Commit graph

187 commits

Author SHA1 Message Date
Vladimír Čunát
39c2b6452c
gnutls: respect NIX_SSL_CERT_FILE, same as our openssl
The patch should work fine, regardless of the Darwin patch being applied.
2019-04-22 16:43:45 +02:00
Daiderd Jordan
33e7d721b6
gnutls: remove 3.5.10
Nix packages are expected to honor NIX_SSL_CERT_FILE and this removes the
dependency on the framework while bootstrapping the stdenv.
(+ nitpick changes from vcunat)

The patch is based on c0eb46d346
2019-04-22 16:43:28 +02:00
Will Dietz
225b164cc3
gnutls: 3.6.6 -> 3.6.7, security!
https://lists.gnupg.org/pipermail/gnutls-help/2019-March/004497.html
Close #58437.
2019-03-28 11:58:27 +01:00
Jan Malakhovski
0df915c75c gnutls, gnutls-kdh: move defaults to package file 2019-02-03 15:33:26 +00:00
Will Dietz
4fe53f33a6 gnutls: drop comment, no longer needed 2019-01-27 14:59:58 -06:00
Will Dietz
5eca7642ad gnutls: 3.6.5 -> 3.6.6
"bug fix release on the stable branch"

https://lists.gnupg.org/pipermail/gnutls-help/2019-January/004484.html
2019-01-27 10:48:15 -06:00
Matthew Bauer
92f0f8dd68 Merge remote-tracking branch 'NixOS/master' into staging 2019-01-27 00:01:13 -05:00
Jörg Thalheim
b5c1deca8a
treewide: remove wkennington as maintainer
He prefers to contribute to his own nixpkgs fork triton.
Since he is still marked as maintainer in many packages
this leaves the wrong impression he still maintains those.
2019-01-26 10:05:32 +00:00
Vladimír Čunát
2ff530ec53
gnutls: 3.6.2 -> 3.6.5
No security problems have been published about 3.6.x so far,
but I'd certainly count the almost-transparent TLS 1.3 support
as a security improvement.
2019-01-21 17:54:34 +01:00
c0bw3b
0498ccd076 Treewide: use HTTPS on GNU domains
HTTP -> HTTPS for :
- http://gnu.org/
- http://www.gnu.org/
- http://elpa.gnu.org/
- http://lists.gnu.org/
- http://gcc.gnu.org/
- http://ftp.gnu.org/ (except in fetchurl mirrors)
- http://bugs.gnu.org/
2018-12-02 15:51:59 +01:00
volth
52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Matthew Bauer
9109a90479 treewide: remove some more gettext references 2018-03-22 16:50:14 -05:00
Frederik Rietdijk
4f08b0fbac Merge remote-tracking branch 'upstream/master' into HEAD 2018-02-26 10:50:18 +01:00
Jan Tojnar
a31d98f312
tree-wide: autorename gnome packages to use dashes 2018-02-25 17:41:16 +01:00
Tuomas Tynkkynen
54ac74c558 gnutls: 3.6.1 -> 3.6.2 2018-02-22 08:24:02 +02:00
Dylan Simon
85f81f5ef5 gnutls: fix (failing) p11-kit test
The p11-kit-trust test looks in /usr/lib for pkcs11 modules.  As a
result it is unnecessarily skipped on sandboxed builds, and fails on
unsandboxed builds with a system p11-kit.  Replace hard-coded /usr/lib
paths with pkg-config.
2018-01-27 12:39:02 -05:00
Vladimír Čunát
8b53b2ec2c
Merge branch 'master' into staging 2017-11-28 21:06:44 +01:00
Vladimír Čunát
e0368f5076
gnutls: use mirror://gnupg (fix #32147)
ftp.gnutls.org stopped working with curl; it's not clear yet why.
2017-11-28 20:43:56 +01:00
Vladimír Čunát
d70d5c9ddb
gnutls: force rebuild
If you have fixed-output derivation with correct hash but bad builder
on Hydra, it seems really difficult to restart it with a good builder.
2017-11-28 09:38:05 +01:00
Vladimír Čunát
7393665803
gnutls: fixup download URL after update
I'm sorry about that; I forgot 3.5 in there.
Still, I don't know why their ftp won't work well with curl;
wget is perfectly OK.
2017-11-28 07:58:08 +01:00
Vladimír Čunát
529c5c50b1
gnutls: 3.5.15 -> 3.6.1
No breaking changes expected, as the ABI is still 3.4.0.
2017-11-27 12:42:11 +01:00
Ben Gamari
3ed6239d6b gnutls: Don't run tests when cross-compiling 2017-10-27 20:32:25 -04:00
Tim Steinbach
5c66a4e221
gnutls: 3.5.14 -> 3.5.15 2017-09-02 13:18:47 -04:00
Daiderd Jordan
7960bbff14
gnutls: fix darwin build 2017-08-06 13:07:52 +02:00
Franz Pletz
3bb9954a6b
dns-root-data: init at 2017-06-16 2017-07-12 09:45:25 +02:00
Vladimír Čunát
febadbce3f
gnutls: bugfix 3.5.13 -> 3.5.14 2017-07-05 09:09:12 +02:00
Franz Pletz
cb59381eee
gnutls: remove dependency on unbound
Unbound is used for DANE support but this requires the unbound trust
anchor in /etc/unbound/root.key which we don't create in any NixOS
module.
2017-06-15 13:43:01 +02:00
Robin Gloster
4268eb5145
gnutls: remove unused parameter 2017-06-12 17:44:43 +02:00
Vladimír Čunát
9135c9f73a
gnutls: maintenance 3.5.12 -> 3.5.13
It contains a fix for DOS possibility in servers.
http://gnutls.org/security.html#GNUTLS-SA-2017-4
2017-06-07 08:56:05 +02:00
mimadrid
c68a241208
gnutls: 3.5.11 -> 3.5.12 2017-05-15 19:32:35 +02:00
Vladimír Čunát
42fd72091e
gnutls: use 3.5.10 on Darwin for now
This contains a revert of d6454e6a1.
2017-04-13 09:39:02 +02:00
Vladimír Čunát
d6454e6a15
gnutls: try to fix build on Darwin, after update 2017-04-11 03:39:47 +02:00
Vladimír Čunát
6d1374238f
gnutls: bugfix 3.5.10 -> 3.5.11 2017-04-10 17:53:54 +02:00
Vladimír Čunát
b264486cf1
gnutls: bugfix+security 3.5.9 -> 3.5.10
http://gnutls.org/security.html#GNUTLS-SA-2017-3
2017-03-13 10:28:53 +01:00
Vladimír Čunát
d6cff5783e
gnutls: drop -lunistring on Darwin as well
I didn't intend this substitution to be conditional; I looked wrong.
2017-02-22 17:44:06 +01:00
Vladimír Čunát
b17eb34203
gnutls: don't propagate -lunistring
This fixes systemd build.  Also put it into the generic expression,
as there's only one version in nixpkgs ATM.
2017-02-20 23:21:28 +01:00
Vladimír Čunát
0ff2179e0f
gnutls: use 3.5 and remove 3.4
3.4 branch detects support for getrandom() call during configure-time,
which gets picked up since glibc-2.25, and consequently it will fail
with older kernels during rutime.
2017-02-20 21:07:35 +01:00
Franz Pletz
1e65d0b9e9
gnutls: 3.5.8 -> 3.5.9
Bugfix release.
2017-02-15 09:35:28 +01:00
Lengyel Balázs
372cb3760e
Merge #17694: curl: add gnutlsSupport ? false
(incl. a nitpick change from vcunat)
2017-02-05 13:37:16 +01:00
Robin Gloster
aa686fe5c3
gnutls33: remove 2017-01-27 18:37:24 +01:00
Franz Pletz
85ac790666
gnutls35: 3.5.5 -> 3.5.8
Fixes the following security issues:

  * CVE-2017-5334
  * CVE-2017-5335
  * CVE-2017-5336
  * CVE-2017-5337

See https://www.gnutls.org/news.html#2017-01-09 for more information.
2017-01-11 06:47:36 +01:00
Franz Pletz
0e963d2563
gnutls33: 3.3.25 -> 3.3.26
Fixes the following security issues:

  * CVE-2017-5334
  * CVE-2017-5335
  * CVE-2017-5336
  * CVE-2017-5337

See https://www.gnutls.org/news.html#2017-01-09 for more information.
2017-01-11 06:47:35 +01:00
Franz Pletz
cc40fadf62
gnutls: 3.4.16 -> 3.4.17 2017-01-11 06:44:00 +01:00
Tim Steinbach
4db8ca39cf gnutls: 3.5.4 -> 3.5.5 2016-10-25 22:52:07 +02:00
Tim Steinbach
cfbcc0805e gnutls: 3.4.15 -> 3.4.16 2016-10-25 22:51:55 +02:00
Tim Steinbach
e99a81060f gnutls: 3.3.24 -> 3.3.25 2016-10-25 22:34:06 +02:00
Will Dietz
f2fdd1a813 gnutls: Build in parallel, cited problems were fixed upstream.
The systemkey problem was fixed in 3.4.15 [1].

The guileBindings issue was fixed 3 years ago, and is included
in all versions of gnutls we use today [2].

[1] 25d2f643c0
[2] 0d34b03f0e
2016-10-24 13:49:11 -05:00
Franz Pletz
e3107dc45d
gnutls: 3.5.3 -> 3.5.4 2016-09-19 00:58:53 +02:00
Franz Pletz
501f9096f6
gnutls: 3.4.14 -> 3.4.15 2016-09-19 00:58:53 +02:00
Eelco Dolstra
8172cd734c docdev -> devdoc
It's "developer documentation", not "documentation developer" after
all.
2016-09-01 11:07:23 +02:00