Commit | Line | Data |
---|---|---|
2fbf053b | 1 | ;;; GNU Guix --- Functional package management for GNU |
2102ae2e | 2 | ;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org> |
06ed5982 | 3 | ;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr> |
45f2ffb4 | 4 | ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org> |
dec3e015 | 5 | ;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il> |
78d80c5c | 6 | ;;; Copyright © 2016 Leo Famulari <leo@famulari.name> |
c777570b | 7 | ;;; Copyright © 2016 Nicolas Goaziou <mail@nicolasgoaziou.fr> |
2fbf053b AE |
8 | ;;; |
9 | ;;; This file is part of GNU Guix. | |
10 | ;;; | |
11 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
12 | ;;; under the terms of the GNU General Public License as published by | |
13 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
14 | ;;; your option) any later version. | |
15 | ;;; | |
16 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
17 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
18 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
19 | ;;; GNU General Public License for more details. | |
20 | ;;; | |
21 | ;;; You should have received a copy of the GNU General Public License | |
22 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
23 | ||
24 | (define-module (gnu packages ssh) | |
2102ae2e DC |
25 | #:use-module (gnu packages) |
26 | #:use-module (gnu packages autotools) | |
27 | #:use-module (gnu packages base) | |
28 | #:autoload (gnu packages boost) (boost) | |
2fbf053b | 29 | #:use-module (gnu packages compression) |
2102ae2e | 30 | #:use-module (gnu packages elf) |
2fbf053b | 31 | #:use-module (gnu packages gnupg) |
2102ae2e | 32 | #:use-module (gnu packages gperf) |
fe0b8a78 | 33 | #:use-module (gnu packages groff) |
49d294e5 | 34 | #:use-module (gnu packages guile) |
2102ae2e DC |
35 | #:use-module (gnu packages linux) |
36 | #:use-module (gnu packages m4) | |
37 | #:use-module (gnu packages multiprecision) | |
87bf526b | 38 | #:use-module (gnu packages ncurses) |
2102ae2e DC |
39 | #:use-module (gnu packages nettle) |
40 | #:use-module (gnu packages perl) | |
41 | #:use-module (gnu packages pkg-config) | |
87bf526b | 42 | #:autoload (gnu packages protobuf) (protobuf) |
2102ae2e DC |
43 | #:use-module (gnu packages readline) |
44 | #:use-module (gnu packages texinfo) | |
cc2b77df | 45 | #:use-module (gnu packages tls) |
2102ae2e DC |
46 | #:use-module (gnu packages xorg) |
47 | #:use-module (guix build-system cmake) | |
48 | #:use-module (guix build-system gnu) | |
2fbf053b | 49 | #:use-module (guix download) |
817efe8b | 50 | #:use-module (guix git-download) |
2102ae2e DC |
51 | #:use-module ((guix licenses) #:prefix license:) |
52 | #:use-module (guix packages)) | |
1681cd4a LC |
53 | |
54 | (define-public libssh | |
55 | (package | |
56 | (name "libssh") | |
85267efb | 57 | (version "0.7.3") |
1681cd4a LC |
58 | (source (origin |
59 | (method url-fetch) | |
87390c15 | 60 | (uri (string-append |
85267efb | 61 | "https://red.libssh.org/attachments/download/195/libssh-" |
87390c15 | 62 | version ".tar.xz")) |
1681cd4a LC |
63 | (sha256 |
64 | (base32 | |
85267efb | 65 | "165g49i4kmm3bfsjm0n8hm21kadv79g9yjqyq09138jxanz4dvr6")))) |
1681cd4a | 66 | (build-system cmake-build-system) |
deed349b | 67 | (arguments |
06ed5982 | 68 | '(#:configure-flags '("-DWITH_GCRYPT=ON") |
deed349b LC |
69 | |
70 | ;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite. | |
06ed5982 | 71 | #:tests? #f)) |
1681cd4a | 72 | (inputs `(("zlib" ,zlib) |
b3546174 | 73 | ("libgcrypt" ,libgcrypt))) |
1681cd4a LC |
74 | (synopsis "SSH client library") |
75 | (description | |
76 | "libssh is a C library implementing the SSHv2 and SSHv1 protocol for | |
77 | client and server implementations. With libssh, you can remotely execute | |
78 | programs, transfer files, and use a secure and transparent tunnel for your | |
79 | remote applications.") | |
80 | (home-page "http://www.libssh.org") | |
81 | (license license:lgpl2.1+))) | |
2fbf053b | 82 | |
85267efb | 83 | (define libssh-0.6 ; kept private for use in guile-ssh |
9c333da6 | 84 | (package (inherit libssh) |
85267efb | 85 | (version "0.6.5") |
9c333da6 LC |
86 | (source (origin |
87 | (method url-fetch) | |
85267efb LF |
88 | (uri (string-append "https://red.libssh.org/attachments/" |
89 | "download/121/libssh-" | |
90 | version ".tar.xz")) | |
9c333da6 LC |
91 | (sha256 |
92 | (base32 | |
85267efb | 93 | "0b6wyx6bwbb8jpn8x4rhlrdiqwqrwrs0mxjmrnqykm9kw1ijgm8g")) |
fc1adab1 AK |
94 | (patches (search-patches |
95 | "libssh-0.6.5-CVE-2016-0739.patch")))))) | |
9c333da6 | 96 | |
2fbf053b AE |
97 | (define-public libssh2 |
98 | (package | |
99 | (name "libssh2") | |
78d80c5c | 100 | (version "1.7.0") |
2fbf053b AE |
101 | (source (origin |
102 | (method url-fetch) | |
103 | (uri (string-append | |
78d80c5c | 104 | "https://www.libssh2.org/download/libssh2-" |
2fbf053b | 105 | version ".tar.gz")) |
78d80c5c LF |
106 | (sha256 |
107 | (base32 | |
108 | "116mh112w48vv9k3f15ggp5kxw5sj4b88dzb5j69llsh7ba1ymp4")))) | |
2fbf053b | 109 | (build-system gnu-build-system) |
e9c14f37 EB |
110 | ;; The installed libssh2.pc file does not include paths to libgcrypt and |
111 | ;; zlib libraries, so we need to propagate the inputs. | |
112 | (propagated-inputs `(("libgcrypt" ,libgcrypt) | |
113 | ("zlib" ,zlib))) | |
114 | (arguments '(#:configure-flags `("--with-libgcrypt"))) | |
35b9e423 | 115 | (synopsis "Client-side C library implementing the SSH2 protocol") |
2fbf053b AE |
116 | (description |
117 | "libssh2 is a library intended to allow software developers access to | |
35b9e423 | 118 | the SSH-2 protocol in an easy-to-use self-contained package. It can be built |
2fbf053b AE |
119 | into an application to perform many different tasks when communicating with |
120 | a server that supports the SSH-2 protocol.") | |
121 | (license license:bsd-3) | |
122 | (home-page "http://www.libssh2.org/"))) | |
fe0b8a78 AE |
123 | |
124 | (define-public openssh | |
125 | (package | |
126 | (name "openssh") | |
742effef | 127 | (version "7.3p1") |
fe0b8a78 AE |
128 | (source (origin |
129 | (method url-fetch) | |
ca2baf10 | 130 | (uri (let ((tail (string-append name "-" version ".tar.gz"))) |
087a4e9c | 131 | (list (string-append "http://openbsd.cs.fau.de/pub/OpenBSD/OpenSSH/portable/" |
ca2baf10 | 132 | tail) |
087a4e9c MW |
133 | (string-append "http://ftp.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/" |
134 | tail) | |
135 | (string-append "http://ftp2.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/" | |
ca2baf10 | 136 | tail)))) |
fe0b8a78 | 137 | (sha256 (base32 |
742effef | 138 | "1k5y1wi29d47cgizbryxrhc1fbjsba2x8l5mqfa9b9nadnd9iyrz")))) |
fe0b8a78 AE |
139 | (build-system gnu-build-system) |
140 | (inputs `(("groff" ,groff) | |
141 | ("openssl" ,openssl) | |
683a4a34 LC |
142 | ("zlib" ,zlib) |
143 | ("xauth" ,xauth))) ;for 'ssh -X' and 'ssh -Y' | |
fe0b8a78 AE |
144 | (arguments |
145 | `(#:test-target "tests" | |
146 | #:phases | |
a9ee11d5 RW |
147 | (modify-phases %standard-phases |
148 | (add-after 'configure 'reset-/var/empty | |
149 | (lambda* (#:key outputs #:allow-other-keys) | |
150 | (let ((out (assoc-ref outputs "out"))) | |
151 | (substitute* "Makefile" | |
152 | (("PRIVSEP_PATH=/var/empty") | |
153 | (string-append "PRIVSEP_PATH=" out "/var/empty"))) | |
154 | #t))) | |
155 | (add-before 'check 'patch-tests | |
156 | (lambda _ | |
157 | ;; remove 't-exec' regress target which requires user 'sshd' | |
158 | (substitute* "regress/Makefile" | |
159 | (("^(REGRESS_TARGETS=.*) t-exec(.*)" all pre post) | |
160 | (string-append pre post))) | |
161 | #t)) | |
162 | (replace 'install | |
36f26211 | 163 | (lambda* (#:key outputs (make-flags '()) #:allow-other-keys) |
a9ee11d5 | 164 | ;; install without host keys and system configuration files |
36f26211 RW |
165 | (and (zero? (apply system* "make" "install-nosysconf" make-flags)) |
166 | (begin | |
167 | (install-file "contrib/ssh-copy-id" | |
168 | (string-append (assoc-ref outputs "out") | |
169 | "/bin/")) | |
170 | (chmod (string-append (assoc-ref outputs "out") | |
171 | "/bin/ssh-copy-id") #o555) | |
172 | (install-file "contrib/ssh-copy-id.1" | |
173 | (string-append (assoc-ref outputs "out") | |
174 | "/share/man/man1/")) | |
175 | #t))))))) | |
35b9e423 | 176 | (synopsis "Client and server for the secure shell (ssh) protocol") |
fe0b8a78 AE |
177 | (description |
178 | "The SSH2 protocol implemented in OpenSSH is standardised by the | |
179 | IETF secsh working group and is specified in several RFCs and drafts. | |
180 | It is composed of three layered components: | |
181 | ||
182 | The transport layer provides algorithm negotiation and a key exchange. | |
183 | The key exchange includes server authentication and results in a | |
184 | cryptographically secured connection: it provides integrity, confidentiality | |
185 | and optional compression. | |
186 | ||
187 | The user authentication layer uses the established connection and relies on | |
35b9e423 EB |
188 | the services provided by the transport layer. It provides several mechanisms |
189 | for user authentication. These include traditional password authentication | |
fe0b8a78 AE |
190 | as well as public-key or host-based authentication mechanisms. |
191 | ||
192 | The connection layer multiplexes many different concurrent channels over the | |
193 | authenticated connection and allows tunneling of login sessions and | |
35b9e423 | 194 | TCP-forwarding. It provides a flow control service for these channels. |
fe0b8a78 | 195 | Additionally, various channel-specific options can be negotiated.") |
166191b3 | 196 | (license (license:non-copyleft "file://LICENSE" |
fe0b8a78 AE |
197 | "See LICENSE in the distribution.")) |
198 | (home-page "http://www.openssh.org/"))) | |
199 | ||
49d294e5 LC |
200 | (define-public guile-ssh |
201 | (package | |
202 | (name "guile-ssh") | |
319007c5 | 203 | (version "0.9.0") |
49d294e5 | 204 | (source (origin |
44fd0994 LC |
205 | ;; ftp://memory-heap.org/software/guile-ssh/guile-ssh-VERSION.tar.gz |
206 | ;; exists, but the server appears to be too slow and unreliable. | |
817efe8b LC |
207 | (method git-fetch) |
208 | (uri (git-reference | |
209 | (url "https://github.com/artyom-poptsov/libguile-ssh.git") | |
46ffff90 | 210 | (commit (string-append "v" version)))) |
821f4dc2 | 211 | (file-name (string-append name "-" version "-checkout")) |
49d294e5 LC |
212 | (sha256 |
213 | (base32 | |
319007c5 | 214 | "04zs1cykwdyj51ag62ymrkgsja9dbhbaaglkvbfbac0bkxl2ir6d")))) |
49d294e5 LC |
215 | (build-system gnu-build-system) |
216 | (arguments | |
9dcd1b3b MW |
217 | '(#:phases (alist-cons-after |
218 | 'unpack 'autoreconf | |
49d294e5 | 219 | (lambda* (#:key inputs #:allow-other-keys) |
817efe8b | 220 | (chmod "doc/version.texi" #o777) ;make it writable |
49d294e5 LC |
221 | (zero? (system* "autoreconf" "-vfi"))) |
222 | (alist-cons-after | |
223 | 'install 'fix-libguile-ssh-file-name | |
224 | (lambda* (#:key outputs #:allow-other-keys) | |
225 | (let* ((out (assoc-ref outputs "out")) | |
226 | (libdir (string-append out "/lib")) | |
227 | (guiledir (string-append out | |
228 | "/share/guile/site/2.0"))) | |
229 | (substitute* (find-files guiledir ".scm") | |
230 | (("\"libguile-ssh\"") | |
231 | (string-append "\"" libdir "/libguile-ssh\""))) | |
232 | ||
233 | ;; Make sure it works. | |
234 | (setenv "GUILE_LOAD_PATH" guiledir) | |
235 | (setenv "GUILE_LOAD_COMPILED_PATH" guiledir) | |
843b1962 LC |
236 | (zero? |
237 | (system* "guile" "-c" "(use-modules (ssh session))")))) | |
49d294e5 LC |
238 | %standard-phases)) |
239 | #:configure-flags (list (string-append "--with-guilesitedir=" | |
240 | (assoc-ref %outputs "out") | |
00ee3a71 LC |
241 | "/share/guile/site/2.0")) |
242 | ||
afde8da3 LC |
243 | ;; Tests are not parallel-safe. |
244 | #:parallel-tests? #f)) | |
49d294e5 LC |
245 | (native-inputs `(("autoconf" ,autoconf) |
246 | ("automake" ,automake) | |
3246cc91 | 247 | ("libtool" ,libtool) |
00ee3a71 | 248 | ("texinfo" ,texinfo) |
49d294e5 LC |
249 | ("pkg-config" ,pkg-config) |
250 | ("which" ,which))) | |
251 | (inputs `(("guile" ,guile-2.0) | |
85267efb | 252 | ("libssh" ,libssh-0.6) |
44fd0994 | 253 | ("libgcrypt" ,libgcrypt))) |
49d294e5 LC |
254 | (synopsis "Guile bindings to libssh") |
255 | (description | |
256 | "Guile-SSH is a library that provides access to the SSH protocol for | |
257 | programs written in GNU Guile interpreter. It is a wrapper to the underlying | |
258 | libssh library.") | |
259 | (home-page "https://github.com/artyom-poptsov/libguile-ssh") | |
260 | (license license:gpl3+))) | |
513e1950 SHT |
261 | |
262 | (define-public corkscrew | |
263 | (package | |
264 | (name "corkscrew") | |
265 | (version "2.0") | |
266 | (source | |
267 | (origin | |
268 | (method url-fetch) | |
269 | (uri (string-append "http://www.agroman.net/corkscrew/corkscrew-" | |
270 | version ".tar.gz")) | |
271 | (sha256 (base32 | |
272 | "1gmhas4va6gd70i2x2mpxpwpgww6413mji29mg282jms3jscn3qd")))) | |
273 | (build-system gnu-build-system) | |
274 | (arguments | |
275 | ;; Replace configure phase as the ./configure script does not link | |
276 | ;; CONFIG_SHELL and SHELL passed as parameters | |
277 | '(#:phases | |
91c52629 EF |
278 | (modify-phases %standard-phases |
279 | (replace 'configure | |
280 | (lambda* (#:key outputs inputs system build target | |
281 | #:allow-other-keys #:rest args) | |
282 | (let* ((configure (assoc-ref %standard-phases 'configure)) | |
283 | (prefix (assoc-ref outputs "out")) | |
284 | (bash (which "bash")) | |
285 | ;; Set --build and --host flags as the provided config.guess | |
286 | ;; is not able to detect them | |
287 | (flags `(,(string-append "--prefix=" prefix) | |
288 | ,(string-append "--build=" build) | |
289 | ,(string-append "--host=" (or target build))))) | |
290 | (setenv "CONFIG_SHELL" bash) | |
291 | (zero? (apply system* bash | |
292 | (string-append "." "/configure") | |
293 | flags)))))))) | |
513e1950 | 294 | (home-page "http://www.agroman.net/corkscrew") |
9e771e3b | 295 | (synopsis "Tunneling SSH through HTTP proxies") |
513e1950 SHT |
296 | (description |
297 | "Corkscrew allows creating TCP tunnels through HTTP proxies. WARNING: | |
298 | At the moment only plain text authentication is supported, should you require | |
299 | to use it with your HTTP proxy. Digest based authentication may be supported | |
300 | in future and NTLM based authentication is most likey never be supported.") | |
301 | (license license:gpl2+))) | |
87bf526b LC |
302 | |
303 | (define-public mosh | |
304 | (package | |
305 | (name "mosh") | |
0ec60d6e | 306 | (version "1.2.6") |
87bf526b LC |
307 | (source (origin |
308 | (method url-fetch) | |
c3671282 | 309 | (uri (string-append "https://mosh.org/mosh-" version ".tar.gz")) |
87bf526b LC |
310 | (sha256 |
311 | (base32 | |
0ec60d6e | 312 | "118fhpm754wpklf1blnlq5xbvrxqml6rdfs3b07wg666zkxvg0ky")))) |
87bf526b LC |
313 | (build-system gnu-build-system) |
314 | (arguments | |
11379192 EF |
315 | '(#:phases |
316 | (modify-phases %standard-phases | |
317 | (add-after 'install 'wrap | |
318 | (lambda* (#:key outputs #:allow-other-keys) | |
319 | ;; Make sure 'mosh' can find 'mosh-client' and | |
320 | ;; 'mosh-server'. | |
321 | (let* ((out (assoc-ref outputs "out")) | |
322 | (bin (string-append out "/bin"))) | |
323 | (wrap-program (string-append bin "/mosh") | |
324 | `("PATH" ":" prefix (,bin))))))))) | |
87bf526b LC |
325 | (native-inputs |
326 | `(("pkg-config" ,pkg-config))) | |
327 | (inputs | |
328 | `(("openssl" ,openssl) | |
329 | ("perl" ,perl) | |
330 | ("perl-io-tty" ,perl-io-tty) | |
331 | ("zlib" ,zlib) | |
332 | ("ncurses" ,ncurses) | |
333 | ("protobuf" ,protobuf) | |
334 | ("boost-headers" ,boost))) | |
c3671282 | 335 | (home-page "https://mosh.org/") |
87bf526b LC |
336 | (synopsis "Remote shell tolerant to intermittent connectivity") |
337 | (description | |
338 | "Remote terminal application that allows roaming, supports intermittent | |
339 | connectivity, and provides intelligent local echo and line editing of user | |
340 | keystrokes. Mosh is a replacement for SSH. It's more robust and responsive, | |
341 | especially over Wi-Fi, cellular, and long-distance links.") | |
342 | (license license:gpl3+))) | |
8c6cfd55 JD |
343 | |
344 | (define-public dropbear | |
345 | (package | |
346 | (name "dropbear") | |
1a6d3d2d | 347 | (version "2016.73") |
8c6cfd55 JD |
348 | (source (origin |
349 | (method url-fetch) | |
350 | (uri (string-append | |
dec3e015 | 351 | "https://matt.ucc.asn.au/" name "/releases/" |
a124bbd2 | 352 | name "-" version ".tar.bz2")) |
8c6cfd55 | 353 | (sha256 |
dec3e015 | 354 | (base32 |
1a6d3d2d | 355 | "1mzg18jss1bsmcnn88zv7kv5yj01hzimndnd5636hfq9kgva8qaw")))) |
8c6cfd55 JD |
356 | (build-system gnu-build-system) |
357 | (arguments `(#:tests? #f)) ; There is no "make check" or anything similar | |
358 | (inputs `(("zlib" ,zlib))) | |
359 | (synopsis "Small SSH server and client") | |
360 | (description "Dropbear is a relatively small SSH server and | |
35b9e423 EB |
361 | client. It runs on a variety of POSIX-based platforms. Dropbear is |
362 | particularly useful for embedded systems, such as wireless routers.") | |
8c6cfd55 JD |
363 | (home-page "https://matt.ucc.asn.au/dropbear/dropbear.html") |
364 | (license (license:x11-style "" "See file LICENSE.")))) | |
2102ae2e DC |
365 | |
366 | (define-public liboop | |
367 | (package | |
368 | (name "liboop") | |
369 | (version "1.0") | |
370 | (source | |
371 | (origin | |
372 | (method url-fetch) | |
373 | (uri (string-append "http://download.ofb.net/liboop/liboop-" | |
374 | version ".tar.gz")) | |
375 | (sha256 | |
376 | (base32 | |
377 | "0z6rlalhvfca64jpvksppc9bdhs7jwhiw4y35g5ibvh91xp3rn1l")) | |
378 | (patches (search-patches "liboop-mips64-deplibs-fix.patch")))) | |
379 | (build-system gnu-build-system) | |
380 | (home-page "http://www.lysator.liu.se/liboop/") | |
381 | (synopsis "Event loop library") | |
382 | (description "Liboop is a low-level event loop management library for | |
383 | POSIX-based operating systems. It supports the development of modular, | |
384 | multiplexed applications which may respond to events from several sources. It | |
385 | replaces the \"select() loop\" and allows the registration of event handlers | |
386 | for file and network I/O, timers and signals. Since processes use these | |
387 | mechanisms for almost all external communication, liboop can be used as the | |
388 | basis for almost any application.") | |
389 | (license license:lgpl2.1+))) | |
390 | ||
391 | (define-public lsh | |
392 | (package | |
393 | (name "lsh") | |
394 | (version "2.1") | |
395 | (source (origin | |
396 | (method url-fetch) | |
397 | (uri (string-append "mirror://gnu/lsh/lsh-" | |
398 | version ".tar.gz")) | |
399 | (sha256 | |
400 | (base32 | |
401 | "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb")) | |
402 | (modules '((guix build utils))) | |
403 | (snippet | |
404 | '(begin | |
405 | (substitute* "src/testsuite/functions.sh" | |
406 | (("localhost") | |
407 | ;; Avoid host name lookups since they don't work in | |
408 | ;; chroot builds. | |
409 | "127.0.0.1") | |
410 | (("set -e") | |
411 | ;; Make tests more verbose. | |
412 | "set -e\nset -x")) | |
413 | ||
414 | (substitute* (find-files "src/testsuite" "-test$") | |
415 | (("localhost") "127.0.0.1")) | |
416 | ||
417 | (substitute* "src/testsuite/login-auth-test" | |
418 | (("/bin/cat") "cat")))))) | |
419 | (build-system gnu-build-system) | |
420 | (native-inputs | |
421 | `(("m4" ,m4) | |
422 | ("guile" ,guile-2.0) | |
423 | ("gperf" ,gperf) | |
424 | ("psmisc" ,psmisc))) ; for `killall' | |
425 | (inputs | |
426 | `(("nettle" ,nettle-2) | |
427 | ("linux-pam" ,linux-pam) | |
428 | ||
429 | ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in | |
430 | ;; Readline 6.3. | |
431 | ("readline" ,readline-6.2) | |
432 | ||
433 | ("liboop" ,liboop) | |
434 | ("zlib" ,zlib) | |
435 | ("gmp" ,gmp) | |
436 | ||
437 | ;; The server (lshd) invokes xauth when X11 forwarding is requested. | |
438 | ;; This adds 24 MiB (or 27%) to the closure of lsh. | |
439 | ("xauth" ,xauth))) | |
440 | (arguments | |
441 | '(;; Skip the `configure' test that checks whether /dev/ptmx & | |
442 | ;; co. work as expected, because it relies on impurities (for | |
443 | ;; instance, /dev/pts may be unavailable in chroots.) | |
444 | #:configure-flags '("lsh_cv_sys_unix98_ptys=yes") | |
445 | ||
446 | ;; FIXME: Tests won't run in a chroot, presumably because | |
447 | ;; /etc/profile is missing, and thus clients get an empty $PATH | |
448 | ;; and nothing works. | |
449 | #:tests? #f | |
450 | ||
451 | #:phases | |
452 | (modify-phases %standard-phases | |
453 | (add-before 'configure 'pre-configure | |
454 | (lambda* (#:key inputs #:allow-other-keys) | |
455 | (let* ((nettle (assoc-ref inputs "nettle")) | |
456 | (sexp-conv (string-append nettle "/bin/sexp-conv"))) | |
457 | ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place | |
458 | ;; by default. | |
459 | (substitute* "src/environ.h.in" | |
460 | (("^#define PATH_SEXP_CONV.*") | |
461 | (string-append "#define PATH_SEXP_CONV \"" | |
462 | sexp-conv "\"\n"))) | |
463 | ||
464 | ;; Same for the 'lsh-authorize' script. | |
465 | (substitute* "src/lsh-authorize" | |
466 | (("=sexp-conv") | |
467 | (string-append "=" sexp-conv))) | |
468 | ||
469 | ;; Tell lshd where 'xauth' lives. Another option would be to | |
470 | ;; hardcode "/run/current-system/profile/bin/xauth", thereby | |
471 | ;; reducing the closure size, but that wouldn't work on foreign | |
472 | ;; distros. | |
473 | (with-fluids ((%default-port-encoding "ISO-8859-1")) | |
474 | (substitute* "src/server_x11.c" | |
475 | (("define XAUTH_PROGRAM.*") | |
476 | (string-append "define XAUTH_PROGRAM \"" | |
477 | (assoc-ref inputs "xauth") | |
478 | "/bin/xauth\"\n"))))) | |
479 | ||
480 | ;; Tests rely on $USER being set. | |
481 | (setenv "USER" "guix")))))) | |
482 | (home-page "http://www.lysator.liu.se/~nisse/lsh/") | |
483 | (synopsis "GNU implementation of the Secure Shell (ssh) protocols") | |
484 | (description | |
485 | "GNU lsh is a free implementation of the SSH version 2 protocol. It is | |
486 | used to create a secure line of communication between two computers, | |
487 | providing shell access to the server system from the client. It provides | |
488 | both the server daemon and the client application, as well as tools for | |
489 | manipulating key files.") | |
490 | (license license:gpl2+))) | |
c777570b NG |
491 | |
492 | (define-public sshpass | |
493 | (package | |
494 | (name "sshpass") | |
495 | (version "1.06") | |
496 | (synopsis "Non-interactive password authentication with SSH") | |
497 | (home-page "https://sourceforge.net/projects/sshpass/") | |
498 | (source | |
499 | (origin | |
500 | (method url-fetch) | |
501 | (uri (string-append "mirror://sourceforge/sshpass/sshpass/" | |
502 | version "/sshpass-" version ".tar.gz")) | |
503 | (sha256 | |
504 | (base32 | |
505 | "0q7fblaczb7kwbsz0gdy9267z0sllzgmf0c7z5c9mf88wv74ycn6")))) | |
506 | (build-system gnu-build-system) | |
507 | (description "sshpass is a tool for non-interactivly performing password | |
508 | authentication with SSH's so-called @dfn{interactive keyboard password | |
509 | authentication}.") | |
510 | (license license:gpl2+))) |