1 |
commit: 72d807efbd47b8702e189daf20066dcbe44e60eb |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Feb 28 23:53:08 2012 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Feb 28 23:53:08 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=72d807ef |
7 |
|
8 |
net-firewall/ipsec-tools: moved to tree |
9 |
|
10 |
(Portage version: 2.1.10.44/git/Linux x86_64, unsigned Manifest commit) |
11 |
|
12 |
--- |
13 |
net-firewall/ipsec-tools/ChangeLog | 19 -- |
14 |
net-firewall/ipsec-tools/Manifest | 17 -- |
15 |
.../ipsec-tools/files/ipsec-tools-def-psk.patch | 25 --- |
16 |
net-firewall/ipsec-tools/files/racoon.conf.d | 19 -- |
17 |
net-firewall/ipsec-tools/files/racoon.init.d | 58 ------ |
18 |
.../ipsec-tools/ipsec-tools-0.8.0-r1.ebuild | 183 -------------------- |
19 |
net-firewall/ipsec-tools/metadata.xml | 14 -- |
20 |
7 files changed, 0 insertions(+), 335 deletions(-) |
21 |
|
22 |
diff --git a/net-firewall/ipsec-tools/ChangeLog b/net-firewall/ipsec-tools/ChangeLog |
23 |
deleted file mode 100644 |
24 |
index bec817d..0000000 |
25 |
--- a/net-firewall/ipsec-tools/ChangeLog |
26 |
+++ /dev/null |
27 |
@@ -1,19 +0,0 @@ |
28 |
- |
29 |
- |
30 |
- 09 Feb 2012; Anthony G. Basile <blueness@g.o> |
31 |
- -ipsec-tools-0.8.0.ebuild: |
32 |
- moved ipsec-tools-0.8.0 to the tree |
33 |
- |
34 |
-*ipsec-tools-0.8.0-r1 (09 Feb 2012) |
35 |
- |
36 |
- 09 Feb 2012; Anthony G. Basile <blueness@g.o> |
37 |
- ipsec-tools-0.8.0.ebuild, +ipsec-tools-0.8.0-r1.ebuild: |
38 |
- Isolated patch from comment #1 bug #365077 |
39 |
- |
40 |
-*ipsec-tools-0.8.0 (08 Feb 2012) |
41 |
- |
42 |
- 08 Feb 2012; Anthony G. Basile <blueness@g.o> |
43 |
- +ipsec-tools-0.8.0.ebuild, +files/ipsec-tools-def-psk.patch, |
44 |
- +files/racoon.conf.d, +files/racoon.init.d, +metadata.xml: |
45 |
- Testing new ebuild, bug #365077 |
46 |
- |
47 |
|
48 |
diff --git a/net-firewall/ipsec-tools/Manifest b/net-firewall/ipsec-tools/Manifest |
49 |
deleted file mode 100644 |
50 |
index 0a73caf..0000000 |
51 |
--- a/net-firewall/ipsec-tools/Manifest |
52 |
+++ /dev/null |
53 |
@@ -1,17 +0,0 @@ |
54 |
------BEGIN PGP SIGNED MESSAGE----- |
55 |
-Hash: SHA256 |
56 |
- |
57 |
-AUX ipsec-tools-def-psk.patch 907 RMD160 4a72e22ecbc821cc96b338004b6ebb5787018569 SHA1 61be2483534c3a3084120a2d9fa08f660b7301f6 SHA256 15da775a7da892b7e99f0a6e531bdb9f37cc9d81c004f8a439152445f960f656 |
58 |
-AUX racoon.conf.d 621 RMD160 7f1d0b6e171e5dd60f1b033e4890bfd79d718389 SHA1 05c0759df99c544f1a68fb8916d1c953ceac0af8 SHA256 4e894adb1a76f673f960260929d083c1f6ddfcf094b371bcc2155fb6735d289f |
59 |
-AUX racoon.init.d 1314 RMD160 f0c385fa389fad6cddef87aee9f10172c2ca6838 SHA1 b82a83850239f564b8d50c8039e188de6f18de7e SHA256 4d6506775650cc36b7197f90eef7d98573280ebb445b0260d0442aec6f4d0937 |
60 |
-DIST ipsec-tools-0.8.0.tar.bz2 809297 RMD160 8715d97c52ef4de771e50df579e5e9241d5bf966 SHA1 d44a955a00cdfcd771fb1eca8267421bd47bc46e SHA256 2359a24aa8eda9ca7043fc47950c8e6b7f58a07c5d5ad316aa7de2bc5e3a8717 |
61 |
-EBUILD ipsec-tools-0.8.0-r1.ebuild 5092 RMD160 67bb3161ee0d396090981681e139637d7eecf1ff SHA1 f60cf34ee9ae9bb416c9578d24157fb3f9d5495e SHA256 6189653978e5e50627736bbb2508bda32dbd682779aca810dccc5f950567f275 |
62 |
-MISC ChangeLog 569 RMD160 88458dbe0ab99dbc74077252487226e828acab38 SHA1 c65312e9dedf12df9473c2746e008edd7adda8f5 SHA256 45b9e894be9222ca5883c510742d148982a5657e659ba7b2d71ad17831b7a0ad |
63 |
-MISC metadata.xml 537 RMD160 41f7f604e33d56879ee9dd0d5a18c7f8fcc0910e SHA1 0fdf06aa17efa68aa50f04db0277e0dc4f4be590 SHA256 12de55d6d62b8e91c8996422e33462b5637f9720a5096025752b93906bcbdc40 |
64 |
------BEGIN PGP SIGNATURE----- |
65 |
-Version: GnuPG v2.0.17 (GNU/Linux) |
66 |
- |
67 |
-iEYEAREIAAYFAk80MWIACgkQl5yvQNBFVTUoDwCdGBlM4TaBqwv6+L0pMsY2Ktzh |
68 |
-PXYAnje/ffA/oDT6HiGSYscJOx3GcqGM |
69 |
-=U53p |
70 |
------END PGP SIGNATURE----- |
71 |
|
72 |
diff --git a/net-firewall/ipsec-tools/files/ipsec-tools-def-psk.patch b/net-firewall/ipsec-tools/files/ipsec-tools-def-psk.patch |
73 |
deleted file mode 100644 |
74 |
index f351860..0000000 |
75 |
--- a/net-firewall/ipsec-tools/files/ipsec-tools-def-psk.patch |
76 |
+++ /dev/null |
77 |
@@ -1,25 +0,0 @@ |
78 |
-diff -brau ipsec-tools-0.7.3.o/src/racoon/oakley.c ipsec-tools-0.7.3/src/racoon/oakley.c |
79 |
---- ipsec-tools-0.7.3.o/src/racoon/oakley.c 2009-08-13 11:18:45.000000000 +0200 |
80 |
-+++ ipsec-tools-0.7.3/src/racoon/oakley.c 2011-06-06 09:36:11.000000000 +0200 |
81 |
-@@ -2498,8 +2498,21 @@ |
82 |
- plog(LLV_ERROR, LOCATION, iph1->remote, |
83 |
- "couldn't find the pskey for %s.\n", |
84 |
- saddrwop2str(iph1->remote)); |
85 |
-+ } |
86 |
-+ } |
87 |
-+ if (iph1->authstr == NULL) { |
88 |
-+ /* |
89 |
-+ * If we could not locate a psk above try and locate |
90 |
-+ * the default psk, ie, "*". |
91 |
-+ */ |
92 |
-+ iph1->authstr = privsep_getpsk("*", 1); |
93 |
-+ if (iph1->authstr == NULL) { |
94 |
-+ plog(LLV_ERROR, LOCATION, iph1->remote, |
95 |
-+ "couldn't find the the default pskey either.\n"); |
96 |
- goto end; |
97 |
- } |
98 |
-+ plog(LLV_NOTIFY, LOCATION, iph1->remote, |
99 |
-+ "Using default PSK.\n"); |
100 |
- } |
101 |
- plog(LLV_DEBUG, LOCATION, NULL, "the psk found.\n"); |
102 |
- /* should be secret PSK */ |
103 |
|
104 |
diff --git a/net-firewall/ipsec-tools/files/racoon.conf.d b/net-firewall/ipsec-tools/files/racoon.conf.d |
105 |
deleted file mode 100644 |
106 |
index b2a1e72..0000000 |
107 |
--- a/net-firewall/ipsec-tools/files/racoon.conf.d |
108 |
+++ /dev/null |
109 |
@@ -1,19 +0,0 @@ |
110 |
-# Copyright 1999-2012 Gentoo Foundation |
111 |
-# Distributed under the terms of the GNU General Public License v2 |
112 |
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/files/racoon.conf.d,v 1.3 2004/07/14 23:29:57 agriffis Exp $ |
113 |
- |
114 |
-# Config file for /etc/init.d/racoon |
115 |
- |
116 |
-# See the manual pages for racoon or run `racoon --help` |
117 |
-# for valid command-line options |
118 |
- |
119 |
-RACOON_OPTS="-4" |
120 |
- |
121 |
-RACOON_CONF="/etc/racoon/racoon.conf" |
122 |
-RACOON_PSK_FILE="/etc/racoon/psk.txt" |
123 |
-SETKEY_CONF="/etc/ipsec.conf" |
124 |
- |
125 |
-# Comment or remove the following if you don't want the policy tables |
126 |
-# to be flushed when racoon is stopped. |
127 |
- |
128 |
-RACOON_RESET_TABLES="true" |
129 |
|
130 |
diff --git a/net-firewall/ipsec-tools/files/racoon.init.d b/net-firewall/ipsec-tools/files/racoon.init.d |
131 |
deleted file mode 100644 |
132 |
index 18703fc..0000000 |
133 |
--- a/net-firewall/ipsec-tools/files/racoon.init.d |
134 |
+++ /dev/null |
135 |
@@ -1,58 +0,0 @@ |
136 |
-#!/sbin/runscript |
137 |
-# Copyright 1999-2012 Gentoo Foundation |
138 |
-# Distributed under the terms of the GNU General Public License v2 |
139 |
- |
140 |
-depend() { |
141 |
- before netmount |
142 |
- use net |
143 |
-} |
144 |
- |
145 |
-checkconfig() { |
146 |
- if [ ! -e ${SETKEY_CONF} ] ; then |
147 |
- eerror "You need to configure setkey before starting racoon." |
148 |
- return 1 |
149 |
- fi |
150 |
- if [ ! -e ${RACOON_CONF} ] ; then |
151 |
- eerror "You need a configuration file to start racoon." |
152 |
- return 1 |
153 |
- fi |
154 |
- if [ ! -z ${RACOON_PSK_FILE} ] ; then |
155 |
- if [ ! -f ${RACOON_PSK_FILE} ] ; then |
156 |
- eerror "PSK file not found as specified." |
157 |
- eerror "Set RACOON_PSK_FILE in /etc/conf.d/racoon." |
158 |
- return 1 |
159 |
- fi |
160 |
- case "`ls -Lldn ${RACOON_PSK_FILE}`" in |
161 |
- -r--------*) |
162 |
- ;; |
163 |
- *) |
164 |
- eerror "Your defined PSK file should be mode 400 for security!" |
165 |
- return 1 |
166 |
- ;; |
167 |
- esac |
168 |
- fi |
169 |
-} |
170 |
- |
171 |
-start() { |
172 |
- checkconfig || return 1 |
173 |
- einfo "Loading ipsec policies from ${SETKEY_CONF}." |
174 |
- /usr/sbin/setkey -f ${SETKEY_CONF} |
175 |
- if [ $? -eq 1 ] ; then |
176 |
- eerror "Error while loading ipsec policies" |
177 |
- fi |
178 |
- ebegin "Starting racoon" |
179 |
- start-stop-daemon -S -x /usr/sbin/racoon -- -f ${RACOON_CONF} ${RACOON_OPTS} |
180 |
- eend $? |
181 |
-} |
182 |
- |
183 |
-stop() { |
184 |
- ebegin "Stopping racoon" |
185 |
- start-stop-daemon -K -p /var/run/racoon.pid |
186 |
- eend $? |
187 |
- if [ -n "${RACOON_RESET_TABLES}" ]; then |
188 |
- ebegin "Flushing policy entries" |
189 |
- /usr/sbin/setkey -F |
190 |
- /usr/sbin/setkey -FP |
191 |
- eend $? |
192 |
- fi |
193 |
-} |
194 |
|
195 |
diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r1.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r1.ebuild |
196 |
deleted file mode 100644 |
197 |
index 1efbf7a..0000000 |
198 |
--- a/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r1.ebuild |
199 |
+++ /dev/null |
200 |
@@ -1,183 +0,0 @@ |
201 |
-# Copyright 1999-2012 Gentoo Foundation |
202 |
-# Distributed under the terms of the GNU General Public License v2 |
203 |
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.7.3-r1.ebuild,v 1.3 2011/04/06 01:01:46 flameeyes Exp $ |
204 |
- |
205 |
-EAPI="4" |
206 |
- |
207 |
-inherit eutils flag-o-matic autotools linux-info |
208 |
- |
209 |
-DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation" |
210 |
-HOMEPAGE="http://ipsec-tools.sourceforge.net/" |
211 |
-SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" |
212 |
- |
213 |
-LICENSE="BSD" |
214 |
-SLOT="0" |
215 |
-KEYWORDS="~amd64 ~x86" |
216 |
-IUSE="rc5 idea kerberos stats ipv6 nat selinux readline pam hybrid ldap" |
217 |
- |
218 |
-RDEPEND=" |
219 |
- kerberos? ( virtual/krb5 ) |
220 |
- selinux? ( |
221 |
- sys-libs/libselinux |
222 |
- sec-policy/selinux-ipsec-tools |
223 |
- ) |
224 |
- readline? ( sys-libs/readline ) |
225 |
- pam? ( sys-libs/pam ) |
226 |
- ldap? ( net-nds/openldap ) |
227 |
- dev-libs/openssl |
228 |
- virtual/libiconv" |
229 |
-# iconv? ( virtual/libiconv ) |
230 |
-# radius? ( net-dialup/gnuradius ) |
231 |
- |
232 |
-DEPEND="${RDEPEND} |
233 |
- >=sys-kernel/linux-headers-2.6.30" |
234 |
- |
235 |
-pkg_setup() { |
236 |
- get_version |
237 |
- if kernel_is -ge 2 6 19 ; then |
238 |
- einfo "Checking for suitable kernel configuration (Networking | Networking support | Networking options)" |
239 |
- |
240 |
- if use nat; then |
241 |
- CONFIG_CHECK="${CONFIG_CHECK} ~NETFILTER_XT_MATCH_POLICY" |
242 |
- export WARNING_NETFILTER_XT_MATCH_POLICY="NAT support may fail weirdly unless you enable this option in your kernel" |
243 |
- fi |
244 |
- |
245 |
- for i in XFRM_USER NET_KEY; do |
246 |
- CONFIG_CHECK="${CONFIG_CHECK} ~${i}" |
247 |
- eval "export WARNING_${i}='No tunnels will be available at all'" |
248 |
- done |
249 |
- |
250 |
- for i in INET_IPCOMP INET_AH INET_ESP \ |
251 |
- INET_XFRM_MODE_TRANSPORT \ |
252 |
- INET_XFRM_MODE_TUNNEL \ |
253 |
- INET_XFRM_MODE_BEET ; do |
254 |
- CONFIG_CHECK="${CONFIG_CHECK} ~${i}" |
255 |
- eval "export WARNING_${i}='IPv4 tunnels will not be available'" |
256 |
- done |
257 |
- |
258 |
- for i in INET6_IPCOMP INET6_AH INET6_ESP \ |
259 |
- INET6_XFRM_MODE_TRANSPORT \ |
260 |
- INET6_XFRM_MODE_TUNNEL \ |
261 |
- INET6_XFRM_MODE_BEET ; do |
262 |
- CONFIG_CHECK="${CONFIG_CHECK} ~${i}" |
263 |
- eval "export WARNING_${i}='IPv6 tunnels will not be available'" |
264 |
- done |
265 |
- |
266 |
- CONFIG_CHECK="${CONFIG_CHECK} ~CRYPTO_NULL" |
267 |
- export WARNING_CRYPTO_NULL="Unencrypted tunnels will not be available" |
268 |
- export CONFIG_CHECK |
269 |
- |
270 |
- check_extra_config |
271 |
- else |
272 |
- eerror "You must have a kernel >=2.6.19 to run ipsec-tools." |
273 |
- eerror "Building now, assuming that you will run on a different kernel" |
274 |
- fi |
275 |
-} |
276 |
- |
277 |
-src_prepare() { |
278 |
- # fix for bug #76741 |
279 |
- sed -i 's:#include <sys/sysctl.h>::' src/racoon/pfkey.c src/setkey/setkey.c || die |
280 |
- # fix for bug #124813 |
281 |
- sed -i 's:-Werror::g' "${S}"/configure.ac || die |
282 |
- # fix for building with gcc-4.6 |
283 |
- sed -i 's: -R: -Wl,-R:' "${S}"/configure.ac || die |
284 |
- |
285 |
- epatch "${FILESDIR}/ipsec-tools-def-psk.patch" |
286 |
- |
287 |
- AT_M4DIR="${S}" eautoreconf |
288 |
- epunt_cxx |
289 |
-} |
290 |
- |
291 |
-src_configure() { |
292 |
- # fix for bug #61025 |
293 |
- filter-flags -march=c3 |
294 |
- |
295 |
- local myconf |
296 |
- myconf="--with-kernel-headers=/usr/include \ |
297 |
- --enable-adminport \ |
298 |
- --enable-frag \ |
299 |
- --enable-dpd \ |
300 |
- --enable-dependency-tracking \ |
301 |
- $(use_enable rc5) \ |
302 |
- $(use_enable idea) \ |
303 |
- $(use_enable kerberos gssapi) \ |
304 |
- $(use_enable stats) \ |
305 |
- $(use_enable ipv6) \ |
306 |
- $(use_enable nat natt) \ |
307 |
- $(use_enable selinux security-context) \ |
308 |
- $(use_with readline) \ |
309 |
- $(use_with pam libpam) \ |
310 |
- $(use_with ldap libldap)" |
311 |
- |
312 |
- use nat && myconf="${myconf} --enable-natt-versions=yes" |
313 |
- |
314 |
- # enable mode-cfg and xauth support |
315 |
- if use pam; then |
316 |
- myconf="${myconf} --enable-hybrid" |
317 |
- else |
318 |
- myconf="${myconf} $(use_enable hybrid)" |
319 |
- fi |
320 |
- |
321 |
- # dev-libs/libiconv is hard masked |
322 |
- #use iconv && myconf="${myconf} $(use_with iconv libiconv)" |
323 |
- |
324 |
- # the default (/usr/include/openssl/) is OK for Gentoo, leave it |
325 |
- # myconf="${myconf} $(use_with ssl openssl )" |
326 |
- |
327 |
- # No way to get it compiling with freeradius or gnuradius |
328 |
- # We would need libradius which only exists on FreeBSD |
329 |
- |
330 |
- # See bug #77369 |
331 |
- #myconf="${myconf} --enable-samode-unspec" |
332 |
- |
333 |
- econf ${myconf} |
334 |
-} |
335 |
- |
336 |
-src_install() { |
337 |
- emake DESTDIR="${D}" install |
338 |
- keepdir /var/lib/racoon |
339 |
- newconfd "${FILESDIR}"/racoon.conf.d racoon |
340 |
- newinitd "${FILESDIR}"/racoon.init.d racoon |
341 |
- |
342 |
- dodoc ChangeLog README NEWS |
343 |
- dodoc -r src/racoon/samples |
344 |
- dodoc -r src/racoon/doc |
345 |
- |
346 |
- docinto setkey |
347 |
- dodoc src/setkey/sample.cf |
348 |
- |
349 |
- dodir /etc/racoon |
350 |
- |
351 |
- # RFC are only available from CVS for the moment, see einfo below |
352 |
- #docinto "rfc" |
353 |
- #dodoc ${S}/src/racoon/rfc/* |
354 |
-} |
355 |
- |
356 |
-pkg_postinst() { |
357 |
- if use nat; then |
358 |
- elog |
359 |
- elog "You have enabled the nat traversal functionnality." |
360 |
- elog "Nat versions wich are enabled by default are 00,02,rfc" |
361 |
- elog "you can find those drafts in the CVS repository:" |
362 |
- elog "cvs -d anoncvs@××××××××××××××.org:/cvsroot co ipsec-tools" |
363 |
- elog |
364 |
- elog "If you feel brave enough and you know what you are" |
365 |
- elog "doing, you can consider emerging this ebuild with" |
366 |
- elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\"" |
367 |
- elog |
368 |
- fi |
369 |
- |
370 |
- if use ldap; then |
371 |
- elog |
372 |
- elog "You have enabled ldap support with {$PN}." |
373 |
- elog "The man page does NOT contain any information on it yet." |
374 |
- elog "Consider using a more recent version or CVS." |
375 |
- elog |
376 |
- fi |
377 |
- |
378 |
- elog |
379 |
- elog "Please have a look in /usr/share/doc/${P} and visit" |
380 |
- elog "http://www.netbsd.org/Documentation/network/ipsec/" |
381 |
- elog "to find more information on how to configure this tool." |
382 |
- elog |
383 |
-} |
384 |
|
385 |
diff --git a/net-firewall/ipsec-tools/metadata.xml b/net-firewall/ipsec-tools/metadata.xml |
386 |
deleted file mode 100644 |
387 |
index 6e6434c..0000000 |
388 |
--- a/net-firewall/ipsec-tools/metadata.xml |
389 |
+++ /dev/null |
390 |
@@ -1,14 +0,0 @@ |
391 |
-<?xml version="1.0" encoding="UTF-8"?> |
392 |
-<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
393 |
-<pkgmetadata> |
394 |
- <maintainer> |
395 |
- <email>blueness@g.o</email> |
396 |
- </maintainer> |
397 |
- <use> |
398 |
- <flag name='hybrid'>Makes available both mode-cfg and xauth support</flag> |
399 |
- <flag name='idea'>Enable support for the IDEA algorithm</flag> |
400 |
- <flag name='nat'>Enable NAT-Traversal</flag> |
401 |
- <flag name='rc5'>Enable support for the patented RC5 algorithm</flag> |
402 |
- <flag name='stats'>Enable statistics reporting</flag> |
403 |
- </use> |
404 |
-</pkgmetadata> |