diff options
Diffstat (limited to 'gnu/packages/vpn.scm')
-rw-r--r-- | gnu/packages/vpn.scm | 128 |
1 files changed, 128 insertions, 0 deletions
diff --git a/gnu/packages/vpn.scm b/gnu/packages/vpn.scm index a952e3f0db..ca185347ca 100644 --- a/gnu/packages/vpn.scm +++ b/gnu/packages/vpn.scm @@ -15,6 +15,7 @@ ;;; Copyright © 2020 Ryan Prior <rprior@protonmail.com> ;;; Copyright © 2020 Ivan Kozlov <kanichos@yandex.ru> ;;; Copyright © 2020 David Dashyan <mail@davie.li> +;;; Copyright © 2021 Domagoj Stolfa <ds815@gmx.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -93,6 +94,133 @@ by creating encrypted host-to-host tunnels between multiple endpoints.") (license license:gpl3+))) +(define-public strongswan + (package + (name "strongswan") + (version "5.9.2") + (source + (origin + (method url-fetch) + (uri (string-append "https://download.strongswan.org/strongswan-" + version ".tar.bz2")) + (sha256 + (base32 "0qxhbash2nyh5k2h9zcysgwv61512w1wxk5plyai4b6v3rs2ziv1")))) + (build-system gnu-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-before 'build 'patch-command-file-names + (lambda* (#:key inputs #:allow-other-keys) + (substitute* "src/libstrongswan/utils/process.c" + (("/bin/sh") + (string-append (assoc-ref inputs "bash") "/bin/sh"))) + + (substitute* "src/libstrongswan/tests/suites/test_process.c" + (("/bin/sh") (which "sh")) + (("/bin/echo") (which "echo")) + (("cat") (which "cat"))) + #t)) + (add-before 'check 'set-up-test-environment + (lambda* (#:key inputs #:allow-other-keys) + (setenv "TZDIR" (string-append (assoc-ref inputs "tzdata") + "/share/zoneinfo")) + #t))) + #:configure-flags + (list + "--disable-ldap" + "--disable-mysql" + "--disable-systemd" + + ;; Disable BSD-4 licensed plugins. + "--disable-blowfish" + "--disable-des" + + ;; Make it usable. The default configuration is far too minimal to be + ;; used with most common VPN set-ups. + ;; See <https://wiki.strongswan.org/projects/strongswan/wiki/Autoconf>. + "--enable-aesni" + "--enable-attr-sql" + "--enable-chapoly" + "--enable-curl" + "--enable-dhcp" + "--enable-eap-aka" + "--enable-eap-aka-3gpp" + "--enable-eap-dynamic" + "--enable-eap-identity" + "--enable-eap-md5" + "--enable-eap-mschapv2" + "--enable-eap-peap" + "--enable-eap-radius" + "--enable-eap-sim" + "--enable-eap-sim-file" + "--enable-eap-simaka-pseudonym" + "--enable-eap-simaka-reauth" + "--enable-eap-simaka-sql" + "--enable-eap-tls" + "--enable-eap-tnc" + "--enable-eap-ttls" + "--enable-ext-auth" + "--enable-farp" + "--enable-ha" + "--enable-led" + "--enable-md4" + "--enable-mediation" + "--enable-openssl" + "--enable-soup" + "--enable-sql" + "--enable-sqlite" + "--enable-xauth-eap" + "--enable-xauth-noauth" + "--enable-xauth-pam" + + ;; Use libcap by default. + "--with-capabilities=libcap"))) + (inputs + `(("curl" ,curl) + ("gmp" ,gmp) + ("libcap" ,libcap) + ("libgcrypt" ,libgcrypt) + ("libsoup" ,libsoup) + ("linux-pam" ,linux-pam) + ("openssl" ,openssl))) + (native-inputs + `(("coreutils" ,coreutils) + ("pkg-config" ,pkg-config) + ("tzdata" ,tzdata-for-tests))) + (synopsis "IKEv1/v2 keying daemon") + (description "StrongSwan is an IPsec implementation originally based upon +the FreeS/WAN project. It contains support for IKEv1, IKEv2, MOBIKE, IPv6, +NAT-T and more.") + (home-page "https://strongswan.org/") + (license + (list license:gpl2+ + ;; src/aikgen/* + ;; src/libcharon/plugins/dnscert/* + ;; src/libcharon/plugins/ext_auth/* + ;; src/libcharon/plugins/vici/ruby/* + ;; src/libcharon/plugins/xauth_pam/xauth_pam_listener.[ch] + license:expat + ;; src/inclue/sys/* + license:bsd-3 + ;; src/libstrongswan/plugins/sha3/sha3_keccak.c + license:public-domain + ;; src/libstrongswan/plugins/pkcs11/pkcs11.h + (license:non-copyleft + "file://src/libstrongswan/plugins/pkcs11/pkcs11.h" + "pkcs11 contains a unknown permissive license. View the specific +file for more details.") + ;; These files are not included in the + ;; build, they are disabled through + ;; options to ./configure + ;; + ;; src/libstrongswan/plugins/blowfish/bf_enc.c + ;; src/libstrongswan/plugins/blowfish/bf_locl.h + ;; src/libstrongswan/plugins/blowfish/bf_pi.h + ;; src/libstrongswan/plugins/blowfish/bf_skey.c + ;; src/libstrongswan/plugins/blowfish/blowfish_crypter.c + ;; src/libstrongswan/plugins/des/des_crypter.c + license:bsd-4)))) + (define-public vpnc (package (name "vpnc") |