From 3cf7c3ef441822c889356fd1812ebf2944a59851 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Tue, 25 Aug 2020 10:45:55 +0100 Subject: gentoo resync : 25.08.2020 --- net-vpn/Manifest.gz | Bin 6882 -> 6884 bytes net-vpn/networkmanager-openvpn/Manifest | 2 - .../networkmanager-openvpn-1.8.10-r2.ebuild | 58 ---- net-vpn/pptpd/Manifest | 4 +- net-vpn/pptpd/files/pptpd-1.4.0-libdir.patch | 24 ++ net-vpn/pptpd/files/pptpd-1.4.0-musl.patch | 16 ++ net-vpn/pptpd/pptpd-1.4.0-r2.ebuild | 79 ------ net-vpn/pptpd/pptpd-1.4.0-r3.ebuild | 81 ++++++ net-vpn/strongswan/Manifest | 6 +- net-vpn/strongswan/metadata.xml | 1 + net-vpn/strongswan/strongswan-5.8.4.ebuild | 2 +- net-vpn/strongswan/strongswan-5.9.0.ebuild | 308 +++++++++++++++++++++ net-vpn/tor/Manifest | 12 +- net-vpn/tor/tor-0.4.2.7.ebuild | 90 ------ net-vpn/tor/tor-0.4.2.8.ebuild | 90 ++++++ net-vpn/tor/tor-0.4.3.5.ebuild | 92 ------ net-vpn/tor/tor-0.4.3.6.ebuild | 92 ++++++ net-vpn/tor/tor-0.4.4.1_alpha.ebuild | 93 ------- net-vpn/tor/tor-0.4.4.4_rc.ebuild | 93 +++++++ net-vpn/vpncwatch/Manifest | 2 +- net-vpn/vpncwatch/metadata.xml | 4 +- net-vpn/wireguard-modules/Manifest | 5 +- .../wireguard-modules-1.0.20200623.ebuild | 100 ------- .../wireguard-modules-1.0.20200729-r1.ebuild | 100 +++++++ .../wireguard-modules-9999.ebuild | 100 ------- net-vpn/wireguard-tools/Manifest | 7 +- net-vpn/wireguard-tools/files/wg-quick.init | 38 +++ .../wireguard-tools-1.0.20200319.ebuild | 101 ------- .../wireguard-tools-1.0.20200513.ebuild | 63 +++-- .../wireguard-tools-1.0.20200820.ebuild | 116 ++++++++ 30 files changed, 1020 insertions(+), 759 deletions(-) delete mode 100644 net-vpn/networkmanager-openvpn/networkmanager-openvpn-1.8.10-r2.ebuild create mode 100644 net-vpn/pptpd/files/pptpd-1.4.0-libdir.patch create mode 100644 net-vpn/pptpd/files/pptpd-1.4.0-musl.patch delete mode 100644 net-vpn/pptpd/pptpd-1.4.0-r2.ebuild create mode 100644 net-vpn/pptpd/pptpd-1.4.0-r3.ebuild create mode 100644 net-vpn/strongswan/strongswan-5.9.0.ebuild delete mode 100644 net-vpn/tor/tor-0.4.2.7.ebuild create mode 100644 net-vpn/tor/tor-0.4.2.8.ebuild delete mode 100644 net-vpn/tor/tor-0.4.3.5.ebuild create mode 100644 net-vpn/tor/tor-0.4.3.6.ebuild delete mode 100644 net-vpn/tor/tor-0.4.4.1_alpha.ebuild create mode 100644 net-vpn/tor/tor-0.4.4.4_rc.ebuild delete mode 100644 net-vpn/wireguard-modules/wireguard-modules-1.0.20200623.ebuild create mode 100644 net-vpn/wireguard-modules/wireguard-modules-1.0.20200729-r1.ebuild delete mode 100644 net-vpn/wireguard-modules/wireguard-modules-9999.ebuild create mode 100644 net-vpn/wireguard-tools/files/wg-quick.init delete mode 100644 net-vpn/wireguard-tools/wireguard-tools-1.0.20200319.ebuild create mode 100644 net-vpn/wireguard-tools/wireguard-tools-1.0.20200820.ebuild (limited to 'net-vpn') diff --git a/net-vpn/Manifest.gz b/net-vpn/Manifest.gz index 92cba9280b58..57f2eb2b9657 100644 Binary files a/net-vpn/Manifest.gz and b/net-vpn/Manifest.gz differ diff --git a/net-vpn/networkmanager-openvpn/Manifest b/net-vpn/networkmanager-openvpn/Manifest index 4a4524b19d9d..2ce1ef00b064 100644 --- a/net-vpn/networkmanager-openvpn/Manifest +++ b/net-vpn/networkmanager-openvpn/Manifest @@ -1,5 +1,3 @@ -DIST NetworkManager-openvpn-1.8.10.tar.xz 564540 BLAKE2B e117395b91efbd0ee10bdefe0aaff8a39fdd1fe232dc1543224be7dfd9bb18729ad873091301e6348f8955f28579e106f5565c7138309571e06598aa35dc5bba SHA512 f710848fccf21ac4554a2b46e80cf890c011edc6d64d9a49d6d8669f3ff71f7990e11e6f4681bb85d30238ec05f2fc79c4619983f6860c6ab0d714f941a3dfcc DIST NetworkManager-openvpn-1.8.12.tar.xz 597216 BLAKE2B 55ccb3139b1be9d1894d3651d60ce0f2167a24efbb24a9870eb4bb683a91603ae5f5149ed9aca8307cf608140c075a7b19bdfef68b1dbfe0729c117f084bb904 SHA512 1b8adf926426f866f7509a07c24203d6b584627aba4f8e2b1b00fa897bf0d7155009d566c3440565d1ee0e938694dd8d6746f37f62d493864d16eae007590b22 -EBUILD networkmanager-openvpn-1.8.10-r2.ebuild 1302 BLAKE2B 451a9e8e1e8a1de6a943927529fe439b36fd7048115db948b7fe90698c4730470dc6a73735106c0b7c4b90e892b2ee07a1b993c0397ac1b620062c585a2f7558 SHA512 6f8f1aea4ff54490b07a2d72777d6a5eec0e36de17014703ed0000a4d516966a7f8b4ad8635c988aa9a4b18ae6c8c844b79a85a9fa76d19e9ce89c04c75ed284 EBUILD networkmanager-openvpn-1.8.12.ebuild 1302 BLAKE2B 451a9e8e1e8a1de6a943927529fe439b36fd7048115db948b7fe90698c4730470dc6a73735106c0b7c4b90e892b2ee07a1b993c0397ac1b620062c585a2f7558 SHA512 6f8f1aea4ff54490b07a2d72777d6a5eec0e36de17014703ed0000a4d516966a7f8b4ad8635c988aa9a4b18ae6c8c844b79a85a9fa76d19e9ce89c04c75ed284 MISC metadata.xml 253 BLAKE2B a1efbd3751efaa83ee173f557ec1c8a4497a90b60896cf5a7a07da40b4f94a7a299ca0385477e82b2f5e5dbdf9afa482ccbe21f35ef44214e9c451d764b65529 SHA512 8d59f413993268ca783f7407b676900bb2d964754bf705d4175e2bafbe058a52af74f3928e4bd84d292518f8cf13fab7051486ab7cdc61d02fae6e0188d44442 diff --git a/net-vpn/networkmanager-openvpn/networkmanager-openvpn-1.8.10-r2.ebuild b/net-vpn/networkmanager-openvpn/networkmanager-openvpn-1.8.10-r2.ebuild deleted file mode 100644 index 98147f688619..000000000000 --- a/net-vpn/networkmanager-openvpn/networkmanager-openvpn-1.8.10-r2.ebuild +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -GNOME_ORG_MODULE="NetworkManager-${PN##*-}" - -inherit gnome2 user - -DESCRIPTION="NetworkManager OpenVPN plugin" -HOMEPAGE="https://wiki.gnome.org/Projects/NetworkManager" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="amd64 ~arm x86" -IUSE="gtk test" -RESTRICT="!test? ( test )" - -RDEPEND=" - >=dev-libs/glib-2.32:2 - >=net-misc/networkmanager-1.7.0:= - >=net-vpn/openvpn-2.1 - gtk? ( - >=app-crypt/libsecret-0.18 - >=net-libs/libnma-1.7.0 - >=x11-libs/gtk+-3.4:3 - ) -" -DEPEND="${RDEPEND} - dev-libs/libxml2:2 - sys-devel/gettext - >=dev-util/intltool-0.35 - virtual/pkgconfig -" - -pkg_setup() { - enewgroup nm-openvpn - enewuser nm-openvpn -1 -1 -1 nm-openvpn -} - -src_prepare() { - # Test will fail if the machine doesn't have a particular locale installed - # FAIL: (tls-import-data) unexpected 'ca' secret value, upstream bug #742708 - sed '/test_non_utf8_import (plugin, test_dir)/ d' \ - -i properties/tests/test-import-export.c || die "sed failed" - - gnome2_src_prepare -} - -src_configure() { - # --localstatedir=/var needed per bug #536248 - gnome2_src_configure \ - --localstatedir=/var \ - --disable-more-warnings \ - --disable-static \ - --with-dist-version=Gentoo \ - $(use_with gtk gnome) \ - --without-libnm-glib -} diff --git a/net-vpn/pptpd/Manifest b/net-vpn/pptpd/Manifest index 4b6919d95516..5a9f1e167a68 100644 --- a/net-vpn/pptpd/Manifest +++ b/net-vpn/pptpd/Manifest @@ -1,8 +1,10 @@ AUX pptpd-1.4.0-gentoo.patch 2360 BLAKE2B ca5ac7babf0ee6752305659ca50ce4c7972c433007249ced3c99d4c04a3a9461c245151082fa545b642fd85b375f51ba622fc6137ce538a9ec54798a7b73b27a SHA512 ba89b3b9eacd19e7cf6173289e8cb5db2443b55b3ad86f053c58636ed4f65227c626678f052f2d0a3c4c22fe4e0487493d097cd9a5434101017b95605966fc5b +AUX pptpd-1.4.0-libdir.patch 1205 BLAKE2B 4b0d269b4de78346ffe577379824510dfb330e84606ff1b56abda08a4296935c947a0c61188475007c565cb5d5ba987beca61020e20a8cf050c82ff2f9335502 SHA512 927254c2527eada485d7d86940858835712d272fea818e17a6dd81878843b1a58dd6f1230fdc1b5e5ac0cd0fd726956d816655884ac7b8f6ee3c2e6b20e6beb4 +AUX pptpd-1.4.0-musl.patch 381 BLAKE2B b3094ada7db21fcf5e249512d0f3aabb4782562e82dcda1fedfc8d78f70f59a062751e2cc6c03789871cc8b2f79bece8b6f125a7849eefbfca566e0b083d3194 SHA512 ac48f18aea8ce89c55bb102705912391fa4d0f3da237261110dfc3ec04b7c461cd4676419bffeabc52afddb78c8f7a2494df6a60bbd507f306f01be592b9e2b3 AUX pptpd-1.4.0-pidfile.patch 1348 BLAKE2B 7b19d05f5a8b18069c05e110963cf032dc68c7558a970c00126162d7f7d71a702d4b64f40105a36b5da879b8a6bbd6b16785560ecb1b3214bd91aeac20f00378 SHA512 0d0e4df9cc1827345001ebfb88ec87bdce818792aa2243e92127643ffbf64a2c7d62cb5cd26930085d7533ae32135cbcc36da755adce3297bcad4abf764b3b6e AUX pptpd-1.4.0-sandbox-fix.patch 528 BLAKE2B 1b784cbf9eb1699a5c8e31a6ebb64035e9656a175b81ca4df778e9799b22fdb283c851d66e3ba0b9c056cf099011be049bd71d1b47d9839786538d1d436ac0f9 SHA512 7f80c66185207f4d14fd6163e41fed3acc7ffdeea91d3f62e000ab1fcbe6abd8f3bb6a1ea927a9fa29ef1b38b2c0ffe364625e155474c4145126de674cd7f2bb AUX pptpd-confd 131 BLAKE2B b1cf43035bb96859e3f69ad2ba8d161fd5e7c98370f407767a74ec9e87fd3187ec127155171bebf3e0655d076d2edb640993ec4445672abb40a9d87fb5a6b008 SHA512 59f118715cf6c36442687a58f46a54519fb5125383e85c4fa352a4c97f8a4e19f46c9715330550755eb9691e8174b70cdfab48fbd14c2707364e8083d6baa488 AUX pptpd-init-r2 325 BLAKE2B 492d4a17910fd45475337376570e23b2193f0b5471e82a575465eb139a9cf0f9296388962e3dc2584784a4be6aac17edf4da67410ca422498a2f3c39c9baba43 SHA512 5eb0839310b6897aeb5ef067f3bbccc3f302f9d5375fea9c2cf405a6e823560a776a96fa0189b4c9adf1744651a35a41d4fcafc3f9e1ebf5ddeb5d88bece9678 DIST pptpd-1.4.0.tar.gz 252167 BLAKE2B c7fa9397c0a1b7c1ae5f22f9d7f85ba1bb60966984506f7b7c7b4f5dce69efa717f41e8d9a717e4c6f482d2d3e4052611709e0b825a2fcc63fabf19a53a550f0 SHA512 cfb4caef3025c0721e7fabf8b7bf595739f2d3048555b30616cdadc37e70ba9e1c50561c25091dd617b5448da2816aeaf83aea0fc2ef6b0dd5e3fe35d9591484 -EBUILD pptpd-1.4.0-r2.ebuild 1932 BLAKE2B a1c098d914e159bfdde32613494d548039d7650e225851b7c5d534bf0d89b963ba19dd934d3632dd27d6a493da234cd7910876e81c50d4630c208a6e808fe8d7 SHA512 59df94fe86dcac6da782a134ae3af54958fbbd6887bdfddeae3b4982f9fc6e754635343128c221823550ab1c6e777f3305e07a2e8bcf38f2927cab193bc64ba3 +EBUILD pptpd-1.4.0-r3.ebuild 1996 BLAKE2B 0066992c4d1bb8510806f62ce6031ed2625a80c9bb99474c2df2d7a764b1ca36e2fcf6c425617e7bbb138893a154ed794bd50de6c9365e3c7cc2c934d68a8bd3 SHA512 3eb884e8eb2d524967efc1b98c9718dd880c5aed69b49ebf7a0ddb0a569509a800111129c4efadc26c756a0a35697aeaa855f1fe9f26d6a64cc42ef20e426a90 MISC metadata.xml 468 BLAKE2B e988e5026cb8d530a6930e69359587600af78e252ac37a2a7088d43f92c2241c8e3e67a33d79c5213747cf88d1264045ec4c7783a2929a732571b89c9c40f97e SHA512 bc1558cbea7a1a7157bb339f1285e141607182f21c53fa5f7da35a9ce43c12d508650f9f75058a2e1514ae67f3fe60ee77d8e99463b18e4bd108d3e8c9b6d4d5 diff --git a/net-vpn/pptpd/files/pptpd-1.4.0-libdir.patch b/net-vpn/pptpd/files/pptpd-1.4.0-libdir.patch new file mode 100644 index 000000000000..898c3aea89dc --- /dev/null +++ b/net-vpn/pptpd/files/pptpd-1.4.0-libdir.patch @@ -0,0 +1,24 @@ +diff -r -U 3 pptpd-1.4.0.orig/Makefile.am pptpd-1.4.0/Makefile.am +--- pptpd-1.4.0.orig/Makefile.am 2020-06-29 00:24:23.301857353 +0300 ++++ pptpd-1.4.0/Makefile.am 2020-06-29 00:25:16.072686760 +0300 +@@ -11,7 +11,7 @@ + ## warning with -Wmissing-prototypes). + ## -Wmissing-prototypes removed (eg, Linux 2.2.6 headers + ## aren't up to it). +-CFLAGS += -fno-builtin -Wall -DSBINDIR='"$(sbindir)"' ++CFLAGS += -fno-builtin -Wall -DSBINDIR='"$(sbindir)"' -DLIBDIR='"$(libdir)"' + #CFLAGS = -O2 -fno-builtin -Wall -ansi -DSBINDIR='"$(sbindir)"' + #CFLAGS = -O2 -fno-builtin -Wall -ansi -pedantic -Wmissing-prototypes -Werror -DSBINDIR='"$(sbindir)"' + +diff -r -U 3 pptpd-1.4.0.orig/pptpctrl.c pptpd-1.4.0/pptpctrl.c +--- pptpd-1.4.0.orig/pptpctrl.c 2013-10-23 08:53:19.000000000 +0400 ++++ pptpd-1.4.0/pptpctrl.c 2020-06-29 00:25:23.356525131 +0300 +@@ -786,7 +786,7 @@ + + if (pptp_logwtmp) { + pppd_argv[an++] = "plugin"; +- pppd_argv[an++] = "/usr/lib/pptpd/pptpd-logwtmp.so"; ++ pppd_argv[an++] = LIBDIR "/pptpd/pptpd-logwtmp.so"; + pppd_argv[an++] = "pptpd-original-ip"; + pppd_argv[an++] = inet_ntoa(inetaddrs[1]); + } diff --git a/net-vpn/pptpd/files/pptpd-1.4.0-musl.patch b/net-vpn/pptpd/files/pptpd-1.4.0-musl.patch new file mode 100644 index 000000000000..998a07acf7e9 --- /dev/null +++ b/net-vpn/pptpd/files/pptpd-1.4.0-musl.patch @@ -0,0 +1,16 @@ +Modified patch from Alpine Linux +https://git.alpinelinux.org/aports/plain/main/pptpd/fix_MSG_TRYHARD.patch + +--- a/bcrelay.c ++++ b/bcrelay.c +@@ -103,6 +103,10 @@ + #include "our_syslog.h" + #include "our_getopt.h" + ++#ifndef MSG_TRYHARD ++ #define MSG_TRYHARD MSG_DONTROUTE ++#endif ++ + //#define VERSION "1.0" + + /* uncomment if you compile this without poptop's configure script */ diff --git a/net-vpn/pptpd/pptpd-1.4.0-r2.ebuild b/net-vpn/pptpd/pptpd-1.4.0-r2.ebuild deleted file mode 100644 index 81d148bcf80d..000000000000 --- a/net-vpn/pptpd/pptpd-1.4.0-r2.ebuild +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit autotools eutils flag-o-matic toolchain-funcs - -DESCRIPTION="Linux Point-to-Point Tunnelling Protocol Server" -HOMEPAGE="http://poptop.sourceforge.net/" -SRC_URI="mirror://sourceforge/poptop/${P}.tar.gz" - -SLOT="0" -LICENSE="GPL-2" -KEYWORDS="amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc x86" -IUSE="gre-extreme-debug tcpd" - -DEPEND="net-dialup/ppp:= - tcpd? ( sys-apps/tcp-wrappers )" -RDEPEND="${DEPEND}" - -DOCS=( AUTHORS ChangeLog NEWS README TODO ) - -PATCHES=( - "${FILESDIR}/${P}-gentoo.patch" - "${FILESDIR}/${P}-sandbox-fix.patch" - "${FILESDIR}/${P}-pidfile.patch" -) - -src_prepare() { - # Match pptpd-logwtmp.so's version with pppd's version (#89895) - local PPPD_VER=`best_version net-dialup/ppp` - PPPD_VER=${PPPD_VER#*/*-} #reduce it to ${PV}-${PR} - PPPD_VER=${PPPD_VER%%[_-]*} # main version without beta/pre/patch/revision - sed -i -e "s:\\(#define[ \\t]*VERSION[ \\t]*\\)\".*\":\\1\"${PPPD_VER}\":" plugins/patchlevel.h || die - - # configure.in is actually configure.ac - mv configure.in configure.ac || die - - # Automake 1.13 compatibility, bug #469476 - sed -i -e 's/AM_CONFIG_HEADER/AC_CONFIG_HEADER/' configure.ac || die 'sed on configure.ac failed' - - # remove 'missing' script to prevent warnings - rm missing || die 'remove missing script failed' - - # respect compiler, bug #461722 - tc-export CC - - # Call to default src_prepare to apply patches - default - - eautoreconf -} - -src_configure() { - use gre-extreme-debug && append-cppflags "-DLOG_DEBUG_GRE_ACCEPTING_PACKET" - econf \ - --enable-bcrelay \ - $(use tcpd && echo "--with-libwrap") -} - -src_compile() { - emake COPTS="${CFLAGS}" -} - -src_install() { - default - - insinto /etc - doins samples/pptpd.conf - - insinto /etc/ppp - doins samples/options.pptpd - - newinitd "${FILESDIR}/pptpd-init-r2" pptpd - newconfd "${FILESDIR}/pptpd-confd" pptpd - - dodoc README.* - dodoc -r samples -} diff --git a/net-vpn/pptpd/pptpd-1.4.0-r3.ebuild b/net-vpn/pptpd/pptpd-1.4.0-r3.ebuild new file mode 100644 index 000000000000..d22507a50d47 --- /dev/null +++ b/net-vpn/pptpd/pptpd-1.4.0-r3.ebuild @@ -0,0 +1,81 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools eutils flag-o-matic toolchain-funcs + +DESCRIPTION="Linux Point-to-Point Tunnelling Protocol Server" +HOMEPAGE="http://poptop.sourceforge.net/" +SRC_URI="mirror://sourceforge/poptop/${P}.tar.gz" + +SLOT="0" +LICENSE="GPL-2" +KEYWORDS="amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc x86" +IUSE="gre-extreme-debug tcpd" + +DEPEND="net-dialup/ppp:= + tcpd? ( sys-apps/tcp-wrappers )" +RDEPEND="${DEPEND}" + +DOCS=( AUTHORS ChangeLog NEWS README TODO ) + +PATCHES=( + "${FILESDIR}/${P}-gentoo.patch" + "${FILESDIR}/${P}-sandbox-fix.patch" + "${FILESDIR}/${P}-pidfile.patch" + "${FILESDIR}/${P}-libdir.patch" + "${FILESDIR}/${P}-musl.patch" +) + +src_prepare() { + # Match pptpd-logwtmp.so's version with pppd's version (#89895) + local PPPD_VER=`best_version net-dialup/ppp` + PPPD_VER=${PPPD_VER#*/*-} #reduce it to ${PV}-${PR} + PPPD_VER=${PPPD_VER%%[_-]*} # main version without beta/pre/patch/revision + sed -i -e "s:\\(#define[ \\t]*VERSION[ \\t]*\\)\".*\":\\1\"${PPPD_VER}\":" plugins/patchlevel.h || die + + # configure.in is actually configure.ac + mv configure.in configure.ac || die + + # Automake 1.13 compatibility, bug #469476 + sed -i -e 's/AM_CONFIG_HEADER/AC_CONFIG_HEADER/' configure.ac || die 'sed on configure.ac failed' + + # remove 'missing' script to prevent warnings + rm missing || die 'remove missing script failed' + + # respect compiler, bug #461722 + tc-export CC + + # Call to default src_prepare to apply patches + default + + eautoreconf +} + +src_configure() { + use gre-extreme-debug && append-cppflags "-DLOG_DEBUG_GRE_ACCEPTING_PACKET" + econf \ + --enable-bcrelay \ + $(use tcpd && echo "--with-libwrap") +} + +src_compile() { + emake COPTS="${CFLAGS}" +} + +src_install() { + default + + insinto /etc + doins samples/pptpd.conf + + insinto /etc/ppp + doins samples/options.pptpd + + newinitd "${FILESDIR}/pptpd-init-r2" pptpd + newconfd "${FILESDIR}/pptpd-confd" pptpd + + dodoc README.* + dodoc -r samples +} diff --git a/net-vpn/strongswan/Manifest b/net-vpn/strongswan/Manifest index 5edd695fa9e3..f00eb5f906c8 100644 --- a/net-vpn/strongswan/Manifest +++ b/net-vpn/strongswan/Manifest @@ -3,7 +3,9 @@ AUX strongswan-5.8.2-gcc-10.patch 1276 BLAKE2B 217fdbc9f858ce01ca13ccc3572d3ea7e DIST strongswan-5.8.1.tar.bz2 4517921 BLAKE2B 07a82309515a054b267a063fc0e2f49fd03d16b221b1ee26a33c8d367df140797320e1ef7007a39074e40c472022d941656b3ae93d2eb860152cdc5a5d3dbc8a SHA512 630d24643b3d61e931bb25cdd083ad3c55f92fe41f3fcd3198012eee486fb3b1a16dc3f80936162afb7da9e471d45d92b7d183a00153a558babb2a79e5f6813f DIST strongswan-5.8.2.tar.bz2 4533402 BLAKE2B edbfa8dbe1ac00c140cfe9e906ac7aa1b6f3ddfd528dec84e7b1799e5ecdd0f6114679168ebcff9185c8abae78b46dfc43ddc4dabecd44f720285bd175d7a249 SHA512 423e7924acfe8a03ad7d4359ae9086fd516798fcf5eb948a27b52ea719f4d8954b83ea30ce94191ea1647616611df8a1215cb4d5c7ec48676624df6c41853e1d DIST strongswan-5.8.4.tar.bz2 4546240 BLAKE2B f58f53a17c02924a3ad75bfadd5956f62098c41468ec5fe8d51bf0f0465c8936d8ca846a41a0b6ff6ac24ccd2229e726d3ea2b48904abf5743bbe766e5f5f81c SHA512 15e866b0d6cc4ea94f17856b519d926ae08c15d3b62f675f62685d0722ca8fa26b46afb1ad1c866e9d5f347d77a747f57d0c6d7f6bd57762f37d7798f9e28103 +DIST strongswan-5.9.0.tar.bz2 4568404 BLAKE2B daf5cce5cbe12253f9ad201d89323ab7d54ba7ff466685b84830737689e4d417fbb97d053d8c9f3de5acb6dee9a192ebae48ec0d4aa07ba3c8969ee6d8f06ab3 SHA512 b982ce7c3e940ad75ab71b02ce3e2813b41c6b098cde5b6f3f3513d095f409fe989ae6e38a31eff51c57423bf452c3610cd5cd8cd7f45ff932581d9859df1821 EBUILD strongswan-5.8.1.ebuild 9507 BLAKE2B 3912bd097b1c8f7d5b5aed00ff9396b2863ae3165f9f656e4dd6f0793f9b02d321115f23ad3c21558d6b2be13ebd6f14d28513209a703c61870b528cde566ec3 SHA512 17b8df9b5eab7c26425208e3d14d1b2596f3373d88314337cc2d397da574665d94bdca61a35ed6a143e5bc807f4b5514f7066841802a328b18f693c28e434fb9 EBUILD strongswan-5.8.2.ebuild 9554 BLAKE2B 973ba926d32ac8d506925b2cabc0bc131571a4dd49627420bf0b8a528fedad36e2d734db07d66a5e0a24cf01a262398988b1854ad56c494e803622a66be16cb7 SHA512 f1b8267dfd94967a10d159a04c8aa9e1f558be69c30d6f6ce851845b25f6e87e0f788b079409ac2efdad1311b8d4ae7472ef6a9bb09a7fe1fe66a6ef4e16ad52 -EBUILD strongswan-5.8.4.ebuild 9511 BLAKE2B c512f2d683468f13ba7393c20ab1917c1cab56fb3389382bdec3571f0f30282accdd72182f626afd8e3203cbb404f336fa0c4e1b297d4c5a22a465155dd01fe5 SHA512 659a2196f090442a7cb721efc462210e530c089b8f9af319dbad718b3ed60d401e92c0201bddeaafe63dd12bd958e23dcb391198f3ca8e390a9a3d91a45448a5 -MISC metadata.xml 4135 BLAKE2B 13739675c455765d7ce73df9744779636d36d3f93eee4567c931fb40e528e56d34912e26a82bd35e377fbd34613c0b7044841ff6c2dc26694187d0de355f8b86 SHA512 e09ef1afdf5002dab542312753cbce56e830b906aa5c5ac8fd5c7b57cbaf021eb0c466241cf810f446693b8dedd90f185f3e2c7a53a0b9a43e14913dcdd83b23 +EBUILD strongswan-5.8.4.ebuild 9515 BLAKE2B 9da89d7dffb55664c94178d028df11c60cef92ae98e95b15bfebced135eedebdc66ebdeec81a2df9b24368b229019d9bb300c4e1b5e757290566ee0316665bdb SHA512 4daf56011ff35db845d07ea6326f5243fadb821db8c97e06bca56189a188897a756657c4fc11ba324dedb63b74e0ad723316571173565ee9f43ef2595879f6af +EBUILD strongswan-5.9.0.ebuild 9531 BLAKE2B 8b354f5e452e4a88bb55161b72a7df14b4c48568b94968b3ff01a18d65003ef899a51ed404efa7bd10df18d6653ca156ecd796a4b22aaa7987355fd5002e9cab SHA512 0e6325bd0a83b114f6b45638af1fe7a13c0d824bd353ef72767783861c80af3d7c1ea6dab2959113b881bbd8cc1fd007e13db05037dcf364181be4796643a071 +MISC metadata.xml 4228 BLAKE2B 113700b03d706f7ca76cfb67c45dbd5a703f6c45aca08784f7665807c30d5539a9f60d42beb96b72618bbf3587238a3fa7f5a21c8c34550e8bd7f30f72e84cbb SHA512 86c2718a8db2da6f00f9c15bb3b0c7f72af5d6f86e977aae46a3f6a4bbd861e4d30dba15459cfa21fbb484a5818fc32183bd935acce29f30accdcca8b7ae31c9 diff --git a/net-vpn/strongswan/metadata.xml b/net-vpn/strongswan/metadata.xml index 7b8971742241..8cb9dd1387bc 100644 --- a/net-vpn/strongswan/metadata.xml +++ b/net-vpn/strongswan/metadata.xml @@ -23,6 +23,7 @@ Enable dev-libs/openssl plugin which is required for Elliptic Curve Cryptography (DH groups 19-21,25,26) and ECDSA. Also provides 3DES, AES, Blowfish, Camellia, CAST, DES, IDEA and RC5 ciphers along with MD2, MD4, MD5 and SHA1/2 hash algorithms, RSA and DH groups 1,2,5,14-18 and 22-24(4.4+) dev-libs/openssl has to be compiled with USE="-bindist". Enable pkcs11 support Enable support for Intel AES-NI crypto plugin + Enable support for the bypass-lan plugin Enable ChaCha20/Poly1305 AEAD implementation and ChaCha20 XOF plugin Enable multicast and broadcast forwarding plugin Enable support for the led plugin diff --git a/net-vpn/strongswan/strongswan-5.8.4.ebuild b/net-vpn/strongswan/strongswan-5.8.4.ebuild index aa83509c3d2d..201d9f38df77 100644 --- a/net-vpn/strongswan/strongswan-5.8.4.ebuild +++ b/net-vpn/strongswan/strongswan-5.8.4.ebuild @@ -10,7 +10,7 @@ SRC_URI="https://download.strongswan.org/${P}.tar.bz2" LICENSE="GPL-2 RSA DES" SLOT="0" -KEYWORDS="~amd64 ~arm ~ppc ~ppc64 ~x86" +KEYWORDS="amd64 arm ~arm64 ~ppc ~ppc64 x86" IUSE="+caps curl +constraints debug dhcp eap farp gcrypt +gmp ldap mysql networkmanager +non-root +openssl selinux sqlite systemd pam pkcs11" STRONGSWAN_PLUGINS_STD="led lookip systime-fix unity vici" diff --git a/net-vpn/strongswan/strongswan-5.9.0.ebuild b/net-vpn/strongswan/strongswan-5.9.0.ebuild new file mode 100644 index 000000000000..f38e8cb03334 --- /dev/null +++ b/net-vpn/strongswan/strongswan-5.9.0.ebuild @@ -0,0 +1,308 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" +inherit linux-info systemd user + +DESCRIPTION="IPsec-based VPN solution, supporting IKEv1/IKEv2 and MOBIKE" +HOMEPAGE="https://www.strongswan.org/" +SRC_URI="https://download.strongswan.org/${P}.tar.bz2" + +LICENSE="GPL-2 RSA DES" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86" +IUSE="+caps curl +constraints debug dhcp eap farp gcrypt +gmp ldap mysql networkmanager +non-root +openssl selinux sqlite systemd pam pkcs11" + +STRONGSWAN_PLUGINS_STD="led lookip systime-fix unity vici" +STRONGSWAN_PLUGINS_OPT="aesni blowfish bypass-lan ccm chapoly ctr forecast gcm ha ipseckey newhope ntru padlock rdrand save-keys unbound whitelist" +for mod in $STRONGSWAN_PLUGINS_STD; do + IUSE="${IUSE} +strongswan_plugins_${mod}" +done + +for mod in $STRONGSWAN_PLUGINS_OPT; do + IUSE="${IUSE} strongswan_plugins_${mod}" +done + +COMMON_DEPEND="!net-misc/openswan + gmp? ( >=dev-libs/gmp-4.1.5:= ) + gcrypt? ( dev-libs/libgcrypt:0 ) + caps? ( sys-libs/libcap ) + curl? ( net-misc/curl ) + ldap? ( net-nds/openldap ) + openssl? ( >=dev-libs/openssl-0.9.8:=[-bindist] ) + mysql? ( dev-db/mysql-connector-c:= ) + sqlite? ( >=dev-db/sqlite-3.3.1 ) + systemd? ( sys-apps/systemd ) + networkmanager? ( net-misc/networkmanager ) + pam? ( sys-libs/pam ) + strongswan_plugins_unbound? ( net-dns/unbound:= net-libs/ldns )" +DEPEND="${COMMON_DEPEND} + virtual/linux-sources + sys-kernel/linux-headers" +RDEPEND="${COMMON_DEPEND} + virtual/logger + sys-apps/iproute2 + !net-vpn/libreswan + selinux? ( sec-policy/selinux-ipsec )" + +UGID="ipsec" + +pkg_setup() { + linux-info_pkg_setup + + elog "Linux kernel version: ${KV_FULL}" + + if ! kernel_is -ge 2 6 16; then + eerror + eerror "This ebuild currently only supports ${PN} with the" + eerror "native Linux 2.6 IPsec stack on kernels >= 2.6.16." + eerror + fi + + if kernel_is -lt 2 6 34; then + ewarn + ewarn "IMPORTANT KERNEL NOTES: Please read carefully..." + ewarn + + if kernel_is -lt 2 6 29; then + ewarn "[ < 2.6.29 ] Due to a missing kernel feature, you have to" + ewarn "include all required IPv6 modules even if you just intend" + ewarn "to run on IPv4 only." + ewarn + ewarn "This has been fixed with kernels >= 2.6.29." + ewarn + fi + + if kernel_is -lt 2 6 33; then + ewarn "[ < 2.6.33 ] Kernels prior to 2.6.33 include a non-standards" + ewarn "compliant implementation for SHA-2 HMAC support in ESP and" + ewarn "miss SHA384 and SHA512 HMAC support altogether." + ewarn + ewarn "If you need any of those features, please use kernel >= 2.6.33." + ewarn + fi + + if kernel_is -lt 2 6 34; then + ewarn "[ < 2.6.34 ] Support for the AES-GMAC authentification-only" + ewarn "ESP cipher is only included in kernels >= 2.6.34." + ewarn + ewarn "If you need it, please use kernel >= 2.6.34." + ewarn + fi + fi + + if use non-root; then + enewgroup ${UGID} + enewuser ${UGID} -1 -1 -1 ${UGID} + fi +} + +src_configure() { + local myconf="" + + if use non-root; then + myconf="${myconf} --with-user=${UGID} --with-group=${UGID}" + fi + + # If a user has already enabled db support, those plugins will + # most likely be desired as well. Besides they don't impose new + # dependencies and come at no cost (except for space). + if use mysql || use sqlite; then + myconf="${myconf} --enable-attr-sql --enable-sql" + fi + + # strongSwan builds and installs static libs by default which are + # useless to the user (and to strongSwan for that matter) because no + # header files or alike get installed... so disabling them is safe. + if use pam && use eap; then + myconf="${myconf} --enable-eap-gtc" + else + myconf="${myconf} --disable-eap-gtc" + fi + + for mod in $STRONGSWAN_PLUGINS_STD; do + if use strongswan_plugins_${mod}; then + myconf+=" --enable-${mod}" + fi + done + + for mod in $STRONGSWAN_PLUGINS_OPT; do + if use strongswan_plugins_${mod}; then + myconf+=" --enable-${mod}" + fi + done + + econf \ + --disable-static \ + --enable-ikev1 \ + --enable-ikev2 \ + --enable-swanctl \ + --enable-socket-dynamic \ + $(use_enable curl) \ + $(use_enable constraints) \ + $(use_enable ldap) \ + $(use_enable debug leak-detective) \ + $(use_enable dhcp) \ + $(use_enable eap eap-sim) \ + $(use_enable eap eap-sim-file) \ + $(use_enable eap eap-simaka-sql) \ + $(use_enable eap eap-simaka-pseudonym) \ + $(use_enable eap eap-simaka-reauth) \ + $(use_enable eap eap-identity) \ + $(use_enable eap eap-md5) \ + $(use_enable eap eap-aka) \ + $(use_enable eap eap-aka-3gpp2) \ + $(use_enable eap md4) \ + $(use_enable eap eap-mschapv2) \ + $(use_enable eap eap-radius) \ + $(use_enable eap eap-tls) \ + $(use_enable eap eap-ttls) \ + $(use_enable eap xauth-eap) \ + $(use_enable eap eap-dynamic) \ + $(use_enable farp) \ + $(use_enable gmp) \ + $(use_enable gcrypt) \ + $(use_enable mysql) \ + $(use_enable networkmanager nm) \ + $(use_enable openssl) \ + $(use_enable pam xauth-pam) \ + $(use_enable pkcs11) \ + $(use_enable sqlite) \ + $(use_enable systemd) \ + $(use_with caps capabilities libcap) \ + --with-piddir=/run \ + --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \ + ${myconf} +} + +src_install() { + emake DESTDIR="${D}" install + + if ! use systemd; then + rm -rf "${ED}"/lib/systemd || die + fi + + doinitd "${FILESDIR}"/ipsec + + local dir_ugid + if use non-root; then + fowners ${UGID}:${UGID} \ + /etc/ipsec.conf \ + /etc/strongswan.conf + + dir_ugid="${UGID}" + else + dir_ugid="root" + fi + + diropts -m 0750 -o ${dir_ugid} -g ${dir_ugid} + dodir /etc/ipsec.d \ + /etc/ipsec.d/aacerts \ + /etc/ipsec.d/acerts \ + /etc/ipsec.d/cacerts \ + /etc/ipsec.d/certs \ + /etc/ipsec.d/crls \ + /etc/ipsec.d/ocspcerts \ + /etc/ipsec.d/private \ + /etc/ipsec.d/reqs + + dodoc NEWS README TODO + + # shared libs are used only internally and there are no static libs, + # so it's safe to get rid of the .la files + find "${D}" -name '*.la' -delete || die "Failed to remove .la files." +} + +pkg_preinst() { + has_version " - - jlec@gentoo.org - + downloads/dcantrell diff --git a/net-vpn/wireguard-modules/Manifest b/net-vpn/wireguard-modules/Manifest index fc6fcfab7c52..ff60619fa439 100644 --- a/net-vpn/wireguard-modules/Manifest +++ b/net-vpn/wireguard-modules/Manifest @@ -1,4 +1,3 @@ -DIST wireguard-linux-compat-1.0.20200623.tar.xz 263156 BLAKE2B 2a45dea6d3a02f91f45ab4fcbbf5da4b24532afc3f775b2731e0360e949d8c689b4fd9e7351c337158bfcd33b09f6e94715b07532a3ebe9eaf40a3e4fff7142f SHA512 447a88d849cf81d83412adbe5aabf5ad44f878b7f64de56672d39b656a9c8053059ea71e5a965c55bacd33651bef2d9d677caf0586b0c7ee7807c69098e1942d -EBUILD wireguard-modules-1.0.20200623.ebuild 3442 BLAKE2B 81c97ff68c71ce60d343266035852d2128246a3aa1c4ca95d0847904c021c5e4a7bb652d8c531e50be1dcc430fa34e54682462595101fded003af71e97e037e6 SHA512 1979d83d24156acf594edfc23c76e8e30e9a21ef9cd3fd45a06462ba20a30a9c90618852a611793af53424a52e0486a93d9198e18f89b7c57f9e8e06b434c9d5 -EBUILD wireguard-modules-9999.ebuild 3442 BLAKE2B 81c97ff68c71ce60d343266035852d2128246a3aa1c4ca95d0847904c021c5e4a7bb652d8c531e50be1dcc430fa34e54682462595101fded003af71e97e037e6 SHA512 1979d83d24156acf594edfc23c76e8e30e9a21ef9cd3fd45a06462ba20a30a9c90618852a611793af53424a52e0486a93d9198e18f89b7c57f9e8e06b434c9d5 +DIST wireguard-linux-compat-1.0.20200729.tar.xz 262464 BLAKE2B 2ab0ccd173889941e65f588564a5815df5b47c08c1f5dfdeb8b0c4f1ec3a91ee4664d96fac390c1a30cf5067b9dd9c3b17c43dc459bdcd9f317348e1aa098d76 SHA512 8eb06eb7e56340e9088f53d887716777cf07cd4b3330cc41243ae7d6d63ed469d2710b84fd1a3fca0118dfb8c8c77377ba4ec4de3ffe1e7d0541ec25115525c5 +EBUILD wireguard-modules-1.0.20200729-r1.ebuild 3486 BLAKE2B 2a201c656281cd4a83df1129776c0ec17800683c0f844373cbd05fe2153fff4f9d91e4464d532951294ff7ef1ef52cd6de3802a74aa0fe6c34ffe6a585913e5f SHA512 aafd74e5c34c5f92dea25f45d8a5220cf8a620c5b30b1360e622f3c1e3e4dd9de793a1413a868a4cc4547f68eade0a373a6e47f15636f37237097125c69eddb2 MISC metadata.xml 661 BLAKE2B bb9a48b3a4f3162f8ccec522734cbc8ffdc7a92868cc7dc32adc1f7ef89f7b2eab1df573bed421d4b76204f9f38ad4fee45f9db4b41c7dc3b86d9d9bb3120a8f SHA512 e9daa3bb8fa72cc60373a3187610231cf396bc5014f33412b65d069ffd02caa659c426819aa76d46a0dd15e8cb579325b46df5296a3b2136d020ec378e5f98a5 diff --git a/net-vpn/wireguard-modules/wireguard-modules-1.0.20200623.ebuild b/net-vpn/wireguard-modules/wireguard-modules-1.0.20200623.ebuild deleted file mode 100644 index 16df945c1ab1..000000000000 --- a/net-vpn/wireguard-modules/wireguard-modules-1.0.20200623.ebuild +++ /dev/null @@ -1,100 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -MODULES_OPTIONAL_USE="module" -inherit linux-mod bash-completion-r1 - -DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography." -HOMEPAGE="https://www.wireguard.com/" - -if [[ ${PV} == 9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://git.zx2c4.com/wireguard-linux-compat" - KEYWORDS="" -else - SRC_URI="https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-${PV}.tar.xz" - S="${WORKDIR}/wireguard-linux-compat-${PV}" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" -fi - -LICENSE="GPL-2" -SLOT="0" -IUSE="debug +module module-src" - -DEPEND="" -RDEPEND="${DEPEND} != 5.6, and do not use this package." - elif kernel_is -lt 3 10 0; then - die "This version of ${PN} requires Linux >= 3.10." - fi - fi -} - -src_compile() { - BUILD_PARAMS="KERNELDIR=${KV_OUT_DIR}" - use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}" - use module && linux-mod_src_compile -} - -src_install() { - use module && linux-mod_src_install - use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install -} - -pkg_postinst() { - if use module-src && ! use module; then - einfo - einfo "You have enabled the module-src USE flag without the module USE" - einfo "flag. This means that sources are installed to" - einfo "${ROOT}/usr/src/wireguard instead of having the" - einfo "kernel module compiled. You will need to compile the module" - einfo "yourself. Most likely, you don't want this USE flag, and should" - einfo "rather use USE=module" - einfo - fi - - if use module; then - linux-mod_pkg_postinst - local old new - if [[ $(uname -r) != "${KV_FULL}" ]]; then - ewarn - ewarn "You have just built WireGuard for kernel ${KV_FULL}, yet the currently running" - ewarn "kernel is $(uname -r). If you intend to use this WireGuard module on the currently" - ewarn "running machine, you will first need to reboot it into the kernel ${KV_FULL}, for" - ewarn "which this module was built." - ewarn - elif [[ -f /sys/module/wireguard/version ]] && \ - old="$(< /sys/module/wireguard/version)" && \ - new="$(modinfo -F version "${ROOT}/lib/modules/${KV_FULL}/net/wireguard.ko" 2>/dev/null)" && \ - [[ $old != "$new" ]]; then - ewarn - ewarn "You appear to have just upgraded WireGuard from version v$old to v$new." - ewarn "However, the old version is still running on your system. In order to use the" - ewarn "new version, you will need to remove the old module and load the new one. As" - ewarn "root, you can accomplish this with the following commands:" - ewarn - ewarn " # rmmod wireguard" - ewarn " # modprobe wireguard" - ewarn - ewarn "Do note that doing this will remove current WireGuard interfaces, so you may want" - ewarn "to gracefully remove them yourself prior." - ewarn - fi - fi -} diff --git a/net-vpn/wireguard-modules/wireguard-modules-1.0.20200729-r1.ebuild b/net-vpn/wireguard-modules/wireguard-modules-1.0.20200729-r1.ebuild new file mode 100644 index 000000000000..198636c9d9a4 --- /dev/null +++ b/net-vpn/wireguard-modules/wireguard-modules-1.0.20200729-r1.ebuild @@ -0,0 +1,100 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +MODULES_OPTIONAL_USE="module" +inherit linux-mod bash-completion-r1 + +DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography." +HOMEPAGE="https://www.wireguard.com/" + +if [[ ${PV} == 9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://git.zx2c4.com/wireguard-linux-compat" + KEYWORDS="" +else + SRC_URI="https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-${PV}.tar.xz" + S="${WORKDIR}/wireguard-linux-compat-${PV}" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" +fi + +LICENSE="GPL-2" +SLOT="0" +IUSE="debug +module module-src" + +DEPEND="" +RDEPEND="${DEPEND}" + +MODULE_NAMES="wireguard(kernel/drivers/net:src)" +BUILD_TARGETS="module" +CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_ALGAPI" + +pkg_setup() { + if use module; then + linux-mod_pkg_setup + if [[ -f $KERNEL_DIR/include/uapi/linux/wireguard.h ]]; then + eerror + eerror "WireGuard has been merged upstream into this kernel. Therefore," + eerror "you no longer need this compatibility ebuild. Instead, simply" + eerror "enable CONFIG_WIREGUARD=y in your kernel configuration." + eerror + die "Use CONFIG_WIREGUARD=y for this kernel, and do not use this package." + elif kernel_is -lt 3 10 0 || kernel_is -ge 5 6 0; then + die "This version of ${PN} requires Linux >= 3.10 and < 5.6." + fi + fi +} + +src_compile() { + BUILD_PARAMS="KERNELDIR=${KV_OUT_DIR}" + use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}" + use module && linux-mod_src_compile +} + +src_install() { + use module && linux-mod_src_install + use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install +} + +pkg_postinst() { + if use module-src && ! use module; then + einfo + einfo "You have enabled the module-src USE flag without the module USE" + einfo "flag. This means that sources are installed to" + einfo "${ROOT}/usr/src/wireguard instead of having the" + einfo "kernel module compiled. You will need to compile the module" + einfo "yourself. Most likely, you don't want this USE flag, and should" + einfo "rather use USE=module" + einfo + fi + + if use module; then + linux-mod_pkg_postinst + local old new + if [[ $(uname -r) != "${KV_FULL}" ]]; then + ewarn + ewarn "You have just built WireGuard for kernel ${KV_FULL}, yet the currently running" + ewarn "kernel is $(uname -r). If you intend to use this WireGuard module on the currently" + ewarn "running machine, you will first need to reboot it into the kernel ${KV_FULL}, for" + ewarn "which this module was built." + ewarn + elif [[ -f /sys/module/wireguard/version ]] && \ + old="$(< /sys/module/wireguard/version)" && \ + new="$(modinfo -F version "${ROOT}/lib/modules/${KV_FULL}/net/wireguard.ko" 2>/dev/null)" && \ + [[ $old != "$new" ]]; then + ewarn + ewarn "You appear to have just upgraded WireGuard from version v$old to v$new." + ewarn "However, the old version is still running on your system. In order to use the" + ewarn "new version, you will need to remove the old module and load the new one. As" + ewarn "root, you can accomplish this with the following commands:" + ewarn + ewarn " # rmmod wireguard" + ewarn " # modprobe wireguard" + ewarn + ewarn "Do note that doing this will remove current WireGuard interfaces, so you may want" + ewarn "to gracefully remove them yourself prior." + ewarn + fi + fi +} diff --git a/net-vpn/wireguard-modules/wireguard-modules-9999.ebuild b/net-vpn/wireguard-modules/wireguard-modules-9999.ebuild deleted file mode 100644 index 16df945c1ab1..000000000000 --- a/net-vpn/wireguard-modules/wireguard-modules-9999.ebuild +++ /dev/null @@ -1,100 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -MODULES_OPTIONAL_USE="module" -inherit linux-mod bash-completion-r1 - -DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography." -HOMEPAGE="https://www.wireguard.com/" - -if [[ ${PV} == 9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://git.zx2c4.com/wireguard-linux-compat" - KEYWORDS="" -else - SRC_URI="https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-${PV}.tar.xz" - S="${WORKDIR}/wireguard-linux-compat-${PV}" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" -fi - -LICENSE="GPL-2" -SLOT="0" -IUSE="debug +module module-src" - -DEPEND="" -RDEPEND="${DEPEND} != 5.6, and do not use this package." - elif kernel_is -lt 3 10 0; then - die "This version of ${PN} requires Linux >= 3.10." - fi - fi -} - -src_compile() { - BUILD_PARAMS="KERNELDIR=${KV_OUT_DIR}" - use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}" - use module && linux-mod_src_compile -} - -src_install() { - use module && linux-mod_src_install - use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install -} - -pkg_postinst() { - if use module-src && ! use module; then - einfo - einfo "You have enabled the module-src USE flag without the module USE" - einfo "flag. This means that sources are installed to" - einfo "${ROOT}/usr/src/wireguard instead of having the" - einfo "kernel module compiled. You will need to compile the module" - einfo "yourself. Most likely, you don't want this USE flag, and should" - einfo "rather use USE=module" - einfo - fi - - if use module; then - linux-mod_pkg_postinst - local old new - if [[ $(uname -r) != "${KV_FULL}" ]]; then - ewarn - ewarn "You have just built WireGuard for kernel ${KV_FULL}, yet the currently running" - ewarn "kernel is $(uname -r). If you intend to use this WireGuard module on the currently" - ewarn "running machine, you will first need to reboot it into the kernel ${KV_FULL}, for" - ewarn "which this module was built." - ewarn - elif [[ -f /sys/module/wireguard/version ]] && \ - old="$(< /sys/module/wireguard/version)" && \ - new="$(modinfo -F version "${ROOT}/lib/modules/${KV_FULL}/net/wireguard.ko" 2>/dev/null)" && \ - [[ $old != "$new" ]]; then - ewarn - ewarn "You appear to have just upgraded WireGuard from version v$old to v$new." - ewarn "However, the old version is still running on your system. In order to use the" - ewarn "new version, you will need to remove the old module and load the new one. As" - ewarn "root, you can accomplish this with the following commands:" - ewarn - ewarn " # rmmod wireguard" - ewarn " # modprobe wireguard" - ewarn - ewarn "Do note that doing this will remove current WireGuard interfaces, so you may want" - ewarn "to gracefully remove them yourself prior." - ewarn - fi - fi -} diff --git a/net-vpn/wireguard-tools/Manifest b/net-vpn/wireguard-tools/Manifest index e7ae98cc4150..3ac1bb90313b 100644 --- a/net-vpn/wireguard-tools/Manifest +++ b/net-vpn/wireguard-tools/Manifest @@ -1,5 +1,6 @@ -DIST wireguard-tools-1.0.20200319.tar.xz 92324 BLAKE2B 9f514748708ef6a5b7f5b043c9054c954d17bb77de7a354b5a9a4e63cfb5f441237e98b16b288426441a7e709e1874d396cf67b04b38bb0ebbe7822bb32ada57 SHA512 d5bcd153f9b10f184b9a1bf9a81f33a9713ab4863ab5aa190eac60e92919756c8fecbb0d3cfb83bae20ac78fc43fdd7168f37294cdd7c5ee21f2a1b2db5fdf41 +AUX wg-quick.init 885 BLAKE2B 440224b688b1a1b4762bac7ac3bd6cb6fbee546543f1da70fcf5ee1c6d213ff62c43d502fd88d1778913455cc233b6419b3176690b471a71aaf2792671045eee SHA512 3de3edb359a786bdb8de06f496caced1293048c2ec489073c0525b4eca61365424ffde6a7eb899d7672db38872b6c67436b2e39019e92300ca5e590ba02c2e84 DIST wireguard-tools-1.0.20200513.tar.xz 94500 BLAKE2B 34a39533018416df382d180da76d6494feec1d40208c9df427c1979817dbe138c217fe4c4f4cf5cecd3c4053e6f73f1863d1e0a9ed2cad41899dda5387c15844 SHA512 4d27b262350b6b47843a323c2e7ab8d2bdd48065c265778abdec85b3f6fc92aa9af77d76e368df9cc8e435eae1c0ce50fed52e1d78db54358c1884d34be08d2c -EBUILD wireguard-tools-1.0.20200319.ebuild 3272 BLAKE2B 800f2ec75e42ac5adb2ef8ffd0403ebd448e19f27609e6d9883d252743e838bd3a017ef86561d4aa8c82e0e67ec7f3b5d3c543ca100f495935bdb6d45faebe25 SHA512 714e11822d0854acb7eb86db716266cd53ff0ae8eb713c962b2aacaaa35b72dcca5ed03562c1a858e6cb204ae85ab25a9097f0db1516fb2ba62d33f1186f35a5 -EBUILD wireguard-tools-1.0.20200513.ebuild 3272 BLAKE2B 800f2ec75e42ac5adb2ef8ffd0403ebd448e19f27609e6d9883d252743e838bd3a017ef86561d4aa8c82e0e67ec7f3b5d3c543ca100f495935bdb6d45faebe25 SHA512 714e11822d0854acb7eb86db716266cd53ff0ae8eb713c962b2aacaaa35b72dcca5ed03562c1a858e6cb204ae85ab25a9097f0db1516fb2ba62d33f1186f35a5 +DIST wireguard-tools-1.0.20200820.tar.xz 94812 BLAKE2B 68e3db7cc337e8cf0b35d192f38d6303696c19956661a10d253241864a8b22c666b99ea62d9533bc661353c77a7df4333e336ee00235d9492347beaf58b78396 SHA512 d30ff3c4381e65cd0a751110e66f3ad1aa274b22962da748af6373210d3e4824d066a74655156d7a3d1fe6f96187a49408bc590a8023bc706c1824c0546b874c +EBUILD wireguard-tools-1.0.20200513.ebuild 4006 BLAKE2B f4232d1407542539df55e3dcffde13421fc0ac49adec0f0d6f57bcc606416c2e845eb180243acec3151ec36f814902dd088f8c36290ecff3bf3ce40c297ba603 SHA512 6cc57a52d4a2c193799a3b497c79786cf03ab763a6ed7bcc2ae8956212a19a1dc6a67ade1074d7001e30e266c888c0a29ac93e5cb6b776b6b4146d917f8883bb +EBUILD wireguard-tools-1.0.20200820.ebuild 4014 BLAKE2B 7cbfad529059e2e54e3e2d9c8aae986c8e15cc58a17679c8f315e4fa68d98f961a433f35c67c88e563978989be12f1a438b8a34861d09a6fe6a94645a5e535ae SHA512 5232fd852509d26b6014f9222c4d0c7e9b57bd87ba23bd44fc3d926d4e7818fae5b51eed9dbeb6633b7a2cd9e81c37b85b55c6e4ad6d427c78dabe7a186575fa MISC metadata.xml 362 BLAKE2B b6c8384cc5434b65a80b2326df412ca38a96bfd137feb34cea5124eebe13d383851b3ceea17cfc0b937555a0760608e0f3d0a7834da15271e65f669bfbfb8d2a SHA512 bf494cd4c95dbbbf783fc847cdf03f9a83b2673bf3a0a78fa12480abd1e2657f255019cf4f68db5143b11c5c63d6c16e9e18480800115751be9bc3cae910c8ea diff --git a/net-vpn/wireguard-tools/files/wg-quick.init b/net-vpn/wireguard-tools/files/wg-quick.init new file mode 100644 index 000000000000..780472782031 --- /dev/null +++ b/net-vpn/wireguard-tools/files/wg-quick.init @@ -0,0 +1,38 @@ +#!/sbin/openrc-run +# Copyright 2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +name="WireGuard" +description="WireGuard via wg-quick(8)" + +depend() { + need net + use dns +} + +CONF="${SVCNAME#*.}" + +checkconfig() { + if [ "$CONF" = "$SVCNAME" ]; then + eerror "You cannot call this init script directly. You must create a symbolic link to it with the configuration name:" + eerror " ln -s /etc/init.d/wg-quick /etc/init.d/wg-quick.vpn0" + eerror "And then call it instead:" + eerror " /etc/init.d/wg-quick.vpn0 start" + return 1 + fi + return 0 +} + +start() { + checkconfig || return 1 + ebegin "Starting $description for $CONF" + wg-quick up "$CONF" + eend $? "Failed to start $description for $CONF" +} + +stop() { + checkconfig || return 1 + ebegin "Stopping $description for $CONF" + wg-quick down "$CONF" + eend $? "Failed to stop $description for $CONF" +} diff --git a/net-vpn/wireguard-tools/wireguard-tools-1.0.20200319.ebuild b/net-vpn/wireguard-tools/wireguard-tools-1.0.20200319.ebuild deleted file mode 100644 index 07fee8d91012..000000000000 --- a/net-vpn/wireguard-tools/wireguard-tools-1.0.20200319.ebuild +++ /dev/null @@ -1,101 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit linux-info bash-completion-r1 systemd toolchain-funcs - -DESCRIPTION="Required tools for WireGuard, such as wg(8) and wg-quick(8)" -HOMEPAGE="https://www.wireguard.com/" - -if [[ ${PV} == 9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://git.zx2c4.com/wireguard-tools" -else - SRC_URI="https://git.zx2c4.com/wireguard-tools/snapshot/wireguard-tools-${PV}.tar.xz" - KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 sparc x86" -fi - -LICENSE="GPL-2" -SLOT="0" -IUSE="+wg-quick" - -BDEPEND="virtual/pkgconfig" -DEPEND="" -RDEPEND="${DEPEND} - wg-quick? ( - || ( net-firewall/nftables net-firewall/iptables ) - virtual/resolvconf - ) - !