From b59013249edd23870197b3da854a90b572733c8e Mon Sep 17 00:00:00 2001 From: Drew Hess Date: Tue, 17 Oct 2017 01:10:42 -0700 Subject: [PATCH] strongswan: enable openssl plugin (#30494) The NIST elliptic curve groups (ecp192 etc.) are only available if the OpenSSL plugin is enabled, and these groups are currently the only EC groups supported on iOS and macOS devices. --- pkgs/tools/networking/strongswan/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/networking/strongswan/default.nix b/pkgs/tools/networking/strongswan/default.nix index 0671b7d00899..641e12388728 100644 --- a/pkgs/tools/networking/strongswan/default.nix +++ b/pkgs/tools/networking/strongswan/default.nix @@ -44,6 +44,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--enable-swanctl" "--enable-cmd" "--enable-systemd" "--enable-farp" "--enable-dhcp" + "--enable-openssl" "--enable-eap-sim" "--enable-eap-sim-file" "--enable-eap-simaka-pseudonym" "--enable-eap-simaka-reauth" "--enable-eap-identity" "--enable-eap-md5" "--enable-eap-gtc" "--enable-eap-aka" "--enable-eap-aka-3gpp2" @@ -55,7 +56,7 @@ stdenv.mkDerivation rec { ++ stdenv.lib.optional (stdenv.system == "i686-linux") "--enable-padlock" ++ stdenv.lib.optionals enableTNC [ "--disable-gmp" "--disable-aes" "--disable-md5" "--disable-sha1" "--disable-sha2" "--disable-fips-prf" - "--enable-curl" "--enable-openssl" + "--enable-curl" "--enable-eap-tnc" "--enable-eap-ttls" "--enable-eap-dynamic" "--enable-tnccs-20" "--enable-tnc-imc" "--enable-imc-os" "--enable-imc-attestation" "--enable-tnc-imv" "--enable-imv-attestation"