summaryrefslogtreecommitdiff
path: root/net-vpn
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2021-06-20 14:45:01 +0100
committerV3n3RiX <venerix@redcorelinux.org>2021-06-20 14:45:01 +0100
commit34dea8e38f88007799629d0a56b12dec480b1d21 (patch)
tree6790873994b58030360328cf5897d934b3b03d16 /net-vpn
parent7932d472a02d4c016ff7dff4b7a5479ab9d1883d (diff)
gentoo resync : 20.06.2021
Diffstat (limited to 'net-vpn')
-rw-r--r--net-vpn/Manifest.gzbin6904 -> 6902 bytes
-rw-r--r--net-vpn/i2pd/Manifest2
-rw-r--r--net-vpn/i2pd/i2pd-2.38.0-r3.ebuild (renamed from net-vpn/i2pd/i2pd-2.38.0-r1.ebuild)6
-rw-r--r--net-vpn/strongswan/Manifest6
-rw-r--r--net-vpn/strongswan/strongswan-5.9.0.ebuild308
-rw-r--r--net-vpn/strongswan/strongswan-5.9.2-r1.ebuild (renamed from net-vpn/strongswan/strongswan-5.9.1.ebuild)2
-rw-r--r--net-vpn/strongswan/strongswan-5.9.2.ebuild308
-rw-r--r--net-vpn/tor/Manifest8
-rw-r--r--net-vpn/tor/tor-0.4.4.9-r1.ebuild (renamed from net-vpn/tor/tor-0.4.4.9.ebuild)2
-rw-r--r--net-vpn/tor/tor-0.4.5.7-r1.ebuild (renamed from net-vpn/tor/tor-0.4.5.7.ebuild)2
-rw-r--r--net-vpn/tor/tor-0.4.5.9-r1.ebuild (renamed from net-vpn/tor/tor-0.4.5.9.ebuild)2
-rw-r--r--net-vpn/tor/tor-0.4.6.5-r1.ebuild (renamed from net-vpn/tor/tor-0.4.6.5.ebuild)2
12 files changed, 14 insertions, 634 deletions
diff --git a/net-vpn/Manifest.gz b/net-vpn/Manifest.gz
index 687ca5968409..52d999fcc492 100644
--- a/net-vpn/Manifest.gz
+++ b/net-vpn/Manifest.gz
Binary files differ
diff --git a/net-vpn/i2pd/Manifest b/net-vpn/i2pd/Manifest
index 70031ed5a36a..a3da3da12b5a 100644
--- a/net-vpn/i2pd/Manifest
+++ b/net-vpn/i2pd/Manifest
@@ -5,5 +5,5 @@ AUX i2pd-2.38.0.service 906 BLAKE2B 583c1856ceada5e60b7f595452afbe3e254616185d64
AUX i2pd-2.6.0-r3.confd 322 BLAKE2B 1abce31d300785fe0f42eb0c15bc26f723e99bfe4f3d21ef4d83620c064838d0e27f89f287a97404276490b848bd1372a40b915d4830b7755d801c4bda551099 SHA512 083f4c860d7556bd14f2765b098743c25f996ef16de3982430ff27ac7711051738d48709654441099ea8c755b6d9a6e25b52286f7e8c928d3f39f1207a9517a9
AUX i2pd-2.6.0-r3.initd 1385 BLAKE2B 5c754a7e289f8d102b2690f78fb3e9b805c6eb46208fba8d8200886dcd30e5e7ba682bb9eb493d654bbec03b8fa7ec58cf885f91203db400280c9de4d9c1e377 SHA512 c09d9164fedac748162eeeafabf4776e16869e7ad06ba5f1b008fa57655fbe8f9633804575e44011b61130699e394bd0d8623b13e9614623b8a9b34e5ad6ecd5
DIST i2pd-2.38.0.tar.gz 555543 BLAKE2B a47c4b77e3a1d4c88cfd18b288b53592a8096509e0bed01bbf57f8d81b715699f822059cd9eecc0deb8fc82d98c23a8c0f6a67ac71654da528f81785338bfe54 SHA512 01e160394dc07621b3d236fcc13d78b46e109290f59dbb77f282c05f4d80fdfa01c9b062de5ca91d6d6e739beb8a5b6f731508b48d9483f1a132a93a71d88e6f
-EBUILD i2pd-2.38.0-r1.ebuild 2215 BLAKE2B 573602917de4a854582de366a8d00e6f7ac9e3cbe9aacc262acb3697ef351e20a50a495a3857f1ebf1789276462211edcaf13194d4dab50cfe80a6fb613ca26d SHA512 550ea1400297f7c44142504c2635af1e9f98acceab266f0604e4271b37291db8d747f54dc304136d8b4b1dc7d9bbab479e0ebb43688e628d31f317370f389fea
+EBUILD i2pd-2.38.0-r3.ebuild 2224 BLAKE2B a104476434aefb858637afa9227c98ca9c6349e1ab5435ee50bac6e005af51b871a0529c61899852147c8c3fd408f78a8dae859a7a73715bb2df6420c9240748 SHA512 14798f72573625ac5cd13f90f3501ae956285fcdaf579add0f556ca668e1ba6eb997db5d41dcd9aa56dd5a7ef20aea2da5492a12141390bacb72cebe93ca3e66
MISC metadata.xml 727 BLAKE2B 2956a473062444342fb7436a09686b9774210105445288152df0e024fdf81b93b86782a1e3e5348ce8d4a2d71383db3ed63dd51dde00abadcfdce5f84819b37f SHA512 0362e22d09aa7735d12b66da01cc717704429750a57dc2cc625c2907525c935764ede0a83ef4908417542bc0afe24cb21ada71ee3100dffdb3d3b2ab3999da38
diff --git a/net-vpn/i2pd/i2pd-2.38.0-r1.ebuild b/net-vpn/i2pd/i2pd-2.38.0-r3.ebuild
index b77a5dab495a..bc5464e5280a 100644
--- a/net-vpn/i2pd/i2pd-2.38.0-r1.ebuild
+++ b/net-vpn/i2pd/i2pd-2.38.0-r3.ebuild
@@ -18,13 +18,13 @@ RDEPEND="
acct-user/i2pd
acct-group/i2pd
!static? (
- dev-libs/boost:=[threads]
- dev-libs/openssl:0=[-bindist]
+ dev-libs/boost:=[threads(+)]
+ dev-libs/openssl:0=[-bindist(-)]
upnp? ( net-libs/miniupnpc:= )
)"
DEPEND="${RDEPEND}
static? (
- dev-libs/boost:=[static-libs,threads]
+ dev-libs/boost:=[static-libs,threads(+)]
sys-libs/zlib[static-libs]
dev-libs/openssl:0=[static-libs]
upnp? ( net-libs/miniupnpc:=[static-libs] )
diff --git a/net-vpn/strongswan/Manifest b/net-vpn/strongswan/Manifest
index 63ae6257aca7..ebda3c352363 100644
--- a/net-vpn/strongswan/Manifest
+++ b/net-vpn/strongswan/Manifest
@@ -1,8 +1,4 @@
AUX ipsec 451 BLAKE2B deb3fff7043e04c1630119bb0cbbd6fa9b6f15666131ac9744a32d35cf3bc0629fe99cf9936b9cdb464627c1a8c121b8485f164166efda428825a55aab557d18 SHA512 d11ccc36ee89df5974547441fdb6c539dd3a7a5e235e318c1beddca7d4f5cace857f2dc75752e6fa913177eec9c3afcbed52de5bc08e8c314096d439cbc3bc6c
-DIST strongswan-5.9.0.tar.bz2 4568404 BLAKE2B daf5cce5cbe12253f9ad201d89323ab7d54ba7ff466685b84830737689e4d417fbb97d053d8c9f3de5acb6dee9a192ebae48ec0d4aa07ba3c8969ee6d8f06ab3 SHA512 b982ce7c3e940ad75ab71b02ce3e2813b41c6b098cde5b6f3f3513d095f409fe989ae6e38a31eff51c57423bf452c3610cd5cd8cd7f45ff932581d9859df1821
-DIST strongswan-5.9.1.tar.bz2 4590867 BLAKE2B 1515764352e7473c47f853a5aa68e582d1fd61122ac1e1577bdc7813da77e0213803c69abf41a1667166e32fb9f2a4bfe8c74616d6431e698e31cf51e939ce3e SHA512 222625e77bd86959da6dd7346cfa9f92569fc396a494bb95ddf2c8e0680b7e8041541e8a14320517a0c735d713ae0fdc0d0c4694215e812817814b0b4efc3497
DIST strongswan-5.9.2.tar.bz2 4607281 BLAKE2B 84f5457bc970f49c9bc99d0ef41182d815e39b8a88be349ad0a78b531a983d3b3919d5c9f3b97793b0b2569f2c6b151cc3b5d9b145a8bfd663db6f79d8ff3dd6 SHA512 dca30b9be7847e0af59d1526c2e38d440b6729055cb3f0f0637d50d7381df465c7b59e79662efe63870a7a5a44eef696c02231274d2764f9e3c430ce2fd694f6
-EBUILD strongswan-5.9.0.ebuild 9527 BLAKE2B 2ef6b0a313b9fccdd5b389f09fc0cb46f1bdbcf72888ee026e194aa7abd595e034591ffd10db3e75109c18a1779cde184e2e51572a3e1aaedcf1ceaa841ea1f0 SHA512 ae80168f8334a9ea110a3e7ea87e083a530f4219f1d687dd0559318ef189d08333872758f0987bdb8f2e2e538a8cd4c434d1bc8ea07aa427bf6de77803daf1ae
-EBUILD strongswan-5.9.1.ebuild 9473 BLAKE2B fce96a09c5ea4b6c9466f82b9707914ad6333a414b9866634827c4fbb6e02c67988e518140ce82c7fb2156d53f59cc9e45dbb8eacd4c6f93387ad7cccf0153b4 SHA512 657a5d92574c578cb14d9c0b34998681d57a86f1b9fc4b2edc98c056f3a98a0eb594b7c7e8e867172872515fae04367ab55a11583564588d9e3c580e0f072a1a
-EBUILD strongswan-5.9.2.ebuild 9473 BLAKE2B fce96a09c5ea4b6c9466f82b9707914ad6333a414b9866634827c4fbb6e02c67988e518140ce82c7fb2156d53f59cc9e45dbb8eacd4c6f93387ad7cccf0153b4 SHA512 657a5d92574c578cb14d9c0b34998681d57a86f1b9fc4b2edc98c056f3a98a0eb594b7c7e8e867172872515fae04367ab55a11583564588d9e3c580e0f072a1a
+EBUILD strongswan-5.9.2-r1.ebuild 9476 BLAKE2B 224e5c6d8b9e4bc44efc05088487aa1c967172ff3b8aeb6cc0cbbf945b9ca94456d719f3a04d37310fc8df03dbbba2adb57160327e5917797ed028a1318195e3 SHA512 7d08af11744fbd85e84197b0ccbfcb0eb665293d8326c4600685b781c77d99229943f7ff08b107498c0d617a2bb2249463861285708958df5ee6493fdb3b4c67
MISC metadata.xml 4148 BLAKE2B cee80f9768668f9c455b812471498725970cef329ab4e36d727d3a2201980944a251286cf1d26ff3195c770a2709b3b8a484f5c473bf75acf4d9b9eb82325d60 SHA512 1a093806557dc1f9d40c2221dd1fe11900830008026218864e6cdd463218c5d876911ef78d5c21b6d9f9226dcce1c71acdc270f9a8eabdf1847e61c975ae24ad
diff --git a/net-vpn/strongswan/strongswan-5.9.0.ebuild b/net-vpn/strongswan/strongswan-5.9.0.ebuild
deleted file mode 100644
index 119c3deceb5b..000000000000
--- a/net-vpn/strongswan/strongswan-5.9.0.ebuild
+++ /dev/null
@@ -1,308 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-inherit linux-info systemd user
-
-DESCRIPTION="IPsec-based VPN solution, supporting IKEv1/IKEv2 and MOBIKE"
-HOMEPAGE="https://www.strongswan.org/"
-SRC_URI="https://download.strongswan.org/${P}.tar.bz2"
-
-LICENSE="GPL-2 RSA DES"
-SLOT="0"
-KEYWORDS="amd64 arm ~arm64 ppc ~ppc64 x86"
-IUSE="+caps curl +constraints debug dhcp eap farp gcrypt +gmp ldap mysql networkmanager +non-root +openssl selinux sqlite systemd pam pkcs11"
-
-STRONGSWAN_PLUGINS_STD="led lookip systime-fix unity vici"
-STRONGSWAN_PLUGINS_OPT="aesni blowfish bypass-lan ccm chapoly ctr forecast gcm ha ipseckey newhope ntru padlock rdrand save-keys unbound whitelist"
-for mod in $STRONGSWAN_PLUGINS_STD; do
- IUSE="${IUSE} +strongswan_plugins_${mod}"
-done
-
-for mod in $STRONGSWAN_PLUGINS_OPT; do
- IUSE="${IUSE} strongswan_plugins_${mod}"
-done
-
-COMMON_DEPEND="!net-misc/openswan
- gmp? ( >=dev-libs/gmp-4.1.5:= )
- gcrypt? ( dev-libs/libgcrypt:0 )
- caps? ( sys-libs/libcap )
- curl? ( net-misc/curl )
- ldap? ( net-nds/openldap )
- openssl? ( >=dev-libs/openssl-0.9.8:=[-bindist] )
- mysql? ( dev-db/mysql-connector-c:= )
- sqlite? ( >=dev-db/sqlite-3.3.1 )
- systemd? ( sys-apps/systemd )
- networkmanager? ( net-misc/networkmanager )
- pam? ( sys-libs/pam )
- strongswan_plugins_unbound? ( net-dns/unbound:= net-libs/ldns )"
-DEPEND="${COMMON_DEPEND}
- virtual/linux-sources
- sys-kernel/linux-headers"
-RDEPEND="${COMMON_DEPEND}
- virtual/logger
- sys-apps/iproute2
- !net-vpn/libreswan
- selinux? ( sec-policy/selinux-ipsec )"
-
-UGID="ipsec"
-
-pkg_setup() {
- linux-info_pkg_setup
-
- elog "Linux kernel version: ${KV_FULL}"
-
- if ! kernel_is -ge 2 6 16; then
- eerror
- eerror "This ebuild currently only supports ${PN} with the"
- eerror "native Linux 2.6 IPsec stack on kernels >= 2.6.16."
- eerror
- fi
-
- if kernel_is -lt 2 6 34; then
- ewarn
- ewarn "IMPORTANT KERNEL NOTES: Please read carefully..."
- ewarn
-
- if kernel_is -lt 2 6 29; then
- ewarn "[ < 2.6.29 ] Due to a missing kernel feature, you have to"
- ewarn "include all required IPv6 modules even if you just intend"
- ewarn "to run on IPv4 only."
- ewarn
- ewarn "This has been fixed with kernels >= 2.6.29."
- ewarn
- fi
-
- if kernel_is -lt 2 6 33; then
- ewarn "[ < 2.6.33 ] Kernels prior to 2.6.33 include a non-standards"
- ewarn "compliant implementation for SHA-2 HMAC support in ESP and"
- ewarn "miss SHA384 and SHA512 HMAC support altogether."
- ewarn
- ewarn "If you need any of those features, please use kernel >= 2.6.33."
- ewarn
- fi
-
- if kernel_is -lt 2 6 34; then
- ewarn "[ < 2.6.34 ] Support for the AES-GMAC authentification-only"
- ewarn "ESP cipher is only included in kernels >= 2.6.34."
- ewarn
- ewarn "If you need it, please use kernel >= 2.6.34."
- ewarn
- fi
- fi
-
- if use non-root; then
- enewgroup ${UGID}
- enewuser ${UGID} -1 -1 -1 ${UGID}
- fi
-}
-
-src_configure() {
- local myconf=""
-
- if use non-root; then
- myconf="${myconf} --with-user=${UGID} --with-group=${UGID}"
- fi
-
- # If a user has already enabled db support, those plugins will
- # most likely be desired as well. Besides they don't impose new
- # dependencies and come at no cost (except for space).
- if use mysql || use sqlite; then
- myconf="${myconf} --enable-attr-sql --enable-sql"
- fi
-
- # strongSwan builds and installs static libs by default which are
- # useless to the user (and to strongSwan for that matter) because no
- # header files or alike get installed... so disabling them is safe.
- if use pam && use eap; then
- myconf="${myconf} --enable-eap-gtc"
- else
- myconf="${myconf} --disable-eap-gtc"
- fi
-
- for mod in $STRONGSWAN_PLUGINS_STD; do
- if use strongswan_plugins_${mod}; then
- myconf+=" --enable-${mod}"
- fi
- done
-
- for mod in $STRONGSWAN_PLUGINS_OPT; do
- if use strongswan_plugins_${mod}; then
- myconf+=" --enable-${mod}"
- fi
- done
-
- econf \
- --disable-static \
- --enable-ikev1 \
- --enable-ikev2 \
- --enable-swanctl \
- --enable-socket-dynamic \
- $(use_enable curl) \
- $(use_enable constraints) \
- $(use_enable ldap) \
- $(use_enable debug leak-detective) \
- $(use_enable dhcp) \
- $(use_enable eap eap-sim) \
- $(use_enable eap eap-sim-file) \
- $(use_enable eap eap-simaka-sql) \
- $(use_enable eap eap-simaka-pseudonym) \
- $(use_enable eap eap-simaka-reauth) \
- $(use_enable eap eap-identity) \
- $(use_enable eap eap-md5) \
- $(use_enable eap eap-aka) \
- $(use_enable eap eap-aka-3gpp2) \
- $(use_enable eap md4) \
- $(use_enable eap eap-mschapv2) \
- $(use_enable eap eap-radius) \
- $(use_enable eap eap-tls) \
- $(use_enable eap eap-ttls) \
- $(use_enable eap xauth-eap) \
- $(use_enable eap eap-dynamic) \
- $(use_enable farp) \
- $(use_enable gmp) \
- $(use_enable gcrypt) \
- $(use_enable mysql) \
- $(use_enable networkmanager nm) \
- $(use_enable openssl) \
- $(use_enable pam xauth-pam) \
- $(use_enable pkcs11) \
- $(use_enable sqlite) \
- $(use_enable systemd) \
- $(use_with caps capabilities libcap) \
- --with-piddir=/run \
- --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \
- ${myconf}
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- if ! use systemd; then
- rm -rf "${ED}"/lib/systemd || die
- fi
-
- doinitd "${FILESDIR}"/ipsec
-
- local dir_ugid
- if use non-root; then
- fowners ${UGID}:${UGID} \
- /etc/ipsec.conf \
- /etc/strongswan.conf
-
- dir_ugid="${UGID}"
- else
- dir_ugid="root"
- fi
-
- diropts -m 0750 -o ${dir_ugid} -g ${dir_ugid}
- dodir /etc/ipsec.d \
- /etc/ipsec.d/aacerts \
- /etc/ipsec.d/acerts \
- /etc/ipsec.d/cacerts \
- /etc/ipsec.d/certs \
- /etc/ipsec.d/crls \
- /etc/ipsec.d/ocspcerts \
- /etc/ipsec.d/private \
- /etc/ipsec.d/reqs
-
- dodoc NEWS README TODO
-
- # shared libs are used only internally and there are no static libs,
- # so it's safe to get rid of the .la files
- find "${D}" -name '*.la' -delete || die "Failed to remove .la files."
-}
-
-pkg_preinst() {
- has_version "<net-vpn/strongswan-4.3.6-r1"
- upgrade_from_leq_4_3_6=$(( !$? ))
-
- has_version "<net-vpn/strongswan-4.3.6-r1[-caps]"
- previous_4_3_6_with_caps=$(( !$? ))
-}
-
-pkg_postinst() {
- if ! use openssl && ! use gcrypt; then
- elog
- elog "${PN} has been compiled without both OpenSSL and libgcrypt support."
- elog "Please note that this might effect availability and speed of some"
- elog "cryptographic features. You are advised to enable the OpenSSL plugin."
- elif ! use openssl; then
- elog
- elog "${PN} has been compiled without the OpenSSL plugin. This might effect"
- elog "availability and speed of some cryptographic features. There will be"
- elog "no support for Elliptic Curve Cryptography (Diffie-Hellman groups 19-21,"
- elog "25, 26) and ECDSA."
- fi
-
- if [[ $upgrade_from_leq_4_3_6 == 1 ]]; then
- chmod 0750 "${ROOT}"/etc/ipsec.d \
- "${ROOT}"/etc/ipsec.d/aacerts \
- "${ROOT}"/etc/ipsec.d/acerts \
- "${ROOT}"/etc/ipsec.d/cacerts \
- "${ROOT}"/etc/ipsec.d/certs \
- "${ROOT}"/etc/ipsec.d/crls \
- "${ROOT}"/etc/ipsec.d/ocspcerts \
- "${ROOT}"/etc/ipsec.d/private \
- "${ROOT}"/etc/ipsec.d/reqs
-
- ewarn
- ewarn "The default permissions for /etc/ipsec.d/* have been tightened for"
- ewarn "security reasons. Your system installed directories have been"
- ewarn "updated accordingly. Please check if necessary."
- ewarn
-
- if [[ $previous_4_3_6_with_caps == 1 ]]; then
- if ! use non-root; then
- ewarn
- ewarn "IMPORTANT: You previously had ${PN} installed without root"
- ewarn "privileges because it was implied by the 'caps' USE flag."
- ewarn "This has been changed. If you want ${PN} with user privileges,"
- ewarn "you have to re-emerge it with the 'non-root' USE flag enabled."
- ewarn
- fi
- fi
- fi
- if ! use caps && ! use non-root; then
- ewarn
- ewarn "You have decided to run ${PN} with root privileges and built it"
- ewarn "without support for POSIX capability dropping. It is generally"
- ewarn "strongly suggested that you reconsider- especially if you intend"
- ewarn "to run ${PN} as server with a public ip address."
- ewarn
- ewarn "You should re-emerge ${PN} with at least the 'caps' USE flag enabled."
- ewarn
- fi
- if use non-root; then
- elog
- elog "${PN} has been installed without superuser privileges (USE=non-root)."
- elog "This imposes several limitations mainly to the IKEv1 daemon 'pluto'"
- elog "but also a few to the IKEv2 daemon 'charon'."
- elog
- elog "Please carefully read: http://wiki.strongswan.org/wiki/nonRoot"
- elog
- elog "pluto uses a helper script by default to insert/remove routing and"
- elog "policy rules upon connection start/stop which requires superuser"
- elog "privileges. charon in contrast does this internally and can do so"
- elog "even with reduced (user) privileges."
- elog
- elog "Thus if you require IKEv1 (pluto) or need to specify a custom updown"
- elog "script to pluto or charon which requires superuser privileges, you"
- elog "can work around this limitation by using sudo to grant the"
- elog "user \"ipsec\" the appropriate rights."
- elog "For example (the default case):"
- elog "/etc/sudoers:"
- elog " ipsec ALL=(ALL) NOPASSWD: SETENV: /usr/sbin/ipsec"
- elog "Under the specific connection block in /etc/ipsec.conf:"
- elog " leftupdown=\"sudo -E ipsec _updown iptables\""
- elog
- fi
- elog
- elog "Make sure you have _all_ required kernel modules available including"
- elog "the appropriate cryptographic algorithms. A list is available at:"
- elog " https://wiki.strongswan.org/projects/strongswan/wiki/KernelModules"
- elog
- elog "The up-to-date manual is available online at:"
- elog " https://wiki.strongswan.org/"
- elog
-}
diff --git a/net-vpn/strongswan/strongswan-5.9.1.ebuild b/net-vpn/strongswan/strongswan-5.9.2-r1.ebuild
index b7b28afa8ea2..cd1ecbe44da2 100644
--- a/net-vpn/strongswan/strongswan-5.9.1.ebuild
+++ b/net-vpn/strongswan/strongswan-5.9.2-r1.ebuild
@@ -32,7 +32,7 @@ COMMON_DEPEND="non-root? (
caps? ( sys-libs/libcap )
curl? ( net-misc/curl )
ldap? ( net-nds/openldap )
- openssl? ( >=dev-libs/openssl-0.9.8:=[-bindist] )
+ openssl? ( >=dev-libs/openssl-0.9.8:=[-bindist(-)] )
mysql? ( dev-db/mysql-connector-c:= )
sqlite? ( >=dev-db/sqlite-3.3.1 )
systemd? ( sys-apps/systemd )
diff --git a/net-vpn/strongswan/strongswan-5.9.2.ebuild b/net-vpn/strongswan/strongswan-5.9.2.ebuild
deleted file mode 100644
index b7b28afa8ea2..000000000000
--- a/net-vpn/strongswan/strongswan-5.9.2.ebuild
+++ /dev/null
@@ -1,308 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-inherit linux-info systemd
-
-DESCRIPTION="IPsec-based VPN solution, supporting IKEv1/IKEv2 and MOBIKE"
-HOMEPAGE="https://www.strongswan.org/"
-SRC_URI="https://download.strongswan.org/${P}.tar.bz2"
-
-LICENSE="GPL-2 RSA DES"
-SLOT="0"
-KEYWORDS="amd64 arm ~arm64 ppc ~ppc64 x86"
-IUSE="+caps curl +constraints debug dhcp eap farp gcrypt +gmp ldap mysql networkmanager +non-root +openssl selinux sqlite systemd pam pkcs11"
-
-STRONGSWAN_PLUGINS_STD="led lookip systime-fix unity vici"
-STRONGSWAN_PLUGINS_OPT="aesni blowfish bypass-lan ccm chapoly ctr forecast gcm ha ipseckey newhope ntru padlock rdrand save-keys unbound whitelist"
-for mod in $STRONGSWAN_PLUGINS_STD; do
- IUSE="${IUSE} +strongswan_plugins_${mod}"
-done
-
-for mod in $STRONGSWAN_PLUGINS_OPT; do
- IUSE="${IUSE} strongswan_plugins_${mod}"
-done
-
-COMMON_DEPEND="non-root? (
- acct-user/ipsec
- acct-group/ipsec
- )
- gmp? ( >=dev-libs/gmp-4.1.5:= )
- gcrypt? ( dev-libs/libgcrypt:0 )
- caps? ( sys-libs/libcap )
- curl? ( net-misc/curl )
- ldap? ( net-nds/openldap )
- openssl? ( >=dev-libs/openssl-0.9.8:=[-bindist] )
- mysql? ( dev-db/mysql-connector-c:= )
- sqlite? ( >=dev-db/sqlite-3.3.1 )
- systemd? ( sys-apps/systemd )
- networkmanager? ( net-misc/networkmanager )
- pam? ( sys-libs/pam )
- strongswan_plugins_unbound? ( net-dns/unbound:= net-libs/ldns )"
-
-DEPEND="${COMMON_DEPEND}
- virtual/linux-sources
- sys-kernel/linux-headers"
-
-RDEPEND="${COMMON_DEPEND}
- virtual/logger
- sys-apps/iproute2
- !net-vpn/libreswan
- selinux? ( sec-policy/selinux-ipsec )"
-
-UGID="ipsec"
-
-pkg_setup() {
- linux-info_pkg_setup
-
- elog "Linux kernel version: ${KV_FULL}"
-
- if ! kernel_is -ge 2 6 16; then
- eerror
- eerror "This ebuild currently only supports ${PN} with the"
- eerror "native Linux 2.6 IPsec stack on kernels >= 2.6.16."
- eerror
- fi
-
- if kernel_is -lt 2 6 34; then
- ewarn
- ewarn "IMPORTANT KERNEL NOTES: Please read carefully..."
- ewarn
-
- if kernel_is -lt 2 6 29; then
- ewarn "[ < 2.6.29 ] Due to a missing kernel feature, you have to"
- ewarn "include all required IPv6 modules even if you just intend"
- ewarn "to run on IPv4 only."
- ewarn
- ewarn "This has been fixed with kernels >= 2.6.29."
- ewarn
- fi
-
- if kernel_is -lt 2 6 33; then
- ewarn "[ < 2.6.33 ] Kernels prior to 2.6.33 include a non-standards"
- ewarn "compliant implementation for SHA-2 HMAC support in ESP and"
- ewarn "miss SHA384 and SHA512 HMAC support altogether."
- ewarn
- ewarn "If you need any of those features, please use kernel >= 2.6.33."
- ewarn
- fi
-
- if kernel_is -lt 2 6 34; then
- ewarn "[ < 2.6.34 ] Support for the AES-GMAC authentification-only"
- ewarn "ESP cipher is only included in kernels >= 2.6.34."
- ewarn
- ewarn "If you need it, please use kernel >= 2.6.34."
- ewarn
- fi
- fi
-}
-
-src_configure() {
- local myconf=""
-
- if use non-root; then
- myconf="${myconf} --with-user=${UGID} --with-group=${UGID}"
- fi
-
- # If a user has already enabled db support, those plugins will
- # most likely be desired as well. Besides they don't impose new
- # dependencies and come at no cost (except for space).
- if use mysql || use sqlite; then
- myconf="${myconf} --enable-attr-sql --enable-sql"
- fi
-
- # strongSwan builds and installs static libs by default which are
- # useless to the user (and to strongSwan for that matter) because no
- # header files or alike get installed... so disabling them is safe.
- if use pam && use eap; then
- myconf="${myconf} --enable-eap-gtc"
- else
- myconf="${myconf} --disable-eap-gtc"
- fi
-
- for mod in $STRONGSWAN_PLUGINS_STD; do
- if use strongswan_plugins_${mod}; then
- myconf+=" --enable-${mod}"
- fi
- done
-
- for mod in $STRONGSWAN_PLUGINS_OPT; do
- if use strongswan_plugins_${mod}; then
- myconf+=" --enable-${mod}"
- fi
- done
-
- econf \
- --disable-static \
- --enable-ikev1 \
- --enable-ikev2 \
- --enable-swanctl \
- --enable-socket-dynamic \
- $(use_enable curl) \
- $(use_enable constraints) \
- $(use_enable ldap) \
- $(use_enable debug leak-detective) \
- $(use_enable dhcp) \
- $(use_enable eap eap-sim) \
- $(use_enable eap eap-sim-file) \
- $(use_enable eap eap-simaka-sql) \
- $(use_enable eap eap-simaka-pseudonym) \
- $(use_enable eap eap-simaka-reauth) \
- $(use_enable eap eap-identity) \
- $(use_enable eap eap-md5) \
- $(use_enable eap eap-aka) \
- $(use_enable eap eap-aka-3gpp2) \
- $(use_enable eap md4) \
- $(use_enable eap eap-mschapv2) \
- $(use_enable eap eap-radius) \
- $(use_enable eap eap-tls) \
- $(use_enable eap eap-ttls) \
- $(use_enable eap xauth-eap) \
- $(use_enable eap eap-dynamic) \
- $(use_enable farp) \
- $(use_enable gmp) \
- $(use_enable gcrypt) \
- $(use_enable mysql) \
- $(use_enable networkmanager nm) \
- $(use_enable openssl) \
- $(use_enable pam xauth-pam) \
- $(use_enable pkcs11) \
- $(use_enable sqlite) \
- $(use_enable systemd) \
- $(use_with caps capabilities libcap) \
- --with-piddir=/run \
- --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \
- ${myconf}
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- if ! use systemd; then
- rm -rf "${ED}"/lib/systemd || die
- fi
-
- doinitd "${FILESDIR}"/ipsec
-
- local dir_ugid
- if use non-root; then
- fowners ${UGID}:${UGID} \
- /etc/ipsec.conf \
- /etc/strongswan.conf
-
- dir_ugid="${UGID}"
- else
- dir_ugid="root"
- fi
-
- diropts -m 0750 -o ${dir_ugid} -g ${dir_ugid}
- dodir /etc/ipsec.d \
- /etc/ipsec.d/aacerts \
- /etc/ipsec.d/acerts \
- /etc/ipsec.d/cacerts \
- /etc/ipsec.d/certs \
- /etc/ipsec.d/crls \
- /etc/ipsec.d/ocspcerts \
- /etc/ipsec.d/private \
- /etc/ipsec.d/reqs
-
- dodoc NEWS README TODO
-
- # shared libs are used only internally and there are no static libs,
- # so it's safe to get rid of the .la files
- find "${D}" -name '*.la' -delete || die "Failed to remove .la files."
-}
-
-pkg_preinst() {
- has_version "<net-vpn/strongswan-4.3.6-r1"
- upgrade_from_leq_4_3_6=$(( !$? ))
-
- has_version "<net-vpn/strongswan-4.3.6-r1[-caps]"
- previous_4_3_6_with_caps=$(( !$? ))
-}
-
-pkg_postinst() {
- if ! use openssl && ! use gcrypt; then
- elog
- elog "${PN} has been compiled without both OpenSSL and libgcrypt support."
- elog "Please note that this might effect availability and speed of some"
- elog "cryptographic features. You are advised to enable the OpenSSL plugin."
- elif ! use openssl; then
- elog
- elog "${PN} has been compiled without the OpenSSL plugin. This might effect"
- elog "availability and speed of some cryptographic features. There will be"
- elog "no support for Elliptic Curve Cryptography (Diffie-Hellman groups 19-21,"
- elog "25, 26) and ECDSA."
- fi
-
- if [[ $upgrade_from_leq_4_3_6 == 1 ]]; then
- chmod 0750 "${ROOT}"/etc/ipsec.d \
- "${ROOT}"/etc/ipsec.d/aacerts \
- "${ROOT}"/etc/ipsec.d/acerts \
- "${ROOT}"/etc/ipsec.d/cacerts \
- "${ROOT}"/etc/ipsec.d/certs \
- "${ROOT}"/etc/ipsec.d/crls \
- "${ROOT}"/etc/ipsec.d/ocspcerts \
- "${ROOT}"/etc/ipsec.d/private \
- "${ROOT}"/etc/ipsec.d/reqs
-
- ewarn
- ewarn "The default permissions for /etc/ipsec.d/* have been tightened for"
- ewarn "security reasons. Your system installed directories have been"
- ewarn "updated accordingly. Please check if necessary."
- ewarn
-
- if [[ $previous_4_3_6_with_caps == 1 ]]; then
- if ! use non-root; then
- ewarn
- ewarn "IMPORTANT: You previously had ${PN} installed without root"
- ewarn "privileges because it was implied by the 'caps' USE flag."
- ewarn "This has been changed. If you want ${PN} with user privileges,"
- ewarn "you have to re-emerge it with the 'non-root' USE flag enabled."
- ewarn
- fi
- fi
- fi
- if ! use caps && ! use non-root; then
- ewarn
- ewarn "You have decided to run ${PN} with root privileges and built it"
- ewarn "without support for POSIX capability dropping. It is generally"
- ewarn "strongly suggested that you reconsider- especially if you intend"
- ewarn "to run ${PN} as server with a public ip address."
- ewarn
- ewarn "You should re-emerge ${PN} with at least the 'caps' USE flag enabled."
- ewarn
- fi
- if use non-root; then
- elog
- elog "${PN} has been installed without superuser privileges (USE=non-root)."
- elog "This imposes several limitations mainly to the IKEv1 daemon 'pluto'"
- elog "but also a few to the IKEv2 daemon 'charon'."
- elog
- elog "Please carefully read: http://wiki.strongswan.org/wiki/nonRoot"
- elog
- elog "pluto uses a helper script by default to insert/remove routing and"
- elog "policy rules upon connection start/stop which requires superuser"
- elog "privileges. charon in contrast does this internally and can do so"
- elog "even with reduced (user) privileges."
- elog
- elog "Thus if you require IKEv1 (pluto) or need to specify a custom updown"
- elog "script to pluto or charon which requires superuser privileges, you"
- elog "can work around this limitation by using sudo to grant the"
- elog "user \"ipsec\" the appropriate rights."
- elog "For example (the default case):"
- elog "/etc/sudoers:"
- elog " ipsec ALL=(ALL) NOPASSWD: SETENV: /usr/sbin/ipsec"
- elog "Under the specific connection block in /etc/ipsec.conf:"
- elog " leftupdown=\"sudo -E ipsec _updown iptables\""
- elog
- fi
- elog
- elog "Make sure you have _all_ required kernel modules available including"
- elog "the appropriate cryptographic algorithms. A list is available at:"
- elog " https://wiki.strongswan.org/projects/strongswan/wiki/KernelModules"
- elog
- elog "The up-to-date manual is available online at:"
- elog " https://wiki.strongswan.org/"
- elog
-}
diff --git a/net-vpn/tor/Manifest b/net-vpn/tor/Manifest
index 883996fd5755..0367d25cf406 100644
--- a/net-vpn/tor/Manifest
+++ b/net-vpn/tor/Manifest
@@ -14,8 +14,8 @@ DIST tor-0.4.5.9.tar.gz 7840294 BLAKE2B 75babcbf7929fa34034ad706df1189ca7988e8c5
DIST tor-0.4.5.9.tar.gz.asc 833 BLAKE2B fca3769b683e8bb90540026dda6d2f302d499262c806f7c7215e7a30908cd46b807717fd130380d114660380166852f6a0cbb702966c6930004d04098718d582 SHA512 df538981aa19a2fa730a1e357f277f22b3cae769a1d13fa1d920a5e949d5b3770a8de9883eeaf2522c8b24327f73505569ac0f6ecf77139ddb5ef1e2418924b6
DIST tor-0.4.6.5.tar.gz 7754823 BLAKE2B bdff61863f8b48381cc52d66c54f417e90177118d6cdd1402f3ecca9783f32141f74bb979b4f8c919d9e2c6cd4373fd9a5e0e84498a26470af1fbc6eb2c7caed SHA512 62bcd8d446199cdd397a688d454730a057ef20be4152e6d0632f64df27c993c70be0dbde0a2e7679a8a20850371a503b8daf777296d555760d8aae3286e48050
DIST tor-0.4.6.5.tar.gz.asc 833 BLAKE2B 966ab724e37dd341c3ef45f2aeb7e1c928270831ea790cb6cb0e77084a0c813d66ce35c5d31d49bf9d1e9a6ecfb3d4fb6ee4424fd83183d654016d22fcb90d7e SHA512 1cf9111ba08594c716874a2b6f35a7959c5c391518ec1e5b1491d84454f3fe1c705e06dfcfd23f30e0eb619063304c430cbebc9827190df0b03ec09cecd1773c
-EBUILD tor-0.4.4.9.ebuild 2794 BLAKE2B 561a2af6b4e64dd50cd04f30a8fb5a67e56d6759a5d6144c19db21b914e9d5be44947d897769a4f8f3d2b6ba7faa73e9d0f36caff73ff14e10934014f0481059 SHA512 3b6b96b82ba712d4258818cce58a51baaa097ac2c249ba51ed53e9c689ccc85fa7e43ee44c62919911c8474eb106ea1ae5384272e2751cb6331954b315221dfc
-EBUILD tor-0.4.5.7.ebuild 2785 BLAKE2B 806c5ed6f41d3f7e792127dfdd92d7d015a6f5b9cfdf182523896503ef86bc72a239abfd20f2badca408254a04e8b440e4d1f405794c02385a5ffcd9270bcbe5 SHA512 42a07d094edff6560f6b20c588ae6ec41ccbf20a5bc8dd3255badbfe2f09c07bb739356120ea4b6d4287b4b03652c17d32f46a511111d6040b6a8d8074676f18
-EBUILD tor-0.4.5.9.ebuild 2541 BLAKE2B ae1d9127c828b13a877e7d620c70863f473daf722ff0cecc26b4bd2fc0120c24183c930fbc1d24f3cd0be7e3269644473bc75ad910d7e56e22093cf1f0ef908c SHA512 45a469f5e22244d2d5138bba4994c60fc889d19d3cdbe02c3e6d4a105d1d773467a7411ef2e073e7230756c054e9bbc03991fe9b7f844764270737ded22490e6
-EBUILD tor-0.4.6.5.ebuild 2739 BLAKE2B e9f1b852aed9b3124be411c407f4c5686ed8645957b31acf1aedc349b3290cb0a745b7c28801fe19415c2a5531064fa596af50e3db0e0143aa0a883cb983ac31 SHA512 ae8ca192172d72aa4829a4760a6d4734e0895153eeb6fc785a98aea4fdbd77c094af1b288f3b5feec6db8a897a1d23cc59a5e842488bb3678c91b6e8175e864a
+EBUILD tor-0.4.4.9-r1.ebuild 2797 BLAKE2B 2b37de0b894e2b7088fad0463bb173a08139ca8da49507fc5718d270db00b2084f012d619e8df9f0f4821eaf78357401b23348f4ecbef53d972e486198045c8e SHA512 c2b0dd7537064d8d1cbe0eb9d213610460afa79938849232390fd512cd8498e076138f5e9fdad6b0a85b665f73c1ab62bbaac0cb07f543536bbff9dae0590915
+EBUILD tor-0.4.5.7-r1.ebuild 2788 BLAKE2B 7c390e7a4789c967ce7b63b6a9505d487fc5dc7eba3b3d11d929f37a4bb4768dbd00c9547263d051aee401f8016f1abb69189acec02fa22616bfe8b3fb1cbc48 SHA512 746c9462ee787c860d3cee7deb8435b310cd1488c11dd385895fa891a43043bcacc15ed2c3df6905242f132111dbb2ac64850f21397e392e80bd09f851322fca
+EBUILD tor-0.4.5.9-r1.ebuild 2544 BLAKE2B 840d53158ed06452c125ac933253d01f79996b73a24293890dcd25011c969da7dd6e6a8b87bd94f7c0e9426a180e74515a29cade4702dcd14e946a6be2134cc6 SHA512 76f2944e47441bc85be06bdf05c943f5032f344d6aaa28710c79c26ff4f293879e40d463764cb03e44319d6ca7faa743456084d51f8ae3476e912b4daca00266
+EBUILD tor-0.4.6.5-r1.ebuild 2742 BLAKE2B ded94096f45ce9dd6be3ed15c762f80086aff5f2590ae83b94850ef1a2827d0c436313ee27f661dc190c89ef36417c3b2e8deb89817351b8b82d6e28e3d51eb5 SHA512 489760dbb35167c927ba53f061a767d03f17d90168010907e4a89db62a394029f3ed88f86e127d13c9720f8b875832531545aee4f5fee24522554602a973c692
MISC metadata.xml 549 BLAKE2B af6257c0e04c7487b23edb1f5c6fce91fbb76aedf9c0357bb4f214ff4af9d6055e0c6bb32fef5c9906f461f34b5631891a681a039612c73feecff8ff77a0a3c2 SHA512 2b9d9c20a9691dd67cb5ef98e386bea8cff9ba79208373922c5a379ca8c96e021e94748d7b85e860a24063f1fc439a3adee59b3dde70cf6b35401d18518b5689
diff --git a/net-vpn/tor/tor-0.4.4.9.ebuild b/net-vpn/tor/tor-0.4.4.9-r1.ebuild
index bdb635b77531..8a971fb7b60f 100644
--- a/net-vpn/tor/tor-0.4.4.9.ebuild
+++ b/net-vpn/tor/tor-0.4.4.9-r1.ebuild
@@ -29,7 +29,7 @@ DEPEND="
sys-libs/zlib
caps? ( sys-libs/libcap )
man? ( app-text/asciidoc )
- dev-libs/openssl:0=[-bindist]
+ dev-libs/openssl:0=[-bindist(-)]
lzma? ( app-arch/xz-utils )
scrypt? ( app-crypt/libscrypt )
seccomp? ( >=sys-libs/libseccomp-2.4.1 )
diff --git a/net-vpn/tor/tor-0.4.5.7.ebuild b/net-vpn/tor/tor-0.4.5.7-r1.ebuild
index 82738f38a284..aacbb466ed11 100644
--- a/net-vpn/tor/tor-0.4.5.7.ebuild
+++ b/net-vpn/tor/tor-0.4.5.7-r1.ebuild
@@ -29,7 +29,7 @@ DEPEND="
sys-libs/zlib
caps? ( sys-libs/libcap )
man? ( app-text/asciidoc )
- dev-libs/openssl:0=[-bindist]
+ dev-libs/openssl:0=[-bindist(-)]
lzma? ( app-arch/xz-utils )
scrypt? ( app-crypt/libscrypt )
seccomp? ( >=sys-libs/libseccomp-2.4.1 )
diff --git a/net-vpn/tor/tor-0.4.5.9.ebuild b/net-vpn/tor/tor-0.4.5.9-r1.ebuild
index 5616d54e5b3c..7ffede47e2de 100644
--- a/net-vpn/tor/tor-0.4.5.9.ebuild
+++ b/net-vpn/tor/tor-0.4.5.9-r1.ebuild
@@ -26,7 +26,7 @@ DEPEND="
sys-libs/zlib
caps? ( sys-libs/libcap )
man? ( app-text/asciidoc )
- dev-libs/openssl:0=[-bindist]
+ dev-libs/openssl:0=[-bindist(-)]
lzma? ( app-arch/xz-utils )
scrypt? ( app-crypt/libscrypt )
seccomp? ( >=sys-libs/libseccomp-2.4.1 )
diff --git a/net-vpn/tor/tor-0.4.6.5.ebuild b/net-vpn/tor/tor-0.4.6.5-r1.ebuild
index b58b53b2f97b..5b9be817185e 100644
--- a/net-vpn/tor/tor-0.4.6.5.ebuild
+++ b/net-vpn/tor/tor-0.4.6.5-r1.ebuild
@@ -29,7 +29,7 @@ DEPEND="
sys-libs/zlib
caps? ( sys-libs/libcap )
man? ( app-text/asciidoc )
- dev-libs/openssl:0=[-bindist]
+ dev-libs/openssl:0=[-bindist(-)]
lzma? ( app-arch/xz-utils )
scrypt? ( app-crypt/libscrypt )
seccomp? ( >=sys-libs/libseccomp-2.4.1 )