summary refs log tree commit diff
path: root/pkgs/tools/networking
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/tools/networking')
-rw-r--r--pkgs/tools/networking/cadaver/default.nix6
-rw-r--r--pkgs/tools/networking/cloud-custodian/default.nix48
-rw-r--r--pkgs/tools/networking/haproxy/default.nix42
-rw-r--r--pkgs/tools/networking/keepalived/default.nix14
-rw-r--r--pkgs/tools/networking/mu/default.nix4
-rw-r--r--pkgs/tools/networking/network-manager/openconnect/default.nix48
-rw-r--r--pkgs/tools/networking/openconnect/default.nix25
-rw-r--r--pkgs/tools/networking/openvpn/update-systemd-resolved.nix34
-rw-r--r--pkgs/tools/networking/sshoogr/default.nix36
-rw-r--r--pkgs/tools/networking/sshping/default.nix31
10 files changed, 246 insertions, 42 deletions
diff --git a/pkgs/tools/networking/cadaver/default.nix b/pkgs/tools/networking/cadaver/default.nix
index 75a05108b8b..95012208129 100644
--- a/pkgs/tools/networking/cadaver/default.nix
+++ b/pkgs/tools/networking/cadaver/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, fetchpatch, openssl }:
+{ stdenv, fetchurl, fetchpatch, openssl, readline }:
 
 stdenv.mkDerivation rec {
   name = "cadaver-0.23.3";
@@ -16,9 +16,9 @@ stdenv.mkDerivation rec {
     })
   ];
 
-  configureFlags = [ "--with-ssl" ];
+  configureFlags = [ "--with-ssl" "--with-readline" ];
 
-  buildInputs = [ openssl ];
+  buildInputs = [ openssl readline ];
 
   meta = with stdenv.lib; {
     description = "A command-line WebDAV client";
diff --git a/pkgs/tools/networking/cloud-custodian/default.nix b/pkgs/tools/networking/cloud-custodian/default.nix
new file mode 100644
index 00000000000..a57d9f13d78
--- /dev/null
+++ b/pkgs/tools/networking/cloud-custodian/default.nix
@@ -0,0 +1,48 @@
+{ lib, buildPythonApplication, fetchPypi
+, argcomplete
+, boto3
+, botocore
+, certifi
+, dateutil
+, jsonpatch
+, jsonschema
+, pyyaml
+, tabulate
+, urllib3
+}:
+
+buildPythonApplication rec {
+  pname = "cloud-custodian";
+  version = "0.8.45.1";
+
+  src = fetchPypi {
+    pname = "c7n";
+    inherit version;
+    sha256 = "0c199gdmpm83xfghrbzp02xliyxiygsnx2fvb35j9qpf37wzzp3z";
+  };
+
+  propagatedBuildInputs = [
+    argcomplete
+    boto3
+    botocore
+    certifi
+    dateutil
+    jsonpatch
+    jsonschema
+    pyyaml
+    tabulate
+    urllib3
+  ];
+
+  # Requires tox, many packages, and network access
+  checkPhase = ''
+    $out/bin/custodian --help
+  '';
+
+  meta = with lib; {
+    description = "Rules engine for cloud security, cost optimization, and governance";
+    homepage = "https://cloudcustodian.io";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ bhipple ];
+  };
+}
diff --git a/pkgs/tools/networking/haproxy/default.nix b/pkgs/tools/networking/haproxy/default.nix
index d8711d516dc..2b5f52b51aa 100644
--- a/pkgs/tools/networking/haproxy/default.nix
+++ b/pkgs/tools/networking/haproxy/default.nix
@@ -1,7 +1,9 @@
 { useLua ? !stdenv.isDarwin
 , usePcre ? true
-, stdenv, fetchurl
-, openssl, zlib, lua5_3 ? null, pcre ? null
+, withPrometheusExporter ? true
+, stdenv, lib, fetchurl
+, openssl, zlib
+, lua5_3 ? null, pcre ? null, systemd ? null
 }:
 
 assert useLua -> lua5_3 != null;
@@ -9,39 +11,47 @@ assert usePcre -> pcre != null;
 
 stdenv.mkDerivation rec {
   pname = "haproxy";
-  version = "1.9.8";
+  version = "2.0.8";
 
   src = fetchurl {
     url = "https://www.haproxy.org/download/${stdenv.lib.versions.majorMinor version}/src/${pname}-${version}.tar.gz";
-    sha256 = "1via9k84ycrdr8qh4qchcbqgpv0gynm3ra23nwsvqwfqvc0376id";
+    sha256 = "02i87hr1dfhrk6nvvcig4m9bpww7hyl6qcxcl20rfvxd2n2iwzn3";
   };
 
   buildInputs = [ openssl zlib ]
-    ++ stdenv.lib.optional useLua lua5_3
-    ++ stdenv.lib.optional usePcre pcre;
+    ++ lib.optional useLua lua5_3
+    ++ lib.optional usePcre pcre
+    ++ lib.optional stdenv.isLinux systemd;
 
   # TODO: make it work on bsd as well
   makeFlags = [
     "PREFIX=\${out}"
     ("TARGET=" + (if stdenv.isSunOS  then "solaris"
-             else if stdenv.isLinux  then "linux2628"
+             else if stdenv.isLinux  then "linux-glibc"
              else if stdenv.isDarwin then "osx"
              else "generic"))
   ];
+
   buildFlags = [
     "USE_OPENSSL=yes"
     "USE_ZLIB=yes"
-  ] ++ stdenv.lib.optionals usePcre [
+  ] ++ lib.optionals usePcre [
     "USE_PCRE=yes"
     "USE_PCRE_JIT=yes"
-  ] ++ stdenv.lib.optionals useLua [
+  ] ++ lib.optionals useLua [
     "USE_LUA=yes"
     "LUA_LIB=${lua5_3}/lib"
     "LUA_INC=${lua5_3}/include"
-  ] ++ stdenv.lib.optional stdenv.isDarwin "CC=cc"
-    ++ stdenv.lib.optional stdenv.isLinux "USE_GETADDRINFO=1";
+  ] ++ lib.optionals stdenv.isLinux [
+    "USE_SYSTEMD=yes"
+    "USE_GETADDRINFO=1"
+  ] ++ lib.optionals withPrometheusExporter [
+    "EXTRA_OBJS=contrib/prometheus-exporter/service-prometheus.o"
+  ] ++ lib.optional stdenv.isDarwin "CC=cc";
+
+  enableParallelBuilding = true;
 
-  meta = {
+  meta = with lib; {
     description = "Reliable, high performance TCP/HTTP load balancer";
     longDescription = ''
       HAProxy is a free, very fast and reliable solution offering high
@@ -51,9 +61,9 @@ stdenv.mkDerivation rec {
       tens of thousands of connections is clearly realistic with todays
       hardware.
     '';
-    homepage = http://haproxy.1wt.eu;
-    maintainers = with stdenv.lib.maintainers; [ fuzzy-id ];
-    platforms = with stdenv.lib.platforms; linux ++ darwin;
-    license = stdenv.lib.licenses.gpl2;
+    homepage = "https://haproxy.org";
+    license = licenses.gpl2;
+    maintainers = with maintainers; [ fuzzy-id ];
+    platforms = with platforms; linux ++ darwin;
   };
 }
diff --git a/pkgs/tools/networking/keepalived/default.nix b/pkgs/tools/networking/keepalived/default.nix
index 9ae981e0369..4e1894db98c 100644
--- a/pkgs/tools/networking/keepalived/default.nix
+++ b/pkgs/tools/networking/keepalived/default.nix
@@ -1,16 +1,24 @@
-{ stdenv, fetchFromGitHub, libnfnetlink, libnl, net_snmp, openssl, pkgconfig }:
+{ stdenv, fetchFromGitHub, fetchpatch, libnfnetlink, libnl, net_snmp, openssl, pkgconfig }:
 
 stdenv.mkDerivation rec {
   pname = "keepalived";
-  version = "1.4.2";
+  version = "1.4.5";
 
   src = fetchFromGitHub {
     owner = "acassen";
     repo = "keepalived";
     rev = "v${version}";
-    sha256 = "154yxs6kwpi9yc4pa45ba3z3bfwzgmmmja5nk3d9mxq6w6s1swcy";
+    sha256 = "12r80rcfxrys826flaqcdlfhcr7q4ccsd62ra1svy9545vf02qmx";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2018-19115.patch";
+      url = "https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9.patch";
+      sha256 = "1jnwk7x4qdgv7fb4jzw6sihv62n8wv04myhgwm2vxn8nfkcgd1mm";
+    })
+  ];
+
   buildInputs = [
     libnfnetlink
     libnl
diff --git a/pkgs/tools/networking/mu/default.nix b/pkgs/tools/networking/mu/default.nix
index ad49c5e6c32..bd035e8f03c 100644
--- a/pkgs/tools/networking/mu/default.nix
+++ b/pkgs/tools/networking/mu/default.nix
@@ -5,13 +5,13 @@
 
 stdenv.mkDerivation rec {
   pname = "mu";
-  version = "1.3.5";
+  version = "1.2";
 
   src = fetchFromGitHub {
     owner  = "djcb";
     repo   = "mu";
     rev    = version;
-    sha256 = "1g7rhgp405v7q9xx44k6jn3py4v73a9qjwhai6l459wdywdz1n3n";
+    sha256 = "0yhjlj0z23jw3cf2wfnl98y8q6gikvmhkb8vdm87bd7jw0bdnrfz";
   };
 
   # test-utils coredumps so don't run those
diff --git a/pkgs/tools/networking/network-manager/openconnect/default.nix b/pkgs/tools/networking/network-manager/openconnect/default.nix
index 7db0e59beab..3c1a8d11042 100644
--- a/pkgs/tools/networking/network-manager/openconnect/default.nix
+++ b/pkgs/tools/networking/network-manager/openconnect/default.nix
@@ -1,14 +1,31 @@
-{ stdenv, fetchurl, substituteAll, openconnect, intltool, pkgconfig, autoreconfHook, networkmanager, gcr, libsecret, file
-, gtk3, withGnome ? true, gnome3, kmod, fetchpatch }:
+{ stdenv
+, fetchurl
+, substituteAll
+, glib
+, libxml2
+, openconnect
+, intltool
+, pkgconfig
+, autoreconfHook
+, networkmanager
+, gcr
+, libsecret
+, file
+, gtk3
+, withGnome ? true
+, gnome3
+, kmod
+, fetchpatch
+}:
 
 let
-  pname   = "NetworkManager-openconnect";
+  pname = "NetworkManager-openconnect";
   version = "1.2.6";
 in stdenv.mkDerivation {
-  name    = "${pname}${if withGnome then "-gnome" else ""}-${version}";
+  name = "${pname}${if withGnome then "-gnome" else ""}-${version}";
 
   src = fetchurl {
-    url    = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
+    url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
     sha256 = "0nlp290nkawc4wqm978n4vhzg3xdqi8kpjjx19l855vab41rh44m";
   };
 
@@ -17,6 +34,7 @@ in stdenv.mkDerivation {
       src = ./fix-paths.patch;
       inherit kmod openconnect;
     })
+
     # Don't use etc/dbus-1/system.d
     (fetchpatch {
       url = "https://gitlab.gnome.org/GNOME/NetworkManager-openconnect/merge_requests/9.patch";
@@ -24,10 +42,22 @@ in stdenv.mkDerivation {
     })
   ];
 
-  buildInputs = [ openconnect networkmanager ]
-    ++ stdenv.lib.optionals withGnome [ gtk3 gcr libsecret ];
+  buildInputs = [
+    glib
+    libxml2
+    openconnect
+    networkmanager
+  ] ++ stdenv.lib.optionals withGnome [
+    gtk3
+    gcr
+    libsecret
+  ];
 
-  nativeBuildInputs = [ intltool pkgconfig file ];
+  nativeBuildInputs = [
+    intltool
+    pkgconfig
+    file
+  ];
 
   configureFlags = [
     "--with-gnome=${if withGnome then "yes" else "no"}"
@@ -43,7 +73,7 @@ in stdenv.mkDerivation {
   };
 
   meta = with stdenv.lib; {
-    description = "NetworkManager's OpenConnect plugin";
+    description = "NetworkManager’s OpenConnect plugin";
     inherit (networkmanager.meta) maintainers platforms;
     license = licenses.gpl2Plus;
   };
diff --git a/pkgs/tools/networking/openconnect/default.nix b/pkgs/tools/networking/openconnect/default.nix
index 7244653e493..a926ef1e1dd 100644
--- a/pkgs/tools/networking/openconnect/default.nix
+++ b/pkgs/tools/networking/openconnect/default.nix
@@ -1,8 +1,14 @@
-{ stdenv, fetchurl, pkgconfig, vpnc, openssl ? null, gnutls ? null, gmp, libxml2, stoken, zlib } :
+{ stdenv, fetchurl, pkgconfig, openssl ? null, gnutls ? null, gmp, libxml2, stoken, zlib, fetchgit, darwin } :
 
 assert (openssl != null) == (gnutls == null);
 
-stdenv.mkDerivation rec {
+let vpnc = fetchgit {
+  url = "git://git.infradead.org/users/dwmw2/vpnc-scripts.git";
+  rev = "c84fb8e5a523a647a01a1229a9104db934e19f00";
+  sha256 = "01xdclx0y3x66mpbdr77n4ilapwzjz475h32q88ml9gnq6phjxrs";
+};
+
+in stdenv.mkDerivation rec {
   pname = "openconnect";
   version = "8.05";
 
@@ -14,21 +20,22 @@ stdenv.mkDerivation rec {
   };
 
   outputs = [ "out" "dev" ];
-
+  
   configureFlags = [
-    "--with-vpnc-script=${vpnc}/etc/vpnc/vpnc-script"
+    "--with-vpnc-script=${vpnc}/vpnc-script"
     "--disable-nls"
     "--without-openssl-version-check"
   ];
 
+  buildInputs = [ openssl gnutls gmp libxml2 stoken zlib ]
+    ++ stdenv.lib.optional stdenv.isDarwin darwin.apple_sdk.frameworks.PCSC;
   nativeBuildInputs = [ pkgconfig ];
-  propagatedBuildInputs = [ vpnc openssl gnutls gmp libxml2 stoken zlib ];
 
-  meta = {
+  meta = with stdenv.lib; {
     description = "VPN Client for Cisco's AnyConnect SSL VPN";
     homepage = http://www.infradead.org/openconnect/;
-    license = stdenv.lib.licenses.lgpl21;
-    maintainers = with stdenv.lib.maintainers; [ pradeepchhetri ];
-    platforms = stdenv.lib.platforms.linux;
+    license = licenses.lgpl21;
+    maintainers = with maintainers; [ pradeepchhetri tricktron ];
+    platforms = stdenv.lib.platforms.linux ++ stdenv.lib.platforms.darwin;
   };
 }
diff --git a/pkgs/tools/networking/openvpn/update-systemd-resolved.nix b/pkgs/tools/networking/openvpn/update-systemd-resolved.nix
new file mode 100644
index 00000000000..ddb3cc8e377
--- /dev/null
+++ b/pkgs/tools/networking/openvpn/update-systemd-resolved.nix
@@ -0,0 +1,34 @@
+{ lib, stdenv, fetchFromGitHub
+, makeWrapper
+, iproute, systemd, coreutils, utillinux }:
+
+stdenv.mkDerivation rec {
+  pname = "update-systemd-resolved";
+  version = "1.3.0";
+
+  src = fetchFromGitHub {
+    owner = "jonathanio";
+    repo = "update-systemd-resolved";
+    rev = "v${version}";
+    sha256 = "19zhbpyms57yb70hi0ws5sbkpk2yqp9nnix3f86r36h1g93m70lm";
+  };
+
+  nativeBuildInputs = [ makeWrapper ];
+
+  buildFlags = [
+    "PREFIX=${placeholder "out"}/libexec/openvpn"
+  ];
+
+  installPhase = ''
+    wrapProgram $out/libexec/openvpn/update-systemd-resolved \
+      --prefix PATH : ${lib.makeBinPath [ iproute systemd coreutils utillinux ]}
+  '';
+
+  meta = with stdenv.lib; {
+    description = "Helper script for OpenVPN to directly update the DNS settings of a link through systemd-resolved via DBus";
+    homepage = https://github.com/jonathanio/update-systemd-resolved;
+    maintainers = with maintainers; [ eadwu ];
+    license = licenses.gpl3;
+    platforms = platforms.unix;
+  };
+}
diff --git a/pkgs/tools/networking/sshoogr/default.nix b/pkgs/tools/networking/sshoogr/default.nix
new file mode 100644
index 00000000000..764b34fc5a5
--- /dev/null
+++ b/pkgs/tools/networking/sshoogr/default.nix
@@ -0,0 +1,36 @@
+{ stdenv, fetchzip, jdk, makeWrapper }:
+
+stdenv.mkDerivation rec {
+  pname = "sshoogr";
+  version = "0.9.26";
+
+  src = fetchzip {
+    url = "https://repo1.maven.org/maven2/com/aestasit/infrastructure/${pname}/${pname}/${version}/${pname}-${version}.zip";
+    sha256 = "134qlx90y82g1rfxhyn12z9r2imm1l3fz09hrrn3pgcdcq5jz2s1";
+  };
+
+  nativeBuildInputs = [ makeWrapper ];
+
+  installPhase = ''
+    rm bin/sshoogr.bat
+    cp -r . $out
+    wrapProgram $out/bin/sshoogr \
+      --prefix JAVA_HOME : ${jdk}
+  '';
+
+  meta = with stdenv.lib; {
+    description = ''
+      A Groovy-based DSL for working with remote SSH servers
+    '';
+    longDescription = ''
+      The sshoogr (pronounced [ʃʊgə]) is a Groovy-based DSL library for working
+      with remote servers through SSH. The DSL allows: connecting, executing 
+      remote commands, copying files and directories, creating tunnels in a 
+      simple and concise way.
+    '';
+    homepage = "https://github.com/aestasit/sshoogr";
+    license = licenses.asl20;
+    platforms = platforms.all;
+    maintainers = with maintainers; [ moaxcp ];
+  };
+} 
diff --git a/pkgs/tools/networking/sshping/default.nix b/pkgs/tools/networking/sshping/default.nix
new file mode 100644
index 00000000000..20f0eaa7e47
--- /dev/null
+++ b/pkgs/tools/networking/sshping/default.nix
@@ -0,0 +1,31 @@
+{stdenv, fetchFromGitHub, libssh}:
+
+stdenv.mkDerivation rec {
+  pname = "sshping";
+  version = "0.1.4";
+
+  src = fetchFromGitHub {
+    owner = "spook";
+    repo = "sshping";
+    rev = "v${version}";
+    sha256 = "0p1fvpgrsy44yvj44xp9k9nf6z1fh0sqcjvy75pcb9f5icgms815";
+  };
+
+  buildInputs = [ libssh ];
+
+  buildPhase = ''
+      g++ -Wall -I ext/ -o bin/sshping src/sshping.cxx -lssh
+    '';
+
+  installPhase = ''
+      install -Dm755 bin/sshping $out/bin/sshping
+    '';
+
+  meta = with stdenv.lib; {
+    homepage = "https://github.com/spook/sshping";
+    description = "Measure character-echo latency and bandwidth for an interactive ssh session";
+    license = licenses.mit;
+    platforms = platforms.unix;
+    maintainers = with maintainers; [ jqueiroz ];
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-20 13:33:48 +0000