diff options
| author | Marius Bakke <mbakke@fastmail.com> | 2019-12-05 17:57:35 +0100 |
|---|---|---|
| committer | Marius Bakke <mbakke@fastmail.com> | 2019-12-05 17:57:35 +0100 |
| commit | 9d5aa009062a49bd035ae33e37f6562526e7d38c (patch) | |
| tree | 4ff2302863a5cf9f3cf604240ea793152156f532 /gnu/packages/patches | |
| parent | 60bd56c6d8368c23dcd97b26501771c82316fc8c (diff) | |
| parent | 2c2fc24b899d3286774f60405888718d98211213 (diff) | |
| download | guix-patches-9d5aa009062a49bd035ae33e37f6562526e7d38c.tar guix-patches-9d5aa009062a49bd035ae33e37f6562526e7d38c.tar.gz | |
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches')
46 files changed, 1596 insertions, 1059 deletions
diff --git a/gnu/packages/patches/elm-compiler-relax-glsl-bound.patch b/gnu/packages/patches/elm-compiler-relax-glsl-bound.patch deleted file mode 100644 index 3f8be810c2..0000000000 --- a/gnu/packages/patches/elm-compiler-relax-glsl-bound.patch +++ /dev/null @@ -1,19 +0,0 @@ -commit 4c649a5a270aba15cc6a3913c3ad51a293047f40 -Author: Rémi Lefèvre <rlefevre@gmail.com> -Date: Mon Sep 3 19:18:54 2018 +0200 - - update language-glsl maximum version - -diff --git a/elm.cabal b/elm.cabal -index 48aa84f0..464fe9d5 100644 ---- a/elm.cabal -+++ b/elm.cabal -@@ -246,7 +246,7 @@ Executable elm - http-client >= 0.5 && < 0.6, - http-client-tls >= 0.3 && < 0.4, - http-types >= 0.9 && < 1.0, -- language-glsl >= 0.0.2 && < 0.3, -+ language-glsl >= 0.0.2 && < 0.4, - logict, - mtl >= 2.2.1 && < 3, - network >= 2.4 && < 2.7, diff --git a/gnu/packages/patches/fcgi-2.4.0-gcc44-fixes.patch b/gnu/packages/patches/fcgi-2.4.0-gcc44-fixes.patch deleted file mode 100644 index 0f921b120b..0000000000 --- a/gnu/packages/patches/fcgi-2.4.0-gcc44-fixes.patch +++ /dev/null @@ -1,14 +0,0 @@ -Taken from http://pkgs.fedoraproject.org/cgit/rpms/fcgi.git/plain/fcgi-2.4.0-gcc44_fixes.patch. -Fixes compilation with GCC 4.4 and later. - -diff -up fcgi-2.4.0/libfcgi/fcgio.cpp.gcc44_fixes fcgi-2.4.0/libfcgi/fcgio.cpp ---- fcgi-2.4.0/libfcgi/fcgio.cpp.gcc44_fixes 2002-02-24 21:12:22.000000000 +0100 -+++ fcgi-2.4.0/libfcgi/fcgio.cpp 2009-02-15 11:35:18.000000000 +0100 -@@ -23,6 +23,7 @@ - #endif - - #include <limits.h> -+#include <cstdio> - #include "fcgio.h" - - using std::streambuf; diff --git a/gnu/packages/patches/fcgi-2.4.0-poll.patch b/gnu/packages/patches/fcgi-2.4.0-poll.patch deleted file mode 100644 index 73be6a0a08..0000000000 --- a/gnu/packages/patches/fcgi-2.4.0-poll.patch +++ /dev/null @@ -1,89 +0,0 @@ -Taken from http://pkgs.fedoraproject.org/cgit/rpms/fcgi.git/plain/fcgi-2.4.0-poll.patch -Fixes CVE-2012-6687. - -Author: Anton Kortunov <toshic.toshic@gmail.com> -Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libfcgi/+bug/933417 -Description: use poll in os_unix.c instead of select to avoid problem with > 1024 connections -Forwarded: yes, fastcgi-developers@mailman.fastcgi.com - -diff --git a/libfcgi/os_unix.c b/libfcgi/os_unix.c -index 73e6a7f..af35aee 100755 ---- a/libfcgi/os_unix.c -+++ b/libfcgi/os_unix.c -@@ -42,6 +42,7 @@ static const char rcsid[] = "$Id: os_unix.c,v 1.37 2002/03/05 19:14:49 robs Exp - #include <sys/time.h> - #include <sys/un.h> - #include <signal.h> -+#include <poll.h> - - #ifdef HAVE_NETDB_H - #include <netdb.h> -@@ -103,6 +104,9 @@ static int volatile maxFd = -1; - static int shutdownPending = FALSE; - static int shutdownNow = FALSE; - -+static int libfcgiOsClosePollTimeout = 2000; -+static int libfcgiIsAfUnixKeeperPollTimeout = 2000; -+ - void OS_ShutdownPending() - { - shutdownPending = TRUE; -@@ -168,6 +172,16 @@ int OS_LibInit(int stdioFds[3]) - if(libInitialized) - return 0; - -+ char *libfcgiOsClosePollTimeoutStr = getenv( "LIBFCGI_OS_CLOSE_POLL_TIMEOUT" ); -+ if(libfcgiOsClosePollTimeoutStr) { -+ libfcgiOsClosePollTimeout = atoi(libfcgiOsClosePollTimeoutStr); -+ } -+ -+ char *libfcgiIsAfUnixKeeperPollTimeoutStr = getenv( "LIBFCGI_IS_AF_UNIX_KEEPER_POLL_TIMEOUT" ); -+ if(libfcgiIsAfUnixKeeperPollTimeoutStr) { -+ libfcgiIsAfUnixKeeperPollTimeout = atoi(libfcgiIsAfUnixKeeperPollTimeoutStr); -+ } -+ - asyncIoTable = (AioInfo *)malloc(asyncIoTableSize * sizeof(AioInfo)); - if(asyncIoTable == NULL) { - errno = ENOMEM; -@@ -755,19 +769,16 @@ int OS_Close(int fd) - - if (shutdown(fd, 1) == 0) - { -- struct timeval tv; -- fd_set rfds; -+ struct pollfd pfd; - int rv; - char trash[1024]; - -- FD_ZERO(&rfds); -+ pfd.fd = fd; -+ pfd.events = POLLIN; - - do - { -- FD_SET(fd, &rfds); -- tv.tv_sec = 2; -- tv.tv_usec = 0; -- rv = select(fd + 1, &rfds, NULL, NULL, &tv); -+ rv = poll(&pfd, 1, libfcgiOsClosePollTimeout); - } - while (rv > 0 && read(fd, trash, sizeof(trash)) > 0); - } -@@ -1116,13 +1127,11 @@ static int is_reasonable_accept_errno (const int error) - */ - static int is_af_unix_keeper(const int fd) - { -- struct timeval tval = { READABLE_UNIX_FD_DROP_DEAD_TIMEVAL }; -- fd_set read_fds; -- -- FD_ZERO(&read_fds); -- FD_SET(fd, &read_fds); -+ struct pollfd pfd; -+ pfd.fd = fd; -+ pfd.events = POLLIN; - -- return select(fd + 1, &read_fds, NULL, NULL, &tval) >= 0 && FD_ISSET(fd, &read_fds); -+ return poll(&pfd, 1, libfcgiIsAfUnixKeeperPollTimeout) >= 0 && (pfd.revents & POLLIN); - } - - /* diff --git a/gnu/packages/patches/ghc-diff-swap-cover-args.patch b/gnu/packages/patches/ghc-diff-swap-cover-args.patch new file mode 100644 index 0000000000..724416ff7a --- /dev/null +++ b/gnu/packages/patches/ghc-diff-swap-cover-args.patch @@ -0,0 +1,20 @@ +The QuickCheck library swapped the order of the arguments of the 'cover' +function in version 2.12. Version 0.3.4 of the Diff library still uses +the old argument order. Swapping the argument order makes Diff work +with newer versions of QuickCheck. + +See <https://github.com/commercialhaskell/stackage/issues/4289> for the +upstream bug report. + +diff -ruN a/test/Test.hs b/test/Test.hs +--- a/test/Test.hs 2016-04-23 01:21:45.000000000 -0400 ++++ b/test/Test.hs 2019-11-01 19:13:04.590770903 -0400 +@@ -134,7 +134,7 @@ + prop_ppDiffR (DiffInput le ri) = + let haskDiff=ppDiff $ getGroupedDiff le ri + utilDiff= unsafePerformIO (runDiff (unlines le) (unlines ri)) +- in cover (haskDiff == utilDiff) 90 "exact match" $ ++ in cover 90 (haskDiff == utilDiff) "exact match" $ + classify (haskDiff == utilDiff) "exact match" + (div ((length haskDiff)*100) (length utilDiff) < 110) -- less than 10% bigger + where diff --git a/gnu/packages/patches/ghc-haddock-api-fix-haddock.patch b/gnu/packages/patches/ghc-haddock-api-fix-haddock.patch new file mode 100644 index 0000000000..927cb5b366 --- /dev/null +++ b/gnu/packages/patches/ghc-haddock-api-fix-haddock.patch @@ -0,0 +1,54 @@ +This patch is taken from upstream. It fixes documentation generation. +The patch has been lightly adapted to apply to the release tarball, but +the commit message was left untouched, so it refers to some changes not +included in the patch. + +From 0d9a81e20238a6b72f9f5c005f1f7e9cf05f6fb9 Mon Sep 17 00:00:00 2001 +From: Alec Theriault <alec.theriault@gmail.com> +Date: Sat, 27 Oct 2018 10:05:04 -0700 +Subject: [PATCH] Fix documentation in `haddock-api` (#957) + +* Fix misplaced Haddocks in Haddock itself + +Haddock should be able to generate documentation for 'haddock-api' +again. + +* Make CI check that documentation can be built. + +* Add back a doc that is OK +--- + .travis.yml | 3 +++ + haddock-api/src/Haddock/Backends/LaTeX.hs | 10 +++++----- + 2 files changed, 8 insertions(+), 5 deletions(-) + +diff --git a/src/Haddock/Backends/LaTeX.hs b/src/Haddock/Backends/LaTeX.hs +index 4e0e6eba..613c6deb 100644 +--- a/src/Haddock/Backends/LaTeX.hs ++++ b/src/Haddock/Backends/LaTeX.hs +@@ -243,8 +243,8 @@ ppDocGroup lev doc = sec lev <> braces doc + + -- | Given a declaration, extract out the names being declared + declNames :: LHsDecl DocNameI +- -> ( LaTeX -- ^ to print before each name in an export list +- , [DocName] -- ^ names being declared ++ -> ( LaTeX -- to print before each name in an export list ++ , [DocName] -- names being declared + ) + declNames (L _ decl) = case decl of + TyClD _ d -> (empty, [tcdName d]) +@@ -444,9 +444,9 @@ ppLPatSig doc docnames ty unicode + -- arguments as needed. + ppTypeOrFunSig :: HsType DocNameI + -> DocForDecl DocName -- ^ documentation +- -> ( LaTeX -- ^ first-line (no-argument docs only) +- , LaTeX -- ^ first-line (argument docs only) +- , LaTeX -- ^ type prefix (argument docs only) ++ -> ( LaTeX -- first-line (no-argument docs only) ++ , LaTeX -- first-line (argument docs only) ++ , LaTeX -- type prefix (argument docs only) + ) + -> Bool -- ^ unicode + -> LaTeX +-- +2.23.0 + diff --git a/gnu/packages/patches/ghc-haddock-library-unbundle.patch b/gnu/packages/patches/ghc-haddock-library-unbundle.patch deleted file mode 100644 index 0e8b548956..0000000000 --- a/gnu/packages/patches/ghc-haddock-library-unbundle.patch +++ /dev/null @@ -1,86 +0,0 @@ -This patch (inspired by Debian) allows ghc-haddock-library to use our -ghc-attoparsec package instead of using a bundled version. - ---- a/haddock-library.cabal 2018-09-01 01:22:18.676855884 -0400 -+++ b/haddock-library.cabal 2018-09-01 01:25:10.501150260 -0400 -@@ -10,7 +10,6 @@ - itself, see the ‘haddock’ package. - license: BSD3 - license-files: LICENSE -- vendor/attoparsec-0.13.1.0/LICENSE - maintainer: Alex Biehl <alexbiehl@gmail.com>, Simon Hengel <sol@typeful.net>, Mateusz Kowalczyk <fuuzetsu@fuuzetsu.co.uk> - homepage: http://www.haskell.org/haddock/ - bug-reports: https://github.com/haskell/haddock/issues -@@ -28,7 +27,6 @@ - , containers >= 0.4.2.1 && < 0.6 - , transformers >= 0.3.0 && < 0.6 - -- -- internal sub-lib - build-depends: attoparsec - - hs-source-dirs: src -@@ -49,42 +47,6 @@ - if impl(ghc >= 8.0) - ghc-options: -Wcompat -Wnoncanonical-monad-instances -Wnoncanonical-monadfail-instances - --library attoparsec -- default-language: Haskell2010 -- -- build-depends: -- base >= 4.5 && < 4.12 -- , bytestring >= 0.9.2.1 && < 0.11 -- , deepseq >= 1.3 && < 1.5 -- -- hs-source-dirs: vendor/attoparsec-0.13.1.0 -- -- -- NB: haddock-library needs only small part of lib:attoparsec -- -- internally, so we only bundle that subset here -- exposed-modules: -- Data.Attoparsec.ByteString -- Data.Attoparsec.ByteString.Char8 -- Data.Attoparsec.Combinator -- -- other-modules: -- Data.Attoparsec -- Data.Attoparsec.ByteString.Buffer -- Data.Attoparsec.ByteString.FastSet -- Data.Attoparsec.ByteString.Internal -- Data.Attoparsec.Internal -- Data.Attoparsec.Internal.Fhthagn -- Data.Attoparsec.Internal.Types -- Data.Attoparsec.Number -- -- ghc-options: -funbox-strict-fields -Wall -fwarn-tabs -O2 -- -- ghc-options: -Wall -- if impl(ghc >= 8.0) -- ghc-options: -Wcompat -Wnoncanonical-monad-instances -Wnoncanonical-monadfail-instances -- else -- build-depends: semigroups ^>= 0.18.3, fail ^>= 4.9.0.0 -- -- - test-suite spec - type: exitcode-stdio-1.0 - default-language: Haskell2010 -@@ -115,11 +77,10 @@ - , hspec ^>= 2.4.4 - , QuickCheck ^>= 2.11 - -- -- internal sub-lib - build-depends: attoparsec - - -- Versions for the dependencies below are transitively pinned by -- -- dependency on haddock-library:lib:attoparsec -+ -- dependency on attoparsec - build-depends: - base - , bytestring -@@ -146,7 +107,7 @@ - haddock-library - - -- Versions for the dependencies below are transitively pinned by -- -- dependency on haddock-library:lib:attoparsec -+ -- dependency on attoparsec - build-depends: - base - diff --git a/gnu/packages/patches/ghc-hpack-fix-tests.patch b/gnu/packages/patches/ghc-hpack-fix-tests.patch new file mode 100644 index 0000000000..19aa762174 --- /dev/null +++ b/gnu/packages/patches/ghc-hpack-fix-tests.patch @@ -0,0 +1,193 @@ +This patch is taken and adapted from upstream. It landed shortly after +the release of 0.31.2, and fixes eleven tests. The patch has been +lightly adapted to apply to the release tarball, but the commit message +was left untouched, so it refers to some changes not included in the +patch. + +From a8d9362d4b686074f698c04c20beea88587511a1 Mon Sep 17 00:00:00 2001 +From: quasicomputational <quasicomputational@gmail.com> +Date: Sat, 1 Jun 2019 15:11:31 +0100 +Subject: [PATCH] Make CI green (#345) + +* AppVeyor workaround for TMP issue + +https://github.com/commercialhaskell/stack/issues/3944 + +* Bump resolver to nightly-2018-12-12. + +This has the primary benefit of moving to GHC 8.6.3 and should fix +AppVeyor. + +* Add clock 0.8 as an extra-dep. + +* Adapt expected output to aeson 1.4.3.0. +--- + appveyor.yml | 3 +++ + hpack.cabal | 10 +++++----- + package.yaml | 2 +- + stack.yaml | 5 +++-- + test/Data/Aeson/Config/FromValueSpec.hs | 2 +- + test/Data/Aeson/Config/TypesSpec.hs | 2 +- + test/EndToEndSpec.hs | 8 ++++---- + test/Hpack/ConfigSpec.hs | 2 +- + test/Hpack/Syntax/DefaultsSpec.hs | 2 +- + test/Hpack/Syntax/DependenciesSpec.hs | 4 ++-- + 10 files changed, 22 insertions(+), 18 deletions(-) + +diff --git a/hpack.cabal b/hpack.cabal +index fedb9a8..4db3014 100644 +--- a/hpack.cabal ++++ b/hpack.cabal +@@ -1,10 +1,10 @@ + cabal-version: 1.12 + +--- This file has been generated from package.yaml by hpack version 0.31.0. ++-- This file has been generated from package.yaml by hpack version 0.31.2. + -- + -- see: https://github.com/sol/hpack + -- +--- hash: 3d060180293c32b8d0c25b710d0f419e96a6cc6ec3f95ac5e70bb77f44cbafc3 ++-- hash: bd5dd178c7e9f7f7a3456d79b592ea336c41ef43c9892354c001f06659e8b901 + + name: hpack + version: 0.31.2 +@@ -31,7 +31,7 @@ library + build-depends: + Cabal >=2.2 + , Glob >=0.9.0 +- , aeson >=1.2.1.0 ++ , aeson >=1.4.3.0 + , base >=4.9 && <5 + , bifunctors + , bytestring +@@ -87,7 +87,7 @@ executable hpack + build-depends: + Cabal >=2.2 + , Glob >=0.9.0 +- , aeson >=1.2.1.0 ++ , aeson >=1.4.3.0 + , base >=4.9 && <5 + , bifunctors + , bytestring +@@ -125,7 +125,7 @@ test-suite spec + , Glob >=0.9.0 + , HUnit >=1.6.0.0 + , QuickCheck +- , aeson >=1.2.1.0 ++ , aeson >=1.4.3.0 + , base >=4.9 && <5 + , bifunctors + , bytestring +diff --git a/test/Data/Aeson/Config/FromValueSpec.hs b/test/Data/Aeson/Config/FromValueSpec.hs +index 33de8b7..06b3eb9 100644 +--- a/test/Data/Aeson/Config/FromValueSpec.hs ++++ b/test/Data/Aeson/Config/FromValueSpec.hs +@@ -85,7 +85,7 @@ spec = do + [yaml| + name: "Joe" + age: "23" +- |] `shouldDecodeTo` left "Error while parsing $.age - expected Int, encountered String" ++ |] `shouldDecodeTo` left "Error while parsing $.age - parsing Int failed, expected Number, but encountered String" + + context "with (,)" $ do + it "captures unrecognized fields" $ do +diff --git a/test/Data/Aeson/Config/TypesSpec.hs b/test/Data/Aeson/Config/TypesSpec.hs +index c954534..472aa42 100644 +--- a/test/Data/Aeson/Config/TypesSpec.hs ++++ b/test/Data/Aeson/Config/TypesSpec.hs +@@ -13,7 +13,7 @@ spec = do + context "List" $ do + let + parseError :: String -> Result (List Int) +- parseError prefix = Left (prefix ++ " - expected Int, encountered String") ++ parseError prefix = Left (prefix ++ " - parsing Int failed, expected Number, but encountered String") + + context "when parsing single values" $ do + it "returns the value in a singleton list" $ do +diff --git a/test/EndToEndSpec.hs b/test/EndToEndSpec.hs +index 283c72c..46389ea 100644 +--- a/test/EndToEndSpec.hs ++++ b/test/EndToEndSpec.hs +@@ -285,7 +285,7 @@ spec = around_ (inTempDirectoryNamed "foo") $ do + path: defaults.yaml + ref: "2017" + library: {} +- |] `shouldFailWith` (file ++ ": Error while parsing $ - expected Object, encountered Array") ++ |] `shouldFailWith` (file ++ ": Error while parsing $ - expected Object, but encountered Array") + + it "warns on unknown fields" $ do + let file = joinPath ["defaults", "sol", "hpack-template", "2017", "defaults.yaml"] +@@ -340,7 +340,7 @@ spec = around_ (inTempDirectoryNamed "foo") $ do + it "rejects other values" $ do + [i| + version: {} +- |] `shouldFailWith` "package.yaml: Error while parsing $.version - expected Number or String, encountered Object" ++ |] `shouldFailWith` "package.yaml: Error while parsing $.version - expected Number or String, but encountered Object" + + describe "license" $ do + it "accepts cabal-style licenses" $ do +@@ -1363,14 +1363,14 @@ spec = around_ (inTempDirectoryNamed "foo") $ do + then: + dependencies: Win32 + else: null +- |] `shouldFailWith` "package.yaml: Error while parsing $.when.else - expected Object, encountered Null" ++ |] `shouldFailWith` "package.yaml: Error while parsing $.when.else - expected Object, but encountered Null" + + it "rejects invalid conditionals" $ do + [i| + dependencies: + - foo + - 23 +- |] `shouldFailWith` "package.yaml: Error while parsing $.dependencies[1] - expected Object or String, encountered Number" ++ |] `shouldFailWith` "package.yaml: Error while parsing $.dependencies[1] - expected Object or String, but encountered Number" + + it "warns on unknown fields" $ do + [i| +diff --git a/test/Hpack/ConfigSpec.hs b/test/Hpack/ConfigSpec.hs +index 9f4b279..69cbea1 100644 +--- a/test/Hpack/ConfigSpec.hs ++++ b/test/Hpack/ConfigSpec.hs +@@ -675,7 +675,7 @@ spec = do + it "rejects other values" $ do + [yaml| + 23 +- |] `shouldDecodeTo` (Left "Error while parsing $ - expected Boolean or String, encountered Number" :: Result Cond) ++ |] `shouldDecodeTo` (Left "Error while parsing $ - expected Boolean or String, but encountered Number" :: Result Cond) + + describe "formatOrList" $ do + it "formats a singleton list" $ do +diff --git a/test/Hpack/Syntax/DefaultsSpec.hs b/test/Hpack/Syntax/DefaultsSpec.hs +index 5875413..5438b7a 100644 +--- a/test/Hpack/Syntax/DefaultsSpec.hs ++++ b/test/Hpack/Syntax/DefaultsSpec.hs +@@ -151,4 +151,4 @@ spec = do + it "fails" $ do + [yaml| + 10 +- |] `shouldDecodeTo` left "Error while parsing $ - expected Object or String, encountered Number" ++ |] `shouldDecodeTo` left "Error while parsing $ - expected Object or String, but encountered Number" +diff --git a/test/Hpack/Syntax/DependenciesSpec.hs b/test/Hpack/Syntax/DependenciesSpec.hs +index 1a83732..d95044f 100644 +--- a/test/Hpack/Syntax/DependenciesSpec.hs ++++ b/test/Hpack/Syntax/DependenciesSpec.hs +@@ -125,7 +125,7 @@ spec = do + it "rejects invalid values" $ do + [yaml| + hpack: [] +- |] `shouldDecodeTo` left "Error while parsing $.hpack - expected Null, Object, Number, or String, encountered Array" ++ |] `shouldDecodeTo` left "Error while parsing $.hpack - expected Null, Object, Number, or String, but encountered Array" + + context "when the constraint is a Number" $ do + it "accepts 1" $ do +@@ -213,7 +213,7 @@ spec = do + [yaml| + foo: + version: {} +- |] `shouldDecodeTo` left "Error while parsing $.foo.version - expected Null, Number, or String, encountered Object" ++ |] `shouldDecodeTo` left "Error while parsing $.foo.version - expected Null, Number, or String, but encountered Object" + + it "accepts a string" $ do + [yaml| +-- +2.23.0 + diff --git a/gnu/packages/patches/ghc-microlens-aeson-fix-tests.patch b/gnu/packages/patches/ghc-microlens-aeson-fix-tests.patch new file mode 100644 index 0000000000..c1ef6a837c --- /dev/null +++ b/gnu/packages/patches/ghc-microlens-aeson-fix-tests.patch @@ -0,0 +1,27 @@ +This patch fixes the test suite to allow any order when listing the +members of a JSON object. Aeson (being true to the JSON specification) +does not specify an order for objects. In practice, the order depends +on your processor architecture. + +See <https://github.com/bos/aeson/issues/568> for a discussion resulting +in a similar patch fixing the Aeson tests. + +See <https://github.com/fosskers/microlens-aeson/issues/1> for the +upstream bug report. + +diff -ruN a/test/Test.hs b/test/Test.hs +--- a/test/Test.hs 2018-12-31 15:10:50.000000000 -0500 ++++ b/test/Test.hs 2019-11-08 01:34:07.419706831 -0500 +@@ -48,8 +48,10 @@ + , testCase "" $ ("{\"a\": {}, \"b\": null}" ^? key (T.pack "b") . _Object) @?= Nothing + , testCase "" $ ("{\"a\": 100, \"b\": 200}" ^? key (T.pack "a")) @?= Just (Number 100.0) + , testCase "" $ ("[1,2,3]" ^? key (T.pack "a")) @?= Nothing +- , testCase "" $ ("{\"a\": 4, \"b\": 7}" ^.. members) @?= [Number 4.0,Number 7.0] +- , testCase "" $ ("{\"a\": 4, \"b\": 7}" & members . _Number %~ (* 10)) @?= "{\"a\":40,\"b\":70}" ++ , testCase "" $ assertBool "" (let x = ("{\"a\": 4, \"b\": 7}" ^.. members) ++ in x == [Number 4.0,Number 7.0] || x == [Number 7.0,Number 4.0]) ++ , testCase "" $ assertBool "" (let x = ("{\"a\": 4, \"b\": 7}" & members . _Number %~ (* 10)) ++ in x == "{\"a\":40,\"b\":70}" || x == "{\"b\":70,\"a\":40}") + , testCase "" $ ("[1,2,3]" ^? nth 1) @?= Just (Number 2.0) + , testCase "" $ ("{\"a\": 100, \"b\": 200}" ^? nth 1) @?= Nothing + , testCase "" $ ("[1,2,3]" & nth 1 .~ Number 20) @?= "[1,20,3]" diff --git a/gnu/packages/patches/ghc-monad-par-fix-tests.patch b/gnu/packages/patches/ghc-monad-par-fix-tests.patch new file mode 100644 index 0000000000..d21a1e485c --- /dev/null +++ b/gnu/packages/patches/ghc-monad-par-fix-tests.patch @@ -0,0 +1,45 @@ +This patch is taken from upstream. It fixes a test to work with GHC 8.6. +The paths have been slightly altered to work with the release tarball. + +See <https://github.com/simonmar/monad-par/issues/66>. + +From e20f81c8060208e4fb038e8f0e0668b41d72a6fb Mon Sep 17 00:00:00 2001 +From: Clint Adams <clint@debian.org> +Date: Sat, 31 Aug 2019 14:12:34 -0400 +Subject: [PATCH] Use a case statement instead of pattern-matching in + case_test_diamond + +This avoids the need for a MonadFail instance. Closes #66 +--- + monad-par/tests/ParTests_shared.hs | 15 +++++++++------ + 1 file changed, 9 insertions(+), 6 deletions(-) + +diff --git a/tests/ParTests_shared.hs b/tests/ParTests_shared.hs +index 31f438d..b2de50c 100644 +--- a/tests/ParTests_shared.hs ++++ b/tests/ParTests_shared.hs +@@ -109,12 +109,15 @@ case_test_diamond :: Assertion + case_test_diamond = 9 @=? (m :: Int) + where + m = runPar $ do +- [a,b,c,d] <- sequence [new,new,new,new] +- fork $ do x <- get a; put b (x+1) +- fork $ do x <- get a; put c (x+2) +- fork $ do x <- get b; y <- get c; put d (x+y) +- fork $ do put a 3 +- get d ++ abcd <- sequence [new,new,new,new] ++ case abcd of ++ [a,b,c,d] -> do ++ fork $ do x <- get a; put b (x+1) ++ fork $ do x <- get a; put c (x+2) ++ fork $ do x <- get b; y <- get c; put d (x+y) ++ fork $ do put a 3 ++ get d ++ _ -> error "Oops" + + -- | Violate IVar single-assignment: + -- +-- +2.23.0 + diff --git a/gnu/packages/patches/ghc-pandoc-fix-html-tests.patch b/gnu/packages/patches/ghc-pandoc-fix-html-tests.patch new file mode 100644 index 0000000000..b624ff9e9e --- /dev/null +++ b/gnu/packages/patches/ghc-pandoc-fix-html-tests.patch @@ -0,0 +1,92 @@ +This patch is taken from upstream. It fixes two HTML tests that are broken +due to using a Skylighting version greater than or equal to 0.8.2. + +From 968d2046a3cb6db661673be580660ac402753c34 Mon Sep 17 00:00:00 2001 +From: John MacFarlane <jgm@berkeley.edu> +Date: Sun, 14 Jul 2019 10:48:14 -0700 +Subject: [PATCH] Update test for new skylighting. + +--- + test/lhs-test.html | 13 ++++++------- + test/lhs-test.html+lhs | 13 ++++++------- + 2 files changed, 12 insertions(+), 14 deletions(-) + +diff --git a/test/lhs-test.html b/test/lhs-test.html +index 6685555f4..446dd3d95 100644 +--- a/test/lhs-test.html ++++ b/test/lhs-test.html +@@ -12,19 +12,18 @@ + div.column{display: inline-block; vertical-align: top; width: 50%;} + </style> + <style> +-code.sourceCode > span { display: inline-block; line-height: 1.25; } ++pre > code.sourceCode { white-space: pre; position: relative; } ++pre > code.sourceCode > span { display: inline-block; line-height: 1.25; } ++pre > code.sourceCode > span:empty { height: 1.2em; } + code.sourceCode > span { color: inherit; text-decoration: inherit; } +-code.sourceCode > span:empty { height: 1.2em; } +-.sourceCode { overflow: visible; } +-code.sourceCode { white-space: pre; position: relative; } + div.sourceCode { margin: 1em 0; } + pre.sourceCode { margin: 0; } + @media screen { + div.sourceCode { overflow: auto; } + } + @media print { +-code.sourceCode { white-space: pre-wrap; } +-code.sourceCode > span { text-indent: -5em; padding-left: 5em; } ++pre > code.sourceCode { white-space: pre-wrap; } ++pre > code.sourceCode > span { text-indent: -5em; padding-left: 5em; } + } + pre.numberSource code + { counter-reset: source-line 0; } +@@ -44,7 +43,7 @@ pre.numberSource { margin-left: 3em; border-left: 1px solid #aaaaaa; padding-le + div.sourceCode + { } + @media screen { +-code.sourceCode > span > a:first-child::before { text-decoration: underline; } ++pre > code.sourceCode > span > a:first-child::before { text-decoration: underline; } + } + code span.al { color: #ff0000; font-weight: bold; } /* Alert */ + code span.an { color: #60a0b0; font-weight: bold; font-style: italic; } /* Annotation */ +diff --git a/test/lhs-test.html+lhs b/test/lhs-test.html+lhs +index e57dfc105..a5cdb0245 100644 +--- a/test/lhs-test.html+lhs ++++ b/test/lhs-test.html+lhs +@@ -12,19 +12,18 @@ + div.column{display: inline-block; vertical-align: top; width: 50%;} + </style> + <style> +-code.sourceCode > span { display: inline-block; line-height: 1.25; } ++pre > code.sourceCode { white-space: pre; position: relative; } ++pre > code.sourceCode > span { display: inline-block; line-height: 1.25; } ++pre > code.sourceCode > span:empty { height: 1.2em; } + code.sourceCode > span { color: inherit; text-decoration: inherit; } +-code.sourceCode > span:empty { height: 1.2em; } +-.sourceCode { overflow: visible; } +-code.sourceCode { white-space: pre; position: relative; } + div.sourceCode { margin: 1em 0; } + pre.sourceCode { margin: 0; } + @media screen { + div.sourceCode { overflow: auto; } + } + @media print { +-code.sourceCode { white-space: pre-wrap; } +-code.sourceCode > span { text-indent: -5em; padding-left: 5em; } ++pre > code.sourceCode { white-space: pre-wrap; } ++pre > code.sourceCode > span { text-indent: -5em; padding-left: 5em; } + } + pre.numberSource code + { counter-reset: source-line 0; } +@@ -44,7 +43,7 @@ pre.numberSource { margin-left: 3em; border-left: 1px solid #aaaaaa; padding-le + div.sourceCode + { } + @media screen { +-code.sourceCode > span > a:first-child::before { text-decoration: underline; } ++pre > code.sourceCode > span > a:first-child::before { text-decoration: underline; } + } + code span.al { color: #ff0000; font-weight: bold; } /* Alert */ + code span.an { color: #60a0b0; font-weight: bold; font-style: italic; } /* Annotation */ +-- +2.23.0 + diff --git a/gnu/packages/patches/ghc-pandoc-fix-latex-test.patch b/gnu/packages/patches/ghc-pandoc-fix-latex-test.patch new file mode 100644 index 0000000000..b38476882d --- /dev/null +++ b/gnu/packages/patches/ghc-pandoc-fix-latex-test.patch @@ -0,0 +1,31 @@ +This patch is taken from upstream. It fixes a LaTeX test that is broken due +to using a Skylighting version greater than or equal to 0.8.1.1. + +From 2cd1c7b30f200d18f1f1bdef1671369e1ad303ed Mon Sep 17 00:00:00 2001 +From: John MacFarlane <jgm@berkeley.edu> +Date: Thu, 13 Jun 2019 19:33:52 -0700 +Subject: [PATCH] Update test for skylighting 0.8.1.1. + +--- + test/lhs-test.latex | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/test/lhs-test.latex b/test/lhs-test.latex +index 0442db5ca..a456995a3 100644 +--- a/test/lhs-test.latex ++++ b/test/lhs-test.latex +@@ -94,9 +94,9 @@ return a single value: + + \begin{Shaded} + \begin{Highlighting}[] +-\OtherTok{unsplit ::}\NormalTok{ (}\DataTypeTok{Arrow}\NormalTok{ a) }\OtherTok{=>}\NormalTok{ (b }\OtherTok{->}\NormalTok{ c }\OtherTok{->}\NormalTok{ d) }\OtherTok{->}\NormalTok{ a (b, c) d} ++\OtherTok{unsplit ::}\NormalTok{ (}\DataTypeTok{Arrow}\NormalTok{ a) }\OtherTok{=>}\NormalTok{ (b }\OtherTok{{-}>}\NormalTok{ c }\OtherTok{{-}>}\NormalTok{ d) }\OtherTok{{-}>}\NormalTok{ a (b, c) d} + \NormalTok{unsplit }\OtherTok{=}\NormalTok{ arr }\OperatorTok{.} \FunctionTok{uncurry} +- \CommentTok{-- arr (\textbackslash{}op (x,y) -> x `op` y)} ++ \CommentTok{{-}{-} arr (\textbackslash{}op (x,y) {-}> x \textasciigrave{}op\textasciigrave{} y)} + \end{Highlighting} + \end{Shaded} + +-- +2.23.0 + diff --git a/gnu/packages/patches/gstreamer-buffer-reset-offset.patch b/gnu/packages/patches/gstreamer-buffer-reset-offset.patch deleted file mode 100644 index 024892a60f..0000000000 --- a/gnu/packages/patches/gstreamer-buffer-reset-offset.patch +++ /dev/null @@ -1,59 +0,0 @@ -Fix a buffer offset problem in GStreamer 1.16. Initially reported by Mark H. -Weaver in <https://lists.gnu.org/archive/html/guix-devel/2019-06/msg00140.html>. - -See also <https://gitlab.freedesktop.org/gstreamer/gstreamer/issues/316>. - -From 1734c9fc1a4f99b165383ae1eb02f04e0844a00c Mon Sep 17 00:00:00 2001 -From: Nicolas Dufresne <nicolas.dufresne@collabora.com> -Date: Sat, 29 Jun 2019 09:22:05 -0400 -Subject: [PATCH] bufferpool: Fix the buffer size reset code - -The offset in gst_buffer_resize() is additive. So to move back the -offset to zero, we need to pass the opposite of the current offset. This -was raised through the related unit test failingon 32bit as on 64bit -the alignment padding was enough to hide the issue. The test was -modified to also fail on 64bit. This patch will remove spurious -assertions like: - - assertion 'bufmax >= bufoffs + offset + size' failed - -Fixes #316 ---- - gst/gstbufferpool.c | 7 +++++-- - tests/check/gst/gstbufferpool.c | 2 +- - 2 files changed, 6 insertions(+), 3 deletions(-) - -diff --git a/gst/gstbufferpool.c b/gst/gstbufferpool.c -index e5c7a5872..619860e63 100644 ---- a/gst/gstbufferpool.c -+++ b/gst/gstbufferpool.c -@@ -1222,8 +1222,11 @@ default_reset_buffer (GstBufferPool * pool, GstBuffer * buffer) - GST_BUFFER_OFFSET_END (buffer) = GST_BUFFER_OFFSET_NONE; - - /* if the memory is intact reset the size to the full size */ -- if (!GST_BUFFER_FLAG_IS_SET (buffer, GST_BUFFER_FLAG_TAG_MEMORY)) -- gst_buffer_resize (buffer, 0, pool->priv->size); -+ if (!GST_BUFFER_FLAG_IS_SET (buffer, GST_BUFFER_FLAG_TAG_MEMORY)) { -+ gsize offset; -+ gst_buffer_get_sizes (buffer, &offset, NULL); -+ gst_buffer_resize (buffer, -offset, pool->priv->size); -+ } - - /* remove all metadata without the POOLED flag */ - gst_buffer_foreach_meta (buffer, remove_meta_unpooled, pool); -diff --git a/tests/check/gst/gstbufferpool.c b/tests/check/gst/gstbufferpool.c -index f0c3c8d8e..dd9b2dc03 100644 ---- a/tests/check/gst/gstbufferpool.c -+++ b/tests/check/gst/gstbufferpool.c -@@ -190,7 +190,7 @@ GST_START_TEST (test_buffer_modify_discard) - gst_buffer_pool_acquire_buffer (pool, &buf, NULL); - buffer_track_destroy (buf, &dcount); - /* do resize, as we didn't modify the memory, pool should reuse this buffer */ -- gst_buffer_resize (buf, 5, 2); -+ gst_buffer_resize (buf, 8, 2); - gst_buffer_unref (buf); - - /* buffer should've gone back into pool */ --- -2.22.0 - diff --git a/gnu/packages/patches/handbrake-opt-in-nvenc.patch b/gnu/packages/patches/handbrake-opt-in-nvenc.patch deleted file mode 100644 index 2b34aaa427..0000000000 --- a/gnu/packages/patches/handbrake-opt-in-nvenc.patch +++ /dev/null @@ -1,14 +0,0 @@ -Require opt-in for NVEnc support. Otherwise the default is true with no way -to disable it. - ---- HandBrake-1.2.0/make/configure.py.orig 1969-12-31 18:00:00.000000000 -0600 -+++ HandBrake-1.2.0/make/configure.py 2019-01-22 23:22:46.186959060 -0600 -@@ -1320,7 +1320,7 @@ - grp.add_option( '--disable-ffmpeg-aac', dest="enable_ffmpeg_aac", action='store_false' ) - - h = IfHost( 'enable Nvidia NVEnc video encoder', '*-*-*', none=optparse.SUPPRESS_HELP ).value -- grp.add_option( '--enable-nvenc', dest="enable_nvenc", default=not (host.match( '*-*-darwin*' ) or host.match( '*-*-freebsd*' )), action='store_true', help=h ) -+ grp.add_option( '--enable-nvenc', dest="enable_nvenc", default=False, action='store_true', help=h ) - - - cli.add_option_group( grp ) diff --git a/gnu/packages/patches/hexchat-crash-exit.patch b/gnu/packages/patches/hexchat-crash-exit.patch new file mode 100644 index 0000000000..e67fef73e0 --- /dev/null +++ b/gnu/packages/patches/hexchat-crash-exit.patch @@ -0,0 +1,31 @@ +From d9c637ae8a1137d3ca512d2c560589903a4bd79d Mon Sep 17 00:00:00 2001 +From: Adam Williamson <awilliam@redhat.com> +Date: Tue, 30 Apr 2019 11:16:01 -0700 +Subject: [PATCH] Python plugin: Call EndInterpreter when deinit'ing the plugin + +This fixes https://github.com/hexchat/hexchat/issues/2237 , a +commonly-encountered bug when using Hexchat 2.14 on Python 3.7. +Thanks to @ncoghlan for the fix. + +Signed-off-by: Adam Williamson <awilliam@redhat.com> +--- + plugins/python/python.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/plugins/python/python.c b/plugins/python/python.c +index 4403474d..475756ba 100644 +--- a/plugins/python/python.c ++++ b/plugins/python/python.c +@@ -2806,6 +2806,9 @@ hexchat_plugin_deinit(void) + xchatout_buffer = NULL; + + if (interp_plugin) { ++ PyThreadState *tstate = ((PluginObject*)interp_plugin)->tstate; ++ PyThreadState_Swap(tstate); ++ Py_EndInterpreter(tstate); + Py_DECREF(interp_plugin); + interp_plugin = NULL; + } +-- +2.21.0 + diff --git a/gnu/packages/patches/icecat-gnuzilla-fixes.patch b/gnu/packages/patches/icecat-gnuzilla-fixes.patch deleted file mode 100644 index e8e0946f57..0000000000 --- a/gnu/packages/patches/icecat-gnuzilla-fixes.patch +++ /dev/null @@ -1,546 +0,0 @@ -From 2abca7767c461a022317bf18fbec51e8b3ce6a92 Mon Sep 17 00:00:00 2001 -From: Mark H Weaver <mhw@netris.org> -Date: Thu, 31 Oct 2019 03:59:46 -0400 -Subject: [PATCH 1/2] Branding: fix patching of trademarkInfo within l10n - directory. - -This is a followup to commit 930298e1efff3e40721659d8fd7118cdd2477bd4. - -* makeicecat: Patch in the IceCat logo copyright notice in all -brand.dtd files within l10n directory. ---- - makeicecat | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/makeicecat b/makeicecat -index 3ff2ead..4ff3e64 100755 ---- a/makeicecat -+++ b/makeicecat -@@ -226,7 +226,7 @@ cp $DATA/bookmarks.html.in browser/locales/generic/profile/bookmarks.html.in - - # Custom legal about pages - --find l10n -wholename '*/brand.dtd' |xargs /bin/sed 's/trademarkInfo.part1.*/trademarkInfo.part1 "">/' -i -+find l10n -wholename '*/brand.dtd' |xargs /bin/sed 's/trademarkInfo.part1.*/trademarkInfo.part1 "The IceCat logo is Copyright 2008-2015 Free Software Foundation, released under the terms of the GNU Lesser General Public License, version 3 or any later version.">/' -i - find l10n -wholename '*/brand.ftl' |xargs /bin/sed 's/^trademarkInfo = .*/trademarkInfo = The IceCat logo is Copyright 2008-2015 Free Software Foundation, released under the terms of the GNU Lesser General Public License, version 3 or any later version./' -i - - for STRING in rights.intro-point3-unbranded rights.intro-point4a-unbranded rights.intro-point4b-unbranded rights.intro-point4c-unbranded --- -2.23.0 - -From 150af5dd8b502b66f325b9fe8bd0b2ae553326a4 Mon Sep 17 00:00:00 2001 -From: Mark H Weaver <mhw@netris.org> -Date: Wed, 30 Oct 2019 18:34:44 -0400 -Subject: [PATCH 2/2] Add first batch of IceCat-specific preferences. - -* makeicecat: Add code to add IceCat-specific messages to l10n directory. -* data/files-to-append/browser/locales/en-US/browser/preferences/preferences.ftl, -data/files-to-append/l10n/es-AR/browser/browser/preferences/preferences.ftl, -data/files-to-append/l10n/es-CL/browser/browser/preferences/preferences.ftl, -data/files-to-append/l10n/es-ES/browser/browser/preferences/preferences.ftl, -data/files-to-append/l10n/es-MX/browser/browser/preferences/preferences.ftl, -data/files-to-append/l10n/fr/browser/browser/preferences/preferences.ftl, -data/files-to-append/l10n/it/browser/browser/preferences/preferences.ftl, -data/patches/icecat-preferences.patch: New files. ---- - .../en-US/browser/preferences/preferences.ftl | 36 ++++ - .../browser/preferences/preferences.ftl | 36 ++++ - .../browser/preferences/preferences.ftl | 36 ++++ - .../browser/preferences/preferences.ftl | 36 ++++ - .../browser/preferences/preferences.ftl | 36 ++++ - .../browser/preferences/preferences.ftl | 36 ++++ - .../browser/preferences/preferences.ftl | 36 ++++ - data/patches/icecat-preferences.patch | 155 ++++++++++++++++++ - makeicecat | 13 ++ - 9 files changed, 420 insertions(+) - create mode 100644 data/files-to-append/browser/locales/en-US/browser/preferences/preferences.ftl - create mode 100644 data/files-to-append/l10n/es-AR/browser/browser/preferences/preferences.ftl - create mode 100644 data/files-to-append/l10n/es-CL/browser/browser/preferences/preferences.ftl - create mode 100644 data/files-to-append/l10n/es-ES/browser/browser/preferences/preferences.ftl - create mode 100644 data/files-to-append/l10n/es-MX/browser/browser/preferences/preferences.ftl - create mode 100644 data/files-to-append/l10n/fr/browser/browser/preferences/preferences.ftl - create mode 100644 data/files-to-append/l10n/it/browser/browser/preferences/preferences.ftl - create mode 100644 data/patches/icecat-preferences.patch - -diff --git a/data/files-to-append/browser/locales/en-US/browser/preferences/preferences.ftl b/data/files-to-append/browser/locales/en-US/browser/preferences/preferences.ftl -new file mode 100644 -index 0000000..2f90bcd ---- /dev/null -+++ b/data/files-to-append/browser/locales/en-US/browser/preferences/preferences.ftl -@@ -0,0 +1,36 @@ -+ -+## IceCat-specific privacy settings -+ -+icecat-privacy-group-header = IceCat-specific privacy settings -+ -+disable-javascript-option = -+ .label = Disable JavaScript -+disable-javascript-description = Disabling Javascript greatly improves privacy, security and <a href=\"https://www.gnu.org/philosophy/javascript-trap.html\">freedom</a>, but it will break many sites. -+ -+disable-custom-fonts-option = -+ .label = Do not load custom fonts -+disable-custom-fonts-description = Custom fonts can be used for <a href=\"https://en.wikipedia.org/wiki/Device_fingerprint\">fingerprinting</a>. Disabling them improves privacy but may make some sites look wrong. -+ -+isolate-request-first-party-option = -+ .label = Isolate requests to First Party domains -+isolate-request-first-party-description = This <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">improves privacy</a>, but it may interfere with login into some sites. -+ -+auto-update-extensions-option = -+ .label = Automatically update extensions -+auto-update-extensions-description = Enabling automated updates is good for security, but would start Internet connections in the background. -+ -+spoof-referers-option = -+ .label = Spoof Referers -+spoof-referers-description = <a href=\"https://en.wikipedia.org/wiki/HTTP_referer\">Referers</a> tell sites what link brought you there. This feature greatly improves your privacy, but it may break functionality on some sites. -+ -+detect-captive-portal-option = -+ .label = Detect captive portal -+detect-captive-portal-description = <a href=\"https://en.wikipedia.org/wiki/Captive_portal\">Captive portals</a> are the sites that control access to public wireless networks in hotels, airports, cafes, etc. The detection service is useful if you connect to such netwoks, but it will start connections automatically. -+ -+geolocation-option = -+ .label = Enable Geolocation -+geolocation-description = This is commonly used for maps, weather sites, and some stores. It is better to keep it off unless you really need it. -+ -+webgl-option = -+ .label = Enable WebGL -+webgl-description = Needed to visualize 3D graphics, but it may expose you to security threats. Enable it only if you really use it. -diff --git a/data/files-to-append/l10n/es-AR/browser/browser/preferences/preferences.ftl b/data/files-to-append/l10n/es-AR/browser/browser/preferences/preferences.ftl -new file mode 100644 -index 0000000..ad052b3 ---- /dev/null -+++ b/data/files-to-append/l10n/es-AR/browser/browser/preferences/preferences.ftl -@@ -0,0 +1,36 @@ -+ -+## IceCat-specific privacy settings -+ -+icecat-privacy-group-header = Ajustes de privacidad de IceCat -+ -+disable-javascript-option = -+ .label = Desactivar JavaScript -+disable-javascript-description = Desactivar JavaScript mejora enormemente la privacidad, la seguridad en Internet y la <a href=\"https://www.gnu.org/philosophy/javascript-trap.es.html\">libertad</a> en su equipo, pero afectará a la funcionalidad de muchas páginas. -+ -+disable-custom-fonts-option = -+ .label = No cargar fuentes personalizadas -+disable-custom-fonts-description = Las fuentes personalizadas pueden usarse para <a href=\"https://en.wikipedia.org/wiki/Device_fingerprint\">rastrear</a> al usuario. Desactivarlas mejora la privacidad pero puede afectar al aspecto visual de algunas páginas. -+ -+isolate-request-first-party-option = -+ .label = Aislar las solicitudes a los Dominios Primarios -+isolate-request-first-party-description = Este ajuste <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">mejora la privacidad</a>, pero puede interferir con el inicio de sesión en algunas webs. -+ -+auto-update-extensions-option = -+ .label = Actualizar las extensiones automáticamente -+auto-update-extensions-description = Activar las actualizaciones automáticas es bueno para la seguridad, pero precisa del establecimiento de conexiones a otros servidores en segundo plano. -+ -+spoof-referers-option = -+ .label = Modificar los referers HTTP -+spoof-referers-description = Los <a href=\"https://es.wikipedia.org/wiki/Referer_(Cabecera_HTTP)\">referers</a> son cabeceras HTTP que informan a una página acerca de nuestro enlace de origen. Activar esta característica mejora enormemente su privacidad, pero puede afectar a la funcionalidad de algunas páginas. -+ -+detect-captive-portal-option = -+ .label = Detectar los portales cautivos -+detect-captive-portal-description = Los <a href=\"https://es.wikipedia.org/wiki/Portal_cautivo\">portales cautivos</a> son las webs que registran y controlan el acceso a redes inalámbricas públicas en hoteles, aeropuertos, cafés y similares. El servicio que los detecta es práctico si se ve a menudo en la necesidad de usarlos, pero implica el establecimiento de conexiones en segundo plano. -+ -+geolocation-option = -+ .label = Activar Geolocalización -+geolocation-description = Esta característica se usa habitualmente en mapas, páginas del tiempo y algunas tiendas. Es mejor desactivarla si realmente no necesita que identifiquen su ubicación. -+ -+webgl-option = -+ .label = Activar WebGL -+webgl-description = Esta función necesaria para mostrar ciertos gráficos 3D en el navegador puede exponerle a ciertos riesgos de seguridad. Actívela solamente si va a usarla. -diff --git a/data/files-to-append/l10n/es-CL/browser/browser/preferences/preferences.ftl b/data/files-to-append/l10n/es-CL/browser/browser/preferences/preferences.ftl -new file mode 100644 -index 0000000..ad052b3 ---- /dev/null -+++ b/data/files-to-append/l10n/es-CL/browser/browser/preferences/preferences.ftl -@@ -0,0 +1,36 @@ -+ -+## IceCat-specific privacy settings -+ -+icecat-privacy-group-header = Ajustes de privacidad de IceCat -+ -+disable-javascript-option = -+ .label = Desactivar JavaScript -+disable-javascript-description = Desactivar JavaScript mejora enormemente la privacidad, la seguridad en Internet y la <a href=\"https://www.gnu.org/philosophy/javascript-trap.es.html\">libertad</a> en su equipo, pero afectará a la funcionalidad de muchas páginas. -+ -+disable-custom-fonts-option = -+ .label = No cargar fuentes personalizadas -+disable-custom-fonts-description = Las fuentes personalizadas pueden usarse para <a href=\"https://en.wikipedia.org/wiki/Device_fingerprint\">rastrear</a> al usuario. Desactivarlas mejora la privacidad pero puede afectar al aspecto visual de algunas páginas. -+ -+isolate-request-first-party-option = -+ .label = Aislar las solicitudes a los Dominios Primarios -+isolate-request-first-party-description = Este ajuste <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">mejora la privacidad</a>, pero puede interferir con el inicio de sesión en algunas webs. -+ -+auto-update-extensions-option = -+ .label = Actualizar las extensiones automáticamente -+auto-update-extensions-description = Activar las actualizaciones automáticas es bueno para la seguridad, pero precisa del establecimiento de conexiones a otros servidores en segundo plano. -+ -+spoof-referers-option = -+ .label = Modificar los referers HTTP -+spoof-referers-description = Los <a href=\"https://es.wikipedia.org/wiki/Referer_(Cabecera_HTTP)\">referers</a> son cabeceras HTTP que informan a una página acerca de nuestro enlace de origen. Activar esta característica mejora enormemente su privacidad, pero puede afectar a la funcionalidad de algunas páginas. -+ -+detect-captive-portal-option = -+ .label = Detectar los portales cautivos -+detect-captive-portal-description = Los <a href=\"https://es.wikipedia.org/wiki/Portal_cautivo\">portales cautivos</a> son las webs que registran y controlan el acceso a redes inalámbricas públicas en hoteles, aeropuertos, cafés y similares. El servicio que los detecta es práctico si se ve a menudo en la necesidad de usarlos, pero implica el establecimiento de conexiones en segundo plano. -+ -+geolocation-option = -+ .label = Activar Geolocalización -+geolocation-description = Esta característica se usa habitualmente en mapas, páginas del tiempo y algunas tiendas. Es mejor desactivarla si realmente no necesita que identifiquen su ubicación. -+ -+webgl-option = -+ .label = Activar WebGL -+webgl-description = Esta función necesaria para mostrar ciertos gráficos 3D en el navegador puede exponerle a ciertos riesgos de seguridad. Actívela solamente si va a usarla. -diff --git a/data/files-to-append/l10n/es-ES/browser/browser/preferences/preferences.ftl b/data/files-to-append/l10n/es-ES/browser/browser/preferences/preferences.ftl -new file mode 100644 -index 0000000..ad052b3 ---- /dev/null -+++ b/data/files-to-append/l10n/es-ES/browser/browser/preferences/preferences.ftl -@@ -0,0 +1,36 @@ -+ -+## IceCat-specific privacy settings -+ -+icecat-privacy-group-header = Ajustes de privacidad de IceCat -+ -+disable-javascript-option = -+ .label = Desactivar JavaScript -+disable-javascript-description = Desactivar JavaScript mejora enormemente la privacidad, la seguridad en Internet y la <a href=\"https://www.gnu.org/philosophy/javascript-trap.es.html\">libertad</a> en su equipo, pero afectará a la funcionalidad de muchas páginas. -+ -+disable-custom-fonts-option = -+ .label = No cargar fuentes personalizadas -+disable-custom-fonts-description = Las fuentes personalizadas pueden usarse para <a href=\"https://en.wikipedia.org/wiki/Device_fingerprint\">rastrear</a> al usuario. Desactivarlas mejora la privacidad pero puede afectar al aspecto visual de algunas páginas. -+ -+isolate-request-first-party-option = -+ .label = Aislar las solicitudes a los Dominios Primarios -+isolate-request-first-party-description = Este ajuste <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">mejora la privacidad</a>, pero puede interferir con el inicio de sesión en algunas webs. -+ -+auto-update-extensions-option = -+ .label = Actualizar las extensiones automáticamente -+auto-update-extensions-description = Activar las actualizaciones automáticas es bueno para la seguridad, pero precisa del establecimiento de conexiones a otros servidores en segundo plano. -+ -+spoof-referers-option = -+ .label = Modificar los referers HTTP -+spoof-referers-description = Los <a href=\"https://es.wikipedia.org/wiki/Referer_(Cabecera_HTTP)\">referers</a> son cabeceras HTTP que informan a una página acerca de nuestro enlace de origen. Activar esta característica mejora enormemente su privacidad, pero puede afectar a la funcionalidad de algunas páginas. -+ -+detect-captive-portal-option = -+ .label = Detectar los portales cautivos -+detect-captive-portal-description = Los <a href=\"https://es.wikipedia.org/wiki/Portal_cautivo\">portales cautivos</a> son las webs que registran y controlan el acceso a redes inalámbricas públicas en hoteles, aeropuertos, cafés y similares. El servicio que los detecta es práctico si se ve a menudo en la necesidad de usarlos, pero implica el establecimiento de conexiones en segundo plano. -+ -+geolocation-option = -+ .label = Activar Geolocalización -+geolocation-description = Esta característica se usa habitualmente en mapas, páginas del tiempo y algunas tiendas. Es mejor desactivarla si realmente no necesita que identifiquen su ubicación. -+ -+webgl-option = -+ .label = Activar WebGL -+webgl-description = Esta función necesaria para mostrar ciertos gráficos 3D en el navegador puede exponerle a ciertos riesgos de seguridad. Actívela solamente si va a usarla. -diff --git a/data/files-to-append/l10n/es-MX/browser/browser/preferences/preferences.ftl b/data/files-to-append/l10n/es-MX/browser/browser/preferences/preferences.ftl -new file mode 100644 -index 0000000..ad052b3 ---- /dev/null -+++ b/data/files-to-append/l10n/es-MX/browser/browser/preferences/preferences.ftl -@@ -0,0 +1,36 @@ -+ -+## IceCat-specific privacy settings -+ -+icecat-privacy-group-header = Ajustes de privacidad de IceCat -+ -+disable-javascript-option = -+ .label = Desactivar JavaScript -+disable-javascript-description = Desactivar JavaScript mejora enormemente la privacidad, la seguridad en Internet y la <a href=\"https://www.gnu.org/philosophy/javascript-trap.es.html\">libertad</a> en su equipo, pero afectará a la funcionalidad de muchas páginas. -+ -+disable-custom-fonts-option = -+ .label = No cargar fuentes personalizadas -+disable-custom-fonts-description = Las fuentes personalizadas pueden usarse para <a href=\"https://en.wikipedia.org/wiki/Device_fingerprint\">rastrear</a> al usuario. Desactivarlas mejora la privacidad pero puede afectar al aspecto visual de algunas páginas. -+ -+isolate-request-first-party-option = -+ .label = Aislar las solicitudes a los Dominios Primarios -+isolate-request-first-party-description = Este ajuste <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">mejora la privacidad</a>, pero puede interferir con el inicio de sesión en algunas webs. -+ -+auto-update-extensions-option = -+ .label = Actualizar las extensiones automáticamente -+auto-update-extensions-description = Activar las actualizaciones automáticas es bueno para la seguridad, pero precisa del establecimiento de conexiones a otros servidores en segundo plano. -+ -+spoof-referers-option = -+ .label = Modificar los referers HTTP -+spoof-referers-description = Los <a href=\"https://es.wikipedia.org/wiki/Referer_(Cabecera_HTTP)\">referers</a> son cabeceras HTTP que informan a una página acerca de nuestro enlace de origen. Activar esta característica mejora enormemente su privacidad, pero puede afectar a la funcionalidad de algunas páginas. -+ -+detect-captive-portal-option = -+ .label = Detectar los portales cautivos -+detect-captive-portal-description = Los <a href=\"https://es.wikipedia.org/wiki/Portal_cautivo\">portales cautivos</a> son las webs que registran y controlan el acceso a redes inalámbricas públicas en hoteles, aeropuertos, cafés y similares. El servicio que los detecta es práctico si se ve a menudo en la necesidad de usarlos, pero implica el establecimiento de conexiones en segundo plano. -+ -+geolocation-option = -+ .label = Activar Geolocalización -+geolocation-description = Esta característica se usa habitualmente en mapas, páginas del tiempo y algunas tiendas. Es mejor desactivarla si realmente no necesita que identifiquen su ubicación. -+ -+webgl-option = -+ .label = Activar WebGL -+webgl-description = Esta función necesaria para mostrar ciertos gráficos 3D en el navegador puede exponerle a ciertos riesgos de seguridad. Actívela solamente si va a usarla. -diff --git a/data/files-to-append/l10n/fr/browser/browser/preferences/preferences.ftl b/data/files-to-append/l10n/fr/browser/browser/preferences/preferences.ftl -new file mode 100644 -index 0000000..4008883 ---- /dev/null -+++ b/data/files-to-append/l10n/fr/browser/browser/preferences/preferences.ftl -@@ -0,0 +1,36 @@ -+ -+## IceCat-specific privacy settings -+ -+icecat-privacy-group-header = Vie privée de IceCat -+ -+disable-javascript-option = -+ .label = Disable JavaScript -+disable-javascript-description = Désactiver JavaScript améliore grandement le respect de la vie privée, la sécurité et <a href=\"https://www.gnu.org/philosophy/javascript-trap.fr.html\">la liberté</a>, mais cela risque de rendre beaucoup de sites web inutilisables. -+ -+disable-custom-fonts-option = -+ .label = Ne pas charger de polices personnalisées -+disable-custom-fonts-description = Les polices personnalisées peuvent être utilisées pour vous <a href=\"https://fr.wikipedia.org/wiki/Empreinte_digitale_d%27appareil\">identifier</a>. Les désactiver améliore le respect de la vie privée mais peut détérorier le rendu de certains sites. -+ -+isolate-request-first-party-option = -+ .label = Isoler les requêtes vers les domaines de premier niveau -+isolate-request-first-party-description = Améliore <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">le respect de la vie privée</a>, mais peut interférer avec la page de login de certains sites web. -+ -+auto-update-extensions-option = -+ .label = Mettre à jour les extensions automatiquement -+auto-update-extensions-description = Activer les mises à jour automatiques améliore votre sécurité, mais cela va ouvrir des connexions internet en arrière-plan. -+ -+spoof-referers-option = -+ .label = Usurper l'identité des Referers -+spoof-referers-description = <a href=\"https://fr.wikipedia.org/wiki/R%C3%A9f%C3%A9rent_(informatique)\">Les Referers</a> indiquent aux sites web quel lien vous y a amené. Cette fonctionnalité améliore grandement le respect de la vie privée, mais peut entraîner la perte de fonctionnalités sur certains sites. -+ -+detect-captive-portal-option = -+ .label = Détecter les portails captifs -+detect-captive-portal-description = <a href=\"https://fr.wikipedia.org/wiki/Portail_captif\">Les portails captifs</a> sont les sites qui contrôlent l'accès aux réseaux sans fils publics dans les hôtels, les aéroports, les bars, etc. Ce service de détection est utile si vous vous connectez à ce type de réseaux, mais cela entraîne l'ouverture automatique de connexions. -+ -+geolocation-option = -+ .label = Activer la géolocalisation -+geolocation-description = Elle est utilisée couramment pour les cartes, les sites de prévisions météo, et certaines boutiques en ligne. Il vaut mieux la désactivez à moins d'en avoir réellement besoin. -+ -+webgl-option = -+ .label = Activer WebGL -+webgl-description = Nécessaire afin de visualiser les graphisme en 3D, mais peut vous exposer à des menaces de sécurité. Activer WebGL seulement si vous l'utilisez réellement. -diff --git a/data/files-to-append/l10n/it/browser/browser/preferences/preferences.ftl b/data/files-to-append/l10n/it/browser/browser/preferences/preferences.ftl -new file mode 100644 -index 0000000..a1fe1b7 ---- /dev/null -+++ b/data/files-to-append/l10n/it/browser/browser/preferences/preferences.ftl -@@ -0,0 +1,36 @@ -+ -+## IceCat-specific privacy settings -+ -+icecat-privacy-group-header = Impostazioni sulla privacy di IceCat -+ -+disable-javascript-option = -+ .label = Disabilita JavaScript -+disable-javascript-description = Disabilitare Javascript migliora notevolmente la privacy, la sicurezza e la <a href=\"https://www.gnu.org/philosophy/javascript-trap.it.html\">libertà</a>, ma compromette la funzionalità molti siti. -+ -+disable-custom-fonts-option = -+ .label = Non caricare caratteri personalizzati -+disable-custom-fonts-description = I caratteri personalizzati possono essere utilizzati per il <a href=\"https://it.wikipedia.org/wiki/Device_fingerprint\">fingerprinting</a>. Disabilitarli migliora la privacy ma potrebbe far compromettere la visibilità di alcuni siti. -+ -+isolate-request-first-party-option = -+ .label = Isolare le richieste ai domini proprietari -+isolate-request-first-party-description = Questo <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">migliora la privacy</a>, ma potrebbe interferire con il login in alcuni siti. -+ -+auto-update-extensions-option = -+ .label = Aggiorna automaticamente le estensioni -+auto-update-extensions-description = Abilitare gli aggiornamenti automatici è positivo per la sicurezza, ma avvierebbe connessioni Internet in background. -+ -+spoof-referers-option = -+ .label = Spoof Referers -+spoof-referers-description = <a href=\"https://it.wikipedia.org/wiki/Referer\">I referer</a> dicono ai siti quale link ti ha portato lì. Questa funzione migliora notevolmente la privacy, ma potrebbe compromettere la funzionalità di alcuni siti. -+ -+detect-captive-portal-option = -+ .label = Rileva il captive portal -+detect-captive-portal-description = <a href=\"https://it.wikipedia.org/wiki/Captive_portal\">I captive portal</a> sono i siti che controllano l'accesso alle reti wireless pubbliche negli hotel, negli aeroporti, nei bar, ecc. Il servizio di rilevamento è utile se ci si connette a tali reti, ma avvierà automaticamente le connessioni. -+ -+geolocation-option = -+ .label = Abilita geolocalizzazione -+geolocation-description = Questo è comunemente usato per mappe, siti meteo e alcuni negozi online. È meglio tenerlo spento a meno che non se ne abbia veramente bisogno. -+ -+webgl-option = -+ .label = Abilita WebGL -+webgl-description = Necessario per visualizzare la grafica 3D, ma potrebbe esporre a minacce alla sicurezza. Abilitare solo in caso di necessità. -diff --git a/data/patches/icecat-preferences.patch b/data/patches/icecat-preferences.patch -new file mode 100644 -index 0000000..86fdd06 ---- /dev/null -+++ b/data/patches/icecat-preferences.patch -@@ -0,0 +1,155 @@ -+--- a/browser/components/preferences/in-content/privacy.xul.orig 2019-10-16 15:29:49.000000000 -0400 -++++ b/browser/components/preferences/in-content/privacy.xul 2019-10-30 23:54:53.591633131 -0400 -+@@ -594,6 +594,79 @@ -+ data-l10n-id="addressbar-suggestions-settings"/> -+ </groupbox> -+ -++<!-- IceCat-specific privacy group --> -++<groupbox id="iceCatPrivacyGroup" -++ data-category="panePrivacy" -++ hidden="true"> -++ <label><html:h2 data-l10n-id="icecat-privacy-group-header"/></label> -++ <vbox> -++ <checkbox id="disableJavaScript" data-l10n-id="disable-javascript-option" -++ preference="javascript.enabled" -++ onsyncfrompreference="return gPrivacyPane.readDisableJavaScriptOption();" -++ onsynctopreference="return gPrivacyPane.writeDisableJavaScriptOption();"/> -++ <vbox class="indent"> -++ <label data-l10n-id="disable-javascript-description"/> -++ </vbox> -++ </vbox> -++ <vbox> -++ <checkbox id="disableCustomFonts" data-l10n-id="disable-custom-fonts-option" -++ preference="browser.display.use_document_fonts" -++ onsyncfrompreference="return gPrivacyPane.readDisableCustomFontsOption();" -++ onsynctopreference="return gPrivacyPane.writeDisableCustomFontsOption();"/> -++ <vbox class="indent"> -++ <label data-l10n-id="disable-custom-fonts-description"/> -++ </vbox> -++ </vbox> -++ <vbox> -++ <checkbox id="isolateRequestFirstParty" data-l10n-id="isolate-request-first-party-option" -++ preference="privacy.firstparty.isolate"/> -++ <vbox class="indent"> -++ <label data-l10n-id="isolate-request-first-party-description"/> -++ </vbox> -++ </vbox> -++ <vbox> -++ <checkbox id="autoUpdateExtensions" data-l10n-id="auto-update-extensions-option" -++ preference="extensions.update.enabled"/> -++ <vbox class="indent"> -++ <label data-l10n-id="auto-update-extensions-description"/> -++ </vbox> -++ </vbox> -++ <vbox> -++ <checkbox id="spoofReferrers" data-l10n-id="spoof-referers-option" -++ preference="network.http.referer.spoofSource"/> -++ <vbox class="indent"> -++ <label data-l10n-id="spoof-referers-description"/> -++ </vbox> -++ </vbox> -++ <vbox> -++ <checkbox id="detectCaptivePortal" data-l10n-id="detect-captive-portal-option" -++ preference="captivedetect.canonicalURL" -++ onsyncfrompreference="return gPrivacyPane.readDetectCaptiveOption();" -++ onsynctopreference="return gPrivacyPane.writeDetectCaptiveOption();"/> -++ <vbox class="indent"> -++ <label data-l10n-id="detect-captive-portal-description"/> -++ </vbox> -++ </vbox> -++ <vbox> -++ <checkbox id="geolocation" data-l10n-id="geolocation-option" -++ preference="browser.search.geoip.url" -++ onsyncfrompreference="return gPrivacyPane.readGeolocationOption();" -++ onsynctopreference="return gPrivacyPane.writeGeolocationOption();"/> -++ <vbox class="indent"> -++ <label data-l10n-id="geolocation-description"/> -++ </vbox> -++ </vbox> -++ <vbox> -++ <checkbox id="webgl" data-l10n-id="webgl-option" -++ preference="webgl.disabled" -++ onsyncfrompreference="return gPrivacyPane.readWebGLOption();" -++ onsynctopreference="return gPrivacyPane.writeWebGLOption();"/> -++ <vbox class="indent"> -++ <label data-l10n-id="webgl-description"/> -++ </vbox> -++ </vbox> -++</groupbox> -++ -+ <hbox id="permissionsCategory" -+ class="subcategory" -+ hidden="true" -+--- a/browser/components/preferences/in-content/privacy.js.orig 2019-10-16 15:29:49.000000000 -0400 -++++ b/browser/components/preferences/in-content/privacy.js 2019-10-31 00:08:05.819561577 -0400 -+@@ -93,6 +93,16 @@ -+ { id: "browser.urlbar.suggest.history", type: "bool" }, -+ { id: "browser.urlbar.suggest.openpage", type: "bool" }, -+ -++ // IceCat-specific -++ { id: "javascript.enabled", type: "bool" }, -++ { id: "browser.display.use_document_fonts", type: "int" }, -++ { id: "privacy.firstparty.isolate", type: "bool" }, -++ { id: "extensions.update.enabled", type: "bool" }, -++ { id: "network.http.referer.spoofSource", type: "bool" }, -++ { id: "webgl.disabled", type: "bool" }, -++ { id: "captivedetect.canonicalURL", type: "string" }, -++ { id: "browser.search.geoip.url", type: "string" }, -++ -+ // History -+ { id: "places.history.enabled", type: "bool" }, -+ { id: "browser.formfill.enable", type: "bool" }, -+@@ -587,6 +597,53 @@ -+ SiteDataManager.updateSites(); -+ }, -+ -++ // ICECAT PREFERENCES -++ -++ readDisableJavaScriptOption() { -++ let pref = Preferences.get("javascript.enabled"); -++ return !pref.value; -++ }, -++ writeDisableJavaScriptOption() { -++ let checkbox = document.getElementById("disableJavaScript"); -++ return !checkbox.checked; -++ }, -++ -++ readDisableCustomFontsOption() { -++ let pref = Preferences.get("browser.display.use_document_fonts"); -++ return pref.value == 0; -++ }, -++ writeDisableCustomFontsOption() { -++ let checkbox = document.getElementById("disableCustomFonts"); -++ return checkbox.checked ? 0 : 1; -++ }, -++ -++ readDetectCaptiveOption() { -++ let pref = Preferences.get("captivedetect.canonicalURL"); -++ return pref.value !== ""; -++ }, -++ writeDetectCaptiveOption() { -++ let checkbox = document.getElementById("detectCaptivePortal"); -++ return checkbox.checked ? "http://detectportal.firefox.com/success.txt" : ""; -++ }, -++ -++ readGeolocationOption() { -++ let pref = Preferences.get("browser.search.geoip.url"); -++ return pref.value !== ""; -++ }, -++ writeGeolocationOption() { -++ let checkbox = document.getElementById("geolocation"); -++ return checkbox.checked ? "https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%" : ""; -++ }, -++ -++ readWebGLOption() { -++ let pref = Preferences.get("webgl.disabled"); -++ return !pref.value; -++ }, -++ writeWebGLOption() { -++ let checkbox = document.getElementById("webgl"); -++ return !checkbox.checked; -++ }, -++ -+ // CONTENT BLOCKING -+ -+ /** -diff --git a/makeicecat b/makeicecat -index 4ff3e64..493d946 100755 ---- a/makeicecat -+++ b/makeicecat -@@ -87,6 +87,19 @@ for patch in $DATA/patches/*.patch; do - done - shopt -u nullglob - -+for file_to_append in $(cd $DATA/files-to-append; find . -type f -print); do -+ echo Appending new data to the end of file: $file_to_append -+ cat $DATA/files-to-append/$file_to_append >> $file_to_append -+done -+ -+for dir in l10n/*; do -+ if [[ $dir != l10n/compare-locales ]]; then -+ if [[ ! -e $DATA/files-to-append/$dir/browser/browser/preferences/preferences.ftl ]]; then -+ cat $DATA/files-to-append/browser/locales/en-US/browser/preferences/preferences.ftl >> $dir/browser/browser/preferences/preferences.ftl -+ fi -+ fi -+done -+ - cp $DATA/Changelog.IceCat $DATA/README.IceCat . - - ############################################################################### --- -2.23.0 - diff --git a/gnu/packages/patches/icecat-makeicecat.patch b/gnu/packages/patches/icecat-makeicecat.patch index 66816070aa..daa67f6a7a 100644 --- a/gnu/packages/patches/icecat-makeicecat.patch +++ b/gnu/packages/patches/icecat-makeicecat.patch @@ -3,10 +3,10 @@ in a snippet without network access. After this patch is applied, some additional changes will be made using 'substitute*'. diff --git a/makeicecat b/makeicecat -index b04c731..06d1f3f 100644 +index 8be2362..48716f2 100755 --- a/makeicecat +++ b/makeicecat -@@ -30,55 +30,55 @@ SOURCEDIR=icecat-$FFVERSION +@@ -31,55 +31,55 @@ SOURCEDIR=icecat-$FFVERSION DATA="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"/data @@ -25,7 +25,7 @@ index b04c731..06d1f3f 100644 -wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc -gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353 -gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc --echo -n 85f1c2eaf68ebedcbc0b78a342f6d16ef0865dedd426a1bba94b75c85f716f38 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - +-echo -n e131149a70e7ae867d9b0ea081e8c081d056500ee51bb9270df247e977badc69 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - - -echo Extracting Firefox tarball -tar -xf firefox-${FFVERSION}esr.source.tar.xz @@ -37,7 +37,7 @@ index b04c731..06d1f3f 100644 +# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc +# gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353 +# gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc -+# echo -n 85f1c2eaf68ebedcbc0b78a342f6d16ef0865dedd426a1bba94b75c85f716f38 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - ++# echo -n e131149a70e7ae867d9b0ea081e8c081d056500ee51bb9270df247e977badc69 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - +# +# echo Extracting Firefox tarball +# tar -xf firefox-${FFVERSION}esr.source.tar.xz @@ -98,7 +98,7 @@ index b04c731..06d1f3f 100644 shopt -s nullglob for patch in $DATA/patches/*.patch; do -@@ -611,6 +611,6 @@ sed 's/777/755/;' -i toolkit/crashreporter/google-breakpad/Makefile.in +@@ -603,6 +603,6 @@ sed 's/777/755/;' -i toolkit/crashreporter/google-breakpad/Makefile.in # Fix CVE-2012-3386 /bin/sed 's/chmod a+w/chmod u+w/' -i ./js/src/ctypes/libffi/Makefile.in ./toolkit/crashreporter/google-breakpad/Makefile.in ./toolkit/crashreporter/google-breakpad/src/third_party/glog/Makefile.in || true diff --git a/gnu/packages/patches/kinit-kdeinit-extra_libs.patch b/gnu/packages/patches/kinit-kdeinit-extra_libs.patch index 8dcd4d3e95..c3c4ce1161 100644 --- a/gnu/packages/patches/kinit-kdeinit-extra_libs.patch +++ b/gnu/packages/patches/kinit-kdeinit-extra_libs.patch @@ -8,15 +8,13 @@ pkgs/development/libraries/kde-frameworks/kinit/kdeinit-extra_libs.patch =================================================================== --- kinit-5.32.0/src/kdeinit/kinit-5.32.0/src/kdeinit/.orig +++ kinit-5.32.0/src/kdeinit/kinit.cpp -@@ -96,11 +96,9 @@ +@@ -96,9 +96,9 @@ "libKF5Parts.5.dylib", "libKF5Plasma.5.dylib" #else - "libKF5KIOCore.so.5", - "libKF5Parts.so.5", --//#ifdef __KDE_HAVE_GCC_VISIBILITY // Removed for KF5, we'll see. - "libKF5Plasma.so.5" --//#endif + "GUIX_PKGS_KF5_KIO/lib/libKF5KIOCore.so.5", + "GUIX_PKGS_KF5_PARTS/lib/libKF5Parts.so.5", + "GUIX_PKGS_KF5_PLASMA/lib/libKF5Plasma.so.5" diff --git a/gnu/packages/patches/kpmcore-fix-tests.patch b/gnu/packages/patches/kpmcore-fix-tests.patch new file mode 100644 index 0000000000..12043abe72 --- /dev/null +++ b/gnu/packages/patches/kpmcore-fix-tests.patch @@ -0,0 +1,30 @@ +Git commit c02d59aa6d314678cef9683f96b28e2a1abd82b7 by Andrius Štikonas, on behalf of Hartmut Goebel. +Committed on 07/11/2019 at 22:16. +Pushed by stikonas into branch '4.0'. + +Fix test for kpmcore: stop helper only if formerly started. + +See https://bugs.kde.org/413851 and https://phabricator.kde.org/D25161 + +diff --git a/src/util/externalcommand.cpp b/src/util/externalcommand.cpp +--- a/src/util/externalcommand.cpp ++++ b/src/util/externalcommand.cpp +@@ -433,14 +433,17 @@ + + void ExternalCommand::stopHelper() + { ++ if (!helperStarted) ++ return; + auto *interface = new org::kde::kpmcore::externalcommand(QStringLiteral("org.kde.kpmcore.externalcommand"), + QStringLiteral("/Helper"), QDBusConnection::systemBus()); + QByteArray request; + const quint64 nonce = interface->getNonce(); + request.setNum(nonce); + QByteArray hash = QCryptographicHash::hash(request, QCryptographicHash::Sha512); + interface->exit(privateKey->signMessage(hash, QCA::EMSA3_Raw), nonce); + ++ helperStarted = false; + delete privateKey; + delete init; + } + diff --git a/gnu/packages/patches/kpmcore-remove-broken-test.patch b/gnu/packages/patches/kpmcore-remove-broken-test.patch new file mode 100644 index 0000000000..d02cca7883 --- /dev/null +++ b/gnu/packages/patches/kpmcore-remove-broken-test.patch @@ -0,0 +1,139 @@ +From c9a08a593bac8b8610a647db118fea6f2958156d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Andrius=20=C5=A0tikonas?= <andrius@stikonas.eu> +Date: Thu, 7 Nov 2019 22:12:00 +0000 +Subject: [PATCH] Remove broken smart unit test. + +BUG: 413853 +--- + test/CMakeLists.txt | 9 ---- + test/testsmart.cpp | 102 -------------------------------------------- + 2 files changed, 111 deletions(-) + delete mode 100644 test/testsmart.cpp + +diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt +index 67f63a2..6a300d3 100644 +--- a/test/CMakeLists.txt ++++ b/test/CMakeLists.txt +@@ -53,12 +53,3 @@ find_package (Threads) + # Execute external commands as root + kpm_test(testexternalcommand testexternalcommand.cpp) + add_test(NAME testexternalcommand COMMAND testexternalcommand ${BACKEND}) +- +-# Including SMART files reference +-set(SMARTPARSER ${CMAKE_SOURCE_DIR}/src/core/smartdiskinformation.cpp +- ${CMAKE_SOURCE_DIR}/src/core/smartattributeparseddata.cpp +- ${CMAKE_SOURCE_DIR}/src/core/smartparser.cpp) +- +-# Test SMART support +-kpm_test(testsmart testsmart.cpp ${SMARTPARSER}) +-add_test(NAME testsmart COMMAND testsmart ${BACKEND}) +diff --git a/test/testsmart.cpp b/test/testsmart.cpp +deleted file mode 100644 +index 2236af7..0000000 +--- a/test/testsmart.cpp ++++ /dev/null +@@ -1,102 +0,0 @@ +-#include "helpers.h" +- +-#include "util/externalcommand.h" +-#include "backend/corebackend.h" +-#include "backend/corebackendmanager.h" +-#include "core/smartstatus.h" +-#include "core/smartparser.h" +- +-#include <QCoreApplication> +-#include <QDebug> +- +-static QString getDefaultDevicePath(); +-static bool testSmartStatus(); +-static bool testSmartParser(); +- +-int main(int argc, char **argv) +-{ +- QCoreApplication app(argc, argv); +- +- KPMCoreInitializer i; +- +- if (argc == 2) +- i = KPMCoreInitializer(argv[1]); +- +- if (!i.isValid()) +- return 1; +- +- CoreBackend *backend = CoreBackendManager::self()->backend(); +- +- if (!backend) +- { +- qWarning() << "Couldn't get backend."; +- return 1; +- } +- +- if (!testSmartStatus() || !testSmartParser()) +- return 1; +- +- return app.exec(); +-} +- +-static QString getDefaultDevicePath() +-{ +- // Getting default home partition using 'df -P /home | awk 'END{print $1}'' command +- ExternalCommand command(QStringLiteral("df"), { QStringLiteral("-P"), QStringLiteral("/home"), QStringLiteral("|"), +- QStringLiteral("awk"), QStringLiteral("\'END{print $1}\'") }); +- +- if (command.run() && command.exitCode() == 0) { +- QString output = command.output(); +- return output; +- } +- +- return QString(); +-} +- +-static bool testSmartStatus() +-{ +- QString devicePath = getDefaultDevicePath(); +- +- SmartStatus smart(devicePath); +- +- if (smart.devicePath() != devicePath) +- return false; +- +- if (!smart.status()) +- return false; +- +- if (smart.modelName() == QString()) +- return false; +- +- if (smart.firmware() == QString()) +- return false; +- +- if (smart.serial() == QString()) +- return false; +- +- if (smart.selfTestStatus() != SmartStatus::SelfTestStatus::Success) +- return false; +- +- if (!smart.isValid()) +- return false; +- +- return true; +-} +- +-static bool testSmartParser() +-{ +- QString devicePath = getDefaultDevicePath(); +- +- SmartParser parser(devicePath); +- +- if (!parser.init()) +- return false; +- +- if (parser.devicePath() != devicePath) +- return false; +- +- if (!parser.diskInformation()) +- return false; +- +- return true; +-} +-- +2.17.1 diff --git a/gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch b/gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch new file mode 100644 index 0000000000..35f2bf5963 --- /dev/null +++ b/gnu/packages/patches/libjpeg-turbo-CVE-2019-2201.patch @@ -0,0 +1,31 @@ +Fix integer overflow which can potentially lead to RCE. + +https://www.openwall.com/lists/oss-security/2019/11/11/1 +https://nvd.nist.gov/vuln/detail/CVE-2019-2201 + +The problem was partially fixed in 2.0.3. This patch is a follow-up. +https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388 +https://github.com/libjpeg-turbo/libjpeg-turbo/commit/c30b1e72dac76343ef9029833d1561de07d29bad + +diff --git a/tjbench.c b/tjbench.c +index a7d397318..13a5bde62 100644 +--- a/tjbench.c ++++ b/tjbench.c +@@ -171,7 +171,7 @@ static int decomp(unsigned char *srcBuf, unsigned char **jpegBuf, + } + /* Set the destination buffer to gray so we know whether the decompressor + attempted to write to it */ +- memset(dstBuf, 127, pitch * scaledh); ++ memset(dstBuf, 127, (size_t)pitch * scaledh); + + if (doYUV) { + int width = doTile ? tilew : scaledw; +@@ -193,7 +193,7 @@ static int decomp(unsigned char *srcBuf, unsigned char **jpegBuf, + double start = getTime(); + + for (row = 0, dstPtr = dstBuf; row < ntilesh; +- row++, dstPtr += pitch * tileh) { ++ row++, dstPtr += (size_t)pitch * tileh) { + for (col = 0, dstPtr2 = dstPtr; col < ntilesw; + col++, tile++, dstPtr2 += ps * tilew) { + int width = doTile ? min(tilew, w - col * tilew) : scaledw; diff --git a/gnu/packages/patches/libseccomp-open-aarch64.patch b/gnu/packages/patches/libseccomp-open-aarch64.patch new file mode 100644 index 0000000000..6e62825892 --- /dev/null +++ b/gnu/packages/patches/libseccomp-open-aarch64.patch @@ -0,0 +1,27 @@ +This patch fixes the build failure on AArch64 reported +at <https://github.com/seccomp/libseccomp/pull/191>. + +From cc21c1b48d35f9d34ef2da0e184af3855bfeee5f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl> +Date: Wed, 20 Nov 2019 14:11:12 -0500 +Subject: [PATCH] tests: use openat instead of open + +On arm64, __NR_open is not defined, openat is always used. Let's use openat +instead, which is defined for architectures currently. +--- + tests/15-basic-resolver.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/15-basic-resolver.c b/tests/15-basic-resolver.c +index 6badef1..4884faf 100644 +--- a/tests/15-basic-resolver.c ++++ b/tests/15-basic-resolver.c +@@ -55,7 +55,7 @@ int main(int argc, char *argv[]) + unsigned int arch; + char *name = NULL; + +- if (seccomp_syscall_resolve_name("open") != __NR_open) ++ if (seccomp_syscall_resolve_name("openat") != __NR_openat) + goto fail; + if (seccomp_syscall_resolve_name("read") != __NR_read) + goto fail; diff --git a/gnu/packages/patches/mesa-timespec-test-32bit.patch b/gnu/packages/patches/mesa-timespec-test-32bit.patch new file mode 100644 index 0000000000..3e4890f3a4 --- /dev/null +++ b/gnu/packages/patches/mesa-timespec-test-32bit.patch @@ -0,0 +1,17 @@ +Fix a test failure on 32-bit systems. + +Taken from upstream: +https://gitlab.freedesktop.org/mesa/mesa/commit/dd1dba80b9ee74ec8b90761285a8262e374bf8ef + +diff --git a/src/util/tests/timespec/timespec_test.cpp b/src/util/tests/timespec/timespec_test.cpp +--- a/src/util/tests/timespec/timespec_test.cpp ++++ b/src/util/tests/timespec/timespec_test.cpp +@@ -206,7 +206,7 @@ TEST(timespec_test, timespec_from_nsec) + + timespec_from_nsec(&a, UINT64_MAX); + EXPECT_EQ(a.tv_nsec, UINT64_MAX % NSEC_PER_SEC); +- EXPECT_EQ(a.tv_sec, UINT64_MAX / NSEC_PER_SEC); ++ EXPECT_EQ(a.tv_sec, (time_t)(UINT64_MAX / NSEC_PER_SEC)); + } + + TEST(timespec_test, timespec_from_usec) diff --git a/gnu/packages/patches/minisat-friend-declaration.patch b/gnu/packages/patches/minisat-friend-declaration.patch new file mode 100644 index 0000000000..14a886ae2f --- /dev/null +++ b/gnu/packages/patches/minisat-friend-declaration.patch @@ -0,0 +1,25 @@ +See https://groups.google.com/forum/#!topic/minisat/FCocZsC8oMQ +This seems to only be a problem with newer versions of g++, and +upstream development seems to have stopped in 2013. + +diff -rupN minisat-2.2.0/core/SolverTypes.h minisat-2.2.0.patched/core/SolverTypes.h +--- a/minisat/core/SolverTypes.h 2010-07-10 17:07:36.000000000 +0100 ++++ b/minisat/core/SolverTypes.h 2014-03-29 11:57:49.000000000 +0000 +@@ -47,7 +47,7 @@ struct Lit { + int x; + + // Use this as a constructor: +- friend Lit mkLit(Var var, bool sign = false); ++ //friend Lit mkLit(Var var, bool sign = false); + + bool operator == (Lit p) const { return x == p.x; } + bool operator != (Lit p) const { return x != p.x; } +@@ -55,7 +55,7 @@ struct Lit { + }; + + +-inline Lit mkLit (Var var, bool sign) { Lit p; p.x = var + var + (int)sign; return p; } ++inline Lit mkLit (Var var, bool sign = false) { Lit p; p.x = var + var + (int)sign; return p; } + inline Lit operator ~(Lit p) { Lit q; q.x = p.x ^ 1; return q; } + inline Lit operator ^(Lit p, bool b) { Lit q; q.x = p.x ^ (unsigned int)b; return q; } + inline bool sign (Lit p) { return p.x & 1; } diff --git a/gnu/packages/patches/minisat-install.patch b/gnu/packages/patches/minisat-install.patch new file mode 100644 index 0000000000..23cde89bec --- /dev/null +++ b/gnu/packages/patches/minisat-install.patch @@ -0,0 +1,19 @@ +Avoid the default dynamic executable, which depends on minisat.so +Instead install the release version, which is statically linked. + +diff --git a/Makefile b/Makefile +index ceb9d77..7b91906 100644 +--- a/Makefile ++++ b/Makefile +@@ -191,9 +191,9 @@ install-lib: $(BUILD_DIR)/release/lib/$(MINISAT_SLIB) $(BUILD_DIR)/dynamic/lib/$ + ln -sf $(MINISAT_DLIB).$(SOMAJOR) $(DESTDIR)$(libdir)/$(MINISAT_DLIB) + $(INSTALL) -m 644 $(BUILD_DIR)/release/lib/$(MINISAT_SLIB) $(DESTDIR)$(libdir) + +-install-bin: $(BUILD_DIR)/dynamic/bin/$(MINISAT) ++install-bin: $(BUILD_DIR)/release/bin/$(MINISAT) + $(INSTALL) -d $(DESTDIR)$(bindir) +- $(INSTALL) -m 755 $(BUILD_DIR)/dynamic/bin/$(MINISAT) $(DESTDIR)$(bindir) ++ $(INSTALL) -m 755 $(BUILD_DIR)/release/bin/$(MINISAT) $(DESTDIR)$(bindir) + + clean: + rm -f $(foreach t, release debug profile dynamic, $(foreach o, $(SRCS:.cc=.o), $(BUILD_DIR)/$t/$o)) \ diff --git a/gnu/packages/patches/ocaml-piqilib-Update-base64.patch b/gnu/packages/patches/ocaml-piqilib-Update-base64.patch deleted file mode 100644 index ec2c02d93e..0000000000 --- a/gnu/packages/patches/ocaml-piqilib-Update-base64.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 98abdbff3d5316a75f27d6a76fe09317d56f2a38 Mon Sep 17 00:00:00 2001 -From: Vincent Bernardoff <vb@luminar.eu.org> -Date: Sun, 10 Feb 2019 14:47:07 +0100 -Subject: [PATCH] Fix compilation with newer base64 versions - ---- - opam | 2 +- - piqilib/piqi_base64.ml | 9 ++++----- - 2 files changed, 5 insertions(+), 6 deletions(-) - -diff --git a/opam b/opam -index 3a9128e..bb5a53f 100644 ---- a/opam -+++ b/opam -@@ -26,6 +26,6 @@ depends: [ - "easy-format" - "ulex" - "xmlm" -- "base64" {>="2.0.0"} -+ "base64" {>="3.1.0"} - ] - dev-repo: "git://github.com/alavrik/piqi" -diff --git a/piqilib/piqi_base64.ml b/piqilib/piqi_base64.ml -index c5a6ae7..a98346e 100644 ---- a/piqilib/piqi_base64.ml -+++ b/piqilib/piqi_base64.ml -@@ -18,12 +18,11 @@ - (* TODO: add more base64 validation; the base64 library doesn't do any - * validation *) - let decode x = -- try -- B64.decode x -- with _ -> -- invalid_arg "Piqi_base64.decode" -+ match Base64.decode x with -+ | Error _ -> invalid_arg "Piqi_base64.decode" -+ | Ok v -> v - - - let encode x = -- B64.encode x -+ Base64.encode_exn x - --- -2.21.0 - diff --git a/gnu/packages/patches/openmpi-psm2-priority.patch b/gnu/packages/patches/openmpi-mtl-priorities.patch index d9dd558010..fd76594ddd 100644 --- a/gnu/packages/patches/openmpi-psm2-priority.patch +++ b/gnu/packages/patches/openmpi-mtl-priorities.patch @@ -19,3 +19,17 @@ See <https://www.mail-archive.com/users@lists.open-mpi.org/msg33581.html>. "priority", "Priority of the PSM2 MTL component", MCA_BASE_VAR_TYPE_INT, NULL, 0, 0, +Likewise for PSM: we want InfiniPath to be taken care of by PSM, not by UCX, +since UCX achieves worse performance. + +--- openmpi-4.0.2/ompi/mca/mtl/psm/mtl_psm_component.c ++++ openmpi-4.0.2/ompi/mca/mtl/psm/mtl_psm_component.c +@@ -92,7 +92,7 @@ ompi_mtl_psm_component_register(void) + + + /* set priority high enough to beat ob1's default */ +- param_priority = 30; ++ param_priority = 54; + (void) mca_base_component_var_register (&mca_mtl_psm_component.super.mtl_version, + "priority", "Priority of the PSM MTL component", + MCA_BASE_VAR_TYPE_INT, NULL, 0, 0, diff --git a/gnu/packages/patches/orc-typedef-enum.patch b/gnu/packages/patches/orc-typedef-enum.patch new file mode 100644 index 0000000000..207bf32ba9 --- /dev/null +++ b/gnu/packages/patches/orc-typedef-enum.patch @@ -0,0 +1,17 @@ +Orc 0.4.30 has a bug that causes duplicate symbols due to a missing typedef. + +Taken from upstream: +https://gitlab.freedesktop.org/gstreamer/orc/merge_requests/32 + +diff --git a/orc/orctarget.h b/orc/orctarget.h +--- a/orc/orctarget.h ++++ b/orc/orctarget.h +@@ -19,7 +19,7 @@ enum { + ORC_TARGET_FAST_DENORMAL = (1<<31) + }; + +-enum { ++typedef enum { + ORC_TARGET_POWERPC_64BIT = (1<<0), + ORC_TARGET_POWERPC_LE = (1<<1), + ORC_TARGET_POWERPC_ALTIVEC = (1<<2), diff --git a/gnu/packages/patches/pam-mount-luks2-support.patch b/gnu/packages/patches/pam-mount-luks2-support.patch new file mode 100644 index 0000000000..b59daf5ce1 --- /dev/null +++ b/gnu/packages/patches/pam-mount-luks2-support.patch @@ -0,0 +1,51 @@ +From d4434c05e7c0cf05d87089404cfa2deedc60811a Mon Sep 17 00:00:00 2001 +From: Ingo Franzki <ifranzki@linux.ibm.com> +Date: Mon, 29 Oct 2018 16:47:40 +0100 +Subject: [PATCH] crypto: Add support for LUKS2 + +Cryptsetup version 2.0 added support for LUKS2. +This patch adds support for mounting LUKS2 volumes with +pam_mount. + +Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> +--- + src/crypto-dmc.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/src/crypto-dmc.c b/src/crypto-dmc.c +index d0ab6ca..abd0358 100644 +--- a/src/crypto-dmc.c ++++ b/src/crypto-dmc.c +@@ -21,6 +21,12 @@ + #include "libcryptmount.h" + #include "pam_mount.h" + ++#ifndef CRYPT_LUKS ++ #define CRYPT_LUKS NULL /* Passing NULL to crypt_load will ++ default to LUKS(1) on older ++ libcryptsetup versions. */ ++#endif ++ + /** + * dmc_is_luks - check if @path points to a LUKS volume (cf. normal dm-crypt) + * @path: path to the crypto container +@@ -48,7 +54,7 @@ EXPORT_SYMBOL int ehd_is_luks(const char *path, bool blkdev) + + ret = crypt_init(&cd, device); + if (ret == 0) { +- ret = crypt_load(cd, CRYPT_LUKS1, NULL); ++ ret = crypt_load(cd, CRYPT_LUKS, NULL); + if (ret == -EINVAL) + ret = false; + else if (ret == 0) +@@ -106,7 +112,7 @@ static bool dmc_run(const struct ehd_mount_request *req, + #endif + } + +- ret = crypt_load(cd, CRYPT_LUKS1, NULL); ++ ret = crypt_load(cd, CRYPT_LUKS, NULL); + if (ret == 0) { + ret = crypt_activate_by_passphrase(cd, mt->crypto_name, + CRYPT_ANY_SLOT, req->key_data, req->key_size, flags); +-- +2.21.0 diff --git a/gnu/packages/patches/psm-disable-memory-stats.patch b/gnu/packages/patches/psm-disable-memory-stats.patch new file mode 100644 index 0000000000..52cd88a4e1 --- /dev/null +++ b/gnu/packages/patches/psm-disable-memory-stats.patch @@ -0,0 +1,62 @@ +The memory statistics code leads to segfaults during initialization (on +machines with InfiniPath networking): + + (gdb) bt full + #0 ips_ptl_init (ep=0x1fc6af8, ptl=0x1fc6f88, ctl=0x1fc6d78) at ptl.c:224 + err = PSM_OK + num_of_send_bufs = 1024 + num_of_send_desc = 4096 + imm_size = 128 + context = 0x1fc6b70 + user_info = 0x1fc6b90 + enable_shcontexts = 0 + current_count = <optimized out> + #1 0x00007fb2aa672abf in __psm_ep_open_internal ( + unique_job_key=unique_job_key@entry=0x7ffed1ee5800 "<\207\020#5\271\267\200\354x\242e8\364zo", + devid_enabled=devid_enabled@entry=0x7ffed1ee5724, opts_i=opts_i@entry=0x7ffed1ee5810, mq=<optimized out>, + epo=epo@entry=0x7ffed1ee5710, epido=epido@entry=0x7ffed1ee5708) at psm_ep.c:929 + ep = 0x1fc6af8 + num_units = 1 + len = <optimized out> + err = <optimized out> + epaddr = 0x1e9dd78 + buf = "miriel044:2.0.", '\000' <repeats 113 times> + p = <optimized out> + e = <optimized out> + old_cpuaff = 0x0 + old_unit = 0x0 + yield_cnt = {e_void = 0xfa, e_str = 0xfa <error: Cannot access memory at address 0xfa>, e_int = 250, + e_uint = 250, e_long = 250, e_ulong = 250, e_ulonglong = 250} + no_cpuaff = {e_void = 0x0, e_str = 0x0, e_int = 0, e_uint = 0, e_long = 0, e_ulong = 0, e_ulonglong = 0} + env_unit_id = {e_void = 0xffffffffffffffff, + e_str = 0xffffffffffffffff <error: Cannot access memory at address 0xffffffffffffffff>, e_int = -1, + e_uint = 4294967295, e_long = -1, e_ulong = 18446744073709551615, e_ulonglong = 18446744073709551615} + env_port_id = {e_void = 0x0, e_str = 0x0, e_int = 0, e_uint = 0, e_long = 0, e_ulong = 0, e_ulonglong = 0} + env_sl = {e_void = 0x0, e_str = 0x0, e_int = 0, e_uint = 0, e_long = 0, e_ulong = 0, e_ulonglong = 0} + ptl_sizes = <optimized out> + default_cpuaff = <optimized out> + opts = {timeout = 180000000000, unit = -1, affinity = 0, shm_mbytes = 10, sendbufs_num = 1024, + network_pkey = 65535, port = 0, outsl = 0, service_id = 1152940698815692800, + path_res_type = PSM_PATH_RES_NONE, senddesc_num = 4096, imm_size = 128} + amsh_ptl = 0x1fc6e48 + ips_ptl = 0x1fc6f88 + self_ptl = 0x1fc99c8 + i = 3 + +It looks like ptl.c:24 is writing past the region that was malloc'd. + +Turning stats off solves the problem. + +diff --git a/psm_utils.c b/psm_utils.c +index c8651fe..5514921 100644 +--- a/psm_utils.c ++++ b/psm_utils.c +@@ -1058,7 +1058,7 @@ psmi_log_memstats(psmi_memtype_t type, int64_t nbytes) + return; + } + +-#define psmi_stats_mask PSMI_STATSTYPE_MEMORY ++#define psmi_stats_mask 0 + + #ifdef malloc + #undef malloc diff --git a/gnu/packages/patches/psm-repro.patch b/gnu/packages/patches/psm-repro.patch index 772801260e..543092900c 100644 --- a/gnu/packages/patches/psm-repro.patch +++ b/gnu/packages/patches/psm-repro.patch @@ -1,14 +1,44 @@ -Remove timestamp to support reproducible builds. +From <https://github.com/bmwiedemann/psm/commit/98acae1a6f2c9b2e6014eac4070a817c9d0fd8a2>. ---- psm-3.3/Makefile~ 1970-01-01 01:00:00.000000000 +0100 -+++ psm-3.3/Makefile 2017-10-22 15:32:11.736949002 +0100 -@@ -326,7 +326,7 @@ +From 98acae1a6f2c9b2e6014eac4070a817c9d0fd8a2 Mon Sep 17 00:00:00 2001 +From: "Bernhard M. Wiedemann" <bwiedemann@suse.de> +Date: Sun, 23 Jul 2017 07:02:28 +0200 +Subject: [PATCH] Allow to override build date + +in order to make builds reproducible. +See https://reproducible-builds.org/ for why this is good +and https://reproducible-builds.org/specs/source-date-epoch/ +for the definition of this variable. + +Also uses UTC to be independent of timezone settings. +--- + Makefile | 2 +- + ipath/Makefile | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/Makefile b/Makefile +index d79c4bd..99406ef 100644 +--- a/Makefile ++++ b/Makefile +@@ -270,7 +270,7 @@ ${TARGLIB}.so.${MAJOR}: ${TARGLIB}.so.${MAJOR}.${MINOR} # file around. Generate it such that the ident command can find it # and strings -a | grep InfiniPath does a reasonable job as well. ${TARGLIB}.so.${MAJOR}.${MINOR}: ${${TARGLIB}-objs} - date +'char psmi_infinipath_revision[] ="$$""Date: %F %R ${rpm_extra_description}InfiniPath $$";' > ${lib_build_dir}/_revision.c -+ echo 'char psmi_infinipath_revision[] ="$$""Date: 1970-01-01 00:00 ${rpm_extra_description}InfiniPath $$";' > ${lib_build_dir}/_revision.c ++ date -u -d@$${SOURCE_DATE_EPOCH:-$$(date +%s)} +'char psmi_infinipath_revision[] ="$$""Date: %F %R ${rpm_extra_description}InfiniPath $$";' > ${lib_build_dir}/_revision.c $(CC) -c $(BASECFLAGS) $(INCLUDES) _revision.c -o _revision.o $(CC) $(LDFLAGS) -o $@ -Wl,-soname=${TARGLIB}.so.${MAJOR} -shared -Wl,--unique='*fastpath*' \ ${${TARGLIB}-objs} _revision.o -L$(build_dir)/ipath $(LDLIBS) - +diff --git a/ipath/Makefile b/ipath/Makefile +index 8c2cc6e..73abd6f 100644 +--- a/ipath/Makefile ++++ b/ipath/Makefile +@@ -70,7 +70,7 @@ ${TARGLIB}.so.${MAJOR}: ${TARGLIB}.so.${MAJOR}.${MINOR} + # file around. Generate it such that the ident command can find it + # and strings -a | grep InfiniPath does a reasonable job as well. + ${TARGLIB}.so.${MAJOR}.${MINOR}: ${${TARGLIB}-objs} +- date +'static __attribute__ ((unused)) char __psc_infinipath_revision[] ="$$""Date: %F %R ${rpm_extra_description}InfiniPath $$";' > _revision.c ++ date -u -d@$${SOURCE_DATE_EPOCH:-$$(date +%s)} +'static __attribute__ ((unused)) char __psc_infinipath_revision[] ="$$""Date: %F %R ${rpm_extra_description}InfiniPath $$";' > _revision.c + $(CC) -c $(BASECFLAGS) $(INCLUDES) _revision.c -o _revision.o + $(CC) -o $@ -Wl,-soname=${TARGLIB}.so.${MAJOR} -shared \ + -Wl,--unique='*fastpath*' \ diff --git a/gnu/packages/patches/pugixml-versioned-libdir.patch b/gnu/packages/patches/pugixml-versioned-libdir.patch deleted file mode 100644 index 7cd23b1a71..0000000000 --- a/gnu/packages/patches/pugixml-versioned-libdir.patch +++ /dev/null @@ -1,61 +0,0 @@ -This patch makes pugixml install its headers to a standard location when -built as a shared library. - -Taken from this upstream commit: -https://github.com/zeux/pugixml/commit/daeb8013b20f9c47e85730faaa4131064a1f9c2e - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 90fa6793..d7bc1b20 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -4,7 +4,7 @@ project(pugixml) - - option(BUILD_SHARED_LIBS "Build shared instead of static library" OFF) - option(BUILD_TESTS "Build tests" OFF) --option(BUILD_PKGCONFIG "Build in PKGCONFIG mode" OFF) -+option(USE_VERSIONED_LIBDIR "Use a private subdirectory to install the headers and libs" OFF) - - set(BUILD_DEFINES "" CACHE STRING "Build defines") - -@@ -55,7 +55,7 @@ endif() - set_target_properties(pugixml PROPERTIES VERSION 1.9 SOVERSION 1) - get_target_property(PUGIXML_VERSION_STRING pugixml VERSION) - --if(BUILD_PKGCONFIG) -+if(USE_VERSIONED_LIBDIR) - # Install library into its own directory under LIBDIR - set(INSTALL_SUFFIX /pugixml-${PUGIXML_VERSION_STRING}) - endif() -@@ -71,10 +71,8 @@ install(TARGETS pugixml EXPORT pugixml-config - install(FILES ${HEADERS} DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}${INSTALL_SUFFIX}) - install(EXPORT pugixml-config DESTINATION ${CMAKE_INSTALL_LIBDIR}/cmake/pugixml) - --if(BUILD_PKGCONFIG) -- configure_file(scripts/pugixml.pc.in ${PROJECT_BINARY_DIR}/pugixml.pc @ONLY) -- install(FILES ${PROJECT_BINARY_DIR}/pugixml.pc DESTINATION ${CMAKE_INSTALL_PREFIX}/lib/pkgconfig) --endif() -+configure_file(scripts/pugixml.pc.in ${PROJECT_BINARY_DIR}/pugixml.pc @ONLY) -+install(FILES ${PROJECT_BINARY_DIR}/pugixml.pc DESTINATION ${CMAKE_INSTALL_PREFIX}/lib/pkgconfig) - - if(BUILD_TESTS) - file(GLOB TEST_SOURCES tests/*.cpp) -diff --git a/scripts/pugixml.pc.in b/scripts/pugixml.pc.in -index 3c97c28d..804c4d38 100644 ---- a/scripts/pugixml.pc.in -+++ b/scripts/pugixml.pc.in -@@ -1,11 +1,11 @@ - prefix=@CMAKE_INSTALL_PREFIX@ - exec_prefix=${prefix} --includedir=${prefix}/include/pugixml-@PUGIXML_VERSION_STRING@ --libdir=${exec_prefix}/lib/pugixml-@PUGIXML_VERSION_STRING@ -+includedir=${prefix}/include@INSTALL_SUFFIX@ -+libdir=${exec_prefix}/lib@INSTALL_SUFFIX@ - - Name: pugixml - Description: Light-weight, simple and fast XML parser for C++ with XPath support. - URL: http://pugixml.org/ - Version: @PUGIXML_VERSION_STRING@ - Cflags: -I${includedir} --Libs: -L${libdir} -lpugixml -\ No newline at end of file -+Libs: -L${libdir} -lpugixml diff --git a/gnu/packages/patches/pyqt-unbundled-qt.patch b/gnu/packages/patches/pyqt-unbundled-qt.patch new file mode 100644 index 0000000000..5c91ed031c --- /dev/null +++ b/gnu/packages/patches/pyqt-unbundled-qt.patch @@ -0,0 +1,19 @@ +Remove test for bundled Qt which breaks dependent applications. This has +been fixed in 5.13. + +Taken from Arch Linux: +https://git.archlinux.org/svntogit/packages.git/tree/trunk/python2-pyqt5-crash-fix.patch?h=packages/pyqt5&id=3e56e11d1fd7b1eac8242ce64c58db2bd9acba20 + +diff -ur PyQt5_gpl-5.12.3/qpy/QtCore/qpycore_post_init.cpp.in PyQt5_gpl-5.12.3b/qpy/QtCore/qpycore_post_init.cpp.in +--- PyQt5_gpl-5.12.3/qpy/QtCore/qpycore_post_init.cpp.in 2019-06-25 14:41:02.000000000 +0200 ++++ PyQt5_gpl-5.12.3b/qpy/QtCore/qpycore_post_init.cpp.in 2019-07-01 17:06:34.882644535 +0200 +@@ -151,8 +151,4 @@ + // initialised first (at least for Windows) and this is the only way to + // guarantee things are done in the right order. + PyQtSlotProxy::mutex = new QMutex(QMutex::Recursive); +- +- // Load the embedded qt.conf file if there is a bundled copy of Qt. +- if (!qpycore_qt_conf()) +- Py_FatalError("PyQt5.QtCore: Unable to embed qt.conf"); + } + diff --git a/gnu/packages/patches/python-3.8-fix-tests.patch b/gnu/packages/patches/python-3.8-fix-tests.patch new file mode 100644 index 0000000000..4fbdd444c7 --- /dev/null +++ b/gnu/packages/patches/python-3.8-fix-tests.patch @@ -0,0 +1,42 @@ +diff --git a/Lib/test/_test_multiprocessing.py b/Lib/test/_test_multiprocessing.py +index 1474624..887f8ee 100644 +--- a/Lib/test/_test_multiprocessing.py ++++ b/Lib/test/_test_multiprocessing.py +@@ -3801,6 +3801,7 @@ class _TestSharedMemory(BaseTestCase): + sms.close() + + @unittest.skipIf(os.name != "posix", "not feasible in non-posix platforms") ++ @unittest.skipUnless(sys.stdin.isatty(), "KeyboardInterrupts require a TTY device") + def test_shared_memory_SharedMemoryServer_ignores_sigint(self): + # bpo-36368: protect SharedMemoryManager server process from + # KeyboardInterrupt signals. +diff --git a/Lib/test/test_signal.py b/Lib/test/test_signal.py +index d41e94b..a1c15e7 100644 +--- a/Lib/test/test_signal.py ++++ b/Lib/test/test_signal.py +@@ -78,6 +78,7 @@ class PosixTests(unittest.TestCase): + self.assertLess(len(s), signal.NSIG) + + @unittest.skipUnless(sys.executable, "sys.executable required.") ++ @unittest.skipUnless(sys.stdin.isatty(), "KeyboardInterrupts require a TTY device") + def test_keyboard_interrupt_exit_code(self): + """KeyboardInterrupt triggers exit via SIGINT.""" + process = subprocess.run( +@@ -128,6 +129,7 @@ class WindowsSignalTests(unittest.TestCase): + signal.signal(7, handler) + + @unittest.skipUnless(sys.executable, "sys.executable required.") ++ @unittest.skipUnless(sys.stdin.isatty(), "KeyboardInterrupts require a TTY device") + def test_keyboard_interrupt_exit_code(self): + """KeyboardInterrupt triggers an exit using STATUS_CONTROL_C_EXIT.""" + # We don't test via os.kill(os.getpid(), signal.CTRL_C_EVENT) here +@@ -1245,6 +1247,7 @@ class StressTest(unittest.TestCase): + + class RaiseSignalTest(unittest.TestCase): + ++ @unittest.skipUnless(sys.stdin.isatty(), "KeyboardInterrupts require a TTY device") + def test_sigint(self): + with self.assertRaises(KeyboardInterrupt): + signal.raise_signal(signal.SIGINT) +-- +2.23.0 diff --git a/gnu/packages/patches/python-3.8-search-paths.patch b/gnu/packages/patches/python-3.8-search-paths.patch new file mode 100644 index 0000000000..88f19850bf --- /dev/null +++ b/gnu/packages/patches/python-3.8-search-paths.patch @@ -0,0 +1,17 @@ +diff --git a/setup.py b/setup.py +index 20d7f35..5751083 100644 +--- a/setup.py ++++ b/setup.py +@@ -676,8 +676,8 @@ class PyBuildExt(build_ext): + # if a file is found in one of those directories, it can + # be assumed that no additional -I,-L directives are needed. + if not CROSS_COMPILING: +- self.lib_dirs = self.compiler.library_dirs + system_lib_dirs +- self.inc_dirs = self.compiler.include_dirs + system_include_dirs ++ self.lib_dirs = os.getenv('LIBRARY_PATH', '').split(os.pathsep) ++ self.inc_dirs = os.getenv('CPATH', '').split(os.pathsep) + else: + # Add the sysroot paths. 'sysroot' is a compiler option used to + # set the logical path of the standard system headers and +-- +2.23.0 diff --git a/gnu/packages/patches/qtbase-old-kernel.patch b/gnu/packages/patches/qtbase-old-kernel.patch deleted file mode 100644 index aa26fb6c4f..0000000000 --- a/gnu/packages/patches/qtbase-old-kernel.patch +++ /dev/null @@ -1,25 +0,0 @@ -https://672856.bugs.gentoo.org/attachment.cgi?id=557978 -https://bugs.gentoo.org/672856 - -The patch fixes building qtbase with linux kernels < 4.11. -See bug #34431. - -diff -Naurp a/src/corelib/global/minimum-linux_p.h b/src/corelib/global/minimum-linux_p.h ---- a/src/corelib/global/minimum-linux_p.h 2018-11-25 15:51:11.000000000 +0300 -+++ b/src/corelib/global/minimum-linux_p.h 2018-12-17 13:25:38.176823753 +0300 -@@ -75,14 +75,9 @@ QT_BEGIN_NAMESPACE - * - accept4 2.6.28 - * - renameat2 3.16 QT_CONFIG(renameat2) - * - getrandom 3.17 QT_CONFIG(getentropy) -- * - statx 4.11 QT_CONFIG(statx) - */ - --#if QT_CONFIG(statx) --# define MINLINUX_MAJOR 4 --# define MINLINUX_MINOR 11 --# define MINLINUX_PATCH 0 --#elif QT_CONFIG(getentropy) -+#if QT_CONFIG(getentropy) - # define MINLINUX_MAJOR 3 - # define MINLINUX_MINOR 17 - # define MINLINUX_PATCH 0 diff --git a/gnu/packages/patches/retroarch-disable-online-updater.patch b/gnu/packages/patches/retroarch-disable-online-updater.patch new file mode 100644 index 0000000000..ea74cc5409 --- /dev/null +++ b/gnu/packages/patches/retroarch-disable-online-updater.patch @@ -0,0 +1,41 @@ +From: Tobias Geerinckx-Rice <me@tobias.gr> +Date: Fri, 29 Nov 2019 20:32:54 +0100 +Subject: [PATCH]: gnu: retroarch: Disable the on-line updater. + +This disables the entire ‘Online Updater’ sub-menu to address +<http://issues.guix.gnu.org/issue/38360>. Perhaps that is more than is +necessary. + +diff -Naur a/menu/menu_displaylist.c b/menu/menu_displaylist.c +--- a/menu/menu_displaylist.c 1970-01-01 01:00:01.000000000 +0100 ++++ b/menu/menu_displaylist.c 2019-11-29 18:35:27.467948854 +0100 +@@ -8444,11 +8444,6 @@ + MENU_ENUM_LABEL_NETPLAY, + PARSE_ACTION, false) == 0) + count++; +- if (settings->bools.menu_show_online_updater) +- if (menu_displaylist_parse_settings_enum(info->list, +- MENU_ENUM_LABEL_ONLINE_UPDATER, +- PARSE_ACTION, false) == 0) +- count++; + if (menu_displaylist_parse_settings_enum(info->list, + MENU_ENUM_LABEL_SETTINGS, PARSE_ACTION, false) == 0) + count++; +diff -Naur retroarch.a/menu/menu_setting.c retroarch.c/menu/menu_setting.c +--- a/menu/menu_setting.c 1970-01-01 01:00:01.000000000 +0100 ++++ b/menu/menu_setting.c 2019-11-29 18:35:35.753957312 +0100 +@@ -7291,14 +7291,6 @@ + &group_info, + &subgroup_info, + parent_group); +- +- CONFIG_ACTION( +- list, list_info, +- MENU_ENUM_LABEL_ONLINE_UPDATER, +- MENU_ENUM_LABEL_VALUE_ONLINE_UPDATER, +- &group_info, +- &subgroup_info, +- parent_group); + #endif + + CONFIG_ACTION( diff --git a/gnu/packages/patches/sdl2-mesa-compat.patch b/gnu/packages/patches/sdl2-mesa-compat.patch new file mode 100644 index 0000000000..8182e582e7 --- /dev/null +++ b/gnu/packages/patches/sdl2-mesa-compat.patch @@ -0,0 +1,21 @@ +Do not include GLES header when OpenGL headers are already included. + +Taken from upstream: +https://hg.libsdl.org/SDL/rev/369b01006eb2 + +diff -r 4cbaffd0083b -r 369b01006eb2 src/video/SDL_video.c +--- a/src/video/SDL_video.c Fri Oct 11 06:18:24 2019 +0200 ++++ b/src/video/SDL_video.c Sat Oct 12 18:47:56 2019 +0200 +@@ -37,9 +37,9 @@ + #include "SDL_opengl.h" + #endif /* SDL_VIDEO_OPENGL */ + +-#if SDL_VIDEO_OPENGL_ES ++#if SDL_VIDEO_OPENGL_ES && !SDL_VIDEO_OPENGL + #include "SDL_opengles.h" +-#endif /* SDL_VIDEO_OPENGL_ES */ ++#endif /* SDL_VIDEO_OPENGL_ES && !SDL_VIDEO_OPENGL */ + + /* GL and GLES2 headers conflict on Linux 32 bits */ + #if SDL_VIDEO_OPENGL_ES2 && !SDL_VIDEO_OPENGL + diff --git a/gnu/packages/patches/thermald-make-int-max32-visible.patch b/gnu/packages/patches/thermald-make-int-max32-visible.patch deleted file mode 100644 index eddbb23547..0000000000 --- a/gnu/packages/patches/thermald-make-int-max32-visible.patch +++ /dev/null @@ -1,24 +0,0 @@ -From 5fb947886bf1e40475edf930fb2b284c24c8cb9a Mon Sep 17 00:00:00 2001 -From: Sanel Zukan <karijes@users.sourceforge.net> -Date: Sun, 23 Dec 2018 00:04:34 +0100 -Subject: [PATCH] Make sure INT_MAX32 is visible. - ---- - src/thd_trip_point.h | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/thd_trip_point.h b/src/thd_trip_point.h -index 0eedc95..89eb083 100644 ---- a/src/thd_trip_point.h -+++ b/src/thd_trip_point.h -@@ -29,6 +29,10 @@ - #include "thd_sys_fs.h" - #include "thd_preference.h" - #include "thd_cdev.h" -+ -+#define __STDC_LIMIT_MACROS -+#include <stdint.h> -+ - #include <time.h> - #include <vector> - #include <algorithm> // std::sort diff --git a/gnu/packages/patches/ucx-tcp-iface-ioctl.patch b/gnu/packages/patches/ucx-tcp-iface-ioctl.patch new file mode 100644 index 0000000000..d5df7047bc --- /dev/null +++ b/gnu/packages/patches/ucx-tcp-iface-ioctl.patch @@ -0,0 +1,109 @@ +Since /sys is unavailable in build environments, the list of available +TCP network interfaces cannot be obtained via /sys/class/net. This patch +provides alternative code that uses the SIOCGIFCONF ioctl to get the +names of the available TCP network interfaces. + +diff --git a/src/uct/tcp/tcp_iface.c b/src/uct/tcp/tcp_iface.c +index 81ad459..10024a6 100644 +--- a/src/uct/tcp/tcp_iface.c ++++ b/src/uct/tcp/tcp_iface.c +@@ -12,6 +12,8 @@ + #include <sys/poll.h> + #include <netinet/tcp.h> + #include <dirent.h> ++#include <net/if.h> ++#include <sys/ioctl.h> + + static ucs_config_field_t uct_tcp_iface_config_table[] = { + {"", "MAX_SHORT=8k", NULL, +@@ -483,6 +485,70 @@ static UCS_CLASS_DEFINE_NEW_FUNC(uct_tcp_iface_t, uct_iface_t, uct_md_h, + uct_worker_h, const uct_iface_params_t*, + const uct_iface_config_t*); + ++/* Fetch information about available network devices through an ioctl. */ ++static ucs_status_t query_devices_ioctl(uct_md_h md, ++ uct_tl_resource_desc_t **resource_p, ++ unsigned *num_resources_p) ++{ ++ int sock, err, i; ++ uct_tl_resource_desc_t *resources, *tmp; ++ unsigned num_resources; ++ ucs_status_t status; ++ struct ifconf conf; ++ struct ifreq reqs[10]; ++ ++ conf.ifc_len = sizeof reqs; ++ conf.ifc_req = reqs; ++ ++ sock = socket(SOCK_STREAM, AF_INET, 0); ++ if (sock < 0) { ++ ucs_error("socket(2) failed: %m"); ++ status = UCS_ERR_IO_ERROR; ++ goto out; ++ } ++ ++ err = ioctl(sock, SIOCGIFCONF, &conf); ++ if (err < 0) { ++ ucs_error("SIOCGIFCONF ioctl failed: %m"); ++ status = UCS_ERR_IO_ERROR; ++ goto out; ++ } ++ ++ resources = NULL; ++ num_resources = 0; ++ for (i = 0; i < conf.ifc_len / sizeof(struct ifreq); i++) { ++ const char *name = reqs[i].ifr_name; ++ ++ if (!ucs_netif_is_active(name)) { ++ continue; ++ } ++ ++ tmp = ucs_realloc(resources, sizeof(*resources) * (num_resources + 1), ++ "tcp resources"); ++ if (tmp == NULL) { ++ ucs_free(resources); ++ status = UCS_ERR_NO_MEMORY; ++ goto out; ++ } ++ resources = tmp; ++ ++ ucs_snprintf_zero(resources[i].tl_name, sizeof(resources[i].tl_name), ++ "%s", UCT_TCP_NAME); ++ ucs_snprintf_zero(resources[i].dev_name, sizeof(resources[i].dev_name), ++ "%s", name); ++ resources[i].dev_type = UCT_DEVICE_TYPE_NET; ++ ++num_resources; ++ } ++ ++ *num_resources_p = num_resources; ++ *resource_p = resources; ++ status = UCS_OK; ++ ++out: ++ if (sock >= 0) close(sock); ++ return status; ++} ++ + static ucs_status_t uct_tcp_query_tl_resources(uct_md_h md, + uct_tl_resource_desc_t **resource_p, + unsigned *num_resources_p) +@@ -496,9 +562,9 @@ static ucs_status_t uct_tcp_query_tl_resources(uct_md_h md, + + dir = opendir(netdev_dir); + if (dir == NULL) { +- ucs_error("opendir(%s) failed: %m", netdev_dir); +- status = UCS_ERR_IO_ERROR; +- goto out; ++ /* When /sys is unavailable, as can be the case in a container, ++ * resort to a good old 'ioctl'. */ ++ return query_devices_ioctl(md, resource_p, num_resources_p); + } + + resources = NULL; +@@ -543,6 +609,5 @@ static ucs_status_t uct_tcp_query_tl_resources(uct_md_h md, + + out_closedir: + closedir(dir); +-out: + return status; + } diff --git a/gnu/packages/patches/xinetd-CVE-2013-4342.patch b/gnu/packages/patches/xinetd-CVE-2013-4342.patch deleted file mode 100644 index ad57bc7b0e..0000000000 --- a/gnu/packages/patches/xinetd-CVE-2013-4342.patch +++ /dev/null @@ -1,36 +0,0 @@ -Fix CVE-2013-4342: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4342 -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324678 - -Patch copied from upstream source repository: - -https://github.com/xinetd-org/xinetd/commit/91e2401a219121eae15244a6b25d2e79c1af5864 - -From 91e2401a219121eae15244a6b25d2e79c1af5864 Mon Sep 17 00:00:00 2001 -From: Thomas Swan <thomas.swan@gmail.com> -Date: Wed, 2 Oct 2013 23:17:17 -0500 -Subject: [PATCH] CVE-2013-4342: xinetd: ignores user and group directives for - TCPMUX services - -Originally reported to Debian in 2005 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324678> and rediscovered <https://bugzilla.redhat.com/show_bug.cgi?id=1006100>, xinetd would execute TCPMUX services without dropping privilege to match the service configuration allowing the service to run with same privilege as the xinetd process (root). ---- - xinetd/builtins.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/xinetd/builtins.c b/xinetd/builtins.c -index 3b85579..34a5bac 100644 ---- a/xinetd/builtins.c -+++ b/xinetd/builtins.c -@@ -617,7 +617,7 @@ static void tcpmux_handler( const struct server *serp ) - if( SC_IS_INTERNAL( scp ) ) { - SC_INTERNAL(scp, nserp); - } else { -- exec_server(nserp); -+ child_process(nserp); - } - } - --- -2.7.4 - diff --git a/gnu/packages/patches/xinetd-fix-fd-leak.patch b/gnu/packages/patches/xinetd-fix-fd-leak.patch deleted file mode 100644 index 77e4600185..0000000000 --- a/gnu/packages/patches/xinetd-fix-fd-leak.patch +++ /dev/null @@ -1,26 +0,0 @@ -Fix a file descriptor leak: - -https://github.com/xinetd-org/xinetd/issues/23 - -Patch copied from Debian: - -https://anonscm.debian.org/cgit/collab-maint/xinetd.git/tree/debian/patches/000012-fix_fd_leak - -Patch sent upstream at https://github.com/xinetd-org/xinetd/pull/26. - -diff --git a/xinetd/xgetloadavg.c b/xinetd/xgetloadavg.c -index 5a26214..fe0f872 100644 ---- a/xinetd/xgetloadavg.c -+++ b/xinetd/xgetloadavg.c -@@ -34,7 +34,7 @@ double xgetloadavg(void) - - if( fscanf(fd, "%lf", &ret) != 1 ) { - perror("fscanf"); -- return -1; -+ ret = -1; - } - - fclose(fd); --- -2.7.4 - diff --git a/gnu/packages/patches/xsane-fix-memory-leak.patch b/gnu/packages/patches/xsane-fix-memory-leak.patch new file mode 100644 index 0000000000..4e03e57e13 --- /dev/null +++ b/gnu/packages/patches/xsane-fix-memory-leak.patch @@ -0,0 +1,34 @@ +From bbd54510f0297afa2d1a81927db060cb0b791f14 Mon Sep 17 00:00:00 2001 +From: Ralph Little <littlesincanada@yahoo.co.uk> +Date: Sun, 1 Sep 2019 17:34:19 -0700 +Subject: [PATCH] Apply opensuse upstream patch xsane_memory_leak + +Removes completely redundant memory allocation. +--- + src/xsane-batch-scan.c | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/src/xsane-batch-scan.c b/src/xsane-batch-scan.c +index 90cc0e0..e77caca 100644 +--- a/src/xsane-batch-scan.c ++++ b/src/xsane-batch-scan.c +@@ -680,7 +680,6 @@ static GtkWidget *xsane_batch_scan_create_list_entry(Batch_Scan_Parameters *para + GtkWidget *list_item; + GtkWidget *hbox; + int size = 120; +- char *data; + + list_item = gtk_list_item_new(); + +@@ -688,8 +687,6 @@ static GtkWidget *xsane_batch_scan_create_list_entry(Batch_Scan_Parameters *para + gtk_container_add(GTK_CONTAINER(list_item), hbox); + gtk_widget_show(hbox); + +- data = calloc(size, size); +- + parameters->gtk_preview = gtk_preview_new(GTK_PREVIEW_COLOR); + gtk_preview_size(GTK_PREVIEW(parameters->gtk_preview), size, size); + gtk_box_pack_start(GTK_BOX(hbox), parameters->gtk_preview, FALSE, FALSE, 0); +-- +2.22.0 + diff --git a/gnu/packages/patches/xsane-fix-pdf-floats.patch b/gnu/packages/patches/xsane-fix-pdf-floats.patch new file mode 100644 index 0000000000..5f26fa140b --- /dev/null +++ b/gnu/packages/patches/xsane-fix-pdf-floats.patch @@ -0,0 +1,85 @@ +From c126eea11c4ee39cbe9c0c76f920626b618b6ee9 Mon Sep 17 00:00:00 2001 +From: Ralph Little <littlesincanada@yahoo.co.uk> +Date: Sun, 1 Sep 2019 17:03:44 -0700 +Subject: [PATCH] Apply debian upstream patch 0135-fix_pdf_floats + +Original patch commentary: + +Description: Fix floats in PDF and PostScript + Set LC_NUMERIC to POSIX before printing floats when building + PostScript or PDF output. +Author: Julien BLACHE <jblache@debian.org> +Forwarded: yes + +------------ +Looks like float printing format is affected by the current locale. +Ensures that we always get POSIX formatting of floats. +--- + src/xsane-save.c | 19 +++++++++++++++++++ + 1 file changed, 19 insertions(+) + +diff --git a/src/xsane-save.c b/src/xsane-save.c +index f14df05..63550cc 100644 +--- a/src/xsane-save.c ++++ b/src/xsane-save.c +@@ -26,6 +26,8 @@ + #include "xsane-back-gtk.h" + #include "xsane-front-gtk.h" + #include "xsane-save.h" ++#include <locale.h> ++#include <string.h> + #include <time.h> + #include <sys/wait.h> + +@@ -2425,6 +2427,7 @@ static void xsane_save_ps_create_image_header(FILE *outfile, + int flatedecode) + { + int depth; ++ char *save_locale; + + depth = image_info->depth; + +@@ -2442,8 +2445,15 @@ static void xsane_save_ps_create_image_header(FILE *outfile, + + fprintf(outfile, "%d rotate\n", degree); + fprintf(outfile, "%d %d translate\n", position_left, position_bottom); ++ ++ save_locale = strdup(setlocale(LC_NUMERIC, NULL)); ++ setlocale(LC_NUMERIC, "POSIX"); ++ + fprintf(outfile, "%f %f scale\n", width, height); + ++ setlocale(LC_NUMERIC, save_locale); ++ free(save_locale); ++ + fprintf(outfile, "<<\n"); + fprintf(outfile, " /ImageType 1\n"); + fprintf(outfile, " /Width %d\n", image_info->image_width); +@@ -3921,6 +3931,7 @@ static void xsane_save_pdf_create_page_header(FILE *outfile, struct pdf_xref *xr + int position_left, position_bottom, box_left, box_bottom, box_right, box_top, depth; + int left, bottom; + float rad; ++ char *save_locale; + + DBG(DBG_proc, "xsane_save_pdf_create_page_header\n"); + +@@ -4035,8 +4046,16 @@ static void xsane_save_pdf_create_page_header(FILE *outfile, struct pdf_xref *xr + + fprintf(outfile, "q\n"); + fprintf(outfile, "1 0 0 1 %d %d cm\n", position_left, position_bottom); /* translate */ ++ ++ save_locale = strdup(setlocale(LC_NUMERIC, NULL)); ++ setlocale(LC_NUMERIC, "POSIX"); ++ + fprintf(outfile, "%f %f -%f %f 0 0 cm\n", cos(rad), sin(rad), sin(rad), cos(rad)); /* rotate */ + fprintf(outfile, "%f 0 0 %f 0 0 cm\n", width, height); /* scale */ ++ ++ setlocale(LC_NUMERIC, save_locale); ++ free(save_locale); ++ + fprintf(outfile, "BI\n"); + fprintf(outfile, " /W %d\n", image_info->image_width); + fprintf(outfile, " /H %d\n", image_info->image_height); +-- +2.22.0 + diff --git a/gnu/packages/patches/xsane-fix-snprintf-buffer-length.patch b/gnu/packages/patches/xsane-fix-snprintf-buffer-length.patch new file mode 100644 index 0000000000..412e127f5a --- /dev/null +++ b/gnu/packages/patches/xsane-fix-snprintf-buffer-length.patch @@ -0,0 +1,72 @@ +From 893a5ce1f75e5eea7c8d383038ff92a150819c9c Mon Sep 17 00:00:00 2001 +From: Ralph Little <littlesincanada@yahoo.co.uk> +Date: Thu, 19 Sep 2019 22:02:33 -0700 +Subject: [PATCH] xsane-*-project.c - reduced snprintf format pad to silence + warning about too long constrant string for buffer. + +--- + src/xsane-email-project.c | 4 ++-- + src/xsane-fax-project.c | 4 ++-- + src/xsane-multipage-project.c | 2 +- + 3 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/xsane-email-project.c b/src/xsane-email-project.c +index f20cb12..ac93fc2 100644 +--- a/src/xsane-email-project.c ++++ b/src/xsane-email-project.c +@@ -896,7 +896,7 @@ static void xsane_email_project_update_project_status() + snprintf(filename, sizeof(filename), "%s/xsane-mail-list", preferences.email_project); + projectfile = fopen(filename, "r+b"); /* r+ = read and write, position = start of file */ + +- snprintf(buf, 32, "%s@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", xsane.email_status); /* fill 32 characters status line */ ++ snprintf(buf, 33, "%s@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", xsane.email_status); /* fill 32 characters status line */ + fprintf(projectfile, "%s\n", buf); /* first line is status of email */ + + fclose(projectfile); +@@ -936,7 +936,7 @@ void xsane_email_project_save() + { + char buf[TEXTBUFSIZE]; + +- snprintf(buf, 32, "%s@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", xsane.email_status); /* fill 32 characters status line */ ++ snprintf(buf, 33, "%s@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", xsane.email_status); /* fill 32 characters status line */ + fprintf(projectfile, "%s\n", buf); /* first line is status of email */ + gtk_progress_set_format_string(GTK_PROGRESS(xsane.project_progress_bar), _(xsane.email_status)); + xsane_progress_bar_set_fraction(GTK_PROGRESS_BAR(xsane.project_progress_bar), 0.0); +diff --git a/src/xsane-fax-project.c b/src/xsane-fax-project.c +index f263313..0c60a97 100644 +--- a/src/xsane-fax-project.c ++++ b/src/xsane-fax-project.c +@@ -452,7 +452,7 @@ static void xsane_fax_project_update_project_status() + snprintf(filename, sizeof(filename), "%s/xsane-fax-list", preferences.fax_project); + projectfile = fopen(filename, "r+b"); /* r+ = read and write, position = start of file */ + +- snprintf(buf, 32, "%s@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", xsane.fax_status); /* fill 32 characters status line */ ++ snprintf(buf, 33, "%s@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", xsane.fax_status); /* fill 32 characters status line */ + fprintf(projectfile, "%s\n", buf); /* first line is status of mail */ + + fclose(projectfile); +@@ -498,7 +498,7 @@ void xsane_fax_project_save() + { + char buf[TEXTBUFSIZE]; + +- snprintf(buf, 32, "%s@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", xsane.fax_status); /* fill 32 characters status line */ ++ snprintf(buf, 33, "%s@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", xsane.fax_status); /* fill 32 characters status line */ + fprintf(projectfile, "%s\n", buf); /* first line is status of mail */ + gtk_progress_set_format_string(GTK_PROGRESS(xsane.project_progress_bar), _(xsane.fax_status)); + xsane_progress_bar_set_fraction(GTK_PROGRESS_BAR(xsane.project_progress_bar), 0.0); +diff --git a/src/xsane-multipage-project.c b/src/xsane-multipage-project.c +index f23e5f8..9392e00 100644 +--- a/src/xsane-multipage-project.c ++++ b/src/xsane-multipage-project.c +@@ -522,7 +522,7 @@ void xsane_multipage_project_save() + { + char buf[TEXTBUFSIZE]; + +- snprintf(buf, 32, "%s@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", xsane.multipage_status); /* fill 32 characters status line */ ++ snprintf(buf, 33, "%s@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", xsane.multipage_status); /* fill 32 characters status line */ + fprintf(projectfile, "%s\n", buf); /* first line is status of multipage */ + gtk_progress_set_format_string(GTK_PROGRESS(xsane.project_progress_bar), _(xsane.multipage_status)); + xsane_progress_bar_set_fraction(GTK_PROGRESS_BAR(xsane.project_progress_bar), 0.0); +-- +2.23.0 + diff --git a/gnu/packages/patches/xsane-support-ipv6.patch b/gnu/packages/patches/xsane-support-ipv6.patch new file mode 100644 index 0000000000..4e3bb87a1a --- /dev/null +++ b/gnu/packages/patches/xsane-support-ipv6.patch @@ -0,0 +1,153 @@ +From 62d9c172f258769e3a7540fe710e013bb39a704f Mon Sep 17 00:00:00 2001 +From: Ralph Little <littlesincanada@yahoo.co.uk> +Date: Sat, 7 Sep 2019 12:39:45 -0700 +Subject: [PATCH] Apply opensuse upstream patch 004-ipv6-support + +Appears to be related to this: +https://bugzilla.redhat.com/show_bug.cgi?id=198422 + +----- +Changes email socket connection code to use more IP version agnostic +calls. It appears to only be used by the scan email option and +originally comes from the RedHat IPv6 awareness program mentioned +in the bug report. + +In practice, I'm not sure how practical the implementation for emailing +scans in xsane is as it does not look to support encryption, pretty +much a given in today's world. +--- + src/xsane-save.c | 96 +++++++++++++++++++++++++++++++----------------- + 1 file changed, 62 insertions(+), 34 deletions(-) + +diff --git a/src/xsane-save.c b/src/xsane-save.c +index 63550cc..ff3c459 100644 +--- a/src/xsane-save.c ++++ b/src/xsane-save.c +@@ -31,6 +31,8 @@ + #include <time.h> + #include <sys/wait.h> + ++#include <glib.h> ++ + /* the following test is always false */ + #ifdef _native_WIN32 + # include <winsock.h> +@@ -7540,55 +7542,81 @@ void write_email_attach_file(int fd_socket, char *boundary, FILE *infile, char * + /* returns fd_socket if sucessfull, < 0 when error occured */ + int open_socket(char *server, int port) + { +- int fd_socket; +- struct sockaddr_in sin; +- struct hostent *he; ++ int fd_socket, e; ++ ++ struct addrinfo *ai_list, *ai; ++ struct addrinfo hints; ++ gchar *port_s; ++ gint connected; ++ ++ memset(&hints, '\0', sizeof(hints)); ++ hints.ai_flags = AI_ADDRCONFIG; ++ hints.ai_socktype = SOCK_STREAM; ++ ++ port_s = g_strdup_printf("%d", port); ++ e = getaddrinfo(server, port_s, &hints, &ai_list); ++ g_free(port_s); + +- he = gethostbyname(server); +- if (!he) ++ if (e != 0) + { +- DBG(DBG_error, "open_socket: Could not get hostname of \"%s\"\n", server); ++ DBG(DBG_error, "open_socket: Could not lookup \"%s\"\n", server); + return -1; + } +- else ++ ++ connected = 0; ++ for (ai = ai_list; ai != NULL && !connected; ai = ai->ai_next) + { +- DBG(DBG_info, "open_socket: connecting to \"%s\" = %d.%d.%d.%d\n", +- he->h_name, +- (unsigned char) he->h_addr_list[0][0], +- (unsigned char) he->h_addr_list[0][1], +- (unsigned char) he->h_addr_list[0][2], +- (unsigned char) he->h_addr_list[0][3]); +- } ++ gchar hostname[NI_MAXHOST]; ++ gchar hostaddr[NI_MAXHOST]; ++ ++ /* If all else fails */ ++ strncpy(hostname, "(unknown name)", NI_MAXHOST-1); ++ strncpy(hostaddr, "(unknown address)", NI_MAXHOST-1); ++ ++ /* Determine canonical name and IPv4/IPv6 address */ ++ (void) getnameinfo(ai->ai_addr, ai->ai_addrlen, hostname, sizeof(hostname), ++ NULL, 0, 0); ++ (void) getnameinfo(ai->ai_addr, ai->ai_addrlen, hostaddr, sizeof(hostaddr), ++ NULL, 0, NI_NUMERICHOST); ++ ++ DBG(DBG_info, "open_socket: connecting to \"%s\" (\"%s\"): %s\n", ++ server, hostname, hostaddr); + +- if (he->h_addrtype != AF_INET) +- { +- DBG(DBG_error, "open_socket: Unknown address family: %d\n", he->h_addrtype); +- return -1; +- } ++ if ((ai->ai_family != AF_INET) && (ai->ai_family != AF_INET6)) ++ { ++ DBG(DBG_error, "open_socket: Unknown address family: %d\n", ai->ai_family); ++ continue; ++ } + +- fd_socket = socket(AF_INET, SOCK_STREAM, 0); ++ fd_socket = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); + +- if (fd_socket < 0) +- { +- DBG(DBG_error, "open_socket: Could not create socket: %s\n", strerror(errno)); +- return -1; +- } ++ if (fd_socket < 0) ++ { ++ DBG(DBG_error, "open_socket: Could not create socket: %s\n", strerror(errno)); ++ continue; ++ } + +-/* setsockopt (dev->ctl, level, TCP_NODELAY, &on, sizeof (on)); */ ++ /* setsockopt (dev->ctl, level, TCP_NODELAY, &on, sizeof (on)); */ + +- sin.sin_port = htons(port); +- sin.sin_family = AF_INET; +- memcpy(&sin.sin_addr, he->h_addr_list[0], he->h_length); ++ if (connect(fd_socket, ai->ai_addr, ai->ai_addrlen) != 0) ++ { ++ DBG(DBG_error, "open_socket: Could not connect with port %d of socket: %s\n", port, strerror(errno)); ++ continue; ++ } ++ ++ /* All went well */ ++ connected = 1; ++ } + +- if (connect(fd_socket, &sin, sizeof(sin))) ++ if (!connected) + { +- DBG(DBG_error, "open_socket: Could not connect with port %d of socket: %s\n", ntohs(sin.sin_port), strerror(errno)); +- return -1; ++ DBG(DBG_info, "open_socket: Could not connect to any address"); ++ return -1; + } + +- DBG(DBG_info, "open_socket: Connected with port %d\n", ntohs(sin.sin_port)); ++ DBG(DBG_info, "open_socket: Connected with port %d\n", port); + +- return fd_socket; ++ return fd_socket; + } + + /* ---------------------------------------------------------------------------------------------------------------------- */ +-- +2.22.0 + diff --git a/gnu/packages/patches/xsane-tighten-default-umask.patch b/gnu/packages/patches/xsane-tighten-default-umask.patch new file mode 100644 index 0000000000..5ee5fdfd37 --- /dev/null +++ b/gnu/packages/patches/xsane-tighten-default-umask.patch @@ -0,0 +1,36 @@ +From 5dc1e301a165709c60c435f00ec9bb6d7d5f21f3 Mon Sep 17 00:00:00 2001 +From: Ralph Little <littlesincanada@yahoo.co.uk> +Date: Tue, 27 Aug 2019 21:40:02 -0700 +Subject: [PATCH] Apply debian upstream patch 0160-fix_tighten_default_umask + +Original patch commentary: + +Description: Change default XSane umask from 0007 to 0077 + A default umask of 0007 can be mildly insecure in a multiuser environment, + so tighten things up a bit and go with 0077 instead. +Author: Adrien Thebo +Bug-Debian: http://bugs.debian.org/592972 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/xsane/+bug/611950 + +---- +As above. +--- + src/xsane.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/xsane.h b/src/xsane.h +index 67f06d4..fa04418 100644 +--- a/src/xsane.h ++++ b/src/xsane.h +@@ -104,7 +104,7 @@ + #define XSANE_DEBUG_ENVIRONMENT "XSANE_DEBUG" + + #define XSANE_PROGRESS_BAR_MIN_DELTA_PERCENT 0.025 +-#define XSANE_DEFAULT_UMASK 0007 ++#define XSANE_DEFAULT_UMASK 0077 + #define XSANE_HOLD_TIME 200 + #define XSANE_CONTINUOUS_HOLD_TIME 10 + #define XSANE_DEFAULT_DEVICE "SANE_DEFAULT_DEVICE" +-- +2.22.0 + |