Intial commit

Package-Manager: portage-2.2.8-r1
RepoMan-Options: --force

net-misc/openvpn-as/ChangeLog

@@ -0,0 +1,10 @@
+# ChangeLog for net-misc/openvpn-as
+# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
+# $Header: $
+
+*openvpn-as-2.0.11 (12 Dec 2014)
+
+  12 Dec 2014; Mario Fetka <mario.fetka@gmail.com> +files/gentoo-specific.patch,
+  +files/openvpnas.initd, +files/openvpnas.pamd, +metadata.xml,
+  +openvpn-as-2.0.11.ebuild:
+  Intial commit

net-misc/openvpn-as/Manifest

@@ -0,0 +1,8 @@
+AUX gentoo-specific.patch 2073 SHA256 63596d3275bdb460358fd762d1c1a85c1084322bd9fc192a22111c4a3c1e3249 SHA512 dc3bc88eca117095c04f2a2c68d2a7c202a0e54eb9a946c1ac64a3528614c320493edf5f777a2b3f571a32aecb39525940e6615c647cf51df735c89eec325d54 WHIRLPOOL 8e9dfbf1ccc0d0ca105b90a98e5f6748979ce027131b3814bae20876029c89138928fbd775cd54751e3495b933b920370c50d78d87111f81b31e44eb846cb0cb
+AUX openvpnas.initd 1066 SHA256 7537bff5460a0cf5c269935b0a05ef80e94fc99267d041ffcf60404220f97998 SHA512 41203ac9a45ee0070b095288b1e99f55d64abe625eae2b4b6ccb680b7b4971240e8d3e01687d09c3dbf468f54a6dcc32ccbe540648d5f2783ef64ba6f3adc101 WHIRLPOOL f1435202a1c38cbc1b6fba6453de37d48633743908d609787d160f5dfb15a15966f2c733fa9f1ac9b8d195f71ca1689f974c2bd3addb8140f38fe78648b8cb3d
+AUX openvpnas.pamd 4868 SHA256 20b1342ae5453f8aa8aa8736818b2b4c67329b1d73d0e357cc6ee8c9da34dcff SHA512 6b773c41a4de3677f9201e91984210875c3a8680828fd89cbfa745618ae20c252e6732cdc6d00b4d90f463bacee5161c31d3272a5d0ffc10379bca3472e0fa32 WHIRLPOOL 4373409cc1dd918c01db35e9e715b7dccd0d8a2e26e0a9a3d212ee0f2c4c222913390ba912a2828486c4d1f3e75d76cb789008f072d78a9431ca307750288f88
+DIST openvpn-as-2.0.11-Ubuntu12.amd_64.deb 26386068 SHA256 1c0630ddb014f8bc6af6b3c482bfa4406839eac1962e042ecfe156951efe971b SHA512 fc1d5d9c07ecee523e7ae432c56511ffa1fd17622bf821d0185f743ee1f61271a1b4c67abc030416b482c10a1b5877839f9d5a652504e16668aaddb5790e5ecb WHIRLPOOL 086c527797a161035bc9db956c64d091196a4076c299f3c86d84b4d07d54b47bc0eb283d9a58fc5cfe9ac80d0770fcc746e83b9c725c1ff0e02c0b652baa5706
+DIST openvpn-as-2.0.11-Ubuntu12.i386.deb 26275520 SHA256 3c0bbe2a998524468b04cf1d315c545b56eae2ad4a4dda89b9f59531fa4e7138 SHA512 b2cdab9a8fc9b19bd5236926f4d5ed70fb7817d4b9ce5bcbff9315c30871085b0b7f976cc757ab2d768404631817d2069d83f701defef37a958ef53785aa46c9 WHIRLPOOL 96233fe7a00c0a2cba1ec18e8a0897ad2ccef8bde48113a173910d79fbed094e7b3d54446875e76448f5feb9aac26c2465a008b3aee4e1e566a3a9e0b1b3be05
+EBUILD openvpn-as-2.0.11.ebuild 1425 SHA256 21c18dae1f7667c91288412803ef849dd6c26d5f4557162030c5da9fa34288ea SHA512 461adfee55e8bdc5622a9d2cc4b2fb56a3a4d8e57b0b1f0136b48e6f98bc76f33546dcc9d7155c5d28f92c7060d6a5de6bebbb7427b9f645f6f27c0049e1b888 WHIRLPOOL 358d68d88094faf1f3ef7171760bdf204dfea93dac801534b65b2956a6dd92183ba8551b746a6ed0f0ab4d490f27e1a32b617421ff9f7579bb35ff5f54a45a3f
+MISC ChangeLog 344 SHA256 c2c3a6349d99fe0479a797ad9a162f1c3b797225a3aafd244b2c15b53f3d3473 SHA512 a7bef9930803553509c4b0b00d91961d5cfd142f83ce9920293799d6d46e3cd61f3e5be3aa0f81c050321976cc293bc4c92a26dda3dd43eced41f1cbc05af993 WHIRLPOOL 850faea92a995064b62c3d5ed18923b3bea2a302b5ff4dc7092c79622d8414e9871adb634ae5e1a25f4f4ad8695ff00c446d3e13d03484dd75b2a9000ca983bf
+MISC metadata.xml 385 SHA256 7e8810b39419dd52164ecd03c1fd6eba589515b37f44bd5f188d43e54c169233 SHA512 3884ad738b358a749f2ec3c0909ae157a1c4d73454530588dcfd44930fd49a82b497df1c09ccad72497ba47ed2999756720c841a4b4065ddafaf5aeb48dc5783 WHIRLPOOL 376f0af8f295fae7f264d0f4218388d1e36d7aa2fdd0892a69f03f1ad71fe2a405af70dccfe1370e7392f325b9527b624fbefe23135622f33433e14fbcf488a6

net-misc/openvpn-as/files/gentoo-specific.patch

@@ -0,0 +1,58 @@
+diff -uNr usr.orig/local/openvpn_as/bin/_ovpn-init usr/local/openvpn_as/bin/_ovpn-init
+--- usr.orig/local/openvpn_as/bin/_ovpn-init	2014-12-12 13:43:39.080479338 +0100
++++ usr/local/openvpn_as/bin/_ovpn-init	2014-12-12 13:44:43.930476590 +0100
+@@ -866,41 +866,6 @@
+             print "Error: Could not initialize confdb."
+             sys.exit(1)
+ 
+-# Execute gen script...
+-print "Generating init scripts..."
+-GEN = "/usr/local/openvpn_as/scripts/openvpnas_gen_init"
+-retv = commands.getstatusoutput( GEN )
+-if DEBUG: print "gen init cmd=", GEN, retv
+-if retv[0] != 0:
+-	print "Error: Could not generate server script."
+-	sys.exit(1)
+-
+-# Generate PAM config
+-print "Generating PAM config..."
+-GENPAM = "/usr/local/openvpn_as/scripts/openvpnas_gen_pam"
+-retv = commands.getstatusoutput( GENPAM )
+-if DEBUG: print "gen pam cmd=", GENPAM, retv
+-if retv[0] != 0:
+-	print "Error: Could not generate PAM config."
+-	sys.exit(1)
+-
+-# Execute gen script auto...
+-print "Generating init scripts auto command..."
+-GEN2 = "/usr/local/openvpn_as/scripts/openvpnas_gen_init --auto"
+-retv = commands.getstatusoutput( GEN2 )
+-if DEBUG: print "gen init cmd 2=", GEN2, retv
+-if retv[0] != 0:
+-	print "Error: Could not generate server script auto."
+-	sys.exit(1)
+-GENAUTO = retv[1]
+-
+-# Execute the auto gen script...
+-retv = commands.getstatusoutput( GENAUTO )
+-if retv[0] != 0:
+-	print "Error: Could not execute command to generate startup/shutdown scripts"
+-	sys.exit(1)
+-if DEBUG: print "gen auto cmd=", GENAUTO, retv
+-
+ # Perform iptables command to force initialization...
+ IPTABLES_NULL = "iptables --list"
+ retv = commands.getstatusoutput( IPTABLES_NULL )
+@@ -917,7 +882,6 @@
+         if DEBUG: print "server init=", retv
+         if retv[0] != 0:
+                 print "Error: Could not execute server start."
+-                sys.exit(1)
+ 
+     # Print exit messages...
+     print
+@@ -973,3 +937,4 @@
+       print "See the Release Notes for this release at:"
+       print "   http://www.openvpn.net/access-server/rn/openvpn_as_%s.html" % VERSION.replace('.', '_')
+       print
++

net-misc/openvpn-as/files/openvpnas.initd

@@ -0,0 +1,43 @@
+#!/sbin/runscript
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License, v2 or later
+# $Header: /var/cvsroot/gentoo-x86/dev-vcs/subversion/files/svnserve.initd2,v 1.2 2012/01/14 19:46:34 tommy Exp $
+
+depend() {
+	need net
+}
+
+target="/usr/local/openvpn_as/scripts/openvpnas"
+pidfile="/var/run/openvpnas.pid"
+sockfile="/usr/local/openvpn_as/etc/sock/sagent /usr/local/openvpn_as/etc/sock/sagent.localroot /usr/local/openvpn_as/etc/sock/sagent.api"
+logfile="/var/log/openvpnas.log"
+
+# remove daemon control socket
+rm_sock()
+{
+	for sf in $sockfile ; do
+		if [ -e "$sf" ]; then
+			rm -f "$sf" &>/dev/null
+		fi
+	done
+}
+
+# remove pidfile
+rm_pidfile()
+{
+	rm -f "$pidfile" &>/dev/null
+}
+
+start() {
+	rm_sock
+	rm_pidfile
+	ebegin "Starting OpenVPN Access Server"
+	start-stop-daemon --start --quiet --pidfile ${pidfile} --exec ${target} -- --logfile="$logfile" --pidfile="$pidfile"
+	eend $?
+}
+
+stop() {
+        ebegin "Stoping OpenVPN Access Server"
+        start-stop-daemon --stop --quiet --pidfile ${pidfile}
+        eend $?
+}

net-misc/openvpn-as/files/openvpnas.pamd

@@ -0,0 +1,111 @@
+# OpenVPN AS PAM config
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+#auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+auth    include	system-local-login
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the message of the day upon succesful login.
+# (Replaces the `MOTD_FILE' option in login.defs)
+# This includes a dynamically generated part from /run/motd.dynamic
+# and a static (admin-editable) part from /etc/motd.
+session    optional   pam_motd.so  motd=/run/motd.dynamic noupdate
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+account    include	system-local-login
+session    include	system-local-login
+password   include	system-local-login
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)

net-misc/openvpn-as/metadata.xml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <herd>linamh</herd>
+<maintainer>
+	<email>mario.fetka@gmail.com</email>
+</maintainer>
+<longdescription>OpenVPN Access Server is a full featured secure network tunneling VPN software solution that integrates the OpenVPN server.</longdescription>
+</pkgmetadata>

net-misc/openvpn-as/openvpn-as-2.0.11.ebuild

@@ -0,0 +1,62 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI=5
+
+inherit eutils unpacker user pam
+
+DESCRIPTION="OpenVPN Access Server"
+HOMEPAGE="https://openvpn.net/index.php/access-server/overview.html"
+
+SRC_URI="amd64? ( http://swupdate.openvpn.org/as/openvpn-as-${PV}-Ubuntu12.amd_64.deb )
+	x86? ( http://swupdate.openvpn.org/as/openvpn-as-${PV}-Ubuntu12.i386.deb )"
+
+LICENSE=""
+
+SLOT="0"
+
+KEYWORDS="~x86 ~amd64"
+
+IUSE=""
+
+RESTRICT="strip mirror test"
+
+DEPEND=""
+RDEPEND="${DEPEND}"
+
+#QA_TEXTRELS="opt/${PN}/$(get_libdir)/${PN}/*
+#        opt/${PN}/$(get_libdir)/libNeroAPI.so"
+#QA_EXECSTACK="opt/${PN}/$(get_libdir)/nero/*"
+#QA_PREBUILT="opt/${PN}/${PN}.*
+#        opt/${PN}/${PN}
+#        opt/${PN}/$(get_libdir)/.*so
+#        opt/${PN}/$(get_libdir)/${PN}/*
+#        opt/${PN}/$(get_libdir)/${PN}/plug-ins/*
+#        usr/share/${PN}/helpers/splash/nerosplash"
+
+S=${WORKDIR}
+
+pkg_setup() {
+        enewgroup openvpn_as
+        enewuser openvpn_as -1 -1 -1 openvpn_as
+}
+
+
+src_unpack() {
+	unpack_deb ${A}
+}
+
+src_prepare() {
+	epatch "${FILESDIR}/gentoo-specific.patch"
+}
+
+src_install() {
+	dodir /usr/local/openvpn_as
+	cp -aR usr/local/openvpn_as/* "${D}/usr/local/openvpn_as"
+	dodir /usr/bin
+	dosym /usr/local/openvpn_as/bin/ovpn-init /usr/bin/ovpn-init
+	newinitd "${FILESDIR}/openvpnas.initd" "openvpnas"
+	newpamd "${FILESDIR}/openvpnas.pamd" "openvpnas"
+}
+