diff options
Diffstat (limited to 'net-misc')
-rw-r--r-- | net-misc/openconnect/ChangeLog | 10 | ||||
-rw-r--r-- | net-misc/openconnect/files/openconnect.conf.in | 28 | ||||
-rw-r--r-- | net-misc/openconnect/files/openconnect.init.in | 107 | ||||
-rw-r--r-- | net-misc/openconnect/files/openconnect.logrotate | 8 | ||||
-rw-r--r-- | net-misc/openconnect/metadata.xml | 11 | ||||
-rw-r--r-- | net-misc/openconnect/openconnect-4.07.ebuild | 135 |
6 files changed, 282 insertions, 17 deletions
diff --git a/net-misc/openconnect/ChangeLog b/net-misc/openconnect/ChangeLog index 11b8e7a09692..f957a34ba800 100644 --- a/net-misc/openconnect/ChangeLog +++ b/net-misc/openconnect/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for net-misc/openconnect # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openconnect/ChangeLog,v 1.2 2012/11/18 09:41:20 pacho Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openconnect/ChangeLog,v 1.3 2012/12/05 18:53:47 hwoarang Exp $ + +*openconnect-4.07 (05 Dec 2012) + + 05 Dec 2012; Markos Chandras <hwoarang@gentoo.org> + +files/openconnect.logrotate, +openconnect-4.07.ebuild, + files/openconnect.conf.in, files/openconnect.init.in, metadata.xml: + Version bump. Thanks to Matthew Schultz <mattsch@gmail.com> who will maintain + it. Bug #384099 18 Nov 2012; Pacho Ramos <pacho@gentoo.org> metadata.xml: Drop maintainer as talked with him via mail. diff --git a/net-misc/openconnect/files/openconnect.conf.in b/net-misc/openconnect/files/openconnect.conf.in index aeead32e25c6..53b14e61378e 100644 --- a/net-misc/openconnect/files/openconnect.conf.in +++ b/net-misc/openconnect/files/openconnect.conf.in @@ -1,4 +1,26 @@ -SERVER="vpn.server.tld" -PASSWORD="YOUR_PASSWD" +# Variables to configure vpn tunnels where "vpnname" is the name of your vpn tunnel: +# +# server_vpnname +# password_vpnname +# vpnopts_vpnname +# +# The tunnel will need to be started with a symbolic link to openconnect: +# +# ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpnname +# +# If you'd like to execute a script on preup, postup, predown and postdown of the vpn tunnel, you +# need to create executable scripts in a directory with the same name as +# the vpn tunnel (vpn0 can be replaced with the vpn name): +# +# mkdir /etc/openconnect/vpn0 +# cd /etc/openconnect/vpn0" +# echo '#!/bin/sh' > preup.sh" +# cp preup.sh predown.sh" +# cp preup.sh postup.sh" +# cp preup.sh postdown.sh" +# chmod 755 /etc/openconnect/vpn0/*" + +server_vpn0="vpn.server.tld" +password_vpn0="YOUR_PASSWORD" # Any OPENCONNECT options my go here (see openconnect --help) -VPNOPTS="-b -l --passwd-on-stdin --user=YOUR_USER --script=/etc/openconnect/openconnect.sh" +vpnopts_vpn0="-l --passwd-on-stdin --user=YOUR_USERNAME --script=/etc/openconnect/openconnect.sh" diff --git a/net-misc/openconnect/files/openconnect.init.in b/net-misc/openconnect/files/openconnect.init.in index 809b709c38de..abe1d0788673 100644 --- a/net-misc/openconnect/files/openconnect.init.in +++ b/net-misc/openconnect/files/openconnect.init.in @@ -1,24 +1,111 @@ #!/sbin/runscript -# Copyright 1999-2011 Gentoo Foundation +# Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openconnect/files/openconnect.init.in,v 1.1 2011/08/16 09:15:47 dagger Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openconnect/files/openconnect.init.in,v 1.2 2012/12/05 18:53:47 hwoarang Exp $ + +VPN="${RC_SVCNAME#*.}" +VPNLOG="/var/log/openconnect/${VPN}" +VPNLOGFILE="${VPNLOG}/openconnect.log" +VPNERRFILE="${VPNLOG}/openconnect.err" +VPNPID="/var/run/openconnect/${VPN}.pid" +VPNDIR="/etc/openconnect/${VPN}" +PREUPSCRIPT="${VPNDIR}/preup.sh" +PREDOWNSCRIPT="${VPNDIR}/predown.sh" +POSTUPSCRIPT="${VPNDIR}/postup.sh" +POSTDOWNSCRIPT="${VPNDIR}/postdown.sh" +SERVER="server_${VPN}" +PASSWORD="password_${VPN}" +VPNOPTS="vpnopts_${VPN}" depend() { before netmount } +checkconfig() { + if [ $VPN = "openconnect" ]; then + eerror "You cannot call openconnect directly. You must create a symbolic link to it instead with the vpn name:" + eerror "ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0" + return 1 + fi +} + +checktuntap() { + if [ $(uname -s) = "Linux" ] ; then + if [ ! -e /dev/net/tun ]; then + if ! modprobe tun ; then + eerror "TUN/TAP support is not available in this kernel" + return 1 + fi + fi + if [ -h /dev/net/tun ] && [ -c /dev/misc/net/tun ]; then + ebegin "Detected broken /dev/net/tun symlink, fixing..." + rm -f /dev/net/tun + ln -s /dev/misc/net/tun /dev/net/tun + eend $? + fi + fi +} + start() { - ebegin "Starting OpenConnect" - - start-stop-daemon --start --quiet --make-pidfile --pidfile /var/run/openconnect.pid --exec /usr/bin/openconnect \ - -- ${VPNOPTS} ${SERVER} <<< ${PASSWORD} + ebegin "Starting OpenConnect: ${VPN}" + + checkconfig || return 1 + + checktuntap || return 1 + + if [ "${!SERVER}" == "vpn.server.tld" ]; then + eend 1 "${VPN} not configured" + return 1 + fi + + if [ ! -e "${VPNLOG}" ]; then + mkdir -p "${VPNLOG}" + fi + + local args="" + + if [ -x "${PREUPSCRIPT}" ] ; then + "${PREUPSCRIPT}" + fi + + start-stop-daemon --start --make-pidfile --pidfile "${VPNPID}" --stderr "${VPNERRFILE}" --stdout "${VPNLOGFILE}" --background \ + --exec /usr/sbin/openconnect \ + -- ${!VPNOPTS} ${!SERVER} <<< ${!PASSWORD} + + local retval=$? + + if [ ! ${retval} -eq 0 ]; then + eend ${retval} + return ${retval} + fi + + if [ -x "${POSTUPSCRIPT}" ] ; then + "${POSTUPSCRIPT}" + fi + eend $? } stop() { - ebegin "Stopping OpenConnect" - start-stop-daemon --quiet --pidfile /var/run/openconnect.pid --stop /usr/bin/openconnect + ebegin "Stopping OpenConnect: ${VPN}" + + checkconfig || return 1 + + if [ -x "${PREDOWNSCRIPT}" ] ; then + "${PREDOWNSCRIPT}" + fi + + start-stop-daemon --pidfile "${VPNPID}" --stop /usr/sbin/openconnect + local retval=$? + + if [ ! ${retval} -eq 0 ]; then + eend ${retval} + return ${retval} + fi + + + if [ -x "${POSTDOWNSCRIPT}" ] ; then + "${POSTDOWNSCRIPT}" + fi eend $? } - -# vim: set ft=gentoo-init-d ts=3 sw=3 et: diff --git a/net-misc/openconnect/files/openconnect.logrotate b/net-misc/openconnect/files/openconnect.logrotate new file mode 100644 index 000000000000..0455e6845b28 --- /dev/null +++ b/net-misc/openconnect/files/openconnect.logrotate @@ -0,0 +1,8 @@ +# openconnect logrotate snipet for Gentoo Linux +# +/var/log/openconnect/*/* { + missingok + size 5M + notifempty +} + diff --git a/net-misc/openconnect/metadata.xml b/net-misc/openconnect/metadata.xml index e96e35b1a37c..3e2327c0cb31 100644 --- a/net-misc/openconnect/metadata.xml +++ b/net-misc/openconnect/metadata.xml @@ -1,8 +1,13 @@ <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> - <maintainer> - <email>maintainer-needed@gentoo.org</email> - </maintainer> + <herd>proxy-maintainers</herd> + <maintainer> + <email>mattsch@gmail.com</email> + <name>Matthew Schultz</name> + </maintainer> +<use> + <flag name="openssl">Enable <pkg>dev-libs/openssl</pkg> support</flag> +</use> </pkgmetadata> diff --git a/net-misc/openconnect/openconnect-4.07.ebuild b/net-misc/openconnect/openconnect-4.07.ebuild new file mode 100644 index 000000000000..80cba3786829 --- /dev/null +++ b/net-misc/openconnect/openconnect-4.07.ebuild @@ -0,0 +1,135 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openconnect/openconnect-4.07.ebuild,v 1.1 2012/12/05 18:53:47 hwoarang Exp $ + +EAPI="5" + +inherit eutils linux-info + +DESCRIPTION="Free client for Cisco AnyConnect SSL VPN software" +HOMEPAGE="http://www.infradead.org/openconnect.html" +# New versions of openconnect-script can be found here: +# http://git.infradead.org/users/dwmw2/vpnc-scripts.git/history/HEAD:/vpnc-script +SRC_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz + http://dev.gentoo.org/~hwoarang/distfiles/openconnect-script-20121108205904.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="static-libs nls -gnutls +openssl" +ILINGUAS="ar as ast bg bg_BG bn bn_IN bs ca ca@valencia cs da de el en_GB en_US eo es es_CR + es_MX et eu fa fi fr gd gl gu he hi hi_IN hu id it ja km kn ko ku lo lt lv ml mr + ms nb nl nn no or pa pl pt pt_BR pt_PT ro ru sk sl sq sr sr@latin sv ta te + tg th tl tr ug uk ur_PK vi vi_VN wa zh_CN zh_HK zh_TW" +for lang in $ILINGUAS; do + IUSE="${IUSE} linguas_${lang}" +done +# only one ssl provider can be enabled +REQUIRED_USE="^^ ( gnutls openssl )" + +DEPEND="dev-libs/libxml2 + net-libs/libproxy + sys-libs/zlib + gnutls? ( + || ( + ( >=net-libs/gnutls-3[static-libs?] dev-libs/nettle ) + ( =net-libs/gnutls-2.12*[nettle,static-libs?] dev-libs/nettle ) + ( =net-libs/gnutls-2.12*[-nettle,static-libs?] dev-libs/libgcrypt[static-libs?] ) + ) + app-misc/ca-certificates + ) + openssl? ( dev-libs/openssl[static-libs?] )" + +RDEPEND="${DEPEND} + sys-apps/iproute2" + +tun_tap_check() { + ebegin "Checking for TUN/TAP support" + if { ! linux_chkconfig_present TUN; }; then + eerror "Please enable TUN/TAP support in your kernel config, found at:" + eerror + eerror " Device Drivers --->" + eerror " [*] Network device support --->" + eerror " <*> Universal TUN/TAP device driver support" + eerror + eerror "and recompile your kernel ..." + die "no CONFIG_TUN support detected!" + fi + eend $? +} + +pkg_setup() { + if use kernel_linux; then + get_version + if linux_config_exists; then + tun_tap_check + else + ewarn "Was unable to determine your kernel .config" + ewarn "Please note that OpenConnect requires CONFIG_TUN to be set in your" + ewarn "kernel .config, Without it, it will not work correctly." + # We don't die here, so it's possible to compile this package without + # kernel sources available. Required for cross-compilation. + fi + fi +} + +src_configure() { + strip-linguas $ILINGUAS + echo ${LINGUAS} > po/LINGUAS + # Override vpn-script test since the build system violates the sandbox and + # needs the path set to the real default path after it's installed + sed -e "s#-x \"\$with_vpnc_script\"#-n \"${WORKDIR}/openconnect-script\"#" \ + -i configure || die + econf \ + --with-vpnc-script=/etc/openconnect/openconnect.sh \ + $(use_enable static-libs static) \ + $(use_enable nls ) \ + $(use_with openssl ) \ + $(use_with gnutls ) +} + +src_install() { + emake DESTDIR="${D}" install + + dodoc AUTHORS TODO + newinitd "${FILESDIR}"/openconnect.init.in openconnect + dodir /etc/openconnect + insinto /etc/openconnect + newconfd "${FILESDIR}"/openconnect.conf.in openconnect + exeinto /etc/openconnect + newexe "${WORKDIR}"/openconnect-script openconnect.sh + insinto /etc/logrotate.d + newins "${FILESDIR}"/openconnect.logrotate openconnect + keepdir /var/run/openconnect /var/log/openconnect + + # Remove useless .la files + find "${D}" -name '*.la' -delete || die "la file removal failed" +} + +pkg_postinst() { + elog "The init script for openconnect has changed and now supports multiple vpn tunnels." + elog + elog "You need to create a symbolic link to /etc/init.d/openconnect in /etc/init.d" + elog "instead of calling it directly:" + elog + elog "ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0" + elog + elog "You can then start the vpn tunnel like this:" + elog + elog "/etc/init.d/openconnect.vpn0 start" + elog + elog "If you would like to run preup, postup, predown, and/or postdown scripts," + elog "You need to create a directory in /etc/openconnect with the name of the vpn:" + elog + elog "mkdir /etc/openconnect/vpn0" + elog + elog "Then add executable shell files:" + elog + elog "mkdir /etc/openconnect/vpn0" + elog "cd /etc/openconnect/vpn0" + elog "echo '#!/bin/sh' > preup.sh" + elog "cp preup.sh predown.sh" + elog "cp preup.sh postup.sh" + elog "cp preup.sh postdown.sh" + elog "chmod 755 /etc/openconnect/vpn0/*" +} |