;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
-;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
-;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2015, 2016, 2018 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016, 2019 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Nicolas Goaziou <mail@nicolasgoaziou.fr>
;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
-;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Stefan Reichör <stefan@xsteve.at>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
-;;; Copyright © 2017 Nils Gillmann <ng0@n0.is>
+;;; Copyright © 2017 ng0 <ng0@n0.is>
+;;; Copyright © 2018 Manuel Graf <graf@init.at>
+;;; Copyright © 2019 Gábor Boskovits <boskovits@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
#:use-module (gnu packages gperf)
#:use-module (gnu packages groff)
#:use-module (gnu packages guile)
+ #:use-module (gnu packages libedit)
#:use-module (gnu packages linux)
#:use-module (gnu packages logging)
#:use-module (gnu packages m4)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages popt)
#:autoload (gnu packages protobuf) (protobuf)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages python-xyz)
#:use-module (gnu packages readline)
#:use-module (gnu packages texinfo)
#:use-module (gnu packages tls)
#:use-module (gnu packages xorg)
#:use-module (guix build-system cmake)
#:use-module (guix build-system gnu)
+ #:use-module (guix build-system python)
#:use-module (guix download)
#:use-module (guix git-download)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (srfi srfi-1))
(define-public libssh
- ;; This commit from the 'v0-7' branch contains 7 memory-management-related
- ;; bug fixes that we'd rather have.
- (let ((commit "239d0f75b5f909174c2ef7fb08d23bcfa6b20ba0")
- (revision "0"))
- (package
- (name "libssh")
- (version (git-version "0.7.5" revision commit))
- (source (origin
- (method git-fetch)
- (uri (git-reference
- (url "https://git.libssh.org/projects/libssh.git")
- (commit commit)))
- (sha256
- (base32
- "01w72w1jsgs9ilj3n1gp6qkmdxr9n74i5h2nipi3x1vzm7bv8na1"))
- (patches (search-patches "libssh-hostname-parser-bug.patch"))
- (file-name (git-file-name name version))))
- (build-system cmake-build-system)
- (outputs '("out" "debug"))
- (arguments
- '(#:configure-flags '("-DWITH_GCRYPT=ON")
-
- ;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite.
- #:tests? #f))
- (inputs `(("zlib" ,zlib)
- ("libgcrypt" ,libgcrypt)))
- (synopsis "SSH client library")
- (description
- "libssh is a C library implementing the SSHv2 and SSHv1 protocol for
-client and server implementations. With libssh, you can remotely execute
-programs, transfer files, and use a secure and transparent tunnel for your
-remote applications.")
- (home-page "https://www.libssh.org")
- (license license:lgpl2.1+))))
+ (package
+ (name "libssh")
+ (version "0.8.7")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://git.libssh.org/projects/libssh.git")
+ (commit (string-append "libssh-" version))))
+ (sha256
+ (base32
+ "1iqik1ba0g008k1mb1n85iih1azi7giy0c485jnlmsrjxik4q3j2"))
+ (file-name (git-file-name name version))))
+ (build-system cmake-build-system)
+ (outputs '("out" "debug"))
+ (arguments
+ '(#:configure-flags '("-DWITH_GCRYPT=ON")
+
+ #:phases (modify-phases %standard-phases
+ (add-before 'configure 'avoid-werror
+ (lambda _
+ ;; Avoid '-Werror'. Presumably this works fine with
+ ;; gcc@8 on x86_64 but leads to errors with our older
+ ;; compiler.
+ (substitute* "CompilerChecks.cmake"
+ (("-Werror=") "-W"))
+ #t)))
+
+ ;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite.
+ #:tests? #f))
+ (inputs `(("zlib" ,zlib)
+ ("libgcrypt" ,libgcrypt)))
+ (synopsis "SSH client library")
+ (description
+ "libssh is a C library implementing the SSHv2 and SSHv1 protocol for client
+and server implementations. With libssh, you can remotely execute programs,
+transfer files, and use a secure and transparent tunnel for your remote
+applications.")
+ (home-page "https://www.libssh.org")
+ (license license:lgpl2.1+)))
(define-public libssh2
(package
(name "libssh2")
- (version "1.8.0")
+ (version "1.8.1")
(source (origin
(method url-fetch)
(uri (string-append
version ".tar.gz"))
(sha256
(base32
- "1m3n8spv79qhjq4yi0wgly5s5rc8783jb1pyra9bkx1md0plxwrr"))
+ "0ngif3ynk6xqzy5nlfjs7bsmfm81g9f145av0z86kf0vbgrigda0"))
(patches
(search-patches "libssh2-fix-build-failure-with-gcrypt.patch"))))
(build-system gnu-build-system)
(propagated-inputs `(("libgcrypt" ,libgcrypt)
("zlib" ,zlib)))
(arguments `(#:configure-flags `("--with-libgcrypt")
- #:phases
- ;; FIXME: In the next core-updates cycle, replace the entire
- ;; following ,(...) form with its first 'modify-phases'
- ;; subform. The change made here is only strictly needed on
- ;; MIPS, but should work on any system. For now, we apply it
- ;; only to MIPS to avoid forcing thousands of rebuilds on
- ;; other systems.
- ,(if (string-prefix? "mips" (or (%current-target-system)
- (%current-system)))
- '(modify-phases %standard-phases
- (replace 'bootstrap
- (lambda _
- (invoke "autoreconf" "-v"))))
- '(modify-phases %standard-phases
- (add-before 'configure 'autoreconf
- (lambda _
- (invoke "autoreconf" "-v")))))))
+ #:phases (modify-phases %standard-phases
+ (replace 'bootstrap
+ (lambda _
+ (invoke "autoreconf" "-v"))))))
(native-inputs `(("autoconf" ,autoconf)
("automake" ,automake)))
(synopsis "Client-side C library implementing the SSH2 protocol")
into an application to perform many different tasks when communicating with
a server that supports the SSH-2 protocol.")
(license license:bsd-3)
- (home-page "http://www.libssh2.org/")))
+ (home-page "https://www.libssh2.org/")))
(define-public openssh
(package
(name "openssh")
- (version "7.7p1")
+ (version "7.9p1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://openbsd/OpenSSH/portable/"
name "-" version ".tar.gz"))
+ (patches (search-patches "openssh-CVE-2018-20685.patch"))
(sha256
(base32
- "13vbbrvj3mmfhj83qyrg5c0ipr6bzw5s65dy4k8gr7p9hkkfffyp"))))
+ "1b8sy6v0b8v4ggmknwcqx3y1rjcpsll0f1f8f4vyv11x4ni3njvb"))))
(build-system gnu-build-system)
- (native-inputs `(("groff" ,groff)))
- (inputs `(("openssl" ,openssl)
+ (native-inputs `(("groff" ,groff)
+ ("pkg-config" ,pkg-config)))
+ (inputs `(("libedit" ,libedit)
+ ("openssl" ,openssl)
("pam" ,linux-pam)
("mit-krb5" ,mit-krb5)
("zlib" ,zlib)
(assoc-ref %build-inputs "mit-krb5")
"/bin")
+ ;; libedit needed for sftp completion
+ "--with-libedit"
+
;; Enable PAM support in sshd.
"--with-pam")
Additionally, various channel-specific options can be negotiated.")
(license (license:non-copyleft "file://LICENSE"
"See LICENSE in the distribution."))
- (home-page "http://www.openssh.org/")))
+ (home-page "https://www.openssh.com/")))
(define-public guile-ssh
(package
(name "guile-ssh")
- (version "0.11.2")
+ (version "0.11.3")
(home-page "https://github.com/artyom-poptsov/guile-ssh")
(source (origin
- ;; ftp://memory-heap.org/software/guile-ssh/guile-ssh-VERSION.tar.gz
- ;; exists, but the server appears to be too slow and unreliable.
- ;; Also, using this URL allows the GitHub updater to work.
- (method url-fetch)
- (uri (string-append home-page "/archive/v"
- version ".tar.gz"))
+ (method git-fetch)
+ (uri (git-reference
+ (url home-page)
+ (commit (string-append "v" version))))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "1w0k5s09xj5xycb7lbp5b7rm0xncclms3jwl98lwj8fxwngi1s90"))))
+ "03bv3hwp2s8f0bqgfjaan9jx4dyab0abv27n2zn2g0izlidv0vl6"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; libssh >= 0.8.0 no longer provides libssh_threads: see
+ ;; <https://github.com/artyom-poptsov/guile-ssh/issues/9>.
+ (substitute* "libguile-ssh/Makefile.am"
+ (("-lssh_threads") ""))
+
+ ;; This test would wrongfully pick DSS keys when running on
+ ;; libssh >= 0.8.0, which fails:
+ ;; <https://github.com/artyom-poptsov/guile-ssh/issues/10>.
+ (substitute* "tests/server.scm"
+ (("= %libssh-minor-version 7")
+ ">= %libssh-minor-version 7"))
+ #t))))
(build-system gnu-build-system)
(outputs '("out" "debug"))
(arguments
- '(#:phases (modify-phases %standard-phases
+ '(;; It makes no sense to build libguile-ssh.a.
+ #:configure-flags '("--disable-static")
+
+ #:phases (modify-phases %standard-phases
(add-after 'unpack 'autoreconf
(lambda* (#:key inputs #:allow-other-keys)
(invoke "autoreconf" "-vfi")))
(uri (string-append
"https://matt.ucc.asn.au/" name "/releases/"
name "-" version ".tar.bz2"))
+ (patches (search-patches "dropbear-CVE-2018-15599.patch"))
(sha256
(base32
"0rgavbzw7jrs5wslxm0dnwx2m409yzxd9hazd92r7kx8xikr3yzj"))))
(build-system gnu-build-system)
(arguments `(#:tests? #f)) ; there is no "make check" or anything similar
+ ;; TODO: Investigate unbundling libtommath and libtomcrypt or at least
+ ;; cherry-picking important bug fixes from them. See <bugs.gnu.org/24674>
+ ;; for more information.
(inputs `(("zlib" ,zlib)))
(synopsis "Small SSH server and client")
(description "Dropbear is a relatively small SSH server and
(define-public autossh
(package
(name "autossh")
- (version "1.4f")
+ (version "1.4g")
(source
(origin
(method url-fetch)
(uri (string-append
- "http://www.harding.motd.ca/autossh/autossh-"
+ "https://www.harding.motd.ca/autossh/autossh-"
version ".tgz"))
(sha256
- (base32 "1wpqwa2872nqgqbhnb6nnkrlzpdawd5k69gh1qp68354pvhyawh1"))))
+ (base32 "0xqjw8df68f4kzkns5gcah61s5wk0m44qdk2z1d6388w6viwxhsz"))))
(build-system gnu-build-system)
(arguments `(#:tests? #f)) ; There is no "make check" or anything similar
(inputs `(("openssh" ,openssh)))
(synopsis "Automatically restart SSH sessions and tunnels")
(description "autossh is a program to start a copy of @command{ssh} and
monitor it, restarting it as necessary should it die or stop passing traffic.")
- (home-page "http://www.harding.motd.ca/autossh/")
+ (home-page "https://www.harding.motd.ca/autossh/")
(license
;; Why point to a source file? Well, all the individual files have a
;; copy of this license in their headers, but there's no separate file
dynamically loadable modules for extended functionality such as new remote
shell services and remote host selection.")
(license license:gpl2+)))
+
+(define-public clustershell
+ (package
+ (name "clustershell")
+ (version "1.8")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/cea-hpc/clustershell/archive/v"
+ version
+ ".tar.gz"))
+ (sha256
+ (base32 "1qyf6zp5ikk8rk7zvx5ssbgr9si2bqv3a3415590kd07s7i16nmd"))
+ (file-name (string-append name "-" version ".tar.gz"))))
+ (build-system python-build-system)
+ (inputs `(("openssh" ,openssh)))
+ (propagated-inputs `(("python-pyyaml" ,python-pyyaml)))
+ (arguments
+ `(#:phases (modify-phases %standard-phases
+ (add-before 'build 'record-openssh-file-name
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((ssh (assoc-ref inputs "openssh")))
+ (substitute* "lib/ClusterShell/Worker/Ssh.py"
+ (("info\\(\"ssh_path\"\\) or \"ssh\"")
+ (string-append "info(\"ssh_path\") or \""
+ ssh "/bin/ssh\"")))
+ #t))))))
+ (home-page "https://cea-hpc.github.io/clustershell/")
+ (synopsis "Scalable event-driven Python framework for cluster administration")
+ (description
+ "ClusterShell is an event-driven Python framework, designed to run local
+or distant commands in parallel on server farms or on large GNU/Linux
+clusters. It will take care of common issues encountered on HPC clusters,
+such as operating on groups of nodes, running distributed commands using
+optimized execution algorithms, as well as gathering results and merging
+identical outputs, or retrieving return codes. ClusterShell takes advantage
+of existing remote shell facilities such as SSH.")
+ (license license:lgpl2.1+)))