* [bug#27549] [PATCH] gnu: vpnc: Update to 0.5.3, revision-550.
@ 2017-07-01 14:48 Jelle Licht
2017-07-01 14:55 ` Jelle Licht
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Jelle Licht @ 2017-07-01 14:48 UTC (permalink / raw)
To: 27549
[-- Attachment #1: Type: text/plain, Size: 507 bytes --]
Hello Guix,
Having tried to get `vpnc' working with my university's vpn system, and
failing, I looked into other distributions and how they got it to work.
It seems that most people use an updated version of the bundled
`vpnc-script' to make it work.
This patch updates `vpnc' to make use of the latest revision of the public
Subversion repo. It also includes the updated `vpnc-script'. To note,
our old `vpnc' (and its included `vpnc-script') crashed when trying to
conn
ect to any vpn.
Regards,
Jelle
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-vpnc-Update-to-0.5.3-revision-550.patch --]
[-- Type: text/x-patch, Size: 8236 bytes --]
From fed76ff5a53a5b32d333085deb9eeba3a807b7ef Mon Sep 17 00:00:00 2001
From: Jelle Licht <jlicht@fsfe.org>
Date: Sat, 1 Jul 2017 16:14:34 +0200
Subject: [PATCH] gnu: vpnc: Update to 0.5.3, revision 550.
* gnu/packages/vpn.scm (vpnc): Update to 0.5.3, revision 550.
[source]: Use svn-fetch, download from Subersion mirror.
[arguments]: End phases on #t. Remove reference to /etc/vpnc.
---
gnu/local.mk | 1 -
gnu/packages/patches/vpnc-script.patch | 15 -----
gnu/packages/vpn.scm | 109 ++++++++++++++++++---------------
3 files changed, 61 insertions(+), 64 deletions(-)
delete mode 100644 gnu/packages/patches/vpnc-script.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 83b019605..55b4071e9 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1047,7 +1047,6 @@ dist_patch_DATA = \
%D%/packages/patches/vorbis-tools-CVE-2014-9638+CVE-2014-9639.patch \
%D%/packages/patches/vorbis-tools-CVE-2014-9640.patch \
%D%/packages/patches/vorbis-tools-CVE-2015-6749.patch \
- %D%/packages/patches/vpnc-script.patch \
%D%/packages/patches/vte-CVE-2012-2738-pt1.patch \
%D%/packages/patches/vte-CVE-2012-2738-pt2.patch \
%D%/packages/patches/weechat-python.patch \
diff --git a/gnu/packages/patches/vpnc-script.patch b/gnu/packages/patches/vpnc-script.patch
deleted file mode 100644
index a0d948195..000000000
--- a/gnu/packages/patches/vpnc-script.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-This patch adapts the vpnc script to newer kernel versions, see
- https://lkml.org/lkml/2011/3/24/645
-
-diff -u a/vpnc-script.in b/vpnc-script.in
---- a/vpnc-script.in 2013-03-03 13:55:16.000000000 +0100
-+++ b/vpnc-script.in 2013-03-03 13:56:11.000000000 +0100
-@@ -116,7 +116,7 @@
-
- if [ -n "$IPROUTE" ]; then
- fix_ip_get_output () {
-- sed 's/cache//;s/metric \?[0-9]\+ [0-9]\+//g;s/hoplimit [0-9]\+//g'
-+ sed 's/cache//;s/metric \?[0-9]\+ [0-9]\+//g;s/hoplimit [0-9]\+//g;s/ipid 0x....//g'
- }
-
- set_vpngateway_route() {
diff --git a/gnu/packages/vpn.scm b/gnu/packages/vpn.scm
index 87fea4a47..692891150 100644
--- a/gnu/packages/vpn.scm
+++ b/gnu/packages/vpn.scm
@@ -26,9 +26,11 @@
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
+ #:use-module (guix svn-download)
#:use-module (guix build-system gnu)
#:use-module (guix build-system python)
#:use-module (gnu packages)
+ #:use-module (gnu packages base)
#:use-module (gnu packages compression)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gnupg)
@@ -63,58 +65,69 @@ endpoints.")
(license license:gpl3+)))
(define-public vpnc
- (package
- (name "vpnc")
- (version "0.5.3")
- (source (origin
- (method url-fetch)
- (uri (string-append "https://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-"
- version ".tar.gz"))
- (sha256 (base32
- "1128860lis89g1s21hqxvap2nq426c9j4bvgghncc1zj0ays7kj6"))
- (patches (search-patches "vpnc-script.patch"))))
- (build-system gnu-build-system)
- (inputs `(("libgcrypt" ,libgcrypt)
- ("perl" ,perl)
-
- ;; The following packages provide commands that 'vpnc-script'
- ;; expects.
- ("net-tools" ,net-tools) ;ifconfig, route
- ("iproute2" ,iproute))) ;ip
- (arguments
- `(#:tests? #f ; there is no check target
- #:phases
- (modify-phases %standard-phases
- (replace 'configure
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- (substitute* "Makefile"
- (("PREFIX=/usr/local") (string-append "PREFIX=" out)))
- (substitute* "Makefile"
- (("ETCDIR=/etc/vpnc") (string-append "ETCDIR=" out
- "/etc/vpnc"))))))
- (add-after 'install 'wrap-vpnc-script
- (lambda* (#:key inputs outputs #:allow-other-keys)
- ;; Wrap 'etc/vpnc/vpnc-script' so that it finds the commands it
- ;; needs. Assume coreutils/grep/sed are in $PATH.
- (let ((out (assoc-ref outputs "out")))
- (wrap-program (string-append out "/etc/vpnc/vpnc-script")
- `("PATH" ":" prefix
- (,(string-append (assoc-ref inputs "net-tools")
- "/sbin")
- ,(string-append (assoc-ref inputs "net-tools")
- "/bin")
- ,(string-append (assoc-ref inputs "iproute2")
- "/sbin"))))))))))
- (synopsis "Client for Cisco VPN concentrators")
- (description
- "vpnc is a VPN client compatible with Cisco's EasyVPN equipment.
+ (let ((commit 550) ; subversion revision identifier
+ (revision "1")) ; guix package revision
+ (package
+ (name "vpnc")
+ (version (string-append "0.5.3-" revision "." (number->string commit)))
+ (source
+ (origin
+ (method svn-fetch)
+ (uri (svn-reference
+ (url "http://svn.unix-ag.uni-kl.de/vpnc/trunk")
+ (revision commit)))
+ (file-name (string-append name "-" version "-checkout"))
+ (sha256 (base32
+ "1ng585qlwd22q8qrcly5f0vran5jy9n0dlc2h14vf5kl4dkqljw0"))))
+ (build-system gnu-build-system)
+ (inputs `(("libgcrypt" ,libgcrypt)
+ ("perl" ,perl)
+ ("gnutls" ,gnutls)
+ ;; The following packages provide commands that 'vpnc-script'
+ ;; expects.
+ ("net-tools" ,net-tools) ;ifconfig, route
+ ("iproute2" ,iproute))) ;ip
+ (native-inputs `(("which" ,which)
+ ("pkg-config" ,pkg-config)))
+ (arguments
+ `(#:tests? #f ; there is no check target
+ #:make-flags '("CC=gcc")
+ #:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (substitute* "Makefile"
+ (("PREFIX=/usr/local") (string-append "PREFIX=" out)))
+ (substitute* "Makefile"
+ (("ETCDIR=/etc/vpnc") (string-append "ETCDIR=" out
+ "/etc/vpnc")))
+ (substitute* "config.c"
+ (("/etc/vpnc/") (string-append out "/etc/vpnc/")))
+ #t)))
+ (add-after 'install 'wrap-vpnc-script
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; Wrap 'etc/vpnc/vpnc-script' so that it finds the commands it
+ ;; needs. Assume coreutils/grep/sed are in $PATH.
+ (let ((out (assoc-ref outputs "out")))
+ (wrap-program (string-append out "/etc/vpnc/vpnc-script")
+ `("PATH" ":" prefix
+ (,(string-append (assoc-ref inputs "net-tools")
+ "/sbin")
+ ,(string-append (assoc-ref inputs "net-tools")
+ "/bin")
+ ,(string-append (assoc-ref inputs "iproute2")
+ "/sbin"))))
+ #t))))))
+ (synopsis "Client for Cisco VPN concentrators")
+ (description
+ "vpnc is a VPN client compatible with Cisco's EasyVPN equipment.
It supports IPSec (ESP) with Mode Configuration and Xauth. It supports only
shared-secret IPSec authentication with Xauth, AES (256, 192, 128), 3DES,
1DES, MD5, SHA1, DH1/2/5 and IP tunneling. It runs entirely in userspace.
Only \"Universal TUN/TAP device driver support\" is needed in the kernel.")
- (license license:gpl2+) ; some file are bsd-2, see COPYING
- (home-page "http://www.unix-ag.uni-kl.de/~massar/vpnc/")))
+ (license license:gpl2+) ; some file are bsd-2, see COPYING
+ (home-page "http://www.unix-ag.uni-kl.de/~massar/vpnc/"))))
(define-public openconnect
--
2.13.2
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [bug#27549] [PATCH] gnu: vpnc: Update to 0.5.3, revision-550.
2017-07-01 14:48 [bug#27549] [PATCH] gnu: vpnc: Update to 0.5.3, revision-550 Jelle Licht
@ 2017-07-01 14:55 ` Jelle Licht
2017-07-01 17:18 ` Tobias Geerinckx-Rice
2017-11-29 15:15 ` bug#27549: (no subject) Tobias Geerinckx-Rice
2 siblings, 0 replies; 9+ messages in thread
From: Jelle Licht @ 2017-07-01 14:55 UTC (permalink / raw)
To: Jelle Licht; +Cc: 27549
[-- Attachment #1: Type: text/plain, Size: 143 bytes --]
Jelle Licht <jlicht@fsfe.org> writes:
[ .. ]
And now with the actual commit message that I intended to have here. Apologies for the noise.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-vpnc-Update-to-0.5.3-revision-550.patch --]
[-- Type: text/x-patch, Size: 8354 bytes --]
From 03d6dc0348cc073d86360149351857853e01eac7 Mon Sep 17 00:00:00 2001
From: Jelle Licht <jlicht@fsfe.org>
Date: Sat, 1 Jul 2017 16:14:34 +0200
Subject: [PATCH] gnu: vpnc: Update to 0.5.3, revision 550.
* gnu/packages/vpn.scm (vpnc): Update to 0.5.3, revision 550.
[source]: Use svn-fetch, download from Subversion mirror. Remove patch.
[arguments]: End phases on #t. Remove reference to /etc/vpnc.
* gnu/packages/patches/vpnc-script.patch: Delete patch
* gnu/local.mk (dist_patch_DATA): Remove patch.
---
gnu/local.mk | 1 -
gnu/packages/patches/vpnc-script.patch | 15 -----
gnu/packages/vpn.scm | 109 ++++++++++++++++++---------------
3 files changed, 61 insertions(+), 64 deletions(-)
delete mode 100644 gnu/packages/patches/vpnc-script.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 83b019605..55b4071e9 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1047,7 +1047,6 @@ dist_patch_DATA = \
%D%/packages/patches/vorbis-tools-CVE-2014-9638+CVE-2014-9639.patch \
%D%/packages/patches/vorbis-tools-CVE-2014-9640.patch \
%D%/packages/patches/vorbis-tools-CVE-2015-6749.patch \
- %D%/packages/patches/vpnc-script.patch \
%D%/packages/patches/vte-CVE-2012-2738-pt1.patch \
%D%/packages/patches/vte-CVE-2012-2738-pt2.patch \
%D%/packages/patches/weechat-python.patch \
diff --git a/gnu/packages/patches/vpnc-script.patch b/gnu/packages/patches/vpnc-script.patch
deleted file mode 100644
index a0d948195..000000000
--- a/gnu/packages/patches/vpnc-script.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-This patch adapts the vpnc script to newer kernel versions, see
- https://lkml.org/lkml/2011/3/24/645
-
-diff -u a/vpnc-script.in b/vpnc-script.in
---- a/vpnc-script.in 2013-03-03 13:55:16.000000000 +0100
-+++ b/vpnc-script.in 2013-03-03 13:56:11.000000000 +0100
-@@ -116,7 +116,7 @@
-
- if [ -n "$IPROUTE" ]; then
- fix_ip_get_output () {
-- sed 's/cache//;s/metric \?[0-9]\+ [0-9]\+//g;s/hoplimit [0-9]\+//g'
-+ sed 's/cache//;s/metric \?[0-9]\+ [0-9]\+//g;s/hoplimit [0-9]\+//g;s/ipid 0x....//g'
- }
-
- set_vpngateway_route() {
diff --git a/gnu/packages/vpn.scm b/gnu/packages/vpn.scm
index 87fea4a47..692891150 100644
--- a/gnu/packages/vpn.scm
+++ b/gnu/packages/vpn.scm
@@ -26,9 +26,11 @@
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
+ #:use-module (guix svn-download)
#:use-module (guix build-system gnu)
#:use-module (guix build-system python)
#:use-module (gnu packages)
+ #:use-module (gnu packages base)
#:use-module (gnu packages compression)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gnupg)
@@ -63,58 +65,69 @@ endpoints.")
(license license:gpl3+)))
(define-public vpnc
- (package
- (name "vpnc")
- (version "0.5.3")
- (source (origin
- (method url-fetch)
- (uri (string-append "https://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-"
- version ".tar.gz"))
- (sha256 (base32
- "1128860lis89g1s21hqxvap2nq426c9j4bvgghncc1zj0ays7kj6"))
- (patches (search-patches "vpnc-script.patch"))))
- (build-system gnu-build-system)
- (inputs `(("libgcrypt" ,libgcrypt)
- ("perl" ,perl)
-
- ;; The following packages provide commands that 'vpnc-script'
- ;; expects.
- ("net-tools" ,net-tools) ;ifconfig, route
- ("iproute2" ,iproute))) ;ip
- (arguments
- `(#:tests? #f ; there is no check target
- #:phases
- (modify-phases %standard-phases
- (replace 'configure
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- (substitute* "Makefile"
- (("PREFIX=/usr/local") (string-append "PREFIX=" out)))
- (substitute* "Makefile"
- (("ETCDIR=/etc/vpnc") (string-append "ETCDIR=" out
- "/etc/vpnc"))))))
- (add-after 'install 'wrap-vpnc-script
- (lambda* (#:key inputs outputs #:allow-other-keys)
- ;; Wrap 'etc/vpnc/vpnc-script' so that it finds the commands it
- ;; needs. Assume coreutils/grep/sed are in $PATH.
- (let ((out (assoc-ref outputs "out")))
- (wrap-program (string-append out "/etc/vpnc/vpnc-script")
- `("PATH" ":" prefix
- (,(string-append (assoc-ref inputs "net-tools")
- "/sbin")
- ,(string-append (assoc-ref inputs "net-tools")
- "/bin")
- ,(string-append (assoc-ref inputs "iproute2")
- "/sbin"))))))))))
- (synopsis "Client for Cisco VPN concentrators")
- (description
- "vpnc is a VPN client compatible with Cisco's EasyVPN equipment.
+ (let ((commit 550) ; subversion revision identifier
+ (revision "1")) ; guix package revision
+ (package
+ (name "vpnc")
+ (version (string-append "0.5.3-" revision "." (number->string commit)))
+ (source
+ (origin
+ (method svn-fetch)
+ (uri (svn-reference
+ (url "http://svn.unix-ag.uni-kl.de/vpnc/trunk")
+ (revision commit)))
+ (file-name (string-append name "-" version "-checkout"))
+ (sha256 (base32
+ "1ng585qlwd22q8qrcly5f0vran5jy9n0dlc2h14vf5kl4dkqljw0"))))
+ (build-system gnu-build-system)
+ (inputs `(("libgcrypt" ,libgcrypt)
+ ("perl" ,perl)
+ ("gnutls" ,gnutls)
+ ;; The following packages provide commands that 'vpnc-script'
+ ;; expects.
+ ("net-tools" ,net-tools) ;ifconfig, route
+ ("iproute2" ,iproute))) ;ip
+ (native-inputs `(("which" ,which)
+ ("pkg-config" ,pkg-config)))
+ (arguments
+ `(#:tests? #f ; there is no check target
+ #:make-flags '("CC=gcc")
+ #:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (substitute* "Makefile"
+ (("PREFIX=/usr/local") (string-append "PREFIX=" out)))
+ (substitute* "Makefile"
+ (("ETCDIR=/etc/vpnc") (string-append "ETCDIR=" out
+ "/etc/vpnc")))
+ (substitute* "config.c"
+ (("/etc/vpnc/") (string-append out "/etc/vpnc/")))
+ #t)))
+ (add-after 'install 'wrap-vpnc-script
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; Wrap 'etc/vpnc/vpnc-script' so that it finds the commands it
+ ;; needs. Assume coreutils/grep/sed are in $PATH.
+ (let ((out (assoc-ref outputs "out")))
+ (wrap-program (string-append out "/etc/vpnc/vpnc-script")
+ `("PATH" ":" prefix
+ (,(string-append (assoc-ref inputs "net-tools")
+ "/sbin")
+ ,(string-append (assoc-ref inputs "net-tools")
+ "/bin")
+ ,(string-append (assoc-ref inputs "iproute2")
+ "/sbin"))))
+ #t))))))
+ (synopsis "Client for Cisco VPN concentrators")
+ (description
+ "vpnc is a VPN client compatible with Cisco's EasyVPN equipment.
It supports IPSec (ESP) with Mode Configuration and Xauth. It supports only
shared-secret IPSec authentication with Xauth, AES (256, 192, 128), 3DES,
1DES, MD5, SHA1, DH1/2/5 and IP tunneling. It runs entirely in userspace.
Only \"Universal TUN/TAP device driver support\" is needed in the kernel.")
- (license license:gpl2+) ; some file are bsd-2, see COPYING
- (home-page "http://www.unix-ag.uni-kl.de/~massar/vpnc/")))
+ (license license:gpl2+) ; some file are bsd-2, see COPYING
+ (home-page "http://www.unix-ag.uni-kl.de/~massar/vpnc/"))))
(define-public openconnect
--
2.13.2
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [bug#27549] [PATCH] gnu: vpnc: Update to 0.5.3, revision-550.
2017-07-01 14:48 [bug#27549] [PATCH] gnu: vpnc: Update to 0.5.3, revision-550 Jelle Licht
2017-07-01 14:55 ` Jelle Licht
@ 2017-07-01 17:18 ` Tobias Geerinckx-Rice
2017-07-02 15:13 ` Ludovic Courtès
2017-07-03 5:18 ` Tobias Geerinckx-Rice
2017-11-29 15:15 ` bug#27549: (no subject) Tobias Geerinckx-Rice
2 siblings, 2 replies; 9+ messages in thread
From: Tobias Geerinckx-Rice @ 2017-07-01 17:18 UTC (permalink / raw)
To: jlicht, 27549
[-- Attachment #1.1: Type: text/plain, Size: 551 bytes --]
Jelle,
On 01/07/17 16:48, Jelle Licht wrote:
> Hello Guix,
>
> Having tried to get `vpnc' working with my university's vpn system, and
> failing, I looked into other distributions and how they got it to work.
> It seems that most people use an updated version of the bundled
> `vpnc-script' to make it work.
Indeed.
I'd started on packaging those updated vpnc-scripts, but that kind of
fell through all kind of cracks.
I don't think I needed to bundle anything. I'll dig them up and see how
far I got.
Kind regards,
T G-R
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 504 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* [bug#27549] [PATCH] gnu: vpnc: Update to 0.5.3, revision-550.
2017-07-01 17:18 ` Tobias Geerinckx-Rice
@ 2017-07-02 15:13 ` Ludovic Courtès
2017-07-03 5:18 ` Tobias Geerinckx-Rice
1 sibling, 0 replies; 9+ messages in thread
From: Ludovic Courtès @ 2017-07-02 15:13 UTC (permalink / raw)
To: Tobias Geerinckx-Rice; +Cc: 27549
Hi!
Tobias Geerinckx-Rice <me@tobias.gr> skribis:
> On 01/07/17 16:48, Jelle Licht wrote:
>> Hello Guix,
>>
>> Having tried to get `vpnc' working with my university's vpn system, and
>> failing, I looked into other distributions and how they got it to work.
>> It seems that most people use an updated version of the bundled
>> `vpnc-script' to make it work.
>
> Indeed.
>
> I'd started on packaging those updated vpnc-scripts, but that kind of
> fell through all kind of cracks.
>
> I don't think I needed to bundle anything. I'll dig them up and see how
> far I got.
Indeed, that would be nice.
In the meantime, could you apply Jelle’s patch if it looks right to you?
It’s a bit sad that upstream hasn’t made new releases.
Thanks,
Ludo’.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [bug#27549] [PATCH] gnu: vpnc: Update to 0.5.3, revision-550.
2017-07-01 17:18 ` Tobias Geerinckx-Rice
2017-07-02 15:13 ` Ludovic Courtès
@ 2017-07-03 5:18 ` Tobias Geerinckx-Rice
2017-07-05 21:08 ` Jelle Licht
1 sibling, 1 reply; 9+ messages in thread
From: Tobias Geerinckx-Rice @ 2017-07-03 5:18 UTC (permalink / raw)
To: jlicht, 27549
[-- Attachment #1.1.1: Type: text/plain, Size: 860 bytes --]
Jelle,
On 01/07/17 19:18, Tobias Geerinckx-Rice wrote:
> I'd started on packaging those updated vpnc-scripts, [...]
> I'll dig them up and see how far I got.
Found 'em! If you have some spare time, could you give the attached
patches a try? They look finished[0], but I don't have a VPN to test.
I hope we can avoid relying on the copy of vpnc-scripts bundled with vpnc:
- the bundled copy still lags behind upstream[1], even in trunk
- unbundling allows using a stable release of the vpnc client instead
of a subversion checkout, while still easily updating the scripts
- and shaves ~50MiB from our openconnect package.
Of course, it has to actually work for you first :-)
Kind regards,
T G-R
[0]: I don't like the look of 'wrap-keys, but I don't know a better way.
[1]: http://git.infradead.org/users/dwmw2/vpnc-scripts.git
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.1.2: 0002-gnu-vpnc-Use-newer-vpnc-scripts.patch --]
[-- Type: text/x-patch; name="0002-gnu-vpnc-Use-newer-vpnc-scripts.patch", Size: 5389 bytes --]
From 935a3896c8bb0c356bb04865dc7af3daa09cdb44 Mon Sep 17 00:00:00 2001
From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Sun, 7 May 2017 01:56:41 +0200
Subject: [PATCH 2/3] gnu: vpnc: Use newer vpnc-scripts.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* gnu/packages/vpn.scm (vpnc)[source]: Remove patch.
[inputs]: Remove net-tools and iproute2. Add vpnc-scripts.
[arguments]: Delete ‘configure’ and ‘wrap-vpnc-script’ #:phases.
Add ‘use-store-paths’ phase.
* gnu/packages/patches/vpnc-script.patch: Delete patch.
* gnu/local.mk (dist_patch_DATA): Remove it.
---
gnu/local.mk | 1 -
gnu/packages/patches/vpnc-script.patch | 15 ------------
gnu/packages/vpn.scm | 42 ++++++++++++----------------------
3 files changed, 15 insertions(+), 43 deletions(-)
delete mode 100644 gnu/packages/patches/vpnc-script.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 83b019605..55b4071e9 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1047,7 +1047,6 @@ dist_patch_DATA = \
%D%/packages/patches/vorbis-tools-CVE-2014-9638+CVE-2014-9639.patch \
%D%/packages/patches/vorbis-tools-CVE-2014-9640.patch \
%D%/packages/patches/vorbis-tools-CVE-2015-6749.patch \
- %D%/packages/patches/vpnc-script.patch \
%D%/packages/patches/vte-CVE-2012-2738-pt1.patch \
%D%/packages/patches/vte-CVE-2012-2738-pt2.patch \
%D%/packages/patches/weechat-python.patch \
diff --git a/gnu/packages/patches/vpnc-script.patch b/gnu/packages/patches/vpnc-script.patch
deleted file mode 100644
index a0d948195..000000000
--- a/gnu/packages/patches/vpnc-script.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-This patch adapts the vpnc script to newer kernel versions, see
- https://lkml.org/lkml/2011/3/24/645
-
-diff -u a/vpnc-script.in b/vpnc-script.in
---- a/vpnc-script.in 2013-03-03 13:55:16.000000000 +0100
-+++ b/vpnc-script.in 2013-03-03 13:56:11.000000000 +0100
-@@ -116,7 +116,7 @@
-
- if [ -n "$IPROUTE" ]; then
- fix_ip_get_output () {
-- sed 's/cache//;s/metric \?[0-9]\+ [0-9]\+//g;s/hoplimit [0-9]\+//g'
-+ sed 's/cache//;s/metric \?[0-9]\+ [0-9]\+//g;s/hoplimit [0-9]\+//g;s/ipid 0x....//g'
- }
-
- set_vpngateway_route() {
diff --git a/gnu/packages/vpn.scm b/gnu/packages/vpn.scm
index 4b47a76b3..aa79a7cfb 100644
--- a/gnu/packages/vpn.scm
+++ b/gnu/packages/vpn.scm
@@ -73,41 +73,29 @@ endpoints.")
(uri (string-append "https://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-"
version ".tar.gz"))
(sha256 (base32
- "1128860lis89g1s21hqxvap2nq426c9j4bvgghncc1zj0ays7kj6"))
- (patches (search-patches "vpnc-script.patch"))))
+ "1128860lis89g1s21hqxvap2nq426c9j4bvgghncc1zj0ays7kj6"))))
(build-system gnu-build-system)
(inputs `(("libgcrypt" ,libgcrypt)
("perl" ,perl)
-
- ;; The following packages provide commands that 'vpnc-script'
- ;; expects.
- ("net-tools" ,net-tools) ;ifconfig, route
- ("iproute2" ,iproute))) ;ip
+ ("vpnc-scripts" ,vpnc-scripts)))
(arguments
`(#:tests? #f ; there is no check target
#:phases
(modify-phases %standard-phases
- (replace 'configure
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- (substitute* "Makefile"
- (("PREFIX=/usr/local") (string-append "PREFIX=" out)))
- (substitute* "Makefile"
- (("ETCDIR=/etc/vpnc") (string-append "ETCDIR=" out
- "/etc/vpnc"))))))
- (add-after 'install 'wrap-vpnc-script
+ (add-after 'unpack 'use-store-paths
(lambda* (#:key inputs outputs #:allow-other-keys)
- ;; Wrap 'etc/vpnc/vpnc-script' so that it finds the commands it
- ;; needs. Assume coreutils/grep/sed are in $PATH.
- (let ((out (assoc-ref outputs "out")))
- (wrap-program (string-append out "/etc/vpnc/vpnc-script")
- `("PATH" ":" prefix
- (,(string-append (assoc-ref inputs "net-tools")
- "/sbin")
- ,(string-append (assoc-ref inputs "net-tools")
- "/bin")
- ,(string-append (assoc-ref inputs "iproute2")
- "/sbin"))))))))))
+ (let ((out (assoc-ref outputs "out"))
+ (vpnc-scripts (assoc-ref inputs "vpnc-scripts")))
+ (substitute* "config.c"
+ (("/etc/vpnc/vpnc-script")
+ (string-append vpnc-scripts "/etc/vpnc/vpnc-script")))
+ (substitute* "Makefile"
+ (("ETCDIR=.*")
+ (string-append "ETCDIR=" out "/etc/vpnc\n"))
+ (("PREFIX=.*")
+ (string-append "PREFIX=" out "\n")))
+ #t)))
+ (delete 'configure)))) ; no configure script
(synopsis "Client for Cisco VPN concentrators")
(description
"vpnc is a VPN client compatible with Cisco's EasyVPN equipment.
--
2.13.1
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.1.3: 0001-gnu-Add-vpnc-scripts.patch --]
[-- Type: text/x-patch; name="0001-gnu-Add-vpnc-scripts.patch", Size: 6131 bytes --]
From 43e557609bff42cafcaaefa757ed794af5441efa Mon Sep 17 00:00:00 2001
From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Sun, 7 May 2017 01:19:12 +0200
Subject: [PATCH 1/3] gnu: Add vpnc-scripts.
* gnu/packages/vpn.scm (vpnc-scripts): New variable.
---
gnu/packages/vpn.scm | 91 +++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 90 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/vpn.scm b/gnu/packages/vpn.scm
index 87fea4a47..4b47a76b3 100644
--- a/gnu/packages/vpn.scm
+++ b/gnu/packages/vpn.scm
@@ -4,7 +4,7 @@
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Jeff Mickey <j@codemac.net>
;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
-;;; Copyright © 2016 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2016, 2017 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu>
;;;
;;; This file is part of GNU Guix.
@@ -26,9 +26,11 @@
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
+ #:use-module (guix git-download)
#:use-module (guix build-system gnu)
#:use-module (guix build-system python)
#:use-module (gnu packages)
+ #:use-module (gnu packages base)
#:use-module (gnu packages compression)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gnupg)
@@ -116,6 +118,93 @@ Only \"Universal TUN/TAP device driver support\" is needed in the kernel.")
(license license:gpl2+) ; some file are bsd-2, see COPYING
(home-page "http://www.unix-ag.uni-kl.de/~massar/vpnc/")))
+(define-public vpnc-scripts
+ (let ((commit "6f87b0fe7b20d802a0747cc310217920047d58d3"))
+ (package
+ (name "vpnc-scripts")
+ (version (string-append "20161214." (string-take commit 7)))
+ (source (origin
+ (method git-fetch)
+ (uri
+ (git-reference
+ (url "git://git.infradead.org/users/dwmw2/vpnc-scripts.git")
+ (commit commit)))
+ (sha256
+ (base32
+ "0pa36w4wlyyvfb66cayhans99wsr2j5si2fvfr7ldfm512ajwn8h"))))
+ (build-system gnu-build-system)
+ (inputs `(("coreutils" ,coreutils)
+ ("grep" ,grep)
+ ("iproute2" ,iproute) ; for ‘ip’
+ ("net-tools" ,net-tools) ; for ‘ifconfig’, ‘route’
+ ("sed" ,sed)
+ ("which" ,which)))
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'use-relative-paths
+ ;; Patch the scripts to work with and use relative paths.
+ (lambda* _
+ (for-each (lambda (script)
+ (substitute* script
+ (("^PATH=.*") "")
+ (("(/usr|)/s?bin/") "")
+ (("\\[ +-x +([^]]+) +\\]" _ command)
+ (string-append "command -v >/dev/null 2>&1 "
+ command))))
+ (find-files "." "^vpnc-script"))
+ #t))
+ (delete 'configure) ; no configure script
+ (replace 'build
+ (lambda _
+ (zero? (system* "gcc" "-o" "netunshare" "netunshare.c"))))
+ (replace 'install
+ ;; There is no Makefile; manually install the relevant files.
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (etc (string-append out "/etc/vpnc")))
+ (for-each (lambda (file)
+ (install-file file etc))
+ (append (find-files "." "^vpnc-script")
+ (list "netunshare"
+ "xinetd.netns.conf")))
+ #t)))
+ (add-after 'install 'wrap-scripts
+ ;; Wrap scripts with paths to their common hard dependencies.
+ ;; Optional dependencies will need to be installed by the user.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (for-each
+ (lambda (script)
+ (wrap-program script
+ `("PATH" ":" prefix
+ ,(map (lambda (name)
+ (let ((input (assoc-ref inputs name)))
+ (string-append input "/bin:"
+ input "/sbin")))
+ (list "coreutils"
+ "grep"
+ "iproute2"
+ "net-tools"
+ "sed"
+ "which")))))
+ (find-files (string-append out "/etc/vpnc/vpnc-script")
+ "^vpnc-script"))))))
+ #:tests? #f)) ; no tests
+ (home-page "http://git.infradead.org/users/dwmw2/vpnc-scripts.git")
+ (synopsis "Network configuration scripts for Cisco VPN clients")
+ (description
+ "This set of scripts configures routing and name services when invoked
+by the VPNC or OpenConnect Cisco @dfn{Virtual Private Network} (VPN) clients.
+
+The default @command{vpnc-script} automatically configures most common
+connections, and provides hooks for performing custom actions at various stages
+of the connection or disconnection process.
+
+Alternative scripts are provided for more complicated set-ups, or to serve as an
+example for writing your own. For example, @command{vpnc-script-sshd} contains
+the entire VPN in a network namespace accessible only through SSH.")
+ (license license:gpl2+))))
(define-public openconnect
(package
--
2.13.1
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 504 bytes --]
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [bug#27549] [PATCH] gnu: vpnc: Update to 0.5.3, revision-550.
2017-07-03 5:18 ` Tobias Geerinckx-Rice
@ 2017-07-05 21:08 ` Jelle Licht
2017-10-18 21:35 ` Ricardo Wurmus
0 siblings, 1 reply; 9+ messages in thread
From: Jelle Licht @ 2017-07-05 21:08 UTC (permalink / raw)
To: Tobias Geerinckx-Rice; +Cc: 27549
Tobias,
Tobias Geerinckx-Rice <me@tobias.gr> writes:
> Jelle,
>
> On 01/07/17 19:18, Tobias Geerinckx-Rice wrote:
>> I'd started on packaging those updated vpnc-scripts, [...]
>> I'll dig them up and see how far I got.
>
> Found 'em! If you have some spare time, could you give the attached
> patches a try? They look finished[0], but I don't have a VPN to test.
>
> I hope we can avoid relying on the copy of vpnc-scripts bundled with vpnc:
>
> - the bundled copy still lags behind upstream[1], even in trunk
> - unbundling allows using a stable release of the vpnc client instead
> of a subversion checkout, while still easily updating the scripts
> - and shaves ~50MiB from our openconnect package.
Fair enough, this seems like a good reason to apply your patches ;-).
>
> Of course, it has to actually work for you first :-)
Good news! Your patches work, I verified this with my university vpn.
Why are we using this specific versions of the vpnc-scripts?
What is the problem regarding `wrap-keys' (wrap-program?) exactly?
Regards,
Jelle
^ permalink raw reply [flat|nested] 9+ messages in thread
* [bug#27549] [PATCH] gnu: vpnc: Update to 0.5.3, revision-550.
2017-07-05 21:08 ` Jelle Licht
@ 2017-10-18 21:35 ` Ricardo Wurmus
2017-10-18 22:14 ` Tobias Geerinckx-Rice
0 siblings, 1 reply; 9+ messages in thread
From: Ricardo Wurmus @ 2017-10-18 21:35 UTC (permalink / raw)
To: Jelle Licht; +Cc: 27549
Hi Jelle, hi Tobias,
> Tobias,
>
>
> Tobias Geerinckx-Rice <me@tobias.gr> writes:
>
>> Jelle,
>>
>> On 01/07/17 19:18, Tobias Geerinckx-Rice wrote:
>>> I'd started on packaging those updated vpnc-scripts, [...]
>>> I'll dig them up and see how far I got.
>>
>> Found 'em! If you have some spare time, could you give the attached
>> patches a try? They look finished[0], but I don't have a VPN to test.
>>
>> I hope we can avoid relying on the copy of vpnc-scripts bundled with vpnc:
>>
>> - the bundled copy still lags behind upstream[1], even in trunk
>> - unbundling allows using a stable release of the vpnc client instead
>> of a subversion checkout, while still easily updating the scripts
>> - and shaves ~50MiB from our openconnect package.
> Fair enough, this seems like a good reason to apply your patches ;-).
>
>>
>> Of course, it has to actually work for you first :-)
>
> Good news! Your patches work, I verified this with my university vpn.
> Why are we using this specific versions of the vpnc-scripts?
>
> What is the problem regarding `wrap-keys' (wrap-program?) exactly?
It looks like these patches were dropped. What’s the current status
here? Can we apply them or are they no longer needed?
--
Ricardo
GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC
https://elephly.net
^ permalink raw reply [flat|nested] 9+ messages in thread
* [bug#27549] [PATCH] gnu: vpnc: Update to 0.5.3, revision-550.
2017-10-18 21:35 ` Ricardo Wurmus
@ 2017-10-18 22:14 ` Tobias Geerinckx-Rice
0 siblings, 0 replies; 9+ messages in thread
From: Tobias Geerinckx-Rice @ 2017-10-18 22:14 UTC (permalink / raw)
To: rekado; +Cc: 27549
Ricardo,
Ricardo Wurmus wrote on 18/10/17 at 23:35:
> What’s the current status here?
I'd arranged for someone else with access to such a VPN to (also) test
these patches, but never got an answer. I'm afraid I lost track of this
issue in the meantime.
I'll look into it after some much-needed rest.
Kind regards,
T G-R
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#27549: (no subject)
2017-07-01 14:48 [bug#27549] [PATCH] gnu: vpnc: Update to 0.5.3, revision-550 Jelle Licht
2017-07-01 14:55 ` Jelle Licht
2017-07-01 17:18 ` Tobias Geerinckx-Rice
@ 2017-11-29 15:15 ` Tobias Geerinckx-Rice
2 siblings, 0 replies; 9+ messages in thread
From: Tobias Geerinckx-Rice @ 2017-11-29 15:15 UTC (permalink / raw)
To: 27549-done, 26386-done
Ricardo Wurmus wrote:
> It looks like these patches were dropped.
Down 6 flights of very cracked stairs.
Finally pushed as 06d91fd944e58ce787048f5c1b7804b210ad1f82 et al.
Kind regards,
T G-R
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2017-11-29 15:13 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-07-01 14:48 [bug#27549] [PATCH] gnu: vpnc: Update to 0.5.3, revision-550 Jelle Licht
2017-07-01 14:55 ` Jelle Licht
2017-07-01 17:18 ` Tobias Geerinckx-Rice
2017-07-02 15:13 ` Ludovic Courtès
2017-07-03 5:18 ` Tobias Geerinckx-Rice
2017-07-05 21:08 ` Jelle Licht
2017-10-18 21:35 ` Ricardo Wurmus
2017-10-18 22:14 ` Tobias Geerinckx-Rice
2017-11-29 15:15 ` bug#27549: (no subject) Tobias Geerinckx-Rice
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).