nixpkgs/pkgs/os-specific/linux/ipsec-tools/default.nix

49 lines
1.4 KiB
Nix
Raw Normal View History

{ stdenv, fetchurl, fetchpatch, linuxHeaders, readline, openssl, flex, kerberos, pam }:
2012-10-20 13:06:09 +02:00
# TODO: These tools are supposed to work under NetBSD and FreeBSD as
# well, so I guess it's not appropriate to place this expression in
# "os-specific/linux/ipsec-tools". Since I cannot verify that the
# expression actually builds on those platforms, I'll leave it here for
# the time being.
stdenv.mkDerivation rec {
2014-03-03 11:08:41 +01:00
name = "ipsec-tools-0.8.2";
2012-10-20 13:06:09 +02:00
src = fetchurl {
url = "mirror://sourceforge/ipsec-tools/${name}.tar.bz2";
2014-03-03 11:08:41 +01:00
sha256 = "0b9gfbz78k2nj0k7jdlm5kajig628ja9qm0z5yksiwz22s3v7dlf";
2012-10-20 13:06:09 +02:00
};
buildInputs = [ readline openssl flex kerberos pam ];
2012-10-20 13:06:09 +02:00
patches = [
./dont-create-localstatedir-during-install.patch
./CVE-2015-4047.patch
./CVE-2016-10396.patch
];
2012-10-20 13:06:09 +02:00
# fix build with newer gcc versions
preConfigure = ''substituteInPlace configure --replace "-Werror" "" '';
configureFlags = [
"--sysconfdir=/etc --localstatedir=/var"
"--with-kernel-headers=${linuxHeaders}/include"
"--disable-security-context"
"--enable-adminport"
"--enable-dpd"
"--enable-frag"
"--enable-gssapi"
"--enable-hybrid"
"--enable-natt"
"--enable-shared"
"--enable-stats"
];
2012-10-20 13:06:09 +02:00
2018-08-30 00:32:24 +02:00
meta = with stdenv.lib; {
homepage = "http://ipsec-tools.sourceforge.net/";
2012-10-20 13:06:09 +02:00
description = "Port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation";
2018-08-30 00:32:24 +02:00
license = licenses.bsd3;
platforms = platforms.linux;
2012-10-20 13:06:09 +02:00
};
}