Commit | Line | Data |
---|---|---|
b3543e6c TGR |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr> | |
991c4410 | 3 | ;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net> |
b3543e6c TGR |
4 | ;;; |
5 | ;;; This file is part of GNU Guix. | |
6 | ;;; | |
7 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
8 | ;;; under the terms of the GNU General Public License as published by | |
9 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
10 | ;;; your option) any later version. | |
11 | ;;; | |
12 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
13 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
15 | ;;; GNU General Public License for more details. | |
16 | ;;; | |
17 | ;;; You should have received a copy of the GNU General Public License | |
18 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
19 | ||
20 | (define-module (gnu packages authentication) | |
6bbbdb1a | 21 | #:use-module (gnu packages) |
991c4410 RW |
22 | #:use-module (gnu packages autotools) |
23 | #:use-module (gnu packages documentation) | |
b3543e6c TGR |
24 | #:use-module (gnu packages linux) |
25 | #:use-module (gnu packages pkg-config) | |
991c4410 | 26 | #:use-module (gnu packages security-token) |
b3543e6c TGR |
27 | #:use-module (guix build-system gnu) |
28 | #:use-module (guix download) | |
991c4410 | 29 | #:use-module (guix git-download) |
b3543e6c TGR |
30 | #:use-module ((guix licenses) #:prefix license:) |
31 | #:use-module (guix packages)) | |
32 | ||
33 | (define-public oath-toolkit | |
b3543e6c TGR |
34 | (package |
35 | (name "oath-toolkit") | |
36 | (version "2.6.2") | |
37 | (source | |
38 | (origin | |
39 | (method url-fetch) | |
40 | (uri (string-append "https://download.savannah.nongnu.org/releases/" | |
41 | name "/" name "-" version ".tar.gz")) | |
78affefe MB |
42 | (patches |
43 | (append (search-patches "oath-toolkit-glibc-compat.patch") | |
44 | (list (origin | |
45 | ;; This huge commit updates gnulib for GCC 7 compatibility. | |
46 | (method url-fetch) | |
47 | (uri (string-append | |
48 | "https://gitlab.com/oath-toolkit/oath-toolkit/commit/" | |
49 | "2fffce2a471f74a585939c84cce16ef3015e5d3d.diff")) | |
50 | (file-name "oath-toolkit-update-gnulib.patch") | |
51 | (sha256 | |
52 | (base32 | |
53 | "088c9s4ay1b54bjqc4mwfs5l3f6357zj5vpw771zlq5g4addd4s0")))))) | |
b3543e6c TGR |
54 | (sha256 |
55 | (base32 "182ah8vfbg0yhv6mh1b6ap944d0na6x7lpfkwkmzb6jl9gx4cd5h")))) | |
56 | (build-system gnu-build-system) | |
57 | (arguments | |
58 | ;; TODO ‘--enable-pskc’ causes xmlsec-related test suite failures. | |
59 | `(#:configure-flags | |
60 | (list "--enable-pam") | |
61 | #:phases | |
62 | (modify-phases %standard-phases | |
63 | (add-after 'install 'delete-static-libraries | |
64 | (lambda* (#:key outputs #:allow-other-keys) | |
65 | (let* ((out (assoc-ref outputs "out")) | |
66 | (lib (string-append out "/lib"))) | |
67 | (for-each delete-file (find-files lib "\\.a$")) | |
68 | #t)))))) | |
69 | (native-inputs | |
70 | `(("pkg-config" ,pkg-config))) | |
71 | (inputs | |
72 | `(("linux-pam" ,linux-pam))) ; for --enable-pam | |
73 | (home-page "https://www.nongnu.org/oath-toolkit/") | |
74 | (synopsis "One-time password (OTP) components") | |
75 | ;; TODO Add the following items after they've been enabled. | |
76 | ;; @item @command{pskctool}, a command-line tool for manipulating secret key | |
77 | ;; files in the Portable Symmetric Key Container (@dfn{PSKC}) format | |
78 | ;; described in RFC6030. | |
79 | ;; @item @code{libpskc}, a shared and static C library for PSKC handling. | |
80 | (description | |
81 | "The @dfn{OATH} (Open AuTHentication) Toolkit provides various components | |
82 | for building one-time password (@dfn{OTP}) authentication systems: | |
83 | ||
84 | @itemize | |
85 | @item @command{oathtool}, a command-line tool for generating & validating OTPs. | |
86 | @item @code{liboath}, a C library for OATH handling. | |
87 | @item @code{pam_oath}, a PAM module for pluggable login authentication. | |
88 | @end itemize | |
89 | ||
90 | Supported technologies include the event-based @dfn{HOTP} algorithm (RFC4226) | |
91 | and the time-based @dfn{TOTP} algorithm (RFC6238).") | |
92 | (license (list license:lgpl2.1+ ; the libraries (liboath/ & libpskc/) | |
93 | license:gpl3+)))) ; the tools (everything else) | |
991c4410 RW |
94 | |
95 | (define-public yubico-pam | |
96 | (let ((commit "b5bd00db81e0e0e0ecced65c684080bb56ddc35b") | |
97 | (revision "0")) | |
98 | (package | |
99 | (name "yubico-pam") | |
100 | (version (git-version "2.26" revision commit)) | |
101 | (source (origin | |
102 | (method git-fetch) | |
103 | (uri (git-reference | |
104 | (url "https://github.com/Yubico/yubico-pam.git") | |
105 | (commit commit))) | |
106 | (file-name (git-file-name name version)) | |
107 | (sha256 | |
108 | (base32 | |
109 | "10dq8dqi3jldllj6p8r9hldx9sank9n82c44w8akxrs1vli6nj3m")))) | |
110 | (build-system gnu-build-system) | |
111 | (arguments | |
112 | ;; The pam_test fails because ykclient fails to build a Curl handle. | |
113 | '(#:make-flags '("TESTS=util_test"))) | |
114 | (inputs | |
115 | `(("linux-pam" ,linux-pam) | |
116 | ("libyubikey" ,libyubikey) | |
117 | ("ykclient" ,ykclient) | |
118 | ("yubikey-personalization" ,yubikey-personalization))) | |
119 | (native-inputs | |
120 | `(("autoconf" ,autoconf) | |
121 | ("automake" ,automake) | |
122 | ("libtool" ,libtool) | |
123 | ("asciidoc" ,asciidoc) | |
124 | ("pkg-config" ,pkg-config))) | |
125 | (home-page "https://developers.yubico.com/yubico-pam") | |
126 | (synopsis "Yubico pluggable authentication module") | |
127 | (description "The Yubico PAM module provides an easy way to integrate the | |
128 | YubiKey into your existing user authentication infrastructure.") | |
129 | (license license:bsd-2)))) |