summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--net-misc/vde/Manifest1
-rw-r--r--net-misc/vde/files/vde-2.3.2-format-security.patch18
-rw-r--r--net-misc/vde/files/vde-2.3.2-openssl-1.1.0.patch92
-rw-r--r--net-misc/vde/files/vde.conf-r115
-rw-r--r--net-misc/vde/files/vde.init-r144
-rw-r--r--net-misc/vde/vde-2.3.2-r5.ebuild71
6 files changed, 241 insertions, 0 deletions
diff --git a/net-misc/vde/Manifest b/net-misc/vde/Manifest
new file mode 100644
index 0000000..748442a
--- /dev/null
+++ b/net-misc/vde/Manifest
@@ -0,0 +1 @@
+DIST vde2-2.3.2.tar.bz2 600527 SHA256 cbea9b7e03097f87a6b5e98b07890d2275848f1fe4b9fcda77b8994148bc9542 SHA512 51be75fde5a526b988060f25322a8b20289b1677db2e3aa6dbee55875c1d7af564f9d8d201a0a4a1a842471cce06f29fcd83e55a5ff7acfdc36a8349cb2f3cc6 WHIRLPOOL dde513400eb725fe683c01110628ec9d2c3e415f0907d4f62d9bf09e2ec8ad14c4ad6437e428680a680118eb4297132f938b5cf71123480bf59c8f37eb0fee53
diff --git a/net-misc/vde/files/vde-2.3.2-format-security.patch b/net-misc/vde/files/vde-2.3.2-format-security.patch
new file mode 100644
index 0000000..d1cfaa5
--- /dev/null
+++ b/net-misc/vde/files/vde-2.3.2-format-security.patch
@@ -0,0 +1,18 @@
+--- a/src/common/cmdparse.c 2017-09-20 18:47:31.662856695 -0400
++++ b/src/common/cmdparse.c 2017-09-20 18:48:54.008852141 -0400
+@@ -284,13 +284,13 @@
+ int i;
+ for (i=0;i<argc;i++) {
+ if (i) fprintf(mf," ");
+- fprintf(mf,argv[i]);
++ fprintf(mf,"%s",argv[i]);
+ }
+ } else {
+ int num=atoi(t);
+ while (*t >='0' && *t <= '9') t++;
+ if (num < argc)
+- fprintf(mf,argv[num]);
++ fprintf(mf,"%s",argv[num]);
+ }
+ } else
+ fprintf(mf,"%c",*t);
diff --git a/net-misc/vde/files/vde-2.3.2-openssl-1.1.0.patch b/net-misc/vde/files/vde-2.3.2-openssl-1.1.0.patch
new file mode 100644
index 0000000..227312e
--- /dev/null
+++ b/net-misc/vde/files/vde-2.3.2-openssl-1.1.0.patch
@@ -0,0 +1,92 @@
+--- a/src/vde_cryptcab/cryptcab.c 2011-11-23 16:41:17.000000000 +0000
++++ b/src/vde_cryptcab/cryptcab.c 2017-03-20 22:54:20.452975075 +0000
+@@ -22,7 +22,7 @@
+ exit(1);
+ }
+
+-static EVP_CIPHER_CTX ctx;
++static EVP_CIPHER_CTX *ctx;
+ static int ctx_initialized = 0;
+ static int encryption_disabled = 0;
+ static int nfd;
+@@ -30,6 +30,10 @@
+ static struct vde_open_args open_args={.port=0,.group=NULL,.mode=0700};
+ static int verbose = 0;
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000
++#define EVP_CIPHER_CTX_reset(x) EVP_CIPHER_CTX_cleanup(x)
++#endif
++
+ void vc_printlog(int priority, const char *format, ...)
+ {
+ va_list arg;
+@@ -103,19 +107,21 @@
+ }
+
+ if (!ctx_initialized) {
+- EVP_CIPHER_CTX_init (&ctx);
++ ctx = EVP_CIPHER_CTX_new ();
++ if (!ctx)
++ return -1;
+ ctx_initialized = 1;
+ }
+
+- EVP_EncryptInit (&ctx, EVP_bf_cbc (), p->key, p->iv);
+- if (EVP_EncryptUpdate (&ctx, dst, &olen, src, len) != 1)
++ EVP_EncryptInit (ctx, EVP_bf_cbc (), p->key, p->iv);
++ if (EVP_EncryptUpdate (ctx, dst, &olen, src, len) != 1)
+ {
+ fprintf (stderr,"error in encrypt update\n");
+ olen = -1;
+ goto cleanup;
+ }
+
+- if (EVP_EncryptFinal (&ctx, dst + olen, &tlen) != 1)
++ if (EVP_EncryptFinal (ctx, dst + olen, &tlen) != 1)
+ {
+ fprintf (stderr,"error in encrypt final\n");
+ olen = -1;
+@@ -124,7 +130,7 @@
+ olen += tlen;
+
+ cleanup:
+- EVP_CIPHER_CTX_cleanup(&ctx);
++ EVP_CIPHER_CTX_reset(ctx);
+ return olen;
+ }
+
+@@ -138,19 +144,21 @@
+ }
+
+ if (!ctx_initialized) {
+- EVP_CIPHER_CTX_init (&ctx);
++ ctx = EVP_CIPHER_CTX_new ();
++ if (!ctx)
++ return -1;
+ ctx_initialized = 1;
+ }
+
+- EVP_DecryptInit (&ctx, EVP_bf_cbc (), p->key, p->iv);
+- if (EVP_DecryptUpdate (&ctx, dst, &olen, src, len) != 1)
++ EVP_DecryptInit (ctx, EVP_bf_cbc (), p->key, p->iv);
++ if (EVP_DecryptUpdate (ctx, dst, &olen, src, len) != 1)
+ {
+ fprintf (stderr,"error in decrypt update\n");
+ olen = -1;
+ goto cleanup;
+ }
+
+- if (EVP_DecryptFinal (&ctx, dst + olen, &tlen) != 1)
++ if (EVP_DecryptFinal (ctx, dst + olen, &tlen) != 1)
+ {
+ fprintf (stderr,"error in decrypt final\n");
+ olen = -1;
+@@ -159,7 +167,7 @@
+ olen += tlen;
+
+ cleanup:
+- EVP_CIPHER_CTX_cleanup(&ctx);
++ EVP_CIPHER_CTX_reset (ctx);
+ return olen;
+ }
+
diff --git a/net-misc/vde/files/vde.conf-r1 b/net-misc/vde/files/vde.conf-r1
new file mode 100644
index 0000000..856bde8
--- /dev/null
+++ b/net-misc/vde/files/vde.conf-r1
@@ -0,0 +1,15 @@
+# load the tun module
+VDE_MODPROBE_TUN="yes"
+
+# virtual tap networking device to be used for vde
+VDE_TAP="tap0"
+
+# The group that will have access to the VDE control socket.
+VDE_GROUP="qemu"
+
+# VDE socket location (default: /run/${RC_SVCNAME}.ctl)
+VDE_SOCKET=""
+
+# Additional options passed to the vde_switch daemon.
+#VDE_OPTS=""
+VDE_OPTS="" \ No newline at end of file
diff --git a/net-misc/vde/files/vde.init-r1 b/net-misc/vde/files/vde.init-r1
new file mode 100644
index 0000000..0934c51
--- /dev/null
+++ b/net-misc/vde/files/vde.init-r1
@@ -0,0 +1,44 @@
+#!/sbin/openrc-run
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+command="/usr/bin/vde_switch"
+pidfile="/run/${RC_SVCNAME}.pid"
+
+depend() {
+ after net.${VDE_TAP}
+}
+
+start_pre() {
+ [ "${VDE_MODPROBE_TUN}" = "yes" ] || return 0
+ modprobe tun
+}
+
+# We have to use start() because the shortform uses --pidfile for s-s-d --start
+# which causes s-s-d to check the pid file before it exists
+start() {
+ VDE_SOCKET="${VDE_SOCKET:-/run/${RC_SVCNAME}.ctl}"
+
+ ebegin "Starting ${SVC_NAME}"
+
+ start-stop-daemon --start --exec ${command} -- \
+ --pidfile=${pidfile} \
+ --tap=${VDE_TAP} \
+ --group=${VDE_GROUP} \
+ --mode=660 \
+ --dirmode=770 \
+ --sock=${VDE_SOCKET} \
+ --daemon \
+ ${VDE_OPTS}
+ ewaitfile 10 "${VDE_SOCKET}"
+
+ eend $? "Failed to start ${RC_SVCNAME}"
+}
+
+stop_post() {
+ [ "${VDE_MODPROBE_TUN}" = "yes" ] && modprobe --quiet --remove tun
+
+ # Don't fail to stop the service if the "tun" module in use
+ # and the above "modprobe -r" command fails.
+ return 0
+}
diff --git a/net-misc/vde/vde-2.3.2-r5.ebuild b/net-misc/vde/vde-2.3.2-r5.ebuild
new file mode 100644
index 0000000..04e0397
--- /dev/null
+++ b/net-misc/vde/vde-2.3.2-r5.ebuild
@@ -0,0 +1,71 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+PYTHON_COMPAT=( python2_7 )
+
+inherit ltprune python-single-r1 user
+
+MY_P="${PN}2-${PV}"
+
+DESCRIPTION="Virtual distributed ethernet emulator for emulators like qemu, bochs, and uml"
+SRC_URI="mirror://sourceforge/vde/${MY_P}.tar.bz2"
+HOMEPAGE="http://vde.sourceforge.net/"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86"
+IUSE="pcap python selinux ssl libressl static-libs"
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+COMMON_DEPS="pcap? ( net-libs/libpcap )
+ python? ( ${PYTHON_DEPS} )
+ ssl? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ )"
+DEPEND="${COMMON_DEPS}"
+RDEPEND="${COMMON_DEPS}
+ selinux? ( sec-policy/selinux-vde )"
+
+S="${WORKDIR}/${MY_P}"
+
+PATCHES=(
+ "${FILESDIR}/${P}-format-security.patch",
+ "${FILESDIR}/${P}-openssl-1.1.0.patch"
+)
+
+pkg_setup() {
+ # default group already used in kqemu
+ enewgroup qemu
+
+ python-single-r1_pkg_setup
+}
+
+src_configure() {
+ econf \
+ $(use_enable pcap) \
+ $(use_enable python) \
+ $(use_enable ssl cryptcab) \
+ $(use_enable static-libs static)
+}
+
+src_compile() {
+ emake -j1
+}
+
+src_install() {
+ default
+ prune_libtool_files
+
+ newinitd "${FILESDIR}"/vde.init-r1 vde
+ newconfd "${FILESDIR}"/vde.conf-r1 vde
+}
+
+pkg_postinst() {
+ einfo "To start vde automatically add it to the default runlevel:"
+ einfo "# rc-update add vde default"
+ einfo "You need to setup tap0 in /etc/conf.d/net"
+ einfo "To use it as an user be sure to set a group in /etc/conf.d/vde"
+}