nixpkgs/pkgs/tools/networking/inetutils/default.nix

{ stdenv, lib, fetchurl, ncurses, perl, help2man
, apparmorRulesFromClosure
, libxcrypt
}:

stdenv.mkDerivation rec {
  pname = "inetutils";
  version = "2.4";

  src = fetchurl {
    url = "mirror://gnu/${pname}/${pname}-${version}.tar.xz";
    sha256 = "sha256-F4nWsbGlff4qere1M+6fXf2cv1tZuxuzwmEu0I0PaLI=";
  };

  outputs = ["out" "apparmor"];

  patches = [
    # https://git.congatec.com/yocto/meta-openembedded/commit/3402bfac6b595c622e4590a8ff5eaaa854e2a2a3
    ./inetutils-1_9-PATH_PROCNET_DEV.patch
  ];

  strictDeps = true;
  nativeBuildInputs = [ help2man perl /* for `whois' */ ];
  buildInputs = [ ncurses /* for `talk' */ libxcrypt ];

  # Don't use help2man if cross-compiling
  # https://lists.gnu.org/archive/html/bug-sed/2017-01/msg00001.html
  # https://git.congatec.com/yocto/meta-openembedded/blob/3402bfac6b595c622e4590a8ff5eaaa854e2a2a3/meta-networking/recipes-connectivity/inetutils/inetutils_1.9.1.bb#L44
  preConfigure = let
    isCross = stdenv.hostPlatform != stdenv.buildPlatform;
  in lib.optionalString isCross ''
    export HELP2MAN=true
  '';

  configureFlags = [ "--with-ncurses-include-dir=${ncurses.dev}/include" ]
  ++ lib.optionals stdenv.hostPlatform.isMusl [ # Musl doesn't define rcmd
    "--disable-rcp"
    "--disable-rsh"
    "--disable-rlogin"
    "--disable-rexec"
  ] ++ lib.optional stdenv.isDarwin  "--disable-servers";

  # Test fails with "UNIX socket name too long", probably because our
  # $TMPDIR is too long.
  doCheck = false;

  installFlags = [ "SUIDMODE=" ];

  postInstall = ''
    mkdir $apparmor
    cat >$apparmor/bin.ping <<EOF
    $out/bin/ping {
      include <abstractions/base>
      include <abstractions/consoles>
      include <abstractions/nameservice>
      include "${apparmorRulesFromClosure { name = "ping"; } [stdenv.cc.libc]}"
      include <local/bin.ping>
      capability net_raw,
      network inet raw,
      network inet6 raw,
      mr $out/bin/ping,
    }
    EOF
  '';

  meta = with lib; {
    description = "Collection of common network programs";

    longDescription =
      '' The GNU network utilities suite provides the
         following tools: ftp(d), hostname, ifconfig, inetd, logger, ping, rcp,
         rexec(d), rlogin(d), rsh(d), syslogd, talk(d), telnet(d), tftp(d),
         traceroute, uucpd, and whois.
      '';

    homepage = "https://www.gnu.org/software/inetutils/";
    license = licenses.gpl3Plus;

    maintainers = with maintainers; [ matthewbauer ];
    platforms = platforms.unix;
  };
}
Revert "Revert "apparmor: fix and improve the service"" This reverts commit 420f89ceb267b461eed5d025b6c3c0e57703cc5c. 2020-10-18 13:36:24 +00:00			`{ stdenv, lib, fetchurl, ncurses, perl, help2man`
inetutils: 2.3 -> 2.4 ``` GNU inetutils NEWS -- history of user-visible changes. * Noteworthy changes in release 2.4 (2022-10-25) [stable] ifconfig * Support specifying prefix netmask lengths in -A. Patch by Samuel Thibault <samuel.thibault@gnu.org>. Hurd: tell pfinet translator interfaces to configure Patch by Samuel Thibault <samuel.thibault@gnu.org>. ftp * Avoid crash caused by signed integer overflow resulting in out-of-bounds buffer access. Reported by AiDai in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00003.html>. * Avoid crash caused by heap buffer overflow. Reported by ZFeiXQ in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00016.html>. * Avoid crash caused by NULL pointer dereference. Reported by AiDai in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00004.html>. * Avoid crash caused by infinite macro recursion. Reported by AiDai in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00005.html>. telnetd * Avoid crash on 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL). CVE-2022-39028 https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html telnet * Fix a buffer overflow problem. CVE-2019-0053 https://cgit.freebsd.org/src/commit/?id=14aab889f4e50072a6b914eb95ebbfa939539dad tftp * Avoid crashing when given unexpected or invalid commands from tty. Reported by AiDai in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00018.html>. ** Various bugs fixes, internal improvements and clean ups. Update of gnulib and build fixes for C23. ``` 2022-10-29 17:02:22 +00:00			`, apparmorRulesFromClosure`
inetutils: fix cross I guess with #181764 this might've broken for cross. Perl propagates libxcrypt, but is only listed in nativeBuildInputs. List libxcrypt in buildInputs to ensure it's picked up properly. 2022-11-14 17:19:56 +00:00			`, libxcrypt`
Revert "Revert "apparmor: fix and improve the service"" This reverts commit 420f89ceb267b461eed5d025b6c3c0e57703cc5c. 2020-10-18 13:36:24 +00:00			`}:`
Add GNU Inetutils. svn path=/nixpkgs/trunk/; revision=10817 2008-02-21 18:58:11 +00:00
			`stdenv.mkDerivation rec {`
inetutils: 1.9.4 -> 2.0 - Remove the already upstream-ed (or not applicable anymore) patches - Add patches to update .ORG, and .IN WHOIS servers (submitted upstream) - Split name into pname, and version - Switch to .xz distfile (smaller) 2021-04-25 10:18:59 +00:00			`pname = "inetutils";`
inetutils: 2.3 -> 2.4 ``` GNU inetutils NEWS -- history of user-visible changes. * Noteworthy changes in release 2.4 (2022-10-25) [stable] ifconfig * Support specifying prefix netmask lengths in -A. Patch by Samuel Thibault <samuel.thibault@gnu.org>. Hurd: tell pfinet translator interfaces to configure Patch by Samuel Thibault <samuel.thibault@gnu.org>. ftp * Avoid crash caused by signed integer overflow resulting in out-of-bounds buffer access. Reported by AiDai in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00003.html>. * Avoid crash caused by heap buffer overflow. Reported by ZFeiXQ in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00016.html>. * Avoid crash caused by NULL pointer dereference. Reported by AiDai in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00004.html>. * Avoid crash caused by infinite macro recursion. Reported by AiDai in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00005.html>. telnetd * Avoid crash on 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL). CVE-2022-39028 https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html telnet * Fix a buffer overflow problem. CVE-2019-0053 https://cgit.freebsd.org/src/commit/?id=14aab889f4e50072a6b914eb95ebbfa939539dad tftp * Avoid crashing when given unexpected or invalid commands from tty. Reported by AiDai in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00018.html>. ** Various bugs fixes, internal improvements and clean ups. Update of gnulib and build fixes for C23. ``` 2022-10-29 17:02:22 +00:00			`version = "2.4";`
GNU Inetutils 1.6. svn path=/nixpkgs/trunk/; revision=13920 2009-01-30 23:38:02 +00:00
Add GNU Inetutils. svn path=/nixpkgs/trunk/; revision=10817 2008-02-21 18:58:11 +00:00			`src = fetchurl {`
inetutils: 1.9.4 -> 2.0 - Remove the already upstream-ed (or not applicable anymore) patches - Add patches to update .ORG, and .IN WHOIS servers (submitted upstream) - Split name into pname, and version - Switch to .xz distfile (smaller) 2021-04-25 10:18:59 +00:00			`url = "mirror://gnu/${pname}/${pname}-${version}.tar.xz";`
inetutils: 2.3 -> 2.4 ``` GNU inetutils NEWS -- history of user-visible changes. * Noteworthy changes in release 2.4 (2022-10-25) [stable] ifconfig * Support specifying prefix netmask lengths in -A. Patch by Samuel Thibault <samuel.thibault@gnu.org>. Hurd: tell pfinet translator interfaces to configure Patch by Samuel Thibault <samuel.thibault@gnu.org>. ftp * Avoid crash caused by signed integer overflow resulting in out-of-bounds buffer access. Reported by AiDai in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00003.html>. * Avoid crash caused by heap buffer overflow. Reported by ZFeiXQ in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00016.html>. * Avoid crash caused by NULL pointer dereference. Reported by AiDai in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00004.html>. * Avoid crash caused by infinite macro recursion. Reported by AiDai in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00005.html>. telnetd * Avoid crash on 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL). CVE-2022-39028 https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html telnet * Fix a buffer overflow problem. CVE-2019-0053 https://cgit.freebsd.org/src/commit/?id=14aab889f4e50072a6b914eb95ebbfa939539dad tftp * Avoid crashing when given unexpected or invalid commands from tty. Reported by AiDai in <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00018.html>. ** Various bugs fixes, internal improvements and clean ups. Update of gnulib and build fixes for C23. ``` 2022-10-29 17:02:22 +00:00			`sha256 = "sha256-F4nWsbGlff4qere1M+6fXf2cv1tZuxuzwmEu0I0PaLI=";`
Add GNU Inetutils. svn path=/nixpkgs/trunk/; revision=10817 2008-02-21 18:58:11 +00:00			`};`

Revert "Revert "apparmor: fix and improve the service"" This reverts commit 420f89ceb267b461eed5d025b6c3c0e57703cc5c. 2020-10-18 13:36:24 +00:00			`outputs = ["out" "apparmor"];`

inetutils: fix service name 2017-04-20 08:32:52 +00:00			`patches = [`
inetutils: cross compile 2019-03-16 15:46:37 +00:00			`# https://git.congatec.com/yocto/meta-openembedded/commit/3402bfac6b595c622e4590a8ff5eaaa854e2a2a3`
			`./inetutils-1_9-PATH_PROCNET_DEV.patch`
inetutils: fix service name 2017-04-20 08:32:52 +00:00			`];`
inetutils: Add patch for Canadian TLD server Cherry-picked from upstream (inetutils-1_9_4-31-g73e2811). Could be a long time before a new inetutils release is made. vcunat amended the patch to apply. 2017-03-07 04:08:24 +00:00
inetutils: fix cross I guess with #181764 this might've broken for cross. Perl propagates libxcrypt, but is only listed in nativeBuildInputs. List libxcrypt in buildInputs to ensure it's picked up properly. 2022-11-14 17:19:56 +00:00			`strictDeps = true;`
inetutils: cross compile 2019-03-16 15:46:37 +00:00			nativeBuildInputs = [ help2man perl /* for `whois' */ ];
inetutils: fix cross I guess with #181764 this might've broken for cross. Perl propagates libxcrypt, but is only listed in nativeBuildInputs. List libxcrypt in buildInputs to ensure it's picked up properly. 2022-11-14 17:19:56 +00:00			buildInputs = [ ncurses /* for `talk' */ libxcrypt ];
inetutils: cross compile 2019-03-16 15:46:37 +00:00
			`# Don't use help2man if cross-compiling`
			`# https://lists.gnu.org/archive/html/bug-sed/2017-01/msg00001.html`
			`# https://git.congatec.com/yocto/meta-openembedded/blob/3402bfac6b595c622e4590a8ff5eaaa854e2a2a3/meta-networking/recipes-connectivity/inetutils/inetutils_1.9.1.bb#L44`
			`preConfigure = let`
			`isCross = stdenv.hostPlatform != stdenv.buildPlatform;`
			`in lib.optionalString isCross ''`
			`export HELP2MAN=true`
			`'';`
GNU Inetutils 1.7. svn path=/nixpkgs/trunk/; revision=19005 2009-12-16 22:56:44 +00:00
inetutils: fix build w/musl 2018-01-13 05:40:48 +00:00			`configureFlags = [ "--with-ncurses-include-dir=${ncurses.dev}/include" ]`
inetutils: cleanup - supports darwin (only when servers are disabled) - pass SUIDMODE= to avoid setuid - add myself as maintainer 2018-05-01 03:28:42 +00:00			`++ lib.optionals stdenv.hostPlatform.isMusl [ # Musl doesn't define rcmd`
inetutils: fix build w/musl 2018-01-13 05:40:48 +00:00			`"--disable-rcp"`
			`"--disable-rsh"`
			`"--disable-rlogin"`
			`"--disable-rexec"`
inetutils: cleanup - supports darwin (only when servers are disabled) - pass SUIDMODE= to avoid setuid - add myself as maintainer 2018-05-01 03:28:42 +00:00			`] ++ lib.optional stdenv.isDarwin "--disable-servers";`
GNU Inetutils 1.7. svn path=/nixpkgs/trunk/; revision=19005 2009-12-16 22:56:44 +00:00
inetutils: Update to 1.9.1 and fix compilation http://hydra.nixos.org/build/3052788 2012-09-21 17:39:20 +00:00			`# Test fails with "UNIX socket name too long", probably because our`
			`# $TMPDIR is too long.`
inetutils: cleanup - supports darwin (only when servers are disabled) - pass SUIDMODE= to avoid setuid - add myself as maintainer 2018-05-01 03:28:42 +00:00			`doCheck = false;`
inetutils: fix service name 2017-04-20 08:32:52 +00:00
inetutils: cleanup - supports darwin (only when servers are disabled) - pass SUIDMODE= to avoid setuid - add myself as maintainer 2018-05-01 03:28:42 +00:00			`installFlags = [ "SUIDMODE=" ];`
Add GNU Inetutils. svn path=/nixpkgs/trunk/; revision=10817 2008-02-21 18:58:11 +00:00
Revert "Revert "apparmor: fix and improve the service"" This reverts commit 420f89ceb267b461eed5d025b6c3c0e57703cc5c. 2020-10-18 13:36:24 +00:00			`postInstall = ''`
apparmor: fix profile building on darwin 2021-05-14 15:19:37 +00:00			`mkdir $apparmor`
			`cat >$apparmor/bin.ping <<EOF`
Revert "Revert "apparmor: fix and improve the service"" This reverts commit 420f89ceb267b461eed5d025b6c3c0e57703cc5c. 2020-10-18 13:36:24 +00:00			`$out/bin/ping {`
			`include <abstractions/base>`
			`include <abstractions/consoles>`
			`include <abstractions/nameservice>`
			`include "${apparmorRulesFromClosure { name = "ping"; } [stdenv.cc.libc]}"`
			`include <local/bin.ping>`
			`capability net_raw,`
			`network inet raw,`
			`network inet6 raw,`
			`mr $out/bin/ping,`
			`}`
			`EOF`
			`'';`

inetutils: cleanup - supports darwin (only when servers are disabled) - pass SUIDMODE= to avoid setuid - add myself as maintainer 2018-05-01 03:28:42 +00:00			`meta = with lib; {`
Fix many package descriptions (My OCD kicked in today...) Remove repeated package names, capitalize first word, remove trailing periods and move overlong descriptions to longDescription. I also simplified some descriptions as well, when they were particularly long or technical, often based on Arch Linux' package descriptions. I've tried to stay away from generated expressions (and I think I succeeded). Some specifics worth mentioning: * cron, has "Vixie Cron" in its description. The "Vixie" part is not mentioned anywhere else. I kept it in a parenthesis at the end of the description. * ctags description started with "Exuberant Ctags ...", and the "exuberant" part is not mentioned elsewhere. Kept it in a parenthesis at the end of description. * nix has the description "The Nix Deployment System". Since that doesn't really say much what it is/does (especially after removing the package name!), I changed that to "Powerful package manager that makes package management reliable and reproducible" (borrowed from nixos.org). * Tons of "GNU Foo, Foo is a [the important bits]" descriptions is changed to just [the important bits]. If the package name doesn't contain GNU I don't think it's needed to say it in the description either. 2014-08-24 14:21:08 +00:00			`description = "Collection of common network programs";`
GNU Inetutils 1.6. svn path=/nixpkgs/trunk/; revision=13920 2009-01-30 23:38:02 +00:00
GNU Inetutils 1.7. svn path=/nixpkgs/trunk/; revision=19005 2009-12-16 22:56:44 +00:00			`longDescription =`
			`'' The GNU network utilities suite provides the`
			`following tools: ftp(d), hostname, ifconfig, inetd, logger, ping, rcp,`
			`rexec(d), rlogin(d), rsh(d), syslogd, talk(d), telnet(d), tftp(d),`
			`traceroute, uucpd, and whois.`
			`'';`
GNU Inetutils 1.6. svn path=/nixpkgs/trunk/; revision=13920 2009-01-30 23:38:02 +00:00
treewide: Per RFC45, remove all unquoted URLs 2020-04-01 01:11:51 +00:00			`homepage = "https://www.gnu.org/software/inetutils/";`
inetutils: cleanup - supports darwin (only when servers are disabled) - pass SUIDMODE= to avoid setuid - add myself as maintainer 2018-05-01 03:28:42 +00:00			`license = licenses.gpl3Plus;`
GNU Inetutils 1.7. svn path=/nixpkgs/trunk/; revision=19005 2009-12-16 22:56:44 +00:00
inetutils: cleanup - supports darwin (only when servers are disabled) - pass SUIDMODE= to avoid setuid - add myself as maintainer 2018-05-01 03:28:42 +00:00			`maintainers = with maintainers; [ matthewbauer ];`
			`platforms = platforms.unix;`
Add GNU Inetutils. svn path=/nixpkgs/trunk/; revision=10817 2008-02-21 18:58:11 +00:00			`};`
			`}`