# Copyright 1999-2018 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 EAPI="6" PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6} ) inherit autotools eutils linux-info python-any-r1 systemd DESCRIPTION="An enhanced multi-threaded syslogd with database support and more" HOMEPAGE="https://www.rsyslog.com/" BRANCH="8-stable" if [[ ${PV} == "9999" ]]; then EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git" DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git" inherit git-r3 else MY_PV=${PV%_rc*} MY_FILENAME="${PN}-${PV}.tar.gz" MY_FILENAME_DOCS="${PN}-docs-${PV}.tar.gz" S="${WORKDIR}/${PN}-${MY_PV}" # Upstream URL schema: # RC: https://www.rsyslog.com/files/download/rsyslog/rc/rsyslog-8.18.0.tar.gz # https://www.rsyslog.com/files/download/rsyslog/rc2/rsyslog-8.18.0.tar.gz # Release: https://www.rsyslog.com/files/download/rsyslog/rsyslog-8.18.0.tar.gz MY_URL_PREFIX= if [[ ${PV} = *_rc* ]]; then _tmp_last_index=$(($(get_last_version_component_index ${PV})+1)) _tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${PV}) if [[ ${_tmp_suffix} = *rc* ]]; then MY_URL_PREFIX="${_tmp_suffix}/" fi # Cleaning up temporary variables unset _tmp_last_index unset _tmp_suffix else KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~x86" fi SRC_URI=" https://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-${MY_PV}.tar.gz -> ${MY_FILENAME} doc? ( https://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-doc-${MY_PV}.tar.gz -> ${MY_FILENAME_DOCS} ) " PATCHES=( "${FILESDIR}"/${BRANCH}/${PN}-8.35.0-fix-issue2719.patch "${FILESDIR}"/${BRANCH}/${PN}-8.35.0-fix-issue2726.patch ) fi LICENSE="GPL-3 LGPL-3 Apache-2.0" SLOT="0" IUSE="curl dbi debug doc elasticsearch +gcrypt grok jemalloc kafka kerberos kubernetes libressl mdblookup mongodb mysql" IUSE+=" normalize omhttpfs omudpspoof postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd test usertools +uuid zeromq" RDEPEND=" >=dev-libs/libfastjson-0.99.8:= >=dev-libs/libestr-0.1.9 >=dev-libs/liblogging-1.0.1:=[stdlog] >=sys-libs/zlib-1.2.5 curl? ( >=net-misc/curl-7.35.0 ) dbi? ( >=dev-db/libdbi-0.8.3 ) elasticsearch? ( >=net-misc/curl-7.35.0 ) gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= ) grok? ( >=dev-libs/grok-0.9.2 ) jemalloc? ( >=dev-libs/jemalloc-3.3.1:= ) kafka? ( >=dev-libs/librdkafka-0.9.0.99:= ) kerberos? ( virtual/krb5 ) kubernetes? ( >=net-misc/curl-7.35.0 ) mdblookup? ( dev-libs/libmaxminddb:= ) mongodb? ( >=dev-libs/mongo-c-driver-1.1.10:= ) mysql? ( virtual/libmysqlclient:= ) normalize? ( >=dev-libs/libee-0.4.0 >=dev-libs/liblognorm-2.0.3:= ) omhttpfs? ( >=net-misc/curl-7.35.0 ) omudpspoof? ( >=net-libs/libnet-1.1.6 ) postgres? ( >=dev-db/postgresql-8.4.20:= ) rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= ) redis? ( >=dev-libs/hiredis-0.11.0:= ) relp? ( >=dev-libs/librelp-1.2.14:= ) rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] ) rfc5424hmac? ( !libressl? ( >=dev-libs/openssl-0.9.8y:0= ) libressl? ( dev-libs/libressl:= ) ) snmp? ( >=net-analyzer/net-snmp-5.7.2 ) ssl? ( >=net-libs/gnutls-2.12.23:0= ) systemd? ( >=sys-apps/systemd-234 ) uuid? ( sys-apps/util-linux:0= ) zeromq? ( >=net-libs/czmq-3.0.2 )" DEPEND="${RDEPEND} >=sys-devel/autoconf-archive-2015.02.24 virtual/pkgconfig test? ( jemalloc? ( /dev/null chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem" cat > "${T}/${PF}.$$" <<- _EOF cn = Portage automated CA ca cert_signing_key expiration_days = 3650 _EOF certtool --generate-self-signed \ --load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ --outfile "${CERTDIR}/${PN}_ca.cert.pem" \ --template "${T}/${PF}.$$" &>/dev/null chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem" # Create the server certificate echo einfon "Please type the Common Name of the SERVER you wish to create a certificate for: " read -r CN einfo "Creating private key and certificate for server ${CN}..." certtool --generate-privkey \ --outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem" cat > "${T}/${PF}.$$" <<- _EOF cn = ${CN} tls_www_server dns_name = ${CN} expiration_days = 3650 _EOF certtool --generate-certificate \ --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \ --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \ --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \ --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ --template "${T}/${PF}.$$" &>/dev/null chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem" else einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation." fi # Create a client certificate echo einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: " read -r CN einfo "Creating private key and certificate for client ${CN}..." certtool --generate-privkey \ --outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem" cat > "${T}/${PF}.$$" <<- _EOF cn = ${CN} tls_www_client dns_name = ${CN} expiration_days = 3650 _EOF certtool --generate-certificate \ --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \ --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \ --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \ --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ --template "${T}/${PF}.$$" &>/dev/null chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem" rm -f "${T}/${PF}.$$" echo einfo "Here is the documentation on how to encrypt your log traffic:" einfo " https://www.rsyslog.com/doc/rsyslog_tls.html" }