summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-misc')
-rw-r--r--net-misc/openswan/ChangeLog8
-rw-r--r--net-misc/openswan/Manifest13
-rw-r--r--net-misc/openswan/files/openswan-2.6.22-gentoo.patch130
-rw-r--r--net-misc/openswan/openswan-2.6.22.ebuild161
4 files changed, 306 insertions, 6 deletions
diff --git a/net-misc/openswan/ChangeLog b/net-misc/openswan/ChangeLog
index f1a8c3cb3b20..cde3c7b734d4 100644
--- a/net-misc/openswan/ChangeLog
+++ b/net-misc/openswan/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for net-misc/openswan
# Copyright 2002-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/ChangeLog,v 1.63 2009/06/14 10:25:30 mrness Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/ChangeLog,v 1.64 2009/06/24 17:18:36 mrness Exp $
+
+*openswan-2.6.22 (24 Jun 2009)
+
+ 24 Jun 2009; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.6.22-gentoo.patch, +openswan-2.6.22.ebuild:
+ Version bump wrt security bug #275233.
14 Jun 2009; Alin Năstac <mrness@gentoo.org>
-files/openswan-2.4.13-deprecated-ldap.patch,
diff --git a/net-misc/openswan/Manifest b/net-misc/openswan/Manifest
index 3ff5681fec71..995563d36d50 100644
--- a/net-misc/openswan/Manifest
+++ b/net-misc/openswan/Manifest
@@ -7,16 +7,19 @@ AUX openswan-2.4.14-deprecated-ldap.patch 372 RMD160 7ec7ef91ad9712026be01e5f896
AUX openswan-2.4.14-gentoo-fixed.patch 7744 RMD160 23cd42532116253854ed1526f464d411c710d3ba SHA1 425c282ce312518828936d764b7a707148ff0557 SHA256 849193e8b2107a8f4f6a7d91b447ab4f628760b4117f0b1cdc3ded8b2f4d98c5
AUX openswan-2.4.14-getline.patch 1559 RMD160 56da53a0ec2685ad60c5e4109867e7e2398c75f2 SHA1 bbdcda81dfa52581c8efc15d9fc88249a45113bd SHA256 c8c8fcaffcdc694df3152f5b581b31ff3dc3ae7ad3a131392e5ee082756e33d2
AUX openswan-2.6.21-gentoo-fixed.patch 4930 RMD160 ee9dbfed38c81da04254ecd4695193f8f2660459 SHA1 9591a633b545db49560953dd11b9ee55c99ba167 SHA256 943a3eb1a3c42ab3024e3015a8e4b5586aa65e348fac01f2d2600d7fca59fe5b
+AUX openswan-2.6.22-gentoo.patch 5088 RMD160 e61921ae0c795e38c44e38f5a22f0881aaf4d893 SHA1 783cee333a0fa0f820c76d7bda808404c650aa39 SHA256 e95a2cd4fa2aff4c1d75951c27595045602180a6865920594b318ec6cd576db8
DIST openswan-2.4.14.tar.gz 3762031 RMD160 c3165fa58d540d30a5adfbc1070a21ca6762c17b SHA1 6f79c969164f80ae7d2b5a436bd798c428615687 SHA256 5c5886c026f79a85bee0ac2888fc3c7da87b8f8c493f02a51a5ce6b8675a4ddf
DIST openswan-2.6.21.tar.gz 6201306 RMD160 d94fcd50a55ae6bb28787b2fc1966c9c43927fbe SHA1 b43fd73e8a10b00b08a4b1784730f2656430f977 SHA256 e773aa22f86ef12999f9a78c98ad5ba09980ccd1d14ab16361e9f21e40742fe7
+DIST openswan-2.6.22.tar.gz 8152865 RMD160 dd06dbf7147407c9dc31efa29253d4c06ef5f0b1 SHA1 44cc5d6dd850b926f9addfd88ec2540984b08563 SHA256 05f4db569206b2bb31d99a322eb75a4830567e2859f485a12fdbaee37d91704b
EBUILD openswan-2.4.14.ebuild 3563 RMD160 0ac58588efb85c67fd861a1be1bb5d1990e51fdf SHA1 ed96d4397f72e2f1495cf182e8b36b97bcf59088 SHA256 734e7605f5d6caa4063e4d30a83be1d87975a1f02a4f31d702496d965c473a2c
EBUILD openswan-2.6.21.ebuild 4530 RMD160 73110832a157567fa866d9bdbc387d79eacded1c SHA1 83e83bbd4ce899e307c33292bc6a1a43bb341215 SHA256 133787849bfb63f7899a09e38070ecea9b8c67cae6f255f4f9d7982106297d61
-MISC ChangeLog 12339 RMD160 d71ce2c94b7e925da624f92575fa05006d1ede93 SHA1 bd74f77fdf6c0f3306a385651e3d86df66956777 SHA256 d6e33a2efa1dbcc5b65f453415eb2d7f61437a68c98d756ec1c960455303b584
+EBUILD openswan-2.6.22.ebuild 4524 RMD160 4675374fe68da207e66d89252f2b54ffb661d7d8 SHA1 a841e07e42fdd6caad7a3a2a9c25e937188995b8 SHA256 048a513d1b5d38a5465228cc28573983cfef4814f71391d1834b236dd2d1de39
+MISC ChangeLog 12525 RMD160 0e2526b2d066d99f5e17040eaa75f76163246a02 SHA1 a7f184ac1f0a1a21ad111d7fd2f3b563289b189c SHA256 2aa0c9d4b2380e98aa659b995323c7b3e9a9d98a013c59755709fb85f7d714aa
MISC metadata.xml 1052 RMD160 714461d3b0b057e2859462b89308234ff326aa35 SHA1 fe024e83c6632467d13b7d80c57ec94fda1137de SHA256 2fc6636bb523697c3e909cd6e4106402978f9a51435ae4c0ec9e27767b41ad16
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.10 (GNU/Linux)
+Version: GnuPG v2.0.11 (GNU/Linux)
-iEYEARECAAYFAko07FEACgkQts85UDFmaOWB+ACbBxuJA60T60tWt5yWdl8PaEK8
-DkUAn2n+yZ7vvFXAhYjZ6mVTCji83g0a
-=Tx93
+iEYEARECAAYFAkpCX/cACgkQts85UDFmaOV3PACfb6b7G/vQJYs7FWn9MNBEIGlN
+xawAn3Qyp+FhEJQwH/LIZ8YDUKpV4GcN
+=6mhu
-----END PGP SIGNATURE-----
diff --git a/net-misc/openswan/files/openswan-2.6.22-gentoo.patch b/net-misc/openswan/files/openswan-2.6.22-gentoo.patch
new file mode 100644
index 000000000000..cf163b5ad351
--- /dev/null
+++ b/net-misc/openswan/files/openswan-2.6.22-gentoo.patch
@@ -0,0 +1,130 @@
+diff -Nru openswan-2.6.22.orig/lib/libdns/Makefile openswan-2.6.22/lib/libdns/Makefile
+--- openswan-2.6.22.orig/lib/libdns/Makefile 2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/lib/libdns/Makefile 2009-06-24 18:54:55.000000000 +0200
+@@ -30,8 +30,8 @@
+ -I${srcdir}../libisc/nothreads/include \
+ -I. -I./include -I${srcdir}include \
+ -I${srcdir}../libisc/include
+-CDEFINES = -g ${USERCOMPILE} ${PORTINCLUDE}
+-CWARNINGS = -Werror
++CDEFINES = ${USERCOMPILE} ${PORTINCLUDE}
++CWARNINGS =
+
+ CFLAGS+=${CINCLUDES} ${CDEFINES} ${CWARNINGS}
+
+diff -Nru openswan-2.6.22.orig/lib/libisc/Makefile openswan-2.6.22/lib/libisc/Makefile
+--- openswan-2.6.22.orig/lib/libisc/Makefile 2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/lib/libisc/Makefile 2009-06-24 18:54:55.000000000 +0200
+@@ -22,8 +22,8 @@
+ -I${srcdir}nothreads/include \
+ -I. -I./include -I${srcdir}include \
+ $(PORTINCLUDE) -I${OPENSWANSRCDIR}/include
+-CDEFINES = -g -DHAVE_STRERROR ${USERCOMPILE} ${PORTINCLUDE}
+-# CWARNINGS = -Werror
++CDEFINES = -DHAVE_STRERROR ${USERCOMPILE} ${PORTINCLUDE}
++# CWARNINGS =
+
+ CFLAGS+=${CINCLUDES} ${CDEFINES} ${CWARNINGS}
+
+diff -Nru openswan-2.6.22.orig/lib/liblwres/Makefile openswan-2.6.22/lib/liblwres/Makefile
+--- openswan-2.6.22.orig/lib/liblwres/Makefile 2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/lib/liblwres/Makefile 2009-06-24 18:54:55.000000000 +0200
+@@ -22,8 +22,8 @@
+ -I${srcdir}../libisc/${ISCARCH}/include \
+ -I${srcdir}../libisc/include \
+ -I. -I./include -I${srcdir}include
+-CDEFINES = -g
+-CWARNINGS = -Werror
++CDEFINES =
++CWARNINGS =
+
+ CFLAGS+=${USERCOMPILE} ${PORTINCLUDE} ${CINCLUDES} ${CDEFINES} ${CWARNINGS}
+
+diff -Nru openswan-2.6.22.orig/Makefile.inc openswan-2.6.22/Makefile.inc
+--- openswan-2.6.22.orig/Makefile.inc 2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/Makefile.inc 2009-06-24 18:54:55.000000000 +0200
+@@ -49,7 +49,7 @@
+ DESTDIR?=
+
+ # "local" part of tree, used in building other pathnames
+-INC_USRLOCAL=/usr/local
++INC_USRLOCAL?=/usr
+
+ # PUBDIR is where the "ipsec" command goes; beware, many things define PATH
+ # settings which are assumed to include it (or at least, to include *some*
+@@ -94,7 +94,7 @@
+
+ # sample configuration files go into
+ INC_DOCDIR?=share/doc
+-FINALEXAMPLECONFDIR=${INC_USRLOCAL}/${INC_DOCDIR}/openswan
++FINALEXAMPLECONFDIR?=${INC_USRLOCAL}/${INC_DOCDIR}/openswan
+ EXAMPLECONFDIR=${DESTDIR}${FINALEXAMPLECONFDIR}
+
+ FINALDOCDIR?=${INC_USRLOCAL}/${INC_DOCDIR}/openswan
+diff -Nru openswan-2.6.22.orig/programs/Makefile.program openswan-2.6.22/programs/Makefile.program
+--- openswan-2.6.22.orig/programs/Makefile.program 2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/programs/Makefile.program 2009-06-24 18:54:55.000000000 +0200
+@@ -53,7 +53,6 @@
+ WERROR:= -Werror
+ endif
+
+-CFLAGS+= ${WERROR}
+
+ ifneq ($(LD_LIBRARY_PATH),)
+ LDFLAGS=-L$(LD_LIBRARY_PATH)
+diff -Nru openswan-2.6.22.orig/programs/setup/Makefile openswan-2.6.22/programs/setup/Makefile
+--- openswan-2.6.22.orig/programs/setup/Makefile 2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/programs/setup/Makefile 2009-06-24 18:54:55.000000000 +0200
+@@ -18,7 +18,6 @@
+
+ # this dance is because setup has to get installed as /etc/rc.d/init.d/ipsec
+ # not as /etc/rc.d/init.d/setup.
+-PROGRAMDIR=$(RCDIR)
+ PROGRAM=setup
+ EXTRA8MAN=setup.8
+
+@@ -29,32 +28,6 @@
+ # into the $BINDIR.
+ #
+ # the priorities match those in setup's chkconfig line
+-doinstall:: setup
+- @rm -f $(BINDIR)/setup
+- @$(INSTALL) $(INSTBINFLAGS) setup $(RCDIR)/ipsec
+- @ln -s $(FINALRCDIR)/ipsec $(BINDIR)/setup
+- -@for i in 0 1 2 3 4 5 6; do mkdir -p $(RCDIR)/../rc$$i.d; done
+- -@cd $(RCDIR)/../rc0.d && ln -f -s ../init.d/ipsec K76ipsec
+- -@cd $(RCDIR)/../rc1.d && ln -f -s ../init.d/ipsec K76ipsec
+- -@cd $(RCDIR)/../rc2.d && ln -f -s ../init.d/ipsec S47ipsec
+- -@cd $(RCDIR)/../rc3.d && ln -f -s ../init.d/ipsec S47ipsec
+- -@cd $(RCDIR)/../rc4.d && ln -f -s ../init.d/ipsec S47ipsec
+- -@cd $(RCDIR)/../rc5.d && ln -f -s ../init.d/ipsec S47ipsec
+- -@cd $(RCDIR)/../rc6.d && ln -f -s ../init.d/ipsec K76ipsec
+-
+-install_file_list::
+- @echo $(RCDIR)/ipsec
+- @echo $(BINDIR)/setup
+- @echo $(RCDIR)/../rc0.d/K76ipsec
+- @echo $(RCDIR)/../rc1.d/K76ipsec
+- @echo $(RCDIR)/../rc2.d/S47ipsec
+- @echo $(RCDIR)/../rc3.d/S47ipsec
+- @echo $(RCDIR)/../rc4.d/S47ipsec
+- @echo $(RCDIR)/../rc5.d/S47ipsec
+- @echo $(RCDIR)/../rc6.d/K76ipsec
+-
+-cleanall::
+- @rm -f setup
+
+ #
+ # $Log: not supported by cvs2svn $
+diff -Nru openswan-2.6.22.orig/testing/utils/make-uml.sh openswan-2.6.22/testing/utils/make-uml.sh
+--- openswan-2.6.22.orig/testing/utils/make-uml.sh 2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/testing/utils/make-uml.sh 2009-06-24 18:54:55.000000000 +0200
+@@ -262,7 +262,7 @@
+
+ cd $OPENSWANSRCDIR || exit 1
+
+-make WERROR=-Werror USE_OBJDIR=true programs
++make USE_OBJDIR=true programs
+
+ # now, execute the Makefile that we have created!
+ cd $POOLSPACE && make $OPENSWANHOSTS
diff --git a/net-misc/openswan/openswan-2.6.22.ebuild b/net-misc/openswan/openswan-2.6.22.ebuild
new file mode 100644
index 000000000000..09ddbdc646a0
--- /dev/null
+++ b/net-misc/openswan/openswan-2.6.22.ebuild
@@ -0,0 +1,161 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/openswan-2.6.22.ebuild,v 1.1 2009/06/24 17:18:36 mrness Exp $
+
+EAPI="2"
+
+inherit eutils linux-info
+
+DESCRIPTION="Open Source implementation of IPsec for the Linux operating system (was SuperFreeS/WAN)."
+HOMEPAGE="http://www.openswan.org/"
+SRC_URI="http://www.openswan.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~sparc ~x86"
+IUSE="curl ldap smartcard extra-algorithms weak-algorithms nocrypto-algorithms"
+
+COMMON_DEPEND="!net-misc/strongswan
+ dev-libs/gmp
+ dev-lang/perl
+ smartcard? ( dev-libs/opensc )
+ curl? ( net-misc/curl )
+ ldap? ( net-nds/openldap )"
+DEPEND="${COMMON_DEPEND}
+ virtual/linux-sources
+ app-text/xmlto
+ app-text/docbook-xml-dtd:4.1.2" # see bug 237132
+RDEPEND="${COMMON_DEPEND}
+ virtual/logger
+ sys-apps/iproute2"
+
+pkg_setup() {
+ if use nocrypto-algorithms && ! use weak-algorithms; then
+ ewarn "Enabling nocrypto-algorithms USE flag has no effect when"
+ ewarn "weak-algorithms USE flag is disabled"
+ fi
+
+ linux-info_pkg_setup
+
+ if kernel_is 2 6; then
+ einfo "This ebuild will set ${P} to use 2.6 native IPsec (KAME)."
+ einfo "KLIPS will not be compiled/installed."
+ MYMAKE="programs"
+
+ elif kernel_is 2 4; then
+ if ! [[ -d "${KERNEL_DIR}/net/ipsec" ]]; then
+ eerror "You need to have an IPsec enabled 2.4.x kernel."
+ eerror "Ensure you have one running and make a symlink to it in /usr/src/linux"
+ die
+ fi
+
+ einfo "Using patched-in IPsec code for kernel 2.4"
+ einfo "Your kernel only supports KLIPS for kernel level IPsec."
+ MYMAKE="confcheck programs"
+
+ else
+ die "Unsupported kernel version"
+ fi
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${P}-gentoo.patch
+
+ find . -regex '.*[.][1-8]' -exec sed -i \
+ -e s:/usr/local:/usr:g '{}' \; ||
+ die "failed to replace text in xml docs"
+}
+
+get_make_options() {
+ echo KERNELSRC=\"${KERNEL_DIR}\" \
+ FINALEXAMPLECONFDIR=/usr/share/doc/${PF} \
+ INC_RCDEFAULT=/etc/init.d \
+ INC_USRLOCAL=/usr \
+ INC_MANDIR=share/man \
+ FINALDOCDIR=/usr/share/doc/${PF}/html \
+ DESTDIR=\"${D}\" \
+ USERCOMPILE=\"${CFLAGS}\"
+ if use smartcard ; then
+ echo USE_SMARTCARD=true
+ fi
+ if use extra-algorithms ; then
+ echo USE_EXTRACRYPTO=true
+ else
+ echo USE_EXTRACRYPTO=false
+ fi
+ if use weak-algorithms ; then
+ echo USE_WEAKSTUFF=true
+ if use nocrypto-algorithms; then
+ echo USE_NOCRYPTO=true
+ fi
+ fi
+ echo USE_LWRES=false # needs bind9 with lwres support
+ local USETHREADS=false
+ if use curl; then
+ echo USE_LIBCURL=true
+ USETHREADS=true
+ fi
+ if use ldap; then
+ echo USE_LDAP=true
+ USETHREADS=true
+ fi
+ echo HAVE_THREADS=${USETHREADS}
+}
+
+src_compile() {
+ eval set -- $(get_make_options)
+ emake "$@" \
+ ${MYMAKE} || die "emake failed"
+}
+
+src_install() {
+ eval set -- $(get_make_options)
+ emake "$@" \
+ install || die "emake install failed"
+
+ newinitd "${FILESDIR}"/ipsec-initd ipsec || die "failed to install init script"
+
+ dodir /var/run/pluto || die "failed to create /var/run/pluto"
+}
+
+pkg_preinst() {
+ if has_version "<net-misc/openswan-2.6.14" && pushd "${ROOT}etc/ipsec"; then
+ ewarn "Following files and directories were moved from '${ROOT}etc/ipsec' to '${ROOT}etc':"
+ local i err=0
+ if [ -h "../ipsec.d" ]; then
+ rm "../ipsec.d" || die "failed to remove ../ipsec.d symlink"
+ fi
+ for i in *; do
+ if [ -e "../$i" ]; then
+ eerror " $i NOT MOVED, ../$i already exists!"
+ err=1
+ elif [ -d "$i" ]; then
+ mv "$i" .. || die "failed to move $i directory"
+ ewarn " directory $i"
+ elif [ -f "$i" ]; then
+ sed -i -e 's:/etc/ipsec/:/etc/:g' "$i" && \
+ mv "$i" .. && ewarn " file $i" || \
+ die "failed to move $i file"
+ else
+ eerror " $i NOT MOVED, it is not a file nor a directory!"
+ err=1
+ fi
+ done
+ popd
+ if [ $err -eq 0 ]; then
+ rmdir "${ROOT}etc/ipsec" || eerror "Failed to remove ${ROOT}etc/ipsec"
+ else
+ ewarn "${ROOT}etc/ipsec is not empty, you will have to remove it yourself"
+ fi
+ fi
+}
+
+pkg_postinst() {
+ if kernel_is 2 6; then
+ CONFIG_CHECK="~NET_KEY ~INET_XFRM_MODE_TRANSPORT ~INET_XFRM_MODE_TUNNEL ~INET_AH ~INET_ESP ~INET_IPCOMP"
+ WARNING_INET_AH="CONFIG_INET_AH:\tmissing IPsec AH support (needed if you want only authentication)"
+ WARNING_INET_ESP="CONFIG_INET_ESP:\tmissing IPsec ESP support (needed if you want authentication and encryption)"
+ WARNING_INET_IPCOMP="CONFIG_INET_IPCOMP:\tmissing IPsec Payload Compression (required for compress=yes)"
+ check_extra_config
+ fi
+}