[jackhill/guix/guix.git] / gnu / packages / vpn.scm

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2013, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Jeff Mickey <j@codemac.net>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu packages vpn)
  #:use-module ((guix licenses) #:prefix license:)
  #:use-module (guix packages)
  #:use-module (guix download)
  #:use-module (guix build-system gnu)
  #:use-module (gnu packages)
  #:use-module (gnu packages compression)
  #:use-module (gnu packages gettext)
  #:use-module (gnu packages gnupg)
  #:use-module (gnu packages linux)
  #:use-module (gnu packages perl)
  #:use-module (gnu packages pkg-config)
  #:use-module (gnu packages tls)
  #:use-module (gnu packages xml))

(define-public gvpe
  (package
    (name "gvpe")
    (version "2.25")
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnu/gvpe/gvpe-"
                                  version ".tar.gz"))
              (sha256
               (base32
                "1gsipcysvsk80gvyn9jnk9g0xg4ng9yd5zp066jnmpgs52d2vhvk"))))
    (build-system gnu-build-system)
    (home-page "http://software.schmorp.de/pkg/gvpe.html")
    (inputs `(("openssl" ,openssl)
              ("zlib" ,zlib)))
    (synopsis "Secure VPN among multiple nodes over an untrusted network")
    (description
     "The GNU Virtual Private Ethernet creates a virtual network
with multiple nodes using a variety of transport protocols.  It works
by creating encrypted host-to-host tunnels between multiple
endpoints.")
    (license license:gpl3+)))

(define-public vpnc
  (package
   (name "vpnc")
   (version "0.5.3")
   (source (origin
            (method url-fetch)
            (uri (string-append "https://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-"
                                version ".tar.gz"))
            (sha256 (base32
                     "1128860lis89g1s21hqxvap2nq426c9j4bvgghncc1zj0ays7kj6"))
            (patches (search-patches "vpnc-script.patch"))))
   (build-system gnu-build-system)
   (inputs `(("libgcrypt" ,libgcrypt)
             ("perl" ,perl)

             ;; The following packages provide commands that 'vpnc-script'
             ;; expects.
             ("net-tools" ,net-tools)             ;ifconfig, route
             ("iproute2" ,iproute)))              ;ip
   (arguments
    `(#:tests? #f ; there is no check target
      #:phases
      (modify-phases %standard-phases
        (replace 'configure
          (lambda* (#:key outputs #:allow-other-keys)
            (let ((out (assoc-ref outputs "out")))
              (substitute* "Makefile"
                (("PREFIX=/usr/local") (string-append "PREFIX=" out)))
              (substitute* "Makefile"
                (("ETCDIR=/etc/vpnc") (string-append "ETCDIR=" out
                                                     "/etc/vpnc"))))))
        (add-after 'install 'wrap-vpnc-script
          (lambda* (#:key inputs outputs #:allow-other-keys)
            ;; Wrap 'etc/vpnc/vpnc-script' so that it finds the commands it
            ;; needs.  Assume coreutils/grep/sed are in $PATH.
            (let ((out (assoc-ref outputs "out")))
              (wrap-program (string-append out "/etc/vpnc/vpnc-script")
                `("PATH" ":" prefix
                  (,(string-append (assoc-ref inputs "net-tools")
                                   "/sbin")
                   ,(string-append (assoc-ref inputs "net-tools")
                                   "/bin")
                   ,(string-append (assoc-ref inputs "iproute2")
                                   "/sbin"))))))))))
   (synopsis "Client for Cisco VPN concentrators")
   (description
    "vpnc is a VPN client compatible with Cisco's EasyVPN equipment.
It supports IPSec (ESP) with Mode Configuration and Xauth.  It supports only
shared-secret IPSec authentication with Xauth, AES (256, 192, 128), 3DES,
1DES, MD5, SHA1, DH1/2/5 and IP tunneling.  It runs entirely in userspace.
Only \"Universal TUN/TAP device driver support\" is needed in the kernel.")
   (license license:gpl2+) ; some file are bsd-2, see COPYING
   (home-page "http://www.unix-ag.uni-kl.de/~massar/vpnc/")))


(define-public openconnect
  (package
   (name "openconnect")
   (version "7.05")
   (source (origin
            (method url-fetch)
            (uri (string-append "ftp://ftp.infradead.org/pub/openconnect/"
                                "openconnect-" version ".tar.gz"))
            (sha256 (base32
                     "1i102yr8yp2ny587n6pd966443h1pqxyw5q0n5afq575046jj98g"))))
   (build-system gnu-build-system)
   (inputs
    `(("libxml2" ,libxml2)
      ("gnutls" ,gnutls)
      ("vpnc" ,vpnc)
      ("zlib" ,zlib)))
   (native-inputs
    `(("gettext" ,gnu-gettext)
      ("pkg-config" ,pkg-config)))
   (arguments
    `(#:configure-flags
      `(,(string-append "--with-vpnc-script="
                        (assoc-ref %build-inputs "vpnc")
                        "/etc/vpnc/vpnc-script"))))
   (synopsis "Client for Cisco VPN")
   (description
    "OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is
supported by the ASA5500 Series, by IOS 12.4(9)T or later on Cisco SR500,
870, 880, 1800, 2800, 3800, 7200 Series and Cisco 7301 Routers,
and probably others.")
   (license license:lgpl2.1)
   (home-page "http://www.infradead.org/openconnect/")))

(define-public openvpn
  (package
    (name "openvpn")
    (version "2.3.9")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://swupdate.openvpn.org/community/releases/openvpn-"
                    version ".tar.xz"))
              (sha256
               (base32
                "1hfwmdsp7s34qx34qgwrpp89h30744lbsks6y619cdh27bpnpwaj"))))
    (build-system gnu-build-system)
    (arguments
     '(#:configure-flags '("--enable-iproute2=yes")))
    (native-inputs
     `(("iproute2" ,iproute)))
    (inputs
     `(("lzo" ,lzo)
       ("openssl" ,openssl)
       ("linux-pam" ,linux-pam)))
    (home-page "https://openvpn.net/")
    (synopsis "Virtual private network daemon")
    (description "OpenVPN implements virtual private network (VPN) techniques
for creating secure point-to-point or site-to-site connections in routed or
bridged configurations and remote access facilities.  It uses a custom
security protocol that utilizes SSL/TLS for key exchange.  It is capable of
traversing network address translators (NATs) and firewalls.")
    (license license:gpl2)))

(define-public tinc
  (package
    (name "tinc")
    (version "1.0.28")
    (source (origin
              (method url-fetch)
              (uri (string-append "http://tinc-vpn.org/packages/"
                                  name "-" version ".tar.gz"))
              (sha256
               (base32
                "0i5kx3hza359nclyhb60kxlzqyx0phmg175350hww28g6scjcl0b"))))
    (build-system gnu-build-system)
    (arguments
     '(#:configure-flags
       '("--sysconfdir=/etc"
         "--localstatedir=/var")))
    (inputs `(("zlib" ,zlib)
              ("lzo" ,lzo)
              ("openssl" ,openssl)))
    (home-page "http://tinc-vpn.org")
    (synopsis "Virtual Private Network (VPN) daemon")
    (description
     "Tinc is a VPN that uses tunnelling and encryption to create a secure
private network between hosts on the internet.")
    (license license:gpl2+)))
Commit	Line	Data
49f24f41 AE	1	;;; GNU Guix --- Functional package management for GNU
49f24f41 AE	2	;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
42c97811	3	;;; Copyright © 2013, 2016 Ludovic Courtès <ludo@gnu.org>
d4bf49b1	4	;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
feca8e2b	5	;;; Copyright © 2015 Jeff Mickey <j@codemac.net>
a8cdc49e	6	;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
49f24f41 AE	7	;;;
	8	;;; This file is part of GNU Guix.
	9	;;;
	10	;;; GNU Guix is free software; you can redistribute it and/or modify it
	11	;;; under the terms of the GNU General Public License as published by
	12	;;; the Free Software Foundation; either version 3 of the License, or (at
	13	;;; your option) any later version.
	14	;;;
	15	;;; GNU Guix is distributed in the hope that it will be useful, but
	16	;;; WITHOUT ANY WARRANTY; without even the implied warranty of
	17	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	18	;;; GNU General Public License for more details.
	19	;;;
	20	;;; You should have received a copy of the GNU General Public License
	21	;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
	22
	23	(define-module (gnu packages vpn)
b5b73a82	24	#:use-module ((guix licenses) #:prefix license:)
49f24f41 AE	25	#:use-module (guix packages)
	26	#:use-module (guix download)
	27	#:use-module (guix build-system gnu)
	28	#:use-module (gnu packages)
71f4b81a	29	#:use-module (gnu packages compression)
1dba6407	30	#:use-module (gnu packages gettext)
49f24f41	31	#:use-module (gnu packages gnupg)
dc77f0d3	32	#:use-module (gnu packages linux)
71f4b81a AE	33	#:use-module (gnu packages perl)
71f4b81a AE	34	#:use-module (gnu packages pkg-config)
a7fd7b68	35	#:use-module (gnu packages tls)
71f4b81a	36	#:use-module (gnu packages xml))
49f24f41	37
7af8a9b7 LC	38	(define-public gvpe
	39	(package
	40	(name "gvpe")
	41	(version "2.25")
	42	(source (origin
	43	(method url-fetch)
	44	(uri (string-append "mirror://gnu/gvpe/gvpe-"
	45	version ".tar.gz"))
	46	(sha256
	47	(base32
	48	"1gsipcysvsk80gvyn9jnk9g0xg4ng9yd5zp066jnmpgs52d2vhvk"))))
	49	(build-system gnu-build-system)
	50	(home-page "http://software.schmorp.de/pkg/gvpe.html")
	51	(inputs `(("openssl" ,openssl)
	52	("zlib" ,zlib)))
	53	(synopsis "Secure VPN among multiple nodes over an untrusted network")
	54	(description
	55	"The GNU Virtual Private Ethernet creates a virtual network
	56	with multiple nodes using a variety of transport protocols. It works
	57	by creating encrypted host-to-host tunnels between multiple
	58	endpoints.")
	59	(license license:gpl3+)))
	60
49f24f41 AE	61	(define-public vpnc
	62	(package
	63	(name "vpnc")
	64	(version "0.5.3")
	65	(source (origin
	66	(method url-fetch)
594360f5	67	(uri (string-append "https://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-"
49f24f41 AE	68	version ".tar.gz"))
49f24f41 AE	69	(sha256 (base32
01eafd38	70	"1128860lis89g1s21hqxvap2nq426c9j4bvgghncc1zj0ays7kj6"))
fc1adab1	71	(patches (search-patches "vpnc-script.patch"))))
49f24f41 AE	72	(build-system gnu-build-system)
49f24f41 AE	73	(inputs `(("libgcrypt" ,libgcrypt)
42c97811 LC	74	("perl" ,perl)
	75
	76	;; The following packages provide commands that 'vpnc-script'
	77	;; expects.
	78	("net-tools" ,net-tools) ;ifconfig, route
	79	("iproute2" ,iproute))) ;ip
49f24f41 AE	80	(arguments
49f24f41 AE	81	`(#:tests? #f ; there is no check target
49f24f41	82	#:phases
42c97811 LC	83	(modify-phases %standard-phases
	84	(replace 'configure
	85	(lambda* (#:key outputs #:allow-other-keys)
	86	(let ((out (assoc-ref outputs "out")))
	87	(substitute* "Makefile"
	88	(("PREFIX=/usr/local") (string-append "PREFIX=" out)))
	89	(substitute* "Makefile"
	90	(("ETCDIR=/etc/vpnc") (string-append "ETCDIR=" out
	91	"/etc/vpnc"))))))
	92	(add-after 'install 'wrap-vpnc-script
	93	(lambda* (#:key inputs outputs #:allow-other-keys)
	94	;; Wrap 'etc/vpnc/vpnc-script' so that it finds the commands it
	95	;; needs. Assume coreutils/grep/sed are in $PATH.
	96	(let ((out (assoc-ref outputs "out")))
	97	(wrap-program (string-append out "/etc/vpnc/vpnc-script")
	98	`("PATH" ":" prefix
	99	(,(string-append (assoc-ref inputs "net-tools")
	100	"/sbin")
	101	,(string-append (assoc-ref inputs "net-tools")
	102	"/bin")
	103	,(string-append (assoc-ref inputs "iproute2")
	104	"/sbin"))))))))))
799dcdc4	105	(synopsis "Client for Cisco VPN concentrators")
49f24f41 AE	106	(description
49f24f41 AE	107	"vpnc is a VPN client compatible with Cisco's EasyVPN equipment.
35b9e423	108	It supports IPSec (ESP) with Mode Configuration and Xauth. It supports only
49f24f41	109	shared-secret IPSec authentication with Xauth, AES (256, 192, 128), 3DES,
35b9e423	110	1DES, MD5, SHA1, DH1/2/5 and IP tunneling. It runs entirely in userspace.
49f24f41 AE	111	Only \"Universal TUN/TAP device driver support\" is needed in the kernel.")
	112	(license license:gpl2+) ; some file are bsd-2, see COPYING
	113	(home-page "http://www.unix-ag.uni-kl.de/~massar/vpnc/")))
71f4b81a AE	114
	115
	116	(define-public openconnect
	117	(package
	118	(name "openconnect")
060e365a	119	(version "7.05")
71f4b81a AE	120	(source (origin
71f4b81a AE	121	(method url-fetch)
d4bf49b1 EB	122	(uri (string-append "ftp://ftp.infradead.org/pub/openconnect/"
d4bf49b1 EB	123	"openconnect-" version ".tar.gz"))
71f4b81a	124	(sha256 (base32
060e365a	125	"1i102yr8yp2ny587n6pd966443h1pqxyw5q0n5afq575046jj98g"))))
71f4b81a AE	126	(build-system gnu-build-system)
71f4b81a AE	127	(inputs
c4c4cc05	128	`(("libxml2" ,libxml2)
060e365a	129	("gnutls" ,gnutls)
71f4b81a AE	130	("vpnc" ,vpnc)
71f4b81a AE	131	("zlib" ,zlib)))
c4c4cc05 JD	132	(native-inputs
	133	`(("gettext" ,gnu-gettext)
	134	("pkg-config" ,pkg-config)))
71f4b81a	135	(arguments
d4bf49b1 EB	136	`(#:configure-flags
	137	`(,(string-append "--with-vpnc-script="
	138	(assoc-ref %build-inputs "vpnc")
	139	"/etc/vpnc/vpnc-script"))))
799dcdc4	140	(synopsis "Client for Cisco VPN")
71f4b81a AE	141	(description
	142	"OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is
	143	supported by the ASA5500 Series, by IOS 12.4(9)T or later on Cisco SR500,
	144	870, 880, 1800, 2800, 3800, 7200 Series and Cisco 7301 Routers,
	145	and probably others.")
	146	(license license:lgpl2.1)
	147	(home-page "http://www.infradead.org/openconnect/")))
dc77f0d3 DT	148
	149	(define-public openvpn
	150	(package
	151	(name "openvpn")
a8cdc49e	152	(version "2.3.9")
dc77f0d3 DT	153	(source (origin
	154	(method url-fetch)
	155	(uri (string-append
	156	"https://swupdate.openvpn.org/community/releases/openvpn-"
	157	version ".tar.xz"))
	158	(sha256
	159	(base32
a8cdc49e	160	"1hfwmdsp7s34qx34qgwrpp89h30744lbsks6y619cdh27bpnpwaj"))))
dc77f0d3 DT	161	(build-system gnu-build-system)
	162	(arguments
	163	'(#:configure-flags '("--enable-iproute2=yes")))
	164	(native-inputs
	165	`(("iproute2" ,iproute)))
	166	(inputs
	167	`(("lzo" ,lzo)
	168	("openssl" ,openssl)
	169	("linux-pam" ,linux-pam)))
	170	(home-page "https://openvpn.net/")
	171	(synopsis "Virtual private network daemon")
	172	(description "OpenVPN implements virtual private network (VPN) techniques
	173	for creating secure point-to-point or site-to-site connections in routed or
	174	bridged configurations and remote access facilities. It uses a custom
	175	security protocol that utilizes SSL/TLS for key exchange. It is capable of
e881752c	176	traversing network address translators (NATs) and firewalls.")
dc77f0d3	177	(license license:gpl2)))
feca8e2b JM	178
	179	(define-public tinc
	180	(package
	181	(name "tinc")
7e19194d	182	(version "1.0.28")
feca8e2b JM	183	(source (origin
	184	(method url-fetch)
	185	(uri (string-append "http://tinc-vpn.org/packages/"
	186	name "-" version ".tar.gz"))
	187	(sha256
	188	(base32
7e19194d	189	"0i5kx3hza359nclyhb60kxlzqyx0phmg175350hww28g6scjcl0b"))))
feca8e2b	190	(build-system gnu-build-system)
7b770eca SB	191	(arguments
	192	'(#:configure-flags
	193	'("--sysconfdir=/etc"
	194	"--localstatedir=/var")))
feca8e2b JM	195	(inputs `(("zlib" ,zlib)
	196	("lzo" ,lzo)
	197	("openssl" ,openssl)))
	198	(home-page "http://tinc-vpn.org")
	199	(synopsis "Virtual Private Network (VPN) daemon")
	200	(description
	201	"Tinc is a VPN that uses tunnelling and encryption to create a secure
	202	private network between hosts on the internet.")
	203	(license license:gpl2+)))