diff options
author | Alin Năstac <mrness@gentoo.org> | 2009-09-11 18:46:36 +0000 |
---|---|---|
committer | Alin Năstac <mrness@gentoo.org> | 2009-09-11 18:46:36 +0000 |
commit | bffa0ece09766e95b3fc84fe13f5102d9d414026 (patch) | |
tree | e9732d19e884d6fc47c3f146b92ec925134b505e /net-misc/openswan | |
parent | Fix useflag interdependency, closes #284622 (diff) | |
download | historical-bffa0ece09766e95b3fc84fe13f5102d9d414026.tar.gz historical-bffa0ece09766e95b3fc84fe13f5102d9d414026.tar.bz2 historical-bffa0ece09766e95b3fc84fe13f5102d9d414026.zip |
Version bump.
Correct ipsec.conf and ipsec.secrets paths in openswan-2.4 documentation (#284235).
Add ms-bad-proposal USE flag and patch (#284240).
Package-Manager: portage-2.1.6.13/cvs/Linux x86_64
Diffstat (limited to 'net-misc/openswan')
-rw-r--r-- | net-misc/openswan/ChangeLog | 13 | ||||
-rw-r--r-- | net-misc/openswan/Manifest | 16 | ||||
-rw-r--r-- | net-misc/openswan/files/openswan-2.4-allow-ms-bad-proposal.patch | 11 | ||||
-rw-r--r-- | net-misc/openswan/files/openswan-2.6-allow-ms-bad-proposal.patch | 11 | ||||
-rw-r--r-- | net-misc/openswan/files/openswan-2.6.23-gentoo.patch | 130 | ||||
-rw-r--r-- | net-misc/openswan/metadata.xml | 2 | ||||
-rw-r--r-- | net-misc/openswan/openswan-2.4.15-r1.ebuild | 128 | ||||
-rw-r--r-- | net-misc/openswan/openswan-2.6.23.ebuild | 162 |
8 files changed, 467 insertions, 6 deletions
diff --git a/net-misc/openswan/ChangeLog b/net-misc/openswan/ChangeLog index 9cc771d87d95..0de367d2a3a1 100644 --- a/net-misc/openswan/ChangeLog +++ b/net-misc/openswan/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for net-misc/openswan # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/ChangeLog,v 1.68 2009/08/30 07:35:29 mrness Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/ChangeLog,v 1.69 2009/09/11 18:46:36 mrness Exp $ + +*openswan-2.6.23 (11 Sep 2009) +*openswan-2.4.15-r1 (11 Sep 2009) + + 11 Sep 2009; Alin Năstac <mrness@gentoo.org> + +files/openswan-2.4-allow-ms-bad-proposal.patch, + +files/openswan-2.6.23-gentoo.patch, + +files/openswan-2.6-allow-ms-bad-proposal.patch, metadata.xml, + +openswan-2.4.15-r1.ebuild, +openswan-2.6.23.ebuild: + Version bump. Correct ipsec.conf and ipsec.secrets paths in openswan-2.4 + documentation (#284235). Add ms-bad-proposal USE flag and patch (#284240). 30 Aug 2009; Alin Năstac <mrness@gentoo.org> -files/openswan-2.4.14-deprecated-ldap.patch, diff --git a/net-misc/openswan/Manifest b/net-misc/openswan/Manifest index 7f89798455db..6bbff6e4f0f5 100644 --- a/net-misc/openswan/Manifest +++ b/net-misc/openswan/Manifest @@ -3,19 +3,25 @@ Hash: SHA1 AUX ipsec 1551 RMD160 9f2480ebfb7549df1cbe3cf5c62575acd78a986a SHA1 53c1826bea6a613a025d34ea3b68e95c2b13e62c SHA256 926aedf5585626202b9817e0d37ef40c4a07ef1f75b77de228eb7f5f8b8e6f21 AUX ipsec-initd 487 RMD160 23d9d7be6000fb95fdb142bc948964d6050b7864 SHA1 55a4c3ab2523f265e314c9048c0552699564fc4d SHA256 e86140b6e596a0b0d6e52ca521adb891eb3b9cc4ad8e6f28041fb773f9f60347 +AUX openswan-2.4-allow-ms-bad-proposal.patch 481 RMD160 7ad11a9fa18a633554fc52d8d45c4513e4436f89 SHA1 3f714737c3e731cc6a62ab8c7b51948ea9c7a566 SHA256 30cc482b9cd3b47699a94c77c7ac16c047913a55d7c66d11e60ea213db84f39d AUX openswan-2.4.15-deprecated-ldap.patch 372 RMD160 434d98f24c6b0066be3ce6d50e679b67edc22791 SHA1 95b8aec3807d953d9af3ca7ddc67b6aa08d340db SHA256 e891c8daa25dd8a06b6cc070cdc9913f260c375cf7a794b496a430e029e660bc AUX openswan-2.4.15-gentoo.patch 7744 RMD160 fb3d0f745ddf93f11fbeeee98d709c46455c248d SHA1 14dc6577ddb6e52a7356407512725a23865d02b8 SHA256 792055fe57e1a7756d5e804bdbbdf76e009b9b4e60141125bd92c464ec46d946 +AUX openswan-2.6-allow-ms-bad-proposal.patch 551 RMD160 3fda2ba360cb5d3427af56c12f32526c78465c7e SHA1 6649779a6ae76773c78db5d646927a7e698ce825 SHA256 3c84444f6181c0b7f7749c828db790e20f637d93d9dacec8e120709cce8adcc0 AUX openswan-2.6.22-gentoo.patch 5088 RMD160 e61921ae0c795e38c44e38f5a22f0881aaf4d893 SHA1 783cee333a0fa0f820c76d7bda808404c650aa39 SHA256 e95a2cd4fa2aff4c1d75951c27595045602180a6865920594b318ec6cd576db8 +AUX openswan-2.6.23-gentoo.patch 5198 RMD160 42a4b13b4778297ca6051916f1222f04b336cdb4 SHA1 b5ee49a2201a46e36772c15e43594ab4151ff792 SHA256 b6cac62e0544cab3680457538b35e1f71cd1389d06369f486640ae37bf7277ef DIST openswan-2.4.15.tar.gz 3938290 RMD160 be0c9bec423f5df5815d6a773ed79c4d832b94a9 SHA1 b9b76c81fae2ff1f202c362fc67518a7acd1e99e SHA256 cf85bf896dd2b0b0818d2851f4d8ec61f816f777d47cbfed7065a682ffd47293 DIST openswan-2.6.22.tar.gz 8152865 RMD160 dd06dbf7147407c9dc31efa29253d4c06ef5f0b1 SHA1 44cc5d6dd850b926f9addfd88ec2540984b08563 SHA256 05f4db569206b2bb31d99a322eb75a4830567e2859f485a12fdbaee37d91704b +DIST openswan-2.6.23.tar.gz 8127086 RMD160 534e5be9df46116db65adf17e05faae13c8c5f8d SHA1 03ce952f4a7fe6be8c8244d759d782d2249d010f SHA256 5e14092746ebca6c8f6ec03e98c74c8094d5343a4f20f860f8cf15f3d33261e2 +EBUILD openswan-2.4.15-r1.ebuild 3788 RMD160 0195c1c269a763347e5ce2ba96cc7aa16a0a80de SHA1 21df0773a8f788161ba364a387277a28630e9ea2 SHA256 6b9e1ab34d6de2ca89680d207f94eda8dfbdec36cd75f57a8f5b3af98a9c3806 EBUILD openswan-2.4.15.ebuild 3524 RMD160 846041fd08d5f29d85ae4721ec8941cb32662d5e SHA1 b51b0f8072555e2c4216751625d8d690251d74a4 SHA256 da2aab48d0493e800a4ad6d0bdd913a736e7e0aa8035b7ec2f06e33539568cb7 EBUILD openswan-2.6.22.ebuild 4532 RMD160 bf55872849421ca354554c99f1cb5be66dee203e SHA1 d0ca8b86fc9b92d26ecc9b8e704bf855f994f969 SHA256 71a90ba5379c7dd3892a00759552c6e02e39fe2b03f9ab27aafa408df980e1ba -MISC ChangeLog 13362 RMD160 5291e03ea655d9d12ec8e0b8c064d36522467cd7 SHA1 2696bd92f6ceced027731ee1737a0ec51d010fdf SHA256 6d6302792d2c84464e0c02129300ab9c5682cb731e93d46b94935f70112b0bd1 -MISC metadata.xml 1052 RMD160 714461d3b0b057e2859462b89308234ff326aa35 SHA1 fe024e83c6632467d13b7d80c57ec94fda1137de SHA256 2fc6636bb523697c3e909cd6e4106402978f9a51435ae4c0ec9e27767b41ad16 +EBUILD openswan-2.6.23.ebuild 4647 RMD160 b4474762a40293b1d4eb7bc18fa26328d825fd88 SHA1 e27846553b09cde3a912c7fb72205a0cf960734e SHA256 83ba0dd45ee1123edcf2abad0fc4705104827a75b4cff50fc67588924463bae9 +MISC ChangeLog 13839 RMD160 15e24d3ecd8afe9291a38e2c18c74a8bf2851efe SHA1 93486f12ccba9cb688a6372f0ba8b087be3080c9 SHA256 50e7899d5893cf6c7f08461cc3a1a256a18f612c6d40c63d636387afea2e5007 +MISC metadata.xml 1169 RMD160 972a171b3ac79de89b5885a0ec41e067930e7c72 SHA1 648e25d425288f8b7b160cce0d26fd33a7d9e133 SHA256 3b481978833bd6bf1eac2a07930dc3b1ea622cc7abd2dcdb2bbae47d65672a3a -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) -iEYEARECAAYFAkqaK8oACgkQ9A5kJBGSrsuKpgCglzW5vVeD5Hx+JOtW2q5uqGfG -teMAniTdoRKWSkDeVAITv6RAQAsFt4Mf -=2b7C +iEYEARECAAYFAkqqmxYACgkQ9A5kJBGSrsu4zQCeME6X9iXUoSNM0EzjHJgG21ss +cxgAoI7lspeRx/q+8WKbttRbPWa6dQ6Y +=ZlyI -----END PGP SIGNATURE----- diff --git a/net-misc/openswan/files/openswan-2.4-allow-ms-bad-proposal.patch b/net-misc/openswan/files/openswan-2.4-allow-ms-bad-proposal.patch new file mode 100644 index 000000000000..8f50cbb8e17d --- /dev/null +++ b/net-misc/openswan/files/openswan-2.4-allow-ms-bad-proposal.patch @@ -0,0 +1,11 @@ +diff -Nru openswan-2.4.15.orig/programs/pluto/Makefile openswan-2.4.15/programs/pluto/Makefile +--- openswan-2.4.15.orig/programs/pluto/Makefile 2009-09-11 18:32:38.000000000 +0200 ++++ openswan-2.4.15/programs/pluto/Makefile 2009-09-11 19:35:33.000000000 +0200 +@@ -244,6 +244,7 @@ + -DGCC_LINT \ + -DUSE_AES -DUSE_3DES \ + -DIKE_ALG -DKERNEL_ALG -DDB_CONTEXT \ ++ -DALLOW_MICROSOFT_BAD_PROPOSAL \ + ${AGGRESSIVE_DEFS} \ + ${XAUTH_DEFS} ${XAUTHPAM_DEFS} \ + ${NAT_DEFS} ${CURL_DEFS}\ diff --git a/net-misc/openswan/files/openswan-2.6-allow-ms-bad-proposal.patch b/net-misc/openswan/files/openswan-2.6-allow-ms-bad-proposal.patch new file mode 100644 index 000000000000..1a1218985fcb --- /dev/null +++ b/net-misc/openswan/files/openswan-2.6-allow-ms-bad-proposal.patch @@ -0,0 +1,11 @@ +diff -Nru openswan-2.6.23.orig/programs/pluto/Makefile openswan-2.6.23/programs/pluto/Makefile +--- openswan-2.6.23.orig/programs/pluto/Makefile 2009-09-09 02:42:54.000000000 +0200 ++++ openswan-2.6.23/programs/pluto/Makefile 2009-09-11 19:27:47.000000000 +0200 +@@ -43,6 +43,7 @@ + # End of configuration coping options. + + CPPFLAGS = $(HDRDIRS) $(DEFINES) \ ++ -DALLOW_MICROSOFT_BAD_PROPOSAL \ + -DSHARED_SECRETS_FILE=\"${FINALCONFDIR}/ipsec.secrets\" \ + -DPOLICYGROUPSDIR=\"${FINALCONFDDIR}/policies\" \ + -DPERPEERLOGDIR=\"${FINALLOGDIR}/pluto/peer\" diff --git a/net-misc/openswan/files/openswan-2.6.23-gentoo.patch b/net-misc/openswan/files/openswan-2.6.23-gentoo.patch new file mode 100644 index 000000000000..51da8db7766a --- /dev/null +++ b/net-misc/openswan/files/openswan-2.6.23-gentoo.patch @@ -0,0 +1,130 @@ +diff -Nru openswan-2.6.23.orig/lib/libdns/Makefile openswan-2.6.23/lib/libdns/Makefile +--- openswan-2.6.23.orig/lib/libdns/Makefile 2009-09-09 02:42:54.000000000 +0200 ++++ openswan-2.6.23/lib/libdns/Makefile 2009-09-11 19:20:37.000000000 +0200 +@@ -30,8 +30,8 @@ + -I${srcdir}../libisc/nothreads/include \ + -I. -I./include -I${srcdir}include \ + -I${srcdir}../libisc/include +-CDEFINES = -g ${USERCOMPILE} ${PORTINCLUDE} +-CWARNINGS = -Werror ++CDEFINES = ${USERCOMPILE} ${PORTINCLUDE} ++CWARNINGS = + + CFLAGS+=${CINCLUDES} ${CDEFINES} ${CWARNINGS} + +diff -Nru openswan-2.6.23.orig/lib/libisc/Makefile openswan-2.6.23/lib/libisc/Makefile +--- openswan-2.6.23.orig/lib/libisc/Makefile 2009-09-09 02:42:54.000000000 +0200 ++++ openswan-2.6.23/lib/libisc/Makefile 2009-09-11 19:20:37.000000000 +0200 +@@ -22,8 +22,8 @@ + -I${srcdir}nothreads/include \ + -I. -I./include -I${srcdir}include \ + $(PORTINCLUDE) -I${OPENSWANSRCDIR}/include +-CDEFINES = -g -DHAVE_STRERROR ${USERCOMPILE} ${PORTINCLUDE} +-# CWARNINGS = -Werror ++CDEFINES = -DHAVE_STRERROR ${USERCOMPILE} ${PORTINCLUDE} ++# CWARNINGS = + + CFLAGS+=${CINCLUDES} ${CDEFINES} ${CWARNINGS} + +diff -Nru openswan-2.6.23.orig/lib/liblwres/Makefile openswan-2.6.23/lib/liblwres/Makefile +--- openswan-2.6.23.orig/lib/liblwres/Makefile 2009-09-09 02:42:54.000000000 +0200 ++++ openswan-2.6.23/lib/liblwres/Makefile 2009-09-11 19:20:37.000000000 +0200 +@@ -22,8 +22,8 @@ + -I${srcdir}../libisc/${ISCARCH}/include \ + -I${srcdir}../libisc/include \ + -I. -I./include -I${srcdir}include +-CDEFINES = -g +-CWARNINGS = -Werror ++CDEFINES = ++CWARNINGS = + + CFLAGS+=${USERCOMPILE} ${PORTINCLUDE} ${CINCLUDES} ${CDEFINES} ${CWARNINGS} + +diff -Nru openswan-2.6.23.orig/Makefile.inc openswan-2.6.23/Makefile.inc +--- openswan-2.6.23.orig/Makefile.inc 2009-09-09 02:42:54.000000000 +0200 ++++ openswan-2.6.23/Makefile.inc 2009-09-11 19:20:37.000000000 +0200 +@@ -49,7 +49,7 @@ + DESTDIR?= + + # "local" part of tree, used in building other pathnames +-INC_USRLOCAL=/usr/local ++INC_USRLOCAL?=/usr + + # PUBDIR is where the "ipsec" command goes; beware, many things define PATH + # settings which are assumed to include it (or at least, to include *some* +@@ -94,7 +94,7 @@ + + # sample configuration files go into + INC_DOCDIR?=share/doc +-FINALEXAMPLECONFDIR=${INC_USRLOCAL}/${INC_DOCDIR}/openswan ++FINALEXAMPLECONFDIR?=${INC_USRLOCAL}/${INC_DOCDIR}/openswan + EXAMPLECONFDIR=${DESTDIR}${FINALEXAMPLECONFDIR} + + FINALDOCDIR?=${INC_USRLOCAL}/${INC_DOCDIR}/openswan +diff -Nru openswan-2.6.23.orig/programs/Makefile.program openswan-2.6.23/programs/Makefile.program +--- openswan-2.6.23.orig/programs/Makefile.program 2009-09-09 02:42:54.000000000 +0200 ++++ openswan-2.6.23/programs/Makefile.program 2009-09-11 19:20:37.000000000 +0200 +@@ -53,7 +53,6 @@ + WERROR:= -Werror + endif + +-CFLAGS+= ${WERROR} + + ifneq ($(LD_LIBRARY_PATH),) + LDFLAGS=-L$(LD_LIBRARY_PATH) +diff -Nru openswan-2.6.23.orig/programs/setup/Makefile openswan-2.6.23/programs/setup/Makefile +--- openswan-2.6.23.orig/programs/setup/Makefile 2009-09-09 02:42:54.000000000 +0200 ++++ openswan-2.6.23/programs/setup/Makefile 2009-09-11 19:21:55.000000000 +0200 +@@ -18,7 +18,6 @@ + + # this dance is because setup has to get installed as /etc/rc.d/init.d/ipsec + # not as /etc/rc.d/init.d/setup. +-PROGRAMDIR=$(RCDIR) + PROGRAM= + EXTRA8MAN=setup.8 + +@@ -29,32 +28,6 @@ + # into the $BINDIR. + # + # the priorities match those in setup's chkconfig line +-doinstall:: setup +- @rm -f $(BINDIR)/setup +- @$(INSTALL) $(INSTBINFLAGS) setup $(RCDIR)/ipsec +- @ln -s $(FINALRCDIR)/ipsec $(BINDIR)/setup +- -@for i in 0 1 2 3 4 5 6; do mkdir -p $(RCDIR)/../rc$$i.d; done +- -@cd $(RCDIR)/../rc0.d && ln -f -s ../init.d/ipsec K76ipsec +- -@cd $(RCDIR)/../rc1.d && ln -f -s ../init.d/ipsec K76ipsec +- -@cd $(RCDIR)/../rc2.d && ln -f -s ../init.d/ipsec S47ipsec +- -@cd $(RCDIR)/../rc3.d && ln -f -s ../init.d/ipsec S47ipsec +- -@cd $(RCDIR)/../rc4.d && ln -f -s ../init.d/ipsec S47ipsec +- -@cd $(RCDIR)/../rc5.d && ln -f -s ../init.d/ipsec S47ipsec +- -@cd $(RCDIR)/../rc6.d && ln -f -s ../init.d/ipsec K76ipsec +- +-install_file_list:: +- @echo $(RCDIR)/ipsec +- @echo $(BINDIR)/setup +- @echo $(RCDIR)/../rc0.d/K76ipsec +- @echo $(RCDIR)/../rc1.d/K76ipsec +- @echo $(RCDIR)/../rc2.d/S47ipsec +- @echo $(RCDIR)/../rc3.d/S47ipsec +- @echo $(RCDIR)/../rc4.d/S47ipsec +- @echo $(RCDIR)/../rc5.d/S47ipsec +- @echo $(RCDIR)/../rc6.d/K76ipsec +- +-cleanall:: +- @rm -f setup + + # + # $Log: not supported by cvs2svn $ +diff -Nru openswan-2.6.23.orig/testing/utils/make-uml.sh openswan-2.6.23/testing/utils/make-uml.sh +--- openswan-2.6.23.orig/testing/utils/make-uml.sh 2009-09-09 02:42:54.000000000 +0200 ++++ openswan-2.6.23/testing/utils/make-uml.sh 2009-09-11 19:20:37.000000000 +0200 +@@ -262,7 +262,7 @@ + + cd $OPENSWANSRCDIR || exit 1 + +-make WERROR=-Werror USE_OBJDIR=true programs ++make USE_OBJDIR=true programs + + # now, execute the Makefile that we have created! + cd $POOLSPACE && make $OPENSWANHOSTS diff --git a/net-misc/openswan/metadata.xml b/net-misc/openswan/metadata.xml index 159b1bae02a0..02468d933d03 100644 --- a/net-misc/openswan/metadata.xml +++ b/net-misc/openswan/metadata.xml @@ -18,5 +18,7 @@ growing frustrated with the politics surrounding the FreeS/WAN project.</longdes <flag name="weak-algorithms">Include weak algorithms (DH1)</flag> <flag name="nocrypto-algorithms">Include algorithms that don't even encrypt (1DES)</flag> + <flag name="ms-bad-proposal">Allow bad IP address proposal offered by an + Microsoft L2TP/IPSec servers</flag> </use> </pkgmetadata> diff --git a/net-misc/openswan/openswan-2.4.15-r1.ebuild b/net-misc/openswan/openswan-2.4.15-r1.ebuild new file mode 100644 index 000000000000..aa5b0343dd0a --- /dev/null +++ b/net-misc/openswan/openswan-2.4.15-r1.ebuild @@ -0,0 +1,128 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/openswan-2.4.15-r1.ebuild,v 1.1 2009/09/11 18:46:36 mrness Exp $ + +EAPI="2" + +inherit eutils linux-info + +DESCRIPTION="Open Source implementation of IPsec for the Linux operating system (was SuperFreeS/WAN)." +HOMEPAGE="http://www.openswan.org/" +SRC_URI="http://www.openswan.org/download/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~sparc ~x86" +IUSE="curl ldap smartcard extra-algorithms weak-algorithms ms-bad-proposal" + +COMMON_DEPEND="!net-misc/strongswan + dev-libs/gmp + dev-lang/perl + smartcard? ( dev-libs/opensc ) + curl? ( net-misc/curl ) + ldap? ( net-nds/openldap )" +DEPEND="${COMMON_DEPEND} + virtual/linux-sources" +RDEPEND="${COMMON_DEPEND} + virtual/logger + sys-apps/iproute2" + +pkg_setup() { + linux-info_pkg_setup + + if kernel_is 2 6; then + einfo "This ebuild will set ${P} to use 2.6 native IPsec (KAME)." + einfo "KLIPS will not be compiled/installed." + MYMAKE="programs" + + elif kernel_is 2 4; then + if ! [[ -d "${KERNEL_DIR}/net/ipsec" ]]; then + eerror "You need to have an IPsec enabled 2.4.x kernel." + eerror "Ensure you have one running and make a symlink to it in /usr/src/linux" + die + fi + + einfo "Using patched-in IPsec code for kernel 2.4" + einfo "Your kernel only supports KLIPS for kernel level IPsec." + MYMAKE="confcheck programs" + + else + die "Unsupported kernel version" + fi +} + +src_prepare() { + epatch "${FILESDIR}"/${P}-gentoo.patch + epatch "${FILESDIR}"/${P}-deprecated-ldap.patch + use ms-bad-proposal && epatch "${FILESDIR}"/${PN}-${PV%.*}-allow-ms-bad-proposal.patch + + find . -type f -regex '.*[.]\([1-8]\|html\|xml\)' -exec sed -i \ + -e 's:/usr/local:/usr:g' \ + -e 's:/etc/ipsec[\][&][.]conf:/etc/ipsec/ipsec\\\&.conf:g' \ + -e 's:/etc/ipsec[.]conf:/etc/ipsec/ipsec.conf:g' \ + -e 's:/etc/ipsec[\][&][.]secrets:/etc/ipsec/ipsec\\\&.secrets:g' \ + -e 's:/etc/ipsec[.]secrets:/etc/ipsec/ipsec.secrets:g' '{}' \; || + die "failed to replace text in docs" +} + +get_make_options() { + echo KERNELSRC=\"${KERNEL_DIR}\" \ + FINALCONFDIR=/etc/ipsec \ + FINALCONFFILE=/etc/ipsec/ipsec.conf \ + FINALEXAMPLECONFDIR=/usr/share/doc/${PF} \ + INC_RCDEFAULT=/etc/init.d \ + INC_USRLOCAL=/usr \ + INC_MANDIR=share/man \ + FINALDOCDIR=/usr/share/doc/${PF} \ + DESTDIR=\"${D}\" \ + USERCOMPILE=\"${CFLAGS}\" + if use smartcard ; then + echo USE_SMARTCARD=true + fi + if use extra-algorithms ; then + echo USE_EXTRACRYPTO=true + fi + if use weak-algorithms ; then + echo USE_WEAKSTUFF=true + fi + echo USE_OE=false # by default, turn off Opportunistic Encryption + echo USE_LWRES=false # needs bind9 with lwres support + local USETHREADS=false + if use curl; then + echo USE_LIBCURL=true + USETHREADS=true + fi + if use ldap; then + echo USE_LDAP=true + USETHREADS=true + fi + echo HAVE_THREADS=${USETHREADS} +} + +src_compile() { + eval set -- $(get_make_options) + emake "$@" \ + ${MYMAKE} || die "emake failed" +} + +src_install() { + eval set -- $(get_make_options) + emake "$@" \ + install || die "emake install failed" + + dosym /etc/ipsec/ipsec.d /etc/ipsec.d + + doinitd "${FILESDIR}"/ipsec || die "failed to install init script" + + dodir /var/run/pluto || die "failed to create /var/run/pluto" +} + +pkg_postinst() { + if kernel_is 2 6; then + CONFIG_CHECK="~NET_KEY ~INET_XFRM_MODE_TRANSPORT ~INET_XFRM_MODE_TUNNEL ~INET_AH ~INET_ESP ~INET_IPCOMP" + WARNING_INET_AH="CONFIG_INET_AH:\tmissing IPsec AH support (needed if you want only authentication)" + WARNING_INET_ESP="CONFIG_INET_ESP:\tmissing IPsec ESP support (needed if you want authentication and encryption)" + WARNING_INET_IPCOMP="CONFIG_INET_IPCOMP:\tmissing IPsec Payload Compression (required for compress=yes)" + check_extra_config + fi +} diff --git a/net-misc/openswan/openswan-2.6.23.ebuild b/net-misc/openswan/openswan-2.6.23.ebuild new file mode 100644 index 000000000000..78dd752d856e --- /dev/null +++ b/net-misc/openswan/openswan-2.6.23.ebuild @@ -0,0 +1,162 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/openswan-2.6.23.ebuild,v 1.1 2009/09/11 18:46:36 mrness Exp $ + +EAPI="2" + +inherit eutils linux-info + +DESCRIPTION="Open Source implementation of IPsec for the Linux operating system (was SuperFreeS/WAN)." +HOMEPAGE="http://www.openswan.org/" +SRC_URI="http://www.openswan.org/download/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~sparc ~x86" +IUSE="curl ldap smartcard extra-algorithms weak-algorithms nocrypto-algorithms ms-bad-proposal" + +COMMON_DEPEND="!net-misc/strongswan + dev-libs/gmp + dev-lang/perl + smartcard? ( dev-libs/opensc ) + curl? ( net-misc/curl ) + ldap? ( net-nds/openldap )" +DEPEND="${COMMON_DEPEND} + virtual/linux-sources + app-text/xmlto + app-text/docbook-xml-dtd:4.1.2" # see bug 237132 +RDEPEND="${COMMON_DEPEND} + virtual/logger + sys-apps/iproute2" + +pkg_setup() { + if use nocrypto-algorithms && ! use weak-algorithms; then + ewarn "Enabling nocrypto-algorithms USE flag has no effect when" + ewarn "weak-algorithms USE flag is disabled" + fi + + linux-info_pkg_setup + + if kernel_is 2 6; then + einfo "This ebuild will set ${P} to use 2.6 native IPsec (KAME)." + einfo "KLIPS will not be compiled/installed." + MYMAKE="programs" + + elif kernel_is 2 4; then + if ! [[ -d "${KERNEL_DIR}/net/ipsec" ]]; then + eerror "You need to have an IPsec enabled 2.4.x kernel." + eerror "Ensure you have one running and make a symlink to it in /usr/src/linux" + die + fi + + einfo "Using patched-in IPsec code for kernel 2.4" + einfo "Your kernel only supports KLIPS for kernel level IPsec." + MYMAKE="confcheck programs" + + else + die "Unsupported kernel version" + fi +} + +src_prepare() { + epatch "${FILESDIR}"/${P}-gentoo.patch + use ms-bad-proposal && epatch "${FILESDIR}"/${PN}-${PV%.*}-allow-ms-bad-proposal.patch + + find . -type f -regex '.*[.]\([1-8]\|html\|xml\)' -exec sed -i \ + -e s:/usr/local:/usr:g '{}' \; || + die "failed to replace text in docs" +} + +get_make_options() { + echo KERNELSRC=\"${KERNEL_DIR}\" \ + FINALEXAMPLECONFDIR=/usr/share/doc/${PF} \ + INC_RCDEFAULT=/etc/init.d \ + INC_USRLOCAL=/usr \ + INC_MANDIR=share/man \ + FINALDOCDIR=/usr/share/doc/${PF}/html \ + DESTDIR=\"${D}\" \ + USERCOMPILE=\"${CFLAGS}\" + if use smartcard ; then + echo USE_SMARTCARD=true + fi + if use extra-algorithms ; then + echo USE_EXTRACRYPTO=true + else + echo USE_EXTRACRYPTO=false + fi + if use weak-algorithms ; then + echo USE_WEAKSTUFF=true + if use nocrypto-algorithms; then + echo USE_NOCRYPTO=true + fi + fi + echo USE_LWRES=false # needs bind9 with lwres support + local USETHREADS=false + if use curl; then + echo USE_LIBCURL=true + USETHREADS=true + fi + if use ldap; then + echo USE_LDAP=true + USETHREADS=true + fi + echo HAVE_THREADS=${USETHREADS} +} + +src_compile() { + eval set -- $(get_make_options) + emake "$@" \ + ${MYMAKE} || die "emake failed" +} + +src_install() { + eval set -- $(get_make_options) + emake "$@" \ + install || die "emake install failed" + + newinitd "${FILESDIR}"/ipsec-initd ipsec || die "failed to install init script" + + dodir /var/run/pluto || die "failed to create /var/run/pluto" +} + +pkg_preinst() { + if has_version "<net-misc/openswan-2.6.14" && pushd "${ROOT}etc/ipsec"; then + ewarn "Following files and directories were moved from '${ROOT}etc/ipsec' to '${ROOT}etc':" + local i err=0 + if [ -h "../ipsec.d" ]; then + rm "../ipsec.d" || die "failed to remove ../ipsec.d symlink" + fi + for i in *; do + if [ -e "../$i" ]; then + eerror " $i NOT MOVED, ../$i already exists!" + err=1 + elif [ -d "$i" ]; then + mv "$i" .. || die "failed to move $i directory" + ewarn " directory $i" + elif [ -f "$i" ]; then + sed -i -e 's:/etc/ipsec/:/etc/:g' "$i" && \ + mv "$i" .. && ewarn " file $i" || \ + die "failed to move $i file" + else + eerror " $i NOT MOVED, it is not a file nor a directory!" + err=1 + fi + done + popd + if [ $err -eq 0 ]; then + rmdir "${ROOT}etc/ipsec" || eerror "Failed to remove ${ROOT}etc/ipsec" + else + ewarn "${ROOT}etc/ipsec is not empty, you will have to remove it yourself" + fi + fi +} + +pkg_postinst() { + if kernel_is 2 6; then + CONFIG_CHECK="~NET_KEY ~INET_XFRM_MODE_TRANSPORT ~INET_XFRM_MODE_TUNNEL ~INET_AH ~INET_ESP ~INET_IPCOMP" + WARNING_INET_AH="CONFIG_INET_AH:\tmissing IPsec AH support (needed if you want only authentication)" + WARNING_INET_ESP="CONFIG_INET_ESP:\tmissing IPsec ESP support (needed if you want authentication and encryption)" + WARNING_INET_IPCOMP="CONFIG_INET_IPCOMP:\tmissing IPsec Payload Compression (required for compress=yes)" + check_extra_config + fi +} |