openl2tpd: update examples and ebuild

- remove USE=pppd and depend on >=net-dialup/pppd-2.4.5; this is
  reasonable, because 2.4.5-r1 is stable.
- add server config examples.

8 files changed, 231 insertions, 7 deletions

diff --git a/net-dialup/openl2tp/ChangeLog b/net-dialup/openl2tp/ChangeLog
index a7b6a0e..1ecce1c 100644
--- a/net-dialup/openl2tp/ChangeLog
+++ b/net-dialup/openl2tp/ChangeLog
@@ -1,7 +1,21 @@
-# ChangeLog for dev-util/symlookup
-# Copyright 2000-2011 Gentoo Foundation; Distributed under the GPL v2
+# ChangeLog for net-dialup/openl2tp
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
 # $Header: $
 
+*openl2tp-1.8-r4 (03 Oct 2011)
+
+  03 Oct 2011; Andrew Savchenko <bircoph@gmail.com>
+  +files/examples/client.openl2tpd.conf, +files/examples/server.openl2tpd.conf,
+  +files/examples/server.options.openl2tpd,
+  +files/examples/server-radius.openl2tpd.conf, -files/openl2tpd.conf.sample,
+  files/openl2tpd.confd, +openl2tp-1.8-r4.ebuild:
+  net-dialup/ppp-2.4.5-r1 is now stable, so support for
+  <net-dialup/ppp-2.4.5 is dropped, there is no need to build pppd
+  modules now, pppd flag is removed.
+  Fix and simplify examples installation using EAPI-4.
+  Add server config example for setup using radius auth, thanks for
+  xaionaro; add an ordinary server config sample provided by cilly.
+
 *openl2tp-1.8-r3.ebuild (10 Jun 2011)
 
   10 Jun 2011; Andrew Savchenko <bircoph@gmail.com> 
diff --git a/net-dialup/openl2tp/Manifest b/net-dialup/openl2tp/Manifest
index 7992120..77544f4 100644
--- a/net-dialup/openl2tp/Manifest
+++ b/net-dialup/openl2tp/Manifest
@@ -1,3 +1,7 @@
+AUX examples/client.openl2tpd.conf 678 RMD160 34f2e81c2e1f810041eebf6859fb661105643428 SHA1 540606a185775d86137faff790bc54b905a297e0 SHA256 8f6b6bd8150b2275e3b0886fbe38fe79dc83870fc6d6ae848bdebda42e70d4a4
+AUX examples/server-radius.openl2tpd.conf 663 RMD160 e950b5bb3929cf062168a5cbd865df7c4de95b74 SHA1 bf3df235f895cde5cd0963473c08f5cc4cf2726c SHA256 32c3acef12bc78b5fab53c0b7265220323f23d61d8160c70ed4fdef826955f4a
+AUX examples/server.openl2tpd.conf 1095 RMD160 fd7214dbee574824e7bc3c5570617d496ae8281a SHA1 b0c4f5ab3c07856330d26233f96764c15bfe81c3 SHA256 57ff632190e81207f7cb6572ff697b66939e297b63894f58d2f941134e2ed5bb
+AUX examples/server.options.openl2tpd 353 RMD160 d4762406443932ec12f589e60c4a324dc2fd8709 SHA1 623226089304af33e871663f02e2ddfa8f5c9f57 SHA256 49684079d3c73d0622cb2dc7b614453e818fab165dcc9664822aa2888e50c55d
 AUX openl2tp-1.8-clientip_as_ipparam.patch 8643 RMD160 1f7274a3110e941f58324fe6cbc68d70face9d45 SHA1 687d561ba6c4494d685d429a8b76f24512d28227 SHA256 ae0bd3029c921b515716c7b8087c6a586a1e58fd031d670d08890026d07bc67c
 AUX openl2tp-1.8-l2tpconfig.patch 621 RMD160 ca821f3336fcc35336e2bd857ac92700d1e37c5e SHA1 e116771492724db3543e5cfb35bd88b4812aeebe SHA256 f7176518baad226d276006fa3d0c877b5ebab982266ffaef954f6d72dcf1bb8a
 AUX openl2tp-1.8-ldflags.patch 2620 RMD160 c1b7c4e252f1a657e23396d1ecf75aac3b19da41 SHA1 53cb621f6488f6b96f5c2747629c23e2d43cb3aa SHA256 94f13f30bbfb79f0f656dbdc84153ba926e25c926864fbb5067ed6bda117b988
@@ -8,11 +12,11 @@ AUX openl2tp-1.8-pppd-2.patch 485 RMD160 e1b4f4305983d61caa74c19a6bc6f8d91a6cbcd
 AUX openl2tp-1.8-pppd.patch 846 RMD160 8ac9afbee793d60a1682364a00e1e2d409d17fae SHA1 0031365873bc2964f0d3f8c9537a3e1e6999642d SHA256 d6f2708b79dc211591c0b2f28e308ecf17adc6fc826f6f3b7483d6a18f7f6c6c
 AUX openl2tp-1.8-setkey.patch 483 RMD160 9383c7149da0b9aaeceb3c76208d01e69fb29ff4 SHA1 2cc3a2f49b6b4d141b22d946d4f229a4e9b2c8c3 SHA256 66f7a8de192525a0eb538493465023ec4530215ef87ad0540eb644d4b1bbdc95
 AUX openl2tp-1.8-werror.patch 1466 RMD160 85df32f171301bce175557ef078ae681d2b51d3d SHA1 c7e36dbe97a8c4fff199cb6a769fa7bb17f6bfc4 SHA256 5da5272f697d803c71256f298070c3a9783c1e8e43c890576a4615a407e069aa
-AUX openl2tpd.conf.sample 678 RMD160 34f2e81c2e1f810041eebf6859fb661105643428 SHA1 540606a185775d86137faff790bc54b905a297e0 SHA256 8f6b6bd8150b2275e3b0886fbe38fe79dc83870fc6d6ae848bdebda42e70d4a4
-AUX openl2tpd.confd 627 RMD160 c98ef7bdcca067cab855b43f4c28d7db5651dbee SHA1 ab72ca17e0f3b1d8839bc1a644c11f160529bc9d SHA256 9bea610cf2614bdd6c2f371987f98f8c9b854dd8332d33647505c895ae9a7314
+AUX openl2tpd.confd 717 RMD160 b3763053d6f326a4d130b7cbe455a140b94445ae SHA1 d34dd85f26c68e379ae26a578c64bd68009c15a0 SHA256 30a62fc00e72f3e5220ea8505b7f5f009b18c793e3e24d48d96904d9267c378e
 AUX openl2tpd.initd 1688 RMD160 41179b0e7a1640aab545f85cd5d5dfbf2a0ff0b2 SHA1 590d8698344ea540301855a492c272d021257229 SHA256 09b5bfc7a5ade30dd7ebb4b87af09a28e3a7e9c65c09fd066c24528b1d29ba1e
 DIST openl2tp-1.8.tar.gz 491160 RMD160 29913730809f7ea670c994c175551f31f2ba1e6f SHA1 314a8bb70f9f06bac840200fac0916e80d8d06b3 SHA256 1c97704d4b963a87fbc0e741668d4530933991515ae9ab0dffd11b5444f4860f
 EBUILD openl2tp-1.8-r2.ebuild 4280 RMD160 37649c4b15eab28dd3aec9c193cb00c78d1a7d39 SHA1 c591aa5d86cc703b6c465c923ba1ca82633b3abf SHA256 968d9c4c620def4e0b1adf80dfc2f3b1e8f31fc2b73f125fe6fcc6a2b4fb8344
 EBUILD openl2tp-1.8-r3.ebuild 3438 RMD160 9a35a801a1af77e0a8b4725c96267106a2a617c2 SHA1 001b41e96947ee1d0ff326a0effd8f69409df8cf SHA256 0424166a4eae64ee724912457f82598545fa00a9f195ee5111263fb345a36470
-MISC ChangeLog 2492 RMD160 75080c7ae5a9bea3dee2f48eb2859918ecbd2057 SHA1 8c8503a1468e1a66eaf9dcdead4c198b0ffd312b SHA256 110585da7eff36458e49e03daddc580c28faa91b5f45f536ae28410a207ceb7e
+EBUILD openl2tp-1.8-r4.ebuild 3198 RMD160 3d2d542c7f51ad712ca445573f99bced09c11a80 SHA1 40b0d03775eeb15b609b0adfdeacb62b82582789 SHA256 acbedea931e8c414f161801f0fc6c7df76ff705475bc56cefa02cf70013c602c
+MISC ChangeLog 3181 RMD160 5353995839c30d32a46d6076b10e5a85d49578eb SHA1 9343d522de197dd4df8f521a7310624b4d1b0fc6 SHA256 f9b7c238a62364478674c7bf11f04043ad5324db35a60a335d7dc2d528386e38
 MISC metadata.xml 762 RMD160 416cd2087fe041e02046f07bb6c1677908542c37 SHA1 302dc937814f7d4c32ad16c0300020794f519c0e SHA256 e765957111816f91553fd3db2fef165babdd02ee82d923da6f5b455b684afd72
diff --git a/net-dialup/openl2tp/files/openl2tpd.conf.sample b/net-dialup/openl2tp/files/examples/client.openl2tpd.conf
index 6ead75a..6ead75a 100644
--- a/net-dialup/openl2tp/files/openl2tpd.conf.sample
+++ b/net-dialup/openl2tp/files/examples/client.openl2tpd.conf
diff --git a/net-dialup/openl2tp/files/examples/server-radius.openl2tpd.conf b/net-dialup/openl2tp/files/examples/server-radius.openl2tpd.conf
new file mode 100644
index 0000000..e666fde
--- /dev/null
+++ b/net-dialup/openl2tp/files/examples/server-radius.openl2tpd.conf
@@ -0,0 +1,28 @@
+ppp profile modify \
+    profile_name=default \
+    local_ipaddr=10.7.2.16 \
+    auth_eap=no \
+    auth_mschapv1=yes \
+    auth_mschapv2=yes \
+    use_radius=yes \
+    ipcp_retransmit_interval=1 \
+    lcp_retransmit_interval=1 \
+    lcp_echo_interval=5 \
+    chap_max_challenge=3 \
+    chap_restart=1 \
+    idle_timeout=0 \
+    max_connect_time=0 \
+    mtu=1460 \
+    mru=1460 \
+    radius_hint=/etc/radiusclient/radiusclient.conf
+
+tunnel profile modify \
+    profile_name=default \
+    src_ipaddr=10.50.0.16 \
+    retry_timeout=1 \
+    use_udp_checksums=no \
+    our_udp_port=1701
+
+session profile modify \
+    profile_name=default \
+    use_sequence_numbers=no
diff --git a/net-dialup/openl2tp/files/examples/server.openl2tpd.conf b/net-dialup/openl2tp/files/examples/server.openl2tpd.conf
new file mode 100644
index 0000000..e960e14
--- /dev/null
+++ b/net-dialup/openl2tp/files/examples/server.openl2tpd.conf
@@ -0,0 +1,36 @@
+system modify \

+        deny_remote_tunnel_creates=no \

+        tunnel_establish_timeout=60 \

+        session_establish_timeout=0 \

+        tunnel_persist_pend_timeout=60 \

+        session_persist_pend_timeout=60

+

+ppp profile modify profile_name=default \

+        optionsfile=/etc/ppp/options.openl2tpd \

+        local_ipaddr=172.16.17.1 \

+        lcp_echo_interval=10 \

+        lcp_echo_failure_count=3 \

+        auth_eap=no \

+        auth_pap=no \

+        auth_none=no \

+        auth_chap=yes \

+        auth_mschapv1=no \

+        auth_mschapv2=yes

+

+session profile create profile_name=peer1 \

+        ppp_profile_name=peer1

+

+ppp profile create profile_name=peer1 \

+        optionsfile=/etc/ppp/options.openl2tpd \

+        auth_none=no \

+        auth_pap=no \

+        auth_chap=yes \

+        auth_mschapv1=no \

+        auth_mschapv2=yes \

+        auth_peer=no \

+        dns_ipaddr_pri=172.16.17.1 \

+        local_ipaddr=172.16.17.1 \

+        remote_ipaddr=172.16.17.6 # ipaddr of peer1

+

+tunnel profile modify profile_name=default \

+        our_udp_port=1701

diff --git a/net-dialup/openl2tp/files/examples/server.options.openl2tpd b/net-dialup/openl2tp/files/examples/server.options.openl2tpd
new file mode 100644
index 0000000..411956f
--- /dev/null
+++ b/net-dialup/openl2tp/files/examples/server.options.openl2tpd
@@ -0,0 +1,23 @@
+# usually placed at /etc/ppp/options.openl2tpd

+name host

+auth

+plugin pppol2tp.so

+refuse-mschap

+require-mschap-v2

+hide-password

+ipcp-accept-local

+ipcp-accept-remote

+lcp-echo-interval 15

+lcp-echo-failure 4

+ms-dns 172.16.17.1

+netmask 255.255.255.0

+nodefaultroute

+proxyarp

+crtscts

+noccp

+nobsdcomp

+nodeflate

+noaccomp

+nopcomp

+novj

+lock

diff --git a/net-dialup/openl2tp/files/openl2tpd.confd b/net-dialup/openl2tp/files/openl2tpd.confd
index a6cd143..c4b7ee5 100644
--- a/net-dialup/openl2tp/files/openl2tpd.confd
+++ b/net-dialup/openl2tp/files/openl2tpd.confd
@@ -1,8 +1,9 @@
 # Settings for the OpenL2TP daemon.
 # OPENL2TPDARGS= :  any extra command-line startup arguments for openl2tpd
-#	-R              - allow remote management using RPC
-#	-d nnn          - set debug trace mask to nnn
+#       -D              - enable debug messages from all tunnels and sessions
+#       -d nnn          - set debug trace mask to nnn
 #       -L log-facility - set syslog facility (default LOG_DAEMON) 
+#       -R              - allow remote management using RPC
 #
 # OPENL2TPD_CONFIG_FILE= : a file containing L2TP config that
 #                          is loaded when openl2tpd starts up.
diff --git a/net-dialup/openl2tp/openl2tp-1.8-r4.ebuild b/net-dialup/openl2tp/openl2tp-1.8-r4.ebuild
new file mode 100644
index 0000000..ef54634
--- /dev/null
+++ b/net-dialup/openl2tp/openl2tp-1.8-r4.ebuild
@@ -0,0 +1,118 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI=4
+
+inherit base linux-info
+
+DESCRIPTION="Userspace tools for kernel L2TP implementation."
+HOMEPAGE="http://openl2tp.sourceforge.net"
+SRC_URI="mirror://sourceforge/openl2tp/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+client doc +examples rpc server -stats"
+
+REQUIRED_USE="|| ( client server )"
+
+CDEPEND=">=net-dialup/ppp-2.4.5
+	sys-libs/readline
+	"
+DEPEND="${CDEPEND}
+	sys-devel/bison
+	sys-devel/flex
+	"
+RDEPEND="${CDEPEND}
+	rpc? ( || (
+		net-nds/rpcbind
+		net-nds/portmap
+	) )"
+
+CONFIG_CHECK="~PPPOL2TP"
+
+PATCHES=(
+	"${FILESDIR}/${P}-werror.patch"
+	"${FILESDIR}/${P}-ldflags.patch"
+	"${FILESDIR}/${P}-pppd-2.patch"
+	"${FILESDIR}/${P}-man.patch"
+	"${FILESDIR}/${P}-l2tpconfig.patch"
+	"${FILESDIR}/${P}-parallelbuild.patch"
+	"${FILESDIR}/${P}-optionsfile.patch"
+	"${FILESDIR}/${P}-clientip_as_ipparam.patch"
+	"${FILESDIR}/${P}-setkey.patch"
+)
+
+src_configure() {
+	myconf=""	# not local, should be used at src_compile()
+
+	use client || myconf+="L2TP_FEATURE_LAC_SUPPORT=n \
+						   L2TP_FEATURE_LAIC_SUPPORT=n \
+						   L2TP_FEATURE_LAOC_SUPPORT=n "
+
+	use server || myconf+="L2TP_FEATURE_LNS_SUPPORT=n \
+						   L2TP_FEATURE_LNIC_SUPPORT=n \
+						   L2TP_FEATURE_LNOC_SUPPORT=n "
+
+	use rpc || myconf+="L2TP_FEATURE_RPC_MANAGEMENT=n "
+
+	use stats && myconf+="L2TP_FEATURE_LOCAL_STAT_FILE=y "
+
+	# pppd plugin is only needed for pppd < 2.4.5
+	unset PPPD_SUBDIR
+}
+
+src_compile() {
+	# upstream use OPT_CFLAGS for optimizations
+	export OPT_CFLAGS=${CFLAGS}
+	emake ${myconf} || die "emake failed"
+}
+
+src_install() {
+	emake ${myconf} DESTDIR="${D}" install || die "emake install failed"
+	dodoc CHANGES INSTALL README
+
+	if use examples; then
+		docinto event_socket
+		dodoc doc/{event_sock_example.c,README.event_sock}
+		docinto
+		dodoc -r "${FILESDIR}"/examples
+	fi
+
+	if use doc; then
+		dodoc doc/*.txt
+		newdoc plugins/README README.plugins
+		dodoc -r ipsec
+	fi
+
+	newinitd "${FILESDIR}"/openl2tpd.initd openl2tpd
+	# init.d script is quite different for RPC and non-RPC versions.
+	use rpc || sed -i s/userpc=\"yes\"/userpc=\"no\"/ "${D}/etc/init.d/openl2tpd" || die "sed failed"
+	newconfd "${FILESDIR}"/openl2tpd.confd openl2tpd
+}
+
+pkg_postinst() {
+	if use rpc; then
+		ewarn
+		ewarn "RPC control does not provide any auth checks for control connection."
+		ewarn "Unless you need this you should disable it, for reference:"
+		ewarn "http://forums.openl2tp.org/viewtopic.php?f=4&t=41"
+		ewarn
+		ewarn "Therefore DO NOT USE RPC IN INSECURE ENVIRONMENTS!"
+	else
+		ewarn
+		ewarn "Without RPC support you won't be able to use l2tpconfig."
+		ewarn "Please read http://forums.openl2tp.org/viewtopic.php?f=4&t=41"
+		ewarn "for more information about the security risk before enabling."
+		ewarn
+		ewarn "If you are using numerical strings (e.g. login name containing only"
+		ewarn "digits) or special characters in password, please use double quotes"
+		ewarn "to enclose them."
+	fi
+	if use stats; then
+		ewarn
+		ewarn "To enable status files openl2tpd must be started with -S option."
+		ewarn "Upstream warns about runtime overhead with status files enabled."
+	fi
+}