Commit Graph

169 Commits

Author SHA1 Message Date
Franz Pletz
9007303001
curl: add upstream patch to fix HTTP2 performance issues
See #20639. Patch has to be in nixpkgs because fetchurl depends on curl.
2016-11-26 14:48:05 +01:00
Eelco Dolstra
1e1609da6a curl: 7.50.3 -> 7.51.0
Fixes 11 CVEs:

https://curl.haxx.se/changes.html#7_51_0
2016-11-02 10:38:17 +01:00
Eelco Dolstra
811b876fab Revert "openssl, curl, git: Respect $NIX_SSL_CERT_FILE"
This reverts commit 942dbf89c6. Sorry,
this was supposed to go to staging instead of master...
2016-10-14 16:01:54 +02:00
Eelco Dolstra
942dbf89c6 openssl, curl, git: Respect $NIX_SSL_CERT_FILE
$NIX_SSL_CERT_FILE overrides $SSL_CERT_FILE, which in turn overrides
the default CA path (/etc/ssl/certs/ca-certificates.crt). This allows
Nix to set a CA path without interfering with other packages (such as
Homebrew).

See https://github.com/NixOS/nix/issues/921.
2016-10-14 12:06:10 +02:00
Tim Steinbach
cda53e434e
curl: 7.50.1 -> 7.50.3 2016-09-23 09:59:14 -04:00
Franz Pletz
ee4c4768a4
curl3: remove vulnerable curl version 2016-09-14 09:03:23 +02:00
Eelco Dolstra
8172cd734c docdev -> devdoc
It's "developer documentation", not "documentation developer" after
all.
2016-09-01 11:07:23 +02:00
Tuomas Tynkkynen
a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Kranium Gikos Mendoza
3c1b7efaa8 curl: 7.50.0 -> 7.50.1 (#17486) (#17527) 2016-08-05 15:52:58 +02:00
Miguel Madrid
fa03b541b2 curl: 7.47.1 -> 7.50.0 (#17152) 2016-07-30 21:38:06 +01:00
Tuomas Tynkkynen
2a73de6e6c treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
Tuomas Tynkkynen
d7071caba5 treewide: Make explicit that 'dev' output of libssh2 is used 2016-05-19 10:00:45 +02:00
Tuomas Tynkkynen
62479404ea treewide: Make explicit that 'dev' output of libidn is used 2016-05-19 10:00:42 +02:00
Eelco Dolstra
b4bf432709 nghttp2: 1.8.0 -> 1.9.2, unify with libnghttp2, and use multiple outputs
Note: I ignored the C++ libraries, but it appears we're not currently
using them. Once we do, we'll probably want to put them in a separate
output as well (to prevent non-C++ users from depending on Boost).
2016-04-18 21:13:18 +02:00
Vladimír Čunát
ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Domen Kožar
b07e7bfc7b Merge remote-tracking branch 'origin/staging' 2016-03-27 13:19:04 +01:00
Joachim Fasting
1f78d14028 curl3: mark as broken
This is an ancient version of curl, that currently has 19 known vulnerabilities.
It is used by and was added to support only one package.
2016-03-26 13:18:48 +01:00
Vladimír Čunát
09af15654f Merge master into closure-size
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
Vladimír Čunát
a458a9f78f curl: use an official download link
It works now that we have e6f61b4cf3.
2016-03-06 11:12:23 +01:00
Eelco Dolstra
389d04cbe7 curl: 7.47.0 -> 7.47.1 2016-02-22 11:41:34 +01:00
zimbatm
6908e75441 curl: fixes installation of 7.15
It was trying to install /etc/ssl/cert/ca-certificates.pem

See https://hydra.nixos.org/build/32167398/nixlog/1
2016-02-21 23:57:20 +00:00
Vladimír Čunát
ee994dfae6 bootstrap tools: have curl without http2 support
I assume there's not much use for it during bootstrapping.
This fixes them as well, as curl was compiled against libnghttp2 but the
lib wasn't copied to the bootstrap tools.
2016-02-17 10:04:32 +01:00
Vladimír Čunát
d039c87984 Merge branch 'master' into closure-size 2016-02-14 08:33:51 +01:00
Vladimír Čunát
a115bff08c Merge branch 'master' into staging 2016-02-07 13:52:42 +01:00
Tony White
98ffc61e2f curl: Change default src url (close #12851)
- Changes the default src url away from http://curl.haxx.se
to an official mirror because haxx.se resolves to https and
bootstrap curl doesn't have https support.
Please see https://github.com/NixOS/nixpkgs/issues/12816
for more info.
2016-02-07 13:39:45 +01:00
Guillaume Maudoux
9f358f809d Configure a default trust store for openssl 2016-02-03 12:42:01 +01:00
Robin Gloster
0876a44169 curl: 7.45 -> 7.47 and enable HTTP/2 (close #12723)
This fixes CVE-2016-0755:
https://curl.haxx.se/docs/adv_20160127A.html

vcunat removed *propagation* of pkgconfig and perl.
2016-02-03 10:50:24 +01:00
Luca Bruno
5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Luca Bruno
e289717414 rename moveToOutput and propagatedBuildInputs 2015-12-02 10:05:36 +01:00
Vladimír Čunát
333d69a5f0 Merge staging into closure-size
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
Danny Wilson
e9d6da77cd Fix non-chrooted (stdenv-native) builds that have man on path enabling
building of built-in manual, while chrooted builds (hydra) will not…
2015-11-16 17:20:13 +01:00
Vladimír Čunát
787f322540 $docdev fixups: mostly to avoid empty output
... after auto-removing some kinds of files by default.
In some cases I let them be removed and in others I let them be put into
$docdev. That was more due to general indecisiveness on this question
than any reasons in the particular cases.
2015-10-28 18:58:06 +01:00
William A. Kennington III
50842f5ec1 curl: 7.44.0 -> 7.45.0 2015-10-17 11:54:13 -07:00
Vladimír Čunát
99e4371526 curl: split into multiple outputs
Also use pkgconfig to be safer and fix (some) referrers.
2015-10-13 20:18:48 +02:00
William A. Kennington III
86e53bdff3 curl: 7.43.0 -> 7.44.0 2015-08-28 17:57:13 -07:00
William A. Kennington III
3d9be37df7 curl: 7.42.1 -> 7.43.0 2015-06-18 20:55:19 -07:00
Eelco Dolstra
cde5053d9a Revert "curl: Modernize build"
This reverts commit 5e3fe3916a.
2015-06-04 14:54:52 +02:00
Eelco Dolstra
68493cd8dc Revert "curl: propagate inputs instead of patching pkgconfig"
This reverts commit 206d63edac.
2015-06-04 14:54:51 +02:00
Eelco Dolstra
3096d03435 Revert "Refactor mkFlag / shouldUsePkg into the nixpkgs libraries"
This reverts commit 25a148fa19.
2015-06-04 14:54:48 +02:00
William A. Kennington III
25a148fa19 Refactor mkFlag / shouldUsePkg into the nixpkgs libraries 2015-05-22 13:26:55 -07:00
Spencer Whitt
4c76dda4dd curl 7.15: Disable on Darwin
Build is failing and this version of curl is not used for anything
useful on Darwin, so it's not worth fixing.
2015-05-15 11:58:21 -04:00
Shea Levy
206d63edac curl: propagate inputs instead of patching pkgconfig 2015-05-12 13:07:58 -04:00
Shea Levy
f168973bfd Revert "curl: Improve .pc and .la patching"
This breaks on darwin with:

> sed: -e: No such file or directory

This reverts commit 26c37ded73.
2015-05-12 12:49:36 -04:00
William A. Kennington III
26c37ded73 curl: Improve .pc and .la patching 2015-05-11 15:12:38 -07:00
William A. Kennington III
5e3fe3916a curl: Modernize build 2015-05-01 15:57:14 -07:00
William A. Kennington III
00df204c82 Merge remote-tracking branch 'upstream/master' into staging 2015-05-01 15:57:09 -07:00
William A. Kennington III
9d5a3e62cf curl: 7.42.0 -> 7.42.1 2015-05-01 15:06:39 -07:00
Vladimír Čunát
30f31c9afc Merge 'master' into staging
(relatively simple conflicts)
2015-04-26 22:52:08 +02:00
John Chee
5717d5e09e curl: ldap and libidn support as curlFull 2015-04-25 14:01:36 -07:00
William A. Kennington III
dc3f962f64 curl: 7.41.0 -> 7.42.0 2015-04-22 14:37:53 -07:00
koral
2c1041acc7 curl: 7.40.0 -> 7.41.0 (close #6844) 2015-03-17 12:38:05 +01:00
koral
7fc94dd3bb curl: 7.39.0 -> 7.40.0 2015-02-09 17:34:03 +01:00
Thomas Tuegel
02157ab123 libcurl: honor $SSL_CERT_FILE (fixed)
The previous attempt to patch libcurl used

getenv("CURL_CA_BUNDLE") || getenv("SSL_CERT_FILE")

to get the second environment variable if the first is unset.
Unfortunately, this broke libcurl because the (||) operator is C returns
only 0 or 1, so it is inappropriate for pointer comparisons! Now we use

getenv("CURL_CA_BUNDLE") ? getenv("CURL_CA_BUNDLE") : getenv("SSL_CERT_FILE")

instead. This has one downside: it always calls getenv twice! But,
that's a small price to pay for actually being correct.
2014-12-02 10:41:24 -06:00
Wout Mertens
cacf3f6c1e Merge branch 'curl-ssl-cert-file' of https://github.com/the-kenny/nixpkgs into staging
Standardize NixOS on using only SSL_CERT_FILE for the trusted SSL certificate store.
2014-11-27 13:29:50 +01:00
Moritz Ulrich
f4ab3dc223 libcurl: Honor $SSL_CERT_FILE 2014-11-19 23:50:48 +01:00
Eelco Dolstra
a0f3faf34e Merge remote-tracking branch 'origin/glibc-2.20' into staging 2014-11-16 22:17:36 +01:00
Vladimír Čunát
4849e32abe curl: update to fix CVE-2014-3707 2014-11-10 21:34:03 +01:00
Eelco Dolstra
dc0d68ffc3 curl: Remove static link support
We only needed this for the stdenv bootstrap, but not anymore.
2014-10-29 13:43:00 +01:00
Eelco Dolstra
5cc92eb0d8 Remove obsolete useDietLibC stdenv adapter 2014-10-29 13:43:00 +01:00
James Cook
4d8d902e0c curl: update to 7.38.0, including security (#4161)
Fixes CVE-2014-3620 and CVE-2014-3613.
2014-09-19 11:53:08 +02:00
Vladimír Čunát
062e2567c9 curl: minor update 7.35.0 -> 7.36.0, including CVE fixes 2014-05-03 11:30:53 +02:00
Vladimír Čunát
befe6905e2 curl: update 7.33 -> .35, including two security fixes
CVE-2013-4545
CVE-2014-0015
2014-02-05 20:45:34 +01:00
Peter Simons
c32bf83301 Merge remote-tracking branch 'origin/master' into stdenv-updates.
Conflicts:
	pkgs/development/interpreters/perl/5.16/default.nix
	pkgs/tools/networking/curl/default.nix
	pkgs/top-level/all-packages.nix
	pkgs/top-level/release-python.nix
	pkgs/top-level/release-small.nix
	pkgs/top-level/release.nix
2013-12-04 18:33:52 +01:00
Domen Kožar
f770739290 curl: 7.30.0 -> 7.33.0 (CVE-2013-4545) 2013-11-21 16:24:32 +01:00
Peter Simons
91f2c362de Merge remote-tracking branch 'origin/master' into stdenv-updates.
Conflicts:
	pkgs/top-level/all-packages.nix
2013-10-26 18:28:05 +02:00
Jack Cummings
e6f2ac65e2 Gratuitous Space Battles. Needs libcurl.so.3, so put an old version of that in, too 2013-10-19 14:45:03 +02:00
Jason \"Don\" O'Conal
613cf79237 esniper: fix build on darwin 2013-09-16 15:51:15 +02:00
Peter Simons
76244ac2e2 Merge branch 'master' into stdenv-updates
Conflicts:
	pkgs/development/compilers/ghc/with-packages.nix
2013-08-16 22:51:13 +02:00
Jaka Hudoklin
941055dae9 curl: Add support for c-ares, asynchronous dns resolver 2013-08-12 19:53:08 +02:00
James Cook
af53fd451f curl: update to version 7.31.0 2013-06-28 07:04:07 +02:00
Vladimír Čunát
2058d95eb4 non-Linux platforms: extend to some important pkgs 2013-06-18 22:03:35 +02:00
Petr Rockai
7abebbad4d curl: Optionally add support for GSSAPI (Kerberos).
@vcunat also did some configureFlags refactoring
2013-05-18 13:24:30 +02:00
Eelco Dolstra
d44ffc5338 curl: Update to 7.30.0
CVE-2013-1944
2013-04-23 14:54:51 +02:00
Eelco Dolstra
2aa6f262cb Merge remote-tracking branch 'origin/master' into stdenv-updates 2013-02-15 13:36:34 +01:00
Shea Levy
e2abed75ec Revert "Revert "curl: Update to version 7.29.0.""
This reverts commit ec4f56b347.

With the added patch, the curl segfault seems to be fixed.
2013-02-10 13:44:00 -05:00
Shea Levy
ec4f56b347 Revert "curl: Update to version 7.29.0."
This reverts commit fd2cff9479.

nix's substituter fails with this curl, so revert it until that's fixed.
2013-02-10 11:37:14 -05:00
aszlig
fd2cff9479 curl: Update to version 7.29.0.
This version contains a security fix for CVE-2013-0249, for details please have
a look at:

http://curl.haxx.se/docs/adv_20130206.html

Thanks to @roconnor for pointing this out.

I'm pushing this to stdenv-updates because I'm not quite sure if it will break
other things because 7.29.0 is now non-blocking by default. Plus the security
vulnerability only affects IMAP, POP3 and SMTP protocol support.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>

Cherry-picked into master, this won't change stdenv.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-02-08 18:27:52 -05:00
aszlig
8e08e9ccf0
curl: Update to version 7.29.0.
This version contains a security fix for CVE-2013-0249, for details please have
a look at:

http://curl.haxx.se/docs/adv_20130206.html

Thanks to @roconnor for pointing this out.

I'm pushing this to stdenv-updates because I'm not quite sure if it will break
other things because 7.29.0 is now non-blocking by default. Plus the security
vulnerability only affects IMAP, POP3 and SMTP protocol support.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-02-08 09:03:22 +01:00
Eelco Dolstra
88b11196c1 Clean up redundant "if condition then true else false" 2012-12-28 19:57:47 +01:00
Eelco Dolstra
5be0a9acd7 Rename hostDrv -> crossDrv, buildDrv -> nativeDrv
This is for consistency with terminology in stdenv (and the terms
"hostDrv" and "buildDrv" are not very intuitive, even if they're
consistent with GNU terminology).
2012-12-28 19:08:19 +01:00
Peter Simons
c0b393866f curl: update to version 7.28.0 2012-10-26 10:32:04 +02:00
Eelco Dolstra
fcb1d64322 curl: Update to 7.27.0 2012-09-13 11:36:34 -04:00
Michael Fox
063a627493 Curl. Uprev to 2.26.0
Solves a hideous bug which affects lots of things including nix-env.
The question now is, how to rebuild everything that depends directly or indirectly on curl?

More about the underlying bug and its resolution here:
    http://comments.gmane.org/gmane.comp.web.curl.library/33285

Bug looks like this:

    curl google.com
    curl: (7) Failed to connect to 74.125.224.35: Invalid argument
2012-06-29 21:15:35 -07:00
Eelco Dolstra
3cf71dcfd1 * Curl is used during the bootstrap, so don't rely on pattern
substitution being efficient.

svn path=/nixpkgs/branches/stdenv-updates/; revision=31792
2012-01-23 13:06:01 +00:00
Eelco Dolstra
4d95b41bc8 * curl updated to 7.22.0. Dropped the connect timeout patch because
it doesn't seem necessary anymore.

svn path=/nixpkgs/trunk/; revision=30243
2011-11-05 01:55:53 +00:00
Lluís Batlle i Rossell
221317ae7b Setting new bootstrap-tools for x86_64.
Allowing 'curl' build without some dependencies, if it is told not to build
with them.

Updating the make-bootstrap-tools for the latest gcc/glibc, removing the
dependency on klibc, and updating unpack-boostrap-tools for the latest
boostrap-tools to work.


svn path=/nixpkgs/branches/stdenv-updates/; revision=23305
2010-08-21 12:50:49 +00:00
Peter Simons
0571d80df6 pkgs/tools/networking/curl: strip trailing whitespace
svn path=/nixpkgs/trunk/; revision=22997
2010-08-06 12:45:39 +00:00
Peter Simons
432ad9ceef pkgs/tools/networking/curl: assert that scpSupport is enabled only when libssh2 is available
svn path=/nixpkgs/trunk/; revision=22996
2010-08-06 12:45:11 +00:00
Yury G. Kudryashov
80108f291b Add optional scp support to curl
svn path=/nixpkgs/trunk/; revision=22976
2010-08-05 21:06:45 +00:00
Eelco Dolstra
113fa71b8c * curl updated to 7.21.0.
svn path=/nixpkgs/trunk/; revision=22629
2010-07-18 21:01:17 +00:00
Michael Raskin
ccc497f80d Make WebKit use libsoup 2.31.2 via deepOverride. Edit a few packages that were overridable but did not allow extra arguments. Remove a catch with deepOverride that pkgs.lib had this attribute in a different sense.
svn path=/nixpkgs/trunk/; revision=22529
2010-07-08 13:25:52 +00:00
Lluís Batlle i Rossell
49ba7bee3c Made curl cross-build properly with openssl support.
svn path=/nixpkgs/trunk/; revision=20452
2010-03-06 15:17:43 +00:00
Eelco Dolstra
9761d31dc9 * curl 7.19.7.
svn path=/nixpkgs/branches/stdenv-updates/; revision=19573
2010-01-20 14:26:19 +00:00
Lluís Batlle i Rossell
4b27d28701 Porting changes from stdenv-updates into this branch.
This comes from:
svn diff  ^/nixpkgs/trunk/@18255 ^/nixpkgs/branches/stdenv-updates/ > diff
patch -p0 < diff
and then adding into svn all files new from the patch.

trunk@18255 comes from the last time I updated stdenv-updates from trunk.


svn path=/nixpkgs/stdenv-updates2/; revision=18272
2009-11-08 00:32:12 +00:00
Ludovic Courtès
c4d720c3d1 Curl: Propagate Zlib and OpenSSL.
svn path=/nixpkgs/trunk/; revision=15381
2009-04-28 15:41:51 +00:00
Eelco Dolstra
d574d882cc * curl 7.19.4.
svn path=/nixpkgs/branches/stdenv-updates/; revision=14507
2009-03-11 15:16:17 +00:00
Eelco Dolstra
c91168a600 * Bootstrap tools: build on x86_64-linux.
* Removed Perl from the bootstrap tools.

svn path=/nixpkgs/branches/stdenv-updates/; revision=13827
2009-01-23 15:09:56 +00:00
Eelco Dolstra
581af921ea * Latest OpenSSL, Curl.
svn path=/nixpkgs/branches/stdenv-updates/; revision=13817
2009-01-21 14:11:22 +00:00
Eelco Dolstra
fc5eebdf8b * Merged the stdenv branch
(https://svn.nixos.org/repos/nix/nixpkgs/branches/stdenv-updates
  -r10966:12061).

svn path=/nixpkgs/trunk/; revision=12073
2008-06-13 11:46:39 +00:00
Eelco Dolstra
e21b6b6ee5 * curl: build with OpenSSL (https) support by default.
* Some fetchurl-related refactoring.  The `realCurl' attribute is
  gone, `curl' is the real thing.  To prevent an infinite recursion in
  `fetchurl' (because it depends on curl and building curl needs
  fetchurl), curl and its dependencies (openssl, zlib, perl) use
  `fetchurlBoot', which is the fetchurl used by the previous bootstrap
  phase (e.g. the statically linked version of curl for
  stdenv-linux).  So as a result you can use https:// urls almost
  everywhere.

  There's also some hackery to prevent a different curl from being
  built in every stdenv-linux bootstrap phase (namely the
  stdenv.fetchurl attribute which allows fetchurl to be overriden
  everywhere).

svn path=/nixpkgs/trunk/; revision=11905
2008-05-27 07:49:55 +00:00