gnu: Remove lsh.

* gnu/packages/ssh.scm (lsh): Delete and redefine as deprecated and
replaced by openssh.
* gnu/packages/patches/lsh-fix-x11-forwarding.patch: Remove file.
* gnu/packages/ssh.scm (dist_patch_DATA): Unregister file.
* tests/guix-gc.sh: Use hello instead of lsh.

Change-Id: Ic2a31dc79a777f9b6569e220620ecfc14fb75722

gnu/local.mk

@@ -1808,7 +1808,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/lirc-reproducible-build.patch		\
   %D%/packages/patches/llvm-13-gcc-14.patch			\
   %D%/packages/patches/lm-sensors-hwmon-attrs.patch		\
-  %D%/packages/patches/lsh-fix-x11-forwarding.patch		\
   %D%/packages/patches/lsof-compat-linux-6.9.patch		\
   %D%/packages/patches/lsof-fatal-test-failures.patch		\
   %D%/packages/patches/lua-CVE-2014-5461.patch                      \

gnu/packages/patches/lsh-fix-x11-forwarding.patch

@@ -1,20 +0,0 @@
---- a/src/server_x11.c	2016-08-01 11:58:54.714647794 +0200
-+++ b/src/server_x11.c	2016-08-01 11:58:46.606563478 +0200
-@@ -151,7 +151,7 @@ DEFINE_COMMAND(open_forwarded_x11)
- #define X11_MIN_DISPLAY 10
- #define X11_MAX_DISPLAY 1000
- 
--/* FIXME: Create the /tmp/.X11-unix directory, if needed. Figure out
-+/* FIXME: Figure out
-  * if and how we should use /tmp/.X17-lock. Consider using display
-  * "unix:17" instead of just ":17".
-  */
-@@ -253,6 +253,7 @@ open_x11_socket(struct ssh_channel *chan
- 
-   old_umask = umask(0077);
-   
-+  mkdir(X11_SOCKET_DIR, S_IRWXU | S_IRWXG | S_IRWXO | S_ISVTX);
-   old_cd = lsh_pushd(X11_SOCKET_DIR, &dir, 0, 0);
-   if (old_cd < 0)
-     {
-

gnu/packages/ssh.scm

@@ -335,6 +335,9 @@ Additionally, various channel-specific options can be negotiated.")
     '((release-monitoring-url . "https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/")))
    (home-page "https://www.openssh.com/")))
 
+;; Deprecation added on 2025-11-18.
+(define-deprecated-package lsh openssh)
+
 ;; OpenSSH without X support. This allows using OpenSSH without dragging X
 ;; libraries to the closure.
 (define-public openssh-sans-x
@@ -681,130 +684,6 @@ mechanisms for almost all external communication, liboop can be used as the
 basis for almost any application.")
     (license license:lgpl2.1+)))
 
-(define-public lsh
-  (package
-    (name "lsh")
-    (version "2.1")
-    (source (origin
-              (method url-fetch)
-              (uri (string-append "mirror://gnu/lsh/lsh-"
-                                  version ".tar.gz"))
-              (sha256
-               (base32
-                "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
-              (modules '((guix build utils)))
-              (snippet
-               '(begin
-                  (substitute* "src/testsuite/functions.sh"
-                    (("localhost")
-                     ;; Avoid host name lookups since they don't work in
-                     ;; chroot builds.
-                     "127.0.0.1")
-                    (("set -e")
-                     ;; Make tests more verbose.
-                     "set -e\nset -x"))
-
-                  (substitute* (find-files "src/testsuite" "-test$")
-                    (("localhost") "127.0.0.1"))
-
-                  (substitute* "src/testsuite/login-auth-test"
-                    (("/bin/cat") "cat"))))
-              (patches (search-patches "lsh-fix-x11-forwarding.patch"))))
-    (build-system gnu-build-system)
-    (native-inputs
-     (list autoconf
-           automake
-           m4
-           guile-2.0
-           gperf
-           psmisc))                       ; for `killall'
-    (inputs
-     (list nettle-2
-           linux-pam
-           ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
-           ;; Readline 6.3.
-           readline-6.2
-           liboop
-           zlib
-           gmp
-           ;; The server (lshd) invokes xauth when X11 forwarding is requested.
-           ;; This adds 24 MiB (or 27%) to the closure of lsh.
-           xauth
-           libxau                       ;also required for x11-forwarding
-           libxcrypt))
-    (arguments
-     '(;; Skip the `configure' test that checks whether /dev/ptmx &
-       ;; co. work as expected, because it relies on impurities (for
-       ;; instance, /dev/pts may be unavailable in chroots.)
-       #:configure-flags '("lsh_cv_sys_unix98_ptys=yes"
-
-                           ;; Use glibc's argp rather than the bundled one.
-                           "--with-system-argp"
-
-                           ;; 'lsh_argp.h' checks HAVE_ARGP_PARSE but nothing
-                           ;; defines it.
-                           "CPPFLAGS=-DHAVE_ARGP_PARSE"
-
-                           ;; Fix the build of lsh@2.1 with GCC 10.
-                           "CFLAGS=-O2 -g -fcommon")
-       #:phases
-       (modify-phases %standard-phases
-         (add-after 'unpack 'disable-failing-tests
-           (lambda _
-             ;; FIXME: Most tests won't run in a chroot, presumably because
-             ;; /etc/profile is missing, and thus clients get an empty $PATH
-             ;; and nothing works.  Run only the subset that passes.
-             (delete-file "configure")  ;force rebootstrap
-             (substitute* "src/testsuite/Makefile.am"
-               (("seed-test \\\\")        ;prevent trailing slash
-                "seed-test")
-               (("^\t(lsh|daemon|tcpip|socks|lshg|lcp|rapid7|lshd).*test.*")
-                ""))))
-         (add-before 'configure 'pre-configure
-           (lambda* (#:key inputs #:allow-other-keys)
-             (let* ((nettle    (assoc-ref inputs "nettle"))
-                    (sexp-conv (string-append nettle "/bin/sexp-conv")))
-               ;; Remove argp from the list of sub-directories; we don't want
-               ;; to build it, really.
-               (substitute* "src/Makefile.in"
-                 (("^SUBDIRS = argp")
-                  "SUBDIRS ="))
-
-               ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
-               ;; by default.
-               (substitute* "src/environ.h.in"
-                 (("^#define PATH_SEXP_CONV.*")
-                  (string-append "#define PATH_SEXP_CONV \""
-                                 sexp-conv "\"\n")))
-
-               ;; Same for the 'lsh-authorize' script.
-               (substitute* "src/lsh-authorize"
-                 (("=sexp-conv")
-                  (string-append "=" sexp-conv)))
-
-               ;; Tell lshd where 'xauth' lives.  Another option would be to
-               ;; hardcode "/run/current-system/profile/bin/xauth", thereby
-               ;; reducing the closure size, but that wouldn't work on foreign
-               ;; distros.
-               (with-fluids ((%default-port-encoding "ISO-8859-1"))
-                 (substitute* "src/server_x11.c"
-                   (("define XAUTH_PROGRAM.*")
-                    (string-append "define XAUTH_PROGRAM \""
-                                   (assoc-ref inputs "xauth")
-                                   "/bin/xauth\"\n")))))
-
-             ;; Tests rely on $USER being set.
-             (setenv "USER" "guix"))))))
-    (home-page "https://www.lysator.liu.se/~nisse/lsh/")
-    (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
-    (description
-     "GNU lsh is a free implementation of the SSH version 2 protocol.  It is
-used to create a secure line of communication between two computers,
-providing shell access to the server system from the client.  It provides
-both the server daemon and the client application, as well as tools for
-manipulating key files.")
-    (license license:gpl2+)))
-
 (define-public sshpass
   (package
     (name "sshpass")

tests/guix-gc.sh

@@ -65,7 +65,7 @@ guix gc --delete "$drv"
 test ! -f "$drv"
 
 # Add a .drv, register it as a root.
-drv="`guix build --root=guix-gc-root lsh -d`"
+drv="`guix build --root=guix-gc-root hello -d`"
 test -f "$drv" && test -L guix-gc-root
 
 guix gc --list-roots | grep "$PWD/guix-gc-root"