;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
-;;; Copyright © 2013, 2016, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2016, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Jeff Mickey <j@codemac.net>
-;;; Copyright © 2016, 2017, 2019 Efraim Flashner <efraim@flashner.co.il>
-;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2016, 2017, 2019, 2021 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016–2021 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu>
-;;; Copyright © 2018 Pierre Langlois <pierre.langlois@gmx.com>
+;;; Copyright © 2018, 2020 Pierre Langlois <pierre.langlois@gmx.com>
;;; Copyright © 2018 Meiyo Peng <meiyo.peng@gmail.com>
;;; Copyright © 2019, 2020 Leo Famulari <leo@famulari.name>
;;; Copyright © 2019 Rutger Helling <rhelling@mykolab.com>
;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2020 Brice Waegeneire <brice@waegenei.re>
+;;; Copyright © 2020 Ryan Prior <rprior@protonmail.com>
+;;; Copyright © 2020 Ivan Kozlov <kanichos@yandex.ru>
+;;; Copyright © 2020 David Dashyan <mail@davie.li>
;;;
;;; This file is part of GNU Guix.
;;;
#:use-module (guix git-download)
#:use-module (guix build-system cmake)
#:use-module (guix build-system gnu)
+ #:use-module (guix build-system linux-module)
#:use-module (guix build-system python)
+ #:use-module (guix utils)
#:use-module (gnu packages)
#:use-module (gnu packages admin)
#:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
#:use-module (gnu packages check)
+ #:use-module (gnu packages dns)
#:use-module (gnu packages autotools)
#:use-module (gnu packages compression)
+ #:use-module (gnu packages freedesktop)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gnupg)
#:use-module (gnu packages guile)
#:use-module (gnu packages libevent)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages ncurses)
#:use-module (gnu packages nss)
#:use-module (gnu packages perl)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
+ #:use-module (gnu packages python-build)
+ #:use-module (gnu packages python-crypto)
#:use-module (gnu packages python-xyz)
+ #:use-module (gnu packages python-web)
+ #:use-module (gnu packages qt)
+ #:use-module (gnu packages samba)
#:use-module (gnu packages tls)
#:use-module (gnu packages xml))
(home-page "https://www.unix-ag.uni-kl.de/~massar/vpnc/")))
(define-public vpnc-scripts
- (let ((commit "1000e0f6dd7d6bff163169a46359211c1fc3a6d2"))
+ (let ((commit "3885f8bbc4ae03fd6da0ada6de12f7223a59595c"))
(package
(name "vpnc-scripts")
- (version (string-append "20190116." (string-take commit 7)))
+ (version (string-append "20200925." (string-take commit 7)))
(source (origin
(method git-fetch)
(uri
(file-name (git-file-name name version))
(sha256
(base32
- "1g41yarz2bl0f73kbjqnywr485ghanbp7nmspklfb0n07yp0z6ak"))))
+ "1pmi4n58q81pmn9arvfixhvv6vkkf3rpwac3hwnwyl882q5q0ccx"))))
(build-system gnu-build-system)
- (inputs `(("guile" ,guile-2.2) ; for the wrapper scripts
+ (inputs `(("guile" ,guile-3.0) ; for the wrapper scripts
("coreutils" ,coreutils)
("grep" ,grep)
("iproute2" ,iproute) ; for ‘ip’
(source (origin
(method git-fetch)
(uri (git-reference
- (url "https://github.com/cernekee/ocproxy.git")
+ (url "https://github.com/cernekee/ocproxy")
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
(define-public openconnect
(package
(name "openconnect")
- (version "8.05")
+ (version "8.10")
(source (origin
(method url-fetch)
(uri (string-append "ftp://ftp.infradead.org/pub/openconnect/"
"openconnect-" version ".tar.gz"))
(sha256
- (base32 "14i9q727c2zc9xhzp1a9hz3gzb5lwgsslbhircm84dnbs192jp1k"))))
+ (base32 "1cdsx4nsrwawbsisfkldfc9i4qn60g03vxb13nzppr2br9p4rrih"))))
(build-system gnu-build-system)
(propagated-inputs
`(("libxml2" ,libxml2)
("gnutls" ,gnutls)
("zlib" ,zlib)))
(inputs
- `(("vpnc-scripts" ,vpnc-scripts)))
+ `(("lz4" ,lz4)
+ ("vpnc-scripts" ,vpnc-scripts)))
(native-inputs
`(("gettext" ,gettext-minimal)
("pkg-config" ,pkg-config)))
(license license:lgpl2.1)
(home-page "https://www.infradead.org/openconnect/")))
+(define-public openconnect-sso
+ (package
+ (name "openconnect-sso")
+ (version "0.7.2")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (pypi-uri "openconnect-sso" version))
+ (sha256
+ (base32
+ "0nb40zfpp38mz6389y0qvrr4mmak53swpg7578cldnhnk0g15qni"))))
+ (build-system python-build-system)
+ (arguments
+ `(#:tests? #f ; Tests not included, building from git requires poetry.
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'patch-openconnect
+ (lambda _
+ (substitute* "openconnect_sso/app.py"
+ (("\"openconnect\"")
+ (string-append "\"" (which "openconnect") "\"")))
+ #t))
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ (invoke "pytest" "-v"))
+ #t))
+ (add-after 'install 'wrap-qt-process-path
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin/openconnect-sso"))
+ (qt-process-path (string-append
+ (assoc-ref inputs "qtwebengine")
+ "/lib/qt5/libexec/QtWebEngineProcess")))
+ (wrap-program bin
+ `("QTWEBENGINEPROCESS_PATH" = (,qt-process-path)))
+ #t))))))
+ (inputs
+ `(("openconnect" ,openconnect)
+ ("python-attrs" ,python-attrs)
+ ("python-colorama" ,python-colorama)
+ ("python-keyring" ,python-keyring)
+ ("python-lxml" ,python-lxml)
+ ("python-prompt-toolkit" ,python-prompt-toolkit)
+ ("python-requests" ,python-requests)
+ ("python-pyqt" ,python-pyqt)
+ ("python-pyqtwebengine" ,python-pyqtwebengine)
+ ("python-pysocks" ,python-pysocks)
+ ("python-pyxdg" ,python-pyxdg)
+ ("python-structlog" ,python-structlog)
+ ("python-toml" ,python-toml)
+ ("qtwebengine" ,qtwebengine)))
+ (native-inputs
+ `(("python-pytest" ,python-pytest)
+ ("python-setuptools-scm" ,python-setuptools-scm)))
+ (home-page "https://github.com/vlaci/openconnect-sso")
+ (synopsis "OpenConnect wrapper script supporting Azure AD (SAMLv2)")
+ (description
+ "This package provides a wrapper script for OpenConnect supporting Azure AD
+(SAMLv2) authentication to Cisco SSL-VPNs.")
+ (license license:gpl3)))
+
+(define-public openfortivpn
+ (package
+ (name "openfortivpn")
+ (version "1.15.0")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/adrienverge/openfortivpn")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "1qsfgpxg553s8rc9cyrc4k96z0pislxsdxb9wyhp8fdprkak2mw2"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("autoconf" ,autoconf)
+ ("autotools" ,automake)
+ ("pkg-config" ,pkg-config)))
+ (inputs
+ `(("openssl" ,openssl)
+ ("ppp" ,ppp)))
+ (home-page "https://github.com/adrienverge/openfortivpn")
+ (synopsis "Client for PPP+SSL VPN tunnel services")
+ (description "Openfortivpn is a client for PPP+SSL VPN tunnel services. It
+spawns a pppd process and operates the communication between the gateway and
+this process. It is compatible with Fortinet VPNs.")
+ (license license:gpl3+)))
+
(define-public openvpn
(package
(name "openvpn")
- (version "2.4.8")
+ (version "2.5.1")
(source (origin
(method url-fetch)
(uri (string-append
version ".tar.xz"))
(sha256
(base32
- "149z3agjy03i66mcj5bplim2mh45s2ps1wmxbxczyzw0nxmsd37v"))))
+ "157ikzap2bbkzx34hkh33bpk2i14xjx1x3pkadhmzh1pr24h94s0"))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags '("--enable-iproute2=yes")))
traversing network address translators (@dfn{NAT}s) and firewalls.")
(license license:gpl2)))
+(define-public protonvpn-cli
+ (package
+ (name "protonvpn-cli")
+ (version "2.2.6")
+ (source
+ (origin
+ ;; PyPI has a ".whl" file but not a proper source release.
+ ;; Thus, fetch code from Git.
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/ProtonVPN/linux-cli")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0y7v9ikrmy5dbjlpbpacp08gy838i8z54m8m4ps7ldk1j6kyia3n"))))
+ (build-system python-build-system)
+ (arguments
+ '(#:tests? #f ; no tests in repo
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'wrap 'wrap-wrapper
+ ;; Wrap entrypoint with paths to its hard dependencies.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((entrypoint (string-append (assoc-ref outputs "out")
+ "/bin/.protonvpn-real")))
+ (wrap-program entrypoint
+ `("PATH" ":" prefix
+ ,(map (lambda (name)
+ (let ((input (assoc-ref inputs name)))
+ (string-append input "/bin:"
+ input "/sbin")))
+ (list "dialog"
+ "iproute2"
+ "iptables"
+ "ncurses"
+ "openvpn"
+ "procps"
+ "which")))))
+ #t)))))
+ (native-inputs
+ `(("python-docopt" ,python-docopt)))
+ (inputs
+ `(("dialog" ,dialog)
+ ("iproute2" ,iproute)
+ ("iptables" ,iptables)
+ ("ncurses" ,ncurses)
+ ("openvpn" ,openvpn)
+ ("procps" ,procps)
+ ("python-jinja2" ,python-jinja2)
+ ("python-pythondialog" ,python-pythondialog)
+ ("python-requests" ,python-requests)
+ ("which" ,which)))
+ (synopsis "Command-line client for ProtonVPN")
+ (description
+ "This is the official command-line interface for ProtonVPN, a secure
+point-to-point virtual private networking (VPN) service with a gratis tier.
+It can automatically find and connect to the fastest servers or use Tor over
+VPN. The gratis tier offers unlimited bandwidth for up to 10 devices.")
+ (home-page "https://github.com/ProtonVPN/linux-cli")
+ (license license:gpl3+)))
+
(define-public tinc
(package
(name "tinc")
(native-inputs
`(("python-setuptools-scm" ,python-setuptools-scm)
;; For tests only.
- ("python-flake8", python-flake8)
+ ("python-flake8" ,python-flake8)
("python-mock" ,python-mock)
("python-pytest-cov" ,python-pytest-cov)
("python-pytest-runner" ,python-pytest-runner)))
(origin
(method git-fetch)
(uri (git-reference
- (url "https://github.com/ambrop72/badvpn.git")
+ (url "https://github.com/ambrop72/badvpn")
(commit version)))
(file-name (git-file-name name version))
(sha256
;; 3-clause BSD license.
(license license:bsd-3)))
-(define-public wireguard
+(define-public wireguard-linux-compat
(package
- (name "wireguard")
- (version "0.0.20191219")
+ (name "wireguard-linux-compat")
+ (version "1.0.20201221")
(source (origin
(method url-fetch)
- (uri (string-append "https://git.zx2c4.com/WireGuard/snapshot/"
- "WireGuard-" version ".tar.xz"))
+ (uri (string-append "https://git.zx2c4.com/wireguard-linux-compat/"
+ "snapshot/wireguard-linux-compat-" version
+ ".tar.xz"))
(sha256
(base32
- "1rxhhf18vnlbxpaxib6y55gbvr5h9dcvl8sn2l5slzz97066zfjs"))))
- (build-system gnu-build-system)
- (outputs '("out" ; The WireGuard userspace tools
- "kernel-patch")) ; A patch to build Linux with WireGuard support
+ "0ci13in0fqq32n5qamch4qhjgbdq86ygrgmfhc9szsh2nsl8jlkf"))))
+ (build-system linux-module-build-system)
+ (outputs '("out"
+ "kernel-patch"))
(arguments
- `(#:tests? #f ; No tests available.
- #:make-flags
- (list "CC=gcc"
- "--directory=src/tools"
- "WITH_BASHCOMPLETION=yes"
- ;; Build and install the helper script wg-quick(8).
- "WITH_WGQUICK=yes"
- (string-append "PREFIX=" (assoc-ref %outputs "out"))
- (string-append "SYSCONFDIR=" (assoc-ref %outputs "out") "/etc"))
- #:modules ((guix build gnu-build-system)
+ `(#:linux ,linux-libre-5.4 ; mustn't have WG built-in
+ #:tests? #f ; no test suite
+ #:modules ((guix build linux-module-build-system)
(guix build utils)
(ice-9 popen)
(ice-9 textual-ports))
#:phases
(modify-phases %standard-phases
- ;; There is no ./configure script.
- (delete 'configure)
- ;; Until WireGuard is added to the upstream Linux kernel, it is
- ;; distributed as a kernel patch generated by this script.
- (add-after 'patch-source-shebangs 'make-patch
+ (add-before 'build 'change-directory
+ (lambda _
+ (chdir "./src")
+ #t))
+ (add-after 'build 'build-patch
(lambda* (#:key outputs #:allow-other-keys)
- (let* ((output (string-append (assoc-ref outputs "kernel-patch")
- "/wireguard.patch"))
- (patch-builder "./contrib/kernel-tree/create-patch.sh")
+ (let* ((patch-builder "../kernel-tree-scripts/create-patch.sh")
(port (open-input-pipe patch-builder))
(str (get-string-all port)))
(close-pipe port)
- (mkdir-p (dirname output))
- (call-with-output-file output
+ (call-with-output-file "wireguard.patch"
(lambda (port)
(format port "~a" str))))
- #t)))))
- (inputs
- `(("libmnl" ,libmnl)))
- (home-page "https://www.wireguard.com/")
- (synopsis "Tools for configuring WireGuard")
- (description "This package provides the userspace tools for setting and
-retrieving configuration of WireGuard network tunnel interfaces, and a patch
-that can be applied to a Linux kernel source tree in order to build it with
-WireGuard support.")
+ #t))
+ (add-after 'install 'install-patch
+ (lambda* (#:key outputs #:allow-other-keys)
+ (install-file "wireguard.patch"
+ (assoc-ref %outputs "kernel-patch"))
+ #t))
+ ;; So that 'install-license-files' works...
+ (add-before 'install-license-files 'reset-cwd
+ (lambda _
+ (chdir "..")
+ #t)))))
+ (home-page "https://git.zx2c4.com/wireguard-linux-compat/")
+ (synopsis "WireGuard kernel module for Linux 3.10 through 5.5")
+ (description "This package contains an out-of-tree kernel patch and
+a loadable module adding WireGuard to Linux kernel versions 3.10 through 5.5.
+WireGuard was added to Linux 5.6.")
(license license:gpl2)))
(define-public wireguard-tools
(package
(name "wireguard-tools")
- (version "1.0.20200206")
+ (version "1.0.20210315")
(source
(origin
(method git-fetch)
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
- (base32 "0ivc08lds5w39a6f2xdfih9wlk5g724hl3kpdvxvh5yff4l84qb7"))))
+ (base32 "1an5gm2dv111n3fylbrnyynxmi2d3iwf2b46zq08hc54kzazxcml"))))
(build-system gnu-build-system)
(arguments
`(#:make-flags
- (list "CC=gcc"
+ (list ,(string-append "CC=" (cc-for-target))
"--directory=src"
"WITH_BASHCOMPLETION=yes"
;; Install the ‘simple and dirty’ helper script wg-quick(8).
#:phases
(modify-phases %standard-phases
;; No configure script
- (delete 'configure))))
+ (delete 'configure)
+ (add-after 'install 'install-contrib-docs
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (copy-recursively "contrib/"
+ (string-append out "/share/doc/wireguard-tools"))
+ #t)))
+ (add-after 'install 'wrap-wg-quick
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (inputs-sbin (map (lambda (input)
+ (string-append (assoc-ref inputs input) "/sbin"))
+ (list "resolvconf" "iproute" "procps"
+ "iptables")))
+ (coreutils (string-append (assoc-ref inputs "coreutils")
+ "/bin")))
+ (wrap-program (string-append out "/bin/wg-quick")
+ `("PATH" ":" prefix ,(append inputs-sbin
+ (list coreutils))))
+ #t))))))
+ (inputs
+ `(("resolvconf" ,openresolv)
+ ("coreutils" ,coreutils)
+ ("bash" ,bash) ; for scripts using /dev/tcp
+ ("procps" ,procps)
+ ("iproute" ,iproute)
+ ("iptables" ,iptables)))
(home-page "https://www.wireguard.com/")
(synopsis "Tools for configuring WireGuard tunnels")
(description
(list license:lgpl2.1+ ; src/netlink.h & contrib/embeddable-wg-library
license:gpl2)))) ; everything else
+(define-public wireguard
+ (deprecated-package "wireguard" wireguard-tools))
+
(define-public xl2tpd
(package
(name "xl2tpd")
- (version "1.3.15")
+ (version "1.3.16")
(source (origin
(method git-fetch)
(uri (git-reference
(file-name (git-file-name name version))
(sha256
(base32
- "0ppwza8nwm1av1vldw40gin9wrjrs4l9si50jad414js3k8ycaag"))))
+ "0is5ccrvijz0pfm45pfrlbb9y8231yz3c4zqs8mkgakl9rxajy6l"))))
(build-system gnu-build-system)
(arguments
`(#:make-flags (list (string-append "PREFIX=" %output)
"CC=gcc")
#:phases (modify-phases %standard-phases
- (delete 'configure)) ; no configure script
+ (delete 'configure) ;no configure script
+ (add-before 'build 'setup-environment
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "l2tp.h"
+ (("/usr/sbin/pppd")
+ (string-append (assoc-ref inputs "ppp")
+ "/sbin/pppd")))
+ (setenv "KERNELSRC"
+ (assoc-ref inputs "linux-libre-headers"))
+ #t)))
#:tests? #f)) ; no tests provided
- (inputs `(("libpcap" ,libpcap)))
+ (inputs `(("libpcap" ,libpcap)
+ ("linux-libre-headers" ,linux-libre-headers)
+ ("ppp" ,ppp)))
(home-page "https://www.xelerance.com/software/xl2tpd/")
(synopsis "Layer 2 Tunnelling Protocol Daemon (RFC 2661)")
(description