From bf71eac7b03b5dd3043385496b13c6e8065f1555 Mon Sep 17 00:00:00 2001 From: Christian Ulrich Date: Sat, 24 Jul 2021 15:52:40 +0200 Subject: [PATCH] update gnutls to 3.7.2; rename to gnutls-latest to avoid global usage --- default.nix | 7 ++++--- pkgs/gnutls/default.nix | 20 ++++++++------------ 2 files changed, 12 insertions(+), 15 deletions(-) diff --git a/default.nix b/default.nix index 113ec16..37aa08a 100644 --- a/default.nix +++ b/default.nix @@ -9,12 +9,13 @@ self: super: gintro = super.callPackage ./pkgs/nim-packages/gintro/default.nix { }; - gnutls = super.callPackage ./pkgs/gnutls/default.nix { + gnutls-latest = super.callPackage ./pkgs/gnutls/default.nix { inherit (super.darwin.apple_sdk.frameworks) Security; - util-linux = super.utillinuxMinimal; # break the cyclic dependency + util-linux = super.util-linuxMinimal; # break the cyclic dependency + autoconf = super.buildPackages.autoconf269; }; - #gnutls-debug = super.enableDebugging self.gnutls; + gnutls-latest-debug = super.enableDebugging self.gnutls; groupchat = super.callPackage ./pkgs/nim-packages/groupchat.nix { }; diff --git a/pkgs/gnutls/default.nix b/pkgs/gnutls/default.nix index d3000be..4c40949 100644 --- a/pkgs/gnutls/default.nix +++ b/pkgs/gnutls/default.nix @@ -8,23 +8,22 @@ assert guileBindings -> guile != null; let - version = "3.7.2"; # XXX: Gnulib's `test-select' fails on FreeBSD: # https://hydra.nixos.org/build/2962084/nixlog/1/raw . - doCheck = !stdenv.isFreeBSD && !stdenv.isDarwin && lib.versionAtLeast version "3.4" + doCheck = !stdenv.isFreeBSD && !stdenv.isDarwin && stdenv.buildPlatform == stdenv.hostPlatform; inherit (stdenv.hostPlatform) isDarwin; in -stdenv.mkDerivation { - name = "gnutls-${version}"; - inherit version; +stdenv.mkDerivation rec { + pname = "gnutls"; + version = "3.7.2"; src = fetchurl { - url = "mirror://gnupg/gnutls/v3.7/gnutls-${version}.tar.xz"; - sha256 = "0li7mwjnm64mbxhacz0rpf6i9qd83f53fvbrx96alpqqk9d6qvk4"; + url = "mirror://gnupg/gnutls/v${lib.versions.majorMinor version}/gnutls-${version}.tar.xz"; + sha256 = "646e6c5a9a185faa4cea796d378a1ba8e1148dbb197ca6605f95986a25af2752"; }; outputs = [ "bin" "dev" "out" "man" "devdoc" ]; @@ -42,7 +41,7 @@ stdenv.mkDerivation { # - trust-store: default trust store path (/etc/ssl/...) is missing in sandbox (3.5.11) # - psk-file: no idea; it broke between 3.6.3 and 3.6.4 # Change p11-kit test to use pkg-config to find p11-kit - postPatch = lib.optionalString (lib.versionAtLeast version "3.6") '' + postPatch = '' sed '2iexit 77' -i tests/{pkgconfig,fastopen}.sh sed '/^void doit(void)/,/^{/ s/{/{ exit(77);/' -i tests/{trust-store,psk-file}.c sed 's:/usr/lib64/pkcs11/ /usr/lib/pkcs11/ /usr/lib/x86_64-linux-gnu/pkcs11/:`pkg-config --variable=p11_module_path p11-kit-1`:' -i tests/p11-kit-trust.sh @@ -50,9 +49,6 @@ stdenv.mkDerivation { sed '2iecho "certtool tests skipped in musl build"\nexit 0' -i tests/cert-tests/certtool.sh ''; - hardeningDisable = [ "fortify" ]; - dontStrip = true; - preConfigure = "patchShebangs ."; configureFlags = lib.optional stdenv.isLinux "--with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt" @@ -115,7 +111,7 @@ stdenv.mkDerivation { tampering, or message forgery." ''; - homepage = "https://www.gnu.org/software/gnutls/"; + homepage = "https://gnutls.org/"; license = licenses.lgpl21Plus; maintainers = with maintainers; [ eelco fpletz ]; platforms = platforms.all;