summaryrefslogtreecommitdiff
path: root/net-vpn/gsocket
diff options
context:
space:
mode:
Diffstat (limited to 'net-vpn/gsocket')
-rw-r--r--net-vpn/gsocket/Manifest5
-rw-r--r--net-vpn/gsocket/files/gsocket-1.4.43-gs-init-secret.patch160
-rw-r--r--net-vpn/gsocket/gsocket-1.4.43.ebuild67
-rw-r--r--net-vpn/gsocket/gsocket-9999.ebuild67
-rw-r--r--net-vpn/gsocket/metadata.xml11
5 files changed, 310 insertions, 0 deletions
diff --git a/net-vpn/gsocket/Manifest b/net-vpn/gsocket/Manifest
new file mode 100644
index 000000000000..3fd618be99f2
--- /dev/null
+++ b/net-vpn/gsocket/Manifest
@@ -0,0 +1,5 @@
+AUX gsocket-1.4.43-gs-init-secret.patch 5216 BLAKE2B bcbac9fb8d6466fc0c512e2c2c99f77d7ad1bc32252daceaae4af1ec59df58e9cf7871de946a8ade7b4936c6289eb22b8a4b6c0815aac34c3343d19d029b8f6f SHA512 108a76bf81b53f4c14288f5c86d8b9036a38d42f074e4f080796d4c46b9d22c4cdbb5d55ae240784a041e75577545d885763dbeaf418a1f78561d974e8243d49
+DIST gsocket-1.4.43.tar.gz 223602 BLAKE2B 92818d932f1d5eddd66a810aaecb800d0ac435d7320912fdb8e485ae7f5398dfb96b1e6c0bbc4edc651414eb912bd90e14e442db904d04aa71b236188a9bff66 SHA512 2c58182b52242f275b7597c7214f8f0b09f52d369fee66454a2b00322b9b7075af3f675c7f785ae66ed8f331351ed60a0038e997258df35a938c6b1f4a94b21c
+EBUILD gsocket-1.4.43.ebuild 1341 BLAKE2B 6517e072a1435d68fec3eb0f99b1023abc536cb250675f4da5ffac649e3e87262ce42fd788e039a5266ec4705df31a227f3854e009f1feb7ffe3263f477f9cad SHA512 9fb510e50bdda0bf00bc76e55477c08a36a0e2efa8ce79f2ee0e98fc9bb5b9cfc4f72cc2cd9f4e02b16acf42672ec3ab1f1cc9559082d1bce197f165cf5f279c
+EBUILD gsocket-9999.ebuild 1341 BLAKE2B 6517e072a1435d68fec3eb0f99b1023abc536cb250675f4da5ffac649e3e87262ce42fd788e039a5266ec4705df31a227f3854e009f1feb7ffe3263f477f9cad SHA512 9fb510e50bdda0bf00bc76e55477c08a36a0e2efa8ce79f2ee0e98fc9bb5b9cfc4f72cc2cd9f4e02b16acf42672ec3ab1f1cc9559082d1bce197f165cf5f279c
+MISC metadata.xml 333 BLAKE2B 745060b3c89631d042599a634f55f2a5ba35facd04c35af16e9e4f1f27cbfe1463c68691684f2648613bcee92b8db038cdcae818ad0a7eb0aea6ffab76c6d22c SHA512 82a2ecff11354b26e1a29a6cac42830793d6487629a68534b64ba0f46d31a1151ca6e26e378af48ec5e680d9dfa8be39a72391a385da51adb7cfca26024a1fb7
diff --git a/net-vpn/gsocket/files/gsocket-1.4.43-gs-init-secret.patch b/net-vpn/gsocket/files/gsocket-1.4.43-gs-init-secret.patch
new file mode 100644
index 000000000000..1e8d589a90c4
--- /dev/null
+++ b/net-vpn/gsocket/files/gsocket-1.4.43-gs-init-secret.patch
@@ -0,0 +1,160 @@
+From 9601745f3f75eea748ec93f90b1b1a3023b6514d Mon Sep 17 00:00:00 2001
+From: Florian Schmaus <flo@geekplace.eu>
+Date: Tue, 28 May 2024 11:08:31 +0200
+Subject: [PATCH 1/5] gs-init-secret: add new script
+
+The gs-init-secret script can be used to securely initialize a file
+containing a gsocket secret.
+---
+ tools/Makefile.am | 2 +-
+ tools/gs-init-secret | 33 +++++++++++++++++++++++++++++++++
+ 2 files changed, 34 insertions(+), 1 deletion(-)
+ create mode 100755 tools/gs-init-secret
+
+diff --git a/tools/Makefile.am b/tools/Makefile.am
+index 805fedd..9af4df0 100755
+--- a/tools/Makefile.am
++++ b/tools/Makefile.am
+@@ -38,7 +38,7 @@ gs_netcat_SOURCES = 4_gs-netcat.c utils.c socks.c console.c ids.c event_mgr.c pk
+ gs_netcat_LDADD = ../lib/libgsocket.a @LDADD_STATIC@
+ gs_netcat_CFLAGS = @CFLAGS_STATIC@
+
+-dist_bin_SCRIPTS = blitz gs-sftp gs-mount gsocket
++dist_bin_SCRIPTS = blitz gs-sftp gs-mount gsocket gs-init-secret
+
+ gsocket_uchroot_dso_so_0_SOURCES = gsocket_uchroot_dso.c
+ gsocket_uchroot_dso_so_0_CFLAGS = -shared -fPIC
+diff --git a/tools/gs-init-secret b/tools/gs-init-secret
+new file mode 100755
+index 0000000..f2782f1
+--- /dev/null
++++ b/tools/gs-init-secret
+@@ -0,0 +1,33 @@
++#!/usr/bin/env bash
++set -eu
++
++if [[ $# -eq 2 ]]; then
++ >&2 echo "ERROR: Must provide exactly one argument"
++ exit 1
++fi
++
++SECRET_FILE="${1}"
++
++if [[ -f "${SECRET_FILE}" ]]; then
++ SECRET_FILE_PERMS="$(stat -c %a "${SECRET_FILE}")"
++ if [[ ${SECRET_FILE_PERMS} != [0-9][0-9]0 ]]; then
++ >&2 echo "ERROR: ${SECRET_FILE} has world-permissions set (${SECRET_FILE_PERMS})"
++ exit 1
++ fi
++
++ exit
++fi
++
++TARGET_DIR="$(dirname "${SECRET_FILE}")"
++if [[ ! -d "${TARGET_DIR}" ]]; then
++ mkdir -p "${TARGET_DIR}"
++fi
++
++MY_TMPDIR=$(mktemp -d --tmpdir="${TMPDIR:-/tmp}")
++trap 'rm -rf ${MY_TMPDIR}' EXIT
++
++SECRET_FILE_TMP="${MY_TMPDIR}/secret"
++
++gs-netcat -g > "${SECRET_FILE_TMP}"
++
++install --mode=400 "${SECRET_FILE_TMP}" "${SECRET_FILE}"
+
+From 756a515a116b5e13f6b5ba95ebbee676d34bfbd8 Mon Sep 17 00:00:00 2001
+From: Florian Schmaus <flo@geekplace.eu>
+Date: Tue, 28 May 2024 11:10:53 +0200
+Subject: [PATCH 2/5] gs-root-shell.service: use gs-init-secret
+
+---
+ examples/systemd-root-shell/gs-root-shell.service | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/examples/systemd-root-shell/gs-root-shell.service b/examples/systemd-root-shell/gs-root-shell.service
+index 5b0e9a1..278de73 100644
+--- a/examples/systemd-root-shell/gs-root-shell.service
++++ b/examples/systemd-root-shell/gs-root-shell.service
+@@ -7,7 +7,8 @@ Type=simple
+ Restart=always
+ RestartSec=10
+ WorkingDirectory=/root
+-ExecStart=gs-netcat -k /etc/systemd/gs-root-shell-key.txt -il
++ExecStartPre=gs-init-secret /etc/gsocket/gs-root-shell-key
++ExecStart=gs-netcat -k /etc/gsocket/gs-root-shell-key -il
+
+ [Install]
+ WantedBy=multi-user.target
+
+From 5e72debc560cc18e36d9066653fba864a366b4c3 Mon Sep 17 00:00:00 2001
+From: Florian Schmaus <flo@geekplace.eu>
+Date: Tue, 28 May 2024 11:11:43 +0200
+Subject: [PATCH 3/5] gs-root-shell.service: drop Type=simple, as it is the
+ default
+
+---
+ examples/systemd-root-shell/gs-root-shell.service | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/examples/systemd-root-shell/gs-root-shell.service b/examples/systemd-root-shell/gs-root-shell.service
+index 278de73..92a9814 100644
+--- a/examples/systemd-root-shell/gs-root-shell.service
++++ b/examples/systemd-root-shell/gs-root-shell.service
+@@ -3,7 +3,6 @@ Description=Global Socket Root Shell
+ After=network.target
+
+ [Service]
+-Type=simple
+ Restart=always
+ RestartSec=10
+ WorkingDirectory=/root
+
+From 9aa3a85656e8917720568a9b019cc774636b9d23 Mon Sep 17 00:00:00 2001
+From: Florian Schmaus <flo@geekplace.eu>
+Date: Tue, 28 May 2024 11:12:17 +0200
+Subject: [PATCH 4/5] gs-root-shell.service: set RestartSteps=10 and cap
+ restart delays at 30min
+
+---
+ examples/systemd-root-shell/gs-root-shell.service | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/examples/systemd-root-shell/gs-root-shell.service b/examples/systemd-root-shell/gs-root-shell.service
+index 92a9814..5d52050 100644
+--- a/examples/systemd-root-shell/gs-root-shell.service
++++ b/examples/systemd-root-shell/gs-root-shell.service
+@@ -5,6 +5,8 @@ After=network.target
+ [Service]
+ Restart=always
+ RestartSec=10
++RestartSteps=10
++RestartMaxDelaySec=30m
+ WorkingDirectory=/root
+ ExecStartPre=gs-init-secret /etc/gsocket/gs-root-shell-key
+ ExecStart=gs-netcat -k /etc/gsocket/gs-root-shell-key -il
+
+From 24eb0d5606bbe38a4b401394933f4dbe9b851a5c Mon Sep 17 00:00:00 2001
+From: Florian Schmaus <flo@geekplace.eu>
+Date: Tue, 28 May 2024 11:13:14 +0200
+Subject: [PATCH 5/5] gs-root-shell.service: configure service to await
+ network-online.target
+
+---
+ examples/systemd-root-shell/gs-root-shell.service | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/examples/systemd-root-shell/gs-root-shell.service b/examples/systemd-root-shell/gs-root-shell.service
+index 5d52050..439890e 100644
+--- a/examples/systemd-root-shell/gs-root-shell.service
++++ b/examples/systemd-root-shell/gs-root-shell.service
+@@ -1,6 +1,7 @@
+ [Unit]
+ Description=Global Socket Root Shell
+-After=network.target
++After=network-online.target
++Wants=network-online.target
+
+ [Service]
+ Restart=always
diff --git a/net-vpn/gsocket/gsocket-1.4.43.ebuild b/net-vpn/gsocket/gsocket-1.4.43.ebuild
new file mode 100644
index 000000000000..39e124344a92
--- /dev/null
+++ b/net-vpn/gsocket/gsocket-1.4.43.ebuild
@@ -0,0 +1,67 @@
+# Copyright 2023-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools systemd
+
+DESCRIPTION="Allow firewalled/NATed host to establish a secure connection"
+HOMEPAGE="https://www.gsocket.io/"
+
+if [[ ${PV} == 9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/hackerschoice/gsocket.git"
+else
+ SRC_URI="https://github.com/hackerschoice/gsocket/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+ KEYWORDS="~amd64 ~arm64 ~riscv"
+fi
+
+LICENSE="BSD-2"
+SLOT="0"
+
+IUSE="test"
+RESTRICT="!test? ( test )"
+
+COMMON_DEPEND="dev-libs/openssl:="
+DEPEND="
+ ${COMMON_DEPEND}
+ test? (
+ net-analyzer/netcat
+ net-misc/socat
+ )
+"
+RDEPEND="${COMMON_DEPEND}"
+
+PATCHES=(
+ # https://github.com/hackerschoice/gsocket/pull/104
+ "${FILESDIR}"/gsocket-1.4.43-gs-init-secret.patch
+)
+
+src_prepare() {
+ default
+
+ # Patch in the correct libdir
+ sed -i \
+ "s;arrayContains \"/usr/lib\".*;DL+=(\"${EPREFIX}/usr/$(get_libdir)\");" \
+ tools/gs_funcs || die "Failed to patch libdir in gs_funcs"
+
+ eautoreconf
+}
+
+src_configure() {
+ econf $(use_enable test tests)
+}
+
+src_test() {
+ cd tests || die
+
+ ./run_ft_tests.sh || die
+ # Most of the "gs_tests" seem to fail (probably due the sandbox).
+ ./run_gs_tests.sh 4.1 || die
+}
+
+src_install() {
+ default
+
+ systemd_dounit examples/systemd-root-shell/gs-root-shell.service
+}
diff --git a/net-vpn/gsocket/gsocket-9999.ebuild b/net-vpn/gsocket/gsocket-9999.ebuild
new file mode 100644
index 000000000000..39e124344a92
--- /dev/null
+++ b/net-vpn/gsocket/gsocket-9999.ebuild
@@ -0,0 +1,67 @@
+# Copyright 2023-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools systemd
+
+DESCRIPTION="Allow firewalled/NATed host to establish a secure connection"
+HOMEPAGE="https://www.gsocket.io/"
+
+if [[ ${PV} == 9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/hackerschoice/gsocket.git"
+else
+ SRC_URI="https://github.com/hackerschoice/gsocket/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+ KEYWORDS="~amd64 ~arm64 ~riscv"
+fi
+
+LICENSE="BSD-2"
+SLOT="0"
+
+IUSE="test"
+RESTRICT="!test? ( test )"
+
+COMMON_DEPEND="dev-libs/openssl:="
+DEPEND="
+ ${COMMON_DEPEND}
+ test? (
+ net-analyzer/netcat
+ net-misc/socat
+ )
+"
+RDEPEND="${COMMON_DEPEND}"
+
+PATCHES=(
+ # https://github.com/hackerschoice/gsocket/pull/104
+ "${FILESDIR}"/gsocket-1.4.43-gs-init-secret.patch
+)
+
+src_prepare() {
+ default
+
+ # Patch in the correct libdir
+ sed -i \
+ "s;arrayContains \"/usr/lib\".*;DL+=(\"${EPREFIX}/usr/$(get_libdir)\");" \
+ tools/gs_funcs || die "Failed to patch libdir in gs_funcs"
+
+ eautoreconf
+}
+
+src_configure() {
+ econf $(use_enable test tests)
+}
+
+src_test() {
+ cd tests || die
+
+ ./run_ft_tests.sh || die
+ # Most of the "gs_tests" seem to fail (probably due the sandbox).
+ ./run_gs_tests.sh 4.1 || die
+}
+
+src_install() {
+ default
+
+ systemd_dounit examples/systemd-root-shell/gs-root-shell.service
+}
diff --git a/net-vpn/gsocket/metadata.xml b/net-vpn/gsocket/metadata.xml
new file mode 100644
index 000000000000..484ee0f87b0a
--- /dev/null
+++ b/net-vpn/gsocket/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <name>Florian Schmaus</name>
+ <email>flow@gentoo.org</email>
+ </maintainer>
+ <upstream>
+ <remote-id type="github">hackerschoice/gsocket</remote-id>
+ </upstream>
+</pkgmetadata>