From edff71e8e0f76dc9a52485cbc1f88179c72d1488 Mon Sep 17 00:00:00 2001
From: Yann Dupont <yann@objoo.org>
Date: Wed, 2 Jun 2021 21:36:50 +0200
Subject: [PATCH] add glicid-specific-openssh with fido2 support

---
 gnu/packages/glicid.scm | 163 +++++++++++++++++++++++++++++++++++++++-
 1 file changed, 162 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/glicid.scm b/gnu/packages/glicid.scm
index 0e2e6b2..8f8510f 100644
--- a/gnu/packages/glicid.scm
+++ b/gnu/packages/glicid.scm
@@ -1004,6 +1004,25 @@ in the @code{debug} output), and binutils.")))
 )
 
 
+(use-modules (guix packages))
+(use-modules (guix download))
+(use-modules (gnu packages linux))
+(use-modules (gnu packages gcc))
+(use-modules (gnu packages glicid))
+(use-modules (gnu packages ssh))
+(use-modules (gnu packages hurd))
+(use-modules (guix build-system gnu))
+(use-modules (guix build-system cmake))
+(use-modules (gnu packages compression))
+(use-modules (gnu packages crypto))
+(use-modules (gnu packages tls))
+(use-modules (gnu packages glicid))
+(use-modules (gnu packages pkg-config))
+
+
+(use-modules ((guix licenses) #:prefix license:))
+
+
 (define-public glicid-libcbor
  (package
   (name "glicid-libcbor")
@@ -1020,7 +1039,13 @@ in the @code{debug} output), and binutils.")))
 
 ))
 (build-system cmake-build-system)
-(synopsis "libcbor")
+
+(arguments
+  `(#:configure-flags (list "-DCMAKE_CXX_FLAGS=-fPIE"
+             "-DCMAKE_C_FLAGS=-fPIE")))
+
+
+(synopsis "libfido2")
 (description "Todo")
 (home-page "toto")
 (license license:gpl2+)
@@ -1029,4 +1054,140 @@ in the @code{debug} output), and binutils.")))
 ))
 
 
+(define-public glicid-libfido2
+ (package
+
+  (name "glicid-libfido2")
+  (version "1.7.0")
+  (source 
+   (origin
+
+(method url-fetch)
+              (uri (string-append "https://developers.yubico.com/libfido2/Releases/libfido2-"
+                    version ".tar.gz"))
+;              (file-name (string-append name "-" version ".tar.gz"))
+              (sha256
+               (base32
+                "13khkp2q8g447797l09p83qxy0z8vgmzr54l8dcnapy9lsr4jrqi"))
+
+
+   ))
+
+   (build-system cmake-build-system)
+   (arguments '(#:tests? #f))
+
+
+(inputs `(
+          ("glicid-libcbor",glicid-libcbor)
+          ("openssl",openssl)
+          ("zlib", zlib)
+          ("pkg-config", pkg-config) ; or cmake won't find zlib !
+          ("eudev", eudev)
+
+      ))
+
+(synopsis "libfido2")
+(description "Todo")
+(home-page "toto")
+(license license:gpl2+)
+)
+
+)
+
+
+(define-public glicid-specific-openssh
+  (package
+    (inherit openssh)
+    (name "glicid-specific-openssh")
+(arguments
+
+      `(#:test-target "tests"
+      ;; Otherwise, the test scripts try to use a nonexistent directory and
+      ;; fail.
+         #:make-flags '("REGRESSTMP=\"$${BUILDDIR}/regress\"")
+
+         #:configure-flags  `("--sysconfdir=/etc/ssh"
+
+                           ;; Default value of 'PATH' used by sshd.
+                          "--with-default-path=/run/current-system/profile/bin"
+
+                          ;; configure needs to find krb5-config.
+                          ,(string-append "--with-kerberos5="
+                                          (assoc-ref %build-inputs "mit-krb5")
+                                          "/bin")
+
+                          ;; libedit is needed for sftp completion.
+                          "--with-libedit"
+                          ;; for u2f
+                          "--with-security-key-builtin"
+;                          ,(string-append "--with-fido2=" (assoc-ref %build-inputs "libfido2"))
+
+                          ;; Enable PAM support in sshd.
+                          ,,@(if (hurd-target?)
+                               '()
+                               '("--with-pam"))
+
+                          ;; "make install" runs "install -s" by default,
+                          ;; which doesn't work for cross-compiled binaries
+                          ;; because it invokes 'strip' instead of
+                          ;; 'TRIPLET-strip'.  Work around this.
+                          ,,@(if (%current-target-system)
+                                 '("--disable-strip")
+                                 '()
+))
+
+
+#:phases
+      (modify-phases %standard-phases
+        (add-after 'configure 'reset-/var/empty
+         (lambda* (#:key outputs #:allow-other-keys)
+           (let ((out (assoc-ref outputs "out")))
+             (substitute* "Makefile"
+               (("PRIVSEP_PATH=/var/empty")
+                (string-append "PRIVSEP_PATH=" out "/var/empty")))
+             #t)))
+        (add-before 'check 'patch-tests
+         (lambda _
+           (substitute* "regress/test-exec.sh"
+             (("/bin/sh") (which "sh")))
+
+           ;; Remove 't-exec' regress target which requires user 'sshd'.
+           (substitute* (list "Makefile"
+                              "regress/Makefile")
+             (("^(tests:.*) t-exec(.*)" all pre post)
+              (string-append pre post)))
+           #t))
+        (replace 'install
+         (lambda* (#:key outputs (make-flags '()) #:allow-other-keys)
+           ;; Install without host keys and system configuration files.
+           (apply invoke "make" "install-nosysconf" make-flags)
+           (install-file "contrib/ssh-copy-id"
+                         (string-append (assoc-ref outputs "out")
+                                        "/bin/"))
+           (chmod (string-append (assoc-ref outputs "out")
+                                 "/bin/ssh-copy-id") #o555)
+           (install-file "contrib/ssh-copy-id.1"
+                         (string-append (assoc-ref outputs "out")
+                                        "/share/man/man1/"))
+           #t))) ; ))
+
+
+)
+   )
+
+(inputs `(("glicid-libfido2", glicid-libfido2)
+          ("glicid-libcbor", glicid-libcbor)
+      ,@(package-inputs openssh)))
+
+
+
+  )
+
+
+)
+
+
+
+
+
 ;;; glicid.scm ends here