Commit Graph

225 Commits

Author SHA1 Message Date
Vladimír Čunát
a10d11b59f gnutls: fix IDN support
- recent versions only accept libidn2 (not libidn)
- it's for free, as it's a runtime dependency of glibc anyway
2022-01-28 12:48:48 -08:00
Vladimír Čunát
67fc40aa12 gnutls: 3.7.2 -> 3.7.3
Includes a low-severity security fix.
https://lists.gnupg.org/pipermail/gnutls-help/2022-January/004736.html
2022-01-28 12:48:48 -08:00
Alyssa Ross
630883559a
pkgsStatic.gnutls: fix build 2021-11-23 20:34:44 +00:00
rnhmjoj
6f3b6a2fea
gnutls: enable p11-kit by default
GnuTLS has a single hard-coded location for the system trust store,
currently set to the path used by NixOS, Debian, Arch, Gentoo, etc.
Since not all distributions use the same path, notably Fedora and RHEL,
the certificate validation will break on some non-NixOS system.

This can be solved by enabling the p11-kit integration, so that by
default p11-kit (properly configured for all major distos) will provide
GnuTLS with the CA roots though the PKCS #11 API.
2021-11-18 22:38:22 +01:00
Vladimír Čunát
f083f92c1f
gnutls: avoid the (check-time) cacert dependency
The point is to reduce rebuild amount when updating cacert/nss,
though at *this* point it remains quite high - before & after:

Estimating rebuild amount by counting changed Hydra jobs (parallel=unset).
  13109 x86_64-darwin
  21567 x86_64-linux
Estimating rebuild amount by counting changed Hydra jobs (parallel=unset).
  13109 x86_64-darwin
  17141 x86_64-linux
2021-11-02 11:29:52 +01:00
github-actions[bot]
8b9fa8d446
Merge staging-next into staging 2021-06-16 18:04:48 +00:00
Alyssa Ross
b2ba2a9a4c
gnutls: fix homepage
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
  <head>
    <title>GnuTLS - GNU Project - Free Software Foundation</title>
    <meta http-equiv="content-type" content='text/html; charset=utf-8' />

    <meta http-equiv="refresh" content="1; url=https://gnutls.org/" />
    <script type="text/javascript">
          window.location.href = "https://gnutls.org/"
    </script>
  </head>
  <body>
    <p>GnuTLS is at <a
    href="https://gnutls.org/">https://gnutls.org/</a>.</p>
    <hr/>
  </body>
</html>
2021-06-16 13:14:38 +00:00
Vladimír Čunát
ace52589b0
gnutls: construct url from version
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2021-06-16 08:50:04 +02:00
Vladimír Čunát
99ab89a4f5
gnutls: remove unused patch
It was forgotten in commit 8a91c70ec1.
2021-06-11 06:55:04 +02:00
Vladimír Čunát
c41788d925
gnutls: simplify expression (pname + version)
We haven't supported multiple versions for a long time.
2021-06-11 06:53:41 +02:00
Vladimír Čunát
5945d9c484
gnutls: 3.7.1 -> 3.7.2
https://lists.gnupg.org/pipermail/gnutls-help/2021-May/004708.html
2021-06-10 19:54:41 +02:00
Kasper
54a942426e
gnutls: fix build with musl (#119569)
* gnutls: fix build with musl

* gnutls: don't handle old versions

Co-authored-by: Kasper Gałkowski <kpg@posteo.net>
2021-04-16 07:48:27 +01:00
Ben Wolsieffer
8a91c70ec1 gnutls: remove upstreamed armv7l patch 2021-04-16 00:14:30 -04:00
Vladimír Čunát
77cc22179b
gnutls: 3.7.0 -> 3.7.1
https://lists.gnupg.org/pipermail/gnutls-help/2021-March/004698.html
It includes a low-severity security fix:
https://gnutls.org/security-new.html#GNUTLS-SA-2021-03-10

postPatch: the patched file doesn't exist now and all tests still pass.
2021-03-18 16:02:56 +01:00
Martin Weinelt
e8308f4cbd
gnutls: 3.6.15 -> 3.7.0
https://lists.gnupg.org/pipermail/gnutls-help/2020-December/004670.html
2021-02-24 01:44:25 +01:00
Ivan Babrou
47f4eb0d66 gnutls: remove autogen from build dependencies
There's an error when compiling autogen on macos Big Sur with #105026,
and it compiles fine without autogen, so I see no reason to keep it.

The dependency on autogen was originally introduced in 31a128b32b,
but unfortunately there's no explanation for the reason and no linked issue.
2021-01-20 07:36:45 +00:00
Jonathan Ringer
9bb3fccb5b treewide: pkgs.pkgconfig -> pkgs.pkg-config, move pkgconfig to alias.nix
continuation of #109595

pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.

python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
2021-01-19 01:16:25 -08:00
Anderson Torres
52242b4e7d
Merge pull request #103925 from lopsided98/coreutils-tests-arm
coreutils, findutils, gnutls: fix build on 32-bit ARM
2020-12-07 23:38:08 -03:00
Graham Christensen
bc49a0815a
utillinux: rename to util-linux 2020-11-24 12:42:06 -05:00
Ben Wolsieffer
f54266824d gnutls: fix build on 32-bit ARM
Add an upstream patch to fix failing tests. The patch actually affects gnulib,
which is included as a vendored dependency.
2020-11-21 20:02:22 -05:00
Vladimír Čunát
2363e6eb9c
gnutls: 3.6.14 -> 3.6.15
Security: on-wire alert could cause NULL pointer dereference.
https://lists.gnupg.org/pipermail/gnutls-help/2020-September/004669.html
2020-09-23 10:34:00 +02:00
Cole Helbling
1dba117541
gnutls: 3.6.13 -> 3.6.14
Fixes CVE-2020-13777 [1].

Changes: https://lists.gnupg.org/pipermail/gnutls-help/2020-June/004648.html

[1] https://nvd.nist.gov/vuln/detail/CVE-2020-13777
2020-06-08 23:14:05 -07:00
Timo Kaufmann
bbb8132790
Merge pull request #80206 from Thra11/guile-gnutls
gnutls: fix guile bindings
2020-05-07 18:01:32 +00:00
Fabian Möller
0665c8776a
gnutls: fix musl build
`musl` produces a different output than `glibc` during some tests, which
let's them fail.

Using `getpass(3)` under `musl` when `stdin` is not a tty omits the
prompt, which the `certtool` test expects to find.

See https://gitlab.com/gnutls/gnutls/-/issues/945
2020-05-06 17:37:55 +02:00
Pavol Rusnak
7b0167204d treewide: use https for nixos.org and hydra.nixos.org
tarballs.nixos.org is omitted from the change because urls from there
are always hashed and checked
2020-05-03 22:14:21 -07:00
Jan Tojnar
a04625379a
Merge branch 'master' into staging-next 2020-04-13 18:50:35 +02:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Martin Milata
7cb24f9a8f gnutls: 3.6.12 -> 3.6.13
Fixes CVE-2020-11501.

Changes: https://lists.gnupg.org/pipermail/gnutls-help/2020-March/004642.html
2020-04-04 22:04:07 +02:00
Tom Hall
a7dc5f524c gnutls: fix guile bindings 2020-02-15 21:50:34 +00:00
Vladimír Čunát
3668d993a3
gnutls: move some docs that don't seem useful normally 2020-02-10 21:55:23 +01:00
R. RyanTM
07db37b935 gnutls: 3.6.11.1 -> 3.6.12 2020-02-09 09:00:17 +01:00
Will Dietz
c555684c6d gnutls: 3.6.10 -> 3.6.11 2019-12-05 10:26:56 +01:00
Robin Gloster
04fac845a4
Merge pull request #70596 from r-ryantm/auto-update/gnutls
gnutls: 3.6.9 -> 3.6.10
2019-10-16 00:15:24 +02:00
Ricardo M. Correia
2b24d465cc gnutls: fix test-ciphers-api.sh failure on aarch64
See https://gitlab.com/gnutls/gnutls/issues/764 for more info.
2019-10-10 01:12:11 +02:00
R. RyanTM
8340bd9562 gnutls: 3.6.9 -> 3.6.10
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/gnutls/versions
2019-10-07 02:16:44 -07:00
Will Dietz
e309ddb263
gnutls: 3.6.8 -> 3.6.9
https://gitlab.com/gnutls/gnutls/blob/gnutls_3_6_9/NEWS
2019-07-25 23:43:53 -05:00
Vladimír Čunát
07dbc438cc
gnutls: 3.6.7 -> 3.6.8 (bugfix)
No security fixes announced.
https://lists.gnupg.org/pipermail/gnutls-help/2019-May/004527.html
2019-05-28 13:51:55 +02:00
Vladimír Čunát
347cd8add7
gnutls: fix tests after 79bd4ad57 (PR #61179)
It's one of the places that would reach out to /etc/ otherwise,
so I expect we have to pay this price to get the effect.
Hopefully there won't be too many places to patch.
2019-05-19 14:45:52 +02:00
Vladimír Čunát
39c2b6452c
gnutls: respect NIX_SSL_CERT_FILE, same as our openssl
The patch should work fine, regardless of the Darwin patch being applied.
2019-04-22 16:43:45 +02:00
Daiderd Jordan
33e7d721b6
gnutls: remove 3.5.10
Nix packages are expected to honor NIX_SSL_CERT_FILE and this removes the
dependency on the framework while bootstrapping the stdenv.
(+ nitpick changes from vcunat)

The patch is based on c0eb46d346
2019-04-22 16:43:28 +02:00
Will Dietz
225b164cc3
gnutls: 3.6.6 -> 3.6.7, security!
https://lists.gnupg.org/pipermail/gnutls-help/2019-March/004497.html
Close #58437.
2019-03-28 11:58:27 +01:00
Jan Malakhovski
0df915c75c gnutls, gnutls-kdh: move defaults to package file 2019-02-03 15:33:26 +00:00
Will Dietz
4fe53f33a6 gnutls: drop comment, no longer needed 2019-01-27 14:59:58 -06:00
Will Dietz
5eca7642ad gnutls: 3.6.5 -> 3.6.6
"bug fix release on the stable branch"

https://lists.gnupg.org/pipermail/gnutls-help/2019-January/004484.html
2019-01-27 10:48:15 -06:00
Matthew Bauer
92f0f8dd68 Merge remote-tracking branch 'NixOS/master' into staging 2019-01-27 00:01:13 -05:00
Jörg Thalheim
b5c1deca8a
treewide: remove wkennington as maintainer
He prefers to contribute to his own nixpkgs fork triton.
Since he is still marked as maintainer in many packages
this leaves the wrong impression he still maintains those.
2019-01-26 10:05:32 +00:00
Vladimír Čunát
2ff530ec53
gnutls: 3.6.2 -> 3.6.5
No security problems have been published about 3.6.x so far,
but I'd certainly count the almost-transparent TLS 1.3 support
as a security improvement.
2019-01-21 17:54:34 +01:00
c0bw3b
0498ccd076 Treewide: use HTTPS on GNU domains
HTTP -> HTTPS for :
- http://gnu.org/
- http://www.gnu.org/
- http://elpa.gnu.org/
- http://lists.gnu.org/
- http://gcc.gnu.org/
- http://ftp.gnu.org/ (except in fetchurl mirrors)
- http://bugs.gnu.org/
2018-12-02 15:51:59 +01:00
volth
52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Matthew Bauer
9109a90479 treewide: remove some more gettext references 2018-03-22 16:50:14 -05:00