summaryrefslogtreecommitdiff
path: root/net-firewall
diff options
context:
space:
mode:
Diffstat (limited to 'net-firewall')
-rw-r--r--net-firewall/Manifest.gzbin4539 -> 4377 bytes
-rw-r--r--net-firewall/nufw/Manifest9
-rw-r--r--net-firewall/nufw/files/nuauth-conf.d2
-rw-r--r--net-firewall/nufw/files/nuauth-init.d27
-rw-r--r--net-firewall/nufw/files/nufw-2.2.22-gnutls-3.4.patch103
-rw-r--r--net-firewall/nufw/files/nufw-2.2.22-var-run.patch45
-rw-r--r--net-firewall/nufw/files/nufw-conf.d2
-rw-r--r--net-firewall/nufw/files/nufw-init.d17
-rw-r--r--net-firewall/nufw/metadata.xml14
-rw-r--r--net-firewall/nufw/nufw-2.2.22-r4.ebuild105
10 files changed, 0 insertions, 324 deletions
diff --git a/net-firewall/Manifest.gz b/net-firewall/Manifest.gz
index 2b490974471d..63ec3636e8c8 100644
--- a/net-firewall/Manifest.gz
+++ b/net-firewall/Manifest.gz
Binary files differ
diff --git a/net-firewall/nufw/Manifest b/net-firewall/nufw/Manifest
deleted file mode 100644
index c69a72b57ce9..000000000000
--- a/net-firewall/nufw/Manifest
+++ /dev/null
@@ -1,9 +0,0 @@
-AUX nuauth-conf.d 62 BLAKE2B 3bf1058c4bf8b0a1afc6d5a706e93c112730287d35ec217f97f8c47ddf5f970e60327ba2cb278e3c0d8d9239736eba1b73d598656cb999fc46c154f35f1e07fa SHA512 2304d60917eab68c8268205d006dddbacfc68c876ee6a36d90f5f21eceb6f5ba6b9bc82a3173b55dde825df44dee766e300848936f0629e650730f16112f2558
-AUX nuauth-init.d 545 BLAKE2B 6b0bfc01ef8046a03ea60947f2ffe53312404a77f5a2aa0875504586efc79be8a6342a3a4b144ddf7ea77a4495f9c83f71978960636803bcbb97b0fc829ddf5a SHA512 f46646466cd33f09c27d4621d249b21b50362c802db059ffe57b80c4f97a3c50aa5d6a89fc2866caf57f2d9a4d4a6726ccf37be84185488f2e165aded29350a8
-AUX nufw-2.2.22-gnutls-3.4.patch 3240 BLAKE2B 7172f60a506948ed22d973be886cfadedbacedb1386e83d5f4413e15fed439731b86caad40c8f26b390d3d09a875c49a95762d6cbd7c51d17d9e5bbfb245f816 SHA512 b0d426c2e42f49565c5520c63ea5501103ca131d339a356f0dee3eac065bd069b6e5366dee617f26e5d88ed38d60e91bdcb661da080ba5a70b5a4e8aadfe402b
-AUX nufw-2.2.22-var-run.patch 1438 BLAKE2B 259d96d3a7386ac30f4ca7a88ecb0a4714b0450e6a10b9442769a2f086a825f0759da8793578e64c2e0abc1a6ba0b1ac7683f10522e0c833b3765876c19c765e SHA512 f299a373e67f910fd816037fb916d1c116a98b6a8d1487e0e9e4c35713839d7f6f7189b31390a9616bb0cf77bcc2abb9077d9dc60c8b83571aa07291981c3383
-AUX nufw-conf.d 122 BLAKE2B 3263b28a9a783f35920a30cb022fe86b8a0fdc05b45c5a191e53c0b201ca38da9fe9eeda82866cf69dc760e0ff2fcd0264ee17f53f03a6077b63d9fcbd2dd1f0 SHA512 df48fc1843bf07e7ccfacd647caafc43752fdfa76da09a89d9ec0d76b79746c60c70f68c004c7e37899f195ae63adefc7d1c1b2c7b41da27911eb4cdc54212fb
-AUX nufw-init.d 273 BLAKE2B 00827d4cf93b484c6563b7bccc4020e9de0e8f2652eb29f9b1a64dfb4333b7e04b370f977a43a8f9af4b680d62e658a7779822c6671059e83a5ceea7f1872f5e SHA512 7f8b16532ae74b6aae8a9c7ef4a7509b66253f03a47c8ee521163a35db525e8c25b091289e10337307906a27e0aba558bd2a28dc0b91cbc09ce17ba78002d0e1
-DIST nufw-2.2.22.tar.bz2 597491 BLAKE2B 4c3092aeaced237ceb9faa16cff275938de23cdca31d2d6f6406238a0fe75ad15468f91a80b1d6e0bfc6dac520b6331ee19a1d95a006d591b891b91aad6caa8b SHA512 cc9f43b9ebf6aabbab4c83799ca1735fc456c085959cfb24d17571302c71518660424195b2cc62ed615f811bd6b3c45e1b99db99138d1caa6a744370775acaee
-EBUILD nufw-2.2.22-r4.ebuild 2646 BLAKE2B 2555810578bd2e1240681c1cb3b6488e477d9b1c05d9c9a1cbc978dc25fa8d7c4c003a17612fff327960ac6d7acc6b939f954a1385cacb7de6be0cb912ddf733 SHA512 e2c730ca003430d382c20cbe46676b933970f66d30e031b4bb4f0542058f6ccf93d58954f333f72892ad6291670f43cd9dff8a39a05293c0cdcf3861d8963e3c
-MISC metadata.xml 548 BLAKE2B 5aedb4f7abd13f6eba1a5066c2e8f285b19485a374a1bd2a7f5500f0fa5da663d0db1409fcbda1a82980c55f116e08cbd35fed8761f9a7bd97f8124d80838df1 SHA512 90887060aa87fc5e623e92eef107ec30f7249996d5283de0c638cba717d709c23859b1cf2e08b1565add6b7e2a9ecd4d0e3071d72577a0b9bc812d4602fe0801
diff --git a/net-firewall/nufw/files/nuauth-conf.d b/net-firewall/nufw/files/nuauth-conf.d
deleted file mode 100644
index 1ac750cf49fd..000000000000
--- a/net-firewall/nufw/files/nuauth-conf.d
+++ /dev/null
@@ -1,2 +0,0 @@
-# configuration file for /etc/init.d/nuauth
-NUAUTH_OPTIONS=""
diff --git a/net-firewall/nufw/files/nuauth-init.d b/net-firewall/nufw/files/nuauth-init.d
deleted file mode 100644
index db9c10b8a0d5..000000000000
--- a/net-firewall/nufw/files/nuauth-init.d
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/sbin/openrc-run
-
-depend() {
- before net
-}
-
-checkconfig() {
- if [ ! -e /etc/nufw/nuauth.conf ]; then
- eerror "You need a /etc/nufw/nuauth.conf file to run nuauth"
- eerror "There is sample file in /usr/share/doc/nufw-version/"
- return 1
- fi
-}
-
-start() {
- checkpath -d /run/nuauth
- checkconfig || return 1
- ebegin "Starting nuauth"
- start-stop-daemon --start --quiet --exec /usr/sbin/nuauth -- -D ${NUAUTH_OPTIONS}
- eend $?
-}
-
-stop() {
- ebegin "Stopping nuauth"
- start-stop-daemon --stop --quiet --pidfile /run/nuauth/nuauth.pid
- eend $?
-}
diff --git a/net-firewall/nufw/files/nufw-2.2.22-gnutls-3.4.patch b/net-firewall/nufw/files/nufw-2.2.22-gnutls-3.4.patch
deleted file mode 100644
index e75d2b3fd61d..000000000000
--- a/net-firewall/nufw/files/nufw-2.2.22-gnutls-3.4.patch
+++ /dev/null
@@ -1,103 +0,0 @@
-From cbe4cfe90322e5add59433d9dd8394f46e341fab Mon Sep 17 00:00:00 2001
-From: Alon Bar-Lev <alon.barlev@gmail.com>
-Date: Sat, 4 Mar 2017 01:00:40 +0200
-Subject: [PATCH] ssl: drop call of deprecated
- gnutls_certificate_type_set_priority()
-
-CTYPE-X.509 is the default value. Closes: #624077
-
-Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
----
- src/clients/lib/libnuclient.c | 15 ++-------------
- src/nufw/tls.c | 14 --------------
- 2 files changed, 2 insertions(+), 27 deletions(-)
-
-diff --git a/src/clients/lib/libnuclient.c b/src/clients/lib/libnuclient.c
-index 917e75a..6e78c96 100644
---- a/src/clients/lib/libnuclient.c
-+++ b/src/clients/lib/libnuclient.c
-@@ -62,9 +62,6 @@ GCRY_THREAD_OPTION_PTHREAD_IMPL;
- # define DH_BITS 1024
- #endif
-
--static const int cert_type_priority[3] = { GNUTLS_CRT_X509, 0 };
--
--
- void nu_exit_clean(nuauth_session_t * session)
- {
- if (session->ct) {
-@@ -270,7 +267,7 @@ int check_key_perms(const char* filename)
- return 1;
- }
-
--static int _cb_request_cert(gnutls_session_t session, const gnutls_datum_t* req_ca_dn, int nreqs, const gnutls_pk_algorithm_t* pk_algos, int pk_algos_length, gnutls_retr_st* st)
-+static int _cb_request_cert(gnutls_session_t session, const gnutls_datum_t* req_ca_dn, int nreqs, const gnutls_pk_algorithm_t* pk_algos, int pk_algos_length, gnutls_retr2_st* st)
- {
- printf("TLS error: server requests certificate, none configured\n");
- return 0;
-@@ -518,7 +515,7 @@ int nu_client_setup_tls(nuauth_session_t * session,
- SET_ERROR(err, INTERNAL_ERROR, FILE_ACCESS_ERR);
- return 0;
- }
-- gnutls_certificate_client_set_retrieve_function(session->cred,
-+ gnutls_certificate_set_retrieve_function(session->cred,
- &_cb_request_cert);
- }
-
-@@ -604,12 +601,6 @@ int nu_client_reset_tls(nuauth_session_t *session)
- return 0;
- }
-
-- ret =
-- gnutls_certificate_type_set_priority(session->tls,
-- cert_type_priority);
-- if (ret < 0) {
-- return 0;
-- }
- return 1;
- }
-
-@@ -776,8 +767,6 @@ void nu_client_reset(nuauth_session_t * session)
- gnutls_deinit(session->tls);
- gnutls_init(&session->tls, GNUTLS_CLIENT);
- gnutls_set_default_priority(session->tls);
-- gnutls_certificate_type_set_priority(session->tls,
-- cert_type_priority);
- session->need_set_cred = 1;
-
- /* close socket */
-diff --git a/src/nufw/tls.c b/src/nufw/tls.c
-index e7223eb..2d46820 100644
---- a/src/nufw/tls.c
-+++ b/src/nufw/tls.c
-@@ -506,8 +506,6 @@ void tls_connect()
- gnutls_session *tls_session;
- int tls_socket, ret;
- #if USE_X509
-- const int cert_type_priority[3] = { GNUTLS_CRT_X509, 0 };
--
- tls.session = NULL;
-
- /* compute patch key_file */
-@@ -655,18 +653,6 @@ void tls_connect()
- return;
- }
- #if USE_X509
-- ret = gnutls_certificate_type_set_priority(*(tls_session),
-- cert_type_priority);
-- if (ret < 0) {
-- log_area_printf(DEBUG_AREA_MAIN, DEBUG_LEVEL_WARNING,
-- "TLS: gnutls_certificate_type_set_priority() failed: %s",
-- gnutls_strerror(ret));
-- gnutls_certificate_free_credentials(tls.xcred);
-- gnutls_deinit(*tls_session);
-- free(tls_session);
-- return;
-- }
--
- /* put the x509 credentials to the current session */
- ret = gnutls_credentials_set(*(tls_session), GNUTLS_CRD_CERTIFICATE,
- tls.xcred);
---
-2.10.2
-
diff --git a/net-firewall/nufw/files/nufw-2.2.22-var-run.patch b/net-firewall/nufw/files/nufw-2.2.22-var-run.patch
deleted file mode 100644
index f6bcc95e0006..000000000000
--- a/net-firewall/nufw/files/nufw-2.2.22-var-run.patch
+++ /dev/null
@@ -1,45 +0,0 @@
---- a/src/nuauth/auth_srv.h
-+++ b/src/nuauth/auth_srv.h
-@@ -162,7 +162,7 @@
- #ifdef S_SPLINT_S
- # define NUAUTH_PID_FILE "/usr/local/var/run/nuauth/nuauth.pid"
- #else
--# define NUAUTH_PID_FILE LOCAL_STATE_DIR "/run/nuauth/nuauth.pid"
-+# define NUAUTH_PID_FILE "/run/nuauth/nuauth.pid"
- #endif
-
- /* define the number of threads that will do user check */
---- a/src/nuauth/command.c
-+++ b/src/nuauth/command.c
-@@ -26,7 +26,7 @@
- #include <sys/un.h> /* unix socket */
- #include <sys/stat.h> /* fchmod() */
-
--#define SOCKET_FILENAME LOCAL_STATE_DIR "/run/nuauth/nuauth-command.socket"
-+#define SOCKET_FILENAME "/run/nuauth/nuauth-command.socket"
-
- const char* COMMAND_HELP =
- "version: display nuauth version\n"
---- a/src/nufw/main.c
-+++ b/src/nufw/main.c
-@@ -54,7 +54,7 @@
-
- /*! Name of pid file prefixed by LOCAL_STATE_DIR (variable defined
- * during compilation/installation) */
--#define NUFW_PID_FILE LOCAL_STATE_DIR "/run/nufw.pid"
-+#define NUFW_PID_FILE "/run/nufw.pid"
-
- /**
- * Stop threads and then wait until threads exit.
---- a/src/nuauth/Makefile.am
-+++ b/src/nuauth/Makefile.am
-@@ -26,9 +26,6 @@
-
- nuauth_LDADD = $(GLIB_LIBS) -lm -lgnutls -lsasl2 -lnufw -L$(top_builddir)/src/include/
-
--install-exec-local:
-- install -d "$(DESTDIR)$(localstatedir)/run/nuauth/"
--
- nuauth$(EXEEXT): $(nuauth_OBJECTS) $(nuauth_DEPENDENCIES)
- @rm -f nuauth$(EXEEXT)
- $(LINK) $(nuauth_LDFLAGS) $(nuauth_OBJECTS) $(nuauth_LDADD)
diff --git a/net-firewall/nufw/files/nufw-conf.d b/net-firewall/nufw/files/nufw-conf.d
deleted file mode 100644
index b2ea527744ec..000000000000
--- a/net-firewall/nufw/files/nufw-conf.d
+++ /dev/null
@@ -1,2 +0,0 @@
-# configuration file for /etc/init.d/nufw
-NUFW_OPTIONS="-k /etc/nufw/nufw.key -c /etc/nufw/nufw.pem -d 127.0.0.1 -p 4129"
diff --git a/net-firewall/nufw/files/nufw-init.d b/net-firewall/nufw/files/nufw-init.d
deleted file mode 100644
index fd97dd408c7b..000000000000
--- a/net-firewall/nufw/files/nufw-init.d
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/sbin/openrc-run
-
-depend() {
- before net
-}
-
-start() {
- ebegin "Starting nufw"
- start-stop-daemon --start --quiet --exec /usr/sbin/nufw -- -D ${NUFW_OPTIONS}
- eend $?
-}
-
-stop() {
- ebegin "Stopping nufw"
- start-stop-daemon --stop --quiet --pidfile /run/nufw.pid
- eend $?
-}
diff --git a/net-firewall/nufw/metadata.xml b/net-firewall/nufw/metadata.xml
deleted file mode 100644
index 2187d537f3cb..000000000000
--- a/net-firewall/nufw/metadata.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
-<pkgmetadata>
-<maintainer type="project">
-<email>netmon@gentoo.org</email>
-<name>Gentoo network monitoring and analysis project</name>
-</maintainer>
-<use>
-<flag name="nfconntrack">Use netfilter_conntrack</flag>
-<flag name="nfqueue">Use NFQUEUE instead of QUEUE</flag>
-<flag name="pam_nuauth">Add support for pam nufw from PAM</flag>
-<flag name="plaintext">Add support for authentication with plaintext files</flag>
-</use>
-</pkgmetadata>
diff --git a/net-firewall/nufw/nufw-2.2.22-r4.ebuild b/net-firewall/nufw/nufw-2.2.22-r4.ebuild
deleted file mode 100644
index d5607a7b2b80..000000000000
--- a/net-firewall/nufw/nufw-2.2.22-r4.ebuild
+++ /dev/null
@@ -1,105 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-SSL_CERT_MANDATORY=1
-inherit autotools flag-o-matic pam ssl-cert
-
-DESCRIPTION="An enterprise grade authenticating firewall based on netfilter"
-HOMEPAGE="http://www.nufw.org/"
-SRC_URI="http://www.nufw.org/attachments/download/39/${P}.tar.bz2"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 x86"
-IUSE="debug ldap mysql pam pam_nuauth plaintext postgres unicode nfqueue nfconntrack static syslog test"
-
-REQUIRED_USE="pam_nuauth? ( plaintext )"
-DEPEND="
- dev-libs/cyrus-sasl
- dev-libs/glib:2
- dev-libs/libgcrypt:=
- dev-python/IPy
- net-firewall/iptables
- net-libs/gnutls:=
- ldap? ( >=net-nds/openldap-2:= )
- mysql? ( dev-db/mysql-connector-c:= )
- nfconntrack? ( net-libs/libnetfilter_conntrack )
- nfqueue? ( net-libs/libnfnetlink net-libs/libnetfilter_queue )
- pam? ( sys-libs/pam )
- pam_nuauth? ( sys-libs/pam )
- postgres? ( dev-db/postgresql:*[server] )
-"
-RDEPEND=${DEPEND}
-
-PATCHES=(
- "${FILESDIR}/${P}-var-run.patch"
- "${FILESDIR}/${P}-gnutls-3.4.patch"
-)
-
-RESTRICT="test"
-
-src_prepare() {
- default
- sed -i \
- -e 's:^#\(nuauth_tls_key="/etc/nufw/\)nuauth-key.pem:\1nuauth.key:' \
- -e 's:^#\(nuauth_tls_cert="/etc/nufw/\)nuauth-cert.pem:\1nuauth.pem:' \
- conf/nuauth.conf || die
- sed -i \
- -e "/^modulesdir/s|=.*|= /$(get_libdir)/security|g" \
- src/clients/pam_nufw/Makefile.am || die
- eautoreconf
-}
-
-src_configure() {
- append-cflags -fcommon
- econf \
- $(use_enable debug) \
- $(use_enable pam_nuauth pam-nufw) \
- $(use_enable static) \
- $(use_with ldap) \
- $(use_with mysql mysql-auth) \
- $(use_with mysql mysql-log) \
- $(use_with nfconntrack) \
- $(use_with nfqueue) \
- $(use_with pam system-auth) \
- $(use_with plaintext plaintext-auth) \
- $(use_with postgres pgsql-log) \
- $(use_with syslog syslog-log) \
- $(use_with unicode utf8) \
- --without-prelude-log \
- --enable-shared \
- --includedir="/usr/include/nufw" \
- --localstatedir="/var" \
- --sysconfdir="/etc/nufw" \
- --with-mark-group \
- --with-user-mark
-}
-
-src_install() {
- default
- find "${ED}" -name '*.la' -delete || die
-
- newinitd "${FILESDIR}"/nufw-init.d nufw
- newconfd "${FILESDIR}"/nufw-conf.d nufw
-
- newinitd "${FILESDIR}"/nuauth-init.d nuauth
- newconfd "${FILESDIR}"/nuauth-conf.d nuauth
-
- insinto /etc/nufw
- doins conf/nuauth.conf
-
- docinto scripts
- dodoc scripts/{clean_conntrack.pl,nuaclgen,nutop,README,ulog_rotate_daily.sh,ulog_rotate_weekly.sh}
- docinto conf
- dodoc conf/*.{nufw,schema,conf,dump,xml}
-
- if use pam; then
- pamd_mimic system-auth nufw auth account password session
- fi
-}
-
-pkg_postinst() {
- install_cert /etc/nufw/{nufw,nuauth}
-}