summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Olexa <darkside@gentoo.org>2013-09-05 00:00:29 +0000
committerJeremy Olexa <darkside@gentoo.org>2013-09-05 00:00:29 +0000
commit2d5d4ccdf5595d7344d759eb7b6c66d3825f753f (patch)
treecad5426dbea703832a45d66fcfa9d80d9f3565f7
parenttest commit for CIA hooks (diff)
downloaddarkside-2d5d4ccdf5595d7344d759eb7b6c66d3825f753f.tar.gz
darkside-2d5d4ccdf5595d7344d759eb7b6c66d3825f753f.tar.bz2
darkside-2d5d4ccdf5595d7344d759eb7b6c66d3825f753f.zip
[net-misc/openswan] add openswan-2.6.38 and mask >=2.6.39, bug 483576
-rw-r--r--net-misc/openswan/ChangeLog495
-rw-r--r--net-misc/openswan/Manifest1
-rw-r--r--net-misc/openswan/metadata.xml25
-rw-r--r--net-misc/openswan/openswan-2.6.38.ebuild178
-rw-r--r--profiles/package.mask7
5 files changed, 706 insertions, 0 deletions
diff --git a/net-misc/openswan/ChangeLog b/net-misc/openswan/ChangeLog
new file mode 100644
index 0000000..9ff6d30
--- /dev/null
+++ b/net-misc/openswan/ChangeLog
@@ -0,0 +1,495 @@
+# ChangeLog for net-misc/openswan
+# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/ChangeLog,v 1.91 2013/09/01 15:59:02 floppym Exp $
+
+ 04 Sep 2013; Jeremy Olexa <darkside@gentoo.org> +openswan-2.6.38.ebuild,
+ +metadata.xml:
+ [net-misc/openswan] add openswan-2.6.38 and mask >=2.6.39, bug 483576
+
+ 01 Sep 2013; Mike Gilbert <floppym@gentoo.org> openswan-2.6.39.ebuild:
+ Call tc-export AR CC, bug 483278.
+
+ 01 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openswan-2.6.39.ebuild:
+ Stable for x86, wrt bug #483204
+
+ 01 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openswan-2.6.39.ebuild:
+ Stable for amd64, wrt bug #483204
+
+*openswan-2.6.39 (01 Sep 2013)
+
+ 01 Sep 2013; Mike Gilbert <floppym@gentoo.org>
+ +files/openswan-2.6.39-gentoo.patch, +openswan-2.6.39.ebuild:
+ Version bump.
+
+ 06 Jan 2013; Mike Gilbert <floppym@gentoo.org> openswan-2.6.38.ebuild:
+ Remove /var/run/pluto after the build system creates it, bug 448834.
+
+ 27 Dec 2012; Mike Gilbert <floppym@gentoo.org> -files/ipsec,
+ -files/openswan-2.4-allow-ms-bad-proposal.patch,
+ -files/openswan-2.4.15-deprecated-ldap.patch,
+ -files/openswan-2.4.15-gentoo.patch, -files/openswan-2.6.31-gentoo.patch,
+ -files/openswan-2.6.37-gentoo.patch, -openswan-2.4.15-r2.ebuild,
+ -openswan-2.6.31.ebuild, -openswan-2.6.37-r1.ebuild, -openswan-2.6.37.ebuild,
+ openswan-2.6.38.ebuild:
+ pluto creates /var/run/pluto on startup, so don't call keepdir. Bug 448834 by
+ flameeyes. Remove old.
+
+ 14 Sep 2012; Agostino Sarubbo <ago@gentoo.org> openswan-2.6.38.ebuild:
+ Stable for amd64, wrt bug #434606
+
+ 14 Sep 2012; Agostino Sarubbo <ago@gentoo.org> openswan-2.6.38.ebuild:
+ Stable for X86, wrt bug #434606
+
+*openswan-2.6.38 (07 Apr 2012)
+
+ 07 Apr 2012; Mike Gilbert <floppym@gentoo.org>
+ +files/openswan-2.6.38-gentoo.patch, +openswan-2.6.38.ebuild:
+ Version bump.
+
+ 06 Apr 2012; Mike Gilbert <floppym@gentoo.org> metadata.xml:
+ Change maintainer.
+
+ 06 Apr 2012; Pacho Ramos <pacho@gentoo.org> metadata.xml:
+ Drop maintainer due retirement, bug #63588
+
+*openswan-2.6.37-r1 (21 Nov 2011)
+
+ 21 Nov 2011; Mike Frysinger <vapier@gentoo.org> +openswan-2.6.37-r1.ebuild:
+ Depend on the old output style of ifconfig, and simplify build flags a bit.
+
+ 10 Nov 2011; Tony Vroon <chainsaw@gentoo.org> openswan-2.6.37.ebuild:
+ Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo & Ian
+ "idella4" Delaney in security bug #389097.
+
+ 09 Nov 2011; Pawel Hajdan jr <phajdan.jr@gentoo.org> openswan-2.6.37.ebuild:
+ x86 stable wrt bug #389097
+
+*openswan-2.6.37 (07 Nov 2011)
+
+ 07 Nov 2011; Alin Năstac <mrness@gentoo.org> -openswan-2.6.29.ebuild,
+ -files/openswan-2.6.29-gentoo.patch, +openswan-2.6.37.ebuild,
+ +files/openswan-2.6.37-gentoo.patch:
+ Version bump (#368903); install cotrib files (#350083); use LDFLAGS
+ (#351019).
+
+ 06 Jun 2011; Robin H. Johnson <robbat2@gentoo.org> openswan-2.4.15-r2.ebuild,
+ openswan-2.6.29.ebuild, openswan-2.6.31.ebuild:
+ Linux-3.0 changes.
+
+*openswan-2.6.31 (27 Nov 2010)
+
+ 27 Nov 2010; Alin Năstac <mrness@gentoo.org> -openswan-2.6.28.ebuild,
+ -files/openswan-2.6.28-gentoo.patch, +openswan-2.6.31.ebuild,
+ +files/openswan-2.6.31-gentoo.patch:
+ Fix multilib-strict checks (#344735).
+
+*openswan-2.6.29 (29 Sep 2010)
+
+ 29 Sep 2010; Alin Năstac <mrness@gentoo.org> -openswan-2.4.15.ebuild,
+ +openswan-2.6.29.ebuild, +files/openswan-2.6.29-gentoo.patch:
+ Version bump.
+
+*openswan-2.6.28 (15 Aug 2010)
+
+ 15 Aug 2010; Alin Năstac <mrness@gentoo.org> -openswan-2.4.15-r1.ebuild,
+ openswan-2.4.15-r2.ebuild, -openswan-2.6.23-r1.ebuild,
+ -openswan-2.6.23-r2.ebuild, -files/openswan-2.6.23-gentoo.patch,
+ +openswan-2.6.28.ebuild, +files/openswan-2.6.28-gentoo.patch,
+ metadata.xml:
+ Mark version 2.4.15-r2 as stable on amd64 and x86. Version bump (#301813).
+
+ 15 Dec 2009; Peter Volkov <pva@gentoo.org> metadata.xml:
+ metadata.xml: added required herd tag.
+
+*openswan-2.6.23-r2 (05 Dec 2009)
+*openswan-2.4.15-r2 (05 Dec 2009)
+
+ 05 Dec 2009; Alin Năstac <mrness@gentoo.org> +openswan-2.4.15-r2.ebuild,
+ -openswan-2.6.22.ebuild, -files/openswan-2.6.22-gentoo.patch,
+ +openswan-2.6.23-r2.ebuild:
+ Use selected CC (#293277). Install more doc files (#294533).
+
+*openswan-2.6.23-r1 (17 Sep 2009)
+
+ 17 Sep 2009; Alin Năstac <mrness@gentoo.org>
+ files/openswan-2.6.23-gentoo.patch, -openswan-2.6.23.ebuild,
+ +openswan-2.6.23-r1.ebuild:
+ Re-add setup script (#284955).
+
+*openswan-2.6.23 (11 Sep 2009)
+*openswan-2.4.15-r1 (11 Sep 2009)
+
+ 11 Sep 2009; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.4-allow-ms-bad-proposal.patch,
+ +files/openswan-2.6.23-gentoo.patch,
+ +files/openswan-2.6-allow-ms-bad-proposal.patch, metadata.xml,
+ +openswan-2.4.15-r1.ebuild, +openswan-2.6.23.ebuild:
+ Version bump. Correct ipsec.conf and ipsec.secrets paths in openswan-2.4
+ documentation (#284235). Add ms-bad-proposal USE flag and patch (#284240).
+
+ 30 Aug 2009; Alin Năstac <mrness@gentoo.org>
+ -files/openswan-2.4.14-deprecated-ldap.patch,
+ -files/openswan-2.4.14-gentoo-fixed.patch,
+ -files/openswan-2.4.14-getline.patch,
+ -files/openswan-2.6.21-gentoo-fixed.patch, -openswan-2.4.14.ebuild,
+ -openswan-2.6.21.ebuild:
+ Expunge exploitable versions from the tree (#275233).
+
+ 29 Jun 2009; Markus Meier <maekke@gentoo.org> openswan-2.4.15.ebuild:
+ amd64 stable, bug #275233
+
+ 29 Jun 2009; Christian Faulhammer <fauli@gentoo.org>
+ openswan-2.4.15.ebuild:
+ stable x86, security bug 275233
+
+*openswan-2.4.15 (28 Jun 2009)
+
+ 28 Jun 2009; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.4.15-deprecated-ldap.patch,
+ +files/openswan-2.4.15-gentoo.patch, +openswan-2.4.15.ebuild,
+ openswan-2.6.22.ebuild:
+ Version bump wrt security bug #275233. Fix sed error (#275448).
+
+*openswan-2.6.22 (24 Jun 2009)
+
+ 24 Jun 2009; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.6.22-gentoo.patch, +openswan-2.6.22.ebuild:
+ Version bump wrt security bug #275233.
+
+ 14 Jun 2009; Alin Năstac <mrness@gentoo.org>
+ -files/openswan-2.4.13-deprecated-ldap.patch,
+ -files/openswan-2.4.13-gentoo-fixed.patch,
+ +files/openswan-2.4.14-getline.patch, -files/openswan-2.6.19-gentoo.patch,
+ -files/openswan-2.6.19-qa-fixes.patch, -openswan-2.4.13-r2.ebuild,
+ openswan-2.4.14.ebuild, -openswan-2.6.19.ebuild:
+ Fix compile error when built against glibc-2.10 (#271987). Remove obsolete
+ versions.
+
+ 23 Apr 2009; Markus Meier <maekke@gentoo.org> openswan-2.4.14:
+ amd64/x86 stable, bug #264346
+
+ 15 Apr 2009; Alin Năstac <mrness@gentoo.org>
+ -files/openswan-2.4.14-gentoo.patch,
+ +files/openswan-2.4.14-gentoo-fixed.patch,
+ -files/openswan-2.6.21-gentoo.patch,
+ +files/openswan-2.6.21-gentoo-fixed.patch, openswan-2.4.14.ebuild,
+ openswan-2.6.21.ebuild:
+ Replace gentoo patches with with gentoo-fixed patches, added to cvs using
+ -kb flag (#264346).
+
+ 10 Apr 2009; Alin Năstac <mrness@gentoo.org>
+ metadata.xml:
+ Add -kb flag to gentoo patch (#265612). Remove secure-tunneling herd (#265655).
+
+*openswan-2.6.21 (08 Apr 2009)
+*openswan-2.4.14 (08 Apr 2009)
+
+ 08 Apr 2009; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.4.14-deprecated-ldap.patch,
+ +files/openswan-2.4.14-gentoo.patch, +files/openswan-2.6.21-gentoo.patch,
+ +openswan-2.4.14.ebuild, +openswan-2.6.21.ebuild:
+ Version bumps wrt to security bug #264346. Remove -Werror from compiler
+ options (#260927).
+
+ 11 Jan 2009; Alin Năstac <mrness@gentoo.org>
+ -files/openswan-2.6.18-gentoo.patch, files/openswan-2.6.19-gentoo.patch,
+ -openswan-2.6.18.ebuild, openswan-2.6.19.ebuild:
+ Replace xmlto --skip-validation patch with app-text/docbook-xml-dtd:4.1.2
+ dependency atom (#237132).
+
+ 06 Dec 2008; Alin Năstac <mrness@gentoo.org> Manifest:
+ Fix checksums of the openswan-2.6.18.tar.gz file (#249867).
+
+*openswan-2.6.19 (03 Dec 2008)
+*openswan-2.4.13-r2 (03 Dec 2008)
+
+ 03 Dec 2008; Alin Năstac <mrness@gentoo.org>
+ -files/openswan-2.4.11-gentoo.patch,
+ -files/openswan-2.4.11-implicit-decl.patch,
+ -files/openswan-2.4.12-deprecated-ldap.patch,
+ -files/openswan-2.4.12-gentoo.patch, -files/openswan-2.6.16-gentoo.patch,
+ -files/openswan-2.6.16-qa-fixes.patch,
+ -files/openswan-2.6.16-refine-connection.patch,
+ +files/openswan-2.6.19-gentoo.patch,
+ +files/openswan-2.6.19-qa-fixes.patch, -openswan-2.4.11.ebuild,
+ -openswan-2.4.12.ebuild, -openswan-2.4.13-r1.ebuild,
+ +openswan-2.4.13-r2.ebuild, -openswan-2.6.16.ebuild,
+ openswan-2.6.18.ebuild, +openswan-2.6.19.ebuild:
+ Remove obsolete versions. Correct doc install path (#241976). Version bump.
+
+*openswan-2.6.18 (12 Oct 2008)
+*openswan-2.4.13-r1 (12 Oct 2008)
+
+ 12 Oct 2008; Alin Năstac <mrness@gentoo.org>
+ files/openswan-2.4.13-gentoo-fixed.patch,
+ +files/openswan-2.6.18-gentoo.patch, -openswan-2.4.13.ebuild,
+ +openswan-2.4.13-r1.ebuild, +openswan-2.6.18.ebuild:
+ Remove livetest script wrt security bug #238574. Skip xml validation (#237132).
+
+*openswan-2.6.16 (21 Sep 2008)
+
+ 21 Sep 2008; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.6.16-gentoo.patch,
+ +files/openswan-2.6.16-qa-fixes.patch,
+ +files/openswan-2.6.16-refine-connection.patch, +files/ipsec-initd,
+ metadata.xml, +openswan-2.6.16.ebuild:
+ Version bump to latest 2.6 version (#237132).
+
+ 17 Sep 2008; Markus Meier <maekke@gentoo.org> openswan-2.4.13.ebuild:
+ amd64/x86 stable, bug #237603
+
+ 16 Aug 2008; Alin Năstac <mrness@gentoo.org>
+ -files/openswan-2.4.13-gentoo.patch,
+ +files/openswan-2.4.13-gentoo-fixed.patch, openswan-2.4.13.ebuild:
+ Fix patch broken by the $Id cvs replacement.
+
+*openswan-2.4.13 (15 Aug 2008)
+
+ 15 Aug 2008; Alin Năstac <mrness@gentoo.org>
+ -files/openswan-2.4.9-gentoo.patch, -files/openswan-2.4.9-mkdir.patch,
+ +files/openswan-2.4.13-deprecated-ldap.patch,
+ +files/openswan-2.4.13-gentoo.patch, -openswan-2.4.9-r1.ebuild,
+ +openswan-2.4.13.ebuild:
+ Version bump.
+
+ 28 Jun 2008; Thomas Anderson <gentoofan23@gentoo.org>
+ openswan-2.4.11.ebuild:
+ stable amd64, bug 225325
+
+ 19 Jun 2008; Christian Faulhammer <opfer@gentoo.org>
+ openswan-2.4.11.ebuild:
+ stable x86, bug 225325
+
+ 08 Jun 2008; Sven Wegener <swegener@gentoo.org>
+ files/openswan-2.4.12-gentoo.patch, openswan-2.4.12.ebuild:
+ Fixup src_unpack, hand edit patch to apply with CVS keyword replacements,
+ remove spurious backslash in find call.
+
+*openswan-2.4.12 (08 Jun 2008)
+
+ 08 Jun 2008; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.4.12-deprecated-ldap.patch,
+ +files/openswan-2.4.12-gentoo.patch, +openswan-2.4.12.ebuild:
+ Version bump.
+
+*openswan-2.4.11 (29 Jan 2008)
+
+ 29 Jan 2008; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.4.11-gentoo.patch,
+ +files/openswan-2.4.11-implicit-decl.patch, +openswan-2.4.11.ebuild:
+ Version bump (#207936). Add curl and ldap USE flags.
+
+ 22 Oct 2007; Alin Năstac <mrness@gentoo.org>
+ -files/openswan-2.4.7-gentoo.patch, -files/openswan-2.4.8-gentoo.patch,
+ -files/openswan-2.4.8-smartcard-typo.patch,
+ -files/openswan-2.4.8-type-punned.patch, -openswan-2.4.7.ebuild,
+ -openswan-2.4.8.ebuild:
+ Remove obsolete versions.
+
+*openswan-2.4.9-r1 (26 Sep 2007)
+
+ 26 Sep 2007; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.4.9-mkdir.patch, -openswan-2.4.9.ebuild,
+ +openswan-2.4.9-r1.ebuild:
+ Fix erroneous creation of rundir and subsysdir (#193824).
+ Sanitize the ebuild code.
+
+ 23 Sep 2007; Alin Năstac <mrness@gentoo.org> openswan-2.4.9.ebuild:
+ Stable on amd64 (#192964).
+
+ 22 Sep 2007; Christian Faulhammer <opfer@gentoo.org>
+ openswan-2.4.9.ebuild:
+ stable x86, bug 192964
+
+*openswan-2.4.9 (12 Jul 2007)
+
+ 12 Jul 2007; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.4.9-gentoo.patch, +openswan-2.4.9.ebuild:
+ Version bump.
+
+ 14 Jun 2007; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.4.8-smartcard-typo.patch, openswan-2.4.8.ebuild:
+ Add smartcard support (#181483).
+
+*openswan-2.4.8 (05 Jun 2007)
+
+ 05 Jun 2007; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.4.8-gentoo.patch,
+ +files/openswan-2.4.8-type-punned.patch, +openswan-2.4.8.ebuild:
+ Version bump with 2 new USE flags : extra-algorithms and weak-algorithms
+ (#180472).
+
+ 24 May 2007; Gustavo Zacarias <gustavoz@gentoo.org> openswan-2.4.7.ebuild:
+ Keyworded ~sparc
+
+ 19 Mar 2007; Bryan Østergaard <kloeri@gentoo.org> metadata.xml:
+ Remove pfeifer from metadata.xml due to retirement.
+
+ 18 Mar 2007; Alin Năstac <mrness@gentoo.org>
+ -files/openswan-2.4.4-gentoo.patch, -openswan-2.4.4.ebuild:
+ Remove obsolete version.
+
+ 14 Jan 2007; Alin Năstac <mrness@gentoo.org> openswan-2.4.7.ebuild:
+ Stable on amd64 and x86.
+
+*openswan-2.4.7 (07 Dec 2006)
+
+ 07 Dec 2006; Alin Năstac <mrness@gentoo.org>
+ +files/openswan-2.4.7-gentoo.patch, metadata.xml, +openswan-2.4.7.ebuild:
+ Version bump (#134484). Fix dependencies (#147116).
+
+ 22 Nov 2006; Charlie Shepherd <masterdriverz@gentoo.org> ChangeLog:
+ Change "exit" to "return" in init script and use doinitd. Thanks to Tomasz
+ Orzechowski for reporting and Sérgio Luís for init script. Closes Bug
+ 99138
+
+ 16 Oct 2006; Daniel Drake <dsd@gentoo.org> openswan-2.4.4.ebuild:
+ Use linux-mod, to fix bug #149197 reported by DominikBuerkle
+
+ 19 Jun 2006; Alin Nastac <mrness@gentoo.org> files/ipsec:
+ Start ipsec after dns.
+
+ 16 Feb 2006; Jay Pfeifer <pfeifer@gentoo.org> -openswan-1.0.7.ebuild:
+ Remove unsupported version 1.0.7.
+ Upstream no longer supports any 1.x version as of 01Jan2006.
+
+ 29 Nov 2005; Jay Pfeifer <pfeifer@gentoo.org>
+ -files/openswan-2.2.0-gentoo.patch, -openswan-2.2.0.ebuild,
+ openswan-2.4.4.ebuild:
+ Mark 2.4.4 stable on x86 and amd64 as per bug #112568.
+ Remove version 2.2.0
+
+*openswan-2.4.4 (28 Nov 2005)
+
+ 28 Nov 2005; Jay Pfeifer <pfeifer@gentoo.org>
+ -files/openswan-2.4.3-gentoo.patch, +files/openswan-2.4.4-gentoo.patch,
+ -openswan-2.4.3.ebuild, +openswan-2.4.4.ebuild:
+ Version bump fixing gawk bugs and bug #112568
+ Removing 2.4.3
+
+*openswan-2.4.3 (15 Nov 2005)
+
+ 15 Nov 2005; Jay Pfeifer <pfeifer@gentoo.org>
+ -files/openswan-2.4.2-gentoo.patch, +files/openswan-2.4.3-gentoo.patch,
+ -openswan-2.4.2.ebuild, +openswan-2.4.3.ebuild:
+ Version bump fixing assert in PSK+ID and aggressive mode.
+ Remove openswan-2.4.2.
+
+*openswan-2.4.2 (15 Nov 2005)
+
+ 15 Nov 2005; Jay Pfeifer <pfeifer@gentoo.org>
+ -files/openswan-2.1.4-gentoo.patch, -files/openswan-2.1.5-gentoo.patch,
+ -files/openswan-2.3.0-gentoo.patch, -files/openswan-2.3.1-gentoo.patch,
+ +files/openswan-2.4.2-gentoo.patch, -openswan-1.0.6.ebuild,
+ -openswan-2.1.4.ebuild, -openswan-2.1.5.ebuild, openswan-2.2.0.ebuild,
+ -openswan-2.3.0.ebuild, -openswan-2.3.1.ebuild, +openswan-2.4.2.ebuild:
+ Version bump fixing bug #112568.
+ Cleaning-up old ebuilds.
+
+ 15 Jul 2005; George Shapovalov <george@gentoo.org> openswan-*.ebuild:
+ changed dependency net-misc/host -> net-dns/host to account for package move
+
+*openswan-2.3.1 (12 Apr 2005)
+
+ 12 Apr 2005; Jay Pfeifer <pfeifer@gentoo.org>
+ +files/openswan-2.3.1-gentoo.patch, +openswan-2.3.1.ebuild:
+ Version bump.
+
+*openswan-2.3.0 (20 Jan 2005)
+
+ 20 Jan 2005; Jay Pfeifer <pfeifer@gentoo.org>
+ +files/openswan-2.3.0-gentoo.patch, +openswan-2.3.0.ebuild:
+ Version bump.
+
+ 25 Oct 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-2.2.0.ebuild:
+ Stable on x86.
+
+ 19 Oct 2004; Dylan Carlson <absinthe@gentoo.org> openswan-2.1.5.ebuild,
+ openswan-2.2.0.ebuild:
+ Stable on amd64.
+
+*openswan-2.2.0 (17 Sep 2004)
+
+ 17 Sep 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-2.2.0.ebuild:
+ Version bump.
+
+ 12 Sep 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-1.0.6.ebuild,
+ openswan-1.0.7.ebuild, openswan-2.1.4.ebuild, openswan-2.1.5.ebuild:
+ Fix-up of ebuilds to block strongswan. Closing bug #60794.
+
+*openswan-2.1.5 (12 Aug 2004)
+
+ 12 Aug 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-2.1.5.ebuild:
+ Version bump.
+
+*openswan-1.0.7 (12 Aug 2004)
+
+ 12 Aug 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-1.0.7.ebuild:
+ Version bump for the 1.x users.
+
+ 23 Jul 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-1.0.6.ebuild:
+ Fix depend on iproute2 closing bug #57263.
+
+ 01 Jul 2004; Jon Hood <squinky86@gentoo.org> openswan-1.0.6.ebuild,
+ openswan-2.1.4.ebuild:
+ change virtual/glibc to virtual/libc
+
+*openswan-1.0.6 (01 Jul 2004)
+
+ 01 Jul 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-1.0.6.ebuild:
+ Version bump for the 1.x users.
+
+*openswan-2.1.4 (23 Jun 2004)
+
+ 23 Jun 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-2.1.4.ebuild:
+ Version bump. Contains a fix for potential security issue in x509.
+
+*openswan-1.0.6rc1 (23 Jun 2004)
+
+ 23 Jun 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-1.0.6_rc1.ebuild:
+ Initial import of Openswan 1.0.x series.
+ Superfreeswan users will now be migrated to openswan.
+ Contains fixes for potential security issues in x509.
+
+ 19 Jun 2004; David Holm <dholm@gentoo.org> openswan-2.1.3.ebuild:
+ Added to ~ppc.
+
+*openswan-2.1.3 (19 Jun 2004)
+
+ 19 Jun 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-2.1.3.ebuild:
+ Version bump. Contains fixes for potential security issues.
+ Info here: http://lists.openswan.org/pipermail/dev/2004-June/000370.html
+ Removing all prior versions.
+
+ 15 Jun 2004; Danny van Dyk <kugelfang@gentoo.org> openswan-2.1.1.ebuild:
+ Marked stable on amd64.
+
+*openswan-2.1.2 (19 May 2004)
+
+ 19 May 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-2.1.2.ebuild:
+ Version bump.
+
+ 27 Apr 2004; Aron Griffis <agriffis@gentoo.org> openswan-2.0.0.ebuild,
+ openswan-2.1.0.ebuild, openswan-2.1.1.ebuild:
+ Add inherit eutils
+
+ 31 Mar 2004; Daniel Ahlberg <aliz@gentoo.org> openswan-2.1.1.ebuild:
+ Adding amd64 keyword, closing #46317.
+
+*openswan-2.1.1 (29 Mar 2004)
+
+ 29 Mar 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-2.1.1.ebuild:
+ Version bump. Closes Bug #46006.
+
+*openswan-2.1.0 (17 Mar 2004)
+
+ 17 Mar 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-2.1.0.ebuild:
+ Version bump.
+
+*openswan-2.0.0 (22 Feb 2004)
+
+ 22 Feb 2004; Jay Pfeifer <pfeifer@gentoo.org> openswan-2.0.0.ebuild:
+ Initial import.
+ Provides userspace IPsec tool/support for FreeS/WAN based 2.4 kernels
+ and native 2.6 (KAME) based IPsec. 2.6 support is a work in progress.
+ Enjoy :)
diff --git a/net-misc/openswan/Manifest b/net-misc/openswan/Manifest
new file mode 100644
index 0000000..d82f946
--- /dev/null
+++ b/net-misc/openswan/Manifest
@@ -0,0 +1 @@
+DIST openswan-2.6.38.tar.gz 10861574 SHA256 bdd3ccf31df1f3e8530887986ea8b6702a3db139486738213f5de8d8690b3723 SHA512 0963a9df548c901eb562185f97d844f57539668f11fbe2a43712223773053895c761b1d5d0be4fffa64014baf58ff2d7cf23676a3da51c5a5134b0639796ad10 WHIRLPOOL e270de7eceee7964148910ed4ec35a39df002ebca3ca892d9f13a2a06eaf1476019c5ac8830eb24c9389afb8256d43ea580d7a3d29dc828be88608a9535d9668
diff --git a/net-misc/openswan/metadata.xml b/net-misc/openswan/metadata.xml
new file mode 100644
index 0000000..797968e
--- /dev/null
+++ b/net-misc/openswan/metadata.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>floppym@gentoo.org</email>
+ <name>Mike Gilbert</name>
+ </maintainer>
+ <longdescription>From the Openswan web site: Openswan is an Open Source
+implementation of IPsec for the Linux operating system. Is it a code fork
+of the FreeS/WAN project, started by a few of the developers who were
+growing frustrated with the politics surrounding the FreeS/WAN project.</longdescription>
+ <use>
+ <flag name="curl">Include curl support (used for fetching CRLs)</flag>
+ <flag name="ldap">Include LDAP support (used for fetching CRLs)</flag>
+ <flag name="extra-algorithms">Include additional strong algorithms
+ (Blowfish, Twofish, Serpent and SHA2)</flag>
+ <flag name="weak-algorithms">Include weak algorithms (DH1)</flag>
+ <flag name="nocrypto-algorithms">Include algorithms that don't even encrypt
+ (1DES)</flag>
+ <flag name="ms-bad-proposal">Allow bad IP address proposal offered by an
+ Microsoft L2TP/IPSec servers</flag>
+ <flag name="nss">Include libnss support (adds smartcard support)</flag>
+ <flag name="ssl">Use OpenSSL libraries for BIGNUM support</flag>
+ </use>
+</pkgmetadata>
diff --git a/net-misc/openswan/openswan-2.6.38.ebuild b/net-misc/openswan/openswan-2.6.38.ebuild
new file mode 100644
index 0000000..ec079b1
--- /dev/null
+++ b/net-misc/openswan/openswan-2.6.38.ebuild
@@ -0,0 +1,178 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/openswan-2.6.38.ebuild,v 1.5 2013/01/06 17:54:29 floppym Exp $
+
+EAPI="4"
+
+inherit eutils linux-info toolchain-funcs flag-o-matic
+
+DESCRIPTION="Open Source implementation of IPsec for the Linux operating system (was SuperFreeS/WAN)."
+HOMEPAGE="http://www.openswan.org/"
+SRC_URI="http://download.openswan.org/openswan/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ~ppc ~sparc x86"
+IUSE="caps curl ldap pam ssl extra-algorithms weak-algorithms nocrypto-algorithms ms-bad-proposal nss"
+
+RESTRICT="test" # requires user mode linux setup
+
+COMMON_DEPEND="!net-misc/strongswan
+ dev-libs/gmp
+ dev-lang/perl
+ caps? ( sys-libs/libcap-ng )
+ curl? ( net-misc/curl )
+ ldap? ( net-nds/openldap )
+ nss? ( dev-libs/nss )
+ ssl? ( dev-libs/openssl )"
+DEPEND="${COMMON_DEPEND}
+ virtual/linux-sources
+ app-text/xmlto
+ app-text/docbook-xml-dtd:4.1.2" # see bug 237132
+RDEPEND="${COMMON_DEPEND}
+ || ( sys-apps/net-tools[old-output] <sys-apps/net-tools-1.60_p201111202031570500 )
+ virtual/logger
+ sys-apps/iproute2"
+
+pkg_setup() {
+ if use nocrypto-algorithms && ! use weak-algorithms; then
+ ewarn "Enabling nocrypto-algorithms USE flag has no effect when"
+ ewarn "weak-algorithms USE flag is disabled"
+ fi
+
+ linux-info_pkg_setup
+
+ if kernel_is -ge 2 6; then
+ einfo "This ebuild will set ${P} to use kernel native IPsec (KAME)."
+ MYMAKE="programs"
+
+ elif kernel_is 2 4; then
+ if ! [[ -d "${KERNEL_DIR}/net/ipsec" ]]; then
+ eerror "You need to have an IPsec enabled 2.4.x kernel."
+ eerror "Ensure you have one running and make a symlink to it in /usr/src/linux"
+ die
+ fi
+
+ einfo "Using patched-in IPsec code for kernel 2.4"
+ einfo "Your kernel only supports KLIPS for kernel level IPsec."
+ MYMAKE="confcheck programs"
+
+ else
+ die "Unsupported kernel version"
+ fi
+
+ # most code is OK, but programs/pluto code breaks strict aliasing
+ append-cflags -fno-strict-aliasing
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${P}-gentoo.patch
+ use ms-bad-proposal && epatch "${FILESDIR}"/${PN}-${PV%.*}-allow-ms-bad-proposal.patch
+
+ find . -type f -regex '.*[.]\([1-8]\|html\|xml\)' -exec sed -i \
+ -e s:/usr/local:/usr:g '{}' \; ||
+ die "failed to replace text in docs"
+}
+
+usetf() { usex $1 true false ; }
+get_make_options() {
+ make_options=(
+ KERNELSRC="${KERNEL_DIR}"
+ FINALEXAMPLECONFDIR=/usr/share/doc/${PF}
+ INC_RCDEFAULT=/etc/init.d
+ INC_USRLOCAL=/usr
+ INC_MANDIR=share/man
+ FINALDOCDIR=/usr/share/doc/${PF}/html
+ FINALLIBDIR=/usr/$(get_libdir)/ipsec
+ DESTDIR="${D}"
+ USERCOMPILE="${CFLAGS}"
+ USERLINK="-Wl,-z,relro ${LDFLAGS}"
+ CC="$(tc-getCC)"
+ USE_LIBCAP_NG=$(usetf caps)
+ USE_LIBCURL=$(usetf curl)
+ USE_LDAP=$(usetf ldap)
+ USE_XAUTH=true
+ USE_XAUTHPAM=$(usetf pam)
+ USE_LIBNSS=$(usetf nss)
+ HAVE_OPENSSL=$(usetf ssl)
+ USE_EXTRACRYPTO=$(usetf extra-algorithms)
+ USE_WEAKSTUFF=$(usetf weak-algorithms)
+ )
+
+ if use weak-algorithms && use nocrypto-algorithms ; then
+ make_options+=( USE_NOCRYPTO=true )
+ fi
+
+ make_options+=( USE_LWRES=false ) # needs bind9 with lwres support
+ if use curl || use ldap || use pam; then
+ make_options+=( HAVE_THREADS=true )
+ else
+ make_options+=( HAVE_THREADS=false )
+ fi
+}
+
+src_compile() {
+ local make_options; get_make_options
+ emake "${make_options[@]}" ${MYMAKE}
+}
+
+src_install() {
+ local make_options; get_make_options
+ emake "${make_options[@]}" install
+
+ dodoc CHANGES README
+ dodoc docs/{KNOWN_BUGS*,RELEASE-NOTES*,PATENTS*,debugging*}
+ docinto quickstarts
+ dodoc docs/quickstarts/*
+
+ insinto /usr/share/doc/${PF}
+ doins -r contrib
+ docompress -x /usr/share/doc/${PF}/contrib
+
+ newinitd "${FILESDIR}"/ipsec-initd ipsec
+
+ # We don't need to install /var/run/pluto.
+ rm -rf "${D}var" || die
+}
+
+pkg_preinst() {
+ if has_version "<net-misc/openswan-2.6.14" && pushd "${ROOT}etc/ipsec"; then
+ ewarn "Following files and directories were moved from '${ROOT}etc/ipsec' to '${ROOT}etc':"
+ local i err=0
+ if [ -h "../ipsec.d" ]; then
+ rm "../ipsec.d" || die "failed to remove ../ipsec.d symlink"
+ fi
+ for i in *; do
+ if [ -e "../$i" ]; then
+ eerror " $i NOT MOVED, ../$i already exists!"
+ err=1
+ elif [ -d "$i" ]; then
+ mv "$i" .. || die "failed to move $i directory"
+ ewarn " directory $i"
+ elif [ -f "$i" ]; then
+ sed -i -e 's:/etc/ipsec/:/etc/:g' "$i" && \
+ mv "$i" .. && ewarn " file $i" || \
+ die "failed to move $i file"
+ else
+ eerror " $i NOT MOVED, it is not a file nor a directory!"
+ err=1
+ fi
+ done
+ popd
+ if [ $err -eq 0 ]; then
+ rmdir "${ROOT}etc/ipsec" || eerror "Failed to remove ${ROOT}etc/ipsec"
+ else
+ ewarn "${ROOT}etc/ipsec is not empty, you will have to remove it yourself"
+ fi
+ fi
+}
+
+pkg_postinst() {
+ if kernel_is -ge 2 6; then
+ CONFIG_CHECK="~NET_KEY ~INET_XFRM_MODE_TRANSPORT ~INET_XFRM_MODE_TUNNEL ~INET_AH ~INET_ESP ~INET_IPCOMP"
+ WARNING_INET_AH="CONFIG_INET_AH:\tmissing IPsec AH support (needed if you want only authentication)"
+ WARNING_INET_ESP="CONFIG_INET_ESP:\tmissing IPsec ESP support (needed if you want authentication and encryption)"
+ WARNING_INET_IPCOMP="CONFIG_INET_IPCOMP:\tmissing IPsec Payload Compression (required for compress=yes)"
+ check_extra_config
+ fi
+}
diff --git a/profiles/package.mask b/profiles/package.mask
new file mode 100644
index 0000000..7bdd72a
--- /dev/null
+++ b/profiles/package.mask
@@ -0,0 +1,7 @@
+# Jeremy Olexa <darkside@gentoo.org> (5 Sept 2013)
+# Mask higher versions because something is broken with it (for me). See
+# https://bugs.gentoo.org/483576 . 2.6.39 was stabilized for existing CVE but
+# that only applies if you have Opportunistic Encryption Support enabled which I
+# do not (and neither do most people).
+# http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2053
+>=net-misc/openswan-2.6.39