Commit | Line | Data |
---|---|---|
2fbf053b | 1 | ;;; GNU Guix --- Functional package management for GNU |
89e34644 | 2 | ;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org> |
06ed5982 | 3 | ;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr> |
45f2ffb4 | 4 | ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org> |
dec3e015 | 5 | ;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il> |
78d80c5c | 6 | ;;; Copyright © 2016 Leo Famulari <leo@famulari.name> |
c777570b | 7 | ;;; Copyright © 2016 Nicolas Goaziou <mail@nicolasgoaziou.fr> |
8caeb117 | 8 | ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org> |
2fbf053b AE |
9 | ;;; |
10 | ;;; This file is part of GNU Guix. | |
11 | ;;; | |
12 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
13 | ;;; under the terms of the GNU General Public License as published by | |
14 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
15 | ;;; your option) any later version. | |
16 | ;;; | |
17 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
18 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
19 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
20 | ;;; GNU General Public License for more details. | |
21 | ;;; | |
22 | ;;; You should have received a copy of the GNU General Public License | |
23 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
24 | ||
25 | (define-module (gnu packages ssh) | |
2102ae2e DC |
26 | #:use-module (gnu packages) |
27 | #:use-module (gnu packages autotools) | |
28 | #:use-module (gnu packages base) | |
29 | #:autoload (gnu packages boost) (boost) | |
2fbf053b | 30 | #:use-module (gnu packages compression) |
2102ae2e | 31 | #:use-module (gnu packages elf) |
2fbf053b | 32 | #:use-module (gnu packages gnupg) |
2102ae2e | 33 | #:use-module (gnu packages gperf) |
fe0b8a78 | 34 | #:use-module (gnu packages groff) |
49d294e5 | 35 | #:use-module (gnu packages guile) |
2102ae2e DC |
36 | #:use-module (gnu packages linux) |
37 | #:use-module (gnu packages m4) | |
38 | #:use-module (gnu packages multiprecision) | |
87bf526b | 39 | #:use-module (gnu packages ncurses) |
2102ae2e | 40 | #:use-module (gnu packages nettle) |
89e34644 | 41 | #:use-module (gnu packages kerberos) |
2102ae2e DC |
42 | #:use-module (gnu packages perl) |
43 | #:use-module (gnu packages pkg-config) | |
87bf526b | 44 | #:autoload (gnu packages protobuf) (protobuf) |
2102ae2e DC |
45 | #:use-module (gnu packages readline) |
46 | #:use-module (gnu packages texinfo) | |
cc2b77df | 47 | #:use-module (gnu packages tls) |
2102ae2e DC |
48 | #:use-module (gnu packages xorg) |
49 | #:use-module (guix build-system cmake) | |
50 | #:use-module (guix build-system gnu) | |
2fbf053b | 51 | #:use-module (guix download) |
817efe8b | 52 | #:use-module (guix git-download) |
2102ae2e DC |
53 | #:use-module ((guix licenses) #:prefix license:) |
54 | #:use-module (guix packages)) | |
1681cd4a LC |
55 | |
56 | (define-public libssh | |
57 | (package | |
58 | (name "libssh") | |
85267efb | 59 | (version "0.7.3") |
1681cd4a LC |
60 | (source (origin |
61 | (method url-fetch) | |
87390c15 | 62 | (uri (string-append |
85267efb | 63 | "https://red.libssh.org/attachments/download/195/libssh-" |
87390c15 | 64 | version ".tar.xz")) |
1681cd4a LC |
65 | (sha256 |
66 | (base32 | |
85267efb | 67 | "165g49i4kmm3bfsjm0n8hm21kadv79g9yjqyq09138jxanz4dvr6")))) |
1681cd4a | 68 | (build-system cmake-build-system) |
deed349b | 69 | (arguments |
06ed5982 | 70 | '(#:configure-flags '("-DWITH_GCRYPT=ON") |
deed349b LC |
71 | |
72 | ;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite. | |
06ed5982 | 73 | #:tests? #f)) |
1681cd4a | 74 | (inputs `(("zlib" ,zlib) |
b3546174 | 75 | ("libgcrypt" ,libgcrypt))) |
1681cd4a LC |
76 | (synopsis "SSH client library") |
77 | (description | |
78 | "libssh is a C library implementing the SSHv2 and SSHv1 protocol for | |
79 | client and server implementations. With libssh, you can remotely execute | |
80 | programs, transfer files, and use a secure and transparent tunnel for your | |
81 | remote applications.") | |
82 | (home-page "http://www.libssh.org") | |
83 | (license license:lgpl2.1+))) | |
2fbf053b AE |
84 | |
85 | (define-public libssh2 | |
86 | (package | |
87 | (name "libssh2") | |
78d80c5c | 88 | (version "1.7.0") |
2fbf053b AE |
89 | (source (origin |
90 | (method url-fetch) | |
91 | (uri (string-append | |
78d80c5c | 92 | "https://www.libssh2.org/download/libssh2-" |
2fbf053b | 93 | version ".tar.gz")) |
78d80c5c LF |
94 | (sha256 |
95 | (base32 | |
96 | "116mh112w48vv9k3f15ggp5kxw5sj4b88dzb5j69llsh7ba1ymp4")))) | |
2fbf053b | 97 | (build-system gnu-build-system) |
e9c14f37 EB |
98 | ;; The installed libssh2.pc file does not include paths to libgcrypt and |
99 | ;; zlib libraries, so we need to propagate the inputs. | |
100 | (propagated-inputs `(("libgcrypt" ,libgcrypt) | |
101 | ("zlib" ,zlib))) | |
102 | (arguments '(#:configure-flags `("--with-libgcrypt"))) | |
35b9e423 | 103 | (synopsis "Client-side C library implementing the SSH2 protocol") |
2fbf053b AE |
104 | (description |
105 | "libssh2 is a library intended to allow software developers access to | |
35b9e423 | 106 | the SSH-2 protocol in an easy-to-use self-contained package. It can be built |
2fbf053b AE |
107 | into an application to perform many different tasks when communicating with |
108 | a server that supports the SSH-2 protocol.") | |
109 | (license license:bsd-3) | |
110 | (home-page "http://www.libssh2.org/"))) | |
fe0b8a78 AE |
111 | |
112 | (define-public openssh | |
113 | (package | |
114 | (name "openssh") | |
43686dcb | 115 | (version "7.4p1") |
fe0b8a78 AE |
116 | (source (origin |
117 | (method url-fetch) | |
ca2baf10 | 118 | (uri (let ((tail (string-append name "-" version ".tar.gz"))) |
087a4e9c | 119 | (list (string-append "http://openbsd.cs.fau.de/pub/OpenBSD/OpenSSH/portable/" |
ca2baf10 | 120 | tail) |
087a4e9c MW |
121 | (string-append "http://ftp.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/" |
122 | tail) | |
123 | (string-append "http://ftp2.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/" | |
ca2baf10 | 124 | tail)))) |
fe0b8a78 | 125 | (sha256 (base32 |
43686dcb | 126 | "1l8r3x4fr2kb6xm95s7kjdif1wp6f94d4kljh4qjj9109shw87qv")))) |
fe0b8a78 AE |
127 | (build-system gnu-build-system) |
128 | (inputs `(("groff" ,groff) | |
129 | ("openssl" ,openssl) | |
39012aab | 130 | ("pam" ,linux-pam) |
040b6299 | 131 | ("mit-krb5" ,mit-krb5) |
683a4a34 LC |
132 | ("zlib" ,zlib) |
133 | ("xauth" ,xauth))) ;for 'ssh -X' and 'ssh -Y' | |
fe0b8a78 AE |
134 | (arguments |
135 | `(#:test-target "tests" | |
040b6299 | 136 | #:configure-flags `("--sysconfdir=/etc/ssh" |
39012aab | 137 | |
040b6299 | 138 | ;; Default value of 'PATH' used by sshd. |
9af49832 LC |
139 | "--with-default-path=/run/current-system/profile/bin" |
140 | ||
040b6299 JD |
141 | ;; configure needs to find krb5-config |
142 | ,(string-append "--with-kerberos5=" | |
143 | (assoc-ref %build-inputs "mit-krb5") | |
144 | "/bin") | |
145 | ||
39012aab LC |
146 | ;; Enable PAM support in sshd. |
147 | "--with-pam") | |
148 | ||
fe0b8a78 | 149 | #:phases |
a9ee11d5 RW |
150 | (modify-phases %standard-phases |
151 | (add-after 'configure 'reset-/var/empty | |
152 | (lambda* (#:key outputs #:allow-other-keys) | |
153 | (let ((out (assoc-ref outputs "out"))) | |
154 | (substitute* "Makefile" | |
155 | (("PRIVSEP_PATH=/var/empty") | |
156 | (string-append "PRIVSEP_PATH=" out "/var/empty"))) | |
157 | #t))) | |
158 | (add-before 'check 'patch-tests | |
159 | (lambda _ | |
160 | ;; remove 't-exec' regress target which requires user 'sshd' | |
161 | (substitute* "regress/Makefile" | |
162 | (("^(REGRESS_TARGETS=.*) t-exec(.*)" all pre post) | |
163 | (string-append pre post))) | |
164 | #t)) | |
165 | (replace 'install | |
36f26211 | 166 | (lambda* (#:key outputs (make-flags '()) #:allow-other-keys) |
a9ee11d5 | 167 | ;; install without host keys and system configuration files |
36f26211 RW |
168 | (and (zero? (apply system* "make" "install-nosysconf" make-flags)) |
169 | (begin | |
170 | (install-file "contrib/ssh-copy-id" | |
171 | (string-append (assoc-ref outputs "out") | |
172 | "/bin/")) | |
173 | (chmod (string-append (assoc-ref outputs "out") | |
174 | "/bin/ssh-copy-id") #o555) | |
175 | (install-file "contrib/ssh-copy-id.1" | |
176 | (string-append (assoc-ref outputs "out") | |
177 | "/share/man/man1/")) | |
178 | #t))))))) | |
35b9e423 | 179 | (synopsis "Client and server for the secure shell (ssh) protocol") |
fe0b8a78 AE |
180 | (description |
181 | "The SSH2 protocol implemented in OpenSSH is standardised by the | |
182 | IETF secsh working group and is specified in several RFCs and drafts. | |
183 | It is composed of three layered components: | |
184 | ||
185 | The transport layer provides algorithm negotiation and a key exchange. | |
186 | The key exchange includes server authentication and results in a | |
187 | cryptographically secured connection: it provides integrity, confidentiality | |
188 | and optional compression. | |
189 | ||
190 | The user authentication layer uses the established connection and relies on | |
35b9e423 EB |
191 | the services provided by the transport layer. It provides several mechanisms |
192 | for user authentication. These include traditional password authentication | |
fe0b8a78 AE |
193 | as well as public-key or host-based authentication mechanisms. |
194 | ||
195 | The connection layer multiplexes many different concurrent channels over the | |
196 | authenticated connection and allows tunneling of login sessions and | |
35b9e423 | 197 | TCP-forwarding. It provides a flow control service for these channels. |
fe0b8a78 | 198 | Additionally, various channel-specific options can be negotiated.") |
166191b3 | 199 | (license (license:non-copyleft "file://LICENSE" |
fe0b8a78 AE |
200 | "See LICENSE in the distribution.")) |
201 | (home-page "http://www.openssh.org/"))) | |
202 | ||
49d294e5 LC |
203 | (define-public guile-ssh |
204 | (package | |
205 | (name "guile-ssh") | |
6634180f LC |
206 | (version "0.10.2") |
207 | (home-page "https://github.com/artyom-poptsov/guile-ssh") | |
49d294e5 | 208 | (source (origin |
44fd0994 LC |
209 | ;; ftp://memory-heap.org/software/guile-ssh/guile-ssh-VERSION.tar.gz |
210 | ;; exists, but the server appears to be too slow and unreliable. | |
6634180f LC |
211 | ;; Also, using this URL allows the GitHub updater to work. |
212 | (method url-fetch) | |
213 | (uri (string-append home-page "/archive/v" | |
214 | version ".tar.gz")) | |
215 | (file-name (string-append name "-" version ".tar.gz")) | |
49d294e5 LC |
216 | (sha256 |
217 | (base32 | |
6634180f | 218 | "0pkiq3fm15pr4w1r420rrwwfmi4jz492r6l6vzjk6v73xlyfyfl3")))) |
49d294e5 LC |
219 | (build-system gnu-build-system) |
220 | (arguments | |
8a8f6590 LC |
221 | '(#:phases (modify-phases %standard-phases |
222 | (add-after 'unpack 'autoreconf | |
223 | (lambda* (#:key inputs #:allow-other-keys) | |
8a8f6590 | 224 | (zero? (system* "autoreconf" "-vfi")))) |
92b72582 | 225 | (add-before 'build 'fix-libguile-ssh-file-name |
8a8f6590 | 226 | (lambda* (#:key outputs #:allow-other-keys) |
92b72582 LC |
227 | ;; Build and install libguile-ssh.so so that we can use |
228 | ;; its absolute file name in .scm files, before we build | |
229 | ;; the .go files. | |
230 | (and (zero? (system* "make" "install" | |
231 | "-C" "libguile-ssh" | |
232 | "-j" (number->string | |
233 | (parallel-job-count)))) | |
234 | (let* ((out (assoc-ref outputs "out")) | |
235 | (libdir (string-append out "/lib"))) | |
236 | (substitute* (find-files "." "\\.scm$") | |
237 | (("\"libguile-ssh\"") | |
238 | (string-append "\"" libdir "/libguile-ssh\""))) | |
239 | #t))))) | |
00ee3a71 | 240 | |
afde8da3 LC |
241 | ;; Tests are not parallel-safe. |
242 | #:parallel-tests? #f)) | |
49d294e5 LC |
243 | (native-inputs `(("autoconf" ,autoconf) |
244 | ("automake" ,automake) | |
3246cc91 | 245 | ("libtool" ,libtool) |
00ee3a71 | 246 | ("texinfo" ,texinfo) |
49d294e5 LC |
247 | ("pkg-config" ,pkg-config) |
248 | ("which" ,which))) | |
249 | (inputs `(("guile" ,guile-2.0) | |
6f9d5b2e | 250 | ("libssh" ,libssh) |
44fd0994 | 251 | ("libgcrypt" ,libgcrypt))) |
49d294e5 LC |
252 | (synopsis "Guile bindings to libssh") |
253 | (description | |
254 | "Guile-SSH is a library that provides access to the SSH protocol for | |
255 | programs written in GNU Guile interpreter. It is a wrapper to the underlying | |
256 | libssh library.") | |
49d294e5 | 257 | (license license:gpl3+))) |
513e1950 SHT |
258 | |
259 | (define-public corkscrew | |
260 | (package | |
261 | (name "corkscrew") | |
262 | (version "2.0") | |
263 | (source | |
264 | (origin | |
265 | (method url-fetch) | |
266 | (uri (string-append "http://www.agroman.net/corkscrew/corkscrew-" | |
267 | version ".tar.gz")) | |
268 | (sha256 (base32 | |
269 | "1gmhas4va6gd70i2x2mpxpwpgww6413mji29mg282jms3jscn3qd")))) | |
270 | (build-system gnu-build-system) | |
271 | (arguments | |
272 | ;; Replace configure phase as the ./configure script does not link | |
273 | ;; CONFIG_SHELL and SHELL passed as parameters | |
274 | '(#:phases | |
91c52629 EF |
275 | (modify-phases %standard-phases |
276 | (replace 'configure | |
277 | (lambda* (#:key outputs inputs system build target | |
278 | #:allow-other-keys #:rest args) | |
279 | (let* ((configure (assoc-ref %standard-phases 'configure)) | |
280 | (prefix (assoc-ref outputs "out")) | |
281 | (bash (which "bash")) | |
282 | ;; Set --build and --host flags as the provided config.guess | |
283 | ;; is not able to detect them | |
284 | (flags `(,(string-append "--prefix=" prefix) | |
285 | ,(string-append "--build=" build) | |
286 | ,(string-append "--host=" (or target build))))) | |
287 | (setenv "CONFIG_SHELL" bash) | |
288 | (zero? (apply system* bash | |
289 | (string-append "." "/configure") | |
290 | flags)))))))) | |
513e1950 | 291 | (home-page "http://www.agroman.net/corkscrew") |
9e771e3b | 292 | (synopsis "Tunneling SSH through HTTP proxies") |
513e1950 SHT |
293 | (description |
294 | "Corkscrew allows creating TCP tunnels through HTTP proxies. WARNING: | |
295 | At the moment only plain text authentication is supported, should you require | |
296 | to use it with your HTTP proxy. Digest based authentication may be supported | |
297 | in future and NTLM based authentication is most likey never be supported.") | |
298 | (license license:gpl2+))) | |
87bf526b LC |
299 | |
300 | (define-public mosh | |
301 | (package | |
302 | (name "mosh") | |
0ec60d6e | 303 | (version "1.2.6") |
87bf526b LC |
304 | (source (origin |
305 | (method url-fetch) | |
c3671282 | 306 | (uri (string-append "https://mosh.org/mosh-" version ".tar.gz")) |
87bf526b LC |
307 | (sha256 |
308 | (base32 | |
0ec60d6e | 309 | "118fhpm754wpklf1blnlq5xbvrxqml6rdfs3b07wg666zkxvg0ky")))) |
87bf526b LC |
310 | (build-system gnu-build-system) |
311 | (arguments | |
11379192 EF |
312 | '(#:phases |
313 | (modify-phases %standard-phases | |
314 | (add-after 'install 'wrap | |
315 | (lambda* (#:key outputs #:allow-other-keys) | |
316 | ;; Make sure 'mosh' can find 'mosh-client' and | |
317 | ;; 'mosh-server'. | |
318 | (let* ((out (assoc-ref outputs "out")) | |
319 | (bin (string-append out "/bin"))) | |
320 | (wrap-program (string-append bin "/mosh") | |
321 | `("PATH" ":" prefix (,bin))))))))) | |
87bf526b LC |
322 | (native-inputs |
323 | `(("pkg-config" ,pkg-config))) | |
324 | (inputs | |
325 | `(("openssl" ,openssl) | |
326 | ("perl" ,perl) | |
327 | ("perl-io-tty" ,perl-io-tty) | |
328 | ("zlib" ,zlib) | |
329 | ("ncurses" ,ncurses) | |
330 | ("protobuf" ,protobuf) | |
331 | ("boost-headers" ,boost))) | |
c3671282 | 332 | (home-page "https://mosh.org/") |
87bf526b LC |
333 | (synopsis "Remote shell tolerant to intermittent connectivity") |
334 | (description | |
335 | "Remote terminal application that allows roaming, supports intermittent | |
336 | connectivity, and provides intelligent local echo and line editing of user | |
337 | keystrokes. Mosh is a replacement for SSH. It's more robust and responsive, | |
338 | especially over Wi-Fi, cellular, and long-distance links.") | |
339 | (license license:gpl3+))) | |
8c6cfd55 JD |
340 | |
341 | (define-public dropbear | |
342 | (package | |
343 | (name "dropbear") | |
d4db0612 | 344 | (version "2016.74") |
8c6cfd55 JD |
345 | (source (origin |
346 | (method url-fetch) | |
347 | (uri (string-append | |
dec3e015 | 348 | "https://matt.ucc.asn.au/" name "/releases/" |
a124bbd2 | 349 | name "-" version ".tar.bz2")) |
8c6cfd55 | 350 | (sha256 |
dec3e015 | 351 | (base32 |
d4db0612 | 352 | "14c8f4gzixf0j9fkx68jgl85q7b05852kk0vf09gi6h0xmafl817")))) |
8c6cfd55 JD |
353 | (build-system gnu-build-system) |
354 | (arguments `(#:tests? #f)) ; There is no "make check" or anything similar | |
355 | (inputs `(("zlib" ,zlib))) | |
356 | (synopsis "Small SSH server and client") | |
357 | (description "Dropbear is a relatively small SSH server and | |
35b9e423 EB |
358 | client. It runs on a variety of POSIX-based platforms. Dropbear is |
359 | particularly useful for embedded systems, such as wireless routers.") | |
8c6cfd55 JD |
360 | (home-page "https://matt.ucc.asn.au/dropbear/dropbear.html") |
361 | (license (license:x11-style "" "See file LICENSE.")))) | |
2102ae2e DC |
362 | |
363 | (define-public liboop | |
364 | (package | |
365 | (name "liboop") | |
366 | (version "1.0") | |
367 | (source | |
368 | (origin | |
369 | (method url-fetch) | |
370 | (uri (string-append "http://download.ofb.net/liboop/liboop-" | |
371 | version ".tar.gz")) | |
372 | (sha256 | |
373 | (base32 | |
374 | "0z6rlalhvfca64jpvksppc9bdhs7jwhiw4y35g5ibvh91xp3rn1l")) | |
375 | (patches (search-patches "liboop-mips64-deplibs-fix.patch")))) | |
376 | (build-system gnu-build-system) | |
377 | (home-page "http://www.lysator.liu.se/liboop/") | |
378 | (synopsis "Event loop library") | |
379 | (description "Liboop is a low-level event loop management library for | |
380 | POSIX-based operating systems. It supports the development of modular, | |
381 | multiplexed applications which may respond to events from several sources. It | |
382 | replaces the \"select() loop\" and allows the registration of event handlers | |
383 | for file and network I/O, timers and signals. Since processes use these | |
384 | mechanisms for almost all external communication, liboop can be used as the | |
385 | basis for almost any application.") | |
386 | (license license:lgpl2.1+))) | |
387 | ||
388 | (define-public lsh | |
389 | (package | |
390 | (name "lsh") | |
391 | (version "2.1") | |
392 | (source (origin | |
393 | (method url-fetch) | |
394 | (uri (string-append "mirror://gnu/lsh/lsh-" | |
395 | version ".tar.gz")) | |
396 | (sha256 | |
397 | (base32 | |
398 | "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb")) | |
399 | (modules '((guix build utils))) | |
400 | (snippet | |
401 | '(begin | |
402 | (substitute* "src/testsuite/functions.sh" | |
403 | (("localhost") | |
404 | ;; Avoid host name lookups since they don't work in | |
405 | ;; chroot builds. | |
406 | "127.0.0.1") | |
407 | (("set -e") | |
408 | ;; Make tests more verbose. | |
409 | "set -e\nset -x")) | |
410 | ||
411 | (substitute* (find-files "src/testsuite" "-test$") | |
412 | (("localhost") "127.0.0.1")) | |
413 | ||
414 | (substitute* "src/testsuite/login-auth-test" | |
415 | (("/bin/cat") "cat")))))) | |
416 | (build-system gnu-build-system) | |
417 | (native-inputs | |
418 | `(("m4" ,m4) | |
419 | ("guile" ,guile-2.0) | |
420 | ("gperf" ,gperf) | |
421 | ("psmisc" ,psmisc))) ; for `killall' | |
422 | (inputs | |
423 | `(("nettle" ,nettle-2) | |
424 | ("linux-pam" ,linux-pam) | |
425 | ||
426 | ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in | |
427 | ;; Readline 6.3. | |
428 | ("readline" ,readline-6.2) | |
429 | ||
430 | ("liboop" ,liboop) | |
431 | ("zlib" ,zlib) | |
432 | ("gmp" ,gmp) | |
433 | ||
434 | ;; The server (lshd) invokes xauth when X11 forwarding is requested. | |
435 | ;; This adds 24 MiB (or 27%) to the closure of lsh. | |
436 | ("xauth" ,xauth))) | |
437 | (arguments | |
438 | '(;; Skip the `configure' test that checks whether /dev/ptmx & | |
439 | ;; co. work as expected, because it relies on impurities (for | |
440 | ;; instance, /dev/pts may be unavailable in chroots.) | |
441 | #:configure-flags '("lsh_cv_sys_unix98_ptys=yes") | |
442 | ||
443 | ;; FIXME: Tests won't run in a chroot, presumably because | |
444 | ;; /etc/profile is missing, and thus clients get an empty $PATH | |
445 | ;; and nothing works. | |
446 | #:tests? #f | |
447 | ||
448 | #:phases | |
449 | (modify-phases %standard-phases | |
450 | (add-before 'configure 'pre-configure | |
451 | (lambda* (#:key inputs #:allow-other-keys) | |
452 | (let* ((nettle (assoc-ref inputs "nettle")) | |
453 | (sexp-conv (string-append nettle "/bin/sexp-conv"))) | |
454 | ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place | |
455 | ;; by default. | |
456 | (substitute* "src/environ.h.in" | |
457 | (("^#define PATH_SEXP_CONV.*") | |
458 | (string-append "#define PATH_SEXP_CONV \"" | |
459 | sexp-conv "\"\n"))) | |
460 | ||
461 | ;; Same for the 'lsh-authorize' script. | |
462 | (substitute* "src/lsh-authorize" | |
463 | (("=sexp-conv") | |
464 | (string-append "=" sexp-conv))) | |
465 | ||
466 | ;; Tell lshd where 'xauth' lives. Another option would be to | |
467 | ;; hardcode "/run/current-system/profile/bin/xauth", thereby | |
468 | ;; reducing the closure size, but that wouldn't work on foreign | |
469 | ;; distros. | |
470 | (with-fluids ((%default-port-encoding "ISO-8859-1")) | |
471 | (substitute* "src/server_x11.c" | |
472 | (("define XAUTH_PROGRAM.*") | |
473 | (string-append "define XAUTH_PROGRAM \"" | |
474 | (assoc-ref inputs "xauth") | |
475 | "/bin/xauth\"\n"))))) | |
476 | ||
477 | ;; Tests rely on $USER being set. | |
478 | (setenv "USER" "guix")))))) | |
479 | (home-page "http://www.lysator.liu.se/~nisse/lsh/") | |
480 | (synopsis "GNU implementation of the Secure Shell (ssh) protocols") | |
481 | (description | |
482 | "GNU lsh is a free implementation of the SSH version 2 protocol. It is | |
483 | used to create a secure line of communication between two computers, | |
484 | providing shell access to the server system from the client. It provides | |
485 | both the server daemon and the client application, as well as tools for | |
486 | manipulating key files.") | |
487 | (license license:gpl2+))) | |
c777570b NG |
488 | |
489 | (define-public sshpass | |
490 | (package | |
491 | (name "sshpass") | |
492 | (version "1.06") | |
493 | (synopsis "Non-interactive password authentication with SSH") | |
494 | (home-page "https://sourceforge.net/projects/sshpass/") | |
495 | (source | |
496 | (origin | |
497 | (method url-fetch) | |
498 | (uri (string-append "mirror://sourceforge/sshpass/sshpass/" | |
499 | version "/sshpass-" version ".tar.gz")) | |
500 | (sha256 | |
501 | (base32 | |
502 | "0q7fblaczb7kwbsz0gdy9267z0sllzgmf0c7z5c9mf88wv74ycn6")))) | |
503 | (build-system gnu-build-system) | |
504 | (description "sshpass is a tool for non-interactivly performing password | |
505 | authentication with SSH's so-called @dfn{interactive keyboard password | |
506 | authentication}.") | |
507 | (license license:gpl2+))) | |
8caeb117 CAW |
508 | |
509 | (define-public autossh | |
510 | (package | |
511 | (name "autossh") | |
512 | (version "1.4e") | |
513 | (source | |
514 | (origin | |
515 | (method url-fetch) | |
516 | (uri (string-append | |
517 | "http://www.harding.motd.ca/autossh/autossh-" | |
518 | version ".tgz")) | |
519 | (sha256 | |
520 | (base32 "0mlicw28vq2jxa0jf0dys5ja75v0fxpjavlq9dpif6bnknji13ly")))) | |
521 | (build-system gnu-build-system) | |
522 | (arguments `(#:tests? #f)) ; There is no "make check" or anything similar | |
523 | (inputs `(("openssh" ,openssh))) | |
524 | (synopsis "Automatically restart SSH sessions and tunnels") | |
525 | (description "autossh is a program to start a copy of @command{ssh} and | |
526 | monitor it, restarting it as necessary should it die or stop passing traffic.") | |
527 | (home-page "http://www.harding.motd.ca/autossh/") | |
528 | (license | |
529 | ;; Why point to a source file? Well, all the individual files have a | |
530 | ;; copy of this license in their headers, but there's no separate file | |
531 | ;; with that information. | |
532 | (license:non-copyleft "file://autossh.c")))) |