2016-02-24 04:06:45 +00:00
|
|
|
{ stdenv, fetchurl, makeWrapper,
|
|
|
|
pkgconfig, systemd, gmp, unbound, bison, flex, pam, libevent, libcap_ng, curl, nspr,
|
2016-05-24 09:34:51 +01:00
|
|
|
bash, iproute, iptables, procps, coreutils, gnused, gawk, nss, which, python,
|
2019-12-07 23:52:42 +00:00
|
|
|
docs ? false, xmlto, libselinux, ldns
|
2016-02-24 04:06:45 +00:00
|
|
|
}:
|
|
|
|
|
|
|
|
let
|
|
|
|
optional = stdenv.lib.optional;
|
2019-12-07 23:52:42 +00:00
|
|
|
version = "3.29";
|
2016-02-24 04:06:45 +00:00
|
|
|
name = "libreswan-${version}";
|
|
|
|
binPath = stdenv.lib.makeBinPath [
|
2016-05-24 09:34:51 +01:00
|
|
|
bash iproute iptables procps coreutils gnused gawk nss.tools which python
|
2016-02-24 04:06:45 +00:00
|
|
|
];
|
|
|
|
in
|
|
|
|
|
|
|
|
assert docs -> xmlto != null;
|
2019-12-07 23:52:42 +00:00
|
|
|
assert stdenv.isLinux -> libselinux != null;
|
2016-02-24 04:06:45 +00:00
|
|
|
|
|
|
|
stdenv.mkDerivation {
|
|
|
|
inherit name;
|
|
|
|
inherit version;
|
|
|
|
|
|
|
|
src = fetchurl {
|
|
|
|
url = "https://download.libreswan.org/${name}.tar.gz";
|
2019-12-07 23:52:42 +00:00
|
|
|
sha256 = "0gmbb1m5in5dvnbk1n31r8myrdankzvi6yk9gcqbcwijyih423nn";
|
2016-02-24 04:06:45 +00:00
|
|
|
};
|
|
|
|
|
2017-11-16 02:43:15 +00:00
|
|
|
# These flags were added to compile v3.18. Try to lift them when updating.
|
2019-10-30 11:34:47 +00:00
|
|
|
NIX_CFLAGS_COMPILE = toString [ "-Wno-error=redundant-decls" "-Wno-error=format-nonliteral"
|
2018-03-08 19:44:43 +00:00
|
|
|
# these flags were added to build with gcc7
|
|
|
|
"-Wno-error=implicit-fallthrough"
|
|
|
|
"-Wno-error=format-truncation"
|
|
|
|
"-Wno-error=pointer-compare"
|
2019-11-03 12:32:09 +00:00
|
|
|
"-Wno-error=stringop-truncation"
|
2018-03-08 19:44:43 +00:00
|
|
|
];
|
2017-11-16 02:43:15 +00:00
|
|
|
|
2017-09-05 23:03:42 +01:00
|
|
|
nativeBuildInputs = [ makeWrapper pkgconfig ];
|
2017-09-05 22:26:13 +01:00
|
|
|
buildInputs = [ bash iproute iptables systemd coreutils gnused gawk gmp unbound bison flex pam libevent
|
2019-12-07 23:52:42 +00:00
|
|
|
libcap_ng curl nspr nss python ldns ]
|
|
|
|
++ optional docs xmlto
|
|
|
|
++ optional stdenv.isLinux libselinux;
|
2016-02-24 04:06:45 +00:00
|
|
|
|
|
|
|
prePatch = ''
|
|
|
|
# Correct bash path
|
|
|
|
sed -i -e 's|/bin/bash|/usr/bin/env bash|' mk/config.mk
|
|
|
|
|
2019-12-07 23:52:42 +00:00
|
|
|
# Fix systemd unit directory, and prevent the makefile from trying to reload the
|
|
|
|
# systemd daemon or create tmpfiles
|
|
|
|
sed -i -e 's|UNITDIR=.*$|UNITDIR=$\{out}/etc/systemd/system/|g' \
|
|
|
|
-e 's|TMPFILESDIR=.*$|TMPFILESDIR=$\{out}/tmpfiles.d/|g' \
|
|
|
|
-e 's|systemctl|true|g' \
|
|
|
|
-e 's|systemd-tmpfiles|true|g' \
|
|
|
|
initsystems/systemd/Makefile
|
2016-02-24 04:06:45 +00:00
|
|
|
|
|
|
|
# Fix the ipsec program from crushing the PATH
|
|
|
|
sed -i -e 's|\(PATH=".*"\):.*$|\1:$PATH|' programs/ipsec/ipsec.in
|
|
|
|
|
|
|
|
# Fix python script to use the correct python
|
|
|
|
sed -i -e 's|#!/usr/bin/python|#!/usr/bin/env python|' -e 's/^\(\W*\)installstartcheck()/\1sscmd = "ss"\n\0/' programs/verify/verify.in
|
|
|
|
'';
|
2017-11-16 02:43:15 +00:00
|
|
|
|
2016-02-24 04:06:45 +00:00
|
|
|
# Set appropriate paths for build
|
|
|
|
preBuild = "export INC_USRLOCAL=\${out}";
|
|
|
|
|
2017-11-16 02:43:15 +00:00
|
|
|
makeFlags = [
|
2016-02-24 04:06:45 +00:00
|
|
|
"INITSYSTEM=systemd"
|
|
|
|
(if docs then "all" else "base")
|
|
|
|
];
|
|
|
|
|
|
|
|
installTargets = [ (if docs then "install" else "install-base") ];
|
|
|
|
# Hack to make install work
|
|
|
|
installFlags = [
|
|
|
|
"FINALVARDIR=\${out}/var"
|
|
|
|
"FINALSYSCONFDIR=\${out}/etc"
|
|
|
|
];
|
|
|
|
|
|
|
|
postInstall = ''
|
|
|
|
for i in $out/bin/* $out/libexec/ipsec/*; do
|
|
|
|
wrapProgram "$i" --prefix PATH ':' "$out/bin:${binPath}"
|
|
|
|
done
|
|
|
|
'';
|
|
|
|
|
2017-11-16 02:43:15 +00:00
|
|
|
enableParallelBuilding = true;
|
2016-03-02 15:36:22 +00:00
|
|
|
|
2018-09-10 20:28:59 +01:00
|
|
|
meta = with stdenv.lib; {
|
2017-08-01 21:03:30 +01:00
|
|
|
homepage = https://libreswan.org;
|
2016-02-24 04:06:45 +00:00
|
|
|
description = "A free software implementation of the VPN protocol based on IPSec and the Internet Key Exchange";
|
2018-09-10 20:28:59 +01:00
|
|
|
platforms = platforms.linux ++ platforms.darwin ++ platforms.freebsd;
|
|
|
|
license = licenses.gpl2;
|
|
|
|
maintainers = [ maintainers.afranchuk ];
|
2016-02-24 04:06:45 +00:00
|
|
|
};
|
|
|
|
}
|