nixpkgs/pkgs/os-specific/linux/ipsec-tools/default.nix

47 lines
1.4 KiB
Nix
Raw Normal View History

{ stdenv, fetchurl, linuxHeaders, readline, openssl, flex, kerberos, pam }:
2012-10-20 12:06:09 +01:00
# TODO: These tools are supposed to work under NetBSD and FreeBSD as
# well, so I guess it's not appropriate to place this expression in
# "os-specific/linux/ipsec-tools". Since I cannot verify that the
# expression actually builds on those platforms, I'll leave it here for
# the time being.
stdenv.mkDerivation rec {
2014-03-03 10:08:41 +00:00
name = "ipsec-tools-0.8.2";
2012-10-20 12:06:09 +01:00
src = fetchurl {
url = "mirror://sourceforge/ipsec-tools/${name}.tar.bz2";
2014-03-03 10:08:41 +00:00
sha256 = "0b9gfbz78k2nj0k7jdlm5kajig628ja9qm0z5yksiwz22s3v7dlf";
2012-10-20 12:06:09 +01:00
};
buildInputs = [ readline openssl flex kerberos pam ];
2012-10-20 12:06:09 +01:00
patches = [ ./dont-create-localstatedir-during-install.patch
./CVE-2015-4047.patch ];
2012-10-20 12:06:09 +01:00
# fix build with newer gcc versions
preConfigure = ''substituteInPlace configure --replace "-Werror" "" '';
2012-10-20 12:06:09 +01:00
configureFlags = ''
--sysconfdir=/etc --localstatedir=/var
--with-kernel-headers=${linuxHeaders}/include
--disable-security-context
--enable-adminport
--enable-dpd
--enable-frag
--enable-gssapi
--enable-hybrid
--enable-natt
--enable-shared
--enable-stats
'';
meta = {
homepage = "http://ipsec-tools.sourceforge.net/";
description = "Port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation";
platforms = stdenv.lib.platforms.linux;
maintainers = [stdenv.lib.maintainers.simons];
};
}