Merge branch 'master' into staging

2 files changed, 322 insertions, 240 deletions

diff --git a/gnu/packages/patches/dropbear-CVE-2018-15599.patch b/gnu/packages/patches/dropbear-CVE-2018-15599.patch
deleted file mode 100644
index a474552cd2..0000000000
--- a/gnu/packages/patches/dropbear-CVE-2018-15599.patch
+++ /dev/null
@@ -1,240 +0,0 @@
-Fix CVE-2018-15599:
-
-http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002108.html
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15599
-
-Patch copied from upstream source repository:
-
-https://github.com/mkj/dropbear/commit/52adbb34c32d3e2e1bcdb941e20a6f81138b8248
-
-From 52adbb34c32d3e2e1bcdb941e20a6f81138b8248 Mon Sep 17 00:00:00 2001
-From: Matt Johnston <matt@ucc.asn.au>
-Date: Thu, 23 Aug 2018 23:43:12 +0800
-Subject: [PATCH] Wait to fail invalid usernames
-
----
- auth.h           |  6 +++---
- svr-auth.c       | 19 +++++--------------
- svr-authpam.c    | 26 ++++++++++++++++++++++----
- svr-authpasswd.c | 27 ++++++++++++++-------------
- svr-authpubkey.c | 11 ++++++++++-
- 5 files changed, 54 insertions(+), 35 deletions(-)
-
-diff --git a/auth.h b/auth.h
-index da498f5b..98f54683 100644
---- a/auth.h
-+++ b/auth.h
-@@ -37,9 +37,9 @@ void recv_msg_userauth_request(void);
- void send_msg_userauth_failure(int partial, int incrfail);
- void send_msg_userauth_success(void);
- void send_msg_userauth_banner(const buffer *msg);
--void svr_auth_password(void);
--void svr_auth_pubkey(void);
--void svr_auth_pam(void);
-+void svr_auth_password(int valid_user);
-+void svr_auth_pubkey(int valid_user);
-+void svr_auth_pam(int valid_user);
- 
- #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT
- int svr_pubkey_allows_agentfwd(void);
-diff --git a/svr-auth.c b/svr-auth.c
-index c19c0901..edde86bc 100644
---- a/svr-auth.c
-+++ b/svr-auth.c
-@@ -149,10 +149,8 @@ void recv_msg_userauth_request() {
- 		if (methodlen == AUTH_METHOD_PASSWORD_LEN &&
- 				strncmp(methodname, AUTH_METHOD_PASSWORD,
- 					AUTH_METHOD_PASSWORD_LEN) == 0) {
--			if (valid_user) {
--				svr_auth_password();
--				goto out;
--			}
-+			svr_auth_password(valid_user);
-+			goto out;
- 		}
- 	}
- #endif
-@@ -164,10 +162,8 @@ void recv_msg_userauth_request() {
- 		if (methodlen == AUTH_METHOD_PASSWORD_LEN &&
- 				strncmp(methodname, AUTH_METHOD_PASSWORD,
- 					AUTH_METHOD_PASSWORD_LEN) == 0) {
--			if (valid_user) {
--				svr_auth_pam();
--				goto out;
--			}
-+			svr_auth_pam(valid_user);
-+			goto out;
- 		}
- 	}
- #endif
-@@ -177,12 +173,7 @@ void recv_msg_userauth_request() {
- 	if (methodlen == AUTH_METHOD_PUBKEY_LEN &&
- 			strncmp(methodname, AUTH_METHOD_PUBKEY,
- 				AUTH_METHOD_PUBKEY_LEN) == 0) {
--		if (valid_user) {
--			svr_auth_pubkey();
--		} else {
--			/* pubkey has no failure delay */
--			send_msg_userauth_failure(0, 0);
--		}
-+		svr_auth_pubkey(valid_user);
- 		goto out;
- 	}
- #endif
-diff --git a/svr-authpam.c b/svr-authpam.c
-index 05e4f3e5..d201bc96 100644
---- a/svr-authpam.c
-+++ b/svr-authpam.c
-@@ -178,13 +178,14 @@ pamConvFunc(int num_msg,
-  * Keyboard interactive would be a lot nicer, but since PAM is synchronous, it
-  * gets very messy trying to send the interactive challenges, and read the
-  * interactive responses, over the network. */
--void svr_auth_pam() {
-+void svr_auth_pam(int valid_user) {
- 
- 	struct UserDataS userData = {NULL, NULL};
- 	struct pam_conv pamConv = {
- 		pamConvFunc,
- 		&userData /* submitted to pamvConvFunc as appdata_ptr */ 
- 	};
-+	const char* printable_user = NULL;
- 
- 	pam_handle_t* pamHandlep = NULL;
- 
-@@ -204,12 +205,23 @@ void svr_auth_pam() {
- 
- 	password = buf_getstring(ses.payload, &passwordlen);
- 
-+	/* We run the PAM conversation regardless of whether the username is valid
-+	in case the conversation function has an inherent delay.
-+	Use ses.authstate.username rather than ses.authstate.pw_name.
-+	After PAM succeeds we then check the valid_user flag too */
-+
- 	/* used to pass data to the PAM conversation function - don't bother with
- 	 * strdup() etc since these are touched only by our own conversation
- 	 * function (above) which takes care of it */
--	userData.user = ses.authstate.pw_name;
-+	userData.user = ses.authstate.username;
- 	userData.passwd = password;
- 
-+	if (ses.authstate.pw_name) {
-+		printable_user = ses.authstate.pw_name;
-+	} else {
-+		printable_user = "<invalid username>";
-+	}
-+
- 	/* Init pam */
- 	if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
- 		dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s", 
-@@ -242,7 +254,7 @@ void svr_auth_pam() {
- 				rc, pam_strerror(pamHandlep, rc));
- 		dropbear_log(LOG_WARNING,
- 				"Bad PAM password attempt for '%s' from %s",
--				ses.authstate.pw_name,
-+				printable_user,
- 				svr_ses.addrstring);
- 		send_msg_userauth_failure(0, 1);
- 		goto cleanup;
-@@ -253,12 +265,18 @@ void svr_auth_pam() {
- 				rc, pam_strerror(pamHandlep, rc));
- 		dropbear_log(LOG_WARNING,
- 				"Bad PAM password attempt for '%s' from %s",
--				ses.authstate.pw_name,
-+				printable_user,
- 				svr_ses.addrstring);
- 		send_msg_userauth_failure(0, 1);
- 		goto cleanup;
- 	}
- 
-+	if (!valid_user) {
-+		/* PAM auth succeeded but the username isn't allowed in for another reason
-+		(checkusername() failed) */
-+		send_msg_userauth_failure(0, 1);
-+	}
-+
- 	/* successful authentication */
- 	dropbear_log(LOG_NOTICE, "PAM password auth succeeded for '%s' from %s",
- 			ses.authstate.pw_name,
-diff --git a/svr-authpasswd.c b/svr-authpasswd.c
-index bdee2aa1..69c7d8af 100644
---- a/svr-authpasswd.c
-+++ b/svr-authpasswd.c
-@@ -48,22 +48,14 @@ static int constant_time_strcmp(const char* a, const char* b) {
- 
- /* Process a password auth request, sending success or failure messages as
-  * appropriate */
--void svr_auth_password() {
-+void svr_auth_password(int valid_user) {
- 	
- 	char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */
- 	char * testcrypt = NULL; /* crypt generated from the user's password sent */
--	char * password;
-+	char * password = NULL;
- 	unsigned int passwordlen;
--
- 	unsigned int changepw;
- 
--	passwdcrypt = ses.authstate.pw_passwd;
--
--#ifdef DEBUG_HACKCRYPT
--	/* debugging crypt for non-root testing with shadows */
--	passwdcrypt = DEBUG_HACKCRYPT;
--#endif
--
- 	/* check if client wants to change password */
- 	changepw = buf_getbool(ses.payload);
- 	if (changepw) {
-@@ -73,12 +65,21 @@ void svr_auth_password() {
- 	}
- 
- 	password = buf_getstring(ses.payload, &passwordlen);
--
--	/* the first bytes of passwdcrypt are the salt */
--	testcrypt = crypt(password, passwdcrypt);
-+	if (valid_user) {
-+		/* the first bytes of passwdcrypt are the salt */
-+		passwdcrypt = ses.authstate.pw_passwd;
-+		testcrypt = crypt(password, passwdcrypt);
-+	}
- 	m_burn(password, passwordlen);
- 	m_free(password);
- 
-+	/* After we have got the payload contents we can exit if the username
-+	is invalid. Invalid users have already been logged. */
-+	if (!valid_user) {
-+		send_msg_userauth_failure(0, 1);
-+		return;
-+	}
-+
- 	if (testcrypt == NULL) {
- 		/* crypt() with an invalid salt like "!!" */
- 		dropbear_log(LOG_WARNING, "User account '%s' is locked",
-diff --git a/svr-authpubkey.c b/svr-authpubkey.c
-index aa6087c9..ff481c87 100644
---- a/svr-authpubkey.c
-+++ b/svr-authpubkey.c
-@@ -79,7 +79,7 @@ static int checkfileperm(char * filename);
- 
- /* process a pubkey auth request, sending success or failure message as
-  * appropriate */
--void svr_auth_pubkey() {
-+void svr_auth_pubkey(int valid_user) {
- 
- 	unsigned char testkey; /* whether we're just checking if a key is usable */
- 	char* algo = NULL; /* pubkey algo */
-@@ -102,6 +102,15 @@ void svr_auth_pubkey() {
- 	keybloblen = buf_getint(ses.payload);
- 	keyblob = buf_getptr(ses.payload, keybloblen);
- 
-+	if (!valid_user) {
-+		/* Return failure once we have read the contents of the packet
-+		required to validate a public key. 
-+		Avoids blind user enumeration though it isn't possible to prevent
-+		testing for user existence if the public key is known */
-+		send_msg_userauth_failure(0, 0);
-+		goto out;
-+	}
-+
- 	/* check if the key is valid */
- 	if (checkpubkey(algo, algolen, keyblob, keybloblen) == DROPBEAR_FAILURE) {
- 		send_msg_userauth_failure(0, 0);
diff --git a/gnu/packages/patches/libgit2-avoid-python.patch b/gnu/packages/patches/libgit2-avoid-python.patch
new file mode 100644
index 0000000000..b2e5141563
--- /dev/null
+++ b/gnu/packages/patches/libgit2-avoid-python.patch
@@ -0,0 +1,322 @@
+This provides a Guile reimplementation of clar's "generate.py".
+It makes it possible for us to remove Python from libgit2's build-time
+dependencies.
+libgit2 is used in order to fetch a lot of sources for guix packages.
+Both Python2 and Python3 builds acted up in the past.
+Hence this patch which makes the number of libgit2 dependencies very
+small.
+The reimplementation tries to keep as close as possible to the original
+in both structure and runtime effect.  Some things are thus overly
+convoluted just to make them the same as in the original.
+
+Both implementations basically do:
+
+grep -r 'test_.*__.*' . > clar.suite
+
+It is important that the directory traversal order of the original and
+the reimplementation stay the same.
+
+diff -ruN orig/libgit2-0.27.7/tests/CMakeLists.txt libgit2-0.27.7/tests/CMakeLists.txt
+--- orig/libgit2-0.27.7/tests/CMakeLists.txt	1970-01-01 01:00:00.000000000 +0100
++++ libgit2-0.27.7/tests/CMakeLists.txt	2019-03-04 11:13:06.640118979 +0100
+@@ -1,10 +1,3 @@
+-FIND_PACKAGE(PythonInterp)
+-
+-IF(NOT PYTHONINTERP_FOUND)
+-  MESSAGE(FATAL_ERROR "Could not find a python interpeter, which is needed to build the tests. "
+-    "Make sure python is available, or pass -DBUILD_CLAR=OFF to skip building the tests")
+-ENDIF()
+-
+ SET(CLAR_FIXTURES "${CMAKE_CURRENT_SOURCE_DIR}/resources/")
+ SET(CLAR_PATH "${CMAKE_CURRENT_SOURCE_DIR}")
+ ADD_DEFINITIONS(-DCLAR_FIXTURE_PATH=\"${CLAR_FIXTURES}\")
+@@ -21,7 +14,7 @@
+ 
+ ADD_CUSTOM_COMMAND(
+ 	OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/clar.suite
+-	COMMAND ${PYTHON_EXECUTABLE} generate.py -o "${CMAKE_CURRENT_BINARY_DIR}" -f -xonline -xstress -xperf .
++	COMMAND guile generate.scm -o "${CMAKE_CURRENT_BINARY_DIR}" -f -x online -x stress -x perf .
+ 	DEPENDS ${SRC_TEST}
+ 	WORKING_DIRECTORY ${CLAR_PATH}
+ )
+diff -ruN orig/libgit2-0.27.7/tests/generate.scm libgit2-0.27.7/tests/generate.scm
+--- orig/libgit2-0.27.7/tests/generate.scm	1970-01-01 01:00:00.000000000 +0100
++++ libgit2-0.27.7/tests/generate.scm	2019-03-04 12:18:00.688040975 +0100
+@@ -0,0 +1,277 @@
++;; -*- geiser-scheme-implementation: guile -*-
++
++;;; Implementation: Danny Milosavljevic <dannym@scratchpost.org>
++;;; Based on: Implementation in Python by Vicent Marti.
++;;; License: ISC, like the original generate.py in clar.
++
++(use-modules (ice-9 ftw))
++(use-modules (ice-9 regex))
++(use-modules (ice-9 getopt-long))
++(use-modules (ice-9 rdelim))
++(use-modules (ice-9 match))
++(use-modules (ice-9 textual-ports))
++(use-modules (srfi srfi-1))
++
++(define (render-callback cb)
++  (if cb
++      (string-append "    { \"" (assoc-ref cb "short-name") "\", &"
++                     (assoc-ref cb "symbol") " }")
++      "    { NULL, NULL }"))
++
++(define (replace needle replacement haystack)
++  "Replace all occurences of NEEDLE in HAYSTACK by REPLACEMENT.
++NEEDLE is a regular expression."
++  (regexp-substitute/global #f needle haystack 'pre replacement 'post))
++
++(define (skip-comments* text)
++  (call-with-input-string
++   text
++   (lambda (port)
++     (let loop ((result '())
++                (section #f))
++       (define (consume-char)
++         (cons (read-char port) result))
++       (define (skip-char)
++         (read-char port)
++         result)
++       (match section
++        (#f
++         (match (peek-char port)
++          (#\/ (loop (consume-char) 'almost-in-block-comment))
++          (#\" (loop (consume-char) 'in-string-literal))
++          (#\' (loop (consume-char) 'in-character-literal))
++          ((? eof-object?) result)
++          (_ (loop (consume-char) section))))
++        ('almost-in-block-comment
++         (match (peek-char port)
++          (#\* (loop (consume-char) 'in-block-comment))
++          (#\/ (loop (consume-char) 'in-line-comment))
++          ((? eof-object?) result)
++          (_ (loop (consume-char) #f))))
++        ('in-line-comment
++         (match (peek-char port)
++          (#\newline (loop (consume-char) #f))
++          ((? eof-object?) result)
++          (_ (loop (skip-char) section))))
++        ('in-block-comment
++         (match (peek-char port)
++           (#\* (loop (skip-char) 'almost-out-of-block-comment))
++           ((? eof-object?) result)
++           (_ (loop (skip-char) section))))
++        ('almost-out-of-block-comment
++         (match (peek-char port)
++           (#\/ (loop (cons (read-char port) (cons #\* result)) #f))
++           (#\* (loop (skip-char) 'almost-out-of-block-comment))
++           ((? eof-object?) result)
++           (_ (loop (skip-char) 'in-block-comment))))
++        ('in-string-literal
++         (match (peek-char port)
++           (#\\ (loop (consume-char) 'in-string-literal-escape))
++           (#\" (loop (consume-char) #f))
++           ((? eof-object?) result)
++           (_ (loop (consume-char) section))))
++        ('in-string-literal-escape
++         (match (peek-char port)
++           ((? eof-object?) result)
++           (_ (loop (consume-char) 'in-string-literal))))
++        ('in-character-literal
++         (match (peek-char port)
++           (#\\ (loop (consume-char) 'in-character-literal-escape))
++           (#\' (loop (consume-char) #f))
++           ((? eof-object?) result)
++           (_ (loop (consume-char) section))))
++        ('in-character-literal-escape
++         (match (peek-char port)
++           ((? eof-object?) result)
++           (_ (loop (consume-char) 'in-character-literal)))))))))
++
++(define (skip-comments text)
++  (list->string (reverse (skip-comments* text))))
++
++(define (maybe-only items)
++  (match items
++   ((a) a)
++   (_ #f)))
++
++(define (Module name path excludes)
++  (let* ((clean-name (replace "_" "::" name))
++         (enabled (not (any (lambda (exclude)
++                              (string-prefix? exclude clean-name))
++                            excludes))))
++    (define (parse contents)
++      (define (cons-match match prev)
++        (cons
++         `(("declaration" . ,(match:substring match 1))
++           ("symbol" . ,(match:substring match 2))
++           ("short-name" . ,(match:substring match 3)))
++         prev))
++      (let* ((contents (skip-comments contents))
++             (entries (fold-matches (make-regexp
++                                     (string-append "^(void\\s+(test_"
++                                                    name
++                                                    "__(\\w+))\\s*\\(\\s*void\\s*\\))\\s*\\{")
++                                     regexp/newline)
++                                    contents
++                                    '()
++                                    cons-match))
++             (entries (reverse entries))
++             (callbacks (filter (lambda (entry)
++                                   (match (assoc-ref entry "short-name")
++                                    ("initialize" #f)
++                                    ("cleanup" #f)
++                                    (_ #t)))
++                                entries)))
++        (if (> (length callbacks) 0)
++            `(("name" . ,name)
++              ("enabled" . ,(if enabled "1" "0"))
++              ("clean-name" . ,clean-name)
++              ("initialize" . ,(maybe-only (filter-map (lambda (entry)
++                                                      (match (assoc-ref entry "short-name")
++                                                       ("initialize" entry)
++                                                       (_ #f)))
++                                                     entries)))
++              ("cleanup" . ,(maybe-only (filter-map (lambda (entry)
++                                                   (match (assoc-ref entry "short-name")
++                                                    ("cleanup" entry)
++                                                    (_ #f)))
++                                                  entries)))
++              ("callbacks" . ,callbacks))
++            #f)))
++
++    (define (refresh path)
++      (and (file-exists? path)
++           (parse (call-with-input-file path get-string-all))))
++    (refresh path)))
++
++(define (generate-TestSuite path output excludes)
++    (define (load)
++        (define enter? (const #t))
++        (define (leaf file stat result)
++          (let* ((module-root (string-drop (dirname file)
++                                           (string-length path)))
++                 (module-root (filter-map (match-lambda
++                                           ("" #f)
++                                           (a a))
++                                          (string-split module-root #\/))))
++            (define (make-module path)
++              (let* ((name (string-join (append module-root (list (string-drop-right (basename path) (string-length ".c")))) "_"))
++                     (name (replace "-" "_" name)))
++                (Module name path excludes)))
++            (if (string-suffix? ".c" file)
++                (let ((module (make-module file)))
++                  (if module
++                      (cons module result)
++                      result))
++                result)))
++        (define (down dir stat result)
++          result)
++        (define (up file state result)
++          result)
++        (define skip (const #f))
++        (file-system-fold enter? leaf down up skip error '() path))
++
++    (define (CallbacksTemplate module)
++      (string-append "static const struct clar_func _clar_cb_"
++                     (assoc-ref module "name") "[] = {\n"
++                     (string-join (map render-callback
++                                       (assoc-ref module "callbacks"))
++                                  ",\n")
++                     "\n};\n"))
++
++    (define (DeclarationTemplate module)
++      (string-append (string-join (map (lambda (cb)
++                                         (string-append "extern "
++                                                        (assoc-ref cb "declaration")
++                                                        ";"))
++                                       (assoc-ref module "callbacks"))
++                                  "\n")
++                     "\n"
++                     (if (assoc-ref module "initialize")
++                         (string-append "extern " (assoc-ref (assoc-ref module "initialize") "declaration") ";\n")
++                         "")
++                     (if (assoc-ref module "cleanup")
++                         (string-append "extern " (assoc-ref (assoc-ref module "cleanup") "declaration") ";\n")
++                         "")))
++
++    (define (InfoTemplate module)
++      (string-append "
++    {
++        \"" (assoc-ref module "clean-name") "\",
++    " (render-callback (assoc-ref module "initialize")) ",
++    " (render-callback (assoc-ref module "cleanup")) ",
++        _clar_cb_" (assoc-ref module "name") ", "
++        (number->string (length (assoc-ref module "callbacks")))
++        ", " (assoc-ref module "enabled") "
++    }"))
++
++    (define (Write data)
++      (define (name< module-a module-b)
++        (string<? (assoc-ref module-a "name")
++                  (assoc-ref module-b "name")))
++      (define modules (sort (load) name<))
++
++      (define (suite-count)
++        (length modules))
++
++      (define (callback-count)
++        (fold + 0 (map (lambda (entry)
++                         (length (assoc-ref entry "callbacks")))
++                         modules)))
++
++      (define (display-x value)
++        (display value data))
++
++      (for-each (compose display-x DeclarationTemplate) modules)
++      (for-each (compose display-x CallbacksTemplate) modules)
++
++      (display-x "static struct clar_suite _clar_suites[] = {")
++      (display-x (string-join (map InfoTemplate modules) ","))
++      (display-x "\n};\n")
++
++      (let ((suite-count-str (number->string (suite-count)))
++            (callback-count-str (number->string (callback-count))))
++        (display-x "static const size_t _clar_suite_count = ")
++        (display-x suite-count-str)
++        (display-x ";\n")
++
++        (display-x "static const size_t _clar_callback_count = ")
++        (display-x callback-count-str)
++        (display-x ";\n")
++
++        (display (string-append "Written `clar.suite` ("
++                                callback-count-str
++                                " tests in "
++                                suite-count-str
++                                " suites)"))
++        (newline))
++      #t)
++
++    (call-with-output-file (string-append output "/clar.suite") Write))
++
++;;; main
++
++(define (main)
++  (define option-spec
++    '((force (single-char #\f) (value #f))
++      (exclude (single-char #\x) (value #t))
++      (output (single-char #\o) (value #t))
++      (help  (single-char #\h) (value #f))))
++
++  (define options (getopt-long (command-line) option-spec #:stop-at-first-non-option #t))
++  (define args (reverse (option-ref options '() '())))
++  (when (> (length args) 1)
++    (display "More than one path given\n")
++    (exit 1))
++
++  (if (< (length args) 1)
++      (set! args '(".")))
++
++  (let* ((path (car args))
++         (output (option-ref options 'output path))
++         (excluded (filter-map (match-lambda
++                                (('exclude . value) value)
++                                (_ #f))
++                               options)))
++    (generate-TestSuite path output excluded)))
++
++(main)