;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
-;;; Copyright © 2013, 2016 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2016, 2018 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Jeff Mickey <j@codemac.net>
;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
-;;; Copyright © 2016 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu>
;;;
;;; This file is part of GNU Guix.
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
+ #:use-module (guix git-download)
#:use-module (guix build-system gnu)
#:use-module (guix build-system python)
#:use-module (gnu packages)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages check)
#:use-module (gnu packages compression)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gnupg)
version ".tar.gz"))
(sha256
(base32
- "1v61mj25iyd91z0ir7cmradkkcm1ffbk52c96v293ibsvjs2s2hf"))))
+ "1v61mj25iyd91z0ir7cmradkkcm1ffbk52c96v293ibsvjs2s2hf"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Remove the outdated bundled copy of glibc's getopt, which
+ ;; provides a 'getopt' declaration that conflicts with that
+ ;; of glibc 2.26.
+ (substitute* "lib/Makefile.in"
+ (("getopt1?\\.(c|h|\\$\\(OBJEXT\\))") ""))
+ (for-each delete-file
+ '("lib/getopt.h" "lib/getopt.c"))))))
(build-system gnu-build-system)
(home-page "http://software.schmorp.de/pkg/gvpe.html")
(inputs `(("openssl" ,openssl)
(uri (string-append "https://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-"
version ".tar.gz"))
(sha256 (base32
- "1128860lis89g1s21hqxvap2nq426c9j4bvgghncc1zj0ays7kj6"))
- (patches (search-patches "vpnc-script.patch"))))
+ "1128860lis89g1s21hqxvap2nq426c9j4bvgghncc1zj0ays7kj6"))))
(build-system gnu-build-system)
(inputs `(("libgcrypt" ,libgcrypt)
("perl" ,perl)
-
- ;; The following packages provide commands that 'vpnc-script'
- ;; expects.
- ("net-tools" ,net-tools) ;ifconfig, route
- ("iproute2" ,iproute))) ;ip
+ ("vpnc-scripts" ,vpnc-scripts)))
(arguments
`(#:tests? #f ; there is no check target
#:phases
(modify-phases %standard-phases
- (replace 'configure
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- (substitute* "Makefile"
- (("PREFIX=/usr/local") (string-append "PREFIX=" out)))
- (substitute* "Makefile"
- (("ETCDIR=/etc/vpnc") (string-append "ETCDIR=" out
- "/etc/vpnc"))))))
- (add-after 'install 'wrap-vpnc-script
+ (add-after 'unpack 'use-store-paths
(lambda* (#:key inputs outputs #:allow-other-keys)
- ;; Wrap 'etc/vpnc/vpnc-script' so that it finds the commands it
- ;; needs. Assume coreutils/grep/sed are in $PATH.
- (let ((out (assoc-ref outputs "out")))
- (wrap-program (string-append out "/etc/vpnc/vpnc-script")
- `("PATH" ":" prefix
- (,(string-append (assoc-ref inputs "net-tools")
- "/sbin")
- ,(string-append (assoc-ref inputs "net-tools")
- "/bin")
- ,(string-append (assoc-ref inputs "iproute2")
- "/sbin"))))))))))
+ (let ((out (assoc-ref outputs "out"))
+ (vpnc-scripts (assoc-ref inputs "vpnc-scripts")))
+ (substitute* "config.c"
+ (("/etc/vpnc/vpnc-script")
+ (string-append vpnc-scripts "/etc/vpnc/vpnc-script")))
+ (substitute* "Makefile"
+ (("ETCDIR=.*")
+ (string-append "ETCDIR=" out "/etc/vpnc\n"))
+ (("PREFIX=.*")
+ (string-append "PREFIX=" out "\n")))
+ #t)))
+ (delete 'configure)))) ; no configure script
(synopsis "Client for Cisco VPN concentrators")
(description
"vpnc is a VPN client compatible with Cisco's EasyVPN equipment.
(license license:gpl2+) ; some file are bsd-2, see COPYING
(home-page "http://www.unix-ag.uni-kl.de/~massar/vpnc/")))
+(define-public vpnc-scripts
+ (let ((commit "6f87b0fe7b20d802a0747cc310217920047d58d3"))
+ (package
+ (name "vpnc-scripts")
+ (version (string-append "20161214." (string-take commit 7)))
+ (source (origin
+ (method git-fetch)
+ (uri
+ (git-reference
+ (url "git://git.infradead.org/users/dwmw2/vpnc-scripts.git")
+ (commit commit)))
+ (sha256
+ (base32
+ "0pa36w4wlyyvfb66cayhans99wsr2j5si2fvfr7ldfm512ajwn8h"))))
+ (build-system gnu-build-system)
+ (inputs `(("coreutils" ,coreutils)
+ ("grep" ,grep)
+ ("iproute2" ,iproute) ; for ‘ip’
+ ("net-tools" ,net-tools) ; for ‘ifconfig’, ‘route’
+ ("sed" ,sed)
+ ("which" ,which)))
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'use-relative-paths
+ ;; Patch the scripts to work with and use relative paths.
+ (lambda* _
+ (for-each (lambda (script)
+ (substitute* script
+ (("^PATH=.*") "")
+ (("(/usr|)/s?bin/") "")
+ (("\\[ +-x +([^]]+) +\\]" _ command)
+ (string-append "command -v >/dev/null 2>&1 "
+ command))))
+ (find-files "." "^vpnc-script"))
+ #t))
+ (delete 'configure) ; no configure script
+ (replace 'build
+ (lambda _
+ (zero? (system* "gcc" "-o" "netunshare" "netunshare.c"))))
+ (replace 'install
+ ;; There is no Makefile; manually install the relevant files.
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (etc (string-append out "/etc/vpnc")))
+ (for-each (lambda (file)
+ (install-file file etc))
+ (append (find-files "." "^vpnc-script")
+ (list "netunshare"
+ "xinetd.netns.conf")))
+ #t)))
+ (add-after 'install 'wrap-scripts
+ ;; Wrap scripts with paths to their common hard dependencies.
+ ;; Optional dependencies will need to be installed by the user.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (for-each
+ (lambda (script)
+ (wrap-program script
+ `("PATH" ":" prefix
+ ,(map (lambda (name)
+ (let ((input (assoc-ref inputs name)))
+ (string-append input "/bin:"
+ input "/sbin")))
+ (list "coreutils"
+ "grep"
+ "iproute2"
+ "net-tools"
+ "sed"
+ "which")))))
+ (find-files (string-append out "/etc/vpnc/vpnc-script")
+ "^vpnc-script"))))))
+ #:tests? #f)) ; no tests
+ (home-page "http://git.infradead.org/users/dwmw2/vpnc-scripts.git")
+ (synopsis "Network configuration scripts for Cisco VPN clients")
+ (description
+ "This set of scripts configures routing and name services when invoked
+by the VPNC or OpenConnect Cisco @dfn{Virtual Private Network} (VPN) clients.
+
+The default @command{vpnc-script} automatically configures most common
+connections, and provides hooks for performing custom actions at various stages
+of the connection or disconnection process.
+
+Alternative scripts are provided for more complicated set-ups, or to serve as an
+example for writing your own. For example, @command{vpnc-script-sshd} contains
+the entire VPN in a network namespace accessible only through SSH.")
+ (license license:gpl2+))))
(define-public openconnect
(package
(inputs
`(("libxml2" ,libxml2)
("gnutls" ,gnutls)
- ("vpnc" ,vpnc)
+ ("vpnc-scripts" ,vpnc-scripts)
("zlib" ,zlib)))
(native-inputs
`(("gettext" ,gettext-minimal)
(arguments
`(#:configure-flags
`(,(string-append "--with-vpnc-script="
- (assoc-ref %build-inputs "vpnc")
+ (assoc-ref %build-inputs "vpnc-scripts")
"/etc/vpnc/vpnc-script"))))
(synopsis "Client for Cisco VPN")
(description
(define-public openvpn
(package
(name "openvpn")
- (version "2.4.0")
+ (version "2.4.5")
(source (origin
(method url-fetch)
(uri (string-append
version ".tar.xz"))
(sha256
(base32
- "0zpqnbhjaifdalyxwmvk5kcyd7cpxbcigbn7967nbsyvl54vl8vg"))))
+ "17njq59hsraqyxrbhkrxr7dvx0p066s3pn8w1mi0yd9jldis7h23"))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags '("--enable-iproute2=yes")))
(native-inputs
`(("iproute2" ,iproute)))
(inputs
- `(("lzo" ,lzo)
+ `(("lz4" ,lz4)
+ ("lzo" ,lzo)
("openssl" ,openssl)
("linux-pam" ,linux-pam)))
(home-page "https://openvpn.net/")
(synopsis "Virtual private network daemon")
- (description "OpenVPN implements virtual private network (VPN) techniques
+ (description
+ "OpenVPN implements virtual private network (@dfn{VPN}) techniques
for creating secure point-to-point or site-to-site connections in routed or
bridged configurations and remote access facilities. It uses a custom
security protocol that utilizes SSL/TLS for key exchange. It is capable of
-traversing network address translators (NATs) and firewalls.")
+traversing network address translators (@dfn{NAT}s) and firewalls.")
(license license:gpl2)))
(define-public tinc
(package
(name "tinc")
- (version "1.0.28")
+ (version "1.0.33")
(source (origin
(method url-fetch)
(uri (string-append "http://tinc-vpn.org/packages/"
name "-" version ".tar.gz"))
(sha256
(base32
- "0i5kx3hza359nclyhb60kxlzqyx0phmg175350hww28g6scjcl0b"))))
+ "1x0hpfz13vn4pl6dcpnls6xq3rfcbdsg90awcfn53ijb8k35svvz"))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags
(define-public sshuttle
(package
(name "sshuttle")
- (version "0.78.1")
+ (version "0.78.3")
(source
(origin
(method url-fetch)
(uri (pypi-uri name version))
(sha256
(base32
- "0g1dpqigz02vafzh84z5990lnj9d95raknav0xmf0va7rr41d9q3"))))
+ "12xyq5h77b57cnkljdk8qyjxzys512b73019s20x6ck5brj1m8wa"))))
(build-system python-build-system)
(native-inputs
- `(("python-pytest-runner" ,python-pytest-runner)
- ("python-setuptools-scm" ,python-setuptools-scm)
+ `(("python-setuptools-scm" ,python-setuptools-scm)
;; For tests only.
("python-mock" ,python-mock)
- ("python-pytest" ,python-pytest)))
+ ("python-pytest" ,python-pytest)
+ ("python-pytest-runner" ,python-pytest-runner)))
(home-page "https://github.com/sshuttle/sshuttle")
(synopsis "VPN that transparently forwards connections over SSH")
(description "sshuttle creates an encrypted virtual private network (VPN)
(define-public sshoot
(package
(name "sshoot")
- (version "1.2.5")
+ (version "1.2.6")
(source
(origin
(method url-fetch)
(uri (pypi-uri name version))
(sha256
(base32
- "0a92lk8790dpp9j64vb6p4sazax0x3nby01lnfll7mxs1hx6n27q"))))
+ "1ccgh0hjyxrwkgy3hnxz3hgbjbs0lmfs25d5l5jam0xbpcpj63h0"))))
(build-system python-build-system)
(arguments
'(#:phases
`(("python-fixtures" ,python-fixtures)
("python-pbr" ,python-pbr)
("python-testtools" ,python-testtools)))
- (home-page "https://bitbucket.org/ack/sshoot")
+ (home-page "https://github.com/albertodonato/sshoot")
(synopsis "sshuttle VPN session manager")
(description "sshoot provides a command-line interface to manage multiple
@command{sshuttle} virtual private networks. It supports flexible profiles