diff options
Diffstat (limited to 'pkgs/tools/networking')
30 files changed, 205 insertions, 576 deletions
diff --git a/pkgs/tools/networking/cjdns/default.nix b/pkgs/tools/networking/cjdns/default.nix index e602ee5f412..569d84bd72e 100644 --- a/pkgs/tools/networking/cjdns/default.nix +++ b/pkgs/tools/networking/cjdns/default.nix @@ -2,7 +2,7 @@ let version = "16"; # see ${src}/util/version/Version.h - date = "20150308"; + date = "20150422"; in stdenv.mkDerivation { name = "cjdns-${version}-${date}"; @@ -10,8 +10,8 @@ stdenv.mkDerivation { src = fetchFromGitHub { owner = "cjdelisle"; repo = "cjdns"; - rev = "dc7eaf676cb83f13ba3e76a1bd0f2e093e6d6e1b"; - sha256 = "1llhv9kflh4rzv9b9qq9zhrckcc6a7xs0dp147adwmaxqjj8v601"; + rev = "78e13484b6639adacefc62eb7cf93ef7db4a936f"; + sha256 = "1l1c43r11mj4c8is24988yfycw74flgv7qvc2cfhlisz7fhgfkds"; }; buildInputs = [ which python27 nodejs ] ++ diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index 08c00fc4b34..713fe40c189 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -1,4 +1,6 @@ { stdenv, fetchurl +, idnSupport ? false, libidn ? null +, ldapSupport ? false, openldap ? null , zlibSupport ? false, zlib ? null , sslSupport ? false, openssl ? null , scpSupport ? false, libssh2 ? null @@ -6,23 +8,27 @@ , c-aresSupport ? false, c-ares ? null }: +assert idnSupport -> libidn != null; +assert ldapSupport -> openldap != null; assert zlibSupport -> zlib != null; assert sslSupport -> openssl != null; assert scpSupport -> libssh2 != null; assert c-aresSupport -> c-ares != null; stdenv.mkDerivation rec { - name = "curl-7.41.0"; + name = "curl-7.42.0"; src = fetchurl { url = "http://curl.haxx.se/download/${name}.tar.bz2"; - sha256 = "1slbbxp2k8m34mdzrl5qhafr5zhhcv7fgjhs2mcxjmswvimm92wz"; + sha256 = "13yhcqfksy2vwc4sjv97nv3cbd2pb2a8lnvv8g46qp1gail7sm9j"; }; # Zlib and OpenSSL must be propagated because `libcurl.la' contains # "-lz -lssl", which aren't necessary direct build inputs of # applications that use Curl. propagatedBuildInputs = with stdenv.lib; + optional idnSupport libidn ++ + optional ldapSupport openldap ++ optional zlibSupport zlib ++ optional gssSupport gss ++ optional c-aresSupport c-ares ++ @@ -43,6 +49,9 @@ stdenv.mkDerivation rec { configureFlags = [ ( if sslSupport then "--with-ssl=${openssl}" else "--without-ssl" ) ( if scpSupport then "--with-libssh2=${libssh2}" else "--without-libssh2" ) + ( if ldapSupport then "--enable-ldap" else "--disable-ldap" ) + ( if ldapSupport then "--enable-ldaps" else "--disable-ldaps" ) + ( if idnSupport then "--with-libidn=${libidn}" else "--without-libidn" ) ] ++ stdenv.lib.optional c-aresSupport "--enable-ares=${c-ares}" ++ stdenv.lib.optional gssSupport "--with-gssapi=${gss}"; diff --git a/pkgs/tools/networking/ddclient/ddclient-line-buffer-stdout.patch b/pkgs/tools/networking/ddclient/ddclient-line-buffer-stdout.patch new file mode 100644 index 00000000000..d1ef9e024d2 --- /dev/null +++ b/pkgs/tools/networking/ddclient/ddclient-line-buffer-stdout.patch @@ -0,0 +1,20 @@ +diff -u ddclient-3.8.1/ddclient ddclient-3.8.1.patched/ddclient +--- ddclient-3.8.1/ddclient 2011-07-11 23:04:21.000000000 +0200 ++++ ddclient-3.8.1.patched/ddclient 2012-11-08 11:52:31.930647236 +0100 +@@ -19,6 +19,7 @@ use strict; + use Getopt::Long; + use Sys::Hostname; + use IO::Socket; ++use IO::Handle qw( ); + + my ($VERSION) = q$Revision: 157 $ =~ /(\d+)/; + +@@ -675,7 +676,7 @@ $SIG{'TERM'} = sub { $caught_term = 1; }; + $SIG{'KILL'} = sub { $caught_kill = 1; }; + # don't fork() if foreground or force is on + if (opt('foreground') || opt('force')) { +- ; ++ STDOUT->autoflush(1); + } elsif (opt('daemon')) { + $SIG{'CHLD'} = 'IGNORE'; + my $pid = fork; diff --git a/pkgs/tools/networking/ddclient/default.nix b/pkgs/tools/networking/ddclient/default.nix index fdc5e145c4d..41688d84351 100644 --- a/pkgs/tools/networking/ddclient/default.nix +++ b/pkgs/tools/networking/ddclient/default.nix @@ -10,7 +10,7 @@ buildPerlPackage { buildInputs = [ perlPackages.IOSocketSSL perlPackages.DigestSHA1 ]; - patches = [ ./ddclient-foreground.patch ]; + patches = [ ./ddclient-foreground.patch ./ddclient-line-buffer-stdout.patch ]; # Use iproute2 instead of ifconfig preConfigure = '' diff --git a/pkgs/tools/networking/dropbear/default.nix b/pkgs/tools/networking/dropbear/default.nix index 15422d81f41..0cbf41754c3 100644 --- a/pkgs/tools/networking/dropbear/default.nix +++ b/pkgs/tools/networking/dropbear/default.nix @@ -2,11 +2,11 @@ sftpPath ? "/var/run/current-system/sw/libexec/sftp-server" }: stdenv.mkDerivation rec { - name = "dropbear-2014.66"; + name = "dropbear-2015.67"; src = fetchurl { url = "http://matt.ucc.asn.au/dropbear/releases/${name}.tar.bz2"; - sha256 = "0xmbcjm2pbhih459667wy8acs4nax4amvzwqwfxw0z2i19ky4gxb"; + sha256 = "1rf8k3v0bklp04a6x85zpa4f45ad5rfqmiv5f1wfbzaxcja0asby"; }; dontDisableStatic = enableStatic; @@ -31,10 +31,6 @@ stdenv.mkDerivation rec { # Allow sessions to inherit the PATH from the parent dropbear. # Otherwise they only get the usual /bin:/usr/bin kind of PATH ./pass-path.patch - - # Bugfix - # http://article.gmane.org/gmane.network.ssh.dropbear/1361 - ./proxycrash.patch ]; buildInputs = [ zlib ]; diff --git a/pkgs/tools/networking/dropbear/proxycrash.patch b/pkgs/tools/networking/dropbear/proxycrash.patch deleted file mode 100644 index 1a17e7e3c62..00000000000 --- a/pkgs/tools/networking/dropbear/proxycrash.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff -r 5ba19d00da08 cli-runopts.c ---- a/cli-runopts.c Sun May 26 18:43:00 2013 +0800 -+++ b/cli-runopts.c Mon Jun 17 19:51:08 2013 +0000 -@@ -383,6 +383,13 @@ - exit(EXIT_FAILURE); - } - -+#ifdef ENABLE_CLI_PROXYCMD -+ if (cli_opts.proxycmd) { -+ /* To match the common path of m_freeing it */ -+ cli_opts.proxycmd = m_strdup(cli_opts.proxycmd); -+ } -+#endif -+ - if (cli_opts.remoteport == NULL) { - cli_opts.remoteport = "22"; - } diff --git a/pkgs/tools/networking/eggdrop/default.nix b/pkgs/tools/networking/eggdrop/default.nix index 13efc944bd0..cf7fb20df68 100644 --- a/pkgs/tools/networking/eggdrop/default.nix +++ b/pkgs/tools/networking/eggdrop/default.nix @@ -1,14 +1,15 @@ -{stdenv, fetchurl, tcl}: +{ stdenv, fetchurl, tcl }: -stdenv.mkDerivation { - name = "eggdrop-1.6.19+ctcpfix"; +stdenv.mkDerivation rec { + name = "eggdrop-${version}"; + version = "1.6.21"; src = fetchurl { - url = ftp://ftp.eggheads.org/pub/eggdrop/GNU/1.6/eggdrop1.6.19+ctcpfix.tar.gz; - sha256 = "1lpa6sqwizn8y30i14559j3427vi743pmsxjq9g70x4m71hmshvi"; + url = "ftp://ftp.eggheads.org/pub/eggdrop/GNU/1.6/eggdrop${version}.tar.gz"; + sha256 = "1galvbh9y4c3msrg1s9na0asm077mh1g2i2vsv1vczmfrbgq92vs"; }; - buildInputs = [tcl]; + buildInputs = [ tcl ]; preConfigure = '' prefix=$out/eggdrop @@ -19,5 +20,13 @@ stdenv.mkDerivation { make config ''; - configureFlags = "--with-tcllib=${tcl}/lib/libtcl8.5.so --with-tclinc=${tcl}/include/tcl.h"; + configureFlags = [ + "--with-tcllib=${tcl}/lib/lib${tcl.libPrefix}.so" + "--with-tclinc=${tcl}/include/tcl.h" + ]; + + meta = with stdenv.lib; { + license = licenses.gpl2; + platforms = platforms.unix; + }; } diff --git a/pkgs/tools/networking/hans/default.nix b/pkgs/tools/networking/hans/default.nix new file mode 100644 index 00000000000..fcb3e903753 --- /dev/null +++ b/pkgs/tools/networking/hans/default.nix @@ -0,0 +1,40 @@ +{ stdenv, fetchFromGitHub, nettools }: + +let version = "0.4.4"; in +stdenv.mkDerivation rec { + name = "hans-${version}"; + + src = fetchFromGitHub { + sha256 = "1xskffmmdmg1whlrl5wpkv9z29vh0igrbmsz0b45s9v0761a7kis"; + rev = "v${version}"; + repo = "hans"; + owner = "friedrich"; + }; + + meta = with stdenv.lib; { + inherit version; + description = "Tunnel IPv4 over ICMP"; + longDescription = '' + Hans makes it possible to tunnel IPv4 through ICMP echo packets, so you + could call it a ping tunnel. This can be useful when you find yourself in + the situation that your Internet access is firewalled, but pings are + allowed. + ''; + homepage = http://code.gerade.org/hans/; + license = with licenses; gpl3Plus; + platforms = with platforms; linux; + maintainers = with maintainers; [ nckx ]; + }; + + buildInputs = [ nettools ]; + + postPatch = '' + substituteInPlace src/tun.cpp --replace "/sbin/" "/${nettools}/bin/" + ''; + + enableParallelBuilding = true; + + installPhase = '' + install -D -m0755 hans $out/bin/hans + ''; +} diff --git a/pkgs/tools/networking/hping/default.nix b/pkgs/tools/networking/hping/default.nix index aa2574fbc1d..23322d5b8f2 100644 --- a/pkgs/tools/networking/hping/default.nix +++ b/pkgs/tools/networking/hping/default.nix @@ -44,5 +44,6 @@ stdenv.mkDerivation rec { description = "A command-line oriented TCP/IP packet assembler/analyzer"; homepage = "http://www.hping.org/"; license = stdenv.lib.licenses.gpl2; + platforms = stdenv.lib.platforms.all; }; } diff --git a/pkgs/tools/networking/httping/default.nix b/pkgs/tools/networking/httping/default.nix index 7e9906e7971..9243550a1b1 100644 --- a/pkgs/tools/networking/httping/default.nix +++ b/pkgs/tools/networking/httping/default.nix @@ -1,26 +1,27 @@ -{ stdenv, fetchurl, gettext }: +{ stdenv, fetchurl, gettext, ncurses }: stdenv.mkDerivation rec { name = "httping-${version}"; - version = "2.3.4"; + version = "2.4"; src = fetchurl { - url = "http://www.vanheusden.com/httping/httping-2.3.4.tgz"; - sha256 = "1hkbhdxb0phrvrddx9kcfpqlzm41xv9jvy82nfkqa7bb0v5p2qd7"; + url = "http://www.vanheusden.com/httping/${name}.tgz"; + sha256 = "1110r3gpsj9xmybdw7w4zkhj3zmn5mnv2nq0ijbvrywbn019zdfs"; }; - buildInputs = [ gettext ]; + buildInputs = [ gettext ncurses ]; makeFlags = [ "DESTDIR=$(out)" "PREFIX=" ]; - meta = { - homepage = "http://www.vanheusden.com/httping"; - description = "ping for HTTP requests"; - maintainers = with stdenv.lib.maintainers; [ rickynils ]; - platforms = with stdenv.lib.platforms; linux; + meta = with stdenv.lib; { + inherit version; + homepage = http://www.vanheusden.com/httping; + description = "ping with HTTP requests"; + maintainers = with maintainers; [ nckx rickynils ]; + platforms = with platforms; linux; }; } diff --git a/pkgs/tools/networking/i2p/default.nix b/pkgs/tools/networking/i2p/default.nix index 088e8e8de7f..b5ef06c34ea 100644 --- a/pkgs/tools/networking/i2p/default.nix +++ b/pkgs/tools/networking/i2p/default.nix @@ -1,15 +1,12 @@ -{ stdenv, procps, coreutils, fetchurl, openjdk8, ant, gcj, gettext }: - -# TODO: support other systems, just copy appropriate lib/wrapper.. to $out -assert stdenv.system != "x86_64-linux"; +{ stdenv, procps, coreutils, fetchurl, jdk, jre, ant, gettext, which }: stdenv.mkDerivation rec { - name = "i2p-0.9.18"; + name = "i2p-0.9.19"; src = fetchurl { url = "https://github.com/i2p/i2p.i2p/archive/${name}.tar.gz"; - sha256 = "1hahdzvfh1zqb8qdc59xbjpqm8qq95k2xx22mpnhcdh90lb6xqnl"; + sha256 = "1q9sda1a708laxf452qnzbfv7bwfwyam5n1giw2n3z3ar602i936"; }; - buildInputs = [ openjdk8 ant gcj gettext ]; + buildInputs = [ jdk ant gettext which ]; buildPhase = '' export JAVA_TOOL_OPTIONS="-Dfile.encoding=UTF8" ant preppkg-linux-only @@ -24,7 +21,11 @@ stdenv.mkDerivation rec { -e "s#/usr/ucb/ps#${procps}/bin/ps#" \ -e "s#/usr/bin/tr#${coreutils}/bin/tr#" \ -e 's#%USER_HOME#$HOME#' \ - -e "s#%SYSTEM_java_io_tmpdir#/tmp#" + -e "s#%SYSTEM_java_io_tmpdir#/tmp#" \ + -e 's#JAVA=java#JAVA=${jre}/bin/java#' + sed -i $out/runplain.sh \ + -e "s#nohup \(.*Launch\) .*#\1#" \ + -e "s#echo \$\! .*##" mv $out/runplain.sh $out/bin/i2prouter-plain mv $out/man $out/share/ chmod +x $out/bin/* $out/i2psvc @@ -35,7 +36,8 @@ stdenv.mkDerivation rec { homepage = "https://geti2p.net"; description = "Applications and router for I2P, anonymity over the Internet"; maintainers = [ stdenv.lib.maintainers.joelmo ]; - licenses = licenses.gpl2; - platforms = platforms.linux; + license = licenses.gpl2; + # TODO: support other systems, just copy appropriate lib/wrapper.. to $out + platforms = [ "x86_64-linux" ]; }; } diff --git a/pkgs/tools/networking/i2pd/default.nix b/pkgs/tools/networking/i2pd/default.nix index 984e91e255f..f1b32ddb7e7 100644 --- a/pkgs/tools/networking/i2pd/default.nix +++ b/pkgs/tools/networking/i2pd/default.nix @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { meta = with stdenv.lib; { homepage = "https://track.privacysolutions.no/projects/i2pd"; description = "Minimal I2P router written in C++"; - licenses = licenses.gpl2; + license = licenses.gpl2; maintainers = with maintainers; [ edwtjo ]; platforms = platforms.linux; }; diff --git a/pkgs/tools/networking/lftp/default.nix b/pkgs/tools/networking/lftp/default.nix index 9901a1e2a96..1e1f1bd8b76 100644 --- a/pkgs/tools/networking/lftp/default.nix +++ b/pkgs/tools/networking/lftp/default.nix @@ -1,14 +1,14 @@ { stdenv, fetchurl, gnutls, pkgconfig, readline, zlib }: stdenv.mkDerivation rec { - name = "lftp-4.6.0"; + name = "lftp-4.6.1"; src = fetchurl { urls = [ "http://lftp.yar.ru/ftp/${name}.tar.bz2" "http://lftp.yar.ru/ftp/old/${name}.tar.bz2" ]; - sha256 = "1liry2icaqyn9zlp7w6sykp3nyqsn172xnqglhvr6awz23r3b1fr"; + sha256 = "0w9nb24abqlnjzi30q8s0yv3h0zjxhynliyxwdgnrv0qag0k401s"; }; patches = [ ./no-gets.patch ]; diff --git a/pkgs/tools/networking/mu/default.nix b/pkgs/tools/networking/mu/default.nix index 924eb2f9f42..2104768e3b9 100644 --- a/pkgs/tools/networking/mu/default.nix +++ b/pkgs/tools/networking/mu/default.nix @@ -3,12 +3,12 @@ , gtk3, webkit, libsoup, icu, withMug ? false /* doesn't build with current gtk3 */ }: stdenv.mkDerivation rec { - version = "0.9.11"; + version = "0.9.12"; name = "mu-${version}"; src = fetchurl { url = "https://github.com/djcb/mu/archive/v${version}.tar.gz"; - sha256 = "01n1lzq4pfsm5pn932p948d1z55yqc7kkm1ifjxjchb3k8lr66fh"; + sha256 = "1bxryacmas2llj68m2dv8dr1vwx8f5k2i2azh69jajkpqx7i4wdq"; }; buildInputs = diff --git a/pkgs/tools/networking/netsniff-ng/default.nix b/pkgs/tools/networking/netsniff-ng/default.nix index 196c176018a..0830871c0cd 100644 --- a/pkgs/tools/networking/netsniff-ng/default.nix +++ b/pkgs/tools/networking/netsniff-ng/default.nix @@ -2,15 +2,16 @@ , libnetfilter_conntrack, libnl, libpcap, libsodium, liburcu, ncurses, perl , pkgconfig, zlib }: -stdenv.mkDerivation rec { - version = "v0.5.9-rc4-53-gdd5d906"; +let version = "v0.5.9-rc5"; in +stdenv.mkDerivation { name = "netsniff-ng-${version}"; - src = fetchFromGitHub rec { # Upstream recommends and supports git + # Upstream recommends and supports git + src = fetchFromGitHub rec { repo = "netsniff-ng"; owner = repo; - rev = "dd5d906c40db5264d8d33c37565b39540f0258c8"; - sha256 = "0iwnfjbxiv10zk5mfpnvs2xb88f14hv1a156kn9mhasszknp0a57"; + rev = "76f4acca4bef1658543a97475f1c1d83accc395c"; + sha256 = "11k88lsdqy41j4xwyx3vq85zjj4n39hj828f1b6naq1ywyfcvmr5"; }; buildInputs = [ bison flex geoip geolite-legacy libcli libnet libnl @@ -40,6 +41,7 @@ stdenv.mkDerivation rec { ''; meta = with stdenv.lib; { + inherit version; description = "Swiss army knife for daily Linux network plumbing"; longDescription = '' netsniff-ng is a free Linux networking toolkit. Its gain of performance diff --git a/pkgs/tools/networking/network-manager-applet/default.nix b/pkgs/tools/networking/network-manager-applet/default.nix index 56c0dd1363a..1ea61b0fea2 100644 --- a/pkgs/tools/networking/network-manager-applet/default.nix +++ b/pkgs/tools/networking/network-manager-applet/default.nix @@ -1,13 +1,11 @@ { stdenv, fetchurl, intltool, pkgconfig, libglade, networkmanager, gnome3 -, libnotify, libsecret, dbus_glib, polkit, isocodes, libgnome_keyring +, libnotify, libsecret, dbus_glib, polkit, isocodes , mobile_broadband_provider_info, glib_networking, gsettings_desktop_schemas -, makeWrapper, networkmanager_openvpn, networkmanager_vpnc -, networkmanager_openconnect, networkmanager_pptp, networkmanager_l2tp -, udev, hicolor_icon_theme, dconf }: +, makeWrapper, udev, hicolor_icon_theme }: let pn = "network-manager-applet"; - major = "0.9"; + major = "1.0"; version = networkmanager.version; in @@ -16,7 +14,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "mirror://gnome/sources/${pn}/${major}/${name}.tar.xz"; - sha256 = "1jz0vawfixzm892m6plrzhsybgdxwv96pfwld9p85lb7wshykzj6"; + sha256 = "0liia390bhkl09lvk2rplcwhmfbxpjffa1xszfawc0h00v9fivaz"; }; buildInputs = [ @@ -32,30 +30,9 @@ stdenv.mkDerivation rec { ''CFLAGS=-DMOBILE_BROADBAND_PROVIDER_INFO=\"${mobile_broadband_provider_info}/share/mobile-broadband-provider-info/serviceproviders.xml\"'' ]; - postInstall = '' - mkdir -p $out/etc/NetworkManager/VPN - ln -s ${networkmanager_openvpn}/etc/NetworkManager/VPN/nm-openvpn-service.name $out/etc/NetworkManager/VPN/nm-openvpn-service.name - ln -s ${networkmanager_vpnc}/etc/NetworkManager/VPN/nm-vpnc-service.name $out/etc/NetworkManager/VPN/nm-vpnc-service.name - ln -s ${networkmanager_openconnect}/etc/NetworkManager/VPN/nm-openconnect-service.name $out/etc/NetworkManager/VPN/nm-openconnect-service.name - ln -s ${networkmanager_pptp}/etc/NetworkManager/VPN/nm-pptp-service.name $out/etc/NetworkManager/VPN/nm-pptp-service.name - ln -s ${networkmanager_l2tp}/etc/NetworkManager/VPN/nm-l2tp-service.name $out/etc/NetworkManager/VPN/nm-l2tp-service.name - mkdir -p $out/lib/NetworkManager - ln -s ${networkmanager_openvpn}/lib/NetworkManager/* $out/lib/NetworkManager/ - ln -s ${networkmanager_vpnc}/lib/NetworkManager/* $out/lib/NetworkManager/ - ln -s ${networkmanager_openconnect}/lib/NetworkManager/* $out/lib/NetworkManager/ - ln -s ${networkmanager_pptp}/lib/NetworkManager/* $out/lib/NetworkManager/ - ln -s ${networkmanager_l2tp}/lib/NetworkManager/* $out/lib/NetworkManager/ - mkdir -p $out/libexec - ln -s ${networkmanager_openvpn}/libexec/* $out/libexec/ - ln -s ${networkmanager_vpnc}/libexec/* $out/libexec/ - ln -s ${networkmanager_openconnect}/libexec/* $out/libexec/ - ln -s ${networkmanager_pptp}/libexec/* $out/libexec/ - ln -s ${networkmanager_l2tp}/libexec/* $out/libexec/ - ''; - preFixup = '' wrapProgram "$out/bin/nm-applet" \ - --prefix GIO_EXTRA_MODULES : "${glib_networking}/lib/gio/modules:${dconf}/lib/gio/modules" \ + --prefix GIO_EXTRA_MODULES : "${glib_networking}/lib/gio/modules:${gnome3.dconf}/lib/gio/modules" \ --prefix XDG_DATA_DIRS : "${gnome3.gtk}/share:$out/share:$GSETTINGS_SCHEMAS_PATH" \ --set GCONF_CONFIG_SOURCE "xml::~/.gconf" \ --prefix PATH ":" "${gnome3.gconf}/bin" diff --git a/pkgs/tools/networking/network-manager/default.nix b/pkgs/tools/networking/network-manager/default.nix index 505f42d2f3d..c39d1a9f5ba 100644 --- a/pkgs/tools/networking/network-manager/default.nix +++ b/pkgs/tools/networking/network-manager/default.nix @@ -1,19 +1,22 @@ { stdenv, fetchurl, intltool, wirelesstools, pkgconfig, dbus_glib, xz , udev, libnl, libuuid, polkit, gnutls, ppp, dhcp, dhcpcd, iptables -, libgcrypt, dnsmasq, avahi, bind, perl, bluez5, substituteAll -, gobjectIntrospection, modemmanager, openresolv }: +, libgcrypt, dnsmasq, avahi, bind, perl, bluez5, substituteAll, readline +, gobjectIntrospection, modemmanager, openresolv, libndp }: stdenv.mkDerivation rec { name = "network-manager-${version}"; - version = "0.9.8.10"; + version = "1.0.0"; src = fetchurl { - url = "mirror://gnome/sources/NetworkManager/0.9/NetworkManager-${version}.tar.xz"; - sha256 = "0wn9qh8r56r8l19dqr68pdl1rv3zg1dv47rfy6fqa91q7li2fk86"; + url = "mirror://gnome/sources/NetworkManager/1.0/NetworkManager-${version}.tar.xz"; + sha256 = "0isrv1875whysnrf3fd1cz96xwd54nvj1rijk3fmx5qccznayris"; }; preConfigure = '' substituteInPlace tools/glib-mkenums --replace /usr/bin/perl ${perl}/bin/perl + substituteInPlace src/ppp-manager/nm-ppp-manager.c --replace /sbin/modprobe /run/current-system/sw/sbin/modprobe + substituteInPlace src/devices/nm-device.c --replace /sbin/modprobe /run/current-system/sw/sbin/modprobe + configureFlags="$configureFlags --with-udev-dir=$out/lib/udev" ''; # Right now we hardcode quite a few paths at build time. Probably we should @@ -21,12 +24,13 @@ stdenv.mkDerivation rec { # remove unneeded build-time dependencies. configureFlags = [ "--with-distro=exherbo" - "--with-dhclient=${dhcp}/sbin/dhclient" + "--with-dhclient=${dhcp}/bin/dhclient" # Upstream prefers dhclient, so don't add dhcpcd to the closure #"--with-dhcpcd=${dhcpcd}/sbin/dhcpcd" "--with-dhcpcd=no" - "--with-iptables=${iptables}/sbin/iptables" - "--with-udev-dir=\${out}/lib/udev" + "--with-pppd=${ppp}/bin/pppd" + "--with-iptables=${iptables}/bin/iptables" + #"--with-udev-dir=$(out)/lib/udev" "--with-resolvconf=${openresolv}/sbin/resolvconf" "--sysconfdir=/etc" "--localstatedir=/var" "--with-dbus-sys-dir=\${out}/etc/dbus-1/system.d" @@ -37,21 +41,13 @@ stdenv.mkDerivation rec { "--with-modem-manager-1" ]; - buildInputs = [ wirelesstools udev libnl libuuid polkit ppp xz bluez5 gobjectIntrospection modemmanager ]; + buildInputs = [ wirelesstools udev libnl libuuid polkit ppp libndp + xz bluez5 gobjectIntrospection modemmanager readline ]; propagatedBuildInputs = [ dbus_glib gnutls libgcrypt ]; nativeBuildInputs = [ intltool pkgconfig ]; - patches = - [ ( substituteAll { - src = ./nixos-purity.patch; - inherit avahi dnsmasq ppp bind; - glibc = stdenv.cc.libc; - }) - ./libnl-3.2.25.patch - ]; - preInstall = '' installFlagsArray=( "sysconfdir=$out/etc" "localstatedir=$out/var" ) @@ -66,7 +62,6 @@ stdenv.mkDerivation rec { # rename to network-manager to be in style mv $out/etc/systemd/system/NetworkManager.service $out/etc/systemd/system/network-manager.service - echo "Alias=NetworkManager.service" >> $out/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service # systemd in NixOS doesn't use `systemctl enable`, so we need to establish # aliases ourselves. diff --git a/pkgs/tools/networking/network-manager/libnl-3.2.25.patch b/pkgs/tools/networking/network-manager/libnl-3.2.25.patch deleted file mode 100644 index 17c2966b706..00000000000 --- a/pkgs/tools/networking/network-manager/libnl-3.2.25.patch +++ /dev/null @@ -1,61 +0,0 @@ -diff --git a/src/nm-netlink-monitor.c b/src/nm-netlink-monitor.c -index ba8053e..5ac39d3 100644 ---- a/src/nm-netlink-monitor.c -+++ b/src/nm-netlink-monitor.c -@@ -177,40 +177,15 @@ link_msg_handler (struct nl_object *obj, void *arg) - static int - event_msg_recv (struct nl_msg *msg, void *arg) - { -- struct nl_sock *nlh = arg; -- struct nlmsghdr *hdr = nlmsg_hdr (msg); - struct ucred *creds = nlmsg_get_creds (msg); -- const struct sockaddr_nl *snl; -- guint32 local_port; -- gboolean accept_msg = FALSE; -- -- /* Only messages sent from the kernel */ -- if (!creds || creds->uid != 0) { -- nm_log_dbg (LOGD_HW, "ignoring netlink message from UID %d", -- creds ? creds->uid : -1); -- return NL_SKIP; -- } -- -- snl = nlmsg_get_src (msg); -- g_assert (snl); -- -- /* Accept any messages from the kernel */ -- if (hdr->nlmsg_pid == 0 || snl->nl_pid == 0) -- accept_msg = TRUE; - -- /* And any multicast message directed to our netlink PID, since multicast -- * currently requires CAP_ADMIN to use. -- */ -- local_port = nl_socket_get_local_port (nlh); -- if ((hdr->nlmsg_pid == local_port) && snl->nl_groups) -- accept_msg = TRUE; -- -- if (accept_msg == FALSE) { -- nm_log_dbg (LOGD_HW, "ignoring netlink message from PID %d (local PID %d, multicast %d)", -- hdr->nlmsg_pid, -- local_port, -- (hdr->nlmsg_flags & NLM_F_MULTI)); -- return NL_SKIP; -+ if (!creds || creds->pid || creds->uid || creds->gid) { -+ if (creds) -+ nm_log_dbg (LOGD_HW, "netlink: received non-kernel message (pid %d uid %d gid %d)", -+ creds->pid, creds->uid, creds->gid); -+ else -+ nm_log_dbg (LOGD_HW, "netlink: received message without credentials"); -+ return NL_STOP; - } - - return NL_OK; -@@ -285,7 +260,7 @@ nlh_setup (struct nl_sock *nlh, - { - int err; - -- nl_socket_modify_cb (nlh, NL_CB_MSG_IN, NL_CB_CUSTOM, event_msg_recv, cb_data); -+ nl_socket_modify_cb (nlh, NL_CB_MSG_IN, NL_CB_CUSTOM, event_msg_recv, NULL); - - if (valid_func) - nl_socket_modify_cb (nlh, NL_CB_VALID, NL_CB_CUSTOM, valid_func, cb_data); diff --git a/pkgs/tools/networking/network-manager/openconnect.nix b/pkgs/tools/networking/network-manager/openconnect.nix index cc6532bac71..79e12244732 100644 --- a/pkgs/tools/networking/network-manager/openconnect.nix +++ b/pkgs/tools/networking/network-manager/openconnect.nix @@ -1,17 +1,17 @@ -{ stdenv, fetchurl, openconnect, intltool, pkgconfig, networkmanager +{ stdenv, fetchurl, openconnect, intltool, pkgconfig, networkmanager, libsecret , withGnome ? true, gnome3, procps, module_init_tools }: stdenv.mkDerivation rec { name = "${pname}${if withGnome then "-gnome" else ""}-${version}"; pname = "NetworkManager-openconnect"; - version = "0.9.8.4"; + version = networkmanager.version; src = fetchurl { - url = "mirror://gnome/sources/${pname}/0.9/${pname}-${version}.tar.xz"; - sha256 = "1dl7wcmibrzf9qnpchgk9fxfhw0j2hzzzqmylkm2c41iv81xrd4r"; + url = "mirror://gnome/sources/${pname}/1.0/${pname}-${version}.tar.xz"; + sha256 = "0przs8hzvb6wrf4gc0p9063x67qp9503396aknqq5f79xzw25wq6"; }; - buildInputs = [ openconnect networkmanager ] + buildInputs = [ openconnect networkmanager libsecret ] ++ stdenv.lib.optionals withGnome [ gnome3.gtk gnome3.libgnome_keyring gnome3.gconf ]; nativeBuildInputs = [ intltool pkgconfig ]; diff --git a/pkgs/tools/networking/network-manager/openvpn.nix b/pkgs/tools/networking/network-manager/openvpn.nix index bb837dc6b8f..e48f4f32bf1 100644 --- a/pkgs/tools/networking/network-manager/openvpn.nix +++ b/pkgs/tools/networking/network-manager/openvpn.nix @@ -1,24 +1,26 @@ -{ stdenv, fetchurl, openvpn, intltool, pkgconfig, networkmanager +{ stdenv, fetchurl, openvpn, intltool, pkgconfig, networkmanager, libsecret , withGnome ? true, gnome3, procps, module_init_tools }: stdenv.mkDerivation rec { name = "${pname}${if withGnome then "-gnome" else ""}-${version}"; pname = "NetworkManager-openvpn"; - version = "0.9.8.4"; + version = networkmanager.version; src = fetchurl { - url = "mirror://gnome/sources/${pname}/0.9/${pname}-${version}.tar.xz"; - sha256 = "11v63s1f3bsa7pmkvr7x65rsigh48wfqzsnixrwc3wqslsv5535g"; + url = "mirror://gnome/sources/${pname}/1.0/${pname}-${version}.tar.xz"; + sha256 = "1w0v3xah0wg467jy0fd3188zla8q4l1iq0zdy28bcdipin693bfh"; }; - buildInputs = [ openvpn networkmanager ] - ++ stdenv.lib.optionals withGnome [ gnome3.gtk gnome3.libgnome_keyring ]; + buildInputs = [ openvpn networkmanager libsecret ] + ++ stdenv.lib.optionals withGnome [ gnome3.gtk gnome3.libgnome_keyring + gnome3.networkmanagerapplet ]; nativeBuildInputs = [ intltool pkgconfig ]; configureFlags = [ "${if withGnome then "--with-gnome --with-gtkver=3" else "--without-gnome"}" "--disable-static" + "--localstatedir=/" # needed for the management socket under /run/NetworkManager ]; preConfigure = '' diff --git a/pkgs/tools/networking/network-manager/pptp.nix b/pkgs/tools/networking/network-manager/pptp.nix index 6928db809a8..78293504533 100644 --- a/pkgs/tools/networking/network-manager/pptp.nix +++ b/pkgs/tools/networking/network-manager/pptp.nix @@ -1,18 +1,19 @@ { stdenv, fetchurl, networkmanager, pptp, ppp, intltool, pkgconfig, substituteAll -, withGnome ? true, gnome3 }: +, libsecret, withGnome ? true, gnome3 }: stdenv.mkDerivation rec { name = "${pname}${if withGnome then "-gnome" else ""}-${version}"; pname = "NetworkManager-pptp"; - version = "0.9.8.4"; + version = networkmanager.version; src = fetchurl { - url = "mirror://gnome/sources/${pname}/0.9/${pname}-${version}.tar.xz"; - sha256 = "1s6wmznd6azvg028x8y3syniqy9j7nmx5j71w2wc6mk0f9pqzflp"; + url = "mirror://gnome/sources/${pname}/1.0/${pname}-${version}.tar.xz"; + sha256 = "0xpflw6vp1ahvpz7mnnldqvk455wz2j7dahd9lxqs95frmjmq390"; }; - buildInputs = [ networkmanager pptp ppp ] - ++ stdenv.lib.optionals withGnome [ gnome3.gtk gnome3.libgnome_keyring ]; + buildInputs = [ networkmanager pptp ppp libsecret ] + ++ stdenv.lib.optionals withGnome [ gnome3.gtk gnome3.libgnome_keyring + gnome3.networkmanagerapplet ]; nativeBuildInputs = [ intltool pkgconfig ]; diff --git a/pkgs/tools/networking/network-manager/vpnc.nix b/pkgs/tools/networking/network-manager/vpnc.nix index 809970ff0fd..8e2bb2bbfc3 100644 --- a/pkgs/tools/networking/network-manager/vpnc.nix +++ b/pkgs/tools/networking/network-manager/vpnc.nix @@ -1,20 +1,19 @@ -{ stdenv, fetchurl, vpnc, intltool, pkgconfig, networkmanager +{ stdenv, fetchurl, vpnc, intltool, pkgconfig, networkmanager, libsecret , withGnome ? true, gnome3, procps, module_init_tools }: stdenv.mkDerivation rec { name = "${pname}${if withGnome then "-gnome" else ""}-${version}"; pname = "NetworkManager-vpnc"; - # TODO: version doesn't match due to bad release - #version = networkmanager.version; - version = "0.9.8.6"; + version = networkmanager.version; src = fetchurl { - url = "mirror://gnome/sources/${pname}/0.9/${pname}-${version}.tar.xz"; - sha256 = "1mmbm3q27b3dbbs4vs976cxif8jdcs92j3ajdbgykrnl2gbnqc20"; + url = "mirror://gnome/sources/${pname}/1.0/${pname}-${version}.tar.xz"; + sha256 = "154q6lcy99h00kyivjhsv21a2i4cw4ff35cbvh062bfd68wl3l2y"; }; - buildInputs = [ vpnc networkmanager ] - ++ stdenv.lib.optionals withGnome [ gnome3.gtk gnome3.libgnome_keyring ]; + buildInputs = [ vpnc networkmanager libsecret ] + ++ stdenv.lib.optionals withGnome [ gnome3.gtk gnome3.libgnome_keyring + gnome3.networkmanagerapplet ]; nativeBuildInputs = [ intltool pkgconfig ]; diff --git a/pkgs/tools/networking/ntp/default.nix b/pkgs/tools/networking/ntp/default.nix index 93dad85ce1e..9bd1e7f4853 100644 --- a/pkgs/tools/networking/ntp/default.nix +++ b/pkgs/tools/networking/ntp/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, autoreconfHook, libcap ? null }: +{ stdenv, fetchurl, autoreconfHook, libcap ? null, openssl ? null }: assert stdenv.isLinux -> libcap != null; @@ -10,11 +10,18 @@ stdenv.mkDerivation rec { sha256 = "0ccv9kh5asxpk7bjn73vwrqimbkbfl743bgx0km47bfajl7bqs8d"; }; - configureFlags = stdenv.lib.optional (libcap != null) "--enable-linuxcaps"; + configureFlags = [ + "--sysconfdir=/etc" + "--localstatedir=/var" + "--enable-ignore-dns-errors" + ] ++ stdenv.lib.optional (libcap != null) "--enable-linuxcaps"; - buildInputs = [ autoreconfHook libcap ]; + nativeBuildInputs = [ autoreconfHook ]; + buildInputs = [ libcap openssl ]; - postInstall = "rm -rf $out/share/doc"; + postInstall = '' + rm -rf $out/share/doc + ''; meta = { homepage = http://www.ntp.org/; diff --git a/pkgs/tools/networking/sproxy-web/default.nix b/pkgs/tools/networking/sproxy-web/default.nix deleted file mode 100644 index 67daab08359..00000000000 --- a/pkgs/tools/networking/sproxy-web/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ cabal, aeson, blazeHtml, blazeMarkup, configurator, hflags -, httpTypes, mtl, postgresqlSimple, resourcePool, scotty, text -, waiExtra, waiMiddlewareStatic, fetchurl -}: - -cabal.mkDerivation (self: { - pname = "sproxy-web"; - version = "0.1.0.2"; - src = fetchurl { - url = "https://github.com/zalora/sproxy-web/archive/0.1.0.2.tar.gz"; - sha256 = "1rdzglvsas0rdgq3j5c9ll411yk168x7v3l7w8zdjgafa947j4d4"; - }; - isLibrary = false; - isExecutable = true; - buildDepends = [ - aeson blazeHtml blazeMarkup configurator hflags httpTypes mtl - postgresqlSimple resourcePool scotty text waiExtra - waiMiddlewareStatic - ]; - meta = { - homepage = "http://bitbucket.org/zalorasea/sproxy-web"; - description = "Web interface to sproxy"; - license = self.stdenv.lib.licenses.bsd3; - platforms = self.ghc.meta.platforms; - broken = true; - }; -}) diff --git a/pkgs/tools/networking/sproxy/default.nix b/pkgs/tools/networking/sproxy/default.nix deleted file mode 100644 index 5ecd7d06e26..00000000000 --- a/pkgs/tools/networking/sproxy/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ cabal, aeson, attoparsec, caseInsensitive, certificate -, concurrentExtra, conduit, connection, cryptoRandom, curl -, dataDefault, hslogger, hspec, httpConduit, httpKit, httpTypes -, interpolatedstringPerl6, mtl, network, optparseApplicative -, postgresqlSimple, safe, SHA, split, stringConversions, time, tls -, unorderedContainers, utf8String, wai, warp, x509, yaml, fetchurl -}: - -cabal.mkDerivation (self: { - pname = "sproxy"; - version = "0.8.0"; - src = fetchurl { - url = "https://github.com/zalora/sproxy/archive/0.8.0.tar.gz"; - sha256 = "11xn4k509ck73pacyz2kh0924n2vy8rwakwd42dwbvhhysf47rdx"; - }; - isLibrary = false; - isExecutable = true; - patches = [ ./new-http-kit.patch ]; - doCheck = false; - buildDepends = [ - aeson attoparsec caseInsensitive certificate concurrentExtra - cryptoRandom curl dataDefault hslogger httpKit httpTypes - interpolatedstringPerl6 mtl network optparseApplicative - postgresqlSimple safe SHA split stringConversions time tls - unorderedContainers utf8String x509 yaml - ]; - testDepends = [ - aeson attoparsec caseInsensitive certificate concurrentExtra - conduit connection cryptoRandom curl dataDefault hslogger hspec - httpConduit httpKit httpTypes interpolatedstringPerl6 mtl network - optparseApplicative postgresqlSimple safe SHA split - stringConversions time tls unorderedContainers utf8String wai warp - x509 yaml - ]; - meta = { - license = self.stdenv.lib.licenses.mit; - platforms = self.ghc.meta.platforms; - broken = true; - }; -}) diff --git a/pkgs/tools/networking/sproxy/new-http-kit.patch b/pkgs/tools/networking/sproxy/new-http-kit.patch deleted file mode 100644 index c15c3f3989a..00000000000 --- a/pkgs/tools/networking/sproxy/new-http-kit.patch +++ /dev/null @@ -1,224 +0,0 @@ -From 383d2cbe240600a86ab99fdefcea4e913d171ec6 Mon Sep 17 00:00:00 2001 -From: Simon Hengel <sol@typeful.net> -Date: Thu, 24 Apr 2014 22:51:02 +0800 -Subject: [PATCH] Depend on http-kit >= 0.2 - ---- - sproxy.cabal | 2 +- - src/Authenticate.hs | 17 ++++++++--------- - src/HTTP.hs | 47 +++++++++-------------------------------------- - src/Proxy.hs | 32 ++++++++++++++------------------ - 4 files changed, 32 insertions(+), 66 deletions(-) - -diff --git a/sproxy.cabal b/sproxy.cabal -index 08e1d61..91adf5d 100644 ---- a/sproxy.cabal -+++ b/sproxy.cabal -@@ -49,7 +49,7 @@ executable sproxy - unix, - utf8-string, - x509, -- http-kit, -+ http-kit >= 0.2, - yaml >= 0.8 - default-language: Haskell2010 - ghc-options: -Wall -threaded -O2 -diff --git a/src/Authenticate.hs b/src/Authenticate.hs -index 7d4c218..15a69a9 100644 ---- a/src/Authenticate.hs -+++ b/src/Authenticate.hs -@@ -30,8 +30,7 @@ import System.Posix.Types (EpochTime) - import System.Posix.Time (epochTime) - import Data.Digest.Pure.SHA (hmacSha1, showDigest) - --import Network.HTTP.Toolkit.Header --import Network.HTTP.Toolkit.Request -+import Network.HTTP.Toolkit - - import Type - import Cookies -@@ -90,19 +89,19 @@ instance FromJSON UserInfo where - - -- https://wiki.zalora.com/Main_Page -> https://wiki.zalora.com/ - -- Note that this always uses https: --rootURI :: RequestHeader -> URI.URI --rootURI (MessageHeader _ headers) = -+rootURI :: Request a -> URI.URI -+rootURI (Request _ _ headers _) = - let host = cs $ fromMaybe (error "Host header not found") $ lookup "Host" headers - in URI.URI "https:" (Just $ URI.URIAuth "" host "") "/" "" "" - --redirectForAuth :: AuthConfig -> RequestHeader -> SendData -> IO () --redirectForAuth c request@(MessageHeader (_, path_) _) send = do -+redirectForAuth :: AuthConfig -> Request a -> SendData -> IO () -+redirectForAuth c request@(Request _ path_ _ _) send = do - let redirectUri = rootURI request - path = urlEncode True path_ - authURL = "https://accounts.google.com/o/oauth2/auth?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&state=" ++ cs path ++ "&redirect_uri=" ++ (cs $ show $ redirectUri) ++ "&response_type=code&client_id=" ++ authConfigClientID c ++ "&approval_prompt=force&access_type=offline" -- sendResponse send found302 [("Location", UTF8.fromString $ authURL)] "" -+ sendResponse_ send found302 [("Location", UTF8.fromString $ authURL)] "" - --authenticate :: AuthConfig -> SendData -> RequestHeader -> ByteString -> ByteString -> IO () -+authenticate :: AuthConfig -> SendData -> Request a -> ByteString -> ByteString -> IO () - authenticate config send request path code = do - tokenRes <- post "https://accounts.google.com/o/oauth2/token" ["code=" ++ UTF8.toString code, "client_id=" ++ clientID, "client_secret=" ++ clientSecret, "redirect_uri=" ++ (cs $ show $ rootURI request), "grant_type=authorization_code"] - case tokenRes of -@@ -121,7 +120,7 @@ authenticate config send request path code = do - Just userInfo -> do - clientToken <- authToken authTokenKey (userEmail userInfo) (userGivenName userInfo, userFamilyName userInfo) - let cookie = setCookie cookieDomain cookieName (show clientToken) authShelfLife -- sendResponse send found302 [("Location", cs $ (show $ (rootURI request) {URI.uriPath = ""}) ++ cs (urlDecode False path)), ("Set-Cookie", UTF8.fromString cookie)] "" -+ sendResponse_ send found302 [("Location", cs $ (show $ (rootURI request) {URI.uriPath = ""}) ++ cs (urlDecode False path)), ("Set-Cookie", UTF8.fromString cookie)] "" - where - cookieDomain = authConfigCookieDomain config - cookieName = authConfigCookieName config -diff --git a/src/HTTP.hs b/src/HTTP.hs -index 07038a0..dbcae71 100644 ---- a/src/HTTP.hs -+++ b/src/HTTP.hs -@@ -1,19 +1,14 @@ - {-# LANGUAGE OverloadedStrings #-} - module HTTP ( -- sendRequest --, sendResponse --, sendResponse_ -+ sendResponse_ - , internalServerError - ) where - --import Data.Foldable (forM_) - import Data.ByteString (ByteString) --import qualified Data.ByteString as B --import qualified Data.ByteString.Char8 as B8 --import qualified Data.ByteString.UTF8 as UTF8 --import qualified Data.CaseInsensitive as CI -+import qualified Data.ByteString.Char8 as B - import Network.HTTP.Types --import Network.HTTP.Toolkit.Body -+import Network.HTTP.Toolkit -+import qualified Network.HTTP.Toolkit.Body as Body - - import Type - import qualified Log -@@ -21,34 +16,10 @@ import qualified Log - internalServerError :: SendData -> String -> IO () - internalServerError send err = do - Log.debug $ show err -- sendResponse send internalServerError500 [] "Internal Server Error" -+ sendResponse_ send internalServerError500 [] "Internal Server Error" - --sendRequest :: SendData -> Method -> ByteString -> [Header] -> BodyReader -> IO () --sendRequest send method path headers body = do -- sendHeader send startLine headers -- sendBody send body -+sendResponse_ :: SendData -> Status -> [Header] -> ByteString -> IO () -+sendResponse_ send status headers_ body = do -+ Body.fromByteString body >>= sendResponse send . Response status headers - where -- startLine = B8.unwords [method, path, "HTTP/1.1"] -- --sendResponse :: SendData -> Status -> [Header] -> ByteString -> IO () --sendResponse send status headers_ body = do -- sendHeader send (statusLine status) headers -- send body -- where -- headers = ("Content-Length", UTF8.fromString $ show $ B.length body) : headers_ -- --sendResponse_ :: SendData -> Status -> [Header] -> BodyReader -> IO () --sendResponse_ send status headers body = do -- sendHeader send (statusLine status) headers -- sendBody send body -- --statusLine :: Status -> ByteString --statusLine status = B.concat ["HTTP/1.1 ", UTF8.fromString $ show (statusCode status), " ", statusMessage status] -- --sendHeader :: SendData -> ByteString -> [Header] -> IO () --sendHeader send startLine headers = do -- send startLine -- send "\r\n" -- forM_ headers $ \(k, v) -> do -- send $ B.concat [CI.original k, ": ", v, "\r\n"] -- send "\r\n" -+ headers = ("Content-Length", B.pack . show . B.length $ body) : headers_ -diff --git a/src/Proxy.hs b/src/Proxy.hs -index aa320af..88b95d9 100644 ---- a/src/Proxy.hs -+++ b/src/Proxy.hs -@@ -32,11 +32,7 @@ import qualified Network.URI as URI - import Options.Applicative hiding (action) - import System.IO - --import Network.HTTP.Toolkit.Body --import Network.HTTP.Toolkit.Header --import Network.HTTP.Toolkit.Connection --import Network.HTTP.Toolkit.Request --import Network.HTTP.Toolkit.Response -+import Network.HTTP.Toolkit - - import Type - import Util -@@ -142,10 +138,10 @@ runProxy port config authConfig authorize = (listen port (serve config authConfi - redirectToHttps :: SockAddr -> Socket -> IO () - redirectToHttps _ sock = do - conn <- makeConnection (Socket.recv sock 4096) -- (request, _) <- readRequest conn -- sendResponse (Socket.sendAll sock) seeOther303 [("Location", cs $ show $ requestURI request)] "" -+ request <- readRequest conn -+ sendResponse_ (Socket.sendAll sock) seeOther303 [("Location", cs $ show $ requestURI request)] "" - where -- requestURI (MessageHeader (_, path) headers) = -+ requestURI (Request _ path headers _) = - let host = fromMaybe (error "Host header not found") $ lookup "Host" headers - in fromJust $ URI.parseURI $ "https://" ++ cs host ++ cs path - -@@ -171,8 +167,8 @@ serve config authConfig withAuthorizeAction addr sock = do - serve_ send conn authorize = go - where - go :: IO () -- go = forever $ readRequest conn >>= \(request, body) -> case request of -- MessageHeader (_, url) headers -> do -+ go = forever $ readRequest conn >>= \request -> case request of -+ Request _ url headers _ -> do - -- TODO: Don't loop for more input on Connection: close header. - -- Check if this is an authorization response. - case URI.parseURIReference $ BU.toString url of -@@ -192,17 +188,17 @@ serve config authConfig withAuthorizeAction addr sock = do - case auth of - Nothing -> redirectForAuth authConfig request send - Just token -> do -- forwardRequest config send authorize cookies addr request body token -+ forwardRequest config send authorize cookies addr request token - - -- Check our access control list for this user's request and forward it to the backend if allowed. --forwardRequest :: Config -> SendData -> AuthorizeAction -> [(Name, Cookies.Value)] -> SockAddr -> RequestHeader -> BodyReader -> AuthToken -> IO () --forwardRequest config send authorize cookies addr (MessageHeader (method, path) headers) body token = do -+forwardRequest :: Config -> SendData -> AuthorizeAction -> [(Name, Cookies.Value)] -> SockAddr -> Request BodyReader -> AuthToken -> IO () -+forwardRequest config send authorize cookies addr request@(Request method path headers _) token = do - groups <- authorize (authEmail token) (maybe (error "No Host") cs $ lookup "Host" headers) path method - ip <- formatSockAddr addr - case groups of - [] -> do - -- TODO: Send back a page that allows the user to request authorization. -- sendResponse send forbidden403 [] "Access Denied" -+ sendResponse_ send forbidden403 [] "Access Denied" - _ -> do - -- TODO: Reuse connections to the backend server. - let downStreamHeaders = -@@ -216,10 +212,10 @@ forwardRequest config send authorize cookies addr (MessageHeader (method, path) - setCookies $ - fromList headers - bracket (connectTo host port) hClose $ \h -> do -- sendRequest (B.hPutStr h) method path downStreamHeaders body -- conn <- makeConnection (B.hGetSome h 4096) -- (MessageHeader status responseHeaders, responseBody) <- readResponse method conn -- sendResponse_ send status (removeConnectionHeader responseHeaders) responseBody -+ sendRequest (B.hPutStr h) request{requestHeaders = downStreamHeaders} -+ conn <- connectionFromHandle h -+ response <- readResponse method conn -+ sendResponse send response{responseHeaders = removeConnectionHeader (responseHeaders response)} - where - host = configBackendAddress config - port = PortNumber (configBackendPort config) --- -1.9.1 - diff --git a/pkgs/tools/networking/stunnel/default.nix b/pkgs/tools/networking/stunnel/default.nix index 74788e6ff2a..ef9c56deacb 100644 --- a/pkgs/tools/networking/stunnel/default.nix +++ b/pkgs/tools/networking/stunnel/default.nix @@ -2,15 +2,24 @@ stdenv.mkDerivation rec { name = "stunnel-${version}"; - version = "5.14"; + version = "5.16"; src = fetchurl { url = "http://www.stunnel.org/downloads/${name}.tar.gz"; - sha256 = "0nk9cjrgpa54sphykizqx4kayrq71z1zmwdsr1lvlbmq3pyb95r1"; + sha256 = "13b0ad7smz4949hchdgsx3yjr5i3z8flwiy8w6xalvk2n8zykdxn"; }; buildInputs = [ openssl ]; - configureFlags = [ "--with-ssl=${openssl}" ]; + configureFlags = [ + "--with-ssl=${openssl}" + "--sysconfdir=/etc" + "--localstatedir=/var" + ]; + + installFlags = [ + "sysconfdir=\${out}/etc" + "localstatedir=\${TMPDIR}" + ]; meta = { description = "universal tls/ssl wrapper"; diff --git a/pkgs/tools/networking/unbound/default.nix b/pkgs/tools/networking/unbound/default.nix index e1594733268..e356d6d6537 100644 --- a/pkgs/tools/networking/unbound/default.nix +++ b/pkgs/tools/networking/unbound/default.nix @@ -2,31 +2,25 @@ stdenv.mkDerivation rec { name = "unbound-${version}"; - version = "1.5.1"; + version = "1.5.3"; src = fetchurl { url = "http://unbound.net/downloads/${name}.tar.gz"; - sha256 = "1v00k4b6m9wk0533s2jpg4rv9lhplh7zdp6vx2yyrmrbzc4jgy0g"; + sha256 = "1jly2apag4yg649w3flaq73wdrcfyxnhx5py9j73y7adxmswigbn"; }; - buildInputs = [openssl expat libevent]; - - patches = [ - # This patch fixes unbound 1.5.1 on linux versions previous to 3.15 which - # do not implement IP_PMTUDISC_OMIT. - # - # It should be discarded when this support makes it into a released - # version. - ./linux-pre-3.15-unbound-1.5.1.patch - ]; + buildInputs = [ openssl expat libevent ]; configureFlags = [ "--with-ssl=${openssl}" "--with-libexpat=${expat}" "--with-libevent=${libevent}" "--localstatedir=/var" + "--sysconfdir=/etc" ]; + installFlags = [ "configfile=\${out}/etc/unbound/unbound.conf" ]; + meta = { description = "Validating, recursive, and caching DNS resolver"; license = stdenv.lib.licenses.bsd3; diff --git a/pkgs/tools/networking/unbound/linux-pre-3.15-unbound-1.5.1.patch b/pkgs/tools/networking/unbound/linux-pre-3.15-unbound-1.5.1.patch deleted file mode 100644 index 61956807899..00000000000 --- a/pkgs/tools/networking/unbound/linux-pre-3.15-unbound-1.5.1.patch +++ /dev/null @@ -1,66 +0,0 @@ ---- ./services/listen_dnsport.c 2014-12-10 10:59:31.726514857 +0100 -+++ ./services/listen_dnsport.c 2014-12-10 11:08:45.009071300 +0100 -@@ -368,29 +368,47 @@ - * (and also uses the interface mtu to determine the size of the packets). - * So there won't be any EMSGSIZE error. Against DNS fragmentation attacks. - * FreeBSD already has same semantics without setting the option. */ --# if defined(IP_PMTUDISC_OMIT) -- int action = IP_PMTUDISC_OMIT; --# else -- int action = IP_PMTUDISC_DONT; --# endif -+ int omit_set = 0; -+ int action; -+# if defined(IP_PMTUDISC_OMIT) -+ action = IP_PMTUDISC_OMIT; - if (setsockopt(s, IPPROTO_IP, IP_MTU_DISCOVER, - &action, (socklen_t)sizeof(action)) < 0) { -- log_err("setsockopt(..., IP_MTU_DISCOVER, " --# if defined(IP_PMTUDISC_OMIT) -- "IP_PMTUDISC_OMIT" -+ -+ if (errno != EINVAL) { -+ log_err("setsockopt(..., IP_MTU_DISCOVER, IP_PMTUDISC_OMIT...) failed: %s", -+ strerror(errno)); -+ -+# ifndef USE_WINSOCK -+ close(s); - # else -- "IP_PMTUDISC_DONT" -+ closesocket(s); - # endif -- "...) failed: %s", -- strerror(errno)); -+ *noproto = 0; -+ *inuse = 0; -+ return -1; -+ } -+ } -+ else -+ { -+ omit_set = 1; -+ } -+# endif -+ if (omit_set == 0) { -+ action = IP_PMTUDISC_DONT; -+ if (setsockopt(s, IPPROTO_IP, IP_MTU_DISCOVER, -+ &action, (socklen_t)sizeof(action)) < 0) { -+ log_err("setsockopt(..., IP_MTU_DISCOVER, IP_PMTUDISC_DONT...) failed: %s", -+ strerror(errno)); - # ifndef USE_WINSOCK -- close(s); -+ close(s); - # else -- closesocket(s); -+ closesocket(s); - # endif -- *noproto = 0; -- *inuse = 0; -- return -1; -+ *noproto = 0; -+ *inuse = 0; -+ return -1; -+ } - } - # elif defined(IP_DONTFRAG) - int off = 0; diff --git a/pkgs/tools/networking/wrk/default.nix b/pkgs/tools/networking/wrk/default.nix index 9af28dbebd6..f4cdb7eaddb 100644 --- a/pkgs/tools/networking/wrk/default.nix +++ b/pkgs/tools/networking/wrk/default.nix @@ -21,7 +21,7 @@ in stdenv.mkDerivation rec { ''; meta = with stdenv.lib; { - description = "HTTP benchmarking tool."; + description = "HTTP benchmarking tool"; homepage = http://github.com/wg/wrk; longDescription = '' wrk is a modern HTTP benchmarking tool capable of generating |