From befbaebf72d43ac71404065551dc613d6e5a303b Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sat, 22 Apr 2017 01:18:07 +0200 Subject: gnu: Add guile2.2-ssh. * gnu/packages/ssh.scm (guile2.2-ssh): New variable. --- gnu/packages/ssh.scm | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 9c18a7ab39..135083ad22 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -52,7 +52,8 @@ #:use-module (guix download) #:use-module (guix git-download) #:use-module ((guix licenses) #:prefix license:) - #:use-module (guix packages)) + #:use-module (guix packages) + #:use-module (srfi srfi-1)) (define-public libssh (package @@ -265,6 +266,27 @@ programs written in GNU Guile interpreter. It is a wrapper to the underlying libssh library.") (license license:gpl3+))) +(define-public guile2.2-ssh + ;; This is a snapshot of a unofficial copy of Guile-SSH, which hopefully + ;; reflects the upcoming release well enough. + (let ((commit "926a0843626f89e3db02d01a6b01cc1f0d9cefcf") + (revision "0")) + (package + (inherit guile-ssh) + (name "guile2.2-ssh") + (version (string-append "0.10.2." revision "." (string-take commit 7))) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://notabug.org/civodul/guile-ssh/") + (commit commit))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "0hf28macq8d1w05g0xy2lw1s5vzmcrixh7m43x7qvvdd31c998ip")))) + (inputs `(("guile" ,guile-2.2) + ,@(alist-delete "guile" (package-inputs guile-ssh))))))) + (define-public corkscrew (package (name "corkscrew") -- cgit 1.4.1 From 7d3373a063ecca77b3468ee4c5396cf4179adffb Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Mon, 1 May 2017 02:06:27 -0400 Subject: gnu: openssh: groff is a native-input. * gnu/packages/ssh.scm (openssh)[inputs]: Move groff ... [native-inputs]: ... here. --- gnu/packages/ssh.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 135083ad22..2a190a57d8 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -135,8 +135,8 @@ a server that supports the SSH-2 protocol.") (sha256 (base32 "1w7rb5gbrikxdkp8w7zxnci4549gk4bw1lml01s59w5rzb2y6ilq")))) (build-system gnu-build-system) - (inputs `(("groff" ,groff) - ("openssl" ,openssl) + (native-inputs `(("groff" ,groff))) + (inputs `(("openssl" ,openssl) ("pam" ,linux-pam) ("mit-krb5" ,mit-krb5) ("zlib" ,zlib) -- cgit 1.4.1 From ff39342c2225bbe4cdc0397fc081327e27de091f Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 8 May 2017 17:43:32 +0200 Subject: gnu: guile2.2-ssh: Update snapshot. * gnu/packages/ssh.scm (guile2.2-ssh): Update to commit ca717e9. [source]: Change URL to upstream's. --- gnu/packages/ssh.scm | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 2a190a57d8..2e4f057667 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -267,10 +267,9 @@ libssh library.") (license license:gpl3+))) (define-public guile2.2-ssh - ;; This is a snapshot of a unofficial copy of Guile-SSH, which hopefully - ;; reflects the upcoming release well enough. - (let ((commit "926a0843626f89e3db02d01a6b01cc1f0d9cefcf") - (revision "0")) + ;; Snapshot of Guile-SSH that works with Guile 2.2. + (let ((commit "ca717e9d1ffd172c4f20fdd6c7caba050f1f2ba9") + (revision "1")) (package (inherit guile-ssh) (name "guile2.2-ssh") @@ -278,12 +277,12 @@ libssh library.") (source (origin (method git-fetch) (uri (git-reference - (url "https://notabug.org/civodul/guile-ssh/") + (url (package-home-page guile-ssh)) (commit commit))) (file-name (git-file-name name version)) (sha256 (base32 - "0hf28macq8d1w05g0xy2lw1s5vzmcrixh7m43x7qvvdd31c998ip")))) + "1r7f10z6pc6sgbaqnrcccklqydnxi68nybz700skfn3ln5jlbygi")))) (inputs `(("guile" ,guile-2.2) ,@(alist-delete "guile" (package-inputs guile-ssh))))))) -- cgit 1.4.1 From 75c260ba5ae7baec44d2b5bf6ae57734eeebcd2f Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 9 May 2017 16:06:11 +0200 Subject: gnu: guile-ssh: Update to 0.11.0. * gnu/packages/ssh.scm (guile-ssh): Update to 0.11.0. [source]: Add 'modules' and 'snippet'. (guile2.2-ssh)[version, source]: Remove. --- gnu/packages/ssh.scm | 36 ++++++++++++++++-------------------- 1 file changed, 16 insertions(+), 20 deletions(-) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 2e4f057667..4590f3561c 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -213,7 +213,7 @@ Additionally, various channel-specific options can be negotiated.") (define-public guile-ssh (package (name "guile-ssh") - (version "0.10.2") + (version "0.11.0") (home-page "https://github.com/artyom-poptsov/guile-ssh") (source (origin ;; ftp://memory-heap.org/software/guile-ssh/guile-ssh-VERSION.tar.gz @@ -225,7 +225,16 @@ Additionally, various channel-specific options can be negotiated.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "0pkiq3fm15pr4w1r420rrwwfmi4jz492r6l6vzjk6v73xlyfyfl3")))) + "0r261i8kc3avbmbwgyzak2vnqwssjlgz37g2y2fwm80w9bmn2m7j")) + (modules '((guix build utils))) + (snippet + ;; 'configure.ac' mistakenly tries to link files from examples/ + ;; that are not instantiated yet. Work around it. + '(substitute* "configure.ac" + (("AC_CONFIG_LINKS\\(\\[examples/([^:]+):.*" _ file) + (string-append "AC_CONFIG_FILES([examples/" file + "], [chmod +x examples/" + file "])\n")))))) (build-system gnu-build-system) (arguments '(#:phases (modify-phases %standard-phases @@ -267,24 +276,11 @@ libssh library.") (license license:gpl3+))) (define-public guile2.2-ssh - ;; Snapshot of Guile-SSH that works with Guile 2.2. - (let ((commit "ca717e9d1ffd172c4f20fdd6c7caba050f1f2ba9") - (revision "1")) - (package - (inherit guile-ssh) - (name "guile2.2-ssh") - (version (string-append "0.10.2." revision "." (string-take commit 7))) - (source (origin - (method git-fetch) - (uri (git-reference - (url (package-home-page guile-ssh)) - (commit commit))) - (file-name (git-file-name name version)) - (sha256 - (base32 - "1r7f10z6pc6sgbaqnrcccklqydnxi68nybz700skfn3ln5jlbygi")))) - (inputs `(("guile" ,guile-2.2) - ,@(alist-delete "guile" (package-inputs guile-ssh))))))) + (package + (inherit guile-ssh) + (name "guile2.2-ssh") + (inputs `(("guile" ,guile-2.2) + ,@(alist-delete "guile" (package-inputs guile-ssh)))))) (define-public corkscrew (package -- cgit 1.4.1 From 4d8806c3d662c74e6d48d0f0d6ce423fce9a3a08 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sat, 13 May 2017 21:53:53 +0200 Subject: gnu: guile-ssh: Rename "guile2.2-ssh" to "guile-ssh". * gnu/packages/ssh.scm (guile-ssh)[inputs]: Change GUILE-2.0 to GUILE-2.2. (guile2.2-ssh): Define using 'deprecated-package'. (guile2.0-ssh): New variable. * gnu/packages/package-management.scm (guix)[propagated-inputs]: Adjust accordingly. --- gnu/packages/package-management.scm | 2 +- gnu/packages/ssh.scm | 9 ++++++--- 2 files changed, 7 insertions(+), 4 deletions(-) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index 3e0449a853..8ebf6b0578 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -249,7 +249,7 @@ (propagated-inputs `(("gnutls" ,gnutls/guile-2.2) ;for 'guix download' & co. ("guile-json" ,guile-json) - ("guile-ssh" ,guile2.2-ssh))) + ("guile-ssh" ,guile-ssh))) (home-page "https://www.gnu.org/software/guix/") (synopsis "Functional package manager for installed software packages and versions") diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 4590f3561c..1fd395049a 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -265,7 +265,7 @@ Additionally, various channel-specific options can be negotiated.") ("texinfo" ,texinfo) ("pkg-config" ,pkg-config) ("which" ,which))) - (inputs `(("guile" ,guile-2.0) + (inputs `(("guile" ,guile-2.2) ("libssh" ,libssh) ("libgcrypt" ,libgcrypt))) (synopsis "Guile bindings to libssh") @@ -276,10 +276,13 @@ libssh library.") (license license:gpl3+))) (define-public guile2.2-ssh + (deprecated-package "guile2.2-ssh" guile-ssh)) + +(define-public guile2.0-ssh (package (inherit guile-ssh) - (name "guile2.2-ssh") - (inputs `(("guile" ,guile-2.2) + (name "guile2.0-ssh") + (inputs `(("guile" ,guile-2.0) ,@(alist-delete "guile" (package-inputs guile-ssh)))))) (define-public corkscrew -- cgit 1.4.1 From 5a3429bcc52a47ca9c879b9ace092eecddeed300 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 16 May 2017 14:15:59 +0200 Subject: gnu: guile-ssh: Fix bug in 'node-guile-version'. * gnu/packages/patches/guile-ssh-rexec-bug.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ssh.scm (guile-ssh)[source](patches): New field. --- gnu/local.mk | 1 + gnu/packages/patches/guile-ssh-rexec-bug.patch | 16 ++++++++++++++++ gnu/packages/ssh.scm | 1 + 3 files changed, 18 insertions(+) create mode 100644 gnu/packages/patches/guile-ssh-rexec-bug.patch (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/local.mk b/gnu/local.mk index f6e911b61a..c560c71725 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -649,6 +649,7 @@ dist_patch_DATA = \ %D%/packages/patches/guile-present-coding.patch \ %D%/packages/patches/guile-relocatable.patch \ %D%/packages/patches/guile-rsvg-pkgconfig.patch \ + %D%/packages/patches/guile-ssh-rexec-bug.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch \ %D%/packages/patches/gtk2-theme-paths.patch \ diff --git a/gnu/packages/patches/guile-ssh-rexec-bug.patch b/gnu/packages/patches/guile-ssh-rexec-bug.patch new file mode 100644 index 0000000000..363fea38c9 --- /dev/null +++ b/gnu/packages/patches/guile-ssh-rexec-bug.patch @@ -0,0 +1,16 @@ +Fix a bug whereby 'node-guile-version' would pass a node instead of +a session to 'rexec'. + +diff --git a/modules/ssh/dist/node.scm b/modules/ssh/dist/node.scm +index 9c065c7..29a3906 100644 +--- a/modules/ssh/dist/node.scm ++++ b/modules/ssh/dist/node.scm +@@ -411,7 +411,8 @@ procedure returns the 1st evaluated value if multiple values were returned." + "Get Guile version installed on a NODE, return the version string. Return + #f if Guile is not installed." + (receive (result rc) +- (rexec node "which guile > /dev/null && guile --version") ++ (rexec (node-session node) ++ "which guile > /dev/null && guile --version") + (and (zero? rc) + (car result)))) diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 1fd395049a..6a074d10fa 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -226,6 +226,7 @@ Additionally, various channel-specific options can be negotiated.") (sha256 (base32 "0r261i8kc3avbmbwgyzak2vnqwssjlgz37g2y2fwm80w9bmn2m7j")) + (patches (search-patches "guile-ssh-rexec-bug.patch")) (modules '((guix build utils))) (snippet ;; 'configure.ac' mistakenly tries to link files from examples/ -- cgit 1.4.1 From e7fbd49132406bb9ec12141ac77ac401f58ee267 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Fri, 19 May 2017 10:50:20 +0200 Subject: gnu: guile-ssh: Fix potential double-free/use-after-free issue. Fixes . Reported by Mark H Weaver . * gnu/packages/patches/guile-ssh-double-free.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ssh.scm (guile-ssh)[source](patches): Add it. --- gnu/local.mk | 1 + gnu/packages/patches/guile-ssh-double-free.patch | 37 ++++++++++++++++++++++++ gnu/packages/ssh.scm | 3 +- 3 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/guile-ssh-double-free.patch (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/local.mk b/gnu/local.mk index 922fb1a6bf..a1530af790 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -654,6 +654,7 @@ dist_patch_DATA = \ %D%/packages/patches/guile-relocatable.patch \ %D%/packages/patches/guile-rsvg-pkgconfig.patch \ %D%/packages/patches/guile-ssh-rexec-bug.patch \ + %D%/packages/patches/guile-ssh-double-free.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch \ %D%/packages/patches/gtk2-theme-paths.patch \ diff --git a/gnu/packages/patches/guile-ssh-double-free.patch b/gnu/packages/patches/guile-ssh-double-free.patch new file mode 100644 index 0000000000..9692b81d39 --- /dev/null +++ b/gnu/packages/patches/guile-ssh-double-free.patch @@ -0,0 +1,37 @@ +Fix a double-free or use-after-free issue with Guile-SSH used +with Guile 2.2. See . + +diff --git a/libguile-ssh/channel-type.c b/libguile-ssh/channel-type.c +index 3dd641f..0839854 100644 +--- a/libguile-ssh/channel-type.c ++++ b/libguile-ssh/channel-type.c +@@ -229,10 +229,11 @@ ptob_close (SCM channel) + ssh_channel_free (ch->ssh_channel); + } + ++ SCM_SETSTREAM (channel, NULL); ++ + #if USING_GUILE_BEFORE_2_2 + scm_gc_free (pt->write_buf, pt->write_buf_size, "port write buffer"); + scm_gc_free (pt->read_buf, pt->read_buf_size, "port read buffer"); +- SCM_SETSTREAM (channel, NULL); + + return 0; + #endif +diff --git a/libguile-ssh/sftp-file-type.c b/libguile-ssh/sftp-file-type.c +index 8879924..f87cf03 100644 +--- a/libguile-ssh/sftp-file-type.c ++++ b/libguile-ssh/sftp-file-type.c +@@ -224,10 +224,11 @@ ptob_close (SCM sftp_file) + sftp_close (fd->file); + } + ++ SCM_SETSTREAM (sftp_file, NULL); ++ + #if USING_GUILE_BEFORE_2_2 + scm_gc_free (pt->write_buf, pt->write_buf_size, "port write buffer"); + scm_gc_free (pt->read_buf, pt->read_buf_size, "port read buffer"); +- SCM_SETSTREAM (sftp_file, NULL); + + return 1; + #endif diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 6a074d10fa..bb1898774b 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -226,7 +226,8 @@ Additionally, various channel-specific options can be negotiated.") (sha256 (base32 "0r261i8kc3avbmbwgyzak2vnqwssjlgz37g2y2fwm80w9bmn2m7j")) - (patches (search-patches "guile-ssh-rexec-bug.patch")) + (patches (search-patches "guile-ssh-rexec-bug.patch" + "guile-ssh-double-free.patch")) (modules '((guix build utils))) (snippet ;; 'configure.ac' mistakenly tries to link files from examples/ -- cgit 1.4.1 From 70f8242b13099697e69e0ad5863bc71ad6b18782 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 19 May 2017 20:26:58 -0400 Subject: gnu: dropbear: Update to 2017.75 [fixes CVE-2017-{9078,9079}]. * gnu/packages/ssh.scm (dropbear): Update to 2017.75. --- gnu/packages/ssh.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index bb1898774b..b01a94f871 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -380,7 +380,7 @@ especially over Wi-Fi, cellular, and long-distance links.") (define-public dropbear (package (name "dropbear") - (version "2016.74") + (version "2017.75") (source (origin (method url-fetch) (uri (string-append @@ -388,7 +388,7 @@ especially over Wi-Fi, cellular, and long-distance links.") name "-" version ".tar.bz2")) (sha256 (base32 - "14c8f4gzixf0j9fkx68jgl85q7b05852kk0vf09gi6h0xmafl817")))) + "1309cm2aw62n9m3h38prvgsqr8bj85hfasgnvwkd42cp3k5ivg3c")))) (build-system gnu-build-system) (arguments `(#:tests? #f)) ; There is no "make check" or anything similar (inputs `(("zlib" ,zlib))) -- cgit 1.4.1 From 74460d112153a880b32c283a743ed5babd3364bd Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sat, 20 May 2017 19:49:36 +0200 Subject: gnu: libssh, guile-ssh: Add a "debug" output. * gnu/packages/ssh.scm (libssh)[outputs]: New field. (guile-ssh)[outputs]: New field. --- gnu/packages/ssh.scm | 2 ++ 1 file changed, 2 insertions(+) (limited to 'gnu/packages/ssh.scm') diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index b01a94f871..c96ed0a72b 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -68,6 +68,7 @@ (base32 "03bcp9ksqp0s1pmwfmzhcknvkxay5k0mjzzxp3rjlifbng1vxq9r")))) (build-system cmake-build-system) + (outputs '("out" "debug")) (arguments '(#:configure-flags '("-DWITH_GCRYPT=ON") @@ -238,6 +239,7 @@ Additionally, various channel-specific options can be negotiated.") "], [chmod +x examples/" file "])\n")))))) (build-system gnu-build-system) + (outputs '("out" "debug")) (arguments '(#:phases (modify-phases %standard-phases (add-after 'unpack 'autoreconf -- cgit 1.4.1