* doc/ref/guile-invoke.texi, doc/ref/scheme-scripts.texi:
describe the -e (module) shorthand as on equal footing with (@ ...)
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
This feature was removed by 4aead68cdb.
* module/ice-9/i18n.scm (number-decimal-string): Rewrite the case where
DIGIT-COUNT is not an integer.
(number->locale-string): Always pass FRACTION-DIGITS to
'number-decimal-string'.
* test-suite/tests/format.test ("~h localized number")["1234.5"]
["padding", "padchar"]: Remove decimal specifier.
* test-suite/tests/i18n.test ("number->locale-string")
["fraction",
* test-suite/tests/i18n.test ("format ~h")["12 345,678"]: Remove decimal
specifier. Remove one decimal.
* doc/ref/api-i18n.texi (Number Input and Output): Update
'number->locale-string' doc to mention the number of decimals.
Reported by Christopher Allan Webber <cwebber@dustycloud.org>
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
This commit adds protection to Guile's REPL servers against HTTP
inter-protocol exploitation attacks, a scenario whereby an attacker can,
via an HTML page, cause a web browser to send data to TCP servers
listening on a loopback interface or private network. See
<https://en.wikipedia.org/wiki/Inter-protocol_exploitation> and
<https://www.jochentopf.com/hfpa/hfpa.pdf>, The HTML Form Protocol
Attack (2001) by Tochen Topf <jochen@remote.org>.
Here we add a procedure to 'before-read-hook' that looks for a possible
HTTP request-line in the first line of input from the client socket. If
present, the socket is drained and closed, and a loud warning is written
to stderr (POSIX file descriptor 2).
* module/system/repl/server.scm: Add 'maybe-check-for-http-request'
to 'before-read-hook' when this module is loaded.
(with-temporary-port-encoding, with-saved-port-line+column)
(drain-input-and-close, permissive-http-request-line?)
(check-for-http-request, guard-against-http-request)
(maybe-check-for-http-request): New procedures.
(serve-client): Use 'guard-against-http-request'.
* module/system/repl/coop-server.scm (start-repl-client): Use
'guard-against-http-request'.
* doc/ref/guile-invoke.texi (Command-line Options): In the description
of the --listen option, make the security warning more prominent.
Mention the new protection added here. Recommend using UNIX domain
sockets for REPL servers. "a path to" => "the file name of".
Fixes <http://bugs.gnu.org/24659>.
* libguile/filesys.c (SCM_DEFINE): Remove calls to 'umask' when MODE is
unbound; instead, use 0777 as the mode. Update docstring to clarify
this.
* doc/ref/posix.texi (File System): Adjust accordingly.
* NEWS: Mention it.
Suggested by Vincent Legoll <vincent.legoll@gmail.com>.
* doc/ref/api-evaluation.texi (Expression Syntax): Add an unquote and an
unquote-splicing example.
* m4/mkstemp.m4: Remove.
* lib/mkstemp.c: Remove.
* lib/mkostemp.c: New file.
* m4/mkostemp.m4: New file.
* lib/Makefile.am:
* m4/gnulib-cache.m4:
* m4/gnulib-comp.m4: Remove mkstemp module, replace with mkostemp.
* libguile/fports.h:
* libguile/fports.c (scm_i_mode_to_open_flags): Factor out helper to
parse mode string to open flags.
(scm_open_file_with_encoding): Use the new helper.
* libguile/filesys.c:
(scm_i_mkstemp): Adapt to take optional second argument, being a mode
string. Use mkostemp.
(scm_mkstemp): Backwards compatible shim that calls scm_i_mkstemp.
* doc/ref/posix.texi:
* NEWS: Update.
* module/system/base/compile.scm (call-with-output-file/atomic): Pass
"wb" as mode, to cause O_BINARY to be added on MinGW.
* doc/ref/api-options.texi (Common Feature Symbols): Document the popen
feature.
* doc/ref/posix.texi (Pipes): Depend on the popen feature, not fork.
* libguile/posix.c (scm_init_posix): Add popen feature if we can.
* meta/build-env.in: New file which sets up an environment that does not
inherit GUILE_LOAD_PATH / GUILE_LOAD_COMPILED_PATH (unless
cross-compiling).
* doc/ref/Makefile.am (autoconf-macros.texi):
* libguile/Makefile.am (snarf2checkedtexi):
* module/Makefile.am (ice-9/psyntax-pp.go):
* test-suite/standalone/Makefile.am (GUILE_INSTALL_LOCALE):
* am/guilec (.scm.go): Use build-env.
* configure.ac: Create build-env.
* doc/ref/api-control.texi (Prompt Primitives): Remove mention of
one-shot continuations, as it's possible to invoke them multiple times
if the continuation is re-entered through other means.
* doc/ref/api-memory.texi (Garbage Collection Functions):
* doc/ref/libguile-concepts.texi (Garbage Collection): Attempt to be
clear that scanning is a thing that happens in the mark phase. Fixes
#20907 I think.
While describing special characters, remind the reader that
"non-greedy" variants are not supported. They might not be familiar
with POSIX extended regular expression and expect it to work.
* doc/ref/api-regex.texi: Add "non-greedy" observation
Linking to Emacs' regexps as an example of regexp syntax gives the
wrong impression that Guile supports it, which is not true.
* doc/ref/api-regex.texi: Remove link to Emacs' regexp syntax
Implements wishlist item <https://debbugs.gnu.org/18592>.
Requested by Frank Terbeck <ft@bewatermyfriend.org>.
Based on a proposed patch by Nala Ginrut <nalaginrut@gmail.com>.
* libguile/foreign.c (cif_to_procedure): Add 'return_errno' argument.
Store its boolean value in the object table of the generated program.
(scm_i_foreign_call): If the stored 'return_errno' flag is true, then
clear 'errno' before the call, save it after the call, and return it
as a second return value.
(pointer_to_procedure): New static function.
(scm_pointer_to_procedure_with_errno): New C API function, implemented
in terms of 'pointer_to_procedure'.
(scm_pointer_to_procedure): Reimplement in terms of
'pointer_to_procedure', no longer bound to "pointer->procedure". See
below.
(scm_i_pointer_to_procedure): New C function bound to
"pointer->procedure" which now accepts the optional #:return-errno?
keyword argument, implemented in terms of 'pointer_to_procedure'.
(k_return_errno): New keyword #:return-errno?.
* libguile/foreign.h (scm_pointer_to_procedure_with_errno): Add prototype.
* doc/ref/api-foreign.texi (Dynamic FFI): Adjust documentation.
For a long time the API failed to reach consensus among maintainers.
See <https://lists.gnu.org/archive/html/guile-devel/2015-11/msg00005.html>
and <https://lists.gnu.org/archive/html/guile-devel/2014-04/msg00069.html>.
This revert intends to break the deadlock and help further discussion to
take place with less pressure.
* libguile/foreign-object.c, libguile/foreign-object.h: Remove.
* libguile/Makefile.am (libguile_@GUILE_EFFECTIVE_VERSION@_la_SOURCES)
(modinclude_HEADERS): Adjust accordingly.
* libguile/init.c (scm_i_init_guile): Remove call to
'scm_register_foreign_object'.
* libguile.h: Remove inclusion of "libguile/foreign-object.h".
* module/system/foreign-object.scm: Remove.
* module/Makefile.am (SYSTEM_SOURCES): Adjust accordingly.
* test-suite/standalone/test-foreign-object-c.c,
test-suite/standalone/test-foreign-object-scm: Remove.
* test-suite/standalone/Makefile.am (check_SCRIPTS, check_PROGRAMS)
(TESTS): Adjust accordingly.
(test_foreign_object_c_SOURCES, test_foreign_object_c_CFLAGS)
(test_foreign_object_c_LDADD): Remove.
* doc/ref/libguile-foreign-objects.texi: Remove.
* doc/ref/api-foreign-objects.texi: Remove.
* doc/ref/libguile-smobs.texi: New file.
* doc/ref/Makefile.am (guile_TEXINFOS): Adjust accordingly.
* doc/ref/api-control.texi, doc/ref/api-smobs.texi,
doc/ref/api-utility.texi, doc/ref/guile.texi,
doc/ref/libguile-concepts.texi, doc/ref/libguile-program.texi:
Revert d9a4a1cd and 6e4630e0.
* doc/ref/guile.texi: Add 2016 to user-visible copyright notice.
* module/ice-9/command-line.scm (version-etc): Bump 'copyright-year' to
2016.
* module/system/repl/common.scm (*version*): Add 2016 to the range of
copyright years.
Adds an implementation of SRFI 25 on top of Guile's native arrays. The
implementation does not introduce a disjoint type; Guile arrays and
SRFI-25 arrays can be used interchangably, though with different, partly
conflicting APIs.
* NEWS: Add preliminary, incomplete section on 2.0.12, noting the
addition of SRFI-25.
* doc/ref/srfi-modules.texi (SRFI-25): New node.
* module/srfi/srfi-25.scm: New file.
* test-suite/tests/srfi-25.test: New file.
* module/Makefile.am:
* test-suite/Makefile.am: Add new files.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Reported in <http://bugs.gnu.org/18520>
by David Kastrup <dak@gnu.org>.
* doc/ref/api-io.texi (Random Access): Clarify the unit of the 'offset'
argument to 'seek'.
* configure.ac: Remove meta/guile-2.0.pc and
meta/guile-2.0-uninstalled.pc from 'AC_CONFIG_FILES'.
* meta/Makefile.am (substitute): New variable.
(guile-2.0.pc, guile-2.0-uninstalled.pc): New targets.
(guile-config, guild): Use $(substitute) instead of duplicated sed
script.
(CLEANFILES): Add the .pc files.
* meta/guile-2.0.pc.in (bindir, guild, guile): New variables.
* doc/ref/libguile-parallel.texi (Parallel Installations): Document the
'guild' and 'guile' pkg-config variables.
Fixes <http://bugs.gnu.org/18988>.
Reported by Chris Vine <chris@cvine.freeserve.co.uk>.
* libguile/filesys.c (scm_select): Clarify handling of signal
interruptions.
* doc/ref/posix.texi (Ports and File Descriptors): Adjust accordingly.
Suggested by David Kastrup <dak@gnu.org> in <http://bugs.gnu.org/13644>.
* libguile/read.c (scm_read_string_like_syntax): Accept "\(" as
equivalent to "(".
* doc/ref/api-data.texi (String Syntax): Document it.
* test-suite/tests/reader.test ("reading"): Add test.
