diff options
author | Robin Gloster <mail@glob.in> | 2016-05-30 19:39:34 +0000 |
---|---|---|
committer | Robin Gloster <mail@glob.in> | 2016-05-30 19:39:34 +0000 |
commit | 2d382f3d981fc9e4a350badb43736c252415d27c (patch) | |
tree | 3d5f7a96aa71be52c86f3c243b23424e319cc286 /pkgs/tools/networking | |
parent | 365379857fb561df949fc841e80458e317a1d682 (diff) | |
parent | 2661511cdb39bd7612dd5311b46420785fc1eac8 (diff) | |
download | nixlib-2d382f3d981fc9e4a350badb43736c252415d27c.tar nixlib-2d382f3d981fc9e4a350badb43736c252415d27c.tar.gz nixlib-2d382f3d981fc9e4a350badb43736c252415d27c.tar.bz2 nixlib-2d382f3d981fc9e4a350badb43736c252415d27c.tar.lz nixlib-2d382f3d981fc9e4a350badb43736c252415d27c.tar.xz nixlib-2d382f3d981fc9e4a350badb43736c252415d27c.tar.zst nixlib-2d382f3d981fc9e4a350badb43736c252415d27c.zip |
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
Diffstat (limited to 'pkgs/tools/networking')
18 files changed, 184 insertions, 32 deletions
diff --git a/pkgs/tools/networking/curl/7.15.nix b/pkgs/tools/networking/curl/7.15.nix index 56046d5423dd..c3c16cc08b44 100644 --- a/pkgs/tools/networking/curl/7.15.nix +++ b/pkgs/tools/networking/curl/7.15.nix @@ -37,8 +37,8 @@ stdenv.mkDerivation rec { configureFlags = [ "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt" - ( if sslSupport then "--with-ssl=${openssl}" else "--without-ssl" ) - ( if scpSupport then "--with-libssh2=${libssh2}" else "--without-libssh2" ) + ( if sslSupport then "--with-ssl=${openssl.dev}" else "--without-ssl" ) + ( if scpSupport then "--with-libssh2=${libssh2.dev}" else "--without-libssh2" ) ] ++ stdenv.lib.optional c-aresSupport "--enable-ares=${c-ares}" ++ stdenv.lib.optional gssSupport "--with-gssapi=${gss}" diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index 47f03cc37477..f2e6117966f0 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -51,11 +51,11 @@ stdenv.mkDerivation rec { configureFlags = [ "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt" "--disable-manual" - ( if sslSupport then "--with-ssl=${openssl}" else "--without-ssl" ) - ( if scpSupport then "--with-libssh2=${libssh2}" else "--without-libssh2" ) + ( if sslSupport then "--with-ssl=${openssl.dev}" else "--without-ssl" ) + ( if scpSupport then "--with-libssh2=${libssh2.dev}" else "--without-libssh2" ) ( if ldapSupport then "--enable-ldap" else "--disable-ldap" ) ( if ldapSupport then "--enable-ldaps" else "--disable-ldaps" ) - ( if idnSupport then "--with-libidn=${libidn}" else "--without-libidn" ) + ( if idnSupport then "--with-libidn=${libidn.dev}" else "--without-libidn" ) ] ++ stdenv.lib.optional c-aresSupport "--enable-ares=${c-ares}" ++ stdenv.lib.optional gssSupport "--with-gssapi=${gss}"; diff --git a/pkgs/tools/networking/http-prompt/default.nix b/pkgs/tools/networking/http-prompt/default.nix new file mode 100644 index 000000000000..ba9b8b2d7712 --- /dev/null +++ b/pkgs/tools/networking/http-prompt/default.nix @@ -0,0 +1,30 @@ +{ stdenv, fetchFromGitHub, pythonPackages, httpie }: + +pythonPackages.buildPythonApplication rec { + version = "0.2.0"; + name = "http-prompt"; + + src = fetchFromGitHub { + rev = "v${version}"; + repo = "http-prompt"; + owner = "eliangcs"; + sha256 = "0hgw3kx9rfdg394darms3vqcjm6xw6qrm8gnz54nahmyxnhrxnpp"; + }; + + propagatedBuildInputs = with pythonPackages; [ + click + httpie + parsimonious + prompt_toolkit + pygments + six + ]; + + meta = with stdenv.lib; { + description = "An interactive command-line HTTP client featuring autocomplete and syntax highlighting"; + homepage = "https://github.com/eliangcs/http-prompt"; + license = licenses.mit; + maintainers = with maintainers; [ matthiasbeyer ]; + platforms = platforms.linux; # can only test on linux + }; +} diff --git a/pkgs/tools/networking/keepalived/default.nix b/pkgs/tools/networking/keepalived/default.nix index bc0085a731eb..1d0c9d55076e 100644 --- a/pkgs/tools/networking/keepalived/default.nix +++ b/pkgs/tools/networking/keepalived/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { ''; # It doesn't know about the include/libnl<n> directory - NIX_CFLAGS_COMPILE="-I${libnl}/include/libnl3"; + NIX_CFLAGS_COMPILE="-I${libnl.dev}/include/libnl3"; NIX_LDFLAGS="-lnl-3 -lnl-genl-3"; configureFlags = [ diff --git a/pkgs/tools/networking/libreswan/default.nix b/pkgs/tools/networking/libreswan/default.nix index 1a040652ff4e..a2204f9664a1 100644 --- a/pkgs/tools/networking/libreswan/default.nix +++ b/pkgs/tools/networking/libreswan/default.nix @@ -1,15 +1,15 @@ { stdenv, fetchurl, makeWrapper, pkgconfig, systemd, gmp, unbound, bison, flex, pam, libevent, libcap_ng, curl, nspr, - bash, iproute, iptables, procps, coreutils, gnused, gawk, nssTools, which, python, + bash, iproute, iptables, procps, coreutils, gnused, gawk, nss, which, python, docs ? false, xmlto }: let optional = stdenv.lib.optional; - version = "3.16"; + version = "3.17"; name = "libreswan-${version}"; binPath = stdenv.lib.makeBinPath [ - bash iproute iptables procps coreutils gnused gawk nssTools which python + bash iproute iptables procps coreutils gnused gawk nss.tools which python ]; in @@ -21,12 +21,12 @@ stdenv.mkDerivation { src = fetchurl { url = "https://download.libreswan.org/${name}.tar.gz"; - sha256 = "15qv4101p1jw591l04gsfscb3farzd278mgi8yph015vmifyjxrd"; + sha256 = "00qd1n6f5w4xr06yanfpnbnn7y7rq2m878ifa3hh13bdgzsqdhi8"; }; nativeBuildInputs = [ makeWrapper ]; buildInputs = [ pkgconfig bash iproute iptables systemd coreutils gnused gawk gmp unbound bison flex pam libevent - libcap_ng curl nspr nssTools python ] + libcap_ng curl nspr nss python ] ++ optional docs xmlto; prePatch = '' diff --git a/pkgs/tools/networking/linkchecker/add-no-robots-flag.patch b/pkgs/tools/networking/linkchecker/add-no-robots-flag.patch new file mode 100644 index 000000000000..270ef2c02e1e --- /dev/null +++ b/pkgs/tools/networking/linkchecker/add-no-robots-flag.patch @@ -0,0 +1,60 @@ +diff --git a/linkcheck/checker/httpurl.py b/linkcheck/checker/httpurl.py +index 6f207b6..161619c 100644 +--- a/linkcheck/checker/httpurl.py ++++ b/linkcheck/checker/httpurl.py +@@ -75,7 +75,7 @@ def allows_robots (self, url): + @return: True if access is granted, otherwise False + @rtype: bool + """ +- return self.aggregate.robots_txt.allows_url(self) ++ return not self.aggregate.config['robotstxt'] or self.aggregate.robots_txt.allows_url(self) + + def content_allows_robots (self): + """ +diff --git a/linkcheck/configuration/__init__.py b/linkcheck/configuration/__init__.py +index fc2c148..234fa05 100644 +--- a/linkcheck/configuration/__init__.py ++++ b/linkcheck/configuration/__init__.py +@@ -163,6 +163,7 @@ def __init__ (self): + ## checking options + self["allowedschemes"] = [] + self['cookiefile'] = None ++ self['robotstxt'] = True + self["debugmemory"] = False + self["localwebroot"] = None + self["maxfilesizeparse"] = 1*1024*1024 +diff --git a/linkcheck/configuration/confparse.py b/linkcheck/configuration/confparse.py +index 67751ed..845fa95 100644 +--- a/linkcheck/configuration/confparse.py ++++ b/linkcheck/configuration/confparse.py +@@ -149,6 +149,7 @@ def read_checking_config (self): + self.get(section, 'allowedschemes').split(',')] + self.read_boolean_option(section, "debugmemory") + self.read_string_option(section, "cookiefile") ++ self.read_boolean_option(section, "robotstxt") + self.read_string_option(section, "localwebroot") + try: + self.read_boolean_option(section, "sslverify") +diff --git a/linkchecker b/linkchecker +index 199532c..9e91fa5 100755 +--- a/linkchecker ++++ b/linkchecker +@@ -321,6 +321,9 @@ group.add_argument("--cookiefile", dest="cookiefile", metavar="FILENAME", + help=_( + """Read a file with initial cookie data. The cookie data format is + explained below.""")) ++# const because store_false doesn't detect absent flags ++group.add_argument("--no-robots", action="store_const", const=False, ++ dest="norobotstxt", help=_("Disable robots.txt checks")) + group.add_argument("--check-extern", action="store_true", + dest="checkextern", help=_("""Check external URLs.""")) + group.add_argument("--ignore-url", action="append", metavar="REGEX", +@@ -431,6 +434,8 @@ if options.externstrict: + if options.extern: + pats = [linkcheck.get_link_pat(arg) for arg in options.extern] + config["externlinks"].extend(pats) ++if options.norobotstxt is not None: ++ config['robotstxt'] = options.norobotstxt + if options.checkextern: + config["checkextern"] = True + elif not config["checkextern"]: diff --git a/pkgs/tools/networking/linkchecker/default.nix b/pkgs/tools/networking/linkchecker/default.nix new file mode 100644 index 000000000000..79566f129019 --- /dev/null +++ b/pkgs/tools/networking/linkchecker/default.nix @@ -0,0 +1,30 @@ +{ stdenv, lib, fetchurl, python2Packages }: + +python2Packages.buildPythonApplication rec { + name = "LinkChecker-${version}"; + version = "9.3"; + + # LinkChecker 9.3 only works with requests 2.9.x + propagatedBuildInputs = with python2Packages ; [ requests2 ]; + + src = fetchurl { + url = "mirror://pypi/L/LinkChecker/${name}.tar.gz"; + sha256 = "0v8pavf0bx33xnz1kwflv0r7lxxwj7vg3syxhy2wzza0wh6sc2pf"; + }; + + # upstream refuses to support ignoring robots.txt + patches = [ + ./add-no-robots-flag.patch + ]; + + postInstall = '' + rm $out/bin/linkchecker-gui + ''; + + meta = { + description = "Check websites for broken links"; + homepage = "https://wummel.github.io/linkchecker/"; + license = lib.licenses.gpl2; + maintainers = with lib.maintainers; [ peterhoeg ]; + }; +} diff --git a/pkgs/tools/networking/mailsend/default.nix b/pkgs/tools/networking/mailsend/default.nix index 363c22c8bb89..6f5552782190 100644 --- a/pkgs/tools/networking/mailsend/default.nix +++ b/pkgs/tools/networking/mailsend/default.nix @@ -3,11 +3,11 @@ let s = # Generated upstream information rec { baseName="mailsend"; - version="1.18"; + version="1.19"; name="${baseName}-${version}"; - hash="1fjrb6q7y2dxx0qz7r0wlhqfkjqq1vfh7yb7jl77h5qi5kd5rm46"; - url="https://github.com/muquit/mailsend/archive/1.18.tar.gz"; - sha256="1fjrb6q7y2dxx0qz7r0wlhqfkjqq1vfh7yb7jl77h5qi5kd5rm46"; + hash="1xwk6jvl5li8ddlik1lj88qswnyminp9wlf5cm8gg3n54szgcpjn"; + url="https://github.com/muquit/mailsend/archive/1.19.tar.gz"; + sha256="1xwk6jvl5li8ddlik1lj88qswnyminp9wlf5cm8gg3n54szgcpjn"; }; buildInputs = [ openssl @@ -20,7 +20,7 @@ stdenv.mkDerivation { inherit (s) url sha256; }; configureFlags = [ - "--with-openssl=${openssl}" + "--with-openssl=${openssl.dev}" ]; meta = { inherit (s) version; diff --git a/pkgs/tools/networking/network-manager/default.nix b/pkgs/tools/networking/network-manager/default.nix index 2d5477ee8e49..34506cb823d0 100644 --- a/pkgs/tools/networking/network-manager/default.nix +++ b/pkgs/tools/networking/network-manager/default.nix @@ -13,8 +13,6 @@ stdenv.mkDerivation rec { sha256 = "17jan0g5jzp8mrpklyacwdgnnw016m1c5pc4az5im6qhc260yirs"; }; - outputs = [ "dev" "out" ]; - preConfigure = '' substituteInPlace configure --replace /usr/bin/uname ${coreutils}/bin/uname substituteInPlace configure --replace /usr/bin/file ${file}/bin/file diff --git a/pkgs/tools/networking/oslrd/default.nix b/pkgs/tools/networking/olsrd/default.nix index 90f686f77ea6..90f686f77ea6 100644 --- a/pkgs/tools/networking/oslrd/default.nix +++ b/pkgs/tools/networking/olsrd/default.nix diff --git a/pkgs/tools/networking/openvpn/default.nix b/pkgs/tools/networking/openvpn/default.nix index 4f27c89fa829..6f7b72c1f1c1 100644 --- a/pkgs/tools/networking/openvpn/default.nix +++ b/pkgs/tools/networking/openvpn/default.nix @@ -15,9 +15,7 @@ stdenv.mkDerivation rec { buildInputs = [ lzo openssl pkgconfig ] ++ optionals stdenv.isLinux [ pam systemd iproute ]; - configureFlags = '' - --enable-password-save - '' + optionalString stdenv.isLinux '' + configureFlags = optionalString stdenv.isLinux '' --enable-systemd --enable-iproute2 IPROUTE=${iproute}/sbin/ip @@ -32,8 +30,6 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - NIX_LDFLAGS = optionalString stdenv.isLinux "-lsystemd-daemon"; # hacky - meta = { description = "A robust and highly flexible tunneling application"; homepage = http://openvpn.net/; diff --git a/pkgs/tools/networking/sstp/default.nix b/pkgs/tools/networking/sstp/default.nix index ed28db45f100..6dbd62679939 100644 --- a/pkgs/tools/networking/sstp/default.nix +++ b/pkgs/tools/networking/sstp/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { ''; configureFlags = [ - "--with-openssl=${openssl}" + "--with-openssl=${openssl.dev}" "--with-runtime-dir=/run/sstpc" "--with-pppd-plugin-dir=$(out)/lib/pppd" ]; diff --git a/pkgs/tools/networking/strongswan/default.nix b/pkgs/tools/networking/strongswan/default.nix index 1e8b1a1b299f..1e00157c4874 100644 --- a/pkgs/tools/networking/strongswan/default.nix +++ b/pkgs/tools/networking/strongswan/default.nix @@ -4,11 +4,12 @@ , enableTNC ? false }: stdenv.mkDerivation rec { - name = "strongswan-5.3.2"; + name = "strongswan-${version}"; + version = "5.4.0"; src = fetchurl { url = "http://download.strongswan.org/${name}.tar.bz2"; - sha256 = "09gjrd5f8iykh926y35blxlm2hlzpw15m847d8vc9ga29s6brad4"; + sha256 = "12dy7dfwblihrc2zs0fdvyimvgi2g5mvgh0ksjkxi73axam8ya7q"; }; dontPatchELF = true; diff --git a/pkgs/tools/networking/stunnel/default.nix b/pkgs/tools/networking/stunnel/default.nix index 48e3c5625832..cd0c1e56baca 100644 --- a/pkgs/tools/networking/stunnel/default.nix +++ b/pkgs/tools/networking/stunnel/default.nix @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { buildInputs = [ openssl ]; configureFlags = [ - "--with-ssl=${openssl}" + "--with-ssl=${openssl.dev}" "--sysconfdir=/etc" "--localstatedir=/var" ]; diff --git a/pkgs/tools/networking/toxvpn/default.nix b/pkgs/tools/networking/toxvpn/default.nix new file mode 100644 index 000000000000..3b5627db2156 --- /dev/null +++ b/pkgs/tools/networking/toxvpn/default.nix @@ -0,0 +1,37 @@ +{ stdenv, fetchFromGitHub, libtoxcore, cmake, jsoncpp, lib, stdenvAdapters, libsodium, systemd, enableDebugging, libcap }: + +with lib; + +let + libtoxcoreLocked = stdenv.lib.overrideDerivation libtoxcore (oldAttrs: { + name = "libtoxcore-20151110"; + src = fetchFromGitHub { + owner = "irungentoo"; + repo = "toxcore"; + rev = "22634a4b93dda5b17cb357cd84ac46fcfdc22519"; + sha256 = "01i92wm5lg2p7k71qn23sfh01xi8acdrwn23rk52n54h424l1fgy"; + }; + }); + +in stdenv.mkDerivation { + name = "toxvpn-20151111"; + + src = fetchFromGitHub { + owner = "cleverca22"; + repo = "toxvpn"; + rev = "1d06bb7da277d46abb8595cf152210c4ccf0ba7d"; + sha256 = "1himrbdgsbkfha1d87ysj2hwyz4a6z9yxqbai286imkya84q7r15"; + }; + + buildInputs = [ cmake libtoxcoreLocked jsoncpp libsodium systemd libcap ]; + + cmakeFlags = [ "-DSYSTEMD=1" ]; + + meta = with stdenv.lib; { + description = "A powerful tool that allows one to make tunneled point to point connections over Tox"; + homepage = https://github.com/cleverca22/toxvpn; + license = licenses.gpl3; + maintainers = with maintainers; [ cleverca22 obadz ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/tools/networking/unbound/default.nix b/pkgs/tools/networking/unbound/default.nix index f639044a195d..684b9b13a804 100644 --- a/pkgs/tools/networking/unbound/default.nix +++ b/pkgs/tools/networking/unbound/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--with-ssl=${openssl.dev}" - "--with-libexpat=${expat}" + "--with-libexpat=${expat.dev}" "--with-libevent=${libevent.dev}" "--localstatedir=/var" "--sysconfdir=/etc" diff --git a/pkgs/tools/networking/uwimap/default.nix b/pkgs/tools/networking/uwimap/default.nix index 69b3e633f379..c2c707fbc77a 100644 --- a/pkgs/tools/networking/uwimap/default.nix +++ b/pkgs/tools/networking/uwimap/default.nix @@ -20,13 +20,13 @@ stdenv.mkDerivation { ++ stdenv.lib.optional (!stdenv.isDarwin) pam; patchPhase = '' - sed -i src/osdep/unix/Makefile -e 's,/usr/local/ssl,${openssl},' + sed -i src/osdep/unix/Makefile -e 's,/usr/local/ssl,${openssl.dev},' sed -i src/osdep/unix/Makefile -e 's,^SSLCERTS=.*,SSLCERTS=/etc/ssl/certs,' sed -i src/osdep/unix/Makefile -e 's,^SSLLIB=.*,SSLLIB=${openssl.out}/lib,' ''; NIX_CFLAGS_COMPILE = stdenv.lib.optionalString stdenv.isDarwin - "-I${openssl}/include/openssl"; + "-I${openssl.dev}/include/openssl"; installPhase = '' mkdir -p $out/bin $out/lib $out/include diff --git a/pkgs/tools/networking/vtun/default.nix b/pkgs/tools/networking/vtun/default.nix index e14326fe9e62..b0397149e60d 100644 --- a/pkgs/tools/networking/vtun/default.nix +++ b/pkgs/tools/networking/vtun/default.nix @@ -16,8 +16,8 @@ stdenv.mkDerivation rec { configureFlags = '' --with-lzo-headers=${lzo}/include/lzo - --with-ssl-headers=${openssl}/include/openssl - --with-blowfish-headers=${openssl}/include/openssl''; + --with-ssl-headers=${openssl.dev}/include/openssl + --with-blowfish-headers=${openssl.dev}/include/openssl''; meta = with stdenv.lib; { description = "Virtual Tunnels over TCP/IP with traffic shaping, compression and encryption"; |