From 5f645557a475696c17d936024018103811e1a525 Mon Sep 17 00:00:00 2001
From: Adam Van Ymeren <adam@vany.ca>
Date: Wed, 31 Jan 2018 14:46:02 -0500
Subject: [PATCH] gnu: Add strongswan.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* gnu/packages/networking.scm (strongswan): New variable.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
---
 gnu/packages/networking.scm | 83 ++++++++++++++++++++++++++++++++++++-
 1 file changed, 82 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
index e3fd726def..cd5bcddf27 100644
--- a/gnu/packages/networking.scm
+++ b/gnu/packages/networking.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014, 2017 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2015, 2016, 2017 Stefan Reichör <stefan@xsteve.at>
@@ -18,6 +18,7 @@
 ;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
 ;;; Copyright © 2017 Gábor Boskovits <boskovits@gmail.com>
 ;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
+;;; Copyright © 2018 Adam Van Ymeren <adam@vany.ca>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -49,6 +50,7 @@ (define-module (gnu packages networking)
   #:use-module (gnu packages algebra)
   #:use-module (gnu packages audio)
   #:use-module (gnu packages autotools)
+  #:use-module (gnu packages base)
   #:use-module (gnu packages bison)
   #:use-module (gnu packages check)
   #:use-module (gnu packages code)
@@ -66,6 +68,7 @@ (define-module (gnu packages networking)
   #:use-module (gnu packages libidn)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages lua)
+  #:use-module (gnu packages multiprecision)
   #:use-module (gnu packages kerberos)
   #:use-module (gnu packages ncurses)
   #:use-module (gnu packages pcre)
@@ -1567,3 +1570,81 @@ (define-public mtr
 It then continually measures the response time and packet loss at each hop, and
 displays the results in real time.")
     (license license:gpl2+)))
+
+(define-public strongswan
+  (package
+    (name "strongswan")
+    (version "5.6.1")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://download.strongswan.org/strongswan-"
+                           version ".tar.bz2"))
+       (sha256
+        (base32 "0lxbyiary8iapx3ysw40czrmxf983fhfzs5mvz2hk1j1mpc85hp0"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-before 'build 'adjust-to-environment
+           (lambda* (#:key inputs #:allow-other-keys)
+             ;; Adjust file names.
+             (substitute* "src/libstrongswan/utils/process.c"
+               (("/bin/sh")
+                (string-append (assoc-ref inputs "bash") "/bin/sh")))
+
+             (substitute* "src/libstrongswan/tests/suites/test_process.c"
+               (("/bin/sh") (which "sh"))
+               (("/bin/echo") (which "echo"))
+               (("cat") (which "cat")))
+
+             ;; This is needed for tests.
+             (setenv "TZDIR" (string-append (assoc-ref inputs "tzdata")
+                                            "/share/zoneinfo"))
+             #t)))
+       #:configure-flags
+       (list
+        ;; Disable bsd-4 licensed plugins
+        "--disable-des"
+        "--disable-blowfish")))
+    (inputs
+     `(("curl" ,curl)
+       ("gmp" ,gmp)
+       ("libgcrypt" ,libgcrypt)
+       ("openssl" ,openssl)))
+    (native-inputs
+     `(("coreutils" ,coreutils)
+       ("tzdata" ,tzdata-2017a)))
+    (synopsis "IKEv1/v2 keying daemon")
+    (description "StrongSwan is an IPsec implementation originally based upon
+the FreeS/WAN project.  It contains support for IKEv1, IKEv2, MOBIKE, IPv6,
+NAT-T and more.")
+    (home-page "https://strongswan.org/")
+    (license
+     (list license:gpl2+
+           ;; src/aikgen/*
+           ;; src/libcharon/plugins/dnscert/*
+           ;; src/libcharon/plugins/ext_auth/*
+           ;; src/libcharon/plugins/vici/ruby/*
+           ;; src/libcharon/plugins/xauth_pam/xauth_pam_listener.[ch]
+           license:expat
+           ;; src/inclue/sys/*
+           license:bsd-3
+           ;; src/libstrongswan/plugins/sha3/sha3_keccak.c
+           license:public-domain
+           ;; src/libstrongswan/plugins/pkcs11/pkcs11.h
+           (license:non-copyleft
+            "file://src/libstrongswan/plugins/pkcs11/pkcs11.h"
+            "pkcs11 contains a unknown permissive license. View the specific
+file for more details.")
+           ;; These files are not included in the
+           ;; build, they are disabled through
+           ;; options to ./configure
+           ;;
+           ;; src/libstrongswan/plugins/blowfish/bf_enc.c
+           ;; src/libstrongswan/plugins/blowfish/bf_locl.h
+           ;; src/libstrongswan/plugins/blowfish/bf_pi.h
+           ;; src/libstrongswan/plugins/blowfish/bf_skey.c
+           ;; src/libstrongswan/plugins/blowfish/blowfish_crypter.c
+           ;; src/libstrongswan/plugins/des/des_crypter.c
+           license:bsd-4))))