From 24caf232b7ebadd2fc78fbeeca80da4b02fe9500 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Wed, 4 Aug 2021 22:01:07 +0200
Subject: [PATCH 1/2] mosquitto: 2.0.10 -> 2.0.11

Fixes CVE-2021-34431.

https://github.com/eclipse/mosquitto/blob/v2.0.11/ChangeLog.txt
(cherry picked from commit ded0f0ede6c5ebda4eb88e8158a4115b2780a9fe)
---
 pkgs/servers/mqtt/mosquitto/default.nix | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/pkgs/servers/mqtt/mosquitto/default.nix b/pkgs/servers/mqtt/mosquitto/default.nix
index 9e251e1bc22..984d2115598 100644
--- a/pkgs/servers/mqtt/mosquitto/default.nix
+++ b/pkgs/servers/mqtt/mosquitto/default.nix
@@ -12,19 +12,29 @@
 , openssl
 , withSystemd ? stdenv.isLinux
 , systemd
+, fetchpatch
 }:
 
 stdenv.mkDerivation rec {
   pname = "mosquitto";
-  version = "2.0.10";
+  version = "2.0.11";
 
   src = fetchFromGitHub {
     owner = "eclipse";
     repo = pname;
     rev = "v${version}";
-    sha256 = "144vw7b9ja4lci4mplbxs048x9aixd9c3s7rg6wc1k31w099rb12";
+    sha256 = "1i0kkqhjxqahkhsl60s46zlywa87jakv7h4sr3fhi1v53vwpb9mg";
   };
 
+  patches = lib.optionals stdenv.isDarwin [
+    (fetchpatch {
+      name = "revert-cmake-shared-to-module.patch"; # See https://github.com/eclipse/mosquitto/issues/2277
+      url = "https://github.com/eclipse/mosquitto/commit/e21eaeca37196439b3e89bb8fd2eb1903ef94845.patch";
+      sha256 = "14syi2c1rks8sl2aw09my276w45yq1iasvzkqcrqwy4drdqrf069";
+      revert = true;
+    })
+  ];
+
   postPatch = ''
     for f in html manpage ; do
       substituteInPlace man/$f.xsl \

From 476832f9bad41704e2abc8c96e034b847afaa0de Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Wed, 1 Sep 2021 14:35:31 +0200
Subject: [PATCH 2/2] mosquitto: 2.0.11 -> 2.0.12

https://github.com/eclipse/mosquitto/blob/v2.0.12/ChangeLog.txt
(cherry picked from commit d4c75580c18c78bdf81810dc73aab76e10754190)
---
 pkgs/servers/mqtt/mosquitto/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/servers/mqtt/mosquitto/default.nix b/pkgs/servers/mqtt/mosquitto/default.nix
index 984d2115598..67200f5515a 100644
--- a/pkgs/servers/mqtt/mosquitto/default.nix
+++ b/pkgs/servers/mqtt/mosquitto/default.nix
@@ -17,13 +17,13 @@
 
 stdenv.mkDerivation rec {
   pname = "mosquitto";
-  version = "2.0.11";
+  version = "2.0.12";
 
   src = fetchFromGitHub {
     owner = "eclipse";
     repo = pname;
     rev = "v${version}";
-    sha256 = "1i0kkqhjxqahkhsl60s46zlywa87jakv7h4sr3fhi1v53vwpb9mg";
+    sha256 = "0bn6vpk6gdxrnm3aw3j2g0ny6cx2arv8pmv4x8302pr6qcrz57s6";
   };
 
   patches = lib.optionals stdenv.isDarwin [