;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
-;;; Copyright © 2013, 2016, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2016, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Jeff Mickey <j@codemac.net>
;;; Copyright © 2016, 2017, 2019 Efraim Flashner <efraim@flashner.co.il>
-;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu>
-;;; Copyright © 2018 Pierre Langlois <pierre.langlois@gmx.com>
+;;; Copyright © 2018, 2020 Pierre Langlois <pierre.langlois@gmx.com>
;;; Copyright © 2018 Meiyo Peng <meiyo.peng@gmail.com>
-;;; Copyright © 2019 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2019, 2020 Leo Famulari <leo@famulari.name>
;;; Copyright © 2019 Rutger Helling <rhelling@mykolab.com>
;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2020 Brice Waegeneire <brice@waegenei.re>
+;;; Copyright © 2020 Ryan Prior <rprior@protonmail.com>
+;;; Copyright © 2020 Ivan Kozlov <kanichos@yandex.ru>
+;;; Copyright © 2020 David Dashyan <mail@davie.li>
;;;
;;; This file is part of GNU Guix.
;;;
#:use-module (guix git-download)
#:use-module (guix build-system cmake)
#:use-module (guix build-system gnu)
+ #:use-module (guix build-system linux-module)
#:use-module (guix build-system python)
+ #:use-module (guix utils)
#:use-module (gnu packages)
#:use-module (gnu packages admin)
#:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
#:use-module (gnu packages check)
+ #:use-module (gnu packages dns)
#:use-module (gnu packages autotools)
#:use-module (gnu packages compression)
#:use-module (gnu packages gettext)
#:use-module (gnu packages guile)
#:use-module (gnu packages libevent)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages ncurses)
#:use-module (gnu packages nss)
#:use-module (gnu packages perl)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
#:use-module (gnu packages python-xyz)
+ #:use-module (gnu packages python-web)
+ #:use-module (gnu packages samba)
#:use-module (gnu packages tls)
#:use-module (gnu packages xml))
1DES, MD5, SHA1, DH1/2/5 and IP tunneling. It runs entirely in userspace.
Only \"Universal TUN/TAP device driver support\" is needed in the kernel.")
(license license:gpl2+) ; some file are bsd-2, see COPYING
- (home-page "http://www.unix-ag.uni-kl.de/~massar/vpnc/")))
+ (home-page "https://www.unix-ag.uni-kl.de/~massar/vpnc/")))
(define-public vpnc-scripts
- (let ((commit "1000e0f6dd7d6bff163169a46359211c1fc3a6d2"))
+ (let ((commit "3885f8bbc4ae03fd6da0ada6de12f7223a59595c"))
(package
(name "vpnc-scripts")
- (version (string-append "20190116." (string-take commit 7)))
+ (version (string-append "20200925." (string-take commit 7)))
(source (origin
(method git-fetch)
(uri
(file-name (git-file-name name version))
(sha256
(base32
- "1g41yarz2bl0f73kbjqnywr485ghanbp7nmspklfb0n07yp0z6ak"))))
+ "1pmi4n58q81pmn9arvfixhvv6vkkf3rpwac3hwnwyl882q5q0ccx"))))
(build-system gnu-build-system)
- (inputs `(("guile" ,guile-2.2) ; for the wrapper scripts
+ (inputs `(("guile" ,guile-3.0) ; for the wrapper scripts
("coreutils" ,coreutils)
("grep" ,grep)
("iproute2" ,iproute) ; for ‘ip’
(for-each (lambda (script)
(substitute* script
(("^PATH=.*") "")
- (("(/usr|)/s?bin/") "")
+ (("/usr/s?bin/") "")
(("\\[ +-x +([^]]+) +\\]" _ command)
(string-append "command -v >/dev/null 2>&1 "
command))))
(source (origin
(method git-fetch)
(uri (git-reference
- (url "https://github.com/cernekee/ocproxy.git")
+ (url "https://github.com/cernekee/ocproxy")
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
(define-public openconnect
(package
(name "openconnect")
- (version "8.05")
+ (version "8.10")
(source (origin
(method url-fetch)
(uri (string-append "ftp://ftp.infradead.org/pub/openconnect/"
"openconnect-" version ".tar.gz"))
(sha256
- (base32 "14i9q727c2zc9xhzp1a9hz3gzb5lwgsslbhircm84dnbs192jp1k"))))
+ (base32 "1cdsx4nsrwawbsisfkldfc9i4qn60g03vxb13nzppr2br9p4rrih"))))
(build-system gnu-build-system)
(propagated-inputs
`(("libxml2" ,libxml2)
("gnutls" ,gnutls)
("zlib" ,zlib)))
(inputs
- `(("vpnc-scripts" ,vpnc-scripts)))
+ `(("lz4" ,lz4)
+ ("vpnc-scripts" ,vpnc-scripts)))
(native-inputs
`(("gettext" ,gettext-minimal)
("pkg-config" ,pkg-config)))
(license license:lgpl2.1)
(home-page "https://www.infradead.org/openconnect/")))
+(define-public openfortivpn
+ (package
+ (name "openfortivpn")
+ (version "1.15.0")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/adrienverge/openfortivpn")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "1qsfgpxg553s8rc9cyrc4k96z0pislxsdxb9wyhp8fdprkak2mw2"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("autoconf" ,autoconf)
+ ("autotools" ,automake)
+ ("pkg-config" ,pkg-config)))
+ (inputs
+ `(("openssl" ,openssl)
+ ("ppp" ,ppp)))
+ (home-page "https://github.com/adrienverge/openfortivpn")
+ (synopsis "Client for PPP+SSL VPN tunnel services")
+ (description "Openfortivpn is a client for PPP+SSL VPN tunnel services. It
+spawns a pppd process and operates the communication between the gateway and
+this process. It is compatible with Fortinet VPNs.")
+ (license license:gpl3+)))
+
(define-public openvpn
(package
(name "openvpn")
- (version "2.4.8")
+ (version "2.4.10")
(source (origin
(method url-fetch)
(uri (string-append
version ".tar.xz"))
(sha256
(base32
- "149z3agjy03i66mcj5bplim2mh45s2ps1wmxbxczyzw0nxmsd37v"))))
+ "0xx378ja2rdfaayc257z0z5ddsp8h0jcpqnd1a6bdw3rlsam6a6g"))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags '("--enable-iproute2=yes")))
traversing network address translators (@dfn{NAT}s) and firewalls.")
(license license:gpl2)))
+(define-public protonvpn-cli
+ (package
+ (name "protonvpn-cli")
+ (version "2.2.6")
+ (source
+ (origin
+ ;; PyPI has a ".whl" file but not a proper source release.
+ ;; Thus, fetch code from Git.
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/ProtonVPN/linux-cli")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0y7v9ikrmy5dbjlpbpacp08gy838i8z54m8m4ps7ldk1j6kyia3n"))))
+ (build-system python-build-system)
+ (arguments '(#:tests? #f)) ; no tests in repo
+ (native-inputs
+ `(("python-docopt" ,python-docopt)))
+ (inputs
+ `(("python-jinja2" ,python-jinja2)
+ ("python-pythondialog" ,python-pythondialog)
+ ("python-requests" ,python-requests)))
+ (propagated-inputs
+ `(("openvpn" ,openvpn)
+ ("dialog" ,dialog)))
+ (synopsis "Command-line client for ProtonVPN")
+ (description
+ "This is the official command-line interface for ProtonVPN, a secure
+point-to-point virtual private networking (VPN) service with a gratis tier.
+It can automatically find and connect to the fastest servers or use Tor over
+VPN. The gratis tier offers unlimited bandwidth for up to 10 devices.")
+ (home-page "https://github.com/ProtonVPN/linux-cli")
+ (license license:gpl3+)))
+
(define-public tinc
(package
(name "tinc")
(native-inputs
`(("python-setuptools-scm" ,python-setuptools-scm)
;; For tests only.
- ("python-flake8", python-flake8)
+ ("python-flake8" ,python-flake8)
("python-mock" ,python-mock)
("python-pytest-cov" ,python-pytest-cov)
("python-pytest-runner" ,python-pytest-runner)))
(origin
(method git-fetch)
(uri (git-reference
- (url "https://github.com/ambrop72/badvpn.git")
+ (url "https://github.com/ambrop72/badvpn")
(commit version)))
(file-name (git-file-name name version))
(sha256
;; 3-clause BSD license.
(license license:bsd-3)))
-(define-public wireguard
+(define-public wireguard-linux-compat
(package
- (name "wireguard")
- (version "0.0.20191127")
+ (name "wireguard-linux-compat")
+ (version "1.0.20201112")
(source (origin
(method url-fetch)
- (uri (string-append "https://git.zx2c4.com/WireGuard/snapshot/"
- "WireGuard-" version ".tar.xz"))
+ (uri (string-append "https://git.zx2c4.com/wireguard-linux-compat/"
+ "snapshot/wireguard-linux-compat-" version
+ ".tar.xz"))
(sha256
(base32
- "01ixdhbvx5yiq07msd60f98685wdksss4pfhdn1d8r25z2k80kkx"))))
- (build-system gnu-build-system)
- (outputs '("out" ; The WireGuard userspace tools
- "kernel-patch")) ; A patch to build Linux with WireGuard support
+ "1qcpg1rcmy4h529a0spjm50qgxjgjy20j29fpbrqsv5xq3qfgsl9"))))
+ (build-system linux-module-build-system)
+ (outputs '("out"
+ "kernel-patch"))
(arguments
- `(#:tests? #f ; No tests available.
- #:make-flags
- (list "CC=gcc"
- "WITH_BASHCOMPLETION=yes"
- ;; Build and install the helper script wg-quick(8).
- "WITH_WGQUICK=yes"
- (string-append "PREFIX=" (assoc-ref %outputs "out"))
- (string-append "SYSCONFDIR=" (assoc-ref %outputs "out") "/etc"))
- #:modules ((guix build gnu-build-system)
+ `(#:linux ,linux-libre-5.4 ; mustn't have WG built-in
+ #:tests? #f ; no test suite
+ #:modules ((guix build linux-module-build-system)
(guix build utils)
(ice-9 popen)
(ice-9 textual-ports))
#:phases
(modify-phases %standard-phases
- ;; There is no ./configure script.
- (delete 'configure)
- ;; Until WireGuard is added to the upstream Linux kernel, it is
- ;; distributed as a kernel patch generated by this script.
- (add-after 'patch-source-shebangs 'make-patch
+ (add-before 'build 'change-directory
+ (lambda _
+ (chdir "./src")
+ #t))
+ (add-after 'build 'build-patch
(lambda* (#:key outputs #:allow-other-keys)
- (let* ((output (string-append (assoc-ref outputs "kernel-patch")
- "/wireguard.patch"))
- (patch-builder "./contrib/kernel-tree/create-patch.sh")
+ (let* ((patch-builder "../kernel-tree-scripts/create-patch.sh")
(port (open-input-pipe patch-builder))
(str (get-string-all port)))
(close-pipe port)
- (mkdir-p (dirname output))
- (call-with-output-file output
+ (call-with-output-file "wireguard.patch"
(lambda (port)
(format port "~a" str))))
- #t))
- (add-after 'make-patch 'chdir
- (lambda _
- (chdir "src/tools")
#t))
- ;; Otherwise the 'install-license-file' phase installs nothing.
- ;; <https://bugs.gnu.org/34703>
- (add-after 'install 'reset-cwd
+ (add-after 'install 'install-patch
+ (lambda* (#:key outputs #:allow-other-keys)
+ (install-file "wireguard.patch"
+ (assoc-ref %outputs "kernel-patch"))
+ #t))
+ ;; So that 'install-license-files' works...
+ (add-before 'install-license-files 'reset-cwd
(lambda _
- (chdir "../..")
+ (chdir "..")
#t)))))
+ (home-page "https://git.zx2c4.com/wireguard-linux-compat/")
+ (synopsis "WireGuard kernel module for Linux 3.10 through 5.5")
+ (description "This package contains an out-of-tree kernel patch and
+a loadable module adding WireGuard to Linux kernel versions 3.10 through 5.5.
+WireGuard was added to Linux 5.6.")
+ (license license:gpl2)))
+
+(define-public wireguard-tools
+ (package
+ (name "wireguard-tools")
+ (version "1.0.20200827")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://git.zx2c4.com/wireguard-tools.git")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "1h351hn531z6z85sx9ya27xjz1jszgn1pkwibacjj49mds15f7gn"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:make-flags
+ (list ,(string-append "CC=" (cc-for-target))
+ "--directory=src"
+ "WITH_BASHCOMPLETION=yes"
+ ;; Install the ‘simple and dirty’ helper script wg-quick(8).
+ "WITH_WGQUICK=yes"
+ (string-append "PREFIX=" (assoc-ref %outputs "out"))
+ ;; Currently used only to create an empty /etc/wireguard directory.
+ (string-append "SYSCONFDIR=no-thanks"))
+ ;; The test suite is meant to be run interactively. It runs Clang's
+ ;; scan-build static analyzer and then starts a web server to display the
+ ;; results.
+ #:tests? #f
+ #:phases
+ (modify-phases %standard-phases
+ ;; No configure script
+ (delete 'configure)
+ (add-after 'install 'install-contrib-docs
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (copy-recursively "contrib/"
+ (string-append out "/share/doc/wireguard-tools"))
+ #t)))
+ (add-after 'install 'wrap-wg-quick
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (inputs-sbin (map (lambda (input)
+ (string-append (assoc-ref inputs input) "/sbin"))
+ (list "resolvconf" "iproute" "procps"
+ "iptables")))
+ (coreutils (string-append (assoc-ref inputs "coreutils")
+ "/bin")))
+ (wrap-program (string-append out "/bin/wg-quick")
+ `("PATH" ":" prefix ,(append inputs-sbin
+ (list coreutils))))
+ #t))))))
(inputs
- `(("libmnl" ,libmnl)))
+ `(("resolvconf" ,openresolv)
+ ("coreutils" ,coreutils)
+ ("bash" ,bash) ; for scripts using /dev/tcp
+ ("procps" ,procps)
+ ("iproute" ,iproute)
+ ("iptables" ,iptables)))
(home-page "https://www.wireguard.com/")
- (synopsis "Tools for configuring WireGuard")
- (description "This package provides the userspace tools for setting and
-retrieving configuration of WireGuard network tunnel interfaces, and a patch
-that can be applied to a Linux kernel source tree in order to build it with
-WireGuard support.")
- (license license:gpl2)))
+ (synopsis "Tools for configuring WireGuard tunnels")
+ (description
+ "This package provides the user-space command-line tools for using and
+configuring WireGuard tunnels.
+
+WireGuard is a simple and fast general-purpose @acronym{VPN, Virtual Private
+Network} that securely encapsulates IP packets over UDP. It aims to be as easy
+to configure and deploy as SSH. VPN connections are made simply by exchanging
+public keys and can roam across IP addresses.")
+ (license
+ (list license:lgpl2.1+ ; src/netlink.h & contrib/embeddable-wg-library
+ license:gpl2)))) ; everything else
+
+(define-public wireguard
+ (deprecated-package "wireguard" wireguard-tools))
(define-public xl2tpd
(package
(name "xl2tpd")
- (version "1.3.15")
+ (version "1.3.16")
(source (origin
(method git-fetch)
(uri (git-reference
(file-name (git-file-name name version))
(sha256
(base32
- "0ppwza8nwm1av1vldw40gin9wrjrs4l9si50jad414js3k8ycaag"))))
+ "0is5ccrvijz0pfm45pfrlbb9y8231yz3c4zqs8mkgakl9rxajy6l"))))
(build-system gnu-build-system)
(arguments
`(#:make-flags (list (string-append "PREFIX=" %output)
"CC=gcc")
#:phases (modify-phases %standard-phases
- (delete 'configure)) ; no configure script
+ (delete 'configure) ;no configure script
+ (add-before 'build 'setup-environment
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "l2tp.h"
+ (("/usr/sbin/pppd")
+ (string-append (assoc-ref inputs "ppp")
+ "/sbin/pppd")))
+ (setenv "KERNELSRC"
+ (assoc-ref inputs "linux-libre-headers"))
+ #t)))
#:tests? #f)) ; no tests provided
- (inputs `(("libpcap" ,libpcap)))
+ (inputs `(("libpcap" ,libpcap)
+ ("linux-libre-headers" ,linux-libre-headers)
+ ("ppp" ,ppp)))
(home-page "https://www.xelerance.com/software/xl2tpd/")
(synopsis "Layer 2 Tunnelling Protocol Daemon (RFC 2661)")
(description