Commit | Line | Data |
---|---|---|
233e7676 | 1 | ;;; GNU Guix --- Functional package management for GNU |
079fca3b | 2 | ;;; Copyright © 2012, 2013 Andreas Enge <andreas@enge.fr> |
89e34644 | 3 | ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org> |
719f3534 | 4 | ;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name> |
a007d699 | 5 | ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> |
89e34644 | 6 | ;;; Copyright © 2012, 2013 Nikita Karetnikov <nikita@karetnikov.org> |
67fee545 | 7 | ;;; Copyright © 2012, 2017 Ludovic Courtès <ludo@gnu.org> |
47985540 | 8 | ;;; Copyright © 2017, 2019 Ricardo Wurmus <rekado@elephly.net> |
5ccd6e2b | 9 | ;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr> |
09b21b77 | 10 | ;;; Copyright © 2017 Alex Vong <alexvong1995@gmail.com> |
b5ebab80 | 11 | ;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com> |
770ea94c | 12 | ;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org> |
9dc6f288 | 13 | ;;; |
233e7676 | 14 | ;;; This file is part of GNU Guix. |
9dc6f288 | 15 | ;;; |
233e7676 | 16 | ;;; GNU Guix is free software; you can redistribute it and/or modify it |
9dc6f288 AE |
17 | ;;; under the terms of the GNU General Public License as published by |
18 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
19 | ;;; your option) any later version. | |
20 | ;;; | |
233e7676 | 21 | ;;; GNU Guix is distributed in the hope that it will be useful, but |
9dc6f288 AE |
22 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of |
23 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
24 | ;;; GNU General Public License for more details. | |
25 | ;;; | |
26 | ;;; You should have received a copy of the GNU General Public License | |
233e7676 | 27 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. |
9dc6f288 | 28 | |
89e34644 | 29 | (define-module (gnu packages kerberos) |
59a43334 | 30 | #:use-module (gnu packages) |
1abc08a8 | 31 | #:use-module (gnu packages autotools) |
1ffa7090 | 32 | #:use-module (gnu packages bison) |
255d1bbe | 33 | #:use-module (gnu packages dbm) |
1ffa7090 | 34 | #:use-module (gnu packages perl) |
1abc08a8 | 35 | #:use-module (gnu packages gettext) |
89e34644 LC |
36 | #:use-module (gnu packages gnupg) |
37 | #:use-module (gnu packages libidn) | |
770ea94c | 38 | #:use-module (gnu packages hurd) |
89e34644 LC |
39 | #:use-module (gnu packages linux) |
40 | #:use-module (gnu packages pkg-config) | |
41 | #:use-module (gnu packages compression) | |
67fee545 | 42 | #:use-module (gnu packages readline) |
cd0322a3 | 43 | #:use-module (gnu packages sqlite) |
1abc08a8 | 44 | #:use-module (gnu packages texinfo) |
89e34644 LC |
45 | #:use-module (gnu packages tls) |
46 | #:use-module ((guix licenses) #:prefix license:) | |
9dc6f288 AE |
47 | #:use-module (guix packages) |
48 | #:use-module (guix download) | |
4d53c29e | 49 | #:use-module (guix utils) |
9dc6f288 AE |
50 | #:use-module (guix build-system gnu)) |
51 | ||
52 | (define-public mit-krb5 | |
53 | (package | |
df8a09c7 | 54 | (name "mit-krb5") |
32d3f81a | 55 | (version "1.18") |
df8a09c7 LC |
56 | (source (origin |
57 | (method url-fetch) | |
6ac46bfa MB |
58 | (uri (list |
59 | (string-append "https://web.mit.edu/kerberos/dist/krb5/" | |
60 | (version-major+minor version) | |
61 | "/krb5-" version ".tar.gz") | |
62 | (string-append "https://kerberos.org/dist/krb5/" | |
63 | (version-major+minor version) | |
64 | "/krb5-" version ".tar.gz"))) | |
770ea94c JN |
65 | (patches (search-patches "mit-krb5-qualify-short-hostnames.patch" |
66 | "mit-krb5-hurd.patch")) | |
16114c34 MW |
67 | (sha256 |
68 | (base32 | |
32d3f81a | 69 | "121c5xsy3x0i4wdkrpw62yhvji6virbh6n30ypazkp0isws3k4bk")))) |
df8a09c7 LC |
70 | (build-system gnu-build-system) |
71 | (native-inputs | |
9715df7f | 72 | `(("bison" ,bison) |
16114c34 | 73 | ("perl" ,perl))) |
df8a09c7 | 74 | (arguments |
9269ce49 | 75 | `(;; XXX: On 32-bit systems, 'kdb5_util' hangs on an fcntl/F_SETLKW call |
b5ebab80 MO |
76 | ;; while running the tests in 'src/tests'. Also disable tests when |
77 | ;; cross-compiling. | |
78 | #:tests? ,(and (not (%current-target-system)) | |
79 | (string=? (%current-system) "x86_64-linux")) | |
d9ecec9b | 80 | |
b5ebab80 MO |
81 | ,@(if (%current-target-system) |
82 | '(#:configure-flags | |
47985540 RW |
83 | (list "--localstatedir=/var" |
84 | "krb5_cv_attr_constructor_destructor=yes" | |
b5ebab80 MO |
85 | "ac_cv_func_regcomp=yes" |
86 | "ac_cv_printf_positional=yes" | |
87 | "ac_cv_file__etc_environment=yes" | |
88 | "ac_cv_file__etc_TIMEZONE=no") | |
89 | #:make-flags | |
90 | (list "CFLAGS+=-DDESTRUCTOR_ATTR_WORKS=1")) | |
47985540 RW |
91 | '(#:configure-flags |
92 | (list "--localstatedir=/var"))) | |
a083b5cb | 93 | #:phases |
4d53c29e | 94 | (modify-phases %standard-phases |
16114c34 | 95 | (add-after 'unpack 'enter-source-directory |
4d53c29e MW |
96 | (lambda _ |
97 | (chdir "src") | |
98 | #t)) | |
4d53c29e | 99 | (add-before 'check 'pre-check |
b5ebab80 MO |
100 | (lambda* (#:key inputs native-inputs #:allow-other-keys) |
101 | (let ((perl (assoc-ref (or native-inputs inputs) "perl"))) | |
4d53c29e MW |
102 | (substitute* "plugins/kdb/db2/libdb2/test/run.test" |
103 | (("/bin/cat") (string-append perl "/bin/perl")) | |
58ea4d40 | 104 | (("D/bin/sh") (string-append "D" (which "sh"))) |
4d53c29e MW |
105 | (("bindir=/bin/.") (string-append "bindir=" perl "/bin")))) |
106 | ||
107 | ;; avoid service names since /etc/services is unavailable | |
df8a09c7 LC |
108 | (substitute* "tests/resolve/Makefile" |
109 | (("-p telnet") "-p 23")) | |
4d53c29e | 110 | #t))))) |
df8a09c7 LC |
111 | (synopsis "MIT Kerberos 5") |
112 | (description | |
113 | "Massachusetts Institute of Technology implementation of Kerberos. | |
9dc6f288 | 114 | Kerberos is a network authentication protocol designed to provide strong |
e881752c AK |
115 | authentication for client/server applications by using secret-key |
116 | cryptography.") | |
89e34644 LC |
117 | (license (license:non-copyleft "file://NOTICE" |
118 | "See NOTICE in the distribution.")) | |
a0087cf5 | 119 | (home-page "https://web.mit.edu/kerberos/") |
5e578674 | 120 | (properties '((cpe-name . "kerberos"))))) |
89e34644 LC |
121 | |
122 | (define-public shishi | |
123 | (package | |
124 | (name "shishi") | |
125 | (version "1.0.2") | |
126 | (source | |
127 | (origin | |
128 | (method url-fetch) | |
129 | (uri (string-append "mirror://gnu/shishi/shishi-" | |
130 | version ".tar.gz")) | |
1abc08a8 | 131 | (patches (search-patches "shishi-fix-libgcrypt-detection.patch")) |
89e34644 LC |
132 | (sha256 |
133 | (base32 | |
134 | "032qf72cpjdfffq1yq54gz3ahgqf2ijca4vl31sfabmjzq9q370d")))) | |
135 | (build-system gnu-build-system) | |
1abc08a8 LF |
136 | (arguments |
137 | '(;; This is required since we patch some of the build scripts. | |
2ca3fdc2 DM |
138 | ;; Remove first two items for the next Shishi release after 1.0.2 or |
139 | ;; when removing 'shishi-fix-libgcrypt-detection.patch'. | |
140 | #:configure-flags | |
141 | '("ac_cv_libgcrypt=yes" "--disable-static" | |
142 | "--with-key-dir=/etc/shishi" "--with-db-dir=/var/shishi") | |
143 | #:phases | |
144 | (modify-phases %standard-phases | |
145 | (add-after 'configure 'disable-automatic-key-generation | |
146 | (lambda* (#:key outputs #:allow-other-keys) | |
147 | (substitute* "Makefile" | |
148 | (("^install-data-hook:") | |
149 | "install-data-hook:\nx:\n")) | |
150 | #t))))) | |
89e34644 LC |
151 | (native-inputs `(("pkg-config" ,pkg-config))) |
152 | (inputs | |
153 | `(("gnutls" ,gnutls) | |
154 | ("libidn" ,libidn) | |
155 | ("linux-pam" ,linux-pam-1.2) | |
156 | ("zlib" ,zlib) | |
1abc08a8 | 157 | ("libgcrypt" ,libgcrypt) |
89e34644 | 158 | ("libtasn1" ,libtasn1))) |
6fd52309 | 159 | (home-page "https://www.gnu.org/software/shishi/") |
89e34644 LC |
160 | (synopsis "Implementation of the Kerberos 5 network security system") |
161 | (description | |
162 | "GNU Shishi is a free implementation of the Kerberos 5 network security | |
163 | system. It is used to allow non-secure network nodes to communicate in a | |
2ca3fdc2 DM |
164 | secure manner through client-server mutual authentication via tickets. |
165 | ||
166 | After installation, the system administrator should generate keys using | |
167 | @code{shisa -a /etc/shishi/shishi.keys}.") | |
89e34644 | 168 | (license license:gpl3+))) |
67fee545 LC |
169 | |
170 | (define-public heimdal | |
171 | (package | |
172 | (name "heimdal") | |
5c4aa84e | 173 | (version "7.7.0") |
67fee545 LC |
174 | (source (origin |
175 | (method url-fetch) | |
09b21b77 AV |
176 | (uri (string-append |
177 | "https://github.com/heimdal/heimdal/releases/download/" | |
178 | "heimdal-" version "/" "heimdal-" version ".tar.gz")) | |
67fee545 LC |
179 | (sha256 |
180 | (base32 | |
5c4aa84e | 181 | "06vx3cb01s4lv3lpv0qzbbj97cln1np1wjphkkmmbk1lsqa36bgh")) |
67fee545 LC |
182 | (modules '((guix build utils))) |
183 | (snippet | |
6cbee49d MW |
184 | '(begin |
185 | (substitute* "configure" | |
186 | (("User=.*$") "User=Guix\n") | |
09b21b77 | 187 | (("Host=.*$") "Host=GNU") |
5c4aa84e | 188 | (("Date=.*$") "Date=2019\n")) |
6cbee49d | 189 | #t)))) |
67fee545 LC |
190 | (build-system gnu-build-system) |
191 | (arguments | |
192 | '(#:configure-flags (list | |
67fee545 LC |
193 | ;; Avoid 7 MiB of .a files. |
194 | "--disable-static" | |
195 | ||
196 | ;; Do not build libedit. | |
197 | (string-append | |
198 | "--with-readline-lib=" | |
199 | (assoc-ref %build-inputs "readline") "/lib") | |
200 | (string-append | |
201 | "--with-readline-include=" | |
09b21b77 AV |
202 | (assoc-ref %build-inputs "readline") "/include") |
203 | ||
204 | ;; Do not build sqlite. | |
205 | (string-append | |
206 | "--with-sqlite3=" | |
207 | (assoc-ref %build-inputs "sqlite"))) | |
67fee545 LC |
208 | |
209 | #:phases (modify-phases %standard-phases | |
09b21b77 | 210 | (add-before 'configure 'pre-configure |
67fee545 | 211 | (lambda _ |
09b21b77 AV |
212 | (substitute* '("appl/afsutil/pagsh.c" |
213 | "tools/Makefile.in") | |
214 | (("/bin/sh") (which "sh"))) | |
215 | #t)) | |
216 | (add-before 'check 'pre-check | |
217 | (lambda _ | |
218 | ;; For 'getxxyyy-test'. | |
219 | (setenv "USER" (passwd:name (getpwuid (getuid)))) | |
220 | ||
221 | ;; Skip 'db' and 'kdc' tests for now. | |
222 | ;; FIXME: figure out why 'kdc' tests fail. | |
223 | (with-output-to-file "tests/db/have-db.in" | |
224 | (lambda () | |
225 | (format #t "#!~a~%exit 1~%" (which "sh")))) | |
226 | #t))) | |
227 | ;; Tests fail when run in parallel. | |
228 | #:parallel-tests? #f)) | |
229 | (native-inputs `(("e2fsprogs" ,e2fsprogs) ;for 'compile_et' | |
230 | ("texinfo" ,texinfo) | |
231 | ("unzip" ,unzip))) ;for tests | |
67fee545 LC |
232 | (inputs `(("readline" ,readline) |
233 | ("bdb" ,bdb) | |
09b21b77 AV |
234 | ("e2fsprogs" ,e2fsprogs) ;for libcom_err |
235 | ("sqlite" ,sqlite))) | |
67fee545 LC |
236 | (home-page "http://www.h5l.org/") |
237 | (synopsis "Kerberos 5 network authentication") | |
238 | (description | |
239 | "Heimdal is an implementation of Kerberos 5 network authentication | |
240 | service.") | |
241 | (license license:bsd-3))) |