diff options
Diffstat (limited to 'net-misc/openswan/openswan-2.6.38.ebuild')
-rw-r--r-- | net-misc/openswan/openswan-2.6.38.ebuild | 178 |
1 files changed, 178 insertions, 0 deletions
diff --git a/net-misc/openswan/openswan-2.6.38.ebuild b/net-misc/openswan/openswan-2.6.38.ebuild new file mode 100644 index 0000000..ec079b1 --- /dev/null +++ b/net-misc/openswan/openswan-2.6.38.ebuild @@ -0,0 +1,178 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openswan/openswan-2.6.38.ebuild,v 1.5 2013/01/06 17:54:29 floppym Exp $ + +EAPI="4" + +inherit eutils linux-info toolchain-funcs flag-o-matic + +DESCRIPTION="Open Source implementation of IPsec for the Linux operating system (was SuperFreeS/WAN)." +HOMEPAGE="http://www.openswan.org/" +SRC_URI="http://download.openswan.org/openswan/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ~ppc ~sparc x86" +IUSE="caps curl ldap pam ssl extra-algorithms weak-algorithms nocrypto-algorithms ms-bad-proposal nss" + +RESTRICT="test" # requires user mode linux setup + +COMMON_DEPEND="!net-misc/strongswan + dev-libs/gmp + dev-lang/perl + caps? ( sys-libs/libcap-ng ) + curl? ( net-misc/curl ) + ldap? ( net-nds/openldap ) + nss? ( dev-libs/nss ) + ssl? ( dev-libs/openssl )" +DEPEND="${COMMON_DEPEND} + virtual/linux-sources + app-text/xmlto + app-text/docbook-xml-dtd:4.1.2" # see bug 237132 +RDEPEND="${COMMON_DEPEND} + || ( sys-apps/net-tools[old-output] <sys-apps/net-tools-1.60_p201111202031570500 ) + virtual/logger + sys-apps/iproute2" + +pkg_setup() { + if use nocrypto-algorithms && ! use weak-algorithms; then + ewarn "Enabling nocrypto-algorithms USE flag has no effect when" + ewarn "weak-algorithms USE flag is disabled" + fi + + linux-info_pkg_setup + + if kernel_is -ge 2 6; then + einfo "This ebuild will set ${P} to use kernel native IPsec (KAME)." + MYMAKE="programs" + + elif kernel_is 2 4; then + if ! [[ -d "${KERNEL_DIR}/net/ipsec" ]]; then + eerror "You need to have an IPsec enabled 2.4.x kernel." + eerror "Ensure you have one running and make a symlink to it in /usr/src/linux" + die + fi + + einfo "Using patched-in IPsec code for kernel 2.4" + einfo "Your kernel only supports KLIPS for kernel level IPsec." + MYMAKE="confcheck programs" + + else + die "Unsupported kernel version" + fi + + # most code is OK, but programs/pluto code breaks strict aliasing + append-cflags -fno-strict-aliasing +} + +src_prepare() { + epatch "${FILESDIR}"/${P}-gentoo.patch + use ms-bad-proposal && epatch "${FILESDIR}"/${PN}-${PV%.*}-allow-ms-bad-proposal.patch + + find . -type f -regex '.*[.]\([1-8]\|html\|xml\)' -exec sed -i \ + -e s:/usr/local:/usr:g '{}' \; || + die "failed to replace text in docs" +} + +usetf() { usex $1 true false ; } +get_make_options() { + make_options=( + KERNELSRC="${KERNEL_DIR}" + FINALEXAMPLECONFDIR=/usr/share/doc/${PF} + INC_RCDEFAULT=/etc/init.d + INC_USRLOCAL=/usr + INC_MANDIR=share/man + FINALDOCDIR=/usr/share/doc/${PF}/html + FINALLIBDIR=/usr/$(get_libdir)/ipsec + DESTDIR="${D}" + USERCOMPILE="${CFLAGS}" + USERLINK="-Wl,-z,relro ${LDFLAGS}" + CC="$(tc-getCC)" + USE_LIBCAP_NG=$(usetf caps) + USE_LIBCURL=$(usetf curl) + USE_LDAP=$(usetf ldap) + USE_XAUTH=true + USE_XAUTHPAM=$(usetf pam) + USE_LIBNSS=$(usetf nss) + HAVE_OPENSSL=$(usetf ssl) + USE_EXTRACRYPTO=$(usetf extra-algorithms) + USE_WEAKSTUFF=$(usetf weak-algorithms) + ) + + if use weak-algorithms && use nocrypto-algorithms ; then + make_options+=( USE_NOCRYPTO=true ) + fi + + make_options+=( USE_LWRES=false ) # needs bind9 with lwres support + if use curl || use ldap || use pam; then + make_options+=( HAVE_THREADS=true ) + else + make_options+=( HAVE_THREADS=false ) + fi +} + +src_compile() { + local make_options; get_make_options + emake "${make_options[@]}" ${MYMAKE} +} + +src_install() { + local make_options; get_make_options + emake "${make_options[@]}" install + + dodoc CHANGES README + dodoc docs/{KNOWN_BUGS*,RELEASE-NOTES*,PATENTS*,debugging*} + docinto quickstarts + dodoc docs/quickstarts/* + + insinto /usr/share/doc/${PF} + doins -r contrib + docompress -x /usr/share/doc/${PF}/contrib + + newinitd "${FILESDIR}"/ipsec-initd ipsec + + # We don't need to install /var/run/pluto. + rm -rf "${D}var" || die +} + +pkg_preinst() { + if has_version "<net-misc/openswan-2.6.14" && pushd "${ROOT}etc/ipsec"; then + ewarn "Following files and directories were moved from '${ROOT}etc/ipsec' to '${ROOT}etc':" + local i err=0 + if [ -h "../ipsec.d" ]; then + rm "../ipsec.d" || die "failed to remove ../ipsec.d symlink" + fi + for i in *; do + if [ -e "../$i" ]; then + eerror " $i NOT MOVED, ../$i already exists!" + err=1 + elif [ -d "$i" ]; then + mv "$i" .. || die "failed to move $i directory" + ewarn " directory $i" + elif [ -f "$i" ]; then + sed -i -e 's:/etc/ipsec/:/etc/:g' "$i" && \ + mv "$i" .. && ewarn " file $i" || \ + die "failed to move $i file" + else + eerror " $i NOT MOVED, it is not a file nor a directory!" + err=1 + fi + done + popd + if [ $err -eq 0 ]; then + rmdir "${ROOT}etc/ipsec" || eerror "Failed to remove ${ROOT}etc/ipsec" + else + ewarn "${ROOT}etc/ipsec is not empty, you will have to remove it yourself" + fi + fi +} + +pkg_postinst() { + if kernel_is -ge 2 6; then + CONFIG_CHECK="~NET_KEY ~INET_XFRM_MODE_TRANSPORT ~INET_XFRM_MODE_TUNNEL ~INET_AH ~INET_ESP ~INET_IPCOMP" + WARNING_INET_AH="CONFIG_INET_AH:\tmissing IPsec AH support (needed if you want only authentication)" + WARNING_INET_ESP="CONFIG_INET_ESP:\tmissing IPsec ESP support (needed if you want authentication and encryption)" + WARNING_INET_IPCOMP="CONFIG_INET_IPCOMP:\tmissing IPsec Payload Compression (required for compress=yes)" + check_extra_config + fi +} |