diff options
Diffstat (limited to 'pkgs/development/compilers/go')
-rw-r--r-- | pkgs/development/compilers/go/1.4.nix | 4 | ||||
-rw-r--r-- | pkgs/development/compilers/go/1.5.nix | 141 | ||||
-rw-r--r-- | pkgs/development/compilers/go/1.6.nix | 8 | ||||
-rw-r--r-- | pkgs/development/compilers/go/1.7.nix | 86 | ||||
-rw-r--r-- | pkgs/development/compilers/go/cacert-1.7.patch | 82 | ||||
-rw-r--r-- | pkgs/development/compilers/go/default.nix | 95 | ||||
-rw-r--r-- | pkgs/development/compilers/go/remove-tools-1.7.patch | 10 |
7 files changed, 134 insertions, 292 deletions
diff --git a/pkgs/development/compilers/go/1.4.nix b/pkgs/development/compilers/go/1.4.nix index 17c3cc052177..273d768ce21f 100644 --- a/pkgs/development/compilers/go/1.4.nix +++ b/pkgs/development/compilers/go/1.4.nix @@ -20,6 +20,8 @@ stdenv.mkDerivation rec { buildInputs = [ pcre ]; propagatedBuildInputs = lib.optional stdenv.isDarwin Security; + hardeningDisable = [ "all" ]; + # I'm not sure what go wants from its 'src', but the go installation manual # describes an installation keeping the src. preUnpack = '' @@ -98,7 +100,7 @@ stdenv.mkDerivation rec { else throw "Unsupported system"; GOARM = stdenv.lib.optionalString (stdenv.system == "armv5tel-linux") "5"; GO386 = 387; # from Arch: don't assume sse2 on i686 - CGO_ENABLED = 1; + CGO_ENABLED = 0; # The go build actually checks for CC=*/clang and does something different, so we don't # just want the generic `cc` here. diff --git a/pkgs/development/compilers/go/1.5.nix b/pkgs/development/compilers/go/1.5.nix deleted file mode 100644 index b2eb4b1f246f..000000000000 --- a/pkgs/development/compilers/go/1.5.nix +++ /dev/null @@ -1,141 +0,0 @@ -{ stdenv, lib, fetchFromGitHub, tzdata, iana_etc, go_1_4, runCommand -, perl, which, pkgconfig, patch -, pcre -, Security, Foundation }: - -let - goBootstrap = runCommand "go-bootstrap" {} '' - mkdir $out - cp -rf ${go_1_4}/* $out/ - chmod -R u+w $out - find $out -name "*.c" -delete - cp -rf $out/bin/* $out/share/go/bin/ - ''; -in - -stdenv.mkDerivation rec { - name = "go-${version}"; - version = "1.5.4"; - - src = fetchFromGitHub { - owner = "golang"; - repo = "go"; - rev = "go${version}"; - sha256 = "1lvk9awmkjbz5z4snv3q3b3r7ijfz97kig2wkqz6jmr7b0lp1fcy"; - }; - - # perl is used for testing go vet - nativeBuildInputs = [ perl which pkgconfig patch ]; - buildInputs = [ pcre ]; - propagatedBuildInputs = lib.optionals stdenv.isDarwin [ - Security Foundation - ]; - - # I'm not sure what go wants from its 'src', but the go installation manual - # describes an installation keeping the src. - preUnpack = '' - mkdir -p $out/share - cd $out/share - ''; - - prePatch = '' - # Ensure that the source directory is named go - cd .. - if [ ! -d go ]; then - mv * go - fi - - cd go - patchShebangs ./ # replace /bin/bash - - # Disabling the 'os/http/net' tests (they want files not available in - # chroot builds) - rm src/net/{listen_test.go,parse_test.go,port_test.go} - rm src/syscall/exec_linux_test.go - # !!! substituteInPlace does not seems to be effective. - # The os test wants to read files in an existing path. Just don't let it be /usr/bin. - sed -i 's,/usr/bin,'"`pwd`", src/os/os_test.go - sed -i 's,/bin/pwd,'"`type -P pwd`", src/os/os_test.go - # Disable the unix socket test - sed -i '/TestShutdownUnix/areturn' src/net/net_test.go - # Disable the hostname test - sed -i '/TestHostname/areturn' src/os/os_test.go - # ParseInLocation fails the test - sed -i '/TestParseInSydney/areturn' src/time/format_test.go - # Remove the api check as it never worked - sed -i '/src\/cmd\/api\/run.go/ireturn nil' src/cmd/dist/test.go - # Remove the coverage test as we have removed this utility - sed -i '/TestCoverageWithCgo/areturn' src/cmd/go/go_test.go - - sed -i 's,/etc/protocols,${iana_etc}/etc/protocols,' src/net/lookup_unix.go - '' + lib.optionalString stdenv.isLinux '' - sed -i 's,/usr/share/zoneinfo/,${tzdata}/share/zoneinfo/,' src/time/zoneinfo_unix.go - '' + lib.optionalString stdenv.isDarwin '' - substituteInPlace src/race.bash --replace \ - "sysctl machdep.cpu.extfeatures | grep -qv EM64T" true - sed -i 's,strings.Contains(.*sysctl.*,true {,' src/cmd/dist/util.go - sed -i 's,"/etc","'"$TMPDIR"'",' src/os/os_test.go - sed -i 's,/_go_os_test,'"$TMPDIR"'/_go_os_test,' src/os/path_test.go - sed -i '/TestCgoLookupIP/areturn' src/net/cgo_unix_test.go - sed -i '/TestChdirAndGetwd/areturn' src/os/os_test.go - sed -i '/TestRead0/areturn' src/os/os_test.go - sed -i '/TestNohup/areturn' src/os/signal/signal_test.go - sed -i '/TestSystemRoots/areturn' src/crypto/x509/root_darwin_test.go - - sed -i '/TestGoInstallRebuildsStalePackagesInOtherGOPATH/areturn' src/cmd/go/go_test.go - sed -i '/TestBuildDashIInstallsDependencies/areturn' src/cmd/go/go_test.go - - sed -i '/TestDisasmExtld/areturn' src/cmd/objdump/objdump_test.go - - touch $TMPDIR/group $TMPDIR/hosts $TMPDIR/passwd - ''; - - patches = [ - ./remove-tools-1.5.patch - ] - # -ldflags=-s is required to compile on Darwin, see - # https://github.com/golang/go/issues/11994 - ++ stdenv.lib.optional stdenv.isDarwin ./strip.patch; - - GOOS = if stdenv.isDarwin then "darwin" else "linux"; - GOARCH = if stdenv.isDarwin then "amd64" - else if stdenv.system == "i686-linux" then "386" - else if stdenv.system == "x86_64-linux" then "amd64" - else if stdenv.isArm then "arm" - else throw "Unsupported system"; - GOARM = stdenv.lib.optionalString (stdenv.system == "armv5tel-linux") "5"; - GO386 = 387; # from Arch: don't assume sse2 on i686 - CGO_ENABLED = 1; - GOROOT_BOOTSTRAP = "${goBootstrap}/share/go"; - - # The go build actually checks for CC=*/clang and does something different, so we don't - # just want the generic `cc` here. - CC = if stdenv.isDarwin then "clang" else "cc"; - - installPhase = '' - mkdir -p "$out/bin" - export GOROOT="$(pwd)/" - export GOBIN="$out/bin" - export PATH="$GOBIN:$PATH" - cd ./src - echo Building - ./all.bash - ''; - - preFixup = '' - rm -r $out/share/go/pkg/bootstrap - ''; - - setupHook = ./setup-hook.sh; - - disallowedReferences = [ go_1_4 ]; - - meta = with stdenv.lib; { - branch = "1.5"; - homepage = http://golang.org/; - description = "The Go Programming language"; - license = licenses.bsd3; - maintainers = with maintainers; [ cstrahan wkennington ]; - platforms = platforms.linux ++ platforms.darwin; - }; -} diff --git a/pkgs/development/compilers/go/1.6.nix b/pkgs/development/compilers/go/1.6.nix index fa2b3d31d75b..38b114d8d070 100644 --- a/pkgs/development/compilers/go/1.6.nix +++ b/pkgs/development/compilers/go/1.6.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchurl, tzdata, iana_etc, go_1_4, runCommand +{ stdenv, lib, fetchurl, tzdata, iana_etc, go_bootstrap, runCommand , perl, which, pkgconfig, patch, fetchpatch , pcre , Security, Foundation, bash }: @@ -6,7 +6,7 @@ let goBootstrap = runCommand "go-bootstrap" {} '' mkdir $out - cp -rf ${go_1_4}/* $out/ + cp -rf ${go_bootstrap}/* $out/ chmod -R u+w $out find $out -name "*.c" -delete cp -rf $out/bin/* $out/share/go/bin/ @@ -29,6 +29,8 @@ stdenv.mkDerivation rec { Security Foundation ]; + hardeningDisable = [ "all" ]; + # I'm not sure what go wants from its 'src', but the go installation manual # describes an installation keeping the src. preUnpack = '' @@ -141,7 +143,7 @@ stdenv.mkDerivation rec { setupHook = ./setup-hook.sh; - disallowedReferences = [ go_1_4 ]; + disallowedReferences = [ go_bootstrap ]; meta = with stdenv.lib; { branch = "1.6"; diff --git a/pkgs/development/compilers/go/1.7.nix b/pkgs/development/compilers/go/1.7.nix index 25ae26f28181..0f78646e1aa0 100644 --- a/pkgs/development/compilers/go/1.7.nix +++ b/pkgs/development/compilers/go/1.7.nix @@ -1,52 +1,46 @@ -{ stdenv, lib, fetchFromGitHub, tzdata, iana_etc, go_1_4, runCommand +{ stdenv, fetchFromGitHub, tzdata, iana_etc, go_bootstrap, runCommand, writeScriptBin , perl, which, pkgconfig, patch, fetchpatch -, pcre +, pcre, cacert , Security, Foundation, bash }: let + + inherit (stdenv.lib) optional optionals optionalString; + + clangHack = writeScriptBin "clang" '' + #!${stdenv.shell} + exec ${stdenv.cc}/bin/clang "$@" 2> >(sed '/ld: warning:.*ignoring unexpected dylib file/ d' 1>&2) + ''; + goBootstrap = runCommand "go-bootstrap" {} '' mkdir $out - cp -rf ${go_1_4}/* $out/ + cp -rf ${go_bootstrap}/* $out/ chmod -R u+w $out find $out -name "*.c" -delete cp -rf $out/bin/* $out/share/go/bin/ ''; + in stdenv.mkDerivation rec { name = "go-${version}"; - version = "1.7"; + version = "1.7.1"; src = fetchFromGitHub { owner = "golang"; repo = "go"; rev = "go${version}"; - sha256 = "03wc4r5pgxrlh3lp8l0hb1bhsrwv4hfq1fcj8n82bfk3hvj43am2"; + sha256 = "121cvpjpbyl3lyd6j5lnnq6pr8vl7ar5zvap1132c522lxgxw356"; }; # perl is used for testing go vet nativeBuildInputs = [ perl which pkgconfig patch ]; buildInputs = [ pcre ]; - propagatedBuildInputs = lib.optionals stdenv.isDarwin [ - Security Foundation - ]; - - # I'm not sure what go wants from its 'src', but the go installation manual - # describes an installation keeping the src. - preUnpack = '' - topdir=$PWD - mkdir -p $out/share - cd $out/share - ''; + propagatedBuildInputs = optionals stdenv.isDarwin [ Security Foundation ]; - prePatch = '' - # Ensure that the source directory is named go - cd .. - if [ ! -d go ]; then - mv * go - fi + hardeningDisable = [ "all" ]; - cd go + prePatch = '' patchShebangs ./ # replace /bin/bash # This source produces shell script at run time, @@ -79,9 +73,9 @@ stdenv.mkDerivation rec { # Disable cgo lookup tests not works, they depend on resolver rm src/net/cgo_unix_test.go - '' + lib.optionalString stdenv.isLinux '' + '' + optionalString stdenv.isLinux '' sed -i 's,/usr/share/zoneinfo/,${tzdata}/share/zoneinfo/,' src/time/zoneinfo_unix.go - '' + lib.optionalString stdenv.isDarwin '' + '' + optionalString stdenv.isDarwin '' substituteInPlace src/race.bash --replace \ "sysctl machdep.cpu.extfeatures | grep -qv EM64T" true sed -i 's,strings.Contains(.*sysctl.*,true {,' src/cmd/dist/util.go @@ -91,6 +85,7 @@ stdenv.mkDerivation rec { sed -i '/TestChdirAndGetwd/areturn' src/os/os_test.go sed -i '/TestRead0/areturn' src/os/os_test.go sed -i '/TestNohup/areturn' src/os/signal/signal_test.go + sed -i '/TestCurrent/areturn' src/os/user/user_test.go sed -i '/TestSystemRoots/areturn' src/crypto/x509/root_darwin_test.go sed -i '/TestGoInstallRebuildsStalePackagesInOtherGOPATH/areturn' src/cmd/go/go_test.go @@ -104,20 +99,11 @@ stdenv.mkDerivation rec { touch $TMPDIR/group $TMPDIR/hosts $TMPDIR/passwd sed -i '1 a\exit 0' misc/cgo/errors/test.bash - - mkdir $topdir/dirtyhacks - cat <<EOF > $topdir/dirtyhacks/clang - #!${bash}/bin/bash - $(type -P clang) "\$@" 2> >(sed '/ld: warning:.*ignoring unexpected dylib file/ d' 1>&2) - exit $? - EOF - chmod +x $topdir/dirtyhacks/clang - PATH=$topdir/dirtyhacks:$PATH ''; - patches = [ - ./remove-tools-1.7.patch - ]; + patches = [ ./remove-tools-1.7.patch ./cacert-1.7.patch ]; + + SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; GOOS = if stdenv.isDarwin then "darwin" else "linux"; GOARCH = if stdenv.isDarwin then "amd64" @@ -125,7 +111,7 @@ stdenv.mkDerivation rec { else if stdenv.system == "x86_64-linux" then "amd64" else if stdenv.isArm then "arm" else throw "Unsupported system"; - GOARM = stdenv.lib.optionalString (stdenv.system == "armv5tel-linux") "5"; + GOARM = optionalString (stdenv.system == "armv5tel-linux") "5"; GO386 = 387; # from Arch: don't assume sse2 on i686 CGO_ENABLED = 1; GOROOT_BOOTSTRAP = "${goBootstrap}/share/go"; @@ -134,24 +120,30 @@ stdenv.mkDerivation rec { # just want the generic `cc` here. CC = if stdenv.isDarwin then "clang" else "cc"; + configurePhase = '' + mkdir -p $out/share/go/bin + export GOROOT=$out/share/go + export GOBIN=$GOROOT/bin + export PATH=$GOBIN:$PATH + ''; + + postConfigure = optionalString stdenv.isDarwin '' + export PATH=${clangHack}/bin:$PATH + ''; + installPhase = '' - mkdir -p "$out/bin" - export GOROOT="$(pwd)/" - export GOBIN="$out/bin" - export PATH="$GOBIN:$PATH" - cd ./src - echo Building - ./all.bash + cp -r . $GOROOT + ( cd $GOROOT/src && ./all.bash ) ''; preFixup = '' rm -r $out/share/go/pkg/bootstrap - rmdir $out/bin && mv $out/share/go/bin $out/bin + mv $out/share/go/bin $out/bin ''; setupHook = ./setup-hook.sh; - disallowedReferences = [ go_1_4 ]; + disallowedReferences = [ go_bootstrap ]; meta = with stdenv.lib; { branch = "1.7"; diff --git a/pkgs/development/compilers/go/cacert-1.7.patch b/pkgs/development/compilers/go/cacert-1.7.patch new file mode 100644 index 000000000000..0fe9ff8cc239 --- /dev/null +++ b/pkgs/development/compilers/go/cacert-1.7.patch @@ -0,0 +1,82 @@ +diff --git a/src/crypto/x509/root_cgo_darwin.go b/src/crypto/x509/root_cgo_darwin.go +index a4b33c7..9700b75 100644 +--- a/src/crypto/x509/root_cgo_darwin.go ++++ b/src/crypto/x509/root_cgo_darwin.go +@@ -151,11 +151,20 @@ int FetchPEMRoots(CFDataRef *pemRoots) { + import "C" + import ( + "errors" ++ "io/ioutil" ++ "os" + "unsafe" + ) + + func loadSystemRoots() (*CertPool, error) { + roots := NewCertPool() ++ if file := os.Getenv("SSL_CERT_FILE"); file != "" { ++ data, err := ioutil.ReadFile(file) ++ if err == nil { ++ roots.AppendCertsFromPEM(data) ++ return roots, nil ++ } ++ } + + var data C.CFDataRef = nil + err := C.FetchPEMRoots(&data) +diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go +index 78de56c..05eada4 100644 +--- a/src/crypto/x509/root_darwin.go ++++ b/src/crypto/x509/root_darwin.go +@@ -6,20 +6,31 @@ + + package x509 + +-import "os/exec" ++import ( ++ "io/ioutil" ++ "os" ++ "os/exec" ++) + + func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) { + return nil, nil + } + + func execSecurityRoots() (*CertPool, error) { ++ roots := NewCertPool() ++ if file := os.Getenv("SSL_CERT_FILE"); file != "" { ++ data, err := ioutil.ReadFile(file) ++ if err == nil { ++ roots.AppendCertsFromPEM(data) ++ return roots, nil ++ } ++ } + cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain") + data, err := cmd.Output() + if err != nil { + return nil, err + } + +- roots := NewCertPool() + roots.AppendCertsFromPEM(data) + return roots, nil + } +diff --git a/src/crypto/x509/root_unix.go b/src/crypto/x509/root_unix.go +index 7bcb3d6..3986e1a 100644 +--- a/src/crypto/x509/root_unix.go ++++ b/src/crypto/x509/root_unix.go +@@ -24,6 +24,14 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate + + func loadSystemRoots() (*CertPool, error) { + roots := NewCertPool() ++ if file := os.Getenv("SSL_CERT_FILE"); file != "" { ++ data, err := ioutil.ReadFile(file) ++ if err == nil { ++ roots.AppendCertsFromPEM(data) ++ return roots, nil ++ } ++ } ++ + var firstErr error + for _, file := range certFiles { + data, err := ioutil.ReadFile(file) diff --git a/pkgs/development/compilers/go/default.nix b/pkgs/development/compilers/go/default.nix deleted file mode 100644 index c684d7d5ee5d..000000000000 --- a/pkgs/development/compilers/go/default.nix +++ /dev/null @@ -1,95 +0,0 @@ -{ stdenv, fetchurl, bison, glibc, bash, coreutils, makeWrapper, tzdata}: - -let - loader386 = "${glibc.out}/lib/ld-linux.so.2"; - loaderAmd64 = "${glibc.out}/lib/ld-linux-x86-64.so.2"; - loaderArm = "${glibc.out}/lib/ld-linux.so.3"; -in - -stdenv.mkDerivation { - name = "go-1.0.3"; - - src = fetchurl { - url = http://go.googlecode.com/files/go1.0.3.src.tar.gz; - sha256 = "1pz31az3icwqfqfy3avms05jnqr0qrbrx9yqsclkdwbjs4rkbfkz"; - }; - - buildInputs = [ bison glibc bash makeWrapper ]; - - # I'm not sure what go wants from its 'src', but the go installation manual - # describes an installation keeping the src. - preUnpack = '' - mkdir -p $out/share - cd $out/share - ''; - - prePatch = '' - cd .. - if [ ! -d go ]; then - mv * go - fi - cd go - - patchShebangs ./ # replace /bin/bash - # !!! substituteInPlace does not seems to be effective. - sed -i 's,/lib/ld-linux.so.2,${loader386},' src/cmd/8l/asm.c - sed -i 's,/lib64/ld-linux-x86-64.so.2,${loaderAmd64},' src/cmd/6l/asm.c - sed -i 's,/lib64/ld-linux-x86-64.so.3,${loaderArm},' src/cmd/5l/asm.c - sed -i 's,/usr/share/zoneinfo/,${tzdata}/share/zoneinfo/,' src/pkg/time/zoneinfo_unix.go - - #sed -i -e 's,/bin/cat,${coreutils}/bin/cat,' \ - # -e 's,/bin/echo,${coreutils}/bin/echo,' \ - # src/pkg/exec/exec_test.go - - # Disabling the 'os/http/net' tests (they want files not available in - # chroot builds) - rm src/pkg/net/{multicast_test.go,parse_test.go,port_test.go} - # The os test wants to read files in an existing path. Just it don't be /usr/bin. - sed -i 's,/usr/bin,'"`pwd`", src/pkg/os/os_test.go - sed -i 's,/bin/pwd,'"`type -P pwd`", src/pkg/os/os_test.go - # Disable the hostname test - sed -i '/TestHostname/areturn' src/pkg/os/os_test.go - ''; - - patches = [ ./cacert.patch ./1_0-opt-error.patch ./1_0-gcc-bug.patch ]; - - GOOS = "linux"; - GOARCH = if stdenv.system == "i686-linux" then "386" - else if stdenv.system == "x86_64-linux" then "amd64" - else if stdenv.system == "armv5tel-linux" then "arm" - else throw "Unsupported system"; - GOARM = stdenv.lib.optionalString (stdenv.system == "armv5tel-linux") "5"; - - NIX_CFLAGS_COMPILE = "-Wno-error=cpp"; - - installPhase = '' - mkdir -p "$out/bin" - export GOROOT="$(pwd)/" - export GOBIN="$out/bin" - export PATH="$GOBIN:$PATH" - cd ./src - ./all.bash - cd - - - # Wrap the tools to define the location of the - # libraries. - for a in go gofmt godoc; do - wrapProgram "$out/bin/$a" \ - --set "GOROOT" $out/share/go \ - ${if stdenv.system == "armv5tel-linux" then "--set GOARM $GOARM" else ""} - done - - # Copy the emacs configuration for Go files. - mkdir -p "$out/share/emacs/site-lisp" - cp ./misc/emacs/* $out/share/emacs/site-lisp/ - ''; - - meta = { - branch = "1.0"; - homepage = http://golang.org/; - description = "The Go Programming language"; - license = "BSD"; - maintainers = with stdenv.lib.maintainers; [ pierron viric ]; - platforms = stdenv.lib.platforms.linux; - }; -} diff --git a/pkgs/development/compilers/go/remove-tools-1.7.patch b/pkgs/development/compilers/go/remove-tools-1.7.patch index b2e380f34fc5..b53e48e1a515 100644 --- a/pkgs/development/compilers/go/remove-tools-1.7.patch +++ b/pkgs/development/compilers/go/remove-tools-1.7.patch @@ -1,8 +1,8 @@ diff --git a/src/go/build/build.go b/src/go/build/build.go -index 496fe11..8c81dbd 100644 +index 9706b8b..f250751 100644 --- a/src/go/build/build.go +++ b/src/go/build/build.go -@@ -1388,7 +1388,7 @@ func init() { +@@ -1513,7 +1513,7 @@ func init() { } // ToolDir is the directory containing build tools. @@ -12,11 +12,11 @@ index 496fe11..8c81dbd 100644 // IsLocalImport reports whether the import path is // a local import path, like ".", "..", "./foo", or "../foo". diff --git a/src/runtime/extern.go b/src/runtime/extern.go -index d346362..fb22b6e 100644 +index 441dcd9..a50277e 100644 --- a/src/runtime/extern.go +++ b/src/runtime/extern.go -@@ -194,6 +194,17 @@ func GOROOT() string { - return defaultGoroot +@@ -230,6 +230,17 @@ func GOROOT() string { + return sys.DefaultGoroot } +// GOTOOLDIR returns the root of the Go tree. |