1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
# Copyright 1999-2010 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $
EAPI="1"
inherit eutils linux-info
DESCRIPTION="GNU Virtual Private Ethernet"
HOMEPAGE="http://savannah.gnu.org/projects/gvpe"
SRC_URI="mirror://gnu/${PN}/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="nls tcp +compression dns icmp http-proxy
cipher-aes-128 cipher-aes-192 +cipher-aes-256 cipher-blowfish
digset-sha512 digset-sha256 digset-sha1 +digset-ripemd160 digset-md5 digset-md4-insecure"
DEPEND="dev-libs/libev
>=dev-libs/openssl-0.9.7c
nls? ( sys-devel/gettext )
virtual/linux-sources"
RDEPEND=">=dev-libs/openssl-0.9.7c"
src_compile() {
#Since gvpe does not support more than 1 cipher and more then 1 digset
#here we do some not so clever checks to ensure that only one is selected
local myEnc
local encCnt=0
use cipher-aes-256 && myEnc="aes-256" && encCnt=$((encCnt+1))
use cipher-aes-192 && myEnc="aes-192" && encCnt=$((encCnt+1))
use cipher-aes-128 && myEnc="aes-128" && encCnt=$((encCnt+1))
use cipher-blowfish && myEnc="bf" && encCnt=$((encCnt+1))
if [[ $encCnt<1 ]]; then
eerror "An encryption alogotithm have to be selected.\nAdd one of cipher-aes-256, cipher-aes-192, cipher-aes-128 or cipher-blowfish to your USE variable."
die;
elif [[ $encCnt>1 ]]; then
eerror "More then one ecryption alogorithm selected.\nRemove all but one of cipher-aes-256, cipher-aes-192, cipher-aes-128 or cipher-blowfish flags from your USE variable."
die;
fi
encCnt=0
local myDigset
use digset-sha512 && myDigset="sha512" && encCnt=$((encCnt+1))
use digset-sha256 && myDigset="sha256" && encCnt=$((encCnt+1))
use digset-sha1 && myDigset="sha1" && encCnt=$((encCnt+1))
use digset-ripemd160 && myDigset="ripemd160" && encCnt=$((encCnt+1))
use digset-md5 && myDigset="md5" && encCnt=$((encCnt+1))
use digset-md4-insecure && myDigset="md4" && encCnt=$((encCnt+1))
if [[ $encCnt<1 ]]; then
eerror "A digset algorithm have to be selected.\nAdd one of digset-sha512, digset-sha256, digset-sha1, digset-ripemd160, digset-md5 or digset-md4-insecure to your USE variable."
die;
elif [[ $encCnt>1 ]]; then
eerror "More then one digset alogorithm selected.\nRemove all but one of digset-sha512, digset-sha256, digset-sha1, digset-ripemd160, digset-md5 or digset-md4-insecure flags from your USE variable."
die;
fi
#add proper support for --disable in the configure scrip
epatch "${FILESDIR}/configure.${P}.patch"
#the hmac and rand flags are hardcoded this is not so good because
#it leaves the system more predictable. But I don't think that adding
#24 more use flags is a good idea too.
econf $(use_enable nls) \
$(use_enable compression) \
$(use_enable dns) \
$(use_enable icmp) \
$(use_enable http-proxy) \
$(use_enable tcp) \
--enable-hmac-length=16 --enable-rand-length=8 --enable-cipher=$myEnc \
--enable-digest=$myDigset
emake || die
}
src_install() {
emake DESTDIR="${D}" install || die
dodoc AUTHORS NEWS README TODO || die
newinitd "${FILESDIR}/gvpe.rc" gvpe || die
newconfd "${FILESDIR}/gvpe.confd" gvpe || die
insinto /etc/gvpe
doins "${FILESDIR}/gvpe.conf.example" || die
exeinto /etc/gvpe
doexe "${FILESDIR}/if-up" || die
}
pkg_postinst() {
linux_chkconfig_present TUN || ewarn "This package requires the tun/tap kernel device."
einfo "Edit /etc/conf.d/gvpe and /etc/gvpe/gvpe.conf"
ewarn "All nodes in your VPN have to use the same combination of digset and cipher!"
}
|