summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlin Năstac <mrness@gentoo.org>2009-09-11 18:46:36 +0000
committerAlin Năstac <mrness@gentoo.org>2009-09-11 18:46:36 +0000
commitbffa0ece09766e95b3fc84fe13f5102d9d414026 (patch)
treee9732d19e884d6fc47c3f146b92ec925134b505e /net-misc/openswan
parentFix useflag interdependency, closes #284622 (diff)
downloadhistorical-bffa0ece09766e95b3fc84fe13f5102d9d414026.tar.gz
historical-bffa0ece09766e95b3fc84fe13f5102d9d414026.tar.bz2
historical-bffa0ece09766e95b3fc84fe13f5102d9d414026.zip
Version bump.
Correct ipsec.conf and ipsec.secrets paths in openswan-2.4 documentation (#284235). Add ms-bad-proposal USE flag and patch (#284240). Package-Manager: portage-2.1.6.13/cvs/Linux x86_64
Diffstat (limited to 'net-misc/openswan')
-rw-r--r--net-misc/openswan/ChangeLog13
-rw-r--r--net-misc/openswan/Manifest16
-rw-r--r--net-misc/openswan/files/openswan-2.4-allow-ms-bad-proposal.patch11
-rw-r--r--net-misc/openswan/files/openswan-2.6-allow-ms-bad-proposal.patch11
-rw-r--r--net-misc/openswan/files/openswan-2.6.23-gentoo.patch130
-rw-r--r--net-misc/openswan/metadata.xml2
-rw-r--r--net-misc/openswan/openswan-2.4.15-r1.ebuild128
-rw-r--r--net-misc/openswan/openswan-2.6.23.ebuild162
8 files changed, 467 insertions, 6 deletions
diff --git a/net-misc/openswan/ChangeLog b/net-misc/openswan/ChangeLog
index 9cc771d87d95..0de367d2a3a1 100644
--- a/net-misc/openswan/ChangeLog
+++ b/net-misc/openswan/ChangeLog
@@ -1,6 +1,17 @@
# ChangeLog for net-misc/openswan
# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/ChangeLog,v 1.68 2009/08/30 07:35:29 mrness Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/ChangeLog,v 1.69 2009/09/11 18:46:36 mrness Exp $
+
+*openswan-2.6.23 (11 Sep 2009)
+*openswan-2.4.15-r1 (11 Sep 2009)
+
+ 11 Sep 2009; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.4-allow-ms-bad-proposal.patch,
+ +files/openswan-2.6.23-gentoo.patch,
+ +files/openswan-2.6-allow-ms-bad-proposal.patch, metadata.xml,
+ +openswan-2.4.15-r1.ebuild, +openswan-2.6.23.ebuild:
+ Version bump. Correct ipsec.conf and ipsec.secrets paths in openswan-2.4
+ documentation (#284235). Add ms-bad-proposal USE flag and patch (#284240).
30 Aug 2009; Alin Năstac <mrness@gentoo.org>
-files/openswan-2.4.14-deprecated-ldap.patch,
diff --git a/net-misc/openswan/Manifest b/net-misc/openswan/Manifest
index 7f89798455db..6bbff6e4f0f5 100644
--- a/net-misc/openswan/Manifest
+++ b/net-misc/openswan/Manifest
@@ -3,19 +3,25 @@ Hash: SHA1
AUX ipsec 1551 RMD160 9f2480ebfb7549df1cbe3cf5c62575acd78a986a SHA1 53c1826bea6a613a025d34ea3b68e95c2b13e62c SHA256 926aedf5585626202b9817e0d37ef40c4a07ef1f75b77de228eb7f5f8b8e6f21
AUX ipsec-initd 487 RMD160 23d9d7be6000fb95fdb142bc948964d6050b7864 SHA1 55a4c3ab2523f265e314c9048c0552699564fc4d SHA256 e86140b6e596a0b0d6e52ca521adb891eb3b9cc4ad8e6f28041fb773f9f60347
+AUX openswan-2.4-allow-ms-bad-proposal.patch 481 RMD160 7ad11a9fa18a633554fc52d8d45c4513e4436f89 SHA1 3f714737c3e731cc6a62ab8c7b51948ea9c7a566 SHA256 30cc482b9cd3b47699a94c77c7ac16c047913a55d7c66d11e60ea213db84f39d
AUX openswan-2.4.15-deprecated-ldap.patch 372 RMD160 434d98f24c6b0066be3ce6d50e679b67edc22791 SHA1 95b8aec3807d953d9af3ca7ddc67b6aa08d340db SHA256 e891c8daa25dd8a06b6cc070cdc9913f260c375cf7a794b496a430e029e660bc
AUX openswan-2.4.15-gentoo.patch 7744 RMD160 fb3d0f745ddf93f11fbeeee98d709c46455c248d SHA1 14dc6577ddb6e52a7356407512725a23865d02b8 SHA256 792055fe57e1a7756d5e804bdbbdf76e009b9b4e60141125bd92c464ec46d946
+AUX openswan-2.6-allow-ms-bad-proposal.patch 551 RMD160 3fda2ba360cb5d3427af56c12f32526c78465c7e SHA1 6649779a6ae76773c78db5d646927a7e698ce825 SHA256 3c84444f6181c0b7f7749c828db790e20f637d93d9dacec8e120709cce8adcc0
AUX openswan-2.6.22-gentoo.patch 5088 RMD160 e61921ae0c795e38c44e38f5a22f0881aaf4d893 SHA1 783cee333a0fa0f820c76d7bda808404c650aa39 SHA256 e95a2cd4fa2aff4c1d75951c27595045602180a6865920594b318ec6cd576db8
+AUX openswan-2.6.23-gentoo.patch 5198 RMD160 42a4b13b4778297ca6051916f1222f04b336cdb4 SHA1 b5ee49a2201a46e36772c15e43594ab4151ff792 SHA256 b6cac62e0544cab3680457538b35e1f71cd1389d06369f486640ae37bf7277ef
DIST openswan-2.4.15.tar.gz 3938290 RMD160 be0c9bec423f5df5815d6a773ed79c4d832b94a9 SHA1 b9b76c81fae2ff1f202c362fc67518a7acd1e99e SHA256 cf85bf896dd2b0b0818d2851f4d8ec61f816f777d47cbfed7065a682ffd47293
DIST openswan-2.6.22.tar.gz 8152865 RMD160 dd06dbf7147407c9dc31efa29253d4c06ef5f0b1 SHA1 44cc5d6dd850b926f9addfd88ec2540984b08563 SHA256 05f4db569206b2bb31d99a322eb75a4830567e2859f485a12fdbaee37d91704b
+DIST openswan-2.6.23.tar.gz 8127086 RMD160 534e5be9df46116db65adf17e05faae13c8c5f8d SHA1 03ce952f4a7fe6be8c8244d759d782d2249d010f SHA256 5e14092746ebca6c8f6ec03e98c74c8094d5343a4f20f860f8cf15f3d33261e2
+EBUILD openswan-2.4.15-r1.ebuild 3788 RMD160 0195c1c269a763347e5ce2ba96cc7aa16a0a80de SHA1 21df0773a8f788161ba364a387277a28630e9ea2 SHA256 6b9e1ab34d6de2ca89680d207f94eda8dfbdec36cd75f57a8f5b3af98a9c3806
EBUILD openswan-2.4.15.ebuild 3524 RMD160 846041fd08d5f29d85ae4721ec8941cb32662d5e SHA1 b51b0f8072555e2c4216751625d8d690251d74a4 SHA256 da2aab48d0493e800a4ad6d0bdd913a736e7e0aa8035b7ec2f06e33539568cb7
EBUILD openswan-2.6.22.ebuild 4532 RMD160 bf55872849421ca354554c99f1cb5be66dee203e SHA1 d0ca8b86fc9b92d26ecc9b8e704bf855f994f969 SHA256 71a90ba5379c7dd3892a00759552c6e02e39fe2b03f9ab27aafa408df980e1ba
-MISC ChangeLog 13362 RMD160 5291e03ea655d9d12ec8e0b8c064d36522467cd7 SHA1 2696bd92f6ceced027731ee1737a0ec51d010fdf SHA256 6d6302792d2c84464e0c02129300ab9c5682cb731e93d46b94935f70112b0bd1
-MISC metadata.xml 1052 RMD160 714461d3b0b057e2859462b89308234ff326aa35 SHA1 fe024e83c6632467d13b7d80c57ec94fda1137de SHA256 2fc6636bb523697c3e909cd6e4106402978f9a51435ae4c0ec9e27767b41ad16
+EBUILD openswan-2.6.23.ebuild 4647 RMD160 b4474762a40293b1d4eb7bc18fa26328d825fd88 SHA1 e27846553b09cde3a912c7fb72205a0cf960734e SHA256 83ba0dd45ee1123edcf2abad0fc4705104827a75b4cff50fc67588924463bae9
+MISC ChangeLog 13839 RMD160 15e24d3ecd8afe9291a38e2c18c74a8bf2851efe SHA1 93486f12ccba9cb688a6372f0ba8b087be3080c9 SHA256 50e7899d5893cf6c7f08461cc3a1a256a18f612c6d40c63d636387afea2e5007
+MISC metadata.xml 1169 RMD160 972a171b3ac79de89b5885a0ec41e067930e7c72 SHA1 648e25d425288f8b7b160cce0d26fd33a7d9e133 SHA256 3b481978833bd6bf1eac2a07930dc3b1ea622cc7abd2dcdb2bbae47d65672a3a
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
-iEYEARECAAYFAkqaK8oACgkQ9A5kJBGSrsuKpgCglzW5vVeD5Hx+JOtW2q5uqGfG
-teMAniTdoRKWSkDeVAITv6RAQAsFt4Mf
-=2b7C
+iEYEARECAAYFAkqqmxYACgkQ9A5kJBGSrsu4zQCeME6X9iXUoSNM0EzjHJgG21ss
+cxgAoI7lspeRx/q+8WKbttRbPWa6dQ6Y
+=ZlyI
-----END PGP SIGNATURE-----
diff --git a/net-misc/openswan/files/openswan-2.4-allow-ms-bad-proposal.patch b/net-misc/openswan/files/openswan-2.4-allow-ms-bad-proposal.patch
new file mode 100644
index 000000000000..8f50cbb8e17d
--- /dev/null
+++ b/net-misc/openswan/files/openswan-2.4-allow-ms-bad-proposal.patch
@@ -0,0 +1,11 @@
+diff -Nru openswan-2.4.15.orig/programs/pluto/Makefile openswan-2.4.15/programs/pluto/Makefile
+--- openswan-2.4.15.orig/programs/pluto/Makefile 2009-09-11 18:32:38.000000000 +0200
++++ openswan-2.4.15/programs/pluto/Makefile 2009-09-11 19:35:33.000000000 +0200
+@@ -244,6 +244,7 @@
+ -DGCC_LINT \
+ -DUSE_AES -DUSE_3DES \
+ -DIKE_ALG -DKERNEL_ALG -DDB_CONTEXT \
++ -DALLOW_MICROSOFT_BAD_PROPOSAL \
+ ${AGGRESSIVE_DEFS} \
+ ${XAUTH_DEFS} ${XAUTHPAM_DEFS} \
+ ${NAT_DEFS} ${CURL_DEFS}\
diff --git a/net-misc/openswan/files/openswan-2.6-allow-ms-bad-proposal.patch b/net-misc/openswan/files/openswan-2.6-allow-ms-bad-proposal.patch
new file mode 100644
index 000000000000..1a1218985fcb
--- /dev/null
+++ b/net-misc/openswan/files/openswan-2.6-allow-ms-bad-proposal.patch
@@ -0,0 +1,11 @@
+diff -Nru openswan-2.6.23.orig/programs/pluto/Makefile openswan-2.6.23/programs/pluto/Makefile
+--- openswan-2.6.23.orig/programs/pluto/Makefile 2009-09-09 02:42:54.000000000 +0200
++++ openswan-2.6.23/programs/pluto/Makefile 2009-09-11 19:27:47.000000000 +0200
+@@ -43,6 +43,7 @@
+ # End of configuration coping options.
+
+ CPPFLAGS = $(HDRDIRS) $(DEFINES) \
++ -DALLOW_MICROSOFT_BAD_PROPOSAL \
+ -DSHARED_SECRETS_FILE=\"${FINALCONFDIR}/ipsec.secrets\" \
+ -DPOLICYGROUPSDIR=\"${FINALCONFDDIR}/policies\" \
+ -DPERPEERLOGDIR=\"${FINALLOGDIR}/pluto/peer\"
diff --git a/net-misc/openswan/files/openswan-2.6.23-gentoo.patch b/net-misc/openswan/files/openswan-2.6.23-gentoo.patch
new file mode 100644
index 000000000000..51da8db7766a
--- /dev/null
+++ b/net-misc/openswan/files/openswan-2.6.23-gentoo.patch
@@ -0,0 +1,130 @@
+diff -Nru openswan-2.6.23.orig/lib/libdns/Makefile openswan-2.6.23/lib/libdns/Makefile
+--- openswan-2.6.23.orig/lib/libdns/Makefile 2009-09-09 02:42:54.000000000 +0200
++++ openswan-2.6.23/lib/libdns/Makefile 2009-09-11 19:20:37.000000000 +0200
+@@ -30,8 +30,8 @@
+ -I${srcdir}../libisc/nothreads/include \
+ -I. -I./include -I${srcdir}include \
+ -I${srcdir}../libisc/include
+-CDEFINES = -g ${USERCOMPILE} ${PORTINCLUDE}
+-CWARNINGS = -Werror
++CDEFINES = ${USERCOMPILE} ${PORTINCLUDE}
++CWARNINGS =
+
+ CFLAGS+=${CINCLUDES} ${CDEFINES} ${CWARNINGS}
+
+diff -Nru openswan-2.6.23.orig/lib/libisc/Makefile openswan-2.6.23/lib/libisc/Makefile
+--- openswan-2.6.23.orig/lib/libisc/Makefile 2009-09-09 02:42:54.000000000 +0200
++++ openswan-2.6.23/lib/libisc/Makefile 2009-09-11 19:20:37.000000000 +0200
+@@ -22,8 +22,8 @@
+ -I${srcdir}nothreads/include \
+ -I. -I./include -I${srcdir}include \
+ $(PORTINCLUDE) -I${OPENSWANSRCDIR}/include
+-CDEFINES = -g -DHAVE_STRERROR ${USERCOMPILE} ${PORTINCLUDE}
+-# CWARNINGS = -Werror
++CDEFINES = -DHAVE_STRERROR ${USERCOMPILE} ${PORTINCLUDE}
++# CWARNINGS =
+
+ CFLAGS+=${CINCLUDES} ${CDEFINES} ${CWARNINGS}
+
+diff -Nru openswan-2.6.23.orig/lib/liblwres/Makefile openswan-2.6.23/lib/liblwres/Makefile
+--- openswan-2.6.23.orig/lib/liblwres/Makefile 2009-09-09 02:42:54.000000000 +0200
++++ openswan-2.6.23/lib/liblwres/Makefile 2009-09-11 19:20:37.000000000 +0200
+@@ -22,8 +22,8 @@
+ -I${srcdir}../libisc/${ISCARCH}/include \
+ -I${srcdir}../libisc/include \
+ -I. -I./include -I${srcdir}include
+-CDEFINES = -g
+-CWARNINGS = -Werror
++CDEFINES =
++CWARNINGS =
+
+ CFLAGS+=${USERCOMPILE} ${PORTINCLUDE} ${CINCLUDES} ${CDEFINES} ${CWARNINGS}
+
+diff -Nru openswan-2.6.23.orig/Makefile.inc openswan-2.6.23/Makefile.inc
+--- openswan-2.6.23.orig/Makefile.inc 2009-09-09 02:42:54.000000000 +0200
++++ openswan-2.6.23/Makefile.inc 2009-09-11 19:20:37.000000000 +0200
+@@ -49,7 +49,7 @@
+ DESTDIR?=
+
+ # "local" part of tree, used in building other pathnames
+-INC_USRLOCAL=/usr/local
++INC_USRLOCAL?=/usr
+
+ # PUBDIR is where the "ipsec" command goes; beware, many things define PATH
+ # settings which are assumed to include it (or at least, to include *some*
+@@ -94,7 +94,7 @@
+
+ # sample configuration files go into
+ INC_DOCDIR?=share/doc
+-FINALEXAMPLECONFDIR=${INC_USRLOCAL}/${INC_DOCDIR}/openswan
++FINALEXAMPLECONFDIR?=${INC_USRLOCAL}/${INC_DOCDIR}/openswan
+ EXAMPLECONFDIR=${DESTDIR}${FINALEXAMPLECONFDIR}
+
+ FINALDOCDIR?=${INC_USRLOCAL}/${INC_DOCDIR}/openswan
+diff -Nru openswan-2.6.23.orig/programs/Makefile.program openswan-2.6.23/programs/Makefile.program
+--- openswan-2.6.23.orig/programs/Makefile.program 2009-09-09 02:42:54.000000000 +0200
++++ openswan-2.6.23/programs/Makefile.program 2009-09-11 19:20:37.000000000 +0200
+@@ -53,7 +53,6 @@
+ WERROR:= -Werror
+ endif
+
+-CFLAGS+= ${WERROR}
+
+ ifneq ($(LD_LIBRARY_PATH),)
+ LDFLAGS=-L$(LD_LIBRARY_PATH)
+diff -Nru openswan-2.6.23.orig/programs/setup/Makefile openswan-2.6.23/programs/setup/Makefile
+--- openswan-2.6.23.orig/programs/setup/Makefile 2009-09-09 02:42:54.000000000 +0200
++++ openswan-2.6.23/programs/setup/Makefile 2009-09-11 19:21:55.000000000 +0200
+@@ -18,7 +18,6 @@
+
+ # this dance is because setup has to get installed as /etc/rc.d/init.d/ipsec
+ # not as /etc/rc.d/init.d/setup.
+-PROGRAMDIR=$(RCDIR)
+ PROGRAM=
+ EXTRA8MAN=setup.8
+
+@@ -29,32 +28,6 @@
+ # into the $BINDIR.
+ #
+ # the priorities match those in setup's chkconfig line
+-doinstall:: setup
+- @rm -f $(BINDIR)/setup
+- @$(INSTALL) $(INSTBINFLAGS) setup $(RCDIR)/ipsec
+- @ln -s $(FINALRCDIR)/ipsec $(BINDIR)/setup
+- -@for i in 0 1 2 3 4 5 6; do mkdir -p $(RCDIR)/../rc$$i.d; done
+- -@cd $(RCDIR)/../rc0.d && ln -f -s ../init.d/ipsec K76ipsec
+- -@cd $(RCDIR)/../rc1.d && ln -f -s ../init.d/ipsec K76ipsec
+- -@cd $(RCDIR)/../rc2.d && ln -f -s ../init.d/ipsec S47ipsec
+- -@cd $(RCDIR)/../rc3.d && ln -f -s ../init.d/ipsec S47ipsec
+- -@cd $(RCDIR)/../rc4.d && ln -f -s ../init.d/ipsec S47ipsec
+- -@cd $(RCDIR)/../rc5.d && ln -f -s ../init.d/ipsec S47ipsec
+- -@cd $(RCDIR)/../rc6.d && ln -f -s ../init.d/ipsec K76ipsec
+-
+-install_file_list::
+- @echo $(RCDIR)/ipsec
+- @echo $(BINDIR)/setup
+- @echo $(RCDIR)/../rc0.d/K76ipsec
+- @echo $(RCDIR)/../rc1.d/K76ipsec
+- @echo $(RCDIR)/../rc2.d/S47ipsec
+- @echo $(RCDIR)/../rc3.d/S47ipsec
+- @echo $(RCDIR)/../rc4.d/S47ipsec
+- @echo $(RCDIR)/../rc5.d/S47ipsec
+- @echo $(RCDIR)/../rc6.d/K76ipsec
+-
+-cleanall::
+- @rm -f setup
+
+ #
+ # $Log: not supported by cvs2svn $
+diff -Nru openswan-2.6.23.orig/testing/utils/make-uml.sh openswan-2.6.23/testing/utils/make-uml.sh
+--- openswan-2.6.23.orig/testing/utils/make-uml.sh 2009-09-09 02:42:54.000000000 +0200
++++ openswan-2.6.23/testing/utils/make-uml.sh 2009-09-11 19:20:37.000000000 +0200
+@@ -262,7 +262,7 @@
+
+ cd $OPENSWANSRCDIR || exit 1
+
+-make WERROR=-Werror USE_OBJDIR=true programs
++make USE_OBJDIR=true programs
+
+ # now, execute the Makefile that we have created!
+ cd $POOLSPACE && make $OPENSWANHOSTS
diff --git a/net-misc/openswan/metadata.xml b/net-misc/openswan/metadata.xml
index 159b1bae02a0..02468d933d03 100644
--- a/net-misc/openswan/metadata.xml
+++ b/net-misc/openswan/metadata.xml
@@ -18,5 +18,7 @@ growing frustrated with the politics surrounding the FreeS/WAN project.</longdes
<flag name="weak-algorithms">Include weak algorithms (DH1)</flag>
<flag name="nocrypto-algorithms">Include algorithms that don't even encrypt
(1DES)</flag>
+ <flag name="ms-bad-proposal">Allow bad IP address proposal offered by an
+ Microsoft L2TP/IPSec servers</flag>
</use>
</pkgmetadata>
diff --git a/net-misc/openswan/openswan-2.4.15-r1.ebuild b/net-misc/openswan/openswan-2.4.15-r1.ebuild
new file mode 100644
index 000000000000..aa5b0343dd0a
--- /dev/null
+++ b/net-misc/openswan/openswan-2.4.15-r1.ebuild
@@ -0,0 +1,128 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/openswan-2.4.15-r1.ebuild,v 1.1 2009/09/11 18:46:36 mrness Exp $
+
+EAPI="2"
+
+inherit eutils linux-info
+
+DESCRIPTION="Open Source implementation of IPsec for the Linux operating system (was SuperFreeS/WAN)."
+HOMEPAGE="http://www.openswan.org/"
+SRC_URI="http://www.openswan.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~sparc ~x86"
+IUSE="curl ldap smartcard extra-algorithms weak-algorithms ms-bad-proposal"
+
+COMMON_DEPEND="!net-misc/strongswan
+ dev-libs/gmp
+ dev-lang/perl
+ smartcard? ( dev-libs/opensc )
+ curl? ( net-misc/curl )
+ ldap? ( net-nds/openldap )"
+DEPEND="${COMMON_DEPEND}
+ virtual/linux-sources"
+RDEPEND="${COMMON_DEPEND}
+ virtual/logger
+ sys-apps/iproute2"
+
+pkg_setup() {
+ linux-info_pkg_setup
+
+ if kernel_is 2 6; then
+ einfo "This ebuild will set ${P} to use 2.6 native IPsec (KAME)."
+ einfo "KLIPS will not be compiled/installed."
+ MYMAKE="programs"
+
+ elif kernel_is 2 4; then
+ if ! [[ -d "${KERNEL_DIR}/net/ipsec" ]]; then
+ eerror "You need to have an IPsec enabled 2.4.x kernel."
+ eerror "Ensure you have one running and make a symlink to it in /usr/src/linux"
+ die
+ fi
+
+ einfo "Using patched-in IPsec code for kernel 2.4"
+ einfo "Your kernel only supports KLIPS for kernel level IPsec."
+ MYMAKE="confcheck programs"
+
+ else
+ die "Unsupported kernel version"
+ fi
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${P}-gentoo.patch
+ epatch "${FILESDIR}"/${P}-deprecated-ldap.patch
+ use ms-bad-proposal && epatch "${FILESDIR}"/${PN}-${PV%.*}-allow-ms-bad-proposal.patch
+
+ find . -type f -regex '.*[.]\([1-8]\|html\|xml\)' -exec sed -i \
+ -e 's:/usr/local:/usr:g' \
+ -e 's:/etc/ipsec[\][&][.]conf:/etc/ipsec/ipsec\\\&.conf:g' \
+ -e 's:/etc/ipsec[.]conf:/etc/ipsec/ipsec.conf:g' \
+ -e 's:/etc/ipsec[\][&][.]secrets:/etc/ipsec/ipsec\\\&.secrets:g' \
+ -e 's:/etc/ipsec[.]secrets:/etc/ipsec/ipsec.secrets:g' '{}' \; ||
+ die "failed to replace text in docs"
+}
+
+get_make_options() {
+ echo KERNELSRC=\"${KERNEL_DIR}\" \
+ FINALCONFDIR=/etc/ipsec \
+ FINALCONFFILE=/etc/ipsec/ipsec.conf \
+ FINALEXAMPLECONFDIR=/usr/share/doc/${PF} \
+ INC_RCDEFAULT=/etc/init.d \
+ INC_USRLOCAL=/usr \
+ INC_MANDIR=share/man \
+ FINALDOCDIR=/usr/share/doc/${PF} \
+ DESTDIR=\"${D}\" \
+ USERCOMPILE=\"${CFLAGS}\"
+ if use smartcard ; then
+ echo USE_SMARTCARD=true
+ fi
+ if use extra-algorithms ; then
+ echo USE_EXTRACRYPTO=true
+ fi
+ if use weak-algorithms ; then
+ echo USE_WEAKSTUFF=true
+ fi
+ echo USE_OE=false # by default, turn off Opportunistic Encryption
+ echo USE_LWRES=false # needs bind9 with lwres support
+ local USETHREADS=false
+ if use curl; then
+ echo USE_LIBCURL=true
+ USETHREADS=true
+ fi
+ if use ldap; then
+ echo USE_LDAP=true
+ USETHREADS=true
+ fi
+ echo HAVE_THREADS=${USETHREADS}
+}
+
+src_compile() {
+ eval set -- $(get_make_options)
+ emake "$@" \
+ ${MYMAKE} || die "emake failed"
+}
+
+src_install() {
+ eval set -- $(get_make_options)
+ emake "$@" \
+ install || die "emake install failed"
+
+ dosym /etc/ipsec/ipsec.d /etc/ipsec.d
+
+ doinitd "${FILESDIR}"/ipsec || die "failed to install init script"
+
+ dodir /var/run/pluto || die "failed to create /var/run/pluto"
+}
+
+pkg_postinst() {
+ if kernel_is 2 6; then
+ CONFIG_CHECK="~NET_KEY ~INET_XFRM_MODE_TRANSPORT ~INET_XFRM_MODE_TUNNEL ~INET_AH ~INET_ESP ~INET_IPCOMP"
+ WARNING_INET_AH="CONFIG_INET_AH:\tmissing IPsec AH support (needed if you want only authentication)"
+ WARNING_INET_ESP="CONFIG_INET_ESP:\tmissing IPsec ESP support (needed if you want authentication and encryption)"
+ WARNING_INET_IPCOMP="CONFIG_INET_IPCOMP:\tmissing IPsec Payload Compression (required for compress=yes)"
+ check_extra_config
+ fi
+}
diff --git a/net-misc/openswan/openswan-2.6.23.ebuild b/net-misc/openswan/openswan-2.6.23.ebuild
new file mode 100644
index 000000000000..78dd752d856e
--- /dev/null
+++ b/net-misc/openswan/openswan-2.6.23.ebuild
@@ -0,0 +1,162 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/openswan-2.6.23.ebuild,v 1.1 2009/09/11 18:46:36 mrness Exp $
+
+EAPI="2"
+
+inherit eutils linux-info
+
+DESCRIPTION="Open Source implementation of IPsec for the Linux operating system (was SuperFreeS/WAN)."
+HOMEPAGE="http://www.openswan.org/"
+SRC_URI="http://www.openswan.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~sparc ~x86"
+IUSE="curl ldap smartcard extra-algorithms weak-algorithms nocrypto-algorithms ms-bad-proposal"
+
+COMMON_DEPEND="!net-misc/strongswan
+ dev-libs/gmp
+ dev-lang/perl
+ smartcard? ( dev-libs/opensc )
+ curl? ( net-misc/curl )
+ ldap? ( net-nds/openldap )"
+DEPEND="${COMMON_DEPEND}
+ virtual/linux-sources
+ app-text/xmlto
+ app-text/docbook-xml-dtd:4.1.2" # see bug 237132
+RDEPEND="${COMMON_DEPEND}
+ virtual/logger
+ sys-apps/iproute2"
+
+pkg_setup() {
+ if use nocrypto-algorithms && ! use weak-algorithms; then
+ ewarn "Enabling nocrypto-algorithms USE flag has no effect when"
+ ewarn "weak-algorithms USE flag is disabled"
+ fi
+
+ linux-info_pkg_setup
+
+ if kernel_is 2 6; then
+ einfo "This ebuild will set ${P} to use 2.6 native IPsec (KAME)."
+ einfo "KLIPS will not be compiled/installed."
+ MYMAKE="programs"
+
+ elif kernel_is 2 4; then
+ if ! [[ -d "${KERNEL_DIR}/net/ipsec" ]]; then
+ eerror "You need to have an IPsec enabled 2.4.x kernel."
+ eerror "Ensure you have one running and make a symlink to it in /usr/src/linux"
+ die
+ fi
+
+ einfo "Using patched-in IPsec code for kernel 2.4"
+ einfo "Your kernel only supports KLIPS for kernel level IPsec."
+ MYMAKE="confcheck programs"
+
+ else
+ die "Unsupported kernel version"
+ fi
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${P}-gentoo.patch
+ use ms-bad-proposal && epatch "${FILESDIR}"/${PN}-${PV%.*}-allow-ms-bad-proposal.patch
+
+ find . -type f -regex '.*[.]\([1-8]\|html\|xml\)' -exec sed -i \
+ -e s:/usr/local:/usr:g '{}' \; ||
+ die "failed to replace text in docs"
+}
+
+get_make_options() {
+ echo KERNELSRC=\"${KERNEL_DIR}\" \
+ FINALEXAMPLECONFDIR=/usr/share/doc/${PF} \
+ INC_RCDEFAULT=/etc/init.d \
+ INC_USRLOCAL=/usr \
+ INC_MANDIR=share/man \
+ FINALDOCDIR=/usr/share/doc/${PF}/html \
+ DESTDIR=\"${D}\" \
+ USERCOMPILE=\"${CFLAGS}\"
+ if use smartcard ; then
+ echo USE_SMARTCARD=true
+ fi
+ if use extra-algorithms ; then
+ echo USE_EXTRACRYPTO=true
+ else
+ echo USE_EXTRACRYPTO=false
+ fi
+ if use weak-algorithms ; then
+ echo USE_WEAKSTUFF=true
+ if use nocrypto-algorithms; then
+ echo USE_NOCRYPTO=true
+ fi
+ fi
+ echo USE_LWRES=false # needs bind9 with lwres support
+ local USETHREADS=false
+ if use curl; then
+ echo USE_LIBCURL=true
+ USETHREADS=true
+ fi
+ if use ldap; then
+ echo USE_LDAP=true
+ USETHREADS=true
+ fi
+ echo HAVE_THREADS=${USETHREADS}
+}
+
+src_compile() {
+ eval set -- $(get_make_options)
+ emake "$@" \
+ ${MYMAKE} || die "emake failed"
+}
+
+src_install() {
+ eval set -- $(get_make_options)
+ emake "$@" \
+ install || die "emake install failed"
+
+ newinitd "${FILESDIR}"/ipsec-initd ipsec || die "failed to install init script"
+
+ dodir /var/run/pluto || die "failed to create /var/run/pluto"
+}
+
+pkg_preinst() {
+ if has_version "<net-misc/openswan-2.6.14" && pushd "${ROOT}etc/ipsec"; then
+ ewarn "Following files and directories were moved from '${ROOT}etc/ipsec' to '${ROOT}etc':"
+ local i err=0
+ if [ -h "../ipsec.d" ]; then
+ rm "../ipsec.d" || die "failed to remove ../ipsec.d symlink"
+ fi
+ for i in *; do
+ if [ -e "../$i" ]; then
+ eerror " $i NOT MOVED, ../$i already exists!"
+ err=1
+ elif [ -d "$i" ]; then
+ mv "$i" .. || die "failed to move $i directory"
+ ewarn " directory $i"
+ elif [ -f "$i" ]; then
+ sed -i -e 's:/etc/ipsec/:/etc/:g' "$i" && \
+ mv "$i" .. && ewarn " file $i" || \
+ die "failed to move $i file"
+ else
+ eerror " $i NOT MOVED, it is not a file nor a directory!"
+ err=1
+ fi
+ done
+ popd
+ if [ $err -eq 0 ]; then
+ rmdir "${ROOT}etc/ipsec" || eerror "Failed to remove ${ROOT}etc/ipsec"
+ else
+ ewarn "${ROOT}etc/ipsec is not empty, you will have to remove it yourself"
+ fi
+ fi
+}
+
+pkg_postinst() {
+ if kernel_is 2 6; then
+ CONFIG_CHECK="~NET_KEY ~INET_XFRM_MODE_TRANSPORT ~INET_XFRM_MODE_TUNNEL ~INET_AH ~INET_ESP ~INET_IPCOMP"
+ WARNING_INET_AH="CONFIG_INET_AH:\tmissing IPsec AH support (needed if you want only authentication)"
+ WARNING_INET_ESP="CONFIG_INET_ESP:\tmissing IPsec ESP support (needed if you want authentication and encryption)"
+ WARNING_INET_IPCOMP="CONFIG_INET_IPCOMP:\tmissing IPsec Payload Compression (required for compress=yes)"
+ check_extra_config
+ fi
+}