HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: OpenSSH: Update to 7.9p1.
[jackhill/guix/guix.git] / gnu / packages / ssh.scm
CommitLineData
2fbf053b 1;;; GNU Guix --- Functional package management for GNU
4e847986 2;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
06ed5982 3;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
45f2ffb4 4;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
1121a5c6 5;;; Copyright © 2015, 2016, 2018 Efraim Flashner <efraim@flashner.co.il>
78d80c5c 6;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
c777570b 7;;; Copyright © 2016 Nicolas Goaziou <mail@nicolasgoaziou.fr>
8caeb117 8;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
aa08ab38 9;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
c9a6a36f 10;;; Copyright © 2017 Stefan Reichör <stefan@xsteve.at>
227dbd84 11;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
4a78fd46 12;;; Copyright © 2017 Nils Gillmann <ng0@n0.is>
ae72b8f5 13;;; Copyright © 2018 Manuel Graf <graf@init.at>
2fbf053b
AE		 14;;;
15;;; This file is part of GNU Guix.
16;;;
17;;; GNU Guix is free software; you can redistribute it and/or modify it
18;;; under the terms of the GNU General Public License as published by
19;;; the Free Software Foundation; either version 3 of the License, or (at
20;;; your option) any later version.
21;;;
22;;; GNU Guix is distributed in the hope that it will be useful, but
23;;; WITHOUT ANY WARRANTY; without even the implied warranty of
24;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25;;; GNU General Public License for more details.
26;;;
27;;; You should have received a copy of the GNU General Public License
28;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
29
30(define-module (gnu packages ssh)
2102ae2e
DC		 31 #:use-module (gnu packages)
32 #:use-module (gnu packages autotools)
33 #:use-module (gnu packages base)
34 #:autoload (gnu packages boost) (boost)
2fbf053b 35 #:use-module (gnu packages compression)
c9a6a36f 36 #:use-module (gnu packages crypto)
2102ae2e 37 #:use-module (gnu packages elf)
2fbf053b 38 #:use-module (gnu packages gnupg)
2102ae2e 39 #:use-module (gnu packages gperf)
fe0b8a78 40 #:use-module (gnu packages groff)
49d294e5 41 #:use-module (gnu packages guile)
2102ae2e 42 #:use-module (gnu packages linux)
c9a6a36f 43 #:use-module (gnu packages logging)
2102ae2e
DC		 44 #:use-module (gnu packages m4)
45 #:use-module (gnu packages multiprecision)
87bf526b 46 #:use-module (gnu packages ncurses)
2102ae2e 47 #:use-module (gnu packages nettle)
89e34644 48 #:use-module (gnu packages kerberos)
2102ae2e
DC		 49 #:use-module (gnu packages perl)
50 #:use-module (gnu packages pkg-config)
c9a6a36f 51 #:use-module (gnu packages popt)
87bf526b 52 #:autoload (gnu packages protobuf) (protobuf)
ae72b8f5 53 #:use-module (gnu packages python)
2102ae2e
DC		 54 #:use-module (gnu packages readline)
55 #:use-module (gnu packages texinfo)
cc2b77df 56 #:use-module (gnu packages tls)
2102ae2e
DC		 57 #:use-module (gnu packages xorg)
58 #:use-module (guix build-system cmake)
59 #:use-module (guix build-system gnu)
ae72b8f5 60 #:use-module (guix build-system python)
2fbf053b 61 #:use-module (guix download)
817efe8b 62 #:use-module (guix git-download)
2102ae2e 63 #:use-module ((guix licenses) #:prefix license:)
befbaebf
LC		 64 #:use-module (guix packages)
65 #:use-module (srfi srfi-1))
1681cd4a
LC		 66
67(define-public libssh
eed00f93
LF		 68 (package
69 (name "libssh")
70 (version "0.7.6")
71 (source (origin
72 (method git-fetch)
73 (uri (git-reference
74 (url "https://git.libssh.org/projects/libssh.git")
75 (commit (string-append "libssh-" version))))
76 (patches (search-patches "libssh-hostname-parser-bug.patch"))
77 (sha256
78 (base32
79 "0slwqa36mhyb6brdv2jvb9fxp7rvsv3ziv67kaxx615jxn52l5pa"))
80 (file-name (git-file-name name version))))
81 (build-system cmake-build-system)
82 (outputs '("out" "debug"))
83 (arguments
84 '(#:configure-flags '("-DWITH_GCRYPT=ON")
deed349b 85
eed00f93
LF		 86 ;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite.
87 #:tests? #f))
88 (inputs `(("zlib" ,zlib)
89 ("libgcrypt" ,libgcrypt)))
90 (synopsis "SSH client library")
91 (description
92 "libssh is a C library implementing the SSHv2 and SSHv1 protocol for client
93and server implementations. With libssh, you can remotely execute programs,
94transfer files, and use a secure and transparent tunnel for your remote
95applications.")
96 (home-page "https://www.libssh.org")
97 (license license:lgpl2.1+)))
2fbf053b
AE		 98
99(define-public libssh2
100 (package
101 (name "libssh2")
5d97f4c7 102 (version "1.8.0")
2fbf053b
AE		 103 (source (origin
104 (method url-fetch)
105 (uri (string-append
78d80c5c 106 "https://www.libssh2.org/download/libssh2-"
2fbf053b 107 version ".tar.gz"))
78d80c5c
LF		 108 (sha256
109 (base32
ac2d5de3
MB		 110 "1m3n8spv79qhjq4yi0wgly5s5rc8783jb1pyra9bkx1md0plxwrr"))
111 (patches
112 (search-patches "libssh2-fix-build-failure-with-gcrypt.patch"))))
2fbf053b 113 (build-system gnu-build-system)
e9c14f37
EB		 114 ;; The installed libssh2.pc file does not include paths to libgcrypt and
115 ;; zlib libraries, so we need to propagate the inputs.
116 (propagated-inputs `(("libgcrypt" ,libgcrypt)
117 ("zlib" ,zlib)))
fe365a3d
MW		 118 (arguments `(#:configure-flags `("--with-libgcrypt")
119 #:phases
120 ;; FIXME: In the next core-updates cycle, replace the entire
121 ;; following ,(...) form with its first 'modify-phases'
122 ;; subform. The change made here is only strictly needed on
123 ;; MIPS, but should work on any system. For now, we apply it
124 ;; only to MIPS to avoid forcing thousands of rebuilds on
125 ;; other systems.
126 ,(if (string-prefix? "mips" (or (%current-target-system)
127 (%current-system)))
128 '(modify-phases %standard-phases
129 (replace 'bootstrap
130 (lambda _
131 (invoke "autoreconf" "-v"))))
132 '(modify-phases %standard-phases
133 (add-before 'configure 'autoreconf
134 (lambda _
135 (invoke "autoreconf" "-v")))))))
ac2d5de3
MB		 136 (native-inputs `(("autoconf" ,autoconf)
137 ("automake" ,automake)))
35b9e423 138 (synopsis "Client-side C library implementing the SSH2 protocol")
2fbf053b
AE		 139 (description
140 "libssh2 is a library intended to allow software developers access to
35b9e423 141the SSH-2 protocol in an easy-to-use self-contained package. It can be built
2fbf053b
AE		 142into an application to perform many different tasks when communicating with
143a server that supports the SSH-2 protocol.")
144 (license license:bsd-3)
145 (home-page "http://www.libssh2.org/")))
fe0b8a78
AE		 146
147(define-public openssh
148 (package
149 (name "openssh")
df71447e 150 (version "7.9p1")
fe0b8a78 151 (source (origin
644e5f17
TGR		 152 (method url-fetch)
153 (uri (string-append "mirror://openbsd/OpenSSH/portable/"
154 name "-" version ".tar.gz"))
155 (sha256
156 (base32
df71447e 157 "1b8sy6v0b8v4ggmknwcqx3y1rjcpsll0f1f8f4vyv11x4ni3njvb"))))
fe0b8a78 158 (build-system gnu-build-system)
7d3373a0
LF		 159 (native-inputs `(("groff" ,groff)))
160 (inputs `(("openssl" ,openssl)
39012aab 161 ("pam" ,linux-pam)
040b6299 162 ("mit-krb5" ,mit-krb5)
683a4a34
LC		 163 ("zlib" ,zlib)
164 ("xauth" ,xauth))) ;for 'ssh -X' and 'ssh -Y'
fe0b8a78
AE		 165 (arguments
166 `(#:test-target "tests"
d3552450
LF		 167 ;; Otherwise, the test scripts try to use a nonexistent directory and
168 ;; fail.
169 #:make-flags '("REGRESSTMP=\"$${BUILDDIR}/regress\"")
040b6299 170 #:configure-flags `("--sysconfdir=/etc/ssh"
39012aab 171
040b6299 172 ;; Default value of 'PATH' used by sshd.
9af49832
LC		 173 "--with-default-path=/run/current-system/profile/bin"
174
040b6299
JD		 175 ;; configure needs to find krb5-config
176 ,(string-append "--with-kerberos5="
177 (assoc-ref %build-inputs "mit-krb5")
178 "/bin")
179
39012aab
LC		 180 ;; Enable PAM support in sshd.
181 "--with-pam")
182
fe0b8a78 183 #:phases
a9ee11d5
RW		 184 (modify-phases %standard-phases
185 (add-after 'configure 'reset-/var/empty
186 (lambda* (#:key outputs #:allow-other-keys)
187 (let ((out (assoc-ref outputs "out")))
188 (substitute* "Makefile"
189 (("PRIVSEP_PATH=/var/empty")
190 (string-append "PRIVSEP_PATH=" out "/var/empty")))
191 #t)))
192 (add-before 'check 'patch-tests
193 (lambda _
194 ;; remove 't-exec' regress target which requires user 'sshd'
195 (substitute* "regress/Makefile"
196 (("^(REGRESS_TARGETS=.*) t-exec(.*)" all pre post)
197 (string-append pre post)))
198 #t))
199 (replace 'install
36f26211 200 (lambda* (#:key outputs (make-flags '()) #:allow-other-keys)
a9ee11d5 201 ;; install without host keys and system configuration files
27b6adb7
MW		 202 (apply invoke "make" "install-nosysconf" make-flags)
203 (install-file "contrib/ssh-copy-id"
204 (string-append (assoc-ref outputs "out")
205 "/bin/"))
206 (chmod (string-append (assoc-ref outputs "out")
207 "/bin/ssh-copy-id") #o555)
208 (install-file "contrib/ssh-copy-id.1"
209 (string-append (assoc-ref outputs "out")
210 "/share/man/man1/"))
211 #t)))))
35b9e423 212 (synopsis "Client and server for the secure shell (ssh) protocol")
fe0b8a78
AE		 213 (description
214 "The SSH2 protocol implemented in OpenSSH is standardised by the
215IETF secsh working group and is specified in several RFCs and drafts.
216It is composed of three layered components:
217
218The transport layer provides algorithm negotiation and a key exchange.
219The key exchange includes server authentication and results in a
220cryptographically secured connection: it provides integrity, confidentiality
221and optional compression.
222
223The user authentication layer uses the established connection and relies on
35b9e423
EB		 224the services provided by the transport layer. It provides several mechanisms
225for user authentication. These include traditional password authentication
fe0b8a78
AE		 226as well as public-key or host-based authentication mechanisms.
227
228The connection layer multiplexes many different concurrent channels over the
229authenticated connection and allows tunneling of login sessions and
35b9e423 230TCP-forwarding. It provides a flow control service for these channels.
fe0b8a78 231Additionally, various channel-specific options can be negotiated.")
166191b3 232 (license (license:non-copyleft "file://LICENSE"
fe0b8a78 233 "See LICENSE in the distribution."))
1121a5c6 234 (home-page "https://www.openssh.com/")))
fe0b8a78 235
49d294e5
LC		 236(define-public guile-ssh
237 (package
238 (name "guile-ssh")
64bcc76c 239 (version "0.11.3")
6634180f 240 (home-page "https://github.com/artyom-poptsov/guile-ssh")
49d294e5 241 (source (origin
44fd0994
LC		 242 ;; ftp://memory-heap.org/software/guile-ssh/guile-ssh-VERSION.tar.gz
243 ;; exists, but the server appears to be too slow and unreliable.
6634180f
LC		 244 ;; Also, using this URL allows the GitHub updater to work.
245 (method url-fetch)
246 (uri (string-append home-page "/archive/v"
247 version ".tar.gz"))
248 (file-name (string-append name "-" version ".tar.gz"))
49d294e5
LC		 249 (sha256
250 (base32
64bcc76c 251 "1g2jzcg1p25zrkx06j160qb8bgcwa3001ys4q02496xs61pvywqk"))))
49d294e5 252 (build-system gnu-build-system)
74460d11 253 (outputs '("out" "debug"))
49d294e5 254 (arguments
c305ac30
LC		 255 '(;; It makes no sense to build libguile-ssh.a.
256 #:configure-flags '("--disable-static")
257
258 #:phases (modify-phases %standard-phases
8a8f6590
LC		 259 (add-after 'unpack 'autoreconf
260 (lambda* (#:key inputs #:allow-other-keys)
e7c37ed5 261 (invoke "autoreconf" "-vfi")))
92b72582 262 (add-before 'build 'fix-libguile-ssh-file-name
8a8f6590 263 (lambda* (#:key outputs #:allow-other-keys)
92b72582
LC		 264 ;; Build and install libguile-ssh.so so that we can use
265 ;; its absolute file name in .scm files, before we build
266 ;; the .go files.
e7c37ed5
TGR		 267 (let* ((out (assoc-ref outputs "out"))
268 (lib (string-append out "/lib")))
269 (invoke "make" "install"
270 "-C" "libguile-ssh"
271 "-j" (number->string
272 (parallel-job-count)))
273 (substitute* (find-files "." "\\.scm$")
274 (("\"libguile-ssh\"")
275 (string-append "\"" lib "/libguile-ssh\"")))
276 #t)))
d0002642
RJ		 277 (add-after 'install 'remove-bin-directory
278 (lambda* (#:key outputs #:allow-other-keys)
279 (let* ((out (assoc-ref outputs "out"))
280 (bin (string-append out "/bin"))
281 (examples (string-append
282 out "/share/guile-ssh/examples")))
283 (mkdir-p examples)
284 (rename-file (string-append bin "/ssshd.scm")
285 (string-append examples "/ssshd.scm"))
286 (rename-file (string-append bin "/sssh.scm")
287 (string-append examples "/sssh.scm"))
288 (delete-file-recursively bin)
289 #t))))
afde8da3
LC		 290 ;; Tests are not parallel-safe.
291 #:parallel-tests? #f))
49d294e5
LC		 292 (native-inputs `(("autoconf" ,autoconf)
293 ("automake" ,automake)
3246cc91 294 ("libtool" ,libtool)
00ee3a71 295 ("texinfo" ,texinfo)
49d294e5
LC		 296 ("pkg-config" ,pkg-config)
297 ("which" ,which)))
4d8806c3 298 (inputs `(("guile" ,guile-2.2)
6f9d5b2e 299 ("libssh" ,libssh)
44fd0994 300 ("libgcrypt" ,libgcrypt)))
49d294e5
LC		 301 (synopsis "Guile bindings to libssh")
302 (description
303 "Guile-SSH is a library that provides access to the SSH protocol for
304programs written in GNU Guile interpreter. It is a wrapper to the underlying
305libssh library.")
49d294e5 306 (license license:gpl3+)))
513e1950 307
befbaebf 308(define-public guile2.2-ssh
4d8806c3
LC		 309 (deprecated-package "guile2.2-ssh" guile-ssh))
310
311(define-public guile2.0-ssh
75c260ba
LC		 312 (package
313 (inherit guile-ssh)
4d8806c3
LC		 314 (name "guile2.0-ssh")
315 (inputs `(("guile" ,guile-2.0)
75c260ba 316 ,@(alist-delete "guile" (package-inputs guile-ssh))))))
befbaebf 317
513e1950
SHT		 318(define-public corkscrew
319 (package
320 (name "corkscrew")
321 (version "2.0")
322 (source
323 (origin
324 (method url-fetch)
040ae44a
TGR		 325 ;; The agroman.net domain name expired on 2017-03-23, and the original
326 ;; "http://www.agroman.net/corkscrew/corkscrew-2.0.tar.gz" now returns
327 ;; bogus HTML. Perhaps it will yet return. Until then, use a mirror.
328 (uri (string-append "https://downloads.openwrt.org/sources/"
329 "corkscrew-" version ".tar.gz"))
513e1950
SHT		 330 (sha256 (base32
331 "1gmhas4va6gd70i2x2mpxpwpgww6413mji29mg282jms3jscn3qd"))))
332 (build-system gnu-build-system)
333 (arguments
d2656332 334 `(#:phases
91c52629
EF		 335 (modify-phases %standard-phases
336 (replace 'configure
5b34f56c
TGR		 337 ;; Replace configure phase as the ./configure script does not like
338 ;; CONFIG_SHELL and SHELL passed as parameters
339 (lambda* (#:key outputs build target #:allow-other-keys)
340 (let* ((out (assoc-ref outputs "out"))
341 (bash (which "bash"))
91c52629
EF		 342 ;; Set --build and --host flags as the provided config.guess
343 ;; is not able to detect them
5b34f56c 344 (flags `(,(string-append "--prefix=" out)
91c52629
EF		 345 ,(string-append "--build=" build)
346 ,(string-append "--host=" (or target build)))))
347 (setenv "CONFIG_SHELL" bash)
5b34f56c 348 (apply invoke bash "./configure" flags))))
81d95a12
TGR		 349 (add-after 'install 'install-documentation
350 (lambda* (#:key outputs #:allow-other-keys)
351 (let* ((out (assoc-ref outputs "out"))
d2656332 352 (doc (string-append out "/share/doc/" ,name "-" ,version)))
81d95a12
TGR		 353 (install-file "README" doc)
354 #t))))))
513e1950 355 (home-page "http://www.agroman.net/corkscrew")
10c95711 356 (synopsis "SSH tunneling through HTTP(S) proxies")
513e1950 357 (description
10c95711
TGR		 358 "Corkscrew tunnels SSH connections through most HTTP and HTTPS proxies.
359Proxy authentication is only supported through the plain-text HTTP basic
360authentication scheme.")
513e1950 361 (license license:gpl2+)))
87bf526b
LC		 362
363(define-public mosh
364 (package
365 (name "mosh")
4b8b245b 366 (version "1.3.2")
87bf526b
LC		 367 (source (origin
368 (method url-fetch)
c3671282 369 (uri (string-append "https://mosh.org/mosh-" version ".tar.gz"))
87bf526b
LC		 370 (sha256
371 (base32
4b8b245b 372 "05hjhlp6lk8yjcy59zywpf0r6s0h0b9zxq0lw66dh9x8vxrhaq6s"))))
87bf526b
LC		 373 (build-system gnu-build-system)
374 (arguments
11379192
EF		 375 '(#:phases
376 (modify-phases %standard-phases
377 (add-after 'install 'wrap
378 (lambda* (#:key outputs #:allow-other-keys)
379 ;; Make sure 'mosh' can find 'mosh-client' and
380 ;; 'mosh-server'.
381 (let* ((out (assoc-ref outputs "out"))
382 (bin (string-append out "/bin")))
383 (wrap-program (string-append bin "/mosh")
384 `("PATH" ":" prefix (,bin)))))))))
87bf526b
LC		 385 (native-inputs
386 `(("pkg-config" ,pkg-config)))
387 (inputs
388 `(("openssl" ,openssl)
389 ("perl" ,perl)
390 ("perl-io-tty" ,perl-io-tty)
391 ("zlib" ,zlib)
392 ("ncurses" ,ncurses)
393 ("protobuf" ,protobuf)
394 ("boost-headers" ,boost)))
c3671282 395 (home-page "https://mosh.org/")
87bf526b
LC		 396 (synopsis "Remote shell tolerant to intermittent connectivity")
397 (description
398 "Remote terminal application that allows roaming, supports intermittent
399connectivity, and provides intelligent local echo and line editing of user
400keystrokes. Mosh is a replacement for SSH. It's more robust and responsive,
401especially over Wi-Fi, cellular, and long-distance links.")
402 (license license:gpl3+)))
8c6cfd55 403
c9a6a36f
SR		 404(define-public et
405 (package
406 (name "et")
407 (version "3.1.0")
408 (source
409 (origin
410 (method url-fetch)
411 (uri (string-append
412 "https://github.com/MisterTea/EternalTCP/archive/et-v"
413 version ".tar.gz"))
414 (sha256
415 (base32 "1n2w2kqbshdmbb0gz4yizyw9gqfls6qm2dnwx1d9c2hz7hmi7521"))))
416 (build-system cmake-build-system)
417 (arguments `(#:tests? #f))
418 (native-inputs
419 `(("pkg-config" ,pkg-config)))
420 (inputs `(("glog" ,glog)
421 ("gflags" ,gflags)
422 ("libsodium" ,libsodium)
423 ("protobuf" ,protobuf)))
424 (synopsis "Remote shell that automatically reconnects")
425 (description
426 "Eternal Terminal (ET) is a remote shell that automatically reconnects
427without interrupting the session. Unlike SSH sessions, ET sessions will
839ee8d5
TGR		 428survive even network outages and IP changes. ET uses a custom protocol over
429TCP, not the SSH protocol.")
c9a6a36f
SR		 430 (home-page "https://mistertea.github.io/EternalTCP/")
431 (license license:asl2.0)))
432
8c6cfd55
JD		 433(define-public dropbear
434 (package
435 (name "dropbear")
aa08ab38 436 (version "2018.76")
8c6cfd55
JD		 437 (source (origin
438 (method url-fetch)
439 (uri (string-append
dec3e015 440 "https://matt.ucc.asn.au/" name "/releases/"
a124bbd2 441 name "-" version ".tar.bz2"))
8a5a1eff 442 (patches (search-patches "dropbear-CVE-2018-15599.patch"))
8c6cfd55 443 (sha256
dec3e015 444 (base32
aa08ab38 445 "0rgavbzw7jrs5wslxm0dnwx2m409yzxd9hazd92r7kx8xikr3yzj"))))
8c6cfd55 446 (build-system gnu-build-system)
aa08ab38 447 (arguments `(#:tests? #f)) ; there is no "make check" or anything similar
8c6cfd55
JD		 448 (inputs `(("zlib" ,zlib)))
449 (synopsis "Small SSH server and client")
450 (description "Dropbear is a relatively small SSH server and
35b9e423
EB		 451client. It runs on a variety of POSIX-based platforms. Dropbear is
452particularly useful for embedded systems, such as wireless routers.")
8c6cfd55
JD		 453 (home-page "https://matt.ucc.asn.au/dropbear/dropbear.html")
454 (license (license:x11-style "" "See file LICENSE."))))
2102ae2e
DC		 455
456(define-public liboop
457 (package
458 (name "liboop")
506737f1 459 (version "1.0.1")
2102ae2e
DC		 460 (source
461 (origin
462 (method url-fetch)
506737f1
TGR		 463 (uri (string-append "http://ftp.lysator.liu.se/pub/liboop/"
464 name "-" version ".tar.gz"))
2102ae2e
DC		 465 (sha256
466 (base32
506737f1 467 "1q0p1l72pq9k3bi7a366j2rishv7dzzkg3i6r2npsfg7cnnidbsn"))))
2102ae2e
DC		 468 (build-system gnu-build-system)
469 (home-page "http://www.lysator.liu.se/liboop/")
470 (synopsis "Event loop library")
471 (description "Liboop is a low-level event loop management library for
472POSIX-based operating systems. It supports the development of modular,
473multiplexed applications which may respond to events from several sources. It
474replaces the \"select() loop\" and allows the registration of event handlers
475for file and network I/O, timers and signals. Since processes use these
476mechanisms for almost all external communication, liboop can be used as the
477basis for almost any application.")
478 (license license:lgpl2.1+)))
479
480(define-public lsh
481 (package
482 (name "lsh")
483 (version "2.1")
484 (source (origin
485 (method url-fetch)
486 (uri (string-append "mirror://gnu/lsh/lsh-"
487 version ".tar.gz"))
488 (sha256
489 (base32
490 "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
491 (modules '((guix build utils)))
492 (snippet
493 '(begin
494 (substitute* "src/testsuite/functions.sh"
495 (("localhost")
496 ;; Avoid host name lookups since they don't work in
497 ;; chroot builds.
498 "127.0.0.1")
499 (("set -e")
500 ;; Make tests more verbose.
501 "set -e\nset -x"))
502
503 (substitute* (find-files "src/testsuite" "-test$")
504 (("localhost") "127.0.0.1"))
505
506 (substitute* "src/testsuite/login-auth-test"
6cbee49d
MW		 507 (("/bin/cat") "cat"))
508 #t))))
2102ae2e
DC		 509 (build-system gnu-build-system)
510 (native-inputs
511 `(("m4" ,m4)
512 ("guile" ,guile-2.0)
513 ("gperf" ,gperf)
514 ("psmisc" ,psmisc))) ; for `killall'
515 (inputs
516 `(("nettle" ,nettle-2)
517 ("linux-pam" ,linux-pam)
518
519 ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
520 ;; Readline 6.3.
521 ("readline" ,readline-6.2)
522
523 ("liboop" ,liboop)
524 ("zlib" ,zlib)
525 ("gmp" ,gmp)
526
527 ;; The server (lshd) invokes xauth when X11 forwarding is requested.
528 ;; This adds 24 MiB (or 27%) to the closure of lsh.
529 ("xauth" ,xauth)))
530 (arguments
531 '(;; Skip the `configure' test that checks whether /dev/ptmx &
532 ;; co. work as expected, because it relies on impurities (for
533 ;; instance, /dev/pts may be unavailable in chroots.)
d5c969ce
LC		 534 #:configure-flags '("lsh_cv_sys_unix98_ptys=yes"
535
536 ;; Use glibc's argp rather than the bundled one.
537 "--with-system-argp"
538
539 ;; 'lsh_argp.h' checks HAVE_ARGP_PARSE but nothing
540 ;; defines it.
541 "CPPFLAGS=-DHAVE_ARGP_PARSE")
2102ae2e
DC		 542
543 ;; FIXME: Tests won't run in a chroot, presumably because
544 ;; /etc/profile is missing, and thus clients get an empty $PATH
545 ;; and nothing works.
546 #:tests? #f
547
548 #:phases
549 (modify-phases %standard-phases
550 (add-before 'configure 'pre-configure
551 (lambda* (#:key inputs #:allow-other-keys)
552 (let* ((nettle (assoc-ref inputs "nettle"))
553 (sexp-conv (string-append nettle "/bin/sexp-conv")))
d5c969ce
LC		 554 ;; Remove argp from the list of sub-directories; we don't want
555 ;; to build it, really.
556 (substitute* "src/Makefile.in"
557 (("^SUBDIRS = argp")
558 "SUBDIRS ="))
559
2102ae2e
DC		 560 ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
561 ;; by default.
562 (substitute* "src/environ.h.in"
563 (("^#define PATH_SEXP_CONV.*")
564 (string-append "#define PATH_SEXP_CONV \""
565 sexp-conv "\"\n")))
566
567 ;; Same for the 'lsh-authorize' script.
568 (substitute* "src/lsh-authorize"
569 (("=sexp-conv")
570 (string-append "=" sexp-conv)))
571
572 ;; Tell lshd where 'xauth' lives. Another option would be to
573 ;; hardcode "/run/current-system/profile/bin/xauth", thereby
574 ;; reducing the closure size, but that wouldn't work on foreign
575 ;; distros.
576 (with-fluids ((%default-port-encoding "ISO-8859-1"))
577 (substitute* "src/server_x11.c"
578 (("define XAUTH_PROGRAM.*")
579 (string-append "define XAUTH_PROGRAM \""
580 (assoc-ref inputs "xauth")
581 "/bin/xauth\"\n")))))
582
583 ;; Tests rely on $USER being set.
584 (setenv "USER" "guix"))))))
585 (home-page "http://www.lysator.liu.se/~nisse/lsh/")
586 (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
587 (description
588 "GNU lsh is a free implementation of the SSH version 2 protocol. It is
589used to create a secure line of communication between two computers,
590providing shell access to the server system from the client. It provides
591both the server daemon and the client application, as well as tools for
592manipulating key files.")
593 (license license:gpl2+)))
c777570b
NG		 594
595(define-public sshpass
596 (package
597 (name "sshpass")
598 (version "1.06")
599 (synopsis "Non-interactive password authentication with SSH")
600 (home-page "https://sourceforge.net/projects/sshpass/")
601 (source
602 (origin
603 (method url-fetch)
604 (uri (string-append "mirror://sourceforge/sshpass/sshpass/"
605 version "/sshpass-" version ".tar.gz"))
606 (sha256
607 (base32
608 "0q7fblaczb7kwbsz0gdy9267z0sllzgmf0c7z5c9mf88wv74ycn6"))))
609 (build-system gnu-build-system)
610 (description "sshpass is a tool for non-interactivly performing password
611authentication with SSH's so-called @dfn{interactive keyboard password
612authentication}.")
613 (license license:gpl2+)))
8caeb117
CAW		 614
615(define-public autossh
616 (package
617 (name "autossh")
5660325e 618 (version "1.4f")
8caeb117
CAW		 619 (source
620 (origin
621 (method url-fetch)
622 (uri (string-append
623 "http://www.harding.motd.ca/autossh/autossh-"
624 version ".tgz"))
625 (sha256
5660325e 626 (base32 "1wpqwa2872nqgqbhnb6nnkrlzpdawd5k69gh1qp68354pvhyawh1"))))
8caeb117
CAW		 627 (build-system gnu-build-system)
628 (arguments `(#:tests? #f)) ; There is no "make check" or anything similar
629 (inputs `(("openssh" ,openssh)))
630 (synopsis "Automatically restart SSH sessions and tunnels")
631 (description "autossh is a program to start a copy of @command{ssh} and
632monitor it, restarting it as necessary should it die or stop passing traffic.")
633 (home-page "http://www.harding.motd.ca/autossh/")
634 (license
635 ;; Why point to a source file? Well, all the individual files have a
636 ;; copy of this license in their headers, but there's no separate file
637 ;; with that information.
638 (license:non-copyleft "file://autossh.c"))))
227dbd84
RW		 639
640(define-public pdsh
641 (package
642 (name "pdsh")
b982fb1c 643 (version "2.33")
227dbd84
RW		 644 (source
645 (origin
646 (method url-fetch)
b982fb1c 647 (uri (string-append "https://github.com/chaos/pdsh/"
648 "releases/download/pdsh-" version
649 "/pdsh-" version ".tar.gz"))
650 (file-name (string-append name "-" version ".tar.gz"))
227dbd84 651 (sha256
b982fb1c 652 (base32 "0bwlkl9inj66iwvafg00pi3sk9n673phdi0kcc59y9nn55s0hs3k"))))
227dbd84
RW		 653 (build-system gnu-build-system)
654 (arguments
655 `(#:configure-flags
656 (list "--with-ssh")
657 #:phases
658 (modify-phases %standard-phases
659 (add-after 'unpack 'patch-/bin/sh
660 (lambda _
b982fb1c 661 (substitute* '("tests/t0006-pdcp.sh"
662 "tests/t0004-module-loading.sh"
663 "tests/t2001-ssh.sh"
664 "tests/t1003-slurm.sh"
665 "tests/t6036-long-output-lines.sh"
666 "tests/aggregate-results.sh"
667 "tests/t2000-exec.sh"
668 "tests/t0002-internal.sh"
669 "tests/t1002-dshgroup.sh"
670 "tests/t5000-dshbak.sh"
671 "tests/t0001-basic.sh"
672 "tests/t0005-rcmd_type-and-user.sh"
227dbd84 673 "tests/test-lib.sh"
b982fb1c 674 "tests/t2002-mrsh.sh"
675 "tests/t0003-wcoll.sh"
227dbd84
RW		 676 "tests/test-modules/pcptest.c")
677 (("/bin/sh") (which "bash")))
b982fb1c 678 #t))
679 (add-after 'unpack 'patch-tests
680 (lambda _
681 (substitute* "tests/t6036-long-output-lines.sh"
682 (("which") (which "which")))
227dbd84
RW		 683 #t)))))
684 (inputs
685 `(("openssh" ,openssh)
686 ("mit-krb5" ,mit-krb5)
687 ("perl" ,perl)))
b982fb1c 688 (native-inputs
689 `(("which" ,which)))
690 (home-page "https://github.com/chaos/pdsh")
227dbd84
RW		 691 (synopsis "Parallel distributed shell")
692 (description "Pdsh is a an efficient, multithreaded remote shell client
693which executes commands on multiple remote hosts in parallel. Pdsh implements
694dynamically loadable modules for extended functionality such as new remote
695shell services and remote host selection.")
696 (license license:gpl2+)))
ae72b8f5
MG		 697
698(define-public clustershell
699 (package
700 (name "clustershell")
701 (version "1.8")
702 (source
703 (origin
704 (method url-fetch)
705 (uri (string-append "https://github.com/cea-hpc/clustershell/archive/v"
706 version
707 ".tar.gz"))
708 (sha256
709 (base32 "1qyf6zp5ikk8rk7zvx5ssbgr9si2bqv3a3415590kd07s7i16nmd"))
710 (file-name (string-append name "-" version ".tar.gz"))))
711 (build-system python-build-system)
712 (inputs `(("openssh" ,openssh)))
713 (propagated-inputs `(("python-pyyaml" ,python-pyyaml)))
714 (arguments
715 `(#:phases (modify-phases %standard-phases
716 (add-before 'build 'record-openssh-file-name
717 (lambda* (#:key inputs #:allow-other-keys)
718 (let ((ssh (assoc-ref inputs "openssh")))
719 (substitute* "lib/ClusterShell/Worker/Ssh.py"
720 (("info\\(\"ssh_path\"\\) or \"ssh\"")
721 (string-append "info(\"ssh_path\") or \""
722 ssh "/bin/ssh\"")))
723 #t))))))
724 (home-page "https://cea-hpc.github.io/clustershell/")
725 (synopsis "Scalable event-driven Python framework for cluster administration")
726 (description
727 "ClusterShell is an event-driven Python framework, designed to run local
728or distant commands in parallel on server farms or on large GNU/Linux
729clusters. It will take care of common issues encountered on HPC clusters,
730such as operating on groups of nodes, running distributed commands using
731optimized execution algorithms, as well as gathering results and merging
732identical outputs, or retrieving return codes. ClusterShell takes advantage
733of existing remote shell facilities such as SSH.")
734 (license license:lgpl2.1+)))
jackhill's copy of GNU Guix: https://guix.gnu.org/