Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] dev/blueness:master commit in: net-firewall/ipsec-tools/, net-firewall/ipsec-tools/files/
Date: Fri, 28 Sep 2012 00:47:04
Message-Id: 1348793153.cfcac0b12af83c90e5f771bacc02d3f50c49cbfb.blueness@gentoo
1 commit: cfcac0b12af83c90e5f771bacc02d3f50c49cbfb
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Fri Sep 28 00:45:53 2012 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Fri Sep 28 00:45:53 2012 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=cfcac0b1
7
8 net-firewall/ipsec-tools: moved to tree
9
10 ---
11 net-firewall/ipsec-tools/Manifest | 12 -
12 .../files/ipsec-tools-0.8.0-sysctl.patch | 22 --
13 .../ipsec-tools/files/ipsec-tools-def-psk.patch | 25 --
14 .../files/ipsec-tools-include-vendoridh.patch | 11 -
15 net-firewall/ipsec-tools/files/ipsec-tools.conf | 26 --
16 net-firewall/ipsec-tools/files/psk.txt | 10 -
17 net-firewall/ipsec-tools/files/racoon.conf | 33 ---
18 net-firewall/ipsec-tools/files/racoon.conf.d-r1 | 27 --
19 net-firewall/ipsec-tools/files/racoon.init.d-r2 | 57 ----
20 net-firewall/ipsec-tools/files/racoon.pam.d | 4 -
21 .../ipsec-tools/ipsec-tools-0.8.0-r5.ebuild | 276 --------------------
22 net-firewall/ipsec-tools/metadata.xml | 14 -
23 12 files changed, 0 insertions(+), 517 deletions(-)
24
25 diff --git a/net-firewall/ipsec-tools/Manifest b/net-firewall/ipsec-tools/Manifest
26 deleted file mode 100644
27 index 7afd522..0000000
28 --- a/net-firewall/ipsec-tools/Manifest
29 +++ /dev/null
30 @@ -1,12 +0,0 @@
31 -AUX ipsec-tools-0.8.0-sysctl.patch 485 SHA256 eb94a1f77ac9c194e51c2f64b65d9c8f70ff109fdfe77f72801449277b7312f4 SHA512 a2a96cea5c2b451665d54572e471a6c2b4fb72382dcd90bda536aaabf78cdd36d630d5c1fa56372b95066dc7dffd56480d3402fdbe2d56825a017b2cc075ac66 WHIRLPOOL 54c8f99ef2881e0fdf1e1aaf7c7908e9fac31326da9a15df160f81f4b9a8bb7a4db738ebd8c888c9a0bfae7e558c48231cb6413e1e953309a658ad12bfb9e106
32 -AUX ipsec-tools-def-psk.patch 907 SHA256 15da775a7da892b7e99f0a6e531bdb9f37cc9d81c004f8a439152445f960f656 SHA512 683f168fac390df602ece1608db7f65370749c291e837497fa68fe4f39ddab907d10d67d4c80d583d7f12a1ea0bf02ba98d228e7c6e9267b49a1a8a7e57e99c4 WHIRLPOOL cfe93bc7e71aa627b973b416acfcdf9f9346ef5237726a079a0da3a383f949bb780624482f1f17b93cc43fc786711c4d8d3abc173f600f05d8790639cbed911a
33 -AUX ipsec-tools-include-vendoridh.patch 434 SHA256 be0fd6ec217405a6f1ab97231568297e705d995d0f5fa8a6ebae896e1b2e910c SHA512 fc39e09dd7b1a2d3b6cdfbfad9f4978ab5d070ae2435cf77fe2283b566bea1d58cd26dbf6cafb563587200724c9602a32ce737fd163b757872e8a6d2c8007d5c WHIRLPOOL 1507b428ab919b0e45125ec4901af6b3a764a33c98cae6e2df0c061432414cb61e980606d24f55054d4433203f5eca3a123d4dd6dfd74645d7bc222f66cab1bd
34 -AUX ipsec-tools.conf 1209 SHA256 a9a6cbf1bd42aaefdb637814bc6198079bab84e37888e1b705f938f590978816 SHA512 727297a06b75b883a7bd730d84f7a7cec04f81b51df71a6d2419602d835abe3c958d27aac176e29e2463421792843517bda802b3437b306ab43e94d178593bfa WHIRLPOOL 9c8f70c3c117e5cc4a1793637a101920ffd9126e02373db4e68b9eba4588a385cbc08fc81a0b5bf3ae0bff3d9de20a5a14b020e6d62effb97bce790ce4e74437
35 -AUX psk.txt 293 SHA256 d34b142b4566712f87382caf0a64bcc070bbde17f16e2ee49d5dde26cb1bbe08 SHA512 ed09588bcbf9b16e4e18315c7b9a7667788b4ab26cd962376430c316cfb0ee5a30ff26910190731b287c1a1b5927951a79f71a096071e73d67dc867a455b14cf WHIRLPOOL fe1aadd94612e742029d6e0be7401f2994c9fed4fec899f3fc09c90cb134aca710c41a083164d6cece46b331652ddb3b76720c60bc40b837243b329db7eb60db
36 -AUX racoon.conf 772 SHA256 e00cea25741fa16aa985d80ce49f2a59af0c98a44707a047193e936644b497a3 SHA512 8876920331b4003fd096f1997e1266a12783120e390cea55ca283a8fd6485552b54e87f60e75f33409a4cdb99171d2358953287edd47ddeac8bda6da0cc8becc WHIRLPOOL 12c55b1f5e67592483c2602040454f7c0e511c4867b0ed1e7acb593d3ffd0b2b2bfe7a5defb900eb8759006b4382d8c3d891ace2472d772e223e68eb99bd72cc
37 -AUX racoon.conf.d-r1 906 SHA256 a94721a9d51b970f728c63c1f4348c53fb0629b05ef02a6ee2c3f9e5b74e1163 SHA512 3efd2bd0ad9ef5c4340eb1a60aa561c1c37a71740d2d672d2493b0bb9488c3f12ad654270ba4a81c82f2152684f6f1423242a1b029c120c12e0d2300eae509e1 WHIRLPOOL 0ca879cefc0c784cdeddc2562ca9b6cc28ec5d8541f762818733eba7915ba6e9a87615af8fbf674363398333865f69032474fd49030d12e8a256919977da3404
38 -AUX racoon.init.d-r2 1279 SHA256 d9038da4f5c969a7da450d6d7a566fd77c4471ff0a1ceb2f176f0c9015d1eda8 SHA512 1a5337c74285b54c21b4d3d216f0a3756a3e2d6ea31028b56782c7a635ffac8142d61074fa0927df6dd1034e15234d3a4eda192c94e8cd5f510520e36bcf81a6 WHIRLPOOL f7219e0306b2d9e6311cd12ea06d560e1bf937ce409e44d7bf5a6e77325e4e6357b138fd709ca7972696a4669f1c6e6d72273250c84462ebf6b9e8c979aea330
39 -AUX racoon.pam.d 156 SHA256 166136e27d653e0bf481a6ca79fecb7d9fa2fc3d597d041f97df595f65a8193c SHA512 d3f7e6ca8c9f2b5060ebccb259316bb59c9a7e158e8ef9466765a20db263a4043a590811f1a3ab072b718dbd70898bc69b77e0b19603d7f394b5ac1bd0a4a56c WHIRLPOOL ba7a0a8c3bb39c5fda69de34b822a19696398e0a8789211ac1faae787ee34f9639eb35efe29c67f874b5f9fe674742503e570f441c005974f4a0c93468b8970b
40 -DIST ipsec-tools-0.8.0.tar.bz2 809297 SHA256 2359a24aa8eda9ca7043fc47950c8e6b7f58a07c5d5ad316aa7de2bc5e3a8717 SHA512 3bec6bab4fe555612f1d48966e797202830f5254a8d2146a14d268ff0c68445af790285214db41ab08ee4888625e8e680c3b848c30789d836169d1612a25fe2c WHIRLPOOL 862d2bbf78aca8c9e01e00c995aeb3b662e1ea4a769081b9880a3fee7821ef5968e10fe75d9671268979188c7ca3b91d507a1fc9a097729d0648bc4c965e675d
41 -EBUILD ipsec-tools-0.8.0-r5.ebuild 7683 SHA256 e0186e522daa8adaca18cf037da7373b6f9a76e0f8488a94a9f2f52b79bcd265 SHA512 5ba14cb21e44c43fb1a8c1165ac3480b01753b0d042f04932ae7ea06b98603efa873dfe4db286d8ab0188d86061450a46a6a632d0a751c3a6ce7291d7fc0478c WHIRLPOOL c298b1fad30ebe2ab59f01898b0e2d40db45f1cee977d9a639b36b7c22b7ad6c917cd75b39d88e3af7014f94a1a1327cc34c770fa176a060e7571e1ae28c2a55
42 -MISC metadata.xml 537 SHA256 12de55d6d62b8e91c8996422e33462b5637f9720a5096025752b93906bcbdc40 SHA512 9b26b2cd54e00527201339c3936ac717c57fe596e470d84e0dc0715f778b5797488b6cac61dea83bab61714a23a88e44dbd537bfeeb2b37d285653dcb838fab5 WHIRLPOOL a0dd0b61f957875ca3c50db5aa66470ed493be9c4f002bd165d75b41a8ca51cbcfd2567b4702bf1845b8e0a1ca54239e6ed163098d8b613d1f9f459192acc14e
43
44 diff --git a/net-firewall/ipsec-tools/files/ipsec-tools-0.8.0-sysctl.patch b/net-firewall/ipsec-tools/files/ipsec-tools-0.8.0-sysctl.patch
45 deleted file mode 100644
46 index 5c69bbb..0000000
47 --- a/net-firewall/ipsec-tools/files/ipsec-tools-0.8.0-sysctl.patch
48 +++ /dev/null
49 @@ -1,22 +0,0 @@
50 -https://bugs.gentoo.org/425770
51 -
52 ---- a/src/racoon/pfkey.c
53 -+++ b/src/racoon/pfkey.c
54 -@@ -59,7 +59,6 @@
55 - #include <sys/param.h>
56 - #include <sys/socket.h>
57 - #include <sys/queue.h>
58 --#include <sys/sysctl.h>
59 -
60 - #include <net/route.h>
61 - #include <net/pfkeyv2.h>
62 ---- a/src/setkey/setkey.c
63 -+++ b/src/setkey/setkey.c
64 -@@ -40,7 +40,6 @@
65 - #include <sys/socket.h>
66 - #include <sys/time.h>
67 - #include <sys/stat.h>
68 --#include <sys/sysctl.h>
69 - #include <err.h>
70 - #include <netinet/in.h>
71 - #include <net/pfkeyv2.h>
72
73 diff --git a/net-firewall/ipsec-tools/files/ipsec-tools-def-psk.patch b/net-firewall/ipsec-tools/files/ipsec-tools-def-psk.patch
74 deleted file mode 100644
75 index f351860..0000000
76 --- a/net-firewall/ipsec-tools/files/ipsec-tools-def-psk.patch
77 +++ /dev/null
78 @@ -1,25 +0,0 @@
79 -diff -brau ipsec-tools-0.7.3.o/src/racoon/oakley.c ipsec-tools-0.7.3/src/racoon/oakley.c
80 ---- ipsec-tools-0.7.3.o/src/racoon/oakley.c 2009-08-13 11:18:45.000000000 +0200
81 -+++ ipsec-tools-0.7.3/src/racoon/oakley.c 2011-06-06 09:36:11.000000000 +0200
82 -@@ -2498,8 +2498,21 @@
83 - plog(LLV_ERROR, LOCATION, iph1->remote,
84 - "couldn't find the pskey for %s.\n",
85 - saddrwop2str(iph1->remote));
86 -+ }
87 -+ }
88 -+ if (iph1->authstr == NULL) {
89 -+ /*
90 -+ * If we could not locate a psk above try and locate
91 -+ * the default psk, ie, "*".
92 -+ */
93 -+ iph1->authstr = privsep_getpsk("*", 1);
94 -+ if (iph1->authstr == NULL) {
95 -+ plog(LLV_ERROR, LOCATION, iph1->remote,
96 -+ "couldn't find the the default pskey either.\n");
97 - goto end;
98 - }
99 -+ plog(LLV_NOTIFY, LOCATION, iph1->remote,
100 -+ "Using default PSK.\n");
101 - }
102 - plog(LLV_DEBUG, LOCATION, NULL, "the psk found.\n");
103 - /* should be secret PSK */
104
105 diff --git a/net-firewall/ipsec-tools/files/ipsec-tools-include-vendoridh.patch b/net-firewall/ipsec-tools/files/ipsec-tools-include-vendoridh.patch
106 deleted file mode 100644
107 index 2e22c82..0000000
108 --- a/net-firewall/ipsec-tools/files/ipsec-tools-include-vendoridh.patch
109 +++ /dev/null
110 @@ -1,11 +0,0 @@
111 -diff -Naur ipsec-tools-0.8.0.orig//src/racoon/ipsec_doi.c ipsec-tools-0.8.0/src/racoon/ipsec_doi.c
112 ---- ipsec-tools-0.8.0.orig//src/racoon/ipsec_doi.c 2012-02-28 13:42:24.000000000 -0500
113 -+++ ipsec-tools-0.8.0/src/racoon/ipsec_doi.c 2012-02-28 13:41:22.000000000 -0500
114 -@@ -87,6 +87,7 @@
115 - #ifdef HAVE_GSSAPI
116 - #include <iconv.h>
117 - #include "gssapi.h"
118 -+#include "vendorid.h"
119 - #ifdef HAVE_ICONV_2ND_CONST
120 - #define __iconv_const const
121 - #else
122
123 diff --git a/net-firewall/ipsec-tools/files/ipsec-tools.conf b/net-firewall/ipsec-tools/files/ipsec-tools.conf
124 deleted file mode 100644
125 index bfff04a..0000000
126 --- a/net-firewall/ipsec-tools/files/ipsec-tools.conf
127 +++ /dev/null
128 @@ -1,26 +0,0 @@
129 -#!/usr/sbin/setkey -f
130 -#
131 -# THIS IS A SAMPLE FILE!
132 -#
133 -# This is a sample file to test Gentoo's ipsec-tools out of the box.
134 -# Do not use it in production. See: http://www.ipsec-howto.org/
135 -#
136 -flush;
137 -spdflush;
138 -
139 -#
140 -# Uncomment the following if you want to do manual keying, ie, you want to run IPsec without racoon.
141 -# Do not switch 192.168.3.21 <-> 192.168.3.25 on the peer
142 -#
143 -#add 192.168.3.25 192.168.3.21 ah 0x200 -A hmac-md5 0xc0291ff014dccdd03874d9e8e4cdf3e6;
144 -#add 192.168.3.21 192.168.3.25 ah 0x300 -A hmac-md5 0x96358c90783bbfa3d7b196ceabe0536b;
145 -#add 192.168.3.25 192.168.3.21 esp 0x201 -E 3des-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831;
146 -#add 192.168.3.21 192.168.3.25 esp 0x301 -E 3des-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df;
147 -
148 -#
149 -# Make sure to switch 192.168.3.21 <-> 192.168.3.25 on the peer
150 -#
151 -#spdadd 192.168.3.21 192.168.3.25 any -P out ipsec esp/transport//require ah/transport//require;
152 -#spdadd 192.168.3.25 192.168.3.21 any -P in ipsec esp/transport//require ah/transport//require;
153 -spdadd 192.168.3.25 192.168.3.21 any -P out ipsec esp/transport//require ah/transport//require;
154 -spdadd 192.168.3.21 192.168.3.25 any -P in ipsec esp/transport//require ah/transport//require;
155
156 diff --git a/net-firewall/ipsec-tools/files/psk.txt b/net-firewall/ipsec-tools/files/psk.txt
157 deleted file mode 100644
158 index 97f5180..0000000
159 --- a/net-firewall/ipsec-tools/files/psk.txt
160 +++ /dev/null
161 @@ -1,10 +0,0 @@
162 -# THIS IS A SAMPLE FILE!
163 -#
164 -# This is a sample file to test Gentoo's ipsec-tools out of the box.
165 -# Do not use it in production. See: http://www.ipsec-howto.org/
166 -#
167 -# Make sure to switch 192.168.3.21 <-> 192.168.3.25 on the peer
168 -#
169 -# Peer IP/FQDN Secret
170 -# 192.168.3.25 sample
171 -192.168.3.21 sample
172
173 diff --git a/net-firewall/ipsec-tools/files/racoon.conf b/net-firewall/ipsec-tools/files/racoon.conf
174 deleted file mode 100644
175 index 2e9206d..0000000
176 --- a/net-firewall/ipsec-tools/files/racoon.conf
177 +++ /dev/null
178 @@ -1,33 +0,0 @@
179 -# THIS IS A SAMPLE FILE!
180 -#
181 -# This is a sample file to test Gentoo's ipsec-tools out of the box.
182 -# Do not use it in production. See: http://www.ipsec-howto.org/
183 -#
184 -path pre_shared_key "/etc/racoon/psk.txt";
185 -
186 -#
187 -# Make sure to switch 192.168.3.21 <-> 192.168.3.25 on the peer
188 -#
189 -#remote 192.168.3.25
190 -remote 192.168.3.21
191 -{
192 - exchange_mode main;
193 - proposal {
194 - encryption_algorithm 3des;
195 - hash_algorithm md5;
196 - authentication_method pre_shared_key;
197 - dh_group modp1024;
198 - }
199 -}
200 -
201 -#
202 -# Make sure to switch 192.168.3.21 <-> 192.168.3.25 on the peer
203 -#
204 -#sainfo address 192.168.3.21 any address 192.168.3.25 any
205 -sainfo address 192.168.3.25 any address 192.168.3.21 any
206 -{
207 - pfs_group modp768;
208 - encryption_algorithm 3des;
209 - authentication_algorithm hmac_md5;
210 - compression_algorithm deflate;
211 -}
212
213 diff --git a/net-firewall/ipsec-tools/files/racoon.conf.d-r1 b/net-firewall/ipsec-tools/files/racoon.conf.d-r1
214 deleted file mode 100644
215 index ac2b718..0000000
216 --- a/net-firewall/ipsec-tools/files/racoon.conf.d-r1
217 +++ /dev/null
218 @@ -1,27 +0,0 @@
219 -# Copyright 1999-2012 Gentoo Foundation
220 -# Distributed under the terms of the GNU General Public License v2
221 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/files/racoon.conf.d,v 1.4 2012/03/09 02:55:47 blueness Exp $
222 -
223 -# Config file for /etc/init.d/racoon
224 -
225 -# See the man page or run `racoon --help` for valid command-line options
226 -# RACOON_OPTS="-d"
227 -
228 -RACOON_CONF="/etc/racoon/racoon.conf"
229 -RACOON_PSK_FILE="/etc/racoon/psk.txt"
230 -
231 -# The amount of time in ms for start-stop-daemon to wait before a timeout
232 -# Racoon can sometimes be slow. We'll wait 1 sec. Bug #435398.
233 -
234 -RACOON_WAIT="1000"
235 -
236 -# The setkey config file. Don't name it ipsec.conf as this clashes
237 -# with strongswan. We'll follow debian's naming. Bug #436144.
238 -
239 -SETKEY_CONF="/etc/ipsec-tools.conf"
240 -
241 -# Comment or remove the following if you don't want the policy tables
242 -# to be flushed when racoon is stopped.
243 -
244 -RACOON_RESET_TABLES="true"
245 -
246
247 diff --git a/net-firewall/ipsec-tools/files/racoon.init.d-r2 b/net-firewall/ipsec-tools/files/racoon.init.d-r2
248 deleted file mode 100644
249 index aeed27d..0000000
250 --- a/net-firewall/ipsec-tools/files/racoon.init.d-r2
251 +++ /dev/null
252 @@ -1,57 +0,0 @@
253 -#!/sbin/runscript
254 -# Copyright 1999-2012 Gentoo Foundation
255 -# Distributed under the terms of the GNU General Public License v2
256 -
257 -depend() {
258 - before netmount
259 - use net
260 -}
261 -
262 -checkconfig() {
263 - if [ ! -e ${SETKEY_CONF} ] ; then
264 - eerror "You need to configure setkey before starting racoon."
265 - return 1
266 - fi
267 - if [ ! -e ${RACOON_CONF} ] ; then
268 - eerror "You need a configuration file to start racoon."
269 - return 1
270 - fi
271 - if [ ! -z ${RACOON_PSK_FILE} ] ; then
272 - if [ ! -f ${RACOON_PSK_FILE} ] ; then
273 - eerror "PSK file not found as specified."
274 - eerror "Set RACOON_PSK_FILE in /etc/conf.d/racoon."
275 - return 1
276 - fi
277 - case "`ls -Lldn ${RACOON_PSK_FILE}`" in
278 - -r--------*)
279 - ;;
280 - *)
281 - eerror "Your defined PSK file should be mode 400 for security!"
282 - return 1
283 - ;;
284 - esac
285 - fi
286 -}
287 -
288 -command=/usr/sbin/racoon
289 -command_args="-f ${RACOON_CONF} ${RACOON_OPTS}"
290 -pidfile=/var/run/racoon.pid
291 -start_stop_daemon_args="--wait ${RACOON_WAIT}"
292 -
293 -start_pre() {
294 - checkconfig || return 1
295 - einfo "Loading ipsec policies from ${SETKEY_CONF}."
296 - /usr/sbin/setkey -f ${SETKEY_CONF}
297 - if [ $? -eq 1 ] ; then
298 - eerror "Error while loading ipsec policies"
299 - fi
300 -}
301 -
302 -stop_post() {
303 - if [ -n "${RACOON_RESET_TABLES}" ]; then
304 - ebegin "Flushing policy entries"
305 - /usr/sbin/setkey -F
306 - /usr/sbin/setkey -FP
307 - eend $?
308 - fi
309 -}
310
311 diff --git a/net-firewall/ipsec-tools/files/racoon.pam.d b/net-firewall/ipsec-tools/files/racoon.pam.d
312 deleted file mode 100644
313 index b801aaa..0000000
314 --- a/net-firewall/ipsec-tools/files/racoon.pam.d
315 +++ /dev/null
316 @@ -1,4 +0,0 @@
317 -auth include system-remote-login
318 -account include system-remote-login
319 -password include system-remote-login
320 -session include system-remote-login
321
322 diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r5.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r5.ebuild
323 deleted file mode 100644
324 index 681045d..0000000
325 --- a/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r5.ebuild
326 +++ /dev/null
327 @@ -1,276 +0,0 @@
328 -# Copyright 1999-2012 Gentoo Foundation
329 -# Distributed under the terms of the GNU General Public License v2
330 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r4.ebuild,v 1.2 2012/09/25 01:12:33 vapier Exp $
331 -
332 -EAPI="4"
333 -
334 -inherit eutils flag-o-matic autotools linux-info pam
335 -
336 -DESCRIPTION="A port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"
337 -HOMEPAGE="http://ipsec-tools.sourceforge.net/"
338 -SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
339 -
340 -LICENSE="BSD GPL-2"
341 -SLOT="0"
342 -KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~x86"
343 -IUSE="hybrid idea ipv6 kerberos ldap nat pam rc5 readline selinux stats"
344 -
345 -RDEPEND="
346 - dev-libs/openssl
347 - kerberos? ( virtual/krb5 )
348 - ldap? ( net-nds/openldap )
349 - pam? ( sys-libs/pam )
350 - readline? ( sys-libs/readline )
351 - selinux? (
352 - sys-libs/libselinux
353 - sec-policy/selinux-ipsec
354 - )"
355 -
356 -DEPEND="${RDEPEND}
357 - >=sys-kernel/linux-headers-2.6.30"
358 -
359 -pkg_preinst() {
360 - if has_version "<${CATEGORY}/${PN}-0.8.0-r5" ; then
361 - ewarn
362 - ewarn "\033[1;33m**************************************************\033[00m"
363 - ewarn
364 - if ! has_version "net-misc/strongswan" ; then
365 - ewarn "We found an earlier version of ${PN} installed."
366 - ewarn "As of ${PN}-0.8.0-r5, the old configuration file,"
367 - ewarn "ipsec.conf, has been changed to ipsec-tools.conf to avoid"
368 - ewarn "a conflict with net-misc/strongswan; bug #436144. We will"
369 - ewarn "rename this file for you with this upgrade. However, if"
370 - ewarn "you later downgrade, you'll have to rename the file to"
371 - ewarn "its orignal manually or change /etc/conf.d/racoon to point"
372 - ewarn "to the new file."
373 -
374 - if [[ -f /etc/ipsec.conf && ! -f /etc/ipsec-tools.conf ]] ; then
375 - mv /etc/ipsec.conf /etc/ipsec-tools.conf
376 - else
377 - ewarn
378 - ewarn "Oops! I can't move ipsec.conf to ipsec-tools.conf!"
379 - ewarn "Either the former doesn't exist or the later does and"
380 - ewarn "I won't clobber it. Please fix this situation manually."
381 - fi
382 - else
383 - ewarn "You had both an earlier version of ${PN} and"
384 - ewarn "net-misc/strongswan installed. I can't tell whether"
385 - ewarn "the configuration file, ipsec.conf, belongs to one"
386 - ewarn "package or the other due to a file conflict; bug #436144."
387 - ewarn "The current version of ${PN} uses ipsec-tools.conf "
388 - ewarn "as its configuration file, as will future versions."
389 - ewarn "Please fix this situation manually."
390 - fi
391 - ewarn
392 - ewarn "\033[1;33m**************************************************\033[00m"
393 - ewarn
394 - fi
395 -}
396 -
397 -pkg_setup() {
398 - linux-info_pkg_setup
399 -
400 - get_version
401 -
402 - if linux_config_exists && kernel_is -ge 2 6 19; then
403 - ewarn
404 - ewarn "\033[1;33m**************************************************\033[00m"
405 - ewarn
406 - ewarn "Checking kernel configuration in /usr/src/linux or"
407 - ewarn "or /proc/config.gz for compatibility with ${PN}."
408 - ewarn "Here are the potential problems:"
409 - ewarn
410 -
411 - local nothing="1"
412 -
413 - # Check options for all flavors of IPSec
414 - local msg=""
415 - for i in XFRM_USER NET_KEY; do
416 - if ! linux_chkconfig_present ${i}; then
417 - msg="${msg} ${i}"
418 - fi
419 - done
420 - if [[ ! -z "$msg" ]]; then
421 - nothing="0"
422 - ewarn
423 - ewarn "ALL IPSec may fail. CHECK:"
424 - ewarn "${msg}"
425 - fi
426 -
427 - # Check unencrypted IPSec
428 - if ! linux_chkconfig_present CRYPTO_NULL; then
429 - nothing="0"
430 - ewarn
431 - ewarn "Unencrypted IPSec may fail. CHECK:"
432 - ewarn " CRYPTO_NULL"
433 - fi
434 -
435 - # Check IPv4 IPSec
436 - msg=""
437 - for i in \
438 - INET_IPCOMP INET_AH INET_ESP \
439 - INET_XFRM_MODE_TRANSPORT \
440 - INET_XFRM_MODE_TUNNEL \
441 - INET_XFRM_MODE_BEET
442 - do
443 - if ! linux_chkconfig_present ${i}; then
444 - msg="${msg} ${i}"
445 - fi
446 - done
447 - if [[ ! -z "$msg" ]]; then
448 - nothing="0"
449 - ewarn
450 - ewarn "IPv4 IPSec may fail. CHECK:"
451 - ewarn "${msg}"
452 - fi
453 -
454 - # Check IPv6 IPSec
455 - if use ipv6; then
456 - msg=""
457 - for i in INET6_IPCOMP INET6_AH INET6_ESP \
458 - INET6_XFRM_MODE_TRANSPORT \
459 - INET6_XFRM_MODE_TUNNEL \
460 - INET6_XFRM_MODE_BEET
461 - do
462 - if ! linux_chkconfig_present ${i}; then
463 - msg="${msg} ${i}"
464 - fi
465 - done
466 - if [[ ! -z "$msg" ]]; then
467 - nothing="0"
468 - ewarn
469 - ewarn "IPv6 IPSec may fail. CHECK:"
470 - ewarn "${msg}"
471 - fi
472 - fi
473 -
474 - # Check IPSec behind NAT
475 - if use nat; then
476 - if ! linux_chkconfig_present NETFILTER_XT_MATCH_POLICY; then
477 - nothing="0"
478 - ewarn
479 - ewarn "IPSec behind NAT may fail. CHECK:"
480 - ewarn " NETFILTER_XT_MATCH_POLICY"
481 - fi
482 - fi
483 -
484 - if [[ $nothing == "1" ]]; then
485 - ewarn "NO PROBLEMS FOUND"
486 - fi
487 -
488 - ewarn
489 - ewarn "WARNING: If your *configured* and *running* kernel"
490 - ewarn "differ either now or in the future, then these checks"
491 - ewarn "may lead to misleading results."
492 - ewarn
493 - ewarn "\033[1;33m**************************************************\033[00m"
494 - ewarn
495 - else
496 - eerror
497 - eerror "\033[1;31m**************************************************\033[00m"
498 - eerror "Make sure that your *running* kernel is/will be >=2.6.19."
499 - eerror "Building ${PN} now, assuming that you know what you're doing."
500 - eerror "\033[1;31m**************************************************\033[00m"
501 - eerror
502 - fi
503 -}
504 -
505 -src_prepare() {
506 - # fix for bug #124813
507 - sed -i 's:-Werror::g' "${S}"/configure.ac || die
508 - # fix for building with gcc-4.6
509 - sed -i 's: -R: -Wl,-R:' "${S}"/configure.ac || die
510 -
511 - epatch "${FILESDIR}/${PN}-def-psk.patch"
512 - epatch "${FILESDIR}/${PN}-include-vendoridh.patch"
513 - epatch "${FILESDIR}"/${P}-sysctl.patch #425770
514 -
515 - AT_M4DIR="${S}" eautoreconf
516 - epunt_cxx
517 -}
518 -
519 -src_configure() {
520 - #--with-{iconv,libradius} lead to "Broken getaddrinfo()"
521 - #--enable-samode-unspec is not supported in linux
522 - local myconf
523 - myconf="--with-kernel-headers=/usr/include \
524 - --enable-adminport \
525 - --enable-dependency-tracking \
526 - --enable-dpd \
527 - --enable-frag \
528 - --without-libiconv \
529 - --without-libradius \
530 - --disable-samode-unspec \
531 - $(use_enable idea) \
532 - $(use_enable ipv6) \
533 - $(use_enable kerberos gssapi) \
534 - $(use_with ldap libldap) \
535 - $(use_enable nat natt) \
536 - $(use_with pam libpam) \
537 - $(use_enable rc5) \
538 - $(use_with readline) \
539 - $(use_enable selinux security-context) \
540 - $(use_enable stats)"
541 -
542 - use nat && myconf="${myconf} --enable-natt-versions=yes"
543 -
544 - # enable mode-cfg and xauth support
545 - if use pam; then
546 - myconf="${myconf} --enable-hybrid"
547 - else
548 - myconf="${myconf} $(use_enable hybrid)"
549 - fi
550 -
551 - econf ${myconf}
552 -}
553 -
554 -src_install() {
555 - emake DESTDIR="${D}" install
556 - keepdir /var/lib/racoon
557 - newconfd "${FILESDIR}"/racoon.conf.d-r1 racoon
558 - newinitd "${FILESDIR}"/racoon.init.d-r2 racoon
559 - use pam && newpamd "${FILESDIR}"/racoon.pam.d racoon
560 -
561 - insinto /etc
562 - doins "${FILESDIR}"/ipsec-tools.conf
563 - insinto /etc/racoon
564 - doins "${FILESDIR}"/racoon.conf
565 - doins "${FILESDIR}"/psk.txt
566 - chmod 400 "${D}"/etc/racoon/psk.txt
567 -
568 - dodoc ChangeLog README NEWS
569 - dodoc -r src/racoon/samples
570 - dodoc -r src/racoon/doc
571 - docinto samples
572 - mv ipsec.conf ipsec-tools.conf
573 - newdoc src/setkey/sample.cf ipsec-tools.conf
574 -}
575 -
576 -pkg_postinst() {
577 - if use nat; then
578 - elog
579 - elog "You have enabled the nat traversal functionnality."
580 - elog "Nat versions wich are enabled by default are 00,02,rfc"
581 - elog "you can find those drafts in the CVS repository:"
582 - elog "cvs -d anoncvs@××××××××××××××.org:/cvsroot co ipsec-tools"
583 - elog
584 - elog "If you feel brave enough and you know what you are"
585 - elog "doing, you can consider emerging this ebuild with"
586 - elog "EXTRA_ECONF=\"--enable-natt-versions=08,07,06\""
587 - elog
588 - fi
589 -
590 - if use ldap; then
591 - elog
592 - elog "You have enabled ldap support with {$PN}."
593 - elog "The man page does NOT contain any information on it yet."
594 - elog "Consider using a more recent version or CVS."
595 - elog
596 - fi
597 -
598 - elog
599 - elog "Please have a look in /usr/share/doc/${P} and visit"
600 - elog "http://www.netbsd.org/Documentation/network/ipsec/"
601 - elog "to find more information on how to configure this tool."
602 - elog
603 -}
604
605 diff --git a/net-firewall/ipsec-tools/metadata.xml b/net-firewall/ipsec-tools/metadata.xml
606 deleted file mode 100644
607 index 6e6434c..0000000
608 --- a/net-firewall/ipsec-tools/metadata.xml
609 +++ /dev/null
610 @@ -1,14 +0,0 @@
611 -<?xml version="1.0" encoding="UTF-8"?>
612 -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
613 -<pkgmetadata>
614 - <maintainer>
615 - <email>blueness@g.o</email>
616 - </maintainer>
617 - <use>
618 - <flag name='hybrid'>Makes available both mode-cfg and xauth support</flag>
619 - <flag name='idea'>Enable support for the IDEA algorithm</flag>
620 - <flag name='nat'>Enable NAT-Traversal</flag>
621 - <flag name='rc5'>Enable support for the patented RC5 algorithm</flag>
622 - <flag name='stats'>Enable statistics reporting</flag>
623 - </use>
624 -</pkgmetadata>