Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: William Hubbs <williamh@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/openconnect/files/, net-misc/openconnect/
Date: Sat, 24 Sep 2016 17:50:10
Message-Id: 1474739071.5f9049c9da39886975077c93c119129cd31e8f88.williamh@gentoo
1 commit: 5f9049c9da39886975077c93c119129cd31e8f88
2 Author: William Hubbs <williamh <AT> gentoo <DOT> org>
3 AuthorDate: Sat Sep 24 17:44:31 2016 +0000
4 Commit: William Hubbs <williamh <AT> gentoo <DOT> org>
5 CommitDate: Sat Sep 24 17:44:31 2016 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5f9049c9
7
8 net-misc/openconnect: 7.07-r2 revbump to fix pulse secure
9
10 Current stable openconnect is broken for newer releases of pulse secure [1].
11 This revbump fixes that issue. I have verified it on amd64 so I'm going
12 straight to stable since the previous revision is stable.
13
14 [1] http://lists.infradead.org/pipermail/openconnect-devel/2016-September/003952.html
15
16 Package-Manager: portage-2.2.28
17 RepoMan-Options: --force
18
19 .../openconnect-7.07-mimic-pulse-client.patch | 38 +++++
20 net-misc/openconnect/openconnect-7.07-r2.ebuild | 162 +++++++++++++++++++++
21 2 files changed, 200 insertions(+)
22
23 diff --git a/net-misc/openconnect/files/openconnect-7.07-mimic-pulse-client.patch b/net-misc/openconnect/files/openconnect-7.07-mimic-pulse-client.patch
24 new file mode 100644
25 index 00000000..5cfeca6
26 --- /dev/null
27 +++ b/net-misc/openconnect/files/openconnect-7.07-mimic-pulse-client.patch
28 @@ -0,0 +1,38 @@
29 +From 4ce9c9241f5707917e87e93a055f757cea5fb84d Mon Sep 17 00:00:00 2001
30 +From: Jon DeVree <nuxi@×××××××.org>
31 +Date: Mon, 19 Sep 2016 21:00:18 -0400
32 +Subject: [PATCH] Add Content-Length header to mimic official pulse client
33 +
34 +The official pulse client sends in a fixed "Content-Length: 256" header
35 +with these two HTTP requests. Some versions of the VPN server will
36 +reject requests with an HTTP 400 error if they do not have this header.
37 +
38 +Signed-off-by: Jon DeVree <nuxi@×××××××.org>
39 +Signed-off-by: David Woodhouse <David.Woodhouse@×××××.com>
40 +---
41 + oncp.c | 2 ++
42 + 1 file changed, 2 insertions(+)
43 +
44 +diff --git a/oncp.c b/oncp.c
45 +index cc9a223..2bf1571 100644
46 +--- a/oncp.c
47 ++++ b/oncp.c
48 +@@ -562,6 +562,7 @@ int oncp_connect(struct openconnect_info *vpninfo)
49 +
50 + buf_append(reqbuf, "POST /dana/js?prot=1&svc=1 HTTP/1.1\r\n");
51 + oncp_common_headers(vpninfo, reqbuf);
52 ++ buf_append(reqbuf, "Content-Length: 256\r\n");
53 + buf_append(reqbuf, "\r\n");
54 +
55 + if (buf_error(reqbuf)) {
56 +@@ -606,6 +607,7 @@ int oncp_connect(struct openconnect_info *vpninfo)
57 + buf_truncate(reqbuf);
58 + buf_append(reqbuf, "POST /dana/js?prot=1&svc=4 HTTP/1.1\r\n");
59 + oncp_common_headers(vpninfo, reqbuf);
60 ++ buf_append(reqbuf, "Content-Length: 256\r\n");
61 + buf_append(reqbuf, "\r\n");
62 +
63 + if (buf_error(reqbuf)) {
64 +--
65 +2.7.3
66 +
67
68 diff --git a/net-misc/openconnect/openconnect-7.07-r2.ebuild b/net-misc/openconnect/openconnect-7.07-r2.ebuild
69 new file mode 100644
70 index 00000000..57ae5c0
71 --- /dev/null
72 +++ b/net-misc/openconnect/openconnect-7.07-r2.ebuild
73 @@ -0,0 +1,162 @@
74 +# Copyright 1999-2016 Gentoo Foundation
75 +# Distributed under the terms of the GNU General Public License v2
76 +# $Id$
77 +
78 +EAPI=6
79 +
80 +PYTHON_COMPAT=( python2_7 )
81 +PYTHON_REQ_USE="xml"
82 +
83 +inherit eutils java-pkg-opt-2 linux-info python-any-r1 readme.gentoo-r1
84 +
85 +if [[ ${PV} == 9999 ]]; then
86 + EGIT_REPO_URI="git://git.infradead.org/users/dwmw2/${PN}.git"
87 + inherit git-r3 autotools
88 +else
89 + ARCHIVE_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz"
90 + KEYWORDS="amd64 ~arm ~arm64 ~ppc64 ~x86"
91 +fi
92 +VPNC_VER=20160829
93 +SRC_URI="${ARCHIVE_URI}
94 + ftp://ftp.infradead.org/pub/vpnc-scripts/vpnc-scripts-${VPNC_VER}.tar.gz"
95 +
96 +DESCRIPTION="Free client for Cisco AnyConnect SSL VPN software"
97 +HOMEPAGE="http://www.infradead.org/openconnect.html"
98 +
99 +LICENSE="LGPL-2.1 GPL-2"
100 +SLOT="0/5"
101 +IUSE="doc +gnutls gssapi java libproxy nls smartcard static-libs stoken"
102 +
103 +DEPEND="dev-libs/libxml2
104 + sys-libs/zlib
105 + !gnutls? (
106 + >=dev-libs/openssl-1.0.1h:0[static-libs?]
107 + )
108 + gnutls? (
109 + >=net-libs/gnutls-3:0=[static-libs?] dev-libs/nettle
110 + app-misc/ca-certificates
111 + )
112 + gssapi? ( virtual/krb5 )
113 + libproxy? ( net-libs/libproxy )
114 + nls? ( virtual/libintl )
115 + smartcard? ( sys-apps/pcsc-lite:0= )
116 + stoken? ( app-crypt/stoken )"
117 +RDEPEND="${DEPEND}
118 + sys-apps/iproute2
119 + !<sys-apps/openrc-0.13"
120 +DEPEND="${DEPEND}
121 + virtual/pkgconfig
122 + doc? ( ${PYTHON_DEPS} sys-apps/groff )
123 + java? ( >=virtual/jdk-1.6 )
124 + nls? ( sys-devel/gettext )"
125 +
126 +CONFIG_CHECK="~TUN"
127 +
128 +PATCHES=(
129 + "${FILESDIR}"/${P}-mimic-pulse-client.patch
130 +)
131 +
132 +pkg_pretend() {
133 + check_extra_config
134 +}
135 +
136 +pkg_setup() {
137 + java-pkg-opt-2_pkg_setup
138 +}
139 +
140 +src_unpack() {
141 + if [[ ${PV} == 9999 ]]; then
142 + git-r3_src_unpack
143 + fi
144 + default
145 +}
146 +
147 +src_prepare() {
148 + default
149 + if [[ ${PV} == 9999 ]]; then
150 + eautoreconf
151 + fi
152 +}
153 +
154 +src_configure() {
155 + if [[ ${LINGUAS+set} == set ]]; then
156 + strip-linguas -u po
157 + echo "${LINGUAS}" > po/LINGUAS || die
158 + fi
159 +
160 + if use doc; then
161 + python_setup
162 + else
163 + # If the python cannot be found, the docs will not build
164 + sed -e 's#"${ac_cv_path_PYTHON}"#""#' -i configure || die
165 + fi
166 +
167 + # liboath not in portage
168 + econf \
169 + --with-vpnc-script="${EPREFIX}/etc/openconnect/openconnect.sh" \
170 + $(use_enable static-libs static) \
171 + $(use_enable nls ) \
172 + $(use_with !gnutls openssl) \
173 + $(use_with gnutls ) \
174 + $(use_with libproxy) \
175 + $(use_with gssapi) \
176 + $(use_with smartcard libpcsclite) \
177 + $(use_with stoken) \
178 + $(use_with java)
179 +}
180 +
181 +DOC_CONTENTS="The init script for openconnect supports multiple vpn tunnels.
182 +
183 +You need to create a symbolic link to /etc/init.d/openconnect in /etc/init.d
184 +instead of calling it directly:
185 +
186 +ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0
187 +
188 +You can then start the vpn tunnel like this:
189 +
190 +/etc/init.d/openconnect.vpn0 start
191 +
192 +If you would like to run preup, postup, predown, and/or postdown scripts,
193 +You need to create a directory in /etc/openconnect with the name of the vpn:
194 +
195 +mkdir /etc/openconnect/vpn0
196 +
197 +Then add executable shell files:
198 +
199 +mkdir /etc/openconnect/vpn0
200 +cd /etc/openconnect/vpn0
201 +echo '#!/bin/sh' > preup.sh
202 +cp preup.sh predown.sh
203 +cp preup.sh postup.sh
204 +cp preup.sh postdown.sh
205 +chmod 755 /etc/openconnect/vpn0/*
206 +"
207 +
208 +src_install() {
209 + emake DESTDIR="${D}" install
210 +
211 + dodoc AUTHORS TODO
212 + newinitd "${FILESDIR}"/openconnect.init.in-r4 openconnect
213 + dodir /etc/openconnect
214 + insinto /etc/openconnect
215 + newconfd "${FILESDIR}"/openconnect.conf.in openconnect
216 + exeinto /etc/openconnect
217 + newexe "${WORKDIR}"/vpnc-scripts-${VPNC_VER}/vpnc-script openconnect.sh
218 + insinto /etc/logrotate.d
219 + newins "${FILESDIR}"/openconnect.logrotate openconnect
220 + keepdir /var/log/openconnect
221 +
222 + # Remove useless .la files
223 + prune_libtool_files --all
224 +
225 + readme.gentoo_create_doc
226 +}
227 +
228 +pkg_postinst() {
229 + readme.gentoo_print_elog
230 + if [[ -z ${REPLACING_VERSIONS} ]]; then
231 + elog
232 + elog "You may want to consider installing the following optional packages."
233 + optfeature "resolvconf support" net-dns/openresolv
234 + fi
235 +}
Report Message
Find on MARC Find on Google Groups