unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / code / Atom feed
* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
@ 2017-10-24 18:58 Adam Van Ymeren
  2017-10-24 20:05 ` [bug#28973] [PATCH] Add the patches necessary to build strongswan Adam Van Ymeren
                   ` (3 more replies)
  0 siblings, 4 replies; 18+ messages in thread
From: Adam Van Ymeren @ 2017-10-24 18:58 UTC (permalink / raw)
  To: 28973

Their website is not very precise about the licensing.  It just says
GPL2, but all the files I checked were GPL2+, except one which says
"MIT" but is really the text of the Expat license as listen on the FSF
directory.

I believe the licensing info is correct now but I didn't do an
exhaustive search of all files.

---
 gnu/packages/networking.scm | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
index 633b8ca43..6d639f716 100644
--- a/gnu/packages/networking.scm
+++ b/gnu/packages/networking.scm
@@ -78,6 +78,8 @@
   #:use-module (gnu packages valgrind)
   #:use-module (gnu packages wm)
   #:use-module (gnu packages xml)
+  #:use-module (gnu packages multiprecision)
+  #:use-module (gnu packages gnuzilla)
   #:use-module (ice-9 match))
 
 (define-public macchanger
@@ -1494,3 +1496,34 @@ interface and a programmable text output for scripting.")
     ;; Update the license field when upstream responds.
     (license (list license:bsd-2
                    license:expat))))
+
+(define-public strongswan
+  (package
+    (name "strongswan")
+    (version "5.6.0")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://download.strongswan.org/strongswan-" version ".tar.bz2"))
+       (sha256
+        (base32 "04vvha2zgsg1cq05cnn6sf7a4hq9ndnsfxpw1drm5v9l4vcw0kd1"))
+       (patches
+        (search-patches "strongswan-test_process-disable-all.patch"
+                        "strongswan-test_time_printf_hook-pass-in-utc.patch"))))
+    (build-system gnu-build-system)
+    (inputs
+     `(("gmp" ,gmp)
+       ("openssl" ,openssl)
+       ("libgcrypt" ,libgcrypt)
+       ("curl" ,curl)))
+    (synopsis "IKEv1/v2 keying daemon")
+    (description "strongswan is an open source IPSec implementation")
+    (home-page "https://strongswan.org/")
+    (license
+     ;; Everything seems to be gpl2+ except
+     ;; src/libcharon/plugins/vici/libvici.h which is MIT/expat.  The actual
+     ;; source file "libvici.h" claims it's MIT, but the actual text of the
+     ;; license is identical to expat as listed here:
+     ;; https://directory.fsf.org/wiki/License:Expat
+     (list license:gpl2+
+           license:expat))))
-- 
2.14.2

^ permalink raw reply related	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH] Add the patches necessary to build strongswan
  2017-10-24 18:58 [bug#28973] [PATCH 1/1] gnu: Add strongswan Adam Van Ymeren
@ 2017-10-24 20:05 ` Adam Van Ymeren
  2017-10-24 20:11 ` [bug#28973] [PATCH 1/1] gnu: Add strongswan Tobias Geerinckx-Rice
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 18+ messages in thread
From: Adam Van Ymeren @ 2017-10-24 20:05 UTC (permalink / raw)
  To: 28973

Forgot to include the patches, basically just disabling a few testcases
that fail in the build environment.

---
diff --git a/gnu/packages/patches/strongswan-test_process-disable-all.patch b/gnu/packages/patches/strongswan-test_process-disable-all.patch
new file mode 100644
index 000000000..df3d1f3be
--- /dev/null
+++ b/gnu/packages/patches/strongswan-test_process-disable-all.patch
@@ -0,0 +1,48 @@
+
+diff -Naur strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_process.c strongswan-5.6.0/src/libstrongswan/tests/suites/test_process.c
+--- strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_process.c	2016-04-22 16:01:35.000000000 -0400
++++ strongswan-5.6.0/src/libstrongswan/tests/suites/test_process.c	2017-10-23 15:10:12.753837342 -0400
+@@ -201,27 +201,27 @@
+
+ 	s = suite_create("process");
+
+-	tc = tcase_create("return values");
+-	tcase_add_test(tc, test_retval_true);
+-	tcase_add_test(tc, test_retval_false);
+-	suite_add_tcase(s, tc);
++	/* tc = tcase_create("return values"); */
++	/* tcase_add_test(tc, test_retval_true); */
++	/* tcase_add_test(tc, test_retval_false); */
++	/* suite_add_tcase(s, tc); */
+
+ 	tc = tcase_create("not found");
+ 	tcase_add_test(tc, test_not_found);
+ 	suite_add_tcase(s, tc);
+
+-	tc = tcase_create("echo");
+-	tcase_add_test(tc, test_echo);
+-	tcase_add_test(tc, test_echo_err);
+-	suite_add_tcase(s, tc);
+-
+-	tc = tcase_create("env");
+-	tcase_add_test(tc, test_env);
+-	suite_add_tcase(s, tc);
+-
+-	tc = tcase_create("shell");
+-	tcase_add_test(tc, test_shell);
+-	suite_add_tcase(s, tc);
++	/* tc = tcase_create("echo"); */
++	/* tcase_add_test(tc, test_echo); */
++	/* tcase_add_test(tc, test_echo_err); */
++	/* suite_add_tcase(s, tc); */
++
++	/* tc = tcase_create("env"); */
++	/* tcase_add_test(tc, test_env); */
++	/* suite_add_tcase(s, tc); */
++
++	/* tc = tcase_create("shell"); */
++	/* tcase_add_test(tc, test_shell); */
++	/* suite_add_tcase(s, tc); */
+
+ 	return s;
+ }
diff --git a/gnu/packages/patches/strongswan-test_time_printf_hook-pass-in-utc.patch b/gnu/packages/patches/strongswan-test_time_printf_hook-pass-in-utc.patch
new file mode 100644
index 000000000..a1d80cb3a
--- /dev/null
+++ b/gnu/packages/patches/strongswan-test_time_printf_hook-pass-in-utc.patch
@@ -0,0 +1,14 @@
+diff -Naur strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_utils.c strongswan-5.6.0/src/libstrongswan/tests/suites/test_utils.c
+--- strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_utils.c	2017-10-23 14:50:49.744343308 -0400
++++ strongswan-5.6.0/src/libstrongswan/tests/suites/test_utils.c	2017-10-23 14:51:07.911880335 -0400
+@@ -750,9 +750,9 @@
+ } time_data[] = {
+ 	{UNDEFINED_TIME, FALSE, "--- -- --:--:-- ----"},
+ 	{UNDEFINED_TIME, TRUE , "--- -- --:--:-- UTC ----"},
+-	{1, FALSE, "Jan 01 01:00:01 1970"},
++	{1, FALSE, "Jan 01 00:00:01 1970"},
+ 	{1, TRUE , "Jan 01 00:00:01 UTC 1970"},
+-	{1341150196, FALSE, "Jul 01 15:43:16 2012"},
++	{1341150196, FALSE, "Jul 01 13:43:16 2012"},
+ 	{1341150196, TRUE , "Jul 01 13:43:16 UTC 2012"},
+ };
-- 
2.14.2

^ permalink raw reply related	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2017-10-24 18:58 [bug#28973] [PATCH 1/1] gnu: Add strongswan Adam Van Ymeren
  2017-10-24 20:05 ` [bug#28973] [PATCH] Add the patches necessary to build strongswan Adam Van Ymeren
@ 2017-10-24 20:11 ` Tobias Geerinckx-Rice
  2017-10-24 23:08   ` Adam Van Ymeren
  2017-10-24 20:13 ` [bug#28973] " Tobias Geerinckx-Rice
  2018-01-23 20:43 ` [bug#28973] Updated: " Adam Van Ymeren
  3 siblings, 1 reply; 18+ messages in thread
From: Tobias Geerinckx-Rice @ 2017-10-24 20:11 UTC (permalink / raw)
  To: adam, 28973

Adam,

Adam Van Ymeren wrote on 24/10/17 at 20:58:
> Their website is not very precise about the licensing.  It just says
> GPL2, but all the files I checked were GPL2+, except one which says
> "MIT" but is really the text of the Expat license as listen on the FSF
> directory.

That's because what some call ‘MIT’ is almost always what the FSF (and
others) call ‘Expat’. The name ‘MIT’ is ambiguous and best avoided.

So you've made the right call :-)

> I believe the licensing info is correct now but I didn't do an
> exhaustive search of all files.

Unfortunately, that's the only way to be sure.

Most files are indeed GPL2+, or what I presume to be dual-licenced
GPL2+/Expat (e.g. src/swanctl/commands/list_sas.c).

A cursory inspection reveals additional BSD-4 headers in
src/libstrongswan/plugins/{blowfish,des}, BSD-3 in
src/include/sys/queue.h and src/libtncif/tncif*, and something vague in
src/libstrongswan/plugins/curve25519/ref10.

More eyeballs welcome.

> ---
>  gnu/packages/networking.scm | 33 +++++++++++++++++++++++++++++++++
>  1 file changed, 33 insertions(+)
> 
> diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
> index 633b8ca43..6d639f716 100644
> --- a/gnu/packages/networking.scm
> +++ b/gnu/packages/networking.scm
> @@ -78,6 +78,8 @@
>    #:use-module (gnu packages valgrind)
>    #:use-module (gnu packages wm)
>    #:use-module (gnu packages xml)
> +  #:use-module (gnu packages multiprecision)
> +  #:use-module (gnu packages gnuzilla)
>    #:use-module (ice-9 match))

Please try to keep these alphabetical. Aesthetic nit-picking aside, it
makes it harder to miss duplication, which does happen.

>  (define-public macchanger
> @@ -1494,3 +1496,34 @@ interface and a programmable text output for scripting.")
>      ;; Update the license field when upstream responds.
>      (license (list license:bsd-2
>                     license:expat))))
> +
> +(define-public strongswan
> +  (package
> +    (name "strongswan")
> +    (version "5.6.0")
> +    (source
> +     (origin
> +       (method url-fetch)
> +       (uri (string-append "https://download.strongswan.org/strongswan-" version ".tar.bz2"))
> +       (sha256
> +        (base32 "04vvha2zgsg1cq05cnn6sf7a4hq9ndnsfxpw1drm5v9l4vcw0kd1"))
> +       (patches
> +        (search-patches "strongswan-test_process-disable-all.patch"
> +                        "strongswan-test_time_printf_hook-pass-in-utc.patch"))))

These patches are missing from the series, so I can't build the package.

> +    (build-system gnu-build-system)
> +    (inputs
> +     `(("gmp" ,gmp)
> +       ("openssl" ,openssl)
> +       ("libgcrypt" ,libgcrypt)
> +       ("curl" ,curl)))

Please keep these alphabetically as well (or add explicit header
comments if the ordering is significant).

> +    (synopsis "IKEv1/v2 keying daemon")
> +    (description "strongswan is an open source IPSec implementation")

Newspeak aside[0], all software in Guix is Free. Removing ‘open source’
leaves us with a very short description indeed...

Is there a README, web, or man page who's opening paragraphs we could
shamelessly plunder?

> +    (home-page "https://strongswan.org/")
> +    (license
> +     ;; Everything seems to be gpl2+ except
> +     ;; src/libcharon/plugins/vici/libvici.h which is MIT/expat.  The actual
> +     ;; source file "libvici.h" claims it's MIT, but the actual text of the
> +     ;; license is identical to expat as listed here:
> +     ;; https://directory.fsf.org/wiki/License:Expat

The MIT/expat confusion is unfortunate but not unique to this package,
and doesn't need to be explained here.

> +     (list license:gpl2+
> +           license:expat))))

When possible, I prefer the more compact style of

  (list license:foo       ; src/frob.[ch], doc/frob.texi
        license:bar))))   ; everything else

but that's partly a matter of taste and line length.

Oh, and: thanks for packaging StrongSwan!

Kind regards,

T G-R

[0]: https://www.gnu.org/philosophy/open-source-misses-the-point.en.html

^ permalink raw reply	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2017-10-24 18:58 [bug#28973] [PATCH 1/1] gnu: Add strongswan Adam Van Ymeren
  2017-10-24 20:05 ` [bug#28973] [PATCH] Add the patches necessary to build strongswan Adam Van Ymeren
  2017-10-24 20:11 ` [bug#28973] [PATCH 1/1] gnu: Add strongswan Tobias Geerinckx-Rice
@ 2017-10-24 20:13 ` Tobias Geerinckx-Rice
  2018-01-23 20:43 ` [bug#28973] Updated: " Adam Van Ymeren
  3 siblings, 0 replies; 18+ messages in thread
From: Tobias Geerinckx-Rice @ 2017-10-24 20:13 UTC (permalink / raw)
  To: adam, 28973

I missed one:

Adam Van Ymeren wrote on 24/10/17 at 20:58:
> +       (uri (string-append "https://download.strongswan.org/strongswan-" version ".tar.bz2"))

should be split over 2 lines to silence the linter.

Kind regards,

T G-R

^ permalink raw reply	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2017-10-24 20:11 ` [bug#28973] [PATCH 1/1] gnu: Add strongswan Tobias Geerinckx-Rice
@ 2017-10-24 23:08   ` Adam Van Ymeren
  2017-11-19 22:43     ` Ludovic Courtès
  0 siblings, 1 reply; 18+ messages in thread
From: Adam Van Ymeren @ 2017-10-24 23:08 UTC (permalink / raw)
  To: Tobias Geerinckx-Rice; +Cc: 28973

Thanks for the repsonse and feedback!  I've appended a new patch at the
bottom of this message as well as replied to some of your comment inline.


Tobias Geerinckx-Rice <me@tobias.gr> writes:

>> I believe the licensing info is correct now but I didn't do an
>> exhaustive search of all files.
>
> Unfortunately, that's the only way to be sure.

Yeah, I was hoping somebody had a tool to make this faster :)  I wrote a
little script in guile and started working through it but its slow work.

I'm going on vacation next week so I might not be able to finish this
before then.

However it looks like Debian has a much more exhaustive listing of the
licenses here:
http://metadata.ftp-master.debian.org/changelogs/main/s/strongswan/strongswan_5.5.1-4+deb9u1_copyright

The 4 clause BSD licenses are troubling.  Apparently Debian doesn't
compile those files in their build.  Will have to investiate further.

For reference here's my shoddy guile script.

(use-modules (ice-9 ftw)
             (ice-9 textual-ports))

(define GPL " * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
")

(define GPL2 "--  This program is free software; you can redistribute it and/or modify it
--  under the terms of the GNU General Public License as published by the
--  Free Software Foundation; either version 2 of the License, or (at your
--  option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
")

(define (check-licenses preamble)
  (and (string? preamble)
       (not (string-contains preamble GPL))
       (not (string-contains preamble GPL2))))

(ftw
 "strongswan-5.6.0"
 (lambda (filename stat flag)
   (when (and
          (eq? flag 'regular)
          (not (member (substring (basename filename) (or (string-rindex (basename filename) #\.) 0))
                       '(".opt" ".conf" ".pem" ".in" ".am" ".mk" ".sql" "hostname" ".der" ".old" ".xml"))))
     (call-with-input-file filename
       (lambda (port)
         (let ((preamble (get-string-n port 5000)))
           (when (check-licenses preamble)
             (format #t "~A~%" filename))))))
   #t))


>> +    (synopsis "IKEv1/v2 keying daemon")
>> +    (description "strongswan is an open source IPSec implementation")
>
> Newspeak aside[0], all software in Guix is Free. Removing ‘open source’
> leaves us with a very short description indeed...
>
> Is there a README, web, or man page who's opening paragraphs we could
> shamelessly plunder?

I agree I don't like the usage of "open source" but that's how they
brand themselves, not sure if it's right for me to change it to read
Free Software.  I took this sentence from their README file.

How about this?  I wrote this based upon the top features they list on
their homepage.

"StrongSwan is an IPsec implementation originally based upon
the FreeS/WAN project.  It contains support for IKEv1, IKEv2, MOBIKE, IPv6,
NAT-T and more."


> Oh, and: thanks for packaging StrongSwan!

NP :).

Updated patch below.

diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
index 633b8ca43..552690556 100644
--- a/gnu/packages/networking.scm
+++ b/gnu/packages/networking.scm
@@ -64,6 +64,7 @@
   #:use-module (gnu packages libidn)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages lua)
+  #:use-module (gnu packages multiprecision)
   #:use-module (gnu packages kerberos)
   #:use-module (gnu packages ncurses)
   #:use-module (gnu packages pcre)
@@ -1494,3 +1495,35 @@ interface and a programmable text output for scripting.")
     ;; Update the license field when upstream responds.
     (license (list license:bsd-2
                    license:expat))))
+
+(define-public strongswan
+  (package
+    (name "strongswan")
+    (version "5.6.0")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://download.strongswan.org/strongswan-" version ".tar.bz2"))
+       (sha256
+        (base32 "04vvha2zgsg1cq05cnn6sf7a4hq9ndnsfxpw1drm5v9l4vcw0kd1"))
+       (patches
+        (search-patches "strongswan-test_process-disable-all.patch"
+                        "strongswan-test_time_printf_hook-pass-in-utc.patch"))))
+    (build-system gnu-build-system)
+    (inputs
+     `(("curl" ,curl)
+       ("gmp" ,gmp)
+       ("libgcrypt" ,libgcrypt)
+       ("openssl" ,openssl)))
+    (synopsis "IKEv1/v2 keying daemon")
+    (description "StrongSwan is an IPsec implementation originally based upon
+the FreeS/WAN project.  It contains support for IKEv1, IKEv2, MOBIKE, IPv6,
+NAT-T and more.")
+    (home-page "https://strongswan.org/")
+    (license
+     (list license:expat
+           license:bsd-3
+           license:bsd-4
+           license:gpl2+
+           license:public-domain ;src/libstrongswan/plugins/sha3/sha3_keccak.c
+           ))))
diff --git a/gnu/packages/patches/strongswan-test_process-disable-all.patch b/gnu/packages/patches/strongswan-test_process-disable-all.patch
new file mode 100644
index 000000000..df3d1f3be
--- /dev/null
+++ b/gnu/packages/patches/strongswan-test_process-disable-all.patch
@@ -0,0 +1,48 @@
+
+diff -Naur strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_process.c strongswan-5.6.0/src/libstrongswan/tests/suites/test_process.c
+--- strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_process.c	2016-04-22 16:01:35.000000000 -0400
++++ strongswan-5.6.0/src/libstrongswan/tests/suites/test_process.c	2017-10-23 15:10:12.753837342 -0400
+@@ -201,27 +201,27 @@
+
+ 	s = suite_create("process");
+
+-	tc = tcase_create("return values");
+-	tcase_add_test(tc, test_retval_true);
+-	tcase_add_test(tc, test_retval_false);
+-	suite_add_tcase(s, tc);
++	/* tc = tcase_create("return values"); */
++	/* tcase_add_test(tc, test_retval_true); */
++	/* tcase_add_test(tc, test_retval_false); */
++	/* suite_add_tcase(s, tc); */
+
+ 	tc = tcase_create("not found");
+ 	tcase_add_test(tc, test_not_found);
+ 	suite_add_tcase(s, tc);
+
+-	tc = tcase_create("echo");
+-	tcase_add_test(tc, test_echo);
+-	tcase_add_test(tc, test_echo_err);
+-	suite_add_tcase(s, tc);
+-
+-	tc = tcase_create("env");
+-	tcase_add_test(tc, test_env);
+-	suite_add_tcase(s, tc);
+-
+-	tc = tcase_create("shell");
+-	tcase_add_test(tc, test_shell);
+-	suite_add_tcase(s, tc);
++	/* tc = tcase_create("echo"); */
++	/* tcase_add_test(tc, test_echo); */
++	/* tcase_add_test(tc, test_echo_err); */
++	/* suite_add_tcase(s, tc); */
++
++	/* tc = tcase_create("env"); */
++	/* tcase_add_test(tc, test_env); */
++	/* suite_add_tcase(s, tc); */
++
++	/* tc = tcase_create("shell"); */
++	/* tcase_add_test(tc, test_shell); */
++	/* suite_add_tcase(s, tc); */
+
+ 	return s;
+ }
diff --git a/gnu/packages/patches/strongswan-test_time_printf_hook-pass-in-utc.patch b/gnu/packages/patches/strongswan-test_time_printf_hook-pass-in-utc.patch
new file mode 100644
index 000000000..a1d80cb3a
--- /dev/null
+++ b/gnu/packages/patches/strongswan-test_time_printf_hook-pass-in-utc.patch
@@ -0,0 +1,14 @@
+diff -Naur strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_utils.c strongswan-5.6.0/src/libstrongswan/tests/suites/test_utils.c
+--- strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_utils.c	2017-10-23 14:50:49.744343308 -0400
++++ strongswan-5.6.0/src/libstrongswan/tests/suites/test_utils.c	2017-10-23 14:51:07.911880335 -0400
+@@ -750,9 +750,9 @@
+ } time_data[] = {
+ 	{UNDEFINED_TIME, FALSE, "--- -- --:--:-- ----"},
+ 	{UNDEFINED_TIME, TRUE , "--- -- --:--:-- UTC ----"},
+-	{1, FALSE, "Jan 01 01:00:01 1970"},
++	{1, FALSE, "Jan 01 00:00:01 1970"},
+ 	{1, TRUE , "Jan 01 00:00:01 UTC 1970"},
+-	{1341150196, FALSE, "Jul 01 15:43:16 2012"},
++	{1341150196, FALSE, "Jul 01 13:43:16 2012"},
+ 	{1341150196, TRUE , "Jul 01 13:43:16 UTC 2012"},
+ };

^ permalink raw reply related	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2017-10-24 23:08   ` Adam Van Ymeren
@ 2017-11-19 22:43     ` Ludovic Courtès
  2017-11-19 23:20       ` Adam Van Ymeren
  0 siblings, 1 reply; 18+ messages in thread
From: Ludovic Courtès @ 2017-11-19 22:43 UTC (permalink / raw)
  To: Adam Van Ymeren; +Cc: 28973

Hello!

Adam Van Ymeren <adam@vany.ca> skribis:

> Updated patch below.

Tobias, should we go ahead and applied this updated patch?  Feel free to
do so if it looks good to you.  :-)

Thanks,
Ludo’.

^ permalink raw reply	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2017-11-19 22:43     ` Ludovic Courtès
@ 2017-11-19 23:20       ` Adam Van Ymeren
  2018-01-11 21:48         ` Ludovic Courtès
  0 siblings, 1 reply; 18+ messages in thread
From: Adam Van Ymeren @ 2017-11-19 23:20 UTC (permalink / raw)
  To: ludo; +Cc: 28973

On November 19, 2017 5:43:49 PM EST, ludo@gnu.org wrote:
>Hello!
>
>Adam Van Ymeren <adam@vany.ca> skribis:
>
>> Updated patch below.
>
>Tobias, should we go ahead and applied this updated patch?  Feel free
>to
>do so if it looks good to you.  :-)
>
>Thanks,
>Ludo’.

Hey Ludo,

I'm still not sure we've gotten all the licensing info correct.  I particular if I recall correctly there is some 4 clause BSD code in the source package that the debian package apparently avoids compiling.

I've been hoping to make a detailed pass of this package so I can say with confidence that the code licenses are correct, but I've been short on time.

^ permalink raw reply	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2017-11-19 23:20       ` Adam Van Ymeren
@ 2018-01-11 21:48         ` Ludovic Courtès
  2018-01-12 17:15           ` Adam Van Ymeren
  0 siblings, 1 reply; 18+ messages in thread
From: Ludovic Courtès @ 2018-01-11 21:48 UTC (permalink / raw)
  To: Adam Van Ymeren; +Cc: 28973

Hi Adam,

Adam Van Ymeren <adam@vany.ca> skribis:

> I'm still not sure we've gotten all the licensing info correct.  I particular if I recall correctly there is some 4 clause BSD code in the source package that the debian package apparently avoids compiling.
>
> I've been hoping to make a detailed pass of this package so I can say with confidence that the code licenses are correct, but I've been short on time.

Any update on this?

  https://bugs.gnu.org/28973

TIA,
Ludo’.

^ permalink raw reply	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2018-01-11 21:48         ` Ludovic Courtès
@ 2018-01-12 17:15           ` Adam Van Ymeren
  2018-01-13 13:52             ` Ludovic Courtès
  2018-01-13 14:00             ` Tobias Geerinckx-Rice
  0 siblings, 2 replies; 18+ messages in thread
From: Adam Van Ymeren @ 2018-01-12 17:15 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 28973

ludo@gnu.org (Ludovic Courtès) writes:

> Hi Adam,

Hey Ludo,

>
> Adam Van Ymeren <adam@vany.ca> skribis:
>
>> I'm still not sure we've gotten all the licensing info correct.  I particular if I recall correctly there is some 4 clause BSD code in the source package that the debian package apparently avoids compiling.
>>
>> I've been hoping to make a detailed pass of this package so I can say with confidence that the code licenses are correct, but I've been short on time.
>
> Any update on this?


Some progress but not ready yet sorry.  Been busy :).

The debian package appears to have an exhaustive list of licensing
information for all files in this package here[1].

There are a few files under the 4-clause BSD which appear to only be
related to DES encryption.  Debian's solution to this is to just disable
DES to avoid compiling and including the binaries from those 4-clause
BSD files.

Would that be an acceptable solution for Guix as well?  I can write a
tool to convert the information from debian/copyright into a format
suitable for the Guix package.

[1] - https://anonscm.debian.org/cgit/pkg-swan/strongswan.git/tree/debian/copyright

^ permalink raw reply	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2018-01-12 17:15           ` Adam Van Ymeren
@ 2018-01-13 13:52             ` Ludovic Courtès
  2018-01-13 14:00             ` Tobias Geerinckx-Rice
  1 sibling, 0 replies; 18+ messages in thread
From: Ludovic Courtès @ 2018-01-13 13:52 UTC (permalink / raw)
  To: Adam Van Ymeren; +Cc: 28973

Hello,

Adam Van Ymeren <adam@vany.ca> skribis:

>> Adam Van Ymeren <adam@vany.ca> skribis:
>>
>>> I'm still not sure we've gotten all the licensing info correct.  I particular if I recall correctly there is some 4 clause BSD code in the source package that the debian package apparently avoids compiling.
>>>
>>> I've been hoping to make a detailed pass of this package so I can say with confidence that the code licenses are correct, but I've been short on time.
>>
>> Any update on this?
>
>
> Some progress but not ready yet sorry.  Been busy :).
>
> The debian package appears to have an exhaustive list of licensing
> information for all files in this package here[1].
>
> There are a few files under the 4-clause BSD which appear to only be
> related to DES encryption.  Debian's solution to this is to just disable
> DES to avoid compiling and including the binaries from those 4-clause
> BSD files.
>
> Would that be an acceptable solution for Guix as well?

I think so.

> I can write a tool to convert the information from debian/copyright
> into a format suitable for the Guix package.

That would be handy, though debian/copyright is much more detailed than
a ‘license’ field (I didn’t know it’s become machine-readable, nice!).

Thanks,
Ludo’.

^ permalink raw reply	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2018-01-12 17:15           ` Adam Van Ymeren
  2018-01-13 13:52             ` Ludovic Courtès
@ 2018-01-13 14:00             ` Tobias Geerinckx-Rice
  2018-01-15 20:36               ` Adam Van Ymeren
  1 sibling, 1 reply; 18+ messages in thread
From: Tobias Geerinckx-Rice @ 2018-01-13 14:00 UTC (permalink / raw)
  To: adam, ludo; +Cc: 28973

Adam,

I was writing basically a copy of Ludo's message when that arrived...
All good!

Kind regards,

T G-R

^ permalink raw reply	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2018-01-13 14:00             ` Tobias Geerinckx-Rice
@ 2018-01-15 20:36               ` Adam Van Ymeren
  2018-01-15 21:50                 ` Tobias Geerinckx-Rice
  2018-01-30 21:22                 ` Ludovic Courtès
  0 siblings, 2 replies; 18+ messages in thread
From: Adam Van Ymeren @ 2018-01-15 20:36 UTC (permalink / raw)
  To: 28973

Okay updated patch below.  I pulled all the copyright information from
the debian package.  Added configure arguments to avoid compiling source
files which are 4-clause BSD licensed.

There is one file who's license I am not sure what to name.

src/libstrongswan/plugins/pkcs11.h

The text of the license is:

"This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved."

Debian listed this as "MIT" but I don't believe that is correct.  I
can't find text of any "MIT" license like this, and it doesn't match the
expat license either.

So, not really sure what to do there.

diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
index 2c55d6793..c0f66cfcc 100644
--- a/gnu/packages/networking.scm
+++ b/gnu/packages/networking.scm
@@ -66,6 +66,7 @@
   #:use-module (gnu packages libidn)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages lua)
+  #:use-module (gnu packages multiprecision)
   #:use-module (gnu packages kerberos)
   #:use-module (gnu packages ncurses)
   #:use-module (gnu packages pcre)
@@ -1498,6 +1499,60 @@ interface and a programmable text output for scripting.")
     (license (list license:bsd-2
                    license:expat))))

+(define-public strongswan
+  (package
+    (name "strongswan")
+    (version "5.6.1")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://download.strongswan.org/strongswan-" version ".tar.bz2"))
+       (sha256
+        (base32 "0lxbyiary8iapx3ysw40czrmxf983fhfzs5mvz2hk1j1mpc85hp0"))
+       (patches
+        (search-patches "strongswan-test_process-disable-all.patch"
+                        "strongswan-test_time_printf_hook-pass-in-utc.patch"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:configure-flags
+       (list
+        ;; Disable bsd-4 licensed plugins
+        "--disable-des"
+        "--disable-blowfish")))
+    (inputs
+     `(("curl" ,curl)
+       ("gmp" ,gmp)
+       ("libgcrypt" ,libgcrypt)
+       ("openssl" ,openssl)))
+    (synopsis "IKEv1/v2 keying daemon")
+    (description "StrongSwan is an IPsec implementation originally based upon
+the FreeS/WAN project.  It contains support for IKEv1, IKEv2, MOBIKE, IPv6,
+NAT-T and more.")
+    (home-page "https://strongswan.org/")
+    (license
+     (list license:gpl2+
+           ;; src/aikgen/*
+           ;; src/libcharon/plugins/dnscert/*
+           ;; src/libcharon/plugins/ext_auth/*
+           ;; src/libcharon/plugins/vici/ruby/*
+           ;; src/libcharon/plugins/xauth_pam/xauth_pam_listener.[ch]
+           license:expat
+           ;; src/inclue/sys/*
+           license:bsd-3
+           ;; src/libstrongswan/plugins/sha3/sha3_keccak.c
+           license:public-domain
+           ;; These files are not included in the
+           ;; build, they are disabled through
+           ;; options to ./configure
+           ;;
+           ;; src/libstrongswan/plugins/blowfish/bf_enc.c
+           ;; src/libstrongswan/plugins/blowfish/bf_locl.h
+           ;; src/libstrongswan/plugins/blowfish/bf_pi.h
+           ;; src/libstrongswan/plugins/blowfish/bf_skey.c
+           ;; src/libstrongswan/plugins/blowfish/blowfish_crypter.c
+           ;; src/libstrongswan/plugins/des/des_crypter.c
+           license:bsd-4))))
+
 (define-public libnet
   (package
     (name "libnet")
diff --git a/gnu/packages/patches/strongswan-test_process-disable-all.patch b/gnu/packages/patches/strongswan-test_process-disable-all.patch
new file mode 100644
index 000000000..df3d1f3be
--- /dev/null
+++ b/gnu/packages/patches/strongswan-test_process-disable-all.patch
@@ -0,0 +1,48 @@
+
+diff -Naur strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_process.c strongswan-5.6.0/src/libstrongswan/tests/suites/test_process.c
+--- strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_process.c	2016-04-22 16:01:35.000000000 -0400
++++ strongswan-5.6.0/src/libstrongswan/tests/suites/test_process.c	2017-10-23 15:10:12.753837342 -0400
+@@ -201,27 +201,27 @@
+
+ 	s = suite_create("process");
+
+-	tc = tcase_create("return values");
+-	tcase_add_test(tc, test_retval_true);
+-	tcase_add_test(tc, test_retval_false);
+-	suite_add_tcase(s, tc);
++	/* tc = tcase_create("return values"); */
++	/* tcase_add_test(tc, test_retval_true); */
++	/* tcase_add_test(tc, test_retval_false); */
++	/* suite_add_tcase(s, tc); */
+
+ 	tc = tcase_create("not found");
+ 	tcase_add_test(tc, test_not_found);
+ 	suite_add_tcase(s, tc);
+
+-	tc = tcase_create("echo");
+-	tcase_add_test(tc, test_echo);
+-	tcase_add_test(tc, test_echo_err);
+-	suite_add_tcase(s, tc);
+-
+-	tc = tcase_create("env");
+-	tcase_add_test(tc, test_env);
+-	suite_add_tcase(s, tc);
+-
+-	tc = tcase_create("shell");
+-	tcase_add_test(tc, test_shell);
+-	suite_add_tcase(s, tc);
++	/* tc = tcase_create("echo"); */
++	/* tcase_add_test(tc, test_echo); */
++	/* tcase_add_test(tc, test_echo_err); */
++	/* suite_add_tcase(s, tc); */
++
++	/* tc = tcase_create("env"); */
++	/* tcase_add_test(tc, test_env); */
++	/* suite_add_tcase(s, tc); */
++
++	/* tc = tcase_create("shell"); */
++	/* tcase_add_test(tc, test_shell); */
++	/* suite_add_tcase(s, tc); */
+
+ 	return s;
+ }
diff --git a/gnu/packages/patches/strongswan-test_time_printf_hook-pass-in-utc.patch b/gnu/packages/patches/strongswan-test_time_printf_hook-pass-in-utc.patch
new file mode 100644
index 000000000..a1d80cb3a
--- /dev/null
+++ b/gnu/packages/patches/strongswan-test_time_printf_hook-pass-in-utc.patch
@@ -0,0 +1,14 @@
+diff -Naur strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_utils.c strongswan-5.6.0/src/libstrongswan/tests/suites/test_utils.c
+--- strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_utils.c	2017-10-23 14:50:49.744343308 -0400
++++ strongswan-5.6.0/src/libstrongswan/tests/suites/test_utils.c	2017-10-23 14:51:07.911880335 -0400
+@@ -750,9 +750,9 @@
+ } time_data[] = {
+ 	{UNDEFINED_TIME, FALSE, "--- -- --:--:-- ----"},
+ 	{UNDEFINED_TIME, TRUE , "--- -- --:--:-- UTC ----"},
+-	{1, FALSE, "Jan 01 01:00:01 1970"},
++	{1, FALSE, "Jan 01 00:00:01 1970"},
+ 	{1, TRUE , "Jan 01 00:00:01 UTC 1970"},
+-	{1341150196, FALSE, "Jul 01 15:43:16 2012"},
++	{1341150196, FALSE, "Jul 01 13:43:16 2012"},
+ 	{1341150196, TRUE , "Jul 01 13:43:16 UTC 2012"},
+ };

^ permalink raw reply related	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2018-01-15 20:36               ` Adam Van Ymeren
@ 2018-01-15 21:50                 ` Tobias Geerinckx-Rice
  2018-01-15 22:32                   ` Adam Van Ymeren
  2018-01-30 21:22                 ` Ludovic Courtès
  1 sibling, 1 reply; 18+ messages in thread
From: Tobias Geerinckx-Rice @ 2018-01-15 21:50 UTC (permalink / raw)
  To: adam, 28973

Adam Van Ymeren wrote on 15/01/18 at 21:36:
> There is one file who's license I am not sure what to name.
> 
> src/libstrongswan/plugins/pkcs11.h
> 
> The text of the license is:
> 
> "This file is free software; as a special exception the author gives
> unlimited permission to copy and/or distribute it, with or without
> modifications, as long as this notice is preserved."
> 
> Debian listed this as "MIT" but I don't believe that is correct.  I
> can't find text of any "MIT" license like this, and it doesn't match the
> expat license either.

There's always the non-copyleft procedure for uncommon (but free)
licences that don't have their own entry.

Is that the entire licence text? It sounds strange to me (exception to
what?). I'm obviously not clever enough to be a lawyer.

Yay,

T G-R

^ permalink raw reply	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2018-01-15 21:50                 ` Tobias Geerinckx-Rice
@ 2018-01-15 22:32                   ` Adam Van Ymeren
  0 siblings, 0 replies; 18+ messages in thread
From: Adam Van Ymeren @ 2018-01-15 22:32 UTC (permalink / raw)
  To: Tobias Geerinckx-Rice, 28973

On January 15, 2018 4:50:08 PM EST, Tobias Geerinckx-Rice <me@tobias.gr> wrote:
>There's always the non-copyleft procedure for uncommon (but free)
>licences that don't have their own entry.

Didn't know about that.  That's probably the right thing to use here?

>
>Is that the entire licence text? It sounds strange to me (exception to
>what?). I'm obviously not clever enough to be a lawyer.

Yeah thats the entire licence text, it is strange.  It's similar to what appears in the top of '"configure" scripts as generated by autoconf.

>
>Yay,
>
>T G-R

^ permalink raw reply	[flat|nested] 18+ messages in thread

* [bug#28973] Updated: [PATCH 1/1] gnu: Add strongswan.
  2017-10-24 18:58 [bug#28973] [PATCH 1/1] gnu: Add strongswan Adam Van Ymeren
                   ` (2 preceding siblings ...)
  2017-10-24 20:13 ` [bug#28973] " Tobias Geerinckx-Rice
@ 2018-01-23 20:43 ` Adam Van Ymeren
  3 siblings, 0 replies; 18+ messages in thread
From: Adam Van Ymeren @ 2018-01-23 20:43 UTC (permalink / raw)
  To: 28973


I think this is good to commit now.  I've put in all the licensing info,
disabled compilation of BSD-4 licensed files, and documented one file
with a unknown but permissive license.

---

diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
index 2c55d6793..343708c1e 100644
--- a/gnu/packages/networking.scm
+++ b/gnu/packages/networking.scm
@@ -66,6 +66,7 @@
   #:use-module (gnu packages libidn)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages lua)
+  #:use-module (gnu packages multiprecision)
   #:use-module (gnu packages kerberos)
   #:use-module (gnu packages ncurses)
   #:use-module (gnu packages pcre)
@@ -1498,6 +1499,65 @@ interface and a programmable text output for scripting.")
     (license (list license:bsd-2
                    license:expat))))

+(define-public strongswan
+  (package
+    (name "strongswan")
+    (version "5.6.1")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://download.strongswan.org/strongswan-" version ".tar.bz2"))
+       (sha256
+        (base32 "0lxbyiary8iapx3ysw40czrmxf983fhfzs5mvz2hk1j1mpc85hp0"))
+       (patches
+        (search-patches "strongswan-test_process-disable-all.patch"
+                        "strongswan-test_time_printf_hook-pass-in-utc.patch"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:configure-flags
+       (list
+        ;; Disable bsd-4 licensed plugins
+        "--disable-des"
+        "--disable-blowfish")))
+    (inputs
+     `(("curl" ,curl)
+       ("gmp" ,gmp)
+       ("libgcrypt" ,libgcrypt)
+       ("openssl" ,openssl)))
+    (synopsis "IKEv1/v2 keying daemon")
+    (description "StrongSwan is an IPsec implementation originally based upon
+the FreeS/WAN project.  It contains support for IKEv1, IKEv2, MOBIKE, IPv6,
+NAT-T and more.")
+    (home-page "https://strongswan.org/")
+    (license
+     (list license:gpl2+
+           ;; src/aikgen/*
+           ;; src/libcharon/plugins/dnscert/*
+           ;; src/libcharon/plugins/ext_auth/*
+           ;; src/libcharon/plugins/vici/ruby/*
+           ;; src/libcharon/plugins/xauth_pam/xauth_pam_listener.[ch]
+           license:expat
+           ;; src/inclue/sys/*
+           license:bsd-3
+           ;; src/libstrongswan/plugins/sha3/sha3_keccak.c
+           license:public-domain
+           ;; src/libstrongswan/plugins/pkcs11/pkcs11.h
+           (license:non-copyleft
+            "file://src/libstrongswan/plugins/pkcs11/pkcs11.h"
+            "pkcs11 contains a unknown permissive license. View the specific
+file for more details.")
+           ;; These files are not included in the
+           ;; build, they are disabled through
+           ;; options to ./configure
+           ;;
+           ;; src/libstrongswan/plugins/blowfish/bf_enc.c
+           ;; src/libstrongswan/plugins/blowfish/bf_locl.h
+           ;; src/libstrongswan/plugins/blowfish/bf_pi.h
+           ;; src/libstrongswan/plugins/blowfish/bf_skey.c
+           ;; src/libstrongswan/plugins/blowfish/blowfish_crypter.c
+           ;; src/libstrongswan/plugins/des/des_crypter.c
+           license:bsd-4))))
+
diff --git a/gnu/packages/patches/strongswan-test_process-disable-all.patch b/gnu/packages/patches/strongswan-test_process-disable-all.patch
new file mode 100644
index 000000000..df3d1f3be
--- /dev/null
+++ b/gnu/packages/patches/strongswan-test_process-disable-all.patch
@@ -0,0 +1,48 @@
+
+diff -Naur strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_process.c strongswan-5.6.0/src/libstrongswan/tests/suites/test_process.c
+--- strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_process.c	2016-04-22 16:01:35.000000000 -0400
++++ strongswan-5.6.0/src/libstrongswan/tests/suites/test_process.c	2017-10-23 15:10:12.753837342 -0400
+@@ -201,27 +201,27 @@
+
+ 	s = suite_create("process");
+
+-	tc = tcase_create("return values");
+-	tcase_add_test(tc, test_retval_true);
+-	tcase_add_test(tc, test_retval_false);
+-	suite_add_tcase(s, tc);
++	/* tc = tcase_create("return values"); */
++	/* tcase_add_test(tc, test_retval_true); */
++	/* tcase_add_test(tc, test_retval_false); */
++	/* suite_add_tcase(s, tc); */
+
+ 	tc = tcase_create("not found");
+ 	tcase_add_test(tc, test_not_found);
+ 	suite_add_tcase(s, tc);
+
+-	tc = tcase_create("echo");
+-	tcase_add_test(tc, test_echo);
+-	tcase_add_test(tc, test_echo_err);
+-	suite_add_tcase(s, tc);
+-
+-	tc = tcase_create("env");
+-	tcase_add_test(tc, test_env);
+-	suite_add_tcase(s, tc);
+-
+-	tc = tcase_create("shell");
+-	tcase_add_test(tc, test_shell);
+-	suite_add_tcase(s, tc);
++	/* tc = tcase_create("echo"); */
++	/* tcase_add_test(tc, test_echo); */
++	/* tcase_add_test(tc, test_echo_err); */
++	/* suite_add_tcase(s, tc); */
++
++	/* tc = tcase_create("env"); */
++	/* tcase_add_test(tc, test_env); */
++	/* suite_add_tcase(s, tc); */
++
++	/* tc = tcase_create("shell"); */
++	/* tcase_add_test(tc, test_shell); */
++	/* suite_add_tcase(s, tc); */
+
+ 	return s;
+ }
diff --git a/gnu/packages/patches/strongswan-test_time_printf_hook-pass-in-utc.patch b/gnu/packages/patches/strongswan-test_time_printf_hook-pass-in-utc.patch
new file mode 100644
index 000000000..a1d80cb3a
--- /dev/null
+++ b/gnu/packages/patches/strongswan-test_time_printf_hook-pass-in-utc.patch
@@ -0,0 +1,14 @@
+diff -Naur strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_utils.c strongswan-5.6.0/src/libstrongswan/tests/suites/test_utils.c
+--- strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_utils.c	2017-10-23 14:50:49.744343308 -0400
++++ strongswan-5.6.0/src/libstrongswan/tests/suites/test_utils.c	2017-10-23 14:51:07.911880335 -0400
+@@ -750,9 +750,9 @@
+ } time_data[] = {
+ 	{UNDEFINED_TIME, FALSE, "--- -- --:--:-- ----"},
+ 	{UNDEFINED_TIME, TRUE , "--- -- --:--:-- UTC ----"},
+-	{1, FALSE, "Jan 01 01:00:01 1970"},
++	{1, FALSE, "Jan 01 00:00:01 1970"},
+ 	{1, TRUE , "Jan 01 00:00:01 UTC 1970"},
+-	{1341150196, FALSE, "Jul 01 15:43:16 2012"},
++	{1341150196, FALSE, "Jul 01 13:43:16 2012"},
+ 	{1341150196, TRUE , "Jul 01 13:43:16 UTC 2012"},
+ };

^ permalink raw reply related	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2018-01-15 20:36               ` Adam Van Ymeren
  2018-01-15 21:50                 ` Tobias Geerinckx-Rice
@ 2018-01-30 21:22                 ` Ludovic Courtès
  2018-01-31 19:46                   ` Adam Van Ymeren
  1 sibling, 1 reply; 18+ messages in thread
From: Ludovic Courtès @ 2018-01-30 21:22 UTC (permalink / raw)
  To: Adam Van Ymeren; +Cc: 28973

Hi,

Adam Van Ymeren <adam@vany.ca> skribis:

> Okay updated patch below.  I pulled all the copyright information from
> the debian package.  Added configure arguments to avoid compiling source
> files which are 4-clause BSD licensed.
>
> There is one file who's license I am not sure what to name.
>
> src/libstrongswan/plugins/pkcs11.h
>
> The text of the license is:
>
> "This file is free software; as a special exception the author gives
> unlimited permission to copy and/or distribute it, with or without
> modifications, as long as this notice is preserved."
>
> Debian listed this as "MIT" but I don't believe that is correct.  I
> can't find text of any "MIT" license like this, and it doesn't match the
> expat license either.

Like you wrote it’s like what short GNU helper files have, so you could
use ‘non-copyleft’ like Tobias mentions.

To me the only remaining issue is:

> --- /dev/null
> +++ b/gnu/packages/patches/strongswan-test_process-disable-all.patch
> @@ -0,0 +1,48 @@
> +

For both patches please add two or three lines explaining what the patch
does and why.

The first one can probably be called ‘strongswan-skip-tests.patch’.

> +diff -Naur strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_process.c strongswan-5.6.0/src/libstrongswan/tests/suites/test_process.c
> +--- strongswan-5.6.0-original/src/libstrongswan/tests/suites/test_process.c	2016-04-22 16:01:35.000000000 -0400
> ++++ strongswan-5.6.0/src/libstrongswan/tests/suites/test_process.c	2017-10-23 15:10:12.753837342 -0400
> +@@ -201,27 +201,27 @@
> +
> + 	s = suite_create("process");
> +
> +-	tc = tcase_create("return values");
> +-	tcase_add_test(tc, test_retval_true);
> +-	tcase_add_test(tc, test_retval_false);
> +-	suite_add_tcase(s, tc);
> ++	/* tc = tcase_create("return values"); */
> ++	/* tcase_add_test(tc, test_retval_true); */
> ++	/* tcase_add_test(tc, test_retval_false); */
> ++	/* suite_add_tcase(s, tc); */

As a bonus, it’s better if you remove the lines instead of commenting
them out: it makes the patch shorter and easier to read.

Could you send an updated patch?  We’re pretty much done.  :-)

Thank you!

Ludo’.

^ permalink raw reply	[flat|nested] 18+ messages in thread

* [bug#28973] [PATCH 1/1] gnu: Add strongswan.
  2018-01-30 21:22                 ` Ludovic Courtès
@ 2018-01-31 19:46                   ` Adam Van Ymeren
  2018-01-31 22:33                     ` bug#28973: " Ludovic Courtès
  0 siblings, 1 reply; 18+ messages in thread
From: Adam Van Ymeren @ 2018-01-31 19:46 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 28973

Okay I think I've done all your comments.  I figured out how to get some
of the tests that were failing to pass so I dropped one of the patches
and cleaned up the other one.

I also added non-copyleft license for that one file.

I spent some time trying to debug the remaining failing tests.  They
make some assumptions about paths which are not true in the build
container, I managed to get some to pass when I run manually in a
container from guix environment -C, but they still fail when $ guix
build runs, so I've left in the patch to disable them.  They're really
not essential tests.

Updated patch below.

---
 gnu/packages/networking.scm                      | 71 ++++++++++++++++++++++++
 gnu/packages/patches/strongswan-skip-tests.patch | 33 +++++++++++
 2 files changed, 104 insertions(+)
 create mode 100644 gnu/packages/patches/strongswan-skip-tests.patch

diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
index 2c55d6793..0138e59e3 100644
--- a/gnu/packages/networking.scm
+++ b/gnu/packages/networking.scm
@@ -49,6 +49,7 @@
   #:use-module (gnu packages algebra)
   #:use-module (gnu packages audio)
   #:use-module (gnu packages autotools)
+  #:use-module (gnu packages base)
   #:use-module (gnu packages bison)
   #:use-module (gnu packages check)
   #:use-module (gnu packages code)
@@ -66,6 +67,7 @@
   #:use-module (gnu packages libidn)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages lua)
+  #:use-module (gnu packages multiprecision)
   #:use-module (gnu packages kerberos)
   #:use-module (gnu packages ncurses)
   #:use-module (gnu packages pcre)
@@ -1567,3 +1569,72 @@ routers (or @dfn{hops}) between the local host and a user-specified destination.
 It then continually measures the response time and packet loss at each hop, and
 displays the results in real time.")
     (license license:gpl2+)))
+
+(define-public strongswan
+  (package
+    (name "strongswan")
+    (version "5.6.1")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://download.strongswan.org/strongswan-" version ".tar.bz2"))
+       (sha256
+        (base32 "0lxbyiary8iapx3ysw40czrmxf983fhfzs5mvz2hk1j1mpc85hp0"))
+       (patches
+        (search-patches "strongswan-skip-tests.patch"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         ;; This is needed for tests
+         (add-after 'unpack 'set-TZDIR
+           (lambda* (#:key inputs #:allow-other-keys)
+             (setenv "TZDIR" (string-append (assoc-ref inputs "tzdata")
+                                            "/share/zoneinfo"))
+             #t)))
+       #:configure-flags
+       (list
+        ;; Disable bsd-4 licensed plugins
+        "--disable-des"
+        "--disable-blowfish")))
+    (inputs
+     `(("curl" ,curl)
+       ("gmp" ,gmp)
+       ("libgcrypt" ,libgcrypt)
+       ("openssl" ,openssl)))
+    (native-inputs
+     `(("coreutils" ,coreutils)
+       ("tzdata" ,tzdata-2017a)))
+    (synopsis "IKEv1/v2 keying daemon")
+    (description "StrongSwan is an IPsec implementation originally based upon
+the FreeS/WAN project.  It contains support for IKEv1, IKEv2, MOBIKE, IPv6,
+NAT-T and more.")
+    (home-page "https://strongswan.org/")
+    (license
+     (list license:gpl2+
+           ;; src/aikgen/*
+           ;; src/libcharon/plugins/dnscert/*
+           ;; src/libcharon/plugins/ext_auth/*
+           ;; src/libcharon/plugins/vici/ruby/*
+           ;; src/libcharon/plugins/xauth_pam/xauth_pam_listener.[ch]
+           license:expat
+           ;; src/inclue/sys/*
+           license:bsd-3
+           ;; src/libstrongswan/plugins/sha3/sha3_keccak.c
+           license:public-domain
+           ;; src/libstrongswan/plugins/pkcs11/pkcs11.h
+           (license:non-copyleft
+            "file://src/libstrongswan/plugins/pkcs11/pkcs11.h"
+            "pkcs11 contains a unknown permissive license. View the specific
+file for more details.")
+           ;; These files are not included in the
+           ;; build, they are disabled through
+           ;; options to ./configure
+           ;;
+           ;; src/libstrongswan/plugins/blowfish/bf_enc.c
+           ;; src/libstrongswan/plugins/blowfish/bf_locl.h
+           ;; src/libstrongswan/plugins/blowfish/bf_pi.h
+           ;; src/libstrongswan/plugins/blowfish/bf_skey.c
+           ;; src/libstrongswan/plugins/blowfish/blowfish_crypter.c
+           ;; src/libstrongswan/plugins/des/des_crypter.c
+           license:bsd-4))))
diff --git a/gnu/packages/patches/strongswan-skip-tests.patch b/gnu/packages/patches/strongswan-skip-tests.patch
new file mode 100644
index 000000000..b2a93ea99
--- /dev/null
+++ b/gnu/packages/patches/strongswan-skip-tests.patch
@@ -0,0 +1,33 @@
+Delete some tests that fail to run in the build container.
+
+diff -ur strongswan-5.6.1-original/src/libstrongswan/tests/suites/test_process.c strongswan-5.6.1/src/libstrongswan/tests/suites/test_process.c
+--- strongswan-5.6.1-original/src/libstrongswan/tests/suites/test_process.c	2016-04-22 16:01:35.000000000 -0400
++++ strongswan-5.6.1/src/libstrongswan/tests/suites/test_process.c	2018-01-31 14:31:39.644634648 -0500
+@@ -201,27 +201,9 @@
+
+ 	s = suite_create("process");
+
+-	tc = tcase_create("return values");
+-	tcase_add_test(tc, test_retval_true);
+-	tcase_add_test(tc, test_retval_false);
+-	suite_add_tcase(s, tc);
+-
+ 	tc = tcase_create("not found");
+ 	tcase_add_test(tc, test_not_found);
+ 	suite_add_tcase(s, tc);
+
+-	tc = tcase_create("echo");
+-	tcase_add_test(tc, test_echo);
+-	tcase_add_test(tc, test_echo_err);
+-	suite_add_tcase(s, tc);
+-
+-	tc = tcase_create("env");
+-	tcase_add_test(tc, test_env);
+-	suite_add_tcase(s, tc);
+-
+-	tc = tcase_create("shell");
+-	tcase_add_test(tc, test_shell);
+-	suite_add_tcase(s, tc);
+-
+ 	return s;
+ }
-- 
2.15.1

^ permalink raw reply related	[flat|nested] 18+ messages in thread

* bug#28973: [PATCH 1/1] gnu: Add strongswan.
  2018-01-31 19:46                   ` Adam Van Ymeren
@ 2018-01-31 22:33                     ` Ludovic Courtès
  0 siblings, 0 replies; 18+ messages in thread
From: Ludovic Courtès @ 2018-01-31 22:33 UTC (permalink / raw)
  To: Adam Van Ymeren; +Cc: 28973-done

Adam Van Ymeren <adam@vany.ca> skribis:

> Okay I think I've done all your comments.  I figured out how to get some
> of the tests that were failing to pass so I dropped one of the patches
> and cleaned up the other one.
>
> I also added non-copyleft license for that one file.
>
> I spent some time trying to debug the remaining failing tests.  They
> make some assumptions about paths which are not true in the build
> container, I managed to get some to pass when I run manually in a
> container from guix environment -C, but they still fail when $ guix
> build runs, so I've left in the patch to disable them.  They're really
> not essential tests.

I’ve adjusted said file names in test_process.c and in the library,
removed the patch (tests pass!), adjusted the commit log, and pushed as
5f645557a475696c17d936024018103811e1a525.

Thanks!

Ludo’.

^ permalink raw reply	[flat|nested] 18+ messages in thread

end of thread, other threads:[~2018-01-31 22:34 UTC | newest]

Thread overview: 18+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-10-24 18:58 [bug#28973] [PATCH 1/1] gnu: Add strongswan Adam Van Ymeren
2017-10-24 20:05 ` [bug#28973] [PATCH] Add the patches necessary to build strongswan Adam Van Ymeren
2017-10-24 20:11 ` [bug#28973] [PATCH 1/1] gnu: Add strongswan Tobias Geerinckx-Rice
2017-10-24 23:08   ` Adam Van Ymeren
2017-11-19 22:43     ` Ludovic Courtès
2017-11-19 23:20       ` Adam Van Ymeren
2018-01-11 21:48         ` Ludovic Courtès
2018-01-12 17:15           ` Adam Van Ymeren
2018-01-13 13:52             ` Ludovic Courtès
2018-01-13 14:00             ` Tobias Geerinckx-Rice
2018-01-15 20:36               ` Adam Van Ymeren
2018-01-15 21:50                 ` Tobias Geerinckx-Rice
2018-01-15 22:32                   ` Adam Van Ymeren
2018-01-30 21:22                 ` Ludovic Courtès
2018-01-31 19:46                   ` Adam Van Ymeren
2018-01-31 22:33                     ` bug#28973: " Ludovic Courtès
2017-10-24 20:13 ` [bug#28973] " Tobias Geerinckx-Rice
2018-01-23 20:43 ` [bug#28973] Updated: " Adam Van Ymeren

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).