summaryrefslogtreecommitdiff
path: root/net-vpn/wireguard
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
committerV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
commit4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
treeba5f07bf3f9d22d82e54a462313f5d244036c768 /net-vpn/wireguard
reinit the tree, so we can have metadata
Diffstat (limited to 'net-vpn/wireguard')
-rw-r--r--net-vpn/wireguard/Manifest5
-rw-r--r--net-vpn/wireguard/files/wireguard-openrc.sh45
-rw-r--r--net-vpn/wireguard/metadata.xml14
-rw-r--r--net-vpn/wireguard/wireguard-0.0.20171005.ebuild136
-rw-r--r--net-vpn/wireguard/wireguard-9999.ebuild136
5 files changed, 336 insertions, 0 deletions
diff --git a/net-vpn/wireguard/Manifest b/net-vpn/wireguard/Manifest
new file mode 100644
index 000000000000..7212654a70c6
--- /dev/null
+++ b/net-vpn/wireguard/Manifest
@@ -0,0 +1,5 @@
+AUX wireguard-openrc.sh 915 SHA256 f425a60ef4ec42df025df182a474e4ce7157f9fa400ac22a813b33f8421c4d23 SHA512 dd21d8558b4c5ff0fb02a35b6996f1f89ea0e59c885523b9443aafdebcfb23cab3e60f248594d416245a5829b36103566a7a59f41183a9990451c35aa6933dcb WHIRLPOOL a7889f5429a658674a28b913bd1d629024403539fa9ba7742e5c4feaccf3878aaba9f5a062281ceaace163c51abd841edacc104f080cc481b41917135df19b06
+DIST WireGuard-0.0.20171005.tar.xz 167500 SHA256 832a3b7cbb510f6986fd0c3a6b2d86bc75fc9f23b6754d8f46bc58ea8e02d608 SHA512 c131351e1a5591d3aa1c9172d9c2dbc7c8d5ee3ca11e8efecfa32b51bfdb80939efe714b7d41f0e3ce5559d0de20a55675eb6af4f06d67811196682e6e9ed87d WHIRLPOOL be05c06b0b3d07584f20291b6ad97acbe60cd045e54416851ae11db21366804dae3d340d8914098c9e3953c06ebc99fd7571a304595ad5f46e7f72528e96bbc8
+EBUILD wireguard-0.0.20171005.ebuild 4779 SHA256 09ec1cc8c1b84396038b34b81ebd935d088c2119e04f417ae4d782bc7d9b7cec SHA512 4f64c13d75ddaa611c545b1a65b1b3d5aa61298ffbf32de436287b1c898b77e807ffb4da3949d3a1a073c38d9e2609df885954f9a2d57388e86babab85c9b80f WHIRLPOOL 69fbaff57cc11b87c321f07b49a817314bb778afc6e1edfd36310d768faa8503a8c2bd1404a3b322201cf3748ac9f04a538be3021ec397e2cbd995c9717f1475
+EBUILD wireguard-9999.ebuild 4779 SHA256 09ec1cc8c1b84396038b34b81ebd935d088c2119e04f417ae4d782bc7d9b7cec SHA512 4f64c13d75ddaa611c545b1a65b1b3d5aa61298ffbf32de436287b1c898b77e807ffb4da3949d3a1a073c38d9e2609df885954f9a2d57388e86babab85c9b80f WHIRLPOOL 69fbaff57cc11b87c321f07b49a817314bb778afc6e1edfd36310d768faa8503a8c2bd1404a3b322201cf3748ac9f04a538be3021ec397e2cbd995c9717f1475
+MISC metadata.xml 765 SHA256 b39a60fb08df46968b7200955f3568c1437afa566283c2962c7bb03e155392bf SHA512 794ffdecbc09f27080cade3a5753e0d1e9021edb400282ee6db7099d4583ab4d4ed28a343e2b8c2227ab39b8bc4182938d6c82ae4a4f7e9980f21348d8d8c805 WHIRLPOOL fd59215f63552e46f26cb7d7545f2ef3ee270433afe764e6408acd5dfc5f1bf88269cd02ea1fcd8bcf8b6857d83ae7558119cf6fa5c48dca00c48d11a63c78c7
diff --git a/net-vpn/wireguard/files/wireguard-openrc.sh b/net-vpn/wireguard/files/wireguard-openrc.sh
new file mode 100644
index 000000000000..9c53ef0ffa72
--- /dev/null
+++ b/net-vpn/wireguard/files/wireguard-openrc.sh
@@ -0,0 +1,45 @@
+# Copyright (c) 2016 Gentoo Foundation
+# All rights reserved. Released under the 2-clause BSD license.
+
+wireguard_depend()
+{
+ program /usr/bin/wg
+ after interface
+ before dhcp
+}
+
+wireguard_pre_start()
+{
+ [[ $IFACE == wg* ]] || return 0
+ ip link delete dev "$IFACE" type wireguard 2>/dev/null
+ ebegin "Creating WireGuard interface $IFACE"
+ if ! ip link add dev "$IFACE" type wireguard; then
+ eend $?
+ return $?
+ fi
+ eend 0
+
+ ebegin "Configuring WireGuard interface $IFACE"
+ set -- $(_get_array "wireguard_$IFVAR")
+ if [[ -f $1 && $# -eq 1 ]]; then
+ /usr/bin/wg setconf "$IFACE" "$1"
+ else
+ eval /usr/bin/wg set "$IFACE" "$@"
+ fi
+ if [ $? -eq 0 ]; then
+ _up
+ eend 0
+ return
+ fi
+ e=$?
+ ip link delete dev "$IFACE" type wireguard 2>/dev/null
+ eend $e
+}
+
+wireguard_post_stop()
+{
+ [[ $IFACE == wg* ]] || return 0
+ ebegin "Removing WireGuard interface $IFACE"
+ ip link delete dev "$IFACE" type wireguard
+ eend $?
+}
diff --git a/net-vpn/wireguard/metadata.xml b/net-vpn/wireguard/metadata.xml
new file mode 100644
index 000000000000..d5c30b1930c0
--- /dev/null
+++ b/net-vpn/wireguard/metadata.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>zx2c4@gentoo.org</email>
+ <name>Jason A. Donenfeld</name>
+ </maintainer>
+ <use>
+ <flag name="tools">Compile the wg(8) tool and related helpers. You probably want this enabled.</flag>
+ <flag name="module">Compile the actual WireGuard kernel module. Most certainly you want this enabled, unless you're doing something strange.</flag>
+ <flag name="module-src">Install the module source code to /usr/src, in case you like building kernel modules yourself.</flag>
+ <flag name="debug">Enable verbose debug reporting in dmesg of various WireGuard peer and device information.</flag>
+ </use>
+</pkgmetadata>
diff --git a/net-vpn/wireguard/wireguard-0.0.20171005.ebuild b/net-vpn/wireguard/wireguard-0.0.20171005.ebuild
new file mode 100644
index 000000000000..fdc71975143a
--- /dev/null
+++ b/net-vpn/wireguard/wireguard-0.0.20171005.ebuild
@@ -0,0 +1,136 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+MODULES_OPTIONAL_USE="module"
+inherit linux-mod bash-completion-r1
+
+DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography."
+HOMEPAGE="https://www.wireguard.com/"
+
+if [[ ${PV} == 9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://git.zx2c4.com/WireGuard"
+ KEYWORDS=""
+else
+ SRC_URI="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz"
+ S="${WORKDIR}/WireGuard-${PV}"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+fi
+
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="debug +module +tools module-src"
+
+DEPEND="tools? ( net-libs/libmnl )"
+RDEPEND="${DEPEND}"
+
+MODULE_NAMES="wireguard(kernel/drivers/net:src)"
+BUILD_TARGETS="module"
+CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_BLKCIPHER"
+
+pkg_setup() {
+ if use module; then
+ linux-mod_pkg_setup
+ kernel_is -lt 3 10 0 && die "This version of ${PN} requires Linux >= 3.10"
+ fi
+}
+
+src_compile() {
+ BUILD_PARAMS="KERNELDIR=${KERNEL_DIR}"
+ use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}"
+ use module && linux-mod_src_compile
+ use tools && emake RUNSTATEDIR="${EPREFIX}/run" -C src/tools
+}
+
+src_install() {
+ use module && linux-mod_src_install
+ if use tools; then
+ dodoc README.md
+ dodoc -r contrib/examples
+ emake \
+ WITH_BASHCOMPLETION=yes \
+ WITH_SYSTEMDUNITS=yes \
+ WITH_WGQUICK=yes \
+ DESTDIR="${D}" \
+ BASHCOMPDIR="$(get_bashcompdir)" \
+ PREFIX="${EPREFIX}/usr" \
+ -C src/tools install
+ insinto /$(get_libdir)/netifrc/net
+ newins "${FILESDIR}"/wireguard-openrc.sh wireguard.sh
+ fi
+ use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install
+}
+
+pkg_postinst() {
+ if use module-src && ! use module; then
+ einfo
+ einfo "You have enabled the module-src USE flag without the module USE"
+ einfo "flag. This means that sources are installed to"
+ einfo "${ROOT}usr/src/wireguard instead of having the"
+ einfo "kernel module compiled. You will need to compile the module"
+ einfo "yourself. Most likely, you don't want this USE flag, and should"
+ einfo "rather use USE=module"
+ einfo
+ fi
+ use module && linux-mod_pkg_postinst
+
+ einfo
+ einfo "This software is experimental and has not yet been released."
+ einfo "As such, it may contain significant issues. Please do not file"
+ einfo "bug reports with Gentoo, but rather direct them upstream to:"
+ einfo
+ einfo " team@wireguard.com security@wireguard.com"
+ einfo
+
+ if use tools; then
+ einfo
+ einfo "After installing WireGuard, if you'd like to try sending some packets through"
+ einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh"
+ einfo "test example script:"
+ einfo
+ einfo " \$ bzcat ${ROOT}usr/share/doc/${PF}/examples/ncat-client-server/client.sh.bz2 | sudo bash -"
+ einfo
+ einfo "This will automatically setup interface wg0, through a very insecure transport"
+ einfo "that is only suitable for demonstration purposes. You can then try loading the"
+ einfo "hidden website or sending pings:"
+ einfo
+ einfo " \$ chromium http://192.168.4.1"
+ einfo " \$ ping 192.168.4.1"
+ einfo
+ einfo "If you'd like to redirect your internet traffic, you can run it with the"
+ einfo "\"default-route\" argument. You may not use this server for any abusive or illegal"
+ einfo "purposes. It is for quick testing only."
+ einfo
+ einfo "More info on getting started can be found at: https://www.wireguard.com/quickstart/"
+ einfo
+ fi
+ if use module; then
+ local old new
+ if [[ $(uname -r) != "${KV_FULL}" ]]; then
+ ewarn
+ ewarn "You have just built WireGuard for kernel ${KV_FULL}, yet the currently running"
+ ewarn "kernel is $(uname -r). If you intend to use this WireGuard module on the currently"
+ ewarn "running machine, you will first need to reboot it into the kernel ${KV_FULL}, for"
+ ewarn "which this module was built."
+ ewarn
+ elif [[ -f /sys/module/wireguard/version ]] && \
+ old="$(< /sys/module/wireguard/version)" && \
+ new="$(modinfo -F version "${ROOT}/lib/modules/${KV_FULL}/net/wireguard.ko" 2>/dev/null)" && \
+ [[ $old != "$new" ]]; then
+ ewarn
+ ewarn "You appear to have just upgraded WireGuard from version v$old to v$new."
+ ewarn "However, the old version is still running on your system. In order to use the"
+ ewarn "new version, you will need to remove the old module and load the new one. As"
+ ewarn "root, you can accomplish this with the following commands:"
+ ewarn
+ ewarn " # rmmod wireguard"
+ ewarn " # modprobe wireguard"
+ ewarn
+ ewarn "Do note that doing this will remove current WireGuard interfaces, so you may want"
+ ewarn "to gracefully remove them yourself prior."
+ ewarn
+ fi
+ fi
+}
diff --git a/net-vpn/wireguard/wireguard-9999.ebuild b/net-vpn/wireguard/wireguard-9999.ebuild
new file mode 100644
index 000000000000..fdc71975143a
--- /dev/null
+++ b/net-vpn/wireguard/wireguard-9999.ebuild
@@ -0,0 +1,136 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+MODULES_OPTIONAL_USE="module"
+inherit linux-mod bash-completion-r1
+
+DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography."
+HOMEPAGE="https://www.wireguard.com/"
+
+if [[ ${PV} == 9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://git.zx2c4.com/WireGuard"
+ KEYWORDS=""
+else
+ SRC_URI="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz"
+ S="${WORKDIR}/WireGuard-${PV}"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+fi
+
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="debug +module +tools module-src"
+
+DEPEND="tools? ( net-libs/libmnl )"
+RDEPEND="${DEPEND}"
+
+MODULE_NAMES="wireguard(kernel/drivers/net:src)"
+BUILD_TARGETS="module"
+CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_BLKCIPHER"
+
+pkg_setup() {
+ if use module; then
+ linux-mod_pkg_setup
+ kernel_is -lt 3 10 0 && die "This version of ${PN} requires Linux >= 3.10"
+ fi
+}
+
+src_compile() {
+ BUILD_PARAMS="KERNELDIR=${KERNEL_DIR}"
+ use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}"
+ use module && linux-mod_src_compile
+ use tools && emake RUNSTATEDIR="${EPREFIX}/run" -C src/tools
+}
+
+src_install() {
+ use module && linux-mod_src_install
+ if use tools; then
+ dodoc README.md
+ dodoc -r contrib/examples
+ emake \
+ WITH_BASHCOMPLETION=yes \
+ WITH_SYSTEMDUNITS=yes \
+ WITH_WGQUICK=yes \
+ DESTDIR="${D}" \
+ BASHCOMPDIR="$(get_bashcompdir)" \
+ PREFIX="${EPREFIX}/usr" \
+ -C src/tools install
+ insinto /$(get_libdir)/netifrc/net
+ newins "${FILESDIR}"/wireguard-openrc.sh wireguard.sh
+ fi
+ use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install
+}
+
+pkg_postinst() {
+ if use module-src && ! use module; then
+ einfo
+ einfo "You have enabled the module-src USE flag without the module USE"
+ einfo "flag. This means that sources are installed to"
+ einfo "${ROOT}usr/src/wireguard instead of having the"
+ einfo "kernel module compiled. You will need to compile the module"
+ einfo "yourself. Most likely, you don't want this USE flag, and should"
+ einfo "rather use USE=module"
+ einfo
+ fi
+ use module && linux-mod_pkg_postinst
+
+ einfo
+ einfo "This software is experimental and has not yet been released."
+ einfo "As such, it may contain significant issues. Please do not file"
+ einfo "bug reports with Gentoo, but rather direct them upstream to:"
+ einfo
+ einfo " team@wireguard.com security@wireguard.com"
+ einfo
+
+ if use tools; then
+ einfo
+ einfo "After installing WireGuard, if you'd like to try sending some packets through"
+ einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh"
+ einfo "test example script:"
+ einfo
+ einfo " \$ bzcat ${ROOT}usr/share/doc/${PF}/examples/ncat-client-server/client.sh.bz2 | sudo bash -"
+ einfo
+ einfo "This will automatically setup interface wg0, through a very insecure transport"
+ einfo "that is only suitable for demonstration purposes. You can then try loading the"
+ einfo "hidden website or sending pings:"
+ einfo
+ einfo " \$ chromium http://192.168.4.1"
+ einfo " \$ ping 192.168.4.1"
+ einfo
+ einfo "If you'd like to redirect your internet traffic, you can run it with the"
+ einfo "\"default-route\" argument. You may not use this server for any abusive or illegal"
+ einfo "purposes. It is for quick testing only."
+ einfo
+ einfo "More info on getting started can be found at: https://www.wireguard.com/quickstart/"
+ einfo
+ fi
+ if use module; then
+ local old new
+ if [[ $(uname -r) != "${KV_FULL}" ]]; then
+ ewarn
+ ewarn "You have just built WireGuard for kernel ${KV_FULL}, yet the currently running"
+ ewarn "kernel is $(uname -r). If you intend to use this WireGuard module on the currently"
+ ewarn "running machine, you will first need to reboot it into the kernel ${KV_FULL}, for"
+ ewarn "which this module was built."
+ ewarn
+ elif [[ -f /sys/module/wireguard/version ]] && \
+ old="$(< /sys/module/wireguard/version)" && \
+ new="$(modinfo -F version "${ROOT}/lib/modules/${KV_FULL}/net/wireguard.ko" 2>/dev/null)" && \
+ [[ $old != "$new" ]]; then
+ ewarn
+ ewarn "You appear to have just upgraded WireGuard from version v$old to v$new."
+ ewarn "However, the old version is still running on your system. In order to use the"
+ ewarn "new version, you will need to remove the old module and load the new one. As"
+ ewarn "root, you can accomplish this with the following commands:"
+ ewarn
+ ewarn " # rmmod wireguard"
+ ewarn " # modprobe wireguard"
+ ewarn
+ ewarn "Do note that doing this will remove current WireGuard interfaces, so you may want"
+ ewarn "to gracefully remove them yourself prior."
+ ewarn
+ fi
+ fi
+}