Commit | Line | Data |
---|---|---|
233e7676 | 1 | ;;; GNU Guix --- Functional package management for GNU |
079fca3b | 2 | ;;; Copyright © 2012, 2013 Andreas Enge <andreas@enge.fr> |
89e34644 | 3 | ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org> |
6f8ede1a | 4 | ;;; Copyright © 2016 Leo Famulari <leo@famulari.name> |
a007d699 | 5 | ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> |
89e34644 | 6 | ;;; Copyright © 2012, 2013 Nikita Karetnikov <nikita@karetnikov.org> |
67fee545 | 7 | ;;; Copyright © 2012, 2017 Ludovic Courtès <ludo@gnu.org> |
9dc6f288 | 8 | ;;; |
233e7676 | 9 | ;;; This file is part of GNU Guix. |
9dc6f288 | 10 | ;;; |
233e7676 | 11 | ;;; GNU Guix is free software; you can redistribute it and/or modify it |
9dc6f288 AE |
12 | ;;; under the terms of the GNU General Public License as published by |
13 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
14 | ;;; your option) any later version. | |
15 | ;;; | |
233e7676 | 16 | ;;; GNU Guix is distributed in the hope that it will be useful, but |
9dc6f288 AE |
17 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of |
18 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
19 | ;;; GNU General Public License for more details. | |
20 | ;;; | |
21 | ;;; You should have received a copy of the GNU General Public License | |
233e7676 | 22 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. |
9dc6f288 | 23 | |
89e34644 | 24 | (define-module (gnu packages kerberos) |
59a43334 | 25 | #:use-module (gnu packages) |
1ffa7090 LC |
26 | #:use-module (gnu packages bison) |
27 | #:use-module (gnu packages perl) | |
89e34644 LC |
28 | #:use-module (gnu packages gnupg) |
29 | #:use-module (gnu packages libidn) | |
30 | #:use-module (gnu packages linux) | |
31 | #:use-module (gnu packages pkg-config) | |
32 | #:use-module (gnu packages compression) | |
67fee545 LC |
33 | #:use-module (gnu packages databases) |
34 | #:use-module (gnu packages readline) | |
89e34644 LC |
35 | #:use-module (gnu packages tls) |
36 | #:use-module ((guix licenses) #:prefix license:) | |
9dc6f288 AE |
37 | #:use-module (guix packages) |
38 | #:use-module (guix download) | |
4d53c29e | 39 | #:use-module (guix utils) |
9dc6f288 AE |
40 | #:use-module (guix build-system gnu)) |
41 | ||
42 | (define-public mit-krb5 | |
43 | (package | |
df8a09c7 | 44 | (name "mit-krb5") |
58ea4d40 | 45 | (version "1.14.4") |
df8a09c7 LC |
46 | (source (origin |
47 | (method url-fetch) | |
16114c34 | 48 | (uri (string-append "http://web.mit.edu/kerberos/dist/krb5/" |
4d53c29e | 49 | (version-major+minor version) |
16114c34 MW |
50 | "/krb5-" version ".tar.gz")) |
51 | (sha256 | |
52 | (base32 | |
58ea4d40 | 53 | "158bgq9xcg5ljgzia1880ak7m9g6vf2r009rzdqif5n9h111m9h3")))) |
df8a09c7 LC |
54 | (build-system gnu-build-system) |
55 | (native-inputs | |
9715df7f | 56 | `(("bison" ,bison) |
16114c34 | 57 | ("perl" ,perl))) |
df8a09c7 | 58 | (arguments |
a083b5cb LC |
59 | `(;; Work around "No rule to make target '../../include/gssapi/gssapi.h', |
60 | ;; needed by 'authgss_prot.so'." | |
61 | #:parallel-build? #f | |
62 | ||
63 | ;; Likewise with tests. | |
64 | #:parallel-tests? #f | |
65 | ||
d2375c43 LC |
66 | ;; XXX: On 32-bit systems, 'kdb5_util' hangs on an fcntl/F_SETLKW call |
67 | ;; while running the tests in 'src/tests'. | |
68 | #:tests? ,(string=? (%current-system) "x86_64-linux") | |
d9ecec9b | 69 | |
a083b5cb | 70 | #:phases |
4d53c29e | 71 | (modify-phases %standard-phases |
16114c34 | 72 | (add-after 'unpack 'enter-source-directory |
4d53c29e MW |
73 | (lambda _ |
74 | (chdir "src") | |
75 | #t)) | |
4d53c29e MW |
76 | (add-before 'check 'pre-check |
77 | (lambda* (#:key inputs #:allow-other-keys) | |
78 | (let ((perl (assoc-ref inputs "perl"))) | |
79 | (substitute* "plugins/kdb/db2/libdb2/test/run.test" | |
80 | (("/bin/cat") (string-append perl "/bin/perl")) | |
58ea4d40 | 81 | (("D/bin/sh") (string-append "D" (which "sh"))) |
4d53c29e MW |
82 | (("bindir=/bin/.") (string-append "bindir=" perl "/bin")))) |
83 | ||
84 | ;; avoid service names since /etc/services is unavailable | |
df8a09c7 LC |
85 | (substitute* "tests/resolve/Makefile" |
86 | (("-p telnet") "-p 23")) | |
4d53c29e | 87 | #t))))) |
df8a09c7 LC |
88 | (synopsis "MIT Kerberos 5") |
89 | (description | |
90 | "Massachusetts Institute of Technology implementation of Kerberos. | |
9dc6f288 | 91 | Kerberos is a network authentication protocol designed to provide strong |
e881752c AK |
92 | authentication for client/server applications by using secret-key |
93 | cryptography.") | |
89e34644 LC |
94 | (license (license:non-copyleft "file://NOTICE" |
95 | "See NOTICE in the distribution.")) | |
5e578674 TGR |
96 | (home-page "http://web.mit.edu/kerberos/") |
97 | (properties '((cpe-name . "kerberos"))))) | |
89e34644 LC |
98 | |
99 | (define-public shishi | |
100 | (package | |
101 | (name "shishi") | |
102 | (version "1.0.2") | |
103 | (source | |
104 | (origin | |
105 | (method url-fetch) | |
106 | (uri (string-append "mirror://gnu/shishi/shishi-" | |
107 | version ".tar.gz")) | |
108 | (sha256 | |
109 | (base32 | |
110 | "032qf72cpjdfffq1yq54gz3ahgqf2ijca4vl31sfabmjzq9q370d")))) | |
111 | (build-system gnu-build-system) | |
112 | (native-inputs `(("pkg-config" ,pkg-config))) | |
113 | (inputs | |
114 | `(("gnutls" ,gnutls) | |
115 | ("libidn" ,libidn) | |
116 | ("linux-pam" ,linux-pam-1.2) | |
117 | ("zlib" ,zlib) | |
118 | ;; libgcrypt 1.6 fails because of the following test: | |
119 | ;; #include <gcrypt.h> | |
120 | ;; /* GCRY_MODULE_ID_USER was added in 1.4.4 and gc-libgcrypt.c | |
121 | ;; will fail on startup if we don't have 1.4.4 or later, so | |
122 | ;; test for it early. */ | |
123 | ;; #if !defined GCRY_MODULE_ID_USER | |
124 | ;; error too old libgcrypt | |
125 | ;; #endif | |
126 | ("libgcrypt" ,libgcrypt-1.5) | |
127 | ("libtasn1" ,libtasn1))) | |
6fd52309 | 128 | (home-page "https://www.gnu.org/software/shishi/") |
89e34644 LC |
129 | (synopsis "Implementation of the Kerberos 5 network security system") |
130 | (description | |
131 | "GNU Shishi is a free implementation of the Kerberos 5 network security | |
132 | system. It is used to allow non-secure network nodes to communicate in a | |
133 | secure manner through client-server mutual authentication via tickets.") | |
134 | (license license:gpl3+))) | |
67fee545 LC |
135 | |
136 | (define-public heimdal | |
137 | (package | |
138 | (name "heimdal") | |
139 | (version "1.5.3") | |
140 | (source (origin | |
141 | (method url-fetch) | |
142 | (uri (string-append "http://www.h5l.org/dist/src/heimdal-" | |
143 | version ".tar.gz")) | |
144 | (sha256 | |
145 | (base32 | |
146 | "19gypf9vzfrs2bw231qljfl4cqc1riyg0ai0xmm1nd1wngnpphma")) | |
81c35029 AV |
147 | (patches (search-patches "heimdal-CVE-2017-6594.patch" |
148 | "heimdal-CVE-2017-11103.patch")) | |
67fee545 LC |
149 | (modules '((guix build utils))) |
150 | (snippet | |
151 | '(substitute* "configure" | |
152 | (("User=.*$") "User=Guix\n") | |
153 | (("Date=.*$") "Date=2017\n"))))) | |
154 | (build-system gnu-build-system) | |
155 | (arguments | |
156 | '(#:configure-flags (list | |
157 | ;; Work around a linker error. | |
158 | "CFLAGS=-pthread" | |
159 | ||
160 | ;; Avoid 7 MiB of .a files. | |
161 | "--disable-static" | |
162 | ||
163 | ;; Do not build libedit. | |
164 | (string-append | |
165 | "--with-readline-lib=" | |
166 | (assoc-ref %build-inputs "readline") "/lib") | |
167 | (string-append | |
168 | "--with-readline-include=" | |
169 | (assoc-ref %build-inputs "readline") "/include")) | |
170 | ||
171 | #:phases (modify-phases %standard-phases | |
172 | (add-before 'check 'skip-tests | |
173 | (lambda _ | |
174 | ;; The test simply runs 'ftp --version && ftp --help' | |
175 | ;; but that fails in the chroot because 'ftp' tries to | |
176 | ;; do a service lookup before printing the help/version. | |
177 | (substitute* "appl/ftp/ftp/Makefile.in" | |
178 | (("^CHECK_LOCAL =.*") | |
179 | "CHECK_LOCAL = no-check-local\n")) | |
180 | #t))))) | |
181 | (native-inputs `(("e2fsprogs" ,e2fsprogs))) ;for 'compile_et' | |
182 | (inputs `(("readline" ,readline) | |
183 | ("bdb" ,bdb) | |
184 | ("e2fsprogs" ,e2fsprogs))) ;for libcom_err | |
185 | (home-page "http://www.h5l.org/") | |
186 | (synopsis "Kerberos 5 network authentication") | |
187 | (description | |
188 | "Heimdal is an implementation of Kerberos 5 network authentication | |
189 | service.") | |
190 | (license license:bsd-3))) |