From 64e107b9b6058580ff0432107eb37cefb0b2a7d8 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Mon, 22 Oct 2018 11:09:47 +0100
Subject: gentoo resync : 22.10.2018
---
net-vpn/Manifest.gz | Bin 4538 -> 4542 bytes
net-vpn/i2p/Manifest | 7 +-
net-vpn/i2p/files/0.9.37-add-cp-to-tests | 33 +++
net-vpn/i2p/i2p-0.9.34.ebuild | 138 ----------
net-vpn/i2p/i2p-0.9.37.ebuild | 179 ++++++++++++
net-vpn/i2p/metadata.xml | 2 +-
net-vpn/i2pd/Manifest | 6 +-
net-vpn/i2pd/i2pd-2.18.0.ebuild | 113 --------
net-vpn/i2pd/i2pd-2.20.0.ebuild | 4 +-
net-vpn/i2pd/i2pd-2.21.0.ebuild | 120 ++++++++
net-vpn/libreswan/Manifest | 2 +
net-vpn/libreswan/libreswan-3.27.ebuild | 112 ++++++++
net-vpn/openconnect/Manifest | 19 +-
.../files/openconnect-7.07-libressl.patch | 77 ------
.../openconnect-7.07-mimic-pulse-client.patch | 38 ---
net-vpn/openconnect/files/openconnect.init.in | 122 ---------
net-vpn/openconnect/openconnect-7.06-r1.ebuild | 135 ---------
net-vpn/openconnect/openconnect-7.06-r4.ebuild | 138 ----------
.../openconnect/openconnect-7.06_p20160614.ebuild | 156 -----------
net-vpn/openconnect/openconnect-7.07-r1.ebuild | 157 -----------
net-vpn/openconnect/openconnect-7.07-r2.ebuild | 163 -----------
net-vpn/openconnect/openconnect-7.07-r3.ebuild | 167 ------------
net-vpn/openconnect/openconnect-7.08-r1.ebuild | 6 +-
net-vpn/openconnect/openconnect-7.08.ebuild | 162 -----------
net-vpn/openconnect/openconnect-9999.ebuild | 4 +-
net-vpn/strongswan/Manifest | 5 +-
net-vpn/strongswan/strongswan-5.5.3.ebuild | 302 --------------------
net-vpn/strongswan/strongswan-5.6.0.ebuild | 302 --------------------
net-vpn/strongswan/strongswan-5.7.1.ebuild | 303 +++++++++++++++++++++
net-vpn/tinc/Manifest | 2 +
net-vpn/tinc/tinc-1.0.35.ebuild | 42 +++
net-vpn/tor/Manifest | 4 +-
net-vpn/tor/tor-0.3.5.2_alpha.ebuild | 87 ------
net-vpn/tor/tor-0.3.5.3_alpha.ebuild | 87 ++++++
net-vpn/wireguard/Manifest | 4 +-
net-vpn/wireguard/wireguard-0.0.20181006.ebuild | 145 ----------
net-vpn/wireguard/wireguard-0.0.20181018.ebuild | 145 ++++++++++
37 files changed, 1048 insertions(+), 2440 deletions(-)
create mode 100644 net-vpn/i2p/files/0.9.37-add-cp-to-tests
delete mode 100644 net-vpn/i2p/i2p-0.9.34.ebuild
create mode 100644 net-vpn/i2p/i2p-0.9.37.ebuild
delete mode 100644 net-vpn/i2pd/i2pd-2.18.0.ebuild
create mode 100644 net-vpn/i2pd/i2pd-2.21.0.ebuild
create mode 100644 net-vpn/libreswan/libreswan-3.27.ebuild
delete mode 100644 net-vpn/openconnect/files/openconnect-7.07-libressl.patch
delete mode 100644 net-vpn/openconnect/files/openconnect-7.07-mimic-pulse-client.patch
delete mode 100644 net-vpn/openconnect/files/openconnect.init.in
delete mode 100644 net-vpn/openconnect/openconnect-7.06-r1.ebuild
delete mode 100644 net-vpn/openconnect/openconnect-7.06-r4.ebuild
delete mode 100644 net-vpn/openconnect/openconnect-7.06_p20160614.ebuild
delete mode 100644 net-vpn/openconnect/openconnect-7.07-r1.ebuild
delete mode 100644 net-vpn/openconnect/openconnect-7.07-r2.ebuild
delete mode 100644 net-vpn/openconnect/openconnect-7.07-r3.ebuild
delete mode 100644 net-vpn/openconnect/openconnect-7.08.ebuild
delete mode 100644 net-vpn/strongswan/strongswan-5.5.3.ebuild
delete mode 100644 net-vpn/strongswan/strongswan-5.6.0.ebuild
create mode 100644 net-vpn/strongswan/strongswan-5.7.1.ebuild
create mode 100644 net-vpn/tinc/tinc-1.0.35.ebuild
delete mode 100644 net-vpn/tor/tor-0.3.5.2_alpha.ebuild
create mode 100644 net-vpn/tor/tor-0.3.5.3_alpha.ebuild
delete mode 100644 net-vpn/wireguard/wireguard-0.0.20181006.ebuild
create mode 100644 net-vpn/wireguard/wireguard-0.0.20181018.ebuild
(limited to 'net-vpn')
diff --git a/net-vpn/Manifest.gz b/net-vpn/Manifest.gz
index e76c2cfb0354..21e14776046e 100644
Binary files a/net-vpn/Manifest.gz and b/net-vpn/Manifest.gz differ
diff --git a/net-vpn/i2p/Manifest b/net-vpn/i2p/Manifest
index acb83c695818..e2718c93b995 100644
--- a/net-vpn/i2p/Manifest
+++ b/net-vpn/i2p/Manifest
@@ -1,7 +1,8 @@
+AUX 0.9.37-add-cp-to-tests 1880 BLAKE2B bd5da44d351acbea0583a7e26ead5c898739c87fc33b949772b8fdb9415c3277913cf0e97fadf6c379e8b4cfb4d723ea7e121b6c36ed72d4cec96b8d4bbd1fbd SHA512 3afcb97ad455777d9ad1f158d9a6f0de42694dd92841dc588a4308f666a6a4810cfa3be5a1f00a730e7f15f8573e9f7a5107885561f4e7a847da017904ee37a1
AUX i2p.init 489 BLAKE2B f7c484713fa043f1db991e95d58f0d184c0d49062e807671f6aca2c7489ad52e072e2d0f5b6c5b666cbda77764e90da6506b7fd0f7a5b2fb34bbfc0b3c96da53 SHA512 3b9b2bce4359f0ba32f690f7922ed95ccaa133b1cff2e5a1d6bfc91a380757f79f03e8a4966259d19ec888e6db468825e6a9d0d1acdba9d38c81a86b99c4229a
AUX i2p.service 253 BLAKE2B 2647a1920083fedf88b351b084d3a4d177393065da3dc7aecbeb09e1afc3373116f972c40db4500f76fe1a983ac24503d9a95ee08917ff7625946e4928449512 SHA512 59639b4f78637e5b03ed67b7e08d21bc873c844b474df3ed9101b34934a4c22aef46db1b66cbdc9aad2438ee84f130230c368a78b5bb1017843f016bba6c30e5
-DIST i2psource_0.9.34.tar.bz2 29332692 BLAKE2B 16b15ac2c7eaa594fc6398105d7e22442fafc4036a54a66c91b3ca9bd98095a9192ae5c28123882ddc6acc7c68fb5eeed3ef1ed632a4b4b96a1abe28dff2286c SHA512 71c80710098ead34c159c6a6873c397048afc76974917e7b65d7846203900ab8bfb4840fec3c7d09ade48e93329b06ec33d9f367dae33a4708b4ea14268beefa
DIST i2psource_0.9.36.tar.bz2 29856168 BLAKE2B 0f10101b874bf6fc8415f10b08282947962a6fb8c3eaefde67d3f250d65a159551c24038625aa6712e88b368ccae38d136314025ac19fcb9dd9145251283b357 SHA512 e9023cae1c7dbdd92c9c4823497dfa8497cee3683de1232deddbdc548ba08edefe218bd81e00e952d8a95037c32de8359daaf43c2d5f25c75aba65554d2d47b4
-EBUILD i2p-0.9.34.ebuild 4049 BLAKE2B a0104622fd5e19989304d3c0572715ea87cb9684aa6c8f0ef264f5fc17f592a1865e14211c932a4a0a8cb89e05f2f914a20867c141d2009764a60c361a2e0e3d SHA512 66fd700c6493bc79b5580b3c811eb0a7043d69b2b1033d4b1f0d95a5c0071a7af33a358a11c308ff9afc16a4b9027168d5cee13a2db7f55ac3ed3cfdbf13c314
+DIST i2psource_0.9.37.tar.bz2 30277506 BLAKE2B 2c0fe601b3a8967c23f00bd29aef197389039efbf1a3fc0847f819dea44f98e38b9b53b749763dccca740a50d467d5d079b0e4aad707347cc7c7a576fcc44407 SHA512 ce0d320810faaebe2926d988a40f4df968583edbc488b995a32cfd806550a8cf75d2c2397bfd9f3fd443cb462567cc2cdbf08d1de59b6806888724254faebf09
EBUILD i2p-0.9.36.ebuild 4184 BLAKE2B 58fcad81d8247848e26af7881178618720778af04d513d972e4e894eeb37509cef7c09840bc075fe81b6de77ba33609d1bea73675cbc1ef2fd5cfa3dd3e82864 SHA512 46e4e100d34e65d11383a0e731788866e9c77137050c95c02869ebf4ae1db098bcaa9f1c31adc549ff3c6b02b667d257ea560fa62e90ea2214efac7e715ef1bf
-MISC metadata.xml 894 BLAKE2B 7f1415ae58ff6b83e05824111e0de818bce0f6b00fda294124eb838d3d24bab43e03f9224cdb3eb5e9b0625cb4a930fce107aa508275e398362ae4d3be502a73 SHA512 dbb318ce927a56d1f0d84cec63b1265969dd4d77021d36ee93e253c4cf02238265aa02a292353d6f520c223b433ce7dcafe605ce2bf97fa253e97f286be34cdb
+EBUILD i2p-0.9.37.ebuild 5212 BLAKE2B d7851583229df8021448749324ffe3927ca843ac59fc97ced69adeafed513a9c75be89346ff8f8353c0df02f963e06788e2653e2a3853aebea7604653ed33b08 SHA512 e6aaa547eb6039804b8af5c17fa35e532f303d54bfbcd5d3c25ba17b53cc390b1f7e87e257ea55e2311d2bc4cc2985a77401db44a7a4a3ea47cd6e64386c0341
+MISC metadata.xml 904 BLAKE2B cc55ce0d1f0cd042997b30a12405ad9e4f0e7e63926c8bc5409dae47d2f0aa37fd141ce8dd436abeb0b417b04484b7bc0155b075899c8127d424301b1af2913b SHA512 195b17fe2bedf530b32ef031b92044d9adf7c1e43d7ba067301bb02d716c9a9836c105663083aad79353afc9938cca1359dc57409adae809e12c8e2f260240c2
diff --git a/net-vpn/i2p/files/0.9.37-add-cp-to-tests b/net-vpn/i2p/files/0.9.37-add-cp-to-tests
new file mode 100644
index 000000000000..b8e967dd31d2
--- /dev/null
+++ b/net-vpn/i2p/files/0.9.37-add-cp-to-tests
@@ -0,0 +1,33 @@
+diff -Naur a/apps/ministreaming/java/build.xml b/apps/ministreaming/java/build.xml
+--- a/apps/ministreaming/java/build.xml 2018-10-04 12:05:09.000000000 +0200
++++ b/apps/ministreaming/java/build.xml 2018-10-12 08:15:16.481532093 +0200
+@@ -194,6 +194,7 @@
+ includeAntRuntime="false"
+ destdir="./build/obj" >
+ <classpath>
++ <pathelement path="${javac.classpath}" />
+ <pathelement location="../../../core/java/build/i2p.jar" />
+ <pathelement location="${junit.home}/junit4.jar" />
+ <pathelement location="${hamcrest.home}/hamcrest.jar" />
+diff -Naur a/apps/streaming/java/build.xml b/apps/streaming/java/build.xml
+--- a/apps/streaming/java/build.xml 2018-10-04 12:05:09.000000000 +0200
++++ b/apps/streaming/java/build.xml 2018-10-12 11:17:22.814404049 +0200
+@@ -62,6 +62,7 @@
+ includeAntRuntime="false"
+ destdir="./build/obj" >
+ <classpath>
++ <pathelement path="${javac.classpath}" />
+ <pathelement location="../../../core/java/build/i2p.jar" />
+ <pathelement location="../../ministreaming/java/build/mstreaming.jar" />
+ <pathelement location="${junit.home}/junit4.jar" />
+diff -Naur a/router/java/build.xml b/router/java/build.xml
+--- a/router/java/build.xml 2018-10-04 12:05:14.000000000 +0200
++++ b/router/java/build.xml 2018-10-12 08:14:52.921530213 +0200
+@@ -162,6 +162,7 @@
+ includeAntRuntime="true"
+ destdir="./build/obj">
+ <classpath>
++ <pathelement path="${javac.classpath}" />
+ <pathelement location="${hamcrest.home}/hamcrest-core.jar" />
+ <pathelement location="${hamcrest.home}/hamcrest-library.jar" />
+ <pathelement location="${hamcrest.home}/hamcrest-integration.jar" />
diff --git a/net-vpn/i2p/i2p-0.9.34.ebuild b/net-vpn/i2p/i2p-0.9.34.ebuild
deleted file mode 100644
index ea2983ad0cdc..000000000000
--- a/net-vpn/i2p/i2p-0.9.34.ebuild
+++ /dev/null
@@ -1,138 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-inherit java-pkg-2 java-ant-2 systemd user
-
-DESCRIPTION="A privacy-centric, anonymous network"
-HOMEPAGE="https://geti2p.net"
-SRC_URI="https://download.i2p2.de/releases/${PV}/i2psource_${PV}.tar.bz2"
-
-LICENSE="Apache-2.0 Artistic BSD CC-BY-2.5 CC-BY-3.0 CC-BY-SA-3.0 EPL-1.0 GPL-2 GPL-3 LGPL-2.1 LGPL-3 MIT public-domain WTFPL-2"
-SLOT="0"
-
-# Until the deps reach other arches
-KEYWORDS="~amd64 ~x86"
-IUSE="+ecdsa nls"
-
-# dev-java/ant-core is automatically added due to java-ant-2.eclass
-CP_DEPEND="dev-java/bcprov:1.50
- dev-java/jrobin:0
- dev-java/slf4j-api:0
- dev-java/tomcat-jstl-impl:0
- dev-java/tomcat-jstl-spec:0
- dev-java/java-service-wrapper:0"
-
-DEPEND="${CP_DEPEND}
- dev-java/eclipse-ecj:*
- dev-libs/gmp:0
- nls? ( >=sys-devel/gettext-0.19 )
- >=virtual/jdk-1.7"
-
-RDEPEND="${CP_DEPEND}
- ecdsa? (
- || (
- dev-java/icedtea:8[-sunec]
- dev-java/icedtea-bin:8
- dev-java/oracle-jre-bin
- dev-java/oracle-jdk-bin
- )
- )
- !ecdsa? ( >=virtual/jre-1.7 )"
-
-EANT_BUILD_TARGET="pkg"
-JAVA_ANT_ENCODING="UTF-8"
-
-pkg_setup() {
- java-pkg-2_pkg_setup
-
- enewgroup i2p
- enewuser i2p -1 -1 "${EPREFIX}/var/lib/i2p" i2p
-}
-
-src_prepare() {
- # as early as possible to allow generic patches to be applied
- default
-
- java-ant_rewrite-classpath
-
- java-pkg-2_src_prepare
-
- # We're on GNU/Linux, we don't need .exe files
- echo "noExe=true" > override.properties || die
- if ! use nls; then
- echo "require.gettext=false" >> override.properties || die
- fi
-
- # avoid auto starting browser
- sed -i 's|clientApp.4.startOnLoad=true|clientApp.4.startOnLoad=false|' \
- 'installer/resources/clients.config' || die
-
- # generate wrapper classpath, keeping the default to be replaced later
- i2p_cp='' # global forced by java-pkg_gen-cp
- java-pkg_gen-cp i2p_cp
- local lib cp i=2
- for lib in ${i2p_cp//,/ }
- do
- cp+="wrapper.java.classpath.$((i++))=$(java-pkg_getjars ${lib})\n"
- done
-
- # add generated cp and hardcode system VM
- sed -e "s|\(wrapper\.java\.classpath\.1=.*\)|\1\n${cp}|" \
- -e "s|\(wrapper\.java\.command\)=.*|\1=/etc/java-config-2/current-system-vm/bin/java|" \
- -e "s|\(wrapper\.java\.library\.path\.1\)=.*|\1=/usr/lib/java-service-wrapper|" \
- -i 'installer/resources/wrapper.config' || die
-
- # replace paths as the installer would
- sed -e "s|[\$%]INSTALL_PATH|${EPREFIX}/usr/share/i2p|" \
- -e "s|%SYSTEM_java_io_tmpdir|${EPREFIX}/var/lib/i2p/.i2p|" \
- -e "s|%USER_HOME|${EPREFIX}/var/lib/i2p|" \
- -i 'installer/resources/'{eepget,runplain.sh,wrapper.config} || die
-}
-
-src_install() {
- # cd into pkg-temp.
- cd "${S}/pkg-temp" || die
-
- # we remove system installed jar and install the others
- rm lib/{jrobin.jar,wrapper.jar} || \
- die 'unable to remove locally built jar already found in system'
- java-pkg_dojar lib/*.jar
-
- # create own launcher
- java-pkg_dolauncher eepget --main net.i2p.util.EepGet --jar i2p.jar
-
- # Install main files and basic documentation
- insinto '/usr/share/i2p'
- doins blocklist.txt hosts.txt *.config
- dodoc history.txt INSTALL-headless.txt LICENSE.txt
- doman man/*
-
- # Install other directories
- doins -r certificates docs eepsite geoip scripts
- java-pkg_dowar webapps/*.war
-
- # Install daemon files
- newinitd "${FILESDIR}/i2p.init" i2p
- systemd_dounit "${FILESDIR}/i2p.service"
-
- # setup user
- keepdir '/var/lib/i2p/.i2p'
- fowners i2p:i2p '/var/lib/i2p/.i2p'
-}
-
-pkg_postinst() {
- elog "Custom configuration belongs in ${EPREFIX}/var/lib/i2p/.i2p to avoid being overwritten."
- elog 'I2P can be configured through the web interface at http://localhost:7657/console'
-
- if use !ecdsa
- then
- ewarn 'Currently, the i2p team does not enforce to use ECDSA keys. But it is more and'
- ewarn 'more pushed. To help the network, you are recommended to have the ecdsa USE.'
- ewarn
- ewarn "This is purely a run-time issue. You're free to build i2p with any JDK, as long as"
- ewarn 'the JVM you run it with is one of the above listed and from the same or a newer generation'
- ewarn 'as the one you built with.'
- fi
-}
diff --git a/net-vpn/i2p/i2p-0.9.37.ebuild b/net-vpn/i2p/i2p-0.9.37.ebuild
new file mode 100644
index 000000000000..b12699fa6694
--- /dev/null
+++ b/net-vpn/i2p/i2p-0.9.37.ebuild
@@ -0,0 +1,179 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit java-pkg-2 java-ant-2 systemd user
+
+DESCRIPTION="A privacy-centric, anonymous network"
+HOMEPAGE="https://geti2p.net"
+SRC_URI="https://download.i2p2.de/releases/${PV}/i2psource_${PV}.tar.bz2"
+
+LICENSE="Apache-2.0 Artistic BSD CC-BY-2.5 CC-BY-3.0 CC-BY-SA-3.0 EPL-1.0 GPL-2 GPL-3 LGPL-2.1 LGPL-3 MIT public-domain WTFPL-2"
+SLOT="0"
+
+# Until the deps reach other arches
+KEYWORDS="~amd64 ~x86"
+IUSE="+ecdsa nls test"
+
+# dev-java/ant-core is automatically added due to java-ant-2.eclass
+CP_DEPEND='dev-java/bcprov:1.50
+ dev-java/jrobin:0
+ dev-java/slf4j-api:0
+ dev-java/tomcat-jstl-impl:0
+ dev-java/tomcat-jstl-spec:0
+ dev-java/java-service-wrapper:0
+ dev-java/commons-logging:0
+ dev-java/slf4j-simple:0
+ java-virtuals/servlet-api:3.1
+'
+
+DEPEND="${CP_DEPEND}
+ dev-java/eclipse-ecj:*
+ nls? ( >=sys-devel/gettext-0.19 )
+ virtual/jdk:1.8
+ test? (
+ dev-java/ant-junit4:0
+ dev-java/hamcrest-core:1.3
+ dev-java/hamcrest-library:1.3
+ dev-java/junit:4
+ )
+"
+
+RDEPEND="${CP_DEPEND}
+ ecdsa? (
+ || (
+ dev-java/icedtea:8[-sunec]
+ dev-java/icedtea-bin:8
+ dev-java/oracle-jre-bin
+ dev-java/oracle-jdk-bin
+ )
+ )
+ !ecdsa? ( virtual/jre:1.8 )
+ net-libs/nativebiginteger:0
+"
+
+EANT_BUILD_TARGET="pkg"
+# no scala as depending on antlib.xml not installed by dev-lang/scala
+EANT_TEST_TARGET='junit.test'
+JAVA_ANT_ENCODING="UTF-8"
+
+PATCHES=(
+ "${FILESDIR}/${PV}-add-cp-to-tests"
+)
+
+pkg_setup() {
+ java-pkg-2_pkg_setup
+
+ enewgroup i2p
+ enewuser i2p -1 -1 "${EPREFIX}/var/lib/i2p" i2p
+}
+
+src_prepare() {
+ # as early as possible to allow generic patches to be applied
+ default
+
+ java-ant_rewrite-classpath
+
+ java-pkg-2_src_prepare
+
+ # We're on GNU/Linux, we don't need .exe files
+ echo "noExe=true" > override.properties || die
+ if ! use nls; then
+ echo "require.gettext=false" >> override.properties || die
+ fi
+
+ # avoid auto starting browser
+ sed -i 's|clientApp.4.startOnLoad=true|clientApp.4.startOnLoad=false|' \
+ 'installer/resources/clients.config' || die
+
+ # generate wrapper classpath, keeping the default to be replaced later
+ i2p_cp='' # global forced by java-pkg_gen-cp
+ java-pkg_gen-cp i2p_cp
+ local lib cp i=2
+ for lib in ${i2p_cp//,/ }
+ do
+ cp+="wrapper.java.classpath.$((i++))=$(java-pkg_getjars ${lib})\n"
+ done
+
+ # add generated cp and hardcode system VM
+ sed -e "s|\(wrapper\.java\.classpath\.1=.*\)|\1\n${cp}|" \
+ -e "s|\(wrapper\.java\.command\)=.*|\1=/etc/java-config-2/current-system-vm/bin/java|" \
+ -e "s|\(wrapper\.java\.library\.path\.1\)=.*|\1=/usr/lib/java-service-wrapper|" \
+ -e "s|\(wrapper\.java\.library\.path\.2\)=.*|\0\nwrapper.java.library.path.3=/usr/$(get_libdir)|" \
+ -i 'installer/resources/wrapper.config' || die
+
+ # replace paths as the installer would
+ sed -e "s|[\$%]INSTALL_PATH|${EPREFIX}/usr/share/i2p|" \
+ -e "s|%SYSTEM_java_io_tmpdir|${EPREFIX}/var/lib/i2p/.i2p|" \
+ -e "s|%USER_HOME|${EPREFIX}/var/lib/i2p|" \
+ -i 'installer/resources/'{eepget,runplain.sh,wrapper.config} || die
+
+ if use test; then
+ # no *streaming as requiring >dev-java/mockito-1.9.5
+ sed -e '/junit\.test.*streaming/d' \
+ -i build.xml ||
+ die 'unable to remove ministreaming tests'
+ fi
+}
+
+src_test() {
+ # store built version of jars, overwritten by testing
+ mv "${S}/pkg-temp/lib/"{i2p,router}.jar "${T}" ||
+ die 'unable to save jars before tests'
+
+ # generate test classpath
+ local cp
+ cp="$(java-pkg_getjars --build-only junit-4,hamcrest-core-1.3,hamcrest-library-1.3)"
+ EANT_TEST_EXTRA_ARGS="-Djavac.classpath=${cp}" java-pkg-2_src_test
+
+ # redo work undone by testing
+ mv "${T}/"{i2p,router}.jar "${S}/pkg-temp/lib/" ||
+ die 'unable to restore jars after tests'
+}
+
+src_install() {
+ # cd into pkg-temp.
+ cd "${S}/pkg-temp" || die
+
+ # we remove system installed jar and install the others
+ rm lib/{jrobin,wrapper,jbigi,commons-logging,javax.servlet}.jar || \
+ die 'unable to remove locally built jar already found in system'
+ java-pkg_dojar lib/*.jar
+
+ # create own launcher
+ java-pkg_dolauncher eepget --main net.i2p.util.EepGet --jar i2p.jar
+
+ # Install main files and basic documentation
+ insinto '/usr/share/i2p'
+ doins blocklist.txt hosts.txt *.config
+ dodoc history.txt INSTALL-headless.txt LICENSE.txt
+ doman man/*
+
+ # Install other directories
+ doins -r certificates docs eepsite geoip scripts
+ java-pkg_dowar webapps/*.war
+
+ # Install daemon files
+ newinitd "${FILESDIR}/i2p.init" i2p
+ systemd_dounit "${FILESDIR}/i2p.service"
+
+ # setup user
+ keepdir '/var/lib/i2p/.i2p'
+ fowners i2p:i2p '/var/lib/i2p/.i2p'
+}
+
+pkg_postinst() {
+ elog "Custom configuration belongs in ${EPREFIX}/var/lib/i2p/.i2p to avoid being overwritten."
+ elog 'I2P can be configured through the web interface at http://localhost:7657/console'
+
+ if use !ecdsa
+ then
+ ewarn 'Currently, the i2p team does not enforce to use ECDSA keys. But it is more and'
+ ewarn 'more pushed. To help the network, you are recommended to have the ecdsa USE.'
+ ewarn
+ ewarn "This is purely a run-time issue. You're free to build i2p with any JDK, as long as"
+ ewarn 'the JVM you run it with is one of the above listed and from the same or a newer generation'
+ ewarn 'as the one you built with.'
+ fi
+}
diff --git a/net-vpn/i2p/metadata.xml b/net-vpn/i2p/metadata.xml
index f7a6c323e6cc..71d052d100fd 100644
--- a/net-vpn/i2p/metadata.xml
+++ b/net-vpn/i2p/metadata.xml
@@ -3,7 +3,7 @@
<pkgmetadata>
<maintainer type="person">
<email>tharvik@gmail.com</email>
- <name>Tharvik</name>
+ <name>Valérian Rousset</name>
</maintainer>
<maintainer type="project">
<email>java@gentoo.org</email>
diff --git a/net-vpn/i2pd/Manifest b/net-vpn/i2pd/Manifest
index 0ce1e65a5757..9d3e0ee2fb28 100644
--- a/net-vpn/i2pd/Manifest
+++ b/net-vpn/i2pd/Manifest
@@ -4,10 +4,10 @@ AUX i2pd-2.6.0-r3.confd 322 BLAKE2B 1abce31d300785fe0f42eb0c15bc26f723e99bfe4f3d
AUX i2pd-2.6.0-r3.initd 1385 BLAKE2B 5c754a7e289f8d102b2690f78fb3e9b805c6eb46208fba8d8200886dcd30e5e7ba682bb9eb493d654bbec03b8fa7ec58cf885f91203db400280c9de4d9c1e377 SHA512 c09d9164fedac748162eeeafabf4776e16869e7ad06ba5f1b008fa57655fbe8f9633804575e44011b61130699e394bd0d8623b13e9614623b8a9b34e5ad6ecd5
AUX i2pd-2.6.0-r3.logrotate 215 BLAKE2B 07cd3e250996ae2d4632795174750779a199c31107ed82a561b3f1dca84c6a81b6bac178ea06256325a2946876b9e75f9f6c453e5836a23911d5ecd802dc8b59 SHA512 e6080b719cb1616a96b4e4e9ff7074881f88dc699147fd5a201861c5836cf4807a00767a2c370f36e847b0d4ddb2129d8c3c3fc8043325fb8f3d0bc27feca2a3
AUX i2pd-2.6.0-r3.service 638 BLAKE2B 881b5e680af0dbb674766b4cc0a234e0a49db66f1f4a8ce762326f9bb8fb7437177d9c80988f514c34dd2ba2bab1909a10ee5ef912eee4711ea4ed9c5a6a4423 SHA512 8e35123ea30325e9f1de3d488d96a35b6e983e006084e983ab116aa5febd64feacb7643f3d9c3c7c7865375518e1acef060b4b02e9b052036f8d42f9dcc47a87
-DIST i2pd-2.18.0.tar.gz 1868440 BLAKE2B a5c65c379b38735bc43c81553416ac1dfd7064da33ff282de2ab7567aaeed1e49edbafb48c03f372f72e70bc4fe0e922036cd08538bf0b6c07e00c2c2f328dd9 SHA512 dc8e0f4df25188e4d72ea6ffa2c36e48a7d2103d025730b40e226ab631724a9a07a4dc03a1a3d08328972c98020c44535661820add80374f1dabdf3fc848ef84
DIST i2pd-2.19.0.tar.gz 1982459 BLAKE2B b05f7a3018091e9c0008ca7037e44b6f5a4416be57054df5f9af72bd664b7d4fc7673e5d3eb1b8bb1ddfb61e81145eb0a847b301a580ef971d181ed00a4c960a SHA512 4c3d2408962f3e55e1a22491b0844ce44cacc7aa631541a86e94554da88e42234576fe221e1398c88e7e68d267bbf9e73cbea9cd74981c354e46ba82d62bb32f
DIST i2pd-2.20.0.tar.gz 1991174 BLAKE2B 37b85dc37299cd6d2f64050eb096ecc11d75ccdcdba845f34c908e6467cbcb9fa7cea9243415bafd7c9167f5e8ea06c8729bcb885e78f45e37680f8001b69237 SHA512 affade889d32fdf20fc0bc4c7bb809fb511794421a80a93334707e26c72eecc83715d756d79ce7924d43ef44dc9f655925de860b5b392b6c4fe815eb873c1864
-EBUILD i2pd-2.18.0.ebuild 3100 BLAKE2B 27284f8510bfdf37c3d576fa1f4718134d5f948ee1f614272ae86b94cb2f68acb3f9ad59898f8a2b94280c3aa40e1f4c9410dd20d4ebd02e379099fbbad9db52 SHA512 809418d598459849a6d42322b1fa749f5eabcef3f0f3731ce44d74d5744716b5f3fdf979b1288f88b7667fe4e5aea5c83e73bdf5ff769e22b4d3dfb68306cbf6
+DIST i2pd-2.21.0.tar.gz 1993520 BLAKE2B 616f4938d547e6a5d27292bec1741fa28131c37ad12b0f7c564e24ff0fd3b0a01974989ac6f337cd58cc1a618980fd171692c0164d22c3e97080540318e5df89 SHA512 a9c2f4bb1ec6459e7f8f48b74a48dd192af0962876fc6dcf998febe342918f98a21ae421cf48402d5e0c4570641eb3112d85522230dad34cabe6c4f367d6d8ab
EBUILD i2pd-2.19.0.ebuild 3100 BLAKE2B 27284f8510bfdf37c3d576fa1f4718134d5f948ee1f614272ae86b94cb2f68acb3f9ad59898f8a2b94280c3aa40e1f4c9410dd20d4ebd02e379099fbbad9db52 SHA512 809418d598459849a6d42322b1fa749f5eabcef3f0f3731ce44d74d5744716b5f3fdf979b1288f88b7667fe4e5aea5c83e73bdf5ff769e22b4d3dfb68306cbf6
-EBUILD i2pd-2.20.0.ebuild 3164 BLAKE2B a85df4f576fe3b82a49fd2083a8d910b9d9058ec6de930da06c5a4f58d494484b5737ffb368c80f72bb719f7db5a035e8abcf102cc5898e7d7a7d1ca57909000 SHA512 f5a4df46f7e0ec657c9132fe3ae5f6eda09d4869fc42d0fb22af8f821967cb3b7f5bc9a7f6b091e9cd81a89fd1b84c00bfa6c33fccb837d4144c62709f387125
+EBUILD i2pd-2.20.0.ebuild 3166 BLAKE2B 5a62ee83bd80beca39b265a8a6806c733d047066d204afe101ded329795b4f053af6dd13e93914bb22ab307729eda6ed72073a6cd0bd5699ed6f350b4ae136cf SHA512 24098b0bf0e114bbcda5eaa821906f7b7c4387b4202220526bf177c109979f6a0b65d0449a7e13bcc2d134a90cf9e8ca0fc2cd7db04620e1ad5a3115de36a017
+EBUILD i2pd-2.21.0.ebuild 3140 BLAKE2B 62e6f83535bb2067918b2a331b62a69a4b0138bde9e59abb6270759aa3d1fef08574ef5d02765bafb9bc9beaa3600ab82aa3acc134f97c245f494d585cd52107 SHA512 ed9c1091fe233788a5e73d9e5afe194e57cd3801cb2c71054ad3ad14f68d9b880163e75eb7d94512a7022303f92471bf444076c0e20e2ae6f54b1d6e5f56a8e3
MISC metadata.xml 742 BLAKE2B 81ae213b17776466f9d33a4798bff20494ab8c09872d1a65fcb0ab4d05cbf2a0858c1c7538a205bbefa491a21d0b3deb613a362d7e5493e5c6ac074b1dacbe53 SHA512 ca6b5eea5aeb685632ed742144cf8a3fc19e7b0b1c213ea6fdf62a07a4f7727e8f001189e09daa201563bfbb79539cee0050c739a23320baa4b4d95a4279b553
diff --git a/net-vpn/i2pd/i2pd-2.18.0.ebuild b/net-vpn/i2pd/i2pd-2.18.0.ebuild
deleted file mode 100644
index 454dd172bd22..000000000000
--- a/net-vpn/i2pd/i2pd-2.18.0.ebuild
+++ /dev/null
@@ -1,113 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-inherit eutils systemd user cmake-utils versionator toolchain-funcs
-
-DESCRIPTION="A C++ daemon for accessing the I2P anonymous network"
-HOMEPAGE="https://github.com/PurpleI2P/i2pd"
-SRC_URI="https://github.com/PurpleI2P/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
-LICENSE="BSD"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc64 ~x86"
-IUSE="cpu_flags_x86_aes i2p-hardening libressl static +upnp websocket"
-
-# if using libressl, require >=boost-1.65, see #597798
-RDEPEND="!static? ( dev-libs/boost[threads]
- !libressl? ( dev-libs/openssl:0[-bindist] )
- libressl? ( dev-libs/libressl:0
- >=dev-libs/boost-1.65 )
- sys-libs/zlib
- upnp? ( net-libs/miniupnpc )
- )"
-DEPEND="${RDEPEND}
- static? ( dev-libs/boost[static-libs,threads]
- !libressl? ( dev-libs/openssl:0[static-libs] )
- libressl? ( dev-libs/libressl:0[static-libs]
- >=dev-libs/boost-1.65 )
- sys-libs/zlib[static-libs]
- upnp? ( net-libs/miniupnpc[static-libs] )
- )
- websocket? ( dev-cpp/websocketpp )"
-
-I2PD_USER=i2pd
-I2PD_GROUP=i2pd
-
-CMAKE_USE_DIR="${S}/build"
-
-DOCS=( README.md contrib/i2pd.conf contrib/tunnels.conf )
-
-PATCHES=( "${FILESDIR}/${PN}-2.14.0-fix_installed_components.patch" )
-
-pkg_pretend() {
- if tc-is-gcc && ! version_is_at_least "4.7" "$(gcc-version)"; then
- die "At least gcc 4.7 is required"
- fi
- if use i2p-hardening && ! tc-is-gcc; then
- die "i2p-hardening requires gcc"
- fi
-}
-
-src_configure() {
- mycmakeargs=(
- -DWITH_AESNI=$(usex cpu_flags_x86_aes ON OFF)
- -DWITH_HARDENING=$(usex i2p-hardening ON OFF)
- -DWITH_PCH=OFF
- -DWITH_STATIC=$(usex static ON OFF)
- -DWITH_UPNP=$(usex upnp ON OFF)
- -DWITH_WEBSOCKETS=$(usex websocket ON OFF)
- -DWITH_LIBRARY=ON
- -DWITH_BINARY=ON
- )
- cmake-utils_src_configure
-}
-
-src_install() {
- cmake-utils_src_install
-
- # config
- insinto /etc/i2pd
- doins contrib/i2pd.conf
- doins contrib/tunnels.conf
-
- # grant i2pd group read and write access to config files
- fowners "root:${I2PD_GROUP}" \
- /etc/i2pd/i2pd.conf \
- /etc/i2pd/tunnels.conf
- fperms 660 \
- /etc/i2pd/i2pd.conf \
- /etc/i2pd/tunnels.conf
-
- # working directory
- keepdir /var/lib/i2pd
- insinto /var/lib/i2pd
- doins -r contrib/certificates
- fowners "${I2PD_USER}:${I2PD_GROUP}" /var/lib/i2pd/
- fperms 700 /var/lib/i2pd/
-
- # add /var/lib/i2pd/certificates to CONFIG_PROTECT
- doenvd "${FILESDIR}/99i2pd"
-
- # openrc and systemd daemon routines
- newconfd "${FILESDIR}/i2pd-2.6.0-r3.confd" i2pd
- newinitd "${FILESDIR}/i2pd-2.6.0-r3.initd" i2pd
- systemd_newunit "${FILESDIR}/i2pd-2.6.0-r3.service" i2pd.service
-
- # logrotate
- insinto /etc/logrotate.d
- newins "${FILESDIR}/i2pd-2.6.0-r3.logrotate" i2pd
-}
-
-pkg_setup() {
- enewgroup "${I2PD_GROUP}"
- enewuser "${I2PD_USER}" -1 -1 /var/lib/run/i2pd "${I2PD_GROUP}"
-}
-
-pkg_postinst() {
- if [[ -f ${EROOT%/}/etc/i2pd/subscriptions.txt ]]; then
- ewarn
- ewarn "Configuration of the subscriptions has been moved from"
- ewarn "subscriptions.txt to i2pd.conf. We recommend updating"
- ewarn "i2pd.conf accordingly and deleting subscriptions.txt."
- fi
-}
diff --git a/net-vpn/i2pd/i2pd-2.20.0.ebuild b/net-vpn/i2pd/i2pd-2.20.0.ebuild
index 6e3dffbd6c17..aa8dd040979b 100644
--- a/net-vpn/i2pd/i2pd-2.20.0.ebuild
+++ b/net-vpn/i2pd/i2pd-2.20.0.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=6
@@ -9,7 +9,7 @@ HOMEPAGE="https://github.com/PurpleI2P/i2pd"
SRC_URI="https://github.com/PurpleI2P/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
LICENSE="BSD"
SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc64 ~x86"
+KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~x86"
IUSE="cpu_flags_x86_aes cpu_flags_x86_avx i2p-hardening libressl static +upnp websocket"
# if using libressl, require >=boost-1.65, see #597798
diff --git a/net-vpn/i2pd/i2pd-2.21.0.ebuild b/net-vpn/i2pd/i2pd-2.21.0.ebuild
new file mode 100644
index 000000000000..9b28206e7582
--- /dev/null
+++ b/net-vpn/i2pd/i2pd-2.21.0.ebuild
@@ -0,0 +1,120 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+inherit systemd user cmake-utils eapi7-ver toolchain-funcs
+
+DESCRIPTION="A C++ daemon for accessing the I2P anonymous network"
+HOMEPAGE="https://github.com/PurpleI2P/i2pd"
+SRC_URI="https://github.com/PurpleI2P/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~x86"
+IUSE="cpu_flags_x86_aes cpu_flags_x86_avx i2p-hardening libressl static +upnp websocket"
+
+# if using libressl, require >=boost-1.65, see #597798
+RDEPEND="
+ !static? (
+ dev-libs/boost[threads]
+ !libressl? ( dev-libs/openssl:0[-bindist] )
+ libressl? (
+ dev-libs/libressl:0
+ >=dev-libs/boost-1.65
+ )
+ upnp? ( net-libs/miniupnpc )
+ )"
+DEPEND="${RDEPEND}
+ static? (
+ dev-libs/boost[static-libs,threads]
+ !libressl? ( dev-libs/openssl:0[static-libs] )
+ libressl? (
+ dev-libs/libressl:0[static-libs]
+ >=dev-libs/boost-1.65
+ )
+ sys-libs/zlib[static-libs]
+ upnp? ( net-libs/miniupnpc[static-libs] )
+ )
+ websocket? ( dev-cpp/websocketpp )"
+
+I2PD_USER=i2pd
+I2PD_GROUP=i2pd
+
+CMAKE_USE_DIR="${S}/build"
+
+DOCS=( README.md contrib/i2pd.conf contrib/tunnels.conf )
+
+PATCHES=( "${FILESDIR}/${PN}-2.14.0-fix_installed_components.patch" )
+
+pkg_pretend() {
+ if tc-is-gcc && ! ver_test "$(gcc-version)" -ge "4.7"; then
+ die "At least gcc 4.7 is required"
+ fi
+ if use i2p-hardening && ! tc-is-gcc; then
+ die "i2p-hardening requires gcc"
+ fi
+}
+
+src_configure() {
+ mycmakeargs=(
+ -DWITH_AESNI=$(usex cpu_flags_x86_aes ON OFF)
+ -DWITH_AVX=$(usex cpu_flags_x86_avx ON OFF)
+ -DWITH_HARDENING=$(usex i2p-hardening ON OFF)
+ -DWITH_PCH=OFF
+ -DWITH_STATIC=$(usex static ON OFF)
+ -DWITH_UPNP=$(usex upnp ON OFF)
+ -DWITH_WEBSOCKETS=$(usex websocket ON OFF)
+ -DWITH_LIBRARY=ON
+ -DWITH_BINARY=ON
+ )
+ cmake-utils_src_configure
+}
+
+src_install() {
+ cmake-utils_src_install
+
+ # config
+ insinto /etc/i2pd
+ doins contrib/i2pd.conf
+ doins contrib/tunnels.conf
+
+ # grant i2pd group read and write access to config files
+ fowners "root:${I2PD_GROUP}" \
+ /etc/i2pd/i2pd.conf \
+ /etc/i2pd/tunnels.conf
+ fperms 660 \
+ /etc/i2pd/i2pd.conf \
+ /etc/i2pd/tunnels.conf
+
+ # working directory
+ keepdir /var/lib/i2pd
+ insinto /var/lib/i2pd
+ doins -r contrib/certificates
+ fowners "${I2PD_USER}:${I2PD_GROUP}" /var/lib/i2pd/
+ fperms 700 /var/lib/i2pd/
+
+ # add /var/lib/i2pd/certificates to CONFIG_PROTECT
+ doenvd "${FILESDIR}/99i2pd"
+
+ # openrc and systemd daemon routines
+ newconfd "${FILESDIR}/i2pd-2.6.0-r3.confd" i2pd
+ newinitd "${FILESDIR}/i2pd-2.6.0-r3.initd" i2pd
+ systemd_newunit "${FILESDIR}/i2pd-2.6.0-r3.service" i2pd.service
+
+ # logrotate
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/i2pd-2.6.0-r3.logrotate" i2pd
+}
+
+pkg_setup() {
+ enewgroup "${I2PD_GROUP}"
+ enewuser "${I2PD_USER}" -1 -1 /var/lib/run/i2pd "${I2PD_GROUP}"
+}
+
+pkg_postinst() {
+ if [[ -f ${EROOT%/}/etc/i2pd/subscriptions.txt ]]; then
+ ewarn
+ ewarn "Configuration of the subscriptions has been moved from"
+ ewarn "subscriptions.txt to i2pd.conf. We recommend updating"
+ ewarn "i2pd.conf accordingly and deleting subscriptions.txt."
+ fi
+}
diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest
index 0d5092123ac7..9ba80e26a9e2 100644
--- a/net-vpn/libreswan/Manifest
+++ b/net-vpn/libreswan/Manifest
@@ -5,7 +5,9 @@ AUX libreswan-3.26-nss.patch 853 BLAKE2B 487afd48208223030aa5a4fc434f1bc5d817d9e
DIST libreswan-3.22.tar.gz 6910418 BLAKE2B c06134fa2d1096231797f1ea93de8ed61121472b10ae30ee9a843250dce4ef9f21e7d3bf63f38daf53fbfd8d1e435cfdc704743d0fdcbde8ecac137d9becac48 SHA512 93868327394527750590e1297443d3eb1c9a528d680348098fd2913123dac52c9fecd73b855ee00586c2516b8aa00f7f0d158d8e9b19d7487b5fb26432b86aff
DIST libreswan-3.25.tar.gz 3988630 BLAKE2B 8479b5b0d7d49055b7dcefa6c3b2f469b0aa60005e05446d5c1c6f73a32c904835422248c6ead2a1c2dc83b63794fd50f7461fd22c4206414b5890c01b99b722 SHA512 246649cb5bef1d0690217d1080f3f6f175a0d7a5f27e5a7affdf291b2f418a11937e96b64716a33e6312530409a2c1b10b90e2fa5ec339a27c94c990d86ed517
DIST libreswan-3.26.tar.gz 3706205 BLAKE2B e54e6d3a0163f0b6812c53400e7f57e01319d7cf64a5d9e84d5002bbab24d5de1b6461c6bba02d60630017a50c23ecb1a095f3da1a36a4e6fc64e90cf08fd798 SHA512 10965a23197ef5d21a66dc0838066ceb620b2653f64471553284e0043fbc993584e497742b498e0be410427aeed3d8ce5bfdc6dfab59b8a1a1ba9a363473c4a4
+DIST libreswan-3.27.tar.gz 3720103 BLAKE2B 51ee792cd3fb8330a9cfee0b1a27e48c9a8c8fd3346e8c06fe0a911c813c400ef62d68b1d06bb849695aad5f4d5a496dc444b2543aa9ffbc59d373081c0b85e5 SHA512 b92ecfd08b9d19dc801032176eff3dd07f625223d4f0dd07ff10f639644573430a55f7aebfcc8b9d2424e194ca9d06b17ad5a13dad5dc6f659d19bc5d32520f5
EBUILD libreswan-3.22.ebuild 2814 BLAKE2B 566683ee612fd84a0fe4cf49cd90bb2c8f67e9aa151461c0c0e68a9179ce5741203764ac520f9f434d8f02d0a30129d3e39059329ca5f991bed74437be4c117a SHA512 e337d3895fd3fe3a803b7e137407dff4ee5e6c4e9928c157715c1f87a6c877f2be4498d884254379c03d63b95f75e71df01a2d839535bb75bcbee7c770956654
EBUILD libreswan-3.25.ebuild 2856 BLAKE2B 0e2573d71d4f96d6cf271e6d71ad7efffd336877ede43f5ed2f7e35103d8cd67194df195c7bab7d9be513c2ee85c869af8778a8f9fefaf2087e0114b4d052a90 SHA512 be841c666376e6b410b9bd5f15d84c23f3bfa5848ea382b29108ce104cdb22627af145bdaa9b5d5447560705859cc5726643562a109b8b9d126967251c8e0db8
EBUILD libreswan-3.26.ebuild 2896 BLAKE2B 6887a7656d51395835ad41605b4ed9e9d915e0996cc2c6612a48abdc4c7a6071f3de69089bbc96212c39bcfba8076e2d857042aef1c7d172a0b29a06eb4afbe5 SHA512 cd803735a9b396205ba3e382befbd63b40cf7e8532de299ee8a1736208b7c2ca079fa4e083b272115fb53ecd8e1194003675110a50dc9313b4f06b45a101d844
+EBUILD libreswan-3.27.ebuild 2813 BLAKE2B 23c1d768e88dd76262c0dacdd412d5ce2565c86dfe9a216a44defea8e16430e9659fe695123e9e12255e71b769c82c2abd45654e8fa39466f495fb582af67fc2 SHA512 ad9325ee407f85a0ebf0bbe740b8c36c3c0078bdf9023ca6ec03b5e430ca0b3d4eee3ff590ee76b0c8729e7923e95966ae3ae44bfca543a7741e1efd1bace956
MISC metadata.xml 319 BLAKE2B 6bae0756e29efeb1cf77d60f7e38fe62ffa5f24c3745e07900e6ef5f65194c50f6a479d97fdcc24804ccdcfefd9707b12f08dffe613fcf798afc421826de36e4 SHA512 924161f15c0f7a9666a6d7a422b45da679190e1a0f2859b997ddd753cbf49df9da337e5420040210736f76fa712dca3ec8862480f62bd321de71e74bee7c0865
diff --git a/net-vpn/libreswan/libreswan-3.27.ebuild b/net-vpn/libreswan/libreswan-3.27.ebuild
new file mode 100644
index 000000000000..736e805196d8
--- /dev/null
+++ b/net-vpn/libreswan/libreswan-3.27.ebuild
@@ -0,0 +1,112 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit systemd toolchain-funcs
+
+SRC_URI="https://download.libreswan.org/${P}.tar.gz"
+KEYWORDS="~amd64 ~ppc ~x86"
+
+DESCRIPTION="IPsec implementation for Linux, fork of Openswan"
+HOMEPAGE="https://libreswan.org/"
+
+LICENSE="GPL-2 BSD-4 RSA DES"
+SLOT="0"
+IUSE="caps curl dnssec ldap pam seccomp selinux systemd test"
+
+COMMON_DEPEND="
+ dev-libs/gmp:0=
+ dev-libs/libevent:0=
+ dev-libs/nspr
+ caps? ( sys-libs/libcap-ng )
+ curl? ( net-misc/curl )
+ dnssec? ( net-dns/unbound:= net-libs/ldns )
+ ldap? ( net-nds/openldap )
+ pam? ( sys-libs/pam )
+ seccomp? ( sys-libs/libseccomp )
+ selinux? ( sys-libs/libselinux )
+ systemd? ( sys-apps/systemd:0= )
+"
+DEPEND="${COMMON_DEPEND}
+ app-text/docbook-xml-dtd:4.1.2
+ app-text/xmlto
+ dev-libs/nss
+ sys-devel/bison
+ sys-devel/flex
+ virtual/pkgconfig
+ test? ( dev-python/setproctitle )
+"
+RDEPEND="${COMMON_DEPEND}
+ dev-libs/nss[utils(+)]
+ sys-apps/iproute2
+ !net-misc/openswan
+ !net-vpn/strongswan
+ selinux? ( sec-policy/selinux-ipsec )
+"
+
+usetf() {
+ usex "$1" true false
+}
+
+src_prepare() {
+ sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die
+ sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die
+ default
+}
+
+src_configure() {
+ tc-export AR CC
+ export INC_USRLOCAL=/usr
+ export INC_MANDIR=share/man
+ export FINALEXAMPLECONFDIR=/usr/share/doc/${PF}
+ export FINALDOCDIR=/usr/share/doc/${PF}/html
+ export INITSYSTEM=openrc
+ export INC_RCDIRS=
+ export INC_RCDEFAULT=/etc/init.d
+ export USERCOMPILE=
+ export USERLINK=
+ export USE_DNSSEC=$(usetf dnssec)
+ export USE_LABELED_IPSEC=$(usetf selinux)
+ export USE_LIBCAP_NG=$(usetf caps)
+ export USE_LIBCURL=$(usetf curl)
+ export USE_LINUX_AUDIT=$(usetf selinux)
+ export USE_LDAP=$(usetf ldap)
+ export USE_SECCOMP=$(usetf seccomp)
+ export USE_SYSTEMD_WATCHDOG=$(usetf systemd)
+ export SD_WATCHDOGSEC=$(usex systemd 200 0)
+ export USE_XAUTHPAM=$(usetf pam)
+ export DEBUG_CFLAGS=
+ export OPTIMIZE_CFLAGS=
+ export WERROR_CFLAGS=
+}
+
+src_compile() {
+ emake all
+ emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" all
+}
+
+src_test() {
+ : # integration tests only that require set of kvms to be set up
+}
+
+src_install() {
+ default
+ emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" DESTDIR="${D}" install
+
+ echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets
+ fperms 0600 /etc/ipsec.secrets
+
+ dodoc -r docs
+
+ find "${D}" -type d -empty -delete || die
+}
+
+pkg_postinst() {
+ local IPSEC_CONFDIR=${ROOT%/}/etc/ipsec.d
+ if [[ ! -f ${IPSEC_CONFDIR}/cert8.db ]]; then
+ ebegin "Setting up NSS database in ${IPSEC_CONFDIR}"
+ certutil -N -d "${IPSEC_CONFDIR}" -f <(echo)
+ eend $?
+ fi
+}
diff --git a/net-vpn/openconnect/Manifest b/net-vpn/openconnect/Manifest
index bb47726eb5d9..06baf7d367f1 100644
--- a/net-vpn/openconnect/Manifest
+++ b/net-vpn/openconnect/Manifest
@@ -1,23 +1,8 @@
-AUX openconnect-7.07-libressl.patch 2687 BLAKE2B a8222fd3e0078e9a60ea02577c84c729052bdbfea271d934bc5c5cae4ff983ee3ca260dd18a5b87ec867afa10e6337e362a8adc8e672a9390fd423e4906f5ac7 SHA512 e9e408eccb146004b308f6702750eab7ca764000f67db8c06f58394281f09e24ddb644699ce68c12463025e88c42e3cee81ed5285f0c23ba45bab17d5701f6e9
-AUX openconnect-7.07-mimic-pulse-client.patch 1280 BLAKE2B ca75ceb83098f915e83c318e16df6166fa4a3607d0580eb4af7beab19261fe26372f87eb89686d146aeb65fbdcc99e0ad30272b6f42a7cddf274db924aefd55f SHA512 87d40d896197532a9c6369cec17fbcbc37a8d9d4a8f6a550e0269071d88db7dd457860746ec383c83de42b39af0f3c0657fdaae5ab6e392bd910437597785f01
AUX openconnect.conf.in 941 BLAKE2B 8cfa197edfe3b3754e45281b33d51bee0dd80746ac129b071710ca9d6f5aa5da16a3c3ad5fa52c6bfdc0ae4a9b1e3cfea2c20909c6164e67e0dba880cf08fc8a SHA512 a689df7141621c80bca77fdd1e01397b98882c7fd8db79b2fe1495916656522234e3af739538002533c003e4243e9af4bf80cd73bae961e15568997ce89ef6d5
-AUX openconnect.init.in 2747 BLAKE2B 69e748bd0a6603d0cca6b863134155d90cc106a5e2116d0108a2e167cd2aee00126909c4b907f337b79f3c5aacc02a7d7117ae4e74aa0cd18301c587f9c7e2aa SHA512 5f0c4c195e6e0e8770a3b6a6f8890962984cff9487f037cf1ca9cc565cfca0cabf0509060a08f1cabcdb1d34356f33dd843b852298d7531312568b2617cc05bc
AUX openconnect.init.in-r4 1775 BLAKE2B 2237238a2d149532e90c96190829e9ef51afa50487a0fd45c3c4d2e983fb8755bdf0de3eca44df740b286f4d353b03d71fcd2c2a27129f18031b2bd01989f738 SHA512 7b832550ef21ddb4b1c0eae7f3838b925745a5ebbdb74f1583fb8710b75175ebcbc7b1558ce95f59cd78542bec8bc01f7ab6d32ec4a5b168bb8a516a8907d362
AUX openconnect.logrotate 116 BLAKE2B 308d088f7c06239ec68831e415df420362c1825ae279fa6f736f36df0bf2e7efc8ea6a4ab43d9b53680dd0ab5028c92bf70a0597b56a20da06b302457e7d5f07 SHA512 ea1b6caf6278fea515c299072ee799ab3676014784703d7fa8e4f4d7bfc4599650c386d9706a3e6d92c195c9e5e1628fa6efc1124e1ae72875cc9eaab73cb077
-DIST openconnect-7.06.tar.gz 1343870 BLAKE2B db064490b40ab3e63560893aa8864f19386d8eba0c1d8072a16c36f678bb7734c9ead6c13b330c3b7319e46d6d3ceb8bec3899d0856838cfeff9979e293a005e SHA512 d1af9efe4ac1f6671dc6b92db0df981e8cae3f2f50b8b4c35a112b42a76517b7c8ea9fd5da93352445dd61da3012bf34fdbcc3add9d8727cbaad7d311e516108
-DIST openconnect-7.06_p20160614.tar.gz 2332148 BLAKE2B f6a46f58b52b65659f90d3ddb13f0e51fb96c96089358423c99e1dc0699f0501a1c4f1ba4b22b061e226f2046083dc38c06b4b879877905bb256d6dc978173a2 SHA512 7832251180e9c738c84ee89d0ad35144318f90cc9ede48e0cdb73747e64b2a3fbf4ad8175d0d755cb5629fbfc37c76a131a1b54a03c4249727102b572cbdfd66
-DIST openconnect-7.07.tar.gz 1557283 BLAKE2B 15b5470fdb1a497d9b238b4eee5ba9a8cb1cbe05ff42d4782b16305842544954e103671bf825e334ef2333861509b00aa7c54c10dc799072a0af7469f5f5fd49 SHA512 fcce82419a058f5210f8b6167a10e52eb572c93cda3ec941bf11e5bfcf8395ce2f816cba4f5f9a02920eb023fe7dfbd8192d5664ce5bab29bf88506b67ec34e3
DIST openconnect-7.08.tar.gz 1686133 BLAKE2B 265c43982b475ef1e49d7bf16e782c82b9ac48fbfbe61b5b8fe250505391edea8e5050e8cc3dc9b3cadb349f3842e13c05e431172e8c7488d9052ad15c93e87e SHA512 22f9b0bd4bd17e2ab91ff42b2464c89abba035fe705c037ba4d1042ace460c8738e20481783a1edc3b7dd6503fe9fcc7fdd188552811fb1525310e25a4c2f400
-DIST vpnc-scripts-20140806.tar.gz 20070 BLAKE2B 8a53bb0794a6eb2c121fd3a9e7068e998d9386a9a8ee4f0670baca0ef11411f351c8beb7791fd9e31cef63734a1b3ce9a1c426ba2792c75b002c718c124f1ebd SHA512 bfa230d6eb2db0696a23228cef6e742dcf5e609c25de725c23e2c7bee96d00045ea656d6c7025cdf7785f70baeb8a8d79af6aec93d7285bcb3c029dc744e5380
-DIST vpnc-scripts-20160829.tar.gz 20297 BLAKE2B 42d107669c938e020f10ebd332ea5a27f93c3ec461c4b03c0885b96df1330d7b071d78ec61be08d53425b779edbb2b98222cc9313f89905c68d8ae7e44efc283 SHA512 0edd0e5184ac4a705f213a87fa8afa2e2cd54c9bd1aa01955a3a5107c42da8eae7b639896daceecc556a63b0663ee47e25fc21e77f0f74774330d546584fd2c1
DIST vpnc-scripts-20180227.tar.gz 21241 BLAKE2B 2ba4c76121ba9c5d307233d6f8c91db03c8da4882b8f6dfeed335f7fcc30438df8fe0657a1177e7e551566b597e195cf41bb6e27e13b757a0c931e8574de9a5e SHA512 9a508426e9307213078ce57b59d25168647fa5d2e823b1085e93401259b0a52269e948c8292e4055babf3e8b3c087a23475b5caa2a43c11feb2df8b0d8843972
-EBUILD openconnect-7.06-r1.ebuild 3486 BLAKE2B 0939f656dfca55c414884c6f09c3ae221617872d229a2e9f03fd35dd70e0767581eed4b8d30e5571d37ac5d8c8f859c0b67bc2e879ecabfeb31d5607fd88e22e SHA512 80fb50f87efba75d3d25945b0f5956cf8c13984bedf9b2e5e4367f53655cd2ae2431c3efd751f05fae140f20b60c83b258c6f0727dcfe382f3922cd8a27f230d
-EBUILD openconnect-7.06-r4.ebuild 3599 BLAKE2B a2c10819815da62a7380bb7b77f818d4ea6a93273650dbfc5d824a187340b253559dbbd4c507d12e7cad6412910cf8a25914adc9b66511680293015b21378389 SHA512 ef0b4e2d0fe07a197701103b6df7d3b3ba52a683b7d1d5de8a3ab7a87a29dd9e24fec5b990ae0d433048832f7d8629e15903e0a4c479a47588c6596a79a9d14e
-EBUILD openconnect-7.06_p20160614.ebuild 3735 BLAKE2B 7ea20a35fe2c8e2f6a6271b49701f39b4ad0a9dc2b6044761bb05792440f7d2d1d09e91f71a65b44cc3b8aaa1e5f93d21b6bdc7eb520a2736766642507662806 SHA512 0102c424e2acf55e886071fa3fa7b0102634e18177ffed6ab2be065c9749b3d10647ce775e877e6df6a14555817645ed2bb766bbe8b2c856fbaa68ddf875a31e
-EBUILD openconnect-7.07-r1.ebuild 3746 BLAKE2B b19e7ef12f15a1f8b958c8ec459ef12cc16846ba333239628c2dcd395003015b8a7545279cbb32a7674ed437f970a219e1da4a5247d10e5eee93cefd60f8645a SHA512 e1caea75bad3efb24f2461742b0203ceb34d931541133d922586fc5a40cb280868d1676cedcb9cea0c0487fee835340f8146afccc334146380b377a9c427afce
-EBUILD openconnect-7.07-r2.ebuild 3850 BLAKE2B aea4f41c17d356eca03df60934911ffccf4c6af6cf297c631da35878d21291db5b0bd83eb1ed2ee664452c3f1f3704c0bc6ef0e7431508fb6114cd5f07248ad8 SHA512 e2a6699904d0da2251cad7b99f8490f606bc816e3d9ae762eaa8f4e5af6143cf9784d5a1bfa717f5cf323901b6be031c7d5ad76577e07c77ce186dd265e93628
-EBUILD openconnect-7.07-r3.ebuild 3969 BLAKE2B 644f5ea0cb09e757a186ca06a8ee0231dd30bef87cbeaa134b175f85956ef76045e6ed666796f110f67f4dac9f25a479d1a1730de63ea9f72b40ccd2d61ed162 SHA512 09e12f6b2037e2cd7110fd81fdfe8b517d82712ac27e5c9079c73c3b107a8fb9c06c5a368bdabe496b3ed501acbc6d752197d033308a69471acd747e2949e19b
-EBUILD openconnect-7.08-r1.ebuild 3728 BLAKE2B 19f238774a67f117e8f8ce98a904b46d782aba095f20c8b6cd6c8ba95727ef34191a0b32ea83ef86e37f5a827708079cfc4de01d6ef5f5b1c277b78c2603f71f SHA512 faddf72a3109b5393b90ef3bc9e72e7943ef5149c54d3a3029ffe92dd70b07270e982c4a21087544832b2f368d550935f7d511193f1b6d12fb55a540ada500f3
-EBUILD openconnect-7.08.ebuild 3724 BLAKE2B aa4953ed9d9b31045bcd16415a637114509ba401bb64b1f224de69260f6bf6ab90378ae377a005dd02221afbc14615abb13971949ff30d42c8f5a7c8f57a782b SHA512 64bac40b9d4caf55cb2a37a26ff292e8120c95d254beff1df9e85371eb2d97e90d1e7a00de30110431fa86f2f22130db43e1b5f02c367f083023a5e49b53665f
-EBUILD openconnect-9999.ebuild 3728 BLAKE2B 19f238774a67f117e8f8ce98a904b46d782aba095f20c8b6cd6c8ba95727ef34191a0b32ea83ef86e37f5a827708079cfc4de01d6ef5f5b1c277b78c2603f71f SHA512 faddf72a3109b5393b90ef3bc9e72e7943ef5149c54d3a3029ffe92dd70b07270e982c4a21087544832b2f368d550935f7d511193f1b6d12fb55a540ada500f3
+EBUILD openconnect-7.08-r1.ebuild 3721 BLAKE2B 765faa806a725c554faca14efe1317e7facddac5d701d9a3e252bca579f5be311576886d9b91e94fa31b0feec97ff5aee0427458ac66265edb51ce4671dacac6 SHA512 87eebbe79f95c5502b3eb3fcedbe38639fc700c76b3287d352f35e88e8d8a14dd1a992effe85154510bcea2e26895e00e43302709b370ad8ccc5b6343456e559
+EBUILD openconnect-9999.ebuild 3725 BLAKE2B da7d74ab67d7e6bb7fb6955a08dc4024cae8434569d9757c7bd9f332e5fe1d8bd0fadfeb0273ec68104bc02703bca4d7c3ff7271e07522b1928c937c1f57ce29 SHA512 5cf970b3d259569e607144e1b0035b807f1691b31fa411fb462ee8d7f859e2b250cc6ef532173a2c96cf2caaeecb7c3042ee156a17df018c40807db2f4b260e9
MISC metadata.xml 642 BLAKE2B 57e9e1e2bdbbac2deaa1419dd84f793b9e6adfedddb04a57813633d1a552e13d392648782ed642bf6602b1e48b47432aa3bd05588f9e410ed67d775d34adca80 SHA512 3a6b08e9258161af07ff47a0c52fe294185a2dd41bb7786500bfc35d56a1c1e366d013979a3bba6a80d8350e5765cb06876e9f4270c1e504445224a308de185f
diff --git a/net-vpn/openconnect/files/openconnect-7.07-libressl.patch b/net-vpn/openconnect/files/openconnect-7.07-libressl.patch
deleted file mode 100644
index 4f9d34bceee1..000000000000
--- a/net-vpn/openconnect/files/openconnect-7.07-libressl.patch
+++ /dev/null
@@ -1,77 +0,0 @@
-From d4a8afc2e8693628f2de554e717458e08bcc2fcf Mon Sep 17 00:00:00 2001
-From: Aric Belsito <lluixhi@gmail.com>
-Date: Thu, 3 Nov 2016 11:37:23 -0700
-Subject: [PATCH] Fix LibreSSL Build.
-
-From Voidlinux:
-
-From d51ab5615e11af4a2c160b2b8240e5d9f3c15422 Mon Sep 17 00:00:00 2001
-From: Duncaen <duncaen@voidlinux.eu>
-Date: Wed, 13 Jul 2016 15:21:16 +0200
-Subject: [PATCH] openconnect: update to 7.07.
----
- openssl-esp.c | 4 ++--
- openssl.c | 8 ++++----
- 2 files changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/openssl-esp.c b/openssl-esp.c
-index 2c1aa49..bd4dce3 100644
---- a/openssl-esp.c
-+++ b/openssl-esp.c
-@@ -27,7 +27,7 @@
- #include <openssl/evp.h>
- #include <openssl/rand.h>
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-
- #define EVP_CIPHER_CTX_free(c) do { \
- EVP_CIPHER_CTX_cleanup(c); \
-@@ -85,7 +85,7 @@ static int init_esp_ciphers(struct openconnect_info *vpninfo, struct esp *esp,
- }
- EVP_CIPHER_CTX_set_padding(esp->cipher, 0);
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- esp->hmac = malloc(sizeof(*esp->hmac));
- esp->pkt_hmac = malloc(sizeof(*esp->pkt_hmac));
- if (!esp->hmac || &esp->pkt_hmac) {
-diff --git a/openssl.c b/openssl.c
-index 785fd2a..6007cef 100644
---- a/openssl.c
-+++ b/openssl.c
-@@ -36,11 +36,11 @@
- #include <openssl/ui.h>
- #include <openssl/rsa.h>
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- #define X509_up_ref(x) CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509)
- #endif
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- #define EVP_MD_CTX_new EVP_MD_CTX_create
- #define EVP_MD_CTX_free EVP_MD_CTX_destroy
- #define X509_STORE_CTX_get0_chain(ctx) ((ctx)->chain)
-@@ -991,7 +991,7 @@ static int set_peer_cert_hash(struct openconnect_info *vpninfo)
- return 0;
- }
-
--#if OPENSSL_VERSION_NUMBER < 0x10002000L
-+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
- static int match_hostname_elem(const char *hostname, int helem_len,
- const char *match, int melem_len)
- {
-@@ -1653,7 +1653,7 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
- * 4fcdd66fff5fea0cfa1055c6680a76a4303f28a2
- * cd6bd5ffda616822b52104fee0c4c7d623fd4f53
- */
--#if OPENSSL_VERSION_NUMBER >= 0x10001070
-+#if OPENSSL_VERSION_NUMBER >= 0x10001070 || defined(LIBRESSL_VERSION_NUMBER)
- if (string_is_hostname(vpninfo->hostname))
- SSL_set_tlsext_host_name(https_ssl, vpninfo->hostname);
- #endif
---
-2.10.2
-
diff --git a/net-vpn/openconnect/files/openconnect-7.07-mimic-pulse-client.patch b/net-vpn/openconnect/files/openconnect-7.07-mimic-pulse-client.patch
deleted file mode 100644
index 5cfeca6ec52d..000000000000
--- a/net-vpn/openconnect/files/openconnect-7.07-mimic-pulse-client.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From 4ce9c9241f5707917e87e93a055f757cea5fb84d Mon Sep 17 00:00:00 2001
-From: Jon DeVree <nuxi@vault24.org>
-Date: Mon, 19 Sep 2016 21:00:18 -0400
-Subject: [PATCH] Add Content-Length header to mimic official pulse client
-
-The official pulse client sends in a fixed "Content-Length: 256" header
-with these two HTTP requests. Some versions of the VPN server will
-reject requests with an HTTP 400 error if they do not have this header.
-
-Signed-off-by: Jon DeVree <nuxi@vault24.org>
-Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
----
- oncp.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/oncp.c b/oncp.c
-index cc9a223..2bf1571 100644
---- a/oncp.c
-+++ b/oncp.c
-@@ -562,6 +562,7 @@ int oncp_connect(struct openconnect_info *vpninfo)
-
- buf_append(reqbuf, "POST /dana/js?prot=1&svc=1 HTTP/1.1\r\n");
- oncp_common_headers(vpninfo, reqbuf);
-+ buf_append(reqbuf, "Content-Length: 256\r\n");
- buf_append(reqbuf, "\r\n");
-
- if (buf_error(reqbuf)) {
-@@ -606,6 +607,7 @@ int oncp_connect(struct openconnect_info *vpninfo)
- buf_truncate(reqbuf);
- buf_append(reqbuf, "POST /dana/js?prot=1&svc=4 HTTP/1.1\r\n");
- oncp_common_headers(vpninfo, reqbuf);
-+ buf_append(reqbuf, "Content-Length: 256\r\n");
- buf_append(reqbuf, "\r\n");
-
- if (buf_error(reqbuf)) {
---
-2.7.3
-
diff --git a/net-vpn/openconnect/files/openconnect.init.in b/net-vpn/openconnect/files/openconnect.init.in
deleted file mode 100644
index c4497956d8a3..000000000000
--- a/net-vpn/openconnect/files/openconnect.init.in
+++ /dev/null
@@ -1,122 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2012 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-VPN="${RC_SVCNAME#*.}"
-VPNLOG="/var/log/openconnect/${VPN}"
-VPNLOGFILE="${VPNLOG}/openconnect.log"
-VPNERRFILE="${VPNLOG}/openconnect.err"
-VPNPID="/run/openconnect/${VPN}.pid"
-VPNDIR="/etc/openconnect/${VPN}"
-PREUPSCRIPT="${VPNDIR}/preup.sh"
-PREDOWNSCRIPT="${VPNDIR}/predown.sh"
-POSTUPSCRIPT="${VPNDIR}/postup.sh"
-POSTDOWNSCRIPT="${VPNDIR}/postdown.sh"
-SERVER="server_${VPN}"
-PASSWORD="password_${VPN}"
-VPNOPTS="vpnopts_${VPN}"
-
-depend() {
- before netmount
-}
-
-checkconfig() {
- if [ $VPN = "openconnect" ]; then
- eerror "You cannot call openconnect directly. You must create a symbolic link to it with the vpn name:"
- echo
- eerror "ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0"
- echo
- eerror "And then call it instead:"
- echo
- eerror "/etc/init.d/openconnect.vpn0 start"
- return 1
- fi
-}
-
-checktuntap() {
- if [ $(uname -s) = "Linux" ] ; then
- if [ ! -e /dev/net/tun ]; then
- if ! modprobe tun ; then
- eerror "TUN/TAP support is not available in this kernel"
- return 1
- fi
- fi
- if [ -h /dev/net/tun ] && [ -c /dev/misc/net/tun ]; then
- ebegin "Detected broken /dev/net/tun symlink, fixing..."
- rm -f /dev/net/tun
- ln -s /dev/misc/net/tun /dev/net/tun
- eend $?
- fi
- fi
-}
-
-start() {
- ebegin "Starting OpenConnect: ${VPN}"
-
- checkconfig || return 1
-
- checktuntap || return 1
-
- if [ "${!SERVER}" == "vpn.server.tld" ]; then
- eend 1 "${VPN} not configured"
- return 1
- fi
-
- if [ ! -e "${VPNLOG}" ]; then
- mkdir -p "${VPNLOG}"
- fi
-
- local piddir="${VPNPID%/*}"
- if [ ! -d "$piddir" ] ; then
- mkdir -p "$piddir"
- if [ $? -ne 0 ]; then
- eerror "Directory $piddir for pidfile does not exist and cannot be created"
- return 1
- fi
- fi
-
- if [ -x "${PREUPSCRIPT}" ] ; then
- "${PREUPSCRIPT}"
- fi
-
- start-stop-daemon --start --make-pidfile --pidfile "${VPNPID}" --stderr "${VPNERRFILE}" --stdout "${VPNLOGFILE}" --background \
- --exec /usr/sbin/openconnect \
- -- --pid-file="${VPNPID}" ${!VPNOPTS} ${!SERVER} <<< ${!PASSWORD}
-
- local retval=$?
-
- if [ ! ${retval} -eq 0 ]; then
- eend ${retval}
- return ${retval}
- fi
-
- if [ -x "${POSTUPSCRIPT}" ] ; then
- "${POSTUPSCRIPT}"
- fi
-
- eend $?
-}
-
-stop() {
- ebegin "Stopping OpenConnect: ${VPN}"
-
- checkconfig || return 1
-
- if [ -x "${PREDOWNSCRIPT}" ] ; then
- "${PREDOWNSCRIPT}"
- fi
-
- start-stop-daemon --pidfile "${VPNPID}" --stop /usr/sbin/openconnect
- local retval=$?
-
- if [ ! ${retval} -eq 0 ]; then
- eend ${retval}
- return ${retval}
- fi
-
-
- if [ -x "${POSTDOWNSCRIPT}" ] ; then
- "${POSTDOWNSCRIPT}"
- fi
- eend $?
-}
diff --git a/net-vpn/openconnect/openconnect-7.06-r1.ebuild b/net-vpn/openconnect/openconnect-7.06-r1.ebuild
deleted file mode 100644
index 86c9caecd8f8..000000000000
--- a/net-vpn/openconnect/openconnect-7.06-r1.ebuild
+++ /dev/null
@@ -1,135 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="5"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="xml"
-
-inherit eutils java-pkg-opt-2 linux-info python-any-r1 readme.gentoo
-
-DESCRIPTION="Free client for Cisco AnyConnect SSL VPN software"
-HOMEPAGE="http://www.infradead.org/openconnect.html"
-VPNC_VER=20140806
-SRC_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz
- ftp://ftp.infradead.org/pub/vpnc-scripts/vpnc-scripts-${VPNC_VER}.tar.gz"
-
-LICENSE="LGPL-2.1 GPL-2"
-SLOT="0/5"
-KEYWORDS="amd64 arm ~arm64 ppc64 x86"
-IUSE="doc +gnutls gssapi java libproxy nls smartcard static-libs"
-
-DEPEND="dev-libs/libxml2
- sys-libs/zlib
- !gnutls? (
- >=dev-libs/openssl-1.0.1h:0[static-libs?]
- )
- gnutls? (
- >=net-libs/gnutls-3[static-libs?] dev-libs/nettle
- app-misc/ca-certificates
- )
- gssapi? ( virtual/krb5 )
- libproxy? ( net-libs/libproxy )
- nls? ( virtual/libintl )
- smartcard? ( sys-apps/pcsc-lite:0= )"
-RDEPEND="${DEPEND}
- sys-apps/iproute2
- !<sys-apps/openrc-0.13"
-DEPEND="${DEPEND}
- virtual/pkgconfig
- doc? ( ${PYTHON_DEPS} sys-apps/groff )
- java? ( >=virtual/jdk-1.6 )
- nls? ( sys-devel/gettext )"
-
-CONFIG_CHECK="~TUN"
-
-pkg_pretend() {
- check_extra_config
-}
-
-pkg_setup() {
- java-pkg-opt-2_pkg_setup
-
- if use doc; then
- python-any-r1_pkg_setup
- fi
-}
-
-src_configure() {
- local ilinguas="ar cs de el en_GB en_US es eu fi fr gl id lt nl pa pl pt pt_BR sk sl tg ug uk zh_CN zh_TW"
- strip-linguas ${ilinguas}
- echo ${LINGUAS} > po/LINGUAS
- if ! use doc; then
- # If the python cannot be found, the docs will not build
- sed -e 's#"${ac_cv_path_PYTHON}"#""#' -i configure || die
- fi
-
- # stoken and liboath not in portage
- econf \
- --with-vpnc-script="${EPREFIX}/etc/openconnect/openconnect.sh" \
- $(use_enable static-libs static) \
- $(use_enable nls ) \
- $(use_with !gnutls openssl) \
- $(use_with gnutls ) \
- $(use_with libproxy) \
- --without-stoken \
- $(use_with gssapi) \
- $(use_with smartcard libpcsclite) \
- $(use_with java)
-}
-
-DOC_CONTENTS="The init script for openconnect supports multiple vpn tunnels.
-
-You need to create a symbolic link to /etc/init.d/openconnect in /etc/init.d
-instead of calling it directly:
-
-ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0
-
-You can then start the vpn tunnel like this:
-
-/etc/init.d/openconnect.vpn0 start
-
-If you would like to run preup, postup, predown, and/or postdown scripts,
-You need to create a directory in /etc/openconnect with the name of the vpn:
-
-mkdir /etc/openconnect/vpn0
-
-Then add executable shell files:
-
-mkdir /etc/openconnect/vpn0
-cd /etc/openconnect/vpn0
-echo '#!/bin/sh' > preup.sh
-cp preup.sh predown.sh
-cp preup.sh postup.sh
-cp preup.sh postdown.sh
-chmod 755 /etc/openconnect/vpn0/*
-"
-
-src_install() {
- emake DESTDIR="${D}" install
-
- dodoc AUTHORS TODO
- newinitd "${FILESDIR}"/openconnect.init.in-r4 openconnect
- dodir /etc/openconnect
- insinto /etc/openconnect
- newconfd "${FILESDIR}"/openconnect.conf.in openconnect
- exeinto /etc/openconnect
- newexe "${WORKDIR}"/vpnc-scripts-${VPNC_VER}/vpnc-script openconnect.sh
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/openconnect.logrotate openconnect
- keepdir /var/log/openconnect
-
- # Remove useless .la files
- prune_libtool_files --all
-
- readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- readme.gentoo_print_elog
- if [[ -z ${REPLACING_VERSIONS} ]]; then
- elog
- elog "You may want to consider installing the following optional packages."
- optfeature "resolvconf support" net-dns/openresolv
- fi
-}
diff --git a/net-vpn/openconnect/openconnect-7.06-r4.ebuild b/net-vpn/openconnect/openconnect-7.06-r4.ebuild
deleted file mode 100644
index c56cb72b396b..000000000000
--- a/net-vpn/openconnect/openconnect-7.06-r4.ebuild
+++ /dev/null
@@ -1,138 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="5"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="xml"
-
-inherit eutils java-pkg-opt-2 linux-info python-any-r1 readme.gentoo
-
-DESCRIPTION="Free client for Cisco AnyConnect SSL VPN software"
-HOMEPAGE="http://www.infradead.org/openconnect.html"
-VPNC_VER=20140806
-SRC_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz
- ftp://ftp.infradead.org/pub/vpnc-scripts/vpnc-scripts-${VPNC_VER}.tar.gz"
-
-LICENSE="LGPL-2.1 GPL-2"
-SLOT="0/5"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
-IUSE="doc +gnutls gssapi java libproxy libressl nls smartcard static-libs stoken"
-
-DEPEND="dev-libs/libxml2
- sys-libs/zlib
- !gnutls? (
- !libressl? ( >=dev-libs/openssl-1.0.1h:0=[static-libs?] )
- libressl? ( dev-libs/libressl:0=[static-libs?] )
- )
- gnutls? (
- app-misc/ca-certificates
- dev-libs/nettle
- >=net-libs/gnutls-3:0=[static-libs?]
- )
- gssapi? ( virtual/krb5 )
- libproxy? ( net-libs/libproxy )
- nls? ( virtual/libintl )
- smartcard? ( sys-apps/pcsc-lite:0= )
- stoken? ( app-crypt/stoken )"
-RDEPEND="${DEPEND}
- sys-apps/iproute2
- !<sys-apps/openrc-0.13"
-DEPEND="${DEPEND}
- virtual/pkgconfig
- doc? ( ${PYTHON_DEPS} sys-apps/groff )
- java? ( >=virtual/jdk-1.6 )
- nls? ( sys-devel/gettext )"
-
-CONFIG_CHECK="~TUN"
-
-pkg_pretend() {
- check_extra_config
-}
-
-pkg_setup() {
- java-pkg-opt-2_pkg_setup
-
- if use doc; then
- python-any-r1_pkg_setup
- fi
-}
-
-src_configure() {
- local ilinguas="ar cs de el en_GB en_US es eu fi fr gl id lt nl pa pl pt pt_BR sk sl tg ug uk zh_CN zh_TW"
- strip-linguas ${ilinguas}
- echo ${LINGUAS} > po/LINGUAS
- if ! use doc; then
- # If the python cannot be found, the docs will not build
- sed -e 's#"${ac_cv_path_PYTHON}"#""#' -i configure || die
- fi
-
- # liboath not in portage
- econf \
- --with-vpnc-script="${EPREFIX}/etc/openconnect/openconnect.sh" \
- $(use_enable static-libs static) \
- $(use_enable nls ) \
- $(use_with !gnutls openssl) \
- $(use_with gnutls ) \
- $(use_with libproxy) \
- $(use_with gssapi) \
- $(use_with smartcard libpcsclite) \
- $(use_with stoken) \
- $(use_with java)
-}
-
-DOC_CONTENTS="The init script for openconnect supports multiple vpn tunnels.
-
-You need to create a symbolic link to /etc/init.d/openconnect in /etc/init.d
-instead of calling it directly:
-
-ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0
-
-You can then start the vpn tunnel like this:
-
-/etc/init.d/openconnect.vpn0 start
-
-If you would like to run preup, postup, predown, and/or postdown scripts,
-You need to create a directory in /etc/openconnect with the name of the vpn:
-
-mkdir /etc/openconnect/vpn0
-
-Then add executable shell files:
-
-mkdir /etc/openconnect/vpn0
-cd /etc/openconnect/vpn0
-echo '#!/bin/sh' > preup.sh
-cp preup.sh predown.sh
-cp preup.sh postup.sh
-cp preup.sh postdown.sh
-chmod 755 /etc/openconnect/vpn0/*
-"
-
-src_install() {
- emake DESTDIR="${D}" install
-
- dodoc AUTHORS TODO
- newinitd "${FILESDIR}"/openconnect.init.in-r4 openconnect
- dodir /etc/openconnect
- insinto /etc/openconnect
- newconfd "${FILESDIR}"/openconnect.conf.in openconnect
- exeinto /etc/openconnect
- newexe "${WORKDIR}"/vpnc-scripts-${VPNC_VER}/vpnc-script openconnect.sh
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/openconnect.logrotate openconnect
- keepdir /var/log/openconnect
-
- # Remove useless .la files
- prune_libtool_files --all
-
- readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- readme.gentoo_print_elog
- if [[ -z ${REPLACING_VERSIONS} ]]; then
- elog
- elog "You may want to consider installing the following optional packages."
- optfeature "resolvconf support" net-dns/openresolv
- fi
-}
diff --git a/net-vpn/openconnect/openconnect-7.06_p20160614.ebuild b/net-vpn/openconnect/openconnect-7.06_p20160614.ebuild
deleted file mode 100644
index 8702eba983c5..000000000000
--- a/net-vpn/openconnect/openconnect-7.06_p20160614.ebuild
+++ /dev/null
@@ -1,156 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="xml"
-
-inherit eutils java-pkg-opt-2 linux-info python-any-r1 readme.gentoo-r1
-
-if [[ ${PV} == 9999 ]]; then
- EGIT_REPO_URI="git://git.infradead.org/users/dwmw2/${PN}.git"
- inherit git-r3 autotools
-else
- inherit autotools
- ARCHIVE_URI="https://dev.gentoo.org/~williamh/dist/${P}.tar.gz"
- KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
-fi
-VPNC_VER=20140806
-SRC_URI="${ARCHIVE_URI}
- ftp://ftp.infradead.org/pub/vpnc-scripts/vpnc-scripts-${VPNC_VER}.tar.gz"
-
-DESCRIPTION="Free client for Cisco AnyConnect SSL VPN software"
-HOMEPAGE="http://www.infradead.org/openconnect.html"
-
-LICENSE="LGPL-2.1 GPL-2"
-SLOT="0/5"
-IUSE="doc +gnutls gssapi java libproxy nls smartcard static-libs stoken"
-
-DEPEND="dev-libs/libxml2
- sys-libs/zlib
- !gnutls? (
- >=dev-libs/openssl-1.0.1h:0[static-libs?]
- )
- gnutls? (
- >=net-libs/gnutls-3:0=[static-libs?] dev-libs/nettle
- app-misc/ca-certificates
- )
- gssapi? ( virtual/krb5 )
- libproxy? ( net-libs/libproxy )
- nls? ( virtual/libintl )
- smartcard? ( sys-apps/pcsc-lite:0= )
- stoken? ( app-crypt/stoken )"
-RDEPEND="${DEPEND}
- sys-apps/iproute2
- !<sys-apps/openrc-0.13"
-DEPEND="${DEPEND}
- virtual/pkgconfig
- doc? ( ${PYTHON_DEPS} sys-apps/groff )
- java? ( >=virtual/jdk-1.6 )
- nls? ( sys-devel/gettext )"
-
-CONFIG_CHECK="~TUN"
-
-pkg_pretend() {
- check_extra_config
-}
-
-pkg_setup() {
- java-pkg-opt-2_pkg_setup
-}
-
-src_unpack() {
- if [[ ${PV} == 9999 ]]; then
- git-r3_src_unpack
- fi
- default
-}
-
-src_prepare() {
- default
- eautoreconf
-}
-
-src_configure() {
- if [[ ${LINGUAS+set} == set ]]; then
- strip-linguas -u po
- echo "${LINGUAS}" > po/LINGUAS || die
- fi
-
- if use doc; then
- python_setup
- else
- # If the python cannot be found, the docs will not build
- sed -e 's#"${ac_cv_path_PYTHON}"#""#' -i configure || die
- fi
-
- # liboath not in portage
- econf \
- --with-vpnc-script="${EPREFIX}/etc/openconnect/openconnect.sh" \
- $(use_enable static-libs static) \
- $(use_enable nls ) \
- $(use_with !gnutls openssl) \
- $(use_with gnutls ) \
- $(use_with libproxy) \
- $(use_with gssapi) \
- $(use_with smartcard libpcsclite) \
- $(use_with stoken) \
- $(use_with java)
-}
-
-DOC_CONTENTS="The init script for openconnect supports multiple vpn tunnels.
-
-You need to create a symbolic link to /etc/init.d/openconnect in /etc/init.d
-instead of calling it directly:
-
-ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0
-
-You can then start the vpn tunnel like this:
-
-/etc/init.d/openconnect.vpn0 start
-
-If you would like to run preup, postup, predown, and/or postdown scripts,
-You need to create a directory in /etc/openconnect with the name of the vpn:
-
-mkdir /etc/openconnect/vpn0
-
-Then add executable shell files:
-
-mkdir /etc/openconnect/vpn0
-cd /etc/openconnect/vpn0
-echo '#!/bin/sh' > preup.sh
-cp preup.sh predown.sh
-cp preup.sh postup.sh
-cp preup.sh postdown.sh
-chmod 755 /etc/openconnect/vpn0/*
-"
-
-src_install() {
- emake DESTDIR="${D}" install
-
- dodoc AUTHORS TODO
- newinitd "${FILESDIR}"/openconnect.init.in-r4 openconnect
- dodir /etc/openconnect
- insinto /etc/openconnect
- newconfd "${FILESDIR}"/openconnect.conf.in openconnect
- exeinto /etc/openconnect
- newexe "${WORKDIR}"/vpnc-scripts-${VPNC_VER}/vpnc-script openconnect.sh
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/openconnect.logrotate openconnect
- keepdir /var/log/openconnect
-
- # Remove useless .la files
- prune_libtool_files --all
-
- readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- readme.gentoo_print_elog
- if [[ -z ${REPLACING_VERSIONS} ]]; then
- elog
- elog "You may want to consider installing the following optional packages."
- optfeature "resolvconf support" net-dns/openresolv
- fi
-}
diff --git a/net-vpn/openconnect/openconnect-7.07-r1.ebuild b/net-vpn/openconnect/openconnect-7.07-r1.ebuild
deleted file mode 100644
index fac6e34d7ead..000000000000
--- a/net-vpn/openconnect/openconnect-7.07-r1.ebuild
+++ /dev/null
@@ -1,157 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="xml"
-
-inherit eutils java-pkg-opt-2 linux-info python-any-r1 readme.gentoo-r1
-
-if [[ ${PV} == 9999 ]]; then
- EGIT_REPO_URI="git://git.infradead.org/users/dwmw2/${PN}.git"
- inherit git-r3 autotools
-else
- ARCHIVE_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz"
- KEYWORDS="amd64 ~arm ~arm64 ~ppc64 ~x86"
-fi
-VPNC_VER=20160829
-SRC_URI="${ARCHIVE_URI}
- ftp://ftp.infradead.org/pub/vpnc-scripts/vpnc-scripts-${VPNC_VER}.tar.gz"
-
-DESCRIPTION="Free client for Cisco AnyConnect SSL VPN software"
-HOMEPAGE="http://www.infradead.org/openconnect.html"
-
-LICENSE="LGPL-2.1 GPL-2"
-SLOT="0/5"
-IUSE="doc +gnutls gssapi java libproxy nls smartcard static-libs stoken"
-
-DEPEND="dev-libs/libxml2
- sys-libs/zlib
- !gnutls? (
- >=dev-libs/openssl-1.0.1h:0[static-libs?]
- )
- gnutls? (
- >=net-libs/gnutls-3:0=[static-libs?] dev-libs/nettle
- app-misc/ca-certificates
- )
- gssapi? ( virtual/krb5 )
- libproxy? ( net-libs/libproxy )
- nls? ( virtual/libintl )
- smartcard? ( sys-apps/pcsc-lite:0= )
- stoken? ( app-crypt/stoken )"
-RDEPEND="${DEPEND}
- sys-apps/iproute2
- !<sys-apps/openrc-0.13"
-DEPEND="${DEPEND}
- virtual/pkgconfig
- doc? ( ${PYTHON_DEPS} sys-apps/groff )
- java? ( >=virtual/jdk-1.6 )
- nls? ( sys-devel/gettext )"
-
-CONFIG_CHECK="~TUN"
-
-pkg_pretend() {
- check_extra_config
-}
-
-pkg_setup() {
- java-pkg-opt-2_pkg_setup
-}
-
-src_unpack() {
- if [[ ${PV} == 9999 ]]; then
- git-r3_src_unpack
- fi
- default
-}
-
-src_prepare() {
- default
- if [[ ${PV} == 9999 ]]; then
- eautoreconf
- fi
-}
-
-src_configure() {
- if [[ ${LINGUAS+set} == set ]]; then
- strip-linguas -u po
- echo "${LINGUAS}" > po/LINGUAS || die
- fi
-
- if use doc; then
- python_setup
- else
- # If the python cannot be found, the docs will not build
- sed -e 's#"${ac_cv_path_PYTHON}"#""#' -i configure || die
- fi
-
- # liboath not in portage
- econf \
- --with-vpnc-script="${EPREFIX}/etc/openconnect/openconnect.sh" \
- $(use_enable static-libs static) \
- $(use_enable nls ) \
- $(use_with !gnutls openssl) \
- $(use_with gnutls ) \
- $(use_with libproxy) \
- $(use_with gssapi) \
- $(use_with smartcard libpcsclite) \
- $(use_with stoken) \
- $(use_with java)
-}
-
-DOC_CONTENTS="The init script for openconnect supports multiple vpn tunnels.
-
-You need to create a symbolic link to /etc/init.d/openconnect in /etc/init.d
-instead of calling it directly:
-
-ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0
-
-You can then start the vpn tunnel like this:
-
-/etc/init.d/openconnect.vpn0 start
-
-If you would like to run preup, postup, predown, and/or postdown scripts,
-You need to create a directory in /etc/openconnect with the name of the vpn:
-
-mkdir /etc/openconnect/vpn0
-
-Then add executable shell files:
-
-mkdir /etc/openconnect/vpn0
-cd /etc/openconnect/vpn0
-echo '#!/bin/sh' > preup.sh
-cp preup.sh predown.sh
-cp preup.sh postup.sh
-cp preup.sh postdown.sh
-chmod 755 /etc/openconnect/vpn0/*
-"
-
-src_install() {
- emake DESTDIR="${D}" install
-
- dodoc AUTHORS TODO
- newinitd "${FILESDIR}"/openconnect.init.in-r4 openconnect
- dodir /etc/openconnect
- insinto /etc/openconnect
- newconfd "${FILESDIR}"/openconnect.conf.in openconnect
- exeinto /etc/openconnect
- newexe "${WORKDIR}"/vpnc-scripts-${VPNC_VER}/vpnc-script openconnect.sh
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/openconnect.logrotate openconnect
- keepdir /var/log/openconnect
-
- # Remove useless .la files
- prune_libtool_files --all
-
- readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- readme.gentoo_print_elog
- if [[ -z ${REPLACING_VERSIONS} ]]; then
- elog
- elog "You may want to consider installing the following optional packages."
- optfeature "resolvconf support" net-dns/openresolv
- fi
-}
diff --git a/net-vpn/openconnect/openconnect-7.07-r2.ebuild b/net-vpn/openconnect/openconnect-7.07-r2.ebuild
deleted file mode 100644
index 5c8982b1bca5..000000000000
--- a/net-vpn/openconnect/openconnect-7.07-r2.ebuild
+++ /dev/null
@@ -1,163 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="xml"
-
-inherit eutils java-pkg-opt-2 linux-info python-any-r1 readme.gentoo-r1
-
-if [[ ${PV} == 9999 ]]; then
- EGIT_REPO_URI="git://git.infradead.org/users/dwmw2/${PN}.git"
- inherit git-r3 autotools
-else
- ARCHIVE_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz"
- KEYWORDS="amd64 arm ~arm64 ppc64 x86"
-fi
-VPNC_VER=20160829
-SRC_URI="${ARCHIVE_URI}
- ftp://ftp.infradead.org/pub/vpnc-scripts/vpnc-scripts-${VPNC_VER}.tar.gz"
-
-DESCRIPTION="Free client for Cisco AnyConnect SSL VPN software"
-HOMEPAGE="http://www.infradead.org/openconnect.html"
-
-LICENSE="LGPL-2.1 GPL-2"
-SLOT="0/5"
-IUSE="doc +gnutls gssapi java libproxy lz4 nls smartcard static-libs stoken"
-
-DEPEND="dev-libs/libxml2
- sys-libs/zlib
- !gnutls? (
- >=dev-libs/openssl-1.0.1h:0[static-libs?]
- )
- gnutls? (
- >=net-libs/gnutls-3:0=[static-libs?] dev-libs/nettle
- app-misc/ca-certificates
- )
- gssapi? ( virtual/krb5 )
- libproxy? ( net-libs/libproxy )
- lz4? ( app-arch/lz4:= )
- nls? ( virtual/libintl )
- smartcard? ( sys-apps/pcsc-lite:0= )
- stoken? ( app-crypt/stoken )"
-RDEPEND="${DEPEND}
- sys-apps/iproute2
- !<sys-apps/openrc-0.13"
-DEPEND="${DEPEND}
- virtual/pkgconfig
- doc? ( ${PYTHON_DEPS} sys-apps/groff )
- java? ( >=virtual/jdk-1.6 )
- nls? ( sys-devel/gettext )"
-
-CONFIG_CHECK="~TUN"
-
-PATCHES=(
- "${FILESDIR}"/${P}-mimic-pulse-client.patch
-)
-
-pkg_pretend() {
- check_extra_config
-}
-
-pkg_setup() {
- java-pkg-opt-2_pkg_setup
-}
-
-src_unpack() {
- if [[ ${PV} == 9999 ]]; then
- git-r3_src_unpack
- fi
- default
-}
-
-src_prepare() {
- default
- if [[ ${PV} == 9999 ]]; then
- eautoreconf
- fi
-}
-
-src_configure() {
- if [[ ${LINGUAS+set} == set ]]; then
- strip-linguas -u po
- echo "${LINGUAS}" > po/LINGUAS || die
- fi
-
- if use doc; then
- python_setup
- else
- # If the python cannot be found, the docs will not build
- sed -e 's#"${ac_cv_path_PYTHON}"#""#' -i configure || die
- fi
-
- # liboath not in portage
- econf \
- --with-vpnc-script="${EPREFIX}/etc/openconnect/openconnect.sh" \
- $(use_enable static-libs static) \
- $(use_enable nls ) \
- $(use_with !gnutls openssl) \
- $(use_with gnutls ) \
- $(use_with libproxy) \
- $(use_with lz4) \
- $(use_with gssapi) \
- $(use_with smartcard libpcsclite) \
- $(use_with stoken) \
- $(use_with java)
-}
-
-DOC_CONTENTS="The init script for openconnect supports multiple vpn tunnels.
-
-You need to create a symbolic link to /etc/init.d/openconnect in /etc/init.d
-instead of calling it directly:
-
-ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0
-
-You can then start the vpn tunnel like this:
-
-/etc/init.d/openconnect.vpn0 start
-
-If you would like to run preup, postup, predown, and/or postdown scripts,
-You need to create a directory in /etc/openconnect with the name of the vpn:
-
-mkdir /etc/openconnect/vpn0
-
-Then add executable shell files:
-
-mkdir /etc/openconnect/vpn0
-cd /etc/openconnect/vpn0
-echo '#!/bin/sh' > preup.sh
-cp preup.sh predown.sh
-cp preup.sh postup.sh
-cp preup.sh postdown.sh
-chmod 755 /etc/openconnect/vpn0/*
-"
-
-src_install() {
- emake DESTDIR="${D}" install
-
- dodoc AUTHORS TODO
- newinitd "${FILESDIR}"/openconnect.init.in-r4 openconnect
- dodir /etc/openconnect
- insinto /etc/openconnect
- newconfd "${FILESDIR}"/openconnect.conf.in openconnect
- exeinto /etc/openconnect
- newexe "${WORKDIR}"/vpnc-scripts-${VPNC_VER}/vpnc-script openconnect.sh
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/openconnect.logrotate openconnect
- keepdir /var/log/openconnect
-
- # Remove useless .la files
- prune_libtool_files --all
-
- readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- readme.gentoo_print_elog
- if [[ -z ${REPLACING_VERSIONS} ]]; then
- elog
- elog "You may want to consider installing the following optional packages."
- optfeature "resolvconf support" net-dns/openresolv
- fi
-}
diff --git a/net-vpn/openconnect/openconnect-7.07-r3.ebuild b/net-vpn/openconnect/openconnect-7.07-r3.ebuild
deleted file mode 100644
index f0b04fd6c339..000000000000
--- a/net-vpn/openconnect/openconnect-7.07-r3.ebuild
+++ /dev/null
@@ -1,167 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="xml"
-
-inherit eutils java-pkg-opt-2 linux-info python-any-r1 readme.gentoo-r1
-
-if [[ ${PV} == 9999 ]]; then
- EGIT_REPO_URI="git://git.infradead.org/users/dwmw2/${PN}.git"
- inherit git-r3 autotools
-else
- ARCHIVE_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz"
- KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
-fi
-VPNC_VER=20160829
-SRC_URI="${ARCHIVE_URI}
- ftp://ftp.infradead.org/pub/vpnc-scripts/vpnc-scripts-${VPNC_VER}.tar.gz"
-
-DESCRIPTION="Free client for Cisco AnyConnect SSL VPN software"
-HOMEPAGE="http://www.infradead.org/openconnect.html"
-
-LICENSE="LGPL-2.1 GPL-2"
-SLOT="0/5"
-IUSE="doc +gnutls gssapi java libproxy libressl lz4 nls smartcard static-libs stoken"
-
-DEPEND="
- dev-libs/libxml2
- sys-libs/zlib
- !gnutls? (
- !libressl? ( >=dev-libs/openssl-1.0.1h:0=[static-libs?] )
- libressl? ( dev-libs/libressl:0=[static-libs?] )
- )
- gnutls? (
- app-misc/ca-certificates
- dev-libs/nettle
- >=net-libs/gnutls-3:0=[static-libs?]
- )
- gssapi? ( virtual/krb5 )
- libproxy? ( net-libs/libproxy )
- lz4? ( app-arch/lz4:= )
- nls? ( virtual/libintl )
- smartcard? ( sys-apps/pcsc-lite:0= )
- stoken? ( app-crypt/stoken )"
-RDEPEND="${DEPEND}
- sys-apps/iproute2
- !<sys-apps/openrc-0.13"
-DEPEND="${DEPEND}
- virtual/pkgconfig
- doc? ( ${PYTHON_DEPS} sys-apps/groff )
- java? ( >=virtual/jdk-1.6 )
- nls? ( sys-devel/gettext )"
-
-CONFIG_CHECK="~TUN"
-
-PATCHES=(
- "${FILESDIR}"/${P}-mimic-pulse-client.patch
- "${FILESDIR}"/${P}-libressl.patch
-)
-
-pkg_pretend() {
- check_extra_config
-}
-
-pkg_setup() {
- java-pkg-opt-2_pkg_setup
-}
-
-src_unpack() {
- if [[ ${PV} == 9999 ]]; then
- git-r3_src_unpack
- fi
- default
-}
-
-src_prepare() {
- default
- if [[ ${PV} == 9999 ]]; then
- eautoreconf
- fi
-}
-
-src_configure() {
- if [[ ${LINGUAS+set} == set ]]; then
- strip-linguas -u po
- echo "${LINGUAS}" > po/LINGUAS || die
- fi
-
- if use doc; then
- python_setup
- else
- # If the python cannot be found, the docs will not build
- sed -e 's#"${ac_cv_path_PYTHON}"#""#' -i configure || die
- fi
-
- # liboath not in portage
- econf \
- --with-vpnc-script="${EPREFIX}/etc/openconnect/openconnect.sh" \
- $(use_enable static-libs static) \
- $(use_enable nls ) \
- $(use_with !gnutls openssl) \
- $(use_with gnutls ) \
- $(use_with libproxy) \
- $(use_with lz4) \
- $(use_with gssapi) \
- $(use_with smartcard libpcsclite) \
- $(use_with stoken) \
- $(use_with java)
-}
-
-DOC_CONTENTS="The init script for openconnect supports multiple vpn tunnels.
-
-You need to create a symbolic link to /etc/init.d/openconnect in /etc/init.d
-instead of calling it directly:
-
-ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0
-
-You can then start the vpn tunnel like this:
-
-/etc/init.d/openconnect.vpn0 start
-
-If you would like to run preup, postup, predown, and/or postdown scripts,
-You need to create a directory in /etc/openconnect with the name of the vpn:
-
-mkdir /etc/openconnect/vpn0
-
-Then add executable shell files:
-
-mkdir /etc/openconnect/vpn0
-cd /etc/openconnect/vpn0
-echo '#!/bin/sh' > preup.sh
-cp preup.sh predown.sh
-cp preup.sh postup.sh
-cp preup.sh postdown.sh
-chmod 755 /etc/openconnect/vpn0/*
-"
-
-src_install() {
- emake DESTDIR="${D}" install
-
- dodoc AUTHORS TODO
- newinitd "${FILESDIR}"/openconnect.init.in-r4 openconnect
- dodir /etc/openconnect
- insinto /etc/openconnect
- newconfd "${FILESDIR}"/openconnect.conf.in openconnect
- exeinto /etc/openconnect
- newexe "${WORKDIR}"/vpnc-scripts-${VPNC_VER}/vpnc-script openconnect.sh
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/openconnect.logrotate openconnect
- keepdir /var/log/openconnect
-
- # Remove useless .la files
- prune_libtool_files --all
-
- readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- readme.gentoo_print_elog
- if [[ -z ${REPLACING_VERSIONS} ]]; then
- elog
- elog "You may want to consider installing the following optional packages."
- optfeature "resolvconf support" net-dns/openresolv
- fi
-}
diff --git a/net-vpn/openconnect/openconnect-7.08-r1.ebuild b/net-vpn/openconnect/openconnect-7.08-r1.ebuild
index 2eae9776f6ac..46f90fa74f44 100644
--- a/net-vpn/openconnect/openconnect-7.08-r1.ebuild
+++ b/net-vpn/openconnect/openconnect-7.08-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=6
@@ -13,7 +13,7 @@ if [[ ${PV} == 9999 ]]; then
inherit git-r3 autotools
else
ARCHIVE_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz"
- KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
+ KEYWORDS="amd64 arm ~arm64 ppc64 x86"
fi
VPNC_VER=20180227
SRC_URI="${ARCHIVE_URI}
@@ -157,6 +157,6 @@ pkg_postinst() {
if [[ -z ${REPLACING_VERSIONS} ]]; then
elog
elog "You may want to consider installing the following optional packages."
- optfeature "resolvconf support" net-dns/openresolv
+ optfeature "resolvconf support" virtual/resolvconf
fi
}
diff --git a/net-vpn/openconnect/openconnect-7.08.ebuild b/net-vpn/openconnect/openconnect-7.08.ebuild
deleted file mode 100644
index e233f30d0203..000000000000
--- a/net-vpn/openconnect/openconnect-7.08.ebuild
+++ /dev/null
@@ -1,162 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="xml"
-
-inherit eutils java-pkg-opt-2 linux-info python-any-r1 readme.gentoo-r1
-
-if [[ ${PV} == 9999 ]]; then
- EGIT_REPO_URI="git://git.infradead.org/users/dwmw2/${PN}.git"
- inherit git-r3 autotools
-else
- ARCHIVE_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz"
- KEYWORDS="amd64 arm ~arm64 ppc64 x86"
-fi
-VPNC_VER=20160829
-SRC_URI="${ARCHIVE_URI}
- ftp://ftp.infradead.org/pub/vpnc-scripts/vpnc-scripts-${VPNC_VER}.tar.gz"
-
-DESCRIPTION="Free client for Cisco AnyConnect SSL VPN software"
-HOMEPAGE="http://www.infradead.org/openconnect.html"
-
-LICENSE="LGPL-2.1 GPL-2"
-SLOT="0/5"
-IUSE="doc +gnutls gssapi java libproxy libressl lz4 nls smartcard static-libs stoken"
-
-DEPEND="
- dev-libs/libxml2
- sys-libs/zlib
- !gnutls? (
- !libressl? ( >=dev-libs/openssl-1.0.1h:0=[static-libs?] )
- libressl? ( dev-libs/libressl:0=[static-libs?] )
- )
- gnutls? (
- app-misc/ca-certificates
- dev-libs/nettle
- >=net-libs/gnutls-3:0=[static-libs?]
- )
- gssapi? ( virtual/krb5 )
- libproxy? ( net-libs/libproxy )
- lz4? ( app-arch/lz4:= )
- nls? ( virtual/libintl )
- smartcard? ( sys-apps/pcsc-lite:0= )
- stoken? ( app-crypt/stoken )"
-RDEPEND="${DEPEND}
- sys-apps/iproute2
- !<sys-apps/openrc-0.13"
-DEPEND="${DEPEND}
- virtual/pkgconfig
- doc? ( ${PYTHON_DEPS} sys-apps/groff )
- java? ( >=virtual/jdk-1.6 )
- nls? ( sys-devel/gettext )"
-
-CONFIG_CHECK="~TUN"
-
-pkg_pretend() {
- check_extra_config
-}
-
-pkg_setup() {
- java-pkg-opt-2_pkg_setup
-}
-
-src_unpack() {
- if [[ ${PV} == 9999 ]]; then
- git-r3_src_unpack
- fi
- default
-}
-
-src_prepare() {
- default
- if [[ ${PV} == 9999 ]]; then
- eautoreconf
- fi
-}
-
-src_configure() {
- if [[ ${LINGUAS+set} == set ]]; then
- strip-linguas -u po
- echo "${LINGUAS}" > po/LINGUAS || die
- fi
-
- if use doc; then
- python_setup
- else
- export PYTHON=/bin/false
- fi
-
- local myconf=(
- --with-vpnc-script="${EPREFIX}/etc/openconnect/openconnect.sh"
- --without-openssl-version-check
- $(use_enable static-libs static)
- $(use_enable nls)
- $(use_with !gnutls openssl)
- $(use_with gnutls)
- $(use_with libproxy)
- $(use_with lz4)
- $(use_with gssapi)
- $(use_with smartcard libpcsclite)
- $(use_with stoken)
- $(use_with java)
- )
-
- econf "${myconf[@]}"
-}
-
-DOC_CONTENTS="The init script for openconnect supports multiple vpn tunnels.
-
-You need to create a symbolic link to /etc/init.d/openconnect in /etc/init.d
-instead of calling it directly:
-
-ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0
-
-You can then start the vpn tunnel like this:
-
-/etc/init.d/openconnect.vpn0 start
-
-If you would like to run preup, postup, predown, and/or postdown scripts,
-You need to create a directory in /etc/openconnect with the name of the vpn:
-
-mkdir /etc/openconnect/vpn0
-
-Then add executable shell files:
-
-mkdir /etc/openconnect/vpn0
-cd /etc/openconnect/vpn0
-echo '#!/bin/sh' > preup.sh
-cp preup.sh predown.sh
-cp preup.sh postup.sh
-cp preup.sh postdown.sh
-chmod 755 /etc/openconnect/vpn0/*
-"
-
-src_install() {
- default
-
- newinitd "${FILESDIR}"/openconnect.init.in-r4 openconnect
- dodir /etc/openconnect
- insinto /etc/openconnect
- newconfd "${FILESDIR}"/openconnect.conf.in openconnect
- exeinto /etc/openconnect
- newexe "${WORKDIR}"/vpnc-scripts-${VPNC_VER}/vpnc-script openconnect.sh
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/openconnect.logrotate openconnect
- keepdir /var/log/openconnect
-
- prune_libtool_files
-
- readme.gentoo_create_doc
-}
-
-pkg_postinst() {
- readme.gentoo_print_elog
- if [[ -z ${REPLACING_VERSIONS} ]]; then
- elog
- elog "You may want to consider installing the following optional packages."
- optfeature "resolvconf support" net-dns/openresolv
- fi
-}
diff --git a/net-vpn/openconnect/openconnect-9999.ebuild b/net-vpn/openconnect/openconnect-9999.ebuild
index 2eae9776f6ac..e5bb8a5a9d59 100644
--- a/net-vpn/openconnect/openconnect-9999.ebuild
+++ b/net-vpn/openconnect/openconnect-9999.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=6
@@ -157,6 +157,6 @@ pkg_postinst() {
if [[ -z ${REPLACING_VERSIONS} ]]; then
elog
elog "You may want to consider installing the following optional packages."
- optfeature "resolvconf support" net-dns/openresolv
+ optfeature "resolvconf support" virtual/resolvconf
fi
}
diff --git a/net-vpn/strongswan/Manifest b/net-vpn/strongswan/Manifest
index b2c688e64ee7..c7a07eb5e72f 100644
--- a/net-vpn/strongswan/Manifest
+++ b/net-vpn/strongswan/Manifest
@@ -1,11 +1,10 @@
AUX ipsec 451 BLAKE2B deb3fff7043e04c1630119bb0cbbd6fa9b6f15666131ac9744a32d35cf3bc0629fe99cf9936b9cdb464627c1a8c121b8485f164166efda428825a55aab557d18 SHA512 d11ccc36ee89df5974547441fdb6c539dd3a7a5e235e318c1beddca7d4f5cace857f2dc75752e6fa913177eec9c3afcbed52de5bc08e8c314096d439cbc3bc6c
-DIST strongswan-5.5.3.tar.bz2 4768820 BLAKE2B 9f9da6c2ef27cec7f6a07f1cd5a7ecc8a92576fad2a5c6379b93d8a2e9d3b0804fe26dc0bc7b303754ef499ee938549c7cafbdf9a3f8f818d14cf88f613fe0fd SHA512 0b0b25d2102c98cda54300dc8c3c3a49a55e64f7c695dda65a24f2194f19bce0b7aab9e4f7486c243b552f9d1a94867d6a8782ee504aad1c9973809706d599ac
DIST strongswan-5.6.0.tar.bz2 4850722 BLAKE2B edb9f2b277cd8bccf886a824e4b3fb3c06af7510d9e21283fcb8d8ba9cf234f38182fcd1ca0c350b4039945ab10888406986d9a0b8edac24fe09faf0b8967fb2 SHA512 9362069a01c3642e62864d88fdb409a3c7514bf7c92cbe36e552c6a80915119cf5bb91c39592aab2d15b562684a0628a764e4fa7636d3b5fd2ebaf165c0ce649
DIST strongswan-5.6.2.tar.bz2 4977859 BLAKE2B 83943ec95e6b95724e9fc130a09f7c7364147d0ce50528ac8b64452db53516b143e92c7dcb746c0c25aaac9182dda14d55e5c267fbdcd5bb9a63cbf48801274b SHA512 cf2d5cb6c45d991fe0ad8eed4ea8628f95a1871e9728ddf0985aa26e78d1e6da1c92c961772aafd3e55cfcfa84516204a15561389d373f78140f05607b248c52
DIST strongswan-5.6.3.tar.bz2 4961579 BLAKE2B 177d9ca9a730c8ccb3293c9f1c1397429879177aef60c90a3561fffed64cd4fe18cdf1c74bd52956c576e061ce33935b7dc34864576edeac7d4824841b0ee3e0 SHA512 080402640952b1a08e95bfe9c7f33c6a7dd01ac401b5e7e2e78257c0f2bf0a4d6078141232ac62abfacef892c493f6824948b3165d54d72b4e436ed564fd2609
-EBUILD strongswan-5.5.3.ebuild 9282 BLAKE2B 5532076749ccebd15e4b8442e5c674fed8fcea88b86cf9d2d60c69764763d3d5320aace805a7a8c8bea5d9d9be645f55aeca8d080212cea313ccd5e296b53061 SHA512 e2042e4aad5d7a3525eeba9164690a9c6563bb7e975ab4887ac17445da5050a57522f9621f576b14f2f871ff22e92cee8e8aebf537e65cfeb649ec94155a47ee
+DIST strongswan-5.7.1.tar.bz2 4967533 BLAKE2B e438d1b44a997eb0e012586b18604bd35ac6f53cce1c34ff89192a760bbd0d6a9aaa7b90b389ff1a5e7c6d2356ff5cc74b40daad1d6579fa5026f4878489bf66 SHA512 43102814434bee7c27a5956be59099cc4ffb9bb5b0d6382ce4c6a80d1d82ed6639f698f5f5544b9ca563554a344638c953525b0e2d39bc6b71b19055c80e07fc
EBUILD strongswan-5.6.0-r1.ebuild 9316 BLAKE2B de030a9ae26d83c6f2aa2bdfadf3c6f29acebaa53b4e3b88389398c0ec8552f9107828afa0a5639471885e83cdf5b982373e9975ecb2567fb79adf3f3b9c6f7a SHA512 d2e6b7a8ce68033203d854429234e5a4600501d3d17db4b3f0b2e7f6c428aac5acbd74b48a88583464a5936467e180f126f269b5b046ebac047c547fa791222e
-EBUILD strongswan-5.6.0.ebuild 9286 BLAKE2B d0d7d0beb3d8a23f2b7594708f02c6eb79f07b3f73ac9f98202a97d3e51aef54f68df2575029db919f5d296e32cf08800ce8f7b904feae2f2e0acfa404c08749 SHA512 8c20bc8946c4b2f405afe37e05ca65bec82346b5eb96d444d0cd2cb8431551241482087799d0929f4fadc0511f2a723f431a254934866119d0ae3060513011d8
EBUILD strongswan-5.6.2.ebuild 9320 BLAKE2B 3d760c087b443d75046c6db3e6dc079d401592588308379716781e25d5310844ec10464ba7791381fa7a6009a8af9217b6f64b442322320fb7cdd2b51ef87c3a SHA512 398534ef23686b54751f238c45a81d53990076eb3e7ff6c4591d5ddaadfb83808c0ad58d0ed46b467562f3c72693a414f4ad9645f51e9129758fcf8d255df8d9
EBUILD strongswan-5.6.3.ebuild 9420 BLAKE2B b05e471c1a11f2a258a3f062c26a80a8a8426f798f09604c78926b2475ea63fc496da910286d94c1989330c7930680efc3cea8a0b97d484532d7e2acb79cbabb SHA512 6f2af391b174d5466e0d315a78884ea642aab521c3ddf1265acbdf28e802eb4c57695ecd612a6ea7f285e7e4245f2498d567079e949373d59db0979b3c54445e
+EBUILD strongswan-5.7.1.ebuild 9428 BLAKE2B f53b002ac83faa010e2e2b746b608c1966f428cc24c06aade953c757ef1ae70f3ec23dc5e9bc85eca8c9d84669a257386bb396106146972788027ca05aa8b623 SHA512 75d2922ee9927587f709291067fe639082733343dde255b3c35e015798c447d48a9a07761920788f848f2f05023240738212df58bf6c3cccca87372fe6a33e10
MISC metadata.xml 4135 BLAKE2B 13739675c455765d7ce73df9744779636d36d3f93eee4567c931fb40e528e56d34912e26a82bd35e377fbd34613c0b7044841ff6c2dc26694187d0de355f8b86 SHA512 e09ef1afdf5002dab542312753cbce56e830b906aa5c5ac8fd5c7b57cbaf021eb0c466241cf810f446693b8dedd90f185f3e2c7a53a0b9a43e14913dcdd83b23
diff --git a/net-vpn/strongswan/strongswan-5.5.3.ebuild b/net-vpn/strongswan/strongswan-5.5.3.ebuild
deleted file mode 100644
index 7cf43b5ece0e..000000000000
--- a/net-vpn/strongswan/strongswan-5.5.3.ebuild
+++ /dev/null
@@ -1,302 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-inherit eutils linux-info systemd user
-
-DESCRIPTION="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE"
-HOMEPAGE="http://www.strongswan.org/"
-SRC_URI="http://download.strongswan.org/${P}.tar.bz2"
-
-LICENSE="GPL-2 RSA DES"
-SLOT="0"
-KEYWORDS="amd64 arm ppc ~ppc64 x86"
-IUSE="+caps curl +constraints debug dhcp eap farp gcrypt +gmp ldap mysql networkmanager +non-root +openssl selinux sqlite pam pkcs11"
-
-STRONGSWAN_PLUGINS_STD="led lookip systime-fix unity vici"
-STRONGSWAN_PLUGINS_OPT="blowfish ccm ctr gcm ha ipseckey ntru padlock rdrand unbound whitelist"
-for mod in $STRONGSWAN_PLUGINS_STD; do
- IUSE="${IUSE} +strongswan_plugins_${mod}"
-done
-
-for mod in $STRONGSWAN_PLUGINS_OPT; do
- IUSE="${IUSE} strongswan_plugins_${mod}"
-done
-
-COMMON_DEPEND="!net-misc/openswan
- gmp? ( >=dev-libs/gmp-4.1.5:= )
- gcrypt? ( dev-libs/libgcrypt:0 )
- caps? ( sys-libs/libcap )
- curl? ( net-misc/curl )
- ldap? ( net-nds/openldap )
- openssl? ( >=dev-libs/openssl-0.9.8:=[-bindist] )
- mysql? ( virtual/mysql )
- sqlite? ( >=dev-db/sqlite-3.3.1 )
- networkmanager? ( net-misc/networkmanager )
- pam? ( sys-libs/pam )
- strongswan_plugins_unbound? ( net-dns/unbound:= net-libs/ldns )"
-DEPEND="${COMMON_DEPEND}
- virtual/linux-sources
- sys-kernel/linux-headers"
-RDEPEND="${COMMON_DEPEND}
- virtual/logger
- sys-apps/iproute2
- !net-vpn/libreswan
- selinux? ( sec-policy/selinux-ipsec )"
-
-UGID="ipsec"
-
-pkg_setup() {
- linux-info_pkg_setup
- elog "Linux kernel version: ${KV_FULL}"
-
- if ! kernel_is -ge 2 6 16; then
- eerror
- eerror "This ebuild currently only supports ${PN} with the"
- eerror "native Linux 2.6 IPsec stack on kernels >= 2.6.16."
- eerror
- fi
-
- if kernel_is -lt 2 6 34; then
- ewarn
- ewarn "IMPORTANT KERNEL NOTES: Please read carefully..."
- ewarn
-
- if kernel_is -lt 2 6 29; then
- ewarn "[ < 2.6.29 ] Due to a missing kernel feature, you have to"
- ewarn "include all required IPv6 modules even if you just intend"
- ewarn "to run on IPv4 only."
- ewarn
- ewarn "This has been fixed with kernels >= 2.6.29."
- ewarn
- fi
-
- if kernel_is -lt 2 6 33; then
- ewarn "[ < 2.6.33 ] Kernels prior to 2.6.33 include a non-standards"
- ewarn "compliant implementation for SHA-2 HMAC support in ESP and"
- ewarn "miss SHA384 and SHA512 HMAC support altogether."
- ewarn
- ewarn "If you need any of those features, please use kernel >= 2.6.33."
- ewarn
- fi
-
- if kernel_is -lt 2 6 34; then
- ewarn "[ < 2.6.34 ] Support for the AES-GMAC authentification-only"
- ewarn "ESP cipher is only included in kernels >= 2.6.34."
- ewarn
- ewarn "If you need it, please use kernel >= 2.6.34."
- ewarn
- fi
- fi
-
- if use non-root; then
- enewgroup ${UGID}
- enewuser ${UGID} -1 -1 -1 ${UGID}
- fi
-}
-
-src_prepare() {
- epatch_user
-}
-
-src_configure() {
- local myconf=""
-
- if use non-root; then
- myconf="${myconf} --with-user=${UGID} --with-group=${UGID}"
- fi
-
- # If a user has already enabled db support, those plugins will
- # most likely be desired as well. Besides they don't impose new
- # dependencies and come at no cost (except for space).
- if use mysql || use sqlite; then
- myconf="${myconf} --enable-attr-sql --enable-sql"
- fi
-
- # strongSwan builds and installs static libs by default which are
- # useless to the user (and to strongSwan for that matter) because no
- # header files or alike get installed... so disabling them is safe.
- if use pam && use eap; then
- myconf="${myconf} --enable-eap-gtc"
- else
- myconf="${myconf} --disable-eap-gtc"
- fi
-
- for mod in $STRONGSWAN_PLUGINS_STD; do
- if use strongswan_plugins_${mod}; then
- myconf+=" --enable-${mod}"
- fi
- done
-
- for mod in $STRONGSWAN_PLUGINS_OPT; do
- if use strongswan_plugins_${mod}; then
- myconf+=" --enable-${mod}"
- fi
- done
-
- econf \
- --disable-static \
- --enable-ikev1 \
- --enable-ikev2 \
- --enable-swanctl \
- --enable-socket-dynamic \
- $(use_with caps capabilities libcap) \
- $(use_enable curl) \
- $(use_enable constraints) \
- $(use_enable ldap) \
- $(use_enable debug leak-detective) \
- $(use_enable dhcp) \
- $(use_enable eap eap-sim) \
- $(use_enable eap eap-sim-file) \
- $(use_enable eap eap-simaka-sql) \
- $(use_enable eap eap-simaka-pseudonym) \
- $(use_enable eap eap-simaka-reauth) \
- $(use_enable eap eap-identity) \
- $(use_enable eap eap-md5) \
- $(use_enable eap eap-aka) \
- $(use_enable eap eap-aka-3gpp2) \
- $(use_enable eap md4) \
- $(use_enable eap eap-mschapv2) \
- $(use_enable eap eap-radius) \
- $(use_enable eap eap-tls) \
- $(use_enable eap xauth-eap) \
- $(use_enable farp) \
- $(use_enable gmp) \
- $(use_enable gcrypt) \
- $(use_enable mysql) \
- $(use_enable networkmanager nm) \
- $(use_enable openssl) \
- $(use_enable pam xauth-pam) \
- $(use_enable pkcs11) \
- $(use_enable sqlite) \
- "$(systemd_with_unitdir)" \
- ${myconf}
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- doinitd "${FILESDIR}"/ipsec
-
- local dir_ugid
- if use non-root; then
- fowners ${UGID}:${UGID} \
- /etc/ipsec.conf \
- /etc/strongswan.conf
-
- dir_ugid="${UGID}"
- else
- dir_ugid="root"
- fi
-
- diropts -m 0750 -o ${dir_ugid} -g ${dir_ugid}
- dodir /etc/ipsec.d \
- /etc/ipsec.d/aacerts \
- /etc/ipsec.d/acerts \
- /etc/ipsec.d/cacerts \
- /etc/ipsec.d/certs \
- /etc/ipsec.d/crls \
- /etc/ipsec.d/ocspcerts \
- /etc/ipsec.d/private \
- /etc/ipsec.d/reqs
-
- dodoc NEWS README TODO || die
-
- # shared libs are used only internally and there are no static libs,
- # so it's safe to get rid of the .la files
- find "${D}" -name '*.la' -delete || die "Failed to remove .la files."
-}
-
-pkg_preinst() {
- has_version "<net-vpn/strongswan-4.3.6-r1"
- upgrade_from_leq_4_3_6=$(( !$? ))
-
- has_version "<net-vpn/strongswan-4.3.6-r1[-caps]"
- previous_4_3_6_with_caps=$(( !$? ))
-}
-
-pkg_postinst() {
- if ! use openssl && ! use gcrypt; then
- elog
- elog "${PN} has been compiled without both OpenSSL and libgcrypt support."
- elog "Please note that this might effect availability and speed of some"
- elog "cryptographic features. You are advised to enable the OpenSSL plugin."
- elif ! use openssl; then
- elog
- elog "${PN} has been compiled without the OpenSSL plugin. This might effect"
- elog "availability and speed of some cryptographic features. There will be"
- elog "no support for Elliptic Curve Cryptography (Diffie-Hellman groups 19-21,"
- elog "25, 26) and ECDSA."
- fi
-
- if [[ $upgrade_from_leq_4_3_6 == 1 ]]; then
- chmod 0750 "${ROOT}"/etc/ipsec.d \
- "${ROOT}"/etc/ipsec.d/aacerts \
- "${ROOT}"/etc/ipsec.d/acerts \
- "${ROOT}"/etc/ipsec.d/cacerts \
- "${ROOT}"/etc/ipsec.d/certs \
- "${ROOT}"/etc/ipsec.d/crls \
- "${ROOT}"/etc/ipsec.d/ocspcerts \
- "${ROOT}"/etc/ipsec.d/private \
- "${ROOT}"/etc/ipsec.d/reqs
-
- ewarn
- ewarn "The default permissions for /etc/ipsec.d/* have been tightened for"
- ewarn "security reasons. Your system installed directories have been"
- ewarn "updated accordingly. Please check if necessary."
- ewarn
-
- if [[ $previous_4_3_6_with_caps == 1 ]]; then
- if ! use non-root; then
- ewarn
- ewarn "IMPORTANT: You previously had ${PN} installed without root"
- ewarn "privileges because it was implied by the 'caps' USE flag."
- ewarn "This has been changed. If you want ${PN} with user privileges,"
- ewarn "you have to re-emerge it with the 'non-root' USE flag enabled."
- ewarn
- fi
- fi
- fi
- if ! use caps && ! use non-root; then
- ewarn
- ewarn "You have decided to run ${PN} with root privileges and built it"
- ewarn "without support for POSIX capability dropping. It is generally"
- ewarn "strongly suggested that you reconsider- especially if you intend"
- ewarn "to run ${PN} as server with a public ip address."
- ewarn
- ewarn "You should re-emerge ${PN} with at least the 'caps' USE flag enabled."
- ewarn
- fi
- if use non-root; then
- elog
- elog "${PN} has been installed without superuser privileges (USE=non-root)."
- elog "This imposes several limitations mainly to the IKEv1 daemon 'pluto'"
- elog "but also a few to the IKEv2 daemon 'charon'."
- elog
- elog "Please carefully read: http://wiki.strongswan.org/wiki/nonRoot"
- elog
- elog "pluto uses a helper script by default to insert/remove routing and"
- elog "policy rules upon connection start/stop which requires superuser"
- elog "privileges. charon in contrast does this internally and can do so"
- elog "even with reduced (user) privileges."
- elog
- elog "Thus if you require IKEv1 (pluto) or need to specify a custom updown"
- elog "script to pluto or charon which requires superuser privileges, you"
- elog "can work around this limitation by using sudo to grant the"
- elog "user \"ipsec\" the appropriate rights."
- elog "For example (the default case):"
- elog "/etc/sudoers:"
- elog " ipsec ALL=(ALL) NOPASSWD: SETENV: /usr/sbin/ipsec"
- elog "Under the specific connection block in /etc/ipsec.conf:"
- elog " leftupdown=\"sudo -E ipsec _updown iptables\""
- elog
- fi
- elog
- elog "Make sure you have _all_ required kernel modules available including"
- elog "the appropriate cryptographic algorithms. A list is available at:"
- elog " http://wiki.strongswan.org/projects/strongswan/wiki/KernelModules"
- elog
- elog "The up-to-date manual is available online at:"
- elog " http://wiki.strongswan.org/"
- elog
-}
diff --git a/net-vpn/strongswan/strongswan-5.6.0.ebuild b/net-vpn/strongswan/strongswan-5.6.0.ebuild
deleted file mode 100644
index c4736a962302..000000000000
--- a/net-vpn/strongswan/strongswan-5.6.0.ebuild
+++ /dev/null
@@ -1,302 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-inherit eutils linux-info systemd user
-
-DESCRIPTION="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE"
-HOMEPAGE="http://www.strongswan.org/"
-SRC_URI="http://download.strongswan.org/${P}.tar.bz2"
-
-LICENSE="GPL-2 RSA DES"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~ppc ~ppc64 ~x86"
-IUSE="+caps curl +constraints debug dhcp eap farp gcrypt +gmp ldap mysql networkmanager +non-root +openssl selinux sqlite pam pkcs11"
-
-STRONGSWAN_PLUGINS_STD="led lookip systime-fix unity vici"
-STRONGSWAN_PLUGINS_OPT="blowfish ccm ctr gcm ha ipseckey ntru padlock rdrand unbound whitelist"
-for mod in $STRONGSWAN_PLUGINS_STD; do
- IUSE="${IUSE} +strongswan_plugins_${mod}"
-done
-
-for mod in $STRONGSWAN_PLUGINS_OPT; do
- IUSE="${IUSE} strongswan_plugins_${mod}"
-done
-
-COMMON_DEPEND="!net-misc/openswan
- gmp? ( >=dev-libs/gmp-4.1.5:= )
- gcrypt? ( dev-libs/libgcrypt:0 )
- caps? ( sys-libs/libcap )
- curl? ( net-misc/curl )
- ldap? ( net-nds/openldap )
- openssl? ( >=dev-libs/openssl-0.9.8:=[-bindist] )
- mysql? ( virtual/mysql )
- sqlite? ( >=dev-db/sqlite-3.3.1 )
- networkmanager? ( net-misc/networkmanager )
- pam? ( sys-libs/pam )
- strongswan_plugins_unbound? ( net-dns/unbound:= net-libs/ldns )"
-DEPEND="${COMMON_DEPEND}
- virtual/linux-sources
- sys-kernel/linux-headers"
-RDEPEND="${COMMON_DEPEND}
- virtual/logger
- sys-apps/iproute2
- !net-vpn/libreswan
- selinux? ( sec-policy/selinux-ipsec )"
-
-UGID="ipsec"
-
-pkg_setup() {
- linux-info_pkg_setup
- elog "Linux kernel version: ${KV_FULL}"
-
- if ! kernel_is -ge 2 6 16; then
- eerror
- eerror "This ebuild currently only supports ${PN} with the"
- eerror "native Linux 2.6 IPsec stack on kernels >= 2.6.16."
- eerror
- fi
-
- if kernel_is -lt 2 6 34; then
- ewarn
- ewarn "IMPORTANT KERNEL NOTES: Please read carefully..."
- ewarn
-
- if kernel_is -lt 2 6 29; then
- ewarn "[ < 2.6.29 ] Due to a missing kernel feature, you have to"
- ewarn "include all required IPv6 modules even if you just intend"
- ewarn "to run on IPv4 only."
- ewarn
- ewarn "This has been fixed with kernels >= 2.6.29."
- ewarn
- fi
-
- if kernel_is -lt 2 6 33; then
- ewarn "[ < 2.6.33 ] Kernels prior to 2.6.33 include a non-standards"
- ewarn "compliant implementation for SHA-2 HMAC support in ESP and"
- ewarn "miss SHA384 and SHA512 HMAC support altogether."
- ewarn
- ewarn "If you need any of those features, please use kernel >= 2.6.33."
- ewarn
- fi
-
- if kernel_is -lt 2 6 34; then
- ewarn "[ < 2.6.34 ] Support for the AES-GMAC authentification-only"
- ewarn "ESP cipher is only included in kernels >= 2.6.34."
- ewarn
- ewarn "If you need it, please use kernel >= 2.6.34."
- ewarn
- fi
- fi
-
- if use non-root; then
- enewgroup ${UGID}
- enewuser ${UGID} -1 -1 -1 ${UGID}
- fi
-}
-
-src_prepare() {
- epatch_user
-}
-
-src_configure() {
- local myconf=""
-
- if use non-root; then
- myconf="${myconf} --with-user=${UGID} --with-group=${UGID}"
- fi
-
- # If a user has already enabled db support, those plugins will
- # most likely be desired as well. Besides they don't impose new
- # dependencies and come at no cost (except for space).
- if use mysql || use sqlite; then
- myconf="${myconf} --enable-attr-sql --enable-sql"
- fi
-
- # strongSwan builds and installs static libs by default which are
- # useless to the user (and to strongSwan for that matter) because no
- # header files or alike get installed... so disabling them is safe.
- if use pam && use eap; then
- myconf="${myconf} --enable-eap-gtc"
- else
- myconf="${myconf} --disable-eap-gtc"
- fi
-
- for mod in $STRONGSWAN_PLUGINS_STD; do
- if use strongswan_plugins_${mod}; then
- myconf+=" --enable-${mod}"
- fi
- done
-
- for mod in $STRONGSWAN_PLUGINS_OPT; do
- if use strongswan_plugins_${mod}; then
- myconf+=" --enable-${mod}"
- fi
- done
-
- econf \
- --disable-static \
- --enable-ikev1 \
- --enable-ikev2 \
- --enable-swanctl \
- --enable-socket-dynamic \
- $(use_with caps capabilities libcap) \
- $(use_enable curl) \
- $(use_enable constraints) \
- $(use_enable ldap) \
- $(use_enable debug leak-detective) \
- $(use_enable dhcp) \
- $(use_enable eap eap-sim) \
- $(use_enable eap eap-sim-file) \
- $(use_enable eap eap-simaka-sql) \
- $(use_enable eap eap-simaka-pseudonym) \
- $(use_enable eap eap-simaka-reauth) \
- $(use_enable eap eap-identity) \
- $(use_enable eap eap-md5) \
- $(use_enable eap eap-aka) \
- $(use_enable eap eap-aka-3gpp2) \
- $(use_enable eap md4) \
- $(use_enable eap eap-mschapv2) \
- $(use_enable eap eap-radius) \
- $(use_enable eap eap-tls) \
- $(use_enable eap xauth-eap) \
- $(use_enable farp) \
- $(use_enable gmp) \
- $(use_enable gcrypt) \
- $(use_enable mysql) \
- $(use_enable networkmanager nm) \
- $(use_enable openssl) \
- $(use_enable pam xauth-pam) \
- $(use_enable pkcs11) \
- $(use_enable sqlite) \
- "$(systemd_with_unitdir)" \
- ${myconf}
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- doinitd "${FILESDIR}"/ipsec
-
- local dir_ugid
- if use non-root; then
- fowners ${UGID}:${UGID} \
- /etc/ipsec.conf \
- /etc/strongswan.conf
-
- dir_ugid="${UGID}"
- else
- dir_ugid="root"
- fi
-
- diropts -m 0750 -o ${dir_ugid} -g ${dir_ugid}
- dodir /etc/ipsec.d \
- /etc/ipsec.d/aacerts \
- /etc/ipsec.d/acerts \
- /etc/ipsec.d/cacerts \
- /etc/ipsec.d/certs \
- /etc/ipsec.d/crls \
- /etc/ipsec.d/ocspcerts \
- /etc/ipsec.d/private \
- /etc/ipsec.d/reqs
-
- dodoc NEWS README TODO || die
-
- # shared libs are used only internally and there are no static libs,
- # so it's safe to get rid of the .la files
- find "${D}" -name '*.la' -delete || die "Failed to remove .la files."
-}
-
-pkg_preinst() {
- has_version "<net-vpn/strongswan-4.3.6-r1"
- upgrade_from_leq_4_3_6=$(( !$? ))
-
- has_version "<net-vpn/strongswan-4.3.6-r1[-caps]"
- previous_4_3_6_with_caps=$(( !$? ))
-}
-
-pkg_postinst() {
- if ! use openssl && ! use gcrypt; then
- elog
- elog "${PN} has been compiled without both OpenSSL and libgcrypt support."
- elog "Please note that this might effect availability and speed of some"
- elog "cryptographic features. You are advised to enable the OpenSSL plugin."
- elif ! use openssl; then
- elog
- elog "${PN} has been compiled without the OpenSSL plugin. This might effect"
- elog "availability and speed of some cryptographic features. There will be"
- elog "no support for Elliptic Curve Cryptography (Diffie-Hellman groups 19-21,"
- elog "25, 26) and ECDSA."
- fi
-
- if [[ $upgrade_from_leq_4_3_6 == 1 ]]; then
- chmod 0750 "${ROOT}"/etc/ipsec.d \
- "${ROOT}"/etc/ipsec.d/aacerts \
- "${ROOT}"/etc/ipsec.d/acerts \
- "${ROOT}"/etc/ipsec.d/cacerts \
- "${ROOT}"/etc/ipsec.d/certs \
- "${ROOT}"/etc/ipsec.d/crls \
- "${ROOT}"/etc/ipsec.d/ocspcerts \
- "${ROOT}"/etc/ipsec.d/private \
- "${ROOT}"/etc/ipsec.d/reqs
-
- ewarn
- ewarn "The default permissions for /etc/ipsec.d/* have been tightened for"
- ewarn "security reasons. Your system installed directories have been"
- ewarn "updated accordingly. Please check if necessary."
- ewarn
-
- if [[ $previous_4_3_6_with_caps == 1 ]]; then
- if ! use non-root; then
- ewarn
- ewarn "IMPORTANT: You previously had ${PN} installed without root"
- ewarn "privileges because it was implied by the 'caps' USE flag."
- ewarn "This has been changed. If you want ${PN} with user privileges,"
- ewarn "you have to re-emerge it with the 'non-root' USE flag enabled."
- ewarn
- fi
- fi
- fi
- if ! use caps && ! use non-root; then
- ewarn
- ewarn "You have decided to run ${PN} with root privileges and built it"
- ewarn "without support for POSIX capability dropping. It is generally"
- ewarn "strongly suggested that you reconsider- especially if you intend"
- ewarn "to run ${PN} as server with a public ip address."
- ewarn
- ewarn "You should re-emerge ${PN} with at least the 'caps' USE flag enabled."
- ewarn
- fi
- if use non-root; then
- elog
- elog "${PN} has been installed without superuser privileges (USE=non-root)."
- elog "This imposes several limitations mainly to the IKEv1 daemon 'pluto'"
- elog "but also a few to the IKEv2 daemon 'charon'."
- elog
- elog "Please carefully read: http://wiki.strongswan.org/wiki/nonRoot"
- elog
- elog "pluto uses a helper script by default to insert/remove routing and"
- elog "policy rules upon connection start/stop which requires superuser"
- elog "privileges. charon in contrast does this internally and can do so"
- elog "even with reduced (user) privileges."
- elog
- elog "Thus if you require IKEv1 (pluto) or need to specify a custom updown"
- elog "script to pluto or charon which requires superuser privileges, you"
- elog "can work around this limitation by using sudo to grant the"
- elog "user \"ipsec\" the appropriate rights."
- elog "For example (the default case):"
- elog "/etc/sudoers:"
- elog " ipsec ALL=(ALL) NOPASSWD: SETENV: /usr/sbin/ipsec"
- elog "Under the specific connection block in /etc/ipsec.conf:"
- elog " leftupdown=\"sudo -E ipsec _updown iptables\""
- elog
- fi
- elog
- elog "Make sure you have _all_ required kernel modules available including"
- elog "the appropriate cryptographic algorithms. A list is available at:"
- elog " http://wiki.strongswan.org/projects/strongswan/wiki/KernelModules"
- elog
- elog "The up-to-date manual is available online at:"
- elog " http://wiki.strongswan.org/"
- elog
-}
diff --git a/net-vpn/strongswan/strongswan-5.7.1.ebuild b/net-vpn/strongswan/strongswan-5.7.1.ebuild
new file mode 100644
index 000000000000..c787179ae1ee
--- /dev/null
+++ b/net-vpn/strongswan/strongswan-5.7.1.ebuild
@@ -0,0 +1,303 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+inherit linux-info systemd user
+
+DESCRIPTION="IPsec-based VPN solution, supporting IKEv1/IKEv2 and MOBIKE"
+HOMEPAGE="https://www.strongswan.org/"
+SRC_URI="https://download.strongswan.org/${P}.tar.bz2"
+
+LICENSE="GPL-2 RSA DES"
+SLOT="0"
+KEYWORDS="amd64 ~arm ~ppc ~ppc64 x86"
+IUSE="+caps curl +constraints debug dhcp eap farp gcrypt +gmp ldap mysql networkmanager +non-root +openssl selinux sqlite systemd pam pkcs11"
+
+STRONGSWAN_PLUGINS_STD="led lookip systime-fix unity vici"
+STRONGSWAN_PLUGINS_OPT="aesni blowfish ccm chapoly ctr forecast gcm ha ipseckey newhope ntru padlock rdrand save-keys unbound whitelist"
+for mod in $STRONGSWAN_PLUGINS_STD; do
+ IUSE="${IUSE} +strongswan_plugins_${mod}"
+done
+
+for mod in $STRONGSWAN_PLUGINS_OPT; do
+ IUSE="${IUSE} strongswan_plugins_${mod}"
+done
+
+COMMON_DEPEND="!net-misc/openswan
+ gmp? ( >=dev-libs/gmp-4.1.5:= )
+ gcrypt? ( dev-libs/libgcrypt:0 )
+ caps? ( sys-libs/libcap )
+ curl? ( net-misc/curl )
+ ldap? ( net-nds/openldap )
+ openssl? ( >=dev-libs/openssl-0.9.8:=[-bindist] )
+ mysql? ( dev-db/mysql-connector-c:= )
+ sqlite? ( >=dev-db/sqlite-3.3.1 )
+ systemd? ( sys-apps/systemd )
+ networkmanager? ( net-misc/networkmanager )
+ pam? ( sys-libs/pam )
+ strongswan_plugins_unbound? ( net-dns/unbound:= net-libs/ldns )"
+DEPEND="${COMMON_DEPEND}
+ virtual/linux-sources
+ sys-kernel/linux-headers"
+RDEPEND="${COMMON_DEPEND}
+ virtual/logger
+ sys-apps/iproute2
+ !net-vpn/libreswan
+ selinux? ( sec-policy/selinux-ipsec )"
+
+UGID="ipsec"
+
+pkg_setup() {
+ linux-info_pkg_setup
+
+ elog "Linux kernel version: ${KV_FULL}"
+
+ if ! kernel_is -ge 2 6 16; then
+ eerror
+ eerror "This ebuild currently only supports ${PN} with the"
+ eerror "native Linux 2.6 IPsec stack on kernels >= 2.6.16."
+ eerror
+ fi
+
+ if kernel_is -lt 2 6 34; then
+ ewarn
+ ewarn "IMPORTANT KERNEL NOTES: Please read carefully..."
+ ewarn
+
+ if kernel_is -lt 2 6 29; then
+ ewarn "[ < 2.6.29 ] Due to a missing kernel feature, you have to"
+ ewarn "include all required IPv6 modules even if you just intend"
+ ewarn "to run on IPv4 only."
+ ewarn
+ ewarn "This has been fixed with kernels >= 2.6.29."
+ ewarn
+ fi
+
+ if kernel_is -lt 2 6 33; then
+ ewarn "[ < 2.6.33 ] Kernels prior to 2.6.33 include a non-standards"
+ ewarn "compliant implementation for SHA-2 HMAC support in ESP and"
+ ewarn "miss SHA384 and SHA512 HMAC support altogether."
+ ewarn
+ ewarn "If you need any of those features, please use kernel >= 2.6.33."
+ ewarn
+ fi
+
+ if kernel_is -lt 2 6 34; then
+ ewarn "[ < 2.6.34 ] Support for the AES-GMAC authentification-only"
+ ewarn "ESP cipher is only included in kernels >= 2.6.34."
+ ewarn
+ ewarn "If you need it, please use kernel >= 2.6.34."
+ ewarn
+ fi
+ fi
+
+ if use non-root; then
+ enewgroup ${UGID}
+ enewuser ${UGID} -1 -1 -1 ${UGID}
+ fi
+}
+
+src_configure() {
+ local myconf=""
+
+ if use non-root; then
+ myconf="${myconf} --with-user=${UGID} --with-group=${UGID}"
+ fi
+
+ # If a user has already enabled db support, those plugins will
+ # most likely be desired as well. Besides they don't impose new
+ # dependencies and come at no cost (except for space).
+ if use mysql || use sqlite; then
+ myconf="${myconf} --enable-attr-sql --enable-sql"
+ fi
+
+ # strongSwan builds and installs static libs by default which are
+ # useless to the user (and to strongSwan for that matter) because no
+ # header files or alike get installed... so disabling them is safe.
+ if use pam && use eap; then
+ myconf="${myconf} --enable-eap-gtc"
+ else
+ myconf="${myconf} --disable-eap-gtc"
+ fi
+
+ for mod in $STRONGSWAN_PLUGINS_STD; do
+ if use strongswan_plugins_${mod}; then
+ myconf+=" --enable-${mod}"
+ fi
+ done
+
+ for mod in $STRONGSWAN_PLUGINS_OPT; do
+ if use strongswan_plugins_${mod}; then
+ myconf+=" --enable-${mod}"
+ fi
+ done
+
+ econf \
+ --disable-static \
+ --enable-ikev1 \
+ --enable-ikev2 \
+ --enable-swanctl \
+ --enable-socket-dynamic \
+ $(use_enable curl) \
+ $(use_enable constraints) \
+ $(use_enable ldap) \
+ $(use_enable debug leak-detective) \
+ $(use_enable dhcp) \
+ $(use_enable eap eap-sim) \
+ $(use_enable eap eap-sim-file) \
+ $(use_enable eap eap-simaka-sql) \
+ $(use_enable eap eap-simaka-pseudonym) \
+ $(use_enable eap eap-simaka-reauth) \
+ $(use_enable eap eap-identity) \
+ $(use_enable eap eap-md5) \
+ $(use_enable eap eap-aka) \
+ $(use_enable eap eap-aka-3gpp2) \
+ $(use_enable eap md4) \
+ $(use_enable eap eap-mschapv2) \
+ $(use_enable eap eap-radius) \
+ $(use_enable eap eap-tls) \
+ $(use_enable eap eap-ttls) \
+ $(use_enable eap xauth-eap) \
+ $(use_enable eap eap-dynamic) \
+ $(use_enable farp) \
+ $(use_enable gmp) \
+ $(use_enable gcrypt) \
+ $(use_enable mysql) \
+ $(use_enable networkmanager nm) \
+ $(use_enable openssl) \
+ $(use_enable pam xauth-pam) \
+ $(use_enable pkcs11) \
+ $(use_enable sqlite) \
+ $(use_enable systemd) \
+ $(use_with caps capabilities libcap) \
+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \
+ ${myconf}
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ doinitd "${FILESDIR}"/ipsec
+
+ local dir_ugid
+ if use non-root; then
+ fowners ${UGID}:${UGID} \
+ /etc/ipsec.conf \
+ /etc/strongswan.conf
+
+ dir_ugid="${UGID}"
+ else
+ dir_ugid="root"
+ fi
+
+ diropts -m 0750 -o ${dir_ugid} -g ${dir_ugid}
+ dodir /etc/ipsec.d \
+ /etc/ipsec.d/aacerts \
+ /etc/ipsec.d/acerts \
+ /etc/ipsec.d/cacerts \
+ /etc/ipsec.d/certs \
+ /etc/ipsec.d/crls \
+ /etc/ipsec.d/ocspcerts \
+ /etc/ipsec.d/private \
+ /etc/ipsec.d/reqs
+
+ dodoc NEWS README TODO || die
+
+ # shared libs are used only internally and there are no static libs,
+ # so it's safe to get rid of the .la files
+ find "${D}" -name '*.la' -delete || die "Failed to remove .la files."
+}
+
+pkg_preinst() {
+ has_version "<net-vpn/strongswan-4.3.6-r1"
+ upgrade_from_leq_4_3_6=$(( !$? ))
+
+ has_version "<net-vpn/strongswan-4.3.6-r1[-caps]"
+ previous_4_3_6_with_caps=$(( !$? ))
+}
+
+pkg_postinst() {
+ if ! use openssl && ! use gcrypt; then
+ elog
+ elog "${PN} has been compiled without both OpenSSL and libgcrypt support."
+ elog "Please note that this might effect availability and speed of some"
+ elog "cryptographic features. You are advised to enable the OpenSSL plugin."
+ elif ! use openssl; then
+ elog
+ elog "${PN} has been compiled without the OpenSSL plugin. This might effect"
+ elog "availability and speed of some cryptographic features. There will be"
+ elog "no support for Elliptic Curve Cryptography (Diffie-Hellman groups 19-21,"
+ elog "25, 26) and ECDSA."
+ fi
+
+ if [[ $upgrade_from_leq_4_3_6 == 1 ]]; then
+ chmod 0750 "${ROOT}"/etc/ipsec.d \
+ "${ROOT}"/etc/ipsec.d/aacerts \
+ "${ROOT}"/etc/ipsec.d/acerts \
+ "${ROOT}"/etc/ipsec.d/cacerts \
+ "${ROOT}"/etc/ipsec.d/certs \
+ "${ROOT}"/etc/ipsec.d/crls \
+ "${ROOT}"/etc/ipsec.d/ocspcerts \
+ "${ROOT}"/etc/ipsec.d/private \
+ "${ROOT}"/etc/ipsec.d/reqs
+
+ ewarn
+ ewarn "The default permissions for /etc/ipsec.d/* have been tightened for"
+ ewarn "security reasons. Your system installed directories have been"
+ ewarn "updated accordingly. Please check if necessary."
+ ewarn
+
+ if [[ $previous_4_3_6_with_caps == 1 ]]; then
+ if ! use non-root; then
+ ewarn
+ ewarn "IMPORTANT: You previously had ${PN} installed without root"
+ ewarn "privileges because it was implied by the 'caps' USE flag."
+ ewarn "This has been changed. If you want ${PN} with user privileges,"
+ ewarn "you have to re-emerge it with the 'non-root' USE flag enabled."
+ ewarn
+ fi
+ fi
+ fi
+ if ! use caps && ! use non-root; then
+ ewarn
+ ewarn "You have decided to run ${PN} with root privileges and built it"
+ ewarn "without support for POSIX capability dropping. It is generally"
+ ewarn "strongly suggested that you reconsider- especially if you intend"
+ ewarn "to run ${PN} as server with a public ip address."
+ ewarn
+ ewarn "You should re-emerge ${PN} with at least the 'caps' USE flag enabled."
+ ewarn
+ fi
+ if use non-root; then
+ elog
+ elog "${PN} has been installed without superuser privileges (USE=non-root)."
+ elog "This imposes several limitations mainly to the IKEv1 daemon 'pluto'"
+ elog "but also a few to the IKEv2 daemon 'charon'."
+ elog
+ elog "Please carefully read: http://wiki.strongswan.org/wiki/nonRoot"
+ elog
+ elog "pluto uses a helper script by default to insert/remove routing and"
+ elog "policy rules upon connection start/stop which requires superuser"
+ elog "privileges. charon in contrast does this internally and can do so"
+ elog "even with reduced (user) privileges."
+ elog
+ elog "Thus if you require IKEv1 (pluto) or need to specify a custom updown"
+ elog "script to pluto or charon which requires superuser privileges, you"
+ elog "can work around this limitation by using sudo to grant the"
+ elog "user \"ipsec\" the appropriate rights."
+ elog "For example (the default case):"
+ elog "/etc/sudoers:"
+ elog " ipsec ALL=(ALL) NOPASSWD: SETENV: /usr/sbin/ipsec"
+ elog "Under the specific connection block in /etc/ipsec.conf:"
+ elog " leftupdown=\"sudo -E ipsec _updown iptables\""
+ elog
+ fi
+ elog
+ elog "Make sure you have _all_ required kernel modules available including"
+ elog "the appropriate cryptographic algorithms. A list is available at:"
+ elog " http://wiki.strongswan.org/projects/strongswan/wiki/KernelModules"
+ elog
+ elog "The up-to-date manual is available online at:"
+ elog " http://wiki.strongswan.org/"
+ elog
+}
diff --git a/net-vpn/tinc/Manifest b/net-vpn/tinc/Manifest
index cb6beadf9b81..72e0bd53d081 100644
--- a/net-vpn/tinc/Manifest
+++ b/net-vpn/tinc/Manifest
@@ -7,8 +7,10 @@ AUX tincd.conf 728 BLAKE2B fdfe320df4ac8112fb5ee64cd88cd228bef8d1e701a00598691a3
AUX tincd_at.service 197 BLAKE2B f568007b8872e105eb001333d24d7446ff8fb1995edaf77d98679078bfddd2ad9a534e1ed7d8ac743aaf026863dd9952e96e3bf2a8f950115c9f059a2660afc6 SHA512 866f8adbc9c39cc6030e6046e4265a4f6e893960045df15abc0a1865599cf2576ac12468bd1a286df47248ebe2c6b16ba64a60f0ebeeb0212d850a9d7886c98a
DIST tinc-1.0.33.tar.gz 486374 BLAKE2B 542e9c95aa3dea941315c5a3293c06137be7131bbb4a3ba5d788e7c250327d0b01530db5b3371aee85b1e85a104b9997e9f09a6b33051090da087595e1bcb9da SHA512 f17c7682e177d85a049891255fc590069c7901307951ee93364a7a754f1a7c5ca4b6a6f7ddcb4c9ad150f0155ff7db7112990a3fc3a6496b48bdbfd3b1ae8804
DIST tinc-1.0.34.tar.gz 484174 BLAKE2B 8ba80983cb1293b03b814f305bd733a2208562b8450a539c0f80c25596c0e05fb7ebc8edf8e6617b9e18d8b96bb49a82098f902e692ce4b85c7c47b1072be2dd SHA512 b711a2c532f8efc94c77e9bbe5213ae284d2a3cb598d2760df700448e495a02ac56baa0393bbc6fbc735bf97a26ca5a79133c92952d98a9086a9ffd273eef725
+DIST tinc-1.0.35.tar.gz 499277 BLAKE2B 419b581167614d534b6f2f3b804657f088c013529d7738766aff199da775860ffed42ecb61e8ed008c5b6fa410f071e2fe1ca59f0c6e443c0a8017cd10c31ce3 SHA512 037867306c21506d57d69d35c0f246b2936022047978fa3e01464b5f6b65f109760507d9cc740f82f8166f39c5ce44d9f8dde55655a6372dacd5b5974aeaee32
DIST tinc-1.1pre16.tar.gz 703679 BLAKE2B c02636f52983c1fdebe28058a5e49f3952ac10b238c9d8f01a10b140960803f197a057c883860ca259b949883c406cf74f518d0e45bf84f10566a964570daf9b SHA512 b32a0a734a4c8a91bad4cef4177cb45757c97c09dc179da1e3357f2fde48b3b0747587dbac31ecb5400e1553b6712d474a6a1808ac24bce1a3494c1842bb6c43
EBUILD tinc-1.0.33.ebuild 1212 BLAKE2B 2edd76506532bde8a4fbeb8ed7e7eb9b6d689eaf97ce0d87e6d6011f5cb3eef79f2b85985fbaf21accbfb97cd918cedc6e3c8254d839572dd567b607c31e530d SHA512 9bb8c6d89dd3b0ecc0d9ab597ebdf1d02b952604426b89701ff0681395a20344b6d12a5b6fb30d47ca0fddb1a8263f7346bfa8d24c3bc62c32575a35f8b5ea3c
EBUILD tinc-1.0.34.ebuild 1212 BLAKE2B b1561117d04453a25dba0f834a30e7ca816fb439cecb5bed8879a73d980290e10ead3b77d2cd0332a16af4b3e0bb5ad9c8db71ce6f45af224f92d954eadb3a6e SHA512 d58d37be4d1c8852299bd9c72f152c2e156ff6838e04b4fb3d21bd7dbf218f53f37acf4edac292b1ba10fb7dfab295ee3d546e774866fd4cb0a82551c077f9e4
+EBUILD tinc-1.0.35.ebuild 1068 BLAKE2B 61e0222d74e8f01930905649be368cc6da9cc37d047f0d78259deca6badc296ff2e8738144e9eecb8b13848f4b34795cba39b623eb50af677d203169c1429f2c SHA512 86835b3684728c69084d59bb94f7d996a1c74a7a215ba11902c4dba3041a0569b88e90748f53412f395482c879f8fb96dee16905e8c605fc08ce3b4607114b38
EBUILD tinc-1.1_pre16-r1.ebuild 2410 BLAKE2B 45ca4aa369b5d8fb66cd8af6c25b0f124059a86fece6ad89d72f83a5e76e7a4d92b8ed84cecf256737547f596ce32c3479cd68776bd47276d74e60943048374a SHA512 e95f032539e58a0387740f34ff82c51315454b117288a21d45cc620c763a76e3c17edd32b278ef606edf3119d8edd149be117ab95ac277ed01d6819e4ff9811c
MISC metadata.xml 723 BLAKE2B 09ac4b61d77c06379478413b2c8f33762908f272de27f7721d7cc02ad77b91755944835544ec6219a5d2744e3d79b2262d570e319140c4d06fae988caf7a7666 SHA512 d1aa24b5c5548fc37c19a992d211918afb93d361b385307f3d6bef783d381a465d0a743832425857766e5af5a8f960e5708cb60a1738d4a29bc659f6293d3bda
diff --git a/net-vpn/tinc/tinc-1.0.35.ebuild b/net-vpn/tinc/tinc-1.0.35.ebuild
new file mode 100644
index 000000000000..8d387dbc59c8
--- /dev/null
+++ b/net-vpn/tinc/tinc-1.0.35.ebuild
@@ -0,0 +1,42 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+inherit systemd
+
+DESCRIPTION="tinc is an easy to configure VPN implementation"
+HOMEPAGE="http://www.tinc-vpn.org/"
+SRC_URI="http://www.tinc-vpn.org/packages/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos"
+IUSE="libressl +lzo uml vde +zlib"
+
+DEPEND="
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ lzo? ( dev-libs/lzo:2 )
+ zlib? ( sys-libs/zlib )"
+RDEPEND="${DEPEND}
+ vde? ( net-misc/vde )"
+
+src_configure() {
+ econf \
+ --enable-jumbograms \
+ --disable-tunemu \
+ $(use_enable lzo) \
+ $(use_enable uml) \
+ $(use_enable vde) \
+ $(use_enable zlib)
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ dodir /etc/tinc
+ dodoc AUTHORS NEWS README THANKS
+ doconfd "${FILESDIR}"/tinc.networks
+ newconfd "${FILESDIR}"/tincd.conf tincd
+ newinitd "${FILESDIR}"/tincd-r1 tincd
+ systemd_newunit "${FILESDIR}"/tincd_at.service "tincd@.service"
+}
diff --git a/net-vpn/tor/Manifest b/net-vpn/tor/Manifest
index 963ef93e3935..789f66fe124c 100644
--- a/net-vpn/tor/Manifest
+++ b/net-vpn/tor/Manifest
@@ -7,9 +7,9 @@ AUX torrc-r1 140 BLAKE2B 4b7e0795c09e737c5dda014c2b87811757bb8d68d581ece49f5002a
DIST tor-0.3.1.10.tar.gz 6192183 BLAKE2B 4c1b57a3b19d18d735bb7362a08e4c2330350f2e31d52a8eb6d837cebc45ad6e64f3364e368f72d59bb8f51f652d4029a3e237a26efe580551811f5812e8dac4 SHA512 92af34a96bea2a99ab51d766d932da697409e404da4318ba6b3360ff0c2e9369b9afa652445a1651940f5a0502f4137141cc87cff14eba180539ea81be0c21a3
DIST tor-0.3.4.7-rc.tar.gz 6668322 BLAKE2B 863d24d04ba7919d08b3c69bca2edf3ee46af6aa074812f76067199670b17bb8538233c7631cb17e1cada4b2b4527b0db4b3b7a7b945ae7ca7a03e52685fce00 SHA512 664211ffd6adcdb325cf669fed9fb7c70b1416da3df046c35622b5104a4b63d9a3123eb40744bc070d29ff97472adf31b1aaecea5b91c07059d0cdad79569b58
DIST tor-0.3.4.8.tar.gz 6679385 BLAKE2B 9cb65442effd1cfceb34f3483a0e96de5e59e9ce1bd2241533dd8eb62e4428a6c0f9decd816dda49515fc92acd8c77e69f7d39133a67fb5053a858dc78464791 SHA512 bfedc29253cb8fdbe1864ea5992ad33184577d88ab806a249a544f3b3142a7bc1453892955df335185aff72508095fb2a2a07ac6b96c99668e5e8d593d7aea6d
-DIST tor-0.3.5.2-alpha.tar.gz 6698132 BLAKE2B a922ebb2b1967db57285abbde203f6accc95be3a5bb446df9aa332de11240fc65d61f944e9df860f8e2f57b943bade335098c1ddb05b194acffa6d6b2df10d97 SHA512 57344a71bbdf6bc0488f8ac5383de3832c411bdb34c620d3effb7146adbcccbb6e6c7a3a794e6b4a9ba5ff191c02f5e411fe96de41f21292385dcd46434903ce
+DIST tor-0.3.5.3-alpha.tar.gz 6862572 BLAKE2B c4832828042bbecaf7c34bcb8999873cb4a5314598b2731cba02b2335c09fd8685588c52b15345821288cc94c9ab731c150b5010dee27d2dce1a15914ee31a6d SHA512 fdbbf5a69f9c0708afa4bb9e4925db4f7384997d7f497f1298d0106b76944c060c858fd061aa292310384e7b35f0ac41570cd89bb8c7e8208c832908fa3288af
EBUILD tor-0.3.1.10.ebuild 2018 BLAKE2B 5c001ed0ad1fd3f0d6a3dee6bcc53bc3590a90a5c0aa931c0e67e0cbceb000ef710fa33fe11b06fc08798c6286ffa877376ef6ebf2cbd426e7a26c94311e19c2 SHA512 65f6054ac7b50c46679d88ed1a5b556f5e3c40fe44e784e6b4de324bd317e3d118a8d0d4574ac62bcd17131412c3ad1cbdd0c27f4afd53568091ce400b171244
EBUILD tor-0.3.4.7_rc.ebuild 2232 BLAKE2B 3932f94eadda82099130eea978fcb76a88ba5b60bc62942f40b53b1e1d3d47f6ba94d056159bb6ea7d13c4f36eee7ac74b2a1ea6c60a351f38a3dc246ad0ea63 SHA512 0550f1a625ff99adf97ff4dfccc4874596a32ae6ffbc550493acd29f3f8377c7029c142c2b9c4ecc201ab72914ccb26e583b4bd0f51cf5e590155daa870c4989
EBUILD tor-0.3.4.8.ebuild 2237 BLAKE2B 2d21116f6249afbc98dc16881219fe689fec38c392e253d0b9661edf28d0fffb357c10c04fcf259368b66d0a25b7e2e558134cee404040b3bab78104985afad0 SHA512 64ed20c1dcd0486883729a8f90f89e80e9be5b499f17d3309313ea5aeaf29027ea82db0aa4ae00c107c3af123d4f1de5af003fbbee25cd188c2ea7cae398cb80
-EBUILD tor-0.3.5.2_alpha.ebuild 2215 BLAKE2B 33b04c74ef81f1ed3d18c84a0a5bf52db92d42037444d432f181cb36eef2b0cf056f79f642e9023758b6e2706253c122c43fe8e065e38865f555fc6d51263bc6 SHA512 bb2c831146afe5a57e4607c0cdaacc57b0b57667d514e63b31ba3d3468916b98836a96fffdf251ae41d9d52c92352174ece6c4e4eb069dafb9a677fa8fa7943f
+EBUILD tor-0.3.5.3_alpha.ebuild 2215 BLAKE2B 33b04c74ef81f1ed3d18c84a0a5bf52db92d42037444d432f181cb36eef2b0cf056f79f642e9023758b6e2706253c122c43fe8e065e38865f555fc6d51263bc6 SHA512 bb2c831146afe5a57e4607c0cdaacc57b0b57667d514e63b31ba3d3468916b98836a96fffdf251ae41d9d52c92352174ece6c4e4eb069dafb9a677fa8fa7943f
MISC metadata.xml 594 BLAKE2B 006e1ebc9876f83cb7cc3dcb7cea9ff0dfc763e9eb47c025e38b7588e1e4fef7c26ab130c61cdd3200b8d3d9be886b3aab377585972be178c93b758aff48c4c3 SHA512 011f77654a507d13c0542e6983df8ec86c5f2cff7cd1408f99c9d4da9d00ffb4b432317b2fd21500e62131e6f7c9bc60235cf55f2b8082391b9fe3bcf924ab2b
diff --git a/net-vpn/tor/tor-0.3.5.2_alpha.ebuild b/net-vpn/tor/tor-0.3.5.2_alpha.ebuild
deleted file mode 100644
index eec218e6109b..000000000000
--- a/net-vpn/tor/tor-0.3.5.2_alpha.ebuild
+++ /dev/null
@@ -1,87 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-inherit flag-o-matic readme.gentoo-r1 systemd versionator user
-
-MY_PV="$(replace_version_separator 4 -)"
-MY_PF="${PN}-${MY_PV}"
-DESCRIPTION="Anonymizing overlay network for TCP"
-HOMEPAGE="http://www.torproject.org/"
-SRC_URI="https://www.torproject.org/dist/${MY_PF}.tar.gz
- https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz"
-S="${WORKDIR}/${MY_PF}"
-
-LICENSE="BSD GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~x86 ~ppc-macos"
-IUSE="caps libressl lzma scrypt seccomp selinux systemd tor-hardening test zstd"
-
-DEPEND="
- app-text/asciidoc
- dev-libs/libevent[ssl]
- sys-libs/zlib
- caps? ( sys-libs/libcap )
- !libressl? ( dev-libs/openssl:0=[-bindist] )
- libressl? ( dev-libs/libressl:0= )
- lzma? ( app-arch/xz-utils )
- scrypt? ( app-crypt/libscrypt )
- seccomp? ( sys-libs/libseccomp )
- systemd? ( sys-apps/systemd )
- zstd? ( app-arch/zstd )"
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-tor )"
-
-PATCHES=(
- "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch
- "${FILESDIR}"/${PN}-0.3.3.2-alpha-tor.service.in.patch
-)
-
-DOCS=( README ChangeLog ReleaseNotes doc/HACKING )
-
-pkg_setup() {
- enewgroup tor
- enewuser tor -1 -1 /var/lib/tor tor
-}
-
-src_configure() {
- export ac_cv_lib_cap_cap_init=$(usex caps)
- econf \
- --localstatedir="${EPREFIX}/var" \
- --enable-system-torrc \
- --enable-asciidoc \
- --disable-android \
- --disable-libfuzzer \
- --disable-module-dirauth \
- --enable-pic \
- --disable-rust \
- --disable-restart-debugging \
- --disable-zstd-advanced-apis \
- $(use_enable lzma) \
- $(use_enable scrypt libscrypt) \
- $(use_enable seccomp) \
- $(use_enable systemd) \
- $(use_enable tor-hardening gcc-hardening) \
- $(use_enable tor-hardening linker-hardening) \
- $(use_enable test unittests) \
- $(use_enable test coverage) \
- $(use_enable zstd)
-}
-
-src_install() {
- default
- readme.gentoo_create_doc
-
- newconfd "${FILESDIR}"/tor.confd tor
- newinitd "${FILESDIR}"/tor.initd-r8 tor
- systemd_dounit contrib/dist/tor.service
-
- keepdir /var/lib/tor
-
- fperms 750 /var/lib/tor
- fowners tor:tor /var/lib/tor
-
- insinto /etc/tor/
- newins "${FILESDIR}"/torrc-r1 torrc
-}
diff --git a/net-vpn/tor/tor-0.3.5.3_alpha.ebuild b/net-vpn/tor/tor-0.3.5.3_alpha.ebuild
new file mode 100644
index 000000000000..eec218e6109b
--- /dev/null
+++ b/net-vpn/tor/tor-0.3.5.3_alpha.ebuild
@@ -0,0 +1,87 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit flag-o-matic readme.gentoo-r1 systemd versionator user
+
+MY_PV="$(replace_version_separator 4 -)"
+MY_PF="${PN}-${MY_PV}"
+DESCRIPTION="Anonymizing overlay network for TCP"
+HOMEPAGE="http://www.torproject.org/"
+SRC_URI="https://www.torproject.org/dist/${MY_PF}.tar.gz
+ https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz"
+S="${WORKDIR}/${MY_PF}"
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~x86 ~ppc-macos"
+IUSE="caps libressl lzma scrypt seccomp selinux systemd tor-hardening test zstd"
+
+DEPEND="
+ app-text/asciidoc
+ dev-libs/libevent[ssl]
+ sys-libs/zlib
+ caps? ( sys-libs/libcap )
+ !libressl? ( dev-libs/openssl:0=[-bindist] )
+ libressl? ( dev-libs/libressl:0= )
+ lzma? ( app-arch/xz-utils )
+ scrypt? ( app-crypt/libscrypt )
+ seccomp? ( sys-libs/libseccomp )
+ systemd? ( sys-apps/systemd )
+ zstd? ( app-arch/zstd )"
+RDEPEND="${DEPEND}
+ selinux? ( sec-policy/selinux-tor )"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch
+ "${FILESDIR}"/${PN}-0.3.3.2-alpha-tor.service.in.patch
+)
+
+DOCS=( README ChangeLog ReleaseNotes doc/HACKING )
+
+pkg_setup() {
+ enewgroup tor
+ enewuser tor -1 -1 /var/lib/tor tor
+}
+
+src_configure() {
+ export ac_cv_lib_cap_cap_init=$(usex caps)
+ econf \
+ --localstatedir="${EPREFIX}/var" \
+ --enable-system-torrc \
+ --enable-asciidoc \
+ --disable-android \
+ --disable-libfuzzer \
+ --disable-module-dirauth \
+ --enable-pic \
+ --disable-rust \
+ --disable-restart-debugging \
+ --disable-zstd-advanced-apis \
+ $(use_enable lzma) \
+ $(use_enable scrypt libscrypt) \
+ $(use_enable seccomp) \
+ $(use_enable systemd) \
+ $(use_enable tor-hardening gcc-hardening) \
+ $(use_enable tor-hardening linker-hardening) \
+ $(use_enable test unittests) \
+ $(use_enable test coverage) \
+ $(use_enable zstd)
+}
+
+src_install() {
+ default
+ readme.gentoo_create_doc
+
+ newconfd "${FILESDIR}"/tor.confd tor
+ newinitd "${FILESDIR}"/tor.initd-r8 tor
+ systemd_dounit contrib/dist/tor.service
+
+ keepdir /var/lib/tor
+
+ fperms 750 /var/lib/tor
+ fowners tor:tor /var/lib/tor
+
+ insinto /etc/tor/
+ newins "${FILESDIR}"/torrc-r1 torrc
+}
diff --git a/net-vpn/wireguard/Manifest b/net-vpn/wireguard/Manifest
index a78155158b23..551e35cf10b5 100644
--- a/net-vpn/wireguard/Manifest
+++ b/net-vpn/wireguard/Manifest
@@ -1,4 +1,4 @@
-DIST WireGuard-0.0.20181006.tar.xz 298168 BLAKE2B 711c3dfe601b99f5525176aa2cb38722d6f4bf2b1704c6e0d09f78f588258e21d3a5dcbc407f18421964c79fd42e9f62a13312ba254fb1d7fe08c0fd1d75d5b7 SHA512 a8cfae43c3d1c4bcebd5f301eb7ce3d45f799383c8b696757e84e53d921027d415dc4459628a1dd441f0c5d31079582a54517e8de0b258452ea4a310362be9bf
-EBUILD wireguard-0.0.20181006.ebuild 5142 BLAKE2B 9741b00e97a85fe032de77fe709e403b0ab26c2a7a722eb2b84fe02b73070271f4b6a9e0703e5b2cbdb1918e88a7e7b810f686af80dc8b59f5285a7cc68bbcfd SHA512 e6755ac3095ab7e059ae036f7548ed25ce933e5f5170852993574f60a3ce73667592a8b31a8cae26f95190825395b86ad40542e4833bc3fb3b2b712b9caecafe
+DIST WireGuard-0.0.20181018.tar.xz 299432 BLAKE2B 05869b7a421761581445b8e383119a893d65ec9ff7b53551bede6022ee7609e9bc2c8081392ac5eba382ae817a281390f1fcfb35cd7c9a8b32794eb25878e541 SHA512 ab9f42bdae1b12a95faaf51d5b9e17a8635c67386feefaaa40e0395d78c3258b9afa8a1d2f64010fac4867fa0d229a4ed850fab8a24678d6c8aa2ab6e30ae1b3
+EBUILD wireguard-0.0.20181018.ebuild 5142 BLAKE2B 9741b00e97a85fe032de77fe709e403b0ab26c2a7a722eb2b84fe02b73070271f4b6a9e0703e5b2cbdb1918e88a7e7b810f686af80dc8b59f5285a7cc68bbcfd SHA512 e6755ac3095ab7e059ae036f7548ed25ce933e5f5170852993574f60a3ce73667592a8b31a8cae26f95190825395b86ad40542e4833bc3fb3b2b712b9caecafe
EBUILD wireguard-9999.ebuild 4720 BLAKE2B 4de715d72ccd551ee68eeab051ff9905323fe57d475e6c17ad39542c3c50416d0ff6cfa27c994afe1edf6277bdbd6bab9b3351d74cfcae5921f24c2c93f0cb36 SHA512 e71251e953b6046149d69b1168af47e20ae705c3822f8c80542388571e8677ddfe299eb46808ec462c8a13764fc939eafe7f51dcfa0d7e3aca7c6e153ba14c7b
MISC metadata.xml 765 BLAKE2B 4b3a03aea5271da19dddddfc4f7fa180c4b3b846bbe434786c3b3e7bbfb51424cf3be55877cf6b2af60559a456978946ed68354600e43fbb461d2000bd655b70 SHA512 794ffdecbc09f27080cade3a5753e0d1e9021edb400282ee6db7099d4583ab4d4ed28a343e2b8c2227ab39b8bc4182938d6c82ae4a4f7e9980f21348d8d8c805
diff --git a/net-vpn/wireguard/wireguard-0.0.20181006.ebuild b/net-vpn/wireguard/wireguard-0.0.20181006.ebuild
deleted file mode 100644
index 035320b20fd3..000000000000
--- a/net-vpn/wireguard/wireguard-0.0.20181006.ebuild
+++ /dev/null
@@ -1,145 +0,0 @@
-# Copyright 1999-2018 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-MODULES_OPTIONAL_USE="module"
-inherit linux-mod bash-completion-r1
-
-DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography."
-HOMEPAGE="https://www.wireguard.com/"
-
-if [[ ${PV} == 9999 ]]; then
- inherit git-r3
- EGIT_REPO_URI="https://git.zx2c4.com/WireGuard"
- KEYWORDS=""
-else
- SRC_URI="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz"
- S="${WORKDIR}/WireGuard-${PV}"
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
-fi
-
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="debug +module +tools module-src"
-
-DEPEND="tools? ( net-libs/libmnl )"
-RDEPEND="${DEPEND}"
-
-MODULE_NAMES="wireguard(kernel/drivers/net:src)"
-BUILD_TARGETS="module"
-CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_BLKCIPHER"
-
-wg_quick_optional_config_nob() {
- CONFIG_CHECK="$CONFIG_CHECK ~$1"
- declare -g ERROR_$1="CONFIG_$1: This option is required for automatic routing of default routes inside of wg-quick(8), though it is not required for general WireGuard usage."
-}
-
-pkg_setup() {
- if use module; then
- if use tools; then
- wg_quick_optional_config_nob IP_ADVANCED_ROUTER
- wg_quick_optional_config_nob IP_MULTIPLE_TABLES
- wg_quick_optional_config_nob NETFILTER_XT_MARK
- fi
-
- linux-mod_pkg_setup
- kernel_is -lt 3 10 0 && die "This version of ${PN} requires Linux >= 3.10"
- fi
-}
-
-src_compile() {
- BUILD_PARAMS="KERNELDIR=${KERNEL_DIR}"
- use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}"
- use module && linux-mod_src_compile
- use tools && emake RUNSTATEDIR="${EPREFIX}/run" -C src/tools CC="$(tc-getCC)" LD="$(tc-getLD)"
-}
-
-src_install() {
- use module && linux-mod_src_install
- if use tools; then
- dodoc README.md
- dodoc -r contrib/examples
- emake \
- WITH_BASHCOMPLETION=yes \
- WITH_SYSTEMDUNITS=yes \
- WITH_WGQUICK=yes \
- DESTDIR="${D}" \
- BASHCOMPDIR="$(get_bashcompdir)" \
- PREFIX="${EPREFIX}/usr" \
- -C src/tools install
- fi
- use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install
-}
-
-pkg_postinst() {
- if use module-src && ! use module; then
- einfo
- einfo "You have enabled the module-src USE flag without the module USE"
- einfo "flag. This means that sources are installed to"
- einfo "${ROOT}usr/src/wireguard instead of having the"
- einfo "kernel module compiled. You will need to compile the module"
- einfo "yourself. Most likely, you don't want this USE flag, and should"
- einfo "rather use USE=module"
- einfo
- fi
- use module && linux-mod_pkg_postinst
-
- einfo
- einfo "This software is experimental and has not yet been released."
- einfo "As such, it may contain significant issues. Please do not file"
- einfo "bug reports with Gentoo, but rather direct them upstream to:"
- einfo
- einfo " team@wireguard.com security@wireguard.com"
- einfo
-
- if use tools; then
- einfo
- einfo "After installing WireGuard, if you'd like to try sending some packets through"
- einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh"
- einfo "test example script:"
- einfo
- einfo " \$ bzcat ${ROOT}usr/share/doc/${PF}/examples/ncat-client-server/client.sh.bz2 | sudo bash -"
- einfo
- einfo "This will automatically setup interface wg0, through a very insecure transport"
- einfo "that is only suitable for demonstration purposes. You can then try loading the"
- einfo "hidden website or sending pings:"
- einfo
- einfo " \$ chromium http://192.168.4.1"
- einfo " \$ ping 192.168.4.1"
- einfo
- einfo "If you'd like to redirect your internet traffic, you can run it with the"
- einfo "\"default-route\" argument. You may not use this server for any abusive or illegal"
- einfo "purposes. It is for quick testing only."
- einfo
- einfo "More info on getting started can be found at: https://www.wireguard.com/quickstart/"
- einfo
- fi
- if use module; then
- local old new
- if [[ $(uname -r) != "${KV_FULL}" ]]; then
- ewarn
- ewarn "You have just built WireGuard for kernel ${KV_FULL}, yet the currently running"
- ewarn "kernel is $(uname -r). If you intend to use this WireGuard module on the currently"
- ewarn "running machine, you will first need to reboot it into the kernel ${KV_FULL}, for"
- ewarn "which this module was built."
- ewarn
- elif [[ -f /sys/module/wireguard/version ]] && \
- old="$(< /sys/module/wireguard/version)" && \
- new="$(modinfo -F version "${ROOT}/lib/modules/${KV_FULL}/net/wireguard.ko" 2>/dev/null)" && \
- [[ $old != "$new" ]]; then
- ewarn
- ewarn "You appear to have just upgraded WireGuard from version v$old to v$new."
- ewarn "However, the old version is still running on your system. In order to use the"
- ewarn "new version, you will need to remove the old module and load the new one. As"
- ewarn "root, you can accomplish this with the following commands:"
- ewarn
- ewarn " # rmmod wireguard"
- ewarn " # modprobe wireguard"
- ewarn
- ewarn "Do note that doing this will remove current WireGuard interfaces, so you may want"
- ewarn "to gracefully remove them yourself prior."
- ewarn
- fi
- fi
-}
diff --git a/net-vpn/wireguard/wireguard-0.0.20181018.ebuild b/net-vpn/wireguard/wireguard-0.0.20181018.ebuild
new file mode 100644
index 000000000000..035320b20fd3
--- /dev/null
+++ b/net-vpn/wireguard/wireguard-0.0.20181018.ebuild
@@ -0,0 +1,145 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+MODULES_OPTIONAL_USE="module"
+inherit linux-mod bash-completion-r1
+
+DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography."
+HOMEPAGE="https://www.wireguard.com/"
+
+if [[ ${PV} == 9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://git.zx2c4.com/WireGuard"
+ KEYWORDS=""
+else
+ SRC_URI="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz"
+ S="${WORKDIR}/WireGuard-${PV}"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+fi
+
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="debug +module +tools module-src"
+
+DEPEND="tools? ( net-libs/libmnl )"
+RDEPEND="${DEPEND}"
+
+MODULE_NAMES="wireguard(kernel/drivers/net:src)"
+BUILD_TARGETS="module"
+CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_BLKCIPHER"
+
+wg_quick_optional_config_nob() {
+ CONFIG_CHECK="$CONFIG_CHECK ~$1"
+ declare -g ERROR_$1="CONFIG_$1: This option is required for automatic routing of default routes inside of wg-quick(8), though it is not required for general WireGuard usage."
+}
+
+pkg_setup() {
+ if use module; then
+ if use tools; then
+ wg_quick_optional_config_nob IP_ADVANCED_ROUTER
+ wg_quick_optional_config_nob IP_MULTIPLE_TABLES
+ wg_quick_optional_config_nob NETFILTER_XT_MARK
+ fi
+
+ linux-mod_pkg_setup
+ kernel_is -lt 3 10 0 && die "This version of ${PN} requires Linux >= 3.10"
+ fi
+}
+
+src_compile() {
+ BUILD_PARAMS="KERNELDIR=${KERNEL_DIR}"
+ use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}"
+ use module && linux-mod_src_compile
+ use tools && emake RUNSTATEDIR="${EPREFIX}/run" -C src/tools CC="$(tc-getCC)" LD="$(tc-getLD)"
+}
+
+src_install() {
+ use module && linux-mod_src_install
+ if use tools; then
+ dodoc README.md
+ dodoc -r contrib/examples
+ emake \
+ WITH_BASHCOMPLETION=yes \
+ WITH_SYSTEMDUNITS=yes \
+ WITH_WGQUICK=yes \
+ DESTDIR="${D}" \
+ BASHCOMPDIR="$(get_bashcompdir)" \
+ PREFIX="${EPREFIX}/usr" \
+ -C src/tools install
+ fi
+ use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install
+}
+
+pkg_postinst() {
+ if use module-src && ! use module; then
+ einfo
+ einfo "You have enabled the module-src USE flag without the module USE"
+ einfo "flag. This means that sources are installed to"
+ einfo "${ROOT}usr/src/wireguard instead of having the"
+ einfo "kernel module compiled. You will need to compile the module"
+ einfo "yourself. Most likely, you don't want this USE flag, and should"
+ einfo "rather use USE=module"
+ einfo
+ fi
+ use module && linux-mod_pkg_postinst
+
+ einfo
+ einfo "This software is experimental and has not yet been released."
+ einfo "As such, it may contain significant issues. Please do not file"
+ einfo "bug reports with Gentoo, but rather direct them upstream to:"
+ einfo
+ einfo " team@wireguard.com security@wireguard.com"
+ einfo
+
+ if use tools; then
+ einfo
+ einfo "After installing WireGuard, if you'd like to try sending some packets through"
+ einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh"
+ einfo "test example script:"
+ einfo
+ einfo " \$ bzcat ${ROOT}usr/share/doc/${PF}/examples/ncat-client-server/client.sh.bz2 | sudo bash -"
+ einfo
+ einfo "This will automatically setup interface wg0, through a very insecure transport"
+ einfo "that is only suitable for demonstration purposes. You can then try loading the"
+ einfo "hidden website or sending pings:"
+ einfo
+ einfo " \$ chromium http://192.168.4.1"
+ einfo " \$ ping 192.168.4.1"
+ einfo
+ einfo "If you'd like to redirect your internet traffic, you can run it with the"
+ einfo "\"default-route\" argument. You may not use this server for any abusive or illegal"
+ einfo "purposes. It is for quick testing only."
+ einfo
+ einfo "More info on getting started can be found at: https://www.wireguard.com/quickstart/"
+ einfo
+ fi
+ if use module; then
+ local old new
+ if [[ $(uname -r) != "${KV_FULL}" ]]; then
+ ewarn
+ ewarn "You have just built WireGuard for kernel ${KV_FULL}, yet the currently running"
+ ewarn "kernel is $(uname -r). If you intend to use this WireGuard module on the currently"
+ ewarn "running machine, you will first need to reboot it into the kernel ${KV_FULL}, for"
+ ewarn "which this module was built."
+ ewarn
+ elif [[ -f /sys/module/wireguard/version ]] && \
+ old="$(< /sys/module/wireguard/version)" && \
+ new="$(modinfo -F version "${ROOT}/lib/modules/${KV_FULL}/net/wireguard.ko" 2>/dev/null)" && \
+ [[ $old != "$new" ]]; then
+ ewarn
+ ewarn "You appear to have just upgraded WireGuard from version v$old to v$new."
+ ewarn "However, the old version is still running on your system. In order to use the"
+ ewarn "new version, you will need to remove the old module and load the new one. As"
+ ewarn "root, you can accomplish this with the following commands:"
+ ewarn
+ ewarn " # rmmod wireguard"
+ ewarn " # modprobe wireguard"
+ ewarn
+ ewarn "Do note that doing this will remove current WireGuard interfaces, so you may want"
+ ewarn "to gracefully remove them yourself prior."
+ ewarn
+ fi
+ fi
+}
--
cgit v1.2.3