nixpkgs/pkgs/tools/networking/openconnect.nix
Bjørn Forsman 4d027a44f6 openconnect: update from 5.01 to 5.02 (CVE-2013-7098)
OpenConnect v5.02 - 2014-01-01:
* Fix XML POST issues with authgroups by falling back to old style login.
* Fix --cookie-on-stdin with cookies from ocserv.
* Fix reconnection to wrong host after redirect.
* Reduce limit of queued packets on DTLS socket, to fix VoIP latency.
* Fix Solaris build breakage due to missing <string.h> includes.
* Include path in <group-access> node.
* Include supporting CA certificates from PKCS#11 tokens (with GnuTLS 3.2.7+).
* Fix possible heap overflow if MTU is increased on reconnection (CVE-2013-7098).
2014-01-25 13:21:44 +01:00

27 lines
678 B
Nix

{ stdenv, fetchurl, pkgconfig, vpnc, openssl, libxml2 } :
stdenv.mkDerivation rec {
name = "openconnect-5.02";
src = fetchurl {
urls = [
"ftp://ftp.infradead.org/pub/openconnect/${name}.tar.gz"
];
sha256 = "1y7dn42gd3763sgwv2j72xy9hsikd6y9x142g84kwdbn0y0psgi4";
};
preConfigure = ''
export PKG_CONFIG=${pkgconfig}/bin/pkg-config
export LIBXML2_CFLAGS="-I ${libxml2}/include/libxml2"
export LIBXML2_LIBS="-L${libxml2}/lib -lxml2"
'';
configureFlags = [
"--with-vpnc-script=${vpnc}/etc/vpnc/vpnc-script"
"--disable-nls"
"--without-openssl-version-check"
];
propagatedBuildInputs = [ vpnc openssl libxml2 ];
}