TakeV/guix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

gnu: strongswan: Configure more sensible defaults.

Browse source 
* gnu/packages/networking.scm (strongswan)[arguments]<#:configure-flags>:
Enable aesni, attr-sql, chapoly, curl, dhcp, eap-aka, eap-aka-3gpp,
eap-dynamic, eap-identity, eap-md5, eap-mschapv2, eap-peap, eap-radius,
eap-sim, eap-sim-file, eap-simaka-pseudonym, eap-simaka-reauth,
eap-simaka-sql, eap-tls, eap-tnc, eap-ttls, ext-auth, farp, ha, led, md4,
mediation, openssl, soup, sql, sqlite, xauth-eap, xauth-noauth, and
xauth-pam support.
Disable ldap, mysql, and systemd support.
Use libcap by default.
[inputs]: Add libcap, libsoup, and linux-pam.
[native-inputs]: Add pkg-config.

Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
This commit is contained in:
Domagoj Stolfa 2021-05-24 21:11:55 +01:00 committed by Tobias Geerinckx-Rice
parent f7331f06db
commit 77056478a2
No known key found for this signature in database
GPG key ID: 0DB0FF884F556D79
1 changed files with 51 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

53
gnu/packages/networking.scm
View file

@ -2881,16 +2881,65 @@ (define-public strongswan
#t))) #t)))
#:configure-flags #:configure-flags
(list (list
;; Disable bsd-4 licensed plugins. "--disable-ldap"
"--disable-mysql"
"--disable-systemd"
;; Disable BSD-4 licensed plugins.
"--disable-blowfish"
"--disable-des" "--disable-des"
"--disable-blowfish")))
;; Make it usable. The default configuration is far too minimal to be
;; used with most common VPN set-ups.
;; See <https://wiki.strongswan.org/projects/strongswan/wiki/Autoconf>.
"--enable-aesni"
"--enable-attr-sql"
"--enable-chapoly"
"--enable-curl"
"--enable-dhcp"
"--enable-eap-aka"
"--enable-eap-aka-3gpp"
"--enable-eap-dynamic"
"--enable-eap-identity"
"--enable-eap-md5"
"--enable-eap-mschapv2"
"--enable-eap-peap"
"--enable-eap-radius"
"--enable-eap-sim"
"--enable-eap-sim-file"
"--enable-eap-simaka-pseudonym"
"--enable-eap-simaka-reauth"
"--enable-eap-simaka-sql"
"--enable-eap-tls"
"--enable-eap-tnc"
"--enable-eap-ttls"
"--enable-ext-auth"
"--enable-farp"
"--enable-ha"
"--enable-led"
"--enable-md4"
"--enable-mediation"
"--enable-openssl"
"--enable-soup"
"--enable-sql"
"--enable-sqlite"
"--enable-xauth-eap"
"--enable-xauth-noauth"
"--enable-xauth-pam"
;; Use libcap by default.
"--with-capabilities=libcap")))
(inputs (inputs
`(("curl" ,curl) `(("curl" ,curl)
("gmp" ,gmp) ("gmp" ,gmp)
("libcap" ,libcap)
("libgcrypt" ,libgcrypt) ("libgcrypt" ,libgcrypt)
("libsoup" ,libsoup)
("linux-pam" ,linux-pam)
("openssl" ,openssl))) ("openssl" ,openssl)))
(native-inputs (native-inputs
`(("coreutils" ,coreutils) `(("coreutils" ,coreutils)
("pkg-config" ,pkg-config)
("tzdata" ,tzdata-for-tests))) ("tzdata" ,tzdata-for-tests)))
(synopsis "IKEv1/v2 keying daemon") (synopsis "IKEv1/v2 keying daemon")
(description "StrongSwan is an IPsec implementation originally based upon (description "StrongSwan is an IPsec implementation originally based upon