;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
-;;; Copyright © 2015, 2016, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2015, 2016, 2018, 2019, 2020, 2021 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016, 2019 Leo Famulari <leo@famulari.name>
-;;; Copyright © 2016 Nicolas Goaziou <mail@nicolasgoaziou.fr>
+;;; Copyright © 2016, 2021 Nicolas Goaziou <mail@nicolasgoaziou.fr>
;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
-;;; Copyright © 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2017–2021 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Stefan Reichör <stefan@xsteve.at>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2017 Nikita <nikita@n0.is>
#:use-module (gnu packages gperf)
#:use-module (gnu packages groff)
#:use-module (gnu packages guile)
+ #:use-module (gnu packages hurd)
#:use-module (gnu packages libedit)
#:use-module (gnu packages linux)
#:use-module (gnu packages logging)
#:use-module (gnu packages popt)
#:use-module (gnu packages protobuf)
#:use-module (gnu packages python)
+ #:use-module (gnu packages python-crypto)
+ #:use-module (gnu packages python-web)
#:use-module (gnu packages python-xyz)
#:use-module (gnu packages readline)
#:use-module (gnu packages texinfo)
(define-public libssh
(package
(name "libssh")
- (version "0.9.4")
+ (version "0.9.5")
(source (origin
(method git-fetch)
(uri (git-reference
(commit (string-append "libssh-" version))))
(sha256
(base32
- "0qr4vi3k1wv69c95d9j26fiv78pzyksaq8ccd76b8nxar5z1fbj6"))
+ "1b2klflmn0mdkcyjl4dqfg116bf9nhmqm4qla5cqa9xis89a5bn6"))
(file-name (git-file-name name version))))
(build-system cmake-build-system)
(outputs '("out" "debug"))
version ".tar.gz"))
(sha256
(base32
- "1zfsz9nldakfz61d2j70pk29zlmj7w2vv46s9l3x2prhcgaqpyym"))))
+ "1zfsz9nldakfz61d2j70pk29zlmj7w2vv46s9l3x2prhcgaqpyym"))
+ (patches (search-patches "libssh2-CVE-2019-17498.patch"))))
(build-system gnu-build-system)
;; The installed libssh2.pc file does not include paths to libgcrypt and
;; zlib libraries, so we need to propagate the inputs.
(define-public openssh
(package
(name "openssh")
- (version "8.3p1")
+ (version "8.6p1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://openbsd/OpenSSH/portable/"
(patches (search-patches "openssh-hurd.patch"))
(sha256
(base32
- "1cl74ghi9y21dc3f4xa0qamb7dhwacbynh1ks9syprrg8zhgpgpj"))))
+ "1bnpivgk98h2f9afpp88jv6g9ps83vnpxd031n2jqxi12vdf9rn3"))))
(build-system gnu-build-system)
(native-inputs `(("groff" ,groff)
("pkg-config" ,pkg-config)))
(inputs `(("libedit" ,libedit)
("openssl" ,openssl)
- ("pam" ,linux-pam)
+ ,@(if (hurd-target?)
+ '()
+ `(("pam" ,linux-pam)))
("mit-krb5" ,mit-krb5)
("zlib" ,zlib)
("xauth" ,xauth))) ; for 'ssh -X' and 'ssh -Y'
"--with-libedit"
;; Enable PAM support in sshd.
- "--with-pam"
+ ,,@(if (hurd-target?)
+ '()
+ '("--with-pam"))
;; "make install" runs "install -s" by default,
;; which doesn't work for cross-compiled binaries
(synopsis "OpenSSH client and server without X11 support")))
(define-public guile-ssh
- ;; This unreleased commit fixes for <https://issues.guix.gnu.org/42740>.
- (let ((commit "688d7f3797b5155257a6c2ee4ea5084b3d8cc244")
- (revision "1"))
- (package
- (name "guile-ssh")
- (version (git-version "0.13.0" revision commit))
- (home-page "https://github.com/artyom-poptsov/guile-ssh")
- (source (origin
- (method git-fetch)
- (uri (git-reference
- (url home-page)
- (commit commit)))
- (file-name (git-file-name name version))
- (sha256
- (base32
- "0mbff4v8738pmcs6sdma4b9gqb0bklraj346i5g5b1mwdywhzljj"))
- (modules '((guix build utils)))))
- (build-system gnu-build-system)
- (outputs '("out" "debug"))
- (arguments
- `(#:configure-flags '("--disable-static")
- #:phases
- (modify-phases %standard-phases
- (add-before 'build 'fix-libguile-ssh-file-name
- (lambda* (#:key outputs #:allow-other-keys)
- ;; Build and install libguile-ssh.so so that we can use
- ;; its absolute file name in .scm files, before we build
- ;; the .go files.
- (let* ((out (assoc-ref outputs "out"))
- (lib (string-append out "/lib")))
- (invoke "make" "install"
- "-C" "libguile-ssh"
- "-j" (number->string
- (parallel-job-count)))
- (substitute* (find-files "." "\\.scm$")
- (("\"libguile-ssh\"")
- (string-append "\"" lib "/libguile-ssh\"")))
- #t)))
- ,@(if (%current-target-system)
- '()
- '((add-before 'check 'fix-guile-path
- (lambda* (#:key inputs #:allow-other-keys)
- (let ((guile (assoc-ref inputs "guile")))
- (substitute* "tests/common.scm"
- (("/usr/bin/guile")
- (string-append guile "/bin/guile")))
- #t)))))
- (add-after 'install 'remove-bin-directory
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (bin (string-append out "/bin"))
- (examples (string-append
- out "/share/guile-ssh/examples")))
- (mkdir-p examples)
- (rename-file (string-append bin "/ssshd.scm")
- (string-append examples "/ssshd.scm"))
- (rename-file (string-append bin "/sssh.scm")
- (string-append examples "/sssh.scm"))
- (delete-file-recursively bin)
- #t))))))
- (native-inputs `(("autoconf" ,autoconf)
- ("automake" ,automake)
- ("libtool" ,libtool)
- ("texinfo" ,texinfo)
- ("pkg-config" ,pkg-config)
- ("which" ,which)
- ("guile" ,guile-3.0))) ;needed when cross-compiling.
- (inputs `(("guile" ,guile-3.0)
- ("libssh" ,libssh)
- ("libgcrypt" ,libgcrypt)))
- (synopsis "Guile bindings to libssh")
- (description "Guile-SSH is a library that provides access to the SSH
-protocol for programs written in GNU Guile interpreter. It is a wrapper to
-the underlying libssh library.")
- (license license:gpl3+))))
+ (package
+ (name "guile-ssh")
+ (version "0.13.1")
+ (home-page "https://github.com/artyom-poptsov/guile-ssh")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url home-page)
+ (commit (string-append "v" version))))
+ (file-name (string-append name "-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1xpxkvgj7wgcl450djkcrmrf957mcy2f36hfs5g6kpla1gax2d1g"))
+ (modules '((guix build utils)))))
+ (build-system gnu-build-system)
+ (outputs '("out" "debug"))
+ (arguments
+ `(;; It makes no sense to build libguile-ssh.a.
+ #:configure-flags '("--disable-static")
+
+ #:phases (modify-phases %standard-phases
+ (add-before 'build 'fix-libguile-ssh-file-name
+ (lambda* (#:key outputs #:allow-other-keys)
+ ;; Build and install libguile-ssh.so so that we can use
+ ;; its absolute file name in .scm files, before we build
+ ;; the .go files.
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib")))
+ (invoke "make" "install"
+ "-C" "libguile-ssh"
+ "-j" (number->string
+ (parallel-job-count)))
+ (substitute* (find-files "." "\\.scm$")
+ (("\"libguile-ssh\"")
+ (string-append "\"" lib "/libguile-ssh\"")))
+ #t)))
+ ,@(if (%current-target-system)
+ '()
+ '((add-before 'check 'fix-guile-path
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((guile (assoc-ref inputs "guile")))
+ (substitute* "tests/common.scm"
+ (("/usr/bin/guile")
+ (string-append guile "/bin/guile")))
+ #t)))))
+ (add-after 'install 'remove-bin-directory
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (examples (string-append
+ out "/share/guile-ssh/examples")))
+ (mkdir-p examples)
+ (rename-file (string-append bin "/ssshd.scm")
+ (string-append examples "/ssshd.scm"))
+ (rename-file (string-append bin "/sssh.scm")
+ (string-append examples "/sssh.scm"))
+ (delete-file-recursively bin)
+ #t))))))
+ (native-inputs `(("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("libtool" ,libtool)
+ ("texinfo" ,texinfo)
+ ("pkg-config" ,pkg-config)
+ ("which" ,which)
+ ("guile" ,guile-3.0))) ;needed when cross-compiling.
+ (inputs `(("guile" ,guile-3.0)
+ ("libssh" ,libssh)
+ ("libgcrypt" ,libgcrypt)))
+ (synopsis "Guile bindings to libssh")
+ (description
+ "Guile-SSH is a library that provides access to the SSH protocol for
+programs written in GNU Guile interpreter. It is a wrapper to the underlying
+libssh library.")
+ (license license:gpl3+)))
(define-public guile2.0-ssh
(package
(deprecated-package "guile3.0-ssh" guile-ssh))
(define-public corkscrew
- (package
- (name "corkscrew")
- (version "2.0")
- (source
- (origin
- (method git-fetch)
- (uri (git-reference
- (url "https://github.com/patpadgett/corkscrew")
- (commit (string-append "v" version))))
- (sha256
- (base32 "0g4pkczrc1zqpnxyyjwcjmyzdj5qqcpzwf1bm3965zdwp94bpppf"))
- (file-name (git-file-name name version))))
- (build-system gnu-build-system)
- (arguments
- `(#:phases
- (modify-phases %standard-phases
- (replace 'configure
- ;; Replace configure phase as the ./configure script does not like
- ;; CONFIG_SHELL and SHELL passed as parameters.
- (lambda* (#:key outputs build target #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (bash (which "bash"))
- ;; Set --build and --host flags as the provided config.guess
- ;; is not able to detect them.
- (flags `(,(string-append "--prefix=" out)
- ,(string-append "--build=" build)
- ,(string-append "--host=" (or target build)))))
- (setenv "CONFIG_SHELL" bash)
- (apply invoke bash "./configure" flags))))
- (add-after 'install 'install-documentation
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (doc (string-append out "/share/doc/" ,name "-" ,version)))
- (install-file "README.markdown" doc)
- #t))))))
- (home-page "https://github.com/patpadgett/corkscrew")
- (synopsis "SSH tunneling through HTTP(S) proxies")
- (description
- "Corkscrew tunnels SSH connections through most HTTP and HTTPS proxies.
-Proxy authentication is only supported through the plain-text HTTP basic
-authentication scheme.")
- (license license:gpl2+)))
+ ;; The last 2.0 release hails from 2009. Use a fork (submitted upstream as
+ ;; <https://github.com/patpadgett/corkscrew/pull/5>) that adds now-essential
+ ;; IPv6 and TLS support.
+ (let ((revision "0")
+ (commit "268b71e88ee51fddceab96d665b327394f1feb12"))
+ (package
+ (name "corkscrew")
+ (version (git-version "2.0" revision commit))
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/rtgill82/corkscrew")
+ (commit commit)))
+ (sha256
+ (base32 "1rylbimlfig3ii4bqr4r058lkc43pqkxnxqpqdpm31blh3xs0dcw"))
+ (file-name (git-file-name name version))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags
+ (list "--enable-ssl")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'update-metadata
+ (lambda _
+ (substitute* "configure.ac"
+ ;; Our version differs significantly.
+ (("2.0") (string-append ,version " (Guix)")))
+ (substitute* "corkscrew.c"
+ ;; This domain's since been squat.
+ (("\\(agroman@agroman\\.net\\)")
+ (format #f "<~a>" ,(package-home-page this-package))))))
+ (add-after 'install 'install-documentation
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (doc (string-append out "/share/doc/" ,name "-" ,version)))
+ (install-file "README.md" doc)
+ #t))))))
+ (native-inputs
+ `(("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("pkg-config" ,pkg-config)))
+ (inputs
+ `(("openssl" ,openssl)))
+ (home-page "https://github.com/patpadgett/corkscrew")
+ (synopsis "SSH tunneling through HTTP(S) proxies")
+ (description
+ "Corkscrew tunnels SSH connections through most HTTP and HTTPS proxies.
+It supports proxy authentication through the HTTP basic authentication scheme
+with optional @acronym{TLS, Transport-Level Security} to protect credentials.")
+ (license license:gpl2+))))
(define-public mosh
(package
responsive, especially over Wi-Fi, cellular, and long-distance links.")
(license license:gpl3+)))
-(define-public et
- (package
- (name "et")
- (version "3.1.0")
- (source
- (origin
- (method git-fetch)
- (uri (git-reference
- (url "https://github.com/MisterTea/EternalTCP")
- (commit (string-append "et-v" version))))
- (file-name (git-file-name name version))
- (sha256
- (base32 "1m5caxckn2ihwp9s2pbyh5amxlpwr7yc54q8s0kb10fr52w2vfnm"))))
- (build-system cmake-build-system)
- (arguments `(#:tests? #f))
- (native-inputs
- `(("pkg-config" ,pkg-config)))
- (inputs `(("glog" ,glog)
- ("gflags" ,gflags)
- ("libsodium" ,libsodium)
- ("protobuf" ,protobuf)))
- (synopsis "Remote shell that automatically reconnects")
- (description
- "Eternal Terminal (ET) is a remote shell that automatically reconnects
-without interrupting the session. Unlike SSH sessions, ET sessions will
-survive even network outages and IP changes. ET uses a custom protocol over
-TCP, not the SSH protocol.")
- (home-page "https://eternalterminal.dev/")
- (license license:asl2.0)))
-
(define-public dropbear
(package
(name "dropbear")
- (version "2020.80")
+ (version "2020.81")
(source
(origin
(method url-fetch)
"https://matt.ucc.asn.au/dropbear/releases/"
"dropbear-" version ".tar.bz2"))
(sha256
- (base32 "0jbrbpdzyv11x5rkljdimzq9p6a7da5siw9k405ibnpjj4dr89yr"))))
+ (base32 "0fy5ma4cfc2pk25mcccc67b2mf1rnb2c06ilb7ddnxbpnc85s8s8"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ (delete-file-recursively "libtommath")
+ (delete-file-recursively "libtomcrypt")
+ (substitute* "configure"
+ (("-ltomcrypt") "-ltomcrypt -ltommath"))
+ #t))))
(build-system gnu-build-system)
- (arguments `(#:tests? #f)) ; there is no "make check" or anything similar
- ;; TODO: Investigate unbundling libtommath and libtomcrypt or at least
- ;; cherry-picking important bug fixes from them. See <bugs.gnu.org/24674>
- ;; for more information.
- (inputs `(("zlib" ,zlib)))
+ (arguments
+ `(#:configure-flags '("--disable-bundled-libtom")
+ #:tests? #f)) ; there is no "make check" or anything similar
+ (inputs
+ `(("libtomcrypt" ,libtomcrypt)
+ ("libtommath" ,libtommath)
+ ("zlib" ,zlib)))
(synopsis "Small SSH server and client")
(description "Dropbear is a relatively small SSH server and
client. It runs on a variety of POSIX-based platforms. Dropbear is
(substitute* "src/testsuite/login-auth-test"
(("/bin/cat") "cat"))
- #t))))
+ #t))
+ (patches (search-patches "lsh-fix-x11-forwarding.patch"))))
(build-system gnu-build-system)
(native-inputs
- `(("m4" ,m4)
+ `(("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("m4" ,m4)
("guile" ,guile-2.0)
("gperf" ,gperf)
("psmisc" ,psmisc))) ; for `killall'
;; The server (lshd) invokes xauth when X11 forwarding is requested.
;; This adds 24 MiB (or 27%) to the closure of lsh.
- ("xauth" ,xauth)))
+ ("xauth" ,xauth)
+ ("libxau" ,libxau))) ;also required for x11-forwarding
(arguments
'(;; Skip the `configure' test that checks whether /dev/ptmx &
;; co. work as expected, because it relies on impurities (for
;; 'lsh_argp.h' checks HAVE_ARGP_PARSE but nothing
;; defines it.
"CPPFLAGS=-DHAVE_ARGP_PARSE")
-
- ;; FIXME: Tests won't run in a chroot, presumably because
- ;; /etc/profile is missing, and thus clients get an empty $PATH
- ;; and nothing works.
- #:tests? #f
-
#:phases
(modify-phases %standard-phases
+ (add-after 'unpack 'disable-failing-tests
+ (lambda _
+ ;; FIXME: Most tests won't run in a chroot, presumably because
+ ;; /etc/profile is missing, and thus clients get an empty $PATH
+ ;; and nothing works. Run only the subset that passes.
+ (delete-file "configure") ;force rebootstrap
+ (substitute* "src/testsuite/Makefile.am"
+ (("seed-test \\\\") ;prevent trailing slash
+ "seed-test")
+ (("^\t(lsh|daemon|tcpip|socks|lshg|lcp|rapid7|lshd).*test.*")
+ ""))
+ #t))
(add-before 'configure 'pre-configure
(lambda* (#:key inputs #:allow-other-keys)
(let* ((nettle (assoc-ref inputs "nettle"))
(define-public sshpass
(package
(name "sshpass")
- (version "1.06")
- (synopsis "Non-interactive password authentication with SSH")
- (home-page "https://sourceforge.net/projects/sshpass/")
+ (version "1.09")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/sshpass/sshpass/"
version "/sshpass-" version ".tar.gz"))
(sha256
- (base32
- "0q7fblaczb7kwbsz0gdy9267z0sllzgmf0c7z5c9mf88wv74ycn6"))))
+ (base32 "1dwzqknpswa8vjlbwsx9rcq1j2a7px9h9i2anh09pzkz0mg6wx3i"))))
(build-system gnu-build-system)
- (description "sshpass is a tool for non-interactivly performing password
+ (home-page "https://sourceforge.net/projects/sshpass/")
+ (synopsis "Non-interactive password authentication with SSH")
+ (description "sshpass is a tool for non-interactively performing password
authentication with SSH's so-called @dfn{interactive keyboard password
authentication}.")
(license license:gpl2+)))
shell services and remote host selection.")
(license license:gpl2+)))
+(define-public python-asyncssh
+ (package
+ (name "python-asyncssh")
+ (version "2.5.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (pypi-uri "asyncssh" version))
+ (sha256
+ (base32
+ "02xpzir9rmw7b7k07m3f912h6jvy9yzan9yn3ckrmqx2ffpy4r8b"))))
+ (build-system python-build-system)
+ (propagated-inputs
+ `(("python-cryptography" ,python-cryptography)
+ ("python-pyopenssl" ,python-pyopenssl)
+ ("python-gssapi" ,python-gssapi)
+ ("python-bcrypt" ,python-bcrypt)))
+ (native-inputs
+ `(("openssh" ,openssh)
+ ("openssl" ,openssl)))
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'disable-tests
+ (lambda* _
+ (substitute* "tests/test_agent.py"
+ ;; TODO Test fails for unknown reason
+ (("(.+)async def test_confirm" all indent)
+ (string-append indent "@unittest.skip('disabled by guix')\n"
+ indent "async def test_confirm")))
+ #t)))))
+ (home-page "https://asyncssh.readthedocs.io/")
+ (synopsis "Asynchronous SSHv2 client and server library for Python")
+ (description
+ "AsyncSSH is a Python package which provides an asynchronous client and
+server implementation of the SSHv2 protocol on top of the Python 3.6+ asyncio
+framework.")
+ (license license:epl2.0)))
+
(define-public clustershell
(package
(name "clustershell")
single-threaded, standalone C program. It uses @code{poll()} to trap multiple
clients at a time.")
(license license:unlicense)))
+
+(define-public webssh
+ (package
+ (name "webssh")
+ (version "1.5.3")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/huashengdun/webssh")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "1bcy9flrzbvams5p77swwiygv54ac58ia7hpic1bvg30b3wpvv7b"))))
+ (build-system python-build-system)
+ (propagated-inputs
+ `(("python-paramiko" ,python-paramiko)
+ ("python-tornado" ,python-tornado)))
+ (home-page "https://webssh.huashengdun.org/")
+ (synopsis "Web application to be used as an SSH client")
+ (description "This package provides a web application to be used as an SSH
+client.
+
+Features:
+@itemize @bullet
+@item SSH password authentication supported, including empty password.
+@item SSH public-key authentication supported, including DSA RSA ECDSA
+Ed25519 keys.
+@item Encrypted keys supported.
+@item Two-Factor Authentication (time-based one-time password) supported.
+@item Fullscreen terminal supported.
+@item Terminal window resizable.
+@item Auto detect the ssh server's default encoding.
+@item Modern browsers are supported.
+@end itemize")
+ (license license:expat)))
HCoop / jackhill / guix / guix.git / blobdiff