diff options
| author |   Mike Gilbert <floppym@gentoo.org> | 2014-01-05 00:44:56 +0000 |
|---|---|---|
| committer | Mike Gilbert <floppym@gentoo.org> | 2014-01-05 00:44:56 +0000 |
| commit | 16cbea664ef3bafd4662962687478a871e02a745 (patch) | |
| tree | 4abb8d58ddfea34b2c85dc0f6a37fdde8e7dfcd8 /net-misc/libreswan | |
| parent | Version bump (diff) | |
| download | gentoo-2-16cbea664ef3bafd4662962687478a871e02a745.tar.gz gentoo-2-16cbea664ef3bafd4662962687478a871e02a745.tar.bz2 gentoo-2-16cbea664ef3bafd4662962687478a871e02a745.zip | |
Fork of openswan, bug 471092. Thanks to Geaaru and Chistopher Camisa.
(Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key 0BBEEA1FEA4843A4)
Diffstat (limited to 'net-misc/libreswan')
| -rw-r--r-- | net-misc/libreswan/ChangeLog | 11 | ||||
| -rw-r--r-- | net-misc/libreswan/Manifest | 7 | ||||
| -rwxr-xr-x | net-misc/libreswan/files/ipsec.service | 19 | ||||
| -rw-r--r-- | net-misc/libreswan/files/libreswan-3.7-curl.patch | 30 | ||||
| -rw-r--r-- | net-misc/libreswan/files/libreswan-3.7-openrc.patch | 24 | ||||
| -rw-r--r-- | net-misc/libreswan/libreswan-3.7.ebuild | 99 | ||||
| -rw-r--r-- | net-misc/libreswan/libreswan-9999.ebuild | 97 | ||||
| -rw-r--r-- | net-misc/libreswan/metadata.xml | 11 |
8 files changed, 298 insertions, 0 deletions
diff --git a/net-misc/libreswan/ChangeLog b/net-misc/libreswan/ChangeLog new file mode 100644 index 000000000000..49fdfcd58c96 --- /dev/null +++ b/net-misc/libreswan/ChangeLog @@ -0,0 +1,11 @@ +# ChangeLog for net-misc/libreswan +# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/libreswan/ChangeLog,v 1.1 2014/01/05 00:44:55 floppym Exp $ + +*libreswan-9999 (05 Jan 2014) +*libreswan-3.7 (05 Jan 2014) + + 05 Jan 2014; Mike Gilbert <floppym@gentoo.org> +files/ipsec.service, + +files/libreswan-3.7-curl.patch, +files/libreswan-3.7-openrc.patch, + +libreswan-3.7.ebuild, +libreswan-9999.ebuild, +metadata.xml: + Fork of openswan, bug 471092. Thanks to Geaaru and Chistopher Camisa. diff --git a/net-misc/libreswan/Manifest b/net-misc/libreswan/Manifest new file mode 100644 index 000000000000..31d2d25766eb --- /dev/null +++ b/net-misc/libreswan/Manifest @@ -0,0 +1,7 @@ +AUX ipsec.service 586 SHA256 f955e55f12bc3981e1339d98598c900eeb41645c5be188bb85e637c8136937e6 SHA512 4056dc181f8870729e5db35b8db0f1b06ae24e33a4a915348113af85b446b8e20a876d0efcf28ce6690726c473510ce096ff11035f2b4cdb13adb721e2de5837 WHIRLPOOL 08adfad1c6d4ed3e02f53a2221be50ddb414553f61945bf5b4ea85b126321f560a12ece70c461ba7fa663a13cf5c0c4f4eb8ecfb1c99cd6b3b268c05a88aacda +AUX libreswan-3.7-curl.patch 1203 SHA256 7b9cabe9672f6947e5711eb28b7424d129bc66b50e4605ecdffa21975a73cfb0 SHA512 ffff827023f1c8d630f0061791e82deb1a225ce8401729da645f0d6d15f1da0fa111367443657c0634149a01112be38bca2a061783ce5571be92ba3ade46b110 WHIRLPOOL 85b2be91c43585b55bcd70d4e47ae4d27cb5be6fc552a39e6d5f9eb26260b1139bc992cf001b51f6cdfe3ad3da73b2866468885385fd280a1b0742a3dde11081 +AUX libreswan-3.7-openrc.patch 715 SHA256 e7d27044abee79f1ebbade2b44826abcab323036cdaa79d0109708cb25266eef SHA512 d5c2c3c7a30a15c8d1cc274ac382763f2baa11ec852c4b8b5f659809c0483d91cfe641a201d6224dd643a0329ad772658139a5e5ace6c3744f26d55e74485207 WHIRLPOOL f096f6d2d70696de779c6be62112abf31ed9f9e1ae5325a620ef5ece980e191c7fb144a042b0aebf088ba0733b32f51feee73eeb066da28c570b4754ad48d6af +DIST libreswan-3.7.tar.gz 11135078 SHA256 7d62d11d30d3b7a4c011dfff4385e0eb778d99ccb2cdf2e8c35b37b34bd156c9 SHA512 b612d956ac4fe1dc102898e5a0a500a0a855654cd30363cae41d4ef4bcb9091c8f058a962ceab1c00348e301b17258f31b6814120c4578d6a119abede30ecff3 WHIRLPOOL 171014eef323a2d49019452f1bb429f76ca091f736e567aea906a3e811fc9c3b67794ec6c42ee6513b4087bb94c44776051b7e975224ddbae1bedfe26bf64c6f +EBUILD libreswan-3.7.ebuild 2162 SHA256 5c23785ea1fa28c43480cc00d80fbcb478f3b0018dbde95d82d0ec33fa569d2b SHA512 6c361cd830c1f6e69125b9c38c715324de08f287147ef000b4d68117dce42f651927c7a6e7378a474d2e6a3b58c90341a35dcbe37c306698685b9ad8af557349 WHIRLPOOL 82aae8b33d86fa303e5f83b35b00b33ad29c29dd5e58a6f7bd605fc4016d7dc52930b7027d5682405466b25d54a212c1e4d2817555aa86516cf0cc0de124d54b +EBUILD libreswan-9999.ebuild 2066 SHA256 e5b089d22ec73dcbdfc4412b77c7420a3126f14c1ac9ab3ddf6997384377cfd1 SHA512 857767a6e9db84271b00ea0f98e441bf0e384e545e8a88881d0b9fb754d16ae9e362cd7fb1261ca9d4081d5a1fed2cd677bc83e8a5c215c45ede7e6e2ded38d7 WHIRLPOOL 95d588f801731149f18c1e8bc3414d270d9b2e1eb86c3268b96e36ac14c0d901f1e192c028b413501c38782b696a8207c30f444d9344c87d46214adc9c117c8b +MISC metadata.xml 333 SHA256 67feaa165896cbd8fc1b66e6125fc3d1c6e2d4762d64947c29eb2ed6b6c776bf SHA512 0ae4eb151a586776a6c8f2bcc6f1d91fd73c32836bb15f57114fe72826a4773b297927ca7827d0b9f8972ee7ee43b1eebf587fdb3a138589cbd8a5ccb4b8b0c4 WHIRLPOOL 42a1123953ce36714fd67b269041657c620400a0f397d0dbec1150428f9d78b1a61cc4d70a2cada1104df6a30b577759361265b14d452f510e822763a808291c diff --git a/net-misc/libreswan/files/ipsec.service b/net-misc/libreswan/files/ipsec.service new file mode 100755 index 000000000000..36e2f97d822c --- /dev/null +++ b/net-misc/libreswan/files/ipsec.service @@ -0,0 +1,19 @@ +[Unit] +Description=Internet Key Exchange (IKE) Protocol Daemon for IPsec +After=syslog.target +After=network.target + +[Service] +Type=simple +ExecStartPre=/usr/libexec/ipsec/addconn --config /etc/ipsec.conf --checkconfig +ExecStartPre=/usr/libexec/ipsec/_stackmanager start +ExecStart=/usr/libexec/ipsec/pluto --config /etc/ipsec.conf --nofork +ExecStop=/usr/libexec/ipsec/whack --shutdown +ExecStopPost=/bin/ip xfrm policy flush +ExecStopPost=/bin/ip xfrm state flush +ExecReload=/usr/libexec/ipsec/whack --listen + +[Install] +WantedBy=multi-user.target +Alias=libreswan.service +Alias=pluto.service diff --git a/net-misc/libreswan/files/libreswan-3.7-curl.patch b/net-misc/libreswan/files/libreswan-3.7-curl.patch new file mode 100644 index 000000000000..cc808abb0ae8 --- /dev/null +++ b/net-misc/libreswan/files/libreswan-3.7-curl.patch @@ -0,0 +1,30 @@ +diff --git a/include/secrets.h b/include/secrets.h +index c5ac092..92c1679 100644 +--- a/include/secrets.h ++++ b/include/secrets.h +@@ -173,10 +173,8 @@ extern struct secret *lsw_find_secret_by_id(struct secret *secrets, + const struct id *his_id, + bool asym); + +-#if defined(LIBCURL) || defined(LDAP_VER) + extern void lock_certs_and_keys(const char *who); + extern void unlock_certs_and_keys(const char *who); +-#endif + + #include "x509.h" + extern const struct RSA_private_key*lsw_get_x509_private_key( +diff --git a/include/x509.h b/include/x509.h +index f85e5b9..a796f89 100644 +--- a/include/x509.h ++++ b/include/x509.h +@@ -230,8 +230,9 @@ extern void unlock_authcert_list(const char *who); /* in secrets.c */ + #else + /* WARNING empty x509 locking functions defined bypassing real locking */ + /* not fixing this hack, see issues #1390, #1391, #1392 */ ++#define check_crls(who) /* nothing */ ++#define lock_crl_list(who) /* nothing */ + #define unlock_crl_list(who) /* nothing */ +-#define lock_cacert_list(who) /* nothing */ + #define lock_authcert_list(who) /* nothing */ + #define unlock_authcert_list(who) /* nothing */ + #endif diff --git a/net-misc/libreswan/files/libreswan-3.7-openrc.patch b/net-misc/libreswan/files/libreswan-3.7-openrc.patch new file mode 100644 index 000000000000..6bbbda53e61f --- /dev/null +++ b/net-misc/libreswan/files/libreswan-3.7-openrc.patch @@ -0,0 +1,24 @@ +From 2ad34532b42cfb791ed25cbf2fb9f6c964a12fcb Mon Sep 17 00:00:00 2001 +From: Mike Gilbert <floppym@gentoo.org> +Date: Sat, 4 Jan 2014 14:44:51 -0500 +Subject: [PATCH] packaging: Fix srcdir in openrc Makfile + +Signed-off-by: Paul Wouters <pwouters@redhat.com> +--- + initsystems/openrc/Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/initsystems/openrc/Makefile b/initsystems/openrc/Makefile +index 837ad61..eb5515e 100644 +--- a/initsystems/openrc/Makefile ++++ b/initsystems/openrc/Makefile +@@ -1,5 +1,5 @@ + LIBRESWANSRCDIR?=$(shell cd ../..; pwd) +-srcdir?=${LIBRESWANSRCDIR}/initsystems/sysvinit/ ++srcdir?=${LIBRESWANSRCDIR}/initsystems/openrc/ + + INITDFILE=ipsec.init + SUBDIRS= +-- +1.8.5.2 + diff --git a/net-misc/libreswan/libreswan-3.7.ebuild b/net-misc/libreswan/libreswan-3.7.ebuild new file mode 100644 index 000000000000..e82d766d75cd --- /dev/null +++ b/net-misc/libreswan/libreswan-3.7.ebuild @@ -0,0 +1,99 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/libreswan/libreswan-3.7.ebuild,v 1.1 2014/01/05 00:44:55 floppym Exp $ + +EAPI=5 + +inherit eutils systemd toolchain-funcs + +if [[ ${PV} != 9999 ]]; then + SRC_URI="https://download.libreswan.org/${P}.tar.gz" + KEYWORDS="~amd64" +else + inherit git-r3 + EGIT_REPO_URI="https://github.com/libreswan/libreswan.git" +fi + +DESCRIPTION="IPsec implementation for Linux, fork of Openswan" +HOMEPAGE="https://libreswan.org/" + +LICENSE="GPL-2 BSD-4 RSA DES" +SLOT="0" +IUSE="caps curl dnssec ldap pam" + +COMMON_DEPEND=" + dev-libs/gmp + dev-libs/nspr + dev-libs/nss + caps? ( sys-libs/libcap-ng ) + curl? ( net-misc/curl ) + dnssec? ( net-dns/unbound net-libs/ldns ) + ldap? ( net-nds/openldap ) + pam? ( sys-libs/pam ) +" +DEPEND="${COMMON_DEPEND} + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + sys-devel/bison + sys-devel/flex + virtual/pkgconfig +" +RDEPEND="${COMMON_DEPEND} + sys-apps/iproute2 + !net-misc/openswan + !net-misc/strongswan +" + +src_prepare() { + epatch "${FILESDIR}/libreswan-3.7-curl.patch" + epatch "${FILESDIR}/libreswan-3.7-openrc.patch" + epatch_user +} + +usetf() { + usex "$1" true false +} + +src_configure() { + tc-export AR CC + export INC_USRLOCAL=/usr + export INC_MANDIR=share/man + export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} + export FINALDOCDIR=/usr/share/doc/${PF}/html + export INITSYSTEM=openrc + export INC_RCDIRS= + export INC_RCDEFAULT=/etc/init.d + export USERCOMPILE= + export USERLINK= + export USE_DNSSEC=$(usetf dnssec) + export USE_LIBCAP_NG=$(usetf caps) + export USE_LIBCURL=$(usetf curl) + export USE_LDAP=$(usetf ldap) + export USE_XAUTHPAM=$(usetf pam) +} + +src_compile() { + emake programs +} + +src_install() { + emake DESTDIR="${D}" install + sed -i -e '1s:python$:python2:' "${D}"/usr/libexec/ipsec/verify || die + + echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets + fperms 0600 /etc/ipsec.secrets + + systemd_dounit "${FILESDIR}/ipsec.service" + + dodoc BUGS CHANGES README + dodoc -r docs +} + +pkg_postinst() { + local IPSEC_CONFDIR=${ROOT%/}/etc/ipsec.d + if [[ ! -f ${IPSEC_CONFDIR}/cert8.db ]]; then + ebegin "Setting up NSS database in ${IPSEC_CONFDIR}" + certutil -N -d "${IPSEC_CONFDIR}" -f <(echo) + eend $? + fi +} diff --git a/net-misc/libreswan/libreswan-9999.ebuild b/net-misc/libreswan/libreswan-9999.ebuild new file mode 100644 index 000000000000..6463fb9e844d --- /dev/null +++ b/net-misc/libreswan/libreswan-9999.ebuild @@ -0,0 +1,97 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/libreswan/libreswan-9999.ebuild,v 1.1 2014/01/05 00:44:55 floppym Exp $ + +EAPI=5 + +inherit eutils systemd toolchain-funcs + +if [[ ${PV} != 9999 ]]; then + SRC_URI="https://download.libreswan.org/${P}.tar.gz" + KEYWORDS="~amd64" +else + inherit git-r3 + EGIT_REPO_URI="https://github.com/libreswan/libreswan.git" +fi + +DESCRIPTION="IPsec implementation for Linux, fork of Openswan" +HOMEPAGE="https://libreswan.org/" + +LICENSE="GPL-2 BSD-4 RSA DES" +SLOT="0" +IUSE="caps curl dnssec ldap pam" + +COMMON_DEPEND=" + dev-libs/gmp + dev-libs/nspr + dev-libs/nss + caps? ( sys-libs/libcap-ng ) + curl? ( net-misc/curl ) + dnssec? ( net-dns/unbound net-libs/ldns ) + ldap? ( net-nds/openldap ) + pam? ( sys-libs/pam ) +" +DEPEND="${COMMON_DEPEND} + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + sys-devel/bison + sys-devel/flex + virtual/pkgconfig +" +RDEPEND="${COMMON_DEPEND} + sys-apps/iproute2 + !net-misc/openswan + !net-misc/strongswan +" + +src_prepare() { + epatch_user +} + +usetf() { + usex "$1" true false +} + +src_configure() { + tc-export AR CC + export INC_USRLOCAL=/usr + export INC_MANDIR=share/man + export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} + export FINALDOCDIR=/usr/share/doc/${PF}/html + export INITSYSTEM=openrc + export INC_RCDIRS= + export INC_RCDEFAULT=/etc/init.d + export USERCOMPILE= + export USERLINK= + export USE_DNSSEC=$(usetf dnssec) + export USE_LIBCAP_NG=$(usetf caps) + export USE_LIBCURL=$(usetf curl) + export USE_LDAP=$(usetf ldap) + export USE_XAUTHPAM=$(usetf pam) +} + +src_compile() { + emake programs +} + +src_install() { + emake DESTDIR="${D}" install + sed -i -e '1s:python$:python2:' "${D}"/usr/libexec/ipsec/verify || die + + echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets + fperms 0600 /etc/ipsec.secrets + + systemd_dounit "${FILESDIR}/ipsec.service" + + dodoc BUGS CHANGES README + dodoc -r docs +} + +pkg_postinst() { + local IPSEC_CONFDIR=${ROOT%/}/etc/ipsec.d + if [[ ! -f ${IPSEC_CONFDIR}/cert8.db ]]; then + ebegin "Setting up NSS database in ${IPSEC_CONFDIR}" + certutil -N -d "${IPSEC_CONFDIR}" -f <(echo) + eend $? + fi +} diff --git a/net-misc/libreswan/metadata.xml b/net-misc/libreswan/metadata.xml new file mode 100644 index 000000000000..006bc2396c11 --- /dev/null +++ b/net-misc/libreswan/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>floppym@gentoo.org</email> + <name>Mike Gilbert</name> + </maintainer> + <use> + <flag name="dnssec">Use DNSSEC resolver (requires <pkg>net-dns/unbound</pkg></flag> + </use> +</pkgmetadata> |