1 |
commit: e1d8d68eb7dd3b4dcae4131550bb81a39fec708f |
2 |
Author: orbea <orbea <AT> riseup <DOT> net> |
3 |
AuthorDate: Mon May 9 03:17:17 2022 +0000 |
4 |
Commit: Quentin Retornaz <gentoo <AT> retornaz <DOT> com> |
5 |
CommitDate: Mon May 9 18:36:45 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=e1d8d68e |
7 |
|
8 |
net-vpn/i2pd: Added |
9 |
|
10 |
Signed-off-by: orbea <orbea <AT> riseup.net> |
11 |
Closes: https://github.com/gentoo/libressl/pull/409 |
12 |
Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com> |
13 |
|
14 |
net-vpn/i2pd/Manifest | 1 + |
15 |
net-vpn/i2pd/files/99i2pd | 1 + |
16 |
net-vpn/i2pd/files/i2pd-2.38.0-r1.logrotate | 13 +++++ |
17 |
net-vpn/i2pd/files/i2pd-2.38.0.service | 37 ++++++++++++ |
18 |
net-vpn/i2pd/files/i2pd-2.39.0.initd | 52 +++++++++++++++++ |
19 |
net-vpn/i2pd/files/i2pd-2.41.0-libressl.patch | 20 +++++++ |
20 |
net-vpn/i2pd/files/i2pd-2.6.0-r3.confd | 12 ++++ |
21 |
net-vpn/i2pd/i2pd-2.41.0.ebuild | 83 +++++++++++++++++++++++++++ |
22 |
net-vpn/i2pd/metadata.xml | 24 ++++++++ |
23 |
9 files changed, 243 insertions(+) |
24 |
|
25 |
diff --git a/net-vpn/i2pd/Manifest b/net-vpn/i2pd/Manifest |
26 |
new file mode 100644 |
27 |
index 0000000..6f0b942 |
28 |
--- /dev/null |
29 |
+++ b/net-vpn/i2pd/Manifest |
30 |
@@ -0,0 +1 @@ |
31 |
+DIST i2pd-2.41.0.tar.gz 594453 BLAKE2B 36298133f057152445d3f7c83c9983d1e16476066f0139019faf0168142cb8dbed150eccee1e006c0a9f1b67670855fdb38513e8d7992e05122b581890b036a5 SHA512 10ba77d714e4b02f9640c64b16b597550f71bfacf02242bd17cfdc7fc416e0e9bc62a2f1da486161baea397dae3d260fa88359325062b1c587f509058d418d85 |
32 |
|
33 |
diff --git a/net-vpn/i2pd/files/99i2pd b/net-vpn/i2pd/files/99i2pd |
34 |
new file mode 100644 |
35 |
index 0000000..3cf3b46 |
36 |
--- /dev/null |
37 |
+++ b/net-vpn/i2pd/files/99i2pd |
38 |
@@ -0,0 +1 @@ |
39 |
+CONFIG_PROTECT="/var/lib/i2pd/certificates" |
40 |
|
41 |
diff --git a/net-vpn/i2pd/files/i2pd-2.38.0-r1.logrotate b/net-vpn/i2pd/files/i2pd-2.38.0-r1.logrotate |
42 |
new file mode 100644 |
43 |
index 0000000..9245bca |
44 |
--- /dev/null |
45 |
+++ b/net-vpn/i2pd/files/i2pd-2.38.0-r1.logrotate |
46 |
@@ -0,0 +1,13 @@ |
47 |
+/var/log/i2pd.log { |
48 |
+ rotate 4 |
49 |
+ weekly |
50 |
+ missingok |
51 |
+ notifempty |
52 |
+ create 640 i2pd i2pd |
53 |
+ postrotate |
54 |
+ if [ -f /run/i2pd/i2pd.pid ]; then |
55 |
+ /bin/kill -HUP $(/bin/cat /run/i2pd/i2pd.pid) |
56 |
+ fi |
57 |
+ endscript |
58 |
+} |
59 |
+ |
60 |
|
61 |
diff --git a/net-vpn/i2pd/files/i2pd-2.38.0.service b/net-vpn/i2pd/files/i2pd-2.38.0.service |
62 |
new file mode 100644 |
63 |
index 0000000..99c1bf2 |
64 |
--- /dev/null |
65 |
+++ b/net-vpn/i2pd/files/i2pd-2.38.0.service |
66 |
@@ -0,0 +1,37 @@ |
67 |
+[Unit] |
68 |
+Description=C++ daemon for accessing the I2P network |
69 |
+After=network.target |
70 |
+ |
71 |
+[Service] |
72 |
+Type=forking |
73 |
+Restart=on-abnormal |
74 |
+User=i2pd |
75 |
+Group=i2pd |
76 |
+LimitNOFILE=4096 |
77 |
+ |
78 |
+# restrictions |
79 |
+ProtectSystem=full |
80 |
+ProtectHome=yes |
81 |
+ProtectControlGroups=yes |
82 |
+ProtectKernelLogs=yes |
83 |
+ProtectKernelModules=yes |
84 |
+ProtectKernelTunables=yes |
85 |
+ProtectClock=yes |
86 |
+PrivateUsers=yes |
87 |
+PrivateDevices=yes |
88 |
+PrivateTmp=yes |
89 |
+RestrictNamespaces=yes |
90 |
+RestrictSUIDSGID=yes |
91 |
+CapabilityBoundingSet= |
92 |
+NoNewPrivileges=yes |
93 |
+ |
94 |
+RuntimeDirectory=i2pd |
95 |
+RuntimeDirectoryMode=0700 |
96 |
+PIDFile=/run/i2pd/i2pd.pid |
97 |
+ExecStartPre=+/bin/touch /var/log/i2pd.log |
98 |
+ExecStartPre=+/bin/chown i2pd:i2pd /var/log/i2pd.log |
99 |
+ExecStartPre=+/bin/chmod 600 /var/log/i2pd.log |
100 |
+ExecStart=/usr/bin/i2pd --daemon --service --pidfile=${RUNTIME_DIRECTORY}/i2pd.pid --log=file --logfile=/var/log/i2pd.log --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf |
101 |
+ |
102 |
+[Install] |
103 |
+WantedBy=multi-user.target |
104 |
|
105 |
diff --git a/net-vpn/i2pd/files/i2pd-2.39.0.initd b/net-vpn/i2pd/files/i2pd-2.39.0.initd |
106 |
new file mode 100644 |
107 |
index 0000000..fb4e033 |
108 |
--- /dev/null |
109 |
+++ b/net-vpn/i2pd/files/i2pd-2.39.0.initd |
110 |
@@ -0,0 +1,52 @@ |
111 |
+#!/sbin/openrc-run |
112 |
+# Copyright 1999-2021 Gentoo Authors |
113 |
+# Distributed under the terms of the GNU General Public License v2 |
114 |
+ |
115 |
+description="C++ daemon for accessing the I2P network" |
116 |
+description_graceful="Graceful shutdown, takes 10 minutes" |
117 |
+ |
118 |
+command="/usr/bin/i2pd" |
119 |
+command_args="${I2PD_OPTIONS}" |
120 |
+user="${I2PD_USER}:${I2PD_GROUP}" |
121 |
+start_stop_daemon_args=" |
122 |
+ --user \"${user}\" |
123 |
+ --pidfile \"${I2PD_PID}\" |
124 |
+ --progress |
125 |
+" |
126 |
+retry="SIGTERM/20/SIGKILL/20" |
127 |
+ |
128 |
+I2PD_PID_DIR=$(dirname "${I2PD_PID}") |
129 |
+ |
130 |
+extra_started_commands="graceful" |
131 |
+ |
132 |
+depend() { |
133 |
+ use dns logger netmount |
134 |
+} |
135 |
+ |
136 |
+start_pre() { |
137 |
+ if [ -z "${I2PD_USER}" ] || \ |
138 |
+ [ -z "${I2PD_GROUP}" ] || \ |
139 |
+ [ -z "${I2PD_PID}" ] || \ |
140 |
+ [ -z "${I2PD_LOG}" ] || \ |
141 |
+ [ -z "${I2PD_OPTIONS}" ] ; then |
142 |
+ eerror "Not all variables I2PD_USER, I2PD_GROUP, I2PD_PID, I2PD_OPTIONS, I2PD_LOG are defined." |
143 |
+ eerror "Check your /etc/conf.d/i2pd." |
144 |
+ return 1 |
145 |
+ fi |
146 |
+ checkpath -f -o "${user}" "${I2PD_LOG}" |
147 |
+ checkpath -d -m 0750 -o "${user}" "${I2PD_PID_DIR}" |
148 |
+} |
149 |
+ |
150 |
+stop_post() { |
151 |
+ # #808845 |
152 |
+ rm -f "${I2PD_PID}" |
153 |
+} |
154 |
+ |
155 |
+graceful() { |
156 |
+ # on SIGINT, i2pd stops accepting tunnels and shuts down in 600 seconds |
157 |
+ ebegin "Gracefully stopping i2pd, this takes 10 minutes" |
158 |
+ mark_service_stopping |
159 |
+ eval start-stop-daemon --stop ${start_stop_daemon_args} \ |
160 |
+ --exec "${command}" --retry 'SIGINT/620/SIGTERM/20/SIGKILL/20' |
161 |
+ eend $? && mark_service_stopped |
162 |
+} |
163 |
|
164 |
diff --git a/net-vpn/i2pd/files/i2pd-2.41.0-libressl.patch b/net-vpn/i2pd/files/i2pd-2.41.0-libressl.patch |
165 |
new file mode 100644 |
166 |
index 0000000..8f18a62 |
167 |
--- /dev/null |
168 |
+++ b/net-vpn/i2pd/files/i2pd-2.41.0-libressl.patch |
169 |
@@ -0,0 +1,20 @@ |
170 |
+From OpenBSD: |
171 |
+ |
172 |
+https://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/i2pd/patches/patch-libi2pd_Crypto_h |
173 |
+ |
174 |
+Fix build with opaque structs in LibreSSL 3.5 |
175 |
+ |
176 |
+Index: libi2pd/Crypto.h |
177 |
+--- a/libi2pd/Crypto.h.orig |
178 |
++++ b/libi2pd/Crypto.h |
179 |
+@@ -29,7 +29,9 @@ |
180 |
+ #include "CPU.h" |
181 |
+ |
182 |
+ // recognize openssl version and features |
183 |
+-#if ((OPENSSL_VERSION_NUMBER < 0x010100000) || defined(LIBRESSL_VERSION_NUMBER)) // 1.0.2 and below or LibreSSL |
184 |
++#if defined(LIBRESSL_VERSION_NUMBER) |
185 |
++# define LEGACY_OPENSSL 0 |
186 |
++#elif (OPENSSL_VERSION_NUMBER < 0x010100000) // 1.0.2 and below |
187 |
+ # define LEGACY_OPENSSL 1 |
188 |
+ # define X509_getm_notBefore X509_get_notBefore |
189 |
+ # define X509_getm_notAfter X509_get_notAfter |
190 |
|
191 |
diff --git a/net-vpn/i2pd/files/i2pd-2.6.0-r3.confd b/net-vpn/i2pd/files/i2pd-2.6.0-r3.confd |
192 |
new file mode 100644 |
193 |
index 0000000..d2ef16b |
194 |
--- /dev/null |
195 |
+++ b/net-vpn/i2pd/files/i2pd-2.6.0-r3.confd |
196 |
@@ -0,0 +1,12 @@ |
197 |
+I2PD_USER=i2pd |
198 |
+I2PD_GROUP=i2pd |
199 |
+I2PD_LOG=/var/log/i2pd.log |
200 |
+I2PD_PID=/run/i2pd/i2pd.pid |
201 |
+ |
202 |
+# max number of open files (for floodfill) |
203 |
+rc_ulimit="-n 4096" |
204 |
+ |
205 |
+# Options to i2pd |
206 |
+I2PD_OPTIONS="--daemon --service --pidfile=${I2PD_PID} \ |
207 |
+--log=file --logfile=${I2PD_LOG} \ |
208 |
+--conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf" |
209 |
|
210 |
diff --git a/net-vpn/i2pd/i2pd-2.41.0.ebuild b/net-vpn/i2pd/i2pd-2.41.0.ebuild |
211 |
new file mode 100644 |
212 |
index 0000000..7a367a8 |
213 |
--- /dev/null |
214 |
+++ b/net-vpn/i2pd/i2pd-2.41.0.ebuild |
215 |
@@ -0,0 +1,83 @@ |
216 |
+# Copyright 1999-2021 Gentoo Authors |
217 |
+# Distributed under the terms of the GNU General Public License v2 |
218 |
+ |
219 |
+EAPI=8 |
220 |
+ |
221 |
+inherit cmake toolchain-funcs systemd |
222 |
+ |
223 |
+DESCRIPTION="A C++ daemon for accessing the I2P anonymous network" |
224 |
+HOMEPAGE="https://github.com/PurpleI2P/i2pd" |
225 |
+SRC_URI="https://github.com/PurpleI2P/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" |
226 |
+ |
227 |
+LICENSE="BSD" |
228 |
+SLOT="0" |
229 |
+KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
230 |
+IUSE="cpu_flags_x86_aes cpu_flags_x86_avx i2p-hardening +upnp" |
231 |
+ |
232 |
+RDEPEND=" |
233 |
+ acct-user/i2pd |
234 |
+ acct-group/i2pd |
235 |
+ dev-libs/boost:=[threads(+)] |
236 |
+ dev-libs/openssl:0=[-bindist(-)] |
237 |
+ sys-libs/zlib |
238 |
+ upnp? ( net-libs/miniupnpc:= )" |
239 |
+DEPEND="${RDEPEND}" |
240 |
+ |
241 |
+CMAKE_USE_DIR="${WORKDIR}/${P}/build" |
242 |
+ |
243 |
+DOCS=( ../README.md ../contrib/i2pd.conf ../contrib/tunnels.conf ) |
244 |
+ |
245 |
+PATCHES=( "${FILESDIR}/${P}-libressl.patch" ) |
246 |
+ |
247 |
+pkg_pretend() { |
248 |
+ if use i2p-hardening && ! tc-is-gcc; then |
249 |
+ die "i2p-hardening requires gcc" |
250 |
+ fi |
251 |
+} |
252 |
+ |
253 |
+src_configure() { |
254 |
+ local mycmakeargs=( |
255 |
+ -DWITH_AESNI=$(usex cpu_flags_x86_aes ON OFF) |
256 |
+ -DWITH_HARDENING=$(usex i2p-hardening ON OFF) |
257 |
+ -DWITH_PCH=OFF |
258 |
+ -DWITH_STATIC=OFF |
259 |
+ -DWITH_UPNP=$(usex upnp ON OFF) |
260 |
+ -DWITH_LIBRARY=ON |
261 |
+ -DWITH_BINARY=ON |
262 |
+ ) |
263 |
+ cmake_src_configure |
264 |
+} |
265 |
+ |
266 |
+src_install() { |
267 |
+ cmake_src_install |
268 |
+ |
269 |
+ # config |
270 |
+ insinto /etc/i2pd |
271 |
+ doins contrib/i2pd.conf |
272 |
+ doins contrib/tunnels.conf |
273 |
+ |
274 |
+ # working directory |
275 |
+ insinto /var/lib/i2pd |
276 |
+ doins -r contrib/certificates |
277 |
+ |
278 |
+ # add /var/lib/i2pd/certificates to CONFIG_PROTECT |
279 |
+ doenvd "${FILESDIR}/99i2pd" |
280 |
+ |
281 |
+ # openrc and systemd daemon routines |
282 |
+ newconfd "${FILESDIR}/i2pd-2.6.0-r3.confd" i2pd |
283 |
+ newinitd "${FILESDIR}/i2pd-2.39.0.initd" i2pd |
284 |
+ systemd_newunit "${FILESDIR}/i2pd-2.38.0.service" i2pd.service |
285 |
+ |
286 |
+ # logrotate |
287 |
+ insinto /etc/logrotate.d |
288 |
+ newins "${FILESDIR}/i2pd-2.38.0-r1.logrotate" i2pd |
289 |
+} |
290 |
+ |
291 |
+pkg_postinst() { |
292 |
+ if [[ -f ${EROOT}/etc/i2pd/subscriptions.txt ]]; then |
293 |
+ ewarn |
294 |
+ ewarn "Configuration of the subscriptions has been moved from" |
295 |
+ ewarn "subscriptions.txt to i2pd.conf. We recommend updating" |
296 |
+ ewarn "i2pd.conf accordingly and deleting subscriptions.txt." |
297 |
+ fi |
298 |
+} |
299 |
|
300 |
diff --git a/net-vpn/i2pd/metadata.xml b/net-vpn/i2pd/metadata.xml |
301 |
new file mode 100644 |
302 |
index 0000000..0c76e2d |
303 |
--- /dev/null |
304 |
+++ b/net-vpn/i2pd/metadata.xml |
305 |
@@ -0,0 +1,24 @@ |
306 |
+<?xml version="1.0" encoding="UTF-8"?> |
307 |
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> |
308 |
+<pkgmetadata> |
309 |
+ <maintainer type="person" proxied="yes"> |
310 |
+ <email>kaikaikai@××××××.ru</email> |
311 |
+ <name>Alexey Korepanov</name> |
312 |
+ </maintainer> |
313 |
+ <maintainer type="project" proxied="proxy"> |
314 |
+ <email>proxy-maint@g.o</email> |
315 |
+ <name>Proxy Maintainers</name> |
316 |
+ </maintainer> |
317 |
+ <maintainer type="person" proxied="yes"> |
318 |
+ <email>klondike@g.o</email> |
319 |
+ <name>Francisco Blas Izquierdo Riera</name> |
320 |
+ </maintainer> |
321 |
+ <use> |
322 |
+ <flag name="i2p-hardening"> |
323 |
+ Compile with hardening on vanilla compilers/linkers |
324 |
+ </flag> |
325 |
+ </use> |
326 |
+ <upstream> |
327 |
+ <remote-id type="github">PurpleI2P/i2pd</remote-id> |
328 |
+ </upstream> |
329 |
+</pkgmetadata> |