commit: c904828baee73971e49ace6b99d6170778813330 Author: Dennis Eisele <kernlpanic <AT> dennis-eisele <DOT> de> AuthorDate: Sat Apr 6 00:01:52 2024 +0000 Commit: Florian Schmaus <flow <AT> gentoo <DOT> org> CommitDate: Wed Jan 15 09:21:33 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c904828b
net-vpn/strongswan: add new use flags for plugins to ebuild Signed-off-by: Dennis Eisele <kernlpanic <AT> dennis-eisele.de> Bug: https://bugs.gentoo.org/504942 Closes: https://github.com/gentoo/gentoo/pull/36129 Signed-off-by: Florian Schmaus <flow <AT> gentoo.org> net-vpn/strongswan/metadata.xml | 54 +++++++++++++++++++++----- net-vpn/strongswan/strongswan-5.9.14-r1.ebuild | 10 +++-- 2 files changed, 51 insertions(+), 13 deletions(-) diff --git a/net-vpn/strongswan/metadata.xml b/net-vpn/strongswan/metadata.xml index c81edb750eb7..780a710b9622 100644 --- a/net-vpn/strongswan/metadata.xml +++ b/net-vpn/strongswan/metadata.xml @@ -30,33 +30,69 @@ <flag name="non-root">Force IKEv1/IKEv2 daemons to normal user privileges. This might impose some restrictions mainly to the IKEv1 daemon. Disable only if you really require superuser privileges.</flag> <flag name="openssl">Enable <pkg>dev-libs/openssl</pkg> plugin which is required for Elliptic Curve Cryptography (DH groups 19-21,25,26) and ECDSA. Also provides 3DES, AES, Blowfish, Camellia, CAST, DES, IDEA and RC5 ciphers along with MD2, MD4, MD5 and SHA1/2 hash algorithms, RSA and DH groups 1,2,5,14-18 and 22-24(4.4+) <pkg>dev-libs/openssl</pkg> has to be compiled with USE="-bindist".</flag> <flag name="pkcs11">Enable pkcs11 support</flag> + <flag name="strongswan_plugins_acert">Enable support for X.509 attribute certificates</flag> <flag name="strongswan_plugins_addrblock">Enable support for the addrblock crypto plugin</flag> + <flag name="strongswan_plugins_aes">Enable support for the aes plugin</flag> <flag name="strongswan_plugins_aesni">Enable support for Intel AES-NI crypto plugin</flag> - <flag name="strongswan_plugins_bypass-lan">Enable support for the bypass-lan plugin</flag> - <flag name="strongswan_plugins_chapoly">Enable ChaCha20/Poly1305 AEAD implementation and ChaCha20 XOF plugin</flag> - <flag name="strongswan_plugins_eap-radius">Enable EAP Radius plugin</flag> - <flag name="strongswan_plugins_forecast">Enable multicast and broadcast forwarding plugin</flag> - <flag name="strongswan_plugins_led">Enable support for the led plugin</flag> - <flag name="strongswan_plugins_lookip">Enable support for the lookip plugin</flag> - <flag name="strongswan_plugins_systime-fix">Enable support for the systime-fix plugin</flag> - <flag name="strongswan_plugins_unity">Enable support for the unity plugin</flag> - <flag name="strongswan_plugins_vici">Enable support for the vici plugin</flag> + <flag name="strongswan_plugins_af-alg">Enable support for the AF_ALG Linux kernel crypto API</flag> + <flag name="strongswan_plugins_agent">Enable support for RSA/ECDSA private keys</flag> <flag name="strongswan_plugins_blowfish">Enable support for the blowfish plugin</flag> + <flag name="strongswan_plugins_botan">Enable support for the botan library plugin</flag> + <flag name="strongswan_plugins_bypass-lan">Enable support for the bypass-lan plugin</flag> <flag name="strongswan_plugins_ccm">Enable support for the ccm plugin</flag> + <flag name="strongswan_plugins_chapoly">Enable ChaCha20/Poly1305 AEAD implementation and ChaCha20 XOF plugin</flag> + <flag name="strongswan_plugins_cmac">Enable support for the cmac plugin</flag> <flag name="strongswan_plugins_ctr">Enable support for the ctr plugin</flag> + <flag name="strongswan_plugins_curve25519">Enable support for X25519 DH group and Ed25519 public key uthentication</flag> + <flag name="strongswan_plugins_des">Enable DES/3DES cipher implementation</flag> + <flag name="strongswan_plugins_dnskey">Enable support for parsing DNS public keys</flag> + <flag name="strongswan_plugins_drbg">Enable support for the drgb plugin</flag> + <flag name="strongswan_plugins_eap-radius">Enable EAP Radius plugin</flag> <flag name="strongswan_plugins_error-notify">Enable support for the error-notify plugin</flag> + <flag name="strongswan_plugins_files">Enable support for local file:// URIs</flag> + <flag name="strongswan_plugins_fips-prf">Enable support for the fips-prf plugin</flag> + <flag name="strongswan_plugins_forecast">Enable multicast and broadcast forwarding plugin</flag> <flag name="strongswan_plugins_gcm">Enable support for the gcm plugin</flag> <flag name="strongswan_plugins_ha">Enable support for the ha plugin</flag> + <flag name="strongswan_plugins_hmac">Enable support for the hmac plugin</flag> <flag name="strongswan_plugins_ipseckey">Enable support for the ipseckey plugin</flag> <flag name="strongswan_plugins_kdf">Enable support for the kdf plugin</flag> + <flag name="strongswan_plugins_led">Enable support for the led plugin</flag> + <flag name="strongswan_plugins_lookip">Enable support for the lookip plugin</flag> + <flag name="strongswan_plugins_md4">Enable support for the md4 plugin</flag> + <flag name="strongswan_plugins_md5">Enable support for the md5 plugin</flag> + <flag name="strongswan_plugins_mgf1">Enable support for the mgf1 plugin</flag> <flag name="strongswan_plugins_newhope">Enable plugin that allows key exchange based on post-quantum computer New Hope algorithm</flag> + <flag name="strongswan_plugins_nonce">Enable support the nonce plugin</flag> <flag name="strongswan_plugins_ntru">Enable support for the ntru plugin</flag> + <flag name="strongswan_plugins_openxpki">Enable OCSP responder accessing OpenXPKI MySQL/MariaDB certificate database</flag> <flag name="strongswan_plugins_padlock">Enable support for the padlock plugin</flag> + <flag name="strongswan_plugins_pem">Enable support for the pem plugin</flag> + <flag name="strongswan_plugins_pgp">Enable support for the pgp plugin</flag> + <flag name="strongswan_plugins_pkcs1">Enable pkcs1 support</flag> + <flag name="strongswan_plugins_pkcs12">Enable pkcs12 support</flag> + <flag name="strongswan_plugins_pkcs7">Enable pkcs7 support</flag> + <flag name="strongswan_plugins_pkcs8">Enable pkcs8 support</flag> + <flag name="strongswan_plugins_pubkey">Enable wrapper to handle raw public keys</flag> + <flag name="strongswan_plugins_random">Enable RNG support with /dev/[u]random</flag> + <flag name="strongswan_plugins_rc2">Enable plugin for RC2 support</flag> <flag name="strongswan_plugins_rdrand">Enable support for the rdrand plugin</flag> + <flag name="strongswan_plugins_revocation">Enable X.509 CRL/OCSP revocation checking</flag> <flag name="strongswan_plugins_save-keys">Enable plugin that saves IKE and/or ESP keys to files compatible with Wireshark (for debugging)</flag> + <flag name="strongswan_plugins_sha1">Enable plugin for SHA1 support</flag> + <flag name="strongswan_plugins_sha2">Enable plugin for SHA2 support</flag> + <flag name="strongswan_plugins_sha3">Enable plugin for SHA3 support</flag> + <flag name="strongswan_plugins_soup">Enable libsoup based HTTP fetcher</flag> + <flag name="strongswan_plugins_sshkey">Enable SSH key decoding routines</flag> + <flag name="strongswan_plugins_systime-fix">Enable support for the systime-fix plugin</flag> + <flag name="strongswan_plugins_test-vectors">Enable set of test vectors for various algorithms</flag> <flag name="strongswan_plugins_unbound">Enable support for the unbound plugin</flag> + <flag name="strongswan_plugins_unity">Enable support for the unity plugin</flag> + <flag name="strongswan_plugins_vici">Enable support for the vici plugin</flag> <flag name="strongswan_plugins_whitelist">Enable support for the whitelist plugin</flag> + <flag name="strongswan_plugins_x509">Enable plugin for advanced X.509 functionality</flag> <flag name="strongswan_plugins_xauth-noauth">Enable support for the xauth-noauth plugin</flag> + <flag name="strongswan_plugins_xcbc">Enable support for XCBC plugin</flag> </use> <upstream> <remote-id type="cpe">cpe:/a:strongswan:strongswan</remote-id> diff --git a/net-vpn/strongswan/strongswan-5.9.14-r1.ebuild b/net-vpn/strongswan/strongswan-5.9.14-r1.ebuild index 2e53e2a284f6..fc6826f18fb8 100644 --- a/net-vpn/strongswan/strongswan-5.9.14-r1.ebuild +++ b/net-vpn/strongswan/strongswan-5.9.14-r1.ebuild @@ -13,11 +13,13 @@ SLOT="0" KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~riscv ~x86" IUSE="+caps curl +constraints debug dhcp eap farp gcrypt +gmp ldap mysql networkmanager +non-root +openssl selinux sqlite systemd pam pkcs11" -STRONGSWAN_PLUGINS_STD="eap-radius gcm led lookip systime-fix unity vici" +STRONGSWAN_PLUGINS_STD="aes cmac curve25519 des dnskey drbg eap-radius fips-prf gcm hmac led lookip md5 nonce pem pgp +pkcs1 pkcs7 pkcs8 pkcs12 pubkey random rc2 revocation sha1 sha2 sshkey systime-fix unity vici x509 xcbc" STRONGSWAN_PLUGINS_OPT_DISABLE="kdf" -STRONGSWAN_PLUGINS_OPT="addrblock aesni blowfish bypass-lan ccm chapoly ctr error-notify forecast -ha ipseckey newhope ntru padlock rdrand save-keys unbound whitelist -xauth-noauth" +STRONGSWAN_PLUGINS_OPT="acert af-alg agent addrblock aesni botan blowfish bypass-lan +ccm chapoly ctr error-notify forecast files gcm ha ipseckey md4 mgf1 ntru newhope +openxpki padlock rdrand save-keys sha3 soup test-vectors unbound whitelist xauth-noauth" + for mod in $STRONGSWAN_PLUGINS_STD; do IUSE="${IUSE} +strongswan_plugins_${mod}" done
