diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /net-proxy/dante |
reinit the tree, so we can have metadata
Diffstat (limited to 'net-proxy/dante')
-rw-r--r-- | net-proxy/dante/Manifest | 18 | ||||
-rw-r--r-- | net-proxy/dante/dante-1.4.1-r1.ebuild | 102 | ||||
-rw-r--r-- | net-proxy/dante/files/dante-1.3.2-sockd-init | 56 | ||||
-rw-r--r-- | net-proxy/dante/files/dante-1.4.0-HAVE_SENDBUF_IOCTL.patch | 11 | ||||
-rw-r--r-- | net-proxy/dante/files/dante-1.4.0-cflags.patch | 32 | ||||
-rw-r--r-- | net-proxy/dante/files/dante-1.4.0-osdep-format-macro.patch | 15 | ||||
-rw-r--r-- | net-proxy/dante/files/dante-1.4.0-socksify.patch | 27 | ||||
-rw-r--r-- | net-proxy/dante/files/dante-1.4.1-miniupnp14.patch | 14 | ||||
-rw-r--r-- | net-proxy/dante/files/dante-1.4.1-sigpwr-siginfo.patch | 26 | ||||
-rw-r--r-- | net-proxy/dante/files/dante-sockd-conf | 13 | ||||
-rw-r--r-- | net-proxy/dante/files/dante-sockd.service | 9 | ||||
-rw-r--r-- | net-proxy/dante/files/sockd.conf | 243 | ||||
-rw-r--r-- | net-proxy/dante/files/sockd.conf-with-libwrap.patch | 41 | ||||
-rw-r--r-- | net-proxy/dante/files/sockd.conf-with-pam.patch | 12 | ||||
-rw-r--r-- | net-proxy/dante/files/socks.conf | 127 | ||||
-rw-r--r-- | net-proxy/dante/metadata.xml | 6 |
16 files changed, 752 insertions, 0 deletions
diff --git a/net-proxy/dante/Manifest b/net-proxy/dante/Manifest new file mode 100644 index 000000000000..39f25cd7dea6 --- /dev/null +++ b/net-proxy/dante/Manifest @@ -0,0 +1,18 @@ +AUX dante-1.3.2-sockd-init 1639 SHA256 53e0fa62ec85eec0020c2aacd1327716f34f9e77021886ca8fd4c61e1d3ef1c0 SHA512 8ee0b47ecc6bb882fb76e6212e7fbc39394450d64a34ee6b3b965cb0197dfe88e3d37b4f0f33b005ff6a4898d7205250835dca412cc9f735f4c02b3d395df945 WHIRLPOOL 147d1902533dc7b6c48363763f1ba7c707785490ff99c39dfc937edf593da8f29dd702807bb31272df9ec0f39b6d887cd06c186b839f123944beee58cec4242a +AUX dante-1.4.0-HAVE_SENDBUF_IOCTL.patch 360 SHA256 41cd1edfbd9ca40c62fe71b63f5365884bda37c3b80baa03a098e470084c863d SHA512 83c5778c184cb0631e9d0ba62b970deab40747c1db40b59e2e63eac7ce7de620e372e7236b435ffcfa793a401c337290afac75991f324e1572ec4871ba3b507b WHIRLPOOL e86afa3aa961c30e15e385ad4535e132e402021ce7b74ab5023e43cf4ef51d987c157ade687b35ac98cfab92fa9ae51b6641c3dbd730f2840eb0144852077b0d +AUX dante-1.4.0-cflags.patch 1182 SHA256 cacc63d0ef7d34856f38d1cf5aae58e2c5ec5884d3bfc9798737370ea9368dcb SHA512 436508a1f440b5bc7bf9ef2a2fdb32023c4fb7066ec0f132a90fd19de1d80d44f94dca0ae49067f4c4b565eaededf99bed44b0d7807e4698a9b0264a7be47775 WHIRLPOOL 559c5275e9a5528b3300c0c797f53f93cf547b35a4ee04cbb3a70d4ecb2485979880940bef5882ff240ecb778a457ee4c211b81961a9ea23886b444f46691673 +AUX dante-1.4.0-osdep-format-macro.patch 517 SHA256 b4f2fc60661aa2bff934c2f49ec156359dbccb92a3c499c703f4c98283a95705 SHA512 db3a0670562b563aecf182e70fea4df721097aa66d32d383c3b999dd2c6c01b8294491392efbe51ad82a162e7f446f4196b33a6d92f22c942777f0d5d52bdd86 WHIRLPOOL 453c4e9727301adbce5ad07403863c33e6f87230fc2cb7875b2098284384ba82532709b1b59640425983938d3ba1751702b3c072cb31cabbe137e44a466d3838 +AUX dante-1.4.0-socksify.patch 1203 SHA256 4ee5e22067ef6b3cd5bfaf1774bb19940e1ae8dda8dc8cce198789fc871ba7ba SHA512 ba118ede7b87b8c4c0973053827515762d1bd0aff846dcb17696d930228eb6e6d2fe199f47ff739420420a6d67a72187fe9d864ac74d4653f40a658278675a5a WHIRLPOOL edaa3c7a3c0971cca033df18949568c0bb0f4a8cd37d3f9fae6f8a5f2cb99619954a8eadddc38fdc2b10ca1252547d5f423aca89c93c22826369e3da36848e44 +AUX dante-1.4.1-miniupnp14.patch 475 SHA256 6ac365d0fd968a2e4f667a522cab842e1b88981a18a835e37bdd1d07f0bbf695 SHA512 54d6e6128d925b7f7fbc3efda8f9a5fb5ef09e6eafc5dc1fd25b33e942376a3989df2c4d9b1f33d90741ac71f9986fcc956dbc81238130e2d3fd52d0366a9c91 WHIRLPOOL b643ae302b130a37ba870c6ddf2ae0b6748decdbdb48f8437b1b1690edca15afb8b0b0e40de4629d5c515448cdc6f4c3f38039a2c360bdfdccd867f96fd04380 +AUX dante-1.4.1-sigpwr-siginfo.patch 554 SHA256 27ff872b9a58d13b63198aa98c031e7aa4ad7392cc5b56212fb5e4d118daa34c SHA512 86a69630ea74ccd642f9ed9672d2f13cc0cf9c5fb1871d53227ac022043cbfc385bdfa50fc698dbf3afd73e680083a69b5b60827401bf6325b3c993a8b143d81 WHIRLPOOL 5ad24252dce2dca700da9db59e231cee1df75b1ee5898bb597452c82c3407b8a1d3f2443985b53873435c48ed9c0e02a2ccbf6c55cc4f066679d7f2d196453e3 +AUX dante-sockd-conf 350 SHA256 8eea254a0ad9202e501becf2474d54dd779bf4c21b70ded0bc9362cd68afe6c1 SHA512 c9dd0982dc6893fdb6160279531d431255bd97011b6351a09d28db6c0db15886ebb323f62afc960b621455a24940c8f4baed409b4bc3c791bd3f3fe6104b30bc WHIRLPOOL a87324fb5216c8923c88408fde16d3c78b4242a518519bde37c8246defe172a1827300522e8a438944c74d08ea22ddc16a38be0529920aa5bcea6fdeae12a5bb +AUX dante-sockd.service 167 SHA256 81e3dd10ca13fd022905147000661598a3fd6183998a2f7068e66af3c4c7cb53 SHA512 0acc71e1ab429d38c61db45dc5eb3c9ea58d822eefc83912ae9d569486eb281184f07183a40754eaf6e4f6f67c46a3683629734d6333767623d702f98bc720de WHIRLPOOL 6b6258f43872a8344cfd4b418846092d0f63e6de9f769793f721b027fd69c7c7c84d3839d60dd9f4a67a7c6994fcb47a569fbf10189cb08f7f95715224fd57e4 +AUX sockd.conf 7031 SHA256 3ea0e08ee7e5b018d1df1b83af92fb6051fb44a486e0822e28775d104bfcfee7 SHA512 a443ea203aefd3ed51b10c7140dde2fc64dfa31c2fb08539a45353ab77daea42c63b160c276f0ef9e4c683032260f93228af64db83ade7476ff6d353b63dec19 WHIRLPOOL 130a0a017071129061d6ca6987448d51c515785f3802e18b99f7df0150e41d8e03b2f2d88dea21769d5ec0d544d9d82eaccd813c86a1360881598a453f7e6e7f +AUX sockd.conf-with-libwrap.patch 870 SHA256 ba4bb30ad5933b890d1b09c6468708f37abf012de3f8696482d1c46c5c1f2978 SHA512 087cec0bcdfb989e6cbcb0c7006ae014b7e94fe268f68e1e6516dbb034f9e7e64523ea7edab669433eb16faeb4f6232a9794c401acd2eacce08e1b560469315f WHIRLPOOL edeb4b19ff5d39cd889777bc417b36d3d6d1ab7eaf4e926a239968253260bdb502b7f3b68354556f4ac33b37cd9e18af5dbbaf3c11cac570a7dae3f01b1f5367 +AUX sockd.conf-with-pam.patch 295 SHA256 e67499de8b976e17a9c7c0556e999e03f4bf06e8e57b78ba6dd41a128de0b719 SHA512 78728605362360650e6a20869744fc941782b75d149c0835542faaad931104cb32dda56de77a7b4f9a4fa683053139c551bcf77607a047fb1be68b6da9388630 WHIRLPOOL aa68139d3766446d43987eab1d4f2d9b22deb0e0eb3acbfcd9adb198f359b1c039eb71f07359362e9d99fe64f5194103c8fa77b603d8b7aac882926dea93d271 +AUX socks.conf 4185 SHA256 3dc8c06ca5a8309015c495ea50f62097ee6a605ac262665ffa5f19e0e8a5a9d8 SHA512 d15ea77e20ad750f10285a42c9c6305cbed48313dea205139d8cf59fda4a4640bdd5c5bd2c295b32e0015b774d463f9ad34fa5a22fb188ae921dba1a533553eb WHIRLPOOL e7c39b3f9711f2a6f32d3a7d7c44bc0105d1dc236ae2b51be7257a38dc15f211a38a44c0869fbee4c381dacf946da88909b85b91a7628aeaadab737f2169d480 +DIST dante-1.4.1.tar.gz 1284288 SHA256 b6d232bd6fefc87d14bf97e447e4fcdeef4b28b16b048d804b50b48f261c4f53 SHA512 1c8e2966ba68c8584fb99ff76ae1d9c8dfe669c7e5e61c7e6e7f87295d1280c3e7849491a6369ce27795040f951dcc11f4f2b3d7e46c54219594c89315d0487e WHIRLPOOL ab59762ac2f429cb32afd98b396e432f9c62260dd69e8f96d384491cd8620f6530537dcaaf4c39270d0d2448ef06e85cd9018dcc93bb2366e5e8d6606be57b23 +EBUILD dante-1.4.1-r1.ebuild 2711 SHA256 557388cca6bddeae049c86ca635d054751f543b20410d35a55b5638c8705479f SHA512 fb363b62d29109c375a0a9c7287a23ab7ef791582de0d10b61d46aa41cb394a68b1d5435617f9aa4ad837597e1b77f85d405f2b805a2b562fb1a24f70785e95d WHIRLPOOL f22f499385282d124a7ac9c1063b09f5c1f3aa85088945da8d078eab35eac0b2f3f64392638b7a5d35a0e470f7485f61ae8d8ea8bc5148b1b45f0296206a5c43 +MISC ChangeLog 3720 SHA256 bb93cb2fec8b7fd5954be47aaf0670b02dbdff47d3ac81bded7afe93f8f1137d SHA512 cee742e432a25dc329be009d995bf719e74c51d433c17b35892e0828f0582866714a585935622718dc228b3928a949cd5be5b06a4000b405635e699fa828d131 WHIRLPOOL 57a53019118e54f71ec8fc140f6fb98b8444c7984df706648310a2f60cec8681e3abb4d96dec0ff8d91ca5a579e77ce22183df6424ce0f97cde6c35f62b64065 +MISC ChangeLog-2015 20345 SHA256 6183c55c4c272f0c54ddd472431cc9a284d1ff9208458358fee2fc1b256e0058 SHA512 d47b36e0e68b85712aafe77ea8e85db6725238ea5c41f4e942172459fa8e6c461ad527dd0a3ec1631ff6a8d109ff18d33ef6f33e4b55fc36ac0275089b8ff167 WHIRLPOOL 0af338728c8b50c1b874f7ba7ab4974483fb3291100b0fe64d9a863b0add4237735587a562a5f324e93868fbeacb9b3ae8c22eca4b5e8b5e7d86d2ffbdaacd1d +MISC metadata.xml 296 SHA256 e35ccee1819ae9b8d6b97ba99f2e556c72f2ff44861dbe6349feb3de301dae72 SHA512 af311f739f67a9e4d7386aa2ba575f2d0ba5e6d1cd9710dc107876c6876a05ce301568da03c4287e2557665d1ca5cba174ca31b41c6788b1f1300c2fed9005ab WHIRLPOOL ea484488db3fd5738901342406deace73db6ee8b9267480a190c3e35937620c0771226b0ef9b94277d94a770d8d92125b0c883c13c3fa37416a784bfeaaf0a6e diff --git a/net-proxy/dante/dante-1.4.1-r1.ebuild b/net-proxy/dante/dante-1.4.1-r1.ebuild new file mode 100644 index 000000000000..1bc434301f67 --- /dev/null +++ b/net-proxy/dante/dante-1.4.1-r1.ebuild @@ -0,0 +1,102 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +inherit autotools ltprune systemd user + +DESCRIPTION="A free socks4,5 and msproxy implementation" +HOMEPAGE="https://www.inet.no/dante/" +SRC_URI="https://www.inet.no/dante/files/${P}.tar.gz" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd" +IUSE="debug kerberos pam selinux static-libs tcpd upnp" + +CDEPEND=" + kerberos? ( virtual/krb5 ) + pam? ( virtual/pam ) + tcpd? ( sys-apps/tcp-wrappers ) + upnp? ( net-libs/miniupnpc:= ) + userland_GNU? ( virtual/shadow ) +" +DEPEND="${CDEPEND} + sys-devel/bison + sys-devel/flex +" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-dante ) +" + +DOCS="BUGS CREDITS NEWS README SUPPORT doc/README* doc/*.txt doc/SOCKS4.protocol" + +PATCHES=( + "${FILESDIR}"/${PN}-1.4.0-socksify.patch + "${FILESDIR}"/${PN}-1.4.0-osdep-format-macro.patch + "${FILESDIR}"/${PN}-1.4.0-cflags.patch + "${FILESDIR}"/${PN}-1.4.0-HAVE_SENDBUF_IOCTL.patch + "${FILESDIR}"/${PN}-1.4.1-sigpwr-siginfo.patch #517528 + "${FILESDIR}"/${PN}-1.4.1-miniupnp14.patch #564680 +) + +src_prepare() { + default + + sed -i \ + -e 's:/etc/socks\.conf:"${EPREFIX}"/etc/socks/socks.conf:' \ + -e 's:/etc/sockd\.conf:"${EPREFIX}"/etc/socks/sockd.conf:' \ + doc/{socksify.1,socks.conf.5,sockd.conf.5,sockd.8} \ + || die + + sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:' configure.ac || die + + eautoreconf +} + +src_configure() { + # hardcoded the libc name otherwise the scan on a amd64 multilib system + # ends up finding /usr/lib32/libc.so.5. That cascades and causes the + # preload/libdsocks to not be built. + econf \ + --with-socks-conf="${EPREFIX}"/etc/socks/socks.conf \ + --with-sockd-conf="${EPREFIX}"/etc/socks/sockd.conf \ + --enable-preload \ + --enable-clientdl \ + --enable-serverdl \ + --enable-drt-fallback \ + --with-libc=libc.so.6 \ + $(use_enable debug) \ + $(use_with kerberos gssapi) \ + $(use_with pam) \ + $(use_with upnp) \ + $(use_enable static-libs static) \ + $(use_with tcpd libwrap) +} + +src_install() { + default + + # default configuration files + insinto /etc/socks + doins "${FILESDIR}"/sock?.conf + pushd "${ED}"/etc/socks > /dev/null + use pam && eapply -p0 "${FILESDIR}"/sockd.conf-with-pam.patch + use tcpd && eapply -p0 "${FILESDIR}"/sockd.conf-with-libwrap.patch + popd > /dev/null + + # init script + newinitd "${FILESDIR}"/${PN}-1.3.2-sockd-init dante-sockd + newconfd "${FILESDIR}"/dante-sockd-conf dante-sockd + + systemd_dounit "${FILESDIR}"/dante-sockd.service + + # example configuration files + docinto examples + dodoc example/*.conf + + prune_libtool_files +} + +pkg_postinst() { + enewuser sockd -1 -1 /etc/socks daemon +} diff --git a/net-proxy/dante/files/dante-1.3.2-sockd-init b/net-proxy/dante/files/dante-1.3.2-sockd-init new file mode 100644 index 000000000000..5d1f66727da3 --- /dev/null +++ b/net-proxy/dante/files/dante-1.3.2-sockd-init @@ -0,0 +1,56 @@ +#!/sbin/openrc-run +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +SOCKD_OPT="" +[ "${SOCKD_FORKDEPTH:-1}" -gt 1 ] && SOCKD_OPT="${SOCKD_OPT} -N ${SOCKD_FORKDEPTH}" +[ "${SOCKD_DEBUG:-0}" -eq 1 ] && SOCKD_OPT="${SOCKD_OPT} -d" +[ "${SOCKD_DISABLE_KEEPALIVE:-0}" -eq 1 ] && SOCKD_OPT="${SOCKD_OPT} -n" +PIDFILE=/var/run/sockd.pid +SOCKDIR=/var/lock/dante-sockd/ + +depend() { + need net +} + +checkconfig() { + # first check that it exists + if [ ! -f /etc/socks/sockd.conf ] ; then + eerror "You need to setup /etc/socks/sockd.conf first" + eerror "Examples are in /usr/share/doc/dante[version]/example" + eerror "for more info, see: man sockd.conf" + return 1 + fi + + /usr/sbin/sockd -V >/tmp/dante-sockd.checkconf 2>&1 + if [ $? -ne 0 ]; then + cat /tmp/dante-sockd.checkconf + eerror "Something is wrong with your configuration file" + eerror "for more info, see: man sockd.conf" + return 1 + fi + rm /tmp/dante-sockd.checkconf + + DAEMON_UID=`sed -e '/^[ \t]*user[.]notprivileged[ \t]*:/{s/.*:[ \t]*//;q};d' /etc/socks/sockd.conf` + if [ -n "$DAEMON_UID" ]; then + [ ! -d $SOCKDIR ] && mkdir $SOCKDIR && chown $DAEMON_UID $SOCKDIR + [ ! -f $SOCKDIR/.keep ] && touch $SOCKDIR/.keep + fi + + return 0 +} + +start() { + checkconfig || return 1 + ebegin "Starting dante sockd" + start-stop-daemon --start --quiet \ + --background --pidfile $PIDFILE --make-pidfile --env TMPDIR=$SOCKDIR \ + --exec /usr/sbin/sockd -- ${SOCKD_OPT} >/dev/null 2>&1 + eend $? "Failed to start sockd" +} + +stop() { + ebegin "Stopping dante sockd" + start-stop-daemon --stop --quiet --pidfile $PIDFILE + eend $? "Failed to stop sockd" +} diff --git a/net-proxy/dante/files/dante-1.4.0-HAVE_SENDBUF_IOCTL.patch b/net-proxy/dante/files/dante-1.4.0-HAVE_SENDBUF_IOCTL.patch new file mode 100644 index 000000000000..d8e2c220ce92 --- /dev/null +++ b/net-proxy/dante/files/dante-1.4.0-HAVE_SENDBUF_IOCTL.patch @@ -0,0 +1,11 @@ +--- a/libscompat.m4 ++++ b/libscompat.m4 +@@ -373,7 +373,7 @@ + + return 0; + }], [AC_MSG_RESULT(yes) +- AC_DEFINE(HAVE_SENDBUF_IOCTL, TIOCOUTQ, [send buffer data]) ++ AC_DEFINE(HAVE_SENDBUF_IOCTL, 1, [send buffer data]) + AC_DEFINE(SENDBUF_IOCTLVAL, TIOCOUTQ, [send buffer ioctl])], + [AC_MSG_RESULT(no)])], + [dnl assume no when cross-compiling diff --git a/net-proxy/dante/files/dante-1.4.0-cflags.patch b/net-proxy/dante/files/dante-1.4.0-cflags.patch new file mode 100644 index 000000000000..eccb64a5d7d8 --- /dev/null +++ b/net-proxy/dante/files/dante-1.4.0-cflags.patch @@ -0,0 +1,32 @@ +The upstream code tries to remove -g from CFLAGS, but the logic also matches +the -g in the middle of flags, like: +-frecord-gcc-switches => -frecordcc-switches +-ggdb3 => ggdb3 +Both of which cause GCC to fail horribly! + +Fix the grep & sed to only match standalone instances. + +Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> + +diff -Nuar dante-1.4.0.orig/compiler.m4 dante-1.4.0/compiler.m4 +--- dante-1.4.0.orig/compiler.m4 2013-10-24 13:20:23.000000000 -0700 ++++ dante-1.4.0/compiler.m4 2014-01-05 15:18:03.544336373 -0800 +@@ -375,14 +375,14 @@ + gcc) + if test x"$aixldbug" != x; then + #disable debug info +- if echo $CFLAGS | grep -- "-g" >/dev/null; then +- CFLAGS="`echo $CFLAGS | sed -e 's/-g//g'`" ++ if echo $CFLAGS | grep -w -- "-g" >/dev/null; then ++ CFLAGS="`echo $CFLAGS | sed -e 's/\<-g\>//g'`" + fi + CFLAGS="$CFLAGS${CFLAGS:+ }-g0" + else + #use -ggdb also when not debugging +- if echo $CFLAGS | grep -- "-g" >/dev/null; then +- CFLAGS="`echo $CFLAGS | sed -e 's/-g//g'`" ++ if echo $CFLAGS | grep -w -- "-g" >/dev/null; then ++ CFLAGS="`echo $CFLAGS | sed -e 's/\<-g\>//g'`" + fi + CFLAGS="$CFLAGS${CFLAGS:+ }-ggdb" + fi diff --git a/net-proxy/dante/files/dante-1.4.0-osdep-format-macro.patch b/net-proxy/dante/files/dante-1.4.0-osdep-format-macro.patch new file mode 100644 index 000000000000..02a0d916e563 --- /dev/null +++ b/net-proxy/dante/files/dante-1.4.0-osdep-format-macro.patch @@ -0,0 +1,15 @@ +diff -Nuar --exclude '*.orig' --exclude '*.rej' dante-1.4.0.orig/include/osdep.h dante-1.4.0/include/osdep.h +--- dante-1.4.0.orig/include/osdep.h 2013-10-27 08:24:41.000000000 -0700 ++++ dante-1.4.0/include/osdep.h 2014-01-05 15:06:45.346071952 -0800 +@@ -254,9 +254,9 @@ + #endif /* HAVE_DECL_NONNULL */ + + #if HAVE_DECL_FORMAT +-#define FORMAT(x, y, z) format(x, y, z) ++#define FORMAT(...) format(__VA_ARGS__) + #else +-#define FORMAT(x, y, z) ++#define FORMAT(...) + #endif /* HAVE_DECL_FORMAT */ + + #if HAVE_DECL_BOUNDED diff --git a/net-proxy/dante/files/dante-1.4.0-socksify.patch b/net-proxy/dante/files/dante-1.4.0-socksify.patch new file mode 100644 index 000000000000..2063327b42c5 --- /dev/null +++ b/net-proxy/dante/files/dante-1.4.0-socksify.patch @@ -0,0 +1,27 @@ +diff -Nuar --exclude '*.orig' --exclude '*.rej' dante-1.4.0.orig/bin/socksify.in dante-1.4.0/bin/socksify.in +--- dante-1.4.0.orig/bin/socksify.in 2013-10-27 08:24:41.000000000 -0700 ++++ dante-1.4.0/bin/socksify.in 2014-01-05 15:04:32.495670262 -0800 +@@ -53,7 +53,7 @@ + exit 1 + fi + +-SOCKSIFY_PRELOAD_LIBS="@SOCKSIFY_PRELOAD_LIBS@" ++#SOCKSIFY_PRELOAD_LIBS="@SOCKSIFY_PRELOAD_LIBS@" + SOCKS_LIBDIR="${SOCKS_LIBDIR:-@LIBRARY_PREFIX@}" + + #platform that requires full path to libdsocks? +@@ -82,8 +82,12 @@ + @PRELOAD_VARIABLE@="${LIBRARY}${SOCKSIFY_PRELOAD_LIBS:+${PRELOAD_SEPERATOR}}${SOCKSIFY_PRELOAD_LIBS}${PRELOAD_POSTFIX:+${PRELOAD_SEPERATOR}}${PRELOAD_POSTFIX}" + export @PRELOAD_VARIABLE@ + +-LD_LIBRARY_PATH="${SOCKS_LIBDIR}${LD_LIBRARY_PATH:+:}${LD_LIBRARY_PATH}" +-export LD_LIBRARY_PATH ++# There is no reason to set LD_LIBRARY_PATH, at least on Linux, where ++# LD_PRELOAD can contain a full path to the library. Setting the ++# following breaks socksify on Linux/Alpha at least with ++# binutils-2.14.90.0.7-r3 (08 Dec 2003 agriffis) ++#LD_LIBRARY_PATH="${SOCKS_LIBDIR}${LD_LIBRARY_PATH:+:}${LD_LIBRARY_PATH}" ++#export LD_LIBRARY_PATH + + #SunOS 64-bit library path + if test x"@ISA64DIR@" != x; then diff --git a/net-proxy/dante/files/dante-1.4.1-miniupnp14.patch b/net-proxy/dante/files/dante-1.4.1-miniupnp14.patch new file mode 100644 index 000000000000..1e952ad18b7d --- /dev/null +++ b/net-proxy/dante/files/dante-1.4.1-miniupnp14.patch @@ -0,0 +1,14 @@ +Index: dante-1.4.1/lib/upnp.c +=================================================================== +--- dante-1.4.1.orig/lib/upnp.c ++++ dante-1.4.1/lib/upnp.c +@@ -156,6 +156,9 @@ socks_initupnp(gw, emsg, emsglen) + 0 + #if HAVE_LIBMINIUPNP17 + ,0, ++#if MINIUPNPC_API_VERSION >= 14 /* adds ttl */ ++ 2, ++#endif + &rc + #endif /* HAVE_LIBMINIUPNP17 */ + ); diff --git a/net-proxy/dante/files/dante-1.4.1-sigpwr-siginfo.patch b/net-proxy/dante/files/dante-1.4.1-sigpwr-siginfo.patch new file mode 100644 index 000000000000..86d54d6a37cb --- /dev/null +++ b/net-proxy/dante/files/dante-1.4.1-sigpwr-siginfo.patch @@ -0,0 +1,26 @@ +Description: Make sure SIGPWR is not the same as SIGINFO + Avoid a duplicate case value in a switch statement on e.g. Alpha. +Forwarded: not-yet +Author: Peter Pentchev <roam@ringlet.net> +Last-Update: 2016-04-11 + +--- a/lib/tostring.c ++++ b/lib/tostring.c +@@ -1551,7 +1551,17 @@ + return "SIGPROF"; + #endif /* SIGPROF */ + ++#undef NEED_SIGPWR ++ + #ifdef SIGPWR ++#ifndef SIGINFO ++#define NEED_SIGPWR ++#elif SIGINFO != SIGPWR ++#define NEED_SIGPWR ++#endif ++#endif ++ ++#ifdef NEED_SIGPWR + case SIGPWR: + return "SIGPWR"; + #endif /* SIGPWR */ diff --git a/net-proxy/dante/files/dante-sockd-conf b/net-proxy/dante/files/dante-sockd-conf new file mode 100644 index 000000000000..e817a07a289c --- /dev/null +++ b/net-proxy/dante/files/dante-sockd-conf @@ -0,0 +1,13 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +# Number of processes to fork off +# 1 is plenty for most users +# increment SLOWLY for bigger demand +SOCKD_FORKDEPTH=1 + +# set this to 1 to enable debug +SOCKD_DEBUG=0 + +# disable TCP keepalive for better resource usage +SOCKD_DISABLE_KEEPALIVE=1 diff --git a/net-proxy/dante/files/dante-sockd.service b/net-proxy/dante/files/dante-sockd.service new file mode 100644 index 000000000000..647a2dcc8cd8 --- /dev/null +++ b/net-proxy/dante/files/dante-sockd.service @@ -0,0 +1,9 @@ +[Unit] +Description=SOCKS v4 and v5 compatible proxy server and client +After=network.target + +[Service] +ExecStart=/usr/sbin/sockd + +[Install] +WantedBy=multi-user.target diff --git a/net-proxy/dante/files/sockd.conf b/net-proxy/dante/files/sockd.conf new file mode 100644 index 000000000000..70b18747ba34 --- /dev/null +++ b/net-proxy/dante/files/sockd.conf @@ -0,0 +1,243 @@ +# The configfile is divided into two parts; first serversettings, +# then the rules. +# +# The recommended order is: +# Serversettings: +# logoutput +# internal +# external +# method +# clientmethod +# users +# compatibility +# extension +# connecttimeout +# iotimeout +# srchost +# +# Rules: +# client block/pass +# from to +# log +# +# block/pass +# from to +# method +# command +# log +# protocol +# proxyprotocol + +# the server will log both via syslog, to stdout and to /var/log/lotsoflogs +#logoutput: syslog stdout /var/log/lotsoflogs +logoutput: syslog + +# The server will bind to the address 10.1.1.1, port 1080 and will only +# accept connections going to that address. +#internal: 10.1.1.1 port = 1080 +# Alternatively, the interface name can be used instead of the address. +#internal: eth0 port = 1080 + +# all outgoing connections from the server will use the IP address +# 195.168.1.1 +#external: 192.168.1.1 + +# list over acceptable methods, order of preference. +# A method not set here will never be selected. +# +# If the method field is not set in a rule, the global +# method is filled in for that rule. +# + +# methods for socks-rules. +#method: username none #rfc931 + +# methods for client-rules. +#clientmethod: none + +#or if you want to allow rfc931 (ident) too +#method: username rfc931 none + +# +# An important section, pay attention. +# + +# when doing something that can require privilege, +# it will use the userid "sockd". +user.privileged: sockd + +# when running as usual, +# it will use the unprivileged userid of "sockd". +user.notprivileged: sockd + +# +# some options to help clients with compatibility: +# + +# when a client connection comes in the socksserver will try to use +# the same port as the client is using, when the socksserver +# goes out on the clients behalf (external: IP address). +# If this option is set, Dante will try to do it for reserved ports aswell. +# This will usually require user.privileged to be set to "root". +#compatibility: sameport + +# If you are using the bind extension and have trouble running servers +# via the server, you might try setting this. The consequences of it +# are unknown. +#compatibility: reuseaddr + +# +# The Dante server supports some extensions to the socks protocol. +# These require that the socks client implements the same extension and +# can be enabled using the "extension" keyword. +# +# enable the bind extension. +#extension: bind + + +# +# +# misc options. +# + +# how many seconds can pass from when a client connects til it has +# sent us it's request? Adjust according to your network performance +# and methods supported. +#connecttimeout: 30 # on a lan, this should be enough if method is "none". + +# how many seconds can the client and it's peer idle without sending +# any data before we dump it? Unless you disable tcp keep-alive for +# some reason, it's probably best to set this to 0, which is +# "forever". +#iotimeout: 0 # or perhaps 86400, for a day. + +# do you want to accept connections from addresses without +# dns info? what about addresses having a mismatch in dnsinfo? +#srchost: nounknown nomismatch + +# +# The actual rules. There are two kinds and they work at different levels. +# +# The rules prefixed with "client" are checked first and say who is allowed +# and who is not allowed to speak/connect to the server. I.e the +# ip range containing possibly valid clients. +# It is especially important that these only use IP addresses, not hostnames, +# for security reasons. +# +# The rules that do not have a "client" prefix are checked later, when the +# client has sent its request and are used to evaluate the actual +# request. +# +# The "to:" in the "client" context gives the address the connection +# is accepted on, i.e the address the socksserver is listening on, or +# just "0.0.0.0/0" for any address the server is listening on. +# +# The "to:" in the non-"client" context gives the destination of the clients +# socksrequest. +# +# "from:" is the source address in both contexts. +# + + +# the "client" rules. All our clients come from the net 10.0.0.0/8. +# + +# Allow our clients, also provides an example of the port range command. +#client pass { +# from: 10.0.0.0/8 port 1-65535 to: 0.0.0.0/0 +# method: rfc931 # match all idented users that also are in passwordfile +#} + +# This is identical to above, but allows clients without a rfc931 (ident) +# too. In practise this means the socksserver will try to get a rfc931 +# reply first (the above rule), if that fails, it tries this rule. +#client pass { +# from: 10.0.0.0/8 port 1-65535 to: 0.0.0.0/0 +#} + + +# drop everyone else as soon as we can and log the connect, they are not +# on our net and have no business connecting to us. This is the default +# but if you give the rule yourself, you can specify details. +#client block { +# from: 0.0.0.0/0 to: 0.0.0.0/0 +# log: connect error +#} + + +# the rules controlling what clients are allowed what requests +# + +# you probably don't want people connecting to loopback addresses, +# who knows what could happen then. +#block { +# from: 0.0.0.0/0 to: 127.0.0.0/8 +# log: connect error +#} + +# the people at the 172.16.0.0/12 are bad, no one should talk to them. +# log the connect request. +#block { +# from: 0.0.0.0/0 to: 172.16.0.0/12 +# log: connect error +#} + +# unless you need it, you could block any bind requests. +#block { +# from: 0.0.0.0/0 to: 0.0.0.0/0 +# command: bind +# log: connect error +#} + +# or you might want to allow it, for instance "active" ftp uses it. +# Note that a "bindreply" command must also be allowed, it +# should usually by from "0.0.0.0/0", i.e if a client of yours +# has permission to bind, it will also have permission to accept +# the reply from anywhere. +#pass { +# from: 10.0.0.0/8 to: 0.0.0.0/0 +# command: bind +# log: connect error +#} + +# some connections expect some sort of "reply", this might be +# the reply to a bind request or it may be the reply to a +# udppacket, since udp is packetbased. +# Note that nothing is done to verify that it's a "genuine" reply, +# that is in general not possible anyway. The below will allow +# all "replies" in to your clients at the 10.0.0.0/8 net. +#pass { +# from: 0.0.0.0/0 to: 10.0.0.0/8 +# command: bindreply udpreply +# log: connect error +#} + + +# pass any http connects to the example.com domain if they +# authenticate with username. +# This matches "example.com" itself and everything ending in ".example.com". +#pass { +# from: 10.0.0.0/8 to: .example.com port = http +# log: connect error +# method: username +#} + +# block any other http connects to the example.com domain. +#block { +# from: 0.0.0.0/0 to: .example.com port = http +# log: connect error +#} + +# everyone from our internal network, 10.0.0.0/8 is allowed to use +# tcp and udp for everything else. +#pass { +# from: 10.0.0.0/8 to: 0.0.0.0/0 +# protocol: tcp udp +#} + +# last line, block everyone else. This is the default but if you provide +# one yourself you can specify your own logging/actions +#block { +# from: 0.0.0.0/0 to: 0.0.0.0/0 +# log: connect error +#} diff --git a/net-proxy/dante/files/sockd.conf-with-libwrap.patch b/net-proxy/dante/files/sockd.conf-with-libwrap.patch new file mode 100644 index 000000000000..97d2a33f71bb --- /dev/null +++ b/net-proxy/dante/files/sockd.conf-with-libwrap.patch @@ -0,0 +1,41 @@ +--- sockd.conf.orig 2005-06-04 13:57:39.770322448 +0300 ++++ sockd.conf 2005-06-04 13:47:47.000000000 +0300 +@@ -18,12 +18,14 @@ + # Rules: + # client block/pass + # from to ++# libwrap + # log + # + # block/pass + # from to + # method + # command ++# libwrap + # log + # protocol + # proxyprotocol +@@ -73,6 +75,10 @@ + # it will use the unprivileged userid of "sockd". + user.notprivileged: sockd + ++# when running libwrap commands, ++# it will use the userid "sockd". ++user.libwrap: sockd ++ + # + # some options to help clients with compatibility: + # +@@ -179,9 +185,11 @@ + #} + + # the people at the 172.16.0.0/12 are bad, no one should talk to them. +-# log the connect request. ++# log the connect request and also provide an example on how to ++# interact with libwrap. + #block { + # from: 0.0.0.0/0 to: 172.16.0.0/12 ++# libwrap: spawn finger @%a + # log: connect error + #} + diff --git a/net-proxy/dante/files/sockd.conf-with-pam.patch b/net-proxy/dante/files/sockd.conf-with-pam.patch new file mode 100644 index 000000000000..d6735a1cf30e --- /dev/null +++ b/net-proxy/dante/files/sockd.conf-with-pam.patch @@ -0,0 +1,12 @@ +--- sockd.conf.orig 2005-06-04 14:01:40.492727080 +0300 ++++ sockd.conf 2005-06-04 13:57:39.770322448 +0300 +@@ -58,6 +58,9 @@ + #or if you want to allow rfc931 (ident) too + #method: username rfc931 none + ++#or for PAM authentification ++#method: pam ++ + # + # An important section, pay attention. + # diff --git a/net-proxy/dante/files/socks.conf b/net-proxy/dante/files/socks.conf new file mode 100644 index 000000000000..4a7d1520a7b5 --- /dev/null +++ b/net-proxy/dante/files/socks.conf @@ -0,0 +1,127 @@ +# The configfile is divided into two parts; first misc. settings, +# then the routes. Objects in '[]' are optional. +# +# +# recommended order is: +# [debug] +# [logoutput] +# [resolveprotocol] +# +# routes: +# from to via +# [command] +# [extension] +# [protocol] +# [proxyprotocol] + + +#debug: 1 # uncomment to enable debugging + +#logoutput: stdout # users usually don't want to be bothered with that. + +# What protocol should be used for resolving hostnames? It's important +# to set this right. +#resolveprotocol: udp # default +#resolveprotocol: tcp # set this if your socksserver only supports socksv4. +#resolveprotocol: fake # set this if your clients can't access nameserver, + # neither directly nor proxied. + + + +# +# the routes +# + +# specifying routes for accepting remote connections (via bind()) is +# difficult since we can't know what the "to:" address is +# until we actually get the connection Since we support letting +# the client accept connections both via the proxyserver and +# "directly" at the same time, we have two options though: +# a) specify a route for bind (only) first going via the proxyserver. +# This will also handle "direct" connections. +# b) specify a route for bind (only) first going "direct". +# This means clients will only be able to accept "direct" +# connections. + +# we want to accept remote connections via the proxyserver. +#route { +# from: 0.0.0.0/0 to: 0.0.0.0/0 via: 10.1.1.1 port = 1080 +# command: bind +#} + +# we do not want to accept remote connections via the proxyserver. +#route { +# from: 0.0.0.0/0 to: 0.0.0.0/0 via: direct +# command: bind +#} + + +# if you don't route all local connections via direct, you should +# at least route nameserver connections via direct connections if you +# can. That can make for much better performance, depending on +# your setup. Make sure the nameserver line is the first. +# +# Assuming your nameserver runs on address 10.1.1.1, you can do it like this: +#route { +# from: 0.0.0.0/0 to: 10.1.1.1/32 port = domain via: direct +#} + + +# have a route making all connections to loopback addresses be direct. +#route { +# from: 0.0.0.0/0 to: 127.0.0.0/8 via: direct +# command: connect udpassociate # everything but bind, bind confuses us. +#} + +# Our net is the 10.0.0.0/8 net, let clients going to local address go +# direct, not via server. +#route { +# from: 0.0.0.0/0 to: 10.0.0.0/8 via: direct +#} + +# for poor souls trapped behind a msproxy server. +#route { +# from: 0.0.0.0/0 to: 0.0.0.0/0 via: 10.1.1.1 port = 1745 +# protocol: tcp # server supports tcp +# proxyprotocol: msproxy_v2 # server runs msproxy_v2 +#} + +# clients going anywhere else go via server listening at +# IP address 10.1.1.1, port 1080. Note that unless you have +# specified a direct connection for DNS, or the socksserver is resolvable +# without network traffic, you can't give a hostname for the socksserver, +# you must give a IP address. (the reasons for that are logical enough, +# you would create a loop otherwise.) +#route { +# from: 0.0.0.0/0 to: 0.0.0.0/0 via: 10.1.1.1 port = 1080 +# protocol: tcp udp # server supports tcp and udp. +# proxyprotocol: socks_v4 socks_v5 # server supports socks v4 and v5. +# method: none #username # we are willing to authenticate via +# # method "none", not "username". +#} + +# this is identical to the above, but it matches hostnames instead. +# This is if you have clients that are unable to resolve hostnames. +# It can be important that hostname routes come after address routes. +#route { +# from: 0.0.0.0/0 to: . via: 10.1.1.1 port = 1080 +# protocol: tcp udp # server supports tcp and udp. +# proxyprotocol: socks_v4 socks_v5 # server supports socks v4 and v5. +# method: none #username # we are willing to authenticate via +# # method "none", not "username". +#} + +# identical to above two routes, but using a httpproxy instead. +# + +#route { +# from: 0.0.0.0/0 to: 0.0.0.0/0 via: 10.1.1.1 port = 3128 +# command: connect # only thing a httproxy supports. +# proxyprotocol: http_v1.0 +#} + +#route { +# from: 0.0.0.0/0 to: . via: 10.1.1.1 port = 3128 +# command: connect # only thing a httproxy supports. +# proxyprotocol: http_v1.0 +#} diff --git a/net-proxy/dante/metadata.xml b/net-proxy/dante/metadata.xml new file mode 100644 index 000000000000..47c971ca58ca --- /dev/null +++ b/net-proxy/dante/metadata.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="person"><email>robbat2@gentoo.org</email></maintainer> +<longdescription>A free socks4, socks5 and msproxy implementation</longdescription> +</pkgmetadata> |