summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-misc')
-rw-r--r--net-misc/openconnect/ChangeLog10
-rw-r--r--net-misc/openconnect/files/openconnect.conf.in28
-rw-r--r--net-misc/openconnect/files/openconnect.init.in107
-rw-r--r--net-misc/openconnect/files/openconnect.logrotate8
-rw-r--r--net-misc/openconnect/metadata.xml11
-rw-r--r--net-misc/openconnect/openconnect-4.07.ebuild135
6 files changed, 282 insertions, 17 deletions
diff --git a/net-misc/openconnect/ChangeLog b/net-misc/openconnect/ChangeLog
index 11b8e7a09692..f957a34ba800 100644
--- a/net-misc/openconnect/ChangeLog
+++ b/net-misc/openconnect/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for net-misc/openconnect
# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/openconnect/ChangeLog,v 1.2 2012/11/18 09:41:20 pacho Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openconnect/ChangeLog,v 1.3 2012/12/05 18:53:47 hwoarang Exp $
+
+*openconnect-4.07 (05 Dec 2012)
+
+ 05 Dec 2012; Markos Chandras <hwoarang@gentoo.org>
+ +files/openconnect.logrotate, +openconnect-4.07.ebuild,
+ files/openconnect.conf.in, files/openconnect.init.in, metadata.xml:
+ Version bump. Thanks to Matthew Schultz <mattsch@gmail.com> who will maintain
+ it. Bug #384099
18 Nov 2012; Pacho Ramos <pacho@gentoo.org> metadata.xml:
Drop maintainer as talked with him via mail.
diff --git a/net-misc/openconnect/files/openconnect.conf.in b/net-misc/openconnect/files/openconnect.conf.in
index aeead32e25c6..53b14e61378e 100644
--- a/net-misc/openconnect/files/openconnect.conf.in
+++ b/net-misc/openconnect/files/openconnect.conf.in
@@ -1,4 +1,26 @@
-SERVER="vpn.server.tld"
-PASSWORD="YOUR_PASSWD"
+# Variables to configure vpn tunnels where "vpnname" is the name of your vpn tunnel:
+#
+# server_vpnname
+# password_vpnname
+# vpnopts_vpnname
+#
+# The tunnel will need to be started with a symbolic link to openconnect:
+#
+# ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpnname
+#
+# If you'd like to execute a script on preup, postup, predown and postdown of the vpn tunnel, you
+# need to create executable scripts in a directory with the same name as
+# the vpn tunnel (vpn0 can be replaced with the vpn name):
+#
+# mkdir /etc/openconnect/vpn0
+# cd /etc/openconnect/vpn0"
+# echo '#!/bin/sh' > preup.sh"
+# cp preup.sh predown.sh"
+# cp preup.sh postup.sh"
+# cp preup.sh postdown.sh"
+# chmod 755 /etc/openconnect/vpn0/*"
+
+server_vpn0="vpn.server.tld"
+password_vpn0="YOUR_PASSWORD"
# Any OPENCONNECT options my go here (see openconnect --help)
-VPNOPTS="-b -l --passwd-on-stdin --user=YOUR_USER --script=/etc/openconnect/openconnect.sh"
+vpnopts_vpn0="-l --passwd-on-stdin --user=YOUR_USERNAME --script=/etc/openconnect/openconnect.sh"
diff --git a/net-misc/openconnect/files/openconnect.init.in b/net-misc/openconnect/files/openconnect.init.in
index 809b709c38de..abe1d0788673 100644
--- a/net-misc/openconnect/files/openconnect.init.in
+++ b/net-misc/openconnect/files/openconnect.init.in
@@ -1,24 +1,111 @@
#!/sbin/runscript
-# Copyright 1999-2011 Gentoo Foundation
+# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/openconnect/files/openconnect.init.in,v 1.1 2011/08/16 09:15:47 dagger Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openconnect/files/openconnect.init.in,v 1.2 2012/12/05 18:53:47 hwoarang Exp $
+
+VPN="${RC_SVCNAME#*.}"
+VPNLOG="/var/log/openconnect/${VPN}"
+VPNLOGFILE="${VPNLOG}/openconnect.log"
+VPNERRFILE="${VPNLOG}/openconnect.err"
+VPNPID="/var/run/openconnect/${VPN}.pid"
+VPNDIR="/etc/openconnect/${VPN}"
+PREUPSCRIPT="${VPNDIR}/preup.sh"
+PREDOWNSCRIPT="${VPNDIR}/predown.sh"
+POSTUPSCRIPT="${VPNDIR}/postup.sh"
+POSTDOWNSCRIPT="${VPNDIR}/postdown.sh"
+SERVER="server_${VPN}"
+PASSWORD="password_${VPN}"
+VPNOPTS="vpnopts_${VPN}"
depend() {
before netmount
}
+checkconfig() {
+ if [ $VPN = "openconnect" ]; then
+ eerror "You cannot call openconnect directly. You must create a symbolic link to it instead with the vpn name:"
+ eerror "ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0"
+ return 1
+ fi
+}
+
+checktuntap() {
+ if [ $(uname -s) = "Linux" ] ; then
+ if [ ! -e /dev/net/tun ]; then
+ if ! modprobe tun ; then
+ eerror "TUN/TAP support is not available in this kernel"
+ return 1
+ fi
+ fi
+ if [ -h /dev/net/tun ] && [ -c /dev/misc/net/tun ]; then
+ ebegin "Detected broken /dev/net/tun symlink, fixing..."
+ rm -f /dev/net/tun
+ ln -s /dev/misc/net/tun /dev/net/tun
+ eend $?
+ fi
+ fi
+}
+
start() {
- ebegin "Starting OpenConnect"
-
- start-stop-daemon --start --quiet --make-pidfile --pidfile /var/run/openconnect.pid --exec /usr/bin/openconnect \
- -- ${VPNOPTS} ${SERVER} <<< ${PASSWORD}
+ ebegin "Starting OpenConnect: ${VPN}"
+
+ checkconfig || return 1
+
+ checktuntap || return 1
+
+ if [ "${!SERVER}" == "vpn.server.tld" ]; then
+ eend 1 "${VPN} not configured"
+ return 1
+ fi
+
+ if [ ! -e "${VPNLOG}" ]; then
+ mkdir -p "${VPNLOG}"
+ fi
+
+ local args=""
+
+ if [ -x "${PREUPSCRIPT}" ] ; then
+ "${PREUPSCRIPT}"
+ fi
+
+ start-stop-daemon --start --make-pidfile --pidfile "${VPNPID}" --stderr "${VPNERRFILE}" --stdout "${VPNLOGFILE}" --background \
+ --exec /usr/sbin/openconnect \
+ -- ${!VPNOPTS} ${!SERVER} <<< ${!PASSWORD}
+
+ local retval=$?
+
+ if [ ! ${retval} -eq 0 ]; then
+ eend ${retval}
+ return ${retval}
+ fi
+
+ if [ -x "${POSTUPSCRIPT}" ] ; then
+ "${POSTUPSCRIPT}"
+ fi
+
eend $?
}
stop() {
- ebegin "Stopping OpenConnect"
- start-stop-daemon --quiet --pidfile /var/run/openconnect.pid --stop /usr/bin/openconnect
+ ebegin "Stopping OpenConnect: ${VPN}"
+
+ checkconfig || return 1
+
+ if [ -x "${PREDOWNSCRIPT}" ] ; then
+ "${PREDOWNSCRIPT}"
+ fi
+
+ start-stop-daemon --pidfile "${VPNPID}" --stop /usr/sbin/openconnect
+ local retval=$?
+
+ if [ ! ${retval} -eq 0 ]; then
+ eend ${retval}
+ return ${retval}
+ fi
+
+
+ if [ -x "${POSTDOWNSCRIPT}" ] ; then
+ "${POSTDOWNSCRIPT}"
+ fi
eend $?
}
-
-# vim: set ft=gentoo-init-d ts=3 sw=3 et:
diff --git a/net-misc/openconnect/files/openconnect.logrotate b/net-misc/openconnect/files/openconnect.logrotate
new file mode 100644
index 000000000000..0455e6845b28
--- /dev/null
+++ b/net-misc/openconnect/files/openconnect.logrotate
@@ -0,0 +1,8 @@
+# openconnect logrotate snipet for Gentoo Linux
+#
+/var/log/openconnect/*/* {
+ missingok
+ size 5M
+ notifempty
+}
+
diff --git a/net-misc/openconnect/metadata.xml b/net-misc/openconnect/metadata.xml
index e96e35b1a37c..3e2327c0cb31 100644
--- a/net-misc/openconnect/metadata.xml
+++ b/net-misc/openconnect/metadata.xml
@@ -1,8 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
- <maintainer>
- <email>maintainer-needed@gentoo.org</email>
- </maintainer>
+ <herd>proxy-maintainers</herd>
+ <maintainer>
+ <email>mattsch@gmail.com</email>
+ <name>Matthew Schultz</name>
+ </maintainer>
+<use>
+ <flag name="openssl">Enable <pkg>dev-libs/openssl</pkg> support</flag>
+</use>
</pkgmetadata>
diff --git a/net-misc/openconnect/openconnect-4.07.ebuild b/net-misc/openconnect/openconnect-4.07.ebuild
new file mode 100644
index 000000000000..80cba3786829
--- /dev/null
+++ b/net-misc/openconnect/openconnect-4.07.ebuild
@@ -0,0 +1,135 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openconnect/openconnect-4.07.ebuild,v 1.1 2012/12/05 18:53:47 hwoarang Exp $
+
+EAPI="5"
+
+inherit eutils linux-info
+
+DESCRIPTION="Free client for Cisco AnyConnect SSL VPN software"
+HOMEPAGE="http://www.infradead.org/openconnect.html"
+# New versions of openconnect-script can be found here:
+# http://git.infradead.org/users/dwmw2/vpnc-scripts.git/history/HEAD:/vpnc-script
+SRC_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz
+ http://dev.gentoo.org/~hwoarang/distfiles/openconnect-script-20121108205904.tar.gz"
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="static-libs nls -gnutls +openssl"
+ILINGUAS="ar as ast bg bg_BG bn bn_IN bs ca ca@valencia cs da de el en_GB en_US eo es es_CR
+ es_MX et eu fa fi fr gd gl gu he hi hi_IN hu id it ja km kn ko ku lo lt lv ml mr
+ ms nb nl nn no or pa pl pt pt_BR pt_PT ro ru sk sl sq sr sr@latin sv ta te
+ tg th tl tr ug uk ur_PK vi vi_VN wa zh_CN zh_HK zh_TW"
+for lang in $ILINGUAS; do
+ IUSE="${IUSE} linguas_${lang}"
+done
+# only one ssl provider can be enabled
+REQUIRED_USE="^^ ( gnutls openssl )"
+
+DEPEND="dev-libs/libxml2
+ net-libs/libproxy
+ sys-libs/zlib
+ gnutls? (
+ || (
+ ( >=net-libs/gnutls-3[static-libs?] dev-libs/nettle )
+ ( =net-libs/gnutls-2.12*[nettle,static-libs?] dev-libs/nettle )
+ ( =net-libs/gnutls-2.12*[-nettle,static-libs?] dev-libs/libgcrypt[static-libs?] )
+ )
+ app-misc/ca-certificates
+ )
+ openssl? ( dev-libs/openssl[static-libs?] )"
+
+RDEPEND="${DEPEND}
+ sys-apps/iproute2"
+
+tun_tap_check() {
+ ebegin "Checking for TUN/TAP support"
+ if { ! linux_chkconfig_present TUN; }; then
+ eerror "Please enable TUN/TAP support in your kernel config, found at:"
+ eerror
+ eerror " Device Drivers --->"
+ eerror " [*] Network device support --->"
+ eerror " <*> Universal TUN/TAP device driver support"
+ eerror
+ eerror "and recompile your kernel ..."
+ die "no CONFIG_TUN support detected!"
+ fi
+ eend $?
+}
+
+pkg_setup() {
+ if use kernel_linux; then
+ get_version
+ if linux_config_exists; then
+ tun_tap_check
+ else
+ ewarn "Was unable to determine your kernel .config"
+ ewarn "Please note that OpenConnect requires CONFIG_TUN to be set in your"
+ ewarn "kernel .config, Without it, it will not work correctly."
+ # We don't die here, so it's possible to compile this package without
+ # kernel sources available. Required for cross-compilation.
+ fi
+ fi
+}
+
+src_configure() {
+ strip-linguas $ILINGUAS
+ echo ${LINGUAS} > po/LINGUAS
+ # Override vpn-script test since the build system violates the sandbox and
+ # needs the path set to the real default path after it's installed
+ sed -e "s#-x \"\$with_vpnc_script\"#-n \"${WORKDIR}/openconnect-script\"#" \
+ -i configure || die
+ econf \
+ --with-vpnc-script=/etc/openconnect/openconnect.sh \
+ $(use_enable static-libs static) \
+ $(use_enable nls ) \
+ $(use_with openssl ) \
+ $(use_with gnutls )
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ dodoc AUTHORS TODO
+ newinitd "${FILESDIR}"/openconnect.init.in openconnect
+ dodir /etc/openconnect
+ insinto /etc/openconnect
+ newconfd "${FILESDIR}"/openconnect.conf.in openconnect
+ exeinto /etc/openconnect
+ newexe "${WORKDIR}"/openconnect-script openconnect.sh
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}"/openconnect.logrotate openconnect
+ keepdir /var/run/openconnect /var/log/openconnect
+
+ # Remove useless .la files
+ find "${D}" -name '*.la' -delete || die "la file removal failed"
+}
+
+pkg_postinst() {
+ elog "The init script for openconnect has changed and now supports multiple vpn tunnels."
+ elog
+ elog "You need to create a symbolic link to /etc/init.d/openconnect in /etc/init.d"
+ elog "instead of calling it directly:"
+ elog
+ elog "ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0"
+ elog
+ elog "You can then start the vpn tunnel like this:"
+ elog
+ elog "/etc/init.d/openconnect.vpn0 start"
+ elog
+ elog "If you would like to run preup, postup, predown, and/or postdown scripts,"
+ elog "You need to create a directory in /etc/openconnect with the name of the vpn:"
+ elog
+ elog "mkdir /etc/openconnect/vpn0"
+ elog
+ elog "Then add executable shell files:"
+ elog
+ elog "mkdir /etc/openconnect/vpn0"
+ elog "cd /etc/openconnect/vpn0"
+ elog "echo '#!/bin/sh' > preup.sh"
+ elog "cp preup.sh predown.sh"
+ elog "cp preup.sh postup.sh"
+ elog "cp preup.sh postdown.sh"
+ elog "chmod 755 /etc/openconnect/vpn0/*"
+}