net-vpn/gsocket: new package (from ::guru), add 1.4.43, 9999

Based on the ::guru ebuild by Daichi Yamamoto.

Signed-off-by: Florian Schmaus <flow@gentoo.org>

5 files changed, 262 insertions, 0 deletions

diff --git a/net-vpn/gsocket/Manifest b/net-vpn/gsocket/Manifest
new file mode 100644
index 000000000000..f249ca143c02
--- /dev/null
+++ b/net-vpn/gsocket/Manifest
@@ -0,0 +1 @@
+DIST gsocket-1.4.43.tar.gz 223602 BLAKE2B 92818d932f1d5eddd66a810aaecb800d0ac435d7320912fdb8e485ae7f5398dfb96b1e6c0bbc4edc651414eb912bd90e14e442db904d04aa71b236188a9bff66 SHA512 2c58182b52242f275b7597c7214f8f0b09f52d369fee66454a2b00322b9b7075af3f675c7f785ae66ed8f331351ed60a0038e997258df35a938c6b1f4a94b21c
diff --git a/net-vpn/gsocket/files/gsocket-1.4.43-gs-init-secret.patch b/net-vpn/gsocket/files/gsocket-1.4.43-gs-init-secret.patch
new file mode 100644
index 000000000000..1e8d589a90c4
--- /dev/null
+++ b/net-vpn/gsocket/files/gsocket-1.4.43-gs-init-secret.patch
@@ -0,0 +1,160 @@
+From 9601745f3f75eea748ec93f90b1b1a3023b6514d Mon Sep 17 00:00:00 2001
+From: Florian Schmaus <flo@geekplace.eu>
+Date: Tue, 28 May 2024 11:08:31 +0200
+Subject: [PATCH 1/5] gs-init-secret: add new script
+
+The gs-init-secret script can be used to securely initialize a file
+containing a gsocket secret.
+---
+ tools/Makefile.am    |  2 +-
+ tools/gs-init-secret | 33 +++++++++++++++++++++++++++++++++
+ 2 files changed, 34 insertions(+), 1 deletion(-)
+ create mode 100755 tools/gs-init-secret
+
+diff --git a/tools/Makefile.am b/tools/Makefile.am
+index 805fedd..9af4df0 100755
+--- a/tools/Makefile.am
++++ b/tools/Makefile.am
+@@ -38,7 +38,7 @@ gs_netcat_SOURCES = 4_gs-netcat.c utils.c socks.c console.c ids.c event_mgr.c pk
+ gs_netcat_LDADD = ../lib/libgsocket.a @LDADD_STATIC@
+ gs_netcat_CFLAGS = @CFLAGS_STATIC@
+ 
+-dist_bin_SCRIPTS = blitz gs-sftp gs-mount gsocket
++dist_bin_SCRIPTS = blitz gs-sftp gs-mount gsocket gs-init-secret
+ 
+ gsocket_uchroot_dso_so_0_SOURCES = gsocket_uchroot_dso.c
+ gsocket_uchroot_dso_so_0_CFLAGS = -shared -fPIC
+diff --git a/tools/gs-init-secret b/tools/gs-init-secret
+new file mode 100755
+index 0000000..f2782f1
+--- /dev/null
++++ b/tools/gs-init-secret
+@@ -0,0 +1,33 @@
++#!/usr/bin/env bash
++set -eu
++
++if [[ $# -eq 2 ]]; then
++	>&2 echo "ERROR: Must provide exactly one argument"
++	exit 1
++fi
++
++SECRET_FILE="${1}"
++
++if [[ -f "${SECRET_FILE}" ]]; then
++	SECRET_FILE_PERMS="$(stat -c %a "${SECRET_FILE}")"
++	if [[ ${SECRET_FILE_PERMS} != [0-9][0-9]0 ]]; then
++		>&2 echo "ERROR: ${SECRET_FILE} has world-permissions set (${SECRET_FILE_PERMS})"
++		exit 1
++	fi
++
++	exit
++fi
++
++TARGET_DIR="$(dirname "${SECRET_FILE}")"
++if [[ ! -d "${TARGET_DIR}" ]]; then
++	mkdir -p "${TARGET_DIR}"
++fi
++
++MY_TMPDIR=$(mktemp -d --tmpdir="${TMPDIR:-/tmp}")
++trap 'rm -rf ${MY_TMPDIR}' EXIT
++
++SECRET_FILE_TMP="${MY_TMPDIR}/secret"
++
++gs-netcat -g > "${SECRET_FILE_TMP}"
++
++install --mode=400 "${SECRET_FILE_TMP}" "${SECRET_FILE}"
+
+From 756a515a116b5e13f6b5ba95ebbee676d34bfbd8 Mon Sep 17 00:00:00 2001
+From: Florian Schmaus <flo@geekplace.eu>
+Date: Tue, 28 May 2024 11:10:53 +0200
+Subject: [PATCH 2/5] gs-root-shell.service: use gs-init-secret
+
+---
+ examples/systemd-root-shell/gs-root-shell.service | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/examples/systemd-root-shell/gs-root-shell.service b/examples/systemd-root-shell/gs-root-shell.service
+index 5b0e9a1..278de73 100644
+--- a/examples/systemd-root-shell/gs-root-shell.service
++++ b/examples/systemd-root-shell/gs-root-shell.service
+@@ -7,7 +7,8 @@ Type=simple
+ Restart=always
+ RestartSec=10
+ WorkingDirectory=/root
+-ExecStart=gs-netcat -k /etc/systemd/gs-root-shell-key.txt -il
++ExecStartPre=gs-init-secret /etc/gsocket/gs-root-shell-key
++ExecStart=gs-netcat -k /etc/gsocket/gs-root-shell-key -il
+ 
+ [Install]
+ WantedBy=multi-user.target
+
+From 5e72debc560cc18e36d9066653fba864a366b4c3 Mon Sep 17 00:00:00 2001
+From: Florian Schmaus <flo@geekplace.eu>
+Date: Tue, 28 May 2024 11:11:43 +0200
+Subject: [PATCH 3/5] gs-root-shell.service: drop Type=simple, as it is the
+ default
+
+---
+ examples/systemd-root-shell/gs-root-shell.service | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/examples/systemd-root-shell/gs-root-shell.service b/examples/systemd-root-shell/gs-root-shell.service
+index 278de73..92a9814 100644
+--- a/examples/systemd-root-shell/gs-root-shell.service
++++ b/examples/systemd-root-shell/gs-root-shell.service
+@@ -3,7 +3,6 @@ Description=Global Socket Root Shell
+ After=network.target
+ 
+ [Service]
+-Type=simple
+ Restart=always
+ RestartSec=10
+ WorkingDirectory=/root
+
+From 9aa3a85656e8917720568a9b019cc774636b9d23 Mon Sep 17 00:00:00 2001
+From: Florian Schmaus <flo@geekplace.eu>
+Date: Tue, 28 May 2024 11:12:17 +0200
+Subject: [PATCH 4/5] gs-root-shell.service: set RestartSteps=10 and cap
+ restart delays at 30min
+
+---
+ examples/systemd-root-shell/gs-root-shell.service | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/examples/systemd-root-shell/gs-root-shell.service b/examples/systemd-root-shell/gs-root-shell.service
+index 92a9814..5d52050 100644
+--- a/examples/systemd-root-shell/gs-root-shell.service
++++ b/examples/systemd-root-shell/gs-root-shell.service
+@@ -5,6 +5,8 @@ After=network.target
+ [Service]
+ Restart=always
+ RestartSec=10
++RestartSteps=10
++RestartMaxDelaySec=30m
+ WorkingDirectory=/root
+ ExecStartPre=gs-init-secret /etc/gsocket/gs-root-shell-key
+ ExecStart=gs-netcat -k /etc/gsocket/gs-root-shell-key -il
+
+From 24eb0d5606bbe38a4b401394933f4dbe9b851a5c Mon Sep 17 00:00:00 2001
+From: Florian Schmaus <flo@geekplace.eu>
+Date: Tue, 28 May 2024 11:13:14 +0200
+Subject: [PATCH 5/5] gs-root-shell.service: configure service to await
+ network-online.target
+
+---
+ examples/systemd-root-shell/gs-root-shell.service | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/examples/systemd-root-shell/gs-root-shell.service b/examples/systemd-root-shell/gs-root-shell.service
+index 5d52050..439890e 100644
+--- a/examples/systemd-root-shell/gs-root-shell.service
++++ b/examples/systemd-root-shell/gs-root-shell.service
+@@ -1,6 +1,7 @@
+ [Unit]
+ Description=Global Socket Root Shell
+-After=network.target
++After=network-online.target
++Wants=network-online.target
+ 
+ [Service]
+ Restart=always
diff --git a/net-vpn/gsocket/gsocket-1.4.43.ebuild b/net-vpn/gsocket/gsocket-1.4.43.ebuild
new file mode 100644
index 000000000000..f6f2c998560e
--- /dev/null
+++ b/net-vpn/gsocket/gsocket-1.4.43.ebuild
@@ -0,0 +1,45 @@
+# Copyright 2023-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools systemd
+
+DESCRIPTION="Allow firewalled/NATed host to establish a secure connection"
+HOMEPAGE="https://www.gsocket.io/"
+
+if [[ ${PV} == 9999 ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/hackerschoice/gsocket.git"
+else
+	SRC_URI="https://github.com/hackerschoice/gsocket/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+	KEYWORDS="~amd64 ~arm64 ~riscv"
+fi
+
+LICENSE="BSD-2"
+SLOT="0"
+
+DEPEND="dev-libs/openssl:="
+RDEPEND="${DEPEND}"
+
+PATCHES=(
+	# https://github.com/hackerschoice/gsocket/pull/104
+	"${FILESDIR}"/gsocket-1.4.43-gs-init-secret.patch
+)
+
+src_prepare() {
+	default
+
+	# Patch in the correct libdir
+	sed -i \
+		"s;arrayContains \"/usr/lib\".*;DL+=(\"${EPREFIX}/usr/$(get_libdir)\");" \
+		tools/gs_funcs || die "Failed to patch libdir in gs_funcs"
+
+	eautoreconf
+}
+
+src_install() {
+	default
+
+	systemd_dounit examples/systemd-root-shell/gs-root-shell.service
+}
diff --git a/net-vpn/gsocket/gsocket-9999.ebuild b/net-vpn/gsocket/gsocket-9999.ebuild
new file mode 100644
index 000000000000..f6f2c998560e
--- /dev/null
+++ b/net-vpn/gsocket/gsocket-9999.ebuild
@@ -0,0 +1,45 @@
+# Copyright 2023-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools systemd
+
+DESCRIPTION="Allow firewalled/NATed host to establish a secure connection"
+HOMEPAGE="https://www.gsocket.io/"
+
+if [[ ${PV} == 9999 ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/hackerschoice/gsocket.git"
+else
+	SRC_URI="https://github.com/hackerschoice/gsocket/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+	KEYWORDS="~amd64 ~arm64 ~riscv"
+fi
+
+LICENSE="BSD-2"
+SLOT="0"
+
+DEPEND="dev-libs/openssl:="
+RDEPEND="${DEPEND}"
+
+PATCHES=(
+	# https://github.com/hackerschoice/gsocket/pull/104
+	"${FILESDIR}"/gsocket-1.4.43-gs-init-secret.patch
+)
+
+src_prepare() {
+	default
+
+	# Patch in the correct libdir
+	sed -i \
+		"s;arrayContains \"/usr/lib\".*;DL+=(\"${EPREFIX}/usr/$(get_libdir)\");" \
+		tools/gs_funcs || die "Failed to patch libdir in gs_funcs"
+
+	eautoreconf
+}
+
+src_install() {
+	default
+
+	systemd_dounit examples/systemd-root-shell/gs-root-shell.service
+}
diff --git a/net-vpn/gsocket/metadata.xml b/net-vpn/gsocket/metadata.xml
new file mode 100644
index 000000000000..484ee0f87b0a
--- /dev/null
+++ b/net-vpn/gsocket/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person">
+		<name>Florian Schmaus</name>
+		<email>flow@gentoo.org</email>
+	</maintainer>
+	<upstream>
+		<remote-id type="github">hackerschoice/gsocket</remote-id>
+	</upstream>
+</pkgmetadata>