tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / tools / networking / openvpn / openvpn-auth-ldap.nix
at devShellTools-shell 77 lines 1.7 kB view raw
1{ 2 lib, 3 stdenv, 4 fetchFromGitHub, 5 fetchpatch2, 6 autoreconfHook, 7 gnustep-base, 8 re2c, 9 openldap, 10 openssl, 11 openvpn, 12}: 13 14stdenv.mkDerivation rec { 15 pname = "openvpn-auth-ldap"; 16 version = "2.0.4"; 17 18 src = fetchFromGitHub { 19 owner = "threerings"; 20 repo = "openvpn-auth-ldap"; 21 rev = "auth-ldap-${version}"; 22 sha256 = "1j30sygj8nm8wjqxzpb7pfzr3dxqxggswzxd7z5yk7y04c0yp1hb"; 23 }; 24 25 patches = [ 26 ./auth-ldap-fix-conftest.patch 27 (fetchpatch2 { 28 name = "fix-cve-2024-28820"; 29 url = "https://patch-diff.githubusercontent.com/raw/threerings/openvpn-auth-ldap/pull/92.patch"; 30 hash = "sha256-SXuo1D/WywKO5hCsmoeDdTsR7EelxFxJAKmlAQJ6vuE="; 31 }) 32 ]; 33 34 # clang > 17 dropped support for `-export-dynamic` but `-rdynamic` does the 35 # same thing 36 postPatch = '' 37 substituteInPlace platform.m4 \ 38 --replace-fail -export-dynamic -rdynamic 39 ''; 40 41 nativeBuildInputs = [ 42 autoreconfHook 43 re2c 44 ]; 45 46 buildInputs = [ 47 openldap 48 openssl 49 openvpn 50 gnustep-base 51 ]; 52 53 configureFlags = [ 54 "--with-objc-runtime=GNU" 55 "--with-openvpn=${openvpn}/include" 56 "--libdir=$(out)/lib/openvpn" 57 ]; 58 59 doCheck = true; 60 61 preInstall = '' 62 mkdir -p $out/lib/openvpn $out/share/doc/openvpn/examples 63 cp README.md $out/share/doc/openvpn/ 64 cp auth-ldap.conf $out/share/doc/openvpn/examples/ 65 ''; 66 67 meta = with lib; { 68 description = "LDAP authentication plugin for OpenVPN"; 69 homepage = "https://github.com/threerings/openvpn-auth-ldap"; 70 license = [ 71 licenses.asl20 72 licenses.bsd3 73 ]; 74 maintainers = [ maintainers.benley ]; 75 platforms = platforms.unix; 76 }; 77}