gentoo resync : 20.06.2021

author: V3n3RiX <venerix@redcorelinux.org> 2021-06-20 14:45:01 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2021-06-20 14:45:01 +0100
commit: 34dea8e38f88007799629d0a56b12dec480b1d21 (patch)
tree: 6790873994b58030360328cf5897d934b3b03d16 /net-vpn
parent: 7932d472a02d4c016ff7dff4b7a5479ab9d1883d (diff)
12 files changed, 14 insertions, 634 deletions
diff --git a/net-vpn/Manifest.gz b/net-vpn/Manifest.gz
index 687ca5968409..52d999fcc492 100644
--- a/net-vpn/Manifest.gz
+++ b/net-vpn/Manifest.gz
diff --git a/net-vpn/i2pd/Manifest b/net-vpn/i2pd/Manifest
index 70031ed5a36a..a3da3da12b5a 100644
--- a/net-vpn/i2pd/Manifest
+++ b/net-vpn/i2pd/Manifest
@@ -5,5 +5,5 @@ AUX i2pd-2.38.0.service 906 BLAKE2B 583c1856ceada5e60b7f595452afbe3e254616185d64
 AUX i2pd-2.6.0-r3.confd 322 BLAKE2B 1abce31d300785fe0f42eb0c15bc26f723e99bfe4f3d21ef4d83620c064838d0e27f89f287a97404276490b848bd1372a40b915d4830b7755d801c4bda551099 SHA512 083f4c860d7556bd14f2765b098743c25f996ef16de3982430ff27ac7711051738d48709654441099ea8c755b6d9a6e25b52286f7e8c928d3f39f1207a9517a9
 AUX i2pd-2.6.0-r3.initd 1385 BLAKE2B 5c754a7e289f8d102b2690f78fb3e9b805c6eb46208fba8d8200886dcd30e5e7ba682bb9eb493d654bbec03b8fa7ec58cf885f91203db400280c9de4d9c1e377 SHA512 c09d9164fedac748162eeeafabf4776e16869e7ad06ba5f1b008fa57655fbe8f9633804575e44011b61130699e394bd0d8623b13e9614623b8a9b34e5ad6ecd5
 DIST i2pd-2.38.0.tar.gz 555543 BLAKE2B a47c4b77e3a1d4c88cfd18b288b53592a8096509e0bed01bbf57f8d81b715699f822059cd9eecc0deb8fc82d98c23a8c0f6a67ac71654da528f81785338bfe54 SHA512 01e160394dc07621b3d236fcc13d78b46e109290f59dbb77f282c05f4d80fdfa01c9b062de5ca91d6d6e739beb8a5b6f731508b48d9483f1a132a93a71d88e6f
-EBUILD i2pd-2.38.0-r1.ebuild 2215 BLAKE2B 573602917de4a854582de366a8d00e6f7ac9e3cbe9aacc262acb3697ef351e20a50a495a3857f1ebf1789276462211edcaf13194d4dab50cfe80a6fb613ca26d SHA512 550ea1400297f7c44142504c2635af1e9f98acceab266f0604e4271b37291db8d747f54dc304136d8b4b1dc7d9bbab479e0ebb43688e628d31f317370f389fea
+EBUILD i2pd-2.38.0-r3.ebuild 2224 BLAKE2B a104476434aefb858637afa9227c98ca9c6349e1ab5435ee50bac6e005af51b871a0529c61899852147c8c3fd408f78a8dae859a7a73715bb2df6420c9240748 SHA512 14798f72573625ac5cd13f90f3501ae956285fcdaf579add0f556ca668e1ba6eb997db5d41dcd9aa56dd5a7ef20aea2da5492a12141390bacb72cebe93ca3e66
 MISC metadata.xml 727 BLAKE2B 2956a473062444342fb7436a09686b9774210105445288152df0e024fdf81b93b86782a1e3e5348ce8d4a2d71383db3ed63dd51dde00abadcfdce5f84819b37f SHA512 0362e22d09aa7735d12b66da01cc717704429750a57dc2cc625c2907525c935764ede0a83ef4908417542bc0afe24cb21ada71ee3100dffdb3d3b2ab3999da38
diff --git a/net-vpn/i2pd/i2pd-2.38.0-r1.ebuild b/net-vpn/i2pd/i2pd-2.38.0-r3.ebuild
index b77a5dab495a..bc5464e5280a 100644
--- a/net-vpn/i2pd/i2pd-2.38.0-r1.ebuild
+++ b/net-vpn/i2pd/i2pd-2.38.0-r3.ebuild
@@ -18,13 +18,13 @@ RDEPEND="
 	acct-user/i2pd
 	acct-group/i2pd
 	!static? (
-		dev-libs/boost:=[threads]
-		dev-libs/openssl:0=[-bindist]
+		dev-libs/boost:=[threads(+)]
+		dev-libs/openssl:0=[-bindist(-)]
 		upnp? ( net-libs/miniupnpc:= )
 	)"
 DEPEND="${RDEPEND}
 	static? (
-		dev-libs/boost:=[static-libs,threads]
+		dev-libs/boost:=[static-libs,threads(+)]
 		sys-libs/zlib[static-libs]
 		dev-libs/openssl:0=[static-libs]
 		upnp? ( net-libs/miniupnpc:=[static-libs] )
diff --git a/net-vpn/strongswan/Manifest b/net-vpn/strongswan/Manifest
index 63ae6257aca7..ebda3c352363 100644
--- a/net-vpn/strongswan/Manifest
+++ b/net-vpn/strongswan/Manifest
@@ -1,8 +1,4 @@
 AUX ipsec 451 BLAKE2B deb3fff7043e04c1630119bb0cbbd6fa9b6f15666131ac9744a32d35cf3bc0629fe99cf9936b9cdb464627c1a8c121b8485f164166efda428825a55aab557d18 SHA512 d11ccc36ee89df5974547441fdb6c539dd3a7a5e235e318c1beddca7d4f5cace857f2dc75752e6fa913177eec9c3afcbed52de5bc08e8c314096d439cbc3bc6c
-DIST strongswan-5.9.0.tar.bz2 4568404 BLAKE2B daf5cce5cbe12253f9ad201d89323ab7d54ba7ff466685b84830737689e4d417fbb97d053d8c9f3de5acb6dee9a192ebae48ec0d4aa07ba3c8969ee6d8f06ab3 SHA512 b982ce7c3e940ad75ab71b02ce3e2813b41c6b098cde5b6f3f3513d095f409fe989ae6e38a31eff51c57423bf452c3610cd5cd8cd7f45ff932581d9859df1821
-DIST strongswan-5.9.1.tar.bz2 4590867 BLAKE2B 1515764352e7473c47f853a5aa68e582d1fd61122ac1e1577bdc7813da77e0213803c69abf41a1667166e32fb9f2a4bfe8c74616d6431e698e31cf51e939ce3e SHA512 222625e77bd86959da6dd7346cfa9f92569fc396a494bb95ddf2c8e0680b7e8041541e8a14320517a0c735d713ae0fdc0d0c4694215e812817814b0b4efc3497
 DIST strongswan-5.9.2.tar.bz2 4607281 BLAKE2B 84f5457bc970f49c9bc99d0ef41182d815e39b8a88be349ad0a78b531a983d3b3919d5c9f3b97793b0b2569f2c6b151cc3b5d9b145a8bfd663db6f79d8ff3dd6 SHA512 dca30b9be7847e0af59d1526c2e38d440b6729055cb3f0f0637d50d7381df465c7b59e79662efe63870a7a5a44eef696c02231274d2764f9e3c430ce2fd694f6
-EBUILD strongswan-5.9.0.ebuild 9527 BLAKE2B 2ef6b0a313b9fccdd5b389f09fc0cb46f1bdbcf72888ee026e194aa7abd595e034591ffd10db3e75109c18a1779cde184e2e51572a3e1aaedcf1ceaa841ea1f0 SHA512 ae80168f8334a9ea110a3e7ea87e083a530f4219f1d687dd0559318ef189d08333872758f0987bdb8f2e2e538a8cd4c434d1bc8ea07aa427bf6de77803daf1ae
-EBUILD strongswan-5.9.1.ebuild 9473 BLAKE2B fce96a09c5ea4b6c9466f82b9707914ad6333a414b9866634827c4fbb6e02c67988e518140ce82c7fb2156d53f59cc9e45dbb8eacd4c6f93387ad7cccf0153b4 SHA512 657a5d92574c578cb14d9c0b34998681d57a86f1b9fc4b2edc98c056f3a98a0eb594b7c7e8e867172872515fae04367ab55a11583564588d9e3c580e0f072a1a
-EBUILD strongswan-5.9.2.ebuild 9473 BLAKE2B fce96a09c5ea4b6c9466f82b9707914ad6333a414b9866634827c4fbb6e02c67988e518140ce82c7fb2156d53f59cc9e45dbb8eacd4c6f93387ad7cccf0153b4 SHA512 657a5d92574c578cb14d9c0b34998681d57a86f1b9fc4b2edc98c056f3a98a0eb594b7c7e8e867172872515fae04367ab55a11583564588d9e3c580e0f072a1a
+EBUILD strongswan-5.9.2-r1.ebuild 9476 BLAKE2B 224e5c6d8b9e4bc44efc05088487aa1c967172ff3b8aeb6cc0cbbf945b9ca94456d719f3a04d37310fc8df03dbbba2adb57160327e5917797ed028a1318195e3 SHA512 7d08af11744fbd85e84197b0ccbfcb0eb665293d8326c4600685b781c77d99229943f7ff08b107498c0d617a2bb2249463861285708958df5ee6493fdb3b4c67
 MISC metadata.xml 4148 BLAKE2B cee80f9768668f9c455b812471498725970cef329ab4e36d727d3a2201980944a251286cf1d26ff3195c770a2709b3b8a484f5c473bf75acf4d9b9eb82325d60 SHA512 1a093806557dc1f9d40c2221dd1fe11900830008026218864e6cdd463218c5d876911ef78d5c21b6d9f9226dcce1c71acdc270f9a8eabdf1847e61c975ae24ad
diff --git a/net-vpn/strongswan/strongswan-5.9.0.ebuild b/net-vpn/strongswan/strongswan-5.9.0.ebuild
deleted file mode 100644
index 119c3deceb5b..000000000000
--- a/net-vpn/strongswan/strongswan-5.9.0.ebuild
+++ /dev/null
@@ -1,308 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-inherit linux-info systemd user
-
-DESCRIPTION="IPsec-based VPN solution, supporting IKEv1/IKEv2 and MOBIKE"
-HOMEPAGE="https://www.strongswan.org/"
-SRC_URI="https://download.strongswan.org/${P}.tar.bz2"
-
-LICENSE="GPL-2 RSA DES"
-SLOT="0"
-KEYWORDS="amd64 arm ~arm64 ppc ~ppc64 x86"
-IUSE="+caps curl +constraints debug dhcp eap farp gcrypt +gmp ldap mysql networkmanager +non-root +openssl selinux sqlite systemd pam pkcs11"
-
-STRONGSWAN_PLUGINS_STD="led lookip systime-fix unity vici"
-STRONGSWAN_PLUGINS_OPT="aesni blowfish bypass-lan ccm chapoly ctr forecast gcm ha ipseckey newhope ntru padlock rdrand save-keys unbound whitelist"
-for mod in $STRONGSWAN_PLUGINS_STD; do
-	IUSE="${IUSE} +strongswan_plugins_${mod}"
-done
-
-for mod in $STRONGSWAN_PLUGINS_OPT; do
-	IUSE="${IUSE} strongswan_plugins_${mod}"
-done
-
-COMMON_DEPEND="!net-misc/openswan
-	gmp? ( >=dev-libs/gmp-4.1.5:= )
-	gcrypt? ( dev-libs/libgcrypt:0 )
-	caps? ( sys-libs/libcap )
-	curl? ( net-misc/curl )
-	ldap? ( net-nds/openldap )
-	openssl? ( >=dev-libs/openssl-0.9.8:=[-bindist] )
-	mysql? ( dev-db/mysql-connector-c:= )
-	sqlite? ( >=dev-db/sqlite-3.3.1 )
-	systemd? ( sys-apps/systemd )
-	networkmanager? ( net-misc/networkmanager )
-	pam? ( sys-libs/pam )
-	strongswan_plugins_unbound? ( net-dns/unbound:= net-libs/ldns )"
-DEPEND="${COMMON_DEPEND}
-	virtual/linux-sources
-	sys-kernel/linux-headers"
-RDEPEND="${COMMON_DEPEND}
-	virtual/logger
-	sys-apps/iproute2
-	!net-vpn/libreswan
-	selinux? ( sec-policy/selinux-ipsec )"
-
-UGID="ipsec"
-
-pkg_setup() {
-	linux-info_pkg_setup
-
-	elog "Linux kernel version: ${KV_FULL}"
-
-	if ! kernel_is -ge 2 6 16; then
-		eerror
-		eerror "This ebuild currently only supports ${PN} with the"
-		eerror "native Linux 2.6 IPsec stack on kernels >= 2.6.16."
-		eerror
-	fi
-
-	if kernel_is -lt 2 6 34; then
-		ewarn
-		ewarn "IMPORTANT KERNEL NOTES: Please read carefully..."
-		ewarn
-
-		if kernel_is -lt 2 6 29; then
-			ewarn "[ < 2.6.29 ] Due to a missing kernel feature, you have to"
-			ewarn "include all required IPv6 modules even if you just intend"
-			ewarn "to run on IPv4 only."
-			ewarn
-			ewarn "This has been fixed with kernels >= 2.6.29."
-			ewarn
-		fi
-
-		if kernel_is -lt 2 6 33; then
-			ewarn "[ < 2.6.33 ] Kernels prior to 2.6.33 include a non-standards"
-			ewarn "compliant implementation for SHA-2 HMAC support in ESP and"
-			ewarn "miss SHA384 and SHA512 HMAC support altogether."
-			ewarn
-			ewarn "If you need any of those features, please use kernel >= 2.6.33."
-			ewarn
-		fi
-
-		if kernel_is -lt 2 6 34; then
-			ewarn "[ < 2.6.34 ] Support for the AES-GMAC authentification-only"
-			ewarn "ESP cipher is only included in kernels >= 2.6.34."
-			ewarn
-			ewarn "If you need it, please use kernel >= 2.6.34."
-			ewarn
-		fi
-	fi
-
-	if use non-root; then
-		enewgroup ${UGID}
-		enewuser ${UGID} -1 -1 -1 ${UGID}
-	fi
-}
-
-src_configure() {
-	local myconf=""
-
-	if use non-root; then
-		myconf="${myconf} --with-user=${UGID} --with-group=${UGID}"
-	fi
-
-	# If a user has already enabled db support, those plugins will
-	# most likely be desired as well. Besides they don't impose new
-	# dependencies and come at no cost (except for space).
-	if use mysql || use sqlite; then
-		myconf="${myconf} --enable-attr-sql --enable-sql"
-	fi
-
-	# strongSwan builds and installs static libs by default which are
-	# useless to the user (and to strongSwan for that matter) because no
-	# header files or alike get installed... so disabling them is safe.
-	if use pam && use eap; then
-		myconf="${myconf} --enable-eap-gtc"
-	else
-		myconf="${myconf} --disable-eap-gtc"
-	fi
-
-	for mod in $STRONGSWAN_PLUGINS_STD; do
-		if use strongswan_plugins_${mod}; then
-			myconf+=" --enable-${mod}"
-		fi
-	done
-
-	for mod in $STRONGSWAN_PLUGINS_OPT; do
-		if use strongswan_plugins_${mod}; then
-			myconf+=" --enable-${mod}"
-		fi
-	done
-
-	econf \
-		--disable-static \
-		--enable-ikev1 \
-		--enable-ikev2 \
-		--enable-swanctl \
-		--enable-socket-dynamic \
-		$(use_enable curl) \
-		$(use_enable constraints) \
-		$(use_enable ldap) \
-		$(use_enable debug leak-detective) \
-		$(use_enable dhcp) \
-		$(use_enable eap eap-sim) \
-		$(use_enable eap eap-sim-file) \
-		$(use_enable eap eap-simaka-sql) \
-		$(use_enable eap eap-simaka-pseudonym) \
-		$(use_enable eap eap-simaka-reauth) \
-		$(use_enable eap eap-identity) \
-		$(use_enable eap eap-md5) \
-		$(use_enable eap eap-aka) \
-		$(use_enable eap eap-aka-3gpp2) \
-		$(use_enable eap md4) \
-		$(use_enable eap eap-mschapv2) \
-		$(use_enable eap eap-radius) \
-		$(use_enable eap eap-tls) \
-		$(use_enable eap eap-ttls) \
-		$(use_enable eap xauth-eap) \
-		$(use_enable eap eap-dynamic) \
-		$(use_enable farp) \
-		$(use_enable gmp) \
-		$(use_enable gcrypt) \
-		$(use_enable mysql) \
-		$(use_enable networkmanager nm) \
-		$(use_enable openssl) \
-		$(use_enable pam xauth-pam) \
-		$(use_enable pkcs11) \
-		$(use_enable sqlite) \
-		$(use_enable systemd) \
-		$(use_with caps capabilities libcap) \
-		--with-piddir=/run \
-		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	if ! use systemd; then
-		rm -rf "${ED}"/lib/systemd || die
-	fi
-
-	doinitd "${FILESDIR}"/ipsec
-
-	local dir_ugid
-	if use non-root; then
-		fowners ${UGID}:${UGID} \
-			/etc/ipsec.conf \
-			/etc/strongswan.conf
-
-		dir_ugid="${UGID}"
-	else
-		dir_ugid="root"
-	fi
-
-	diropts -m 0750 -o ${dir_ugid} -g ${dir_ugid}
-	dodir /etc/ipsec.d \
-		/etc/ipsec.d/aacerts \
-		/etc/ipsec.d/acerts \
-		/etc/ipsec.d/cacerts \
-		/etc/ipsec.d/certs \
-		/etc/ipsec.d/crls \
-		/etc/ipsec.d/ocspcerts \
-		/etc/ipsec.d/private \
-		/etc/ipsec.d/reqs
-
-	dodoc NEWS README TODO
-
-	# shared libs are used only internally and there are no static libs,
-	# so it's safe to get rid of the .la files
-	find "${D}" -name '*.la' -delete || die "Failed to remove .la files."
-}
-
-pkg_preinst() {
-	has_version "<net-vpn/strongswan-4.3.6-r1"
-	upgrade_from_leq_4_3_6=$(( !$? ))
-
-	has_version "<net-vpn/strongswan-4.3.6-r1[-caps]"
-	previous_4_3_6_with_caps=$(( !$? ))
-}
-
-pkg_postinst() {
-	if ! use openssl && ! use gcrypt; then
-		elog
-		elog "${PN} has been compiled without both OpenSSL and libgcrypt support."
-		elog "Please note that this might effect availability and speed of some"
-		elog "cryptographic features. You are advised to enable the OpenSSL plugin."
-	elif ! use openssl; then
-		elog
-		elog "${PN} has been compiled without the OpenSSL plugin. This might effect"
-		elog "availability and speed of some cryptographic features. There will be"
-		elog "no support for Elliptic Curve Cryptography (Diffie-Hellman groups 19-21,"
-		elog "25, 26) and ECDSA."
-	fi
-
-	if [[ $upgrade_from_leq_4_3_6 == 1 ]]; then
-		chmod 0750 "${ROOT}"/etc/ipsec.d \
-			"${ROOT}"/etc/ipsec.d/aacerts \
-			"${ROOT}"/etc/ipsec.d/acerts \
-			"${ROOT}"/etc/ipsec.d/cacerts \
-			"${ROOT}"/etc/ipsec.d/certs \
-			"${ROOT}"/etc/ipsec.d/crls \
-			"${ROOT}"/etc/ipsec.d/ocspcerts \
-			"${ROOT}"/etc/ipsec.d/private \
-			"${ROOT}"/etc/ipsec.d/reqs
-
-		ewarn
-		ewarn "The default permissions for /etc/ipsec.d/* have been tightened for"
-		ewarn "security reasons. Your system installed directories have been"
-		ewarn "updated accordingly. Please check if necessary."
-		ewarn
-
-		if [[ $previous_4_3_6_with_caps == 1 ]]; then
-			if ! use non-root; then
-				ewarn
-				ewarn "IMPORTANT: You previously had ${PN} installed without root"
-				ewarn "privileges because it was implied by the 'caps' USE flag."
-				ewarn "This has been changed. If you want ${PN} with user privileges,"
-				ewarn "you have to re-emerge it with the 'non-root' USE flag enabled."
-				ewarn
-			fi
-		fi
-	fi
-	if ! use caps && ! use non-root; then
-		ewarn
-		ewarn "You have decided to run ${PN} with root privileges and built it"
-		ewarn "without support for POSIX capability dropping. It is generally"
-		ewarn "strongly suggested that you reconsider- especially if you intend"
-		ewarn "to run ${PN} as server with a public ip address."
-		ewarn
-		ewarn "You should re-emerge ${PN} with at least the 'caps' USE flag enabled."
-		ewarn
-	fi
-	if use non-root; then
-		elog
-		elog "${PN} has been installed without superuser privileges (USE=non-root)."
-		elog "This imposes several limitations mainly to the IKEv1 daemon 'pluto'"
-		elog "but also a few to the IKEv2 daemon 'charon'."
-		elog
-		elog "Please carefully read: http://wiki.strongswan.org/wiki/nonRoot"
-		elog
-		elog "pluto uses a helper script by default to insert/remove routing and"
-		elog "policy rules upon connection start/stop which requires superuser"
-		elog "privileges. charon in contrast does this internally and can do so"
-		elog "even with reduced (user) privileges."
-		elog
-		elog "Thus if you require IKEv1 (pluto) or need to specify a custom updown"
-		elog "script to pluto or charon which requires superuser privileges, you"
-		elog "can work around this limitation by using sudo to grant the"
-		elog "user \"ipsec\" the appropriate rights."
-		elog "For example (the default case):"
-		elog "/etc/sudoers:"
-		elog "  ipsec ALL=(ALL) NOPASSWD: SETENV: /usr/sbin/ipsec"
-		elog "Under the specific connection block in /etc/ipsec.conf:"
-		elog "  leftupdown=\"sudo -E ipsec _updown iptables\""
-		elog
-	fi
-	elog
-	elog "Make sure you have _all_ required kernel modules available including"
-	elog "the appropriate cryptographic algorithms. A list is available at:"
-	elog "  https://wiki.strongswan.org/projects/strongswan/wiki/KernelModules"
-	elog
-	elog "The up-to-date manual is available online at:"
-	elog "  https://wiki.strongswan.org/"
-	elog
-}
diff --git a/net-vpn/strongswan/strongswan-5.9.1.ebuild b/net-vpn/strongswan/strongswan-5.9.2-r1.ebuild
index b7b28afa8ea2..cd1ecbe44da2 100644
--- a/net-vpn/strongswan/strongswan-5.9.1.ebuild
+++ b/net-vpn/strongswan/strongswan-5.9.2-r1.ebuild
@@ -32,7 +32,7 @@ COMMON_DEPEND="non-root? (
 	caps? ( sys-libs/libcap )
 	curl? ( net-misc/curl )
 	ldap? ( net-nds/openldap )
-	openssl? ( >=dev-libs/openssl-0.9.8:=[-bindist] )
+	openssl? ( >=dev-libs/openssl-0.9.8:=[-bindist(-)] )
 	mysql? ( dev-db/mysql-connector-c:= )
 	sqlite? ( >=dev-db/sqlite-3.3.1 )
 	systemd? ( sys-apps/systemd )
diff --git a/net-vpn/strongswan/strongswan-5.9.2.ebuild b/net-vpn/strongswan/strongswan-5.9.2.ebuild
deleted file mode 100644
index b7b28afa8ea2..000000000000
--- a/net-vpn/strongswan/strongswan-5.9.2.ebuild
+++ /dev/null
@@ -1,308 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-inherit linux-info systemd
-
-DESCRIPTION="IPsec-based VPN solution, supporting IKEv1/IKEv2 and MOBIKE"
-HOMEPAGE="https://www.strongswan.org/"
-SRC_URI="https://download.strongswan.org/${P}.tar.bz2"
-
-LICENSE="GPL-2 RSA DES"
-SLOT="0"
-KEYWORDS="amd64 arm ~arm64 ppc ~ppc64 x86"
-IUSE="+caps curl +constraints debug dhcp eap farp gcrypt +gmp ldap mysql networkmanager +non-root +openssl selinux sqlite systemd pam pkcs11"
-
-STRONGSWAN_PLUGINS_STD="led lookip systime-fix unity vici"
-STRONGSWAN_PLUGINS_OPT="aesni blowfish bypass-lan ccm chapoly ctr forecast gcm ha ipseckey newhope ntru padlock rdrand save-keys unbound whitelist"
-for mod in $STRONGSWAN_PLUGINS_STD; do
-	IUSE="${IUSE} +strongswan_plugins_${mod}"
-done
-
-for mod in $STRONGSWAN_PLUGINS_OPT; do
-	IUSE="${IUSE} strongswan_plugins_${mod}"
-done
-
-COMMON_DEPEND="non-root? (
-		acct-user/ipsec
-		acct-group/ipsec
-	)
-	gmp? ( >=dev-libs/gmp-4.1.5:= )
-	gcrypt? ( dev-libs/libgcrypt:0 )
-	caps? ( sys-libs/libcap )
-	curl? ( net-misc/curl )
-	ldap? ( net-nds/openldap )
-	openssl? ( >=dev-libs/openssl-0.9.8:=[-bindist] )
-	mysql? ( dev-db/mysql-connector-c:= )
-	sqlite? ( >=dev-db/sqlite-3.3.1 )
-	systemd? ( sys-apps/systemd )
-	networkmanager? ( net-misc/networkmanager )
-	pam? ( sys-libs/pam )
-	strongswan_plugins_unbound? ( net-dns/unbound:= net-libs/ldns )"
-
-DEPEND="${COMMON_DEPEND}
-	virtual/linux-sources
-	sys-kernel/linux-headers"
-
-RDEPEND="${COMMON_DEPEND}
-	virtual/logger
-	sys-apps/iproute2
-	!net-vpn/libreswan
-	selinux? ( sec-policy/selinux-ipsec )"
-
-UGID="ipsec"
-
-pkg_setup() {
-	linux-info_pkg_setup
-
-	elog "Linux kernel version: ${KV_FULL}"
-
-	if ! kernel_is -ge 2 6 16; then
-		eerror
-		eerror "This ebuild currently only supports ${PN} with the"
-		eerror "native Linux 2.6 IPsec stack on kernels >= 2.6.16."
-		eerror
-	fi
-
-	if kernel_is -lt 2 6 34; then
-		ewarn
-		ewarn "IMPORTANT KERNEL NOTES: Please read carefully..."
-		ewarn
-
-		if kernel_is -lt 2 6 29; then
-			ewarn "[ < 2.6.29 ] Due to a missing kernel feature, you have to"
-			ewarn "include all required IPv6 modules even if you just intend"
-			ewarn "to run on IPv4 only."
-			ewarn
-			ewarn "This has been fixed with kernels >= 2.6.29."
-			ewarn
-		fi
-
-		if kernel_is -lt 2 6 33; then
-			ewarn "[ < 2.6.33 ] Kernels prior to 2.6.33 include a non-standards"
-			ewarn "compliant implementation for SHA-2 HMAC support in ESP and"
-			ewarn "miss SHA384 and SHA512 HMAC support altogether."
-			ewarn
-			ewarn "If you need any of those features, please use kernel >= 2.6.33."
-			ewarn
-		fi
-
-		if kernel_is -lt 2 6 34; then
-			ewarn "[ < 2.6.34 ] Support for the AES-GMAC authentification-only"
-			ewarn "ESP cipher is only included in kernels >= 2.6.34."
-			ewarn
-			ewarn "If you need it, please use kernel >= 2.6.34."
-			ewarn
-		fi
-	fi
-}
-
-src_configure() {
-	local myconf=""
-
-	if use non-root; then
-		myconf="${myconf} --with-user=${UGID} --with-group=${UGID}"
-	fi
-
-	# If a user has already enabled db support, those plugins will
-	# most likely be desired as well. Besides they don't impose new
-	# dependencies and come at no cost (except for space).
-	if use mysql || use sqlite; then
-		myconf="${myconf} --enable-attr-sql --enable-sql"
-	fi
-
-	# strongSwan builds and installs static libs by default which are
-	# useless to the user (and to strongSwan for that matter) because no
-	# header files or alike get installed... so disabling them is safe.
-	if use pam && use eap; then
-		myconf="${myconf} --enable-eap-gtc"
-	else
-		myconf="${myconf} --disable-eap-gtc"
-	fi
-
-	for mod in $STRONGSWAN_PLUGINS_STD; do
-		if use strongswan_plugins_${mod}; then
-			myconf+=" --enable-${mod}"
-		fi
-	done
-
-	for mod in $STRONGSWAN_PLUGINS_OPT; do
-		if use strongswan_plugins_${mod}; then
-			myconf+=" --enable-${mod}"
-		fi
-	done
-
-	econf \
-		--disable-static \
-		--enable-ikev1 \
-		--enable-ikev2 \
-		--enable-swanctl \
-		--enable-socket-dynamic \
-		$(use_enable curl) \
-		$(use_enable constraints) \
-		$(use_enable ldap) \
-		$(use_enable debug leak-detective) \
-		$(use_enable dhcp) \
-		$(use_enable eap eap-sim) \
-		$(use_enable eap eap-sim-file) \
-		$(use_enable eap eap-simaka-sql) \
-		$(use_enable eap eap-simaka-pseudonym) \
-		$(use_enable eap eap-simaka-reauth) \
-		$(use_enable eap eap-identity) \
-		$(use_enable eap eap-md5) \
-		$(use_enable eap eap-aka) \
-		$(use_enable eap eap-aka-3gpp2) \
-		$(use_enable eap md4) \
-		$(use_enable eap eap-mschapv2) \
-		$(use_enable eap eap-radius) \
-		$(use_enable eap eap-tls) \
-		$(use_enable eap eap-ttls) \
-		$(use_enable eap xauth-eap) \
-		$(use_enable eap eap-dynamic) \
-		$(use_enable farp) \
-		$(use_enable gmp) \
-		$(use_enable gcrypt) \
-		$(use_enable mysql) \
-		$(use_enable networkmanager nm) \
-		$(use_enable openssl) \
-		$(use_enable pam xauth-pam) \
-		$(use_enable pkcs11) \
-		$(use_enable sqlite) \
-		$(use_enable systemd) \
-		$(use_with caps capabilities libcap) \
-		--with-piddir=/run \
-		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	if ! use systemd; then
-		rm -rf "${ED}"/lib/systemd || die
-	fi
-
-	doinitd "${FILESDIR}"/ipsec
-
-	local dir_ugid
-	if use non-root; then
-		fowners ${UGID}:${UGID} \
-			/etc/ipsec.conf \
-			/etc/strongswan.conf
-
-		dir_ugid="${UGID}"
-	else
-		dir_ugid="root"
-	fi
-
-	diropts -m 0750 -o ${dir_ugid} -g ${dir_ugid}
-	dodir /etc/ipsec.d \
-		/etc/ipsec.d/aacerts \
-		/etc/ipsec.d/acerts \
-		/etc/ipsec.d/cacerts \
-		/etc/ipsec.d/certs \
-		/etc/ipsec.d/crls \
-		/etc/ipsec.d/ocspcerts \
-		/etc/ipsec.d/private \
-		/etc/ipsec.d/reqs
-
-	dodoc NEWS README TODO
-
-	# shared libs are used only internally and there are no static libs,
-	# so it's safe to get rid of the .la files
-	find "${D}" -name '*.la' -delete || die "Failed to remove .la files."
-}
-
-pkg_preinst() {
-	has_version "<net-vpn/strongswan-4.3.6-r1"
-	upgrade_from_leq_4_3_6=$(( !$? ))
-
-	has_version "<net-vpn/strongswan-4.3.6-r1[-caps]"
-	previous_4_3_6_with_caps=$(( !$? ))
-}
-
-pkg_postinst() {
-	if ! use openssl && ! use gcrypt; then
-		elog
-		elog "${PN} has been compiled without both OpenSSL and libgcrypt support."
-		elog "Please note that this might effect availability and speed of some"
-		elog "cryptographic features. You are advised to enable the OpenSSL plugin."
-	elif ! use openssl; then
-		elog
-		elog "${PN} has been compiled without the OpenSSL plugin. This might effect"
-		elog "availability and speed of some cryptographic features. There will be"
-		elog "no support for Elliptic Curve Cryptography (Diffie-Hellman groups 19-21,"
-		elog "25, 26) and ECDSA."
-	fi
-
-	if [[ $upgrade_from_leq_4_3_6 == 1 ]]; then
-		chmod 0750 "${ROOT}"/etc/ipsec.d \
-			"${ROOT}"/etc/ipsec.d/aacerts \
-			"${ROOT}"/etc/ipsec.d/acerts \
-			"${ROOT}"/etc/ipsec.d/cacerts \
-			"${ROOT}"/etc/ipsec.d/certs \
-			"${ROOT}"/etc/ipsec.d/crls \
-			"${ROOT}"/etc/ipsec.d/ocspcerts \
-			"${ROOT}"/etc/ipsec.d/private \
-			"${ROOT}"/etc/ipsec.d/reqs
-
-		ewarn
-		ewarn "The default permissions for /etc/ipsec.d/* have been tightened for"
-		ewarn "security reasons. Your system installed directories have been"
-		ewarn "updated accordingly. Please check if necessary."
-		ewarn
-
-		if [[ $previous_4_3_6_with_caps == 1 ]]; then
-			if ! use non-root; then
-				ewarn
-				ewarn "IMPORTANT: You previously had ${PN} installed without root"
-				ewarn "privileges because it was implied by the 'caps' USE flag."
-				ewarn "This has been changed. If you want ${PN} with user privileges,"
-				ewarn "you have to re-emerge it with the 'non-root' USE flag enabled."
-				ewarn
-			fi
-		fi
-	fi
-	if ! use caps && ! use non-root; then
-		ewarn
-		ewarn "You have decided to run ${PN} with root privileges and built it"
-		ewarn "without support for POSIX capability dropping. It is generally"
-		ewarn "strongly suggested that you reconsider- especially if you intend"
-		ewarn "to run ${PN} as server with a public ip address."
-		ewarn
-		ewarn "You should re-emerge ${PN} with at least the 'caps' USE flag enabled."
-		ewarn
-	fi
-	if use non-root; then
-		elog
-		elog "${PN} has been installed without superuser privileges (USE=non-root)."
-		elog "This imposes several limitations mainly to the IKEv1 daemon 'pluto'"
-		elog "but also a few to the IKEv2 daemon 'charon'."
-		elog
-		elog "Please carefully read: http://wiki.strongswan.org/wiki/nonRoot"
-		elog
-		elog "pluto uses a helper script by default to insert/remove routing and"
-		elog "policy rules upon connection start/stop which requires superuser"
-		elog "privileges. charon in contrast does this internally and can do so"
-		elog "even with reduced (user) privileges."
-		elog
-		elog "Thus if you require IKEv1 (pluto) or need to specify a custom updown"
-		elog "script to pluto or charon which requires superuser privileges, you"
-		elog "can work around this limitation by using sudo to grant the"
-		elog "user \"ipsec\" the appropriate rights."
-		elog "For example (the default case):"
-		elog "/etc/sudoers:"
-		elog "  ipsec ALL=(ALL) NOPASSWD: SETENV: /usr/sbin/ipsec"
-		elog "Under the specific connection block in /etc/ipsec.conf:"
-		elog "  leftupdown=\"sudo -E ipsec _updown iptables\""
-		elog
-	fi
-	elog
-	elog "Make sure you have _all_ required kernel modules available including"
-	elog "the appropriate cryptographic algorithms. A list is available at:"
-	elog "  https://wiki.strongswan.org/projects/strongswan/wiki/KernelModules"
-	elog
-	elog "The up-to-date manual is available online at:"
-	elog "  https://wiki.strongswan.org/"
-	elog
-}
diff --git a/net-vpn/tor/Manifest b/net-vpn/tor/Manifest
index 883996fd5755..0367d25cf406 100644
--- a/net-vpn/tor/Manifest
+++ b/net-vpn/tor/Manifest
@@ -14,8 +14,8 @@ DIST tor-0.4.5.9.tar.gz 7840294 BLAKE2B 75babcbf7929fa34034ad706df1189ca7988e8c5
 DIST tor-0.4.5.9.tar.gz.asc 833 BLAKE2B fca3769b683e8bb90540026dda6d2f302d499262c806f7c7215e7a30908cd46b807717fd130380d114660380166852f6a0cbb702966c6930004d04098718d582 SHA512 df538981aa19a2fa730a1e357f277f22b3cae769a1d13fa1d920a5e949d5b3770a8de9883eeaf2522c8b24327f73505569ac0f6ecf77139ddb5ef1e2418924b6
 DIST tor-0.4.6.5.tar.gz 7754823 BLAKE2B bdff61863f8b48381cc52d66c54f417e90177118d6cdd1402f3ecca9783f32141f74bb979b4f8c919d9e2c6cd4373fd9a5e0e84498a26470af1fbc6eb2c7caed SHA512 62bcd8d446199cdd397a688d454730a057ef20be4152e6d0632f64df27c993c70be0dbde0a2e7679a8a20850371a503b8daf777296d555760d8aae3286e48050
 DIST tor-0.4.6.5.tar.gz.asc 833 BLAKE2B 966ab724e37dd341c3ef45f2aeb7e1c928270831ea790cb6cb0e77084a0c813d66ce35c5d31d49bf9d1e9a6ecfb3d4fb6ee4424fd83183d654016d22fcb90d7e SHA512 1cf9111ba08594c716874a2b6f35a7959c5c391518ec1e5b1491d84454f3fe1c705e06dfcfd23f30e0eb619063304c430cbebc9827190df0b03ec09cecd1773c
-EBUILD tor-0.4.4.9.ebuild 2794 BLAKE2B 561a2af6b4e64dd50cd04f30a8fb5a67e56d6759a5d6144c19db21b914e9d5be44947d897769a4f8f3d2b6ba7faa73e9d0f36caff73ff14e10934014f0481059 SHA512 3b6b96b82ba712d4258818cce58a51baaa097ac2c249ba51ed53e9c689ccc85fa7e43ee44c62919911c8474eb106ea1ae5384272e2751cb6331954b315221dfc
-EBUILD tor-0.4.5.7.ebuild 2785 BLAKE2B 806c5ed6f41d3f7e792127dfdd92d7d015a6f5b9cfdf182523896503ef86bc72a239abfd20f2badca408254a04e8b440e4d1f405794c02385a5ffcd9270bcbe5 SHA512 42a07d094edff6560f6b20c588ae6ec41ccbf20a5bc8dd3255badbfe2f09c07bb739356120ea4b6d4287b4b03652c17d32f46a511111d6040b6a8d8074676f18
-EBUILD tor-0.4.5.9.ebuild 2541 BLAKE2B ae1d9127c828b13a877e7d620c70863f473daf722ff0cecc26b4bd2fc0120c24183c930fbc1d24f3cd0be7e3269644473bc75ad910d7e56e22093cf1f0ef908c SHA512 45a469f5e22244d2d5138bba4994c60fc889d19d3cdbe02c3e6d4a105d1d773467a7411ef2e073e7230756c054e9bbc03991fe9b7f844764270737ded22490e6
-EBUILD tor-0.4.6.5.ebuild 2739 BLAKE2B e9f1b852aed9b3124be411c407f4c5686ed8645957b31acf1aedc349b3290cb0a745b7c28801fe19415c2a5531064fa596af50e3db0e0143aa0a883cb983ac31 SHA512 ae8ca192172d72aa4829a4760a6d4734e0895153eeb6fc785a98aea4fdbd77c094af1b288f3b5feec6db8a897a1d23cc59a5e842488bb3678c91b6e8175e864a
+EBUILD tor-0.4.4.9-r1.ebuild 2797 BLAKE2B 2b37de0b894e2b7088fad0463bb173a08139ca8da49507fc5718d270db00b2084f012d619e8df9f0f4821eaf78357401b23348f4ecbef53d972e486198045c8e SHA512 c2b0dd7537064d8d1cbe0eb9d213610460afa79938849232390fd512cd8498e076138f5e9fdad6b0a85b665f73c1ab62bbaac0cb07f543536bbff9dae0590915
+EBUILD tor-0.4.5.7-r1.ebuild 2788 BLAKE2B 7c390e7a4789c967ce7b63b6a9505d487fc5dc7eba3b3d11d929f37a4bb4768dbd00c9547263d051aee401f8016f1abb69189acec02fa22616bfe8b3fb1cbc48 SHA512 746c9462ee787c860d3cee7deb8435b310cd1488c11dd385895fa891a43043bcacc15ed2c3df6905242f132111dbb2ac64850f21397e392e80bd09f851322fca
+EBUILD tor-0.4.5.9-r1.ebuild 2544 BLAKE2B 840d53158ed06452c125ac933253d01f79996b73a24293890dcd25011c969da7dd6e6a8b87bd94f7c0e9426a180e74515a29cade4702dcd14e946a6be2134cc6 SHA512 76f2944e47441bc85be06bdf05c943f5032f344d6aaa28710c79c26ff4f293879e40d463764cb03e44319d6ca7faa743456084d51f8ae3476e912b4daca00266
+EBUILD tor-0.4.6.5-r1.ebuild 2742 BLAKE2B ded94096f45ce9dd6be3ed15c762f80086aff5f2590ae83b94850ef1a2827d0c436313ee27f661dc190c89ef36417c3b2e8deb89817351b8b82d6e28e3d51eb5 SHA512 489760dbb35167c927ba53f061a767d03f17d90168010907e4a89db62a394029f3ed88f86e127d13c9720f8b875832531545aee4f5fee24522554602a973c692
 MISC metadata.xml 549 BLAKE2B af6257c0e04c7487b23edb1f5c6fce91fbb76aedf9c0357bb4f214ff4af9d6055e0c6bb32fef5c9906f461f34b5631891a681a039612c73feecff8ff77a0a3c2 SHA512 2b9d9c20a9691dd67cb5ef98e386bea8cff9ba79208373922c5a379ca8c96e021e94748d7b85e860a24063f1fc439a3adee59b3dde70cf6b35401d18518b5689
diff --git a/net-vpn/tor/tor-0.4.4.9.ebuild b/net-vpn/tor/tor-0.4.4.9-r1.ebuild
index bdb635b77531..8a971fb7b60f 100644
--- a/net-vpn/tor/tor-0.4.4.9.ebuild
+++ b/net-vpn/tor/tor-0.4.4.9-r1.ebuild
@@ -29,7 +29,7 @@ DEPEND="
 	sys-libs/zlib
 	caps? ( sys-libs/libcap )
 	man? ( app-text/asciidoc )
-	dev-libs/openssl:0=[-bindist]
+	dev-libs/openssl:0=[-bindist(-)]
 	lzma? ( app-arch/xz-utils )
 	scrypt? ( app-crypt/libscrypt )
 	seccomp? ( >=sys-libs/libseccomp-2.4.1 )
diff --git a/net-vpn/tor/tor-0.4.5.7.ebuild b/net-vpn/tor/tor-0.4.5.7-r1.ebuild
index 82738f38a284..aacbb466ed11 100644
--- a/net-vpn/tor/tor-0.4.5.7.ebuild
+++ b/net-vpn/tor/tor-0.4.5.7-r1.ebuild
@@ -29,7 +29,7 @@ DEPEND="
 	sys-libs/zlib
 	caps? ( sys-libs/libcap )
 	man? ( app-text/asciidoc )
-	dev-libs/openssl:0=[-bindist]
+	dev-libs/openssl:0=[-bindist(-)]
 	lzma? ( app-arch/xz-utils )
 	scrypt? ( app-crypt/libscrypt )
 	seccomp? ( >=sys-libs/libseccomp-2.4.1 )
diff --git a/net-vpn/tor/tor-0.4.5.9.ebuild b/net-vpn/tor/tor-0.4.5.9-r1.ebuild
index 5616d54e5b3c..7ffede47e2de 100644
--- a/net-vpn/tor/tor-0.4.5.9.ebuild
+++ b/net-vpn/tor/tor-0.4.5.9-r1.ebuild
@@ -26,7 +26,7 @@ DEPEND="
 	sys-libs/zlib
 	caps? ( sys-libs/libcap )
 	man? ( app-text/asciidoc )
-	dev-libs/openssl:0=[-bindist]
+	dev-libs/openssl:0=[-bindist(-)]
 	lzma? ( app-arch/xz-utils )
 	scrypt? ( app-crypt/libscrypt )
 	seccomp? ( >=sys-libs/libseccomp-2.4.1 )
diff --git a/net-vpn/tor/tor-0.4.6.5.ebuild b/net-vpn/tor/tor-0.4.6.5-r1.ebuild
index b58b53b2f97b..5b9be817185e 100644
--- a/net-vpn/tor/tor-0.4.6.5.ebuild
+++ b/net-vpn/tor/tor-0.4.6.5-r1.ebuild
@@ -29,7 +29,7 @@ DEPEND="
 	sys-libs/zlib
 	caps? ( sys-libs/libcap )
 	man? ( app-text/asciidoc )
-	dev-libs/openssl:0=[-bindist]
+	dev-libs/openssl:0=[-bindist(-)]
 	lzma? ( app-arch/xz-utils )
 	scrypt? ( app-crypt/libscrypt )
 	seccomp? ( >=sys-libs/libseccomp-2.4.1 )
author	V3n3RiX <venerix@redcorelinux.org>	2021-06-20 14:45:01 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2021-06-20 14:45:01 +0100
commit	34dea8e38f88007799629d0a56b12dec480b1d21 (patch)
tree	6790873994b58030360328cf5897d934b3b03d16 /net-vpn
parent	7932d472a02d4c016ff7dff4b7a5479ab9d1883d (diff)