Commit Graph

62 Commits

Author SHA1 Message Date
7c6f434c
8188f10752
Merge pull request #166430 from alyssais/openssl-static-retry
treewide: use lib.getLib for OpenSSL libraries
2022-04-02 12:59:55 +00:00
Alyssa Ross
fd78240ac8
treewide: use lib.getLib for OpenSSL libraries
At some point, I'd like to make another attempt at
71f1f4884b ("openssl: stop static binaries referencing libs"), which
was reverted in 195c7da07d.  One problem with my previous attempt is
that I moved OpenSSL's libraries to a lib output, but many dependent
packages were hardcoding the out output as the location of the
libraries.  This patch fixes every such case I could find in the tree.
It won't have any effect immediately, but will mean these packages
will automatically use an OpenSSL lib output if it is reintroduced in
future.

This patch should cause very few rebuilds, because it shouldn't make
any change at all to most packages I'm touching.  The few rebuilds
that are introduced come from when I've changed a package builder not
to use variable names like openssl.out in scripts / substitution
patterns, which would be confusing since they don't hardcode the
output any more.

I started by making the following global replacements:

    ${pkgs.openssl.out}/lib -> ${lib.getLib pkgs.openssl}/lib
    ${openssl.out}/lib -> ${lib.getLib openssl}/lib

Then I removed the ".out" suffix when part of the argument to
lib.makeLibraryPath, since that function uses lib.getLib internally.

Then I fixed up cases where openssl was part of the -L flag to the
compiler/linker, since that unambigously is referring to libraries.

Then I manually investigated and fixed the following packages:

 - pycurl
 - citrix-workspace
 - ppp
 - wraith
 - unbound
 - gambit
 - acl2

I'm reasonably confindent in my fixes for all of them.

For acl2, since the openssl library paths are manually provided above
anyway, I don't think openssl is required separately as a build input
at all.  Removing it doesn't make a difference to the output size, the
file list, or the closure.

I've tested evaluation with the OfBorg meta checks, to protect against
introducing evaluation failures.
2022-03-30 15:10:00 +00:00
Sandro
3812e3a10c
Merge pull request #159900 from risicle/ris-libarchive-passthru-deps 2022-03-27 16:37:21 +02:00
R. Ryantm
240ceaddb9 libarchive: 3.5.2 -> 3.6.0 2022-02-12 20:57:10 -08:00
Robert Scott
cdf5bfff4b libarchive: add some reverse dependencies to passthru.tests 2022-02-13 00:30:04 +00:00
R. RyanTM
b8bfe4d74c libarchive: 3.5.1 -> 3.5.2 2021-08-24 08:14:52 +00:00
R. RyanTM
ca0599728f libarchive: 3.5.0 -> 3.5.1 2021-01-22 21:32:54 +01:00
Ben Siraphob
66e44425c6 pkgs/development/libraries: stdenv.lib -> lib 2021-01-21 19:11:02 -08:00
Jonathan Ringer
9bb3fccb5b treewide: pkgs.pkgconfig -> pkgs.pkg-config, move pkgconfig to alias.nix
continuation of #109595

pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.

python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
2021-01-19 01:16:25 -08:00
Jonathan Ringer
d35b703ccd libarchive: add changelog 2020-12-03 22:07:49 -08:00
R. RyanTM
e4b36a1f05 libarchive: 3.4.3 -> 3.5.0 2020-12-03 22:07:49 -08:00
John Ericson
9f05c50be1 libarchive: Fix Windows build 2020-10-29 00:38:45 +00:00
Frederik Rietdijk
af2dd0c798 Revert "Revert "Merge pull request #78910 from serokell/libarchive-zstd""
The PR was accidentally merged into master instead of staging and thus reverted. Now, in staging, we can re-revert it.

This reverts commit 4df2f78ec7.
2020-06-04 15:30:36 +02:00
Frederik Rietdijk
08900c0554 Merge master into staging-next 2020-06-04 15:25:54 +02:00
Frederik Rietdijk
4df2f78ec7 Revert "Merge pull request #78910 from serokell/libarchive-zstd"
Should go to staging instead.

This reverts commit f8d9f59abe, reversing
changes made to b27a19d5bf.
2020-05-29 21:03:02 +02:00
Frederik Rietdijk
f8d9f59abe
Merge pull request #78910 from serokell/libarchive-zstd
libarchive: link to zstd (split zstd output)
2020-05-29 20:51:16 +02:00
Vladimír Čunát
afa9962538
Merge #78910: libarchive: link to zstd (into staging)
Also split outputs and don't provide static lib by default.
2020-05-29 15:37:55 +02:00
R. RyanTM
52ed8e3bf2 libarchive: 3.4.2 -> 3.4.3 2020-05-20 18:57:34 +00:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
R. RyanTM
13a03f402c libarchive: 3.4.1 -> 3.4.2 2020-02-16 08:55:51 +01:00
Yorick van Pelt
414da94fed
libarchive: link against zstd 2020-02-10 20:03:59 +01:00
R. RyanTM
155fad6625 libarchive: 3.4.0 -> 3.4.1 2020-01-15 09:41:52 +01:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Andreas Rammhold
2c5763538a
libarchive: 3.3.3 -> 3.4.0
Release notes: https://github.com/libarchive/libarchive/releases/tag/v3.4.0
2019-07-20 23:58:53 +02:00
Vladimír Čunát
5767c18d99
libarchive: apply upstream CVE patches
Fixes #57150.
2019-03-10 09:52:14 +01:00
Periklis Tsirakidis
95fa7b6370
libarchive: 3.3.2 -> 3.3.3
Update includes patches for sec issues:
- CVE-2017-14166
- CVE-2017-14501
- CVE-2017-14502
- Upstream includes patch for libressl version check

fixes #49583
2018-11-15 14:00:01 +00:00
Orivej Desh
957810e04f libarchive: fix patch hash 2018-06-04 12:49:21 +00:00
qolii
20d83e286d libarchive: pull in patch to support LibresSSL-2.7 (#41395) 2018-06-03 17:59:43 +00:00
Jan Malakhovski
7438083a4d tree-wide: disable doCheck and doInstallCheck where it fails (the trivial part) 2018-04-25 04:18:46 +00:00
adisbladis
d76572fa89
libarchive: Fixes for CVE-2017-14166 and CVE-2017-14502 2017-10-31 02:17:02 +08:00
Franz Pletz
f9f9749fd2
libarchive: 3.3.1 -> 3.3.2 2017-08-28 19:49:11 +02:00
Franz Pletz
bf6c90ed67
libarchive: 3.2.2 -> 3.3.1 2017-03-11 10:25:34 +01:00
Franz Pletz
ca593a7293
libarchive: add patch to fix CVE-2017-5601 2017-01-31 17:00:13 +01:00
Graham Christensen
9118702898
libarchive: 3.2.1 -> 3.2.2 for unspecified vulnerabilities
The release notes don't cover anything in particular:

ba3dec4495/NEWS (L3)
2016-11-23 23:23:48 -05:00
Eelco Dolstra
37f2679e73 libarchive: Use multiple outputs 2016-09-19 20:03:11 +02:00
Vladimír Čunát
5a9cbd6b5e libarchive: use pkgconfig
It tends to make builds more reliable, in general.
2016-09-11 12:02:08 +02:00
Vladimír Čunát
856b4623c4 libarchive: include XAR support by default
Discussion:
https://github.com/NixOS/nixpkgs/pull/17834
2016-09-11 11:51:04 +02:00
Aneesh Agrawal
0187c7df7c libarchive: make libxml2 (XAR support) optional
Defaults to unincluded to reduce closure size.
2016-08-18 23:58:03 -04:00
Franz Pletz
844748a9c9 libarchive: 3.1.2 -> 3.2.1 (security)
Fixes at least:

  * CVE-2016-4300
  * CVE-2016-4302
  * CVE-2016-4809
  * CVE-2016-5844
2016-07-10 10:50:38 +02:00
Dan Peebles
42f46936bb libarchive: add propagatedBuildInputs for attr and acl to appease pkgconfig dependencies 2016-04-29 03:29:30 +00:00
Tuomas Tynkkynen
e5e2e6aba2 libarchive: Reference correct output of openssl. 2015-10-28 10:17:09 +01:00
Luca Bruno
7d1cb980bf libarchive: fix .la file for lzo2 2015-09-25 14:06:58 +02:00
William A. Kennington III
09d336ea5e libarchive: Support lzo 2015-09-23 20:49:03 -07:00
Vladimír Čunát
ac6f1313dc libarchive: comment on a vulnerability fixed before 2015-09-09 10:04:26 +02:00
Luca Bruno
9e0dcf3bd9 libarchive: fix .la file 2015-07-28 15:22:56 +02:00
Vladimír Čunát
f2c84ffeb2 libarchive: fix CVE-2015-1197 by upstream patch
Fixes #6799.
2015-06-16 18:35:13 +02:00
Florian Friesdorf
d6c4963bcb cygwin libarchive 2015-05-28 10:53:36 +02:00
Vladimír Čunát
f3ec500d48 libarchive: move patch into nixpkgs
Unfortunately, github periodically changes output even for raw diffs
(not just raw patches). I'm including the patch in nixpkgs.

I was unable to do it without hash change. Even if I added binary equal file.
2014-04-21 17:57:20 +02:00
Vladimír Čunát
c814dab2ee libarchive: *permanently* fix patch source and hash
Unfortunately github's *.patch URIs contain version of git generating them,
which changes from time to time. It seems that *.diff doesn't suffer from that.
2014-03-24 22:30:52 +01:00
Mathijs Kwik
64e7ee4142 libarchive: patch checksum failure
Probably github changed some headers in their patch output.
I verified other sources for CVE2013-0211 and the patch seems the
same.
2014-03-24 10:35:52 +01:00