;;; Copyright © 2012, 2013 Nikita Karetnikov <nikita@karetnikov.org>
;;; Copyright © 2012, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2017 Alex Vong <alexvong1995@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
#:use-module (gnu packages bison)
+ #:use-module (gnu packages dbm)
#:use-module (gnu packages perl)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gnupg)
#:use-module (gnu packages linux)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages compression)
- #:use-module (gnu packages databases)
#:use-module (gnu packages readline)
+ #:use-module (gnu packages sqlite)
#:use-module (gnu packages texinfo)
#:use-module (gnu packages tls)
#:use-module ((guix licenses) #:prefix license:)
(define-public mit-krb5
(package
(name "mit-krb5")
- (version "1.16")
+ (version "1.17")
(source (origin
(method url-fetch)
(uri (list
"/krb5-" version ".tar.gz")))
(sha256
(base32
- "024yjr15ij0qdnay0bcqfpclgfri0qa8iw4r5zdlryxhhdgi5szs"))))
+ "1xc1ly09697b7g2vngvx76szjqy9769kpgn27lnp1r9xln224vjs"))))
(build-system gnu-build-system)
(native-inputs
`(("bison" ,bison)
(build-system gnu-build-system)
(arguments
'(;; This is required since we patch some of the build scripts.
- ;; Remove for the next Shishi release after 1.0.2 or when
- ;; removing 'shishi-fix-libgcrypt-detection.patch'.
- #:configure-flags '("ac_cv_libgcrypt=yes")))
+ ;; Remove first two items for the next Shishi release after 1.0.2 or
+ ;; when removing 'shishi-fix-libgcrypt-detection.patch'.
+ #:configure-flags
+ '("ac_cv_libgcrypt=yes" "--disable-static"
+ "--with-key-dir=/etc/shishi" "--with-db-dir=/var/shishi")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'configure 'disable-automatic-key-generation
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* "Makefile"
+ (("^install-data-hook:")
+ "install-data-hook:\nx:\n"))
+ #t)))))
(native-inputs `(("pkg-config" ,pkg-config)))
(inputs
`(("gnutls" ,gnutls)
(description
"GNU Shishi is a free implementation of the Kerberos 5 network security
system. It is used to allow non-secure network nodes to communicate in a
-secure manner through client-server mutual authentication via tickets.")
+secure manner through client-server mutual authentication via tickets.
+
+After installation, the system administrator should generate keys using
+@code{shisa -a /etc/shishi/shishi.keys}.")
(license license:gpl3+)))
(define-public heimdal
(package
(name "heimdal")
- (version "1.5.3")
+ (version "7.5.0")
(source (origin
(method url-fetch)
- (uri (string-append "http://www.h5l.org/dist/src/heimdal-"
- version ".tar.gz"))
+ (uri (string-append
+ "https://github.com/heimdal/heimdal/releases/download/"
+ "heimdal-" version "/" "heimdal-" version ".tar.gz"))
(sha256
(base32
- "19gypf9vzfrs2bw231qljfl4cqc1riyg0ai0xmm1nd1wngnpphma"))
- (patches (search-patches "heimdal-CVE-2017-6594.patch"
- "heimdal-CVE-2017-11103.patch"))
+ "1bdc682in55ygrxmhncs7cf4s239apcblci3z8i80wnc1w1s18n5"))
(modules '((guix build utils)))
(snippet
'(begin
(substitute* "configure"
(("User=.*$") "User=Guix\n")
+ (("Host=.*$") "Host=GNU")
(("Date=.*$") "Date=2017\n"))
#t))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags (list
- ;; Work around a linker error.
- "CFLAGS=-pthread"
-
;; Avoid 7 MiB of .a files.
"--disable-static"
(assoc-ref %build-inputs "readline") "/lib")
(string-append
"--with-readline-include="
- (assoc-ref %build-inputs "readline") "/include"))
+ (assoc-ref %build-inputs "readline") "/include")
+
+ ;; Do not build sqlite.
+ (string-append
+ "--with-sqlite3="
+ (assoc-ref %build-inputs "sqlite")))
#:phases (modify-phases %standard-phases
- (add-before 'check 'skip-tests
+ (add-before 'configure 'pre-configure
(lambda _
- ;; The test simply runs 'ftp --version && ftp --help'
- ;; but that fails in the chroot because 'ftp' tries to
- ;; do a service lookup before printing the help/version.
- (substitute* "appl/ftp/ftp/Makefile.in"
- (("^CHECK_LOCAL =.*")
- "CHECK_LOCAL = no-check-local\n"))
- #t)))))
- (native-inputs `(("e2fsprogs" ,e2fsprogs))) ;for 'compile_et'
+ (substitute* '("appl/afsutil/pagsh.c"
+ "tools/Makefile.in")
+ (("/bin/sh") (which "sh")))
+ #t))
+ (add-before 'check 'pre-check
+ (lambda _
+ ;; For 'getxxyyy-test'.
+ (setenv "USER" (passwd:name (getpwuid (getuid))))
+
+ ;; Skip 'db' and 'kdc' tests for now.
+ ;; FIXME: figure out why 'kdc' tests fail.
+ (with-output-to-file "tests/db/have-db.in"
+ (lambda ()
+ (format #t "#!~a~%exit 1~%" (which "sh"))))
+ #t)))
+ ;; Tests fail when run in parallel.
+ #:parallel-tests? #f))
+ (native-inputs `(("e2fsprogs" ,e2fsprogs) ;for 'compile_et'
+ ("texinfo" ,texinfo)
+ ("unzip" ,unzip))) ;for tests
(inputs `(("readline" ,readline)
("bdb" ,bdb)
- ("e2fsprogs" ,e2fsprogs))) ;for libcom_err
+ ("e2fsprogs" ,e2fsprogs) ;for libcom_err
+ ("sqlite" ,sqlite)))
(home-page "http://www.h5l.org/")
(synopsis "Kerberos 5 network authentication")
(description
HCoop / jackhill / guix / guix.git / blobdiff