diff options
author | rnhmjoj <rnhmjoj@inventati.org> | 2022-10-05 23:31:45 +0200 |
---|---|---|
committer | rnhmjoj <rnhmjoj@inventati.org> | 2022-10-05 23:32:07 +0200 |
commit | f288df00cb9c3cee955196e176aa788bf061d981 (patch) | |
tree | cd947ecb933ac214d7c89315fcde3c1176677945 | |
parent | eb3d3b2e9049e2fcf812e29c6636830cac3e0733 (diff) | |
download | nixpkgs-f288df00cb9c3cee955196e176aa788bf061d981.tar nixpkgs-f288df00cb9c3cee955196e176aa788bf061d981.tar.gz nixpkgs-f288df00cb9c3cee955196e176aa788bf061d981.tar.bz2 nixpkgs-f288df00cb9c3cee955196e176aa788bf061d981.tar.lz nixpkgs-f288df00cb9c3cee955196e176aa788bf061d981.tar.xz nixpkgs-f288df00cb9c3cee955196e176aa788bf061d981.tar.zst nixpkgs-f288df00cb9c3cee955196e176aa788bf061d981.zip |
libreswan: 4.7 -> 4.8
Note: this also fixes DNSSEC support, which was enabled but not working due to the (most likely) missing DNS root file.
-rw-r--r-- | pkgs/tools/networking/libreswan/default.nix | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/pkgs/tools/networking/libreswan/default.nix b/pkgs/tools/networking/libreswan/default.nix index 7c500d50925..25ad29b1cfe 100644 --- a/pkgs/tools/networking/libreswan/default.nix +++ b/pkgs/tools/networking/libreswan/default.nix @@ -30,6 +30,7 @@ , docbook_xml_dtd_412 , docbook_xsl , findXMLCatalogs +, dns-root-data }: let @@ -43,11 +44,11 @@ in stdenv.mkDerivation rec { pname = "libreswan"; - version = "4.7"; + version = "4.8"; src = fetchurl { url = "https://download.libreswan.org/${pname}-${version}.tar.gz"; - sha256 = "0i7wyfgkaq6kcfhh1yshb1v7q42n3zvdkhq10f3ks1h075xk7mnx"; + sha256 = "sha256-gEy5EX1/tBGYE7FVrJF+NFZY41ehOBim9t/Oikch4gs="; }; strictDeps = true; @@ -77,9 +78,9 @@ stdenv.mkDerivation rec { -e 's|/bin/bash|${runtimeShell}|g' \ -i initsystems/systemd/ipsec.service.in \ programs/barf/barf.in \ - programs/verify/verify.in + programs/verify.linux/verify.in sed -e 's|\([[:blank:]]\)\(ip6\?tables\(-save\)\? -\)|\1${iptables}/bin/\2|' \ - -i programs/verify/verify.in + -i programs/verify.linux/verify.in # Prevent the makefile from trying to # reload the systemd daemon or create tmpfiles @@ -92,7 +93,7 @@ stdenv.mkDerivation rec { # Fix python script to use the correct python sed -e 's/^\(\W*\)installstartcheck()/\1sscmd = "ss"\n\0/' \ - -i programs/verify/verify.in + -i programs/verify.linux/verify.in # Replace wget with curl to save a dependency curlArgs='-s --remote-name-all --output-dir' @@ -113,6 +114,7 @@ stdenv.mkDerivation rec { "UNITDIR=$(out)/etc/systemd/system/" "TMPFILESDIR=$(out)/lib/tmpfiles.d/" "LINUX_VARIANT=nixos" + "DEFAULT_DNSSEC_ROOTKEY_FILE=${dns-root-data}/root.key" ]; # Hack to make install work |