diff options
Diffstat (limited to 'net-vpn/libreswan')
-rw-r--r-- | net-vpn/libreswan/Manifest | 2 | ||||
-rw-r--r-- | net-vpn/libreswan/files/libreswan-3.23-modern-kernels.patch | 15 | ||||
-rw-r--r-- | net-vpn/libreswan/libreswan-3.23-r1.ebuild | 114 |
3 files changed, 131 insertions, 0 deletions
diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest index 81c00fb1e920..6f5f5c9fcaac 100644 --- a/net-vpn/libreswan/Manifest +++ b/net-vpn/libreswan/Manifest @@ -1,7 +1,9 @@ +AUX libreswan-3.23-modern-kernels.patch 525 BLAKE2B 5c1353932dddd0febf60ae0b8c03e81e1c1397e6ea93619e5d02f60c4a735a0b63c8c1dfc6a3a79c55addf4af20e3e3f2b82b3f369b2c61d62c51c3c57f3d241 SHA512 e2a798d1bc8b089056a400bc0918b1037420a268e49e0183db99c565da9c8bce344e5fa9c3cdcc246a066450aceeec1af333f8b4c931e4e9414d6485db03bd13 DIST libreswan-3.21.tar.gz 8945666 BLAKE2B 88a96310d54f44c28eb676689c76737a44bfaf17c02146297f1759f1019d8cbb6effc15175880c18bf08b265778a2aba9d055172ea710c259e14cbe2fd84c158 SHA512 f1ef002b3e0869920edfebfc8efd73d9a9f84f64a77ad4832f46b12dfdd3c31cdf48c1473522b63f155058592c46af05995756af5440ca3e9c0fa5207436e0fc DIST libreswan-3.22.tar.gz 6910418 BLAKE2B c06134fa2d1096231797f1ea93de8ed61121472b10ae30ee9a843250dce4ef9f21e7d3bf63f38daf53fbfd8d1e435cfdc704743d0fdcbde8ecac137d9becac48 SHA512 93868327394527750590e1297443d3eb1c9a528d680348098fd2913123dac52c9fecd73b855ee00586c2516b8aa00f7f0d158d8e9b19d7487b5fb26432b86aff DIST libreswan-3.23.tar.gz 3836073 BLAKE2B ffb27ed75618afcf39c36b7326bb1e4b70ea8337bb4b13951bef95dc13989613c226fe83e031eeba080f55f98262df432b776c3ac5b7b4fb740506f918172ed3 SHA512 3645af522ea9ac868c55bfadfd2cf27dc5acb247543f43290cbe677a90cd00316be6520ca2128b9aaecce2b0293710ae6a2bd710a7d93198b8cb81e32276ced8 EBUILD libreswan-3.21.ebuild 2568 BLAKE2B 1df86e3bdaebd713fc430d09270bd36d6585696920c936ec1e80d63ca14d829eeb097597d7aa2001fc3f1d7e3aa598d1d72c8a10baf5e5661b4a292a9c1f463b SHA512 65fa1471cd46cbf5cb816f3b4bfe9f29a09b0ffb8d28e688544be044c5b794673d0b89c108c810b43d44fca4ca3107b4c8ff6cf364899211a7c0ea9442d45bfa EBUILD libreswan-3.22.ebuild 2812 BLAKE2B 55b89a58724b02cafcf997295f117a084c1f7e16a65f1adfb0efc783772d3a68be867b24ff038aa8017412b2e4fb716a3aa101d080eda2c9e8a11dfd117c3544 SHA512 23136de2f2a1442318bc692456c32d0675515b508ef6281b33b2f8760bafbbe09ab39d233d552214aecc3e965c22f9fc67bad93902a6be5696117308bf1190cf +EBUILD libreswan-3.23-r1.ebuild 2867 BLAKE2B f4fb5ffb508732e268199c92ff69d43c14620915bc0b6aa3fb867b56e4c3713a8e2b8dc25ec0e01fd80efad853afb38e54155b0c1a4455b81f0dbb69131c0d79 SHA512 00c4c5399dc14afa872c9b81202bce9d9d1cf5c4eb6a3a34ce2b96f9be5af008edc799fdc7c3c7af8aa36bae2b518f40686e08dc813ba7040e9351c69fcff0bf EBUILD libreswan-3.23.ebuild 2814 BLAKE2B 75a2bd92b38261da8141c05e287e9ee33d55b2a19aaddfb30b2f76fea4e944979345512ba1d29465342066646d69cabfef85f4417e471350a05f8becd7f73f9a SHA512 c5c8409272f7bb661e9578ff7d97c52fd07f291b8392826031b106998f1c516f6a6f343813cafdeef4c6245e4123509c764dd303a40200a9b0f98b0821c14a1e MISC metadata.xml 319 BLAKE2B 6bae0756e29efeb1cf77d60f7e38fe62ffa5f24c3745e07900e6ef5f65194c50f6a479d97fdcc24804ccdcfefd9707b12f08dffe613fcf798afc421826de36e4 SHA512 924161f15c0f7a9666a6d7a422b45da679190e1a0f2859b997ddd753cbf49df9da337e5420040210736f76fa712dca3ec8862480f62bd321de71e74bee7c0865 diff --git a/net-vpn/libreswan/files/libreswan-3.23-modern-kernels.patch b/net-vpn/libreswan/files/libreswan-3.23-modern-kernels.patch new file mode 100644 index 000000000000..5dedfeb34c7d --- /dev/null +++ b/net-vpn/libreswan/files/libreswan-3.23-modern-kernels.patch @@ -0,0 +1,15 @@ +diff --git a/programs/pluto/kernel_netlink.c +b/programs/pluto/kernel_netlink.c +index 8cec3a2..a2500f4 100644 +--- a/programs/pluto/kernel_netlink.c ++++ b/programs/pluto/kernel_netlink.c +@@ -51,8 +51,8 @@ + #include <linux/if_addr.h> + #include <linux/if_link.h> + +-#include "libreswan.h" /* before xfrm.h otherwise break on F22 */ + #include "linux/xfrm.h" /* local (if configured) or system copy */ ++#include "libreswan.h" /* before xfrm.h otherwise break on F22 */ + + #include "libreswan/pfkeyv2.h" + #include "libreswan/pfkey.h" diff --git a/net-vpn/libreswan/libreswan-3.23-r1.ebuild b/net-vpn/libreswan/libreswan-3.23-r1.ebuild new file mode 100644 index 000000000000..3a6e2002c930 --- /dev/null +++ b/net-vpn/libreswan/libreswan-3.23-r1.ebuild @@ -0,0 +1,114 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit systemd toolchain-funcs + +SRC_URI="https://download.libreswan.org/${P}.tar.gz" +KEYWORDS="~amd64 ~ppc ~x86" + +DESCRIPTION="IPsec implementation for Linux, fork of Openswan" +HOMEPAGE="https://libreswan.org/" + +LICENSE="GPL-2 BSD-4 RSA DES" +SLOT="0" +IUSE="caps curl dnssec ldap pam seccomp selinux systemd test" + +COMMON_DEPEND=" + dev-libs/gmp:0= + dev-libs/libevent:0= + dev-libs/nspr + caps? ( sys-libs/libcap-ng ) + curl? ( net-misc/curl ) + dnssec? ( net-dns/unbound net-libs/ldns ) + ldap? ( net-nds/openldap ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + systemd? ( sys-apps/systemd:0= ) +" +DEPEND="${COMMON_DEPEND} + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + dev-libs/nss + sys-devel/bison + sys-devel/flex + virtual/pkgconfig + test? ( dev-python/setproctitle ) +" +RDEPEND="${COMMON_DEPEND} + dev-libs/nss[utils(+)] + sys-apps/iproute2 + !net-misc/openswan + !net-vpn/strongswan + selinux? ( sec-policy/selinux-ipsec ) +" + +PATCHES=( "${FILESDIR}/${P}-modern-kernels.patch" ) + +usetf() { + usex "$1" true false +} + +src_prepare() { + sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die + sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die + default +} + +src_configure() { + tc-export AR CC + export INC_USRLOCAL=/usr + export INC_MANDIR=share/man + export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} + export FINALDOCDIR=/usr/share/doc/${PF}/html + export INITSYSTEM=openrc + export INC_RCDIRS= + export INC_RCDEFAULT=/etc/init.d + export USERCOMPILE= + export USERLINK= + export USE_DNSSEC=$(usetf dnssec) + export USE_LABELED_IPSEC=$(usetf selinux) + export USE_LIBCAP_NG=$(usetf caps) + export USE_LIBCURL=$(usetf curl) + export USE_LINUX_AUDIT=$(usetf selinux) + export USE_LDAP=$(usetf ldap) + export USE_SECCOMP=$(usetf seccomp) + export USE_SYSTEMD_WATCHDOG=$(usetf systemd) + export SD_WATCHDOGSEC=$(usex systemd 200 0) + export USE_XAUTHPAM=$(usetf pam) + export DEBUG_CFLAGS= + export OPTIMIZE_CFLAGS= + export WERROR_CFLAGS= +} + +src_compile() { + emake all + emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" all +} + +src_test() { + : # integration tests only that require set of kvms to be set up +} + +src_install() { + default + emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" DESTDIR="${D}" install + + echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets + fperms 0600 /etc/ipsec.secrets + + dodoc -r docs + + find "${D}" -type d -empty -delete || die +} + +pkg_postinst() { + local IPSEC_CONFDIR=${ROOT%/}/etc/ipsec.d + if [[ ! -f ${IPSEC_CONFDIR}/cert8.db ]]; then + ebegin "Setting up NSS database in ${IPSEC_CONFDIR}" + certutil -N -d "${IPSEC_CONFDIR}" -f <(echo) + eend $? + fi +} |