gentoo resync : 15.12.2019

author: V3n3RiX <venerix@redcorelinux.org> 2019-12-15 18:09:03 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2019-12-15 18:09:03 +0000
commit: 7bc9c63c9da678a7e6fceb095d56c634afd22c56 (patch)
tree: 4a67d50a439e9af63947e5f8b6ba3719af98b6c9 /net-vpn/libreswan
parent: b284a3168fa91a038925d2ecf5e4791011ea5e7d (diff)
5 files changed, 3 insertions, 341 deletions
diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest
index 8a12ed72ba0a..1cb8af101d7b 100644
--- a/net-vpn/libreswan/Manifest
+++ b/net-vpn/libreswan/Manifest
@@ -1,7 +1,3 @@
-AUX libreswan-3.28-barf-syntax.patch 732 BLAKE2B 1d98339ca0b63ad4dfd7c14e01464e21f7101de9c551b9aff64d58066a6a44528a5d664e4a900f0ca671146a5c550f37f440a8c731fc4f636fae2210b2a86317 SHA512 a20386e9d8e63b7824ebce5d48b0247e453937e00a8704f5b22c40da57e72ae81c2bbf511a9fdef99671ce0afc64d8faeb27a4533182d840779efccc726c4702
-AUX libreswan-3.28-xfrm-detection.patch 7504 BLAKE2B f02c79dedfef07b8ae06b5d5106639095f4a74506ffc0d1f06e8c8b70d447a94adfac1f8ae0c90257d22aabb401e5444dc94aae790df3b7c8cc303d58b08d12d SHA512 27b333a1481f58f1e7b38729c46eb13e51c4d7faeddfffe5eb632da30d5ef134ac81cca4a761e18912dcdfe71761a5e30cfc78939353fb74cb875a6516f9a3a1
-DIST libreswan-3.27.tar.gz 3720103 BLAKE2B 51ee792cd3fb8330a9cfee0b1a27e48c9a8c8fd3346e8c06fe0a911c813c400ef62d68b1d06bb849695aad5f4d5a496dc444b2543aa9ffbc59d373081c0b85e5 SHA512 b92ecfd08b9d19dc801032176eff3dd07f625223d4f0dd07ff10f639644573430a55f7aebfcc8b9d2424e194ca9d06b17ad5a13dad5dc6f659d19bc5d32520f5
 DIST libreswan-3.29.tar.gz 3848730 BLAKE2B 32dc839186fb511534a4959014082f8efe27708da7bc09dc5977532ffc7ea0ccdc92407932b3c3166f14b9ff85933e9a3f76325bbe620e09a5fa5a5c496d1f44 SHA512 4b4d91204d8b1724e0a9ad3ed55fc232c9a526211c3b47b6cc33fd160feb72538ef1661becca250bde815b9d7b75709bf16c7b372476605557b47c785cdf2535
-EBUILD libreswan-3.27.ebuild 2811 BLAKE2B 04ac4dc887783fcadd8aaa444ec59c71b9221b4f968d6ab13305866d26f5025208c806307b63874607de8617ad64e69fce54b7a08d3e958b20e5331531048f94 SHA512 e3b7a8b50f17f426cdab73fc237ef555e8d0d89d06546a60d0c38d01001620e9b03ec4e8e933aa587561019057aa71ee80250b8c3ae6aac502a93e5c6a5cd77b
-EBUILD libreswan-3.29.ebuild 3034 BLAKE2B a6090d25ece09914c2e19fd9053723da4194ade3fa81672bd76298ef9b384d03afe8d34d70d8ba4a49c8e8a381e57df7bab1fd81fc7ad8af0db94fca3bcec6ca SHA512 301339b30907e081873f2170308d5f1baa96bea8ae3a216209d78f26aece50dd8c6d4959bdb1ac0b1c8705180ee35298258ad900108160b8b14e6b3730f82760
+EBUILD libreswan-3.29.ebuild 3059 BLAKE2B 61b9d5e5c1b10d0b56506ac025afdb02b72581444ddef171f2323febb72e79c43a581d767a6ab8429da97fba7245e6b078d1c6db11ad892f83c3e6baab0f3b37 SHA512 f3893d22e0ee2d41f34447ae12371137d378d5b0544f2b2bb35cef2dc00d66edd3d86ed45a7e49953ef2c446ace3c92b78106bcf5bb89843e95b3e055b7e618b
 MISC metadata.xml 319 BLAKE2B 6bae0756e29efeb1cf77d60f7e38fe62ffa5f24c3745e07900e6ef5f65194c50f6a479d97fdcc24804ccdcfefd9707b12f08dffe613fcf798afc421826de36e4 SHA512 924161f15c0f7a9666a6d7a422b45da679190e1a0f2859b997ddd753cbf49df9da337e5420040210736f76fa712dca3ec8862480f62bd321de71e74bee7c0865
diff --git a/net-vpn/libreswan/files/libreswan-3.28-barf-syntax.patch b/net-vpn/libreswan/files/libreswan-3.28-barf-syntax.patch
deleted file mode 100644
index 69786bba99f0..000000000000
--- a/net-vpn/libreswan/files/libreswan-3.28-barf-syntax.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-From 8c3ba6a5f73ae64aa5171252f54c15d65c9930db Mon Sep 17 00:00:00 2001
-From: Tuomo Soini <tis@foobar.fi>
-Date: Fri, 24 May 2019 19:19:12 +0300
-Subject: [PATCH] barf: fix syntax error caused by removing pfkey checks
-
-Fixes problem introduced in beccfe9f7a40816a9ec663e4076ff051bf4c91cb
----
- programs/barf/barf.in | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/programs/barf/barf.in b/programs/barf/barf.in
-index fce05994cf..9cb92ffc58 100755
---- a/programs/barf/barf.in
-+++ b/programs/barf/barf.in
-@@ -170,6 +170,8 @@ if test -r /proc/net/ipsec_tncfg
- then
- 	cat /proc/net/ipsec_tncfg
- fi
-+if test -r /proc/net/xfrm_stat
-+then
- _________________________ ip-xfrm-state
- 	ip xfrm state
- _________________________ ip-xfrm-policy
diff --git a/net-vpn/libreswan/files/libreswan-3.28-xfrm-detection.patch b/net-vpn/libreswan/files/libreswan-3.28-xfrm-detection.patch
deleted file mode 100644
index 7cda675af776..000000000000
--- a/net-vpn/libreswan/files/libreswan-3.28-xfrm-detection.patch
+++ /dev/null
@@ -1,200 +0,0 @@
-From 716f4b712724c6698469563e531dea3667507ceb Mon Sep 17 00:00:00 2001
-From: Paul Wouters <pwouters@redhat.com>
-Date: Tue, 28 May 2019 00:24:30 -0400
-Subject: [PATCH] programs: Change to use /proc/sys/net/core/xfrm_acq_expires
- to detect XFRM
-
-Apparently, not all kernels with XFRM support also enable support for
-CONFIG_XFRM_STATISTICS, causing XFRM auto-detection to fail.
-
-This affected openwrt and also some other distribution/custom kernels.
----
- programs/_realsetup.bsd/_realsetup.in   | 2 +-
- programs/_stackmanager/_stackmanager.in | 2 +-
- programs/barf/barf.in                   | 6 +++---
- programs/eroute/eroute.c                | 2 +-
- programs/ipsec/ipsec.in                 | 2 +-
- programs/look/look.in                   | 2 +-
- programs/pluto/kernel.c                 | 2 +-
- programs/setup/setup.in                 | 2 +-
- programs/spi/spi.c                      | 2 +-
- programs/spigrp/spigrp.c                | 2 +-
- programs/tncfg/tncfg.c                  | 2 +-
- programs/verify/verify.in               | 2 +-
- 12 files changed, 14 insertions(+), 14 deletions(-)
-
-diff --git a/programs/_realsetup.bsd/_realsetup.in b/programs/_realsetup.bsd/_realsetup.in
-index 91cca98ac8..4a783772f6 100755
---- a/programs/_realsetup.bsd/_realsetup.in
-+++ b/programs/_realsetup.bsd/_realsetup.in
-@@ -28,7 +28,7 @@ plutoctl=/var/run/pluto/pluto.ctl
- subsyslock=/var/lock/subsys/ipsec
- lock=/var/run/pluto/ipsec_setup.pid
- 
--xfrm_stat=/proc/net/xfrm_stat
-+xfrm_stat=/proc/sys/net/core/xfrm_acq_expires
- 
- # defaults for "config setup" items
- IPSECuniqueids=${IPSECuniqueids:-yes}
-diff --git a/programs/_stackmanager/_stackmanager.in b/programs/_stackmanager/_stackmanager.in
-index 4d41c5ad51..21616a31c9 100644
---- a/programs/_stackmanager/_stackmanager.in
-+++ b/programs/_stackmanager/_stackmanager.in
-@@ -29,7 +29,7 @@ eval $(ASAN_OPTIONS=detect_leaks=0 ipsec addconn  --configsetup | grep -v "#" |
- test ${IPSEC_INIT_SCRIPT_DEBUG} && set -v -x
- MODPROBE="@MODPROBEBIN@ @MODPROBEARGS@"
- 
--xfrm_stat=/proc/net/xfrm_stat
-+xfrm_stat=/proc/sys/net/core/xfrm_acq_expires
- klipsstack=/proc/net/ipsec/version
- action="${1}"
- 
-diff --git a/programs/barf/barf.in b/programs/barf/barf.in
-index 17f830d4a3..15eb252f11 100755
---- a/programs/barf/barf.in
-+++ b/programs/barf/barf.in
-@@ -174,14 +174,13 @@ _________________________ /proc/net/ipsec_tncfg
- if test -r /proc/net/ipsec_tncfg
- then
-     cat /proc/net/ipsec_tncfg
- fi
--if test -r /proc/net/xfrm_stat
--then
-+if [ -r /proc/sys/net/core/xfrm_acq_expires ]; then
- _________________________ ip-xfrm-state
-     ip xfrm state
- _________________________ ip-xfrm-policy
-     ip xfrm policy
--_________________________ ip-xfrm-stats
-+_________________________ cat-proc-net-xfrm_stat
-     cat /proc/net/xfrm_stat
- fi
- _________________________ ip-l2tp-tunnel
-@@ -283,9 +283,8 @@ _________________________ /proc/net/ipsec_version
- if test -r /proc/net/ipsec_version
- then
-     cat /proc/net/ipsec_version
- else
--    if test -r /proc/net/xfrm_stat
--    then
-+    if [ -r /proc/sys/net/core/xfrm_acq_expires ]; then
- 	echo "NETKEY (`uname -r`) support detected "
-     else
- 	echo "no KLIPS or NETKEY support detected"
-diff --git a/programs/eroute/eroute.c b/programs/eroute/eroute.c
-index c33234c194..6f058d9232 100644
---- a/programs/eroute/eroute.c
-+++ b/programs/eroute/eroute.c
-@@ -495,7 +495,7 @@ int main(int argc, char **argv)
- 	if (argcount == 1) {
- 		struct stat sts;
- 
--		if (stat("/proc/net/xfrm_stat", &sts) == 0) {
-+		if (stat("/proc/sys/net/core/xfrm_acq_expires", &sts) == 0) {
- 			fprintf(stderr,
- 				"%s: NETKEY does not support eroute table.\n",
- 				progname);
-diff --git a/programs/ipsec/ipsec.in b/programs/ipsec/ipsec.in
-index 401a596628..06bec21632 100755
---- a/programs/ipsec/ipsec.in
-+++ b/programs/ipsec/ipsec.in
-@@ -61,7 +61,7 @@ fixversion() {
- 	stack=" (klips)"
- 	kv="$(awk '{print $NF}' /proc/net/ipsec_version)"
-     else
--	if [ -f /proc/net/xfrm_stat ]; then
-+	if [ -f /proc/sys/net/core/xfrm_acq_expires ]; then
- 	    stack=" (netkey)"
- 	    kv="${version}"
- 	else
-diff --git a/programs/look/look.in b/programs/look/look.in
-index bb55e8eda2..192856c630 100755
---- a/programs/look/look.in
-+++ b/programs/look/look.in
-@@ -72,7 +72,7 @@ if [ -f /proc/net/ipsec_spi ]; then
- fi
- 
- # xfrm
--if [ -f /proc/net/xfrm_stat ]; then
-+if [ -f /proc/sys/net/core/xfrm_acq_expires ]; then
-     echo "XFRM state:"
-     ip xfrm state
-     echo "XFRM policy:"
-diff --git a/programs/pluto/kernel.c b/programs/pluto/kernel.c
-index 39b1e32389..5c71c04af3 100644
---- a/programs/pluto/kernel.c
-+++ b/programs/pluto/kernel.c
-@@ -2666,7 +2666,7 @@ void init_kernel(void)
- 	switch (kern_interface) {
- #if defined(NETKEY_SUPPORT)
- 	case USE_NETKEY:
--		if (stat("/proc/net/xfrm_stat", &buf) != 0) {
-+		if (stat("/proc/sys/net/core/xfrm_acq_expires", &buf) != 0) {
- 			libreswan_log("No XFRM kernel interface detected");
- 			exit_pluto(PLUTO_EXIT_KERNEL_FAIL);
- 		}
-diff --git a/programs/setup/setup.in b/programs/setup/setup.in
-index 8c28b0e157..1933089459 100755
---- a/programs/setup/setup.in
-+++ b/programs/setup/setup.in
-@@ -110,7 +110,7 @@ case "$1" in
- 
- 	# If stack is non-modular, we want to force clean too
- 	[ -f /proc/net/pf_key ] && ipsec eroute --clear
--	[ -f /proc/net/xfrm_stat ] && ip xfrm state flush && ip xfrm policy flush
-+	[ -f /proc/sys/net/core/xfrm_acq_expires ] && ip xfrm state flush && ip xfrm policy flush
- 
- 	# Cleaning up backup resolv.conf
- 	if [ -e ${LIBRESWAN_RESOLV_CONF} ]; then
-diff --git a/programs/spi/spi.c b/programs/spi/spi.c
-index c45fe6a517..742898a86f 100644
---- a/programs/spi/spi.c
-+++ b/programs/spi/spi.c
-@@ -1135,7 +1135,7 @@ int main(int argc, char *argv[])
- 			progname);
- 	}
- 
--	if (stat("/proc/net/xfrm_stat", &sts) == 0) {
-+	if (stat("/proc/sys/net/core/xfrm_acq_expires", &sts) == 0) {
- 		fprintf(stderr,
- 			"%s: XFRM does not use the ipsec spi command. Use 'ip xfrm' instead.\n",
- 			progname);
-diff --git a/programs/spigrp/spigrp.c b/programs/spigrp/spigrp.c
-index 79d6c50e5e..fe0942325d 100644
---- a/programs/spigrp/spigrp.c
-+++ b/programs/spigrp/spigrp.c
-@@ -151,7 +151,7 @@ int main(int argc, char **argv)
- 	if (debug)
- 		fprintf(stdout, "...After check for --label option.\n");
- 
--	if (stat("/proc/net/xfrm_stat", &sts) == 0) {
-+	if (stat("/proc/sys/net/core/xfrm_acq_expires", &sts) == 0) {
- 		fprintf(stderr,
- 			"%s: XFRM does not use the ipsec spigrp command. Use 'ip xfrm' instead.\n",
- 			progname);
-diff --git a/programs/tncfg/tncfg.c b/programs/tncfg/tncfg.c
-index 55de83b1ef..5a9f2e9aee 100644
---- a/programs/tncfg/tncfg.c
-+++ b/programs/tncfg/tncfg.c
-@@ -259,7 +259,7 @@ int main(int argc, char *argv[])
- 		}
- 	}
- 
--	if (stat("/proc/net/xfrm_stat", &sts) == 0) {
-+	if (stat("/proc/sys/net/core/xfrm_acq_expires", &sts) == 0) {
- 		fprintf(stderr,
- 			"%s: XFRM does not support virtual interfaces.\n",
- 			progname);
-diff --git a/programs/verify/verify.in b/programs/verify/verify.in
-index 9321631931..81ae1d32fe 100755
---- a/programs/verify/verify.in
-+++ b/programs/verify/verify.in
-@@ -223,7 +223,7 @@ def installstartcheck():
- 		print_result("FAIL","FAILED")
- 
- 	printfun("Checking for IPsec support in kernel")
--	if not os.path.isfile("/proc/net/ipsec_eroute") and not os.path.isfile("/proc/net/xfrm_stat"):
-+	if not os.path.isfile("/proc/net/ipsec_eroute") and not os.path.isfile("/proc/sys/net/core/xfrm_acq_expires"):
- 		print_result("FAIL","FAILED")
- 		if "no kernel code presently loaded" in output:
- 			print("\n The ipsec service should be started before running 'ipsec verify'\n")
diff --git a/net-vpn/libreswan/libreswan-3.27.ebuild b/net-vpn/libreswan/libreswan-3.27.ebuild
deleted file mode 100644
index 7d8d9507ce45..000000000000
--- a/net-vpn/libreswan/libreswan-3.27.ebuild
+++ /dev/null
@@ -1,112 +0,0 @@
-# Copyright 1999-2018 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit systemd toolchain-funcs
-
-SRC_URI="https://download.libreswan.org/${P}.tar.gz"
-KEYWORDS="amd64 ~ppc x86"
-
-DESCRIPTION="IPsec implementation for Linux, fork of Openswan"
-HOMEPAGE="https://libreswan.org/"
-
-LICENSE="GPL-2 BSD-4 RSA DES"
-SLOT="0"
-IUSE="caps curl dnssec ldap pam seccomp selinux systemd test"
-
-COMMON_DEPEND="
-	dev-libs/gmp:0=
-	dev-libs/libevent:0=
-	dev-libs/nspr
-	caps? ( sys-libs/libcap-ng )
-	curl? ( net-misc/curl )
-	dnssec? ( net-dns/unbound:= net-libs/ldns )
-	ldap? ( net-nds/openldap )
-	pam? ( sys-libs/pam )
-	seccomp? ( sys-libs/libseccomp )
-	selinux? ( sys-libs/libselinux )
-	systemd? ( sys-apps/systemd:0= )
-"
-DEPEND="${COMMON_DEPEND}
-	app-text/docbook-xml-dtd:4.1.2
-	app-text/xmlto
-	dev-libs/nss
-	sys-devel/bison
-	sys-devel/flex
-	virtual/pkgconfig
-	test? ( dev-python/setproctitle )
-"
-RDEPEND="${COMMON_DEPEND}
-	dev-libs/nss[utils(+)]
-	sys-apps/iproute2
-	!net-misc/openswan
-	!net-vpn/strongswan
-	selinux? ( sec-policy/selinux-ipsec )
-"
-
-usetf() {
-	usex "$1" true false
-}
-
-src_prepare() {
-	sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die
-	sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die
-	default
-}
-
-src_configure() {
-	tc-export AR CC
-	export INC_USRLOCAL=/usr
-	export INC_MANDIR=share/man
-	export FINALEXAMPLECONFDIR=/usr/share/doc/${PF}
-	export FINALDOCDIR=/usr/share/doc/${PF}/html
-	export INITSYSTEM=openrc
-	export INC_RCDIRS=
-	export INC_RCDEFAULT=/etc/init.d
-	export USERCOMPILE=
-	export USERLINK=
-	export USE_DNSSEC=$(usetf dnssec)
-	export USE_LABELED_IPSEC=$(usetf selinux)
-	export USE_LIBCAP_NG=$(usetf caps)
-	export USE_LIBCURL=$(usetf curl)
-	export USE_LINUX_AUDIT=$(usetf selinux)
-	export USE_LDAP=$(usetf ldap)
-	export USE_SECCOMP=$(usetf seccomp)
-	export USE_SYSTEMD_WATCHDOG=$(usetf systemd)
-	export SD_WATCHDOGSEC=$(usex systemd 200 0)
-	export USE_XAUTHPAM=$(usetf pam)
-	export DEBUG_CFLAGS=
-	export OPTIMIZE_CFLAGS=
-	export WERROR_CFLAGS=
-}
-
-src_compile() {
-	emake all
-	emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" all
-}
-
-src_test() {
-	: # integration tests only that require set of kvms to be set up
-}
-
-src_install() {
-	default
-	emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" DESTDIR="${D}" install
-
-	echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets
-	fperms 0600 /etc/ipsec.secrets
-
-	dodoc -r docs
-
-	find "${D}" -type d -empty -delete || die
-}
-
-pkg_postinst() {
-	local IPSEC_CONFDIR=${ROOT%/}/etc/ipsec.d
-	if [[ ! -f ${IPSEC_CONFDIR}/cert8.db ]]; then
-		ebegin "Setting up NSS database in ${IPSEC_CONFDIR}"
-		certutil -N -d "${IPSEC_CONFDIR}" -f <(echo)
-		eend $?
-	fi
-}
diff --git a/net-vpn/libreswan/libreswan-3.29.ebuild b/net-vpn/libreswan/libreswan-3.29.ebuild
index 6a7f68a383b7..7d64aba2bee2 100644
--- a/net-vpn/libreswan/libreswan-3.29.ebuild
+++ b/net-vpn/libreswan/libreswan-3.29.ebuild
@@ -6,7 +6,7 @@ EAPI=7
 inherit systemd toolchain-funcs
 
 SRC_URI="https://download.libreswan.org/${P}.tar.gz"
-KEYWORDS="~amd64 ~ppc ~x86"
+KEYWORDS="amd64 ~ppc x86"
 
 DESCRIPTION="IPsec implementation for Linux, fork of Openswan"
 HOMEPAGE="https://libreswan.org/"
@@ -14,6 +14,7 @@ HOMEPAGE="https://libreswan.org/"
 LICENSE="GPL-2 BSD-4 RSA DES"
 SLOT="0"
 IUSE="caps curl dnssec ldap pam seccomp selinux systemd test"
+RESTRICT="!test? ( test )"
 
 DEPEND="
 	dev-libs/gmp:0=
author	V3n3RiX <venerix@redcorelinux.org>	2019-12-15 18:09:03 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2019-12-15 18:09:03 +0000
commit	7bc9c63c9da678a7e6fceb095d56c634afd22c56 (patch)
tree	4a67d50a439e9af63947e5f8b6ba3719af98b6c9 /net-vpn/libreswan
parent	b284a3168fa91a038925d2ecf5e4791011ea5e7d (diff)