Commit graph

20966 commits

Author SHA1 Message Date
aszlig
8b4fae76b3 chromium: Build with NSS by default.
Hurray! This is the first time chromium is working with NSS _and_ is able to
verify certificates using the root certificates built in into NSS.

Optimally it would use certs from OPENSSL_X509_CERT_FILE, but at least it's
working, so let's add that at some later point.
2012-08-22 08:29:10 +02:00
aszlig
808108105d nss: Just delete files if includeTools is false.
Before, the entire directory was deleted and recreated, which fails if we want
to sign libraries (shlibsign is obviously deleted in that step as well), so we
delete everything but "nss-config" on postFixup.
2012-08-22 08:29:10 +02:00
aszlig
c672997dc6 nss: Remove redundant nss-config.in.
This file is already contained in nss-3.12.5-gentoo-fixups.diff, so we don't
need to do all that cruft twice.
2012-08-22 08:29:10 +02:00
aszlig
38a4d77665 nss: Fix referencePath to security modules.
This adds a patch from Debian, as they're already have security modules from NSS
in it's own library directory rather than /usr/lib{,64}/ and patch in loading of
libsoftokn as well.

The patch and our own fix of the patch (well, they hardcode Debian specific
stuff in there) ensures that SECMOD_AddNewModule() will find the right module
from the derivation's output path, so the built-in CA root certificates are
recognized and verified correctly.
2012-08-22 08:29:09 +02:00
aszlig
9e0aaf30aa nss: Sign libraries after striping.
Running NSS in FIPS mode is only possible if the libraries are signed correctly,
so we're doing this in the postFixup hook, to insure nothing gets altered after
that phase.

For more information about FIPS mode, please see:
https://developer.mozilla.org/en-US/docs/NSS/FIPS_Mode_-_an_explanation
2012-08-22 08:29:09 +02:00
aszlig
29fce94665 nss: Clean up build/make flags.
First of all, let's remove that redundant BUILD_OPT variable.

This variable already is in makeFlags, so we really don't want it to be lurking
around in the attribute set of the derivation, and it annoys me for being there
for days.

We now state build targets explicitly rather than relying on "nss_build_all".
This makes NSPR_CONFIG_STATUS and the touch of build_nspr stamp obsolete, as
only nss_build_all includes build_nspr.

In addition, we don't need the -lz hack anymore, as this has been fixed in
recent NSS versions, so we can completly remove the postBuild hook.

And while we're at it, we're removing those outdated build instructions as well,
especially because we don't and can't follow official building guidelines
anymore, as those are difficult to apply to Nix.
2012-08-22 08:29:09 +02:00
aszlig
5f4ca8ec18 nss: Add nss-pem module from fedora.
This is a compatibility module which adds suport for PEM certificates used by
OpenSSL and compatible libraries. The module gets built but isn't used at the
moment, so we're going to work on integration of it later.
2012-08-22 08:29:09 +02:00
aszlig
485dcc9152 nss: Build using system libsqlite.
Let's use system SQLite library, which makes sense anyway. More importantly
because it conflicts with the sqlite package, as NSS is building this as a
shared library aswell.
2012-08-22 08:29:09 +02:00
aszlig
0e768ba98d nss: Update NSS to version 3.13.6.
So to begin with fixing NSS let's get to the latest upstream release and start
fixing, so we won't carry around historic crap we then will throw away anyway.
2012-08-22 08:29:09 +02:00
Eelco Dolstra
d7fc07705a Add latest patchelf prerelease 2012-08-21 15:57:41 -04:00
Eelco Dolstra
e3605e7e76 Merge branch 'master' of github.com:NixOS/nixpkgs 2012-08-21 14:27:18 -04:00
Eelco Dolstra
dc2f0f6474 gdb: Update to 7.5 2012-08-21 14:27:00 -04:00
Ludovic Courtès
45ce8c915d libiconvOrNull: Fix libc check. 2012-08-21 16:58:55 +02:00
Ludovic Courtès
11602dad82 glib: Use libiconvOrNull' instead of libiconv'. 2012-08-21 15:53:43 +02:00
Ludovic Courtès
f959a26e33 stdenv: Fix typo. 2012-08-21 15:30:50 +02:00
Ludovic Courtès
d53cb937f5 libiconvOrNull: Do not use an external libiconv on glibc systems. 2012-08-21 15:29:37 +02:00
Ludovic Courtès
6adc5cedae stdenv: Add `isGlibc' function. 2012-08-21 15:29:07 +02:00
Eelco Dolstra
606e6acd6f postgresql: Update to latest versions
Fixes CVE-2012-3488, CVE-2012-3489.
2012-08-21 08:42:44 -04:00
Eelco Dolstra
8b6edfe78d polkit: Update to 0.105 and enable systemd (logind) support
There are even newer polkit releases, but they have a spidermonkey
dependency which I don't want to bother with right now.
2012-08-21 08:42:44 -04:00
Eelco Dolstra
ab3788b382 upower: Update to 0.9.18 and enable systemd support 2012-08-21 08:42:44 -04:00
Eelco Dolstra
6121046a1c systemd: Set the path to pkttyagent
This allows commands like "systemctl reboot" to ask for authentication
when run by mere mortals.
2012-08-21 08:42:44 -04:00
Eelco Dolstra
1dadeaeb18 man-pages: Update to 3.42 2012-08-21 08:42:44 -04:00
Eelco Dolstra
c557db2d5c nix: Update to 1.2pre2793_d950cfe
Necessary for systemd.
2012-08-21 08:42:44 -04:00
Mathijs Kwik
00fa89e41f pv: upgrade to 1.3.4 2012-08-21 12:38:44 +02:00
Mathijs Kwik
a5663aee4d emacs: add "sunrise commander" 2012-08-21 10:33:20 +02:00
Mathijs Kwik
85c88d473b emacs: add "rect-mark" 2012-08-21 10:33:06 +02:00
Mathijs Kwik
192b29181b linux-3.4: upgrade to 3.4.9
- aufs patch: upgrade to latest stable 3.4
2012-08-21 10:27:13 +02:00
Mathijs Kwik
6e9a6a5924 linux-3.3: upgrade to 3.3.8
- aufs patch: upgrade to latest stable 3.3
2012-08-21 10:26:44 +02:00
Shea Levy
265b8c565b gptfdisk: Bump 2012-08-20 22:22:02 -04:00
Shea Levy
1b2acb25e6 xclip: Bump 2012-08-20 16:36:10 -04:00
Peter Simons
970a326ebb bash-completion: automatically source any completion files that the user might have installed in ~/.nix-profile/etc/bash_completion.d 2012-08-20 16:36:20 +02:00
Eelco Dolstra
e91a4fb1e4 linux: Update to 3.2.28 2012-08-20 09:56:39 -04:00
Peter Simons
a886d4f2ab bash-completion: update to version 2.0
Please note that this update changes the directory structure quite a bit. In
particular, the file "/etc/bash_completion" no longer exists, which means that
shell code which relies on that path must be updated. I'll commit appropriate
changes for NixOS in a moment.
2012-08-20 10:34:56 +02:00
Peter Simons
7f8246c76e haskell-hlint: update to version 1.8.31 2012-08-20 10:34:56 +02:00
Peter Simons
2731fd220f haskell-threadmanager: update to version 0.1.5 2012-08-20 10:34:56 +02:00
Peter Simons
490f8c4382 haskell-tagsoup: update to version 0.12.7 2012-08-20 10:34:56 +02:00
Peter Simons
5e19db2ce5 haskell-semigroups: update to version 0.8.4 2012-08-20 10:34:56 +02:00
Peter Simons
439ba01f0a haskell-io-choice: update to version 0.0.2 2012-08-20 10:34:56 +02:00
Peter Simons
f3ad914481 haskell-hoogle: update to version 4.2.13 2012-08-20 10:34:55 +02:00
Peter Simons
2f187b26ac haskell-case-insensitive: update to version 0.4.0.3 2012-08-20 10:34:55 +02:00
Peter Simons
46d8125a70 haskell-MonadCatchIO-mtl: update to version 0.3.0.5 2012-08-20 10:34:55 +02:00
Peter Simons
2879d112b0 haskell-network: update to version 2.3.1.0 2012-08-20 10:34:54 +02:00
Peter Simons
08e09e4caf haskell-comonad: update to version 3.0.0.2 2012-08-20 10:34:54 +02:00
Ludovic Courtès
a5615adc97 gcc 4.7: Add `gcc47_debug'. 2012-08-20 10:15:42 +02:00
Ludovic Courtès
255c72ede6 gcc 4.5: Update to 4.5.4. 2012-08-20 10:15:17 +02:00
Eelco Dolstra
bccab0ff91 slim: Build with ConsoleKit support 2012-08-19 16:00:24 -04:00
Shea Levy
18bbb2fa5c Merge branch 'virtualbox-manual-kernel' of github.com:aszlig/nixpkgs
virtualbox: Fix build for manual kernel.

This should fix building VirtualBox against kernels made using the new
manual kernel configuration system.

This has been tested with the standard nixpkgs kernel as well.
2012-08-19 10:03:45 -04:00
Ludovic Courtès
0ac1cf106d gpsbabel: Update to 1.4.3. 2012-08-19 15:50:50 +02:00
aszlig
347e8c32a3 virtualbox: Remove unused variable $srcroot.
Thanks to @shlevy for mentioning this.
2012-08-19 09:02:16 +02:00
aszlig
0f9a5eb027 virtualbox: Add symbol versions to all modules.
Copy all symbol versions from the ones generated in the vboxdrv build.
2012-08-19 09:02:16 +02:00