summary refs log tree commit diff
path: root/pkgs/applications/networking/sync/rsync
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/applications/networking/sync/rsync')
-rw-r--r--pkgs/applications/networking/sync/rsync/base.nix9
-rw-r--r--pkgs/applications/networking/sync/rsync/default.nix68
-rw-r--r--pkgs/applications/networking/sync/rsync/rrsync.nix9
3 files changed, 52 insertions, 34 deletions
diff --git a/pkgs/applications/networking/sync/rsync/base.nix b/pkgs/applications/networking/sync/rsync/base.nix
index 3479458088e..39ce5d3a7ea 100644
--- a/pkgs/applications/networking/sync/rsync/base.nix
+++ b/pkgs/applications/networking/sync/rsync/base.nix
@@ -1,4 +1,4 @@
-{ lib, fetchurl }:
+{ lib, fetchurl, fetchpatch }:
 
 rec {
   version = "3.2.3";
@@ -12,6 +12,13 @@ rec {
     url = "mirror://samba/rsync/rsync-patches-${version}.tar.gz";
     sha256 = "1wj21v57v135n6fnmlm2dxmb9lhrrg62jgkggldp1gb7d6s4arny";
   };
+  extraPatches = [
+    (fetchpatch {
+      name = "CVE-2020-14387.patch";
+      url = "https://git.samba.org/?p=rsync.git;a=patch;h=c3f7414;hp=4c4fce51072c9189cfb11b52aa54fed79f5741bd";
+      sha256 = "000lyx48lns84p53nsdlr45mb9558lrvnsz3yic0y3z6h2izv82x";
+    })
+  ];
 
   meta = with lib; {
     description = "Fast incremental file transfer utility";
diff --git a/pkgs/applications/networking/sync/rsync/default.nix b/pkgs/applications/networking/sync/rsync/default.nix
index 54417e6ef4b..88304e56a40 100644
--- a/pkgs/applications/networking/sync/rsync/default.nix
+++ b/pkgs/applications/networking/sync/rsync/default.nix
@@ -1,39 +1,47 @@
-{ lib, stdenv, fetchurl, perl, libiconv, zlib, popt
-, enableACLs ? lib.meta.availableOn stdenv.hostPlatform acl, acl ? null
-, enableLZ4 ? true, lz4 ? null
-, enableOpenSSL ? true, openssl ? null
-, enableXXHash ? true, xxHash ? null
-, enableZstd ? true, zstd ? null
+{ lib
+, stdenv
+, fetchurl
+, fetchpatch
+, perl
+, libiconv
+, zlib
+, popt
+, enableACLs ? lib.meta.availableOn stdenv.hostPlatform acl
+, acl
+, enableLZ4 ? true
+, lz4
+, enableOpenSSL ? true
+, openssl
+, enableXXHash ? true
+, xxHash
+, enableZstd ? true
+, zstd
 , enableCopyDevicesPatch ? false
 , nixosTests
 }:
 
-assert enableACLs -> acl != null;
-assert enableLZ4 -> lz4 != null;
-assert enableOpenSSL -> openssl != null;
-assert enableXXHash -> xxHash != null;
-assert enableZstd -> zstd != null;
-
 let
-  base = import ./base.nix { inherit lib fetchurl; };
+  base = import ./base.nix { inherit lib fetchurl fetchpatch; };
 in
 stdenv.mkDerivation rec {
-  name = "rsync-${base.version}";
+  pname = "rsync";
+  version = base.version;
 
   mainSrc = base.src;
 
   patchesSrc = base.upstreamPatchTarball;
 
-  srcs = [mainSrc] ++ lib.optional enableCopyDevicesPatch patchesSrc;
-  patches = lib.optional enableCopyDevicesPatch "./patches/copy-devices.diff";
+  srcs = [ mainSrc ] ++ lib.optional enableCopyDevicesPatch patchesSrc;
+  patches = lib.optional enableCopyDevicesPatch "./patches/copy-devices.diff"
+    ++ base.extraPatches;
 
-  buildInputs = [libiconv zlib popt]
-                ++ lib.optional enableACLs acl
-                ++ lib.optional enableZstd zstd
-                ++ lib.optional enableLZ4 lz4
-                ++ lib.optional enableOpenSSL openssl
-                ++ lib.optional enableXXHash xxHash;
-  nativeBuildInputs = [perl];
+  buildInputs = [ libiconv zlib popt ]
+    ++ lib.optional enableACLs acl
+    ++ lib.optional enableZstd zstd
+    ++ lib.optional enableLZ4 lz4
+    ++ lib.optional enableOpenSSL openssl
+    ++ lib.optional enableXXHash xxHash;
+  nativeBuildInputs = [ perl ];
 
   configureFlags = [
     "--with-nobody-group=nogroup"
@@ -42,13 +50,13 @@ stdenv.mkDerivation rec {
     # links them even.
     "--with-included-zlib=no"
   ]
-    # Work around issue with cross-compilation:
-    #     configure.sh: error: cannot run test program while cross compiling
-    # Remove once 3.2.4 or more recent is released.
-    # The following PR should fix the cross-compilation issue.
-    # Test using `nix-build -A pkgsCross.aarch64-multiplatform.rsync`.
-    # https://github.com/WayneD/rsync/commit/b7fab6f285ff0ff3816b109a8c3131b6ded0b484
-    ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "--enable-simd=no"
+  # Work around issue with cross-compilation:
+  #     configure.sh: error: cannot run test program while cross compiling
+  # Remove once 3.2.4 or more recent is released.
+  # The following PR should fix the cross-compilation issue.
+  # Test using `nix-build -A pkgsCross.aarch64-multiplatform.rsync`.
+  # https://github.com/WayneD/rsync/commit/b7fab6f285ff0ff3816b109a8c3131b6ded0b484
+  ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "--enable-simd=no"
   ;
 
   passthru.tests = { inherit (nixosTests) rsyncd; };
diff --git a/pkgs/applications/networking/sync/rsync/rrsync.nix b/pkgs/applications/networking/sync/rsync/rrsync.nix
index 83eb4658d2f..e55f7fc1fba 100644
--- a/pkgs/applications/networking/sync/rsync/rrsync.nix
+++ b/pkgs/applications/networking/sync/rsync/rrsync.nix
@@ -1,10 +1,11 @@
-{ lib, stdenv, fetchurl, perl, rsync }:
+{ lib, stdenv, fetchurl, perl, rsync, fetchpatch }:
 
 let
-  base = import ./base.nix { inherit lib fetchurl; };
+  base = import ./base.nix { inherit lib fetchurl fetchpatch; };
 in
 stdenv.mkDerivation {
-  name = "rrsync-${base.version}";
+  pname = "rrsync";
+  version = base.version;
 
   src = base.src;
 
@@ -15,6 +16,8 @@ stdenv.mkDerivation {
   dontConfigure = true;
   dontBuild = true;
 
+  patches = base.extraPatches;
+
   postPatch = ''
     substituteInPlace support/rrsync --replace /usr/bin/rsync ${rsync}/bin/rsync
   '';
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-23 10:52:29 +0000