1 |
commit: d16dd3528d2fe671468b697069657b7314532481 |
2 |
Author: Hans de Graaff <graaff <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Feb 23 05:56:10 2021 +0000 |
4 |
Commit: Hans de Graaff <graaff <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Feb 23 05:56:10 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d16dd352 |
7 |
|
8 |
net-vpn/libreswan: add 4.3 |
9 |
|
10 |
Package-Manager: Portage-3.0.13, Repoman-3.0.2 |
11 |
Signed-off-by: Hans de Graaff <graaff <AT> gentoo.org> |
12 |
|
13 |
net-vpn/libreswan/Manifest | 1 + |
14 |
net-vpn/libreswan/libreswan-4.3.ebuild | 120 +++++++++++++++++++++++++++++++++ |
15 |
2 files changed, 121 insertions(+) |
16 |
|
17 |
diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest |
18 |
index 11c0f86ad23..9029b88f1a6 100644 |
19 |
--- a/net-vpn/libreswan/Manifest |
20 |
+++ b/net-vpn/libreswan/Manifest |
21 |
@@ -1,3 +1,4 @@ |
22 |
DIST libreswan-3.32.tar.gz 4141631 BLAKE2B 37a4cb5c1f52d69b17ba60abd2b7a181d9f5567914a453ab875185110aeda4d33ecdaacfc83e361f153860a1db66faec70e0ad06af65e310af28ae72ce68fc6a SHA512 bb65512351059e2fac6f1c3ed1e291eabd6835faacf6d9c58649dd71dab1bb4fe6d6074178dea6dea01f24d39f3fbefd84c6060e4d8436b5d057fa55ae4467f3 |
23 |
DIST libreswan-4.1.tar.gz 3427012 BLAKE2B 2ec58a53756efd2dc8e6a9e305c1efd1e3b8b1aaa089d783e86cf19d747b99838de451a2f94965981e0e2342d5866c16f36c4cf07e7ab971f3e689f8616c28f6 SHA512 c98dfdf6bff17eda6f028e35653b822941665989e37974266bcc54fda20e05f71b86c1dfee858a8ba9a544f86e9217e8e08fa2dfe03ab011f6c2d039b4ee05fe |
24 |
DIST libreswan-4.2.tar.gz 3467095 BLAKE2B 0630e9f7cf7ce6182712b4837688fd6b7a1ad1644f167f7ded4e63c7a0aac960a38d903cefbf0189da22b6ddb8c15f217ff3134f220b64020812789c1a196d29 SHA512 290be2e36fb41959c9889597aad8ab5df1edc1999ed7315e8f2e50213de073732c91ad497a2b5634f7bc83bca84089ef9f711420a77309c6cce243f1419a2d0f |
25 |
+DIST libreswan-4.3.tar.gz 3489322 BLAKE2B 36908bf043fb1085f40b4a5f35ca6dc1563e1a1701f9cced9cb6765094bb2ef603b6d6d4b076a333d540f6454c10b6350d9b8c20de8bc3f27b19915b4cf42b9f SHA512 4687c867d34655cd33997edf4ab7887b2121af41c99d1bd9c794fce1c1eef412f5528de7a338e92a44c1c5d0aaa8fbeb756b89849fcad3deb45a418751e64045 |
26 |
|
27 |
diff --git a/net-vpn/libreswan/libreswan-4.3.ebuild b/net-vpn/libreswan/libreswan-4.3.ebuild |
28 |
new file mode 100644 |
29 |
index 00000000000..a9a0951d564 |
30 |
--- /dev/null |
31 |
+++ b/net-vpn/libreswan/libreswan-4.3.ebuild |
32 |
@@ -0,0 +1,120 @@ |
33 |
+# Copyright 1999-2021 Gentoo Authors |
34 |
+# Distributed under the terms of the GNU General Public License v2 |
35 |
+ |
36 |
+EAPI=7 |
37 |
+ |
38 |
+inherit systemd toolchain-funcs |
39 |
+ |
40 |
+SRC_URI="https://download.libreswan.org/${P}.tar.gz" |
41 |
+KEYWORDS="~amd64 ~arm ~ppc ~x86" |
42 |
+ |
43 |
+DESCRIPTION="IPsec implementation for Linux, fork of Openswan" |
44 |
+HOMEPAGE="https://libreswan.org/" |
45 |
+ |
46 |
+LICENSE="GPL-2 BSD-4 RSA DES" |
47 |
+SLOT="0" |
48 |
+IUSE="caps curl dnssec ldap networkmanager pam seccomp selinux systemd test" |
49 |
+RESTRICT="!test? ( test )" |
50 |
+ |
51 |
+DEPEND=" |
52 |
+ dev-libs/gmp:0= |
53 |
+ dev-libs/libevent:0= |
54 |
+ dev-libs/nspr |
55 |
+ >=dev-libs/nss-3.42 |
56 |
+ >=sys-kernel/linux-headers-4.19 |
57 |
+ caps? ( sys-libs/libcap-ng ) |
58 |
+ curl? ( net-misc/curl ) |
59 |
+ dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns ) |
60 |
+ ldap? ( net-nds/openldap ) |
61 |
+ pam? ( sys-libs/pam ) |
62 |
+ seccomp? ( sys-libs/libseccomp ) |
63 |
+ selinux? ( sys-libs/libselinux ) |
64 |
+ systemd? ( sys-apps/systemd:0= ) |
65 |
+" |
66 |
+BDEPEND=" |
67 |
+ app-text/docbook-xml-dtd:4.1.2 |
68 |
+ app-text/xmlto |
69 |
+ dev-libs/nss |
70 |
+ sys-devel/bison |
71 |
+ sys-devel/flex |
72 |
+ virtual/pkgconfig |
73 |
+ test? ( dev-python/setproctitle ) |
74 |
+" |
75 |
+RDEPEND="${DEPEND} |
76 |
+ dev-libs/nss[utils(+)] |
77 |
+ sys-apps/iproute2 |
78 |
+ !net-vpn/strongswan |
79 |
+ selinux? ( sec-policy/selinux-ipsec ) |
80 |
+" |
81 |
+ |
82 |
+usetf() { |
83 |
+ usex "$1" true false |
84 |
+} |
85 |
+ |
86 |
+PATCHES=( "${FILESDIR}/${PN}-4.2-ip-path.patch" ) |
87 |
+ |
88 |
+src_prepare() { |
89 |
+ sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die |
90 |
+ sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die |
91 |
+ default |
92 |
+} |
93 |
+ |
94 |
+src_configure() { |
95 |
+ tc-export AR CC |
96 |
+ export PREFIX=/usr |
97 |
+ export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} |
98 |
+ export FINALDOCDIR=/usr/share/doc/${PF}/html |
99 |
+ export INITSYSTEM=openrc |
100 |
+ export INITDDIRS= |
101 |
+ export INITDDIR_DEFAULT=/etc/init.d |
102 |
+ export USERCOMPILE=${CFLAGS} |
103 |
+ export USERLINK=${LDFLAGS} |
104 |
+ export USE_DNSSEC=$(usetf dnssec) |
105 |
+ export USE_LABELED_IPSEC=$(usetf selinux) |
106 |
+ export USE_LIBCAP_NG=$(usetf caps) |
107 |
+ export USE_LIBCURL=$(usetf curl) |
108 |
+ export USE_LINUX_AUDIT=$(usetf selinux) |
109 |
+ export USE_LDAP=$(usetf ldap) |
110 |
+ export USE_NM=$(usetf networkmanager) |
111 |
+ export USE_SECCOMP=$(usetf seccomp) |
112 |
+ export USE_SYSTEMD_WATCHDOG=$(usetf systemd) |
113 |
+ export SD_WATCHDOGSEC=$(usex systemd 200 0) |
114 |
+ export USE_XAUTHPAM=$(usetf pam) |
115 |
+ export DEBUG_CFLAGS= |
116 |
+ export OPTIMIZE_CFLAGS= |
117 |
+ export WERROR_CFLAGS= |
118 |
+} |
119 |
+ |
120 |
+src_compile() { |
121 |
+ emake all |
122 |
+ emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all |
123 |
+} |
124 |
+ |
125 |
+src_test() { |
126 |
+ : # integration tests only that require set of kvms to be set up |
127 |
+} |
128 |
+ |
129 |
+src_install() { |
130 |
+ default |
131 |
+ emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install |
132 |
+ |
133 |
+ echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets |
134 |
+ fperms 0600 /etc/ipsec.secrets |
135 |
+ |
136 |
+ keepdir /var/lib/ipsec/nss |
137 |
+ fperms 0700 /var/lib/ipsec/nss |
138 |
+ |
139 |
+ dodoc -r docs |
140 |
+ |
141 |
+ find "${D}" -type d -empty -delete || die |
142 |
+} |
143 |
+ |
144 |
+pkg_postinst() { |
145 |
+ local IPSEC_CONFDIR=${ROOT}/var/lib/ipsec/nss |
146 |
+ if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then |
147 |
+ ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" |
148 |
+ certutil -N -d "${IPSEC_CONFDIR}" --empty-password |
149 |
+ eend $? |
150 |
+ einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" |
151 |
+ fi |
152 |
+} |