From a6b9ebc2fc92a72ca8a1e61e2d321804eec9d738 Mon Sep 17 00:00:00 2001 From: Eric Bavier Date: Tue, 23 Oct 2018 16:50:50 -0500 Subject: gnu: Add Combinatorial BLAS. * gnu/packages/maths.scm (combinatorial-blas): New variable. * gnu/packages/patches/combinatorial-blas-awpm.patch, gnu/packages/patches/combinatorial-blas-io-fix.patch: New files * gnu/local.mk(dist_patch_DATA): Add them. --- gnu/packages/patches/combinatorial-blas-awpm.patch | 67 ++++++++++++++++++++++ .../patches/combinatorial-blas-io-fix.patch | 14 +++++ 2 files changed, 81 insertions(+) create mode 100644 gnu/packages/patches/combinatorial-blas-awpm.patch create mode 100644 gnu/packages/patches/combinatorial-blas-io-fix.patch (limited to 'gnu/packages/patches') diff --git a/gnu/packages/patches/combinatorial-blas-awpm.patch b/gnu/packages/patches/combinatorial-blas-awpm.patch new file mode 100644 index 0000000000..86d4ab2dcf --- /dev/null +++ b/gnu/packages/patches/combinatorial-blas-awpm.patch @@ -0,0 +1,67 @@ +Install BipartiteMatchings headers for SuperLU_DIST. + +--- a/BipartiteMatchings/ApproxWeightPerfectMatching.h ++++ b/BipartiteMatchings/ApproxWeightPerfectMatching.h +@@ -9,7 +9,7 @@ + #ifndef ApproxWeightPerfectMatching_h + #define ApproxWeightPerfectMatching_h + +-#include "../CombBLAS.h" ++#include "CombBLAS.h" + #include "BPMaximalMatching.h" + #include "BPMaximumMatching.h" + #include +--- a/BipartiteMatchings/BPMaximalMatching.h ++++ b/BipartiteMatchings/BPMaximalMatching.h +@@ -1,7 +1,7 @@ + #ifndef BP_MAXIMAL_MATCHING_H + #define BP_MAXIMAL_MATCHING_H + +-#include "../CombBLAS.h" ++#include "CombBLAS.h" + #include + #include + #include +--- a/BipartiteMatchings/BPMaximumMatching.h ++++ b/BipartiteMatchings/BPMaximumMatching.h +@@ -1,7 +1,7 @@ + #ifndef BP_MAXIMUM_MATCHING_H + #define BP_MAXIMUM_MATCHING_H + +-#include "../CombBLAS.h" ++#include "CombBLAS.h" + #include + #include + #include +--- a/BipartiteMatchings/MatchingDefs.h ++++ b/BipartiteMatchings/MatchingDefs.h +@@ -9,7 +9,7 @@ + #ifndef MatchingDefs_h + #define MatchingDefs_h + +-#include "../CombBLAS.h" ++#include "CombBLAS.h" + #include + + namespace combblas { +--- a/BipartiteMatchings/Utility.h ++++ b/BipartiteMatchings/Utility.h +@@ -1,7 +1,7 @@ + #ifndef BP_UTILITY_H + #define BP_UTILITY_H + +-#include "../CombBLAS.h" ++#include "CombBLAS.h" + + namespace combblas { + +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -68,6 +68,7 @@ set_property(TARGET CombBLAS PROPERTY VERSION ${CombBLAS_VERSION}) + # installation + install(DIRECTORY include/ DESTINATION include) + install(DIRECTORY psort-1.0/include/ DESTINATION include) ++install(DIRECTORY BipartiteMatchings DESTINATION include FILES_MATCHING PATTERN "*.h") + install(TARGETS CombBLAS EXPORT CombBLASTargets + LIBRARY DESTINATION lib + ARCHIVE DESTINATION lib diff --git a/gnu/packages/patches/combinatorial-blas-io-fix.patch b/gnu/packages/patches/combinatorial-blas-io-fix.patch new file mode 100644 index 0000000000..0ad28e5e0b --- /dev/null +++ b/gnu/packages/patches/combinatorial-blas-io-fix.patch @@ -0,0 +1,14 @@ +IO not appropriate in the context of a sorting routine, and in any case the +proper headers are not included, so gcc emits an undefined symbol error. +Remove the "printf" statement. + +--- CombBLAS_beta_16_2/usort/include/usort/seqUtils.tcc ++++ CombBLAS_beta_16_2/usort/include/usort/seqUtils.tcc +@@ -142,7 +142,6 @@ + } + if ( (a[nmax]==a[nmin]) && (ctr==0) ) + { +- printf("All the numbers are identical, the list is sorted\n"); + return; + } + -- cgit v1.2.3 From fd3733432b531c7e4ef34f06c896bd27fcafb2f9 Mon Sep 17 00:00:00 2001 From: Eric Bavier Date: Wed, 24 Oct 2018 12:39:11 -0500 Subject: scotch: Upgrade to 6.0.6. * gnu/packages/maths.scm (scotch): Upgrade to 6.0.6. [source]: Remove patches that have been fixed upstream. [arguments]: Add 'install-metis' phase. [outputs]: New field. (pt-scotch, pt-scotch32)[arguments]: Add 'mpi-setup' phase. Use 'invoke'. * gnu/packages/patches/scotch-graph-diam-64.patch, gnu/packages/patches/scotch-graph-induce-type-64.patch, gnu/packages/patches/scotch-test-threading.patch: Delete files. * gnu/packages/patches/scotch-integer-declarations.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust as necessary. --- gnu/local.mk | 4 +- gnu/packages/maths.scm | 47 +++++++++++----------- gnu/packages/patches/scotch-graph-diam-64.patch | 27 ------------- .../patches/scotch-graph-induce-type-64.patch | 19 --------- .../patches/scotch-integer-declarations.patch | 37 +++++++++++++++++ gnu/packages/patches/scotch-test-threading.patch | 22 ---------- 6 files changed, 61 insertions(+), 95 deletions(-) delete mode 100644 gnu/packages/patches/scotch-graph-diam-64.patch delete mode 100644 gnu/packages/patches/scotch-graph-induce-type-64.patch create mode 100644 gnu/packages/patches/scotch-integer-declarations.patch delete mode 100644 gnu/packages/patches/scotch-test-threading.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index fb19c1a93c..d3b40b3934 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1219,10 +1219,8 @@ dist_patch_DATA = \ %D%/packages/patches/rust-reproducible-builds.patch \ %D%/packages/patches/rxvt-unicode-escape-sequences.patch \ %D%/packages/patches/scheme48-tests.patch \ - %D%/packages/patches/scotch-test-threading.patch \ %D%/packages/patches/scotch-build-parallelism.patch \ - %D%/packages/patches/scotch-graph-diam-64.patch \ - %D%/packages/patches/scotch-graph-induce-type-64.patch \ + %D%/packages/patches/scotch-integer-declarations.patch \ %D%/packages/patches/scribus-poppler.patch \ %D%/packages/patches/sdl-libx11-1.6.patch \ %D%/packages/patches/seq24-rename-mutex.patch \ diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm index b53fa7fad1..648cbfbac7 100644 --- a/gnu/packages/maths.scm +++ b/gnu/packages/maths.scm @@ -2424,25 +2424,25 @@ implemented in ANSI C, and MPI for communications.") (define-public scotch (package (name "scotch") - (version "6.0.5a") + (version "6.0.6") (source (origin (method url-fetch) (uri (string-append "https://gforge.inria.fr/frs/download.php/" "latestfile/298/scotch_" version ".tar.gz")) (sha256 - (base32 "0vsmgjz8qv80di3ljmc7hbdsizxxxwy2b9rgd2fl1mdc6dgbj8av")) - (patches (search-patches "scotch-test-threading.patch" - "scotch-build-parallelism.patch" - "scotch-graph-induce-type-64.patch" - "scotch-graph-diam-64.patch")))) + (base32 "1ky4k9r6jvajhqaqnnx6h8fkmds2yxgp70dpr1qzwcyhi2nhqvv8")) + (patches (search-patches "scotch-build-parallelism.patch" + "scotch-integer-declarations.patch")))) (build-system gnu-build-system) (inputs `(("zlib" ,zlib) ("flex" ,flex) ("bison" ,bison))) + (outputs '("out" "metis")) (arguments - `(#:phases + `(#:make-flags (list (string-append "prefix=" %output)) + #:phases (modify-phases %standard-phases (add-after 'unpack 'chdir-to-src @@ -2477,7 +2477,7 @@ YACC = bison -pscotchyy -y -b y '("COMMON_FILE_COMPRESS_GZ" "COMMON_PTHREAD" "COMMON_RANDOM_FIXED_SEED" - "INTSIZE64" ;use 'long' instead of 'int' + "INTSIZE64" ;use 'int64_t' ;; Prevents symbolc clashes with libesmumps "SCOTCH_RENAME" ;; XXX: Causes invalid frees in superlu-dist tests @@ -2490,22 +2490,21 @@ YACC = bison -pscotchyy -y -b y (invoke "make" (format #f "-j~a" (parallel-job-count)) "esmumps"))) - (replace - 'install - (lambda* (#:key outputs #:allow-other-keys) - (let ((out (assoc-ref outputs "out"))) - (mkdir out) - (invoke "make" - (string-append "prefix=" out) - "install") - ;; esmumps files are not installed with the above - (for-each (lambda (f) - (copy-file f (string-append out "/include/" f))) - (find-files "../include" ".*esmumps.h$")) - (for-each (lambda (f) - (copy-file f (string-append out "/lib/" f))) - (find-files "../lib" "^lib.*esmumps.*")) - #t)))))) + (add-before 'install 'make-install-dirs + (lambda* (#:key outputs #:allow-other-keys) + (mkdir (assoc-ref outputs "out")))) + (add-after 'install 'install-metis + (lambda* (#:key outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "metis"))) + (mkdir out) + ;; metis files are not installed with 'make install' + (for-each (lambda (f) + (install-file f (string-append out "/include"))) + (find-files "../include/" ".*metis\\.h")) + (for-each (lambda (f) + (install-file f (string-append out "/lib"))) + (find-files "../lib/" ".*metis\\..*")) + #t)))))) (home-page "http://www.labri.fr/perso/pelegrin/scotch/") (synopsis "Programs and libraries for graph algorithms") (description "SCOTCH is a set of programs and libraries which implement diff --git a/gnu/packages/patches/scotch-graph-diam-64.patch b/gnu/packages/patches/scotch-graph-diam-64.patch deleted file mode 100644 index 2ae31e3c3b..0000000000 --- a/gnu/packages/patches/scotch-graph-diam-64.patch +++ /dev/null @@ -1,27 +0,0 @@ -Fixes test_scotch_graph_diam test with -DINTSIZE64. - -Reported upstream at -https://gforge.inria.fr/tracker/index.php?func=detail&aid=21650&group_id=248&atid=1081 - ---- scotch-6.0.5a/src/libscotch/library.h -+++ scotch-6.0.5a/src/libscotch/library.h -@@ -187,6 +187,7 @@ SCOTCH_Num SCOTCH_graphBase (SCOTCH_Graph * const, const SCO - int SCOTCH_graphCheck (const SCOTCH_Graph * const); - void SCOTCH_graphSize (const SCOTCH_Graph * const, SCOTCH_Num * const, SCOTCH_Num * const); - void SCOTCH_graphData (const SCOTCH_Graph * const, SCOTCH_Num * const, SCOTCH_Num * const, SCOTCH_Num ** const, SCOTCH_Num ** const, SCOTCH_Num ** const, SCOTCH_Num ** const, SCOTCH_Num * const, SCOTCH_Num ** const, SCOTCH_Num ** const); -+SCOTCH_Num SCOTCH_graphDiamPV (SCOTCH_Graph * const); - void SCOTCH_graphStat (const SCOTCH_Graph * const, SCOTCH_Num * const, SCOTCH_Num * const, SCOTCH_Num * const, double * const, double * const, SCOTCH_Num * const, SCOTCH_Num * const, double * const, double * const, SCOTCH_Num * const, SCOTCH_Num * const, SCOTCH_Num * const, double * const, double * const); - int SCOTCH_graphCoarsen (const SCOTCH_Graph * const, const SCOTCH_Num, const double, const SCOTCH_Num, SCOTCH_Graph * const, SCOTCH_Num * const); - int SCOTCH_graphCoarsenMatch (const SCOTCH_Graph * const, SCOTCH_Num * const, const double, const SCOTCH_Num, SCOTCH_Num * const); ---- scotch-6.0.5a/src/libscotch/library_graph_diam.c -+++ scotch-6.0.5a/src/libscotch/library_graph_diam.c -@@ -72,8 +72,7 @@ - - SCOTCH_Num - SCOTCH_graphDiamPV ( --SCOTCH_Graph * const grafptr, --const SCOTCH_Num baseval) -+SCOTCH_Graph * const grafptr) - { - return ((SCOTCH_Num) graphDiamPV ((Graph * const) grafptr)); - } diff --git a/gnu/packages/patches/scotch-graph-induce-type-64.patch b/gnu/packages/patches/scotch-graph-induce-type-64.patch deleted file mode 100644 index d2eee52a7b..0000000000 --- a/gnu/packages/patches/scotch-graph-induce-type-64.patch +++ /dev/null @@ -1,19 +0,0 @@ -Fixes return type of SCOTCH_graphInduceList and SCOTCH_graphInducePart -so that the definition matches with -DINTSIZE64. - -Reported upstream at -https://gforge.inria.fr/tracker/index.php?func=detail&aid=21608&group_id=248&atid=1081 - ---- scotch_6.0.5a/src/libscotch/library.h.orig 2018-02-11 10:52:38.000000000 -0600 -+++ scotch_6.0.5a/src/libscotch/library.h 2018-02-23 16:56:41.000000000 -0600 -@@ -199,8 +199,8 @@ - int SCOTCH_graphGeomSaveChac (const SCOTCH_Graph * const, const SCOTCH_Geom * const, FILE * const, FILE * const, const char * const); - int SCOTCH_graphGeomSaveMmkt (const SCOTCH_Graph * const, const SCOTCH_Geom * const, FILE * const, FILE * const, const char * const); - int SCOTCH_graphGeomSaveScot (const SCOTCH_Graph * const, const SCOTCH_Geom * const, FILE * const, FILE * const, const char * const); --int SCOTCH_graphInduceList (const SCOTCH_Graph * const, const SCOTCH_Num, const SCOTCH_Num * const, SCOTCH_Graph * const); --int SCOTCH_graphInducePart (const SCOTCH_Graph * const, const SCOTCH_Num, const SCOTCH_GraphPart2 * const, const SCOTCH_GraphPart2, SCOTCH_Graph * const); -+SCOTCH_Num SCOTCH_graphInduceList (const SCOTCH_Graph * const, const SCOTCH_Num, const SCOTCH_Num * const, SCOTCH_Graph * const); -+SCOTCH_Num SCOTCH_graphInducePart (const SCOTCH_Graph * const, const SCOTCH_Num, const SCOTCH_GraphPart2 * const, const SCOTCH_GraphPart2, SCOTCH_Graph * const); - - int SCOTCH_graphMapInit (const SCOTCH_Graph * const, SCOTCH_Mapping * const, const SCOTCH_Arch * const, SCOTCH_Num * const); - void SCOTCH_graphMapExit (const SCOTCH_Graph * const, SCOTCH_Mapping * const); diff --git a/gnu/packages/patches/scotch-integer-declarations.patch b/gnu/packages/patches/scotch-integer-declarations.patch new file mode 100644 index 0000000000..978625c1c0 --- /dev/null +++ b/gnu/packages/patches/scotch-integer-declarations.patch @@ -0,0 +1,37 @@ +diff --git a/src/libscotch/library.h b/src/libscotch/library.h +index 1891c19..ecc0533 100644 +--- a/src/libscotch/library.h ++++ b/src/libscotch/library.h +@@ -67,6 +67,8 @@ + + /*+ Integer type. +*/ + ++#include ++ + typedef DUMMYIDX SCOTCH_Idx; + + typedef DUMMYINT SCOTCH_Num; +diff --git a/src/libscotchmetis/library_metis.h b/src/libscotchmetis/library_metis.h +index e6767e1..04e71c3 100644 +--- a/src/libscotchmetis/library_metis.h ++++ b/src/libscotchmetis/library_metis.h +@@ -99,6 +99,7 @@ typedef enum { + */ + + #ifndef SCOTCH_H /* In case "scotch.h" not included before */ ++#include + typedef DUMMYINT SCOTCH_Num; + #endif /* SCOTCH_H */ + +diff --git a/src/libscotchmetis/library_parmetis.h b/src/libscotchmetis/library_parmetis.h +index 6d2f0b0..3c803fc 100644 +--- a/src/libscotchmetis/library_parmetis.h ++++ b/src/libscotchmetis/library_parmetis.h +@@ -106,6 +106,7 @@ typedef enum { + */ + + #ifndef SCOTCH_H /* In case "scotch.h" not included before */ ++#include + typedef DUMMYINT SCOTCH_Num; + #endif /* SCOTCH_H */ + diff --git a/gnu/packages/patches/scotch-test-threading.patch b/gnu/packages/patches/scotch-test-threading.patch deleted file mode 100644 index de8cc49c41..0000000000 --- a/gnu/packages/patches/scotch-test-threading.patch +++ /dev/null @@ -1,22 +0,0 @@ -Fix this test so that it succeeds when the library is not compiled with -SCOTCH_PTHREAD. - ---- scotch_6.0.4/src/check/test_common_thread.c 2014-09-28 11:39:59.000000000 -0500 -+++ scotch_6.0.4/src/check/test_common_thread.c 2015-01-10 00:52:00.076229542 -0600 -@@ -175,14 +175,14 @@ - char * argv[]) - { - TestThreadGroup groudat; --#if ((defined COMMON_PTHREAD) || (defined SCOTCH_PTHREAD)) -+#if ((defined COMMON_PTHREAD) && (defined SCOTCH_PTHREAD)) - TestThread * restrict thrdtab; - int thrdnbr; - #endif /* ((defined COMMON_PTHREAD) || (defined SCOTCH_PTHREAD)) */ - - SCOTCH_errorProg (argv[0]); - --#if ((defined COMMON_PTHREAD) || (defined SCOTCH_PTHREAD)) -+#if ((defined COMMON_PTHREAD) && (defined SCOTCH_PTHREAD)) - thrdnbr = SCOTCH_PTHREAD_NUMBER; - - groudat.redusum = COMPVAL (thrdnbr); -- cgit v1.2.3 From 6161141e9181ca82f151779f8048b28e093a025f Mon Sep 17 00:00:00 2001 From: Eric Bavier Date: Wed, 31 Oct 2018 14:58:51 -0500 Subject: superlu-dist: Upgrade to 6.1.0. * gnu/packages/patches/superlu-dist-awpm-grid.patch: New file. * gnu/packages/maths.scm (superlu-dist)[source]: Upgrade to 6.0.0. Remove extraneous 'use-modules' in snippet. [build-system]: Change to cmake-build-system. [propagated-inputs]: Replace pt-scotch with pt-scotch32 to match integer sizes. Add "parmetis" input, from pt-scotch32. Move lapack to ... [inputs]: ...here. Add openblas and combinatorial-blas. [arguments]: Replace 'configure' phase with #:configure-flags. Add 'set-c++-standard' and 'omp-setup' phases. Remove 'create-install-directories, 'check', and 'install' phases, which are now handled by cmake. * gnu/local.mk (dist_patch_DATA): Add patch. --- gnu/local.mk | 1 + gnu/packages/maths.scm | 121 ++++++++-------------- gnu/packages/patches/superlu-dist-awpm-grid.patch | 36 +++++++ 3 files changed, 79 insertions(+), 79 deletions(-) create mode 100644 gnu/packages/patches/superlu-dist-awpm-grid.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index d3b40b3934..c76653b823 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1238,6 +1238,7 @@ dist_patch_DATA = \ %D%/packages/patches/soundtouch-CVE-2018-1000223.patch \ %D%/packages/patches/steghide-fixes.patch \ %D%/packages/patches/streamlink-update-test.patch \ + %D%/packages/patches/superlu-dist-awpm-grid.patch \ %D%/packages/patches/superlu-dist-scotchmetis.patch \ %D%/packages/patches/swig-guile-gc.patch \ %D%/packages/patches/swish-e-search.patch \ diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm index 648cbfbac7..e2f3d84d09 100644 --- a/gnu/packages/maths.scm +++ b/gnu/packages/maths.scm @@ -2298,20 +2298,18 @@ also provides threshold-based ILU factorization preconditioners.") (define-public superlu-dist (package (name "superlu-dist") - (version "5.3.0") + (version "6.1.0") (source (origin (method url-fetch) (uri (string-append "http://crd-legacy.lbl.gov/~xiaoye/SuperLU/" "superlu_dist_" version ".tar.gz")) (sha256 - (base32 "0ja5ihqivkda1wd58y4lmzvmwssm9g91f70c5q0fzwhng6580h6y")) + (base32 "0pqgcgh1yxhfzs99fas3mggajzd5wca3nbyp878rziy74gfk03dl")) (modules '((guix build utils))) (snippet ;; Replace the non-free implementation of MC64 with a stub '(begin - (use-modules (ice-9 regex) - (ice-9 rdelim)) (call-with-output-file "SRC/mc64ad_dist.c" (lambda (port) (display " @@ -2327,92 +2325,57 @@ void mc64ad_dist (int *a, int *b, int *c, int *d, int *e, double *f, int *g, abort (); }\n" port))) (substitute* "SRC/util.c" ;adjust default algorithm - (("RowPerm[[:blank:]]*=[[:blank:]]*LargeDiag") - "RowPerm = NOROWPERM")) + (("RowPerm[[:blank:]]*=[[:blank:]]*LargeDiag_MC64;") + ;; TODO: set to "LargeDiag_AWPM" once combinatorial-blas has + ;; general (i.e. non-square) processor-grid support. + "RowPerm = NOROWPERM;")) #t)) - (patches (search-patches "superlu-dist-scotchmetis.patch")))) - (build-system gnu-build-system) + (patches (search-patches "superlu-dist-scotchmetis.patch" + "superlu-dist-awpm-grid.patch")))) + (build-system cmake-build-system) (native-inputs `(("tcsh" ,tcsh))) (inputs - `(("gfortran" ,gfortran))) + `(("gfortran" ,gfortran) + ("blas" ,openblas) + ("lapack" ,lapack) + ("combblas" ,combinatorial-blas))) (propagated-inputs - `(("openmpi" ,openmpi) ;headers include MPI heades - ("lapack" ,lapack) ;required to link with output library - ("pt-scotch" ,pt-scotch))) ;same + `(("mpi" ,openmpi) ;headers include MPI heades + ("parmetis" ,pt-scotch32 "metis") + ("pt-scotch" ,pt-scotch32))) (arguments - `(#:parallel-build? #f ;race conditions using ar + `(#:parallel-tests? #f ;tests use MPI and OpenMP + #:configure-flags (list "-DBUILD_SHARED_LIBS:BOOL=YES" + "-DTPL_ENABLE_COMBBLASLIB=YES" + "-DTPL_BLAS_LIBRARIES=-lopenblas" + "-DTPL_LAPACK_LIBRARIES=-llapack" + (string-append "-DTPL_PARMETIS_LIBRARIES=" + (string-join + '("ptscotchparmetis" "ptscotch" "ptscotcherr" + "scotchmetis" "scotch" "scotcherr") + ";")) + (string-append "-DTPL_PARMETIS_INCLUDE_DIRS=" + (assoc-ref %build-inputs "parmetis") + "/include") + "-DTPL_ENABLE_COMBBLASLIB=ON" + (string-append "-DTPL_COMBBLAS_INCLUDE_DIRS=" + (assoc-ref %build-inputs "combblas") + "/include/CombBLAS;" + (assoc-ref %build-inputs "combblas") + "/include/BipartiteMatchings") + "-DTPL_COMBBLAS_LIBRARIES=CombBLAS") #:phases (modify-phases %standard-phases - (replace 'configure - (lambda* (#:key inputs outputs #:allow-other-keys) - (call-with-output-file "make.inc" - (lambda (port) - (format port " -PLAT = -DSuperLUroot = ~a -DSUPERLULIB = ~a/lib/libsuperlu_dist.a -BLASDEF = -DUSE_VENDOR_BLAS -BLASLIB = -L~a/lib -lblas -PARMETISLIB = -L~a/lib \ - -lptscotchparmetis -lptscotch -lptscotcherr -lptscotcherrexit \ - -lscotch -lscotcherr -lscotcherrexit -METISLIB = -L~:*~a/lib \ - -lscotchmetis -lscotch -lscotcherr -lscotcherrexit -LIBS = $(DSUPERLULIB) $(PARMETISLIB) $(METISLIB) $(BLASLIB) -ARCH = ar -ARCHFLAGS = cr -RANLIB = ranlib -CC = mpicc -PIC = -fPIC -CFLAGS = -O3 -g -DPRNTlevel=0 $(PIC) -NOOPTS = -O0 -g $(PIC) -FORTRAN = mpifort -FFLAGS = -O2 -g $(PIC) -LOADER = $(CC) -CDEFS = -DAdd_" - (getcwd) - (assoc-ref outputs "out") - (assoc-ref inputs "lapack") - (assoc-ref inputs "pt-scotch")))) - #t)) - (add-after 'unpack 'remove-broken-symlinks + (add-before 'configure 'set-c++-standard (lambda _ - (for-each delete-file - (find-files "MAKE_INC" "\\.#make\\..*")) - #t)) - (add-before 'build 'create-install-directories - (lambda* (#:key outputs #:allow-other-keys) - (for-each - (lambda (dir) - (mkdir-p (string-append (assoc-ref outputs "out") - "/" dir))) - '("lib" "include")) - #t)) + (substitute* "CMakeLists.txt" + ;; AWPM headers require C++14 + (("CMAKE_CXX_STANDARD 11") "CMAKE_CXX_STANDARD 14")))) (add-before 'check 'mpi-setup ,%openmpi-setup) - (replace 'check - (lambda _ - (with-directory-excursion "EXAMPLE" - (invoke "mpirun" "-n" "2" - "./pddrive" "-r" "1" "-c" "2" "g20.rua") - (invoke "mpirun" "-n" "2" - "./pzdrive" "-r" "1" "-c" "2" "cg20.cua")) - #t)) - (replace 'install - (lambda* (#:key outputs #:allow-other-keys) - ;; Library is placed in lib during the build phase. Copy over - ;; headers to include. - (let* ((out (assoc-ref outputs "out")) - (incdir (string-append out "/include"))) - (for-each (lambda (file) - (let ((base (basename file))) - (format #t "installing `~a' to `~a'~%" - base incdir) - (copy-file file - (string-append incdir "/" base)))) - (find-files "SRC" ".*\\.h$"))) - #t))))) + (add-before 'check 'omp-setup + (lambda _ (setenv "OMP_NUM_THREADS" "1") #t))))) (home-page (package-home-page superlu)) (synopsis "Parallel supernodal direct solver") (description diff --git a/gnu/packages/patches/superlu-dist-awpm-grid.patch b/gnu/packages/patches/superlu-dist-awpm-grid.patch new file mode 100644 index 0000000000..d6cb8e521d --- /dev/null +++ b/gnu/packages/patches/superlu-dist-awpm-grid.patch @@ -0,0 +1,36 @@ +Create the CombBLAS::SpParMat with the MPI_Comm from the input 'gridinfo_t'. +This prevents a warning/error from CombBLAS about using MPI_COMM_WORLD. + +--- a/SRC/AWPM_CombBLAS.hpp ++++ b/SRC/AWPM_CombBLAS.hpp +@@ -52,7 +52,7 @@ + { + printf("AWPM only supports square process grid. Retuning without a permutation.\n"); + } +- combblas::SpParMat < int_t, double, combblas::SpDCCols > Adcsc; ++ combblas::SpParMat < int_t, double, combblas::SpDCCols > Adcsc(grid->comm); + std::vector< std::vector < std::tuple > > data(procs); + + /* ------------------------------------------------------------ +@@ -100,11 +100,10 @@ + combblas::AWPM(Adcsc, mateRow2Col, mateCol2Row,true); + + // now gather the matching vector +- MPI_Comm World = mateRow2Col.getcommgrid()->GetWorld(); + int * rdispls = new int[procs]; + int sendcnt = mateRow2Col.LocArrSize(); + int * recvcnt = new int[procs]; +- MPI_Allgather(&sendcnt, 1, MPI_INT, recvcnt, 1, MPI_INT, World); ++ MPI_Allgather(&sendcnt, 1, MPI_INT, recvcnt, 1, MPI_INT, grid->comm); + rdispls[0] = 0; + for(int i=0; i(), ScalePermstruct->perm_r, recvcnt, rdispls, combblas::MPIType(), World); ++ MPI_Allgatherv(senddata, sendcnt, combblas::MPIType(), ScalePermstruct->perm_r, recvcnt, rdispls, combblas::MPIType(), grid->comm); + + delete[] rdispls; + delete[] recvcnt; -- cgit v1.2.3 From dd7bc92afcd4b69849fc55041ac0261315cde2da Mon Sep 17 00:00:00 2001 From: Christopher Baines Date: Thu, 3 Jan 2019 21:20:33 +0000 Subject: gnu: linkchecker: Fix most test failures. Add a patch to skip more tests that require the network. Along with some other changes, this gets all but of one of the tests passing. The remaining test is broken due to a problem with the Python package in Guix, which is fixed by [1] which is currently on the core-updates branch. This patch doesn't work on core-updates due to python2-miniboa not being present. 1: d453b0e11d3f001a8160a7d126fdbf40e45d5042 * gnu/packages/python.scm (linkchecker)[source]: Add patch. [native-inputs]: Add more inputs required for the tests. [arguments]: Enable the tests, move the 'check phase after 'install. Test using the installed software, and use py.test. --- gnu/local.mk | 1 + ...-mark-more-tests-that-require-the-network.patch | 182 +++++++++++++++++++++ gnu/packages/web.scm | 29 +++- 3 files changed, 211 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/linkchecker-mark-more-tests-that-require-the-network.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index c76653b823..cb84fc0e81 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1004,6 +1004,7 @@ dist_patch_DATA = \ %D%/packages/patches/lierolibre-newer-libconfig.patch \ %D%/packages/patches/lierolibre-remove-arch-warning.patch \ %D%/packages/patches/lierolibre-try-building-other-arch.patch \ + %D%/packages/patches/linkchecker-mark-more-tests-that-require-the-network.patch \ %D%/packages/patches/linux-pam-no-setfsuid.patch \ %D%/packages/patches/lirc-localstatedir.patch \ %D%/packages/patches/lirc-reproducible-build.patch \ diff --git a/gnu/packages/patches/linkchecker-mark-more-tests-that-require-the-network.patch b/gnu/packages/patches/linkchecker-mark-more-tests-that-require-the-network.patch new file mode 100644 index 0000000000..f3e488cec2 --- /dev/null +++ b/gnu/packages/patches/linkchecker-mark-more-tests-that-require-the-network.patch @@ -0,0 +1,182 @@ +From f24c88a0732024028fffe0372039a847e91722ea Mon Sep 17 00:00:00 2001 +From: Christopher Baines +Date: Tue, 1 Jan 2019 22:36:29 +0000 +Subject: [PATCH] Mark more tests that require the network + +I believe all these tests require the network, at least they seem to +fail if it's I run them without connecting my computer to the web. + +I'm looking at this as part of packaging linkchecker for GNU Guix, +where the package is build and the tests are run in a isolated +environment, intentionally without network access, to avoid issues +with non-reproducible package builds. +--- + tests/checker/test_http.py | 2 ++ + tests/checker/test_http_misc.py | 2 ++ + tests/checker/test_http_redirect.py | 2 ++ + tests/checker/test_httpbin.py | 5 +++++ + tests/checker/test_misc.py | 4 ++++ + tests/checker/test_whitespace.py | 3 +++ + 6 files changed, 18 insertions(+) + +diff --git a/tests/checker/test_http.py b/tests/checker/test_http.py +index e4c1e097..8a8af567 100644 +--- a/tests/checker/test_http.py ++++ b/tests/checker/test_http.py +@@ -20,6 +20,7 @@ + + import pytest + ++from tests import need_network + from .httpserver import HttpServerTest, CookieRedirectHttpRequestHandler + + class TestHttp (HttpServerTest): +@@ -29,6 +30,7 @@ def __init__(self, methodName='runTest'): + super(TestHttp, self).__init__(methodName=methodName) + self.handler = CookieRedirectHttpRequestHandler + ++ @need_network + def test_html (self): + confargs = dict(recursionlevel=1) + self.file_test("http.html", confargs=confargs) +diff --git a/tests/checker/test_http_misc.py b/tests/checker/test_http_misc.py +index 9922d85f..c6b6afdb 100644 +--- a/tests/checker/test_http_misc.py ++++ b/tests/checker/test_http_misc.py +@@ -20,11 +20,13 @@ + import os + import sys + from .httpserver import HttpServerTest ++from tests import need_network + from linkcheck.network import iputil + + class TestHttpMisc (HttpServerTest): + """Test http:// misc link checking.""" + ++ @need_network + def test_html (self): + self.swf_test() + self.obfuscate_test() +diff --git a/tests/checker/test_http_redirect.py b/tests/checker/test_http_redirect.py +index f212d98e..2253a70d 100644 +--- a/tests/checker/test_http_redirect.py ++++ b/tests/checker/test_http_redirect.py +@@ -17,6 +17,7 @@ + """ + Test http checking. + """ ++from tests import need_network + from .httpserver import HttpServerTest, CookieRedirectHttpRequestHandler + + class TestHttpRedirect (HttpServerTest): +@@ -26,6 +27,7 @@ def __init__(self, methodName='runTest'): + super(TestHttpRedirect, self).__init__(methodName=methodName) + self.handler = CookieRedirectHttpRequestHandler + ++ @need_network + def test_redirect (self): + self.redirect1() + self.redirect2() +diff --git a/tests/checker/test_httpbin.py b/tests/checker/test_httpbin.py +index 0319c2f6..4c8fa846 100644 +--- a/tests/checker/test_httpbin.py ++++ b/tests/checker/test_httpbin.py +@@ -18,6 +18,7 @@ + Test http stuff with httpbin.org. + """ + import re ++from tests import need_network + from . import LinkCheckTest + + +@@ -30,6 +31,7 @@ def get_httpbin_url(path): + class TestHttpbin(LinkCheckTest): + """Test http:// link redirection checking.""" + ++ @need_network + def test_http_link(self): + linkurl = u"http://www.example.com" + nlinkurl = self.norm(linkurl) +@@ -48,6 +50,7 @@ def test_http_link(self): + ] + self.direct(url, resultlines, recursionlevel=1) + ++ @need_network + def test_basic_auth(self): + user = u"testuser" + password = u"testpassword" +@@ -67,6 +70,7 @@ def test_basic_auth(self): + ] + self.direct(url, resultlines, confargs=confargs) + ++ @need_network + def test_http_refresh_header(self): + linkurl = u"http://www.example.com" + nlinkurl = self.norm(linkurl) +@@ -85,6 +89,7 @@ def test_http_refresh_header(self): + ] + self.direct(url, resultlines, recursionlevel=1) + ++ @need_network + def test_http_content_location_header(self): + linkurl = u"http://www.example.com" + nlinkurl = self.norm(linkurl) +diff --git a/tests/checker/test_misc.py b/tests/checker/test_misc.py +index 2e4cfd07..f9591f9d 100644 +--- a/tests/checker/test_misc.py ++++ b/tests/checker/test_misc.py +@@ -17,6 +17,7 @@ + """ + Test miscellaneous html tag parsing and URL types + """ ++from tests import need_network + from . import LinkCheckTest + + +@@ -25,15 +26,18 @@ class TestMisc (LinkCheckTest): + Test misc link types. + """ + ++ @need_network + def test_misc (self): + self.file_test("misc.html") + + def test_html5 (self): + self.file_test("html5.html") + ++ @need_network + def test_archive (self): + self.file_test("archive.html") + ++ @need_network + def test_itms_services(self): + url = u"itms-services:?action=download-manifest&url=http://www.example.com/" + resultlines = [ +diff --git a/tests/checker/test_whitespace.py b/tests/checker/test_whitespace.py +index 609c108a..fc2727d6 100644 +--- a/tests/checker/test_whitespace.py ++++ b/tests/checker/test_whitespace.py +@@ -17,6 +17,7 @@ + """ + Test whitespace handling. + """ ++from tests import need_network + from . import LinkCheckTest + + +@@ -25,6 +26,7 @@ class TestWhitespace (LinkCheckTest): + Test whitespace in URLs. + """ + ++ @need_network + def test_leading_whitespace (self): + # Leading whitespace + url = u" http://www.example.org/" +@@ -50,6 +52,7 @@ def test_leading_whitespace (self): + ] + self.direct(url, resultlines) + ++ @need_network + def test_trailing_whitespace (self): + # Trailing whitespace + url = u"http://www.example.org/ " diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index d3693dff05..776027ced7 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -5330,6 +5330,9 @@ Instagram and YouTube.") (uri (git-reference (url "https://github.com/linkchecker/linkchecker") (commit (string-append "v" version)))) + (patches + (search-patches + "linkchecker-mark-more-tests-that-require-the-network.patch")) (file-name (git-file-name name version)) (sha256 (base32 @@ -5339,8 +5342,32 @@ Instagram and YouTube.") `(("python2-dnspython" ,python2-dnspython) ("python2-pyxdg" ,python2-pyxdg) ("python2-requests" ,python2-requests))) + (native-inputs + `(("gettext" ,gettext-minimal) + ("python2-pytest" ,python2-pytest) + ("python2-miniboa" ,python2-miniboa) + ("python2-parameterized" ,python2-parameterized))) (arguments - `(#:python ,python-2)) + `(#:python ,python-2 + #:phases + (modify-phases %standard-phases + ;; Move the 'check phase to after 'install, so that the installed + ;; library can be used + (delete 'check) + (add-after 'install 'check + (lambda* (#:key outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + ;; Set PYTHONPATH so that the installed linkchecker is used + (setenv "PYTHONPATH" + (string-append out "/lib/python2.7/site-packages" + ":" + (getenv "PYTHONPATH"))) + ;; Remove this directory to avoid it being used when running + ;; the tests + (delete-file-recursively "linkcheck") + + (invoke "py.test" "tests")) + #t))))) (home-page "https://linkcheck.github.io/linkchecker") (synopsis "Check websites for broken links") (description "LinkChecker is a website validator. It checks for broken -- cgit v1.2.3 From 23c2598233a21699d4b2c6e595d9491a4c981e72 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Tue, 29 Jan 2019 09:47:25 +0200 Subject: gnu: x265: Update to 3.0. * gnu/packages/video.scm (x265): Update to 3.0. [source]: Remove patch. * gnu/packages/patches/x265-detect512-all-arches.patch: Remove file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - .../patches/x265-detect512-all-arches.patch | 37 ---------------------- gnu/packages/video.scm | 7 ++-- 3 files changed, 3 insertions(+), 42 deletions(-) delete mode 100644 gnu/packages/patches/x265-detect512-all-arches.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index 7dfaf45b69..6b649e1f86 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1333,7 +1333,6 @@ dist_patch_DATA = \ %D%/packages/patches/wpa-supplicant-fix-nonce-reuse.patch \ %D%/packages/patches/wpa-supplicant-krack-followups.patch \ %D%/packages/patches/x265-arm-flags.patch \ - %D%/packages/patches/x265-detect512-all-arches.patch \ %D%/packages/patches/xboing-CVE-2004-0149.patch \ %D%/packages/patches/xf86-video-ark-remove-mibstore.patch \ %D%/packages/patches/xf86-video-geode-glibc-2.20.patch \ diff --git a/gnu/packages/patches/x265-detect512-all-arches.patch b/gnu/packages/patches/x265-detect512-all-arches.patch deleted file mode 100644 index 4d39d868fd..0000000000 --- a/gnu/packages/patches/x265-detect512-all-arches.patch +++ /dev/null @@ -1,37 +0,0 @@ -https://sources.debian.org/data/main/x/x265/2.9-3/debian/patches/0003-detect512-is-needed-on-all-architectures.patch - -From: Adam Sampson -Date: Sun, 14 Oct 2018 14:04:18 +0200 -Subject: detect512 is needed on all architectures - ---- - source/common/cpu.cpp | 9 +++++---- - 1 file changed, 5 insertions(+), 4 deletions(-) - -diff --git a/source/common/cpu.cpp b/source/common/cpu.cpp -index 0681ff5..fa687da 100644 ---- a/source/common/cpu.cpp -+++ b/source/common/cpu.cpp -@@ -110,6 +110,11 @@ const cpu_name_t cpu_names[] = - { "", 0 }, - }; - -+bool detect512() -+{ -+ return(enable512); -+} -+ - #if X265_ARCH_X86 - - extern "C" { -@@ -123,10 +128,6 @@ uint64_t PFX(cpu_xgetbv)(int xcr); - #pragma warning(disable: 4309) // truncation of constant value - #endif - --bool detect512() --{ -- return(enable512); --} - uint32_t cpu_detect(bool benableavx512 ) - { - diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 190a6c9a06..193c979515 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -399,7 +399,7 @@ and creating Matroska files from other media files (@code{mkvmerge}).") (define-public x265 (package (name "x265") - (version "2.9") + (version "3.0") (outputs '("out" "static")) (source (origin @@ -408,9 +408,8 @@ and creating Matroska files from other media files (@code{mkvmerge}).") "x265_" version ".tar.gz")) (sha256 (base32 - "090hp4216isis8q5gb7bwzia8rfyzni54z21jnwm97x3hiy6ibpb")) - (patches (search-patches "x265-arm-flags.patch" - "x265-detect512-all-arches.patch")) + "0qh65wdpasrspkm1y0dlfa123myax568yi0sas0lmg5b1hkgrff5")) + (patches (search-patches "x265-arm-flags.patch")) (modules '((guix build utils))) (snippet '(begin (delete-file-recursively "source/compat/getopt") -- cgit v1.2.3 From 948879eeda8fcacf6bdbf45111941eb5e964156e Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Tue, 29 Jan 2019 21:15:36 -0500 Subject: gnu: icecat: Add icecat-source. * gnu/packages/gnuzilla.scm (computed-origin-method): New variable. (%icecat-version, icecat-source): New variables. * gnu/packages/patches/icecat-makeicecat.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 3 +- gnu/packages/gnuzilla.scm | 175 ++++++++++++++++++++++++++- gnu/packages/patches/icecat-makeicecat.patch | 154 +++++++++++++++++++++++ 3 files changed, 330 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/icecat-makeicecat.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index 6b649e1f86..c4b172f90e 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -2,7 +2,7 @@ # Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès # Copyright © 2013, 2014, 2015, 2016, 2017, 2018 Andreas Enge # Copyright © 2016 Mathieu Lirzin -# Copyright © 2013, 2014, 2015, 2016, 2017, 2018 Mark H Weaver +# Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Mark H Weaver # Copyright © 2016 Chris Marusich # Copyright © 2016, 2017, 2018 Kei Kebreau # Copyright © 2016, 2017 Rene Saavedra @@ -886,6 +886,7 @@ dist_patch_DATA = \ %D%/packages/patches/hurd-fix-eth-multiplexer-dependency.patch \ %D%/packages/patches/hplip-remove-imageprocessor.patch \ %D%/packages/patches/hydra-disable-darcs-test.patch \ + %D%/packages/patches/icecat-makeicecat.patch \ %D%/packages/patches/icecat-avoid-bundled-libraries.patch \ %D%/packages/patches/icecat-use-system-graphite2+harfbuzz.patch \ %D%/packages/patches/icecat-use-system-media-libs.patch \ diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 0ef8a91bfa..8f400dc74d 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2015 Andreas Enge ;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès -;;; Copyright © 2014, 2015, 2016, 2017, 2018 Mark H Weaver +;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Mark H Weaver ;;; Copyright © 2015 Sou Bunnbu ;;; Copyright © 2016, 2017, 2018 Efraim Flashner ;;; Copyright © 2016 Alex Griffin @@ -33,12 +33,17 @@ #:use-module (guix packages) #:use-module (guix download) #:use-module (guix git-download) + #:use-module (guix gexp) + #:use-module (guix store) + #:use-module (guix monads) #:use-module (guix utils) #:use-module (guix build-system gnu) #:use-module (guix build-system cargo) + #:use-module (gnu packages admin) #:use-module (gnu packages audio) #:use-module (gnu packages autotools) #:use-module (gnu packages base) + #:use-module (gnu packages bash) #:use-module (gnu packages check) #:use-module (gnu packages databases) #:use-module (gnu packages glib) @@ -559,6 +564,174 @@ security standards.") (sha256 (base32 hash)) (file-name file-name))) +(define* (computed-origin-method gexp-promise hash-algo hash + #:optional (name "source") + #:key (system (%current-system)) + (guile (default-guile))) + "Return a derivation that executes the G-expression that results +from forcing GEXP-PROMISE." + (mlet %store-monad ((guile (package->derivation guile system))) + (gexp->derivation (or name "computed-origin") + (force gexp-promise) + #:system system + #:guile-for-build guile))) + +(define %icecat-version "60.5.0-guix1") + +;; 'icecat-source' is a "computed" origin that generates an IceCat tarball +;; from the corresponding upstream Firefox ESR tarball, using the 'makeicecat' +;; script from the upstream IceCat project. +(define icecat-source + (let* ((base-version (first (string-split %icecat-version #\-))) + + (major-version (first (string-split base-version #\.))) + (minor-version (second (string-split base-version #\.))) + (sub-version (third (string-split base-version #\.))) + + (upstream-firefox-version (string-append base-version "esr")) + (upstream-firefox-source + (origin + (method url-fetch) + (uri (string-append + "https://ftp.mozilla.org/pub/firefox/releases/" + upstream-firefox-version "/source/" + "firefox-" upstream-firefox-version ".source.tar.xz")) + (sha256 + (base32 + "09a0kk250r03984n1hdwr2rg1vmhi2jkyzzgbbvkf9h9hzp6j7qs")))) + + (upstream-icecat-base-version "60.3.0") ; maybe older than base-version + (upstream-icecat-gnu-version "1") + (upstream-icecat-version (string-append upstream-icecat-base-version + "-gnu" + upstream-icecat-gnu-version)) + (upstream-icecat-source + (origin + (method url-fetch) + (uri (string-append + "mirror://gnu/gnuzilla/" upstream-icecat-base-version + "/icecat-" upstream-icecat-version ".tar.bz2")) + (sha256 + (base32 + "0icnl64nxcyf7dprpdpygxhabsvyhps8c3ixysj9bcdlj9q34ib1")))) + + (gnuzilla-commit (string-append "v" upstream-icecat-base-version)) + (gnuzilla-source + (origin + (method git-fetch) + (uri (git-reference + (url "git://git.savannah.gnu.org/gnuzilla.git") + (commit gnuzilla-commit))) + (file-name (git-file-name "gnuzilla" upstream-icecat-base-version)) + (sha256 + (base32 + "19wal7hkbb4wvk40hs6d7a5paal2bfday08hwssm02srcbv48fj0")))) + + (makeicecat-patch + (local-file (search-patch "icecat-makeicecat.patch")))) + + (origin + (method computed-origin-method) + (file-name (string-append "icecat-" %icecat-version ".tar.xz")) + (sha256 #f) + (uri + (delay + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (let ((firefox-dir + (string-append "firefox-" #$base-version)) + (icecat-dir + (string-append "icecat-" #$%icecat-version)) + (old-icecat-dir + (string-append "icecat-" #$upstream-icecat-base-version))) + + (mkdir "/tmp/bin") + (set-path-environment-variable + "PATH" '("bin") + (list "/tmp" + #+(canonical-package bash) + #+(canonical-package coreutils) + #+(canonical-package findutils) + #+(canonical-package patch) + #+(canonical-package xz) + #+(canonical-package sed) + #+(canonical-package grep) + #+(canonical-package bzip2) + #+(canonical-package gzip) + #+(canonical-package tar) + #+rename)) + + (symlink #+(file-append rename "/bin/rename") + "/tmp/bin/prename") + + ;; We copy the gnuzilla source directory because it is + ;; read-only in 'gnuzilla-source', and the makeicecat script + ;; uses "cp -a" to copy parts of it and assumes that the + ;; copies will be writable. + (copy-recursively #+gnuzilla-source "/tmp/gnuzilla" + #:log (%make-void-port "w")) + + (with-directory-excursion "/tmp/gnuzilla" + (make-file-writable "makeicecat") + (invoke "patch" "--force" "--no-backup-if-mismatch" + "-p1" "--input" #+makeicecat-patch) + (patch-shebang "makeicecat") + (substitute* "makeicecat" + (("^FFMAJOR=.*") + (string-append "FFMAJOR=" #$major-version "\n")) + (("^FFMINOR=.*") + (string-append "FFMINOR=" #$minor-version "\n")) + (("^FFSUB=.*") + (string-append "FFSUB=" #$sub-version "\n")) + (("^GNUVERSION=.*") + (string-append "GNUVERSION=" + #$upstream-icecat-gnu-version "\n")) + (("^DATA=.*") + "DATA=/tmp/gnuzilla/data\n") + (("^sed .* debian/" all) + (string-append "echo warning: skipped: " all)) + (("^debian/rules " all) + (string-append "echo warning: skipped: " all)) + (("^find extensions/gnu/ ") + "find extensions/gnu/ | sort ") + (("/bin/sed") + #+(file-append (canonical-package sed) "/bin/sed")))) + + (format #t "Unpacking upstream firefox tarball...~%") + (force-output) + (invoke "tar" "xf" #+upstream-firefox-source) + (rename-file firefox-dir icecat-dir) + + (with-directory-excursion icecat-dir + (for-each mkdir-p '("l10n" "debian/config")) + (call-with-output-file "debian/control" (const #t)) + (format #t "Running makeicecat script...~%") + (force-output) + (invoke "bash" "/tmp/gnuzilla/makeicecat") + (for-each delete-file-recursively '("l10n" "debian"))) + + (format #t (string-append "Unpacking l10n/* and debian/* from" + " upstream IceCat tarball...~%")) + (force-output) + (unless (string=? icecat-dir old-icecat-dir) + (symlink icecat-dir old-icecat-dir)) + (invoke "tar" "xf" #+upstream-icecat-source + (string-append old-icecat-dir "/l10n") + (string-append old-icecat-dir "/debian")) + + (format #t (string-append "Packing new IceCat tarball...~%")) + (force-output) + (invoke "tar" "cfa" #$output + ;; avoid non-determinism in the archive + "--mtime=@0" + "--owner=root:0" + "--group=root:0" + "--sort=name" + icecat-dir) + + #t)))))))) + (define-public icecat (package (name "icecat") diff --git a/gnu/packages/patches/icecat-makeicecat.patch b/gnu/packages/patches/icecat-makeicecat.patch new file mode 100644 index 0000000000..2a11bf0b70 --- /dev/null +++ b/gnu/packages/patches/icecat-makeicecat.patch @@ -0,0 +1,154 @@ +Make some of the changes needed to the 'makeicecat' script, to allow it to run +in a snippet without network access. After this patch is applied, some +additional changes will be made using 'substitute*'. + +diff --git a/makeicecat b/makeicecat +index aa46b94..db27a86 100644 +--- a/makeicecat ++++ b/makeicecat +@@ -36,75 +36,75 @@ export DEBFULLNAME="Ruben Rodriguez" + + DATA="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"/data + +-mkdir output +-cd output ++# mkdir output ++# cd output + + ############################################################################### + # Retrieve FF source code + ############################################################################### + +-rm mozilla-esr${FFMAJOR} $SOURCEDIR -rf +- +-wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz +-wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc +-gpg --recv-keys --keyserver keyserver.ubuntu.com 24C6F355 +-gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc +- +-echo Extracting Firefox tarball +-tar -xf firefox-${FFVERSION}esr.source.tar.xz +- +-mv firefox-${FFVERSION} $SOURCEDIR ++# rm mozilla-esr${FFMAJOR} $SOURCEDIR -rf ++# ++# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz ++# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc ++# gpg --recv-keys --keyserver keyserver.ubuntu.com 24C6F355 ++# gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc ++# ++# echo Extracting Firefox tarball ++# tar -xf firefox-${FFVERSION}esr.source.tar.xz ++# ++# mv firefox-${FFVERSION} $SOURCEDIR + + ############################################################################### + # Retrieve /debian from Ubuntu + ############################################################################### + +-rm -rf firefox.$CODENAME +-bzr branch https://code.launchpad.net/~mozillateam/firefox/firefox.$CODENAME +-cd firefox.$CODENAME +-bzr revert -r$REVISION +-echo '3.0 (native)' > debian/source/format +- +-for PATCH in ubuntu-bookmarks.patch ubuntu-ua-string-changes.patch unity-menubar.patch ubuntu-search-defaults.patch fix-make-package-tests-without-webrtc.patch revert-upstream-search-engine-changes.patch +-do +- rm debian/patches/$PATCH +- sed "/$PATCH/d" -i debian/patches/series +-done +-sed "/test-/d" -i debian/patches/series +-cd .. +- +-mv firefox.$CODENAME/debian $SOURCEDIR +-rm -rf firefox.$CODENAME ++# rm -rf firefox.$CODENAME ++# bzr branch https://code.launchpad.net/~mozillateam/firefox/firefox.$CODENAME ++# cd firefox.$CODENAME ++# bzr revert -r$REVISION ++# echo '3.0 (native)' > debian/source/format ++# ++# for PATCH in ubuntu-bookmarks.patch ubuntu-ua-string-changes.patch unity-menubar.patch ubuntu-search-defaults.patch fix-make-package-tests-without-webrtc.patch revert-upstream-search-engine-changes.patch ++# do ++# rm debian/patches/$PATCH ++# sed "/$PATCH/d" -i debian/patches/series ++# done ++# sed "/test-/d" -i debian/patches/series ++# cd .. ++# ++# mv firefox.$CODENAME/debian $SOURCEDIR ++# rm -rf firefox.$CODENAME + + ############################################################################### + # Retrieve l10n + ############################################################################### + +-mkdir l10n +-cd l10n +-while read line;do +- line=$(echo $line |cut -d' ' -f1) +- #[ $line = "es-ES" ] || continue # To speed up testing +- [ $line = "en-US" ] && continue +- hg clone https://hg.mozilla.org/l10n-central/$line +- mkdir -p $line/browser/chrome/browser/preferences +- touch $line/browser/chrome/browser/preferences/advanced-scripts.dtd +- rm -rf $line/.hg* +-done < ../$SOURCEDIR/browser/locales/shipped-locales +-cd .. +- +-mv l10n $SOURCEDIR +- +-hg clone http://hg.mozilla.org/l10n/compare-locales/ +-cd compare-locales/ +-hg checkout RELEASE_3_3_0 +-cd .. +-rm compare-locales/.hg* compare-locales/.git* -rf +-mv compare-locales $SOURCEDIR/l10n ++# mkdir l10n ++# cd l10n ++# while read line;do ++# line=$(echo $line |cut -d' ' -f1) ++# #[ $line = "es-ES" ] || continue # To speed up testing ++# [ $line = "en-US" ] && continue ++# hg clone https://hg.mozilla.org/l10n-central/$line ++# mkdir -p $line/browser/chrome/browser/preferences ++# touch $line/browser/chrome/browser/preferences/advanced-scripts.dtd ++# rm -rf $line/.hg* ++# done < ../$SOURCEDIR/browser/locales/shipped-locales ++# cd .. ++# ++# mv l10n $SOURCEDIR ++# ++# hg clone http://hg.mozilla.org/l10n/compare-locales/ ++# cd compare-locales/ ++# hg checkout RELEASE_3_3_0 ++# cd .. ++# rm compare-locales/.hg* compare-locales/.git* -rf ++# mv compare-locales $SOURCEDIR/l10n + + ####################################################### + +-cd $SOURCEDIR ++# cd $SOURCEDIR + + #for patch in $DATA/patches/*; do + # echo Patching with file: $patch +@@ -720,7 +720,7 @@ debian/rules debian/control + touch -d "yesterday" debian/control + debian/rules debian/control + +-echo | dch -b -D stable -v "$ICECATVERSION" "Converted into IceCat (http://www.gnu.org/software/gnuzilla/)" ++# echo | dch -b -D stable -v "$ICECATVERSION" "Converted into IceCat (http://www.gnu.org/software/gnuzilla/)" + sed "1s/firefox/icecat/" -i debian/changelog + + touch configure js/src/configure +@@ -734,6 +734,6 @@ sed 's/777/755/;' -i toolkit/crashreporter/google-breakpad/Makefile.in + /bin/sed 's/chmod a+w/chmod u+w/' -i ./js/src/ctypes/libffi/Makefile.in ./toolkit/crashreporter/google-breakpad/Makefile.in ./toolkit/crashreporter/google-breakpad/src/third_party/glog/Makefile.in || true + + +-cd .. +-echo Packaging tarball +-tar cfj icecat-$ICECATVERSION.tar.bz2 $SOURCEDIR ++# cd .. ++# echo Packaging tarball ++# tar cfj icecat-$ICECATVERSION.tar.bz2 $SOURCEDIR -- cgit v1.2.3 From 24886c13892551f164aef20375939fc4e85942ab Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Tue, 29 Jan 2019 21:21:20 -0500 Subject: gnu: icecat: Update to 60.5.0-guix1 [security-fixes]. Includes fixes for CVE-2018-18500, CVE-2018-18501, and CVE-2018-18505. * gnu/packages/gnuzilla.scm (icecat): Update to 60.5.0-guix1. [version]: Use %icecat-version. [source]: Inherit from 'icecat-source'. Remove obsolete patches. * gnu/packages/patches/icecat-avoid-bundled-libraries.patch, gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch, gnu/packages/patches/icecat-use-system-media-libs.patch: Adapt to 60.5.0. --- gnu/packages/gnuzilla.scm | 50 ++----------- .../patches/icecat-avoid-bundled-libraries.patch | 16 ++-- .../icecat-use-system-graphite2+harfbuzz.patch | 50 ++++++------- .../patches/icecat-use-system-media-libs.patch | 87 +++++++++++----------- 4 files changed, 81 insertions(+), 122 deletions(-) (limited to 'gnu/packages/patches') diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 8f400dc74d..6e9e6fdc2a 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -735,53 +735,13 @@ from forcing GEXP-PROMISE." (define-public icecat (package (name "icecat") - (version "60.3.0-gnu1") + (version %icecat-version) (source (origin - (method url-fetch) - (uri (string-append "mirror://gnu/gnuzilla/" - (first (string-split version #\-)) - "/" name "-" version ".tar.bz2")) - (sha256 - (base32 - "0icnl64nxcyf7dprpdpygxhabsvyhps8c3ixysj9bcdlj9q34ib1")) - (patches - (list - (search-patch "icecat-avoid-bundled-libraries.patch") - (search-patch "icecat-use-system-graphite2+harfbuzz.patch") - (search-patch "icecat-use-system-media-libs.patch") - (mozilla-patch "icecat-bug-1464061.patch" "d28761dbff18" "1f58rzwx4s1af66fdwn9lgkcd1ksmq8kn8imvf78p90jqi24h7b4") - (mozilla-patch "icecat-bug-1479853.patch" "4faeb696dd06" "12891xx9c15s6kby6d3zk64v5nqgaq7sw597zv1fkd3a6x69hlva") - (mozilla-patch "icecat-CVE-2018-17466.patch" "12ba39f69876" "1piyq44f0xa0a9z2748aqwpaziaxwp61d86gyhalbyag8lcxfb3p") - (mozilla-patch "icecat-CVE-2018-18498.patch" "a0adabeedf26" "0f5wazha3zxzhy2j8f93hx62l9p02b1p40vi07qah3ar67h4ccj9") - (mozilla-patch "icecat-CVE-2018-12405-pt01.patch" "19604eb26230" "1wqxgph4z14ijhk2j2m4av5p6gx72d02lzz83q6yy0k065kw8psb") - (mozilla-patch "icecat-CVE-2018-18492.patch" "98737ab09270" "0fyl6wv0jxcxpkfpsff46y93k49n8lrw0k7c1p45g8da015dx27a") - (mozilla-patch "icecat-CVE-2018-18493.patch" "1cf7d80355d5" "19jp4x32vyxam54d1r9fm7jwf6krhhf3xazfqmxb9aw4iwdil7dl") - (mozilla-patch "icecat-CVE-2018-12405-pt02.patch" "c264774b8913" "1hxyi131x8jwawrq90cgkph833iv9ixrdrgzl1r978gbzwq10xz2") - (mozilla-patch "icecat-bug-1477773.patch" "ec13fda7c9b0" "0zj7aylgw55g0y7plaafn5gq8jwcsdr1bpdxacs0hq914nm8zy9z") - (mozilla-patch "icecat-CVE-2018-12405-pt03.patch" "5e1a9644aeef" "1qimrpgyrd8zkiri7w57j0aymk20y9b34am5w7rvr6qj1lhrbfla") - (mozilla-patch "icecat-bug-1485655.patch" "9055726e2d89" "1pppxr94zqh6zmi2mn1ih21qap09vk5ivbhnwxqr8iszvygjg44g") - (mozilla-patch "icecat-bug-1410214.patch" "9e641345e2ef" "0542xss2jdb8drh4g50cfy32l300x69dyywgx3dqs03vgr3qplxy") - (mozilla-patch "icecat-CVE-2018-12405-pt04.patch" "6398541ec302" "1c2yi7mkg3d5afxsgj9fp3zq8yhkmphrll5d60d5xsdv88kqqiyf") - (mozilla-patch "icecat-bug-1496736.patch" "3bed863ee656" "038k7jk3yp16410crwfdvhyb2vis49c6bplrfr83v51885cqldar") - (mozilla-patch "icecat-bug-1498765.patch" "a08c8493ba19" "0bwg4vg03j962lb9q8ihpiy4rmygykf1q9ij8x7h34q7hg43yjya") - (mozilla-patch "icecat-CVE-2018-12405-pt05.patch" "ee204e26690e" "1scs45xhlr1mwv6x2q6n22363f42by8cjmifqwzlikggs21f5mcq") - (mozilla-patch "icecat-bug-1507035.patch" "cec8b58ab3fe" "1f131ibpkrhsa44l822hnm5qgvapbs3i9pj25iimdwvr933winz8") - (mozilla-patch "icecat-bug-1501680.patch" "282c6bb81562" "1zgw7l5zmni8468y3f6cip1nlw63cfdd9vv9b00cbrgy96d1q2cp") - (mozilla-patch "icecat-bug-1500310.patch" "b3a439a26186" "0mrjxcmrlv04fyl36dwxk97dw08g2hlikvw2hfa1l0y8zsc4bgw8") - (mozilla-patch "icecat-bug-1500366.patch" "abd59256c4e3" "1jgwh2v4kwb6kf2h7mwf128w1k1jj119bfhlgqpmn9ami35wpzf3") - (mozilla-patch "icecat-bug-1493080.patch" "a7cabf306d05" "1n7wv67rcaz8wj31jc77ssjdj3kb61gdg7pigj828c5z2cgns1k5") - (mozilla-patch "icecat-CVE-2018-12405-pt06.patch" "8bbf80948b50" "1nvc69zgz9nvbw1pwxkil1fx4cxxpr6bsjrpp6l2kv7jhgax1bqk") - (mozilla-patch "icecat-bug-1507564.patch" "60619cc47b10" "09fanqr08kqgraw4xp7y2az4jc7ia8nn200rqjfj20vmkyjz97j3") - (mozilla-patch "icecat-bug-1507730.patch" "dd0f01818b9c" "14ziq1bm72n58xrvsgzpjj5z6ifpvi70r5jfhbkbj69mf4y4cx2z") - (mozilla-patch "icecat-CVE-2018-12405-pt07.patch" "a73a46ddc848" "1bvvyav3xyn6rgn6haicinxn0dasl9dyc1i37fyb7wr5wcpahybs") - (mozilla-patch "icecat-CVE-2018-18494.patch" "a72ec8e21577" "095zghmwdcbaid5426p9vpl757d8sfbsvgn201bjm7nhm03m4z7i") - (mozilla-patch "icecat-CVE-2018-12405-pt08.patch" "b6d0fc61fd0b" "0059avawxi4s4747plybjsjq8j2h4z7amw05p28xyg95a2njwnaa") - (mozilla-patch "icecat-bug-1499028.patch" "a62ede2dd3bc" "0ikmnibni8bdvpr9p42wskyyic08vzqdz5qr028bqzyg5119gily") - (mozilla-patch "icecat-bug-1426574.patch" "0db86656655b" "0kmccb4ccdzbzncwklx7w1bg7r61zwl2wnfp67vl27hm9xykbck7") - (mozilla-patch "icecat-CVE-2018-12405-pt09.patch" "20e31905de62" "0b5a441645wy3q4asaygvdq0inrxmxrh33cpgdp6ngflq9p2i6h0") - (mozilla-patch "icecat-CVE-2018-12405-pt10.patch" "c2832f98fe51" "0b4jfjfdyrihwjdfavd54hn9kdg2f017lmfr7mj2llp71flxwwj7") - (mozilla-patch "icecat-bug-1511495.patch" "d428d2b8f585" "1f9xs0bjhbphvkv60cnvz34sr2rv38jzvi47wh3nablg41yjpdrk"))) + (inherit icecat-source) + (patches (search-patches "icecat-avoid-bundled-libraries.patch" + "icecat-use-system-graphite2+harfbuzz.patch" + "icecat-use-system-media-libs.patch")) (modules '((guix build utils))) (snippet '(begin diff --git a/gnu/packages/patches/icecat-avoid-bundled-libraries.patch b/gnu/packages/patches/icecat-avoid-bundled-libraries.patch index 33203b1a33..d9a7dfe550 100644 --- a/gnu/packages/patches/icecat-avoid-bundled-libraries.patch +++ b/gnu/packages/patches/icecat-avoid-bundled-libraries.patch @@ -1,7 +1,7 @@ Fixes needed when avoiding bundled libraries. ---- icecat-60.2.0/xpcom/build/moz.build.orig 2018-09-13 17:46:49.000000000 -0400 -+++ icecat-60.2.0/xpcom/build/moz.build 2018-09-22 04:26:50.659564554 -0400 +--- icecat-60.5.0/xpcom/build/moz.build.orig 2018-09-13 17:46:49.000000000 -0400 ++++ icecat-60.5.0/xpcom/build/moz.build 2018-09-22 04:26:50.659564554 -0400 @@ -99,10 +99,5 @@ '/docshell/base', ] @@ -13,8 +13,8 @@ Fixes needed when avoiding bundled libraries. - if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': CXXFLAGS += CONFIG['TK_CFLAGS'] ---- icecat-60.2.0/storage/moz.build.orig 2018-09-13 17:51:11.000000000 -0400 -+++ icecat-60.2.0/storage/moz.build 2018-09-22 04:26:50.659564554 -0400 +--- icecat-60.5.0/storage/moz.build.orig 2018-09-13 17:51:11.000000000 -0400 ++++ icecat-60.5.0/storage/moz.build 2018-09-22 04:26:50.659564554 -0400 @@ -117,7 +117,6 @@ DEFINES['MOZ_MEMORY_TEMP_STORE_PRAGMA'] = True @@ -23,8 +23,8 @@ Fixes needed when avoiding bundled libraries. '/dom/base', ] ---- icecat-60.2.0/dom/indexedDB/moz.build.orig 2018-09-13 17:49:42.000000000 -0400 -+++ icecat-60.2.0/dom/indexedDB/moz.build 2018-09-22 04:26:50.663564574 -0400 +--- icecat-60.5.0/dom/indexedDB/moz.build.orig 2018-09-13 17:49:42.000000000 -0400 ++++ icecat-60.5.0/dom/indexedDB/moz.build 2018-09-22 04:26:50.663564574 -0400 @@ -102,7 +102,6 @@ CXXFLAGS += ['-Wno-error=shadow'] @@ -33,8 +33,8 @@ Fixes needed when avoiding bundled libraries. '/dom/base', '/dom/storage', '/ipc/glue', ---- icecat-60.2.0/media/webrtc/trunk/webrtc/base/rtc_task_queue_gn/moz.build.orig 2018-09-13 17:40:54.000000000 -0400 -+++ icecat-60.2.0/media/webrtc/trunk/webrtc/base/rtc_task_queue_gn/moz.build 2018-09-23 21:33:12.319975105 -0400 +--- icecat-60.5.0/media/webrtc/trunk/webrtc/base/rtc_task_queue_gn/moz.build.orig 2018-09-13 17:40:54.000000000 -0400 ++++ icecat-60.5.0/media/webrtc/trunk/webrtc/base/rtc_task_queue_gn/moz.build 2018-09-23 21:33:12.319975105 -0400 @@ -130,11 +130,6 @@ DEFINES["WEBRTC_POSIX"] = True DEFINES["_FILE_OFFSET_BITS"] = "64" diff --git a/gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch b/gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch index 94c211b797..776b5f3d9a 100644 --- a/gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch +++ b/gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch @@ -4,8 +4,8 @@ Based on: https://svnweb.freebsd.org/ports/head/www/firefox-esr/files/patch-bug847568?revision=472833&view=co Modified for use with patch -p1, and to apply cleanly to GNU IceCat. ---- icecat-60.2.0/config/system-headers.mozbuild -+++ icecat-60.2.0/config/system-headers.mozbuild +--- icecat-60.5.0/config/system-headers.mozbuild ++++ icecat-60.5.0/config/system-headers.mozbuild @@ -1311,6 +1311,19 @@ 'pixman.h', ] @@ -26,8 +26,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. if CONFIG['MOZ_SYSTEM_LIBVPX']: system_headers += [ 'vpx_mem/vpx_mem.h', ---- icecat-60.2.0/dom/base/moz.build -+++ icecat-60.2.0/dom/base/moz.build +--- icecat-60.5.0/dom/base/moz.build ++++ icecat-60.5.0/dom/base/moz.build @@ -474,6 +474,9 @@ if CONFIG['MOZ_X11']: CXXFLAGS += CONFIG['TK_CFLAGS'] @@ -38,8 +38,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. GENERATED_FILES += [ 'PropertyUseCounterMap.inc', 'UseCounterList.h', ---- icecat-60.2.0/gfx/graphite2/moz-gr-update.sh -+++ icecat-60.2.0/gfx/graphite2/moz-gr-update.sh +--- icecat-60.5.0/gfx/graphite2/moz-gr-update.sh ++++ icecat-60.5.0/gfx/graphite2/moz-gr-update.sh @@ -1,6 +1,7 @@ #!/bin/bash @@ -66,8 +66,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. echo echo If gfx/graphite2/src/files.mk has changed, please make corresponding ---- icecat-60.2.0/gfx/moz.build -+++ icecat-60.2.0/gfx/moz.build +--- icecat-60.5.0/gfx/moz.build ++++ icecat-60.5.0/gfx/moz.build @@ -10,6 +10,12 @@ with Files('**'): if CONFIG['MOZ_TREE_CAIRO']: DIRS += ['cairo'] @@ -90,8 +90,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. 'ots/src', 'thebes', 'ipc', ---- icecat-60.2.0/gfx/skia/generate_mozbuild.py -+++ icecat-60.2.0/gfx/skia/generate_mozbuild.py +--- icecat-60.5.0/gfx/skia/generate_mozbuild.py ++++ icecat-60.5.0/gfx/skia/generate_mozbuild.py @@ -148,6 +148,9 @@ '-Wno-unused-private-field', ] @@ -102,8 +102,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('gtk3', 'android'): CXXFLAGS += CONFIG['MOZ_CAIRO_CFLAGS'] CXXFLAGS += CONFIG['CAIRO_FT_CFLAGS'] ---- icecat-60.2.0/gfx/skia/moz.build -+++ icecat-60.2.0/gfx/skia/moz.build +--- icecat-60.5.0/gfx/skia/moz.build ++++ icecat-60.5.0/gfx/skia/moz.build @@ -822,6 +822,9 @@ '-Wno-unused-private-field', ] @@ -114,8 +114,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('gtk3', 'android'): CXXFLAGS += CONFIG['MOZ_CAIRO_CFLAGS'] CXXFLAGS += CONFIG['CAIRO_FT_CFLAGS'] ---- icecat-60.2.0/gfx/thebes/moz.build -+++ icecat-60.2.0/gfx/thebes/moz.build +--- icecat-60.5.0/gfx/thebes/moz.build ++++ icecat-60.5.0/gfx/thebes/moz.build @@ -272,7 +272,13 @@ LOCAL_INCLUDES += CONFIG['SKIA_INCLUDES'] @@ -131,8 +131,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. if CONFIG['CC_TYPE'] == 'clang': # Suppress warnings from Skia header files. ---- icecat-60.2.0/intl/unicharutil/util/moz.build -+++ icecat-60.2.0/intl/unicharutil/util/moz.build +--- icecat-60.5.0/intl/unicharutil/util/moz.build ++++ icecat-60.5.0/intl/unicharutil/util/moz.build @@ -25,4 +25,7 @@ UNIFIED_SOURCES += [ 'nsUnicodeProperties.cpp', ] @@ -141,8 +141,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. + CXXFLAGS += CONFIG['MOZ_HARFBUZZ_CFLAGS'] + FINAL_LIBRARY = 'xul' ---- icecat-60.2.0/netwerk/dns/moz.build -+++ icecat-60.2.0/netwerk/dns/moz.build +--- icecat-60.5.0/netwerk/dns/moz.build ++++ icecat-60.5.0/netwerk/dns/moz.build @@ -76,3 +76,6 @@ if CONFIG['CC_TYPE'] in ('clang', 'gcc'): @@ -150,9 +150,9 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. + +if CONFIG['MOZ_SYSTEM_HARFBUZZ']: + CXXFLAGS += CONFIG['MOZ_HARFBUZZ_CFLAGS'] ---- icecat-60.2.0/old-configure.in -+++ icecat-60.2.0/old-configure.in -@@ -3995,6 +3995,27 @@ +--- icecat-60.5.0/old-configure.in ++++ icecat-60.5.0/old-configure.in +@@ -3971,6 +3971,27 @@ AC_SUBST(MOZ_LINUX_32_SSE2_STARTUP_ERROR) dnl ======================================================== @@ -180,8 +180,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. dnl Check for pixman and cairo dnl ======================================================== ---- icecat-60.2.0/toolkit/library/moz.build -+++ icecat-60.2.0/toolkit/library/moz.build +--- icecat-60.5.0/toolkit/library/moz.build ++++ icecat-60.5.0/toolkit/library/moz.build @@ -235,6 +235,12 @@ if CONFIG['MOZ_SYSTEM_PNG']: OS_LIBS += CONFIG['MOZ_PNG_LIBS'] @@ -195,8 +195,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. if CONFIG['MOZ_SYSTEM_HUNSPELL']: OS_LIBS += CONFIG['MOZ_HUNSPELL_LIBS'] ---- icecat-60.2.0/toolkit/moz.configure -+++ icecat-60.2.0/toolkit/moz.configure +--- icecat-60.5.0/toolkit/moz.configure ++++ icecat-60.5.0/toolkit/moz.configure @@ -1051,6 +1051,26 @@ add_old_configure_assignment('FT2_CFLAGS', ft2_info.cflags) diff --git a/gnu/packages/patches/icecat-use-system-media-libs.patch b/gnu/packages/patches/icecat-use-system-media-libs.patch index 648585a6f0..00c95fb82e 100644 --- a/gnu/packages/patches/icecat-use-system-media-libs.patch +++ b/gnu/packages/patches/icecat-use-system-media-libs.patch @@ -8,8 +8,8 @@ Changes to files within the bundled libraries are omitted, since those files are removed from Guix sources. Modified for use with patch -p1, and to apply cleanly to GNU IceCat. ---- icecat-60.2.0/build/moz.configure/old.configure -+++ icecat-60.2.0/build/moz.configure/old.configure +--- icecat-60.5.0/build/moz.configure/old.configure ++++ icecat-60.5.0/build/moz.configure/old.configure @@ -273,7 +273,12 @@ '--with-system-libvpx', '--with-system-nspr', @@ -23,8 +23,8 @@ cleanly to GNU IceCat. '--with-system-zlib', '--with-thumb', '--with-thumb-interwork', ---- icecat-60.2.0/config/external/moz.build -+++ icecat-60.2.0/config/external/moz.build +--- icecat-60.5.0/config/external/moz.build ++++ icecat-60.5.0/config/external/moz.build @@ -23,12 +23,21 @@ external_dirs += ['modules/xz-embedded'] @@ -61,8 +61,8 @@ cleanly to GNU IceCat. 'media/mp4parse-rust', 'media/psshparser' ] ---- icecat-60.2.0/config/system-headers.mozbuild -+++ icecat-60.2.0/config/system-headers.mozbuild +--- icecat-60.5.0/config/system-headers.mozbuild ++++ icecat-60.5.0/config/system-headers.mozbuild @@ -1324,6 +1324,28 @@ 'harfbuzz/hb.h', ] @@ -92,19 +92,19 @@ cleanly to GNU IceCat. if CONFIG['MOZ_SYSTEM_LIBVPX']: system_headers += [ 'vpx_mem/vpx_mem.h', ---- icecat-60.2.0/dom/media/AudioStream.cpp -+++ icecat-60.2.0/dom/media/AudioStream.cpp -@@ -121,7 +121,9 @@ - : mMonitor("AudioStream") - , mChannels(0) - , mOutChannels(0) +--- icecat-60.5.0/dom/media/AudioStream.cpp ++++ icecat-60.5.0/dom/media/AudioStream.cpp +@@ -128,7 +128,9 @@ + : mMonitor("AudioStream"), + mChannels(0), + mOutChannels(0), +#ifndef MOZ_SYSTEM_SOUNDTOUCH - , mTimeStretcher(nullptr) + mTimeStretcher(nullptr), +#endif - , mDumpFile(nullptr) - , mState(INITIALIZED) - , mDataSource(aSource) -@@ -142,9 +144,11 @@ + mDumpFile(nullptr), + mState(INITIALIZED), + mDataSource(aSource), +@@ -147,9 +149,11 @@ if (mDumpFile) { fclose(mDumpFile); } @@ -116,8 +116,8 @@ cleanly to GNU IceCat. #if defined(XP_WIN) if (XRE_IsContentProcess()) { audio::AudioNotificationReceiver::Unregister(this); -@@ -168,7 +172,11 @@ - { +@@ -170,7 +174,11 @@ + nsresult AudioStream::EnsureTimeStretcherInitializedUnlocked() { mMonitor.AssertCurrentThreadOwns(); if (!mTimeStretcher) { +#ifdef MOZ_SYSTEM_SOUNDTOUCH @@ -128,8 +128,8 @@ cleanly to GNU IceCat. mTimeStretcher->setSampleRate(mAudioClock.GetInputRate()); mTimeStretcher->setChannels(mOutChannels); mTimeStretcher->setPitch(1.0); ---- icecat-60.2.0/dom/media/AudioStream.h -+++ icecat-60.2.0/dom/media/AudioStream.h +--- icecat-60.5.0/dom/media/AudioStream.h ++++ icecat-60.5.0/dom/media/AudioStream.h @@ -15,7 +15,11 @@ #include "mozilla/TimeStamp.h" #include "mozilla/UniquePtr.h" @@ -142,7 +142,7 @@ cleanly to GNU IceCat. #if defined(XP_WIN) #include "mozilla/audio/AudioNotificationReceiver.h" -@@ -297,7 +301,11 @@ +@@ -293,7 +297,11 @@ uint32_t mChannels; uint32_t mOutChannels; AudioClock mAudioClock; @@ -154,8 +154,8 @@ cleanly to GNU IceCat. // Output file for dumping audio FILE* mDumpFile; ---- icecat-60.2.0/dom/media/moz.build -+++ icecat-60.2.0/dom/media/moz.build +--- icecat-60.5.0/dom/media/moz.build ++++ icecat-60.5.0/dom/media/moz.build @@ -327,6 +327,21 @@ DEFINES['MOZILLA_INTERNAL_API'] = True @@ -178,8 +178,8 @@ cleanly to GNU IceCat. if CONFIG['MOZ_ANDROID_HLS_SUPPORT']: DEFINES['MOZ_ANDROID_HLS_SUPPORT'] = True ---- icecat-60.2.0/dom/media/platforms/ffmpeg/ffvpx/FFVPXRuntimeLinker.cpp -+++ icecat-60.2.0/dom/media/platforms/ffmpeg/ffvpx/FFVPXRuntimeLinker.cpp +--- icecat-60.5.0/dom/media/platforms/ffmpeg/ffvpx/FFVPXRuntimeLinker.cpp ++++ icecat-60.5.0/dom/media/platforms/ffmpeg/ffvpx/FFVPXRuntimeLinker.cpp @@ -15,9 +15,13 @@ #include #endif @@ -194,7 +194,7 @@ cleanly to GNU IceCat. namespace mozilla { -@@ -64,6 +68,12 @@ +@@ -60,6 +64,12 @@ sLinkStatus = LinkStatus_FAILED; @@ -207,17 +207,17 @@ cleanly to GNU IceCat. // We retrieve the path of the lgpllibs library as this is where mozavcodec // and mozavutil libs are located. PathString lgpllibsname = GetLibraryName(nullptr, "lgpllibs"); -@@ -73,6 +83,7 @@ - PathString path = - GetLibraryFilePathname(lgpllibsname.get(), - (PRFuncPtr)&soundtouch::SoundTouch::getVersionId); +@@ -68,6 +78,7 @@ + } + PathString path = GetLibraryFilePathname( + lgpllibsname.get(), (PRFuncPtr)&soundtouch::SoundTouch::getVersionId); +#endif if (path.IsEmpty()) { return false; } ---- icecat-60.2.0/old-configure.in -+++ icecat-60.2.0/old-configure.in -@@ -2451,6 +2451,111 @@ +--- icecat-60.5.0/old-configure.in ++++ icecat-60.5.0/old-configure.in +@@ -2417,6 +2417,111 @@ fi fi # COMPILE_ENVIRONMENT @@ -329,8 +329,8 @@ cleanly to GNU IceCat. dnl system libvpx Support dnl ======================================================== MOZ_ARG_WITH_BOOL(system-libvpx, ---- icecat-60.2.0/toolkit/library/moz.build -+++ icecat-60.2.0/toolkit/library/moz.build +--- icecat-60.5.0/toolkit/library/moz.build ++++ icecat-60.5.0/toolkit/library/moz.build @@ -244,6 +244,21 @@ if CONFIG['MOZ_SYSTEM_HUNSPELL']: OS_LIBS += CONFIG['MOZ_HUNSPELL_LIBS'] @@ -353,9 +353,9 @@ cleanly to GNU IceCat. if CONFIG['MOZ_SYSTEM_LIBEVENT']: OS_LIBS += CONFIG['MOZ_LIBEVENT_LIBS'] ---- icecat-60.2.0/xpcom/build/XPCOMInit.cpp -+++ icecat-60.2.0/xpcom/build/XPCOMInit.cpp -@@ -138,7 +138,9 @@ +--- icecat-60.5.0/xpcom/build/XPCOMInit.cpp ++++ icecat-60.5.0/xpcom/build/XPCOMInit.cpp +@@ -139,7 +139,9 @@ #include "mozilla/ipc/GeckoChildProcessHost.h" @@ -365,16 +365,15 @@ cleanly to GNU IceCat. #if defined(MOZ_VPX) && !defined(MOZ_VPX_NO_MEM_REPORTING) #if defined(HAVE_STDINT_H) // mozilla-config.h defines HAVE_STDINT_H, and then it's defined *again* in -@@ -639,11 +641,13 @@ +@@ -635,10 +637,12 @@ // this oddness. mozilla::SetICUMemoryFunctions(); +#ifndef MOZ_OGG_NO_MEM_REPORTING // Do the same for libogg. - ogg_set_mem_functions(OggReporter::CountingMalloc, - OggReporter::CountingCalloc, - OggReporter::CountingRealloc, - OggReporter::CountingFree); + ogg_set_mem_functions( + OggReporter::CountingMalloc, OggReporter::CountingCalloc, + OggReporter::CountingRealloc, OggReporter::CountingFree); +#endif #if defined(MOZ_VPX) && !defined(MOZ_VPX_NO_MEM_REPORTING) -- cgit v1.2.3 From 11d19ca236c62ffdbb98a3a3580caf09cc37b6de Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 29 Jan 2019 14:57:29 -0500 Subject: gnu: QEMU: Fix CVE-2018-16872 and CVE-2019-6778. * gnu/packages/patches/qemu-CVE-2018-16872.patch, gnu/packages/patches/qemu-CVE-2019-6778.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/virtualization.scm (qemu)[source]: Use them. --- gnu/local.mk | 2 + gnu/packages/patches/qemu-CVE-2018-16872.patch | 88 ++++++++++++++++++++++++++ gnu/packages/patches/qemu-CVE-2019-6778.patch | 43 +++++++++++++ gnu/packages/virtualization.scm | 2 + 4 files changed, 135 insertions(+) create mode 100644 gnu/packages/patches/qemu-CVE-2018-16872.patch create mode 100644 gnu/packages/patches/qemu-CVE-2019-6778.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index c4b172f90e..459ff17e06 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1186,6 +1186,8 @@ dist_patch_DATA = \ %D%/packages/patches/python-unittest2-remove-argparse.patch \ %D%/packages/patches/python-waitress-fix-tests.patch \ %D%/packages/patches/qemu-glibc-2.27.patch \ + %D%/packages/patches/qemu-CVE-2018-16872.patch \ + %D%/packages/patches/qemu-CVE-2019-6778.patch \ %D%/packages/patches/qt4-ldflags.patch \ %D%/packages/patches/qtbase-use-TZDIR.patch \ %D%/packages/patches/qtscript-disable-tests.patch \ diff --git a/gnu/packages/patches/qemu-CVE-2018-16872.patch b/gnu/packages/patches/qemu-CVE-2018-16872.patch new file mode 100644 index 0000000000..094e823ee4 --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2018-16872.patch @@ -0,0 +1,88 @@ +Fixes CVE-2018-16872: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16872 + +Patch copied from upstream source repository: + +https://git.qemu.org/?p=qemu.git;a=commitdiff;h=bab9df35ce73d1c8e19a37e2737717ea1c984dc1 + +From bab9df35ce73d1c8e19a37e2737717ea1c984dc1 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Thu, 13 Dec 2018 13:25:11 +0100 +Subject: [PATCH] usb-mtp: use O_NOFOLLOW and O_CLOEXEC. + +Open files and directories with O_NOFOLLOW to avoid symlinks attacks. +While being at it also add O_CLOEXEC. + +usb-mtp only handles regular files and directories and ignores +everything else, so users should not see a difference. + +Because qemu ignores symlinks, carrying out a successful symlink attack +requires swapping an existing file or directory below rootdir for a +symlink and winning the race against the inotify notification to qemu. + +Fixes: CVE-2018-16872 +Cc: Prasad J Pandit +Cc: Bandan Das +Reported-by: Michael Hanselmann +Signed-off-by: Gerd Hoffmann +Reviewed-by: Michael Hanselmann +Message-id: 20181213122511.13853-1-kraxel@redhat.com +--- + hw/usb/dev-mtp.c | 13 +++++++++---- + 1 file changed, 9 insertions(+), 4 deletions(-) + +diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c +index 100b7171f4..36c43b8c20 100644 +--- a/hw/usb/dev-mtp.c ++++ b/hw/usb/dev-mtp.c +@@ -653,13 +653,18 @@ static void usb_mtp_object_readdir(MTPState *s, MTPObject *o) + { + struct dirent *entry; + DIR *dir; ++ int fd; + + if (o->have_children) { + return; + } + o->have_children = true; + +- dir = opendir(o->path); ++ fd = open(o->path, O_DIRECTORY | O_CLOEXEC | O_NOFOLLOW); ++ if (fd < 0) { ++ return; ++ } ++ dir = fdopendir(fd); + if (!dir) { + return; + } +@@ -1007,7 +1012,7 @@ static MTPData *usb_mtp_get_object(MTPState *s, MTPControl *c, + + trace_usb_mtp_op_get_object(s->dev.addr, o->handle, o->path); + +- d->fd = open(o->path, O_RDONLY); ++ d->fd = open(o->path, O_RDONLY | O_CLOEXEC | O_NOFOLLOW); + if (d->fd == -1) { + usb_mtp_data_free(d); + return NULL; +@@ -1031,7 +1036,7 @@ static MTPData *usb_mtp_get_partial_object(MTPState *s, MTPControl *c, + c->argv[1], c->argv[2]); + + d = usb_mtp_data_alloc(c); +- d->fd = open(o->path, O_RDONLY); ++ d->fd = open(o->path, O_RDONLY | O_CLOEXEC | O_NOFOLLOW); + if (d->fd == -1) { + usb_mtp_data_free(d); + return NULL; +@@ -1658,7 +1663,7 @@ static void usb_mtp_write_data(MTPState *s) + 0, 0, 0, 0); + goto done; + } +- d->fd = open(path, O_CREAT | O_WRONLY, mask); ++ d->fd = open(path, O_CREAT | O_WRONLY | O_CLOEXEC | O_NOFOLLOW, mask); + if (d->fd == -1) { + usb_mtp_queue_result(s, RES_STORE_FULL, d->trans, + 0, 0, 0, 0); +-- +2.20.1 + diff --git a/gnu/packages/patches/qemu-CVE-2019-6778.patch b/gnu/packages/patches/qemu-CVE-2019-6778.patch new file mode 100644 index 0000000000..315f2922da --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2019-6778.patch @@ -0,0 +1,43 @@ +Fixes CVE-2019-6778: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6778 + +Patch copied from upstream source repository: + +https://git.qemu.org/?p=qemu.git;a=commitdiff;h=a7104eda7dab99d0cdbd3595c211864cba415905 + +From a7104eda7dab99d0cdbd3595c211864cba415905 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Sun, 13 Jan 2019 23:29:48 +0530 +Subject: [PATCH] slirp: check data length while emulating ident function + +While emulating identification protocol, tcp_emu() does not check +available space in the 'sc_rcv->sb_data' buffer. It could lead to +heap buffer overflow issue. Add check to avoid it. + +Reported-by: Kira <864786842@qq.com> +Signed-off-by: Prasad J Pandit +Signed-off-by: Samuel Thibault +--- + slirp/tcp_subr.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/slirp/tcp_subr.c b/slirp/tcp_subr.c +index 4a9a5b5edc..23a841f26e 100644 +--- a/slirp/tcp_subr.c ++++ b/slirp/tcp_subr.c +@@ -634,6 +634,11 @@ tcp_emu(struct socket *so, struct mbuf *m) + socklen_t addrlen = sizeof(struct sockaddr_in); + struct sbuf *so_rcv = &so->so_rcv; + ++ if (m->m_len > so_rcv->sb_datalen ++ - (so_rcv->sb_wptr - so_rcv->sb_data)) { ++ return 1; ++ } ++ + memcpy(so_rcv->sb_wptr, m->m_data, m->m_len); + so_rcv->sb_wptr += m->m_len; + so_rcv->sb_rptr += m->m_len; +-- +2.20.1 + diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index d178a08413..e98e7eb09e 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -110,6 +110,8 @@ (method url-fetch) (uri (string-append "https://download.qemu.org/qemu-" version ".tar.xz")) + (patches (search-patches "qemu-CVE-2018-16872.patch" + "qemu-CVE-2019-6778.patch")) (sha256 (base32 "1z5bd5nfyjvhfi1s95labc82y4hjdjjkdabw931362ls0zghh1ba")))) -- cgit v1.2.3 From 39855bfef12c8ab66a29cc7d096c719187c71b56 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Mon, 28 Jan 2019 20:36:21 +0100 Subject: gnu: p11-kit: Update to 0.23.15. * gnu/packages/patches/p11-kit-jks-timestamps.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/tls.scm (p11-kit): Update to 0.23.15. [source](patches): New field. --- gnu/local.mk | 1 + gnu/packages/patches/p11-kit-jks-timestamps.patch | 42 +++++++++++++++++++++++ gnu/packages/tls.scm | 5 +-- 3 files changed, 46 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/p11-kit-jks-timestamps.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index bf2b2cb4e4..7481b39007 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1104,6 +1104,7 @@ dist_patch_DATA = \ %D%/packages/patches/osip-CVE-2017-7853.patch \ %D%/packages/patches/ots-no-include-missing-file.patch \ %D%/packages/patches/owncloud-disable-updatecheck.patch \ + %D%/packages/patches/p11-kit-jks-timestamps.patch \ %D%/packages/patches/p7zip-CVE-2016-9296.patch \ %D%/packages/patches/p7zip-CVE-2017-17969.patch \ %D%/packages/patches/p7zip-remove-unused-code.patch \ diff --git a/gnu/packages/patches/p11-kit-jks-timestamps.patch b/gnu/packages/patches/p11-kit-jks-timestamps.patch new file mode 100644 index 0000000000..8cb8ed8684 --- /dev/null +++ b/gnu/packages/patches/p11-kit-jks-timestamps.patch @@ -0,0 +1,42 @@ +Fix test failures induced by setting the SOURCE_DATE_EPOCH variable. + +Taken from upstream: . + +From 2a474e1fe8f4bd8b4ed7622e5cf3b2718a202562 Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Mon, 28 Jan 2019 13:03:15 +0100 +Subject: [PATCH] extract-jks: Prefer _p11_extract_jks_timestamp to + SOURCE_DATE_EPOCH + +Give _p11_extract_jks_timestamp precedence over SOURCE_DATE_EPOCH so +that the test results are not affected by the envvar settings. +--- + trust/extract-jks.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/trust/extract-jks.c b/trust/extract-jks.c +index ad8dc35..a6f855f 100644 +--- a/trust/extract-jks.c ++++ b/trust/extract-jks.c +@@ -250,7 +250,9 @@ prepare_jks_buffer (p11_enumerate *ex, + * when this was this certificate was added to the keystore, however + * we don't have that information. Java uses time in milliseconds + */ +- { ++ if (_p11_extract_jks_timestamp) ++ now = _p11_extract_jks_timestamp; ++ else { + char *source_date_epoch; + source_date_epoch = secure_getenv ("SOURCE_DATE_EPOCH"); + if (source_date_epoch) { +@@ -276,9 +278,7 @@ prepare_jks_buffer (p11_enumerate *ex, + return false; + } + now = epoch; +- } else if (_p11_extract_jks_timestamp) +- now = _p11_extract_jks_timestamp; +- else ++ } else + now = time (NULL); + } + diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 864f55b2f8..84f71255fe 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -123,15 +123,16 @@ in intelligent transportation networks.") (define-public p11-kit (package (name "p11-kit") - (version "0.23.14") + (version "0.23.15") (source (origin (method url-fetch) (uri (string-append "https://github.com/p11-glue/p11-kit/releases/" "download/" version "/p11-kit-" version ".tar.gz")) + (patches (search-patches "p11-kit-jks-timestamps.patch")) (sha256 (base32 - "0w0dkq9388grbbn4bv2p55vy1j51f7nd9hzlc9gz4fbm4dnzmf8w")))) + "166pwj00cffv4qq4dvx0k53zka0b0r1fa0whc49007vsqyh3khgp")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) -- cgit v1.2.3