From 8d35656b4a4e3a2ad6f87abb36b9fc3987d95a53 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Wed, 26 Mar 2025 00:31:47 +0000 Subject: gentoo auto-resync : 26:03:2025 - 00:31:47 --- net-vpn/Manifest.gz | Bin 8221 -> 8392 bytes net-vpn/derper/Manifest | 9 ++ net-vpn/derper/derper-1.80.3.ebuild | 64 ++++++++ net-vpn/derper/files/derper-pre.sh | 59 +++++++ net-vpn/derper/files/derper.defaults | 48 ++++++ net-vpn/derper/files/derper.initd | 34 ++++ net-vpn/derper/files/derper.service | 15 ++ net-vpn/derper/files/derper.service.conf | 3 + net-vpn/derper/metadata.xml | 11 ++ net-vpn/i2p/Manifest | 4 +- net-vpn/i2p/i2p-2.8.0.ebuild | 262 ------------------------------- net-vpn/i2p/i2p-2.8.1.ebuild | 262 +++++++++++++++++++++++++++++++ net-vpn/tor/Manifest | 13 +- net-vpn/tor/tor-0.4.8.13-r1.ebuild | 199 ----------------------- net-vpn/tor/tor-0.4.8.13.ebuild | 195 ----------------------- net-vpn/tor/tor-0.4.8.15.ebuild | 199 ----------------------- net-vpn/tor/tor-0.4.8.16.ebuild | 199 +++++++++++++++++++++++ 17 files changed, 710 insertions(+), 866 deletions(-) create mode 100644 net-vpn/derper/Manifest create mode 100644 net-vpn/derper/derper-1.80.3.ebuild create mode 100644 net-vpn/derper/files/derper-pre.sh create mode 100644 net-vpn/derper/files/derper.defaults create mode 100644 net-vpn/derper/files/derper.initd create mode 100644 net-vpn/derper/files/derper.service create mode 100644 net-vpn/derper/files/derper.service.conf create mode 100644 net-vpn/derper/metadata.xml delete mode 100644 net-vpn/i2p/i2p-2.8.0.ebuild create mode 100644 net-vpn/i2p/i2p-2.8.1.ebuild delete mode 100644 net-vpn/tor/tor-0.4.8.13-r1.ebuild delete mode 100644 net-vpn/tor/tor-0.4.8.13.ebuild delete mode 100644 net-vpn/tor/tor-0.4.8.15.ebuild create mode 100644 net-vpn/tor/tor-0.4.8.16.ebuild (limited to 'net-vpn') diff --git a/net-vpn/Manifest.gz b/net-vpn/Manifest.gz index e40f8151be9b..33d423c2376a 100644 Binary files a/net-vpn/Manifest.gz and b/net-vpn/Manifest.gz differ diff --git a/net-vpn/derper/Manifest b/net-vpn/derper/Manifest new file mode 100644 index 000000000000..3c51a3541e42 --- /dev/null +++ b/net-vpn/derper/Manifest @@ -0,0 +1,9 @@ +AUX derper-pre.sh 1269 BLAKE2B 86100763fefaf3c8f2430ba27851fd481c906f57b11e6302fc988be436cc6d672f2266bd29ccafc149360b4e8af669b086dadf8fae27f99b36044dfda4af8dac SHA512 f1f597222407eb93f5680865205985ef6b4b666ad7ce352f389446f399a41b8eb215ee56a9391262647b4118cbd378f34bdf8684560a7cb193827015aa518b9c +AUX derper.defaults 1420 BLAKE2B 4dbfc96d2a7d510edbed97892b4549d288d85077d8e2b65d4afe79f2381d442ccb71a2b4b76904de6d98298bb4a8a8088869604968bc018579b184b1b86fb4be SHA512 bd0a868cdf48ce114175c72df1c815b0866e8155a9599ca48f33329262b579f1a9425af661db79aefcf2bfdf01971af91c8de5febd9e5b24d403b45e2d41e0c5 +AUX derper.initd 767 BLAKE2B 5bcefb21b354265a31f70f37151d1eda68c9f73aa568124a24954d55e3daff7e6c3f3b0ea2a20ded819975c9c2b223600507e751214cba9f9465d67f7ea571ca SHA512 711474f4d980f45550924b38be900945de60643f97dd247191e00ba5c47b19d816cba201b57a0b53b3f92229dde5764266b919471b0be82a14b2c6f916ae5fcb +AUX derper.service 547 BLAKE2B ed431d7256279f2a8affc1c6faff483d93ddababd7a16233edbf475b1de0a9f56bb1c2acbd65c427bebbed9d834b2919d0c59211cd5b10a0f25d780d83d547ff SHA512 e7a7f03a4810626c4d1b03191fc03b3e1625e9896dedf3538419beb1a9b41db43973be69d197802ab83354701ab27bd450a12241fb3a88da57f6deddfb75b420 +AUX derper.service.conf 35 BLAKE2B 36f1b3354a1e7782e2ed0a79a55c26673621503cd39646a80b74c7127d3db9d2c8ce7f64e9d61ebb6dd84dbdda3683e4f6a03b74454f14865ed3395cec4c57e5 SHA512 90e0c91749d8c8f29735895cf6451a7774fbbb20c80eb346e1297a5d4bc6a9ca8093628c5b7ea5773cb01bb7d1a9012fc7081414f70f05998ec918e1905beb05 +DIST tailscale-1.80.3-deps.tar.xz 259571740 BLAKE2B 5e9c3cd9d57f416acd008a910760fcf130b32f9d81935c5c7f32822d37cd703ba07f58720bae0c67cbf85a87e93f06002edbce13efd7376eaf40bcd68fb38ba1 SHA512 f8484e9bb3329891b46282ef7e2879bf73cd3485925729ed319e76f1aca32946a56519fffaf644d504b1df4ec01ab8ee7a7a6cb30d3126b20ee5506fe65cf51a +DIST tailscale-1.80.3.tar.gz 3528273 BLAKE2B 3f9450a24a370146dc0e32f715ffa4eba8e6a7b31c65f20b1e9b40f4bf45fb1f0f27392d2c36870fa2bf2984fb556d72347057a010f18bda2d649242d058b5b2 SHA512 2553642e9ec8adf7754cf869ec986399de22af01b66c1a4d20bff3c1305f62e175e39e70eb2a6e9723e8352421d9ad6590bbcfa42e78a4c88838bd8bb8aa6e80 +EBUILD derper-1.80.3.ebuild 1578 BLAKE2B b98307a1dca773cc44f475a37d33c1503c98d56bc3cefb1289d06244ef91f18c3c75ae0d7d33ce0c2b0356aca05b2b2bc88ab7cf62e8715cdefc315c6bf24ee5 SHA512 cbc727caf72a2a559b34a7ac600a88d6bd0a0c50bc5397386e8ad917e896ed5e33bb84ba47157ba2735c895cdebba67fe22d1b49fa7751538e31542b4e8de004 +MISC metadata.xml 325 BLAKE2B 8fc538ce81a3dcb0eed84d6b4c1706cec2bd69844a925f5ba1606518a4893a341a13d61873e5d54a348bbd4f7205363d6589fd3cabd0205bbab67777d58dacba SHA512 4e0becbc73ce5182776d3459bf9ffba3568b1f6443055731ce657d97efafa124114cf2858a9e153d121e8d067e58cca51ce0eec4624c5b27720af8769c32e2a2 diff --git a/net-vpn/derper/derper-1.80.3.ebuild b/net-vpn/derper/derper-1.80.3.ebuild new file mode 100644 index 000000000000..7251c2aa7855 --- /dev/null +++ b/net-vpn/derper/derper-1.80.3.ebuild @@ -0,0 +1,64 @@ +# Copyright 2020-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module linux-info systemd + +# share same source with net-vpn/tailscale +VERSION_MINOR="80" +VERSION_SHORT="1.80.3" +VERSION_LONG="1.80.3-tbd762b827" +VERSION_GIT_HASH="bd762b8274a957fe11c4416c6278ba0682124931" + +MY_P="tailscale-${PV}" +DESCRIPTION="DERP server for tailscale network" +HOMEPAGE="https://tailscale.com" +SRC_URI="https://github.com/tailscale/tailscale/archive/v${PV}.tar.gz -> ${MY_P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${MY_P}-deps.tar.xz" +S="${WORKDIR}/${MY_P}" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" + +CONFIG_CHECK="~TUN" + +BDEPEND=" + acct-group/derper + acct-user/derper + >=dev-lang/go-1.22 +" + +RESTRICT="test" + +# This translates the build command from upstream's build_dist.sh to an +# ebuild equivalent. +build_dist() { + ego build -tags xversion -ldflags " + -X tailscale.com/version.longStamp=${VERSION_LONG} + -X tailscale.com/version.shortStamp=${VERSION_SHORT} + -X tailscale.com/version.gitCommitStamp=${VERSION_GIT_HASH}" "$@" +} + +src_compile() { + build_dist ./cmd/derper + build_dist ./cmd/derpprobe +} + +src_install() { + dobin derper + dobin derpprobe + + insinto /etc/default + newins "${FILESDIR}"/derper.defaults derper + systemd_dounit "${FILESDIR}"/derper.service + systemd_install_serviced "${FILESDIR}"/derper.service.conf derper + + newinitd "${FILESDIR}"/derper.initd derper + + keepdir /var/lib/${PN} + fperms 0750 /var/lib/${PN} + + exeinto /usr/libexec + doexe "${FILESDIR}"/derper-pre.sh +} diff --git a/net-vpn/derper/files/derper-pre.sh b/net-vpn/derper/files/derper-pre.sh new file mode 100644 index 000000000000..ba5b224109be --- /dev/null +++ b/net-vpn/derper/files/derper-pre.sh @@ -0,0 +1,59 @@ +#!/usr/bin/env bash +# + +set -e + +. /etc/default/derper + +if [[ -z ${DERPER_USER} ]]; then + echo "DERPER_USER is not set via /etc/default/derper" >&2 + exit 1 +fi + +if [[ -z ${CERTDIR} ]]; then + eval "CERTDIR=~${_user}/.cache/tailscale/derper-certs" + echo "CERTDIR is not set, fallback to default '${CERTDIR}' directory" >&2 +fi + +if [[ ! -e ${CERTDIR} ]]; then + mkdir -m 750 -p ${CERTDIR} + chown ${DERPER_USER}${DERPER_GROUP:+:}${DERPER_GROUP} ${CERTDIR} +fi + +# according to: https://github.com/tailscale/tailscale/blob/651e0d8aad1e97df71ac09ee25274377995133dd/cmd/derper/cert.go#L63 +parse_hostname() { + local hn="${1}" + while [[ ${hn} =~ (.*)[^a-zA-Z0-9\.-]+(.*) ]]; do + hn=${BASH_REMATCH[1]}${BASH_REMATCH[2]} + done + echo -n ${hn} +} + +cp_cert() { + local suffix=".crt" mode=640 var="CERTFILE" + if [[ ${FUNCNAME[1]} == cp_key ]]; then + suffix=".key" + mode=600 + var="KEYFILE" + fi + + if [[ -z ${HOSTNAME} ]]; then + echo "${var} is set while HOSTNAME is not, ignore ${var}" >&2 + else + local file="${CERTDIR%/}/$(parse_hostname ${HOSTNAME})${suffix}" + cp -f -L ${!var} ${file} + chown ${DERPER_USER}${DERPER_GROUP:+:}${DERPER_GROUP} ${file} + chmod ${mode} ${file} + fi +} + +cp_key() { + cp_cert +} + +if [[ -n ${CERTFILE} ]]; then + cp_cert +fi +if [[ -n ${KEYFILE} ]]; then + cp_key +fi diff --git a/net-vpn/derper/files/derper.defaults b/net-vpn/derper/files/derper.defaults new file mode 100644 index 000000000000..98fed53cf4a0 --- /dev/null +++ b/net-vpn/derper/files/derper.defaults @@ -0,0 +1,48 @@ +# executing user +DERPER_USER=derper + +# executing group +DERPER_GROUP=derper + +# Home dir for derper +HOMEDIR=/var/lib/derper + +# server HTTPS listen address, in form ":port", "ip:port", or for IPv6 "[ip]:port". +# If the IP is omitted, it defaults to all interfaces. +# If you want to listen to 443 or other well-known port +# you should set the executing user to the 'root' +ADDR=":9781" + +# The port on which to serve HTTP. +# -1 means disabled +HTTP_PORT="-1" + +# servername for TLS cert +HOSTNAME="derp.example.com" + +# mode for getting a cert. +# If you want to change to the 'letsencrypt' mode, +# the DERP server should be listened on 443 port, and +# the http port 80 should be listened also at the first time +CERTMODE="manual" +# cert dir +# when in the 'manual' mode, the default cert file and private key +# will be read via path: +# CERTDIR/HOSTNAME.crt +# CERTDIR/HOSTNAME.key +# and all non [a-zA-Z0-9\.-] characters will be removed +# from the HOSTNAME +CERTDIR="/var/lib/derper/certs" +# The custom cert and key file path, +# simplify the certificate deployment process in manual mode, +# the two files will overwrite the default cert and key files +# everytime when derper service starts. +#CERTFILE= +#KEYFILE= + +# extra arguments passed to the derper +# run derper --help to get help +# -verify-clients +# verify clients to this DERP server through a local tailscaled instance. +FLAGS="-verify-clients" + diff --git a/net-vpn/derper/files/derper.initd b/net-vpn/derper/files/derper.initd new file mode 100644 index 000000000000..ef76ad085ed0 --- /dev/null +++ b/net-vpn/derper/files/derper.initd @@ -0,0 +1,34 @@ +#!/sbin/openrc-run +# Copyright 2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +. /etc/default/derper + +name="derper" +description="Tailscale DERP server" +command="/usr/bin/derper" +command_args=" \ + -certdir ${CERTDIR} \ + -certmode ${CERTMODE} \ + -hostname ${HOSTNAME} \ + -a ${ADDR} \ + -http-port ${HTTP_PORT} \ + -c '${HOMEDIR}'/derper.key \ + ${FLAGS} +" +command_user="${DERPER_USER}:${DERPER_GROUP}" +command_background=true +pidfile="/run/derper.pid" +directory="${HOMEDIR}" +output_log="/var/log/derper/derper.log" +error_log="/var/log/derper/derper.error" + +depend() { + need net +} + +start_pre() { + checkpath -d -m 700 -o ${command_user} /var/log/derper + checkpath -d -m 750 -o ${command_user} ${HOMEDIR} + /usr/libexec/derper-pre.sh +} diff --git a/net-vpn/derper/files/derper.service b/net-vpn/derper/files/derper.service new file mode 100644 index 000000000000..44c093af85a5 --- /dev/null +++ b/net-vpn/derper/files/derper.service @@ -0,0 +1,15 @@ +[Unit] +Description=Tailscale DERP server +Documentation=https://tailscale.com/kb/1118/custom-derp-servers +Wants=network-pre.target +After=network-pre.target NetworkManager.service systemd-resolved.service + +[Service] +EnvironmentFile=/etc/default/derper +ExecStartPre=+/usr/libexec/derper-pre.sh +ExecStart=/usr/sbin/derper -certdir ${CERTDIR} -certmode ${CERTMODE} -hostname ${HOSTNAME} -a ${ADDR} -http-port ${HTTP_PORT} -c "${HOMEDIR}"/derper.key ${FLAGS} +ReadWritePaths=${HOMEDIR} ${CERTDIR} +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/net-vpn/derper/files/derper.service.conf b/net-vpn/derper/files/derper.service.conf new file mode 100644 index 000000000000..0640c936cca6 --- /dev/null +++ b/net-vpn/derper/files/derper.service.conf @@ -0,0 +1,3 @@ +[Service] +User=derper +Group=derper diff --git a/net-vpn/derper/metadata.xml b/net-vpn/derper/metadata.xml new file mode 100644 index 000000000000..8799a931f9d4 --- /dev/null +++ b/net-vpn/derper/metadata.xml @@ -0,0 +1,11 @@ + + + + + dlan@gentoo.org + Yixun Lan + + + tailscale/tailscale + + diff --git a/net-vpn/i2p/Manifest b/net-vpn/i2p/Manifest index fe232eee5ed2..6728b7918126 100644 --- a/net-vpn/i2p/Manifest +++ b/net-vpn/i2p/Manifest @@ -2,7 +2,7 @@ AUX 2.7.0-force-gentoo-classpath.patch 14038 BLAKE2B 0ff68b25587b1a63db922e84782 AUX i2p.init 278 BLAKE2B 2e26e9d25e21494d2f6a221a3c332f1afe475513096eb7c51a0fbc4cacc8e9bd418f98d622cb054f55d7b7c4941054be8b6314f9b19c249e9ad0e77893980ca6 SHA512 1edb33cd0df28de95e02b1015e86cbc44c867a8df1260abb0565bc232c2cccc2625d36fdefa4a050ea3215d938c1ff0521a591a0bc2b27d57ca6be621795cd52 AUX i2p.service 172 BLAKE2B 8523af82e33d7a8f5b37138f8d28c7adb4c08607b84813f35b42f11064c0ec2768bf443eca32bd7b281ed084d6b820b23977c55a1cd5b8ad058ab18117b83f90 SHA512 c87574c968f4142b3dbe556dab86438765dc8b9b23475dca8c7e268d2963e5dffcd9175bb749b2d42c3fc7fe75d9175158f56cb78f0fa4faa7d6029fdf4b8e6c DIST i2psource_2.7.0.tar.bz2 33683394 BLAKE2B aa3505b2bcd402e8d2d8bae4955e1cbd52939e5a3bb567ef4e918f895021489fd7dc0663f86f1cf6a998105cc3e0296971bac22ec04348fa4aa392f23dd28560 SHA512 a216ca91351bbdef7844376f8d77686a48f3b0ab72a3b446866f788035f652badb19e7e123586f47adf5befc4cc295b4395def94971065068c7f487ed1111643 -DIST i2psource_2.8.0.tar.bz2 33785482 BLAKE2B af9fac097cce79b1700adc374cc0d53c0732257d2f48f717962a93c852ab718d137c36d7bdf40504d25bcea2336d4b1605c5f87feada5c2dedb9b99426377ae7 SHA512 af08ec4b5962e22e41e4e6d43cde28921161469da772bb92c23a603c49372211374e3183c2537d7c4557b793ac062866adfc3b5500e46663ce6dc6842e847a7b +DIST i2psource_2.8.1.tar.bz2 33757602 BLAKE2B a94fedc17c10d081cd74bf7ac3f48033eeb4b431b863036deb9543286d94d744ae33dc64fef7fe84aac0a9b422aad1c1c8a93936a888391f90f1c35d4a756e77 SHA512 27b02ae3dd43cbde1576b25967d124b32268bcff3ee27181cf5477e5a6b5606213ab261d8f35276b3a06b25ac43a719d029578d35fbfadf352031d0d776e758e EBUILD i2p-2.7.0.ebuild 8121 BLAKE2B 5d453b81ee2c1d16f1b09fc9a3706a84f79f6c5ffeab8245678c525b5f0d0e0a13463d246f29c4ec8f117f38f24c23563a024c5768e4ceaa7f944277a3e32ae1 SHA512 da2a327c2326e5a79144b7d7cb0b97d498dc029c0cde36cfce6f76bd3a952887b319715f990cca941cee535ce24bc24508eb66c0c198a2761c040729710dd22c -EBUILD i2p-2.8.0.ebuild 8122 BLAKE2B c0d95a91cfd7637aff16c964ddc3a8e8b1f22c6b3f96901e6b993a73b7e489028f456c24f592307a56b97a80e09a7ca7090540f020b5ccee689521978ecd6488 SHA512 e509541de1c7346587e83cf96f3c3a5b4b1cdefdd1d988213b52d01b353b20875bcc1bf8f1c84ce06646d72de5a2696f705e495ba50d44be9c90da3408b74d8c +EBUILD i2p-2.8.1.ebuild 8122 BLAKE2B c0d95a91cfd7637aff16c964ddc3a8e8b1f22c6b3f96901e6b993a73b7e489028f456c24f592307a56b97a80e09a7ca7090540f020b5ccee689521978ecd6488 SHA512 e509541de1c7346587e83cf96f3c3a5b4b1cdefdd1d988213b52d01b353b20875bcc1bf8f1c84ce06646d72de5a2696f705e495ba50d44be9c90da3408b74d8c MISC metadata.xml 743 BLAKE2B 020f7bd72231ce0cb37929330c1f73be6cd91e5d13f86202c6d5da5b2ced53e2b3df172dcf63fb37ae2028019376422ffa7fc8ad94f206f0996984294f353503 SHA512 c1cd68d0fe33ca5b738973fedf764141d490430afa968b325b4a2bc853e6206c0c1683724ff5e4829ac97482b40490cfb3b14b03711149a84baa1e6ecc27dbee diff --git a/net-vpn/i2p/i2p-2.8.0.ebuild b/net-vpn/i2p/i2p-2.8.0.ebuild deleted file mode 100644 index 442a6d309a7b..000000000000 --- a/net-vpn/i2p/i2p-2.8.0.ebuild +++ /dev/null @@ -1,262 +0,0 @@ -# Copyright 1999-2025 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -JAVA_PKG_IUSE="test" - -inherit java-pkg-2 systemd toolchain-funcs - -DESCRIPTION="A privacy-centric, anonymous network" -HOMEPAGE="https://geti2p.net" -SRC_URI="https://files.i2p-projekt.de/${PV}/i2psource_${PV}.tar.bz2" - -LICENSE="Apache-2.0 Artistic BSD CC-BY-2.5 CC-BY-3.0 CC-BY-SA-3.0 EPL-1.0 GPL-2 GPL-3 LGPL-2.1 LGPL-3 MIT public-domain WTFPL-2" -SLOT="0" - -KEYWORDS="~amd64 ~arm64" -LANGS=( - ar az bg ca cs da de el en es es-AR et fa fi fr gl he hi hr hu id it ja ko ku mg nb nl nn pl pt pt-BR ro ru sk sl sq - sr sv tk tr uk vi zh zh-TW -) -IUSE="${LANGS[@]/#/l10n_}" - -CP_DEPEND=" - dev-java/bcprov:0 - dev-java/hashcash:1 - dev-java/httpcomponents-client:4 - dev-java/java-getopt:1 - dev-java/java-service-wrapper:0 - dev-java/jbcrypt:0 - dev-java/json-simple:2.3 - dev-java/jsonrpc2-server:1 - dev-java/jstl:0 - dev-java/jstl-api:0 - dev-java/minidns-core:1 - dev-java/zxing-core:3 - dev-java/zxing-javase:3 - sys-devel/gettext:0[java] - www-servers/tomcat:9 -" -# jdk-11 for bug #932030 -DEPEND=" - dev-libs/gmp:0= - ${CP_DEPEND} - >=virtual/jdk-11:* - test? ( - dev-java/hamcrest:0 - dev-java/junit:4 - dev-java/mockito:4 - ) -" -BDEPEND=" - >=dev-java/ant-1.10.14-r3:0 - test? ( - >=dev-java/ant-1.10.14-r3:0[junit4] - ) -" -RDEPEND=" - ${CP_DEPEND} - acct-user/i2p - acct-group/i2p - >=virtual/jre-11:* -" - -PATCHES=( "${FILESDIR}/2.7.0-force-gentoo-classpath.patch" ) - -DOCS=( README.md history.txt ) - -src_prepare() { - default # apply PATCHES - - # remove hardcoded javac's source & target - find -name build.xml \ - -exec sed -Ei 's,(source|target)="\$\{javac\.version\}",,g' {} + || - die "remove javac's source & target in build files" - - java-pkg-2_src_prepare - - # remove most bundled, excepted the next ones. - # apps/addressbook/java/src/net/metanotion too much code drift - # apps/i2psnark/java/src/org/klomp/snark too much code drift - # apps/imagegen/identicon too much code drift - # apps/jrobin need rrd4j ebuild - # apps/routerconsole/java/src/{com,edu} too much code drift - # {core,router}/java/src/com/southernstorm/noise use internal symbols - # core/java/src/freenet too much code drift - # core/java/src/gnu/crypto too much code drift - # router/java/src/com/maxmind changed interface - # router/java/src/org/cybergarage unable to find version 3 - # router/java/src/org/freenetproject too big to pull - # router/java/src/org/xlattice changed interface - java-pkg_clean ! \ - -path "./apps/jetty/jetty-distribution-*" # need to package jetty - rm -r installer/lib || die 'unbundle installer libs' - ( cat >> override.properties || die 'set unbundled properties' ) <<- EOF - require.gettext=true - with-libgetopt-java=true - with-libjakarta-taglibs-standard-java=true - with-libjson-simple-java=true - with-libtomcat9-java=true - with-gettext-base=true - # with-geoip-database=true need std geoip use - # with-libjetty9-java=true needs a jetty ebuild - EOF - - # bcprov - rm -r core/java/src/net/i2p/crypto/elgamal || die 'unbundle bcprov' - sed -e 's,net\.i2p\.crypto\.elgamal\.spec,org.bouncycastle.jce.spec,' \ - -i core/java/src/net/i2p/crypto/CryptoConstants.java || - die 'redirect imports of bcprov' - # getopt, gettext - rm -r core/java/src/gnu/{getopt,gettext} || die 'unbundle GNU code' - # httpcomponents-client - rm -r core/java/src/net/i2p/apache || die 'unbundle httpcomponents-client' - sed -e 's,net\.i2p\.apache,org.apache,' \ - -i core/java/src/net/i2p/util/{Addresses,I2PSSLSocketFactory}.java \ - apps/i2pcontrol/java/net/i2p/i2pcontrol/HostCheckHandler.java || - die 'redirect imports of httpcomponents-client' - # zxing - rm -r apps/imagegen/zxing || die 'unbundle zxing' - sed -E '/dir="[^"]*zxing/d' -i apps/imagegen{/imagegen,}/build.xml && - # hashcash - rm core/java/src/com/nettgryppa/security/HashCash.java || - die 'unbundle hashcash' - # jbcrypt, jsonrpc2-* - rm -r apps/i2pcontrol/java/{com,org} || die 'unbundle jbcrypt & jsonrpc2-*' - # jstl* - sed -E '/"apps\/susidns\/src\/lib\/(jstl|standard).jar"/d' -i build.xml || - die 'unbundle jstl*' - java-pkg_jar-from --into apps/susidns/src/lib jstl jstl-impl.jar standard.jar - java-pkg_jar-from --into apps/susidns/src/lib jstl-api jstl-api.jar jstl.jar - # minidns-core, json-simple - rm -r core/java/src/org || die 'unbundle minidns-core & json-simple' - mkdir core/java/build || die 'create built core dependencies' - java-pkg_jar-from --into core/java/build json-simple-2.3 - - # keep only enabled locales - local lang - for lang in ${LANGS[@]} - do - if ! use "l10n_${lang}" - then - find -regextype egrep \ - -regex ".*[_\\./]${lang/-/_}.(html|po|1)" \ - -delete || die "unbundling ${lang} translations" - fi - done - - # fix some locale names - find -name '*_in.*' -exec rename --no-overwrite _in. _id. {} \; && - find -name '*_iw.*' -exec rename --no-overwrite _iw. _he. {} \; || - die 'fix some locale names' -} - -src_configure() { - # build for our JDK - cat >> override.properties <<-EOF || die 'set JDK infos' - ant.build.javac.source=$(java-pkg_get-source) - ant.build.javac.target=$(java-pkg_get-target) - EOF - - # deamon shouldn't start GUI - sed -i 's|\(clientApp.4.startOnLoad\)=true|\1=false|' \ - installer/resources/clients.config || - die 'avoid auto starting browser' - - # yep, that's us - echo 'build.built-by=Gentoo' >> override.properties || - die 'bragging failed' - - # support no-UTF-8 build systems - echo 'file.encoding=UTF-8' >> override.properties || - die 'set files encoding' -} - -src_compile() { - local libs='bcprov,gettext,hashcash-1,httpcomponents-client-4' - libs+=',java-getopt-1,java-service-wrapper,jbcrypt,jsonrpc2-server-1' - libs+=',tomcat-9,minidns-core-1,zxing-javase-3' - eant \ - -Dgentoo.classpath=`java-pkg_getjars --with-dependencies "${libs}"` \ - preppkg-base - - local compile_lib - compile_lib() { - local name="${1}" - shift 1 - - "$(tc-getCC)" "${@}" -Iinclude ${CFLAGS} $(java-pkg_get-jni-cflags) \ - ${LDFLAGS} -shared -fPIC "-Wl,-soname,lib${name}.so" \ - "src/${name}.c" -o "lib${name}.so" - } - - cd "${S}/core/c/jbigi/jbigi" || die "unable to cd to jbigi" - compile_lib jbigi -lgmp || die "unable to build jbigi" - - if use amd64 || use x86; then - cd "${S}/core/c/jcpuid" || die "unable to cd to jcpuid" - compile_lib jcpuid || die "unable to build jcpuid" - fi -} - -src_test() { - # avoid rebuilding - sed -e '//d' -i core/java/build.xml || - die 'avoid building twice' - - # halt on error - find -name build.xml \ - -execdir sed -e 's/> override.properties || die 'set unbundled properties' ) <<- EOF + require.gettext=true + with-libgetopt-java=true + with-libjakarta-taglibs-standard-java=true + with-libjson-simple-java=true + with-libtomcat9-java=true + with-gettext-base=true + # with-geoip-database=true need std geoip use + # with-libjetty9-java=true needs a jetty ebuild + EOF + + # bcprov + rm -r core/java/src/net/i2p/crypto/elgamal || die 'unbundle bcprov' + sed -e 's,net\.i2p\.crypto\.elgamal\.spec,org.bouncycastle.jce.spec,' \ + -i core/java/src/net/i2p/crypto/CryptoConstants.java || + die 'redirect imports of bcprov' + # getopt, gettext + rm -r core/java/src/gnu/{getopt,gettext} || die 'unbundle GNU code' + # httpcomponents-client + rm -r core/java/src/net/i2p/apache || die 'unbundle httpcomponents-client' + sed -e 's,net\.i2p\.apache,org.apache,' \ + -i core/java/src/net/i2p/util/{Addresses,I2PSSLSocketFactory}.java \ + apps/i2pcontrol/java/net/i2p/i2pcontrol/HostCheckHandler.java || + die 'redirect imports of httpcomponents-client' + # zxing + rm -r apps/imagegen/zxing || die 'unbundle zxing' + sed -E '/dir="[^"]*zxing/d' -i apps/imagegen{/imagegen,}/build.xml && + # hashcash + rm core/java/src/com/nettgryppa/security/HashCash.java || + die 'unbundle hashcash' + # jbcrypt, jsonrpc2-* + rm -r apps/i2pcontrol/java/{com,org} || die 'unbundle jbcrypt & jsonrpc2-*' + # jstl* + sed -E '/"apps\/susidns\/src\/lib\/(jstl|standard).jar"/d' -i build.xml || + die 'unbundle jstl*' + java-pkg_jar-from --into apps/susidns/src/lib jstl jstl-impl.jar standard.jar + java-pkg_jar-from --into apps/susidns/src/lib jstl-api jstl-api.jar jstl.jar + # minidns-core, json-simple + rm -r core/java/src/org || die 'unbundle minidns-core & json-simple' + mkdir core/java/build || die 'create built core dependencies' + java-pkg_jar-from --into core/java/build json-simple-2.3 + + # keep only enabled locales + local lang + for lang in ${LANGS[@]} + do + if ! use "l10n_${lang}" + then + find -regextype egrep \ + -regex ".*[_\\./]${lang/-/_}.(html|po|1)" \ + -delete || die "unbundling ${lang} translations" + fi + done + + # fix some locale names + find -name '*_in.*' -exec rename --no-overwrite _in. _id. {} \; && + find -name '*_iw.*' -exec rename --no-overwrite _iw. _he. {} \; || + die 'fix some locale names' +} + +src_configure() { + # build for our JDK + cat >> override.properties <<-EOF || die 'set JDK infos' + ant.build.javac.source=$(java-pkg_get-source) + ant.build.javac.target=$(java-pkg_get-target) + EOF + + # deamon shouldn't start GUI + sed -i 's|\(clientApp.4.startOnLoad\)=true|\1=false|' \ + installer/resources/clients.config || + die 'avoid auto starting browser' + + # yep, that's us + echo 'build.built-by=Gentoo' >> override.properties || + die 'bragging failed' + + # support no-UTF-8 build systems + echo 'file.encoding=UTF-8' >> override.properties || + die 'set files encoding' +} + +src_compile() { + local libs='bcprov,gettext,hashcash-1,httpcomponents-client-4' + libs+=',java-getopt-1,java-service-wrapper,jbcrypt,jsonrpc2-server-1' + libs+=',tomcat-9,minidns-core-1,zxing-javase-3' + eant \ + -Dgentoo.classpath=`java-pkg_getjars --with-dependencies "${libs}"` \ + preppkg-base + + local compile_lib + compile_lib() { + local name="${1}" + shift 1 + + "$(tc-getCC)" "${@}" -Iinclude ${CFLAGS} $(java-pkg_get-jni-cflags) \ + ${LDFLAGS} -shared -fPIC "-Wl,-soname,lib${name}.so" \ + "src/${name}.c" -o "lib${name}.so" + } + + cd "${S}/core/c/jbigi/jbigi" || die "unable to cd to jbigi" + compile_lib jbigi -lgmp || die "unable to build jbigi" + + if use amd64 || use x86; then + cd "${S}/core/c/jcpuid" || die "unable to cd to jcpuid" + compile_lib jcpuid || die "unable to build jcpuid" + fi +} + +src_test() { + # avoid rebuilding + sed -e '//d' -i core/java/build.xml || + die 'avoid building twice' + + # halt on error + find -name build.xml \ + -execdir sed -e 's/ scripts/maint/checkShellScripts.sh || die - - if [[ ${PV} == 9999 ]] ; then - eautoreconf - fi -} - -src_configure() { - use doc && DOCS+=( README.md ChangeLog ReleaseNotes doc/HACKING ) - - export ac_cv_lib_cap_cap_init=$(usex caps) - export tor_cv_PYTHON="${EPYTHON}" - - local myeconfargs=( - --localstatedir="${EPREFIX}/var" - --disable-all-bugs-are-fatal - --enable-system-torrc - --disable-android - --disable-coverage - --disable-html-manual - --disable-libfuzzer - --enable-missing-doc-warnings - --disable-module-dirauth - --enable-pic - --disable-restart-debugging - - # Unless someone asks & has a compelling reason, just always - # build in GPL mode for pow, given we don't want yet another USE - # flag combination to have to test just for the sake of it. - # (PoW requires GPL.) - --enable-gpl - --enable-module-pow - - $(use_enable man asciidoc) - $(use_enable man manpage) - $(use_enable lzma) - $(use_enable scrypt libscrypt) - $(use_enable seccomp) - $(use_enable server module-relay) - $(use_enable systemd) - $(use_enable tor-hardening gcc-hardening) - $(use_enable tor-hardening linker-hardening) - $(use_enable test unittests) - $(use_enable zstd) - ) - - econf "${myeconfargs[@]}" -} - -src_test() { - local skip_tests=( - # Fails in sandbox - :sandbox/open_filename - :sandbox/openat_filename - ) - - if use arm ; then - skip_tests+=( - # bug #920905 - # https://gitlab.torproject.org/tpo/core/tor/-/issues/40912 - :sandbox/opendir_dirname - :sandbox/openat_filename - :sandbox/chmod_filename - :sandbox/chown_filename - :sandbox/rename_filename - ) - fi - - # The makefile runs these by parallel by chunking them with a script - # but that means we lose verbosity and can't skip individual tests easily - # either. - edo ./src/test/test --verbose "${skip_tests[@]}" -} - -src_install() { - default - readme.gentoo_create_doc - - newconfd "${FILESDIR}"/tor.confd tor - newinitd "${FILESDIR}"/tor.initd-r9 tor - systemd_dounit "${FILESDIR}"/tor.service - - keepdir /var/lib/tor - - fperms 750 /var/lib/tor - fowners tor:tor /var/lib/tor - - insinto /etc/tor/ - newins "${FILESDIR}"/torrc-r2 torrc -} diff --git a/net-vpn/tor/tor-0.4.8.13.ebuild b/net-vpn/tor/tor-0.4.8.13.ebuild deleted file mode 100644 index 2cc565cd9bfa..000000000000 --- a/net-vpn/tor/tor-0.4.8.13.ebuild +++ /dev/null @@ -1,195 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -PYTHON_COMPAT=( python3_{10..13} ) -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/torproject.org.asc -inherit edo python-any-r1 readme.gentoo-r1 systemd verify-sig - -MY_PV="$(ver_rs 4 -)" -MY_PF="${PN}-${MY_PV}" -DESCRIPTION="Anonymizing overlay network for TCP" -HOMEPAGE="https://www.torproject.org/ https://gitlab.torproject.org/tpo/core/tor/" - -if [[ ${PV} == 9999 ]] ; then - EGIT_REPO_URI="https://gitlab.torproject.org/tpo/core/tor" - inherit autotools git-r3 -else - SRC_URI=" - https://www.torproject.org/dist/${MY_PF}.tar.gz - https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz - verify-sig? ( - https://dist.torproject.org/${MY_PF}.tar.gz.sha256sum - https://dist.torproject.org/${MY_PF}.tar.gz.sha256sum.asc - ) - " - - S="${WORKDIR}/${MY_PF}" - - if [[ ${PV} != *_alpha* && ${PV} != *_beta* && ${PV} != *_rc* ]]; then - KEYWORDS="amd64 arm arm64 ~hppa ~mips ppc ppc64 ~riscv ~sparc x86 ~ppc-macos" - fi - - BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-tor-20230727 )" -fi - -# BSD in general, but for PoW, needs --enable-gpl (GPL-3 per --version) -# We also already had GPL-2 listed here for the init script, but obviously -# that's different from the actual binary. -LICENSE="BSD GPL-2 GPL-3" -SLOT="0" -IUSE="caps doc lzma +man scrypt seccomp selinux +server systemd tor-hardening test zstd" -RESTRICT="!test? ( test )" - -DEPEND=" - acct-user/tor - acct-group/tor - >=dev-libs/libevent-2.1.12-r1:=[ssl] - dev-libs/openssl:=[-bindist(-)] - sys-libs/zlib - caps? ( sys-libs/libcap ) - man? ( app-text/asciidoc ) - lzma? ( app-arch/xz-utils ) - scrypt? ( app-crypt/libscrypt ) - seccomp? ( >=sys-libs/libseccomp-2.4.1 ) - systemd? ( sys-apps/systemd:= ) - zstd? ( app-arch/zstd:= ) -" -RDEPEND=" - ${DEPEND} - selinux? ( sec-policy/selinux-tor ) -" -DEPEND+=" - test? ( - ${DEPEND} - ${PYTHON_DEPS} - ) -" - -DOCS=() - -PATCHES=( - "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch -) - -QA_CONFIG_IMPL_DECL_SKIP=( - # test correctly fails because -lnacl fails if not available - # https://bugs.gentoo.org/900092 - crypto_scalarmult_curve25519 -) - -pkg_setup() { - use test && python-any-r1_pkg_setup -} - -src_unpack() { - if [[ ${PV} == 9999 ]] ; then - git-r3_src_unpack - else - if use verify-sig; then - cd "${DISTDIR}" || die - verify-sig_verify_detached ${MY_PF}.tar.gz.sha256sum{,.asc} - verify-sig_verify_unsigned_checksums \ - ${MY_PF}.tar.gz.sha256sum sha256 ${MY_PF}.tar.gz - cd "${WORKDIR}" || die - fi - - default - fi -} - -src_prepare() { - default - - # Running shellcheck automagically isn't useful for ebuild testing. - echo "exit 0" > scripts/maint/checkShellScripts.sh || die - - if [[ ${PV} == 9999 ]] ; then - eautoreconf - fi -} - -src_configure() { - use doc && DOCS+=( README.md ChangeLog ReleaseNotes doc/HACKING ) - - export ac_cv_lib_cap_cap_init=$(usex caps) - export tor_cv_PYTHON="${EPYTHON}" - - local myeconfargs=( - --localstatedir="${EPREFIX}/var" - --disable-all-bugs-are-fatal - --enable-system-torrc - --disable-android - --disable-coverage - --disable-html-manual - --disable-libfuzzer - --enable-missing-doc-warnings - --disable-module-dirauth - --enable-pic - --disable-restart-debugging - - # Unless someone asks & has a compelling reason, just always - # build in GPL mode for pow, given we don't want yet another USE - # flag combination to have to test just for the sake of it. - # (PoW requires GPL.) - --enable-gpl - --enable-module-pow - - $(use_enable man asciidoc) - $(use_enable man manpage) - $(use_enable lzma) - $(use_enable scrypt libscrypt) - $(use_enable seccomp) - $(use_enable server module-relay) - $(use_enable systemd) - $(use_enable tor-hardening gcc-hardening) - $(use_enable tor-hardening linker-hardening) - $(use_enable test unittests) - $(use_enable zstd) - ) - - econf "${myeconfargs[@]}" -} - -src_test() { - local skip_tests=( - # Fails in sandbox - :sandbox/open_filename - :sandbox/openat_filename - ) - - if use arm ; then - skip_tests+=( - # bug #920905 - # https://gitlab.torproject.org/tpo/core/tor/-/issues/40912 - :sandbox/opendir_dirname - :sandbox/openat_filename - :sandbox/chmod_filename - :sandbox/chown_filename - :sandbox/rename_filename - ) - fi - - # The makefile runs these by parallel by chunking them with a script - # but that means we lose verbosity and can't skip individual tests easily - # either. - edo ./src/test/test --verbose "${skip_tests[@]}" -} - -src_install() { - default - readme.gentoo_create_doc - - newconfd "${FILESDIR}"/tor.confd tor - newinitd "${FILESDIR}"/tor.initd-r9 tor - systemd_dounit "${FILESDIR}"/tor.service - - keepdir /var/lib/tor - - fperms 750 /var/lib/tor - fowners tor:tor /var/lib/tor - - insinto /etc/tor/ - newins "${FILESDIR}"/torrc-r2 torrc -} diff --git a/net-vpn/tor/tor-0.4.8.15.ebuild b/net-vpn/tor/tor-0.4.8.15.ebuild deleted file mode 100644 index cd30d48f8f7e..000000000000 --- a/net-vpn/tor/tor-0.4.8.15.ebuild +++ /dev/null @@ -1,199 +0,0 @@ -# Copyright 1999-2025 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -PYTHON_COMPAT=( python3_{10..13} ) -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/torproject.org.asc -inherit edo python-any-r1 readme.gentoo-r1 systemd verify-sig - -MY_PV="$(ver_rs 4 -)" -MY_PF="${PN}-${MY_PV}" -DESCRIPTION="Anonymizing overlay network for TCP" -HOMEPAGE="https://www.torproject.org/ https://gitlab.torproject.org/tpo/core/tor/" - -if [[ ${PV} == 9999 ]] ; then - EGIT_REPO_URI="https://gitlab.torproject.org/tpo/core/tor" - inherit autotools git-r3 -else - SRC_URI=" - https://www.torproject.org/dist/${MY_PF}.tar.gz - https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz - verify-sig? ( - https://dist.torproject.org/${MY_PF}.tar.gz.sha256sum - https://dist.torproject.org/${MY_PF}.tar.gz.sha256sum.asc - ) - " - - S="${WORKDIR}/${MY_PF}" - - if [[ ${PV} != *_alpha* && ${PV} != *_beta* && ${PV} != *_rc* ]]; then - KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86 ~ppc-macos" - fi - - BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-tor-20230727 )" -fi - -# BSD in general, but for PoW, needs --enable-gpl (GPL-3 per --version) -# We also already had GPL-2 listed here for the init script, but obviously -# that's different from the actual binary. -LICENSE="BSD GPL-2 GPL-3" -SLOT="0" -IUSE="caps doc lzma +man scrypt seccomp selinux +server systemd tor-hardening test zstd" -RESTRICT="!test? ( test )" - -RDEPEND=" - >=dev-libs/libevent-2.1.12-r1:=[ssl] - dev-libs/openssl:=[-bindist(-)] - sys-libs/zlib - caps? ( sys-libs/libcap ) - man? ( app-text/asciidoc ) - lzma? ( app-arch/xz-utils ) - scrypt? ( app-crypt/libscrypt ) - seccomp? ( >=sys-libs/libseccomp-2.4.1 ) - systemd? ( sys-apps/systemd:= ) - zstd? ( app-arch/zstd:= ) -" -DEPEND=" - ${RDEPEND} - test? ( - ${DEPEND} - ${PYTHON_DEPS} - ) -" -RDEPEND+=" - acct-user/tor - acct-group/tor - selinux? ( sec-policy/selinux-tor ) -" -BDEPEND+=" - acct-user/tor - acct-group/tor -" - -DOCS=() - -PATCHES=( - "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch -) - -QA_CONFIG_IMPL_DECL_SKIP=( - # test correctly fails because -lnacl fails if not available - # https://bugs.gentoo.org/900092 - crypto_scalarmult_curve25519 -) - -pkg_setup() { - use test && python-any-r1_pkg_setup -} - -src_unpack() { - if [[ ${PV} == 9999 ]] ; then - git-r3_src_unpack - else - if use verify-sig; then - cd "${DISTDIR}" || die - verify-sig_verify_detached ${MY_PF}.tar.gz.sha256sum{,.asc} - verify-sig_verify_unsigned_checksums \ - ${MY_PF}.tar.gz.sha256sum sha256 ${MY_PF}.tar.gz - cd "${WORKDIR}" || die - fi - - default - fi -} - -src_prepare() { - default - - # Running shellcheck automagically isn't useful for ebuild testing. - echo "exit 0" > scripts/maint/checkShellScripts.sh || die - - if [[ ${PV} == 9999 ]] ; then - eautoreconf - fi -} - -src_configure() { - use doc && DOCS+=( README.md ChangeLog ReleaseNotes doc/HACKING ) - - export ac_cv_lib_cap_cap_init=$(usex caps) - export tor_cv_PYTHON="${EPYTHON}" - - local myeconfargs=( - --localstatedir="${EPREFIX}/var" - --disable-all-bugs-are-fatal - --enable-system-torrc - --disable-android - --disable-coverage - --disable-html-manual - --disable-libfuzzer - --enable-missing-doc-warnings - --disable-module-dirauth - --enable-pic - --disable-restart-debugging - - # Unless someone asks & has a compelling reason, just always - # build in GPL mode for pow, given we don't want yet another USE - # flag combination to have to test just for the sake of it. - # (PoW requires GPL.) - --enable-gpl - --enable-module-pow - - $(use_enable man asciidoc) - $(use_enable man manpage) - $(use_enable lzma) - $(use_enable scrypt libscrypt) - $(use_enable seccomp) - $(use_enable server module-relay) - $(use_enable systemd) - $(use_enable tor-hardening gcc-hardening) - $(use_enable tor-hardening linker-hardening) - $(use_enable test unittests) - $(use_enable zstd) - ) - - econf "${myeconfargs[@]}" -} - -src_test() { - local skip_tests=( - # Fails in sandbox - :sandbox/open_filename - :sandbox/openat_filename - ) - - if use arm ; then - skip_tests+=( - # bug #920905 - # https://gitlab.torproject.org/tpo/core/tor/-/issues/40912 - :sandbox/opendir_dirname - :sandbox/openat_filename - :sandbox/chmod_filename - :sandbox/chown_filename - :sandbox/rename_filename - ) - fi - - # The makefile runs these by parallel by chunking them with a script - # but that means we lose verbosity and can't skip individual tests easily - # either. - edo ./src/test/test --verbose "${skip_tests[@]}" -} - -src_install() { - default - readme.gentoo_create_doc - - newconfd "${FILESDIR}"/tor.confd tor - newinitd "${FILESDIR}"/tor.initd-r9 tor - systemd_dounit "${FILESDIR}"/tor.service - - keepdir /var/lib/tor - - fperms 750 /var/lib/tor - fowners tor:tor /var/lib/tor - - insinto /etc/tor/ - newins "${FILESDIR}"/torrc-r2 torrc -} diff --git a/net-vpn/tor/tor-0.4.8.16.ebuild b/net-vpn/tor/tor-0.4.8.16.ebuild new file mode 100644 index 000000000000..cd30d48f8f7e --- /dev/null +++ b/net-vpn/tor/tor-0.4.8.16.ebuild @@ -0,0 +1,199 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..13} ) +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/torproject.org.asc +inherit edo python-any-r1 readme.gentoo-r1 systemd verify-sig + +MY_PV="$(ver_rs 4 -)" +MY_PF="${PN}-${MY_PV}" +DESCRIPTION="Anonymizing overlay network for TCP" +HOMEPAGE="https://www.torproject.org/ https://gitlab.torproject.org/tpo/core/tor/" + +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://gitlab.torproject.org/tpo/core/tor" + inherit autotools git-r3 +else + SRC_URI=" + https://www.torproject.org/dist/${MY_PF}.tar.gz + https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz + verify-sig? ( + https://dist.torproject.org/${MY_PF}.tar.gz.sha256sum + https://dist.torproject.org/${MY_PF}.tar.gz.sha256sum.asc + ) + " + + S="${WORKDIR}/${MY_PF}" + + if [[ ${PV} != *_alpha* && ${PV} != *_beta* && ${PV} != *_rc* ]]; then + KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86 ~ppc-macos" + fi + + BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-tor-20230727 )" +fi + +# BSD in general, but for PoW, needs --enable-gpl (GPL-3 per --version) +# We also already had GPL-2 listed here for the init script, but obviously +# that's different from the actual binary. +LICENSE="BSD GPL-2 GPL-3" +SLOT="0" +IUSE="caps doc lzma +man scrypt seccomp selinux +server systemd tor-hardening test zstd" +RESTRICT="!test? ( test )" + +RDEPEND=" + >=dev-libs/libevent-2.1.12-r1:=[ssl] + dev-libs/openssl:=[-bindist(-)] + sys-libs/zlib + caps? ( sys-libs/libcap ) + man? ( app-text/asciidoc ) + lzma? ( app-arch/xz-utils ) + scrypt? ( app-crypt/libscrypt ) + seccomp? ( >=sys-libs/libseccomp-2.4.1 ) + systemd? ( sys-apps/systemd:= ) + zstd? ( app-arch/zstd:= ) +" +DEPEND=" + ${RDEPEND} + test? ( + ${DEPEND} + ${PYTHON_DEPS} + ) +" +RDEPEND+=" + acct-user/tor + acct-group/tor + selinux? ( sec-policy/selinux-tor ) +" +BDEPEND+=" + acct-user/tor + acct-group/tor +" + +DOCS=() + +PATCHES=( + "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch +) + +QA_CONFIG_IMPL_DECL_SKIP=( + # test correctly fails because -lnacl fails if not available + # https://bugs.gentoo.org/900092 + crypto_scalarmult_curve25519 +) + +pkg_setup() { + use test && python-any-r1_pkg_setup +} + +src_unpack() { + if [[ ${PV} == 9999 ]] ; then + git-r3_src_unpack + else + if use verify-sig; then + cd "${DISTDIR}" || die + verify-sig_verify_detached ${MY_PF}.tar.gz.sha256sum{,.asc} + verify-sig_verify_unsigned_checksums \ + ${MY_PF}.tar.gz.sha256sum sha256 ${MY_PF}.tar.gz + cd "${WORKDIR}" || die + fi + + default + fi +} + +src_prepare() { + default + + # Running shellcheck automagically isn't useful for ebuild testing. + echo "exit 0" > scripts/maint/checkShellScripts.sh || die + + if [[ ${PV} == 9999 ]] ; then + eautoreconf + fi +} + +src_configure() { + use doc && DOCS+=( README.md ChangeLog ReleaseNotes doc/HACKING ) + + export ac_cv_lib_cap_cap_init=$(usex caps) + export tor_cv_PYTHON="${EPYTHON}" + + local myeconfargs=( + --localstatedir="${EPREFIX}/var" + --disable-all-bugs-are-fatal + --enable-system-torrc + --disable-android + --disable-coverage + --disable-html-manual + --disable-libfuzzer + --enable-missing-doc-warnings + --disable-module-dirauth + --enable-pic + --disable-restart-debugging + + # Unless someone asks & has a compelling reason, just always + # build in GPL mode for pow, given we don't want yet another USE + # flag combination to have to test just for the sake of it. + # (PoW requires GPL.) + --enable-gpl + --enable-module-pow + + $(use_enable man asciidoc) + $(use_enable man manpage) + $(use_enable lzma) + $(use_enable scrypt libscrypt) + $(use_enable seccomp) + $(use_enable server module-relay) + $(use_enable systemd) + $(use_enable tor-hardening gcc-hardening) + $(use_enable tor-hardening linker-hardening) + $(use_enable test unittests) + $(use_enable zstd) + ) + + econf "${myeconfargs[@]}" +} + +src_test() { + local skip_tests=( + # Fails in sandbox + :sandbox/open_filename + :sandbox/openat_filename + ) + + if use arm ; then + skip_tests+=( + # bug #920905 + # https://gitlab.torproject.org/tpo/core/tor/-/issues/40912 + :sandbox/opendir_dirname + :sandbox/openat_filename + :sandbox/chmod_filename + :sandbox/chown_filename + :sandbox/rename_filename + ) + fi + + # The makefile runs these by parallel by chunking them with a script + # but that means we lose verbosity and can't skip individual tests easily + # either. + edo ./src/test/test --verbose "${skip_tests[@]}" +} + +src_install() { + default + readme.gentoo_create_doc + + newconfd "${FILESDIR}"/tor.confd tor + newinitd "${FILESDIR}"/tor.initd-r9 tor + systemd_dounit "${FILESDIR}"/tor.service + + keepdir /var/lib/tor + + fperms 750 /var/lib/tor + fowners tor:tor /var/lib/tor + + insinto /etc/tor/ + newins "${FILESDIR}"/torrc-r2 torrc +} -- cgit v1.2.3