diff options
author | Daiderd Jordan <daiderd@gmail.com> | 2017-01-04 01:42:10 +0100 |
---|---|---|
committer | Daiderd Jordan <daiderd@gmail.com> | 2017-01-04 01:42:26 +0100 |
commit | 27660cfdc01c9a7481b4646285ab155cca784c38 (patch) | |
tree | 3bfb5e18da3df6f88fd42ea7ad6e950aed68ac42 /pkgs/tools/networking | |
parent | 293551a16286f2e1134707babdb013a29bf778ce (diff) | |
parent | 61d125b8425da501f07765197186ed7351a55f48 (diff) | |
download | nixlib-27660cfdc01c9a7481b4646285ab155cca784c38.tar nixlib-27660cfdc01c9a7481b4646285ab155cca784c38.tar.gz nixlib-27660cfdc01c9a7481b4646285ab155cca784c38.tar.bz2 nixlib-27660cfdc01c9a7481b4646285ab155cca784c38.tar.lz nixlib-27660cfdc01c9a7481b4646285ab155cca784c38.tar.xz nixlib-27660cfdc01c9a7481b4646285ab155cca784c38.tar.zst nixlib-27660cfdc01c9a7481b4646285ab155cca784c38.zip |
Merge branch 'master' into staging
Diffstat (limited to 'pkgs/tools/networking')
-rw-r--r-- | pkgs/tools/networking/curl/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/networking/curl/fix-http2-window-size.patch | 88 | ||||
-rw-r--r-- | pkgs/tools/networking/i2p/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/networking/i2p/i2p.patch | 34 | ||||
-rw-r--r-- | pkgs/tools/networking/openvpn/default.nix | 9 | ||||
-rw-r--r-- | pkgs/tools/networking/openvpn/systemd-notify.patch | 14 | ||||
-rw-r--r-- | pkgs/tools/networking/strongswan/default.nix | 5 |
7 files changed, 39 insertions, 121 deletions
diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index 5dd523d6fa6b..9ed56ee1ec56 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -18,11 +18,11 @@ assert scpSupport -> libssh2 != null; assert c-aresSupport -> c-ares != null; stdenv.mkDerivation rec { - name = "curl-7.51.0"; + name = "curl-7.52.1"; src = fetchurl { url = "http://curl.haxx.se/download/${name}.tar.bz2"; - sha256 = "1pldg1d8606p4q83k8fcp61kfcsbphln22mycw7h7r87i42410kz"; + sha256 = "16rqhyzlpnivifin8n7l2fr9ihay9v2nw2drsniinb6bcykqaqfi"; }; outputs = [ "bin" "dev" "out" "man" "devdoc" ]; @@ -42,8 +42,6 @@ stdenv.mkDerivation rec { optional sslSupport openssl ++ optional scpSupport libssh2; - patches = stdenv.lib.optional http2Support ./fix-http2-window-size.patch; - # for the second line see http://curl.haxx.se/mail/tracker-2014-03/0087.html preConfigure = '' sed -e 's|/usr/bin|/no-such-path|g' -i.bak configure diff --git a/pkgs/tools/networking/curl/fix-http2-window-size.patch b/pkgs/tools/networking/curl/fix-http2-window-size.patch deleted file mode 100644 index 6fac3e1b42ac..000000000000 --- a/pkgs/tools/networking/curl/fix-http2-window-size.patch +++ /dev/null @@ -1,88 +0,0 @@ -From a4d888857ede39a8e2aa5f961048c6362d3a5377 Mon Sep 17 00:00:00 2001 -From: Jay Satiro <raysatiro@yahoo.com> -Date: Wed, 16 Nov 2016 02:55:30 -0500 -Subject: [PATCH] http2: Use huge HTTP/2 windows - -- Improve performance by using a huge HTTP/2 window size. - -Bug: https://github.com/curl/curl/issues/1102 -Reported-by: afrind@users.noreply.github.com -Assisted-by: Tatsuhiro Tsujikawa ---- - docs/TODO | 8 -------- - lib/http2.c | 15 +++++++++++++-- - 2 files changed, 13 insertions(+), 10 deletions(-) - -diff --git a/docs/TODO b/docs/TODO -index c3bc4eb..99c610f 100644 ---- a/docs/TODO -+++ b/docs/TODO -@@ -63,7 +63,6 @@ - 5.1 Better persistency for HTTP 1.0 - 5.2 support FF3 sqlite cookie files - 5.3 Rearrange request header order -- 5.4 Use huge HTTP/2 windows - 5.5 auth= in URLs - 5.6 Refuse "downgrade" redirects - 5.7 Brotli compression -@@ -528,13 +527,6 @@ This is not detailed in any FTP specification. - headers use a default value so only headers that need to be moved have to be - specified. - --5.4 Use huge HTTP/2 windows -- -- We're currently using nghttp2's default window size which is terribly small -- (64K). This becomes a bottle neck over high bandwidth networks. We should -- instead make the window size to be very big (512MB?) as we really don't do -- much flow control anyway. -- - 5.5 auth= in URLs - - Add the ability to specify the preferred authentication mechanism to use by -diff --git a/lib/http2.c b/lib/http2.c -index 6720984..202ab1b 100644 ---- a/lib/http2.c -+++ b/lib/http2.c -@@ -59,6 +59,8 @@ - #define nghttp2_session_callbacks_set_error_callback(x,y) - #endif - -+#define HTTP2_HUGE_WINDOW_SIZE (1 << 30) -+ - /* - * Curl_http2_init_state() is called when the easy handle is created and - * allows for HTTP/2 specific init of state. -@@ -965,7 +967,7 @@ static ssize_t data_source_read_callback(nghttp2_session *session, - */ - static nghttp2_settings_entry settings[] = { - { NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, 100 }, -- { NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE, NGHTTP2_INITIAL_WINDOW_SIZE }, -+ { NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE, HTTP2_HUGE_WINDOW_SIZE }, - }; - - #define H2_BUFSIZE 32768 -@@ -2031,7 +2033,8 @@ CURLcode Curl_http2_switched(struct connectdata *conn, - else { - /* stream ID is unknown at this point */ - stream->stream_id = -1; -- rv = nghttp2_submit_settings(httpc->h2, NGHTTP2_FLAG_NONE, NULL, 0); -+ rv = nghttp2_submit_settings(httpc->h2, NGHTTP2_FLAG_NONE, settings, -+ sizeof(settings) / sizeof(settings[0])); - if(rv != 0) { - failf(data, "nghttp2_submit_settings() failed: %s(%d)", - nghttp2_strerror(rv), rv); -@@ -2039,6 +2042,14 @@ CURLcode Curl_http2_switched(struct connectdata *conn, - } - } - -+ rv = nghttp2_session_set_local_window_size(httpc->h2, NGHTTP2_FLAG_NONE, 0, -+ HTTP2_HUGE_WINDOW_SIZE); -+ if(rv != 0) { -+ failf(data, "nghttp2_session_set_local_window_size() failed: %s(%d)", -+ nghttp2_strerror(rv), rv); -+ return CURLE_HTTP2; -+ } -+ - /* we are going to copy mem to httpc->inbuf. This is required since - mem is part of buffer pointed by stream->mem, and callbacks - called by nghttp2_session_mem_recv() will write stream specific diff --git a/pkgs/tools/networking/i2p/default.nix b/pkgs/tools/networking/i2p/default.nix index fb2f43586946..d5b9ff665d4a 100644 --- a/pkgs/tools/networking/i2p/default.nix +++ b/pkgs/tools/networking/i2p/default.nix @@ -1,10 +1,10 @@ { stdenv, procps, coreutils, fetchurl, jdk, jre, ant, gettext, which }: stdenv.mkDerivation rec { - name = "i2p-0.9.26"; + name = "i2p-0.9.28"; src = fetchurl { url = "https://github.com/i2p/i2p.i2p/archive/${name}.tar.gz"; - sha256 = "0h672w69a5xzgcrls64bpss3ga9hgpnrq90dr5lb5912pwwq9pa1"; + sha256 = "1xagyywnck2c5xalr7bc7cv5ikk4igf7avmc0n28nz9pkais1y1y"; }; buildInputs = [ jdk ant gettext which ]; patches = [ ./i2p.patch ]; diff --git a/pkgs/tools/networking/i2p/i2p.patch b/pkgs/tools/networking/i2p/i2p.patch index 2ae6446ed286..74031eb7aef7 100644 --- a/pkgs/tools/networking/i2p/i2p.patch +++ b/pkgs/tools/networking/i2p/i2p.patch @@ -1,6 +1,21 @@ +diff --git a/installer/resources/i2prouter b/installer/resources/i2prouter +index 365737d89..2ea14db3e 100644 +--- a/installer/resources/i2prouter ++++ b/installer/resources/i2prouter +@@ -49,7 +49,7 @@ APP_LONG_NAME="I2P Service" + + # gettext - we look for it in the path + # fallback to echo is below, we can't set it to echo here. +-GETTEXT=$(which gettext > /dev/null 2>&1) ++GETTEXT=%gettext% + + # Where to install the systemd service + SYSTEMD_SERVICE="/etc/systemd/system/${APP_NAME}.service" +diff --git a/installer/resources/runplain.sh b/installer/resources/runplain.sh +index eb4995dfe..0186cede3 100644 --- a/installer/resources/runplain.sh +++ b/installer/resources/runplain.sh -@@ -21,7 +21,7 @@ +@@ -25,7 +25,7 @@ CP= # Try using the Java binary that I2P was installed with. # If it's not found, try looking in the system PATH. @@ -9,10 +24,10 @@ if [ -z $JAVA ] || [ ! -x $JAVA ]; then echo "Error: Cannot find java." >&2 -@@ -40,15 +40,4 @@ +@@ -44,15 +44,4 @@ if [ $(uname -s) = "Darwin" ]; then export JAVA_TOOL_OPTIONS="-Djava.awt.headless=true" fi - JAVAOPTS="-Djava.net.preferIPv4Stack=${PREFERv4} -Djava.library.path=${I2P}:${I2P}/lib -Di2p.dir.base=${I2P} -DloggerFilenameOverride=logs/log-router-@.txt" + JAVAOPTS="${MAXMEMOPT} -Djava.net.preferIPv4Stack=${PREFERv4} -Djava.library.path=${I2P}:${I2P}/lib -Di2p.dir.base=${I2P} -DloggerFilenameOverride=logs/log-router-@.txt" -( - nohup ${JAVA} -cp \"${CP}\" ${JAVAOPTS} net.i2p.router.RouterLaunch > /dev/null 2>&1 -) & @@ -25,15 +40,4 @@ - echo "I2P failed to start." >&2 - exit 1 -fi -+${JAVA} -cp \"${CP}\" ${JAVAOPTS} net.i2p.router.RouterLaunch ---- a/installer/resources/i2prouter -+++ b/installer/resources/i2prouter -@@ -49,7 +49,7 @@ - - # gettext - we look for it in the path - # fallback to echo is below, we can't set it to echo here. --GETTEXT=$(which gettext > /dev/null 2>&1) -+GETTEXT=%gettext% - - # Where to install the systemd service - SYSTEMD_SERVICE="/etc/systemd/system/${APP_NAME}.service" ++exec ${JAVA} -cp \"${CP}\" ${JAVAOPTS} net.i2p.router.RouterLaunch diff --git a/pkgs/tools/networking/openvpn/default.nix b/pkgs/tools/networking/openvpn/default.nix index 13e1c68befda..f609c90ad504 100644 --- a/pkgs/tools/networking/openvpn/default.nix +++ b/pkgs/tools/networking/openvpn/default.nix @@ -7,11 +7,12 @@ assert pkcs11Support -> (pkcs11helper != null); with stdenv.lib; stdenv.mkDerivation rec { - name = "openvpn-2.3.12"; + name = "openvpn-${version}"; + version = "2.4.0"; src = fetchurl { - url = "http://swupdate.openvpn.net/community/releases/${name}.tar.gz"; - sha256 = "1zqwq19xg6yf90nv35yr8r0ljas5f42v4n9hjjmhlnzpan69plzm"; + url = "http://swupdate.openvpn.net/community/releases/${name}.tar.xz"; + sha256 = "0zpqnbhjaifdalyxwmvk5kcyd7cpxbcigbn7967nbsyvl54vl8vg"; }; patches = optional stdenv.isLinux ./systemd-notify.patch; @@ -39,8 +40,10 @@ stdenv.mkDerivation rec { meta = { description = "A robust and highly flexible tunneling application"; homepage = http://openvpn.net/; + downloadPage = "https://openvpn.net/index.php/open-source/downloads.html"; license = stdenv.lib.licenses.gpl2; maintainers = [ stdenv.lib.maintainers.viric ]; platforms = stdenv.lib.platforms.unix; + updateWalker = true; }; } diff --git a/pkgs/tools/networking/openvpn/systemd-notify.patch b/pkgs/tools/networking/openvpn/systemd-notify.patch index 9291f7a46642..c0ac8ae89d3c 100644 --- a/pkgs/tools/networking/openvpn/systemd-notify.patch +++ b/pkgs/tools/networking/openvpn/systemd-notify.patch @@ -10,13 +10,13 @@ diff -ru -x '*~' openvpn-2.3.1-orig/src/openvpn/init.c openvpn-2.3.1/src/openvpn static struct context *static_context; /* GLOBAL */ /* -@@ -1241,6 +1243,9 @@ - { - static const char message[] = "Initialization Sequence Completed"; +@@ -1375,6 +1375,9 @@ + /* Reset the unsuccessful connection counter on complete initialisation */ + c->options.unsuccessful_attempts = 0; -+ /* Tell systemd we're ready. */ -+ sd_notify(0, "READY=1"); ++ /* Tell systemd we're ready. */ ++ sd_notify(0, "READY=1"); + - /* If we delayed UID/GID downgrade or chroot, do it now */ - do_uid_gid_chroot (c, true); + /* If we delayed UID/GID downgrade or chroot, do it now */ + do_uid_gid_chroot (c, true); diff --git a/pkgs/tools/networking/strongswan/default.nix b/pkgs/tools/networking/strongswan/default.nix index 1791abf4a48b..7bcbb4fddb6b 100644 --- a/pkgs/tools/networking/strongswan/default.nix +++ b/pkgs/tools/networking/strongswan/default.nix @@ -37,8 +37,9 @@ stdenv.mkDerivation rec { "--enable-eap-mschapv2" "--enable-xauth-eap" "--enable-ext-auth" "--enable-forecast" "--enable-connmark" "--enable-acert" "--enable-pkcs11" "--enable-eap-sim-pcsc" "--enable-dnscert" "--enable-unbound" - "--enable-aesni" "--enable-af-alg" "--enable-rdrand" ] - ++ stdenv.lib.optional (stdenv.system == "i686-linux") "--enable-padlock" + "--enable-af-alg" ] + ++ stdenv.lib.optional stdenv.isx86_64 [ "--enable-aesni" "--enable-rdrand" ] + ++ stdenv.lib.optional (stdenv.system == "i686-linux") "--enable-padlock" ++ stdenv.lib.optionals enableTNC [ "--disable-gmp" "--disable-aes" "--disable-md5" "--disable-sha1" "--disable-sha2" "--disable-fips-prf" "--enable-curl" "--enable-openssl" |