[gentoo-commits] repo/gentoo:master commit in: net-vpn/libreswan/ - gentoo-commits

From:	Hans de Graaff <graaff@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-vpn/libreswan/
Date:	Sat, 01 May 2021 07:12:25
Message-Id:	`1619853131.b5c7c9a782224f592c9f2521d766cf31322656c7.graaff@gentoo`

1

commit:     b5c7c9a782224f592c9f2521d766cf31322656c7

2

Author:     Hans de Graaff <graaff <AT> gentoo <DOT> org>

3

AuthorDate: Sat May  1 07:12:11 2021 +0000

4

Commit:     Hans de Graaff <graaff <AT> gentoo <DOT> org>

5

CommitDate: Sat May  1 07:12:11 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b5c7c9a7

7

8

net-vpn/libreswan: set INITSYSTEM correctly

9

10

INITSYSTEM was hardcoded to always be openrc. This was ignored in

11

libreswan 3.x where runtime detection was used, but in 4.x the

12

INITSYSTEM is hardcoded in the setup script at installation time. Set

13

INITSYSTEM based on the systemd USE flag instead.

14

15

Closes: https://bugs.gentoo.org/756121

16

Package-Manager: Portage-3.0.18, Repoman-3.0.2

17

Signed-off-by: Hans de Graaff <graaff <AT> gentoo.org>

18

19

 net-vpn/libreswan/libreswan-4.4-r1.ebuild | 120 ++++++++++++++++++++++++++++++

20

 1 file changed, 120 insertions(+)

21

22

diff --git a/net-vpn/libreswan/libreswan-4.4-r1.ebuild b/net-vpn/libreswan/libreswan-4.4-r1.ebuild

23

new file mode 100644

24

index 00000000000..6932991bf6a

25

--- /dev/null

26

+++ b/net-vpn/libreswan/libreswan-4.4-r1.ebuild

27

@@ -0,0 +1,120 @@

28

+# Copyright 1999-2021 Gentoo Authors

29

+# Distributed under the terms of the GNU General Public License v2

30

+

31

+EAPI=7

32

+

33

+inherit systemd toolchain-funcs

34

+

35

+SRC_URI="https://download.libreswan.org/${P}.tar.gz"

36

+KEYWORDS="~amd64 ~arm ~ppc ~x86"

37

+

38

+DESCRIPTION="IPsec implementation for Linux, fork of Openswan"

39

+HOMEPAGE="https://libreswan.org/"

40

+

41

+LICENSE="GPL-2 BSD-4 RSA DES"

42

+SLOT="0"

43

+IUSE="caps curl dnssec ldap networkmanager pam seccomp selinux systemd test"

44

+RESTRICT="!test? ( test )"

45

+

46

+DEPEND="

47

+	dev-libs/gmp:0=

48

+	dev-libs/libevent:0=

49

+	dev-libs/nspr

50

+	>=dev-libs/nss-3.42

51

+	>=sys-kernel/linux-headers-4.19

52

+	caps? ( sys-libs/libcap-ng )

53

+	curl? ( net-misc/curl )

54

+	dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns )

55

+	ldap? ( net-nds/openldap )

56

+	pam? ( sys-libs/pam )

57

+	seccomp? ( sys-libs/libseccomp )

58

+	selinux? ( sys-libs/libselinux )

59

+	systemd? ( sys-apps/systemd:0= )

60

+"

61

+BDEPEND="

62

+	app-text/docbook-xml-dtd:4.1.2

63

+	app-text/xmlto

64

+	dev-libs/nss

65

+	sys-devel/bison

66

+	sys-devel/flex

67

+	virtual/pkgconfig

68

+	test? ( dev-python/setproctitle )

69

+"

70

+RDEPEND="${DEPEND}

71

+	dev-libs/nss[utils(+)]

72

+	sys-apps/iproute2

73

+	!net-vpn/strongswan

74

+	selinux? ( sec-policy/selinux-ipsec )

75

+"

76

+

77

+usetf() {

78

+	usex "$1" true false

79

+}

80

+

81

+PATCHES=( "${FILESDIR}/${PN}-4.2-ip-path.patch" )

82

+

83

+src_prepare() {

84

+	sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die

85

+	sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die

86

+	default

87

+}

88

+

89

+src_configure() {

90

+	tc-export AR CC

91

+	export PREFIX=/usr

92

+	export FINALEXAMPLECONFDIR=/usr/share/doc/${PF}

93

+	export FINALDOCDIR=/usr/share/doc/${PF}/html

94

+	export INITSYSTEM=$(usex systemd systemd openrc)

95

+	export INITDDIRS=

96

+	export INITDDIR_DEFAULT=/etc/init.d

97

+	export USERCOMPILE=${CFLAGS}

98

+	export USERLINK=${LDFLAGS}

99

+	export USE_DNSSEC=$(usetf dnssec)

100

+	export USE_LABELED_IPSEC=$(usetf selinux)

101

+	export USE_LIBCAP_NG=$(usetf caps)

102

+	export USE_LIBCURL=$(usetf curl)

103

+	export USE_LINUX_AUDIT=$(usetf selinux)

104

+	export USE_LDAP=$(usetf ldap)

105

+	export USE_NM=$(usetf networkmanager)

106

+	export USE_SECCOMP=$(usetf seccomp)

107

+	export USE_SYSTEMD_WATCHDOG=$(usetf systemd)

108

+	export SD_WATCHDOGSEC=$(usex systemd 200 0)

109

+	export USE_AUTHPAM=$(usetf pam)

110

+	export DEBUG_CFLAGS=

111

+	export OPTIMIZE_CFLAGS=

112

+	export WERROR_CFLAGS=

113

+}

114

+

115

+src_compile() {

116

+	emake all

117

+	emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all

118

+}

119

+

120

+src_test() {

121

+	: # integration tests only that require set of kvms to be set up

122

+}

123

+

124

+src_install() {

125

+	default

126

+	emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install

127

+

128

+	echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets

129

+	fperms 0600 /etc/ipsec.secrets

130

+

131

+	keepdir /var/lib/ipsec/nss

132

+	fperms 0700 /var/lib/ipsec/nss

133

+

134

+	dodoc -r docs

135

+

136

+	find "${D}" -type d -empty -delete || die

137

+}

138

+

139

+pkg_postinst() {

140

+	local IPSEC_CONFDIR=${ROOT}/var/lib/ipsec/nss

141

+	if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then

142

+		ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password"

143

+		certutil -N -d "${IPSEC_CONFDIR}" --empty-password

144

+		eend $?

145

+		einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}"

146

+	fi

147

+}

1	commit: b5c7c9a782224f592c9f2521d766cf31322656c7
2	Author: Hans de Graaff <graaff <AT> gentoo <DOT> org>
3	AuthorDate: Sat May 1 07:12:11 2021 +0000
4	Commit: Hans de Graaff <graaff <AT> gentoo <DOT> org>
5	CommitDate: Sat May 1 07:12:11 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b5c7c9a7
7
8	net-vpn/libreswan: set INITSYSTEM correctly
9
10	INITSYSTEM was hardcoded to always be openrc. This was ignored in
11	libreswan 3.x where runtime detection was used, but in 4.x the
12	INITSYSTEM is hardcoded in the setup script at installation time. Set
13	INITSYSTEM based on the systemd USE flag instead.
14
15	Closes: https://bugs.gentoo.org/756121
16	Package-Manager: Portage-3.0.18, Repoman-3.0.2
17	Signed-off-by: Hans de Graaff <graaff <AT> gentoo.org>
18
19	net-vpn/libreswan/libreswan-4.4-r1.ebuild \| 120 ++++++++++++++++++++++++++++++
20	1 file changed, 120 insertions(+)
21
22	diff --git a/net-vpn/libreswan/libreswan-4.4-r1.ebuild b/net-vpn/libreswan/libreswan-4.4-r1.ebuild
23	new file mode 100644
24	index 00000000000..6932991bf6a
25	--- /dev/null
26	+++ b/net-vpn/libreswan/libreswan-4.4-r1.ebuild
27	@@ -0,0 +1,120 @@
28	+# Copyright 1999-2021 Gentoo Authors
29	+# Distributed under the terms of the GNU General Public License v2
30	+
31	+EAPI=7
32	+
33	+inherit systemd toolchain-funcs
34	+
35	+SRC_URI="https://download.libreswan.org/${P}.tar.gz"
36	+KEYWORDS="~amd64 ~arm ~ppc ~x86"
37	+
38	+DESCRIPTION="IPsec implementation for Linux, fork of Openswan"
39	+HOMEPAGE="https://libreswan.org/"
40	+
41	+LICENSE="GPL-2 BSD-4 RSA DES"
42	+SLOT="0"
43	+IUSE="caps curl dnssec ldap networkmanager pam seccomp selinux systemd test"
44	+RESTRICT="!test? ( test )"
45	+
46	+DEPEND="
47	+ dev-libs/gmp:0=
48	+ dev-libs/libevent:0=
49	+ dev-libs/nspr
50	+ >=dev-libs/nss-3.42
51	+ >=sys-kernel/linux-headers-4.19
52	+ caps? ( sys-libs/libcap-ng )
53	+ curl? ( net-misc/curl )
54	+ dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns )
55	+ ldap? ( net-nds/openldap )
56	+ pam? ( sys-libs/pam )
57	+ seccomp? ( sys-libs/libseccomp )
58	+ selinux? ( sys-libs/libselinux )
59	+ systemd? ( sys-apps/systemd:0= )
60	+"
61	+BDEPEND="
62	+ app-text/docbook-xml-dtd:4.1.2
63	+ app-text/xmlto
64	+ dev-libs/nss
65	+ sys-devel/bison
66	+ sys-devel/flex
67	+ virtual/pkgconfig
68	+ test? ( dev-python/setproctitle )
69	+"
70	+RDEPEND="${DEPEND}
71	+ dev-libs/nss[utils(+)]
72	+ sys-apps/iproute2
73	+ !net-vpn/strongswan
74	+ selinux? ( sec-policy/selinux-ipsec )
75	+"
76	+
77	+usetf() {
78	+ usex "$1" true false
79	+}
80	+
81	+PATCHES=( "${FILESDIR}/${PN}-4.2-ip-path.patch" )
82	+
83	+src_prepare() {
84	+ sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in \|\| die
85	+ sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile \|\| die
86	+ default
87	+}
88	+
89	+src_configure() {
90	+ tc-export AR CC
91	+ export PREFIX=/usr
92	+ export FINALEXAMPLECONFDIR=/usr/share/doc/${PF}
93	+ export FINALDOCDIR=/usr/share/doc/${PF}/html
94	+ export INITSYSTEM=$(usex systemd systemd openrc)
95	+ export INITDDIRS=
96	+ export INITDDIR_DEFAULT=/etc/init.d
97	+ export USERCOMPILE=${CFLAGS}
98	+ export USERLINK=${LDFLAGS}
99	+ export USE_DNSSEC=$(usetf dnssec)
100	+ export USE_LABELED_IPSEC=$(usetf selinux)
101	+ export USE_LIBCAP_NG=$(usetf caps)
102	+ export USE_LIBCURL=$(usetf curl)
103	+ export USE_LINUX_AUDIT=$(usetf selinux)
104	+ export USE_LDAP=$(usetf ldap)
105	+ export USE_NM=$(usetf networkmanager)
106	+ export USE_SECCOMP=$(usetf seccomp)
107	+ export USE_SYSTEMD_WATCHDOG=$(usetf systemd)
108	+ export SD_WATCHDOGSEC=$(usex systemd 200 0)
109	+ export USE_AUTHPAM=$(usetf pam)
110	+ export DEBUG_CFLAGS=
111	+ export OPTIMIZE_CFLAGS=
112	+ export WERROR_CFLAGS=
113	+}
114	+
115	+src_compile() {
116	+ emake all
117	+ emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all
118	+}
119	+
120	+src_test() {
121	+ : # integration tests only that require set of kvms to be set up
122	+}
123	+
124	+src_install() {
125	+ default
126	+ emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install
127	+
128	+ echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets
129	+ fperms 0600 /etc/ipsec.secrets
130	+
131	+ keepdir /var/lib/ipsec/nss
132	+ fperms 0700 /var/lib/ipsec/nss
133	+
134	+ dodoc -r docs
135	+
136	+ find "${D}" -type d -empty -delete \|\| die
137	+}
138	+
139	+pkg_postinst() {
140	+ local IPSEC_CONFDIR=${ROOT}/var/lib/ipsec/nss
141	+ if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then
142	+ ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password"
143	+ certutil -N -d "${IPSEC_CONFDIR}" --empty-password
144	+ eend $?
145	+ einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}"
146	+ fi
147	+}

Gentoo Archives: gentoo-commits