From e3872864be25f7421015bef2732fa57c0c9fb726 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 4 Aug 2018 08:53:53 +0100 Subject: gentoo resync : 04.08.2018 --- net-vpn/Manifest.gz | Bin 4709 -> 4704 bytes net-vpn/libreswan/Manifest | 3 +- .../libreswan/files/libreswan-3.25-no-curl.patch | 25 ++++ net-vpn/libreswan/libreswan-3.25.ebuild | 4 +- net-vpn/wireguard/Manifest | 4 +- net-vpn/wireguard/wireguard-0.0.20180718.ebuild | 134 ------------------- net-vpn/wireguard/wireguard-0.0.20180802.ebuild | 145 +++++++++++++++++++++ 7 files changed, 177 insertions(+), 138 deletions(-) create mode 100644 net-vpn/libreswan/files/libreswan-3.25-no-curl.patch delete mode 100644 net-vpn/wireguard/wireguard-0.0.20180718.ebuild create mode 100644 net-vpn/wireguard/wireguard-0.0.20180802.ebuild (limited to 'net-vpn') diff --git a/net-vpn/Manifest.gz b/net-vpn/Manifest.gz index 0773c7d10f13..719a86431b5b 100644 Binary files a/net-vpn/Manifest.gz and b/net-vpn/Manifest.gz differ diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest index bba96ebb52ee..439778f20558 100644 --- a/net-vpn/libreswan/Manifest +++ b/net-vpn/libreswan/Manifest @@ -1,8 +1,9 @@ AUX libreswan-3.23-modern-kernels.patch 525 BLAKE2B 5c1353932dddd0febf60ae0b8c03e81e1c1397e6ea93619e5d02f60c4a735a0b63c8c1dfc6a3a79c55addf4af20e3e3f2b82b3f369b2c61d62c51c3c57f3d241 SHA512 e2a798d1bc8b089056a400bc0918b1037420a268e49e0183db99c565da9c8bce344e5fa9c3cdcc246a066450aceeec1af333f8b4c931e4e9414d6485db03bd13 +AUX libreswan-3.25-no-curl.patch 706 BLAKE2B 2d1f74b6b1d65f2e3ddad8646e2e5ea8a4aa98b4eee617521255c7bec35f53f1cde6254cd82f731e6ad5701f16cceaba907653e1c490ef97b2648f9d066e0328 SHA512 e03b17bc647f0d817cacfee2c96c37c50615d8ad53fdfb0be7095bf79fe3317d66092f006aeaf1ea4d67841ccdba29ab4a6e1ce181459b41d16dedcee5cb73d3 DIST libreswan-3.22.tar.gz 6910418 BLAKE2B c06134fa2d1096231797f1ea93de8ed61121472b10ae30ee9a843250dce4ef9f21e7d3bf63f38daf53fbfd8d1e435cfdc704743d0fdcbde8ecac137d9becac48 SHA512 93868327394527750590e1297443d3eb1c9a528d680348098fd2913123dac52c9fecd73b855ee00586c2516b8aa00f7f0d158d8e9b19d7487b5fb26432b86aff DIST libreswan-3.23.tar.gz 3836073 BLAKE2B ffb27ed75618afcf39c36b7326bb1e4b70ea8337bb4b13951bef95dc13989613c226fe83e031eeba080f55f98262df432b776c3ac5b7b4fb740506f918172ed3 SHA512 3645af522ea9ac868c55bfadfd2cf27dc5acb247543f43290cbe677a90cd00316be6520ca2128b9aaecce2b0293710ae6a2bd710a7d93198b8cb81e32276ced8 DIST libreswan-3.25.tar.gz 3988630 BLAKE2B 8479b5b0d7d49055b7dcefa6c3b2f469b0aa60005e05446d5c1c6f73a32c904835422248c6ead2a1c2dc83b63794fd50f7461fd22c4206414b5890c01b99b722 SHA512 246649cb5bef1d0690217d1080f3f6f175a0d7a5f27e5a7affdf291b2f418a11937e96b64716a33e6312530409a2c1b10b90e2fa5ec339a27c94c990d86ed517 EBUILD libreswan-3.22.ebuild 2812 BLAKE2B 55b89a58724b02cafcf997295f117a084c1f7e16a65f1adfb0efc783772d3a68be867b24ff038aa8017412b2e4fb716a3aa101d080eda2c9e8a11dfd117c3544 SHA512 23136de2f2a1442318bc692456c32d0675515b508ef6281b33b2f8760bafbbe09ab39d233d552214aecc3e965c22f9fc67bad93902a6be5696117308bf1190cf EBUILD libreswan-3.23-r1.ebuild 2867 BLAKE2B f4fb5ffb508732e268199c92ff69d43c14620915bc0b6aa3fb867b56e4c3713a8e2b8dc25ec0e01fd80efad853afb38e54155b0c1a4455b81f0dbb69131c0d79 SHA512 00c4c5399dc14afa872c9b81202bce9d9d1cf5c4eb6a3a34ce2b96f9be5af008edc799fdc7c3c7af8aa36bae2b518f40686e08dc813ba7040e9351c69fcff0bf -EBUILD libreswan-3.25.ebuild 2814 BLAKE2B 75a2bd92b38261da8141c05e287e9ee33d55b2a19aaddfb30b2f76fea4e944979345512ba1d29465342066646d69cabfef85f4417e471350a05f8becd7f73f9a SHA512 c5c8409272f7bb661e9578ff7d97c52fd07f291b8392826031b106998f1c516f6a6f343813cafdeef4c6245e4123509c764dd303a40200a9b0f98b0821c14a1e +EBUILD libreswan-3.25.ebuild 2855 BLAKE2B 138cb1716d4f2eeca78245b6090c0c0c2c86b715973782f943fea6759e41087720289eca97e4df14bbe608a31c3444a6be8554c9047c408cf4cbc0480898f750 SHA512 fdd3db5f292961d70d2f9cd3577df1cdf0285d1aab5ff8eefed11d4c29a3282af7c2b9e3bbd5d574ac66903d2f485dfd5da7a6ac94b4bef18f32d116dce035b4 MISC metadata.xml 319 BLAKE2B 6bae0756e29efeb1cf77d60f7e38fe62ffa5f24c3745e07900e6ef5f65194c50f6a479d97fdcc24804ccdcfefd9707b12f08dffe613fcf798afc421826de36e4 SHA512 924161f15c0f7a9666a6d7a422b45da679190e1a0f2859b997ddd753cbf49df9da337e5420040210736f76fa712dca3ec8862480f62bd321de71e74bee7c0865 diff --git a/net-vpn/libreswan/files/libreswan-3.25-no-curl.patch b/net-vpn/libreswan/files/libreswan-3.25-no-curl.patch new file mode 100644 index 000000000000..f23e2f7f227c --- /dev/null +++ b/net-vpn/libreswan/files/libreswan-3.25-no-curl.patch @@ -0,0 +1,25 @@ +From 903f953b271c35f33790bb7ba98b17acfdecede6 Mon Sep 17 00:00:00 2001 +From: Paul Wouters +Date: Sun, 22 Jul 2018 11:37:04 -0700 +Subject: [PATCH] building: only call check_crls() if LIBCURL support is + compiled in + +Noted by Daniel M. Weeks +--- + programs/pluto/timer.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/programs/pluto/timer.c b/programs/pluto/timer.c +index b8a465a91b..4e82e634ea 100644 +--- a/programs/pluto/timer.c ++++ b/programs/pluto/timer.c +@@ -432,7 +432,9 @@ static void timer_event_cb(evutil_socket_t fd UNUSED, const short event UNUSED, + break; + + case EVENT_CHECK_CRLS: ++#ifdef LIBCURL + check_crls(); ++#endif + break; + + case EVENT_v2_RELEASE_WHACK: diff --git a/net-vpn/libreswan/libreswan-3.25.ebuild b/net-vpn/libreswan/libreswan-3.25.ebuild index b71d536ae106..a830de440be1 100644 --- a/net-vpn/libreswan/libreswan-3.25.ebuild +++ b/net-vpn/libreswan/libreswan-3.25.ebuild @@ -6,7 +6,7 @@ EAPI=6 inherit systemd toolchain-funcs SRC_URI="https://download.libreswan.org/${P}.tar.gz" -KEYWORDS="~amd64 ~ppc ~x86" +KEYWORDS="amd64 ~ppc ~x86" DESCRIPTION="IPsec implementation for Linux, fork of Openswan" HOMEPAGE="https://libreswan.org/" @@ -50,6 +50,8 @@ usetf() { } src_prepare() { + eapply "${FILESDIR}/${P}-no-curl.patch" + sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die default diff --git a/net-vpn/wireguard/Manifest b/net-vpn/wireguard/Manifest index 97c16a70536d..51096aa5fa07 100644 --- a/net-vpn/wireguard/Manifest +++ b/net-vpn/wireguard/Manifest @@ -1,4 +1,4 @@ -DIST WireGuard-0.0.20180718.tar.xz 272072 BLAKE2B da18f6ff6fcbe9c226ddf39a7137d7648647ae49be311b3b239af845b864403feaf226de7f148b9a6d67c6426d7f96d6c077286fd332bbdb98c913a3039ecd8f SHA512 38d7fa90ab7528c0f29e93c4b37c357e51f33061353c180044c50fe05a37874652b3cb179c80f17b8fe9dddbcb224253723ad730e2ad5649cb17ec9d32e8f9ca -EBUILD wireguard-0.0.20180718.ebuild 4720 BLAKE2B 4de715d72ccd551ee68eeab051ff9905323fe57d475e6c17ad39542c3c50416d0ff6cfa27c994afe1edf6277bdbd6bab9b3351d74cfcae5921f24c2c93f0cb36 SHA512 e71251e953b6046149d69b1168af47e20ae705c3822f8c80542388571e8677ddfe299eb46808ec462c8a13764fc939eafe7f51dcfa0d7e3aca7c6e153ba14c7b +DIST WireGuard-0.0.20180802.tar.xz 272932 BLAKE2B dbb9d007b16a39bae280183b4cb214d46a1c511ff9437aa50a003582b8e8388bba197e4b248068267fbbfa5cd392b986cb50986365c757dd3efac6372991ec42 SHA512 73449764547d531ff5528b49d411c9a8aa9d36bdf659b03ff904272cceb9f09718da81ed204b623c189e194ad11257b05e0d8db27db0a3d3f751fc0abc17d76c +EBUILD wireguard-0.0.20180802.ebuild 5145 BLAKE2B af179f6e992bc0df635ac391fed3d0178395bb9f3de8b7180d24c990140ba2ae5c4fbed0eb673443ab2e7e8de2d4477af26ea0819c9cf07ef532804ad4b4c7b3 SHA512 beff711ea1ec42806f780144b48f53fb02d1fb001f84f484c6d5bdf11384e78fe1bf77cdf07b0c971c4163927cac3b68c4f70211c5aa2b352009c6ab866c1fb9 EBUILD wireguard-9999.ebuild 4720 BLAKE2B 4de715d72ccd551ee68eeab051ff9905323fe57d475e6c17ad39542c3c50416d0ff6cfa27c994afe1edf6277bdbd6bab9b3351d74cfcae5921f24c2c93f0cb36 SHA512 e71251e953b6046149d69b1168af47e20ae705c3822f8c80542388571e8677ddfe299eb46808ec462c8a13764fc939eafe7f51dcfa0d7e3aca7c6e153ba14c7b MISC metadata.xml 765 BLAKE2B 4b3a03aea5271da19dddddfc4f7fa180c4b3b846bbe434786c3b3e7bbfb51424cf3be55877cf6b2af60559a456978946ed68354600e43fbb461d2000bd655b70 SHA512 794ffdecbc09f27080cade3a5753e0d1e9021edb400282ee6db7099d4583ab4d4ed28a343e2b8c2227ab39b8bc4182938d6c82ae4a4f7e9980f21348d8d8c805 diff --git a/net-vpn/wireguard/wireguard-0.0.20180718.ebuild b/net-vpn/wireguard/wireguard-0.0.20180718.ebuild deleted file mode 100644 index e7bf51b60e9c..000000000000 --- a/net-vpn/wireguard/wireguard-0.0.20180718.ebuild +++ /dev/null @@ -1,134 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -MODULES_OPTIONAL_USE="module" -inherit linux-mod bash-completion-r1 - -DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography." -HOMEPAGE="https://www.wireguard.com/" - -if [[ ${PV} == 9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://git.zx2c4.com/WireGuard" - KEYWORDS="" -else - SRC_URI="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz" - S="${WORKDIR}/WireGuard-${PV}" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" -fi - -LICENSE="GPL-2" -SLOT="0" -IUSE="debug +module +tools module-src" - -DEPEND="tools? ( net-libs/libmnl )" -RDEPEND="${DEPEND}" - -MODULE_NAMES="wireguard(kernel/drivers/net:src)" -BUILD_TARGETS="module" -CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_BLKCIPHER" - -pkg_setup() { - if use module; then - linux-mod_pkg_setup - kernel_is -lt 3 10 0 && die "This version of ${PN} requires Linux >= 3.10" - fi -} - -src_compile() { - BUILD_PARAMS="KERNELDIR=${KERNEL_DIR}" - use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}" - use module && linux-mod_src_compile - use tools && emake RUNSTATEDIR="${EPREFIX}/run" -C src/tools CC="$(tc-getCC)" LD="$(tc-getLD)" -} - -src_install() { - use module && linux-mod_src_install - if use tools; then - dodoc README.md - dodoc -r contrib/examples - emake \ - WITH_BASHCOMPLETION=yes \ - WITH_SYSTEMDUNITS=yes \ - WITH_WGQUICK=yes \ - DESTDIR="${D}" \ - BASHCOMPDIR="$(get_bashcompdir)" \ - PREFIX="${EPREFIX}/usr" \ - -C src/tools install - fi - use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install -} - -pkg_postinst() { - if use module-src && ! use module; then - einfo - einfo "You have enabled the module-src USE flag without the module USE" - einfo "flag. This means that sources are installed to" - einfo "${ROOT}usr/src/wireguard instead of having the" - einfo "kernel module compiled. You will need to compile the module" - einfo "yourself. Most likely, you don't want this USE flag, and should" - einfo "rather use USE=module" - einfo - fi - use module && linux-mod_pkg_postinst - - einfo - einfo "This software is experimental and has not yet been released." - einfo "As such, it may contain significant issues. Please do not file" - einfo "bug reports with Gentoo, but rather direct them upstream to:" - einfo - einfo " team@wireguard.com security@wireguard.com" - einfo - - if use tools; then - einfo - einfo "After installing WireGuard, if you'd like to try sending some packets through" - einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh" - einfo "test example script:" - einfo - einfo " \$ bzcat ${ROOT}usr/share/doc/${PF}/examples/ncat-client-server/client.sh.bz2 | sudo bash -" - einfo - einfo "This will automatically setup interface wg0, through a very insecure transport" - einfo "that is only suitable for demonstration purposes. You can then try loading the" - einfo "hidden website or sending pings:" - einfo - einfo " \$ chromium http://192.168.4.1" - einfo " \$ ping 192.168.4.1" - einfo - einfo "If you'd like to redirect your internet traffic, you can run it with the" - einfo "\"default-route\" argument. You may not use this server for any abusive or illegal" - einfo "purposes. It is for quick testing only." - einfo - einfo "More info on getting started can be found at: https://www.wireguard.com/quickstart/" - einfo - fi - if use module; then - local old new - if [[ $(uname -r) != "${KV_FULL}" ]]; then - ewarn - ewarn "You have just built WireGuard for kernel ${KV_FULL}, yet the currently running" - ewarn "kernel is $(uname -r). If you intend to use this WireGuard module on the currently" - ewarn "running machine, you will first need to reboot it into the kernel ${KV_FULL}, for" - ewarn "which this module was built." - ewarn - elif [[ -f /sys/module/wireguard/version ]] && \ - old="$(< /sys/module/wireguard/version)" && \ - new="$(modinfo -F version "${ROOT}/lib/modules/${KV_FULL}/net/wireguard.ko" 2>/dev/null)" && \ - [[ $old != "$new" ]]; then - ewarn - ewarn "You appear to have just upgraded WireGuard from version v$old to v$new." - ewarn "However, the old version is still running on your system. In order to use the" - ewarn "new version, you will need to remove the old module and load the new one. As" - ewarn "root, you can accomplish this with the following commands:" - ewarn - ewarn " # rmmod wireguard" - ewarn " # modprobe wireguard" - ewarn - ewarn "Do note that doing this will remove current WireGuard interfaces, so you may want" - ewarn "to gracefully remove them yourself prior." - ewarn - fi - fi -} diff --git a/net-vpn/wireguard/wireguard-0.0.20180802.ebuild b/net-vpn/wireguard/wireguard-0.0.20180802.ebuild new file mode 100644 index 000000000000..332e52b44d29 --- /dev/null +++ b/net-vpn/wireguard/wireguard-0.0.20180802.ebuild @@ -0,0 +1,145 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +MODULES_OPTIONAL_USE="module" +inherit linux-mod bash-completion-r1 + +DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography." +HOMEPAGE="https://www.wireguard.com/" + +if [[ ${PV} == 9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://git.zx2c4.com/WireGuard" + KEYWORDS="" +else + SRC_URI="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz" + S="${WORKDIR}/WireGuard-${PV}" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +fi + +LICENSE="GPL-2" +SLOT="0" +IUSE="debug +module +tools module-src" + +DEPEND="tools? ( net-libs/libmnl )" +RDEPEND="${DEPEND}" + +MODULE_NAMES="wireguard(kernel/drivers/net:src)" +BUILD_TARGETS="module" +CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_BLKCIPHER" + +wg_quick_optional_config_nob() { + CONFIG_CHECK="$CONFIG_CHECK ~$1" + declare -g ERROR_$1="CONFIG_$1: This option is required for automatic routing of default routes inside of wg-quick(8), though it is not required for general WireGuard usage." +} + +pkg_setup() { + if use module; then + if use tools; then + wg_quick_optional_config_nob IP_ADVANCED_ROUTER + wg_quick_optional_config_nob IP_MULTIPLE_TABLES + wg_quick_optional_config_nob NETFILTER_XT_MARK + fi + + linux-mod_pkg_setup + kernel_is -lt 3 10 0 && die "This version of ${PN} requires Linux >= 3.10" + fi +} + +src_compile() { + BUILD_PARAMS="KERNELDIR=${KERNEL_DIR}" + use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}" + use module && linux-mod_src_compile + use tools && emake RUNSTATEDIR="${EPREFIX}/run" -C src/tools CC="$(tc-getCC)" LD="$(tc-getLD)" +} + +src_install() { + use module && linux-mod_src_install + if use tools; then + dodoc README.md + dodoc -r contrib/examples + emake \ + WITH_BASHCOMPLETION=yes \ + WITH_SYSTEMDUNITS=yes \ + WITH_WGQUICK=yes \ + DESTDIR="${D}" \ + BASHCOMPDIR="$(get_bashcompdir)" \ + PREFIX="${EPREFIX}/usr" \ + -C src/tools install + fi + use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install +} + +pkg_postinst() { + if use module-src && ! use module; then + einfo + einfo "You have enabled the module-src USE flag without the module USE" + einfo "flag. This means that sources are installed to" + einfo "${ROOT}usr/src/wireguard instead of having the" + einfo "kernel module compiled. You will need to compile the module" + einfo "yourself. Most likely, you don't want this USE flag, and should" + einfo "rather use USE=module" + einfo + fi + use module && linux-mod_pkg_postinst + + einfo + einfo "This software is experimental and has not yet been released." + einfo "As such, it may contain significant issues. Please do not file" + einfo "bug reports with Gentoo, but rather direct them upstream to:" + einfo + einfo " team@wireguard.com security@wireguard.com" + einfo + + if use tools; then + einfo + einfo "After installing WireGuard, if you'd like to try sending some packets through" + einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh" + einfo "test example script:" + einfo + einfo " \$ bzcat ${ROOT}usr/share/doc/${PF}/examples/ncat-client-server/client.sh.bz2 | sudo bash -" + einfo + einfo "This will automatically setup interface wg0, through a very insecure transport" + einfo "that is only suitable for demonstration purposes. You can then try loading the" + einfo "hidden website or sending pings:" + einfo + einfo " \$ chromium http://192.168.4.1" + einfo " \$ ping 192.168.4.1" + einfo + einfo "If you'd like to redirect your internet traffic, you can run it with the" + einfo "\"default-route\" argument. You may not use this server for any abusive or illegal" + einfo "purposes. It is for quick testing only." + einfo + einfo "More info on getting started can be found at: https://www.wireguard.com/quickstart/" + einfo + fi + if use module; then + local old new + if [[ $(uname -r) != "${KV_FULL}" ]]; then + ewarn + ewarn "You have just built WireGuard for kernel ${KV_FULL}, yet the currently running" + ewarn "kernel is $(uname -r). If you intend to use this WireGuard module on the currently" + ewarn "running machine, you will first need to reboot it into the kernel ${KV_FULL}, for" + ewarn "which this module was built." + ewarn + elif [[ -f /sys/module/wireguard/version ]] && \ + old="$(< /sys/module/wireguard/version)" && \ + new="$(modinfo -F version "${ROOT}/lib/modules/${KV_FULL}/net/wireguard.ko" 2>/dev/null)" && \ + [[ $old != "$new" ]]; then + ewarn + ewarn "You appear to have just upgraded WireGuard from version v$old to v$new." + ewarn "However, the old version is still running on your system. In order to use the" + ewarn "new version, you will need to remove the old module and load the new one. As" + ewarn "root, you can accomplish this with the following commands:" + ewarn + ewarn " # rmmod wireguard" + ewarn " # modprobe wireguard" + ewarn + ewarn "Do note that doing this will remove current WireGuard interfaces, so you may want" + ewarn "to gracefully remove them yourself prior." + ewarn + fi + fi +} -- cgit v1.2.3