JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #32216 from LumiGuide/networkmanager-strongswan

Browse Source 
networkmanager_strongswan: fix package
This commit is contained in:
Joachim F 2017-12-11 23:26:21 +00:00 committed by GitHub
commit 90accc093e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 46 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
nixos/modules/services/networking/networkmanager.nix
View File

@ -241,6 +241,19 @@ in {
A list of scripts which will be executed in response to network events. A list of scripts which will be executed in response to network events.
''; '';
}; };
enableStrongSwan = mkOption {
type = types.bool;
default = false;
description = ''
Enable the StrongSwan plugin.
</para><para>
If you enable this option the
<literal>networkmanager_strongswan</literal> plugin will be added to
the <option>networking.networkmanager.packages</option> option
so you don't need to to that yourself.
'';
};
}; };
}; };
@ -335,7 +348,11 @@ in {
security.polkit.extraConfig = polkitConf; security.polkit.extraConfig = polkitConf;
services.dbus.packages = cfg.packages; networking.networkmanager.packages =
mkIf cfg.enableStrongSwan [ pkgs.networkmanager_strongswan ];
services.dbus.packages =
optional cfg.enableStrongSwan pkgs.strongswanNM ++ cfg.packages;
services.udev.packages = cfg.packages; services.udev.packages = cfg.packages;
}; };

7
pkgs/tools/networking/network-manager/strongswan.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, intltool, pkgconfig, networkmanager, procps { stdenv, fetchurl, intltool, pkgconfig, networkmanager, strongswanNM, procps
, gnome3, libgnome_keyring, libsecret }: , gnome3, libgnome_keyring, libsecret }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
@ -16,7 +16,7 @@ stdenv.mkDerivation rec {
sed -i "s,nm_libexecdir=.*,nm_libexecdir=$out/libexec," "configure" sed -i "s,nm_libexecdir=.*,nm_libexecdir=$out/libexec," "configure"
''; '';
buildInputs = [ networkmanager libsecret ] buildInputs = [ networkmanager strongswanNM libsecret ]
++ (with gnome3; [ gtk libgnome_keyring networkmanagerapplet ]); ++ (with gnome3; [ gtk libgnome_keyring networkmanagerapplet ]);
nativeBuildInputs = [ intltool pkgconfig ]; nativeBuildInputs = [ intltool pkgconfig ];
@ -26,9 +26,10 @@ stdenv.mkDerivation rec {
--replace "/sbin/sysctl" "${procps}/bin/sysctl" --replace "/sbin/sysctl" "${procps}/bin/sysctl"
''; '';
configureFlags = [ "--with-charon=${strongswanNM}/libexec/ipsec/charon-nm" ];
meta = { meta = {
description = "NetworkManager's strongswan plugin"; description = "NetworkManager's strongswan plugin";
inherit (networkmanager.meta) platforms; inherit (networkmanager.meta) platforms;
}; };
} }

33
pkgs/tools/networking/strongswan/default.nix
View File

@ -1,7 +1,14 @@
{ stdenv, fetchurl, gmp, pkgconfig, python, autoreconfHook { stdenv, fetchurl
, curl, trousers, sqlite, iptables, libxml2, openresolv , pkgconfig, autoreconfHook
, ldns, unbound, pcsclite, openssl, systemd, pam , gmp, python, iptables, ldns, unbound, openssl, pcsclite
, enableTNC ? false }: , openresolv
, systemd, pam
, enableTNC ? false, curl, trousers, sqlite, libxml2
, enableNetworkManager ? false, networkmanager
}:
with stdenv.lib;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "strongswan-${version}"; name = "strongswan-${version}";
@ -17,8 +24,9 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkgconfig autoreconfHook ]; nativeBuildInputs = [ pkgconfig autoreconfHook ];
buildInputs = buildInputs =
[ gmp python iptables ldns unbound openssl pcsclite ] [ gmp python iptables ldns unbound openssl pcsclite ]
++ stdenv.lib.optionals enableTNC [ curl trousers sqlite libxml2 ] ++ optionals enableTNC [ curl trousers sqlite libxml2 ]
++ stdenv.lib.optionals stdenv.isLinux [ systemd.dev pam ]; ++ optionals stdenv.isLinux [ systemd.dev pam ]
++ optionals enableNetworkManager [ networkmanager ];
patches = [ patches = [
./ext_auth-path.patch ./ext_auth-path.patch
@ -54,9 +62,9 @@ stdenv.mkDerivation rec {
"--enable-forecast" "--enable-connmark" "--enable-acert" "--enable-forecast" "--enable-connmark" "--enable-acert"
"--enable-pkcs11" "--enable-eap-sim-pcsc" "--enable-dnscert" "--enable-unbound" "--enable-pkcs11" "--enable-eap-sim-pcsc" "--enable-dnscert" "--enable-unbound"
"--enable-af-alg" "--enable-xauth-pam" "--enable-chapoly" ] "--enable-af-alg" "--enable-xauth-pam" "--enable-chapoly" ]
++ stdenv.lib.optional stdenv.isx86_64 [ "--enable-aesni" "--enable-rdrand" ] ++ optionals stdenv.isx86_64 [ "--enable-aesni" "--enable-rdrand" ]
++ stdenv.lib.optional (stdenv.system == "i686-linux") "--enable-padlock" ++ optional (stdenv.system == "i686-linux") "--enable-padlock"
++ stdenv.lib.optionals enableTNC [ ++ optionals enableTNC [
"--disable-gmp" "--disable-aes" "--disable-md5" "--disable-sha1" "--disable-sha2" "--disable-fips-prf" "--disable-gmp" "--disable-aes" "--disable-md5" "--disable-sha1" "--disable-sha2" "--disable-fips-prf"
"--enable-curl" "--enable-curl"
"--enable-eap-tnc" "--enable-eap-ttls" "--enable-eap-dynamic" "--enable-tnccs-20" "--enable-eap-tnc" "--enable-eap-ttls" "--enable-eap-dynamic" "--enable-tnccs-20"
@ -65,14 +73,15 @@ stdenv.mkDerivation rec {
"--enable-tnc-ifmap" "--enable-tnc-imc" "--enable-tnc-imv" "--enable-tnc-ifmap" "--enable-tnc-imc" "--enable-tnc-imv"
"--with-tss=trousers" "--with-tss=trousers"
"--enable-aikgen" "--enable-aikgen"
"--enable-sqlite" ]; "--enable-sqlite" ]
++ optional enableNetworkManager "--enable-nm";
NIX_LDFLAGS = "-lgcc_s" ; NIX_LDFLAGS = "-lgcc_s" ;
meta = { meta = {
description = "OpenSource IPsec-based VPN Solution"; description = "OpenSource IPsec-based VPN Solution";
homepage = https://www.strongswan.org; homepage = https://www.strongswan.org;
license = stdenv.lib.licenses.gpl2Plus; license = licenses.gpl2Plus;
platforms = stdenv.lib.platforms.all; platforms = platforms.all;
}; };
} }

6
pkgs/top-level/all-packages.nix
View File

@ -4622,9 +4622,9 @@ with pkgs;
preCheck = "export PATH=dist/build/stutter:$PATH"; preCheck = "export PATH=dist/build/stutter:$PATH";
}); });
strongswan = callPackage ../tools/networking/strongswan { }; strongswan = callPackage ../tools/networking/strongswan { };
strongswanTNC = callPackage ../tools/networking/strongswan { enableTNC = true; };
strongswanTNC = callPackage ../tools/networking/strongswan { enableTNC=true; }; strongswanNM = callPackage ../tools/networking/strongswan { enableNetworkManager = true; };
su = shadow.su; su = shadow.su;