diff options
Diffstat (limited to 'nixpkgs/pkgs/applications/networking/mullvad/openvpn.nix')
-rw-r--r-- | nixpkgs/pkgs/applications/networking/mullvad/openvpn.nix | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/applications/networking/mullvad/openvpn.nix b/nixpkgs/pkgs/applications/networking/mullvad/openvpn.nix new file mode 100644 index 000000000000..b191c31d39ac --- /dev/null +++ b/nixpkgs/pkgs/applications/networking/mullvad/openvpn.nix @@ -0,0 +1,87 @@ +{ lib +, openvpn +, fetchpatch +, fetchurl +, iproute2 +, autoconf +, automake +}: + +openvpn.overrideAttrs (oldAttrs: + let + fetchMullvadPatch = { commit, sha256 }: fetchpatch { + url = "https://github.com/mullvad/openvpn/commit/${commit}.patch"; + inherit sha256; + }; + in + rec { + pname = "openvpn-mullvad"; + version = "2.5.3"; + + src = fetchurl { + url = "https://swupdate.openvpn.net/community/releases/openvpn-${version}.tar.gz"; + sha256 = "sha256-dfAETfRJQwVVynuZWit3qyTylG/cNmgwG47cI5hqX34="; + }; + + buildInputs = oldAttrs.buildInputs or [ ] ++ [ + iproute2 + ]; + + configureFlags = oldAttrs.configureFlags or [ ] ++ [ + "--enable-iproute2" + "IPROUTE=${iproute2}/sbin/ip" + ]; + + nativeBuildInputs = oldAttrs.nativeBuildInputs or [ ] ++ [ + autoconf + automake + ]; + + patches = oldAttrs.patches or [ ] ++ [ + # look at compare to find the relevant commits + # https://github.com/OpenVPN/openvpn/compare/release/2.5...mullvad:mullvad-patches + # used openvpn version is the latest tag ending with -mullvad + # https://github.com/mullvad/openvpn/tags + (fetchMullvadPatch { + # "Reduce PUSH_REQUEST_INTERVAL to one second" + commit = "41e44158fc71bb6cc8cc6edb6ada3307765a12e8"; + sha256 = "sha256-UoH0V6gTPdEuybFkWxdaB4zomt7rZeEUyXs9hVPbLb4="; + }) + (fetchMullvadPatch { + # "Allow auth plugins to set a failure reason" + commit = "f51781c601e8c72ae107deaf25bf66f7c193e9cd"; + sha256 = "sha256-+kwG0YElL16T0e+avHlI8gNQdAxneRS6fylv7QXvC1s="; + }) + (fetchMullvadPatch { + # "Send an event to any plugins when authentication fails" + commit = "c2f810f966f2ffd68564d940b5b8946ea6007d5a"; + sha256 = "sha256-PsKIxYwpLD66YaIpntXJM8OGcObyWBSAJsQ60ojvj30="; + }) + (fetchMullvadPatch { + # "Shutdown when STDIN is closed" + commit = "879d6a3c0288b5443bbe1b94261655c329fc2e0e"; + sha256 = "sha256-pRFY4r+b91/xAKXx6u5GLzouQySXuO5gH0kMGm77a3c="; + }) + (fetchMullvadPatch { + # "Update TAP hardware ID" + commit = "7f71b37a3b25bec0b33a0e29780c222aef869e9d"; + sha256 = "sha256-RF/GvD/ZvhLdt34wDdUT/yxa+IVWx0eY6WRdNWXxXeQ="; + }) + (fetchMullvadPatch { + # "Undo dependency on Python docutils" + commit = "abd3c6214529d9f4143cc92dd874d8743abea17c"; + sha256 = "sha256-SC2RlpWHUDMAEKap1t60dC4hmalk3vok6xY+/xhC2U0="; + }) + (fetchMullvadPatch { + # "Prevent signal when stdin is closed from being cleared (#10)" + commit = "b45b090c81e7b4f2dc938642af7a1e12f699f5c5"; + sha256 = "sha256-KPTFmbuJhMI+AvaRuu30CPPLQAXiE/VApxlUCqbZFls="; + }) + ]; + + meta = oldAttrs.meta or { } // { + description = "OpenVPN with Mullvad-specific patches applied"; + homepage = "https://github.com/mullvad/openvpn"; + maintainers = with lib; [ maintainers.cole-h ]; + }; + }) |