Commit | Line | Data |
---|---|---|
49f24f41 AE |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2013 Andreas Enge <andreas@enge.fr> | |
b6bee63b | 3 | ;;; Copyright © 2013, 2016, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org> |
d4bf49b1 | 4 | ;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org> |
feca8e2b | 5 | ;;; Copyright © 2015 Jeff Mickey <j@codemac.net> |
80005d03 | 6 | ;;; Copyright © 2016, 2017, 2019, 2021 Efraim Flashner <efraim@flashner.co.il> |
c3e6fcde | 7 | ;;; Copyright © 2016–2021 Tobias Geerinckx-Rice <me@tobias.gr> |
fa3346b8 | 8 | ;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu> |
fc4338b8 | 9 | ;;; Copyright © 2018, 2020 Pierre Langlois <pierre.langlois@gmx.com> |
7ba2b274 | 10 | ;;; Copyright © 2018 Meiyo Peng <meiyo.peng@gmail.com> |
c1005113 | 11 | ;;; Copyright © 2019, 2020 Leo Famulari <leo@famulari.name> |
9fd6ad3e | 12 | ;;; Copyright © 2019 Rutger Helling <rhelling@mykolab.com> |
b47e083b | 13 | ;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net> |
3b177a6c | 14 | ;;; Copyright © 2020 Brice Waegeneire <brice@waegenei.re> |
c873980d | 15 | ;;; Copyright © 2020 Ryan Prior <rprior@protonmail.com> |
8331e235 | 16 | ;;; Copyright © 2020 Ivan Kozlov <kanichos@yandex.ru> |
18918ebe | 17 | ;;; Copyright © 2020 David Dashyan <mail@davie.li> |
c85ed0e7 | 18 | ;;; Copyright © 2021 Domagoj Stolfa <ds815@gmx.com> |
49f24f41 AE |
19 | ;;; |
20 | ;;; This file is part of GNU Guix. | |
21 | ;;; | |
22 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
23 | ;;; under the terms of the GNU General Public License as published by | |
24 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
25 | ;;; your option) any later version. | |
26 | ;;; | |
27 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
28 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
29 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
30 | ;;; GNU General Public License for more details. | |
31 | ;;; | |
32 | ;;; You should have received a copy of the GNU General Public License | |
33 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
34 | ||
35 | (define-module (gnu packages vpn) | |
b5b73a82 | 36 | #:use-module ((guix licenses) #:prefix license:) |
49f24f41 AE |
37 | #:use-module (guix packages) |
38 | #:use-module (guix download) | |
06d91fd9 | 39 | #:use-module (guix git-download) |
7ba2b274 | 40 | #:use-module (guix build-system cmake) |
49f24f41 | 41 | #:use-module (guix build-system gnu) |
3b177a6c | 42 | #:use-module (guix build-system linux-module) |
5c863d57 | 43 | #:use-module (guix build-system python) |
598afe95 | 44 | #:use-module (guix utils) |
49f24f41 | 45 | #:use-module (gnu packages) |
1b17c23e | 46 | #:use-module (gnu packages admin) |
06d91fd9 | 47 | #:use-module (gnu packages base) |
d084e71c | 48 | #:use-module (gnu packages bash) |
ac257f12 | 49 | #:use-module (gnu packages check) |
d084e71c | 50 | #:use-module (gnu packages dns) |
01224157 | 51 | #:use-module (gnu packages autotools) |
71f4b81a | 52 | #:use-module (gnu packages compression) |
ad879bff | 53 | #:use-module (gnu packages curl) |
80005d03 | 54 | #:use-module (gnu packages freedesktop) |
1dba6407 | 55 | #:use-module (gnu packages gettext) |
ad879bff | 56 | #:use-module (gnu packages gnome) |
49f24f41 | 57 | #:use-module (gnu packages gnupg) |
b47e083b | 58 | #:use-module (gnu packages guile) |
01224157 | 59 | #:use-module (gnu packages libevent) |
dc77f0d3 | 60 | #:use-module (gnu packages linux) |
ad879bff | 61 | #:use-module (gnu packages multiprecision) |
90a69913 | 62 | #:use-module (gnu packages ncurses) |
aff0cce9 | 63 | #:use-module (gnu packages nss) |
71f4b81a AE |
64 | #:use-module (gnu packages perl) |
65 | #:use-module (gnu packages pkg-config) | |
5c863d57 | 66 | #:use-module (gnu packages python) |
80005d03 EF |
67 | #:use-module (gnu packages python-build) |
68 | #:use-module (gnu packages python-crypto) | |
44d10b1f | 69 | #:use-module (gnu packages python-xyz) |
c873980d | 70 | #:use-module (gnu packages python-web) |
80005d03 | 71 | #:use-module (gnu packages qt) |
8331e235 | 72 | #:use-module (gnu packages samba) |
a7fd7b68 | 73 | #:use-module (gnu packages tls) |
71f4b81a | 74 | #:use-module (gnu packages xml)) |
49f24f41 | 75 | |
7af8a9b7 LC |
76 | (define-public gvpe |
77 | (package | |
78 | (name "gvpe") | |
574d877e | 79 | (version "3.1") |
7af8a9b7 LC |
80 | (source (origin |
81 | (method url-fetch) | |
82 | (uri (string-append "mirror://gnu/gvpe/gvpe-" | |
83 | version ".tar.gz")) | |
84 | (sha256 | |
85 | (base32 | |
574d877e | 86 | "1cz8n75ksl0l908zc5l3rnfm1hv7130s2w8710799fr5sxrdbszi")))) |
7af8a9b7 LC |
87 | (build-system gnu-build-system) |
88 | (home-page "http://software.schmorp.de/pkg/gvpe.html") | |
574d877e | 89 | (native-inputs `(("pkg-config" ,pkg-config))) |
7af8a9b7 LC |
90 | (inputs `(("openssl" ,openssl) |
91 | ("zlib" ,zlib))) | |
92 | (synopsis "Secure VPN among multiple nodes over an untrusted network") | |
93 | (description | |
94 | "The GNU Virtual Private Ethernet creates a virtual network | |
95 | with multiple nodes using a variety of transport protocols. It works | |
96 | by creating encrypted host-to-host tunnels between multiple | |
97 | endpoints.") | |
98 | (license license:gpl3+))) | |
99 | ||
c85ed0e7 TGR |
100 | (define-public strongswan |
101 | (package | |
102 | (name "strongswan") | |
103 | (version "5.9.2") | |
104 | (source | |
105 | (origin | |
106 | (method url-fetch) | |
107 | (uri (string-append "https://download.strongswan.org/strongswan-" | |
108 | version ".tar.bz2")) | |
109 | (sha256 | |
110 | (base32 "0qxhbash2nyh5k2h9zcysgwv61512w1wxk5plyai4b6v3rs2ziv1")))) | |
111 | (build-system gnu-build-system) | |
112 | (arguments | |
113 | `(#:phases | |
114 | (modify-phases %standard-phases | |
115 | (add-before 'build 'patch-command-file-names | |
116 | (lambda* (#:key inputs #:allow-other-keys) | |
d0cc1d65 TGR |
117 | (substitute* "src/ipsec/_ipsec.in" |
118 | (("cat|kill|sleep|rm|uname" command) | |
119 | (string-append (assoc-ref inputs "coreutils") | |
120 | "/bin/" command))) | |
c85ed0e7 TGR |
121 | (substitute* "src/libstrongswan/utils/process.c" |
122 | (("/bin/sh") | |
123 | (string-append (assoc-ref inputs "bash") "/bin/sh"))) | |
124 | ||
125 | (substitute* "src/libstrongswan/tests/suites/test_process.c" | |
126 | (("/bin/sh") (which "sh")) | |
127 | (("/bin/echo") (which "echo")) | |
128 | (("cat") (which "cat"))) | |
129 | #t)) | |
130 | (add-before 'check 'set-up-test-environment | |
131 | (lambda* (#:key inputs #:allow-other-keys) | |
132 | (setenv "TZDIR" (string-append (assoc-ref inputs "tzdata") | |
133 | "/share/zoneinfo")) | |
134 | #t))) | |
135 | #:configure-flags | |
136 | (list | |
137 | "--disable-ldap" | |
138 | "--disable-mysql" | |
139 | "--disable-systemd" | |
140 | ||
141 | ;; Disable BSD-4 licensed plugins. | |
142 | "--disable-blowfish" | |
143 | "--disable-des" | |
144 | ||
145 | ;; Make it usable. The default configuration is far too minimal to be | |
146 | ;; used with most common VPN set-ups. | |
147 | ;; See <https://wiki.strongswan.org/projects/strongswan/wiki/Autoconf>. | |
148 | "--enable-aesni" | |
149 | "--enable-attr-sql" | |
150 | "--enable-chapoly" | |
151 | "--enable-curl" | |
152 | "--enable-dhcp" | |
153 | "--enable-eap-aka" | |
154 | "--enable-eap-aka-3gpp" | |
155 | "--enable-eap-dynamic" | |
156 | "--enable-eap-identity" | |
157 | "--enable-eap-md5" | |
158 | "--enable-eap-mschapv2" | |
159 | "--enable-eap-peap" | |
160 | "--enable-eap-radius" | |
161 | "--enable-eap-sim" | |
162 | "--enable-eap-sim-file" | |
163 | "--enable-eap-simaka-pseudonym" | |
164 | "--enable-eap-simaka-reauth" | |
165 | "--enable-eap-simaka-sql" | |
166 | "--enable-eap-tls" | |
167 | "--enable-eap-tnc" | |
168 | "--enable-eap-ttls" | |
169 | "--enable-ext-auth" | |
170 | "--enable-farp" | |
171 | "--enable-ha" | |
172 | "--enable-led" | |
173 | "--enable-md4" | |
174 | "--enable-mediation" | |
175 | "--enable-openssl" | |
176 | "--enable-soup" | |
177 | "--enable-sql" | |
178 | "--enable-sqlite" | |
179 | "--enable-xauth-eap" | |
180 | "--enable-xauth-noauth" | |
181 | "--enable-xauth-pam" | |
182 | ||
183 | ;; Use libcap by default. | |
184 | "--with-capabilities=libcap"))) | |
185 | (inputs | |
d0cc1d65 TGR |
186 | `(("coreutils" ,coreutils) |
187 | ("curl" ,curl) | |
c85ed0e7 TGR |
188 | ("gmp" ,gmp) |
189 | ("libcap" ,libcap) | |
190 | ("libgcrypt" ,libgcrypt) | |
191 | ("libsoup" ,libsoup) | |
192 | ("linux-pam" ,linux-pam) | |
193 | ("openssl" ,openssl))) | |
194 | (native-inputs | |
195 | `(("coreutils" ,coreutils) | |
196 | ("pkg-config" ,pkg-config) | |
197 | ("tzdata" ,tzdata-for-tests))) | |
198 | (synopsis "IKEv1/v2 keying daemon") | |
199 | (description "StrongSwan is an IPsec implementation originally based upon | |
200 | the FreeS/WAN project. It contains support for IKEv1, IKEv2, MOBIKE, IPv6, | |
201 | NAT-T and more.") | |
202 | (home-page "https://strongswan.org/") | |
203 | (license | |
204 | (list license:gpl2+ | |
205 | ;; src/aikgen/* | |
206 | ;; src/libcharon/plugins/dnscert/* | |
207 | ;; src/libcharon/plugins/ext_auth/* | |
208 | ;; src/libcharon/plugins/vici/ruby/* | |
209 | ;; src/libcharon/plugins/xauth_pam/xauth_pam_listener.[ch] | |
210 | license:expat | |
211 | ;; src/inclue/sys/* | |
212 | license:bsd-3 | |
213 | ;; src/libstrongswan/plugins/sha3/sha3_keccak.c | |
214 | license:public-domain | |
215 | ;; src/libstrongswan/plugins/pkcs11/pkcs11.h | |
216 | (license:non-copyleft | |
217 | "file://src/libstrongswan/plugins/pkcs11/pkcs11.h" | |
218 | "pkcs11 contains a unknown permissive license. View the specific | |
219 | file for more details.") | |
220 | ;; These files are not included in the | |
221 | ;; build, they are disabled through | |
222 | ;; options to ./configure | |
223 | ;; | |
224 | ;; src/libstrongswan/plugins/blowfish/bf_enc.c | |
225 | ;; src/libstrongswan/plugins/blowfish/bf_locl.h | |
226 | ;; src/libstrongswan/plugins/blowfish/bf_pi.h | |
227 | ;; src/libstrongswan/plugins/blowfish/bf_skey.c | |
228 | ;; src/libstrongswan/plugins/blowfish/blowfish_crypter.c | |
229 | ;; src/libstrongswan/plugins/des/des_crypter.c | |
230 | license:bsd-4)))) | |
231 | ||
49f24f41 AE |
232 | (define-public vpnc |
233 | (package | |
234 | (name "vpnc") | |
235 | (version "0.5.3") | |
236 | (source (origin | |
237 | (method url-fetch) | |
594360f5 | 238 | (uri (string-append "https://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-" |
49f24f41 AE |
239 | version ".tar.gz")) |
240 | (sha256 (base32 | |
101e67ac | 241 | "1128860lis89g1s21hqxvap2nq426c9j4bvgghncc1zj0ays7kj6")))) |
49f24f41 AE |
242 | (build-system gnu-build-system) |
243 | (inputs `(("libgcrypt" ,libgcrypt) | |
42c97811 | 244 | ("perl" ,perl) |
101e67ac | 245 | ("vpnc-scripts" ,vpnc-scripts))) |
49f24f41 AE |
246 | (arguments |
247 | `(#:tests? #f ; there is no check target | |
49f24f41 | 248 | #:phases |
42c97811 | 249 | (modify-phases %standard-phases |
101e67ac | 250 | (add-after 'unpack 'use-store-paths |
42c97811 | 251 | (lambda* (#:key inputs outputs #:allow-other-keys) |
101e67ac TGR |
252 | (let ((out (assoc-ref outputs "out")) |
253 | (vpnc-scripts (assoc-ref inputs "vpnc-scripts"))) | |
254 | (substitute* "config.c" | |
255 | (("/etc/vpnc/vpnc-script") | |
256 | (string-append vpnc-scripts "/etc/vpnc/vpnc-script"))) | |
257 | (substitute* "Makefile" | |
258 | (("ETCDIR=.*") | |
259 | (string-append "ETCDIR=" out "/etc/vpnc\n")) | |
260 | (("PREFIX=.*") | |
261 | (string-append "PREFIX=" out "\n"))) | |
262 | #t))) | |
263 | (delete 'configure)))) ; no configure script | |
799dcdc4 | 264 | (synopsis "Client for Cisco VPN concentrators") |
49f24f41 AE |
265 | (description |
266 | "vpnc is a VPN client compatible with Cisco's EasyVPN equipment. | |
35b9e423 | 267 | It supports IPSec (ESP) with Mode Configuration and Xauth. It supports only |
49f24f41 | 268 | shared-secret IPSec authentication with Xauth, AES (256, 192, 128), 3DES, |
35b9e423 | 269 | 1DES, MD5, SHA1, DH1/2/5 and IP tunneling. It runs entirely in userspace. |
49f24f41 AE |
270 | Only \"Universal TUN/TAP device driver support\" is needed in the kernel.") |
271 | (license license:gpl2+) ; some file are bsd-2, see COPYING | |
d61043c7 | 272 | (home-page "https://www.unix-ag.uni-kl.de/~massar/vpnc/"))) |
71f4b81a | 273 | |
06d91fd9 | 274 | (define-public vpnc-scripts |
fc4338b8 | 275 | (let ((commit "3885f8bbc4ae03fd6da0ada6de12f7223a59595c")) |
06d91fd9 TGR |
276 | (package |
277 | (name "vpnc-scripts") | |
fc4338b8 | 278 | (version (string-append "20200925." (string-take commit 7))) |
06d91fd9 TGR |
279 | (source (origin |
280 | (method git-fetch) | |
281 | (uri | |
282 | (git-reference | |
283 | (url "git://git.infradead.org/users/dwmw2/vpnc-scripts.git") | |
284 | (commit commit))) | |
728ee9d6 | 285 | (file-name (git-file-name name version)) |
06d91fd9 TGR |
286 | (sha256 |
287 | (base32 | |
fc4338b8 | 288 | "1pmi4n58q81pmn9arvfixhvv6vkkf3rpwac3hwnwyl882q5q0ccx")))) |
06d91fd9 | 289 | (build-system gnu-build-system) |
b6bee63b | 290 | (inputs `(("guile" ,guile-3.0) ; for the wrapper scripts |
b47e083b | 291 | ("coreutils" ,coreutils) |
06d91fd9 TGR |
292 | ("grep" ,grep) |
293 | ("iproute2" ,iproute) ; for ‘ip’ | |
294 | ("net-tools" ,net-tools) ; for ‘ifconfig’, ‘route’ | |
295 | ("sed" ,sed) | |
296 | ("which" ,which))) | |
297 | (arguments | |
298 | `(#:phases | |
299 | (modify-phases %standard-phases | |
300 | (add-after 'unpack 'use-relative-paths | |
301 | ;; Patch the scripts to work with and use relative paths. | |
302 | (lambda* _ | |
303 | (for-each (lambda (script) | |
304 | (substitute* script | |
305 | (("^PATH=.*") "") | |
92594b2e | 306 | (("/usr/s?bin/") "") |
06d91fd9 TGR |
307 | (("\\[ +-x +([^]]+) +\\]" _ command) |
308 | (string-append "command -v >/dev/null 2>&1 " | |
309 | command)))) | |
310 | (find-files "." "^vpnc-script")) | |
311 | #t)) | |
312 | (delete 'configure) ; no configure script | |
313 | (replace 'build | |
314 | (lambda _ | |
863501b7 | 315 | (invoke "gcc" "-o" "netunshare" "netunshare.c"))) |
06d91fd9 TGR |
316 | (replace 'install |
317 | ;; There is no Makefile; manually install the relevant files. | |
318 | (lambda* (#:key outputs #:allow-other-keys) | |
319 | (let* ((out (assoc-ref outputs "out")) | |
320 | (etc (string-append out "/etc/vpnc"))) | |
321 | (for-each (lambda (file) | |
322 | (install-file file etc)) | |
323 | (append (find-files "." "^vpnc-script") | |
324 | (list "netunshare" | |
325 | "xinetd.netns.conf"))) | |
326 | #t))) | |
327 | (add-after 'install 'wrap-scripts | |
328 | ;; Wrap scripts with paths to their common hard dependencies. | |
329 | ;; Optional dependencies will need to be installed by the user. | |
330 | (lambda* (#:key inputs outputs #:allow-other-keys) | |
331 | (let ((out (assoc-ref outputs "out"))) | |
332 | (for-each | |
333 | (lambda (script) | |
b47e083b | 334 | (wrap-script (string-append out "/etc/vpnc/" script) |
06d91fd9 TGR |
335 | `("PATH" ":" prefix |
336 | ,(map (lambda (name) | |
337 | (let ((input (assoc-ref inputs name))) | |
338 | (string-append input "/bin:" | |
339 | input "/sbin"))) | |
340 | (list "coreutils" | |
341 | "grep" | |
342 | "iproute2" | |
343 | "net-tools" | |
344 | "sed" | |
345 | "which"))))) | |
b47e083b RW |
346 | (list "vpnc-script-ptrtd" |
347 | "vpnc-script-sshd" | |
348 | "vpnc-script")) | |
863501b7 | 349 | #t)))) |
06d91fd9 TGR |
350 | #:tests? #f)) ; no tests |
351 | (home-page "http://git.infradead.org/users/dwmw2/vpnc-scripts.git") | |
352 | (synopsis "Network configuration scripts for Cisco VPN clients") | |
353 | (description | |
354 | "This set of scripts configures routing and name services when invoked | |
355 | by the VPNC or OpenConnect Cisco @dfn{Virtual Private Network} (VPN) clients. | |
356 | ||
357 | The default @command{vpnc-script} automatically configures most common | |
358 | connections, and provides hooks for performing custom actions at various stages | |
359 | of the connection or disconnection process. | |
360 | ||
361 | Alternative scripts are provided for more complicated set-ups, or to serve as an | |
362 | example for writing your own. For example, @command{vpnc-script-sshd} contains | |
363 | the entire VPN in a network namespace accessible only through SSH.") | |
364 | (license license:gpl2+)))) | |
71f4b81a | 365 | |
01224157 PL |
366 | (define-public ocproxy |
367 | (package | |
368 | (name "ocproxy") | |
369 | (version "1.60") | |
370 | (source (origin | |
98ebc8fd EF |
371 | (method git-fetch) |
372 | (uri (git-reference | |
b0e7b699 | 373 | (url "https://github.com/cernekee/ocproxy") |
98ebc8fd EF |
374 | (commit (string-append "v" version)))) |
375 | (file-name (git-file-name name version)) | |
01224157 PL |
376 | (sha256 |
377 | (base32 | |
98ebc8fd | 378 | "03323nnhb4y9nzwva04mq7xg03dvdrgp689g89f69jqc261skcqx")))) |
01224157 PL |
379 | (build-system gnu-build-system) |
380 | (native-inputs | |
381 | `(("autoconf" ,autoconf) | |
382 | ("automake" ,automake))) | |
383 | (inputs | |
384 | `(("libevent" ,libevent))) | |
01224157 PL |
385 | (home-page "https://github.com/cernekee/ocproxy") |
386 | (synopsis "OpenConnect proxy") | |
387 | (description | |
388 | "User-level @dfn{SOCKS} and port forwarding proxy for OpenConnect based | |
389 | on LwIP. When using ocproxy, OpenConnect only handles network activity that | |
390 | the user specifically asks to proxy, so the @dfn{VPN} interface no longer | |
391 | \"hijacks\" all network traffic on the host.") | |
392 | (license license:bsd-3))) | |
393 | ||
71f4b81a AE |
394 | (define-public openconnect |
395 | (package | |
396 | (name "openconnect") | |
57b13d1c | 397 | (version "8.10") |
71f4b81a AE |
398 | (source (origin |
399 | (method url-fetch) | |
d4bf49b1 EB |
400 | (uri (string-append "ftp://ftp.infradead.org/pub/openconnect/" |
401 | "openconnect-" version ".tar.gz")) | |
c383c36e | 402 | (sha256 |
57b13d1c | 403 | (base32 "1cdsx4nsrwawbsisfkldfc9i4qn60g03vxb13nzppr2br9p4rrih")))) |
71f4b81a | 404 | (build-system gnu-build-system) |
0d7f282b | 405 | (propagated-inputs |
c4c4cc05 | 406 | `(("libxml2" ,libxml2) |
51a365c1 | 407 | ("gnutls" ,gnutls) |
71f4b81a | 408 | ("zlib" ,zlib))) |
0d7f282b | 409 | (inputs |
1d7f3c00 TGR |
410 | `(("lz4" ,lz4) |
411 | ("vpnc-scripts" ,vpnc-scripts))) | |
c4c4cc05 | 412 | (native-inputs |
b94a6ca0 | 413 | `(("gettext" ,gettext-minimal) |
c4c4cc05 | 414 | ("pkg-config" ,pkg-config))) |
71f4b81a | 415 | (arguments |
d4bf49b1 EB |
416 | `(#:configure-flags |
417 | `(,(string-append "--with-vpnc-script=" | |
a6d06e86 | 418 | (assoc-ref %build-inputs "vpnc-scripts") |
d4bf49b1 | 419 | "/etc/vpnc/vpnc-script")))) |
799dcdc4 | 420 | (synopsis "Client for Cisco VPN") |
71f4b81a AE |
421 | (description |
422 | "OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is | |
423 | supported by the ASA5500 Series, by IOS 12.4(9)T or later on Cisco SR500, | |
424 | 870, 880, 1800, 2800, 3800, 7200 Series and Cisco 7301 Routers, | |
425 | and probably others.") | |
426 | (license license:lgpl2.1) | |
8b1d0ff4 | 427 | (home-page "https://www.infradead.org/openconnect/"))) |
dc77f0d3 | 428 | |
80005d03 EF |
429 | (define-public openconnect-sso |
430 | (package | |
431 | (name "openconnect-sso") | |
c13b9ae3 | 432 | (version "0.7.3") |
80005d03 EF |
433 | (source |
434 | (origin | |
435 | (method url-fetch) | |
436 | (uri (pypi-uri "openconnect-sso" version)) | |
437 | (sha256 | |
c13b9ae3 | 438 | (base32 "065s5c8q80jh0psdw7694nlabwpra7aw6yc4jlgsc9vxx8rx2na1")))) |
80005d03 EF |
439 | (build-system python-build-system) |
440 | (arguments | |
441 | `(#:tests? #f ; Tests not included, building from git requires poetry. | |
442 | #:phases | |
443 | (modify-phases %standard-phases | |
80005d03 EF |
444 | (add-after 'unpack 'patch-openconnect |
445 | (lambda _ | |
446 | (substitute* "openconnect_sso/app.py" | |
447 | (("\"openconnect\"") | |
448 | (string-append "\"" (which "openconnect") "\""))) | |
449 | #t)) | |
450 | (replace 'check | |
451 | (lambda* (#:key tests? #:allow-other-keys) | |
452 | (when tests? | |
453 | (invoke "pytest" "-v")) | |
454 | #t)) | |
455 | (add-after 'install 'wrap-qt-process-path | |
456 | (lambda* (#:key inputs outputs #:allow-other-keys) | |
457 | (let* ((out (assoc-ref outputs "out")) | |
458 | (bin (string-append out "/bin/openconnect-sso")) | |
459 | (qt-process-path (string-append | |
460 | (assoc-ref inputs "qtwebengine") | |
461 | "/lib/qt5/libexec/QtWebEngineProcess"))) | |
462 | (wrap-program bin | |
463 | `("QTWEBENGINEPROCESS_PATH" = (,qt-process-path))) | |
464 | #t)))))) | |
465 | (inputs | |
466 | `(("openconnect" ,openconnect) | |
467 | ("python-attrs" ,python-attrs) | |
468 | ("python-colorama" ,python-colorama) | |
469 | ("python-keyring" ,python-keyring) | |
470 | ("python-lxml" ,python-lxml) | |
471 | ("python-prompt-toolkit" ,python-prompt-toolkit) | |
472 | ("python-requests" ,python-requests) | |
473 | ("python-pyqt" ,python-pyqt) | |
474 | ("python-pyqtwebengine" ,python-pyqtwebengine) | |
475 | ("python-pysocks" ,python-pysocks) | |
476 | ("python-pyxdg" ,python-pyxdg) | |
477 | ("python-structlog" ,python-structlog) | |
478 | ("python-toml" ,python-toml) | |
479 | ("qtwebengine" ,qtwebengine))) | |
480 | (native-inputs | |
481 | `(("python-pytest" ,python-pytest) | |
482 | ("python-setuptools-scm" ,python-setuptools-scm))) | |
483 | (home-page "https://github.com/vlaci/openconnect-sso") | |
484 | (synopsis "OpenConnect wrapper script supporting Azure AD (SAMLv2)") | |
485 | (description | |
486 | "This package provides a wrapper script for OpenConnect supporting Azure AD | |
487 | (SAMLv2) authentication to Cisco SSL-VPNs.") | |
488 | (license license:gpl3))) | |
489 | ||
18918ebe DD |
490 | (define-public openfortivpn |
491 | (package | |
492 | (name "openfortivpn") | |
493 | (version "1.15.0") | |
494 | (source (origin | |
495 | (method git-fetch) | |
496 | (uri (git-reference | |
497 | (url "https://github.com/adrienverge/openfortivpn") | |
498 | (commit (string-append "v" version)))) | |
499 | (file-name (git-file-name name version)) | |
500 | (sha256 | |
501 | (base32 | |
502 | "1qsfgpxg553s8rc9cyrc4k96z0pislxsdxb9wyhp8fdprkak2mw2")))) | |
503 | (build-system gnu-build-system) | |
504 | (native-inputs | |
505 | `(("autoconf" ,autoconf) | |
506 | ("autotools" ,automake) | |
507 | ("pkg-config" ,pkg-config))) | |
508 | (inputs | |
509 | `(("openssl" ,openssl) | |
510 | ("ppp" ,ppp))) | |
511 | (home-page "https://github.com/adrienverge/openfortivpn") | |
512 | (synopsis "Client for PPP+SSL VPN tunnel services") | |
513 | (description "Openfortivpn is a client for PPP+SSL VPN tunnel services. It | |
514 | spawns a pppd process and operates the communication between the gateway and | |
515 | this process. It is compatible with Fortinet VPNs.") | |
516 | (license license:gpl3+))) | |
517 | ||
dc77f0d3 DT |
518 | (define-public openvpn |
519 | (package | |
520 | (name "openvpn") | |
7ab69074 | 521 | (version "2.5.3") |
dc77f0d3 DT |
522 | (source (origin |
523 | (method url-fetch) | |
524 | (uri (string-append | |
525 | "https://swupdate.openvpn.org/community/releases/openvpn-" | |
526 | version ".tar.xz")) | |
527 | (sha256 | |
528 | (base32 | |
7ab69074 | 529 | "0zlski66mw10klmwvg445z051mld7xjng4iyl4f9b883qr1rjspv")))) |
dc77f0d3 DT |
530 | (build-system gnu-build-system) |
531 | (arguments | |
532 | '(#:configure-flags '("--enable-iproute2=yes"))) | |
533 | (native-inputs | |
534 | `(("iproute2" ,iproute))) | |
535 | (inputs | |
dee9a262 EF |
536 | `(("lz4" ,lz4) |
537 | ("lzo" ,lzo) | |
dc77f0d3 DT |
538 | ("openssl" ,openssl) |
539 | ("linux-pam" ,linux-pam))) | |
540 | (home-page "https://openvpn.net/") | |
541 | (synopsis "Virtual private network daemon") | |
9599339c TGR |
542 | (description |
543 | "OpenVPN implements virtual private network (@dfn{VPN}) techniques | |
dc77f0d3 DT |
544 | for creating secure point-to-point or site-to-site connections in routed or |
545 | bridged configurations and remote access facilities. It uses a custom | |
546 | security protocol that utilizes SSL/TLS for key exchange. It is capable of | |
9599339c | 547 | traversing network address translators (@dfn{NAT}s) and firewalls.") |
dc77f0d3 | 548 | (license license:gpl2))) |
feca8e2b | 549 | |
c873980d RP |
550 | (define-public protonvpn-cli |
551 | (package | |
552 | (name "protonvpn-cli") | |
04d50f0a | 553 | (version "2.2.6") |
c873980d RP |
554 | (source |
555 | (origin | |
556 | ;; PyPI has a ".whl" file but not a proper source release. | |
557 | ;; Thus, fetch code from Git. | |
558 | (method git-fetch) | |
559 | (uri (git-reference | |
b0e7b699 | 560 | (url "https://github.com/ProtonVPN/linux-cli") |
c873980d RP |
561 | (commit (string-append "v" version)))) |
562 | (file-name (git-file-name name version)) | |
563 | (sha256 | |
04d50f0a | 564 | (base32 "0y7v9ikrmy5dbjlpbpacp08gy838i8z54m8m4ps7ldk1j6kyia3n")))) |
c873980d | 565 | (build-system python-build-system) |
bcfa8b4a RP |
566 | (arguments |
567 | '(#:tests? #f ; no tests in repo | |
568 | #:phases | |
569 | (modify-phases %standard-phases | |
570 | (add-after 'wrap 'wrap-wrapper | |
571 | ;; Wrap entrypoint with paths to its hard dependencies. | |
572 | (lambda* (#:key inputs outputs #:allow-other-keys) | |
573 | (let ((entrypoint (string-append (assoc-ref outputs "out") | |
574 | "/bin/.protonvpn-real"))) | |
575 | (wrap-program entrypoint | |
576 | `("PATH" ":" prefix | |
577 | ,(map (lambda (name) | |
578 | (let ((input (assoc-ref inputs name))) | |
579 | (string-append input "/bin:" | |
580 | input "/sbin"))) | |
581 | (list "dialog" | |
582 | "iproute2" | |
583 | "iptables" | |
584 | "ncurses" | |
585 | "openvpn" | |
586 | "procps" | |
587 | "which"))))) | |
588 | #t))))) | |
c873980d | 589 | (native-inputs |
f39b7612 | 590 | `(("python-docopt" ,python-docopt))) |
c873980d | 591 | (inputs |
bcfa8b4a RP |
592 | `(("dialog" ,dialog) |
593 | ("iproute2" ,iproute) | |
594 | ("iptables" ,iptables) | |
595 | ("ncurses" ,ncurses) | |
596 | ("openvpn" ,openvpn) | |
597 | ("procps" ,procps) | |
598 | ("python-jinja2" ,python-jinja2) | |
36045fa6 | 599 | ("python-pythondialog" ,python-pythondialog) |
bcfa8b4a RP |
600 | ("python-requests" ,python-requests) |
601 | ("which" ,which))) | |
c873980d RP |
602 | (synopsis "Command-line client for ProtonVPN") |
603 | (description | |
86ac14b2 LC |
604 | "This is the official command-line interface for ProtonVPN, a secure |
605 | point-to-point virtual private networking (VPN) service with a gratis tier. | |
606 | It can automatically find and connect to the fastest servers or use Tor over | |
607 | VPN. The gratis tier offers unlimited bandwidth for up to 10 devices.") | |
c873980d RP |
608 | (home-page "https://github.com/ProtonVPN/linux-cli") |
609 | (license license:gpl3+))) | |
610 | ||
feca8e2b JM |
611 | (define-public tinc |
612 | (package | |
613 | (name "tinc") | |
2b247e51 | 614 | (version "1.0.36") |
feca8e2b JM |
615 | (source (origin |
616 | (method url-fetch) | |
e81ddeda | 617 | (uri (string-append "https://tinc-vpn.org/packages/" |
657c3ff6 | 618 | "tinc-" version ".tar.gz")) |
feca8e2b JM |
619 | (sha256 |
620 | (base32 | |
2b247e51 | 621 | "021i2sl2mjscbm8g59d7vs74iw3gf0m48wg7w3zhwj6czarkpxs0")))) |
feca8e2b | 622 | (build-system gnu-build-system) |
7b770eca SB |
623 | (arguments |
624 | '(#:configure-flags | |
625 | '("--sysconfdir=/etc" | |
626 | "--localstatedir=/var"))) | |
feca8e2b JM |
627 | (inputs `(("zlib" ,zlib) |
628 | ("lzo" ,lzo) | |
629 | ("openssl" ,openssl))) | |
e81ddeda | 630 | (home-page "https://tinc-vpn.org") |
feca8e2b JM |
631 | (synopsis "Virtual Private Network (VPN) daemon") |
632 | (description | |
633 | "Tinc is a VPN that uses tunnelling and encryption to create a secure | |
634 | private network between hosts on the internet.") | |
635 | (license license:gpl2+))) | |
5c863d57 TGR |
636 | |
637 | (define-public sshuttle | |
638 | (package | |
639 | (name "sshuttle") | |
627c6531 | 640 | (version "0.78.5") |
5c863d57 TGR |
641 | (source |
642 | (origin | |
643 | (method url-fetch) | |
644 | (uri (pypi-uri name version)) | |
645 | (sha256 | |
646 | (base32 | |
627c6531 | 647 | "0vp13xwrhx4m6zgsyzvai84lkq9mzkaw47j58dk0ll95kaymk2x8")))) |
5c863d57 | 648 | (build-system python-build-system) |
c32863e0 TGR |
649 | (arguments |
650 | `(#:phases | |
651 | (modify-phases %standard-phases | |
652 | (add-after 'unpack 'patch-FHS-file-names | |
653 | (lambda _ | |
654 | (substitute* "sshuttle/client.py" | |
655 | (("/usr/bin/env") (which "env"))) | |
656 | (substitute* "sshuttle/ssh.py" | |
0e2d3ce2 | 657 | (("/bin/sh") "sh")) |
c32863e0 | 658 | #t))))) |
5c863d57 | 659 | (native-inputs |
3308591f | 660 | `(("python-setuptools-scm" ,python-setuptools-scm) |
5c863d57 | 661 | ;; For tests only. |
1628d57b | 662 | ("python-flake8" ,python-flake8) |
5c863d57 | 663 | ("python-mock" ,python-mock) |
627c6531 | 664 | ("python-pytest-cov" ,python-pytest-cov) |
3308591f | 665 | ("python-pytest-runner" ,python-pytest-runner))) |
5c863d57 TGR |
666 | (home-page "https://github.com/sshuttle/sshuttle") |
667 | (synopsis "VPN that transparently forwards connections over SSH") | |
668 | (description "sshuttle creates an encrypted virtual private network (VPN) | |
669 | connection to any remote server to which you have secure shell (SSH) access. | |
670 | The only requirement is a suitable version of Python on the server; | |
671 | administrative privileges are required only on the client. Unlike most VPNs, | |
672 | sshuttle forwards entire sessions, not packets, using kernel transparent | |
673 | proxying. This makes it faster and more reliable than SSH's own tunneling and | |
674 | port forwarding features. It can forward both TCP and UDP traffic, including | |
675 | DNS domain name queries.") | |
676 | (license license:lgpl2.0))) ; incorrectly identified as GPL in ‘setup.py’ | |
1ce6f33b TGR |
677 | |
678 | (define-public sshoot | |
679 | (package | |
680 | (name "sshoot") | |
3b4018d6 | 681 | (version "1.2.6") |
1ce6f33b TGR |
682 | (source |
683 | (origin | |
684 | (method url-fetch) | |
685 | (uri (pypi-uri name version)) | |
686 | (sha256 | |
687 | (base32 | |
3b4018d6 | 688 | "1ccgh0hjyxrwkgy3hnxz3hgbjbs0lmfs25d5l5jam0xbpcpj63h0")))) |
1ce6f33b | 689 | (build-system python-build-system) |
c0b12a60 MB |
690 | (arguments |
691 | '(#:phases | |
692 | (modify-phases %standard-phases | |
693 | (add-after 'unpack 'patch-paths | |
694 | (lambda _ | |
695 | (substitute* "sshoot/tests/test_manager.py" | |
696 | (("/bin/sh") (which "sh"))) | |
697 | #t))))) | |
1ce6f33b TGR |
698 | (inputs |
699 | `(("python-argcomplete" ,python-argcomplete) | |
700 | ("python-prettytable" ,python-prettytable) | |
701 | ("python-pyyaml" ,python-pyyaml))) | |
702 | ;; For tests only. | |
703 | (native-inputs | |
704 | `(("python-fixtures" ,python-fixtures) | |
705 | ("python-pbr" ,python-pbr) | |
706 | ("python-testtools" ,python-testtools))) | |
3b4018d6 | 707 | (home-page "https://github.com/albertodonato/sshoot") |
1ce6f33b TGR |
708 | (synopsis "sshuttle VPN session manager") |
709 | (description "sshoot provides a command-line interface to manage multiple | |
710 | @command{sshuttle} virtual private networks. It supports flexible profiles | |
711 | with configuration options for most of @command{sshuttle}’s features.") | |
712 | (license license:gpl3+))) | |
7ba2b274 MP |
713 | |
714 | (define-public badvpn | |
715 | (package | |
716 | (name "badvpn") | |
717 | (version "1.999.130") | |
718 | (source | |
719 | (origin | |
720 | (method git-fetch) | |
721 | (uri (git-reference | |
b0e7b699 | 722 | (url "https://github.com/ambrop72/badvpn") |
7ba2b274 MP |
723 | (commit version))) |
724 | (file-name (git-file-name name version)) | |
725 | (sha256 | |
726 | (base32 "0rm67xhi7bh3yph1vh07imv5y1pwyldvw3wa5bz471g8mnkc7d3c")))) | |
727 | (build-system cmake-build-system) | |
728 | (arguments | |
729 | '(#:tests? #f)) ; no tests | |
730 | (inputs | |
731 | `(("nspr" ,nspr) | |
732 | ("nss" ,nss) | |
733 | ("openssl" ,openssl))) | |
734 | (native-inputs | |
735 | `(("pkg-config" ,pkg-config))) | |
736 | (home-page "https://github.com/ambrop72/badvpn") | |
737 | (synopsis "Peer-to-peer virtual private network (VPN)") | |
738 | (description "@code{BadVPN} is a collection of virtual private | |
739 | network (VPN) tools. It includes: | |
740 | ||
741 | @enumerate | |
742 | @item NCD programming language.\n | |
743 | NCD (Network Configuration Daemon) is a daemon and programming/scripting | |
744 | language for configuration of network interfaces and other aspects of the | |
745 | operating system. | |
746 | @item Tun2socks network-layer proxifier.\n | |
747 | The tun2socks program socksifes TCP connections at the network layer. It | |
748 | implements a TUN device which accepts all incoming TCP connections (regardless | |
749 | of destination IP), and forwards the connections through a SOCKS server. | |
750 | @item Peer-to-peer VPN.\n | |
751 | The peer-to-peer VPN implements a Layer 2 (Ethernet) network between the peers | |
752 | (VPN nodes). | |
753 | @end enumerate") | |
754 | ;; This project contains a bundled lwIP. lwIP is also released under the | |
755 | ;; 3-clause BSD license. | |
756 | (license license:bsd-3))) | |
7a0479bb | 757 | |
336d7644 | 758 | (define-public wireguard-linux-compat |
7a0479bb | 759 | (package |
336d7644 | 760 | (name "wireguard-linux-compat") |
c3e6fcde | 761 | (version "1.0.20201221") |
7a0479bb LF |
762 | (source (origin |
763 | (method url-fetch) | |
336d7644 LF |
764 | (uri (string-append "https://git.zx2c4.com/wireguard-linux-compat/" |
765 | "snapshot/wireguard-linux-compat-" version | |
766 | ".tar.xz")) | |
7a0479bb LF |
767 | (sha256 |
768 | (base32 | |
c3e6fcde | 769 | "0ci13in0fqq32n5qamch4qhjgbdq86ygrgmfhc9szsh2nsl8jlkf")))) |
3b177a6c BW |
770 | (build-system linux-module-build-system) |
771 | (outputs '("out" | |
772 | "kernel-patch")) | |
7a0479bb | 773 | (arguments |
76ad9547 TGR |
774 | `(#:linux ,linux-libre-5.4 ; mustn't have WG built-in |
775 | #:tests? #f ; no test suite | |
3b177a6c | 776 | #:modules ((guix build linux-module-build-system) |
7a0479bb LF |
777 | (guix build utils) |
778 | (ice-9 popen) | |
779 | (ice-9 textual-ports)) | |
780 | #:phases | |
781 | (modify-phases %standard-phases | |
3b177a6c BW |
782 | (add-before 'build 'change-directory |
783 | (lambda _ | |
784 | (chdir "./src") | |
785 | #t)) | |
786 | (add-after 'build 'build-patch | |
7a0479bb | 787 | (lambda* (#:key outputs #:allow-other-keys) |
3b177a6c | 788 | (let* ((patch-builder "../kernel-tree-scripts/create-patch.sh") |
7a0479bb LF |
789 | (port (open-input-pipe patch-builder)) |
790 | (str (get-string-all port))) | |
791 | (close-pipe port) | |
336d7644 | 792 | (call-with-output-file "wireguard.patch" |
7a0479bb LF |
793 | (lambda (port) |
794 | (format port "~a" str)))) | |
76ad9547 | 795 | #t)) |
3b177a6c | 796 | (add-after 'install 'install-patch |
336d7644 LF |
797 | (lambda* (#:key outputs #:allow-other-keys) |
798 | (install-file "wireguard.patch" | |
3b177a6c BW |
799 | (assoc-ref %outputs "kernel-patch")) |
800 | #t)) | |
801 | ;; So that 'install-license-files' works... | |
802 | (add-before 'install-license-files 'reset-cwd | |
803 | (lambda _ | |
804 | (chdir "..") | |
336d7644 LF |
805 | #t))))) |
806 | (home-page "https://git.zx2c4.com/wireguard-linux-compat/") | |
807 | (synopsis "WireGuard kernel module for Linux 3.10 through 5.5") | |
3b177a6c BW |
808 | (description "This package contains an out-of-tree kernel patch and |
809 | a loadable module adding WireGuard to Linux kernel versions 3.10 through 5.5. | |
810 | WireGuard was added to Linux 5.6.") | |
7a0479bb | 811 | (license license:gpl2))) |
1b17c23e | 812 | |
10650b89 TGR |
813 | (define-public wireguard-tools |
814 | (package | |
815 | (name "wireguard-tools") | |
fecdc22e | 816 | (version "1.0.20210424") |
10650b89 TGR |
817 | (source |
818 | (origin | |
819 | (method git-fetch) | |
820 | (uri (git-reference | |
821 | (url "https://git.zx2c4.com/wireguard-tools.git") | |
822 | (commit (string-append "v" version)))) | |
823 | (file-name (git-file-name name version)) | |
824 | (sha256 | |
fecdc22e | 825 | (base32 "12v0ykaz7phv1gqin35wf6ndgb9819vai17ynjxssq00xwcbsq43")))) |
10650b89 TGR |
826 | (build-system gnu-build-system) |
827 | (arguments | |
19781930 | 828 | `(#:make-flags |
598afe95 | 829 | (list ,(string-append "CC=" (cc-for-target)) |
c1005113 | 830 | "--directory=src" |
10650b89 TGR |
831 | "WITH_BASHCOMPLETION=yes" |
832 | ;; Install the ‘simple and dirty’ helper script wg-quick(8). | |
833 | "WITH_WGQUICK=yes" | |
834 | (string-append "PREFIX=" (assoc-ref %outputs "out")) | |
835 | ;; Currently used only to create an empty /etc/wireguard directory. | |
836 | (string-append "SYSCONFDIR=no-thanks")) | |
19781930 LF |
837 | ;; The test suite is meant to be run interactively. It runs Clang's |
838 | ;; scan-build static analyzer and then starts a web server to display the | |
839 | ;; results. | |
840 | #:tests? #f | |
10650b89 TGR |
841 | #:phases |
842 | (modify-phases %standard-phases | |
c1005113 | 843 | ;; No configure script |
d084e71c BW |
844 | (delete 'configure) |
845 | (add-after 'install 'install-contrib-docs | |
846 | (lambda* (#:key outputs #:allow-other-keys) | |
847 | (let ((out (assoc-ref outputs "out"))) | |
848 | (copy-recursively "contrib/" | |
849 | (string-append out "/share/doc/wireguard-tools")) | |
850 | #t))) | |
851 | (add-after 'install 'wrap-wg-quick | |
852 | (lambda* (#:key inputs outputs #:allow-other-keys) | |
853 | (let* ((out (assoc-ref outputs "out")) | |
854 | (inputs-sbin (map (lambda (input) | |
855 | (string-append (assoc-ref inputs input) "/sbin")) | |
856 | (list "resolvconf" "iproute" "procps" | |
857 | "iptables"))) | |
858 | (coreutils (string-append (assoc-ref inputs "coreutils") | |
859 | "/bin"))) | |
860 | (wrap-program (string-append out "/bin/wg-quick") | |
861 | `("PATH" ":" prefix ,(append inputs-sbin | |
862 | (list coreutils)))) | |
863 | #t)))))) | |
864 | (inputs | |
865 | `(("resolvconf" ,openresolv) | |
866 | ("coreutils" ,coreutils) | |
867 | ("bash" ,bash) ; for scripts using /dev/tcp | |
868 | ("procps" ,procps) | |
869 | ("iproute" ,iproute) | |
870 | ("iptables" ,iptables))) | |
10650b89 TGR |
871 | (home-page "https://www.wireguard.com/") |
872 | (synopsis "Tools for configuring WireGuard tunnels") | |
873 | (description | |
874 | "This package provides the user-space command-line tools for using and | |
875 | configuring WireGuard tunnels. | |
876 | ||
877 | WireGuard is a simple and fast general-purpose @acronym{VPN, Virtual Private | |
878 | Network} that securely encapsulates IP packets over UDP. It aims to be as easy | |
879 | to configure and deploy as SSH. VPN connections are made simply by exchanging | |
880 | public keys and can roam across IP addresses.") | |
881 | (license | |
882 | (list license:lgpl2.1+ ; src/netlink.h & contrib/embeddable-wg-library | |
883 | license:gpl2)))) ; everything else | |
884 | ||
336d7644 LF |
885 | (define-public wireguard |
886 | (deprecated-package "wireguard" wireguard-tools)) | |
887 | ||
1b17c23e TČ |
888 | (define-public xl2tpd |
889 | (package | |
890 | (name "xl2tpd") | |
c3469513 | 891 | (version "1.3.16") |
1b17c23e TČ |
892 | (source (origin |
893 | (method git-fetch) | |
894 | (uri (git-reference | |
895 | (url "https://github.com/xelerance/xl2tpd") | |
896 | (commit (string-append "v" version)))) | |
28341601 | 897 | (file-name (git-file-name name version)) |
1b17c23e TČ |
898 | (sha256 |
899 | (base32 | |
c3469513 | 900 | "0is5ccrvijz0pfm45pfrlbb9y8231yz3c4zqs8mkgakl9rxajy6l")))) |
1b17c23e TČ |
901 | (build-system gnu-build-system) |
902 | (arguments | |
0309e004 | 903 | `(#:make-flags (list (string-append "PREFIX=" %output) |
1b17c23e TČ |
904 | "CC=gcc") |
905 | #:phases (modify-phases %standard-phases | |
8331e235 IK |
906 | (delete 'configure) ;no configure script |
907 | (add-before 'build 'setup-environment | |
908 | (lambda* (#:key inputs #:allow-other-keys) | |
0919d614 MO |
909 | (substitute* "l2tp.h" |
910 | (("/usr/sbin/pppd") | |
911 | (string-append (assoc-ref inputs "ppp") | |
912 | "/sbin/pppd"))) | |
8331e235 IK |
913 | (setenv "KERNELSRC" |
914 | (assoc-ref inputs "linux-libre-headers")) | |
915 | #t))) | |
14ccd8f8 | 916 | #:tests? #f)) ; no tests provided |
8331e235 IK |
917 | (inputs `(("libpcap" ,libpcap) |
918 | ("linux-libre-headers" ,linux-libre-headers) | |
919 | ("ppp" ,ppp))) | |
1b17c23e TČ |
920 | (home-page "https://www.xelerance.com/software/xl2tpd/") |
921 | (synopsis "Layer 2 Tunnelling Protocol Daemon (RFC 2661)") | |
922 | (description | |
923 | "xl2tpd is an implementation of the Layer 2 Tunnelling Protocol (RFC 2661). | |
924 | L2TP allows you to tunnel PPP over UDP.") | |
925 | (license license:gpl2))) |