2017-08-01 08:48:46 +02:00
|
|
|
{ stdenv, fetchurl, fetchpatch, linuxHeaders, readline, openssl, flex, kerberos, pam }:
|
2012-10-20 13:06:09 +02:00
|
|
|
|
|
|
|
# TODO: These tools are supposed to work under NetBSD and FreeBSD as
|
|
|
|
# well, so I guess it's not appropriate to place this expression in
|
|
|
|
# "os-specific/linux/ipsec-tools". Since I cannot verify that the
|
|
|
|
# expression actually builds on those platforms, I'll leave it here for
|
|
|
|
# the time being.
|
|
|
|
|
|
|
|
stdenv.mkDerivation rec {
|
2014-03-03 11:08:41 +01:00
|
|
|
name = "ipsec-tools-0.8.2";
|
2012-10-20 13:06:09 +02:00
|
|
|
|
|
|
|
src = fetchurl {
|
|
|
|
url = "mirror://sourceforge/ipsec-tools/${name}.tar.bz2";
|
2014-03-03 11:08:41 +01:00
|
|
|
sha256 = "0b9gfbz78k2nj0k7jdlm5kajig628ja9qm0z5yksiwz22s3v7dlf";
|
2012-10-20 13:06:09 +02:00
|
|
|
};
|
|
|
|
|
2014-12-30 09:05:12 +01:00
|
|
|
buildInputs = [ readline openssl flex kerberos pam ];
|
2012-10-20 13:06:09 +02:00
|
|
|
|
2017-08-01 08:48:46 +02:00
|
|
|
patches = [
|
|
|
|
./dont-create-localstatedir-during-install.patch
|
|
|
|
./CVE-2015-4047.patch
|
2019-10-04 12:33:31 +02:00
|
|
|
./CVE-2016-10396.patch
|
2017-08-01 08:48:46 +02:00
|
|
|
];
|
2012-10-20 13:06:09 +02:00
|
|
|
|
2014-01-05 11:29:15 +01:00
|
|
|
# fix build with newer gcc versions
|
|
|
|
preConfigure = ''substituteInPlace configure --replace "-Werror" "" '';
|
|
|
|
|
2018-07-25 23:44:21 +02:00
|
|
|
configureFlags = [
|
|
|
|
"--sysconfdir=/etc --localstatedir=/var"
|
|
|
|
"--with-kernel-headers=${linuxHeaders}/include"
|
|
|
|
"--disable-security-context"
|
|
|
|
"--enable-adminport"
|
|
|
|
"--enable-dpd"
|
|
|
|
"--enable-frag"
|
|
|
|
"--enable-gssapi"
|
|
|
|
"--enable-hybrid"
|
|
|
|
"--enable-natt"
|
|
|
|
"--enable-shared"
|
|
|
|
"--enable-stats"
|
|
|
|
];
|
2012-10-20 13:06:09 +02:00
|
|
|
|
2018-08-30 00:32:24 +02:00
|
|
|
meta = with stdenv.lib; {
|
2020-04-01 03:11:51 +02:00
|
|
|
homepage = "http://ipsec-tools.sourceforge.net/";
|
2012-10-20 13:06:09 +02:00
|
|
|
description = "Port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation";
|
2018-08-30 00:32:24 +02:00
|
|
|
license = licenses.bsd3;
|
|
|
|
platforms = platforms.linux;
|
2012-10-20 13:06:09 +02:00
|
|
|
};
|
|
|
|
}
|