Attachment #578238 for bug #687110

View | Details | Raw Unified | Return to bug 687110
Collapse All | Expand All




# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

EAPI=6

MODULES_OPTIONAL_USE="module"
inherit linux-mod bash-completion-r1 systemd

DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography."
HOMEPAGE="https://www.wireguard.com/"

if [[ ${PV} == 9999 ]]; then
	inherit git-r3
	EGIT_REPO_URI="https://git.zx2c4.com/WireGuard"
	KEYWORDS=""
else
	SRC_URI="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz"
	S="${WORKDIR}/WireGuard-${PV}"
	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
fi

LICENSE="GPL-2"
SLOT="0"
IUSE="debug +module +tools module-src"

DEPEND="tools? ( net-libs/libmnl )"
RDEPEND="${DEPEND}"

MODULE_NAMES="wireguard(kernel/drivers/net:src)"
BUILD_TARGETS="module"
CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_BLKCIPHER"

wg_quick_optional_config_nob() {
	CONFIG_CHECK="$CONFIG_CHECK ~$1"
	declare -g ERROR_$1="CONFIG_$1: This option is required for automatic routing of default routes inside of wg-quick(8), though it is not required for general WireGuard usage."
}

pkg_setup() {
	if use module; then
		if use tools; then
			wg_quick_optional_config_nob IP_ADVANCED_ROUTER
			wg_quick_optional_config_nob IP_MULTIPLE_TABLES
			wg_quick_optional_config_nob NETFILTER_XT_MARK
		fi

		linux-mod_pkg_setup
		kernel_is -lt 3 10 0 && die "This version of ${PN} requires Linux >= 3.10"
	fi
}

src_compile() {
	BUILD_PARAMS="KERNELDIR=${KERNEL_DIR}"
	use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}"
	use module && linux-mod_src_compile
	use tools && emake RUNSTATEDIR="${EPREFIX}/run" -C src/tools CC="$(tc-getCC)" LD="$(tc-getLD)"
}

src_install() {
	use module && linux-mod_src_install
	if use tools; then
		dodoc README.md
		dodoc -r contrib/examples
		emake \
			WITH_BASHCOMPLETION=yes \
			WITH_SYSTEMDUNITS=yes \
			WITH_WGQUICK=yes \
			DESTDIR="${D}" \
			BASHCOMPDIR="$(get_bashcompdir)" \
			PREFIX="${EPREFIX}/usr" \
			SYSTEMDUNITDIR="$(systemd_get_systemunitdir)" \
			-C src/tools install
	fi
	use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install
}

pkg_postinst() {
	if use module-src && ! use module; then
		einfo
		einfo "You have enabled the module-src USE flag without the module USE"
		einfo "flag. This means that sources are installed to"
		einfo "${ROOT}usr/src/wireguard instead of having the"
		einfo "kernel module compiled. You will need to compile the module"
		einfo "yourself. Most likely, you don't want this USE flag, and should"
		einfo "rather use USE=module"
		einfo
	fi
	use module && linux-mod_pkg_postinst

	einfo
	einfo "This software is experimental and has not yet been released."
	einfo "As such, it may contain significant issues. Please do not file"
	einfo "bug reports with Gentoo, but rather direct them upstream to:"
	einfo
	einfo "    team@wireguard.com    security@wireguard.com"
	einfo

	if use tools; then
		einfo
		einfo "After installing WireGuard, if you'd like to try sending some packets through"
		einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh"
		einfo "test example script:"
		einfo
		einfo "  \$ bzcat ${ROOT}usr/share/doc/${PF}/examples/ncat-client-server/client.sh.bz2 | sudo bash -"
		einfo
		einfo "This will automatically setup interface wg0, through a very insecure transport"
		einfo "that is only suitable for demonstration purposes. You can then try loading the"
		einfo "hidden website or sending pings:"
		einfo
		einfo "  \$ chromium http://192.168.4.1"
		einfo "  \$ ping 192.168.4.1"
		einfo
		einfo "If you'd like to redirect your internet traffic, you can run it with the"
		einfo "\"default-route\" argument. You may not use this server for any abusive or illegal"
		einfo "purposes. It is for quick testing only."
		einfo
		einfo "More info on getting started can be found at: https://www.wireguard.com/quickstart/"
		einfo
	fi
	if use module; then
		local old new
		if [[ $(uname -r) != "${KV_FULL}" ]]; then
			ewarn
			ewarn "You have just built WireGuard for kernel ${KV_FULL}, yet the currently running"
			ewarn "kernel is $(uname -r). If you intend to use this WireGuard module on the currently"
			ewarn "running machine, you will first need to reboot it into the kernel ${KV_FULL}, for"
			ewarn "which this module was built."
			ewarn
		elif [[ -f /sys/module/wireguard/version ]] && \
		     old="$(< /sys/module/wireguard/version)" && \
		     new="$(modinfo -F version "${ROOT}/lib/modules/${KV_FULL}/net/wireguard.ko" 2>/dev/null)" && \
		     [[ $old != "$new" ]]; then
			ewarn
			ewarn "You appear to have just upgraded WireGuard from version v$old to v$new."
			ewarn "However, the old version is still running on your system. In order to use the"
			ewarn "new version, you will need to remove the old module and load the new one. As"
			ewarn "root, you can accomplish this with the following commands:"
			ewarn
			ewarn "    # rmmod wireguard"
			ewarn "    # modprobe wireguard"
			ewarn
			ewarn "Do note that doing this will remove current WireGuard interfaces, so you may want"
			ewarn "to gracefully remove them yourself prior."
			ewarn
		fi
	fi
}

Lines 4-10 Link Here

(-)a/net-vpn/wireguard/wireguard-0.0.20190406.ebuild (-2 / +2 lines)
4	EAPI=6	4	EAPI=6
5		5
6	MODULES_OPTIONAL_USE="module"	6	MODULES_OPTIONAL_USE="module"
7	inherit linux-mod bash-completion-r1	7	inherit linux-mod bash-completion-r1 systemd
8		8
9	DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography."	9	DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography."
10	HOMEPAGE="https://www.wireguard.com/"	10	HOMEPAGE="https://www.wireguard.com/"
Lines 67-72 src_install() { Link Here
67	DESTDIR="${D}" \	67	DESTDIR="${D}" \
68	BASHCOMPDIR="$(get_bashcompdir)" \	68	BASHCOMPDIR="$(get_bashcompdir)" \
69	PREFIX="${EPREFIX}/usr" \	69	PREFIX="${EPREFIX}/usr" \
		70	SYSTEMDUNITDIR="$(systemd_get_systemunitdir)" \
70	-C src/tools install	71	-C src/tools install
71	fi	72	fi
72	use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install	73	use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install
73	-

Return to bug 687110

Line 0 Link Here

(-)a/net-vpn/wireguard/wireguard-0.0.20190406-r1.ebuild (+146 lines)
		1	# Copyright 1999-2019 Gentoo Authors
		2	# Distributed under the terms of the GNU General Public License v2
		3
		4	EAPI=6
		5
		6	MODULES_OPTIONAL_USE="module"
		7	inherit linux-mod bash-completion-r1 systemd
		8
		9	DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography."
		10	HOMEPAGE="https://www.wireguard.com/"
		11
		12	if [[ ${PV} == 9999 ]]; then
		13	inherit git-r3
		14	EGIT_REPO_URI="https://git.zx2c4.com/WireGuard"
		15	KEYWORDS=""
		16	else
		17	SRC_URI="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz"
		18	S="${WORKDIR}/WireGuard-${PV}"
		19	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
		20	fi
		21
		22	LICENSE="GPL-2"
		23	SLOT="0"
		24	IUSE="debug +module +tools module-src"
		25
		26	DEPEND="tools? ( net-libs/libmnl )"
		27	RDEPEND="${DEPEND}"
		28
		29	MODULE_NAMES="wireguard(kernel/drivers/net:src)"
		30	BUILD_TARGETS="module"
		31	CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_BLKCIPHER"
		32
		33	wg_quick_optional_config_nob() {
		34	CONFIG_CHECK="$CONFIG_CHECK ~$1"
		35	declare -g ERROR_$1="CONFIG_$1: This option is required for automatic routing of default routes inside of wg-quick(8), though it is not required for general WireGuard usage."
		36	}
		37
		38	pkg_setup() {
		39	if use module; then
		40	if use tools; then
		41	wg_quick_optional_config_nob IP_ADVANCED_ROUTER
		42	wg_quick_optional_config_nob IP_MULTIPLE_TABLES
		43	wg_quick_optional_config_nob NETFILTER_XT_MARK
		44	fi
		45
		46	linux-mod_pkg_setup
		47	kernel_is -lt 3 10 0 && die "This version of ${PN} requires Linux >= 3.10"
		48	fi
		49	}
		50
		51	src_compile() {
		52	BUILD_PARAMS="KERNELDIR=${KERNEL_DIR}"
		53	use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}"
		54	use module && linux-mod_src_compile
		55	use tools && emake RUNSTATEDIR="${EPREFIX}/run" -C src/tools CC="$(tc-getCC)" LD="$(tc-getLD)"
		56	}
		57
		58	src_install() {
		59	use module && linux-mod_src_install
		60	if use tools; then
		61	dodoc README.md
		62	dodoc -r contrib/examples
		63	emake \
		64	WITH_BASHCOMPLETION=yes \
65	WITH_SYSTEMDUNITS=yes \
66	WITH_WGQUICK=yes \
67	DESTDIR="${D}" \
68	BASHCOMPDIR="$(get_bashcompdir)" \
69	PREFIX="${EPREFIX}/usr" \
70	SYSTEMDUNITDIR="$(systemd_get_systemunitdir)" \
71	-C src/tools install
72	fi
73	use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install
74	}
75
76	pkg_postinst() {
77	if use module-src && ! use module; then
78	einfo
79	einfo "You have enabled the module-src USE flag without the module USE"
80	einfo "flag. This means that sources are installed to"
81	einfo "${ROOT}usr/src/wireguard instead of having the"
82	einfo "kernel module compiled. You will need to compile the module"
83	einfo "yourself. Most likely, you don't want this USE flag, and should"
84	einfo "rather use USE=module"
85	einfo
86	fi
87	use module && linux-mod_pkg_postinst
88
89	einfo
90	einfo "This software is experimental and has not yet been released."
91	einfo "As such, it may contain significant issues. Please do not file"
92	einfo "bug reports with Gentoo, but rather direct them upstream to:"
93	einfo
94	einfo " team@wireguard.com security@wireguard.com"
95	einfo
96
97	if use tools; then
98	einfo
99	einfo "After installing WireGuard, if you'd like to try sending some packets through"
100	einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh"
101	einfo "test example script:"
102	einfo
103	einfo " \$ bzcat ${ROOT}usr/share/doc/${PF}/examples/ncat-client-server/client.sh.bz2 \| sudo bash -"
104	einfo
105	einfo "This will automatically setup interface wg0, through a very insecure transport"
106	einfo "that is only suitable for demonstration purposes. You can then try loading the"
107	einfo "hidden website or sending pings:"
108	einfo
109	einfo " \$ chromium http://192.168.4.1"
110	einfo " \$ ping 192.168.4.1"
111	einfo
112	einfo "If you'd like to redirect your internet traffic, you can run it with the"
113	einfo "\"default-route\" argument. You may not use this server for any abusive or illegal"
114	einfo "purposes. It is for quick testing only."
115	einfo
116	einfo "More info on getting started can be found at: https://www.wireguard.com/quickstart/"
117	einfo
118	fi
119	if use module; then
120	local old new
121	if [[ $(uname -r) != "${KV_FULL}" ]]; then
122	ewarn
123	ewarn "You have just built WireGuard for kernel ${KV_FULL}, yet the currently running"
124	ewarn "kernel is $(uname -r). If you intend to use this WireGuard module on the currently"
125	ewarn "running machine, you will first need to reboot it into the kernel ${KV_FULL}, for"
126	ewarn "which this module was built."
127	ewarn
128	elif [[ -f /sys/module/wireguard/version ]] && \
129	old="$(< /sys/module/wireguard/version)" && \
130	new="$(modinfo -F version "${ROOT}/lib/modules/${KV_FULL}/net/wireguard.ko" 2>/dev/null)" && \
131	[[ $old != "$new" ]]; then
132	ewarn
133	ewarn "You appear to have just upgraded WireGuard from version v$old to v$new."
134	ewarn "However, the old version is still running on your system. In order to use the"
135	ewarn "new version, you will need to remove the old module and load the new one. As"
136	ewarn "root, you can accomplish this with the following commands:"
137	ewarn
138	ewarn " # rmmod wireguard"
139	ewarn " # modprobe wireguard"
140	ewarn
141	ewarn "Do note that doing this will remove current WireGuard interfaces, so you may want"
142	ewarn "to gracefully remove them yourself prior."
143	ewarn
144	fi
145	fi
146	}