Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-misc
diff options
context:
space:
mode:
authorWilliam Hubbs <williamh@gentoo.org>2016-09-24 12:44:31 -0500
committerWilliam Hubbs <williamh@gentoo.org>2016-09-24 12:44:31 -0500
commit5f9049c9da39886975077c93c119129cd31e8f88 (patch)
tree074c75f591276a762ac8aada23fc92d37aaa83bc /net-misc
parentsci-chemistry/pymol: Version bump (diff)
downloadgentoo-5f9049c9da39886975077c93c119129cd31e8f88.tar.gz
gentoo-5f9049c9da39886975077c93c119129cd31e8f88.tar.bz2
gentoo-5f9049c9da39886975077c93c119129cd31e8f88.zip
net-misc/openconnect: 7.07-r2 revbump to fix pulse secure
Current stable openconnect is broken for newer releases of pulse secure [1]. This revbump fixes that issue. I have verified it on amd64 so I'm going straight to stable since the previous revision is stable. [1] http://lists.infradead.org/pipermail/openconnect-devel/2016-September/003952.html Package-Manager: portage-2.2.28 RepoMan-Options: --force
Diffstat (limited to 'net-misc')
-rw-r--r--net-misc/openconnect/files/openconnect-7.07-mimic-pulse-client.patch38
-rw-r--r--net-misc/openconnect/openconnect-7.07-r2.ebuild162
2 files changed, 200 insertions, 0 deletions
diff --git a/net-misc/openconnect/files/openconnect-7.07-mimic-pulse-client.patch b/net-misc/openconnect/files/openconnect-7.07-mimic-pulse-client.patch
new file mode 100644
index 000000000000..5cfeca6ec52d
--- /dev/null
+++ b/net-misc/openconnect/files/openconnect-7.07-mimic-pulse-client.patch
@@ -0,0 +1,38 @@
+From 4ce9c9241f5707917e87e93a055f757cea5fb84d Mon Sep 17 00:00:00 2001
+From: Jon DeVree <nuxi@vault24.org>
+Date: Mon, 19 Sep 2016 21:00:18 -0400
+Subject: [PATCH] Add Content-Length header to mimic official pulse client
+
+The official pulse client sends in a fixed "Content-Length: 256" header
+with these two HTTP requests. Some versions of the VPN server will
+reject requests with an HTTP 400 error if they do not have this header.
+
+Signed-off-by: Jon DeVree <nuxi@vault24.org>
+Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
+---
+ oncp.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/oncp.c b/oncp.c
+index cc9a223..2bf1571 100644
+--- a/oncp.c
++++ b/oncp.c
+@@ -562,6 +562,7 @@ int oncp_connect(struct openconnect_info *vpninfo)
+
+ buf_append(reqbuf, "POST /dana/js?prot=1&svc=1 HTTP/1.1\r\n");
+ oncp_common_headers(vpninfo, reqbuf);
++ buf_append(reqbuf, "Content-Length: 256\r\n");
+ buf_append(reqbuf, "\r\n");
+
+ if (buf_error(reqbuf)) {
+@@ -606,6 +607,7 @@ int oncp_connect(struct openconnect_info *vpninfo)
+ buf_truncate(reqbuf);
+ buf_append(reqbuf, "POST /dana/js?prot=1&svc=4 HTTP/1.1\r\n");
+ oncp_common_headers(vpninfo, reqbuf);
++ buf_append(reqbuf, "Content-Length: 256\r\n");
+ buf_append(reqbuf, "\r\n");
+
+ if (buf_error(reqbuf)) {
+--
+2.7.3
+
diff --git a/net-misc/openconnect/openconnect-7.07-r2.ebuild b/net-misc/openconnect/openconnect-7.07-r2.ebuild
new file mode 100644
index 000000000000..57ae5c007fa9
--- /dev/null
+++ b/net-misc/openconnect/openconnect-7.07-r2.ebuild
@@ -0,0 +1,162 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+PYTHON_COMPAT=( python2_7 )
+PYTHON_REQ_USE="xml"
+
+inherit eutils java-pkg-opt-2 linux-info python-any-r1 readme.gentoo-r1
+
+if [[ ${PV} == 9999 ]]; then
+ EGIT_REPO_URI="git://git.infradead.org/users/dwmw2/${PN}.git"
+ inherit git-r3 autotools
+else
+ ARCHIVE_URI="ftp://ftp.infradead.org/pub/${PN}/${P}.tar.gz"
+ KEYWORDS="amd64 ~arm ~arm64 ~ppc64 ~x86"
+fi
+VPNC_VER=20160829
+SRC_URI="${ARCHIVE_URI}
+ ftp://ftp.infradead.org/pub/vpnc-scripts/vpnc-scripts-${VPNC_VER}.tar.gz"
+
+DESCRIPTION="Free client for Cisco AnyConnect SSL VPN software"
+HOMEPAGE="http://www.infradead.org/openconnect.html"
+
+LICENSE="LGPL-2.1 GPL-2"
+SLOT="0/5"
+IUSE="doc +gnutls gssapi java libproxy nls smartcard static-libs stoken"
+
+DEPEND="dev-libs/libxml2
+ sys-libs/zlib
+ !gnutls? (
+ >=dev-libs/openssl-1.0.1h:0[static-libs?]
+ )
+ gnutls? (
+ >=net-libs/gnutls-3:0=[static-libs?] dev-libs/nettle
+ app-misc/ca-certificates
+ )
+ gssapi? ( virtual/krb5 )
+ libproxy? ( net-libs/libproxy )
+ nls? ( virtual/libintl )
+ smartcard? ( sys-apps/pcsc-lite:0= )
+ stoken? ( app-crypt/stoken )"
+RDEPEND="${DEPEND}
+ sys-apps/iproute2
+ !<sys-apps/openrc-0.13"
+DEPEND="${DEPEND}
+ virtual/pkgconfig
+ doc? ( ${PYTHON_DEPS} sys-apps/groff )
+ java? ( >=virtual/jdk-1.6 )
+ nls? ( sys-devel/gettext )"
+
+CONFIG_CHECK="~TUN"
+
+PATCHES=(
+ "${FILESDIR}"/${P}-mimic-pulse-client.patch
+)
+
+pkg_pretend() {
+ check_extra_config
+}
+
+pkg_setup() {
+ java-pkg-opt-2_pkg_setup
+}
+
+src_unpack() {
+ if [[ ${PV} == 9999 ]]; then
+ git-r3_src_unpack
+ fi
+ default
+}
+
+src_prepare() {
+ default
+ if [[ ${PV} == 9999 ]]; then
+ eautoreconf
+ fi
+}
+
+src_configure() {
+ if [[ ${LINGUAS+set} == set ]]; then
+ strip-linguas -u po
+ echo "${LINGUAS}" > po/LINGUAS || die
+ fi
+
+ if use doc; then
+ python_setup
+ else
+ # If the python cannot be found, the docs will not build
+ sed -e 's#"${ac_cv_path_PYTHON}"#""#' -i configure || die
+ fi
+
+ # liboath not in portage
+ econf \
+ --with-vpnc-script="${EPREFIX}/etc/openconnect/openconnect.sh" \
+ $(use_enable static-libs static) \
+ $(use_enable nls ) \
+ $(use_with !gnutls openssl) \
+ $(use_with gnutls ) \
+ $(use_with libproxy) \
+ $(use_with gssapi) \
+ $(use_with smartcard libpcsclite) \
+ $(use_with stoken) \
+ $(use_with java)
+}
+
+DOC_CONTENTS="The init script for openconnect supports multiple vpn tunnels.
+
+You need to create a symbolic link to /etc/init.d/openconnect in /etc/init.d
+instead of calling it directly:
+
+ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0
+
+You can then start the vpn tunnel like this:
+
+/etc/init.d/openconnect.vpn0 start
+
+If you would like to run preup, postup, predown, and/or postdown scripts,
+You need to create a directory in /etc/openconnect with the name of the vpn:
+
+mkdir /etc/openconnect/vpn0
+
+Then add executable shell files:
+
+mkdir /etc/openconnect/vpn0
+cd /etc/openconnect/vpn0
+echo '#!/bin/sh' > preup.sh
+cp preup.sh predown.sh
+cp preup.sh postup.sh
+cp preup.sh postdown.sh
+chmod 755 /etc/openconnect/vpn0/*
+"
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ dodoc AUTHORS TODO
+ newinitd "${FILESDIR}"/openconnect.init.in-r4 openconnect
+ dodir /etc/openconnect
+ insinto /etc/openconnect
+ newconfd "${FILESDIR}"/openconnect.conf.in openconnect
+ exeinto /etc/openconnect
+ newexe "${WORKDIR}"/vpnc-scripts-${VPNC_VER}/vpnc-script openconnect.sh
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}"/openconnect.logrotate openconnect
+ keepdir /var/log/openconnect
+
+ # Remove useless .la files
+ prune_libtool_files --all
+
+ readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+ readme.gentoo_print_elog
+ if [[ -z ${REPLACING_VERSIONS} ]]; then
+ elog
+ elog "You may want to consider installing the following optional packages."
+ optfeature "resolvconf support" net-dns/openresolv
+ fi
+}