summary refs log tree commit diff
path: root/pkgs/development/libraries/crypto++
diff options
context:
space:
mode:
authorFranz Pletz <fpletz@fnordicwalking.de>2016-09-29 23:07:56 +0200
committerFranz Pletz <fpletz@fnordicwalking.de>2016-09-29 23:40:38 +0200
commiteb6a1c9238716221140cfee12ebcfc306ba17191 (patch)
treee68915b9fba3acf9522c565bc34904c69289a55f /pkgs/development/libraries/crypto++
parenta34ec1517fc76dca1d3aa1cd3f04a04ef4109753 (diff)
downloadnixlib-eb6a1c9238716221140cfee12ebcfc306ba17191.tar
nixlib-eb6a1c9238716221140cfee12ebcfc306ba17191.tar.gz
nixlib-eb6a1c9238716221140cfee12ebcfc306ba17191.tar.bz2
nixlib-eb6a1c9238716221140cfee12ebcfc306ba17191.tar.lz
nixlib-eb6a1c9238716221140cfee12ebcfc306ba17191.tar.xz
nixlib-eb6a1c9238716221140cfee12ebcfc306ba17191.tar.zst
nixlib-eb6a1c9238716221140cfee12ebcfc306ba17191.zip
cryptopp: 5.6.2 -> 5.6.4
Fix CVE-2016-3995. #18856

Remove broken flag. #19040

cc #19009
Diffstat (limited to 'pkgs/development/libraries/crypto++')
-rw-r--r--pkgs/development/libraries/crypto++/GNUmakefile-darwin.patch15
-rw-r--r--pkgs/development/libraries/crypto++/GNUmakefile.patch13
-rw-r--r--pkgs/development/libraries/crypto++/default.nix23
-rw-r--r--pkgs/development/libraries/crypto++/dll.patch32
4 files changed, 46 insertions, 37 deletions
diff --git a/pkgs/development/libraries/crypto++/GNUmakefile-darwin.patch b/pkgs/development/libraries/crypto++/GNUmakefile-darwin.patch
new file mode 100644
index 000000000000..5a6cb3bcafb4
--- /dev/null
+++ b/pkgs/development/libraries/crypto++/GNUmakefile-darwin.patch
@@ -0,0 +1,15 @@
+diff --git a/GNUmakefile b/GNUmakefile
+index 4de9d10..ff4789a 100755
+--- a/GNUmakefile
++++ b/GNUmakefile
+@@ -271,8 +271,8 @@ endif # OpenMP
+ endif # IS_LINUX
+ 
+ ifneq ($(IS_DARWIN),0)
+-AR = libtool
+-ARFLAGS = -static -o
++AR = ar
++ARFLAGS = cru
+ CXX ?= c++
+ ifeq ($(IS_GCC_29),1)
+ CXXFLAGS += -fno-coalesce-templates -fno-coalesce-static-vtables
diff --git a/pkgs/development/libraries/crypto++/GNUmakefile.patch b/pkgs/development/libraries/crypto++/GNUmakefile.patch
deleted file mode 100644
index 48fdfe420482..000000000000
--- a/pkgs/development/libraries/crypto++/GNUmakefile.patch
+++ /dev/null
@@ -1,13 +0,0 @@
---- crypto++/GNUmakefile 2013-02-20 10:30:52.000000000 -0500
-+++ crypto++/GNUmakefile 2015-05-07 18:34:25.000000000 -0500
-@@ -87,8 +87,8 @@
- endif
-
- ifeq ($(UNAME),Darwin)
--AR = libtool
--ARFLAGS = -static -o
-+AR = ar
-+ARFLAGS = cru
- CXX = c++
- IS_GCC2 = $(shell $(CXX) -v 2>&1 | $(EGREP) -c gcc-932)
- ifeq ($(IS_GCC2),1)
diff --git a/pkgs/development/libraries/crypto++/default.nix b/pkgs/development/libraries/crypto++/default.nix
index 6fbd9451c564..d1476df2b601 100644
--- a/pkgs/development/libraries/crypto++/default.nix
+++ b/pkgs/development/libraries/crypto++/default.nix
@@ -1,16 +1,18 @@
 { fetchurl, stdenv, unzip }:
 
 stdenv.mkDerivation rec {
-  name = "crypto++-5.6.2";
+  name = "crypto++-${version}";
+  majorVersion = "5.6";
+  version = "${majorVersion}.4";
 
   src = fetchurl {
-    url = "mirror://sourceforge/cryptopp/cryptopp562.zip";
-    sha256 = "0x1mqpz1v071cfrw4grbw7z734cxnpry1qh2b6rsmcx6nkyd5gsw";
+    url = "mirror://sourceforge/cryptopp/cryptopp564.zip";
+    sha256 = "1msar24a38rxzq0xgmjf09hzaw2lv6s48vnbbhfrf5awn1vh6hxy";
   };
 
   patches = with stdenv;
     lib.optional (system != "i686-cygwin") ./dll.patch
-    ++ lib.optional isDarwin ./GNUmakefile.patch;
+    ++ lib.optional isDarwin ./GNUmakefile-darwin.patch;
 
   buildInputs = [ unzip ];
 
@@ -30,14 +32,18 @@ stdenv.mkDerivation rec {
 
   enableParallelBuilding = true;
 
-  makeFlags = "PREFIX=$(out)";
-  buildFlags = "libcryptopp.so";
+  makeFlags = [ "PREFIX=$(out)" ];
+  buildFlags = [ "libcryptopp.so" ];
+  installFlags = [ "LDCONF=true" ];
 
   doCheck = true;
   checkPhase = "LD_LIBRARY_PATH=`pwd` make test";
 
   # prefer -fPIC and .so to .a; cryptotest.exe seems superfluous
-  postInstall = ''rm "$out"/lib/*.a -r "$out/bin" '';
+  postInstall = ''
+    rm "$out"/lib/*.a -r "$out/bin"
+    ln -sf "$out"/lib/libcryptopp.so.${version} "$out"/lib/libcryptopp.so.${majorVersion}
+  '';
 
   meta = with stdenv.lib; {
     description = "Crypto++, a free C++ class library of cryptographic schemes";
@@ -45,8 +51,5 @@ stdenv.mkDerivation rec {
     license = licenses.boost;
     platforms = platforms.all;
     maintainers = [ ];
-    # Marked as broken due to needing an update for security issues.
-    # See: https://github.com/NixOS/nixpkgs/issues/18856
-    broken = true;
   };
 }
diff --git a/pkgs/development/libraries/crypto++/dll.patch b/pkgs/development/libraries/crypto++/dll.patch
index 36a814e67c86..12df1fb9e9e9 100644
--- a/pkgs/development/libraries/crypto++/dll.patch
+++ b/pkgs/development/libraries/crypto++/dll.patch
@@ -1,19 +1,10 @@
 Get rid of Windows-specific stuff.
 
---- crypto++/dll.cpp	2009-03-01 19:44:02.000000000 +0100
-+++ crypto++/dll.cpp	2009-08-11 00:49:34.000000000 +0200
-@@ -39,7 +39,7 @@ NAMESPACE_END
- 
- #endif
- 
--#ifdef CRYPTOPP_EXPORTS
-+#if defined CRYPTOPP_EXPORTS && defined _MSC_VER
- 
- USING_NAMESPACE(CryptoPP)
- 
---- crypto++/GNUmakefile	2009-03-15 02:48:02.000000000 +0100
-+++ crypto++/GNUmakefile	2009-08-11 01:23:09.000000000 +0200
-@@ -136,7 +136,7 @@ nolib: $(OBJS)		# makes it faster to tes
+diff --git a/GNUmakefile b/GNUmakefile
+index 4de9d10..ff4789a 100755
+--- a/GNUmakefile
++++ b/GNUmakefile
+@@ -656,7 +656,7 @@ nolib: $(OBJS)
  dll: cryptest.import.exe dlltest.exe
  
  cryptopp.dll: $(DLLOBJS)
@@ -22,3 +13,16 @@ Get rid of Windows-specific stuff.
  
  libcryptopp.import.a: $(LIBIMPORTOBJS)
  	$(AR) $(ARFLAGS) $@ $(LIBIMPORTOBJS)
+diff --git a/dll.cpp b/dll.cpp
+index 72dade9..b5097ab 100644
+--- a/dll.cpp
++++ b/dll.cpp
+@@ -48,7 +48,7 @@ NAMESPACE_END
+ 

+ #endif

+ 

+-#ifdef CRYPTOPP_EXPORTS

++#if defined CRYPTOPP_EXPORTS && defined _MSC_VER

+ 

+ USING_NAMESPACE(CryptoPP)

+
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-28 18:54:53 +0000