HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: Add protonvpn-cli.
[jackhill/guix/guix.git] / gnu / packages / vpn.scm
CommitLineData
49f24f41
AE		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
b6bee63b 3;;; Copyright © 2013, 2016, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
d4bf49b1 4;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
feca8e2b 5;;; Copyright © 2015 Jeff Mickey <j@codemac.net>
0d7f282b 6;;; Copyright © 2016, 2017, 2019 Efraim Flashner <efraim@flashner.co.il>
e4aa83be 7;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
fa3346b8 8;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu>
01224157 9;;; Copyright © 2018 Pierre Langlois <pierre.langlois@gmx.com>
7ba2b274 10;;; Copyright © 2018 Meiyo Peng <meiyo.peng@gmail.com>
c1005113 11;;; Copyright © 2019, 2020 Leo Famulari <leo@famulari.name>
9fd6ad3e 12;;; Copyright © 2019 Rutger Helling <rhelling@mykolab.com>
b47e083b 13;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net>
3b177a6c 14;;; Copyright © 2020 Brice Waegeneire <brice@waegenei.re>
c873980d 15;;; Copyright © 2020 Ryan Prior <rprior@protonmail.com>
49f24f41
AE		 16;;;
17;;; This file is part of GNU Guix.
18;;;
19;;; GNU Guix is free software; you can redistribute it and/or modify it
20;;; under the terms of the GNU General Public License as published by
21;;; the Free Software Foundation; either version 3 of the License, or (at
22;;; your option) any later version.
23;;;
24;;; GNU Guix is distributed in the hope that it will be useful, but
25;;; WITHOUT ANY WARRANTY; without even the implied warranty of
26;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27;;; GNU General Public License for more details.
28;;;
29;;; You should have received a copy of the GNU General Public License
30;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
31
32(define-module (gnu packages vpn)
b5b73a82 33 #:use-module ((guix licenses) #:prefix license:)
49f24f41
AE		 34 #:use-module (guix packages)
35 #:use-module (guix download)
06d91fd9 36 #:use-module (guix git-download)
7ba2b274 37 #:use-module (guix build-system cmake)
49f24f41 38 #:use-module (guix build-system gnu)
3b177a6c 39 #:use-module (guix build-system linux-module)
5c863d57 40 #:use-module (guix build-system python)
49f24f41 41 #:use-module (gnu packages)
1b17c23e 42 #:use-module (gnu packages admin)
06d91fd9 43 #:use-module (gnu packages base)
d084e71c 44 #:use-module (gnu packages bash)
ac257f12 45 #:use-module (gnu packages check)
d084e71c 46 #:use-module (gnu packages dns)
01224157 47 #:use-module (gnu packages autotools)
71f4b81a 48 #:use-module (gnu packages compression)
1dba6407 49 #:use-module (gnu packages gettext)
49f24f41 50 #:use-module (gnu packages gnupg)
b47e083b 51 #:use-module (gnu packages guile)
01224157 52 #:use-module (gnu packages libevent)
dc77f0d3 53 #:use-module (gnu packages linux)
aff0cce9 54 #:use-module (gnu packages nss)
71f4b81a
AE		 55 #:use-module (gnu packages perl)
56 #:use-module (gnu packages pkg-config)
5c863d57 57 #:use-module (gnu packages python)
44d10b1f 58 #:use-module (gnu packages python-xyz)
c873980d 59 #:use-module (gnu packages python-web)
a7fd7b68 60 #:use-module (gnu packages tls)
71f4b81a 61 #:use-module (gnu packages xml))
49f24f41 62
7af8a9b7
LC		 63(define-public gvpe
64 (package
65 (name "gvpe")
574d877e 66 (version "3.1")
7af8a9b7
LC		 67 (source (origin
68 (method url-fetch)
69 (uri (string-append "mirror://gnu/gvpe/gvpe-"
70 version ".tar.gz"))
71 (sha256
72 (base32
574d877e 73 "1cz8n75ksl0l908zc5l3rnfm1hv7130s2w8710799fr5sxrdbszi"))))
7af8a9b7
LC		 74 (build-system gnu-build-system)
75 (home-page "http://software.schmorp.de/pkg/gvpe.html")
574d877e 76 (native-inputs `(("pkg-config" ,pkg-config)))
7af8a9b7
LC		 77 (inputs `(("openssl" ,openssl)
78 ("zlib" ,zlib)))
79 (synopsis "Secure VPN among multiple nodes over an untrusted network")
80 (description
81 "The GNU Virtual Private Ethernet creates a virtual network
82with multiple nodes using a variety of transport protocols. It works
83by creating encrypted host-to-host tunnels between multiple
84endpoints.")
85 (license license:gpl3+)))
86
49f24f41
AE		 87(define-public vpnc
88 (package
89 (name "vpnc")
90 (version "0.5.3")
91 (source (origin
92 (method url-fetch)
594360f5 93 (uri (string-append "https://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-"
49f24f41
AE		 94 version ".tar.gz"))
95 (sha256 (base32
101e67ac 96 "1128860lis89g1s21hqxvap2nq426c9j4bvgghncc1zj0ays7kj6"))))
49f24f41
AE		 97 (build-system gnu-build-system)
98 (inputs `(("libgcrypt" ,libgcrypt)
42c97811 99 ("perl" ,perl)
101e67ac 100 ("vpnc-scripts" ,vpnc-scripts)))
49f24f41
AE		 101 (arguments
102 `(#:tests? #f ; there is no check target
49f24f41 103 #:phases
42c97811 104 (modify-phases %standard-phases
101e67ac 105 (add-after 'unpack 'use-store-paths
42c97811 106 (lambda* (#:key inputs outputs #:allow-other-keys)
101e67ac
TGR		 107 (let ((out (assoc-ref outputs "out"))
108 (vpnc-scripts (assoc-ref inputs "vpnc-scripts")))
109 (substitute* "config.c"
110 (("/etc/vpnc/vpnc-script")
111 (string-append vpnc-scripts "/etc/vpnc/vpnc-script")))
112 (substitute* "Makefile"
113 (("ETCDIR=.*")
114 (string-append "ETCDIR=" out "/etc/vpnc\n"))
115 (("PREFIX=.*")
116 (string-append "PREFIX=" out "\n")))
117 #t)))
118 (delete 'configure)))) ; no configure script
799dcdc4 119 (synopsis "Client for Cisco VPN concentrators")
49f24f41
AE		 120 (description
121 "vpnc is a VPN client compatible with Cisco's EasyVPN equipment.
35b9e423 122It supports IPSec (ESP) with Mode Configuration and Xauth. It supports only
49f24f41 123shared-secret IPSec authentication with Xauth, AES (256, 192, 128), 3DES,
35b9e423 1241DES, MD5, SHA1, DH1/2/5 and IP tunneling. It runs entirely in userspace.
49f24f41
AE		 125Only \"Universal TUN/TAP device driver support\" is needed in the kernel.")
126 (license license:gpl2+) ; some file are bsd-2, see COPYING
d61043c7 127 (home-page "https://www.unix-ag.uni-kl.de/~massar/vpnc/")))
71f4b81a 128
06d91fd9 129(define-public vpnc-scripts
e3eaac98 130 (let ((commit "1000e0f6dd7d6bff163169a46359211c1fc3a6d2"))
06d91fd9
TGR		 131 (package
132 (name "vpnc-scripts")
e3eaac98 133 (version (string-append "20190116." (string-take commit 7)))
06d91fd9
TGR		 134 (source (origin
135 (method git-fetch)
136 (uri
137 (git-reference
138 (url "git://git.infradead.org/users/dwmw2/vpnc-scripts.git")
139 (commit commit)))
728ee9d6 140 (file-name (git-file-name name version))
06d91fd9
TGR		 141 (sha256
142 (base32
e3eaac98 143 "1g41yarz2bl0f73kbjqnywr485ghanbp7nmspklfb0n07yp0z6ak"))))
06d91fd9 144 (build-system gnu-build-system)
b6bee63b 145 (inputs `(("guile" ,guile-3.0) ; for the wrapper scripts
b47e083b 146 ("coreutils" ,coreutils)
06d91fd9
TGR		 147 ("grep" ,grep)
148 ("iproute2" ,iproute) ; for ‘ip’
149 ("net-tools" ,net-tools) ; for ‘ifconfig’, ‘route’
150 ("sed" ,sed)
151 ("which" ,which)))
152 (arguments
153 `(#:phases
154 (modify-phases %standard-phases
155 (add-after 'unpack 'use-relative-paths
156 ;; Patch the scripts to work with and use relative paths.
157 (lambda* _
158 (for-each (lambda (script)
159 (substitute* script
160 (("^PATH=.*") "")
92594b2e 161 (("/usr/s?bin/") "")
06d91fd9
TGR		 162 (("\\[ +-x +([^]]+) +\\]" _ command)
163 (string-append "command -v >/dev/null 2>&1 "
164 command))))
165 (find-files "." "^vpnc-script"))
166 #t))
167 (delete 'configure) ; no configure script
168 (replace 'build
169 (lambda _
863501b7 170 (invoke "gcc" "-o" "netunshare" "netunshare.c")))
06d91fd9
TGR		 171 (replace 'install
172 ;; There is no Makefile; manually install the relevant files.
173 (lambda* (#:key outputs #:allow-other-keys)
174 (let* ((out (assoc-ref outputs "out"))
175 (etc (string-append out "/etc/vpnc")))
176 (for-each (lambda (file)
177 (install-file file etc))
178 (append (find-files "." "^vpnc-script")
179 (list "netunshare"
180 "xinetd.netns.conf")))
181 #t)))
182 (add-after 'install 'wrap-scripts
183 ;; Wrap scripts with paths to their common hard dependencies.
184 ;; Optional dependencies will need to be installed by the user.
185 (lambda* (#:key inputs outputs #:allow-other-keys)
186 (let ((out (assoc-ref outputs "out")))
187 (for-each
188 (lambda (script)
b47e083b 189 (wrap-script (string-append out "/etc/vpnc/" script)
06d91fd9
TGR		 190 `("PATH" ":" prefix
191 ,(map (lambda (name)
192 (let ((input (assoc-ref inputs name)))
193 (string-append input "/bin:"
194 input "/sbin")))
195 (list "coreutils"
196 "grep"
197 "iproute2"
198 "net-tools"
199 "sed"
200 "which")))))
b47e083b
RW		 201 (list "vpnc-script-ptrtd"
202 "vpnc-script-sshd"
203 "vpnc-script"))
863501b7 204 #t))))
06d91fd9
TGR		 205 #:tests? #f)) ; no tests
206 (home-page "http://git.infradead.org/users/dwmw2/vpnc-scripts.git")
207 (synopsis "Network configuration scripts for Cisco VPN clients")
208 (description
209 "This set of scripts configures routing and name services when invoked
210by the VPNC or OpenConnect Cisco @dfn{Virtual Private Network} (VPN) clients.
211
212The default @command{vpnc-script} automatically configures most common
213connections, and provides hooks for performing custom actions at various stages
214of the connection or disconnection process.
215
216Alternative scripts are provided for more complicated set-ups, or to serve as an
217example for writing your own. For example, @command{vpnc-script-sshd} contains
218the entire VPN in a network namespace accessible only through SSH.")
219 (license license:gpl2+))))
71f4b81a 220
01224157
PL		 221(define-public ocproxy
222 (package
223 (name "ocproxy")
224 (version "1.60")
225 (source (origin
98ebc8fd
EF		 226 (method git-fetch)
227 (uri (git-reference
228 (url "https://github.com/cernekee/ocproxy.git")
229 (commit (string-append "v" version))))
230 (file-name (git-file-name name version))
01224157
PL		 231 (sha256
232 (base32
98ebc8fd 233 "03323nnhb4y9nzwva04mq7xg03dvdrgp689g89f69jqc261skcqx"))))
01224157
PL		 234 (build-system gnu-build-system)
235 (native-inputs
236 `(("autoconf" ,autoconf)
237 ("automake" ,automake)))
238 (inputs
239 `(("libevent" ,libevent)))
01224157
PL		 240 (home-page "https://github.com/cernekee/ocproxy")
241 (synopsis "OpenConnect proxy")
242 (description
243 "User-level @dfn{SOCKS} and port forwarding proxy for OpenConnect based
244on LwIP. When using ocproxy, OpenConnect only handles network activity that
245the user specifically asks to proxy, so the @dfn{VPN} interface no longer
246\"hijacks\" all network traffic on the host.")
247 (license license:bsd-3)))
248
71f4b81a
AE		 249(define-public openconnect
250 (package
251 (name "openconnect")
57b13d1c 252 (version "8.10")
71f4b81a
AE		 253 (source (origin
254 (method url-fetch)
d4bf49b1
EB		 255 (uri (string-append "ftp://ftp.infradead.org/pub/openconnect/"
256 "openconnect-" version ".tar.gz"))
c383c36e 257 (sha256
57b13d1c 258 (base32 "1cdsx4nsrwawbsisfkldfc9i4qn60g03vxb13nzppr2br9p4rrih"))))
71f4b81a 259 (build-system gnu-build-system)
0d7f282b 260 (propagated-inputs
c4c4cc05 261 `(("libxml2" ,libxml2)
a5ab71c7 262 ("gnutls" ,gnutls-3.6.13)
71f4b81a 263 ("zlib" ,zlib)))
0d7f282b 264 (inputs
1d7f3c00
TGR		 265 `(("lz4" ,lz4)
266 ("vpnc-scripts" ,vpnc-scripts)))
c4c4cc05 267 (native-inputs
b94a6ca0 268 `(("gettext" ,gettext-minimal)
c4c4cc05 269 ("pkg-config" ,pkg-config)))
71f4b81a 270 (arguments
d4bf49b1
EB		 271 `(#:configure-flags
272 `(,(string-append "--with-vpnc-script="
a6d06e86 273 (assoc-ref %build-inputs "vpnc-scripts")
d4bf49b1 274 "/etc/vpnc/vpnc-script"))))
799dcdc4 275 (synopsis "Client for Cisco VPN")
71f4b81a
AE		 276 (description
277 "OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is
278supported by the ASA5500 Series, by IOS 12.4(9)T or later on Cisco SR500,
279870, 880, 1800, 2800, 3800, 7200 Series and Cisco 7301 Routers,
280and probably others.")
281 (license license:lgpl2.1)
8b1d0ff4 282 (home-page "https://www.infradead.org/openconnect/")))
dc77f0d3
DT		 283
284(define-public openvpn
285 (package
286 (name "openvpn")
c5a2b701 287 (version "2.4.9")
dc77f0d3
DT		 288 (source (origin
289 (method url-fetch)
290 (uri (string-append
291 "https://swupdate.openvpn.org/community/releases/openvpn-"
292 version ".tar.xz"))
293 (sha256
294 (base32
c5a2b701 295 "1qpbllwlha7cffsd5dlddb8rl22g9rar5zflkz1wrcllhvfkl7v4"))))
dc77f0d3
DT		 296 (build-system gnu-build-system)
297 (arguments
298 '(#:configure-flags '("--enable-iproute2=yes")))
299 (native-inputs
300 `(("iproute2" ,iproute)))
301 (inputs
dee9a262
EF		 302 `(("lz4" ,lz4)
303 ("lzo" ,lzo)
dc77f0d3
DT		 304 ("openssl" ,openssl)
305 ("linux-pam" ,linux-pam)))
306 (home-page "https://openvpn.net/")
307 (synopsis "Virtual private network daemon")
9599339c
TGR		 308 (description
309 "OpenVPN implements virtual private network (@dfn{VPN}) techniques
dc77f0d3
DT		 310for creating secure point-to-point or site-to-site connections in routed or
311bridged configurations and remote access facilities. It uses a custom
312security protocol that utilizes SSL/TLS for key exchange. It is capable of
9599339c 313traversing network address translators (@dfn{NAT}s) and firewalls.")
dc77f0d3 314 (license license:gpl2)))
feca8e2b 315
c873980d
RP		 316(define-public protonvpn-cli
317 (package
318 (name "protonvpn-cli")
319 (version "2.2.2")
320 (source
321 (origin
322 ;; PyPI has a ".whl" file but not a proper source release.
323 ;; Thus, fetch code from Git.
324 (method git-fetch)
325 (uri (git-reference
326 (url "https://github.com/ProtonVPN/linux-cli.git")
327 (commit (string-append "v" version))))
328 (file-name (git-file-name name version))
329 (sha256
330 (base32
331 "0ixjb02kj4z79whm1izd8mrn2h0rp9cmw4im1qvp93rahqxdd4n8"))))
332 (build-system python-build-system)
333 (arguments '(#:tests? #f)) ; no tests in repo
334 (native-inputs
335 `(("docopt" ,python-docopt)))
336 (inputs
337 `(("pythondialog" ,python-pythondialog)
338 ("requests" ,python-requests)))
339 (propagated-inputs
340 `(("openvpn" ,openvpn)))
341 (synopsis "Command-line client for ProtonVPN")
342 (description
343 "Official CLI for ProtonVPN, a secure point-to-point virtual private
344networking service with a gratis tier. It can automatically find and connect
345to the fastest servers or use TOR over VPN. The gratis tier offers unlimited
346bandwidth for up to 10 devices.")
347 (home-page "https://github.com/ProtonVPN/linux-cli")
348 (license license:gpl3+)))
349
feca8e2b
JM		 350(define-public tinc
351 (package
352 (name "tinc")
2b247e51 353 (version "1.0.36")
feca8e2b
JM		 354 (source (origin
355 (method url-fetch)
e81ddeda 356 (uri (string-append "https://tinc-vpn.org/packages/"
657c3ff6 357 "tinc-" version ".tar.gz"))
feca8e2b
JM		 358 (sha256
359 (base32
2b247e51 360 "021i2sl2mjscbm8g59d7vs74iw3gf0m48wg7w3zhwj6czarkpxs0"))))
feca8e2b 361 (build-system gnu-build-system)
7b770eca
SB		 362 (arguments
363 '(#:configure-flags
364 '("--sysconfdir=/etc"
365 "--localstatedir=/var")))
feca8e2b
JM		 366 (inputs `(("zlib" ,zlib)
367 ("lzo" ,lzo)
368 ("openssl" ,openssl)))
e81ddeda 369 (home-page "https://tinc-vpn.org")
feca8e2b
JM		 370 (synopsis "Virtual Private Network (VPN) daemon")
371 (description
372 "Tinc is a VPN that uses tunnelling and encryption to create a secure
373private network between hosts on the internet.")
374 (license license:gpl2+)))
5c863d57
TGR		 375
376(define-public sshuttle
377 (package
378 (name "sshuttle")
627c6531 379 (version "0.78.5")
5c863d57
TGR		 380 (source
381 (origin
382 (method url-fetch)
383 (uri (pypi-uri name version))
384 (sha256
385 (base32
627c6531 386 "0vp13xwrhx4m6zgsyzvai84lkq9mzkaw47j58dk0ll95kaymk2x8"))))
5c863d57 387 (build-system python-build-system)
c32863e0
TGR		 388 (arguments
389 `(#:phases
390 (modify-phases %standard-phases
391 (add-after 'unpack 'patch-FHS-file-names
392 (lambda _
393 (substitute* "sshuttle/client.py"
394 (("/usr/bin/env") (which "env")))
395 (substitute* "sshuttle/ssh.py"
0e2d3ce2 396 (("/bin/sh") "sh"))
c32863e0 397 #t)))))
5c863d57 398 (native-inputs
3308591f 399 `(("python-setuptools-scm" ,python-setuptools-scm)
5c863d57 400 ;; For tests only.
627c6531 401 ("python-flake8", python-flake8)
5c863d57 402 ("python-mock" ,python-mock)
627c6531 403 ("python-pytest-cov" ,python-pytest-cov)
3308591f 404 ("python-pytest-runner" ,python-pytest-runner)))
5c863d57
TGR		 405 (home-page "https://github.com/sshuttle/sshuttle")
406 (synopsis "VPN that transparently forwards connections over SSH")
407 (description "sshuttle creates an encrypted virtual private network (VPN)
408connection to any remote server to which you have secure shell (SSH) access.
409The only requirement is a suitable version of Python on the server;
410administrative privileges are required only on the client. Unlike most VPNs,
411sshuttle forwards entire sessions, not packets, using kernel transparent
412proxying. This makes it faster and more reliable than SSH's own tunneling and
413port forwarding features. It can forward both TCP and UDP traffic, including
414DNS domain name queries.")
415 (license license:lgpl2.0))) ; incorrectly identified as GPL in ‘setup.py’
1ce6f33b
TGR		 416
417(define-public sshoot
418 (package
419 (name "sshoot")
3b4018d6 420 (version "1.2.6")
1ce6f33b
TGR		 421 (source
422 (origin
423 (method url-fetch)
424 (uri (pypi-uri name version))
425 (sha256
426 (base32
3b4018d6 427 "1ccgh0hjyxrwkgy3hnxz3hgbjbs0lmfs25d5l5jam0xbpcpj63h0"))))
1ce6f33b 428 (build-system python-build-system)
c0b12a60
MB		 429 (arguments
430 '(#:phases
431 (modify-phases %standard-phases
432 (add-after 'unpack 'patch-paths
433 (lambda _
434 (substitute* "sshoot/tests/test_manager.py"
435 (("/bin/sh") (which "sh")))
436 #t)))))
1ce6f33b
TGR		 437 (inputs
438 `(("python-argcomplete" ,python-argcomplete)
439 ("python-prettytable" ,python-prettytable)
440 ("python-pyyaml" ,python-pyyaml)))
441 ;; For tests only.
442 (native-inputs
443 `(("python-fixtures" ,python-fixtures)
444 ("python-pbr" ,python-pbr)
445 ("python-testtools" ,python-testtools)))
3b4018d6 446 (home-page "https://github.com/albertodonato/sshoot")
1ce6f33b
TGR		 447 (synopsis "sshuttle VPN session manager")
448 (description "sshoot provides a command-line interface to manage multiple
449@command{sshuttle} virtual private networks. It supports flexible profiles
450with configuration options for most of @command{sshuttle}’s features.")
451 (license license:gpl3+)))
7ba2b274
MP		 452
453(define-public badvpn
454 (package
455 (name "badvpn")
456 (version "1.999.130")
457 (source
458 (origin
459 (method git-fetch)
460 (uri (git-reference
461 (url "https://github.com/ambrop72/badvpn.git")
462 (commit version)))
463 (file-name (git-file-name name version))
464 (sha256
465 (base32 "0rm67xhi7bh3yph1vh07imv5y1pwyldvw3wa5bz471g8mnkc7d3c"))))
466 (build-system cmake-build-system)
467 (arguments
468 '(#:tests? #f)) ; no tests
469 (inputs
470 `(("nspr" ,nspr)
471 ("nss" ,nss)
472 ("openssl" ,openssl)))
473 (native-inputs
474 `(("pkg-config" ,pkg-config)))
475 (home-page "https://github.com/ambrop72/badvpn")
476 (synopsis "Peer-to-peer virtual private network (VPN)")
477 (description "@code{BadVPN} is a collection of virtual private
478network (VPN) tools. It includes:
479
480@enumerate
481@item NCD programming language.\n
482NCD (Network Configuration Daemon) is a daemon and programming/scripting
483language for configuration of network interfaces and other aspects of the
484operating system.
485@item Tun2socks network-layer proxifier.\n
486The tun2socks program socksifes TCP connections at the network layer. It
487implements a TUN device which accepts all incoming TCP connections (regardless
488of destination IP), and forwards the connections through a SOCKS server.
489@item Peer-to-peer VPN.\n
490The peer-to-peer VPN implements a Layer 2 (Ethernet) network between the peers
491(VPN nodes).
492@end enumerate")
493 ;; This project contains a bundled lwIP. lwIP is also released under the
494 ;; 3-clause BSD license.
495 (license license:bsd-3)))
7a0479bb 496
336d7644 497(define-public wireguard-linux-compat
7a0479bb 498 (package
336d7644
LF		 499 (name "wireguard-linux-compat")
500 (version "1.0.20200401")
7a0479bb
LF		 501 (source (origin
502 (method url-fetch)
336d7644
LF		 503 (uri (string-append "https://git.zx2c4.com/wireguard-linux-compat/"
504 "snapshot/wireguard-linux-compat-" version
505 ".tar.xz"))
7a0479bb
LF		 506 (sha256
507 (base32
336d7644 508 "0ymprz3h4b92wlcqm5k5vmcgap8pjv202bgkdx0axmp12n1lmyvx"))))
3b177a6c
BW		 509 (build-system linux-module-build-system)
510 (outputs '("out"
511 "kernel-patch"))
7a0479bb 512 (arguments
336d7644 513 `(#:tests? #f ; No test suite
3b177a6c 514 #:modules ((guix build linux-module-build-system)
7a0479bb
LF		 515 (guix build utils)
516 (ice-9 popen)
517 (ice-9 textual-ports))
518 #:phases
519 (modify-phases %standard-phases
3b177a6c
BW		 520 (add-before 'build 'change-directory
521 (lambda _
522 (chdir "./src")
523 #t))
524 (add-after 'build 'build-patch
7a0479bb 525 (lambda* (#:key outputs #:allow-other-keys)
3b177a6c 526 (let* ((patch-builder "../kernel-tree-scripts/create-patch.sh")
7a0479bb
LF		 527 (port (open-input-pipe patch-builder))
528 (str (get-string-all port)))
529 (close-pipe port)
336d7644 530 (call-with-output-file "wireguard.patch"
7a0479bb
LF		 531 (lambda (port)
532 (format port "~a" str))))
336d7644 533 #t))
3b177a6c 534 (add-after 'install 'install-patch
336d7644
LF		 535 (lambda* (#:key outputs #:allow-other-keys)
536 (install-file "wireguard.patch"
3b177a6c
BW		 537 (assoc-ref %outputs "kernel-patch"))
538 #t))
539 ;; So that 'install-license-files' works...
540 (add-before 'install-license-files 'reset-cwd
541 (lambda _
542 (chdir "..")
336d7644
LF		 543 #t)))))
544 (home-page "https://git.zx2c4.com/wireguard-linux-compat/")
545 (synopsis "WireGuard kernel module for Linux 3.10 through 5.5")
3b177a6c
BW		 546 (description "This package contains an out-of-tree kernel patch and
547a loadable module adding WireGuard to Linux kernel versions 3.10 through 5.5.
548WireGuard was added to Linux 5.6.")
7a0479bb 549 (license license:gpl2)))
1b17c23e 550
10650b89
TGR		 551(define-public wireguard-tools
552 (package
553 (name "wireguard-tools")
554 (version "1.0.20200206")
555 (source
556 (origin
557 (method git-fetch)
558 (uri (git-reference
559 (url "https://git.zx2c4.com/wireguard-tools.git")
560 (commit (string-append "v" version))))
561 (file-name (git-file-name name version))
562 (sha256
563 (base32 "0ivc08lds5w39a6f2xdfih9wlk5g724hl3kpdvxvh5yff4l84qb7"))))
564 (build-system gnu-build-system)
565 (arguments
19781930 566 `(#:make-flags
10650b89 567 (list "CC=gcc"
c1005113 568 "--directory=src"
10650b89
TGR		 569 "WITH_BASHCOMPLETION=yes"
570 ;; Install the ‘simple and dirty’ helper script wg-quick(8).
571 "WITH_WGQUICK=yes"
572 (string-append "PREFIX=" (assoc-ref %outputs "out"))
573 ;; Currently used only to create an empty /etc/wireguard directory.
574 (string-append "SYSCONFDIR=no-thanks"))
19781930
LF		 575 ;; The test suite is meant to be run interactively. It runs Clang's
576 ;; scan-build static analyzer and then starts a web server to display the
577 ;; results.
578 #:tests? #f
10650b89
TGR		 579 #:phases
580 (modify-phases %standard-phases
c1005113 581 ;; No configure script
d084e71c
BW		 582 (delete 'configure)
583 (add-after 'install 'install-contrib-docs
584 (lambda* (#:key outputs #:allow-other-keys)
585 (let ((out (assoc-ref outputs "out")))
586 (copy-recursively "contrib/"
587 (string-append out "/share/doc/wireguard-tools"))
588 #t)))
589 (add-after 'install 'wrap-wg-quick
590 (lambda* (#:key inputs outputs #:allow-other-keys)
591 (let* ((out (assoc-ref outputs "out"))
592 (inputs-sbin (map (lambda (input)
593 (string-append (assoc-ref inputs input) "/sbin"))
594 (list "resolvconf" "iproute" "procps"
595 "iptables")))
596 (coreutils (string-append (assoc-ref inputs "coreutils")
597 "/bin")))
598 (wrap-program (string-append out "/bin/wg-quick")
599 `("PATH" ":" prefix ,(append inputs-sbin
600 (list coreutils))))
601 #t))))))
602 (inputs
603 `(("resolvconf" ,openresolv)
604 ("coreutils" ,coreutils)
605 ("bash" ,bash) ; for scripts using /dev/tcp
606 ("procps" ,procps)
607 ("iproute" ,iproute)
608 ("iptables" ,iptables)))
10650b89
TGR		 609 (home-page "https://www.wireguard.com/")
610 (synopsis "Tools for configuring WireGuard tunnels")
611 (description
612 "This package provides the user-space command-line tools for using and
613configuring WireGuard tunnels.
614
615WireGuard is a simple and fast general-purpose @acronym{VPN, Virtual Private
616Network} that securely encapsulates IP packets over UDP. It aims to be as easy
617to configure and deploy as SSH. VPN connections are made simply by exchanging
618public keys and can roam across IP addresses.")
619 (license
620 (list license:lgpl2.1+ ; src/netlink.h & contrib/embeddable-wg-library
621 license:gpl2)))) ; everything else
622
336d7644
LF		 623(define-public wireguard
624 (deprecated-package "wireguard" wireguard-tools))
625
1b17c23e
 626(define-public xl2tpd
627 (package
628 (name "xl2tpd")
1f3700a4 629 (version "1.3.15")
1b17c23e
 630 (source (origin
631 (method git-fetch)
632 (uri (git-reference
633 (url "https://github.com/xelerance/xl2tpd")
634 (commit (string-append "v" version))))
28341601 635 (file-name (git-file-name name version))
1b17c23e
 636 (sha256
637 (base32
1f3700a4 638 "0ppwza8nwm1av1vldw40gin9wrjrs4l9si50jad414js3k8ycaag"))))
1b17c23e
 639 (build-system gnu-build-system)
640 (arguments
0309e004 641 `(#:make-flags (list (string-append "PREFIX=" %output)
1b17c23e
 642 "CC=gcc")
643 #:phases (modify-phases %standard-phases
14ccd8f8
TGR		 644 (delete 'configure)) ; no configure script
645 #:tests? #f)) ; no tests provided
1b17c23e
 646 (inputs `(("libpcap" ,libpcap)))
647 (home-page "https://www.xelerance.com/software/xl2tpd/")
648 (synopsis "Layer 2 Tunnelling Protocol Daemon (RFC 2661)")
649 (description
650 "xl2tpd is an implementation of the Layer 2 Tunnelling Protocol (RFC 2661).
651L2TP allows you to tunnel PPP over UDP.")
652 (license license:gpl2)))
jackhill's copy of GNU Guix: https://guix.gnu.org/