diff --git a/pkgs/tools/networking/libreswan/default.nix b/pkgs/tools/networking/libreswan/default.nix index 9a0b8c9ebf54..0f043c58a18d 100644 --- a/pkgs/tools/networking/libreswan/default.nix +++ b/pkgs/tools/networking/libreswan/default.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, makeWrapper, pkgconfig, systemd, gmp, unbound, bison, flex, pam, libevent, libcap_ng, curl, nspr, bash, iproute, iptables, procps, coreutils, gnused, gawk, nss, which, python, - docs ? false, xmlto + docs ? false, xmlto, libselinux, ldns }: let optional = stdenv.lib.optional; - version = "3.18"; + version = "3.29"; name = "libreswan-${version}"; binPath = stdenv.lib.makeBinPath [ bash iproute iptables procps coreutils gnused gawk nss.tools which python @@ -14,6 +14,7 @@ let in assert docs -> xmlto != null; +assert stdenv.isLinux -> libselinux != null; stdenv.mkDerivation { inherit name; @@ -21,7 +22,7 @@ stdenv.mkDerivation { src = fetchurl { url = "https://download.libreswan.org/${name}.tar.gz"; - sha256 = "0zginnakxw7m79zrdvfdvliaiyg78zgqfqkks9z5d1rjj5w13xig"; + sha256 = "0gmbb1m5in5dvnbk1n31r8myrdankzvi6yk9gcqbcwijyih423nn"; }; # These flags were added to compile v3.18. Try to lift them when updating. @@ -34,15 +35,21 @@ stdenv.mkDerivation { nativeBuildInputs = [ makeWrapper pkgconfig ]; buildInputs = [ bash iproute iptables systemd coreutils gnused gawk gmp unbound bison flex pam libevent - libcap_ng curl nspr nss python ] - ++ optional docs xmlto; + libcap_ng curl nspr nss python ldns ] + ++ optional docs xmlto + ++ optional stdenv.isLinux libselinux; prePatch = '' # Correct bash path sed -i -e 's|/bin/bash|/usr/bin/env bash|' mk/config.mk - # Fix systemd unit directory, and prevent the makefile from trying to reload the systemd daemon - sed -i -e 's|UNITDIR=.*$|UNITDIR=$\{out}/etc/systemd/system/|' -e 's|systemctl --system daemon-reload|true|' initsystems/systemd/Makefile + # Fix systemd unit directory, and prevent the makefile from trying to reload the + # systemd daemon or create tmpfiles + sed -i -e 's|UNITDIR=.*$|UNITDIR=$\{out}/etc/systemd/system/|g' \ + -e 's|TMPFILESDIR=.*$|TMPFILESDIR=$\{out}/tmpfiles.d/|g' \ + -e 's|systemctl|true|g' \ + -e 's|systemd-tmpfiles|true|g' \ + initsystems/systemd/Makefile # Fix the ipsec program from crushing the PATH sed -i -e 's|\(PATH=".*"\):.*$|\1:$PATH|' programs/ipsec/ipsec.in @@ -51,8 +58,6 @@ stdenv.mkDerivation { sed -i -e 's|#!/usr/bin/python|#!/usr/bin/env python|' -e 's/^\(\W*\)installstartcheck()/\1sscmd = "ss"\n\0/' programs/verify/verify.in ''; - patches = [ ./libreswan-3.18-glibc-2.26.patch ]; - # Set appropriate paths for build preBuild = "export INC_USRLOCAL=\${out}"; diff --git a/pkgs/tools/networking/libreswan/libreswan-3.18-glibc-2.26.patch b/pkgs/tools/networking/libreswan/libreswan-3.18-glibc-2.26.patch deleted file mode 100644 index 33c44f617a0a..000000000000 --- a/pkgs/tools/networking/libreswan/libreswan-3.18-glibc-2.26.patch +++ /dev/null @@ -1,36 +0,0 @@ -diff --git a/lib/libswan/id.c b/lib/libswan/id.c -index 8f06275..efb0394 100644 ---- a/lib/libswan/id.c -+++ b/lib/libswan/id.c -@@ -22,6 +22,7 @@ - #include <sys/socket.h> - #include <netinet/in.h> - #include <arpa/inet.h> -+#include <limits.h> - #include <unistd.h> - #ifndef HOST_NAME_MAX /* POSIX 1003.1-2001 says <unistd.h> defines this */ - #define HOST_NAME_MAX 255 /* upper bound, according to SUSv2 */ -diff --git a/linux/include/libreswan.h b/linux/include/libreswan.h -index c5efc6a..b0af4d7 100644 ---- a/linux/include/libreswan.h -+++ b/linux/include/libreswan.h -@@ -211,6 +211,7 @@ static inline deltatime_t monotimediff(monotime_t a, monotime_t b) { - #include <assert.h> - #define user_assert(foo) assert(foo) - #include <stdio.h> -+#include <stdint.h> - - # define uint8_t u_int8_t - # define uint16_t u_int16_t -diff --git a/programs/pluto/rcv_whack.c b/programs/pluto/rcv_whack.c -index 588c66c..4fc6289 100644 ---- a/programs/pluto/rcv_whack.c -+++ b/programs/pluto/rcv_whack.c -@@ -24,6 +24,7 @@ - #include <stddef.h> - #include <stdlib.h> - #include <string.h> -+#include <limits.h> - #include <unistd.h> - #ifndef HOST_NAME_MAX /* POSIX 1003.1-2001 says <unistd.h> defines this */ - # define HOST_NAME_MAX 255 /* upper bound, according to SUSv2 */