[gentoo-commits] repo/gentoo:master commit in: net-vpn/libreswan/, net-vpn/libreswan/files/ - gentoo-commits

From:	Hans de Graaff <graaff@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-vpn/libreswan/, net-vpn/libreswan/files/
Date:	Wed, 19 Sep 2018 06:47:50
Message-Id:	`1537339489.5eb5ac90d68ae10603c84ece0b83967c519f9ae9.graaff@gentoo`

1

commit:     5eb5ac90d68ae10603c84ece0b83967c519f9ae9

2

Author:     Hans de Graaff <graaff <AT> gentoo <DOT> org>

3

AuthorDate: Wed Sep 19 06:43:25 2018 +0000

4

Commit:     Hans de Graaff <graaff <AT> gentoo <DOT> org>

5

CommitDate: Wed Sep 19 06:44:49 2018 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5eb5ac90

7

8

net-vpn/libreswan: add 3.26

9

10

Package-Manager: Portage-2.3.49, Repoman-2.3.10

11

12

 net-vpn/libreswan/Manifest                         |   1 +

13

 .../libreswan/files/libreswan-3.26-nss-link.patch  |  22 ++++

14

 net-vpn/libreswan/files/libreswan-3.26-nss.patch   |  27 +++++

15

 net-vpn/libreswan/libreswan-3.26.ebuild            | 115 +++++++++++++++++++++

16

 4 files changed, 165 insertions(+)

17

18

diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest

19

index a8dd92def94..281c1a96924 100644

20

--- a/net-vpn/libreswan/Manifest

21

+++ b/net-vpn/libreswan/Manifest

22

@@ -1,2 +1,3 @@

23

 DIST libreswan-3.22.tar.gz 6910418 BLAKE2B c06134fa2d1096231797f1ea93de8ed61121472b10ae30ee9a843250dce4ef9f21e7d3bf63f38daf53fbfd8d1e435cfdc704743d0fdcbde8ecac137d9becac48 SHA512 93868327394527750590e1297443d3eb1c9a528d680348098fd2913123dac52c9fecd73b855ee00586c2516b8aa00f7f0d158d8e9b19d7487b5fb26432b86aff

24

 DIST libreswan-3.25.tar.gz 3988630 BLAKE2B 8479b5b0d7d49055b7dcefa6c3b2f469b0aa60005e05446d5c1c6f73a32c904835422248c6ead2a1c2dc83b63794fd50f7461fd22c4206414b5890c01b99b722 SHA512 246649cb5bef1d0690217d1080f3f6f175a0d7a5f27e5a7affdf291b2f418a11937e96b64716a33e6312530409a2c1b10b90e2fa5ec339a27c94c990d86ed517

25

+DIST libreswan-3.26.tar.gz 3706205 BLAKE2B e54e6d3a0163f0b6812c53400e7f57e01319d7cf64a5d9e84d5002bbab24d5de1b6461c6bba02d60630017a50c23ecb1a095f3da1a36a4e6fc64e90cf08fd798 SHA512 10965a23197ef5d21a66dc0838066ceb620b2653f64471553284e0043fbc993584e497742b498e0be410427aeed3d8ce5bfdc6dfab59b8a1a1ba9a363473c4a4

26

27

diff --git a/net-vpn/libreswan/files/libreswan-3.26-nss-link.patch b/net-vpn/libreswan/files/libreswan-3.26-nss-link.patch

28

new file mode 100644

29

index 00000000000..267aa2120db

30

--- /dev/null

31

+++ b/net-vpn/libreswan/files/libreswan-3.26-nss-link.patch

32

@@ -0,0 +1,22 @@

33

+From b3199806cc66de4888917ddc85b511b433e43d63 Mon Sep 17 00:00:00 2001

34

+From: Paul Wouters <pwouters@××××××.com>

35

+Date: Mon, 17 Sep 2018 11:23:11 -0400

36

+Subject: [PATCH] building: -lfreebl is no longer needed

37

+

38

+---

39

+ mk/config.mk | 2 +-

40

+ 1 file changed, 1 insertion(+), 1 deletion(-)

41

+

42

+diff --git a/mk/config.mk b/mk/config.mk

43

+index 3bd2527497..d8497c2104 100644

44

+--- a/mk/config.mk

45

++++ b/mk/config.mk

46

+@@ -234,7 +234,7 @@ BISONOSFLAGS?=

47

+ NSSFLAGS?=$(shell pkg-config --cflags nss)

48

+ # We don't want to link against every library pkg-config --libs nss

49

+ # returns

50

+-NSS_LDFLAGS ?= -lnss3 -lfreebl -lnssutil3

51

++NSS_LDFLAGS ?= -lnss3 -lnssutil3

52

+ NSS_SMIME_LDFLAGS ?= -lsmime3

53

+ NSS_UTIL_LDFLAGS ?= -lnssutil3

54

+ NSPR_LDFLAGS ?= -lnspr4

55

56

diff --git a/net-vpn/libreswan/files/libreswan-3.26-nss.patch b/net-vpn/libreswan/files/libreswan-3.26-nss.patch

57

new file mode 100644

58

index 00000000000..89a6436a2a2

59

--- /dev/null

60

+++ b/net-vpn/libreswan/files/libreswan-3.26-nss.patch

61

@@ -0,0 +1,27 @@

62

+From 910f69119b491c6d7abcc85cf8911d2fa012a135 Mon Sep 17 00:00:00 2001

63

+From: Andrew Cagney <cagney@×××.org>

64

+Date: Mon, 17 Sep 2018 11:56:56 -0400

65

+Subject: [PATCH] ecdsa: don't include NSS's "blapi.h", no longer needed and

66

+ not on debian

67

+

68

+(not to be confused with "lbapit.h", which also looks suspect)

69

+

70

+Follow-up b3199806cc66de4888917ddc85b511b433e43d63 and

71

+2d093c9fb83c8104604e4b40defa4e41129577ea.  The latter

72

+relaced the call to ECDSA_VerifyDigest() with PK11_Verify().

73

+---

74

+ programs/pluto/keys.c | 1 -

75

+ 1 file changed, 1 deletion(-)

76

+

77

+diff --git a/programs/pluto/keys.c b/programs/pluto/keys.c

78

+index b3df5802cf..bd9d8d8c6c 100644

79

+--- a/programs/pluto/keys.c

80

++++ b/programs/pluto/keys.c

81

+@@ -72,7 +72,6 @@

82

+ #include <secerr.h>

83

+ #include <secport.h>

84

+ #include <time.h>

85

+-#include <blapi.h>

86

+ #include "lswconf.h"

87

+ #include "lswnss.h"

88

+ #include "secrets.h"

89

90

diff --git a/net-vpn/libreswan/libreswan-3.26.ebuild b/net-vpn/libreswan/libreswan-3.26.ebuild

91

new file mode 100644

92

index 00000000000..7c3de3ac0b8

93

--- /dev/null

94

+++ b/net-vpn/libreswan/libreswan-3.26.ebuild

95

@@ -0,0 +1,115 @@

96

+# Copyright 1999-2018 Gentoo Foundation

97

+# Distributed under the terms of the GNU General Public License v2

98

+

99

+EAPI=6

100

+

101

+inherit systemd toolchain-funcs

102

+

103

+SRC_URI="https://download.libreswan.org/${P}.tar.gz"

104

+KEYWORDS="~amd64 ~ppc ~x86"

105

+

106

+DESCRIPTION="IPsec implementation for Linux, fork of Openswan"

107

+HOMEPAGE="https://libreswan.org/"

108

+

109

+LICENSE="GPL-2 BSD-4 RSA DES"

110

+SLOT="0"

111

+IUSE="caps curl dnssec ldap pam seccomp selinux systemd test"

112

+

113

+COMMON_DEPEND="

114

+	dev-libs/gmp:0=

115

+	dev-libs/libevent:0=

116

+	dev-libs/nspr

117

+	caps? ( sys-libs/libcap-ng )

118

+	curl? ( net-misc/curl )

119

+	dnssec? ( net-dns/unbound:= net-libs/ldns )

120

+	ldap? ( net-nds/openldap )

121

+	pam? ( sys-libs/pam )

122

+	seccomp? ( sys-libs/libseccomp )

123

+	selinux? ( sys-libs/libselinux )

124

+	systemd? ( sys-apps/systemd:0= )

125

+"

126

+DEPEND="${COMMON_DEPEND}

127

+	app-text/docbook-xml-dtd:4.1.2

128

+	app-text/xmlto

129

+	dev-libs/nss

130

+	sys-devel/bison

131

+	sys-devel/flex

132

+	virtual/pkgconfig

133

+	test? ( dev-python/setproctitle )

134

+"

135

+RDEPEND="${COMMON_DEPEND}

136

+	dev-libs/nss[utils(+)]

137

+	sys-apps/iproute2

138

+	!net-misc/openswan

139

+	!net-vpn/strongswan

140

+	selinux? ( sec-policy/selinux-ipsec )

141

+"

142

+

143

+usetf() {

144

+	usex "$1" true false

145

+}

146

+

147

+src_prepare() {

148

+	eapply "${FILESDIR}/${P}-nss.patch"

149

+	eapply "${FILESDIR}/${P}-nss-link.patch"

150

+

151

+	sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die

152

+	sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die

153

+	default

154

+}

155

+

156

+src_configure() {

157

+	tc-export AR CC

158

+	export INC_USRLOCAL=/usr

159

+	export INC_MANDIR=share/man

160

+	export FINALEXAMPLECONFDIR=/usr/share/doc/${PF}

161

+	export FINALDOCDIR=/usr/share/doc/${PF}/html

162

+	export INITSYSTEM=openrc

163

+	export INC_RCDIRS=

164

+	export INC_RCDEFAULT=/etc/init.d

165

+	export USERCOMPILE=

166

+	export USERLINK=

167

+	export USE_DNSSEC=$(usetf dnssec)

168

+	export USE_LABELED_IPSEC=$(usetf selinux)

169

+	export USE_LIBCAP_NG=$(usetf caps)

170

+	export USE_LIBCURL=$(usetf curl)

171

+	export USE_LINUX_AUDIT=$(usetf selinux)

172

+	export USE_LDAP=$(usetf ldap)

173

+	export USE_SECCOMP=$(usetf seccomp)

174

+	export USE_SYSTEMD_WATCHDOG=$(usetf systemd)

175

+	export SD_WATCHDOGSEC=$(usex systemd 200 0)

176

+	export USE_XAUTHPAM=$(usetf pam)

177

+	export DEBUG_CFLAGS=

178

+	export OPTIMIZE_CFLAGS=

179

+	export WERROR_CFLAGS=

180

+}

181

+

182

+src_compile() {

183

+	emake all

184

+	emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" all

185

+}

186

+

187

+src_test() {

188

+	: # integration tests only that require set of kvms to be set up

189

+}

190

+

191

+src_install() {

192

+	default

193

+	emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" DESTDIR="${D}" install

194

+

195

+	echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets

196

+	fperms 0600 /etc/ipsec.secrets

197

+

198

+	dodoc -r docs

199

+

200

+	find "${D}" -type d -empty -delete || die

201

+}

202

+

203

+pkg_postinst() {

204

+	local IPSEC_CONFDIR=${ROOT%/}/etc/ipsec.d

205

+	if [[ ! -f ${IPSEC_CONFDIR}/cert8.db ]]; then

206

+		ebegin "Setting up NSS database in ${IPSEC_CONFDIR}"

207

+		certutil -N -d "${IPSEC_CONFDIR}" -f <(echo)

208

+		eend $?

209

+	fi

210

+}

1	commit: 5eb5ac90d68ae10603c84ece0b83967c519f9ae9
2	Author: Hans de Graaff <graaff <AT> gentoo <DOT> org>
3	AuthorDate: Wed Sep 19 06:43:25 2018 +0000
4	Commit: Hans de Graaff <graaff <AT> gentoo <DOT> org>
5	CommitDate: Wed Sep 19 06:44:49 2018 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5eb5ac90
7
8	net-vpn/libreswan: add 3.26
9
10	Package-Manager: Portage-2.3.49, Repoman-2.3.10
11
12	net-vpn/libreswan/Manifest \| 1 +
13	.../libreswan/files/libreswan-3.26-nss-link.patch \| 22 ++++
14	net-vpn/libreswan/files/libreswan-3.26-nss.patch \| 27 +++++
15	net-vpn/libreswan/libreswan-3.26.ebuild \| 115 +++++++++++++++++++++
16	4 files changed, 165 insertions(+)
17
18	diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest
19	index a8dd92def94..281c1a96924 100644
20	--- a/net-vpn/libreswan/Manifest
21	+++ b/net-vpn/libreswan/Manifest
22	@@ -1,2 +1,3 @@
23	DIST libreswan-3.22.tar.gz 6910418 BLAKE2B c06134fa2d1096231797f1ea93de8ed61121472b10ae30ee9a843250dce4ef9f21e7d3bf63f38daf53fbfd8d1e435cfdc704743d0fdcbde8ecac137d9becac48 SHA512 93868327394527750590e1297443d3eb1c9a528d680348098fd2913123dac52c9fecd73b855ee00586c2516b8aa00f7f0d158d8e9b19d7487b5fb26432b86aff
24	DIST libreswan-3.25.tar.gz 3988630 BLAKE2B 8479b5b0d7d49055b7dcefa6c3b2f469b0aa60005e05446d5c1c6f73a32c904835422248c6ead2a1c2dc83b63794fd50f7461fd22c4206414b5890c01b99b722 SHA512 246649cb5bef1d0690217d1080f3f6f175a0d7a5f27e5a7affdf291b2f418a11937e96b64716a33e6312530409a2c1b10b90e2fa5ec339a27c94c990d86ed517
25	+DIST libreswan-3.26.tar.gz 3706205 BLAKE2B e54e6d3a0163f0b6812c53400e7f57e01319d7cf64a5d9e84d5002bbab24d5de1b6461c6bba02d60630017a50c23ecb1a095f3da1a36a4e6fc64e90cf08fd798 SHA512 10965a23197ef5d21a66dc0838066ceb620b2653f64471553284e0043fbc993584e497742b498e0be410427aeed3d8ce5bfdc6dfab59b8a1a1ba9a363473c4a4
26
27	diff --git a/net-vpn/libreswan/files/libreswan-3.26-nss-link.patch b/net-vpn/libreswan/files/libreswan-3.26-nss-link.patch
28	new file mode 100644
29	index 00000000000..267aa2120db
30	--- /dev/null
31	+++ b/net-vpn/libreswan/files/libreswan-3.26-nss-link.patch
32	@@ -0,0 +1,22 @@
33	+From b3199806cc66de4888917ddc85b511b433e43d63 Mon Sep 17 00:00:00 2001
34	+From: Paul Wouters <pwouters@××××××.com>
35	+Date: Mon, 17 Sep 2018 11:23:11 -0400
36	+Subject: [PATCH] building: -lfreebl is no longer needed
37	+
38	+---
39	+ mk/config.mk \| 2 +-
40	+ 1 file changed, 1 insertion(+), 1 deletion(-)
41	+
42	+diff --git a/mk/config.mk b/mk/config.mk
43	+index 3bd2527497..d8497c2104 100644
44	+--- a/mk/config.mk
45	++++ b/mk/config.mk
46	+@@ -234,7 +234,7 @@ BISONOSFLAGS?=
47	+ NSSFLAGS?=$(shell pkg-config --cflags nss)
48	+ # We don't want to link against every library pkg-config --libs nss
49	+ # returns
50	+-NSS_LDFLAGS ?= -lnss3 -lfreebl -lnssutil3
51	++NSS_LDFLAGS ?= -lnss3 -lnssutil3
52	+ NSS_SMIME_LDFLAGS ?= -lsmime3
53	+ NSS_UTIL_LDFLAGS ?= -lnssutil3
54	+ NSPR_LDFLAGS ?= -lnspr4
55
56	diff --git a/net-vpn/libreswan/files/libreswan-3.26-nss.patch b/net-vpn/libreswan/files/libreswan-3.26-nss.patch
57	new file mode 100644
58	index 00000000000..89a6436a2a2
59	--- /dev/null
60	+++ b/net-vpn/libreswan/files/libreswan-3.26-nss.patch
61	@@ -0,0 +1,27 @@
62	+From 910f69119b491c6d7abcc85cf8911d2fa012a135 Mon Sep 17 00:00:00 2001
63	+From: Andrew Cagney <cagney@×××.org>
64	+Date: Mon, 17 Sep 2018 11:56:56 -0400
65	+Subject: [PATCH] ecdsa: don't include NSS's "blapi.h", no longer needed and
66	+ not on debian
67	+
68	+(not to be confused with "lbapit.h", which also looks suspect)
69	+
70	+Follow-up b3199806cc66de4888917ddc85b511b433e43d63 and
71	+2d093c9fb83c8104604e4b40defa4e41129577ea. The latter
72	+relaced the call to ECDSA_VerifyDigest() with PK11_Verify().
73	+---
74	+ programs/pluto/keys.c \| 1 -
75	+ 1 file changed, 1 deletion(-)
76	+
77	+diff --git a/programs/pluto/keys.c b/programs/pluto/keys.c
78	+index b3df5802cf..bd9d8d8c6c 100644
79	+--- a/programs/pluto/keys.c
80	++++ b/programs/pluto/keys.c
81	+@@ -72,7 +72,6 @@
82	+ #include <secerr.h>
83	+ #include <secport.h>
84	+ #include <time.h>
85	+-#include <blapi.h>
86	+ #include "lswconf.h"
87	+ #include "lswnss.h"
88	+ #include "secrets.h"
89
90	diff --git a/net-vpn/libreswan/libreswan-3.26.ebuild b/net-vpn/libreswan/libreswan-3.26.ebuild
91	new file mode 100644
92	index 00000000000..7c3de3ac0b8
93	--- /dev/null
94	+++ b/net-vpn/libreswan/libreswan-3.26.ebuild
95	@@ -0,0 +1,115 @@
96	+# Copyright 1999-2018 Gentoo Foundation
97	+# Distributed under the terms of the GNU General Public License v2
98	+
99	+EAPI=6
100	+
101	+inherit systemd toolchain-funcs
102	+
103	+SRC_URI="https://download.libreswan.org/${P}.tar.gz"
104	+KEYWORDS="~amd64 ~ppc ~x86"
105	+
106	+DESCRIPTION="IPsec implementation for Linux, fork of Openswan"
107	+HOMEPAGE="https://libreswan.org/"
108	+
109	+LICENSE="GPL-2 BSD-4 RSA DES"
110	+SLOT="0"
111	+IUSE="caps curl dnssec ldap pam seccomp selinux systemd test"
112	+
113	+COMMON_DEPEND="
114	+ dev-libs/gmp:0=
115	+ dev-libs/libevent:0=
116	+ dev-libs/nspr
117	+ caps? ( sys-libs/libcap-ng )
118	+ curl? ( net-misc/curl )
119	+ dnssec? ( net-dns/unbound:= net-libs/ldns )
120	+ ldap? ( net-nds/openldap )
121	+ pam? ( sys-libs/pam )
122	+ seccomp? ( sys-libs/libseccomp )
123	+ selinux? ( sys-libs/libselinux )
124	+ systemd? ( sys-apps/systemd:0= )
125	+"
126	+DEPEND="${COMMON_DEPEND}
127	+ app-text/docbook-xml-dtd:4.1.2
128	+ app-text/xmlto
129	+ dev-libs/nss
130	+ sys-devel/bison
131	+ sys-devel/flex
132	+ virtual/pkgconfig
133	+ test? ( dev-python/setproctitle )
134	+"
135	+RDEPEND="${COMMON_DEPEND}
136	+ dev-libs/nss[utils(+)]
137	+ sys-apps/iproute2
138	+ !net-misc/openswan
139	+ !net-vpn/strongswan
140	+ selinux? ( sec-policy/selinux-ipsec )
141	+"
142	+
143	+usetf() {
144	+ usex "$1" true false
145	+}
146	+
147	+src_prepare() {
148	+ eapply "${FILESDIR}/${P}-nss.patch"
149	+ eapply "${FILESDIR}/${P}-nss-link.patch"
150	+
151	+ sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in \|\| die
152	+ sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile \|\| die
153	+ default
154	+}
155	+
156	+src_configure() {
157	+ tc-export AR CC
158	+ export INC_USRLOCAL=/usr
159	+ export INC_MANDIR=share/man
160	+ export FINALEXAMPLECONFDIR=/usr/share/doc/${PF}
161	+ export FINALDOCDIR=/usr/share/doc/${PF}/html
162	+ export INITSYSTEM=openrc
163	+ export INC_RCDIRS=
164	+ export INC_RCDEFAULT=/etc/init.d
165	+ export USERCOMPILE=
166	+ export USERLINK=
167	+ export USE_DNSSEC=$(usetf dnssec)
168	+ export USE_LABELED_IPSEC=$(usetf selinux)
169	+ export USE_LIBCAP_NG=$(usetf caps)
170	+ export USE_LIBCURL=$(usetf curl)
171	+ export USE_LINUX_AUDIT=$(usetf selinux)
172	+ export USE_LDAP=$(usetf ldap)
173	+ export USE_SECCOMP=$(usetf seccomp)
174	+ export USE_SYSTEMD_WATCHDOG=$(usetf systemd)
175	+ export SD_WATCHDOGSEC=$(usex systemd 200 0)
176	+ export USE_XAUTHPAM=$(usetf pam)
177	+ export DEBUG_CFLAGS=
178	+ export OPTIMIZE_CFLAGS=
179	+ export WERROR_CFLAGS=
180	+}
181	+
182	+src_compile() {
183	+ emake all
184	+ emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" all
185	+}
186	+
187	+src_test() {
188	+ : # integration tests only that require set of kvms to be set up
189	+}
190	+
191	+src_install() {
192	+ default
193	+ emake -C initsystems INITSYSTEM=systemd UNITDIR="$(systemd_get_systemunitdir)" DESTDIR="${D}" install
194	+
195	+ echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets
196	+ fperms 0600 /etc/ipsec.secrets
197	+
198	+ dodoc -r docs
199	+
200	+ find "${D}" -type d -empty -delete \|\| die
201	+}
202	+
203	+pkg_postinst() {
204	+ local IPSEC_CONFDIR=${ROOT%/}/etc/ipsec.d
205	+ if [[ ! -f ${IPSEC_CONFDIR}/cert8.db ]]; then
206	+ ebegin "Setting up NSS database in ${IPSEC_CONFDIR}"
207	+ certutil -N -d "${IPSEC_CONFDIR}" -f <(echo)
208	+ eend $?
209	+ fi
210	+}

Gentoo Archives: gentoo-commits