summaryrefslogtreecommitdiff
blob: c6d6c25a8b726a93efe139ae8661c382b2f9bee9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$

EAPI=5

inherit eutils systemd toolchain-funcs

if [[ ${PV} != 9999 ]]; then
	SRC_URI="https://download.libreswan.org/${P}.tar.gz"
	KEYWORDS="~amd64 ~ppc ~x86"
else
	inherit git-r3
	EGIT_REPO_URI="https://github.com/libreswan/libreswan.git"
fi

DESCRIPTION="IPsec implementation for Linux, fork of Openswan"
HOMEPAGE="https://libreswan.org/"

LICENSE="GPL-2 BSD-4 RSA DES"
SLOT="0"
IUSE="caps curl dnssec ldap pam"

COMMON_DEPEND="
	dev-libs/gmp
	dev-libs/nspr
	caps? ( sys-libs/libcap-ng )
	curl? ( net-misc/curl )
	dnssec? ( net-dns/unbound net-libs/ldns )
	ldap? ( net-nds/openldap )
	pam? ( sys-libs/pam )
"
DEPEND="${COMMON_DEPEND}
	app-text/docbook-xml-dtd:4.1.2
	app-text/xmlto
	dev-libs/nss
	sys-devel/bison
	sys-devel/flex
	virtual/pkgconfig
"
RDEPEND="${COMMON_DEPEND}
	dev-libs/nss[utils(+)]
	sys-apps/iproute2
	!net-misc/openswan
	!net-misc/strongswan
"

src_prepare() {
	epatch_user
}

usetf() {
	usex "$1" true false
}

src_configure() {
	tc-export AR CC
	export INC_USRLOCAL=/usr
	export INC_MANDIR=share/man
	export FINALEXAMPLECONFDIR=/usr/share/doc/${PF}
	export FINALDOCDIR=/usr/share/doc/${PF}/html
	export INITSYSTEM=openrc
	export INC_RCDIRS=
	export INC_RCDEFAULT=/etc/init.d
	export USERCOMPILE=
	export USERLINK=
	export USE_DNSSEC=$(usetf dnssec)
	export USE_LIBCAP_NG=$(usetf caps)
	export USE_LIBCURL=$(usetf curl)
	export USE_LDAP=$(usetf ldap)
	export USE_XAUTHPAM=$(usetf pam)
}

src_compile() {
	emake programs
}

src_install() {
	emake DESTDIR="${D}" install

	echo "include /etc/ipsec.d/*.secrets" > "${D}"/etc/ipsec.secrets
	fperms 0600 /etc/ipsec.secrets

	systemd_dounit "${FILESDIR}/ipsec.service"

	dodoc CHANGES README
	dodoc -r docs

	find "${D}" -type d -empty -delete || die
}

pkg_postinst() {
	local IPSEC_CONFDIR=${ROOT%/}/etc/ipsec.d
	if [[ ! -f ${IPSEC_CONFDIR}/cert8.db ]]; then
		ebegin "Setting up NSS database in ${IPSEC_CONFDIR}"
		certutil -N -d "${IPSEC_CONFDIR}" -f <(echo)
		eend $?
	fi
}