So far, the Nix store directory was hardcoded and if someone uses a
different Nix store directory the patch won't work. Of course, this is
pretty uncommon, but by not only substituting the store directory but
also the length of it we also save a few calls to ngx_strlen(), which
should save us a few cycles.
Signed-off-by: aszlig <aszlig@nix.build>
The original patch introduced a new "real" variable which gets populated
(and allocated) via ngx_realpath(). It's properly freed in error
conditions but it won't be freed if ngx_http_set_etag returns
successfully.
Adding another ngx_free() just before returning fixes that memory leak.
I also fixed a small indentation issue along the way.
Signed-off-by: aszlig <aszlig@nix.build>
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or
prefork, code executing in less-privileged child processes or
threads (including scripts executed by an in-process scripting interpreter)
could execute arbitrary code with the privileges of the parent process (usually
root) by manipulating the scoreboard.
This adds the nginx module `ngx_http_proxy_connect_module` which allows
to tunnel HTTPS through an nginx proxy[1].
As this module contained patches for several nginx version, some minor
adjustments were needed:
* Allowed each entry in `nginxModules` to provide patches.
* Added an optional `supports` attribute to ensure that each module can
determine if it supports the currently built nginx version (e.g. stable
1.14 ATM or mainline 1.15 ATM).
[1] https://github.com/chobits/ngx_http_proxy_connect_module
Currently, it seems there is no easy way to override package to add
modules. For example, if we want to add the `ipscrub` module, we can
do:
pkgs.nginxStable.override {
modules = [ pkgs.nginxModules.ipscrub ];
};
But, then, we loose `rtmp`, `dav` and `moreheaders` which are defined
in `all-packages.nix`. With this modification, we can now do:
pkgs.nginxStable.override {
modules = pkg.nginxStable.passthru.modules ++ [ pkgs.nginxModules.ipscrub ];
};
The tests were enabled in #53488 and succeeded on Darwin; on Linux they
still failed because of empty hostname inside the sandbox (we have no
UTS-namespace hostname and I think no /etc/hosts). Nix on Darwin lacks
powerful enough sandboxing, so there were no problems on Darwin.
Patching the tests to fallback to "127.0.0.1" if hostname of the
localhost cannot be retrieved matches the behaviour of lighttpd itself
and allows the tests to pass.
Not sure if having no hostname in the test environment is a bit too
weird for the upstream to care.
* treewide: http -> https sources
This updates the source urls of all top-level packages from http to
https where possible.
* buildtorrent: fix url and tab -> spaces
Developer deleted account on GitHub. As a GitLab proof - official page:
https://www.hiawatha-webserver.org/download
points to GitLab.
* Web server officially created for mbedtls, use bundled
* Assert not needed
* Build with cmake/ninja
* Removed hack, no longer needed
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/thttpd/versions.
These checks were done:
- built on NixOS
- Warning: no invocation of /nix/store/hbab4sxrd03rn29fr2hzxcqhdb11ac7r-thttpd-2.29/bin/htpasswd had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/hbab4sxrd03rn29fr2hzxcqhdb11ac7r-thttpd-2.29/bin/makeweb had a zero exit code or showed the expected version
- /nix/store/hbab4sxrd03rn29fr2hzxcqhdb11ac7r-thttpd-2.29/bin/syslogtocern passed the binary check.
- /nix/store/hbab4sxrd03rn29fr2hzxcqhdb11ac7r-thttpd-2.29/bin/thttpd passed the binary check.
- 2 of 4 passed binary check by having a zero exit code.
- 0 of 4 passed binary check by having the new version present in output.
- found 2.29 with grep in /nix/store/hbab4sxrd03rn29fr2hzxcqhdb11ac7r-thttpd-2.29
- directory tree listing: https://gist.github.com/e0eb71192cc958ded9003250a4a4f65b
- du listing: https://gist.github.com/890be31bcaa84f99915896503cde2679
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/openresty/versions.
These checks were done:
- built on NixOS
- /nix/store/4z5yyi1f3mfn24g601mvk8d9z9wfxxyp-openresty-1.13.6.2/bin/opm passed the binary check.
- /nix/store/4z5yyi1f3mfn24g601mvk8d9z9wfxxyp-openresty-1.13.6.2/bin/md2pod.pl passed the binary check.
- Warning: no invocation of /nix/store/4z5yyi1f3mfn24g601mvk8d9z9wfxxyp-openresty-1.13.6.2/bin/nginx-xml2pod had a zero exit code or showed the expected version
- /nix/store/4z5yyi1f3mfn24g601mvk8d9z9wfxxyp-openresty-1.13.6.2/bin/resty passed the binary check.
- /nix/store/4z5yyi1f3mfn24g601mvk8d9z9wfxxyp-openresty-1.13.6.2/bin/restydoc passed the binary check.
- Warning: no invocation of /nix/store/4z5yyi1f3mfn24g601mvk8d9z9wfxxyp-openresty-1.13.6.2/bin/restydoc-index had a zero exit code or showed the expected version
- /nix/store/4z5yyi1f3mfn24g601mvk8d9z9wfxxyp-openresty-1.13.6.2/bin/openresty passed the binary check.
- /nix/store/4z5yyi1f3mfn24g601mvk8d9z9wfxxyp-openresty-1.13.6.2/bin/luajit-openresty passed the binary check.
- /nix/store/4z5yyi1f3mfn24g601mvk8d9z9wfxxyp-openresty-1.13.6.2/bin/nginx passed the binary check.
- 7 of 9 passed binary check by having a zero exit code.
- 2 of 9 passed binary check by having the new version present in output.
- found 1.13.6.2 with grep in /nix/store/4z5yyi1f3mfn24g601mvk8d9z9wfxxyp-openresty-1.13.6.2
- directory tree listing: https://gist.github.com/3d4adc0eb55d63d7e2b269541039384b
- du listing: https://gist.github.com/f8dd4bb690e9b8615ede14c9f250f9f7
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/hiawatha/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/pk9y5j3rn2kh3jyh6shf16x7fwif5j8b-hiawatha-10.8.1/bin/ssi-cgi -h’ got 0 exit code
- ran ‘/nix/store/pk9y5j3rn2kh3jyh6shf16x7fwif5j8b-hiawatha-10.8.1/bin/ssi-cgi -v’ and found version 10.8.1
- ran ‘/nix/store/pk9y5j3rn2kh3jyh6shf16x7fwif5j8b-hiawatha-10.8.1/bin/hiawatha -h’ got 0 exit code
- ran ‘/nix/store/pk9y5j3rn2kh3jyh6shf16x7fwif5j8b-hiawatha-10.8.1/bin/wigwam -h’ got 0 exit code
- ran ‘/nix/store/pk9y5j3rn2kh3jyh6shf16x7fwif5j8b-hiawatha-10.8.1/bin/wigwam -v’ and found version 10.8.1
- found 10.8.1 with grep in /nix/store/pk9y5j3rn2kh3jyh6shf16x7fwif5j8b-hiawatha-10.8.1
- directory tree listing: https://gist.github.com/bed64b3bf49236cbbfafddbb1f63c00a
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/yaws/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/jyan70fmxqlifcsfk6zidpbapjnclw8g-yaws-2.0.5/bin/yaws -v’ and found version 2.0.5
- ran ‘/nix/store/jyan70fmxqlifcsfk6zidpbapjnclw8g-yaws-2.0.5/bin/yaws --version’ and found version 2.0.5
- found 2.0.5 with grep in /nix/store/jyan70fmxqlifcsfk6zidpbapjnclw8g-yaws-2.0.5
- directory tree listing: https://gist.github.com/2cc3d4631b98fff26e8453c8e0b92ba8
Semi-automatic update generated by https://github.com/ryantm/nix-update tools.
This update was made based on information from https://repology.org/metapackage/gatling/versions.
These checks were done:
- built on NixOS
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/gatling -h` got 0 exit code
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/gatling --help` got 0 exit code
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/gatling --version` and found version 0.15
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/gatling --help` and found version 0.15
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/dl -h` got 0 exit code
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/dl --help` got 0 exit code
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/dl help` got 0 exit code
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/dl -V` and found version 0.15
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/dl --version` and found version 0.15
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/dl -h` and found version 0.15
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/dl --help` and found version 0.15
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/getlinks -h` got 0 exit code
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/getlinks --help` got 0 exit code
- ran `/nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15/bin/getlinks help` got 0 exit code
- found 0.15 with grep in /nix/store/l781ikxl4sjd90dkwylgyvyz53lyn5vm-gatling-0.15
- directory tree listing: https://gist.github.com/d54dd9d5cdf367db1648e6719090a75d
Semi-automatic update generated by https://github.com/ryantm/nix-update tools. These checks were done:
- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 4.6.2 with grep in /nix/store/c5q74ipv6p7mwri4p0ab0x32b76kfa2n-mod_wsgi-4.6.2
- directory tree listing: https://gist.github.com/2ddf866000f57f596c938b529d3f6fa9
Semi-automatic update generated by https://github.com/ryantm/nix-update tools. These checks were done:
- built on NixOS
- ran `/nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49/bin/lighttpd -h` got 0 exit code
- ran `/nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49/bin/lighttpd -V` and found version 1.4.49
- ran `/nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49/bin/lighttpd -v` and found version 1.4.49
- ran `/nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49/bin/lighttpd -h` and found version 1.4.49
- ran `/nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49/bin/lighttpd-angel -h` got 0 exit code
- ran `/nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49/bin/lighttpd-angel --help` got 0 exit code
- ran `/nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49/bin/lighttpd-angel help` got 0 exit code
- ran `/nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49/bin/lighttpd-angel -V` and found version 1.4.49
- ran `/nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49/bin/lighttpd-angel -v` and found version 1.4.49
- ran `/nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49/bin/lighttpd-angel --version` and found version 1.4.49
- ran `/nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49/bin/lighttpd-angel -h` and found version 1.4.49
- ran `/nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49/bin/lighttpd-angel --help` and found version 1.4.49
- found 1.4.49 with grep in /nix/store/zqq4z003jl443djfygasflfqk091wphx-lighttpd-1.4.49
- directory tree listing: https://gist.github.com/3f87cc8cd06f4c87b583c225172f1c2e
Semi-automatic update generated by https://github.com/ryantm/nix-update tools. These checks were done:
- built on NixOS
- ran `/nix/store/gvhbbqnlgy8y79fcvprkwdmn0dlihjm5-pshs-0.3.3/bin/pshs -h` got 0 exit code
- ran `/nix/store/gvhbbqnlgy8y79fcvprkwdmn0dlihjm5-pshs-0.3.3/bin/pshs --help` got 0 exit code
- ran `/nix/store/gvhbbqnlgy8y79fcvprkwdmn0dlihjm5-pshs-0.3.3/bin/pshs -V` and found version 0.3.3
- ran `/nix/store/gvhbbqnlgy8y79fcvprkwdmn0dlihjm5-pshs-0.3.3/bin/pshs -v` and found version 0.3.3
- ran `/nix/store/gvhbbqnlgy8y79fcvprkwdmn0dlihjm5-pshs-0.3.3/bin/pshs --version` and found version 0.3.3
- ran `/nix/store/gvhbbqnlgy8y79fcvprkwdmn0dlihjm5-pshs-0.3.3/bin/pshs -h` and found version 0.3.3
- ran `/nix/store/gvhbbqnlgy8y79fcvprkwdmn0dlihjm5-pshs-0.3.3/bin/pshs --help` and found version 0.3.3
- found 0.3.3 with grep in /nix/store/gvhbbqnlgy8y79fcvprkwdmn0dlihjm5-pshs-0.3.3
- found 0.3.3 in filename of file in /nix/store/gvhbbqnlgy8y79fcvprkwdmn0dlihjm5-pshs-0.3.3
Resolved the following conflicts (by carefully applying patches from the both
branches since the fork point):
pkgs/development/libraries/epoxy/default.nix
pkgs/development/libraries/gtk+/3.x.nix
pkgs/development/python-modules/asgiref/default.nix
pkgs/development/python-modules/daphne/default.nix
pkgs/os-specific/linux/systemd/default.nix
Semi-automatic update. These checks were performed:
- built on NixOS
- found 4.5.24 with grep in /nix/store/3a7nb1vrk4hfj3rarl1rfh319pab7j5i-mod_wsgi-4.5.24
- found 4.5.24 in filename of file in /nix/store/3a7nb1vrk4hfj3rarl1rfh319pab7j5i-mod_wsgi-4.5.24
Semi-automatic update. These checks were performed:
- built on NixOS
- ran `/nix/store/s4z6nwhd7wqzkxaplrigy6xv9fk0pkgw-pshs-0.3.2/bin/pshs -h` got 0 exit code
- ran `/nix/store/s4z6nwhd7wqzkxaplrigy6xv9fk0pkgw-pshs-0.3.2/bin/pshs --help` got 0 exit code
- ran `/nix/store/s4z6nwhd7wqzkxaplrigy6xv9fk0pkgw-pshs-0.3.2/bin/pshs -V` and found version 0.3.2
- ran `/nix/store/s4z6nwhd7wqzkxaplrigy6xv9fk0pkgw-pshs-0.3.2/bin/pshs -v` and found version 0.3.2
- ran `/nix/store/s4z6nwhd7wqzkxaplrigy6xv9fk0pkgw-pshs-0.3.2/bin/pshs --version` and found version 0.3.2
- ran `/nix/store/s4z6nwhd7wqzkxaplrigy6xv9fk0pkgw-pshs-0.3.2/bin/pshs -h` and found version 0.3.2
- ran `/nix/store/s4z6nwhd7wqzkxaplrigy6xv9fk0pkgw-pshs-0.3.2/bin/pshs --help` and found version 0.3.2
- found 0.3.2 with grep in /nix/store/s4z6nwhd7wqzkxaplrigy6xv9fk0pkgw-pshs-0.3.2
- found 0.3.2 in filename of file in /nix/store/s4z6nwhd7wqzkxaplrigy6xv9fk0pkgw-pshs-0.3.2
cc "@eduarrrd"
Semi-automatic update. These checks were performed:
- built on NixOS
- ran `/nix/store/y5ysgh6ivjgwngq37kgzlamkh91mp0qk-thttpd-2.28/bin/syslogtocern --help` got 0 exit code
- ran `/nix/store/y5ysgh6ivjgwngq37kgzlamkh91mp0qk-thttpd-2.28/bin/syslogtocern help` got 0 exit code
- ran `/nix/store/y5ysgh6ivjgwngq37kgzlamkh91mp0qk-thttpd-2.28/bin/syslogtocern version` and found version 2.28
- ran `/nix/store/y5ysgh6ivjgwngq37kgzlamkh91mp0qk-thttpd-2.28/bin/syslogtocern help` and found version 2.28
- ran `/nix/store/y5ysgh6ivjgwngq37kgzlamkh91mp0qk-thttpd-2.28/bin/thttpd -V` and found version 2.28
- found 2.28 with grep in /nix/store/y5ysgh6ivjgwngq37kgzlamkh91mp0qk-thttpd-2.28
- found 2.28 in filename of file in /nix/store/y5ysgh6ivjgwngq37kgzlamkh91mp0qk-thttpd-2.28
Semi-automatic update. These checks were performed:
- built on NixOS
- ran `/nix/store/946hqpkgmb964ilf2sbk9ln4kfy7jnkr-yaws-2.0.4/bin/yaws -v` and found version 2.0.4
- ran `/nix/store/946hqpkgmb964ilf2sbk9ln4kfy7jnkr-yaws-2.0.4/bin/yaws --version` and found version 2.0.4
- found 2.0.4 with grep in /nix/store/946hqpkgmb964ilf2sbk9ln4kfy7jnkr-yaws-2.0.4
- found 2.0.4 in filename of file in /nix/store/946hqpkgmb964ilf2sbk9ln4kfy7jnkr-yaws-2.0.4
cc "@goibhniu @the-kenny"
Semi-automatic update. These checks were performed:
- built on NixOS
- ran `/nix/store/5x2w4d0fm3m3wr5snf6c7qys9g2kia3h-hiawatha-10.7/bin/ssi-cgi -h` got 0 exit code
- ran `/nix/store/5x2w4d0fm3m3wr5snf6c7qys9g2kia3h-hiawatha-10.7/bin/ssi-cgi -v` and found version 10.7
- ran `/nix/store/5x2w4d0fm3m3wr5snf6c7qys9g2kia3h-hiawatha-10.7/bin/ssi-cgi -h` and found version 10.7
- ran `/nix/store/5x2w4d0fm3m3wr5snf6c7qys9g2kia3h-hiawatha-10.7/bin/hiawatha -h` got 0 exit code
- ran `/nix/store/5x2w4d0fm3m3wr5snf6c7qys9g2kia3h-hiawatha-10.7/bin/hiawatha -v` and found version 10.7
- ran `/nix/store/5x2w4d0fm3m3wr5snf6c7qys9g2kia3h-hiawatha-10.7/bin/hiawatha -h` and found version 10.7
- ran `/nix/store/5x2w4d0fm3m3wr5snf6c7qys9g2kia3h-hiawatha-10.7/bin/wigwam -h` got 0 exit code
- ran `/nix/store/5x2w4d0fm3m3wr5snf6c7qys9g2kia3h-hiawatha-10.7/bin/wigwam -v` and found version 10.7
- ran `/nix/store/5x2w4d0fm3m3wr5snf6c7qys9g2kia3h-hiawatha-10.7/bin/wigwam -h` and found version 10.7
- found 10.7 with grep in /nix/store/5x2w4d0fm3m3wr5snf6c7qys9g2kia3h-hiawatha-10.7
- found 10.7 in filename of file in /nix/store/5x2w4d0fm3m3wr5snf6c7qys9g2kia3h-hiawatha-10.7
cc "@ndowens"
* master: (81 commits)
Add NixOS 17.09 AMIs
gradle: 4.2 -> 4.2.1
maintainers.nix: use my GitHub handle as maintainer name
fcitx-engines.rime: init at 0.3.2
brise: init at 2017-09-16
librime: init at 1.2.9
marisa: init at 0.2.4
opencc: build shared library and programs
josm: 12712 -> 12914
exa: 0.7.0 -> 0.8.0
krb5: add deprecation date for old configuration
rustRegistry: 2017-09-10 -> 2017-10-03
go-ethereum: Fix libusb segmentation faults on Darwin
tor-browser-bundle-bin: 7.0.5 -> 7.0.6
libsodium: 1.0.13 -> 1.0.15
tor-browser-bundle: geoip support
tor-browser-bundle: support transports obfs2,obfs3
tor-browser-bundle: bump https-everywhere to 2017.9.12
tint2: limit platforms to Linux since macOS is not supported and fails the tests
eclipse-plugin-vrapper: init at 0.72.0
...
* pkgs: refactor needless quoting of homepage meta attribute
A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.
* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit
* Fixed some instances
Place them in $out/share/lighttpd/doc/config/.
Most importantly, this includes a complete set of mime types in the
$out/share/lighttpd/doc/config/conf.d/mime.conf file. The plan is to use
that file in the NixOS lighttpd module.
We did this for 2.2 (cc61d31902) but
lost this for 2.4. This reduces the Apache closure size from 312 MiB
to 102 MiB (primarily by getting rid of -dev outputs).
Version 2.0.0 is installed as a separate package called "couchdb2".
When setting the config option "package" attribute to pkgs.couchdb2, a
corresponding service configuration will be generated. If a previous
1.6 installation exists, the databases can still be found on the local
port (default: 5986) and can be replicated from there.
Note that single-node or cluster setup still needs to be configured
manually, as described in
http://docs.couchdb.org/en/2.0.0/install/index.html.
This commit permits incantations like `pkgs.nginx.override { gd = null; }` to
produce a slimmed-down nginx.
When used, this functionality removes a pile of stuff from nginx's closure.
The resulting nginx's closure:
$ nix-store -q -R /nix/store/wk3h0a4dmdmjmxkbd0q09iw0wfq0yzpz-nginx-1.10.2 | wc -l
12
$ nix-store -q -R /nix/store/gpcx77anqrj05qz0mrwm7hf4wgxry5py-nginx-1.10.2 | wc -l
24
In line with the Nixpkgs manual.
A mechanical change, done with this command:
find pkgs -name "*.nix" | \
while read f; do \
sed -e 's/description\s*=\s*"\([a-z]\)/description = "\u\1/' -i "$f"; \
done
I manually skipped some:
* Descriptions starting with an abbreviation, a user name or package name
* Frequently generated expressions (haskell-packages.nix)