summaryrefslogtreecommitdiff
path: root/net-vpn/libreswan
diff options
context:
space:
mode:
Diffstat (limited to 'net-vpn/libreswan')
-rw-r--r--net-vpn/libreswan/Manifest2
-rw-r--r--net-vpn/libreswan/files/libreswan-3.23-modern-kernels.patch15
-rw-r--r--net-vpn/libreswan/libreswan-3.23-r1.ebuild114
3 files changed, 131 insertions, 0 deletions
diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest
index 81c00fb1e920..6f5f5c9fcaac 100644
--- a/net-vpn/libreswan/Manifest
+++ b/net-vpn/libreswan/Manifest
@@ -1,7 +1,9 @@
+AUX libreswan-3.23-modern-kernels.patch 525 BLAKE2B 5c1353932dddd0febf60ae0b8c03e81e1c1397e6ea93619e5d02f60c4a735a0b63c8c1dfc6a3a79c55addf4af20e3e3f2b82b3f369b2c61d62c51c3c57f3d241 SHA512 e2a798d1bc8b089056a400bc0918b1037420a268e49e0183db99c565da9c8bce344e5fa9c3cdcc246a066450aceeec1af333f8b4c931e4e9414d6485db03bd13
DIST libreswan-3.21.tar.gz 8945666 BLAKE2B 88a96310d54f44c28eb676689c76737a44bfaf17c02146297f1759f1019d8cbb6effc15175880c18bf08b265778a2aba9d055172ea710c259e14cbe2fd84c158 SHA512 f1ef002b3e0869920edfebfc8efd73d9a9f84f64a77ad4832f46b12dfdd3c31cdf48c1473522b63f155058592c46af05995756af5440ca3e9c0fa5207436e0fc
DIST libreswan-3.22.tar.gz 6910418 BLAKE2B c06134fa2d1096231797f1ea93de8ed61121472b10ae30ee9a843250dce4ef9f21e7d3bf63f38daf53fbfd8d1e435cfdc704743d0fdcbde8ecac137d9becac48 SHA512 93868327394527750590e1297443d3eb1c9a528d680348098fd2913123dac52c9fecd73b855ee00586c2516b8aa00f7f0d158d8e9b19d7487b5fb26432b86aff
DIST libreswan-3.23.tar.gz 3836073 BLAKE2B ffb27ed75618afcf39c36b7326bb1e4b70ea8337bb4b13951bef95dc13989613c226fe83e031eeba080f55f98262df432b776c3ac5b7b4fb740506f918172ed3 SHA512 3645af522ea9ac868c55bfadfd2cf27dc5acb247543f43290cbe677a90cd00316be6520ca2128b9aaecce2b0293710ae6a2bd710a7d93198b8cb81e32276ced8
EBUILD libreswan-3.21.ebuild 2568 BLAKE2B 1df86e3bdaebd713fc430d09270bd36d6585696920c936ec1e80d63ca14d829eeb097597d7aa2001fc3f1d7e3aa598d1d72c8a10baf5e5661b4a292a9c1f463b SHA512 65fa1471cd46cbf5cb816f3b4bfe9f29a09b0ffb8d28e688544be044c5b794673d0b89c108c810b43d44fca4ca3107b4c8ff6cf364899211a7c0ea9442d45bfa
EBUILD libreswan-3.22.ebuild 2812 BLAKE2B 55b89a58724b02cafcf997295f117a084c1f7e16a65f1adfb0efc783772d3a68be867b24ff038aa8017412b2e4fb716a3aa101d080eda2c9e8a11dfd117c3544 SHA512 23136de2f2a1442318bc692456c32d0675515b508ef6281b33b2f8760bafbbe09ab39d233d552214aecc3e965c22f9fc67bad93902a6be5696117308bf1190cf
+EBUILD libreswan-3.23-r1.ebuild 2867 BLAKE2B f4fb5ffb508732e268199c92ff69d43c14620915bc0b6aa3fb867b56e4c3713a8e2b8dc25ec0e01fd80efad853afb38e54155b0c1a4455b81f0dbb69131c0d79 SHA512 00c4c5399dc14afa872c9b81202bce9d9d1cf5c4eb6a3a34ce2b96f9be5af008edc799fdc7c3c7af8aa36bae2b518f40686e08dc813ba7040e9351c69fcff0bf
EBUILD libreswan-3.23.ebuild 2814 BLAKE2B 75a2bd92b38261da8141c05e287e9ee33d55b2a19aaddfb30b2f76fea4e944979345512ba1d29465342066646d69cabfef85f4417e471350a05f8becd7f73f9a SHA512 c5c8409272f7bb661e9578ff7d97c52fd07f291b8392826031b106998f1c516f6a6f343813cafdeef4c6245e4123509c764dd303a40200a9b0f98b0821c14a1e
MISC metadata.xml 319 BLAKE2B 6bae0756e29efeb1cf77d60f7e38fe62ffa5f24c3745e07900e6ef5f65194c50f6a479d97fdcc24804ccdcfefd9707b12f08dffe613fcf798afc421826de36e4 SHA512 924161f15c0f7a9666a6d7a422b45da679190e1a0f2859b997ddd753cbf49df9da337e5420040210736f76fa712dca3ec8862480f62bd321de71e74bee7c0865
diff --git a/net-vpn/libreswan/files/libreswan-3.23-modern-kernels.patch b/net-vpn/libreswan/files/libreswan-3.23-modern-kernels.patch
new file mode 100644
index 000000000000..5dedfeb34c7d
--- /dev/null
+++ b/net-vpn/libreswan/files/libreswan-3.23-modern-kernels.patch
@@ -0,0 +1,15 @@
+diff --git a/programs/pluto/kernel_netlink.c
+b/programs/pluto/kernel_netlink.c
+index 8cec3a2..a2500f4 100644
+--- a/programs/pluto/kernel_netlink.c
++++ b/programs/pluto/kernel_netlink.c
+@@ -51,8 +51,8 @@
+ #include <linux/if_addr.h>
+ #include <linux/if_link.h>
+
+-#include "libreswan.h" /* before xfrm.h otherwise break on F22 */
+ #include "linux/xfrm.h" /* local (if configured) or system copy */
++#include "libreswan.h" /* before xfrm.h otherwise break on F22 */
+
+ #include "libreswan/pfkeyv2.h"
+ #include "libreswan/pfkey.h"
diff --git a/net-vpn/libreswan/libreswan-3.23-r1.ebuild b/net-vpn/libreswan/libreswan-3.23-r1.ebuild
new file mode 100644
index 000000000000..3a6e2002c930
--- /dev/null
+++ b/net-vpn/libreswan/libreswan-3.23-r1.ebuild
@@ -0,0 +1,114 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit systemd toolchain-funcs
+
+SRC_URI="https://download.libreswan.org/${P}.tar.gz"
+KEYWORDS="~amd64 ~ppc ~x86"
+
+DESCRIPTION="IPsec implementation for Linux, fork of Openswan"
+HOMEPAGE="https://libreswan.org/"
+
+LICENSE="GPL-2 BSD-4 RSA DES"
+SLOT="0"
+IUSE="caps curl dnssec ldap pam seccomp selinux systemd test"
+
+COMMON_DEPEND="
+ dev-libs/gmp:0=
+ dev-libs/libevent:0=
+ dev-libs/nspr
+ caps? ( sys-libs/libcap-ng )
+ curl? ( net-misc/curl )
+ dnssec? ( net-dns/unbound net-libs/ldns )
+ ldap? ( net-nds/openldap )
+ pam? ( sys-libs/pam )
+ seccomp? ( sys-libs/libseccomp )
+ selinux? ( sys-libs/libselinux )
+ systemd? ( sys-apps/systemd:0= )
+"
+DEPEND="${COMMON_DEPEND}
+ app-text/docbook-xml-dtd:4.1.2
+ app-text/xmlto
+ dev-libs/nss
+ sys-devel/bison
+ sys-devel/flex
+ virtual/pkgconfig
+ test? ( dev-python/setproctitle )
+"
+RDEPEND="${COMMON_DEPEND}
+ dev-libs/nss[utils(+)]
+ sys-apps/iproute2
+ !net-misc/openswan
+ !net-vpn/strongswan
+ selinux? ( sec-policy/selinux-ipsec )
+"
+
+PATCHES=( "${FILESDIR}/${P}-modern-kernels.patch" )
+
+usetf() {
+ usex "$1" true false
+}
+
+src_prepare() {
+ sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die
+ sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die
+ default
+}
+
+src_configure() {
+ tc-export AR CC
+ export INC_USRLOCAL=/usr
+ export INC_MANDIR=share/man
+ export FINALEXAMPLECONFDIR=/usr/share/doc/${PF}
+ export FINALDOCDIR=/usr/share/doc/${PF}/html
+ export INITSYSTEM=openrc
+ export INC_RCDIRS=
+ export INC_RCDEFAULT=/etc/init.d
+ export USERCOMPILE=
+ export USERLINK=
+ export USE_DNSSEC=$(usetf dnssec)
+ export USE_LABELED_IPSEC=$(usetf selinux)
+ export USE_LIBCAP_NG=$(usetf caps)
+ export USE_LIBCURL=$(usetf curl)
+ export USE_LINUX_AUDIT=$(usetf selinux)
+ export USE_LDAP=$(usetf ldap)
+ export USE_SECCOMP=$(usetf seccomp)
+ export USE_SYSTEMD_WATCHDOG=$(usetf systemd)
+ export SD_WATCHDOGSEC=$(usex systemd 200 0)
+ export USE_XAUTHPAM=$(usetf pam)
+ export DEBUG_CFLAGS=
+ export OPTIMIZE_CFLAGS=
+ export WERROR_CFLAGS=
+}
+
+src_compile() {
+ emake all
+ emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" all
+}
+
+src_test() {
+ : # integration tests only that require set of kvms to be set up
+}
+
+src_install() {
+ default
+ emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" DESTDIR="${D}" install
+
+ echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets
+ fperms 0600 /etc/ipsec.secrets
+
+ dodoc -r docs
+
+ find "${D}" -type d -empty -delete || die
+}
+
+pkg_postinst() {
+ local IPSEC_CONFDIR=${ROOT%/}/etc/ipsec.d
+ if [[ ! -f ${IPSEC_CONFDIR}/cert8.db ]]; then
+ ebegin "Setting up NSS database in ${IPSEC_CONFDIR}"
+ certutil -N -d "${IPSEC_CONFDIR}" -f <(echo)
+ eend $?
+ fi
+}