;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
-;;; Copyright © 2015, 2016, 2018 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2015, 2016, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016, 2019 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Nicolas Goaziou <mail@nicolasgoaziou.fr>
;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
-;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Stefan Reichör <stefan@xsteve.at>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2017 ng0 <ng0@n0.is>
;;; Copyright © 2018 Manuel Graf <graf@init.at>
;;; Copyright © 2019 Gábor Boskovits <boskovits@gmail.com>
+;;; Copyright © 2020 Mathieu Othacehe <m.othacehe@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
#:use-module (gnu packages base)
- #:autoload (gnu packages boost) (boost)
+ #:use-module (gnu packages boost)
#:use-module (gnu packages compression)
#:use-module (gnu packages crypto)
#:use-module (gnu packages elf)
#:use-module (gnu packages perl)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages popt)
- #:autoload (gnu packages protobuf) (protobuf)
+ #:use-module (gnu packages protobuf)
#:use-module (gnu packages python)
#:use-module (gnu packages python-xyz)
#:use-module (gnu packages readline)
#:use-module (guix git-download)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
+ #:use-module (guix utils)
#:use-module (srfi srfi-1))
(define-public libssh
(package
(name "libssh")
- (version "0.8.7")
+ (version "0.9.3")
(source (origin
(method git-fetch)
(uri (git-reference
(commit (string-append "libssh-" version))))
(sha256
(base32
- "1iqik1ba0g008k1mb1n85iih1azi7giy0c485jnlmsrjxik4q3j2"))
+ "175i3xybg69d5lb078334v6dd3njm743kww8f67ix9w33969rmzf"))
(file-name (git-file-name name version))))
(build-system cmake-build-system)
(outputs '("out" "debug"))
(arguments
'(#:configure-flags '("-DWITH_GCRYPT=ON")
- #:phases (modify-phases %standard-phases
- (add-before 'configure 'avoid-werror
- (lambda _
- ;; Avoid '-Werror'. Presumably this works fine with
- ;; gcc@8 on x86_64 but leads to errors with our older
- ;; compiler.
- (substitute* "CompilerChecks.cmake"
- (("-Werror=") "-W"))
- #t)))
-
;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite.
#:tests? #f))
(inputs `(("zlib" ,zlib)
- ("libgcrypt" ,libgcrypt)))
+ ("libgcrypt" ,libgcrypt)
+ ("mit-krb5" ,mit-krb5)))
(synopsis "SSH client library")
(description
"libssh is a C library implementing the SSHv2 and SSHv1 protocol for client
(define-public libssh2
(package
(name "libssh2")
- (version "1.8.1")
+ (version "1.9.0")
(source (origin
(method url-fetch)
(uri (string-append
version ".tar.gz"))
(sha256
(base32
- "0ngif3ynk6xqzy5nlfjs7bsmfm81g9f145av0z86kf0vbgrigda0"))
- (patches
- (search-patches "libssh2-fix-build-failure-with-gcrypt.patch"))))
+ "1zfsz9nldakfz61d2j70pk29zlmj7w2vv46s9l3x2prhcgaqpyym"))))
(build-system gnu-build-system)
;; The installed libssh2.pc file does not include paths to libgcrypt and
;; zlib libraries, so we need to propagate the inputs.
(propagated-inputs `(("libgcrypt" ,libgcrypt)
("zlib" ,zlib)))
- (arguments `(#:configure-flags `("--with-libgcrypt")
- #:phases (modify-phases %standard-phases
- (replace 'bootstrap
- (lambda _
- (invoke "autoreconf" "-v"))))))
- (native-inputs `(("autoconf" ,autoconf)
- ("automake" ,automake)))
+ (arguments `(#:configure-flags `("--with-libgcrypt")))
(synopsis "Client-side C library implementing the SSH2 protocol")
(description
"libssh2 is a library intended to allow software developers access to
(define-public openssh
(package
(name "openssh")
- (version "7.9p1")
+ (version "8.2p1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://openbsd/OpenSSH/portable/"
- name "-" version ".tar.gz"))
- (patches (search-patches "openssh-CVE-2018-20685.patch"))
+ "openssh-" version ".tar.gz"))
(sha256
(base32
- "1b8sy6v0b8v4ggmknwcqx3y1rjcpsll0f1f8f4vyv11x4ni3njvb"))))
+ "0wg6ckzvvklbzznijxkk28fb8dnwyjd0w30ra0afwv6gwr8m34j3"))))
(build-system gnu-build-system)
(native-inputs `(("groff" ,groff)
("pkg-config" ,pkg-config)))
("pam" ,linux-pam)
("mit-krb5" ,mit-krb5)
("zlib" ,zlib)
- ("xauth" ,xauth))) ;for 'ssh -X' and 'ssh -Y'
+ ("xauth" ,xauth))) ; for 'ssh -X' and 'ssh -Y'
(arguments
`(#:test-target "tests"
;; Otherwise, the test scripts try to use a nonexistent directory and
;; Default value of 'PATH' used by sshd.
"--with-default-path=/run/current-system/profile/bin"
- ;; configure needs to find krb5-config
+ ;; configure needs to find krb5-config.
,(string-append "--with-kerberos5="
(assoc-ref %build-inputs "mit-krb5")
"/bin")
- ;; libedit needed for sftp completion
+ ;; libedit is needed for sftp completion.
"--with-libedit"
;; Enable PAM support in sshd.
#t)))
(add-before 'check 'patch-tests
(lambda _
- ;; remove 't-exec' regress target which requires user 'sshd'
- (substitute* "regress/Makefile"
- (("^(REGRESS_TARGETS=.*) t-exec(.*)" all pre post)
+ (substitute* "regress/test-exec.sh"
+ (("/bin/sh") (which "sh")))
+
+ ;; Remove 't-exec' regress target which requires user 'sshd'.
+ (substitute* (list "Makefile"
+ "regress/Makefile")
+ (("^(tests:.*) t-exec(.*)" all pre post)
(string-append pre post)))
#t))
(replace 'install
(lambda* (#:key outputs (make-flags '()) #:allow-other-keys)
- ;; install without host keys and system configuration files
+ ;; Install without host keys and system configuration files.
(apply invoke "make" "install-nosysconf" make-flags)
(install-file "contrib/ssh-copy-id"
(string-append (assoc-ref outputs "out")
(define-public guile-ssh
(package
(name "guile-ssh")
- (version "0.11.3")
+ (version "0.12.0")
(home-page "https://github.com/artyom-poptsov/guile-ssh")
(source (origin
(method git-fetch)
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "03bv3hwp2s8f0bqgfjaan9jx4dyab0abv27n2zn2g0izlidv0vl6"))
- (modules '((guix build utils)))
- (snippet
- '(begin
- ;; libssh >= 0.8.0 no longer provides libssh_threads: see
- ;; <https://github.com/artyom-poptsov/guile-ssh/issues/9>.
- (substitute* "libguile-ssh/Makefile.am"
- (("-lssh_threads") ""))
-
- ;; This test would wrongfully pick DSS keys when running on
- ;; libssh >= 0.8.0, which fails:
- ;; <https://github.com/artyom-poptsov/guile-ssh/issues/10>.
- (substitute* "tests/server.scm"
- (("= %libssh-minor-version 7")
- ">= %libssh-minor-version 7"))
- #t))))
+ "054hd9rzfhb48gc1hw3rphhp0cnnd4bs5qmidy5ygsyvy9ravlad"))
+ (modules '((guix build utils)))))
(build-system gnu-build-system)
(outputs '("out" "debug"))
(arguments
- '(;; It makes no sense to build libguile-ssh.a.
+ `(;; It makes no sense to build libguile-ssh.a.
#:configure-flags '("--disable-static")
#:phases (modify-phases %standard-phases
- (add-after 'unpack 'autoreconf
- (lambda* (#:key inputs #:allow-other-keys)
- (invoke "autoreconf" "-vfi")))
(add-before 'build 'fix-libguile-ssh-file-name
(lambda* (#:key outputs #:allow-other-keys)
;; Build and install libguile-ssh.so so that we can use
(("\"libguile-ssh\"")
(string-append "\"" lib "/libguile-ssh\"")))
#t)))
+ ,@(if (%current-target-system)
+ '()
+ '((add-before 'check 'fix-guile-path
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((guile (assoc-ref inputs "guile")))
+ (substitute* "tests/common.scm"
+ (("/usr/bin/guile")
+ (string-append guile "/bin/guile")))
+ #t)))))
(add-after 'install 'remove-bin-directory
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
("libtool" ,libtool)
("texinfo" ,texinfo)
("pkg-config" ,pkg-config)
- ("which" ,which)))
+ ("which" ,which)
+ ("guile" ,guile-2.2))) ;needed when cross-compiling.
(inputs `(("guile" ,guile-2.2)
("libssh" ,libssh)
("libgcrypt" ,libgcrypt)))
libssh library.")
(license license:gpl3+)))
-(define-public guile2.2-ssh
- (deprecated-package "guile2.2-ssh" guile-ssh))
-
(define-public guile2.0-ssh
(package
(inherit guile-ssh)
(name "guile2.0-ssh")
+ (native-inputs
+ `(("guile" ,guile-2.0) ;needed when cross-compiling.
+ ,@(alist-delete "guile" (package-native-inputs guile-ssh))))
(inputs `(("guile" ,guile-2.0)
,@(alist-delete "guile" (package-inputs guile-ssh))))))
+(define-public guile3.0-ssh
+ (package
+ (inherit guile-ssh)
+ (name "guile3.0-ssh")
+ (native-inputs
+ `(("guile" ,guile-next) ;needed when cross-compiling.
+ ,@(alist-delete "guile" (package-native-inputs guile-ssh))))
+ (inputs `(("guile" ,guile-next)
+ ,@(alist-delete "guile" (package-inputs guile-ssh))))))
+
(define-public corkscrew
(package
(name "corkscrew")
(version "3.1.0")
(source
(origin
- (method url-fetch)
- (uri (string-append
- "https://github.com/MisterTea/EternalTCP/archive/et-v"
- version ".tar.gz"))
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/MisterTea/EternalTCP.git")
+ (commit (string-append "et-v" version))))
+ (file-name (git-file-name name version))
(sha256
- (base32 "1n2w2kqbshdmbb0gz4yizyw9gqfls6qm2dnwx1d9c2hz7hmi7521"))))
+ (base32 "1m5caxckn2ihwp9s2pbyh5amxlpwr7yc54q8s0kb10fr52w2vfnm"))))
(build-system cmake-build-system)
(arguments `(#:tests? #f))
(native-inputs
(define-public dropbear
(package
(name "dropbear")
- (version "2018.76")
- (source (origin
- (method url-fetch)
- (uri (string-append
- "https://matt.ucc.asn.au/" name "/releases/"
- name "-" version ".tar.bz2"))
- (patches (search-patches "dropbear-CVE-2018-15599.patch"))
- (sha256
- (base32
- "0rgavbzw7jrs5wslxm0dnwx2m409yzxd9hazd92r7kx8xikr3yzj"))))
+ (version "2019.78")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://matt.ucc.asn.au/dropbear/releases/"
+ "dropbear-" version ".tar.bz2"))
+ (sha256
+ (base32 "19242qlr40pbqfqd0gg6h8qpj38q6lgv03ja6sahj9vj2abnanaj"))))
(build-system gnu-build-system)
- (arguments `(#:tests? #f)) ; there is no "make check" or anything similar
+ (arguments `(#:tests? #f)) ; there is no "make check" or anything similar
;; TODO: Investigate unbundling libtommath and libtomcrypt or at least
;; cherry-picking important bug fixes from them. See <bugs.gnu.org/24674>
;; for more information.
(base32
"1q0p1l72pq9k3bi7a366j2rishv7dzzkg3i6r2npsfg7cnnidbsn"))))
(build-system gnu-build-system)
- (home-page "http://www.lysator.liu.se/liboop/")
+ (home-page "https://www.lysator.liu.se/liboop/")
(synopsis "Event loop library")
(description "Liboop is a low-level event loop management library for
POSIX-based operating systems. It supports the development of modular,
;; Tests rely on $USER being set.
(setenv "USER" "guix"))))))
- (home-page "http://www.lysator.liu.se/~nisse/lsh/")
+ (home-page "https://www.lysator.liu.se/~nisse/lsh/")
(synopsis "GNU implementation of the Secure Shell (ssh) protocols")
(description
"GNU lsh is a free implementation of the SSH version 2 protocol. It is
(define-public pdsh
(package
(name "pdsh")
- (version "2.33")
+ (version "2.34")
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/chaos/pdsh/"
"releases/download/pdsh-" version
"/pdsh-" version ".tar.gz"))
- (file-name (string-append name "-" version ".tar.gz"))
(sha256
- (base32 "0bwlkl9inj66iwvafg00pi3sk9n673phdi0kcc59y9nn55s0hs3k"))))
+ (base32 "1s91hmhrz7rfb6h3l5k97s393rcm1ww3svp8dx5z8vkkc933wyxl"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
(define-public clustershell
(package
(name "clustershell")
- (version "1.8")
+ (version "1.8.3")
(source
(origin
(method url-fetch)
- (uri (string-append "https://github.com/cea-hpc/clustershell/archive/v"
- version
- ".tar.gz"))
+ (uri (string-append "https://github.com/cea-hpc/clustershell/releases"
+ "/download/v" version
+ "/ClusterShell-" version ".tar.gz"))
(sha256
- (base32 "1qyf6zp5ikk8rk7zvx5ssbgr9si2bqv3a3415590kd07s7i16nmd"))
- (file-name (string-append name "-" version ".tar.gz"))))
+ (base32 "1qdcgh733szwj9r1gambrgfkizvbjci0bnnkds9a8mnyb3sasnan"))))
(build-system python-build-system)
(inputs `(("openssh" ,openssh)))
(propagated-inputs `(("python-pyyaml" ,python-pyyaml)))
identical outputs, or retrieving return codes. ClusterShell takes advantage
of existing remote shell facilities such as SSH.")
(license license:lgpl2.1+)))
+
+(define-public endlessh
+ (package
+ (name "endlessh")
+ (version "1.1")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/skeeto/endlessh.git")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0ziwr8j1frsp3dajr8h5glkm1dn5cci404kazz5w1jfrp0736x68"))))
+ (build-system gnu-build-system)
+ (arguments
+ '(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
+ "CC=gcc")
+ #:tests? #f ; no test target
+ #:phases
+ (modify-phases %standard-phases
+ (delete 'configure)))) ; no configure script
+ (home-page "https://github.com/skeeto/endlessh")
+ (synopsis "SSH tarpit that slowly sends an endless banner")
+ (description
+ "Endlessh is an SSH tarpit that very slowly sends an endless, random SSH
+banner. It keeps SSH clients locked up for hours or even days at a time. The
+purpose is to put your real SSH server on another port and then let the script
+kiddies get stuck in this tarpit instead of bothering a real server.
+
+Since the tarpit is in the banner before any cryptographic exchange occurs, this
+program doesn't depend on any cryptographic libraries. It's a simple,
+single-threaded, standalone C program. It uses @code{poll()} to trap multiple
+clients at a time.")
+ (license license:unlicense)))