From e2a54266c411e71bb5e65d9523766782728a1c3f Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Sun, 28 Jan 2018 16:34:04 -0500 Subject: [PATCH] openssh: Build with Kerberos by default This reverts commit 09696e32c390c232ec7ac506df6457fb93c1f536. which reverted f596aa0f4a35f613422f85a4486e32ea20ca7739 to move it to staging --- nixos/modules/misc/nixpkgs.nix | 1 - pkgs/tools/networking/openssh/default.nix | 14 +++++--------- pkgs/top-level/aliases.nix | 1 + pkgs/top-level/all-packages.nix | 3 --- 4 files changed, 6 insertions(+), 13 deletions(-) diff --git a/nixos/modules/misc/nixpkgs.nix b/nixos/modules/misc/nixpkgs.nix index 1793c1447d60..6eb424941245 100644 --- a/nixos/modules/misc/nixpkgs.nix +++ b/nixos/modules/misc/nixpkgs.nix @@ -69,7 +69,6 @@ in [ (self: super: { openssh = super.openssh.override { hpnSupport = true; - withKerberos = true; kerberos = self.libkrb5; }; }; diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix index 663e7be7e5f3..1c135cd36f48 100644 --- a/pkgs/tools/networking/openssh/default.nix +++ b/pkgs/tools/networking/openssh/default.nix @@ -1,15 +1,12 @@ { stdenv, fetchurl, fetchpatch, zlib, openssl, perl, libedit, pkgconfig, pam, autoreconfHook , etcDir ? null , hpnSupport ? false -, withKerberos ? false +, withKerberos ? true , withGssapiPatches ? false , kerberos , linkOpenssl? true }: -assert withKerberos -> kerberos != null; -assert withGssapiPatches -> withKerberos; - let # **please** update this patch when you update to a new openssh release. @@ -23,8 +20,6 @@ let in with stdenv.lib; stdenv.mkDerivation rec { - # Please ensure that openssh_with_kerberos still builds when - # bumping the version here! name = "openssh-${version}"; version = if hpnSupport then "7.5p1" else "7.6p1"; @@ -47,7 +42,7 @@ stdenv.mkDerivation rec { # See discussion in https://github.com/NixOS/nixpkgs/pull/16966 ./dont_create_privsep_path.patch ] - ++ optional withGssapiPatches gssapiPatch; + ++ optional withGssapiPatches (assert withKerberos; gssapiPatch); postPatch = # On Hydra this makes installation fail (sometimes?), @@ -59,7 +54,8 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig ]; buildInputs = [ zlib openssl libedit pam ] ++ optional withKerberos kerberos - ++ optional hpnSupport autoreconfHook; + ++ optional hpnSupport autoreconfHook + ; preConfigure = '' # Setting LD causes `configure' and `make' to disagree about which linker @@ -78,7 +74,7 @@ stdenv.mkDerivation rec { "--disable-strip" (if pam != null then "--with-pam" else "--without-pam") ] ++ optional (etcDir != null) "--sysconfdir=${etcDir}" - ++ optional withKerberos "--with-kerberos5=${kerberos}" + ++ optional withKerberos (assert kerberos != null; "--with-kerberos5=${kerberos}") ++ optional stdenv.isDarwin "--disable-libutil" ++ optional (!linkOpenssl) "--without-openssl"; diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index ef49fceab721..7d371881f940 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -142,6 +142,7 @@ mapAliases (rec { rdmd = dtools; # added 2017-08-19 robomongo = robo3t; #added 2017-09-28 rssglx = rss-glx; #added 2015-03-25 + openssh_with_kerberos = openssh; # added 2018-01-28 rubygems = throw "deprecated 2016-03-02: rubygems is now bundled with ruby"; rxvt_unicode_with-plugins = rxvt_unicode-with-plugins; # added 2015-04-02 samsungUnifiedLinuxDriver = samsung-unified-linux-driver; # added 2016-01-25 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index bd1855b0015b..e3f51436b338 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3882,15 +3882,12 @@ with pkgs; openssh = callPackage ../tools/networking/openssh { hpnSupport = false; - withKerberos = stdenv.isDarwin; etcDir = "/etc/ssh"; pam = if stdenv.isLinux then pam else null; }; openssh_hpn = pkgs.appendToName "with-hpn" (openssh.override { hpnSupport = true; }); - openssh_with_kerberos = pkgs.appendToName "with-kerberos" (openssh.override { withKerberos = true; }); - opensp = callPackage ../tools/text/sgml/opensp { }; opentracker = callPackage ../applications/networking/p2p/opentracker { };