1 |
commit: ca35ebc564c35809d8a4524807cecee58ed16f61 |
2 |
Author: Hans de Graaff <graaff <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Jan 12 06:53:02 2022 +0000 |
4 |
Commit: Hans de Graaff <graaff <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Jan 12 06:53:02 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ca35ebc5 |
7 |
|
8 |
net-vpn/libreswan: add 4.6 |
9 |
|
10 |
Package-Manager: Portage-3.0.28, Repoman-3.0.3 |
11 |
Signed-off-by: Hans de Graaff <graaff <AT> gentoo.org> |
12 |
|
13 |
net-vpn/libreswan/Manifest | 1 + |
14 |
net-vpn/libreswan/libreswan-4.6.ebuild | 122 +++++++++++++++++++++++++++++++++ |
15 |
2 files changed, 123 insertions(+) |
16 |
|
17 |
diff --git a/net-vpn/libreswan/Manifest b/net-vpn/libreswan/Manifest |
18 |
index dc3c2ce12f4c..bc09e37f99f2 100644 |
19 |
--- a/net-vpn/libreswan/Manifest |
20 |
+++ b/net-vpn/libreswan/Manifest |
21 |
@@ -2,3 +2,4 @@ DIST libreswan-3.32.tar.gz 4141631 BLAKE2B 37a4cb5c1f52d69b17ba60abd2b7a181d9f55 |
22 |
DIST libreswan-4.3.tar.gz 3489322 BLAKE2B 36908bf043fb1085f40b4a5f35ca6dc1563e1a1701f9cced9cb6765094bb2ef603b6d6d4b076a333d540f6454c10b6350d9b8c20de8bc3f27b19915b4cf42b9f SHA512 4687c867d34655cd33997edf4ab7887b2121af41c99d1bd9c794fce1c1eef412f5528de7a338e92a44c1c5d0aaa8fbeb756b89849fcad3deb45a418751e64045 |
23 |
DIST libreswan-4.4.tar.gz 3503201 BLAKE2B c6c5cb2d7141afe52128e71051fd39b058a06fe4972074c853dbba2937f4c113548392d9c202badac5c1350e4d05f60d4a4d0aed453b1ee91c38a3245b0cf209 SHA512 108b2ac7a36454c48ce448a83ddd81e72d7fbb7cf8b042116d9bd31f195cdab4ccd6311d72af7ab4cc6d054df50d30a6bfc50b56fe7cbfd35d54a68804a6678b |
24 |
DIST libreswan-4.5.tar.gz 3529355 BLAKE2B 7485a8c77b997026681b3b99194ee54176f1cd7230af72a2aa231e5caa97946c40b0178f0ffa1dd200085b5919883697d7300bb328561501789707035f045337 SHA512 451a4f71099aa4776624a4c127fdaff492acc38a44228255dcbf955efa0982fd963c989d63522f56279eec6a9ef738febb573dde34aa541724ab11e37a554f9e |
25 |
+DIST libreswan-4.6.tar.gz 3579760 BLAKE2B 56099e753d9da882ea9e4b7966706f39bac36cd88adcba5fa1c3201cbe0a2ba7a02042cb9eeb8fd52a7b1ba0f3128b854114abc748fe9bf6d9059937a72eb0e4 SHA512 c1c3efd7665dee6caaf08cb5aa50fcd37c299acad4b62648284fdb04edd50ba8fc8d33a9fb210edaf2312697f8cd251f33a6b16587eb2cfefd1269b4482dd499 |
26 |
|
27 |
diff --git a/net-vpn/libreswan/libreswan-4.6.ebuild b/net-vpn/libreswan/libreswan-4.6.ebuild |
28 |
new file mode 100644 |
29 |
index 000000000000..cd32e99023da |
30 |
--- /dev/null |
31 |
+++ b/net-vpn/libreswan/libreswan-4.6.ebuild |
32 |
@@ -0,0 +1,122 @@ |
33 |
+# Copyright 1999-2022 Gentoo Authors |
34 |
+# Distributed under the terms of the GNU General Public License v2 |
35 |
+ |
36 |
+EAPI=8 |
37 |
+ |
38 |
+inherit systemd toolchain-funcs tmpfiles |
39 |
+ |
40 |
+DESCRIPTION="IPsec implementation for Linux, fork of Openswan" |
41 |
+HOMEPAGE="https://libreswan.org/" |
42 |
+SRC_URI="https://download.libreswan.org/${P}.tar.gz" |
43 |
+ |
44 |
+LICENSE="GPL-2 BSD-4 RSA DES" |
45 |
+SLOT="0" |
46 |
+KEYWORDS="~amd64 ~arm ~ppc ~x86" |
47 |
+IUSE="caps curl dnssec ldap networkmanager pam seccomp selinux systemd test" |
48 |
+RESTRICT="!test? ( test )" |
49 |
+ |
50 |
+DEPEND=" |
51 |
+ dev-libs/gmp:0= |
52 |
+ dev-libs/libevent:0= |
53 |
+ dev-libs/nspr |
54 |
+ >=dev-libs/nss-3.42 |
55 |
+ >=sys-kernel/linux-headers-4.19 |
56 |
+ virtual/libcrypt:= |
57 |
+ caps? ( sys-libs/libcap-ng ) |
58 |
+ curl? ( net-misc/curl ) |
59 |
+ dnssec? ( >=net-dns/unbound-1.9.1-r1:= net-libs/ldns:= ) |
60 |
+ ldap? ( net-nds/openldap ) |
61 |
+ pam? ( sys-libs/pam ) |
62 |
+ seccomp? ( sys-libs/libseccomp ) |
63 |
+ selinux? ( sys-libs/libselinux ) |
64 |
+ systemd? ( sys-apps/systemd:0= ) |
65 |
+" |
66 |
+BDEPEND=" |
67 |
+ app-text/docbook-xml-dtd:4.1.2 |
68 |
+ app-text/xmlto |
69 |
+ dev-libs/nss |
70 |
+ sys-devel/bison |
71 |
+ sys-devel/flex |
72 |
+ virtual/pkgconfig |
73 |
+ test? ( dev-python/setproctitle ) |
74 |
+" |
75 |
+RDEPEND="${DEPEND} |
76 |
+ dev-libs/nss[utils(+)] |
77 |
+ sys-apps/iproute2 |
78 |
+ !net-vpn/strongswan |
79 |
+ selinux? ( sec-policy/selinux-ipsec ) |
80 |
+" |
81 |
+ |
82 |
+usetf() { |
83 |
+ usex "$1" true false |
84 |
+} |
85 |
+ |
86 |
+PATCHES=( "${FILESDIR}/${PN}-4.2-ip-path.patch" ) |
87 |
+ |
88 |
+src_prepare() { |
89 |
+ sed -i -e 's:/sbin/runscript:/sbin/openrc-run:' initsystems/openrc/ipsec.init.in || die |
90 |
+ sed -i -e '/^install/ s/postcheck//' -e '/^doinstall/ s/oldinitdcheck//' initsystems/systemd/Makefile || die |
91 |
+ default |
92 |
+} |
93 |
+ |
94 |
+src_configure() { |
95 |
+ tc-export AR CC |
96 |
+ export PREFIX=/usr |
97 |
+ export FINALEXAMPLECONFDIR=/usr/share/doc/${PF} |
98 |
+ export FINALDOCDIR=/usr/share/doc/${PF}/html |
99 |
+ export INITSYSTEM=$(usex systemd systemd openrc) |
100 |
+ export INITDDIRS= |
101 |
+ export INITDDIR_DEFAULT=/etc/init.d |
102 |
+ export USERCOMPILE=${CFLAGS} |
103 |
+ export USERLINK=${LDFLAGS} |
104 |
+ export USE_DNSSEC=$(usetf dnssec) |
105 |
+ export USE_LABELED_IPSEC=$(usetf selinux) |
106 |
+ export USE_LIBCAP_NG=$(usetf caps) |
107 |
+ export USE_LIBCURL=$(usetf curl) |
108 |
+ export USE_LINUX_AUDIT=$(usetf selinux) |
109 |
+ export USE_LDAP=$(usetf ldap) |
110 |
+ export USE_NM=$(usetf networkmanager) |
111 |
+ export USE_SECCOMP=$(usetf seccomp) |
112 |
+ export USE_SYSTEMD_WATCHDOG=$(usetf systemd) |
113 |
+ export SD_WATCHDOGSEC=$(usex systemd 200 0) |
114 |
+ export USE_AUTHPAM=$(usetf pam) |
115 |
+ export DEBUG_CFLAGS= |
116 |
+ export OPTIMIZE_CFLAGS= |
117 |
+ export WERROR_CFLAGS= |
118 |
+} |
119 |
+ |
120 |
+src_compile() { |
121 |
+ emake all |
122 |
+ emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" all |
123 |
+} |
124 |
+ |
125 |
+src_test() { |
126 |
+ : # integration tests only that require set of kvms to be set up |
127 |
+} |
128 |
+ |
129 |
+src_install() { |
130 |
+ default |
131 |
+ emake -C initsystems INITSYSTEM=systemd SYSTEMUNITDIR="$(systemd_get_systemunitdir)" SYSTEMTMPFILESDIR="/usr/lib/tmpfiles.d" DESTDIR="${D}" install |
132 |
+ |
133 |
+ echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets |
134 |
+ fperms 0600 /etc/ipsec.secrets |
135 |
+ |
136 |
+ keepdir /var/lib/ipsec/nss |
137 |
+ fperms 0700 /var/lib/ipsec/nss |
138 |
+ |
139 |
+ dodoc -r docs |
140 |
+ |
141 |
+ find "${D}" -type d -empty -delete || die |
142 |
+} |
143 |
+ |
144 |
+pkg_postinst() { |
145 |
+ tmpfiles_process libreswan.conf |
146 |
+ |
147 |
+ local IPSEC_CONFDIR=${ROOT}/var/lib/ipsec/nss |
148 |
+ if [[ ! -f ${IPSEC_CONFDIR}/cert8.db && ! -f ${IPSEC_CONFDIR}/cert9.db ]] ; then |
149 |
+ ebegin "Setting up NSS database in ${IPSEC_CONFDIR} with empty password" |
150 |
+ certutil -N -d "${IPSEC_CONFDIR}" --empty-password |
151 |
+ eend $? |
152 |
+ einfo "To set a password: certutil -W -d sql:${IPSEC_CONFDIR}" |
153 |
+ fi |
154 |
+} |