From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- net-misc/oidentd/Manifest | 18 +++++++ net-misc/oidentd/files/oidentd-2.0.7-confd | 4 ++ net-misc/oidentd/files/oidentd-2.0.7-init | 40 ++++++++++++++ .../files/oidentd-2.0.8-bind-to-ipv6-too.patch | 17 ++++++ net-misc/oidentd/files/oidentd-2.0.8-gcc5.patch | 25 +++++++++ .../files/oidentd-2.0.8-log-conntrack-fails.patch | 52 ++++++++++++++++++ .../oidentd/files/oidentd-2.0.8-masquerading.patch | 43 +++++++++++++++ .../oidentd-2.0.8-no-conntrack-masquerading.patch | 41 ++++++++++++++ net-misc/oidentd/files/oidentd.conf | 22 ++++++++ net-misc/oidentd/files/oidentd.service | 9 ++++ net-misc/oidentd/files/oidentd.socket | 10 ++++ net-misc/oidentd/files/oidentd_at.service | 7 +++ net-misc/oidentd/files/oidentd_masq.conf | 10 ++++ net-misc/oidentd/metadata.xml | 18 +++++++ net-misc/oidentd/oidentd-2.0.8-r5.ebuild | 53 ++++++++++++++++++ net-misc/oidentd/oidentd-2.0.8-r6.ebuild | 63 ++++++++++++++++++++++ 16 files changed, 432 insertions(+) create mode 100644 net-misc/oidentd/Manifest create mode 100644 net-misc/oidentd/files/oidentd-2.0.7-confd create mode 100644 net-misc/oidentd/files/oidentd-2.0.7-init create mode 100644 net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch create mode 100644 net-misc/oidentd/files/oidentd-2.0.8-gcc5.patch create mode 100644 net-misc/oidentd/files/oidentd-2.0.8-log-conntrack-fails.patch create mode 100644 net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch create mode 100644 net-misc/oidentd/files/oidentd-2.0.8-no-conntrack-masquerading.patch create mode 100644 net-misc/oidentd/files/oidentd.conf create mode 100644 net-misc/oidentd/files/oidentd.service create mode 100644 net-misc/oidentd/files/oidentd.socket create mode 100644 net-misc/oidentd/files/oidentd_at.service create mode 100644 net-misc/oidentd/files/oidentd_masq.conf create mode 100644 net-misc/oidentd/metadata.xml create mode 100644 net-misc/oidentd/oidentd-2.0.8-r5.ebuild create mode 100644 net-misc/oidentd/oidentd-2.0.8-r6.ebuild (limited to 'net-misc/oidentd') diff --git a/net-misc/oidentd/Manifest b/net-misc/oidentd/Manifest new file mode 100644 index 000000000000..24065340bb98 --- /dev/null +++ b/net-misc/oidentd/Manifest @@ -0,0 +1,18 @@ +AUX oidentd-2.0.7-confd 67 SHA256 acdd88d817474e392e8f07b0f00579007a71340d00a5520d7a2661ecf4a7e5f4 SHA512 d3aba90970df7cf9869934380267b3f5c687a86ad532fa854728e2f7506551254ae4bda0a1edece24d26c4da6c29d7e9c44923a29fd67016b88a7766c6e6a050 WHIRLPOOL ce8a6c4b1893d83313c16070461fcc50ea39970d7bace72df961bb655734f78e3861fe4abd2389b8cf09e813e6ac0ac4b8d45709dd47820c20cf24da77511ffe +AUX oidentd-2.0.7-init 837 SHA256 695b4b3388549552e56ffe9d0b1b77c244700726e67fb35b5401ceaf7018e1a3 SHA512 ebd072d86fa879017bb43f8f9cdd0ea563f337b558552ebdc27c980376889dfd22f2d6bdeb424ca3e2dbe62a78ceb80208ee26398aed0c38c4f973646d6d80d3 WHIRLPOOL 6b4b8dc8d80bd739ae2a0cfd62a3df9375b26e88afed2ff71e9a26dc68d54d24d3347ee0ffd494766735ec0111d92ccacd52876619d88a0529ebdce640ed3a50 +AUX oidentd-2.0.8-bind-to-ipv6-too.patch 557 SHA256 96b135b30ca3ef810b9fa08e140ad5be21e0a05f559c726d7dcf284868fa95ae SHA512 a643d487efd819219dfd85c27d710a8dd41a1583260b662690c7ffb411e44a96eeeefb1a513f892dfba7fd82bea8be1013a8ef41a18651ee2a137789d6c108e5 WHIRLPOOL 4dcebb2ef55ab4ebbc2ec1950995c5d8934ffc69be9521e95f179ac298f8d12082f79cb041954eab429b2cea2f103be6bdd68523cbae64cc86a39e77c79075a4 +AUX oidentd-2.0.8-gcc5.patch 855 SHA256 80fbccaef5372e7169b7cd0917bf1440a9f8962c04204239a1d126f24a01fff7 SHA512 3bb470bc8096096d6cebcdeef142cf9f05076f33371c8a8ce4f2aa192758441392ccce090494979345e590d159422b7ab5e435a453081fffd27cf9a887549acf WHIRLPOOL 731f09fdec031fe72ac7f7469a1db98e8afcfabfe17182e09a5c3bdc385eaf984c66252412d88ab2d7efe4be7b2f3c978ef1608dbad8785ed04f0f87c7619fc9 +AUX oidentd-2.0.8-log-conntrack-fails.patch 1686 SHA256 f6f42c7bac9846e3a72d6817c4d2982db54d80c0468061893d96f972a481d84d SHA512 210dcf4ee04d61ee07f7a38cb5b943343526677242d2e284929a7ae83e6940ad2806eef6271f2eb8fc13ee5ad2f2366aff4d4ad3ba9c244277f41bcf8daca9a0 WHIRLPOOL d55e47f772ab6fb00486188d669bbb401a7566f8ce6081dfae27a51797c9acf2d509e76b56fdc90a18ee2327578bfe8c6ca677e42ecb2ea53561daa41b93e8dc +AUX oidentd-2.0.8-masquerading.patch 1288 SHA256 a256909b3a608ff224f8eea413313990778f70fc9f7d269c5939e51b9ec2a082 SHA512 453787b4ef00a7578b65e04cc4fa36bc233d737294171e807b6d9711cbd2be9cd4fc461863ea8ddbd39901433a007d32403252e701604d13ddbb442a363439fc WHIRLPOOL c8d34baa22ecf6a196424323c44fa3a6c49eb2ab0b1441af8e07d8de726ea4d31765ae0d9738c611da4cf4ec1162f35ef67b0a78c28d2df20331aba35d092170 +AUX oidentd-2.0.8-no-conntrack-masquerading.patch 1141 SHA256 3748e32b23299658d8eedd5dcd96d576fb0c7638c43cf51fc8e0c1edb0fab70d SHA512 8d0c44f16cab0331c52362671790360f47de7568b81622971a33865464a85342c956447164b516ed0fd90bbef72eab2bdec5fff0b0b7e23d554abaf109329b3b WHIRLPOOL 0a17638e336625063f6af0abdf535e28960a364a184031f313f0d622af26005fba7182df804a3926a63857265219e13193dc9029ecdd4c419204175eafdf1ee1 +AUX oidentd.conf 298 SHA256 fe91a7af10e55c90a8468ba529012f8359507353035d72c669b535c8b84eb9dc SHA512 a05de9b08f87a200309c39d3bc3aba0aa2c6461c3c43a9d851299e6083f0ca9a362409b0db93ca069c7a50d3a14169a308aea51b3d42ebf0180a4b4c99bf5126 WHIRLPOOL 7a46a30d087775075017914dcf0fc25d49e289d839e4828c668179a31cde6694f945c9a0d996e5137a08e7964fafa74cdae00a916f5bbe51e017aa2a5ddd84d5 +AUX oidentd.service 186 SHA256 3b57903f1a4198cb6590b50a2023b0ead54a9fcac9de9b63fd94ac9ffc9464e2 SHA512 dd89471b232c0cce1113ea8550a3cb0ad55bd0791b7c916ea13b533051fe10271cd8e41aff13bf4071b507251ab6b14de20c8b63a525074a728f007fe0d647e8 WHIRLPOOL 8bcb761ca8898cb2bf79df79a163dd2e05705f1f0acdbfa7c6c75b5dea9a9bbb598ea98ea2919f169c535c70036e85d81aabd9df7b016139b261c64c2666e59a +AUX oidentd.socket 142 SHA256 520dcb6b208d39206bc74cc8f54c97a9c814c847239dc7097071791343e0d28f SHA512 151f846a889968084f4b6900e42806ea2c16f184fe65fe67b77bd9176318faeb3db3f7a43d6eec8d70bca7c2919952ad9059301ba396ec56a9da1ab0371b44d4 WHIRLPOOL ad5aac4cc0ce4a97dde0f16db66355bc5a879a304efd57918959bd8b8d16383cd25405ca001b49353432bd89339c60d5670052c4d6798bfbfc20a62e2f751941 +AUX oidentd_at.service 179 SHA256 fc1b73fa67aa149a008c73aec4b90d47e8cd6147fcfe336bb6bb4e2c992cdd04 SHA512 513e49d74c25ea0392a4b9541df0b275fa497bf2cb1d55a3c1c31a9cfe207ec2de69e76d7813531c90b5b378d1dd55b3ee21371ad281ff5f2a89ab70f59a25b4 WHIRLPOOL 285a0ca3dae15dd0c8808ef67525c6b2384f5ce9a369f079ba1d1de7ddc6e857b358bf619be23b2d4c94f8ba70a14957df6db366237519e7cca4720fe6b16533 +AUX oidentd_masq.conf 429 SHA256 16b94239221e63abdf38ce59e4b9231622f81bfeca643c8ac8be3a57b01ced28 SHA512 72e48e1923adf594d53ae325b0ba5a6ab406ac934985a699f6f3b2a88010f312ddac279a752bba6b237aa87451348a0933ee4166aa267a0b08919c37eaaac40a WHIRLPOOL 3fbd8c0f1e18fcd64c635081f0cef1b25ee02f107e241db14954506f66095c440e4384b3da88bc22dc8cdc87c27e8126f9769f24b7cc383bac5be2dac953e72b +DIST oidentd-2.0.8.tar.gz 212354 SHA256 a54cbed187281f8d5a301d1d8fd5cb0f30bfb13a5a8e9ab752ace76c1010fb6f SHA512 86229a4ef9892121c25a7140616e180f862ca34b73ea3ad9f0fbb008f657abb17e9f14c2c25ae14c14bfc14bf1ea10b50fd68318631a9c52227bbfd6e6d43288 WHIRLPOOL ac36130273ec6a4fc7f715a9518f99445c3f4af50b03e647846b152800940fd8f83222b78b7a12385a0c722a8d89b6bdbc557812d0b64e3253aa3231f95215cb +EBUILD oidentd-2.0.8-r5.ebuild 1203 SHA256 f658cd8e6c78a332ebc2dc0ebdcca2fa194078dc1e23bfae68a08aa423c8d2d4 SHA512 53a4113831796de47144d3bcf0c26528a2567ee3b3473cb53d455f0b51bfeacc2b18ee7d1a5b0d9d71fcc91fd88fe0101f332193a1fab6bdf95bc0509a93ca17 WHIRLPOOL fc1188a06e08d18b09f1839a3d933e0019d7aef11882def4d53fdd218baa7af943e6489d1b7e4c9270e5b24abd982f3679309eadcf5280e6af260d7321c5e84d +EBUILD oidentd-2.0.8-r6.ebuild 1453 SHA256 3e19d709210e730dd1fff9e3d7fd57233e9d566c2e441252f71d6b8c71c896c2 SHA512 be493a35547cd8fdee20fd1de217e0a26594aa81a8b0e6f20b80d1827d20122be137e9e1ca45925890d3d89de408d39b6b532a446b6dae4dad043f1b8cc549e3 WHIRLPOOL e7b6d7d81debd4d7873bcda4458ca2658dabe624fe8dac3d096c7aea992c545c5c33d2d26952edc5ee962a90547c2267c5d83bb7c921faf1a84e0f844b63eab4 +MISC ChangeLog 2900 SHA256 1f14d92b40d60b5f3b1017accf60af4ad3c88a2f0b50cef8b1a30b5d62ff0654 SHA512 c26c0039d7a2d3724342da8d5540cfa770e51ddeec1a7ea389eb2e81aed2e531714aeea1212f490f1ae309b3e637bcd4feb96bdbfaf2d740ef5d21a2c31b2f09 WHIRLPOOL b44c4bb04305377a8aeb37027db6bb344fdb3f2c9fbe1400d07e47ef392f0910678b2941d98ea4c3713a058a5fb9282b86a1cfdb6f28e6a6db0db0aa0bc30815 +MISC ChangeLog-2015 8297 SHA256 754014d897e04563fe85b4bc5d88270c23cf25842ec6aab471350b4a8057aaf7 SHA512 9be7c930ce0de6a8791757077623f0d46662e38246e2225c5c0d5f5c38211fdb0b4b42f85851a64d19df98628969ddc744ce333f33f424c727ad895b77efcf77 WHIRLPOOL fbe06cb1f0904b252f4bf6534aad0942e2ce33f44e2a9561f229964ef18924318e31c1b62e4213ae656b28bd45eef79ef6a1dcebb5e529a383b07852791e5766 +MISC metadata.xml 531 SHA256 3ea3fbb0bb568a6ab28de047411678621f7e1c9b68e70d8ef7be2362c9b74651 SHA512 f6c11a386380db0197ab45fd6169028063e432e014a18f92b40bc1350cfd1b2dc517b95b55da93f22a58cb5fa00856215f9673d59fd12d27c92075ad93e42215 WHIRLPOOL 17d79e45af14026dd9082cb05b25fe0b889c42b932ff5cd842f0f36e7a7ad20c604e6312f4ca96a4c5dfbb059db98818e7038948c25e6e8cfe76491bae8286f5 diff --git a/net-misc/oidentd/files/oidentd-2.0.7-confd b/net-misc/oidentd/files/oidentd-2.0.7-confd new file mode 100644 index 000000000000..3116889e67e2 --- /dev/null +++ b/net-misc/oidentd/files/oidentd-2.0.7-confd @@ -0,0 +1,4 @@ +# oidentd start-up options +USER="nobody" +GROUP="nobody" +OPTIONS="" diff --git a/net-misc/oidentd/files/oidentd-2.0.7-init b/net-misc/oidentd/files/oidentd-2.0.7-init new file mode 100644 index 000000000000..5b1ae44089d0 --- /dev/null +++ b/net-misc/oidentd/files/oidentd-2.0.7-init @@ -0,0 +1,40 @@ +#!/sbin/openrc-run +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + need net +} + +check_config() { + if [ -z "${USER}" ] + then + eerror "Please set \$USER in /etc/conf.d/oidentd!" + return 1 + fi + if [ -z "${GROUP}" ] + then + eerror "Please set \$GROUP in /etc/conf.d/oidentd!" + return 1 + fi + + if [ "$(sysctl -n security.bsd.see_other_uids 2>/dev/null)" = "0" ]; then + eerror "${SVCNAME} cannot work if the sysctl security.bsd.see_other_uids is 0" + return 1 + fi +} + + +start() { + check_config || return 1 + ebegin "Starting oidentd" + OPTIONS="${OPTIONS} -u ${USER} -g ${GROUP}" + start-stop-daemon --start --quiet --exec /usr/sbin/oidentd -- $OPTIONS + eend $? +} + +stop() { + ebegin "Stopping oidentd" + start-stop-daemon --stop --quiet --exec /usr/sbin/oidentd + eend $? +} diff --git a/net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch b/net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch new file mode 100644 index 000000000000..2652622cdd4f --- /dev/null +++ b/net-misc/oidentd/files/oidentd-2.0.8-bind-to-ipv6-too.patch @@ -0,0 +1,17 @@ +Patch to bind to ipv6 socket as well +Patch supplied by Fabian Knittel +--- oidentd-2.0.8/src/oidentd_inet_util.c 2006-05-22 02:31:19.000000000 +0200 ++++ oidentd-2.0.8.new/src/oidentd_inet_util.c 2010-03-01 20:26:11.000000000 +0100 +@@ -60,6 +60,12 @@ + #ifdef WANT_IPV6 + case AF_INET6: + SIN6(ai->ai_addr)->sin6_port = listen_port; ++ ++ if (setsockopt(listenfd, IPPROTO_IPV6, IPV6_V6ONLY, &one, ++ sizeof(one)) != 0) { ++ debug("setsockopt IPV6_V6ONLY: %s", strerror(errno)); ++ return (-1); ++ } + break; + #endif + diff --git a/net-misc/oidentd/files/oidentd-2.0.8-gcc5.patch b/net-misc/oidentd/files/oidentd-2.0.8-gcc5.patch new file mode 100644 index 000000000000..a401a65d9bc6 --- /dev/null +++ b/net-misc/oidentd/files/oidentd-2.0.8-gcc5.patch @@ -0,0 +1,25 @@ +Description: Fix a failure to build with gcc5. +Bug: http://bugs.debian.org/778035 + +--- a/src/oidentd_util.c 2015-07-03 05:56:24.000000000 -0400 ++++ b/src/oidentd_util.c 2015-07-03 05:56:47.671378000 -0400 +@@ -75,7 +75,7 @@ + ** PRNG functions on systems whose libraries provide them.) + */ + +-inline int randval(int i) { ++extern __attribute__ ((gnu_inline)) int randval(int i) { + /* Per _Numerical Recipes in C_: */ + return ((double) i * rand() / (RAND_MAX+1.0)); + } +--- a/src/oidentd_util.h 2015-07-03 05:56:32.000000000 -0400 ++++ b/src/oidentd_util.h 2015-07-03 05:56:53.835378000 -0400 +@@ -58,7 +58,7 @@ + int find_group(const char *temp_group, gid_t *gid); + + int random_seed(void); +-inline int randval(int i); ++extern __attribute__ ((gnu_inline)) int randval(int i); + + #ifndef HAVE_SNPRINTF + int snprintf(char *str, size_t n, char const *fmt, ...); diff --git a/net-misc/oidentd/files/oidentd-2.0.8-log-conntrack-fails.patch b/net-misc/oidentd/files/oidentd-2.0.8-log-conntrack-fails.patch new file mode 100644 index 000000000000..d29479ec0284 --- /dev/null +++ b/net-misc/oidentd/files/oidentd-2.0.8-log-conntrack-fails.patch @@ -0,0 +1,52 @@ +From 612f1d85dd59fc39b124392df38586769ebc8add Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Fri, 11 Mar 2016 10:00:59 +0100 +Subject: [PATCH] Log Linux core_init failures as normal error +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Opening Linux conntracking table file failure for different reason than +missing the file is fatal for deamon initizalization. But the failure +was logged inly in debugging build. + +This patch makes the fatal error visible in normal log. + +https://bugzilla.redhat.com/show_bug.cgi?id=1316308 +Signed-off-by: Petr Písař +--- + src/kernel/linux.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/kernel/linux.c b/src/kernel/linux.c +index 8bf265f..9103dbf 100644 +--- a/src/kernel/linux.c ++++ b/src/kernel/linux.c +@@ -73,21 +73,21 @@ bool core_init(void) { + masq_fp = fopen(MASQFILE, "r"); + if (masq_fp == NULL) { + if (errno != ENOENT) { +- debug("fopen: %s: %s", MASQFILE, strerror(errno)); ++ o_log(NORMAL, "fopen: %s: %s", MASQFILE, strerror(errno)); + return false; + } + + masq_fp = fopen(CONNTRACK, "r"); + if (masq_fp == NULL) { + if (errno != ENOENT) { +- debug("fopen: %s: %s", CONNTRACK, strerror(errno)); ++ o_log(NORMAL, "fopen: %s: %s", CONNTRACK, strerror(errno)); + return false; + } + + masq_fp = fopen(NFCONNTRACK, "r"); + if (masq_fp == NULL) { + if (errno != ENOENT) { +- debug("fopen: %s: %s", NFCONNTRACK, strerror(errno)); ++ o_log(NORMAL, "fopen: %s: %s", NFCONNTRACK, strerror(errno)); + return false; + } + masq_fp = fopen("/dev/null", "r"); +-- +2.5.0 + diff --git a/net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch b/net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch new file mode 100644 index 000000000000..191e9b95e64d --- /dev/null +++ b/net-misc/oidentd/files/oidentd-2.0.8-masquerading.patch @@ -0,0 +1,43 @@ +--- oidentd.orig/src/kernel/linux.c 2006-05-22 06:58:53.000000000 +0300 ++++ oidentd-2.0.8/src/kernel/linux.c 2007-07-11 21:28:56.000000000 +0300 +@@ -48,6 +48,7 @@ + #define CFILE6 "/proc/net/tcp6" + #define MASQFILE "/proc/net/ip_masquerade" + #define CONNTRACK "/proc/net/ip_conntrack" ++#define NFCONNTRACK "/proc/net/nf_conntrack" + + static int netlink_sock; + extern struct sockaddr_storage proxy; +@@ -82,7 +83,15 @@ + debug("fopen: %s: %s", CONNTRACK, strerror(errno)); + return false; + } +- masq_fp = fopen("/dev/null", "r"); ++ ++ masq_fp = fopen(NFCONNTRACK, "r"); ++ if (masq_fp == NULL) { ++ if (errno != ENOENT) { ++ debug("fopen: %s: %s", NFCONNTRACK, strerror(errno)); ++ return false; ++ } ++ masq_fp = fopen("/dev/null", "r"); ++ } + } + + netfilter = true; +@@ -367,6 +376,15 @@ + &nport_temp, &mport_temp); + } + ++ if (ret != 21) { ++ ret = sscanf(buf, ++ "%*15s %*d %15s %*d %*d ESTABLISHED src=%d.%d.%d.%d dst=%d.%d.%d.%d sport=%d dport=%d packets=%*d bytes=%*d src=%d.%d.%d.%d dst=%d.%d.%d.%d sport=%d dport=%d", ++ proto, &l1, &l2, &l3, &l4, &r1, &r2, &r3, &r4, ++ &masq_lport_temp, &masq_fport_temp, ++ &nl1, &nl2, &nl3, &nl4, &nr1, &nr2, &nr3, &nr4, ++ &nport_temp, &mport_temp); ++ } ++ + if (ret != 21) + continue; + diff --git a/net-misc/oidentd/files/oidentd-2.0.8-no-conntrack-masquerading.patch b/net-misc/oidentd/files/oidentd-2.0.8-no-conntrack-masquerading.patch new file mode 100644 index 000000000000..92ef02523160 --- /dev/null +++ b/net-misc/oidentd/files/oidentd-2.0.8-no-conntrack-masquerading.patch @@ -0,0 +1,41 @@ +From 20a63ad8a90c36397cceedd34887298890dbafa3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Fri, 11 Mar 2016 10:38:10 +0100 +Subject: [PATCH] Linux: Do not open conntracking table if masquerading is not + enabled +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The contracking table was always opened. This is unnecessary because +the table is used only when masquerading feature is requested on run +time. + +This patch skips opening the conntracking table on Linux if +masquerading is not requested. + +https://bugzilla.redhat.com/show_bug.cgi?id=1316308 +Signed-off-by: Petr Písař +--- + src/kernel/linux.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/kernel/linux.c b/src/kernel/linux.c +index 9103dbf..859f554 100644 +--- a/src/kernel/linux.c ++++ b/src/kernel/linux.c +@@ -70,6 +70,11 @@ bool netfilter; + */ + bool core_init(void) { + #ifdef MASQ_SUPPORT ++ if (!opt_enabled(MASQ)) { ++ masq_fp = NULL; ++ return true; ++ } ++ + masq_fp = fopen(MASQFILE, "r"); + if (masq_fp == NULL) { + if (errno != ENOENT) { +-- +2.5.0 + diff --git a/net-misc/oidentd/files/oidentd.conf b/net-misc/oidentd/files/oidentd.conf new file mode 100644 index 000000000000..03b28d827802 --- /dev/null +++ b/net-misc/oidentd/files/oidentd.conf @@ -0,0 +1,22 @@ +# Configuration for oidentd +# see oidentd.conf(5) +# +default { + default { + deny spoof + deny spoof_all + deny spoof_privport + allow random + allow random_numeric + allow numeric + deny hide + } +} + +# you may want to hide root connections +#user "root" { +# default { +# force reply "UNKNOWN" +# } +#} + diff --git a/net-misc/oidentd/files/oidentd.service b/net-misc/oidentd/files/oidentd.service new file mode 100644 index 000000000000..bf159d855b8d --- /dev/null +++ b/net-misc/oidentd/files/oidentd.service @@ -0,0 +1,9 @@ +[Unit] +Description=TCP/IP IDENT protocol server + +[Service] +ExecStart=/usr/sbin/oidentd -i -S -u nobody -g nobody +ExecReload=/bin/kill -HUP $MAINPID + +[Install] +WantedBy=multi-user.target diff --git a/net-misc/oidentd/files/oidentd.socket b/net-misc/oidentd/files/oidentd.socket new file mode 100644 index 000000000000..63df7036e543 --- /dev/null +++ b/net-misc/oidentd/files/oidentd.socket @@ -0,0 +1,10 @@ +[Unit] +Description=Ident (RFC 1413) socket +Conflicts=oidentd.service + +[Socket] +ListenStream=113 +Accept=yes + +[Install] +WantedBy=sockets.target diff --git a/net-misc/oidentd/files/oidentd_at.service b/net-misc/oidentd/files/oidentd_at.service new file mode 100644 index 000000000000..ac03a94d6c8a --- /dev/null +++ b/net-misc/oidentd/files/oidentd_at.service @@ -0,0 +1,7 @@ +[Unit] +Description=Ident (RFC 1413) per-connection server + +[Service] +ExecStart=/usr/sbin/oidentd -I -S -u nobody -g nobody +ExecReload=/bin/kill -HUP $MAINPID +StandardInput=socket diff --git a/net-misc/oidentd/files/oidentd_masq.conf b/net-misc/oidentd/files/oidentd_masq.conf new file mode 100644 index 000000000000..6811288ff4cf --- /dev/null +++ b/net-misc/oidentd/files/oidentd_masq.conf @@ -0,0 +1,10 @@ +# oident masquarded connections configuration + +# use this file if your host is masquarading connections for several +# hosts and you want to return a reply based on the hostname of +# the originating machine +# add "-f" to OIDENT_OPTIONS in /etc/conf.d/oidentd if you want +# to forward ident requests to the real host + +# add hosts in the following format, see oidentd_masq.conf(5) for details: +# [/mask] diff --git a/net-misc/oidentd/metadata.xml b/net-misc/oidentd/metadata.xml new file mode 100644 index 000000000000..3be9f1f5f13d --- /dev/null +++ b/net-misc/oidentd/metadata.xml @@ -0,0 +1,18 @@ + + + + + Dessa@gmake.de + Robert Förster + + + proxy-maint@gentoo.org + Proxy Maintainers + + + Enable support for masqueraded/NAT connections + + + ojnk + + diff --git a/net-misc/oidentd/oidentd-2.0.8-r5.ebuild b/net-misc/oidentd/oidentd-2.0.8-r5.ebuild new file mode 100644 index 000000000000..1a328a04f7ab --- /dev/null +++ b/net-misc/oidentd/oidentd-2.0.8-r5.ebuild @@ -0,0 +1,53 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit eutils systemd + +DESCRIPTION="Another (RFC1413 compliant) ident daemon" +HOMEPAGE="http://ojnk.sourceforge.net/" +SRC_URI="mirror://sourceforge/ojnk/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ~s390 ~sh sparc x86 ~x86-fbsd" +IUSE="debug ipv6 masquerade" + +PATCHES=( + "${FILESDIR}/${P}-masquerading.patch" + "${FILESDIR}/${P}-bind-to-ipv6-too.patch" + "${FILESDIR}/${P}-gcc5.patch" +) + +src_prepare() { + epatch -p1 "${PATCHES[@]}" +} + +src_configure() { + econf \ + $(use_enable debug) \ + $(use_enable ipv6) \ + $(use_enable masquerade masq) \ + $(use_enable masquerade nat) +} + +src_install() { + default + + dodoc AUTHORS ChangeLog README TODO NEWS \ + "${FILESDIR}"/${PN}_masq.conf "${FILESDIR}"/${PN}.conf + + newinitd "${FILESDIR}"/${PN}-2.0.7-init ${PN} + newconfd "${FILESDIR}"/${PN}-2.0.7-confd ${PN} + + systemd_newunit "${FILESDIR}"/${PN}_at.service ${PN}@.service + systemd_dounit "${FILESDIR}"/${PN}.socket + systemd_dounit "${FILESDIR}"/${PN}.service +} + +pkg_postinst() { + echo + elog "Example configuration files are in /usr/share/doc/${PF}" + echo +} diff --git a/net-misc/oidentd/oidentd-2.0.8-r6.ebuild b/net-misc/oidentd/oidentd-2.0.8-r6.ebuild new file mode 100644 index 000000000000..5330a191234e --- /dev/null +++ b/net-misc/oidentd/oidentd-2.0.8-r6.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit linux-info systemd + +DESCRIPTION="Another (RFC1413 compliant) ident daemon" +HOMEPAGE="http://ojnk.sourceforge.net/" +SRC_URI="mirror://sourceforge/ojnk/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~s390 ~sh ~sparc ~x86 ~x86-fbsd" +IUSE="debug ipv6 masquerade selinux" + +DEPEND="" + +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-oident )" + +DOCS=( AUTHORS ChangeLog README TODO NEWS "${FILESDIR}"/${PN}_masq.conf "${FILESDIR}"/${PN}.conf ) + +PATCHES=( + "${FILESDIR}/${P}-masquerading.patch" + "${FILESDIR}/${P}-bind-to-ipv6-too.patch" + "${FILESDIR}/${P}-gcc5.patch" + "${FILESDIR}/${P}-log-conntrack-fails.patch" + "${FILESDIR}/${P}-no-conntrack-masquerading.patch" +) + +pkg_setup() { + local CONFIG_CHECK="~INET_TCP_DIAG" + + if use kernel_linux; then + linux-info_pkg_setup + fi +} + +src_configure() { + econf \ + $(use_enable debug) \ + $(use_enable ipv6) \ + $(use_enable masquerade masq) \ + $(use_enable masquerade nat) +} + +src_install() { + default + + newinitd "${FILESDIR}"/${PN}-2.0.7-init ${PN} + newconfd "${FILESDIR}"/${PN}-2.0.7-confd ${PN} + + systemd_newunit "${FILESDIR}"/${PN}_at.service ${PN}@.service + systemd_dounit "${FILESDIR}"/${PN}.socket + systemd_dounit "${FILESDIR}"/${PN}.service +} + +pkg_postinst() { + echo + elog "Example configuration files are in /usr/share/doc/${PF}" + echo +} -- cgit v1.2.3