diff options
author | Jason A. Donenfeld <zx2c4@gentoo.org> | 2017-03-17 15:37:57 +0100 |
---|---|---|
committer | Jason A. Donenfeld <zx2c4@gentoo.org> | 2017-03-17 15:38:28 +0100 |
commit | 9754f457cc6d0aeb90a1535a5228ef909e9584c9 (patch) | |
tree | ffbd77f41fb100837cc8f992f8dc863cd01c270d /net-vpn | |
parent | app-forensics/openscap: remove old (diff) | |
download | gentoo-9754f457cc6d0aeb90a1535a5228ef909e9584c9.tar.gz gentoo-9754f457cc6d0aeb90a1535a5228ef909e9584c9.tar.bz2 gentoo-9754f457cc6d0aeb90a1535a5228ef909e9584c9.zip |
Second half of net-vpn/ move
Diffstat (limited to 'net-vpn')
106 files changed, 3870 insertions, 0 deletions
diff --git a/net-vpn/6tunnel/6tunnel-0.10.ebuild b/net-vpn/6tunnel/6tunnel-0.10.ebuild new file mode 100644 index 000000000000..0b4cadb97a0e --- /dev/null +++ b/net-vpn/6tunnel/6tunnel-0.10.ebuild @@ -0,0 +1,18 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +DESCRIPTION="TCP proxy for applications that don't speak IPv6" +HOMEPAGE="http://toxygen.net/6tunnel" +SRC_URI="http://toxygen.net/6tunnel/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="s390 x86" +IUSE="" + +DEPEND="" + +src_install() { + dobin 6tunnel || die + doman 6tunnel.1 +} diff --git a/net-vpn/6tunnel/6tunnel-0.11_rc1.ebuild b/net-vpn/6tunnel/6tunnel-0.11_rc1.ebuild new file mode 100644 index 000000000000..c650cdba07b4 --- /dev/null +++ b/net-vpn/6tunnel/6tunnel-0.11_rc1.ebuild @@ -0,0 +1,20 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +DESCRIPTION="TCP proxy for applications that don't speak IPv6" +HOMEPAGE="http://toxygen.net/6tunnel" +SRC_URI="http://toxygen.net/6tunnel/${P/_/}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~s390" +IUSE="" + +DEPEND="" + +S=${WORKDIR}/6tunnel-0.11 + +src_install() { + dobin 6tunnel || die + doman 6tunnel.1 +} diff --git a/net-vpn/6tunnel/6tunnel-0.12.ebuild b/net-vpn/6tunnel/6tunnel-0.12.ebuild new file mode 100644 index 000000000000..1fedcca11208 --- /dev/null +++ b/net-vpn/6tunnel/6tunnel-0.12.ebuild @@ -0,0 +1,13 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +DESCRIPTION="TCP proxy for applications that don't speak IPv6" +HOMEPAGE="http://toxygen.net/6tunnel" +SRC_URI="http://toxygen.net/6tunnel/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~s390 ~x86" +IUSE="" diff --git a/net-vpn/6tunnel/Manifest b/net-vpn/6tunnel/Manifest new file mode 100644 index 000000000000..c989f86e246f --- /dev/null +++ b/net-vpn/6tunnel/Manifest @@ -0,0 +1,3 @@ +DIST 6tunnel-0.10.tar.gz 37882 SHA256 3cd467038bc8185baee10bc0f627a25897cd4bc9c83b8273d20b84a640c7636b SHA512 f8d328eb1ab6fedae8a641bdf5326eb919d53a3dea2a2268afec9d7b04f37feba3ec4362864cee011f13e68d69751b4c3b22d17f8f1119e1ea8b600fb73fd6ee WHIRLPOOL 339a316066222627855edfdae4edfd334ddcc4b50159a1d5bf1672095ac64a8386b1530078b1c54669ba7b48e9d70098dc7a0b77c890de37e6881ab475001352 +DIST 6tunnel-0.11rc1.tar.gz 38126 SHA256 29f3b148d3569ce6ef4f34d37c8158acadb27964a54554e8d6746612fe46ba66 SHA512 7651ccdb8d98885ad4afd50421efd21d4c92fcc2e7f0374ed456b193481972965b94db4061b0ab055309e09836a10cd0ecfa09591bae2c8bb74cf639be52c7e8 WHIRLPOOL f1e7a9aef4d7128f690155464c0b69b80ee8da833092e511df79b306986ec8e55657bcf8796ba7631d2cbb531b225e4171794ca6989ba24fcc4e9df17c0cf119 +DIST 6tunnel-0.12.tar.gz 96364 SHA256 80dbe91bb92282c3c5e98dec871dcd1738ae824e532f9fd6db0d6ebd469d79bf SHA512 56c5b8b285c730e25a1bd57a37fc6d169c4c54a842e7763a1580231158858a098b8eb5549dd8adf0c5ae4516cce9c70b00ae82f27b6e152ca10eba7681b8808b WHIRLPOOL 86b4da2155fff16e6f5dc45a239165e6e300ebda57bc2aab389fed5c7780db52d1f22b74486047d820d5108e05a060ab071be0aa7650a206324a181c43e1bc7c diff --git a/net-vpn/6tunnel/metadata.xml b/net-vpn/6tunnel/metadata.xml new file mode 100644 index 000000000000..6f49eba8f496 --- /dev/null +++ b/net-vpn/6tunnel/metadata.xml @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<!-- maintainer-needed --> +</pkgmetadata> diff --git a/net-vpn/aiccu/Manifest b/net-vpn/aiccu/Manifest new file mode 100644 index 000000000000..d3919d5dc977 --- /dev/null +++ b/net-vpn/aiccu/Manifest @@ -0,0 +1 @@ +DIST aiccu_20070115.tar.gz 70056 SHA256 2260f426c13471169ccff8cb4a3908dc5f79fda18ddb6a55363e7824e6c4c760 SHA512 15b2f0dab51843e58abbd8a0cc13139e492057ee348e368e1b65476bb2760119e88982cd03ffc6ec2cb563a1b7a061e1f66a98861eaad15972d486ac17b7bc78 WHIRLPOOL a5743e9c28ec3b9f6bc43f1b715553842a13872f18281239ed76d3b322e3a4c3c3e0f0c5d80b47694bbedaf831d1b3feed285af9f37174cac323b2c1814813d7 diff --git a/net-vpn/aiccu/aiccu-2007.01.15-r5.ebuild b/net-vpn/aiccu/aiccu-2007.01.15-r5.ebuild new file mode 100644 index 000000000000..4c92c3258bda --- /dev/null +++ b/net-vpn/aiccu/aiccu-2007.01.15-r5.ebuild @@ -0,0 +1,58 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit eutils linux-info systemd toolchain-funcs + +DESCRIPTION="AICCU Client to configure an IPv6 tunnel to SixXS" +HOMEPAGE="http://www.sixxs.net/tools/aiccu" +SRC_URI="http://www.sixxs.net/archive/sixxs/aiccu/unix/${PN}_${PV//\./}.tar.gz" + +LICENSE="SixXS" +SLOT="0" +KEYWORDS="amd64 arm hppa ppc sparc x86" +IUSE="systemd" + +RDEPEND=" + net-libs/gnutls + sys-apps/iproute2 + systemd? ( sys-apps/systemd ) +" +DEPEND="${RDEPEND} + virtual/pkgconfig +" + +S=${WORKDIR}/${PN} + +CONFIG_CHECK="~TUN" + +src_prepare() { + epatch \ + "${FILESDIR}"/${P}-r2-init.gentoo.patch \ + "${FILESDIR}"/${P}-Makefile.patch \ + "${FILESDIR}"/${P}-setupscript.patch \ + "${FILESDIR}"/${P}-uclibc.patch \ + "${FILESDIR}"/${P}-systemd.patch \ + "${FILESDIR}"/${P}-gnutls-3.4.patch +} + +src_compile() { + # Don't use main Makefile since it requires additional + # dependencies which are useless for us. + emake CC=$(tc-getCC) STRIP= -C unix-console \ + HAVE_SYSTEMD=$(usex systemd 1 0) +} + +src_install() { + dosbin unix-console/${PN} + + insopts -m 600 + insinto /etc + doins doc/${PN}.conf + newinitd doc/${PN}.init.gentoo ${PN} + + use systemd && systemd_dounit doc/${PN}.service + + dodoc doc/{HOWTO,README,changelog} +} diff --git a/net-vpn/aiccu/files/aiccu-2007.01.15-Makefile.patch b/net-vpn/aiccu/files/aiccu-2007.01.15-Makefile.patch new file mode 100644 index 000000000000..c0eabbefd906 --- /dev/null +++ b/net-vpn/aiccu/files/aiccu-2007.01.15-Makefile.patch @@ -0,0 +1,79 @@ +--- unix-console/Makefile.old 2010-06-28 21:56:32.287782600 +0200 ++++ unix-console/Makefile 2010-06-28 22:15:56.232637681 +0200 +@@ -25,14 +25,11 @@ CWARNS += -W -Wall -Wshadow -Wpointer-ar + # CWARNS += -Wpacked + + #CFLAGS += $(CWARNS) -D_GNU_SOURCE -D_DEBUG -g3 -O0 +-CFLAGS += $(CWARNS) -D_GNU_SOURCE ++CFLAGS ?= $(CWARNS) -O3 ++CFLAGS += -D_GNU_SOURCE + CC = @gcc + RM = rm +- +-# Add -O3 when nothing is specified yet +-ifeq ($(shell echo $(CFLAGS) | grep -c "\-O"),0) +-CFLAGS += -O3 +-endif ++STRIP = strip + + # This is a console client + CFLAGS += -D AICCU_CONSOLE +@@ -42,7 +39,7 @@ CFLAGS += -D AICCU_CONSOLE + # Currently defaultly builds only on Linux, but other platforms might easily also support it + ifeq ($(shell uname | grep -c "Linux"),1) + CFLAGS += -D AICCU_GNUTLS +-LDFLAGS += -lgnutls ++LIBS += -lgnutls + endif + + # Linux +@@ -50,7 +47,7 @@ ifeq ($(shell uname | grep -c "Linux"),1 + CFLAGS += -D_LINUX -D HAS_IFHEAD -D AICCU_TYPE="\"linux\"" + SRCS += ../common/aiccu_linux.c + OBJS += ../common/aiccu_linux.o +-LDFLAGS += -lpthread -lresolv ++LIBS += -lpthread -lresolv + endif + + # FreeBSD +@@ -118,7 +115,7 @@ ifeq ($(shell uname | grep -c "Darwin"), + CFLAGS += -D_DARWIN -D NEED_IFHEAD -D AICCU_TYPE="\"darwin\"" + SRCS += ../common/aiccu_darwin.c + OBJS += ../common/aiccu_darwin.o +-LDFLAGS += -lresolv ++LIBS += -lresolv + endif + + # SunOS / Solaris +@@ -126,7 +123,7 @@ ifeq ($(shell uname | grep -c "SunOS"),1 + CFLAGS += -D_SUNOS -D AICCU_TYPE="\"sunos\"" + SRCS += ../common/aiccu_sunos.c + OBJS += ../common/aiccu_sunos.o +-LDFLAGS += -lsocket -lnsl -lresolv ++LIBS += -lsocket -lnsl -lresolv + endif + + # AIX +@@ -137,17 +134,19 @@ CFLAGS += -D AICCU_CONSOLE + CFLAGS += -D_AIX -D AICCU_TYPE="\"aix\"" + SRCS += ../common/aiccu_aix.c + OBJS += ../common/aiccu_aix.o +-LDFLAGS += -lpthread ++LIBS += -lpthread + endif + + + all: aiccu + + aiccu: $(OBJS) ${SRCS} ${INCS} +- $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJS) ++ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) + ifeq ($(shell echo $(CFLAGS) | grep -c "DEBUG"),0) + ifeq ($(shell echo "$(RPM_OPT_FLAGS)" | wc -c),1) +- strip $@ ++ifdef STRIP ++ $(STRIP) $@ ++endif + endif + endif + diff --git a/net-vpn/aiccu/files/aiccu-2007.01.15-gnutls-3.4.patch b/net-vpn/aiccu/files/aiccu-2007.01.15-gnutls-3.4.patch new file mode 100644 index 000000000000..ee637a761029 --- /dev/null +++ b/net-vpn/aiccu/files/aiccu-2007.01.15-gnutls-3.4.patch @@ -0,0 +1,22 @@ +from http://git.alpinelinux.org/cgit/aports/tree/main/aiccu + +--- aiccu/common/common.c 2015-04-17 23:08:32.543680010 +0200 ++++ aiccu/common/common.c.new 2015-04-17 23:14:02.152457972 +0200 +@@ -272,7 +272,6 @@ + { + #ifdef AICCU_GNUTLS + /* Allow connections to servers that have OpenPGP keys as well */ +- const int cert_type_priority[3] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 }; + int ret; + #endif /* AICCU_GNUTLS*/ + +@@ -300,8 +299,7 @@ + gnutls_set_default_priority(sock->session); + /* XXX: Return value is not documented in GNUTLS documentation! */ + +- gnutls_certificate_type_set_priority(sock->session, cert_type_priority); +- /* XXX: Return value is not documented in GNUTLS documentation! */ ++ gnutls_priority_set_direct(sock->session, "NORMAL:+CTYPE-OPENPGP", NULL); + + /* Configure the x509 credentials for the current session */ + gnutls_credentials_set(sock->session, GNUTLS_CRD_CERTIFICATE, g_aiccu->tls_cred); diff --git a/net-vpn/aiccu/files/aiccu-2007.01.15-r2-init.gentoo.patch b/net-vpn/aiccu/files/aiccu-2007.01.15-r2-init.gentoo.patch new file mode 100644 index 000000000000..35ca2b8a6719 --- /dev/null +++ b/net-vpn/aiccu/files/aiccu-2007.01.15-r2-init.gentoo.patch @@ -0,0 +1,33 @@ +--- aiccu/doc/aiccu.init.gentoo ++++ aiccu/doc/aiccu.init.gentoo +@@ -2,7 +2,7 @@ + + depend() { + need net +- after ntp-client ++ after ntp-client ntpd + } + + checkconfig() { +@@ -23,14 +23,19 @@ + start() { + checkconfig || return 1 + ebegin "Starting aiccu" +- start-stop-daemon --start --oknodo --quiet --exec /usr/sbin/aiccu -- start ++ start-stop-daemon --start --quiet --exec /usr/sbin/aiccu -- start + eend $? + } + + + stop() { + ebegin "Stopping aiccu" +- start-stop-daemon --stop --oknodo --quiet --exec /usr/sbin/aiccu -- stop ++ start-stop-daemon --stop --pidfile /var/run/aiccu.pid --quiet --exec /usr/sbin/aiccu -- stop + eend $? + } + ++restart() { ++ stop ++ sleep 3 ++ start ++} diff --git a/net-vpn/aiccu/files/aiccu-2007.01.15-setupscript.patch b/net-vpn/aiccu/files/aiccu-2007.01.15-setupscript.patch new file mode 100644 index 000000000000..8981530435f3 --- /dev/null +++ b/net-vpn/aiccu/files/aiccu-2007.01.15-setupscript.patch @@ -0,0 +1,17 @@ +--- aiccu/unix-console/main.c ++++ aiccu/unix-console/main.c +@@ -471,6 +471,14 @@ + */ + if (aiccu_setup(hTunnel, true)) + { ++ ++ /* Running setup script */ ++ if (g_aiccu->setupscript) ++ { ++ aiccu_exec("%s", g_aiccu->setupscript); ++ } ++ ++ + /* We need to stay running when doing Heartbeat or AYIYA */ + if ( strcasecmp(hTunnel->sType, "6in4-heartbeat") == 0 || + strcasecmp(hTunnel->sType, "ayiya") == 0) diff --git a/net-vpn/aiccu/files/aiccu-2007.01.15-systemd.patch b/net-vpn/aiccu/files/aiccu-2007.01.15-systemd.patch new file mode 100644 index 000000000000..e8616d04b3fc --- /dev/null +++ b/net-vpn/aiccu/files/aiccu-2007.01.15-systemd.patch @@ -0,0 +1,52 @@ +--- /dev/null ++++ aiccu-2007.01.15/doc/aiccu.service +@@ -0,0 +1,13 @@ ++[Unit] ++Description=Automatic IPv6 Connectivity Client Utility ++After=time-sync.target network.target ++ConditionPathExists=/etc/aiccu.conf ++ ++ ++[Service] ++Type=notify ++ExecStart=/usr/sbin/aiccu start ++ExecStop=/usr/sbin/aiccu stop ++ ++[Install] ++WantedBy=multi-user.target +--- aiccu-2007.01.15/unix-console/Makefile ++++ aiccu-2007.01.15/unix-console/Makefile +@@ -48,6 +48,10 @@ ifeq ($(shell uname | grep -c "Linux"),1) + SRCS += ../common/aiccu_linux.c + OBJS += ../common/aiccu_linux.o + LIBS += -lpthread -lresolv ++ifeq (1,$(HAVE_SYSTEMD)) ++LIBS += $(shell pkg-config --libs libsystemd 2>/dev/null || pkg-config --libs libsystemd-daemon) ++CFLAGS += -DHAVE_SYSTEMD ++endif + endif + + # FreeBSD +--- aiccu-2007.01.15/unix-console/main.c ++++ aiccu-2007.01.15/unix-console/main.c +@@ -12,6 +12,9 @@ + + #include "../common/aiccu.h" + #include "../common/tun.h" ++#ifdef HAVE_SYSTEMD ++#include <systemd/sd-daemon.h> ++#endif + + #ifndef _WIN32 + /* Enable/Disable heartbeating */ +@@ -478,6 +481,10 @@ int main(int argc, char *argv[]) + aiccu_exec("%s", g_aiccu->setupscript); + } + ++#ifdef HAVE_SYSTEMD ++ /* Tell systemd we are operational. */ ++ sd_notify(0, "READY=1"); ++#endif + + /* We need to stay running when doing Heartbeat or AYIYA */ + if ( strcasecmp(hTunnel->sType, "6in4-heartbeat") == 0 || diff --git a/net-vpn/aiccu/files/aiccu-2007.01.15-uclibc.patch b/net-vpn/aiccu/files/aiccu-2007.01.15-uclibc.patch new file mode 100644 index 000000000000..56341dea72f4 --- /dev/null +++ b/net-vpn/aiccu/files/aiccu-2007.01.15-uclibc.patch @@ -0,0 +1,29 @@ +--- aiccu/common/resolver.c ++++ aiccu/common/resolver.c +@@ -26,7 +26,7 @@ + + int getrrs(const char *label, int rrtype, void gotrec(unsigned int num, int type, const char *record)) + { +-#ifdef _LINUX ++#if defined(_LINUX) && ! defined(__UCLIBC__) + struct __res_state res; + #endif + unsigned char answer[8192]; +@@ -38,7 +38,7 @@ + uint16_t type = 0, class = 0; + uint32_t ttl = 0; + +-#ifdef _LINUX ++#if defined(_LINUX) && ! defined(__UCLIBC__) + memset(&res, 0, sizeof(res)); + res.options = RES_DEBUG; + res_ninit(&res); +@@ -47,7 +47,7 @@ + #endif + + memset(answer, 0, sizeof(answer)); +-#ifdef _LINUX ++#if defined(_LINUX) && ! defined(__UCLIBC__) + ret = res_nquery(&res, label, C_IN, rrtype, answer, sizeof(answer)); + #else + ret = res_query(label, C_IN, rrtype, answer, sizeof(answer)); diff --git a/net-vpn/aiccu/metadata.xml b/net-vpn/aiccu/metadata.xml new file mode 100644 index 000000000000..a535b8852829 --- /dev/null +++ b/net-vpn/aiccu/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="person"> +<email>xmw@gentoo.org</email> +<name>Michael Weber</name> +</maintainer> +</pkgmetadata> diff --git a/net-vpn/corkscrew/Manifest b/net-vpn/corkscrew/Manifest new file mode 100644 index 000000000000..3cb1d976bd02 --- /dev/null +++ b/net-vpn/corkscrew/Manifest @@ -0,0 +1 @@ +DIST corkscrew-2.0.tar.gz 56749 SHA256 0d0fcbb41cba4a81c4ab494459472086f377f9edb78a2e2238ed19b58956b0be SHA512 bfea81064601cdf67ba1730b49e3a5f7aa377423edbfb052ff0f6b2776b49e104852b7f126f4668d37541a706313ef37d9b4535126e94bb202db4ac38f693e6f WHIRLPOOL 3a765adb7d17e3d48df6396e2da7796ee90b3f25bf99737ddb40f28193183821b363b21bb071cfbf6bf7166c66e069066cf429d2aceff5c08bea4b2ed719e022 diff --git a/net-vpn/corkscrew/corkscrew-2.0.ebuild b/net-vpn/corkscrew/corkscrew-2.0.ebuild new file mode 100644 index 000000000000..2982c2a8fddf --- /dev/null +++ b/net-vpn/corkscrew/corkscrew-2.0.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=4 +inherit autotools + +DESCRIPTION="a tool for tunneling SSH through HTTP proxies" +HOMEPAGE="http://www.agroman.net/corkscrew/" +SRC_URI="http://www.agroman.net/${PN}/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ~arm ~ppc ~sparc x86" +IUSE="" + +DOCS="AUTHORS ChangeLog README TODO" + +src_prepare() { + # Christoph Mende <angelos@gentoo.org (23 Jun 2010) + # Shipped configure doesn't work with some locales (bug #305771) + # Shipped missing doesn't work with new configure, so we'll force + # regeneration + rm -f install-sh missing mkinstalldirs || die + + # Samuli Suominen <ssuominen@gentoo.org> (24 Jun 2012) + # AC_HEADER_STDC is called separately and #include <string.h> is + # without #ifdef in corkscrew.c. Instead of using AC_C_PROTOTYPES, + # remove the call entirely as unused wrt bug #423193 + sed -i -e 's:AM_C_PROTOTYPES:dnl &:' configure.in || die + + eautoreconf +} diff --git a/net-vpn/corkscrew/metadata.xml b/net-vpn/corkscrew/metadata.xml new file mode 100644 index 000000000000..306c354edf5b --- /dev/null +++ b/net-vpn/corkscrew/metadata.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="project"> + <email>sysadmin@gentoo.org</email> + <name>Gentoo Sysadmin Project</name> +</maintainer> +<longdescription> +Corkscrew is a tool for tunneling SSH through HTTP proxies. +</longdescription> +<longdescription lang="ja"> +Corkscrew は HTTP プロクシ経由の SSH トンネルを構築するツールです。 +</longdescription> +</pkgmetadata> diff --git a/net-vpn/httptunnel/Manifest b/net-vpn/httptunnel/Manifest new file mode 100644 index 000000000000..baa7722c26ba --- /dev/null +++ b/net-vpn/httptunnel/Manifest @@ -0,0 +1 @@ +DIST httptunnel-3.3.tar.gz 262749 SHA256 142f82b204876c2aa90f19193c7ff78d90bb4c2cba99dfd4ef625864aed1c556 SHA512 84503e27e84cd39441a7592d6446e30fce07a54b940e4398407dc105fabc6c8f96d3b5d05137d6dab22b2088c5b114728551337429748c900bd6fe7d6b6109e5 WHIRLPOOL 2a747d5c7b0feb563a055013a330d8842b7cddbb4864aa13c98a47aaadab04480c48ffe00a4a26c44a52fe9afd7820646307b4d815ee1038d65a1e2546c451d4 diff --git a/net-vpn/httptunnel/files/httptunnel-3.3-fix_write_stdin.patch b/net-vpn/httptunnel/files/httptunnel-3.3-fix_write_stdin.patch new file mode 100644 index 000000000000..904df6f91159 --- /dev/null +++ b/net-vpn/httptunnel/files/httptunnel-3.3-fix_write_stdin.patch @@ -0,0 +1,12 @@ +diff -dur httptunnel-3.3/common.c httptunnel-3.3-fix_write_stdin/common.c +--- httptunnel-3.3/common.c 2001-02-25 12:45:41.000000000 +0100 ++++ httptunnel-3.3-fix_write_stdin/common.c 2007-06-20 21:38:54.000000000 +0200 +@@ -314,7 +314,7 @@ + + /* If fd == 0, then we are using --stdin-stdout so write to stdout, + * not fd. */ +- m = write_all (fd ? fd : 0, buf, (size_t)n); ++ m = write_all (fd ? fd : 1, buf, (size_t)n); + log_annoying ("write_all (%d, %p, %d) = %d", fd ? fd : 1, buf, n, m); + return m; + } diff --git a/net-vpn/httptunnel/httptunnel-3.3-r2.ebuild b/net-vpn/httptunnel/httptunnel-3.3-r2.ebuild new file mode 100644 index 000000000000..74bc2848e259 --- /dev/null +++ b/net-vpn/httptunnel/httptunnel-3.3-r2.ebuild @@ -0,0 +1,30 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=4 + +inherit eutils toolchain-funcs + +DESCRIPTION="httptunnel can create IP tunnels through firewalls/proxies using HTTP" +HOMEPAGE="http://www.nocrew.org/software/httptunnel.html" +SRC_URI="http://www.nocrew.org/software/${PN}/${P}.tar.gz" +LICENSE="GPL-2" +KEYWORDS="amd64 ppc x86 ~x86-fbsd" +IUSE="" +SLOT="0" + +DEPEND="" +RDEPEND="" + +src_prepare() { + epatch "${FILESDIR}"/${P}-fix_write_stdin.patch + tc-export CC +} + +src_configure() { + ./configure \ + --host=${CHOST} \ + --prefix=/usr \ + --infodir=/usr/share/info \ + --mandir=/usr/share/man || die +} diff --git a/net-vpn/httptunnel/metadata.xml b/net-vpn/httptunnel/metadata.xml new file mode 100644 index 000000000000..6f49eba8f496 --- /dev/null +++ b/net-vpn/httptunnel/metadata.xml @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<!-- maintainer-needed --> +</pkgmetadata> diff --git a/net-vpn/htun/Manifest b/net-vpn/htun/Manifest new file mode 100644 index 000000000000..355750f42f01 --- /dev/null +++ b/net-vpn/htun/Manifest @@ -0,0 +1 @@ +DIST htun-0.9.6.tar.gz 63745 SHA256 acf330a37f1ac676dcb82160f43f12e0b266263f8bf918d9990f1e17e57ed83f SHA512 d709e9b6a809df5711b3c3c61c207a0ce72a054904fbe0a39bb9c60f174b19eb5fe183e3218100f45941035f72c5212fcbd716858631d1f117e6f88608f8ea0d WHIRLPOOL 3ce553377c2107814455f9d421d5bf2cbfdb40b68e371fc3f078b2a32bfe486861d4d8a683b427238952873651606184186f9e425f22f57d34a0295c0f105a36 diff --git a/net-vpn/htun/files/README.gentoo b/net-vpn/htun/files/README.gentoo new file mode 100644 index 000000000000..1710c726723a --- /dev/null +++ b/net-vpn/htun/files/README.gentoo @@ -0,0 +1,3 @@ +NOTE: HTun requires the Universal TUN/TAP module +available in the Linux kernel. Make sure you have +compiled the tun.o driver as a module! diff --git a/net-vpn/htun/files/htun-0.9.6-glibc.patch b/net-vpn/htun/files/htun-0.9.6-glibc.patch new file mode 100644 index 000000000000..3f281c526388 --- /dev/null +++ b/net-vpn/htun/files/htun-0.9.6-glibc.patch @@ -0,0 +1,14 @@ +get things building with glibc-2.8 + +http://bugs.gentoo.org/248100 + +--- a/include/common.h ++++ b/include/common.h +@@ -23,6 +23,7 @@ + #ifndef __COMMON_H + #define __COMMON_H + ++#include <limits.h> + #include <netinet/in.h> + #include <time.h> + #include "queue.h" diff --git a/net-vpn/htun/files/htun-0.9.6-makefile.patch b/net-vpn/htun/files/htun-0.9.6-makefile.patch new file mode 100644 index 000000000000..c1f0b76bfa14 --- /dev/null +++ b/net-vpn/htun/files/htun-0.9.6-makefile.patch @@ -0,0 +1,34 @@ +* Fix build system to not hardcode CC +* Fix build system to respect user flags + +--- a/src/Makefile ++++ b/src/Makefile +@@ -20,16 +20,14 @@ + + # $Id: Makefile,v 2.16 2002/08/11 15:57:07 jehsom Exp $ + +- +-CFLAGS = -I../include -I. -O -W -Wall -g -D_REENTRANT #-pg -a +-LDFLAGS = -lfl -lpthread # -flex for linux, solaris ? +-LEX_CFLAGS = -I../include -I. -g -D_REENTRANT #-pg -a ++CFLAGS := $(CFLAGS) -I../include -I. -O -W -Wall -D_REENTRANT ++LDFLAGS := $(LDFLAGS) -lfl -lpthread ++LEX_CFLAGS = -I../include -I. -D_REENTRANT + + # in Linux, LFLAGS is empty. In Solaris, LFLAGS = -lnsl -lsocket + #LFLAGS = -lnsl -lsocket + + VPATH = .:../include +-CC := gcc + LEX = flex + YACC = yacc + INCLUDE := $(wildcard ../include/*.h) +@@ -52,7 +50,7 @@ + $(OBJS): $(INCLUDE) + + $(CONFOBS): $(CONFSRC) +- $(CC) $(LEX_CFLAGS) -c $(@:.o=.c) ++ $(CC) $(CFLAGS) $(LEX_CFLAGS) -c $(@:.o=.c) + + lex.yy.c: parse.l + $(LEX) $^ diff --git a/net-vpn/htun/htun-0.9.6.ebuild b/net-vpn/htun/htun-0.9.6.ebuild new file mode 100644 index 000000000000..a04679b6af39 --- /dev/null +++ b/net-vpn/htun/htun-0.9.6.ebuild @@ -0,0 +1,45 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit flag-o-matic readme.gentoo-r1 toolchain-funcs + +DESCRIPTION="Project to tunnel IP traffic over HTTP" +HOMEPAGE="http://linux.softpedia.com/get/System/Networking/HTun-14751.shtml" +SRC_URI="http://www.sourcefiles.org/Networking/Tools/Proxy/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +# should not be replaced by virtual/yacc +# at least failed with dev-util/bison +DEPEND="dev-util/yacc" +RDEPEND="" + +PATCHES=( + "${FILESDIR}"/${P}-glibc.patch #248100 + "${FILESDIR}"/${P}-makefile.patch +) + +src_configure() { + # Fix multiple symbol definitions due to + # C99/C11 inline semantics, bug 571458 + append-cflags -std=gnu89 +} + +src_compile() { + emake -C src CC="$(tc-getCC)" +} + +src_install() { + dosbin src/htund + + insinto /etc + doins doc/htund.conf + + local DOCS=( doc/. README ) + einstalldocs + readme.gentoo_create_doc +} diff --git a/net-vpn/htun/metadata.xml b/net-vpn/htun/metadata.xml new file mode 100644 index 000000000000..6f49eba8f496 --- /dev/null +++ b/net-vpn/htun/metadata.xml @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<!-- maintainer-needed --> +</pkgmetadata> diff --git a/net-vpn/i2p/Manifest b/net-vpn/i2p/Manifest new file mode 100644 index 000000000000..b9bde310e97b --- /dev/null +++ b/net-vpn/i2p/Manifest @@ -0,0 +1,3 @@ +DIST i2psource_0.9.26.tar.bz2 27039859 SHA256 49fbaea7f4d5ea0606de68ebb270fc3d4380631ecfd5c9ad82ed9356e29df937 SHA512 2b3f96fe97418c176b4e0058817bde81909e46d136ed5cadf9f8fb4323b0a35e0a5d3fc0eaadacbfe8f9578376d8a6c6757121452cd9f7c1c3c7d019169a914d WHIRLPOOL b8161e77a491d26f24e786bf185f9eba35aa4421ba17e668f3a8f73fc481c6c8b7ea630b8c860f4cb2c877660a703aaa0dfa2d03d8163ea98a151302067e1600 +DIST i2psource_0.9.27.tar.bz2 27339726 SHA256 89808fa062735fc880d28d232fae27028d9ecdc13b1695a251ecfec119bc15da SHA512 44825a638c0867701825e3098ca570d240db7bce761261ce6b3ebf0d781d096969275e27774a0fdf65fde11231e4f762b113abb40b9cd4edcadfd696397c719f WHIRLPOOL ae3d10635c1f508ca6e9d58a2bdaa258d62f1b6841d7555c86ae5551faaf5ef12ac620c3f6be65e1104115dbcfdde3768df97d2242852081d1ee48f497e044c0 +DIST i2psource_0.9.28.tar.bz2 27137199 SHA256 7bb27444bd1074a0f670276ad07e0b5b2a7a29ed6d25d93e6f95646981cd0aaf SHA512 95510e391e2b594c87b61cf6915d69f4f8cd08e7791b3710b5da28b1df8ec63a7e6829d37b1242fc603398495445e7024522f3554266aaf0028a6f82569660f6 WHIRLPOOL 2d7b82c64570d17e7484a51745cabeedbb54a219610d1b82e9c3f276e6c204be335d73bfe0cb05b1fbd50eee0e4d7dcc7ec1c124831d7b5cfd81a2dcc6b6807a diff --git a/net-vpn/i2p/files/i2p-0.9.26-add_libs.patch b/net-vpn/i2p/files/i2p-0.9.26-add_libs.patch new file mode 100644 index 000000000000..945366966ca4 --- /dev/null +++ b/net-vpn/i2p/files/i2p-0.9.26-add_libs.patch @@ -0,0 +1,22 @@ +diff -Naur a/wrapper.config b/wrapper.config +--- a/installer/resources/wrapper.config 2016-02-07 23:19:48.714569016 +0100 ++++ b/installer/resources/wrapper.config 2016-02-07 23:20:37.523566840 +0100 +@@ -61,12 +61,18 @@ + # Be sure there are no other duplicate classes. + # + wrapper.java.classpath.1=$INSTALL_PATH/lib/*.jar ++wrapper.java.classpath.2=/usr/share/tomcat-jstl-impl/lib/*.jar ++wrapper.java.classpath.3=/usr/share/tomcat-jstl-spec/lib/*.jar ++wrapper.java.classpath.4=/usr/share/java-service-wrapper/lib/*.jar ++wrapper.java.classpath.5=/usr/share/bcprov-1.50/lib/*.jar ++wrapper.java.classpath.6=/usr/share/jrobin/lib/*.jar + # uncomment this to use the system classpath as well (e.g. to get tools.jar) + # wrapper.java.classpath.2=%CLASSPATH% + + # Java Library Path (location of Wrapper.DLL or libwrapper.so) + wrapper.java.library.path.1=$INSTALL_PATH + wrapper.java.library.path.2=$INSTALL_PATH/lib ++wrapper.java.library.path.3=/usr/lib/java-service-wrapper + + # Java Bits. On applicable platforms, tells the JVM to run in 32 or 64-bit mode. + wrapper.java.additional.auto_bits=TRUE diff --git a/net-vpn/i2p/files/i2p-0.9.26.initd b/net-vpn/i2p/files/i2p-0.9.26.initd new file mode 100644 index 000000000000..ae4774e2051c --- /dev/null +++ b/net-vpn/i2p/files/i2p-0.9.26.initd @@ -0,0 +1,35 @@ +#!/sbin/openrc-run +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + need net +} + +HOME="/var/lib/i2p" +USER_HOME="$HOME" +JAVABINARY="/etc/java-config-2/current-system-vm/bin/java" +INSTALL_PATH="/usr/share/i2p" +I2P="$INSTALL_PATH" +I2P_CONFIG_DIR="$USER_HOME/.i2p" +SYSTEM_java_io_tmpdir="$I2P_CONFIG_DIR" +I2PTEMP="$SYSTEM_java_io_tmpdir" +LOGFILE="$I2P_CONFIG_DIR/wrapper.log" +PIDFILE="/var/run/i2p.pid" +WRAPPER_CMD="$I2P/i2psvc" +WRAPPER_CONF="$I2P/wrapper.config" + +start() { + ebegin "Starting I2P" + start-stop-daemon --start -b -m -u i2p --pidfile "$PIDFILE" --quiet --exec $WRAPPER_CMD -- -c $WRAPPER_CONF wrapper.daemonize=FALSE wrapper.syslog.ident=i2p wrapper.java.command="$JAVABINARY" wrapper.name=i2p wrapper.displayname="I2P Service" wrapper.statusfile="$I2P_CONFIG_DIR/i2p.status" wrapper.java.statusfile="$I2P_CONFIG_DIR/i2p.java.status" wrapper.logfile="$LOGFILE" + sleep 1 + [ -e "$PIDFILE" -a -e /proc/$(cat "$PIDFILE") ] + eend $? +} + +stop() { + ebegin "Stopping I2P" + start-stop-daemon --stop -u i2p --pidfile "$PIDFILE" --quiet --exec $WRAPPER_CMD -R SIGTERM/20 SIGKILL/20 -P + eend $? +} + diff --git a/net-vpn/i2p/files/i2p-0.9.26.service b/net-vpn/i2p/files/i2p-0.9.26.service new file mode 100644 index 000000000000..ccbadbd4d167 --- /dev/null +++ b/net-vpn/i2p/files/i2p-0.9.26.service @@ -0,0 +1,13 @@ +[Unit] +Description=Invisible Internet Project +After=network.target + +[Service] +User=i2p +Type=forking +ExecReload=/usr/bin/i2prouter restart +ExecStart=/usr/bin/i2prouter start +ExecStop=/usr/bin/i2prouter stop + +[Install] +WantedBy=multi-user.target diff --git a/net-vpn/i2p/files/i2p-0.9.27-add_libs.patch b/net-vpn/i2p/files/i2p-0.9.27-add_libs.patch new file mode 100644 index 000000000000..0ea3149a3628 --- /dev/null +++ b/net-vpn/i2p/files/i2p-0.9.27-add_libs.patch @@ -0,0 +1,22 @@ +diff -Naur a/installer/resources/wrapper.config b/installer/resources/wrapper.config +--- a/installer/resources/wrapper.config 2016-11-07 11:42:42.503030002 +0100 ++++ b/installer/resources/wrapper.config 2016-11-07 11:43:11.873031594 +0100 +@@ -61,12 +61,18 @@ + # Be sure there are no other duplicate classes. + # + wrapper.java.classpath.1=$INSTALL_PATH/lib/*.jar ++wrapper.java.classpath.2=/usr/share/tomcat-jstl-impl/lib/*.jar ++wrapper.java.classpath.3=/usr/share/tomcat-jstl-spec/lib/*.jar ++wrapper.java.classpath.4=/usr/share/java-service-wrapper/lib/*.jar ++wrapper.java.classpath.5=/usr/share/bcprov-1.50/lib/*.jar ++wrapper.java.classpath.6=/usr/share/jrobin/lib/*.jar + # uncomment this to use the system classpath as well (e.g. to get tools.jar) + # wrapper.java.classpath.2=%CLASSPATH% + + # Java Library Path (location of Wrapper.DLL or libwrapper.so) + wrapper.java.library.path.1=$INSTALL_PATH + wrapper.java.library.path.2=$INSTALL_PATH/lib ++wrapper.java.library.path.3=/usr/lib/java-service-wrapper + + # Java Bits. On applicable platforms, tells the JVM to run in 32 or 64-bit mode. + wrapper.java.additional.auto_bits=TRUE diff --git a/net-vpn/i2p/files/i2p-0.9.27.initd b/net-vpn/i2p/files/i2p-0.9.27.initd new file mode 100644 index 000000000000..216d19474cb8 --- /dev/null +++ b/net-vpn/i2p/files/i2p-0.9.27.initd @@ -0,0 +1,35 @@ +#!/sbin/openrc-run +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + need net +} + +HOME="/var/lib/i2p" +USER_HOME="$HOME" +JAVABINARY="/etc/java-config-2/current-system-vm/bin/java" +INSTALL_PATH="/usr/share/i2p" +I2P="$INSTALL_PATH" +I2P_CONFIG_DIR="$USER_HOME/.i2p" +SYSTEM_java_io_tmpdir="$I2P_CONFIG_DIR" +I2PTEMP="$SYSTEM_java_io_tmpdir" +LOGFILE="$I2P_CONFIG_DIR/wrapper.log" +PIDFILE="/var/run/i2p.pid" +WRAPPER_CMD="$I2P/i2psvc" +WRAPPER_CONF="$I2P/wrapper.config" + +start() { + ebegin "Starting I2P" + start-stop-daemon --start -b -m -u i2p --pidfile "$PIDFILE" --quiet --exec $WRAPPER_CMD -- -c $WRAPPER_CONF wrapper.daemonize=FALSE wrapper.syslog.ident=i2p wrapper.java.command="$JAVABINARY" wrapper.name=i2p wrapper.displayname="I2P Service" wrapper.statusfile="$I2P_CONFIG_DIR/i2p.status" wrapper.java.statusfile="$I2P_CONFIG_DIR/i2p.java.status" wrapper.logfile="$LOGFILE" + sleep 1 + [ -e "$PIDFILE" -a -e /proc/$(cat "$PIDFILE") ] + eend $? +} + +stop() { + ebegin "Stopping I2P" + start-stop-daemon --stop -u i2p --pidfile "$PIDFILE" --quiet --exec $WRAPPER_CMD -R SIGTERM/20 SIGKILL/20 -P + eend $? +} + diff --git a/net-vpn/i2p/files/i2p-0.9.27.service b/net-vpn/i2p/files/i2p-0.9.27.service new file mode 100644 index 000000000000..ccbadbd4d167 --- /dev/null +++ b/net-vpn/i2p/files/i2p-0.9.27.service @@ -0,0 +1,13 @@ +[Unit] +Description=Invisible Internet Project +After=network.target + +[Service] +User=i2p +Type=forking +ExecReload=/usr/bin/i2prouter restart +ExecStart=/usr/bin/i2prouter start +ExecStop=/usr/bin/i2prouter stop + +[Install] +WantedBy=multi-user.target diff --git a/net-vpn/i2p/files/i2p-0.9.28-add_libs.patch b/net-vpn/i2p/files/i2p-0.9.28-add_libs.patch new file mode 100644 index 000000000000..0ea3149a3628 --- /dev/null +++ b/net-vpn/i2p/files/i2p-0.9.28-add_libs.patch @@ -0,0 +1,22 @@ +diff -Naur a/installer/resources/wrapper.config b/installer/resources/wrapper.config +--- a/installer/resources/wrapper.config 2016-11-07 11:42:42.503030002 +0100 ++++ b/installer/resources/wrapper.config 2016-11-07 11:43:11.873031594 +0100 +@@ -61,12 +61,18 @@ + # Be sure there are no other duplicate classes. + # + wrapper.java.classpath.1=$INSTALL_PATH/lib/*.jar ++wrapper.java.classpath.2=/usr/share/tomcat-jstl-impl/lib/*.jar ++wrapper.java.classpath.3=/usr/share/tomcat-jstl-spec/lib/*.jar ++wrapper.java.classpath.4=/usr/share/java-service-wrapper/lib/*.jar ++wrapper.java.classpath.5=/usr/share/bcprov-1.50/lib/*.jar ++wrapper.java.classpath.6=/usr/share/jrobin/lib/*.jar + # uncomment this to use the system classpath as well (e.g. to get tools.jar) + # wrapper.java.classpath.2=%CLASSPATH% + + # Java Library Path (location of Wrapper.DLL or libwrapper.so) + wrapper.java.library.path.1=$INSTALL_PATH + wrapper.java.library.path.2=$INSTALL_PATH/lib ++wrapper.java.library.path.3=/usr/lib/java-service-wrapper + + # Java Bits. On applicable platforms, tells the JVM to run in 32 or 64-bit mode. + wrapper.java.additional.auto_bits=TRUE diff --git a/net-vpn/i2p/files/i2p-0.9.28.initd b/net-vpn/i2p/files/i2p-0.9.28.initd new file mode 100644 index 000000000000..216d19474cb8 --- /dev/null +++ b/net-vpn/i2p/files/i2p-0.9.28.initd @@ -0,0 +1,35 @@ +#!/sbin/openrc-run +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + need net +} + +HOME="/var/lib/i2p" +USER_HOME="$HOME" +JAVABINARY="/etc/java-config-2/current-system-vm/bin/java" +INSTALL_PATH="/usr/share/i2p" +I2P="$INSTALL_PATH" +I2P_CONFIG_DIR="$USER_HOME/.i2p" +SYSTEM_java_io_tmpdir="$I2P_CONFIG_DIR" +I2PTEMP="$SYSTEM_java_io_tmpdir" +LOGFILE="$I2P_CONFIG_DIR/wrapper.log" +PIDFILE="/var/run/i2p.pid" +WRAPPER_CMD="$I2P/i2psvc" +WRAPPER_CONF="$I2P/wrapper.config" + +start() { + ebegin "Starting I2P" + start-stop-daemon --start -b -m -u i2p --pidfile "$PIDFILE" --quiet --exec $WRAPPER_CMD -- -c $WRAPPER_CONF wrapper.daemonize=FALSE wrapper.syslog.ident=i2p wrapper.java.command="$JAVABINARY" wrapper.name=i2p wrapper.displayname="I2P Service" wrapper.statusfile="$I2P_CONFIG_DIR/i2p.status" wrapper.java.statusfile="$I2P_CONFIG_DIR/i2p.java.status" wrapper.logfile="$LOGFILE" + sleep 1 + [ -e "$PIDFILE" -a -e /proc/$(cat "$PIDFILE") ] + eend $? +} + +stop() { + ebegin "Stopping I2P" + start-stop-daemon --stop -u i2p --pidfile "$PIDFILE" --quiet --exec $WRAPPER_CMD -R SIGTERM/20 SIGKILL/20 -P + eend $? +} + diff --git a/net-vpn/i2p/files/i2p-0.9.28.service b/net-vpn/i2p/files/i2p-0.9.28.service new file mode 100644 index 000000000000..ccbadbd4d167 --- /dev/null +++ b/net-vpn/i2p/files/i2p-0.9.28.service @@ -0,0 +1,13 @@ +[Unit] +Description=Invisible Internet Project +After=network.target + +[Service] +User=i2p +Type=forking +ExecReload=/usr/bin/i2prouter restart +ExecStart=/usr/bin/i2prouter start +ExecStop=/usr/bin/i2prouter stop + +[Install] +WantedBy=multi-user.target diff --git a/net-vpn/i2p/i2p-0.9.26.ebuild b/net-vpn/i2p/i2p-0.9.26.ebuild new file mode 100644 index 000000000000..6514c7a98dcd --- /dev/null +++ b/net-vpn/i2p/i2p-0.9.26.ebuild @@ -0,0 +1,159 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit eutils java-pkg-2 java-ant-2 systemd user + +DESCRIPTION="A privacy-centric, anonymous network." +HOMEPAGE="https://geti2p.net" +SRC_URI="https://download.i2p2.de/releases/${PV}/i2psource_${PV}.tar.bz2" + +LICENSE="Apache-2.0 Artistic BSD CC-BY-2.5 CC-BY-3.0 CC-BY-SA-3.0 EPL-1.0 GPL-2 GPL-3 LGPL-2.1 LGPL-3 MIT public-domain WTFPL-2" +SLOT="0" + +# Until the deps reach other arches +KEYWORDS="~amd64 ~x86" +IUSE="+ecdsa nls" + +# dev-java/ant-core is automatically added due to java-ant-2.eclass +CDEPEND="dev-java/bcprov:1.50 + dev-java/jrobin:0 + dev-java/slf4j-api:0 + dev-java/tomcat-jstl-impl:0 + dev-java/tomcat-jstl-spec:0 + dev-java/java-service-wrapper:0" + +DEPEND="${CDEPEND} + dev-java/eclipse-ecj:* + dev-libs/gmp:0 + nls? ( >=sys-devel/gettext-0.19 ) + >=virtual/jdk-1.7" + +RDEPEND="${CDEPEND} + ecdsa? ( + || ( + dev-java/icedtea:7[-sunec] + dev-java/icedtea:8[-sunec] + dev-java/icedtea:7[nss,-sunec] + dev-java/icedtea-bin:7[nss] + dev-java/icedtea-bin:7 + dev-java/icedtea-bin:8 + dev-java/oracle-jre-bin + dev-java/oracle-jdk-bin + ) + ) + !ecdsa? ( >=virtual/jre-1.7 )" + +EANT_BUILD_TARGET="pkg" +EANT_GENTOO_CLASSPATH="java-service-wrapper,jrobin,slf4j-api,tomcat-jstl-impl,tomcat-jstl-spec,bcprov-1.50" +JAVA_ANT_ENCODING="UTF-8" + +I2P_ROOT='/usr/share/i2p' +I2P_CONFIG_HOME='/var/lib/i2p' +I2P_CONFIG_DIR="${I2P_CONFIG_HOME}/.i2p" + +RES_DIR='installer/resources' + +PATCHES=( + "${FILESDIR}/${P}-add_libs.patch" +) + +pkg_setup() { + java-pkg-2_pkg_setup + + enewgroup i2p + enewuser i2p -1 -1 "${I2P_CONFIG_HOME}" i2p +} + +src_unpack() { + unpack ${A} + cd "${S}" || die + java-ant_rewrite-classpath +} + +src_prepare() { + java-pkg-2_src_prepare + + # We're on GNU/Linux, we don't need .exe files + echo "noExe=true" > override.properties || die + if ! use nls; then + echo "require.gettext=false" >> override.properties || die + fi + + # avoid auto starting browser + sed -i 's|clientApp.4.startOnLoad=true|clientApp.4.startOnLoad=false|' \ + "${RES_DIR}/clients.config" || die + + # we do it now so we can resolve path after + default + + # replace paths as the installer would + sed -i "s|%INSTALL_PATH|${I2P_ROOT}|" \ + "${RES_DIR}/"{eepget,i2prouter,runplain.sh} || die + sed -i "s|\$INSTALL_PATH|${I2P_ROOT}|" "${RES_DIR}/wrapper.config" || die + sed -i "s|%SYSTEM_java_io_tmpdir|${I2P_CONFIG_DIR}|" \ + "${RES_DIR}/"{i2prouter,runplain.sh} || die + sed -i "s|%USER_HOME|${I2P_CONFIG_HOME}|" "${RES_DIR}/i2prouter" || die +} + +src_install() { + # cd into pkg-temp. + cd "${S}/pkg-temp" || die + + # This is ugly, but to satisfy all non-system .jar dependencies, jetty + # would need to be packaged. It would be too large a task + # for an unseasoned developer. This seems to be the most pragmatic solution + java-pkg_jarinto "${I2P_ROOT}/lib" + local i + for i in BOB commons-el commons-logging i2p i2psnark i2ptunnel \ + jasper-compiler jasper-runtime javax.servlet jbigi jetty* mstreaming org.mortbay.* router* \ + sam standard streaming systray; do + java-pkg_dojar lib/${i}.jar + done + + # Set up symlinks for binaries + dosym /usr/bin/wrapper "${I2P_ROOT}/i2psvc" + dosym "${I2P_ROOT}/i2prouter" /usr/bin/i2prouter + dosym "${I2P_ROOT}/eepget" /usr/bin/eepget + + # Install main files and basic documentation + exeinto "${I2P_ROOT}" + insinto "${I2P_ROOT}" + doins blocklist.txt hosts.txt *.config + doexe eepget i2prouter runplain.sh + dodoc history.txt INSTALL-headless.txt LICENSE.txt + doman man/* + + # Install other directories + doins -r certificates docs eepsite geoip scripts + dodoc -r licenses + java-pkg_dowar webapps/*.war + + # Install daemon files + newinitd "${FILESDIR}/${P}.initd" i2p + systemd_newunit "${FILESDIR}/${P}.service" i2p.service + + # setup user + keepdir "${I2P_CONFIG_DIR}" + fowners -R i2p:i2p "${I2P_CONFIG_DIR}" +} + +pkg_postinst() { + elog "Custom configuration belongs in /var/lib/i2p/.i2p/ to avoid being overwritten." + elog "I2P can be configured through the web interface at http://localhost:7657/index.jsp" + + ewarn 'Currently, the i2p team does not enforce to use ECDSA keys. But it is more and' + ewarn 'more pushed. To help the network, you are recommended to have either:' + ewarn ' dev-java/icedtea[-sunec,nss]' + ewarn ' dev-java/icedtea-bin[nss]' + ewarn ' dev-java/icedtea[-sunec] and bouncycastle (bcprov)' + ewarn ' dev-java/icedtea-bin and bouncycastle (bcprov)' + ewarn ' dev-java/oracle-jre-bin' + ewarn ' dev-java/oracle-jdk-bin' + ewarn 'Alternatively you can just use Ed25519 keys - which is a stronger algorithm anyways.' + ewarn + ewarn "This is purely a run-time issue. You're free to build i2p with any JDK, as long as" + ewarn 'the JVM you run it with is one of the above listed and from the same or a newer generation' + ewarn 'as the one you built with.' +} diff --git a/net-vpn/i2p/i2p-0.9.27.ebuild b/net-vpn/i2p/i2p-0.9.27.ebuild new file mode 100644 index 000000000000..6514c7a98dcd --- /dev/null +++ b/net-vpn/i2p/i2p-0.9.27.ebuild @@ -0,0 +1,159 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit eutils java-pkg-2 java-ant-2 systemd user + +DESCRIPTION="A privacy-centric, anonymous network." +HOMEPAGE="https://geti2p.net" +SRC_URI="https://download.i2p2.de/releases/${PV}/i2psource_${PV}.tar.bz2" + +LICENSE="Apache-2.0 Artistic BSD CC-BY-2.5 CC-BY-3.0 CC-BY-SA-3.0 EPL-1.0 GPL-2 GPL-3 LGPL-2.1 LGPL-3 MIT public-domain WTFPL-2" +SLOT="0" + +# Until the deps reach other arches +KEYWORDS="~amd64 ~x86" +IUSE="+ecdsa nls" + +# dev-java/ant-core is automatically added due to java-ant-2.eclass +CDEPEND="dev-java/bcprov:1.50 + dev-java/jrobin:0 + dev-java/slf4j-api:0 + dev-java/tomcat-jstl-impl:0 + dev-java/tomcat-jstl-spec:0 + dev-java/java-service-wrapper:0" + +DEPEND="${CDEPEND} + dev-java/eclipse-ecj:* + dev-libs/gmp:0 + nls? ( >=sys-devel/gettext-0.19 ) + >=virtual/jdk-1.7" + +RDEPEND="${CDEPEND} + ecdsa? ( + || ( + dev-java/icedtea:7[-sunec] + dev-java/icedtea:8[-sunec] + dev-java/icedtea:7[nss,-sunec] + dev-java/icedtea-bin:7[nss] + dev-java/icedtea-bin:7 + dev-java/icedtea-bin:8 + dev-java/oracle-jre-bin + dev-java/oracle-jdk-bin + ) + ) + !ecdsa? ( >=virtual/jre-1.7 )" + +EANT_BUILD_TARGET="pkg" +EANT_GENTOO_CLASSPATH="java-service-wrapper,jrobin,slf4j-api,tomcat-jstl-impl,tomcat-jstl-spec,bcprov-1.50" +JAVA_ANT_ENCODING="UTF-8" + +I2P_ROOT='/usr/share/i2p' +I2P_CONFIG_HOME='/var/lib/i2p' +I2P_CONFIG_DIR="${I2P_CONFIG_HOME}/.i2p" + +RES_DIR='installer/resources' + +PATCHES=( + "${FILESDIR}/${P}-add_libs.patch" +) + +pkg_setup() { + java-pkg-2_pkg_setup + + enewgroup i2p + enewuser i2p -1 -1 "${I2P_CONFIG_HOME}" i2p +} + +src_unpack() { + unpack ${A} + cd "${S}" || die + java-ant_rewrite-classpath +} + +src_prepare() { + java-pkg-2_src_prepare + + # We're on GNU/Linux, we don't need .exe files + echo "noExe=true" > override.properties || die + if ! use nls; then + echo "require.gettext=false" >> override.properties || die + fi + + # avoid auto starting browser + sed -i 's|clientApp.4.startOnLoad=true|clientApp.4.startOnLoad=false|' \ + "${RES_DIR}/clients.config" || die + + # we do it now so we can resolve path after + default + + # replace paths as the installer would + sed -i "s|%INSTALL_PATH|${I2P_ROOT}|" \ + "${RES_DIR}/"{eepget,i2prouter,runplain.sh} || die + sed -i "s|\$INSTALL_PATH|${I2P_ROOT}|" "${RES_DIR}/wrapper.config" || die + sed -i "s|%SYSTEM_java_io_tmpdir|${I2P_CONFIG_DIR}|" \ + "${RES_DIR}/"{i2prouter,runplain.sh} || die + sed -i "s|%USER_HOME|${I2P_CONFIG_HOME}|" "${RES_DIR}/i2prouter" || die +} + +src_install() { + # cd into pkg-temp. + cd "${S}/pkg-temp" || die + + # This is ugly, but to satisfy all non-system .jar dependencies, jetty + # would need to be packaged. It would be too large a task + # for an unseasoned developer. This seems to be the most pragmatic solution + java-pkg_jarinto "${I2P_ROOT}/lib" + local i + for i in BOB commons-el commons-logging i2p i2psnark i2ptunnel \ + jasper-compiler jasper-runtime javax.servlet jbigi jetty* mstreaming org.mortbay.* router* \ + sam standard streaming systray; do + java-pkg_dojar lib/${i}.jar + done + + # Set up symlinks for binaries + dosym /usr/bin/wrapper "${I2P_ROOT}/i2psvc" + dosym "${I2P_ROOT}/i2prouter" /usr/bin/i2prouter + dosym "${I2P_ROOT}/eepget" /usr/bin/eepget + + # Install main files and basic documentation + exeinto "${I2P_ROOT}" + insinto "${I2P_ROOT}" + doins blocklist.txt hosts.txt *.config + doexe eepget i2prouter runplain.sh + dodoc history.txt INSTALL-headless.txt LICENSE.txt + doman man/* + + # Install other directories + doins -r certificates docs eepsite geoip scripts + dodoc -r licenses + java-pkg_dowar webapps/*.war + + # Install daemon files + newinitd "${FILESDIR}/${P}.initd" i2p + systemd_newunit "${FILESDIR}/${P}.service" i2p.service + + # setup user + keepdir "${I2P_CONFIG_DIR}" + fowners -R i2p:i2p "${I2P_CONFIG_DIR}" +} + +pkg_postinst() { + elog "Custom configuration belongs in /var/lib/i2p/.i2p/ to avoid being overwritten." + elog "I2P can be configured through the web interface at http://localhost:7657/index.jsp" + + ewarn 'Currently, the i2p team does not enforce to use ECDSA keys. But it is more and' + ewarn 'more pushed. To help the network, you are recommended to have either:' + ewarn ' dev-java/icedtea[-sunec,nss]' + ewarn ' dev-java/icedtea-bin[nss]' + ewarn ' dev-java/icedtea[-sunec] and bouncycastle (bcprov)' + ewarn ' dev-java/icedtea-bin and bouncycastle (bcprov)' + ewarn ' dev-java/oracle-jre-bin' + ewarn ' dev-java/oracle-jdk-bin' + ewarn 'Alternatively you can just use Ed25519 keys - which is a stronger algorithm anyways.' + ewarn + ewarn "This is purely a run-time issue. You're free to build i2p with any JDK, as long as" + ewarn 'the JVM you run it with is one of the above listed and from the same or a newer generation' + ewarn 'as the one you built with.' +} diff --git a/net-vpn/i2p/i2p-0.9.28.ebuild b/net-vpn/i2p/i2p-0.9.28.ebuild new file mode 100644 index 000000000000..103ad6ed5e12 --- /dev/null +++ b/net-vpn/i2p/i2p-0.9.28.ebuild @@ -0,0 +1,152 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit eutils java-pkg-2 java-ant-2 systemd user + +DESCRIPTION="A privacy-centric, anonymous network." +HOMEPAGE="https://geti2p.net" +SRC_URI="https://download.i2p2.de/releases/${PV}/i2psource_${PV}.tar.bz2" + +LICENSE="Apache-2.0 Artistic BSD CC-BY-2.5 CC-BY-3.0 CC-BY-SA-3.0 EPL-1.0 GPL-2 GPL-3 LGPL-2.1 LGPL-3 MIT public-domain WTFPL-2" +SLOT="0" + +# Until the deps reach other arches +KEYWORDS="~amd64 ~x86" +IUSE="+ecdsa nls" + +# dev-java/ant-core is automatically added due to java-ant-2.eclass +CP_DEPEND="dev-java/bcprov:1.50 + dev-java/jrobin:0 + dev-java/slf4j-api:0 + dev-java/tomcat-jstl-impl:0 + dev-java/tomcat-jstl-spec:0 + dev-java/java-service-wrapper:0" + +DEPEND="${CP_DEPEND} + dev-java/eclipse-ecj:* + dev-libs/gmp:0 + nls? ( >=sys-devel/gettext-0.19 ) + >=virtual/jdk-1.7" + +RDEPEND="${CP_DEPEND} + ecdsa? ( + || ( + dev-java/icedtea:7[-sunec] + dev-java/icedtea:8[-sunec] + dev-java/icedtea-bin:7 + dev-java/icedtea-bin:8 + dev-java/oracle-jre-bin + dev-java/oracle-jdk-bin + ) + ) + !ecdsa? ( >=virtual/jre-1.7 )" + +EANT_BUILD_TARGET="pkg" +JAVA_ANT_ENCODING="UTF-8" + +I2P_ROOT='/usr/share/i2p' +I2P_CONFIG_HOME='/var/lib/i2p' +I2P_CONFIG_DIR="${I2P_CONFIG_HOME}/.i2p" + +RES_DIR='installer/resources' + +PATCHES=( + "${FILESDIR}/${P}-add_libs.patch" +) + +pkg_setup() { + java-pkg-2_pkg_setup + + enewgroup i2p + enewuser i2p -1 -1 "${I2P_CONFIG_HOME}" i2p +} + +src_unpack() { + unpack ${A} + cd "${S}" || die + java-ant_rewrite-classpath +} + +src_prepare() { + java-pkg-2_src_prepare + + # We're on GNU/Linux, we don't need .exe files + echo "noExe=true" > override.properties || die + if ! use nls; then + echo "require.gettext=false" >> override.properties || die + fi + + # avoid auto starting browser + sed -i 's|clientApp.4.startOnLoad=true|clientApp.4.startOnLoad=false|' \ + "${RES_DIR}/clients.config" || die + + # we do it now so we can resolve path after + default + + # replace paths as the installer would + sed -i "s|%INSTALL_PATH|${I2P_ROOT}|" \ + "${RES_DIR}/"{eepget,i2prouter,runplain.sh} || die + sed -i "s|\$INSTALL_PATH|${I2P_ROOT}|" "${RES_DIR}/wrapper.config" || die + sed -i "s|%SYSTEM_java_io_tmpdir|${I2P_CONFIG_DIR}|" \ + "${RES_DIR}/"{i2prouter,runplain.sh} || die + sed -i "s|%USER_HOME|${I2P_CONFIG_HOME}|" "${RES_DIR}/i2prouter" || die +} + +src_install() { + # cd into pkg-temp. + cd "${S}/pkg-temp" || die + + # This is ugly, but to satisfy all non-system .jar dependencies, jetty + # would need to be packaged. It would be too large a task + # for an unseasoned developer. This seems to be the most pragmatic solution + java-pkg_jarinto "${I2P_ROOT}/lib" + local i + for i in BOB commons-el commons-logging i2p i2psnark i2ptunnel \ + jasper-compiler jasper-runtime javax.servlet jbigi jetty* mstreaming org.mortbay.* router* \ + sam standard streaming systray; do + java-pkg_dojar lib/${i}.jar + done + + # Set up symlinks for binaries + dosym /usr/bin/wrapper "${I2P_ROOT}/i2psvc" + dosym "${I2P_ROOT}/i2prouter" /usr/bin/i2prouter + dosym "${I2P_ROOT}/eepget" /usr/bin/eepget + + # Install main files and basic documentation + exeinto "${I2P_ROOT}" + insinto "${I2P_ROOT}" + doins blocklist.txt hosts.txt *.config + doexe eepget i2prouter runplain.sh + dodoc history.txt INSTALL-headless.txt LICENSE.txt + doman man/* + + # Install other directories + doins -r certificates docs eepsite geoip scripts + dodoc -r licenses + java-pkg_dowar webapps/*.war + + # Install daemon files + newinitd "${FILESDIR}/${P}.initd" i2p + systemd_newunit "${FILESDIR}/${P}.service" i2p.service + + # setup user + keepdir "${I2P_CONFIG_DIR}" + fowners -R i2p:i2p "${I2P_CONFIG_DIR}" +} + +pkg_postinst() { + elog "Custom configuration belongs in ${I2P_CONFIG_DIR} to avoid being overwritten." + elog 'I2P can be configured through the web interface at http://localhost:7657/console' + + if use !ecdsa + then + ewarn 'Currently, the i2p team does not enforce to use ECDSA keys. But it is more and' + ewarn 'more pushed. To help the network, you are recommended to have the ecdsa USE.' + ewarn + ewarn "This is purely a run-time issue. You're free to build i2p with any JDK, as long as" + ewarn 'the JVM you run it with is one of the above listed and from the same or a newer generation' + ewarn 'as the one you built with.' + fi +} diff --git a/net-vpn/i2p/metadata.xml b/net-vpn/i2p/metadata.xml new file mode 100644 index 000000000000..52ff64217713 --- /dev/null +++ b/net-vpn/i2p/metadata.xml @@ -0,0 +1,27 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="person"> + <email>tharvik@gmail.com</email> + <name>Tharvik</name> + <description>Proxy-maintainer; add or CC them for bugs</description> +</maintainer> +<maintainer type="person"> + <email>tomboy64@sina.cn</email> + <name>M.B.</name> + <description>Proxy-maintainer; add or CC them for bugs</description> +</maintainer> +<maintainer type="project"> + <email>java@gentoo.org</email> + <name>Java</name> +</maintainer> +<maintainer type="project"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> +</maintainer> +<longdescription>I2P is an anonymous network, exposing a simple layer that applications can use to anonymously and securely send messages to each other.</longdescription> +<use> + <flag name="ecdsa">Enables additional checks to make sure a setup is available that is capable of using I2Ps ECDSA provisions. I2P will work without it, but you will likely see warnings.</flag> + <flag name="nls">Adds Native Language Support using GNU gettext.</flag> +</use> +</pkgmetadata> diff --git a/net-vpn/i2pd/Manifest b/net-vpn/i2pd/Manifest new file mode 100644 index 000000000000..b322a15a60c6 --- /dev/null +++ b/net-vpn/i2pd/Manifest @@ -0,0 +1,2 @@ +DIST i2pd-2.11.0.tar.gz 3091516 SHA256 4d7946e33a6a1dd4439590ea23b494f36e6fbcb81f7b36857bf264413a19e9db SHA512 c4964c23f6852e6ce225de6f6f03ce4e5c52a6ec2b925b82c01be574b14196112079ada5864b10f353c3dd385645db550d5ce290647b6d980225a79c64f19ddb WHIRLPOOL f2a4c42ad2df09188b5be8fad23f7f2ec2080e17b980b55c1647c13499c6b3cce88d6e9c2fbfd34bf8783a0b52c15659775351835ae181e58357c455ebb1dea1 +DIST i2pd-2.12.0.tar.gz 3150471 SHA256 afb763aea2a4f4b51e327352d5da82ec08e84735d28db9af7710563a117fc648 SHA512 70b6143e713d43e24b780239aed899fb17d6224ef053020c738369ca110241e4624ae5c69b04a75a037b68094d3030be5296509ff699905ef7c175447d093232 WHIRLPOOL 8b5fb9a5123ce700a646de72a81e476b3545ad62f4bb8d143438bc1e1b6393b381e13224b3d538fa063d24b732588df5b3abe9b2d5485473d83038f01d296b4e diff --git a/net-vpn/i2pd/files/99i2pd b/net-vpn/i2pd/files/99i2pd new file mode 100644 index 000000000000..3cf3b46797c4 --- /dev/null +++ b/net-vpn/i2pd/files/99i2pd @@ -0,0 +1 @@ +CONFIG_PROTECT="/var/lib/i2pd/certificates" diff --git a/net-vpn/i2pd/files/i2pd-2.5.1-fix_installed_components.patch b/net-vpn/i2pd/files/i2pd-2.5.1-fix_installed_components.patch new file mode 100644 index 000000000000..0416901117c5 --- /dev/null +++ b/net-vpn/i2pd/files/i2pd-2.5.1-fix_installed_components.patch @@ -0,0 +1,30 @@ +--- a/build/CMakeLists.txt.old 2016-02-04 21:30:50.954251000 +0100 ++++ b/build/CMakeLists.txt 2016-02-04 21:34:50.457793484 +0100 +@@ -356,10 +356,6 @@ + endif () + endif () + +-install(FILES ../LICENSE +- DESTINATION . +- COMPONENT Runtime +- ) + # Take a copy on Appveyor + install(FILES "C:/projects/openssl-$ENV{OPENSSL}/LICENSE" + DESTINATION . +@@ -369,7 +365,6 @@ + ) + + file(GLOB_RECURSE I2PD_SOURCES "../*.cpp" "../build" "../Win32" "../Makefile*") +-install(FILES ${I2PD_SOURCES} DESTINATION src/ COMPONENT Source) + # install(DIRECTORY ../ DESTINATION src/ + # # OPTIONAL + # COMPONENT Source FILES_MATCHING +@@ -378,7 +373,7 @@ + # ) + + file(GLOB I2PD_HEADERS "../*.h") +-install(FILES ${I2PD_HEADERS} DESTINATION src/ COMPONENT Headers) ++install(FILES ${I2PD_HEADERS} DESTINATION "include/${PROJECT_NAME}" COMPONENT Headers) + # install(DIRECTORY ../ DESTINATION src/ + # # OPTIONAL + # COMPONENT Headers FILES_MATCHING diff --git a/net-vpn/i2pd/files/i2pd-2.6.0-r3.confd b/net-vpn/i2pd/files/i2pd-2.6.0-r3.confd new file mode 100644 index 000000000000..d2ef16b0f61c --- /dev/null +++ b/net-vpn/i2pd/files/i2pd-2.6.0-r3.confd @@ -0,0 +1,12 @@ +I2PD_USER=i2pd +I2PD_GROUP=i2pd +I2PD_LOG=/var/log/i2pd.log +I2PD_PID=/run/i2pd/i2pd.pid + +# max number of open files (for floodfill) +rc_ulimit="-n 4096" + +# Options to i2pd +I2PD_OPTIONS="--daemon --service --pidfile=${I2PD_PID} \ +--log=file --logfile=${I2PD_LOG} \ +--conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf" diff --git a/net-vpn/i2pd/files/i2pd-2.6.0-r3.initd b/net-vpn/i2pd/files/i2pd-2.6.0-r3.initd new file mode 100644 index 000000000000..09c83927b206 --- /dev/null +++ b/net-vpn/i2pd/files/i2pd-2.6.0-r3.initd @@ -0,0 +1,45 @@ +#!/sbin/openrc-run +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="C++ daemon for accessing the I2P network" +description_graceful="Graceful shutdown, takes 10 minutes" + +command="/usr/bin/i2pd" +command_args="${I2PD_OPTIONS}" +user="${I2PD_USER}:${I2PD_GROUP}" +start_stop_daemon_args=" + --user \"${user}\" + --pidfile \"${I2PD_PID}\" + --progress --retry 'SIGTERM/20/SIGKILL/20' +" +I2PD_PID_DIR=$(dirname "${I2PD_PID}") + +extra_started_commands="graceful" + +depend() { + use dns logger netmount +} + +start_pre() { + if [ -z "${I2PD_USER}" ] || \ + [ -z "${I2PD_GROUP}" ] || \ + [ -z "${I2PD_PID}" ] || \ + [ -z "${I2PD_LOG}" ] || \ + [ -z "${I2PD_OPTIONS}" ] ; then + eerror "Not all variables I2PD_USER, I2PD_GROUP, I2PD_PID, I2PD_OPTIONS, I2PD_LOG are defined." + eerror "Check your /etc/conf.d/i2pd." + return 1 + fi + checkpath -f -o "${user}" "${I2PD_LOG}" + checkpath -d -m 0750 -o "${user}" "${I2PD_PID_DIR}" +} + +graceful() { + # on SIGINT, i2pd stops accepting tunnels and shuts down in 600 seconds + ebegin "Gracefully stopping i2pd, this takes 10 minutes" + mark_service_stopping + eval start-stop-daemon --stop ${start_stop_daemon_args} \ + --exec "${command}" --retry 'SIGINT/620/SIGTERM/20/SIGKILL/20' + eend $? && mark_service_stopped +} diff --git a/net-vpn/i2pd/files/i2pd-2.6.0-r3.logrotate b/net-vpn/i2pd/files/i2pd-2.6.0-r3.logrotate new file mode 100644 index 000000000000..251128b7be78 --- /dev/null +++ b/net-vpn/i2pd/files/i2pd-2.6.0-r3.logrotate @@ -0,0 +1,11 @@ +/var/log/i2pd.log { + rotate 4 + weekly + missingok + notifempty + create 640 i2pd i2pd + postrotate + /bin/kill -HUP $(cat /run/i2pd/i2pd.pid) + endscript +} + diff --git a/net-vpn/i2pd/files/i2pd-2.6.0-r3.service b/net-vpn/i2pd/files/i2pd-2.6.0-r3.service new file mode 100644 index 000000000000..6821a00552df --- /dev/null +++ b/net-vpn/i2pd/files/i2pd-2.6.0-r3.service @@ -0,0 +1,21 @@ +[Unit] +Description=C++ daemon for accessing the I2P network +After=network.target + +[Service] +Type=forking +Restart=on-abnormal +PIDFile=/run/i2pd/i2pd.pid +User=i2pd +Group=i2pd +LimitNOFILE=4096 +PermissionsStartOnly=yes +ExecStartPre=/bin/mkdir -p /run/i2pd +ExecStartPre=/bin/chown i2pd:i2pd /run/i2pd +ExecStartPre=/bin/touch /run/i2pd/i2pd.pid /var/log/i2pd.log +ExecStartPre=/bin/chown i2pd:i2pd /run/i2pd/i2pd.pid /var/log/i2pd.log +ExecStart=/usr/bin/i2pd --daemon --service --pidfile=/run/i2pd/i2pd.pid --log=file --logfile=/var/log/i2pd.log --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf + +[Install] +WantedBy=multi-user.target + diff --git a/net-vpn/i2pd/i2pd-2.11.0.ebuild b/net-vpn/i2pd/i2pd-2.11.0.ebuild new file mode 100644 index 000000000000..64023985fd56 --- /dev/null +++ b/net-vpn/i2pd/i2pd-2.11.0.ebuild @@ -0,0 +1,98 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +inherit eutils systemd user cmake-utils + +DESCRIPTION="A C++ daemon for accessing the I2P anonymous network" +HOMEPAGE="https://github.com/PurpleI2P/i2pd" +SRC_URI="https://github.com/PurpleI2P/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~arm ~x86" +IUSE="cpu_flags_x86_aes i2p-hardening libressl pch static +upnp" + +RDEPEND="!static? ( >=dev-libs/boost-1.49[threads] + !libressl? ( dev-libs/openssl:0[-bindist] ) + libressl? ( dev-libs/libressl ) + upnp? ( net-libs/miniupnpc ) + )" +DEPEND="${RDEPEND} + static? ( >=dev-libs/boost-1.49[static-libs,threads] + !libressl? ( dev-libs/openssl:0[static-libs] ) + libressl? ( dev-libs/libressl[static-libs] ) + upnp? ( net-libs/miniupnpc[static-libs] ) ) + i2p-hardening? ( >=sys-devel/gcc-4.7 ) + || ( >=sys-devel/gcc-4.7 >=sys-devel/clang-3.3 )" + +I2PD_USER=i2pd +I2PD_GROUP=i2pd + +CMAKE_USE_DIR="${S}/build" + +DOCS=( README.md docs/i2pd.conf docs/tunnels.conf ) + +PATCHES=( "${FILESDIR}/${PN}-2.5.1-fix_installed_components.patch" ) + +src_configure() { + mycmakeargs=( + -DWITH_AESNI=$(usex cpu_flags_x86_aes ON OFF) + -DWITH_HARDENING=$(usex i2p-hardening ON OFF) + -DWITH_PCH=$(usex pch ON OFF) + -DWITH_STATIC=$(usex static ON OFF) + -DWITH_UPNP=$(usex upnp ON OFF) + -DWITH_LIBRARY=ON + -DWITH_BINARY=ON + ) + cmake-utils_src_configure +} + +src_install() { + cmake-utils_src_install + + # config + insinto /etc/i2pd + doins docs/i2pd.conf + doins docs/tunnels.conf + + # grant i2pd group read and write access to config files + fowners "root:${I2PD_GROUP}" \ + /etc/i2pd/i2pd.conf \ + /etc/i2pd/tunnels.conf + fperms 660 \ + /etc/i2pd/i2pd.conf \ + /etc/i2pd/tunnels.conf + + # working directory + keepdir /var/lib/i2pd + insinto /var/lib/i2pd + doins -r contrib/certificates + fowners "${I2PD_USER}:${I2PD_GROUP}" /var/lib/i2pd/ + fperms 700 /var/lib/i2pd/ + + # add /var/lib/i2pd/certificates to CONFIG_PROTECT + doenvd "${FILESDIR}/99i2pd" + + # openrc and systemd daemon routines + newconfd "${FILESDIR}/i2pd-2.6.0-r3.confd" i2pd + newinitd "${FILESDIR}/i2pd-2.6.0-r3.initd" i2pd + systemd_newunit "${FILESDIR}/i2pd-2.6.0-r3.service" i2pd.service + + # logrotate + insinto /etc/logrotate.d + newins "${FILESDIR}/i2pd-2.6.0-r3.logrotate" i2pd +} + +pkg_setup() { + enewgroup "${I2PD_GROUP}" + enewuser "${I2PD_USER}" -1 -1 /var/lib/run/i2pd "${I2PD_GROUP}" +} + +pkg_postinst() { + if [[ -f ${EROOT%/}/etc/i2pd/subscriptions.txt ]]; then + ewarn + ewarn "Configuration of the subscriptions has been moved from" + ewarn "subscriptions.txt to i2pd.conf. We recommend updating" + ewarn "i2pd.conf accordingly and deleting subscriptions.txt." + fi +} diff --git a/net-vpn/i2pd/i2pd-2.12.0.ebuild b/net-vpn/i2pd/i2pd-2.12.0.ebuild new file mode 100644 index 000000000000..64023985fd56 --- /dev/null +++ b/net-vpn/i2pd/i2pd-2.12.0.ebuild @@ -0,0 +1,98 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +inherit eutils systemd user cmake-utils + +DESCRIPTION="A C++ daemon for accessing the I2P anonymous network" +HOMEPAGE="https://github.com/PurpleI2P/i2pd" +SRC_URI="https://github.com/PurpleI2P/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~arm ~x86" +IUSE="cpu_flags_x86_aes i2p-hardening libressl pch static +upnp" + +RDEPEND="!static? ( >=dev-libs/boost-1.49[threads] + !libressl? ( dev-libs/openssl:0[-bindist] ) + libressl? ( dev-libs/libressl ) + upnp? ( net-libs/miniupnpc ) + )" +DEPEND="${RDEPEND} + static? ( >=dev-libs/boost-1.49[static-libs,threads] + !libressl? ( dev-libs/openssl:0[static-libs] ) + libressl? ( dev-libs/libressl[static-libs] ) + upnp? ( net-libs/miniupnpc[static-libs] ) ) + i2p-hardening? ( >=sys-devel/gcc-4.7 ) + || ( >=sys-devel/gcc-4.7 >=sys-devel/clang-3.3 )" + +I2PD_USER=i2pd +I2PD_GROUP=i2pd + +CMAKE_USE_DIR="${S}/build" + +DOCS=( README.md docs/i2pd.conf docs/tunnels.conf ) + +PATCHES=( "${FILESDIR}/${PN}-2.5.1-fix_installed_components.patch" ) + +src_configure() { + mycmakeargs=( + -DWITH_AESNI=$(usex cpu_flags_x86_aes ON OFF) + -DWITH_HARDENING=$(usex i2p-hardening ON OFF) + -DWITH_PCH=$(usex pch ON OFF) + -DWITH_STATIC=$(usex static ON OFF) + -DWITH_UPNP=$(usex upnp ON OFF) + -DWITH_LIBRARY=ON + -DWITH_BINARY=ON + ) + cmake-utils_src_configure +} + +src_install() { + cmake-utils_src_install + + # config + insinto /etc/i2pd + doins docs/i2pd.conf + doins docs/tunnels.conf + + # grant i2pd group read and write access to config files + fowners "root:${I2PD_GROUP}" \ + /etc/i2pd/i2pd.conf \ + /etc/i2pd/tunnels.conf + fperms 660 \ + /etc/i2pd/i2pd.conf \ + /etc/i2pd/tunnels.conf + + # working directory + keepdir /var/lib/i2pd + insinto /var/lib/i2pd + doins -r contrib/certificates + fowners "${I2PD_USER}:${I2PD_GROUP}" /var/lib/i2pd/ + fperms 700 /var/lib/i2pd/ + + # add /var/lib/i2pd/certificates to CONFIG_PROTECT + doenvd "${FILESDIR}/99i2pd" + + # openrc and systemd daemon routines + newconfd "${FILESDIR}/i2pd-2.6.0-r3.confd" i2pd + newinitd "${FILESDIR}/i2pd-2.6.0-r3.initd" i2pd + systemd_newunit "${FILESDIR}/i2pd-2.6.0-r3.service" i2pd.service + + # logrotate + insinto /etc/logrotate.d + newins "${FILESDIR}/i2pd-2.6.0-r3.logrotate" i2pd +} + +pkg_setup() { + enewgroup "${I2PD_GROUP}" + enewuser "${I2PD_USER}" -1 -1 /var/lib/run/i2pd "${I2PD_GROUP}" +} + +pkg_postinst() { + if [[ -f ${EROOT%/}/etc/i2pd/subscriptions.txt ]]; then + ewarn + ewarn "Configuration of the subscriptions has been moved from" + ewarn "subscriptions.txt to i2pd.conf. We recommend updating" + ewarn "i2pd.conf accordingly and deleting subscriptions.txt." + fi +} diff --git a/net-vpn/i2pd/metadata.xml b/net-vpn/i2pd/metadata.xml new file mode 100644 index 000000000000..80f4f859ab46 --- /dev/null +++ b/net-vpn/i2pd/metadata.xml @@ -0,0 +1,28 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>kaikaikai@yandex.ru</email> + <name>Alexey Korepanov</name> + </maintainer> + <maintainer type="person"> + <email>klondike@gentoo.org</email> + <name>Francisco Blas Izquierdo Riera</name> + </maintainer> + <maintainer type="person"> + <email>blueness@gentoo.org</email> + <name>Anthony G. Basile</name> + </maintainer> + <maintainer type="person"> + <email>tomboy64@sina.cn</email> + <name>Proxy maintainer. Please subscribe to bugs.</name> + </maintainer> + <use> + <flag name="i2p-hardening"> + Compile with hardening on vanilla compilers/linkers + </flag> + </use> + <upstream> + <remote-id type="github">PurpleI2P/i2pd</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-vpn/iodine/Manifest b/net-vpn/iodine/Manifest new file mode 100644 index 000000000000..080608ceadf0 --- /dev/null +++ b/net-vpn/iodine/Manifest @@ -0,0 +1 @@ +DIST iodine-0.7.0.tar.gz 96181 SHA256 ad2b40acf1421316ec15800dcde0f587ab31d7d6f891fa8b9967c4ded93c013e SHA512 49fe4f0cf614d3400cbfdade84eb4f50430f8f92004f663a08acc1514e8ff342443a8c3f855828bbca1864a3fafe419b5256f8a80fc4024b364d4c8c953fc0ec WHIRLPOOL ac098f9a409c75768b6b2da0f755560ea932a97855df32aefe860237a28ebf1ef1b576860378575522221214d9dc65c26f0297fafe628ea770e4449217c5d593 diff --git a/net-vpn/iodine/files/iodine-0.7.0-TestMessage.patch b/net-vpn/iodine/files/iodine-0.7.0-TestMessage.patch new file mode 100644 index 000000000000..6b814b6f2d74 --- /dev/null +++ b/net-vpn/iodine/files/iodine-0.7.0-TestMessage.patch @@ -0,0 +1,12 @@ +--- iodine-0.7.0/Makefile ++++ iodine-0.7.0/Makefile +@@ -35,8 +35,7 @@ + $(RM) $(RM_FLAGS) $(DESTDIR)$(mandir)/man8/iodine.8 + + test: all +- @echo "!! The check library is required for compiling and running the tests" +- @echo "!! Get it at http://check.sf.net" ++ @echo "Executing tests target" + @(cd tests; $(MAKE) TARGETOS=$(TARGETOS) all) + + clean: diff --git a/net-vpn/iodine/files/iodine-0.7.0-new-systemd.patch b/net-vpn/iodine/files/iodine-0.7.0-new-systemd.patch new file mode 100644 index 000000000000..e18b64a086fe --- /dev/null +++ b/net-vpn/iodine/files/iodine-0.7.0-new-systemd.patch @@ -0,0 +1,16 @@ +diff --git a/src/osflags b/src/osflags +index 9eda8f0..0f8a26c 100755 +--- a/src/osflags ++++ b/src/osflags +@@ -19,7 +19,7 @@ link) + Linux) + FLAGS=""; + [ -e /usr/include/selinux/selinux.h ] && FLAGS="$FLAGS -lselinux"; +- [ -e /usr/include/systemd/sd-daemon.h ] && FLAGS="$FLAGS -lsystemd-daemon"; ++ [ -e /usr/include/systemd/sd-daemon.h ] && FLAGS="$FLAGS $(pkg-config --libs libsystemd)"; + echo $FLAGS; + ;; + esac +-- +1.9.3 + diff --git a/net-vpn/iodine/files/iodined-1.init b/net-vpn/iodine/files/iodined-1.init new file mode 100644 index 000000000000..edee6c6ac31a --- /dev/null +++ b/net-vpn/iodine/files/iodined-1.init @@ -0,0 +1,61 @@ +#!/sbin/openrc-run +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +PID_FILE="/run/iodined.pid" + +depend() { + need net +} + +start() { + ebegin "Starting iodined" + ARGS="" + if [ "$IODINED_USER" ]; then + ARGS="$ARGS -u $IODINED_USER" + fi + if [ "$IODINED_CHROOT" ]; then + ARGS="$ARGS -t $IODINED_CHROOT" + fi + if [ "$IODINED_MTU" ]; then + ARGS="$ARGS -m $IODINED_MTU" + fi + if [ "$IODINED_LISTENPORT" ]; then + ARGS="$ARGS -p $IODINED_LISTENPORT" + fi + if [ "$IODINED_EXTERN_IP" ]; then + ARGS="$ARGS -n $IODINED_EXTERN_IP" + fi + if [ "$IODINED_LOCAL_DNS_PORT" ]; then + ARGS="$ARGS -b $IODINED_LOCAL_DNS_PORT" + fi + if [ "$IODINED_LISTENIP" ]; then + ARGS="$ARGS -l $IODINED_LISTENIP" + fi + if [ "$IODINED_PASSWD" ]; then + ARGS="$ARGS -P $IODINED_PASSWD" + else + eerror "Please set a password (IODINED_PASSWD) in /etc/conf.d/iodined!" + return 1 + fi + if [ "$IODINED_IP" ]; then + ARGS="$ARGS $IODINED_IP" + else + eerror "Please set an IP (IODINED_IP) in /etc/conf.d/iodined!" + return 1 + fi + if [ "$IODINED_DOMAIN" ]; then + ARGS="$ARGS $IODINED_DOMAIN" + else + eerror "Please set a domain (IODINED_DOMAIN) in /etc/conf.d/iodined!" + return 1 + fi + start-stop-daemon --start --exec /usr/sbin/iodined --pidfile $PID_FILE -- -F $PID_FILE $ARGS + eend $? +} + +stop() { + ebegin "Stopping iodined" + start-stop-daemon --stop --exec /usr/sbin/iodined --pidfile $PID_FILE + eend $? +} diff --git a/net-vpn/iodine/files/iodined.conf b/net-vpn/iodine/files/iodined.conf new file mode 100644 index 000000000000..7889b0892eea --- /dev/null +++ b/net-vpn/iodine/files/iodined.conf @@ -0,0 +1,44 @@ +# /etc/conf.d/iodined: config file for /etc/init.d/iodined + +# Drop privileges to this user after startup +# This is used by the -u argument. Comment out to keep running as root. +IODINED_USER="nobody" + +# Chroot to this directory after startup +# This is used by the -t argument. Comment out to avoid chroot. +IODINED_CHROOT="/var/empty" + +# This password needs to be used in all clients when they connect +# This is used by the -P argument +IODINED_PASSWD="" + +# This is the MTU (Max Transmit Unit) used in the tunnel. +# You probably dont need this field at all, downstream data will +# now be fragmented. This is used by the -m argument +#IODINED_MTU=1020 + +# The server port to listen on. You should normally not change this. +# See man page. This is used by the -p argument +#IODINED_LISTENPORT=53 + +# The IP address to return as reply to NS queries. If not set, it will +# be the destination address of the query. Used by the -n argument +#IODINED_EXTERN_IP=1.1.1.1 + +# The port used by a "real" DNS server on localhost. Queries for +# domains not handled by iodined will be forwarded to this port, +# and answers will be routed back. Used by the -b argument +#IODINED_LOCAL_DNS_PORT=5353 + +# The IP number to listen on. +# This is used by the -l argument +#IODINED_LISTENIP=127.0.0.1 + +# This IP number will be used by the local tun device. +IODINED_IP="172.28.0.1" + +# Use subdomains to this domain for network tunneling +# If a real domain is used, it should be delegated to this server with +# a NS entry in the domain zone (see man page) +IODINED_DOMAIN="blah.abc" + diff --git a/net-vpn/iodine/iodine-0.7.0-r2.ebuild b/net-vpn/iodine/iodine-0.7.0-r2.ebuild new file mode 100644 index 000000000000..a45c117fe2a1 --- /dev/null +++ b/net-vpn/iodine/iodine-0.7.0-r2.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit linux-info eutils toolchain-funcs + +DESCRIPTION="IP over DNS tunnel" +HOMEPAGE="http://code.kryo.se/iodine/" +SRC_URI="http://code.kryo.se/${PN}/${P}.tar.gz" + +CONFIG_CHECK="~TUN" + +LICENSE="ISC GPL-2" #GPL-2 for init script bug #426060 +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="test" + +RDEPEND="sys-libs/zlib" +DEPEND="${RDEPEND} + test? ( dev-libs/check )" + +src_prepare(){ + epatch "${FILESDIR}"/${P}-TestMessage.patch + epatch "${FILESDIR}"/${P}-new-systemd.patch + + sed -e '/^\s@echo \(CC\|LD\)/d' \ + -e 's:^\(\s\)@:\1:' \ + -i {,src/}Makefile || die + + tc-export CC +} + +src_compile() { + #shipped ./Makefiles doesn't pass -j<n> to submake + emake -C src TARGETOS=Linux all +} + +src_install() { + #don't re-run submake + sed -e '/^install:/s: all: :' \ + -i Makefile || die + emake prefix="${EPREFIX}"usr DESTDIR="${D}" install + + dodoc CHANGELOG README TODO + + newinitd "${FILESDIR}"/iodined-1.init iodined + newconfd "${FILESDIR}"/iodined.conf iodined + keepdir /var/empty + fperms 600 /etc/conf.d/iodined +} diff --git a/net-vpn/iodine/metadata.xml b/net-vpn/iodine/metadata.xml new file mode 100644 index 000000000000..073848fe4147 --- /dev/null +++ b/net-vpn/iodine/metadata.xml @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>root@kryo.se</email> + <name>Erik Ekman</name> + </maintainer> + <maintainer type="person"> + <email>zx2c4@gentoo.org</email> + <name>Jason A. Donenfeld</name> + </maintainer> + <maintainer type="project"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <longdescription>iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed</longdescription> +</pkgmetadata> diff --git a/net-vpn/isatapd/Manifest b/net-vpn/isatapd/Manifest new file mode 100644 index 000000000000..e74c4cf5662d --- /dev/null +++ b/net-vpn/isatapd/Manifest @@ -0,0 +1 @@ +DIST isatapd-0.9.7.tar.gz 111524 SHA256 927e1bb5fff4582723c642b41561c5ee6d57b15d05c19ea00c589168898897fa SHA512 3ddfc8385b666ec8c0552c7b46841f2b5e8ebb5d9aa3119a9a6d4cacea728cb81dced802d51b7c98da4bbb839de6fe68ef1bc5f62914b48638b6f168fc06100a WHIRLPOOL 8f5cde92cf61ef2cd1c0027802a18ec0aba8e8c0935be30650c62a22f011e03e255976e4858a7490844ab55afee6e83303f616e95fb72c13c61db8ad8e7895a4 diff --git a/net-vpn/isatapd/files/isatapd.service-r2 b/net-vpn/isatapd/files/isatapd.service-r2 new file mode 100644 index 000000000000..8d695eda35ca --- /dev/null +++ b/net-vpn/isatapd/files/isatapd.service-r2 @@ -0,0 +1,15 @@ +[Unit] +Description=ISATAP Client for Linux +After=network.target nss-lookup.target + +[Service] +ExecStart=/usr/sbin/isatapd ${DAEMON_OPTS} \ + --interval ${ISATAP_INTERVAL} \ + --name ${ISATAP_NAME} \ + --link ${ISATAP_LINK} \ + --mtu ${ISATAP_MTU} \ + --check-dns ${ISATAP_CHECK_DNS} \ + ${ISATAP_ROUTERS} + +[Install] +WantedBy=multi-user.target diff --git a/net-vpn/isatapd/files/isatapd.service.conf b/net-vpn/isatapd/files/isatapd.service.conf new file mode 100644 index 000000000000..87fe0be4a23d --- /dev/null +++ b/net-vpn/isatapd/files/isatapd.service.conf @@ -0,0 +1,30 @@ +[Service] +# A space separated list of one or more hostnames/IPv4 addresses to use as +# potential routers. +# The default is the unqualified hostname 'isatap' +Environment="ISATAP_ROUTERS=isatap" + +# Interval in seconds to send router solicitations. +# Default (unset): 'auto' +Environment="ISATAP_INTERVAL=auto" + +# Interval in seconds to check for DNS changes. Set to 0 to disable. +# Default: 3600 +Environment="ISATAP_CHECK_DNS=3600" + +# Link tunnel to device +# Default (unset): automatically find outgoing device +Environment="ISATAP_LINK=auto" + +# The name of the ISATAP tunnel device +# Default is 'is0' if ISATAP_LINK is unset and 'is_${ISATAP_LINK}' otherwise. +Environment="ISATAP_NAME=auto" + +# IPv6 MTU of the created ISATAP tunnel interface. The IPv4 path to +# the ISATAP router and all other ISATAP clients should be able to +# handle at least MTU+20 bytes. +# The minimum IPv6 MTU (1280 Bytes) is the safest choice here +Environment="ISATAP_MTU=1280" + +# Additional options, see isatapd(8) for details +Environment="DAEMON_OPTS=" diff --git a/net-vpn/isatapd/isatapd-0.9.7-r2.ebuild b/net-vpn/isatapd/isatapd-0.9.7-r2.ebuild new file mode 100644 index 000000000000..9474bf9461e8 --- /dev/null +++ b/net-vpn/isatapd/isatapd-0.9.7-r2.ebuild @@ -0,0 +1,34 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 +inherit linux-info systemd + +DESCRIPTION="creates and maintains an ISATAP tunnel (rfc5214)" +HOMEPAGE="http://www.saschahlusiak.de/linux/isatap.htm" +SRC_URI="http://www.saschahlusiak.de/linux/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="" + +DEPEND="" +RDEPEND="" + +CONFIG_CHECK="~TUN" +ERROR_TUN="CONFIG_TUN is needed for isatapd to work" + +src_prepare() { + sed -e '/^opts/s:opts:extra_started_commands:' \ + -i openrc/isatapd.init.d || die +} + +src_install() { + default + + newinitd openrc/isatapd.init.d isatapd + newconfd openrc/isatapd.conf.d isatapd + systemd_newunit "${FILESDIR}"/${PN}.service-r2 ${PN}.service + systemd_install_serviced "${FILESDIR}"/${PN}.service.conf +} diff --git a/net-vpn/isatapd/metadata.xml b/net-vpn/isatapd/metadata.xml new file mode 100644 index 000000000000..a535b8852829 --- /dev/null +++ b/net-vpn/isatapd/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="person"> +<email>xmw@gentoo.org</email> +<name>Michael Weber</name> +</maintainer> +</pkgmetadata> diff --git a/net-vpn/miredo/Manifest b/net-vpn/miredo/Manifest new file mode 100644 index 000000000000..3eb6bd6e06be --- /dev/null +++ b/net-vpn/miredo/Manifest @@ -0,0 +1,2 @@ +DIST miredo-1.2.5.tar.xz 474236 SHA256 9d6c6aacfbde0e152481273cda4dc9a62f8724c4c941fa8e0806e89ab9992262 SHA512 94bc71b7093783ad103a0aceb95ad3de1739e4ec1d763b3c6cea9bb1768f55359448957f623ee3f966955c555bb9f71ff0216d9d4e8d2ff244bb058731702c70 WHIRLPOOL 45b38f19fc50bb5661dcc51166c721c507d70b29072c7a2c3195c093ec91259dfbcdc40e3889f5242af79cf2f04fb7fdb3e48f7bd2cc15d6262813891fa9624c +DIST miredo-1.2.6.tar.xz 477668 SHA256 fa26d2f4a405415833669e2e2e22677b225d8f83600844645d5683535ea43149 SHA512 9cbc604aecde566f921834a220be7675981e1c603cbcc81c3e2e9c58fdcdae2e78ec6ffc180939d5b8f6d7598ba3967270532b2c0c04de8b688a86c436719caf WHIRLPOOL 5b2723568e1cc583e15b32dbb578c12438ba30802bc1e11a912829c010d655d8a867f8070e1b9a4a2c1c910ca4abc1ef6109d87372f382e8787d4514d035d513 diff --git a/net-vpn/miredo/files/miredo-1.2.5-configure-libcap.diff b/net-vpn/miredo/files/miredo-1.2.5-configure-libcap.diff new file mode 100644 index 000000000000..cffdbf1e562e --- /dev/null +++ b/net-vpn/miredo/files/miredo-1.2.5-configure-libcap.diff @@ -0,0 +1,33 @@ +--- configure.ac.ori 2012-06-14 21:55:13.756603416 +0200 ++++ configure.ac 2012-06-14 23:12:01.425399836 +0200 +@@ -150,16 +150,23 @@ + + # POSIX capabilities + LIBCAP="" +-AC_CHECK_HEADERS([sys/capability.h], [ +- AC_CHECK_LIB(cap, cap_set_proc, [ +- LIBCAP="-lcap" +- AC_DEFINE(HAVE_LIBCAP, 1, +- [Define to 1 if you have the `cap' library (-lcap).]) +- ]) ++AC_ARG_WITH(libcap, ++ AS_HELP_STRING([--with-libcap], [enable POSIX 1003.1e capabilities]), ++ with_libcap=$withval, ++ with_libcap=auto) ++AC_MSG_CHECKING([whether to enable POSIX 1003.1e capabilities]) ++AC_MSG_RESULT($with_libcap) ++ ++AS_IF([test "x$with_libcap" != "xno"], [ ++ AC_CHECK_HEADERS([sys/capability.h]) ++ AC_CHECK_LIB(cap, cap_set_proc, [ ++ LIBCAP="-lcap" ++ AC_DEFINE(HAVE_LIBCAP, 1, ++ [Define to 1 if you have the cap library (-lcap).]) ++ ]) + ]) + AC_SUBST(LIBCAP) + +- + # Judy + AC_ARG_WITH(Judy, + [AS_HELP_STRING(--with-Judy, diff --git a/net-vpn/miredo/files/miredo-1.2.5-ip-path.patch b/net-vpn/miredo/files/miredo-1.2.5-ip-path.patch new file mode 100644 index 000000000000..1d7b0fc39f6e --- /dev/null +++ b/net-vpn/miredo/files/miredo-1.2.5-ip-path.patch @@ -0,0 +1,28 @@ +Index: miredo-1.2.5/misc/client-hook.iproute +=================================================================== +--- miredo-1.2.5.orig/misc/client-hook.iproute ++++ miredo-1.2.5/misc/client-hook.iproute +@@ -5,7 +5,10 @@ + # Distributed under the terms of the GNU General Public License version 2. + + # Linux iproute2 path: +-IP="/sbin/ip" ++IP="ip" ++ ++test -x "/sbin/ip" && IP=/sbin/ip ++test -x "/bin/ip" && IP=/bin/ip + + # Linux default route default metric is 1024 + # (we put 1029 so that Teredo is used as a last resort): +@@ -23,11 +26,6 @@ PRIO=32765 + # (default: specified by the Teredo server, or 1280) + #MTU=1400 + +-if ! test -x "$IP"; then +- echo "$0: iproute2 is required! Please install it." >&2 +- exit 1 +-fi +- + # Nothing to do with destroy event + if test "$STATE" = "destroy"; then exit 0; fi + diff --git a/net-vpn/miredo/files/miredo.conf.2 b/net-vpn/miredo/files/miredo.conf.2 new file mode 100644 index 000000000000..f4ef08a23112 --- /dev/null +++ b/net-vpn/miredo/files/miredo.conf.2 @@ -0,0 +1,2 @@ +# Options to pass to the daemon +EXTRA_OPTS="" diff --git a/net-vpn/miredo/files/miredo.rc.2 b/net-vpn/miredo/files/miredo.rc.2 new file mode 100644 index 000000000000..c0ae6d0d1495 --- /dev/null +++ b/net-vpn/miredo/files/miredo.rc.2 @@ -0,0 +1,13 @@ +#!/sbin/openrc-run +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + need localmount + after net modules + use dns logger +} + +command=/usr/sbin/${SVCNAME} +command_args="${MIREDO_OPTS}" +pidfile=/var/run/${SVCNAME}.pid diff --git a/net-vpn/miredo/metadata.xml b/net-vpn/miredo/metadata.xml new file mode 100644 index 000000000000..52ee8970cb99 --- /dev/null +++ b/net-vpn/miredo/metadata.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="person"> + <email>xmw@gentoo.org</email> + <name>Michael Weber</name> +</maintainer> +<longdescription lang="en"> +Miredo is an open-source Teredo IPv6 tunneling software, for Linux and the +BSD operating systems. It includes functional implementations of all +components of the Teredo specification (client, relay and server). It is +meant to provide IPv6 connectivity even from behind NAT devices. +</longdescription> +</pkgmetadata> diff --git a/net-vpn/miredo/miredo-1.2.5-r2.ebuild b/net-vpn/miredo/miredo-1.2.5-r2.ebuild new file mode 100644 index 000000000000..74773d853de8 --- /dev/null +++ b/net-vpn/miredo/miredo-1.2.5-r2.ebuild @@ -0,0 +1,60 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=4 + +inherit autotools eutils linux-info user + +DESCRIPTION="Miredo is an open-source Teredo IPv6 tunneling software" +HOMEPAGE="http://www.remlab.net/miredo/" +SRC_URI="http://www.remlab.net/files/${PN}/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="+caps" + +RDEPEND="sys-apps/iproute2 + dev-libs/judy + caps? ( sys-libs/libcap )" +DEPEND="${RDEPEND} + app-arch/xz-utils" + +CONFIG_CHECK="~IPV6" #318777 + +#tries to connect to external networks (#339180) +RESTRICT="test" + +DOCS=( AUTHORS ChangeLog NEWS README TODO THANKS ) + +src_prepare() { + epatch "${FILESDIR}"/${P}-configure-libcap.diff + epatch "${FILESDIR}"/${P}-ip-path.patch + eautoreconf +} + +src_configure() { + econf \ + --disable-static \ + --enable-miredo-user \ + --localstatedir=/var \ + $(use_with caps libcap) +} + +src_install() { + default + prune_libtool_files + + newinitd "${FILESDIR}"/miredo.rc.2 miredo + newconfd "${FILESDIR}"/miredo.conf.2 miredo + newinitd "${FILESDIR}"/miredo.rc.2 miredo-server + newconfd "${FILESDIR}"/miredo.conf.2 miredo-server + + insinto /etc/miredo + doins misc/miredo-server.conf +} + +pkg_preinst() { + enewgroup miredo + enewuser miredo -1 -1 /var/empty miredo +} diff --git a/net-vpn/miredo/miredo-1.2.6.ebuild b/net-vpn/miredo/miredo-1.2.6.ebuild new file mode 100644 index 000000000000..63494b5abd31 --- /dev/null +++ b/net-vpn/miredo/miredo-1.2.6.ebuild @@ -0,0 +1,60 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=4 + +inherit autotools eutils linux-info user + +DESCRIPTION="Miredo is an open-source Teredo IPv6 tunneling software" +HOMEPAGE="http://www.remlab.net/miredo/" +SRC_URI="http://www.remlab.net/files/${PN}/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="+caps" + +RDEPEND="sys-apps/iproute2 + dev-libs/judy + caps? ( sys-libs/libcap )" +DEPEND="${RDEPEND} + app-arch/xz-utils" + +CONFIG_CHECK="~IPV6" #318777 + +#tries to connect to external networks (#339180) +RESTRICT="test" + +DOCS=( AUTHORS ChangeLog NEWS README TODO THANKS ) + +src_prepare() { + epatch "${FILESDIR}"/${PN}-1.2.5-configure-libcap.diff + epatch "${FILESDIR}"/${PN}-1.2.5-ip-path.patch + eautoreconf +} + +src_configure() { + econf \ + --disable-static \ + --enable-miredo-user \ + --localstatedir=/var \ + $(use_with caps libcap) +} + +src_install() { + default + prune_libtool_files + + newinitd "${FILESDIR}"/miredo.rc.2 miredo + newconfd "${FILESDIR}"/miredo.conf.2 miredo + newinitd "${FILESDIR}"/miredo.rc.2 miredo-server + newconfd "${FILESDIR}"/miredo.conf.2 miredo-server + + insinto /etc/miredo + doins misc/miredo-server.conf +} + +pkg_preinst() { + enewgroup miredo + enewuser miredo -1 -1 /var/empty miredo +} diff --git a/net-vpn/nstx/Manifest b/net-vpn/nstx/Manifest new file mode 100644 index 000000000000..ee371c6c8439 --- /dev/null +++ b/net-vpn/nstx/Manifest @@ -0,0 +1,2 @@ +DIST nstx-1.1-beta6.tgz 20458 SHA256 57a1962a66e9cb64fe70839d852c56cd253092260eab589a8173740b75b21450 SHA512 93aa795446d1fe38239559c5a82e595ed59b37ab8ab674b1cb80c6a079ecb9e14bef87b670febe77920560239001206da4ce4875092ff5334770eb1f3447d45f WHIRLPOOL 058cda5a036446e6009250830b65929b4d22ad73507e874df2a84a72a2b595d4da54568e46545c1d7e476797e07ff3e9af9e78032751a4275cded81e28209036 +DIST nstx_1.1-beta6-5.diff.gz 10063 SHA256 ee301d0bee2a3e44f576a6c8cf1534878264f6d79a489eae5ca7237262cd0d32 SHA512 32cfada863154b83217195d3423ecb9367c7f6e56877feed197dc59fa6497fa295cbb76eeb694e658baa346beb2e288c3a45233dae9419a613d759025829a306 WHIRLPOOL 1b1dfdec95032488294b33ef1dfa39a2482ec7a6df2fb8c6c57ce84284f7e0789a74a8d7a06d31d31633acbbe3836e49bef9a91b96fe305face22b4bcc082050 diff --git a/net-vpn/nstx/files/nstx-1.1_beta6_00-linux-tuntap.patch b/net-vpn/nstx/files/nstx-1.1_beta6_00-linux-tuntap.patch new file mode 100644 index 000000000000..524fd705a86e --- /dev/null +++ b/net-vpn/nstx/files/nstx-1.1_beta6_00-linux-tuntap.patch @@ -0,0 +1,465 @@ +diff -ru nstx-1.1-beta6.orig/nstx_tuntap.c nstx-1.1-beta6/nstx_tuntap.c +--- nstx-1.1-beta6.orig/nstx_tuntap.c 2009-03-16 05:31:24.000000000 +0000 ++++ nstx-1.1-beta6/nstx_tuntap.c 2009-03-16 22:45:28.000000000 +0000 +@@ -19,13 +19,15 @@ + + #ifdef linux + #include <linux/if_tun.h> +-#define TUNDEV "/dev/net/tun" ++#define TUNINT "tun0" ++#define TUNDEVNODE "/dev/net/tun" + #else + # include <net/if_tun.h> ++# define TUNINT "NULL?" + # if __FreeBSD_version < 500000 +-# define TUNDEV "/dev/tun2" ++# define TUNDEVNODE "/dev/tun2" + # else +-# define TUNDEV "/dev/tun" ++# define TUNDEVNODE "/dev/tun" + # endif + #endif + +@@ -33,127 +35,135 @@ + + #define MAXPKT 2000 + +-#define TAPDEV "/dev/tap0" ++#define TAPINT "tap0" ++#define TAPDEVNODE "/dev/net/tun" + + int tfd = -1, nfd = -1; + static char dev[IFNAMSIZ+1]; + +-static int tun_alloc (const char *path); ++static int tun_alloc (const char * interface, const char * device_node); ++static int tap_alloc (const char * interface, const char * device_node); ++ + #ifdef linux +-static int tap_alloc (const char *path); ++static int tuntap_alloc_linux(const char * interface, const char * device_node, ++ int mode); ++#else ++static int tun_alloc_bsd(const char * interface, const char * device_node); + #endif + + void +-open_tuntap(const char *device) ++open_tuntap(const char * interface, const char * device_node, int tun) + { +- int tunerr; +-#ifdef linux +- int taperr; +-#endif ++ int err; ++ ++ if (!interface) ++ interface = (tun ? TUNINT : TAPINT); ++ ++ if (!device_node) ++ device_node = (tun ? TUNDEVNODE : TAPDEVNODE); ++ ++ fprintf(stderr, "Opening %s interface %s at %s... ", tun ? "tun" : "tap", ++ interface, device_node); ++ ++ err = (tun ? tun_alloc(interface, device_node) : tap_alloc(interface, ++ device_node)); ++ ++ if (!err) { ++ fprintf(stderr, "using interface %s\n", dev); ++ ++ if (tun) ++ fprintf(stderr, "you will now need to assign an ip and routing to " ++ "this interface\n"); ++ else ++ fprintf(stderr, "you will now need to add bridging or other rules " ++ "to this interface\n"); ++ return; ++ } + +- fprintf(stderr, "Opening tun/tap-device... "); +- if ((tunerr = tun_alloc(device ? device : TUNDEV)) ++ fprintf(stderr, "failed! (%s)\n", strerror(err)); ++ ++ fprintf(stderr, "Diagnostics: "); ++ ++ if (err == EPERM) ++ fprintf(stderr, "you usually have to be root to use nstx.\n"); ++ else if (err == ENOENT) ++ fprintf(stderr, "maybe you need kernel support -- did you modprobe " ++ "tap?\n"); ++ else if (err == ENODEV) ++ fprintf(stderr, "maybe you need kernel support -- did you modprobe " ++ "tap?\n"); + #ifdef linux +- && (taperr = tap_alloc(device ? device : TAPDEV)) ++#else ++ else if ((err == EINVAL) && !tun) ++ fprintf(stderr, "tap support is only available under linux\n"); + #endif +- ) { +- fprintf(stderr, "failed!\n" +- "Diagnostics:\nTun ("TUNDEV"): "); +- switch (tunerr) { +- case EPERM: +- fprintf(stderr, "Permission denied. You usually have to " +- "be root to use nstx.\n"); +- break; +- case ENOENT: +- fprintf(stderr, TUNDEV " not found. Please create /dev/net/ and\n" +- " mknod /dev/net/tun c 10 200 to use the tun-device\n"); +- break; +- case ENODEV: +- fprintf(stderr, "Device not available. Make sure you have " +- "kernel-support\n for the tun-device. Under linux, you " +- "need tun.o (Universal tun/tap-device)\n"); +- break; +- default: +- perror("Unexpected error"); +- break; +- } +- fprintf(stderr, "Tap ("TAPDEV"):\n(only available under linux)\n"); ++ else ++ fprintf(stderr, "none, sorry\n"); ++ ++ exit(EXIT_FAILURE); ++} ++ ++int tun_alloc(const char * interface, const char * device_node) ++{ + #ifdef linux +- switch (taperr) { +- case EPERM: +- fprintf(stderr, "Permission denied. You generally have to " +- "be root to use nstx.\n"); +- break; +- case ENOENT: +- fprintf(stderr, TAPDEV " not found. Please\n" +- " mknod /dev/tap0 c 36 16 to use the tap-device\n"); +- break; +- case ENODEV: +- fprintf(stderr, "Device not available. Make sure you have kernel-support\n" +- " for the tap-device. Under linux, you need netlink_dev.o and ethertap.o\n"); +- break; +- default: +- fprintf(stderr, "Unexpected error: %s\n", strerror(taperr)); +- break; +- } ++ return tuntap_alloc_linux(interface, device_node, IFF_TUN); ++#else ++ return tun_alloc_bsd(interface, device_node); + #endif +- exit(EXIT_FAILURE); +- } +- +- fprintf(stderr, "using device %s\n" +- "Please configure this device appropriately (IP, routes, etc.)\n", dev); + } + +-int +-tun_alloc (const char *path) ++int tap_alloc(const char * interface, const char * device_node) + { + #ifdef linux +- struct ifreq ifr; ++ return tuntap_alloc_linux(interface, device_node, IFF_TAP); + #else +- struct stat st; ++ return EINVAL; + #endif +- +- if ((tfd = open(path, O_RDWR)) < 0) +- return errno; ++} + + #ifdef linux +- memset(&ifr, 0, sizeof(ifr)); ++ ++int tuntap_alloc_linux(const char * interface, const char * device_node, ++ int mode) ++{ ++ struct ifreq ifr; ++ ++ if ((tfd = open(device_node, O_RDWR)) < 0) ++ return errno; ++ ++ memset(&ifr, 0, sizeof(ifr)); + +- ifr.ifr_flags = IFF_TUN|IFF_NO_PI; ++ ifr.ifr_flags = mode | IFF_NO_PI; ++ strncpy(ifr.ifr_name, interface, sizeof(ifr.ifr_name)); ++ ifr.ifr_name[sizeof(ifr.ifr_name) - 1] = 0; + +- if (ioctl(tfd, TUNSETIFF, (void *) &ifr) < 0) +- { +- close(tfd); +- tfd = -1; +- return errno; +- } +- strncpy(dev, ifr.ifr_name, IFNAMSIZ+1); +-#else +- fstat(tfd, &st); +- strncpy(dev, devname(st.st_rdev, S_IFCHR), IFNAMSIZ+1); +-#endif ++ if (ioctl(tfd, TUNSETIFF, (void *) &ifr) < 0) { ++ close(tfd); ++ tfd = -1; ++ return errno; ++ } ++ ++ strncpy(dev, ifr.ifr_name, IFNAMSIZ+1); + +- return 0; ++ return 0; + } + ++#else /* bsd */ + +-#ifdef linux +-int +-tap_alloc(const char *path) ++int tun_alloc_bsd(const char * interface, const char * device_node) + { +- char *ptr; +- +- if ((tfd = open(path, O_RDWR)) < 0) ++ struct stat st; ++ ++ if ((tfd = open(device_node, O_RDWR)) < 0) + return errno; +- +- if ((ptr = strrchr(path, '/'))) +- strncpy(dev, ptr+1, IFNAMSIZ+1); +- else +- strncpy(dev, path, IFNAMSIZ+1); ++ ++ fstat(tfd, &st); ++ strncpy(dev, devname(st.st_rdev, S_IFCHR), IFNAMSIZ+1); + + return 0; + } +-#endif ++ ++#endif /* linux/bsd */ + + void + open_ns(const char *ip) +diff -ru nstx-1.1-beta6.orig/nstxcd.8 nstx-1.1-beta6/nstxcd.8 +--- nstx-1.1-beta6.orig/nstxcd.8 2009-03-16 05:31:24.000000000 +0000 ++++ nstx-1.1-beta6/nstxcd.8 2009-03-16 23:16:21.000000000 +0000 +@@ -3,7 +3,7 @@ + nstxcd \- IP over DNS tunneling client + + .SH SYNOPSIS +-.B "nstxcd \fIDOMAIN\fR \fIIPADDRESS\fR" ++.B "nstxcd \fIOPTIONS\fR \fIDOMAIN\fR \fIIPADDRESS\fR" + + .SH DESCRIPTION + .B nstxcd +@@ -13,6 +13,14 @@ + .SH OPTIONS + .B nstxcd + takes the following options: ++.IP \-I tun/tap interface ++Use this tun/tap interface instead of the default (tun0/tap0) ++.IP \-d tun/tap device node ++Use this tun/tap device node instead of the default (/dev/net/tun on Linux) ++.IP \-t ++Tun mode (default) ++.IP \-T ++Tap mode + .IP "domain" + The domain that nstxcd will send requests to. This domain must be delegated + to a machine that is running nstxd. +@@ -22,9 +30,9 @@ + .SH USAGE + .Bnstxcd + should be run against a domain that has been delegated to a machine running +-nstxd. It will then take any packets that are sent to the tun0 interface and +-send them over DNS to the other tunnel endpoint. Responses will appear on +-the tun0 interface. ++nstxd. It will then take any packets that are sent to the tun/tap interface and ++send them over DNS to the other tunnel endpoint. Responses will appear on the ++tun/tap interface. + + .SH AUTHORS + +diff -ru nstx-1.1-beta6.orig/nstxcd.c nstx-1.1-beta6/nstxcd.c +--- nstx-1.1-beta6.orig/nstxcd.c 2009-03-16 05:31:24.000000000 +0000 ++++ nstx-1.1-beta6/nstxcd.c 2009-03-16 23:16:07.000000000 +0000 +@@ -55,25 +55,44 @@ + static void + usage(const char *prog, int code) + { +- fprintf(stderr, "Usage: %s [-d tun-device] <domainname> <dns-server>\n" +- "Example: %s tun.yomama.com 125.23.53.12\n", prog, prog); ++ fprintf(stderr, "Usage: %s [options] <domainname> <dns-server>\n" ++ "Where options are:\n" ++ "\t-d path (use this tun/tap device node instead of default)\n" ++ "\t-I interface (use this tun/tap interface instead of default)\n" ++#ifdef linux ++ "\t-t (tun mode, default)\n" ++ "\t-T (tap mode)\n" ++#endif ++ "example:\n" ++ "%s tun.yomama.com 125.23.53.12\n", prog, prog); + exit(code); + } + + int main (int argc, char * argv[]) { + struct nstxmsg *msg; +- const char *device = NULL; ++ const char *interface = NULL; ++ const char *device_node = NULL; + int ch; ++ int tun = 1; + + nsid = time(NULL); + + if (argc < 3) + usage(argv[0], EX_USAGE); + +- while ((ch = getopt(argc, argv, "hd:")) != -1) { ++ while ((ch = getopt(argc, argv, "hd:I:tT")) != -1) { + switch (ch) { ++ case 'I': ++ interface = optarg; ++ break; + case 'd': +- device = optarg; ++ device_node = optarg; ++ break; ++ case 't': ++ tun = 1; ++ break; ++ case 'T': ++ tun = 0; + break; + case 'h': + usage(argv[0], 0); +@@ -85,7 +104,7 @@ + dns_setsuffix(argv[optind]); + + qsettimeout(10); +- open_tuntap(device); ++ open_tuntap(interface, device_node, tun); + open_ns(argv[optind + 1]); + + for (;;) { +diff -ru nstx-1.1-beta6.orig/nstxd.8 nstx-1.1-beta6/nstxd.8 +--- nstx-1.1-beta6.orig/nstxd.8 2009-03-16 05:31:24.000000000 +0000 ++++ nstx-1.1-beta6/nstxd.8 2009-03-16 23:16:32.000000000 +0000 +@@ -3,7 +3,7 @@ + nstxd \- IP over DNS tunneling daemon + + .SH SYNOPSIS +-.B "nstxd \fIOPTION\fR \fIDOMAIN\fR" ++.B "nstxd \fIOPTIONS\fR \fIDOMAIN\fR" + + .SH DESCRIPTION + .B nstxd +@@ -14,8 +14,14 @@ + .SH OPTIONS + .B nstxd + takes the following option: +-.IP \-d tun-device +-Use this tun device instead of tun0 ++.IP \-I tun/tap interface ++Use this tun/tap interface instead of the default (tun0/tap0) ++.IP \-d tun/tap device node ++Use this tun/tap device node instead of the default (/dev/net/tun on linux) ++.IP \-t ++Tun mode (default) ++.IP \-T ++Tap mode + .IP \-i ipaddr + Bind to this IP address rather than every available address + .IP \-C dir +@@ -33,9 +39,9 @@ + .SH USAGE + A domain should be delegated to the machine that will run nstxd. nstxd should + then be run giving that domain as the only argument. nstxd will then listen +-for requests and translate them into IP packets that will appear on the tun0 +-interface. Packets sent to the tun0 interface will be transferred back to +-the client as DNS answers. ++for requests and translate them into IP packets that will appear on the given ++tun/tap interface. Packets sent to the tun/tap interface will be transferred ++back to the client as DNS answers. + + .SH AUTHORS + +diff -ru nstx-1.1-beta6.orig/nstxd.c nstx-1.1-beta6/nstxd.c +--- nstx-1.1-beta6.orig/nstxd.c 2009-03-16 05:31:24.000000000 +0000 ++++ nstx-1.1-beta6/nstxd.c 2009-03-16 23:15:30.000000000 +0000 +@@ -55,7 +55,12 @@ + { + fprintf (stderr, "usage: %s [options] <domainname>\n" + "Where options are:\n" +- "\t-d tun-device (use this tun/tap device instead of default\n" ++ "\t-d path (use this tun/tap device node instead of default)\n" ++ "\t-I interface (use this tun/tap interface instead of default)\n" ++#ifdef linux ++ "\t-t (tun mode, default)\n" ++ "\t-T (tap mode)\n" ++#endif + "\t-i ip.to.bi.nd (bind to port 53 on this IP only)\n" + "\t-C dir (chroot() to this directory after initialization)\n" + "\t-D (call daemon(3) to detach from terminal)\n" +@@ -68,13 +73,15 @@ + + int main (int argc, char *argv[]) { + signed char ch; +- const char *device = NULL, *dir = NULL; ++ const char *interface = NULL, *dir = NULL; ++ const char *device_node = NULL; + in_addr_t bindto = INADDR_ANY; + uid_t uid = 0; + int daemonize = 0; + int logmask = LOG_UPTO(LOG_INFO); ++ int tun = 1; + +- while ((ch = getopt(argc, argv, "gDC:u:hd:i:")) != -1) { ++ while ((ch = getopt(argc, argv, "gDC:u:hd:I:i:tT")) != -1) { + switch(ch) { + case 'i': + bindto = inet_addr(optarg); +@@ -84,8 +91,17 @@ + exit(EX_USAGE); + } + break; ++ case 'I': ++ interface = optarg; ++ break; + case 'd': +- device = optarg; ++ device_node = optarg; ++ break; ++ case 't': ++ tun = 1; ++ break; ++ case 'T': ++ tun = 0; + break; + case 'D': + daemonize = 1; +@@ -121,7 +137,7 @@ + + dns_setsuffix(argv[optind]); + +- open_tuntap(device); ++ open_tuntap(interface, device_node, tun); + open_ns_bind(bindto); + + if (dir) { +diff -ru nstx-1.1-beta6.orig/nstxfun.h nstx-1.1-beta6/nstxfun.h +--- nstx-1.1-beta6.orig/nstxfun.h 2009-03-16 05:31:24.000000000 +0000 ++++ nstx-1.1-beta6/nstxfun.h 2009-03-16 22:40:44.000000000 +0000 +@@ -52,7 +52,7 @@ + + /* DNS */ + +-void open_tuntap (const char *device); ++void open_tuntap (const char * interface, const char * device_node, int tun); + void open_ns (const char *ip); + void open_ns_bind(in_addr_t ip); + diff --git a/net-vpn/nstx/files/nstx-1.1_beta6_01-bind-interface-name.patch b/net-vpn/nstx/files/nstx-1.1_beta6_01-bind-interface-name.patch new file mode 100644 index 000000000000..0d65f0f6d68b --- /dev/null +++ b/net-vpn/nstx/files/nstx-1.1_beta6_01-bind-interface-name.patch @@ -0,0 +1,134 @@ +diff -ru nstx-1.1-beta6.tuntap/Makefile nstx-1.1-beta6/Makefile +--- nstx-1.1-beta6.tuntap/Makefile 2009-03-16 23:22:11.000000000 +0000 ++++ nstx-1.1-beta6/Makefile 2009-03-16 23:27:09.000000000 +0000 +@@ -1,9 +1,9 @@ + CFLAGS += -ggdb -Wall -Werror -Wsign-compare + +-NSTXD_SRCS = nstxd.c nstx_encode.c nstx_pstack.c nstx_dns.c nstx_tuntap.c nstx_queue.c ++NSTXD_SRCS = nstxd.c nstx_encode.c nstx_pstack.c nstx_dns.c nstx_tuntap.c nstx_queue.c nstx_util.c + NSTXD_OBJS = ${NSTXD_SRCS:.c=.o} + +-NSTXCD_SRCS = nstxcd.c nstx_encode.c nstx_pstack.c nstx_dns.c nstx_tuntap.o nstx_queue.c ++NSTXCD_SRCS = nstxcd.c nstx_encode.c nstx_pstack.c nstx_dns.c nstx_tuntap.o nstx_queue.c nstx_util.c + NSTXCD_OBJS = ${NSTXCD_SRCS:.c=.o} + + PROGS = nstxd nstxcd +diff -ru nstx-1.1-beta6.tuntap/nstx_util.c nstx-1.1-beta6/nstx_util.c +--- nstx-1.1-beta6.tuntap/nstx_util.c 2004-06-27 21:43:34.000000000 +0000 ++++ nstx-1.1-beta6/nstx_util.c 2009-03-16 23:28:37.000000000 +0000 +@@ -27,6 +27,10 @@ + #include <stdio.h> + #include <sys/types.h> + #include <sys/socket.h> ++#include <net/if.h> ++#include <sys/ioctl.h> ++#include <arpa/inet.h> ++#include <errno.h> + + #include "nstxfun.h" + +@@ -48,6 +52,48 @@ + close(fd); + } + ++static int iface_addr(const char * name, in_addr_t * result) { ++ int r, s; ++ struct ifreq ifr; ++ struct sockaddr_in * sin; ++ ++ s = socket(AF_INET, SOCK_DGRAM, 0); ++ ++ if (s < 0) { ++ perror("socket"); ++ return s; ++ } ++ ++ strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); ++ ifr.ifr_name[sizeof(ifr.ifr_name) - 1] = 0; ++ ++ r = ioctl(s, SIOCGIFADDR, &ifr); ++ ++ if (r < 0) { ++ perror("ioctl(SIOCGIFADDR)"); ++ return r; ++ } ++ ++ sin = (struct sockaddr_in *)&ifr.ifr_addr; ++ *result = sin->sin_addr.s_addr; ++ ++ if (*result == INADDR_ANY || *result == INADDR_NONE) { ++ fprintf(stderr, "interface %s has no assigned address\n", name); ++ return -EINVAL; ++ } ++ ++ return 0; ++} ++ ++int addr_convert(const char * s, in_addr_t * result) { ++ *result = inet_addr(s); ++ ++ if (*result != INADDR_NONE) ++ return 0; ++ ++ return iface_addr(s, result); ++} ++ + #ifdef WITH_PKTDUMP + void + pktdump (const char *prefix, unsigned short id, const char *data, +diff -ru nstx-1.1-beta6.tuntap/nstxd.8 nstx-1.1-beta6/nstxd.8 +--- nstx-1.1-beta6.tuntap/nstxd.8 2009-03-16 23:23:46.000000000 +0000 ++++ nstx-1.1-beta6/nstxd.8 2009-03-16 23:29:59.000000000 +0000 +@@ -22,8 +22,8 @@ + Tun mode (default) + .IP \-T + Tap mode +-.IP \-i ipaddr +-Bind to this IP address rather than every available address ++.IP \-i ipaddr|interface ++Bind to this IP address or interface rather than every available address + .IP \-C dir + Chroot to this directory on startup + .IP \-D +diff -ru nstx-1.1-beta6.tuntap/nstxd.c nstx-1.1-beta6/nstxd.c +--- nstx-1.1-beta6.tuntap/nstxd.c 2009-03-16 23:23:46.000000000 +0000 ++++ nstx-1.1-beta6/nstxd.c 2009-03-16 23:32:45.000000000 +0000 +@@ -61,7 +61,7 @@ + "\t-t (tun mode, default)\n" + "\t-T (tap mode)\n" + #endif +- "\t-i ip.to.bi.nd (bind to port 53 on this IP only)\n" ++ "\t-i ip|interface (bind to port 53 on this IP/interface only)\n" + "\t-C dir (chroot() to this directory after initialization)\n" + "\t-D (call daemon(3) to detach from terminal)\n" + "\t-g (enable debug messages)\n" +@@ -80,14 +80,15 @@ + int daemonize = 0; + int logmask = LOG_UPTO(LOG_INFO); + int tun = 1; ++ int r; + + while ((ch = getopt(argc, argv, "gDC:u:hd:I:i:tT")) != -1) { + switch(ch) { + case 'i': +- bindto = inet_addr(optarg); +- if (bindto == INADDR_NONE) { +- fprintf(stderr, "`%s' is not an IP-address\n", +- optarg); ++ r = addr_convert(optarg, &bindto); ++ if (r < 0) { ++ fprintf(stderr, "couldn't use interface %s: %s\n", optarg, ++ strerror(-r)); + exit(EX_USAGE); + } + break; +diff -ru nstx-1.1-beta6.tuntap/nstxfun.h nstx-1.1-beta6/nstxfun.h +--- nstx-1.1-beta6.tuntap/nstxfun.h 2009-03-16 23:23:46.000000000 +0000 ++++ nstx-1.1-beta6/nstxfun.h 2009-03-16 23:28:37.000000000 +0000 +@@ -102,4 +102,6 @@ + void pktdump (const char *, unsigned short, const char *, size_t, int); + #endif + ++int addr_convert(const char *, in_addr_t *); ++ + #endif /* _NSTXHDR_H */ diff --git a/net-vpn/nstx/files/nstx-1.1_beta6_02-warn-on-frag.patch b/net-vpn/nstx/files/nstx-1.1_beta6_02-warn-on-frag.patch new file mode 100644 index 000000000000..251ad583150b --- /dev/null +++ b/net-vpn/nstx/files/nstx-1.1_beta6_02-warn-on-frag.patch @@ -0,0 +1,22 @@ +Only in nstx-1.1-beta6.orig/: nstx_dns.o +Only in nstx-1.1-beta6.orig/: nstx_encode.o +Only in nstx-1.1-beta6.orig/: nstx_pstack.o +diff -ru nstx-1.1-beta6.orig/nstx_tuntap.c nstx-1.1-beta6/nstx_tuntap.c +--- nstx-1.1-beta6.orig/nstx_tuntap.c 2009-03-16 23:56:02.000000000 +0000 ++++ nstx-1.1-beta6/nstx_tuntap.c 2009-03-17 00:06:00.000000000 +0000 +@@ -274,7 +274,13 @@ + sendtun(const char *data, size_t len) + { + // printf("Sent len %d, csum %d\n", len, checksum(data, len)); +- write(tfd, data, len); ++ size_t w = write(tfd, data, len); ++ ++ if (w < len) { ++ fprintf(stderr, "packet was descrutively fragmented! (len=%zd, " ++ "wrote=%zd)\n", ++ len, w); ++ } + } + + void +Only in nstx-1.1-beta6.orig/: nstxd.o diff --git a/net-vpn/nstx/files/nstx-1.1_beta6_03-delete-dwrite.patch b/net-vpn/nstx/files/nstx-1.1_beta6_03-delete-dwrite.patch new file mode 100644 index 000000000000..e943fa106b73 --- /dev/null +++ b/net-vpn/nstx/files/nstx-1.1_beta6_03-delete-dwrite.patch @@ -0,0 +1,18 @@ +diff -ru nstx-1.1-beta6.orig/nstx_util.c nstx-1.1-beta6/nstx_util.c +--- nstx-1.1-beta6.orig/nstx_util.c 2009-03-17 00:08:18.000000000 +0000 ++++ nstx-1.1-beta6/nstx_util.c 2009-03-17 00:08:37.000000000 +0000 +@@ -44,14 +44,6 @@ + return x; + } + +-void dwrite (char *path, char *buf, int len) { +- int fd; +- +- fd = open(path, O_RDWR|O_CREAT|O_TRUNC, 0600); +- write(fd, buf, len); +- close(fd); +-} +- + static int iface_addr(const char * name, in_addr_t * result) { + int r, s; + struct ifreq ifr; diff --git a/net-vpn/nstx/files/nstx-1.1_beta6_04-delete-werror.patch b/net-vpn/nstx/files/nstx-1.1_beta6_04-delete-werror.patch new file mode 100644 index 000000000000..35f7d0199b9d --- /dev/null +++ b/net-vpn/nstx/files/nstx-1.1_beta6_04-delete-werror.patch @@ -0,0 +1,9 @@ +diff -ru nstx-1.1-beta6.orig/Makefile nstx-1.1-beta6/Makefile +--- nstx-1.1-beta6.orig/Makefile 2009-03-17 03:29:43.000000000 +0000 ++++ nstx-1.1-beta6/Makefile 2009-03-17 03:29:53.000000000 +0000 +@@ -1,4 +1,4 @@ +-CFLAGS += -ggdb -Wall -Werror -Wsign-compare ++CFLAGS += -ggdb -Wall -Wsign-compare + + NSTXD_SRCS = nstxd.c nstx_encode.c nstx_pstack.c nstx_dns.c nstx_tuntap.c nstx_queue.c nstx_util.c + NSTXD_OBJS = ${NSTXD_SRCS:.c=.o} diff --git a/net-vpn/nstx/files/nstx-1.1_beta6_05-respect-ldflags.patch b/net-vpn/nstx/files/nstx-1.1_beta6_05-respect-ldflags.patch new file mode 100644 index 000000000000..47edb029edb9 --- /dev/null +++ b/net-vpn/nstx/files/nstx-1.1_beta6_05-respect-ldflags.patch @@ -0,0 +1,19 @@ +Respects LDFLAGS + +http://bugs.gentoo.org/show_bug.cgi?id=323919 + +--- nstx-1.1-beta6/Makefile ++++ nstx-1.1-beta6/Makefile +@@ -11,10 +11,10 @@ + all: $(PROGS) + + nstxd: $(NSTXD_OBJS) +- $(CC) $(CFLAGS) -o nstxd $(NSTXD_OBJS) ++ $(CC) $(CFLAGS) $(LDFLAGS) -o nstxd $(NSTXD_OBJS) + + nstxcd: $(NSTXCD_OBJS) +- $(CC) $(CFLAGS) -o nstxcd $(NSTXCD_OBJS) ++ $(CC) $(CFLAGS) $(LDFLAGS) -o nstxcd $(NSTXCD_OBJS) + + clean: + rm -f *.o $(PROGS) Makefile.bak *~ core diff --git a/net-vpn/nstx/files/nstxcd.conf b/net-vpn/nstx/files/nstxcd.conf new file mode 100644 index 000000000000..a04b9d09571e --- /dev/null +++ b/net-vpn/nstx/files/nstxcd.conf @@ -0,0 +1,46 @@ +# /etc/conf.d/nstxcd: config file for /etc/init.d/nstxcd + +# DOMAIN is the DNS domain which will be the base for NSTX tunneling. You must +# set up this domain such that its nameserver points to this machine. For +# example, if your tunnel domain is "tunnelhere.example.com", the nameserver for +# example.com should have the following record: +# +# tunnelhere.example.com IN NS this.machine.example.com +#DOMAIN="tunnelhere.example.com" + +# Set to "TUN" for TUN (IP/layer-3) mode, or "TAP" for TAP (ethernet/layer-2) +# mode. You must use the same mode your server is using, or you will send and +# receive only garbage. +MODE="TUN" + +# This will be the virtual TUN/TAP interface created by nstxcd. If unset, +# defaults to tun0 or tap0. Note that no IP configuration will be supplied by +# nstxd -- you must do this yourself using net scripts. +#TUNTAP_INTERFACE=tun53 + +# The DNS server where nstxcd will send queries. This is not necessarily the +# same server as the one where the nstxd server is running. What constitutes a +# good choice here depends on your situation: if you can send DNS queries to an +# arbitrary address on the Internet, you could simply point straight to the +# instance of nstxd, if you know its IP address. If you don't, you might use a +# public DNS server, like one of the ones hosted by Level3 (4.2.2.1-4.2.2.6), +# although it is almost certainly better to set up your nstxd server instance +# with dynamic DNS so you can always find it. +# +# If you are constrained to sending DNS queries to a DHCP-provided server on +# your local LAN, your only choice is to point to that server. This will always +# work, but may yield limited performance relative to directly talking to nstxd +# or talking via a high-performance DNS server. +# +# If you leave DNS_SERVER unset, the init script will select the first +# nameserver from resolv.conf. This is the most fault-tolerant configuration. +#DNS_SERVER="" + +# This option contains a space-separated list of interfaces that should be up +# before we start. It's convenient to put your DHCP-facing address in here, so +# autodetection of DNS_SERVER from resolv.conf will work. +#NEED_INTERFACES="" + +# Other miscellaneous options to pass to nstxcd (man 7 nstxcd for details) +#NSTXCD_OPTS="" + diff --git a/net-vpn/nstx/files/nstxcd.init b/net-vpn/nstx/files/nstxcd.init new file mode 100644 index 000000000000..444358970731 --- /dev/null +++ b/net-vpn/nstx/files/nstxcd.init @@ -0,0 +1,103 @@ +#!/sbin/openrc-run +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# (Written by Phillip Berndt <phillip.berndt at gmail dot com>) +# (Modified by Steven Brudenell <steven dot brudenell at gmail>) + +depend() { + local iface + + for iface in ${NEED_INTERFACES} ; do + need net.${iface} + done + + # If the user set TUNTAP_INTERFACE, they probably have a net script + # configuring that interface. nstxcd is responsible for actually creating + # the stupid thing, so we need to run before the config. + if [ ! -z ${TUNTAP_INTERFACE} ] ; then + if [ -x /etc/init.d/net.${TUNTAP_INTERFACE} ] ; then + before net.${TUNTAP_INTERFACE} + fi + fi +} + +loadtun() { + if [ ! -e /dev/net/tun ] + then + ebegin "Loading TUN/TAP kernel module" + modprobe -q tun + eend $? + fi + + if [ ! -e /dev/net/tun ] + then + eend 1 "Failed to load TUN driver! (did you compile your kernel with TUN/TAP support?)" + return 1 + fi + + return 0 +} + +checkconfig() { + if [ -z "${DOMAIN}" ] ; then + eerror "DOMAIN must be set" + return 1 + fi + + [ -z "${TUNTAP_INTERFACE}" ] || NSTXCD_OPTS="${NSTXCD_OPTS} -I ${TUNTAP_INTERFACE}" + [ -z "${TUNTAP_DEVICE}" ] || NSTXCD_OPTS="${NSTXCD_OPTS} -d ${TUNTAP_DEVICE}" + + case "${MODE}" in + TUN) + NSTXCD_OPTS="${NSTXCD_OPTS} -t" + ;; + TAP) + NSTXCD_OPTS="${NSTXCD_OPTS} -T" + ;; + *) + eerror "MODE must be either TUN or TAP" + return 1 + ;; + esac + + if [ -z "${DNS_SERVER}" ] ; then + DNS_SERVER=`awk '/^nameserver/{ print $2; exit; }' /etc/resolv.conf` + + if [ -z "${DNS_SERVER}" ] ; then + eerror "DNS_SERVER not set, and couldn't determine a nameserver from /etc/resolv.conf" + return 1 + fi + export DNS_SERVER + fi + + return 0 +} + +start() { + checkconfig || return 1 + + loadtun || return 1 + + ebegin "Starting nstxcd" + + start-stop-daemon \ + --start \ + --background \ + --make-pidfile \ + --exec /usr/sbin/nstxcd \ + --pidfile "/var/run/nstxcd.pid" \ + -- ${NSTXCD_OPTS} ${DOMAIN} ${DNS_SERVER} + + eend $? +} + +stop() { + ebegin "Stopping nstxcd" + + start-stop-daemon \ + --stop \ + --exec /usr/sbin/nstxcd \ + --pidfile "/var/run/nstxcd.pid" + + eend $? +} diff --git a/net-vpn/nstx/files/nstxd.conf b/net-vpn/nstx/files/nstxd.conf new file mode 100644 index 000000000000..4d3365a7142d --- /dev/null +++ b/net-vpn/nstx/files/nstxd.conf @@ -0,0 +1,35 @@ +# /etc/conf.d/nstxd: config file for /etc/init.d/nstxd + +# DOMAIN is the DNS domain which will be the base for NSTX tunneling. You must +# set up this domain such that its nameserver points to this machine. For +# example, if your tunnel domain is "tunnelhere.example.com", the nameserver for +# example.com should have the following record: +# +# tunnelhere.example.com IN NS this.machine.example.com +#DOMAIN="tunnelhere.example.com" + +# Set to "TUN" for TUN (IP/layer-3) mode, or "TAP" for TAP (ethernet/layer-2) +# mode. Your clients must run in the same mode, or you will send and receive +# only garbage. +MODE="TUN" + +# This will be the virtual TUN/TAP interface created by nstxd. If unset, +# defaults to tun0 or tap0. Note that no IP configuration will be supplied by +# nstxd -- you must do this yourself using net scripts. +#TUNTAP_INTERFACE=tun53 + +# Interface to bind to, instead of binding to all available interfaces. You can +# supply either an interface name or IP address here. Useful if you run an +# internal DNS server but want to run NSTX on your external interface. Note that +# nstxd always binds to port 53. +#BIND_INTERFACE=eth1 +#BIND_INTERFACE=1.2.3.4 + +# Chroot to this directory after startup +#CHROOT=/dev/null + +# Drop privileges to this user after startup +#NSTXD_USER=nstxd + +# Other miscellaneous options to pass to nstxd (man 7 nstxd for details) +#NSTXD_OPTS="" diff --git a/net-vpn/nstx/files/nstxd.init b/net-vpn/nstx/files/nstxd.init new file mode 100644 index 000000000000..2bf2a4133251 --- /dev/null +++ b/net-vpn/nstx/files/nstxd.init @@ -0,0 +1,94 @@ +#!/sbin/openrc-run +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# (Written by Phillip Berndt <phillip.berndt at gmail dot com>) +# (Modified by Steven Brudenell <steven dot brudenell at gmail>) + +depend() { + if [ ! -z "${BIND_INTERFACE}" ] ; then + if [ -x /etc/init.d/net.${BIND_INTERFACE} ] ; then + need net.${BIND_INTERFACE} + fi + fi + + # If the user set TUNTAP_INTERFACE, they probably have a net script + # configuring that interface. nstxcd is responsible for actually creating + # the stupid thing, so we need to run before the config. + if [ ! -z "${TUNTAP_INTERFACE}" ] ; then + if [ -x /etc/init.d/net.${TUNTAP_INTERFACE} ] ; then + before net.${TUNTAP_INTERFACE} + fi + fi +} + +loadtun() { + if [ ! -e /dev/net/tun ] + then + ebegin "Loading TUN/TAP kernel module" + modprobe -q tun + eend $? + fi + + if [ ! -e /dev/net/tun ] + then + eend 1 "Failed to load TUN driver! (did you compile your kernel with TUN/TAP support?)" + return 1 + fi + + return 0 +} + +checkconfig() { + if [ -z "${DOMAIN}" ] ; then + eerror "DOMAIN must be set" + return 1 + fi + + [ -z "${TUNTAP_INTERFACE}" ] || NSTXD_OPTS="${NSTXD_OPTS} -I ${TUNTAP_INTERFACE}" + [ -z "${TUNTAP_DEVICE}" ] || NSTXD_OPTS="${NSTXD_OPTS} -d ${TUNTAP_DEVICE}" + [ -z "${BIND_INTERFACE}" ] || NSTXD_OPTS="${NSTXD_OPTS} -i ${BIND_INTERFACE}" + [ -z "${CHROOT}" ] || NSTXD_OPTS="${NSTXD_OPTS} -C ${CHROOT}" + [ -z "${NSTXD_USER}" ] || NSTXD_OPTS="${NSTXD_OPTS} -u ${NSTXD_USER}" + + case "${MODE}" in + TUN) + NSTXD_OPTS="${NSTXD_OPTS} -t" + ;; + TAP) + NSTXD_OPTS="${NSTXD_OPTS} -T" + ;; + *) + eerror "MODE must be either TUN or TAP" + return 1 + ;; + esac +} + +start() { + checkconfig || return 1 + + loadtun || return 1 + + ebegin "Starting nstxd" + + start-stop-daemon \ + --start \ + --background \ + --make-pidfile \ + --exec /usr/sbin/nstxd \ + --pidfile "/var/run/nstxd.pid" \ + -- ${NSTXD_OPTS} ${DOMAIN} + + eend $? +} + +stop() { + ebegin "Stopping nstxd" + + start-stop-daemon \ + --stop \ + --exec /usr/sbin/nstxd \ + --pidfile "/var/run/nstxd.pid" + + eend $? +} diff --git a/net-vpn/nstx/metadata.xml b/net-vpn/nstx/metadata.xml new file mode 100644 index 000000000000..79d462e85571 --- /dev/null +++ b/net-vpn/nstx/metadata.xml @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="person"> + <email>robbat2@gentoo.org</email> +</maintainer> +</pkgmetadata> diff --git a/net-vpn/nstx/nstx-1.1_beta6-r3.ebuild b/net-vpn/nstx/nstx-1.1_beta6-r3.ebuild new file mode 100644 index 000000000000..05ca76aca0d5 --- /dev/null +++ b/net-vpn/nstx/nstx-1.1_beta6-r3.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +inherit versionator toolchain-funcs eutils linux-info + +MY_PV=$(replace_version_separator 2 - "${PV}") +MY_P="${PN}-${MY_PV}" +DEBIAN_PV="5" +DEBIAN_A="${PN}_${MY_PV}-${DEBIAN_PV}.diff.gz" + +DESCRIPTION="IP over DNS tunnel" +SRC_URI="http://dereference.de/nstx/${MY_P}.tgz + mirror://debian/pool/main/${PN:0:1}/${PN}/${DEBIAN_A}" +HOMEPAGE="http://dereference.de/nstx/" +DEPEND="virtual/os-headers" +KEYWORDS="amd64 x86" +IUSE="" +LICENSE="GPL-2" +SLOT="0" +S="${WORKDIR}/${MY_P}" + +CONFIG_CHECK="~TUN" + +src_unpack() { + unpack "${MY_P}.tgz" + epatch "${DISTDIR}"/${DEBIAN_A} \ + "${FILESDIR}"/${PN}-1.1_beta6_00-linux-tuntap.patch \ + "${FILESDIR}"/${PN}-1.1_beta6_01-bind-interface-name.patch \ + "${FILESDIR}"/${PN}-1.1_beta6_02-warn-on-frag.patch \ + "${FILESDIR}"/${PN}-1.1_beta6_03-delete-dwrite.patch \ + "${FILESDIR}"/${PN}-1.1_beta6_04-delete-werror.patch \ + "${FILESDIR}"/${PN}-1.1_beta6_05-respect-ldflags.patch +} + +src_compile() { + emake CC="$(tc-getCC)" || die +} + +src_install() { + into /usr + dosbin nstxcd nstxd || die + dodoc README Changelog || die + doman *.8 || die + + newinitd "${FILESDIR}"/nstxd.init nstxd + newconfd "${FILESDIR}"/nstxd.conf nstxd + newinitd "${FILESDIR}"/nstxcd.init nstxcd + newconfd "${FILESDIR}"/nstxcd.conf nstxcd +} + +pkg_postinst() { + einfo "Please read the documentation provided in" + einfo " `find /usr/share/doc/${PF}/ -name 'README*'`" +} diff --git a/net-vpn/tor/Manifest b/net-vpn/tor/Manifest new file mode 100644 index 000000000000..8ff6c084d0f2 --- /dev/null +++ b/net-vpn/tor/Manifest @@ -0,0 +1,5 @@ +DIST tor-0.2.8.12.tar.gz 5331785 SHA256 b35748f2839cf8ce9910b677ea873463495ac88689244c007ed038f6887f4aaf SHA512 b0cfa34914208bbb28f74178a87ece2a320a44606a94c35de715548fc5a3517cd3d9bf27512d9efe2f1c4685620a62ed591927f828e72fe5ac0a1fffa543eb26 WHIRLPOOL 342db1479f7c03ac3569b8b3bd86ca315fa7eb23dbb0e22d6f4490d399175b70cd398fc140eb42609b3c9656083ac99a7b6ce8d1eaa30530b6e4a3c20a1177ce +DIST tor-0.2.9.10.tar.gz 5557586 SHA256 d611283e1fb284b5f884f8c07e7d3151016851848304f56cfdf3be2a88bd1341 SHA512 c18c4faf18406f04165136f0d70e6bc2896f3f02770beadaab5e7a99441d71b897ae3a14a046eaec99a1bd6d8ad7758b28f7d652588842b77621cdc95d4fb7e1 WHIRLPOOL 8a12ab4bd148c6cf57e4e21ae29ccff46b9f687a1646f4453b0ba312b97b78d0c2a428f3178f47e58ec012eb2edce53efff4e07d7f0418d7ccc4ded3856a84a0 +DIST tor-0.2.9.9.tar.gz 5534005 SHA256 33325d2b250fd047ba2ddc5d11c2190c4e2951f4b03ec48ebd8bf0666e990d43 SHA512 cbe7e1f3e503b945f150916b7147cf23d1c32c3660e15aecfe5e2f2baac3a241de665e6ce4e81b81229933eba7f02d4a86e8deeabf2378d40fa83a7036928c9b WHIRLPOOL 9fc83693ea3b0519354a6d1fde83d090b66a9738f67abd7be2f9c3a36e95df92968b6da6c8cecd97ad352c70aac62817a86efae2dd42129934c2e6b38577439c +DIST tor-0.3.0.3-alpha.tar.gz 5738504 SHA256 739adb4a7ae1eb12582a667d56f7e8348123b1e00fe9d8a6159776df6dba7a87 SHA512 312b18599749252f8e66cc334481dfc8655f76717f02d3ecdcd7d278d43bc9e60e8464ab76d1a150adbb6a5468c1a03fff0db51f67ce12b9132bc772463a3849 WHIRLPOOL 2853eb585e608e098aee30fea7bf0f0c8175bc4ed1ad86a2511fc85a75bec2e8571dcf3a017986a73ceededff312c90650c83d44f7224e2de9d829f8d675c6e5 +DIST tor-0.3.0.4-rc.tar.gz 5757770 SHA256 32a7c0b322c61e15ce770f43715682f8b0be47844478387ddf8444cdf7c2f46f SHA512 21b335a973c9958c6c832ca171ac5e94c78379e365e4564289a623f264f8daab30be874a083ca3867364a6008c3b447080fad940dbbbda73f0cd3bb0dbf17d08 WHIRLPOOL af587ad1ce0c8fdac8eab65a9b7fb354abab700d967bddee9f2f647ffe7d630a5fd4cd0bb8f564ef62ccc2b482d87b83fe5f061da698504836ba997690417a10 diff --git a/net-vpn/tor/files/README.gentoo b/net-vpn/tor/files/README.gentoo new file mode 100644 index 000000000000..35214ac6fbb5 --- /dev/null +++ b/net-vpn/tor/files/README.gentoo @@ -0,0 +1,8 @@ +We created a configuration file for tor, /etc/tor/torrc, but you can +change it according to your needs. Use the torrc.sample that is in +that directory as a guide. Also, to have privoxy work with tor +just add the following line + +forward-socks4a / localhost:9050 . + +to /etc/privoxy/config. Notice the . at the end! diff --git a/net-vpn/tor/files/tor-0.2.7.4-torrc.sample.patch b/net-vpn/tor/files/tor-0.2.7.4-torrc.sample.patch new file mode 100644 index 000000000000..92eb03bb18ea --- /dev/null +++ b/net-vpn/tor/files/tor-0.2.7.4-torrc.sample.patch @@ -0,0 +1,31 @@ +diff -Nuar tor-0.2.7.4-rc.orig/src/config/torrc.sample.in tor-0.2.7.4-rc/src/config/torrc.sample.in +--- tor-0.2.7.4-rc.orig/src/config/torrc.sample.in 2015-10-19 11:12:53.000000000 -0400 ++++ tor-0.2.7.4-rc/src/config/torrc.sample.in 2015-10-21 21:18:49.151973113 -0400 +@@ -12,6 +12,11 @@ + ## Tor will look for this file in various places based on your platform: + ## https://www.torproject.org/docs/faq#torrc + ++## Default username and group the server will run as ++User tor ++ ++PIDFile /var/run/tor/tor.pid ++ + ## Tor opens a SOCKS proxy on port 9050 by default -- even if you don't + ## configure one below. Set "SOCKSPort 0" if you plan to run Tor only + ## as a relay, and not make any local application connections yourself. +@@ -42,6 +47,7 @@ + #Log notice syslog + ## To send all messages to stderr: + #Log debug stderr ++Log warn syslog + + ## Uncomment this to start the process in the background... or use + ## --runasdaemon 1 on the command line. This is ignored on Windows; +@@ -51,6 +57,7 @@ + ## The directory for keeping all the keys/etc. By default, we store + ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows. + #DataDirectory @LOCALSTATEDIR@/lib/tor ++DataDirectory /var/lib/tor/data + + ## The port on which Tor will listen for local connections from Tor + ## controller applications, as documented in control-spec.txt. diff --git a/net-vpn/tor/files/tor.conf b/net-vpn/tor/files/tor.conf new file mode 100644 index 000000000000..188c041e5442 --- /dev/null +++ b/net-vpn/tor/files/tor.conf @@ -0,0 +1 @@ +d /var/run/tor 0775 tor tor - - diff --git a/net-vpn/tor/files/tor.confd b/net-vpn/tor/files/tor.confd new file mode 100644 index 000000000000..4195bf3237b2 --- /dev/null +++ b/net-vpn/tor/files/tor.confd @@ -0,0 +1,3 @@ +# +# Set the file limit +rc_ulimit="-n 30000" diff --git a/net-vpn/tor/files/tor.initd-r8 b/net-vpn/tor/files/tor.initd-r8 new file mode 100644 index 000000000000..de9b66eb555b --- /dev/null +++ b/net-vpn/tor/files/tor.initd-r8 @@ -0,0 +1,37 @@ +#!/sbin/openrc-run +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +command=/usr/bin/tor +pidfile=/var/run/tor/tor.pid +command_args="--hush --runasdaemon 1 --pidfile \"${pidfile}\"" +retry=${GRACEFUL_TIMEOUT:-60} +stopsig=INT +command_progress=yes + +extra_commands="checkconfig" +extra_started_commands="reload" +description="Anonymizing overlay network for TCP" +description_checkconfig="Check for valid config file" +description_reload="Reload the configuration" + +checkconfig() { + ${command} --verify-config --hush > /dev/null 2>&1 + if [ $? -ne 0 ] ; then + eerror "Tor configuration (/etc/tor/torrc) is not valid." + eerror "Example is in /etc/tor/torrc.sample" + return 1 + fi +} + +start_pre() { + checkconfig || return 1 + checkpath -d -m 0755 -o tor:tor /var/run/tor +} + +reload() { + checkconfig || return 1 + ebegin "Reloading Tor configuration" + start-stop-daemon -s HUP --pidfile ${pidfile} + eend $? +} diff --git a/net-vpn/tor/files/tor.service b/net-vpn/tor/files/tor.service new file mode 100644 index 000000000000..8fcc6740ed91 --- /dev/null +++ b/net-vpn/tor/files/tor.service @@ -0,0 +1,21 @@ +[Unit] +Description=The Onion Router + +[Service] +ExecStartPre=/usr/bin/tor --verify-config -f /etc/tor/torrc +ExecStart=/usr/bin/tor --RunAsDaemon 0 -f /etc/tor/torrc +ExecReload=/bin/kill -HUP $MAINPID +KillSignal=SIGINT +TimeoutStopSec=32 +LimitNOFILE=30000 + +# Hardening options: +CapabilityBoundingSet = CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE +PrivateTmp = yes +PrivateDevices = yes +ProtectHome = yes +ProtectSystem = full +NoNewPrivileges = yes + +[Install] +WantedBy=multi-user.target diff --git a/net-vpn/tor/files/torrc-r1 b/net-vpn/tor/files/torrc-r1 new file mode 100644 index 000000000000..322a794aa1d5 --- /dev/null +++ b/net-vpn/tor/files/torrc-r1 @@ -0,0 +1,7 @@ +# +# Minimal torrc so tor will work out of the box +# +User tor +PIDFile /var/run/tor/tor.pid +Log notice syslog +DataDirectory /var/lib/tor/data diff --git a/net-vpn/tor/metadata.xml b/net-vpn/tor/metadata.xml new file mode 100644 index 000000000000..80fbc720fea8 --- /dev/null +++ b/net-vpn/tor/metadata.xml @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>blueness@gentoo.org</email> + <name>Anthony G. Basile</name> + </maintainer> + <use> + <flag name="bufferevents">Use libevent's buffered IO implementation (unstable, buggy)</flag> + <flag name="stats">Enable tracking of how much of each kind of resource we download</flag> + <flag name="scrypt">Use <pkg>app-crypt/libscrypt</pkg> for the scrypt algorithm</flag> + <flag name="tor-hardening">Compile tor with hardening on vanilla compilers/linkers</flag> + <flag name="transparent-proxy">Enable transparent proxying</flag> + <flag name="web">Build a tor2web service instead of a tor client</flag> + </use> +</pkgmetadata> diff --git a/net-vpn/tor/tor-0.2.8.12.ebuild b/net-vpn/tor/tor-0.2.8.12.ebuild new file mode 100644 index 000000000000..0b5f4d0f361d --- /dev/null +++ b/net-vpn/tor/tor-0.2.8.12.ebuild @@ -0,0 +1,86 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="5" + +inherit eutils flag-o-matic readme.gentoo-r1 systemd versionator user + +MY_PV="$(replace_version_separator 4 -)" +MY_PF="${PN}-${MY_PV}" +DESCRIPTION="Anonymizing overlay network for TCP" +HOMEPAGE="http://www.torproject.org/" +SRC_URI="https://www.torproject.org/dist/${MY_PF}.tar.gz + https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz" +S="${WORKDIR}/${MY_PF}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="amd64 arm ~mips ppc ppc64 sparc x86 ~ppc-macos" +IUSE="-bufferevents libressl scrypt seccomp selinux stats systemd tor-hardening transparent-proxy test web" + +DEPEND=" + app-text/asciidoc + dev-libs/libevent + sys-libs/zlib + bufferevents? ( dev-libs/libevent[ssl] ) + !libressl? ( dev-libs/openssl:0=[-bindist] ) + libressl? ( dev-libs/libressl:0= ) + scrypt? ( app-crypt/libscrypt ) + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd )" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-tor )" + +pkg_setup() { + enewgroup tor + enewuser tor -1 -1 /var/lib/tor tor +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch + epatch_user +} + +src_configure() { + # Upstream isn't sure of all the user provided CFLAGS that + # will break tor, but does recommend against -fstrict-aliasing. + # We'll filter-flags them here as we encounter them. + filter-flags -fstrict-aliasing + + econf \ + --enable-system-torrc \ + --enable-asciidoc \ + --docdir="${EPREFIX}"/usr/share/doc/${PF} \ + $(use_enable stats instrument-downloads) \ + $(use_enable bufferevents) \ + $(use_enable scrypt libscrypt) \ + $(use_enable seccomp) \ + $(use_enable systemd) \ + $(use_enable tor-hardening gcc-hardening) \ + $(use_enable tor-hardening linker-hardening) \ + $(use_enable transparent-proxy transparent) \ + $(use_enable web tor2web-mode) \ + $(use_enable test unittests) \ + $(use_enable test coverage) +} + +src_install() { + readme.gentoo_create_doc + + newconfd "${FILESDIR}"/tor.confd tor + newinitd "${FILESDIR}"/tor.initd-r8 tor + systemd_dounit "${FILESDIR}/${PN}.service" + systemd_dotmpfilesd "${FILESDIR}/${PN}.conf" + + emake DESTDIR="${D}" install + + keepdir /var/lib/tor + + dodoc -r README ChangeLog ReleaseNotes doc/HACKING + + fperms 750 /var/lib/tor + fowners tor:tor /var/lib/tor + + insinto /etc/tor/ + newins "${FILESDIR}"/torrc-r1 torrc +} diff --git a/net-vpn/tor/tor-0.2.9.10.ebuild b/net-vpn/tor/tor-0.2.9.10.ebuild new file mode 100644 index 000000000000..035d07ef861f --- /dev/null +++ b/net-vpn/tor/tor-0.2.9.10.ebuild @@ -0,0 +1,82 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit eutils flag-o-matic readme.gentoo-r1 systemd versionator user + +MY_PV="$(replace_version_separator 4 -)" +MY_PF="${PN}-${MY_PV}" +DESCRIPTION="Anonymizing overlay network for TCP" +HOMEPAGE="http://www.torproject.org/" +SRC_URI="https://www.torproject.org/dist/${MY_PF}.tar.gz + https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz" +S="${WORKDIR}/${MY_PF}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86 ~ppc-macos" +IUSE="libressl scrypt seccomp selinux systemd tor-hardening test web" + +DEPEND=" + app-text/asciidoc + dev-libs/libevent[ssl] + sys-libs/zlib + !libressl? ( dev-libs/openssl:0=[-bindist] ) + libressl? ( dev-libs/libressl:0= ) + scrypt? ( app-crypt/libscrypt ) + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd )" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-tor )" + +pkg_setup() { + enewgroup tor + enewuser tor -1 -1 /var/lib/tor tor +} + +src_prepare() { + eapply "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch + eapply_user +} + +src_configure() { + # Upstream isn't sure of all the user provided CFLAGS that + # will break tor, but does recommend against -fstrict-aliasing. + # We'll filter-flags them here as we encounter them. + filter-flags -fstrict-aliasing + + econf \ + --enable-system-torrc \ + --enable-asciidoc \ + --docdir="${EPREFIX}"/usr/share/doc/${PF} \ + $(use_enable scrypt libscrypt) \ + $(use_enable seccomp) \ + $(use_enable systemd) \ + $(use_enable tor-hardening gcc-hardening) \ + $(use_enable tor-hardening linker-hardening) \ + $(use_enable web tor2web-mode) \ + $(use_enable test unittests) \ + $(use_enable test coverage) +} + +src_install() { + readme.gentoo_create_doc + + newconfd "${FILESDIR}"/tor.confd tor + newinitd "${FILESDIR}"/tor.initd-r8 tor + systemd_dounit "${FILESDIR}/${PN}.service" + systemd_dotmpfilesd "${FILESDIR}/${PN}.conf" + + emake DESTDIR="${D}" install + + keepdir /var/lib/tor + + dodoc -r README ChangeLog ReleaseNotes doc/HACKING + + fperms 750 /var/lib/tor + fowners tor:tor /var/lib/tor + + insinto /etc/tor/ + newins "${FILESDIR}"/torrc-r1 torrc +} diff --git a/net-vpn/tor/tor-0.2.9.9.ebuild b/net-vpn/tor/tor-0.2.9.9.ebuild new file mode 100644 index 000000000000..035d07ef861f --- /dev/null +++ b/net-vpn/tor/tor-0.2.9.9.ebuild @@ -0,0 +1,82 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit eutils flag-o-matic readme.gentoo-r1 systemd versionator user + +MY_PV="$(replace_version_separator 4 -)" +MY_PF="${PN}-${MY_PV}" +DESCRIPTION="Anonymizing overlay network for TCP" +HOMEPAGE="http://www.torproject.org/" +SRC_URI="https://www.torproject.org/dist/${MY_PF}.tar.gz + https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz" +S="${WORKDIR}/${MY_PF}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86 ~ppc-macos" +IUSE="libressl scrypt seccomp selinux systemd tor-hardening test web" + +DEPEND=" + app-text/asciidoc + dev-libs/libevent[ssl] + sys-libs/zlib + !libressl? ( dev-libs/openssl:0=[-bindist] ) + libressl? ( dev-libs/libressl:0= ) + scrypt? ( app-crypt/libscrypt ) + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd )" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-tor )" + +pkg_setup() { + enewgroup tor + enewuser tor -1 -1 /var/lib/tor tor +} + +src_prepare() { + eapply "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch + eapply_user +} + +src_configure() { + # Upstream isn't sure of all the user provided CFLAGS that + # will break tor, but does recommend against -fstrict-aliasing. + # We'll filter-flags them here as we encounter them. + filter-flags -fstrict-aliasing + + econf \ + --enable-system-torrc \ + --enable-asciidoc \ + --docdir="${EPREFIX}"/usr/share/doc/${PF} \ + $(use_enable scrypt libscrypt) \ + $(use_enable seccomp) \ + $(use_enable systemd) \ + $(use_enable tor-hardening gcc-hardening) \ + $(use_enable tor-hardening linker-hardening) \ + $(use_enable web tor2web-mode) \ + $(use_enable test unittests) \ + $(use_enable test coverage) +} + +src_install() { + readme.gentoo_create_doc + + newconfd "${FILESDIR}"/tor.confd tor + newinitd "${FILESDIR}"/tor.initd-r8 tor + systemd_dounit "${FILESDIR}/${PN}.service" + systemd_dotmpfilesd "${FILESDIR}/${PN}.conf" + + emake DESTDIR="${D}" install + + keepdir /var/lib/tor + + dodoc -r README ChangeLog ReleaseNotes doc/HACKING + + fperms 750 /var/lib/tor + fowners tor:tor /var/lib/tor + + insinto /etc/tor/ + newins "${FILESDIR}"/torrc-r1 torrc +} diff --git a/net-vpn/tor/tor-0.3.0.3_alpha.ebuild b/net-vpn/tor/tor-0.3.0.3_alpha.ebuild new file mode 100644 index 000000000000..b103e82a8aed --- /dev/null +++ b/net-vpn/tor/tor-0.3.0.3_alpha.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit flag-o-matic readme.gentoo-r1 systemd versionator user + +MY_PV="$(replace_version_separator 4 -)" +MY_PF="${PN}-${MY_PV}" +DESCRIPTION="Anonymizing overlay network for TCP" +HOMEPAGE="http://www.torproject.org/" +SRC_URI="https://www.torproject.org/dist/${MY_PF}.tar.gz + https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz" +S="${WORKDIR}/${MY_PF}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86 ~ppc-macos" +IUSE="libressl scrypt seccomp selinux systemd tor-hardening test web" + +DEPEND=" + app-text/asciidoc + dev-libs/libevent[ssl] + sys-libs/zlib + !libressl? ( dev-libs/openssl:0=[-bindist] ) + libressl? ( dev-libs/libressl:0= ) + scrypt? ( app-crypt/libscrypt ) + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd )" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-tor )" + +PATCHES=( + "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch +) + +DOCS=( README ChangeLog ReleaseNotes doc/HACKING ) + +pkg_setup() { + enewgroup tor + enewuser tor -1 -1 /var/lib/tor tor +} + +src_configure() { + econf \ + --localstatedir="${EPREFIX}/var" \ + --enable-system-torrc \ + --enable-asciidoc \ + $(use_enable scrypt libscrypt) \ + $(use_enable seccomp) \ + $(use_enable systemd) \ + $(use_enable tor-hardening gcc-hardening) \ + $(use_enable tor-hardening linker-hardening) \ + $(use_enable web tor2web-mode) \ + $(use_enable test unittests) \ + $(use_enable test coverage) +} + +src_install() { + default + readme.gentoo_create_doc + + newconfd "${FILESDIR}"/tor.confd tor + newinitd "${FILESDIR}"/tor.initd-r8 tor + systemd_dounit contrib/dist/tor.service + + keepdir /var/lib/tor + + fperms 750 /var/lib/tor + fowners tor:tor /var/lib/tor + + insinto /etc/tor/ + newins "${FILESDIR}"/torrc-r1 torrc +} diff --git a/net-vpn/tor/tor-0.3.0.4_rc.ebuild b/net-vpn/tor/tor-0.3.0.4_rc.ebuild new file mode 100644 index 000000000000..b103e82a8aed --- /dev/null +++ b/net-vpn/tor/tor-0.3.0.4_rc.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit flag-o-matic readme.gentoo-r1 systemd versionator user + +MY_PV="$(replace_version_separator 4 -)" +MY_PF="${PN}-${MY_PV}" +DESCRIPTION="Anonymizing overlay network for TCP" +HOMEPAGE="http://www.torproject.org/" +SRC_URI="https://www.torproject.org/dist/${MY_PF}.tar.gz + https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz" +S="${WORKDIR}/${MY_PF}" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86 ~ppc-macos" +IUSE="libressl scrypt seccomp selinux systemd tor-hardening test web" + +DEPEND=" + app-text/asciidoc + dev-libs/libevent[ssl] + sys-libs/zlib + !libressl? ( dev-libs/openssl:0=[-bindist] ) + libressl? ( dev-libs/libressl:0= ) + scrypt? ( app-crypt/libscrypt ) + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd )" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-tor )" + +PATCHES=( + "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch +) + +DOCS=( README ChangeLog ReleaseNotes doc/HACKING ) + +pkg_setup() { + enewgroup tor + enewuser tor -1 -1 /var/lib/tor tor +} + +src_configure() { + econf \ + --localstatedir="${EPREFIX}/var" \ + --enable-system-torrc \ + --enable-asciidoc \ + $(use_enable scrypt libscrypt) \ + $(use_enable seccomp) \ + $(use_enable systemd) \ + $(use_enable tor-hardening gcc-hardening) \ + $(use_enable tor-hardening linker-hardening) \ + $(use_enable web tor2web-mode) \ + $(use_enable test unittests) \ + $(use_enable test coverage) +} + +src_install() { + default + readme.gentoo_create_doc + + newconfd "${FILESDIR}"/tor.confd tor + newinitd "${FILESDIR}"/tor.initd-r8 tor + systemd_dounit contrib/dist/tor.service + + keepdir /var/lib/tor + + fperms 750 /var/lib/tor + fowners tor:tor /var/lib/tor + + insinto /etc/tor/ + newins "${FILESDIR}"/torrc-r1 torrc +} diff --git a/net-vpn/vtun/Manifest b/net-vpn/vtun/Manifest new file mode 100644 index 000000000000..3ef73fee68db --- /dev/null +++ b/net-vpn/vtun/Manifest @@ -0,0 +1 @@ +DIST vtun-3.0.3.tar.gz 130051 SHA256 69dcbe4f8c5ce7d91b4150a6309e536d03b61841169746ca5788413ac7edb9cb SHA512 5fa789d08b556f97492b89515a89c2322c4b0a8fa95bd1035f5ed19061b3654a6a36a9911792096ac872ae9ae5451848cab87d0343dc0ffc064affea1f7d0d54 WHIRLPOOL 8939c132622d4833a8780003548850103c8f35cabd25b38198a254200a80747b57edba327b4ab91b6af954542d2605a5f2d9dda42a64218a5e0a586fe5705475 diff --git a/net-vpn/vtun/files/vtun-3.0.2-remove-config-presence-check.patch b/net-vpn/vtun/files/vtun-3.0.2-remove-config-presence-check.patch new file mode 100644 index 000000000000..15b3bf273c34 --- /dev/null +++ b/net-vpn/vtun/files/vtun-3.0.2-remove-config-presence-check.patch @@ -0,0 +1,13 @@ +--- Makefile.in.orig 2012-06-11 23:31:11.416075337 +0400 ++++ Makefile.in 2012-06-11 23:31:21.247324839 +0400 +@@ -86,9 +86,7 @@ + + install_config: + $(INSTALL) -d -m 755 $(INSTALL_OWNER) $(DESTDIR)$(ETC_DIR) +- if [ ! -f $(ETC_DIR)/vtund.conf ]; then \ +- $(INSTALL) -m 600 $(INSTALL_OWNER) vtund.conf $(DESTDIR)$(ETC_DIR); \ +- fi ++ $(INSTALL) -m 600 $(INSTALL_OWNER) vtund.conf $(DESTDIR)$(ETC_DIR); \ + + install: vtund install_config install_man + $(INSTALL) -d -m 755 $(INSTALL_OWNER) $(DESTDIR)$(VAR_DIR)/run diff --git a/net-vpn/vtun/files/vtun-3.0.3-gcc5.patch b/net-vpn/vtun/files/vtun-3.0.3-gcc5.patch new file mode 100644 index 000000000000..99c6531d7268 --- /dev/null +++ b/net-vpn/vtun/files/vtun-3.0.3-gcc5.patch @@ -0,0 +1,13 @@ +Index: vtun-3.0.3/cfg_file.y +=================================================================== +--- vtun-3.0.3.orig/cfg_file.y ++++ vtun-3.0.3/cfg_file.y +@@ -624,7 +624,7 @@ int clear_nat_hack_client(void *d, void + } + + /* Clear the VTUN_NAT_HACK flag which are not relevant to the current operation mode */ +-inline void clear_nat_hack_flags(int svr) ++extern inline void clear_nat_hack_flags(int svr) + { + if (svr) + llist_trav(&host_list,clear_nat_hack_server,NULL); diff --git a/net-vpn/vtun/files/vtun-3.0.3-includes.patch b/net-vpn/vtun/files/vtun-3.0.3-includes.patch new file mode 100644 index 000000000000..cd7cf6a2a2ee --- /dev/null +++ b/net-vpn/vtun/files/vtun-3.0.3-includes.patch @@ -0,0 +1,62 @@ +--- a/lfd_encrypt.c 2008-01-07 23:35:32.000000000 +0100 ++++ b/lfd_encrypt.c 2010-09-18 04:53:31.000000000 +0200 +@@ -44,6 +44,7 @@ + #include <strings.h> + #include <string.h> + #include <time.h> ++#include <arpa/inet.h> /* htonl() */ + + #include "vtun.h" + #include "linkfd.h" +--- a/lib.c 2008-01-07 23:35:40.000000000 +0100 ++++ b/lib.c 2010-09-18 04:52:51.000000000 +0200 +@@ -34,6 +34,7 @@ + #include <sys/wait.h> + #include <syslog.h> + #include <errno.h> ++#include <time.h> /* nanosleep() */ + + #include "vtun.h" + #include "linkfd.h" +--- a/lib.h 2008-01-07 23:35:41.000000000 +0100 ++++ b/lib.h 2010-09-18 04:56:50.000000000 +0200 +@@ -26,6 +26,7 @@ + #include <sys/types.h> + #include <signal.h> + #include <errno.h> ++#include <unistd.h> /* read(), write() */ + + #ifdef HAVE_LIBUTIL_H + #include <libutil.h> +--- a/vtun.h 2008-01-07 23:36:07.000000000 +0100 ++++ b/vtun.h 2010-09-18 04:56:08.000000000 +0200 +@@ -232,5 +232,9 @@ + int read_config(char *file); + struct vtun_host * find_host(char *host); + inline void clear_nat_hack_flags(int svr); ++int send_msg(int len, char *in, char **out); ++int send_ib_mesg(int *len, char **in); ++int recv_msg(int len, char *in, char **out); ++int recv_ib_mesg(int *len, char **in); + + #endif +--- a/lock.c 2008-01-07 23:35:50.000000000 +0100 ++++ b/lock.c 2010-09-18 05:01:21.000000000 +0200 +@@ -32,6 +32,7 @@ + #include <sys/types.h> + #include <signal.h> + #include <errno.h> ++#include <time.h> /* nanosleep() */ + + #include "vtun.h" + #include "linkfd.h" +--- a/lfd_shaper.c 2008-01-07 23:35:36.000000000 +0100 ++++ b/lfd_shaper.c 2010-09-18 05:07:12.000000000 +0200 +@@ -27,6 +27,7 @@ + #include <stdlib.h> + #include <sys/time.h> + #include <syslog.h> ++#include <time.h> /* nanosleep() */ + + #include "vtun.h" + #include "linkfd.h" diff --git a/net-vpn/vtun/files/vtun.rc b/net-vpn/vtun/files/vtun.rc new file mode 100644 index 000000000000..7ef322985043 --- /dev/null +++ b/net-vpn/vtun/files/vtun.rc @@ -0,0 +1,32 @@ +#!/sbin/openrc-run +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + need net +} + +start() { + IFS=$'\n' + for line in `grep -v '^[[:space:]]*#' /etc/vtund-start.conf | grep -v '^[[:space:]]*$'` + do + echo $line | + (IFS=" " + read host server args + if [ "$host" = "--server--" ]; then + ebegin "Starting vtund server" + /usr/sbin/vtund -s -P $server $args + eend $? + else + ebegin "Starting vtund client $host to $server" + /usr/sbin/vtund $args -- $host $server + eend $? + fi) + done +} + +stop() { + ebegin "Stopping all vtund servers and clients" + killall vtund + eend $? +} diff --git a/net-vpn/vtun/files/vtund-start.conf b/net-vpn/vtun/files/vtund-start.conf new file mode 100644 index 000000000000..01de38322f48 --- /dev/null +++ b/net-vpn/vtun/files/vtund-start.conf @@ -0,0 +1,33 @@ +### this file defines whether vtund is run as a client or a server +### +### format is "[host] [server] <args>" or "--server-- [portnumber] <args>". +### +### [host] is the hostname to use as a client +### +### [server] is the server to connect to +### +### [args] is optional for both server and client and contains any additional +### command line args for that instance of vtund. not needed by most people. +### +### --server-- is the literal string '--server--'. nothing more, nothing less. +### +### [portnumber] is the port number to run the server on. +### +### +### you can have more than one client "host server" line if required, +### and in theory, it should be possible to run as both a client and a +### server simultaneously, but i haven't tested that. + + +### examples: + +### to run as a client using hostname 'viper'. +#viper vtun-server.somewhere.com.au + +### to run a persistent client connection using hostname 'viper' +### connecting to a server on port 6000 and using /etc/vtun.viper.conf +### as the config file. +#viper vtun-server.somewhere.com.au -f /etc/vtun.viper.conf -s -P 6000 + +### to run vtund as a server on port 5000, uncomment the following line: +#--server-- 5000 diff --git a/net-vpn/vtun/metadata.xml b/net-vpn/vtun/metadata.xml new file mode 100644 index 000000000000..6c796b6d02c5 --- /dev/null +++ b/net-vpn/vtun/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>pinkbyte@gentoo.org</email> + <name>Sergey Popov</name> + </maintainer> + <upstream> + <remote-id type="sourceforge">vtun</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-vpn/vtun/vtun-3.0.3.ebuild b/net-vpn/vtun/vtun-3.0.3.ebuild new file mode 100644 index 000000000000..153cff659a9f --- /dev/null +++ b/net-vpn/vtun/vtun-3.0.3.ebuild @@ -0,0 +1,57 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit eutils linux-info + +DESCRIPTION="Create tunnels over TCP/IP networks with shaping, encryption, and compression" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" +HOMEPAGE="http://vtun.sourceforge.net/" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha amd64 ppc ~sparc x86" +IUSE="lzo socks5 ssl zlib" + +RDEPEND="ssl? ( dev-libs/openssl:0 ) + lzo? ( dev-libs/lzo:2 ) + zlib? ( sys-libs/zlib ) + socks5? ( net-proxy/dante )" +DEPEND="${RDEPEND} + sys-devel/bison" + +DOCS="ChangeLog Credits FAQ README README.Setup README.Shaper TODO" + +CONFIG_CHECK="~TUN" + +src_prepare() { + sed -i Makefile.in \ + -e '/^LDFLAGS/s|=|+=|g' \ + || die "sed Makefile" + epatch "${FILESDIR}"/${P}-includes.patch + # remove unneeded checking for /etc/vtund.conf + epatch "${FILESDIR}"/${PN}-3.0.2-remove-config-presence-check.patch + # GCC 5 compatibility, patch from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778164 + epatch "${FILESDIR}"/${P}-gcc5.patch + # portage takes care about striping binaries itself + sed -i 's:$(BIN_DIR)/strip $(DESTDIR)$(SBIN_DIR)/vtund::' Makefile.in || die + + epatch_user +} + +src_configure() { + econf \ + $(use_enable ssl) \ + $(use_enable zlib) \ + $(use_enable lzo) \ + $(use_enable socks5 socks) \ + --enable-shaper +} + +src_install() { + default + newinitd "${FILESDIR}"/vtun.rc vtun + insinto etc + doins "${FILESDIR}"/vtund-start.conf +} |