1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-30 09:31:01 +00:00
Commit graph

3921 commits

Author SHA1 Message Date
Vincent Bernat bf1473f5e0 haproxy: use getaddrinfo() on Linux (#44489)
As per project's README:

> Recent systems can resolve IPv6 host names using getaddrinfo(). This
> primitive is not present in all libcs and does not work in all of
> them either. Support in glibc was broken before 2.3. Some embedded
> libs may not properly work either, thus, support is disabled by
> default, meaning that some host names which only resolve as IPv6
> addresses will not resolve and configs might emit an error during
> parsing. If you know that your OS libc has reliable support for
> getaddrinfo(), you can add USE_GETADDRINFO=1 on the make command
> line to enable it. This is the recommended option for most Linux
> distro packagers since it's working fine on all recent mainstream
> distros. It is automatically enabled on Solaris 8 and above, as it's
> known to work.

Without this option, it is not possible for HAProxy to solve IPv6-only
names. This option is enabled in Debian builds without any notable
adverse effect.
2018-08-05 18:17:27 +02:00
Vincent Bernat cc1d82196c haproxy: 1.8.9 -> 1.8.13 (#44487)
The patches previously applied have been included upstream. Upstream
changelog (only MAJOR/MEDIUM):

2018/07/30 : 1.8.13
    - BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess
    - BUG/MEDIUM: h2: never leave pending data in the output buffer on close
    - BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout
    - BUG/MEDIUM: threads: Fix the exit condition of the thread barrier
    - BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full
    - BUG/MEDIUM: stats: don't ask for more data as long as we're responding
    - BUG/MEDIUM: threads/sync: use sched_yield when available
    - BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever
    - BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS
    - BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number
    - MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed

2018/06/27 : 1.8.12
    - BUG/MAJOR: stick_table: Complete incomplete SEGV fix

2018/06/26 : 1.8.11
    - BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table

2018/06/22 : 1.8.10
    - BUG/MEDIUM: spoe: Flags are not encoded in network order
    - BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
    - BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
    - BUG/MEDIUM: cache: don't cache when an Authorization header is present
    - BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
    - BUG/MEDIUM: fd: Only check update_mask against all_threads_mask.
    - BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
    - BUG/MEDIUM: lua/socket: Length required read doesn't work
    - BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
    - BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode
    - BUG/MEDIUM: lua/socket: wrong scheduling for sockets
    - BUG/MAJOR: lua: Dead lock with sockets
    - BUG/MEDIUM: lua/socket: Notification error
    - BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
    - BUG/MEDIUM: lua/socket: Buffer error, may segfault
    - MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0
    - BUG/MEDIUM: threads: handle signal queue only in thread 0
    - BUG/MAJOR: map: fix a segfault when using http-request set-map
    - BUG/MAJOR: ssl: Random crash with cipherlist capture
    - BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
    - BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
    - BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
2018-08-05 16:48:22 +02:00
Mario Rodas 2d7e6b79dc rtorrent: 20161023 -> 0.9.7 2018-08-04 08:35:54 -05:00
Mario Rodas b723af3174 libtorrent: 20161212 -> 0.13.7 2018-08-04 08:35:54 -05:00
Jan Tojnar cb4263a7a8
Merge pull request #44037 from flokli/fix-nm-applet-vpn
networkmanager: fix VPN activation through nm-applet
2018-08-04 02:17:27 +02:00
Florian Klink 24726a35d9 networkmanager: fix compile error due to NM_AVAILABLE_IN_1_12_2 macro 2018-08-04 01:32:45 +02:00
Florian Klink e63ef63c93 network-manager-applet: add patch for import file chooser 2018-08-04 01:08:25 +02:00
Florian Klink 88b2b6c71c network-manager: 1.12.0 -> 1.12.2
fix VPN activation through nm-applet (#43806),
upstream bug https://gitlab.gnome.org/GNOME/network-manager-applet/issues/12
2018-08-04 01:08:25 +02:00
xeji 5c7bf43c24
Merge pull request #44342 from carlosdagos/tinyproxy
tinyproxy: init at 1.8.4
2018-08-02 16:12:12 +02:00
Carlos D'Agostino a568eec08c tinyproxy: add docbook_xsl and add nonet option to a2x 2018-08-02 23:35:29 +10:00
Carlos D c431713f99 tinyproxy: init at 1.8.4 2018-08-02 18:36:57 +10:00
Bignaux Ronan 38e582c91d photon: init at 1.0.7 (#44269) 2018-08-02 09:49:54 +02:00
Maximilian Bosch cd5e01edd9 ocserv: init at 0.12.1 (#42871)
`ocserv` is a VPN server which follows the openconnect protocol
(https://github.com/openconnect/protocol). The packaging is slightly
inspired by the AUR version
(https://aur.archlinux.org/packages/ocserv/).

This patch initializes the package written in C, the man pages and a
module for a simple systemd unit to run the VPN server. The package
supports the following authentication methods for the server:

* `plain` (mostly username/password)
* `pam`

The third method (`radius`) is currently not supported since `nixpkgs`
misses a packaged client.

The module can be used like this:

``` nix
{
  services.ocserv = {
    enable = true;
    config = ''
      ...
    '';
  };
}
```

The option `services.ocserv.config` is required on purpose to
ensure that nobody just enables the service and experiences unexpected
side-effects on the system. For a full reference, please refer to the
man pages, the online docs or the example value.

The docs recommend to simply use `nobody` as user, so no extra user has
been added to the internal user list. Instead a configuration like
this can be used:

```
run-as-user = nobody
run-as-group = nogroup
```

/cc @tenten8401
Fixes #42594
2018-08-01 21:39:09 +02:00
leenaars 2b75a7266c ipgrep: init at 1.0 (#43887) 2018-08-01 15:40:57 +02:00
Jörg Thalheim 7ceaaa6d3a
Merge pull request #44214 from roconnor/bitcoin
Update Bitcoin and its MiniUPnPc dependency
2018-08-01 09:09:45 +01:00
Pascal Bach b92d6d545c minio-client: 2018-04-28T00-08-20Z -> 2018-07-31T02-28-53Z 2018-08-01 00:36:44 +02:00
Robert Schütz 2ea26fb794
bittornado: init at unstable-2018-02-09 (#43770) 2018-07-31 14:23:15 +02:00
Sarah Brofeldt cb19404faf
Merge pull request #44245 from Infinisil/add/bukubrow
bukubrow: Init at 2.4.0
2018-07-31 08:35:39 +02:00
Silvan Mosberger 2ee3d84a96
bukubrow: init at 2.4.0 2018-07-30 23:02:19 +02:00
Russell O'Connor ae669ad68d miniupnpc_2: 2.0.20171212 -> 2.0.20180203 2018-07-29 22:57:45 -04:00
Fernando José Pando 285d770949 httperf: init at 0.9.1
* httperf: init at 0.9.1

- tested on nixos

* httperf: 0.9.1 add ssl support

* httperf: 0.9.1 default-build-phase

* httperf: 0.9.1 fix pname
2018-07-29 09:41:15 -07:00
Jörg Thalheim 08254f2462
Merge pull request #44188 from Ekleog/redsocks-maintain
redsocks: add self as maintainer
2018-07-29 12:23:48 +01:00
Léo Gaspard 6622dffb1d
redsocks: add self as maintainer 2018-07-29 15:58:50 +09:00
Lluís Batlle i Rossell f54b387b63 Merge remote-tracking branch 'central/master' into viric_clean 2018-07-28 19:25:14 +02:00
Profpatsch abcc849c9e s6-networking: add ssl support (libressl by default)
For now there’s only support for libressl, but it is built in a way that makes
adding support for e.g. bearssl trivial.
2018-07-27 17:48:32 +02:00
Profpatsch 5ea846a656 s6-dns: 2.2.0.1 -> 2.3.0.0 2018-07-27 17:48:32 +02:00
Daiderd Jordan 7cc5624b3c
Merge pull request #43993 from carlosdagos/cntlm-macos
cntlm: add support for darwin
2018-07-25 21:19:26 +02:00
Carlos D 8b306bab12 cntlm: add support for darwin 2018-07-25 11:35:02 +10:00
John Ericson c99de14e60 curl: Get rid of crossAttrs 2018-07-24 18:36:59 -04:00
Profpatsch 4295da8af4 skarnet software: add Profpatsch as maintainer 2018-07-25 00:06:31 +02:00
Profpatsch 710f0f8c10 skarnet software: rename attributes and split outputs
Change the attribute names of camelCased utils to kebab-case to improve
consistency.
Split every package into multiple outputs where possible.
2018-07-25 00:06:31 +02:00
Frederik Rietdijk 099c13da1b Merge staging-next into master (#44009)
* substitute(): --subst-var was silently coercing to "" if the variable does not exist.

* libffi: simplify using `checkInputs`

* pythonPackges.hypothesis, pythonPackages.pytest: simpify dependency cycle fix

* utillinux: 2.32 -> 2.32.1

https://lkml.org/lkml/2018/7/16/532

* busybox: 1.29.0 -> 1.29.1

* bind: 9.12.1-P2 -> 9.12.2

https://ftp.isc.org/isc/bind9/9.12.2/RELEASE-NOTES-bind-9.12.2.html

* curl: 7.60.0 -> 7.61.0

* gvfs: make tests run, but disable

* ilmbase: disable tests on i686. Spooky!

* mdds: fix tests

* git: disable checks as tests are run in installcheck

* ruby: disable tests

* libcommuni: disable checks as tests are run in installcheck

* librdf: make tests run, but disable

* neon, neon_0_29: make tests run, but disable

* pciutils: 3.6.0 -> 3.6.1

Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/pciutils/versions.

* mesa: more include fixes

mostly from void-linux (thanks!)

* npth: 1.5 -> 1.6

minor bump

* boost167: Add lockfree next_prior patch

* stdenv: cleanup darwin bootstrapping

Also gets rid of the full python and some of it's dependencies in the
stdenv build closure.

* Revert "pciutils: use standardized equivalent for canonicalize_file_name"

This reverts commit f8db20fb3a.
Patching should no longer be needed with 3.6.1.

* binutils-wrapper: Try to avoid adding unnecessary -L flags

(cherry picked from commit f3758258b8895508475caf83e92bfb236a27ceb9)
Signed-off-by: Domen Kožar <domen@dev.si>

* libffi: don't check on darwin

libffi usages in stdenv broken darwin. We need to disable doCheck for that case.

* "rm $out/share/icons/hicolor/icon-theme.cache" -> hicolor-icon-theme setup-hook

* python.pkgs.pytest: setupHook to prevent creation of .pytest-cache folder, fixes #40273

When `py.test` was run with a folder as argument, it would not only
search for tests in that folder, but also create a .pytest-cache folder.
Not only is this state we don't want, but it was also causing
collisions.

* parity-ui: fix after merge

* python.pkgs.pytest-flake8: disable test, fix build

* Revert "meson: 0.46.1 -> 0.47.0"

With meson 0.47.0 (or 0.47.1, or git)
things are very wrong re:rpath handling
resulting in at best missing libs but
even corrupt binaries :(.

When we run patchelf it masks the problem
by removing obviously busted paths.
Which is probably why this wasn't noticed immediately.

Unfortunately the binary already
has a long series of paths scribbled
in a space intended for a much smaller string;
in my testing it was something like
lengths were 67 with 300+ written to it.

I think we've reported the relevant issues upstream,
but unfortunately it appears our patches
are what introduces the overwrite/corruption
(by no longer being correct in what they assume)

This doesn't look so bad to fix but it's
not something I can spend more time on
at the moment.

--

Interestingly the overwritten string data
(because it is scribbled past the bounds)
remains in the binary and is why we're suddenly
seeing unexpected references in various builds
-- notably this is is the reason we're
seeing the "extra-utils" breakage
that entirely crippled NixOS on master
(and probably on staging before?).

Fixes #43650.

This reverts commit 305ac4dade.

(cherry picked from commit 273d68eff8)
Signed-off-by: Domen Kožar <domen@dev.si>
2018-07-24 15:04:48 +01:00
Andreas Rammhold f4f8cb5b22 networkmanager-vpnc: 1.2.4 -> 1.2.6
fixes CVE-2018-10900
2018-07-23 22:44:34 +02:00
Lluís Batlle i Rossell 66d7126255 Take me (viric) out of most maintenance
Since years I'm not maintaining anything of the list below other
than some updates when I needed them for some reason. Other people
is doing that maintenance on my behalf so I better take me out but
for very few packages. Finally!
2018-07-22 21:50:19 +02:00
Pascal Wittmann 0967f617e2
axel: add license
see issue #43716
2018-07-22 17:33:09 +02:00
Frederik Rietdijk 6c72782d36 Merge staging-next into master 2018-07-22 11:04:28 +02:00
volth cc55a3ebcb treewide: fix build with disallowed aliases (#43872)
fixes build with disallowed aliases
2018-07-21 22:03:24 -04:00
Frederik Rietdijk ad47d658d1 Merge master into staging-next 2018-07-21 19:43:53 +02:00
Jörg Thalheim 218298b30f
Merge branch 'master' into unused5 2018-07-21 15:41:22 +01:00
Frederik Rietdijk 251a0a9a86
Merge pull request #43860 from volth/unused2
treewide: remove unused 'inherit' in let blocks
2018-07-21 11:13:36 +02:00
Frederik Rietdijk 8eca946958
Merge pull request #43738 from r-ryantm/auto-update/s3cmd
s3cmd: 2.0.1 -> 2.0.2
2018-07-21 10:52:11 +02:00
volth 52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
volth 6d2857a311 [bot] treewide: remove unused 'inherit' in let blocks 2018-07-20 19:38:19 +00:00
Graham Christensen 7fdba7c74e
Merge pull request #43834 from ryantm/https2
treewide: http -> https
2018-07-19 21:31:36 -04:00
Ryan Mulligan df8062c45b treewide: http -> https 2018-07-19 18:12:04 -07:00
Frederik Rietdijk 8213ff161c Merge master into staging-next 2018-07-19 18:24:24 +02:00
Matthew Bauer 76999cc40e treewide: remove aliases in nixpkgs
This makes the command ‘nix-env -qa -f. --arg config '{skipAliases =
true;}'’ work in Nixpkgs.

Misc...

- qtikz: use libsForQt5.callPackage

  This ensures we get the right poppler.

- rewrites:

  docbook5_xsl -> docbook_xsl_ns
  docbook_xml_xslt -> docbook_xsl

diffpdf: fixup
2018-07-18 23:25:20 -04:00
R. RyanTM d5c9d86b83 s3cmd: 2.0.1 -> 2.0.2
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/s3cmd/versions.
2018-07-18 07:46:21 -07:00
Will Dietz ed31b92d9d
Merge pull request #43649 from dtzWill/update/whois-5.3.2
whois: 5.3.1 -> 5.3.2
2018-07-17 09:15:51 -05:00
Will Dietz e2cbbbb289 whois: 5.3.1 -> 5.3.2
> whois (5.3.2) unstable; urgency=medium
>
>   * Added the .ge TLD server.
>   * Updated the charset for whois.nic.cl. (Closes: #900047)
>   * Updated the list of new gTLDs.
2018-07-16 21:33:00 -05:00