Commit Graph

84 Commits

Author SHA1 Message Date
figsoda
251d2cbfc2 pkgs/tools/networking: remove dead code 2023-07-25 11:36:57 -04:00
ajs124
e368c70817 openvpn_24: remove
EOL in March (https://community.openvpn.net/openvpn/wiki/SupportedVersions)
2023-01-23 00:18:41 +01:00
Adam Joseph
42815b4a0c treewide: systemdSupport: use lib.meta.availableOn
Many packages have some kind of flag indicating whether or not to build with
systemd support.  Most of these default to `stdenv.isLinux`, but systemd does
not build on (and is marked `broken` for) `isStatic`.  Only a few packages have
the needed `&& !isStatic` in the default value for their parameter.

This commit moves the logic for the default value of these flags into
`systemd.meta.{platforms,badPlatforms}` and evaluates those conditions using
`lib.meta.availableOn`.

This provides three benefits:

1. The default values are set correctly (i.e. including `&& isStatic`)

2. The default values are set consistently

3. The way is paved for any future non-Linux systemd platforms (FreeBSD is
   reported to have experimental systemd support)
2023-01-22 00:27:19 -08:00
Aaron Jheng
2b24d0d98e
openvpn: 2.5.6 -> 2.5.8 2022-11-03 23:52:13 +00:00
ajs124
5cb3e07081 openvpn*: use matching openssl version for each release 2022-08-17 20:16:19 +02:00
Peter Hoeg
7aa2c5cfb4 openvpn: use update-systemd-resolved instead of vendoring it 2022-04-12 22:59:11 +08:00
Peter Hoeg
adbf08f9ec update-systemd-resolved: inject PATH to avoid wrapping 2022-04-12 22:59:11 +08:00
Markus S. Wamser
448d02ec22 openvpn: 2.4.11 -> 2.4.12 (security, CVE-2022-0547)
Release Notes:
https://github.com/OpenVPN/openvpn/blob/release/2.4/Changes.rst#version-2412https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst

Fixes: CVE-2022-0547
2022-03-17 22:47:40 +01:00
Markus S. Wamser
1098fc9221 openvpn: 2.5.5 -> 2.5.6 (security, CVE-2022-0547)
Release Notes:
https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst

Fixes: CVE-2022-0547
2022-03-17 15:07:23 +01:00
Ben Wolsieffer
75741425ce openvpn: 2.5.2 -> 2.5.5
Also, increase the minimum version that requires iproute2 (for documentation
purposes only, since we are upgrading to a later version). Until 2.5.4, iproute2
was required to set the MAC address on the VPN interface.
2022-01-08 13:01:30 -05:00
Felix Buehler
9480444dae treewide: rename name to pname&version 2021-11-09 22:24:57 +01:00
Robert Schütz
966188ff80 openvpn-auth-ldap: 2.0.3+deb6.1 -> 2.0.4 2021-05-29 14:00:57 -07:00
Thomas Gerbet
e2df9554b0 openvpn_24: 2.4.9 -> 2.4.11
Fixes CVE-2020-15078.
https://community.openvpn.net/openvpn/wiki/CVE-2020-15078
2021-05-23 15:52:46 +02:00
Thomas Gerbet
82f90f892f openvpn: 2.5.0 -> 2.5.2
Fixes CVE-2020-15078.
https://community.openvpn.net/openvpn/wiki/CVE-2020-15078
2021-05-23 15:46:06 +02:00
Sandro Jäckel
9378fdf87e
iproute: deprecate alias 2021-04-04 01:43:46 +02:00
Sandro Jäckel
ec5be00b37
openvpn: remove ? null 2021-03-17 22:55:11 +01:00
Ben Siraphob
e03c068af5 treewide: makeWrapper buildInputs to nativeBuildInputs 2021-02-19 20:09:16 +07:00
Ben Siraphob
8c5d37129f pkgs/tools: stdenv.lib -> lib 2021-01-15 17:12:36 +07:00
Profpatsch
4a7f99d55d treewide: with stdenv.lib; in meta -> with lib;
Part of: https://github.com/NixOS/nixpkgs/issues/108938

meta = with stdenv.lib;

is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.

This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.

The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
2021-01-11 10:38:22 +01:00
Graham Christensen
bc49a0815a
utillinux: rename to util-linux 2020-11-24 12:42:06 -05:00
Peter Hoeg
31cf796be6 openvpn: 2.4.9 -> 2.5.0 2020-11-22 20:36:57 +08:00
Peter Hoeg
1f2368d387 openvpn: update and wrap update-systemd-resolved
The string replacement we were doing was just too brittle, so wrap the
script with a modified PATH instead as it is less likely to break on new
versions.
2020-05-21 20:54:25 +08:00
Martin Milata
f35d50c68c openvpn: 2.4.7 -> 2.4.9
Fixes CVE-2020-11736
2020-04-23 14:25:37 +02:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Edmund Wu
5766bd451a
update-systemd-resolved: init at 1.3.0 2019-10-01 08:43:36 -04:00
volth
08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
lassulus
acc3eec8da openvpn: fix pkcs11 helper 2019-05-20 10:39:24 +02:00
Peter Hoeg
8f81838ab5
Merge pull request #58800 from peterhoeg/f/openvpn
openvpn: support for updating systemd-resolved with DNS servers
2019-04-28 21:54:26 +08:00
Peter Hoeg
36c344ac00 openvpn: support for updating systemd-resolved with DNS servers 2019-04-03 09:35:27 +08:00
R. RyanTM
ddc5666b28 openvpn: 2.4.6 -> 2.4.7
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/openvpn/versions
2019-03-11 01:00:15 -07:00
Ryan Mulligan
038a0c9a60 treewide: http to https 2018-04-30 21:39:20 -07:00
R. RyanTM
8898063828 openvpn: 2.4.5 -> 2.4.6
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/openvpn/versions.

These checks were done:

- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 2.4.6 with grep in /nix/store/5hj70y409c0b01zmx4rddiicgq7jajb2-openvpn-2.4.6
- directory tree listing: https://gist.github.com/ce0bc5e31d7d26ead341febdc7bdc6ee
2018-04-26 01:20:56 -07:00
Ryan Mulligan
b0e306b192 openvpn: 2.4.4 -> 2.4.5
Semi-automatic update. These checks were done:

- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 2.4.5 with grep in /nix/store/a2wdxd4c08b1gilnj2mcvkmvpnqxw942-openvpn-2.4.5
- found 2.4.5 in filename of file in /nix/store/a2wdxd4c08b1gilnj2mcvkmvpnqxw942-openvpn-2.4.5
2018-03-09 05:42:34 -08:00
Kier Davis
397daef205
openvpn: make systemd dependency optional
systemd is a fairly large dependency, and it doesn't appear to
be necessary in all circumstances - e.g. when openvpn is
not run as a systemd service (as is usually the case when it is
run in a Docker container).

This change makes the dependency on systemd optional, controlled
by a new argument `useSystemd`. The default behaviour remains
the same as it was before this change: enabled only on Linux systems.

For me, this change reduces the size of my container image (dominated
by the closure of openvpn) from about 110 MB to 45 MB.

Version 2: rename argument to `useSystemd` (was `systemdSupport`), and
rebase onto master
2018-01-06 15:05:44 +00:00
Orivej Desh
1bae36bc41 openvpn-auth-ldap: rehash patches 2017-11-22 14:10:46 +00:00
Benjamin Staffin
998027a531
openvpn-auth-ldap: init at 2.0.3 2017-11-02 14:35:48 -04:00
Franz Pletz
8e4586d077
openvpn: 2.4.3 -> 2.4.4 for CVE-2017-12166
https://community.openvpn.net/openvpn/wiki/CVE-2017-12166
2017-09-28 12:27:01 +02:00
Silvan Mosberger
f5fa5fa4d6 pkgs: refactor needless quoting of homepage meta attribute (#27809)
* pkgs: refactor needless quoting of homepage meta attribute

A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.

* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit

* Fixed some instances
2017-08-01 22:03:30 +02:00
Nikolay Amiantov
9ffdbe3853 update-resolv-conf: 2016-09-30 -> 2017-06-21 2017-07-27 17:07:45 +03:00
Franz Pletz
5521b542a2
openvpn: 2.4.2 -> 2.4.3
See https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243

Fixed:

  * CVE-2017-7508
  * CVE-2017-7520
  * CVE-2017-7521
  * CVE-2017-7512
  * CVE-2017-7522
2017-06-21 13:36:10 +02:00
Peter Simons
ae6f9324cd openvpn: update to version 2.4.2 to fix CVE-2017-7478 and CVE-2017-7479 2017-05-12 13:35:37 +02:00
Jörg Thalheim
e09b950f54
openvpn: remove no longer correct systemd-notify.patch
This patch was only necessary for 2.3.x, while 2.4.0 improved
its own systemd notify support.

See: https://github.com/NixOS/nixpkgs/issues/24817
2017-04-11 08:51:56 +02:00
Michael Raskin
277e7119be openvpn: 2.3.13 -> 2.4.0 2017-01-02 15:38:46 +01:00
Nikolay Amiantov
e5167e8763 update-resolv-conf: 2016-04-24 -> 2016-09-30 2016-11-24 01:17:58 +03:00
Hendrik Schaeidt
d6d12ebc55
openvpn: disable libpam support on OSX to enable build 2016-10-06 20:24:02 +02:00
Tim Steinbach
244aee5cd1
openvpn: 2.3.11 -> 2.3.12 2016-09-23 09:24:00 -04:00
John Ericson
ea1caf9272 openvpn: Optional pkcs11 support 2016-09-16 07:24:03 -07:00
Tuomas Tynkkynen
74a3a2cd7e treewide: Use makeBinPath 2016-08-23 01:18:10 +03:00
Nikolay Amiantov
49fe339b09 update-resolv-conf: 20141003 -> 2016-04-24 2016-08-14 22:37:11 +03:00