From: "Anthony G. Basile" <blueness@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] dev/blueness:master commit in: net-firewall/ipsec-tools/, net-firewall/ipsec-tools/files/
Date: Thu, 27 Sep 2012 14:42:44 +0000 (UTC) [thread overview]
Message-ID: <1348756951.35efb9a4c6383e1dafbf565d6e8f16cf20f20ec1.blueness@gentoo> (raw)
commit: 35efb9a4c6383e1dafbf565d6e8f16cf20f20ec1
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Thu Sep 27 14:42:31 2012 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Thu Sep 27 14:42:31 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=35efb9a4
net-firewall/ipsec-tools: addresses bugs #435398 and #436144, no intelligent migration
---
net-firewall/ipsec-tools/Manifest | 8 ++--
.../files/{ipsec.conf => ipsec-tools.conf} | 0
net-firewall/ipsec-tools/files/racoon.conf.d-r1 | 11 ++++-
net-firewall/ipsec-tools/files/racoon.init.d | 58 --------------------
net-firewall/ipsec-tools/files/racoon.init.d-r2 | 1 +
.../ipsec-tools/ipsec-tools-0.8.0-r5.ebuild | 5 +-
6 files changed, 18 insertions(+), 65 deletions(-)
diff --git a/net-firewall/ipsec-tools/Manifest b/net-firewall/ipsec-tools/Manifest
index 00ff670..34b1061 100644
--- a/net-firewall/ipsec-tools/Manifest
+++ b/net-firewall/ipsec-tools/Manifest
@@ -1,12 +1,12 @@
AUX ipsec-tools-0.8.0-sysctl.patch 485 SHA256 eb94a1f77ac9c194e51c2f64b65d9c8f70ff109fdfe77f72801449277b7312f4 SHA512 a2a96cea5c2b451665d54572e471a6c2b4fb72382dcd90bda536aaabf78cdd36d630d5c1fa56372b95066dc7dffd56480d3402fdbe2d56825a017b2cc075ac66 WHIRLPOOL 54c8f99ef2881e0fdf1e1aaf7c7908e9fac31326da9a15df160f81f4b9a8bb7a4db738ebd8c888c9a0bfae7e558c48231cb6413e1e953309a658ad12bfb9e106
AUX ipsec-tools-def-psk.patch 907 SHA256 15da775a7da892b7e99f0a6e531bdb9f37cc9d81c004f8a439152445f960f656 SHA512 683f168fac390df602ece1608db7f65370749c291e837497fa68fe4f39ddab907d10d67d4c80d583d7f12a1ea0bf02ba98d228e7c6e9267b49a1a8a7e57e99c4 WHIRLPOOL cfe93bc7e71aa627b973b416acfcdf9f9346ef5237726a079a0da3a383f949bb780624482f1f17b93cc43fc786711c4d8d3abc173f600f05d8790639cbed911a
AUX ipsec-tools-include-vendoridh.patch 434 SHA256 be0fd6ec217405a6f1ab97231568297e705d995d0f5fa8a6ebae896e1b2e910c SHA512 fc39e09dd7b1a2d3b6cdfbfad9f4978ab5d070ae2435cf77fe2283b566bea1d58cd26dbf6cafb563587200724c9602a32ce737fd163b757872e8a6d2c8007d5c WHIRLPOOL 1507b428ab919b0e45125ec4901af6b3a764a33c98cae6e2df0c061432414cb61e980606d24f55054d4433203f5eca3a123d4dd6dfd74645d7bc222f66cab1bd
-AUX ipsec.conf 1209 SHA256 a9a6cbf1bd42aaefdb637814bc6198079bab84e37888e1b705f938f590978816 SHA512 727297a06b75b883a7bd730d84f7a7cec04f81b51df71a6d2419602d835abe3c958d27aac176e29e2463421792843517bda802b3437b306ab43e94d178593bfa WHIRLPOOL 9c8f70c3c117e5cc4a1793637a101920ffd9126e02373db4e68b9eba4588a385cbc08fc81a0b5bf3ae0bff3d9de20a5a14b020e6d62effb97bce790ce4e74437
+AUX ipsec-tools.conf 1209 SHA256 a9a6cbf1bd42aaefdb637814bc6198079bab84e37888e1b705f938f590978816 SHA512 727297a06b75b883a7bd730d84f7a7cec04f81b51df71a6d2419602d835abe3c958d27aac176e29e2463421792843517bda802b3437b306ab43e94d178593bfa WHIRLPOOL 9c8f70c3c117e5cc4a1793637a101920ffd9126e02373db4e68b9eba4588a385cbc08fc81a0b5bf3ae0bff3d9de20a5a14b020e6d62effb97bce790ce4e74437
AUX psk.txt 293 SHA256 d34b142b4566712f87382caf0a64bcc070bbde17f16e2ee49d5dde26cb1bbe08 SHA512 ed09588bcbf9b16e4e18315c7b9a7667788b4ab26cd962376430c316cfb0ee5a30ff26910190731b287c1a1b5927951a79f71a096071e73d67dc867a455b14cf WHIRLPOOL fe1aadd94612e742029d6e0be7401f2994c9fed4fec899f3fc09c90cb134aca710c41a083164d6cece46b331652ddb3b76720c60bc40b837243b329db7eb60db
AUX racoon.conf 772 SHA256 e00cea25741fa16aa985d80ce49f2a59af0c98a44707a047193e936644b497a3 SHA512 8876920331b4003fd096f1997e1266a12783120e390cea55ca283a8fd6485552b54e87f60e75f33409a4cdb99171d2358953287edd47ddeac8bda6da0cc8becc WHIRLPOOL 12c55b1f5e67592483c2602040454f7c0e511c4867b0ed1e7acb593d3ffd0b2b2bfe7a5defb900eb8759006b4382d8c3d891ace2472d772e223e68eb99bd72cc
-AUX racoon.conf.d-r1 606 SHA256 a5bac8d1d84d11651027f4264a9adac85d18ea8f126abb504397a866695d2ddd SHA512 c2f12c2829e8f1852a81104feb6b5f4afa58394fa46b65347ec30d469a822b748d3e317023ec0f060c20242988692ab76eba52fdc5f473e393c563243ff53c1d WHIRLPOOL 58a48357c475e927cb3d659582bb8c9b8ae10f1164c1831300375694a33052454dd65a29a0c869f17915f3d36aa2772b64811f44920f57d9de8cf2eb5f3df485
-AUX racoon.init.d-r2 1232 SHA256 d31ca0615464fbc8a3a2a6c6b308ab937e795ca6a1ca7d1a54eadff20caf9825 SHA512 1fa08aff6fe116e8c440600a23bb78385716ad6ab0e6b28d28d63516b9d67c6c592bcd876b198bf6bffa11efe97772399db66c1d2b57e9eaa494983495313f5e WHIRLPOOL d0b691de48313962b04e7a86aeeee1933b03fbbfe322e5e7662229a84d5d5d794bcbb51d0ef45160c25856ec4e1f4e15b435134ddea3378633f5116547c375d7
+AUX racoon.conf.d-r1 906 SHA256 a94721a9d51b970f728c63c1f4348c53fb0629b05ef02a6ee2c3f9e5b74e1163 SHA512 3efd2bd0ad9ef5c4340eb1a60aa561c1c37a71740d2d672d2493b0bb9488c3f12ad654270ba4a81c82f2152684f6f1423242a1b029c120c12e0d2300eae509e1 WHIRLPOOL 0ca879cefc0c784cdeddc2562ca9b6cc28ec5d8541f762818733eba7915ba6e9a87615af8fbf674363398333865f69032474fd49030d12e8a256919977da3404
+AUX racoon.init.d-r2 1279 SHA256 d9038da4f5c969a7da450d6d7a566fd77c4471ff0a1ceb2f176f0c9015d1eda8 SHA512 1a5337c74285b54c21b4d3d216f0a3756a3e2d6ea31028b56782c7a635ffac8142d61074fa0927df6dd1034e15234d3a4eda192c94e8cd5f510520e36bcf81a6 WHIRLPOOL f7219e0306b2d9e6311cd12ea06d560e1bf937ce409e44d7bf5a6e77325e4e6357b138fd709ca7972696a4669f1c6e6d72273250c84462ebf6b9e8c979aea330
AUX racoon.pam.d 156 SHA256 166136e27d653e0bf481a6ca79fecb7d9fa2fc3d597d041f97df595f65a8193c SHA512 d3f7e6ca8c9f2b5060ebccb259316bb59c9a7e158e8ef9466765a20db263a4043a590811f1a3ab072b718dbd70898bc69b77e0b19603d7f394b5ac1bd0a4a56c WHIRLPOOL ba7a0a8c3bb39c5fda69de34b822a19696398e0a8789211ac1faae787ee34f9639eb35efe29c67f874b5f9fe674742503e570f441c005974f4a0c93468b8970b
DIST ipsec-tools-0.8.0.tar.bz2 809297 SHA256 2359a24aa8eda9ca7043fc47950c8e6b7f58a07c5d5ad316aa7de2bc5e3a8717 SHA512 3bec6bab4fe555612f1d48966e797202830f5254a8d2146a14d268ff0c68445af790285214db41ab08ee4888625e8e680c3b848c30789d836169d1612a25fe2c WHIRLPOOL 862d2bbf78aca8c9e01e00c995aeb3b662e1ea4a769081b9880a3fee7821ef5968e10fe75d9671268979188c7ca3b91d507a1fc9a097729d0648bc4c965e675d
-EBUILD ipsec-tools-0.8.0-r5.ebuild 6061 SHA256 2e7af21ab29e463023165f1404b6033cb21130b4ab147584954d6b941b9d6f16 SHA512 2ab81dee9a018b3010c67abc86a22ee911f41f92bf6a6c75ed19df057d3383aa036e9d476662ce11cb625be9d965aa70e23ef9e0a66d08d3f507c5e7016ebd82 WHIRLPOOL 4a3d73da40c3d8ce2f69d090cd7cd8c45760f0403370be3fc80b0f74dfb5c2c5df219776b3b783f187b9e7c414c9e63e0af6bbd759c8a600734f6ec6a3a7d2e0
+EBUILD ipsec-tools-0.8.0-r5.ebuild 6105 SHA256 6e08dded31816117b3c097593ffc9058934af41b250215ba9a319b764435a9ae SHA512 1e7fdccb604a90afb72b62873b723581d2b856676631c18068a88a532657ed4c5a0076b5d89b73c92854445d3aa1e5ca8bf2cb0bbfa994dff0df78469c8fa749 WHIRLPOOL d5e5a650274a74193e28b83ba3f86db106988cc6bfe5a12893e752671d596f1aeb64bd1189e9d6f6302b458292e9054e293245b83385fa9cba8a23931bb88716
MISC metadata.xml 537 SHA256 12de55d6d62b8e91c8996422e33462b5637f9720a5096025752b93906bcbdc40 SHA512 9b26b2cd54e00527201339c3936ac717c57fe596e470d84e0dc0715f778b5797488b6cac61dea83bab61714a23a88e44dbd537bfeeb2b37d285653dcb838fab5 WHIRLPOOL a0dd0b61f957875ca3c50db5aa66470ed493be9c4f002bd165d75b41a8ca51cbcfd2567b4702bf1845b8e0a1ca54239e6ed163098d8b613d1f9f459192acc14e
diff --git a/net-firewall/ipsec-tools/files/ipsec.conf b/net-firewall/ipsec-tools/files/ipsec-tools.conf
similarity index 100%
rename from net-firewall/ipsec-tools/files/ipsec.conf
rename to net-firewall/ipsec-tools/files/ipsec-tools.conf
diff --git a/net-firewall/ipsec-tools/files/racoon.conf.d-r1 b/net-firewall/ipsec-tools/files/racoon.conf.d-r1
index b201e40..ac2b718 100644
--- a/net-firewall/ipsec-tools/files/racoon.conf.d-r1
+++ b/net-firewall/ipsec-tools/files/racoon.conf.d-r1
@@ -9,7 +9,16 @@
RACOON_CONF="/etc/racoon/racoon.conf"
RACOON_PSK_FILE="/etc/racoon/psk.txt"
-SETKEY_CONF="/etc/ipsec.conf"
+
+# The amount of time in ms for start-stop-daemon to wait before a timeout
+# Racoon can sometimes be slow. We'll wait 1 sec. Bug #435398.
+
+RACOON_WAIT="1000"
+
+# The setkey config file. Don't name it ipsec.conf as this clashes
+# with strongswan. We'll follow debian's naming. Bug #436144.
+
+SETKEY_CONF="/etc/ipsec-tools.conf"
# Comment or remove the following if you don't want the policy tables
# to be flushed when racoon is stopped.
diff --git a/net-firewall/ipsec-tools/files/racoon.init.d b/net-firewall/ipsec-tools/files/racoon.init.d
deleted file mode 100644
index 16fdec7..0000000
--- a/net-firewall/ipsec-tools/files/racoon.init.d
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/sbin/runscript
-# Copyright 1999-2004 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-depend() {
- before netmount
- use net
-}
-
-checkconfig() {
- if [ ! -e ${SETKEY_CONF} ] ; then
- eerror "You need to configure setkey before starting racoon."
- return 1
- fi
- if [ ! -e ${RACOON_CONF} ] ; then
- eerror "You need a configuration file to start racoon."
- return 1
- fi
- if [ ! -z ${RACOON_PSK_FILE} ] ; then
- if [ ! -f ${RACOON_PSK_FILE} ] ; then
- eerror "PSK file not found as specified."
- eerror "Set RACOON_PSK_FILE in /etc/conf.d/racoon."
- return 1
- fi
- case "`ls -Lldn ${RACOON_PSK_FILE}`" in
- -r--------*)
- ;;
- *)
- eerror "Your defined PSK file should be mode 400 for security!"
- return 1
- ;;
- esac
- fi
-}
-
-start() {
- checkconfig || return 1
- einfo "Loading ipsec policies from ${SETKEY_CONF}."
- /usr/sbin/setkey -f ${SETKEY_CONF}
- if [ $? -eq 1 ] ; then
- eerror "Error while loading ipsec policies"
- fi
- ebegin "Starting racoon"
- start-stop-daemon -S -x /usr/sbin/racoon -- -f ${RACOON_CONF} ${RACOON_OPTS}
- eend $?
-}
-
-stop() {
- ebegin "Stopping racoon"
- start-stop-daemon -K -p /var/run/racoon.pid
- eend $?
- if [ -n "${RACOON_RESET_TABLES}" ]; then
- ebegin "Flushing policy entries"
- /usr/sbin/setkey -F
- /usr/sbin/setkey -FP
- eend $?
- fi
-}
diff --git a/net-firewall/ipsec-tools/files/racoon.init.d-r2 b/net-firewall/ipsec-tools/files/racoon.init.d-r2
index 04b5752..aeed27d 100644
--- a/net-firewall/ipsec-tools/files/racoon.init.d-r2
+++ b/net-firewall/ipsec-tools/files/racoon.init.d-r2
@@ -36,6 +36,7 @@ checkconfig() {
command=/usr/sbin/racoon
command_args="-f ${RACOON_CONF} ${RACOON_OPTS}"
pidfile=/var/run/racoon.pid
+start_stop_daemon_args="--wait ${RACOON_WAIT}"
start_pre() {
checkconfig || return 1
diff --git a/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r5.ebuild b/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r5.ebuild
index 86dbe75..7143c26 100644
--- a/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r5.ebuild
+++ b/net-firewall/ipsec-tools/ipsec-tools-0.8.0-r5.ebuild
@@ -194,7 +194,7 @@ src_install() {
use pam && newpamd "${FILESDIR}"/racoon.pam.d racoon
insinto /etc
- doins "${FILESDIR}"/ipsec.conf
+ doins "${FILESDIR}"/ipsec-tools.conf
insinto /etc/racoon
doins "${FILESDIR}"/racoon.conf
doins "${FILESDIR}"/psk.txt
@@ -204,7 +204,8 @@ src_install() {
dodoc -r src/racoon/samples
dodoc -r src/racoon/doc
docinto samples
- newdoc src/setkey/sample.cf ipsec.conf
+ mv ipsec.conf ipsec-tools.conf
+ newdoc src/setkey/sample.cf ipsec-tools.conf
}
pkg_postinst() {
next reply other threads:[~2012-09-27 14:43 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-27 14:42 Anthony G. Basile [this message]
-- strict thread matches above, loose matches on Subject: below --
2012-09-28 0:46 [gentoo-commits] dev/blueness:master commit in: net-firewall/ipsec-tools/, net-firewall/ipsec-tools/files/ Anthony G. Basile
2012-09-27 14:20 Anthony G. Basile
2012-03-08 12:16 Anthony G. Basile
2012-03-06 19:41 Anthony G. Basile
2012-02-28 23:54 Anthony G. Basile
2012-02-08 2:26 Anthony G. Basile
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1348756951.35efb9a4c6383e1dafbf565d6e8f16cf20f20ec1.blueness@gentoo \
--to=blueness@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox