summaryrefslogtreecommitdiff
path: root/net-vpn/libreswan
diff options
context:
space:
mode:
Diffstat (limited to 'net-vpn/libreswan')
-rw-r--r--net-vpn/libreswan/Manifest2
-rw-r--r--net-vpn/libreswan/libreswan-3.28.ebuild113
2 files changed, 115 insertions, 0 deletions
diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest
index 80cbe5119dce..5fe6584d420f 100644
--- a/net-vpn/libreswan/Manifest
+++ b/net-vpn/libreswan/Manifest
@@ -1,4 +1,6 @@
DIST libreswan-3.27.tar.gz 3720103 BLAKE2B 51ee792cd3fb8330a9cfee0b1a27e48c9a8c8fd3346e8c06fe0a911c813c400ef62d68b1d06bb849695aad5f4d5a496dc444b2543aa9ffbc59d373081c0b85e5 SHA512 b92ecfd08b9d19dc801032176eff3dd07f625223d4f0dd07ff10f639644573430a55f7aebfcc8b9d2424e194ca9d06b17ad5a13dad5dc6f659d19bc5d32520f5
+DIST libreswan-3.28.tar.gz 3842828 BLAKE2B 7e78f3c6d1d6a22a64f1316bb63366823ce763a3eb236e2cd64dc7f3fa9a84caff7a31cb65a6583521280e5ee84ac220c1770d230ba0b7098a1582613751c456 SHA512 aeb3ea723f2ca10098f2626172166cddea59b3bc084f0fefc823fd784d8986b12adc5a5b0965f2c7ecdfff5ac8029a922b8357debf79ff43605783d80e144983
EBUILD libreswan-3.27-r1.ebuild 2939 BLAKE2B bbceef07aaefbf8323a2342bf8479ae47ef9824581095d065a5d61ffc9e3c6434f8217b88221c421f2d1f377cf8f50c3e31661b7627abbc81a51ad7e2fc9a759 SHA512 6de7bbf1962589cfd1b4cdb4d9b3db2fec2d997a5e7c46dbfd35330521a3c42915adf36a6214736da5173f851fd3f659f89d23782a197d72a5d33be29e42b093
EBUILD libreswan-3.27.ebuild 2811 BLAKE2B 04ac4dc887783fcadd8aaa444ec59c71b9221b4f968d6ab13305866d26f5025208c806307b63874607de8617ad64e69fce54b7a08d3e958b20e5331531048f94 SHA512 e3b7a8b50f17f426cdab73fc237ef555e8d0d89d06546a60d0c38d01001620e9b03ec4e8e933aa587561019057aa71ee80250b8c3ae6aac502a93e5c6a5cd77b
+EBUILD libreswan-3.28.ebuild 3013 BLAKE2B ec5f6ba88f5b46217b3ed5f987b51a83949536581f63e9b89a84bc5d5c9bb6a3c71a7133614b032513283fe0827421d3b62740afa03d782fe44bdac0bf50b1bc SHA512 be0989524389b7d8cd382b2b12d9d18ce62c5558ea8ad162d3e0a1edb78370ce55f13444324c90c254b51e8e9ee8d273f837e32042f97be368ee9723c10c6b78
MISC metadata.xml 319 BLAKE2B 6bae0756e29efeb1cf77d60f7e38fe62ffa5f24c3745e07900e6ef5f65194c50f6a479d97fdcc24804ccdcfefd9707b12f08dffe613fcf798afc421826de36e4 SHA512 924161f15c0f7a9666a6d7a422b45da679190e1a0f2859b997ddd753cbf49df9da337e5420040210736f76fa712dca3ec8862480f62bd321de71e74bee7c0865
diff --git a/net-vpn/libreswan/libreswan-3.28.ebuild b/net-vpn/libreswan/libreswan-3.28.ebuild
new file mode 100644
index 000000000000..9d4ae2605aac
--- /dev/null
+++ b/net-vpn/libreswan/libreswan-3.28.ebuild
@@ -0,0 +1,113 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit systemd toolchain-funcs
+
+SRC_URI="https://download.libreswan.org/${P}.tar.gz"
+KEYWORDS="~amd64 ~ppc ~x86"
+
+DESCRIPTION="IPsec implementation for Linux, fork of Openswan"
+HOMEPAGE="https://libreswan.org/"
+
+LICENSE="GPL-2 BSD-4 RSA DES"
+SLOT="0"
+IUSE="caps curl dnssec ldap pam seccomp selinux systemd test"
+
+DEPEND="
+ dev-libs/gmp:0=
+ dev-libs/libevent:0=
+ dev-libs/nspr
+ caps? ( sys-libs/libcap-ng )
+ curl? ( net-misc/curl )
+ dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns )
+ ldap? ( net-nds/openldap )
+ pam? ( sys-libs/pam )
+ seccomp? ( sys-libs/libseccomp )
+ selinux? ( sys-libs/libselinux )
+ systemd? ( sys-apps/systemd:0= )
+"
+BDEPEND="
+ app-text/docbook-xml-dtd:4.1.2
+ app-text/xmlto
+ dev-libs/nss
+ sys-devel/bison
+ sys-devel/flex
+ virtual/pkgconfig
+ test? ( dev-python/setproctitle )
+"
+RDEPEND="${DEPEND}
+ dev-libs/nss[utils(+)]
+ sys-apps/iproute2
+ !net-misc/openswan
+ !net-vpn/strongswan
+ selinux? ( sec-policy/selinux-ipsec )
+"
+
+usetf() {
+ usex "$1" true false
+}
+
+src_prepare() {
+ sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die
+ sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die
+ default
+}
+
+src_configure() {
+ tc-export AR CC
+ export INC_USRLOCAL=/usr
+ export INC_MANDIR=share/man
+ export FINALEXAMPLECONFDIR=/usr/share/doc/${PF}
+ export FINALDOCDIR=/usr/share/doc/${PF}/html
+ export INITSYSTEM=openrc
+ export INC_RCDIRS=
+ export INC_RCDEFAULT=/etc/init.d
+ export USERCOMPILE=
+ export USERLINK=
+ export USE_DNSSEC=$(usetf dnssec)
+ export USE_LABELED_IPSEC=$(usetf selinux)
+ export USE_LIBCAP_NG=$(usetf caps)
+ export USE_LIBCURL=$(usetf curl)
+ export USE_LINUX_AUDIT=$(usetf selinux)
+ export USE_LDAP=$(usetf ldap)
+ export USE_SECCOMP=$(usetf seccomp)
+ export USE_SYSTEMD_WATCHDOG=$(usetf systemd)
+ export SD_WATCHDOGSEC=$(usex systemd 200 0)
+ export USE_XAUTHPAM=$(usetf pam)
+ export DEBUG_CFLAGS=
+ export OPTIMIZE_CFLAGS=
+ export WERROR_CFLAGS=
+}
+
+src_compile() {
+ emake all
+ emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all
+}
+
+src_test() {
+ : # integration tests only that require set of kvms to be set up
+}
+
+src_install() {
+ default
+ emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install
+
+ echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets
+ fperms 0600 /etc/ipsec.secrets
+
+ dodoc -r docs
+
+ find "${D}" -type d -empty -delete || die
+}
+
+pkg_postinst() {
+ local IPSEC_CONFDIR=${ROOT%/}/etc/ipsec.d
+ if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then
+ ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password"
+ certutil -N -d "${IPSEC_CONFDIR}" --empty-password
+ eend $?
+ einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}"
+ fi
+}