summaryrefslogtreecommitdiff
path: root/gnu/packages/vpn.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/vpn.scm')
-rw-r--r--gnu/packages/vpn.scm128
1 files changed, 128 insertions, 0 deletions
diff --git a/gnu/packages/vpn.scm b/gnu/packages/vpn.scm
index a952e3f0db..ca185347ca 100644
--- a/gnu/packages/vpn.scm
+++ b/gnu/packages/vpn.scm
@@ -15,6 +15,7 @@
;;; Copyright © 2020 Ryan Prior <rprior@protonmail.com>
;;; Copyright © 2020 Ivan Kozlov <kanichos@yandex.ru>
;;; Copyright © 2020 David Dashyan <mail@davie.li>
+;;; Copyright © 2021 Domagoj Stolfa <ds815@gmx.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -93,6 +94,133 @@ by creating encrypted host-to-host tunnels between multiple
endpoints.")
(license license:gpl3+)))
+(define-public strongswan
+ (package
+ (name "strongswan")
+ (version "5.9.2")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://download.strongswan.org/strongswan-"
+ version ".tar.bz2"))
+ (sha256
+ (base32 "0qxhbash2nyh5k2h9zcysgwv61512w1wxk5plyai4b6v3rs2ziv1"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (add-before 'build 'patch-command-file-names
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "src/libstrongswan/utils/process.c"
+ (("/bin/sh")
+ (string-append (assoc-ref inputs "bash") "/bin/sh")))
+
+ (substitute* "src/libstrongswan/tests/suites/test_process.c"
+ (("/bin/sh") (which "sh"))
+ (("/bin/echo") (which "echo"))
+ (("cat") (which "cat")))
+ #t))
+ (add-before 'check 'set-up-test-environment
+ (lambda* (#:key inputs #:allow-other-keys)
+ (setenv "TZDIR" (string-append (assoc-ref inputs "tzdata")
+ "/share/zoneinfo"))
+ #t)))
+ #:configure-flags
+ (list
+ "--disable-ldap"
+ "--disable-mysql"
+ "--disable-systemd"
+
+ ;; Disable BSD-4 licensed plugins.
+ "--disable-blowfish"
+ "--disable-des"
+
+ ;; Make it usable. The default configuration is far too minimal to be
+ ;; used with most common VPN set-ups.
+ ;; See <https://wiki.strongswan.org/projects/strongswan/wiki/Autoconf>.
+ "--enable-aesni"
+ "--enable-attr-sql"
+ "--enable-chapoly"
+ "--enable-curl"
+ "--enable-dhcp"
+ "--enable-eap-aka"
+ "--enable-eap-aka-3gpp"
+ "--enable-eap-dynamic"
+ "--enable-eap-identity"
+ "--enable-eap-md5"
+ "--enable-eap-mschapv2"
+ "--enable-eap-peap"
+ "--enable-eap-radius"
+ "--enable-eap-sim"
+ "--enable-eap-sim-file"
+ "--enable-eap-simaka-pseudonym"
+ "--enable-eap-simaka-reauth"
+ "--enable-eap-simaka-sql"
+ "--enable-eap-tls"
+ "--enable-eap-tnc"
+ "--enable-eap-ttls"
+ "--enable-ext-auth"
+ "--enable-farp"
+ "--enable-ha"
+ "--enable-led"
+ "--enable-md4"
+ "--enable-mediation"
+ "--enable-openssl"
+ "--enable-soup"
+ "--enable-sql"
+ "--enable-sqlite"
+ "--enable-xauth-eap"
+ "--enable-xauth-noauth"
+ "--enable-xauth-pam"
+
+ ;; Use libcap by default.
+ "--with-capabilities=libcap")))
+ (inputs
+ `(("curl" ,curl)
+ ("gmp" ,gmp)
+ ("libcap" ,libcap)
+ ("libgcrypt" ,libgcrypt)
+ ("libsoup" ,libsoup)
+ ("linux-pam" ,linux-pam)
+ ("openssl" ,openssl)))
+ (native-inputs
+ `(("coreutils" ,coreutils)
+ ("pkg-config" ,pkg-config)
+ ("tzdata" ,tzdata-for-tests)))
+ (synopsis "IKEv1/v2 keying daemon")
+ (description "StrongSwan is an IPsec implementation originally based upon
+the FreeS/WAN project. It contains support for IKEv1, IKEv2, MOBIKE, IPv6,
+NAT-T and more.")
+ (home-page "https://strongswan.org/")
+ (license
+ (list license:gpl2+
+ ;; src/aikgen/*
+ ;; src/libcharon/plugins/dnscert/*
+ ;; src/libcharon/plugins/ext_auth/*
+ ;; src/libcharon/plugins/vici/ruby/*
+ ;; src/libcharon/plugins/xauth_pam/xauth_pam_listener.[ch]
+ license:expat
+ ;; src/inclue/sys/*
+ license:bsd-3
+ ;; src/libstrongswan/plugins/sha3/sha3_keccak.c
+ license:public-domain
+ ;; src/libstrongswan/plugins/pkcs11/pkcs11.h
+ (license:non-copyleft
+ "file://src/libstrongswan/plugins/pkcs11/pkcs11.h"
+ "pkcs11 contains a unknown permissive license. View the specific
+file for more details.")
+ ;; These files are not included in the
+ ;; build, they are disabled through
+ ;; options to ./configure
+ ;;
+ ;; src/libstrongswan/plugins/blowfish/bf_enc.c
+ ;; src/libstrongswan/plugins/blowfish/bf_locl.h
+ ;; src/libstrongswan/plugins/blowfish/bf_pi.h
+ ;; src/libstrongswan/plugins/blowfish/bf_skey.c
+ ;; src/libstrongswan/plugins/blowfish/blowfish_crypter.c
+ ;; src/libstrongswan/plugins/des/des_crypter.c
+ license:bsd-4))))
+
(define-public vpnc
(package
(name "vpnc")