1 |
commit: 95550adee868aabe0bbb23439ba961c3f764cd6e |
2 |
Author: Hans de Graaff <graaff <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue May 12 14:33:02 2020 +0000 |
4 |
Commit: Hans de Graaff <graaff <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue May 12 14:33:02 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=95550ade |
7 |
|
8 |
net-vpn/libreswan: add 3.32 |
9 |
|
10 |
Package-Manager: Portage-2.3.99, Repoman-2.3.22 |
11 |
Signed-off-by: Hans de Graaff <graaff <AT> gentoo.org> |
12 |
|
13 |
net-vpn/libreswan/Manifest | 1 + |
14 |
net-vpn/libreswan/libreswan-3.32.ebuild | 117 ++++++++++++++++++++++++++++++++ |
15 |
2 files changed, 118 insertions(+) |
16 |
|
17 |
diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest |
18 |
index 9f374abd04b..97e03dcc478 100644 |
19 |
--- a/net-vpn/libreswan/Manifest |
20 |
+++ b/net-vpn/libreswan/Manifest |
21 |
@@ -1,2 +1,3 @@ |
22 |
DIST libreswan-3.29.tar.gz 3848730 BLAKE2B 32dc839186fb511534a4959014082f8efe27708da7bc09dc5977532ffc7ea0ccdc92407932b3c3166f14b9ff85933e9a3f76325bbe620e09a5fa5a5c496d1f44 SHA512 4b4d91204d8b1724e0a9ad3ed55fc232c9a526211c3b47b6cc33fd160feb72538ef1661becca250bde815b9d7b75709bf16c7b372476605557b47c785cdf2535 |
23 |
DIST libreswan-3.31.tar.gz 4127675 BLAKE2B 0b773e4cfda761a88e8cb6ed412ecdd50bb52df7a58029141d41c77f959ad06c6cd04625b9094efa8586328381e3c75050ff68c2d8dd6d832ed5dd6e747d9391 SHA512 edaddeb209c4fb974b16790ba843a41f4f1d269dd28333aa02b820801a222435c2ca5622e77558d1e95970b4ef24a663d9c44ef4ede7ff4e66e1f0d9b6e880d2 |
24 |
+DIST libreswan-3.32.tar.gz 4141631 BLAKE2B 37a4cb5c1f52d69b17ba60abd2b7a181d9f5567914a453ab875185110aeda4d33ecdaacfc83e361f153860a1db66faec70e0ad06af65e310af28ae72ce68fc6a SHA512 bb65512351059e2fac6f1c3ed1e291eabd6835faacf6d9c58649dd71dab1bb4fe6d6074178dea6dea01f24d39f3fbefd84c6060e4d8436b5d057fa55ae4467f3 |
25 |
|
26 |
diff --git a/net-vpn/libreswan/libreswan-3.32.ebuild b/net-vpn/libreswan/libreswan-3.32.ebuild |
27 |
new file mode 100644 |
28 |
index 00000000000..f81f028d3f9 |
29 |
--- /dev/null |
30 |
+++ b/net-vpn/libreswan/libreswan-3.32.ebuild |
31 |
@@ -0,0 +1,117 @@ |
32 |
+# Copyright 1999-2020 Gentoo Authors |
33 |
+# Distributed under the terms of the GNU General Public License v2 |
34 |
+ |
35 |
+EAPI=7 |
36 |
+ |
37 |
+inherit systemd toolchain-funcs |
38 |
+ |
39 |
+SRC_URI="https://download.libreswan.org/${P}.tar.gz" |
40 |
+KEYWORDS="~amd64 ~arm ~ppc ~x86" |
41 |
+ |
42 |
+DESCRIPTION="IPsec implementation for Linux, fork of Openswan" |
43 |
+HOMEPAGE="https://libreswan.org/" |
44 |
+ |
45 |
+LICENSE="GPL-2 BSD-4 RSA DES" |
46 |
+SLOT="0" |
47 |
+IUSE="caps curl dnssec ldap pam seccomp selinux systemd test" |
48 |
+RESTRICT="!test? ( test )" |
49 |
+ |
50 |
+DEPEND=" |
51 |
+ dev-libs/gmp:0= |
52 |
+ dev-libs/libevent:0= |
53 |
+ dev-libs/nspr |
54 |
+ >=dev-libs/nss-3.42 |
55 |
+ >=sys-kernel/linux-headers-4.19 |
56 |
+ caps? ( sys-libs/libcap-ng ) |
57 |
+ curl? ( net-misc/curl ) |
58 |
+ dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns ) |
59 |
+ ldap? ( net-nds/openldap ) |
60 |
+ pam? ( sys-libs/pam ) |
61 |
+ seccomp? ( sys-libs/libseccomp ) |
62 |
+ selinux? ( sys-libs/libselinux ) |
63 |
+ systemd? ( sys-apps/systemd:0= ) |
64 |
+" |
65 |
+BDEPEND=" |
66 |
+ app-text/docbook-xml-dtd:4.1.2 |
67 |
+ app-text/xmlto |
68 |
+ dev-libs/nss |
69 |
+ sys-devel/bison |
70 |
+ sys-devel/flex |
71 |
+ virtual/pkgconfig |
72 |
+ test? ( dev-python/setproctitle ) |
73 |
+" |
74 |
+RDEPEND="${DEPEND} |
75 |
+ dev-libs/nss[utils(+)] |
76 |
+ sys-apps/iproute2 |
77 |
+ !net-vpn/strongswan |
78 |
+ selinux? ( sec-policy/selinux-ipsec ) |
79 |
+" |
80 |
+ |
81 |
+usetf() { |
82 |
+ usex "$1" true false |
83 |
+} |
84 |
+ |
85 |
+PATCHES=( "${FILESDIR}/${PN}-3.30-ip-path.patch" ) |
86 |
+ |
87 |
+src_prepare() { |
88 |
+ sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die |
89 |
+ sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die |
90 |
+ default |
91 |
+} |
92 |
+ |
93 |
+src_configure() { |
94 |
+ tc-export AR CC |
95 |
+ export INC_USRLOCAL=/usr |
96 |
+ export INC_MANDIR=share/man |
97 |
+ export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} |
98 |
+ export FINALDOCDIR=/usr/share/doc/${PF}/html |
99 |
+ export INITSYSTEM=openrc |
100 |
+ export INC_RCDIRS= |
101 |
+ export INC_RCDEFAULT=/etc/init.d |
102 |
+ export USERCOMPILE= |
103 |
+ export USERLINK= |
104 |
+ export USE_DNSSEC=$(usetf dnssec) |
105 |
+ export USE_LABELED_IPSEC=$(usetf selinux) |
106 |
+ export USE_LIBCAP_NG=$(usetf caps) |
107 |
+ export USE_LIBCURL=$(usetf curl) |
108 |
+ export USE_LINUX_AUDIT=$(usetf selinux) |
109 |
+ export USE_LDAP=$(usetf ldap) |
110 |
+ export USE_SECCOMP=$(usetf seccomp) |
111 |
+ export USE_SYSTEMD_WATCHDOG=$(usetf systemd) |
112 |
+ export SD_WATCHDOGSEC=$(usex systemd 200 0) |
113 |
+ export USE_XAUTHPAM=$(usetf pam) |
114 |
+ export DEBUG_CFLAGS= |
115 |
+ export OPTIMIZE_CFLAGS= |
116 |
+ export WERROR_CFLAGS= |
117 |
+} |
118 |
+ |
119 |
+src_compile() { |
120 |
+ emake all |
121 |
+ emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all |
122 |
+} |
123 |
+ |
124 |
+src_test() { |
125 |
+ : # integration tests only that require set of kvms to be set up |
126 |
+} |
127 |
+ |
128 |
+src_install() { |
129 |
+ default |
130 |
+ emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install |
131 |
+ |
132 |
+ echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets |
133 |
+ fperms 0600 /etc/ipsec.secrets |
134 |
+ |
135 |
+ dodoc -r docs |
136 |
+ |
137 |
+ find "${D}" -type d -empty -delete || die |
138 |
+} |
139 |
+ |
140 |
+pkg_postinst() { |
141 |
+ local IPSEC_CONFDIR=${ROOT}/etc/ipsec.d |
142 |
+ if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then |
143 |
+ ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" |
144 |
+ certutil -N -d "${IPSEC_CONFDIR}" --empty-password |
145 |
+ eend $? |
146 |
+ einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" |
147 |
+ fi |
148 |
+} |