From 3ee3c92ea4bd166f9dc295b7197ebb62b6781356 Mon Sep 17 00:00:00 2001
From: Aaron Bieber <aaron@bolddaemon.com>
Date: Thu, 18 Jul 2024 11:17:13 -0600
Subject: [PATCH] pkgs/openssh: more simplification

- re-enable all the tests
- always build with fido and no openssl
---
 flake.nix        |  1 +
 pkgs/openssh.nix | 32 +++++---------------------------
 2 files changed, 6 insertions(+), 27 deletions(-)

diff --git a/flake.nix b/flake.nix
index 0d79e0e..881dc7d 100644
--- a/flake.nix
+++ b/flake.nix
@@ -348,6 +348,7 @@
           inherit (spkgs) matrix-synapse;
 
           xin = upkgs.callPackage ./bins/xin { inherit upkgs; };
+          openssh = upkgs.callPackage ./pkgs/openssh.nix { inherit upkgs; };
         });
 
       templates = {
diff --git a/pkgs/openssh.nix b/pkgs/openssh.nix
index c5f478e..06c7e05 100644
--- a/pkgs/openssh.nix
+++ b/pkgs/openssh.nix
@@ -1,5 +1,4 @@
 { autoreconfHook
-, config
 , etcDir ? "/etc/ssh"
 , fetchFromGitHub
 , hostname
@@ -8,24 +7,14 @@
 , libfido2
 , libredirect
 , libressl
-, pam
 , pkg-config
 , stdenv
-, withFIDO ? stdenv.hostPlatform.isUnix
-, withPAM ? false
 , zlib
-, xinlib
 , ...
 }:
 let
   inherit (builtins) readFile fromJSON;
-  inherit (xinlib) todo;
   verStr = fromJSON (readFile ./openssh/version.json);
-  hostStr = lib.strings.concatStrings [
-    "CI configured on '"
-    config.networking.hostName
-    "': running OpenSSH tests"
-  ];
 in
 stdenv.mkDerivation {
   pname = "openssh";
@@ -37,13 +26,6 @@ stdenv.mkDerivation {
     repo = "openssh-portable";
   };
 
-  doCheck =
-    if config.xinCI.enable
-    then
-      (lib.warn hostStr true)
-    else
-      true;
-
   patches =
     [
       ./openssh/locale_archive.patch
@@ -64,10 +46,8 @@ stdenv.mkDerivation {
   nativeBuildInputs =
     [ autoreconfHook pkg-config ];
   buildInputs =
-    [ zlib libressl libedit ]
-    ++ lib.optional withFIDO libfido2
-    ++ lib.optional withPAM pam;
-
+    [ zlib libedit libfido2 ];
+  
   preConfigure = ''
     # Setting LD causes `configure' and `make' to disagree about which linker
     # to use: `configure' wants `gcc', but `make' wants `ld'.
@@ -85,11 +65,9 @@ stdenv.mkDerivation {
       "--with-libedit=yes"
       "--disable-strip"
       "--disable-dsa-keys"
-      "--without-openssl"
-      (lib.withFeature withPAM "pam")
+      "--with-security-key-builtin=yes"
     ]
     ++ lib.optional (etcDir != null) "--sysconfdir=${etcDir}"
-    ++ lib.optional withFIDO "--with-security-key-builtin=yes"
     ++ lib.optional stdenv.isDarwin "--disable-libutil";
 
   ${
@@ -152,11 +130,11 @@ stdenv.mkDerivation {
     set -a; source ~/.ssh/environment.base; set +a
   '';
 
-  checkTarget = todo "t-exec test disabled in openssh" [ "unit" "file-tests" "interop-tests" ];
+  checkTarget = [ "t-exec" "unit" "file-tests" "interop-tests" ];
 
   installTargets = [ "install-nokeys" ];
   installFlags = [
-    "sysconfdir=\${out}/etc/ssh"
+    "sysconfdir=\${out}${etcDir}"
   ];
 
   meta = with lib; {