkDerivation {
# Idem for /etc.
"PAMDIR=$(out)/etc/pam.d"
"DBUSDIR=$(out)/etc/dbus-1"
- "INITDIR=$(out)/etc/rc.d"
"XINETD=$(out)/etc/xinetd.d"
"SERVERROOT=$(out)/etc/cups"
# Idem for /usr.
@@ -61,6 +60,8 @@ stdenv.mkDerivation {
"CUPS_PRIMARY_SYSTEM_GROUP=root"
];
+ enableParallelBuilding = true;
+
postInstall = ''
# Delete obsolete stuff that conflicts with cups-filters.
rm -rf $out/share/cups/banners $out/share/cups/data/testprint
diff --git a/pkgs/misc/cups/filters.nix b/pkgs/misc/cups/filters.nix
index b4b3a5a06247..7118511f16d3 100644
--- a/pkgs/misc/cups/filters.nix
+++ b/pkgs/misc/cups/filters.nix
@@ -1,26 +1,24 @@
-{ stdenv, fetchurl, fetchpatch, pkgconfig, cups, poppler, poppler_utils, fontconfig
-, libjpeg, libpng, perl, ijs, qpdf, dbus, substituteAll, bash, avahi }:
+{ stdenv, fetchurl, pkgconfig, cups, poppler, poppler_utils, fontconfig
+, libjpeg, libpng, perl, ijs, qpdf, dbus, substituteAll, bash, avahi
+, makeWrapper, coreutils, gnused, bc, gawk, gnugrep, which
+}:
-stdenv.mkDerivation rec {
+let
+ binPath = stdenv.lib.makeSearchPath "bin" [ coreutils gnused bc gawk gnugrep which ];
+
+in stdenv.mkDerivation rec {
name = "cups-filters-${version}";
- version = "1.0.71";
+ version = "1.5.0";
src = fetchurl {
url = "http://openprinting.org/download/cups-filters/${name}.tar.xz";
- sha256 = "07wwlqcykfjfqcwj1bxk60ggahyaw7wcx32n5s104d1qkhham01i";
+ sha256 = "0cjrh4wpdhkvmahfkg8f2a2qzilcq12i78q5arwr7dnmx1j8hapj";
};
- patches = [
- ./longer-shell-path.patch
- (fetchpatch { # drop on update
- name = "poppler-0.34.patch";
- url = "https://bugs.linuxfoundation.org/attachment.cgi?id=493";
- sha256 = "18za83q0b0n4hpvvw76jsv0hm89zmijvps2z5kg1srickqlxj891";
- })
- ];
+ nativeBuildInputs = [ pkgconfig makeWrapper ];
buildInputs = [
- pkgconfig cups poppler poppler_utils fontconfig libjpeg libpng perl
+ cups poppler poppler_utils fontconfig libjpeg libpng perl
ijs qpdf dbus avahi
];
@@ -29,9 +27,10 @@ stdenv.mkDerivation rec {
"--enable-imagefilters"
"--with-rcdir=no"
"--with-shell=${stdenv.shell}"
+ "--with-test-font-path=/path-does-not-exist"
];
- makeFlags = "CUPS_SERVERBIN=$(out)/lib/cups CUPS_DATADIR=$(out)/share/cups CUPS_SERVERROOT=$(out)/etc/cups";
+ makeFlags = [ "CUPS_SERVERBIN=$(out)/lib/cups" "CUPS_DATADIR=$(out)/share/cups" "CUPS_SERVERROOT=$(out)/etc/cups" ];
postConfigure =
''
@@ -46,11 +45,13 @@ stdenv.mkDerivation rec {
postInstall =
''
- for i in $out/lib/cups/filter/{pstopdf,texttops,imagetops}; do
- substituteInPlace $i --replace 'which ' 'type -p '
+ for i in $out/lib/cups/filter/*; do
+ wrapProgram "$i" --prefix PATH ':' ${binPath}
done
'';
+ enableParallelBuilding = true;
+
meta = {
homepage = http://www.linuxfoundation.org/collaborate/workgroups/openprinting/cups-filters;
description = "Backends, filters, and other software that was once part of the core CUPS distribution but is no longer maintained by Apple Inc";
diff --git a/pkgs/misc/cups/longer-shell-path.patch b/pkgs/misc/cups/longer-shell-path.patch
deleted file mode 100644
index 397cc681732b..000000000000
--- a/pkgs/misc/cups/longer-shell-path.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git a/filter/foomatic-rip/foomaticrip.c b/filter/foomatic-rip/foomaticrip.c
-index 90a851c..689a2bd 100644
---- a/filter/foomatic-rip/foomaticrip.c
-+++ b/filter/foomatic-rip/foomaticrip.c
-@@ -174,7 +174,7 @@ char cupsfilterpath[PATH_MAX] = "/usr/local/lib/cups/filter:"
- "/opt/cups/filter:"
- "/usr/lib/cups/filter";
-
--char modern_shell[64] = SHELL;
-+char modern_shell[] = SHELL;
-
- void config_set_option(const char *key, const char *value)
- {
diff --git a/pkgs/misc/drivers/gutenprint/default.nix b/pkgs/misc/drivers/gutenprint/default.nix
index 98776c0c42b0..5be7f5ecff4d 100644
--- a/pkgs/misc/drivers/gutenprint/default.nix
+++ b/pkgs/misc/drivers/gutenprint/default.nix
@@ -1,78 +1,41 @@
# this package was called gimp-print in the past
-{ fetchurl, stdenv, pkgconfig, composableDerivation, cups
-, libtiff, libpng, makeWrapper, openssl, gimp }:
+{ stdenv, lib, fetchurl, pkgconfig
+, ijs, makeWrapper
+, gimp2Support ? true, gimp
+, cupsSupport ? true, cups, libusb, perl
+}:
-let
- version = "5.2.10";
- inherit (composableDerivation) edf wwf;
-in
-
-composableDerivation.composableDerivation {} {
- name = "gutenprint-${version}";
+stdenv.mkDerivation rec {
+ name = "gutenprint-5.2.11";
src = fetchurl {
- url = "mirror://sourceforge/gimp-print/gutenprint-${version}.tar.bz2";
- sha256 = "0n8f6vpadnagrp6yib3mca1c3lgwl4vmma16s44riyrd84mka7s3";
+ url = "mirror://sourceforge/gimp-print/${name}.tar.bz2";
+ sha256 = "1yadw96rgp1z0jv1wxrz6cds36nb693w3xlv596xw9r5w394r8y1";
};
- # gimp, gui is still not working (TODO)
- buildInputs = [ makeWrapper openssl pkgconfig ];
+ nativeBuildInputs = [ makeWrapper pkgconfig ];
+ buildInputs =
+ [ ijs ]
+ ++ lib.optionals gimp2Support [ gimp.gtk gimp ]
+ ++ lib.optionals cupsSupport [ cups libusb perl ];
- configureFlags = ["--enable-static-genppd"];
- NIX_CFLAGS_COMPILE="-include stdio.h";
-
- #preConfigure = ''
- # configureFlags="--with-cups=$out/usr-cups $configureFlags"
- #'';
-
- /*
- is this recommended? without it this warning is printed:
+ configureFlags = lib.optionals cupsSupport [
+ "--disable-static-genppd" # should be harmless on NixOS
+ ];
- ***WARNING: Use of --disable-static-genppd or --disable-static
- when building CUPS is very dangerous. The build may
- fail when building the PPD files, or may *SILENTLY*
- build incorrect PPD files or cause other problems.
- Please review the README and release notes carefully!
- */
+ enableParallelBuilding = true;
- installPhase = ''
- eval "make install $installArgs"
- mkdir -p $out/lib/cups
- ln -s $out/filter $out/lib/cups/
- wrapProgram $out/filter/rastertogutenprint.5.2 --prefix LD_LIBRARY_PATH : $out/lib
- wrapProgram $out/sbin/cups-genppd.5.2 --prefix LD_LIBRARY_PATH : $out/lib
- '';
+ # Testing is very, very long.
+ # doCheck = true;
- meta = {
+ installFlags =
+ lib.optionals cupsSupport [ "cups_conf_datadir=$(out)/share/cups" "cups_conf_serverbin=$(out)/lib/cups" "cups_conf_serverroot=$(out)/etc/cups" ]
+ ++ lib.optionals gimp2Support [ "gimp2_plug_indir=$(out)/${gimp.name}-plugins" ];
+
+ meta = with stdenv.lib; {
description = "Ghostscript and cups printer drivers";
homepage = http://sourceforge.net/projects/gimp-print/;
- license = "GPL";
+ license = licenses.gpl2;
+ platforms = platforms.linux;
};
-
- mergeAttrBy = { installArgs = stdenv.lib.concat; };
-
- # most interpreters aren't tested yet.. (see python for example how to do it)
- flags =
- wwf {
- name = "gimp2";
- enable = {
- buildInputs = [gimp gimp.gtk];
- installArgs = [ "gimp2_plug_indir=$out/${gimp.name}-plugins" ];
- };
- }
- // {
- cups = {
- set = {
- buildInputs = [cups libtiff libpng ];
- installArgs = [ "cups_conf_datadir=$out cups_conf_serverbin=$out cups_conf_serverroot=$out"];
- };
- };
- }
- ;
-
- cfg = {
- gimp2Support = true;
- cupsSupport = true;
- };
-
}
diff --git a/pkgs/misc/ghostscript/CVE-2015-3228.patch b/pkgs/misc/ghostscript/CVE-2015-3228.patch
deleted file mode 100644
index 7be18b0a7302..000000000000
--- a/pkgs/misc/ghostscript/CVE-2015-3228.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Description: Sanity check for memory allocation.
- In gs_heap_alloc_bytes(), add a sanity check to ensure we don't overflow the
- variable holding the actual number of bytes we allocate.
-Origin: upstream, http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0c0b085
-Author: Chris Liddell
-Forwarded: yes
-Bug-Debian: http://bugs.debian.org/793489
-Last-Update: 2015-07-26
-
---- a/base/gsmalloc.c
-+++ b/base/gsmalloc.c
-@@ -178,7 +178,7 @@
- } else {
- uint added = size + sizeof(gs_malloc_block_t);
-
-- if (mmem->limit - added < mmem->used)
-+ if (added <= size || mmem->limit - added < mmem->used)
- set_msg("exceeded limit");
- else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0)
- set_msg("failed");
diff --git a/pkgs/misc/ghostscript/default.nix b/pkgs/misc/ghostscript/default.nix
index 53b5caf93122..06ffc45cecf3 100644
--- a/pkgs/misc/ghostscript/default.nix
+++ b/pkgs/misc/ghostscript/default.nix
@@ -1,6 +1,6 @@
-{ stdenv, fetchurl, pkgconfig, zlib, expat, openssl
+{ stdenv, lib, fetchurl, fetchpatch, pkgconfig, zlib, expat, openssl, autoconf
, libjpeg, libpng, libtiff, freetype, fontconfig, lcms2, libpaper, jbig2dec
-, libiconv
+, libiconv, ijs
, x11Support ? false, xlibsWrapper ? null
, cupsSupport ? false, cups ? null
}:
@@ -8,8 +8,8 @@
assert x11Support -> xlibsWrapper != null;
assert cupsSupport -> cups != null;
let
- version = "9.15";
- sha256 = "0p1isp6ssfay141klirn7n9s8b546vcz6paksfmksbwy0ljsypg6";
+ version = "9.18";
+ sha256 = "18ad90za28dxybajqwf3y3dld87cgkx1ljllmcnc7ysspfxzbnl3";
fonts = stdenv.mkDerivation {
name = "ghostscript-fonts";
@@ -45,55 +45,84 @@ stdenv.mkDerivation rec {
enableParallelBuilding = true;
+ nativeBuildInputs = [ pkgconfig autoconf ];
buildInputs =
- [ pkgconfig zlib expat openssl
+ [ zlib expat openssl
libjpeg libpng libtiff freetype fontconfig lcms2 libpaper jbig2dec
- libiconv
+ libiconv ijs
]
- ++ stdenv.lib.optional x11Support xlibsWrapper
- ++ stdenv.lib.optional cupsSupport cups
- # [] # maybe sometimes jpeg2000 support
+ ++ lib.optional x11Support xlibsWrapper
+ ++ lib.optional cupsSupport cups
;
patches = [
./urw-font-files.patch
- # fetched from debian's ghostscript 9.15_dfsg-1 (called 020150707~0c0b085.patch there)
- ./CVE-2015-3228.patch
+ # http://bugs.ghostscript.com/show_bug.cgi?id=696281
+ (fetchpatch {
+ name = "fix-check-for-using-shared-freetype-lib.patch";
+ url = "http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=8f5d285";
+ sha256 = "1f0k043rng7f0rfl9hhb89qzvvksqmkrikmm38p61yfx51l325xr";
+ })
+ # http://bugs.ghostscript.com/show_bug.cgi?id=696301
+ (fetchpatch {
+ name = "add-gserrors.h-to-the-installed-files.patch";
+ url = "http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=feafe5e5";
+ sha256 = "0s4ayzakjv809dkn7vilxwvs4dw35p3pw942ml91bk9z4kkaxyz7";
+ })
+ # http://bugs.ghostscript.com/show_bug.cgi?id=696246
+ (fetchpatch {
+ name = "guard-against-NULL-base-for-non-clist-devices.patch";
+ url = "http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=007bd77d08d800e6b07274d62e3c91be7c4a3f47";
+ sha256 = "1la53273agl92lpy7qd0qhgzynx8b90hrk8g9jsj3055ssn6rqwh";
+ })
+ (fetchpatch {
+ name = "ensure-plib-devices-always-use-the-clist.patch";
+ url = "http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=1bdbe4f87dc57648821e613ebcc591b84e8b35b3";
+ sha256 = "1cq83fgyvrycapxm69v4r9f9qhzsr40ygrc3bkp8pk15wsmvq0k7";
+ })
+ (fetchpatch {
+ name = "prevent-rinkj-device-crash-when-misconfigured.patch";
+ url = "http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=5571ddfa377c5d7d98f55af40e693814ac287ae4";
+ sha256 = "08iqdlrngi6k0ml2b71dj5q136fyp1s9g0rr87ayyshn0k0lxwkv";
+ })
];
- makeFlags = [ "cups_serverroot=$(out)" "cups_serverbin=$(out)/lib/cups" ];
-
preConfigure = ''
- rm -rf jpeg libpng zlib jasper expat tiff lcms{,2} jbig2dec openjpeg freetype cups/libs
+ # requires in-tree (heavily patched) openjpeg
+ rm -rf jpeg libpng zlib jasper expat tiff lcms{,2} jbig2dec freetype cups/libs ijs
sed "s@if ( test -f \$(INCLUDE)[^ ]* )@if ( true )@; s@INCLUDE=/usr/include@INCLUDE=/no-such-path@" -i base/unix-aux.mak
+ sed "s@^ZLIBDIR=.*@ZLIBDIR=${zlib}/include@" -i configure.ac
+
+ autoconf
+ '' + lib.optionalString cupsSupport ''
+ configureFlags="$configureFlags --with-cups-serverbin=$out/lib/cups --with-cups-serverroot=$out/etc/cups --with-cups-datadir=$out/share/cups"
'';
configureFlags =
[ "--with-system-libtiff"
"--enable-dynamic"
- (if x11Support then "--with-x" else "--without-x")
- (if cupsSupport then "--enable-cups" else "--disable-cups")
- ];
+ ] ++ lib.optional x11Support "--with-x"
+ ++ lib.optional cupsSupport "--enable-cups";
doCheck = true;
- preCheck = "mkdir ./obj";
- # parallel check sometimes gave: Fatal error: can't create ./obj/whitelst.o
# don't build/install statically linked bin/gs
- buildFlags = "so";
- installTargets="soinstall";
+ buildFlags = [ "so" ];
+ installTargets = [ "soinstall" ];
postInstall = ''
ln -s gsc "$out"/bin/gs
+ cp -r Resource "$out/share/ghostscript/${version}"
+
mkdir -p "$doc/share/ghostscript/${version}"
mv "$out/share/ghostscript/${version}"/{doc,examples} "$doc/share/ghostscript/${version}/"
ln -s "${fonts}" "$out/share/ghostscript/fonts"
'';
- preFixup = stdenv.lib.strings.optionalString stdenv.isDarwin ''
+ preFixup = lib.optionalString stdenv.isDarwin ''
install_name_tool -change libgs.dylib.${version} $out/lib/libgs.dylib.${version} $out/bin/gs
'';
diff --git a/pkgs/os-specific/linux/nvidia-x11/builder-legacy304.sh b/pkgs/os-specific/linux/nvidia-x11/builder-legacy304.sh
index 20666fdb061f..fe8267831410 100755
--- a/pkgs/os-specific/linux/nvidia-x11/builder-legacy304.sh
+++ b/pkgs/os-specific/linux/nvidia-x11/builder-legacy304.sh
@@ -93,6 +93,10 @@ installPhase() {
substituteInPlace $out/share/applications/nvidia-settings.desktop \
--replace '__UTILS_PATH__' $out/bin \
--replace '__PIXMAP_PATH__' $out/share/pixmaps
+
+ # Move VDPAU libraries to their place
+ mkdir "$out"/lib/vdpau
+ mv "$out"/lib/libvdpau* "$out"/lib/vdpau
fi
}
diff --git a/pkgs/os-specific/linux/nvidia-x11/builder-legacy340.sh b/pkgs/os-specific/linux/nvidia-x11/builder-legacy340.sh
index d0eec0f7403b..899f12daf6b5 100755
--- a/pkgs/os-specific/linux/nvidia-x11/builder-legacy340.sh
+++ b/pkgs/os-specific/linux/nvidia-x11/builder-legacy340.sh
@@ -108,8 +108,12 @@ installPhase() {
#patchelf --set-rpath $cudaPath $out/lib/libcuda.so.*.*
#patchelf --set-rpath $openclPath $out/lib/libnvidia-opencl.so.*.*
- # we distribute these separately in `libvdpau`
+ # We distribute these separately in `libvdpau`
rm "$out"/lib/libvdpau{.*,_trace.*}
+
+ # Move VDPAU libraries to their place
+ mkdir "$out"/lib/vdpau
+ mv "$out"/lib/libvdpau* "$out"/lib/vdpau
}
diff --git a/pkgs/os-specific/linux/nvidia-x11/builder.sh b/pkgs/os-specific/linux/nvidia-x11/builder.sh
index 502648c1d513..c1f165c45dd5 100755
--- a/pkgs/os-specific/linux/nvidia-x11/builder.sh
+++ b/pkgs/os-specific/linux/nvidia-x11/builder.sh
@@ -119,8 +119,12 @@ installPhase() {
# For simplicity and dependency reduction, don't support the gtk3 interface.
rm $out/lib/libnvidia-gtk3.*
- # we distribute these separately in `libvdpau`
+ # We distribute these separately in `libvdpau`
rm "$out"/lib/libvdpau{.*,_trace.*}
+
+ # Move VDPAU libraries to their place
+ mkdir "$out"/lib/vdpau
+ mv "$out"/lib/libvdpau* "$out"/lib/vdpau
}
diff --git a/pkgs/stdenv/darwin/default.nix b/pkgs/stdenv/darwin/default.nix
index c0c19a64c3c7..0af7071e2186 100644
--- a/pkgs/stdenv/darwin/default.nix
+++ b/pkgs/stdenv/darwin/default.nix
@@ -278,7 +278,7 @@ in rec {
inherit stdenv shell;
nativeTools = false;
nativeLibc = false;
- inherit (pkgs) coreutils binutils;
+ inherit (pkgs) coreutils binutils gnugrep;
inherit (pkgs.darwin) dyld;
cc = pkgs.llvmPackages.clang-unwrapped;
libc = pkgs.darwin.Libsystem;
diff --git a/pkgs/stdenv/generic/setup.sh b/pkgs/stdenv/generic/setup.sh
index d8de9ab2390b..7d25472993c5 100644
--- a/pkgs/stdenv/generic/setup.sh
+++ b/pkgs/stdenv/generic/setup.sh
@@ -371,6 +371,11 @@ export NIX_BUILD_CORES
paxmark() { true; }
+# Prevent OpenSSL-based applications from using certificates in
+# /etc/ssl.
+export SSL_CERT_FILE=/no-cert-file.crt
+
+
######################################################################
# Textual substitution functions.
@@ -480,9 +485,11 @@ _defaultUnpack() {
if [ -d "$fn" ]; then
stripHash "$fn"
- # We can't preserve hardlinks because they may have been introduced by
- # store optimization, which might break things in the build
- cp -pr --reflink=auto --no-preserve=timestamps "$fn" $strippedName
+
+ # We can't preserve hardlinks because they may have been
+ # introduced by store optimization, which might break things
+ # in the build.
+ cp -pr --reflink=auto "$fn" $strippedName
else
@@ -637,14 +644,14 @@ configurePhase() {
# Add --disable-dependency-tracking to speed up some builds.
if [ -z "$dontAddDisableDepTrack" ]; then
- if grep -q dependency-tracking $configureScript; then
+ if grep -q dependency-tracking "$configureScript"; then
configureFlags="--disable-dependency-tracking $configureFlags"
fi
fi
# By default, disable static builds.
if [ -z "$dontDisableStatic" ]; then
- if grep -q enable-static $configureScript; then
+ if grep -q enable-static "$configureScript"; then
configureFlags="--disable-static $configureFlags"
fi
fi
diff --git a/pkgs/stdenv/linux/default.nix b/pkgs/stdenv/linux/default.nix
index 12fc3fed5a5a..ac7d8f5c706c 100644
--- a/pkgs/stdenv/linux/default.nix
+++ b/pkgs/stdenv/linux/default.nix
@@ -64,7 +64,7 @@ rec {
# the bootstrap. In all stages, we build an stdenv and the package
# set that can be built with that stdenv.
stageFun =
- {gccPlain, glibc, binutils, coreutils, name, overrides ? (pkgs: {}), extraBuildInputs ? []}:
+ {gccPlain, glibc, binutils, coreutils, gnugrep, name, overrides ? (pkgs: {}), extraBuildInputs ? []}:
let
@@ -93,7 +93,7 @@ rec {
cc = gccPlain;
isGNU = true;
libc = glibc;
- inherit binutils coreutils;
+ inherit binutils coreutils gnugrep;
name = name;
stdenv = stage0.stdenv;
};
@@ -125,6 +125,7 @@ rec {
glibc = null;
binutils = null;
coreutils = null;
+ gnugrep = null;
name = null;
overrides = pkgs: {
@@ -160,6 +161,7 @@ rec {
inherit (stage0.pkgs) glibc;
binutils = bootstrapTools;
coreutils = bootstrapTools;
+ gnugrep = bootstrapTools;
name = "bootstrap-gcc-wrapper";
# Rebuild binutils to use from stage2 onwards.
@@ -184,6 +186,7 @@ rec {
inherit (stage1.pkgs) glibc;
binutils = stage1.pkgs.binutils;
coreutils = bootstrapTools;
+ gnugrep = bootstrapTools;
name = "bootstrap-gcc-wrapper";
overrides = pkgs: {
@@ -200,6 +203,7 @@ rec {
gccPlain = bootstrapTools;
inherit (stage2.pkgs) glibc binutils;
coreutils = bootstrapTools;
+ gnugrep = bootstrapTools;
name = "bootstrap-gcc-wrapper";
overrides = pkgs: rec {
@@ -228,6 +232,7 @@ rec {
# still from the bootstrap tools.
stage4 = stageFun {
inherit (stage3.pkgs) gccPlain glibc binutils;
+ gnugrep = bootstrapTools;
coreutils = bootstrapTools;
name = "";
@@ -244,7 +249,7 @@ rec {
isGNU = true;
cc = stage4.stdenv.cc.cc;
libc = stage4.pkgs.glibc;
- inherit (stage4.pkgs) binutils coreutils;
+ inherit (stage4.pkgs) binutils coreutils gnugrep;
name = "";
stdenv = stage4.stdenv;
shell = stage4.pkgs.bash + "/bin/bash";
diff --git a/pkgs/stdenv/linux/make-bootstrap-tools.nix b/pkgs/stdenv/linux/make-bootstrap-tools.nix
index e31fed39843d..7f7f4c6a2bd1 100644
--- a/pkgs/stdenv/linux/make-bootstrap-tools.nix
+++ b/pkgs/stdenv/linux/make-bootstrap-tools.nix
@@ -11,6 +11,7 @@ rec {
});
curlMinimal = curl.override {
+ http2Support = false;
zlibSupport = false;
sslSupport = false;
scpSupport = false;
diff --git a/pkgs/tools/compression/bzip2/default.nix b/pkgs/tools/compression/bzip2/default.nix
index bb04049d8a66..66ff5612dd4a 100644
--- a/pkgs/tools/compression/bzip2/default.nix
+++ b/pkgs/tools/compression/bzip2/default.nix
@@ -3,9 +3,13 @@
let
version = "1.0.6";
- sharedLibrary = !stdenv.isDarwin && !(stdenv ? isStatic)
+ sharedLibrary = !(stdenv ? isStatic)
&& stdenv.system != "i686-cygwin" && !linkStatic;
+ darwinMakefile = fetchurl {
+ url = "https://gitweb.gentoo.org/repo/proj/prefix.git/plain/app-arch/bzip2/files/bzip2-1.0.6-Makefile-libbz2_dylib";
+ sha256 = "1lq6g98kfpwv2f7wn4sk8hzcf87dwf92gviq0b4691f5bvc9mawz";
+ };
in stdenv.mkDerivation {
name = "bzip2-${version}";
@@ -38,17 +42,24 @@ in stdenv.mkDerivation {
};
preBuild = stdenv.lib.optionalString sharedLibrary ''
- make -f Makefile-libbz2_so
+ make -f ${if stdenv.isDarwin then "Makefile-libbz2_dylib" else "Makefile-libbz2_so"}
'';
- preInstall = stdenv.lib.optionalString sharedLibrary ''
+ preInstall = stdenv.lib.optionalString sharedLibrary (if !stdenv.isDarwin then ''
mkdir -p $out/lib
mv libbz2.so* $out/lib
( cd $out/lib &&
ln -s libbz2.so.1.0.? libbz2.so &&
ln -s libbz2.so.1.0.? libbz2.so.1
)
- '';
+ '' else ''
+ mkdir -p $out/lib
+ mv libbz2.*.dylib $out/lib
+ ( cd $out/lib &&
+ ln -s libbz2.1.0.?.dylib libbz2.dylib &&
+ ln -s libbz2.1.0.?.dylib libbz2.1.dylib
+ )
+ '');
installFlags = [ "PREFIX=$(out)" ];
@@ -58,9 +69,14 @@ in stdenv.mkDerivation {
ln -s bzip2 $out/bin/bzcat
'';
- patchPhase = ''
+ postPatch = ''
substituteInPlace Makefile --replace CC=gcc CC=cc
substituteInPlace Makefile-libbz2_so --replace CC=gcc CC=cc
+ '' + stdenv.lib.optionalString stdenv.isDarwin ''
+ cp ${darwinMakefile} Makefile-libbz2_dylib
+ substituteInPlace Makefile-libbz2_dylib \
+ --replace "CC=gcc" "CC=cc" \
+ --replace "PREFIX=/usr" "PREFIX=$out"
'';
preConfigure = ''
diff --git a/pkgs/tools/misc/system-config-printer/default.nix b/pkgs/tools/misc/system-config-printer/default.nix
index 6b0be9d2f6e8..7ed25fb549b0 100644
--- a/pkgs/tools/misc/system-config-printer/default.nix
+++ b/pkgs/tools/misc/system-config-printer/default.nix
@@ -5,16 +5,20 @@
, withGUI ? true
}:
-stdenv.mkDerivation rec {
- name = "system-config-printer-1.3.12";
+let majorVersion = "1.5";
+
+in stdenv.mkDerivation rec {
+ name = "system-config-printer-${majorVersion}.7";
src = fetchurl {
- url = "http://cyberelk.net/tim/data/system-config-printer/1.3/${name}.tar.xz";
+ url = "http://cyberelk.net/tim/data/system-config-printer/${majorVersion}/${name}.tar.xz";
sha256 = "1cg9n75rg5l9vr1925n2g771kga33imikyl0mf70lww2sfgvs18r";
};
propagatedBuildInputs = [ pythonPackages.pycurl ];
+ patches = [ ./detect_serverbindir.patch ];
+
buildInputs =
[ intltool pkgconfig glib udev libusb1 cups xmlto
libxml2 docbook_xml_dtd_412 docbook_xsl desktop_file_utils
@@ -32,17 +36,28 @@ stdenv.mkDerivation rec {
postInstall =
''
+ export makeWrapperArgs="--set prefix $out"
wrapPythonPrograms
+ # The program imports itself, so we need to move shell wrappers to a proper place.
+ fixupWrapper() {
+ mv "$out/share/system-config-printer/$2.py" \
+ "$out/bin/$1"
+ sed -i "s/.$2.py-wrapped/$2.py/g" "$out/bin/$1"
+ mv "$out/share/system-config-printer/.$2.py-wrapped" \
+ "$out/share/system-config-printer/$2.py"
+ }
+ fixupWrapper scp-dbus-service scp-dbus-service
+ fixupWrapper system-config-printer system-config-printer
+ fixupWrapper system-config-printer-applet applet
+ # This __init__.py is both executed and imported.
( cd $out/share/system-config-printer/troubleshoot
mv .__init__.py-wrapped __init__.py
)
-
- # Upstream issue: https://github.com/twaugh/system-config-printer/issues/28
- sed -i -e "s|/usr/bin|$out/bin|" "$out/share/dbus-1/services/org.fedoraproject.Config.Printing.service"
'';
meta = {
homepage = http://cyberelk.net/tim/software/system-config-printer/;
platforms = stdenv.lib.platforms.linux;
+ license = stdenv.lib.licenses.gpl2;
};
}
diff --git a/pkgs/tools/misc/system-config-printer/detect_serverbindir.patch b/pkgs/tools/misc/system-config-printer/detect_serverbindir.patch
new file mode 100644
index 000000000000..2cd3058f2330
--- /dev/null
+++ b/pkgs/tools/misc/system-config-printer/detect_serverbindir.patch
@@ -0,0 +1,17 @@
+diff --git a/cupshelpers/config.py.in b/cupshelpers/config.py.in
+index 55abbfc..1244327 100644
+--- a/cupshelpers/config.py.in
++++ b/cupshelpers/config.py.in
+@@ -22,3 +22,12 @@
+ prefix="@prefix@"
+ sysconfdir="@sysconfdir@"
+ cupsserverbindir="@cupsserverbindir@"
++
++try:
++ with open("/etc/cups/cups-files.conf") as config:
++ for cfgline in config:
++ args = cfgline.split(" ")
++ if len(args) == 2 and args[0] == "ServerBin":
++ cupsserverbindir = args[1].strip()
++except OSError:
++ pass
diff --git a/pkgs/tools/networking/curl/7.15.nix b/pkgs/tools/networking/curl/7.15.nix
index 4e533878ec18..1e91d6bd0883 100644
--- a/pkgs/tools/networking/curl/7.15.nix
+++ b/pkgs/tools/networking/curl/7.15.nix
@@ -33,12 +33,8 @@ stdenv.mkDerivation rec {
sed -e 's|/usr/bin|/no-such-path|g' -i.bak configure
'';
- # make curl honor CURL_CA_BUNDLE & SSL_CERT_FILE
- postConfigure = ''
- echo '#define CURL_CA_BUNDLE (getenv("CURL_CA_BUNDLE") || getenv("SSL_CERT_FILE"))' >> lib/curl_config.h
- '';
-
configureFlags = [
+ "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt"
( if sslSupport then "--with-ssl=${openssl}" else "--without-ssl" )
( if scpSupport then "--with-libssh2=${libssh2}" else "--without-libssh2" )
]
diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix
index 7101a9cbb1e0..910d86066d9a 100644
--- a/pkgs/tools/networking/curl/default.nix
+++ b/pkgs/tools/networking/curl/default.nix
@@ -1,4 +1,5 @@
-{ stdenv, fetchurl
+{ stdenv, fetchurl, pkgconfig, perl
+, http2Support ? true, libnghttp2
, idnSupport ? false, libidn ? null
, ldapSupport ? false, openldap ? null
, zlibSupport ? false, zlib ? null
@@ -8,6 +9,7 @@
, c-aresSupport ? false, c-ares ? null
}:
+assert http2Support -> libnghttp2 != null;
assert idnSupport -> libidn != null;
assert ldapSupport -> openldap != null;
assert zlibSupport -> zlib != null;
@@ -16,17 +18,20 @@ assert scpSupport -> libssh2 != null;
assert c-aresSupport -> c-ares != null;
stdenv.mkDerivation rec {
- name = "curl-7.45.0";
+ name = "curl-7.47.0";
src = fetchurl {
url = "http://ngcobalt13.uxnr.de/mirror/curl/${name}.tar.bz2";
- sha256 = "1slq5c0v9wa8hajgimhkxhvsrd07jmih8sa3gjsl597qp5k4w5b5";
+ sha256 = "0riz70pjg82gbcfi2ndvsksb2dv55g31ir8piph2p6zvhy9ny29b";
};
+ nativeBuildInputs = [ pkgconfig perl ];
+
# Zlib and OpenSSL must be propagated because `libcurl.la' contains
# "-lz -lssl", which aren't necessary direct build inputs of
# applications that use Curl.
propagatedBuildInputs = with stdenv.lib;
+ optional http2Support libnghttp2 ++
optional idnSupport libidn ++
optional ldapSupport openldap ++
optional zlibSupport zlib ++
@@ -41,13 +46,10 @@ stdenv.mkDerivation rec {
rm src/tool_hugehelp.c
'';
- # make curl honor CURL_CA_BUNDLE & SSL_CERT_FILE
- postConfigure = ''
- echo '#define CURL_CA_BUNDLE (getenv("CURL_CA_BUNDLE") ? getenv("CURL_CA_BUNDLE") : getenv("SSL_CERT_FILE"))' >> lib/curl_config.h
- '';
-
configureFlags = [
+ "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt"
"--disable-manual"
+ ( if http2Support then "--with-nghttp2=${libnghttp2}" else "--without-nghttp2" )
( if sslSupport then "--with-ssl=${openssl}" else "--without-ssl" )
( if scpSupport then "--with-libssh2=${libssh2}" else "--without-libssh2" )
( if ldapSupport then "--enable-ldap" else "--disable-ldap" )
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 6fbaec541ed3..3602786c5902 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -259,6 +259,15 @@ let
{ substitutions = { inherit autoconf automake gettext libtool; }; }
../build-support/setup-hooks/autoreconf.sh;
+ ensureNewerSourcesHook = { year }: makeSetupHook {}
+ (writeScript "ensure-newer-sources-hook.sh" ''
+ postUnpackHooks+=(_ensureNewerSources)
+ _ensureNewerSources() {
+ '${findutils}/bin/find' "$sourceRoot" \
+ '!' -newermt '${year}-01-01' -exec touch -d '${year}-01-02' '{}' '+'
+ }
+ '');
+
buildEnv = callPackage ../build-support/buildenv { }; # not actually a package
buildFHSEnv = callPackage ../build-support/build-fhs-chrootenv/env.nix {
@@ -6604,6 +6613,11 @@ let
inherit fontconfig fontDirectories;
};
+ makeFontsCache = let fontconfig_ = fontconfig; in {fontconfig ? fontconfig_, fontDirectories}:
+ callPackage ../development/libraries/fontconfig/make-fonts-cache.nix {
+ inherit fontconfig fontDirectories;
+ };
+
freealut = callPackage ../development/libraries/freealut { };
freeglut = callPackage ../development/libraries/freeglut { };
@@ -7838,6 +7852,8 @@ let
libvdpau = callPackage ../development/libraries/libvdpau { };
+ libvdpau-va-gl = callPackage ../development/libraries/libvdpau-va-gl { };
+
libvirt = callPackage ../development/libraries/libvirt { };
libvirt-glib = callPackage ../development/libraries/libvirt-glib { };
@@ -8181,21 +8197,16 @@ let
wolfssl = callPackage ../development/libraries/wolfssl { };
openssl = openssl_1_0_1;
- openssl_1_0_1 = callPackage ../development/libraries/openssl {
- fetchurl = fetchurlBoot;
- cryptodevHeaders = linuxPackages.cryptodev.override {
- fetchurl = fetchurlBoot;
- onlyHeaders = true;
- };
- };
- openssl_1_0_2 = callPackage ../development/libraries/openssl/1.0.2.x.nix {
- fetchurl = fetchurlBoot;
- cryptodevHeaders = linuxPackages.cryptodev.override {
+ inherit (callPackages ../development/libraries/openssl {
fetchurl = fetchurlBoot;
- onlyHeaders = true;
- };
- };
+ cryptodevHeaders = linuxPackages.cryptodev.override {
+ fetchurl = fetchurlBoot;
+ onlyHeaders = true;
+ };
+ })
+ openssl_1_0_1
+ openssl_1_0_2;
openssl-chacha = callPackage ../development/libraries/openssl/chacha.nix {
cryptodevHeaders = linuxPackages.cryptodev.override {
diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix
index 55fd008d96c6..4552cf78661b 100644
--- a/pkgs/top-level/perl-packages.nix
+++ b/pkgs/top-level/perl-packages.nix
@@ -6943,7 +6943,6 @@ let self = _self // overrides; _self = with self; {
url = mirror://cpan/authors/id/G/GA/GAAS/LWP-Protocol-https-6.04.tar.gz;
sha256 = "0agnga5dg94222h6rlzqxa0dri2sh3gayncvfb7jad9nxr87gxhy";
};
- patches = [ ../development/perl-modules/lwp-protocol-https-cert-file.patch ];
propagatedBuildInputs = [ LWP IOSocketSSL ];
doCheck = false; # tries to connect to https://www.apache.org/.
meta = {