From 1d3c636ac6b16673d6e7a1b17e6144bf324a10cd Mon Sep 17 00:00:00 2001
From: Enno Boland <gottox@voidlinux.org>
Date: Sat, 30 Jan 2021 08:47:52 +0100
Subject: [PATCH 1/2] vpnc: change upstream to fork

fixes #26798.

* Changes upstream to https://github.com/streambinder/vpnc/. That's a fork
  that's a fork which is at least used in alpine.
* Depends on vpnc-scripts. New upstream doesn't ship those files anymore
* Add wrapper script to stay backwards compatible
* Switch to build_style=gnu-makefile instead of manually calling make.
---
 srcpkgs/vpnc/files/vpnc-script                |  3 +
 srcpkgs/vpnc/patches/00-fix-fritzbox.diff     | 81 -------------------
 .../0001-fix-sys-includes-for-musl.patch      | 13 +++
 srcpkgs/vpnc/patches/2-fix-musl.patch         | 33 --------
 srcpkgs/vpnc/template                         | 30 ++++---
 5 files changed, 35 insertions(+), 125 deletions(-)
 create mode 100644 srcpkgs/vpnc/files/vpnc-script
 delete mode 100644 srcpkgs/vpnc/patches/00-fix-fritzbox.diff
 create mode 100644 srcpkgs/vpnc/patches/0001-fix-sys-includes-for-musl.patch
 delete mode 100644 srcpkgs/vpnc/patches/2-fix-musl.patch

diff --git a/srcpkgs/vpnc/files/vpnc-script b/srcpkgs/vpnc/files/vpnc-script
new file mode 100644
index 00000000000..c2b9f65bd17
--- /dev/null
+++ b/srcpkgs/vpnc/files/vpnc-script
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+exec /usr/libexec/vpnc-scripts/vpnc-script "$@"
diff --git a/srcpkgs/vpnc/patches/00-fix-fritzbox.diff b/srcpkgs/vpnc/patches/00-fix-fritzbox.diff
deleted file mode 100644
index 5f6c7a63cb9..00000000000
--- a/srcpkgs/vpnc/patches/00-fix-fritzbox.diff
+++ /dev/null
@@ -1,81 +0,0 @@
-Description: Fixes AVM's FritzBoxes not being able to connect
-Upstream: Yes
-Index: vpnc.c
-===================================================================
---- vpnc.c	(revision 466)
-+++ vpnc.c	(revision 469)
-@@ -88,6 +88,10 @@
- 	0x90, 0xCB, 0x80, 0x91, 0x3E, 0xBB, 0x69, 0x6E,
- 	0x08, 0x63, 0x81, 0xB5, 0xEC, 0x42, 0x7B, 0x1F
- };
-+const unsigned char VID_NATT_03[] = { /* "draft-ietf-ipsec-nat-t-ike-03" */
-+	0x7d, 0x94, 0x19, 0xa6, 0x53, 0x10, 0xca, 0x6f,
-+	0x2c, 0x17, 0x9d, 0x92, 0x15, 0x52, 0x9d, 0x56
-+};
- const unsigned char VID_NATT_RFC[] = { /* "RFC 3947" */
- 	0x4A, 0x13, 0x1C, 0x81, 0x07, 0x03, 0x58, 0x45,
- 	0x5C, 0x57, 0x28, 0xF2, 0x0E, 0x95, 0x45, 0x2F
-@@ -141,6 +145,7 @@
- 	{ VID_NATT_01,		sizeof(VID_NATT_01),	"Nat-T 01" },
- 	{ VID_NATT_02,		sizeof(VID_NATT_02),	"Nat-T 02" },
- 	{ VID_NATT_02N,		sizeof(VID_NATT_02N),	"Nat-T 02N" },
-+	{ VID_NATT_03,		sizeof(VID_NATT_03),	"Nat-T 03" },
- 	{ VID_NATT_RFC,		sizeof(VID_NATT_RFC),	"Nat-T RFC" },
- 	{ VID_DWR,		sizeof(VID_DWR),	"Delete With Reason" },
- 	{ VID_CISCO_FRAG,	sizeof(VID_CISCO_FRAG),	"Cisco Fragmentation" },
-@@ -1156,8 +1161,11 @@
- 		value = a->next->u.attr_16;
- 	else if (a->next->af == isakmp_attr_lots && a->next->u.lots.length == 4)
- 		value = ntohl(*((uint32_t *) a->next->u.lots.data));
--	else
--		assert(0);
-+	else {
-+		DEBUG(2, printf("got unknown ike lifetime attributes af %d len %d\n",
-+					a->next->af, a->next->u.lots.length));
-+		return;
-+	}
- 
- 	DEBUG(2, printf("got ike lifetime attributes: %d %s\n", value,
- 		(a->u.attr_16 == IKE_LIFE_TYPE_SECONDS) ? "seconds" : "kilobyte"));
-@@ -1267,6 +1275,8 @@
- 			l = l->next = new_isakmp_data_payload(ISAKMP_PAYLOAD_VID,
- 				VID_NATT_RFC, sizeof(VID_NATT_RFC));
- 			l = l->next = new_isakmp_data_payload(ISAKMP_PAYLOAD_VID,
-+				VID_NATT_03, sizeof(VID_NATT_03));
-+			l = l->next = new_isakmp_data_payload(ISAKMP_PAYLOAD_VID,
- 				VID_NATT_02N, sizeof(VID_NATT_02N));
- 			l = l->next = new_isakmp_data_payload(ISAKMP_PAYLOAD_VID,
- 				VID_NATT_02, sizeof(VID_NATT_02));
-@@ -1501,6 +1511,12 @@
- 					seen_natt_vid = 1;
- 					if (natt_draft < 1) natt_draft = 2;
- 					DEBUG(2, printf("peer is NAT-T capable (RFC 3947)\n"));
-+				} else if (rp->u.vid.length == sizeof(VID_NATT_03)
-+					&& memcmp(rp->u.vid.data, VID_NATT_03,
-+						sizeof(VID_NATT_03)) == 0) {
-+					seen_natt_vid = 1;
-+					if (natt_draft < 1) natt_draft = 2;
-+					DEBUG(2, printf("peer is NAT-T capable (draft-03)\n"));
- 				} else if (rp->u.vid.length == sizeof(VID_NATT_02N)
- 					&& memcmp(rp->u.vid.data, VID_NATT_02N,
- 						sizeof(VID_NATT_02N)) == 0) {
-@@ -1582,6 +1598,19 @@
- 						seen_natd_them = 1;
- 				}
- 				break;
-+			case ISAKMP_PAYLOAD_N:
-+				if (rp->u.n.type == ISAKMP_N_IPSEC_RESPONDER_LIFETIME) {
-+					if (rp->u.n.protocol == ISAKMP_IPSEC_PROTO_ISAKMP)
-+						lifetime_ike_process(s, rp->u.n.attributes);
-+					else if (rp->u.n.protocol == ISAKMP_IPSEC_PROTO_IPSEC_ESP)
-+						lifetime_ipsec_process(s, rp->u.n.attributes);
-+					else
-+						DEBUG(2, printf("got unknown lifetime notice, ignoring..\n"));
-+				} else {
-+					DEBUG(1, printf("rejecting ISAKMP_PAYLOAD_N, type is not lifetime\n"));
-+					reject = ISAKMP_N_INVALID_PAYLOAD_TYPE;
-+				}
-+				break;
- 			default:
- 				DEBUG(1, printf("rejecting invalid payload type %d\n", rp->type));
- 				reject = ISAKMP_N_INVALID_PAYLOAD_TYPE;
diff --git a/srcpkgs/vpnc/patches/0001-fix-sys-includes-for-musl.patch b/srcpkgs/vpnc/patches/0001-fix-sys-includes-for-musl.patch
new file mode 100644
index 00000000000..fb43bf8f759
--- /dev/null
+++ b/srcpkgs/vpnc/patches/0001-fix-sys-includes-for-musl.patch
@@ -0,0 +1,13 @@
+diff --git a/src/vpnc.c b/src/vpnc.c
+index ef1930a..36cae9b 100644
+--- ./src/vpnc.c
++++ ./src/vpnc.c
+@@ -24,7 +24,7 @@
+ #define _GNU_SOURCE
+ #include <assert.h>
+ #include <unistd.h>
+-#include <sys/fcntl.h>
++#include <fcntl.h>
+ #include <stdio.h>
+ #include <errno.h>
+ #include <string.h>
diff --git a/srcpkgs/vpnc/patches/2-fix-musl.patch b/srcpkgs/vpnc/patches/2-fix-musl.patch
deleted file mode 100644
index 9485c006bd7..00000000000
--- a/srcpkgs/vpnc/patches/2-fix-musl.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-diff --git sysdep.c sysdep.c
-index ff07753..43fdb74 100644
---- sysdep.c
-+++ sysdep.c
-@@ -59,7 +59,9 @@
- #if defined(__DragonFly__)
- #include <net/tun/if_tun.h>
- #elif defined(__linux__)
-+#ifdef __GLIBC__
- #include <linux/if_tun.h>
-+#endif
- #elif defined(__APPLE__)
- /* no header for tun */
- #elif defined(__CYGWIN__)
-diff --git sysdep.h sysdep.h
-index a5eafd6..af34e94 100644
---- sysdep.h
-+++ sysdep.h
-@@ -38,11 +38,13 @@ int tun_get_hwaddr(int fd, char *dev, uint8_t *hwaddr);
- 
- /***************************************************************************/
- #if defined(__linux__) || defined(__GLIBC__)
-+#ifdef __GLIBC__
- #include <error.h>
-+#define HAVE_ERROR     1
-+#endif
- 
- #define HAVE_VASPRINTF 1
- #define HAVE_ASPRINTF  1
--#define HAVE_ERROR     1
- #define HAVE_GETLINE   1
- #define HAVE_UNSETENV  1
- #define HAVE_SETENV    1
diff --git a/srcpkgs/vpnc/template b/srcpkgs/vpnc/template
index 51e2f2998a6..2ce76a368c3 100644
--- a/srcpkgs/vpnc/template
+++ b/srcpkgs/vpnc/template
@@ -1,17 +1,22 @@
 # Template file for 'vpnc'
 pkgname=vpnc
 version=0.5.3
-revision=7
+revision=8
+_githash=6fd5f0662f076cfd38c00835ec561b05f46d998c
+wrksrc="vpnc-$_githash"
+build_style=gnu-makefile
+make_use_env=yes
+make_build_args="SBINDIR=/usr/bin"
+make_check_target=test
 hostmakedepends="perl"
-makedepends="libgcrypt-devel"
-depends="net-tools"
+makedepends="libgcrypt-devel libressl-devel"
+depends="net-tools vpnc-scripts"
 short_desc="Client for cisco vpn concentrator"
 maintainer="Enno Boland <gottox@voidlinux.org>"
 license="GPL-2.0-or-later"
 homepage="https://www.unix-ag.uni-kl.de/~massar/vpnc/"
-distfiles="https://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-${version}.tar.gz"
-checksum=46cea3bd02f207c62c7c6f2f22133382602baeda1dc320747809e94881414884
-
+distfiles="https://github.com/streambinder/vpnc/archive/$_githash.tar.gz"
+checksum=473449da6be522eea43c2b16e6b2214d6ace49a2eac0a625405981193fc43170
 conf_files="
  /etc/vpnc/default.conf
  /etc/vpnc/vpnc-script"
@@ -20,14 +25,17 @@ if [ "$CROSS_BUILD" ]; then
 	hostmakedepends+=" vpnc"
 fi
 
-do_configure() {
+pre_configure() {
+	vsed -e 's/^#OPENSSL/OPENSSL/' -i Makefile
+	vsed -e 's/^install:.*/install: install-common/' -i Makefile
+	vsed -e 's#^SBINDIR=.*#SBINDIR=/$(PREFIX)/bin#' -i Makefile
 	if [ "$CROSS_BUILD" ]; then
 		sed -i 's%^my \$vpnc = .*;%my \$vpnc = "/usr/bin/vpnc";%' makeman.pl
 	fi
 }
-do_build() {
-	make CC=$CC ${makejobs}
-}
-do_install() {
+
+post_install() {
+	rm -r $DESTDIR/usr/lib/systemd/system
 	make PREFIX=/usr SBINDIR=/usr/bin DESTDIR=${DESTDIR} install
+	vinstall $FILESDIR/vpnc-script 755 etc/vpnc
 }

From a7e067a34539c2588b841820e30ac97c8379e841 Mon Sep 17 00:00:00 2001
From: Enno Boland <gottox@voidlinux.org>
Date: Sat, 30 Jan 2021 09:08:56 +0100
Subject: [PATCH 2/2] vpnc: fix crossbuild

---
 srcpkgs/vpnc/template | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/srcpkgs/vpnc/template b/srcpkgs/vpnc/template
index 2ce76a368c3..5ca954c3125 100644
--- a/srcpkgs/vpnc/template
+++ b/srcpkgs/vpnc/template
@@ -30,12 +30,11 @@ pre_configure() {
 	vsed -e 's/^install:.*/install: install-common/' -i Makefile
 	vsed -e 's#^SBINDIR=.*#SBINDIR=/$(PREFIX)/bin#' -i Makefile
 	if [ "$CROSS_BUILD" ]; then
-		sed -i 's%^my \$vpnc = .*;%my \$vpnc = "/usr/bin/vpnc";%' makeman.pl
+		sed -i 's%^my \$vpnc = .*;%my \$vpnc = "/usr/bin/vpnc";%' src/makeman.pl
 	fi
 }
 
 post_install() {
 	rm -r $DESTDIR/usr/lib/systemd/system
-	make PREFIX=/usr SBINDIR=/usr/bin DESTDIR=${DESTDIR} install
 	vinstall $FILESDIR/vpnc-script 755 etc/vpnc
 }