HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: openconnect: Add LZ4 support.
[jackhill/guix/guix.git] / gnu / packages / vpn.scm
CommitLineData
49f24f41
AE		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
aff0cce9 3;;; Copyright © 2013, 2016, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
d4bf49b1 4;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
feca8e2b 5;;; Copyright © 2015 Jeff Mickey <j@codemac.net>
0d7f282b 6;;; Copyright © 2016, 2017, 2019 Efraim Flashner <efraim@flashner.co.il>
e4aa83be 7;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
fa3346b8 8;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu>
01224157 9;;; Copyright © 2018 Pierre Langlois <pierre.langlois@gmx.com>
7ba2b274 10;;; Copyright © 2018 Meiyo Peng <meiyo.peng@gmail.com>
c1005113 11;;; Copyright © 2019, 2020 Leo Famulari <leo@famulari.name>
9fd6ad3e 12;;; Copyright © 2019 Rutger Helling <rhelling@mykolab.com>
b47e083b 13;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net>
3b177a6c 14;;; Copyright © 2020 Brice Waegeneire <brice@waegenei.re>
49f24f41
AE		 15;;;
16;;; This file is part of GNU Guix.
17;;;
18;;; GNU Guix is free software; you can redistribute it and/or modify it
19;;; under the terms of the GNU General Public License as published by
20;;; the Free Software Foundation; either version 3 of the License, or (at
21;;; your option) any later version.
22;;;
23;;; GNU Guix is distributed in the hope that it will be useful, but
24;;; WITHOUT ANY WARRANTY; without even the implied warranty of
25;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26;;; GNU General Public License for more details.
27;;;
28;;; You should have received a copy of the GNU General Public License
29;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
30
31(define-module (gnu packages vpn)
b5b73a82 32 #:use-module ((guix licenses) #:prefix license:)
49f24f41
AE		 33 #:use-module (guix packages)
34 #:use-module (guix download)
06d91fd9 35 #:use-module (guix git-download)
7ba2b274 36 #:use-module (guix build-system cmake)
49f24f41 37 #:use-module (guix build-system gnu)
3b177a6c 38 #:use-module (guix build-system linux-module)
5c863d57 39 #:use-module (guix build-system python)
49f24f41 40 #:use-module (gnu packages)
1b17c23e 41 #:use-module (gnu packages admin)
06d91fd9 42 #:use-module (gnu packages base)
ac257f12 43 #:use-module (gnu packages check)
01224157 44 #:use-module (gnu packages autotools)
71f4b81a 45 #:use-module (gnu packages compression)
1dba6407 46 #:use-module (gnu packages gettext)
49f24f41 47 #:use-module (gnu packages gnupg)
b47e083b 48 #:use-module (gnu packages guile)
01224157 49 #:use-module (gnu packages libevent)
dc77f0d3 50 #:use-module (gnu packages linux)
aff0cce9 51 #:use-module (gnu packages nss)
71f4b81a
AE		 52 #:use-module (gnu packages perl)
53 #:use-module (gnu packages pkg-config)
5c863d57 54 #:use-module (gnu packages python)
44d10b1f 55 #:use-module (gnu packages python-xyz)
a7fd7b68 56 #:use-module (gnu packages tls)
71f4b81a 57 #:use-module (gnu packages xml))
49f24f41 58
7af8a9b7
LC		 59(define-public gvpe
60 (package
61 (name "gvpe")
574d877e 62 (version "3.1")
7af8a9b7
LC		 63 (source (origin
64 (method url-fetch)
65 (uri (string-append "mirror://gnu/gvpe/gvpe-"
66 version ".tar.gz"))
67 (sha256
68 (base32
574d877e 69 "1cz8n75ksl0l908zc5l3rnfm1hv7130s2w8710799fr5sxrdbszi"))))
7af8a9b7
LC		 70 (build-system gnu-build-system)
71 (home-page "http://software.schmorp.de/pkg/gvpe.html")
574d877e 72 (native-inputs `(("pkg-config" ,pkg-config)))
7af8a9b7
LC		 73 (inputs `(("openssl" ,openssl)
74 ("zlib" ,zlib)))
75 (synopsis "Secure VPN among multiple nodes over an untrusted network")
76 (description
77 "The GNU Virtual Private Ethernet creates a virtual network
78with multiple nodes using a variety of transport protocols. It works
79by creating encrypted host-to-host tunnels between multiple
80endpoints.")
81 (license license:gpl3+)))
82
49f24f41
AE		 83(define-public vpnc
84 (package
85 (name "vpnc")
86 (version "0.5.3")
87 (source (origin
88 (method url-fetch)
594360f5 89 (uri (string-append "https://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-"
49f24f41
AE		 90 version ".tar.gz"))
91 (sha256 (base32
101e67ac 92 "1128860lis89g1s21hqxvap2nq426c9j4bvgghncc1zj0ays7kj6"))))
49f24f41
AE		 93 (build-system gnu-build-system)
94 (inputs `(("libgcrypt" ,libgcrypt)
42c97811 95 ("perl" ,perl)
101e67ac 96 ("vpnc-scripts" ,vpnc-scripts)))
49f24f41
AE		 97 (arguments
98 `(#:tests? #f ; there is no check target
49f24f41 99 #:phases
42c97811 100 (modify-phases %standard-phases
101e67ac 101 (add-after 'unpack 'use-store-paths
42c97811 102 (lambda* (#:key inputs outputs #:allow-other-keys)
101e67ac
TGR		 103 (let ((out (assoc-ref outputs "out"))
104 (vpnc-scripts (assoc-ref inputs "vpnc-scripts")))
105 (substitute* "config.c"
106 (("/etc/vpnc/vpnc-script")
107 (string-append vpnc-scripts "/etc/vpnc/vpnc-script")))
108 (substitute* "Makefile"
109 (("ETCDIR=.*")
110 (string-append "ETCDIR=" out "/etc/vpnc\n"))
111 (("PREFIX=.*")
112 (string-append "PREFIX=" out "\n")))
113 #t)))
114 (delete 'configure)))) ; no configure script
799dcdc4 115 (synopsis "Client for Cisco VPN concentrators")
49f24f41
AE		 116 (description
117 "vpnc is a VPN client compatible with Cisco's EasyVPN equipment.
35b9e423 118It supports IPSec (ESP) with Mode Configuration and Xauth. It supports only
49f24f41 119shared-secret IPSec authentication with Xauth, AES (256, 192, 128), 3DES,
35b9e423 1201DES, MD5, SHA1, DH1/2/5 and IP tunneling. It runs entirely in userspace.
49f24f41
AE		 121Only \"Universal TUN/TAP device driver support\" is needed in the kernel.")
122 (license license:gpl2+) ; some file are bsd-2, see COPYING
d61043c7 123 (home-page "https://www.unix-ag.uni-kl.de/~massar/vpnc/")))
71f4b81a 124
06d91fd9 125(define-public vpnc-scripts
e3eaac98 126 (let ((commit "1000e0f6dd7d6bff163169a46359211c1fc3a6d2"))
06d91fd9
TGR		 127 (package
128 (name "vpnc-scripts")
e3eaac98 129 (version (string-append "20190116." (string-take commit 7)))
06d91fd9
TGR		 130 (source (origin
131 (method git-fetch)
132 (uri
133 (git-reference
134 (url "git://git.infradead.org/users/dwmw2/vpnc-scripts.git")
135 (commit commit)))
728ee9d6 136 (file-name (git-file-name name version))
06d91fd9
TGR		 137 (sha256
138 (base32
e3eaac98 139 "1g41yarz2bl0f73kbjqnywr485ghanbp7nmspklfb0n07yp0z6ak"))))
06d91fd9 140 (build-system gnu-build-system)
b47e083b
RW		 141 (inputs `(("guile" ,guile-2.2) ; for the wrapper scripts
142 ("coreutils" ,coreutils)
06d91fd9
TGR		 143 ("grep" ,grep)
144 ("iproute2" ,iproute) ; for ‘ip’
145 ("net-tools" ,net-tools) ; for ‘ifconfig’, ‘route’
146 ("sed" ,sed)
147 ("which" ,which)))
148 (arguments
149 `(#:phases
150 (modify-phases %standard-phases
151 (add-after 'unpack 'use-relative-paths
152 ;; Patch the scripts to work with and use relative paths.
153 (lambda* _
154 (for-each (lambda (script)
155 (substitute* script
156 (("^PATH=.*") "")
157 (("(/usr|)/s?bin/") "")
158 (("\\[ +-x +([^]]+) +\\]" _ command)
159 (string-append "command -v >/dev/null 2>&1 "
160 command))))
161 (find-files "." "^vpnc-script"))
162 #t))
163 (delete 'configure) ; no configure script
164 (replace 'build
165 (lambda _
863501b7 166 (invoke "gcc" "-o" "netunshare" "netunshare.c")))
06d91fd9
TGR		 167 (replace 'install
168 ;; There is no Makefile; manually install the relevant files.
169 (lambda* (#:key outputs #:allow-other-keys)
170 (let* ((out (assoc-ref outputs "out"))
171 (etc (string-append out "/etc/vpnc")))
172 (for-each (lambda (file)
173 (install-file file etc))
174 (append (find-files "." "^vpnc-script")
175 (list "netunshare"
176 "xinetd.netns.conf")))
177 #t)))
178 (add-after 'install 'wrap-scripts
179 ;; Wrap scripts with paths to their common hard dependencies.
180 ;; Optional dependencies will need to be installed by the user.
181 (lambda* (#:key inputs outputs #:allow-other-keys)
182 (let ((out (assoc-ref outputs "out")))
183 (for-each
184 (lambda (script)
b47e083b 185 (wrap-script (string-append out "/etc/vpnc/" script)
06d91fd9
TGR		 186 `("PATH" ":" prefix
187 ,(map (lambda (name)
188 (let ((input (assoc-ref inputs name)))
189 (string-append input "/bin:"
190 input "/sbin")))
191 (list "coreutils"
192 "grep"
193 "iproute2"
194 "net-tools"
195 "sed"
196 "which")))))
b47e083b
RW		 197 (list "vpnc-script-ptrtd"
198 "vpnc-script-sshd"
199 "vpnc-script"))
863501b7 200 #t))))
06d91fd9
TGR		 201 #:tests? #f)) ; no tests
202 (home-page "http://git.infradead.org/users/dwmw2/vpnc-scripts.git")
203 (synopsis "Network configuration scripts for Cisco VPN clients")
204 (description
205 "This set of scripts configures routing and name services when invoked
206by the VPNC or OpenConnect Cisco @dfn{Virtual Private Network} (VPN) clients.
207
208The default @command{vpnc-script} automatically configures most common
209connections, and provides hooks for performing custom actions at various stages
210of the connection or disconnection process.
211
212Alternative scripts are provided for more complicated set-ups, or to serve as an
213example for writing your own. For example, @command{vpnc-script-sshd} contains
214the entire VPN in a network namespace accessible only through SSH.")
215 (license license:gpl2+))))
71f4b81a 216
01224157
PL		 217(define-public ocproxy
218 (package
219 (name "ocproxy")
220 (version "1.60")
221 (source (origin
98ebc8fd
EF		 222 (method git-fetch)
223 (uri (git-reference
224 (url "https://github.com/cernekee/ocproxy.git")
225 (commit (string-append "v" version))))
226 (file-name (git-file-name name version))
01224157
PL		 227 (sha256
228 (base32
98ebc8fd 229 "03323nnhb4y9nzwva04mq7xg03dvdrgp689g89f69jqc261skcqx"))))
01224157
PL		 230 (build-system gnu-build-system)
231 (native-inputs
232 `(("autoconf" ,autoconf)
233 ("automake" ,automake)))
234 (inputs
235 `(("libevent" ,libevent)))
01224157
PL		 236 (home-page "https://github.com/cernekee/ocproxy")
237 (synopsis "OpenConnect proxy")
238 (description
239 "User-level @dfn{SOCKS} and port forwarding proxy for OpenConnect based
240on LwIP. When using ocproxy, OpenConnect only handles network activity that
241the user specifically asks to proxy, so the @dfn{VPN} interface no longer
242\"hijacks\" all network traffic on the host.")
243 (license license:bsd-3)))
244
71f4b81a
AE		 245(define-public openconnect
246 (package
247 (name "openconnect")
e4aa83be 248 (version "8.09")
71f4b81a
AE		 249 (source (origin
250 (method url-fetch)
d4bf49b1
EB		 251 (uri (string-append "ftp://ftp.infradead.org/pub/openconnect/"
252 "openconnect-" version ".tar.gz"))
c383c36e 253 (sha256
e4aa83be 254 (base32 "19p91hs6j348qp0v9c7abl3rb8d9ncc37k743qhrn29s9jz0567k"))))
71f4b81a 255 (build-system gnu-build-system)
0d7f282b 256 (propagated-inputs
c4c4cc05 257 `(("libxml2" ,libxml2)
a5ab71c7 258 ("gnutls" ,gnutls-3.6.13)
71f4b81a 259 ("zlib" ,zlib)))
0d7f282b 260 (inputs
1d7f3c00
TGR		 261 `(("lz4" ,lz4)
262 ("vpnc-scripts" ,vpnc-scripts)))
c4c4cc05 263 (native-inputs
b94a6ca0 264 `(("gettext" ,gettext-minimal)
c4c4cc05 265 ("pkg-config" ,pkg-config)))
71f4b81a 266 (arguments
d4bf49b1
EB		 267 `(#:configure-flags
268 `(,(string-append "--with-vpnc-script="
a6d06e86 269 (assoc-ref %build-inputs "vpnc-scripts")
d4bf49b1 270 "/etc/vpnc/vpnc-script"))))
799dcdc4 271 (synopsis "Client for Cisco VPN")
71f4b81a
AE		 272 (description
273 "OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is
274supported by the ASA5500 Series, by IOS 12.4(9)T or later on Cisco SR500,
275870, 880, 1800, 2800, 3800, 7200 Series and Cisco 7301 Routers,
276and probably others.")
277 (license license:lgpl2.1)
8b1d0ff4 278 (home-page "https://www.infradead.org/openconnect/")))
dc77f0d3
DT		 279
280(define-public openvpn
281 (package
282 (name "openvpn")
a2fd72c7 283 (version "2.4.8")
dc77f0d3
DT		 284 (source (origin
285 (method url-fetch)
286 (uri (string-append
287 "https://swupdate.openvpn.org/community/releases/openvpn-"
288 version ".tar.xz"))
289 (sha256
290 (base32
a2fd72c7 291 "149z3agjy03i66mcj5bplim2mh45s2ps1wmxbxczyzw0nxmsd37v"))))
dc77f0d3
DT		 292 (build-system gnu-build-system)
293 (arguments
294 '(#:configure-flags '("--enable-iproute2=yes")))
295 (native-inputs
296 `(("iproute2" ,iproute)))
297 (inputs
dee9a262
EF		 298 `(("lz4" ,lz4)
299 ("lzo" ,lzo)
dc77f0d3
DT		 300 ("openssl" ,openssl)
301 ("linux-pam" ,linux-pam)))
302 (home-page "https://openvpn.net/")
303 (synopsis "Virtual private network daemon")
9599339c
TGR		 304 (description
305 "OpenVPN implements virtual private network (@dfn{VPN}) techniques
dc77f0d3
DT		 306for creating secure point-to-point or site-to-site connections in routed or
307bridged configurations and remote access facilities. It uses a custom
308security protocol that utilizes SSL/TLS for key exchange. It is capable of
9599339c 309traversing network address translators (@dfn{NAT}s) and firewalls.")
dc77f0d3 310 (license license:gpl2)))
feca8e2b
JM		 311
312(define-public tinc
313 (package
314 (name "tinc")
2b247e51 315 (version "1.0.36")
feca8e2b
JM		 316 (source (origin
317 (method url-fetch)
e81ddeda 318 (uri (string-append "https://tinc-vpn.org/packages/"
657c3ff6 319 "tinc-" version ".tar.gz"))
feca8e2b
JM		 320 (sha256
321 (base32
2b247e51 322 "021i2sl2mjscbm8g59d7vs74iw3gf0m48wg7w3zhwj6czarkpxs0"))))
feca8e2b 323 (build-system gnu-build-system)
7b770eca
SB		 324 (arguments
325 '(#:configure-flags
326 '("--sysconfdir=/etc"
327 "--localstatedir=/var")))
feca8e2b
JM		 328 (inputs `(("zlib" ,zlib)
329 ("lzo" ,lzo)
330 ("openssl" ,openssl)))
e81ddeda 331 (home-page "https://tinc-vpn.org")
feca8e2b
JM		 332 (synopsis "Virtual Private Network (VPN) daemon")
333 (description
334 "Tinc is a VPN that uses tunnelling and encryption to create a secure
335private network between hosts on the internet.")
336 (license license:gpl2+)))
5c863d57
TGR		 337
338(define-public sshuttle
339 (package
340 (name "sshuttle")
627c6531 341 (version "0.78.5")
5c863d57
TGR		 342 (source
343 (origin
344 (method url-fetch)
345 (uri (pypi-uri name version))
346 (sha256
347 (base32
627c6531 348 "0vp13xwrhx4m6zgsyzvai84lkq9mzkaw47j58dk0ll95kaymk2x8"))))
5c863d57 349 (build-system python-build-system)
c32863e0
TGR		 350 (arguments
351 `(#:phases
352 (modify-phases %standard-phases
353 (add-after 'unpack 'patch-FHS-file-names
354 (lambda _
355 (substitute* "sshuttle/client.py"
356 (("/usr/bin/env") (which "env")))
357 (substitute* "sshuttle/ssh.py"
0e2d3ce2 358 (("/bin/sh") "sh"))
c32863e0 359 #t)))))
5c863d57 360 (native-inputs
3308591f 361 `(("python-setuptools-scm" ,python-setuptools-scm)
5c863d57 362 ;; For tests only.
627c6531 363 ("python-flake8", python-flake8)
5c863d57 364 ("python-mock" ,python-mock)
627c6531 365 ("python-pytest-cov" ,python-pytest-cov)
3308591f 366 ("python-pytest-runner" ,python-pytest-runner)))
5c863d57
TGR		 367 (home-page "https://github.com/sshuttle/sshuttle")
368 (synopsis "VPN that transparently forwards connections over SSH")
369 (description "sshuttle creates an encrypted virtual private network (VPN)
370connection to any remote server to which you have secure shell (SSH) access.
371The only requirement is a suitable version of Python on the server;
372administrative privileges are required only on the client. Unlike most VPNs,
373sshuttle forwards entire sessions, not packets, using kernel transparent
374proxying. This makes it faster and more reliable than SSH's own tunneling and
375port forwarding features. It can forward both TCP and UDP traffic, including
376DNS domain name queries.")
377 (license license:lgpl2.0))) ; incorrectly identified as GPL in ‘setup.py’
1ce6f33b
TGR		 378
379(define-public sshoot
380 (package
381 (name "sshoot")
3b4018d6 382 (version "1.2.6")
1ce6f33b
TGR		 383 (source
384 (origin
385 (method url-fetch)
386 (uri (pypi-uri name version))
387 (sha256
388 (base32
3b4018d6 389 "1ccgh0hjyxrwkgy3hnxz3hgbjbs0lmfs25d5l5jam0xbpcpj63h0"))))
1ce6f33b 390 (build-system python-build-system)
c0b12a60
MB		 391 (arguments
392 '(#:phases
393 (modify-phases %standard-phases
394 (add-after 'unpack 'patch-paths
395 (lambda _
396 (substitute* "sshoot/tests/test_manager.py"
397 (("/bin/sh") (which "sh")))
398 #t)))))
1ce6f33b
TGR		 399 (inputs
400 `(("python-argcomplete" ,python-argcomplete)
401 ("python-prettytable" ,python-prettytable)
402 ("python-pyyaml" ,python-pyyaml)))
403 ;; For tests only.
404 (native-inputs
405 `(("python-fixtures" ,python-fixtures)
406 ("python-pbr" ,python-pbr)
407 ("python-testtools" ,python-testtools)))
3b4018d6 408 (home-page "https://github.com/albertodonato/sshoot")
1ce6f33b
TGR		 409 (synopsis "sshuttle VPN session manager")
410 (description "sshoot provides a command-line interface to manage multiple
411@command{sshuttle} virtual private networks. It supports flexible profiles
412with configuration options for most of @command{sshuttle}’s features.")
413 (license license:gpl3+)))
7ba2b274
MP		 414
415(define-public badvpn
416 (package
417 (name "badvpn")
418 (version "1.999.130")
419 (source
420 (origin
421 (method git-fetch)
422 (uri (git-reference
423 (url "https://github.com/ambrop72/badvpn.git")
424 (commit version)))
425 (file-name (git-file-name name version))
426 (sha256
427 (base32 "0rm67xhi7bh3yph1vh07imv5y1pwyldvw3wa5bz471g8mnkc7d3c"))))
428 (build-system cmake-build-system)
429 (arguments
430 '(#:tests? #f)) ; no tests
431 (inputs
432 `(("nspr" ,nspr)
433 ("nss" ,nss)
434 ("openssl" ,openssl)))
435 (native-inputs
436 `(("pkg-config" ,pkg-config)))
437 (home-page "https://github.com/ambrop72/badvpn")
438 (synopsis "Peer-to-peer virtual private network (VPN)")
439 (description "@code{BadVPN} is a collection of virtual private
440network (VPN) tools. It includes:
441
442@enumerate
443@item NCD programming language.\n
444NCD (Network Configuration Daemon) is a daemon and programming/scripting
445language for configuration of network interfaces and other aspects of the
446operating system.
447@item Tun2socks network-layer proxifier.\n
448The tun2socks program socksifes TCP connections at the network layer. It
449implements a TUN device which accepts all incoming TCP connections (regardless
450of destination IP), and forwards the connections through a SOCKS server.
451@item Peer-to-peer VPN.\n
452The peer-to-peer VPN implements a Layer 2 (Ethernet) network between the peers
453(VPN nodes).
454@end enumerate")
455 ;; This project contains a bundled lwIP. lwIP is also released under the
456 ;; 3-clause BSD license.
457 (license license:bsd-3)))
7a0479bb 458
336d7644 459(define-public wireguard-linux-compat
7a0479bb 460 (package
336d7644
LF		 461 (name "wireguard-linux-compat")
462 (version "1.0.20200401")
7a0479bb
LF		 463 (source (origin
464 (method url-fetch)
336d7644
LF		 465 (uri (string-append "https://git.zx2c4.com/wireguard-linux-compat/"
466 "snapshot/wireguard-linux-compat-" version
467 ".tar.xz"))
7a0479bb
LF		 468 (sha256
469 (base32
336d7644 470 "0ymprz3h4b92wlcqm5k5vmcgap8pjv202bgkdx0axmp12n1lmyvx"))))
3b177a6c
BW		 471 (build-system linux-module-build-system)
472 (outputs '("out"
473 "kernel-patch"))
7a0479bb 474 (arguments
336d7644 475 `(#:tests? #f ; No test suite
3b177a6c 476 #:modules ((guix build linux-module-build-system)
7a0479bb
LF		 477 (guix build utils)
478 (ice-9 popen)
479 (ice-9 textual-ports))
480 #:phases
481 (modify-phases %standard-phases
3b177a6c
BW		 482 (add-before 'build 'change-directory
483 (lambda _
484 (chdir "./src")
485 #t))
486 (add-after 'build 'build-patch
7a0479bb 487 (lambda* (#:key outputs #:allow-other-keys)
3b177a6c 488 (let* ((patch-builder "../kernel-tree-scripts/create-patch.sh")
7a0479bb
LF		 489 (port (open-input-pipe patch-builder))
490 (str (get-string-all port)))
491 (close-pipe port)
336d7644 492 (call-with-output-file "wireguard.patch"
7a0479bb
LF		 493 (lambda (port)
494 (format port "~a" str))))
336d7644 495 #t))
3b177a6c 496 (add-after 'install 'install-patch
336d7644
LF		 497 (lambda* (#:key outputs #:allow-other-keys)
498 (install-file "wireguard.patch"
3b177a6c
BW		 499 (assoc-ref %outputs "kernel-patch"))
500 #t))
501 ;; So that 'install-license-files' works...
502 (add-before 'install-license-files 'reset-cwd
503 (lambda _
504 (chdir "..")
336d7644
LF		 505 #t)))))
506 (home-page "https://git.zx2c4.com/wireguard-linux-compat/")
507 (synopsis "WireGuard kernel module for Linux 3.10 through 5.5")
3b177a6c
BW		 508 (description "This package contains an out-of-tree kernel patch and
509a loadable module adding WireGuard to Linux kernel versions 3.10 through 5.5.
510WireGuard was added to Linux 5.6.")
7a0479bb 511 (license license:gpl2)))
1b17c23e 512
10650b89
TGR		 513(define-public wireguard-tools
514 (package
515 (name "wireguard-tools")
516 (version "1.0.20200206")
517 (source
518 (origin
519 (method git-fetch)
520 (uri (git-reference
521 (url "https://git.zx2c4.com/wireguard-tools.git")
522 (commit (string-append "v" version))))
523 (file-name (git-file-name name version))
524 (sha256
525 (base32 "0ivc08lds5w39a6f2xdfih9wlk5g724hl3kpdvxvh5yff4l84qb7"))))
526 (build-system gnu-build-system)
527 (arguments
19781930 528 `(#:make-flags
10650b89 529 (list "CC=gcc"
c1005113 530 "--directory=src"
10650b89
TGR		 531 "WITH_BASHCOMPLETION=yes"
532 ;; Install the ‘simple and dirty’ helper script wg-quick(8).
533 "WITH_WGQUICK=yes"
534 (string-append "PREFIX=" (assoc-ref %outputs "out"))
535 ;; Currently used only to create an empty /etc/wireguard directory.
536 (string-append "SYSCONFDIR=no-thanks"))
19781930
LF		 537 ;; The test suite is meant to be run interactively. It runs Clang's
538 ;; scan-build static analyzer and then starts a web server to display the
539 ;; results.
540 #:tests? #f
10650b89
TGR		 541 #:phases
542 (modify-phases %standard-phases
c1005113
LF		 543 ;; No configure script
544 (delete 'configure))))
10650b89
TGR		 545 (home-page "https://www.wireguard.com/")
546 (synopsis "Tools for configuring WireGuard tunnels")
547 (description
548 "This package provides the user-space command-line tools for using and
549configuring WireGuard tunnels.
550
551WireGuard is a simple and fast general-purpose @acronym{VPN, Virtual Private
552Network} that securely encapsulates IP packets over UDP. It aims to be as easy
553to configure and deploy as SSH. VPN connections are made simply by exchanging
554public keys and can roam across IP addresses.")
555 (license
556 (list license:lgpl2.1+ ; src/netlink.h & contrib/embeddable-wg-library
557 license:gpl2)))) ; everything else
558
336d7644
LF		 559(define-public wireguard
560 (deprecated-package "wireguard" wireguard-tools))
561
1b17c23e
 562(define-public xl2tpd
563 (package
564 (name "xl2tpd")
1f3700a4 565 (version "1.3.15")
1b17c23e
 566 (source (origin
567 (method git-fetch)
568 (uri (git-reference
569 (url "https://github.com/xelerance/xl2tpd")
570 (commit (string-append "v" version))))
28341601 571 (file-name (git-file-name name version))
1b17c23e
 572 (sha256
573 (base32
1f3700a4 574 "0ppwza8nwm1av1vldw40gin9wrjrs4l9si50jad414js3k8ycaag"))))
1b17c23e
 575 (build-system gnu-build-system)
576 (arguments
0309e004 577 `(#:make-flags (list (string-append "PREFIX=" %output)
1b17c23e
 578 "CC=gcc")
579 #:phases (modify-phases %standard-phases
14ccd8f8
TGR		 580 (delete 'configure)) ; no configure script
581 #:tests? #f)) ; no tests provided
1b17c23e
 582 (inputs `(("libpcap" ,libpcap)))
583 (home-page "https://www.xelerance.com/software/xl2tpd/")
584 (synopsis "Layer 2 Tunnelling Protocol Daemon (RFC 2661)")
585 (description
586 "xl2tpd is an implementation of the Layer 2 Tunnelling Protocol (RFC 2661).
587L2TP allows you to tunnel PPP over UDP.")
588 (license license:gpl2)))
jackhill's copy of GNU Guix: https://guix.gnu.org/