1 |
mrness 09/04/08 23:30:46 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: openswan-2.4.14.ebuild openswan-2.6.21.ebuild |
5 |
Log: |
6 |
Version bumps wrt to security bug #264346. Remove -Werror from compiler options (#260927). |
7 |
(Portage version: 2.1.6.7/cvs/Linux x86_64) |
8 |
|
9 |
Revision Changes Path |
10 |
1.58 net-misc/openswan/ChangeLog |
11 |
|
12 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openswan/ChangeLog?rev=1.58&view=markup |
13 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openswan/ChangeLog?rev=1.58&content-type=text/plain |
14 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openswan/ChangeLog?r1=1.57&r2=1.58 |
15 |
|
16 |
Index: ChangeLog |
17 |
=================================================================== |
18 |
RCS file: /var/cvsroot/gentoo-x86/net-misc/openswan/ChangeLog,v |
19 |
retrieving revision 1.57 |
20 |
retrieving revision 1.58 |
21 |
diff -u -r1.57 -r1.58 |
22 |
--- ChangeLog 11 Jan 2009 11:01:51 -0000 1.57 |
23 |
+++ ChangeLog 8 Apr 2009 23:30:46 -0000 1.58 |
24 |
@@ -1,6 +1,16 @@ |
25 |
# ChangeLog for net-misc/openswan |
26 |
# Copyright 2002-2009 Gentoo Foundation; Distributed under the GPL v2 |
27 |
-# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/ChangeLog,v 1.57 2009/01/11 11:01:51 mrness Exp $ |
28 |
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/ChangeLog,v 1.58 2009/04/08 23:30:46 mrness Exp $ |
29 |
+ |
30 |
+*openswan-2.6.21 (08 Apr 2009) |
31 |
+*openswan-2.4.14 (08 Apr 2009) |
32 |
+ |
33 |
+ 08 Apr 2009; Alin Năstac <mrness@g.o> |
34 |
+ +files/openswan-2.4.14-deprecated-ldap.patch, |
35 |
+ +files/openswan-2.4.14-gentoo.patch, +files/openswan-2.6.21-gentoo.patch, |
36 |
+ +openswan-2.4.14.ebuild, +openswan-2.6.21.ebuild: |
37 |
+ Version bumps wrt to security bug #264346. Remove -Werror from compiler |
38 |
+ options (#260927). |
39 |
|
40 |
11 Jan 2009; Alin Năstac <mrness@g.o> |
41 |
-files/openswan-2.6.18-gentoo.patch, files/openswan-2.6.19-gentoo.patch, |
42 |
|
43 |
|
44 |
|
45 |
1.1 net-misc/openswan/openswan-2.4.14.ebuild |
46 |
|
47 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openswan/openswan-2.4.14.ebuild?rev=1.1&view=markup |
48 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openswan/openswan-2.4.14.ebuild?rev=1.1&content-type=text/plain |
49 |
|
50 |
Index: openswan-2.4.14.ebuild |
51 |
=================================================================== |
52 |
# Copyright 1999-2009 Gentoo Foundation |
53 |
# Distributed under the terms of the GNU General Public License v2 |
54 |
# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/openswan-2.4.14.ebuild,v 1.1 2009/04/08 23:30:46 mrness Exp $ |
55 |
|
56 |
EAPI="2" |
57 |
|
58 |
inherit eutils linux-info |
59 |
|
60 |
DESCRIPTION="Open Source implementation of IPsec for the Linux operating system (was SuperFreeS/WAN)." |
61 |
HOMEPAGE="http://www.openswan.org/" |
62 |
SRC_URI="http://www.openswan.org/download/${P}.tar.gz" |
63 |
|
64 |
LICENSE="GPL-2" |
65 |
SLOT="0" |
66 |
KEYWORDS="~amd64 ~ppc ~sparc ~x86" |
67 |
IUSE="curl ldap smartcard extra-algorithms weak-algorithms" |
68 |
|
69 |
COMMON_DEPEND="!net-misc/strongswan |
70 |
dev-libs/gmp |
71 |
dev-lang/perl |
72 |
smartcard? ( dev-libs/opensc ) |
73 |
curl? ( net-misc/curl ) |
74 |
ldap? ( net-nds/openldap )" |
75 |
DEPEND="${COMMON_DEPEND} |
76 |
virtual/linux-sources" |
77 |
RDEPEND="${COMMON_DEPEND} |
78 |
virtual/logger |
79 |
sys-apps/iproute2" |
80 |
|
81 |
pkg_setup() { |
82 |
linux-info_pkg_setup |
83 |
|
84 |
if kernel_is 2 6; then |
85 |
einfo "This ebuild will set ${P} to use 2.6 native IPsec (KAME)." |
86 |
einfo "KLIPS will not be compiled/installed." |
87 |
MYMAKE="programs" |
88 |
|
89 |
elif kernel_is 2 4; then |
90 |
if ! [[ -d "${KERNEL_DIR}/net/ipsec" ]]; then |
91 |
eerror "You need to have an IPsec enabled 2.4.x kernel." |
92 |
eerror "Ensure you have one running and make a symlink to it in /usr/src/linux" |
93 |
die |
94 |
fi |
95 |
|
96 |
einfo "Using patched-in IPsec code for kernel 2.4" |
97 |
einfo "Your kernel only supports KLIPS for kernel level IPsec." |
98 |
MYMAKE="confcheck programs" |
99 |
|
100 |
else |
101 |
die "Unsupported kernel version" |
102 |
fi |
103 |
} |
104 |
|
105 |
src_prepare() { |
106 |
epatch "${FILESDIR}"/${P}-gentoo.patch |
107 |
epatch "${FILESDIR}"/${P}-deprecated-ldap.patch |
108 |
|
109 |
find . -regex '.*[.][1-8]' -exec sed -i \ |
110 |
-e s:/usr/local:/usr:g \ |
111 |
-e s:/etc/ipsec[.]conf:/etc/ipsec/ipsec.conf:g \ |
112 |
-e s:/etc/ipsec[.]secrets:/etc/ipsec/ipsec.secrets:g '{}' \; || |
113 |
die "failed to replace text in xml docs" |
114 |
} |
115 |
|
116 |
get_make_options() { |
117 |
echo KERNELSRC=\"${KERNEL_DIR}\" \ |
118 |
FINALCONFDIR=/etc/ipsec \ |
119 |
FINALCONFFILE=/etc/ipsec/ipsec.conf \ |
120 |
FINALEXAMPLECONFDIR=/usr/share/doc/${PF} \ |
121 |
INC_RCDEFAULT=/etc/init.d \ |
122 |
INC_USRLOCAL=/usr \ |
123 |
INC_MANDIR=share/man \ |
124 |
FINALDOCDIR=/usr/share/doc/${PF} \ |
125 |
DESTDIR=\"${D}\" \ |
126 |
USERCOMPILE=\"${CFLAGS}\" |
127 |
if use smartcard ; then |
128 |
echo USE_SMARTCARD=true |
129 |
fi |
130 |
if use extra-algorithms ; then |
131 |
echo USE_EXTRACRYPTO=true |
132 |
fi |
133 |
if use weak-algorithms ; then |
134 |
echo USE_WEAKSTUFF=true |
135 |
fi |
136 |
echo USE_OE=false # by default, turn off Opportunistic Encryption |
137 |
echo USE_LWRES=false # needs bind9 with lwres support |
138 |
local USETHREADS=false |
139 |
if use curl; then |
140 |
echo USE_LIBCURL=true |
141 |
USETHREADS=true |
142 |
fi |
143 |
if use ldap; then |
144 |
echo USE_LDAP=true |
145 |
USETHREADS=true |
146 |
fi |
147 |
echo HAVE_THREADS=${USETHREADS} |
148 |
} |
149 |
|
150 |
src_compile() { |
151 |
eval set -- $(get_make_options) |
152 |
emake "$@" \ |
153 |
${MYMAKE} || die "emake failed" |
154 |
} |
155 |
|
156 |
src_install() { |
157 |
eval set -- $(get_make_options) |
158 |
emake "$@" \ |
159 |
install || die "emake install failed" |
160 |
|
161 |
dosym /etc/ipsec/ipsec.d /etc/ipsec.d |
162 |
|
163 |
doinitd "${FILESDIR}"/ipsec || die "failed to install init script" |
164 |
|
165 |
dodir /var/run/pluto || die "failed to create /var/run/pluto" |
166 |
} |
167 |
|
168 |
pkg_postinst() { |
169 |
if kernel_is 2 6; then |
170 |
CONFIG_CHECK="~NET_KEY ~INET_XFRM_MODE_TRANSPORT ~INET_XFRM_MODE_TUNNEL ~INET_AH ~INET_ESP ~INET_IPCOMP" |
171 |
WARNING_INET_AH="CONFIG_INET_AH:\tmissing IPsec AH support (needed if you want only authentication)" |
172 |
WARNING_INET_ESP="CONFIG_INET_ESP:\tmissing IPsec ESP support (needed if you want authentication and encryption)" |
173 |
WARNING_INET_IPCOMP="CONFIG_INET_IPCOMP:\tmissing IPsec Payload Compression (required for compress=yes)" |
174 |
check_extra_config |
175 |
fi |
176 |
} |
177 |
|
178 |
|
179 |
|
180 |
1.1 net-misc/openswan/openswan-2.6.21.ebuild |
181 |
|
182 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openswan/openswan-2.6.21.ebuild?rev=1.1&view=markup |
183 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openswan/openswan-2.6.21.ebuild?rev=1.1&content-type=text/plain |
184 |
|
185 |
Index: openswan-2.6.21.ebuild |
186 |
=================================================================== |
187 |
# Copyright 1999-2009 Gentoo Foundation |
188 |
# Distributed under the terms of the GNU General Public License v2 |
189 |
# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/openswan-2.6.21.ebuild,v 1.1 2009/04/08 23:30:46 mrness Exp $ |
190 |
|
191 |
EAPI="2" |
192 |
|
193 |
inherit eutils linux-info |
194 |
|
195 |
DESCRIPTION="Open Source implementation of IPsec for the Linux operating system (was SuperFreeS/WAN)." |
196 |
HOMEPAGE="http://www.openswan.org/" |
197 |
SRC_URI="http://www.openswan.org/download/${P}.tar.gz" |
198 |
|
199 |
LICENSE="GPL-2" |
200 |
SLOT="0" |
201 |
KEYWORDS="~amd64 ~ppc ~sparc ~x86" |
202 |
IUSE="curl ldap smartcard extra-algorithms weak-algorithms nocrypto-algorithms" |
203 |
|
204 |
COMMON_DEPEND="!net-misc/strongswan |
205 |
dev-libs/gmp |
206 |
dev-lang/perl |
207 |
smartcard? ( dev-libs/opensc ) |
208 |
curl? ( net-misc/curl ) |
209 |
ldap? ( net-nds/openldap )" |
210 |
DEPEND="${COMMON_DEPEND} |
211 |
virtual/linux-sources |
212 |
app-text/xmlto |
213 |
app-text/docbook-xml-dtd:4.1.2" # see bug 237132 |
214 |
RDEPEND="${COMMON_DEPEND} |
215 |
virtual/logger |
216 |
sys-apps/iproute2" |
217 |
|
218 |
pkg_setup() { |
219 |
if use nocrypto-algorithms && ! use weak-algorithms; then |
220 |
ewarn "Enabling nocrypto-algorithms USE flag has no effect when" |
221 |
ewarn "weak-algorithms USE flag is disabled" |
222 |
fi |
223 |
|
224 |
linux-info_pkg_setup |
225 |
|
226 |
if kernel_is 2 6; then |
227 |
einfo "This ebuild will set ${P} to use 2.6 native IPsec (KAME)." |
228 |
einfo "KLIPS will not be compiled/installed." |
229 |
MYMAKE="programs" |
230 |
|
231 |
elif kernel_is 2 4; then |
232 |
if ! [[ -d "${KERNEL_DIR}/net/ipsec" ]]; then |
233 |
eerror "You need to have an IPsec enabled 2.4.x kernel." |
234 |
eerror "Ensure you have one running and make a symlink to it in /usr/src/linux" |
235 |
die |
236 |
fi |
237 |
|
238 |
einfo "Using patched-in IPsec code for kernel 2.4" |
239 |
einfo "Your kernel only supports KLIPS for kernel level IPsec." |
240 |
MYMAKE="confcheck programs" |
241 |
|
242 |
else |
243 |
die "Unsupported kernel version" |
244 |
fi |
245 |
} |
246 |
|
247 |
src_prepare() { |
248 |
epatch "${FILESDIR}"/${P}-gentoo.patch |
249 |
|
250 |
find . -regex '.*[.][1-8]' -exec sed -i \ |
251 |
-e s:/usr/local:/usr:g '{}' \; || |
252 |
die "failed to replace text in xml docs" |
253 |
} |
254 |
|
255 |
get_make_options() { |
256 |
echo KERNELSRC=\"${KERNEL_DIR}\" \ |
257 |
FINALEXAMPLECONFDIR=/usr/share/doc/${PF} \ |
258 |
INC_RCDEFAULT=/etc/init.d \ |
259 |
INC_USRLOCAL=/usr \ |
260 |
INC_MANDIR=share/man \ |
261 |
FINALDOCDIR=/usr/share/doc/${PF}/html \ |
262 |
DESTDIR=\"${D}\" \ |
263 |
USERCOMPILE=\"${CFLAGS}\" |
264 |
if use smartcard ; then |
265 |
echo USE_SMARTCARD=true |
266 |
fi |
267 |
if use extra-algorithms ; then |
268 |
echo USE_EXTRACRYPTO=true |
269 |
else |
270 |
echo USE_EXTRACRYPTO=false |
271 |
fi |
272 |
if use weak-algorithms ; then |
273 |
echo USE_WEAKSTUFF=true |
274 |
if use nocrypto-algorithms; then |
275 |
echo USE_NOCRYPTO=true |
276 |
fi |
277 |
fi |
278 |
echo USE_LWRES=false # needs bind9 with lwres support |
279 |
local USETHREADS=false |
280 |
if use curl; then |
281 |
echo USE_LIBCURL=true |
282 |
USETHREADS=true |
283 |
fi |
284 |
if use ldap; then |
285 |
echo USE_LDAP=true |
286 |
USETHREADS=true |
287 |
fi |
288 |
echo HAVE_THREADS=${USETHREADS} |
289 |
} |
290 |
|
291 |
src_compile() { |
292 |
eval set -- $(get_make_options) |
293 |
emake "$@" \ |
294 |
${MYMAKE} || die "emake failed" |
295 |
} |
296 |
|
297 |
src_install() { |
298 |
eval set -- $(get_make_options) |
299 |
emake "$@" \ |
300 |
install || die "emake install failed" |
301 |
|
302 |
newinitd "${FILESDIR}"/ipsec-initd ipsec || die "failed to install init script" |
303 |
|
304 |
dodir /var/run/pluto || die "failed to create /var/run/pluto" |
305 |
} |
306 |
|
307 |
pkg_preinst() { |
308 |
if has_version "<net-misc/openswan-2.6.14" && pushd "${ROOT}etc/ipsec"; then |
309 |
ewarn "Following files and directories were moved from '${ROOT}etc/ipsec' to '${ROOT}etc':" |
310 |
local i err=0 |
311 |
if [ -h "../ipsec.d" ]; then |
312 |
rm "../ipsec.d" || die "failed to remove ../ipsec.d symlink" |
313 |
fi |
314 |
for i in *; do |
315 |
if [ -e "../$i" ]; then |
316 |
eerror " $i NOT MOVED, ../$i already exists!" |
317 |
err=1 |
318 |
elif [ -d "$i" ]; then |
319 |
mv "$i" .. || die "failed to move $i directory" |
320 |
ewarn " directory $i" |
321 |
elif [ -f "$i" ]; then |
322 |
sed -i -e 's:/etc/ipsec/:/etc/:g' "$i" && \ |
323 |
mv "$i" .. && ewarn " file $i" || \ |
324 |
die "failed to move $i file" |
325 |
else |
326 |
eerror " $i NOT MOVED, it is not a file nor a directory!" |
327 |
err=1 |
328 |
fi |
329 |
done |
330 |
popd |
331 |
if [ $err -eq 0 ]; then |
332 |
rmdir "${ROOT}etc/ipsec" || eerror "Failed to remove ${ROOT}etc/ipsec" |
333 |
else |
334 |
ewarn "${ROOT}etc/ipsec is not empty, you will have to remove it yourself" |
335 |
fi |
336 |
fi |
337 |
} |
338 |
|
339 |
pkg_postinst() { |
340 |
if kernel_is 2 6; then |
341 |
CONFIG_CHECK="~NET_KEY ~INET_XFRM_MODE_TRANSPORT ~INET_XFRM_MODE_TUNNEL ~INET_AH ~INET_ESP ~INET_IPCOMP" |
342 |
WARNING_INET_AH="CONFIG_INET_AH:\tmissing IPsec AH support (needed if you want only authentication)" |
343 |
WARNING_INET_ESP="CONFIG_INET_ESP:\tmissing IPsec ESP support (needed if you want authentication and encryption)" |
344 |
WARNING_INET_IPCOMP="CONFIG_INET_IPCOMP:\tmissing IPsec Payload Compression (required for compress=yes)" |
345 |
check_extra_config |
346 |
fi |
347 |
} |