unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / code / Atom feed
* [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies
@ 2019-04-20  0:38 Chris Marusich
  2019-04-20  1:07 ` Chris Marusich
  2019-04-24 19:24 ` [bug#35333] " Danny Milosavljevic
  0 siblings, 2 replies; 13+ messages in thread
From: Chris Marusich @ 2019-04-20  0:38 UTC (permalink / raw)
  To: 35333; +Cc: Chris Marusich

Hi,

This patch series adds Yubikey Manager (ykman) and its dependencies.
It applies cleanly to fd6d2fd871aa3eb443037483998b7790d15be709.

I've validated that the ykman CLI works with my own personal YubiKey 4
Nano that I've owned for a few years.  I've verified that rudimentary
operations such as "ykman openpgp info" and "ykman mode OTP+FIDO+CCID"
succeed, but I didn't exhaustively check all possible operations.

Along the way, I've noticed that Mozilla's Public Suffix List database
is embedded in at least one existing Guix package: ruby-public-suffix.
I've opened a bug report about this:

  https://debbugs.gnu.org/cgi/bugreport.cgi?bug=35332

We can fix that bug by replacing the bundled copy with the one
provided by the public-suffix-list package introduced here.

Chris Marusich (6):
  gnu: Add python-pyfakefs and python2-pyfakefs.
  gnu: Add python-pyscard and python2-pyscard.
  gnu: Add libu2f-host.
  gnu: Add public-suffix-list.
  gnu: Add python-fido2 and python2-fido2.
  gnu: Add python-yubikey-manager and python2-yubikey-manager.

 gnu/local.mk                                  |   1 +
 gnu/packages/check.scm                        |  49 ++++
 gnu/packages/dns.scm                          |  51 +++++
 .../python-pyfakefs-remove-bad-test.patch     |  23 ++
 gnu/packages/security-token.scm               | 211 +++++++++++++++++-
 5 files changed, 334 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/python-pyfakefs-remove-bad-test.patch

-- 
2.20.1

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies
  2019-04-20  0:38 [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies Chris Marusich
@ 2019-04-20  1:07 ` Chris Marusich
  2019-04-20  1:07   ` [bug#35333] [PATCH 1/6] gnu: Add python-pyfakefs and python2-pyfakefs Chris Marusich
                     ` (6 more replies)
  2019-04-24 19:24 ` [bug#35333] " Danny Milosavljevic
  1 sibling, 7 replies; 13+ messages in thread
From: Chris Marusich @ 2019-04-20  1:07 UTC (permalink / raw)
  To: 35333

Hi,

The patches follow this email.  I've tried to invoke git-send-email so
that all 6 patches appear as replies to this email, like this:

  git send-email --to=35333@debbugs.gnu.org --compose 000[1-6]*

I then manually filled in the body and the following headers:

  From: Chris Marusich <cmmarusich@gmail.com>
  Subject: Re: [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies
  In-Reply-To: <20190420003814.5120-1-cmmarusich@gmail.com>

This is tedious, but hopefully it'll work!

Chris

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [bug#35333] [PATCH 1/6] gnu: Add python-pyfakefs and python2-pyfakefs.
  2019-04-20  1:07 ` Chris Marusich
@ 2019-04-20  1:07   ` Chris Marusich
  2019-04-20  1:41     ` Chris Marusich
  2019-04-20  1:07   ` [bug#35333] [PATCH 2/6] gnu: Add python-pyscard and python2-pyscard Chris Marusich
                     ` (5 subsequent siblings)
  6 siblings, 1 reply; 13+ messages in thread
From: Chris Marusich @ 2019-04-20  1:07 UTC (permalink / raw)
  To: 35333; +Cc: Chris Marusich

* gnu/packages/patches/python-pyfakefs-remove-bad-test.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add the patch.
* gnu/packages/check.scm (python-pyfakefs, python2-pyfakefs): New
  variables.
---
 gnu/local.mk                                  |  1 +
 gnu/packages/check.scm                        | 49 +++++++++++++++++++
 .../python-pyfakefs-remove-bad-test.patch     | 23 +++++++++
 3 files changed, 73 insertions(+)
 create mode 100644 gnu/packages/patches/python-pyfakefs-remove-bad-test.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 41924a7de5..3953e5b789 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1201,6 +1201,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/python2-larch-coverage-4.0a6-compatibility.patch \
   %D%/packages/patches/python-configobj-setuptools.patch	\
   %D%/packages/patches/python-faker-fix-build-32bit.patch	\
+  %D%/packages/patches/python-pyfakefs-remove-bad-test.patch	\
   %D%/packages/patches/python-flint-includes.patch		\
   %D%/packages/patches/python-mox3-python3.6-compat.patch	\
   %D%/packages/patches/python-testtools.patch			\
diff --git a/gnu/packages/check.scm b/gnu/packages/check.scm
index a38abf0b5b..df07525daa 100644
--- a/gnu/packages/check.scm
+++ b/gnu/packages/check.scm
@@ -29,6 +29,7 @@
 ;;; Copyright © 2017, 2018 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2018 Fis Trivial <ybbs.daans@hotmail.com>
 ;;; Copyright © 2019 Pierre Langlois <pierre.langlois@gmx.com>
+;;; Copyright © 2019 Chris Marusich <cmmarusich@gmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -2262,3 +2263,51 @@ record the properties and behaviour of particular devices, and to run a
 program or test suite under a test bed with the previously recorded devices
 loaded.")
     (license license:lgpl2.1+)))
+
+(define-public python-pyfakefs
+  (package
+    (name "python-pyfakefs")
+    (version "3.5.8")
+    (source (origin
+              (method url-fetch)
+              ;; Guix lint doesn't like that this release is an autogenerated
+              ;; archive, but it seems those are the only releases available.
+              (uri (pypi-uri "pyfakefs" version))
+              (sha256
+               (base32
+                "0qb9jp0bqhc0dv0rn805fv99029fvx135f3bvka6scfkcl6jgllc"))
+              (patches (search-patches
+                        "python-pyfakefs-remove-bad-test.patch"))
+              (file-name (string-append name "-" version ".tar.gz"))))
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         ;; The default test suite does not run these extra tests.
+         (add-after 'check 'check-pytest-plugin
+           (lambda _
+             (invoke
+              "python" "-m" "pytest"
+              "pyfakefs/pytest_tests/pytest_plugin_test.py")
+             #t)))))
+    (native-inputs
+     `(("python-pytest" ,python-pytest)))
+    (build-system python-build-system)
+    ;; Guix lint doesn't like that this is a permanent redirect to the GitHub
+    ;; page, but the pyfakefs documentation asks us to use this specific URL
+    ;; when linking to the project.  Honor their request.
+    (home-page "http://pyfakefs.org/")
+    ;; TRANSLATORS: In the synopsis, "Mock" is a verb.
+    (synopsis "Mock file system interactions in tests")
+    (description
+     "This package provides a Python library intended for use in automated
+tests.  One difficulty when testing software is that the code under test might
+need to read or write to files in the local file system.  If the file system
+is not set up in just the right way, it might cause a spurious error during
+the test.  The pyfakefs library provides a solution to problems like this by
+mocking file system interactions.  In other words, it arranges for the code
+under test to interact with a fake file system instead of the real file
+system.  The code under test requires no modification to work with pyfakefs.")
+    (license license:asl2.0)))
+
+(define-public python2-pyfakefs
+  (package-with-python2 python-pyfakefs))
diff --git a/gnu/packages/patches/python-pyfakefs-remove-bad-test.patch b/gnu/packages/patches/python-pyfakefs-remove-bad-test.patch
new file mode 100644
index 0000000000..a9488bbe43
--- /dev/null
+++ b/gnu/packages/patches/python-pyfakefs-remove-bad-test.patch
@@ -0,0 +1,23 @@
+This test incorrectly assumes that the root user is always available.
+However, in the build environment, the root user is not available.
+Note that because the original file distributed in the release on PyPi
+has lines ending in CRLF, those are retained in the diff below.
+
+--- a/pyfakefs/tests/fake_filesystem_test.py	1969-12-31 16:00:00.000000000 -0800
++++ b/pyfakefs/tests/fake_filesystem_test.py	1969-12-31 16:00:00.000000000 -0800
+@@ -1021,15 +1021,6 @@
+             self.assertEqual(self.path.expanduser('~'),
+                              self.os.environ['HOME'].replace('/', '!'))
+ 
+-    @unittest.skipIf(TestCase.is_windows or TestCase.is_cygwin,
+-                     'only tested on unix systems')
+-    def test_expand_root(self):
+-        if sys.platform == 'darwin':
+-            roothome = '!var!root'
+-        else:
+-            roothome = '!root'
+-        self.assertEqual(self.path.expanduser('~root'), roothome)
+-
+     def test_getsize_path_nonexistent(self):
+         file_path = 'foo!bar!baz'
+         self.assertRaises(os.error, self.path.getsize, file_path)
-- 
2.20.1

^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [bug#35333] [PATCH 2/6] gnu: Add python-pyscard and python2-pyscard.
  2019-04-20  1:07 ` Chris Marusich
  2019-04-20  1:07   ` [bug#35333] [PATCH 1/6] gnu: Add python-pyfakefs and python2-pyfakefs Chris Marusich
@ 2019-04-20  1:07   ` Chris Marusich
  2019-04-20  1:07   ` [bug#35333] [PATCH 3/6] gnu: Add libu2f-host Chris Marusich
                     ` (4 subsequent siblings)
  6 siblings, 0 replies; 13+ messages in thread
From: Chris Marusich @ 2019-04-20  1:07 UTC (permalink / raw)
  To: 35333; +Cc: Chris Marusich

* gnu/packages/security-token.scm (python-pyscard, python2-pyscard): New
variables.
---
 gnu/packages/security-token.scm | 59 ++++++++++++++++++++++++++++++++-
 1 file changed, 58 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index c88a1c6b2a..52bd80780c 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -6,7 +6,7 @@
 ;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
 ;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
-;;; Copyright © 2018 Chris Marusich <cmmarusich@gmail.com>
+;;; Copyright © 2018, 2019 Chris Marusich <cmmarusich@gmail.com>
 ;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -32,6 +32,7 @@
   #:use-module (guix git-download)
   #:use-module (guix build-system gnu)
   #:use-module (guix build-system glib-or-gtk)
+  #:use-module (guix build-system python)
   #:use-module (gnu packages autotools)
   #:use-module (gnu packages curl)
   #:use-module (gnu packages check)
@@ -51,6 +52,8 @@
   #:use-module (gnu packages tex)
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages python)
+  #:use-module (gnu packages swig)
   #:use-module (gnu packages web)
   #:use-module (gnu packages xml))
 
@@ -341,3 +344,57 @@ and other operations.  It includes a library and a command-line tool.")
 line tools for personalizing YubiKeys.  You can use these to set an AES key,
 retrieve a YubiKey's serial number, and so forth.")
     (license license:bsd-2)))
+
+(define-public python-pyscard
+  (package
+    (name "python-pyscard")
+    (version "1.9.8")
+    (source (origin
+              (method url-fetch)
+              ;; The maintainer publishes releases on various sites, but
+              ;; SourceForge is apparently the only one with a signed release.
+              (uri (string-append
+                    "mirror://sourceforge/pyscard/pyscard/pyscard%20"
+                    version "/pyscard-" version ".tar.gz"))
+              (sha256
+               (base32
+                "15fh00z1an6r5j7hrz3jlq0rb3jygwf3x4jcwsa008bv8vpcg7gm"))))
+    (build-system python-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         ;; Tell pyscard where to find the PCSC include directory.
+         (add-after 'unpack 'patch-platform-include-dirs
+           (lambda* (#:key inputs #:allow-other-keys)
+             (let ((pcsc-include-dir (string-append
+                                      (assoc-ref inputs "pcsc-lite")
+                                      "/include/PCSC")))
+               (substitute* "setup.py"
+                 (("platform_include_dirs = \\[.*?\\]")
+                  (string-append
+                   "platform_include_dirs = ['" pcsc-include-dir "']")))
+               #t)))
+         ;; pyscard wants to dlopen libpcsclite, so tell it where it is.
+         (add-after 'unpack 'patch-dlopen
+           (lambda* (#:key inputs #:allow-other-keys)
+             (substitute* "smartcard/scard/winscarddll.c"
+               (("lib = \"libpcsclite\\.so\\.1\";")
+                (simple-format #f
+                               "lib = \"~a\";"
+                               (string-append (assoc-ref inputs "pcsc-lite")
+                                              "/lib/libpcsclite.so.1"))))
+             #t)))))
+    (inputs
+     `(("pcsc-lite" ,pcsc-lite)))
+    (native-inputs
+     `(("swig" ,swig)))
+    (home-page "https://github.com/LudovicRousseau/pyscard")
+    (synopsis "Smart card library for Python")
+    (description
+     "The pyscard smart card library is a framework for building smart card
+aware applications in Python.  The smart card module is built on top of the
+PCSC API Python wrapper module.")
+    (license license:lgpl2.1+)))
+
+(define-public python2-pyscard
+  (package-with-python2 python-pyscard))
-- 
2.20.1

^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [bug#35333] [PATCH 3/6] gnu: Add libu2f-host.
  2019-04-20  1:07 ` Chris Marusich
  2019-04-20  1:07   ` [bug#35333] [PATCH 1/6] gnu: Add python-pyfakefs and python2-pyfakefs Chris Marusich
  2019-04-20  1:07   ` [bug#35333] [PATCH 2/6] gnu: Add python-pyscard and python2-pyscard Chris Marusich
@ 2019-04-20  1:07   ` Chris Marusich
  2019-04-20  1:07   ` [bug#35333] [PATCH 4/6] gnu: Add public-suffix-list Chris Marusich
                     ` (3 subsequent siblings)
  6 siblings, 0 replies; 13+ messages in thread
From: Chris Marusich @ 2019-04-20  1:07 UTC (permalink / raw)
  To: 35333; +Cc: Chris Marusich

* gnu/packages/security-token.scm (libu2f-host): New variable.
---
 gnu/packages/security-token.scm | 51 +++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)

diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index 52bd80780c..26541b3d09 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -398,3 +398,54 @@ PCSC API Python wrapper module.")
 
 (define-public python2-pyscard
   (package-with-python2 python-pyscard))
+
+(define-public libu2f-host
+  (package
+    (name "libu2f-host")
+    (version "1.1.9")
+    (source (origin
+              (method url-fetch)
+              (uri
+               (string-append
+                "https://developers.yubico.com"
+                "/libu2f-host/Releases/libu2f-host-" version ".tar.xz"))
+              (sha256
+               (base32
+                "1hnh3f4scx07v9jfkr1nnxasmydk1cmivn0nijcp2p75bc1fznip"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:configure-flags
+       (list "--enable-gtk-doc"
+             (string-append "--with-udevrulesdir="
+                            (assoc-ref %outputs "out")
+                            "/lib/udev/rules.d"))
+       #:phases
+       (modify-phases %standard-phases
+         (add-after 'unpack 'patch-docbook-xml
+           (lambda* (#:key inputs #:allow-other-keys)
+             ;; Avoid a network connection attempt during the build.
+             (substitute* "gtk-doc/u2f-host-docs.xml"
+               (("http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd")
+                (string-append (assoc-ref inputs "docbook-xml")
+                               "/xml/dtd/docbook/docbookx.dtd")))
+             #t)))))
+    (inputs
+     `(("json-c" ,json-c)
+       ("hidapi" ,hidapi)))
+    (native-inputs
+     `(("help2man" ,help2man)
+       ("gengetopt" ,gengetopt)
+       ("pkg-config" ,pkg-config)
+       ("gtk-doc" ,gtk-doc)
+       ("docbook-xml" ,docbook-xml-4.3)
+       ("eudev" ,eudev)))
+    (home-page "https://developers.yubico.com/libu2f-host/")
+    ;; TRANSLATORS: The U2F protocol has a "server side" and a "host side".
+    (synopsis "U2F host-side C library and tool")
+    (description
+     "Libu2f-host provides a C library and command-line tool that implements
+the host-side of the Universal 2nd Factor (U2F) protocol.  There are APIs to
+talk to a U2F device and perform the U2F Register and U2F Authenticate
+operations.")
+    ;; Most files are LGPLv2.1+, but some files are GPLv3+.
+    (license (list license:lgpl2.1+ license:gpl3+))))
-- 
2.20.1

^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [bug#35333] [PATCH 4/6] gnu: Add public-suffix-list.
  2019-04-20  1:07 ` Chris Marusich
                     ` (2 preceding siblings ...)
  2019-04-20  1:07   ` [bug#35333] [PATCH 3/6] gnu: Add libu2f-host Chris Marusich
@ 2019-04-20  1:07   ` Chris Marusich
  2019-04-20  1:07   ` [bug#35333] [PATCH 5/6] gnu: Add python-fido2 and python2-fido2 Chris Marusich
                     ` (2 subsequent siblings)
  6 siblings, 0 replies; 13+ messages in thread
From: Chris Marusich @ 2019-04-20  1:07 UTC (permalink / raw)
  To: 35333; +Cc: Chris Marusich

* gnu/packages/dns.scm (public-suffix-list): New variable.
---
 gnu/packages/dns.scm | 51 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)

diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index 9cffe3b822..416c9e4264 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -11,6 +11,7 @@
 ;;; Copyright © 2017 Gregor Giesen <giesen@zaehlwerk.net>
 ;;; Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com>
 ;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com>
+;;; Copyright © 2019 Chris Marusich <cmmarusich@gmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -807,3 +808,53 @@ mDNS resolver as well as an announcer.  mDNS (Multicast Domain Name System) is
 a zero-config service that allows one to resolve host names to IP addresses in
 local networks.")
     (license license:lgpl2.1)))
+
+(define-public public-suffix-list
+  ;; Mozilla releases the official list here:
+  ;;
+  ;;   https://publicsuffix.org/list/public_suffix_list.dat
+  ;;
+  ;; However, Mozilla syncs that file from the GitHub repository periodically,
+  ;; so its contents will change over time.  If you update this commit, please
+  ;; make sure that the new commit refers to a list which is identical to the
+  ;; officially published list available from the URL above.
+  (let ((commit "9375b697baddb0827a5995c81bd3c75877a0b35d"))
+    (package
+      (name "public-suffix-list")
+      (version (git-version "0" "1" commit))
+      (source (origin
+                (method git-fetch)
+                (uri (git-reference
+                      (url "https://github.com/publicsuffix/list.git")
+                      (commit commit)))
+                (file-name (git-file-name name version))
+                (sha256
+                 (base32
+                  "1sm7pni01rnl4ldzi8z8nc4cbgq8nxda9gwc68v0s3ij7jd1jmik"))))
+      (build-system trivial-build-system)
+      (arguments
+       `(#:modules ((guix build utils))
+         #:builder
+         (begin
+           (use-modules (guix build utils))
+           (let* ((out (assoc-ref %outputs "out"))
+                  ;; Install to /share because that is where "read-only
+                  ;; architecture-independent data files" should go (see:
+                  ;; (standards) Directory Variables).  Include the version in
+                  ;; the directory name so that if multiple versions are ever
+                  ;; installed in the same profile, they will not conflict.
+                  (destination (string-append
+                                out "/share/public-suffix-list-" ,version))
+                  (source (assoc-ref %build-inputs "source")))
+             (with-directory-excursion source
+             (install-file "public_suffix_list.dat" destination)
+             (install-file "LICENSE" destination))
+             #t))))
+      (home-page "https://publicsuffix.org/")
+      (synopsis "Database of current and historical DNS suffixes")
+      (description "This is the Public Suffix List maintained by Mozilla.  A
+\"public suffix\" is one under which Internet users can (or historically
+could) directly register names in the Domain Name System (DNS).  Some examples
+of public suffixes are .com, .co.uk and pvt.k12.ma.us.  This is a list of all
+known public suffixes.")
+      (license license:mpl2.0))))
-- 
2.20.1

^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [bug#35333] [PATCH 5/6] gnu: Add python-fido2 and python2-fido2.
  2019-04-20  1:07 ` Chris Marusich
                     ` (3 preceding siblings ...)
  2019-04-20  1:07   ` [bug#35333] [PATCH 4/6] gnu: Add public-suffix-list Chris Marusich
@ 2019-04-20  1:07   ` Chris Marusich
  2019-04-20  1:08   ` [bug#35333] [PATCH 6/6] gnu: Add python-yubikey-manager and python2-yubikey-manager Chris Marusich
  2019-04-20  7:32   ` [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies Ricardo Wurmus
  6 siblings, 0 replies; 13+ messages in thread
From: Chris Marusich @ 2019-04-20  1:07 UTC (permalink / raw)
  To: 35333; +Cc: Chris Marusich

* gnu/packages/security-token.scm (python-fido2, python2-fido2): New
variables.
---
 gnu/packages/security-token.scm | 61 +++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)

diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index 26541b3d09..29c424d21d 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -29,6 +29,7 @@
   #:use-module ((guix licenses) #:prefix license:)
   #:use-module (guix packages)
   #:use-module (guix download)
+  #:use-module (guix gexp)
   #:use-module (guix git-download)
   #:use-module (guix build-system gnu)
   #:use-module (guix build-system glib-or-gtk)
@@ -38,6 +39,7 @@
   #:use-module (gnu packages check)
   #:use-module (gnu packages docbook)
   #:use-module (gnu packages documentation)
+  #:use-module (gnu packages dns)
   #:use-module (gnu packages gettext)
   #:use-module (gnu packages graphviz)
   #:use-module (gnu packages gtk)
@@ -53,6 +55,8 @@
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto)
+  #:use-module (gnu packages python-xyz)
   #:use-module (gnu packages swig)
   #:use-module (gnu packages web)
   #:use-module (gnu packages xml))
@@ -449,3 +453,60 @@ talk to a U2F device and perform the U2F Register and U2F Authenticate
 operations.")
     ;; Most files are LGPLv2.1+, but some files are GPLv3+.
     (license (list license:lgpl2.1+ license:gpl3+))))
+
+(define-public python-fido2
+  (package
+    (name "python-fido2")
+    (version "0.5.0")
+    (source (origin
+              (method url-fetch)
+              (uri
+               (string-append
+                "https://github.com/Yubico/python-fido2/releases/download/"
+                version "/fido2-" version ".tar.gz"))
+              (sha256
+               (base32
+                "1pl8d2pr6jzqj4y9qiaddhjgnl92kikjxy0bgzm2jshkzzic8mp3"))
+              (snippet
+               ;; Remove bundled dependency.
+               #~(delete-file "fido2/public_suffix_list.dat"))))
+    (build-system python-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-after 'unpack 'install-public-suffix-list
+           (lambda* (#:key inputs #:allow-other-keys)
+             (copy-file
+              (string-append (assoc-ref inputs "public-suffix-list")
+                             "/share/public-suffix-list-"
+                             ,(package-version public-suffix-list)
+                             "/public_suffix_list.dat")
+              "fido2/public_suffix_list.dat")
+             #t)))))
+    (propagated-inputs
+     `(("python-cryptography" ,python-cryptography)
+       ("python-six" ,python-six)))
+    (native-inputs
+     `(("python-mock" ,python-mock)
+       ("python-pyfakefs" ,python-pyfakefs)
+       ("public-suffix-list" ,public-suffix-list)))
+    (home-page "https://github.com/Yubico/python-fido2")
+    (synopsis "Python library for communicating with FIDO devices over USB")
+    (description
+     "This Python library provides functionality for communicating with a Fast
+IDentity Online (FIDO) device over Universal Serial Bus (USB) as well as
+verifying attestation and assertion signatures.  It aims to support the FIDO
+Universal 2nd Factor (U2F) and FIDO 2.0 protocols for communicating with a USB
+authenticator via the Client-to-Authenticator Protocol (CTAP 1 and 2).  In
+addition to this low-level device access, classes defined in the
+@code{fido2.client} and @code{fido2.server} modules implement higher level
+operations which are useful when interfacing with an Authenticator, or when
+implementing a Relying Party.")
+    ;; python-fido2 contains some derivative files originally from pyu2f
+    ;; (https://github.com/google/pyu2f).  These files are licensed under the
+    ;; Apache License, version 2.0.  The maintainers have customized these
+    ;; files for internal use, so they are not really a bundled dependency.
+    (license (list license:bsd-2 license:asl2.0))))
+
+(define-public python2-fido2
+  (package-with-python2 python-fido2))
-- 
2.20.1

^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [bug#35333] [PATCH 6/6] gnu: Add python-yubikey-manager and python2-yubikey-manager.
  2019-04-20  1:07 ` Chris Marusich
                     ` (4 preceding siblings ...)
  2019-04-20  1:07   ` [bug#35333] [PATCH 5/6] gnu: Add python-fido2 and python2-fido2 Chris Marusich
@ 2019-04-20  1:08   ` Chris Marusich
  2019-04-20  7:32   ` [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies Ricardo Wurmus
  6 siblings, 0 replies; 13+ messages in thread
From: Chris Marusich @ 2019-04-20  1:08 UTC (permalink / raw)
  To: 35333; +Cc: Chris Marusich

* gnu/packages/security-token.scm (python-yubikey-manager)
(python2-yubikey-manager): New variables.
---
 gnu/packages/security-token.scm | 40 +++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index 29c424d21d..95ef7975bd 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -510,3 +510,43 @@ implementing a Relying Party.")
 
 (define-public python2-fido2
   (package-with-python2 python-fido2))
+
+(define-public python-yubikey-manager
+  (package
+    (name "python-yubikey-manager")
+    (version "2.1.0")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append
+                    "https://developers.yubico.com/yubikey-manager/Releases"
+                    "/yubikey-manager-" version ".tar.gz"))
+              (sha256
+               (base32
+                "11rsmcaj60k3y5m5gdhr2nbbz0w5dm3m04klyxz0fh5hnpcmr7fm"))))
+    (build-system python-build-system)
+    (propagated-inputs
+     `(("python-six" ,python-six)
+       ("python-pyscard" ,python-pyscard)
+       ("python-pyusb" ,python-pyusb)
+       ("python-click" ,python-click)
+       ("python-cryptography" ,python-cryptography)
+       ("python-pyopenssl" ,python-pyopenssl)
+       ("python-fido2" ,python-fido2)))
+    (inputs
+     `(("yubikey-personalization" ,yubikey-personalization)
+       ("pcsc-lite" ,pcsc-lite)
+       ("libusb" ,libusb)))
+    (native-inputs
+     `(("swig" ,swig)
+       ("python-mock" ,python-mock)))
+    (home-page "https://developers.yubico.com/yubikey-manager/")
+    (synopsis "Command line tool and library for configuring a YubiKey")
+    (description
+     "Python library and command line tool for configuring a YubiKey.  Note
+that after installing this package, you might still need to add appropriate
+udev rules to your system configuration to be able to configure the YubiKey as
+an unprivileged user.")
+    (license license:bsd-2)))
+
+(define-public python2-yubikey-manager
+  (package-with-python2 python-yubikey-manager))
-- 
2.20.1

^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [bug#35333] [PATCH 1/6] gnu: Add python-pyfakefs and python2-pyfakefs.
  2019-04-20  1:07   ` [bug#35333] [PATCH 1/6] gnu: Add python-pyfakefs and python2-pyfakefs Chris Marusich
@ 2019-04-20  1:41     ` Chris Marusich
  2019-04-20  2:25       ` Chris Marusich
  0 siblings, 1 reply; 13+ messages in thread
From: Chris Marusich @ 2019-04-20  1:41 UTC (permalink / raw)
  To: 35333


[-- Attachment #1.1: Type: text/plain, Size: 937 bytes --]

Chris Marusich <cmmarusich@gmail.com> writes:

> +              ;; Guix lint doesn't like that this release is an autogenerated
> +              ;; archive, but it seems those are the only releases available.
> +              (uri (pypi-uri "pyfakefs" version))

This comment is stale.  I've updated it in the attached patch.

> diff --git a/gnu/packages/patches/python-pyfakefs-remove-bad-test.patch b/gnu/packages/patches/python-pyfakefs-remove-bad-test.patch
> [...]
> +Note that because the original file distributed in the release on PyPi
> +has lines ending in CRLF, those are retained in the diff below.

For some reason, the CRLFs became LFs in the patch email, so the build
fails.  That's curious, because the output of git-format-patch
definitely included them.

I've attached the updated patch to this email using Gnus instead of
git-send-email.  Hopefully it will retain the CRLFs this time.

-- 
Chris

[-- Attachment #1.2: 0001-gnu-Add-python-pyfakefs-and-python2-pyfakefs.patch --]
[-- Type: text/x-patch, Size: 5836 bytes --]

From f2091091a90fc25d21e0191df88cf10c6e9890dd Mon Sep 17 00:00:00 2001
From: Chris Marusich <cmmarusich@gmail.com>
Date: Thu, 18 Apr 2019 00:40:21 -0700
Subject: [PATCH] gnu: Add python-pyfakefs and python2-pyfakefs.

* gnu/packages/patches/python-pyfakefs-remove-bad-test.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add the patch.
* gnu/packages/check.scm (python-pyfakefs, python2-pyfakefs): New
  variables.
---
 gnu/local.mk                                  |  1 +
 gnu/packages/check.scm                        | 50 +++++++++++++++++++
 .../python-pyfakefs-remove-bad-test.patch     | 23 +++++++++
 3 files changed, 74 insertions(+)
 create mode 100644 gnu/packages/patches/python-pyfakefs-remove-bad-test.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 41924a7de5..3953e5b789 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1201,6 +1201,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/python2-larch-coverage-4.0a6-compatibility.patch \
   %D%/packages/patches/python-configobj-setuptools.patch	\
   %D%/packages/patches/python-faker-fix-build-32bit.patch	\
+  %D%/packages/patches/python-pyfakefs-remove-bad-test.patch	\
   %D%/packages/patches/python-flint-includes.patch		\
   %D%/packages/patches/python-mox3-python3.6-compat.patch	\
   %D%/packages/patches/python-testtools.patch			\
diff --git a/gnu/packages/check.scm b/gnu/packages/check.scm
index a38abf0b5b..0be1102683 100644
--- a/gnu/packages/check.scm
+++ b/gnu/packages/check.scm
@@ -29,6 +29,7 @@
 ;;; Copyright © 2017, 2018 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2018 Fis Trivial <ybbs.daans@hotmail.com>
 ;;; Copyright © 2019 Pierre Langlois <pierre.langlois@gmx.com>
+;;; Copyright © 2019 Chris Marusich <cmmarusich@gmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -2262,3 +2263,52 @@ record the properties and behaviour of particular devices, and to run a
 program or test suite under a test bed with the previously recorded devices
 loaded.")
     (license license:lgpl2.1+)))
+
+(define-public python-pyfakefs
+  (package
+    (name "python-pyfakefs")
+    (version "3.5.8")
+    (source (origin
+              (method url-fetch)
+              ;; We use the PyPI URL because there is no proper release
+              ;; available from GitHub.  The GitHub project only provides
+              ;; autogenerated tarballs, which are known to change in place.
+              (uri (pypi-uri "pyfakefs" version))
+              (sha256
+               (base32
+                "0qb9jp0bqhc0dv0rn805fv99029fvx135f3bvka6scfkcl6jgllc"))
+              (patches (search-patches
+                        "python-pyfakefs-remove-bad-test.patch"))
+              (file-name (string-append name "-" version ".tar.gz"))))
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         ;; The default test suite does not run these extra tests.
+         (add-after 'check 'check-pytest-plugin
+           (lambda _
+             (invoke
+              "python" "-m" "pytest"
+              "pyfakefs/pytest_tests/pytest_plugin_test.py")
+             #t)))))
+    (native-inputs
+     `(("python-pytest" ,python-pytest)))
+    (build-system python-build-system)
+    ;; Guix lint doesn't like that this is a permanent redirect to the GitHub
+    ;; page, but the pyfakefs documentation asks us to use this specific URL
+    ;; when linking to the project.  Honor their request.
+    (home-page "http://pyfakefs.org/")
+    ;; TRANSLATORS: In the synopsis, "Mock" is a verb.
+    (synopsis "Mock file system interactions in tests")
+    (description
+     "This package provides a Python library intended for use in automated
+tests.  One difficulty when testing software is that the code under test might
+need to read or write to files in the local file system.  If the file system
+is not set up in just the right way, it might cause a spurious error during
+the test.  The pyfakefs library provides a solution to problems like this by
+mocking file system interactions.  In other words, it arranges for the code
+under test to interact with a fake file system instead of the real file
+system.  The code under test requires no modification to work with pyfakefs.")
+    (license license:asl2.0)))
+
+(define-public python2-pyfakefs
+  (package-with-python2 python-pyfakefs))
diff --git a/gnu/packages/patches/python-pyfakefs-remove-bad-test.patch b/gnu/packages/patches/python-pyfakefs-remove-bad-test.patch
new file mode 100644
index 0000000000..a9488bbe43
--- /dev/null
+++ b/gnu/packages/patches/python-pyfakefs-remove-bad-test.patch
@@ -0,0 +1,23 @@
+This test incorrectly assumes that the root user is always available.
+However, in the build environment, the root user is not available.
+Note that because the original file distributed in the release on PyPi
+has lines ending in CRLF, those are retained in the diff below.
+
+--- a/pyfakefs/tests/fake_filesystem_test.py	1969-12-31 16:00:00.000000000 -0800
++++ b/pyfakefs/tests/fake_filesystem_test.py	1969-12-31 16:00:00.000000000 -0800
+@@ -1021,15 +1021,6 @@
+             self.assertEqual(self.path.expanduser('~'),
+                              self.os.environ['HOME'].replace('/', '!'))
+ 
+-    @unittest.skipIf(TestCase.is_windows or TestCase.is_cygwin,
+-                     'only tested on unix systems')
+-    def test_expand_root(self):
+-        if sys.platform == 'darwin':
+-            roothome = '!var!root'
+-        else:
+-            roothome = '!root'
+-        self.assertEqual(self.path.expanduser('~root'), roothome)
+-
+     def test_getsize_path_nonexistent(self):
+         file_path = 'foo!bar!baz'
+         self.assertRaises(os.error, self.path.getsize, file_path)
-- 
2.20.1


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [bug#35333] [PATCH 1/6] gnu: Add python-pyfakefs and python2-pyfakefs.
  2019-04-20  1:41     ` Chris Marusich
@ 2019-04-20  2:25       ` Chris Marusich
  0 siblings, 0 replies; 13+ messages in thread
From: Chris Marusich @ 2019-04-20  2:25 UTC (permalink / raw)
  To: 35333

[-- Attachment #1: Type: text/plain, Size: 386 bytes --]

Chris Marusich <cmmarusich@gmail.com> writes:

> I've attached the updated patch to this email using Gnus instead of
> git-send-email.  Hopefully it will retain the CRLFs this time.

This worked.  The CRLFs are now correctly retained in the .patch file.
However, to properly apply it to the Git repository, you need to invoke
"git am" with the "--keep-cr" option.

-- 
Chris

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies
  2019-04-20  1:07 ` Chris Marusich
                     ` (5 preceding siblings ...)
  2019-04-20  1:08   ` [bug#35333] [PATCH 6/6] gnu: Add python-yubikey-manager and python2-yubikey-manager Chris Marusich
@ 2019-04-20  7:32   ` Ricardo Wurmus
  2019-04-25  4:14     ` bug#35333: " Chris Marusich
  6 siblings, 1 reply; 13+ messages in thread
From: Ricardo Wurmus @ 2019-04-20  7:32 UTC (permalink / raw)
  To: Chris Marusich; +Cc: 35333


Hi Chris,

> I then manually filled in the body and the following headers:
>
>   From: Chris Marusich <cmmarusich@gmail.com>
>   Subject: Re: [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies

I don’t think this is necessary.

>   In-Reply-To: <20190420003814.5120-1-cmmarusich@gmail.com>

You can use “--in-reply-to” from the command line instead.

-- 
Ricardo

^ permalink raw reply	[flat|nested] 13+ messages in thread

* [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies
  2019-04-20  0:38 [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies Chris Marusich
  2019-04-20  1:07 ` Chris Marusich
@ 2019-04-24 19:24 ` Danny Milosavljevic
  1 sibling, 0 replies; 13+ messages in thread
From: Danny Milosavljevic @ 2019-04-24 19:24 UTC (permalink / raw)
  To: Chris Marusich; +Cc: 35333

[-- Attachment #1: Type: text/plain, Size: 31 bytes --]

Hi Chris,

the series LGTM!

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply	[flat|nested] 13+ messages in thread

* bug#35333: [PATCH 0/6] Add Yubikey Manager and Its Dependencies
  2019-04-20  7:32   ` [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies Ricardo Wurmus
@ 2019-04-25  4:14     ` Chris Marusich
  0 siblings, 0 replies; 13+ messages in thread
From: Chris Marusich @ 2019-04-25  4:14 UTC (permalink / raw)
  To: Ricardo Wurmus; +Cc: 35333-close, Chris Marusich

[-- Attachment #1: Type: text/plain, Size: 679 bytes --]

Hi Ricardo and Danny,

Thank you for your time!

Ricardo Wurmus <rekado@elephly.net> writes:

>> I then manually filled in the body and the following headers:
>>
>>   From: Chris Marusich <cmmarusich@gmail.com>
>>   Subject: Re: [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies
>
> I don’t think this is necessary.
>
>>   In-Reply-To: <20190420003814.5120-1-cmmarusich@gmail.com>
>
> You can use “--in-reply-to” from the command line instead.

Thank you for the tip!

Danny Milosavljevic <dannym@scratchpost.org> writes:

> the series LGTM!

I've committed this as 4728806185a0d85155ea4db795d1643a8c849d65.

Closing!

-- 
Chris

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

^ permalink raw reply	[flat|nested] 13+ messages in thread

end of thread, other threads:[~2019-04-25  4:16 UTC | newest]

Thread overview: 13+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-04-20  0:38 [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies Chris Marusich
2019-04-20  1:07 ` Chris Marusich
2019-04-20  1:07   ` [bug#35333] [PATCH 1/6] gnu: Add python-pyfakefs and python2-pyfakefs Chris Marusich
2019-04-20  1:41     ` Chris Marusich
2019-04-20  2:25       ` Chris Marusich
2019-04-20  1:07   ` [bug#35333] [PATCH 2/6] gnu: Add python-pyscard and python2-pyscard Chris Marusich
2019-04-20  1:07   ` [bug#35333] [PATCH 3/6] gnu: Add libu2f-host Chris Marusich
2019-04-20  1:07   ` [bug#35333] [PATCH 4/6] gnu: Add public-suffix-list Chris Marusich
2019-04-20  1:07   ` [bug#35333] [PATCH 5/6] gnu: Add python-fido2 and python2-fido2 Chris Marusich
2019-04-20  1:08   ` [bug#35333] [PATCH 6/6] gnu: Add python-yubikey-manager and python2-yubikey-manager Chris Marusich
2019-04-20  7:32   ` [bug#35333] [PATCH 0/6] Add Yubikey Manager and Its Dependencies Ricardo Wurmus
2019-04-25  4:14     ` bug#35333: " Chris Marusich
2019-04-24 19:24 ` [bug#35333] " Danny Milosavljevic

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).