[PATCH] gnu: oath-toolkit: Build libpskc and pskctool.

  • Done
  • quality assurance status badge
Details
2 participants
  • Tobias Geerinckx-Rice
  • Simon Josefsson
Owner
unassigned
Submitted by
Simon Josefsson
Severity
normal

Debbugs page

Simon Josefsson wrote 4 years ago
(address . guix-patches@gnu.org)
8735v13vsi.fsf@latte.josefsson.org
Hi! This patch enables libpskc and pskctool in OATH Toolkit, using the
newly added xmlsec-openssl (thanks!).

/Simon
From 2a41fd3df92acf84e9377fbe02a18b8cacf12dec Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Wed, 5 May 2021 19:56:17 +0200
Subject: [PATCH] gnu: oath-toolkit: Build libpskc and pskctool.

* gnu/packages/authentication.scm (oath-toolkit): Use xmlsec-openssl to enable
libpskc and pskctool.
---
gnu/packages/authentication.scm | 28 ++++++++++++++++++----------
1 file changed, 18 insertions(+), 10 deletions(-)

Toggle diff (68 lines)
diff --git a/gnu/packages/authentication.scm b/gnu/packages/authentication.scm
index c7b58b3e61..d0fef39cb2 100644
--- a/gnu/packages/authentication.scm
+++ b/gnu/packages/authentication.scm
@@ -23,6 +23,8 @@
#:use-module (gnu packages documentation)
#:use-module (gnu packages linux)
#:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages xml)
+ #:use-module (gnu packages tls)
#:use-module (gnu packages security-token)
#:use-module (guix build-system gnu)
#:use-module (guix download)
@@ -45,7 +47,9 @@
(arguments
;; TODO ‘--enable-pskc’ causes xmlsec-related test suite failures.
`(#:configure-flags
- (list "--enable-pam")
+ (list "--enable-pam"
+ "--enable-pskc"
+ "--with-xmlsec-crypto-engine=openssl")
#:phases
(modify-phases %standard-phases
(add-after 'install 'delete-static-libraries
@@ -55,16 +59,15 @@
(for-each delete-file (find-files lib "\\.a$"))
#t))))))
(native-inputs
- `(("pkg-config" ,pkg-config)))
+ `(("pkg-config" ,pkg-config)
+ ;; XXX: Perhaps this should be propagated from xmlsec.
+ ("libltdl" ,libltdl)))
(inputs
- `(("linux-pam" ,linux-pam))) ; for --enable-pam
+ `(("xmlsec-openssl" ,xmlsec-openssl)
+ ("openssl" ,openssl)
+ ("linux-pam" ,linux-pam))) ; for --enable-pam
(home-page "https://www.nongnu.org/oath-toolkit/")
(synopsis "One-time password (OTP) components")
- ;; TODO Add the following items after they've been enabled.
- ;; @item @command{pskctool}, a command-line tool for manipulating secret key
- ;; files in the Portable Symmetric Key Container (@dfn{PSKC}) format
- ;; described in RFC6030.
- ;; @item @code{libpskc}, a shared and static C library for PSKC handling.
(description
"The @dfn{OATH} (Open AuTHentication) Toolkit provides various components
for building one-time password (@dfn{OTP}) authentication systems:
@@ -72,11 +75,16 @@ for building one-time password (@dfn{OTP}) authentication systems:
@itemize
@item @command{oathtool}, a command-line tool for generating & validating OTPs.
@item @code{liboath}, a C library for OATH handling.
+@item @command{pskctool}, a command-line tool for manipulating secret key
+files in the Portable Symmetric Key Container (@dfn{PSKC}) format
+described in RFC6030.
+@item @code{libpskc}, a shared and static C library for PSKC handling.
@item @code{pam_oath}, a PAM module for pluggable login authentication.
@end itemize
-Supported technologies include the event-based @dfn{HOTP} algorithm (RFC4226)
-and the time-based @dfn{TOTP} algorithm (RFC6238).")
+Supported technologies include the event-based $dfn{HOTP} algorithm (RFC4226),
+the time-based @dfn{TOTP} algorithm (RFC6238), and Portable Symmetric Key
+Container (@dfn{PSKC}, RFC6030) to manage secret key data.")
(license (list license:lgpl2.1+ ; the libraries (liboath/ & libpskc/)
license:gpl3+)))) ; the tools (everything else)
--
2.20.1
-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQSjzJyHC50xCrrUzy9RcisI/kdFogUCYJLdTQAKCRBRcisI/kdF
oljVAP9h8dckdUnV2fs/02Launsj1FMTOs8+cCC8Zgnw9HF2/AEA9hm/ekBEDY9P
IqamrNGuHYbq8/4lYPrgS8h5crk8HAg=
=KdRO
-----END PGP SIGNATURE-----

Simon Josefsson wrote 4 years ago
(address . 48242@debbugs.gnu.org)
87tung2v38.fsf@latte.josefsson.org
Simon Josefsson via Guix-patches via <guix-patches@gnu.org> writes:

Toggle quote (1 lines)
> +Supported technologies include the event-based $dfn{HOTP} algorithm (RFC4226),
^

That should be @ -- sorry about that, and I hope you can fix it manually
when applying the patch.

/Simon
-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQSjzJyHC50xCrrUzy9RcisI/kdFogUCYJOXGwAKCRBRcisI/kdF
otmZAP9W7NLiohf7C+6/c9UrxeAkM1/LPdfq4zezwWhzKzUgsAD/aD8oCVsKuzOT
KPiKGQCDZHuViBRKjGAjsxAKOpk2CA4=
=KFH2
-----END PGP SIGNATURE-----

Tobias Geerinckx-Rice wrote 4 years ago
(name . Simon Josefsson)(address . simon@josefsson.org)(address . 48242-done@debbugs.gnu.org)
87pmy4mhbs.fsf@nckx
Simon,

Simon Josefsson via Guix-patches via 写道:
Toggle quote (2 lines)
> Subject: [PATCH] gnu: oath-toolkit: Build libpskc and pskctool.

Thanks! Pushed as 37fd82177ef33f2d3331f14055c6302001cd7c04 with
minor changes.

Toggle quote (4 lines)
> * gnu/packages/authentication.scm (oath-toolkit): Use
> xmlsec-openssl to enable
> libpskc and pskctool.

Expanded to list all changes in our GNU ‘change log’ format.

Toggle quote (3 lines)
> + #:use-module (gnu packages xml)
> + #:use-module (gnu packages tls)

Placed these and the new *inputs alphabetically.

Toggle quote (3 lines)
> + "--enable-pskc"
> + "--with-xmlsec-crypto-engine=openssl")

The second line used a tab for indentation. Replaced by spaces.

Toggle quote (6 lines)
> +Supported technologies include the event-based $dfn{HOTP}
> algorithm (RFC4226),
> +the time-based @dfn{TOTP} algorithm (RFC6238), and Portable
> Symmetric Key
> +Container (@dfn{PSKC}, RFC6030) to manage secret key data.")

Modified to use @acronym.

Kind regards,

T G-R
-----BEGIN PGP SIGNATURE-----

iIMEARYKACsWIQT12iAyS4c9C3o4dnINsP+IT1VteQUCYJOfxw0cbWVAdG9iaWFz
LmdyAAoJEA2w/4hPVW15BrsBAPP+coxKNx4mm8NUG6Z39Q+w7ngXQgiga7llCmbk
+NdJAQCuEX1SBQRmrSSXE/af4P77rY3p/mtmXsc38sFSynNsCQ==
=J4WS
-----END PGP SIGNATURE-----

Closed
Simon Josefsson wrote 4 years ago
Re: bug#48242: [PATCH] gnu: oath-toolkit: Build libpskc and pskctool.
(address . 48242@debbugs.gnu.org)(address . me@tobias.gr)
87a6p82mek.fsf@latte.josefsson.org
Tobias Geerinckx-Rice via Guix-patches via <guix-patches@gnu.org> writes:

Toggle quote (8 lines)
> Simon,
>
> Simon Josefsson via Guix-patches via 写道:
>> Subject: [PATCH] gnu: oath-toolkit: Build libpskc and pskctool.
>
> Thanks! Pushed as 37fd82177ef33f2d3331f14055c6302001cd7c04 with minor
> changes.

Thank you -- and especially for teaching me how I can review my own
patches and provide better ones in the future.

Toggle quote (5 lines)
>> + #:use-module (gnu packages xml)
>> + #:use-module (gnu packages tls)
>
> Placed these and the new *inputs alphabetically.

Is there a lint-style tool to help me detect and/or fix that?

/Simon
-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQSjzJyHC50xCrrUzy9RcisI/kdFogUCYJPDEwAKCRBRcisI/kdF
opI6AP9HzmGAEAJ84LRaQB1RtPoT/xsgf+d6VSXWEebeQetngQD/aF/LhctG9DD8
4L2V8yWB0jjzmsN8GIyyLQ2Rd5tS0Ag=
=I7di
-----END PGP SIGNATURE-----

Tobias Geerinckx-Rice wrote 4 years ago
(name . Simon Josefsson)(address . simon@josefsson.org)(address . 48242@debbugs.gnu.org)
87eeejmq0l.fsf@nckx
Simon,

Simon Josefsson 写道:
Toggle quote (2 lines)
> Is there a lint-style tool to help me detect and/or fix that?

You're probably already aware of ‘guix lint’, but maybe not, since
it should have detected the tabs used instead of spaces. Please
let me know if you did and it didn't!

The ordering isn't a hard policy, but I ‘strongly recommend’ it
;-)

I've removed more than one duplicate input/import that would have
been trivially caught if the lists were sorted. In one case it
effectively masked a version mismatch bug. And it costs nothing
to sort new code, and keep existing sorted lists sorted...

Kind regards,

T G-R
-----BEGIN PGP SIGNATURE-----

iIMEARYKACsWIQT12iAyS4c9C3o4dnINsP+IT1VteQUCYJRzyg0cbWVAdG9iaWFz
LmdyAAoJEA2w/4hPVW15qTgBAOUyqaD613T5kCUSXZXdEKiTgm9CY++8oZnPaeI+
6y0DAP0dd2d1aGsd+7wWyKu8vmwipevPf1uhLUZEH6rEj4gwAw==
=puFv
-----END PGP SIGNATURE-----

?
Your comment

This issue is archived.

To comment on this conversation send an email to 48242@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 48242
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch
You may also tag this issue. See list of standard tags. For example, to set the confirmed and easy tags
mumi command -t +confirmed -t +easy
Or, remove the moreinfo tag and set the help tag
mumi command -t -moreinfo -t +help