diff options
author | Falco Peijnenburg <fpeijnenburg@gmail.com> | 2016-12-31 14:26:17 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-12-31 14:26:17 +0100 |
commit | 9c61571f1a4119689d001bf1902869ca12f1c0b3 (patch) | |
tree | 31214950b3d5ecfdf519ed1f4c24ea0e5c168def /pkgs/tools/networking/strongswan | |
parent | da34b32bb4422d6f61c90631fd8f4bf71744dc80 (diff) | |
download | nixpkgs-9c61571f1a4119689d001bf1902869ca12f1c0b3.tar nixpkgs-9c61571f1a4119689d001bf1902869ca12f1c0b3.tar.gz nixpkgs-9c61571f1a4119689d001bf1902869ca12f1c0b3.tar.bz2 nixpkgs-9c61571f1a4119689d001bf1902869ca12f1c0b3.tar.lz nixpkgs-9c61571f1a4119689d001bf1902869ca12f1c0b3.tar.xz nixpkgs-9c61571f1a4119689d001bf1902869ca12f1c0b3.tar.zst nixpkgs-9c61571f1a4119689d001bf1902869ca12f1c0b3.zip |
Strongswan: enable rdrand and aes-ni only on X86
Strongswan fails to compile on armv7l-linux with `--enable-aesni` and `--enable-rdrand` enabled. Errors are thrown about impossible constraints in asm (`--enable-rdrand`) or about gcc getting unknown command line parameters about aes (`--enable-aesni`). The options only makes sense on X86_64 processors. The rdrand plugin is designed for Ivy Bridge processors: > High quality / high performance random source using the Intel rdrand instruction found on Ivy Bridge processors The aes-ni plugin also only exists on X86 processors (which have the AES instruction set) Tested with a local override. The change triggers a (successful) rebuild on my X86_64 system. On armv7-linux this change fixes build errors. See: https://wiki.strongswan.org/issues/337
Diffstat (limited to 'pkgs/tools/networking/strongswan')
-rw-r--r-- | pkgs/tools/networking/strongswan/default.nix | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/pkgs/tools/networking/strongswan/default.nix b/pkgs/tools/networking/strongswan/default.nix index 1791abf4a48..7bcbb4fddb6 100644 --- a/pkgs/tools/networking/strongswan/default.nix +++ b/pkgs/tools/networking/strongswan/default.nix @@ -37,8 +37,9 @@ stdenv.mkDerivation rec { "--enable-eap-mschapv2" "--enable-xauth-eap" "--enable-ext-auth" "--enable-forecast" "--enable-connmark" "--enable-acert" "--enable-pkcs11" "--enable-eap-sim-pcsc" "--enable-dnscert" "--enable-unbound" - "--enable-aesni" "--enable-af-alg" "--enable-rdrand" ] - ++ stdenv.lib.optional (stdenv.system == "i686-linux") "--enable-padlock" + "--enable-af-alg" ] + ++ stdenv.lib.optional stdenv.isx86_64 [ "--enable-aesni" "--enable-rdrand" ] + ++ stdenv.lib.optional (stdenv.system == "i686-linux") "--enable-padlock" ++ stdenv.lib.optionals enableTNC [ "--disable-gmp" "--disable-aes" "--disable-md5" "--disable-sha1" "--disable-sha2" "--disable-fips-prf" "--enable-curl" "--enable-openssl" |