From 7f0ccc917c7abe6223784c703d86cd14755691fb Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 3 Jul 2021 22:39:47 +0100 Subject: gentoo resync : 03.07.2021 --- net-vpn/Manifest.gz | Bin 6911 -> 6914 bytes net-vpn/ipsec-tools/Manifest | 2 +- net-vpn/ipsec-tools/ipsec-tools-0.8.2-r7.ebuild | 283 ----------------------- net-vpn/ipsec-tools/ipsec-tools-0.8.2-r8.ebuild | 284 ++++++++++++++++++++++++ net-vpn/libreswan/Manifest | 12 +- net-vpn/libreswan/libreswan-3.32-r1.ebuild | 117 ---------- net-vpn/libreswan/libreswan-3.32-r2.ebuild | 117 ++++++++++ net-vpn/libreswan/libreswan-3.32-r3.ebuild | 117 ++++++++++ net-vpn/libreswan/libreswan-3.32.ebuild | 117 ---------- net-vpn/libreswan/libreswan-4.2-r1.ebuild | 120 ++++++++++ net-vpn/libreswan/libreswan-4.2.ebuild | 120 ---------- net-vpn/libreswan/libreswan-4.3-r1.ebuild | 120 ++++++++++ net-vpn/libreswan/libreswan-4.3.ebuild | 120 ---------- net-vpn/libreswan/libreswan-4.4-r1.ebuild | 120 ---------- net-vpn/libreswan/libreswan-4.4-r2.ebuild | 120 ++++++++++ net-vpn/libreswan/libreswan-4.4-r3.ebuild | 120 ++++++++++ net-vpn/libreswan/libreswan-4.4.ebuild | 120 ---------- net-vpn/tor/Manifest | 3 + net-vpn/tor/tor-0.4.6.6.ebuild | 108 +++++++++ 19 files changed, 1116 insertions(+), 1004 deletions(-) delete mode 100644 net-vpn/ipsec-tools/ipsec-tools-0.8.2-r7.ebuild create mode 100644 net-vpn/ipsec-tools/ipsec-tools-0.8.2-r8.ebuild delete mode 100644 net-vpn/libreswan/libreswan-3.32-r1.ebuild create mode 100644 net-vpn/libreswan/libreswan-3.32-r2.ebuild create mode 100644 net-vpn/libreswan/libreswan-3.32-r3.ebuild delete mode 100644 net-vpn/libreswan/libreswan-3.32.ebuild create mode 100644 net-vpn/libreswan/libreswan-4.2-r1.ebuild delete mode 100644 net-vpn/libreswan/libreswan-4.2.ebuild create mode 100644 net-vpn/libreswan/libreswan-4.3-r1.ebuild delete mode 100644 net-vpn/libreswan/libreswan-4.3.ebuild delete mode 100644 net-vpn/libreswan/libreswan-4.4-r1.ebuild create mode 100644 net-vpn/libreswan/libreswan-4.4-r2.ebuild create mode 100644 net-vpn/libreswan/libreswan-4.4-r3.ebuild delete mode 100644 net-vpn/libreswan/libreswan-4.4.ebuild create mode 100644 net-vpn/tor/tor-0.4.6.6.ebuild (limited to 'net-vpn') diff --git a/net-vpn/Manifest.gz b/net-vpn/Manifest.gz index 4d50f1f7b78a..28dbb9b14400 100644 Binary files a/net-vpn/Manifest.gz and b/net-vpn/Manifest.gz differ diff --git a/net-vpn/ipsec-tools/Manifest b/net-vpn/ipsec-tools/Manifest index a56bd7c1bdc5..e6bd62d7517a 100644 --- a/net-vpn/ipsec-tools/Manifest +++ b/net-vpn/ipsec-tools/Manifest @@ -13,5 +13,5 @@ AUX racoon.pam.d 156 BLAKE2B 91ebefbb1264fe3fe98df0a72ac22a4cd8a787b3b391af57697 AUX racoon.service 244 BLAKE2B f7e268518787a67e9363c936b8a9e69763c41db1926f99f3f001fdf738b0b3a92cd62770ab6cc0189cea20ca22d3abe675c832363ad77974e3f531ffbf525e7b SHA512 56d84f36b307e1ea93f3cdc9fbb7b459f4b3b65ea2bb765f61def10d06a3ff09d61b8d53b21796a55022279e791d751f3bc1ccf0d0f85799a743371390930567 DIST ipsec-tools-0.8.2.tar.bz2 866465 BLAKE2B cf8c9175d96326fc5c74e6b1921bc66911256e289e6fe9cef77f26c197546902be3ebd5696af39c749a2abaac3f42010c9e2a281fd208122cd59222044b9dd4c SHA512 2b7d0efa908d3a699be7ef8b2b126a3809956cb7add50e8efb1cfdfc2d9b70c39ef517379cb9a4fad9e5f0c25937e98535b06c32bd3e729f5129da4ab133e30f DIST ipsec-tools-add-openssl-1.1.x-support.patch 32066 BLAKE2B b8380408c90bb93f0b95938de2efc61c80d727ae61a1417134583a8c74055fcfe1f7f75893f1f701b0f301a16d8b4d14f1b8a09d1e81d238821bcc122dfe183f SHA512 f2bd85f1c51226da6fc50d3473129e4c2e3c0e46107337f8d676029b7072b98bf164b6813a16de7dd4481f80038453b55a5ff56e7f5ec08ab07641034258e778 -EBUILD ipsec-tools-0.8.2-r7.ebuild 7990 BLAKE2B 0937a1b919f7ecd9e92eb0cd95eb203bf59c962301fb3e9a19d76d2162f1396a47b26b2980c0ce0642ad14c42caa4785beb75d486fda2641328563ea4bd5582d SHA512 b91200b79a0ca57093ee15cd759ec520e9b73d58f97b3b375358b5c655eb874cec44b93a977387bc0b062bfcc4c24c7cfb0abd11dd34255ba0a41bf4a6be4659 +EBUILD ipsec-tools-0.8.2-r8.ebuild 8010 BLAKE2B 88e36224a1a75f842025580d09ab15b20b0fa233681e13a2f31f0b1e00a0dfd1675e743b9173501fef3bdfa74c7408edcacbe02e2873962f51d987a3044cc485 SHA512 5b0c199ba0aa14cb1310d7923869da27673731580eb0ecd7473bd66908ee558060ea8f621ea740854e357bce6a314cd55816c6148f7b7099e81a440c7614c1b8 MISC metadata.xml 632 BLAKE2B 705ccbcd150c7180f882207dd5e7a8b0765b58f8296be9bb299e982207d88031b770186b665ee936ca834b2b8601a78f7d2ade63b88d6aa09808b2fe3a89be87 SHA512 7636e9dd2ed9069933b2215829660c3d7c1b43d9c4ad3303cf8889618bd659f68a27994ae520ec7e327060337a196e8b720140e5b32fc6830158be0f0fff1eb8 diff --git a/net-vpn/ipsec-tools/ipsec-tools-0.8.2-r7.ebuild b/net-vpn/ipsec-tools/ipsec-tools-0.8.2-r7.ebuild deleted file mode 100644 index c1eb271650e6..000000000000 --- a/net-vpn/ipsec-tools/ipsec-tools-0.8.2-r7.ebuild +++ /dev/null @@ -1,283 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -inherit flag-o-matic autotools linux-info pam systemd - -DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation" -HOMEPAGE="http://ipsec-tools.sourceforge.net/" -SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2 - https://dev.gentoo.org/~juippis/distfiles/tmp/ipsec-tools-add-openssl-1.1.x-support.patch" - -LICENSE="BSD GPL-2" -SLOT="0" -KEYWORDS="amd64 arm ~ia64 ~mips ppc ppc64 x86" -IUSE="hybrid idea ipv6 kerberos ldap nat pam rc5 readline selinux stats" - -CDEPEND=" - dev-libs/openssl:0= - kerberos? ( virtual/krb5 ) - ldap? ( net-nds/openldap ) - pam? ( sys-libs/pam ) - readline? ( sys-libs/readline:0= ) - selinux? ( sys-libs/libselinux )" - -DEPEND="${CDEPEND} - >=sys-kernel/linux-headers-2.6.30" - -RDEPEND="${CDEPEND} - selinux? ( sec-policy/selinux-ipsec ) -" - -pkg_preinst() { - if has_version "<${CATEGORY}/${PN}-0.8.0-r5" ; then - ewarn - ewarn "\033[1;33m**************************************************\033[00m" - ewarn - if ! has_version "net-vpn/strongswan" && - ! has_version "net-misc/openswan" && - ! has_version "net-vpn/libreswan"; then - ewarn "We found an earlier version of ${PN} installed." - ewarn "As of ${PN}-0.8.0-r5, the old configuration file," - ewarn "ipsec.conf, has been changed to ipsec-tools.conf to avoid" - ewarn "a conflict with net-vpn/strongswan; bug #436144. We will" - ewarn "rename this file for you with this upgrade. However, if" - ewarn "you later downgrade, you'll have to rename the file to" - ewarn "its orignal manually or change /etc/conf.d/racoon to point" - ewarn "to the new file." - - if [[ -f /etc/ipsec.conf && ! -f /etc/ipsec-tools.conf ]] ; then - mv /etc/ipsec.conf /etc/ipsec-tools.conf - else - ewarn - ewarn "Oops! I can't move ipsec.conf to ipsec-tools.conf!" - ewarn "Either the former doesn't exist or the later does and" - ewarn "I won't clobber it. Please fix this situation manually." - fi - else - ewarn "You had both an earlier version of ${PN} and" - ewarn "net-vpn/strongswan installed. I can't tell whether" - ewarn "the configuration file, ipsec.conf, belongs to one" - ewarn "package or the other due to a file conflict; bug #436144." - ewarn "The current version of ${PN} uses ipsec-tools.conf" - ewarn "as its configuration file, as will future versions." - ewarn "Please fix this situation manually." - fi - ewarn - ewarn "\033[1;33m**************************************************\033[00m" - ewarn - fi -} - -pkg_setup() { - linux-info_pkg_setup - - get_version - - if linux_config_exists && kernel_is -ge 2 6 19; then - ewarn - ewarn "\033[1;33m**************************************************\033[00m" - ewarn - ewarn "Checking kernel configuration in /usr/src/linux or" - ewarn "or /proc/config.gz for compatibility with ${PN}." - ewarn "Here are the potential problems:" - ewarn - - local nothing="1" - - # Check options for all flavors of IPSec - local msg="" - for i in XFRM_USER NET_KEY; do - if ! linux_chkconfig_present ${i}; then - msg="${msg} ${i}" - fi - done - if [[ ! -z "$msg" ]]; then - nothing="0" - ewarn - ewarn "ALL IPSec may fail. CHECK:" - ewarn "${msg}" - fi - - # Check unencrypted IPSec - if ! linux_chkconfig_present CRYPTO_NULL; then - nothing="0" - ewarn - ewarn "Unencrypted IPSec may fail. CHECK:" - ewarn " CRYPTO_NULL" - fi - - # Check IPv4 IPSec - msg="" - for i in \ - INET_IPCOMP INET_AH INET_ESP \ - INET_XFRM_MODE_TRANSPORT \ - INET_XFRM_MODE_TUNNEL \ - INET_XFRM_MODE_BEET - do - if ! linux_chkconfig_present ${i}; then - msg="${msg} ${i}" - fi - done - if [[ ! -z "$msg" ]]; then - nothing="0" - ewarn - ewarn "IPv4 IPSec may fail. CHECK:" - ewarn "${msg}" - fi - - # Check IPv6 IPSec - if use ipv6; then - msg="" - for i in INET6_IPCOMP INET6_AH INET6_ESP \ - INET6_XFRM_MODE_TRANSPORT \ - INET6_XFRM_MODE_TUNNEL \ - INET6_XFRM_MODE_BEET - do - if ! linux_chkconfig_present ${i}; then - msg="${msg} ${i}" - fi - done - if [[ ! -z "$msg" ]]; then - nothing="0" - ewarn - ewarn "IPv6 IPSec may fail. CHECK:" - ewarn "${msg}" - fi - fi - - # Check IPSec behind NAT - if use nat; then - if ! linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; then - nothing="0" - ewarn - ewarn "IPSec behind NAT may fail. CHECK:" - ewarn " NETFILTER_XT_MATCH_POLICY" - fi - fi - - if [[ $nothing == "1" ]]; then - ewarn "NO PROBLEMS FOUND" - fi - - ewarn - ewarn "WARNING: If your *configured* and *running* kernel" - ewarn "differ either now or in the future, then these checks" - ewarn "may lead to misleading results." - ewarn - ewarn "\033[1;33m**************************************************\033[00m" - ewarn - else - eerror - eerror "\033[1;31m**************************************************\033[00m" - eerror "Make sure that your *running* kernel is/will be >=2.6.19." - eerror "Building ${PN} now, assuming that you know what you're doing." - eerror "\033[1;31m**************************************************\033[00m" - eerror - fi -} - -src_prepare() { - # fix for bug #124813 - sed -i 's:-Werror::g' "${S}"/configure.ac || die - # fix for building with gcc-4.6 - sed -i 's: -R: -Wl,-R:' "${S}"/configure.ac || die - - eapply "${FILESDIR}/${PN}-def-psk.patch" - eapply "${FILESDIR}/${PN}-include-vendoridh.patch" - eapply "${FILESDIR}"/${PN}-0.8.0-sysctl.patch #425770 - eapply "${FILESDIR}"/${PN}-CVE-2015-4047.patch - eapply "${DISTDIR}"/${PN}-add-openssl-1.1.x-support.patch - eapply "${FILESDIR}"/${PN}-CVE-2016-10396.patch - AT_M4DIR="${S}" eautoreconf - - eapply_user -} - -src_configure() { - #--with-{libiconv,libradius} lead to "Broken getaddrinfo()" - #--enable-samode-unspec is not supported in linux - local myconf - myconf="--with-kernel-headers=/usr/include \ - --enable-adminport \ - --enable-dependency-tracking \ - --enable-dpd \ - --enable-frag \ - --without-libiconv \ - --without-libradius \ - --disable-samode-unspec \ - $(use_enable idea) \ - $(use_enable ipv6) \ - $(use_enable kerberos gssapi) \ - $(use_with ldap libldap) \ - $(use_enable nat natt) \ - $(use_with pam libpam) \ - $(use_enable rc5) \ - $(use_with readline) \ - $(use_enable selinux security-context) \ - $(use_enable stats)" - - use nat && myconf="${myconf} --enable-natt-versions=yes" - - # enable mode-cfg and xauth support - if use pam; then - myconf="${myconf} --enable-hybrid" - else - myconf="${myconf} $(use_enable hybrid)" - fi - - econf ${myconf} -} - -src_install() { - emake DESTDIR="${D}" install - keepdir /var/lib/racoon - newconfd "${FILESDIR}"/racoon.conf.d-r2 racoon - newinitd "${FILESDIR}"/racoon.init.d-r3 racoon - systemd_dounit "${FILESDIR}/ipsec-tools.service" - systemd_dounit "${FILESDIR}/racoon.service" - use pam && newpamd "${FILESDIR}"/racoon.pam.d racoon - - insinto /etc - doins "${FILESDIR}"/ipsec-tools.conf - insinto /etc/racoon - doins "${FILESDIR}"/racoon.conf - doins "${FILESDIR}"/psk.txt - chmod 400 "${D}"/etc/racoon/psk.txt - - dodoc ChangeLog README NEWS - dodoc -r src/racoon/samples - dodoc -r src/racoon/doc - docinto samples - newdoc src/setkey/sample.cf ipsec-tools.conf -} - -pkg_postinst() { - if use nat; then - elog - elog "You have enabled the nat traversal functionnality." - elog "Nat versions wich are enabled by default are 00,02,rfc" - elog "you can find those drafts in the CVS repository:" - elog "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools" - elog - elog "If you feel brave enough and you know what you are" - elog "doing, you can consider emerging this ebuild with" - elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\"" - elog - fi - - if use ldap; then - elog - elog "You have enabled ldap support with ${PN}." - elog "The man page does NOT contain any information on it yet." - elog "Consider using a more recent version or CVS." - elog - fi - - elog - elog "Please have a look in /usr/share/doc/${P} and visit" - elog "http://www.netbsd.org/Documentation/network/ipsec/" - elog "to find more information on how to configure this tool." - elog -} diff --git a/net-vpn/ipsec-tools/ipsec-tools-0.8.2-r8.ebuild b/net-vpn/ipsec-tools/ipsec-tools-0.8.2-r8.ebuild new file mode 100644 index 000000000000..f5bcdfcd4ab9 --- /dev/null +++ b/net-vpn/ipsec-tools/ipsec-tools-0.8.2-r8.ebuild @@ -0,0 +1,284 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit flag-o-matic autotools linux-info pam systemd + +DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation" +HOMEPAGE="http://ipsec-tools.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2 + https://dev.gentoo.org/~juippis/distfiles/tmp/ipsec-tools-add-openssl-1.1.x-support.patch" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="amd64 arm ~ia64 ~mips ppc ppc64 x86" +IUSE="hybrid idea ipv6 kerberos ldap nat pam rc5 readline selinux stats" + +CDEPEND=" + dev-libs/openssl:0= + virtual/libcrypt:= + kerberos? ( virtual/krb5 ) + ldap? ( net-nds/openldap ) + pam? ( sys-libs/pam ) + readline? ( sys-libs/readline:0= ) + selinux? ( sys-libs/libselinux )" + +DEPEND="${CDEPEND} + >=sys-kernel/linux-headers-2.6.30" + +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-ipsec ) +" + +pkg_preinst() { + if has_version "<${CATEGORY}/${PN}-0.8.0-r5" ; then + ewarn + ewarn "\033[1;33m**************************************************\033[00m" + ewarn + if ! has_version "net-vpn/strongswan" && + ! has_version "net-misc/openswan" && + ! has_version "net-vpn/libreswan"; then + ewarn "We found an earlier version of ${PN} installed." + ewarn "As of ${PN}-0.8.0-r5, the old configuration file," + ewarn "ipsec.conf, has been changed to ipsec-tools.conf to avoid" + ewarn "a conflict with net-vpn/strongswan; bug #436144. We will" + ewarn "rename this file for you with this upgrade. However, if" + ewarn "you later downgrade, you'll have to rename the file to" + ewarn "its orignal manually or change /etc/conf.d/racoon to point" + ewarn "to the new file." + + if [[ -f /etc/ipsec.conf && ! -f /etc/ipsec-tools.conf ]] ; then + mv /etc/ipsec.conf /etc/ipsec-tools.conf + else + ewarn + ewarn "Oops! I can't move ipsec.conf to ipsec-tools.conf!" + ewarn "Either the former doesn't exist or the later does and" + ewarn "I won't clobber it. Please fix this situation manually." + fi + else + ewarn "You had both an earlier version of ${PN} and" + ewarn "net-vpn/strongswan installed. I can't tell whether" + ewarn "the configuration file, ipsec.conf, belongs to one" + ewarn "package or the other due to a file conflict; bug #436144." + ewarn "The current version of ${PN} uses ipsec-tools.conf" + ewarn "as its configuration file, as will future versions." + ewarn "Please fix this situation manually." + fi + ewarn + ewarn "\033[1;33m**************************************************\033[00m" + ewarn + fi +} + +pkg_setup() { + linux-info_pkg_setup + + get_version + + if linux_config_exists && kernel_is -ge 2 6 19; then + ewarn + ewarn "\033[1;33m**************************************************\033[00m" + ewarn + ewarn "Checking kernel configuration in /usr/src/linux or" + ewarn "or /proc/config.gz for compatibility with ${PN}." + ewarn "Here are the potential problems:" + ewarn + + local nothing="1" + + # Check options for all flavors of IPSec + local msg="" + for i in XFRM_USER NET_KEY; do + if ! linux_chkconfig_present ${i}; then + msg="${msg} ${i}" + fi + done + if [[ ! -z "$msg" ]]; then + nothing="0" + ewarn + ewarn "ALL IPSec may fail. CHECK:" + ewarn "${msg}" + fi + + # Check unencrypted IPSec + if ! linux_chkconfig_present CRYPTO_NULL; then + nothing="0" + ewarn + ewarn "Unencrypted IPSec may fail. CHECK:" + ewarn " CRYPTO_NULL" + fi + + # Check IPv4 IPSec + msg="" + for i in \ + INET_IPCOMP INET_AH INET_ESP \ + INET_XFRM_MODE_TRANSPORT \ + INET_XFRM_MODE_TUNNEL \ + INET_XFRM_MODE_BEET + do + if ! linux_chkconfig_present ${i}; then + msg="${msg} ${i}" + fi + done + if [[ ! -z "$msg" ]]; then + nothing="0" + ewarn + ewarn "IPv4 IPSec may fail. CHECK:" + ewarn "${msg}" + fi + + # Check IPv6 IPSec + if use ipv6; then + msg="" + for i in INET6_IPCOMP INET6_AH INET6_ESP \ + INET6_XFRM_MODE_TRANSPORT \ + INET6_XFRM_MODE_TUNNEL \ + INET6_XFRM_MODE_BEET + do + if ! linux_chkconfig_present ${i}; then + msg="${msg} ${i}" + fi + done + if [[ ! -z "$msg" ]]; then + nothing="0" + ewarn + ewarn "IPv6 IPSec may fail. CHECK:" + ewarn "${msg}" + fi + fi + + # Check IPSec behind NAT + if use nat; then + if ! linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; then + nothing="0" + ewarn + ewarn "IPSec behind NAT may fail. CHECK:" + ewarn " NETFILTER_XT_MATCH_POLICY" + fi + fi + + if [[ $nothing == "1" ]]; then + ewarn "NO PROBLEMS FOUND" + fi + + ewarn + ewarn "WARNING: If your *configured* and *running* kernel" + ewarn "differ either now or in the future, then these checks" + ewarn "may lead to misleading results." + ewarn + ewarn "\033[1;33m**************************************************\033[00m" + ewarn + else + eerror + eerror "\033[1;31m**************************************************\033[00m" + eerror "Make sure that your *running* kernel is/will be >=2.6.19." + eerror "Building ${PN} now, assuming that you know what you're doing." + eerror "\033[1;31m**************************************************\033[00m" + eerror + fi +} + +src_prepare() { + # fix for bug #124813 + sed -i 's:-Werror::g' "${S}"/configure.ac || die + # fix for building with gcc-4.6 + sed -i 's: -R: -Wl,-R:' "${S}"/configure.ac || die + + eapply "${FILESDIR}/${PN}-def-psk.patch" + eapply "${FILESDIR}/${PN}-include-vendoridh.patch" + eapply "${FILESDIR}"/${PN}-0.8.0-sysctl.patch #425770 + eapply "${FILESDIR}"/${PN}-CVE-2015-4047.patch + eapply "${DISTDIR}"/${PN}-add-openssl-1.1.x-support.patch + eapply "${FILESDIR}"/${PN}-CVE-2016-10396.patch + AT_M4DIR="${S}" eautoreconf + + eapply_user +} + +src_configure() { + #--with-{libiconv,libradius} lead to "Broken getaddrinfo()" + #--enable-samode-unspec is not supported in linux + local myconf + myconf="--with-kernel-headers=/usr/include \ + --enable-adminport \ + --enable-dependency-tracking \ + --enable-dpd \ + --enable-frag \ + --without-libiconv \ + --without-libradius \ + --disable-samode-unspec \ + $(use_enable idea) \ + $(use_enable ipv6) \ + $(use_enable kerberos gssapi) \ + $(use_with ldap libldap) \ + $(use_enable nat natt) \ + $(use_with pam libpam) \ + $(use_enable rc5) \ + $(use_with readline) \ + $(use_enable selinux security-context) \ + $(use_enable stats)" + + use nat && myconf="${myconf} --enable-natt-versions=yes" + + # enable mode-cfg and xauth support + if use pam; then + myconf="${myconf} --enable-hybrid" + else + myconf="${myconf} $(use_enable hybrid)" + fi + + econf ${myconf} +} + +src_install() { + emake DESTDIR="${D}" install + keepdir /var/lib/racoon + newconfd "${FILESDIR}"/racoon.conf.d-r2 racoon + newinitd "${FILESDIR}"/racoon.init.d-r3 racoon + systemd_dounit "${FILESDIR}/ipsec-tools.service" + systemd_dounit "${FILESDIR}/racoon.service" + use pam && newpamd "${FILESDIR}"/racoon.pam.d racoon + + insinto /etc + doins "${FILESDIR}"/ipsec-tools.conf + insinto /etc/racoon + doins "${FILESDIR}"/racoon.conf + doins "${FILESDIR}"/psk.txt + chmod 400 "${D}"/etc/racoon/psk.txt + + dodoc ChangeLog README NEWS + dodoc -r src/racoon/samples + dodoc -r src/racoon/doc + docinto samples + newdoc src/setkey/sample.cf ipsec-tools.conf +} + +pkg_postinst() { + if use nat; then + elog + elog "You have enabled the nat traversal functionnality." + elog "Nat versions wich are enabled by default are 00,02,rfc" + elog "you can find those drafts in the CVS repository:" + elog "cvs -d anoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools" + elog + elog "If you feel brave enough and you know what you are" + elog "doing, you can consider emerging this ebuild with" + elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\"" + elog + fi + + if use ldap; then + elog + elog "You have enabled ldap support with ${PN}." + elog "The man page does NOT contain any information on it yet." + elog "Consider using a more recent version or CVS." + elog + fi + + elog + elog "Please have a look in /usr/share/doc/${P} and visit" + elog "http://www.netbsd.org/Documentation/network/ipsec/" + elog "to find more information on how to configure this tool." + elog +} diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest index 168d236c4e0d..477aaf9f7871 100644 --- a/net-vpn/libreswan/Manifest +++ b/net-vpn/libreswan/Manifest @@ -5,10 +5,10 @@ DIST libreswan-3.32.tar.gz 4141631 BLAKE2B 37a4cb5c1f52d69b17ba60abd2b7a181d9f55 DIST libreswan-4.2.tar.gz 3467095 BLAKE2B 0630e9f7cf7ce6182712b4837688fd6b7a1ad1644f167f7ded4e63c7a0aac960a38d903cefbf0189da22b6ddb8c15f217ff3134f220b64020812789c1a196d29 SHA512 290be2e36fb41959c9889597aad8ab5df1edc1999ed7315e8f2e50213de073732c91ad497a2b5634f7bc83bca84089ef9f711420a77309c6cce243f1419a2d0f DIST libreswan-4.3.tar.gz 3489322 BLAKE2B 36908bf043fb1085f40b4a5f35ca6dc1563e1a1701f9cced9cb6765094bb2ef603b6d6d4b076a333d540f6454c10b6350d9b8c20de8bc3f27b19915b4cf42b9f SHA512 4687c867d34655cd33997edf4ab7887b2121af41c99d1bd9c794fce1c1eef412f5528de7a338e92a44c1c5d0aaa8fbeb756b89849fcad3deb45a418751e64045 DIST libreswan-4.4.tar.gz 3503201 BLAKE2B c6c5cb2d7141afe52128e71051fd39b058a06fe4972074c853dbba2937f4c113548392d9c202badac5c1350e4d05f60d4a4d0aed453b1ee91c38a3245b0cf209 SHA512 108b2ac7a36454c48ce448a83ddd81e72d7fbb7cf8b042116d9bd31f195cdab4ccd6311d72af7ab4cc6d054df50d30a6bfc50b56fe7cbfd35d54a68804a6678b -EBUILD libreswan-3.32-r1.ebuild 3165 BLAKE2B c0144e07373f076366d0baeb9c9c2472edc6c07f7fbb6ee37c7865ea37cdf4476e3f3119c51efeb1ac4ba54caad84a14727811387cf6eacd3be9724a5ede7b1d SHA512 1bd84beadae36e45f948b0c902e5ee4058c79a26a7d72b985bda62bfe3267e468f0c6ea970fe73f70e34332a286fe3c8da9f6e8b34b5f3c9d8eb742508b40344 -EBUILD libreswan-3.32.ebuild 3127 BLAKE2B dfd79e648967070d3a2ae7018873647a03d162bf904f4f70fa7d2baf9969d7912407a56869986f0c83675e65e5f27e5622ffccf4c6b1b3bcecb3200472976372 SHA512 5937f4ee0eba31fa8cbfcb477e19e5d2f74b1fafba9be035cdb64e88e80d5bc0acfd6dd995de54e449be6a8ff01a893ad64d578d4eb7b5e72f42f748fc829333 -EBUILD libreswan-4.2.ebuild 3235 BLAKE2B ede91ac9228feaa6214ff1dffea92cf16c648b29062a3fefa6e6d3b79959b9f48803083b3ba52a40ce4811885b4aae56d79358ef5f9bc701063a464f187084da SHA512 5e3c1d537cc97237bceb852fdf230b6f1136e8f8ebc83550558920a5c87a029c9cdd26f29e59284ec832997dd2dc1f12d25e9d0b6473e625e3d84b37bf3464e4 -EBUILD libreswan-4.3.ebuild 3233 BLAKE2B 7d2fd3d94ab3ebac9e897dffb43b79505f8d5c7e3100e3dc2e820fe80bac5a417bbb23968f55c54feca0487c421516c4e1666980f3202688d793ad8f28a87774 SHA512 876cbeb37aa07e835cdeb0516cd1644a3e5c3e4cc99fd0705cba059a25ae031ca9ee89fcd5cc193a9fcd0c61197222fe91037eb5f24ad888a3544b6a035efbf7 -EBUILD libreswan-4.4-r1.ebuild 3258 BLAKE2B 72f63679f9d1843f353b0a7f9aae160f48225027db485cdfb2d1ae6a21de93e1413eb67fff8fcbaf9cf71cf328ccf166bc54ac5b8ce392981ab028667f6313a6 SHA512 b822898f3f4e5f59cd6a11f38cdeac706ce91aace2983f06e6f104a4dbe1b04779bc3d316a1fa05f627e713f546ad00ae62d76a6cb54a436ce23c6efd3abb56a -EBUILD libreswan-4.4.ebuild 3234 BLAKE2B 143f40fec250b0881debe84cd3c0cb8d50ec34a11adac86219aed85fc2fee17fd06f8ff08b84d374b75cbf7d60c9fe3a1ac42b5e4139f989aac44271705a1b32 SHA512 9ef260303dc15516da39ebf0895d830b80c60d586b76de5c142f5ffd1f64435ffc576dae9a334264ed46aff160d15e73294b3643669f4d54f5cc12d8e0177100 +EBUILD libreswan-3.32-r2.ebuild 3148 BLAKE2B 6cab669035cf47b752d732a6a20817c19a84b7800a2ae87d3eccddcf10e8173473b672550480f29313732e88dfb778372ac40402fb2024b70677cd59efd637f1 SHA512 0e69e88ea4cd5e3bab996dbe98f9acf0597a7b4d3e374ce800c96d5c028cbf855834111f30feaf474ececa452f5f85b591593eb2d7001df93df9cfbc0aca6481 +EBUILD libreswan-3.32-r3.ebuild 3186 BLAKE2B 934834dd11293ee4cb44fb47ce653b14732900d20e25cb19717b50d12aa95c15900dfc798924e4ba3fda6faf0e5cf52bf830b7e74e21b3ef00f463504b82ccd3 SHA512 e934097109c1c80d40d1c37c88fe5b95da12aa74b5a7c54c705238c568344434e69c33fcd2dcbcd67ef83a95a96c2f63950e54928098e7648edf6335d7c64617 +EBUILD libreswan-4.2-r1.ebuild 3256 BLAKE2B b81f41dfd5e11055bdb1d09cc9baa346d3c69e81b8af6409cf53fa5c80fec64d8828e0234bfdb440bd7804108a9f64b06c14f8be0525c15ff8a92cdac7e3b2f5 SHA512 92d40027482f414ac657ce35ae7972a2a21bcebe4723855d5681989df9c7e991005c918309ea4520035ec605184da09485eb24a1968253fae02c265bbf781173 +EBUILD libreswan-4.3-r1.ebuild 3254 BLAKE2B 5fb21f11ed9e7253eb9740f1737fe8cc82053b1c316303061123af49a596cb99448082d55e4e9e11d270a72fcc720bfe9ae49110d9fb75644aad41bee9a4eba9 SHA512 c9f0346125076b49759a39e1b0f2c789d83aa4a722fb8ef3a42c237482b3177e16661408129e50c833ab2af79b12e6c1f3dab602913b28ed70f0d57e3f08695f +EBUILD libreswan-4.4-r2.ebuild 3255 BLAKE2B 0fd9390917bafbd16448d59dfd5b4011dc30cd09a8980fd5fe6fc9c7d304426d209d85c267af2b3548dd4faba6e6960b19b16894c22c41675c24323710f6f333 SHA512 d4f7ddf6c3308244c664366e7a7b4b72ca326cafc6d2fd7e94d310f6f4035a57d51aee415bb45986b8b98acfcb726125a525a9d4016f96130413ff953befffd3 +EBUILD libreswan-4.4-r3.ebuild 3279 BLAKE2B f96faf835838ee300e76d5f9744720c52c65e8c51fad5b337b3f87d5f6baa0c343eae666fff3f19b16a4a3272b5553096a73d9da5ebf9eb3eda1e04fd0796692 SHA512 41db2c0328c4d270c812f48510205a10b06a2dd62c32fc65104dd01c2cb4dfcd6e4d989e2d657451fbc281d3a3e3c612863fdb0aaae17cb48060bb4a801e310f MISC metadata.xml 319 BLAKE2B 6bae0756e29efeb1cf77d60f7e38fe62ffa5f24c3745e07900e6ef5f65194c50f6a479d97fdcc24804ccdcfefd9707b12f08dffe613fcf798afc421826de36e4 SHA512 924161f15c0f7a9666a6d7a422b45da679190e1a0f2859b997ddd753cbf49df9da337e5420040210736f76fa712dca3ec8862480f62bd321de71e74bee7c0865 diff --git a/net-vpn/libreswan/libreswan-3.32-r1.ebuild b/net-vpn/libreswan/libreswan-3.32-r1.ebuild deleted file mode 100644 index 594a265b4671..000000000000 --- a/net-vpn/libreswan/libreswan-3.32-r1.ebuild +++ /dev/null @@ -1,117 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit systemd toolchain-funcs - -SRC_URI="https://download.libreswan.org/${P}.tar.gz" -KEYWORDS="~amd64 ~arm ~ppc ~x86" - -DESCRIPTION="IPsec implementation for Linux, fork of Openswan" -HOMEPAGE="https://libreswan.org/" - -LICENSE="GPL-2 BSD-4 RSA DES" -SLOT="0" -IUSE="caps curl dnssec ldap pam seccomp selinux systemd test" -RESTRICT="!test? ( test )" - -DEPEND=" - dev-libs/gmp:0= - dev-libs/libevent:0= - dev-libs/nspr - >=dev-libs/nss-3.42 - >=sys-kernel/linux-headers-4.19 - caps? ( sys-libs/libcap-ng ) - curl? ( net-misc/curl ) - dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns ) - ldap? ( net-nds/openldap ) - pam? ( sys-libs/pam ) - seccomp? ( sys-libs/libseccomp ) - selinux? ( sys-libs/libselinux ) - systemd? ( sys-apps/systemd:0= ) -" -BDEPEND=" - app-text/docbook-xml-dtd:4.1.2 - app-text/xmlto - dev-libs/nss - sys-devel/bison - sys-devel/flex - virtual/pkgconfig - test? ( dev-python/setproctitle ) -" -RDEPEND="${DEPEND} - dev-libs/nss[utils(+)] - sys-apps/iproute2 - !net-vpn/strongswan - selinux? ( sec-policy/selinux-ipsec ) -" - -usetf() { - usex "$1" true false -} - -PATCHES=( "${FILESDIR}/${PN}-3.30-ip-path.patch" "${FILESDIR}/${P}-nss-compat.patch" ) - -src_prepare() { - sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die - sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die - default -} - -src_configure() { - tc-export AR CC - export INC_USRLOCAL=/usr - export INC_MANDIR=share/man - export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} - export FINALDOCDIR=/usr/share/doc/${PF}/html - export INITSYSTEM=openrc - export INC_RCDIRS= - export INC_RCDEFAULT=/etc/init.d - export USERCOMPILE= - export USERLINK= - export USE_DNSSEC=$(usetf dnssec) - export USE_LABELED_IPSEC=$(usetf selinux) - export USE_LIBCAP_NG=$(usetf caps) - export USE_LIBCURL=$(usetf curl) - export USE_LINUX_AUDIT=$(usetf selinux) - export USE_LDAP=$(usetf ldap) - export USE_SECCOMP=$(usetf seccomp) - export USE_SYSTEMD_WATCHDOG=$(usetf systemd) - export SD_WATCHDOGSEC=$(usex systemd 200 0) - export USE_XAUTHPAM=$(usetf pam) - export DEBUG_CFLAGS= - export OPTIMIZE_CFLAGS= - export WERROR_CFLAGS= -} - -src_compile() { - emake all - emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all -} - -src_test() { - : # integration tests only that require set of kvms to be set up -} - -src_install() { - default - emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install - - echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets - fperms 0600 /etc/ipsec.secrets - - dodoc -r docs - - find "${D}" -type d -empty -delete || die -} - -pkg_postinst() { - local IPSEC_CONFDIR=${ROOT}/etc/ipsec.d - if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then - ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" - certutil -N -d "${IPSEC_CONFDIR}" --empty-password - eend $? - einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" - fi -} diff --git a/net-vpn/libreswan/libreswan-3.32-r2.ebuild b/net-vpn/libreswan/libreswan-3.32-r2.ebuild new file mode 100644 index 000000000000..a2dd7437d923 --- /dev/null +++ b/net-vpn/libreswan/libreswan-3.32-r2.ebuild @@ -0,0 +1,117 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit systemd toolchain-funcs + +DESCRIPTION="IPsec implementation for Linux, fork of Openswan" +HOMEPAGE="https://libreswan.org/" +SRC_URI="https://download.libreswan.org/${P}.tar.gz" + +LICENSE="GPL-2 BSD-4 RSA DES" +SLOT="0" +KEYWORDS="amd64 ~arm ~ppc x86" +IUSE="caps curl dnssec ldap pam seccomp selinux systemd test" +RESTRICT="!test? ( test )" + +DEPEND=" + dev-libs/gmp:0= + dev-libs/libevent:0= + dev-libs/nspr + >=dev-libs/nss-3.42 + >=sys-kernel/linux-headers-4.19 + virtual/libcrypt:= + caps? ( sys-libs/libcap-ng ) + curl? ( net-misc/curl ) + dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns:= ) + ldap? ( net-nds/openldap ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + systemd? ( sys-apps/systemd:0= ) +" +BDEPEND=" + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + dev-libs/nss + sys-devel/bison + sys-devel/flex + virtual/pkgconfig + test? ( dev-python/setproctitle ) +" +RDEPEND="${DEPEND} + dev-libs/nss[utils(+)] + sys-apps/iproute2 + !net-vpn/strongswan + selinux? ( sec-policy/selinux-ipsec ) +" + +usetf() { + usex "$1" true false +} + +PATCHES=( "${FILESDIR}/${PN}-3.30-ip-path.patch" ) + +src_prepare() { + sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die + sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die + default +} + +src_configure() { + tc-export AR CC + export INC_USRLOCAL=/usr + export INC_MANDIR=share/man + export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} + export FINALDOCDIR=/usr/share/doc/${PF}/html + export INITSYSTEM=openrc + export INC_RCDIRS= + export INC_RCDEFAULT=/etc/init.d + export USERCOMPILE= + export USERLINK= + export USE_DNSSEC=$(usetf dnssec) + export USE_LABELED_IPSEC=$(usetf selinux) + export USE_LIBCAP_NG=$(usetf caps) + export USE_LIBCURL=$(usetf curl) + export USE_LINUX_AUDIT=$(usetf selinux) + export USE_LDAP=$(usetf ldap) + export USE_SECCOMP=$(usetf seccomp) + export USE_SYSTEMD_WATCHDOG=$(usetf systemd) + export SD_WATCHDOGSEC=$(usex systemd 200 0) + export USE_XAUTHPAM=$(usetf pam) + export DEBUG_CFLAGS= + export OPTIMIZE_CFLAGS= + export WERROR_CFLAGS= +} + +src_compile() { + emake all + emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all +} + +src_test() { + : # integration tests only that require set of kvms to be set up +} + +src_install() { + default + emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install + + echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets + fperms 0600 /etc/ipsec.secrets + + dodoc -r docs + + find "${D}" -type d -empty -delete || die +} + +pkg_postinst() { + local IPSEC_CONFDIR=${ROOT}/etc/ipsec.d + if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then + ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" + certutil -N -d "${IPSEC_CONFDIR}" --empty-password + eend $? + einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" + fi +} diff --git a/net-vpn/libreswan/libreswan-3.32-r3.ebuild b/net-vpn/libreswan/libreswan-3.32-r3.ebuild new file mode 100644 index 000000000000..0cae2c0bd2c0 --- /dev/null +++ b/net-vpn/libreswan/libreswan-3.32-r3.ebuild @@ -0,0 +1,117 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit systemd toolchain-funcs + +DESCRIPTION="IPsec implementation for Linux, fork of Openswan" +HOMEPAGE="https://libreswan.org/" +SRC_URI="https://download.libreswan.org/${P}.tar.gz" + +LICENSE="GPL-2 BSD-4 RSA DES" +SLOT="0" +KEYWORDS="~amd64 ~arm ~ppc ~x86" +IUSE="caps curl dnssec ldap pam seccomp selinux systemd test" +RESTRICT="!test? ( test )" + +DEPEND=" + dev-libs/gmp:0= + dev-libs/libevent:0= + dev-libs/nspr + >=dev-libs/nss-3.42 + >=sys-kernel/linux-headers-4.19 + virtual/libcrypt:= + caps? ( sys-libs/libcap-ng ) + curl? ( net-misc/curl ) + dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns:= ) + ldap? ( net-nds/openldap ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + systemd? ( sys-apps/systemd:0= ) +" +BDEPEND=" + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + dev-libs/nss + sys-devel/bison + sys-devel/flex + virtual/pkgconfig + test? ( dev-python/setproctitle ) +" +RDEPEND="${DEPEND} + dev-libs/nss[utils(+)] + sys-apps/iproute2 + !net-vpn/strongswan + selinux? ( sec-policy/selinux-ipsec ) +" + +usetf() { + usex "$1" true false +} + +PATCHES=( "${FILESDIR}/${PN}-3.30-ip-path.patch" "${FILESDIR}/${P}-nss-compat.patch" ) + +src_prepare() { + sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die + sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die + default +} + +src_configure() { + tc-export AR CC + export INC_USRLOCAL=/usr + export INC_MANDIR=share/man + export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} + export FINALDOCDIR=/usr/share/doc/${PF}/html + export INITSYSTEM=openrc + export INC_RCDIRS= + export INC_RCDEFAULT=/etc/init.d + export USERCOMPILE= + export USERLINK= + export USE_DNSSEC=$(usetf dnssec) + export USE_LABELED_IPSEC=$(usetf selinux) + export USE_LIBCAP_NG=$(usetf caps) + export USE_LIBCURL=$(usetf curl) + export USE_LINUX_AUDIT=$(usetf selinux) + export USE_LDAP=$(usetf ldap) + export USE_SECCOMP=$(usetf seccomp) + export USE_SYSTEMD_WATCHDOG=$(usetf systemd) + export SD_WATCHDOGSEC=$(usex systemd 200 0) + export USE_XAUTHPAM=$(usetf pam) + export DEBUG_CFLAGS= + export OPTIMIZE_CFLAGS= + export WERROR_CFLAGS= +} + +src_compile() { + emake all + emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all +} + +src_test() { + : # integration tests only that require set of kvms to be set up +} + +src_install() { + default + emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install + + echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets + fperms 0600 /etc/ipsec.secrets + + dodoc -r docs + + find "${D}" -type d -empty -delete || die +} + +pkg_postinst() { + local IPSEC_CONFDIR=${ROOT}/etc/ipsec.d + if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then + ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" + certutil -N -d "${IPSEC_CONFDIR}" --empty-password + eend $? + einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" + fi +} diff --git a/net-vpn/libreswan/libreswan-3.32.ebuild b/net-vpn/libreswan/libreswan-3.32.ebuild deleted file mode 100644 index 88f6f4c6f123..000000000000 --- a/net-vpn/libreswan/libreswan-3.32.ebuild +++ /dev/null @@ -1,117 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit systemd toolchain-funcs - -SRC_URI="https://download.libreswan.org/${P}.tar.gz" -KEYWORDS="amd64 ~arm ~ppc x86" - -DESCRIPTION="IPsec implementation for Linux, fork of Openswan" -HOMEPAGE="https://libreswan.org/" - -LICENSE="GPL-2 BSD-4 RSA DES" -SLOT="0" -IUSE="caps curl dnssec ldap pam seccomp selinux systemd test" -RESTRICT="!test? ( test )" - -DEPEND=" - dev-libs/gmp:0= - dev-libs/libevent:0= - dev-libs/nspr - >=dev-libs/nss-3.42 - >=sys-kernel/linux-headers-4.19 - caps? ( sys-libs/libcap-ng ) - curl? ( net-misc/curl ) - dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns ) - ldap? ( net-nds/openldap ) - pam? ( sys-libs/pam ) - seccomp? ( sys-libs/libseccomp ) - selinux? ( sys-libs/libselinux ) - systemd? ( sys-apps/systemd:0= ) -" -BDEPEND=" - app-text/docbook-xml-dtd:4.1.2 - app-text/xmlto - dev-libs/nss - sys-devel/bison - sys-devel/flex - virtual/pkgconfig - test? ( dev-python/setproctitle ) -" -RDEPEND="${DEPEND} - dev-libs/nss[utils(+)] - sys-apps/iproute2 - !net-vpn/strongswan - selinux? ( sec-policy/selinux-ipsec ) -" - -usetf() { - usex "$1" true false -} - -PATCHES=( "${FILESDIR}/${PN}-3.30-ip-path.patch" ) - -src_prepare() { - sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die - sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die - default -} - -src_configure() { - tc-export AR CC - export INC_USRLOCAL=/usr - export INC_MANDIR=share/man - export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} - export FINALDOCDIR=/usr/share/doc/${PF}/html - export INITSYSTEM=openrc - export INC_RCDIRS= - export INC_RCDEFAULT=/etc/init.d - export USERCOMPILE= - export USERLINK= - export USE_DNSSEC=$(usetf dnssec) - export USE_LABELED_IPSEC=$(usetf selinux) - export USE_LIBCAP_NG=$(usetf caps) - export USE_LIBCURL=$(usetf curl) - export USE_LINUX_AUDIT=$(usetf selinux) - export USE_LDAP=$(usetf ldap) - export USE_SECCOMP=$(usetf seccomp) - export USE_SYSTEMD_WATCHDOG=$(usetf systemd) - export SD_WATCHDOGSEC=$(usex systemd 200 0) - export USE_XAUTHPAM=$(usetf pam) - export DEBUG_CFLAGS= - export OPTIMIZE_CFLAGS= - export WERROR_CFLAGS= -} - -src_compile() { - emake all - emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all -} - -src_test() { - : # integration tests only that require set of kvms to be set up -} - -src_install() { - default - emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install - - echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets - fperms 0600 /etc/ipsec.secrets - - dodoc -r docs - - find "${D}" -type d -empty -delete || die -} - -pkg_postinst() { - local IPSEC_CONFDIR=${ROOT}/etc/ipsec.d - if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then - ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" - certutil -N -d "${IPSEC_CONFDIR}" --empty-password - eend $? - einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" - fi -} diff --git a/net-vpn/libreswan/libreswan-4.2-r1.ebuild b/net-vpn/libreswan/libreswan-4.2-r1.ebuild new file mode 100644 index 000000000000..d22b2acaad21 --- /dev/null +++ b/net-vpn/libreswan/libreswan-4.2-r1.ebuild @@ -0,0 +1,120 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit systemd toolchain-funcs + +DESCRIPTION="IPsec implementation for Linux, fork of Openswan" +HOMEPAGE="https://libreswan.org/" +SRC_URI="https://download.libreswan.org/${P}.tar.gz" + +LICENSE="GPL-2 BSD-4 RSA DES" +SLOT="0" +KEYWORDS="~amd64 ~arm ~ppc ~x86" +IUSE="caps curl dnssec ldap networkmanager pam seccomp selinux systemd test" +RESTRICT="!test? ( test )" + +DEPEND=" + dev-libs/gmp:0= + dev-libs/libevent:0= + dev-libs/nspr + >=dev-libs/nss-3.42 + >=sys-kernel/linux-headers-4.19 + virtual/libcrypt:= + caps? ( sys-libs/libcap-ng ) + curl? ( net-misc/curl ) + dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns:= ) + ldap? ( net-nds/openldap ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + systemd? ( sys-apps/systemd:0= ) +" +BDEPEND=" + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + dev-libs/nss + sys-devel/bison + sys-devel/flex + virtual/pkgconfig + test? ( dev-python/setproctitle ) +" +RDEPEND="${DEPEND} + dev-libs/nss[utils(+)] + sys-apps/iproute2 + !net-vpn/strongswan + selinux? ( sec-policy/selinux-ipsec ) +" + +usetf() { + usex "$1" true false +} + +PATCHES=( "${FILESDIR}/${PN}-4.2-ip-path.patch" ) + +src_prepare() { + sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die + sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die + default +} + +src_configure() { + tc-export AR CC + export PREFIX=/usr + export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} + export FINALDOCDIR=/usr/share/doc/${PF}/html + export INITSYSTEM=openrc + export INITDDIRS= + export INITDDIR_DEFAULT=/etc/init.d + export USERCOMPILE=${CFLAGS} + export USERLINK=${LDFLAGS} + export USE_DNSSEC=$(usetf dnssec) + export USE_LABELED_IPSEC=$(usetf selinux) + export USE_LIBCAP_NG=$(usetf caps) + export USE_LIBCURL=$(usetf curl) + export USE_LINUX_AUDIT=$(usetf selinux) + export USE_LDAP=$(usetf ldap) + export USE_NM=$(usetf networkmanager) + export USE_SECCOMP=$(usetf seccomp) + export USE_SYSTEMD_WATCHDOG=$(usetf systemd) + export SD_WATCHDOGSEC=$(usex systemd 200 0) + export USE_XAUTHPAM=$(usetf pam) + export DEBUG_CFLAGS= + export OPTIMIZE_CFLAGS= + export WERROR_CFLAGS= +} + +src_compile() { + emake all + emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all +} + +src_test() { + : # integration tests only that require set of kvms to be set up +} + +src_install() { + default + emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install + + echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets + fperms 0600 /etc/ipsec.secrets + + keepdir /var/lib/ipsec/nss + fperms 0700 /var/lib/ipsec/nss + + dodoc -r docs + + find "${D}" -type d -empty -delete || die +} + +pkg_postinst() { + local IPSEC_CONFDIR=${ROOT}/var/lib/ipsec/nss + if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then + ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" + certutil -N -d "${IPSEC_CONFDIR}" --empty-password + eend $? + einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" + fi +} diff --git a/net-vpn/libreswan/libreswan-4.2.ebuild b/net-vpn/libreswan/libreswan-4.2.ebuild deleted file mode 100644 index a9a0951d564c..000000000000 --- a/net-vpn/libreswan/libreswan-4.2.ebuild +++ /dev/null @@ -1,120 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit systemd toolchain-funcs - -SRC_URI="https://download.libreswan.org/${P}.tar.gz" -KEYWORDS="~amd64 ~arm ~ppc ~x86" - -DESCRIPTION="IPsec implementation for Linux, fork of Openswan" -HOMEPAGE="https://libreswan.org/" - -LICENSE="GPL-2 BSD-4 RSA DES" -SLOT="0" -IUSE="caps curl dnssec ldap networkmanager pam seccomp selinux systemd test" -RESTRICT="!test? ( test )" - -DEPEND=" - dev-libs/gmp:0= - dev-libs/libevent:0= - dev-libs/nspr - >=dev-libs/nss-3.42 - >=sys-kernel/linux-headers-4.19 - caps? ( sys-libs/libcap-ng ) - curl? ( net-misc/curl ) - dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns ) - ldap? ( net-nds/openldap ) - pam? ( sys-libs/pam ) - seccomp? ( sys-libs/libseccomp ) - selinux? ( sys-libs/libselinux ) - systemd? ( sys-apps/systemd:0= ) -" -BDEPEND=" - app-text/docbook-xml-dtd:4.1.2 - app-text/xmlto - dev-libs/nss - sys-devel/bison - sys-devel/flex - virtual/pkgconfig - test? ( dev-python/setproctitle ) -" -RDEPEND="${DEPEND} - dev-libs/nss[utils(+)] - sys-apps/iproute2 - !net-vpn/strongswan - selinux? ( sec-policy/selinux-ipsec ) -" - -usetf() { - usex "$1" true false -} - -PATCHES=( "${FILESDIR}/${PN}-4.2-ip-path.patch" ) - -src_prepare() { - sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die - sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die - default -} - -src_configure() { - tc-export AR CC - export PREFIX=/usr - export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} - export FINALDOCDIR=/usr/share/doc/${PF}/html - export INITSYSTEM=openrc - export INITDDIRS= - export INITDDIR_DEFAULT=/etc/init.d - export USERCOMPILE=${CFLAGS} - export USERLINK=${LDFLAGS} - export USE_DNSSEC=$(usetf dnssec) - export USE_LABELED_IPSEC=$(usetf selinux) - export USE_LIBCAP_NG=$(usetf caps) - export USE_LIBCURL=$(usetf curl) - export USE_LINUX_AUDIT=$(usetf selinux) - export USE_LDAP=$(usetf ldap) - export USE_NM=$(usetf networkmanager) - export USE_SECCOMP=$(usetf seccomp) - export USE_SYSTEMD_WATCHDOG=$(usetf systemd) - export SD_WATCHDOGSEC=$(usex systemd 200 0) - export USE_XAUTHPAM=$(usetf pam) - export DEBUG_CFLAGS= - export OPTIMIZE_CFLAGS= - export WERROR_CFLAGS= -} - -src_compile() { - emake all - emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all -} - -src_test() { - : # integration tests only that require set of kvms to be set up -} - -src_install() { - default - emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install - - echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets - fperms 0600 /etc/ipsec.secrets - - keepdir /var/lib/ipsec/nss - fperms 0700 /var/lib/ipsec/nss - - dodoc -r docs - - find "${D}" -type d -empty -delete || die -} - -pkg_postinst() { - local IPSEC_CONFDIR=${ROOT}/var/lib/ipsec/nss - if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then - ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" - certutil -N -d "${IPSEC_CONFDIR}" --empty-password - eend $? - einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" - fi -} diff --git a/net-vpn/libreswan/libreswan-4.3-r1.ebuild b/net-vpn/libreswan/libreswan-4.3-r1.ebuild new file mode 100644 index 000000000000..8e5ba4775e4d --- /dev/null +++ b/net-vpn/libreswan/libreswan-4.3-r1.ebuild @@ -0,0 +1,120 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit systemd toolchain-funcs + +DESCRIPTION="IPsec implementation for Linux, fork of Openswan" +HOMEPAGE="https://libreswan.org/" +SRC_URI="https://download.libreswan.org/${P}.tar.gz" + +LICENSE="GPL-2 BSD-4 RSA DES" +SLOT="0" +KEYWORDS="amd64 ~arm ~ppc x86" +IUSE="caps curl dnssec ldap networkmanager pam seccomp selinux systemd test" +RESTRICT="!test? ( test )" + +DEPEND=" + dev-libs/gmp:0= + dev-libs/libevent:0= + dev-libs/nspr + >=dev-libs/nss-3.42 + >=sys-kernel/linux-headers-4.19 + virtual/libcrypt:= + caps? ( sys-libs/libcap-ng ) + curl? ( net-misc/curl ) + dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns:= ) + ldap? ( net-nds/openldap ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + systemd? ( sys-apps/systemd:0= ) +" +BDEPEND=" + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + dev-libs/nss + sys-devel/bison + sys-devel/flex + virtual/pkgconfig + test? ( dev-python/setproctitle ) +" +RDEPEND="${DEPEND} + dev-libs/nss[utils(+)] + sys-apps/iproute2 + !net-vpn/strongswan + selinux? ( sec-policy/selinux-ipsec ) +" + +usetf() { + usex "$1" true false +} + +PATCHES=( "${FILESDIR}/${PN}-4.2-ip-path.patch" ) + +src_prepare() { + sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die + sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die + default +} + +src_configure() { + tc-export AR CC + export PREFIX=/usr + export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} + export FINALDOCDIR=/usr/share/doc/${PF}/html + export INITSYSTEM=openrc + export INITDDIRS= + export INITDDIR_DEFAULT=/etc/init.d + export USERCOMPILE=${CFLAGS} + export USERLINK=${LDFLAGS} + export USE_DNSSEC=$(usetf dnssec) + export USE_LABELED_IPSEC=$(usetf selinux) + export USE_LIBCAP_NG=$(usetf caps) + export USE_LIBCURL=$(usetf curl) + export USE_LINUX_AUDIT=$(usetf selinux) + export USE_LDAP=$(usetf ldap) + export USE_NM=$(usetf networkmanager) + export USE_SECCOMP=$(usetf seccomp) + export USE_SYSTEMD_WATCHDOG=$(usetf systemd) + export SD_WATCHDOGSEC=$(usex systemd 200 0) + export USE_XAUTHPAM=$(usetf pam) + export DEBUG_CFLAGS= + export OPTIMIZE_CFLAGS= + export WERROR_CFLAGS= +} + +src_compile() { + emake all + emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all +} + +src_test() { + : # integration tests only that require set of kvms to be set up +} + +src_install() { + default + emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install + + echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets + fperms 0600 /etc/ipsec.secrets + + keepdir /var/lib/ipsec/nss + fperms 0700 /var/lib/ipsec/nss + + dodoc -r docs + + find "${D}" -type d -empty -delete || die +} + +pkg_postinst() { + local IPSEC_CONFDIR=${ROOT}/var/lib/ipsec/nss + if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then + ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" + certutil -N -d "${IPSEC_CONFDIR}" --empty-password + eend $? + einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" + fi +} diff --git a/net-vpn/libreswan/libreswan-4.3.ebuild b/net-vpn/libreswan/libreswan-4.3.ebuild deleted file mode 100644 index 5c4d8e551b72..000000000000 --- a/net-vpn/libreswan/libreswan-4.3.ebuild +++ /dev/null @@ -1,120 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit systemd toolchain-funcs - -SRC_URI="https://download.libreswan.org/${P}.tar.gz" -KEYWORDS="amd64 ~arm ~ppc x86" - -DESCRIPTION="IPsec implementation for Linux, fork of Openswan" -HOMEPAGE="https://libreswan.org/" - -LICENSE="GPL-2 BSD-4 RSA DES" -SLOT="0" -IUSE="caps curl dnssec ldap networkmanager pam seccomp selinux systemd test" -RESTRICT="!test? ( test )" - -DEPEND=" - dev-libs/gmp:0= - dev-libs/libevent:0= - dev-libs/nspr - >=dev-libs/nss-3.42 - >=sys-kernel/linux-headers-4.19 - caps? ( sys-libs/libcap-ng ) - curl? ( net-misc/curl ) - dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns ) - ldap? ( net-nds/openldap ) - pam? ( sys-libs/pam ) - seccomp? ( sys-libs/libseccomp ) - selinux? ( sys-libs/libselinux ) - systemd? ( sys-apps/systemd:0= ) -" -BDEPEND=" - app-text/docbook-xml-dtd:4.1.2 - app-text/xmlto - dev-libs/nss - sys-devel/bison - sys-devel/flex - virtual/pkgconfig - test? ( dev-python/setproctitle ) -" -RDEPEND="${DEPEND} - dev-libs/nss[utils(+)] - sys-apps/iproute2 - !net-vpn/strongswan - selinux? ( sec-policy/selinux-ipsec ) -" - -usetf() { - usex "$1" true false -} - -PATCHES=( "${FILESDIR}/${PN}-4.2-ip-path.patch" ) - -src_prepare() { - sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die - sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die - default -} - -src_configure() { - tc-export AR CC - export PREFIX=/usr - export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} - export FINALDOCDIR=/usr/share/doc/${PF}/html - export INITSYSTEM=openrc - export INITDDIRS= - export INITDDIR_DEFAULT=/etc/init.d - export USERCOMPILE=${CFLAGS} - export USERLINK=${LDFLAGS} - export USE_DNSSEC=$(usetf dnssec) - export USE_LABELED_IPSEC=$(usetf selinux) - export USE_LIBCAP_NG=$(usetf caps) - export USE_LIBCURL=$(usetf curl) - export USE_LINUX_AUDIT=$(usetf selinux) - export USE_LDAP=$(usetf ldap) - export USE_NM=$(usetf networkmanager) - export USE_SECCOMP=$(usetf seccomp) - export USE_SYSTEMD_WATCHDOG=$(usetf systemd) - export SD_WATCHDOGSEC=$(usex systemd 200 0) - export USE_XAUTHPAM=$(usetf pam) - export DEBUG_CFLAGS= - export OPTIMIZE_CFLAGS= - export WERROR_CFLAGS= -} - -src_compile() { - emake all - emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all -} - -src_test() { - : # integration tests only that require set of kvms to be set up -} - -src_install() { - default - emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install - - echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets - fperms 0600 /etc/ipsec.secrets - - keepdir /var/lib/ipsec/nss - fperms 0700 /var/lib/ipsec/nss - - dodoc -r docs - - find "${D}" -type d -empty -delete || die -} - -pkg_postinst() { - local IPSEC_CONFDIR=${ROOT}/var/lib/ipsec/nss - if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then - ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" - certutil -N -d "${IPSEC_CONFDIR}" --empty-password - eend $? - einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" - fi -} diff --git a/net-vpn/libreswan/libreswan-4.4-r1.ebuild b/net-vpn/libreswan/libreswan-4.4-r1.ebuild deleted file mode 100644 index 6932991bf6a4..000000000000 --- a/net-vpn/libreswan/libreswan-4.4-r1.ebuild +++ /dev/null @@ -1,120 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit systemd toolchain-funcs - -SRC_URI="https://download.libreswan.org/${P}.tar.gz" -KEYWORDS="~amd64 ~arm ~ppc ~x86" - -DESCRIPTION="IPsec implementation for Linux, fork of Openswan" -HOMEPAGE="https://libreswan.org/" - -LICENSE="GPL-2 BSD-4 RSA DES" -SLOT="0" -IUSE="caps curl dnssec ldap networkmanager pam seccomp selinux systemd test" -RESTRICT="!test? ( test )" - -DEPEND=" - dev-libs/gmp:0= - dev-libs/libevent:0= - dev-libs/nspr - >=dev-libs/nss-3.42 - >=sys-kernel/linux-headers-4.19 - caps? ( sys-libs/libcap-ng ) - curl? ( net-misc/curl ) - dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns ) - ldap? ( net-nds/openldap ) - pam? ( sys-libs/pam ) - seccomp? ( sys-libs/libseccomp ) - selinux? ( sys-libs/libselinux ) - systemd? ( sys-apps/systemd:0= ) -" -BDEPEND=" - app-text/docbook-xml-dtd:4.1.2 - app-text/xmlto - dev-libs/nss - sys-devel/bison - sys-devel/flex - virtual/pkgconfig - test? ( dev-python/setproctitle ) -" -RDEPEND="${DEPEND} - dev-libs/nss[utils(+)] - sys-apps/iproute2 - !net-vpn/strongswan - selinux? ( sec-policy/selinux-ipsec ) -" - -usetf() { - usex "$1" true false -} - -PATCHES=( "${FILESDIR}/${PN}-4.2-ip-path.patch" ) - -src_prepare() { - sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die - sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die - default -} - -src_configure() { - tc-export AR CC - export PREFIX=/usr - export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} - export FINALDOCDIR=/usr/share/doc/${PF}/html - export INITSYSTEM=$(usex systemd systemd openrc) - export INITDDIRS= - export INITDDIR_DEFAULT=/etc/init.d - export USERCOMPILE=${CFLAGS} - export USERLINK=${LDFLAGS} - export USE_DNSSEC=$(usetf dnssec) - export USE_LABELED_IPSEC=$(usetf selinux) - export USE_LIBCAP_NG=$(usetf caps) - export USE_LIBCURL=$(usetf curl) - export USE_LINUX_AUDIT=$(usetf selinux) - export USE_LDAP=$(usetf ldap) - export USE_NM=$(usetf networkmanager) - export USE_SECCOMP=$(usetf seccomp) - export USE_SYSTEMD_WATCHDOG=$(usetf systemd) - export SD_WATCHDOGSEC=$(usex systemd 200 0) - export USE_AUTHPAM=$(usetf pam) - export DEBUG_CFLAGS= - export OPTIMIZE_CFLAGS= - export WERROR_CFLAGS= -} - -src_compile() { - emake all - emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all -} - -src_test() { - : # integration tests only that require set of kvms to be set up -} - -src_install() { - default - emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install - - echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets - fperms 0600 /etc/ipsec.secrets - - keepdir /var/lib/ipsec/nss - fperms 0700 /var/lib/ipsec/nss - - dodoc -r docs - - find "${D}" -type d -empty -delete || die -} - -pkg_postinst() { - local IPSEC_CONFDIR=${ROOT}/var/lib/ipsec/nss - if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then - ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" - certutil -N -d "${IPSEC_CONFDIR}" --empty-password - eend $? - einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" - fi -} diff --git a/net-vpn/libreswan/libreswan-4.4-r2.ebuild b/net-vpn/libreswan/libreswan-4.4-r2.ebuild new file mode 100644 index 000000000000..5ab87e049ce3 --- /dev/null +++ b/net-vpn/libreswan/libreswan-4.4-r2.ebuild @@ -0,0 +1,120 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit systemd toolchain-funcs + +DESCRIPTION="IPsec implementation for Linux, fork of Openswan" +HOMEPAGE="https://libreswan.org/" +SRC_URI="https://download.libreswan.org/${P}.tar.gz" + +LICENSE="GPL-2 BSD-4 RSA DES" +SLOT="0" +KEYWORDS="~amd64 ~arm ~ppc ~x86" +IUSE="caps curl dnssec ldap networkmanager pam seccomp selinux systemd test" +RESTRICT="!test? ( test )" + +DEPEND=" + dev-libs/gmp:0= + dev-libs/libevent:0= + dev-libs/nspr + >=dev-libs/nss-3.42 + >=sys-kernel/linux-headers-4.19 + virtual/libcrypt:= + caps? ( sys-libs/libcap-ng ) + curl? ( net-misc/curl ) + dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns:= ) + ldap? ( net-nds/openldap ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + systemd? ( sys-apps/systemd:0= ) +" +BDEPEND=" + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + dev-libs/nss + sys-devel/bison + sys-devel/flex + virtual/pkgconfig + test? ( dev-python/setproctitle ) +" +RDEPEND="${DEPEND} + dev-libs/nss[utils(+)] + sys-apps/iproute2 + !net-vpn/strongswan + selinux? ( sec-policy/selinux-ipsec ) +" + +usetf() { + usex "$1" true false +} + +PATCHES=( "${FILESDIR}/${PN}-4.2-ip-path.patch" ) + +src_prepare() { + sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die + sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die + default +} + +src_configure() { + tc-export AR CC + export PREFIX=/usr + export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} + export FINALDOCDIR=/usr/share/doc/${PF}/html + export INITSYSTEM=openrc + export INITDDIRS= + export INITDDIR_DEFAULT=/etc/init.d + export USERCOMPILE=${CFLAGS} + export USERLINK=${LDFLAGS} + export USE_DNSSEC=$(usetf dnssec) + export USE_LABELED_IPSEC=$(usetf selinux) + export USE_LIBCAP_NG=$(usetf caps) + export USE_LIBCURL=$(usetf curl) + export USE_LINUX_AUDIT=$(usetf selinux) + export USE_LDAP=$(usetf ldap) + export USE_NM=$(usetf networkmanager) + export USE_SECCOMP=$(usetf seccomp) + export USE_SYSTEMD_WATCHDOG=$(usetf systemd) + export SD_WATCHDOGSEC=$(usex systemd 200 0) + export USE_AUTHPAM=$(usetf pam) + export DEBUG_CFLAGS= + export OPTIMIZE_CFLAGS= + export WERROR_CFLAGS= +} + +src_compile() { + emake all + emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all +} + +src_test() { + : # integration tests only that require set of kvms to be set up +} + +src_install() { + default + emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install + + echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets + fperms 0600 /etc/ipsec.secrets + + keepdir /var/lib/ipsec/nss + fperms 0700 /var/lib/ipsec/nss + + dodoc -r docs + + find "${D}" -type d -empty -delete || die +} + +pkg_postinst() { + local IPSEC_CONFDIR=${ROOT}/var/lib/ipsec/nss + if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then + ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" + certutil -N -d "${IPSEC_CONFDIR}" --empty-password + eend $? + einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" + fi +} diff --git a/net-vpn/libreswan/libreswan-4.4-r3.ebuild b/net-vpn/libreswan/libreswan-4.4-r3.ebuild new file mode 100644 index 000000000000..36d74c43e4f4 --- /dev/null +++ b/net-vpn/libreswan/libreswan-4.4-r3.ebuild @@ -0,0 +1,120 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit systemd toolchain-funcs + +DESCRIPTION="IPsec implementation for Linux, fork of Openswan" +HOMEPAGE="https://libreswan.org/" +SRC_URI="https://download.libreswan.org/${P}.tar.gz" + +LICENSE="GPL-2 BSD-4 RSA DES" +SLOT="0" +KEYWORDS="~amd64 ~arm ~ppc ~x86" +IUSE="caps curl dnssec ldap networkmanager pam seccomp selinux systemd test" +RESTRICT="!test? ( test )" + +DEPEND=" + dev-libs/gmp:0= + dev-libs/libevent:0= + dev-libs/nspr + >=dev-libs/nss-3.42 + >=sys-kernel/linux-headers-4.19 + virtual/libcrypt:= + caps? ( sys-libs/libcap-ng ) + curl? ( net-misc/curl ) + dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns:= ) + ldap? ( net-nds/openldap ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + systemd? ( sys-apps/systemd:0= ) +" +BDEPEND=" + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + dev-libs/nss + sys-devel/bison + sys-devel/flex + virtual/pkgconfig + test? ( dev-python/setproctitle ) +" +RDEPEND="${DEPEND} + dev-libs/nss[utils(+)] + sys-apps/iproute2 + !net-vpn/strongswan + selinux? ( sec-policy/selinux-ipsec ) +" + +usetf() { + usex "$1" true false +} + +PATCHES=( "${FILESDIR}/${PN}-4.2-ip-path.patch" ) + +src_prepare() { + sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die + sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die + default +} + +src_configure() { + tc-export AR CC + export PREFIX=/usr + export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} + export FINALDOCDIR=/usr/share/doc/${PF}/html + export INITSYSTEM=$(usex systemd systemd openrc) + export INITDDIRS= + export INITDDIR_DEFAULT=/etc/init.d + export USERCOMPILE=${CFLAGS} + export USERLINK=${LDFLAGS} + export USE_DNSSEC=$(usetf dnssec) + export USE_LABELED_IPSEC=$(usetf selinux) + export USE_LIBCAP_NG=$(usetf caps) + export USE_LIBCURL=$(usetf curl) + export USE_LINUX_AUDIT=$(usetf selinux) + export USE_LDAP=$(usetf ldap) + export USE_NM=$(usetf networkmanager) + export USE_SECCOMP=$(usetf seccomp) + export USE_SYSTEMD_WATCHDOG=$(usetf systemd) + export SD_WATCHDOGSEC=$(usex systemd 200 0) + export USE_AUTHPAM=$(usetf pam) + export DEBUG_CFLAGS= + export OPTIMIZE_CFLAGS= + export WERROR_CFLAGS= +} + +src_compile() { + emake all + emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all +} + +src_test() { + : # integration tests only that require set of kvms to be set up +} + +src_install() { + default + emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install + + echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets + fperms 0600 /etc/ipsec.secrets + + keepdir /var/lib/ipsec/nss + fperms 0700 /var/lib/ipsec/nss + + dodoc -r docs + + find "${D}" -type d -empty -delete || die +} + +pkg_postinst() { + local IPSEC_CONFDIR=${ROOT}/var/lib/ipsec/nss + if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then + ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" + certutil -N -d "${IPSEC_CONFDIR}" --empty-password + eend $? + einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" + fi +} diff --git a/net-vpn/libreswan/libreswan-4.4.ebuild b/net-vpn/libreswan/libreswan-4.4.ebuild deleted file mode 100644 index 4cae47b20e4d..000000000000 --- a/net-vpn/libreswan/libreswan-4.4.ebuild +++ /dev/null @@ -1,120 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit systemd toolchain-funcs - -SRC_URI="https://download.libreswan.org/${P}.tar.gz" -KEYWORDS="~amd64 ~arm ~ppc ~x86" - -DESCRIPTION="IPsec implementation for Linux, fork of Openswan" -HOMEPAGE="https://libreswan.org/" - -LICENSE="GPL-2 BSD-4 RSA DES" -SLOT="0" -IUSE="caps curl dnssec ldap networkmanager pam seccomp selinux systemd test" -RESTRICT="!test? ( test )" - -DEPEND=" - dev-libs/gmp:0= - dev-libs/libevent:0= - dev-libs/nspr - >=dev-libs/nss-3.42 - >=sys-kernel/linux-headers-4.19 - caps? ( sys-libs/libcap-ng ) - curl? ( net-misc/curl ) - dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns ) - ldap? ( net-nds/openldap ) - pam? ( sys-libs/pam ) - seccomp? ( sys-libs/libseccomp ) - selinux? ( sys-libs/libselinux ) - systemd? ( sys-apps/systemd:0= ) -" -BDEPEND=" - app-text/docbook-xml-dtd:4.1.2 - app-text/xmlto - dev-libs/nss - sys-devel/bison - sys-devel/flex - virtual/pkgconfig - test? ( dev-python/setproctitle ) -" -RDEPEND="${DEPEND} - dev-libs/nss[utils(+)] - sys-apps/iproute2 - !net-vpn/strongswan - selinux? ( sec-policy/selinux-ipsec ) -" - -usetf() { - usex "$1" true false -} - -PATCHES=( "${FILESDIR}/${PN}-4.2-ip-path.patch" ) - -src_prepare() { - sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die - sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die - default -} - -src_configure() { - tc-export AR CC - export PREFIX=/usr - export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} - export FINALDOCDIR=/usr/share/doc/${PF}/html - export INITSYSTEM=openrc - export INITDDIRS= - export INITDDIR_DEFAULT=/etc/init.d - export USERCOMPILE=${CFLAGS} - export USERLINK=${LDFLAGS} - export USE_DNSSEC=$(usetf dnssec) - export USE_LABELED_IPSEC=$(usetf selinux) - export USE_LIBCAP_NG=$(usetf caps) - export USE_LIBCURL=$(usetf curl) - export USE_LINUX_AUDIT=$(usetf selinux) - export USE_LDAP=$(usetf ldap) - export USE_NM=$(usetf networkmanager) - export USE_SECCOMP=$(usetf seccomp) - export USE_SYSTEMD_WATCHDOG=$(usetf systemd) - export SD_WATCHDOGSEC=$(usex systemd 200 0) - export USE_AUTHPAM=$(usetf pam) - export DEBUG_CFLAGS= - export OPTIMIZE_CFLAGS= - export WERROR_CFLAGS= -} - -src_compile() { - emake all - emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all -} - -src_test() { - : # integration tests only that require set of kvms to be set up -} - -src_install() { - default - emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install - - echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets - fperms 0600 /etc/ipsec.secrets - - keepdir /var/lib/ipsec/nss - fperms 0700 /var/lib/ipsec/nss - - dodoc -r docs - - find "${D}" -type d -empty -delete || die -} - -pkg_postinst() { - local IPSEC_CONFDIR=${ROOT}/var/lib/ipsec/nss - if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then - ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" - certutil -N -d "${IPSEC_CONFDIR}" --empty-password - eend $? - einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" - fi -} diff --git a/net-vpn/tor/Manifest b/net-vpn/tor/Manifest index 0367d25cf406..3669e652fae4 100644 --- a/net-vpn/tor/Manifest +++ b/net-vpn/tor/Manifest @@ -14,8 +14,11 @@ DIST tor-0.4.5.9.tar.gz 7840294 BLAKE2B 75babcbf7929fa34034ad706df1189ca7988e8c5 DIST tor-0.4.5.9.tar.gz.asc 833 BLAKE2B fca3769b683e8bb90540026dda6d2f302d499262c806f7c7215e7a30908cd46b807717fd130380d114660380166852f6a0cbb702966c6930004d04098718d582 SHA512 df538981aa19a2fa730a1e357f277f22b3cae769a1d13fa1d920a5e949d5b3770a8de9883eeaf2522c8b24327f73505569ac0f6ecf77139ddb5ef1e2418924b6 DIST tor-0.4.6.5.tar.gz 7754823 BLAKE2B bdff61863f8b48381cc52d66c54f417e90177118d6cdd1402f3ecca9783f32141f74bb979b4f8c919d9e2c6cd4373fd9a5e0e84498a26470af1fbc6eb2c7caed SHA512 62bcd8d446199cdd397a688d454730a057ef20be4152e6d0632f64df27c993c70be0dbde0a2e7679a8a20850371a503b8daf777296d555760d8aae3286e48050 DIST tor-0.4.6.5.tar.gz.asc 833 BLAKE2B 966ab724e37dd341c3ef45f2aeb7e1c928270831ea790cb6cb0e77084a0c813d66ce35c5d31d49bf9d1e9a6ecfb3d4fb6ee4424fd83183d654016d22fcb90d7e SHA512 1cf9111ba08594c716874a2b6f35a7959c5c391518ec1e5b1491d84454f3fe1c705e06dfcfd23f30e0eb619063304c430cbebc9827190df0b03ec09cecd1773c +DIST tor-0.4.6.6.tar.gz 7754194 BLAKE2B 735ba82bd61fee3fcbb8a8e39adafe72ac23a7c4a4f211d07759add2e5285277b9ae2544bd279277ffa533ab3102048b26b70987857360082dde95d1e614ca28 SHA512 9705a3e43f399d214511968fbeca0ff03d7138ed39d87bb5059989f8259f0c72fb05d06caa813ba48fa227b2b02f394e84c6efa36ab3d79d2eeb42fbe6caff07 +DIST tor-0.4.6.6.tar.gz.asc 833 BLAKE2B afbc9f93eb8b83656d5184827adeca8312cb38777dc2c7ac4219428ef56f34c641f9c9a9a0262d63cfae5c06d0260a5e21054e1a980849db44f75fe09b244abe SHA512 f9f1a3bc8704d0abc1608f3765c2edb10c02f15c44e9f918a1e85a753f9df19f7ec4a3daddd9fb876fa4fb1ff8f8054c8ae2445fed37ee086b2c750dcf3fd4cf EBUILD tor-0.4.4.9-r1.ebuild 2797 BLAKE2B 2b37de0b894e2b7088fad0463bb173a08139ca8da49507fc5718d270db00b2084f012d619e8df9f0f4821eaf78357401b23348f4ecbef53d972e486198045c8e SHA512 c2b0dd7537064d8d1cbe0eb9d213610460afa79938849232390fd512cd8498e076138f5e9fdad6b0a85b665f73c1ab62bbaac0cb07f543536bbff9dae0590915 EBUILD tor-0.4.5.7-r1.ebuild 2788 BLAKE2B 7c390e7a4789c967ce7b63b6a9505d487fc5dc7eba3b3d11d929f37a4bb4768dbd00c9547263d051aee401f8016f1abb69189acec02fa22616bfe8b3fb1cbc48 SHA512 746c9462ee787c860d3cee7deb8435b310cd1488c11dd385895fa891a43043bcacc15ed2c3df6905242f132111dbb2ac64850f21397e392e80bd09f851322fca EBUILD tor-0.4.5.9-r1.ebuild 2544 BLAKE2B 840d53158ed06452c125ac933253d01f79996b73a24293890dcd25011c969da7dd6e6a8b87bd94f7c0e9426a180e74515a29cade4702dcd14e946a6be2134cc6 SHA512 76f2944e47441bc85be06bdf05c943f5032f344d6aaa28710c79c26ff4f293879e40d463764cb03e44319d6ca7faa743456084d51f8ae3476e912b4daca00266 EBUILD tor-0.4.6.5-r1.ebuild 2742 BLAKE2B ded94096f45ce9dd6be3ed15c762f80086aff5f2590ae83b94850ef1a2827d0c436313ee27f661dc190c89ef36417c3b2e8deb89817351b8b82d6e28e3d51eb5 SHA512 489760dbb35167c927ba53f061a767d03f17d90168010907e4a89db62a394029f3ed88f86e127d13c9720f8b875832531545aee4f5fee24522554602a973c692 +EBUILD tor-0.4.6.6.ebuild 2742 BLAKE2B ded94096f45ce9dd6be3ed15c762f80086aff5f2590ae83b94850ef1a2827d0c436313ee27f661dc190c89ef36417c3b2e8deb89817351b8b82d6e28e3d51eb5 SHA512 489760dbb35167c927ba53f061a767d03f17d90168010907e4a89db62a394029f3ed88f86e127d13c9720f8b875832531545aee4f5fee24522554602a973c692 MISC metadata.xml 549 BLAKE2B af6257c0e04c7487b23edb1f5c6fce91fbb76aedf9c0357bb4f214ff4af9d6055e0c6bb32fef5c9906f461f34b5631891a681a039612c73feecff8ff77a0a3c2 SHA512 2b9d9c20a9691dd67cb5ef98e386bea8cff9ba79208373922c5a379ca8c96e021e94748d7b85e860a24063f1fc439a3adee59b3dde70cf6b35401d18518b5689 diff --git a/net-vpn/tor/tor-0.4.6.6.ebuild b/net-vpn/tor/tor-0.4.6.6.ebuild new file mode 100644 index 000000000000..5b9be817185e --- /dev/null +++ b/net-vpn/tor/tor-0.4.6.6.ebuild @@ -0,0 +1,108 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" + +PYTHON_COMPAT=( python3_{7,8,9} ) +inherit flag-o-matic python-any-r1 readme.gentoo-r1 systemd verify-sig + +MY_PV="$(ver_rs 4 -)" +MY_PF="${PN}-${MY_PV}" +DESCRIPTION="Anonymizing overlay network for TCP" +HOMEPAGE="http://www.torproject.org/" +SRC_URI="https://www.torproject.org/dist/${MY_PF}.tar.gz + https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz + verify-sig? ( https://dist.torproject.org/${MY_PF}.tar.gz.asc )" +S="${WORKDIR}/${MY_PF}" + +LICENSE="BSD GPL-2" +SLOT="0" +if [[ ${PV} != *_alpha* && ${PV} != *_beta* && ${PV} != *_rc* ]]; then + KEYWORDS="~amd64 ~arm ~arm64 ~mips ~ppc ~ppc64 ~x86 ~ppc-macos" +fi +IUSE="caps doc lzma +man scrypt seccomp selinux +server systemd tor-hardening test zstd" +VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/torproject.org.asc + +BDEPEND="verify-sig? ( app-crypt/openpgp-keys-tor )" +DEPEND=" + dev-libs/libevent:=[ssl] + sys-libs/zlib + caps? ( sys-libs/libcap ) + man? ( app-text/asciidoc ) + dev-libs/openssl:0=[-bindist(-)] + lzma? ( app-arch/xz-utils ) + scrypt? ( app-crypt/libscrypt ) + seccomp? ( >=sys-libs/libseccomp-2.4.1 ) + systemd? ( sys-apps/systemd ) + zstd? ( app-arch/zstd )" +RDEPEND=" + acct-user/tor + acct-group/tor + ${DEPEND} + selinux? ( sec-policy/selinux-tor )" + +# bug #764260 +DEPEND+=" + test? ( + ${DEPEND} + ${PYTHON_DEPS} + )" + +PATCHES=( + "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch +) + +DOCS=() + +RESTRICT="!test? ( test )" + +pkg_setup() { + use test && python-any-r1_pkg_setup +} + +src_configure() { + use doc && DOCS+=( README ChangeLog ReleaseNotes doc/HACKING ) + export ac_cv_lib_cap_cap_init=$(usex caps) + econf \ + --localstatedir="${EPREFIX}/var" \ + --disable-all-bugs-are-fatal \ + --enable-system-torrc \ + --disable-android \ + --disable-html-manual \ + --disable-libfuzzer \ + --enable-missing-doc-warnings \ + --disable-module-dirauth \ + --enable-pic \ + --disable-rust \ + --disable-restart-debugging \ + --disable-zstd-advanced-apis \ + $(use_enable man asciidoc) \ + $(use_enable man manpage) \ + $(use_enable lzma) \ + $(use_enable scrypt libscrypt) \ + $(use_enable seccomp) \ + $(use_enable server module-relay) \ + $(use_enable systemd) \ + $(use_enable tor-hardening gcc-hardening) \ + $(use_enable tor-hardening linker-hardening) \ + $(use_enable test unittests) \ + $(use_enable test coverage) \ + $(use_enable zstd) +} + +src_install() { + default + readme.gentoo_create_doc + + newconfd "${FILESDIR}"/tor.confd tor + newinitd "${FILESDIR}"/tor.initd-r9 tor + systemd_dounit "${FILESDIR}"/tor.service + + keepdir /var/lib/tor + + fperms 750 /var/lib/tor + fowners tor:tor /var/lib/tor + + insinto /etc/tor/ + newins "${FILESDIR}"/torrc-r2 torrc +} -- cgit v1.2.3