[gentoo-commits] repo/gentoo:master commit in: net-vpn/networkmanager-openvpn/, net-vpn/networkmanager-openvpn/files/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-commits] repo/gentoo:master commit in: net-vpn/networkmanager-openvpn/, net-vpn/networkmanager-openvpn/files/
@ 2023-06-29 10:58 Sam James
  0 siblings, 0 replies; only message in thread
From: Sam James @ 2023-06-29 10:58 UTC (permalink / raw
  To: gentoo-commits

commit:     09c97e4e902abe3b3094134d5f267e363ef4138a
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Thu Jun 29 10:58:10 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Thu Jun 29 10:58:10 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=09c97e4e

net-vpn/networkmanager-openvpn: backpot openvpn-2.6 fix

Closes: https://bugs.gentoo.org/909361
Signed-off-by: Sam James <sam <AT> gentoo.org>

 ...manager-openvpn-1.10.2-openvpn-2.6-compat.patch | 43 ++++++++++++++++
 .../networkmanager-openvpn-1.10.2-r1.ebuild        | 58 ++++++++++++++++++++++
 2 files changed, 101 insertions(+)

diff --git a/net-vpn/networkmanager-openvpn/files/networkmanager-openvpn-1.10.2-openvpn-2.6-compat.patch b/net-vpn/networkmanager-openvpn/files/networkmanager-openvpn-1.10.2-openvpn-2.6-compat.patch
new file mode 100644
index 000000000000..2b8774b412e8
--- /dev/null
+++ b/net-vpn/networkmanager-openvpn/files/networkmanager-openvpn-1.10.2-openvpn-2.6-compat.patch
@@ -0,0 +1,43 @@
+https://bugs.gentoo.org/909361
+https://gitlab.gnome.org/GNOME/NetworkManager-openvpn/-/commit/a790374f4c2e9e1657cbb8470357d72d4bd87916
+
+From a790374f4c2e9e1657cbb8470357d72d4bd87916 Mon Sep 17 00:00:00 2001
+From: Beniamino Galvani <bgalvani@redhat.com>
+Date: Mon, 28 Nov 2022 17:31:38 +0100
+Subject: [PATCH] Revert "service: automatically add the "cipher" to the
+ "data-ciphers""
+
+`--data-ciphers` has a default value of `AES-256-GCM:AES-128-GCM`. If
+we overwrite it with the value of `--cipher` we are diverging from
+openvpn behavior and this can cause authentication problems.
+
+https://gitlab.gnome.org/GNOME/NetworkManager-openvpn/-/issues/112
+
+This reverts commit 020ab0c4b872fa5415ed1a5e682acb3343c7b9f3.
+--- a/src/nm-openvpn-service.c
++++ b/src/nm-openvpn-service.c
+@@ -1676,22 +1676,6 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
+ 
+ 	args_add_vpn_data (args, s_vpn, NM_OPENVPN_KEY_DATA_CIPHERS, "--data-ciphers");
+ 
+-	if (nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CIPHER) &&
+-	    !nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_DATA_CIPHERS) &&
+-	    openvpn_binary_detect_version_cached (openvpn_binary, &openvpn_binary_version) >=
+-	        nmovpn_version_encode (2, 5, 0)) {
+-		/* Since 2.5, openvpn will warn if "cipher" is set but "data-ciphers" doesn't
+-		 * contain the cipher. It still used to automatically add the cipher.
+-		 * Since 2.6, the cipher is no longer automatically added, which is unlikely
+-		 * what the user wants.
+-		 *
+-		 * We automatically add it, so if the user only sets cipher (e.g. when
+-		 * having an old profile or targeting 2.4) it still works. So ciphers
+-		 * means something slightly different for the plugin, unless you set
+-		 * data-ciphers to anything. */
+-		args_add_vpn_data (args, s_vpn, NM_OPENVPN_KEY_CIPHER, "--data-ciphers");
+-	}
+-
+ 	args_add_vpn_data (args, s_vpn, NM_OPENVPN_KEY_TLS_CIPHER, "--tls-cipher");
+ 
+ 	tmp = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_KEYSIZE);
+-- 
+GitLab

diff --git a/net-vpn/networkmanager-openvpn/networkmanager-openvpn-1.10.2-r1.ebuild b/net-vpn/networkmanager-openvpn/networkmanager-openvpn-1.10.2-r1.ebuild
new file mode 100644
index 000000000000..d1c4cbfc07ea
--- /dev/null
+++ b/net-vpn/networkmanager-openvpn/networkmanager-openvpn-1.10.2-r1.ebuild
@@ -0,0 +1,58 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+GNOME_ORG_MODULE="NetworkManager-${PN##*-}"
+
+inherit gnome2
+
+DESCRIPTION="NetworkManager OpenVPN plugin"
+HOMEPAGE="https://gitlab.gnome.org/GNOME/NetworkManager-openvpn"
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~x86"
+IUSE="gtk test"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+	>=dev-libs/glib-2.34:2
+	>=net-misc/networkmanager-1.7.0
+	>=net-vpn/openvpn-2.1
+	gtk? (
+		>=app-crypt/libsecret-0.18
+
+		>=net-libs/libnma-1.8.0
+		>=x11-libs/gtk+-3.4:3
+
+		>=gui-libs/gtk-4.0:4
+		>=net-libs/libnma-1.8.36
+	)
+"
+
+RDEPEND="
+	${DEPEND}
+	acct-group/nm-openvpn
+	acct-user/nm-openvpn
+"
+
+BDEPEND="
+	>=sys-devel/gettext-0.19
+	virtual/pkgconfig
+"
+
+PATCHES=(
+	"${FILESDIR}"/${P}-openvpn-2.6-compat.patch
+)
+
+src_configure() {
+	# --localstatedir=/var needed per bug #536248
+	gnome2_src_configure \
+		--localstatedir=/var \
+		--disable-more-warnings \
+		--disable-static \
+		--with-dist-version=Gentoo \
+		$(use_with gtk gnome) \
+		$(use_with gtk gtk4)
+}


^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2023-06-29 10:58 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-06-29 10:58 [gentoo-commits] repo/gentoo:master commit in: net-vpn/networkmanager-openvpn/, net-vpn/networkmanager-openvpn/files/ Sam James

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox