From 4935506e9a5cbfabd37c64093eac5f36c2ff0017 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Sat, 17 Feb 2018 20:03:52 +0000
Subject: gentoo resync : 17.02.2018

---
 net-vpn/Manifest.gz                                | Bin 5033 -> 5030 bytes
 net-vpn/libreswan/Manifest                         |   2 +
 .../files/libreswan-3.23-modern-kernels.patch      |  15 +++
 net-vpn/libreswan/libreswan-3.23-r1.ebuild         | 114 +++++++++++++++++++++
 4 files changed, 131 insertions(+)
 create mode 100644 net-vpn/libreswan/files/libreswan-3.23-modern-kernels.patch
 create mode 100644 net-vpn/libreswan/libreswan-3.23-r1.ebuild

(limited to 'net-vpn')

diff --git a/net-vpn/Manifest.gz b/net-vpn/Manifest.gz
index 88fb52f99b02..7f34e36d894f 100644
Binary files a/net-vpn/Manifest.gz and b/net-vpn/Manifest.gz differ
diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest
index 81c00fb1e920..6f5f5c9fcaac 100644
--- a/net-vpn/libreswan/Manifest
+++ b/net-vpn/libreswan/Manifest
@@ -1,7 +1,9 @@
+AUX libreswan-3.23-modern-kernels.patch 525 BLAKE2B 5c1353932dddd0febf60ae0b8c03e81e1c1397e6ea93619e5d02f60c4a735a0b63c8c1dfc6a3a79c55addf4af20e3e3f2b82b3f369b2c61d62c51c3c57f3d241 SHA512 e2a798d1bc8b089056a400bc0918b1037420a268e49e0183db99c565da9c8bce344e5fa9c3cdcc246a066450aceeec1af333f8b4c931e4e9414d6485db03bd13
 DIST libreswan-3.21.tar.gz 8945666 BLAKE2B 88a96310d54f44c28eb676689c76737a44bfaf17c02146297f1759f1019d8cbb6effc15175880c18bf08b265778a2aba9d055172ea710c259e14cbe2fd84c158 SHA512 f1ef002b3e0869920edfebfc8efd73d9a9f84f64a77ad4832f46b12dfdd3c31cdf48c1473522b63f155058592c46af05995756af5440ca3e9c0fa5207436e0fc
 DIST libreswan-3.22.tar.gz 6910418 BLAKE2B c06134fa2d1096231797f1ea93de8ed61121472b10ae30ee9a843250dce4ef9f21e7d3bf63f38daf53fbfd8d1e435cfdc704743d0fdcbde8ecac137d9becac48 SHA512 93868327394527750590e1297443d3eb1c9a528d680348098fd2913123dac52c9fecd73b855ee00586c2516b8aa00f7f0d158d8e9b19d7487b5fb26432b86aff
 DIST libreswan-3.23.tar.gz 3836073 BLAKE2B ffb27ed75618afcf39c36b7326bb1e4b70ea8337bb4b13951bef95dc13989613c226fe83e031eeba080f55f98262df432b776c3ac5b7b4fb740506f918172ed3 SHA512 3645af522ea9ac868c55bfadfd2cf27dc5acb247543f43290cbe677a90cd00316be6520ca2128b9aaecce2b0293710ae6a2bd710a7d93198b8cb81e32276ced8
 EBUILD libreswan-3.21.ebuild 2568 BLAKE2B 1df86e3bdaebd713fc430d09270bd36d6585696920c936ec1e80d63ca14d829eeb097597d7aa2001fc3f1d7e3aa598d1d72c8a10baf5e5661b4a292a9c1f463b SHA512 65fa1471cd46cbf5cb816f3b4bfe9f29a09b0ffb8d28e688544be044c5b794673d0b89c108c810b43d44fca4ca3107b4c8ff6cf364899211a7c0ea9442d45bfa
 EBUILD libreswan-3.22.ebuild 2812 BLAKE2B 55b89a58724b02cafcf997295f117a084c1f7e16a65f1adfb0efc783772d3a68be867b24ff038aa8017412b2e4fb716a3aa101d080eda2c9e8a11dfd117c3544 SHA512 23136de2f2a1442318bc692456c32d0675515b508ef6281b33b2f8760bafbbe09ab39d233d552214aecc3e965c22f9fc67bad93902a6be5696117308bf1190cf
+EBUILD libreswan-3.23-r1.ebuild 2867 BLAKE2B f4fb5ffb508732e268199c92ff69d43c14620915bc0b6aa3fb867b56e4c3713a8e2b8dc25ec0e01fd80efad853afb38e54155b0c1a4455b81f0dbb69131c0d79 SHA512 00c4c5399dc14afa872c9b81202bce9d9d1cf5c4eb6a3a34ce2b96f9be5af008edc799fdc7c3c7af8aa36bae2b518f40686e08dc813ba7040e9351c69fcff0bf
 EBUILD libreswan-3.23.ebuild 2814 BLAKE2B 75a2bd92b38261da8141c05e287e9ee33d55b2a19aaddfb30b2f76fea4e944979345512ba1d29465342066646d69cabfef85f4417e471350a05f8becd7f73f9a SHA512 c5c8409272f7bb661e9578ff7d97c52fd07f291b8392826031b106998f1c516f6a6f343813cafdeef4c6245e4123509c764dd303a40200a9b0f98b0821c14a1e
 MISC metadata.xml 319 BLAKE2B 6bae0756e29efeb1cf77d60f7e38fe62ffa5f24c3745e07900e6ef5f65194c50f6a479d97fdcc24804ccdcfefd9707b12f08dffe613fcf798afc421826de36e4 SHA512 924161f15c0f7a9666a6d7a422b45da679190e1a0f2859b997ddd753cbf49df9da337e5420040210736f76fa712dca3ec8862480f62bd321de71e74bee7c0865
diff --git a/net-vpn/libreswan/files/libreswan-3.23-modern-kernels.patch b/net-vpn/libreswan/files/libreswan-3.23-modern-kernels.patch
new file mode 100644
index 000000000000..5dedfeb34c7d
--- /dev/null
+++ b/net-vpn/libreswan/files/libreswan-3.23-modern-kernels.patch
@@ -0,0 +1,15 @@
+diff --git a/programs/pluto/kernel_netlink.c
+b/programs/pluto/kernel_netlink.c
+index 8cec3a2..a2500f4 100644
+--- a/programs/pluto/kernel_netlink.c
++++ b/programs/pluto/kernel_netlink.c
+@@ -51,8 +51,8 @@
+ #include <linux/if_addr.h>
+ #include <linux/if_link.h>
+
+-#include "libreswan.h" /* before xfrm.h otherwise break on F22 */
+ #include "linux/xfrm.h" /* local (if configured) or system copy */
++#include "libreswan.h" /* before xfrm.h otherwise break on F22 */
+
+ #include "libreswan/pfkeyv2.h"
+ #include "libreswan/pfkey.h"
diff --git a/net-vpn/libreswan/libreswan-3.23-r1.ebuild b/net-vpn/libreswan/libreswan-3.23-r1.ebuild
new file mode 100644
index 000000000000..3a6e2002c930
--- /dev/null
+++ b/net-vpn/libreswan/libreswan-3.23-r1.ebuild
@@ -0,0 +1,114 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit systemd toolchain-funcs
+
+SRC_URI="https://download.libreswan.org/${P}.tar.gz"
+KEYWORDS="~amd64 ~ppc ~x86"
+
+DESCRIPTION="IPsec implementation for Linux, fork of Openswan"
+HOMEPAGE="https://libreswan.org/"
+
+LICENSE="GPL-2 BSD-4 RSA DES"
+SLOT="0"
+IUSE="caps curl dnssec ldap pam seccomp selinux systemd test"
+
+COMMON_DEPEND="
+	dev-libs/gmp:0=
+	dev-libs/libevent:0=
+	dev-libs/nspr
+	caps? ( sys-libs/libcap-ng )
+	curl? ( net-misc/curl )
+	dnssec? ( net-dns/unbound net-libs/ldns )
+	ldap? ( net-nds/openldap )
+	pam? ( sys-libs/pam )
+	seccomp? ( sys-libs/libseccomp )
+	selinux? ( sys-libs/libselinux )
+	systemd? ( sys-apps/systemd:0= )
+"
+DEPEND="${COMMON_DEPEND}
+	app-text/docbook-xml-dtd:4.1.2
+	app-text/xmlto
+	dev-libs/nss
+	sys-devel/bison
+	sys-devel/flex
+	virtual/pkgconfig
+	test? ( dev-python/setproctitle )
+"
+RDEPEND="${COMMON_DEPEND}
+	dev-libs/nss[utils(+)]
+	sys-apps/iproute2
+	!net-misc/openswan
+	!net-vpn/strongswan
+	selinux? ( sec-policy/selinux-ipsec )
+"
+
+PATCHES=( "${FILESDIR}/${P}-modern-kernels.patch" )
+
+usetf() {
+	usex "$1" true false
+}
+
+src_prepare() {
+	sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die
+	sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die
+	default
+}
+
+src_configure() {
+	tc-export AR CC
+	export INC_USRLOCAL=/usr
+	export INC_MANDIR=share/man
+	export FINALEXAMPLECONFDIR=/usr/share/doc/${PF}
+	export FINALDOCDIR=/usr/share/doc/${PF}/html
+	export INITSYSTEM=openrc
+	export INC_RCDIRS=
+	export INC_RCDEFAULT=/etc/init.d
+	export USERCOMPILE=
+	export USERLINK=
+	export USE_DNSSEC=$(usetf dnssec)
+	export USE_LABELED_IPSEC=$(usetf selinux)
+	export USE_LIBCAP_NG=$(usetf caps)
+	export USE_LIBCURL=$(usetf curl)
+	export USE_LINUX_AUDIT=$(usetf selinux)
+	export USE_LDAP=$(usetf ldap)
+	export USE_SECCOMP=$(usetf seccomp)
+	export USE_SYSTEMD_WATCHDOG=$(usetf systemd)
+	export SD_WATCHDOGSEC=$(usex systemd 200 0)
+	export USE_XAUTHPAM=$(usetf pam)
+	export DEBUG_CFLAGS=
+	export OPTIMIZE_CFLAGS=
+	export WERROR_CFLAGS=
+}
+
+src_compile() {
+	emake all
+	emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" all
+}
+
+src_test() {
+	: # integration tests only that require set of kvms to be set up
+}
+
+src_install() {
+	default
+	emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" DESTDIR="${D}" install
+
+	echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets
+	fperms 0600 /etc/ipsec.secrets
+
+	dodoc -r docs
+
+	find "${D}" -type d -empty -delete || die
+}
+
+pkg_postinst() {
+	local IPSEC_CONFDIR=${ROOT%/}/etc/ipsec.d
+	if [[ ! -f ${IPSEC_CONFDIR}/cert8.db ]]; then
+		ebegin "Setting up NSS database in ${IPSEC_CONFDIR}"
+		certutil -N -d "${IPSEC_CONFDIR}" -f <(echo)
+		eend $?
+	fi
+}
-- 
cgit v1.2.3