1 |
commit: a144b80848b22e7cdc0ae370f87b2b71e9b50796 |
2 |
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Sep 13 22:45:33 2021 +0000 |
4 |
Commit: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Sep 13 22:48:04 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a144b808 |
7 |
|
8 |
net-vpn/wireguard-tools: bump to 1.0.20210914 |
9 |
|
10 |
Package-Manager: Portage-3.0.23, Repoman-3.0.3 |
11 |
Signed-off-by: Jason A. Donenfeld <zx2c4 <AT> gentoo.org> |
12 |
|
13 |
net-vpn/wireguard-tools/Manifest | 1 + |
14 |
.../wireguard-tools-1.0.20210914.ebuild | 117 +++++++++++++++++++++ |
15 |
2 files changed, 118 insertions(+) |
16 |
|
17 |
diff --git a/net-vpn/wireguard-tools/Manifest b/net-vpn/wireguard-tools/Manifest |
18 |
index bb9f64d7e73..ecd31c84ea6 100644 |
19 |
--- a/net-vpn/wireguard-tools/Manifest |
20 |
+++ b/net-vpn/wireguard-tools/Manifest |
21 |
@@ -1 +1,2 @@ |
22 |
DIST wireguard-tools-1.0.20210424.tar.xz 96816 BLAKE2B 4787624d296c22241ff366c799eb07e1e718534eab9c998df24003380ed9743f76c3b8f779c7e534404573583c9654a43527d4c96de0def78a3d88d30ca6985e SHA512 b919c7ce1e8ee8660ccc1490d3dad7817f3d6f0ab79f26866e8ed10d40545a9ddca67959ff6cc84ac36a91683c1f58d274d91d47f40c0b9a7bfee4009dcbbf59 |
23 |
+DIST wireguard-tools-1.0.20210914.tar.xz 99744 BLAKE2B 020f4a61597dafc6663e9ee5659f9401416692f5dc8e23afe8d59054bffd32c92814ff2e1f99d6ffe558fdfcf756afc1838e4d425847f892ad4b627a077fe614 SHA512 6727ea65551dbb064457449b93a943bd6534ca93bc7fa5704c2f6826266c98688ee9ea28731fda57a5245d5f63c05f3899fcca54e40c0b6251b7c4796e957445 |
24 |
|
25 |
diff --git a/net-vpn/wireguard-tools/wireguard-tools-1.0.20210914.ebuild b/net-vpn/wireguard-tools/wireguard-tools-1.0.20210914.ebuild |
26 |
new file mode 100644 |
27 |
index 00000000000..c707cf29cb3 |
28 |
--- /dev/null |
29 |
+++ b/net-vpn/wireguard-tools/wireguard-tools-1.0.20210914.ebuild |
30 |
@@ -0,0 +1,117 @@ |
31 |
+# Copyright 1999-2021 Gentoo Authors |
32 |
+# Distributed under the terms of the GNU General Public License v2 |
33 |
+ |
34 |
+EAPI=7 |
35 |
+ |
36 |
+inherit linux-info bash-completion-r1 systemd toolchain-funcs |
37 |
+ |
38 |
+DESCRIPTION="Required tools for WireGuard, such as wg(8) and wg-quick(8)" |
39 |
+HOMEPAGE="https://www.wireguard.com/" |
40 |
+ |
41 |
+if [[ ${PV} == 9999 ]]; then |
42 |
+ inherit git-r3 |
43 |
+ EGIT_REPO_URI="https://git.zx2c4.com/wireguard-tools" |
44 |
+else |
45 |
+ SRC_URI="https://git.zx2c4.com/wireguard-tools/snapshot/wireguard-tools-${PV}.tar.xz" |
46 |
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" |
47 |
+fi |
48 |
+ |
49 |
+LICENSE="GPL-2" |
50 |
+SLOT="0" |
51 |
+IUSE="+wg-quick selinux" |
52 |
+ |
53 |
+BDEPEND="virtual/pkgconfig" |
54 |
+DEPEND="" |
55 |
+RDEPEND="${DEPEND} |
56 |
+ wg-quick? ( |
57 |
+ || ( net-firewall/nftables net-firewall/iptables ) |
58 |
+ virtual/resolvconf |
59 |
+ ) |
60 |
+ selinux? ( sec-policy/selinux-wireguard ) |
61 |
+" |
62 |
+ |
63 |
+wg_quick_optional_config_nob() { |
64 |
+ CONFIG_CHECK="$CONFIG_CHECK ~$1" |
65 |
+ declare -g ERROR_$1="CONFIG_$1: This option is required for automatic routing of default routes inside of wg-quick(8), though it is not required for general WireGuard usage." |
66 |
+} |
67 |
+ |
68 |
+pkg_setup() { |
69 |
+ if use wg-quick; then |
70 |
+ wg_quick_optional_config_nob IP_ADVANCED_ROUTER |
71 |
+ wg_quick_optional_config_nob IP_MULTIPLE_TABLES |
72 |
+ wg_quick_optional_config_nob IPV6_MULTIPLE_TABLES |
73 |
+ if has_version net-firewall/nftables; then |
74 |
+ wg_quick_optional_config_nob NF_TABLES |
75 |
+ wg_quick_optional_config_nob NF_TABLES_IPV4 |
76 |
+ wg_quick_optional_config_nob NF_TABLES_IPV6 |
77 |
+ wg_quick_optional_config_nob NFT_CT |
78 |
+ wg_quick_optional_config_nob NFT_FIB |
79 |
+ wg_quick_optional_config_nob NFT_FIB_IPV4 |
80 |
+ wg_quick_optional_config_nob NFT_FIB_IPV6 |
81 |
+ wg_quick_optional_config_nob NF_CONNTRACK_MARK |
82 |
+ elif has_version net-firewall/iptables; then |
83 |
+ wg_quick_optional_config_nob NETFILTER_XTABLES |
84 |
+ wg_quick_optional_config_nob NETFILTER_XT_MARK |
85 |
+ wg_quick_optional_config_nob NETFILTER_XT_CONNMARK |
86 |
+ wg_quick_optional_config_nob NETFILTER_XT_MATCH_COMMENT |
87 |
+ wg_quick_optional_config_nob NETFILTER_XT_MATCH_ADDRTYPE |
88 |
+ wg_quick_optional_config_nob IP6_NF_RAW |
89 |
+ wg_quick_optional_config_nob IP_NF_RAW |
90 |
+ wg_quick_optional_config_nob IP6_NF_FILTER |
91 |
+ wg_quick_optional_config_nob IP_NF_FILTER |
92 |
+ fi |
93 |
+ fi |
94 |
+ get_version |
95 |
+ if [[ -f $KERNEL_DIR/include/uapi/linux/wireguard.h ]]; then |
96 |
+ CONFIG_CHECK="~WIREGUARD $CONFIG_CHECK" |
97 |
+ declare -g ERROR_WIREGUARD="CONFIG_WIREGUARD: This option is required for using WireGuard." |
98 |
+ elif kernel_is -ge 3 10 0 && kernel_is -lt 5 6 0 && ! has_version net-vpn/wireguard-modules; then |
99 |
+ ewarn |
100 |
+ ewarn "Your kernel does not appear to have upstream support for WireGuard" |
101 |
+ ewarn "via CONFIG_WIREGUARD. However, the net-vpn/wireguard-modules ebuild" |
102 |
+ ewarn "contains a compatibility module that should work for your kernel." |
103 |
+ ewarn "It is highly recommended to install it:" |
104 |
+ ewarn |
105 |
+ ewarn " emerge -av net-vpn/wireguard-modules" |
106 |
+ ewarn |
107 |
+ fi |
108 |
+ linux-info_pkg_setup |
109 |
+} |
110 |
+ |
111 |
+src_compile() { |
112 |
+ emake RUNSTATEDIR="${EPREFIX}/run" -C src CC="$(tc-getCC)" LD="$(tc-getLD)" |
113 |
+} |
114 |
+ |
115 |
+src_install() { |
116 |
+ dodoc README.md |
117 |
+ dodoc -r contrib |
118 |
+ emake \ |
119 |
+ WITH_BASHCOMPLETION=yes \ |
120 |
+ WITH_SYSTEMDUNITS=yes \ |
121 |
+ WITH_WGQUICK=$(usex wg-quick) \ |
122 |
+ DESTDIR="${D}" \ |
123 |
+ BASHCOMPDIR="$(get_bashcompdir)" \ |
124 |
+ SYSTEMDUNITDIR="$(systemd_get_systemunitdir)" \ |
125 |
+ PREFIX="${EPREFIX}/usr" \ |
126 |
+ -C src install |
127 |
+ use wg-quick && newinitd "${FILESDIR}/wg-quick.init" wg-quick |
128 |
+} |
129 |
+ |
130 |
+pkg_postinst() { |
131 |
+ einfo |
132 |
+ einfo "After installing WireGuard, if you'd like to try sending some packets through" |
133 |
+ einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh" |
134 |
+ einfo "test example script:" |
135 |
+ einfo |
136 |
+ einfo " \$ bzcat ${ROOT}/usr/share/doc/${PF}/contrib/ncat-client-server/client.sh.bz2 | sudo bash -" |
137 |
+ einfo |
138 |
+ einfo "This will automatically setup interface wg0, through a very insecure transport" |
139 |
+ einfo "that is only suitable for demonstration purposes. You can then try loading the" |
140 |
+ einfo "hidden website or sending pings:" |
141 |
+ einfo |
142 |
+ einfo " \$ chromium http://192.168.4.1" |
143 |
+ einfo " \$ ping 192.168.4.1" |
144 |
+ einfo |
145 |
+ einfo "More info on getting started can be found at: https://www.wireguard.com/quickstart/" |
146 |
+ einfo |
147 |
+} |